c[?7lSeaBIOS (version rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org) iPXE (http://ipxe.org) 00:03.0 CA00 PCI2.10 PnP PMM+7FF91000+7FEF1000 CA00 Press Ctrl-B to configure iPXE (PCI 00:03.0)... Booting from ROM..c[?7l[ 0.000000] Linux version 6.4.0-rc1-e93964b04d5b+ (root@p-rplp02) (gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-19), GNU ld version 2.36.1-2.el8) #1 SMP PREEMPT_DYNAMIC Wed Jun 14 22:00:03 CST 2023 [ 0.000000] Command line: console=ttyS0 root=/dev/sda earlyprintk=serial net.ifnames=0 [ 0.000000] KERNEL supported cpus: [ 0.000000] Intel GenuineIntel [ 0.000000] AMD AuthenticAMD [ 0.000000] Hygon HygonGenuine [ 0.000000] Centaur CentaurHauls [ 0.000000] zhaoxin Shanghai [ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' [ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' [ 0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' [ 0.000000] x86/fpu: Supporting XSAVE feature 0x200: 'Protection Keys User registers' [ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 [ 0.000000] x86/fpu: xstate_offset[9]: 832, xstate_sizes[9]: 8 [ 0.000000] x86/fpu: Enabled xstate features 0x207, context size is 840 bytes, using 'compacted' format. [ 0.000000] signal: max sigframe size: 3632 [ 0.000000] BIOS-provided physical RAM map: [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000007ffdffff] usable [ 0.000000] BIOS-e820: [mem 0x000000007ffe0000-0x000000007fffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved [ 0.000000] printk: bootconsole [earlyser0] enabled [ 0.000000] NX (Execute Disable) protection: active [ 0.000000] SMBIOS 2.8 present. [ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 0.000000] Hypervisor detected: KVM [ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00 [ 0.000003] kvm-clock: using sched offset of 509910471 cycles [ 0.000440] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns [ 0.001760] tsc: Detected 1881.600 MHz processor [ 0.009052] last_pfn = 0x7ffe0 max_arch_pfn = 0x400000000 [ 0.009576] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT [ 0.014877] found SMP MP-table at [mem 0x000f5ba0-0x000f5baf] [ 0.015437] Using GB pages for direct mapping [ 0.016813] ACPI: Early table checksum verification disabled [ 0.017282] ACPI: RSDP 0x00000000000F59C0 000014 (v00 BOCHS ) [ 0.017763] ACPI: RSDT 0x000000007FFE1951 000034 (v01 BOCHS BXPC 00000001 BXPC 00000001) [ 0.018471] ACPI: FACP 0x000000007FFE17FD 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001) [ 0.019182] ACPI: DSDT 0x000000007FFE0040 0017BD (v01 BOCHS BXPC 00000001 BXPC 00000001) [ 0.019892] ACPI: FACS 0x000000007FFE0000 000040 [ 0.020282] ACPI: APIC 0x000000007FFE1871 000080 (v01 BOCHS BXPC 00000001 BXPC 00000001) [ 0.020986] ACPI: HPET 0x000000007FFE18F1 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001) [ 0.021694] ACPI: WAET 0x000000007FFE1929 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001) [ 0.022399] ACPI: Reserving FACP table memory at [mem 0x7ffe17fd-0x7ffe1870] [ 0.022980] ACPI: Reserving DSDT table memory at [mem 0x7ffe0040-0x7ffe17fc] [ 0.023564] ACPI: Reserving FACS table memory at [mem 0x7ffe0000-0x7ffe003f] [ 0.024138] ACPI: Reserving APIC table memory at [mem 0x7ffe1871-0x7ffe18f0] [ 0.024718] ACPI: Reserving HPET table memory at [mem 0x7ffe18f1-0x7ffe1928] [ 0.025291] ACPI: Reserving WAET table memory at [mem 0x7ffe1929-0x7ffe1950] [ 0.026488] No NUMA configuration found [ 0.026806] Faking a node at [mem 0x0000000000000000-0x000000007ffdffff] [ 0.027409] NODE_DATA(0) allocated [mem 0x7ffb5000-0x7ffdffff] [ 0.030611] Zone ranges: [ 0.030851] DMA [mem 0x0000000000001000-0x0000000000ffffff] [ 0.031370] DMA32 [mem 0x0000000001000000-0x000000007ffdffff] [ 0.031939] Normal empty [ 0.032230] Device empty [ 0.032495] Movable zone start for each node [ 0.032867] Early memory node ranges [ 0.033157] node 0: [mem 0x0000000000001000-0x000000000009efff] [ 0.033667] node 0: [mem 0x0000000000100000-0x000000007ffdffff] [ 0.034177] Initmem setup node 0 [mem 0x0000000000001000-0x000000007ffdffff] [ 0.034943] On node 0, zone DMA: 1 pages in unavailable ranges [ 0.035158] On node 0, zone DMA: 97 pages in unavailable ranges [ 0.066531] On node 0, zone DMA32: 32 pages in unavailable ranges [ 0.097443] kasan: KernelAddressSanitizer initialized [ 0.098625] ACPI: PM-Timer IO Port: 0x608 [ 0.098972] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) [ 0.099492] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23 [ 0.100064] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) [ 0.100582] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level) [ 0.101118] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) [ 0.101657] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level) [ 0.102207] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level) [ 0.102773] ACPI: Using ACPI (MADT) for SMP configuration information [ 0.103307] ACPI: HPET id: 0x8086a201 base: 0xfed00000 [ 0.103733] TSC deadline timer available [ 0.104052] smpboot: Allowing 2 CPUs, 0 hotplug CPUs [ 0.104488] kvm-guest: KVM setup pv remote TLB flush [ 0.104892] kvm-guest: setup PV sched yield [ 0.105269] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff] [ 0.105884] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff] [ 0.106497] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff] [ 0.107109] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff] [ 0.107758] [mem 0x80000000-0xfeffbfff] available for PCI devices [ 0.108310] Booting paravirtualized kernel on KVM [ 0.108709] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645519600211568 ns [ 0.109566] setup_percpu: NR_CPUS:8192 nr_cpumask_bits:2 nr_cpu_ids:2 nr_node_ids:1 [ 0.110572] percpu: Embedded 82 pages/cpu s299008 r8192 d28672 u1048576 [ 0.111311] kvm-guest: PV spinlocks enabled [ 0.111661] PV qspinlock hash table entries: 256 (order: 0, 4096 bytes, linear) [ 0.112266] Kernel command line: net.ifnames=0 console=ttyS0 root=/dev/sda earlyprintk=serial net.ifnames=0 [ 0.113389] random: crng init done [ 0.113907] Dentry cache hash table entries: 262144 (order: 9, 2097152 bytes, linear) [ 0.114641] Inode-cache hash table entries: 131072 (order: 8, 1048576 bytes, linear) [ 0.115525] Fallback order for Node 0: 0 [ 0.115538] Built 1 zonelists, mobility grouping on. Total pages: 515808 [ 0.116376] Policy zone: DMA32 [ 0.116620] mem auto-init: stack:off, heap alloc:off, heap free:off [ 0.117112] stackdepot: allocating hash table via alloc_large_system_hash [ 0.118552] stackdepot hash table entries: 1048576 (order: 11, 8388608 bytes, linear) [ 0.146949] Memory: 1620316K/2096632K available (71680K kernel code, 13847K rwdata, 16144K rodata, 14508K init, 32812K bss, 476060K reserved, 0K cma-reserved) [ 0.148762] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1 [ 0.149280] kmemleak: Kernel memory leak detector disabled [ 0.149798] ftrace: allocating 69187 entries in 271 pages [ 0.167703] ftrace: allocated 271 pages with 5 groups [ 0.170747] Dynamic Preempt: voluntary [ 0.171319] Running RCU self tests [ 0.171588] Running RCU synchronous self tests [ 0.171941] rcu: Preemptible hierarchical RCU implementation. [ 0.172390] rcu: RCU lockdep checking is enabled. [ 0.172765] rcu: RCU restricting CPUs from NR_CPUS=8192 to nr_cpu_ids=2. [ 0.173298] Trampoline variant of Tasks RCU enabled. [ 0.173693] Rude variant of Tasks RCU enabled. [ 0.174048] Tracing variant of Tasks RCU enabled. [ 0.174422] rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies. [ 0.175013] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2 [ 0.175580] Running RCU synchronous self tests [ 0.209869] NR_IRQS: 524544, nr_irqs: 440, preallocated irqs: 16 [ 0.210768] rcu: srcu_init: Setting srcu_struct sizes based on contention. [ 0.218055] Console: colour VGA+ 80x25 [ 0.218419] printk: console [ttyS0] enabled [ 0.218419] printk: console [ttyS0] enabled [ 0.219098] printk: bootconsole [earlyser0] disabled [ 0.219098] printk: bootconsole [earlyser0] disabled [ 0.219914] Lock dependency validator: Copyright (c) 2006 Red Hat, Inc., Ingo Molnar [ 0.220538] ... MAX_LOCKDEP_SUBCLASSES: 8 [ 0.220875] ... MAX_LOCK_DEPTH: 48 [ 0.221218] ... MAX_LOCKDEP_KEYS: 8192 [ 0.221575] ... CLASSHASH_SIZE: 4096 [ 0.221932] ... MAX_LOCKDEP_ENTRIES: 32768 [ 0.222296] ... MAX_LOCKDEP_CHAINS: 65536 [ 0.222659] ... CHAINHASH_SIZE: 32768 [ 0.223024] memory used by lock dependency info: 6365 kB [ 0.223467] memory used for stack traces: 4224 kB [ 0.223858] per task-struct memory footprint: 1920 bytes [ 0.224367] ACPI: Core revision 20230331 [ 0.224993] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns [ 0.225887] APIC: Switch to symmetric I/O mode setup [ 0.226445] x2apic enabled [ 0.226827] Switched APIC routing to physical x2apic. [ 0.227241] kvm-guest: setup PV IPIs [ 0.228454] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 [ 0.228972] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x363e8c91135, max_idle_ns: 881590568389 ns [ 0.229842] Calibrating delay loop (skipped) preset value.. 3763.20 BogoMIPS (lpj=7526400) [ 0.233865] pid_max: default: 32768 minimum: 301 [ 0.234547] LSM: initializing lsm=capability,yama,integrity [ 0.235143] Yama: becoming mindful. [ 0.235805] Mount-cache hash table entries: 4096 (order: 3, 32768 bytes, linear) [ 0.236544] Mountpoint-cache hash table entries: 4096 (order: 3, 32768 bytes, linear) [ 0.239214] CPU0: Thermal monitoring enabled (TM1) [ 0.239627] x86/cpu: User Mode Instruction Prevention (UMIP) activated [ 0.240245] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0 [ 0.240679] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0 [ 0.241171] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization [ 0.241838] Spectre V2 : WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible via Spectre v2 BHB attacks! [ 0.242741] Spectre V2 : Mitigation: Enhanced / Automatic IBRS [ 0.243208] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch [ 0.243844] Spectre V2 : Spectre v2 / PBRSB-eIBRS: Retire a single CALL on VMEXIT [ 0.244427] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier [ 0.245078] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl [ 0.245830] MMIO Stale Data: Unknown: No mitigations [ 0.350450] Freeing SMP alternatives memory: 56K [ 0.350873] Running RCU synchronous self tests [ 0.351227] Running RCU synchronous self tests [ 0.351834] smpboot: CPU0: Genuine Intel(R) 0000 (family: 0x6, model: 0xba, stepping: 0x2) [ 0.354301] cblist_init_generic: Setting adjustable number of callback queues. [ 0.357829] cblist_init_generic: Setting shift to 1 and lim to 1. [ 0.358448] cblist_init_generic: Setting shift to 1 and lim to 1. [ 0.361909] cblist_init_generic: Setting shift to 1 and lim to 1. [ 0.365906] Running RCU-tasks wait API self tests [ 0.470009] Performance Events: unsupported p6 CPU model 186 no PMU driver, software events only. [ 0.474000] rcu: Hierarchical SRCU implementation. [ 0.474381] rcu: Max phase no-delay instances is 1000. [ 0.481857] Callback from call_rcu_tasks_trace() invoked. [ 0.490207] NMI watchdog: Perf NMI watchdog permanently disabled [ 0.494053] smp: Bringing up secondary CPUs ... [ 0.498234] x86: Booting SMP configuration: [ 0.501844] .... node #0, CPUs: #1 [ 0.506034] smp: Brought up 1 node, 2 CPUs [ 0.509833] smpboot: Max logical packages: 1 [ 0.510169] smpboot: Total of 2 processors activated (7526.40 BogoMIPS) [ 0.521915] devtmpfs: initialized [ 0.526318] x86/mm: Memory block size: 128MB [ 0.562273] Running RCU synchronous self tests [ 0.565847] Running RCU synchronous self tests [ 0.569885] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns [ 0.573923] Callback from call_rcu_tasks_rude() invoked. [ 0.574358] futex hash table entries: 512 (order: 4, 65536 bytes, linear) [ 0.578093] pinctrl core: initialized pinctrl subsystem [ 0.582293] [ 0.582422] ************************************************************* [ 0.585829] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 0.586350] ** ** [ 0.589828] ** IOMMU DebugFS SUPPORT HAS BEEN ENABLED IN THIS KERNEL ** [ 0.590349] ** ** [ 0.593830] ** This means that this kernel is built to expose internal ** [ 0.594351] ** IOMMU data structures, which may compromise security on ** [ 0.597828] ** your system. ** [ 0.598338] ** ** [ 0.601828] ** If you see this message and you are not debugging the ** [ 0.602349] ** kernel, report this immediately to your vendor! ** [ 0.605828] ** ** [ 0.606303] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 0.609828] ************************************************************* [ 0.610397] PM: RTC time: 14:01:17, date: 2023-06-14 [ 0.626007] NET: Registered PF_NETLINK/PF_ROUTE protocol family [ 0.633968] DMA: preallocated 256 KiB GFP_KERNEL pool for atomic allocations [ 0.637842] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations [ 0.638453] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations [ 0.641886] audit: initializing netlink subsys (disabled) [ 0.645873] audit: type=2000 audit(1686751278.514:1): state=initialized audit_enabled=0 res=1 [ 0.647681] thermal_sys: Registered thermal governor 'fair_share' [ 0.647701] thermal_sys: Registered thermal governor 'bang_bang' [ 0.648427] thermal_sys: Registered thermal governor 'step_wise' [ 0.649096] thermal_sys: Registered thermal governor 'user_space' [ 0.665929] cpuidle: using governor ladder [ 0.670308] cpuidle: using governor menu [ 0.677903] Callback from call_rcu_tasks() invoked. [ 0.677866] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5 [ 0.682384] PCI: Using configuration type 1 for base access [ 0.694456] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. [ 1.985999] HugeTLB: registered 1.00 GiB page size, pre-allocated 0 pages [ 1.993836] HugeTLB: 16380 KiB vmemmap can be freed for a 1.00 GiB page [ 1.997838] HugeTLB: registered 2.00 MiB page size, pre-allocated 0 pages [ 2.001831] HugeTLB: 28 KiB vmemmap can be freed for a 2.00 MiB page [ 2.025969] ACPI: Added _OSI(Module Device) [ 2.026425] ACPI: Added _OSI(Processor Device) [ 2.029832] ACPI: Added _OSI(3.0 _SCP Extensions) [ 2.030325] ACPI: Added _OSI(Processor Aggregator Device) [ 2.130142] ACPI: 1 ACPI AML tables successfully acquired and loaded [ 16.490429] ACPI: Interpreter enabled [ 16.493988] ACPI: PM: (supports S0 S3 S4 S5) [ 16.494402] ACPI: Using IOAPIC for interrupt routing [ 16.497931] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug [ 16.501837] PCI: Using E820 reservations for host bridge windows [ 16.510156] ACPI: Enabled 2 GPEs in block 00 to 0F [ 16.690173] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff]) [ 16.693870] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI EDR HPX-Type3] [ 16.697841] acpi PNP0A03:00: _OSC: not requesting OS control; OS requires [ExtendedConfig ASPM ClockPM MSI] [ 16.702046] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended configuration space under this bridge [ 16.738131] acpiphp: Slot [3] registered [ 16.741984] acpiphp: Slot [4] registered [ 16.742505] acpiphp: Slot [5] registered [ 16.746373] acpiphp: Slot [6] registered [ 16.749966] acpiphp: Slot [7] registered [ 16.750488] acpiphp: Slot [8] registered [ 16.753949] acpiphp: Slot [9] registered [ 16.754389] acpiphp: Slot [10] registered [ 16.757940] acpiphp: Slot [11] registered [ 16.758395] acpiphp: Slot [12] registered [ 16.761965] acpiphp: Slot [13] registered [ 16.762441] acpiphp: Slot [14] registered [ 16.765958] acpiphp: Slot [15] registered [ 16.766414] acpiphp: Slot [16] registered [ 16.769958] acpiphp: Slot [17] registered [ 16.770450] acpiphp: Slot [18] registered [ 16.773949] acpiphp: Slot [19] registered [ 16.774450] acpiphp: Slot [20] registered [ 16.777947] acpiphp: Slot [21] registered [ 16.778400] acpiphp: Slot [22] registered [ 16.781965] acpiphp: Slot [23] registered [ 16.782417] acpiphp: Slot [24] registered [ 16.785958] acpiphp: Slot [25] registered [ 16.786420] acpiphp: Slot [26] registered [ 16.789967] acpiphp: Slot [27] registered [ 16.790450] acpiphp: Slot [28] registered [ 16.793963] acpiphp: Slot [29] registered [ 16.794419] acpiphp: Slot [30] registered [ 16.797955] acpiphp: Slot [31] registered [ 16.798369] PCI host bridge to bus 0000:00 [ 16.801846] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] [ 16.802449] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window] [ 16.805837] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] [ 16.809831] pci_bus 0000:00: root bus resource [mem 0x80000000-0xfebfffff window] [ 16.810493] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window] [ 16.817841] pci_bus 0000:00: root bus resource [bus 00-ff] [ 16.821999] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000 [ 16.878130] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100 [ 16.889931] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180 [ 16.901986] pci 0000:00:01.1: reg 0x20: [io 0xc040-0xc04f] [ 16.909855] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7] [ 16.913834] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6] [ 16.917831] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177] [ 16.921836] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376] [ 16.926313] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000 [ 16.930170] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI [ 16.933843] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB [ 16.938272] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000 [ 16.946310] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref] [ 16.958263] pci 0000:00:02.0: reg 0x18: [mem 0xfebf0000-0xfebf0fff] [ 16.978416] pci 0000:00:02.0: reg 0x30: [mem 0xfebe0000-0xfebeffff pref] [ 16.982080] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff] [ 17.062261] pci 0000:00:03.0: [8086:100e] type 00 class 0x020000 [ 17.070329] pci 0000:00:03.0: reg 0x10: [mem 0xfebc0000-0xfebdffff] [ 17.077844] pci 0000:00:03.0: reg 0x14: [io 0xc000-0xc03f] [ 17.101856] pci 0000:00:03.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref] [ 17.209901] ACPI: PCI: Interrupt link LNKA configured for IRQ 10 [ 17.218247] ACPI: PCI: Interrupt link LNKB configured for IRQ 10 [ 17.226187] ACPI: PCI: Interrupt link LNKC configured for IRQ 11 [ 17.234145] ACPI: PCI: Interrupt link LNKD configured for IRQ 11 [ 17.238219] ACPI: PCI: Interrupt link LNKS configured for IRQ 9 [ 17.257859] iommu: Default domain type: Translated [ 17.261856] iommu: DMA domain TLB invalidation policy: lazy mode [ 17.281968] SCSI subsystem initialized [ 17.286148] ACPI: bus type USB registered [ 17.289933] usbcore: registered new interface driver usbfs [ 17.293903] usbcore: registered new interface driver hub [ 17.297907] usbcore: registered new device driver usb [ 17.302092] pps_core: LinuxPPS API ver. 1 registered [ 17.305833] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti [ 17.309880] PTP clock support registered [ 17.314001] EDAC MC: Ver: 3.0.0 [ 17.342310] NetLabel: Initializing [ 17.345838] NetLabel: domain hash size = 128 [ 17.349835] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO [ 17.358058] NetLabel: unlabeled traffic allowed by default [ 17.365997] PCI: Using ACPI for IRQ routing [ 17.373935] pci 0000:00:02.0: vgaarb: setting as boot VGA device [ 17.375007] pci 0000:00:02.0: vgaarb: bridge control possible [ 17.375946] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none [ 17.389881] vgaarb: loaded [ 17.398278] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0 [ 17.401833] hpet0: 3 comparators, 64-bit 100.000000 MHz counter [ 17.410423] clocksource: Switched to clocksource kvm-clock [ 17.412321] VFS: Disk quotas dquot_6.6.0 [ 17.412853] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) [ 17.414239] pnp: PnP ACPI init [ 17.418947] pnp: PnP ACPI: found 6 devices [ 17.436267] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns [ 17.437483] NET: Registered PF_INET protocol family [ 17.438224] IP idents hash table entries: 32768 (order: 6, 262144 bytes, linear) [ 17.440196] tcp_listen_portaddr_hash hash table entries: 1024 (order: 4, 73728 bytes, linear) [ 17.441039] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) [ 17.441802] TCP established hash table entries: 16384 (order: 5, 131072 bytes, linear) [ 17.442760] TCP bind hash table entries: 16384 (order: 9, 2359296 bytes, linear) [ 17.444211] TCP: Hash tables configured (established 16384 bind 16384) [ 17.444874] UDP hash table entries: 1024 (order: 5, 163840 bytes, linear) [ 17.445574] UDP-Lite hash table entries: 1024 (order: 5, 163840 bytes, linear) [ 17.446556] NET: Registered PF_UNIX/PF_LOCAL protocol family [ 17.447713] RPC: Registered named UNIX socket transport module. [ 17.448253] RPC: Registered udp transport module. [ 17.448640] RPC: Registered tcp transport module. [ 17.449013] RPC: Registered tcp NFSv4.1 backchannel transport module. [ 17.449600] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window] [ 17.450109] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window] [ 17.450678] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window] [ 17.451314] pci_bus 0000:00: resource 7 [mem 0x80000000-0xfebfffff window] [ 17.451997] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window] [ 17.453102] pci 0000:00:01.0: PIIX3: Enabling Passive Release [ 17.453672] pci 0000:00:00.0: Limiting direct PCI/PCI transfers [ 17.454307] PCI: CLS 0 bytes, default 64 [ 17.455178] ACPI: bus type thunderbolt registered [ 17.455990] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x363e8c91135, max_idle_ns: 881590568389 ns [ 17.603468] Initialise system trusted keyrings [ 17.604069] Key type blacklist registered [ 17.604616] workingset: timestamp_bits=36 max_order=19 bucket_order=0 [ 17.605226] zbud: loaded [ 17.606544] squashfs: version 4.0 (2009/01/31) Phillip Lougher [ 17.608053] NFS: Registering the id_resolver key type [ 17.608509] Key type id_resolver registered [ 17.608861] Key type id_legacy registered [ 17.609227] nfs4filelayout_init: NFSv4 File Layout Driver Registering... [ 17.609810] nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering... [ 17.610661] fuse: init (API version 7.38) [ 17.611528] SGI XFS with ACLs, security attributes, realtime, quota, no debug enabled [ 17.613121] 9p: Installing v9fs 9p2000 file system support [ 17.619449] Key type asymmetric registered [ 17.619918] Asymmetric key parser 'x509' registered [ 17.620489] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 243) [ 17.621406] io scheduler mq-deadline registered [ 17.621936] io scheduler bfq registered [ 17.623017] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4 [ 17.624286] IPMI message handler: version 39.2 [ 17.624798] ipmi device interface [ 17.627220] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0 [ 17.628309] ACPI: button: Power Button [PWRF] [ 17.630135] ERST DBG: ERST support is disabled. [ 17.631975] Serial: 8250/16550 driver, 32 ports, IRQ sharing enabled [ 17.633330] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A [ 17.647890] Linux agpgart interface v0.103 [ 17.649608] ACPI: bus type drm_connector registered [ 17.667353] brd: module loaded [ 17.677703] loop: module loaded [ 17.684773] scsi host0: ata_piix [ 17.685931] scsi host1: ata_piix [ 17.686567] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc040 irq 14 [ 17.687236] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc048 irq 15 [ 17.690123] tun: Universal TUN/TAP device driver, 1.6 [ 17.690913] e100: Intel(R) PRO/100 Network Driver [ 17.691369] e100: Copyright(c) 1999-2006 Intel Corporation [ 17.691862] e1000: Intel(R) PRO/1000 Network Driver [ 17.692249] e1000: Copyright (c) 1999-2006 Intel Corporation. [ 17.846752] ata2: found unknown device (class 0) [ 17.847908] ata1: found unknown device (class 0) [ 17.849309] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100 [ 17.850295] ata1.00: ATA-7: QEMU HARDDISK, 2.5+, max UDMA/100 [ 17.851037] ata1.00: 17825792 sectors, multi 16: LBA48 [ 17.853508] scsi 0:0:0:0: Direct-Access ATA QEMU HARDDISK 2.5+ PQ: 0 ANSI: 5 [ 17.857050] sd 0:0:0:0: [sda] 17825792 512-byte logical blocks: (9.13 GB/8.50 GiB) [ 17.858145] sd 0:0:0:0: [sda] Write Protect is off [ 17.858873] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA [ 17.860577] sd 0:0:0:0: [sda] Preferred minimum I/O size 512 bytes [ 17.861891] sd 0:0:0:0: Attached scsi generic sg0 type 0 [ 17.863456] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5 [ 17.880095] scsi 1:0:0:0: Attached scsi generic sg1 type 5 [ 17.882456] sd 0:0:0:0: [sda] Attached SCSI disk [ 18.307628] ACPI: \_SB_.LNKC: Enabled at IRQ 11 [ 18.634043] e1000 0000:00:03.0 eth0: (PCI:33MHz:32-bit) 52:54:00:12:34:56 [ 18.634686] e1000 0000:00:03.0 eth0: Intel(R) PRO/1000 Network Connection [ 18.635377] e1000e: Intel(R) PRO/1000 Network Driver [ 18.635779] e1000e: Copyright(c) 1999 - 2015 Intel Corporation. [ 18.636321] igb: Intel(R) Gigabit Ethernet Network Driver [ 18.636754] igb: Copyright (c) 2007-2014 Intel Corporation. [ 18.637350] PPP generic driver version 2.4.2 [ 18.638340] VFIO - User Level meta-driver version: 0.3 [ 18.639434] usbcore: registered new interface driver uas [ 18.639924] usbcore: registered new interface driver usb-storage [ 18.640617] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12 [ 18.642093] serio: i8042 KBD port at 0x60,0x64 irq 1 [ 18.642592] serio: i8042 AUX port at 0x60,0x64 irq 12 [ 18.644012] mousedev: PS/2 mouse device common for all mice [ 18.645519] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1 [ 18.647837] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input4 [ 18.649709] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input3 [ 18.650656] rtc_cmos 00:05: RTC can wake from S4 [ 18.652889] rtc_cmos 00:05: registered as rtc0 [ 18.653425] rtc_cmos 00:05: setting system clock to 2023-06-14T14:01:22 UTC (1686751282) [ 18.654466] rtc_cmos 00:05: alarms up to one day, y3k, 242 bytes nvram, hpet irqs [ 18.655280] i2c_dev: i2c /dev entries driver [ 18.655805] device-mapper: core: CONFIG_IMA_DISABLE_HTABLE is disabled. Duplicate IMA measurements will not be recorded in the IMA log. [ 18.656787] device-mapper: uevent: version 1.0.3 [ 18.657478] device-mapper: ioctl: 4.48.0-ioctl (2023-03-01) initialised: dm-devel@redhat.com [ 18.658162] intel_pstate: CPU model not supported [ 18.658732] sdhci: Secure Digital Host Controller Interface driver [ 18.659235] sdhci: Copyright(c) Pierre Ossman [ 18.659699] sdhci-pltfm: SDHCI platform and OF driver helper [ 18.660228] ledtrig-cpu: registered to indicate activity on CPUs [ 18.661228] drop_monitor: Initializing network drop monitor service [ 18.662065] NET: Registered PF_INET6 protocol family [ 18.666060] Segment Routing with IPv6 [ 18.666483] In-situ OAM (IOAM) with IPv6 [ 18.666909] NET: Registered PF_PACKET protocol family [ 18.667641] 9pnet: Installing 9P2000 support [ 18.668194] Key type dns_resolver registered [ 18.669713] IPI shorthand broadcast: enabled [ 18.696622] sched_clock: Marking stable (18680012720, 14505772)->(4614675163, 14079843329) [ 18.698124] registered taskstats version 1 [ 18.698945] Loading compiled-in X.509 certificates [ 18.730879] Key type .fscrypt registered [ 18.731340] Key type fscrypt-provisioning registered [ 18.733483] Key type encrypted registered [ 18.733968] ima: No TPM chip found, activating TPM-bypass! [ 18.734552] ima: Allocated hash algorithm: sha1 [ 18.735068] ima: No architecture policies found [ 18.735632] evm: Initialising EVM extended attributes: [ 18.736123] evm: security.selinux [ 18.736443] evm: security.SMACK64 [ 18.736763] evm: security.SMACK64EXEC [ 18.737115] evm: security.SMACK64TRANSMUTE [ 18.737506] evm: security.SMACK64MMAP [ 18.737859] evm: security.apparmor [ 18.738186] evm: security.ima [ 18.738474] evm: security.capability [ 18.738838] evm: HMAC attrs: 0x1 [ 18.741284] PM: Magic number: 11:497:30 [ 18.742421] RAS: Correctable Errors collector initialized. [ 18.743615] clk: Disabling unused clocks [ 18.745042] md: Waiting for all devices to be available before autodetect [ 18.745531] md: If you don't use raid, use raid=noautodetect [ 18.745934] md: Autodetecting RAID arrays. [ 18.746238] md: autorun ... [ 18.746445] md: ... autorun DONE. [ 18.753668] EXT4-fs (sda): INFO: recovery required on readonly filesystem [ 18.754205] EXT4-fs (sda): write access will be enabled during recovery [ 18.796517] EXT4-fs (sda): recovery complete [ 18.812842] EXT4-fs (sda): mounted filesystem 7d161b99-3f72-474e-9ca2-d134e65f5015 with ordered data mode. Quota mode: none. [ 18.813726] VFS: Mounted root (ext4 filesystem) readonly on device 8:0. [ 18.818050] devtmpfs: mounted [ 18.830338] Freeing unused decrypted memory: 2036K [ 18.833806] Freeing unused kernel image (initmem) memory: 14508K [ 18.834222] Write protecting the kernel read-only data: 88064k [ 18.836037] Freeing unused kernel image (rodata/data gap) memory: 240K [ 18.921838] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 18.922371] Run /sbin/init as init process [ 19.175183] systemd[1]: systemd 252-8.el9 running in system mode (+PAM +AUDIT +SELINUX -APPARMOR +IMA +SMACK +SECCOMP +GCRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS -FIDO2 +IDN2 -IDN -IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY +P11KIT -QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK +XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) [ 19.177397] systemd[1]: Detected virtualization kvm. [ 19.177766] systemd[1]: Detected architecture x86-64. Welcome to CentOS Stream 9! [ 19.185539] systemd[1]: Hostname set to . [ 19.478552] systemd-rc-local-generator[119]: /etc/rc.d/rc.local is not marked executable, skipping. [ 19.823404] systemd[1]: Queued start job for default target Graphical Interface. [ 19.843156] systemd[1]: Created slice Slice /system/getty. [ OK ] Created slice Slice /system/getty. [ 19.846807] systemd[1]: Created slice Slice /system/modprobe. [ OK ] Created slice Slice /system/modprobe. [ 19.850054] systemd[1]: Created slice Slice /system/serial-getty. [ OK ] Created slice Slice /system/serial-getty. [ 19.853631] systemd[1]: Created slice Slice /system/sshd-keygen. [ OK ] Created slice Slice /system/sshd-keygen. [ 19.856415] systemd[1]: Created slice User and Session Slice. [ OK ] Created slice User and Session Slice. [ 19.858157] systemd[1]: Started Forward Password Requests to Wall Directory Watch. [ OK ] Started Forward Password R…uests to Wall Directory Watch. [ 19.860709] systemd[1]: Set up automount Arbitrary Executable File Formats File System Automount Point. [ OK ] Set up automount Arbitrary…s File System Automount Point. [ 19.862828] systemd[1]: Reached target Local Integrity Protected Volumes. [ OK ] Reached target Local Integrity Protected Volumes. [ 19.864573] systemd[1]: Reached target Slice Units. [ OK ] Reached target Slice Units. [ 19.865849] systemd[1]: Reached target Swaps. [ OK ] Reached target Swaps. [ 19.867028] systemd[1]: Reached target Local Verity Protected Volumes. [ OK ] Reached target Local Verity Protected Volumes. [ 19.869175] systemd[1]: Listening on Device-mapper event daemon FIFOs. [ OK ] Listening on Device-mapper event daemon FIFOs. [ 19.871778] systemd[1]: Listening on LVM2 poll daemon socket. [ OK ] Listening on LVM2 poll daemon socket. [ 19.873512] systemd[1]: multipathd control socket was skipped because of an unmet condition check (ConditionPathExists=/etc/multipath.conf). [ 19.936869] systemd[1]: Listening on RPCbind Server Activation Socket. [ OK ] Listening on RPCbind Server Activation Socket. [ 19.938972] systemd[1]: Reached target RPC Port Mapper. [ OK ] Reached target RPC Port Mapper. [ 19.943599] systemd[1]: Listening on Process Core Dump Socket. [ OK ] Listening on Process Core Dump Socket. [ 19.945440] systemd[1]: Listening on initctl Compatibility Named Pipe. [ OK ] Listening on initctl Compatibility Named Pipe. [ 19.947785] systemd[1]: Listening on Journal Socket (/dev/log). [ OK ] Listening on Journal Socket (/dev/log). [ 19.949671] systemd[1]: Listening on Journal Socket. [ OK ] Listening on Journal Socket. [ 19.953897] systemd[1]: Listening on udev Control Socket. [ OK ] Listening on udev Control Socket. [ 19.955540] systemd[1]: Listening on udev Kernel Socket. [ OK ] Listening on udev Kernel Socket. [ 19.983389] systemd[1]: Mounting Huge Pages File System... Mounting Huge Pages File System... [ 19.995746] systemd[1]: Mounting POSIX Message Queue File System... Mounting POSIX Message Queue File System... [ 20.007209] systemd[1]: Mounting Kernel Debug File System... Mounting Kernel Debug File System... [ 20.022871] systemd[1]: Mounting Kernel Trace File System... Mounting Kernel Trace File System... [ 20.024741] systemd[1]: Kernel Module supporting RPCSEC_GSS was skipped because of an unmet condition check (ConditionPathExists=/etc/krb5.keytab). [ 20.026125] systemd[1]: Create List of Static Device Nodes was skipped because of an unmet condition check (ConditionFileNotEmpty=/lib/modules/6.4.0-rc1-e93964b04d5b+/modules.devname). [ 20.036625] systemd[1]: Starting Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling... Starting Monitoring of LVM…meventd or progress polling... [ 20.049544] systemd[1]: Starting Load Kernel Module configfs... Starting Load Kernel Module configfs... [ 20.056838] systemd[1]: Starting Load Kernel Module drm... Starting Load Kernel Module drm... [ 20.069942] systemd[1]: Starting Load Kernel Module fuse... Starting Load Kernel Module fuse... [ 20.083255] systemd[1]: Starting Read and set NIS domainname from /etc/sysconfig/network... Starting Read and set NIS …from /etc/sysconfig/network... [ 20.107390] systemd[1]: Starting Journal Service... Starting Journal Service... [ 20.118995] systemd[1]: Starting Load Kernel Modules... Starting Load Kernel Modules... [ 20.132113] systemd[1]: Starting Generate network units from Kernel command line... Starting Generate network …ts from Kernel command line... [ 20.169724] systemd[1]: Starting Remount Root and Kernel File Systems... Starting Remount Root and Kernel File Systems... [ 20.171484] systemd[1]: Repartition Root Disk was skipped because no trigger condition checks were met. [ 20.203170] systemd[1]: Starting Coldplug All udev Devices... Starting Coldplug All udev Devices... [ 20.232587] systemd[1]: Mounted Huge Pages File System. [ OK ] Mounted Huge Pages File System. [ 20.234139] systemd[1]: Mounted POSIX Message Queue File System. [ OK ] Mounted POSIX Message Queue File System. [ 20.235769] systemd[1]: Mounted Kernel Debug File System. [ OK ] Mounted Kernel Debug File System. [ 20.239951] systemd[1]: Mounted Kernel Trace File System. [ OK ] Mounted Kernel Trace File System. [ 20.242652] systemd[1]: Finished Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling. [ OK ] Finished Monitoring of LVM… dmeventd or progress polling. [ 20.249375] systemd[1]: modprobe@configfs.service: Deactivated successfully. [ 20.256922] systemd[1]: Finished Load Kernel Module configfs. [ OK ] Finished Load Kernel Module configfs. [ 20.260575] systemd[1]: modprobe@drm.service: Deactivated successfully. [ 20.261972] systemd[1]: Finished Load Kernel Module drm. [ OK ] Finished Load Kernel Module drm. [ 20.264935] systemd[1]: modprobe@fuse.service: Deactivated successfully. [ 20.267373] systemd[1]: Finished Load Kernel Module fuse. [ OK ] Finished Load Kernel Module fuse. [ 20.269980] systemd[1]: Finished Read and set NIS domainname from /etc/sysconfig/network. [ OK ] Finished Read and set NIS …e from /etc/sysconfig/network. [ 20.272190] systemd[1]: systemd-modules-load.service: Main process exited, code=exited, status=1/FAILURE [ 20.273619] systemd[1]: systemd-modules-load.service: Failed with result 'exit-code'. [ 20.275561] systemd[1]: Failed to start Load Kernel Modules. [FAILED] Failed to start Load Kernel Modules. See 'systemctl status systemd-modules-load.service' for details. [ 20.278408] systemd[1]: Finished Generate network units from Kernel command line. [ OK ] Finished Generate network units from Kernel command line. [ 20.302618] EXT4-fs (sda): re-mounted 7d161b99-3f72-474e-9ca2-d134e65f5015. Quota mode: none. [ 20.316683] systemd[1]: Mounting FUSE Control File System... Mounting FUSE Control File System... [ 20.333369] systemd[1]: Mounting Kernel Configuration File System... Mounting Kernel Configuration File System... [ 20.383364] systemd[1]: Starting Apply Kernel Variables... Starting Apply Kernel Variables... [ 20.398425] systemd[1]: Started Journal Service. [ OK ] Started Journal Service. [ OK ] Finished Remount Root and Kernel File Systems. [ OK ] Mounted FUSE Control File System. [ OK ] Mounted Kernel Configuration File System. Starting Flush Journal to Persistent Storage... Starting Load/Save Random Seed... [ 20.507067] systemd-journald[137]: Received client request to flush runtime journal. Starting Create Static Device Nodes in /dev... Starting Setup Virtual Console... [ OK ] Finished Apply Kernel Variables. [ OK ] Finished Flush Journal to Persistent Storage. [ OK ] Finished Load/Save Random Seed. [ OK ] Finished Create Static Device Nodes in /dev. Starting Rule-based Manage…for Device Events and Files... [ OK ] Started Rule-based Manager for Device Events and Files. [ OK ] Finished Setup Virtual Console. [ OK ] Finished Coldplug All udev Devices. Starting Show Plymouth Boot Screen... Starting Wait for udev To …plete Device Initialization... [-1;-1f[ OK ] Started Show Plymouth Boot Screen. [ OK ] Started Forward Password R…s to Plymouth Directory Watch. [ OK ] Reached target Local Encrypted Volumes. [ OK ] Found device /dev/ttyS0. [ OK ] Listening on Load/Save RF …itch Status /dev/rfkill Watch. [ OK ] Finished Wait for udev To Complete Device Initialization. [ OK ] Reached target Preparation for Local File Systems. [ OK ] Reached target Local File Systems. Starting Tell Plymouth To Write Out Runtime Data... Starting Automatic Boot Loader Update... Starting Create Volatile Files and Directories... [ OK ] Finished Tell Plymouth To Write Out Runtime Data. [ OK ] Finished Automatic Boot Loader Update. [ OK ] Finished Create Volatile Files and Directories. Mounting RPC Pipe File System... Starting Security Auditing Service... Starting RPC Bind... [ OK ] Mounted RPC Pipe File System. [ OK ] Reached target rpc_pipefs.target. [ OK ] Started RPC Bind. [ OK ] Started Security Auditing Service. Starting Record System Boot/Shutdown in UTMP... [ OK ] Finished Record System Boot/Shutdown in UTMP. [ OK ] Reached target System Initialization. [ OK ] Started CUPS Scheduler. [ OK ] Started dnf makecache --timer. [ OK ] Started Daily rotation of log files. [ OK ] Started Updates mlocate database every day. [ OK ] Started Daily Cleanup of Temporary Directories. [ OK ] Reached target Path Units. [ OK ] Reached target Timer Units. [ OK ] Listening on Avahi mDNS/DNS-SD Stack Activation Socket. [ OK ] Listening on CUPS Scheduler. [ OK ] Listening on D-Bus System Message Bus Socket. [ OK ] Listening on Open-iSCSI iscsid Socket. [ OK ] Listening on Open-iSCSI iscsiuio Socket. [ OK ] Listening on SSSD Kerberos…ache Manager responder socket. [ OK ] Reached target Socket Units. Starting D-Bus System Message Bus... [ OK ] Started D-Bus System Message Bus. [ OK ] Reached target Basic System. Starting Avahi mDNS/DNS-SD Stack... Starting NTP client/server... [ 24.809740] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=259 'dbus-broker-lau' Starting Restore /run/initramfs on shutdown... [ OK ] Started irqbalance daemon. [ OK ] Started libstoragemgmt plug-in server daemon. [ OK ] Started Machine Check Exception Logging Daemon. Starting Auto-connect to s…E devices found during boot... Starting Authorization Manager... Starting Power Profiles daemon... Starting System Logging Service... Starting RealtimeKit Scheduling Policy Service... [ OK ] Reached target sshd-keygen.target. [ OK ] Reached target User and Group Name Lookups. Starting Accounts Service... Starting Switcheroo Control Proxy service... Starting User Login Management... Starting Disk Manager... Starting Daemon for power management... [ OK ] Started System Logging Service. [ OK ] Started NTP client/server. [ OK ] Finished Restore /run/initramfs on shutdown. [ OK ] Finished Auto-connect to s…VME devices found during boot. [ OK ] Started RealtimeKit Scheduling Policy Service. [ OK ] Started Avahi mDNS/DNS-SD Stack. [ OK ] Started Switcheroo Control Proxy service. Starting Load Kernel Module drm... [ OK ] Finished Load Kernel Module drm. [ OK ] Started User Login Management. [ OK ] Started Daemon for power management. [ OK ] Started Authorization Manager. Starting Modem Manager... Starting firewalld - dynamic firewall daemon... [ OK ] Started Accounts Service. [ OK ] Started Power Profiles daemon. [ OK ] Started Disk Manager. [ OK ] Started Modem Manager. [ OK ] Started firewalld - dynamic firewall daemon. [ OK ] Reached target Preparation for Network. Starting Network Manager... [ OK ] Started Network Manager. [ OK ] Reached target Network. Starting Network Manager Wait Online... Starting CUPS Scheduler... Starting GSSAPI Proxy Daemon... Starting OpenSSH server daemon... Starting Hostname Service... [ OK ] Started CUPS Scheduler. [ OK ] Started GSSAPI Proxy Daemon. [ OK ] Reached target NFS client services. [ OK ] Started OpenSSH server daemon. [ OK ] Started Hostname Service. Starting Network Manager Script Dispatcher Service... [ OK ] Started Network Manager Script Dispatcher Service. [ 28.886765] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 28.887635] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ OK ] Finished Network Manager Wait Online. [ OK ] Reached target Network is Online. [ OK ] Reached target Preparation for Remote File Systems. [ OK ] Reached target Remote File Systems. Starting Notify NFS peers of a restart... Starting Permit User Sessions... [ OK ] Started Notify NFS peers of a restart. [ OK ] Finished Permit User Sessions. [ OK ] Started Deferred execution scheduler. [ OK ] Started Command Scheduler. Starting Hold until boot process finishes up... Starting Terminate Plymouth Boot Screen... CentOS Stream 9 Kernel 6.4.0-rc1-e93964b04d5b+ on an x86_64 Activate the web console with: systemctl enable --now cockpit.socket test login: [ 69.542890] ------------[ cut here ]------------ [ 69.543410] WARNING: CPU: 0 PID: 563 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.544172] Modules linked in: [ 69.544442] CPU: 0 PID: 563 Comm: repro Not tainted 6.4.0-rc1-e93964b04d5b+ #1 [ 69.544985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.545848] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.546222] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.547788] RSP: 0018:ffff888015d57bb8 EFLAGS: 00010246 [ 69.548200] RAX: 0000000000000000 RBX: ffff8880160990a8 RCX: 0000000000000000 [ 69.548750] RDX: 0000000000000000 RSI: ffff888010880000 RDI: 0000000000000002 [ 69.549292] RBP: ffff888015d57bd0 R08: ffffed1002c13233 R09: ffffed1002c13233 [ 69.549830] R10: ffff888016099193 R11: ffffed1002c13232 R12: ffff8880129c6c00 [ 69.550361] R13: ffff8880160991e8 R14: ffffffff8352e670 R15: ffff888015d57e68 [ 69.550927] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.551531] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.551973] CR2: 0000000020000140 CR3: 00000000189c8000 CR4: 0000000000750ef0 [ 69.552504] PKRU: 55555554 [ 69.552712] Call Trace: [ 69.552903] [ 69.553096] __iommufd_access_detach+0x1c2/0x2b0 [ 69.553461] iommufd_access_change_pt+0x149/0x270 [ 69.553826] iommufd_access_replace+0xb4/0x120 [ 69.554193] iommufd_test+0x3e5/0x37e0 [ 69.554482] ? __this_cpu_preempt_check+0x20/0x30 [ 69.554866] ? lock_release+0x3f8/0x770 [ 69.555192] ? __this_cpu_preempt_check+0x20/0x30 [ 69.555567] ? __might_fault+0x102/0x1b0 [ 69.555879] ? __pfx_iommufd_test+0x10/0x10 [ 69.556203] ? write_comp_data+0x2f/0x90 [ 69.556535] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.556897] ? write_comp_data+0x2f/0x90 [ 69.557207] iommufd_fops_ioctl+0x37d/0x510 [ 69.557556] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 69.557925] ? write_comp_data+0x2f/0x90 [ 69.558232] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 69.558638] __x64_sys_ioctl+0x1a3/0x230 [ 69.558953] do_syscall_64+0x3b/0x90 [ 69.559251] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.559672] RIP: 0033:0x7f4b8743ee5d [ 69.559951] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 69.561300] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 69.561883] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 69.562405] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 69.562992] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 69.563532] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 69.564127] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 69.564676] [ 69.564854] irq event stamp: 4865 [ 69.565151] hardirqs last enabled at (4873): [] __up_console_sem+0x91/0xb0 [ 69.565809] hardirqs last disabled at (4880): [] __up_console_sem+0x76/0xb0 [ 69.566529] softirqs last enabled at (4422): [] __do_softirq+0x4f5/0x77c [ 69.567180] softirqs last disabled at (4245): [] irq_exit_rcu+0xe5/0x130 [ 69.567841] ---[ end trace 0000000000000000 ]--- [ 69.569290] ================================================================== [ 69.569893] BUG: KASAN: slab-use-after-free in iopt_calculate_iova_alignment+0x3d4/0x410 [ 69.570526] Read of size 8 at addr ffff8880129c6d60 by task repro/563 [ 69.571018] [ 69.571152] CPU: 0 PID: 563 Comm: repro Tainted: G W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.571826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.572685] Call Trace: [ 69.572891] [ 69.573059] dump_stack_lvl+0xa9/0x110 [ 69.573360] print_report+0xd1/0x620 [ 69.573668] ? kasan_complete_mode_report_info+0x80/0x200 [ 69.574094] ? iopt_calculate_iova_alignment+0x3d4/0x410 [ 69.574502] kasan_report+0x9e/0xd0 [ 69.574803] ? iopt_calculate_iova_alignment+0x3d4/0x410 [ 69.575233] __asan_report_load8_noabort+0x18/0x20 [ 69.575608] iopt_calculate_iova_alignment+0x3d4/0x410 [ 69.576035] ? __pfx_iopt_calculate_iova_alignment+0x10/0x10 [ 69.576477] ? do_raw_spin_unlock+0x154/0x230 [ 69.576842] iopt_remove_access+0x7f/0xd0 [ 69.577175] iommufd_access_destroy_object+0x65/0x170 [ 69.577556] iommufd_object_destroy_user+0x18e/0x220 [ 69.577956] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 69.578400] iommufd_access_destroy+0x43/0x70 [ 69.578744] iommufd_test_staccess_release+0x8d/0xd0 [ 69.579184] __fput+0x26d/0xa40 [ 69.579441] ____fput+0x1e/0x30 [ 69.579694] task_work_run+0x1a4/0x2d0 [ 69.580000] ? __pfx_task_work_run+0x10/0x10 [ 69.580371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.580740] ? switch_task_namespaces+0xa9/0xe0 [ 69.581107] do_exit+0xb17/0x2ef0 [ 69.581410] ? __pfx_lock_release+0x10/0x10 [ 69.581737] ? do_raw_spin_lock+0x132/0x2a0 [ 69.582058] ? __pfx_do_exit+0x10/0x10 [ 69.582409] ? __this_cpu_preempt_check+0x20/0x30 [ 69.582790] ? lockdep_hardirqs_on+0x8a/0x110 [ 69.583141] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.583545] ? trace_hardirqs_on+0x26/0x120 [ 69.583886] do_group_exit+0xe0/0x2b0 [ 69.584171] __x64_sys_exit_group+0x47/0x50 [ 69.584534] do_syscall_64+0x3b/0x90 [ 69.584842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.585239] RIP: 0033:0x7f4b87518a4d [ 69.585547] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.586025] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.586621] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.587182] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.587754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.588297] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.588885] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.589435] [ 69.589612] [ 69.589748] Allocated by task 563: [ 69.590042] kasan_save_stack+0x2a/0x50 [ 69.590351] kasan_set_track+0x29/0x40 [ 69.590656] kasan_save_alloc_info+0x22/0x30 [ 69.591034] __kasan_kmalloc+0x86/0xa0 [ 69.591349] __kmalloc+0x66/0x170 [ 69.591609] _iommufd_object_alloc+0x34/0x1a0 [ 69.591969] iommufd_access_create+0x39/0x2d0 [ 69.592349] iommufd_test+0x679/0x37e0 [ 69.592641] iommufd_fops_ioctl+0x37d/0x510 [ 69.592976] __x64_sys_ioctl+0x1a3/0x230 [ 69.593344] do_syscall_64+0x3b/0x90 [ 69.593635] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.594033] [ 69.594167] Freed by task 563: [ 69.594446] kasan_save_stack+0x2a/0x50 [ 69.594746] kasan_set_track+0x29/0x40 [ 69.595046] kasan_save_free_info+0x32/0x50 [ 69.595427] __kasan_slab_free+0x10b/0x1a0 [ 69.595776] __kmem_cache_free+0x1e8/0x430 [ 69.596100] kfree+0x93/0x140 [ 69.596377] iommufd_object_destroy_user+0x199/0x220 [ 69.596799] iommufd_access_destroy+0x43/0x70 [ 69.597145] iommufd_test_staccess_release+0x8d/0xd0 [ 69.597588] __fput+0x26d/0xa40 [ 69.597856] ____fput+0x1e/0x30 [ 69.598108] task_work_run+0x1a4/0x2d0 [ 69.598418] do_exit+0xb17/0x2ef0 [ 69.598723] do_group_exit+0xe0/0x2b0 [ 69.599007] __x64_sys_exit_group+0x47/0x50 [ 69.599341] do_syscall_64+0x3b/0x90 [ 69.599672] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.600092] [ 69.600220] The buggy address belongs to the object at ffff8880129c6c00 [ 69.600220] which belongs to the cache kmalloc-cg-512 of size 512 [ 69.601208] The buggy address is located 352 bytes inside of [ 69.601208] freed 512-byte region [ffff8880129c6c00, ffff8880129c6e00) [ 69.602150] [ 69.602276] The buggy address belongs to the physical page: [ 69.602709] page:00000000b9673c0b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x129c4 [ 69.603431] head:00000000b9673c0b order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 69.604073] memcg:ffff8880121a0e01 [ 69.604336] flags: 0xfffffc0010200(slab|head|node=0|zone=1|lastcpupid=0x1fffff) [ 69.604917] page_type: 0xffffffff() [ 69.605229] raw: 000fffffc0010200 ffff88800a44f140 ffffea00004bcc00 dead000000000002 [ 69.605815] raw: 0000000000000000 0000000080100010 00000001ffffffff ffff8880121a0e01 [ 69.606440] page dumped because: kasan: bad access detected [ 69.606859] [ 69.606992] Memory state around the buggy address: [ 69.607410] ffff8880129c6c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.607958] ffff8880129c6c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.608549] >ffff8880129c6d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.609101] ^ [ 69.609618] ffff8880129c6d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 69.610162] ffff8880129c6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 69.610732] ================================================================== [ 69.611390] Disabling lock debugging due to kernel taint [ 69.613581] ------------[ cut here ]------------ [ 69.613956] WARNING: CPU: 0 PID: 563 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.614750] Modules linked in: [ 69.615007] CPU: 0 PID: 563 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.615687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.616531] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.616933] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.618309] RSP: 0018:ffff888015d57bd0 EFLAGS: 00010246 [ 69.618728] RAX: 0000000000000000 RBX: ffff8880160990a8 RCX: 0000000000000000 [ 69.619294] RDX: 0000000000000000 RSI: ffff888010880000 RDI: 0000000000000002 [ 69.619824] RBP: ffff888015d57be8 R08: ffffed1002c13233 R09: ffffed1002c13233 [ 69.620380] R10: ffff888016099193 R11: ffffed1002c13232 R12: ffff88801419a800 [ 69.620914] R13: ffff8880160991e8 R14: ffff88800ca5ad00 R15: 0000000000000000 [ 69.621468] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.622081] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.622535] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 69.623079] PKRU: 55555554 [ 69.623303] Call Trace: [ 69.623504] [ 69.623671] iommufd_access_destroy_object+0x65/0x170 [ 69.624065] iommufd_object_destroy_user+0x18e/0x220 [ 69.624481] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 69.624924] iommufd_access_destroy+0x43/0x70 [ 69.625296] iommufd_test_staccess_release+0x8d/0xd0 [ 69.625701] __fput+0x26d/0xa40 [ 69.625961] ____fput+0x1e/0x30 [ 69.626221] task_work_run+0x1a4/0x2d0 [ 69.626567] ? __pfx_task_work_run+0x10/0x10 [ 69.626903] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.627281] ? switch_task_namespaces+0xa9/0xe0 [ 69.627671] do_exit+0xb17/0x2ef0 [ 69.627930] ? __pfx_lock_release+0x10/0x10 [ 69.628260] ? do_raw_spin_lock+0x132/0x2a0 [ 69.628607] ? __pfx_do_exit+0x10/0x10 [ 69.628917] ? __this_cpu_preempt_check+0x20/0x30 [ 69.629277] ? lockdep_hardirqs_on+0x8a/0x110 [ 69.629643] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.629994] ? trace_hardirqs_on+0x26/0x120 [ 69.630317] do_group_exit+0xe0/0x2b0 [ 69.630641] __x64_sys_exit_group+0x47/0x50 [ 69.630976] do_syscall_64+0x3b/0x90 [ 69.631266] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.631679] RIP: 0033:0x7f4b87518a4d [ 69.631973] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.632422] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.633004] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.633526] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.634073] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.634615] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.635174] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.635733] [ 69.635924] irq event stamp: 5705 [ 69.636184] hardirqs last enabled at (5705): [] irqentry_exit+0x3e/0xa0 [ 69.636788] hardirqs last disabled at (5704): [] __do_softirq+0x61f/0x77c [ 69.637424] softirqs last enabled at (4422): [] __do_softirq+0x4f5/0x77c [ 69.638055] softirqs last disabled at (4245): [] irq_exit_rcu+0xe5/0x130 [ 69.638692] ---[ end trace 0000000000000000 ]--- [ 69.639417] ------------[ cut here ]------------ [ 69.639774] WARNING: CPU: 0 PID: 563 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 69.640560] Modules linked in: [ 69.640795] CPU: 0 PID: 563 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.641451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.642280] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 69.642710] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 69.644093] RSP: 0018:ffff888015d57b78 EFLAGS: 00010246 [ 69.644496] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 69.645054] RDX: 0000000000000000 RSI: ffff888010880000 RDI: 0000000000000002 [ 69.645590] RBP: ffff888015d57b98 R08: ffffed1002c1323e R09: ffffed1002c1323e [ 69.646124] R10: ffff8880160991ef R11: ffffed1002c1323d R12: ffff888016099290 [ 69.646686] R13: ffff8880160990a8 R14: ffffffffffffffff R15: ffff888015d57c60 [ 69.647228] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.647836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.648281] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 69.648835] PKRU: 55555554 [ 69.649062] Call Trace: [ 69.649254] [ 69.649420] iommufd_ioas_destroy+0x53/0x70 [ 69.649745] iommufd_fops_release+0x1f7/0x370 [ 69.650112] ? __pfx_iommufd_fops_release+0x10/0x10 [ 69.650490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.650891] ? write_comp_data+0x2f/0x90 [ 69.651235] ? __pfx_iommufd_fops_release+0x10/0x10 [ 69.651601] __fput+0x26d/0xa40 [ 69.651861] ____fput+0x1e/0x30 [ 69.652129] task_work_run+0x1a4/0x2d0 [ 69.652437] ? __pfx_task_work_run+0x10/0x10 [ 69.652762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.653148] ? switch_task_namespaces+0xa9/0xe0 [ 69.653512] do_exit+0xb17/0x2ef0 [ 69.653768] ? __pfx_lock_release+0x10/0x10 [ 69.654105] ? do_raw_spin_lock+0x132/0x2a0 [ 69.654449] ? __pfx_do_exit+0x10/0x10 [ 69.654759] ? __this_cpu_preempt_check+0x20/0x30 [ 69.655143] ? lockdep_hardirqs_on+0x8a/0x110 [ 69.655506] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.655841] ? trace_hardirqs_on+0x26/0x120 [ 69.656169] do_group_exit+0xe0/0x2b0 [ 69.656472] __x64_sys_exit_group+0x47/0x50 [ 69.656800] do_syscall_64+0x3b/0x90 [ 69.657081] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.657488] RIP: 0033:0x7f4b87518a4d [ 69.657766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.658207] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.658807] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.659339] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.659886] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.660411] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.661019] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.661580] [ 69.661765] irq event stamp: 5705 [ 69.662025] hardirqs last enabled at (5705): [] irqentry_exit+0x3e/0xa0 [ 69.662669] hardirqs last disabled at (5704): [] __do_softirq+0x61f/0x77c [ 69.663303] softirqs last enabled at (4422): [] __do_softirq+0x4f5/0x77c [ 69.663924] softirqs last disabled at (4245): [] irq_exit_rcu+0xe5/0x130 [ 69.664533] ---[ end trace 0000000000000000 ]--- [ 69.668166] ------------[ cut here ]------------ [ 69.668548] WARNING: CPU: 0 PID: 564 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.669290] Modules linked in: [ 69.669540] CPU: 0 PID: 564 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.670181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.671067] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.671458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.672826] RSP: 0018:ffff888015b4fbb8 EFLAGS: 00010246 [ 69.673215] RAX: 0000000000000000 RBX: ffff888010f588a8 RCX: 0000000000000000 [ 69.673748] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 69.674277] RBP: ffff888015b4fbd0 R08: ffffed10021eb133 R09: ffffed10021eb133 [ 69.674830] R10: ffff888010f58993 R11: ffffed10021eb132 R12: ffff888012e96400 [ 69.675378] R13: ffff888010f589e8 R14: ffffffff8352e670 R15: ffff888015b4fe68 [ 69.675914] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.676512] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.676941] CR2: 0000000020000140 CR3: 00000000188e2000 CR4: 0000000000750ef0 [ 69.677471] PKRU: 55555554 [ 69.677694] Call Trace: [ 69.677884] [ 69.678051] __iommufd_access_detach+0x1c2/0x2b0 [ 69.678426] iommufd_access_change_pt+0x149/0x270 [ 69.678824] iommufd_access_replace+0xb4/0x120 [ 69.679199] iommufd_test+0x3e5/0x37e0 [ 69.679488] ? lock_release+0x532/0x770 [ 69.679806] ? __might_fault+0x102/0x1b0 [ 69.680110] ? lock_acquire+0x427/0x4c0 [ 69.680421] ? __pfx_iommufd_test+0x10/0x10 [ 69.680741] ? __pfx_lock_release+0x10/0x10 [ 69.681076] ? __pfx_lock_acquire+0x10/0x10 [ 69.681419] ? write_comp_data+0x2f/0x90 [ 69.681736] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.682109] ? write_comp_data+0x2f/0x90 [ 69.682422] iommufd_fops_ioctl+0x37d/0x510 [ 69.682781] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 69.683169] ? write_comp_data+0x2f/0x90 [ 69.683486] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 69.683862] __x64_sys_ioctl+0x1a3/0x230 [ 69.684187] do_syscall_64+0x3b/0x90 [ 69.684471] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.684890] RIP: 0033:0x7f4b8743ee5d [ 69.685176] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 69.686552] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 69.687148] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 69.687684] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 69.688235] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 69.688773] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 69.689323] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 69.689872] [ 69.690059] irq event stamp: 0 [ 69.690293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.690794] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.691451] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.692092] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.692566] ---[ end trace 0000000000000000 ]--- [ 69.695299] ------------[ cut here ]------------ [ 69.695691] WARNING: CPU: 0 PID: 564 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.696472] Modules linked in: [ 69.696719] CPU: 0 PID: 564 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.697375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.698237] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.698698] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.700118] RSP: 0018:ffff888015b4fbd0 EFLAGS: 00010246 [ 69.700513] RAX: 0000000000000000 RBX: ffff888010f588a8 RCX: 0000000000000000 [ 69.701053] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 69.701588] RBP: ffff888015b4fbe8 R08: ffffed10021eb133 R09: ffffed10021eb133 [ 69.702135] R10: ffff888010f58993 R11: ffffed10021eb132 R12: ffff8880129c6400 [ 69.702686] R13: ffff888010f589e8 R14: ffff888020947d00 R15: 0000000000000000 [ 69.703244] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.703854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.704297] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 69.704834] PKRU: 55555554 [ 69.705055] Call Trace: [ 69.705254] [ 69.705440] iommufd_access_destroy_object+0x65/0x170 [ 69.705841] iommufd_object_destroy_user+0x18e/0x220 [ 69.706230] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 69.706714] iommufd_access_destroy+0x43/0x70 [ 69.707069] iommufd_test_staccess_release+0x8d/0xd0 [ 69.707480] __fput+0x26d/0xa40 [ 69.707756] ____fput+0x1e/0x30 [ 69.708015] task_work_run+0x1a4/0x2d0 [ 69.708323] ? __pfx_task_work_run+0x10/0x10 [ 69.708700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.709082] ? switch_task_namespaces+0xa9/0xe0 [ 69.709442] do_exit+0xb17/0x2ef0 [ 69.709736] ? lock_acquire+0x427/0x4c0 [ 69.710048] ? __pfx_lock_release+0x10/0x10 [ 69.710386] ? __kasan_check_write+0x18/0x20 [ 69.710766] ? do_raw_spin_lock+0x132/0x2a0 [ 69.711117] ? __pfx_do_exit+0x10/0x10 [ 69.711435] ? debug_smp_processor_id+0x20/0x30 [ 69.711802] ? rcu_is_watching+0x19/0xb0 [ 69.712117] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.712473] ? trace_hardirqs_on+0x26/0x120 [ 69.712823] do_group_exit+0xe0/0x2b0 [ 69.713123] __x64_sys_exit_group+0x47/0x50 [ 69.713441] do_syscall_64+0x3b/0x90 [ 69.713735] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.714152] RIP: 0033:0x7f4b87518a4d [ 69.714428] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.714920] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.715530] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.716092] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.716631] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.717197] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.717734] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.718314] [ 69.718499] irq event stamp: 0 [ 69.718756] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.719257] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.719902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.720565] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.721037] ---[ end trace 0000000000000000 ]--- [ 69.721858] ------------[ cut here ]------------ [ 69.722223] WARNING: CPU: 0 PID: 564 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 69.723160] Modules linked in: [ 69.723413] CPU: 0 PID: 564 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.724089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.724963] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 69.725351] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 69.726772] RSP: 0018:ffff888015b4fb78 EFLAGS: 00010246 [ 69.727199] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 69.727671] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 69.728154] RBP: ffff888015b4fb98 R08: ffffed10021eb13e R09: ffffed10021eb13e [ 69.728610] R10: ffff888010f589ef R11: ffffed10021eb13d R12: ffff888010f58a90 [ 69.729118] R13: ffff888010f588a8 R14: ffffffffffffffff R15: ffff888015b4fc60 [ 69.729573] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.730122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.730487] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 69.730990] PKRU: 55555554 [ 69.731214] Call Trace: [ 69.731381] [ 69.731526] iommufd_ioas_destroy+0x53/0x70 [ 69.731814] iommufd_fops_release+0x1f7/0x370 [ 69.732141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 69.732483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.732807] ? write_comp_data+0x2f/0x90 [ 69.733093] ? __pfx_iommufd_fops_release+0x10/0x10 [ 69.733451] __fput+0x26d/0xa40 [ 69.733674] ____fput+0x1e/0x30 [ 69.733900] task_work_run+0x1a4/0x2d0 [ 69.734176] ? __pfx_task_work_run+0x10/0x10 [ 69.734498] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.734834] ? switch_task_namespaces+0xa9/0xe0 [ 69.735169] do_exit+0xb17/0x2ef0 [ 69.735429] ? lock_acquire+0x427/0x4c0 [ 69.735703] ? __pfx_lock_release+0x10/0x10 [ 69.735991] ? __kasan_check_write+0x18/0x20 [ 69.736297] ? do_raw_spin_lock+0x132/0x2a0 [ 69.736613] ? __pfx_do_exit+0x10/0x10 [ 69.736868] ? debug_smp_processor_id+0x20/0x30 [ 69.737175] ? rcu_is_watching+0x19/0xb0 [ 69.737471] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.737787] ? trace_hardirqs_on+0x26/0x120 [ 69.738068] do_group_exit+0xe0/0x2b0 [ 69.738327] __x64_sys_exit_group+0x47/0x50 [ 69.738660] do_syscall_64+0x3b/0x90 [ 69.738913] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.739263] RIP: 0033:0x7f4b87518a4d [ 69.739520] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.739944] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.740485] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.741048] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.741585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.742146] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.742705] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.743276] [ 69.743452] irq event stamp: 0 [ 69.743701] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.744209] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.744851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.745496] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.745996] ---[ end trace 0000000000000000 ]--- [ 69.750062] ------------[ cut here ]------------ [ 69.750498] WARNING: CPU: 0 PID: 565 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.751364] Modules linked in: [ 69.751621] CPU: 0 PID: 565 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.752276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.753162] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.753571] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.755222] RSP: 0018:ffff888018657bb8 EFLAGS: 00010246 [ 69.755659] RAX: 0000000000000000 RBX: ffff888012ab48a8 RCX: 0000000000000000 [ 69.756200] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 69.756768] RBP: ffff888018657bd0 R08: ffffed1002556933 R09: ffffed1002556933 [ 69.757311] R10: ffff888012ab4993 R11: ffffed1002556932 R12: ffff888012f1c800 [ 69.757882] R13: ffff888012ab49e8 R14: ffffffff8352e670 R15: ffff888018657e68 [ 69.758415] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.759080] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.759526] CR2: 0000000020000140 CR3: 0000000018708000 CR4: 0000000000750ef0 [ 69.760111] PKRU: 55555554 [ 69.760324] Call Trace: [ 69.760512] [ 69.760690] __iommufd_access_detach+0x1c2/0x2b0 [ 69.761085] iommufd_access_change_pt+0x149/0x270 [ 69.761454] iommufd_access_replace+0xb4/0x120 [ 69.761823] iommufd_test+0x3e5/0x37e0 [ 69.762139] ? lock_release+0x532/0x770 [ 69.762445] ? __might_fault+0x102/0x1b0 [ 69.762773] ? lock_acquire+0x427/0x4c0 [ 69.763103] ? __pfx_iommufd_test+0x10/0x10 [ 69.763442] ? __pfx_lock_release+0x10/0x10 [ 69.763765] ? __pfx_lock_acquire+0x10/0x10 [ 69.764118] ? write_comp_data+0x2f/0x90 [ 69.764438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.764802] ? write_comp_data+0x2f/0x90 [ 69.765135] iommufd_fops_ioctl+0x37d/0x510 [ 69.765483] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 69.765845] ? write_comp_data+0x2f/0x90 [ 69.766168] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 69.766571] __x64_sys_ioctl+0x1a3/0x230 [ 69.766883] do_syscall_64+0x3b/0x90 [ 69.767190] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.767605] RIP: 0033:0x7f4b8743ee5d [ 69.767881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 69.769267] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 69.769859] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 69.770404] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 69.770972] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 69.771520] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 69.772072] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 69.772625] [ 69.772817] irq event stamp: 0 [ 69.773060] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.773531] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.774186] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.774843] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.775328] ---[ end trace 0000000000000000 ]--- [ 69.778293] ------------[ cut here ]------------ [ 69.778697] WARNING: CPU: 0 PID: 565 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.779494] Modules linked in: [ 69.779735] CPU: 0 PID: 565 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.780452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.781457] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.781834] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.783417] RSP: 0018:ffff888018657bd0 EFLAGS: 00010246 [ 69.783820] RAX: 0000000000000000 RBX: ffff888012ab48a8 RCX: 0000000000000000 [ 69.784358] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 69.785073] RBP: ffff888018657be8 R08: ffffed1002556933 R09: ffffed1002556933 [ 69.785618] R10: ffff888012ab4993 R11: ffffed1002556932 R12: ffff888012e94400 [ 69.786148] R13: ffff888012ab49e8 R14: ffff888015ac4d00 R15: 0000000000000000 [ 69.786712] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.787411] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.787963] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 69.788492] PKRU: 55555554 [ 69.788721] Call Trace: [ 69.788918] [ 69.789089] iommufd_access_destroy_object+0x65/0x170 [ 69.789551] iommufd_object_destroy_user+0x18e/0x220 [ 69.790062] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 69.790528] iommufd_access_destroy+0x43/0x70 [ 69.790887] iommufd_test_staccess_release+0x8d/0xd0 [ 69.791274] __fput+0x26d/0xa40 [ 69.791520] ____fput+0x1e/0x30 [ 69.791771] task_work_run+0x1a4/0x2d0 [ 69.792167] ? __pfx_task_work_run+0x10/0x10 [ 69.792600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.792972] ? switch_task_namespaces+0xa9/0xe0 [ 69.793329] do_exit+0xb17/0x2ef0 [ 69.793586] ? lock_acquire+0x427/0x4c0 [ 69.793930] ? __pfx_lock_release+0x10/0x10 [ 69.794386] ? __kasan_check_write+0x18/0x20 [ 69.794738] ? do_raw_spin_lock+0x132/0x2a0 [ 69.795064] ? __pfx_do_exit+0x10/0x10 [ 69.795377] ? debug_smp_processor_id+0x20/0x30 [ 69.795726] ? rcu_is_watching+0x19/0xb0 [ 69.796022] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.796380] ? trace_hardirqs_on+0x26/0x120 [ 69.796805] do_group_exit+0xe0/0x2b0 [ 69.797212] __x64_sys_exit_group+0x47/0x50 [ 69.797537] do_syscall_64+0x3b/0x90 [ 69.797817] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.798200] RIP: 0033:0x7f4b87518a4d [ 69.798556] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.799147] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.799725] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.800239] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.800786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.801396] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.802051] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.802638] [ 69.802827] irq event stamp: 0 [ 69.803074] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.803556] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.804302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.805071] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.805540] ---[ end trace 0000000000000000 ]--- [ 69.806249] ------------[ cut here ]------------ [ 69.806718] WARNING: CPU: 0 PID: 565 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 69.807533] Modules linked in: [ 69.807778] CPU: 0 PID: 565 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.808456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.809497] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 69.809885] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 69.811481] RSP: 0018:ffff888018657b78 EFLAGS: 00010246 [ 69.811882] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 69.812428] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 69.812966] RBP: ffff888018657b98 R08: ffffed100255693e R09: ffffed100255693e [ 69.813694] R10: ffff888012ab49ef R11: ffffed100255693d R12: ffff888012ab4a90 [ 69.814221] R13: ffff888012ab48a8 R14: ffffffffffffffff R15: ffff888018657c60 [ 69.814800] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.815408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.815949] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 69.816568] PKRU: 55555554 [ 69.816806] Call Trace: [ 69.816998] [ 69.817172] iommufd_ioas_destroy+0x53/0x70 [ 69.817500] iommufd_fops_release+0x1f7/0x370 [ 69.818020] ? __pfx_iommufd_fops_release+0x10/0x10 [ 69.818397] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.818803] ? write_comp_data+0x2f/0x90 [ 69.819139] ? __pfx_iommufd_fops_release+0x10/0x10 [ 69.819516] __fput+0x26d/0xa40 [ 69.819789] ____fput+0x1e/0x30 [ 69.820070] task_work_run+0x1a4/0x2d0 [ 69.820449] ? __pfx_task_work_run+0x10/0x10 [ 69.820899] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.821288] ? switch_task_namespaces+0xa9/0xe0 [ 69.821648] do_exit+0xb17/0x2ef0 [ 69.821916] ? lock_acquire+0x427/0x4c0 [ 69.822296] ? __pfx_lock_release+0x10/0x10 [ 69.822735] ? __kasan_check_write+0x18/0x20 [ 69.823081] ? do_raw_spin_lock+0x132/0x2a0 [ 69.823429] ? __pfx_do_exit+0x10/0x10 [ 69.823733] ? debug_smp_processor_id+0x20/0x30 [ 69.824095] ? rcu_is_watching+0x19/0xb0 [ 69.824415] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.824762] ? trace_hardirqs_on+0x26/0x120 [ 69.825256] do_group_exit+0xe0/0x2b0 [ 69.825559] __x64_sys_exit_group+0x47/0x50 [ 69.825880] do_syscall_64+0x3b/0x90 [ 69.826168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.826606] RIP: 0033:0x7f4b87518a4d [ 69.826886] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.827384] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.828095] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.828644] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.829171] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.829872] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.830408] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.830991] [ 69.831194] irq event stamp: 0 [ 69.831438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.831935] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.832690] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.833475] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.834007] ---[ end trace 0000000000000000 ]--- [ 69.838301] ------------[ cut here ]------------ [ 69.838847] WARNING: CPU: 0 PID: 566 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.839801] Modules linked in: [ 69.840070] CPU: 0 PID: 566 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.840875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.841901] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.842305] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.844023] RSP: 0018:ffff888015b4fbb8 EFLAGS: 00010246 [ 69.844467] RAX: 0000000000000000 RBX: ffff8880149d90a8 RCX: 0000000000000000 [ 69.845066] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 69.845871] RBP: ffff888015b4fbd0 R08: ffffed100293b233 R09: ffffed100293b233 [ 69.846444] R10: ffff8880149d9193 R11: ffffed100293b232 R12: ffff888017ba7000 [ 69.847070] R13: ffff8880149d91e8 R14: ffffffff8352e670 R15: ffff888015b4fe68 [ 69.847683] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.848604] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.849132] CR2: 00007f4b877410e8 CR3: 0000000018708000 CR4: 0000000000750ef0 [ 69.849753] PKRU: 55555554 [ 69.850061] Call Trace: [ 69.850362] [ 69.850575] __iommufd_access_detach+0x1c2/0x2b0 [ 69.850991] iommufd_access_change_pt+0x149/0x270 [ 69.851499] iommufd_access_replace+0xb4/0x120 [ 69.851975] iommufd_test+0x3e5/0x37e0 [ 69.852477] ? lock_release+0x532/0x770 [ 69.853025] ? __might_fault+0x102/0x1b0 [ 69.853471] ? lock_acquire+0x427/0x4c0 [ 69.853917] ? __pfx_iommufd_test+0x10/0x10 [ 69.854653] ? __pfx_lock_release+0x10/0x10 [ 69.855129] ? __pfx_lock_acquire+0x10/0x10 [ 69.855591] ? write_comp_data+0x2f/0x90 [ 69.856022] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.856554] ? write_comp_data+0x2f/0x90 [ 69.856992] iommufd_fops_ioctl+0x37d/0x510 [ 69.857533] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 69.858217] ? write_comp_data+0x2f/0x90 [ 69.858699] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 69.859220] __x64_sys_ioctl+0x1a3/0x230 [ 69.859644] do_syscall_64+0x3b/0x90 [ 69.860086] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.860680] RIP: 0033:0x7f4b8743ee5d [ 69.861048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 69.863004] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 69.863976] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 69.865040] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 69.865873] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 69.866961] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 69.867761] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 69.868965] [ 69.869252] irq event stamp: 0 [ 69.869613] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.870692] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.871652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.872608] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.873464] ---[ end trace 0000000000000000 ]--- [ 69.878422] ------------[ cut here ]------------ [ 69.879247] WARNING: CPU: 0 PID: 566 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.880386] Modules linked in: [ 69.880761] CPU: 0 PID: 566 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.881718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.882994] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.883588] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.885619] RSP: 0018:ffff888015b4fbd0 EFLAGS: 00010246 [ 69.886222] RAX: 0000000000000000 RBX: ffff8880149d90a8 RCX: 0000000000000000 [ 69.887052] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 69.887874] RBP: ffff888015b4fbe8 R08: ffffed100293b233 R09: ffffed100293b233 [ 69.888682] R10: ffff8880149d9193 R11: ffffed100293b232 R12: ffff888012f1ec00 [ 69.889482] R13: ffff8880149d91e8 R14: ffff888011f09a00 R15: 0000000000000000 [ 69.890280] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.891253] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.891936] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 69.892771] PKRU: 55555554 [ 69.893109] Call Trace: [ 69.893407] [ 69.893676] iommufd_access_destroy_object+0x65/0x170 [ 69.894286] iommufd_object_destroy_user+0x18e/0x220 [ 69.894916] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 69.895632] iommufd_access_destroy+0x43/0x70 [ 69.896181] iommufd_test_staccess_release+0x8d/0xd0 [ 69.896786] __fput+0x26d/0xa40 [ 69.897197] ____fput+0x1e/0x30 [ 69.897597] task_work_run+0x1a4/0x2d0 [ 69.898063] ? __pfx_task_work_run+0x10/0x10 [ 69.898618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.899229] ? switch_task_namespaces+0xa9/0xe0 [ 69.899797] do_exit+0xb17/0x2ef0 [ 69.900211] ? lock_acquire+0x427/0x4c0 [ 69.900695] ? __pfx_lock_release+0x10/0x10 [ 69.901209] ? __kasan_check_write+0x18/0x20 [ 69.901729] ? do_raw_spin_lock+0x132/0x2a0 [ 69.902233] ? __pfx_do_exit+0x10/0x10 [ 69.902734] ? debug_smp_processor_id+0x20/0x30 [ 69.903306] ? rcu_is_watching+0x19/0xb0 [ 69.903786] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.904320] ? trace_hardirqs_on+0x26/0x120 [ 69.904829] do_group_exit+0xe0/0x2b0 [ 69.905279] __x64_sys_exit_group+0x47/0x50 [ 69.905780] do_syscall_64+0x3b/0x90 [ 69.906229] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.906877] RIP: 0033:0x7f4b87518a4d [ 69.907347] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.908066] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.908967] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.909811] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.910684] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.911561] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.912411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.913272] [ 69.913560] irq event stamp: 0 [ 69.913940] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.914720] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.915750] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.916747] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.917495] ---[ end trace 0000000000000000 ]--- [ 69.919414] ------------[ cut here ]------------ [ 69.920008] WARNING: CPU: 0 PID: 566 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 69.921231] Modules linked in: [ 69.921695] CPU: 0 PID: 566 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.922975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.924361] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 69.925205] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 69.927693] RSP: 0018:ffff888015b4fb78 EFLAGS: 00010246 [ 69.928354] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 69.929220] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 69.930299] RBP: ffff888015b4fb98 R08: ffffed100293b23e R09: ffffed100293b23e [ 69.931238] R10: ffff8880149d91ef R11: ffffed100293b23d R12: ffff8880149d9290 [ 69.932158] R13: ffff8880149d90a8 R14: ffffffffffffffff R15: ffff888015b4fc60 [ 69.933159] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.934168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.935204] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 69.936109] PKRU: 55555554 [ 69.936475] Call Trace: [ 69.936800] [ 69.937131] iommufd_ioas_destroy+0x53/0x70 [ 69.937859] iommufd_fops_release+0x1f7/0x370 [ 69.938453] ? __pfx_iommufd_fops_release+0x10/0x10 [ 69.939158] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.939813] ? write_comp_data+0x2f/0x90 [ 69.940554] ? __pfx_iommufd_fops_release+0x10/0x10 [ 69.941211] __fput+0x26d/0xa40 [ 69.941666] ____fput+0x1e/0x30 [ 69.942103] task_work_run+0x1a4/0x2d0 [ 69.942663] ? __pfx_task_work_run+0x10/0x10 [ 69.943467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 69.944114] ? switch_task_namespaces+0xa9/0xe0 [ 69.944739] do_exit+0xb17/0x2ef0 [ 69.945198] ? lock_acquire+0x427/0x4c0 [ 69.945970] ? __pfx_lock_release+0x10/0x10 [ 69.946590] ? __kasan_check_write+0x18/0x20 [ 69.947211] ? do_raw_spin_lock+0x132/0x2a0 [ 69.947781] ? __pfx_do_exit+0x10/0x10 [ 69.948310] ? debug_smp_processor_id+0x20/0x30 [ 69.949162] ? rcu_is_watching+0x19/0xb0 [ 69.949718] ? _raw_spin_unlock_irq+0x2b/0x60 [ 69.950325] ? trace_hardirqs_on+0x26/0x120 [ 69.951013] do_group_exit+0xe0/0x2b0 [ 69.951687] __x64_sys_exit_group+0x47/0x50 [ 69.952278] do_syscall_64+0x3b/0x90 [ 69.952791] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 69.953476] RIP: 0033:0x7f4b87518a4d [ 69.954202] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 69.955033] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 69.956042] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 69.957066] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 69.958129] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 69.959105] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 69.960285] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 69.961247] [ 69.961567] irq event stamp: 0 [ 69.962023] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 69.963075] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 69.964275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 69.965534] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 69.966617] ---[ end trace 0000000000000000 ]--- [ 69.974556] ------------[ cut here ]------------ [ 69.975287] WARNING: CPU: 0 PID: 567 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 69.976971] Modules linked in: [ 69.977438] CPU: 0 PID: 567 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 69.978767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 69.980407] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 69.981111] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 69.983918] RSP: 0018:ffff888018657bb8 EFLAGS: 00010246 [ 69.984940] RAX: 0000000000000000 RBX: ffff88800b31a0a8 RCX: 0000000000000000 [ 69.985897] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 69.986967] RBP: ffff888018657bd0 R08: ffffed1001663433 R09: ffffed1001663433 [ 69.988129] R10: ffff88800b31a193 R11: ffffed1001663432 R12: ffff888016636400 [ 69.989099] R13: ffff88800b31a1e8 R14: ffffffff8352e670 R15: ffff888018657e68 [ 69.990088] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 69.991562] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.992361] CR2: 00007f4b877410e8 CR3: 0000000018708000 CR4: 0000000000750ef0 [ 69.993379] PKRU: 55555554 [ 69.993982] Call Trace: [ 69.994360] [ 69.994726] __iommufd_access_detach+0x1c2/0x2b0 [ 69.995445] iommufd_access_change_pt+0x149/0x270 [ 69.996137] iommufd_access_replace+0xb4/0x120 [ 69.997085] iommufd_test+0x3e5/0x37e0 [ 69.997644] ? lock_release+0x532/0x770 [ 69.998211] ? __might_fault+0x102/0x1b0 [ 69.998882] ? lock_acquire+0x427/0x4c0 [ 69.999656] ? __pfx_iommufd_test+0x10/0x10 [ 70.000269] ? __pfx_lock_release+0x10/0x10 [ 70.000878] ? __pfx_lock_acquire+0x10/0x10 [ 70.001480] ? write_comp_data+0x2f/0x90 [ 70.002341] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.003183] ? write_comp_data+0x2f/0x90 [ 70.003787] iommufd_fops_ioctl+0x37d/0x510 [ 70.004398] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.005308] ? write_comp_data+0x2f/0x90 [ 70.005897] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.006608] __x64_sys_ioctl+0x1a3/0x230 [ 70.007242] do_syscall_64+0x3b/0x90 [ 70.007775] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.008483] RIP: 0033:0x7f4b8743ee5d [ 70.008981] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.011409] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.012421] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.013356] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.014287] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.015293] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.016244] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.017204] [ 70.017519] irq event stamp: 0 [ 70.017941] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.018809] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.019963] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.021070] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.021903] ---[ end trace 0000000000000000 ]--- [ 70.027497] ------------[ cut here ]------------ [ 70.028461] WARNING: CPU: 0 PID: 567 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.029817] Modules linked in: [ 70.030368] CPU: 0 PID: 567 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.031770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.033283] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.033966] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.036358] RSP: 0018:ffff888018657bd0 EFLAGS: 00010246 [ 70.037098] RAX: 0000000000000000 RBX: ffff88800b31a0a8 RCX: 0000000000000000 [ 70.038051] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 70.039032] RBP: ffff888018657be8 R08: ffffed1001663433 R09: ffffed1001663433 [ 70.040015] R10: ffff88800b31a193 R11: ffffed1001663432 R12: ffff888017ba5c00 [ 70.040966] R13: ffff88800b31a1e8 R14: ffff888020985a00 R15: 0000000000000000 [ 70.041904] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.043006] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.043815] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 70.044764] PKRU: 55555554 [ 70.045145] Call Trace: [ 70.045490] [ 70.045800] iommufd_access_destroy_object+0x65/0x170 [ 70.046550] iommufd_object_destroy_user+0x18e/0x220 [ 70.047294] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.048090] iommufd_access_destroy+0x43/0x70 [ 70.048708] iommufd_test_staccess_release+0x8d/0xd0 [ 70.049403] __fput+0x26d/0xa40 [ 70.049873] ____fput+0x1e/0x30 [ 70.050334] task_work_run+0x1a4/0x2d0 [ 70.050912] ? __pfx_task_work_run+0x10/0x10 [ 70.051557] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.052232] ? switch_task_namespaces+0xa9/0xe0 [ 70.052882] do_exit+0xb17/0x2ef0 [ 70.053354] ? lock_acquire+0x427/0x4c0 [ 70.053903] ? __pfx_lock_release+0x10/0x10 [ 70.054493] ? __kasan_check_write+0x18/0x20 [ 70.055183] ? do_raw_spin_lock+0x132/0x2a0 [ 70.055782] ? __pfx_do_exit+0x10/0x10 [ 70.056325] ? debug_smp_processor_id+0x20/0x30 [ 70.056960] ? rcu_is_watching+0x19/0xb0 [ 70.057506] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.058123] ? trace_hardirqs_on+0x26/0x120 [ 70.058759] do_group_exit+0xe0/0x2b0 [ 70.059325] __x64_sys_exit_group+0x47/0x50 [ 70.059917] do_syscall_64+0x3b/0x90 [ 70.060439] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.061145] RIP: 0033:0x7f4b87518a4d [ 70.061646] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.062460] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.063523] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.064483] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.065440] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.066386] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.067397] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.068372] [ 70.068695] irq event stamp: 0 [ 70.069120] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.069958] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.071101] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.072251] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.073101] ---[ end trace 0000000000000000 ]--- [ 70.074916] ------------[ cut here ]------------ [ 70.075621] WARNING: CPU: 0 PID: 567 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.077013] Modules linked in: [ 70.077480] CPU: 0 PID: 567 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.079414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.080970] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.081979] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.084819] RSP: 0018:ffff888018657b78 EFLAGS: 00010246 [ 70.085565] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.086582] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 70.087680] RBP: ffff888018657b98 R08: ffffed100166343e R09: ffffed100166343e [ 70.088835] R10: ffff88800b31a1ef R11: ffffed100166343d R12: ffff88800b31a290 [ 70.089828] R13: ffff88800b31a0a8 R14: ffffffffffffffff R15: ffff888018657c60 [ 70.091149] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.092265] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.093066] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 70.094114] PKRU: 55555554 [ 70.094771] Call Trace: [ 70.095171] [ 70.095488] iommufd_ioas_destroy+0x53/0x70 [ 70.096090] iommufd_fops_release+0x1f7/0x370 [ 70.096715] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.097709] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.098418] ? write_comp_data+0x2f/0x90 [ 70.099063] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.099797] __fput+0x26d/0xa40 [ 70.100326] ____fput+0x1e/0x30 [ 70.101003] task_work_run+0x1a4/0x2d0 [ 70.101576] ? __pfx_task_work_run+0x10/0x10 [ 70.102189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.102985] ? switch_task_namespaces+0xa9/0xe0 [ 70.103812] do_exit+0xb17/0x2ef0 [ 70.104200] ? lock_acquire+0x427/0x4c0 [ 70.104615] ? __pfx_lock_release+0x10/0x10 [ 70.105077] ? __kasan_check_write+0x18/0x20 [ 70.105527] ? do_raw_spin_lock+0x132/0x2a0 [ 70.106092] ? __pfx_do_exit+0x10/0x10 [ 70.107141] ? debug_smp_processor_id+0x20/0x30 [ 70.107695] ? rcu_is_watching+0x19/0xb0 [ 70.108118] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.108597] ? trace_hardirqs_on+0x26/0x120 [ 70.109071] do_group_exit+0xe0/0x2b0 [ 70.109474] __x64_sys_exit_group+0x47/0x50 [ 70.109914] do_syscall_64+0x3b/0x90 [ 70.110301] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.110898] RIP: 0033:0x7f4b87518a4d [ 70.111298] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.111941] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.112722] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.113448] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.114190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.114965] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.115702] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.116448] [ 70.116692] irq event stamp: 0 [ 70.117025] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.117687] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.118596] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.119483] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.120118] ---[ end trace 0000000000000000 ]--- [ 70.126293] ------------[ cut here ]------------ [ 70.126916] WARNING: CPU: 0 PID: 568 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.128008] Modules linked in: [ 70.128355] CPU: 0 PID: 568 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.129284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.130699] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.131273] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.133187] RSP: 0018:ffff88801613fbb8 EFLAGS: 00010246 [ 70.133736] RAX: 0000000000000000 RBX: ffff88801479f0a8 RCX: 0000000000000000 [ 70.134471] RDX: 0000000000000000 RSI: ffff888016e8ca00 RDI: 0000000000000002 [ 70.135272] RBP: ffff88801613fbd0 R08: ffffed10028f3e33 R09: ffffed10028f3e33 [ 70.136017] R10: ffff88801479f193 R11: ffffed10028f3e32 R12: ffff888021b99c00 [ 70.136762] R13: ffff88801479f1e8 R14: ffffffff8352e670 R15: ffff88801613fe68 [ 70.137507] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.138255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.138838] CR2: 0000000020000140 CR3: 000000001884c000 CR4: 0000000000750ef0 [ 70.139529] PKRU: 55555554 [ 70.139803] Call Trace: [ 70.140044] [ 70.140256] __iommufd_access_detach+0x1c2/0x2b0 [ 70.140743] iommufd_access_change_pt+0x149/0x270 [ 70.141218] iommufd_access_replace+0xb4/0x120 [ 70.141669] iommufd_test+0x3e5/0x37e0 [ 70.142043] ? lock_release+0x532/0x770 [ 70.142432] ? __might_fault+0x102/0x1b0 [ 70.142871] ? lock_acquire+0x427/0x4c0 [ 70.143281] ? __pfx_iommufd_test+0x10/0x10 [ 70.143707] ? __pfx_lock_release+0x10/0x10 [ 70.144309] ? __pfx_lock_acquire+0x10/0x10 [ 70.144898] ? write_comp_data+0x2f/0x90 [ 70.145431] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.146046] ? write_comp_data+0x2f/0x90 [ 70.146641] iommufd_fops_ioctl+0x37d/0x510 [ 70.147217] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.147841] ? write_comp_data+0x2f/0x90 [ 70.148369] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.148985] __x64_sys_ioctl+0x1a3/0x230 [ 70.149516] do_syscall_64+0x3b/0x90 [ 70.150005] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.150706] RIP: 0033:0x7f4b8743ee5d [ 70.151254] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.152982] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.153673] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.154336] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.155036] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.155700] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.156363] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.157007] [ 70.157212] irq event stamp: 0 [ 70.157487] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.158040] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.158810] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.159575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.160126] ---[ end trace 0000000000000000 ]--- [ 70.163265] ------------[ cut here ]------------ [ 70.163748] WARNING: CPU: 0 PID: 568 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.164641] Modules linked in: [ 70.164935] CPU: 0 PID: 568 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.165680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.166700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.167171] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.168784] RSP: 0018:ffff88801613fbd0 EFLAGS: 00010246 [ 70.169277] RAX: 0000000000000000 RBX: ffff88801479f0a8 RCX: 0000000000000000 [ 70.169889] RDX: 0000000000000000 RSI: ffff888016e8ca00 RDI: 0000000000000002 [ 70.170550] RBP: ffff88801613fbe8 R08: ffffed10028f3e33 R09: ffffed10028f3e33 [ 70.171193] R10: ffff88801479f193 R11: ffffed10028f3e32 R12: ffff888016634800 [ 70.171818] R13: ffff88801479f1e8 R14: ffff888020876100 R15: 0000000000000000 [ 70.172462] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.173175] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.173702] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.174327] PKRU: 55555554 [ 70.174602] Call Trace: [ 70.174828] [ 70.175026] iommufd_access_destroy_object+0x65/0x170 [ 70.175506] iommufd_object_destroy_user+0x18e/0x220 [ 70.175965] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.176481] iommufd_access_destroy+0x43/0x70 [ 70.176894] iommufd_test_staccess_release+0x8d/0xd0 [ 70.177341] __fput+0x26d/0xa40 [ 70.177661] ____fput+0x1e/0x30 [ 70.177956] task_work_run+0x1a4/0x2d0 [ 70.178301] ? __pfx_task_work_run+0x10/0x10 [ 70.178724] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.179168] ? switch_task_namespaces+0xa9/0xe0 [ 70.179578] do_exit+0xb17/0x2ef0 [ 70.179903] ? lock_acquire+0x427/0x4c0 [ 70.180255] ? __pfx_lock_release+0x10/0x10 [ 70.180632] ? __kasan_check_write+0x18/0x20 [ 70.181039] ? do_raw_spin_lock+0x132/0x2a0 [ 70.181412] ? __pfx_do_exit+0x10/0x10 [ 70.181757] ? debug_smp_processor_id+0x20/0x30 [ 70.182185] ? rcu_is_watching+0x19/0xb0 [ 70.182560] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.182972] ? trace_hardirqs_on+0x26/0x120 [ 70.183364] do_group_exit+0xe0/0x2b0 [ 70.183694] __x64_sys_exit_group+0x47/0x50 [ 70.184071] do_syscall_64+0x3b/0x90 [ 70.184415] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.184867] RIP: 0033:0x7f4b87518a4d [ 70.185254] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.185786] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.186459] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.187092] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.187749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.188388] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.189007] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.189652] [ 70.189854] irq event stamp: 0 [ 70.190124] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.190715] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.191451] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.192198] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.192763] ---[ end trace 0000000000000000 ]--- [ 70.193539] ------------[ cut here ]------------ [ 70.193977] WARNING: CPU: 0 PID: 568 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.194876] Modules linked in: [ 70.195183] CPU: 0 PID: 568 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.195926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.196905] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.197371] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.198968] RSP: 0018:ffff88801613fb78 EFLAGS: 00010246 [ 70.199467] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.200086] RDX: 0000000000000000 RSI: ffff888016e8ca00 RDI: 0000000000000002 [ 70.200717] RBP: ffff88801613fb98 R08: ffffed10028f3e3e R09: ffffed10028f3e3e [ 70.201320] R10: ffff88801479f1ef R11: ffffed10028f3e3d R12: ffff88801479f290 [ 70.201939] R13: ffff88801479f0a8 R14: ffffffffffffffff R15: ffff88801613fc60 [ 70.202593] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.203313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.203852] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.204466] PKRU: 55555554 [ 70.204725] Call Trace: [ 70.204959] [ 70.205155] iommufd_ioas_destroy+0x53/0x70 [ 70.205531] iommufd_fops_release+0x1f7/0x370 [ 70.205954] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.206385] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.206834] ? write_comp_data+0x2f/0x90 [ 70.207237] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.207675] __fput+0x26d/0xa40 [ 70.207984] ____fput+0x1e/0x30 [ 70.208286] task_work_run+0x1a4/0x2d0 [ 70.208628] ? __pfx_task_work_run+0x10/0x10 [ 70.209010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.209469] ? switch_task_namespaces+0xa9/0xe0 [ 70.209880] do_exit+0xb17/0x2ef0 [ 70.210206] ? lock_acquire+0x427/0x4c0 [ 70.210605] ? __pfx_lock_release+0x10/0x10 [ 70.210988] ? __kasan_check_write+0x18/0x20 [ 70.211410] ? do_raw_spin_lock+0x132/0x2a0 [ 70.211785] ? __pfx_do_exit+0x10/0x10 [ 70.212125] ? debug_smp_processor_id+0x20/0x30 [ 70.212541] ? rcu_is_watching+0x19/0xb0 [ 70.212879] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.213256] ? trace_hardirqs_on+0x26/0x120 [ 70.213652] do_group_exit+0xe0/0x2b0 [ 70.213969] __x64_sys_exit_group+0x47/0x50 [ 70.214325] do_syscall_64+0x3b/0x90 [ 70.214689] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.215144] RIP: 0033:0x7f4b87518a4d [ 70.215452] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.215984] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.216618] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.217235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.217823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.218392] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.219001] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.219588] [ 70.219780] irq event stamp: 0 [ 70.220053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.220568] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.221272] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.221942] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.222463] ---[ end trace 0000000000000000 ]--- [ 70.227123] ------------[ cut here ]------------ [ 70.227544] WARNING: CPU: 0 PID: 569 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.228363] Modules linked in: [ 70.228619] CPU: 0 PID: 569 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.229325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.230228] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.230662] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.232184] RSP: 0018:ffff888021bffbb8 EFLAGS: 00010246 [ 70.232610] RAX: 0000000000000000 RBX: ffff88801891d8a8 RCX: 0000000000000000 [ 70.233170] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 70.233742] RBP: ffff888021bffbd0 R08: ffffed1003123b33 R09: ffffed1003123b33 [ 70.234309] R10: ffff88801891d993 R11: ffffed1003123b32 R12: ffff888021ba8000 [ 70.234906] R13: ffff88801891d9e8 R14: ffffffff8352e670 R15: ffff888021bffe68 [ 70.235497] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.236126] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.236607] CR2: 0000000020000140 CR3: 000000001845e000 CR4: 0000000000750ef0 [ 70.237165] PKRU: 55555554 [ 70.237388] Call Trace: [ 70.237613] [ 70.237800] __iommufd_access_detach+0x1c2/0x2b0 [ 70.238183] iommufd_access_change_pt+0x149/0x270 [ 70.238609] iommufd_access_replace+0xb4/0x120 [ 70.239006] iommufd_test+0x3e5/0x37e0 [ 70.239323] ? lock_release+0x532/0x770 [ 70.239645] ? __might_fault+0x102/0x1b0 [ 70.240008] ? lock_acquire+0x427/0x4c0 [ 70.240330] ? __pfx_iommufd_test+0x10/0x10 [ 70.240670] ? __pfx_lock_release+0x10/0x10 [ 70.241062] ? __pfx_lock_acquire+0x10/0x10 [ 70.241408] ? write_comp_data+0x2f/0x90 [ 70.241740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.242148] ? write_comp_data+0x2f/0x90 [ 70.242476] iommufd_fops_ioctl+0x37d/0x510 [ 70.242848] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.243279] ? write_comp_data+0x2f/0x90 [ 70.243612] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.244002] __x64_sys_ioctl+0x1a3/0x230 [ 70.244360] do_syscall_64+0x3b/0x90 [ 70.244661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.245089] RIP: 0033:0x7f4b8743ee5d [ 70.245404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.246878] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.247517] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.248074] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.248660] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.249215] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.249802] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.250366] [ 70.250589] irq event stamp: 0 [ 70.250853] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.251361] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.252045] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.252708] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.253208] ---[ end trace 0000000000000000 ]--- [ 70.256092] ------------[ cut here ]------------ [ 70.256494] WARNING: CPU: 0 PID: 569 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.257302] Modules linked in: [ 70.257555] CPU: 0 PID: 569 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.258248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.259163] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.259567] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.261011] RSP: 0018:ffff888021bffbd0 EFLAGS: 00010246 [ 70.261459] RAX: 0000000000000000 RBX: ffff88801891d8a8 RCX: 0000000000000000 [ 70.262016] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 70.262623] RBP: ffff888021bffbe8 R08: ffffed1003123b33 R09: ffffed1003123b33 [ 70.263184] R10: ffff88801891d993 R11: ffffed1003123b32 R12: ffff888021b98c00 [ 70.263770] R13: ffff88801891d9e8 R14: ffff88801091e700 R15: 0000000000000000 [ 70.264321] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.264978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.265435] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.266024] PKRU: 55555554 [ 70.266245] Call Trace: [ 70.266445] [ 70.266662] iommufd_access_destroy_object+0x65/0x170 [ 70.267087] iommufd_object_destroy_user+0x18e/0x220 [ 70.267501] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.267994] iommufd_access_destroy+0x43/0x70 [ 70.268360] iommufd_test_staccess_release+0x8d/0xd0 [ 70.268786] __fput+0x26d/0xa40 [ 70.269076] ____fput+0x1e/0x30 [ 70.269342] task_work_run+0x1a4/0x2d0 [ 70.269659] ? __pfx_task_work_run+0x10/0x10 [ 70.270046] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.270434] ? switch_task_namespaces+0xa9/0xe0 [ 70.270850] do_exit+0xb17/0x2ef0 [ 70.271147] ? lock_acquire+0x427/0x4c0 [ 70.271470] ? __pfx_lock_release+0x10/0x10 [ 70.271820] ? __kasan_check_write+0x18/0x20 [ 70.272192] ? do_raw_spin_lock+0x132/0x2a0 [ 70.272532] ? __pfx_do_exit+0x10/0x10 [ 70.272846] ? debug_smp_processor_id+0x20/0x30 [ 70.273234] ? rcu_is_watching+0x19/0xb0 [ 70.273552] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.273913] ? trace_hardirqs_on+0x26/0x120 [ 70.274281] do_group_exit+0xe0/0x2b0 [ 70.274604] __x64_sys_exit_group+0x47/0x50 [ 70.274950] do_syscall_64+0x3b/0x90 [ 70.275273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.275702] RIP: 0033:0x7f4b87518a4d [ 70.275996] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.276511] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.277106] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.277696] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.278255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.278865] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.279431] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.280031] [ 70.280218] irq event stamp: 0 [ 70.280470] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.280999] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.281660] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.282332] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.282857] ---[ end trace 0000000000000000 ]--- [ 70.283584] ------------[ cut here ]------------ [ 70.283992] WARNING: CPU: 0 PID: 569 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.284782] Modules linked in: [ 70.285068] CPU: 0 PID: 569 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.285746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.286684] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.287103] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.288565] RSP: 0018:ffff888021bffb78 EFLAGS: 00010246 [ 70.288985] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.289561] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 70.290116] RBP: ffff888021bffb98 R08: ffffed1003123b3e R09: ffffed1003123b3e [ 70.290714] R10: ffff88801891d9ef R11: ffffed1003123b3d R12: ffff88801891da90 [ 70.291278] R13: ffff88801891d8a8 R14: ffffffffffffffff R15: ffff888021bffc60 [ 70.291854] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.292495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.292973] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.293542] PKRU: 55555554 [ 70.293776] Call Trace: [ 70.293989] [ 70.294169] iommufd_ioas_destroy+0x53/0x70 [ 70.294537] iommufd_fops_release+0x1f7/0x370 [ 70.294933] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.295339] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.295752] ? write_comp_data+0x2f/0x90 [ 70.296096] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.296493] __fput+0x26d/0xa40 [ 70.296783] ____fput+0x1e/0x30 [ 70.297072] task_work_run+0x1a4/0x2d0 [ 70.297390] ? __pfx_task_work_run+0x10/0x10 [ 70.297745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.298169] ? switch_task_namespaces+0xa9/0xe0 [ 70.298569] do_exit+0xb17/0x2ef0 [ 70.298851] ? lock_acquire+0x427/0x4c0 [ 70.299362] ? __pfx_lock_release+0x10/0x10 [ 70.299866] ? __kasan_check_write+0x18/0x20 [ 70.300366] ? do_raw_spin_lock+0x132/0x2a0 [ 70.300853] ? __pfx_do_exit+0x10/0x10 [ 70.301303] ? debug_smp_processor_id+0x20/0x30 [ 70.301828] ? rcu_is_watching+0x19/0xb0 [ 70.302286] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.302856] ? trace_hardirqs_on+0x26/0x120 [ 70.303359] do_group_exit+0xe0/0x2b0 [ 70.303673] __x64_sys_exit_group+0x47/0x50 [ 70.304008] do_syscall_64+0x3b/0x90 [ 70.304301] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.304703] RIP: 0033:0x7f4b87518a4d [ 70.304985] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.305448] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.306017] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.306581] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.307133] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.307673] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.308215] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.308766] [ 70.308943] irq event stamp: 0 [ 70.309181] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.309651] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.310281] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.310923] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.311406] ---[ end trace 0000000000000000 ]--- [ 70.316619] ------------[ cut here ]------------ [ 70.317152] WARNING: CPU: 0 PID: 570 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.317932] Modules linked in: [ 70.318299] CPU: 0 PID: 570 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.319022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.320015] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.320394] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.321759] RSP: 0018:ffff88801896fbb8 EFLAGS: 00010246 [ 70.322161] RAX: 0000000000000000 RBX: ffff8880189c30a8 RCX: 0000000000000000 [ 70.322711] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 70.323263] RBP: ffff88801896fbd0 R08: ffffed1003138633 R09: ffffed1003138633 [ 70.323801] R10: ffff8880189c3193 R11: ffffed1003138632 R12: ffff888021bb1400 [ 70.324335] R13: ffff8880189c31e8 R14: ffffffff8352e670 R15: ffff88801896fe68 [ 70.324868] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.325471] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.325912] CR2: 00007f4b877410e8 CR3: 000000001845e000 CR4: 0000000000750ef0 [ 70.326451] PKRU: 55555554 [ 70.326690] Call Trace: [ 70.326886] [ 70.327060] __iommufd_access_detach+0x1c2/0x2b0 [ 70.327448] iommufd_access_change_pt+0x149/0x270 [ 70.327828] iommufd_access_replace+0xb4/0x120 [ 70.328188] iommufd_test+0x3e5/0x37e0 [ 70.328486] ? lock_release+0x532/0x770 [ 70.328800] ? __might_fault+0x102/0x1b0 [ 70.329117] ? lock_acquire+0x427/0x4c0 [ 70.329429] ? __pfx_iommufd_test+0x10/0x10 [ 70.329757] ? __pfx_lock_release+0x10/0x10 [ 70.330095] ? __pfx_lock_acquire+0x10/0x10 [ 70.330438] ? write_comp_data+0x2f/0x90 [ 70.330781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.331167] ? write_comp_data+0x2f/0x90 [ 70.331490] iommufd_fops_ioctl+0x37d/0x510 [ 70.331826] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.332201] ? write_comp_data+0x2f/0x90 [ 70.332519] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.332895] __x64_sys_ioctl+0x1a3/0x230 [ 70.333219] do_syscall_64+0x3b/0x90 [ 70.333520] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.333923] RIP: 0033:0x7f4b8743ee5d [ 70.334208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.335633] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.336222] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.336774] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.337321] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.337872] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.338424] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.339005] [ 70.339205] irq event stamp: 0 [ 70.339452] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.339940] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.340590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.341238] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.341724] ---[ end trace 0000000000000000 ]--- [ 70.344915] ------------[ cut here ]------------ [ 70.345301] WARNING: CPU: 0 PID: 570 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.346284] Modules linked in: [ 70.346565] CPU: 0 PID: 570 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.347247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.348189] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.348655] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.350067] RSP: 0018:ffff88801896fbd0 EFLAGS: 00010246 [ 70.350480] RAX: 0000000000000000 RBX: ffff8880189c30a8 RCX: 0000000000000000 [ 70.351058] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 70.351619] RBP: ffff88801896fbe8 R08: ffffed1003138633 R09: ffffed1003138633 [ 70.352170] R10: ffff8880189c3193 R11: ffffed1003138632 R12: ffff888021bab000 [ 70.352721] R13: ffff8880189c31e8 R14: ffff888012bfb200 R15: 0000000000000000 [ 70.353269] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.353888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.354335] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.354906] PKRU: 55555554 [ 70.355136] Call Trace: [ 70.355343] [ 70.355524] iommufd_access_destroy_object+0x65/0x170 [ 70.355932] iommufd_object_destroy_user+0x18e/0x220 [ 70.356333] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.356791] iommufd_access_destroy+0x43/0x70 [ 70.357153] iommufd_test_staccess_release+0x8d/0xd0 [ 70.357778] __fput+0x26d/0xa40 [ 70.358056] ____fput+0x1e/0x30 [ 70.358321] task_work_run+0x1a4/0x2d0 [ 70.358652] ? __pfx_task_work_run+0x10/0x10 [ 70.359011] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.359414] ? switch_task_namespaces+0xa9/0xe0 [ 70.359791] do_exit+0xb17/0x2ef0 [ 70.360089] ? lock_acquire+0x427/0x4c0 [ 70.360533] ? __pfx_lock_release+0x10/0x10 [ 70.360880] ? __kasan_check_write+0x18/0x20 [ 70.361239] ? do_raw_spin_lock+0x132/0x2a0 [ 70.361574] ? __pfx_do_exit+0x10/0x10 [ 70.361887] ? debug_smp_processor_id+0x20/0x30 [ 70.362407] ? rcu_is_watching+0x19/0xb0 [ 70.362753] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.363124] ? trace_hardirqs_on+0x26/0x120 [ 70.363469] do_group_exit+0xe0/0x2b0 [ 70.363772] __x64_sys_exit_group+0x47/0x50 [ 70.364113] do_syscall_64+0x3b/0x90 [ 70.364415] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.364855] RIP: 0033:0x7f4b87518a4d [ 70.365273] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.365752] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.366340] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.366913] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.367637] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.368190] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.368737] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.369297] [ 70.369479] irq event stamp: 0 [ 70.369767] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.370364] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.371037] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.371700] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.372225] ---[ end trace 0000000000000000 ]--- [ 70.373054] ------------[ cut here ]------------ [ 70.373428] WARNING: CPU: 0 PID: 570 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.374219] Modules linked in: [ 70.374476] CPU: 0 PID: 570 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.375344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.376242] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.376661] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.378110] RSP: 0018:ffff88801896fb78 EFLAGS: 00010246 [ 70.378557] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.379154] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 70.379735] RBP: ffff88801896fb98 R08: ffffed100313863e R09: ffffed100313863e [ 70.380321] R10: ffff8880189c31ef R11: ffffed100313863d R12: ffff8880189c3290 [ 70.380906] R13: ffff8880189c30a8 R14: ffffffffffffffff R15: ffff88801896fc60 [ 70.381492] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.382148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.382644] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.383246] PKRU: 55555554 [ 70.383481] Call Trace: [ 70.383692] [ 70.383883] iommufd_ioas_destroy+0x53/0x70 [ 70.384246] iommufd_fops_release+0x1f7/0x370 [ 70.384626] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.385047] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.385461] ? write_comp_data+0x2f/0x90 [ 70.385807] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.386221] __fput+0x26d/0xa40 [ 70.386536] ____fput+0x1e/0x30 [ 70.386825] task_work_run+0x1a4/0x2d0 [ 70.387172] ? __pfx_task_work_run+0x10/0x10 [ 70.387546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.387960] ? switch_task_namespaces+0xa9/0xe0 [ 70.388360] do_exit+0xb17/0x2ef0 [ 70.388652] ? lock_acquire+0x427/0x4c0 [ 70.388998] ? __pfx_lock_release+0x10/0x10 [ 70.389378] ? __kasan_check_write+0x18/0x20 [ 70.389745] ? do_raw_spin_lock+0x132/0x2a0 [ 70.390108] ? __pfx_do_exit+0x10/0x10 [ 70.390440] ? debug_smp_processor_id+0x20/0x30 [ 70.390851] ? rcu_is_watching+0x19/0xb0 [ 70.391211] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.391595] ? trace_hardirqs_on+0x26/0x120 [ 70.391961] do_group_exit+0xe0/0x2b0 [ 70.392278] __x64_sys_exit_group+0x47/0x50 [ 70.392632] do_syscall_64+0x3b/0x90 [ 70.392946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.393379] RIP: 0033:0x7f4b87518a4d [ 70.393686] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.394187] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.394832] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.395431] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.396016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.396600] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.397189] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.397783] [ 70.397976] irq event stamp: 0 [ 70.398237] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.398778] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.399496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.400187] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.400712] ---[ end trace 0000000000000000 ]--- [ 70.405198] ------------[ cut here ]------------ [ 70.405602] WARNING: CPU: 0 PID: 571 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.406795] Modules linked in: [ 70.407067] CPU: 0 PID: 571 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.407791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.408776] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.409288] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.410816] RSP: 0018:ffff88801048fbb8 EFLAGS: 00010246 [ 70.411417] RAX: 0000000000000000 RBX: ffff888018a608a8 RCX: 0000000000000000 [ 70.412008] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 70.412592] RBP: ffff88801048fbd0 R08: ffffed100314c133 R09: ffffed100314c133 [ 70.413195] R10: ffff888018a60993 R11: ffffed100314c132 R12: ffff888021bc1c00 [ 70.413941] R13: ffff888018a609e8 R14: ffffffff8352e670 R15: ffff88801048fe68 [ 70.414544] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.415214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.415690] CR2: 0000000020000140 CR3: 0000000020d06000 CR4: 0000000000750ef0 [ 70.416449] PKRU: 55555554 [ 70.416683] Call Trace: [ 70.416895] [ 70.417081] __iommufd_access_detach+0x1c2/0x2b0 [ 70.417489] iommufd_access_change_pt+0x149/0x270 [ 70.417900] iommufd_access_replace+0xb4/0x120 [ 70.418453] iommufd_test+0x3e5/0x37e0 [ 70.418794] ? lock_release+0x532/0x770 [ 70.419143] ? __might_fault+0x102/0x1b0 [ 70.419488] ? lock_acquire+0x427/0x4c0 [ 70.419826] ? __pfx_iommufd_test+0x10/0x10 [ 70.420179] ? __pfx_lock_release+0x10/0x10 [ 70.420542] ? __pfx_lock_acquire+0x10/0x10 [ 70.420915] ? write_comp_data+0x2f/0x90 [ 70.421283] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.421736] ? write_comp_data+0x2f/0x90 [ 70.422221] iommufd_fops_ioctl+0x37d/0x510 [ 70.422612] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.423022] ? write_comp_data+0x2f/0x90 [ 70.423376] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.423779] __x64_sys_ioctl+0x1a3/0x230 [ 70.424129] do_syscall_64+0x3b/0x90 [ 70.424471] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.425047] RIP: 0033:0x7f4b8743ee5d [ 70.425358] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.426872] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.427549] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.428277] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.428860] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.429439] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.430176] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.430782] [ 70.430975] irq event stamp: 0 [ 70.431241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.431759] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.432625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.433310] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.433826] ---[ end trace 0000000000000000 ]--- [ 70.436950] ------------[ cut here ]------------ [ 70.437359] WARNING: CPU: 0 PID: 571 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.438183] Modules linked in: [ 70.438445] CPU: 0 PID: 571 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.439387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.440310] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.440723] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.442381] RSP: 0018:ffff88801048fbd0 EFLAGS: 00010246 [ 70.442840] RAX: 0000000000000000 RBX: ffff888018a608a8 RCX: 0000000000000000 [ 70.443428] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 70.444098] RBP: ffff88801048fbe8 R08: ffffed100314c133 R09: ffffed100314c133 [ 70.444761] R10: ffff888018a60993 R11: ffffed100314c132 R12: ffff888021bb3400 [ 70.445342] R13: ffff888018a609e8 R14: ffff88801235b800 R15: 0000000000000000 [ 70.445963] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.446758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.447246] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.447835] PKRU: 55555554 [ 70.448067] Call Trace: [ 70.448279] [ 70.448498] iommufd_access_destroy_object+0x65/0x170 [ 70.449070] iommufd_object_destroy_user+0x18e/0x220 [ 70.449491] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.449975] iommufd_access_destroy+0x43/0x70 [ 70.450353] iommufd_test_staccess_release+0x8d/0xd0 [ 70.450977] __fput+0x26d/0xa40 [ 70.451272] ____fput+0x1e/0x30 [ 70.451555] task_work_run+0x1a4/0x2d0 [ 70.451889] ? __pfx_task_work_run+0x10/0x10 [ 70.452262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.452672] ? switch_task_namespaces+0xa9/0xe0 [ 70.453072] do_exit+0xb17/0x2ef0 [ 70.453365] ? lock_acquire+0x427/0x4c0 [ 70.453705] ? __pfx_lock_release+0x10/0x10 [ 70.454250] ? __kasan_check_write+0x18/0x20 [ 70.454643] ? do_raw_spin_lock+0x132/0x2a0 [ 70.455000] ? __pfx_do_exit+0x10/0x10 [ 70.455340] ? debug_smp_processor_id+0x20/0x30 [ 70.455729] ? rcu_is_watching+0x19/0xb0 [ 70.456067] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.456449] ? trace_hardirqs_on+0x26/0x120 [ 70.456982] do_group_exit+0xe0/0x2b0 [ 70.457300] __x64_sys_exit_group+0x47/0x50 [ 70.457654] do_syscall_64+0x3b/0x90 [ 70.457970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.458406] RIP: 0033:0x7f4b87518a4d [ 70.458807] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.459408] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.460039] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.460646] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.461256] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.462074] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.462722] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.463354] [ 70.463558] irq event stamp: 0 [ 70.463830] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.464574] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.465292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.466000] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.466691] ---[ end trace 0000000000000000 ]--- [ 70.467544] ------------[ cut here ]------------ [ 70.467957] WARNING: CPU: 0 PID: 571 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.468823] Modules linked in: [ 70.469100] CPU: 0 PID: 571 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.470049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.471030] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.471485] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.473239] RSP: 0018:ffff88801048fb78 EFLAGS: 00010246 [ 70.473704] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.474424] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 70.475162] RBP: ffff88801048fb98 R08: ffffed100314c13e R09: ffffed100314c13e [ 70.475794] R10: ffff888018a609ef R11: ffffed100314c13d R12: ffff888018a60a90 [ 70.476422] R13: ffff888018a608a8 R14: ffffffffffffffff R15: ffff88801048fc60 [ 70.477094] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.477949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.478458] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.479105] PKRU: 55555554 [ 70.479365] Call Trace: [ 70.479593] [ 70.479797] iommufd_ioas_destroy+0x53/0x70 [ 70.480386] iommufd_fops_release+0x1f7/0x370 [ 70.480791] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.481237] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.481675] ? write_comp_data+0x2f/0x90 [ 70.482081] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.482715] __fput+0x26d/0xa40 [ 70.483024] ____fput+0x1e/0x30 [ 70.483333] task_work_run+0x1a4/0x2d0 [ 70.483688] ? __pfx_task_work_run+0x10/0x10 [ 70.484089] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.484530] ? switch_task_namespaces+0xa9/0xe0 [ 70.484954] do_exit+0xb17/0x2ef0 [ 70.485260] ? lock_acquire+0x427/0x4c0 [ 70.485634] ? __pfx_lock_release+0x10/0x10 [ 70.486195] ? __kasan_check_write+0x18/0x20 [ 70.486614] ? do_raw_spin_lock+0x132/0x2a0 [ 70.486993] ? __pfx_do_exit+0x10/0x10 [ 70.487353] ? debug_smp_processor_id+0x20/0x30 [ 70.487770] ? rcu_is_watching+0x19/0xb0 [ 70.488130] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.488572] ? trace_hardirqs_on+0x26/0x120 [ 70.489116] do_group_exit+0xe0/0x2b0 [ 70.489451] __x64_sys_exit_group+0x47/0x50 [ 70.489830] do_syscall_64+0x3b/0x90 [ 70.490164] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.490645] RIP: 0033:0x7f4b87518a4d [ 70.490976] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.491567] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.492369] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.492994] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.493615] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.494419] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.495059] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.495704] [ 70.495913] irq event stamp: 0 [ 70.496188] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.496941] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.497671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.498399] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.499165] ---[ end trace 0000000000000000 ]--- [ 70.504113] ------------[ cut here ]------------ [ 70.504566] WARNING: CPU: 0 PID: 572 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.505592] Modules linked in: [ 70.505877] CPU: 0 PID: 572 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.506666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.507830] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.508270] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.509907] RSP: 0018:ffff888023f17bb8 EFLAGS: 00010246 [ 70.510490] RAX: 0000000000000000 RBX: ffff888011d9f0a8 RCX: 0000000000000000 [ 70.511152] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 70.511774] RBP: ffff888023f17bd0 R08: ffffed10023b3e33 R09: ffffed10023b3e33 [ 70.512408] R10: ffff888011d9f193 R11: ffffed10023b3e32 R12: ffff888013b17800 [ 70.513084] R13: ffff888011d9f1e8 R14: ffffffff8352e670 R15: ffff888023f17e68 [ 70.513856] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.514595] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.515112] CR2: 0000000020000140 CR3: 000000001404c000 CR4: 0000000000750ef0 [ 70.515737] PKRU: 55555554 [ 70.515985] Call Trace: [ 70.516235] [ 70.516587] __iommufd_access_detach+0x1c2/0x2b0 [ 70.517016] iommufd_access_change_pt+0x149/0x270 [ 70.517446] iommufd_access_replace+0xb4/0x120 [ 70.517859] iommufd_test+0x3e5/0x37e0 [ 70.518200] ? lock_release+0x532/0x770 [ 70.518756] ? __might_fault+0x102/0x1b0 [ 70.519132] ? lock_acquire+0x427/0x4c0 [ 70.519492] ? __pfx_iommufd_test+0x10/0x10 [ 70.519873] ? __pfx_lock_release+0x10/0x10 [ 70.520259] ? __pfx_lock_acquire+0x10/0x10 [ 70.520647] ? write_comp_data+0x2f/0x90 [ 70.521017] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.521483] ? write_comp_data+0x2f/0x90 [ 70.521992] iommufd_fops_ioctl+0x37d/0x510 [ 70.522376] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.522836] ? write_comp_data+0x2f/0x90 [ 70.523207] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.523635] __x64_sys_ioctl+0x1a3/0x230 [ 70.524006] do_syscall_64+0x3b/0x90 [ 70.524386] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.524977] RIP: 0033:0x7f4b8743ee5d [ 70.525306] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.527127] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.527795] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.528414] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.529040] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.529866] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.530492] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.531156] [ 70.531364] irq event stamp: 0 [ 70.531638] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.532226] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.533107] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.533834] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.534445] ---[ end trace 0000000000000000 ]--- [ 70.537656] ------------[ cut here ]------------ [ 70.538081] WARNING: CPU: 0 PID: 572 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.539213] Modules linked in: [ 70.539499] CPU: 0 PID: 572 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.540460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.541442] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.541916] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.543676] RSP: 0018:ffff888023f17bd0 EFLAGS: 00010246 [ 70.544144] RAX: 0000000000000000 RBX: ffff888011d9f0a8 RCX: 0000000000000000 [ 70.544764] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 70.545383] RBP: ffff888023f17be8 R08: ffffed10023b3e33 R09: ffffed10023b3e33 [ 70.546005] R10: ffff888011d9f193 R11: ffffed10023b3e32 R12: ffff888021bc0c00 [ 70.546641] R13: ffff888011d9f1e8 R14: ffff888013be6800 R15: 0000000000000000 [ 70.547276] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.547988] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.548494] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.549121] PKRU: 55555554 [ 70.549373] Call Trace: [ 70.549600] [ 70.549801] iommufd_access_destroy_object+0x65/0x170 [ 70.550261] iommufd_object_destroy_user+0x18e/0x220 [ 70.550730] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.551257] iommufd_access_destroy+0x43/0x70 [ 70.551664] iommufd_test_staccess_release+0x8d/0xd0 [ 70.552118] __fput+0x26d/0xa40 [ 70.552425] ____fput+0x1e/0x30 [ 70.552723] task_work_run+0x1a4/0x2d0 [ 70.553076] ? __pfx_task_work_run+0x10/0x10 [ 70.553474] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.553907] ? switch_task_namespaces+0xa9/0xe0 [ 70.554325] do_exit+0xb17/0x2ef0 [ 70.554651] ? lock_acquire+0x427/0x4c0 [ 70.555016] ? __pfx_lock_release+0x10/0x10 [ 70.555409] ? __kasan_check_write+0x18/0x20 [ 70.555804] ? do_raw_spin_lock+0x132/0x2a0 [ 70.556184] ? __pfx_do_exit+0x10/0x10 [ 70.556532] ? debug_smp_processor_id+0x20/0x30 [ 70.556941] ? rcu_is_watching+0x19/0xb0 [ 70.557303] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.557700] ? trace_hardirqs_on+0x26/0x120 [ 70.558081] do_group_exit+0xe0/0x2b0 [ 70.558411] __x64_sys_exit_group+0x47/0x50 [ 70.558811] do_syscall_64+0x3b/0x90 [ 70.559157] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.559618] RIP: 0033:0x7f4b87518a4d [ 70.559947] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.560480] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.561143] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.561757] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.562374] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.563011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.563641] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.564268] [ 70.564471] irq event stamp: 0 [ 70.564750] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.565293] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.566021] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.566757] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.567314] ---[ end trace 0000000000000000 ]--- [ 70.568152] ------------[ cut here ]------------ [ 70.568812] WARNING: CPU: 0 PID: 572 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.569678] Modules linked in: [ 70.569956] CPU: 0 PID: 572 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.570732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.571897] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.572323] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.573988] RSP: 0018:ffff888023f17b78 EFLAGS: 00010246 [ 70.574427] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.575209] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 70.575801] RBP: ffff888023f17b98 R08: ffffed10023b3e3e R09: ffffed10023b3e3e [ 70.576381] R10: ffff888011d9f1ef R11: ffffed10023b3e3d R12: ffff888011d9f290 [ 70.577151] R13: ffff888011d9f0a8 R14: ffffffffffffffff R15: ffff888023f17c60 [ 70.577739] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.578414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.578919] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.579515] PKRU: 55555554 [ 70.579750] Call Trace: [ 70.580011] [ 70.580328] iommufd_ioas_destroy+0x53/0x70 [ 70.580694] iommufd_fops_release+0x1f7/0x370 [ 70.581070] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.581485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.581926] ? write_comp_data+0x2f/0x90 [ 70.582398] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.582847] __fput+0x26d/0xa40 [ 70.583144] ____fput+0x1e/0x30 [ 70.583430] task_work_run+0x1a4/0x2d0 [ 70.583767] ? __pfx_task_work_run+0x10/0x10 [ 70.584138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.584545] ? switch_task_namespaces+0xa9/0xe0 [ 70.585108] do_exit+0xb17/0x2ef0 [ 70.585400] ? lock_acquire+0x427/0x4c0 [ 70.585739] ? __pfx_lock_release+0x10/0x10 [ 70.586101] ? __kasan_check_write+0x18/0x20 [ 70.586470] ? do_raw_spin_lock+0x132/0x2a0 [ 70.586847] ? __pfx_do_exit+0x10/0x10 [ 70.587192] ? debug_smp_processor_id+0x20/0x30 [ 70.587588] ? rcu_is_watching+0x19/0xb0 [ 70.587935] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.588319] ? trace_hardirqs_on+0x26/0x120 [ 70.588687] do_group_exit+0xe0/0x2b0 [ 70.589191] __x64_sys_exit_group+0x47/0x50 [ 70.589557] do_syscall_64+0x3b/0x90 [ 70.589877] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.590315] RIP: 0033:0x7f4b87518a4d [ 70.590647] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.591162] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.591948] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.592535] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.593121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.593868] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.594455] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.595076] [ 70.595288] irq event stamp: 0 [ 70.595554] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.596077] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.596961] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.597648] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.598169] ---[ end trace 0000000000000000 ]--- [ 70.604566] ------------[ cut here ]------------ [ 70.604971] WARNING: CPU: 0 PID: 573 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.605984] Modules linked in: [ 70.606248] CPU: 0 PID: 573 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.606995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.607930] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.608387] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.610020] RSP: 0018:ffff888013f9fbb8 EFLAGS: 00010246 [ 70.610460] RAX: 0000000000000000 RBX: ffff88800f25b0a8 RCX: 0000000000000000 [ 70.611077] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 70.611666] RBP: ffff888013f9fbd0 R08: ffffed1001e4b633 R09: ffffed1001e4b633 [ 70.612250] R10: ffff88800f25b193 R11: ffffed1001e4b632 R12: ffff88801422fc00 [ 70.612836] R13: ffff88800f25b1e8 R14: ffffffff8352e670 R15: ffff888013f9fe68 [ 70.613417] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.614076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.614568] CR2: 0000000020000140 CR3: 0000000016494000 CR4: 0000000000750ef0 [ 70.615170] PKRU: 55555554 [ 70.615405] Call Trace: [ 70.615616] [ 70.615802] __iommufd_access_detach+0x1c2/0x2b0 [ 70.616207] iommufd_access_change_pt+0x149/0x270 [ 70.616616] iommufd_access_replace+0xb4/0x120 [ 70.617004] iommufd_test+0x3e5/0x37e0 [ 70.617329] ? lock_release+0x532/0x770 [ 70.617667] ? __might_fault+0x102/0x1b0 [ 70.618009] ? lock_acquire+0x427/0x4c0 [ 70.618345] ? __pfx_iommufd_test+0x10/0x10 [ 70.618721] ? __pfx_lock_release+0x10/0x10 [ 70.619089] ? __pfx_lock_acquire+0x10/0x10 [ 70.619468] ? write_comp_data+0x2f/0x90 [ 70.619817] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.620225] ? write_comp_data+0x2f/0x90 [ 70.620568] iommufd_fops_ioctl+0x37d/0x510 [ 70.620930] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.621341] ? write_comp_data+0x2f/0x90 [ 70.621687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.622093] __x64_sys_ioctl+0x1a3/0x230 [ 70.622441] do_syscall_64+0x3b/0x90 [ 70.622783] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.623235] RIP: 0033:0x7f4b8743ee5d [ 70.623547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.625035] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.625656] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.626237] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.626843] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.627442] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.628026] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.628617] [ 70.628812] irq event stamp: 0 [ 70.629075] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.629592] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.630283] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.630996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.631526] ---[ end trace 0000000000000000 ]--- [ 70.634370] ------------[ cut here ]------------ [ 70.634823] WARNING: CPU: 0 PID: 573 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.635661] Modules linked in: [ 70.635929] CPU: 0 PID: 573 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.636647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.637566] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.637980] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.639489] RSP: 0018:ffff888013f9fbd0 EFLAGS: 00010246 [ 70.639929] RAX: 0000000000000000 RBX: ffff88800f25b0a8 RCX: 0000000000000000 [ 70.640514] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 70.641097] RBP: ffff888013f9fbe8 R08: ffffed1001e4b633 R09: ffffed1001e4b633 [ 70.641674] R10: ffff88800f25b193 R11: ffffed1001e4b632 R12: ffff888013b15400 [ 70.642256] R13: ffff88800f25b1e8 R14: ffff888014060600 R15: 0000000000000000 [ 70.642855] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.643521] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.643994] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.644576] PKRU: 55555554 [ 70.644812] Call Trace: [ 70.645023] [ 70.645207] iommufd_access_destroy_object+0x65/0x170 [ 70.645636] iommufd_object_destroy_user+0x18e/0x220 [ 70.646056] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.646558] iommufd_access_destroy+0x43/0x70 [ 70.646938] iommufd_test_staccess_release+0x8d/0xd0 [ 70.647371] __fput+0x26d/0xa40 [ 70.647659] ____fput+0x1e/0x30 [ 70.647939] task_work_run+0x1a4/0x2d0 [ 70.648266] ? __pfx_task_work_run+0x10/0x10 [ 70.648629] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.649030] ? switch_task_namespaces+0xa9/0xe0 [ 70.649417] do_exit+0xb17/0x2ef0 [ 70.649701] ? lock_acquire+0x427/0x4c0 [ 70.650034] ? __pfx_lock_release+0x10/0x10 [ 70.650390] ? __kasan_check_write+0x18/0x20 [ 70.650773] ? do_raw_spin_lock+0x132/0x2a0 [ 70.651136] ? __pfx_do_exit+0x10/0x10 [ 70.651461] ? debug_smp_processor_id+0x20/0x30 [ 70.651848] ? rcu_is_watching+0x19/0xb0 [ 70.652183] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.652561] ? trace_hardirqs_on+0x26/0x120 [ 70.652917] do_group_exit+0xe0/0x2b0 [ 70.653235] __x64_sys_exit_group+0x47/0x50 [ 70.653585] do_syscall_64+0x3b/0x90 [ 70.653895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.654323] RIP: 0033:0x7f4b87518a4d [ 70.654645] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.655156] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.655774] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.656350] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.656925] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.657503] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.658082] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.658681] [ 70.658874] irq event stamp: 0 [ 70.659144] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.659661] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.660347] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.661024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.661531] ---[ end trace 0000000000000000 ]--- [ 70.662278] ------------[ cut here ]------------ [ 70.662682] WARNING: CPU: 0 PID: 573 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.663518] Modules linked in: [ 70.663782] CPU: 0 PID: 573 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.664487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.665401] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.665820] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.667324] RSP: 0018:ffff888013f9fb78 EFLAGS: 00010246 [ 70.667762] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.668336] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 70.668911] RBP: ffff888013f9fb98 R08: ffffed1001e4b63e R09: ffffed1001e4b63e [ 70.669485] R10: ffff88800f25b1ef R11: ffffed1001e4b63d R12: ffff88800f25b290 [ 70.670064] R13: ffff88800f25b0a8 R14: ffffffffffffffff R15: ffff888013f9fc60 [ 70.670678] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 70.671339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.671809] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 70.672386] PKRU: 55555554 [ 70.672614] Call Trace: [ 70.672824] [ 70.673010] iommufd_ioas_destroy+0x53/0x70 [ 70.673372] iommufd_fops_release+0x1f7/0x370 [ 70.673747] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.674161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.674587] ? write_comp_data+0x2f/0x90 [ 70.674932] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.675353] __fput+0x26d/0xa40 [ 70.675640] ____fput+0x1e/0x30 [ 70.675921] task_work_run+0x1a4/0x2d0 [ 70.676260] ? __pfx_task_work_run+0x10/0x10 [ 70.676626] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.677027] ? switch_task_namespaces+0xa9/0xe0 [ 70.677416] do_exit+0xb17/0x2ef0 [ 70.677707] ? lock_acquire+0x427/0x4c0 [ 70.678045] ? __pfx_lock_release+0x10/0x10 [ 70.678403] ? __kasan_check_write+0x18/0x20 [ 70.678786] ? do_raw_spin_lock+0x132/0x2a0 [ 70.679152] ? __pfx_do_exit+0x10/0x10 [ 70.679486] ? debug_smp_processor_id+0x20/0x30 [ 70.679883] ? rcu_is_watching+0x19/0xb0 [ 70.680220] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.680598] ? trace_hardirqs_on+0x26/0x120 [ 70.680958] do_group_exit+0xe0/0x2b0 [ 70.681272] __x64_sys_exit_group+0x47/0x50 [ 70.681623] do_syscall_64+0x3b/0x90 [ 70.681936] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.682364] RIP: 0033:0x7f4b87518a4d [ 70.682686] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.683198] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.683817] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.684397] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.684977] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.685557] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.686135] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.686736] [ 70.686928] irq event stamp: 0 [ 70.687198] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.687711] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.688386] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.689066] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.689588] ---[ end trace 0000000000000000 ]--- [ 70.694140] ------------[ cut here ]------------ [ 70.694692] WARNING: CPU: 1 PID: 574 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.695571] Modules linked in: [ 70.695835] CPU: 1 PID: 574 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.696561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.697492] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.697890] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.699462] RSP: 0018:ffff8880120d7bb8 EFLAGS: 00010246 [ 70.699896] RAX: 0000000000000000 RBX: ffff88800bd050a8 RCX: 0000000000000000 [ 70.700512] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 70.701091] RBP: ffff8880120d7bd0 R08: ffffed10017a0a33 R09: ffffed10017a0a33 [ 70.701704] R10: ffff88800bd05193 R11: ffffed10017a0a32 R12: ffff888020aabc00 [ 70.702273] R13: ffff88800bd051e8 R14: ffffffff8352e670 R15: ffff8880120d7e68 [ 70.702903] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 70.703597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.704081] CR2: 0000000020000140 CR3: 0000000016494000 CR4: 0000000000750ee0 [ 70.704690] PKRU: 55555554 [ 70.704934] Call Trace: [ 70.705142] [ 70.705329] __iommufd_access_detach+0x1c2/0x2b0 [ 70.705752] iommufd_access_change_pt+0x149/0x270 [ 70.706177] iommufd_access_replace+0xb4/0x120 [ 70.706590] iommufd_test+0x3e5/0x37e0 [ 70.706952] ? lock_release+0x532/0x770 [ 70.707298] ? __might_fault+0x102/0x1b0 [ 70.707636] ? lock_acquire+0x427/0x4c0 [ 70.708001] ? __pfx_iommufd_test+0x10/0x10 [ 70.708350] ? __pfx_lock_release+0x10/0x10 [ 70.708705] ? __pfx_lock_acquire+0x10/0x10 [ 70.709095] ? write_comp_data+0x2f/0x90 [ 70.709432] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.709836] ? write_comp_data+0x2f/0x90 [ 70.710208] iommufd_fops_ioctl+0x37d/0x510 [ 70.710592] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.710997] ? write_comp_data+0x2f/0x90 [ 70.711365] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.711760] __x64_sys_ioctl+0x1a3/0x230 [ 70.712110] do_syscall_64+0x3b/0x90 [ 70.712434] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.712856] RIP: 0033:0x7f4b8743ee5d [ 70.713160] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.714686] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.715326] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.715930] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.716540] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.717140] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.717746] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.718344] [ 70.718593] irq event stamp: 0 [ 70.718866] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.719398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.720091] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.720780] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.721306] ---[ end trace 0000000000000000 ]--- [ 70.724289] ------------[ cut here ]------------ [ 70.724715] WARNING: CPU: 1 PID: 574 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.725548] Modules linked in: [ 70.725807] CPU: 1 PID: 574 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.726780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.727691] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.728080] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.729529] RSP: 0018:ffff8880120d7bd0 EFLAGS: 00010246 [ 70.729948] RAX: 0000000000000000 RBX: ffff88800bd050a8 RCX: 0000000000000000 [ 70.730536] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 70.731095] RBP: ffff8880120d7be8 R08: ffffed10017a0a33 R09: ffffed10017a0a33 [ 70.731671] R10: ffff88800bd05193 R11: ffffed10017a0a32 R12: ffff888014581800 [ 70.732233] R13: ffff88800bd051e8 R14: ffff888020e7b800 R15: 0000000000000000 [ 70.732803] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 70.733432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.733900] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 70.734460] PKRU: 55555554 [ 70.734712] Call Trace: [ 70.734927] [ 70.735132] iommufd_access_destroy_object+0x65/0x170 [ 70.735541] iommufd_object_destroy_user+0x18e/0x220 [ 70.735962] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.736428] iommufd_access_destroy+0x43/0x70 [ 70.736803] iommufd_test_staccess_release+0x8d/0xd0 [ 70.737215] __fput+0x26d/0xa40 [ 70.737495] ____fput+0x1e/0x30 [ 70.737761] task_work_run+0x1a4/0x2d0 [ 70.738093] ? __pfx_task_work_run+0x10/0x10 [ 70.738449] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.738854] ? switch_task_namespaces+0xa9/0xe0 [ 70.739256] do_exit+0xb17/0x2ef0 [ 70.739540] ? lock_acquire+0x427/0x4c0 [ 70.739859] ? __pfx_lock_release+0x10/0x10 [ 70.740267] ? __kasan_check_write+0x18/0x20 [ 70.740665] ? do_raw_spin_lock+0x132/0x2a0 [ 70.741053] ? __pfx_do_exit+0x10/0x10 [ 70.741371] ? debug_smp_processor_id+0x20/0x30 [ 70.741760] ? rcu_is_watching+0x19/0xb0 [ 70.742090] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.742455] ? trace_hardirqs_on+0x26/0x120 [ 70.742849] do_group_exit+0xe0/0x2b0 [ 70.743176] __x64_sys_exit_group+0x47/0x50 [ 70.743517] do_syscall_64+0x3b/0x90 [ 70.743887] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.744407] RIP: 0033:0x7f4b87518a4d [ 70.744793] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.745428] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.746218] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.746984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.747722] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.748468] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.749197] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.749951] [ 70.750192] irq event stamp: 0 [ 70.750564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.751233] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.752077] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.752922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.753585] ---[ end trace 0000000000000000 ]--- [ 70.754899] ------------[ cut here ]------------ [ 70.755428] WARNING: CPU: 1 PID: 574 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.756468] Modules linked in: [ 70.756801] CPU: 1 PID: 574 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.757689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.759304] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.759923] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.761923] RSP: 0018:ffff8880120d7b78 EFLAGS: 00010246 [ 70.762567] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.763384] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 70.764176] RBP: ffff8880120d7b98 R08: ffffed10017a0a3e R09: ffffed10017a0a3e [ 70.764974] R10: ffff88800bd051ef R11: ffffed10017a0a3d R12: ffff88800bd05290 [ 70.765767] R13: ffff88800bd050a8 R14: ffffffffffffffff R15: ffff8880120d7c60 [ 70.766598] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 70.767511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.768167] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 70.769004] PKRU: 55555554 [ 70.769346] Call Trace: [ 70.769652] [ 70.769927] iommufd_ioas_destroy+0x53/0x70 [ 70.770437] iommufd_fops_release+0x1f7/0x370 [ 70.771011] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.771609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.772188] ? write_comp_data+0x2f/0x90 [ 70.772680] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.773275] __fput+0x26d/0xa40 [ 70.773692] ____fput+0x1e/0x30 [ 70.774102] task_work_run+0x1a4/0x2d0 [ 70.774632] ? __pfx_task_work_run+0x10/0x10 [ 70.775187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.775767] ? switch_task_namespaces+0xa9/0xe0 [ 70.776317] do_exit+0xb17/0x2ef0 [ 70.776718] ? lock_acquire+0x427/0x4c0 [ 70.777188] ? __pfx_lock_release+0x10/0x10 [ 70.777693] ? __kasan_check_write+0x18/0x20 [ 70.778209] ? do_raw_spin_lock+0x132/0x2a0 [ 70.778755] ? __pfx_do_exit+0x10/0x10 [ 70.779255] ? debug_smp_processor_id+0x20/0x30 [ 70.779814] ? rcu_is_watching+0x19/0xb0 [ 70.780297] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.780841] ? trace_hardirqs_on+0x26/0x120 [ 70.781362] do_group_exit+0xe0/0x2b0 [ 70.781818] __x64_sys_exit_group+0x47/0x50 [ 70.782327] do_syscall_64+0x3b/0x90 [ 70.782830] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.783452] RIP: 0033:0x7f4b87518a4d [ 70.783884] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.784579] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.785431] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.786233] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.787073] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.787892] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.788706] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.789540] [ 70.789816] irq event stamp: 0 [ 70.790185] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.790959] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.791851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.792580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.793108] ---[ end trace 0000000000000000 ]--- [ 70.798259] ------------[ cut here ]------------ [ 70.798735] WARNING: CPU: 1 PID: 575 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.799604] Modules linked in: [ 70.799878] CPU: 1 PID: 575 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.800611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.801560] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.801984] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.803589] RSP: 0018:ffff888016737bb8 EFLAGS: 00010246 [ 70.804045] RAX: 0000000000000000 RBX: ffff8880140398a8 RCX: 0000000000000000 [ 70.804641] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 70.805239] RBP: ffff888016737bd0 R08: ffffed1002807333 R09: ffffed1002807333 [ 70.805837] R10: ffff888014039993 R11: ffffed1002807332 R12: ffff88800fdf9000 [ 70.806434] R13: ffff8880140399e8 R14: ffffffff8352e670 R15: ffff888016737e68 [ 70.807055] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 70.807747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.808236] CR2: 0000000020000140 CR3: 00000000104d6000 CR4: 0000000000750ee0 [ 70.808835] PKRU: 55555554 [ 70.809088] Call Trace: [ 70.809307] [ 70.809498] __iommufd_access_detach+0x1c2/0x2b0 [ 70.809918] iommufd_access_change_pt+0x149/0x270 [ 70.810341] iommufd_access_replace+0xb4/0x120 [ 70.810762] iommufd_test+0x3e5/0x37e0 [ 70.811099] ? lock_release+0x532/0x770 [ 70.811469] ? __might_fault+0x102/0x1b0 [ 70.811833] ? lock_acquire+0x427/0x4c0 [ 70.812185] ? __pfx_iommufd_test+0x10/0x10 [ 70.812549] ? __pfx_lock_release+0x10/0x10 [ 70.813008] ? __pfx_lock_acquire+0x10/0x10 [ 70.813387] ? write_comp_data+0x2f/0x90 [ 70.813747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.814171] ? write_comp_data+0x2f/0x90 [ 70.814561] iommufd_fops_ioctl+0x37d/0x510 [ 70.814936] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.815364] ? write_comp_data+0x2f/0x90 [ 70.815719] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.816135] __x64_sys_ioctl+0x1a3/0x230 [ 70.816497] do_syscall_64+0x3b/0x90 [ 70.816831] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.817277] RIP: 0033:0x7f4b8743ee5d [ 70.817607] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.819200] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.819854] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.820454] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.821058] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.821655] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.822253] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.822904] [ 70.823117] irq event stamp: 0 [ 70.823392] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.823935] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.824646] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.825348] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.825874] ---[ end trace 0000000000000000 ]--- [ 70.826970] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 70.828845] ------------[ cut here ]------------ [ 70.829428] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 70.829835] WARNING: CPU: 1 PID: 575 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.832504] Modules linked in: [ 70.832804] CPU: 1 PID: 575 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.833591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.834639] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.835116] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.836752] RSP: 0018:ffff888016737bd0 EFLAGS: 00010246 [ 70.837240] RAX: 0000000000000000 RBX: ffff8880140398a8 RCX: 0000000000000000 [ 70.837881] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 70.838549] RBP: ffff888016737be8 R08: ffffed1002807333 R09: ffffed1002807333 [ 70.839206] R10: ffff888014039993 R11: ffffed1002807332 R12: ffff888020aa9400 [ 70.839850] R13: ffff8880140399e8 R14: ffff88800f492a00 R15: 0000000000000000 [ 70.840491] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 70.841219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.841752] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 70.842395] PKRU: 55555554 [ 70.842705] Call Trace: [ 70.842943] [ 70.843159] iommufd_access_destroy_object+0x65/0x170 [ 70.843668] iommufd_object_destroy_user+0x18e/0x220 [ 70.844132] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.844657] iommufd_access_destroy+0x43/0x70 [ 70.845150] iommufd_test_staccess_release+0x8d/0xd0 [ 70.845624] __fput+0x26d/0xa40 [ 70.845942] ____fput+0x1e/0x30 [ 70.846250] task_work_run+0x1a4/0x2d0 [ 70.846666] ? __pfx_task_work_run+0x10/0x10 [ 70.847080] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.847548] ? switch_task_namespaces+0xa9/0xe0 [ 70.847985] do_exit+0xb17/0x2ef0 [ 70.848302] ? lock_acquire+0x427/0x4c0 [ 70.848673] ? __pfx_lock_release+0x10/0x10 [ 70.849078] ? __kasan_check_write+0x18/0x20 [ 70.849488] ? do_raw_spin_lock+0x132/0x2a0 [ 70.849884] ? __pfx_do_exit+0x10/0x10 [ 70.850251] ? debug_smp_processor_id+0x20/0x30 [ 70.850720] ? rcu_is_watching+0x19/0xb0 [ 70.851101] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.851545] ? trace_hardirqs_on+0x26/0x120 [ 70.851953] do_group_exit+0xe0/0x2b0 [ 70.852309] __x64_sys_exit_group+0x47/0x50 [ 70.852706] do_syscall_64+0x3b/0x90 [ 70.853059] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.853545] RIP: 0033:0x7f4b87518a4d [ 70.853891] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.854455] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.855218] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.855885] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.856541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.857191] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.857846] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.858572] [ 70.858798] irq event stamp: 0 [ 70.859089] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.859690] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.860452] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.861217] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.861803] ---[ end trace 0000000000000000 ]--- [ 70.867883] ------------[ cut here ]------------ [ 70.868386] WARNING: CPU: 1 PID: 575 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.869382] Modules linked in: [ 70.869703] CPU: 1 PID: 575 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.870639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.871779] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.872289] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 70.874085] RSP: 0018:ffff888016737b78 EFLAGS: 00010246 [ 70.874705] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.875427] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 70.876138] RBP: ffff888016737b98 R08: ffffed100280733e R09: ffffed100280733e [ 70.876841] R10: ffff8880140399ef R11: ffffed100280733d R12: ffff888014039a90 [ 70.877631] R13: ffff8880140398a8 R14: ffffffffffffffff R15: ffff888016737c60 [ 70.878340] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 70.879199] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.879783] CR2: 00007ff8dd3984d0 CR3: 000000001444e000 CR4: 0000000000750ee0 [ 70.880494] PKRU: 55555554 [ 70.880774] Call Trace: [ 70.881036] [ 70.881265] iommufd_ioas_destroy+0x53/0x70 [ 70.881702] iommufd_fops_release+0x1f7/0x370 [ 70.882151] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.882692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.883198] ? write_comp_data+0x2f/0x90 [ 70.883620] ? __pfx_iommufd_fops_release+0x10/0x10 [ 70.884119] __fput+0x26d/0xa40 [ 70.884463] ____fput+0x1e/0x30 [ 70.884799] task_work_run+0x1a4/0x2d0 [ 70.885199] ? __pfx_task_work_run+0x10/0x10 [ 70.885645] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.886140] ? switch_task_namespaces+0xa9/0xe0 [ 70.886678] do_exit+0xb17/0x2ef0 [ 70.887037] ? lock_acquire+0x427/0x4c0 [ 70.887465] ? __pfx_lock_release+0x10/0x10 [ 70.887916] ? __kasan_check_write+0x18/0x20 [ 70.888370] ? do_raw_spin_lock+0x132/0x2a0 [ 70.888943] ? __pfx_do_exit+0x10/0x10 [ 70.889537] ? debug_smp_processor_id+0x20/0x30 [ 70.890011] ? rcu_is_watching+0x19/0xb0 [ 70.890418] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.890931] ? trace_hardirqs_on+0x26/0x120 [ 70.891410] do_group_exit+0xe0/0x2b0 [ 70.891796] __x64_sys_exit_group+0x47/0x50 [ 70.892220] do_syscall_64+0x3b/0x90 [ 70.892599] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.893236] RIP: 0033:0x7f4b87518a4d [ 70.893766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.894638] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.895407] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.896122] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.896896] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.897882] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.898670] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.899392] [ 70.899624] irq event stamp: 0 [ 70.899937] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.900558] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.901651] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.902828] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.903462] ---[ end trace 0000000000000000 ]--- [ 70.910379] ------------[ cut here ]------------ [ 70.910921] WARNING: CPU: 1 PID: 577 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.912335] Modules linked in: [ 70.912815] CPU: 1 PID: 577 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.913708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.914925] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.915453] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.917916] RSP: 0018:ffff88801445fbb8 EFLAGS: 00010246 [ 70.918743] RAX: 0000000000000000 RBX: ffff88801451a8a8 RCX: 0000000000000000 [ 70.919519] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 70.920326] RBP: ffff88801445fbd0 R08: ffffed10028a3533 R09: ffffed10028a3533 [ 70.921199] R10: ffff88801451a993 R11: ffffed10028a3532 R12: ffff888016478000 [ 70.921933] R13: ffff88801451a9e8 R14: ffffffff8352e670 R15: ffff88801445fe68 [ 70.922725] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 70.923650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.924266] CR2: 0000000020000140 CR3: 0000000010420000 CR4: 0000000000750ee0 [ 70.925064] PKRU: 55555554 [ 70.925489] Call Trace: [ 70.925753] [ 70.925988] __iommufd_access_detach+0x1c2/0x2b0 [ 70.926499] iommufd_access_change_pt+0x149/0x270 [ 70.927042] iommufd_access_replace+0xb4/0x120 [ 70.927553] iommufd_test+0x3e5/0x37e0 [ 70.927958] ? lock_release+0x532/0x770 [ 70.928567] ? __might_fault+0x102/0x1b0 [ 70.929003] ? lock_acquire+0x427/0x4c0 [ 70.929435] ? __pfx_iommufd_test+0x10/0x10 [ 70.929881] ? __pfx_lock_release+0x10/0x10 [ 70.930343] ? __pfx_lock_acquire+0x10/0x10 [ 70.931011] ? write_comp_data+0x2f/0x90 [ 70.931458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.931977] ? write_comp_data+0x2f/0x90 [ 70.932407] iommufd_fops_ioctl+0x37d/0x510 [ 70.932867] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.933545] ? write_comp_data+0x2f/0x90 [ 70.933982] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 70.934488] __x64_sys_ioctl+0x1a3/0x230 [ 70.934968] do_syscall_64+0x3b/0x90 [ 70.935400] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.935963] RIP: 0033:0x7f4b8743ee5d [ 70.936360] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 70.938503] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 70.939369] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 70.940244] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 70.941163] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 70.941907] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 70.942730] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 70.943654] [ 70.943906] irq event stamp: 0 [ 70.944240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.944903] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.945831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.946881] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.947562] ---[ end trace 0000000000000000 ]--- [ 70.951284] ------------[ cut here ]------------ [ 70.951841] WARNING: CPU: 1 PID: 577 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 70.952889] Modules linked in: [ 70.953318] CPU: 1 PID: 577 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.954308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.955574] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 70.956246] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 70.958233] RSP: 0018:ffff88801445fbd0 EFLAGS: 00010246 [ 70.959084] RAX: 0000000000000000 RBX: ffff88801451a8a8 RCX: 0000000000000000 [ 70.959858] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 70.960624] RBP: ffff88801445fbe8 R08: ffffed10028a3533 R09: ffffed10028a3533 [ 70.961381] R10: ffff88801451a993 R11: ffffed10028a3532 R12: ffff88800fdf8000 [ 70.962314] R13: ffff88801451a9e8 R14: ffff888017061e00 R15: 0000000000000000 [ 70.963101] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 70.963972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.964593] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 70.965532] PKRU: 55555554 [ 70.965930] Call Trace: [ 70.966322] [ 70.966593] iommufd_access_destroy_object+0x65/0x170 [ 70.967186] iommufd_object_destroy_user+0x18e/0x220 [ 70.967736] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 70.968358] iommufd_access_destroy+0x43/0x70 [ 70.968911] iommufd_test_staccess_release+0x8d/0xd0 [ 70.969530] __fput+0x26d/0xa40 [ 70.970017] ____fput+0x1e/0x30 [ 70.970461] task_work_run+0x1a4/0x2d0 [ 70.970919] ? __pfx_task_work_run+0x10/0x10 [ 70.971398] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 70.971921] ? switch_task_namespaces+0xa9/0xe0 [ 70.972430] do_exit+0xb17/0x2ef0 [ 70.972809] ? lock_acquire+0x427/0x4c0 [ 70.973426] ? __pfx_lock_release+0x10/0x10 [ 70.974072] ? __kasan_check_write+0x18/0x20 [ 70.974595] ? do_raw_spin_lock+0x132/0x2a0 [ 70.975070] ? __pfx_do_exit+0x10/0x10 [ 70.975507] ? debug_smp_processor_id+0x20/0x30 [ 70.976007] ? rcu_is_watching+0x19/0xb0 [ 70.976445] ? _raw_spin_unlock_irq+0x2b/0x60 [ 70.976981] ? trace_hardirqs_on+0x26/0x120 [ 70.977636] do_group_exit+0xe0/0x2b0 [ 70.978166] __x64_sys_exit_group+0x47/0x50 [ 70.978658] do_syscall_64+0x3b/0x90 [ 70.979065] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 70.979636] RIP: 0033:0x7f4b87518a4d [ 70.980034] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 70.980682] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 70.981718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 70.982697] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 70.983475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 70.984230] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 70.984984] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 70.985943] [ 70.986280] irq event stamp: 0 [ 70.986769] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 70.987468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 70.988360] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 70.989242] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 70.990010] ---[ end trace 0000000000000000 ]--- [ 70.993042] ------------[ cut here ]------------ [ 70.993573] WARNING: CPU: 1 PID: 577 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 70.994940] Modules linked in: [ 70.995381] CPU: 1 PID: 577 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 70.996293] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 70.997470] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 70.998024] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.000404] RSP: 0018:ffff88801445fb78 EFLAGS: 00010246 [ 71.000976] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.001727] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 71.002475] RBP: ffff88801445fb98 R08: ffffed10028a353e R09: ffffed10028a353e [ 71.003465] R10: ffff88801451a9ef R11: ffffed10028a353d R12: ffff88801451aa90 [ 71.004398] R13: ffff88801451a8a8 R14: ffffffffffffffff R15: ffff88801445fc60 [ 71.005231] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.006085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.006731] CR2: 00007f82e2a81028 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 71.007682] PKRU: 55555554 [ 71.008083] Call Trace: [ 71.008367] [ 71.008610] iommufd_ioas_destroy+0x53/0x70 [ 71.009082] iommufd_fops_release+0x1f7/0x370 [ 71.009569] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.010099] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.010647] ? write_comp_data+0x2f/0x90 [ 71.011230] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.011938] __fput+0x26d/0xa40 [ 71.012306] ____fput+0x1e/0x30 [ 71.012666] task_work_run+0x1a4/0x2d0 [ 71.013083] ? __pfx_task_work_run+0x10/0x10 [ 71.013553] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.014066] ? switch_task_namespaces+0xa9/0xe0 [ 71.014657] do_exit+0xb17/0x2ef0 [ 71.015172] ? lock_acquire+0x427/0x4c0 [ 71.015614] ? __pfx_lock_release+0x10/0x10 [ 71.016073] ? __kasan_check_write+0x18/0x20 [ 71.016535] ? do_raw_spin_lock+0x132/0x2a0 [ 71.016986] ? __pfx_do_exit+0x10/0x10 [ 71.017397] ? debug_smp_processor_id+0x20/0x30 [ 71.017880] ? rcu_is_watching+0x19/0xb0 [ 71.018434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.019138] ? trace_hardirqs_on+0x26/0x120 [ 71.019608] do_group_exit+0xe0/0x2b0 [ 71.020016] __x64_sys_exit_group+0x47/0x50 [ 71.020470] do_syscall_64+0x3b/0x90 [ 71.020871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.021422] RIP: 0033:0x7f4b87518a4d [ 71.021880] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.022765] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.023573] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.024331] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.025289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.026027] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.026975] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.027757] [ 71.028014] irq event stamp: 0 [ 71.028412] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.029173] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.030102] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.031081] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.031786] ---[ end trace 0000000000000000 ]--- [ 71.038893] ------------[ cut here ]------------ [ 71.039475] WARNING: CPU: 1 PID: 578 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.040690] Modules linked in: [ 71.041025] CPU: 1 PID: 578 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.042106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.043387] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.044056] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.046141] RSP: 0018:ffff888016cd7bb8 EFLAGS: 00010246 [ 71.046722] RAX: 0000000000000000 RBX: ffff88800f1bf8a8 RCX: 0000000000000000 [ 71.047711] RDX: 0000000000000000 RSI: ffff888013b80000 RDI: 0000000000000002 [ 71.048471] RBP: ffff888016cd7bd0 R08: ffffed1001e37f33 R09: ffffed1001e37f33 [ 71.049402] R10: ffff88800f1bf993 R11: ffffed1001e37f32 R12: ffff8880148b4400 [ 71.050143] R13: ffff88800f1bf9e8 R14: ffffffff8352e670 R15: ffff888016cd7e68 [ 71.051143] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.051990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.052763] CR2: 0000000020000140 CR3: 00000000144bc000 CR4: 0000000000750ee0 [ 71.053515] PKRU: 55555554 [ 71.053815] Call Trace: [ 71.054169] [ 71.054493] __iommufd_access_detach+0x1c2/0x2b0 [ 71.055041] iommufd_access_change_pt+0x149/0x270 [ 71.055583] iommufd_access_replace+0xb4/0x120 [ 71.056188] iommufd_test+0x3e5/0x37e0 [ 71.056647] ? lock_release+0x532/0x770 [ 71.057079] ? __might_fault+0x102/0x1b0 [ 71.057524] ? lock_acquire+0x427/0x4c0 [ 71.058139] ? __pfx_iommufd_test+0x10/0x10 [ 71.058627] ? __pfx_lock_release+0x10/0x10 [ 71.059104] ? __pfx_lock_acquire+0x10/0x10 [ 71.059592] ? write_comp_data+0x2f/0x90 [ 71.060035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.060555] ? write_comp_data+0x2f/0x90 [ 71.061066] iommufd_fops_ioctl+0x37d/0x510 [ 71.061626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.062145] ? write_comp_data+0x2f/0x90 [ 71.062632] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.063296] __x64_sys_ioctl+0x1a3/0x230 [ 71.063736] do_syscall_64+0x3b/0x90 [ 71.064135] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.064726] RIP: 0033:0x7f4b8743ee5d [ 71.065254] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.067389] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.068191] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.069176] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.069895] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.070800] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.071544] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.072265] [ 71.072596] irq event stamp: 0 [ 71.072996] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.073640] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.074686] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.075551] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.076192] ---[ end trace 0000000000000000 ]--- [ 71.079663] ------------[ cut here ]------------ [ 71.080268] WARNING: CPU: 1 PID: 578 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.081263] Modules linked in: [ 71.081562] CPU: 1 PID: 578 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.082537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.083597] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.084224] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.086072] RSP: 0018:ffff888016cd7bd0 EFLAGS: 00010246 [ 71.086588] RAX: 0000000000000000 RBX: ffff88800f1bf8a8 RCX: 0000000000000000 [ 71.087256] RDX: 0000000000000000 RSI: ffff888013b80000 RDI: 0000000000000002 [ 71.088008] RBP: ffff888016cd7be8 R08: ffffed1001e37f33 R09: ffffed1001e37f33 [ 71.088713] R10: ffff88800f1bf993 R11: ffffed1001e37f32 R12: ffff88801647b000 [ 71.089370] R13: ffff88800f1bf9e8 R14: ffff888021829e00 R15: 0000000000000000 [ 71.090024] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.090837] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.091381] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.092033] PKRU: 55555554 [ 71.092293] Call Trace: [ 71.092525] [ 71.092736] iommufd_access_destroy_object+0x65/0x170 [ 71.093202] iommufd_object_destroy_user+0x18e/0x220 [ 71.093665] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.094193] iommufd_access_destroy+0x43/0x70 [ 71.094635] iommufd_test_staccess_release+0x8d/0xd0 [ 71.095122] __fput+0x26d/0xa40 [ 71.095440] ____fput+0x1e/0x30 [ 71.095744] task_work_run+0x1a4/0x2d0 [ 71.096084] ? __pfx_task_work_run+0x10/0x10 [ 71.096466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.096896] ? switch_task_namespaces+0xa9/0xe0 [ 71.097304] do_exit+0xb17/0x2ef0 [ 71.097603] ? lock_acquire+0x427/0x4c0 [ 71.097953] ? __pfx_lock_release+0x10/0x10 [ 71.098327] ? __kasan_check_write+0x18/0x20 [ 71.098731] ? do_raw_spin_lock+0x132/0x2a0 [ 71.099103] ? __pfx_do_exit+0x10/0x10 [ 71.099452] ? debug_smp_processor_id+0x20/0x30 [ 71.099860] ? rcu_is_watching+0x19/0xb0 [ 71.100211] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.100604] ? trace_hardirqs_on+0x26/0x120 [ 71.101040] do_group_exit+0xe0/0x2b0 [ 71.101369] __x64_sys_exit_group+0x47/0x50 [ 71.101739] do_syscall_64+0x3b/0x90 [ 71.102068] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.102538] RIP: 0033:0x7f4b87518a4d [ 71.102858] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.103384] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.104027] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.104628] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.105228] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.105830] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.106431] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.107069] [ 71.107279] irq event stamp: 0 [ 71.107551] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.108084] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.108791] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.109495] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.110027] ---[ end trace 0000000000000000 ]--- [ 71.110920] ------------[ cut here ]------------ [ 71.111335] WARNING: CPU: 1 PID: 578 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.112198] Modules linked in: [ 71.112463] CPU: 1 PID: 578 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.113162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.114061] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.114474] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.115965] RSP: 0018:ffff888016cd7b78 EFLAGS: 00010246 [ 71.116399] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.116966] RDX: 0000000000000000 RSI: ffff888013b80000 RDI: 0000000000000002 [ 71.117533] RBP: ffff888016cd7b98 R08: ffffed1001e37f3e R09: ffffed1001e37f3e [ 71.118096] R10: ffff88800f1bf9ef R11: ffffed1001e37f3d R12: ffff88800f1bfa90 [ 71.118688] R13: ffff88800f1bf8a8 R14: ffffffffffffffff R15: ffff888016cd7c60 [ 71.119273] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.119918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.120385] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.120964] PKRU: 55555554 [ 71.121194] Call Trace: [ 71.121403] [ 71.121589] iommufd_ioas_destroy+0x53/0x70 [ 71.121943] iommufd_fops_release+0x1f7/0x370 [ 71.122310] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.122740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.123154] ? write_comp_data+0x2f/0x90 [ 71.123492] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.123904] __fput+0x26d/0xa40 [ 71.124183] ____fput+0x1e/0x30 [ 71.124455] task_work_run+0x1a4/0x2d0 [ 71.124777] ? __pfx_task_work_run+0x10/0x10 [ 71.125138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.125536] ? switch_task_namespaces+0xa9/0xe0 [ 71.125928] do_exit+0xb17/0x2ef0 [ 71.126208] ? lock_acquire+0x427/0x4c0 [ 71.126561] ? __pfx_lock_release+0x10/0x10 [ 71.126917] ? __kasan_check_write+0x18/0x20 [ 71.127290] ? do_raw_spin_lock+0x132/0x2a0 [ 71.127642] ? __pfx_do_exit+0x10/0x10 [ 71.127966] ? debug_smp_processor_id+0x20/0x30 [ 71.128345] ? rcu_is_watching+0x19/0xb0 [ 71.128675] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.129046] ? trace_hardirqs_on+0x26/0x120 [ 71.129401] do_group_exit+0xe0/0x2b0 [ 71.129710] __x64_sys_exit_group+0x47/0x50 [ 71.130053] do_syscall_64+0x3b/0x90 [ 71.130362] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.130811] RIP: 0033:0x7f4b87518a4d [ 71.131126] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.131621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.132227] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.132797] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.133428] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.133997] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.134588] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.135181] [ 71.135373] irq event stamp: 0 [ 71.135627] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.136132] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.136804] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.137473] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.137975] ---[ end trace 0000000000000000 ]--- [ 71.141966] ------------[ cut here ]------------ [ 71.142390] WARNING: CPU: 1 PID: 579 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.143262] Modules linked in: [ 71.143522] CPU: 1 PID: 579 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.144213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.145112] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.145512] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.146995] RSP: 0018:ffff88800f83fbb8 EFLAGS: 00010246 [ 71.147442] RAX: 0000000000000000 RBX: ffff888020ad70a8 RCX: 0000000000000000 [ 71.148012] RDX: 0000000000000000 RSI: ffff888013b84a00 RDI: 0000000000000002 [ 71.148580] RBP: ffff88800f83fbd0 R08: ffffed100415ae33 R09: ffffed100415ae33 [ 71.149151] R10: ffff888020ad7193 R11: ffffed100415ae32 R12: ffff888018af3000 [ 71.149711] R13: ffff888020ad71e8 R14: ffffffff8352e670 R15: ffff88800f83fe68 [ 71.150265] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.150906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.151367] CR2: 0000000020000140 CR3: 000000001898e000 CR4: 0000000000750ee0 [ 71.151923] PKRU: 55555554 [ 71.152143] Call Trace: [ 71.152343] [ 71.152519] __iommufd_access_detach+0x1c2/0x2b0 [ 71.152907] iommufd_access_change_pt+0x149/0x270 [ 71.153297] iommufd_access_replace+0xb4/0x120 [ 71.153665] iommufd_test+0x3e5/0x37e0 [ 71.153966] ? lock_release+0x532/0x770 [ 71.154284] ? __might_fault+0x102/0x1b0 [ 71.154629] ? lock_acquire+0x427/0x4c0 [ 71.154950] ? __pfx_iommufd_test+0x10/0x10 [ 71.155294] ? __pfx_lock_release+0x10/0x10 [ 71.155641] ? __pfx_lock_acquire+0x10/0x10 [ 71.155989] ? write_comp_data+0x2f/0x90 [ 71.156315] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.156703] ? write_comp_data+0x2f/0x90 [ 71.157033] iommufd_fops_ioctl+0x37d/0x510 [ 71.157379] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.157772] ? write_comp_data+0x2f/0x90 [ 71.158101] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.158482] __x64_sys_ioctl+0x1a3/0x230 [ 71.158843] do_syscall_64+0x3b/0x90 [ 71.159161] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.159576] RIP: 0033:0x7f4b8743ee5d [ 71.159867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.161258] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.161843] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.162387] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.162955] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.163518] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.164074] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.164629] [ 71.164815] irq event stamp: 0 [ 71.165118] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.165603] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.166250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.166922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.167430] ---[ end trace 0000000000000000 ]--- [ 71.170092] ------------[ cut here ]------------ [ 71.170482] WARNING: CPU: 1 PID: 579 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.171301] Modules linked in: [ 71.171551] CPU: 1 PID: 579 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.172211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.173065] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.173449] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.174859] RSP: 0018:ffff88800f83fbd0 EFLAGS: 00010246 [ 71.175278] RAX: 0000000000000000 RBX: ffff888020ad70a8 RCX: 0000000000000000 [ 71.175824] RDX: 0000000000000000 RSI: ffff888013b84a00 RDI: 0000000000000002 [ 71.176362] RBP: ffff88800f83fbe8 R08: ffffed100415ae33 R09: ffffed100415ae33 [ 71.176906] R10: ffff888020ad7193 R11: ffffed100415ae32 R12: ffff8880148b4000 [ 71.177449] R13: ffff888020ad71e8 R14: ffff888014b9e500 R15: 0000000000000000 [ 71.177996] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.178633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.179080] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.179647] PKRU: 55555554 [ 71.179864] Call Trace: [ 71.180060] [ 71.180233] iommufd_access_destroy_object+0x65/0x170 [ 71.180634] iommufd_object_destroy_user+0x18e/0x220 [ 71.181029] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.181481] iommufd_access_destroy+0x43/0x70 [ 71.181839] iommufd_test_staccess_release+0x8d/0xd0 [ 71.182244] __fput+0x26d/0xa40 [ 71.182540] ____fput+0x1e/0x30 [ 71.182813] task_work_run+0x1a4/0x2d0 [ 71.183132] ? __pfx_task_work_run+0x10/0x10 [ 71.183478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.183862] ? switch_task_namespaces+0xa9/0xe0 [ 71.184232] do_exit+0xb17/0x2ef0 [ 71.184502] ? lock_acquire+0x427/0x4c0 [ 71.184819] ? __pfx_lock_release+0x10/0x10 [ 71.185155] ? __kasan_check_write+0x18/0x20 [ 71.185498] ? do_raw_spin_lock+0x132/0x2a0 [ 71.185835] ? __pfx_do_exit+0x10/0x10 [ 71.186142] ? debug_smp_processor_id+0x20/0x30 [ 71.186502] ? rcu_is_watching+0x19/0xb0 [ 71.186840] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.187205] ? trace_hardirqs_on+0x26/0x120 [ 71.187546] do_group_exit+0xe0/0x2b0 [ 71.187846] __x64_sys_exit_group+0x47/0x50 [ 71.188183] do_syscall_64+0x3b/0x90 [ 71.188480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.188889] RIP: 0033:0x7f4b87518a4d [ 71.189177] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.189646] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.190228] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.190799] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.191355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.191903] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.192448] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.193001] [ 71.193182] irq event stamp: 0 [ 71.193424] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.193904] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.194565] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.195213] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.195698] ---[ end trace 0000000000000000 ]--- [ 71.196380] ------------[ cut here ]------------ [ 71.196745] WARNING: CPU: 1 PID: 579 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.197569] Modules linked in: [ 71.197822] CPU: 1 PID: 579 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.198484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.199393] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.199792] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.201174] RSP: 0018:ffff88800f83fb78 EFLAGS: 00010246 [ 71.201576] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.202114] RDX: 0000000000000000 RSI: ffff888013b84a00 RDI: 0000000000000002 [ 71.202693] RBP: ffff88800f83fb98 R08: ffffed100415ae3e R09: ffffed100415ae3e [ 71.203243] R10: ffff888020ad71ef R11: ffffed100415ae3d R12: ffff888020ad7290 [ 71.203784] R13: ffff888020ad70a8 R14: ffffffffffffffff R15: ffff88800f83fc60 [ 71.204324] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.204934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.205377] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.205918] PKRU: 55555554 [ 71.206137] Call Trace: [ 71.206334] [ 71.206526] iommufd_ioas_destroy+0x53/0x70 [ 71.206863] iommufd_fops_release+0x1f7/0x370 [ 71.207222] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.207606] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.207985] ? write_comp_data+0x2f/0x90 [ 71.208303] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.208687] __fput+0x26d/0xa40 [ 71.208953] ____fput+0x1e/0x30 [ 71.209212] task_work_run+0x1a4/0x2d0 [ 71.209519] ? __pfx_task_work_run+0x10/0x10 [ 71.209863] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.210242] ? switch_task_namespaces+0xa9/0xe0 [ 71.210626] do_exit+0xb17/0x2ef0 [ 71.210895] ? lock_acquire+0x427/0x4c0 [ 71.211230] ? __pfx_lock_release+0x10/0x10 [ 71.211569] ? __kasan_check_write+0x18/0x20 [ 71.211911] ? do_raw_spin_lock+0x132/0x2a0 [ 71.212241] ? __pfx_do_exit+0x10/0x10 [ 71.212549] ? debug_smp_processor_id+0x20/0x30 [ 71.212907] ? rcu_is_watching+0x19/0xb0 [ 71.213222] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.213572] ? trace_hardirqs_on+0x26/0x120 [ 71.213912] do_group_exit+0xe0/0x2b0 [ 71.214204] __x64_sys_exit_group+0x47/0x50 [ 71.214548] do_syscall_64+0x3b/0x90 [ 71.214842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.215254] RIP: 0033:0x7f4b87518a4d [ 71.215541] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.216014] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.216591] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.217135] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.217679] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.218217] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.218773] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.219337] [ 71.219530] irq event stamp: 0 [ 71.219804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.220398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.221197] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.221850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.222333] ---[ end trace 0000000000000000 ]--- [ 71.226770] ------------[ cut here ]------------ [ 71.227182] WARNING: CPU: 1 PID: 580 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.227961] Modules linked in: [ 71.228207] CPU: 1 PID: 580 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.228867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.229754] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.230126] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.231527] RSP: 0018:ffff888012dd7bb8 EFLAGS: 00010246 [ 71.231931] RAX: 0000000000000000 RBX: ffff8880189858a8 RCX: 0000000000000000 [ 71.232458] RDX: 0000000000000000 RSI: ffff888016e8a500 RDI: 0000000000000002 [ 71.232987] RBP: ffff888012dd7bd0 R08: ffffed1003130b33 R09: ffffed1003130b33 [ 71.233514] R10: ffff888018985993 R11: ffffed1003130b32 R12: ffff8880189e2c00 [ 71.234040] R13: ffff8880189859e8 R14: ffffffff8352e670 R15: ffff888012dd7e68 [ 71.234588] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.235200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.235632] CR2: 0000000020000140 CR3: 000000002191a000 CR4: 0000000000750ee0 [ 71.236163] PKRU: 55555554 [ 71.236374] Call Trace: [ 71.236565] [ 71.236736] __iommufd_access_detach+0x1c2/0x2b0 [ 71.237103] iommufd_access_change_pt+0x149/0x270 [ 71.237474] iommufd_access_replace+0xb4/0x120 [ 71.237826] iommufd_test+0x3e5/0x37e0 [ 71.238118] ? lock_release+0x532/0x770 [ 71.238426] ? __might_fault+0x102/0x1b0 [ 71.238803] ? lock_acquire+0x427/0x4c0 [ 71.239283] ? __pfx_iommufd_test+0x10/0x10 [ 71.239667] ? __pfx_lock_release+0x10/0x10 [ 71.240007] ? __pfx_lock_acquire+0x10/0x10 [ 71.240343] ? write_comp_data+0x2f/0x90 [ 71.240681] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.241071] ? write_comp_data+0x2f/0x90 [ 71.241389] iommufd_fops_ioctl+0x37d/0x510 [ 71.241741] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.242128] ? write_comp_data+0x2f/0x90 [ 71.242445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.242875] __x64_sys_ioctl+0x1a3/0x230 [ 71.243214] do_syscall_64+0x3b/0x90 [ 71.243508] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.243942] RIP: 0033:0x7f4b8743ee5d [ 71.244234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.245643] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.246250] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.246813] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.247396] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.247941] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.248518] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.249078] [ 71.249271] irq event stamp: 0 [ 71.249527] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.250005] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.250697] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.251356] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.251849] ---[ end trace 0000000000000000 ]--- [ 71.254722] ------------[ cut here ]------------ [ 71.255120] WARNING: CPU: 1 PID: 580 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.255903] Modules linked in: [ 71.256143] CPU: 1 PID: 580 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.256824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.257665] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.258061] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.259468] RSP: 0018:ffff888012dd7bd0 EFLAGS: 00010246 [ 71.259876] RAX: 0000000000000000 RBX: ffff8880189858a8 RCX: 0000000000000000 [ 71.260428] RDX: 0000000000000000 RSI: ffff888016e8a500 RDI: 0000000000000002 [ 71.260976] RBP: ffff888012dd7be8 R08: ffffed1003130b33 R09: ffffed1003130b33 [ 71.261529] R10: ffff888018985993 R11: ffffed1003130b32 R12: ffff888018af1c00 [ 71.262076] R13: ffff8880189859e8 R14: ffff88800f084100 R15: 0000000000000000 [ 71.262634] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.263279] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.263712] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.264265] PKRU: 55555554 [ 71.264497] Call Trace: [ 71.264687] [ 71.264858] iommufd_access_destroy_object+0x65/0x170 [ 71.265267] iommufd_object_destroy_user+0x18e/0x220 [ 71.265678] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.266116] iommufd_access_destroy+0x43/0x70 [ 71.266497] iommufd_test_staccess_release+0x8d/0xd0 [ 71.266916] __fput+0x26d/0xa40 [ 71.267186] ____fput+0x1e/0x30 [ 71.267467] task_work_run+0x1a4/0x2d0 [ 71.267785] ? __pfx_task_work_run+0x10/0x10 [ 71.268124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.268518] ? switch_task_namespaces+0xa9/0xe0 [ 71.268893] do_exit+0xb17/0x2ef0 [ 71.269157] ? lock_acquire+0x427/0x4c0 [ 71.269473] ? __pfx_lock_release+0x10/0x10 [ 71.269835] ? __kasan_check_write+0x18/0x20 [ 71.270169] ? do_raw_spin_lock+0x132/0x2a0 [ 71.270493] ? __pfx_do_exit+0x10/0x10 [ 71.270860] ? debug_smp_processor_id+0x20/0x30 [ 71.271230] ? rcu_is_watching+0x19/0xb0 [ 71.271540] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.271924] ? trace_hardirqs_on+0x26/0x120 [ 71.272257] do_group_exit+0xe0/0x2b0 [ 71.272548] __x64_sys_exit_group+0x47/0x50 [ 71.272911] do_syscall_64+0x3b/0x90 [ 71.273202] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.273600] RIP: 0033:0x7f4b87518a4d [ 71.273903] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.274374] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.274990] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.275545] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.276115] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.276647] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.277209] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.277751] [ 71.277930] irq event stamp: 0 [ 71.278188] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.278697] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.279372] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.279998] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.280506] ---[ end trace 0000000000000000 ]--- [ 71.281187] ------------[ cut here ]------------ [ 71.281576] WARNING: CPU: 1 PID: 580 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.282331] Modules linked in: [ 71.282630] CPU: 1 PID: 580 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.283287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.284147] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.284546] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.285943] RSP: 0018:ffff888012dd7b78 EFLAGS: 00010246 [ 71.286348] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.286937] RDX: 0000000000000000 RSI: ffff888016e8a500 RDI: 0000000000000002 [ 71.287477] RBP: ffff888012dd7b98 R08: ffffed1003130b3e R09: ffffed1003130b3e [ 71.288038] R10: ffff8880189859ef R11: ffffed1003130b3d R12: ffff888018985a90 [ 71.288568] R13: ffff8880189858a8 R14: ffffffffffffffff R15: ffff888012dd7c60 [ 71.289116] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.289716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.290167] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.290727] PKRU: 55555554 [ 71.290943] Call Trace: [ 71.291159] [ 71.291333] iommufd_ioas_destroy+0x53/0x70 [ 71.291665] iommufd_fops_release+0x1f7/0x370 [ 71.292009] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.292407] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.292823] ? write_comp_data+0x2f/0x90 [ 71.293206] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.293677] __fput+0x26d/0xa40 [ 71.293944] ____fput+0x1e/0x30 [ 71.294202] task_work_run+0x1a4/0x2d0 [ 71.294501] ? __pfx_task_work_run+0x10/0x10 [ 71.294877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.295262] ? switch_task_namespaces+0xa9/0xe0 [ 71.295623] do_exit+0xb17/0x2ef0 [ 71.295900] ? lock_acquire+0x427/0x4c0 [ 71.296209] ? __pfx_lock_release+0x10/0x10 [ 71.296541] ? __kasan_check_write+0x18/0x20 [ 71.296887] ? do_raw_spin_lock+0x132/0x2a0 [ 71.297214] ? __pfx_do_exit+0x10/0x10 [ 71.297516] ? debug_smp_processor_id+0x20/0x30 [ 71.297881] ? rcu_is_watching+0x19/0xb0 [ 71.298188] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.298556] ? trace_hardirqs_on+0x26/0x120 [ 71.298891] do_group_exit+0xe0/0x2b0 [ 71.299206] __x64_sys_exit_group+0x47/0x50 [ 71.299534] do_syscall_64+0x3b/0x90 [ 71.299823] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.300235] RIP: 0033:0x7f4b87518a4d [ 71.300518] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.300978] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.301557] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.302084] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.302642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.303184] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.303728] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.304272] [ 71.304462] irq event stamp: 0 [ 71.304698] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.305165] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.305798] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.306425] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.306934] ---[ end trace 0000000000000000 ]--- [ 71.311174] ------------[ cut here ]------------ [ 71.311566] WARNING: CPU: 1 PID: 581 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.312328] Modules linked in: [ 71.312571] CPU: 1 PID: 581 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.313227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.314063] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.314447] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.315845] RSP: 0018:ffff88800efa7bb8 EFLAGS: 00010246 [ 71.316247] RAX: 0000000000000000 RBX: ffff8880208ce0a8 RCX: 0000000000000000 [ 71.316797] RDX: 0000000000000000 RSI: ffff888014b50000 RDI: 0000000000000002 [ 71.317323] RBP: ffff88800efa7bd0 R08: ffffed1004119c33 R09: ffffed1004119c33 [ 71.317869] R10: ffff8880208ce193 R11: ffffed1004119c32 R12: ffff8880135f2c00 [ 71.318408] R13: ffff8880208ce1e8 R14: ffffffff8352e670 R15: ffff88800efa7e68 [ 71.318971] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.319591] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.320037] CR2: 0000000020000140 CR3: 000000002191c000 CR4: 0000000000750ee0 [ 71.320567] PKRU: 55555554 [ 71.320806] Call Trace: [ 71.320997] [ 71.321166] __iommufd_access_detach+0x1c2/0x2b0 [ 71.321534] iommufd_access_change_pt+0x149/0x270 [ 71.321942] iommufd_access_replace+0xb4/0x120 [ 71.322303] iommufd_test+0x3e5/0x37e0 [ 71.322621] ? lock_release+0x532/0x770 [ 71.322963] ? __might_fault+0x102/0x1b0 [ 71.323297] ? lock_acquire+0x427/0x4c0 [ 71.323614] ? __pfx_iommufd_test+0x10/0x10 [ 71.323955] ? __pfx_lock_release+0x10/0x10 [ 71.324316] ? __pfx_lock_acquire+0x10/0x10 [ 71.324657] ? write_comp_data+0x2f/0x90 [ 71.324981] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.325386] ? write_comp_data+0x2f/0x90 [ 71.325705] iommufd_fops_ioctl+0x37d/0x510 [ 71.326040] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.326453] ? write_comp_data+0x2f/0x90 [ 71.326796] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.327174] __x64_sys_ioctl+0x1a3/0x230 [ 71.327704] do_syscall_64+0x3b/0x90 [ 71.328145] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.328729] RIP: 0033:0x7f4b8743ee5d [ 71.329144] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.331179] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.332011] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.332789] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.333561] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.334334] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.335152] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.335950] [ 71.336215] irq event stamp: 0 [ 71.336708] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.337508] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.338607] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.339555] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.340317] ---[ end trace 0000000000000000 ]--- [ 71.344664] ------------[ cut here ]------------ [ 71.345240] WARNING: CPU: 1 PID: 581 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.346427] Modules linked in: [ 71.347212] CPU: 1 PID: 581 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.348214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.349497] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.350088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.352210] RSP: 0018:ffff88800efa7bd0 EFLAGS: 00010246 [ 71.352852] RAX: 0000000000000000 RBX: ffff8880208ce0a8 RCX: 0000000000000000 [ 71.353671] RDX: 0000000000000000 RSI: ffff888014b50000 RDI: 0000000000000002 [ 71.354568] RBP: ffff88800efa7be8 R08: ffffed1004119c33 R09: ffffed1004119c33 [ 71.355358] R10: ffff8880208ce193 R11: ffffed1004119c32 R12: ffff8880189e2000 [ 71.356223] R13: ffff8880208ce1e8 R14: ffff8880218e0400 R15: 0000000000000000 [ 71.357002] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.357956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.358627] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.359513] PKRU: 55555554 [ 71.359830] Call Trace: [ 71.360116] [ 71.360372] iommufd_access_destroy_object+0x65/0x170 [ 71.361038] iommufd_object_destroy_user+0x18e/0x220 [ 71.361610] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.362337] iommufd_access_destroy+0x43/0x70 [ 71.362912] iommufd_test_staccess_release+0x8d/0xd0 [ 71.363514] __fput+0x26d/0xa40 [ 71.363917] ____fput+0x1e/0x30 [ 71.364305] task_work_run+0x1a4/0x2d0 [ 71.364831] ? __pfx_task_work_run+0x10/0x10 [ 71.365384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.365945] ? switch_task_namespaces+0xa9/0xe0 [ 71.366482] do_exit+0xb17/0x2ef0 [ 71.366926] ? lock_acquire+0x427/0x4c0 [ 71.367430] ? __pfx_lock_release+0x10/0x10 [ 71.367969] ? __kasan_check_write+0x18/0x20 [ 71.368478] ? do_raw_spin_lock+0x132/0x2a0 [ 71.368967] ? __pfx_do_exit+0x10/0x10 [ 71.369421] ? debug_smp_processor_id+0x20/0x30 [ 71.370047] ? rcu_is_watching+0x19/0xb0 [ 71.370544] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.371073] ? trace_hardirqs_on+0x26/0x120 [ 71.371588] do_group_exit+0xe0/0x2b0 [ 71.372023] __x64_sys_exit_group+0x47/0x50 [ 71.372615] do_syscall_64+0x3b/0x90 [ 71.373055] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.373649] RIP: 0033:0x7f4b87518a4d [ 71.374068] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.374882] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.375737] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.376526] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.377313] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.378174] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.378998] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.379818] [ 71.380142] irq event stamp: 0 [ 71.380563] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.381266] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.382227] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.383295] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.383789] ---[ end trace 0000000000000000 ]--- [ 71.384466] ------------[ cut here ]------------ [ 71.384975] WARNING: CPU: 1 PID: 581 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.385777] Modules linked in: [ 71.386102] CPU: 1 PID: 581 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.386787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.387791] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.388181] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.389654] RSP: 0018:ffff88800efa7b78 EFLAGS: 00010246 [ 71.390122] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.390707] RDX: 0000000000000000 RSI: ffff888014b50000 RDI: 0000000000000002 [ 71.391257] RBP: ffff88800efa7b98 R08: ffffed1004119c3e R09: ffffed1004119c3e [ 71.391865] R10: ffff8880208ce1ef R11: ffffed1004119c3d R12: ffff8880208ce290 [ 71.392444] R13: ffff8880208ce0a8 R14: ffffffffffffffff R15: ffff88800efa7c60 [ 71.393025] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.393682] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.394127] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.394792] PKRU: 55555554 [ 71.395011] Call Trace: [ 71.395213] [ 71.395388] iommufd_ioas_destroy+0x53/0x70 [ 71.395725] iommufd_fops_release+0x1f7/0x370 [ 71.396171] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.396556] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.396936] ? write_comp_data+0x2f/0x90 [ 71.397339] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.397728] __fput+0x26d/0xa40 [ 71.397992] ____fput+0x1e/0x30 [ 71.398272] task_work_run+0x1a4/0x2d0 [ 71.398676] ? __pfx_task_work_run+0x10/0x10 [ 71.399020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.399406] ? switch_task_namespaces+0xa9/0xe0 [ 71.399775] do_exit+0xb17/0x2ef0 [ 71.400087] ? lock_acquire+0x427/0x4c0 [ 71.400447] ? __pfx_lock_release+0x10/0x10 [ 71.400788] ? __kasan_check_write+0x18/0x20 [ 71.401129] ? do_raw_spin_lock+0x132/0x2a0 [ 71.401550] ? __pfx_do_exit+0x10/0x10 [ 71.401859] ? debug_smp_processor_id+0x20/0x30 [ 71.402216] ? rcu_is_watching+0x19/0xb0 [ 71.402597] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.402988] ? trace_hardirqs_on+0x26/0x120 [ 71.403337] do_group_exit+0xe0/0x2b0 [ 71.403637] __x64_sys_exit_group+0x47/0x50 [ 71.403972] do_syscall_64+0x3b/0x90 [ 71.404266] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.404765] RIP: 0033:0x7f4b87518a4d [ 71.405054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.405519] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.406191] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.406766] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.407376] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.407956] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.408499] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.409137] [ 71.409320] irq event stamp: 0 [ 71.409562] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.410155] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.410812] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.411476] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.412008] ---[ end trace 0000000000000000 ]--- [ 71.416070] ------------[ cut here ]------------ [ 71.416451] WARNING: CPU: 1 PID: 582 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.417313] Modules linked in: [ 71.417556] CPU: 1 PID: 582 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.418240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.419248] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.419630] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.421112] RSP: 0018:ffff88800f63fbb8 EFLAGS: 00010246 [ 71.421615] RAX: 0000000000000000 RBX: ffff88802193f0a8 RCX: 0000000000000000 [ 71.422154] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 71.422782] RBP: ffff88800f63fbd0 R08: ffffed1004327e33 R09: ffffed1004327e33 [ 71.423340] R10: ffff88802193f193 R11: ffffed1004327e32 R12: ffff8880137fd000 [ 71.423915] R13: ffff88802193f1e8 R14: ffffffff8352e670 R15: ffff88800f63fe68 [ 71.424510] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.425149] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.425654] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ee0 [ 71.426196] PKRU: 55555554 [ 71.426455] Call Trace: [ 71.426725] [ 71.426905] __iommufd_access_detach+0x1c2/0x2b0 [ 71.427313] iommufd_access_change_pt+0x149/0x270 [ 71.427709] iommufd_access_replace+0xb4/0x120 [ 71.428083] iommufd_test+0x3e5/0x37e0 [ 71.428391] ? lock_release+0x532/0x770 [ 71.428755] ? __might_fault+0x102/0x1b0 [ 71.429167] ? lock_acquire+0x427/0x4c0 [ 71.429495] ? __pfx_iommufd_test+0x10/0x10 [ 71.429833] ? __pfx_lock_release+0x10/0x10 [ 71.430182] ? __pfx_lock_acquire+0x10/0x10 [ 71.430554] ? write_comp_data+0x2f/0x90 [ 71.430888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.431399] ? write_comp_data+0x2f/0x90 [ 71.431739] iommufd_fops_ioctl+0x37d/0x510 [ 71.432087] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.432476] ? write_comp_data+0x2f/0x90 [ 71.432811] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.433197] __x64_sys_ioctl+0x1a3/0x230 [ 71.433620] do_syscall_64+0x3b/0x90 [ 71.433918] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.434336] RIP: 0033:0x7f4b8743ee5d [ 71.434656] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.436218] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.436827] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.437381] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.437986] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.438620] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.439186] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.439748] [ 71.439937] irq event stamp: 0 [ 71.440230] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.440771] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.441427] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.442083] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.442599] ---[ end trace 0000000000000000 ]--- [ 71.445302] ------------[ cut here ]------------ [ 71.445700] WARNING: CPU: 1 PID: 582 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.446483] Modules linked in: [ 71.446784] CPU: 1 PID: 582 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.447469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.448342] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.448735] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.450160] RSP: 0018:ffff88800f63fbd0 EFLAGS: 00010246 [ 71.450745] RAX: 0000000000000000 RBX: ffff88802193f0a8 RCX: 0000000000000000 [ 71.451306] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 71.451860] RBP: ffff88800f63fbe8 R08: ffffed1004327e33 R09: ffffed1004327e33 [ 71.452416] R10: ffff88802193f193 R11: ffffed1004327e32 R12: ffff8880135f2000 [ 71.452965] R13: ffff88802193f1e8 R14: ffff88802183c300 R15: 0000000000000000 [ 71.453517] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.454132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.454612] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.455171] PKRU: 55555554 [ 71.455393] Call Trace: [ 71.455591] [ 71.455769] iommufd_access_destroy_object+0x65/0x170 [ 71.456176] iommufd_object_destroy_user+0x18e/0x220 [ 71.456577] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.457030] iommufd_access_destroy+0x43/0x70 [ 71.457382] iommufd_test_staccess_release+0x8d/0xd0 [ 71.457782] __fput+0x26d/0xa40 [ 71.458051] ____fput+0x1e/0x30 [ 71.458314] task_work_run+0x1a4/0x2d0 [ 71.458646] ? __pfx_task_work_run+0x10/0x10 [ 71.458993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.459381] ? switch_task_namespaces+0xa9/0xe0 [ 71.459756] do_exit+0xb17/0x2ef0 [ 71.460023] ? lock_acquire+0x427/0x4c0 [ 71.460338] ? __pfx_lock_release+0x10/0x10 [ 71.460678] ? __kasan_check_write+0x18/0x20 [ 71.461026] ? do_raw_spin_lock+0x132/0x2a0 [ 71.461362] ? __pfx_do_exit+0x10/0x10 [ 71.461670] ? debug_smp_processor_id+0x20/0x30 [ 71.462031] ? rcu_is_watching+0x19/0xb0 [ 71.462346] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.462722] ? trace_hardirqs_on+0x26/0x120 [ 71.463063] do_group_exit+0xe0/0x2b0 [ 71.463367] __x64_sys_exit_group+0x47/0x50 [ 71.463705] do_syscall_64+0x3b/0x90 [ 71.463999] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.464402] RIP: 0033:0x7f4b87518a4d [ 71.464693] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.465164] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.465742] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.466285] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.466859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.467407] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.467957] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.468511] [ 71.468691] irq event stamp: 0 [ 71.468933] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.469413] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.470051] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.470702] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.471194] ---[ end trace 0000000000000000 ]--- [ 71.471879] ------------[ cut here ]------------ [ 71.472243] WARNING: CPU: 1 PID: 582 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.473019] Modules linked in: [ 71.473265] CPU: 1 PID: 582 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.473928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.474802] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.475203] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.476595] RSP: 0018:ffff88800f63fb78 EFLAGS: 00010246 [ 71.477000] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.477540] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 71.478085] RBP: ffff88800f63fb98 R08: ffffed1004327e3e R09: ffffed1004327e3e [ 71.478644] R10: ffff88802193f1ef R11: ffffed1004327e3d R12: ffff88802193f290 [ 71.479195] R13: ffff88802193f0a8 R14: ffffffffffffffff R15: ffff88800f63fc60 [ 71.479738] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.480352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.480795] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.481339] PKRU: 55555554 [ 71.481558] Call Trace: [ 71.481753] [ 71.481927] iommufd_ioas_destroy+0x53/0x70 [ 71.482262] iommufd_fops_release+0x1f7/0x370 [ 71.482632] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.483021] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.483407] ? write_comp_data+0x2f/0x90 [ 71.483728] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.484114] __fput+0x26d/0xa40 [ 71.484382] ____fput+0x1e/0x30 [ 71.484643] task_work_run+0x1a4/0x2d0 [ 71.484955] ? __pfx_task_work_run+0x10/0x10 [ 71.485299] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.485677] ? switch_task_namespaces+0xa9/0xe0 [ 71.486044] do_exit+0xb17/0x2ef0 [ 71.486311] ? lock_acquire+0x427/0x4c0 [ 71.486640] ? __pfx_lock_release+0x10/0x10 [ 71.486978] ? __kasan_check_write+0x18/0x20 [ 71.487328] ? do_raw_spin_lock+0x132/0x2a0 [ 71.487663] ? __pfx_do_exit+0x10/0x10 [ 71.487974] ? debug_smp_processor_id+0x20/0x30 [ 71.488335] ? rcu_is_watching+0x19/0xb0 [ 71.488649] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.489002] ? trace_hardirqs_on+0x26/0x120 [ 71.489341] do_group_exit+0xe0/0x2b0 [ 71.489637] __x64_sys_exit_group+0x47/0x50 [ 71.489972] do_syscall_64+0x3b/0x90 [ 71.490266] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.490687] RIP: 0033:0x7f4b87518a4d [ 71.490971] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.491446] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.492026] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.492576] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.493118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.493659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.494207] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.494775] [ 71.494957] irq event stamp: 0 [ 71.495211] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.495697] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.496334] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.496972] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.497450] ---[ end trace 0000000000000000 ]--- [ 71.502286] ------------[ cut here ]------------ [ 71.502834] WARNING: CPU: 1 PID: 583 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.503594] Modules linked in: [ 71.503835] CPU: 1 PID: 583 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.504479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.505310] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.505679] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.507072] RSP: 0018:ffff888018b2fbb8 EFLAGS: 00010246 [ 71.507475] RAX: 0000000000000000 RBX: ffff88801438b0a8 RCX: 0000000000000000 [ 71.508005] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 71.508532] RBP: ffff888018b2fbd0 R08: ffffed1002871633 R09: ffffed1002871633 [ 71.509058] R10: ffff88801438b193 R11: ffffed1002871632 R12: ffff888016c9b000 [ 71.509585] R13: ffff88801438b1e8 R14: ffffffff8352e670 R15: ffff888018b2fe68 [ 71.510117] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.510726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.511172] CR2: 0000000020000140 CR3: 0000000016e46000 CR4: 0000000000750ee0 [ 71.511700] PKRU: 55555554 [ 71.511912] Call Trace: [ 71.512105] [ 71.512273] __iommufd_access_detach+0x1c2/0x2b0 [ 71.512638] iommufd_access_change_pt+0x149/0x270 [ 71.513013] iommufd_access_replace+0xb4/0x120 [ 71.513369] iommufd_test+0x3e5/0x37e0 [ 71.513667] ? lock_release+0x532/0x770 [ 71.513975] ? __might_fault+0x102/0x1b0 [ 71.514287] ? lock_acquire+0x427/0x4c0 [ 71.514608] ? __pfx_iommufd_test+0x10/0x10 [ 71.514934] ? __pfx_lock_release+0x10/0x10 [ 71.515280] ? __pfx_lock_acquire+0x10/0x10 [ 71.515614] ? write_comp_data+0x2f/0x90 [ 71.515927] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.516297] ? write_comp_data+0x2f/0x90 [ 71.516615] iommufd_fops_ioctl+0x37d/0x510 [ 71.516946] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.517317] ? write_comp_data+0x2f/0x90 [ 71.517631] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.517999] __x64_sys_ioctl+0x1a3/0x230 [ 71.518313] do_syscall_64+0x3b/0x90 [ 71.518619] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.519016] RIP: 0033:0x7f4b8743ee5d [ 71.519305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.520665] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.521242] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.521784] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.522317] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.522870] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.523407] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.523949] [ 71.524126] irq event stamp: 0 [ 71.524363] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.524835] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.525459] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.526080] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.526565] ---[ end trace 0000000000000000 ]--- [ 71.529199] ------------[ cut here ]------------ [ 71.529568] WARNING: CPU: 1 PID: 583 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.530314] Modules linked in: [ 71.530582] CPU: 1 PID: 583 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.531233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.532054] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.532421] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.533749] RSP: 0018:ffff888018b2fbd0 EFLAGS: 00010246 [ 71.534137] RAX: 0000000000000000 RBX: ffff88801438b0a8 RCX: 0000000000000000 [ 71.534671] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 71.535205] RBP: ffff888018b2fbe8 R08: ffffed1002871633 R09: ffffed1002871633 [ 71.535725] R10: ffff88801438b193 R11: ffffed1002871632 R12: ffff8880137fc400 [ 71.536244] R13: ffff88801438b1e8 R14: ffff88801402dd00 R15: 0000000000000000 [ 71.536765] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.537350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.537777] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.538298] PKRU: 55555554 [ 71.538524] Call Trace: [ 71.538713] [ 71.538880] iommufd_access_destroy_object+0x65/0x170 [ 71.539271] iommufd_object_destroy_user+0x18e/0x220 [ 71.539648] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.540080] iommufd_access_destroy+0x43/0x70 [ 71.540419] iommufd_test_staccess_release+0x8d/0xd0 [ 71.540801] __fput+0x26d/0xa40 [ 71.541059] ____fput+0x1e/0x30 [ 71.541311] task_work_run+0x1a4/0x2d0 [ 71.541606] ? __pfx_task_work_run+0x10/0x10 [ 71.541935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.542300] ? switch_task_namespaces+0xa9/0xe0 [ 71.542669] do_exit+0xb17/0x2ef0 [ 71.542931] ? lock_acquire+0x427/0x4c0 [ 71.543243] ? __pfx_lock_release+0x10/0x10 [ 71.543570] ? __kasan_check_write+0x18/0x20 [ 71.543898] ? do_raw_spin_lock+0x132/0x2a0 [ 71.544217] ? __pfx_do_exit+0x10/0x10 [ 71.544512] ? debug_smp_processor_id+0x20/0x30 [ 71.544863] ? rcu_is_watching+0x19/0xb0 [ 71.545163] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.545503] ? trace_hardirqs_on+0x26/0x120 [ 71.545825] do_group_exit+0xe0/0x2b0 [ 71.546105] __x64_sys_exit_group+0x47/0x50 [ 71.546421] do_syscall_64+0x3b/0x90 [ 71.546724] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.547122] RIP: 0033:0x7f4b87518a4d [ 71.547397] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.547852] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.548410] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.548930] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.549452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.549973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.550490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.551041] [ 71.551223] irq event stamp: 0 [ 71.551459] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.551911] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.552510] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.553105] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.553551] ---[ end trace 0000000000000000 ]--- [ 71.554183] ------------[ cut here ]------------ [ 71.554538] WARNING: CPU: 1 PID: 583 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.555266] Modules linked in: [ 71.555499] CPU: 1 PID: 583 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.556122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.556924] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.557295] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.558624] RSP: 0018:ffff888018b2fb78 EFLAGS: 00010246 [ 71.559008] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.559520] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 71.560030] RBP: ffff888018b2fb98 R08: ffffed100287163e R09: ffffed100287163e [ 71.560538] R10: ffff88801438b1ef R11: ffffed100287163d R12: ffff88801438b290 [ 71.561049] R13: ffff88801438b0a8 R14: ffffffffffffffff R15: ffff888018b2fc60 [ 71.561556] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 71.562131] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.562564] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 71.563078] PKRU: 55555554 [ 71.563292] Call Trace: [ 71.563478] [ 71.563641] iommufd_ioas_destroy+0x53/0x70 [ 71.563964] iommufd_fops_release+0x1f7/0x370 [ 71.564295] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.564658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.565019] ? write_comp_data+0x2f/0x90 [ 71.565321] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.565688] __fput+0x26d/0xa40 [ 71.565941] ____fput+0x1e/0x30 [ 71.566187] task_work_run+0x1a4/0x2d0 [ 71.566475] ? __pfx_task_work_run+0x10/0x10 [ 71.566816] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.567186] ? switch_task_namespaces+0xa9/0xe0 [ 71.567534] do_exit+0xb17/0x2ef0 [ 71.567790] ? lock_acquire+0x427/0x4c0 [ 71.568087] ? __pfx_lock_release+0x10/0x10 [ 71.568405] ? __kasan_check_write+0x18/0x20 [ 71.568728] ? do_raw_spin_lock+0x132/0x2a0 [ 71.569042] ? __pfx_do_exit+0x10/0x10 [ 71.569332] ? debug_smp_processor_id+0x20/0x30 [ 71.569669] ? rcu_is_watching+0x19/0xb0 [ 71.569964] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.570295] ? trace_hardirqs_on+0x26/0x120 [ 71.570631] do_group_exit+0xe0/0x2b0 [ 71.570911] __x64_sys_exit_group+0x47/0x50 [ 71.571230] do_syscall_64+0x3b/0x90 [ 71.571509] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.571894] RIP: 0033:0x7f4b87518a4d [ 71.572162] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.572601] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.573146] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.573660] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.574173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.574701] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.575221] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.575746] [ 71.575916] irq event stamp: 0 [ 71.576144] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.576597] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.577202] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.577802] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.578254] ---[ end trace 0000000000000000 ]--- [ 71.583077] ------------[ cut here ]------------ [ 71.583496] WARNING: CPU: 0 PID: 584 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.584219] Modules linked in: [ 71.584450] CPU: 0 PID: 584 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.585069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.585870] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.586229] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.587789] RSP: 0018:ffff88800f63fbb8 EFLAGS: 00010246 [ 71.588175] RAX: 0000000000000000 RBX: ffff8880171bd0a8 RCX: 0000000000000000 [ 71.588684] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 71.589190] RBP: ffff88800f63fbd0 R08: ffffed1002e37a33 R09: ffffed1002e37a33 [ 71.589698] R10: ffff8880171bd193 R11: ffffed1002e37a32 R12: ffff88801419b000 [ 71.590208] R13: ffff8880171bd1e8 R14: ffffffff8352e670 R15: ffff88800f63fe68 [ 71.590730] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.591315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.591734] CR2: 0000000020000140 CR3: 0000000016e46000 CR4: 0000000000750ef0 [ 71.592245] PKRU: 55555554 [ 71.592451] Call Trace: [ 71.592634] [ 71.592797] __iommufd_access_detach+0x1c2/0x2b0 [ 71.593149] iommufd_access_change_pt+0x149/0x270 [ 71.593505] iommufd_access_replace+0xb4/0x120 [ 71.593845] iommufd_test+0x3e5/0x37e0 [ 71.594126] ? lock_release+0x532/0x770 [ 71.594423] ? __might_fault+0x102/0x1b0 [ 71.594737] ? lock_acquire+0x427/0x4c0 [ 71.595038] ? __pfx_iommufd_test+0x10/0x10 [ 71.595354] ? __pfx_lock_release+0x10/0x10 [ 71.595674] ? __pfx_lock_acquire+0x10/0x10 [ 71.595997] ? write_comp_data+0x2f/0x90 [ 71.596301] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.596659] ? write_comp_data+0x2f/0x90 [ 71.596973] iommufd_fops_ioctl+0x37d/0x510 [ 71.597290] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.597650] ? write_comp_data+0x2f/0x90 [ 71.597953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.598304] __x64_sys_ioctl+0x1a3/0x230 [ 71.598626] do_syscall_64+0x3b/0x90 [ 71.598913] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.599375] RIP: 0033:0x7f4b8743ee5d [ 71.599974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.601286] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.601832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.602344] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.602885] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.603410] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.603924] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.604446] [ 71.604615] irq event stamp: 0 [ 71.604848] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.605306] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.605915] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.606538] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.606998] ---[ end trace 0000000000000000 ]--- [ 71.610094] ------------[ cut here ]------------ [ 71.610590] WARNING: CPU: 0 PID: 584 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.611442] Modules linked in: [ 71.611677] CPU: 0 PID: 584 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.612448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.613358] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.613796] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.615243] RSP: 0018:ffff88800f63fbd0 EFLAGS: 00010246 [ 71.615628] RAX: 0000000000000000 RBX: ffff8880171bd0a8 RCX: 0000000000000000 [ 71.616280] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 71.616828] RBP: ffff88800f63fbe8 R08: ffffed1002e37a33 R09: ffffed1002e37a33 [ 71.617405] R10: ffff8880171bd193 R11: ffffed1002e37a32 R12: ffff88801422d800 [ 71.618036] R13: ffff8880171bd1e8 R14: ffff888012b36800 R15: 0000000000000000 [ 71.618559] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.619196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.619681] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 71.620245] PKRU: 55555554 [ 71.620552] Call Trace: [ 71.620742] [ 71.620909] iommufd_access_destroy_object+0x65/0x170 [ 71.621341] iommufd_object_destroy_user+0x18e/0x220 [ 71.621824] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.622303] iommufd_access_destroy+0x43/0x70 [ 71.622703] iommufd_test_staccess_release+0x8d/0xd0 [ 71.623087] __fput+0x26d/0xa40 [ 71.623347] ____fput+0x1e/0x30 [ 71.623596] task_work_run+0x1a4/0x2d0 [ 71.623945] ? __pfx_task_work_run+0x10/0x10 [ 71.624347] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.624715] ? switch_task_namespaces+0xa9/0xe0 [ 71.625185] do_exit+0xb17/0x2ef0 [ 71.625446] ? lock_acquire+0x427/0x4c0 [ 71.625746] ? __pfx_lock_release+0x10/0x10 [ 71.626185] ? __kasan_check_write+0x18/0x20 [ 71.626537] ? do_raw_spin_lock+0x132/0x2a0 [ 71.626859] ? __pfx_do_exit+0x10/0x10 [ 71.627167] ? debug_smp_processor_id+0x20/0x30 [ 71.627652] ? rcu_is_watching+0x19/0xb0 [ 71.627960] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.628297] ? trace_hardirqs_on+0x26/0x120 [ 71.628746] do_group_exit+0xe0/0x2b0 [ 71.629030] __x64_sys_exit_group+0x47/0x50 [ 71.629349] do_syscall_64+0x3b/0x90 [ 71.629768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.630166] RIP: 0033:0x7f4b87518a4d [ 71.630449] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.631050] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.631635] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.632204] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.632850] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.633443] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.634088] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.634800] [ 71.634982] irq event stamp: 0 [ 71.635231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.635715] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.636357] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.636996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.637478] ---[ end trace 0000000000000000 ]--- [ 71.638454] ------------[ cut here ]------------ [ 71.638852] WARNING: CPU: 0 PID: 584 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.639798] Modules linked in: [ 71.640047] CPU: 0 PID: 584 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.640853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.641709] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.642102] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.643572] RSP: 0018:ffff88800f63fb78 EFLAGS: 00010246 [ 71.644228] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.644805] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 71.645594] RBP: ffff88800f63fb98 R08: ffffed1002e37a3e R09: ffffed1002e37a3e [ 71.646172] R10: ffff8880171bd1ef R11: ffffed1002e37a3d R12: ffff8880171bd290 [ 71.646937] R13: ffff8880171bd0a8 R14: ffffffffffffffff R15: ffff88800f63fc60 [ 71.647529] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.648235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.648829] CR2: 00007f4b875fca50 CR3: 0000000013bd2000 CR4: 0000000000750ef0 [ 71.649474] PKRU: 55555554 [ 71.649809] Call Trace: [ 71.650020] [ 71.650204] iommufd_ioas_destroy+0x53/0x70 [ 71.650650] iommufd_fops_release+0x1f7/0x370 [ 71.651134] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.651545] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.651973] ? write_comp_data+0x2f/0x90 [ 71.652440] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.652855] __fput+0x26d/0xa40 [ 71.653196] ____fput+0x1e/0x30 [ 71.653583] task_work_run+0x1a4/0x2d0 [ 71.653918] ? __pfx_task_work_run+0x10/0x10 [ 71.654310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.654851] ? switch_task_namespaces+0xa9/0xe0 [ 71.655264] do_exit+0xb17/0x2ef0 [ 71.655552] ? lock_acquire+0x427/0x4c0 [ 71.655910] ? __pfx_lock_release+0x10/0x10 [ 71.656418] ? __kasan_check_write+0x18/0x20 [ 71.656782] ? do_raw_spin_lock+0x132/0x2a0 [ 71.657175] ? __pfx_do_exit+0x10/0x10 [ 71.657604] ? debug_smp_processor_id+0x20/0x30 [ 71.658004] ? rcu_is_watching+0x19/0xb0 [ 71.658420] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.658939] ? trace_hardirqs_on+0x26/0x120 [ 71.659327] do_group_exit+0xe0/0x2b0 [ 71.659659] __x64_sys_exit_group+0x47/0x50 [ 71.660045] do_syscall_64+0x3b/0x90 [ 71.660527] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.660972] RIP: 0033:0x7f4b87518a4d [ 71.661359] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.661998] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.662875] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.663506] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.664192] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.664928] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.665727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.666343] [ 71.666600] irq event stamp: 0 [ 71.667012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.667573] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.668376] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.669173] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.669893] ---[ end trace 0000000000000000 ]--- [ 71.674388] ------------[ cut here ]------------ [ 71.675002] WARNING: CPU: 0 PID: 585 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.675880] Modules linked in: [ 71.676156] CPU: 0 PID: 585 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.676897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.677906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.678342] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.679981] RSP: 0018:ffff888021b3fbb8 EFLAGS: 00010246 [ 71.680447] RAX: 0000000000000000 RBX: ffff88801617c0a8 RCX: 0000000000000000 [ 71.681054] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 71.681663] RBP: ffff888021b3fbd0 R08: ffffed1002c2f833 R09: ffffed1002c2f833 [ 71.682267] R10: ffff88801617c193 R11: ffffed1002c2f832 R12: ffff888012e97800 [ 71.682898] R13: ffff88801617c1e8 R14: ffffffff8352e670 R15: ffff888021b3fe68 [ 71.683524] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.684216] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.684716] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ef0 [ 71.685329] PKRU: 55555554 [ 71.685574] Call Trace: [ 71.685796] [ 71.685994] __iommufd_access_detach+0x1c2/0x2b0 [ 71.686421] iommufd_access_change_pt+0x149/0x270 [ 71.686871] iommufd_access_replace+0xb4/0x120 [ 71.687290] iommufd_test+0x3e5/0x37e0 [ 71.687630] ? lock_release+0x532/0x770 [ 71.687986] ? __might_fault+0x102/0x1b0 [ 71.688343] ? lock_acquire+0x427/0x4c0 [ 71.688696] ? __pfx_iommufd_test+0x10/0x10 [ 71.689067] ? __pfx_lock_release+0x10/0x10 [ 71.689447] ? __pfx_lock_acquire+0x10/0x10 [ 71.689828] ? write_comp_data+0x2f/0x90 [ 71.690187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.690633] ? write_comp_data+0x2f/0x90 [ 71.690999] iommufd_fops_ioctl+0x37d/0x510 [ 71.691390] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.691814] ? write_comp_data+0x2f/0x90 [ 71.692170] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.692591] __x64_sys_ioctl+0x1a3/0x230 [ 71.692951] do_syscall_64+0x3b/0x90 [ 71.693280] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.693732] RIP: 0033:0x7f4b8743ee5d [ 71.694051] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.695644] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.696303] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.696911] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.697515] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.698121] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.698752] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.699383] [ 71.699585] irq event stamp: 0 [ 71.699855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.700397] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.701113] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.701831] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.702372] ---[ end trace 0000000000000000 ]--- [ 71.705282] ------------[ cut here ]------------ [ 71.705726] WARNING: CPU: 0 PID: 585 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.706619] Modules linked in: [ 71.706899] CPU: 0 PID: 585 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.707653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.708612] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.709088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.710665] RSP: 0018:ffff888021b3fbd0 EFLAGS: 00010246 [ 71.711140] RAX: 0000000000000000 RBX: ffff88801617c0a8 RCX: 0000000000000000 [ 71.711744] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 71.712351] RBP: ffff888021b3fbe8 R08: ffffed1002c2f833 R09: ffffed1002c2f833 [ 71.712964] R10: ffff88801617c193 R11: ffffed1002c2f832 R12: ffff88801419bc00 [ 71.713576] R13: ffff88801617c1e8 R14: ffff88800b874200 R15: 0000000000000000 [ 71.714189] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.714914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.715428] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 71.716043] PKRU: 55555554 [ 71.716286] Call Trace: [ 71.716505] [ 71.716703] iommufd_access_destroy_object+0x65/0x170 [ 71.717156] iommufd_object_destroy_user+0x18e/0x220 [ 71.717599] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.718103] iommufd_access_destroy+0x43/0x70 [ 71.718524] iommufd_test_staccess_release+0x8d/0xd0 [ 71.718980] __fput+0x26d/0xa40 [ 71.719288] ____fput+0x1e/0x30 [ 71.719580] task_work_run+0x1a4/0x2d0 [ 71.719922] ? __pfx_task_work_run+0x10/0x10 [ 71.720309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.720743] ? switch_task_namespaces+0xa9/0xe0 [ 71.721153] do_exit+0xb17/0x2ef0 [ 71.721457] ? lock_acquire+0x427/0x4c0 [ 71.721807] ? __pfx_lock_release+0x10/0x10 [ 71.722183] ? __kasan_check_write+0x18/0x20 [ 71.722590] ? do_raw_spin_lock+0x132/0x2a0 [ 71.722969] ? __pfx_do_exit+0x10/0x10 [ 71.723337] ? debug_smp_processor_id+0x20/0x30 [ 71.723742] ? rcu_is_watching+0x19/0xb0 [ 71.724094] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.724487] ? trace_hardirqs_on+0x26/0x120 [ 71.724866] do_group_exit+0xe0/0x2b0 [ 71.725196] __x64_sys_exit_group+0x47/0x50 [ 71.725565] do_syscall_64+0x3b/0x90 [ 71.725894] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.726351] RIP: 0033:0x7f4b87518a4d [ 71.726702] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.727255] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.727910] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.728522] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.729133] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.729744] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.730358] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.731004] [ 71.731222] irq event stamp: 0 [ 71.731497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.732043] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.732765] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.733483] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.734020] ---[ end trace 0000000000000000 ]--- [ 71.734798] ------------[ cut here ]------------ [ 71.735222] WARNING: CPU: 0 PID: 585 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.736084] Modules linked in: [ 71.736357] CPU: 0 PID: 585 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.737094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.738063] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.738734] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.740305] RSP: 0018:ffff888021b3fb78 EFLAGS: 00010246 [ 71.740765] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.741404] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 71.742008] RBP: ffff888021b3fb98 R08: ffffed1002c2f83e R09: ffffed1002c2f83e [ 71.742631] R10: ffff88801617c1ef R11: ffffed1002c2f83d R12: ffff88801617c290 [ 71.743244] R13: ffff88801617c0a8 R14: ffffffffffffffff R15: ffff888021b3fc60 [ 71.743848] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.744526] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.745026] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 71.745636] PKRU: 55555554 [ 71.745877] Call Trace: [ 71.746098] [ 71.746296] iommufd_ioas_destroy+0x53/0x70 [ 71.746698] iommufd_fops_release+0x1f7/0x370 [ 71.747097] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.747558] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.747982] ? write_comp_data+0x2f/0x90 [ 71.748349] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.748779] __fput+0x26d/0xa40 [ 71.749078] ____fput+0x1e/0x30 [ 71.749373] task_work_run+0x1a4/0x2d0 [ 71.749730] ? __pfx_task_work_run+0x10/0x10 [ 71.750129] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.750600] ? switch_task_namespaces+0xa9/0xe0 [ 71.751142] do_exit+0xb17/0x2ef0 [ 71.751450] ? lock_acquire+0x427/0x4c0 [ 71.751814] ? __pfx_lock_release+0x10/0x10 [ 71.752191] ? __kasan_check_write+0x18/0x20 [ 71.752573] ? do_raw_spin_lock+0x132/0x2a0 [ 71.752958] ? __pfx_do_exit+0x10/0x10 [ 71.753306] ? debug_smp_processor_id+0x20/0x30 [ 71.753719] ? rcu_is_watching+0x19/0xb0 [ 71.754075] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.754472] ? trace_hardirqs_on+0x26/0x120 [ 71.754895] do_group_exit+0xe0/0x2b0 [ 71.755296] __x64_sys_exit_group+0x47/0x50 [ 71.755672] do_syscall_64+0x3b/0x90 [ 71.756005] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.756457] RIP: 0033:0x7f4b87518a4d [ 71.756774] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.757300] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.757948] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.758604] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.759232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.759841] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.760453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.761075] [ 71.761275] irq event stamp: 0 [ 71.761544] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.762082] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.762813] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.763542] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.764084] ---[ end trace 0000000000000000 ]--- [ 71.768392] ------------[ cut here ]------------ [ 71.768828] WARNING: CPU: 0 PID: 586 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.769677] Modules linked in: [ 71.769950] CPU: 0 PID: 586 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.770728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.771746] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.772192] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.773874] RSP: 0018:ffff888021be7bb8 EFLAGS: 00010246 [ 71.774357] RAX: 0000000000000000 RBX: ffff8880179b08a8 RCX: 0000000000000000 [ 71.775017] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 71.775668] RBP: ffff888021be7bd0 R08: ffffed1002f36133 R09: ffffed1002f36133 [ 71.776310] R10: ffff8880179b0993 R11: ffffed1002f36132 R12: ffff888013b0a800 [ 71.776947] R13: ffff8880179b09e8 R14: ffffffff8352e670 R15: ffff888021be7e68 [ 71.777587] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.778305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.778852] CR2: 0000000020000140 CR3: 0000000012254000 CR4: 0000000000750ef0 [ 71.779515] PKRU: 55555554 [ 71.779771] Call Trace: [ 71.780001] [ 71.780204] __iommufd_access_detach+0x1c2/0x2b0 [ 71.780652] iommufd_access_change_pt+0x149/0x270 [ 71.781106] iommufd_access_replace+0xb4/0x120 [ 71.781532] iommufd_test+0x3e5/0x37e0 [ 71.781890] ? lock_release+0x532/0x770 [ 71.782264] ? __might_fault+0x102/0x1b0 [ 71.782671] ? lock_acquire+0x427/0x4c0 [ 71.783046] ? __pfx_iommufd_test+0x10/0x10 [ 71.783454] ? __pfx_lock_release+0x10/0x10 [ 71.783853] ? __pfx_lock_acquire+0x10/0x10 [ 71.784250] ? write_comp_data+0x2f/0x90 [ 71.784630] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.785075] ? write_comp_data+0x2f/0x90 [ 71.785452] iommufd_fops_ioctl+0x37d/0x510 [ 71.785845] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.786293] ? write_comp_data+0x2f/0x90 [ 71.786692] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.787151] __x64_sys_ioctl+0x1a3/0x230 [ 71.787538] do_syscall_64+0x3b/0x90 [ 71.787891] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.788367] RIP: 0033:0x7f4b8743ee5d [ 71.788706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.790353] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.791094] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.791788] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.792458] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.793122] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.793792] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.794476] [ 71.794725] irq event stamp: 0 [ 71.795025] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.795622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.796408] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.797192] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.797783] ---[ end trace 0000000000000000 ]--- [ 71.800964] ------------[ cut here ]------------ [ 71.801451] WARNING: CPU: 0 PID: 586 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.802383] Modules linked in: [ 71.802715] CPU: 0 PID: 586 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.803527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.804588] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.805120] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.806864] RSP: 0018:ffff888021be7bd0 EFLAGS: 00010246 [ 71.807389] RAX: 0000000000000000 RBX: ffff8880179b08a8 RCX: 0000000000000000 [ 71.808053] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 71.808726] RBP: ffff888021be7be8 R08: ffffed1002f36133 R09: ffffed1002f36133 [ 71.809392] R10: ffff8880179b0993 R11: ffffed1002f36132 R12: ffff888012e95c00 [ 71.810063] R13: ffff8880179b09e8 R14: ffff88801022f400 R15: 0000000000000000 [ 71.810757] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.811533] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.812077] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 71.812776] PKRU: 55555554 [ 71.813065] Call Trace: [ 71.813325] [ 71.813554] iommufd_access_destroy_object+0x65/0x170 [ 71.814086] iommufd_object_destroy_user+0x18e/0x220 [ 71.814628] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.815237] iommufd_access_destroy+0x43/0x70 [ 71.815706] iommufd_test_staccess_release+0x8d/0xd0 [ 71.816234] __fput+0x26d/0xa40 [ 71.816584] ____fput+0x1e/0x30 [ 71.816930] task_work_run+0x1a4/0x2d0 [ 71.817334] ? __pfx_task_work_run+0x10/0x10 [ 71.817790] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.818296] ? switch_task_namespaces+0xa9/0xe0 [ 71.818826] do_exit+0xb17/0x2ef0 [ 71.819196] ? lock_acquire+0x427/0x4c0 [ 71.819609] ? __pfx_lock_release+0x10/0x10 [ 71.820057] ? __kasan_check_write+0x18/0x20 [ 71.820507] ? do_raw_spin_lock+0x132/0x2a0 [ 71.820947] ? __pfx_do_exit+0x10/0x10 [ 71.821347] ? debug_smp_processor_id+0x20/0x30 [ 71.821825] ? rcu_is_watching+0x19/0xb0 [ 71.822242] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.822728] ? trace_hardirqs_on+0x26/0x120 [ 71.823199] do_group_exit+0xe0/0x2b0 [ 71.823589] __x64_sys_exit_group+0x47/0x50 [ 71.824024] do_syscall_64+0x3b/0x90 [ 71.824407] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.824949] RIP: 0033:0x7f4b87518a4d [ 71.825329] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.825956] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.826750] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.827486] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.828201] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.828926] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.829648] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.830375] [ 71.830648] irq event stamp: 0 [ 71.830973] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.831632] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.832486] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.833323] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.833962] ---[ end trace 0000000000000000 ]--- [ 71.834856] ------------[ cut here ]------------ [ 71.835357] WARNING: CPU: 0 PID: 586 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.836380] Modules linked in: [ 71.836712] CPU: 0 PID: 586 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.837638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.838851] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.839386] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.841247] RSP: 0018:ffff888021be7b78 EFLAGS: 00010246 [ 71.841787] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.842527] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 71.843261] RBP: ffff888021be7b98 R08: ffffed1002f3613e R09: ffffed1002f3613e [ 71.843983] R10: ffff8880179b09ef R11: ffffed1002f3613d R12: ffff8880179b0a90 [ 71.844705] R13: ffff8880179b08a8 R14: ffffffffffffffff R15: ffff888021be7c60 [ 71.845425] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.846232] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.846832] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 71.847570] PKRU: 55555554 [ 71.847857] Call Trace: [ 71.848119] [ 71.848347] iommufd_ioas_destroy+0x53/0x70 [ 71.848793] iommufd_fops_release+0x1f7/0x370 [ 71.849256] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.849767] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.850268] ? write_comp_data+0x2f/0x90 [ 71.850705] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.851232] __fput+0x26d/0xa40 [ 71.851593] ____fput+0x1e/0x30 [ 71.851948] task_work_run+0x1a4/0x2d0 [ 71.852398] ? __pfx_task_work_run+0x10/0x10 [ 71.853003] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.853754] ? switch_task_namespaces+0xa9/0xe0 [ 71.854255] do_exit+0xb17/0x2ef0 [ 71.854648] ? lock_acquire+0x427/0x4c0 [ 71.855069] ? __pfx_lock_release+0x10/0x10 [ 71.855550] ? __kasan_check_write+0x18/0x20 [ 71.856102] ? do_raw_spin_lock+0x132/0x2a0 [ 71.856687] ? __pfx_do_exit+0x10/0x10 [ 71.857270] ? debug_smp_processor_id+0x20/0x30 [ 71.857754] ? rcu_is_watching+0x19/0xb0 [ 71.858168] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.858655] ? trace_hardirqs_on+0x26/0x120 [ 71.859105] do_group_exit+0xe0/0x2b0 [ 71.859660] __x64_sys_exit_group+0x47/0x50 [ 71.860279] do_syscall_64+0x3b/0x90 [ 71.860678] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.861210] RIP: 0033:0x7f4b87518a4d [ 71.861588] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.862205] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.862997] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.863713] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.864520] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.865550] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.866265] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.867008] [ 71.867246] irq event stamp: 0 [ 71.867563] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.868203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.869456] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.870285] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.870887] ---[ end trace 0000000000000000 ]--- [ 71.877603] ------------[ cut here ]------------ [ 71.878071] WARNING: CPU: 0 PID: 587 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.879287] Modules linked in: [ 71.879589] CPU: 0 PID: 587 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.880387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.881426] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.881890] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.883605] RSP: 0018:ffff888023c1fbb8 EFLAGS: 00010246 [ 71.884105] RAX: 0000000000000000 RBX: ffff88800f6380a8 RCX: 0000000000000000 [ 71.884769] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 71.885428] RBP: ffff888023c1fbd0 R08: ffffed1001ec7033 R09: ffffed1001ec7033 [ 71.886086] R10: ffff88800f638193 R11: ffffed1001ec7032 R12: ffff888016170800 [ 71.886763] R13: ffff88800f6381e8 R14: ffffffff8352e670 R15: ffff888023c1fe68 [ 71.887447] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.888196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.888729] CR2: 0000000020000140 CR3: 0000000018432000 CR4: 0000000000750ef0 [ 71.889385] PKRU: 55555554 [ 71.889637] Call Trace: [ 71.889865] [ 71.890068] __iommufd_access_detach+0x1c2/0x2b0 [ 71.890529] iommufd_access_change_pt+0x149/0x270 [ 71.890975] iommufd_access_replace+0xb4/0x120 [ 71.891412] iommufd_test+0x3e5/0x37e0 [ 71.891764] ? lock_release+0x532/0x770 [ 71.892133] ? __might_fault+0x102/0x1b0 [ 71.892508] ? lock_acquire+0x427/0x4c0 [ 71.892874] ? __pfx_iommufd_test+0x10/0x10 [ 71.893265] ? __pfx_lock_release+0x10/0x10 [ 71.893669] ? __pfx_lock_acquire+0x10/0x10 [ 71.894066] ? write_comp_data+0x2f/0x90 [ 71.894434] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.894878] ? write_comp_data+0x2f/0x90 [ 71.895244] iommufd_fops_ioctl+0x37d/0x510 [ 71.895622] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.896042] ? write_comp_data+0x2f/0x90 [ 71.896396] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.896810] __x64_sys_ioctl+0x1a3/0x230 [ 71.897168] do_syscall_64+0x3b/0x90 [ 71.897496] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.897946] RIP: 0033:0x7f4b8743ee5d [ 71.898264] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.899831] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.900487] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.901139] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.901737] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.902338] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.902963] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.903586] [ 71.903786] irq event stamp: 0 [ 71.904056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.904590] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.905299] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.906014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.906567] ---[ end trace 0000000000000000 ]--- [ 71.909710] ------------[ cut here ]------------ [ 71.910332] WARNING: CPU: 0 PID: 587 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.911241] Modules linked in: [ 71.911655] CPU: 0 PID: 587 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.912392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.913535] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.913960] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.915751] RSP: 0018:ffff888023c1fbd0 EFLAGS: 00010246 [ 71.916383] RAX: 0000000000000000 RBX: ffff88800f6380a8 RCX: 0000000000000000 [ 71.916980] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 71.917768] RBP: ffff888023c1fbe8 R08: ffffed1001ec7033 R09: ffffed1001ec7033 [ 71.918366] R10: ffff88800f638193 R11: ffffed1001ec7032 R12: ffff888013b0bc00 [ 71.919161] R13: ffff88800f6381e8 R14: ffff8880208fe100 R15: 0000000000000000 [ 71.919768] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.920629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.921132] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 71.921892] PKRU: 55555554 [ 71.922138] Call Trace: [ 71.922385] [ 71.922736] iommufd_access_destroy_object+0x65/0x170 [ 71.923204] iommufd_object_destroy_user+0x18e/0x220 [ 71.923640] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 71.924330] iommufd_access_destroy+0x43/0x70 [ 71.924722] iommufd_test_staccess_release+0x8d/0xd0 [ 71.925235] __fput+0x26d/0xa40 [ 71.925638] ____fput+0x1e/0x30 [ 71.925934] task_work_run+0x1a4/0x2d0 [ 71.926276] ? __pfx_task_work_run+0x10/0x10 [ 71.926831] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.927265] ? switch_task_namespaces+0xa9/0xe0 [ 71.927677] do_exit+0xb17/0x2ef0 [ 71.928008] ? lock_acquire+0x427/0x4c0 [ 71.928483] ? __pfx_lock_release+0x10/0x10 [ 71.928862] ? __kasan_check_write+0x18/0x20 [ 71.929317] ? do_raw_spin_lock+0x132/0x2a0 [ 71.929794] ? __pfx_do_exit+0x10/0x10 [ 71.930135] ? debug_smp_processor_id+0x20/0x30 [ 71.930737] ? rcu_is_watching+0x19/0xb0 [ 71.931089] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.931487] ? trace_hardirqs_on+0x26/0x120 [ 71.931874] do_group_exit+0xe0/0x2b0 [ 71.932354] __x64_sys_exit_group+0x47/0x50 [ 71.932709] do_syscall_64+0x3b/0x90 [ 71.933093] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.933646] RIP: 0033:0x7f4b87518a4d [ 71.933946] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.934627] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.935251] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.935889] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.936562] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.937293] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.937864] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.938614] [ 71.938804] irq event stamp: 0 [ 71.939056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.939590] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.940359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.941162] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.941684] ---[ end trace 0000000000000000 ]--- [ 71.942498] ------------[ cut here ]------------ [ 71.942901] WARNING: CPU: 0 PID: 587 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 71.943878] Modules linked in: [ 71.944150] CPU: 0 PID: 587 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.944969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.946020] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 71.946481] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 71.948070] RSP: 0018:ffff888023c1fb78 EFLAGS: 00010246 [ 71.948553] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 71.949224] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 71.949945] RBP: ffff888023c1fb98 R08: ffffed1001ec703e R09: ffffed1001ec703e [ 71.950529] R10: ffff88800f6381ef R11: ffffed1001ec703d R12: ffff88800f638290 [ 71.951268] R13: ffff88800f6380a8 R14: ffffffffffffffff R15: ffff888023c1fc60 [ 71.951839] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.952651] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.953115] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 71.953855] PKRU: 55555554 [ 71.954084] Call Trace: [ 71.954310] [ 71.954635] iommufd_ioas_destroy+0x53/0x70 [ 71.954991] iommufd_fops_release+0x1f7/0x370 [ 71.955361] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.955764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.956162] ? write_comp_data+0x2f/0x90 [ 71.956498] ? __pfx_iommufd_fops_release+0x10/0x10 [ 71.956906] __fput+0x26d/0xa40 [ 71.957188] ____fput+0x1e/0x30 [ 71.957461] task_work_run+0x1a4/0x2d0 [ 71.957783] ? __pfx_task_work_run+0x10/0x10 [ 71.958143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.958551] ? switch_task_namespaces+0xa9/0xe0 [ 71.958936] do_exit+0xb17/0x2ef0 [ 71.959236] ? lock_acquire+0x427/0x4c0 [ 71.959567] ? __pfx_lock_release+0x10/0x10 [ 71.959921] ? __kasan_check_write+0x18/0x20 [ 71.960280] ? do_raw_spin_lock+0x132/0x2a0 [ 71.960629] ? __pfx_do_exit+0x10/0x10 [ 71.960950] ? debug_smp_processor_id+0x20/0x30 [ 71.961330] ? rcu_is_watching+0x19/0xb0 [ 71.961659] ? _raw_spin_unlock_irq+0x2b/0x60 [ 71.962034] ? trace_hardirqs_on+0x26/0x120 [ 71.962388] do_group_exit+0xe0/0x2b0 [ 71.962709] __x64_sys_exit_group+0x47/0x50 [ 71.963059] do_syscall_64+0x3b/0x90 [ 71.963379] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.963808] RIP: 0033:0x7f4b87518a4d [ 71.964110] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 71.964606] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 71.965246] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 71.965799] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 71.966366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 71.966932] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 71.967493] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 71.968054] [ 71.968237] irq event stamp: 0 [ 71.968485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.968974] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.969611] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.970245] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 71.970743] ---[ end trace 0000000000000000 ]--- [ 71.975304] ------------[ cut here ]------------ [ 71.975690] WARNING: CPU: 0 PID: 588 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 71.976453] Modules linked in: [ 71.976699] CPU: 0 PID: 588 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 71.977354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 71.978204] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 71.978758] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 71.980146] RSP: 0018:ffff888023ed7bb8 EFLAGS: 00010246 [ 71.980550] RAX: 0000000000000000 RBX: ffff8880105780a8 RCX: 0000000000000000 [ 71.981087] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 71.981627] RBP: ffff888023ed7bd0 R08: ffffed10020af033 R09: ffffed10020af033 [ 71.982165] R10: ffff888010578193 R11: ffffed10020af032 R12: ffff888016637800 [ 71.982725] R13: ffff8880105781e8 R14: ffffffff8352e670 R15: ffff888023ed7e68 [ 71.983292] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 71.983906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.984345] CR2: 0000000020000140 CR3: 00000000182e0000 CR4: 0000000000750ef0 [ 71.984886] PKRU: 55555554 [ 71.985107] Call Trace: [ 71.985303] [ 71.985474] __iommufd_access_detach+0x1c2/0x2b0 [ 71.985852] iommufd_access_change_pt+0x149/0x270 [ 71.986229] iommufd_access_replace+0xb4/0x120 [ 71.986685] iommufd_test+0x3e5/0x37e0 [ 71.986988] ? lock_release+0x532/0x770 [ 71.987319] ? __might_fault+0x102/0x1b0 [ 71.987639] ? lock_acquire+0x427/0x4c0 [ 71.987955] ? __pfx_iommufd_test+0x10/0x10 [ 71.988300] ? __pfx_lock_release+0x10/0x10 [ 71.988641] ? __pfx_lock_acquire+0x10/0x10 [ 71.988981] ? write_comp_data+0x2f/0x90 [ 71.989302] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 71.989679] ? write_comp_data+0x2f/0x90 [ 71.990001] iommufd_fops_ioctl+0x37d/0x510 [ 71.990336] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.990730] ? write_comp_data+0x2f/0x90 [ 71.991053] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 71.991432] __x64_sys_ioctl+0x1a3/0x230 [ 71.991756] do_syscall_64+0x3b/0x90 [ 71.992051] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 71.992454] RIP: 0033:0x7f4b8743ee5d [ 71.992741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 71.994120] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 71.994720] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 71.995262] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 71.995796] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 71.996326] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 71.996855] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 71.997428] [ 71.997604] irq event stamp: 0 [ 71.997843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 71.998314] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 71.998959] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 71.999590] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.000059] ---[ end trace 0000000000000000 ]--- [ 72.002739] ------------[ cut here ]------------ [ 72.003139] WARNING: CPU: 0 PID: 588 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.003886] Modules linked in: [ 72.004127] CPU: 0 PID: 588 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.004767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.005598] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.005968] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.007340] RSP: 0018:ffff888023ed7bd0 EFLAGS: 00010246 [ 72.007741] RAX: 0000000000000000 RBX: ffff8880105780a8 RCX: 0000000000000000 [ 72.008271] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 72.008797] RBP: ffff888023ed7be8 R08: ffffed10020af033 R09: ffffed10020af033 [ 72.009324] R10: ffff888010578193 R11: ffffed10020af032 R12: ffff888016172c00 [ 72.009850] R13: ffff8880105781e8 R14: ffff88802184b200 R15: 0000000000000000 [ 72.010380] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.010998] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.011438] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.011972] PKRU: 55555554 [ 72.012185] Call Trace: [ 72.012375] [ 72.012547] iommufd_access_destroy_object+0x65/0x170 [ 72.012939] iommufd_object_destroy_user+0x18e/0x220 [ 72.013325] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.013764] iommufd_access_destroy+0x43/0x70 [ 72.014110] iommufd_test_staccess_release+0x8d/0xd0 [ 72.014497] __fput+0x26d/0xa40 [ 72.014781] ____fput+0x1e/0x30 [ 72.015032] task_work_run+0x1a4/0x2d0 [ 72.015333] ? __pfx_task_work_run+0x10/0x10 [ 72.015664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.016028] ? switch_task_namespaces+0xa9/0xe0 [ 72.016384] do_exit+0xb17/0x2ef0 [ 72.016643] ? lock_acquire+0x427/0x4c0 [ 72.016946] ? __pfx_lock_release+0x10/0x10 [ 72.017269] ? __kasan_check_write+0x18/0x20 [ 72.017597] ? do_raw_spin_lock+0x132/0x2a0 [ 72.017915] ? __pfx_do_exit+0x10/0x10 [ 72.018208] ? debug_smp_processor_id+0x20/0x30 [ 72.018571] ? rcu_is_watching+0x19/0xb0 [ 72.018874] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.019219] ? trace_hardirqs_on+0x26/0x120 [ 72.019544] do_group_exit+0xe0/0x2b0 [ 72.019830] __x64_sys_exit_group+0x47/0x50 [ 72.020145] do_syscall_64+0x3b/0x90 [ 72.020430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.020828] RIP: 0033:0x7f4b87518a4d [ 72.021107] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.021561] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.022122] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.022661] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.023188] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.023707] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.024229] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.024759] [ 72.024933] irq event stamp: 0 [ 72.025166] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.025627] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.026237] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.026867] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.027335] ---[ end trace 0000000000000000 ]--- [ 72.027983] ------------[ cut here ]------------ [ 72.028327] WARNING: CPU: 0 PID: 588 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.029113] Modules linked in: [ 72.029349] CPU: 0 PID: 588 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.029986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.030821] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.031206] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.032535] RSP: 0018:ffff888023ed7b78 EFLAGS: 00010246 [ 72.032930] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.033450] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 72.033972] RBP: ffff888023ed7b98 R08: ffffed10020af03e R09: ffffed10020af03e [ 72.034489] R10: ffff8880105781ef R11: ffffed10020af03d R12: ffff888010578290 [ 72.035028] R13: ffff8880105780a8 R14: ffffffffffffffff R15: ffff888023ed7c60 [ 72.035558] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.036155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.036586] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.037117] PKRU: 55555554 [ 72.037330] Call Trace: [ 72.037519] [ 72.037687] iommufd_ioas_destroy+0x53/0x70 [ 72.038012] iommufd_fops_release+0x1f7/0x370 [ 72.038348] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.038733] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.039100] ? write_comp_data+0x2f/0x90 [ 72.039413] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.039781] __fput+0x26d/0xa40 [ 72.040039] ____fput+0x1e/0x30 [ 72.040293] task_work_run+0x1a4/0x2d0 [ 72.040587] ? __pfx_task_work_run+0x10/0x10 [ 72.040915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.041278] ? switch_task_namespaces+0xa9/0xe0 [ 72.041633] do_exit+0xb17/0x2ef0 [ 72.041900] ? lock_acquire+0x427/0x4c0 [ 72.042207] ? __pfx_lock_release+0x10/0x10 [ 72.042553] ? __kasan_check_write+0x18/0x20 [ 72.042882] ? do_raw_spin_lock+0x132/0x2a0 [ 72.043212] ? __pfx_do_exit+0x10/0x10 [ 72.043508] ? debug_smp_processor_id+0x20/0x30 [ 72.043856] ? rcu_is_watching+0x19/0xb0 [ 72.044155] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.044492] ? trace_hardirqs_on+0x26/0x120 [ 72.044810] do_group_exit+0xe0/0x2b0 [ 72.045085] __x64_sys_exit_group+0x47/0x50 [ 72.045396] do_syscall_64+0x3b/0x90 [ 72.045671] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.046050] RIP: 0033:0x7f4b87518a4d [ 72.046319] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.046773] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.047338] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.047851] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.048359] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.048867] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.049374] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.049890] [ 72.050060] irq event stamp: 0 [ 72.050286] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.050752] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.051358] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.051965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.052425] ---[ end trace 0000000000000000 ]--- [ 72.056494] ------------[ cut here ]------------ [ 72.056853] WARNING: CPU: 0 PID: 589 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.057570] Modules linked in: [ 72.057799] CPU: 0 PID: 589 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.058414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.059279] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.059637] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.060950] RSP: 0018:ffff888023f27bb8 EFLAGS: 00010246 [ 72.061363] RAX: 0000000000000000 RBX: ffff8880160de0a8 RCX: 0000000000000000 [ 72.061868] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 72.062374] RBP: ffff888023f27bd0 R08: ffffed1002c1bc33 R09: ffffed1002c1bc33 [ 72.062894] R10: ffff8880160de193 R11: ffffed1002c1bc32 R12: ffff8880148cf400 [ 72.063408] R13: ffff8880160de1e8 R14: ffffffff8352e670 R15: ffff888023f27e68 [ 72.063915] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.064507] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.064921] CR2: 0000000020000140 CR3: 0000000020ecc000 CR4: 0000000000750ef0 [ 72.065430] PKRU: 55555554 [ 72.065633] Call Trace: [ 72.065817] [ 72.065982] __iommufd_access_detach+0x1c2/0x2b0 [ 72.066337] iommufd_access_change_pt+0x149/0x270 [ 72.066728] iommufd_access_replace+0xb4/0x120 [ 72.067073] iommufd_test+0x3e5/0x37e0 [ 72.067363] ? lock_release+0x532/0x770 [ 72.067660] ? __might_fault+0x102/0x1b0 [ 72.067958] ? lock_acquire+0x427/0x4c0 [ 72.068254] ? __pfx_iommufd_test+0x10/0x10 [ 72.068566] ? __pfx_lock_release+0x10/0x10 [ 72.068886] ? __pfx_lock_acquire+0x10/0x10 [ 72.069203] ? write_comp_data+0x2f/0x90 [ 72.069504] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.069865] ? write_comp_data+0x2f/0x90 [ 72.070167] iommufd_fops_ioctl+0x37d/0x510 [ 72.070483] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.070862] ? write_comp_data+0x2f/0x90 [ 72.071180] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.071540] __x64_sys_ioctl+0x1a3/0x230 [ 72.071851] do_syscall_64+0x3b/0x90 [ 72.072134] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.072513] RIP: 0033:0x7f4b8743ee5d [ 72.072782] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.074074] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.074632] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.075150] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.075664] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.076180] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.076694] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.077210] [ 72.077377] irq event stamp: 0 [ 72.077605] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.078055] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.078683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.079294] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.079748] ---[ end trace 0000000000000000 ]--- [ 72.082331] ------------[ cut here ]------------ [ 72.082720] WARNING: CPU: 0 PID: 589 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.083450] Modules linked in: [ 72.083689] CPU: 0 PID: 589 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.084308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.085118] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.085482] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.086989] RSP: 0018:ffff888023f27bd0 EFLAGS: 00010246 [ 72.087381] RAX: 0000000000000000 RBX: ffff8880160de0a8 RCX: 0000000000000000 [ 72.087899] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 72.088420] RBP: ffff888023f27be8 R08: ffffed1002c1bc33 R09: ffffed1002c1bc33 [ 72.088928] R10: ffff8880160de193 R11: ffffed1002c1bc32 R12: ffff888016636800 [ 72.089434] R13: ffff8880160de1e8 R14: ffff8880142c5400 R15: 0000000000000000 [ 72.089941] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.090531] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.090945] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.091462] PKRU: 55555554 [ 72.091665] Call Trace: [ 72.091849] [ 72.092012] iommufd_access_destroy_object+0x65/0x170 [ 72.092386] iommufd_object_destroy_user+0x18e/0x220 [ 72.092755] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.093210] iommufd_access_destroy+0x43/0x70 [ 72.093540] iommufd_test_staccess_release+0x8d/0xd0 [ 72.093914] __fput+0x26d/0xa40 [ 72.094165] ____fput+0x1e/0x30 [ 72.094412] task_work_run+0x1a4/0x2d0 [ 72.094716] ? __pfx_task_work_run+0x10/0x10 [ 72.095040] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.095402] ? switch_task_namespaces+0xa9/0xe0 [ 72.095749] do_exit+0xb17/0x2ef0 [ 72.095998] ? lock_acquire+0x427/0x4c0 [ 72.096292] ? __pfx_lock_release+0x10/0x10 [ 72.096609] ? __kasan_check_write+0x18/0x20 [ 72.096938] ? do_raw_spin_lock+0x132/0x2a0 [ 72.097255] ? __pfx_do_exit+0x10/0x10 [ 72.097546] ? debug_smp_processor_id+0x20/0x30 [ 72.097893] ? rcu_is_watching+0x19/0xb0 [ 72.098196] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.098548] ? trace_hardirqs_on+0x26/0x120 [ 72.098869] do_group_exit+0xe0/0x2b0 [ 72.099155] __x64_sys_exit_group+0x47/0x50 [ 72.099466] do_syscall_64+0x3b/0x90 [ 72.099743] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.100125] RIP: 0033:0x7f4b87518a4d [ 72.100392] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.100836] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.101382] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.101890] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.102401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.102926] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.103442] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.103959] [ 72.104130] irq event stamp: 0 [ 72.104358] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.104806] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.105404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.106005] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.106454] ---[ end trace 0000000000000000 ]--- [ 72.107130] ------------[ cut here ]------------ [ 72.107473] WARNING: CPU: 0 PID: 589 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.108197] Modules linked in: [ 72.108429] CPU: 0 PID: 589 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.109052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.109855] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.110228] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.111560] RSP: 0018:ffff888023f27b78 EFLAGS: 00010246 [ 72.111944] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.112458] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 72.113046] RBP: ffff888023f27b98 R08: ffffed1002c1bc3e R09: ffffed1002c1bc3e [ 72.113681] R10: ffff8880160de1ef R11: ffffed1002c1bc3d R12: ffff8880160de290 [ 72.114307] R13: ffff8880160de0a8 R14: ffffffffffffffff R15: ffff888023f27c60 [ 72.114830] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.115526] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.115943] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.116463] PKRU: 55555554 [ 72.116769] Call Trace: [ 72.116954] [ 72.117117] iommufd_ioas_destroy+0x53/0x70 [ 72.117441] iommufd_fops_release+0x1f7/0x370 [ 72.117776] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.118252] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.118630] ? write_comp_data+0x2f/0x90 [ 72.118935] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.119309] __fput+0x26d/0xa40 [ 72.119630] ____fput+0x1e/0x30 [ 72.119955] task_work_run+0x1a4/0x2d0 [ 72.120252] ? __pfx_task_work_run+0x10/0x10 [ 72.120574] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.120932] ? switch_task_namespaces+0xa9/0xe0 [ 72.121280] do_exit+0xb17/0x2ef0 [ 72.121532] ? lock_acquire+0x427/0x4c0 [ 72.121886] ? __pfx_lock_release+0x10/0x10 [ 72.122275] ? __kasan_check_write+0x18/0x20 [ 72.122628] ? do_raw_spin_lock+0x132/0x2a0 [ 72.122953] ? __pfx_do_exit+0x10/0x10 [ 72.123261] ? debug_smp_processor_id+0x20/0x30 [ 72.123666] ? rcu_is_watching+0x19/0xb0 [ 72.124042] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.124377] ? trace_hardirqs_on+0x26/0x120 [ 72.124704] do_group_exit+0xe0/0x2b0 [ 72.125036] __x64_sys_exit_group+0x47/0x50 [ 72.125448] do_syscall_64+0x3b/0x90 [ 72.125732] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.126119] RIP: 0033:0x7f4b87518a4d [ 72.126418] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.126981] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.127537] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.128052] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.128626] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.129222] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.129738] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.130371] [ 72.130562] irq event stamp: 0 [ 72.130790] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.131253] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.132017] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.132638] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.133101] ---[ end trace 0000000000000000 ]--- [ 72.136757] ------------[ cut here ]------------ [ 72.137252] WARNING: CPU: 0 PID: 590 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.137994] Modules linked in: [ 72.138250] CPU: 0 PID: 590 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.139034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.139885] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.140258] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.141605] RSP: 0018:ffff888023ed7bb8 EFLAGS: 00010246 [ 72.142006] RAX: 0000000000000000 RBX: ffff888010b7a8a8 RCX: 0000000000000000 [ 72.142555] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 72.143089] RBP: ffff888023ed7bd0 R08: ffffed100216f533 R09: ffffed100216f533 [ 72.143637] R10: ffff888010b7a993 R11: ffffed100216f532 R12: ffff88800a725c00 [ 72.144158] R13: ffff888010b7a9e8 R14: ffffffff8352e670 R15: ffff888023ed7e68 [ 72.144676] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.145260] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.145687] CR2: 00007f4b877410e8 CR3: 0000000020ecc000 CR4: 0000000000750ef0 [ 72.146218] PKRU: 55555554 [ 72.146432] Call Trace: [ 72.146641] [ 72.146812] __iommufd_access_detach+0x1c2/0x2b0 [ 72.147193] iommufd_access_change_pt+0x149/0x270 [ 72.147567] iommufd_access_replace+0xb4/0x120 [ 72.147922] iommufd_test+0x3e5/0x37e0 [ 72.148215] ? lock_release+0x532/0x770 [ 72.148523] ? __might_fault+0x102/0x1b0 [ 72.148839] ? lock_acquire+0x427/0x4c0 [ 72.149148] ? __pfx_iommufd_test+0x10/0x10 [ 72.149470] ? __pfx_lock_release+0x10/0x10 [ 72.149802] ? __pfx_lock_acquire+0x10/0x10 [ 72.150136] ? write_comp_data+0x2f/0x90 [ 72.150453] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.150928] ? write_comp_data+0x2f/0x90 [ 72.151258] iommufd_fops_ioctl+0x37d/0x510 [ 72.151590] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.151964] ? write_comp_data+0x2f/0x90 [ 72.152280] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.152653] __x64_sys_ioctl+0x1a3/0x230 [ 72.152971] do_syscall_64+0x3b/0x90 [ 72.153262] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.153655] RIP: 0033:0x7f4b8743ee5d [ 72.153932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.155313] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.155887] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.156418] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.156984] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.157513] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.158041] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.158595] [ 72.158774] irq event stamp: 0 [ 72.159014] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.159492] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.160117] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.160739] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.161209] ---[ end trace 0000000000000000 ]--- [ 72.164160] ------------[ cut here ]------------ [ 72.164606] WARNING: CPU: 0 PID: 590 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.165378] Modules linked in: [ 72.165713] CPU: 0 PID: 590 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.166352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.167328] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.167699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.169197] RSP: 0018:ffff888023ed7bd0 EFLAGS: 00010246 [ 72.169590] RAX: 0000000000000000 RBX: ffff888010b7a8a8 RCX: 0000000000000000 [ 72.170172] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 72.170773] RBP: ffff888023ed7be8 R08: ffffed100216f533 R09: ffffed100216f533 [ 72.171310] R10: ffff888010b7a993 R11: ffffed100216f532 R12: ffff8880148cd800 [ 72.171885] R13: ffff888010b7a9e8 R14: ffff88802185e600 R15: 0000000000000000 [ 72.172498] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.173094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.173654] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.174183] PKRU: 55555554 [ 72.174394] Call Trace: [ 72.174629] [ 72.174828] iommufd_access_destroy_object+0x65/0x170 [ 72.175270] iommufd_object_destroy_user+0x18e/0x220 [ 72.175659] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.176110] iommufd_access_destroy+0x43/0x70 [ 72.176461] iommufd_test_staccess_release+0x8d/0xd0 [ 72.176892] __fput+0x26d/0xa40 [ 72.177240] ____fput+0x1e/0x30 [ 72.177498] task_work_run+0x1a4/0x2d0 [ 72.177800] ? __pfx_task_work_run+0x10/0x10 [ 72.178133] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.178643] ? switch_task_namespaces+0xa9/0xe0 [ 72.179004] do_exit+0xb17/0x2ef0 [ 72.179276] ? lock_acquire+0x427/0x4c0 [ 72.179585] ? __pfx_lock_release+0x10/0x10 [ 72.179916] ? __kasan_check_write+0x18/0x20 [ 72.180290] ? do_raw_spin_lock+0x132/0x2a0 [ 72.180692] ? __pfx_do_exit+0x10/0x10 [ 72.180993] ? debug_smp_processor_id+0x20/0x30 [ 72.181345] ? rcu_is_watching+0x19/0xb0 [ 72.181685] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.182117] ? trace_hardirqs_on+0x26/0x120 [ 72.182448] do_group_exit+0xe0/0x2b0 [ 72.182757] __x64_sys_exit_group+0x47/0x50 [ 72.183082] do_syscall_64+0x3b/0x90 [ 72.183377] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.183832] RIP: 0033:0x7f4b87518a4d [ 72.184170] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.184626] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.185244] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.185835] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.186366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.187027] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.187563] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.188107] [ 72.188288] irq event stamp: 0 [ 72.188594] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.189201] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.189841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.190635] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.191121] ---[ end trace 0000000000000000 ]--- [ 72.191797] ------------[ cut here ]------------ [ 72.192300] WARNING: CPU: 0 PID: 590 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.193066] Modules linked in: [ 72.193326] CPU: 0 PID: 590 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.194099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.195025] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.195515] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.196963] RSP: 0018:ffff888023ed7b78 EFLAGS: 00010246 [ 72.197453] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.198000] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 72.198723] RBP: ffff888023ed7b98 R08: ffffed100216f53e R09: ffffed100216f53e [ 72.199283] R10: ffff888010b7a9ef R11: ffffed100216f53d R12: ffff888010b7aa90 [ 72.199831] R13: ffff888010b7a8a8 R14: ffffffffffffffff R15: ffff888023ed7c60 [ 72.200377] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.201087] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.201617] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.202161] PKRU: 55555554 [ 72.202379] Call Trace: [ 72.202595] [ 72.202771] iommufd_ioas_destroy+0x53/0x70 [ 72.203119] iommufd_fops_release+0x1f7/0x370 [ 72.203476] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.203935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.204401] ? write_comp_data+0x2f/0x90 [ 72.204724] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.205109] __fput+0x26d/0xa40 [ 72.205376] ____fput+0x1e/0x30 [ 72.205637] task_work_run+0x1a4/0x2d0 [ 72.205975] ? __pfx_task_work_run+0x10/0x10 [ 72.206441] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.206840] ? switch_task_namespaces+0xa9/0xe0 [ 72.207228] do_exit+0xb17/0x2ef0 [ 72.207499] ? lock_acquire+0x427/0x4c0 [ 72.207817] ? __pfx_lock_release+0x10/0x10 [ 72.208155] ? __kasan_check_write+0x18/0x20 [ 72.208501] ? do_raw_spin_lock+0x132/0x2a0 [ 72.208854] ? __pfx_do_exit+0x10/0x10 [ 72.209300] ? debug_smp_processor_id+0x20/0x30 [ 72.209663] ? rcu_is_watching+0x19/0xb0 [ 72.209981] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.210341] ? trace_hardirqs_on+0x26/0x120 [ 72.210703] do_group_exit+0xe0/0x2b0 [ 72.211003] __x64_sys_exit_group+0x47/0x50 [ 72.211341] do_syscall_64+0x3b/0x90 [ 72.211660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.212184] RIP: 0033:0x7f4b87518a4d [ 72.212472] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.212940] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.213521] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.214218] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.214776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.215324] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.215866] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.216420] [ 72.216661] irq event stamp: 0 [ 72.216993] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.217475] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.218117] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.218970] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.219463] ---[ end trace 0000000000000000 ]--- [ 72.223642] ------------[ cut here ]------------ [ 72.224020] WARNING: CPU: 0 PID: 591 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.224925] Modules linked in: [ 72.225170] CPU: 0 PID: 591 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.225828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.226831] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.227224] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.228614] RSP: 0018:ffff888014467bb8 EFLAGS: 00010246 [ 72.229025] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 72.229567] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 72.230105] RBP: ffff888014467bd0 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 72.230661] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff888010826000 [ 72.231209] R13: ffff88800f3709e8 R14: ffffffff8352e670 R15: ffff888014467e68 [ 72.231751] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.232360] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.232799] CR2: 0000000020000140 CR3: 00000000187c6000 CR4: 0000000000750ef0 [ 72.233343] PKRU: 55555554 [ 72.233561] Call Trace: [ 72.233760] [ 72.233935] __iommufd_access_detach+0x1c2/0x2b0 [ 72.234319] iommufd_access_change_pt+0x149/0x270 [ 72.234729] iommufd_access_replace+0xb4/0x120 [ 72.235098] iommufd_test+0x3e5/0x37e0 [ 72.235406] ? lock_release+0x532/0x770 [ 72.235726] ? __might_fault+0x102/0x1b0 [ 72.236050] ? lock_acquire+0x427/0x4c0 [ 72.236382] ? __pfx_iommufd_test+0x10/0x10 [ 72.236711] ? __pfx_lock_release+0x10/0x10 [ 72.237050] ? __pfx_lock_acquire+0x10/0x10 [ 72.237393] ? write_comp_data+0x2f/0x90 [ 72.237716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.238102] ? write_comp_data+0x2f/0x90 [ 72.238429] iommufd_fops_ioctl+0x37d/0x510 [ 72.238788] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.239181] ? write_comp_data+0x2f/0x90 [ 72.239506] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.239880] __x64_sys_ioctl+0x1a3/0x230 [ 72.240200] do_syscall_64+0x3b/0x90 [ 72.240497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.240905] RIP: 0033:0x7f4b8743ee5d [ 72.241196] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.242612] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.243205] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.243751] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.244296] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.244847] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.245644] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.246201] [ 72.246383] irq event stamp: 0 [ 72.246662] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.247155] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.247988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.248634] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.249122] ---[ end trace 0000000000000000 ]--- [ 72.252546] ------------[ cut here ]------------ [ 72.253059] WARNING: CPU: 0 PID: 591 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.253950] Modules linked in: [ 72.254200] CPU: 0 PID: 591 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.255250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.256122] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.256513] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.258092] RSP: 0018:ffff888014467bd0 EFLAGS: 00010246 [ 72.258581] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 72.259225] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 72.259788] RBP: ffff888014467be8 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 72.260488] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff88800a725400 [ 72.261044] R13: ffff88800f3709e8 R14: ffff888020e5f400 R15: 0000000000000000 [ 72.261676] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.262416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.262884] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.263449] PKRU: 55555554 [ 72.263686] Call Trace: [ 72.263893] [ 72.264076] iommufd_access_destroy_object+0x65/0x170 [ 72.264499] iommufd_object_destroy_user+0x18e/0x220 [ 72.264913] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.265386] iommufd_access_destroy+0x43/0x70 [ 72.265756] iommufd_test_staccess_release+0x8d/0xd0 [ 72.266176] __fput+0x26d/0xa40 [ 72.266457] ____fput+0x1e/0x30 [ 72.266759] task_work_run+0x1a4/0x2d0 [ 72.267088] ? __pfx_task_work_run+0x10/0x10 [ 72.267459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.267860] ? switch_task_namespaces+0xa9/0xe0 [ 72.268246] do_exit+0xb17/0x2ef0 [ 72.268529] ? lock_acquire+0x427/0x4c0 [ 72.268862] ? __pfx_lock_release+0x10/0x10 [ 72.269214] ? __kasan_check_write+0x18/0x20 [ 72.269572] ? do_raw_spin_lock+0x132/0x2a0 [ 72.269923] ? __pfx_do_exit+0x10/0x10 [ 72.270245] ? debug_smp_processor_id+0x20/0x30 [ 72.270650] ? rcu_is_watching+0x19/0xb0 [ 72.270986] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.271381] ? trace_hardirqs_on+0x26/0x120 [ 72.271744] do_group_exit+0xe0/0x2b0 [ 72.272055] __x64_sys_exit_group+0x47/0x50 [ 72.272402] do_syscall_64+0x3b/0x90 [ 72.272717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.273145] RIP: 0033:0x7f4b87518a4d [ 72.273447] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.273943] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.274585] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.275168] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.275741] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.276310] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.276882] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.277460] [ 72.277648] irq event stamp: 0 [ 72.277903] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.278418] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.279116] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.279788] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.280290] ---[ end trace 0000000000000000 ]--- [ 72.281004] ------------[ cut here ]------------ [ 72.281383] WARNING: CPU: 0 PID: 591 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.282195] Modules linked in: [ 72.282453] CPU: 0 PID: 591 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.283188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.284092] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.284509] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.286014] RSP: 0018:ffff888014467b78 EFLAGS: 00010246 [ 72.286446] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.287089] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 72.287674] RBP: ffff888014467b98 R08: ffffed1001e6e13e R09: ffffed1001e6e13e [ 72.288245] R10: ffff88800f3709ef R11: ffffed1001e6e13d R12: ffff88800f370a90 [ 72.288811] R13: ffff88800f3708a8 R14: ffffffffffffffff R15: ffff888014467c60 [ 72.289380] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.290024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.290487] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.291079] PKRU: 55555554 [ 72.291322] Call Trace: [ 72.291530] [ 72.291720] iommufd_ioas_destroy+0x53/0x70 [ 72.292078] iommufd_fops_release+0x1f7/0x370 [ 72.292447] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.292858] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.293259] ? write_comp_data+0x2f/0x90 [ 72.293598] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.294009] __fput+0x26d/0xa40 [ 72.294297] ____fput+0x1e/0x30 [ 72.294596] task_work_run+0x1a4/0x2d0 [ 72.294924] ? __pfx_task_work_run+0x10/0x10 [ 72.295297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.295703] ? switch_task_namespaces+0xa9/0xe0 [ 72.296093] do_exit+0xb17/0x2ef0 [ 72.296378] ? lock_acquire+0x427/0x4c0 [ 72.296711] ? __pfx_lock_release+0x10/0x10 [ 72.297069] ? __kasan_check_write+0x18/0x20 [ 72.297430] ? do_raw_spin_lock+0x132/0x2a0 [ 72.297781] ? __pfx_do_exit+0x10/0x10 [ 72.298103] ? debug_smp_processor_id+0x20/0x30 [ 72.298481] ? rcu_is_watching+0x19/0xb0 [ 72.298827] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.299220] ? trace_hardirqs_on+0x26/0x120 [ 72.299578] do_group_exit+0xe0/0x2b0 [ 72.299890] __x64_sys_exit_group+0x47/0x50 [ 72.300237] do_syscall_64+0x3b/0x90 [ 72.300546] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.300970] RIP: 0033:0x7f4b87518a4d [ 72.301273] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.301769] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.302381] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.302979] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.303571] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.304148] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.304730] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.305312] [ 72.305500] irq event stamp: 0 [ 72.305754] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.306246] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.306917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.307574] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.308065] ---[ end trace 0000000000000000 ]--- [ 72.312576] ------------[ cut here ]------------ [ 72.312973] WARNING: CPU: 0 PID: 592 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.313759] Modules linked in: [ 72.314010] CPU: 0 PID: 592 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.314869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.315756] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.316144] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.317600] RSP: 0018:ffff888014137bb8 EFLAGS: 00010246 [ 72.318017] RAX: 0000000000000000 RBX: ffff888020b568a8 RCX: 0000000000000000 [ 72.318587] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 72.319153] RBP: ffff888014137bd0 R08: ffffed100416ad33 R09: ffffed100416ad33 [ 72.319711] R10: ffff888020b56993 R11: ffffed100416ad32 R12: ffff888014582c00 [ 72.320263] R13: ffff888020b569e8 R14: ffffffff8352e670 R15: ffff888014137e68 [ 72.320818] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.321443] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.321894] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 72.322448] PKRU: 55555554 [ 72.322689] Call Trace: [ 72.322890] [ 72.323069] __iommufd_access_detach+0x1c2/0x2b0 [ 72.323461] iommufd_access_change_pt+0x149/0x270 [ 72.323853] iommufd_access_replace+0xb4/0x120 [ 72.324223] iommufd_test+0x3e5/0x37e0 [ 72.324535] ? lock_release+0x532/0x770 [ 72.324859] ? __might_fault+0x102/0x1b0 [ 72.325184] ? lock_acquire+0x427/0x4c0 [ 72.325506] ? __pfx_iommufd_test+0x10/0x10 [ 72.325844] ? __pfx_lock_release+0x10/0x10 [ 72.326189] ? __pfx_lock_acquire+0x10/0x10 [ 72.326556] ? write_comp_data+0x2f/0x90 [ 72.326888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.327285] ? write_comp_data+0x2f/0x90 [ 72.327617] iommufd_fops_ioctl+0x37d/0x510 [ 72.327970] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.328362] ? write_comp_data+0x2f/0x90 [ 72.328694] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.329076] __x64_sys_ioctl+0x1a3/0x230 [ 72.329408] do_syscall_64+0x3b/0x90 [ 72.329710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.330123] RIP: 0033:0x7f4b8743ee5d [ 72.330414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.331861] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.332458] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.333015] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.333570] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.334123] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.334698] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.335284] [ 72.335472] irq event stamp: 0 [ 72.335726] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.336228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.336882] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.337533] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.338024] ---[ end trace 0000000000000000 ]--- [ 72.340791] ------------[ cut here ]------------ [ 72.341191] WARNING: CPU: 0 PID: 592 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.341975] Modules linked in: [ 72.342225] CPU: 0 PID: 592 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.342921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.343807] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.344199] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.345588] RSP: 0018:ffff888014137bd0 EFLAGS: 00010246 [ 72.345998] RAX: 0000000000000000 RBX: ffff888020b568a8 RCX: 0000000000000000 [ 72.346558] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 72.347113] RBP: ffff888014137be8 R08: ffffed100416ad33 R09: ffffed100416ad33 [ 72.347658] R10: ffff888020b56993 R11: ffffed100416ad32 R12: ffff88801341b000 [ 72.348204] R13: ffff888020b569e8 R14: ffff8880143b1e00 R15: 0000000000000000 [ 72.348747] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.349412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.349857] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.350405] PKRU: 55555554 [ 72.350644] Call Trace: [ 72.350843] [ 72.351018] iommufd_access_destroy_object+0x65/0x170 [ 72.351439] iommufd_object_destroy_user+0x18e/0x220 [ 72.351838] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.352288] iommufd_access_destroy+0x43/0x70 [ 72.352649] iommufd_test_staccess_release+0x8d/0xd0 [ 72.353049] __fput+0x26d/0xa40 [ 72.353316] ____fput+0x1e/0x30 [ 72.353578] task_work_run+0x1a4/0x2d0 [ 72.353887] ? __pfx_task_work_run+0x10/0x10 [ 72.354230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.354632] ? switch_task_namespaces+0xa9/0xe0 [ 72.355004] do_exit+0xb17/0x2ef0 [ 72.355287] ? lock_acquire+0x427/0x4c0 [ 72.355603] ? __pfx_lock_release+0x10/0x10 [ 72.355944] ? __kasan_check_write+0x18/0x20 [ 72.356284] ? do_raw_spin_lock+0x132/0x2a0 [ 72.356621] ? __pfx_do_exit+0x10/0x10 [ 72.356931] ? debug_smp_processor_id+0x20/0x30 [ 72.357290] ? rcu_is_watching+0x19/0xb0 [ 72.357604] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.357955] ? trace_hardirqs_on+0x26/0x120 [ 72.358294] do_group_exit+0xe0/0x2b0 [ 72.358607] __x64_sys_exit_group+0x47/0x50 [ 72.358941] do_syscall_64+0x3b/0x90 [ 72.359241] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.359646] RIP: 0033:0x7f4b87518a4d [ 72.359934] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.360402] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.360983] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.361523] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.362064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.362623] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.363178] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.363729] [ 72.363909] irq event stamp: 0 [ 72.364151] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.364634] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.365275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.365914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.366398] ---[ end trace 0000000000000000 ]--- [ 72.367098] ------------[ cut here ]------------ [ 72.367480] WARNING: CPU: 0 PID: 592 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.368256] Modules linked in: [ 72.368502] CPU: 0 PID: 592 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.369163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.370024] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.370421] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.371844] RSP: 0018:ffff888014137b78 EFLAGS: 00010246 [ 72.372268] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.372811] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 72.373361] RBP: ffff888014137b98 R08: ffffed100416ad3e R09: ffffed100416ad3e [ 72.374003] R10: ffff888020b569ef R11: ffffed100416ad3d R12: ffff888020b56a90 [ 72.374747] R13: ffff888020b568a8 R14: ffffffffffffffff R15: ffff888014137c60 [ 72.375360] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.375986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.376442] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.376991] PKRU: 55555554 [ 72.377213] Call Trace: [ 72.377410] [ 72.377585] iommufd_ioas_destroy+0x53/0x70 [ 72.377995] iommufd_fops_release+0x1f7/0x370 [ 72.378348] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.378764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.379160] ? write_comp_data+0x2f/0x90 [ 72.379480] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.379869] __fput+0x26d/0xa40 [ 72.380135] ____fput+0x1e/0x30 [ 72.380399] task_work_run+0x1a4/0x2d0 [ 72.380710] ? __pfx_task_work_run+0x10/0x10 [ 72.381103] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.381481] ? switch_task_namespaces+0xa9/0xe0 [ 72.381852] do_exit+0xb17/0x2ef0 [ 72.382122] ? lock_acquire+0x427/0x4c0 [ 72.382434] ? __pfx_lock_release+0x10/0x10 [ 72.382788] ? __kasan_check_write+0x18/0x20 [ 72.383139] ? do_raw_spin_lock+0x132/0x2a0 [ 72.383472] ? __pfx_do_exit+0x10/0x10 [ 72.383780] ? debug_smp_processor_id+0x20/0x30 [ 72.384141] ? rcu_is_watching+0x19/0xb0 [ 72.384454] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.384808] ? trace_hardirqs_on+0x26/0x120 [ 72.385145] do_group_exit+0xe0/0x2b0 [ 72.385440] __x64_sys_exit_group+0x47/0x50 [ 72.385774] do_syscall_64+0x3b/0x90 [ 72.386069] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.386470] RIP: 0033:0x7f4b87518a4d [ 72.386789] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.387269] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.387854] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.388398] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.388946] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.389490] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.390036] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.390612] [ 72.390795] irq event stamp: 0 [ 72.391039] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.391528] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.392193] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.392828] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.393306] ---[ end trace 0000000000000000 ]--- [ 72.398013] ------------[ cut here ]------------ [ 72.398438] WARNING: CPU: 0 PID: 593 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.399275] Modules linked in: [ 72.399523] CPU: 0 PID: 593 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.400184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.401190] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.401574] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.403139] RSP: 0018:ffff888014487bb8 EFLAGS: 00010246 [ 72.403558] RAX: 0000000000000000 RBX: ffff888012cab8a8 RCX: 0000000000000000 [ 72.404100] RDX: 0000000000000000 RSI: ffff88800bd5a500 RDI: 0000000000000002 [ 72.404644] RBP: ffff888014487bd0 R08: ffffed1002595733 R09: ffffed1002595733 [ 72.405198] R10: ffff888012cab993 R11: ffffed1002595732 R12: ffff888021bc7400 [ 72.405874] R13: ffff888012cab9e8 R14: ffffffff8352e670 R15: ffff888014487e68 [ 72.406416] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.407041] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.407637] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 72.408188] PKRU: 55555554 [ 72.408406] Call Trace: [ 72.408604] [ 72.408780] __iommufd_access_detach+0x1c2/0x2b0 [ 72.409159] iommufd_access_change_pt+0x149/0x270 [ 72.409541] iommufd_access_replace+0xb4/0x120 [ 72.410060] iommufd_test+0x3e5/0x37e0 [ 72.410361] ? lock_release+0x532/0x770 [ 72.410693] ? __might_fault+0x102/0x1b0 [ 72.411013] ? lock_acquire+0x427/0x4c0 [ 72.411335] ? __pfx_iommufd_test+0x10/0x10 [ 72.411665] ? __pfx_lock_release+0x10/0x10 [ 72.412006] ? __pfx_lock_acquire+0x10/0x10 [ 72.412353] ? write_comp_data+0x2f/0x90 [ 72.412716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.413230] ? write_comp_data+0x2f/0x90 [ 72.413558] iommufd_fops_ioctl+0x37d/0x510 [ 72.413893] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.414271] ? write_comp_data+0x2f/0x90 [ 72.414645] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.415139] __x64_sys_ioctl+0x1a3/0x230 [ 72.415464] do_syscall_64+0x3b/0x90 [ 72.415761] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.416167] RIP: 0033:0x7f4b8743ee5d [ 72.416453] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.417989] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.418588] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.419140] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.419687] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.420381] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.420924] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.421476] [ 72.421658] irq event stamp: 0 [ 72.421973] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.422564] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.423212] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.423853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.424335] ---[ end trace 0000000000000000 ]--- [ 72.427357] ------------[ cut here ]------------ [ 72.427738] WARNING: CPU: 0 PID: 593 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.428517] Modules linked in: [ 72.428796] CPU: 0 PID: 593 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.429563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.430424] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.430876] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.432420] RSP: 0018:ffff888014487bd0 EFLAGS: 00010246 [ 72.432835] RAX: 0000000000000000 RBX: ffff888012cab8a8 RCX: 0000000000000000 [ 72.433374] RDX: 0000000000000000 RSI: ffff88800bd5a500 RDI: 0000000000000002 [ 72.433911] RBP: ffff888014487be8 R08: ffffed1002595733 R09: ffffed1002595733 [ 72.434451] R10: ffff888012cab993 R11: ffffed1002595732 R12: ffff888014582000 [ 72.435018] R13: ffff888012cab9e8 R14: ffff888021829200 R15: 0000000000000000 [ 72.435570] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.436181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.436627] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 72.437176] PKRU: 55555554 [ 72.437394] Call Trace: [ 72.437593] [ 72.437773] iommufd_access_destroy_object+0x65/0x170 [ 72.438179] iommufd_object_destroy_user+0x18e/0x220 [ 72.438592] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.439048] iommufd_access_destroy+0x43/0x70 [ 72.439415] iommufd_test_staccess_release+0x8d/0xd0 [ 72.439814] __fput+0x26d/0xa40 [ 72.440083] ____fput+0x1e/0x30 [ 72.440346] task_work_run+0x1a4/0x2d0 [ 72.440653] ? __pfx_task_work_run+0x10/0x10 [ 72.440997] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.441377] ? switch_task_namespaces+0xa9/0xe0 [ 72.441744] do_exit+0xb17/0x2ef0 [ 72.442016] ? lock_acquire+0x427/0x4c0 [ 72.442333] ? __pfx_lock_release+0x10/0x10 [ 72.442692] ? __kasan_check_write+0x18/0x20 [ 72.443038] ? do_raw_spin_lock+0x132/0x2a0 [ 72.443383] ? __pfx_do_exit+0x10/0x10 [ 72.443694] ? debug_smp_processor_id+0x20/0x30 [ 72.444059] ? rcu_is_watching+0x19/0xb0 [ 72.444378] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.444736] ? trace_hardirqs_on+0x26/0x120 [ 72.445123] do_group_exit+0xe0/0x2b0 [ 72.445424] __x64_sys_exit_group+0x47/0x50 [ 72.445755] do_syscall_64+0x3b/0x90 [ 72.446050] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.446454] RIP: 0033:0x7f4b87518a4d [ 72.446762] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.447243] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.447827] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.448370] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.448914] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.449457] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.450003] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.450574] [ 72.450758] irq event stamp: 0 [ 72.451004] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.451490] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.452128] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.452769] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.453251] ---[ end trace 0000000000000000 ]--- [ 72.454062] ------------[ cut here ]------------ [ 72.454685] WARNING: CPU: 0 PID: 593 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.455487] Modules linked in: [ 72.455767] CPU: 0 PID: 593 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.456552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.457547] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.457947] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.459507] RSP: 0018:ffff888014487b78 EFLAGS: 00010246 [ 72.459964] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.460596] RDX: 0000000000000000 RSI: ffff88800bd5a500 RDI: 0000000000000002 [ 72.461174] RBP: ffff888014487b98 R08: ffffed100259573e R09: ffffed100259573e [ 72.461842] R10: ffff888012cab9ef R11: ffffed100259573d R12: ffff888012caba90 [ 72.462484] R13: ffff888012cab8a8 R14: ffffffffffffffff R15: ffff888014487c60 [ 72.463157] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.463832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.464414] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 72.465007] PKRU: 55555554 [ 72.465367] Call Trace: [ 72.465579] [ 72.465763] iommufd_ioas_destroy+0x53/0x70 [ 72.466125] iommufd_fops_release+0x1f7/0x370 [ 72.466645] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.467056] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.467466] ? write_comp_data+0x2f/0x90 [ 72.467845] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.468329] __fput+0x26d/0xa40 [ 72.468616] ____fput+0x1e/0x30 [ 72.468925] task_work_run+0x1a4/0x2d0 [ 72.469376] ? __pfx_task_work_run+0x10/0x10 [ 72.469744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.470183] ? switch_task_namespaces+0xa9/0xe0 [ 72.470714] do_exit+0xb17/0x2ef0 [ 72.471004] ? lock_acquire+0x427/0x4c0 [ 72.471345] ? __pfx_lock_release+0x10/0x10 [ 72.471706] ? __kasan_check_write+0x18/0x20 [ 72.472147] ? do_raw_spin_lock+0x132/0x2a0 [ 72.472588] ? __pfx_do_exit+0x10/0x10 [ 72.472929] ? debug_smp_processor_id+0x20/0x30 [ 72.473463] ? rcu_is_watching+0x19/0xb0 [ 72.473802] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.474176] ? trace_hardirqs_on+0x26/0x120 [ 72.474690] do_group_exit+0xe0/0x2b0 [ 72.475010] __x64_sys_exit_group+0x47/0x50 [ 72.475371] do_syscall_64+0x3b/0x90 [ 72.475682] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.476176] RIP: 0033:0x7f4b87518a4d [ 72.476567] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.477117] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.477893] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.478537] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.479214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.479797] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.480547] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.481157] [ 72.481423] irq event stamp: 0 [ 72.481805] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.482342] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.483282] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.484009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.484587] ---[ end trace 0000000000000000 ]--- [ 72.489721] ------------[ cut here ]------------ [ 72.490377] WARNING: CPU: 1 PID: 594 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.491374] Modules linked in: [ 72.491652] CPU: 1 PID: 594 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.492417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.493398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.493844] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.495480] RSP: 0018:ffff88800f1c7bb8 EFLAGS: 00010246 [ 72.495958] RAX: 0000000000000000 RBX: ffff888013d388a8 RCX: 0000000000000000 [ 72.496574] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 72.497191] RBP: ffff88800f1c7bd0 R08: ffffed10027a7133 R09: ffffed10027a7133 [ 72.497825] R10: ffff888013d38993 R11: ffffed10027a7132 R12: ffff88800f171800 [ 72.498475] R13: ffff888013d389e8 R14: ffffffff8352e670 R15: ffff88800f1c7e68 [ 72.499190] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 72.499934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.500468] CR2: 00007f4b877410e8 CR3: 000000001622c000 CR4: 0000000000750ee0 [ 72.501120] PKRU: 55555554 [ 72.501382] Call Trace: [ 72.501616] [ 72.501822] __iommufd_access_detach+0x1c2/0x2b0 [ 72.502272] iommufd_access_change_pt+0x149/0x270 [ 72.502762] iommufd_access_replace+0xb4/0x120 [ 72.503214] iommufd_test+0x3e5/0x37e0 [ 72.503576] ? lock_release+0x532/0x770 [ 72.503959] ? __might_fault+0x102/0x1b0 [ 72.504343] ? lock_acquire+0x427/0x4c0 [ 72.504720] ? __pfx_iommufd_test+0x10/0x10 [ 72.505115] ? __pfx_lock_release+0x10/0x10 [ 72.505525] ? __pfx_lock_acquire+0x10/0x10 [ 72.505953] ? write_comp_data+0x2f/0x90 [ 72.506338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.506823] ? write_comp_data+0x2f/0x90 [ 72.507220] iommufd_fops_ioctl+0x37d/0x510 [ 72.507630] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.508087] ? write_comp_data+0x2f/0x90 [ 72.508472] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.508923] __x64_sys_ioctl+0x1a3/0x230 [ 72.509309] do_syscall_64+0x3b/0x90 [ 72.509662] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.510165] RIP: 0033:0x7f4b8743ee5d [ 72.510549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.512277] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.512987] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.513647] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.514306] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.515004] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.515686] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.516353] [ 72.516573] irq event stamp: 0 [ 72.516866] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.517456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.518228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.519037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.519624] ---[ end trace 0000000000000000 ]--- [ 72.523104] ------------[ cut here ]------------ [ 72.523601] WARNING: CPU: 0 PID: 594 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.524502] Modules linked in: [ 72.524795] CPU: 0 PID: 594 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.525583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.526793] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.527270] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.528914] RSP: 0018:ffff88800f1c7bd0 EFLAGS: 00010246 [ 72.529413] RAX: 0000000000000000 RBX: ffff888013d388a8 RCX: 0000000000000000 [ 72.530092] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 72.530774] RBP: ffff88800f1c7be8 R08: ffffed10027a7133 R09: ffffed10027a7133 [ 72.531427] R10: ffff888013d38993 R11: ffffed10027a7132 R12: ffff888016c99c00 [ 72.532067] R13: ffff888013d389e8 R14: ffff88800fa33300 R15: 0000000000000000 [ 72.532712] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.533438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.533964] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 72.534641] PKRU: 55555554 [ 72.534906] Call Trace: [ 72.535148] [ 72.535357] iommufd_access_destroy_object+0x65/0x170 [ 72.535841] iommufd_object_destroy_user+0x18e/0x220 [ 72.536310] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.536850] iommufd_access_destroy+0x43/0x70 [ 72.537287] iommufd_test_staccess_release+0x8d/0xd0 [ 72.537762] __fput+0x26d/0xa40 [ 72.538079] ____fput+0x1e/0x30 [ 72.538392] task_work_run+0x1a4/0x2d0 [ 72.538785] ? __pfx_task_work_run+0x10/0x10 [ 72.539225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.539743] ? switch_task_namespaces+0xa9/0xe0 [ 72.540210] do_exit+0xb17/0x2ef0 [ 72.540542] ? lock_acquire+0x427/0x4c0 [ 72.540940] ? __pfx_lock_release+0x10/0x10 [ 72.541372] ? __kasan_check_write+0x18/0x20 [ 72.541788] ? do_raw_spin_lock+0x132/0x2a0 [ 72.542195] ? __pfx_do_exit+0x10/0x10 [ 72.542606] ? debug_smp_processor_id+0x20/0x30 [ 72.543051] ? rcu_is_watching+0x19/0xb0 [ 72.543444] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.543876] ? trace_hardirqs_on+0x26/0x120 [ 72.544292] do_group_exit+0xe0/0x2b0 [ 72.544654] __x64_sys_exit_group+0x47/0x50 [ 72.545057] do_syscall_64+0x3b/0x90 [ 72.545416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.545908] RIP: 0033:0x7f4b87518a4d [ 72.546253] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.546850] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.547583] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.548266] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.548978] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.549655] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.550317] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.551009] [ 72.551249] irq event stamp: 0 [ 72.551554] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.552153] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.552943] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.553714] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.554300] ---[ end trace 0000000000000000 ]--- [ 72.555149] ------------[ cut here ]------------ [ 72.555599] WARNING: CPU: 0 PID: 594 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.556573] Modules linked in: [ 72.556880] CPU: 0 PID: 594 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.557684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.558753] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.559272] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.560968] RSP: 0018:ffff88800f1c7b78 EFLAGS: 00010246 [ 72.561469] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.562132] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 72.562824] RBP: ffff88800f1c7b98 R08: ffffed10027a713e R09: ffffed10027a713e [ 72.563510] R10: ffff888013d389ef R11: ffffed10027a713d R12: ffff888013d38a90 [ 72.564189] R13: ffff888013d388a8 R14: ffffffffffffffff R15: ffff88800f1c7c60 [ 72.564856] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.565602] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.566144] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 72.566831] PKRU: 55555554 [ 72.567114] Call Trace: [ 72.567361] [ 72.567579] iommufd_ioas_destroy+0x53/0x70 [ 72.567996] iommufd_fops_release+0x1f7/0x370 [ 72.568431] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.568903] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.569373] ? write_comp_data+0x2f/0x90 [ 72.569799] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.570288] __fput+0x26d/0xa40 [ 72.570638] ____fput+0x1e/0x30 [ 72.570961] task_work_run+0x1a4/0x2d0 [ 72.571352] ? __pfx_task_work_run+0x10/0x10 [ 72.571773] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.572242] ? switch_task_namespaces+0xa9/0xe0 [ 72.572684] do_exit+0xb17/0x2ef0 [ 72.573056] ? lock_acquire+0x427/0x4c0 [ 72.573439] ? __pfx_lock_release+0x10/0x10 [ 72.573855] ? __kasan_check_write+0x18/0x20 [ 72.574275] ? do_raw_spin_lock+0x132/0x2a0 [ 72.574709] ? __pfx_do_exit+0x10/0x10 [ 72.575094] ? debug_smp_processor_id+0x20/0x30 [ 72.575546] ? rcu_is_watching+0x19/0xb0 [ 72.575952] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.576374] ? trace_hardirqs_on+0x26/0x120 [ 72.576782] do_group_exit+0xe0/0x2b0 [ 72.577142] __x64_sys_exit_group+0x47/0x50 [ 72.577547] do_syscall_64+0x3b/0x90 [ 72.577906] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.578415] RIP: 0033:0x7f4b87518a4d [ 72.578806] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.579415] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.580122] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.580788] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.581466] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.582136] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.582845] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.583535] [ 72.583756] irq event stamp: 0 [ 72.584053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.584643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.585414] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.586182] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.586799] ---[ end trace 0000000000000000 ]--- [ 72.592365] ------------[ cut here ]------------ [ 72.592874] WARNING: CPU: 0 PID: 595 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.593806] Modules linked in: [ 72.594106] CPU: 0 PID: 595 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.594998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.596068] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.596539] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.598247] RSP: 0018:ffff8880140cfbb8 EFLAGS: 00010246 [ 72.598794] RAX: 0000000000000000 RBX: ffff888012b1c8a8 RCX: 0000000000000000 [ 72.599461] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 72.600120] RBP: ffff8880140cfbd0 R08: ffffed1002563933 R09: ffffed1002563933 [ 72.600783] R10: ffff888012b1c993 R11: ffffed1002563932 R12: ffff888021bca800 [ 72.601453] R13: ffff888012b1c9e8 R14: ffffffff8352e670 R15: ffff8880140cfe68 [ 72.602128] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.602946] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.603515] CR2: 0000000020000140 CR3: 0000000013e88000 CR4: 0000000000750ef0 [ 72.604199] PKRU: 55555554 [ 72.604469] Call Trace: [ 72.604717] [ 72.604954] __iommufd_access_detach+0x1c2/0x2b0 [ 72.605436] iommufd_access_change_pt+0x149/0x270 [ 72.605891] iommufd_access_replace+0xb4/0x120 [ 72.606323] iommufd_test+0x3e5/0x37e0 [ 72.606722] ? lock_release+0x532/0x770 [ 72.607113] ? __might_fault+0x102/0x1b0 [ 72.607502] ? lock_acquire+0x427/0x4c0 [ 72.607884] ? __pfx_iommufd_test+0x10/0x10 [ 72.608283] ? __pfx_lock_release+0x10/0x10 [ 72.608689] ? __pfx_lock_acquire+0x10/0x10 [ 72.609104] ? write_comp_data+0x2f/0x90 [ 72.609487] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.609944] ? write_comp_data+0x2f/0x90 [ 72.610338] iommufd_fops_ioctl+0x37d/0x510 [ 72.610777] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.611253] ? write_comp_data+0x2f/0x90 [ 72.611644] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.612095] __x64_sys_ioctl+0x1a3/0x230 [ 72.612483] do_syscall_64+0x3b/0x90 [ 72.612842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.613332] RIP: 0033:0x7f4b8743ee5d [ 72.613682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.615402] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.616112] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.616770] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.617425] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.618074] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.618763] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.619449] [ 72.619668] irq event stamp: 0 [ 72.619956] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.620548] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.621327] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.622083] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.622679] ---[ end trace 0000000000000000 ]--- [ 72.625724] ------------[ cut here ]------------ [ 72.626190] WARNING: CPU: 0 PID: 595 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.627172] Modules linked in: [ 72.627471] CPU: 0 PID: 595 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.628267] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.629303] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.629764] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.631525] RSP: 0018:ffff8880140cfbd0 EFLAGS: 00010246 [ 72.632021] RAX: 0000000000000000 RBX: ffff888012b1c8a8 RCX: 0000000000000000 [ 72.633294] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 72.633959] RBP: ffff8880140cfbe8 R08: ffffed1002563933 R09: ffffed1002563933 [ 72.634771] R10: ffff888012b1c993 R11: ffffed1002563932 R12: ffff888021bc5800 [ 72.635625] R13: ffff888012b1c9e8 R14: ffff8880104d9a00 R15: 0000000000000000 [ 72.636288] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.637281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.637798] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.638611] PKRU: 55555554 [ 72.638984] Call Trace: [ 72.639224] [ 72.639424] iommufd_access_destroy_object+0x65/0x170 [ 72.639891] iommufd_object_destroy_user+0x18e/0x220 [ 72.640402] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.641113] iommufd_access_destroy+0x43/0x70 [ 72.641532] iommufd_test_staccess_release+0x8d/0xd0 [ 72.642081] __fput+0x26d/0xa40 [ 72.642575] ____fput+0x1e/0x30 [ 72.642883] task_work_run+0x1a4/0x2d0 [ 72.643266] ? __pfx_task_work_run+0x10/0x10 [ 72.643678] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.644130] ? switch_task_namespaces+0xa9/0xe0 [ 72.644806] do_exit+0xb17/0x2ef0 [ 72.645129] ? lock_acquire+0x427/0x4c0 [ 72.645504] ? __pfx_lock_release+0x10/0x10 [ 72.646121] ? __kasan_check_write+0x18/0x20 [ 72.646557] ? do_raw_spin_lock+0x132/0x2a0 [ 72.646956] ? __pfx_do_exit+0x10/0x10 [ 72.647425] ? debug_smp_processor_id+0x20/0x30 [ 72.647979] ? rcu_is_watching+0x19/0xb0 [ 72.648400] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.648951] ? trace_hardirqs_on+0x26/0x120 [ 72.649351] do_group_exit+0xe0/0x2b0 [ 72.649918] __x64_sys_exit_group+0x47/0x50 [ 72.650310] do_syscall_64+0x3b/0x90 [ 72.650717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.651333] RIP: 0033:0x7f4b87518a4d [ 72.651675] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.652232] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.653146] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.653790] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.654681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.655368] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.656015] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.656918] [ 72.657134] irq event stamp: 0 [ 72.657421] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.657995] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.658973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.659742] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.660312] ---[ end trace 0000000000000000 ]--- [ 72.661690] ------------[ cut here ]------------ [ 72.662283] WARNING: CPU: 0 PID: 595 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.663503] Modules linked in: [ 72.663802] CPU: 0 PID: 595 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.664580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.665593] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.666061] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.667734] RSP: 0018:ffff8880140cfb78 EFLAGS: 00010246 [ 72.668216] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.668856] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 72.669559] RBP: ffff8880140cfb98 R08: ffffed100256393e R09: ffffed100256393e [ 72.670200] R10: ffff888012b1c9ef R11: ffffed100256393d R12: ffff888012b1ca90 [ 72.670873] R13: ffff888012b1c8a8 R14: ffffffffffffffff R15: ffff8880140cfc60 [ 72.671533] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.672268] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.672789] CR2: 00007ff8d000e028 CR3: 000000001444e000 CR4: 0000000000750ef0 [ 72.673429] PKRU: 55555554 [ 72.673685] Call Trace: [ 72.673916] [ 72.674121] iommufd_ioas_destroy+0x53/0x70 [ 72.674547] iommufd_fops_release+0x1f7/0x370 [ 72.674964] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.675434] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.675884] ? write_comp_data+0x2f/0x90 [ 72.676262] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.676717] __fput+0x26d/0xa40 [ 72.677027] ____fput+0x1e/0x30 [ 72.677330] task_work_run+0x1a4/0x2d0 [ 72.677695] ? __pfx_task_work_run+0x10/0x10 [ 72.678098] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.678569] ? switch_task_namespaces+0xa9/0xe0 [ 72.679000] do_exit+0xb17/0x2ef0 [ 72.679327] ? lock_acquire+0x427/0x4c0 [ 72.679699] ? __pfx_lock_release+0x10/0x10 [ 72.680094] ? __kasan_check_write+0x18/0x20 [ 72.680497] ? do_raw_spin_lock+0x132/0x2a0 [ 72.680891] ? __pfx_do_exit+0x10/0x10 [ 72.681248] ? debug_smp_processor_id+0x20/0x30 [ 72.681669] ? rcu_is_watching+0x19/0xb0 [ 72.682039] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.682451] ? trace_hardirqs_on+0x26/0x120 [ 72.682892] do_group_exit+0xe0/0x2b0 [ 72.683253] __x64_sys_exit_group+0x47/0x50 [ 72.683653] do_syscall_64+0x3b/0x90 [ 72.684009] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.684491] RIP: 0033:0x7f4b87518a4d [ 72.684837] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.685400] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.686083] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.686755] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.687438] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.688088] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.688734] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.689383] [ 72.689596] irq event stamp: 0 [ 72.689882] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.690448] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.691248] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.692015] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.692591] ---[ end trace 0000000000000000 ]--- [ 72.699307] ------------[ cut here ]------------ [ 72.699779] WARNING: CPU: 0 PID: 596 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.701083] Modules linked in: [ 72.701379] CPU: 0 PID: 596 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.702164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.703602] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.704078] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.705772] RSP: 0018:ffff88800f1c7bb8 EFLAGS: 00010246 [ 72.706274] RAX: 0000000000000000 RBX: ffff8880181290a8 RCX: 0000000000000000 [ 72.706970] RDX: 0000000000000000 RSI: ffff88800bd58000 RDI: 0000000000000002 [ 72.707653] RBP: ffff88800f1c7bd0 R08: ffffed1003025233 R09: ffffed1003025233 [ 72.708311] R10: ffff888018129193 R11: ffffed1003025232 R12: ffff888014748000 [ 72.708974] R13: ffff8880181291e8 R14: ffffffff8352e670 R15: ffff88800f1c7e68 [ 72.709640] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.710388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.710964] CR2: 0000000020000140 CR3: 0000000013e88000 CR4: 0000000000750ef0 [ 72.711645] PKRU: 55555554 [ 72.711911] Call Trace: [ 72.712151] [ 72.712361] __iommufd_access_detach+0x1c2/0x2b0 [ 72.712825] iommufd_access_change_pt+0x149/0x270 [ 72.713293] iommufd_access_replace+0xb4/0x120 [ 72.713723] iommufd_test+0x3e5/0x37e0 [ 72.714093] ? lock_release+0x532/0x770 [ 72.714479] ? __might_fault+0x102/0x1b0 [ 72.714903] ? lock_acquire+0x427/0x4c0 [ 72.715298] ? __pfx_iommufd_test+0x10/0x10 [ 72.715707] ? __pfx_lock_release+0x10/0x10 [ 72.716119] ? __pfx_lock_acquire+0x10/0x10 [ 72.716537] ? write_comp_data+0x2f/0x90 [ 72.716931] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.717388] ? write_comp_data+0x2f/0x90 [ 72.717773] iommufd_fops_ioctl+0x37d/0x510 [ 72.718176] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.718656] ? write_comp_data+0x2f/0x90 [ 72.719045] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.719520] __x64_sys_ioctl+0x1a3/0x230 [ 72.719918] do_syscall_64+0x3b/0x90 [ 72.720280] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.720777] RIP: 0033:0x7f4b8743ee5d [ 72.721134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.722859] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.723586] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.724267] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.724997] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.725720] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.726444] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.727217] [ 72.727458] irq event stamp: 0 [ 72.727780] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.728422] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.729266] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.730118] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.730785] ---[ end trace 0000000000000000 ]--- [ 72.734223] ------------[ cut here ]------------ [ 72.734789] WARNING: CPU: 0 PID: 596 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.735829] Modules linked in: [ 72.736155] CPU: 0 PID: 596 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.737366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.738808] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.739345] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.741344] RSP: 0018:ffff88800f1c7bd0 EFLAGS: 00010246 [ 72.742090] RAX: 0000000000000000 RBX: ffff8880181290a8 RCX: 0000000000000000 [ 72.743023] RDX: 0000000000000000 RSI: ffff88800bd58000 RDI: 0000000000000002 [ 72.743767] RBP: ffff88800f1c7be8 R08: ffffed1003025233 R09: ffffed1003025233 [ 72.744490] R10: ffff888018129193 R11: ffffed1003025232 R12: ffff888021bcbc00 [ 72.745216] R13: ffff8880181291e8 R14: ffff88800fd8cd00 R15: 0000000000000000 [ 72.746112] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.747291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.747893] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.748622] PKRU: 55555554 [ 72.748914] Call Trace: [ 72.749177] [ 72.749408] iommufd_access_destroy_object+0x65/0x170 [ 72.749946] iommufd_object_destroy_user+0x18e/0x220 [ 72.750676] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.751482] iommufd_access_destroy+0x43/0x70 [ 72.751963] iommufd_test_staccess_release+0x8d/0xd0 [ 72.752505] __fput+0x26d/0xa40 [ 72.752860] ____fput+0x1e/0x30 [ 72.753209] task_work_run+0x1a4/0x2d0 [ 72.753612] ? __pfx_task_work_run+0x10/0x10 [ 72.754069] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.754729] ? switch_task_namespaces+0xa9/0xe0 [ 72.755454] do_exit+0xb17/0x2ef0 [ 72.755811] ? lock_acquire+0x427/0x4c0 [ 72.756226] ? __pfx_lock_release+0x10/0x10 [ 72.756673] ? __kasan_check_write+0x18/0x20 [ 72.757127] ? do_raw_spin_lock+0x132/0x2a0 [ 72.757571] ? __pfx_do_exit+0x10/0x10 [ 72.757979] ? debug_smp_processor_id+0x20/0x30 [ 72.759037] ? rcu_is_watching+0x19/0xb0 [ 72.759492] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.759962] ? trace_hardirqs_on+0x26/0x120 [ 72.760405] do_group_exit+0xe0/0x2b0 [ 72.760794] __x64_sys_exit_group+0x47/0x50 [ 72.761234] do_syscall_64+0x3b/0x90 [ 72.761634] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.762434] RIP: 0033:0x7f4b87518a4d [ 72.762998] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.763686] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.764496] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.765243] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.766140] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.767212] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.767951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.768676] [ 72.768916] irq event stamp: 0 [ 72.769234] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.769928] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.771160] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.772031] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.772694] ---[ end trace 0000000000000000 ]--- [ 72.773809] ------------[ cut here ]------------ [ 72.774302] WARNING: CPU: 0 PID: 596 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.775601] Modules linked in: [ 72.775938] CPU: 0 PID: 596 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.776941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.778272] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.779034] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.781151] RSP: 0018:ffff88800f1c7b78 EFLAGS: 00010246 [ 72.781698] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.782713] RDX: 0000000000000000 RSI: ffff88800bd58000 RDI: 0000000000000002 [ 72.783476] RBP: ffff88800f1c7b98 R08: ffffed100302523e R09: ffffed100302523e [ 72.784423] R10: ffff8880181291ef R11: ffffed100302523d R12: ffff888018129290 [ 72.785153] R13: ffff8880181290a8 R14: ffffffffffffffff R15: ffff88800f1c7c60 [ 72.786127] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.787012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.787703] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.788572] PKRU: 55555554 [ 72.788868] Call Trace: [ 72.789131] [ 72.789489] iommufd_ioas_destroy+0x53/0x70 [ 72.790040] iommufd_fops_release+0x1f7/0x370 [ 72.790533] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.791060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.791802] ? write_comp_data+0x2f/0x90 [ 72.792230] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.792796] __fput+0x26d/0xa40 [ 72.793308] ____fput+0x1e/0x30 [ 72.793657] task_work_run+0x1a4/0x2d0 [ 72.794065] ? __pfx_task_work_run+0x10/0x10 [ 72.794755] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.795276] ? switch_task_namespaces+0xa9/0xe0 [ 72.795765] do_exit+0xb17/0x2ef0 [ 72.796175] ? lock_acquire+0x427/0x4c0 [ 72.796736] ? __pfx_lock_release+0x10/0x10 [ 72.797237] ? __kasan_check_write+0x18/0x20 [ 72.797783] ? do_raw_spin_lock+0x132/0x2a0 [ 72.798347] ? __pfx_do_exit+0x10/0x10 [ 72.798777] ? debug_smp_processor_id+0x20/0x30 [ 72.799268] ? rcu_is_watching+0x19/0xb0 [ 72.799748] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.800331] ? trace_hardirqs_on+0x26/0x120 [ 72.800783] do_group_exit+0xe0/0x2b0 [ 72.801249] __x64_sys_exit_group+0x47/0x50 [ 72.801812] do_syscall_64+0x3b/0x90 [ 72.802212] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.802777] RIP: 0033:0x7f4b87518a4d [ 72.803172] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.803804] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.804581] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.805309] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.806030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.806781] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.807518] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.808251] [ 72.808487] irq event stamp: 0 [ 72.808804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.809431] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.810270] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.811134] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.811768] ---[ end trace 0000000000000000 ]--- [ 72.816913] ------------[ cut here ]------------ [ 72.817401] WARNING: CPU: 0 PID: 597 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.818320] Modules linked in: [ 72.818823] CPU: 0 PID: 597 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.819642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.820677] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.821136] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.822845] RSP: 0018:ffff888012927bb8 EFLAGS: 00010246 [ 72.823343] RAX: 0000000000000000 RBX: ffff888020afc0a8 RCX: 0000000000000000 [ 72.824002] RDX: 0000000000000000 RSI: ffff888013b84a00 RDI: 0000000000000002 [ 72.824638] RBP: ffff888012927bd0 R08: ffffed100415f833 R09: ffffed100415f833 [ 72.825271] R10: ffff888020afc193 R11: ffffed100415f832 R12: ffff8880135f0000 [ 72.825903] R13: ffff888020afc1e8 R14: ffffffff8352e670 R15: ffff888012927e68 [ 72.826564] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.827288] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.827804] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 72.828439] PKRU: 55555554 [ 72.828692] Call Trace: [ 72.828918] [ 72.829169] __iommufd_access_detach+0x1c2/0x2b0 [ 72.829608] iommufd_access_change_pt+0x149/0x270 [ 72.830048] iommufd_access_replace+0xb4/0x120 [ 72.830472] iommufd_test+0x3e5/0x37e0 [ 72.830857] ? lock_release+0x532/0x770 [ 72.831235] ? __might_fault+0x102/0x1b0 [ 72.831614] ? lock_acquire+0x427/0x4c0 [ 72.831982] ? __pfx_iommufd_test+0x10/0x10 [ 72.832368] ? __pfx_lock_release+0x10/0x10 [ 72.832757] ? __pfx_lock_acquire+0x10/0x10 [ 72.833134] ? write_comp_data+0x2f/0x90 [ 72.833496] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.833915] ? write_comp_data+0x2f/0x90 [ 72.834269] iommufd_fops_ioctl+0x37d/0x510 [ 72.834664] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.835085] ? write_comp_data+0x2f/0x90 [ 72.835456] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.835867] __x64_sys_ioctl+0x1a3/0x230 [ 72.836230] do_syscall_64+0x3b/0x90 [ 72.836569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.837022] RIP: 0033:0x7f4b8743ee5d [ 72.837338] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.838908] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.839569] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.840187] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.840792] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.841396] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.841999] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.842637] [ 72.842839] irq event stamp: 0 [ 72.843112] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.843650] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.844364] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.845072] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.845608] ---[ end trace 0000000000000000 ]--- [ 72.848567] ------------[ cut here ]------------ [ 72.849008] WARNING: CPU: 0 PID: 597 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.849859] Modules linked in: [ 72.850132] CPU: 0 PID: 597 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.850936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.851892] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.852317] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.853850] RSP: 0018:ffff888012927bd0 EFLAGS: 00010246 [ 72.854297] RAX: 0000000000000000 RBX: ffff888020afc0a8 RCX: 0000000000000000 [ 72.854920] RDX: 0000000000000000 RSI: ffff888013b84a00 RDI: 0000000000000002 [ 72.855527] RBP: ffff888012927be8 R08: ffffed100415f833 R09: ffffed100415f833 [ 72.856127] R10: ffff888020afc193 R11: ffffed100415f832 R12: ffff88801474b000 [ 72.856726] R13: ffff888020afc1e8 R14: ffff888013fbe600 R15: 0000000000000000 [ 72.857329] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.858005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.858495] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.859129] PKRU: 55555554 [ 72.859371] Call Trace: [ 72.859588] [ 72.859779] iommufd_access_destroy_object+0x65/0x170 [ 72.860224] iommufd_object_destroy_user+0x18e/0x220 [ 72.860659] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.861206] iommufd_access_destroy+0x43/0x70 [ 72.861598] iommufd_test_staccess_release+0x8d/0xd0 [ 72.862040] __fput+0x26d/0xa40 [ 72.862337] ____fput+0x1e/0x30 [ 72.862646] task_work_run+0x1a4/0x2d0 [ 72.862990] ? __pfx_task_work_run+0x10/0x10 [ 72.863382] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.863813] ? switch_task_namespaces+0xa9/0xe0 [ 72.864227] do_exit+0xb17/0x2ef0 [ 72.864532] ? lock_acquire+0x427/0x4c0 [ 72.864872] ? __pfx_lock_release+0x10/0x10 [ 72.865227] ? __kasan_check_write+0x18/0x20 [ 72.865587] ? do_raw_spin_lock+0x132/0x2a0 [ 72.865936] ? __pfx_do_exit+0x10/0x10 [ 72.866262] ? debug_smp_processor_id+0x20/0x30 [ 72.866681] ? rcu_is_watching+0x19/0xb0 [ 72.867019] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.867404] ? trace_hardirqs_on+0x26/0x120 [ 72.867765] do_group_exit+0xe0/0x2b0 [ 72.868079] __x64_sys_exit_group+0x47/0x50 [ 72.868429] do_syscall_64+0x3b/0x90 [ 72.868739] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.869171] RIP: 0033:0x7f4b87518a4d [ 72.869477] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.869979] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.870618] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.871207] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.871786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.872357] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.872936] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.873517] [ 72.873710] irq event stamp: 0 [ 72.873963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.874469] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.875176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.875863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.876372] ---[ end trace 0000000000000000 ]--- [ 72.877087] ------------[ cut here ]------------ [ 72.877469] WARNING: CPU: 0 PID: 597 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.878287] Modules linked in: [ 72.878581] CPU: 0 PID: 597 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.879300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.880206] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.880628] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.882096] RSP: 0018:ffff888012927b78 EFLAGS: 00010246 [ 72.882549] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.883132] RDX: 0000000000000000 RSI: ffff888013b84a00 RDI: 0000000000000002 [ 72.883700] RBP: ffff888012927b98 R08: ffffed100415f83e R09: ffffed100415f83e [ 72.884268] R10: ffff888020afc1ef R11: ffffed100415f83d R12: ffff888020afc290 [ 72.884841] R13: ffff888020afc0a8 R14: ffffffffffffffff R15: ffff888012927c60 [ 72.885412] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.886056] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.886548] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.887128] PKRU: 55555554 [ 72.887361] Call Trace: [ 72.887570] [ 72.887758] iommufd_ioas_destroy+0x53/0x70 [ 72.888119] iommufd_fops_release+0x1f7/0x370 [ 72.888538] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.889167] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.889576] ? write_comp_data+0x2f/0x90 [ 72.889926] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.890335] __fput+0x26d/0xa40 [ 72.890727] ____fput+0x1e/0x30 [ 72.891138] task_work_run+0x1a4/0x2d0 [ 72.891468] ? __pfx_task_work_run+0x10/0x10 [ 72.891833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.892232] ? switch_task_namespaces+0xa9/0xe0 [ 72.892631] do_exit+0xb17/0x2ef0 [ 72.892985] ? lock_acquire+0x427/0x4c0 [ 72.893447] ? __pfx_lock_release+0x10/0x10 [ 72.893810] ? __kasan_check_write+0x18/0x20 [ 72.894179] ? do_raw_spin_lock+0x132/0x2a0 [ 72.894549] ? __pfx_do_exit+0x10/0x10 [ 72.894877] ? debug_smp_processor_id+0x20/0x30 [ 72.895265] ? rcu_is_watching+0x19/0xb0 [ 72.895596] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.895968] ? trace_hardirqs_on+0x26/0x120 [ 72.896323] do_group_exit+0xe0/0x2b0 [ 72.896664] __x64_sys_exit_group+0x47/0x50 [ 72.897179] do_syscall_64+0x3b/0x90 [ 72.897490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.897916] RIP: 0033:0x7f4b87518a4d [ 72.898218] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.898788] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.899555] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.900129] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.900699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.901267] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.902044] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.902645] [ 72.902838] irq event stamp: 0 [ 72.903092] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.903603] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.904351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.905116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.905620] ---[ end trace 0000000000000000 ]--- [ 72.909837] ------------[ cut here ]------------ [ 72.910241] WARNING: CPU: 0 PID: 598 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.911274] Modules linked in: [ 72.911534] CPU: 0 PID: 598 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.912222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.913117] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.913515] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.915007] RSP: 0018:ffff88800f1c7bb8 EFLAGS: 00010246 [ 72.915445] RAX: 0000000000000000 RBX: ffff8880180bb8a8 RCX: 0000000000000000 [ 72.916017] RDX: 0000000000000000 RSI: ffff88800bd5ca00 RDI: 0000000000000002 [ 72.916583] RBP: ffff88800f1c7bd0 R08: ffffed1003017733 R09: ffffed1003017733 [ 72.917159] R10: ffff8880180bb993 R11: ffffed1003017732 R12: ffff8880179a5000 [ 72.917725] R13: ffff8880180bb9e8 R14: ffffffff8352e670 R15: ffff88800f1c7e68 [ 72.918291] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.918956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.919433] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 72.920006] PKRU: 55555554 [ 72.920234] Call Trace: [ 72.920440] [ 72.920621] __iommufd_access_detach+0x1c2/0x2b0 [ 72.921014] iommufd_access_change_pt+0x149/0x270 [ 72.921426] iommufd_access_replace+0xb4/0x120 [ 72.921806] iommufd_test+0x3e5/0x37e0 [ 72.922120] ? lock_release+0x532/0x770 [ 72.922452] ? __might_fault+0x102/0x1b0 [ 72.922811] ? lock_acquire+0x427/0x4c0 [ 72.923154] ? __pfx_iommufd_test+0x10/0x10 [ 72.923499] ? __pfx_lock_release+0x10/0x10 [ 72.923858] ? __pfx_lock_acquire+0x10/0x10 [ 72.924219] ? write_comp_data+0x2f/0x90 [ 72.924555] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.924989] ? write_comp_data+0x2f/0x90 [ 72.925339] iommufd_fops_ioctl+0x37d/0x510 [ 72.925689] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.926074] ? write_comp_data+0x2f/0x90 [ 72.926399] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 72.926797] __x64_sys_ioctl+0x1a3/0x230 [ 72.927136] do_syscall_64+0x3b/0x90 [ 72.927438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.927850] RIP: 0033:0x7f4b8743ee5d [ 72.928140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 72.929549] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 72.930138] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 72.930710] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 72.931268] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 72.931822] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 72.932373] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 72.932936] [ 72.933121] irq event stamp: 0 [ 72.933368] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.933869] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.934541] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.935182] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.935660] ---[ end trace 0000000000000000 ]--- [ 72.938540] ------------[ cut here ]------------ [ 72.938935] WARNING: CPU: 0 PID: 598 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 72.939853] Modules linked in: [ 72.940100] CPU: 0 PID: 598 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.940763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.941776] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 72.942163] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 72.943799] RSP: 0018:ffff88800f1c7bd0 EFLAGS: 00010246 [ 72.944289] RAX: 0000000000000000 RBX: ffff8880180bb8a8 RCX: 0000000000000000 [ 72.944832] RDX: 0000000000000000 RSI: ffff88800bd5ca00 RDI: 0000000000000002 [ 72.945371] RBP: ffff88800f1c7be8 R08: ffffed1003017733 R09: ffffed1003017733 [ 72.945911] R10: ffff8880180bb993 R11: ffffed1003017732 R12: ffff8880135f3000 [ 72.946623] R13: ffff8880180bb9e8 R14: ffff888014b9e100 R15: 0000000000000000 [ 72.947174] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.947787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.948230] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.948773] PKRU: 55555554 [ 72.949006] Call Trace: [ 72.949243] [ 72.949519] iommufd_access_destroy_object+0x65/0x170 [ 72.949921] iommufd_object_destroy_user+0x18e/0x220 [ 72.950315] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 72.950791] iommufd_access_destroy+0x43/0x70 [ 72.951156] iommufd_test_staccess_release+0x8d/0xd0 [ 72.951558] __fput+0x26d/0xa40 [ 72.951907] ____fput+0x1e/0x30 [ 72.952261] task_work_run+0x1a4/0x2d0 [ 72.952570] ? __pfx_task_work_run+0x10/0x10 [ 72.952911] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.953291] ? switch_task_namespaces+0xa9/0xe0 [ 72.953660] do_exit+0xb17/0x2ef0 [ 72.953992] ? lock_acquire+0x427/0x4c0 [ 72.954393] ? __pfx_lock_release+0x10/0x10 [ 72.954749] ? __kasan_check_write+0x18/0x20 [ 72.955091] ? do_raw_spin_lock+0x132/0x2a0 [ 72.955435] ? __pfx_do_exit+0x10/0x10 [ 72.955742] ? debug_smp_processor_id+0x20/0x30 [ 72.956100] ? rcu_is_watching+0x19/0xb0 [ 72.956413] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.956839] ? trace_hardirqs_on+0x26/0x120 [ 72.957302] do_group_exit+0xe0/0x2b0 [ 72.957596] __x64_sys_exit_group+0x47/0x50 [ 72.957925] do_syscall_64+0x3b/0x90 [ 72.958217] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.958637] RIP: 0033:0x7f4b87518a4d [ 72.959075] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.959549] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.960129] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.960675] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.961219] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.961838] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.962495] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.963075] [ 72.963270] irq event stamp: 0 [ 72.963520] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.964034] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.964788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.965496] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.966049] ---[ end trace 0000000000000000 ]--- [ 72.966812] ------------[ cut here ]------------ [ 72.967181] WARNING: CPU: 0 PID: 598 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 72.967955] Modules linked in: [ 72.968243] CPU: 0 PID: 598 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 72.969020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 72.970025] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 72.970422] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 72.972199] RSP: 0018:ffff88800f1c7b78 EFLAGS: 00010246 [ 72.972685] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 72.973341] RDX: 0000000000000000 RSI: ffff88800bd5ca00 RDI: 0000000000000002 [ 72.974092] RBP: ffff88800f1c7b98 R08: ffffed100301773e R09: ffffed100301773e [ 72.974679] R10: ffff8880180bb9ef R11: ffffed100301773d R12: ffff8880180bba90 [ 72.975430] R13: ffff8880180bb8a8 R14: ffffffffffffffff R15: ffff88800f1c7c60 [ 72.976000] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 72.976840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 72.977305] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 72.977943] PKRU: 55555554 [ 72.978287] Call Trace: [ 72.978493] [ 72.978696] iommufd_ioas_destroy+0x53/0x70 [ 72.979053] iommufd_fops_release+0x1f7/0x370 [ 72.979429] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.979835] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.980234] ? write_comp_data+0x2f/0x90 [ 72.980572] ? __pfx_iommufd_fops_release+0x10/0x10 [ 72.980974] __fput+0x26d/0xa40 [ 72.981252] ____fput+0x1e/0x30 [ 72.981526] task_work_run+0x1a4/0x2d0 [ 72.981848] ? __pfx_task_work_run+0x10/0x10 [ 72.982205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 72.982619] ? switch_task_namespaces+0xa9/0xe0 [ 72.983014] do_exit+0xb17/0x2ef0 [ 72.983308] ? lock_acquire+0x427/0x4c0 [ 72.983641] ? __pfx_lock_release+0x10/0x10 [ 72.983996] ? __kasan_check_write+0x18/0x20 [ 72.984356] ? do_raw_spin_lock+0x132/0x2a0 [ 72.984708] ? __pfx_do_exit+0x10/0x10 [ 72.985031] ? debug_smp_processor_id+0x20/0x30 [ 72.985412] ? rcu_is_watching+0x19/0xb0 [ 72.985741] ? _raw_spin_unlock_irq+0x2b/0x60 [ 72.986113] ? trace_hardirqs_on+0x26/0x120 [ 72.986468] do_group_exit+0xe0/0x2b0 [ 72.986798] __x64_sys_exit_group+0x47/0x50 [ 72.987153] do_syscall_64+0x3b/0x90 [ 72.987463] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 72.987888] RIP: 0033:0x7f4b87518a4d [ 72.988191] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 72.988685] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 72.989346] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 72.989916] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 72.990490] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 72.991085] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 72.991669] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 72.992253] [ 72.992445] irq event stamp: 0 [ 72.992701] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 72.993211] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 72.993891] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 72.994577] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.995088] ---[ end trace 0000000000000000 ]--- [ 72.999006] ------------[ cut here ]------------ [ 72.999416] WARNING: CPU: 0 PID: 599 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.000230] Modules linked in: [ 73.000484] CPU: 0 PID: 599 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.001172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.002066] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.002472] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.003960] RSP: 0018:ffff88801209fbb8 EFLAGS: 00010246 [ 73.004384] RAX: 0000000000000000 RBX: ffff88800cb708a8 RCX: 0000000000000000 [ 73.004952] RDX: 0000000000000000 RSI: ffff888013b80000 RDI: 0000000000000002 [ 73.005520] RBP: ffff88801209fbd0 R08: ffffed100196e133 R09: ffffed100196e133 [ 73.006090] R10: ffff88800cb70993 R11: ffffed100196e132 R12: ffff888016c99400 [ 73.006676] R13: ffff88800cb709e8 R14: ffffffff8352e670 R15: ffff88801209fe68 [ 73.007267] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.007908] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.008373] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ef0 [ 73.008947] PKRU: 55555554 [ 73.009173] Call Trace: [ 73.009380] [ 73.009563] __iommufd_access_detach+0x1c2/0x2b0 [ 73.009959] iommufd_access_change_pt+0x149/0x270 [ 73.010357] iommufd_access_replace+0xb4/0x120 [ 73.010757] iommufd_test+0x3e5/0x37e0 [ 73.011079] ? lock_release+0x532/0x770 [ 73.011418] ? __might_fault+0x102/0x1b0 [ 73.011753] ? lock_acquire+0x427/0x4c0 [ 73.012086] ? __pfx_iommufd_test+0x10/0x10 [ 73.012432] ? __pfx_lock_release+0x10/0x10 [ 73.012783] ? __pfx_lock_acquire+0x10/0x10 [ 73.013139] ? write_comp_data+0x2f/0x90 [ 73.013475] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.013871] ? write_comp_data+0x2f/0x90 [ 73.014214] iommufd_fops_ioctl+0x37d/0x510 [ 73.014593] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.014998] ? write_comp_data+0x2f/0x90 [ 73.015346] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.015738] __x64_sys_ioctl+0x1a3/0x230 [ 73.016081] do_syscall_64+0x3b/0x90 [ 73.016394] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.016823] RIP: 0033:0x7f4b8743ee5d [ 73.017125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.018608] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.019228] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.019803] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.020388] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.021010] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.021577] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.022151] [ 73.022336] irq event stamp: 0 [ 73.022604] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.023097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.023759] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.024402] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.024892] ---[ end trace 0000000000000000 ]--- [ 73.027746] ------------[ cut here ]------------ [ 73.028142] WARNING: CPU: 0 PID: 599 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.028919] Modules linked in: [ 73.029170] CPU: 0 PID: 599 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.029839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.030755] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.031143] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.032524] RSP: 0018:ffff88801209fbd0 EFLAGS: 00010246 [ 73.032928] RAX: 0000000000000000 RBX: ffff88800cb708a8 RCX: 0000000000000000 [ 73.033468] RDX: 0000000000000000 RSI: ffff888013b80000 RDI: 0000000000000002 [ 73.034008] RBP: ffff88801209fbe8 R08: ffffed100196e133 R09: ffffed100196e133 [ 73.034564] R10: ffff88800cb70993 R11: ffffed100196e132 R12: ffff8880179a4400 [ 73.035112] R13: ffff88800cb709e8 R14: ffff888018bacf00 R15: 0000000000000000 [ 73.035658] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.036275] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.036725] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.037271] PKRU: 55555554 [ 73.037493] Call Trace: [ 73.037691] [ 73.037867] iommufd_access_destroy_object+0x65/0x170 [ 73.038272] iommufd_object_destroy_user+0x18e/0x220 [ 73.038695] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.039165] iommufd_access_destroy+0x43/0x70 [ 73.039519] iommufd_test_staccess_release+0x8d/0xd0 [ 73.039917] __fput+0x26d/0xa40 [ 73.040185] ____fput+0x1e/0x30 [ 73.040448] task_work_run+0x1a4/0x2d0 [ 73.040756] ? __pfx_task_work_run+0x10/0x10 [ 73.041100] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.041478] ? switch_task_namespaces+0xa9/0xe0 [ 73.041850] do_exit+0xb17/0x2ef0 [ 73.042120] ? lock_acquire+0x427/0x4c0 [ 73.042433] ? __pfx_lock_release+0x10/0x10 [ 73.042791] ? __kasan_check_write+0x18/0x20 [ 73.043141] ? do_raw_spin_lock+0x132/0x2a0 [ 73.043477] ? __pfx_do_exit+0x10/0x10 [ 73.043787] ? debug_smp_processor_id+0x20/0x30 [ 73.044151] ? rcu_is_watching+0x19/0xb0 [ 73.044468] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.044823] ? trace_hardirqs_on+0x26/0x120 [ 73.045162] do_group_exit+0xe0/0x2b0 [ 73.045456] __x64_sys_exit_group+0x47/0x50 [ 73.045788] do_syscall_64+0x3b/0x90 [ 73.046082] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.046487] RIP: 0033:0x7f4b87518a4d [ 73.046798] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.047280] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.047863] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.048411] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.048956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.049498] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.050038] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.050614] [ 73.050796] irq event stamp: 0 [ 73.051043] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.051534] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.052174] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.052811] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.053344] ---[ end trace 0000000000000000 ]--- [ 73.054030] ------------[ cut here ]------------ [ 73.054393] WARNING: CPU: 0 PID: 599 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.055196] Modules linked in: [ 73.055448] CPU: 0 PID: 599 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.056112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.056971] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.057364] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.058786] RSP: 0018:ffff88801209fb78 EFLAGS: 00010246 [ 73.059208] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.059755] RDX: 0000000000000000 RSI: ffff888013b80000 RDI: 0000000000000002 [ 73.060299] RBP: ffff88801209fb98 R08: ffffed100196e13e R09: ffffed100196e13e [ 73.060843] R10: ffff88800cb709ef R11: ffffed100196e13d R12: ffff88800cb70a90 [ 73.061387] R13: ffff88800cb708a8 R14: ffffffffffffffff R15: ffff88801209fc60 [ 73.061928] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.062563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.063011] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.063563] PKRU: 55555554 [ 73.063784] Call Trace: [ 73.063982] [ 73.064155] iommufd_ioas_destroy+0x53/0x70 [ 73.064496] iommufd_fops_release+0x1f7/0x370 [ 73.064849] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.065240] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.065620] ? write_comp_data+0x2f/0x90 [ 73.065943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.066329] __fput+0x26d/0xa40 [ 73.066612] ____fput+0x1e/0x30 [ 73.066879] task_work_run+0x1a4/0x2d0 [ 73.067191] ? __pfx_task_work_run+0x10/0x10 [ 73.067538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.067920] ? switch_task_namespaces+0xa9/0xe0 [ 73.068290] do_exit+0xb17/0x2ef0 [ 73.068558] ? lock_acquire+0x427/0x4c0 [ 73.068878] ? __pfx_lock_release+0x10/0x10 [ 73.069218] ? __kasan_check_write+0x18/0x20 [ 73.069563] ? do_raw_spin_lock+0x132/0x2a0 [ 73.069898] ? __pfx_do_exit+0x10/0x10 [ 73.070204] ? debug_smp_processor_id+0x20/0x30 [ 73.070581] ? rcu_is_watching+0x19/0xb0 [ 73.070900] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.071271] ? trace_hardirqs_on+0x26/0x120 [ 73.071611] do_group_exit+0xe0/0x2b0 [ 73.071908] __x64_sys_exit_group+0x47/0x50 [ 73.072239] do_syscall_64+0x3b/0x90 [ 73.072537] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.072944] RIP: 0033:0x7f4b87518a4d [ 73.073229] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.073700] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.074280] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.074854] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.075405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.075950] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.076493] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.077044] [ 73.077222] irq event stamp: 0 [ 73.077464] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.077953] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.078609] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.079256] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.079743] ---[ end trace 0000000000000000 ]--- [ 73.084270] ------------[ cut here ]------------ [ 73.084659] WARNING: CPU: 0 PID: 600 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.085454] Modules linked in: [ 73.085693] CPU: 0 PID: 600 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.086333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.087242] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.087613] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.088958] RSP: 0018:ffff888018737bb8 EFLAGS: 00010246 [ 73.089351] RAX: 0000000000000000 RBX: ffff88801804b0a8 RCX: 0000000000000000 [ 73.089880] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 73.090404] RBP: ffff888018737bd0 R08: ffffed1003009633 R09: ffffed1003009633 [ 73.090950] R10: ffff88801804b193 R11: ffffed1003009632 R12: ffff88801844e000 [ 73.091490] R13: ffff88801804b1e8 R14: ffffffff8352e670 R15: ffff888018737e68 [ 73.092027] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.092625] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.093057] CR2: 0000000020000140 CR3: 00000000104d6000 CR4: 0000000000750ef0 [ 73.093586] PKRU: 55555554 [ 73.093799] Call Trace: [ 73.093992] [ 73.094163] __iommufd_access_detach+0x1c2/0x2b0 [ 73.094550] iommufd_access_change_pt+0x149/0x270 [ 73.094925] iommufd_access_replace+0xb4/0x120 [ 73.095286] iommufd_test+0x3e5/0x37e0 [ 73.095582] ? lock_release+0x532/0x770 [ 73.095892] ? __might_fault+0x102/0x1b0 [ 73.096206] ? lock_acquire+0x427/0x4c0 [ 73.096515] ? __pfx_iommufd_test+0x10/0x10 [ 73.096840] ? __pfx_lock_release+0x10/0x10 [ 73.097171] ? __pfx_lock_acquire+0x10/0x10 [ 73.097506] ? write_comp_data+0x2f/0x90 [ 73.097825] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.098200] ? write_comp_data+0x2f/0x90 [ 73.098531] iommufd_fops_ioctl+0x37d/0x510 [ 73.098863] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.099241] ? write_comp_data+0x2f/0x90 [ 73.099556] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.099921] __x64_sys_ioctl+0x1a3/0x230 [ 73.100236] do_syscall_64+0x3b/0x90 [ 73.100527] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.100922] RIP: 0033:0x7f4b8743ee5d [ 73.101204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.102592] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.103182] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.103718] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.104250] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.104783] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.105316] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.105858] [ 73.106035] irq event stamp: 0 [ 73.106276] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.106771] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.107408] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.108029] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.108502] ---[ end trace 0000000000000000 ]--- [ 73.111173] ------------[ cut here ]------------ [ 73.111556] WARNING: CPU: 0 PID: 600 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.112304] Modules linked in: [ 73.112544] CPU: 0 PID: 600 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.113189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.114030] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.114404] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.115778] RSP: 0018:ffff888018737bd0 EFLAGS: 00010246 [ 73.116192] RAX: 0000000000000000 RBX: ffff88801804b0a8 RCX: 0000000000000000 [ 73.116722] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 73.117285] RBP: ffff888018737be8 R08: ffffed1003009633 R09: ffffed1003009633 [ 73.117817] R10: ffff88801804b193 R11: ffffed1003009632 R12: ffff888016c9b400 [ 73.118347] R13: ffff88801804b1e8 R14: ffff888012c24c00 R15: 0000000000000000 [ 73.118892] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.119498] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.119934] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.120465] PKRU: 55555554 [ 73.120680] Call Trace: [ 73.120877] [ 73.121048] iommufd_access_destroy_object+0x65/0x170 [ 73.121443] iommufd_object_destroy_user+0x18e/0x220 [ 73.121829] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.122271] iommufd_access_destroy+0x43/0x70 [ 73.122636] iommufd_test_staccess_release+0x8d/0xd0 [ 73.123029] __fput+0x26d/0xa40 [ 73.123304] ____fput+0x1e/0x30 [ 73.123562] task_work_run+0x1a4/0x2d0 [ 73.123867] ? __pfx_task_work_run+0x10/0x10 [ 73.124209] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.124585] ? switch_task_namespaces+0xa9/0xe0 [ 73.124945] do_exit+0xb17/0x2ef0 [ 73.125213] ? lock_acquire+0x427/0x4c0 [ 73.125533] ? __pfx_lock_release+0x10/0x10 [ 73.125872] ? __kasan_check_write+0x18/0x20 [ 73.126215] ? do_raw_spin_lock+0x132/0x2a0 [ 73.126563] ? __pfx_do_exit+0x10/0x10 [ 73.126871] ? debug_smp_processor_id+0x20/0x30 [ 73.127241] ? rcu_is_watching+0x19/0xb0 [ 73.127552] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.127902] ? trace_hardirqs_on+0x26/0x120 [ 73.128238] do_group_exit+0xe0/0x2b0 [ 73.128529] __x64_sys_exit_group+0x47/0x50 [ 73.128858] do_syscall_64+0x3b/0x90 [ 73.129151] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.129549] RIP: 0033:0x7f4b87518a4d [ 73.129828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.130291] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.130886] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.131441] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.131984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.132518] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.133052] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.133594] [ 73.133772] irq event stamp: 0 [ 73.134012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.134485] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.135150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.135777] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.136251] ---[ end trace 0000000000000000 ]--- [ 73.136918] ------------[ cut here ]------------ [ 73.137275] WARNING: CPU: 0 PID: 600 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.138038] Modules linked in: [ 73.138281] CPU: 0 PID: 600 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.138951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.139808] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.140200] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.141568] RSP: 0018:ffff888018737b78 EFLAGS: 00010246 [ 73.141966] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.142498] RDX: 0000000000000000 RSI: ffff888014b52500 RDI: 0000000000000002 [ 73.143055] RBP: ffff888018737b98 R08: ffffed100300963e R09: ffffed100300963e [ 73.143598] R10: ffff88801804b1ef R11: ffffed100300963d R12: ffff88801804b290 [ 73.144137] R13: ffff88801804b0a8 R14: ffffffffffffffff R15: ffff888018737c60 [ 73.144672] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.145273] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.145709] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.146248] PKRU: 55555554 [ 73.146462] Call Trace: [ 73.146681] [ 73.146859] iommufd_ioas_destroy+0x53/0x70 [ 73.147201] iommufd_fops_release+0x1f7/0x370 [ 73.147557] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.148306] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.148697] ? write_comp_data+0x2f/0x90 [ 73.149213] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.149595] __fput+0x26d/0xa40 [ 73.149903] ____fput+0x1e/0x30 [ 73.150230] task_work_run+0x1a4/0x2d0 [ 73.150559] ? __pfx_task_work_run+0x10/0x10 [ 73.150898] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.151413] ? switch_task_namespaces+0xa9/0xe0 [ 73.151782] do_exit+0xb17/0x2ef0 [ 73.152048] ? lock_acquire+0x427/0x4c0 [ 73.152401] ? __pfx_lock_release+0x10/0x10 [ 73.152804] ? __kasan_check_write+0x18/0x20 [ 73.153145] ? do_raw_spin_lock+0x132/0x2a0 [ 73.153501] ? __pfx_do_exit+0x10/0x10 [ 73.153895] ? debug_smp_processor_id+0x20/0x30 [ 73.154258] ? rcu_is_watching+0x19/0xb0 [ 73.154592] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.155041] ? trace_hardirqs_on+0x26/0x120 [ 73.155387] do_group_exit+0xe0/0x2b0 [ 73.155681] __x64_sys_exit_group+0x47/0x50 [ 73.156006] do_syscall_64+0x3b/0x90 [ 73.156298] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.156828] RIP: 0033:0x7f4b87518a4d [ 73.157119] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.157588] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.158296] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.158859] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.159542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.160080] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.160676] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.161277] [ 73.161455] irq event stamp: 0 [ 73.161695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.162307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.162960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.163729] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.164211] ---[ end trace 0000000000000000 ]--- [ 73.169063] ------------[ cut here ]------------ [ 73.169428] WARNING: CPU: 0 PID: 601 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.170305] Modules linked in: [ 73.170687] CPU: 0 PID: 601 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.171413] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.172325] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.172765] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.174227] RSP: 0018:ffff888021a07bb8 EFLAGS: 00010246 [ 73.174791] RAX: 0000000000000000 RBX: ffff8880165678a8 RCX: 0000000000000000 [ 73.175350] RDX: 0000000000000000 RSI: ffff888014b50000 RDI: 0000000000000002 [ 73.175911] RBP: ffff888021a07bd0 R08: ffffed1002cacf33 R09: ffffed1002cacf33 [ 73.176562] R10: ffff888016567993 R11: ffffed1002cacf32 R12: ffff8880142df000 [ 73.177107] R13: ffff8880165679e8 R14: ffffffff8352e670 R15: ffff888021a07e68 [ 73.177654] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.178322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.178893] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 73.179457] PKRU: 55555554 [ 73.179676] Call Trace: [ 73.179875] [ 73.180049] __iommufd_access_detach+0x1c2/0x2b0 [ 73.180427] iommufd_access_change_pt+0x149/0x270 [ 73.180822] iommufd_access_replace+0xb4/0x120 [ 73.181374] iommufd_test+0x3e5/0x37e0 [ 73.181681] ? lock_release+0x532/0x770 [ 73.181998] ? __might_fault+0x102/0x1b0 [ 73.182317] ? lock_acquire+0x427/0x4c0 [ 73.182648] ? __pfx_iommufd_test+0x10/0x10 [ 73.182980] ? __pfx_lock_release+0x10/0x10 [ 73.183328] ? __pfx_lock_acquire+0x10/0x10 [ 73.183671] ? write_comp_data+0x2f/0x90 [ 73.184017] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.184550] ? write_comp_data+0x2f/0x90 [ 73.184875] iommufd_fops_ioctl+0x37d/0x510 [ 73.185213] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.185590] ? write_comp_data+0x2f/0x90 [ 73.185910] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.186434] __x64_sys_ioctl+0x1a3/0x230 [ 73.186785] do_syscall_64+0x3b/0x90 [ 73.187084] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.187494] RIP: 0033:0x7f4b8743ee5d [ 73.187787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.189347] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.189927] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.190465] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.191030] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.191751] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.192298] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.193020] [ 73.193202] irq event stamp: 0 [ 73.193446] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.193962] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.194734] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.195403] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.196020] ---[ end trace 0000000000000000 ]--- [ 73.198831] ------------[ cut here ]------------ [ 73.199370] WARNING: CPU: 0 PID: 601 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.200143] Modules linked in: [ 73.200529] CPU: 0 PID: 601 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.201190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.202220] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.202628] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.204187] RSP: 0018:ffff888021a07bd0 EFLAGS: 00010246 [ 73.204751] RAX: 0000000000000000 RBX: ffff8880165678a8 RCX: 0000000000000000 [ 73.205305] RDX: 0000000000000000 RSI: ffff888014b50000 RDI: 0000000000000002 [ 73.205999] RBP: ffff888021a07be8 R08: ffffed1002cacf33 R09: ffffed1002cacf33 [ 73.206580] R10: ffff888016567993 R11: ffffed1002cacf32 R12: ffff88801844f800 [ 73.207316] R13: ffff8880165679e8 R14: ffff88802082c200 R15: 0000000000000000 [ 73.207889] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.208723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.209186] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.209828] PKRU: 55555554 [ 73.210141] Call Trace: [ 73.210348] [ 73.210569] iommufd_access_destroy_object+0x65/0x170 [ 73.211035] iommufd_object_destroy_user+0x18e/0x220 [ 73.211556] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.212031] iommufd_access_destroy+0x43/0x70 [ 73.212473] iommufd_test_staccess_release+0x8d/0xd0 [ 73.213026] __fput+0x26d/0xa40 [ 73.213315] ____fput+0x1e/0x30 [ 73.213622] task_work_run+0x1a4/0x2d0 [ 73.214063] ? __pfx_task_work_run+0x10/0x10 [ 73.214437] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.214879] ? switch_task_namespaces+0xa9/0xe0 [ 73.215390] do_exit+0xb17/0x2ef0 [ 73.215679] ? lock_acquire+0x427/0x4c0 [ 73.216013] ? __pfx_lock_release+0x10/0x10 [ 73.216371] ? __kasan_check_write+0x18/0x20 [ 73.216730] ? do_raw_spin_lock+0x132/0x2a0 [ 73.217079] ? __pfx_do_exit+0x10/0x10 [ 73.217404] ? debug_smp_processor_id+0x20/0x30 [ 73.217785] ? rcu_is_watching+0x19/0xb0 [ 73.218114] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.218487] ? trace_hardirqs_on+0x26/0x120 [ 73.218860] do_group_exit+0xe0/0x2b0 [ 73.219181] __x64_sys_exit_group+0x47/0x50 [ 73.219532] do_syscall_64+0x3b/0x90 [ 73.219842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.220266] RIP: 0033:0x7f4b87518a4d [ 73.220568] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.221059] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.221667] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.222234] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.222822] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.223400] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.223977] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.224556] [ 73.224746] irq event stamp: 0 [ 73.224999] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.225504] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.226171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.226862] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.227381] ---[ end trace 0000000000000000 ]--- [ 73.228097] ------------[ cut here ]------------ [ 73.228476] WARNING: CPU: 0 PID: 601 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.229291] Modules linked in: [ 73.229549] CPU: 0 PID: 601 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.230241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.231195] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.231613] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.233068] RSP: 0018:ffff888021a07b78 EFLAGS: 00010246 [ 73.233492] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.234058] RDX: 0000000000000000 RSI: ffff888014b50000 RDI: 0000000000000002 [ 73.234820] RBP: ffff888021a07b98 R08: ffffed1002cacf3e R09: ffffed1002cacf3e [ 73.235403] R10: ffff8880165679ef R11: ffffed1002cacf3d R12: ffff888016567a90 [ 73.235971] R13: ffff8880165678a8 R14: ffffffffffffffff R15: ffff888021a07c60 [ 73.236538] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.237176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.237636] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.238204] PKRU: 55555554 [ 73.238430] Call Trace: [ 73.238660] [ 73.238844] iommufd_ioas_destroy+0x53/0x70 [ 73.239208] iommufd_fops_release+0x1f7/0x370 [ 73.239575] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.239986] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.240395] ? write_comp_data+0x2f/0x90 [ 73.240736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.241140] __fput+0x26d/0xa40 [ 73.241421] ____fput+0x1e/0x30 [ 73.241695] task_work_run+0x1a4/0x2d0 [ 73.242015] ? __pfx_task_work_run+0x10/0x10 [ 73.242372] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.242786] ? switch_task_namespaces+0xa9/0xe0 [ 73.243186] do_exit+0xb17/0x2ef0 [ 73.243467] ? lock_acquire+0x427/0x4c0 [ 73.243796] ? __pfx_lock_release+0x10/0x10 [ 73.244152] ? __kasan_check_write+0x18/0x20 [ 73.244508] ? do_raw_spin_lock+0x132/0x2a0 [ 73.244852] ? __pfx_do_exit+0x10/0x10 [ 73.245210] ? debug_smp_processor_id+0x20/0x30 [ 73.245585] ? rcu_is_watching+0x19/0xb0 [ 73.245905] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.246266] ? trace_hardirqs_on+0x26/0x120 [ 73.246624] do_group_exit+0xe0/0x2b0 [ 73.246928] __x64_sys_exit_group+0x47/0x50 [ 73.247274] do_syscall_64+0x3b/0x90 [ 73.247573] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.247987] RIP: 0033:0x7f4b87518a4d [ 73.248274] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.248743] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.249328] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.249880] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.250431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.251018] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.251580] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.252137] [ 73.252321] irq event stamp: 0 [ 73.252565] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.253054] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.253700] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.254340] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.254851] ---[ end trace 0000000000000000 ]--- [ 73.258692] ------------[ cut here ]------------ [ 73.259076] WARNING: CPU: 0 PID: 602 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.259862] Modules linked in: [ 73.260107] CPU: 0 PID: 602 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.260762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.261615] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.261993] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.263441] RSP: 0018:ffff888015d87bb8 EFLAGS: 00010246 [ 73.263850] RAX: 0000000000000000 RBX: ffff88800f6548a8 RCX: 0000000000000000 [ 73.264393] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 73.264937] RBP: ffff888015d87bd0 R08: ffffed1001eca933 R09: ffffed1001eca933 [ 73.265475] R10: ffff88800f654993 R11: ffffed1001eca932 R12: ffff888014390c00 [ 73.266017] R13: ffff88800f6549e8 R14: ffffffff8352e670 R15: ffff888015d87e68 [ 73.266576] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.267194] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.267638] CR2: 0000000020000140 CR3: 0000000010c02000 CR4: 0000000000750ef0 [ 73.268180] PKRU: 55555554 [ 73.268398] Call Trace: [ 73.268595] [ 73.268771] __iommufd_access_detach+0x1c2/0x2b0 [ 73.269147] iommufd_access_change_pt+0x149/0x270 [ 73.269525] iommufd_access_replace+0xb4/0x120 [ 73.269887] iommufd_test+0x3e5/0x37e0 [ 73.270186] ? lock_release+0x532/0x770 [ 73.270497] ? __might_fault+0x102/0x1b0 [ 73.270846] ? lock_acquire+0x427/0x4c0 [ 73.271166] ? __pfx_iommufd_test+0x10/0x10 [ 73.271501] ? __pfx_lock_release+0x10/0x10 [ 73.271847] ? __pfx_lock_acquire+0x10/0x10 [ 73.272186] ? write_comp_data+0x2f/0x90 [ 73.272509] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.272883] ? write_comp_data+0x2f/0x90 [ 73.273203] iommufd_fops_ioctl+0x37d/0x510 [ 73.273537] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.273915] ? write_comp_data+0x2f/0x90 [ 73.274237] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.274630] __x64_sys_ioctl+0x1a3/0x230 [ 73.274955] do_syscall_64+0x3b/0x90 [ 73.275260] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.275677] RIP: 0033:0x7f4b8743ee5d [ 73.275965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.277395] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.277977] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.278543] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.279085] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.279636] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.280178] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.280723] [ 73.280906] irq event stamp: 0 [ 73.281151] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.281628] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.282263] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.282922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.283413] ---[ end trace 0000000000000000 ]--- [ 73.286188] ------------[ cut here ]------------ [ 73.286618] WARNING: CPU: 0 PID: 602 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.287397] Modules linked in: [ 73.287641] CPU: 0 PID: 602 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.288295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.289146] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.289523] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.290921] RSP: 0018:ffff888015d87bd0 EFLAGS: 00010246 [ 73.291331] RAX: 0000000000000000 RBX: ffff88800f6548a8 RCX: 0000000000000000 [ 73.291854] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 73.292413] RBP: ffff888015d87be8 R08: ffffed1001eca933 R09: ffffed1001eca933 [ 73.292958] R10: ffff88800f654993 R11: ffffed1001eca932 R12: ffff8880142ddc00 [ 73.293499] R13: ffff88800f6549e8 R14: ffff88802183c500 R15: 0000000000000000 [ 73.294038] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.294668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.295130] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.295671] PKRU: 55555554 [ 73.295887] Call Trace: [ 73.296084] [ 73.296258] iommufd_access_destroy_object+0x65/0x170 [ 73.296661] iommufd_object_destroy_user+0x18e/0x220 [ 73.297052] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.297498] iommufd_access_destroy+0x43/0x70 [ 73.297847] iommufd_test_staccess_release+0x8d/0xd0 [ 73.298244] __fput+0x26d/0xa40 [ 73.298531] ____fput+0x1e/0x30 [ 73.298794] task_work_run+0x1a4/0x2d0 [ 73.299101] ? __pfx_task_work_run+0x10/0x10 [ 73.299455] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.299834] ? switch_task_namespaces+0xa9/0xe0 [ 73.300201] do_exit+0xb17/0x2ef0 [ 73.300469] ? lock_acquire+0x427/0x4c0 [ 73.300782] ? __pfx_lock_release+0x10/0x10 [ 73.301116] ? __kasan_check_write+0x18/0x20 [ 73.301461] ? do_raw_spin_lock+0x132/0x2a0 [ 73.301797] ? __pfx_do_exit+0x10/0x10 [ 73.302103] ? debug_smp_processor_id+0x20/0x30 [ 73.302463] ? rcu_is_watching+0x19/0xb0 [ 73.302793] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.303149] ? trace_hardirqs_on+0x26/0x120 [ 73.303488] do_group_exit+0xe0/0x2b0 [ 73.303782] __x64_sys_exit_group+0x47/0x50 [ 73.304110] do_syscall_64+0x3b/0x90 [ 73.304401] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.304804] RIP: 0033:0x7f4b87518a4d [ 73.305092] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.305558] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.306137] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.306693] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.307282] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.307935] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.308475] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.309074] [ 73.309255] irq event stamp: 0 [ 73.309500] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.309978] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.310628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.311285] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.311770] ---[ end trace 0000000000000000 ]--- [ 73.312458] ------------[ cut here ]------------ [ 73.312824] WARNING: CPU: 0 PID: 602 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.313592] Modules linked in: [ 73.313841] CPU: 0 PID: 602 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.314497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.315384] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.315779] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.317157] RSP: 0018:ffff888015d87b78 EFLAGS: 00010246 [ 73.317564] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.318103] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 73.318655] RBP: ffff888015d87b98 R08: ffffed1001eca93e R09: ffffed1001eca93e [ 73.319204] R10: ffff88800f6549ef R11: ffffed1001eca93d R12: ffff88800f654a90 [ 73.319748] R13: ffff88800f6548a8 R14: ffffffffffffffff R15: ffff888015d87c60 [ 73.320283] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.320901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.321346] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.321890] PKRU: 55555554 [ 73.322106] Call Trace: [ 73.322302] [ 73.322476] iommufd_ioas_destroy+0x53/0x70 [ 73.322830] iommufd_fops_release+0x1f7/0x370 [ 73.323193] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.323586] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.323992] ? write_comp_data+0x2f/0x90 [ 73.324332] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.324720] __fput+0x26d/0xa40 [ 73.324986] ____fput+0x1e/0x30 [ 73.325247] task_work_run+0x1a4/0x2d0 [ 73.325552] ? __pfx_task_work_run+0x10/0x10 [ 73.325893] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.326271] ? switch_task_namespaces+0xa9/0xe0 [ 73.326658] do_exit+0xb17/0x2ef0 [ 73.326927] ? lock_acquire+0x427/0x4c0 [ 73.327263] ? __pfx_lock_release+0x10/0x10 [ 73.327599] ? __kasan_check_write+0x18/0x20 [ 73.327937] ? do_raw_spin_lock+0x132/0x2a0 [ 73.328266] ? __pfx_do_exit+0x10/0x10 [ 73.328572] ? debug_smp_processor_id+0x20/0x30 [ 73.328932] ? rcu_is_watching+0x19/0xb0 [ 73.329243] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.329596] ? trace_hardirqs_on+0x26/0x120 [ 73.329933] do_group_exit+0xe0/0x2b0 [ 73.330224] __x64_sys_exit_group+0x47/0x50 [ 73.330565] do_syscall_64+0x3b/0x90 [ 73.330861] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.331267] RIP: 0033:0x7f4b87518a4d [ 73.331548] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.332011] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.332596] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.333132] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.333669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.334205] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.334761] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.335334] [ 73.335521] irq event stamp: 0 [ 73.335771] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.336259] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.336901] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.337553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.338037] ---[ end trace 0000000000000000 ]--- [ 73.341988] ------------[ cut here ]------------ [ 73.342376] WARNING: CPU: 0 PID: 603 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.343197] Modules linked in: [ 73.343445] CPU: 0 PID: 603 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.344098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.344965] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.345345] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.346747] RSP: 0018:ffff888018bd7bb8 EFLAGS: 00010246 [ 73.347170] RAX: 0000000000000000 RBX: ffff88801625e0a8 RCX: 0000000000000000 [ 73.347710] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 73.348245] RBP: ffff888018bd7bd0 R08: ffffed1002c4bc33 R09: ffffed1002c4bc33 [ 73.348788] R10: ffff88801625e193 R11: ffffed1002c4bc32 R12: ffff888018a8f400 [ 73.349336] R13: ffff88801625e1e8 R14: ffffffff8352e670 R15: ffff888018bd7e68 [ 73.349877] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.350488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.350954] CR2: 0000000020000140 CR3: 00000000187b8000 CR4: 0000000000750ef0 [ 73.351506] PKRU: 55555554 [ 73.351730] Call Trace: [ 73.351926] [ 73.352101] __iommufd_access_detach+0x1c2/0x2b0 [ 73.352476] iommufd_access_change_pt+0x149/0x270 [ 73.352855] iommufd_access_replace+0xb4/0x120 [ 73.353213] iommufd_test+0x3e5/0x37e0 [ 73.353509] ? lock_release+0x532/0x770 [ 73.353821] ? __might_fault+0x102/0x1b0 [ 73.354144] ? lock_acquire+0x427/0x4c0 [ 73.354462] ? __pfx_iommufd_test+0x10/0x10 [ 73.354821] ? __pfx_lock_release+0x10/0x10 [ 73.355182] ? __pfx_lock_acquire+0x10/0x10 [ 73.355522] ? write_comp_data+0x2f/0x90 [ 73.355845] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.356231] ? write_comp_data+0x2f/0x90 [ 73.356560] iommufd_fops_ioctl+0x37d/0x510 [ 73.356903] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.357288] ? write_comp_data+0x2f/0x90 [ 73.357617] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.358009] __x64_sys_ioctl+0x1a3/0x230 [ 73.358348] do_syscall_64+0x3b/0x90 [ 73.358678] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.359101] RIP: 0033:0x7f4b8743ee5d [ 73.359411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.360862] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.361474] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.362043] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.362633] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.363212] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.363794] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.364370] [ 73.364559] irq event stamp: 0 [ 73.364813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.365317] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.365988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.366673] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.367183] ---[ end trace 0000000000000000 ]--- [ 73.369921] ------------[ cut here ]------------ [ 73.370328] WARNING: CPU: 0 PID: 603 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.371189] Modules linked in: [ 73.371452] CPU: 0 PID: 603 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.372140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.373076] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.373478] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.374941] RSP: 0018:ffff888018bd7bd0 EFLAGS: 00010246 [ 73.375376] RAX: 0000000000000000 RBX: ffff88801625e0a8 RCX: 0000000000000000 [ 73.375943] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 73.376511] RBP: ffff888018bd7be8 R08: ffffed1002c4bc33 R09: ffffed1002c4bc33 [ 73.377080] R10: ffff88801625e193 R11: ffffed1002c4bc32 R12: ffff888014391c00 [ 73.377649] R13: ffff88801625e1e8 R14: ffff888013c73a00 R15: 0000000000000000 [ 73.378217] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.378871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.379353] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.379946] PKRU: 55555554 [ 73.380181] Call Trace: [ 73.380396] [ 73.380593] iommufd_access_destroy_object+0x65/0x170 [ 73.381032] iommufd_object_destroy_user+0x18e/0x220 [ 73.381465] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.381975] iommufd_access_destroy+0x43/0x70 [ 73.382362] iommufd_test_staccess_release+0x8d/0xd0 [ 73.382820] __fput+0x26d/0xa40 [ 73.383123] ____fput+0x1e/0x30 [ 73.383414] task_work_run+0x1a4/0x2d0 [ 73.383757] ? __pfx_task_work_run+0x10/0x10 [ 73.384139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.384566] ? switch_task_namespaces+0xa9/0xe0 [ 73.384976] do_exit+0xb17/0x2ef0 [ 73.385277] ? lock_acquire+0x427/0x4c0 [ 73.385627] ? __pfx_lock_release+0x10/0x10 [ 73.386000] ? __kasan_check_write+0x18/0x20 [ 73.386381] ? do_raw_spin_lock+0x132/0x2a0 [ 73.386781] ? __pfx_do_exit+0x10/0x10 [ 73.387144] ? debug_smp_processor_id+0x20/0x30 [ 73.387543] ? rcu_is_watching+0x19/0xb0 [ 73.387892] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.388277] ? trace_hardirqs_on+0x26/0x120 [ 73.388649] do_group_exit+0xe0/0x2b0 [ 73.388982] __x64_sys_exit_group+0x47/0x50 [ 73.389347] do_syscall_64+0x3b/0x90 [ 73.389673] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.390115] RIP: 0033:0x7f4b87518a4d [ 73.390431] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.390974] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.391655] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.392259] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.392859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.393460] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.394059] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.394703] [ 73.394907] irq event stamp: 0 [ 73.395184] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.395747] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.396464] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.397171] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.397703] ---[ end trace 0000000000000000 ]--- [ 73.398437] ------------[ cut here ]------------ [ 73.398872] WARNING: CPU: 0 PID: 603 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.399747] Modules linked in: [ 73.400025] CPU: 0 PID: 603 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.400755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.401700] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.402141] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.403740] RSP: 0018:ffff888018bd7b78 EFLAGS: 00010246 [ 73.404203] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.404809] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 73.405459] RBP: ffff888018bd7b98 R08: ffffed1002c4bc3e R09: ffffed1002c4bc3e [ 73.406058] R10: ffff88801625e1ef R11: ffffed1002c4bc3d R12: ffff88801625e290 [ 73.406697] R13: ffff88801625e0a8 R14: ffffffffffffffff R15: ffff888018bd7c60 [ 73.407321] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.408008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.408553] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.409407] PKRU: 55555554 [ 73.409655] Call Trace: [ 73.409875] [ 73.410067] iommufd_ioas_destroy+0x53/0x70 [ 73.410486] iommufd_fops_release+0x1f7/0x370 [ 73.410914] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.411603] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.412038] ? write_comp_data+0x2f/0x90 [ 73.412399] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.412830] __fput+0x26d/0xa40 [ 73.413130] ____fput+0x1e/0x30 [ 73.413422] task_work_run+0x1a4/0x2d0 [ 73.413822] ? __pfx_task_work_run+0x10/0x10 [ 73.414346] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.414795] ? switch_task_namespaces+0xa9/0xe0 [ 73.415218] do_exit+0xb17/0x2ef0 [ 73.415525] ? lock_acquire+0x427/0x4c0 [ 73.415879] ? __pfx_lock_release+0x10/0x10 [ 73.416261] ? __kasan_check_write+0x18/0x20 [ 73.416652] ? do_raw_spin_lock+0x132/0x2a0 [ 73.417047] ? __pfx_do_exit+0x10/0x10 [ 73.417410] ? debug_smp_processor_id+0x20/0x30 [ 73.417837] ? rcu_is_watching+0x19/0xb0 [ 73.418307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.418911] ? trace_hardirqs_on+0x26/0x120 [ 73.419339] do_group_exit+0xe0/0x2b0 [ 73.419691] __x64_sys_exit_group+0x47/0x50 [ 73.420078] do_syscall_64+0x3b/0x90 [ 73.420420] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.420891] RIP: 0033:0x7f4b87518a4d [ 73.421224] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.421928] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.422838] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.423497] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.424159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.424797] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.425539] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.426338] [ 73.426580] irq event stamp: 0 [ 73.426868] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.427460] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.428214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.428963] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.429715] ---[ end trace 0000000000000000 ]--- [ 73.435997] ------------[ cut here ]------------ [ 73.436487] WARNING: CPU: 0 PID: 604 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.437583] Modules linked in: [ 73.438040] CPU: 0 PID: 604 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.438872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.440243] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.440717] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.442693] RSP: 0018:ffff88801859fbb8 EFLAGS: 00010246 [ 73.443216] RAX: 0000000000000000 RBX: ffff88800fc218a8 RCX: 0000000000000000 [ 73.444136] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 73.444796] RBP: ffff88801859fbd0 R08: ffffed1001f84333 R09: ffffed1001f84333 [ 73.445682] R10: ffff88800fc21993 R11: ffffed1001f84332 R12: ffff888013619c00 [ 73.446355] R13: ffff88800fc219e8 R14: ffffffff8352e670 R15: ffff88801859fe68 [ 73.447144] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.448106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.448649] CR2: 0000000020000140 CR3: 00000000187bc000 CR4: 0000000000750ef0 [ 73.449458] PKRU: 55555554 [ 73.449861] Call Trace: [ 73.450113] [ 73.450323] __iommufd_access_detach+0x1c2/0x2b0 [ 73.450799] iommufd_access_change_pt+0x149/0x270 [ 73.451497] iommufd_access_replace+0xb4/0x120 [ 73.451935] iommufd_test+0x3e5/0x37e0 [ 73.452299] ? lock_release+0x532/0x770 [ 73.452816] ? __might_fault+0x102/0x1b0 [ 73.453352] ? lock_acquire+0x427/0x4c0 [ 73.453954] ? __pfx_iommufd_test+0x10/0x10 [ 73.454404] ? __pfx_lock_release+0x10/0x10 [ 73.454878] ? __pfx_lock_acquire+0x10/0x10 [ 73.455457] ? write_comp_data+0x2f/0x90 [ 73.456055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.456548] ? write_comp_data+0x2f/0x90 [ 73.456971] iommufd_fops_ioctl+0x37d/0x510 [ 73.457530] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.458208] ? write_comp_data+0x2f/0x90 [ 73.458786] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.459295] __x64_sys_ioctl+0x1a3/0x230 [ 73.459727] do_syscall_64+0x3b/0x90 [ 73.460139] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.460668] RIP: 0033:0x7f4b8743ee5d [ 73.461046] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.462905] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.463693] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.464410] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.465118] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.465834] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.466577] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.467312] [ 73.467553] irq event stamp: 0 [ 73.467872] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.468515] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.469411] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.470260] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.470943] ---[ end trace 0000000000000000 ]--- [ 73.474367] ------------[ cut here ]------------ [ 73.474933] WARNING: CPU: 0 PID: 604 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.475176] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 73.475952] Modules linked in: [ 73.475963] CPU: 0 PID: 604 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.475979] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.475989] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.482019] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 73.482098] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.485839] RSP: 0018:ffff88801859fbd0 EFLAGS: 00010246 [ 73.486469] RAX: 0000000000000000 RBX: ffff88800fc218a8 RCX: 0000000000000000 [ 73.487440] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 73.488312] RBP: ffff88801859fbe8 R08: ffffed1001f84333 R09: ffffed1001f84333 [ 73.489021] R10: ffff88800fc21993 R11: ffffed1001f84332 R12: ffff888018a8d800 [ 73.489737] R13: ffff88800fc219e8 R14: ffff888013c59900 R15: 0000000000000000 [ 73.490465] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.491308] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.491904] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.492624] PKRU: 55555554 [ 73.492918] Call Trace: [ 73.493175] [ 73.493401] iommufd_access_destroy_object+0x65/0x170 [ 73.493932] iommufd_object_destroy_user+0x18e/0x220 [ 73.494449] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.495056] iommufd_access_destroy+0x43/0x70 [ 73.495544] iommufd_test_staccess_release+0x8d/0xd0 [ 73.496081] __fput+0x26d/0xa40 [ 73.496435] ____fput+0x1e/0x30 [ 73.496776] task_work_run+0x1a4/0x2d0 [ 73.497174] ? __pfx_task_work_run+0x10/0x10 [ 73.497622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.498116] ? switch_task_namespaces+0xa9/0xe0 [ 73.498630] do_exit+0xb17/0x2ef0 [ 73.498988] ? lock_acquire+0x427/0x4c0 [ 73.499424] ? __pfx_lock_release+0x10/0x10 [ 73.499866] ? __kasan_check_write+0x18/0x20 [ 73.500443] ? do_raw_spin_lock+0x132/0x2a0 [ 73.501091] ? __pfx_do_exit+0x10/0x10 [ 73.501702] ? debug_smp_processor_id+0x20/0x30 [ 73.502173] ? rcu_is_watching+0x19/0xb0 [ 73.502620] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.503092] ? trace_hardirqs_on+0x26/0x120 [ 73.503558] do_group_exit+0xe0/0x2b0 [ 73.504025] __x64_sys_exit_group+0x47/0x50 [ 73.504699] do_syscall_64+0x3b/0x90 [ 73.505086] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.505618] RIP: 0033:0x7f4b87518a4d [ 73.505987] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.506621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.507603] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.508545] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.509284] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.510025] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.510807] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.511587] [ 73.511834] irq event stamp: 0 [ 73.512158] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.512807] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.513691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.514589] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.515271] ---[ end trace 0000000000000000 ]--- [ 73.523143] ------------[ cut here ]------------ [ 73.523683] WARNING: CPU: 0 PID: 604 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.525020] Modules linked in: [ 73.525567] CPU: 0 PID: 604 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.526443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.527671] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.528403] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.530474] RSP: 0018:ffff88801859fb78 EFLAGS: 00010246 [ 73.531053] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.531795] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 73.532571] RBP: ffff88801859fb98 R08: ffffed1001f8433e R09: ffffed1001f8433e [ 73.533673] R10: ffff88800fc219ef R11: ffffed1001f8433d R12: ffff88800fc21a90 [ 73.534402] R13: ffff88800fc218a8 R14: ffffffffffffffff R15: ffff88801859fc60 [ 73.535184] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.536015] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.536672] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 73.537723] PKRU: 55555554 [ 73.538025] Call Trace: [ 73.538287] [ 73.538548] iommufd_ioas_destroy+0x53/0x70 [ 73.539005] iommufd_fops_release+0x1f7/0x370 [ 73.539496] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.540010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.540545] ? write_comp_data+0x2f/0x90 [ 73.541109] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.541887] __fput+0x26d/0xa40 [ 73.542248] ____fput+0x1e/0x30 [ 73.542634] task_work_run+0x1a4/0x2d0 [ 73.543050] ? __pfx_task_work_run+0x10/0x10 [ 73.543520] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.544037] ? switch_task_namespaces+0xa9/0xe0 [ 73.544530] do_exit+0xb17/0x2ef0 [ 73.544946] ? lock_acquire+0x427/0x4c0 [ 73.545650] ? __pfx_lock_release+0x10/0x10 [ 73.546108] ? __kasan_check_write+0x18/0x20 [ 73.546599] ? do_raw_spin_lock+0x132/0x2a0 [ 73.547044] ? __pfx_do_exit+0x10/0x10 [ 73.547484] ? debug_smp_processor_id+0x20/0x30 [ 73.547989] ? rcu_is_watching+0x19/0xb0 [ 73.548419] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.548898] ? trace_hardirqs_on+0x26/0x120 [ 73.549392] do_group_exit+0xe0/0x2b0 [ 73.549905] __x64_sys_exit_group+0x47/0x50 [ 73.550652] do_syscall_64+0x3b/0x90 [ 73.551064] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.551620] RIP: 0033:0x7f4b87518a4d [ 73.552009] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.552631] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.553412] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.554368] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.555341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.556077] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.556797] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.557544] [ 73.557815] irq event stamp: 0 [ 73.558241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.559213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.560087] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.560969] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.561909] ---[ end trace 0000000000000000 ]--- [ 73.584059] ------------[ cut here ]------------ [ 73.584584] WARNING: CPU: 0 PID: 606 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.585603] Modules linked in: [ 73.585932] CPU: 0 PID: 606 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.586856] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.588024] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.588539] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.590381] RSP: 0018:ffff888018a87bb8 EFLAGS: 00010246 [ 73.590955] RAX: 0000000000000000 RBX: ffff88801472e8a8 RCX: 0000000000000000 [ 73.591694] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 73.592414] RBP: ffff888018a87bd0 R08: ffffed10028e5d33 R09: ffffed10028e5d33 [ 73.593137] R10: ffff88801472e993 R11: ffffed10028e5d32 R12: ffff88801341b800 [ 73.593860] R13: ffff88801472e9e8 R14: ffffffff8352e670 R15: ffff888018a87e68 [ 73.594684] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.595540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.596137] CR2: 0000000020000140 CR3: 000000001899e000 CR4: 0000000000750ef0 [ 73.596866] PKRU: 55555554 [ 73.597211] Call Trace: [ 73.597476] [ 73.597711] __iommufd_access_detach+0x1c2/0x2b0 [ 73.598236] iommufd_access_change_pt+0x149/0x270 [ 73.598785] iommufd_access_replace+0xb4/0x120 [ 73.599280] iommufd_test+0x3e5/0x37e0 [ 73.599683] ? lock_release+0x532/0x770 [ 73.600103] ? __might_fault+0x102/0x1b0 [ 73.600525] ? lock_acquire+0x427/0x4c0 [ 73.600948] ? __pfx_iommufd_test+0x10/0x10 [ 73.601390] ? __pfx_lock_release+0x10/0x10 [ 73.601842] ? __pfx_lock_acquire+0x10/0x10 [ 73.602302] ? write_comp_data+0x2f/0x90 [ 73.602786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.603325] ? write_comp_data+0x2f/0x90 [ 73.603761] iommufd_fops_ioctl+0x37d/0x510 [ 73.604210] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.604716] ? write_comp_data+0x2f/0x90 [ 73.605158] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.605661] __x64_sys_ioctl+0x1a3/0x230 [ 73.606093] do_syscall_64+0x3b/0x90 [ 73.606487] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.607061] RIP: 0033:0x7f4b8743ee5d [ 73.607461] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.609309] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.610100] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.610864] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.611626] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.612357] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.613084] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.613825] [ 73.614064] irq event stamp: 0 [ 73.614386] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.615062] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.615941] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.616787] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.617438] ---[ end trace 0000000000000000 ]--- [ 73.620834] ------------[ cut here ]------------ [ 73.621374] WARNING: CPU: 0 PID: 606 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.622723] Modules linked in: [ 73.623292] CPU: 0 PID: 606 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.624181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.625330] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.625846] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.628007] RSP: 0018:ffff888018a87bd0 EFLAGS: 00010246 [ 73.628759] RAX: 0000000000000000 RBX: ffff88801472e8a8 RCX: 0000000000000000 [ 73.629532] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 73.630255] RBP: ffff888018a87be8 R08: ffffed10028e5d33 R09: ffffed10028e5d33 [ 73.631011] R10: ffff88801472e993 R11: ffffed10028e5d32 R12: ffff88801361b000 [ 73.631798] R13: ffff88801472e9e8 R14: ffff888013993c00 R15: 0000000000000000 [ 73.632910] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.633740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.634342] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 73.635095] PKRU: 55555554 [ 73.635424] Call Trace: [ 73.635710] [ 73.635998] iommufd_access_destroy_object+0x65/0x170 [ 73.636847] iommufd_object_destroy_user+0x18e/0x220 [ 73.637389] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.637993] iommufd_access_destroy+0x43/0x70 [ 73.638468] iommufd_test_staccess_release+0x8d/0xd0 [ 73.639055] __fput+0x26d/0xa40 [ 73.639520] ____fput+0x1e/0x30 [ 73.640007] task_work_run+0x1a4/0x2d0 [ 73.640597] ? __pfx_task_work_run+0x10/0x10 [ 73.641058] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.641563] ? switch_task_namespaces+0xa9/0xe0 [ 73.642059] do_exit+0xb17/0x2ef0 [ 73.642425] ? lock_acquire+0x427/0x4c0 [ 73.642878] ? __pfx_lock_release+0x10/0x10 [ 73.643520] ? __kasan_check_write+0x18/0x20 [ 73.644242] ? do_raw_spin_lock+0x132/0x2a0 [ 73.644697] ? __pfx_do_exit+0x10/0x10 [ 73.645111] ? debug_smp_processor_id+0x20/0x30 [ 73.645592] ? rcu_is_watching+0x19/0xb0 [ 73.646010] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.646476] ? trace_hardirqs_on+0x26/0x120 [ 73.647036] do_group_exit+0xe0/0x2b0 [ 73.647569] __x64_sys_exit_group+0x47/0x50 [ 73.648190] do_syscall_64+0x3b/0x90 [ 73.648589] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.649130] RIP: 0033:0x7f4b87518a4d [ 73.649513] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.650195] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.651268] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.652008] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.652740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.653482] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.654463] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.655408] [ 73.655657] irq event stamp: 0 [ 73.655982] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.656627] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.657510] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.658626] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.659475] ---[ end trace 0000000000000000 ]--- [ 73.662240] ------------[ cut here ]------------ [ 73.662792] WARNING: CPU: 0 PID: 606 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.663844] Modules linked in: [ 73.664176] CPU: 0 PID: 606 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.665291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.666705] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.667259] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.669120] RSP: 0018:ffff888018a87b78 EFLAGS: 00010246 [ 73.669678] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.670401] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 73.671171] RBP: ffff888018a87b98 R08: ffffed10028e5d3e R09: ffffed10028e5d3e [ 73.671905] R10: ffff88801472e9ef R11: ffffed10028e5d3d R12: ffff88801472ea90 [ 73.672629] R13: ffff88801472e8a8 R14: ffffffffffffffff R15: ffff888018a87c60 [ 73.673364] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 73.674191] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.674807] CR2: 00007f82e2e81018 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 73.675566] PKRU: 55555554 [ 73.675863] Call Trace: [ 73.676123] [ 73.676357] iommufd_ioas_destroy+0x53/0x70 [ 73.676809] iommufd_fops_release+0x1f7/0x370 [ 73.677273] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.677779] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.678288] ? write_comp_data+0x2f/0x90 [ 73.678760] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.679305] __fput+0x26d/0xa40 [ 73.679662] ____fput+0x1e/0x30 [ 73.680011] task_work_run+0x1a4/0x2d0 [ 73.680416] ? __pfx_task_work_run+0x10/0x10 [ 73.680878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.681388] ? switch_task_namespaces+0xa9/0xe0 [ 73.681882] do_exit+0xb17/0x2ef0 [ 73.682243] ? lock_acquire+0x427/0x4c0 [ 73.682704] ? __pfx_lock_release+0x10/0x10 [ 73.683192] ? __kasan_check_write+0x18/0x20 [ 73.683652] ? do_raw_spin_lock+0x132/0x2a0 [ 73.684101] ? __pfx_do_exit+0x10/0x10 [ 73.684510] ? debug_smp_processor_id+0x20/0x30 [ 73.685009] ? rcu_is_watching+0x19/0xb0 [ 73.685451] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.685938] ? trace_hardirqs_on+0x26/0x120 [ 73.686389] do_group_exit+0xe0/0x2b0 [ 73.686821] __x64_sys_exit_group+0x47/0x50 [ 73.687272] do_syscall_64+0x3b/0x90 [ 73.687665] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.688208] RIP: 0033:0x7f4b87518a4d [ 73.688590] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.689217] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.689998] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.690752] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.691493] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.692220] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.692980] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.693727] [ 73.693966] irq event stamp: 0 [ 73.694286] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.694964] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.695829] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.696668] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.697312] ---[ end trace 0000000000000000 ]--- [ 73.707973] ------------[ cut here ]------------ [ 73.708679] WARNING: CPU: 1 PID: 607 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.710367] Modules linked in: [ 73.710908] CPU: 1 PID: 607 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.712389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.714056] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.714858] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.717609] RSP: 0018:ffff8880147a7bb8 EFLAGS: 00010246 [ 73.718324] RAX: 0000000000000000 RBX: ffff88800b93b0a8 RCX: 0000000000000000 [ 73.719532] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 73.720492] RBP: ffff8880147a7bd0 R08: ffffed1001727633 R09: ffffed1001727633 [ 73.721608] R10: ffff88800b93b193 R11: ffffed1001727632 R12: ffff888021bb0c00 [ 73.722800] R13: ffff88800b93b1e8 R14: ffffffff8352e670 R15: ffff8880147a7e68 [ 73.723792] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 73.725033] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.725819] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 73.727030] PKRU: 55555554 [ 73.727477] Call Trace: [ 73.727850] [ 73.728175] __iommufd_access_detach+0x1c2/0x2b0 [ 73.729023] iommufd_access_change_pt+0x149/0x270 [ 73.729698] iommufd_access_replace+0xb4/0x120 [ 73.730347] iommufd_test+0x3e5/0x37e0 [ 73.730971] ? lock_release+0x532/0x770 [ 73.731550] ? __might_fault+0x102/0x1b0 [ 73.731980] ? lock_acquire+0x427/0x4c0 [ 73.732393] ? __pfx_iommufd_test+0x10/0x10 [ 73.732833] ? __pfx_lock_release+0x10/0x10 [ 73.733278] ? __pfx_lock_acquire+0x10/0x10 [ 73.733728] ? write_comp_data+0x2f/0x90 [ 73.734157] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.734716] ? write_comp_data+0x2f/0x90 [ 73.735168] iommufd_fops_ioctl+0x37d/0x510 [ 73.735640] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.736150] ? write_comp_data+0x2f/0x90 [ 73.736579] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.737085] __x64_sys_ioctl+0x1a3/0x230 [ 73.737519] do_syscall_64+0x3b/0x90 [ 73.737917] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.738456] RIP: 0033:0x7f4b8743ee5d [ 73.738875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.740769] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.741558] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.742308] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.743113] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.743853] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.744588] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.745333] [ 73.745579] irq event stamp: 0 [ 73.745905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.746600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.747467] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.748335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.748985] ---[ end trace 0000000000000000 ]--- [ 73.752212] ------------[ cut here ]------------ [ 73.752733] WARNING: CPU: 1 PID: 607 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.753746] Modules linked in: [ 73.754076] CPU: 1 PID: 607 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.755057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.756224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.756737] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.758630] RSP: 0018:ffff8880147a7bd0 EFLAGS: 00010246 [ 73.759191] RAX: 0000000000000000 RBX: ffff88800b93b0a8 RCX: 0000000000000000 [ 73.759907] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 73.760623] RBP: ffff8880147a7be8 R08: ffffed1001727633 R09: ffffed1001727633 [ 73.761343] R10: ffff88800b93b193 R11: ffffed1001727632 R12: ffff88800f170400 [ 73.762068] R13: ffff88800b93b1e8 R14: ffff888020a7db00 R15: 0000000000000000 [ 73.762829] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 73.763679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.764278] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 73.765005] PKRU: 55555554 [ 73.765292] Call Trace: [ 73.765554] [ 73.765791] iommufd_access_destroy_object+0x65/0x170 [ 73.766322] iommufd_object_destroy_user+0x18e/0x220 [ 73.766884] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.767503] iommufd_access_destroy+0x43/0x70 [ 73.767967] iommufd_test_staccess_release+0x8d/0xd0 [ 73.768496] __fput+0x26d/0xa40 [ 73.768848] ____fput+0x1e/0x30 [ 73.769194] task_work_run+0x1a4/0x2d0 [ 73.769603] ? __pfx_task_work_run+0x10/0x10 [ 73.770051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.770593] ? switch_task_namespaces+0xa9/0xe0 [ 73.771090] do_exit+0xb17/0x2ef0 [ 73.771466] ? lock_acquire+0x427/0x4c0 [ 73.771889] ? __pfx_lock_release+0x10/0x10 [ 73.772335] ? __kasan_check_write+0x18/0x20 [ 73.772790] ? do_raw_spin_lock+0x132/0x2a0 [ 73.773230] ? __pfx_do_exit+0x10/0x10 [ 73.773632] ? debug_smp_processor_id+0x20/0x30 [ 73.774114] ? rcu_is_watching+0x19/0xb0 [ 73.774570] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.775038] ? trace_hardirqs_on+0x26/0x120 [ 73.775504] do_group_exit+0xe0/0x2b0 [ 73.775906] __x64_sys_exit_group+0x47/0x50 [ 73.776345] do_syscall_64+0x3b/0x90 [ 73.776812] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.777364] RIP: 0033:0x7f4b87518a4d [ 73.777758] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.778381] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.779205] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.779932] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.780652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.781380] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.782099] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.782869] [ 73.783118] irq event stamp: 0 [ 73.783439] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.784079] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.784942] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.785794] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.786436] ---[ end trace 0000000000000000 ]--- [ 73.787338] ------------[ cut here ]------------ [ 73.787822] WARNING: CPU: 1 PID: 607 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.788844] Modules linked in: [ 73.789181] CPU: 1 PID: 607 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.790058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.791233] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.791765] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.793604] RSP: 0018:ffff8880147a7b78 EFLAGS: 00010246 [ 73.794142] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.794880] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 73.795611] RBP: ffff8880147a7b98 R08: ffffed100172763e R09: ffffed100172763e [ 73.796327] R10: ffff88800b93b1ef R11: ffffed100172763d R12: ffff88800b93b290 [ 73.797052] R13: ffff88800b93b0a8 R14: ffffffffffffffff R15: ffff8880147a7c60 [ 73.797776] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 73.798622] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.799228] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 73.799942] PKRU: 55555554 [ 73.800232] Call Trace: [ 73.800490] [ 73.800699] iommufd_ioas_destroy+0x53/0x70 [ 73.801110] iommufd_fops_release+0x1f7/0x370 [ 73.801536] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.802002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.802464] ? write_comp_data+0x2f/0x90 [ 73.802879] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.803368] __fput+0x26d/0xa40 [ 73.803709] ____fput+0x1e/0x30 [ 73.804032] task_work_run+0x1a4/0x2d0 [ 73.804411] ? __pfx_task_work_run+0x10/0x10 [ 73.804876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.805342] ? switch_task_namespaces+0xa9/0xe0 [ 73.805807] do_exit+0xb17/0x2ef0 [ 73.806137] ? lock_acquire+0x427/0x4c0 [ 73.806549] ? __pfx_lock_release+0x10/0x10 [ 73.806969] ? __kasan_check_write+0x18/0x20 [ 73.807408] ? do_raw_spin_lock+0x132/0x2a0 [ 73.807824] ? __pfx_do_exit+0x10/0x10 [ 73.808208] ? debug_smp_processor_id+0x20/0x30 [ 73.808695] ? rcu_is_watching+0x19/0xb0 [ 73.809088] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.809560] ? trace_hardirqs_on+0x26/0x120 [ 73.809980] do_group_exit+0xe0/0x2b0 [ 73.810347] __x64_sys_exit_group+0x47/0x50 [ 73.810799] do_syscall_64+0x3b/0x90 [ 73.811205] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.811713] RIP: 0033:0x7f4b87518a4d [ 73.812073] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.812694] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.813425] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.814095] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.814797] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.815482] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.816142] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.816814] [ 73.817036] irq event stamp: 0 [ 73.817330] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.817915] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.818715] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.819504] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.820092] ---[ end trace 0000000000000000 ]--- [ 73.824635] ------------[ cut here ]------------ [ 73.825121] WARNING: CPU: 1 PID: 608 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.826050] Modules linked in: [ 73.826349] CPU: 1 PID: 608 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.827276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.828321] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.828793] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.830551] RSP: 0018:ffff88801439fbb8 EFLAGS: 00010246 [ 73.831055] RAX: 0000000000000000 RBX: ffff8880164450a8 RCX: 0000000000000000 [ 73.831728] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 73.832415] RBP: ffff88801439fbd0 R08: ffffed1002c88a33 R09: ffffed1002c88a33 [ 73.833081] R10: ffff888016445193 R11: ffffed1002c88a32 R12: ffff888013659c00 [ 73.833749] R13: ffff8880164451e8 R14: ffffffff8352e670 R15: ffff88801439fe68 [ 73.834423] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 73.835207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.835762] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 73.836436] PKRU: 55555554 [ 73.836709] Call Trace: [ 73.837000] [ 73.837266] __iommufd_access_detach+0x1c2/0x2b0 [ 73.837832] iommufd_access_change_pt+0x149/0x270 [ 73.838333] iommufd_access_replace+0xb4/0x120 [ 73.838806] iommufd_test+0x3e5/0x37e0 [ 73.839188] ? lock_release+0x532/0x770 [ 73.839577] ? __might_fault+0x102/0x1b0 [ 73.839964] ? lock_acquire+0x427/0x4c0 [ 73.840347] ? __pfx_iommufd_test+0x10/0x10 [ 73.840749] ? __pfx_lock_release+0x10/0x10 [ 73.841157] ? __pfx_lock_acquire+0x10/0x10 [ 73.841618] ? write_comp_data+0x2f/0x90 [ 73.842020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.842484] ? write_comp_data+0x2f/0x90 [ 73.842924] iommufd_fops_ioctl+0x37d/0x510 [ 73.843386] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.843892] ? write_comp_data+0x2f/0x90 [ 73.844316] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.844818] __x64_sys_ioctl+0x1a3/0x230 [ 73.845249] do_syscall_64+0x3b/0x90 [ 73.845644] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.846183] RIP: 0033:0x7f4b8743ee5d [ 73.846594] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.848508] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.849289] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.850019] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.850798] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.851542] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.852266] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.853006] [ 73.853249] irq event stamp: 0 [ 73.853566] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.854203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.855085] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.855948] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.856600] ---[ end trace 0000000000000000 ]--- [ 73.859788] ------------[ cut here ]------------ [ 73.860306] WARNING: CPU: 1 PID: 608 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.861311] Modules linked in: [ 73.861638] CPU: 1 PID: 608 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.862502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.863678] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.864181] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.866021] RSP: 0018:ffff88801439fbd0 EFLAGS: 00010246 [ 73.866592] RAX: 0000000000000000 RBX: ffff8880164450a8 RCX: 0000000000000000 [ 73.867336] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 73.868060] RBP: ffff88801439fbe8 R08: ffffed1002c88a33 R09: ffffed1002c88a33 [ 73.868782] R10: ffff888016445193 R11: ffffed1002c88a32 R12: ffff888021bb2400 [ 73.869488] R13: ffff8880164451e8 R14: ffff888020985a00 R15: 0000000000000000 [ 73.870207] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 73.871055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.871643] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 73.872367] PKRU: 55555554 [ 73.872657] Call Trace: [ 73.872915] [ 73.873145] iommufd_access_destroy_object+0x65/0x170 [ 73.873667] iommufd_object_destroy_user+0x18e/0x220 [ 73.874181] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.874800] iommufd_access_destroy+0x43/0x70 [ 73.875282] iommufd_test_staccess_release+0x8d/0xd0 [ 73.875812] __fput+0x26d/0xa40 [ 73.876168] ____fput+0x1e/0x30 [ 73.876506] task_work_run+0x1a4/0x2d0 [ 73.876914] ? __pfx_task_work_run+0x10/0x10 [ 73.877370] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.877867] ? switch_task_namespaces+0xa9/0xe0 [ 73.878364] do_exit+0xb17/0x2ef0 [ 73.878766] ? lock_acquire+0x427/0x4c0 [ 73.879205] ? __pfx_lock_release+0x10/0x10 [ 73.879658] ? __kasan_check_write+0x18/0x20 [ 73.880117] ? do_raw_spin_lock+0x132/0x2a0 [ 73.880558] ? __pfx_do_exit+0x10/0x10 [ 73.880965] ? debug_smp_processor_id+0x20/0x30 [ 73.881454] ? rcu_is_watching+0x19/0xb0 [ 73.881875] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.882342] ? trace_hardirqs_on+0x26/0x120 [ 73.882827] do_group_exit+0xe0/0x2b0 [ 73.883234] __x64_sys_exit_group+0x47/0x50 [ 73.883683] do_syscall_64+0x3b/0x90 [ 73.884085] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.884623] RIP: 0033:0x7f4b87518a4d [ 73.885007] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.885635] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.886402] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.887167] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.887911] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.888643] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.889383] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.890121] [ 73.890362] irq event stamp: 0 [ 73.890725] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.891386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.892238] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.893080] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.893721] ---[ end trace 0000000000000000 ]--- [ 73.894639] ------------[ cut here ]------------ [ 73.895139] WARNING: CPU: 1 PID: 608 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 73.896159] Modules linked in: [ 73.896488] CPU: 1 PID: 608 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.897358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.898492] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 73.899285] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 73.901151] RSP: 0018:ffff88801439fb78 EFLAGS: 00010246 [ 73.901703] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 73.902431] RDX: 0000000000000000 RSI: ffff888014b54a00 RDI: 0000000000000002 [ 73.903255] RBP: ffff88801439fb98 R08: ffffed1002c88a3e R09: ffffed1002c88a3e [ 73.903995] R10: ffff8880164451ef R11: ffffed1002c88a3d R12: ffff888016445290 [ 73.904723] R13: ffff8880164450a8 R14: ffffffffffffffff R15: ffff88801439fc60 [ 73.905445] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 73.906255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.906885] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 73.907622] PKRU: 55555554 [ 73.907910] Call Trace: [ 73.908171] [ 73.908404] iommufd_ioas_destroy+0x53/0x70 [ 73.908859] iommufd_fops_release+0x1f7/0x370 [ 73.909320] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.909832] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.910329] ? write_comp_data+0x2f/0x90 [ 73.910790] ? __pfx_iommufd_fops_release+0x10/0x10 [ 73.911329] __fput+0x26d/0xa40 [ 73.911686] ____fput+0x1e/0x30 [ 73.912037] task_work_run+0x1a4/0x2d0 [ 73.912443] ? __pfx_task_work_run+0x10/0x10 [ 73.912898] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.913401] ? switch_task_namespaces+0xa9/0xe0 [ 73.913907] do_exit+0xb17/0x2ef0 [ 73.914268] ? lock_acquire+0x427/0x4c0 [ 73.914734] ? __pfx_lock_release+0x10/0x10 [ 73.915206] ? __kasan_check_write+0x18/0x20 [ 73.915672] ? do_raw_spin_lock+0x132/0x2a0 [ 73.916124] ? __pfx_do_exit+0x10/0x10 [ 73.916530] ? debug_smp_processor_id+0x20/0x30 [ 73.917010] ? rcu_is_watching+0x19/0xb0 [ 73.917431] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.917902] ? trace_hardirqs_on+0x26/0x120 [ 73.918353] do_group_exit+0xe0/0x2b0 [ 73.918812] __x64_sys_exit_group+0x47/0x50 [ 73.919272] do_syscall_64+0x3b/0x90 [ 73.919666] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.920202] RIP: 0033:0x7f4b87518a4d [ 73.920587] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.921214] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.921981] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 73.922762] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 73.923502] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 73.924247] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 73.924995] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 73.925738] [ 73.925981] irq event stamp: 0 [ 73.926301] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.926989] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.927875] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.928725] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.929373] ---[ end trace 0000000000000000 ]--- [ 73.934861] ------------[ cut here ]------------ [ 73.935427] WARNING: CPU: 1 PID: 609 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.936433] Modules linked in: [ 73.936759] CPU: 1 PID: 609 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.937623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.938808] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.939336] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.941180] RSP: 0018:ffff888012e6fbb8 EFLAGS: 00010246 [ 73.941721] RAX: 0000000000000000 RBX: ffff8880189c70a8 RCX: 0000000000000000 [ 73.942441] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 73.943223] RBP: ffff888012e6fbd0 R08: ffffed1003138e33 R09: ffffed1003138e33 [ 73.943956] R10: ffff8880189c7193 R11: ffffed1003138e32 R12: ffff888013b23400 [ 73.944674] R13: ffff8880189c71e8 R14: ffffffff8352e670 R15: ffff888012e6fe68 [ 73.945396] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 73.946201] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.946821] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ee0 [ 73.947553] PKRU: 55555554 [ 73.947843] Call Trace: [ 73.948105] [ 73.948341] __iommufd_access_detach+0x1c2/0x2b0 [ 73.948845] iommufd_access_change_pt+0x149/0x270 [ 73.949352] iommufd_access_replace+0xb4/0x120 [ 73.949832] iommufd_test+0x3e5/0x37e0 [ 73.950231] ? lock_release+0x532/0x770 [ 73.950690] ? __might_fault+0x102/0x1b0 [ 73.951134] ? lock_acquire+0x427/0x4c0 [ 73.951554] ? __pfx_iommufd_test+0x10/0x10 [ 73.951999] ? __pfx_lock_release+0x10/0x10 [ 73.952456] ? __pfx_lock_acquire+0x10/0x10 [ 73.952905] ? write_comp_data+0x2f/0x90 [ 73.953326] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.953823] ? write_comp_data+0x2f/0x90 [ 73.954249] iommufd_fops_ioctl+0x37d/0x510 [ 73.954743] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.955258] ? write_comp_data+0x2f/0x90 [ 73.955690] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 73.956183] __x64_sys_ioctl+0x1a3/0x230 [ 73.956610] do_syscall_64+0x3b/0x90 [ 73.957007] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.957545] RIP: 0033:0x7f4b8743ee5d [ 73.957931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 73.959834] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 73.960609] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 73.961328] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 73.962046] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 73.962819] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 73.963544] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 73.964278] [ 73.964522] irq event stamp: 0 [ 73.964846] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 73.965486] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 73.966345] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 73.967248] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 73.967894] ---[ end trace 0000000000000000 ]--- [ 73.971174] ------------[ cut here ]------------ [ 73.971701] WARNING: CPU: 1 PID: 609 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 73.972715] Modules linked in: [ 73.973043] CPU: 1 PID: 609 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 73.973913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 73.975146] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 73.975659] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 73.977507] RSP: 0018:ffff888012e6fbd0 EFLAGS: 00010246 [ 73.978048] RAX: 0000000000000000 RBX: ffff8880189c70a8 RCX: 0000000000000000 [ 73.978819] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 73.979560] RBP: ffff888012e6fbe8 R08: ffffed1003138e33 R09: ffffed1003138e33 [ 73.980276] R10: ffff8880189c7193 R11: ffffed1003138e32 R12: ffff888013658c00 [ 73.980997] R13: ffff8880189c71e8 R14: ffff888013cedd00 R15: 0000000000000000 [ 73.981720] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 73.982590] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.983206] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 73.983946] PKRU: 55555554 [ 73.984243] Call Trace: [ 73.984511] [ 73.984813] iommufd_access_destroy_object+0x65/0x170 [ 73.985627] iommufd_object_destroy_user+0x18e/0x220 [ 73.986165] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 73.986814] iommufd_access_destroy+0x43/0x70 [ 73.987296] iommufd_test_staccess_release+0x8d/0xd0 [ 73.987818] __fput+0x26d/0xa40 [ 73.988171] ____fput+0x1e/0x30 [ 73.988519] task_work_run+0x1a4/0x2d0 [ 73.989048] ? __pfx_task_work_run+0x10/0x10 [ 73.989696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 73.990204] ? switch_task_namespaces+0xa9/0xe0 [ 73.990759] do_exit+0xb17/0x2ef0 [ 73.991133] ? lock_acquire+0x427/0x4c0 [ 73.991551] ? __pfx_lock_release+0x10/0x10 [ 73.992003] ? __kasan_check_write+0x18/0x20 [ 73.992464] ? do_raw_spin_lock+0x132/0x2a0 [ 73.992913] ? __pfx_do_exit+0x10/0x10 [ 73.993326] ? debug_smp_processor_id+0x20/0x30 [ 73.993901] ? rcu_is_watching+0x19/0xb0 [ 73.994485] ? _raw_spin_unlock_irq+0x2b/0x60 [ 73.995192] ? trace_hardirqs_on+0x26/0x120 [ 73.995653] do_group_exit+0xe0/0x2b0 [ 73.996049] __x64_sys_exit_group+0x47/0x50 [ 73.996486] do_syscall_64+0x3b/0x90 [ 73.996875] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 73.997408] RIP: 0033:0x7f4b87518a4d [ 73.997791] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 73.998607] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 73.999637] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.000365] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.001100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.001830] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.002736] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.003688] [ 74.003938] irq event stamp: 0 [ 74.004268] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.004916] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.005814] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.007024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.007699] ---[ end trace 0000000000000000 ]--- [ 74.009179] ------------[ cut here ]------------ [ 74.009853] WARNING: CPU: 1 PID: 609 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.011379] Modules linked in: [ 74.011720] CPU: 1 PID: 609 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.012614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.013777] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.014464] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.016867] RSP: 0018:ffff888012e6fb78 EFLAGS: 00010246 [ 74.017438] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.018176] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 74.019158] RBP: ffff888012e6fb98 R08: ffffed1003138e3e R09: ffffed1003138e3e [ 74.020151] R10: ffff8880189c71ef R11: ffffed1003138e3d R12: ffff8880189c7290 [ 74.020902] R13: ffff8880189c70a8 R14: ffffffffffffffff R15: ffff888012e6fc60 [ 74.021639] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.022555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.023407] CR2: 00007f82e2ea6000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 74.024411] PKRU: 55555554 [ 74.024715] Call Trace: [ 74.024985] [ 74.025227] iommufd_ioas_destroy+0x53/0x70 [ 74.025685] iommufd_fops_release+0x1f7/0x370 [ 74.026155] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.026700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.027389] ? write_comp_data+0x2f/0x90 [ 74.027984] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.028510] __fput+0x26d/0xa40 [ 74.028874] ____fput+0x1e/0x30 [ 74.029233] task_work_run+0x1a4/0x2d0 [ 74.029648] ? __pfx_task_work_run+0x10/0x10 [ 74.030107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.030800] ? switch_task_namespaces+0xa9/0xe0 [ 74.031500] do_exit+0xb17/0x2ef0 [ 74.031875] ? lock_acquire+0x427/0x4c0 [ 74.032298] ? __pfx_lock_release+0x10/0x10 [ 74.032750] ? __kasan_check_write+0x18/0x20 [ 74.033211] ? do_raw_spin_lock+0x132/0x2a0 [ 74.033664] ? __pfx_do_exit+0x10/0x10 [ 74.034144] ? debug_smp_processor_id+0x20/0x30 [ 74.034875] ? rcu_is_watching+0x19/0xb0 [ 74.035464] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.035950] ? trace_hardirqs_on+0x26/0x120 [ 74.036403] do_group_exit+0xe0/0x2b0 [ 74.036802] __x64_sys_exit_group+0x47/0x50 [ 74.037252] do_syscall_64+0x3b/0x90 [ 74.037651] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.038245] RIP: 0033:0x7f4b87518a4d [ 74.038828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.039507] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.040296] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.041037] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.041985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.042758] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.043522] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.044272] [ 74.044519] irq event stamp: 0 [ 74.044963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.045825] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.046737] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.047627] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.048401] ---[ end trace 0000000000000000 ]--- [ 74.056863] ------------[ cut here ]------------ [ 74.057485] WARNING: CPU: 1 PID: 610 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.058982] Modules linked in: [ 74.059344] CPU: 1 PID: 610 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.060243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.061412] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.062060] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.064269] RSP: 0018:ffff8880123a7bb8 EFLAGS: 00010246 [ 74.064833] RAX: 0000000000000000 RBX: ffff88800cb940a8 RCX: 0000000000000000 [ 74.065562] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 74.066456] RBP: ffff8880123a7bd0 R08: ffffed1001972833 R09: ffffed1001972833 [ 74.067435] R10: ffff88800cb94193 R11: ffffed1001972832 R12: ffff8880135fec00 [ 74.068183] R13: ffff88800cb941e8 R14: ffffffff8352e670 R15: ffff8880123a7e68 [ 74.068920] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.069781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.070586] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 74.071493] PKRU: 55555554 [ 74.071790] Call Trace: [ 74.072059] [ 74.072296] __iommufd_access_detach+0x1c2/0x2b0 [ 74.072809] iommufd_access_change_pt+0x149/0x270 [ 74.073331] iommufd_access_replace+0xb4/0x120 [ 74.073842] iommufd_test+0x3e5/0x37e0 [ 74.074377] ? lock_release+0x532/0x770 [ 74.075339] ? __might_fault+0x102/0x1b0 [ 74.075809] ? lock_acquire+0x427/0x4c0 [ 74.076233] ? __pfx_iommufd_test+0x10/0x10 [ 74.076681] ? __pfx_lock_release+0x10/0x10 [ 74.077142] ? __pfx_lock_acquire+0x10/0x10 [ 74.077603] ? write_comp_data+0x2f/0x90 [ 74.078044] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.078661] ? write_comp_data+0x2f/0x90 [ 74.079563] iommufd_fops_ioctl+0x37d/0x510 [ 74.080035] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.080549] ? write_comp_data+0x2f/0x90 [ 74.080989] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.081508] __x64_sys_ioctl+0x1a3/0x230 [ 74.081958] do_syscall_64+0x3b/0x90 [ 74.082368] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.082977] RIP: 0033:0x7f4b8743ee5d [ 74.083414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.085872] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.086708] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.087474] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.088223] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.089107] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.089993] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.090785] [ 74.091038] irq event stamp: 0 [ 74.091386] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.092059] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.092939] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.093873] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.094775] ---[ end trace 0000000000000000 ]--- [ 74.100248] ------------[ cut here ]------------ [ 74.100807] WARNING: CPU: 1 PID: 610 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.101842] Modules linked in: [ 74.102260] CPU: 1 PID: 610 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.103565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.104820] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.105361] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.107444] RSP: 0018:ffff8880123a7bd0 EFLAGS: 00010246 [ 74.108254] RAX: 0000000000000000 RBX: ffff88800cb940a8 RCX: 0000000000000000 [ 74.109020] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 74.109775] RBP: ffff8880123a7be8 R08: ffffed1001972833 R09: ffffed1001972833 [ 74.110585] R10: ffff88800cb94193 R11: ffffed1001972832 R12: ffff888013b21400 [ 74.111606] R13: ffff88800cb941e8 R14: ffff888016e18900 R15: 0000000000000000 [ 74.112602] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.113464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.114089] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 74.114881] PKRU: 55555554 [ 74.115207] Call Trace: [ 74.115504] [ 74.115826] iommufd_access_destroy_object+0x65/0x170 [ 74.116644] iommufd_object_destroy_user+0x18e/0x220 [ 74.117203] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.117841] iommufd_access_destroy+0x43/0x70 [ 74.118339] iommufd_test_staccess_release+0x8d/0xd0 [ 74.118938] __fput+0x26d/0xa40 [ 74.119404] ____fput+0x1e/0x30 [ 74.119906] task_work_run+0x1a4/0x2d0 [ 74.120526] ? __pfx_task_work_run+0x10/0x10 [ 74.121008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.121546] ? switch_task_namespaces+0xa9/0xe0 [ 74.122061] do_exit+0xb17/0x2ef0 [ 74.122437] ? lock_acquire+0x427/0x4c0 [ 74.122907] ? __pfx_lock_release+0x10/0x10 [ 74.123393] ? __kasan_check_write+0x18/0x20 [ 74.124025] ? do_raw_spin_lock+0x132/0x2a0 [ 74.124688] ? __pfx_do_exit+0x10/0x10 [ 74.125116] ? debug_smp_processor_id+0x20/0x30 [ 74.125619] ? rcu_is_watching+0x19/0xb0 [ 74.126067] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.126595] ? trace_hardirqs_on+0x26/0x120 [ 74.127069] do_group_exit+0xe0/0x2b0 [ 74.127625] __x64_sys_exit_group+0x47/0x50 [ 74.128266] do_syscall_64+0x3b/0x90 [ 74.128842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.129421] RIP: 0033:0x7f4b87518a4d [ 74.129830] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.130486] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.131382] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.132303] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.133409] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.134168] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.134971] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.135769] [ 74.136125] irq event stamp: 0 [ 74.136597] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.137273] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.138172] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.139103] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.139948] ---[ end trace 0000000000000000 ]--- [ 74.143327] ------------[ cut here ]------------ [ 74.143872] WARNING: CPU: 1 PID: 610 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.145385] Modules linked in: [ 74.145742] CPU: 1 PID: 610 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.146714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.147941] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.148536] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.150839] RSP: 0018:ffff8880123a7b78 EFLAGS: 00010246 [ 74.151429] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.152191] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 74.153024] RBP: ffff8880123a7b98 R08: ffffed100197283e R09: ffffed100197283e [ 74.154078] R10: ffff88800cb941ef R11: ffffed100197283d R12: ffff88800cb94290 [ 74.154879] R13: ffff88800cb940a8 R14: ffffffffffffffff R15: ffff8880123a7c60 [ 74.155647] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.156523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.157274] CR2: 00007f82e2eb0000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 74.158303] PKRU: 55555554 [ 74.158647] Call Trace: [ 74.158918] [ 74.159170] iommufd_ioas_destroy+0x53/0x70 [ 74.159635] iommufd_fops_release+0x1f7/0x370 [ 74.160117] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.160658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.161304] ? write_comp_data+0x2f/0x90 [ 74.161970] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.162554] __fput+0x26d/0xa40 [ 74.162932] ____fput+0x1e/0x30 [ 74.163322] task_work_run+0x1a4/0x2d0 [ 74.163749] ? __pfx_task_work_run+0x10/0x10 [ 74.164223] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.164752] ? switch_task_namespaces+0xa9/0xe0 [ 74.165432] do_exit+0xb17/0x2ef0 [ 74.165963] ? lock_acquire+0x427/0x4c0 [ 74.166408] ? __pfx_lock_release+0x10/0x10 [ 74.166913] ? __kasan_check_write+0x18/0x20 [ 74.167418] ? do_raw_spin_lock+0x132/0x2a0 [ 74.167885] ? __pfx_do_exit+0x10/0x10 [ 74.168311] ? debug_smp_processor_id+0x20/0x30 [ 74.168811] ? rcu_is_watching+0x19/0xb0 [ 74.169311] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.170044] ? trace_hardirqs_on+0x26/0x120 [ 74.170564] do_group_exit+0xe0/0x2b0 [ 74.170994] __x64_sys_exit_group+0x47/0x50 [ 74.171470] do_syscall_64+0x3b/0x90 [ 74.171877] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.172437] RIP: 0033:0x7f4b87518a4d [ 74.172838] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.173643] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.174677] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.175460] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.176212] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.176979] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.177776] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.178895] [ 74.179162] irq event stamp: 0 [ 74.179515] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.180434] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.181314] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.182204] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.182919] ---[ end trace 0000000000000000 ]--- [ 74.190711] ------------[ cut here ]------------ [ 74.191305] WARNING: CPU: 1 PID: 611 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.192367] Modules linked in: [ 74.192705] CPU: 1 PID: 611 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.193802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.195300] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.195835] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.198048] RSP: 0018:ffff888015da7bb8 EFLAGS: 00010246 [ 74.198900] RAX: 0000000000000000 RBX: ffff888010afc0a8 RCX: 0000000000000000 [ 74.199672] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 74.200430] RBP: ffff888015da7bd0 R08: ffffed100215f833 R09: ffffed100215f833 [ 74.201168] R10: ffff888010afc193 R11: ffffed100215f832 R12: ffff88801364d400 [ 74.202143] R13: ffff888010afc1e8 R14: ffffffff8352e670 R15: ffff888015da7e68 [ 74.203233] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.204077] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.204697] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 74.205438] PKRU: 55555554 [ 74.205740] Call Trace: [ 74.206025] [ 74.206376] __iommufd_access_detach+0x1c2/0x2b0 [ 74.207043] iommufd_access_change_pt+0x149/0x270 [ 74.207590] iommufd_access_replace+0xb4/0x120 [ 74.208175] iommufd_test+0x3e5/0x37e0 [ 74.208725] ? lock_release+0x532/0x770 [ 74.209164] ? __might_fault+0x102/0x1b0 [ 74.209606] ? lock_acquire+0x427/0x4c0 [ 74.210207] ? __pfx_iommufd_test+0x10/0x10 [ 74.210687] ? __pfx_lock_release+0x10/0x10 [ 74.211165] ? __pfx_lock_acquire+0x10/0x10 [ 74.211690] ? write_comp_data+0x2f/0x90 [ 74.212259] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.212788] ? write_comp_data+0x2f/0x90 [ 74.213263] iommufd_fops_ioctl+0x37d/0x510 [ 74.213900] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.214425] ? write_comp_data+0x2f/0x90 [ 74.214914] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.215644] __x64_sys_ioctl+0x1a3/0x230 [ 74.216096] do_syscall_64+0x3b/0x90 [ 74.216506] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.217141] RIP: 0033:0x7f4b8743ee5d [ 74.217669] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.219898] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.220777] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.221656] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.222437] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.223382] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.224128] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.225091] [ 74.225344] irq event stamp: 0 [ 74.225681] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.226570] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.227485] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.228369] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.229044] ---[ end trace 0000000000000000 ]--- [ 74.232723] ------------[ cut here ]------------ [ 74.233341] WARNING: CPU: 1 PID: 611 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.234460] Modules linked in: [ 74.234841] CPU: 1 PID: 611 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.235950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.237245] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.237842] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.239957] RSP: 0018:ffff888015da7bd0 EFLAGS: 00010246 [ 74.240523] RAX: 0000000000000000 RBX: ffff888010afc0a8 RCX: 0000000000000000 [ 74.241432] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 74.242201] RBP: ffff888015da7be8 R08: ffffed100215f833 R09: ffffed100215f833 [ 74.243184] R10: ffff888010afc193 R11: ffffed100215f832 R12: ffff888010e00400 [ 74.243946] R13: ffff888010afc1e8 R14: ffff888014058e00 R15: 0000000000000000 [ 74.244712] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.245795] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.246419] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 74.247274] PKRU: 55555554 [ 74.247581] Call Trace: [ 74.247855] [ 74.248097] iommufd_access_destroy_object+0x65/0x170 [ 74.248663] iommufd_object_destroy_user+0x18e/0x220 [ 74.249203] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.249816] iommufd_access_destroy+0x43/0x70 [ 74.250297] iommufd_test_staccess_release+0x8d/0xd0 [ 74.250876] __fput+0x26d/0xa40 [ 74.251261] ____fput+0x1e/0x30 [ 74.251624] task_work_run+0x1a4/0x2d0 [ 74.252049] ? __pfx_task_work_run+0x10/0x10 [ 74.252513] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.253044] ? switch_task_namespaces+0xa9/0xe0 [ 74.253549] do_exit+0xb17/0x2ef0 [ 74.253927] ? lock_acquire+0x427/0x4c0 [ 74.254352] ? __pfx_lock_release+0x10/0x10 [ 74.254849] ? __kasan_check_write+0x18/0x20 [ 74.255338] ? do_raw_spin_lock+0x132/0x2a0 [ 74.255794] ? __pfx_do_exit+0x10/0x10 [ 74.256212] ? debug_smp_processor_id+0x20/0x30 [ 74.256705] ? rcu_is_watching+0x19/0xb0 [ 74.257137] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.257622] ? trace_hardirqs_on+0x26/0x120 [ 74.258081] do_group_exit+0xe0/0x2b0 [ 74.258481] __x64_sys_exit_group+0x47/0x50 [ 74.258970] do_syscall_64+0x3b/0x90 [ 74.259406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.259959] RIP: 0033:0x7f4b87518a4d [ 74.260350] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.260995] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.261787] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.262555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.263301] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.264040] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.264781] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.265528] [ 74.265779] irq event stamp: 0 [ 74.266111] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.266810] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.267702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.268580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.269245] ---[ end trace 0000000000000000 ]--- [ 74.270150] ------------[ cut here ]------------ [ 74.270696] WARNING: CPU: 1 PID: 611 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.271777] Modules linked in: [ 74.272122] CPU: 1 PID: 611 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.273025] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.274168] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.274789] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.276637] RSP: 0018:ffff888015da7b78 EFLAGS: 00010246 [ 74.277183] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.277900] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 74.278650] RBP: ffff888015da7b98 R08: ffffed100215f83e R09: ffffed100215f83e [ 74.279380] R10: ffff888010afc1ef R11: ffffed100215f83d R12: ffff888010afc290 [ 74.280098] R13: ffff888010afc0a8 R14: ffffffffffffffff R15: ffff888015da7c60 [ 74.280811] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.281615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.282199] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 74.282937] PKRU: 55555554 [ 74.283239] Call Trace: [ 74.283518] [ 74.283767] iommufd_ioas_destroy+0x53/0x70 [ 74.284210] iommufd_fops_release+0x1f7/0x370 [ 74.284670] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.285183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.285681] ? write_comp_data+0x2f/0x90 [ 74.286105] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.286636] __fput+0x26d/0xa40 [ 74.286990] ____fput+0x1e/0x30 [ 74.287353] task_work_run+0x1a4/0x2d0 [ 74.287755] ? __pfx_task_work_run+0x10/0x10 [ 74.288193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.288682] ? switch_task_namespaces+0xa9/0xe0 [ 74.289162] do_exit+0xb17/0x2ef0 [ 74.289516] ? lock_acquire+0x427/0x4c0 [ 74.289924] ? __pfx_lock_release+0x10/0x10 [ 74.290357] ? __kasan_check_write+0x18/0x20 [ 74.290820] ? do_raw_spin_lock+0x132/0x2a0 [ 74.291263] ? __pfx_do_exit+0x10/0x10 [ 74.291660] ? debug_smp_processor_id+0x20/0x30 [ 74.292127] ? rcu_is_watching+0x19/0xb0 [ 74.292533] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.292988] ? trace_hardirqs_on+0x26/0x120 [ 74.293424] do_group_exit+0xe0/0x2b0 [ 74.293807] __x64_sys_exit_group+0x47/0x50 [ 74.294235] do_syscall_64+0x3b/0x90 [ 74.294643] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.295185] RIP: 0033:0x7f4b87518a4d [ 74.295558] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.296171] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.296898] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.297545] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.298195] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.298870] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.299548] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.300210] [ 74.300424] irq event stamp: 0 [ 74.300713] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.301291] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.302054] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.302869] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.303503] ---[ end trace 0000000000000000 ]--- [ 74.307724] ------------[ cut here ]------------ [ 74.308198] WARNING: CPU: 1 PID: 612 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.309113] Modules linked in: [ 74.309403] CPU: 1 PID: 612 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.310178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.311395] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.311857] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.313519] RSP: 0018:ffff88801395fbb8 EFLAGS: 00010246 [ 74.313997] RAX: 0000000000000000 RBX: ffff88801358e0a8 RCX: 0000000000000000 [ 74.314654] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 74.315305] RBP: ffff88801395fbd0 R08: ffffed10026b1c33 R09: ffffed10026b1c33 [ 74.316053] R10: ffff88801358e193 R11: ffffed10026b1c32 R12: ffff88800fd71000 [ 74.316673] R13: ffff88801358e1e8 R14: ffffffff8352e670 R15: ffff88801395fe68 [ 74.317288] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.317972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.318472] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ee0 [ 74.319129] PKRU: 55555554 [ 74.319378] Call Trace: [ 74.319600] [ 74.319792] __iommufd_access_detach+0x1c2/0x2b0 [ 74.320215] iommufd_access_change_pt+0x149/0x270 [ 74.320640] iommufd_access_replace+0xb4/0x120 [ 74.321048] iommufd_test+0x3e5/0x37e0 [ 74.321385] ? lock_release+0x532/0x770 [ 74.321739] ? __might_fault+0x102/0x1b0 [ 74.322096] ? lock_acquire+0x427/0x4c0 [ 74.322445] ? __pfx_iommufd_test+0x10/0x10 [ 74.322839] ? __pfx_lock_release+0x10/0x10 [ 74.323229] ? __pfx_lock_acquire+0x10/0x10 [ 74.323610] ? write_comp_data+0x2f/0x90 [ 74.323972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.324402] ? write_comp_data+0x2f/0x90 [ 74.324765] iommufd_fops_ioctl+0x37d/0x510 [ 74.325138] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.325560] ? write_comp_data+0x2f/0x90 [ 74.325917] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.326334] __x64_sys_ioctl+0x1a3/0x230 [ 74.326716] do_syscall_64+0x3b/0x90 [ 74.327054] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.327519] RIP: 0033:0x7f4b8743ee5d [ 74.327840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.329396] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.330049] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.330688] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.331312] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.331919] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.332525] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.333142] [ 74.333346] irq event stamp: 0 [ 74.333615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.334162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.334903] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.335726] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.336366] ---[ end trace 0000000000000000 ]--- [ 74.339239] ------------[ cut here ]------------ [ 74.339672] WARNING: CPU: 1 PID: 612 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.340479] Modules linked in: [ 74.340737] CPU: 1 PID: 612 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.341430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.342327] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.342753] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.344243] RSP: 0018:ffff88801395fbd0 EFLAGS: 00010246 [ 74.344677] RAX: 0000000000000000 RBX: ffff88801358e0a8 RCX: 0000000000000000 [ 74.345246] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 74.345815] RBP: ffff88801395fbe8 R08: ffffed10026b1c33 R09: ffffed10026b1c33 [ 74.346383] R10: ffff88801358e193 R11: ffffed10026b1c32 R12: ffff88801364f400 [ 74.346983] R13: ffff88801358e1e8 R14: ffff888020e5fe00 R15: 0000000000000000 [ 74.347597] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.348240] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.348704] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.349281] PKRU: 55555554 [ 74.349513] Call Trace: [ 74.349719] [ 74.349900] iommufd_access_destroy_object+0x65/0x170 [ 74.350326] iommufd_object_destroy_user+0x18e/0x220 [ 74.350767] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.351248] iommufd_access_destroy+0x43/0x70 [ 74.351642] iommufd_test_staccess_release+0x8d/0xd0 [ 74.352064] __fput+0x26d/0xa40 [ 74.352351] ____fput+0x1e/0x30 [ 74.352632] task_work_run+0x1a4/0x2d0 [ 74.352966] ? __pfx_task_work_run+0x10/0x10 [ 74.353335] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.353740] ? switch_task_namespaces+0xa9/0xe0 [ 74.354128] do_exit+0xb17/0x2ef0 [ 74.354411] ? lock_acquire+0x427/0x4c0 [ 74.354769] ? __pfx_lock_release+0x10/0x10 [ 74.355142] ? __kasan_check_write+0x18/0x20 [ 74.355508] ? do_raw_spin_lock+0x132/0x2a0 [ 74.355862] ? __pfx_do_exit+0x10/0x10 [ 74.356185] ? debug_smp_processor_id+0x20/0x30 [ 74.356567] ? rcu_is_watching+0x19/0xb0 [ 74.356897] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.357272] ? trace_hardirqs_on+0x26/0x120 [ 74.357630] do_group_exit+0xe0/0x2b0 [ 74.357940] __x64_sys_exit_group+0x47/0x50 [ 74.358289] do_syscall_64+0x3b/0x90 [ 74.358620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.359050] RIP: 0033:0x7f4b87518a4d [ 74.359363] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.359857] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.360468] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.361043] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.361614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.362188] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.362790] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.363397] [ 74.363588] irq event stamp: 0 [ 74.363844] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.364360] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.365059] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.365730] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.366235] ---[ end trace 0000000000000000 ]--- [ 74.366978] ------------[ cut here ]------------ [ 74.367426] WARNING: CPU: 1 PID: 612 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.368237] Modules linked in: [ 74.368500] CPU: 1 PID: 612 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.369201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.370110] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.370566] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.372042] RSP: 0018:ffff88801395fb78 EFLAGS: 00010246 [ 74.372475] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.373050] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 74.373618] RBP: ffff88801395fb98 R08: ffffed10026b1c3e R09: ffffed10026b1c3e [ 74.374192] R10: ffff88801358e1ef R11: ffffed10026b1c3d R12: ffff88801358e290 [ 74.374791] R13: ffff88801358e0a8 R14: ffffffffffffffff R15: ffff88801395fc60 [ 74.375384] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.376035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.376499] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.377074] PKRU: 55555554 [ 74.377305] Call Trace: [ 74.377512] [ 74.377695] iommufd_ioas_destroy+0x53/0x70 [ 74.378046] iommufd_fops_release+0x1f7/0x370 [ 74.378417] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.378851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.379274] ? write_comp_data+0x2f/0x90 [ 74.379615] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.380025] __fput+0x26d/0xa40 [ 74.380306] ____fput+0x1e/0x30 [ 74.380580] task_work_run+0x1a4/0x2d0 [ 74.380905] ? __pfx_task_work_run+0x10/0x10 [ 74.381268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.381669] ? switch_task_namespaces+0xa9/0xe0 [ 74.382054] do_exit+0xb17/0x2ef0 [ 74.382336] ? lock_acquire+0x427/0x4c0 [ 74.382693] ? __pfx_lock_release+0x10/0x10 [ 74.383051] ? __kasan_check_write+0x18/0x20 [ 74.383410] ? do_raw_spin_lock+0x132/0x2a0 [ 74.383750] ? __pfx_do_exit+0x10/0x10 [ 74.384064] ? debug_smp_processor_id+0x20/0x30 [ 74.384432] ? rcu_is_watching+0x19/0xb0 [ 74.384750] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.385112] ? trace_hardirqs_on+0x26/0x120 [ 74.385454] do_group_exit+0xe0/0x2b0 [ 74.385755] __x64_sys_exit_group+0x47/0x50 [ 74.386092] do_syscall_64+0x3b/0x90 [ 74.386392] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.386824] RIP: 0033:0x7f4b87518a4d [ 74.387129] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.387610] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.388199] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.388753] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.389303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.389856] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.390407] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.390987] [ 74.391186] irq event stamp: 0 [ 74.391436] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.391927] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.392577] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.393217] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.393700] ---[ end trace 0000000000000000 ]--- [ 74.397895] ------------[ cut here ]------------ [ 74.398302] WARNING: CPU: 1 PID: 613 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.399128] Modules linked in: [ 74.399380] CPU: 1 PID: 613 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.400043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.400903] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.401287] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.402689] RSP: 0018:ffff88800b92fbb8 EFLAGS: 00010246 [ 74.403100] RAX: 0000000000000000 RBX: ffff88801352f8a8 RCX: 0000000000000000 [ 74.403657] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 74.404199] RBP: ffff88800b92fbd0 R08: ffffed10026a5f33 R09: ffffed10026a5f33 [ 74.404749] R10: ffff88801352f993 R11: ffffed10026a5f32 R12: ffff888016499400 [ 74.405291] R13: ffff88801352f9e8 R14: ffffffff8352e670 R15: ffff88800b92fe68 [ 74.405838] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.406450] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.406925] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 74.407481] PKRU: 55555554 [ 74.407700] Call Trace: [ 74.407897] [ 74.408076] __iommufd_access_detach+0x1c2/0x2b0 [ 74.408457] iommufd_access_change_pt+0x149/0x270 [ 74.408837] iommufd_access_replace+0xb4/0x120 [ 74.409199] iommufd_test+0x3e5/0x37e0 [ 74.409501] ? lock_release+0x532/0x770 [ 74.409821] ? __might_fault+0x102/0x1b0 [ 74.410142] ? lock_acquire+0x427/0x4c0 [ 74.410458] ? __pfx_iommufd_test+0x10/0x10 [ 74.410810] ? __pfx_lock_release+0x10/0x10 [ 74.411162] ? __pfx_lock_acquire+0x10/0x10 [ 74.411506] ? write_comp_data+0x2f/0x90 [ 74.411833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.412218] ? write_comp_data+0x2f/0x90 [ 74.412543] iommufd_fops_ioctl+0x37d/0x510 [ 74.412886] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.413270] ? write_comp_data+0x2f/0x90 [ 74.413593] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.413970] __x64_sys_ioctl+0x1a3/0x230 [ 74.414299] do_syscall_64+0x3b/0x90 [ 74.414616] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.415027] RIP: 0033:0x7f4b8743ee5d [ 74.415330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.416724] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.417308] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.417853] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.418396] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.418963] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.419519] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.420074] [ 74.420256] irq event stamp: 0 [ 74.420500] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.420990] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.421630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.422270] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.422783] ---[ end trace 0000000000000000 ]--- [ 74.425498] ------------[ cut here ]------------ [ 74.425886] WARNING: CPU: 1 PID: 613 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.426683] Modules linked in: [ 74.426933] CPU: 1 PID: 613 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.427612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.428468] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.428850] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.430240] RSP: 0018:ffff88800b92fbd0 EFLAGS: 00010246 [ 74.430668] RAX: 0000000000000000 RBX: ffff88801352f8a8 RCX: 0000000000000000 [ 74.431231] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 74.431774] RBP: ffff88800b92fbe8 R08: ffffed10026a5f33 R09: ffffed10026a5f33 [ 74.432316] R10: ffff88801352f993 R11: ffffed10026a5f32 R12: ffff88800fd70400 [ 74.432858] R13: ffff88801352f9e8 R14: ffff888010b11e00 R15: 0000000000000000 [ 74.433399] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.434012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.434456] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.435020] PKRU: 55555554 [ 74.435246] Call Trace: [ 74.435446] [ 74.435622] iommufd_access_destroy_object+0x65/0x170 [ 74.436026] iommufd_object_destroy_user+0x18e/0x220 [ 74.436424] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.436879] iommufd_access_destroy+0x43/0x70 [ 74.437244] iommufd_test_staccess_release+0x8d/0xd0 [ 74.437645] __fput+0x26d/0xa40 [ 74.437919] ____fput+0x1e/0x30 [ 74.438184] task_work_run+0x1a4/0x2d0 [ 74.438496] ? __pfx_task_work_run+0x10/0x10 [ 74.438866] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.439257] ? switch_task_namespaces+0xa9/0xe0 [ 74.439631] do_exit+0xb17/0x2ef0 [ 74.439901] ? lock_acquire+0x427/0x4c0 [ 74.440216] ? __pfx_lock_release+0x10/0x10 [ 74.440563] ? __kasan_check_write+0x18/0x20 [ 74.440904] ? do_raw_spin_lock+0x132/0x2a0 [ 74.441237] ? __pfx_do_exit+0x10/0x10 [ 74.441548] ? debug_smp_processor_id+0x20/0x30 [ 74.441916] ? rcu_is_watching+0x19/0xb0 [ 74.442232] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.442602] ? trace_hardirqs_on+0x26/0x120 [ 74.442945] do_group_exit+0xe0/0x2b0 [ 74.443248] __x64_sys_exit_group+0x47/0x50 [ 74.443583] do_syscall_64+0x3b/0x90 [ 74.443879] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.444285] RIP: 0033:0x7f4b87518a4d [ 74.444573] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.445044] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.445625] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.446165] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.446727] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.447287] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.447831] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.448380] [ 74.448559] irq event stamp: 0 [ 74.448802] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.449282] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.449916] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.450574] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.451060] ---[ end trace 0000000000000000 ]--- [ 74.451768] ------------[ cut here ]------------ [ 74.452129] WARNING: CPU: 1 PID: 613 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.452892] Modules linked in: [ 74.453134] CPU: 1 PID: 613 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.453785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.454637] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.455024] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.456385] RSP: 0018:ffff88800b92fb78 EFLAGS: 00010246 [ 74.456780] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.457309] RDX: 0000000000000000 RSI: ffff888013b82500 RDI: 0000000000000002 [ 74.457839] RBP: ffff88800b92fb98 R08: ffffed10026a5f3e R09: ffffed10026a5f3e [ 74.458367] R10: ffff88801352f9ef R11: ffffed10026a5f3d R12: ffff88801352fa90 [ 74.458915] R13: ffff88801352f8a8 R14: ffffffffffffffff R15: ffff88800b92fc60 [ 74.459464] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.460066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.460500] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.461032] PKRU: 55555554 [ 74.461245] Call Trace: [ 74.461436] [ 74.461608] iommufd_ioas_destroy+0x53/0x70 [ 74.461940] iommufd_fops_release+0x1f7/0x370 [ 74.462283] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.462676] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.463054] ? write_comp_data+0x2f/0x90 [ 74.463379] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.463759] __fput+0x26d/0xa40 [ 74.464023] ____fput+0x1e/0x30 [ 74.464280] task_work_run+0x1a4/0x2d0 [ 74.464579] ? __pfx_task_work_run+0x10/0x10 [ 74.464916] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.465288] ? switch_task_namespaces+0xa9/0xe0 [ 74.465651] do_exit+0xb17/0x2ef0 [ 74.465914] ? lock_acquire+0x427/0x4c0 [ 74.466225] ? __pfx_lock_release+0x10/0x10 [ 74.466580] ? __kasan_check_write+0x18/0x20 [ 74.466917] ? do_raw_spin_lock+0x132/0x2a0 [ 74.467257] ? __pfx_do_exit+0x10/0x10 [ 74.467561] ? debug_smp_processor_id+0x20/0x30 [ 74.467913] ? rcu_is_watching+0x19/0xb0 [ 74.468218] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.468563] ? trace_hardirqs_on+0x26/0x120 [ 74.468895] do_group_exit+0xe0/0x2b0 [ 74.469183] __x64_sys_exit_group+0x47/0x50 [ 74.469507] do_syscall_64+0x3b/0x90 [ 74.469796] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.470189] RIP: 0033:0x7f4b87518a4d [ 74.470467] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.470943] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.471523] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.472046] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.472565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.473085] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.473615] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.474147] [ 74.474325] irq event stamp: 0 [ 74.474575] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.475037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.475658] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.476266] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.476723] ---[ end trace 0000000000000000 ]--- [ 74.481332] ------------[ cut here ]------------ [ 74.481702] WARNING: CPU: 1 PID: 614 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.482434] Modules linked in: [ 74.482751] CPU: 1 PID: 614 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.483400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.484219] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.484588] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.485912] RSP: 0018:ffff8880186afbb8 EFLAGS: 00010246 [ 74.486301] RAX: 0000000000000000 RBX: ffff88801868e0a8 RCX: 0000000000000000 [ 74.486833] RDX: 0000000000000000 RSI: ffff88800bd58000 RDI: 0000000000000002 [ 74.487358] RBP: ffff8880186afbd0 R08: ffffed10030d1c33 R09: ffffed10030d1c33 [ 74.487883] R10: ffff88801868e193 R11: ffffed10030d1c32 R12: ffff88800fd3c000 [ 74.488403] R13: ffff88801868e1e8 R14: ffffffff8352e670 R15: ffff8880186afe68 [ 74.488910] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.489486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.489903] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 74.490411] PKRU: 55555554 [ 74.490631] Call Trace: [ 74.490818] [ 74.490982] __iommufd_access_detach+0x1c2/0x2b0 [ 74.491341] iommufd_access_change_pt+0x149/0x270 [ 74.491697] iommufd_access_replace+0xb4/0x120 [ 74.492040] iommufd_test+0x3e5/0x37e0 [ 74.492320] ? lock_release+0x532/0x770 [ 74.492617] ? __might_fault+0x102/0x1b0 [ 74.492921] ? lock_acquire+0x427/0x4c0 [ 74.493218] ? __pfx_iommufd_test+0x10/0x10 [ 74.493528] ? __pfx_lock_release+0x10/0x10 [ 74.493845] ? __pfx_lock_acquire+0x10/0x10 [ 74.494167] ? write_comp_data+0x2f/0x90 [ 74.494472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.494846] ? write_comp_data+0x2f/0x90 [ 74.495156] iommufd_fops_ioctl+0x37d/0x510 [ 74.495468] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.495816] ? write_comp_data+0x2f/0x90 [ 74.496111] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.496460] __x64_sys_ioctl+0x1a3/0x230 [ 74.496762] do_syscall_64+0x3b/0x90 [ 74.497040] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.497418] RIP: 0033:0x7f4b8743ee5d [ 74.497686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.498988] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.499537] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.500095] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.500949] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.501536] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.502080] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.502625] [ 74.502855] irq event stamp: 0 [ 74.503143] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.503596] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.504285] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.504872] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.505400] ---[ end trace 0000000000000000 ]--- [ 74.508178] ------------[ cut here ]------------ [ 74.508581] WARNING: CPU: 1 PID: 614 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.509319] Modules linked in: [ 74.509615] CPU: 1 PID: 614 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.510230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.511152] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.511507] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.512879] RSP: 0018:ffff8880186afbd0 EFLAGS: 00010246 [ 74.513348] RAX: 0000000000000000 RBX: ffff88801868e0a8 RCX: 0000000000000000 [ 74.513855] RDX: 0000000000000000 RSI: ffff88800bd58000 RDI: 0000000000000002 [ 74.514422] RBP: ffff8880186afbe8 R08: ffffed10030d1c33 R09: ffffed10030d1c33 [ 74.514964] R10: ffff88801868e193 R11: ffffed10030d1c32 R12: ffff8880182c1400 [ 74.515472] R13: ffff88801868e1e8 R14: ffff8880142c5c00 R15: 0000000000000000 [ 74.516065] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.516631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.517066] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.517634] PKRU: 55555554 [ 74.517833] Call Trace: [ 74.518014] [ 74.518196] iommufd_access_destroy_object+0x65/0x170 [ 74.518641] iommufd_object_destroy_user+0x18e/0x220 [ 74.519009] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.519432] iommufd_access_destroy+0x43/0x70 [ 74.519821] iommufd_test_staccess_release+0x8d/0xd0 [ 74.520229] __fput+0x26d/0xa40 [ 74.520477] ____fput+0x1e/0x30 [ 74.520720] task_work_run+0x1a4/0x2d0 [ 74.521062] ? __pfx_task_work_run+0x10/0x10 [ 74.521413] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.521764] ? switch_task_namespaces+0xa9/0xe0 [ 74.522160] do_exit+0xb17/0x2ef0 [ 74.522464] ? lock_acquire+0x427/0x4c0 [ 74.522781] ? __pfx_lock_release+0x10/0x10 [ 74.523102] ? __kasan_check_write+0x18/0x20 [ 74.523434] ? do_raw_spin_lock+0x132/0x2a0 [ 74.523802] ? __pfx_do_exit+0x10/0x10 [ 74.524147] ? debug_smp_processor_id+0x20/0x30 [ 74.524486] ? rcu_is_watching+0x19/0xb0 [ 74.524794] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.525206] ? trace_hardirqs_on+0x26/0x120 [ 74.525522] do_group_exit+0xe0/0x2b0 [ 74.525802] __x64_sys_exit_group+0x47/0x50 [ 74.526167] do_syscall_64+0x3b/0x90 [ 74.526542] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.526938] RIP: 0033:0x7f4b87518a4d [ 74.527227] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.527691] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.528342] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.528864] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.529501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.530023] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.530676] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.531213] [ 74.531384] irq event stamp: 0 [ 74.531617] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.532181] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.532797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.533533] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.534009] ---[ end trace 0000000000000000 ]--- [ 74.534705] ------------[ cut here ]------------ [ 74.535059] WARNING: CPU: 1 PID: 614 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.535822] Modules linked in: [ 74.536104] CPU: 1 PID: 614 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.536805] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.537814] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.538236] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.539937] RSP: 0018:ffff8880186afb78 EFLAGS: 00010246 [ 74.540536] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.541250] RDX: 0000000000000000 RSI: ffff88800bd58000 RDI: 0000000000000002 [ 74.542110] RBP: ffff8880186afb98 R08: ffffed10030d1c3e R09: ffffed10030d1c3e [ 74.542919] R10: ffff88801868e1ef R11: ffffed10030d1c3d R12: ffff88801868e290 [ 74.543691] R13: ffff88801868e0a8 R14: ffffffffffffffff R15: ffff8880186afc60 [ 74.544457] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.545311] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.546002] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.546768] PKRU: 55555554 [ 74.547067] Call Trace: [ 74.547431] [ 74.547710] iommufd_ioas_destroy+0x53/0x70 [ 74.548163] iommufd_fops_release+0x1f7/0x370 [ 74.548679] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.549267] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.549782] ? write_comp_data+0x2f/0x90 [ 74.550322] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.550882] __fput+0x26d/0xa40 [ 74.551267] ____fput+0x1e/0x30 [ 74.551637] task_work_run+0x1a4/0x2d0 [ 74.552203] ? __pfx_task_work_run+0x10/0x10 [ 74.552690] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.553217] ? switch_task_namespaces+0xa9/0xe0 [ 74.553853] do_exit+0xb17/0x2ef0 [ 74.554235] ? lock_acquire+0x427/0x4c0 [ 74.554734] ? __pfx_lock_release+0x10/0x10 [ 74.555568] ? __kasan_check_write+0x18/0x20 [ 74.556106] ? do_raw_spin_lock+0x132/0x2a0 [ 74.556644] ? __pfx_do_exit+0x10/0x10 [ 74.557189] ? debug_smp_processor_id+0x20/0x30 [ 74.557752] ? rcu_is_watching+0x19/0xb0 [ 74.558372] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.558985] ? trace_hardirqs_on+0x26/0x120 [ 74.559527] do_group_exit+0xe0/0x2b0 [ 74.560038] __x64_sys_exit_group+0x47/0x50 [ 74.560562] do_syscall_64+0x3b/0x90 [ 74.561027] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.561777] RIP: 0033:0x7f4b87518a4d [ 74.562208] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.562995] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.563947] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.564817] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.565699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.566702] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.567552] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.568529] [ 74.568805] irq event stamp: 0 [ 74.569166] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.570024] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.571125] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.572196] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.572981] ---[ end trace 0000000000000000 ]--- [ 74.580280] ------------[ cut here ]------------ [ 74.581148] WARNING: CPU: 1 PID: 615 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.582096] Modules linked in: [ 74.582446] CPU: 1 PID: 615 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.583445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.584584] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.585155] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.587064] RSP: 0018:ffff88800b92fbb8 EFLAGS: 00010246 [ 74.587597] RAX: 0000000000000000 RBX: ffff8880140b50a8 RCX: 0000000000000000 [ 74.588447] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 74.589115] RBP: ffff88800b92fbd0 R08: ffffed1002816a33 R09: ffffed1002816a33 [ 74.589965] R10: ffff8880140b5193 R11: ffffed1002816a32 R12: ffff888021bc9000 [ 74.590655] R13: ffff8880140b51e8 R14: ffffffff8352e670 R15: ffff88800b92fe68 [ 74.591409] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.592269] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.592830] CR2: 00007f4b877410e8 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 74.593688] PKRU: 55555554 [ 74.593965] Call Trace: [ 74.594212] [ 74.594432] __iommufd_access_detach+0x1c2/0x2b0 [ 74.594985] iommufd_access_change_pt+0x149/0x270 [ 74.595488] iommufd_access_replace+0xb4/0x120 [ 74.595942] iommufd_test+0x3e5/0x37e0 [ 74.596318] ? lock_release+0x532/0x770 [ 74.596709] ? __might_fault+0x102/0x1b0 [ 74.597121] ? lock_acquire+0x427/0x4c0 [ 74.597539] ? __pfx_iommufd_test+0x10/0x10 [ 74.597979] ? __pfx_lock_release+0x10/0x10 [ 74.598436] ? __pfx_lock_acquire+0x10/0x10 [ 74.598932] ? write_comp_data+0x2f/0x90 [ 74.599379] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.599897] ? write_comp_data+0x2f/0x90 [ 74.600329] iommufd_fops_ioctl+0x37d/0x510 [ 74.600776] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.601290] ? write_comp_data+0x2f/0x90 [ 74.601718] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.602213] __x64_sys_ioctl+0x1a3/0x230 [ 74.602690] do_syscall_64+0x3b/0x90 [ 74.603097] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.603677] RIP: 0033:0x7f4b8743ee5d [ 74.604073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.605943] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.606770] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.607513] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.608239] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.608966] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.609688] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.610429] [ 74.610700] irq event stamp: 0 [ 74.611023] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.611684] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.612544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.613394] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.614040] ---[ end trace 0000000000000000 ]--- [ 74.617300] ------------[ cut here ]------------ [ 74.617829] WARNING: CPU: 1 PID: 615 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.618920] Modules linked in: [ 74.619276] CPU: 1 PID: 615 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.620136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.621267] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.621771] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.623651] RSP: 0018:ffff88800b92fbd0 EFLAGS: 00010246 [ 74.624210] RAX: 0000000000000000 RBX: ffff8880140b50a8 RCX: 0000000000000000 [ 74.624932] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 74.625650] RBP: ffff88800b92fbe8 R08: ffffed1002816a33 R09: ffffed1002816a33 [ 74.626375] R10: ffff8880140b5193 R11: ffffed1002816a32 R12: ffff88800fd3f000 [ 74.627159] R13: ffff8880140b51e8 R14: ffff888014b9e700 R15: 0000000000000000 [ 74.627890] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.628703] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.629296] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.630021] PKRU: 55555554 [ 74.630306] Call Trace: [ 74.630595] [ 74.630828] iommufd_access_destroy_object+0x65/0x170 [ 74.631373] iommufd_object_destroy_user+0x18e/0x220 [ 74.631888] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.632479] iommufd_access_destroy+0x43/0x70 [ 74.632944] iommufd_test_staccess_release+0x8d/0xd0 [ 74.633466] __fput+0x26d/0xa40 [ 74.633820] ____fput+0x1e/0x30 [ 74.634159] task_work_run+0x1a4/0x2d0 [ 74.634594] ? __pfx_task_work_run+0x10/0x10 [ 74.635053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.635943] ? switch_task_namespaces+0xa9/0xe0 [ 74.636598] do_exit+0xb17/0x2ef0 [ 74.637067] ? lock_acquire+0x427/0x4c0 [ 74.637608] ? __pfx_lock_release+0x10/0x10 [ 74.638190] ? __kasan_check_write+0x18/0x20 [ 74.638863] ? do_raw_spin_lock+0x132/0x2a0 [ 74.639476] ? __pfx_do_exit+0x10/0x10 [ 74.640014] ? debug_smp_processor_id+0x20/0x30 [ 74.640647] ? rcu_is_watching+0x19/0xb0 [ 74.641198] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.641815] ? trace_hardirqs_on+0x26/0x120 [ 74.642407] do_group_exit+0xe0/0x2b0 [ 74.642956] __x64_sys_exit_group+0x47/0x50 [ 74.643532] do_syscall_64+0x3b/0x90 [ 74.644031] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.644710] RIP: 0033:0x7f4b87518a4d [ 74.645190] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.645974] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.646978] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.647903] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.648811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.649709] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.650656] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.651593] [ 74.651898] irq event stamp: 0 [ 74.652304] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.653103] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.654157] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.655272] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.656080] ---[ end trace 0000000000000000 ]--- [ 74.657363] ------------[ cut here ]------------ [ 74.657965] WARNING: CPU: 1 PID: 615 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.659290] Modules linked in: [ 74.659711] CPU: 1 PID: 615 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.660803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.662208] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.662921] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.665250] RSP: 0018:ffff88800b92fb78 EFLAGS: 00010246 [ 74.665947] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.666916] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 74.667855] RBP: ffff88800b92fb98 R08: ffffed1002816a3e R09: ffffed1002816a3e [ 74.668757] R10: ffff8880140b51ef R11: ffffed1002816a3d R12: ffff8880140b5290 [ 74.669662] R13: ffff8880140b50a8 R14: ffffffffffffffff R15: ffff88800b92fc60 [ 74.670600] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.671631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.672356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.673241] PKRU: 55555554 [ 74.673612] Call Trace: [ 74.673943] [ 74.674246] iommufd_ioas_destroy+0x53/0x70 [ 74.674859] iommufd_fops_release+0x1f7/0x370 [ 74.675467] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.676127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.676763] ? write_comp_data+0x2f/0x90 [ 74.677304] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.677945] __fput+0x26d/0xa40 [ 74.678399] ____fput+0x1e/0x30 [ 74.678896] task_work_run+0x1a4/0x2d0 [ 74.679439] ? __pfx_task_work_run+0x10/0x10 [ 74.680012] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.680648] ? switch_task_namespaces+0xa9/0xe0 [ 74.681257] do_exit+0xb17/0x2ef0 [ 74.681715] ? lock_acquire+0x427/0x4c0 [ 74.682244] ? __pfx_lock_release+0x10/0x10 [ 74.682860] ? __kasan_check_write+0x18/0x20 [ 74.683464] ? do_raw_spin_lock+0x132/0x2a0 [ 74.684027] ? __pfx_do_exit+0x10/0x10 [ 74.684541] ? debug_smp_processor_id+0x20/0x30 [ 74.685138] ? rcu_is_watching+0x19/0xb0 [ 74.685660] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.686248] ? trace_hardirqs_on+0x26/0x120 [ 74.686868] do_group_exit+0xe0/0x2b0 [ 74.687377] __x64_sys_exit_group+0x47/0x50 [ 74.687934] do_syscall_64+0x3b/0x90 [ 74.688427] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.689097] RIP: 0033:0x7f4b87518a4d [ 74.689568] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.690334] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.691349] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.692242] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.693125] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.694012] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.694947] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.695871] [ 74.696177] irq event stamp: 0 [ 74.696573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.697357] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.698412] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.699515] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.700304] ---[ end trace 0000000000000000 ]--- [ 74.706948] ------------[ cut here ]------------ [ 74.707606] WARNING: CPU: 1 PID: 616 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.708860] Modules linked in: [ 74.709277] CPU: 1 PID: 616 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.710349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.711792] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.712253] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.714252] RSP: 0018:ffff88801597fbb8 EFLAGS: 00010246 [ 74.714771] RAX: 0000000000000000 RBX: ffff8880180b10a8 RCX: 0000000000000000 [ 74.715516] RDX: 0000000000000000 RSI: ffff88800bd5ca00 RDI: 0000000000000002 [ 74.716127] RBP: ffff88801597fbd0 R08: ffffed1003016233 R09: ffffed1003016233 [ 74.716755] R10: ffff8880180b1193 R11: ffffed1003016232 R12: ffff888010b26800 [ 74.717465] R13: ffff8880180b11e8 R14: ffffffff8352e670 R15: ffff88801597fe68 [ 74.718080] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.718794] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.719308] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 74.719917] PKRU: 55555554 [ 74.720161] Call Trace: [ 74.720386] [ 74.720584] __iommufd_access_detach+0x1c2/0x2b0 [ 74.721026] iommufd_access_change_pt+0x149/0x270 [ 74.721450] iommufd_access_replace+0xb4/0x120 [ 74.721856] iommufd_test+0x3e5/0x37e0 [ 74.722196] ? lock_release+0x532/0x770 [ 74.722590] ? __might_fault+0x102/0x1b0 [ 74.722950] ? lock_acquire+0x427/0x4c0 [ 74.723312] ? __pfx_iommufd_test+0x10/0x10 [ 74.723682] ? __pfx_lock_release+0x10/0x10 [ 74.724059] ? __pfx_lock_acquire+0x10/0x10 [ 74.724439] ? write_comp_data+0x2f/0x90 [ 74.724835] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.725261] ? write_comp_data+0x2f/0x90 [ 74.725621] iommufd_fops_ioctl+0x37d/0x510 [ 74.726003] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.726433] ? write_comp_data+0x2f/0x90 [ 74.726816] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.727250] __x64_sys_ioctl+0x1a3/0x230 [ 74.727616] do_syscall_64+0x3b/0x90 [ 74.727948] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.728400] RIP: 0033:0x7f4b8743ee5d [ 74.728744] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.730292] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.730943] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.731556] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.732138] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.732741] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.733324] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.733921] [ 74.734114] irq event stamp: 0 [ 74.734374] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.734922] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.735624] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.736299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.736824] ---[ end trace 0000000000000000 ]--- [ 74.739699] ------------[ cut here ]------------ [ 74.740138] WARNING: CPU: 1 PID: 616 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.740944] Modules linked in: [ 74.741215] CPU: 1 PID: 616 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.741921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.742893] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.743323] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.744804] RSP: 0018:ffff88801597fbd0 EFLAGS: 00010246 [ 74.745234] RAX: 0000000000000000 RBX: ffff8880180b10a8 RCX: 0000000000000000 [ 74.745817] RDX: 0000000000000000 RSI: ffff88800bd5ca00 RDI: 0000000000000002 [ 74.746407] RBP: ffff88801597fbe8 R08: ffffed1003016233 R09: ffffed1003016233 [ 74.747009] R10: ffff8880180b1193 R11: ffffed1003016232 R12: ffff8880179a4400 [ 74.747605] R13: ffff8880180b11e8 R14: ffff88800fd8c000 R15: 0000000000000000 [ 74.748186] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.748843] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.749386] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.749972] PKRU: 55555554 [ 74.750202] Call Trace: [ 74.750409] [ 74.750618] iommufd_access_destroy_object+0x65/0x170 [ 74.751059] iommufd_object_destroy_user+0x18e/0x220 [ 74.751488] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.751977] iommufd_access_destroy+0x43/0x70 [ 74.752347] iommufd_test_staccess_release+0x8d/0xd0 [ 74.752770] __fput+0x26d/0xa40 [ 74.753068] ____fput+0x1e/0x30 [ 74.753344] task_work_run+0x1a4/0x2d0 [ 74.753669] ? __pfx_task_work_run+0x10/0x10 [ 74.754042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.754443] ? switch_task_namespaces+0xa9/0xe0 [ 74.754854] do_exit+0xb17/0x2ef0 [ 74.755160] ? lock_acquire+0x427/0x4c0 [ 74.755494] ? __pfx_lock_release+0x10/0x10 [ 74.755859] ? __kasan_check_write+0x18/0x20 [ 74.756233] ? do_raw_spin_lock+0x132/0x2a0 [ 74.756585] ? __pfx_do_exit+0x10/0x10 [ 74.756910] ? debug_smp_processor_id+0x20/0x30 [ 74.757300] ? rcu_is_watching+0x19/0xb0 [ 74.757645] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.758019] ? trace_hardirqs_on+0x26/0x120 [ 74.758383] do_group_exit+0xe0/0x2b0 [ 74.758715] __x64_sys_exit_group+0x47/0x50 [ 74.759069] do_syscall_64+0x3b/0x90 [ 74.759418] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.759902] RIP: 0033:0x7f4b87518a4d [ 74.760475] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.761005] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.761692] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.762308] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.762919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.763616] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.764206] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.764965] [ 74.765157] irq event stamp: 0 [ 74.765416] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.766012] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.766743] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.767432] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.768083] ---[ end trace 0000000000000000 ]--- [ 74.768792] ------------[ cut here ]------------ [ 74.769187] WARNING: CPU: 1 PID: 616 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.770145] Modules linked in: [ 74.770416] CPU: 1 PID: 616 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.771303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.772231] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.772791] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.774417] RSP: 0018:ffff88801597fb78 EFLAGS: 00010246 [ 74.774892] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.775537] RDX: 0000000000000000 RSI: ffff88800bd5ca00 RDI: 0000000000000002 [ 74.776203] RBP: ffff88801597fb98 R08: ffffed100301623e R09: ffffed100301623e [ 74.776803] R10: ffff8880180b11ef R11: ffffed100301623d R12: ffff8880180b1290 [ 74.777494] R13: ffff8880180b10a8 R14: ffffffffffffffff R15: ffff88801597fc60 [ 74.778085] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.778891] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.779376] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.780043] PKRU: 55555554 [ 74.780347] Call Trace: [ 74.780555] [ 74.780741] iommufd_ioas_destroy+0x53/0x70 [ 74.781242] iommufd_fops_release+0x1f7/0x370 [ 74.781701] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.782130] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.782609] ? write_comp_data+0x2f/0x90 [ 74.783034] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.783476] __fput+0x26d/0xa40 [ 74.783767] ____fput+0x1e/0x30 [ 74.784055] task_work_run+0x1a4/0x2d0 [ 74.784396] ? __pfx_task_work_run+0x10/0x10 [ 74.784883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.785287] ? switch_task_namespaces+0xa9/0xe0 [ 74.785690] do_exit+0xb17/0x2ef0 [ 74.786044] ? lock_acquire+0x427/0x4c0 [ 74.786443] ? __pfx_lock_release+0x10/0x10 [ 74.786844] ? __kasan_check_write+0x18/0x20 [ 74.787222] ? do_raw_spin_lock+0x132/0x2a0 [ 74.787612] ? __pfx_do_exit+0x10/0x10 [ 74.788024] ? debug_smp_processor_id+0x20/0x30 [ 74.788407] ? rcu_is_watching+0x19/0xb0 [ 74.788754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.789248] ? trace_hardirqs_on+0x26/0x120 [ 74.789610] do_group_exit+0xe0/0x2b0 [ 74.789940] __x64_sys_exit_group+0x47/0x50 [ 74.790338] do_syscall_64+0x3b/0x90 [ 74.790728] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.791183] RIP: 0033:0x7f4b87518a4d [ 74.791485] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.792028] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.792705] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.793303] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.794028] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.794630] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.795302] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.795946] [ 74.796146] irq event stamp: 0 [ 74.796414] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.797038] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.797720] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.798544] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.799066] ---[ end trace 0000000000000000 ]--- [ 74.802977] ------------[ cut here ]------------ [ 74.803502] WARNING: CPU: 1 PID: 617 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.804390] Modules linked in: [ 74.804681] CPU: 1 PID: 617 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.805471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.806594] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.807002] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.808641] RSP: 0018:ffff88800b92fbb8 EFLAGS: 00010246 [ 74.809105] RAX: 0000000000000000 RBX: ffff8880165630a8 RCX: 0000000000000000 [ 74.809768] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 74.810358] RBP: ffff88800b92fbd0 R08: ffffed1002cac633 R09: ffffed1002cac633 [ 74.810959] R10: ffff888016563193 R11: ffffed1002cac632 R12: ffff88801422f800 [ 74.811558] R13: ffff8880165631e8 R14: ffffffff8352e670 R15: ffff88800b92fe68 [ 74.812143] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.812801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.813344] CR2: 00007f4b877410e8 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 74.813930] PKRU: 55555554 [ 74.814177] Call Trace: [ 74.814385] [ 74.814608] __iommufd_access_detach+0x1c2/0x2b0 [ 74.815011] iommufd_access_change_pt+0x149/0x270 [ 74.815427] iommufd_access_replace+0xb4/0x120 [ 74.815825] iommufd_test+0x3e5/0x37e0 [ 74.816150] ? lock_release+0x532/0x770 [ 74.816486] ? __might_fault+0x102/0x1b0 [ 74.816838] ? lock_acquire+0x427/0x4c0 [ 74.817185] ? __pfx_iommufd_test+0x10/0x10 [ 74.817535] ? __pfx_lock_release+0x10/0x10 [ 74.817906] ? __pfx_lock_acquire+0x10/0x10 [ 74.818273] ? write_comp_data+0x2f/0x90 [ 74.818637] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.819055] ? write_comp_data+0x2f/0x90 [ 74.819410] iommufd_fops_ioctl+0x37d/0x510 [ 74.819768] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.820181] ? write_comp_data+0x2f/0x90 [ 74.820519] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.820913] __x64_sys_ioctl+0x1a3/0x230 [ 74.821268] do_syscall_64+0x3b/0x90 [ 74.821581] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.822005] RIP: 0033:0x7f4b8743ee5d [ 74.822319] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.823843] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.824478] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.825051] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.825640] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.826221] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.826836] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.827434] [ 74.827643] irq event stamp: 0 [ 74.827905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.828415] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.829099] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.829788] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.830304] ---[ end trace 0000000000000000 ]--- [ 74.833317] ------------[ cut here ]------------ [ 74.833740] WARNING: CPU: 1 PID: 617 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.834602] Modules linked in: [ 74.834864] CPU: 1 PID: 617 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.835592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.836515] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.836923] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.838411] RSP: 0018:ffff88800b92fbd0 EFLAGS: 00010246 [ 74.838874] RAX: 0000000000000000 RBX: ffff8880165630a8 RCX: 0000000000000000 [ 74.839474] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 74.840058] RBP: ffff88800b92fbe8 R08: ffffed1002cac633 R09: ffffed1002cac633 [ 74.840650] R10: ffff888016563193 R11: ffffed1002cac632 R12: ffff888010b27c00 [ 74.841225] R13: ffff8880165631e8 R14: ffff8880178e6200 R15: 0000000000000000 [ 74.841812] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.842461] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.842969] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.843570] PKRU: 55555554 [ 74.843810] Call Trace: [ 74.844018] [ 74.844201] iommufd_access_destroy_object+0x65/0x170 [ 74.844628] iommufd_object_destroy_user+0x18e/0x220 [ 74.845138] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.845619] iommufd_access_destroy+0x43/0x70 [ 74.846010] iommufd_test_staccess_release+0x8d/0xd0 [ 74.846432] __fput+0x26d/0xa40 [ 74.846740] ____fput+0x1e/0x30 [ 74.847025] task_work_run+0x1a4/0x2d0 [ 74.847379] ? __pfx_task_work_run+0x10/0x10 [ 74.847747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.848159] ? switch_task_namespaces+0xa9/0xe0 [ 74.848549] do_exit+0xb17/0x2ef0 [ 74.848837] ? lock_acquire+0x427/0x4c0 [ 74.849170] ? __pfx_lock_release+0x10/0x10 [ 74.849539] ? __kasan_check_write+0x18/0x20 [ 74.849900] ? do_raw_spin_lock+0x132/0x2a0 [ 74.850268] ? __pfx_do_exit+0x10/0x10 [ 74.850624] ? debug_smp_processor_id+0x20/0x30 [ 74.851012] ? rcu_is_watching+0x19/0xb0 [ 74.851359] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.851750] ? trace_hardirqs_on+0x26/0x120 [ 74.852107] do_group_exit+0xe0/0x2b0 [ 74.852415] __x64_sys_exit_group+0x47/0x50 [ 74.852779] do_syscall_64+0x3b/0x90 [ 74.853090] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.853526] RIP: 0033:0x7f4b87518a4d [ 74.853835] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.854336] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.854979] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.855562] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.856144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.856716] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.857303] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.857901] [ 74.858091] irq event stamp: 0 [ 74.858347] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.858883] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.859589] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.860281] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.860786] ---[ end trace 0000000000000000 ]--- [ 74.861521] ------------[ cut here ]------------ [ 74.861905] WARNING: CPU: 1 PID: 617 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.862742] Modules linked in: [ 74.863004] CPU: 1 PID: 617 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.863714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.864600] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.865003] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.866428] RSP: 0018:ffff88800b92fb78 EFLAGS: 00010246 [ 74.866883] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.867447] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 74.868017] RBP: ffff88800b92fb98 R08: ffffed1002cac63e R09: ffffed1002cac63e [ 74.868569] R10: ffff8880165631ef R11: ffffed1002cac63d R12: ffff888016563290 [ 74.869133] R13: ffff8880165630a8 R14: ffffffffffffffff R15: ffff88800b92fc60 [ 74.869684] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.870324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.870795] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.871374] PKRU: 55555554 [ 74.871597] Call Trace: [ 74.871796] [ 74.871987] iommufd_ioas_destroy+0x53/0x70 [ 74.872332] iommufd_fops_release+0x1f7/0x370 [ 74.872692] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.873105] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.873497] ? write_comp_data+0x2f/0x90 [ 74.873824] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.874232] __fput+0x26d/0xa40 [ 74.874529] ____fput+0x1e/0x30 [ 74.874800] task_work_run+0x1a4/0x2d0 [ 74.875125] ? __pfx_task_work_run+0x10/0x10 [ 74.875489] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.875878] ? switch_task_namespaces+0xa9/0xe0 [ 74.876264] do_exit+0xb17/0x2ef0 [ 74.876540] ? lock_acquire+0x427/0x4c0 [ 74.876877] ? __pfx_lock_release+0x10/0x10 [ 74.877279] ? __kasan_check_write+0x18/0x20 [ 74.877636] ? do_raw_spin_lock+0x132/0x2a0 [ 74.877974] ? __pfx_do_exit+0x10/0x10 [ 74.878285] ? debug_smp_processor_id+0x20/0x30 [ 74.878682] ? rcu_is_watching+0x19/0xb0 [ 74.879005] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.879370] ? trace_hardirqs_on+0x26/0x120 [ 74.879721] do_group_exit+0xe0/0x2b0 [ 74.880020] __x64_sys_exit_group+0x47/0x50 [ 74.880353] do_syscall_64+0x3b/0x90 [ 74.880662] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.881073] RIP: 0033:0x7f4b87518a4d [ 74.881360] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.881841] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.882433] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.883009] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.883568] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.884127] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.884672] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.885237] [ 74.885418] irq event stamp: 0 [ 74.885660] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.886154] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.886819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.887479] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.887961] ---[ end trace 0000000000000000 ]--- [ 74.891914] ------------[ cut here ]------------ [ 74.892305] WARNING: CPU: 1 PID: 618 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.893086] Modules linked in: [ 74.893334] CPU: 1 PID: 618 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.894006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.894899] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.895291] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.896695] RSP: 0018:ffff888023fbfbb8 EFLAGS: 00010246 [ 74.897119] RAX: 0000000000000000 RBX: ffff888023e940a8 RCX: 0000000000000000 [ 74.897664] RDX: 0000000000000000 RSI: ffff88800bd5a500 RDI: 0000000000000002 [ 74.898219] RBP: ffff888023fbfbd0 R08: ffffed10047d2833 R09: ffffed10047d2833 [ 74.898783] R10: ffff888023e94193 R11: ffffed10047d2832 R12: ffff88800fdf8c00 [ 74.899345] R13: ffff888023e941e8 R14: ffffffff8352e670 R15: ffff888023fbfe68 [ 74.899891] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.900516] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.900961] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 74.901519] PKRU: 55555554 [ 74.901739] Call Trace: [ 74.901941] [ 74.902116] __iommufd_access_detach+0x1c2/0x2b0 [ 74.902525] iommufd_access_change_pt+0x149/0x270 [ 74.902908] iommufd_access_replace+0xb4/0x120 [ 74.903286] iommufd_test+0x3e5/0x37e0 [ 74.903591] ? lock_release+0x532/0x770 [ 74.903906] ? __might_fault+0x102/0x1b0 [ 74.904225] ? lock_acquire+0x427/0x4c0 [ 74.904552] ? __pfx_iommufd_test+0x10/0x10 [ 74.904882] ? __pfx_lock_release+0x10/0x10 [ 74.905224] ? __pfx_lock_acquire+0x10/0x10 [ 74.905589] ? write_comp_data+0x2f/0x90 [ 74.905910] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.906289] ? write_comp_data+0x2f/0x90 [ 74.906641] iommufd_fops_ioctl+0x37d/0x510 [ 74.906982] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.907372] ? write_comp_data+0x2f/0x90 [ 74.907710] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.908088] __x64_sys_ioctl+0x1a3/0x230 [ 74.908416] do_syscall_64+0x3b/0x90 [ 74.908738] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.909219] RIP: 0033:0x7f4b8743ee5d [ 74.909509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.910940] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.911538] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.912106] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.912665] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.913224] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.913775] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.914341] [ 74.914545] irq event stamp: 0 [ 74.914795] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.915488] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.916418] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.917332] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.918033] ---[ end trace 0000000000000000 ]--- [ 74.922388] ------------[ cut here ]------------ [ 74.922977] WARNING: CPU: 1 PID: 618 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.923835] Modules linked in: [ 74.924080] CPU: 1 PID: 618 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.924724] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.925556] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.925931] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.927312] RSP: 0018:ffff888023fbfbd0 EFLAGS: 00010246 [ 74.927712] RAX: 0000000000000000 RBX: ffff888023e940a8 RCX: 0000000000000000 [ 74.928244] RDX: 0000000000000000 RSI: ffff88800bd5a500 RDI: 0000000000000002 [ 74.928777] RBP: ffff888023fbfbe8 R08: ffffed10047d2833 R09: ffffed10047d2833 [ 74.929316] R10: ffff888023e94193 R11: ffffed10047d2832 R12: ffff88801422c400 [ 74.929847] R13: ffff888023e941e8 R14: ffff8880149b0100 R15: 0000000000000000 [ 74.930378] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.930988] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.931433] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.931967] PKRU: 55555554 [ 74.932181] Call Trace: [ 74.932373] [ 74.932544] iommufd_access_destroy_object+0x65/0x170 [ 74.932935] iommufd_object_destroy_user+0x18e/0x220 [ 74.933322] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 74.933765] iommufd_access_destroy+0x43/0x70 [ 74.934111] iommufd_test_staccess_release+0x8d/0xd0 [ 74.934499] __fput+0x26d/0xa40 [ 74.934784] ____fput+0x1e/0x30 [ 74.935047] task_work_run+0x1a4/0x2d0 [ 74.935358] ? __pfx_task_work_run+0x10/0x10 [ 74.935695] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.936069] ? switch_task_namespaces+0xa9/0xe0 [ 74.936429] do_exit+0xb17/0x2ef0 [ 74.936693] ? lock_acquire+0x427/0x4c0 [ 74.937005] ? __pfx_lock_release+0x10/0x10 [ 74.937338] ? __kasan_check_write+0x18/0x20 [ 74.937680] ? do_raw_spin_lock+0x132/0x2a0 [ 74.938014] ? __pfx_do_exit+0x10/0x10 [ 74.938318] ? debug_smp_processor_id+0x20/0x30 [ 74.938691] ? rcu_is_watching+0x19/0xb0 [ 74.939007] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.939366] ? trace_hardirqs_on+0x26/0x120 [ 74.939705] do_group_exit+0xe0/0x2b0 [ 74.940004] __x64_sys_exit_group+0x47/0x50 [ 74.940328] do_syscall_64+0x3b/0x90 [ 74.940618] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.941087] RIP: 0033:0x7f4b87518a4d [ 74.941369] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.941829] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.942399] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.942953] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.943501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.944034] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.944571] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.945112] [ 74.945289] irq event stamp: 0 [ 74.945529] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.946002] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.946652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.947288] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.947760] ---[ end trace 0000000000000000 ]--- [ 74.948435] ------------[ cut here ]------------ [ 74.948790] WARNING: CPU: 1 PID: 618 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 74.949549] Modules linked in: [ 74.949790] CPU: 1 PID: 618 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.950436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.951309] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 74.951701] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 74.953061] RSP: 0018:ffff888023fbfb78 EFLAGS: 00010246 [ 74.953458] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.953992] RDX: 0000000000000000 RSI: ffff88800bd5a500 RDI: 0000000000000002 [ 74.954543] RBP: ffff888023fbfb98 R08: ffffed10047d283e R09: ffffed10047d283e [ 74.955087] R10: ffff888023e941ef R11: ffffed10047d283d R12: ffff888023e94290 [ 74.955642] R13: ffff888023e940a8 R14: ffffffffffffffff R15: ffff888023fbfc60 [ 74.956174] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.956773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.957210] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 74.957742] PKRU: 55555554 [ 74.957954] Call Trace: [ 74.958146] [ 74.958318] iommufd_ioas_destroy+0x53/0x70 [ 74.958669] iommufd_fops_release+0x1f7/0x370 [ 74.959015] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.959401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.959777] ? write_comp_data+0x2f/0x90 [ 74.960092] ? __pfx_iommufd_fops_release+0x10/0x10 [ 74.960474] __fput+0x26d/0xa40 [ 74.960737] ____fput+0x1e/0x30 [ 74.960998] task_work_run+0x1a4/0x2d0 [ 74.961300] ? __pfx_task_work_run+0x10/0x10 [ 74.961640] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.962016] ? switch_task_namespaces+0xa9/0xe0 [ 74.962377] do_exit+0xb17/0x2ef0 [ 74.962661] ? lock_acquire+0x427/0x4c0 [ 74.962974] ? __pfx_lock_release+0x10/0x10 [ 74.963318] ? __kasan_check_write+0x18/0x20 [ 74.963656] ? do_raw_spin_lock+0x132/0x2a0 [ 74.963984] ? __pfx_do_exit+0x10/0x10 [ 74.964289] ? debug_smp_processor_id+0x20/0x30 [ 74.964641] ? rcu_is_watching+0x19/0xb0 [ 74.964951] ? _raw_spin_unlock_irq+0x2b/0x60 [ 74.965296] ? trace_hardirqs_on+0x26/0x120 [ 74.965627] do_group_exit+0xe0/0x2b0 [ 74.965915] __x64_sys_exit_group+0x47/0x50 [ 74.966241] do_syscall_64+0x3b/0x90 [ 74.966554] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.966956] RIP: 0033:0x7f4b87518a4d [ 74.967249] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 74.967712] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 74.968282] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 74.968814] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 74.969347] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 74.969883] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 74.970418] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 74.970984] [ 74.971170] irq event stamp: 0 [ 74.971408] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.971882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.972509] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 74.973188] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 74.973661] ---[ end trace 0000000000000000 ]--- [ 74.977396] ------------[ cut here ]------------ [ 74.977761] WARNING: CPU: 1 PID: 619 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 74.978497] Modules linked in: [ 74.978819] CPU: 1 PID: 619 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 74.979459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 74.980288] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 74.980657] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 74.981995] RSP: 0018:ffff88802442fbb8 EFLAGS: 00010246 [ 74.982382] RAX: 0000000000000000 RBX: ffff888023e6a8a8 RCX: 0000000000000000 [ 74.982921] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 74.983445] RBP: ffff88802442fbd0 R08: ffffed10047cd533 R09: ffffed10047cd533 [ 74.983966] R10: ffff888023e6a993 R11: ffffed10047cd532 R12: ffff8880143b4800 [ 74.984484] R13: ffff888023e6a9e8 R14: ffffffff8352e670 R15: ffff88802442fe68 [ 74.985005] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 74.985586] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.986008] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ee0 [ 74.986554] PKRU: 55555554 [ 74.986764] Call Trace: [ 74.986956] [ 74.987140] __iommufd_access_detach+0x1c2/0x2b0 [ 74.987500] iommufd_access_change_pt+0x149/0x270 [ 74.987870] iommufd_access_replace+0xb4/0x120 [ 74.988215] iommufd_test+0x3e5/0x37e0 [ 74.988502] ? lock_release+0x532/0x770 [ 74.988807] ? __might_fault+0x102/0x1b0 [ 74.989113] ? lock_acquire+0x427/0x4c0 [ 74.989415] ? __pfx_iommufd_test+0x10/0x10 [ 74.989730] ? __pfx_lock_release+0x10/0x10 [ 74.990054] ? __pfx_lock_acquire+0x10/0x10 [ 74.990380] ? write_comp_data+0x2f/0x90 [ 74.990702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 74.991065] ? write_comp_data+0x2f/0x90 [ 74.991382] iommufd_fops_ioctl+0x37d/0x510 [ 74.991707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.992068] ? write_comp_data+0x2f/0x90 [ 74.992373] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 74.992730] __x64_sys_ioctl+0x1a3/0x230 [ 74.993057] do_syscall_64+0x3b/0x90 [ 74.993340] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 74.993728] RIP: 0033:0x7f4b8743ee5d [ 74.993999] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 74.995319] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 74.995864] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 74.996375] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 74.996882] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 74.997391] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 74.997909] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 74.998427] [ 74.998609] irq event stamp: 0 [ 74.998840] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 74.999304] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 74.999902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.000495] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.000943] ---[ end trace 0000000000000000 ]--- [ 75.003737] ------------[ cut here ]------------ [ 75.004101] WARNING: CPU: 1 PID: 619 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.004826] Modules linked in: [ 75.005109] CPU: 1 PID: 619 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.005727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.006546] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.006906] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.008215] RSP: 0018:ffff88802442fbd0 EFLAGS: 00010246 [ 75.008597] RAX: 0000000000000000 RBX: ffff888023e6a8a8 RCX: 0000000000000000 [ 75.009108] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 75.009617] RBP: ffff88802442fbe8 R08: ffffed10047cd533 R09: ffffed10047cd533 [ 75.010129] R10: ffff888023e6a993 R11: ffffed10047cd532 R12: ffff88800fdfa400 [ 75.010653] R13: ffff888023e6a9e8 R14: ffff888021858d00 R15: 0000000000000000 [ 75.011168] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.011746] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.012165] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 75.012674] PKRU: 55555554 [ 75.012880] Call Trace: [ 75.013064] [ 75.013229] iommufd_access_destroy_object+0x65/0x170 [ 75.013605] iommufd_object_destroy_user+0x18e/0x220 [ 75.013975] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.014396] iommufd_access_destroy+0x43/0x70 [ 75.014743] iommufd_test_staccess_release+0x8d/0xd0 [ 75.015125] __fput+0x26d/0xa40 [ 75.015380] ____fput+0x1e/0x30 [ 75.015628] task_work_run+0x1a4/0x2d0 [ 75.015918] ? __pfx_task_work_run+0x10/0x10 [ 75.016244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.016602] ? switch_task_namespaces+0xa9/0xe0 [ 75.016951] do_exit+0xb17/0x2ef0 [ 75.017203] ? lock_acquire+0x427/0x4c0 [ 75.017502] ? __pfx_lock_release+0x10/0x10 [ 75.017829] ? __kasan_check_write+0x18/0x20 [ 75.018154] ? do_raw_spin_lock+0x132/0x2a0 [ 75.018469] ? __pfx_do_exit+0x10/0x10 [ 75.018783] ? debug_smp_processor_id+0x20/0x30 [ 75.019144] ? rcu_is_watching+0x19/0xb0 [ 75.019449] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.019793] ? trace_hardirqs_on+0x26/0x120 [ 75.020136] do_group_exit+0xe0/0x2b0 [ 75.020531] __x64_sys_exit_group+0x47/0x50 [ 75.020854] do_syscall_64+0x3b/0x90 [ 75.021138] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.021592] RIP: 0033:0x7f4b87518a4d [ 75.021892] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.022336] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.022977] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.023504] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.024018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.024534] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.025145] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.025677] [ 75.025853] irq event stamp: 0 [ 75.026137] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.026650] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.027289] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.027957] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.028415] ---[ end trace 0000000000000000 ]--- [ 75.029052] ------------[ cut here ]------------ [ 75.029471] WARNING: CPU: 1 PID: 619 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.030199] Modules linked in: [ 75.030458] CPU: 1 PID: 619 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.031174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.032045] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.032457] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.033869] RSP: 0018:ffff88802442fb78 EFLAGS: 00010246 [ 75.034256] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.034869] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 75.035393] RBP: ffff88802442fb98 R08: ffffed10047cd53e R09: ffffed10047cd53e [ 75.035951] R10: ffff888023e6a9ef R11: ffffed10047cd53d R12: ffff888023e6aa90 [ 75.036548] R13: ffff888023e6a8a8 R14: ffffffffffffffff R15: ffff88802442fc60 [ 75.037136] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.037834] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.038265] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 75.038926] PKRU: 55555554 [ 75.039154] Call Trace: [ 75.039356] [ 75.039533] iommufd_ioas_destroy+0x53/0x70 [ 75.039872] iommufd_fops_release+0x1f7/0x370 [ 75.040287] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.040714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.041084] ? write_comp_data+0x2f/0x90 [ 75.041399] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.041867] __fput+0x26d/0xa40 [ 75.042134] ____fput+0x1e/0x30 [ 75.042405] task_work_run+0x1a4/0x2d0 [ 75.042758] ? __pfx_task_work_run+0x10/0x10 [ 75.043174] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.043551] ? switch_task_namespaces+0xa9/0xe0 [ 75.043910] do_exit+0xb17/0x2ef0 [ 75.044169] ? lock_acquire+0x427/0x4c0 [ 75.044522] ? __pfx_lock_release+0x10/0x10 [ 75.044902] ? __kasan_check_write+0x18/0x20 [ 75.045242] ? do_raw_spin_lock+0x132/0x2a0 [ 75.045574] ? __pfx_do_exit+0x10/0x10 [ 75.045895] ? debug_smp_processor_id+0x20/0x30 [ 75.046339] ? rcu_is_watching+0x19/0xb0 [ 75.046676] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.047031] ? trace_hardirqs_on+0x26/0x120 [ 75.047397] do_group_exit+0xe0/0x2b0 [ 75.047738] __x64_sys_exit_group+0x47/0x50 [ 75.048109] do_syscall_64+0x3b/0x90 [ 75.048399] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.048792] RIP: 0033:0x7f4b87518a4d [ 75.049130] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.049635] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.050227] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.050848] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.051404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.051974] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.052570] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.053117] [ 75.053343] irq event stamp: 0 [ 75.053624] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.054121] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.054856] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.055528] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.056012] ---[ end trace 0000000000000000 ]--- [ 75.059548] ------------[ cut here ]------------ [ 75.059940] WARNING: CPU: 1 PID: 620 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.060831] Modules linked in: [ 75.061081] CPU: 1 PID: 620 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.061847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.062735] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.063162] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.064731] RSP: 0018:ffff888023fbfbb8 EFLAGS: 00010246 [ 75.065142] RAX: 0000000000000000 RBX: ffff88800b8128a8 RCX: 0000000000000000 [ 75.065719] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 75.066331] RBP: ffff888023fbfbd0 R08: ffffed1001702533 R09: ffffed1001702533 [ 75.066911] R10: ffff88800b812993 R11: ffffed1001702532 R12: ffff888013614000 [ 75.067561] R13: ffff88800b8129e8 R14: ffffffff8352e670 R15: ffff888023fbfe68 [ 75.068110] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.068828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.069336] CR2: 00007f4b877410e8 CR3: 000000001340a000 CR4: 0000000000750ee0 [ 75.069963] PKRU: 55555554 [ 75.070223] Call Trace: [ 75.070422] [ 75.070623] __iommufd_access_detach+0x1c2/0x2b0 [ 75.071011] iommufd_access_change_pt+0x149/0x270 [ 75.071410] iommufd_access_replace+0xb4/0x120 [ 75.071852] iommufd_test+0x3e5/0x37e0 [ 75.072204] ? lock_release+0x532/0x770 [ 75.072520] ? __might_fault+0x102/0x1b0 [ 75.072847] ? lock_acquire+0x427/0x4c0 [ 75.073270] ? __pfx_iommufd_test+0x10/0x10 [ 75.073606] ? __pfx_lock_release+0x10/0x10 [ 75.073947] ? __pfx_lock_acquire+0x10/0x10 [ 75.074356] ? write_comp_data+0x2f/0x90 [ 75.074750] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.075151] ? write_comp_data+0x2f/0x90 [ 75.075480] iommufd_fops_ioctl+0x37d/0x510 [ 75.075819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.076303] ? write_comp_data+0x2f/0x90 [ 75.076629] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.077007] __x64_sys_ioctl+0x1a3/0x230 [ 75.077397] do_syscall_64+0x3b/0x90 [ 75.077746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.078179] RIP: 0033:0x7f4b8743ee5d [ 75.078532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.080093] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.080838] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.081417] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.082119] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.082733] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.083332] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.084026] [ 75.084221] irq event stamp: 0 [ 75.084477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.085105] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.085797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.086621] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.087147] ---[ end trace 0000000000000000 ]--- [ 75.090019] ------------[ cut here ]------------ [ 75.090464] WARNING: CPU: 1 PID: 620 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.091397] Modules linked in: [ 75.091668] CPU: 1 PID: 620 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.092499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.093411] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.093933] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.095566] RSP: 0018:ffff888023fbfbd0 EFLAGS: 00010246 [ 75.096008] RAX: 0000000000000000 RBX: ffff88800b8128a8 RCX: 0000000000000000 [ 75.096588] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 75.097285] RBP: ffff888023fbfbe8 R08: ffffed1001702533 R09: ffffed1001702533 [ 75.097863] R10: ffff88800b812993 R11: ffffed1001702532 R12: ffff8880143b6c00 [ 75.098554] R13: ffff88800b8129e8 R14: ffff888013d1df00 R15: 0000000000000000 [ 75.099193] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.099842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.100434] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 75.101079] PKRU: 55555554 [ 75.101314] Call Trace: [ 75.101590] [ 75.101823] iommufd_access_destroy_object+0x65/0x170 [ 75.102250] iommufd_object_destroy_user+0x18e/0x220 [ 75.102704] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.103258] iommufd_access_destroy+0x43/0x70 [ 75.103685] iommufd_test_staccess_release+0x8d/0xd0 [ 75.104109] __fput+0x26d/0xa40 [ 75.104400] ____fput+0x1e/0x30 [ 75.104746] task_work_run+0x1a4/0x2d0 [ 75.105127] ? __pfx_task_work_run+0x10/0x10 [ 75.105499] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.105907] ? switch_task_namespaces+0xa9/0xe0 [ 75.106300] do_exit+0xb17/0x2ef0 [ 75.106616] ? lock_acquire+0x427/0x4c0 [ 75.106953] ? __pfx_lock_release+0x10/0x10 [ 75.107322] ? __kasan_check_write+0x18/0x20 [ 75.107694] ? do_raw_spin_lock+0x132/0x2a0 [ 75.108049] ? __pfx_do_exit+0x10/0x10 [ 75.108379] ? debug_smp_processor_id+0x20/0x30 [ 75.108763] ? rcu_is_watching+0x19/0xb0 [ 75.109098] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.109472] ? trace_hardirqs_on+0x26/0x120 [ 75.109831] do_group_exit+0xe0/0x2b0 [ 75.110141] __x64_sys_exit_group+0x47/0x50 [ 75.110492] do_syscall_64+0x3b/0x90 [ 75.110836] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.111282] RIP: 0033:0x7f4b87518a4d [ 75.111589] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.112089] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.112703] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.113280] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.113860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.114432] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.115030] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.115633] [ 75.115824] irq event stamp: 0 [ 75.116082] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.116597] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.117275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.117947] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.118456] ---[ end trace 0000000000000000 ]--- [ 75.119426] ------------[ cut here ]------------ [ 75.119817] WARNING: CPU: 1 PID: 620 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.120634] Modules linked in: [ 75.120896] CPU: 1 PID: 620 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.121592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.122500] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.122954] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.124432] RSP: 0018:ffff888023fbfb78 EFLAGS: 00010246 [ 75.124864] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.125438] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 75.126009] RBP: ffff888023fbfb98 R08: ffffed100170253e R09: ffffed100170253e [ 75.126617] R10: ffff88800b8129ef R11: ffffed100170253d R12: ffff88800b812a90 [ 75.127206] R13: ffff88800b8128a8 R14: ffffffffffffffff R15: ffff888023fbfc60 [ 75.127780] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.128443] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.128910] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 75.129484] PKRU: 55555554 [ 75.129715] Call Trace: [ 75.129923] [ 75.130107] iommufd_ioas_destroy+0x53/0x70 [ 75.130464] iommufd_fops_release+0x1f7/0x370 [ 75.130855] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.131279] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.131692] ? write_comp_data+0x2f/0x90 [ 75.132031] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.132441] __fput+0x26d/0xa40 [ 75.132725] ____fput+0x1e/0x30 [ 75.133062] task_work_run+0x1a4/0x2d0 [ 75.133388] ? __pfx_task_work_run+0x10/0x10 [ 75.133758] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.134161] ? switch_task_namespaces+0xa9/0xe0 [ 75.134573] do_exit+0xb17/0x2ef0 [ 75.134862] ? lock_acquire+0x427/0x4c0 [ 75.135206] ? __pfx_lock_release+0x10/0x10 [ 75.135562] ? __kasan_check_write+0x18/0x20 [ 75.135922] ? do_raw_spin_lock+0x132/0x2a0 [ 75.136274] ? __pfx_do_exit+0x10/0x10 [ 75.136603] ? debug_smp_processor_id+0x20/0x30 [ 75.136985] ? rcu_is_watching+0x19/0xb0 [ 75.137318] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.137692] ? trace_hardirqs_on+0x26/0x120 [ 75.138055] do_group_exit+0xe0/0x2b0 [ 75.138371] __x64_sys_exit_group+0x47/0x50 [ 75.138746] do_syscall_64+0x3b/0x90 [ 75.139063] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.139503] RIP: 0033:0x7f4b87518a4d [ 75.139810] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.140307] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.140935] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.141522] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.142096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.142693] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.143278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.143862] [ 75.144061] irq event stamp: 0 [ 75.144322] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.144829] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.145504] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.146182] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.146721] ---[ end trace 0000000000000000 ]--- [ 75.150452] ------------[ cut here ]------------ [ 75.150912] WARNING: CPU: 1 PID: 621 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.151736] Modules linked in: [ 75.151995] CPU: 1 PID: 621 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.152689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.153587] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.153986] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.155478] RSP: 0018:ffff888016cf7bb8 EFLAGS: 00010246 [ 75.155911] RAX: 0000000000000000 RBX: ffff8880244280a8 RCX: 0000000000000000 [ 75.156484] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 75.157058] RBP: ffff888016cf7bd0 R08: ffffed1004885033 R09: ffffed1004885033 [ 75.157618] R10: ffff888024428193 R11: ffffed1004885032 R12: ffff8880148cf800 [ 75.158190] R13: ffff8880244281e8 R14: ffffffff8352e670 R15: ffff888016cf7e68 [ 75.158781] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.159456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.159926] CR2: 0000000020000140 CR3: 0000000012f20000 CR4: 0000000000750ee0 [ 75.160505] PKRU: 55555554 [ 75.160735] Call Trace: [ 75.160945] [ 75.161131] __iommufd_access_detach+0x1c2/0x2b0 [ 75.161530] iommufd_access_change_pt+0x149/0x270 [ 75.161935] iommufd_access_replace+0xb4/0x120 [ 75.162317] iommufd_test+0x3e5/0x37e0 [ 75.162656] ? lock_release+0x532/0x770 [ 75.162992] ? __might_fault+0x102/0x1b0 [ 75.163348] ? lock_acquire+0x427/0x4c0 [ 75.163684] ? __pfx_iommufd_test+0x10/0x10 [ 75.164035] ? __pfx_lock_release+0x10/0x10 [ 75.164399] ? __pfx_lock_acquire+0x10/0x10 [ 75.164760] ? write_comp_data+0x2f/0x90 [ 75.165157] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.165561] ? write_comp_data+0x2f/0x90 [ 75.165900] iommufd_fops_ioctl+0x37d/0x510 [ 75.166256] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.166682] ? write_comp_data+0x2f/0x90 [ 75.167023] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.167430] __x64_sys_ioctl+0x1a3/0x230 [ 75.167775] do_syscall_64+0x3b/0x90 [ 75.168089] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.168512] RIP: 0033:0x7f4b8743ee5d [ 75.168815] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.170278] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.170916] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.171502] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.172074] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.172653] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.173227] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.173809] [ 75.173999] irq event stamp: 0 [ 75.174255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.174782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.175467] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.176142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.176656] ---[ end trace 0000000000000000 ]--- [ 75.179481] ------------[ cut here ]------------ [ 75.179894] WARNING: CPU: 1 PID: 621 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.180701] Modules linked in: [ 75.180960] CPU: 1 PID: 621 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.181652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.182580] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.182984] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.184471] RSP: 0018:ffff888016cf7bd0 EFLAGS: 00010246 [ 75.184903] RAX: 0000000000000000 RBX: ffff8880244280a8 RCX: 0000000000000000 [ 75.185483] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 75.186050] RBP: ffff888016cf7be8 R08: ffffed1004885033 R09: ffffed1004885033 [ 75.186651] R10: ffff888024428193 R11: ffffed1004885032 R12: ffff888013617000 [ 75.187218] R13: ffff8880244281e8 R14: ffff888020985800 R15: 0000000000000000 [ 75.187771] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.188399] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.188852] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 75.189408] PKRU: 55555554 [ 75.189630] Call Trace: [ 75.189830] [ 75.190008] iommufd_access_destroy_object+0x65/0x170 [ 75.190418] iommufd_object_destroy_user+0x18e/0x220 [ 75.190841] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.191309] iommufd_access_destroy+0x43/0x70 [ 75.191671] iommufd_test_staccess_release+0x8d/0xd0 [ 75.192077] __fput+0x26d/0xa40 [ 75.192350] ____fput+0x1e/0x30 [ 75.192618] task_work_run+0x1a4/0x2d0 [ 75.192932] ? __pfx_task_work_run+0x10/0x10 [ 75.193286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.193674] ? switch_task_namespaces+0xa9/0xe0 [ 75.194048] do_exit+0xb17/0x2ef0 [ 75.194320] ? lock_acquire+0x427/0x4c0 [ 75.194659] ? __pfx_lock_release+0x10/0x10 [ 75.195014] ? __kasan_check_write+0x18/0x20 [ 75.195375] ? do_raw_spin_lock+0x132/0x2a0 [ 75.195719] ? __pfx_do_exit+0x10/0x10 [ 75.196037] ? debug_smp_processor_id+0x20/0x30 [ 75.196399] ? rcu_is_watching+0x19/0xb0 [ 75.196716] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.197129] ? trace_hardirqs_on+0x26/0x120 [ 75.197469] do_group_exit+0xe0/0x2b0 [ 75.197762] __x64_sys_exit_group+0x47/0x50 [ 75.198092] do_syscall_64+0x3b/0x90 [ 75.198389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.198818] RIP: 0033:0x7f4b87518a4d [ 75.199116] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.199588] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.200172] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.200718] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.201265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.201808] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.202351] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.202949] [ 75.203144] irq event stamp: 0 [ 75.203389] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.203873] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.204517] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.205160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.205644] ---[ end trace 0000000000000000 ]--- [ 75.206326] ------------[ cut here ]------------ [ 75.206714] WARNING: CPU: 1 PID: 621 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.207510] Modules linked in: [ 75.207760] CPU: 1 PID: 621 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.208422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.209279] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.209678] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.211097] RSP: 0018:ffff888016cf7b78 EFLAGS: 00010246 [ 75.211524] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.212067] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 75.212612] RBP: ffff888016cf7b98 R08: ffffed100488503e R09: ffffed100488503e [ 75.213154] R10: ffff8880244281ef R11: ffffed100488503d R12: ffff888024428290 [ 75.213695] R13: ffff8880244280a8 R14: ffffffffffffffff R15: ffff888016cf7c60 [ 75.214242] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.214877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.215334] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 75.215885] PKRU: 55555554 [ 75.216104] Call Trace: [ 75.216304] [ 75.216481] iommufd_ioas_destroy+0x53/0x70 [ 75.216823] iommufd_fops_release+0x1f7/0x370 [ 75.217175] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.217563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.217948] ? write_comp_data+0x2f/0x90 [ 75.218273] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.218681] __fput+0x26d/0xa40 [ 75.218952] ____fput+0x1e/0x30 [ 75.219224] task_work_run+0x1a4/0x2d0 [ 75.219539] ? __pfx_task_work_run+0x10/0x10 [ 75.219883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.220266] ? switch_task_namespaces+0xa9/0xe0 [ 75.220634] do_exit+0xb17/0x2ef0 [ 75.220901] ? lock_acquire+0x427/0x4c0 [ 75.221219] ? __pfx_lock_release+0x10/0x10 [ 75.221557] ? __kasan_check_write+0x18/0x20 [ 75.221899] ? do_raw_spin_lock+0x132/0x2a0 [ 75.222232] ? __pfx_do_exit+0x10/0x10 [ 75.222564] ? debug_smp_processor_id+0x20/0x30 [ 75.222931] ? rcu_is_watching+0x19/0xb0 [ 75.223256] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.223614] ? trace_hardirqs_on+0x26/0x120 [ 75.223952] do_group_exit+0xe0/0x2b0 [ 75.224248] __x64_sys_exit_group+0x47/0x50 [ 75.224581] do_syscall_64+0x3b/0x90 [ 75.224882] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.225291] RIP: 0033:0x7f4b87518a4d [ 75.225579] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.226052] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.226662] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.227225] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.227769] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.228313] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.228860] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.229467] [ 75.229653] irq event stamp: 0 [ 75.229894] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.230381] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.231044] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.231691] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.232179] ---[ end trace 0000000000000000 ]--- [ 75.236685] ------------[ cut here ]------------ [ 75.237086] WARNING: CPU: 1 PID: 622 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.237849] Modules linked in: [ 75.238094] CPU: 1 PID: 622 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.238813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.239688] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.240069] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.241452] RSP: 0018:ffff8880146d7bb8 EFLAGS: 00010246 [ 75.241859] RAX: 0000000000000000 RBX: ffff8880120e10a8 RCX: 0000000000000000 [ 75.242403] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 75.242963] RBP: ffff8880146d7bd0 R08: ffffed100241c233 R09: ffffed100241c233 [ 75.243524] R10: ffff8880120e1193 R11: ffffed100241c232 R12: ffff88801580cc00 [ 75.244065] R13: ffff8880120e11e8 R14: ffffffff8352e670 R15: ffff8880146d7e68 [ 75.244615] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.245228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.245669] CR2: 0000000020000140 CR3: 00000000140f0000 CR4: 0000000000750ee0 [ 75.246222] PKRU: 55555554 [ 75.246438] Call Trace: [ 75.246658] [ 75.246834] __iommufd_access_detach+0x1c2/0x2b0 [ 75.247222] iommufd_access_change_pt+0x149/0x270 [ 75.247603] iommufd_access_replace+0xb4/0x120 [ 75.247965] iommufd_test+0x3e5/0x37e0 [ 75.248265] ? lock_release+0x532/0x770 [ 75.248579] ? __might_fault+0x102/0x1b0 [ 75.248900] ? lock_acquire+0x427/0x4c0 [ 75.249217] ? __pfx_iommufd_test+0x10/0x10 [ 75.249546] ? __pfx_lock_release+0x10/0x10 [ 75.249878] ? __pfx_lock_acquire+0x10/0x10 [ 75.250210] ? write_comp_data+0x2f/0x90 [ 75.250545] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.250919] ? write_comp_data+0x2f/0x90 [ 75.251243] iommufd_fops_ioctl+0x37d/0x510 [ 75.251572] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.251944] ? write_comp_data+0x2f/0x90 [ 75.252261] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.252625] __x64_sys_ioctl+0x1a3/0x230 [ 75.252943] do_syscall_64+0x3b/0x90 [ 75.253238] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.253636] RIP: 0033:0x7f4b8743ee5d [ 75.253918] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.255307] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.255882] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.256419] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.256962] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.257493] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.258028] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.258585] [ 75.258763] irq event stamp: 0 [ 75.259003] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.259482] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.260106] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.260729] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.261260] ---[ end trace 0000000000000000 ]--- [ 75.263940] ------------[ cut here ]------------ [ 75.264321] WARNING: CPU: 1 PID: 622 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.265068] Modules linked in: [ 75.265310] CPU: 1 PID: 622 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.265953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.266805] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.267186] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.268539] RSP: 0018:ffff8880146d7bd0 EFLAGS: 00010246 [ 75.268936] RAX: 0000000000000000 RBX: ffff8880120e10a8 RCX: 0000000000000000 [ 75.269466] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 75.269996] RBP: ffff8880146d7be8 R08: ffffed100241c233 R09: ffffed100241c233 [ 75.270550] R10: ffff8880120e1193 R11: ffffed100241c232 R12: ffff8880148ce800 [ 75.271168] R13: ffff8880120e11e8 R14: ffff888013995300 R15: 0000000000000000 [ 75.271815] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.272419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.272852] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 75.273384] PKRU: 55555554 [ 75.273595] Call Trace: [ 75.273786] [ 75.273957] iommufd_access_destroy_object+0x65/0x170 [ 75.274346] iommufd_object_destroy_user+0x18e/0x220 [ 75.274756] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.275211] iommufd_access_destroy+0x43/0x70 [ 75.275563] iommufd_test_staccess_release+0x8d/0xd0 [ 75.275958] __fput+0x26d/0xa40 [ 75.276225] ____fput+0x1e/0x30 [ 75.276482] task_work_run+0x1a4/0x2d0 [ 75.276781] ? __pfx_task_work_run+0x10/0x10 [ 75.277119] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.277493] ? switch_task_namespaces+0xa9/0xe0 [ 75.277851] do_exit+0xb17/0x2ef0 [ 75.278116] ? lock_acquire+0x427/0x4c0 [ 75.278424] ? __pfx_lock_release+0x10/0x10 [ 75.278775] ? __kasan_check_write+0x18/0x20 [ 75.279126] ? do_raw_spin_lock+0x132/0x2a0 [ 75.279460] ? __pfx_do_exit+0x10/0x10 [ 75.279770] ? debug_smp_processor_id+0x20/0x30 [ 75.280175] ? rcu_is_watching+0x19/0xb0 [ 75.280536] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.280895] ? trace_hardirqs_on+0x26/0x120 [ 75.281232] do_group_exit+0xe0/0x2b0 [ 75.281618] __x64_sys_exit_group+0x47/0x50 [ 75.281946] do_syscall_64+0x3b/0x90 [ 75.282237] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.282676] RIP: 0033:0x7f4b87518a4d [ 75.283019] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.283489] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.284127] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.284706] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.285242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.285868] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.286404] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.287058] [ 75.287244] irq event stamp: 0 [ 75.287482] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.287961] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.288628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.289298] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.289791] ---[ end trace 0000000000000000 ]--- [ 75.290541] ------------[ cut here ]------------ [ 75.290903] WARNING: CPU: 1 PID: 622 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.291768] Modules linked in: [ 75.292010] CPU: 1 PID: 622 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.292669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.293613] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.294021] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.295562] RSP: 0018:ffff8880146d7b78 EFLAGS: 00010246 [ 75.295970] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.296501] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 75.297154] RBP: ffff8880146d7b98 R08: ffffed100241c23e R09: ffffed100241c23e [ 75.297700] R10: ffff8880120e11ef R11: ffffed100241c23d R12: ffff8880120e1290 [ 75.298305] R13: ffff8880120e10a8 R14: ffffffffffffffff R15: ffff8880146d7c60 [ 75.298921] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.299560] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.300106] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 75.300653] PKRU: 55555554 [ 75.300872] Call Trace: [ 75.301070] [ 75.301300] iommufd_ioas_destroy+0x53/0x70 [ 75.301675] iommufd_fops_release+0x1f7/0x370 [ 75.302030] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.302421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.302940] ? write_comp_data+0x2f/0x90 [ 75.303278] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.303667] __fput+0x26d/0xa40 [ 75.303939] ____fput+0x1e/0x30 [ 75.304206] task_work_run+0x1a4/0x2d0 [ 75.304633] ? __pfx_task_work_run+0x10/0x10 [ 75.304988] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.305373] ? switch_task_namespaces+0xa9/0xe0 [ 75.305805] do_exit+0xb17/0x2ef0 [ 75.306094] ? lock_acquire+0x427/0x4c0 [ 75.306412] ? __pfx_lock_release+0x10/0x10 [ 75.306786] ? __kasan_check_write+0x18/0x20 [ 75.307156] ? do_raw_spin_lock+0x132/0x2a0 [ 75.307607] ? __pfx_do_exit+0x10/0x10 [ 75.307920] ? debug_smp_processor_id+0x20/0x30 [ 75.308292] ? rcu_is_watching+0x19/0xb0 [ 75.308647] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.309052] ? trace_hardirqs_on+0x26/0x120 [ 75.309396] do_group_exit+0xe0/0x2b0 [ 75.309703] __x64_sys_exit_group+0x47/0x50 [ 75.310099] do_syscall_64+0x3b/0x90 [ 75.310436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.310876] RIP: 0033:0x7f4b87518a4d [ 75.311179] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.311659] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.312381] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.312933] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.313589] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.314136] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.314807] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.315376] [ 75.315556] irq event stamp: 0 [ 75.315802] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.316391] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.317035] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.317793] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.318282] ---[ end trace 0000000000000000 ]--- [ 75.321884] ------------[ cut here ]------------ [ 75.322300] WARNING: CPU: 1 PID: 623 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.323939] Modules linked in: [ 75.324446] CPU: 1 PID: 623 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.325435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.326995] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.327610] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.329871] RSP: 0018:ffff888023fbfbb8 EFLAGS: 00010246 [ 75.330614] RAX: 0000000000000000 RBX: ffff888013bef0a8 RCX: 0000000000000000 [ 75.331448] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 75.332389] RBP: ffff888023fbfbd0 R08: ffffed100277de33 R09: ffffed100277de33 [ 75.333234] R10: ffff888013bef193 R11: ffffed100277de32 R12: ffff888021bb2c00 [ 75.334112] R13: ffff888013bef1e8 R14: ffffffff8352e670 R15: ffff888023fbfe68 [ 75.335017] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 75.335948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.336679] CR2: 00007f4b877410e8 CR3: 00000000140f0000 CR4: 0000000000750ee0 [ 75.337543] PKRU: 55555554 [ 75.337873] Call Trace: [ 75.338212] [ 75.338561] __iommufd_access_detach+0x1c2/0x2b0 [ 75.339145] iommufd_access_change_pt+0x149/0x270 [ 75.339717] iommufd_access_replace+0xb4/0x120 [ 75.340325] iommufd_test+0x3e5/0x37e0 [ 75.340829] ? lock_release+0x532/0x770 [ 75.341297] ? __might_fault+0x102/0x1b0 [ 75.341826] ? lock_acquire+0x427/0x4c0 [ 75.342347] ? __pfx_iommufd_test+0x10/0x10 [ 75.342878] ? __pfx_lock_release+0x10/0x10 [ 75.343419] ? __pfx_lock_acquire+0x10/0x10 [ 75.343866] ? write_comp_data+0x2f/0x90 [ 75.344237] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.344644] ? write_comp_data+0x2f/0x90 [ 75.344983] iommufd_fops_ioctl+0x37d/0x510 [ 75.345403] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.345878] ? write_comp_data+0x2f/0x90 [ 75.346218] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.346662] __x64_sys_ioctl+0x1a3/0x230 [ 75.347004] do_syscall_64+0x3b/0x90 [ 75.347403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.347896] RIP: 0033:0x7f4b8743ee5d [ 75.348199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.349817] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.350440] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.351210] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.351800] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.352394] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.353011] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.353679] [ 75.353873] irq event stamp: 0 [ 75.354137] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.354685] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.355384] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.356060] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.356587] ---[ end trace 0000000000000000 ]--- [ 75.359983] ------------[ cut here ]------------ [ 75.360475] WARNING: CPU: 0 PID: 623 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.361398] Modules linked in: [ 75.361692] CPU: 0 PID: 623 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.362482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.363541] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.364000] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.365678] RSP: 0018:ffff888023fbfbd0 EFLAGS: 00010246 [ 75.366166] RAX: 0000000000000000 RBX: ffff888013bef0a8 RCX: 0000000000000000 [ 75.366838] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 75.367508] RBP: ffff888023fbfbe8 R08: ffffed100277de33 R09: ffffed100277de33 [ 75.368159] R10: ffff888013bef193 R11: ffffed100277de32 R12: ffff88801580e400 [ 75.368813] R13: ffff888013bef1e8 R14: ffff88800f0cea00 R15: 0000000000000000 [ 75.369468] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.370198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.370747] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.371412] PKRU: 55555554 [ 75.371674] Call Trace: [ 75.371917] [ 75.372126] iommufd_access_destroy_object+0x65/0x170 [ 75.372611] iommufd_object_destroy_user+0x18e/0x220 [ 75.373094] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.373635] iommufd_access_destroy+0x43/0x70 [ 75.374061] iommufd_test_staccess_release+0x8d/0xd0 [ 75.374561] __fput+0x26d/0xa40 [ 75.374884] ____fput+0x1e/0x30 [ 75.375204] task_work_run+0x1a4/0x2d0 [ 75.375569] ? __pfx_task_work_run+0x10/0x10 [ 75.375971] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.376419] ? switch_task_namespaces+0xa9/0xe0 [ 75.376849] do_exit+0xb17/0x2ef0 [ 75.377167] ? lock_acquire+0x427/0x4c0 [ 75.377537] ? __pfx_lock_release+0x10/0x10 [ 75.377935] ? __kasan_check_write+0x18/0x20 [ 75.378342] ? do_raw_spin_lock+0x132/0x2a0 [ 75.378756] ? __pfx_do_exit+0x10/0x10 [ 75.379123] ? debug_smp_processor_id+0x20/0x30 [ 75.379553] ? rcu_is_watching+0x19/0xb0 [ 75.379930] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.380350] ? trace_hardirqs_on+0x26/0x120 [ 75.380759] do_group_exit+0xe0/0x2b0 [ 75.381106] __x64_sys_exit_group+0x47/0x50 [ 75.381495] do_syscall_64+0x3b/0x90 [ 75.381842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.382317] RIP: 0033:0x7f4b87518a4d [ 75.382674] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.383237] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.383909] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.384537] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.385168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.385798] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.386425] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.387078] [ 75.387300] irq event stamp: 0 [ 75.387590] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.388148] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.388890] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.389621] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.390185] ---[ end trace 0000000000000000 ]--- [ 75.391353] ------------[ cut here ]------------ [ 75.391776] WARNING: CPU: 0 PID: 623 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.392673] Modules linked in: [ 75.392955] CPU: 0 PID: 623 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.393717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.394824] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.395281] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.396875] RSP: 0018:ffff888023fbfb78 EFLAGS: 00010246 [ 75.397340] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.397963] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 75.398594] RBP: ffff888023fbfb98 R08: ffffed100277de3e R09: ffffed100277de3e [ 75.399220] R10: ffff888013bef1ef R11: ffffed100277de3d R12: ffff888013bef290 [ 75.399831] R13: ffff888013bef0a8 R14: ffffffffffffffff R15: ffff888023fbfc60 [ 75.400437] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.401127] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.401624] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.402235] PKRU: 55555554 [ 75.402477] Call Trace: [ 75.402716] [ 75.402915] iommufd_ioas_destroy+0x53/0x70 [ 75.403296] iommufd_fops_release+0x1f7/0x370 [ 75.403695] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.404125] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.404558] ? write_comp_data+0x2f/0x90 [ 75.404925] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.405365] __fput+0x26d/0xa40 [ 75.405672] ____fput+0x1e/0x30 [ 75.405979] task_work_run+0x1a4/0x2d0 [ 75.406322] ? __pfx_task_work_run+0x10/0x10 [ 75.406722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.407155] ? switch_task_namespaces+0xa9/0xe0 [ 75.407567] do_exit+0xb17/0x2ef0 [ 75.407867] ? lock_acquire+0x427/0x4c0 [ 75.408224] ? __pfx_lock_release+0x10/0x10 [ 75.408607] ? __kasan_check_write+0x18/0x20 [ 75.409004] ? do_raw_spin_lock+0x132/0x2a0 [ 75.409387] ? __pfx_do_exit+0x10/0x10 [ 75.409733] ? debug_smp_processor_id+0x20/0x30 [ 75.410138] ? rcu_is_watching+0x19/0xb0 [ 75.410493] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.410916] ? trace_hardirqs_on+0x26/0x120 [ 75.411303] do_group_exit+0xe0/0x2b0 [ 75.411629] __x64_sys_exit_group+0x47/0x50 [ 75.411991] do_syscall_64+0x3b/0x90 [ 75.412314] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.412769] RIP: 0033:0x7f4b87518a4d [ 75.413085] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.413604] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.414238] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.414853] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.415460] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.416062] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.416660] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.417269] [ 75.417469] irq event stamp: 0 [ 75.417738] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.418267] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.418985] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.419702] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.420232] ---[ end trace 0000000000000000 ]--- [ 75.424762] ------------[ cut here ]------------ [ 75.425204] WARNING: CPU: 0 PID: 624 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.426065] Modules linked in: [ 75.426344] CPU: 0 PID: 624 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.427127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.428100] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.428533] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.430140] RSP: 0018:ffff888013effbb8 EFLAGS: 00010246 [ 75.430629] RAX: 0000000000000000 RBX: ffff888015b890a8 RCX: 0000000000000000 [ 75.431270] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 75.431902] RBP: ffff888013effbd0 R08: ffffed1002b71233 R09: ffffed1002b71233 [ 75.432539] R10: ffff888015b89193 R11: ffffed1002b71232 R12: ffff888013b16000 [ 75.433177] R13: ffff888015b891e8 R14: ffffffff8352e670 R15: ffff888013effe68 [ 75.433814] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.434558] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.435083] CR2: 0000000020000140 CR3: 0000000012f20000 CR4: 0000000000750ef0 [ 75.435730] PKRU: 55555554 [ 75.435990] Call Trace: [ 75.436218] [ 75.436420] __iommufd_access_detach+0x1c2/0x2b0 [ 75.436861] iommufd_access_change_pt+0x149/0x270 [ 75.437306] iommufd_access_replace+0xb4/0x120 [ 75.437731] iommufd_test+0x3e5/0x37e0 [ 75.438092] ? lock_release+0x532/0x770 [ 75.438462] ? __might_fault+0x102/0x1b0 [ 75.438858] ? lock_acquire+0x427/0x4c0 [ 75.439236] ? __pfx_iommufd_test+0x10/0x10 [ 75.439627] ? __pfx_lock_release+0x10/0x10 [ 75.440023] ? __pfx_lock_acquire+0x10/0x10 [ 75.440424] ? write_comp_data+0x2f/0x90 [ 75.440798] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.441240] ? write_comp_data+0x2f/0x90 [ 75.441615] iommufd_fops_ioctl+0x37d/0x510 [ 75.442013] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.442460] ? write_comp_data+0x2f/0x90 [ 75.442859] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.443312] __x64_sys_ioctl+0x1a3/0x230 [ 75.443687] do_syscall_64+0x3b/0x90 [ 75.444032] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.444508] RIP: 0033:0x7f4b8743ee5d [ 75.444847] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.446463] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.447207] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.447880] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.448537] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.449198] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.449862] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.450552] [ 75.450778] irq event stamp: 0 [ 75.451077] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.451671] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.452441] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.453219] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.453798] ---[ end trace 0000000000000000 ]--- [ 75.456681] ------------[ cut here ]------------ [ 75.457147] WARNING: CPU: 0 PID: 624 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.458065] Modules linked in: [ 75.458369] CPU: 0 PID: 624 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.459219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.460276] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.460743] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.462417] RSP: 0018:ffff888013effbd0 EFLAGS: 00010246 [ 75.462920] RAX: 0000000000000000 RBX: ffff888015b890a8 RCX: 0000000000000000 [ 75.463581] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 75.464224] RBP: ffff888013effbe8 R08: ffffed1002b71233 R09: ffffed1002b71233 [ 75.464872] R10: ffff888015b89193 R11: ffffed1002b71232 R12: ffff888013418800 [ 75.465511] R13: ffff888015b891e8 R14: ffff88800b874800 R15: 0000000000000000 [ 75.466152] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.466897] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.467437] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.468084] PKRU: 55555554 [ 75.468343] Call Trace: [ 75.468577] [ 75.468788] iommufd_access_destroy_object+0x65/0x170 [ 75.469270] iommufd_object_destroy_user+0x18e/0x220 [ 75.469739] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.470275] iommufd_access_destroy+0x43/0x70 [ 75.470714] iommufd_test_staccess_release+0x8d/0xd0 [ 75.471202] __fput+0x26d/0xa40 [ 75.471526] ____fput+0x1e/0x30 [ 75.471840] task_work_run+0x1a4/0x2d0 [ 75.472207] ? __pfx_task_work_run+0x10/0x10 [ 75.472623] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.473081] ? switch_task_namespaces+0xa9/0xe0 [ 75.473522] do_exit+0xb17/0x2ef0 [ 75.473842] ? lock_acquire+0x427/0x4c0 [ 75.474215] ? __pfx_lock_release+0x10/0x10 [ 75.474646] ? __kasan_check_write+0x18/0x20 [ 75.475060] ? do_raw_spin_lock+0x132/0x2a0 [ 75.475465] ? __pfx_do_exit+0x10/0x10 [ 75.475833] ? debug_smp_processor_id+0x20/0x30 [ 75.476260] ? rcu_is_watching+0x19/0xb0 [ 75.476636] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.477057] ? trace_hardirqs_on+0x26/0x120 [ 75.477461] do_group_exit+0xe0/0x2b0 [ 75.477821] __x64_sys_exit_group+0x47/0x50 [ 75.478222] do_syscall_64+0x3b/0x90 [ 75.478607] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.479118] RIP: 0033:0x7f4b87518a4d [ 75.479485] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.480081] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.480815] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.481496] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.482183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.482907] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.483598] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.484283] [ 75.484509] irq event stamp: 0 [ 75.484807] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.485415] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.486230] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.487086] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.487719] ---[ end trace 0000000000000000 ]--- [ 75.488529] ------------[ cut here ]------------ [ 75.489002] WARNING: CPU: 0 PID: 624 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.489988] Modules linked in: [ 75.490303] CPU: 0 PID: 624 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.491188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.492287] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.492790] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.494633] RSP: 0018:ffff888013effb78 EFLAGS: 00010246 [ 75.495175] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.495868] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 75.496563] RBP: ffff888013effb98 R08: ffffed1002b7123e R09: ffffed1002b7123e [ 75.497253] R10: ffff888015b891ef R11: ffffed1002b7123d R12: ffff888015b89290 [ 75.497946] R13: ffff888015b890a8 R14: ffffffffffffffff R15: ffff888013effc60 [ 75.498656] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.499440] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.500003] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.500694] PKRU: 55555554 [ 75.500970] Call Trace: [ 75.501217] [ 75.501435] iommufd_ioas_destroy+0x53/0x70 [ 75.501878] iommufd_fops_release+0x1f7/0x370 [ 75.502323] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.502828] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.503317] ? write_comp_data+0x2f/0x90 [ 75.503724] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.504210] __fput+0x26d/0xa40 [ 75.504545] ____fput+0x1e/0x30 [ 75.504881] task_work_run+0x1a4/0x2d0 [ 75.505267] ? __pfx_task_work_run+0x10/0x10 [ 75.505699] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.506186] ? switch_task_namespaces+0xa9/0xe0 [ 75.506674] do_exit+0xb17/0x2ef0 [ 75.507019] ? lock_acquire+0x427/0x4c0 [ 75.507428] ? __pfx_lock_release+0x10/0x10 [ 75.507857] ? __kasan_check_write+0x18/0x20 [ 75.508288] ? do_raw_spin_lock+0x132/0x2a0 [ 75.508717] ? __pfx_do_exit+0x10/0x10 [ 75.509107] ? debug_smp_processor_id+0x20/0x30 [ 75.509561] ? rcu_is_watching+0x19/0xb0 [ 75.509958] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.510400] ? trace_hardirqs_on+0x26/0x120 [ 75.510856] do_group_exit+0xe0/0x2b0 [ 75.511237] __x64_sys_exit_group+0x47/0x50 [ 75.511656] do_syscall_64+0x3b/0x90 [ 75.512023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.512530] RIP: 0033:0x7f4b87518a4d [ 75.512892] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.513492] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.514235] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.514958] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.515677] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.516370] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.517066] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.517761] [ 75.517987] irq event stamp: 0 [ 75.518293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.518921] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.519745] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.520550] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.521160] ---[ end trace 0000000000000000 ]--- [ 75.526418] ------------[ cut here ]------------ [ 75.527149] WARNING: CPU: 0 PID: 625 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.528128] Modules linked in: [ 75.528442] CPU: 0 PID: 625 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.529276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.530360] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.530868] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.532646] RSP: 0018:ffff888016ed7bb8 EFLAGS: 00010246 [ 75.533168] RAX: 0000000000000000 RBX: ffff88801443d0a8 RCX: 0000000000000000 [ 75.533860] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 75.534570] RBP: ffff888016ed7bd0 R08: ffffed1002887a33 R09: ffffed1002887a33 [ 75.535274] R10: ffff88801443d193 R11: ffffed1002887a32 R12: ffff888010505400 [ 75.535963] R13: ffff88801443d1e8 R14: ffffffff8352e670 R15: ffff888016ed7e68 [ 75.536652] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.537429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.537990] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ef0 [ 75.538712] PKRU: 55555554 [ 75.538988] Call Trace: [ 75.539244] [ 75.539469] __iommufd_access_detach+0x1c2/0x2b0 [ 75.539945] iommufd_access_change_pt+0x149/0x270 [ 75.540425] iommufd_access_replace+0xb4/0x120 [ 75.540878] iommufd_test+0x3e5/0x37e0 [ 75.541257] ? lock_release+0x532/0x770 [ 75.541658] ? __might_fault+0x102/0x1b0 [ 75.542062] ? lock_acquire+0x427/0x4c0 [ 75.542457] ? __pfx_iommufd_test+0x10/0x10 [ 75.542910] ? __pfx_lock_release+0x10/0x10 [ 75.543366] ? __pfx_lock_acquire+0x10/0x10 [ 75.543895] ? write_comp_data+0x2f/0x90 [ 75.544525] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.545019] ? write_comp_data+0x2f/0x90 [ 75.545465] iommufd_fops_ioctl+0x37d/0x510 [ 75.546010] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.546500] ? write_comp_data+0x2f/0x90 [ 75.547093] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.547590] __x64_sys_ioctl+0x1a3/0x230 [ 75.548068] do_syscall_64+0x3b/0x90 [ 75.548549] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.549215] RIP: 0033:0x7f4b8743ee5d [ 75.549578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.551523] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.552268] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.552960] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.553648] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.554336] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.555045] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.555758] [ 75.555987] irq event stamp: 0 [ 75.556294] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.556927] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.557735] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.558562] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.559188] ---[ end trace 0000000000000000 ]--- [ 75.562408] ------------[ cut here ]------------ [ 75.562972] WARNING: CPU: 0 PID: 625 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.564082] Modules linked in: [ 75.564403] CPU: 0 PID: 625 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.565407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.566696] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.567191] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.569138] RSP: 0018:ffff888016ed7bd0 EFLAGS: 00010246 [ 75.569727] RAX: 0000000000000000 RBX: ffff88801443d0a8 RCX: 0000000000000000 [ 75.570537] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 75.571403] RBP: ffff888016ed7be8 R08: ffffed1002887a33 R09: ffffed1002887a33 [ 75.572102] R10: ffff88801443d193 R11: ffffed1002887a32 R12: ffff888014581800 [ 75.572796] R13: ffff88801443d1e8 R14: ffff8880143b1a00 R15: 0000000000000000 [ 75.573484] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.574255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.574833] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.575535] PKRU: 55555554 [ 75.575810] Call Trace: [ 75.576055] [ 75.576272] iommufd_access_destroy_object+0x65/0x170 [ 75.576776] iommufd_object_destroy_user+0x18e/0x220 [ 75.577268] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.577833] iommufd_access_destroy+0x43/0x70 [ 75.578282] iommufd_test_staccess_release+0x8d/0xd0 [ 75.578806] __fput+0x26d/0xa40 [ 75.579154] ____fput+0x1e/0x30 [ 75.579487] task_work_run+0x1a4/0x2d0 [ 75.579879] ? __pfx_task_work_run+0x10/0x10 [ 75.580310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.580786] ? switch_task_namespaces+0xa9/0xe0 [ 75.581245] do_exit+0xb17/0x2ef0 [ 75.581579] ? lock_acquire+0x427/0x4c0 [ 75.581969] ? __pfx_lock_release+0x10/0x10 [ 75.582389] ? __kasan_check_write+0x18/0x20 [ 75.582838] ? do_raw_spin_lock+0x132/0x2a0 [ 75.583264] ? __pfx_do_exit+0x10/0x10 [ 75.583650] ? debug_smp_processor_id+0x20/0x30 [ 75.584100] ? rcu_is_watching+0x19/0xb0 [ 75.584497] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.584941] ? trace_hardirqs_on+0x26/0x120 [ 75.585380] do_group_exit+0xe0/0x2b0 [ 75.585754] __x64_sys_exit_group+0x47/0x50 [ 75.586167] do_syscall_64+0x3b/0x90 [ 75.586561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.587074] RIP: 0033:0x7f4b87518a4d [ 75.587446] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.588039] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.588772] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.589455] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.590142] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.590845] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.591542] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.592232] [ 75.592458] irq event stamp: 0 [ 75.592765] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.593372] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.594175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.594992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.595608] ---[ end trace 0000000000000000 ]--- [ 75.596484] ------------[ cut here ]------------ [ 75.597098] WARNING: CPU: 0 PID: 625 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.598104] Modules linked in: [ 75.598481] CPU: 0 PID: 625 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.599394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.600497] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.601118] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.603230] RSP: 0018:ffff888016ed7b78 EFLAGS: 00010246 [ 75.603759] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.604543] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 75.605264] RBP: ffff888016ed7b98 R08: ffffed1002887a3e R09: ffffed1002887a3e [ 75.605999] R10: ffff88801443d1ef R11: ffffed1002887a3d R12: ffff88801443d290 [ 75.606806] R13: ffff88801443d0a8 R14: ffffffffffffffff R15: ffff888016ed7c60 [ 75.607476] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.608363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.608911] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.609716] PKRU: 55555554 [ 75.609979] Call Trace: [ 75.610219] [ 75.610447] iommufd_ioas_destroy+0x53/0x70 [ 75.610994] iommufd_fops_release+0x1f7/0x370 [ 75.611429] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.611905] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.612427] ? write_comp_data+0x2f/0x90 [ 75.612924] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.613398] __fput+0x26d/0xa40 [ 75.613780] ____fput+0x1e/0x30 [ 75.614174] task_work_run+0x1a4/0x2d0 [ 75.614572] ? __pfx_task_work_run+0x10/0x10 [ 75.614996] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.615613] ? switch_task_namespaces+0xa9/0xe0 [ 75.616062] do_exit+0xb17/0x2ef0 [ 75.616414] ? lock_acquire+0x427/0x4c0 [ 75.616910] ? __pfx_lock_release+0x10/0x10 [ 75.617321] ? __kasan_check_write+0x18/0x20 [ 75.617794] ? do_raw_spin_lock+0x132/0x2a0 [ 75.618282] ? __pfx_do_exit+0x10/0x10 [ 75.618683] ? debug_smp_processor_id+0x20/0x30 [ 75.619132] ? rcu_is_watching+0x19/0xb0 [ 75.619659] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.620089] ? trace_hardirqs_on+0x26/0x120 [ 75.620500] do_group_exit+0xe0/0x2b0 [ 75.620910] __x64_sys_exit_group+0x47/0x50 [ 75.621402] do_syscall_64+0x3b/0x90 [ 75.621759] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.622380] RIP: 0033:0x7f4b87518a4d [ 75.622752] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.623341] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.624200] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.624877] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.625660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.626381] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.627164] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.627869] [ 75.628187] irq event stamp: 0 [ 75.628481] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.629094] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.629950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.630883] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.631484] ---[ end trace 0000000000000000 ]--- [ 75.635660] ------------[ cut here ]------------ [ 75.636221] WARNING: CPU: 0 PID: 626 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.637277] Modules linked in: [ 75.637572] CPU: 0 PID: 626 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.638369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.639463] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.639927] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.641609] RSP: 0018:ffff888013effbb8 EFLAGS: 00010246 [ 75.642102] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 75.642786] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 75.643451] RBP: ffff888013effbd0 R08: ffffed100173f833 R09: ffffed100173f833 [ 75.644104] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff88801419b800 [ 75.644758] R13: ffff88800b9fc1e8 R14: ffffffff8352e670 R15: ffff888013effe68 [ 75.645411] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.646146] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.646700] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ef0 [ 75.647377] PKRU: 55555554 [ 75.647643] Call Trace: [ 75.647883] [ 75.648157] __iommufd_access_detach+0x1c2/0x2b0 [ 75.648723] iommufd_access_change_pt+0x149/0x270 [ 75.649184] iommufd_access_replace+0xb4/0x120 [ 75.649738] iommufd_test+0x3e5/0x37e0 [ 75.650102] ? lock_release+0x532/0x770 [ 75.650497] ? __might_fault+0x102/0x1b0 [ 75.650993] ? lock_acquire+0x427/0x4c0 [ 75.651382] ? __pfx_iommufd_test+0x10/0x10 [ 75.651815] ? __pfx_lock_release+0x10/0x10 [ 75.652311] ? __pfx_lock_acquire+0x10/0x10 [ 75.652723] ? write_comp_data+0x2f/0x90 [ 75.653169] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.653699] ? write_comp_data+0x2f/0x90 [ 75.654087] iommufd_fops_ioctl+0x37d/0x510 [ 75.654489] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.654961] ? write_comp_data+0x2f/0x90 [ 75.655357] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.655807] __x64_sys_ioctl+0x1a3/0x230 [ 75.656196] do_syscall_64+0x3b/0x90 [ 75.656561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.657057] RIP: 0033:0x7f4b8743ee5d [ 75.657407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.659106] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.659832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.660495] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.661151] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.661808] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.662461] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.663152] [ 75.663376] irq event stamp: 0 [ 75.663672] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.664258] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.665036] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.665799] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.666378] ---[ end trace 0000000000000000 ]--- [ 75.669276] ------------[ cut here ]------------ [ 75.669755] WARNING: CPU: 0 PID: 626 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.670729] Modules linked in: [ 75.671030] CPU: 0 PID: 626 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.671842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.672889] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.673355] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.675134] RSP: 0018:ffff888013effbd0 EFLAGS: 00010246 [ 75.675642] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 75.676304] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 75.676960] RBP: ffff888013effbe8 R08: ffffed100173f833 R09: ffffed100173f833 [ 75.677615] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff888010507400 [ 75.678274] R13: ffff88800b9fc1e8 R14: ffff8880143d3500 R15: 0000000000000000 [ 75.678951] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.679705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.680244] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.680904] PKRU: 55555554 [ 75.681169] Call Trace: [ 75.681403] [ 75.681615] iommufd_access_destroy_object+0x65/0x170 [ 75.682097] iommufd_object_destroy_user+0x18e/0x220 [ 75.682592] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.683153] iommufd_access_destroy+0x43/0x70 [ 75.683581] iommufd_test_staccess_release+0x8d/0xd0 [ 75.684061] __fput+0x26d/0xa40 [ 75.684384] ____fput+0x1e/0x30 [ 75.684697] task_work_run+0x1a4/0x2d0 [ 75.685066] ? __pfx_task_work_run+0x10/0x10 [ 75.685480] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.685938] ? switch_task_namespaces+0xa9/0xe0 [ 75.686378] do_exit+0xb17/0x2ef0 [ 75.686723] ? lock_acquire+0x427/0x4c0 [ 75.687117] ? __pfx_lock_release+0x10/0x10 [ 75.687527] ? __kasan_check_write+0x18/0x20 [ 75.687942] ? do_raw_spin_lock+0x132/0x2a0 [ 75.688345] ? __pfx_do_exit+0x10/0x10 [ 75.688720] ? debug_smp_processor_id+0x20/0x30 [ 75.689164] ? rcu_is_watching+0x19/0xb0 [ 75.689540] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.689966] ? trace_hardirqs_on+0x26/0x120 [ 75.690372] do_group_exit+0xe0/0x2b0 [ 75.690751] __x64_sys_exit_group+0x47/0x50 [ 75.691168] do_syscall_64+0x3b/0x90 [ 75.691532] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.692029] RIP: 0033:0x7f4b87518a4d [ 75.692378] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.692948] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.693651] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.694297] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.694976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.695636] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.696278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.696933] [ 75.697146] irq event stamp: 0 [ 75.697435] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.698007] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.698777] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.699543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.700112] ---[ end trace 0000000000000000 ]--- [ 75.700939] ------------[ cut here ]------------ [ 75.701357] WARNING: CPU: 0 PID: 626 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.702253] Modules linked in: [ 75.702551] CPU: 0 PID: 626 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.703327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.704330] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.704789] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.706405] RSP: 0018:ffff888013effb78 EFLAGS: 00010246 [ 75.706908] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.707552] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 75.708182] RBP: ffff888013effb98 R08: ffffed100173f83e R09: ffffed100173f83e [ 75.708815] R10: ffff88800b9fc1ef R11: ffffed100173f83d R12: ffff88800b9fc290 [ 75.709451] R13: ffff88800b9fc0a8 R14: ffffffffffffffff R15: ffff888013effc60 [ 75.710078] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.710800] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.711326] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.711957] PKRU: 55555554 [ 75.712208] Call Trace: [ 75.712436] [ 75.712642] iommufd_ioas_destroy+0x53/0x70 [ 75.713039] iommufd_fops_release+0x1f7/0x370 [ 75.713454] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.713908] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.714356] ? write_comp_data+0x2f/0x90 [ 75.714752] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.715225] __fput+0x26d/0xa40 [ 75.715538] ____fput+0x1e/0x30 [ 75.715842] task_work_run+0x1a4/0x2d0 [ 75.716198] ? __pfx_task_work_run+0x10/0x10 [ 75.716594] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.717031] ? switch_task_namespaces+0xa9/0xe0 [ 75.717455] do_exit+0xb17/0x2ef0 [ 75.717765] ? lock_acquire+0x427/0x4c0 [ 75.718128] ? __pfx_lock_release+0x10/0x10 [ 75.718539] ? __kasan_check_write+0x18/0x20 [ 75.718939] ? do_raw_spin_lock+0x132/0x2a0 [ 75.719332] ? __pfx_do_exit+0x10/0x10 [ 75.719690] ? debug_smp_processor_id+0x20/0x30 [ 75.720114] ? rcu_is_watching+0x19/0xb0 [ 75.720482] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.720890] ? trace_hardirqs_on+0x26/0x120 [ 75.721277] do_group_exit+0xe0/0x2b0 [ 75.721623] __x64_sys_exit_group+0x47/0x50 [ 75.722009] do_syscall_64+0x3b/0x90 [ 75.722354] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.722861] RIP: 0033:0x7f4b87518a4d [ 75.723203] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.723751] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.724422] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.725050] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.725674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.726301] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.726948] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.727604] [ 75.727814] irq event stamp: 0 [ 75.728098] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.728659] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.729402] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.730137] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.730716] ---[ end trace 0000000000000000 ]--- [ 75.735323] ------------[ cut here ]------------ [ 75.735776] WARNING: CPU: 0 PID: 627 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.736654] Modules linked in: [ 75.736936] CPU: 0 PID: 627 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.737694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.738902] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.739353] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.740951] RSP: 0018:ffff8880161ffbb8 EFLAGS: 00010246 [ 75.741417] RAX: 0000000000000000 RBX: ffff88800f7798a8 RCX: 0000000000000000 [ 75.742039] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 75.742679] RBP: ffff8880161ffbd0 R08: ffffed1001eef333 R09: ffffed1001eef333 [ 75.743309] R10: ffff88800f779993 R11: ffffed1001eef332 R12: ffff8880140ba400 [ 75.743930] R13: ffff88800f7799e8 R14: ffffffff8352e670 R15: ffff8880161ffe68 [ 75.744548] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.745252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.745763] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ef0 [ 75.746385] PKRU: 55555554 [ 75.746666] Call Trace: [ 75.746893] [ 75.747094] __iommufd_access_detach+0x1c2/0x2b0 [ 75.747534] iommufd_access_change_pt+0x149/0x270 [ 75.747967] iommufd_access_replace+0xb4/0x120 [ 75.748378] iommufd_test+0x3e5/0x37e0 [ 75.748731] ? lock_release+0x532/0x770 [ 75.749093] ? __might_fault+0x102/0x1b0 [ 75.749460] ? lock_acquire+0x427/0x4c0 [ 75.749823] ? __pfx_iommufd_test+0x10/0x10 [ 75.750206] ? __pfx_lock_release+0x10/0x10 [ 75.750618] ? __pfx_lock_acquire+0x10/0x10 [ 75.751030] ? write_comp_data+0x2f/0x90 [ 75.751406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.751838] ? write_comp_data+0x2f/0x90 [ 75.752230] iommufd_fops_ioctl+0x37d/0x510 [ 75.752615] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.753051] ? write_comp_data+0x2f/0x90 [ 75.753420] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.753846] __x64_sys_ioctl+0x1a3/0x230 [ 75.754213] do_syscall_64+0x3b/0x90 [ 75.754581] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.755051] RIP: 0033:0x7f4b8743ee5d [ 75.755392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.756995] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.757665] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.758288] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.758924] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.759556] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.760180] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.760812] [ 75.761017] irq event stamp: 0 [ 75.761296] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.761849] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.762598] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.763337] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.763889] ---[ end trace 0000000000000000 ]--- [ 75.766686] ------------[ cut here ]------------ [ 75.767135] WARNING: CPU: 0 PID: 627 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.768011] Modules linked in: [ 75.768293] CPU: 0 PID: 627 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.769051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.770035] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.770473] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.772149] RSP: 0018:ffff8880161ffbd0 EFLAGS: 00010246 [ 75.772615] RAX: 0000000000000000 RBX: ffff88800f7798a8 RCX: 0000000000000000 [ 75.773239] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 75.773860] RBP: ffff8880161ffbe8 R08: ffffed1001eef333 R09: ffffed1001eef333 [ 75.774479] R10: ffff88800f779993 R11: ffffed1001eef332 R12: ffff888011f6c400 [ 75.775124] R13: ffff88800f7799e8 R14: ffff888016e18b00 R15: 0000000000000000 [ 75.775748] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.776451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.776964] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.777595] PKRU: 55555554 [ 75.777845] Call Trace: [ 75.778069] [ 75.778271] iommufd_access_destroy_object+0x65/0x170 [ 75.778767] iommufd_object_destroy_user+0x18e/0x220 [ 75.779235] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.779751] iommufd_access_destroy+0x43/0x70 [ 75.780155] iommufd_test_staccess_release+0x8d/0xd0 [ 75.780613] __fput+0x26d/0xa40 [ 75.780924] ____fput+0x1e/0x30 [ 75.781221] task_work_run+0x1a4/0x2d0 [ 75.781571] ? __pfx_task_work_run+0x10/0x10 [ 75.781964] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.782397] ? switch_task_namespaces+0xa9/0xe0 [ 75.782848] do_exit+0xb17/0x2ef0 [ 75.783166] ? lock_acquire+0x427/0x4c0 [ 75.783533] ? __pfx_lock_release+0x10/0x10 [ 75.783920] ? __kasan_check_write+0x18/0x20 [ 75.784314] ? do_raw_spin_lock+0x132/0x2a0 [ 75.784695] ? __pfx_do_exit+0x10/0x10 [ 75.785050] ? debug_smp_processor_id+0x20/0x30 [ 75.785461] ? rcu_is_watching+0x19/0xb0 [ 75.785821] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.786225] ? trace_hardirqs_on+0x26/0x120 [ 75.786634] do_group_exit+0xe0/0x2b0 [ 75.786973] __x64_sys_exit_group+0x47/0x50 [ 75.787359] do_syscall_64+0x3b/0x90 [ 75.787700] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.788167] RIP: 0033:0x7f4b87518a4d [ 75.788496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.789037] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.789697] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.790316] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.790948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.791578] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.792199] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.792829] [ 75.793029] irq event stamp: 0 [ 75.793301] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.793841] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.794574] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.795294] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.795842] ---[ end trace 0000000000000000 ]--- [ 75.796712] ------------[ cut here ]------------ [ 75.797125] WARNING: CPU: 0 PID: 627 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.798039] Modules linked in: [ 75.798348] CPU: 0 PID: 627 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.799182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.800213] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.800739] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.802427] RSP: 0018:ffff8880161ffb78 EFLAGS: 00010246 [ 75.803158] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.803772] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 75.804431] RBP: ffff8880161ffb98 R08: ffffed1001eef33e R09: ffffed1001eef33e [ 75.805108] R10: ffff88800f7799ef R11: ffffed1001eef33d R12: ffff88800f779a90 [ 75.805779] R13: ffff88800f7798a8 R14: ffffffffffffffff R15: ffff8880161ffc60 [ 75.806524] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.807376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.807881] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.808618] PKRU: 55555554 [ 75.808869] Call Trace: [ 75.809089] [ 75.809328] iommufd_ioas_destroy+0x53/0x70 [ 75.809774] iommufd_fops_release+0x1f7/0x370 [ 75.810168] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.810733] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.811172] ? write_comp_data+0x2f/0x90 [ 75.811529] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.812008] __fput+0x26d/0xa40 [ 75.812382] ____fput+0x1e/0x30 [ 75.812682] task_work_run+0x1a4/0x2d0 [ 75.813028] ? __pfx_task_work_run+0x10/0x10 [ 75.813537] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.813967] ? switch_task_namespaces+0xa9/0xe0 [ 75.814427] do_exit+0xb17/0x2ef0 [ 75.814809] ? lock_acquire+0x427/0x4c0 [ 75.815169] ? __pfx_lock_release+0x10/0x10 [ 75.815549] ? __kasan_check_write+0x18/0x20 [ 75.815982] ? do_raw_spin_lock+0x132/0x2a0 [ 75.816440] ? __pfx_do_exit+0x10/0x10 [ 75.816786] ? debug_smp_processor_id+0x20/0x30 [ 75.817263] ? rcu_is_watching+0x19/0xb0 [ 75.817665] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.818097] ? trace_hardirqs_on+0x26/0x120 [ 75.818576] do_group_exit+0xe0/0x2b0 [ 75.818916] __x64_sys_exit_group+0x47/0x50 [ 75.819301] do_syscall_64+0x3b/0x90 [ 75.819690] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.820232] RIP: 0033:0x7f4b87518a4d [ 75.820566] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.821228] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.821912] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.822640] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.823276] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.824039] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.824726] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.825454] [ 75.825669] irq event stamp: 0 [ 75.825996] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.826658] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.827461] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.828268] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.828965] ---[ end trace 0000000000000000 ]--- [ 75.836200] ------------[ cut here ]------------ [ 75.836672] WARNING: CPU: 0 PID: 628 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.837672] Modules linked in: [ 75.838008] CPU: 0 PID: 628 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.838893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.840030] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.840473] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.842072] RSP: 0018:ffff8880170bfbb8 EFLAGS: 00010246 [ 75.842557] RAX: 0000000000000000 RBX: ffff888012ca88a8 RCX: 0000000000000000 [ 75.843191] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 75.843816] RBP: ffff8880170bfbd0 R08: ffffed1002595133 R09: ffffed1002595133 [ 75.844437] R10: ffff888012ca8993 R11: ffffed1002595132 R12: ffff888021bc5000 [ 75.845047] R13: ffff888012ca89e8 R14: ffffffff8352e670 R15: ffff8880170bfe68 [ 75.845658] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.846348] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.846863] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 75.847486] PKRU: 55555554 [ 75.847732] Call Trace: [ 75.847957] [ 75.848177] __iommufd_access_detach+0x1c2/0x2b0 [ 75.848725] iommufd_access_change_pt+0x149/0x270 [ 75.849159] iommufd_access_replace+0xb4/0x120 [ 75.849696] iommufd_test+0x3e5/0x37e0 [ 75.850042] ? lock_release+0x532/0x770 [ 75.850403] ? __might_fault+0x102/0x1b0 [ 75.850799] ? lock_acquire+0x427/0x4c0 [ 75.851169] ? __pfx_iommufd_test+0x10/0x10 [ 75.851544] ? __pfx_lock_release+0x10/0x10 [ 75.851928] ? __pfx_lock_acquire+0x10/0x10 [ 75.852315] ? write_comp_data+0x2f/0x90 [ 75.852679] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.853104] ? write_comp_data+0x2f/0x90 [ 75.853463] iommufd_fops_ioctl+0x37d/0x510 [ 75.853842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.854266] ? write_comp_data+0x2f/0x90 [ 75.854639] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.855057] __x64_sys_ioctl+0x1a3/0x230 [ 75.855429] do_syscall_64+0x3b/0x90 [ 75.855764] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.856229] RIP: 0033:0x7f4b8743ee5d [ 75.856557] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.858157] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.858857] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.859487] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.860110] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.860731] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.861356] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.861982] [ 75.862189] irq event stamp: 0 [ 75.862466] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.863036] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.863782] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.864508] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.865056] ---[ end trace 0000000000000000 ]--- [ 75.867871] ------------[ cut here ]------------ [ 75.868319] WARNING: CPU: 0 PID: 628 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.869195] Modules linked in: [ 75.869479] CPU: 0 PID: 628 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.870240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.871303] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.871751] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.873343] RSP: 0018:ffff8880170bfbd0 EFLAGS: 00010246 [ 75.873813] RAX: 0000000000000000 RBX: ffff888012ca88a8 RCX: 0000000000000000 [ 75.874437] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 75.875079] RBP: ffff8880170bfbe8 R08: ffffed1002595133 R09: ffffed1002595133 [ 75.875717] R10: ffff888012ca8993 R11: ffffed1002595132 R12: ffff8880140b8800 [ 75.876341] R13: ffff888012ca89e8 R14: ffff888020e5fd00 R15: 0000000000000000 [ 75.876965] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.877666] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.878182] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.878820] PKRU: 55555554 [ 75.879072] Call Trace: [ 75.879303] [ 75.879503] iommufd_access_destroy_object+0x65/0x170 [ 75.879961] iommufd_object_destroy_user+0x18e/0x220 [ 75.880415] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.880928] iommufd_access_destroy+0x43/0x70 [ 75.881329] iommufd_test_staccess_release+0x8d/0xd0 [ 75.881781] __fput+0x26d/0xa40 [ 75.882085] ____fput+0x1e/0x30 [ 75.882382] task_work_run+0x1a4/0x2d0 [ 75.882756] ? __pfx_task_work_run+0x10/0x10 [ 75.883162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.883597] ? switch_task_namespaces+0xa9/0xe0 [ 75.884018] do_exit+0xb17/0x2ef0 [ 75.884323] ? lock_acquire+0x427/0x4c0 [ 75.884684] ? __pfx_lock_release+0x10/0x10 [ 75.885068] ? __kasan_check_write+0x18/0x20 [ 75.885457] ? do_raw_spin_lock+0x132/0x2a0 [ 75.885829] ? __pfx_do_exit+0x10/0x10 [ 75.886173] ? debug_smp_processor_id+0x20/0x30 [ 75.886593] ? rcu_is_watching+0x19/0xb0 [ 75.886946] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.887349] ? trace_hardirqs_on+0x26/0x120 [ 75.887724] do_group_exit+0xe0/0x2b0 [ 75.888057] __x64_sys_exit_group+0x47/0x50 [ 75.888428] do_syscall_64+0x3b/0x90 [ 75.888758] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.889210] RIP: 0033:0x7f4b87518a4d [ 75.889531] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.890056] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.890727] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.891346] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.891954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.892563] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.893171] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.893782] [ 75.893982] irq event stamp: 0 [ 75.894256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.894820] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.895547] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.896271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.896815] ---[ end trace 0000000000000000 ]--- [ 75.897573] ------------[ cut here ]------------ [ 75.897980] WARNING: CPU: 0 PID: 628 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.898864] Modules linked in: [ 75.899152] CPU: 0 PID: 628 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.899896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.900860] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.901305] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.902897] RSP: 0018:ffff8880170bfb78 EFLAGS: 00010246 [ 75.903369] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.903977] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 75.904586] RBP: ffff8880170bfb98 R08: ffffed100259513e R09: ffffed100259513e [ 75.905198] R10: ffff888012ca89ef R11: ffffed100259513d R12: ffff888012ca8a90 [ 75.905812] R13: ffff888012ca88a8 R14: ffffffffffffffff R15: ffff8880170bfc60 [ 75.906423] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.907136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.907639] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.908252] PKRU: 55555554 [ 75.908495] Call Trace: [ 75.908717] [ 75.908914] iommufd_ioas_destroy+0x53/0x70 [ 75.909291] iommufd_fops_release+0x1f7/0x370 [ 75.909688] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.910124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.910567] ? write_comp_data+0x2f/0x90 [ 75.910928] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.911369] __fput+0x26d/0xa40 [ 75.911665] ____fput+0x1e/0x30 [ 75.911953] task_work_run+0x1a4/0x2d0 [ 75.912292] ? __pfx_task_work_run+0x10/0x10 [ 75.912673] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.913090] ? switch_task_namespaces+0xa9/0xe0 [ 75.913496] do_exit+0xb17/0x2ef0 [ 75.913792] ? lock_acquire+0x427/0x4c0 [ 75.914137] ? __pfx_lock_release+0x10/0x10 [ 75.914526] ? __kasan_check_write+0x18/0x20 [ 75.914912] ? do_raw_spin_lock+0x132/0x2a0 [ 75.915288] ? __pfx_do_exit+0x10/0x10 [ 75.915630] ? debug_smp_processor_id+0x20/0x30 [ 75.916027] ? rcu_is_watching+0x19/0xb0 [ 75.916374] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.916760] ? trace_hardirqs_on+0x26/0x120 [ 75.917133] do_group_exit+0xe0/0x2b0 [ 75.917460] __x64_sys_exit_group+0x47/0x50 [ 75.917828] do_syscall_64+0x3b/0x90 [ 75.918155] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.918630] RIP: 0033:0x7f4b87518a4d [ 75.918950] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.919479] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.920122] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.920720] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.921320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.921921] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.922537] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.923151] [ 75.923352] irq event stamp: 0 [ 75.923621] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.924150] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.924853] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.925553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.926082] ---[ end trace 0000000000000000 ]--- [ 75.930385] ------------[ cut here ]------------ [ 75.930877] WARNING: CPU: 0 PID: 629 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.931732] Modules linked in: [ 75.932003] CPU: 0 PID: 629 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.932732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.933674] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.934097] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.935665] RSP: 0018:ffff888023d27bb8 EFLAGS: 00010246 [ 75.936117] RAX: 0000000000000000 RBX: ffff8880185090a8 RCX: 0000000000000000 [ 75.936715] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 75.937311] RBP: ffff888023d27bd0 R08: ffffed10030a1233 R09: ffffed10030a1233 [ 75.937911] R10: ffff888018509193 R11: ffffed10030a1232 R12: ffff888013e55800 [ 75.938526] R13: ffff8880185091e8 R14: ffffffff8352e670 R15: ffff888023d27e68 [ 75.939138] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.939818] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.940308] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 75.940911] PKRU: 55555554 [ 75.941148] Call Trace: [ 75.941364] [ 75.941561] __iommufd_access_detach+0x1c2/0x2b0 [ 75.941973] iommufd_access_change_pt+0x149/0x270 [ 75.942390] iommufd_access_replace+0xb4/0x120 [ 75.942807] iommufd_test+0x3e5/0x37e0 [ 75.943149] ? lock_release+0x532/0x770 [ 75.943495] ? __might_fault+0x102/0x1b0 [ 75.943848] ? lock_acquire+0x427/0x4c0 [ 75.944193] ? __pfx_iommufd_test+0x10/0x10 [ 75.944561] ? __pfx_lock_release+0x10/0x10 [ 75.944934] ? __pfx_lock_acquire+0x10/0x10 [ 75.945310] ? write_comp_data+0x2f/0x90 [ 75.945656] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.946064] ? write_comp_data+0x2f/0x90 [ 75.946417] iommufd_fops_ioctl+0x37d/0x510 [ 75.946798] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.947222] ? write_comp_data+0x2f/0x90 [ 75.947572] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 75.947973] __x64_sys_ioctl+0x1a3/0x230 [ 75.948318] do_syscall_64+0x3b/0x90 [ 75.948635] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.949074] RIP: 0033:0x7f4b8743ee5d [ 75.949384] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 75.950936] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 75.951583] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 75.952171] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 75.952758] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 75.953343] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 75.953930] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 75.954538] [ 75.954735] irq event stamp: 0 [ 75.955001] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.955528] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.956211] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.956882] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.957388] ---[ end trace 0000000000000000 ]--- [ 75.959978] ------------[ cut here ]------------ [ 75.960379] WARNING: CPU: 0 PID: 629 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 75.961197] Modules linked in: [ 75.961457] CPU: 0 PID: 629 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.962154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.963245] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 75.963653] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 75.965122] RSP: 0018:ffff888023d27bd0 EFLAGS: 00010246 [ 75.965550] RAX: 0000000000000000 RBX: ffff8880185090a8 RCX: 0000000000000000 [ 75.966121] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 75.966706] RBP: ffff888023d27be8 R08: ffffed10030a1233 R09: ffffed10030a1233 [ 75.967289] R10: ffff888018509193 R11: ffffed10030a1232 R12: ffff888021bc4400 [ 75.967865] R13: ffff8880185091e8 R14: ffff8880142c5100 R15: 0000000000000000 [ 75.968437] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.969087] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.969555] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.970131] PKRU: 55555554 [ 75.970361] Call Trace: [ 75.970595] [ 75.970781] iommufd_access_destroy_object+0x65/0x170 [ 75.971210] iommufd_object_destroy_user+0x18e/0x220 [ 75.971628] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 75.972105] iommufd_access_destroy+0x43/0x70 [ 75.972473] iommufd_test_staccess_release+0x8d/0xd0 [ 75.972889] __fput+0x26d/0xa40 [ 75.973169] ____fput+0x1e/0x30 [ 75.973442] task_work_run+0x1a4/0x2d0 [ 75.973763] ? __pfx_task_work_run+0x10/0x10 [ 75.974121] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.974528] ? switch_task_namespaces+0xa9/0xe0 [ 75.974912] do_exit+0xb17/0x2ef0 [ 75.975199] ? lock_acquire+0x427/0x4c0 [ 75.975527] ? __pfx_lock_release+0x10/0x10 [ 75.975877] ? __kasan_check_write+0x18/0x20 [ 75.976234] ? do_raw_spin_lock+0x132/0x2a0 [ 75.976581] ? __pfx_do_exit+0x10/0x10 [ 75.976900] ? debug_smp_processor_id+0x20/0x30 [ 75.977273] ? rcu_is_watching+0x19/0xb0 [ 75.977602] ? _raw_spin_unlock_irq+0x2b/0x60 [ 75.977967] ? trace_hardirqs_on+0x26/0x120 [ 75.978318] do_group_exit+0xe0/0x2b0 [ 75.978644] __x64_sys_exit_group+0x47/0x50 [ 75.978993] do_syscall_64+0x3b/0x90 [ 75.979305] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 75.979728] RIP: 0033:0x7f4b87518a4d [ 75.980030] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 75.980520] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 75.981124] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 75.981691] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 75.982258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 75.982837] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 75.983411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 75.983986] [ 75.984172] irq event stamp: 0 [ 75.984427] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 75.984929] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 75.985597] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 75.986261] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 75.986774] ---[ end trace 0000000000000000 ]--- [ 75.987443] ------------[ cut here ]------------ [ 75.987826] WARNING: CPU: 0 PID: 629 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 75.988633] Modules linked in: [ 75.988888] CPU: 0 PID: 629 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 75.989583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 75.990482] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 75.990914] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 75.992382] RSP: 0018:ffff888023d27b78 EFLAGS: 00010246 [ 75.992805] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 75.993374] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 75.993941] RBP: ffff888023d27b98 R08: ffffed10030a123e R09: ffffed10030a123e [ 75.994523] R10: ffff8880185091ef R11: ffffed10030a123d R12: ffff888018509290 [ 75.995093] R13: ffff8880185090a8 R14: ffffffffffffffff R15: ffff888023d27c60 [ 75.995670] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 75.996307] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.996772] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 75.997351] PKRU: 55555554 [ 75.997576] Call Trace: [ 75.997783] [ 75.997965] iommufd_ioas_destroy+0x53/0x70 [ 75.998320] iommufd_fops_release+0x1f7/0x370 [ 75.998700] ? __pfx_iommufd_fops_release+0x10/0x10 [ 75.999111] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 75.999513] ? write_comp_data+0x2f/0x90 [ 75.999850] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.000259] __fput+0x26d/0xa40 [ 76.000540] ____fput+0x1e/0x30 [ 76.000811] task_work_run+0x1a4/0x2d0 [ 76.001132] ? __pfx_task_work_run+0x10/0x10 [ 76.001496] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.001897] ? switch_task_namespaces+0xa9/0xe0 [ 76.002281] do_exit+0xb17/0x2ef0 [ 76.002577] ? lock_acquire+0x427/0x4c0 [ 76.002911] ? __pfx_lock_release+0x10/0x10 [ 76.003271] ? __kasan_check_write+0x18/0x20 [ 76.003631] ? do_raw_spin_lock+0x132/0x2a0 [ 76.003978] ? __pfx_do_exit+0x10/0x10 [ 76.004299] ? debug_smp_processor_id+0x20/0x30 [ 76.004676] ? rcu_is_watching+0x19/0xb0 [ 76.005002] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.005370] ? trace_hardirqs_on+0x26/0x120 [ 76.005726] do_group_exit+0xe0/0x2b0 [ 76.006035] __x64_sys_exit_group+0x47/0x50 [ 76.006382] do_syscall_64+0x3b/0x90 [ 76.006710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.007138] RIP: 0033:0x7f4b87518a4d [ 76.007440] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.007933] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.008541] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.009107] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.009671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.010240] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.010820] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.011399] [ 76.011586] irq event stamp: 0 [ 76.011841] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.012343] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.013007] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.013671] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.014172] ---[ end trace 0000000000000000 ]--- [ 76.018071] ------------[ cut here ]------------ [ 76.018486] WARNING: CPU: 0 PID: 630 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.019337] Modules linked in: [ 76.019593] CPU: 0 PID: 630 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.020286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.021184] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.021591] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.023137] RSP: 0018:ffff888023d3fbb8 EFLAGS: 00010246 [ 76.023567] RAX: 0000000000000000 RBX: ffff888010ff80a8 RCX: 0000000000000000 [ 76.024137] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 76.024709] RBP: ffff888023d3fbd0 R08: ffffed10021ff033 R09: ffffed10021ff033 [ 76.025280] R10: ffff888010ff8193 R11: ffffed10021ff032 R12: ffff88800fca8000 [ 76.025849] R13: ffff888010ff81e8 R14: ffffffff8352e670 R15: ffff888023d3fe68 [ 76.026428] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.027090] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.027567] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 76.028145] PKRU: 55555554 [ 76.028374] Call Trace: [ 76.028578] [ 76.028765] __iommufd_access_detach+0x1c2/0x2b0 [ 76.029172] iommufd_access_change_pt+0x149/0x270 [ 76.029565] iommufd_access_replace+0xb4/0x120 [ 76.029938] iommufd_test+0x3e5/0x37e0 [ 76.030249] ? lock_release+0x532/0x770 [ 76.030592] ? __might_fault+0x102/0x1b0 [ 76.030927] ? lock_acquire+0x427/0x4c0 [ 76.031256] ? __pfx_iommufd_test+0x10/0x10 [ 76.031602] ? __pfx_lock_release+0x10/0x10 [ 76.031956] ? __pfx_lock_acquire+0x10/0x10 [ 76.032312] ? write_comp_data+0x2f/0x90 [ 76.032646] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.033038] ? write_comp_data+0x2f/0x90 [ 76.033372] iommufd_fops_ioctl+0x37d/0x510 [ 76.033722] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.034117] ? write_comp_data+0x2f/0x90 [ 76.034451] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.034857] __x64_sys_ioctl+0x1a3/0x230 [ 76.035201] do_syscall_64+0x3b/0x90 [ 76.035510] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.035935] RIP: 0033:0x7f4b8743ee5d [ 76.036236] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.037691] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.038296] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.038882] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.039465] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.040034] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.040601] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.041175] [ 76.041361] irq event stamp: 0 [ 76.041615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.042121] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.042804] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.043478] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.043988] ---[ end trace 0000000000000000 ]--- [ 76.046576] ------------[ cut here ]------------ [ 76.046971] WARNING: CPU: 0 PID: 630 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.047782] Modules linked in: [ 76.048041] CPU: 0 PID: 630 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.048731] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.049629] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.050029] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.051504] RSP: 0018:ffff888023d3fbd0 EFLAGS: 00010246 [ 76.051928] RAX: 0000000000000000 RBX: ffff888010ff80a8 RCX: 0000000000000000 [ 76.052495] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 76.053060] RBP: ffff888023d3fbe8 R08: ffffed10021ff033 R09: ffffed10021ff033 [ 76.053624] R10: ffff888010ff8193 R11: ffffed10021ff032 R12: ffff888013e55000 [ 76.054190] R13: ffff888010ff81e8 R14: ffff888010b11800 R15: 0000000000000000 [ 76.054769] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.055425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.055957] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 76.056672] PKRU: 55555554 [ 76.056944] Call Trace: [ 76.057149] [ 76.057391] iommufd_access_destroy_object+0x65/0x170 [ 76.057848] iommufd_object_destroy_user+0x18e/0x220 [ 76.058328] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.058829] iommufd_access_destroy+0x43/0x70 [ 76.059278] iommufd_test_staccess_release+0x8d/0xd0 [ 76.059708] __fput+0x26d/0xa40 [ 76.060038] ____fput+0x1e/0x30 [ 76.060393] task_work_run+0x1a4/0x2d0 [ 76.060730] ? __pfx_task_work_run+0x10/0x10 [ 76.061139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.061623] ? switch_task_namespaces+0xa9/0xe0 [ 76.062024] do_exit+0xb17/0x2ef0 [ 76.062347] ? lock_acquire+0x427/0x4c0 [ 76.062770] ? __pfx_lock_release+0x10/0x10 [ 76.063141] ? __kasan_check_write+0x18/0x20 [ 76.063646] ? do_raw_spin_lock+0x132/0x2a0 [ 76.064008] ? __pfx_do_exit+0x10/0x10 [ 76.064338] ? debug_smp_processor_id+0x20/0x30 [ 76.064724] ? rcu_is_watching+0x19/0xb0 [ 76.065107] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.065584] ? trace_hardirqs_on+0x26/0x120 [ 76.065956] do_group_exit+0xe0/0x2b0 [ 76.066385] __x64_sys_exit_group+0x47/0x50 [ 76.066763] do_syscall_64+0x3b/0x90 [ 76.067079] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.067562] RIP: 0033:0x7f4b87518a4d [ 76.067920] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.068443] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.069158] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.069834] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.070418] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.071115] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.071708] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.072410] [ 76.072606] irq event stamp: 0 [ 76.072875] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.073501] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.074222] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.075011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.075570] ---[ end trace 0000000000000000 ]--- [ 76.076439] ------------[ cut here ]------------ [ 76.076849] WARNING: CPU: 0 PID: 630 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.077809] Modules linked in: [ 76.078119] CPU: 0 PID: 630 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.078961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.080033] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.080492] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.082130] RSP: 0018:ffff888023d3fb78 EFLAGS: 00010246 [ 76.082910] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.083524] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 76.084227] RBP: ffff888023d3fb98 R08: ffffed10021ff03e R09: ffffed10021ff03e [ 76.084832] R10: ffff888010ff81ef R11: ffffed10021ff03d R12: ffff888010ff8290 [ 76.085539] R13: ffff888010ff80a8 R14: ffffffffffffffff R15: ffff888023d3fc60 [ 76.086179] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.086932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.087456] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 76.088127] PKRU: 55555554 [ 76.088368] Call Trace: [ 76.088620] [ 76.088876] iommufd_ioas_destroy+0x53/0x70 [ 76.089253] iommufd_fops_release+0x1f7/0x370 [ 76.089675] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.090162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.090608] ? write_comp_data+0x2f/0x90 [ 76.091045] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.091478] __fput+0x26d/0xa40 [ 76.091783] ____fput+0x1e/0x30 [ 76.092085] task_work_run+0x1a4/0x2d0 [ 76.092527] ? __pfx_task_work_run+0x10/0x10 [ 76.092914] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.093376] ? switch_task_namespaces+0xa9/0xe0 [ 76.093844] do_exit+0xb17/0x2ef0 [ 76.094144] ? lock_acquire+0x427/0x4c0 [ 76.094630] ? __pfx_lock_release+0x10/0x10 [ 76.095004] ? __kasan_check_write+0x18/0x20 [ 76.095399] ? do_raw_spin_lock+0x132/0x2a0 [ 76.095797] ? __pfx_do_exit+0x10/0x10 [ 76.096253] ? debug_smp_processor_id+0x20/0x30 [ 76.096660] ? rcu_is_watching+0x19/0xb0 [ 76.097061] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.097529] ? trace_hardirqs_on+0x26/0x120 [ 76.097907] do_group_exit+0xe0/0x2b0 [ 76.098356] __x64_sys_exit_group+0x47/0x50 [ 76.098749] do_syscall_64+0x3b/0x90 [ 76.099079] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.099561] RIP: 0033:0x7f4b87518a4d [ 76.099974] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.100503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.101269] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.101925] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.102623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.103270] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.103959] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.104679] [ 76.104880] irq event stamp: 0 [ 76.105149] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.105791] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.106538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.107326] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.107865] ---[ end trace 0000000000000000 ]--- [ 76.111763] ------------[ cut here ]------------ [ 76.112193] WARNING: CPU: 0 PID: 631 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.113199] Modules linked in: [ 76.113481] CPU: 0 PID: 631 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.114358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.115516] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.115955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.117546] RSP: 0018:ffff888023d27bb8 EFLAGS: 00010246 [ 76.118009] RAX: 0000000000000000 RBX: ffff88800f1bc8a8 RCX: 0000000000000000 [ 76.118650] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 76.119286] RBP: ffff888023d27bd0 R08: ffffed1001e37933 R09: ffffed1001e37933 [ 76.119910] R10: ffff88800f1bc993 R11: ffffed1001e37932 R12: ffff8880135f0800 [ 76.120532] R13: ffff88800f1bc9e8 R14: ffffffff8352e670 R15: ffff888023d27e68 [ 76.121157] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.121864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.122379] CR2: 00007f4b877410e8 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 76.123024] PKRU: 55555554 [ 76.123285] Call Trace: [ 76.123511] [ 76.123714] __iommufd_access_detach+0x1c2/0x2b0 [ 76.124151] iommufd_access_change_pt+0x149/0x270 [ 76.124586] iommufd_access_replace+0xb4/0x120 [ 76.125003] iommufd_test+0x3e5/0x37e0 [ 76.125348] ? lock_release+0x532/0x770 [ 76.125711] ? __might_fault+0x102/0x1b0 [ 76.126076] ? lock_acquire+0x427/0x4c0 [ 76.126435] ? __pfx_iommufd_test+0x10/0x10 [ 76.126831] ? __pfx_lock_release+0x10/0x10 [ 76.127232] ? __pfx_lock_acquire+0x10/0x10 [ 76.127629] ? write_comp_data+0x2f/0x90 [ 76.128004] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.128444] ? write_comp_data+0x2f/0x90 [ 76.128816] iommufd_fops_ioctl+0x37d/0x510 [ 76.129206] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.129646] ? write_comp_data+0x2f/0x90 [ 76.130019] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.130452] __x64_sys_ioctl+0x1a3/0x230 [ 76.130841] do_syscall_64+0x3b/0x90 [ 76.131197] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.131673] RIP: 0033:0x7f4b8743ee5d [ 76.132006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.133611] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.134268] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.134905] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.135539] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.136164] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.136794] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.137427] [ 76.137636] irq event stamp: 0 [ 76.137917] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.138460] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.139207] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.139930] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.140480] ---[ end trace 0000000000000000 ]--- [ 76.143572] ------------[ cut here ]------------ [ 76.144008] WARNING: CPU: 0 PID: 631 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.144897] Modules linked in: [ 76.145244] CPU: 0 PID: 631 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.146100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.147121] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.147558] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.149285] RSP: 0018:ffff888023d27bd0 EFLAGS: 00010246 [ 76.149741] RAX: 0000000000000000 RBX: ffff88800f1bc8a8 RCX: 0000000000000000 [ 76.150419] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 76.151144] RBP: ffff888023d27be8 R08: ffffed1001e37933 R09: ffffed1001e37933 [ 76.151765] R10: ffff88800f1bc993 R11: ffffed1001e37932 R12: ffff88800fcab000 [ 76.152376] R13: ffff88800f1bc9e8 R14: ffff8880135bec00 R15: 0000000000000000 [ 76.153049] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.153823] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.154320] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 76.154977] PKRU: 55555554 [ 76.155331] Call Trace: [ 76.155552] [ 76.155747] iommufd_access_destroy_object+0x65/0x170 [ 76.156199] iommufd_object_destroy_user+0x18e/0x220 [ 76.156647] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.157161] iommufd_access_destroy+0x43/0x70 [ 76.157559] iommufd_test_staccess_release+0x8d/0xd0 [ 76.158171] __fput+0x26d/0xa40 [ 76.158477] ____fput+0x1e/0x30 [ 76.158795] task_work_run+0x1a4/0x2d0 [ 76.159154] ? __pfx_task_work_run+0x10/0x10 [ 76.159546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.159973] ? switch_task_namespaces+0xa9/0xe0 [ 76.160385] do_exit+0xb17/0x2ef0 [ 76.160688] ? lock_acquire+0x427/0x4c0 [ 76.161042] ? __pfx_lock_release+0x10/0x10 [ 76.161423] ? __kasan_check_write+0x18/0x20 [ 76.161811] ? do_raw_spin_lock+0x132/0x2a0 [ 76.162187] ? __pfx_do_exit+0x10/0x10 [ 76.162558] ? debug_smp_processor_id+0x20/0x30 [ 76.162972] ? rcu_is_watching+0x19/0xb0 [ 76.163338] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.163737] ? trace_hardirqs_on+0x26/0x120 [ 76.164118] do_group_exit+0xe0/0x2b0 [ 76.164450] __x64_sys_exit_group+0x47/0x50 [ 76.164823] do_syscall_64+0x3b/0x90 [ 76.165154] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.165609] RIP: 0033:0x7f4b87518a4d [ 76.165933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.166475] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.167156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.167772] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.168389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.169003] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.169617] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.170241] [ 76.170445] irq event stamp: 0 [ 76.170746] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.171302] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.172022] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.172745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.173293] ---[ end trace 0000000000000000 ]--- [ 76.174024] ------------[ cut here ]------------ [ 76.174432] WARNING: CPU: 0 PID: 631 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.175342] Modules linked in: [ 76.175624] CPU: 0 PID: 631 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.176375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.177348] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.177800] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.179403] RSP: 0018:ffff888023d27b78 EFLAGS: 00010246 [ 76.179868] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.180481] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 76.181101] RBP: ffff888023d27b98 R08: ffffed1001e3793e R09: ffffed1001e3793e [ 76.181718] R10: ffff88800f1bc9ef R11: ffffed1001e3793d R12: ffff88800f1bca90 [ 76.182337] R13: ffff88800f1bc8a8 R14: ffffffffffffffff R15: ffff888023d27c60 [ 76.182973] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.183675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.184179] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 76.184796] PKRU: 55555554 [ 76.185041] Call Trace: [ 76.185264] [ 76.185464] iommufd_ioas_destroy+0x53/0x70 [ 76.185845] iommufd_fops_release+0x1f7/0x370 [ 76.186240] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.186698] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.187140] ? write_comp_data+0x2f/0x90 [ 76.187505] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.187945] __fput+0x26d/0xa40 [ 76.188247] ____fput+0x1e/0x30 [ 76.188542] task_work_run+0x1a4/0x2d0 [ 76.188887] ? __pfx_task_work_run+0x10/0x10 [ 76.189271] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.189693] ? switch_task_namespaces+0xa9/0xe0 [ 76.190102] do_exit+0xb17/0x2ef0 [ 76.190402] ? lock_acquire+0x427/0x4c0 [ 76.190776] ? __pfx_lock_release+0x10/0x10 [ 76.191162] ? __kasan_check_write+0x18/0x20 [ 76.191548] ? do_raw_spin_lock+0x132/0x2a0 [ 76.191918] ? __pfx_do_exit+0x10/0x10 [ 76.192259] ? debug_smp_processor_id+0x20/0x30 [ 76.192664] ? rcu_is_watching+0x19/0xb0 [ 76.193012] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.193405] ? trace_hardirqs_on+0x26/0x120 [ 76.193787] do_group_exit+0xe0/0x2b0 [ 76.194117] __x64_sys_exit_group+0x47/0x50 [ 76.194485] do_syscall_64+0x3b/0x90 [ 76.194853] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.195316] RIP: 0033:0x7f4b87518a4d [ 76.195640] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.196168] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.196813] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.197420] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.198026] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.198670] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.199287] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.199904] [ 76.200106] irq event stamp: 0 [ 76.200379] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.200917] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.201630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.202341] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.202903] ---[ end trace 0000000000000000 ]--- [ 76.206710] ------------[ cut here ]------------ [ 76.207150] WARNING: CPU: 0 PID: 632 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.208006] Modules linked in: [ 76.208281] CPU: 0 PID: 632 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.209013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.209966] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.210387] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.211964] RSP: 0018:ffff888013f37bb8 EFLAGS: 00010246 [ 76.212417] RAX: 0000000000000000 RBX: ffff8880171b90a8 RCX: 0000000000000000 [ 76.213025] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 76.213639] RBP: ffff888013f37bd0 R08: ffffed1002e37233 R09: ffffed1002e37233 [ 76.214248] R10: ffff8880171b9193 R11: ffffed1002e37232 R12: ffff888010b24c00 [ 76.214873] R13: ffff8880171b91e8 R14: ffffffff8352e670 R15: ffff888013f37e68 [ 76.215494] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.216186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.216686] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ef0 [ 76.217298] PKRU: 55555554 [ 76.217539] Call Trace: [ 76.217761] [ 76.217962] __iommufd_access_detach+0x1c2/0x2b0 [ 76.218381] iommufd_access_change_pt+0x149/0x270 [ 76.218842] iommufd_access_replace+0xb4/0x120 [ 76.219253] iommufd_test+0x3e5/0x37e0 [ 76.219593] ? lock_release+0x532/0x770 [ 76.219943] ? __might_fault+0x102/0x1b0 [ 76.220298] ? lock_acquire+0x427/0x4c0 [ 76.220649] ? __pfx_iommufd_test+0x10/0x10 [ 76.221023] ? __pfx_lock_release+0x10/0x10 [ 76.221402] ? __pfx_lock_acquire+0x10/0x10 [ 76.221784] ? write_comp_data+0x2f/0x90 [ 76.222145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.222584] ? write_comp_data+0x2f/0x90 [ 76.222945] iommufd_fops_ioctl+0x37d/0x510 [ 76.223330] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.223757] ? write_comp_data+0x2f/0x90 [ 76.224122] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.224540] __x64_sys_ioctl+0x1a3/0x230 [ 76.224902] do_syscall_64+0x3b/0x90 [ 76.225231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.225684] RIP: 0033:0x7f4b8743ee5d [ 76.226006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.227589] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.228241] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.228850] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.229461] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.230068] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.230697] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.231326] [ 76.231530] irq event stamp: 0 [ 76.231802] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.232341] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.233057] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.233770] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.234303] ---[ end trace 0000000000000000 ]--- [ 76.237010] ------------[ cut here ]------------ [ 76.237437] WARNING: CPU: 0 PID: 632 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.238279] Modules linked in: [ 76.238583] CPU: 0 PID: 632 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.239307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.240241] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.240657] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.242176] RSP: 0018:ffff888013f37bd0 EFLAGS: 00010246 [ 76.242647] RAX: 0000000000000000 RBX: ffff8880171b90a8 RCX: 0000000000000000 [ 76.243246] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 76.243835] RBP: ffff888013f37be8 R08: ffffed1002e37233 R09: ffffed1002e37233 [ 76.244425] R10: ffff8880171b9193 R11: ffffed1002e37232 R12: ffff8880135f2c00 [ 76.245014] R13: ffff8880171b91e8 R14: ffff88800fa33200 R15: 0000000000000000 [ 76.245608] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.246277] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.246779] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 76.247389] PKRU: 55555554 [ 76.247628] Call Trace: [ 76.247842] [ 76.248034] iommufd_access_destroy_object+0x65/0x170 [ 76.248472] iommufd_object_destroy_user+0x18e/0x220 [ 76.248909] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.249400] iommufd_access_destroy+0x43/0x70 [ 76.249788] iommufd_test_staccess_release+0x8d/0xd0 [ 76.250224] __fput+0x26d/0xa40 [ 76.250534] ____fput+0x1e/0x30 [ 76.250819] task_work_run+0x1a4/0x2d0 [ 76.251161] ? __pfx_task_work_run+0x10/0x10 [ 76.251538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.251952] ? switch_task_namespaces+0xa9/0xe0 [ 76.252351] do_exit+0xb17/0x2ef0 [ 76.252644] ? lock_acquire+0x427/0x4c0 [ 76.252988] ? __pfx_lock_release+0x10/0x10 [ 76.253354] ? __kasan_check_write+0x18/0x20 [ 76.253728] ? do_raw_spin_lock+0x132/0x2a0 [ 76.254089] ? __pfx_do_exit+0x10/0x10 [ 76.254425] ? debug_smp_processor_id+0x20/0x30 [ 76.254834] ? rcu_is_watching+0x19/0xb0 [ 76.255186] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.255569] ? trace_hardirqs_on+0x26/0x120 [ 76.255937] do_group_exit+0xe0/0x2b0 [ 76.256261] __x64_sys_exit_group+0x47/0x50 [ 76.256625] do_syscall_64+0x3b/0x90 [ 76.256953] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.257396] RIP: 0033:0x7f4b87518a4d [ 76.257710] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.258226] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.258882] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.259485] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.260091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.260699] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.261303] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.261916] [ 76.262120] irq event stamp: 0 [ 76.262391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.262949] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.263676] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.264386] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.264921] ---[ end trace 0000000000000000 ]--- [ 76.265642] ------------[ cut here ]------------ [ 76.266053] WARNING: CPU: 0 PID: 632 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.266943] Modules linked in: [ 76.267227] CPU: 0 PID: 632 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.267970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.268933] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.269380] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.270956] RSP: 0018:ffff888013f37b78 EFLAGS: 00010246 [ 76.271424] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.272030] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 76.272640] RBP: ffff888013f37b98 R08: ffffed1002e3723e R09: ffffed1002e3723e [ 76.273247] R10: ffff8880171b91ef R11: ffffed1002e3723d R12: ffff8880171b9290 [ 76.273851] R13: ffff8880171b90a8 R14: ffffffffffffffff R15: ffff888013f37c60 [ 76.274460] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 76.275174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.275677] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 76.276285] PKRU: 55555554 [ 76.276527] Call Trace: [ 76.276746] [ 76.276950] iommufd_ioas_destroy+0x53/0x70 [ 76.277324] iommufd_fops_release+0x1f7/0x370 [ 76.277717] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.278150] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.278593] ? write_comp_data+0x2f/0x90 [ 76.278955] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.279391] __fput+0x26d/0xa40 [ 76.279690] ____fput+0x1e/0x30 [ 76.279979] task_work_run+0x1a4/0x2d0 [ 76.280321] ? __pfx_task_work_run+0x10/0x10 [ 76.280707] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.281127] ? switch_task_namespaces+0xa9/0xe0 [ 76.281534] do_exit+0xb17/0x2ef0 [ 76.281832] ? lock_acquire+0x427/0x4c0 [ 76.282188] ? __pfx_lock_release+0x10/0x10 [ 76.282583] ? __kasan_check_write+0x18/0x20 [ 76.282969] ? do_raw_spin_lock+0x132/0x2a0 [ 76.283349] ? __pfx_do_exit+0x10/0x10 [ 76.283693] ? debug_smp_processor_id+0x20/0x30 [ 76.284095] ? rcu_is_watching+0x19/0xb0 [ 76.284442] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.284840] ? trace_hardirqs_on+0x26/0x120 [ 76.285223] do_group_exit+0xe0/0x2b0 [ 76.285557] __x64_sys_exit_group+0x47/0x50 [ 76.285927] do_syscall_64+0x3b/0x90 [ 76.286257] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.286723] RIP: 0033:0x7f4b87518a4d [ 76.287046] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.287584] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.288230] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.288838] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.289444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.290056] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.290686] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.291314] [ 76.291515] irq event stamp: 0 [ 76.291790] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.292334] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.293069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.293799] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.294353] ---[ end trace 0000000000000000 ]--- [ 76.299673] ------------[ cut here ]------------ [ 76.300234] WARNING: CPU: 1 PID: 633 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.301332] Modules linked in: [ 76.301690] CPU: 1 PID: 633 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.303066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.304314] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.304869] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.306880] RSP: 0018:ffff88800f49fbb8 EFLAGS: 00010246 [ 76.307486] RAX: 0000000000000000 RBX: ffff888023cfa8a8 RCX: 0000000000000000 [ 76.308266] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 76.309047] RBP: ffff88800f49fbd0 R08: ffffed100479f533 R09: ffffed100479f533 [ 76.309829] R10: ffff888023cfa993 R11: ffffed100479f532 R12: ffff8880129c7800 [ 76.310653] R13: ffff888023cfa9e8 R14: ffffffff8352e670 R15: ffff88800f49fe68 [ 76.311452] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.312331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.312970] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ee0 [ 76.313752] PKRU: 55555554 [ 76.314071] Call Trace: [ 76.314358] [ 76.314656] __iommufd_access_detach+0x1c2/0x2b0 [ 76.315221] iommufd_access_change_pt+0x149/0x270 [ 76.315774] iommufd_access_replace+0xb4/0x120 [ 76.316599] iommufd_test+0x3e5/0x37e0 [ 76.317045] ? lock_release+0x532/0x770 [ 76.317557] ? __might_fault+0x102/0x1b0 [ 76.318052] ? lock_acquire+0x427/0x4c0 [ 76.318564] ? __pfx_iommufd_test+0x10/0x10 [ 76.319054] ? __pfx_lock_release+0x10/0x10 [ 76.319635] ? __pfx_lock_acquire+0x10/0x10 [ 76.320131] ? write_comp_data+0x2f/0x90 [ 76.320611] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.321211] ? write_comp_data+0x2f/0x90 [ 76.321677] iommufd_fops_ioctl+0x37d/0x510 [ 76.322214] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.322874] ? write_comp_data+0x2f/0x90 [ 76.323379] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.323927] __x64_sys_ioctl+0x1a3/0x230 [ 76.324431] do_syscall_64+0x3b/0x90 [ 76.324914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.325505] RIP: 0033:0x7f4b8743ee5d [ 76.325953] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.328164] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.329013] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.329861] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.330695] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.331517] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.332367] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.333222] [ 76.333531] irq event stamp: 0 [ 76.333888] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.334673] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.335738] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.336802] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.337604] ---[ end trace 0000000000000000 ]--- [ 76.342380] ------------[ cut here ]------------ [ 76.343437] WARNING: CPU: 1 PID: 633 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.344635] Modules linked in: [ 76.345127] CPU: 1 PID: 633 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.346141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.347691] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.347956] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 76.348314] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.350081] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 76.352249] RSP: 0018:ffff88800f49fbd0 EFLAGS: 00010246 [ 76.354117] RAX: 0000000000000000 RBX: ffff888023cfa8a8 RCX: 0000000000000000 [ 76.354993] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 76.355853] RBP: ffff88800f49fbe8 R08: ffffed100479f533 R09: ffffed100479f533 [ 76.356702] R10: ffff888023cfa993 R11: ffffed100479f532 R12: ffff888021bb2000 [ 76.357552] R13: ffff888023cfa9e8 R14: ffff88801022f300 R15: 0000000000000000 [ 76.358619] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.359598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.360437] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.361283] PKRU: 55555554 [ 76.361625] Call Trace: [ 76.361935] [ 76.362213] iommufd_access_destroy_object+0x65/0x170 [ 76.362874] iommufd_object_destroy_user+0x18e/0x220 [ 76.363513] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.364370] iommufd_access_destroy+0x43/0x70 [ 76.364929] iommufd_test_staccess_release+0x8d/0xd0 [ 76.365554] __fput+0x26d/0xa40 [ 76.365977] ____fput+0x1e/0x30 [ 76.366389] task_work_run+0x1a4/0x2d0 [ 76.366931] ? __pfx_task_work_run+0x10/0x10 [ 76.367571] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.368169] ? switch_task_namespaces+0xa9/0xe0 [ 76.368750] do_exit+0xb17/0x2ef0 [ 76.369176] ? lock_acquire+0x427/0x4c0 [ 76.369695] ? __pfx_lock_release+0x10/0x10 [ 76.370321] ? __kasan_check_write+0x18/0x20 [ 76.370898] ? do_raw_spin_lock+0x132/0x2a0 [ 76.371440] ? __pfx_do_exit+0x10/0x10 [ 76.371925] ? debug_smp_processor_id+0x20/0x30 [ 76.372554] ? rcu_is_watching+0x19/0xb0 [ 76.373103] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.373661] ? trace_hardirqs_on+0x26/0x120 [ 76.374194] do_group_exit+0xe0/0x2b0 [ 76.374706] __x64_sys_exit_group+0x47/0x50 [ 76.375256] do_syscall_64+0x3b/0x90 [ 76.375735] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.376427] RIP: 0033:0x7f4b87518a4d [ 76.377004] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.377764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.378744] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.379641] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.380688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.381558] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.382424] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.383393] [ 76.383699] irq event stamp: 0 [ 76.384099] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.384876] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.386116] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.387240] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.388126] ---[ end trace 0000000000000000 ]--- [ 76.389740] ------------[ cut here ]------------ [ 76.390364] WARNING: CPU: 1 PID: 633 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.392041] Modules linked in: [ 76.392465] CPU: 1 PID: 633 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.393772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.395249] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.395912] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.398457] RSP: 0018:ffff88800f49fb78 EFLAGS: 00010246 [ 76.399256] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.400193] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 76.401172] RBP: ffff88800f49fb98 R08: ffffed100479f53e R09: ffffed100479f53e [ 76.402243] R10: ffff888023cfa9ef R11: ffffed100479f53d R12: ffff888023cfaa90 [ 76.403266] R13: ffff888023cfa8a8 R14: ffffffffffffffff R15: ffff88800f49fc60 [ 76.404214] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.405269] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.406028] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.407018] PKRU: 55555554 [ 76.407422] Call Trace: [ 76.407769] [ 76.408079] iommufd_ioas_destroy+0x53/0x70 [ 76.408879] iommufd_fops_release+0x1f7/0x370 [ 76.409493] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.410166] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.410887] ? write_comp_data+0x2f/0x90 [ 76.411472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.412139] __fput+0x26d/0xa40 [ 76.412602] ____fput+0x1e/0x30 [ 76.413057] task_work_run+0x1a4/0x2d0 [ 76.413588] ? __pfx_task_work_run+0x10/0x10 [ 76.414184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.414892] ? switch_task_namespaces+0xa9/0xe0 [ 76.415554] do_exit+0xb17/0x2ef0 [ 76.416027] ? lock_acquire+0x427/0x4c0 [ 76.416569] ? __pfx_lock_release+0x10/0x10 [ 76.417153] ? __kasan_check_write+0x18/0x20 [ 76.417741] ? do_raw_spin_lock+0x132/0x2a0 [ 76.418315] ? __pfx_do_exit+0x10/0x10 [ 76.418900] ? debug_smp_processor_id+0x20/0x30 [ 76.419546] ? rcu_is_watching+0x19/0xb0 [ 76.420300] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.420912] ? trace_hardirqs_on+0x26/0x120 [ 76.421495] do_group_exit+0xe0/0x2b0 [ 76.422044] __x64_sys_exit_group+0x47/0x50 [ 76.422797] do_syscall_64+0x3b/0x90 [ 76.423342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.424039] RIP: 0033:0x7f4b87518a4d [ 76.424536] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.425347] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.426432] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.427575] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.428515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.429450] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.430507] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.431553] [ 76.431872] irq event stamp: 0 [ 76.432291] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.433120] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.434218] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.435392] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.436234] ---[ end trace 0000000000000000 ]--- [ 76.442929] ------------[ cut here ]------------ [ 76.443638] WARNING: CPU: 1 PID: 635 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.445175] Modules linked in: [ 76.445607] CPU: 1 PID: 635 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.446918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.448523] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.449192] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.451934] RSP: 0018:ffff8880146cfbb8 EFLAGS: 00010246 [ 76.452752] RAX: 0000000000000000 RBX: ffff8880186038a8 RCX: 0000000000000000 [ 76.453685] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 76.454879] RBP: ffff8880146cfbd0 R08: ffffed10030c0733 R09: ffffed10030c0733 [ 76.455842] R10: ffff888018603993 R11: ffffed10030c0732 R12: ffff888014392c00 [ 76.456892] R13: ffff8880186039e8 R14: ffffffff8352e670 R15: ffff8880146cfe68 [ 76.457915] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.459138] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.460019] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 76.460962] PKRU: 55555554 [ 76.461341] Call Trace: [ 76.461687] [ 76.461995] __iommufd_access_detach+0x1c2/0x2b0 [ 76.462708] iommufd_access_change_pt+0x149/0x270 [ 76.463395] iommufd_access_replace+0xb4/0x120 [ 76.464029] iommufd_test+0x3e5/0x37e0 [ 76.464552] ? lock_release+0x532/0x770 [ 76.465097] ? __might_fault+0x102/0x1b0 [ 76.465649] ? lock_acquire+0x427/0x4c0 [ 76.466198] ? __pfx_iommufd_test+0x10/0x10 [ 76.466821] ? __pfx_lock_release+0x10/0x10 [ 76.467426] ? __pfx_lock_acquire+0x10/0x10 [ 76.468018] ? write_comp_data+0x2f/0x90 [ 76.468576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.469237] ? write_comp_data+0x2f/0x90 [ 76.469799] iommufd_fops_ioctl+0x37d/0x510 [ 76.470384] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.471096] ? write_comp_data+0x2f/0x90 [ 76.471684] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.472338] __x64_sys_ioctl+0x1a3/0x230 [ 76.472903] do_syscall_64+0x3b/0x90 [ 76.473416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.474118] RIP: 0033:0x7f4b8743ee5d [ 76.474691] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.477102] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.478110] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.479124] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.480074] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.481013] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.481951] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.482960] [ 76.483301] irq event stamp: 0 [ 76.483727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.484562] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.485664] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.486806] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.487657] ---[ end trace 0000000000000000 ]--- [ 76.492635] ------------[ cut here ]------------ [ 76.493304] WARNING: CPU: 1 PID: 635 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.494741] Modules linked in: [ 76.495201] CPU: 1 PID: 635 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.496340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.497816] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.498481] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.500953] RSP: 0018:ffff8880146cfbd0 EFLAGS: 00010246 [ 76.501666] RAX: 0000000000000000 RBX: ffff8880186038a8 RCX: 0000000000000000 [ 76.502658] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 76.503626] RBP: ffff8880146cfbe8 R08: ffffed10030c0733 R09: ffffed10030c0733 [ 76.504564] R10: ffff888018603993 R11: ffffed10030c0732 R12: ffff8880129c4000 [ 76.505502] R13: ffff8880186039e8 R14: ffff888013d1d000 R15: 0000000000000000 [ 76.506472] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.507601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.508375] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.509318] PKRU: 55555554 [ 76.509698] Call Trace: [ 76.510043] [ 76.510356] iommufd_access_destroy_object+0x65/0x170 [ 76.511104] iommufd_object_destroy_user+0x18e/0x220 [ 76.511814] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.512591] iommufd_access_destroy+0x43/0x70 [ 76.513205] iommufd_test_staccess_release+0x8d/0xd0 [ 76.513896] __fput+0x26d/0xa40 [ 76.514366] ____fput+0x1e/0x30 [ 76.514879] task_work_run+0x1a4/0x2d0 [ 76.515435] ? __pfx_task_work_run+0x10/0x10 [ 76.516036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.516700] ? switch_task_namespaces+0xa9/0xe0 [ 76.517342] do_exit+0xb17/0x2ef0 [ 76.517811] ? lock_acquire+0x427/0x4c0 [ 76.518360] ? __pfx_lock_release+0x10/0x10 [ 76.519006] ? __kasan_check_write+0x18/0x20 [ 76.519626] ? do_raw_spin_lock+0x132/0x2a0 [ 76.520211] ? __pfx_do_exit+0x10/0x10 [ 76.520747] ? debug_smp_processor_id+0x20/0x30 [ 76.521376] ? rcu_is_watching+0x19/0xb0 [ 76.521925] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.522596] ? trace_hardirqs_on+0x26/0x120 [ 76.523208] do_group_exit+0xe0/0x2b0 [ 76.523725] __x64_sys_exit_group+0x47/0x50 [ 76.524300] do_syscall_64+0x3b/0x90 [ 76.524818] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.525521] RIP: 0033:0x7f4b87518a4d [ 76.526018] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.526884] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.527905] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.528845] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.529785] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.530784] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.531747] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.532699] [ 76.533012] irq event stamp: 0 [ 76.533434] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.534265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.535537] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.536409] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.537163] ---[ end trace 0000000000000000 ]--- [ 76.538434] ------------[ cut here ]------------ [ 76.539150] WARNING: CPU: 1 PID: 635 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.540450] Modules linked in: [ 76.540867] CPU: 1 PID: 635 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.541956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.543617] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.544300] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.546599] RSP: 0018:ffff8880146cfb78 EFLAGS: 00010246 [ 76.547279] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.548126] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 76.548963] RBP: ffff8880146cfb98 R08: ffffed10030c073e R09: ffffed10030c073e [ 76.549816] R10: ffff8880186039ef R11: ffffed10030c073d R12: ffff888018603a90 [ 76.550720] R13: ffff8880186038a8 R14: ffffffffffffffff R15: ffff8880146cfc60 [ 76.551597] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.552555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.553247] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.554111] PKRU: 55555554 [ 76.554452] Call Trace: [ 76.554805] [ 76.555089] iommufd_ioas_destroy+0x53/0x70 [ 76.555643] iommufd_fops_release+0x1f7/0x370 [ 76.556193] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.556795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.557387] ? write_comp_data+0x2f/0x90 [ 76.557891] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.558499] __fput+0x26d/0xa40 [ 76.558973] ____fput+0x1e/0x30 [ 76.559403] task_work_run+0x1a4/0x2d0 [ 76.559875] ? __pfx_task_work_run+0x10/0x10 [ 76.560400] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.560976] ? switch_task_namespaces+0xa9/0xe0 [ 76.561544] do_exit+0xb17/0x2ef0 [ 76.561959] ? lock_acquire+0x427/0x4c0 [ 76.562439] ? __pfx_lock_release+0x10/0x10 [ 76.563001] ? __kasan_check_write+0x18/0x20 [ 76.563549] ? do_raw_spin_lock+0x132/0x2a0 [ 76.564063] ? __pfx_do_exit+0x10/0x10 [ 76.564527] ? debug_smp_processor_id+0x20/0x30 [ 76.565096] ? rcu_is_watching+0x19/0xb0 [ 76.565581] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.566123] ? trace_hardirqs_on+0x26/0x120 [ 76.566686] do_group_exit+0xe0/0x2b0 [ 76.567158] __x64_sys_exit_group+0x47/0x50 [ 76.567647] do_syscall_64+0x3b/0x90 [ 76.568080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.568675] RIP: 0033:0x7f4b87518a4d [ 76.569094] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.569779] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.570674] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.571475] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.572275] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.573075] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.573875] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.574730] [ 76.575004] irq event stamp: 0 [ 76.575379] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.576095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.577255] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.578183] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.579063] ---[ end trace 0000000000000000 ]--- [ 76.585478] ------------[ cut here ]------------ [ 76.586211] WARNING: CPU: 1 PID: 636 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.587448] Modules linked in: [ 76.587820] CPU: 1 PID: 636 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.588930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.590315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.590931] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.593092] RSP: 0018:ffff88800f49fbb8 EFLAGS: 00010246 [ 76.593780] RAX: 0000000000000000 RBX: ffff888023c050a8 RCX: 0000000000000000 [ 76.594661] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 76.595743] RBP: ffff88800f49fbd0 R08: ffffed1004780a33 R09: ffffed1004780a33 [ 76.596431] R10: ffff888023c05193 R11: ffffed1004780a32 R12: ffff88801226fc00 [ 76.597059] R13: ffff888023c051e8 R14: ffffffff8352e670 R15: ffff88800f49fe68 [ 76.597912] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.598657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.599191] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 76.599930] PKRU: 55555554 [ 76.600175] Call Trace: [ 76.600396] [ 76.600592] __iommufd_access_detach+0x1c2/0x2b0 [ 76.601034] iommufd_access_change_pt+0x149/0x270 [ 76.601590] iommufd_access_replace+0xb4/0x120 [ 76.601995] iommufd_test+0x3e5/0x37e0 [ 76.602332] ? lock_release+0x532/0x770 [ 76.602708] ? __might_fault+0x102/0x1b0 [ 76.603102] ? lock_acquire+0x427/0x4c0 [ 76.603555] ? __pfx_iommufd_test+0x10/0x10 [ 76.603935] ? __pfx_lock_release+0x10/0x10 [ 76.604321] ? __pfx_lock_acquire+0x10/0x10 [ 76.604712] ? write_comp_data+0x2f/0x90 [ 76.605084] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.605516] ? write_comp_data+0x2f/0x90 [ 76.605881] iommufd_fops_ioctl+0x37d/0x510 [ 76.606266] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.606713] ? write_comp_data+0x2f/0x90 [ 76.607076] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.607516] __x64_sys_ioctl+0x1a3/0x230 [ 76.607889] do_syscall_64+0x3b/0x90 [ 76.608282] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.608828] RIP: 0033:0x7f4b8743ee5d [ 76.609163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.610914] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.611597] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.612349] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.612969] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.613632] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.614329] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.614991] [ 76.615209] irq event stamp: 0 [ 76.615485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.616033] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.616760] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.617486] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.618032] ---[ end trace 0000000000000000 ]--- [ 76.621094] ------------[ cut here ]------------ [ 76.621489] WARNING: CPU: 1 PID: 636 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.622301] Modules linked in: [ 76.622602] CPU: 1 PID: 636 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.623305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.624197] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.624594] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.626085] RSP: 0018:ffff88800f49fbd0 EFLAGS: 00010246 [ 76.626533] RAX: 0000000000000000 RBX: ffff888023c050a8 RCX: 0000000000000000 [ 76.627104] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 76.627675] RBP: ffff88800f49fbe8 R08: ffffed1004780a33 R09: ffffed1004780a33 [ 76.628243] R10: ffff888023c05193 R11: ffffed1004780a32 R12: ffff888014392400 [ 76.628808] R13: ffff888023c051e8 R14: ffff888020985800 R15: 0000000000000000 [ 76.629385] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.630026] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.630491] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.631087] PKRU: 55555554 [ 76.631328] Call Trace: [ 76.631536] [ 76.631718] iommufd_access_destroy_object+0x65/0x170 [ 76.632139] iommufd_object_destroy_user+0x18e/0x220 [ 76.632558] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.633027] iommufd_access_destroy+0x43/0x70 [ 76.633396] iommufd_test_staccess_release+0x8d/0xd0 [ 76.633813] __fput+0x26d/0xa40 [ 76.634091] ____fput+0x1e/0x30 [ 76.634366] task_work_run+0x1a4/0x2d0 [ 76.634707] ? __pfx_task_work_run+0x10/0x10 [ 76.635076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.635485] ? switch_task_namespaces+0xa9/0xe0 [ 76.635883] do_exit+0xb17/0x2ef0 [ 76.636165] ? lock_acquire+0x427/0x4c0 [ 76.636498] ? __pfx_lock_release+0x10/0x10 [ 76.636856] ? __kasan_check_write+0x18/0x20 [ 76.637216] ? do_raw_spin_lock+0x132/0x2a0 [ 76.637563] ? __pfx_do_exit+0x10/0x10 [ 76.637889] ? debug_smp_processor_id+0x20/0x30 [ 76.638271] ? rcu_is_watching+0x19/0xb0 [ 76.638624] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.639002] ? trace_hardirqs_on+0x26/0x120 [ 76.639371] do_group_exit+0xe0/0x2b0 [ 76.639683] __x64_sys_exit_group+0x47/0x50 [ 76.640028] do_syscall_64+0x3b/0x90 [ 76.640336] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.640762] RIP: 0033:0x7f4b87518a4d [ 76.641066] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.641563] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.642173] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.642775] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.643368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.643939] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.644510] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.645091] [ 76.645283] irq event stamp: 0 [ 76.645536] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.646039] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.646729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.647415] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.647923] ---[ end trace 0000000000000000 ]--- [ 76.648641] ------------[ cut here ]------------ [ 76.649018] WARNING: CPU: 1 PID: 636 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.649827] Modules linked in: [ 76.650090] CPU: 1 PID: 636 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.650794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.651683] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.652089] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.653503] RSP: 0018:ffff88800f49fb78 EFLAGS: 00010246 [ 76.653916] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.654463] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 76.655034] RBP: ffff88800f49fb98 R08: ffffed1004780a3e R09: ffffed1004780a3e [ 76.655594] R10: ffff888023c051ef R11: ffffed1004780a3d R12: ffff888023c05290 [ 76.656149] R13: ffff888023c050a8 R14: ffffffffffffffff R15: ffff88800f49fc60 [ 76.656699] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.657304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.657747] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.658292] PKRU: 55555554 [ 76.658529] Call Trace: [ 76.658726] [ 76.658901] iommufd_ioas_destroy+0x53/0x70 [ 76.659245] iommufd_fops_release+0x1f7/0x370 [ 76.659595] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.659984] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.660369] ? write_comp_data+0x2f/0x90 [ 76.660689] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.661077] __fput+0x26d/0xa40 [ 76.661345] ____fput+0x1e/0x30 [ 76.661608] task_work_run+0x1a4/0x2d0 [ 76.661916] ? __pfx_task_work_run+0x10/0x10 [ 76.662261] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.662659] ? switch_task_namespaces+0xa9/0xe0 [ 76.663029] do_exit+0xb17/0x2ef0 [ 76.663307] ? lock_acquire+0x427/0x4c0 [ 76.663620] ? __pfx_lock_release+0x10/0x10 [ 76.663974] ? __kasan_check_write+0x18/0x20 [ 76.664317] ? do_raw_spin_lock+0x132/0x2a0 [ 76.664649] ? __pfx_do_exit+0x10/0x10 [ 76.664955] ? debug_smp_processor_id+0x20/0x30 [ 76.665315] ? rcu_is_watching+0x19/0xb0 [ 76.665626] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.665977] ? trace_hardirqs_on+0x26/0x120 [ 76.666318] do_group_exit+0xe0/0x2b0 [ 76.666632] __x64_sys_exit_group+0x47/0x50 [ 76.666964] do_syscall_64+0x3b/0x90 [ 76.667270] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.667673] RIP: 0033:0x7f4b87518a4d [ 76.667960] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.668429] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.669008] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.669549] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.670092] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.670653] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.671206] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.671752] [ 76.671930] irq event stamp: 0 [ 76.672170] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.672654] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.673276] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.673888] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.674352] ---[ end trace 0000000000000000 ]--- [ 76.677980] ------------[ cut here ]------------ [ 76.678363] WARNING: CPU: 1 PID: 637 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.679166] Modules linked in: [ 76.679411] CPU: 1 PID: 637 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.680057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.680887] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.681257] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.682619] RSP: 0018:ffff88800ea77bb8 EFLAGS: 00010246 [ 76.683013] RAX: 0000000000000000 RBX: ffff8880139590a8 RCX: 0000000000000000 [ 76.683555] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 76.684083] RBP: ffff88800ea77bd0 R08: ffffed100272b233 R09: ffffed100272b233 [ 76.684612] R10: ffff888013959193 R11: ffffed100272b232 R12: ffff888021bb0800 [ 76.685137] R13: ffff8880139591e8 R14: ffffffff8352e670 R15: ffff88800ea77e68 [ 76.685654] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.686238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.686676] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 76.687211] PKRU: 55555554 [ 76.687421] Call Trace: [ 76.687609] [ 76.687776] __iommufd_access_detach+0x1c2/0x2b0 [ 76.688138] iommufd_access_change_pt+0x149/0x270 [ 76.688504] iommufd_access_replace+0xb4/0x120 [ 76.688852] iommufd_test+0x3e5/0x37e0 [ 76.689140] ? lock_release+0x532/0x770 [ 76.689446] ? __might_fault+0x102/0x1b0 [ 76.689755] ? lock_acquire+0x427/0x4c0 [ 76.690058] ? __pfx_iommufd_test+0x10/0x10 [ 76.690375] ? __pfx_lock_release+0x10/0x10 [ 76.690726] ? __pfx_lock_acquire+0x10/0x10 [ 76.691055] ? write_comp_data+0x2f/0x90 [ 76.691372] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.691733] ? write_comp_data+0x2f/0x90 [ 76.692039] iommufd_fops_ioctl+0x37d/0x510 [ 76.692367] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.692741] ? write_comp_data+0x2f/0x90 [ 76.693056] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.693414] __x64_sys_ioctl+0x1a3/0x230 [ 76.693722] do_syscall_64+0x3b/0x90 [ 76.694005] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.694392] RIP: 0033:0x7f4b8743ee5d [ 76.694685] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.696028] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.696591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.697111] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.697637] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.698154] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.698692] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.699237] [ 76.699413] irq event stamp: 0 [ 76.699652] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.700111] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.700721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.701335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.701799] ---[ end trace 0000000000000000 ]--- [ 76.704418] ------------[ cut here ]------------ [ 76.704778] WARNING: CPU: 1 PID: 637 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.705511] Modules linked in: [ 76.705751] CPU: 1 PID: 637 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.706377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.707228] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.707595] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.708941] RSP: 0018:ffff88800ea77bd0 EFLAGS: 00010246 [ 76.709329] RAX: 0000000000000000 RBX: ffff8880139590a8 RCX: 0000000000000000 [ 76.709845] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 76.710365] RBP: ffff88800ea77be8 R08: ffffed100272b233 R09: ffffed100272b233 [ 76.710911] R10: ffff888013959193 R11: ffffed100272b232 R12: ffff88801226f800 [ 76.711450] R13: ffff8880139591e8 R14: ffff88802098b800 R15: 0000000000000000 [ 76.711971] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.712558] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.712987] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.713509] PKRU: 55555554 [ 76.713723] Call Trace: [ 76.713914] [ 76.714083] iommufd_access_destroy_object+0x65/0x170 [ 76.714474] iommufd_object_destroy_user+0x18e/0x220 [ 76.714880] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.715322] iommufd_access_destroy+0x43/0x70 [ 76.715665] iommufd_test_staccess_release+0x8d/0xd0 [ 76.716058] __fput+0x26d/0xa40 [ 76.716318] ____fput+0x1e/0x30 [ 76.716568] task_work_run+0x1a4/0x2d0 [ 76.716872] ? __pfx_task_work_run+0x10/0x10 [ 76.717202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.717567] ? switch_task_namespaces+0xa9/0xe0 [ 76.717924] do_exit+0xb17/0x2ef0 [ 76.718183] ? lock_acquire+0x427/0x4c0 [ 76.718485] ? __pfx_lock_release+0x10/0x10 [ 76.718849] ? __kasan_check_write+0x18/0x20 [ 76.719190] ? do_raw_spin_lock+0x132/0x2a0 [ 76.719514] ? __pfx_do_exit+0x10/0x10 [ 76.719807] ? debug_smp_processor_id+0x20/0x30 [ 76.720156] ? rcu_is_watching+0x19/0xb0 [ 76.720460] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.720799] ? trace_hardirqs_on+0x26/0x120 [ 76.721126] do_group_exit+0xe0/0x2b0 [ 76.721408] __x64_sys_exit_group+0x47/0x50 [ 76.721727] do_syscall_64+0x3b/0x90 [ 76.722013] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.722404] RIP: 0033:0x7f4b87518a4d [ 76.722700] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.723161] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.723717] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.724237] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.724758] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.725274] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.725800] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.726327] [ 76.726498] irq event stamp: 0 [ 76.726758] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.727240] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.727863] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.728477] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.728941] ---[ end trace 0000000000000000 ]--- [ 76.729594] ------------[ cut here ]------------ [ 76.729943] WARNING: CPU: 1 PID: 637 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.730704] Modules linked in: [ 76.730948] CPU: 1 PID: 637 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.731592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.732413] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.732793] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.734114] RSP: 0018:ffff88800ea77b78 EFLAGS: 00010246 [ 76.734524] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.735043] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 76.735572] RBP: ffff88800ea77b98 R08: ffffed100272b23e R09: ffffed100272b23e [ 76.736095] R10: ffff8880139591ef R11: ffffed100272b23d R12: ffff888013959290 [ 76.736613] R13: ffff8880139590a8 R14: ffffffffffffffff R15: ffff88800ea77c60 [ 76.737133] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.737723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.738151] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.738694] PKRU: 55555554 [ 76.738910] Call Trace: [ 76.739098] [ 76.739273] iommufd_ioas_destroy+0x53/0x70 [ 76.739595] iommufd_fops_release+0x1f7/0x370 [ 76.739943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.740314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.740679] ? write_comp_data+0x2f/0x90 [ 76.740987] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.741354] __fput+0x26d/0xa40 [ 76.741610] ____fput+0x1e/0x30 [ 76.741866] task_work_run+0x1a4/0x2d0 [ 76.742162] ? __pfx_task_work_run+0x10/0x10 [ 76.742494] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.742889] ? switch_task_namespaces+0xa9/0xe0 [ 76.743265] do_exit+0xb17/0x2ef0 [ 76.743533] ? lock_acquire+0x427/0x4c0 [ 76.743841] ? __pfx_lock_release+0x10/0x10 [ 76.744173] ? __kasan_check_write+0x18/0x20 [ 76.744509] ? do_raw_spin_lock+0x132/0x2a0 [ 76.744833] ? __pfx_do_exit+0x10/0x10 [ 76.745129] ? debug_smp_processor_id+0x20/0x30 [ 76.745474] ? rcu_is_watching+0x19/0xb0 [ 76.745778] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.746120] ? trace_hardirqs_on+0x26/0x120 [ 76.746446] do_group_exit+0xe0/0x2b0 [ 76.746750] __x64_sys_exit_group+0x47/0x50 [ 76.747071] do_syscall_64+0x3b/0x90 [ 76.747365] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.747754] RIP: 0033:0x7f4b87518a4d [ 76.748029] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.748478] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.749035] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.749559] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.750086] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.750633] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.751162] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.751694] [ 76.751868] irq event stamp: 0 [ 76.752100] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.752558] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.753167] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.753775] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.754235] ---[ end trace 0000000000000000 ]--- [ 76.758265] ------------[ cut here ]------------ [ 76.758693] WARNING: CPU: 1 PID: 638 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.759450] Modules linked in: [ 76.759687] CPU: 1 PID: 638 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.760313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.761128] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.761490] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.763014] RSP: 0018:ffff888010337bb8 EFLAGS: 00010246 [ 76.763423] RAX: 0000000000000000 RBX: ffff888020abe8a8 RCX: 0000000000000000 [ 76.763943] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 76.764460] RBP: ffff888010337bd0 R08: ffffed1004157d33 R09: ffffed1004157d33 [ 76.764980] R10: ffff888020abe993 R11: ffffed1004157d32 R12: ffff888013b17400 [ 76.765497] R13: ffff888020abe9e8 R14: ffffffff8352e670 R15: ffff888010337e68 [ 76.766014] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.766617] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.767051] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 76.767581] PKRU: 55555554 [ 76.767793] Call Trace: [ 76.767983] [ 76.768151] __iommufd_access_detach+0x1c2/0x2b0 [ 76.768514] iommufd_access_change_pt+0x149/0x270 [ 76.768888] iommufd_access_replace+0xb4/0x120 [ 76.769243] iommufd_test+0x3e5/0x37e0 [ 76.769538] ? lock_release+0x532/0x770 [ 76.769848] ? __might_fault+0x102/0x1b0 [ 76.770161] ? lock_acquire+0x427/0x4c0 [ 76.770469] ? __pfx_iommufd_test+0x10/0x10 [ 76.770817] ? __pfx_lock_release+0x10/0x10 [ 76.771162] ? __pfx_lock_acquire+0x10/0x10 [ 76.771497] ? write_comp_data+0x2f/0x90 [ 76.771815] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.772188] ? write_comp_data+0x2f/0x90 [ 76.772506] iommufd_fops_ioctl+0x37d/0x510 [ 76.772834] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.773210] ? write_comp_data+0x2f/0x90 [ 76.773528] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.773892] __x64_sys_ioctl+0x1a3/0x230 [ 76.774205] do_syscall_64+0x3b/0x90 [ 76.774498] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.774926] RIP: 0033:0x7f4b8743ee5d [ 76.775216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.776566] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.777133] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.777661] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.778189] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.778738] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.779278] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.779818] [ 76.779997] irq event stamp: 0 [ 76.780233] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.780707] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.781329] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.781950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.782419] ---[ end trace 0000000000000000 ]--- [ 76.785105] ------------[ cut here ]------------ [ 76.785486] WARNING: CPU: 1 PID: 638 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.786233] Modules linked in: [ 76.786473] CPU: 1 PID: 638 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.787155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.787988] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.788359] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.789705] RSP: 0018:ffff888010337bd0 EFLAGS: 00010246 [ 76.790099] RAX: 0000000000000000 RBX: ffff888020abe8a8 RCX: 0000000000000000 [ 76.790640] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 76.791176] RBP: ffff888010337be8 R08: ffffed1004157d33 R09: ffffed1004157d33 [ 76.791702] R10: ffff888020abe993 R11: ffffed1004157d32 R12: ffff888021bb2c00 [ 76.792227] R13: ffff888020abe9e8 R14: ffff888020a7d400 R15: 0000000000000000 [ 76.792762] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.793358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.793787] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.794313] PKRU: 55555554 [ 76.794537] Call Trace: [ 76.794729] [ 76.794899] iommufd_access_destroy_object+0x65/0x170 [ 76.795293] iommufd_object_destroy_user+0x18e/0x220 [ 76.795681] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.796124] iommufd_access_destroy+0x43/0x70 [ 76.796473] iommufd_test_staccess_release+0x8d/0xd0 [ 76.796863] __fput+0x26d/0xa40 [ 76.797125] ____fput+0x1e/0x30 [ 76.797381] task_work_run+0x1a4/0x2d0 [ 76.797680] ? __pfx_task_work_run+0x10/0x10 [ 76.798020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.798391] ? switch_task_namespaces+0xa9/0xe0 [ 76.798773] do_exit+0xb17/0x2ef0 [ 76.799042] ? lock_acquire+0x427/0x4c0 [ 76.799371] ? __pfx_lock_release+0x10/0x10 [ 76.799708] ? __kasan_check_write+0x18/0x20 [ 76.800050] ? do_raw_spin_lock+0x132/0x2a0 [ 76.800380] ? __pfx_do_exit+0x10/0x10 [ 76.800683] ? debug_smp_processor_id+0x20/0x30 [ 76.801034] ? rcu_is_watching+0x19/0xb0 [ 76.801341] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.801690] ? trace_hardirqs_on+0x26/0x120 [ 76.802020] do_group_exit+0xe0/0x2b0 [ 76.802306] __x64_sys_exit_group+0x47/0x50 [ 76.802659] do_syscall_64+0x3b/0x90 [ 76.802951] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.803355] RIP: 0033:0x7f4b87518a4d [ 76.803635] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.804092] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.804661] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.805191] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.805723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.806251] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.806799] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.807345] [ 76.807522] irq event stamp: 0 [ 76.807758] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.808223] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.808841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.809463] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.809933] ---[ end trace 0000000000000000 ]--- [ 76.810633] ------------[ cut here ]------------ [ 76.810993] WARNING: CPU: 1 PID: 638 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.811756] Modules linked in: [ 76.811999] CPU: 1 PID: 638 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.812644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.813479] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.813868] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.815472] RSP: 0018:ffff888010337b78 EFLAGS: 00010246 [ 76.815883] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.816413] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 76.816944] RBP: ffff888010337b98 R08: ffffed1004157d3e R09: ffffed1004157d3e [ 76.817473] R10: ffff888020abe9ef R11: ffffed1004157d3d R12: ffff888020abea90 [ 76.817999] R13: ffff888020abe8a8 R14: ffffffffffffffff R15: ffff888010337c60 [ 76.818550] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.819164] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.819597] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.820126] PKRU: 55555554 [ 76.820338] Call Trace: [ 76.820531] [ 76.820702] iommufd_ioas_destroy+0x53/0x70 [ 76.821033] iommufd_fops_release+0x1f7/0x370 [ 76.821377] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.821751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.822122] ? write_comp_data+0x2f/0x90 [ 76.822435] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.822843] __fput+0x26d/0xa40 [ 76.823113] ____fput+0x1e/0x30 [ 76.823373] task_work_run+0x1a4/0x2d0 [ 76.823676] ? __pfx_task_work_run+0x10/0x10 [ 76.824009] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.824379] ? switch_task_namespaces+0xa9/0xe0 [ 76.824741] do_exit+0xb17/0x2ef0 [ 76.825002] ? lock_acquire+0x427/0x4c0 [ 76.825308] ? __pfx_lock_release+0x10/0x10 [ 76.825638] ? __kasan_check_write+0x18/0x20 [ 76.825974] ? do_raw_spin_lock+0x132/0x2a0 [ 76.826300] ? __pfx_do_exit+0x10/0x10 [ 76.826626] ? debug_smp_processor_id+0x20/0x30 [ 76.826981] ? rcu_is_watching+0x19/0xb0 [ 76.827301] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.827654] ? trace_hardirqs_on+0x26/0x120 [ 76.827991] do_group_exit+0xe0/0x2b0 [ 76.828282] __x64_sys_exit_group+0x47/0x50 [ 76.828604] do_syscall_64+0x3b/0x90 [ 76.828895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.829292] RIP: 0033:0x7f4b87518a4d [ 76.829576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.830038] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.830626] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.831168] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.831702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.832232] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.832761] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.833304] [ 76.833479] irq event stamp: 0 [ 76.833716] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.834185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.834839] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.835479] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.835960] ---[ end trace 0000000000000000 ]--- [ 76.839711] ------------[ cut here ]------------ [ 76.840080] WARNING: CPU: 1 PID: 639 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.840824] Modules linked in: [ 76.841063] CPU: 1 PID: 639 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.841699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.842706] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.843076] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.844433] RSP: 0018:ffff88800fc87bb8 EFLAGS: 00010246 [ 76.844827] RAX: 0000000000000000 RBX: ffff888023c428a8 RCX: 0000000000000000 [ 76.845358] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 76.845887] RBP: ffff88800fc87bd0 R08: ffffed1004788533 R09: ffffed1004788533 [ 76.846414] R10: ffff888023c42993 R11: ffffed1004788532 R12: ffff8880179a7000 [ 76.846961] R13: ffff888023c429e8 R14: ffffffff8352e670 R15: ffff88800fc87e68 [ 76.847512] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.848110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.848550] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 76.849081] PKRU: 55555554 [ 76.849292] Call Trace: [ 76.849482] [ 76.849653] __iommufd_access_detach+0x1c2/0x2b0 [ 76.850019] iommufd_access_change_pt+0x149/0x270 [ 76.850388] iommufd_access_replace+0xb4/0x120 [ 76.850759] iommufd_test+0x3e5/0x37e0 [ 76.851054] ? lock_release+0x532/0x770 [ 76.851372] ? __might_fault+0x102/0x1b0 [ 76.851683] ? lock_acquire+0x427/0x4c0 [ 76.851988] ? __pfx_iommufd_test+0x10/0x10 [ 76.852311] ? __pfx_lock_release+0x10/0x10 [ 76.852640] ? __pfx_lock_acquire+0x10/0x10 [ 76.852970] ? write_comp_data+0x2f/0x90 [ 76.853281] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.853646] ? write_comp_data+0x2f/0x90 [ 76.853957] iommufd_fops_ioctl+0x37d/0x510 [ 76.854283] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.854669] ? write_comp_data+0x2f/0x90 [ 76.854987] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.855362] __x64_sys_ioctl+0x1a3/0x230 [ 76.855678] do_syscall_64+0x3b/0x90 [ 76.855964] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.856357] RIP: 0033:0x7f4b8743ee5d [ 76.856635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.857974] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.858557] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.859084] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.859643] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.860177] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.860697] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.861229] [ 76.861403] irq event stamp: 0 [ 76.861635] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.862098] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.862735] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.863356] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.863827] ---[ end trace 0000000000000000 ]--- [ 76.866470] ------------[ cut here ]------------ [ 76.866965] WARNING: CPU: 1 PID: 639 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.867726] Modules linked in: [ 76.867966] CPU: 1 PID: 639 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.868600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.869565] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.869938] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.871294] RSP: 0018:ffff88800fc87bd0 EFLAGS: 00010246 [ 76.871761] RAX: 0000000000000000 RBX: ffff888023c428a8 RCX: 0000000000000000 [ 76.872282] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 76.872797] RBP: ffff88800fc87be8 R08: ffffed1004788533 R09: ffffed1004788533 [ 76.873316] R10: ffff888023c42993 R11: ffffed1004788532 R12: ffff888013b15000 [ 76.873835] R13: ffff888023c429e8 R14: ffff88802082c100 R15: 0000000000000000 [ 76.874355] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.875059] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.875498] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.876036] PKRU: 55555554 [ 76.876253] Call Trace: [ 76.876451] [ 76.876623] iommufd_access_destroy_object+0x65/0x170 [ 76.877009] iommufd_object_destroy_user+0x18e/0x220 [ 76.877393] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.877932] iommufd_access_destroy+0x43/0x70 [ 76.878275] iommufd_test_staccess_release+0x8d/0xd0 [ 76.878693] __fput+0x26d/0xa40 [ 76.878955] ____fput+0x1e/0x30 [ 76.879223] task_work_run+0x1a4/0x2d0 [ 76.879522] ? __pfx_task_work_run+0x10/0x10 [ 76.879854] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.880218] ? switch_task_namespaces+0xa9/0xe0 [ 76.880576] do_exit+0xb17/0x2ef0 [ 76.880901] ? lock_acquire+0x427/0x4c0 [ 76.881255] ? __pfx_lock_release+0x10/0x10 [ 76.881580] ? __kasan_check_write+0x18/0x20 [ 76.881912] ? do_raw_spin_lock+0x132/0x2a0 [ 76.882234] ? __pfx_do_exit+0x10/0x10 [ 76.882573] ? debug_smp_processor_id+0x20/0x30 [ 76.882937] ? rcu_is_watching+0x19/0xb0 [ 76.883269] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.883625] ? trace_hardirqs_on+0x26/0x120 [ 76.884035] do_group_exit+0xe0/0x2b0 [ 76.884369] __x64_sys_exit_group+0x47/0x50 [ 76.884703] do_syscall_64+0x3b/0x90 [ 76.884999] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.885405] RIP: 0033:0x7f4b87518a4d [ 76.885694] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.886206] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.886873] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.887419] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.887954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.888487] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.889033] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.889721] [ 76.889905] irq event stamp: 0 [ 76.890149] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.890655] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.891305] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.891947] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.892539] ---[ end trace 0000000000000000 ]--- [ 76.893233] ------------[ cut here ]------------ [ 76.893590] WARNING: CPU: 1 PID: 639 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.894349] Modules linked in: [ 76.894651] CPU: 1 PID: 639 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.895358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.896201] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.896589] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.898084] RSP: 0018:ffff88800fc87b78 EFLAGS: 00010246 [ 76.898493] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.899057] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 76.899608] RBP: ffff88800fc87b98 R08: ffffed100478853e R09: ffffed100478853e [ 76.900151] R10: ffff888023c429ef R11: ffffed100478853d R12: ffff888023c42a90 [ 76.900811] R13: ffff888023c428a8 R14: ffffffffffffffff R15: ffff88800fc87c60 [ 76.901345] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.901950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.902388] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.903027] PKRU: 55555554 [ 76.903300] Call Trace: [ 76.903500] [ 76.903674] iommufd_ioas_destroy+0x53/0x70 [ 76.904007] iommufd_fops_release+0x1f7/0x370 [ 76.904353] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.904737] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.905110] ? write_comp_data+0x2f/0x90 [ 76.905428] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.905842] __fput+0x26d/0xa40 [ 76.906191] ____fput+0x1e/0x30 [ 76.906457] task_work_run+0x1a4/0x2d0 [ 76.906788] ? __pfx_task_work_run+0x10/0x10 [ 76.907141] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.907523] ? switch_task_namespaces+0xa9/0xe0 [ 76.907894] do_exit+0xb17/0x2ef0 [ 76.908162] ? lock_acquire+0x427/0x4c0 [ 76.908478] ? __pfx_lock_release+0x10/0x10 [ 76.908843] ? __kasan_check_write+0x18/0x20 [ 76.909277] ? do_raw_spin_lock+0x132/0x2a0 [ 76.909607] ? __pfx_do_exit+0x10/0x10 [ 76.909916] ? debug_smp_processor_id+0x20/0x30 [ 76.910272] ? rcu_is_watching+0x19/0xb0 [ 76.910605] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.910957] ? trace_hardirqs_on+0x26/0x120 [ 76.911309] do_group_exit+0xe0/0x2b0 [ 76.911608] __x64_sys_exit_group+0x47/0x50 [ 76.911943] do_syscall_64+0x3b/0x90 [ 76.912295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.912718] RIP: 0033:0x7f4b87518a4d [ 76.913006] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.913476] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.914056] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.914663] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.915282] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.915828] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.916371] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.916929] [ 76.917109] irq event stamp: 0 [ 76.917351] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.917897] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.918583] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.919234] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.919714] ---[ end trace 0000000000000000 ]--- [ 76.924954] ------------[ cut here ]------------ [ 76.925339] WARNING: CPU: 1 PID: 640 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.926109] Modules linked in: [ 76.926417] CPU: 1 PID: 640 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.927185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.928041] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.928417] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.929904] RSP: 0018:ffff88801603fbb8 EFLAGS: 00010246 [ 76.930305] RAX: 0000000000000000 RBX: ffff888023cd58a8 RCX: 0000000000000000 [ 76.930860] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 76.931413] RBP: ffff88801603fbd0 R08: ffffed100479ab33 R09: ffffed100479ab33 [ 76.931948] R10: ffff888023cd5993 R11: ffffed100479ab32 R12: ffff888018af2000 [ 76.932596] R13: ffff888023cd59e8 R14: ffffffff8352e670 R15: ffff88801603fe68 [ 76.933135] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.933744] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.934189] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 76.934873] PKRU: 55555554 [ 76.935088] Call Trace: [ 76.935287] [ 76.935474] __iommufd_access_detach+0x1c2/0x2b0 [ 76.935849] iommufd_access_change_pt+0x149/0x270 [ 76.936225] iommufd_access_replace+0xb4/0x120 [ 76.936581] iommufd_test+0x3e5/0x37e0 [ 76.936879] ? lock_release+0x532/0x770 [ 76.937199] ? __might_fault+0x102/0x1b0 [ 76.937605] ? lock_acquire+0x427/0x4c0 [ 76.937974] ? __pfx_iommufd_test+0x10/0x10 [ 76.938312] ? __pfx_lock_release+0x10/0x10 [ 76.938677] ? __pfx_lock_acquire+0x10/0x10 [ 76.939021] ? write_comp_data+0x2f/0x90 [ 76.939364] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.939747] ? write_comp_data+0x2f/0x90 [ 76.940073] iommufd_fops_ioctl+0x37d/0x510 [ 76.940418] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.940834] ? write_comp_data+0x2f/0x90 [ 76.941258] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 76.941642] __x64_sys_ioctl+0x1a3/0x230 [ 76.941969] do_syscall_64+0x3b/0x90 [ 76.942270] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.942714] RIP: 0033:0x7f4b8743ee5d [ 76.943003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 76.944598] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 76.945203] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 76.945763] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 76.946322] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 76.947047] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 76.947626] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 76.948205] [ 76.948394] irq event stamp: 0 [ 76.948647] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.949143] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.949947] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.950628] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.951134] ---[ end trace 0000000000000000 ]--- [ 76.953883] ------------[ cut here ]------------ [ 76.954286] WARNING: CPU: 1 PID: 640 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 76.955118] Modules linked in: [ 76.955378] CPU: 1 PID: 640 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.956193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.957085] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 76.957490] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 76.959105] RSP: 0018:ffff88801603fbd0 EFLAGS: 00010246 [ 76.959534] RAX: 0000000000000000 RBX: ffff888023cd58a8 RCX: 0000000000000000 [ 76.960092] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 76.960648] RBP: ffff88801603fbe8 R08: ffffed100479ab33 R09: ffffed100479ab33 [ 76.961282] R10: ffff888023cd5993 R11: ffffed100479ab32 R12: ffff8880179a5c00 [ 76.961902] R13: ffff888023cd59e8 R14: ffff888014b9e600 R15: 0000000000000000 [ 76.962471] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.963136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.963597] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.964238] PKRU: 55555554 [ 76.964532] Call Trace: [ 76.964737] [ 76.964918] iommufd_access_destroy_object+0x65/0x170 [ 76.965331] iommufd_object_destroy_user+0x18e/0x220 [ 76.965741] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 76.966206] iommufd_access_destroy+0x43/0x70 [ 76.966593] iommufd_test_staccess_release+0x8d/0xd0 [ 76.967134] __fput+0x26d/0xa40 [ 76.967414] ____fput+0x1e/0x30 [ 76.967687] task_work_run+0x1a4/0x2d0 [ 76.968006] ? __pfx_task_work_run+0x10/0x10 [ 76.968365] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.968764] ? switch_task_namespaces+0xa9/0xe0 [ 76.969144] do_exit+0xb17/0x2ef0 [ 76.969420] ? lock_acquire+0x427/0x4c0 [ 76.969749] ? __pfx_lock_release+0x10/0x10 [ 76.970103] ? __kasan_check_write+0x18/0x20 [ 76.970599] ? do_raw_spin_lock+0x132/0x2a0 [ 76.970953] ? __pfx_do_exit+0x10/0x10 [ 76.971289] ? debug_smp_processor_id+0x20/0x30 [ 76.971665] ? rcu_is_watching+0x19/0xb0 [ 76.971992] ? _raw_spin_unlock_irq+0x2b/0x60 [ 76.972356] ? trace_hardirqs_on+0x26/0x120 [ 76.972709] do_group_exit+0xe0/0x2b0 [ 76.973020] __x64_sys_exit_group+0x47/0x50 [ 76.973446] do_syscall_64+0x3b/0x90 [ 76.973818] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 76.974243] RIP: 0033:0x7f4b87518a4d [ 76.974569] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 76.975060] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 76.975671] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 76.976231] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 76.976922] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 76.977484] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 76.978047] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 76.978645] [ 76.978831] irq event stamp: 0 [ 76.979082] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 76.979685] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 76.980412] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 76.981070] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 76.981568] ---[ end trace 0000000000000000 ]--- [ 76.982266] ------------[ cut here ]------------ [ 76.982723] WARNING: CPU: 1 PID: 640 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 76.983550] Modules linked in: [ 76.983807] CPU: 1 PID: 640 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 76.984489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 76.985520] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 76.985940] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 76.987414] RSP: 0018:ffff88801603fb78 EFLAGS: 00010246 [ 76.987957] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.988524] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 76.989092] RBP: ffff88801603fb98 R08: ffffed100479ab3e R09: ffffed100479ab3e [ 76.989657] R10: ffff888023cd59ef R11: ffffed100479ab3d R12: ffff888023cd5a90 [ 76.990219] R13: ffff888023cd58a8 R14: ffffffffffffffff R15: ffff88801603fc60 [ 76.990916] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 76.991564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.992033] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 76.992603] PKRU: 55555554 [ 76.992833] Call Trace: [ 76.993038] [ 76.993221] iommufd_ioas_destroy+0x53/0x70 [ 76.993649] iommufd_fops_release+0x1f7/0x370 [ 76.994076] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.994484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.994913] ? write_comp_data+0x2f/0x90 [ 76.995263] ? __pfx_iommufd_fops_release+0x10/0x10 [ 76.995665] __fput+0x26d/0xa40 [ 76.995947] ____fput+0x1e/0x30 [ 76.996216] task_work_run+0x1a4/0x2d0 [ 76.996536] ? __pfx_task_work_run+0x10/0x10 [ 76.996975] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 76.997422] ? switch_task_namespaces+0xa9/0xe0 [ 76.997804] do_exit+0xb17/0x2ef0 [ 76.998080] ? lock_acquire+0x427/0x4c0 [ 76.998406] ? __pfx_lock_release+0x10/0x10 [ 76.998784] ? __kasan_check_write+0x18/0x20 [ 76.999160] ? do_raw_spin_lock+0x132/0x2a0 [ 76.999508] ? __pfx_do_exit+0x10/0x10 [ 76.999827] ? debug_smp_processor_id+0x20/0x30 [ 77.000289] ? rcu_is_watching+0x19/0xb0 [ 77.000675] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.001044] ? trace_hardirqs_on+0x26/0x120 [ 77.001397] do_group_exit+0xe0/0x2b0 [ 77.001703] __x64_sys_exit_group+0x47/0x50 [ 77.002047] do_syscall_64+0x3b/0x90 [ 77.002354] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.002928] RIP: 0033:0x7f4b87518a4d [ 77.003245] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.003749] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.004355] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.004919] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.005479] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.006183] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.006775] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.007368] [ 77.007559] irq event stamp: 0 [ 77.007814] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.008323] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.009128] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.009797] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.010293] ---[ end trace 0000000000000000 ]--- [ 77.013981] ------------[ cut here ]------------ [ 77.014561] WARNING: CPU: 1 PID: 641 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.015374] Modules linked in: [ 77.015630] CPU: 1 PID: 641 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.016309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.017339] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.017740] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.019228] RSP: 0018:ffff888021abfbb8 EFLAGS: 00010246 [ 77.019787] RAX: 0000000000000000 RBX: ffff888010b7c0a8 RCX: 0000000000000000 [ 77.020376] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 77.020968] RBP: ffff888021abfbd0 R08: ffffed100216f833 R09: ffffed100216f833 [ 77.021549] R10: ffff888010b7c193 R11: ffffed100216f832 R12: ffff888021bc5400 [ 77.022147] R13: ffff888010b7c1e8 R14: ffffffff8352e670 R15: ffff888021abfe68 [ 77.022889] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.023561] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.024041] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 77.024630] PKRU: 55555554 [ 77.024868] Call Trace: [ 77.025082] [ 77.025288] __iommufd_access_detach+0x1c2/0x2b0 [ 77.025819] iommufd_access_change_pt+0x149/0x270 [ 77.026235] iommufd_access_replace+0xb4/0x120 [ 77.026654] iommufd_test+0x3e5/0x37e0 [ 77.026983] ? lock_release+0x532/0x770 [ 77.027357] ? __might_fault+0x102/0x1b0 [ 77.027709] ? lock_acquire+0x427/0x4c0 [ 77.028055] ? __pfx_iommufd_test+0x10/0x10 [ 77.028418] ? __pfx_lock_release+0x10/0x10 [ 77.028943] ? __pfx_lock_acquire+0x10/0x10 [ 77.029319] ? write_comp_data+0x2f/0x90 [ 77.029666] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.030072] ? write_comp_data+0x2f/0x90 [ 77.030419] iommufd_fops_ioctl+0x37d/0x510 [ 77.030845] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.031278] ? write_comp_data+0x2f/0x90 [ 77.031652] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.032200] __x64_sys_ioctl+0x1a3/0x230 [ 77.032549] do_syscall_64+0x3b/0x90 [ 77.032867] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.033298] RIP: 0033:0x7f4b8743ee5d [ 77.033604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.035299] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.035929] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.036512] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.037095] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.037833] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.038428] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.039045] [ 77.039250] irq event stamp: 0 [ 77.039510] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.040025] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.040855] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.041544] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.042065] ---[ end trace 0000000000000000 ]--- [ 77.045071] ------------[ cut here ]------------ [ 77.045540] WARNING: CPU: 1 PID: 641 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.046600] Modules linked in: [ 77.046870] CPU: 1 PID: 641 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.047592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.048520] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.048958] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.050716] RSP: 0018:ffff888021abfbd0 EFLAGS: 00010246 [ 77.051164] RAX: 0000000000000000 RBX: ffff888010b7c0a8 RCX: 0000000000000000 [ 77.051748] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 77.052367] RBP: ffff888021abfbe8 R08: ffffed100216f833 R09: ffffed100216f833 [ 77.053116] R10: ffff888010b7c193 R11: ffffed100216f832 R12: ffff888018af3800 [ 77.053697] R13: ffff888010b7c1e8 R14: ffff8880149baf00 R15: 0000000000000000 [ 77.054280] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.055025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.055621] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 77.056209] PKRU: 55555554 [ 77.056443] Call Trace: [ 77.056656] [ 77.056843] iommufd_access_destroy_object+0x65/0x170 [ 77.057276] iommufd_object_destroy_user+0x18e/0x220 [ 77.057701] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.058264] iommufd_access_destroy+0x43/0x70 [ 77.058733] iommufd_test_staccess_release+0x8d/0xd0 [ 77.059170] __fput+0x26d/0xa40 [ 77.059457] ____fput+0x1e/0x30 [ 77.059741] task_work_run+0x1a4/0x2d0 [ 77.060081] ? __pfx_task_work_run+0x10/0x10 [ 77.060457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.060879] ? switch_task_namespaces+0xa9/0xe0 [ 77.061374] do_exit+0xb17/0x2ef0 [ 77.061714] ? lock_acquire+0x427/0x4c0 [ 77.062060] ? __pfx_lock_release+0x10/0x10 [ 77.062430] ? __kasan_check_write+0x18/0x20 [ 77.062826] ? do_raw_spin_lock+0x132/0x2a0 [ 77.063202] ? __pfx_do_exit+0x10/0x10 [ 77.063539] ? debug_smp_processor_id+0x20/0x30 [ 77.063942] ? rcu_is_watching+0x19/0xb0 [ 77.064292] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.064802] ? trace_hardirqs_on+0x26/0x120 [ 77.065262] do_group_exit+0xe0/0x2b0 [ 77.065588] __x64_sys_exit_group+0x47/0x50 [ 77.065953] do_syscall_64+0x3b/0x90 [ 77.066276] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.066745] RIP: 0033:0x7f4b87518a4d [ 77.067066] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.067592] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.068326] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.068994] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.069591] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.070183] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.070971] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.071577] [ 77.071777] irq event stamp: 0 [ 77.072042] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.072567] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.073252] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.074110] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.074660] ---[ end trace 0000000000000000 ]--- [ 77.075583] ------------[ cut here ]------------ [ 77.075988] WARNING: CPU: 1 PID: 641 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.076981] Modules linked in: [ 77.077269] CPU: 1 PID: 641 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.077980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.078970] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.079404] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.081076] RSP: 0018:ffff888021abfb78 EFLAGS: 00010246 [ 77.081518] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.082119] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 77.082890] RBP: ffff888021abfb98 R08: ffffed100216f83e R09: ffffed100216f83e [ 77.083497] R10: ffff888010b7c1ef R11: ffffed100216f83d R12: ffff888010b7c290 [ 77.084092] R13: ffff888010b7c0a8 R14: ffffffffffffffff R15: ffff888021abfc60 [ 77.084686] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.085480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.086041] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 77.086659] PKRU: 55555554 [ 77.086898] Call Trace: [ 77.087125] [ 77.087316] iommufd_ioas_destroy+0x53/0x70 [ 77.087681] iommufd_fops_release+0x1f7/0x370 [ 77.088058] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.088612] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.089032] ? write_comp_data+0x2f/0x90 [ 77.089386] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.089806] __fput+0x26d/0xa40 [ 77.090098] ____fput+0x1e/0x30 [ 77.090380] task_work_run+0x1a4/0x2d0 [ 77.090747] ? __pfx_task_work_run+0x10/0x10 [ 77.091285] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.091702] ? switch_task_namespaces+0xa9/0xe0 [ 77.092105] do_exit+0xb17/0x2ef0 [ 77.092399] ? lock_acquire+0x427/0x4c0 [ 77.092747] ? __pfx_lock_release+0x10/0x10 [ 77.093118] ? __kasan_check_write+0x18/0x20 [ 77.093489] ? do_raw_spin_lock+0x132/0x2a0 [ 77.093849] ? __pfx_do_exit+0x10/0x10 [ 77.094263] ? debug_smp_processor_id+0x20/0x30 [ 77.094749] ? rcu_is_watching+0x19/0xb0 [ 77.095099] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.095504] ? trace_hardirqs_on+0x26/0x120 [ 77.095882] do_group_exit+0xe0/0x2b0 [ 77.096218] __x64_sys_exit_group+0x47/0x50 [ 77.096667] do_syscall_64+0x3b/0x90 [ 77.097045] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.097490] RIP: 0033:0x7f4b87518a4d [ 77.097802] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.098455] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.099127] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.099729] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.100437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.101045] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.101763] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.102359] [ 77.102579] irq event stamp: 0 [ 77.102848] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.103512] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.104214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.105042] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.105571] ---[ end trace 0000000000000000 ]--- [ 77.110480] ------------[ cut here ]------------ [ 77.111025] WARNING: CPU: 0 PID: 642 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.112056] Modules linked in: [ 77.112328] CPU: 0 PID: 642 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.113143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.114170] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.114711] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.116361] RSP: 0018:ffff88801603fbb8 EFLAGS: 00010246 [ 77.117228] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 77.118368] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 77.119305] RBP: ffff88801603fbd0 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 77.120360] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff88801341dc00 [ 77.121503] R13: ffff88801587a9e8 R14: ffffffff8352e670 R15: ffff88801603fe68 [ 77.122383] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.123636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.124530] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 77.125420] PKRU: 55555554 [ 77.125928] Call Trace: [ 77.126242] [ 77.126557] __iommufd_access_detach+0x1c2/0x2b0 [ 77.127381] iommufd_access_change_pt+0x149/0x270 [ 77.127981] iommufd_access_replace+0xb4/0x120 [ 77.128619] iommufd_test+0x3e5/0x37e0 [ 77.129249] ? lock_release+0x532/0x770 [ 77.129791] ? __might_fault+0x102/0x1b0 [ 77.130463] ? lock_acquire+0x427/0x4c0 [ 77.130997] ? __pfx_iommufd_test+0x10/0x10 [ 77.131532] ? __pfx_lock_release+0x10/0x10 [ 77.132073] ? __pfx_lock_acquire+0x10/0x10 [ 77.132613] ? write_comp_data+0x2f/0x90 [ 77.133116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.133703] ? write_comp_data+0x2f/0x90 [ 77.134201] iommufd_fops_ioctl+0x37d/0x510 [ 77.134761] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.135371] ? write_comp_data+0x2f/0x90 [ 77.135871] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.136450] __x64_sys_ioctl+0x1a3/0x230 [ 77.136951] do_syscall_64+0x3b/0x90 [ 77.137409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.138031] RIP: 0033:0x7f4b8743ee5d [ 77.138477] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.140642] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.141522] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.142315] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.143142] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.143886] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.144529] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.145172] [ 77.145381] irq event stamp: 0 [ 77.145665] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.146231] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.147006] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.147766] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.148325] ---[ end trace 0000000000000000 ]--- [ 77.151244] ------------[ cut here ]------------ [ 77.151696] WARNING: CPU: 0 PID: 642 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.152581] Modules linked in: [ 77.152867] CPU: 0 PID: 642 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.153632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.154655] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.155101] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.156718] RSP: 0018:ffff88801603fbd0 EFLAGS: 00010246 [ 77.157178] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 77.157795] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 77.158407] RBP: ffff88801603fbe8 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 77.159048] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff888010b26400 [ 77.159671] R13: ffff88801587a9e8 R14: ffff88800f108800 R15: 0000000000000000 [ 77.160287] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.160981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.161484] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.162104] PKRU: 55555554 [ 77.162350] Call Trace: [ 77.162626] [ 77.162826] iommufd_access_destroy_object+0x65/0x170 [ 77.163303] iommufd_object_destroy_user+0x18e/0x220 [ 77.163756] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.164268] iommufd_access_destroy+0x43/0x70 [ 77.164670] iommufd_test_staccess_release+0x8d/0xd0 [ 77.165123] __fput+0x26d/0xa40 [ 77.165430] ____fput+0x1e/0x30 [ 77.165728] task_work_run+0x1a4/0x2d0 [ 77.166099] ? __pfx_task_work_run+0x10/0x10 [ 77.166489] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.166944] ? switch_task_namespaces+0xa9/0xe0 [ 77.167371] do_exit+0xb17/0x2ef0 [ 77.167677] ? lock_acquire+0x427/0x4c0 [ 77.168037] ? __pfx_lock_release+0x10/0x10 [ 77.168426] ? __kasan_check_write+0x18/0x20 [ 77.168814] ? do_raw_spin_lock+0x132/0x2a0 [ 77.169204] ? __pfx_do_exit+0x10/0x10 [ 77.169560] ? debug_smp_processor_id+0x20/0x30 [ 77.169982] ? rcu_is_watching+0x19/0xb0 [ 77.170358] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.170798] ? trace_hardirqs_on+0x26/0x120 [ 77.171199] do_group_exit+0xe0/0x2b0 [ 77.171542] __x64_sys_exit_group+0x47/0x50 [ 77.171925] do_syscall_64+0x3b/0x90 [ 77.172263] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.172737] RIP: 0033:0x7f4b87518a4d [ 77.173068] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.173610] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.174284] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.174938] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.175582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.176202] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.176825] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.177457] [ 77.177665] irq event stamp: 0 [ 77.177943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.178493] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.179261] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.179992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.180548] ---[ end trace 0000000000000000 ]--- [ 77.181328] ------------[ cut here ]------------ [ 77.181747] WARNING: CPU: 0 PID: 642 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.182667] Modules linked in: [ 77.182953] CPU: 0 PID: 642 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.183724] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.184709] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.185161] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.186924] RSP: 0018:ffff88801603fb78 EFLAGS: 00010246 [ 77.187425] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.188076] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 77.188723] RBP: ffff88801603fb98 R08: ffffed1002b0f53e R09: ffffed1002b0f53e [ 77.189374] R10: ffff88801587a9ef R11: ffffed1002b0f53d R12: ffff88801587aa90 [ 77.190027] R13: ffff88801587a8a8 R14: ffffffffffffffff R15: ffff88801603fc60 [ 77.190697] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.191447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.191974] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.192619] PKRU: 55555554 [ 77.192883] Call Trace: [ 77.193118] [ 77.193325] iommufd_ioas_destroy+0x53/0x70 [ 77.193737] iommufd_fops_release+0x1f7/0x370 [ 77.194158] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.194638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.195091] ? write_comp_data+0x2f/0x90 [ 77.195486] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.195949] __fput+0x26d/0xa40 [ 77.196270] ____fput+0x1e/0x30 [ 77.196584] task_work_run+0x1a4/0x2d0 [ 77.196952] ? __pfx_task_work_run+0x10/0x10 [ 77.197365] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.197833] ? switch_task_namespaces+0xa9/0xe0 [ 77.198286] do_exit+0xb17/0x2ef0 [ 77.198639] ? lock_acquire+0x427/0x4c0 [ 77.199021] ? __pfx_lock_release+0x10/0x10 [ 77.199431] ? __kasan_check_write+0x18/0x20 [ 77.199845] ? do_raw_spin_lock+0x132/0x2a0 [ 77.200243] ? __pfx_do_exit+0x10/0x10 [ 77.200612] ? debug_smp_processor_id+0x20/0x30 [ 77.201048] ? rcu_is_watching+0x19/0xb0 [ 77.201426] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.201852] ? trace_hardirqs_on+0x26/0x120 [ 77.202261] do_group_exit+0xe0/0x2b0 [ 77.202642] __x64_sys_exit_group+0x47/0x50 [ 77.203047] do_syscall_64+0x3b/0x90 [ 77.203422] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.203917] RIP: 0033:0x7f4b87518a4d [ 77.204266] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.204851] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.205560] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.206235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.206935] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.207634] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.208318] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.209009] [ 77.209236] irq event stamp: 0 [ 77.209539] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.210138] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.210960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.211772] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.212373] ---[ end trace 0000000000000000 ]--- [ 77.217460] ------------[ cut here ]------------ [ 77.217979] WARNING: CPU: 0 PID: 643 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.219004] Modules linked in: [ 77.219334] CPU: 0 PID: 643 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.220165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.221240] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.221714] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.223492] RSP: 0018:ffff888023eb7bb8 EFLAGS: 00010246 [ 77.224014] RAX: 0000000000000000 RBX: ffff8880189210a8 RCX: 0000000000000000 [ 77.224707] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 77.225388] RBP: ffff888023eb7bd0 R08: ffffed1003124233 R09: ffffed1003124233 [ 77.226067] R10: ffff888018921193 R11: ffffed1003124232 R12: ffff88801361a400 [ 77.226780] R13: ffff8880189211e8 R14: ffffffff8352e670 R15: ffff888023eb7e68 [ 77.227478] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.228243] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.228794] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 77.229473] PKRU: 55555554 [ 77.229751] Call Trace: [ 77.230007] [ 77.230231] __iommufd_access_detach+0x1c2/0x2b0 [ 77.230753] iommufd_access_change_pt+0x149/0x270 [ 77.231285] iommufd_access_replace+0xb4/0x120 [ 77.231769] iommufd_test+0x3e5/0x37e0 [ 77.232166] ? lock_release+0x532/0x770 [ 77.232570] ? __might_fault+0x102/0x1b0 [ 77.232982] ? lock_acquire+0x427/0x4c0 [ 77.233395] ? __pfx_iommufd_test+0x10/0x10 [ 77.233822] ? __pfx_lock_release+0x10/0x10 [ 77.234258] ? __pfx_lock_acquire+0x10/0x10 [ 77.234736] ? write_comp_data+0x2f/0x90 [ 77.235173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.235663] ? write_comp_data+0x2f/0x90 [ 77.236090] iommufd_fops_ioctl+0x37d/0x510 [ 77.236535] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.237035] ? write_comp_data+0x2f/0x90 [ 77.237454] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.237951] __x64_sys_ioctl+0x1a3/0x230 [ 77.238374] do_syscall_64+0x3b/0x90 [ 77.238785] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.239323] RIP: 0033:0x7f4b8743ee5d [ 77.239702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.241517] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.242275] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.243027] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.243758] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.244468] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.245214] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.245923] [ 77.246157] irq event stamp: 0 [ 77.246472] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.247134] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.247969] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.248815] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.249454] ---[ end trace 0000000000000000 ]--- [ 77.252596] ------------[ cut here ]------------ [ 77.253123] WARNING: CPU: 0 PID: 643 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.254136] Modules linked in: [ 77.254464] CPU: 0 PID: 643 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.255415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.256565] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.257070] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.258944] RSP: 0018:ffff888023eb7bd0 EFLAGS: 00010246 [ 77.259523] RAX: 0000000000000000 RBX: ffff8880189210a8 RCX: 0000000000000000 [ 77.260264] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 77.260996] RBP: ffff888023eb7be8 R08: ffffed1003124233 R09: ffffed1003124233 [ 77.261718] R10: ffff888018921193 R11: ffffed1003124232 R12: ffff88801341e000 [ 77.262435] R13: ffff8880189211e8 R14: ffff88800f253e00 R15: 0000000000000000 [ 77.263198] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.264010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.264601] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.265320] PKRU: 55555554 [ 77.265607] Call Trace: [ 77.265872] [ 77.266105] iommufd_access_destroy_object+0x65/0x170 [ 77.266663] iommufd_object_destroy_user+0x18e/0x220 [ 77.267197] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.267831] iommufd_access_destroy+0x43/0x70 [ 77.268317] iommufd_test_staccess_release+0x8d/0xd0 [ 77.268862] __fput+0x26d/0xa40 [ 77.269236] ____fput+0x1e/0x30 [ 77.269595] task_work_run+0x1a4/0x2d0 [ 77.270022] ? __pfx_task_work_run+0x10/0x10 [ 77.270536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.271070] ? switch_task_namespaces+0xa9/0xe0 [ 77.271598] do_exit+0xb17/0x2ef0 [ 77.271977] ? lock_acquire+0x427/0x4c0 [ 77.272419] ? __pfx_lock_release+0x10/0x10 [ 77.272893] ? __kasan_check_write+0x18/0x20 [ 77.273369] ? do_raw_spin_lock+0x132/0x2a0 [ 77.273835] ? __pfx_do_exit+0x10/0x10 [ 77.274268] ? debug_smp_processor_id+0x20/0x30 [ 77.274846] ? rcu_is_watching+0x19/0xb0 [ 77.275312] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.275809] ? trace_hardirqs_on+0x26/0x120 [ 77.276283] do_group_exit+0xe0/0x2b0 [ 77.276693] __x64_sys_exit_group+0x47/0x50 [ 77.277193] do_syscall_64+0x3b/0x90 [ 77.277607] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.278172] RIP: 0033:0x7f4b87518a4d [ 77.278602] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.279286] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.280104] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.280865] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.281639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.282399] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.283230] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.284009] [ 77.284261] irq event stamp: 0 [ 77.284600] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.285271] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.286174] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.287128] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.287811] ---[ end trace 0000000000000000 ]--- [ 77.289103] ------------[ cut here ]------------ [ 77.289619] WARNING: CPU: 0 PID: 643 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.290743] Modules linked in: [ 77.291085] CPU: 0 PID: 643 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.292024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.293209] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.293749] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.295744] RSP: 0018:ffff888023eb7b78 EFLAGS: 00010246 [ 77.296312] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.297074] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 77.297843] RBP: ffff888023eb7b98 R08: ffffed100312423e R09: ffffed100312423e [ 77.298629] R10: ffff8880189211ef R11: ffffed100312423d R12: ffff888018921290 [ 77.299398] R13: ffff8880189210a8 R14: ffffffffffffffff R15: ffff888023eb7c60 [ 77.300154] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.301010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.301635] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.302409] PKRU: 55555554 [ 77.302761] Call Trace: [ 77.303037] [ 77.303477] iommufd_ioas_destroy+0x53/0x70 [ 77.304069] iommufd_fops_release+0x1f7/0x370 [ 77.304669] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.305330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.305978] ? write_comp_data+0x2f/0x90 [ 77.306575] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.307275] __fput+0x26d/0xa40 [ 77.307749] ____fput+0x1e/0x30 [ 77.308205] task_work_run+0x1a4/0x2d0 [ 77.308741] ? __pfx_task_work_run+0x10/0x10 [ 77.309325] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.309983] ? switch_task_namespaces+0xa9/0xe0 [ 77.310659] do_exit+0xb17/0x2ef0 [ 77.311164] ? lock_acquire+0x427/0x4c0 [ 77.311692] ? __pfx_lock_release+0x10/0x10 [ 77.312272] ? __kasan_check_write+0x18/0x20 [ 77.312859] ? do_raw_spin_lock+0x132/0x2a0 [ 77.313432] ? __pfx_do_exit+0x10/0x10 [ 77.313964] ? debug_smp_processor_id+0x20/0x30 [ 77.314660] ? rcu_is_watching+0x19/0xb0 [ 77.315241] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.315857] ? trace_hardirqs_on+0x26/0x120 [ 77.316442] do_group_exit+0xe0/0x2b0 [ 77.316950] __x64_sys_exit_group+0x47/0x50 [ 77.317519] do_syscall_64+0x3b/0x90 [ 77.318028] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.318764] RIP: 0033:0x7f4b87518a4d [ 77.319297] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.320104] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.321092] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.322013] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.322969] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.323926] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.324862] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.325801] [ 77.326118] irq event stamp: 0 [ 77.326568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.327418] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.328511] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.329589] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.330408] ---[ end trace 0000000000000000 ]--- [ 77.337278] ------------[ cut here ]------------ [ 77.337924] WARNING: CPU: 0 PID: 644 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.339581] Modules linked in: [ 77.340022] CPU: 0 PID: 644 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.341108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.342538] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.343205] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.345457] RSP: 0018:ffff88801700fbb8 EFLAGS: 00010246 [ 77.346123] RAX: 0000000000000000 RBX: ffff88801358f0a8 RCX: 0000000000000000 [ 77.347036] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 77.347956] RBP: ffff88801700fbd0 R08: ffffed10026b1e33 R09: ffffed10026b1e33 [ 77.348875] R10: ffff88801358f193 R11: ffffed10026b1e32 R12: ffff8880140b8400 [ 77.349794] R13: ffff88801358f1e8 R14: ffffffff8352e670 R15: ffff88801700fe68 [ 77.350748] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.351810] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.352560] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 77.353469] PKRU: 55555554 [ 77.353837] Call Trace: [ 77.354165] [ 77.354459] __iommufd_access_detach+0x1c2/0x2b0 [ 77.355168] iommufd_access_change_pt+0x149/0x270 [ 77.355808] iommufd_access_replace+0xb4/0x120 [ 77.356415] iommufd_test+0x3e5/0x37e0 [ 77.356917] ? lock_release+0x532/0x770 [ 77.357437] ? __might_fault+0x102/0x1b0 [ 77.357963] ? lock_acquire+0x427/0x4c0 [ 77.358484] ? __pfx_iommufd_test+0x10/0x10 [ 77.359094] ? __pfx_lock_release+0x10/0x10 [ 77.359702] ? __pfx_lock_acquire+0x10/0x10 [ 77.360284] ? write_comp_data+0x2f/0x90 [ 77.360833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.361471] ? write_comp_data+0x2f/0x90 [ 77.362003] iommufd_fops_ioctl+0x37d/0x510 [ 77.362602] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.363271] ? write_comp_data+0x2f/0x90 [ 77.363814] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.364450] __x64_sys_ioctl+0x1a3/0x230 [ 77.365001] do_syscall_64+0x3b/0x90 [ 77.365500] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.366190] RIP: 0033:0x7f4b8743ee5d [ 77.366735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.369085] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.370073] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.371029] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.371828] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.372499] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.373195] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.373865] [ 77.374084] irq event stamp: 0 [ 77.374382] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.375017] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.375819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.376591] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.377172] ---[ end trace 0000000000000000 ]--- [ 77.380321] ------------[ cut here ]------------ [ 77.380980] WARNING: CPU: 0 PID: 644 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.382109] Modules linked in: [ 77.382480] CPU: 0 PID: 644 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.383328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.384377] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.384830] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.386466] RSP: 0018:ffff88801700fbd0 EFLAGS: 00010246 [ 77.387081] RAX: 0000000000000000 RBX: ffff88801358f0a8 RCX: 0000000000000000 [ 77.387758] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 77.388397] RBP: ffff88801700fbe8 R08: ffffed10026b1e33 R09: ffffed10026b1e33 [ 77.389047] R10: ffff88801358f193 R11: ffffed10026b1e32 R12: ffff888013618800 [ 77.389688] R13: ffff88801358f1e8 R14: ffff88800f492600 R15: 0000000000000000 [ 77.390328] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.391087] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.391623] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.392271] PKRU: 55555554 [ 77.392529] Call Trace: [ 77.392763] [ 77.392970] iommufd_access_destroy_object+0x65/0x170 [ 77.393440] iommufd_object_destroy_user+0x18e/0x220 [ 77.393900] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.394406] iommufd_access_destroy+0x43/0x70 [ 77.394819] iommufd_test_staccess_release+0x8d/0xd0 [ 77.395276] __fput+0x26d/0xa40 [ 77.395579] ____fput+0x1e/0x30 [ 77.395870] task_work_run+0x1a4/0x2d0 [ 77.396211] ? __pfx_task_work_run+0x10/0x10 [ 77.396592] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.397022] ? switch_task_namespaces+0xa9/0xe0 [ 77.397432] do_exit+0xb17/0x2ef0 [ 77.397728] ? lock_acquire+0x427/0x4c0 [ 77.398077] ? __pfx_lock_release+0x10/0x10 [ 77.398451] ? __kasan_check_write+0x18/0x20 [ 77.398856] ? do_raw_spin_lock+0x132/0x2a0 [ 77.399237] ? __pfx_do_exit+0x10/0x10 [ 77.399581] ? debug_smp_processor_id+0x20/0x30 [ 77.399983] ? rcu_is_watching+0x19/0xb0 [ 77.400333] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.400727] ? trace_hardirqs_on+0x26/0x120 [ 77.401103] do_group_exit+0xe0/0x2b0 [ 77.401429] __x64_sys_exit_group+0x47/0x50 [ 77.401796] do_syscall_64+0x3b/0x90 [ 77.402123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.402590] RIP: 0033:0x7f4b87518a4d [ 77.402911] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.403447] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.404089] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.404697] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.405356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.405963] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.406594] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.407213] [ 77.407415] irq event stamp: 0 [ 77.407692] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.408235] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.408955] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.409676] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.410219] ---[ end trace 0000000000000000 ]--- [ 77.411407] ------------[ cut here ]------------ [ 77.411911] WARNING: CPU: 0 PID: 644 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.412760] Modules linked in: [ 77.413030] CPU: 0 PID: 644 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.413744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.414680] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.415098] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.416572] RSP: 0018:ffff88801700fb78 EFLAGS: 00010246 [ 77.417006] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.417579] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 77.418207] RBP: ffff88801700fb98 R08: ffffed10026b1e3e R09: ffffed10026b1e3e [ 77.418831] R10: ffff88801358f1ef R11: ffffed10026b1e3d R12: ffff88801358f290 [ 77.419422] R13: ffff88801358f0a8 R14: ffffffffffffffff R15: ffff88801700fc60 [ 77.419993] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.420641] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.421108] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.421682] PKRU: 55555554 [ 77.421910] Call Trace: [ 77.422118] [ 77.422301] iommufd_ioas_destroy+0x53/0x70 [ 77.422691] iommufd_fops_release+0x1f7/0x370 [ 77.423064] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.423481] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.423889] ? write_comp_data+0x2f/0x90 [ 77.424225] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.424630] __fput+0x26d/0xa40 [ 77.424919] ____fput+0x1e/0x30 [ 77.425196] task_work_run+0x1a4/0x2d0 [ 77.425520] ? __pfx_task_work_run+0x10/0x10 [ 77.425882] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.426279] ? switch_task_namespaces+0xa9/0xe0 [ 77.426687] do_exit+0xb17/0x2ef0 [ 77.426977] ? lock_acquire+0x427/0x4c0 [ 77.427312] ? __pfx_lock_release+0x10/0x10 [ 77.427673] ? __kasan_check_write+0x18/0x20 [ 77.428034] ? do_raw_spin_lock+0x132/0x2a0 [ 77.428390] ? __pfx_do_exit+0x10/0x10 [ 77.428716] ? debug_smp_processor_id+0x20/0x30 [ 77.429097] ? rcu_is_watching+0x19/0xb0 [ 77.429425] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.429798] ? trace_hardirqs_on+0x26/0x120 [ 77.430154] do_group_exit+0xe0/0x2b0 [ 77.430460] __x64_sys_exit_group+0x47/0x50 [ 77.430830] do_syscall_64+0x3b/0x90 [ 77.431153] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.431583] RIP: 0033:0x7f4b87518a4d [ 77.431885] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.432380] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.432989] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.433556] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.434127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.434720] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.435306] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.435899] [ 77.436090] irq event stamp: 0 [ 77.436348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.436859] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.437575] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.438224] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.438736] ---[ end trace 0000000000000000 ]--- [ 77.445488] ------------[ cut here ]------------ [ 77.446166] WARNING: CPU: 1 PID: 645 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.447466] Modules linked in: [ 77.447830] CPU: 1 PID: 645 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.448853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.450133] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.450706] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.452838] RSP: 0018:ffff888017a7fbb8 EFLAGS: 00010246 [ 77.453441] RAX: 0000000000000000 RBX: ffff88800cbba8a8 RCX: 0000000000000000 [ 77.454317] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 77.455167] RBP: ffff888017a7fbd0 R08: ffffed1001977533 R09: ffffed1001977533 [ 77.455998] R10: ffff88800cbba993 R11: ffffed1001977532 R12: ffff888014582800 [ 77.456854] R13: ffff88800cbba9e8 R14: ffffffff8352e670 R15: ffff888017a7fe68 [ 77.457614] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.458612] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.459266] CR2: 00007f4b877410e8 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 77.460121] PKRU: 55555554 [ 77.460441] Call Trace: [ 77.460826] [ 77.461086] __iommufd_access_detach+0x1c2/0x2b0 [ 77.461635] iommufd_access_change_pt+0x149/0x270 [ 77.462284] iommufd_access_replace+0xb4/0x120 [ 77.462846] iommufd_test+0x3e5/0x37e0 [ 77.463347] ? lock_release+0x532/0x770 [ 77.463853] ? __might_fault+0x102/0x1b0 [ 77.464320] ? lock_acquire+0x427/0x4c0 [ 77.464868] ? __pfx_iommufd_test+0x10/0x10 [ 77.465350] ? __pfx_lock_release+0x10/0x10 [ 77.465879] ? __pfx_lock_acquire+0x10/0x10 [ 77.466431] ? write_comp_data+0x2f/0x90 [ 77.466920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.467545] ? write_comp_data+0x2f/0x90 [ 77.468003] iommufd_fops_ioctl+0x37d/0x510 [ 77.468478] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.469090] ? write_comp_data+0x2f/0x90 [ 77.469544] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.470163] __x64_sys_ioctl+0x1a3/0x230 [ 77.470666] do_syscall_64+0x3b/0x90 [ 77.471103] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.471798] RIP: 0033:0x7f4b8743ee5d [ 77.472216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.474390] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.475327] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.476142] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.477038] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.477863] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.478737] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.479595] [ 77.479899] irq event stamp: 0 [ 77.480252] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.481056] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.482065] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.483032] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.483795] ---[ end trace 0000000000000000 ]--- [ 77.488818] ------------[ cut here ]------------ [ 77.489459] WARNING: CPU: 1 PID: 645 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.490671] Modules linked in: [ 77.491032] CPU: 1 PID: 645 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.492034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.493383] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.493931] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.496130] RSP: 0018:ffff888017a7fbd0 EFLAGS: 00010246 [ 77.496718] RAX: 0000000000000000 RBX: ffff88800cbba8a8 RCX: 0000000000000000 [ 77.497590] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 77.498411] RBP: ffff888017a7fbe8 R08: ffffed1001977533 R09: ffffed1001977533 [ 77.499268] R10: ffff88800cbba993 R11: ffffed1001977532 R12: ffff888021bc4400 [ 77.500137] R13: ffff88800cbba9e8 R14: ffff88800b874100 R15: 0000000000000000 [ 77.500962] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.501892] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.502635] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 77.503421] PKRU: 55555554 [ 77.503833] Call Trace: [ 77.504121] [ 77.504377] iommufd_access_destroy_object+0x65/0x170 [ 77.504996] iommufd_object_destroy_user+0x18e/0x220 [ 77.505616] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.506354] iommufd_access_destroy+0x43/0x70 [ 77.506877] iommufd_test_staccess_release+0x8d/0xd0 [ 77.507445] __fput+0x26d/0xa40 [ 77.507918] ____fput+0x1e/0x30 [ 77.508288] task_work_run+0x1a4/0x2d0 [ 77.508740] ? __pfx_task_work_run+0x10/0x10 [ 77.509283] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.509818] ? switch_task_namespaces+0xa9/0xe0 [ 77.510417] do_exit+0xb17/0x2ef0 [ 77.510829] ? lock_acquire+0x427/0x4c0 [ 77.511281] ? __pfx_lock_release+0x10/0x10 [ 77.511851] ? __kasan_check_write+0x18/0x20 [ 77.512334] ? do_raw_spin_lock+0x132/0x2a0 [ 77.512852] ? __pfx_do_exit+0x10/0x10 [ 77.513294] ? debug_smp_processor_id+0x20/0x30 [ 77.513801] ? rcu_is_watching+0x19/0xb0 [ 77.514243] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.514847] ? trace_hardirqs_on+0x26/0x120 [ 77.515343] do_group_exit+0xe0/0x2b0 [ 77.515760] __x64_sys_exit_group+0x47/0x50 [ 77.516226] do_syscall_64+0x3b/0x90 [ 77.516640] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.517205] RIP: 0033:0x7f4b87518a4d [ 77.517605] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.518259] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.519093] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.519722] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.520249] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.520761] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.521273] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.521799] [ 77.521971] irq event stamp: 0 [ 77.522201] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.522687] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.523305] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.523908] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.524362] ---[ end trace 0000000000000000 ]--- [ 77.525050] ------------[ cut here ]------------ [ 77.525392] WARNING: CPU: 1 PID: 645 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.526129] Modules linked in: [ 77.526363] CPU: 1 PID: 645 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.527020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.527852] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.528232] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.529553] RSP: 0018:ffff888017a7fb78 EFLAGS: 00010246 [ 77.529945] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.530465] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 77.531006] RBP: ffff888017a7fb98 R08: ffffed100197753e R09: ffffed100197753e [ 77.531543] R10: ffff88800cbba9ef R11: ffffed100197753d R12: ffff88800cbbaa90 [ 77.532062] R13: ffff88800cbba8a8 R14: ffffffffffffffff R15: ffff888017a7fc60 [ 77.532582] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.533166] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.533591] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 77.534117] PKRU: 55555554 [ 77.534325] Call Trace: [ 77.534532] [ 77.534700] iommufd_ioas_destroy+0x53/0x70 [ 77.535025] iommufd_fops_release+0x1f7/0x370 [ 77.535368] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.535742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.536105] ? write_comp_data+0x2f/0x90 [ 77.536410] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.536780] __fput+0x26d/0xa40 [ 77.537038] ____fput+0x1e/0x30 [ 77.537289] task_work_run+0x1a4/0x2d0 [ 77.537582] ? __pfx_task_work_run+0x10/0x10 [ 77.537911] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.538274] ? switch_task_namespaces+0xa9/0xe0 [ 77.538645] do_exit+0xb17/0x2ef0 [ 77.538902] ? lock_acquire+0x427/0x4c0 [ 77.539208] ? __pfx_lock_release+0x10/0x10 [ 77.539531] ? __kasan_check_write+0x18/0x20 [ 77.539858] ? do_raw_spin_lock+0x132/0x2a0 [ 77.540172] ? __pfx_do_exit+0x10/0x10 [ 77.540466] ? debug_smp_processor_id+0x20/0x30 [ 77.540815] ? rcu_is_watching+0x19/0xb0 [ 77.541115] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.541452] ? trace_hardirqs_on+0x26/0x120 [ 77.541777] do_group_exit+0xe0/0x2b0 [ 77.542056] __x64_sys_exit_group+0x47/0x50 [ 77.542371] do_syscall_64+0x3b/0x90 [ 77.542670] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.543060] RIP: 0033:0x7f4b87518a4d [ 77.543348] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.543796] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.544349] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.544865] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.545382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.545900] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.546415] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.546959] [ 77.547136] irq event stamp: 0 [ 77.547369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.547831] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.548444] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.549051] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.549507] ---[ end trace 0000000000000000 ]--- [ 77.552875] ------------[ cut here ]------------ [ 77.553244] WARNING: CPU: 1 PID: 646 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.553972] Modules linked in: [ 77.554206] CPU: 1 PID: 646 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.554968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.555789] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.556150] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.557465] RSP: 0018:ffff888010a67bb8 EFLAGS: 00010246 [ 77.557854] RAX: 0000000000000000 RBX: ffff888015faf8a8 RCX: 0000000000000000 [ 77.558368] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 77.558899] RBP: ffff888010a67bd0 R08: ffffed1002bf5f33 R09: ffffed1002bf5f33 [ 77.559422] R10: ffff888015faf993 R11: ffffed1002bf5f32 R12: ffff88801422c800 [ 77.559942] R13: ffff888015faf9e8 R14: ffffffff8352e670 R15: ffff888010a67e68 [ 77.560456] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.561038] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.561462] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 77.561976] PKRU: 55555554 [ 77.562183] Call Trace: [ 77.562369] [ 77.562554] __iommufd_access_detach+0x1c2/0x2b0 [ 77.562917] iommufd_access_change_pt+0x149/0x270 [ 77.563288] iommufd_access_replace+0xb4/0x120 [ 77.563634] iommufd_test+0x3e5/0x37e0 [ 77.563922] ? lock_release+0x532/0x770 [ 77.564224] ? __might_fault+0x102/0x1b0 [ 77.564530] ? lock_acquire+0x427/0x4c0 [ 77.564832] ? __pfx_iommufd_test+0x10/0x10 [ 77.565149] ? __pfx_lock_release+0x10/0x10 [ 77.565476] ? __pfx_lock_acquire+0x10/0x10 [ 77.565802] ? write_comp_data+0x2f/0x90 [ 77.566109] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.566477] ? write_comp_data+0x2f/0x90 [ 77.566803] iommufd_fops_ioctl+0x37d/0x510 [ 77.567132] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.567495] ? write_comp_data+0x2f/0x90 [ 77.567801] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.568163] __x64_sys_ioctl+0x1a3/0x230 [ 77.568471] do_syscall_64+0x3b/0x90 [ 77.568754] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.569142] RIP: 0033:0x7f4b8743ee5d [ 77.569416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.570759] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.571330] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.571854] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.572374] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.572895] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.573413] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.573938] [ 77.574113] irq event stamp: 0 [ 77.574345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.574833] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.575461] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.576068] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.576523] ---[ end trace 0000000000000000 ]--- [ 77.579130] ------------[ cut here ]------------ [ 77.579487] WARNING: CPU: 1 PID: 646 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.580217] Modules linked in: [ 77.580453] CPU: 1 PID: 646 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.581080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.581897] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.582261] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.583614] RSP: 0018:ffff888010a67bd0 EFLAGS: 00010246 [ 77.584010] RAX: 0000000000000000 RBX: ffff888015faf8a8 RCX: 0000000000000000 [ 77.584528] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 77.585055] RBP: ffff888010a67be8 R08: ffffed1002bf5f33 R09: ffffed1002bf5f33 [ 77.585572] R10: ffff888015faf993 R11: ffffed1002bf5f32 R12: ffff888014583c00 [ 77.586090] R13: ffff888015faf9e8 R14: ffff888010b65300 R15: 0000000000000000 [ 77.586636] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.587233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.587664] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 77.588187] PKRU: 55555554 [ 77.588394] Call Trace: [ 77.588582] [ 77.588749] iommufd_access_destroy_object+0x65/0x170 [ 77.589134] iommufd_object_destroy_user+0x18e/0x220 [ 77.589510] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.589943] iommufd_access_destroy+0x43/0x70 [ 77.590281] iommufd_test_staccess_release+0x8d/0xd0 [ 77.590678] __fput+0x26d/0xa40 [ 77.590937] ____fput+0x1e/0x30 [ 77.591194] task_work_run+0x1a4/0x2d0 [ 77.591489] ? __pfx_task_work_run+0x10/0x10 [ 77.591818] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.592183] ? switch_task_namespaces+0xa9/0xe0 [ 77.592533] do_exit+0xb17/0x2ef0 [ 77.592787] ? lock_acquire+0x427/0x4c0 [ 77.593085] ? __pfx_lock_release+0x10/0x10 [ 77.593406] ? __kasan_check_write+0x18/0x20 [ 77.593730] ? do_raw_spin_lock+0x132/0x2a0 [ 77.594048] ? __pfx_do_exit+0x10/0x10 [ 77.594345] ? debug_smp_processor_id+0x20/0x30 [ 77.594706] ? rcu_is_watching+0x19/0xb0 [ 77.595007] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.595353] ? trace_hardirqs_on+0x26/0x120 [ 77.595677] do_group_exit+0xe0/0x2b0 [ 77.595962] __x64_sys_exit_group+0x47/0x50 [ 77.596276] do_syscall_64+0x3b/0x90 [ 77.596557] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.596951] RIP: 0033:0x7f4b87518a4d [ 77.597232] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.597679] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.598239] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.598778] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.599303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.599820] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.600338] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.600871] [ 77.601045] irq event stamp: 0 [ 77.601276] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.601734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.602347] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.602974] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.603441] ---[ end trace 0000000000000000 ]--- [ 77.604094] ------------[ cut here ]------------ [ 77.604433] WARNING: CPU: 1 PID: 646 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.605169] Modules linked in: [ 77.605403] CPU: 1 PID: 646 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.606031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.606861] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.607242] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.608565] RSP: 0018:ffff888010a67b78 EFLAGS: 00010246 [ 77.608950] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.609466] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 77.609984] RBP: ffff888010a67b98 R08: ffffed1002bf5f3e R09: ffffed1002bf5f3e [ 77.610501] R10: ffff888015faf9ef R11: ffffed1002bf5f3d R12: ffff888015fafa90 [ 77.611042] R13: ffff888015faf8a8 R14: ffffffffffffffff R15: ffff888010a67c60 [ 77.611565] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.612150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.612572] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 77.613088] PKRU: 55555554 [ 77.613294] Call Trace: [ 77.613481] [ 77.613647] iommufd_ioas_destroy+0x53/0x70 [ 77.613970] iommufd_fops_release+0x1f7/0x370 [ 77.614303] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.614687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.615056] ? write_comp_data+0x2f/0x90 [ 77.615374] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.615748] __fput+0x26d/0xa40 [ 77.616008] ____fput+0x1e/0x30 [ 77.616258] task_work_run+0x1a4/0x2d0 [ 77.616551] ? __pfx_task_work_run+0x10/0x10 [ 77.616880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.617240] ? switch_task_namespaces+0xa9/0xe0 [ 77.617593] do_exit+0xb17/0x2ef0 [ 77.617852] ? lock_acquire+0x427/0x4c0 [ 77.618152] ? __pfx_lock_release+0x10/0x10 [ 77.618472] ? __kasan_check_write+0x18/0x20 [ 77.618815] ? do_raw_spin_lock+0x132/0x2a0 [ 77.619144] ? __pfx_do_exit+0x10/0x10 [ 77.619439] ? debug_smp_processor_id+0x20/0x30 [ 77.619787] ? rcu_is_watching+0x19/0xb0 [ 77.620085] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.620420] ? trace_hardirqs_on+0x26/0x120 [ 77.620741] do_group_exit+0xe0/0x2b0 [ 77.621021] __x64_sys_exit_group+0x47/0x50 [ 77.621334] do_syscall_64+0x3b/0x90 [ 77.621612] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.621994] RIP: 0033:0x7f4b87518a4d [ 77.622265] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.622725] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.623281] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.623805] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.624321] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.624837] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.625352] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.625869] [ 77.626037] irq event stamp: 0 [ 77.626264] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.626734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.627337] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.627935] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.628381] ---[ end trace 0000000000000000 ]--- [ 77.632546] ------------[ cut here ]------------ [ 77.632904] WARNING: CPU: 1 PID: 647 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.633604] Modules linked in: [ 77.633835] CPU: 1 PID: 647 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.634438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.635278] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.635627] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.636899] RSP: 0018:ffff8880180cfbb8 EFLAGS: 00010246 [ 77.637271] RAX: 0000000000000000 RBX: ffff8880187eb8a8 RCX: 0000000000000000 [ 77.637770] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 77.638267] RBP: ffff8880180cfbd0 R08: ffffed10030fd733 R09: ffffed10030fd733 [ 77.638778] R10: ffff8880187eb993 R11: ffffed10030fd732 R12: ffff8880189e2000 [ 77.639284] R13: ffff8880187eb9e8 R14: ffffffff8352e670 R15: ffff8880180cfe68 [ 77.639790] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.640671] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.641082] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 77.641737] PKRU: 55555554 [ 77.641941] Call Trace: [ 77.642120] [ 77.642280] __iommufd_access_detach+0x1c2/0x2b0 [ 77.642716] iommufd_access_change_pt+0x149/0x270 [ 77.643073] iommufd_access_replace+0xb4/0x120 [ 77.643417] iommufd_test+0x3e5/0x37e0 [ 77.643690] ? lock_release+0x532/0x770 [ 77.643982] ? __might_fault+0x102/0x1b0 [ 77.644430] ? lock_acquire+0x427/0x4c0 [ 77.644879] ? __pfx_iommufd_test+0x10/0x10 [ 77.645341] ? __pfx_lock_release+0x10/0x10 [ 77.645810] ? __pfx_lock_acquire+0x10/0x10 [ 77.646282] ? write_comp_data+0x2f/0x90 [ 77.646850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.647399] ? write_comp_data+0x2f/0x90 [ 77.647848] iommufd_fops_ioctl+0x37d/0x510 [ 77.648317] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.648841] ? write_comp_data+0x2f/0x90 [ 77.649320] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.649879] __x64_sys_ioctl+0x1a3/0x230 [ 77.650333] do_syscall_64+0x3b/0x90 [ 77.650771] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.651352] RIP: 0033:0x7f4b8743ee5d [ 77.651754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.653737] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.654669] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.655437] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.656179] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.657024] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.657768] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.658553] [ 77.658815] irq event stamp: 0 [ 77.659177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.659892] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.660773] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.661730] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.662391] ---[ end trace 0000000000000000 ]--- [ 77.666594] ------------[ cut here ]------------ [ 77.667122] WARNING: CPU: 1 PID: 647 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.668175] Modules linked in: [ 77.668581] CPU: 1 PID: 647 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.669486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.671093] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.671642] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.673523] RSP: 0018:ffff8880180cfbd0 EFLAGS: 00010246 [ 77.674164] RAX: 0000000000000000 RBX: ffff8880187eb8a8 RCX: 0000000000000000 [ 77.674933] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 77.675545] RBP: ffff8880180cfbe8 R08: ffffed10030fd733 R09: ffffed10030fd733 [ 77.676038] R10: ffff8880187eb993 R11: ffffed10030fd732 R12: ffff88801422e000 [ 77.676618] R13: ffff8880187eb9e8 R14: ffff888013705000 R15: 0000000000000000 [ 77.677115] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.677669] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.678076] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 77.678663] PKRU: 55555554 [ 77.678906] Call Trace: [ 77.679087] [ 77.679255] iommufd_access_destroy_object+0x65/0x170 [ 77.679627] iommufd_object_destroy_user+0x18e/0x220 [ 77.679991] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.680407] iommufd_access_destroy+0x43/0x70 [ 77.680733] iommufd_test_staccess_release+0x8d/0xd0 [ 77.681100] __fput+0x26d/0xa40 [ 77.681375] ____fput+0x1e/0x30 [ 77.681701] task_work_run+0x1a4/0x2d0 [ 77.681992] ? __pfx_task_work_run+0x10/0x10 [ 77.682314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.682690] ? switch_task_namespaces+0xa9/0xe0 [ 77.683038] do_exit+0xb17/0x2ef0 [ 77.683297] ? lock_acquire+0x427/0x4c0 [ 77.683595] ? __pfx_lock_release+0x10/0x10 [ 77.683913] ? __kasan_check_write+0x18/0x20 [ 77.684260] ? do_raw_spin_lock+0x132/0x2a0 [ 77.684653] ? __pfx_do_exit+0x10/0x10 [ 77.684943] ? debug_smp_processor_id+0x20/0x30 [ 77.685279] ? rcu_is_watching+0x19/0xb0 [ 77.685573] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.685910] ? trace_hardirqs_on+0x26/0x120 [ 77.686232] do_group_exit+0xe0/0x2b0 [ 77.686535] __x64_sys_exit_group+0x47/0x50 [ 77.686851] do_syscall_64+0x3b/0x90 [ 77.687137] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.687548] RIP: 0033:0x7f4b87518a4d [ 77.687895] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.688335] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.688880] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.689390] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.689958] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.690549] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.691059] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.691584] [ 77.691752] irq event stamp: 0 [ 77.691981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.692435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.693147] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.693743] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.694193] ---[ end trace 0000000000000000 ]--- [ 77.694871] ------------[ cut here ]------------ [ 77.695227] WARNING: CPU: 1 PID: 647 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.696078] Modules linked in: [ 77.696314] CPU: 1 PID: 647 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.696948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.697828] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.698268] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.699628] RSP: 0018:ffff8880180cfb78 EFLAGS: 00010246 [ 77.700022] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.700583] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 77.701188] RBP: ffff8880180cfb98 R08: ffffed10030fd73e R09: ffffed10030fd73e [ 77.701708] R10: ffff8880187eb9ef R11: ffffed10030fd73d R12: ffff8880187eba90 [ 77.702227] R13: ffff8880187eb8a8 R14: ffffffffffffffff R15: ffff8880180cfc60 [ 77.702784] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.703475] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.703904] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 77.704424] PKRU: 55555554 [ 77.704632] Call Trace: [ 77.704820] [ 77.704989] iommufd_ioas_destroy+0x53/0x70 [ 77.705313] iommufd_fops_release+0x1f7/0x370 [ 77.705692] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.706136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.706500] ? write_comp_data+0x2f/0x90 [ 77.706848] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.707233] __fput+0x26d/0xa40 [ 77.707493] ____fput+0x1e/0x30 [ 77.707745] task_work_run+0x1a4/0x2d0 [ 77.708042] ? __pfx_task_work_run+0x10/0x10 [ 77.708376] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.708810] ? switch_task_namespaces+0xa9/0xe0 [ 77.709210] do_exit+0xb17/0x2ef0 [ 77.709467] ? lock_acquire+0x427/0x4c0 [ 77.709767] ? __pfx_lock_release+0x10/0x10 [ 77.710088] ? __kasan_check_write+0x18/0x20 [ 77.710414] ? do_raw_spin_lock+0x132/0x2a0 [ 77.710762] ? __pfx_do_exit+0x10/0x10 [ 77.711060] ? debug_smp_processor_id+0x20/0x30 [ 77.711419] ? rcu_is_watching+0x19/0xb0 [ 77.711726] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.712097] ? trace_hardirqs_on+0x26/0x120 [ 77.712509] do_group_exit+0xe0/0x2b0 [ 77.712798] __x64_sys_exit_group+0x47/0x50 [ 77.713116] do_syscall_64+0x3b/0x90 [ 77.713398] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.713783] RIP: 0033:0x7f4b87518a4d [ 77.714056] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.714588] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.715197] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.715715] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.716232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.716751] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.717280] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.717905] [ 77.718079] irq event stamp: 0 [ 77.718309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.718784] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.719402] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.720014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.720564] ---[ end trace 0000000000000000 ]--- [ 77.729559] ------------[ cut here ]------------ [ 77.730244] WARNING: CPU: 0 PID: 648 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.731443] Modules linked in: [ 77.731809] CPU: 0 PID: 648 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.732751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.733962] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.734538] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.736155] RSP: 0018:ffff8880185cfbb8 EFLAGS: 00010246 [ 77.736565] RAX: 0000000000000000 RBX: ffff888023e6c8a8 RCX: 0000000000000000 [ 77.737090] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 77.737612] RBP: ffff8880185cfbd0 R08: ffffed10047cd933 R09: ffffed10047cd933 [ 77.738137] R10: ffff888023e6c993 R11: ffffed10047cd932 R12: ffff888020855c00 [ 77.738691] R13: ffff888023e6c9e8 R14: ffffffff8352e670 R15: ffff8880185cfe68 [ 77.739227] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.739821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.740249] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ef0 [ 77.740774] PKRU: 55555554 [ 77.740984] Call Trace: [ 77.741175] [ 77.741346] __iommufd_access_detach+0x1c2/0x2b0 [ 77.741713] iommufd_access_change_pt+0x149/0x270 [ 77.742081] iommufd_access_replace+0xb4/0x120 [ 77.742432] iommufd_test+0x3e5/0x37e0 [ 77.742746] ? lock_release+0x532/0x770 [ 77.743054] ? __might_fault+0x102/0x1b0 [ 77.743372] ? lock_acquire+0x427/0x4c0 [ 77.743681] ? __pfx_iommufd_test+0x10/0x10 [ 77.744001] ? __pfx_lock_release+0x10/0x10 [ 77.744334] ? __pfx_lock_acquire+0x10/0x10 [ 77.744665] ? write_comp_data+0x2f/0x90 [ 77.744978] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.745345] ? write_comp_data+0x2f/0x90 [ 77.745658] iommufd_fops_ioctl+0x37d/0x510 [ 77.745985] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.746353] ? write_comp_data+0x2f/0x90 [ 77.746686] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.747051] __x64_sys_ioctl+0x1a3/0x230 [ 77.747374] do_syscall_64+0x3b/0x90 [ 77.747662] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.748055] RIP: 0033:0x7f4b8743ee5d [ 77.748333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.749675] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.750239] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.750794] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.751331] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.751859] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.752396] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.752932] [ 77.753106] irq event stamp: 0 [ 77.753342] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.753806] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.754427] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.755070] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.755544] ---[ end trace 0000000000000000 ]--- [ 77.758408] ------------[ cut here ]------------ [ 77.758835] WARNING: CPU: 0 PID: 648 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.759574] Modules linked in: [ 77.759810] CPU: 0 PID: 648 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.760437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.761252] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.761614] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.762961] RSP: 0018:ffff8880185cfbd0 EFLAGS: 00010246 [ 77.763354] RAX: 0000000000000000 RBX: ffff888023e6c8a8 RCX: 0000000000000000 [ 77.763870] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 77.764386] RBP: ffff8880185cfbe8 R08: ffffed10047cd933 R09: ffffed10047cd933 [ 77.764905] R10: ffff888023e6c993 R11: ffffed10047cd932 R12: ffff8880140b8000 [ 77.765420] R13: ffff888023e6c9e8 R14: ffff88800fa20100 R15: 0000000000000000 [ 77.765935] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.766534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.766955] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.767481] PKRU: 55555554 [ 77.767690] Call Trace: [ 77.767877] [ 77.768043] iommufd_access_destroy_object+0x65/0x170 [ 77.768425] iommufd_object_destroy_user+0x18e/0x220 [ 77.768800] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.769228] iommufd_access_destroy+0x43/0x70 [ 77.769566] iommufd_test_staccess_release+0x8d/0xd0 [ 77.769943] __fput+0x26d/0xa40 [ 77.770198] ____fput+0x1e/0x30 [ 77.770446] task_work_run+0x1a4/0x2d0 [ 77.770754] ? __pfx_task_work_run+0x10/0x10 [ 77.771082] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.771453] ? switch_task_namespaces+0xa9/0xe0 [ 77.771806] do_exit+0xb17/0x2ef0 [ 77.772062] ? lock_acquire+0x427/0x4c0 [ 77.772361] ? __pfx_lock_release+0x10/0x10 [ 77.772682] ? __kasan_check_write+0x18/0x20 [ 77.773007] ? do_raw_spin_lock+0x132/0x2a0 [ 77.773326] ? __pfx_do_exit+0x10/0x10 [ 77.773621] ? debug_smp_processor_id+0x20/0x30 [ 77.773965] ? rcu_is_watching+0x19/0xb0 [ 77.774264] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.774619] ? trace_hardirqs_on+0x26/0x120 [ 77.774947] do_group_exit+0xe0/0x2b0 [ 77.775237] __x64_sys_exit_group+0x47/0x50 [ 77.775554] do_syscall_64+0x3b/0x90 [ 77.775836] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.776226] RIP: 0033:0x7f4b87518a4d [ 77.776500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.776953] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.777505] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.778021] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.778546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.779053] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.779565] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.780080] [ 77.780248] irq event stamp: 0 [ 77.780475] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.780924] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.781520] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.782112] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.782575] ---[ end trace 0000000000000000 ]--- [ 77.783221] ------------[ cut here ]------------ [ 77.783562] WARNING: CPU: 0 PID: 648 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.784281] Modules linked in: [ 77.784511] CPU: 0 PID: 648 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.785128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.785942] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.786314] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.787632] RSP: 0018:ffff8880185cfb78 EFLAGS: 00010246 [ 77.788015] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.788519] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 77.789023] RBP: ffff8880185cfb98 R08: ffffed10047cd93e R09: ffffed10047cd93e [ 77.789527] R10: ffff888023e6c9ef R11: ffffed10047cd93d R12: ffff888023e6ca90 [ 77.790034] R13: ffff888023e6c8a8 R14: ffffffffffffffff R15: ffff8880185cfc60 [ 77.790561] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.791144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.791559] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.792063] PKRU: 55555554 [ 77.792268] Call Trace: [ 77.792450] [ 77.792613] iommufd_ioas_destroy+0x53/0x70 [ 77.792930] iommufd_fops_release+0x1f7/0x370 [ 77.793255] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.793616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.793971] ? write_comp_data+0x2f/0x90 [ 77.794272] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.794649] __fput+0x26d/0xa40 [ 77.794902] ____fput+0x1e/0x30 [ 77.795156] task_work_run+0x1a4/0x2d0 [ 77.795445] ? __pfx_task_work_run+0x10/0x10 [ 77.795768] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.796124] ? switch_task_namespaces+0xa9/0xe0 [ 77.796468] do_exit+0xb17/0x2ef0 [ 77.796719] ? lock_acquire+0x427/0x4c0 [ 77.797013] ? __pfx_lock_release+0x10/0x10 [ 77.797327] ? __kasan_check_write+0x18/0x20 [ 77.797643] ? do_raw_spin_lock+0x132/0x2a0 [ 77.797956] ? __pfx_do_exit+0x10/0x10 [ 77.798248] ? debug_smp_processor_id+0x20/0x30 [ 77.798600] ? rcu_is_watching+0x19/0xb0 [ 77.798903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.799245] ? trace_hardirqs_on+0x26/0x120 [ 77.799562] do_group_exit+0xe0/0x2b0 [ 77.799838] __x64_sys_exit_group+0x47/0x50 [ 77.800150] do_syscall_64+0x3b/0x90 [ 77.800429] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.800806] RIP: 0033:0x7f4b87518a4d [ 77.801074] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.801514] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.802059] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.802585] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.803098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.803610] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.804115] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.804629] [ 77.804797] irq event stamp: 0 [ 77.805025] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.805474] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.806073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.806679] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.807139] ---[ end trace 0000000000000000 ]--- [ 77.810735] ------------[ cut here ]------------ [ 77.811120] WARNING: CPU: 0 PID: 649 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.811844] Modules linked in: [ 77.812074] CPU: 0 PID: 649 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.812695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.813501] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.813860] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.815346] RSP: 0018:ffff888018b67bb8 EFLAGS: 00010246 [ 77.815732] RAX: 0000000000000000 RBX: ffff8880104678a8 RCX: 0000000000000000 [ 77.816241] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 77.816750] RBP: ffff888018b67bd0 R08: ffffed100208cf33 R09: ffffed100208cf33 [ 77.817259] R10: ffff888010467993 R11: ffffed100208cf32 R12: ffff88800fcb3c00 [ 77.817773] R13: ffff8880104679e8 R14: ffffffff8352e670 R15: ffff888018b67e68 [ 77.818278] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.818860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.819277] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 77.819780] PKRU: 55555554 [ 77.819980] Call Trace: [ 77.820161] [ 77.820322] __iommufd_access_detach+0x1c2/0x2b0 [ 77.820670] iommufd_access_change_pt+0x149/0x270 [ 77.821015] iommufd_access_replace+0xb4/0x120 [ 77.821349] iommufd_test+0x3e5/0x37e0 [ 77.821626] ? lock_release+0x532/0x770 [ 77.821919] ? __might_fault+0x102/0x1b0 [ 77.822215] ? lock_acquire+0x427/0x4c0 [ 77.822524] ? __pfx_iommufd_test+0x10/0x10 [ 77.822829] ? __pfx_lock_release+0x10/0x10 [ 77.823147] ? __pfx_lock_acquire+0x10/0x10 [ 77.823465] ? write_comp_data+0x2f/0x90 [ 77.823766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.824116] ? write_comp_data+0x2f/0x90 [ 77.824413] iommufd_fops_ioctl+0x37d/0x510 [ 77.824724] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.825073] ? write_comp_data+0x2f/0x90 [ 77.825369] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.825714] __x64_sys_ioctl+0x1a3/0x230 [ 77.826014] do_syscall_64+0x3b/0x90 [ 77.826286] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.826676] RIP: 0033:0x7f4b8743ee5d [ 77.826942] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.828226] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.828764] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.829270] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.829769] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.830269] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.830785] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.831304] [ 77.831472] irq event stamp: 0 [ 77.831696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.832141] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.832731] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.833316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.833759] ---[ end trace 0000000000000000 ]--- [ 77.836309] ------------[ cut here ]------------ [ 77.836662] WARNING: CPU: 0 PID: 649 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.837369] Modules linked in: [ 77.837599] CPU: 0 PID: 649 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.838210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.839025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.839388] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.840674] RSP: 0018:ffff888018b67bd0 EFLAGS: 00010246 [ 77.841059] RAX: 0000000000000000 RBX: ffff8880104678a8 RCX: 0000000000000000 [ 77.841563] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 77.842065] RBP: ffff888018b67be8 R08: ffffed100208cf33 R09: ffffed100208cf33 [ 77.842579] R10: ffff888010467993 R11: ffffed100208cf32 R12: ffff888020854c00 [ 77.843086] R13: ffff8880104679e8 R14: ffff88802090a300 R15: 0000000000000000 [ 77.843596] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.844161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.844569] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.845070] PKRU: 55555554 [ 77.845270] Call Trace: [ 77.845455] [ 77.845617] iommufd_access_destroy_object+0x65/0x170 [ 77.845993] iommufd_object_destroy_user+0x18e/0x220 [ 77.846359] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.846813] iommufd_access_destroy+0x43/0x70 [ 77.847149] iommufd_test_staccess_release+0x8d/0xd0 [ 77.847518] __fput+0x26d/0xa40 [ 77.847765] ____fput+0x1e/0x30 [ 77.848008] task_work_run+0x1a4/0x2d0 [ 77.848294] ? __pfx_task_work_run+0x10/0x10 [ 77.848610] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.848960] ? switch_task_namespaces+0xa9/0xe0 [ 77.849298] do_exit+0xb17/0x2ef0 [ 77.849547] ? lock_acquire+0x427/0x4c0 [ 77.849835] ? __pfx_lock_release+0x10/0x10 [ 77.850149] ? __kasan_check_write+0x18/0x20 [ 77.850465] ? do_raw_spin_lock+0x132/0x2a0 [ 77.850788] ? __pfx_do_exit+0x10/0x10 [ 77.851075] ? debug_smp_processor_id+0x20/0x30 [ 77.851420] ? rcu_is_watching+0x19/0xb0 [ 77.851717] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.852045] ? trace_hardirqs_on+0x26/0x120 [ 77.852359] do_group_exit+0xe0/0x2b0 [ 77.852633] __x64_sys_exit_group+0x47/0x50 [ 77.852944] do_syscall_64+0x3b/0x90 [ 77.853218] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.853597] RIP: 0033:0x7f4b87518a4d [ 77.853869] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.854310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.854867] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.855398] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.855897] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.856393] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.856887] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.857390] [ 77.857554] irq event stamp: 0 [ 77.857776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.858218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.858820] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.859419] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.859859] ---[ end trace 0000000000000000 ]--- [ 77.860484] ------------[ cut here ]------------ [ 77.860814] WARNING: CPU: 0 PID: 649 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.861516] Modules linked in: [ 77.861743] CPU: 0 PID: 649 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.862345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.863153] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.863518] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.864791] RSP: 0018:ffff888018b67b78 EFLAGS: 00010246 [ 77.865162] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.865655] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 77.866150] RBP: ffff888018b67b98 R08: ffffed100208cf3e R09: ffffed100208cf3e [ 77.866660] R10: ffff8880104679ef R11: ffffed100208cf3d R12: ffff888010467a90 [ 77.867165] R13: ffff8880104678a8 R14: ffffffffffffffff R15: ffff888018b67c60 [ 77.867669] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 77.868234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.868649] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 77.869160] PKRU: 55555554 [ 77.869362] Call Trace: [ 77.869546] [ 77.869709] iommufd_ioas_destroy+0x53/0x70 [ 77.870022] iommufd_fops_release+0x1f7/0x370 [ 77.870348] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.870722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.871079] ? write_comp_data+0x2f/0x90 [ 77.871401] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.871761] __fput+0x26d/0xa40 [ 77.872011] ____fput+0x1e/0x30 [ 77.872258] task_work_run+0x1a4/0x2d0 [ 77.872548] ? __pfx_task_work_run+0x10/0x10 [ 77.872872] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.873227] ? switch_task_namespaces+0xa9/0xe0 [ 77.873571] do_exit+0xb17/0x2ef0 [ 77.873822] ? lock_acquire+0x427/0x4c0 [ 77.874116] ? __pfx_lock_release+0x10/0x10 [ 77.874431] ? __kasan_check_write+0x18/0x20 [ 77.874769] ? do_raw_spin_lock+0x132/0x2a0 [ 77.875082] ? __pfx_do_exit+0x10/0x10 [ 77.875379] ? debug_smp_processor_id+0x20/0x30 [ 77.875717] ? rcu_is_watching+0x19/0xb0 [ 77.876009] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.876337] ? trace_hardirqs_on+0x26/0x120 [ 77.876651] do_group_exit+0xe0/0x2b0 [ 77.876926] __x64_sys_exit_group+0x47/0x50 [ 77.877232] do_syscall_64+0x3b/0x90 [ 77.877505] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.877881] RIP: 0033:0x7f4b87518a4d [ 77.878150] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.878602] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.879148] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.879652] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.880152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.880656] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.881162] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.881674] [ 77.881842] irq event stamp: 0 [ 77.882067] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.882524] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.883119] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.883712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.884160] ---[ end trace 0000000000000000 ]--- [ 77.889156] ------------[ cut here ]------------ [ 77.889547] WARNING: CPU: 1 PID: 650 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.890285] Modules linked in: [ 77.890752] CPU: 1 PID: 650 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.891399] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.892217] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.892576] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.893898] RSP: 0018:ffff888014bafbb8 EFLAGS: 00010246 [ 77.894291] RAX: 0000000000000000 RBX: ffff8880208cc0a8 RCX: 0000000000000000 [ 77.894819] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 77.895352] RBP: ffff888014bafbd0 R08: ffffed1004119833 R09: ffffed1004119833 [ 77.896073] R10: ffff8880208cc193 R11: ffffed1004119832 R12: ffff88800b9b5c00 [ 77.896611] R13: ffff8880208cc1e8 R14: ffffffff8352e670 R15: ffff888014bafe68 [ 77.897220] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.897833] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.898302] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 77.898857] PKRU: 55555554 [ 77.899064] Call Trace: [ 77.899323] [ 77.899534] __iommufd_access_detach+0x1c2/0x2b0 [ 77.899895] iommufd_access_change_pt+0x149/0x270 [ 77.900255] iommufd_access_replace+0xb4/0x120 [ 77.900657] iommufd_test+0x3e5/0x37e0 [ 77.900966] ? lock_release+0x532/0x770 [ 77.901266] ? __might_fault+0x102/0x1b0 [ 77.901588] ? lock_acquire+0x427/0x4c0 [ 77.901959] ? __pfx_iommufd_test+0x10/0x10 [ 77.902276] ? __pfx_lock_release+0x10/0x10 [ 77.902615] ? __pfx_lock_acquire+0x10/0x10 [ 77.903005] ? write_comp_data+0x2f/0x90 [ 77.903359] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.903719] ? write_comp_data+0x2f/0x90 [ 77.904049] iommufd_fops_ioctl+0x37d/0x510 [ 77.904369] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.904781] ? write_comp_data+0x2f/0x90 [ 77.905147] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.905500] __x64_sys_ioctl+0x1a3/0x230 [ 77.905816] do_syscall_64+0x3b/0x90 [ 77.906166] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.906574] RIP: 0033:0x7f4b8743ee5d [ 77.906849] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 77.908285] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 77.908927] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 77.909457] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 77.910020] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 77.910589] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 77.911102] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 77.911731] [ 77.911902] irq event stamp: 0 [ 77.912131] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.912650] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.913295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.913962] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.914466] ---[ end trace 0000000000000000 ]--- [ 77.917441] ------------[ cut here ]------------ [ 77.917911] WARNING: CPU: 1 PID: 650 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.918670] Modules linked in: [ 77.918923] CPU: 1 PID: 650 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.919624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.920497] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.920919] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.922369] RSP: 0018:ffff888014bafbd0 EFLAGS: 00010246 [ 77.922778] RAX: 0000000000000000 RBX: ffff8880208cc0a8 RCX: 0000000000000000 [ 77.923432] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 77.923963] RBP: ffff888014bafbe8 R08: ffffed1004119833 R09: ffffed1004119833 [ 77.924560] R10: ffff8880208cc193 R11: ffffed1004119832 R12: ffff8880189e3800 [ 77.925183] R13: ffff8880208cc1e8 R14: ffff88801218c400 R15: 0000000000000000 [ 77.925778] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.926451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.926936] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 77.927555] PKRU: 55555554 [ 77.927777] Call Trace: [ 77.927967] [ 77.928138] iommufd_access_destroy_object+0x65/0x170 [ 77.928567] iommufd_object_destroy_user+0x18e/0x220 [ 77.929040] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 77.929479] iommufd_access_destroy+0x43/0x70 [ 77.929884] iommufd_test_staccess_release+0x8d/0xd0 [ 77.930317] __fput+0x26d/0xa40 [ 77.930596] ____fput+0x1e/0x30 [ 77.930860] task_work_run+0x1a4/0x2d0 [ 77.931172] ? __pfx_task_work_run+0x10/0x10 [ 77.931605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.931993] ? switch_task_namespaces+0xa9/0xe0 [ 77.932355] do_exit+0xb17/0x2ef0 [ 77.932673] ? lock_acquire+0x427/0x4c0 [ 77.933053] ? __pfx_lock_release+0x10/0x10 [ 77.933383] ? __kasan_check_write+0x18/0x20 [ 77.933715] ? do_raw_spin_lock+0x132/0x2a0 [ 77.934082] ? __pfx_do_exit+0x10/0x10 [ 77.934454] ? debug_smp_processor_id+0x20/0x30 [ 77.934827] ? rcu_is_watching+0x19/0xb0 [ 77.935142] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.935500] ? trace_hardirqs_on+0x26/0x120 [ 77.935883] do_group_exit+0xe0/0x2b0 [ 77.936239] __x64_sys_exit_group+0x47/0x50 [ 77.936572] do_syscall_64+0x3b/0x90 [ 77.936884] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.937364] RIP: 0033:0x7f4b87518a4d [ 77.937646] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.938144] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.938823] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.939373] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.939983] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.940612] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.941205] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.941847] [ 77.942030] irq event stamp: 0 [ 77.942271] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.942911] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.943552] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.944252] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.944799] ---[ end trace 0000000000000000 ]--- [ 77.945487] ------------[ cut here ]------------ [ 77.945913] WARNING: CPU: 1 PID: 650 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 77.946789] Modules linked in: [ 77.947090] CPU: 1 PID: 650 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.948212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.949551] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 77.950259] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 77.952652] RSP: 0018:ffff888014bafb78 EFLAGS: 00010246 [ 77.953256] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.954139] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 77.954973] RBP: ffff888014bafb98 R08: ffffed100411983e R09: ffffed100411983e [ 77.955887] R10: ffff8880208cc1ef R11: ffffed100411983d R12: ffff8880208cc290 [ 77.956698] R13: ffff8880208cc0a8 R14: ffffffffffffffff R15: ffff888014bafc60 [ 77.957539] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.958550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.959214] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 77.960089] PKRU: 55555554 [ 77.960407] Call Trace: [ 77.960697] [ 77.960961] iommufd_ioas_destroy+0x53/0x70 [ 77.961460] iommufd_fops_release+0x1f7/0x370 [ 77.961973] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.962577] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.963150] ? write_comp_data+0x2f/0x90 [ 77.963625] ? __pfx_iommufd_fops_release+0x10/0x10 [ 77.964190] __fput+0x26d/0xa40 [ 77.964585] ____fput+0x1e/0x30 [ 77.964972] task_work_run+0x1a4/0x2d0 [ 77.965422] ? __pfx_task_work_run+0x10/0x10 [ 77.965924] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.966481] ? switch_task_namespaces+0xa9/0xe0 [ 77.967060] do_exit+0xb17/0x2ef0 [ 77.967468] ? lock_acquire+0x427/0x4c0 [ 77.967930] ? __pfx_lock_release+0x10/0x10 [ 77.968422] ? __kasan_check_write+0x18/0x20 [ 77.968928] ? do_raw_spin_lock+0x132/0x2a0 [ 77.969415] ? __pfx_do_exit+0x10/0x10 [ 77.969866] ? debug_smp_processor_id+0x20/0x30 [ 77.970391] ? rcu_is_watching+0x19/0xb0 [ 77.970889] ? _raw_spin_unlock_irq+0x2b/0x60 [ 77.971429] ? trace_hardirqs_on+0x26/0x120 [ 77.971788] do_group_exit+0xe0/0x2b0 [ 77.972098] __x64_sys_exit_group+0x47/0x50 [ 77.972427] do_syscall_64+0x3b/0x90 [ 77.972716] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.973125] RIP: 0033:0x7f4b87518a4d [ 77.973405] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 77.973864] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.974447] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 77.975016] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 77.975572] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 77.976113] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 77.976657] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 77.977210] [ 77.977389] irq event stamp: 0 [ 77.977627] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 77.978103] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 77.978756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 77.979401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 77.979864] ---[ end trace 0000000000000000 ]--- [ 77.984463] ------------[ cut here ]------------ [ 77.984876] WARNING: CPU: 1 PID: 651 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 77.985630] Modules linked in: [ 77.985874] CPU: 1 PID: 651 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 77.986572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 77.987420] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 77.987785] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 77.989131] RSP: 0018:ffff88801804fbb8 EFLAGS: 00010246 [ 77.989528] RAX: 0000000000000000 RBX: ffff8880137650a8 RCX: 0000000000000000 [ 77.990053] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 77.990614] RBP: ffff88801804fbd0 R08: ffffed10026eca33 R09: ffffed10026eca33 [ 77.991136] R10: ffff888013765193 R11: ffffed10026eca32 R12: ffff88800ae93400 [ 77.991662] R13: ffff8880137651e8 R14: ffffffff8352e670 R15: ffff88801804fe68 [ 77.992189] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 77.992792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.993219] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 77.993757] PKRU: 55555554 [ 77.993966] Call Trace: [ 77.994152] [ 77.994317] __iommufd_access_detach+0x1c2/0x2b0 [ 77.994700] iommufd_access_change_pt+0x149/0x270 [ 77.995064] iommufd_access_replace+0xb4/0x120 [ 77.995414] iommufd_test+0x3e5/0x37e0 [ 77.995712] ? lock_release+0x532/0x770 [ 77.996010] ? __might_fault+0x102/0x1b0 [ 77.996317] ? lock_acquire+0x427/0x4c0 [ 77.996621] ? __pfx_iommufd_test+0x10/0x10 [ 77.996966] ? __pfx_lock_release+0x10/0x10 [ 77.997297] ? __pfx_lock_acquire+0x10/0x10 [ 77.997623] ? write_comp_data+0x2f/0x90 [ 77.997941] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 77.998300] ? write_comp_data+0x2f/0x90 [ 77.998632] iommufd_fops_ioctl+0x37d/0x510 [ 77.998963] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 77.999336] ? write_comp_data+0x2f/0x90 [ 77.999644] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.000014] __x64_sys_ioctl+0x1a3/0x230 [ 78.000319] do_syscall_64+0x3b/0x90 [ 78.000609] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.001005] RIP: 0033:0x7f4b8743ee5d [ 78.001294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.002664] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.003250] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.003776] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.004312] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.004835] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.005371] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.005903] [ 78.006077] irq event stamp: 0 [ 78.006312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.006806] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.007432] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.008061] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.008529] ---[ end trace 0000000000000000 ]--- [ 78.011233] ------------[ cut here ]------------ [ 78.011618] WARNING: CPU: 1 PID: 651 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.012372] Modules linked in: [ 78.012613] CPU: 1 PID: 651 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.013277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.014114] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.014479] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.015860] RSP: 0018:ffff88801804fbd0 EFLAGS: 00010246 [ 78.016265] RAX: 0000000000000000 RBX: ffff8880137650a8 RCX: 0000000000000000 [ 78.016787] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 78.017321] RBP: ffff88801804fbe8 R08: ffffed10026eca33 R09: ffffed10026eca33 [ 78.017846] R10: ffff888013765193 R11: ffffed10026eca32 R12: ffff88800b9b4400 [ 78.018380] R13: ffff8880137651e8 R14: ffff88802085e900 R15: 0000000000000000 [ 78.018934] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.019548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.019975] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.020511] PKRU: 55555554 [ 78.020719] Call Trace: [ 78.020909] [ 78.021079] iommufd_access_destroy_object+0x65/0x170 [ 78.021464] iommufd_object_destroy_user+0x18e/0x220 [ 78.021856] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.022289] iommufd_access_destroy+0x43/0x70 [ 78.022656] iommufd_test_staccess_release+0x8d/0xd0 [ 78.023044] __fput+0x26d/0xa40 [ 78.023309] ____fput+0x1e/0x30 [ 78.023562] task_work_run+0x1a4/0x2d0 [ 78.023870] ? __pfx_task_work_run+0x10/0x10 [ 78.024205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.024572] ? switch_task_namespaces+0xa9/0xe0 [ 78.024940] do_exit+0xb17/0x2ef0 [ 78.025198] ? lock_acquire+0x427/0x4c0 [ 78.025501] ? __pfx_lock_release+0x10/0x10 [ 78.025837] ? __kasan_check_write+0x18/0x20 [ 78.026168] ? do_raw_spin_lock+0x132/0x2a0 [ 78.026489] ? __pfx_do_exit+0x10/0x10 [ 78.026805] ? debug_smp_processor_id+0x20/0x30 [ 78.027249] ? rcu_is_watching+0x19/0xb0 [ 78.027559] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.027907] ? trace_hardirqs_on+0x26/0x120 [ 78.028233] do_group_exit+0xe0/0x2b0 [ 78.028524] __x64_sys_exit_group+0x47/0x50 [ 78.028871] do_syscall_64+0x3b/0x90 [ 78.029158] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.029547] RIP: 0033:0x7f4b87518a4d [ 78.029833] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.030287] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.030872] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.031555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.032224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.032905] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.033613] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.034321] [ 78.034595] irq event stamp: 0 [ 78.034898] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.035519] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.036339] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.037150] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.037767] ---[ end trace 0000000000000000 ]--- [ 78.038795] ------------[ cut here ]------------ [ 78.039277] WARNING: CPU: 1 PID: 651 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.040275] Modules linked in: [ 78.040604] CPU: 1 PID: 651 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.041446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.042919] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.043463] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.045238] RSP: 0018:ffff88801804fb78 EFLAGS: 00010246 [ 78.045757] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.046459] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 78.047329] RBP: ffff88801804fb98 R08: ffffed10026eca3e R09: ffffed10026eca3e [ 78.048113] R10: ffff8880137651ef R11: ffffed10026eca3d R12: ffff888013765290 [ 78.048889] R13: ffff8880137650a8 R14: ffffffffffffffff R15: ffff88801804fc60 [ 78.049666] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.050592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.051253] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.052032] PKRU: 55555554 [ 78.052347] Call Trace: [ 78.052644] [ 78.052905] iommufd_ioas_destroy+0x53/0x70 [ 78.053398] iommufd_fops_release+0x1f7/0x370 [ 78.053909] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.054472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.055091] ? write_comp_data+0x2f/0x90 [ 78.055583] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.056148] __fput+0x26d/0xa40 [ 78.056545] ____fput+0x1e/0x30 [ 78.056932] task_work_run+0x1a4/0x2d0 [ 78.057382] ? __pfx_task_work_run+0x10/0x10 [ 78.057885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.058439] ? switch_task_namespaces+0xa9/0xe0 [ 78.059038] do_exit+0xb17/0x2ef0 [ 78.059472] ? lock_acquire+0x427/0x4c0 [ 78.059946] ? __pfx_lock_release+0x10/0x10 [ 78.060454] ? __kasan_check_write+0x18/0x20 [ 78.060973] ? do_raw_spin_lock+0x132/0x2a0 [ 78.061475] ? __pfx_do_exit+0x10/0x10 [ 78.061940] ? debug_smp_processor_id+0x20/0x30 [ 78.062483] ? rcu_is_watching+0x19/0xb0 [ 78.063013] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.063565] ? trace_hardirqs_on+0x26/0x120 [ 78.064073] do_group_exit+0xe0/0x2b0 [ 78.064522] __x64_sys_exit_group+0x47/0x50 [ 78.065022] do_syscall_64+0x3b/0x90 [ 78.065480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.066088] RIP: 0033:0x7f4b87518a4d [ 78.066576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.067292] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.068143] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.068948] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.069774] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.070619] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.071446] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.072264] [ 78.072541] irq event stamp: 0 [ 78.072902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.073622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.074643] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.075626] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.076356] ---[ end trace 0000000000000000 ]--- [ 78.083240] ------------[ cut here ]------------ [ 78.083717] WARNING: CPU: 1 PID: 652 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.084618] Modules linked in: [ 78.084910] CPU: 1 PID: 652 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.085696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.086758] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.087232] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.088884] RSP: 0018:ffff888023f1fbb8 EFLAGS: 00010246 [ 78.089366] RAX: 0000000000000000 RBX: ffff88801889c8a8 RCX: 0000000000000000 [ 78.090009] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 78.090685] RBP: ffff888023f1fbd0 R08: ffffed1003113933 R09: ffffed1003113933 [ 78.091350] R10: ffff88801889c993 R11: ffffed1003113932 R12: ffff888021bc3c00 [ 78.091995] R13: ffff88801889c9e8 R14: ffffffff8352e670 R15: ffff888023f1fe68 [ 78.092642] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.093363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.093890] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 78.094574] PKRU: 55555554 [ 78.094841] Call Trace: [ 78.095081] [ 78.095303] __iommufd_access_detach+0x1c2/0x2b0 [ 78.095774] iommufd_access_change_pt+0x149/0x270 [ 78.096224] iommufd_access_replace+0xb4/0x120 [ 78.096651] iommufd_test+0x3e5/0x37e0 [ 78.097014] ? lock_release+0x532/0x770 [ 78.097399] ? __might_fault+0x102/0x1b0 [ 78.097788] ? lock_acquire+0x427/0x4c0 [ 78.098176] ? __pfx_iommufd_test+0x10/0x10 [ 78.098626] ? __pfx_lock_release+0x10/0x10 [ 78.099048] ? __pfx_lock_acquire+0x10/0x10 [ 78.099478] ? write_comp_data+0x2f/0x90 [ 78.099871] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.100330] ? write_comp_data+0x2f/0x90 [ 78.100719] iommufd_fops_ioctl+0x37d/0x510 [ 78.101126] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.101578] ? write_comp_data+0x2f/0x90 [ 78.101977] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.102440] __x64_sys_ioctl+0x1a3/0x230 [ 78.102888] do_syscall_64+0x3b/0x90 [ 78.103273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.103778] RIP: 0033:0x7f4b8743ee5d [ 78.104134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.105854] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.106599] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.107292] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.107966] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.108648] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.109400] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.110088] [ 78.110315] irq event stamp: 0 [ 78.110643] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.111264] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.112066] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.112863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.113464] ---[ end trace 0000000000000000 ]--- [ 78.116435] ------------[ cut here ]------------ [ 78.116945] WARNING: CPU: 1 PID: 652 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.117898] Modules linked in: [ 78.118201] CPU: 1 PID: 652 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.119085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.120171] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.120646] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.122379] RSP: 0018:ffff888023f1fbd0 EFLAGS: 00010246 [ 78.122926] RAX: 0000000000000000 RBX: ffff88801889c8a8 RCX: 0000000000000000 [ 78.123635] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 78.124317] RBP: ffff888023f1fbe8 R08: ffffed1003113933 R09: ffffed1003113933 [ 78.124993] R10: ffff88801889c993 R11: ffffed1003113932 R12: ffff88800ae90000 [ 78.125672] R13: ffff88801889c9e8 R14: ffff8880181b1f00 R15: 0000000000000000 [ 78.126366] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.127218] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.127822] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.128530] PKRU: 55555554 [ 78.128807] Call Trace: [ 78.129061] [ 78.129291] iommufd_access_destroy_object+0x65/0x170 [ 78.129811] iommufd_object_destroy_user+0x18e/0x220 [ 78.130319] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.130931] iommufd_access_destroy+0x43/0x70 [ 78.131399] iommufd_test_staccess_release+0x8d/0xd0 [ 78.131915] __fput+0x26d/0xa40 [ 78.132260] ____fput+0x1e/0x30 [ 78.132595] task_work_run+0x1a4/0x2d0 [ 78.132989] ? __pfx_task_work_run+0x10/0x10 [ 78.133425] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.133914] ? switch_task_namespaces+0xa9/0xe0 [ 78.134386] do_exit+0xb17/0x2ef0 [ 78.134759] ? lock_acquire+0x427/0x4c0 [ 78.135178] ? __pfx_lock_release+0x10/0x10 [ 78.135619] ? __kasan_check_write+0x18/0x20 [ 78.136064] ? do_raw_spin_lock+0x132/0x2a0 [ 78.136496] ? __pfx_do_exit+0x10/0x10 [ 78.136901] ? debug_smp_processor_id+0x20/0x30 [ 78.137368] ? rcu_is_watching+0x19/0xb0 [ 78.137787] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.138244] ? trace_hardirqs_on+0x26/0x120 [ 78.138715] do_group_exit+0xe0/0x2b0 [ 78.139102] __x64_sys_exit_group+0x47/0x50 [ 78.139544] do_syscall_64+0x3b/0x90 [ 78.139926] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.140451] RIP: 0033:0x7f4b87518a4d [ 78.140824] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.141510] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.142265] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.142991] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.143708] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.144407] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.145124] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.145827] [ 78.146054] irq event stamp: 0 [ 78.146363] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.147012] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.147842] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.148664] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.149286] ---[ end trace 0000000000000000 ]--- [ 78.150112] ------------[ cut here ]------------ [ 78.150615] WARNING: CPU: 1 PID: 652 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.151635] Modules linked in: [ 78.151954] CPU: 1 PID: 652 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.152803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.153905] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.154417] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.156274] RSP: 0018:ffff888023f1fb78 EFLAGS: 00010246 [ 78.156810] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.157514] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 78.158216] RBP: ffff888023f1fb98 R08: ffffed100311393e R09: ffffed100311393e [ 78.159163] R10: ffff88801889c9ef R11: ffffed100311393d R12: ffff88801889ca90 [ 78.159871] R13: ffff88801889c8a8 R14: ffffffffffffffff R15: ffff888023f1fc60 [ 78.160575] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.161537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.162112] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.162837] PKRU: 55555554 [ 78.163124] Call Trace: [ 78.163382] [ 78.163607] iommufd_ioas_destroy+0x53/0x70 [ 78.164141] iommufd_fops_release+0x1f7/0x370 [ 78.164677] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.165200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.165712] ? write_comp_data+0x2f/0x90 [ 78.166136] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.166685] __fput+0x26d/0xa40 [ 78.167039] ____fput+0x1e/0x30 [ 78.167404] task_work_run+0x1a4/0x2d0 [ 78.167840] ? __pfx_task_work_run+0x10/0x10 [ 78.168408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.168918] ? switch_task_namespaces+0xa9/0xe0 [ 78.169409] do_exit+0xb17/0x2ef0 [ 78.169770] ? lock_acquire+0x427/0x4c0 [ 78.170193] ? __pfx_lock_release+0x10/0x10 [ 78.170677] ? __kasan_check_write+0x18/0x20 [ 78.171150] ? do_raw_spin_lock+0x132/0x2a0 [ 78.171598] ? __pfx_do_exit+0x10/0x10 [ 78.172109] ? debug_smp_processor_id+0x20/0x30 [ 78.172685] ? rcu_is_watching+0x19/0xb0 [ 78.173166] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.173637] ? trace_hardirqs_on+0x26/0x120 [ 78.174092] do_group_exit+0xe0/0x2b0 [ 78.174494] __x64_sys_exit_group+0x47/0x50 [ 78.175121] do_syscall_64+0x3b/0x90 [ 78.175522] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.176052] RIP: 0033:0x7f4b87518a4d [ 78.176426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.177044] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.177807] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.178733] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.179484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.180206] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.180935] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.181815] [ 78.182072] irq event stamp: 0 [ 78.182397] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.183080] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.183957] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.184801] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.185526] ---[ end trace 0000000000000000 ]--- [ 78.191659] ------------[ cut here ]------------ [ 78.192355] WARNING: CPU: 1 PID: 653 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.193451] Modules linked in: [ 78.193913] CPU: 1 PID: 653 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.195056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.196425] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.197069] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.199320] RSP: 0018:ffff888023c57bb8 EFLAGS: 00010246 [ 78.199913] RAX: 0000000000000000 RBX: ffff888023c3f8a8 RCX: 0000000000000000 [ 78.200722] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 78.201671] RBP: ffff888023c57bd0 R08: ffffed1004787f33 R09: ffffed1004787f33 [ 78.202451] R10: ffff888023c3f993 R11: ffffed1004787f32 R12: ffff888021bbb800 [ 78.203444] R13: ffff888023c3f9e8 R14: ffffffff8352e670 R15: ffff888023c57e68 [ 78.204230] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.205285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.206014] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 78.206839] PKRU: 55555554 [ 78.207183] Call Trace: [ 78.207534] [ 78.207863] __iommufd_access_detach+0x1c2/0x2b0 [ 78.208481] iommufd_access_change_pt+0x149/0x270 [ 78.209017] iommufd_access_replace+0xb4/0x120 [ 78.209525] iommufd_test+0x3e5/0x37e0 [ 78.210014] ? lock_release+0x532/0x770 [ 78.210705] ? __might_fault+0x102/0x1b0 [ 78.211187] ? lock_acquire+0x427/0x4c0 [ 78.211649] ? __pfx_iommufd_test+0x10/0x10 [ 78.212142] ? __pfx_lock_release+0x10/0x10 [ 78.212633] ? __pfx_lock_acquire+0x10/0x10 [ 78.213123] ? write_comp_data+0x2f/0x90 [ 78.213584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.214203] ? write_comp_data+0x2f/0x90 [ 78.214874] iommufd_fops_ioctl+0x37d/0x510 [ 78.215378] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.215925] ? write_comp_data+0x2f/0x90 [ 78.216381] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.216914] __x64_sys_ioctl+0x1a3/0x230 [ 78.217430] do_syscall_64+0x3b/0x90 [ 78.218021] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.218626] RIP: 0033:0x7f4b8743ee5d [ 78.219026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.221101] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.222052] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.222850] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.223628] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.224482] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.225403] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.226208] [ 78.226477] irq event stamp: 0 [ 78.226882] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.227608] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.228729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.229673] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.230380] ---[ end trace 0000000000000000 ]--- [ 78.235626] ------------[ cut here ]------------ [ 78.236367] WARNING: CPU: 1 PID: 653 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.237523] Modules linked in: [ 78.237870] CPU: 1 PID: 653 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.238886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.240331] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.240877] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.243169] RSP: 0018:ffff888023c57bd0 EFLAGS: 00010246 [ 78.243763] RAX: 0000000000000000 RBX: ffff888023c3f8a8 RCX: 0000000000000000 [ 78.244529] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 78.245313] RBP: ffff888023c57be8 R08: ffffed1004787f33 R09: ffffed1004787f33 [ 78.246083] R10: ffff888023c3f993 R11: ffffed1004787f32 R12: ffff8880139dc000 [ 78.247127] R13: ffff888023c3f9e8 R14: ffff888018b9db00 R15: 0000000000000000 [ 78.247906] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.248773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.249387] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 78.250152] PKRU: 55555554 [ 78.250556] Call Trace: [ 78.250943] [ 78.251200] iommufd_access_destroy_object+0x65/0x170 [ 78.251767] iommufd_object_destroy_user+0x18e/0x220 [ 78.252321] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.252955] iommufd_access_destroy+0x43/0x70 [ 78.253445] iommufd_test_staccess_release+0x8d/0xd0 [ 78.254005] __fput+0x26d/0xa40 [ 78.254385] ____fput+0x1e/0x30 [ 78.254934] task_work_run+0x1a4/0x2d0 [ 78.255490] ? __pfx_task_work_run+0x10/0x10 [ 78.255972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.256519] ? switch_task_namespaces+0xa9/0xe0 [ 78.257045] do_exit+0xb17/0x2ef0 [ 78.257428] ? lock_acquire+0x427/0x4c0 [ 78.257878] ? __pfx_lock_release+0x10/0x10 [ 78.258369] ? __kasan_check_write+0x18/0x20 [ 78.259051] ? do_raw_spin_lock+0x132/0x2a0 [ 78.259641] ? __pfx_do_exit+0x10/0x10 [ 78.260072] ? debug_smp_processor_id+0x20/0x30 [ 78.260573] ? rcu_is_watching+0x19/0xb0 [ 78.261013] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.261516] ? trace_hardirqs_on+0x26/0x120 [ 78.262004] do_group_exit+0xe0/0x2b0 [ 78.262430] __x64_sys_exit_group+0x47/0x50 [ 78.262951] do_syscall_64+0x3b/0x90 [ 78.263398] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.263987] RIP: 0033:0x7f4b87518a4d [ 78.264538] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.265302] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.266144] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.266975] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.267790] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.268712] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.269638] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.270438] [ 78.270737] irq event stamp: 0 [ 78.271095] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.271814] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.272956] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.273882] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.274638] ---[ end trace 0000000000000000 ]--- [ 78.275614] ------------[ cut here ]------------ [ 78.276146] WARNING: CPU: 1 PID: 653 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.277448] Modules linked in: [ 78.277808] CPU: 1 PID: 653 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.278855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.280123] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.280705] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.282938] RSP: 0018:ffff888023c57b78 EFLAGS: 00010246 [ 78.283546] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.284336] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 78.285298] RBP: ffff888023c57b98 R08: ffffed1004787f3e R09: ffffed1004787f3e [ 78.286097] R10: ffff888023c3f9ef R11: ffffed1004787f3d R12: ffff888023c3fa90 [ 78.286918] R13: ffff888023c3f8a8 R14: ffffffffffffffff R15: ffff888023c57c60 [ 78.287738] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.288694] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.289461] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 78.290255] PKRU: 55555554 [ 78.290615] Call Trace: [ 78.290906] [ 78.291174] iommufd_ioas_destroy+0x53/0x70 [ 78.291661] iommufd_fops_release+0x1f7/0x370 [ 78.292185] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.292878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.293421] ? write_comp_data+0x2f/0x90 [ 78.293883] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.294434] __fput+0x26d/0xa40 [ 78.294849] ____fput+0x1e/0x30 [ 78.295234] task_work_run+0x1a4/0x2d0 [ 78.295672] ? __pfx_task_work_run+0x10/0x10 [ 78.296269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.296886] ? switch_task_namespaces+0xa9/0xe0 [ 78.297412] do_exit+0xb17/0x2ef0 [ 78.297796] ? lock_acquire+0x427/0x4c0 [ 78.298249] ? __pfx_lock_release+0x10/0x10 [ 78.298765] ? __kasan_check_write+0x18/0x20 [ 78.299266] ? do_raw_spin_lock+0x132/0x2a0 [ 78.299749] ? __pfx_do_exit+0x10/0x10 [ 78.300313] ? debug_smp_processor_id+0x20/0x30 [ 78.300859] ? rcu_is_watching+0x19/0xb0 [ 78.301373] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.301882] ? trace_hardirqs_on+0x26/0x120 [ 78.302367] do_group_exit+0xe0/0x2b0 [ 78.302829] __x64_sys_exit_group+0x47/0x50 [ 78.303340] do_syscall_64+0x3b/0x90 [ 78.303768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.304518] RIP: 0033:0x7f4b87518a4d [ 78.304930] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.305603] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.306437] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.307416] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.308207] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.308996] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.309767] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.310689] [ 78.311017] irq event stamp: 0 [ 78.311366] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.312034] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.312920] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.313802] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.314693] ---[ end trace 0000000000000000 ]--- [ 78.320266] ------------[ cut here ]------------ [ 78.320803] WARNING: CPU: 1 PID: 654 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.321832] Modules linked in: [ 78.322251] CPU: 1 PID: 654 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.323274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.324436] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.325026] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.327127] RSP: 0018:ffff888015a7fbb8 EFLAGS: 00010246 [ 78.327671] RAX: 0000000000000000 RBX: ffff8880147010a8 RCX: 0000000000000000 [ 78.328384] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 78.329243] RBP: ffff888015a7fbd0 R08: ffffed10028e0233 R09: ffffed10028e0233 [ 78.329954] R10: ffff888014701193 R11: ffffed10028e0232 R12: ffff88800a724400 [ 78.330844] R13: ffff8880147011e8 R14: ffffffff8352e670 R15: ffff888015a7fe68 [ 78.331596] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.332453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.333228] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 78.333946] PKRU: 55555554 [ 78.334307] Call Trace: [ 78.334647] [ 78.334881] __iommufd_access_detach+0x1c2/0x2b0 [ 78.335391] iommufd_access_change_pt+0x149/0x270 [ 78.335895] iommufd_access_replace+0xb4/0x120 [ 78.336457] iommufd_test+0x3e5/0x37e0 [ 78.336922] ? lock_release+0x532/0x770 [ 78.337344] ? __might_fault+0x102/0x1b0 [ 78.337774] ? lock_acquire+0x427/0x4c0 [ 78.338350] ? __pfx_iommufd_test+0x10/0x10 [ 78.338846] ? __pfx_lock_release+0x10/0x10 [ 78.339315] ? __pfx_lock_acquire+0x10/0x10 [ 78.339770] ? write_comp_data+0x2f/0x90 [ 78.340192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.340817] ? write_comp_data+0x2f/0x90 [ 78.341238] iommufd_fops_ioctl+0x37d/0x510 [ 78.341685] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.342302] ? write_comp_data+0x2f/0x90 [ 78.342760] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.343275] __x64_sys_ioctl+0x1a3/0x230 [ 78.343706] do_syscall_64+0x3b/0x90 [ 78.344120] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.344718] RIP: 0033:0x7f4b8743ee5d [ 78.345091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.347166] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.347953] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.348675] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.349404] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.350129] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.350888] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.351643] [ 78.351882] irq event stamp: 0 [ 78.352202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.352851] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.353697] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.354568] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.355202] ---[ end trace 0000000000000000 ]--- [ 78.358140] ------------[ cut here ]------------ [ 78.358685] WARNING: CPU: 1 PID: 654 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.359678] Modules linked in: [ 78.359995] CPU: 1 PID: 654 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.360832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.361919] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.362398] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.364167] RSP: 0018:ffff888015a7fbd0 EFLAGS: 00010246 [ 78.364671] RAX: 0000000000000000 RBX: ffff8880147010a8 RCX: 0000000000000000 [ 78.365408] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 78.366072] RBP: ffff888015a7fbe8 R08: ffffed10028e0233 R09: ffffed10028e0233 [ 78.366751] R10: ffff888014701193 R11: ffffed10028e0232 R12: ffff888021bba800 [ 78.367438] R13: ffff8880147011e8 R14: ffff888020999c00 R15: 0000000000000000 [ 78.368110] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.368864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.369408] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.370078] PKRU: 55555554 [ 78.370345] Call Trace: [ 78.370610] [ 78.370827] iommufd_access_destroy_object+0x65/0x170 [ 78.371465] iommufd_object_destroy_user+0x18e/0x220 [ 78.372097] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.372806] iommufd_access_destroy+0x43/0x70 [ 78.373357] iommufd_test_staccess_release+0x8d/0xd0 [ 78.373975] __fput+0x26d/0xa40 [ 78.374395] ____fput+0x1e/0x30 [ 78.374872] task_work_run+0x1a4/0x2d0 [ 78.375426] ? __pfx_task_work_run+0x10/0x10 [ 78.375967] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.376559] ? switch_task_namespaces+0xa9/0xe0 [ 78.377134] do_exit+0xb17/0x2ef0 [ 78.377545] ? lock_acquire+0x427/0x4c0 [ 78.378027] ? __pfx_lock_release+0x10/0x10 [ 78.378595] ? __kasan_check_write+0x18/0x20 [ 78.379144] ? do_raw_spin_lock+0x132/0x2a0 [ 78.379660] ? __pfx_do_exit+0x10/0x10 [ 78.380132] ? debug_smp_processor_id+0x20/0x30 [ 78.380684] ? rcu_is_watching+0x19/0xb0 [ 78.381165] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.381706] ? trace_hardirqs_on+0x26/0x120 [ 78.382223] do_group_exit+0xe0/0x2b0 [ 78.382715] __x64_sys_exit_group+0x47/0x50 [ 78.383242] do_syscall_64+0x3b/0x90 [ 78.383698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.384316] RIP: 0033:0x7f4b87518a4d [ 78.384756] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.385469] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.386323] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.387158] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.387963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.388762] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.389555] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.390363] [ 78.390661] irq event stamp: 0 [ 78.391019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.391769] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.392691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.393611] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.394308] ---[ end trace 0000000000000000 ]--- [ 78.395499] ------------[ cut here ]------------ [ 78.396030] WARNING: CPU: 1 PID: 654 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.397139] Modules linked in: [ 78.397499] CPU: 1 PID: 654 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.398449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.399733] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.400305] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.402290] RSP: 0018:ffff888015a7fb78 EFLAGS: 00010246 [ 78.402906] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.403706] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 78.404494] RBP: ffff888015a7fb98 R08: ffffed10028e023e R09: ffffed10028e023e [ 78.405279] R10: ffff8880147011ef R11: ffffed10028e023d R12: ffff888014701290 [ 78.406063] R13: ffff8880147010a8 R14: ffffffffffffffff R15: ffff888015a7fc60 [ 78.406874] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.407760] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.408394] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.409170] PKRU: 55555554 [ 78.409482] Call Trace: [ 78.409768] [ 78.410024] iommufd_ioas_destroy+0x53/0x70 [ 78.410540] iommufd_fops_release+0x1f7/0x370 [ 78.411050] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.411620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.412165] ? write_comp_data+0x2f/0x90 [ 78.412626] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.413178] __fput+0x26d/0xa40 [ 78.413565] ____fput+0x1e/0x30 [ 78.413945] task_work_run+0x1a4/0x2d0 [ 78.414388] ? __pfx_task_work_run+0x10/0x10 [ 78.414912] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.415473] ? switch_task_namespaces+0xa9/0xe0 [ 78.416009] do_exit+0xb17/0x2ef0 [ 78.416395] ? lock_acquire+0x427/0x4c0 [ 78.416847] ? __pfx_lock_release+0x10/0x10 [ 78.417438] ? __kasan_check_write+0x18/0x20 [ 78.418161] ? do_raw_spin_lock+0x132/0x2a0 [ 78.418693] ? __pfx_do_exit+0x10/0x10 [ 78.419160] ? debug_smp_processor_id+0x20/0x30 [ 78.419683] ? rcu_is_watching+0x19/0xb0 [ 78.420138] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.420671] ? trace_hardirqs_on+0x26/0x120 [ 78.421227] do_group_exit+0xe0/0x2b0 [ 78.421654] __x64_sys_exit_group+0x47/0x50 [ 78.422131] do_syscall_64+0x3b/0x90 [ 78.422600] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.423197] RIP: 0033:0x7f4b87518a4d [ 78.423611] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.424383] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.425210] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.425984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.426883] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.427672] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.428446] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.429333] [ 78.429595] irq event stamp: 0 [ 78.429943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.430659] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.431581] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.432556] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.433246] ---[ end trace 0000000000000000 ]--- [ 78.439510] ------------[ cut here ]------------ [ 78.440056] WARNING: CPU: 1 PID: 655 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.441261] Modules linked in: [ 78.441623] CPU: 1 PID: 655 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.442582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.443829] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.444371] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.446368] RSP: 0018:ffff888023c57bb8 EFLAGS: 00010246 [ 78.447048] RAX: 0000000000000000 RBX: ffff88800cb970a8 RCX: 0000000000000000 [ 78.447839] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 78.448616] RBP: ffff888023c57bd0 R08: ffffed1001972e33 R09: ffffed1001972e33 [ 78.449485] R10: ffff88800cb97193 R11: ffffed1001972e32 R12: ffff888021ba9400 [ 78.450259] R13: ffff88800cb971e8 R14: ffffffff8352e670 R15: ffff888023c57e68 [ 78.451072] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.452063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.452697] CR2: 00007f4b877410e8 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 78.453475] PKRU: 55555554 [ 78.453804] Call Trace: [ 78.454148] [ 78.454404] __iommufd_access_detach+0x1c2/0x2b0 [ 78.454985] iommufd_access_change_pt+0x149/0x270 [ 78.455551] iommufd_access_replace+0xb4/0x120 [ 78.456074] iommufd_test+0x3e5/0x37e0 [ 78.456506] ? lock_release+0x532/0x770 [ 78.456959] ? __might_fault+0x102/0x1b0 [ 78.457419] ? lock_acquire+0x427/0x4c0 [ 78.457872] ? __pfx_iommufd_test+0x10/0x10 [ 78.458345] ? __pfx_lock_release+0x10/0x10 [ 78.458873] ? __pfx_lock_acquire+0x10/0x10 [ 78.459380] ? write_comp_data+0x2f/0x90 [ 78.459847] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.460389] ? write_comp_data+0x2f/0x90 [ 78.460857] iommufd_fops_ioctl+0x37d/0x510 [ 78.461337] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.461885] ? write_comp_data+0x2f/0x90 [ 78.462344] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.462910] __x64_sys_ioctl+0x1a3/0x230 [ 78.463386] do_syscall_64+0x3b/0x90 [ 78.463811] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.464385] RIP: 0033:0x7f4b8743ee5d [ 78.464796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.466780] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.467613] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.468382] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.469151] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.469907] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.470679] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.471453] [ 78.471710] irq event stamp: 0 [ 78.472056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.472734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.473631] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.474556] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.475247] ---[ end trace 0000000000000000 ]--- [ 78.479647] ------------[ cut here ]------------ [ 78.480182] WARNING: CPU: 1 PID: 655 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.481261] Modules linked in: [ 78.481613] CPU: 1 PID: 655 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.482576] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.483797] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.484340] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.486281] RSP: 0018:ffff888023c57bd0 EFLAGS: 00010246 [ 78.486886] RAX: 0000000000000000 RBX: ffff88800cb970a8 RCX: 0000000000000000 [ 78.487664] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 78.488432] RBP: ffff888023c57be8 R08: ffffed1001972e33 R09: ffffed1001972e33 [ 78.489197] R10: ffff88800cb97193 R11: ffffed1001972e32 R12: ffff88800a727000 [ 78.489961] R13: ffff88800cb971e8 R14: ffff88800fa33500 R15: 0000000000000000 [ 78.490731] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.491577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.492186] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.492931] PKRU: 55555554 [ 78.493231] Call Trace: [ 78.493505] [ 78.493751] iommufd_access_destroy_object+0x65/0x170 [ 78.494301] iommufd_object_destroy_user+0x18e/0x220 [ 78.494889] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.495524] iommufd_access_destroy+0x43/0x70 [ 78.496015] iommufd_test_staccess_release+0x8d/0xd0 [ 78.496564] __fput+0x26d/0xa40 [ 78.496936] ____fput+0x1e/0x30 [ 78.497302] task_work_run+0x1a4/0x2d0 [ 78.497729] ? __pfx_task_work_run+0x10/0x10 [ 78.498206] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.498762] ? switch_task_namespaces+0xa9/0xe0 [ 78.499286] do_exit+0xb17/0x2ef0 [ 78.499660] ? lock_acquire+0x427/0x4c0 [ 78.500096] ? __pfx_lock_release+0x10/0x10 [ 78.500562] ? __kasan_check_write+0x18/0x20 [ 78.501034] ? do_raw_spin_lock+0x132/0x2a0 [ 78.501492] ? __pfx_do_exit+0x10/0x10 [ 78.501915] ? debug_smp_processor_id+0x20/0x30 [ 78.502408] ? rcu_is_watching+0x19/0xb0 [ 78.502868] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.503372] ? trace_hardirqs_on+0x26/0x120 [ 78.503839] do_group_exit+0xe0/0x2b0 [ 78.504246] __x64_sys_exit_group+0x47/0x50 [ 78.504699] do_syscall_64+0x3b/0x90 [ 78.505107] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.505659] RIP: 0033:0x7f4b87518a4d [ 78.506051] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.506719] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.507518] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.508254] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.508994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.509728] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.510463] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.511249] [ 78.511502] irq event stamp: 0 [ 78.511839] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.512495] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.513362] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.514224] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.514907] ---[ end trace 0000000000000000 ]--- [ 78.515982] ------------[ cut here ]------------ [ 78.516471] WARNING: CPU: 1 PID: 655 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.517514] Modules linked in: [ 78.517852] CPU: 1 PID: 655 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.518777] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.519945] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.520482] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.522362] RSP: 0018:ffff888023c57b78 EFLAGS: 00010246 [ 78.522959] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.523798] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 78.524556] RBP: ffff888023c57b98 R08: ffffed1001972e3e R09: ffffed1001972e3e [ 78.525301] R10: ffff88800cb971ef R11: ffffed1001972e3d R12: ffff88800cb97290 [ 78.526043] R13: ffff88800cb970a8 R14: ffffffffffffffff R15: ffff888023c57c60 [ 78.526828] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.527681] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.528293] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.529085] PKRU: 55555554 [ 78.529301] Call Trace: [ 78.529485] [ 78.529648] iommufd_ioas_destroy+0x53/0x70 [ 78.529974] iommufd_fops_release+0x1f7/0x370 [ 78.530300] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.530682] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.531042] ? write_comp_data+0x2f/0x90 [ 78.531342] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.531700] __fput+0x26d/0xa40 [ 78.531961] ____fput+0x1e/0x30 [ 78.532208] task_work_run+0x1a4/0x2d0 [ 78.532495] ? __pfx_task_work_run+0x10/0x10 [ 78.532815] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.533185] ? switch_task_namespaces+0xa9/0xe0 [ 78.533528] do_exit+0xb17/0x2ef0 [ 78.533776] ? lock_acquire+0x427/0x4c0 [ 78.534081] ? __pfx_lock_release+0x10/0x10 [ 78.534395] ? __kasan_check_write+0x18/0x20 [ 78.534734] ? do_raw_spin_lock+0x132/0x2a0 [ 78.535046] ? __pfx_do_exit+0x10/0x10 [ 78.535356] ? debug_smp_processor_id+0x20/0x30 [ 78.535688] ? rcu_is_watching+0x19/0xb0 [ 78.535979] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.536311] ? trace_hardirqs_on+0x26/0x120 [ 78.536627] do_group_exit+0xe0/0x2b0 [ 78.536905] __x64_sys_exit_group+0x47/0x50 [ 78.537215] do_syscall_64+0x3b/0x90 [ 78.537506] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.537882] RIP: 0033:0x7f4b87518a4d [ 78.538144] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.538608] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.539149] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.539655] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.540151] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.540659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.541159] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.541692] [ 78.541861] irq event stamp: 0 [ 78.542081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.542537] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.543137] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.543734] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.544172] ---[ end trace 0000000000000000 ]--- [ 78.548651] ------------[ cut here ]------------ [ 78.549020] WARNING: CPU: 1 PID: 656 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.549758] Modules linked in: [ 78.549992] CPU: 1 PID: 656 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.550657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.551474] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.551830] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.553138] RSP: 0018:ffff888016e37bb8 EFLAGS: 00010246 [ 78.553528] RAX: 0000000000000000 RBX: ffff888010eee0a8 RCX: 0000000000000000 [ 78.554032] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 78.554580] RBP: ffff888016e37bd0 R08: ffffed10021ddc33 R09: ffffed10021ddc33 [ 78.555086] R10: ffff888010eee193 R11: ffffed10021ddc32 R12: ffff888021ba0400 [ 78.555604] R13: ffff888010eee1e8 R14: ffffffff8352e670 R15: ffff888016e37e68 [ 78.556117] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.556704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.557132] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ee0 [ 78.557660] PKRU: 55555554 [ 78.557879] Call Trace: [ 78.558066] [ 78.558234] __iommufd_access_detach+0x1c2/0x2b0 [ 78.558610] iommufd_access_change_pt+0x149/0x270 [ 78.558985] iommufd_access_replace+0xb4/0x120 [ 78.559341] iommufd_test+0x3e5/0x37e0 [ 78.559629] ? lock_release+0x532/0x770 [ 78.559941] ? __might_fault+0x102/0x1b0 [ 78.560246] ? lock_acquire+0x427/0x4c0 [ 78.560549] ? __pfx_iommufd_test+0x10/0x10 [ 78.560865] ? __pfx_lock_release+0x10/0x10 [ 78.561207] ? __pfx_lock_acquire+0x10/0x10 [ 78.561535] ? write_comp_data+0x2f/0x90 [ 78.561849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.562225] ? write_comp_data+0x2f/0x90 [ 78.562559] iommufd_fops_ioctl+0x37d/0x510 [ 78.562888] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.563277] ? write_comp_data+0x2f/0x90 [ 78.563588] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.563952] __x64_sys_ioctl+0x1a3/0x230 [ 78.564272] do_syscall_64+0x3b/0x90 [ 78.564555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.564943] RIP: 0033:0x7f4b8743ee5d [ 78.565219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.566588] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.567154] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.567686] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.568204] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.568737] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.569258] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.569801] [ 78.569978] irq event stamp: 0 [ 78.570209] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.570696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.571324] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.571945] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.572402] ---[ end trace 0000000000000000 ]--- [ 78.575136] ------------[ cut here ]------------ [ 78.575527] WARNING: CPU: 1 PID: 656 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.576286] Modules linked in: [ 78.576527] CPU: 1 PID: 656 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.577173] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.578014] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.578393] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.579780] RSP: 0018:ffff888016e37bd0 EFLAGS: 00010246 [ 78.580178] RAX: 0000000000000000 RBX: ffff888010eee0a8 RCX: 0000000000000000 [ 78.580725] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 78.581254] RBP: ffff888016e37be8 R08: ffffed10021ddc33 R09: ffffed10021ddc33 [ 78.581796] R10: ffff888010eee193 R11: ffffed10021ddc32 R12: ffff888021bab400 [ 78.582322] R13: ffff888010eee1e8 R14: ffff88801202d700 R15: 0000000000000000 [ 78.582883] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.583504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.583952] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.584488] PKRU: 55555554 [ 78.584709] Call Trace: [ 78.584916] [ 78.585093] iommufd_access_destroy_object+0x65/0x170 [ 78.585489] iommufd_object_destroy_user+0x18e/0x220 [ 78.585893] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.586342] iommufd_access_destroy+0x43/0x70 [ 78.586717] iommufd_test_staccess_release+0x8d/0xd0 [ 78.587132] __fput+0x26d/0xa40 [ 78.587401] ____fput+0x1e/0x30 [ 78.587665] task_work_run+0x1a4/0x2d0 [ 78.587985] ? __pfx_task_work_run+0x10/0x10 [ 78.588327] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.588706] ? switch_task_namespaces+0xa9/0xe0 [ 78.589086] do_exit+0xb17/0x2ef0 [ 78.589354] ? lock_acquire+0x427/0x4c0 [ 78.589669] ? __pfx_lock_release+0x10/0x10 [ 78.590006] ? __kasan_check_write+0x18/0x20 [ 78.590359] ? do_raw_spin_lock+0x132/0x2a0 [ 78.590714] ? __pfx_do_exit+0x10/0x10 [ 78.591024] ? debug_smp_processor_id+0x20/0x30 [ 78.591407] ? rcu_is_watching+0x19/0xb0 [ 78.591722] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.592075] ? trace_hardirqs_on+0x26/0x120 [ 78.592421] do_group_exit+0xe0/0x2b0 [ 78.592716] __x64_sys_exit_group+0x47/0x50 [ 78.593042] do_syscall_64+0x3b/0x90 [ 78.593334] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.593748] RIP: 0033:0x7f4b87518a4d [ 78.594031] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.594530] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.595119] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.595683] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.596237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.596801] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.597358] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.597935] [ 78.598121] irq event stamp: 0 [ 78.598372] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.598904] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.599580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.600241] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.600730] ---[ end trace 0000000000000000 ]--- [ 78.601429] ------------[ cut here ]------------ [ 78.601795] WARNING: CPU: 1 PID: 656 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.602624] Modules linked in: [ 78.602880] CPU: 1 PID: 656 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.603572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.604467] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.604876] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.606305] RSP: 0018:ffff888016e37b78 EFLAGS: 00010246 [ 78.606762] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.607325] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 78.607896] RBP: ffff888016e37b98 R08: ffffed10021ddc3e R09: ffffed10021ddc3e [ 78.608449] R10: ffff888010eee1ef R11: ffffed10021ddc3d R12: ffff888010eee290 [ 78.609012] R13: ffff888010eee0a8 R14: ffffffffffffffff R15: ffff888016e37c60 [ 78.609570] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.610202] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.610681] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.611245] PKRU: 55555554 [ 78.611466] Call Trace: [ 78.611666] [ 78.611857] iommufd_ioas_destroy+0x53/0x70 [ 78.612200] iommufd_fops_release+0x1f7/0x370 [ 78.612558] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.612963] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.613348] ? write_comp_data+0x2f/0x90 [ 78.613674] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.614079] __fput+0x26d/0xa40 [ 78.614349] ____fput+0x1e/0x30 [ 78.614660] task_work_run+0x1a4/0x2d0 [ 78.614981] ? __pfx_task_work_run+0x10/0x10 [ 78.615347] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.615734] ? switch_task_namespaces+0xa9/0xe0 [ 78.616120] do_exit+0xb17/0x2ef0 [ 78.616392] ? lock_acquire+0x427/0x4c0 [ 78.616715] ? __pfx_lock_release+0x10/0x10 [ 78.617062] ? __kasan_check_write+0x18/0x20 [ 78.617420] ? do_raw_spin_lock+0x132/0x2a0 [ 78.617759] ? __pfx_do_exit+0x10/0x10 [ 78.618073] ? debug_smp_processor_id+0x20/0x30 [ 78.618448] ? rcu_is_watching+0x19/0xb0 [ 78.618789] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.619156] ? trace_hardirqs_on+0x26/0x120 [ 78.619509] do_group_exit+0xe0/0x2b0 [ 78.619808] __x64_sys_exit_group+0x47/0x50 [ 78.620145] do_syscall_64+0x3b/0x90 [ 78.620456] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.620867] RIP: 0033:0x7f4b87518a4d [ 78.621154] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.621640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.622229] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.622816] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.623376] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.623941] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.624492] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.625063] [ 78.625245] irq event stamp: 0 [ 78.625489] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.625988] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.626654] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.627317] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.627801] ---[ end trace 0000000000000000 ]--- [ 78.631836] ------------[ cut here ]------------ [ 78.632235] WARNING: CPU: 1 PID: 657 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.633021] Modules linked in: [ 78.633270] CPU: 1 PID: 657 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.633945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.635034] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.635434] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.636884] RSP: 0018:ffff88801856fbb8 EFLAGS: 00010246 [ 78.637297] RAX: 0000000000000000 RBX: ffff8880208d78a8 RCX: 0000000000000000 [ 78.637856] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 78.638403] RBP: ffff88801856fbd0 R08: ffffed100411af33 R09: ffffed100411af33 [ 78.638988] R10: ffff8880208d7993 R11: ffffed100411af32 R12: ffff888017ba5400 [ 78.639546] R13: ffff8880208d79e8 R14: ffffffff8352e670 R15: ffff88801856fe68 [ 78.640103] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.640720] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.641177] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 78.641725] PKRU: 55555554 [ 78.641945] Call Trace: [ 78.642157] [ 78.642335] __iommufd_access_detach+0x1c2/0x2b0 [ 78.642744] iommufd_access_change_pt+0x149/0x270 [ 78.643153] iommufd_access_replace+0xb4/0x120 [ 78.643524] iommufd_test+0x3e5/0x37e0 [ 78.643832] ? lock_release+0x532/0x770 [ 78.644153] ? __might_fault+0x102/0x1b0 [ 78.644489] ? lock_acquire+0x427/0x4c0 [ 78.644820] ? __pfx_iommufd_test+0x10/0x10 [ 78.645153] ? __pfx_lock_release+0x10/0x10 [ 78.645511] ? __pfx_lock_acquire+0x10/0x10 [ 78.645856] ? write_comp_data+0x2f/0x90 [ 78.646179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.646595] ? write_comp_data+0x2f/0x90 [ 78.646925] iommufd_fops_ioctl+0x37d/0x510 [ 78.647275] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.647673] ? write_comp_data+0x2f/0x90 [ 78.647999] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.648378] __x64_sys_ioctl+0x1a3/0x230 [ 78.648716] do_syscall_64+0x3b/0x90 [ 78.649015] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.649423] RIP: 0033:0x7f4b8743ee5d [ 78.649724] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.651172] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.651772] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.652322] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.652884] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.653442] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.654000] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.654579] [ 78.654762] irq event stamp: 0 [ 78.655017] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.655516] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.656176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.656821] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.657316] ---[ end trace 0000000000000000 ]--- [ 78.660116] ------------[ cut here ]------------ [ 78.660529] WARNING: CPU: 1 PID: 657 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.661306] Modules linked in: [ 78.661566] CPU: 1 PID: 657 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.662232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.663138] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.663530] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.664952] RSP: 0018:ffff88801856fbd0 EFLAGS: 00010246 [ 78.665362] RAX: 0000000000000000 RBX: ffff8880208d78a8 RCX: 0000000000000000 [ 78.665923] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 78.666469] RBP: ffff88801856fbe8 R08: ffffed100411af33 R09: ffffed100411af33 [ 78.667046] R10: ffff8880208d7993 R11: ffffed100411af32 R12: ffff888021ba0000 [ 78.667606] R13: ffff8880208d79e8 R14: ffff888013a7da00 R15: 0000000000000000 [ 78.668169] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.668785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.669252] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.669803] PKRU: 55555554 [ 78.670023] Call Trace: [ 78.670234] [ 78.670409] iommufd_access_destroy_object+0x65/0x170 [ 78.670832] iommufd_object_destroy_user+0x18e/0x220 [ 78.671252] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.671714] iommufd_access_destroy+0x43/0x70 [ 78.672081] iommufd_test_staccess_release+0x8d/0xd0 [ 78.672894] __fput+0x26d/0xa40 [ 78.673194] ____fput+0x1e/0x30 [ 78.673487] task_work_run+0x1a4/0x2d0 [ 78.673799] ? __pfx_task_work_run+0x10/0x10 [ 78.674246] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.674729] ? switch_task_namespaces+0xa9/0xe0 [ 78.675106] do_exit+0xb17/0x2ef0 [ 78.675389] ? lock_acquire+0x427/0x4c0 [ 78.675719] ? __pfx_lock_release+0x10/0x10 [ 78.676123] ? __kasan_check_write+0x18/0x20 [ 78.676547] ? do_raw_spin_lock+0x132/0x2a0 [ 78.676896] ? __pfx_do_exit+0x10/0x10 [ 78.677207] ? debug_smp_processor_id+0x20/0x30 [ 78.677571] ? rcu_is_watching+0x19/0xb0 [ 78.677959] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.678382] ? trace_hardirqs_on+0x26/0x120 [ 78.678750] do_group_exit+0xe0/0x2b0 [ 78.679063] __x64_sys_exit_group+0x47/0x50 [ 78.679412] do_syscall_64+0x3b/0x90 [ 78.679751] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.680226] RIP: 0033:0x7f4b87518a4d [ 78.680518] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.681001] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.681584] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.682143] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.682821] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.683393] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.683942] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.684579] [ 78.684832] irq event stamp: 0 [ 78.685073] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.685580] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.686292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.687012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.687530] ---[ end trace 0000000000000000 ]--- [ 78.688228] ------------[ cut here ]------------ [ 78.688668] WARNING: CPU: 1 PID: 657 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.689476] Modules linked in: [ 78.689745] CPU: 1 PID: 657 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.690557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.691475] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.691902] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.693499] RSP: 0018:ffff88801856fb78 EFLAGS: 00010246 [ 78.693938] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.694661] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 78.695261] RBP: ffff88801856fb98 R08: ffffed100411af3e R09: ffffed100411af3e [ 78.695837] R10: ffff8880208d79ef R11: ffffed100411af3d R12: ffff8880208d7a90 [ 78.696526] R13: ffff8880208d78a8 R14: ffffffffffffffff R15: ffff88801856fc60 [ 78.697107] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.697770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.698315] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.698962] PKRU: 55555554 [ 78.699205] Call Trace: [ 78.699429] [ 78.699620] iommufd_ioas_destroy+0x53/0x70 [ 78.699980] iommufd_fops_release+0x1f7/0x370 [ 78.700388] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.700878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.701282] ? write_comp_data+0x2f/0x90 [ 78.701645] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.702090] __fput+0x26d/0xa40 [ 78.702401] ____fput+0x1e/0x30 [ 78.702763] task_work_run+0x1a4/0x2d0 [ 78.703092] ? __pfx_task_work_run+0x10/0x10 [ 78.703465] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.703880] ? switch_task_namespaces+0xa9/0xe0 [ 78.704272] do_exit+0xb17/0x2ef0 [ 78.704604] ? lock_acquire+0x427/0x4c0 [ 78.705000] ? __pfx_lock_release+0x10/0x10 [ 78.705363] ? __kasan_check_write+0x18/0x20 [ 78.705729] ? do_raw_spin_lock+0x132/0x2a0 [ 78.706121] ? __pfx_do_exit+0x10/0x10 [ 78.706541] ? debug_smp_processor_id+0x20/0x30 [ 78.706941] ? rcu_is_watching+0x19/0xb0 [ 78.707294] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.707675] ? trace_hardirqs_on+0x26/0x120 [ 78.708046] do_group_exit+0xe0/0x2b0 [ 78.708361] __x64_sys_exit_group+0x47/0x50 [ 78.708775] do_syscall_64+0x3b/0x90 [ 78.709178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.709608] RIP: 0033:0x7f4b87518a4d [ 78.709915] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.710488] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.711156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.711743] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.712348] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.713021] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.713604] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.714239] [ 78.714472] irq event stamp: 0 [ 78.714756] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.715281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.715975] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.716794] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.717306] ---[ end trace 0000000000000000 ]--- [ 78.721160] ------------[ cut here ]------------ [ 78.721580] WARNING: CPU: 1 PID: 658 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.722490] Modules linked in: [ 78.722868] CPU: 1 PID: 658 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.723594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.724518] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.724967] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.726545] RSP: 0018:ffff888023c57bb8 EFLAGS: 00010246 [ 78.727080] RAX: 0000000000000000 RBX: ffff8880182da8a8 RCX: 0000000000000000 [ 78.727682] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 78.728255] RBP: ffff888023c57bd0 R08: ffffed100305b533 R09: ffffed100305b533 [ 78.728938] R10: ffff8880182da993 R11: ffffed100305b532 R12: ffff888016631800 [ 78.729559] R13: ffff8880182da9e8 R14: ffffffff8352e670 R15: ffff888023c57e68 [ 78.730213] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.730943] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.731431] CR2: 00007f4b877410e8 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 78.732092] PKRU: 55555554 [ 78.732408] Call Trace: [ 78.732618] [ 78.732803] __iommufd_access_detach+0x1c2/0x2b0 [ 78.733220] iommufd_access_change_pt+0x149/0x270 [ 78.733703] iommufd_access_replace+0xb4/0x120 [ 78.734129] iommufd_test+0x3e5/0x37e0 [ 78.734448] ? lock_release+0x532/0x770 [ 78.734853] ? __might_fault+0x102/0x1b0 [ 78.735287] ? lock_acquire+0x427/0x4c0 [ 78.735624] ? __pfx_iommufd_test+0x10/0x10 [ 78.735976] ? __pfx_lock_release+0x10/0x10 [ 78.736347] ? __pfx_lock_acquire+0x10/0x10 [ 78.736783] ? write_comp_data+0x2f/0x90 [ 78.737172] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.737587] ? write_comp_data+0x2f/0x90 [ 78.738002] iommufd_fops_ioctl+0x37d/0x510 [ 78.738423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.738850] ? write_comp_data+0x2f/0x90 [ 78.739207] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.739654] __x64_sys_ioctl+0x1a3/0x230 [ 78.740088] do_syscall_64+0x3b/0x90 [ 78.740403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.740852] RIP: 0033:0x7f4b8743ee5d [ 78.741229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.742920] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.743547] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.744157] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.744842] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.745417] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.746131] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.746747] [ 78.746954] irq event stamp: 0 [ 78.747278] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.747852] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.748551] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.749362] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.749876] ---[ end trace 0000000000000000 ]--- [ 78.753212] ------------[ cut here ]------------ [ 78.753756] WARNING: CPU: 1 PID: 658 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.754621] Modules linked in: [ 78.754892] CPU: 1 PID: 658 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.755749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.756734] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.757205] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.758853] RSP: 0018:ffff888023c57bd0 EFLAGS: 00010246 [ 78.759311] RAX: 0000000000000000 RBX: ffff8880182da8a8 RCX: 0000000000000000 [ 78.759964] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 78.760589] RBP: ffff888023c57be8 R08: ffffed100305b533 R09: ffffed100305b533 [ 78.761254] R10: ffff8880182da993 R11: ffffed100305b532 R12: ffff888017ba7400 [ 78.761893] R13: ffff8880182da9e8 R14: ffff888020a70800 R15: 0000000000000000 [ 78.762490] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.763333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.763808] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 78.764448] PKRU: 55555554 [ 78.764741] Call Trace: [ 78.764959] [ 78.765145] iommufd_access_destroy_object+0x65/0x170 [ 78.765585] iommufd_object_destroy_user+0x18e/0x220 [ 78.766134] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.766652] iommufd_access_destroy+0x43/0x70 [ 78.767033] iommufd_test_staccess_release+0x8d/0xd0 [ 78.767519] __fput+0x26d/0xa40 [ 78.767891] ____fput+0x1e/0x30 [ 78.768177] task_work_run+0x1a4/0x2d0 [ 78.768507] ? __pfx_task_work_run+0x10/0x10 [ 78.768971] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.769438] ? switch_task_namespaces+0xa9/0xe0 [ 78.769845] do_exit+0xb17/0x2ef0 [ 78.770140] ? lock_acquire+0x427/0x4c0 [ 78.770581] ? __pfx_lock_release+0x10/0x10 [ 78.771028] ? __kasan_check_write+0x18/0x20 [ 78.771404] ? do_raw_spin_lock+0x132/0x2a0 [ 78.771759] ? __pfx_do_exit+0x10/0x10 [ 78.772120] ? debug_smp_processor_id+0x20/0x30 [ 78.772616] ? rcu_is_watching+0x19/0xb0 [ 78.772954] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.773346] ? trace_hardirqs_on+0x26/0x120 [ 78.773791] do_group_exit+0xe0/0x2b0 [ 78.774175] __x64_sys_exit_group+0x47/0x50 [ 78.774568] do_syscall_64+0x3b/0x90 [ 78.774889] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.775344] RIP: 0033:0x7f4b87518a4d [ 78.775648] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.776149] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.776780] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.777356] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.777937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.778553] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.779141] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.779742] [ 78.779935] irq event stamp: 0 [ 78.780193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.780712] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.781396] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.782084] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.782617] ---[ end trace 0000000000000000 ]--- [ 78.783360] ------------[ cut here ]------------ [ 78.783749] WARNING: CPU: 1 PID: 658 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.784581] Modules linked in: [ 78.784844] CPU: 1 PID: 658 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.785561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.786476] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.786937] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.788448] RSP: 0018:ffff888023c57b78 EFLAGS: 00010246 [ 78.788882] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.789464] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 78.790041] RBP: ffff888023c57b98 R08: ffffed100305b53e R09: ffffed100305b53e [ 78.790661] R10: ffff8880182da9ef R11: ffffed100305b53d R12: ffff8880182daa90 [ 78.791248] R13: ffff8880182da8a8 R14: ffffffffffffffff R15: ffff888023c57c60 [ 78.791841] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.792493] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.793042] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 78.793630] PKRU: 55555554 [ 78.793872] Call Trace: [ 78.794083] [ 78.794269] iommufd_ioas_destroy+0x53/0x70 [ 78.794656] iommufd_fops_release+0x1f7/0x370 [ 78.795044] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.795465] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.795873] ? write_comp_data+0x2f/0x90 [ 78.796225] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.796633] __fput+0x26d/0xa40 [ 78.796915] ____fput+0x1e/0x30 [ 78.797207] task_work_run+0x1a4/0x2d0 [ 78.797531] ? __pfx_task_work_run+0x10/0x10 [ 78.797895] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.798310] ? switch_task_namespaces+0xa9/0xe0 [ 78.798723] do_exit+0xb17/0x2ef0 [ 78.799007] ? lock_acquire+0x427/0x4c0 [ 78.799364] ? __pfx_lock_release+0x10/0x10 [ 78.799721] ? __kasan_check_write+0x18/0x20 [ 78.800087] ? do_raw_spin_lock+0x132/0x2a0 [ 78.800450] ? __pfx_do_exit+0x10/0x10 [ 78.800777] ? debug_smp_processor_id+0x20/0x30 [ 78.801158] ? rcu_is_watching+0x19/0xb0 [ 78.801499] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.801871] ? trace_hardirqs_on+0x26/0x120 [ 78.802226] do_group_exit+0xe0/0x2b0 [ 78.802566] __x64_sys_exit_group+0x47/0x50 [ 78.802919] do_syscall_64+0x3b/0x90 [ 78.803239] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.803678] RIP: 0033:0x7f4b87518a4d [ 78.803981] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.804480] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.805100] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.805672] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.806245] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.806839] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.807407] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.807989] [ 78.808174] irq event stamp: 0 [ 78.808423] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.808930] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.809589] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.810259] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.810769] ---[ end trace 0000000000000000 ]--- [ 78.814942] ------------[ cut here ]------------ [ 78.815359] WARNING: CPU: 1 PID: 659 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.816136] Modules linked in: [ 78.816384] CPU: 1 PID: 659 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.817060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.817932] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.818315] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.819943] RSP: 0018:ffff888016c8fbb8 EFLAGS: 00010246 [ 78.820357] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 78.820914] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 78.821457] RBP: ffff888016c8fbd0 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 78.822018] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff888021bc9000 [ 78.822585] R13: ffff88801781f9e8 R14: ffffffff8352e670 R15: ffff888016c8fe68 [ 78.823161] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.823782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.824239] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 78.824788] PKRU: 55555554 [ 78.825009] Call Trace: [ 78.825233] [ 78.825409] __iommufd_access_detach+0x1c2/0x2b0 [ 78.825792] iommufd_access_change_pt+0x149/0x270 [ 78.826190] iommufd_access_replace+0xb4/0x120 [ 78.826574] iommufd_test+0x3e5/0x37e0 [ 78.826878] ? lock_release+0x532/0x770 [ 78.827241] ? __might_fault+0x102/0x1b0 [ 78.827567] ? lock_acquire+0x427/0x4c0 [ 78.827887] ? __pfx_iommufd_test+0x10/0x10 [ 78.828219] ? __pfx_lock_release+0x10/0x10 [ 78.828571] ? __pfx_lock_acquire+0x10/0x10 [ 78.828915] ? write_comp_data+0x2f/0x90 [ 78.829243] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.829641] ? write_comp_data+0x2f/0x90 [ 78.829969] iommufd_fops_ioctl+0x37d/0x510 [ 78.830308] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.830723] ? write_comp_data+0x2f/0x90 [ 78.831051] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.831450] __x64_sys_ioctl+0x1a3/0x230 [ 78.831790] do_syscall_64+0x3b/0x90 [ 78.832092] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.832499] RIP: 0033:0x7f4b8743ee5d [ 78.832801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.834215] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.834840] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.835401] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.835967] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.836518] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.837078] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.837634] [ 78.837815] irq event stamp: 0 [ 78.838074] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.838593] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.839262] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.839908] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.840411] ---[ end trace 0000000000000000 ]--- [ 78.843213] ------------[ cut here ]------------ [ 78.843618] WARNING: CPU: 1 PID: 659 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.844391] Modules linked in: [ 78.844652] CPU: 1 PID: 659 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.845316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.846186] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.846590] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.848011] RSP: 0018:ffff888016c8fbd0 EFLAGS: 00010246 [ 78.848412] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 78.848957] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 78.849488] RBP: ffff888016c8fbe8 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 78.850032] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff888016631000 [ 78.850589] R13: ffff88801781f9e8 R14: ffff8880142c5900 R15: 0000000000000000 [ 78.851146] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.851748] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.852192] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.852726] PKRU: 55555554 [ 78.852939] Call Trace: [ 78.853148] [ 78.853321] iommufd_access_destroy_object+0x65/0x170 [ 78.853716] iommufd_object_destroy_user+0x18e/0x220 [ 78.854108] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.854582] iommufd_access_destroy+0x43/0x70 [ 78.854933] iommufd_test_staccess_release+0x8d/0xd0 [ 78.855344] __fput+0x26d/0xa40 [ 78.855609] ____fput+0x1e/0x30 [ 78.855868] task_work_run+0x1a4/0x2d0 [ 78.856172] ? __pfx_task_work_run+0x10/0x10 [ 78.856522] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.856896] ? switch_task_namespaces+0xa9/0xe0 [ 78.857259] do_exit+0xb17/0x2ef0 [ 78.857536] ? lock_acquire+0x427/0x4c0 [ 78.857846] ? __pfx_lock_release+0x10/0x10 [ 78.858182] ? __kasan_check_write+0x18/0x20 [ 78.858552] ? do_raw_spin_lock+0x132/0x2a0 [ 78.858885] ? __pfx_do_exit+0x10/0x10 [ 78.859214] ? debug_smp_processor_id+0x20/0x30 [ 78.859587] ? rcu_is_watching+0x19/0xb0 [ 78.859900] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.860247] ? trace_hardirqs_on+0x26/0x120 [ 78.860578] do_group_exit+0xe0/0x2b0 [ 78.860882] __x64_sys_exit_group+0x47/0x50 [ 78.861208] do_syscall_64+0x3b/0x90 [ 78.861499] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.861906] RIP: 0033:0x7f4b87518a4d [ 78.862188] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.862665] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.863246] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.863777] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.864312] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.864841] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.865378] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.865914] [ 78.866100] irq event stamp: 0 [ 78.866334] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.866816] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.867452] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.868069] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.868546] ---[ end trace 0000000000000000 ]--- [ 78.869235] ------------[ cut here ]------------ [ 78.869603] WARNING: CPU: 1 PID: 659 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.870361] Modules linked in: [ 78.870623] CPU: 1 PID: 659 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.871272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.872111] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.872504] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.873859] RSP: 0018:ffff888016c8fb78 EFLAGS: 00010246 [ 78.874253] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.874801] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 78.875339] RBP: ffff888016c8fb98 R08: ffffed1002f03f3e R09: ffffed1002f03f3e [ 78.875874] R10: ffff88801781f9ef R11: ffffed1002f03f3d R12: ffff88801781fa90 [ 78.876398] R13: ffff88801781f8a8 R14: ffffffffffffffff R15: ffff888016c8fc60 [ 78.876952] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.877545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.877991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.878540] PKRU: 55555554 [ 78.878757] Call Trace: [ 78.878959] [ 78.879138] iommufd_ioas_destroy+0x53/0x70 [ 78.879468] iommufd_fops_release+0x1f7/0x370 [ 78.879810] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.880201] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.880570] ? write_comp_data+0x2f/0x90 [ 78.880881] ? __pfx_iommufd_fops_release+0x10/0x10 [ 78.881268] __fput+0x26d/0xa40 [ 78.881529] ____fput+0x1e/0x30 [ 78.881785] task_work_run+0x1a4/0x2d0 [ 78.882083] ? __pfx_task_work_run+0x10/0x10 [ 78.882426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.882812] ? switch_task_namespaces+0xa9/0xe0 [ 78.883175] do_exit+0xb17/0x2ef0 [ 78.883446] ? lock_acquire+0x427/0x4c0 [ 78.883756] ? __pfx_lock_release+0x10/0x10 [ 78.884087] ? __kasan_check_write+0x18/0x20 [ 78.884432] ? do_raw_spin_lock+0x132/0x2a0 [ 78.884755] ? __pfx_do_exit+0x10/0x10 [ 78.885056] ? debug_smp_processor_id+0x20/0x30 [ 78.885416] ? rcu_is_watching+0x19/0xb0 [ 78.885721] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.886062] ? trace_hardirqs_on+0x26/0x120 [ 78.886390] do_group_exit+0xe0/0x2b0 [ 78.886705] __x64_sys_exit_group+0x47/0x50 [ 78.887029] do_syscall_64+0x3b/0x90 [ 78.887323] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.887726] RIP: 0033:0x7f4b87518a4d [ 78.888003] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.888459] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.889033] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.889562] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.890101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.890646] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.891307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.892017] [ 78.892248] irq event stamp: 0 [ 78.892550] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.893153] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.893845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.894572] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.895197] ---[ end trace 0000000000000000 ]--- [ 78.901134] ------------[ cut here ]------------ [ 78.901641] WARNING: CPU: 1 PID: 660 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.902702] Modules linked in: [ 78.903024] CPU: 1 PID: 660 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.903894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.905082] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.905643] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.907677] RSP: 0018:ffff8880186a7bb8 EFLAGS: 00010246 [ 78.908271] RAX: 0000000000000000 RBX: ffff8880187950a8 RCX: 0000000000000000 [ 78.909050] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 78.909827] RBP: ffff8880186a7bd0 R08: ffffed10030f2a33 R09: ffffed10030f2a33 [ 78.910645] R10: ffff888018795193 R11: ffffed10030f2a32 R12: ffff888012ea8c00 [ 78.911434] R13: ffff8880187951e8 R14: ffffffff8352e670 R15: ffff8880186a7e68 [ 78.912215] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.913088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.913727] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 78.914537] PKRU: 55555554 [ 78.914858] Call Trace: [ 78.915163] [ 78.915420] __iommufd_access_detach+0x1c2/0x2b0 [ 78.915967] iommufd_access_change_pt+0x149/0x270 [ 78.916517] iommufd_access_replace+0xb4/0x120 [ 78.917038] iommufd_test+0x3e5/0x37e0 [ 78.917472] ? lock_release+0x532/0x770 [ 78.917930] ? __might_fault+0x102/0x1b0 [ 78.918391] ? lock_acquire+0x427/0x4c0 [ 78.918881] ? __pfx_iommufd_test+0x10/0x10 [ 78.919378] ? __pfx_lock_release+0x10/0x10 [ 78.919871] ? __pfx_lock_acquire+0x10/0x10 [ 78.920366] ? write_comp_data+0x2f/0x90 [ 78.920846] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.921400] ? write_comp_data+0x2f/0x90 [ 78.921875] iommufd_fops_ioctl+0x37d/0x510 [ 78.922370] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.922973] ? write_comp_data+0x2f/0x90 [ 78.923465] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 78.924013] __x64_sys_ioctl+0x1a3/0x230 [ 78.924485] do_syscall_64+0x3b/0x90 [ 78.924919] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.925511] RIP: 0033:0x7f4b8743ee5d [ 78.925933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 78.927972] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 78.928816] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 78.929600] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 78.930380] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 78.931216] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 78.932005] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 78.933164] [ 78.933433] irq event stamp: 0 [ 78.933791] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.934506] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.935567] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.936530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.937384] ---[ end trace 0000000000000000 ]--- [ 78.941840] ------------[ cut here ]------------ [ 78.942412] WARNING: CPU: 1 PID: 660 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 78.943596] Modules linked in: [ 78.944090] CPU: 1 PID: 660 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.945063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.946396] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 78.947058] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 78.949235] RSP: 0018:ffff8880186a7bd0 EFLAGS: 00010246 [ 78.949836] RAX: 0000000000000000 RBX: ffff8880187950a8 RCX: 0000000000000000 [ 78.950673] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 78.951553] RBP: ffff8880186a7be8 R08: ffffed10030f2a33 R09: ffffed10030f2a33 [ 78.952454] R10: ffff888018795193 R11: ffffed10030f2a32 R12: ffff88800fd3f000 [ 78.953273] R13: ffff8880187951e8 R14: ffff888012132400 R15: 0000000000000000 [ 78.954216] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 78.955210] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.955884] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 78.956856] PKRU: 55555554 [ 78.957195] Call Trace: [ 78.957504] [ 78.957779] iommufd_access_destroy_object+0x65/0x170 [ 78.958405] iommufd_object_destroy_user+0x18e/0x220 [ 78.959249] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 78.959977] iommufd_access_destroy+0x43/0x70 [ 78.960554] iommufd_test_staccess_release+0x8d/0xd0 [ 78.961355] __fput+0x26d/0xa40 [ 78.961796] ____fput+0x1e/0x30 [ 78.962216] task_work_run+0x1a4/0x2d0 [ 78.962903] ? __pfx_task_work_run+0x10/0x10 [ 78.963486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 78.964094] ? switch_task_namespaces+0xa9/0xe0 [ 78.964834] do_exit+0xb17/0x2ef0 [ 78.965273] ? lock_acquire+0x427/0x4c0 [ 78.965774] ? __pfx_lock_release+0x10/0x10 [ 78.966463] ? __kasan_check_write+0x18/0x20 [ 78.967078] ? do_raw_spin_lock+0x132/0x2a0 [ 78.967650] ? __pfx_do_exit+0x10/0x10 [ 78.968234] ? debug_smp_processor_id+0x20/0x30 [ 78.968830] ? rcu_is_watching+0x19/0xb0 [ 78.969334] ? _raw_spin_unlock_irq+0x2b/0x60 [ 78.970052] ? trace_hardirqs_on+0x26/0x120 [ 78.970643] do_group_exit+0xe0/0x2b0 [ 78.971148] __x64_sys_exit_group+0x47/0x50 [ 78.971756] do_syscall_64+0x3b/0x90 [ 78.972247] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.972913] RIP: 0033:0x7f4b87518a4d [ 78.973492] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 78.974237] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.975485] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 78.976314] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 78.977364] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 78.978187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 78.979376] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 78.980286] [ 78.980633] irq event stamp: 0 [ 78.981190] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 78.981984] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 78.983288] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 78.984343] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 78.985318] ---[ end trace 0000000000000000 ]--- [ 78.986623] ------------[ cut here ]------------ [ 78.987278] WARNING: CPU: 1 PID: 660 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 78.988719] Modules linked in: [ 78.989134] CPU: 1 PID: 660 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 78.990392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 78.992040] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 78.992730] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 78.995343] RSP: 0018:ffff8880186a7b78 EFLAGS: 00010246 [ 78.996143] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 78.997107] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 78.998132] RBP: ffff8880186a7b98 R08: ffffed10030f2a3e R09: ffffed10030f2a3e [ 78.999284] R10: ffff8880187951ef R11: ffffed10030f2a3d R12: ffff888018795290 [ 79.000206] R13: ffff8880187950a8 R14: ffffffffffffffff R15: ffff8880186a7c60 [ 79.001304] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.002339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.003333] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.004260] PKRU: 55555554 [ 79.004677] Call Trace: [ 79.005136] [ 79.005443] iommufd_ioas_destroy+0x53/0x70 [ 79.006024] iommufd_fops_release+0x1f7/0x370 [ 79.006860] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.007531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.008178] ? write_comp_data+0x2f/0x90 [ 79.008925] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.009586] __fput+0x26d/0xa40 [ 79.010079] ____fput+0x1e/0x30 [ 79.010683] task_work_run+0x1a4/0x2d0 [ 79.011239] ? __pfx_task_work_run+0x10/0x10 [ 79.011824] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.012479] ? switch_task_namespaces+0xa9/0xe0 [ 79.013111] do_exit+0xb17/0x2ef0 [ 79.013579] ? lock_acquire+0x427/0x4c0 [ 79.014122] ? __pfx_lock_release+0x10/0x10 [ 79.014753] ? __kasan_check_write+0x18/0x20 [ 79.015374] ? do_raw_spin_lock+0x132/0x2a0 [ 79.015943] ? __pfx_do_exit+0x10/0x10 [ 79.016472] ? debug_smp_processor_id+0x20/0x30 [ 79.017100] ? rcu_is_watching+0x19/0xb0 [ 79.017647] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.018244] ? trace_hardirqs_on+0x26/0x120 [ 79.018892] do_group_exit+0xe0/0x2b0 [ 79.019442] __x64_sys_exit_group+0x47/0x50 [ 79.020000] do_syscall_64+0x3b/0x90 [ 79.020493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.021164] RIP: 0033:0x7f4b87518a4d [ 79.021643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.022422] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.023455] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.024368] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.025271] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.026166] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.027126] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.028051] [ 79.028356] irq event stamp: 0 [ 79.028763] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.029558] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.030652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.031722] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.032524] ---[ end trace 0000000000000000 ]--- [ 79.037736] ------------[ cut here ]------------ [ 79.038257] WARNING: CPU: 0 PID: 661 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.039508] Modules linked in: [ 79.039819] CPU: 0 PID: 661 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.040637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.041691] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.042161] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.043937] RSP: 0018:ffff88801651fbb8 EFLAGS: 00010246 [ 79.044458] RAX: 0000000000000000 RBX: ffff888011d9a8a8 RCX: 0000000000000000 [ 79.045128] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 79.045795] RBP: ffff88801651fbd0 R08: ffffed10023b3533 R09: ffffed10023b3533 [ 79.046468] R10: ffff888011d9a993 R11: ffffed10023b3532 R12: ffff888016c99800 [ 79.047187] R13: ffff888011d9a9e8 R14: ffffffff8352e670 R15: ffff88801651fe68 [ 79.047862] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.048620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.049167] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ef0 [ 79.049838] PKRU: 55555554 [ 79.050111] Call Trace: [ 79.050357] [ 79.050603] __iommufd_access_detach+0x1c2/0x2b0 [ 79.051079] iommufd_access_change_pt+0x149/0x270 [ 79.051605] iommufd_access_replace+0xb4/0x120 [ 79.052094] iommufd_test+0x3e5/0x37e0 [ 79.052505] ? lock_release+0x532/0x770 [ 79.052930] ? __might_fault+0x102/0x1b0 [ 79.053363] ? lock_acquire+0x427/0x4c0 [ 79.053793] ? __pfx_iommufd_test+0x10/0x10 [ 79.054240] ? __pfx_lock_release+0x10/0x10 [ 79.054745] ? __pfx_lock_acquire+0x10/0x10 [ 79.055217] ? write_comp_data+0x2f/0x90 [ 79.055657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.056163] ? write_comp_data+0x2f/0x90 [ 79.056590] iommufd_fops_ioctl+0x37d/0x510 [ 79.057038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.057553] ? write_comp_data+0x2f/0x90 [ 79.057988] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.058491] __x64_sys_ioctl+0x1a3/0x230 [ 79.058969] do_syscall_64+0x3b/0x90 [ 79.059392] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.059945] RIP: 0033:0x7f4b8743ee5d [ 79.060340] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.062208] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.063039] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.063798] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.064530] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.065264] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.065987] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.066756] [ 79.066998] irq event stamp: 0 [ 79.067333] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.067976] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.068839] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.069684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.070321] ---[ end trace 0000000000000000 ]--- [ 79.074264] ------------[ cut here ]------------ [ 79.074859] WARNING: CPU: 0 PID: 661 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.075906] Modules linked in: [ 79.076235] CPU: 0 PID: 661 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.077115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.078265] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.078816] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.080692] RSP: 0018:ffff88801651fbd0 EFLAGS: 00010246 [ 79.081241] RAX: 0000000000000000 RBX: ffff888011d9a8a8 RCX: 0000000000000000 [ 79.081973] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 79.082742] RBP: ffff88801651fbe8 R08: ffffed10023b3533 R09: ffffed10023b3533 [ 79.083501] R10: ffff888011d9a993 R11: ffffed10023b3532 R12: ffff88800fcb2400 [ 79.084230] R13: ffff888011d9a9e8 R14: ffff888020a7de00 R15: 0000000000000000 [ 79.084960] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.085785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.086379] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 79.087176] PKRU: 55555554 [ 79.087474] Call Trace: [ 79.087737] [ 79.087971] iommufd_access_destroy_object+0x65/0x170 [ 79.088509] iommufd_object_destroy_user+0x18e/0x220 [ 79.089045] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.089655] iommufd_access_destroy+0x43/0x70 [ 79.090123] iommufd_test_staccess_release+0x8d/0xd0 [ 79.090687] __fput+0x26d/0xa40 [ 79.091042] ____fput+0x1e/0x30 [ 79.091403] task_work_run+0x1a4/0x2d0 [ 79.091816] ? __pfx_task_work_run+0x10/0x10 [ 79.092274] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.092785] ? switch_task_namespaces+0xa9/0xe0 [ 79.093276] do_exit+0xb17/0x2ef0 [ 79.093633] ? lock_acquire+0x427/0x4c0 [ 79.094052] ? __pfx_lock_release+0x10/0x10 [ 79.094533] ? __kasan_check_write+0x18/0x20 [ 79.094998] ? do_raw_spin_lock+0x132/0x2a0 [ 79.095454] ? __pfx_do_exit+0x10/0x10 [ 79.095867] ? debug_smp_processor_id+0x20/0x30 [ 79.096350] ? rcu_is_watching+0x19/0xb0 [ 79.096772] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.097252] ? trace_hardirqs_on+0x26/0x120 [ 79.097708] do_group_exit+0xe0/0x2b0 [ 79.098105] __x64_sys_exit_group+0x47/0x50 [ 79.098582] do_syscall_64+0x3b/0x90 [ 79.098980] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.099484] RIP: 0033:0x7f4b87518a4d [ 79.099816] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.100354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.101018] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.101636] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.102252] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.103009] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.103767] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.104513] [ 79.104756] irq event stamp: 0 [ 79.105079] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.105733] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.106616] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.107485] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.108127] ---[ end trace 0000000000000000 ]--- [ 79.109039] ------------[ cut here ]------------ [ 79.109530] WARNING: CPU: 0 PID: 661 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.110603] Modules linked in: [ 79.110932] CPU: 0 PID: 661 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.111833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.112975] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.113496] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.115393] RSP: 0018:ffff88801651fb78 EFLAGS: 00010246 [ 79.115946] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.116676] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 79.117402] RBP: ffff88801651fb98 R08: ffffed10023b353e R09: ffffed10023b353e [ 79.118127] R10: ffff888011d9a9ef R11: ffffed10023b353d R12: ffff888011d9aa90 [ 79.118882] R13: ffff888011d9a8a8 R14: ffffffffffffffff R15: ffff88801651fc60 [ 79.119628] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.120444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.121039] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 79.121775] PKRU: 55555554 [ 79.122065] Call Trace: [ 79.122329] [ 79.122583] iommufd_ioas_destroy+0x53/0x70 [ 79.123034] iommufd_fops_release+0x1f7/0x370 [ 79.123517] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.124032] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.124541] ? write_comp_data+0x2f/0x90 [ 79.124974] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.125488] __fput+0x26d/0xa40 [ 79.125846] ____fput+0x1e/0x30 [ 79.126193] task_work_run+0x1a4/0x2d0 [ 79.126622] ? __pfx_task_work_run+0x10/0x10 [ 79.127080] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.127599] ? switch_task_namespaces+0xa9/0xe0 [ 79.128085] do_exit+0xb17/0x2ef0 [ 79.128442] ? lock_acquire+0x427/0x4c0 [ 79.128865] ? __pfx_lock_release+0x10/0x10 [ 79.129313] ? __kasan_check_write+0x18/0x20 [ 79.129767] ? do_raw_spin_lock+0x132/0x2a0 [ 79.130220] ? __pfx_do_exit+0x10/0x10 [ 79.130659] ? debug_smp_processor_id+0x20/0x30 [ 79.131164] ? rcu_is_watching+0x19/0xb0 [ 79.131594] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.132071] ? trace_hardirqs_on+0x26/0x120 [ 79.132523] do_group_exit+0xe0/0x2b0 [ 79.132919] __x64_sys_exit_group+0x47/0x50 [ 79.133352] do_syscall_64+0x3b/0x90 [ 79.133745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.134283] RIP: 0033:0x7f4b87518a4d [ 79.134715] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.135370] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.136144] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.136872] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.137595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.138320] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.139070] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.139834] [ 79.140076] irq event stamp: 0 [ 79.140397] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.141037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.141896] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.142773] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.143433] ---[ end trace 0000000000000000 ]--- [ 79.149023] ------------[ cut here ]------------ [ 79.149544] WARNING: CPU: 0 PID: 662 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.150481] Modules linked in: [ 79.151024] CPU: 0 PID: 662 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.151855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.152907] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.153376] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.155097] RSP: 0018:ffff888021b87bb8 EFLAGS: 00010246 [ 79.155618] RAX: 0000000000000000 RBX: ffff88800f63d0a8 RCX: 0000000000000000 [ 79.156286] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 79.156950] RBP: ffff888021b87bd0 R08: ffffed1001ec7a33 R09: ffffed1001ec7a33 [ 79.157613] R10: ffff88800f63d193 R11: ffffed1001ec7a32 R12: ffff8880129c6c00 [ 79.158280] R13: ffff88800f63d1e8 R14: ffffffff8352e670 R15: ffff888021b87e68 [ 79.158968] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.159741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.160286] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ef0 [ 79.160958] PKRU: 55555554 [ 79.161225] Call Trace: [ 79.161466] [ 79.161677] __iommufd_access_detach+0x1c2/0x2b0 [ 79.162139] iommufd_access_change_pt+0x149/0x270 [ 79.162629] iommufd_access_replace+0xb4/0x120 [ 79.163071] iommufd_test+0x3e5/0x37e0 [ 79.163451] ? lock_release+0x532/0x770 [ 79.163838] ? __might_fault+0x102/0x1b0 [ 79.164234] ? lock_acquire+0x427/0x4c0 [ 79.164620] ? __pfx_iommufd_test+0x10/0x10 [ 79.165019] ? __pfx_lock_release+0x10/0x10 [ 79.165430] ? __pfx_lock_acquire+0x10/0x10 [ 79.165851] ? write_comp_data+0x2f/0x90 [ 79.166248] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.166739] ? write_comp_data+0x2f/0x90 [ 79.167145] iommufd_fops_ioctl+0x37d/0x510 [ 79.167559] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.168022] ? write_comp_data+0x2f/0x90 [ 79.168413] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.168869] __x64_sys_ioctl+0x1a3/0x230 [ 79.169262] do_syscall_64+0x3b/0x90 [ 79.169643] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.170137] RIP: 0033:0x7f4b8743ee5d [ 79.170490] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.172234] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.172945] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.173606] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.174269] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.174967] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.175651] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.176319] [ 79.176537] irq event stamp: 0 [ 79.176829] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.177406] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.178171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.178960] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.179566] ---[ end trace 0000000000000000 ]--- [ 79.182609] ------------[ cut here ]------------ [ 79.183078] WARNING: CPU: 0 PID: 662 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.184004] Modules linked in: [ 79.184284] CPU: 0 PID: 662 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.185028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.185994] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.186427] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.188058] RSP: 0018:ffff888021b87bd0 EFLAGS: 00010246 [ 79.188520] RAX: 0000000000000000 RBX: ffff88800f63d0a8 RCX: 0000000000000000 [ 79.189132] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 79.189750] RBP: ffff888021b87be8 R08: ffffed1001ec7a33 R09: ffffed1001ec7a33 [ 79.190364] R10: ffff88800f63d193 R11: ffffed1001ec7a32 R12: ffff888016c99000 [ 79.191003] R13: ffff88800f63d1e8 R14: ffff888013705800 R15: 0000000000000000 [ 79.191643] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.192341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.192842] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 79.193454] PKRU: 55555554 [ 79.193698] Call Trace: [ 79.193925] [ 79.194122] iommufd_access_destroy_object+0x65/0x170 [ 79.194598] iommufd_object_destroy_user+0x18e/0x220 [ 79.195052] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.195596] iommufd_access_destroy+0x43/0x70 [ 79.196006] iommufd_test_staccess_release+0x8d/0xd0 [ 79.196693] __fput+0x26d/0xa40 [ 79.196886] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5462 of 7281 items, 4194304 file size, 767 bytes per hash table item), suggesting rotation. [ 79.197008] ____fput+0x1e/0x30 [ 79.199250] task_work_run+0x1a4/0x2d0 [ 79.199601] ? __pfx_task_work_run+0x10/0x10 [ 79.200156] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.200235] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 79.200588] ? switch_task_namespaces+0xa9/0xe0 [ 79.202337] do_exit+0xb17/0x2ef0 [ 79.202655] ? lock_acquire+0x427/0x4c0 [ 79.203013] ? __pfx_lock_release+0x10/0x10 [ 79.203406] ? __kasan_check_write+0x18/0x20 [ 79.203794] ? do_raw_spin_lock+0x132/0x2a0 [ 79.204169] ? __pfx_do_exit+0x10/0x10 [ 79.204521] ? debug_smp_processor_id+0x20/0x30 [ 79.204929] ? rcu_is_watching+0x19/0xb0 [ 79.205281] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.205680] ? trace_hardirqs_on+0x26/0x120 [ 79.206063] do_group_exit+0xe0/0x2b0 [ 79.206396] __x64_sys_exit_group+0x47/0x50 [ 79.206799] do_syscall_64+0x3b/0x90 [ 79.207144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.207642] RIP: 0033:0x7f4b87518a4d [ 79.208131] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.208667] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.209485] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.210121] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.210920] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.211557] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.212342] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.212970] [ 79.213177] irq event stamp: 0 [ 79.213455] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.214001] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.214741] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.215502] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.216279] ---[ end trace 0000000000000000 ]--- [ 79.217526] ------------[ cut here ]------------ [ 79.217972] WARNING: CPU: 0 PID: 662 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.218877] Modules linked in: [ 79.219175] CPU: 0 PID: 662 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.219930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.221129] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.221574] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.223228] RSP: 0018:ffff888021b87b78 EFLAGS: 00010246 [ 79.223843] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.224462] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 79.225077] RBP: ffff888021b87b98 R08: ffffed1001ec7a3e R09: ffffed1001ec7a3e [ 79.225693] R10: ffff88800f63d1ef R11: ffffed1001ec7a3d R12: ffff88800f63d290 [ 79.226306] R13: ffff88800f63d0a8 R14: ffffffffffffffff R15: ffff888021b87c60 [ 79.226944] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.227646] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.228147] CR2: 00007f4b875fca50 CR3: 000000001444e000 CR4: 0000000000750ef0 [ 79.228761] PKRU: 55555554 [ 79.229014] Call Trace: [ 79.229234] [ 79.229427] iommufd_ioas_destroy+0x53/0x70 [ 79.229804] iommufd_fops_release+0x1f7/0x370 [ 79.230203] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.230658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.231090] ? write_comp_data+0x2f/0x90 [ 79.231477] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.231912] __fput+0x26d/0xa40 [ 79.232220] ____fput+0x1e/0x30 [ 79.232520] task_work_run+0x1a4/0x2d0 [ 79.232873] ? __pfx_task_work_run+0x10/0x10 [ 79.233260] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.233691] ? switch_task_namespaces+0xa9/0xe0 [ 79.234108] do_exit+0xb17/0x2ef0 [ 79.234414] ? lock_acquire+0x427/0x4c0 [ 79.234791] ? __pfx_lock_release+0x10/0x10 [ 79.235189] ? __kasan_check_write+0x18/0x20 [ 79.235583] ? do_raw_spin_lock+0x132/0x2a0 [ 79.235963] ? __pfx_do_exit+0x10/0x10 [ 79.236311] ? debug_smp_processor_id+0x20/0x30 [ 79.236721] ? rcu_is_watching+0x19/0xb0 [ 79.237076] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.237476] ? trace_hardirqs_on+0x26/0x120 [ 79.237863] do_group_exit+0xe0/0x2b0 [ 79.238196] __x64_sys_exit_group+0x47/0x50 [ 79.238590] do_syscall_64+0x3b/0x90 [ 79.238927] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.239396] RIP: 0033:0x7f4b87518a4d [ 79.239723] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.240253] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.240912] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.241532] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.242153] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.242790] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.243428] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.244054] [ 79.244259] irq event stamp: 0 [ 79.244534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.245077] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.245797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.246537] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.247083] ---[ end trace 0000000000000000 ]--- [ 79.254253] ------------[ cut here ]------------ [ 79.254738] WARNING: CPU: 1 PID: 664 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.255624] Modules linked in: [ 79.255898] CPU: 1 PID: 664 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.256656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.257617] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.258044] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.259652] RSP: 0018:ffff888023d5fbb8 EFLAGS: 00010246 [ 79.260226] RAX: 0000000000000000 RBX: ffff888011f610a8 RCX: 0000000000000000 [ 79.260926] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 79.261662] RBP: ffff888023d5fbd0 R08: ffffed10023ec233 R09: ffffed10023ec233 [ 79.262373] R10: ffff888011f61193 R11: ffffed10023ec232 R12: ffff88801226e000 [ 79.263084] R13: ffff888011f611e8 R14: ffffffff8352e670 R15: ffff888023d5fe68 [ 79.263734] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.264610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.265109] CR2: 00007f4b877410e8 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 79.265866] PKRU: 55555554 [ 79.266117] Call Trace: [ 79.266340] [ 79.266570] __iommufd_access_detach+0x1c2/0x2b0 [ 79.267006] iommufd_access_change_pt+0x149/0x270 [ 79.267445] iommufd_access_replace+0xb4/0x120 [ 79.267987] iommufd_test+0x3e5/0x37e0 [ 79.268331] ? lock_release+0x532/0x770 [ 79.268696] ? __might_fault+0x102/0x1b0 [ 79.269096] ? lock_acquire+0x427/0x4c0 [ 79.269534] ? __pfx_iommufd_test+0x10/0x10 [ 79.269911] ? __pfx_lock_release+0x10/0x10 [ 79.270292] ? __pfx_lock_acquire+0x10/0x10 [ 79.270793] ? write_comp_data+0x2f/0x90 [ 79.271226] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.271656] ? write_comp_data+0x2f/0x90 [ 79.272021] iommufd_fops_ioctl+0x37d/0x510 [ 79.272404] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.272978] ? write_comp_data+0x2f/0x90 [ 79.273343] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.273773] __x64_sys_ioctl+0x1a3/0x230 [ 79.274183] do_syscall_64+0x3b/0x90 [ 79.274613] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.275076] RIP: 0033:0x7f4b8743ee5d [ 79.275414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.277133] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.277885] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.278562] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.279210] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.279976] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.280618] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.281381] [ 79.281592] irq event stamp: 0 [ 79.281864] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.282443] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.283308] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.284035] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.284667] ---[ end trace 0000000000000000 ]--- [ 79.288053] ------------[ cut here ]------------ [ 79.288490] WARNING: CPU: 1 PID: 664 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.289369] Modules linked in: [ 79.289649] CPU: 1 PID: 664 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.290385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.291437] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.291872] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.293489] RSP: 0018:ffff888023d5fbd0 EFLAGS: 00010246 [ 79.293943] RAX: 0000000000000000 RBX: ffff888011f610a8 RCX: 0000000000000000 [ 79.294585] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 79.295214] RBP: ffff888023d5fbe8 R08: ffffed10023ec233 R09: ffffed10023ec233 [ 79.295826] R10: ffff888011f61193 R11: ffffed10023ec232 R12: ffff888012eaa400 [ 79.296437] R13: ffff888011f611e8 R14: ffff888012c78800 R15: 0000000000000000 [ 79.297052] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.297742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.298243] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.298936] PKRU: 55555554 [ 79.299196] Call Trace: [ 79.299422] [ 79.299623] iommufd_access_destroy_object+0x65/0x170 [ 79.300064] iommufd_object_destroy_user+0x18e/0x220 [ 79.300507] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.301016] iommufd_access_destroy+0x43/0x70 [ 79.301415] iommufd_test_staccess_release+0x8d/0xd0 [ 79.301863] __fput+0x26d/0xa40 [ 79.302166] ____fput+0x1e/0x30 [ 79.302456] task_work_run+0x1a4/0x2d0 [ 79.302879] ? __pfx_task_work_run+0x10/0x10 [ 79.303411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.303839] ? switch_task_namespaces+0xa9/0xe0 [ 79.304253] do_exit+0xb17/0x2ef0 [ 79.304550] ? lock_acquire+0x427/0x4c0 [ 79.304897] ? __pfx_lock_release+0x10/0x10 [ 79.305270] ? __kasan_check_write+0x18/0x20 [ 79.305650] ? do_raw_spin_lock+0x132/0x2a0 [ 79.306023] ? __pfx_do_exit+0x10/0x10 [ 79.306363] ? debug_smp_processor_id+0x20/0x30 [ 79.306803] ? rcu_is_watching+0x19/0xb0 [ 79.307168] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.307571] ? trace_hardirqs_on+0x26/0x120 [ 79.307955] do_group_exit+0xe0/0x2b0 [ 79.308287] __x64_sys_exit_group+0x47/0x50 [ 79.308661] do_syscall_64+0x3b/0x90 [ 79.308998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.309476] RIP: 0033:0x7f4b87518a4d [ 79.309914] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.310446] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.311156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.311776] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.312474] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.313146] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.313752] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.314459] [ 79.314742] irq event stamp: 0 [ 79.315013] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.315566] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.316288] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.317128] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.317694] ---[ end trace 0000000000000000 ]--- [ 79.318712] ------------[ cut here ]------------ [ 79.319202] WARNING: CPU: 1 PID: 664 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.320078] Modules linked in: [ 79.320354] CPU: 1 PID: 664 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.321099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.322203] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.322673] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.324387] RSP: 0018:ffff888023d5fb78 EFLAGS: 00010246 [ 79.324853] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.325536] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 79.326268] RBP: ffff888023d5fb98 R08: ffffed10023ec23e R09: ffffed10023ec23e [ 79.326915] R10: ffff888011f611ef R11: ffffed10023ec23d R12: ffff888011f61290 [ 79.327884] R13: ffff888011f610a8 R14: ffffffffffffffff R15: ffff888023d5fc60 [ 79.328975] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.329930] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.330908] CR2: 00007f4b875fca50 CR3: 0000000013bd2000 CR4: 0000000000750ee0 [ 79.331787] PKRU: 55555554 [ 79.332129] Call Trace: [ 79.332465] [ 79.332826] iommufd_ioas_destroy+0x53/0x70 [ 79.333353] iommufd_fops_release+0x1f7/0x370 [ 79.333898] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.334650] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.335253] ? write_comp_data+0x2f/0x90 [ 79.335754] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.336390] __fput+0x26d/0xa40 [ 79.336871] ____fput+0x1e/0x30 [ 79.337271] task_work_run+0x1a4/0x2d0 [ 79.337735] ? __pfx_task_work_run+0x10/0x10 [ 79.338287] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.338966] ? switch_task_namespaces+0xa9/0xe0 [ 79.339558] do_exit+0xb17/0x2ef0 [ 79.339974] ? lock_acquire+0x427/0x4c0 [ 79.340479] ? __pfx_lock_release+0x10/0x10 [ 79.341072] ? __kasan_check_write+0x18/0x20 [ 79.341603] ? do_raw_spin_lock+0x132/0x2a0 [ 79.342119] ? __pfx_do_exit+0x10/0x10 [ 79.342759] ? debug_smp_processor_id+0x20/0x30 [ 79.343321] ? rcu_is_watching+0x19/0xb0 [ 79.343795] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.344354] ? trace_hardirqs_on+0x26/0x120 [ 79.344954] do_group_exit+0xe0/0x2b0 [ 79.345415] __x64_sys_exit_group+0x47/0x50 [ 79.345924] do_syscall_64+0x3b/0x90 [ 79.346440] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.347146] RIP: 0033:0x7f4b87518a4d [ 79.347594] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.348318] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.349314] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.350142] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.351161] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.352000] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.352962] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.353778] [ 79.354048] irq event stamp: 0 [ 79.354445] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.355287] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.356238] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.357330] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.358070] ---[ end trace 0000000000000000 ]--- [ 79.365283] ------------[ cut here ]------------ [ 79.365851] WARNING: CPU: 1 PID: 665 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.367184] Modules linked in: [ 79.367563] CPU: 1 PID: 665 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.368539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.369808] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.370379] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.372288] RSP: 0018:ffff8880140b7bb8 EFLAGS: 00010246 [ 79.372733] RAX: 0000000000000000 RBX: ffff8880137608a8 RCX: 0000000000000000 [ 79.373304] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 79.373877] RBP: ffff8880140b7bd0 R08: ffffed10026ec133 R09: ffffed10026ec133 [ 79.374450] R10: ffff888013760993 R11: ffffed10026ec132 R12: ffff888010827000 [ 79.375042] R13: ffff8880137609e8 R14: ffffffff8352e670 R15: ffff8880140b7e68 [ 79.375631] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.376270] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.376732] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 79.377300] PKRU: 55555554 [ 79.377527] Call Trace: [ 79.377733] [ 79.377917] __iommufd_access_detach+0x1c2/0x2b0 [ 79.378316] iommufd_access_change_pt+0x149/0x270 [ 79.378733] iommufd_access_replace+0xb4/0x120 [ 79.379119] iommufd_test+0x3e5/0x37e0 [ 79.379439] ? lock_release+0x532/0x770 [ 79.379770] ? __might_fault+0x102/0x1b0 [ 79.380113] ? lock_acquire+0x427/0x4c0 [ 79.380454] ? __pfx_iommufd_test+0x10/0x10 [ 79.380799] ? __pfx_lock_release+0x10/0x10 [ 79.381157] ? __pfx_lock_acquire+0x10/0x10 [ 79.381516] ? write_comp_data+0x2f/0x90 [ 79.381855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.382251] ? write_comp_data+0x2f/0x90 [ 79.382613] iommufd_fops_ioctl+0x37d/0x510 [ 79.382970] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.383387] ? write_comp_data+0x2f/0x90 [ 79.383728] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.384124] __x64_sys_ioctl+0x1a3/0x230 [ 79.384469] do_syscall_64+0x3b/0x90 [ 79.384784] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.385219] RIP: 0033:0x7f4b8743ee5d [ 79.385518] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.386994] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.387617] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.388191] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.388757] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.389381] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.389930] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.390487] [ 79.390692] irq event stamp: 0 [ 79.390939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.391435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.392083] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.392728] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.393218] ---[ end trace 0000000000000000 ]--- [ 79.395982] ------------[ cut here ]------------ [ 79.396374] WARNING: CPU: 1 PID: 665 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.397154] Modules linked in: [ 79.397404] CPU: 1 PID: 665 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.398071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.399025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.399428] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.400832] RSP: 0018:ffff8880140b7bd0 EFLAGS: 00010246 [ 79.401245] RAX: 0000000000000000 RBX: ffff8880137608a8 RCX: 0000000000000000 [ 79.401795] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 79.402343] RBP: ffff8880140b7be8 R08: ffffed10026ec133 R09: ffffed10026ec133 [ 79.402908] R10: ffff888013760993 R11: ffffed10026ec132 R12: ffff88801226d400 [ 79.403476] R13: ffff8880137609e8 R14: ffff88800fd78400 R15: 0000000000000000 [ 79.404023] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.404635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.405093] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.405636] PKRU: 55555554 [ 79.405852] Call Trace: [ 79.406049] [ 79.406223] iommufd_access_destroy_object+0x65/0x170 [ 79.406646] iommufd_object_destroy_user+0x18e/0x220 [ 79.407042] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.407530] iommufd_access_destroy+0x43/0x70 [ 79.407886] iommufd_test_staccess_release+0x8d/0xd0 [ 79.408288] __fput+0x26d/0xa40 [ 79.408561] ____fput+0x1e/0x30 [ 79.408826] task_work_run+0x1a4/0x2d0 [ 79.409136] ? __pfx_task_work_run+0x10/0x10 [ 79.409480] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.409862] ? switch_task_namespaces+0xa9/0xe0 [ 79.410231] do_exit+0xb17/0x2ef0 [ 79.410500] ? lock_acquire+0x427/0x4c0 [ 79.410841] ? __pfx_lock_release+0x10/0x10 [ 79.411190] ? __kasan_check_write+0x18/0x20 [ 79.411531] ? do_raw_spin_lock+0x132/0x2a0 [ 79.411865] ? __pfx_do_exit+0x10/0x10 [ 79.412175] ? debug_smp_processor_id+0x20/0x30 [ 79.412539] ? rcu_is_watching+0x19/0xb0 [ 79.412855] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.413224] ? trace_hardirqs_on+0x26/0x120 [ 79.413566] do_group_exit+0xe0/0x2b0 [ 79.413861] __x64_sys_exit_group+0x47/0x50 [ 79.414190] do_syscall_64+0x3b/0x90 [ 79.414486] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.414918] RIP: 0033:0x7f4b87518a4d [ 79.415212] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.415680] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.416258] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.416800] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.417341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.417879] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.418433] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.419007] [ 79.419195] irq event stamp: 0 [ 79.419449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.419935] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.420576] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.421265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.421746] ---[ end trace 0000000000000000 ]--- [ 79.422470] ------------[ cut here ]------------ [ 79.422855] WARNING: CPU: 1 PID: 665 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.423641] Modules linked in: [ 79.423890] CPU: 1 PID: 665 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.424548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.425401] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.425796] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.427199] RSP: 0018:ffff8880140b7b78 EFLAGS: 00010246 [ 79.427609] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.428147] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 79.428691] RBP: ffff8880140b7b98 R08: ffffed10026ec13e R09: ffffed10026ec13e [ 79.429232] R10: ffff8880137609ef R11: ffffed10026ec13d R12: ffff888013760a90 [ 79.429778] R13: ffff8880137608a8 R14: ffffffffffffffff R15: ffff8880140b7c60 [ 79.430322] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.430957] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.431410] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.431952] PKRU: 55555554 [ 79.432167] Call Trace: [ 79.432363] [ 79.432537] iommufd_ioas_destroy+0x53/0x70 [ 79.432878] iommufd_fops_release+0x1f7/0x370 [ 79.433227] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.433610] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.433991] ? write_comp_data+0x2f/0x90 [ 79.434310] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.434712] __fput+0x26d/0xa40 [ 79.434982] ____fput+0x1e/0x30 [ 79.435252] task_work_run+0x1a4/0x2d0 [ 79.435560] ? __pfx_task_work_run+0x10/0x10 [ 79.435907] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.436286] ? switch_task_namespaces+0xa9/0xe0 [ 79.436653] do_exit+0xb17/0x2ef0 [ 79.436924] ? lock_acquire+0x427/0x4c0 [ 79.437245] ? __pfx_lock_release+0x10/0x10 [ 79.437587] ? __kasan_check_write+0x18/0x20 [ 79.437929] ? do_raw_spin_lock+0x132/0x2a0 [ 79.438269] ? __pfx_do_exit+0x10/0x10 [ 79.438608] ? debug_smp_processor_id+0x20/0x30 [ 79.438975] ? rcu_is_watching+0x19/0xb0 [ 79.439305] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.439657] ? trace_hardirqs_on+0x26/0x120 [ 79.439999] do_group_exit+0xe0/0x2b0 [ 79.440301] __x64_sys_exit_group+0x47/0x50 [ 79.440643] do_syscall_64+0x3b/0x90 [ 79.440946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.441354] RIP: 0033:0x7f4b87518a4d [ 79.441643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.442127] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.442746] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.443311] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.443859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.444405] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.444952] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.445507] [ 79.445691] irq event stamp: 0 [ 79.445935] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.446418] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.447084] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.447745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.448238] ---[ end trace 0000000000000000 ]--- [ 79.453547] ------------[ cut here ]------------ [ 79.453998] WARNING: CPU: 1 PID: 666 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.454894] Modules linked in: [ 79.455155] CPU: 1 PID: 666 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.455925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.456796] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.457300] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.458834] RSP: 0018:ffff88801391fbb8 EFLAGS: 00010246 [ 79.459257] RAX: 0000000000000000 RBX: ffff888023d408a8 RCX: 0000000000000000 [ 79.459808] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 79.460470] RBP: ffff88801391fbd0 R08: ffffed10047a8133 R09: ffffed10047a8133 [ 79.461022] R10: ffff888023d40993 R11: ffffed10047a8132 R12: ffff8880188db800 [ 79.461610] R13: ffff888023d409e8 R14: ffffffff8352e670 R15: ffff88801391fe68 [ 79.462243] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.462886] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.463408] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ee0 [ 79.464011] PKRU: 55555554 [ 79.464233] Call Trace: [ 79.464443] [ 79.464621] __iommufd_access_detach+0x1c2/0x2b0 [ 79.465118] iommufd_access_change_pt+0x149/0x270 [ 79.465518] iommufd_access_replace+0xb4/0x120 [ 79.465890] iommufd_test+0x3e5/0x37e0 [ 79.466232] ? lock_release+0x532/0x770 [ 79.466628] ? __might_fault+0x102/0x1b0 [ 79.466955] ? lock_acquire+0x427/0x4c0 [ 79.467295] ? __pfx_iommufd_test+0x10/0x10 [ 79.467633] ? __pfx_lock_release+0x10/0x10 [ 79.467979] ? __pfx_lock_acquire+0x10/0x10 [ 79.468443] ? write_comp_data+0x2f/0x90 [ 79.468769] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.469153] ? write_comp_data+0x2f/0x90 [ 79.469507] iommufd_fops_ioctl+0x37d/0x510 [ 79.469915] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.470295] ? write_comp_data+0x2f/0x90 [ 79.470644] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.471030] __x64_sys_ioctl+0x1a3/0x230 [ 79.471443] do_syscall_64+0x3b/0x90 [ 79.471763] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.472173] RIP: 0033:0x7f4b8743ee5d [ 79.472467] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.473991] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.474732] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.475315] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.475880] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.476551] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.477111] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.477820] [ 79.478014] irq event stamp: 0 [ 79.478271] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.478809] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.479623] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.480308] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.480833] ---[ end trace 0000000000000000 ]--- [ 79.483717] ------------[ cut here ]------------ [ 79.484129] WARNING: CPU: 1 PID: 666 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.485029] Modules linked in: [ 79.485290] CPU: 1 PID: 666 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.485986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.487078] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.487492] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.488962] RSP: 0018:ffff88801391fbd0 EFLAGS: 00010246 [ 79.489397] RAX: 0000000000000000 RBX: ffff888023d408a8 RCX: 0000000000000000 [ 79.489975] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 79.490588] RBP: ffff88801391fbe8 R08: ffffed10047a8133 R09: ffffed10047a8133 [ 79.491172] R10: ffff888023d40993 R11: ffffed10047a8132 R12: ffff888012e93c00 [ 79.491757] R13: ffff888023d409e8 R14: ffff88802085e100 R15: 0000000000000000 [ 79.492331] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.492982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.493450] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.494025] PKRU: 55555554 [ 79.494257] Call Trace: [ 79.494468] [ 79.494679] iommufd_access_destroy_object+0x65/0x170 [ 79.495105] iommufd_object_destroy_user+0x18e/0x220 [ 79.495530] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.496010] iommufd_access_destroy+0x43/0x70 [ 79.496449] iommufd_test_staccess_release+0x8d/0xd0 [ 79.496868] __fput+0x26d/0xa40 [ 79.497151] ____fput+0x1e/0x30 [ 79.497427] task_work_run+0x1a4/0x2d0 [ 79.497753] ? __pfx_task_work_run+0x10/0x10 [ 79.498114] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.498531] ? switch_task_namespaces+0xa9/0xe0 [ 79.498925] do_exit+0xb17/0x2ef0 [ 79.499217] ? lock_acquire+0x427/0x4c0 [ 79.499546] ? __pfx_lock_release+0x10/0x10 [ 79.499904] ? __kasan_check_write+0x18/0x20 [ 79.500267] ? do_raw_spin_lock+0x132/0x2a0 [ 79.500621] ? __pfx_do_exit+0x10/0x10 [ 79.500943] ? debug_smp_processor_id+0x20/0x30 [ 79.501325] ? rcu_is_watching+0x19/0xb0 [ 79.501659] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.502034] ? trace_hardirqs_on+0x26/0x120 [ 79.502389] do_group_exit+0xe0/0x2b0 [ 79.502722] __x64_sys_exit_group+0x47/0x50 [ 79.503074] do_syscall_64+0x3b/0x90 [ 79.503403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.503834] RIP: 0033:0x7f4b87518a4d [ 79.504134] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.504633] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.505249] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.505830] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.506408] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.507020] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.507611] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.508198] [ 79.508387] irq event stamp: 0 [ 79.508645] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.509156] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.509831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.510532] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.511045] ---[ end trace 0000000000000000 ]--- [ 79.511764] ------------[ cut here ]------------ [ 79.512152] WARNING: CPU: 1 PID: 666 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.512962] Modules linked in: [ 79.513221] CPU: 1 PID: 666 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.513990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.514895] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.515315] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.516739] RSP: 0018:ffff88801391fb78 EFLAGS: 00010246 [ 79.517188] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.517744] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 79.518297] RBP: ffff88801391fb98 R08: ffffed10047a813e R09: ffffed10047a813e [ 79.518877] R10: ffff888023d409ef R11: ffffed10047a813d R12: ffff888023d40a90 [ 79.519441] R13: ffff888023d408a8 R14: ffffffffffffffff R15: ffff88801391fc60 [ 79.520000] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.520623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.521078] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.521634] PKRU: 55555554 [ 79.521854] Call Trace: [ 79.522057] [ 79.522238] iommufd_ioas_destroy+0x53/0x70 [ 79.522602] iommufd_fops_release+0x1f7/0x370 [ 79.522973] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.523387] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.523786] ? write_comp_data+0x2f/0x90 [ 79.524113] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.524509] __fput+0x26d/0xa40 [ 79.524788] ____fput+0x1e/0x30 [ 79.525060] task_work_run+0x1a4/0x2d0 [ 79.525377] ? __pfx_task_work_run+0x10/0x10 [ 79.525729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.526117] ? switch_task_namespaces+0xa9/0xe0 [ 79.526496] do_exit+0xb17/0x2ef0 [ 79.526796] ? lock_acquire+0x427/0x4c0 [ 79.527128] ? __pfx_lock_release+0x10/0x10 [ 79.527476] ? __kasan_check_write+0x18/0x20 [ 79.527827] ? do_raw_spin_lock+0x132/0x2a0 [ 79.528170] ? __pfx_do_exit+0x10/0x10 [ 79.528484] ? debug_smp_processor_id+0x20/0x30 [ 79.528855] ? rcu_is_watching+0x19/0xb0 [ 79.529182] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.529545] ? trace_hardirqs_on+0x26/0x120 [ 79.529892] do_group_exit+0xe0/0x2b0 [ 79.530193] __x64_sys_exit_group+0x47/0x50 [ 79.530552] do_syscall_64+0x3b/0x90 [ 79.530860] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.531291] RIP: 0033:0x7f4b87518a4d [ 79.531587] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.532068] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.532659] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.533203] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.533748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.534293] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.534857] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.535420] [ 79.535603] irq event stamp: 0 [ 79.535848] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.536334] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.536978] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.537619] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.538103] ---[ end trace 0000000000000000 ]--- [ 79.541793] ------------[ cut here ]------------ [ 79.542207] WARNING: CPU: 0 PID: 667 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.543078] Modules linked in: [ 79.543351] CPU: 0 PID: 667 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.544028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.544900] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.545288] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.546719] RSP: 0018:ffff8880140b7bb8 EFLAGS: 00010246 [ 79.547145] RAX: 0000000000000000 RBX: ffff88800ea738a8 RCX: 0000000000000000 [ 79.547701] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 79.548256] RBP: ffff8880140b7bd0 R08: ffffed1001d4e733 R09: ffffed1001d4e733 [ 79.548811] R10: ffff88800ea73993 R11: ffffed1001d4e732 R12: ffff888021baac00 [ 79.549372] R13: ffff88800ea739e8 R14: ffffffff8352e670 R15: ffff8880140b7e68 [ 79.549926] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.550566] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.551022] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ef0 [ 79.551598] PKRU: 55555554 [ 79.551824] Call Trace: [ 79.552026] [ 79.552206] __iommufd_access_detach+0x1c2/0x2b0 [ 79.552593] iommufd_access_change_pt+0x149/0x270 [ 79.552984] iommufd_access_replace+0xb4/0x120 [ 79.553352] iommufd_test+0x3e5/0x37e0 [ 79.553663] ? lock_release+0x532/0x770 [ 79.553988] ? __might_fault+0x102/0x1b0 [ 79.554314] ? lock_acquire+0x427/0x4c0 [ 79.554656] ? __pfx_iommufd_test+0x10/0x10 [ 79.554998] ? __pfx_lock_release+0x10/0x10 [ 79.555358] ? __pfx_lock_acquire+0x10/0x10 [ 79.555713] ? write_comp_data+0x2f/0x90 [ 79.556043] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.556431] ? write_comp_data+0x2f/0x90 [ 79.556764] iommufd_fops_ioctl+0x37d/0x510 [ 79.557113] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.557510] ? write_comp_data+0x2f/0x90 [ 79.557838] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.558225] __x64_sys_ioctl+0x1a3/0x230 [ 79.558580] do_syscall_64+0x3b/0x90 [ 79.558890] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.559317] RIP: 0033:0x7f4b8743ee5d [ 79.559613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.561034] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.561628] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.562184] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.562755] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.563336] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.563891] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.564458] [ 79.564644] irq event stamp: 0 [ 79.564895] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.565388] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.566043] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.566715] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.567228] ---[ end trace 0000000000000000 ]--- [ 79.570236] ------------[ cut here ]------------ [ 79.570665] WARNING: CPU: 0 PID: 667 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.571470] Modules linked in: [ 79.571724] CPU: 0 PID: 667 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.572400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.573293] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.573683] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.575141] RSP: 0018:ffff8880140b7bd0 EFLAGS: 00010246 [ 79.575561] RAX: 0000000000000000 RBX: ffff88800ea738a8 RCX: 0000000000000000 [ 79.576118] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 79.576674] RBP: ffff8880140b7be8 R08: ffffed1001d4e733 R09: ffffed1001d4e733 [ 79.577228] R10: ffff88800ea73993 R11: ffffed1001d4e732 R12: ffff8880129c4800 [ 79.577792] R13: ffff88800ea739e8 R14: ffff888010b65c00 R15: 0000000000000000 [ 79.578347] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.578994] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.579460] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 79.580016] PKRU: 55555554 [ 79.580238] Call Trace: [ 79.580441] [ 79.580619] iommufd_access_destroy_object+0x65/0x170 [ 79.581038] iommufd_object_destroy_user+0x18e/0x220 [ 79.581442] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.581907] iommufd_access_destroy+0x43/0x70 [ 79.582276] iommufd_test_staccess_release+0x8d/0xd0 [ 79.582702] __fput+0x26d/0xa40 [ 79.582981] ____fput+0x1e/0x30 [ 79.583263] task_work_run+0x1a4/0x2d0 [ 79.583582] ? __pfx_task_work_run+0x10/0x10 [ 79.583940] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.584334] ? switch_task_namespaces+0xa9/0xe0 [ 79.584716] do_exit+0xb17/0x2ef0 [ 79.584993] ? lock_acquire+0x427/0x4c0 [ 79.585314] ? __pfx_lock_release+0x10/0x10 [ 79.585663] ? __kasan_check_write+0x18/0x20 [ 79.586017] ? do_raw_spin_lock+0x132/0x2a0 [ 79.586362] ? __pfx_do_exit+0x10/0x10 [ 79.586691] ? debug_smp_processor_id+0x20/0x30 [ 79.587056] ? rcu_is_watching+0x19/0xb0 [ 79.587380] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.587733] ? trace_hardirqs_on+0x26/0x120 [ 79.588077] do_group_exit+0xe0/0x2b0 [ 79.588375] __x64_sys_exit_group+0x47/0x50 [ 79.588707] do_syscall_64+0x3b/0x90 [ 79.589005] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.589416] RIP: 0033:0x7f4b87518a4d [ 79.589703] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.590172] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.590779] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.591342] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.591887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.592434] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.592985] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.593537] [ 79.593717] irq event stamp: 0 [ 79.593958] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.594437] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.595126] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.595769] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.596253] ---[ end trace 0000000000000000 ]--- [ 79.596930] ------------[ cut here ]------------ [ 79.597293] WARNING: CPU: 0 PID: 667 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.598075] Modules linked in: [ 79.598324] CPU: 0 PID: 667 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.599006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.599891] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.600287] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.601672] RSP: 0018:ffff8880140b7b78 EFLAGS: 00010246 [ 79.602082] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.602636] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 79.603195] RBP: ffff8880140b7b98 R08: ffffed1001d4e73e R09: ffffed1001d4e73e [ 79.603736] R10: ffff88800ea739ef R11: ffffed1001d4e73d R12: ffff88800ea73a90 [ 79.604279] R13: ffff88800ea738a8 R14: ffffffffffffffff R15: ffff8880140b7c60 [ 79.604824] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.605436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.605879] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 79.606423] PKRU: 55555554 [ 79.606655] Call Trace: [ 79.606859] [ 79.607034] iommufd_ioas_destroy+0x53/0x70 [ 79.607382] iommufd_fops_release+0x1f7/0x370 [ 79.607735] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.608123] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.608511] ? write_comp_data+0x2f/0x90 [ 79.608834] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.609222] __fput+0x26d/0xa40 [ 79.609491] ____fput+0x1e/0x30 [ 79.609754] task_work_run+0x1a4/0x2d0 [ 79.610063] ? __pfx_task_work_run+0x10/0x10 [ 79.610408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.610811] ? switch_task_namespaces+0xa9/0xe0 [ 79.611205] do_exit+0xb17/0x2ef0 [ 79.611476] ? lock_acquire+0x427/0x4c0 [ 79.611790] ? __pfx_lock_release+0x10/0x10 [ 79.612129] ? __kasan_check_write+0x18/0x20 [ 79.612477] ? do_raw_spin_lock+0x132/0x2a0 [ 79.612811] ? __pfx_do_exit+0x10/0x10 [ 79.613119] ? debug_smp_processor_id+0x20/0x30 [ 79.613480] ? rcu_is_watching+0x19/0xb0 [ 79.613798] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.614156] ? trace_hardirqs_on+0x26/0x120 [ 79.614498] do_group_exit+0xe0/0x2b0 [ 79.614821] __x64_sys_exit_group+0x47/0x50 [ 79.615168] do_syscall_64+0x3b/0x90 [ 79.615467] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.615871] RIP: 0033:0x7f4b87518a4d [ 79.616157] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.616629] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.617208] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.617755] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.618305] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.618875] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.619432] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.619983] [ 79.620166] irq event stamp: 0 [ 79.620408] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.620888] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.621525] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.622172] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.622668] ---[ end trace 0000000000000000 ]--- [ 79.627289] ------------[ cut here ]------------ [ 79.627696] WARNING: CPU: 0 PID: 668 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.628464] Modules linked in: [ 79.628711] CPU: 0 PID: 668 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.629382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.630241] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.630804] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.632208] RSP: 0018:ffff88801656fbb8 EFLAGS: 00010246 [ 79.632613] RAX: 0000000000000000 RBX: ffff888015e650a8 RCX: 0000000000000000 [ 79.633156] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 79.633698] RBP: ffff88801656fbd0 R08: ffffed1002bcca33 R09: ffffed1002bcca33 [ 79.634246] R10: ffff888015e65193 R11: ffffed1002bcca32 R12: ffff888010e01800 [ 79.634801] R13: ffff888015e651e8 R14: ffffffff8352e670 R15: ffff88801656fe68 [ 79.635356] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.635969] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.636409] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ef0 [ 79.636958] PKRU: 55555554 [ 79.637177] Call Trace: [ 79.637374] [ 79.637548] __iommufd_access_detach+0x1c2/0x2b0 [ 79.637929] iommufd_access_change_pt+0x149/0x270 [ 79.638310] iommufd_access_replace+0xb4/0x120 [ 79.638690] iommufd_test+0x3e5/0x37e0 [ 79.638993] ? lock_release+0x532/0x770 [ 79.639322] ? __might_fault+0x102/0x1b0 [ 79.639642] ? lock_acquire+0x427/0x4c0 [ 79.639956] ? __pfx_iommufd_test+0x10/0x10 [ 79.640287] ? __pfx_lock_release+0x10/0x10 [ 79.640625] ? __pfx_lock_acquire+0x10/0x10 [ 79.640960] ? write_comp_data+0x2f/0x90 [ 79.641277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.641647] ? write_comp_data+0x2f/0x90 [ 79.641966] iommufd_fops_ioctl+0x37d/0x510 [ 79.642297] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.642685] ? write_comp_data+0x2f/0x90 [ 79.643006] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.643383] __x64_sys_ioctl+0x1a3/0x230 [ 79.643701] do_syscall_64+0x3b/0x90 [ 79.643990] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.644386] RIP: 0033:0x7f4b8743ee5d [ 79.644664] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.646036] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.646621] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.647165] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.647701] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.648235] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.648770] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.649310] [ 79.649486] irq event stamp: 0 [ 79.649724] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.650204] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.650877] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.651535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.652020] ---[ end trace 0000000000000000 ]--- [ 79.654760] ------------[ cut here ]------------ [ 79.655157] WARNING: CPU: 0 PID: 668 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.655912] Modules linked in: [ 79.656153] CPU: 0 PID: 668 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.656798] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.657635] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.658007] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.659434] RSP: 0018:ffff88801656fbd0 EFLAGS: 00010246 [ 79.659846] RAX: 0000000000000000 RBX: ffff888015e650a8 RCX: 0000000000000000 [ 79.660379] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 79.660917] RBP: ffff88801656fbe8 R08: ffffed1002bcca33 R09: ffffed1002bcca33 [ 79.661445] R10: ffff888015e65193 R11: ffffed1002bcca32 R12: ffff888021baa000 [ 79.661978] R13: ffff888015e651e8 R14: ffff8880129b2500 R15: 0000000000000000 [ 79.662523] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.663131] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.663570] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 79.664101] PKRU: 55555554 [ 79.664324] Call Trace: [ 79.664519] [ 79.664689] iommufd_access_destroy_object+0x65/0x170 [ 79.665084] iommufd_object_destroy_user+0x18e/0x220 [ 79.665477] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.665923] iommufd_access_destroy+0x43/0x70 [ 79.666272] iommufd_test_staccess_release+0x8d/0xd0 [ 79.666682] __fput+0x26d/0xa40 [ 79.666950] ____fput+0x1e/0x30 [ 79.667217] task_work_run+0x1a4/0x2d0 [ 79.667519] ? __pfx_task_work_run+0x10/0x10 [ 79.667856] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.668234] ? switch_task_namespaces+0xa9/0xe0 [ 79.668596] do_exit+0xb17/0x2ef0 [ 79.668864] ? lock_acquire+0x427/0x4c0 [ 79.669173] ? __pfx_lock_release+0x10/0x10 [ 79.669507] ? __kasan_check_write+0x18/0x20 [ 79.669844] ? do_raw_spin_lock+0x132/0x2a0 [ 79.670173] ? __pfx_do_exit+0x10/0x10 [ 79.670478] ? debug_smp_processor_id+0x20/0x30 [ 79.670852] ? rcu_is_watching+0x19/0xb0 [ 79.671182] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.671532] ? trace_hardirqs_on+0x26/0x120 [ 79.671862] do_group_exit+0xe0/0x2b0 [ 79.672150] __x64_sys_exit_group+0x47/0x50 [ 79.672476] do_syscall_64+0x3b/0x90 [ 79.672764] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.673158] RIP: 0033:0x7f4b87518a4d [ 79.673439] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.673904] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.674471] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.675018] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.675572] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.676105] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.676635] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.677173] [ 79.677348] irq event stamp: 0 [ 79.677584] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.678058] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.678697] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.679331] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.679810] ---[ end trace 0000000000000000 ]--- [ 79.680485] ------------[ cut here ]------------ [ 79.680846] WARNING: CPU: 0 PID: 668 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.681605] Modules linked in: [ 79.681849] CPU: 0 PID: 668 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.682494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.683359] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.683747] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.685105] RSP: 0018:ffff88801656fb78 EFLAGS: 00010246 [ 79.685507] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.686036] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 79.686582] RBP: ffff88801656fb98 R08: ffffed1002bcca3e R09: ffffed1002bcca3e [ 79.687124] R10: ffff888015e651ef R11: ffffed1002bcca3d R12: ffff888015e65290 [ 79.687655] R13: ffff888015e650a8 R14: ffffffffffffffff R15: ffff88801656fc60 [ 79.688187] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 79.688792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.689226] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 79.689760] PKRU: 55555554 [ 79.689973] Call Trace: [ 79.690165] [ 79.690336] iommufd_ioas_destroy+0x53/0x70 [ 79.690681] iommufd_fops_release+0x1f7/0x370 [ 79.691029] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.691417] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.691800] ? write_comp_data+0x2f/0x90 [ 79.692128] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.692513] __fput+0x26d/0xa40 [ 79.692780] ____fput+0x1e/0x30 [ 79.693036] task_work_run+0x1a4/0x2d0 [ 79.693339] ? __pfx_task_work_run+0x10/0x10 [ 79.693677] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.694052] ? switch_task_namespaces+0xa9/0xe0 [ 79.694418] do_exit+0xb17/0x2ef0 [ 79.694710] ? lock_acquire+0x427/0x4c0 [ 79.695027] ? __pfx_lock_release+0x10/0x10 [ 79.695375] ? __kasan_check_write+0x18/0x20 [ 79.695716] ? do_raw_spin_lock+0x132/0x2a0 [ 79.696045] ? __pfx_do_exit+0x10/0x10 [ 79.696347] ? debug_smp_processor_id+0x20/0x30 [ 79.696702] ? rcu_is_watching+0x19/0xb0 [ 79.697010] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.697357] ? trace_hardirqs_on+0x26/0x120 [ 79.697692] do_group_exit+0xe0/0x2b0 [ 79.697984] __x64_sys_exit_group+0x47/0x50 [ 79.698309] do_syscall_64+0x3b/0x90 [ 79.698614] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.699010] RIP: 0033:0x7f4b87518a4d [ 79.699300] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.699758] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.700327] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.700860] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.701391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.701922] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.702451] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.703012] [ 79.703204] irq event stamp: 0 [ 79.703449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.703922] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.704547] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.705172] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.705639] ---[ end trace 0000000000000000 ]--- [ 79.713379] ------------[ cut here ]------------ [ 79.713986] WARNING: CPU: 1 PID: 669 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.714892] Modules linked in: [ 79.715149] CPU: 1 PID: 669 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.715802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.716642] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.717020] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.718385] RSP: 0018:ffff88800f577bb8 EFLAGS: 00010246 [ 79.718807] RAX: 0000000000000000 RBX: ffff888012a158a8 RCX: 0000000000000000 [ 79.719351] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 79.719889] RBP: ffff88800f577bd0 R08: ffffed1002542b33 R09: ffffed1002542b33 [ 79.720532] R10: ffff888012a15993 R11: ffffed1002542b32 R12: ffff88800bae0400 [ 79.721073] R13: ffff888012a159e8 R14: ffffffff8352e670 R15: ffff88800f577e68 [ 79.721730] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.722340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.722823] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 79.723424] PKRU: 55555554 [ 79.723648] Call Trace: [ 79.723844] [ 79.724028] __iommufd_access_detach+0x1c2/0x2b0 [ 79.724429] iommufd_access_change_pt+0x149/0x270 [ 79.724869] iommufd_access_replace+0xb4/0x120 [ 79.725230] iommufd_test+0x3e5/0x37e0 [ 79.725533] ? lock_release+0x532/0x770 [ 79.725901] ? __might_fault+0x102/0x1b0 [ 79.726265] ? lock_acquire+0x427/0x4c0 [ 79.726606] ? __pfx_iommufd_test+0x10/0x10 [ 79.726941] ? __pfx_lock_release+0x10/0x10 [ 79.727296] ? __pfx_lock_acquire+0x10/0x10 [ 79.727702] ? write_comp_data+0x2f/0x90 [ 79.728025] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.728406] ? write_comp_data+0x2f/0x90 [ 79.728733] iommufd_fops_ioctl+0x37d/0x510 [ 79.729071] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.729449] ? write_comp_data+0x2f/0x90 [ 79.729768] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.730143] __x64_sys_ioctl+0x1a3/0x230 [ 79.730465] do_syscall_64+0x3b/0x90 [ 79.730819] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.731235] RIP: 0033:0x7f4b8743ee5d [ 79.731521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.733056] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.733639] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.734204] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.734847] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.735391] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.735984] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.736573] [ 79.736754] irq event stamp: 0 [ 79.736998] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.737588] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.738222] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.738941] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.739474] ---[ end trace 0000000000000000 ]--- [ 79.742354] ------------[ cut here ]------------ [ 79.742779] WARNING: CPU: 1 PID: 669 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.743623] Modules linked in: [ 79.743919] CPU: 1 PID: 669 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.744589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.745585] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.745977] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.747545] RSP: 0018:ffff88800f577bd0 EFLAGS: 00010246 [ 79.747969] RAX: 0000000000000000 RBX: ffff888012a158a8 RCX: 0000000000000000 [ 79.748647] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 79.749198] RBP: ffff88800f577be8 R08: ffffed1002542b33 R09: ffffed1002542b33 [ 79.749864] R10: ffff888012a15993 R11: ffffed1002542b32 R12: ffff8880188da800 [ 79.750425] R13: ffff888012a159e8 R14: ffff8880143e1700 R15: 0000000000000000 [ 79.751010] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.751770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.752229] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.752793] PKRU: 55555554 [ 79.753083] Call Trace: [ 79.753339] [ 79.753519] iommufd_access_destroy_object+0x65/0x170 [ 79.753929] iommufd_object_destroy_user+0x18e/0x220 [ 79.754362] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.754931] iommufd_access_destroy+0x43/0x70 [ 79.755313] iommufd_test_staccess_release+0x8d/0xd0 [ 79.755719] __fput+0x26d/0xa40 [ 79.755998] ____fput+0x1e/0x30 [ 79.756371] task_work_run+0x1a4/0x2d0 [ 79.756695] ? __pfx_task_work_run+0x10/0x10 [ 79.757054] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.757447] ? switch_task_namespaces+0xa9/0xe0 [ 79.757900] do_exit+0xb17/0x2ef0 [ 79.758222] ? lock_acquire+0x427/0x4c0 [ 79.758572] ? __pfx_lock_release+0x10/0x10 [ 79.758926] ? __kasan_check_write+0x18/0x20 [ 79.759313] ? do_raw_spin_lock+0x132/0x2a0 [ 79.759676] ? __pfx_do_exit+0x10/0x10 [ 79.760072] ? debug_smp_processor_id+0x20/0x30 [ 79.760444] ? rcu_is_watching+0x19/0xb0 [ 79.760762] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.761185] ? trace_hardirqs_on+0x26/0x120 [ 79.761575] do_group_exit+0xe0/0x2b0 [ 79.761874] __x64_sys_exit_group+0x47/0x50 [ 79.762209] do_syscall_64+0x3b/0x90 [ 79.762590] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.763050] RIP: 0033:0x7f4b87518a4d [ 79.763349] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.763831] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.764489] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.765089] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.765640] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.766301] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.766871] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.767461] [ 79.767675] irq event stamp: 0 [ 79.767974] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.768466] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.769234] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.769887] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.770405] ---[ end trace 0000000000000000 ]--- [ 79.771207] ------------[ cut here ]------------ [ 79.771582] WARNING: CPU: 1 PID: 669 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.772403] Modules linked in: [ 79.772754] CPU: 1 PID: 669 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.773509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.774547] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.774986] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.776636] RSP: 0018:ffff88800f577b78 EFLAGS: 00010246 [ 79.777080] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.777793] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 79.778385] RBP: ffff88800f577b98 R08: ffffed1002542b3e R09: ffffed1002542b3e [ 79.779138] R10: ffff888012a159ef R11: ffffed1002542b3d R12: ffff888012a15a90 [ 79.779734] R13: ffff888012a158a8 R14: ffffffffffffffff R15: ffff88800f577c60 [ 79.780319] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.781124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.781609] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.782273] PKRU: 55555554 [ 79.782570] Call Trace: [ 79.782788] [ 79.782977] iommufd_ioas_destroy+0x53/0x70 [ 79.783351] iommufd_fops_release+0x1f7/0x370 [ 79.783733] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.784287] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.784696] ? write_comp_data+0x2f/0x90 [ 79.785045] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.785487] __fput+0x26d/0xa40 [ 79.785868] ____fput+0x1e/0x30 [ 79.786153] task_work_run+0x1a4/0x2d0 [ 79.786486] ? __pfx_task_work_run+0x10/0x10 [ 79.786888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.787314] ? switch_task_namespaces+0xa9/0xe0 [ 79.787847] do_exit+0xb17/0x2ef0 [ 79.788140] ? lock_acquire+0x427/0x4c0 [ 79.788485] ? __pfx_lock_release+0x10/0x10 [ 79.788855] ? __kasan_check_write+0x18/0x20 [ 79.789341] ? do_raw_spin_lock+0x132/0x2a0 [ 79.789707] ? __pfx_do_exit+0x10/0x10 [ 79.790048] ? debug_smp_processor_id+0x20/0x30 [ 79.790443] ? rcu_is_watching+0x19/0xb0 [ 79.790932] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.791341] ? trace_hardirqs_on+0x26/0x120 [ 79.791708] do_group_exit+0xe0/0x2b0 [ 79.792027] __x64_sys_exit_group+0x47/0x50 [ 79.792402] do_syscall_64+0x3b/0x90 [ 79.792821] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.793260] RIP: 0033:0x7f4b87518a4d [ 79.793566] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.794204] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.794862] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.795463] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.796186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.796772] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.797362] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.798100] [ 79.798298] irq event stamp: 0 [ 79.798581] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.799102] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.799939] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.800624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.801265] ---[ end trace 0000000000000000 ]--- [ 79.805962] ------------[ cut here ]------------ [ 79.806388] WARNING: CPU: 1 PID: 670 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.807378] Modules linked in: [ 79.807645] CPU: 1 PID: 670 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.808480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.809403] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.809948] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.811544] RSP: 0018:ffff888012aafbb8 EFLAGS: 00010246 [ 79.812009] RAX: 0000000000000000 RBX: ffff888020ebf8a8 RCX: 0000000000000000 [ 79.812601] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 79.813323] RBP: ffff888012aafbd0 R08: ffffed10041d7f33 R09: ffffed10041d7f33 [ 79.813912] R10: ffff888020ebf993 R11: ffffed10041d7f32 R12: ffff888016631800 [ 79.814494] R13: ffff888020ebf9e8 R14: ffffffff8352e670 R15: ffff888012aafe68 [ 79.815105] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.815774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.816254] CR2: 00007f4b877410e8 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 79.816852] PKRU: 55555554 [ 79.817093] Call Trace: [ 79.817307] [ 79.817496] __iommufd_access_detach+0x1c2/0x2b0 [ 79.817907] iommufd_access_change_pt+0x149/0x270 [ 79.818314] iommufd_access_replace+0xb4/0x120 [ 79.818730] iommufd_test+0x3e5/0x37e0 [ 79.819058] ? lock_release+0x532/0x770 [ 79.819422] ? __might_fault+0x102/0x1b0 [ 79.819769] ? lock_acquire+0x427/0x4c0 [ 79.820108] ? __pfx_iommufd_test+0x10/0x10 [ 79.820467] ? __pfx_lock_release+0x10/0x10 [ 79.820845] ? __pfx_lock_acquire+0x10/0x10 [ 79.821225] ? write_comp_data+0x2f/0x90 [ 79.821591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.822020] ? write_comp_data+0x2f/0x90 [ 79.822381] iommufd_fops_ioctl+0x37d/0x510 [ 79.822791] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.823229] ? write_comp_data+0x2f/0x90 [ 79.823598] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.824027] __x64_sys_ioctl+0x1a3/0x230 [ 79.824385] do_syscall_64+0x3b/0x90 [ 79.824718] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.825169] RIP: 0033:0x7f4b8743ee5d [ 79.825497] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.827071] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.827748] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.828355] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.828961] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.829563] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.830264] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.830926] [ 79.831142] irq event stamp: 0 [ 79.831417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.831967] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.832721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.833448] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.833999] ---[ end trace 0000000000000000 ]--- [ 79.836916] ------------[ cut here ]------------ [ 79.837410] WARNING: CPU: 1 PID: 670 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.838277] Modules linked in: [ 79.838798] CPU: 1 PID: 670 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.839573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.840543] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.840979] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.842581] RSP: 0018:ffff888012aafbd0 EFLAGS: 00010246 [ 79.843051] RAX: 0000000000000000 RBX: ffff888020ebf8a8 RCX: 0000000000000000 [ 79.843693] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 79.844313] RBP: ffff888012aafbe8 R08: ffffed10041d7f33 R09: ffffed10041d7f33 [ 79.844932] R10: ffff888020ebf993 R11: ffffed10041d7f32 R12: ffff888021baec00 [ 79.845548] R13: ffff888020ebf9e8 R14: ffff88800f253900 R15: 0000000000000000 [ 79.846168] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.846901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.847431] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.848070] PKRU: 55555554 [ 79.848319] Call Trace: [ 79.848547] [ 79.848751] iommufd_access_destroy_object+0x65/0x170 [ 79.849212] iommufd_object_destroy_user+0x18e/0x220 [ 79.849675] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.850189] iommufd_access_destroy+0x43/0x70 [ 79.850615] iommufd_test_staccess_release+0x8d/0xd0 [ 79.851075] __fput+0x26d/0xa40 [ 79.851389] ____fput+0x1e/0x30 [ 79.851690] task_work_run+0x1a4/0x2d0 [ 79.852039] ? __pfx_task_work_run+0x10/0x10 [ 79.852430] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.852865] ? switch_task_namespaces+0xa9/0xe0 [ 79.853288] do_exit+0xb17/0x2ef0 [ 79.853595] ? lock_acquire+0x427/0x4c0 [ 79.853959] ? __pfx_lock_release+0x10/0x10 [ 79.854355] ? __kasan_check_write+0x18/0x20 [ 79.854781] ? do_raw_spin_lock+0x132/0x2a0 [ 79.855194] ? __pfx_do_exit+0x10/0x10 [ 79.855578] ? debug_smp_processor_id+0x20/0x30 [ 79.856019] ? rcu_is_watching+0x19/0xb0 [ 79.856402] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.856833] ? trace_hardirqs_on+0x26/0x120 [ 79.857242] do_group_exit+0xe0/0x2b0 [ 79.857599] __x64_sys_exit_group+0x47/0x50 [ 79.858004] do_syscall_64+0x3b/0x90 [ 79.858366] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.858886] RIP: 0033:0x7f4b87518a4d [ 79.859250] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.859820] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.860519] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.861177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.861833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.862491] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.863189] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.863851] [ 79.864072] irq event stamp: 0 [ 79.864364] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.864947] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.865744] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.866571] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.867193] ---[ end trace 0000000000000000 ]--- [ 79.868009] ------------[ cut here ]------------ [ 79.868460] WARNING: CPU: 1 PID: 670 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.869486] Modules linked in: [ 79.869803] CPU: 1 PID: 670 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.870677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.871776] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.872278] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.874027] RSP: 0018:ffff888012aafb78 EFLAGS: 00010246 [ 79.874574] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.875275] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 79.875953] RBP: ffff888012aafb98 R08: ffffed10041d7f3e R09: ffffed10041d7f3e [ 79.876616] R10: ffff888020ebf9ef R11: ffffed10041d7f3d R12: ffff888020ebfa90 [ 79.877281] R13: ffff888020ebf8a8 R14: ffffffffffffffff R15: ffff888012aafc60 [ 79.877953] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.878729] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.879290] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.879976] PKRU: 55555554 [ 79.880249] Call Trace: [ 79.880495] [ 79.880710] iommufd_ioas_destroy+0x53/0x70 [ 79.881137] iommufd_fops_release+0x1f7/0x370 [ 79.881571] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.882051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.882549] ? write_comp_data+0x2f/0x90 [ 79.882957] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.883457] __fput+0x26d/0xa40 [ 79.883803] ____fput+0x1e/0x30 [ 79.884134] task_work_run+0x1a4/0x2d0 [ 79.884524] ? __pfx_task_work_run+0x10/0x10 [ 79.884955] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.885434] ? switch_task_namespaces+0xa9/0xe0 [ 79.885896] do_exit+0xb17/0x2ef0 [ 79.886235] ? lock_acquire+0x427/0x4c0 [ 79.886662] ? __pfx_lock_release+0x10/0x10 [ 79.887091] ? __kasan_check_write+0x18/0x20 [ 79.887542] ? do_raw_spin_lock+0x132/0x2a0 [ 79.887957] ? __pfx_do_exit+0x10/0x10 [ 79.888336] ? debug_smp_processor_id+0x20/0x30 [ 79.888789] ? rcu_is_watching+0x19/0xb0 [ 79.889177] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.889617] ? trace_hardirqs_on+0x26/0x120 [ 79.890032] do_group_exit+0xe0/0x2b0 [ 79.890396] __x64_sys_exit_group+0x47/0x50 [ 79.890835] do_syscall_64+0x3b/0x90 [ 79.891213] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.891724] RIP: 0033:0x7f4b87518a4d [ 79.892080] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.892662] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.893386] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.894076] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.894788] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.895478] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.896150] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.896828] [ 79.897048] irq event stamp: 0 [ 79.897342] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.897936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.898758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.899567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.900169] ---[ end trace 0000000000000000 ]--- [ 79.905044] ------------[ cut here ]------------ [ 79.905538] WARNING: CPU: 1 PID: 671 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.906479] Modules linked in: [ 79.906867] CPU: 1 PID: 671 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.907708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.908766] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.909242] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.910983] RSP: 0018:ffff88801494fbb8 EFLAGS: 00010246 [ 79.911513] RAX: 0000000000000000 RBX: ffff8880167e50a8 RCX: 0000000000000000 [ 79.912187] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 79.912867] RBP: ffff88801494fbd0 R08: ffffed1002cfca33 R09: ffffed1002cfca33 [ 79.913548] R10: ffff8880167e5193 R11: ffffed1002cfca32 R12: ffff888021bb4400 [ 79.914233] R13: ffff8880167e51e8 R14: ffffffff8352e670 R15: ffff88801494fe68 [ 79.914930] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.915716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.916261] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ee0 [ 79.916928] PKRU: 55555554 [ 79.917196] Call Trace: [ 79.917445] [ 79.917660] __iommufd_access_detach+0x1c2/0x2b0 [ 79.918130] iommufd_access_change_pt+0x149/0x270 [ 79.918636] iommufd_access_replace+0xb4/0x120 [ 79.919094] iommufd_test+0x3e5/0x37e0 [ 79.919484] ? lock_release+0x532/0x770 [ 79.919880] ? __might_fault+0x102/0x1b0 [ 79.920271] ? lock_acquire+0x427/0x4c0 [ 79.920662] ? __pfx_iommufd_test+0x10/0x10 [ 79.921075] ? __pfx_lock_release+0x10/0x10 [ 79.921489] ? __pfx_lock_acquire+0x10/0x10 [ 79.921902] ? write_comp_data+0x2f/0x90 [ 79.922296] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.922786] ? write_comp_data+0x2f/0x90 [ 79.923196] iommufd_fops_ioctl+0x37d/0x510 [ 79.923625] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.924099] ? write_comp_data+0x2f/0x90 [ 79.924495] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 79.924957] __x64_sys_ioctl+0x1a3/0x230 [ 79.925353] do_syscall_64+0x3b/0x90 [ 79.925710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.926203] RIP: 0033:0x7f4b8743ee5d [ 79.926578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 79.928301] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 79.929026] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 79.929701] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 79.930380] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 79.931084] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 79.931777] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 79.932465] [ 79.932685] irq event stamp: 0 [ 79.933063] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.933665] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.934458] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.935281] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.935880] ---[ end trace 0000000000000000 ]--- [ 79.938905] ------------[ cut here ]------------ [ 79.939404] WARNING: CPU: 1 PID: 671 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 79.940347] Modules linked in: [ 79.940653] CPU: 1 PID: 671 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.941467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.942557] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 79.943038] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 79.944783] RSP: 0018:ffff88801494fbd0 EFLAGS: 00010246 [ 79.945289] RAX: 0000000000000000 RBX: ffff8880167e50a8 RCX: 0000000000000000 [ 79.945964] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 79.946667] RBP: ffff88801494fbe8 R08: ffffed1002cfca33 R09: ffffed1002cfca33 [ 79.947376] R10: ffff8880167e5193 R11: ffffed1002cfca32 R12: ffff888018428000 [ 79.948063] R13: ffff8880167e51e8 R14: ffff88800fd08c00 R15: 0000000000000000 [ 79.948743] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.949512] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.950062] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.950770] PKRU: 55555554 [ 79.951045] Call Trace: [ 79.951308] [ 79.951529] iommufd_access_destroy_object+0x65/0x170 [ 79.952030] iommufd_object_destroy_user+0x18e/0x220 [ 79.952518] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 79.953087] iommufd_access_destroy+0x43/0x70 [ 79.953535] iommufd_test_staccess_release+0x8d/0xd0 [ 79.954035] __fput+0x26d/0xa40 [ 79.954369] ____fput+0x1e/0x30 [ 79.954726] task_work_run+0x1a4/0x2d0 [ 79.955121] ? __pfx_task_work_run+0x10/0x10 [ 79.955549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.956020] ? switch_task_namespaces+0xa9/0xe0 [ 79.956475] do_exit+0xb17/0x2ef0 [ 79.956810] ? lock_acquire+0x427/0x4c0 [ 79.957200] ? __pfx_lock_release+0x10/0x10 [ 79.957623] ? __kasan_check_write+0x18/0x20 [ 79.958054] ? do_raw_spin_lock+0x132/0x2a0 [ 79.958474] ? __pfx_do_exit+0x10/0x10 [ 79.958890] ? debug_smp_processor_id+0x20/0x30 [ 79.959359] ? rcu_is_watching+0x19/0xb0 [ 79.959762] ? _raw_spin_unlock_irq+0x2b/0x60 [ 79.960265] ? trace_hardirqs_on+0x26/0x120 [ 79.960837] do_group_exit+0xe0/0x2b0 [ 79.961209] __x64_sys_exit_group+0x47/0x50 [ 79.961631] do_syscall_64+0x3b/0x90 [ 79.962023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 79.962697] RIP: 0033:0x7f4b87518a4d [ 79.963060] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 79.963664] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 79.964572] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 79.965324] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 79.966203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 79.966965] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 79.967724] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 79.968543] [ 79.968913] irq event stamp: 0 [ 79.969248] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 79.969913] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 79.971047] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 79.971951] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 79.972610] ---[ end trace 0000000000000000 ]--- [ 79.973694] ------------[ cut here ]------------ [ 79.974192] WARNING: CPU: 1 PID: 671 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 79.975509] Modules linked in: [ 79.975857] CPU: 1 PID: 671 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 79.976760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 79.978133] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 79.978708] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 79.980855] RSP: 0018:ffff88801494fb78 EFLAGS: 00010246 [ 79.981468] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 79.982366] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 79.983163] RBP: ffff88801494fb98 R08: ffffed1002cfca3e R09: ffffed1002cfca3e [ 79.984138] R10: ffff8880167e51ef R11: ffffed1002cfca3d R12: ffff8880167e5290 [ 79.984891] R13: ffff8880167e50a8 R14: ffffffffffffffff R15: ffff88801494fc60 [ 79.985702] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 79.986688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.987319] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 79.988062] PKRU: 55555554 [ 79.988569] Call Trace: [ 79.988840] [ 79.989082] iommufd_ioas_destroy+0x53/0x70 [ 79.989545] iommufd_fops_release+0x1f7/0x370 [ 79.990062] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.990776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.991323] ? write_comp_data+0x2f/0x90 [ 79.991762] ? __pfx_iommufd_fops_release+0x10/0x10 [ 79.992301] __fput+0x26d/0xa40 [ 79.992854] ____fput+0x1e/0x30 [ 79.993214] task_work_run+0x1a4/0x2d0 [ 79.993632] ? __pfx_task_work_run+0x10/0x10 [ 79.994109] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 79.994884] ? switch_task_namespaces+0xa9/0xe0 [ 79.995417] do_exit+0xb17/0x2ef0 [ 79.995797] ? lock_acquire+0x427/0x4c0 [ 79.996237] ? __pfx_lock_release+0x10/0x10 [ 79.996696] ? __kasan_check_write+0x18/0x20 [ 79.997465] ? do_raw_spin_lock+0x132/0x2a0 [ 79.997928] ? __pfx_do_exit+0x10/0x10 [ 79.998346] ? debug_smp_processor_id+0x20/0x30 [ 79.998872] ? rcu_is_watching+0x19/0xb0 [ 79.999521] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.000005] ? trace_hardirqs_on+0x26/0x120 [ 80.000464] do_group_exit+0xe0/0x2b0 [ 80.000869] __x64_sys_exit_group+0x47/0x50 [ 80.001366] do_syscall_64+0x3b/0x90 [ 80.001897] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.002451] RIP: 0033:0x7f4b87518a4d [ 80.002879] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.003568] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.004528] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.005291] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.006265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.007050] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.007820] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.008788] [ 80.009042] irq event stamp: 0 [ 80.009380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.010155] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.011210] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.012099] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.012995] ---[ end trace 0000000000000000 ]--- [ 80.018222] ------------[ cut here ]------------ [ 80.019027] WARNING: CPU: 1 PID: 672 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.020114] Modules linked in: [ 80.020489] CPU: 1 PID: 672 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.021575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.022829] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.023534] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.025661] RSP: 0018:ffff88800b7f7bb8 EFLAGS: 00010246 [ 80.026230] RAX: 0000000000000000 RBX: ffff888017b708a8 RCX: 0000000000000000 [ 80.027043] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 80.028452] RBP: ffff88800b7f7bd0 R08: ffffed1002f6e133 R09: ffffed1002f6e133 [ 80.029423] R10: ffff888017b70993 R11: ffffed1002f6e132 R12: ffff888016630400 [ 80.030255] R13: ffff888017b709e8 R14: ffffffff8352e670 R15: ffff88800b7f7e68 [ 80.031075] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.032162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.032777] CR2: 00007f4b877410e8 CR3: 000000001476c000 CR4: 0000000000750ee0 [ 80.033590] PKRU: 55555554 [ 80.034034] Call Trace: [ 80.034311] [ 80.034587] __iommufd_access_detach+0x1c2/0x2b0 [ 80.035117] iommufd_access_change_pt+0x149/0x270 [ 80.035640] iommufd_access_replace+0xb4/0x120 [ 80.036318] iommufd_test+0x3e5/0x37e0 [ 80.036749] ? lock_release+0x532/0x770 [ 80.037184] ? __might_fault+0x102/0x1b0 [ 80.037619] ? lock_acquire+0x427/0x4c0 [ 80.038050] ? __pfx_iommufd_test+0x10/0x10 [ 80.038547] ? __pfx_lock_release+0x10/0x10 [ 80.039023] ? __pfx_lock_acquire+0x10/0x10 [ 80.039509] ? write_comp_data+0x2f/0x90 [ 80.039952] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.040466] ? write_comp_data+0x2f/0x90 [ 80.040909] iommufd_fops_ioctl+0x37d/0x510 [ 80.041368] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.041888] ? write_comp_data+0x2f/0x90 [ 80.042328] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.042867] __x64_sys_ioctl+0x1a3/0x230 [ 80.043340] do_syscall_64+0x3b/0x90 [ 80.043748] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.044300] RIP: 0033:0x7f4b8743ee5d [ 80.044694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.046637] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.047447] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.048190] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.048929] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.049666] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.050404] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.051193] [ 80.051442] irq event stamp: 0 [ 80.051791] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.052456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.053332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.054200] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.054905] ---[ end trace 0000000000000000 ]--- [ 80.058389] ------------[ cut here ]------------ [ 80.059197] WARNING: CPU: 1 PID: 672 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.060238] Modules linked in: [ 80.060573] CPU: 1 PID: 672 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.061546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.062739] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.063256] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.065138] RSP: 0018:ffff88800b7f7bd0 EFLAGS: 00010246 [ 80.065694] RAX: 0000000000000000 RBX: ffff888017b708a8 RCX: 0000000000000000 [ 80.066446] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 80.067230] RBP: ffff88800b7f7be8 R08: ffffed1002f6e133 R09: ffffed1002f6e133 [ 80.067980] R10: ffff888017b70993 R11: ffffed1002f6e132 R12: ffff888021bb4000 [ 80.068717] R13: ffff888017b709e8 R14: ffff888013f64300 R15: 0000000000000000 [ 80.069459] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.070310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.070938] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.071706] PKRU: 55555554 [ 80.072002] Call Trace: [ 80.072267] [ 80.072499] iommufd_access_destroy_object+0x65/0x170 [ 80.073038] iommufd_object_destroy_user+0x18e/0x220 [ 80.073566] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.074172] iommufd_access_destroy+0x43/0x70 [ 80.074670] iommufd_test_staccess_release+0x8d/0xd0 [ 80.075233] __fput+0x26d/0xa40 [ 80.075592] ____fput+0x1e/0x30 [ 80.075943] task_work_run+0x1a4/0x2d0 [ 80.076354] ? __pfx_task_work_run+0x10/0x10 [ 80.076810] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.077313] ? switch_task_namespaces+0xa9/0xe0 [ 80.077807] do_exit+0xb17/0x2ef0 [ 80.078165] ? lock_acquire+0x427/0x4c0 [ 80.078610] ? __pfx_lock_release+0x10/0x10 [ 80.079081] ? __kasan_check_write+0x18/0x20 [ 80.079560] ? do_raw_spin_lock+0x132/0x2a0 [ 80.080010] ? __pfx_do_exit+0x10/0x10 [ 80.080420] ? debug_smp_processor_id+0x20/0x30 [ 80.080904] ? rcu_is_watching+0x19/0xb0 [ 80.081331] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.081808] ? trace_hardirqs_on+0x26/0x120 [ 80.082265] do_group_exit+0xe0/0x2b0 [ 80.082692] __x64_sys_exit_group+0x47/0x50 [ 80.083149] do_syscall_64+0x3b/0x90 [ 80.083547] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.084084] RIP: 0033:0x7f4b87518a4d [ 80.084468] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.085091] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.085860] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.086608] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.087341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.088011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.088670] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.089343] [ 80.089566] irq event stamp: 0 [ 80.089864] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.090451] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.091265] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.092050] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.092629] ---[ end trace 0000000000000000 ]--- [ 80.093478] ------------[ cut here ]------------ [ 80.093914] WARNING: CPU: 1 PID: 672 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.094874] Modules linked in: [ 80.095183] CPU: 1 PID: 672 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.095981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.096988] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.097453] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.099127] RSP: 0018:ffff88800b7f7b78 EFLAGS: 00010246 [ 80.099615] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.100252] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 80.100891] RBP: ffff88800b7f7b98 R08: ffffed1002f6e13e R09: ffffed1002f6e13e [ 80.101522] R10: ffff888017b709ef R11: ffffed1002f6e13d R12: ffff888017b70a90 [ 80.102135] R13: ffff888017b708a8 R14: ffffffffffffffff R15: ffff88800b7f7c60 [ 80.102765] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.103467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.103960] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.104568] PKRU: 55555554 [ 80.104813] Call Trace: [ 80.105035] [ 80.105232] iommufd_ioas_destroy+0x53/0x70 [ 80.105609] iommufd_fops_release+0x1f7/0x370 [ 80.105999] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.106430] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.106884] ? write_comp_data+0x2f/0x90 [ 80.107248] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.107683] __fput+0x26d/0xa40 [ 80.107985] ____fput+0x1e/0x30 [ 80.108283] task_work_run+0x1a4/0x2d0 [ 80.108628] ? __pfx_task_work_run+0x10/0x10 [ 80.109016] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.109440] ? switch_task_namespaces+0xa9/0xe0 [ 80.109855] do_exit+0xb17/0x2ef0 [ 80.110153] ? lock_acquire+0x427/0x4c0 [ 80.110529] ? __pfx_lock_release+0x10/0x10 [ 80.110908] ? __kasan_check_write+0x18/0x20 [ 80.111311] ? do_raw_spin_lock+0x132/0x2a0 [ 80.111683] ? __pfx_do_exit+0x10/0x10 [ 80.112026] ? debug_smp_processor_id+0x20/0x30 [ 80.112431] ? rcu_is_watching+0x19/0xb0 [ 80.112793] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.113192] ? trace_hardirqs_on+0x26/0x120 [ 80.113574] do_group_exit+0xe0/0x2b0 [ 80.113905] __x64_sys_exit_group+0x47/0x50 [ 80.114285] do_syscall_64+0x3b/0x90 [ 80.114647] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.115102] RIP: 0033:0x7f4b87518a4d [ 80.115428] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.115944] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.116579] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.117182] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.117764] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.118334] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.118925] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.119515] [ 80.119704] irq event stamp: 0 [ 80.119959] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.120467] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.121138] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.121807] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.122308] ---[ end trace 0000000000000000 ]--- [ 80.127002] ------------[ cut here ]------------ [ 80.127434] WARNING: CPU: 1 PID: 673 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.128239] Modules linked in: [ 80.128498] CPU: 1 PID: 673 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.129199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.130095] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.130491] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.132029] RSP: 0018:ffff888023fdfbb8 EFLAGS: 00010246 [ 80.132455] RAX: 0000000000000000 RBX: ffff888011d9e8a8 RCX: 0000000000000000 [ 80.133009] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 80.133558] RBP: ffff888023fdfbd0 R08: ffffed10023b3d33 R09: ffffed10023b3d33 [ 80.134106] R10: ffff888011d9e993 R11: ffffed10023b3d32 R12: ffff888010b25000 [ 80.134672] R13: ffff888011d9e9e8 R14: ffffffff8352e670 R15: ffff888023fdfe68 [ 80.135222] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.135839] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.136285] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 80.136833] PKRU: 55555554 [ 80.137053] Call Trace: [ 80.137250] [ 80.137422] __iommufd_access_detach+0x1c2/0x2b0 [ 80.137803] iommufd_access_change_pt+0x149/0x270 [ 80.138187] iommufd_access_replace+0xb4/0x120 [ 80.138570] iommufd_test+0x3e5/0x37e0 [ 80.138875] ? lock_release+0x532/0x770 [ 80.139197] ? __might_fault+0x102/0x1b0 [ 80.139519] ? lock_acquire+0x427/0x4c0 [ 80.139838] ? __pfx_iommufd_test+0x10/0x10 [ 80.140173] ? __pfx_lock_release+0x10/0x10 [ 80.140514] ? __pfx_lock_acquire+0x10/0x10 [ 80.140856] ? write_comp_data+0x2f/0x90 [ 80.141179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.141560] ? write_comp_data+0x2f/0x90 [ 80.141877] iommufd_fops_ioctl+0x37d/0x510 [ 80.142205] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.142594] ? write_comp_data+0x2f/0x90 [ 80.142913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.143300] __x64_sys_ioctl+0x1a3/0x230 [ 80.143623] do_syscall_64+0x3b/0x90 [ 80.143916] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.144318] RIP: 0033:0x7f4b8743ee5d [ 80.144599] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.145964] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.146555] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.147095] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.147636] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.148173] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.148706] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.149246] [ 80.149422] irq event stamp: 0 [ 80.149663] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.150136] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.150785] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.151421] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.151897] ---[ end trace 0000000000000000 ]--- [ 80.154551] ------------[ cut here ]------------ [ 80.154939] WARNING: CPU: 1 PID: 673 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.155706] Modules linked in: [ 80.155949] CPU: 1 PID: 673 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.156594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.157488] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.157864] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.159250] RSP: 0018:ffff888023fdfbd0 EFLAGS: 00010246 [ 80.159650] RAX: 0000000000000000 RBX: ffff888011d9e8a8 RCX: 0000000000000000 [ 80.160182] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 80.160715] RBP: ffff888023fdfbe8 R08: ffffed10023b3d33 R09: ffffed10023b3d33 [ 80.161246] R10: ffff888011d9e993 R11: ffffed10023b3d32 R12: ffff888012eaa800 [ 80.161777] R13: ffff888011d9e9e8 R14: ffff88802098b900 R15: 0000000000000000 [ 80.162311] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.162924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.163365] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.163899] PKRU: 55555554 [ 80.164110] Call Trace: [ 80.164302] [ 80.164471] iommufd_access_destroy_object+0x65/0x170 [ 80.164862] iommufd_object_destroy_user+0x18e/0x220 [ 80.165266] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.165709] iommufd_access_destroy+0x43/0x70 [ 80.166059] iommufd_test_staccess_release+0x8d/0xd0 [ 80.166446] __fput+0x26d/0xa40 [ 80.166726] ____fput+0x1e/0x30 [ 80.166985] task_work_run+0x1a4/0x2d0 [ 80.167294] ? __pfx_task_work_run+0x10/0x10 [ 80.167634] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.168008] ? switch_task_namespaces+0xa9/0xe0 [ 80.168370] do_exit+0xb17/0x2ef0 [ 80.168632] ? lock_acquire+0x427/0x4c0 [ 80.168939] ? __pfx_lock_release+0x10/0x10 [ 80.169270] ? __kasan_check_write+0x18/0x20 [ 80.169606] ? do_raw_spin_lock+0x132/0x2a0 [ 80.169934] ? __pfx_do_exit+0x10/0x10 [ 80.170234] ? debug_smp_processor_id+0x20/0x30 [ 80.170607] ? rcu_is_watching+0x19/0xb0 [ 80.170918] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.171274] ? trace_hardirqs_on+0x26/0x120 [ 80.171606] do_group_exit+0xe0/0x2b0 [ 80.171897] __x64_sys_exit_group+0x47/0x50 [ 80.172220] do_syscall_64+0x3b/0x90 [ 80.172508] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.172907] RIP: 0033:0x7f4b87518a4d [ 80.173186] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.173647] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.174213] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.174766] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.175317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.175853] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.176388] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.176930] [ 80.177107] irq event stamp: 0 [ 80.177344] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.177818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.178442] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.179083] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.179560] ---[ end trace 0000000000000000 ]--- [ 80.180243] ------------[ cut here ]------------ [ 80.180593] WARNING: CPU: 1 PID: 673 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.181344] Modules linked in: [ 80.181584] CPU: 1 PID: 673 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.182232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.183083] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.183477] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.184842] RSP: 0018:ffff888023fdfb78 EFLAGS: 00010246 [ 80.185239] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.185768] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 80.186298] RBP: ffff888023fdfb98 R08: ffffed10023b3d3e R09: ffffed10023b3d3e [ 80.186845] R10: ffff888011d9e9ef R11: ffffed10023b3d3d R12: ffff888011d9ea90 [ 80.187384] R13: ffff888011d9e8a8 R14: ffffffffffffffff R15: ffff888023fdfc60 [ 80.187922] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.188525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.189017] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.189551] PKRU: 55555554 [ 80.189768] Call Trace: [ 80.189963] [ 80.190135] iommufd_ioas_destroy+0x53/0x70 [ 80.190467] iommufd_fops_release+0x1f7/0x370 [ 80.190829] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.191217] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.191593] ? write_comp_data+0x2f/0x90 [ 80.191918] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.192302] __fput+0x26d/0xa40 [ 80.192568] ____fput+0x1e/0x30 [ 80.192827] task_work_run+0x1a4/0x2d0 [ 80.193131] ? __pfx_task_work_run+0x10/0x10 [ 80.193471] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.193845] ? switch_task_namespaces+0xa9/0xe0 [ 80.194211] do_exit+0xb17/0x2ef0 [ 80.194476] ? lock_acquire+0x427/0x4c0 [ 80.194807] ? __pfx_lock_release+0x10/0x10 [ 80.195156] ? __kasan_check_write+0x18/0x20 [ 80.195497] ? do_raw_spin_lock+0x132/0x2a0 [ 80.195827] ? __pfx_do_exit+0x10/0x10 [ 80.196134] ? debug_smp_processor_id+0x20/0x30 [ 80.196494] ? rcu_is_watching+0x19/0xb0 [ 80.196797] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.197143] ? trace_hardirqs_on+0x26/0x120 [ 80.197473] do_group_exit+0xe0/0x2b0 [ 80.197759] __x64_sys_exit_group+0x47/0x50 [ 80.198079] do_syscall_64+0x3b/0x90 [ 80.198364] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.198784] RIP: 0033:0x7f4b87518a4d [ 80.199062] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.199528] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.200090] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.200616] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.201143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.201669] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.202195] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.202745] [ 80.202920] irq event stamp: 0 [ 80.203163] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.203628] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.204242] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.204862] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.205330] ---[ end trace 0000000000000000 ]--- [ 80.209327] ------------[ cut here ]------------ [ 80.209697] WARNING: CPU: 1 PID: 674 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.210427] Modules linked in: [ 80.210733] CPU: 1 PID: 674 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.211378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.212200] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.212565] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.213880] RSP: 0018:ffff888023dc7bb8 EFLAGS: 00010246 [ 80.214266] RAX: 0000000000000000 RBX: ffff888012aac0a8 RCX: 0000000000000000 [ 80.214798] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 80.215323] RBP: ffff888023dc7bd0 R08: ffffed1002555833 R09: ffffed1002555833 [ 80.215840] R10: ffff888012aac193 R11: ffffed1002555832 R12: ffff888014393000 [ 80.216356] R13: ffff888012aac1e8 R14: ffffffff8352e670 R15: ffff888023dc7e68 [ 80.216878] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.217460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.217882] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ee0 [ 80.218400] PKRU: 55555554 [ 80.218624] Call Trace: [ 80.218813] [ 80.218981] __iommufd_access_detach+0x1c2/0x2b0 [ 80.219355] iommufd_access_change_pt+0x149/0x270 [ 80.219721] iommufd_access_replace+0xb4/0x120 [ 80.220068] iommufd_test+0x3e5/0x37e0 [ 80.220554] ? lock_release+0x532/0x770 [ 80.221086] ? __might_fault+0x102/0x1b0 [ 80.221401] ? lock_acquire+0x427/0x4c0 [ 80.221703] ? __pfx_iommufd_test+0x10/0x10 [ 80.222020] ? __pfx_lock_release+0x10/0x10 [ 80.222424] ? __pfx_lock_acquire+0x10/0x10 [ 80.222836] ? write_comp_data+0x2f/0x90 [ 80.223160] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.223523] ? write_comp_data+0x2f/0x90 [ 80.223830] iommufd_fops_ioctl+0x37d/0x510 [ 80.224211] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.224610] ? write_comp_data+0x2f/0x90 [ 80.224916] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.225276] __x64_sys_ioctl+0x1a3/0x230 [ 80.225635] do_syscall_64+0x3b/0x90 [ 80.225955] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.226340] RIP: 0033:0x7f4b8743ee5d [ 80.226631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.228076] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.228632] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.229252] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.229769] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.230389] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.230939] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.231481] [ 80.231656] irq event stamp: 0 [ 80.231938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.232457] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.233097] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.233753] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.234214] ---[ end trace 0000000000000000 ]--- [ 80.237121] ------------[ cut here ]------------ [ 80.237567] WARNING: CPU: 1 PID: 674 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.238317] Modules linked in: [ 80.238610] CPU: 1 PID: 674 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.239310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.240159] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.240597] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.242022] RSP: 0018:ffff888023dc7bd0 EFLAGS: 00010246 [ 80.242412] RAX: 0000000000000000 RBX: ffff888012aac0a8 RCX: 0000000000000000 [ 80.243011] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 80.243584] RBP: ffff888023dc7be8 R08: ffffed1002555833 R09: ffffed1002555833 [ 80.244111] R10: ffff888012aac193 R11: ffffed1002555832 R12: ffff888010b24400 [ 80.244751] R13: ffff888012aac1e8 R14: ffff8880142c5800 R15: 0000000000000000 [ 80.245283] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.245970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.246403] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.246956] PKRU: 55555554 [ 80.247258] Call Trace: [ 80.247451] [ 80.247623] iommufd_access_destroy_object+0x65/0x170 [ 80.248016] iommufd_object_destroy_user+0x18e/0x220 [ 80.248400] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.248893] iommufd_access_destroy+0x43/0x70 [ 80.249280] iommufd_test_staccess_release+0x8d/0xd0 [ 80.249671] __fput+0x26d/0xa40 [ 80.249933] ____fput+0x1e/0x30 [ 80.250242] task_work_run+0x1a4/0x2d0 [ 80.250610] ? __pfx_task_work_run+0x10/0x10 [ 80.250952] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.251340] ? switch_task_namespaces+0xa9/0xe0 [ 80.251729] do_exit+0xb17/0x2ef0 [ 80.252029] ? lock_acquire+0x427/0x4c0 [ 80.252337] ? __pfx_lock_release+0x10/0x10 [ 80.252672] ? __kasan_check_write+0x18/0x20 [ 80.253118] ? do_raw_spin_lock+0x132/0x2a0 [ 80.253460] ? __pfx_do_exit+0x10/0x10 [ 80.253768] ? debug_smp_processor_id+0x20/0x30 [ 80.254130] ? rcu_is_watching+0x19/0xb0 [ 80.254555] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.254911] ? trace_hardirqs_on+0x26/0x120 [ 80.255254] do_group_exit+0xe0/0x2b0 [ 80.255550] __x64_sys_exit_group+0x47/0x50 [ 80.255907] do_syscall_64+0x3b/0x90 [ 80.256289] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.256693] RIP: 0033:0x7f4b87518a4d [ 80.256978] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.257555] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.258133] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.258762] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.259368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.259923] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.260524] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.261122] [ 80.261305] irq event stamp: 0 [ 80.261551] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.262146] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.262817] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.263511] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.264059] ---[ end trace 0000000000000000 ]--- [ 80.264737] ------------[ cut here ]------------ [ 80.265214] WARNING: CPU: 1 PID: 674 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.266000] Modules linked in: [ 80.266256] CPU: 1 PID: 674 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.267049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.267927] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.268439] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.269933] RSP: 0018:ffff888023dc7b78 EFLAGS: 00010246 [ 80.270345] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.271007] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 80.271575] RBP: ffff888023dc7b98 R08: ffffed100255583e R09: ffffed100255583e [ 80.272122] R10: ffff888012aac1ef R11: ffffed100255583d R12: ffff888012aac290 [ 80.272781] R13: ffff888012aac0a8 R14: ffffffffffffffff R15: ffff888023dc7c60 [ 80.273338] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.274078] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.274562] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.275123] PKRU: 55555554 [ 80.275351] Call Trace: [ 80.275597] [ 80.275821] iommufd_ioas_destroy+0x53/0x70 [ 80.276164] iommufd_fops_release+0x1f7/0x370 [ 80.276518] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.276978] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.277414] ? write_comp_data+0x2f/0x90 [ 80.277748] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.278152] __fput+0x26d/0xa40 [ 80.278496] ____fput+0x1e/0x30 [ 80.278819] task_work_run+0x1a4/0x2d0 [ 80.279158] ? __pfx_task_work_run+0x10/0x10 [ 80.279526] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.279933] ? switch_task_namespaces+0xa9/0xe0 [ 80.280445] do_exit+0xb17/0x2ef0 [ 80.280735] ? lock_acquire+0x427/0x4c0 [ 80.281068] ? __pfx_lock_release+0x10/0x10 [ 80.281426] ? __kasan_check_write+0x18/0x20 [ 80.281894] ? do_raw_spin_lock+0x132/0x2a0 [ 80.282250] ? __pfx_do_exit+0x10/0x10 [ 80.282607] ? debug_smp_processor_id+0x20/0x30 [ 80.282995] ? rcu_is_watching+0x19/0xb0 [ 80.283368] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.283806] ? trace_hardirqs_on+0x26/0x120 [ 80.284167] do_group_exit+0xe0/0x2b0 [ 80.284483] __x64_sys_exit_group+0x47/0x50 [ 80.284876] do_syscall_64+0x3b/0x90 [ 80.285296] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.285727] RIP: 0033:0x7f4b87518a4d [ 80.286030] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.286663] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.287289] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.287871] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.288552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.289131] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.289810] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.290404] [ 80.290622] irq event stamp: 0 [ 80.290884] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.291532] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.292219] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.293015] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.293531] ---[ end trace 0000000000000000 ]--- [ 80.297177] ------------[ cut here ]------------ [ 80.297596] WARNING: CPU: 0 PID: 675 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.298422] Modules linked in: [ 80.298760] CPU: 0 PID: 675 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.299479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.300397] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.300813] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.302298] RSP: 0018:ffff8880181a7bb8 EFLAGS: 00010246 [ 80.302987] RAX: 0000000000000000 RBX: ffff888013e108a8 RCX: 0000000000000000 [ 80.303577] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 80.304150] RBP: ffff8880181a7bd0 R08: ffffed10027c2133 R09: ffffed10027c2133 [ 80.304726] R10: ffff888013e10993 R11: ffffed10027c2132 R12: ffff888017ba3400 [ 80.305301] R13: ffff888013e109e8 R14: ffffffff8352e670 R15: ffff8880181a7e68 [ 80.305878] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 80.306555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.307028] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ef0 [ 80.307616] PKRU: 55555554 [ 80.307846] Call Trace: [ 80.308054] [ 80.308241] __iommufd_access_detach+0x1c2/0x2b0 [ 80.308643] iommufd_access_change_pt+0x149/0x270 [ 80.309047] iommufd_access_replace+0xb4/0x120 [ 80.309431] iommufd_test+0x3e5/0x37e0 [ 80.309750] ? lock_release+0x532/0x770 [ 80.310088] ? __might_fault+0x102/0x1b0 [ 80.310429] ? lock_acquire+0x427/0x4c0 [ 80.310782] ? __pfx_iommufd_test+0x10/0x10 [ 80.311145] ? __pfx_lock_release+0x10/0x10 [ 80.311513] ? __pfx_lock_acquire+0x10/0x10 [ 80.311880] ? write_comp_data+0x2f/0x90 [ 80.312221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.312623] ? write_comp_data+0x2f/0x90 [ 80.312967] iommufd_fops_ioctl+0x37d/0x510 [ 80.313325] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.313727] ? write_comp_data+0x2f/0x90 [ 80.314065] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.314462] __x64_sys_ioctl+0x1a3/0x230 [ 80.314826] do_syscall_64+0x3b/0x90 [ 80.315153] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.315580] RIP: 0033:0x7f4b8743ee5d [ 80.315883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.317344] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.317957] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.318545] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.319121] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.319695] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.320274] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.320858] [ 80.321046] irq event stamp: 0 [ 80.321313] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.321827] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.322502] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.323208] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.323715] ---[ end trace 0000000000000000 ]--- [ 80.326753] ------------[ cut here ]------------ [ 80.327170] WARNING: CPU: 0 PID: 675 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.327978] Modules linked in: [ 80.328239] CPU: 0 PID: 675 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.328930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.329829] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.330231] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.331723] RSP: 0018:ffff8880181a7bd0 EFLAGS: 00010246 [ 80.332153] RAX: 0000000000000000 RBX: ffff888013e108a8 RCX: 0000000000000000 [ 80.332708] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 80.333260] RBP: ffff8880181a7be8 R08: ffffed10027c2133 R09: ffffed10027c2133 [ 80.333814] R10: ffff888013e10993 R11: ffffed10027c2132 R12: ffff888010e02800 [ 80.334367] R13: ffff888013e109e8 R14: ffff88801218c600 R15: 0000000000000000 [ 80.334938] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 80.335568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.336028] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 80.336586] PKRU: 55555554 [ 80.336808] Call Trace: [ 80.337010] [ 80.337191] iommufd_access_destroy_object+0x65/0x170 [ 80.337602] iommufd_object_destroy_user+0x18e/0x220 [ 80.338009] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.338467] iommufd_access_destroy+0x43/0x70 [ 80.338852] iommufd_test_staccess_release+0x8d/0xd0 [ 80.339271] __fput+0x26d/0xa40 [ 80.339546] ____fput+0x1e/0x30 [ 80.339815] task_work_run+0x1a4/0x2d0 [ 80.340132] ? __pfx_task_work_run+0x10/0x10 [ 80.340483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.340871] ? switch_task_namespaces+0xa9/0xe0 [ 80.341248] do_exit+0xb17/0x2ef0 [ 80.341521] ? lock_acquire+0x427/0x4c0 [ 80.341844] ? __pfx_lock_release+0x10/0x10 [ 80.342187] ? __kasan_check_write+0x18/0x20 [ 80.342549] ? do_raw_spin_lock+0x132/0x2a0 [ 80.342907] ? __pfx_do_exit+0x10/0x10 [ 80.343229] ? debug_smp_processor_id+0x20/0x30 [ 80.343599] ? rcu_is_watching+0x19/0xb0 [ 80.343919] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.344278] ? trace_hardirqs_on+0x26/0x120 [ 80.344621] do_group_exit+0xe0/0x2b0 [ 80.344920] __x64_sys_exit_group+0x47/0x50 [ 80.345258] do_syscall_64+0x3b/0x90 [ 80.345559] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.345970] RIP: 0033:0x7f4b87518a4d [ 80.346261] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.346761] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.347384] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.347942] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.348497] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.349055] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.349609] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.350171] [ 80.350357] irq event stamp: 0 [ 80.350620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.351125] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.351778] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.352420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.352900] ---[ end trace 0000000000000000 ]--- [ 80.353574] ------------[ cut here ]------------ [ 80.353935] WARNING: CPU: 0 PID: 675 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.354726] Modules linked in: [ 80.354975] CPU: 0 PID: 675 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.355646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.356500] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.356893] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.358279] RSP: 0018:ffff8880181a7b78 EFLAGS: 00010246 [ 80.358713] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.359267] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 80.359810] RBP: ffff8880181a7b98 R08: ffffed10027c213e R09: ffffed10027c213e [ 80.360352] R10: ffff888013e109ef R11: ffffed10027c213d R12: ffff888013e10a90 [ 80.360896] R13: ffff888013e108a8 R14: ffffffffffffffff R15: ffff8880181a7c60 [ 80.361441] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 80.362054] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.362497] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 80.363062] PKRU: 55555554 [ 80.363290] Call Trace: [ 80.363487] [ 80.363663] iommufd_ioas_destroy+0x53/0x70 [ 80.364003] iommufd_fops_release+0x1f7/0x370 [ 80.364356] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.364744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.365126] ? write_comp_data+0x2f/0x90 [ 80.365451] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.365840] __fput+0x26d/0xa40 [ 80.366109] ____fput+0x1e/0x30 [ 80.366373] task_work_run+0x1a4/0x2d0 [ 80.366701] ? __pfx_task_work_run+0x10/0x10 [ 80.367046] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.367432] ? switch_task_namespaces+0xa9/0xe0 [ 80.367799] do_exit+0xb17/0x2ef0 [ 80.368066] ? lock_acquire+0x427/0x4c0 [ 80.368383] ? __pfx_lock_release+0x10/0x10 [ 80.368725] ? __kasan_check_write+0x18/0x20 [ 80.369066] ? do_raw_spin_lock+0x132/0x2a0 [ 80.369398] ? __pfx_do_exit+0x10/0x10 [ 80.369708] ? debug_smp_processor_id+0x20/0x30 [ 80.370070] ? rcu_is_watching+0x19/0xb0 [ 80.370383] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.370752] ? trace_hardirqs_on+0x26/0x120 [ 80.371095] do_group_exit+0xe0/0x2b0 [ 80.371396] __x64_sys_exit_group+0x47/0x50 [ 80.371727] do_syscall_64+0x3b/0x90 [ 80.372023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.372426] RIP: 0033:0x7f4b87518a4d [ 80.372710] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.373180] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.373761] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.374306] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.374866] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.375421] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.375964] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.376518] [ 80.376696] irq event stamp: 0 [ 80.376939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.377419] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.378063] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.378713] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.379204] ---[ end trace 0000000000000000 ]--- [ 80.383426] ------------[ cut here ]------------ [ 80.383826] WARNING: CPU: 0 PID: 676 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.384600] Modules linked in: [ 80.384846] CPU: 0 PID: 676 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.385515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.386377] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.386786] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.388196] RSP: 0018:ffff888020ac7bb8 EFLAGS: 00010246 [ 80.388606] RAX: 0000000000000000 RBX: ffff88800fc760a8 RCX: 0000000000000000 [ 80.389152] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 80.389698] RBP: ffff888020ac7bd0 R08: ffffed1001f8ec33 R09: ffffed1001f8ec33 [ 80.390247] R10: ffff88800fc76193 R11: ffffed1001f8ec32 R12: ffff88800ba2f000 [ 80.390805] R13: ffff88800fc761e8 R14: ffffffff8352e670 R15: ffff888020ac7e68 [ 80.391362] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 80.391980] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.392424] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ef0 [ 80.392957] PKRU: 55555554 [ 80.393169] Call Trace: [ 80.393362] [ 80.393533] __iommufd_access_detach+0x1c2/0x2b0 [ 80.393903] iommufd_access_change_pt+0x149/0x270 [ 80.394276] iommufd_access_replace+0xb4/0x120 [ 80.394649] iommufd_test+0x3e5/0x37e0 [ 80.394951] ? lock_release+0x532/0x770 [ 80.395273] ? __might_fault+0x102/0x1b0 [ 80.395588] ? lock_acquire+0x427/0x4c0 [ 80.395901] ? __pfx_iommufd_test+0x10/0x10 [ 80.396226] ? __pfx_lock_release+0x10/0x10 [ 80.396561] ? __pfx_lock_acquire+0x10/0x10 [ 80.396898] ? write_comp_data+0x2f/0x90 [ 80.397218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.397590] ? write_comp_data+0x2f/0x90 [ 80.397911] iommufd_fops_ioctl+0x37d/0x510 [ 80.398241] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.398631] ? write_comp_data+0x2f/0x90 [ 80.398951] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.399329] __x64_sys_ioctl+0x1a3/0x230 [ 80.399646] do_syscall_64+0x3b/0x90 [ 80.399938] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.400341] RIP: 0033:0x7f4b8743ee5d [ 80.400624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.401991] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.402582] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.403123] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.403656] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.404196] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.404732] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.405278] [ 80.405459] irq event stamp: 0 [ 80.405703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.406190] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.406843] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.407488] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.407963] ---[ end trace 0000000000000000 ]--- [ 80.410647] ------------[ cut here ]------------ [ 80.411018] WARNING: CPU: 0 PID: 676 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.411778] Modules linked in: [ 80.412020] CPU: 0 PID: 676 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.412669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.413511] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.413891] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.415470] RSP: 0018:ffff888020ac7bd0 EFLAGS: 00010246 [ 80.415880] RAX: 0000000000000000 RBX: ffff88800fc760a8 RCX: 0000000000000000 [ 80.416415] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 80.416950] RBP: ffff888020ac7be8 R08: ffffed1001f8ec33 R09: ffffed1001f8ec33 [ 80.417484] R10: ffff88800fc76193 R11: ffffed1001f8ec32 R12: ffff888017ba1800 [ 80.418021] R13: ffff88800fc761e8 R14: ffff888020a7d900 R15: 0000000000000000 [ 80.418578] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 80.419186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.419619] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 80.420149] PKRU: 55555554 [ 80.420360] Call Trace: [ 80.420553] [ 80.420723] iommufd_access_destroy_object+0x65/0x170 [ 80.421115] iommufd_object_destroy_user+0x18e/0x220 [ 80.421502] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.421944] iommufd_access_destroy+0x43/0x70 [ 80.422288] iommufd_test_staccess_release+0x8d/0xd0 [ 80.422712] __fput+0x26d/0xa40 [ 80.422981] ____fput+0x1e/0x30 [ 80.423246] task_work_run+0x1a4/0x2d0 [ 80.423547] ? __pfx_task_work_run+0x10/0x10 [ 80.423888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.424258] ? switch_task_namespaces+0xa9/0xe0 [ 80.424618] do_exit+0xb17/0x2ef0 [ 80.424883] ? lock_acquire+0x427/0x4c0 [ 80.425190] ? __pfx_lock_release+0x10/0x10 [ 80.425520] ? __kasan_check_write+0x18/0x20 [ 80.425854] ? do_raw_spin_lock+0x132/0x2a0 [ 80.426180] ? __pfx_do_exit+0x10/0x10 [ 80.426479] ? debug_smp_processor_id+0x20/0x30 [ 80.426851] ? rcu_is_watching+0x19/0xb0 [ 80.427168] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.427516] ? trace_hardirqs_on+0x26/0x120 [ 80.427847] do_group_exit+0xe0/0x2b0 [ 80.428132] __x64_sys_exit_group+0x47/0x50 [ 80.428453] do_syscall_64+0x3b/0x90 [ 80.428741] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.429133] RIP: 0033:0x7f4b87518a4d [ 80.429412] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.429872] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.430433] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.430976] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.431511] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.432044] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.432570] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.433104] [ 80.433278] irq event stamp: 0 [ 80.433515] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.433982] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.434623] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.435250] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.435718] ---[ end trace 0000000000000000 ]--- [ 80.436374] ------------[ cut here ]------------ [ 80.436726] WARNING: CPU: 0 PID: 676 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.437472] Modules linked in: [ 80.437710] CPU: 0 PID: 676 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.438354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.439213] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.439599] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.440946] RSP: 0018:ffff888020ac7b78 EFLAGS: 00010246 [ 80.441342] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.441868] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 80.442399] RBP: ffff888020ac7b98 R08: ffffed1001f8ec3e R09: ffffed1001f8ec3e [ 80.442954] R10: ffff88800fc761ef R11: ffffed1001f8ec3d R12: ffff88800fc76290 [ 80.443493] R13: ffff88800fc760a8 R14: ffffffffffffffff R15: ffff888020ac7c60 [ 80.444028] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 80.444623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.445053] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 80.445583] PKRU: 55555554 [ 80.445806] Call Trace: [ 80.445999] [ 80.446168] iommufd_ioas_destroy+0x53/0x70 [ 80.446497] iommufd_fops_release+0x1f7/0x370 [ 80.446861] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.447247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.447620] ? write_comp_data+0x2f/0x90 [ 80.447937] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.448313] __fput+0x26d/0xa40 [ 80.448572] ____fput+0x1e/0x30 [ 80.448827] task_work_run+0x1a4/0x2d0 [ 80.449127] ? __pfx_task_work_run+0x10/0x10 [ 80.449462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.449830] ? switch_task_namespaces+0xa9/0xe0 [ 80.450191] do_exit+0xb17/0x2ef0 [ 80.450454] ? lock_acquire+0x427/0x4c0 [ 80.450777] ? __pfx_lock_release+0x10/0x10 [ 80.451115] ? __kasan_check_write+0x18/0x20 [ 80.451453] ? do_raw_spin_lock+0x132/0x2a0 [ 80.451779] ? __pfx_do_exit+0x10/0x10 [ 80.452081] ? debug_smp_processor_id+0x20/0x30 [ 80.452434] ? rcu_is_watching+0x19/0xb0 [ 80.452746] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.453090] ? trace_hardirqs_on+0x26/0x120 [ 80.453422] do_group_exit+0xe0/0x2b0 [ 80.453715] __x64_sys_exit_group+0x47/0x50 [ 80.454040] do_syscall_64+0x3b/0x90 [ 80.454331] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.454738] RIP: 0033:0x7f4b87518a4d [ 80.455021] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.455493] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.456054] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.456581] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.457106] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.457637] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.458165] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.458714] [ 80.458892] irq event stamp: 0 [ 80.459138] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.459609] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.460238] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.460857] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.461322] ---[ end trace 0000000000000000 ]--- [ 80.465128] ------------[ cut here ]------------ [ 80.465520] WARNING: CPU: 1 PID: 677 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.466277] Modules linked in: [ 80.466634] CPU: 1 PID: 677 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.467300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.468136] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.468502] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.469851] RSP: 0018:ffff8880208afbb8 EFLAGS: 00010246 [ 80.470242] RAX: 0000000000000000 RBX: ffff888023c8a8a8 RCX: 0000000000000000 [ 80.470784] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 80.471311] RBP: ffff8880208afbd0 R08: ffffed1004791533 R09: ffffed1004791533 [ 80.471835] R10: ffff888023c8a993 R11: ffffed1004791532 R12: ffff88800f170000 [ 80.472360] R13: ffff888023c8a9e8 R14: ffffffff8352e670 R15: ffff8880208afe68 [ 80.472886] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.473474] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.473900] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 80.474426] PKRU: 55555554 [ 80.474652] Call Trace: [ 80.474846] [ 80.475016] __iommufd_access_detach+0x1c2/0x2b0 [ 80.475392] iommufd_access_change_pt+0x149/0x270 [ 80.475765] iommufd_access_replace+0xb4/0x120 [ 80.476122] iommufd_test+0x3e5/0x37e0 [ 80.476415] ? lock_release+0x532/0x770 [ 80.476726] ? __might_fault+0x102/0x1b0 [ 80.477117] ? lock_acquire+0x427/0x4c0 [ 80.477429] ? __pfx_iommufd_test+0x10/0x10 [ 80.477753] ? __pfx_lock_release+0x10/0x10 [ 80.478081] ? __pfx_lock_acquire+0x10/0x10 [ 80.478413] ? write_comp_data+0x2f/0x90 [ 80.478747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.479122] ? write_comp_data+0x2f/0x90 [ 80.479435] iommufd_fops_ioctl+0x37d/0x510 [ 80.479763] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.480134] ? write_comp_data+0x2f/0x90 [ 80.480445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.480806] __x64_sys_ioctl+0x1a3/0x230 [ 80.481390] do_syscall_64+0x3b/0x90 [ 80.481683] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.482076] RIP: 0033:0x7f4b8743ee5d [ 80.482352] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.483853] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.484419] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.484947] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.485471] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.485993] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.486530] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.487065] [ 80.487247] irq event stamp: 0 [ 80.487585] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.488051] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.488670] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.489286] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.489798] ---[ end trace 0000000000000000 ]--- [ 80.492716] ------------[ cut here ]------------ [ 80.493091] WARNING: CPU: 1 PID: 677 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.493831] Modules linked in: [ 80.494071] CPU: 1 PID: 677 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.494734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.495628] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.496064] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.497401] RSP: 0018:ffff8880208afbd0 EFLAGS: 00010246 [ 80.497815] RAX: 0000000000000000 RBX: ffff888023c8a8a8 RCX: 0000000000000000 [ 80.498541] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 80.499066] RBP: ffff8880208afbe8 R08: ffffed1004791533 R09: ffffed1004791533 [ 80.499596] R10: ffff888023c8a993 R11: ffffed1004791532 R12: ffff888014390400 [ 80.500185] R13: ffff888023c8a9e8 R14: ffff88800f0ce300 R15: 0000000000000000 [ 80.500755] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.501368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.501861] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.502390] PKRU: 55555554 [ 80.502654] Call Trace: [ 80.502900] [ 80.503070] iommufd_access_destroy_object+0x65/0x170 [ 80.503468] iommufd_object_destroy_user+0x18e/0x220 [ 80.503855] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.504303] iommufd_access_destroy+0x43/0x70 [ 80.504750] iommufd_test_staccess_release+0x8d/0xd0 [ 80.505142] __fput+0x26d/0xa40 [ 80.505407] ____fput+0x1e/0x30 [ 80.505681] task_work_run+0x1a4/0x2d0 [ 80.506062] ? __pfx_task_work_run+0x10/0x10 [ 80.506404] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.506801] ? switch_task_namespaces+0xa9/0xe0 [ 80.507170] do_exit+0xb17/0x2ef0 [ 80.507485] ? lock_acquire+0x427/0x4c0 [ 80.507850] ? __pfx_lock_release+0x10/0x10 [ 80.508188] ? __kasan_check_write+0x18/0x20 [ 80.508526] ? do_raw_spin_lock+0x132/0x2a0 [ 80.508990] ? __pfx_do_exit+0x10/0x10 [ 80.509299] ? debug_smp_processor_id+0x20/0x30 [ 80.509656] ? rcu_is_watching+0x19/0xb0 [ 80.509970] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.510440] ? trace_hardirqs_on+0x26/0x120 [ 80.510802] do_group_exit+0xe0/0x2b0 [ 80.511102] __x64_sys_exit_group+0x47/0x50 [ 80.511445] do_syscall_64+0x3b/0x90 [ 80.511743] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.512266] RIP: 0033:0x7f4b87518a4d [ 80.512558] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.513033] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.513728] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.514281] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.514956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.515523] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.516075] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.516752] [ 80.516936] irq event stamp: 0 [ 80.517180] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.517730] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.518437] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.519213] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.519705] ---[ end trace 0000000000000000 ]--- [ 80.520401] ------------[ cut here ]------------ [ 80.520831] WARNING: CPU: 1 PID: 677 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.521663] Modules linked in: [ 80.521968] CPU: 1 PID: 677 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.522735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.523725] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.524142] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.525741] RSP: 0018:ffff8880208afb78 EFLAGS: 00010246 [ 80.526156] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.526814] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 80.527369] RBP: ffff8880208afb98 R08: ffffed100479153e R09: ffffed100479153e [ 80.528026] R10: ffff888023c8a9ef R11: ffffed100479153d R12: ffff888023c8aa90 [ 80.528632] R13: ffff888023c8a8a8 R14: ffffffffffffffff R15: ffff8880208afc60 [ 80.529225] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.529950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.530405] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.531085] PKRU: 55555554 [ 80.531312] Call Trace: [ 80.531512] [ 80.531690] iommufd_ioas_destroy+0x53/0x70 [ 80.532096] iommufd_fops_release+0x1f7/0x370 [ 80.532499] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.532891] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.533385] ? write_comp_data+0x2f/0x90 [ 80.533716] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.534165] __fput+0x26d/0xa40 [ 80.534490] ____fput+0x1e/0x30 [ 80.534778] task_work_run+0x1a4/0x2d0 [ 80.535092] ? __pfx_task_work_run+0x10/0x10 [ 80.535477] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.535931] ? switch_task_namespaces+0xa9/0xe0 [ 80.536312] do_exit+0xb17/0x2ef0 [ 80.536655] ? lock_acquire+0x427/0x4c0 [ 80.537011] ? __pfx_lock_release+0x10/0x10 [ 80.537364] ? __kasan_check_write+0x18/0x20 [ 80.537832] ? do_raw_spin_lock+0x132/0x2a0 [ 80.538194] ? __pfx_do_exit+0x10/0x10 [ 80.538568] ? debug_smp_processor_id+0x20/0x30 [ 80.539029] ? rcu_is_watching+0x19/0xb0 [ 80.539372] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.539753] ? trace_hardirqs_on+0x26/0x120 [ 80.540141] do_group_exit+0xe0/0x2b0 [ 80.540541] __x64_sys_exit_group+0x47/0x50 [ 80.540897] do_syscall_64+0x3b/0x90 [ 80.541336] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.541822] RIP: 0033:0x7f4b87518a4d [ 80.542127] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.542764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.543387] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.544085] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.544668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.545357] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.545975] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.546650] [ 80.546846] irq event stamp: 0 [ 80.547117] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.547752] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.548489] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.549230] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.549853] ---[ end trace 0000000000000000 ]--- [ 80.554165] ------------[ cut here ]------------ [ 80.554832] WARNING: CPU: 1 PID: 678 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.555780] Modules linked in: [ 80.556042] CPU: 1 PID: 678 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.556849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.557877] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.558284] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.559804] RSP: 0018:ffff8880142d7bb8 EFLAGS: 00010246 [ 80.560240] RAX: 0000000000000000 RBX: ffff888023d448a8 RCX: 0000000000000000 [ 80.560817] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 80.561404] RBP: ffff8880142d7bd0 R08: ffffed10047a8933 R09: ffffed10047a8933 [ 80.561984] R10: ffff888023d44993 R11: ffffed10047a8932 R12: ffff888010c09000 [ 80.562578] R13: ffff888023d449e8 R14: ffffffff8352e670 R15: ffff8880142d7e68 [ 80.563167] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.563819] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.564290] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 80.564874] PKRU: 55555554 [ 80.565106] Call Trace: [ 80.565314] [ 80.565503] __iommufd_access_detach+0x1c2/0x2b0 [ 80.565908] iommufd_access_change_pt+0x149/0x270 [ 80.566316] iommufd_access_replace+0xb4/0x120 [ 80.566718] iommufd_test+0x3e5/0x37e0 [ 80.567040] ? lock_release+0x532/0x770 [ 80.567382] ? __might_fault+0x102/0x1b0 [ 80.567720] ? lock_acquire+0x427/0x4c0 [ 80.568051] ? __pfx_iommufd_test+0x10/0x10 [ 80.568399] ? __pfx_lock_release+0x10/0x10 [ 80.568754] ? __pfx_lock_acquire+0x10/0x10 [ 80.569113] ? write_comp_data+0x2f/0x90 [ 80.569452] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.569847] ? write_comp_data+0x2f/0x90 [ 80.570188] iommufd_fops_ioctl+0x37d/0x510 [ 80.570562] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.570963] ? write_comp_data+0x2f/0x90 [ 80.571297] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.571685] __x64_sys_ioctl+0x1a3/0x230 [ 80.572022] do_syscall_64+0x3b/0x90 [ 80.572328] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.572748] RIP: 0033:0x7f4b8743ee5d [ 80.573120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.574572] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.575189] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.575747] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.576310] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.576871] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.577428] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.577995] [ 80.578180] irq event stamp: 0 [ 80.578429] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.578978] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.579647] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.580305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.580799] ---[ end trace 0000000000000000 ]--- [ 80.583600] ------------[ cut here ]------------ [ 80.584011] WARNING: CPU: 1 PID: 678 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.584803] Modules linked in: [ 80.585061] CPU: 1 PID: 678 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.585746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.586651] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.587049] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.588493] RSP: 0018:ffff8880142d7bd0 EFLAGS: 00010246 [ 80.588912] RAX: 0000000000000000 RBX: ffff888023d448a8 RCX: 0000000000000000 [ 80.589471] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 80.590027] RBP: ffff8880142d7be8 R08: ffffed10047a8933 R09: ffffed10047a8933 [ 80.590609] R10: ffff888023d44993 R11: ffffed10047a8932 R12: ffff88800f171c00 [ 80.591190] R13: ffff888023d449e8 R14: ffff888012c78700 R15: 0000000000000000 [ 80.591758] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.592397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.592861] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.593430] PKRU: 55555554 [ 80.593657] Call Trace: [ 80.593865] [ 80.594046] iommufd_access_destroy_object+0x65/0x170 [ 80.594466] iommufd_object_destroy_user+0x18e/0x220 [ 80.594904] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.595388] iommufd_access_destroy+0x43/0x70 [ 80.595763] iommufd_test_staccess_release+0x8d/0xd0 [ 80.596179] __fput+0x26d/0xa40 [ 80.596461] ____fput+0x1e/0x30 [ 80.596735] task_work_run+0x1a4/0x2d0 [ 80.597061] ? __pfx_task_work_run+0x10/0x10 [ 80.597422] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.597817] ? switch_task_namespaces+0xa9/0xe0 [ 80.598190] do_exit+0xb17/0x2ef0 [ 80.598462] ? lock_acquire+0x427/0x4c0 [ 80.598803] ? __pfx_lock_release+0x10/0x10 [ 80.599152] ? __kasan_check_write+0x18/0x20 [ 80.599503] ? do_raw_spin_lock+0x132/0x2a0 [ 80.599841] ? __pfx_do_exit+0x10/0x10 [ 80.600154] ? debug_smp_processor_id+0x20/0x30 [ 80.600521] ? rcu_is_watching+0x19/0xb0 [ 80.600839] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.601197] ? trace_hardirqs_on+0x26/0x120 [ 80.601540] do_group_exit+0xe0/0x2b0 [ 80.601840] __x64_sys_exit_group+0x47/0x50 [ 80.602177] do_syscall_64+0x3b/0x90 [ 80.602477] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.602910] RIP: 0033:0x7f4b87518a4d [ 80.603210] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.603687] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.604278] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.604834] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.605446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.605996] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.606565] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.607133] [ 80.607318] irq event stamp: 0 [ 80.607563] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.608066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.608716] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.609348] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.609828] ---[ end trace 0000000000000000 ]--- [ 80.610493] ------------[ cut here ]------------ [ 80.610873] WARNING: CPU: 1 PID: 678 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.611648] Modules linked in: [ 80.611895] CPU: 1 PID: 678 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.612552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.613404] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.613802] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.615220] RSP: 0018:ffff8880142d7b78 EFLAGS: 00010246 [ 80.615632] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.616171] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 80.616715] RBP: ffff8880142d7b98 R08: ffffed10047a893e R09: ffffed10047a893e [ 80.617260] R10: ffff888023d449ef R11: ffffed10047a893d R12: ffff888023d44a90 [ 80.617805] R13: ffff888023d448a8 R14: ffffffffffffffff R15: ffff8880142d7c60 [ 80.618349] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.618983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.619436] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.619979] PKRU: 55555554 [ 80.620195] Call Trace: [ 80.620392] [ 80.620565] iommufd_ioas_destroy+0x53/0x70 [ 80.620903] iommufd_fops_release+0x1f7/0x370 [ 80.621252] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.621638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.622019] ? write_comp_data+0x2f/0x90 [ 80.622340] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.622745] __fput+0x26d/0xa40 [ 80.623014] ____fput+0x1e/0x30 [ 80.623295] task_work_run+0x1a4/0x2d0 [ 80.623601] ? __pfx_task_work_run+0x10/0x10 [ 80.623944] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.624322] ? switch_task_namespaces+0xa9/0xe0 [ 80.624692] do_exit+0xb17/0x2ef0 [ 80.624963] ? lock_acquire+0x427/0x4c0 [ 80.625278] ? __pfx_lock_release+0x10/0x10 [ 80.625613] ? __kasan_check_write+0x18/0x20 [ 80.625956] ? do_raw_spin_lock+0x132/0x2a0 [ 80.626291] ? __pfx_do_exit+0x10/0x10 [ 80.626617] ? debug_smp_processor_id+0x20/0x30 [ 80.626980] ? rcu_is_watching+0x19/0xb0 [ 80.627301] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.627659] ? trace_hardirqs_on+0x26/0x120 [ 80.628000] do_group_exit+0xe0/0x2b0 [ 80.628294] __x64_sys_exit_group+0x47/0x50 [ 80.628623] do_syscall_64+0x3b/0x90 [ 80.628917] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.629319] RIP: 0033:0x7f4b87518a4d [ 80.629602] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.630070] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.630666] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.631223] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.631765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.632304] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.632846] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.633393] [ 80.633571] irq event stamp: 0 [ 80.633813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.634287] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.634932] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.635735] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.636223] ---[ end trace 0000000000000000 ]--- [ 80.639832] ------------[ cut here ]------------ [ 80.640209] WARNING: CPU: 1 PID: 679 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.640986] Modules linked in: [ 80.641235] CPU: 1 PID: 679 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.641904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.642790] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.643183] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.644567] RSP: 0018:ffff888015be7bb8 EFLAGS: 00010246 [ 80.644974] RAX: 0000000000000000 RBX: ffff8880170bd0a8 RCX: 0000000000000000 [ 80.645525] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 80.646070] RBP: ffff888015be7bd0 R08: ffffed1002e17a33 R09: ffffed1002e17a33 [ 80.646632] R10: ffff8880170bd193 R11: ffffed1002e17a32 R12: ffff888021baac00 [ 80.647181] R13: ffff8880170bd1e8 R14: ffffffff8352e670 R15: ffff888015be7e68 [ 80.647724] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.648339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.648782] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ee0 [ 80.649329] PKRU: 55555554 [ 80.649547] Call Trace: [ 80.649746] [ 80.649920] __iommufd_access_detach+0x1c2/0x2b0 [ 80.650307] iommufd_access_change_pt+0x149/0x270 [ 80.650710] iommufd_access_replace+0xb4/0x120 [ 80.651087] iommufd_test+0x3e5/0x37e0 [ 80.651400] ? lock_release+0x532/0x770 [ 80.651721] ? __might_fault+0x102/0x1b0 [ 80.652046] ? lock_acquire+0x427/0x4c0 [ 80.652362] ? __pfx_iommufd_test+0x10/0x10 [ 80.652694] ? __pfx_lock_release+0x10/0x10 [ 80.653034] ? __pfx_lock_acquire+0x10/0x10 [ 80.653376] ? write_comp_data+0x2f/0x90 [ 80.653700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.654081] ? write_comp_data+0x2f/0x90 [ 80.654404] iommufd_fops_ioctl+0x37d/0x510 [ 80.654763] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.655151] ? write_comp_data+0x2f/0x90 [ 80.655480] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.655863] __x64_sys_ioctl+0x1a3/0x230 [ 80.656187] do_syscall_64+0x3b/0x90 [ 80.656484] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.656889] RIP: 0033:0x7f4b8743ee5d [ 80.657179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.658586] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.659187] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.659739] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.660296] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.660841] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.661385] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.661940] [ 80.662124] irq event stamp: 0 [ 80.662369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.662874] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.663527] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.664173] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.664660] ---[ end trace 0000000000000000 ]--- [ 80.667404] ------------[ cut here ]------------ [ 80.667796] WARNING: CPU: 1 PID: 679 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.668567] Modules linked in: [ 80.668815] CPU: 1 PID: 679 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.669476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.670335] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.670765] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.672160] RSP: 0018:ffff888015be7bd0 EFLAGS: 00010246 [ 80.672567] RAX: 0000000000000000 RBX: ffff8880170bd0a8 RCX: 0000000000000000 [ 80.673107] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 80.673649] RBP: ffff888015be7be8 R08: ffffed1002e17a33 R09: ffffed1002e17a33 [ 80.674196] R10: ffff8880170bd193 R11: ffffed1002e17a32 R12: ffff888010c0a400 [ 80.674761] R13: ffff8880170bd1e8 R14: ffff8880142c5c00 R15: 0000000000000000 [ 80.675316] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.675927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.676372] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.676917] PKRU: 55555554 [ 80.677135] Call Trace: [ 80.677331] [ 80.677505] iommufd_access_destroy_object+0x65/0x170 [ 80.677905] iommufd_object_destroy_user+0x18e/0x220 [ 80.678302] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.678772] iommufd_access_destroy+0x43/0x70 [ 80.679141] iommufd_test_staccess_release+0x8d/0xd0 [ 80.679534] __fput+0x26d/0xa40 [ 80.679801] ____fput+0x1e/0x30 [ 80.680068] task_work_run+0x1a4/0x2d0 [ 80.680379] ? __pfx_task_work_run+0x10/0x10 [ 80.680723] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.681105] ? switch_task_namespaces+0xa9/0xe0 [ 80.681471] do_exit+0xb17/0x2ef0 [ 80.681737] ? lock_acquire+0x427/0x4c0 [ 80.682052] ? __pfx_lock_release+0x10/0x10 [ 80.682389] ? __kasan_check_write+0x18/0x20 [ 80.682755] ? do_raw_spin_lock+0x132/0x2a0 [ 80.683092] ? __pfx_do_exit+0x10/0x10 [ 80.683406] ? debug_smp_processor_id+0x20/0x30 [ 80.683770] ? rcu_is_watching+0x19/0xb0 [ 80.684086] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.684446] ? trace_hardirqs_on+0x26/0x120 [ 80.684789] do_group_exit+0xe0/0x2b0 [ 80.685091] __x64_sys_exit_group+0x47/0x50 [ 80.685431] do_syscall_64+0x3b/0x90 [ 80.685727] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.686133] RIP: 0033:0x7f4b87518a4d [ 80.686424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.686923] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.687516] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.688063] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.688608] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.689154] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.689698] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.690249] [ 80.690431] irq event stamp: 0 [ 80.690701] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.691194] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.691831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.692465] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.692948] ---[ end trace 0000000000000000 ]--- [ 80.693627] ------------[ cut here ]------------ [ 80.693988] WARNING: CPU: 1 PID: 679 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.694782] Modules linked in: [ 80.695026] CPU: 1 PID: 679 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.695692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.696539] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.696931] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.698287] RSP: 0018:ffff888015be7b78 EFLAGS: 00010246 [ 80.698734] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.699285] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 80.699833] RBP: ffff888015be7b98 R08: ffffed1002e17a3e R09: ffffed1002e17a3e [ 80.700374] R10: ffff8880170bd1ef R11: ffffed1002e17a3d R12: ffff8880170bd290 [ 80.700918] R13: ffff8880170bd0a8 R14: ffffffffffffffff R15: ffff888015be7c60 [ 80.701461] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.702072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.702560] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.703117] PKRU: 55555554 [ 80.703337] Call Trace: [ 80.703533] [ 80.703708] iommufd_ioas_destroy+0x53/0x70 [ 80.704048] iommufd_fops_release+0x1f7/0x370 [ 80.704394] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.704776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.705161] ? write_comp_data+0x2f/0x90 [ 80.705481] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.705866] __fput+0x26d/0xa40 [ 80.706129] ____fput+0x1e/0x30 [ 80.706386] task_work_run+0x1a4/0x2d0 [ 80.706721] ? __pfx_task_work_run+0x10/0x10 [ 80.707065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.707446] ? switch_task_namespaces+0xa9/0xe0 [ 80.707812] do_exit+0xb17/0x2ef0 [ 80.708077] ? lock_acquire+0x427/0x4c0 [ 80.708390] ? __pfx_lock_release+0x10/0x10 [ 80.708725] ? __kasan_check_write+0x18/0x20 [ 80.709073] ? do_raw_spin_lock+0x132/0x2a0 [ 80.709414] ? __pfx_do_exit+0x10/0x10 [ 80.709727] ? debug_smp_processor_id+0x20/0x30 [ 80.710094] ? rcu_is_watching+0x19/0xb0 [ 80.710416] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.710802] ? trace_hardirqs_on+0x26/0x120 [ 80.711157] do_group_exit+0xe0/0x2b0 [ 80.711460] __x64_sys_exit_group+0x47/0x50 [ 80.711799] do_syscall_64+0x3b/0x90 [ 80.712102] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.712513] RIP: 0033:0x7f4b87518a4d [ 80.712803] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.713280] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.713868] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.714424] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.715018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.715579] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.716136] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.716695] [ 80.716878] irq event stamp: 0 [ 80.717123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.717611] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.718269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.718943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.719445] ---[ end trace 0000000000000000 ]--- [ 80.724124] ------------[ cut here ]------------ [ 80.724557] WARNING: CPU: 1 PID: 680 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.725380] Modules linked in: [ 80.725645] CPU: 1 PID: 680 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.726353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.727588] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.728017] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.729529] RSP: 0018:ffff88800f687bb8 EFLAGS: 00010246 [ 80.729983] RAX: 0000000000000000 RBX: ffff8880208a70a8 RCX: 0000000000000000 [ 80.730611] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 80.731211] RBP: ffff88800f687bd0 R08: ffffed1004114e33 R09: ffffed1004114e33 [ 80.731803] R10: ffff8880208a7193 R11: ffffed1004114e32 R12: ffff88800efcd000 [ 80.732395] R13: ffff8880208a71e8 R14: ffffffff8352e670 R15: ffff88800f687e68 [ 80.732987] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.733649] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.734126] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ee0 [ 80.734750] PKRU: 55555554 [ 80.734990] Call Trace: [ 80.735213] [ 80.735405] __iommufd_access_detach+0x1c2/0x2b0 [ 80.735822] iommufd_access_change_pt+0x149/0x270 [ 80.736236] iommufd_access_replace+0xb4/0x120 [ 80.736633] iommufd_test+0x3e5/0x37e0 [ 80.737187] ? lock_release+0x532/0x770 [ 80.737696] ? __might_fault+0x102/0x1b0 [ 80.738061] ? lock_acquire+0x427/0x4c0 [ 80.738410] ? __pfx_iommufd_test+0x10/0x10 [ 80.738828] ? __pfx_lock_release+0x10/0x10 [ 80.739303] ? __pfx_lock_acquire+0x10/0x10 [ 80.739768] ? write_comp_data+0x2f/0x90 [ 80.740129] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.740552] ? write_comp_data+0x2f/0x90 [ 80.740914] iommufd_fops_ioctl+0x37d/0x510 [ 80.741423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.741861] ? write_comp_data+0x2f/0x90 [ 80.742234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.742687] __x64_sys_ioctl+0x1a3/0x230 [ 80.743056] do_syscall_64+0x3b/0x90 [ 80.743406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.743866] RIP: 0033:0x7f4b8743ee5d [ 80.744217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.745946] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.746813] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.747445] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.748066] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.748771] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.749476] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.750110] [ 80.750318] irq event stamp: 0 [ 80.750655] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.751331] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.752073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.752808] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.753526] ---[ end trace 0000000000000000 ]--- [ 80.756654] ------------[ cut here ]------------ [ 80.757105] WARNING: CPU: 1 PID: 680 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.758277] Modules linked in: [ 80.758643] CPU: 1 PID: 680 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.759458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.760673] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.761146] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.763060] RSP: 0018:ffff88800f687bd0 EFLAGS: 00010246 [ 80.763575] RAX: 0000000000000000 RBX: ffff8880208a70a8 RCX: 0000000000000000 [ 80.764231] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 80.765059] RBP: ffff88800f687be8 R08: ffffed1004114e33 R09: ffffed1004114e33 [ 80.765727] R10: ffff8880208a7193 R11: ffffed1004114e32 R12: ffff88800a727000 [ 80.766406] R13: ffff8880208a71e8 R14: ffff88800fa33b00 R15: 0000000000000000 [ 80.767350] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.768096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.768628] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.769296] PKRU: 55555554 [ 80.769687] Call Trace: [ 80.770021] [ 80.770235] iommufd_access_destroy_object+0x65/0x170 [ 80.770755] iommufd_object_destroy_user+0x18e/0x220 [ 80.771240] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.771786] iommufd_access_destroy+0x43/0x70 [ 80.772329] iommufd_test_staccess_release+0x8d/0xd0 [ 80.772926] __fput+0x26d/0xa40 [ 80.773253] ____fput+0x1e/0x30 [ 80.773570] task_work_run+0x1a4/0x2d0 [ 80.773946] ? __pfx_task_work_run+0x10/0x10 [ 80.774590] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.775055] ? switch_task_namespaces+0xa9/0xe0 [ 80.775512] do_exit+0xb17/0x2ef0 [ 80.775837] ? lock_acquire+0x427/0x4c0 [ 80.776219] ? __pfx_lock_release+0x10/0x10 [ 80.776627] ? __kasan_check_write+0x18/0x20 [ 80.777224] ? do_raw_spin_lock+0x132/0x2a0 [ 80.777644] ? __pfx_do_exit+0x10/0x10 [ 80.778026] ? debug_smp_processor_id+0x20/0x30 [ 80.778479] ? rcu_is_watching+0x19/0xb0 [ 80.778922] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.779377] ? trace_hardirqs_on+0x26/0x120 [ 80.779910] do_group_exit+0xe0/0x2b0 [ 80.780366] __x64_sys_exit_group+0x47/0x50 [ 80.780781] do_syscall_64+0x3b/0x90 [ 80.781156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.781681] RIP: 0033:0x7f4b87518a4d [ 80.782193] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.782814] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.783533] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.784199] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.785047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.785699] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.786368] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.787270] [ 80.787498] irq event stamp: 0 [ 80.787797] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.788389] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.789174] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.790164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.790795] ---[ end trace 0000000000000000 ]--- [ 80.791754] ------------[ cut here ]------------ [ 80.792388] WARNING: CPU: 1 PID: 680 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.793338] Modules linked in: [ 80.793650] CPU: 1 PID: 680 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.794705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.795777] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.796294] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.798496] RSP: 0018:ffff88800f687b78 EFLAGS: 00010246 [ 80.799172] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.799914] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 80.800687] RBP: ffff88800f687b98 R08: ffffed1004114e3e R09: ffffed1004114e3e [ 80.801726] R10: ffff8880208a71ef R11: ffffed1004114e3d R12: ffff8880208a7290 [ 80.802445] R13: ffff8880208a70a8 R14: ffffffffffffffff R15: ffff88800f687c60 [ 80.803223] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.804098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.804927] CR2: 00007f4b875fca50 CR3: 0000000014928000 CR4: 0000000000750ee0 [ 80.805795] PKRU: 55555554 [ 80.806093] Call Trace: [ 80.806355] [ 80.806632] iommufd_ioas_destroy+0x53/0x70 [ 80.807092] iommufd_fops_release+0x1f7/0x370 [ 80.807583] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.808190] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.808883] ? write_comp_data+0x2f/0x90 [ 80.809505] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.810033] __fput+0x26d/0xa40 [ 80.810391] ____fput+0x1e/0x30 [ 80.810776] task_work_run+0x1a4/0x2d0 [ 80.811206] ? __pfx_task_work_run+0x10/0x10 [ 80.811669] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.812281] ? switch_task_namespaces+0xa9/0xe0 [ 80.812937] do_exit+0xb17/0x2ef0 [ 80.813466] ? lock_acquire+0x427/0x4c0 [ 80.813892] ? __pfx_lock_release+0x10/0x10 [ 80.814349] ? __kasan_check_write+0x18/0x20 [ 80.814851] ? do_raw_spin_lock+0x132/0x2a0 [ 80.815329] ? __pfx_do_exit+0x10/0x10 [ 80.815745] ? debug_smp_processor_id+0x20/0x30 [ 80.816305] ? rcu_is_watching+0x19/0xb0 [ 80.816879] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.817520] ? trace_hardirqs_on+0x26/0x120 [ 80.817975] do_group_exit+0xe0/0x2b0 [ 80.818372] __x64_sys_exit_group+0x47/0x50 [ 80.818870] do_syscall_64+0x3b/0x90 [ 80.819276] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.819823] RIP: 0033:0x7f4b87518a4d [ 80.820280] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.821188] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.821993] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.822754] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.823558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.824615] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.825346] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.826099] [ 80.826370] irq event stamp: 0 [ 80.826843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.827717] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.828575] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.829434] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.830189] ---[ end trace 0000000000000000 ]--- [ 80.837475] ------------[ cut here ]------------ [ 80.838018] WARNING: CPU: 1 PID: 681 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.839517] Modules linked in: [ 80.839874] CPU: 1 PID: 681 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.840751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.841898] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.842491] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.844625] RSP: 0018:ffff888021b7fbb8 EFLAGS: 00010246 [ 80.845157] RAX: 0000000000000000 RBX: ffff888015c7c8a8 RCX: 0000000000000000 [ 80.846040] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 80.847163] RBP: ffff888021b7fbd0 R08: ffffed1002b8f933 R09: ffffed1002b8f933 [ 80.847874] R10: ffff888015c7c993 R11: ffffed1002b8f932 R12: ffff8880135d1c00 [ 80.848582] R13: ffff888015c7c9e8 R14: ffffffff8352e670 R15: ffff888021b7fe68 [ 80.849331] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.850410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.851257] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 80.851991] PKRU: 55555554 [ 80.852282] Call Trace: [ 80.852545] [ 80.852782] __iommufd_access_detach+0x1c2/0x2b0 [ 80.853343] iommufd_access_change_pt+0x149/0x270 [ 80.854048] iommufd_access_replace+0xb4/0x120 [ 80.854566] iommufd_test+0x3e5/0x37e0 [ 80.854958] ? lock_release+0x532/0x770 [ 80.855383] ? __might_fault+0x102/0x1b0 [ 80.855800] ? lock_acquire+0x427/0x4c0 [ 80.856212] ? __pfx_iommufd_test+0x10/0x10 [ 80.856761] ? __pfx_lock_release+0x10/0x10 [ 80.857371] ? __pfx_lock_acquire+0x10/0x10 [ 80.857964] ? write_comp_data+0x2f/0x90 [ 80.858394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.858937] ? write_comp_data+0x2f/0x90 [ 80.859383] iommufd_fops_ioctl+0x37d/0x510 [ 80.859833] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.860382] ? write_comp_data+0x2f/0x90 [ 80.860944] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.861625] __x64_sys_ioctl+0x1a3/0x230 [ 80.862057] do_syscall_64+0x3b/0x90 [ 80.862446] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.863017] RIP: 0033:0x7f4b8743ee5d [ 80.863414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.865845] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.866671] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.867418] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.868289] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.869309] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.870037] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.870832] [ 80.871086] irq event stamp: 0 [ 80.871430] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.872257] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.873443] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.874313] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.875037] ---[ end trace 0000000000000000 ]--- [ 80.878423] ------------[ cut here ]------------ [ 80.879012] WARNING: CPU: 1 PID: 681 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.880176] Modules linked in: [ 80.880624] CPU: 1 PID: 681 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.881831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.883041] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.883584] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.885725] RSP: 0018:ffff888021b7fbd0 EFLAGS: 00010246 [ 80.886501] RAX: 0000000000000000 RBX: ffff888015c7c8a8 RCX: 0000000000000000 [ 80.887306] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 80.888038] RBP: ffff888021b7fbe8 R08: ffffed1002b8f933 R09: ffffed1002b8f933 [ 80.888865] R10: ffff888015c7c993 R11: ffffed1002b8f932 R12: ffff88800efcc400 [ 80.889894] R13: ffff888015c7c9e8 R14: ffff888014953100 R15: 0000000000000000 [ 80.890710] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.891562] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.892198] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 80.893184] PKRU: 55555554 [ 80.893615] Call Trace: [ 80.893901] [ 80.894138] iommufd_access_destroy_object+0x65/0x170 [ 80.894725] iommufd_object_destroy_user+0x18e/0x220 [ 80.895266] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.895898] iommufd_access_destroy+0x43/0x70 [ 80.896516] iommufd_test_staccess_release+0x8d/0xd0 [ 80.897237] __fput+0x26d/0xa40 [ 80.897602] ____fput+0x1e/0x30 [ 80.897953] task_work_run+0x1a4/0x2d0 [ 80.898363] ? __pfx_task_work_run+0x10/0x10 [ 80.898873] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.899401] ? switch_task_namespaces+0xa9/0xe0 [ 80.899923] do_exit+0xb17/0x2ef0 [ 80.900407] ? lock_acquire+0x427/0x4c0 [ 80.901002] ? __pfx_lock_release+0x10/0x10 [ 80.901463] ? __kasan_check_write+0x18/0x20 [ 80.901919] ? do_raw_spin_lock+0x132/0x2a0 [ 80.902372] ? __pfx_do_exit+0x10/0x10 [ 80.902911] ? debug_smp_processor_id+0x20/0x30 [ 80.903607] ? rcu_is_watching+0x19/0xb0 [ 80.904039] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.904515] ? trace_hardirqs_on+0x26/0x120 [ 80.904967] do_group_exit+0xe0/0x2b0 [ 80.905361] __x64_sys_exit_group+0x47/0x50 [ 80.905809] do_syscall_64+0x3b/0x90 [ 80.906371] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.907194] RIP: 0033:0x7f4b87518a4d [ 80.907580] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.908202] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.908969] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.909786] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.910827] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.911562] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.912297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.913097] [ 80.913420] irq event stamp: 0 [ 80.913894] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.914634] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.915503] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.916384] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.917242] ---[ end trace 0000000000000000 ]--- [ 80.918377] ------------[ cut here ]------------ [ 80.918923] WARNING: CPU: 1 PID: 681 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 80.919993] Modules linked in: [ 80.920394] CPU: 1 PID: 681 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.921619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.922997] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 80.923539] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 80.925824] RSP: 0018:ffff888021b7fb78 EFLAGS: 00010246 [ 80.926381] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 80.927127] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 80.927984] RBP: ffff888021b7fb98 R08: ffffed1002b8f93e R09: ffffed1002b8f93e [ 80.929005] R10: ffff888015c7c9ef R11: ffffed1002b8f93d R12: ffff888015c7ca90 [ 80.929732] R13: ffff888015c7c8a8 R14: ffffffffffffffff R15: ffff888021b7fc60 [ 80.930450] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.931306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.931889] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 80.932604] PKRU: 55555554 [ 80.932893] Call Trace: [ 80.933156] [ 80.933382] iommufd_ioas_destroy+0x53/0x70 [ 80.933823] iommufd_fops_release+0x1f7/0x370 [ 80.934282] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.934781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.935249] ? write_comp_data+0x2f/0x90 [ 80.935639] ? __pfx_iommufd_fops_release+0x10/0x10 [ 80.936103] __fput+0x26d/0xa40 [ 80.936427] ____fput+0x1e/0x30 [ 80.936744] task_work_run+0x1a4/0x2d0 [ 80.937115] ? __pfx_task_work_run+0x10/0x10 [ 80.937527] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.937984] ? switch_task_namespaces+0xa9/0xe0 [ 80.938433] do_exit+0xb17/0x2ef0 [ 80.938788] ? lock_acquire+0x427/0x4c0 [ 80.939185] ? __pfx_lock_release+0x10/0x10 [ 80.939591] ? __kasan_check_write+0x18/0x20 [ 80.940003] ? do_raw_spin_lock+0x132/0x2a0 [ 80.940405] ? __pfx_do_exit+0x10/0x10 [ 80.940772] ? debug_smp_processor_id+0x20/0x30 [ 80.941205] ? rcu_is_watching+0x19/0xb0 [ 80.941583] ? _raw_spin_unlock_irq+0x2b/0x60 [ 80.942010] ? trace_hardirqs_on+0x26/0x120 [ 80.942414] do_group_exit+0xe0/0x2b0 [ 80.942795] __x64_sys_exit_group+0x47/0x50 [ 80.943209] do_syscall_64+0x3b/0x90 [ 80.943566] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.944051] RIP: 0033:0x7f4b87518a4d [ 80.944395] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 80.944953] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 80.945639] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 80.946282] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 80.946952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 80.947609] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 80.948255] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 80.948891] [ 80.949092] irq event stamp: 0 [ 80.949366] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.949904] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.950648] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.951376] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.951919] ---[ end trace 0000000000000000 ]--- [ 80.956468] ------------[ cut here ]------------ [ 80.956908] WARNING: CPU: 1 PID: 682 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.957763] Modules linked in: [ 80.958036] CPU: 1 PID: 682 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.958805] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.959771] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.960195] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.961752] RSP: 0018:ffff888016ed7bb8 EFLAGS: 00010246 [ 80.962203] RAX: 0000000000000000 RBX: ffff888020b3a0a8 RCX: 0000000000000000 [ 80.962834] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 80.963437] RBP: ffff888016ed7bd0 R08: ffffed1004167433 R09: ffffed1004167433 [ 80.964010] R10: ffff888020b3a193 R11: ffffed1004167432 R12: ffff888021bcac00 [ 80.964581] R13: ffff888020b3a1e8 R14: ffffffff8352e670 R15: ffff888016ed7e68 [ 80.965151] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.965795] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.966259] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 80.966847] PKRU: 55555554 [ 80.967076] Call Trace: [ 80.967292] [ 80.967479] __iommufd_access_detach+0x1c2/0x2b0 [ 80.967877] iommufd_access_change_pt+0x149/0x270 [ 80.968276] iommufd_access_replace+0xb4/0x120 [ 80.968672] iommufd_test+0x3e5/0x37e0 [ 80.968988] ? lock_release+0x532/0x770 [ 80.969319] ? __might_fault+0x102/0x1b0 [ 80.969656] ? lock_acquire+0x427/0x4c0 [ 80.969988] ? __pfx_iommufd_test+0x10/0x10 [ 80.970334] ? __pfx_lock_release+0x10/0x10 [ 80.970706] ? __pfx_lock_acquire+0x10/0x10 [ 80.971065] ? write_comp_data+0x2f/0x90 [ 80.971409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.971813] ? write_comp_data+0x2f/0x90 [ 80.972154] iommufd_fops_ioctl+0x37d/0x510 [ 80.972508] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.972912] ? write_comp_data+0x2f/0x90 [ 80.973251] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.973643] __x64_sys_ioctl+0x1a3/0x230 [ 80.973984] do_syscall_64+0x3b/0x90 [ 80.974294] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 80.974738] RIP: 0033:0x7f4b8743ee5d [ 80.975039] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 80.976511] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 80.977122] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 80.977695] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 80.978267] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 80.978858] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 80.979441] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 80.980017] [ 80.980207] irq event stamp: 0 [ 80.980460] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 80.980967] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 80.981640] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 80.982305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 80.982822] ---[ end trace 0000000000000000 ]--- [ 80.985560] ------------[ cut here ]------------ [ 80.985953] WARNING: CPU: 1 PID: 682 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 80.986762] Modules linked in: [ 80.987019] CPU: 1 PID: 682 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 80.987703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 80.988575] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 80.988963] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 80.990369] RSP: 0018:ffff888016ed7bd0 EFLAGS: 00010246 [ 80.990789] RAX: 0000000000000000 RBX: ffff888020b3a0a8 RCX: 0000000000000000 [ 80.991337] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 80.991878] RBP: ffff888016ed7be8 R08: ffffed1004167433 R09: ffffed1004167433 [ 80.992426] R10: ffff888020b3a193 R11: ffffed1004167432 R12: ffff8880135d0c00 [ 80.992974] R13: ffff888020b3a1e8 R14: ffff888020999600 R15: 0000000000000000 [ 80.993517] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 80.994128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.994585] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 80.995136] PKRU: 55555554 [ 80.995354] Call Trace: [ 80.995553] [ 80.995726] iommufd_access_destroy_object+0x65/0x170 [ 80.996130] iommufd_object_destroy_user+0x18e/0x220 [ 80.996633] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 80.997365] iommufd_access_destroy+0x43/0x70 [ 80.997730] iommufd_test_staccess_release+0x8d/0xd0 [ 80.998134] __fput+0x26d/0xa40 [ 80.998404] ____fput+0x1e/0x30 [ 80.998771] task_work_run+0x1a4/0x2d0 [ 80.999145] ? __pfx_task_work_run+0x10/0x10 [ 80.999492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 80.999877] ? switch_task_namespaces+0xa9/0xe0 [ 81.000322] do_exit+0xb17/0x2ef0 [ 81.000640] ? lock_acquire+0x427/0x4c0 [ 81.000958] ? __pfx_lock_release+0x10/0x10 [ 81.001299] ? __kasan_check_write+0x18/0x20 [ 81.001648] ? do_raw_spin_lock+0x132/0x2a0 [ 81.002100] ? __pfx_do_exit+0x10/0x10 [ 81.002414] ? debug_smp_processor_id+0x20/0x30 [ 81.002810] ? rcu_is_watching+0x19/0xb0 [ 81.003164] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.003742] ? trace_hardirqs_on+0x26/0x120 [ 81.004247] do_group_exit+0xe0/0x2b0 [ 81.004688] __x64_sys_exit_group+0x47/0x50 [ 81.005027] do_syscall_64+0x3b/0x90 [ 81.005325] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.005832] RIP: 0033:0x7f4b87518a4d [ 81.006122] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.006683] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.007297] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.007852] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.008402] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.008985] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.009647] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.010204] [ 81.010388] irq event stamp: 0 [ 81.010681] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.011320] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.011965] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.012609] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.013168] ---[ end trace 0000000000000000 ]--- [ 81.013964] ------------[ cut here ]------------ [ 81.014333] WARNING: CPU: 1 PID: 682 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.015277] Modules linked in: [ 81.015535] CPU: 1 PID: 682 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.016213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.017119] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.017608] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.019120] RSP: 0018:ffff888016ed7b78 EFLAGS: 00010246 [ 81.019608] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.020163] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 81.020719] RBP: ffff888016ed7b98 R08: ffffed100416743e R09: ffffed100416743e [ 81.021381] R10: ffff888020b3a1ef R11: ffffed100416743d R12: ffff888020b3a290 [ 81.021950] R13: ffff888020b3a0a8 R14: ffffffffffffffff R15: ffff888016ed7c60 [ 81.022534] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.023198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.023744] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 81.024303] PKRU: 55555554 [ 81.024527] Call Trace: [ 81.024732] [ 81.024914] iommufd_ioas_destroy+0x53/0x70 [ 81.025371] iommufd_fops_release+0x1f7/0x370 [ 81.025735] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.026125] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.026541] ? write_comp_data+0x2f/0x90 [ 81.026985] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.027391] __fput+0x26d/0xa40 [ 81.027665] ____fput+0x1e/0x30 [ 81.027937] task_work_run+0x1a4/0x2d0 [ 81.028255] ? __pfx_task_work_run+0x10/0x10 [ 81.028609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.029005] ? switch_task_namespaces+0xa9/0xe0 [ 81.029495] do_exit+0xb17/0x2ef0 [ 81.029770] ? lock_acquire+0x427/0x4c0 [ 81.030094] ? __pfx_lock_release+0x10/0x10 [ 81.030438] ? __kasan_check_write+0x18/0x20 [ 81.030848] ? do_raw_spin_lock+0x132/0x2a0 [ 81.031277] ? __pfx_do_exit+0x10/0x10 [ 81.031593] ? debug_smp_processor_id+0x20/0x30 [ 81.031962] ? rcu_is_watching+0x19/0xb0 [ 81.032284] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.032644] ? trace_hardirqs_on+0x26/0x120 [ 81.032993] do_group_exit+0xe0/0x2b0 [ 81.033332] __x64_sys_exit_group+0x47/0x50 [ 81.033758] do_syscall_64+0x3b/0x90 [ 81.034059] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.034471] RIP: 0033:0x7f4b87518a4d [ 81.034790] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.035280] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.035873] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.036423] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.036981] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.037539] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.038090] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.038685] [ 81.038874] irq event stamp: 0 [ 81.039133] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.039623] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.040269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.040911] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.041402] ---[ end trace 0000000000000000 ]--- [ 81.045810] ------------[ cut here ]------------ [ 81.046215] WARNING: CPU: 1 PID: 683 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.047074] Modules linked in: [ 81.047338] CPU: 1 PID: 683 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.048016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.048882] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.049266] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.050686] RSP: 0018:ffff8880161ffbb8 EFLAGS: 00010246 [ 81.051100] RAX: 0000000000000000 RBX: ffff88801837b8a8 RCX: 0000000000000000 [ 81.051657] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 81.052206] RBP: ffff8880161ffbd0 R08: ffffed100306f733 R09: ffffed100306f733 [ 81.052763] R10: ffff88801837b993 R11: ffffed100306f732 R12: ffff8880148c5800 [ 81.053311] R13: ffff88801837b9e8 R14: ffffffff8352e670 R15: ffff8880161ffe68 [ 81.053858] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.054478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.054946] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ee0 [ 81.055528] PKRU: 55555554 [ 81.055749] Call Trace: [ 81.055948] [ 81.056124] __iommufd_access_detach+0x1c2/0x2b0 [ 81.056509] iommufd_access_change_pt+0x149/0x270 [ 81.056892] iommufd_access_replace+0xb4/0x120 [ 81.057257] iommufd_test+0x3e5/0x37e0 [ 81.057565] ? lock_release+0x532/0x770 [ 81.057890] ? __might_fault+0x102/0x1b0 [ 81.058215] ? lock_acquire+0x427/0x4c0 [ 81.058555] ? __pfx_iommufd_test+0x10/0x10 [ 81.058891] ? __pfx_lock_release+0x10/0x10 [ 81.059258] ? __pfx_lock_acquire+0x10/0x10 [ 81.059606] ? write_comp_data+0x2f/0x90 [ 81.059937] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.060326] ? write_comp_data+0x2f/0x90 [ 81.060655] iommufd_fops_ioctl+0x37d/0x510 [ 81.060995] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.061378] ? write_comp_data+0x2f/0x90 [ 81.061701] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.062079] __x64_sys_ioctl+0x1a3/0x230 [ 81.062406] do_syscall_64+0x3b/0x90 [ 81.062725] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.063143] RIP: 0033:0x7f4b8743ee5d [ 81.063439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.064849] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.065440] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.065993] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.066568] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.067129] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.067682] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.068239] [ 81.068421] irq event stamp: 0 [ 81.068672] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.069162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.069811] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.070461] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.070984] ---[ end trace 0000000000000000 ]--- [ 81.073846] ------------[ cut here ]------------ [ 81.074249] WARNING: CPU: 1 PID: 683 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.075065] Modules linked in: [ 81.075329] CPU: 1 PID: 683 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.076001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.076873] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.077260] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.078688] RSP: 0018:ffff8880161ffbd0 EFLAGS: 00010246 [ 81.079115] RAX: 0000000000000000 RBX: ffff88801837b8a8 RCX: 0000000000000000 [ 81.079673] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 81.080225] RBP: ffff8880161ffbe8 R08: ffffed100306f733 R09: ffffed100306f733 [ 81.080776] R10: ffff88801837b993 R11: ffffed100306f732 R12: ffff888021bca000 [ 81.081326] R13: ffff88801837b9e8 R14: ffff888013f64c00 R15: 0000000000000000 [ 81.081876] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.082496] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.082974] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 81.083539] PKRU: 55555554 [ 81.083764] Call Trace: [ 81.083963] [ 81.084141] iommufd_access_destroy_object+0x65/0x170 [ 81.084548] iommufd_object_destroy_user+0x18e/0x220 [ 81.084953] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.085414] iommufd_access_destroy+0x43/0x70 [ 81.085774] iommufd_test_staccess_release+0x8d/0xd0 [ 81.086179] __fput+0x26d/0xa40 [ 81.086449] ____fput+0x1e/0x30 [ 81.086731] task_work_run+0x1a4/0x2d0 [ 81.087043] ? __pfx_task_work_run+0x10/0x10 [ 81.087402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.087790] ? switch_task_namespaces+0xa9/0xe0 [ 81.088162] do_exit+0xb17/0x2ef0 [ 81.088432] ? lock_acquire+0x427/0x4c0 [ 81.088751] ? __pfx_lock_release+0x10/0x10 [ 81.089097] ? __kasan_check_write+0x18/0x20 [ 81.089447] ? do_raw_spin_lock+0x132/0x2a0 [ 81.089785] ? __pfx_do_exit+0x10/0x10 [ 81.090099] ? debug_smp_processor_id+0x20/0x30 [ 81.090464] ? rcu_is_watching+0x19/0xb0 [ 81.090800] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.091164] ? trace_hardirqs_on+0x26/0x120 [ 81.091507] do_group_exit+0xe0/0x2b0 [ 81.091807] __x64_sys_exit_group+0x47/0x50 [ 81.092140] do_syscall_64+0x3b/0x90 [ 81.092438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.092849] RIP: 0033:0x7f4b87518a4d [ 81.093140] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.093615] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.094201] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.094769] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.095328] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.095882] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.096434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.097001] [ 81.097183] irq event stamp: 0 [ 81.097430] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.097917] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.098581] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.099238] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.099719] ---[ end trace 0000000000000000 ]--- [ 81.100402] ------------[ cut here ]------------ [ 81.100761] WARNING: CPU: 1 PID: 683 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.101522] Modules linked in: [ 81.101765] CPU: 1 PID: 683 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.102413] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.103292] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.103688] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.105063] RSP: 0018:ffff8880161ffb78 EFLAGS: 00010246 [ 81.105470] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.106012] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 81.106562] RBP: ffff8880161ffb98 R08: ffffed100306f73e R09: ffffed100306f73e [ 81.107101] R10: ffff88801837b9ef R11: ffffed100306f73d R12: ffff88801837ba90 [ 81.107646] R13: ffff88801837b8a8 R14: ffffffffffffffff R15: ffff8880161ffc60 [ 81.108183] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.108789] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.109231] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 81.109770] PKRU: 55555554 [ 81.109989] Call Trace: [ 81.110184] [ 81.110359] iommufd_ioas_destroy+0x53/0x70 [ 81.110714] iommufd_fops_release+0x1f7/0x370 [ 81.111065] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.111457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.111841] ? write_comp_data+0x2f/0x90 [ 81.112161] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.112545] __fput+0x26d/0xa40 [ 81.112811] ____fput+0x1e/0x30 [ 81.113069] task_work_run+0x1a4/0x2d0 [ 81.113373] ? __pfx_task_work_run+0x10/0x10 [ 81.113715] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.114098] ? switch_task_namespaces+0xa9/0xe0 [ 81.114463] do_exit+0xb17/0x2ef0 [ 81.114750] ? lock_acquire+0x427/0x4c0 [ 81.115062] ? __pfx_lock_release+0x10/0x10 [ 81.115405] ? __kasan_check_write+0x18/0x20 [ 81.115747] ? do_raw_spin_lock+0x132/0x2a0 [ 81.116082] ? __pfx_do_exit+0x10/0x10 [ 81.116389] ? debug_smp_processor_id+0x20/0x30 [ 81.116752] ? rcu_is_watching+0x19/0xb0 [ 81.117066] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.117414] ? trace_hardirqs_on+0x26/0x120 [ 81.117750] do_group_exit+0xe0/0x2b0 [ 81.118045] __x64_sys_exit_group+0x47/0x50 [ 81.118373] do_syscall_64+0x3b/0x90 [ 81.118687] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.119091] RIP: 0033:0x7f4b87518a4d [ 81.119382] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.119852] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.120427] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.120966] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.121504] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.122045] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.122608] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.123163] [ 81.123341] irq event stamp: 0 [ 81.123584] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.124063] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.124695] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.125329] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.125807] ---[ end trace 0000000000000000 ]--- [ 81.129874] ------------[ cut here ]------------ [ 81.130294] WARNING: CPU: 0 PID: 684 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.131092] Modules linked in: [ 81.131385] CPU: 0 PID: 684 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.132041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.132912] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.133296] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.134743] RSP: 0018:ffff888016ed7bb8 EFLAGS: 00010246 [ 81.135160] RAX: 0000000000000000 RBX: ffff8880167e08a8 RCX: 0000000000000000 [ 81.135738] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 81.136277] RBP: ffff888016ed7bd0 R08: ffffed1002cfc133 R09: ffffed1002cfc133 [ 81.136860] R10: ffff8880167e0993 R11: ffffed1002cfc132 R12: ffff88801842a400 [ 81.137402] R13: ffff8880167e09e8 R14: ffffffff8352e670 R15: ffff888016ed7e68 [ 81.137976] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.138603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.139099] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ef0 [ 81.139652] PKRU: 55555554 [ 81.139892] Call Trace: [ 81.140117] [ 81.140292] __iommufd_access_detach+0x1c2/0x2b0 [ 81.140672] iommufd_access_change_pt+0x149/0x270 [ 81.141084] iommufd_access_replace+0xb4/0x120 [ 81.141462] iommufd_test+0x3e5/0x37e0 [ 81.141759] ? lock_release+0x532/0x770 [ 81.142101] ? __might_fault+0x102/0x1b0 [ 81.142439] ? lock_acquire+0x427/0x4c0 [ 81.142774] ? __pfx_iommufd_test+0x10/0x10 [ 81.143134] ? __pfx_lock_release+0x10/0x10 [ 81.143502] ? __pfx_lock_acquire+0x10/0x10 [ 81.143845] ? write_comp_data+0x2f/0x90 [ 81.144185] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.144590] ? write_comp_data+0x2f/0x90 [ 81.144911] iommufd_fops_ioctl+0x37d/0x510 [ 81.145261] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.145661] ? write_comp_data+0x2f/0x90 [ 81.145984] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.146380] __x64_sys_ioctl+0x1a3/0x230 [ 81.146740] do_syscall_64+0x3b/0x90 [ 81.147042] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.147478] RIP: 0033:0x7f4b8743ee5d [ 81.147787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.149215] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.149832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.150376] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.150974] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.151524] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.152089] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.152638] [ 81.152831] irq event stamp: 0 [ 81.153087] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.153566] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.154220] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.154865] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.155373] ---[ end trace 0000000000000000 ]--- [ 81.158100] ------------[ cut here ]------------ [ 81.158492] WARNING: CPU: 0 PID: 684 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.159292] Modules linked in: [ 81.159550] CPU: 0 PID: 684 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.160206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.161074] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.161453] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.162876] RSP: 0018:ffff888016ed7bd0 EFLAGS: 00010246 [ 81.163294] RAX: 0000000000000000 RBX: ffff8880167e08a8 RCX: 0000000000000000 [ 81.163840] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 81.164363] RBP: ffff888016ed7be8 R08: ffffed1002cfc133 R09: ffffed1002cfc133 [ 81.164906] R10: ffff8880167e0993 R11: ffffed1002cfc132 R12: ffff88800ba2dc00 [ 81.165431] R13: ffff8880167e09e8 R14: ffff88800fa0b700 R15: 0000000000000000 [ 81.165975] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.166583] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.167029] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.167563] PKRU: 55555554 [ 81.167773] Call Trace: [ 81.167961] [ 81.168143] iommufd_access_destroy_object+0x65/0x170 [ 81.168526] iommufd_object_destroy_user+0x18e/0x220 [ 81.168903] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.169353] iommufd_access_destroy+0x43/0x70 [ 81.169694] iommufd_test_staccess_release+0x8d/0xd0 [ 81.170085] __fput+0x26d/0xa40 [ 81.170358] ____fput+0x1e/0x30 [ 81.170627] task_work_run+0x1a4/0x2d0 [ 81.170929] ? __pfx_task_work_run+0x10/0x10 [ 81.171276] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.171653] ? switch_task_namespaces+0xa9/0xe0 [ 81.172009] do_exit+0xb17/0x2ef0 [ 81.172265] ? lock_acquire+0x427/0x4c0 [ 81.172587] ? __pfx_lock_release+0x10/0x10 [ 81.172914] ? __kasan_check_write+0x18/0x20 [ 81.173243] ? do_raw_spin_lock+0x132/0x2a0 [ 81.173582] ? __pfx_do_exit+0x10/0x10 [ 81.173883] ? debug_smp_processor_id+0x20/0x30 [ 81.174235] ? rcu_is_watching+0x19/0xb0 [ 81.174585] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.174933] ? trace_hardirqs_on+0x26/0x120 [ 81.175268] do_group_exit+0xe0/0x2b0 [ 81.175553] __x64_sys_exit_group+0x47/0x50 [ 81.175888] do_syscall_64+0x3b/0x90 [ 81.176172] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.176559] RIP: 0033:0x7f4b87518a4d [ 81.176851] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.177302] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.177873] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.178395] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.178966] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.179510] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.180046] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.180584] [ 81.180759] irq event stamp: 0 [ 81.180991] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.181468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.182089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.182726] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.183209] ---[ end trace 0000000000000000 ]--- [ 81.183879] ------------[ cut here ]------------ [ 81.184227] WARNING: CPU: 0 PID: 684 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.184988] Modules linked in: [ 81.185229] CPU: 0 PID: 684 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.185878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.186732] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.187128] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.188468] RSP: 0018:ffff888016ed7b78 EFLAGS: 00010246 [ 81.188881] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.189397] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 81.189936] RBP: ffff888016ed7b98 R08: ffffed1002cfc13e R09: ffffed1002cfc13e [ 81.190459] R10: ffff8880167e09ef R11: ffffed1002cfc13d R12: ffff8880167e0a90 [ 81.191015] R13: ffff8880167e08a8 R14: ffffffffffffffff R15: ffff888016ed7c60 [ 81.191550] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.192148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.192573] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.193131] PKRU: 55555554 [ 81.193347] Call Trace: [ 81.193538] [ 81.193713] iommufd_ioas_destroy+0x53/0x70 [ 81.194044] iommufd_fops_release+0x1f7/0x370 [ 81.194402] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.194789] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.195166] ? write_comp_data+0x2f/0x90 [ 81.195493] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.195863] __fput+0x26d/0xa40 [ 81.196122] ____fput+0x1e/0x30 [ 81.196395] task_work_run+0x1a4/0x2d0 [ 81.196700] ? __pfx_task_work_run+0x10/0x10 [ 81.197035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.197411] ? switch_task_namespaces+0xa9/0xe0 [ 81.197773] do_exit+0xb17/0x2ef0 [ 81.198032] ? lock_acquire+0x427/0x4c0 [ 81.198331] ? __pfx_lock_release+0x10/0x10 [ 81.198715] ? __kasan_check_write+0x18/0x20 [ 81.199047] ? do_raw_spin_lock+0x132/0x2a0 [ 81.199378] ? __pfx_do_exit+0x10/0x10 [ 81.199691] ? debug_smp_processor_id+0x20/0x30 [ 81.200042] ? rcu_is_watching+0x19/0xb0 [ 81.200342] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.200699] ? trace_hardirqs_on+0x26/0x120 [ 81.201025] do_group_exit+0xe0/0x2b0 [ 81.201307] __x64_sys_exit_group+0x47/0x50 [ 81.201622] do_syscall_64+0x3b/0x90 [ 81.201922] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.202310] RIP: 0033:0x7f4b87518a4d [ 81.202607] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.203074] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.203637] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.204171] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.204704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.205240] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.205759] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.206308] [ 81.206484] irq event stamp: 0 [ 81.206733] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.207309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.208188] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.209070] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.209741] ---[ end trace 0000000000000000 ]--- [ 81.215906] ------------[ cut here ]------------ [ 81.216307] WARNING: CPU: 0 PID: 685 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.217051] Modules linked in: [ 81.217293] CPU: 0 PID: 685 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.217932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.218813] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.219199] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.220548] RSP: 0018:ffff888023d27bb8 EFLAGS: 00010246 [ 81.220944] RAX: 0000000000000000 RBX: ffff888020b518a8 RCX: 0000000000000000 [ 81.221470] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 81.222006] RBP: ffff888023d27bd0 R08: ffffed100416a333 R09: ffffed100416a333 [ 81.222557] R10: ffff888020b51993 R11: ffffed100416a332 R12: ffff888010b27400 [ 81.223090] R13: ffff888020b519e8 R14: ffffffff8352e670 R15: ffff888023d27e68 [ 81.223625] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.224224] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.224656] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 81.225185] PKRU: 55555554 [ 81.225397] Call Trace: [ 81.225591] [ 81.225759] __iommufd_access_detach+0x1c2/0x2b0 [ 81.226123] iommufd_access_change_pt+0x149/0x270 [ 81.226488] iommufd_access_replace+0xb4/0x120 [ 81.226878] iommufd_test+0x3e5/0x37e0 [ 81.227178] ? lock_release+0x532/0x770 [ 81.227483] ? __might_fault+0x102/0x1b0 [ 81.227796] ? lock_acquire+0x427/0x4c0 [ 81.228101] ? __pfx_iommufd_test+0x10/0x10 [ 81.228420] ? __pfx_lock_release+0x10/0x10 [ 81.228749] ? __pfx_lock_acquire+0x10/0x10 [ 81.229078] ? write_comp_data+0x2f/0x90 [ 81.229389] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.229754] ? write_comp_data+0x2f/0x90 [ 81.230069] iommufd_fops_ioctl+0x37d/0x510 [ 81.230392] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.230774] ? write_comp_data+0x2f/0x90 [ 81.231087] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.231457] __x64_sys_ioctl+0x1a3/0x230 [ 81.231773] do_syscall_64+0x3b/0x90 [ 81.232058] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.232447] RIP: 0033:0x7f4b8743ee5d [ 81.232722] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.234095] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.234689] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.235234] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.235789] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.236322] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.236853] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.237394] [ 81.237572] irq event stamp: 0 [ 81.237814] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.238286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.238935] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.239566] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.240043] ---[ end trace 0000000000000000 ]--- [ 81.242769] ------------[ cut here ]------------ [ 81.243157] WARNING: CPU: 0 PID: 685 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.243907] Modules linked in: [ 81.244149] CPU: 0 PID: 685 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.244796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.245637] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.246010] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.247390] RSP: 0018:ffff888023d27bd0 EFLAGS: 00010246 [ 81.247787] RAX: 0000000000000000 RBX: ffff888020b518a8 RCX: 0000000000000000 [ 81.248316] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 81.248846] RBP: ffff888023d27be8 R08: ffffed100416a333 R09: ffffed100416a333 [ 81.249377] R10: ffff888020b51993 R11: ffffed100416a332 R12: ffff888018428800 [ 81.249905] R13: ffff888020b519e8 R14: ffff88800b874100 R15: 0000000000000000 [ 81.250434] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.251048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.251493] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.252029] PKRU: 55555554 [ 81.252241] Call Trace: [ 81.252433] [ 81.252602] iommufd_access_destroy_object+0x65/0x170 [ 81.252995] iommufd_object_destroy_user+0x18e/0x220 [ 81.253382] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.253822] iommufd_access_destroy+0x43/0x70 [ 81.254167] iommufd_test_staccess_release+0x8d/0xd0 [ 81.254580] __fput+0x26d/0xa40 [ 81.254844] ____fput+0x1e/0x30 [ 81.255102] task_work_run+0x1a4/0x2d0 [ 81.255415] ? __pfx_task_work_run+0x10/0x10 [ 81.255758] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.256291] ? switch_task_namespaces+0xa9/0xe0 [ 81.256776] do_exit+0xb17/0x2ef0 [ 81.257038] ? lock_acquire+0x427/0x4c0 [ 81.257343] ? __pfx_lock_release+0x10/0x10 [ 81.257689] ? __kasan_check_write+0x18/0x20 [ 81.258121] ? do_raw_spin_lock+0x132/0x2a0 [ 81.258440] ? __pfx_do_exit+0x10/0x10 [ 81.258755] ? debug_smp_processor_id+0x20/0x30 [ 81.259118] ? rcu_is_watching+0x19/0xb0 [ 81.259452] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.259894] ? trace_hardirqs_on+0x26/0x120 [ 81.260230] do_group_exit+0xe0/0x2b0 [ 81.260515] __x64_sys_exit_group+0x47/0x50 [ 81.260842] do_syscall_64+0x3b/0x90 [ 81.261267] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.261665] RIP: 0033:0x7f4b87518a4d [ 81.261941] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.262401] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.262977] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.263515] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.264047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.264714] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.265244] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.265796] [ 81.266014] irq event stamp: 0 [ 81.266323] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.266813] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.267450] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.268224] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.268698] ---[ end trace 0000000000000000 ]--- [ 81.269375] ------------[ cut here ]------------ [ 81.269753] WARNING: CPU: 0 PID: 685 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.270661] Modules linked in: [ 81.270905] CPU: 0 PID: 685 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.271581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.272531] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.272918] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.274412] RSP: 0018:ffff888023d27b78 EFLAGS: 00010246 [ 81.274973] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.275586] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 81.276193] RBP: ffff888023d27b98 R08: ffffed100416a33e R09: ffffed100416a33e [ 81.276724] R10: ffff888020b519ef R11: ffffed100416a33d R12: ffff888020b51a90 [ 81.277400] R13: ffff888020b518a8 R14: ffffffffffffffff R15: ffff888023d27c60 [ 81.277939] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.278599] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.279119] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.279652] PKRU: 55555554 [ 81.279864] Call Trace: [ 81.280057] [ 81.280228] iommufd_ioas_destroy+0x53/0x70 [ 81.280628] iommufd_fops_release+0x1f7/0x370 [ 81.281045] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.281426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.281801] ? write_comp_data+0x2f/0x90 [ 81.282118] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.282661] __fput+0x26d/0xa40 [ 81.282930] ____fput+0x1e/0x30 [ 81.283198] task_work_run+0x1a4/0x2d0 [ 81.283502] ? __pfx_task_work_run+0x10/0x10 [ 81.283846] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.284218] ? switch_task_namespaces+0xa9/0xe0 [ 81.284603] do_exit+0xb17/0x2ef0 [ 81.284980] ? lock_acquire+0x427/0x4c0 [ 81.285289] ? __pfx_lock_release+0x10/0x10 [ 81.285621] ? __kasan_check_write+0x18/0x20 [ 81.285960] ? do_raw_spin_lock+0x132/0x2a0 [ 81.286411] ? __pfx_do_exit+0x10/0x10 [ 81.286738] ? debug_smp_processor_id+0x20/0x30 [ 81.287092] ? rcu_is_watching+0x19/0xb0 [ 81.287413] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.287822] ? trace_hardirqs_on+0x26/0x120 [ 81.288249] do_group_exit+0xe0/0x2b0 [ 81.288543] __x64_sys_exit_group+0x47/0x50 [ 81.288932] do_syscall_64+0x3b/0x90 [ 81.289291] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.289700] RIP: 0033:0x7f4b87518a4d [ 81.290086] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.290557] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.291264] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.291858] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.292483] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.293107] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.293731] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.294411] [ 81.294608] irq event stamp: 0 [ 81.294853] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.295484] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.296194] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.296942] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.297586] ---[ end trace 0000000000000000 ]--- [ 81.302896] ------------[ cut here ]------------ [ 81.303288] WARNING: CPU: 0 PID: 686 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.304222] Modules linked in: [ 81.304470] CPU: 0 PID: 686 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.305262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.306252] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.306662] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.308213] RSP: 0018:ffff888015cb7bb8 EFLAGS: 00010246 [ 81.308786] RAX: 0000000000000000 RBX: ffff888013be88a8 RCX: 0000000000000000 [ 81.309360] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 81.310002] RBP: ffff888015cb7bd0 R08: ffffed100277d133 R09: ffffed100277d133 [ 81.310559] R10: ffff888013be8993 R11: ffffed100277d132 R12: ffff88800ba2c000 [ 81.311106] R13: ffff888013be89e8 R14: ffffffff8352e670 R15: ffff888015cb7e68 [ 81.311670] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.312282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.312729] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ef0 [ 81.313274] PKRU: 55555554 [ 81.313491] Call Trace: [ 81.313688] [ 81.313864] __iommufd_access_detach+0x1c2/0x2b0 [ 81.314245] iommufd_access_change_pt+0x149/0x270 [ 81.314655] iommufd_access_replace+0xb4/0x120 [ 81.315025] iommufd_test+0x3e5/0x37e0 [ 81.315333] ? lock_release+0x532/0x770 [ 81.315652] ? __might_fault+0x102/0x1b0 [ 81.315971] ? lock_acquire+0x427/0x4c0 [ 81.316285] ? __pfx_iommufd_test+0x10/0x10 [ 81.316615] ? __pfx_lock_release+0x10/0x10 [ 81.316955] ? __pfx_lock_acquire+0x10/0x10 [ 81.317296] ? write_comp_data+0x2f/0x90 [ 81.317620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.317999] ? write_comp_data+0x2f/0x90 [ 81.318328] iommufd_fops_ioctl+0x37d/0x510 [ 81.318684] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.319072] ? write_comp_data+0x2f/0x90 [ 81.319409] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.319959] __x64_sys_ioctl+0x1a3/0x230 [ 81.320294] do_syscall_64+0x3b/0x90 [ 81.320595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.321134] RIP: 0033:0x7f4b8743ee5d [ 81.321425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.322828] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.323418] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.323964] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.324507] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.325048] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.325596] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.326147] [ 81.326326] irq event stamp: 0 [ 81.326587] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.327071] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.327721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.328512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.329054] ---[ end trace 0000000000000000 ]--- [ 81.332447] ------------[ cut here ]------------ [ 81.332848] WARNING: CPU: 0 PID: 686 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.333729] Modules linked in: [ 81.334039] CPU: 0 PID: 686 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.334869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.335920] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.336340] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.337905] RSP: 0018:ffff888015cb7bd0 EFLAGS: 00010246 [ 81.338533] RAX: 0000000000000000 RBX: ffff888013be88a8 RCX: 0000000000000000 [ 81.339123] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 81.339855] RBP: ffff888015cb7be8 R08: ffffed100277d133 R09: ffffed100277d133 [ 81.340428] R10: ffff888013be8993 R11: ffffed100277d132 R12: ffff888010b25800 [ 81.341164] R13: ffff888013be89e8 R14: ffff88800f253c00 R15: 0000000000000000 [ 81.341876] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.342539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.343160] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.343735] PKRU: 55555554 [ 81.343995] Call Trace: [ 81.344318] [ 81.344504] iommufd_access_destroy_object+0x65/0x170 [ 81.344934] iommufd_object_destroy_user+0x18e/0x220 [ 81.345509] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.345983] iommufd_access_destroy+0x43/0x70 [ 81.346534] iommufd_test_staccess_release+0x8d/0xd0 [ 81.346962] __fput+0x26d/0xa40 [ 81.347409] ____fput+0x1e/0x30 [ 81.347695] task_work_run+0x1a4/0x2d0 [ 81.348022] ? __pfx_task_work_run+0x10/0x10 [ 81.348522] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.348942] ? switch_task_namespaces+0xa9/0xe0 [ 81.349411] do_exit+0xb17/0x2ef0 [ 81.349781] ? lock_acquire+0x427/0x4c0 [ 81.350119] ? __pfx_lock_release+0x10/0x10 [ 81.350547] ? __kasan_check_write+0x18/0x20 [ 81.351009] ? do_raw_spin_lock+0x132/0x2a0 [ 81.351374] ? __pfx_do_exit+0x10/0x10 [ 81.351707] ? debug_smp_processor_id+0x20/0x30 [ 81.352096] ? rcu_is_watching+0x19/0xb0 [ 81.352434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.352818] ? trace_hardirqs_on+0x26/0x120 [ 81.353179] do_group_exit+0xe0/0x2b0 [ 81.353492] __x64_sys_exit_group+0x47/0x50 [ 81.353841] do_syscall_64+0x3b/0x90 [ 81.354153] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.354594] RIP: 0033:0x7f4b87518a4d [ 81.354900] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.355406] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.356019] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.356591] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.357166] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.357738] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.358308] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.358909] [ 81.359098] irq event stamp: 0 [ 81.359369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.359877] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.360549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.361228] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.361728] ---[ end trace 0000000000000000 ]--- [ 81.362444] ------------[ cut here ]------------ [ 81.362856] WARNING: CPU: 0 PID: 686 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.363677] Modules linked in: [ 81.363937] CPU: 0 PID: 686 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.364640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.365557] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.365969] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.367536] RSP: 0018:ffff888015cb7b78 EFLAGS: 00010246 [ 81.367971] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.368541] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 81.369111] RBP: ffff888015cb7b98 R08: ffffed100277d13e R09: ffffed100277d13e [ 81.369683] R10: ffff888013be89ef R11: ffffed100277d13d R12: ffff888013be8a90 [ 81.370253] R13: ffff888013be88a8 R14: ffffffffffffffff R15: ffff888015cb7c60 [ 81.370840] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.371496] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.371963] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.372536] PKRU: 55555554 [ 81.372765] Call Trace: [ 81.372972] [ 81.373157] iommufd_ioas_destroy+0x53/0x70 [ 81.373515] iommufd_fops_release+0x1f7/0x370 [ 81.373888] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.374297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.374723] ? write_comp_data+0x2f/0x90 [ 81.375065] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.375485] __fput+0x26d/0xa40 [ 81.375769] ____fput+0x1e/0x30 [ 81.376044] task_work_run+0x1a4/0x2d0 [ 81.376370] ? __pfx_task_work_run+0x10/0x10 [ 81.376731] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.377128] ? switch_task_namespaces+0xa9/0xe0 [ 81.377514] do_exit+0xb17/0x2ef0 [ 81.377795] ? lock_acquire+0x427/0x4c0 [ 81.378127] ? __pfx_lock_release+0x10/0x10 [ 81.378482] ? __kasan_check_write+0x18/0x20 [ 81.378864] ? do_raw_spin_lock+0x132/0x2a0 [ 81.379226] ? __pfx_do_exit+0x10/0x10 [ 81.379551] ? debug_smp_processor_id+0x20/0x30 [ 81.379935] ? rcu_is_watching+0x19/0xb0 [ 81.380269] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.380647] ? trace_hardirqs_on+0x26/0x120 [ 81.381003] do_group_exit+0xe0/0x2b0 [ 81.381311] __x64_sys_exit_group+0x47/0x50 [ 81.381665] do_syscall_64+0x3b/0x90 [ 81.381976] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.382398] RIP: 0033:0x7f4b87518a4d [ 81.382716] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.383222] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.383843] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.384421] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.384995] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.385579] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.386155] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.386764] [ 81.386956] irq event stamp: 0 [ 81.387221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.387728] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.388404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.389071] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.389580] ---[ end trace 0000000000000000 ]--- [ 81.393341] ------------[ cut here ]------------ [ 81.393762] WARNING: CPU: 0 PID: 687 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.394749] Modules linked in: [ 81.395014] CPU: 0 PID: 687 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.395736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.396633] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.397037] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.398492] RSP: 0018:ffff888012df7bb8 EFLAGS: 00010246 [ 81.398974] RAX: 0000000000000000 RBX: ffff88800fc740a8 RCX: 0000000000000000 [ 81.399551] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 81.400122] RBP: ffff888012df7bd0 R08: ffffed1001f8e833 R09: ffffed1001f8e833 [ 81.400694] R10: ffff88800fc74193 R11: ffffed1001f8e832 R12: ffff888016478400 [ 81.401263] R13: ffff88800fc741e8 R14: ffffffff8352e670 R15: ffff888012df7e68 [ 81.401837] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.402480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.402969] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ef0 [ 81.403558] PKRU: 55555554 [ 81.403787] Call Trace: [ 81.403994] [ 81.404178] __iommufd_access_detach+0x1c2/0x2b0 [ 81.404577] iommufd_access_change_pt+0x149/0x270 [ 81.404979] iommufd_access_replace+0xb4/0x120 [ 81.405357] iommufd_test+0x3e5/0x37e0 [ 81.405675] ? lock_release+0x532/0x770 [ 81.406005] ? __might_fault+0x102/0x1b0 [ 81.406353] ? lock_acquire+0x427/0x4c0 [ 81.406705] ? __pfx_iommufd_test+0x10/0x10 [ 81.407060] ? __pfx_lock_release+0x10/0x10 [ 81.407431] ? __pfx_lock_acquire+0x10/0x10 [ 81.407795] ? write_comp_data+0x2f/0x90 [ 81.408139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.408540] ? write_comp_data+0x2f/0x90 [ 81.408882] iommufd_fops_ioctl+0x37d/0x510 [ 81.409239] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.409647] ? write_comp_data+0x2f/0x90 [ 81.409987] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.410380] __x64_sys_ioctl+0x1a3/0x230 [ 81.410743] do_syscall_64+0x3b/0x90 [ 81.411061] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.411498] RIP: 0033:0x7f4b8743ee5d [ 81.411806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.413282] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.413900] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.414470] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.415059] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.415649] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.416224] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.416810] [ 81.417001] irq event stamp: 0 [ 81.417256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.417766] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.418442] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.419143] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.419656] ---[ end trace 0000000000000000 ]--- [ 81.422417] ------------[ cut here ]------------ [ 81.422848] WARNING: CPU: 0 PID: 687 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.423671] Modules linked in: [ 81.423932] CPU: 0 PID: 687 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.424628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.425532] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.425940] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.427423] RSP: 0018:ffff888012df7bd0 EFLAGS: 00010246 [ 81.427859] RAX: 0000000000000000 RBX: ffff88800fc740a8 RCX: 0000000000000000 [ 81.428431] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 81.429006] RBP: ffff888012df7be8 R08: ffffed1001f8e833 R09: ffffed1001f8e833 [ 81.429580] R10: ffff88800fc74193 R11: ffffed1001f8e832 R12: ffff88800ba2f000 [ 81.430156] R13: ffff88800fc741e8 R14: ffff888020e6e400 R15: 0000000000000000 [ 81.430751] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.431404] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.431876] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.432451] PKRU: 55555554 [ 81.432683] Call Trace: [ 81.432891] [ 81.433077] iommufd_access_destroy_object+0x65/0x170 [ 81.433501] iommufd_object_destroy_user+0x18e/0x220 [ 81.433924] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.434406] iommufd_access_destroy+0x43/0x70 [ 81.434803] iommufd_test_staccess_release+0x8d/0xd0 [ 81.435250] __fput+0x26d/0xa40 [ 81.435542] ____fput+0x1e/0x30 [ 81.435822] task_work_run+0x1a4/0x2d0 [ 81.436147] ? __pfx_task_work_run+0x10/0x10 [ 81.436514] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.436918] ? switch_task_namespaces+0xa9/0xe0 [ 81.437308] do_exit+0xb17/0x2ef0 [ 81.437596] ? lock_acquire+0x427/0x4c0 [ 81.437940] ? __pfx_lock_release+0x10/0x10 [ 81.438301] ? __kasan_check_write+0x18/0x20 [ 81.438689] ? do_raw_spin_lock+0x132/0x2a0 [ 81.439053] ? __pfx_do_exit+0x10/0x10 [ 81.439393] ? debug_smp_processor_id+0x20/0x30 [ 81.439782] ? rcu_is_watching+0x19/0xb0 [ 81.440122] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.440504] ? trace_hardirqs_on+0x26/0x120 [ 81.440861] do_group_exit+0xe0/0x2b0 [ 81.441174] __x64_sys_exit_group+0x47/0x50 [ 81.441527] do_syscall_64+0x3b/0x90 [ 81.441842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.442271] RIP: 0033:0x7f4b87518a4d [ 81.442608] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.443123] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.443740] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.444317] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.444896] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.445468] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.446043] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.446643] [ 81.446841] irq event stamp: 0 [ 81.447103] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.447606] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.448261] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.448916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.449414] ---[ end trace 0000000000000000 ]--- [ 81.450124] ------------[ cut here ]------------ [ 81.450499] WARNING: CPU: 0 PID: 687 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.451347] Modules linked in: [ 81.451601] CPU: 0 PID: 687 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.452282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.453166] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.453574] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.455040] RSP: 0018:ffff888012df7b78 EFLAGS: 00010246 [ 81.455475] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.456029] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 81.456589] RBP: ffff888012df7b98 R08: ffffed1001f8e83e R09: ffffed1001f8e83e [ 81.457147] R10: ffff88800fc741ef R11: ffffed1001f8e83d R12: ffff88800fc74290 [ 81.457704] R13: ffff88800fc740a8 R14: ffffffffffffffff R15: ffff888012df7c60 [ 81.458257] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.458902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.459368] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.459931] PKRU: 55555554 [ 81.460157] Call Trace: [ 81.460361] [ 81.460541] iommufd_ioas_destroy+0x53/0x70 [ 81.460891] iommufd_fops_release+0x1f7/0x370 [ 81.461250] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.461649] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.462045] ? write_comp_data+0x2f/0x90 [ 81.462382] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.462806] __fput+0x26d/0xa40 [ 81.463086] ____fput+0x1e/0x30 [ 81.463363] task_work_run+0x1a4/0x2d0 [ 81.463683] ? __pfx_task_work_run+0x10/0x10 [ 81.464043] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.464436] ? switch_task_namespaces+0xa9/0xe0 [ 81.464817] do_exit+0xb17/0x2ef0 [ 81.465095] ? lock_acquire+0x427/0x4c0 [ 81.465420] ? __pfx_lock_release+0x10/0x10 [ 81.465767] ? __kasan_check_write+0x18/0x20 [ 81.466119] ? do_raw_spin_lock+0x132/0x2a0 [ 81.466463] ? __pfx_do_exit+0x10/0x10 [ 81.466803] ? debug_smp_processor_id+0x20/0x30 [ 81.467186] ? rcu_is_watching+0x19/0xb0 [ 81.467514] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.467880] ? trace_hardirqs_on+0x26/0x120 [ 81.468226] do_group_exit+0xe0/0x2b0 [ 81.468530] __x64_sys_exit_group+0x47/0x50 [ 81.468874] do_syscall_64+0x3b/0x90 [ 81.469177] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.469592] RIP: 0033:0x7f4b87518a4d [ 81.469890] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.470368] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.470990] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.471561] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.472121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.472677] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.473236] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.473802] [ 81.473988] irq event stamp: 0 [ 81.474239] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.474754] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.475431] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.476090] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.476587] ---[ end trace 0000000000000000 ]--- [ 81.480340] ------------[ cut here ]------------ [ 81.480736] WARNING: CPU: 0 PID: 688 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.481503] Modules linked in: [ 81.481749] CPU: 0 PID: 688 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.482414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.483481] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.483881] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.485266] RSP: 0018:ffff888016757bb8 EFLAGS: 00010246 [ 81.485677] RAX: 0000000000000000 RBX: ffff8880184c60a8 RCX: 0000000000000000 [ 81.486227] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 81.486789] RBP: ffff888016757bd0 R08: ffffed1003098c33 R09: ffffed1003098c33 [ 81.487332] R10: ffff8880184c6193 R11: ffffed1003098c32 R12: ffff888020b30400 [ 81.487883] R13: ffff8880184c61e8 R14: ffffffff8352e670 R15: ffff888016757e68 [ 81.488431] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.489049] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.489493] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ef0 [ 81.490039] PKRU: 55555554 [ 81.490257] Call Trace: [ 81.490454] [ 81.490656] __iommufd_access_detach+0x1c2/0x2b0 [ 81.491041] iommufd_access_change_pt+0x149/0x270 [ 81.491433] iommufd_access_replace+0xb4/0x120 [ 81.491795] iommufd_test+0x3e5/0x37e0 [ 81.492095] ? lock_release+0x532/0x770 [ 81.492414] ? __might_fault+0x102/0x1b0 [ 81.492737] ? lock_acquire+0x427/0x4c0 [ 81.493052] ? __pfx_iommufd_test+0x10/0x10 [ 81.493387] ? __pfx_lock_release+0x10/0x10 [ 81.493729] ? __pfx_lock_acquire+0x10/0x10 [ 81.494075] ? write_comp_data+0x2f/0x90 [ 81.494400] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.494798] ? write_comp_data+0x2f/0x90 [ 81.495133] iommufd_fops_ioctl+0x37d/0x510 [ 81.495476] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.495863] ? write_comp_data+0x2f/0x90 [ 81.496187] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.496561] __x64_sys_ioctl+0x1a3/0x230 [ 81.496883] do_syscall_64+0x3b/0x90 [ 81.497188] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.497598] RIP: 0033:0x7f4b8743ee5d [ 81.497888] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.499304] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.499893] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.500433] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.500978] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.501521] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.502092] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.502658] [ 81.502845] irq event stamp: 0 [ 81.503087] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.503573] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.504214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.504850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.505331] ---[ end trace 0000000000000000 ]--- [ 81.508045] ------------[ cut here ]------------ [ 81.508439] WARNING: CPU: 0 PID: 688 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.509205] Modules linked in: [ 81.509453] CPU: 0 PID: 688 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.510114] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.511016] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.511409] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.512801] RSP: 0018:ffff888016757bd0 EFLAGS: 00010246 [ 81.513209] RAX: 0000000000000000 RBX: ffff8880184c60a8 RCX: 0000000000000000 [ 81.513754] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 81.514294] RBP: ffff888016757be8 R08: ffffed1003098c33 R09: ffffed1003098c33 [ 81.514847] R10: ffff8880184c6193 R11: ffffed1003098c32 R12: ffff88801226d400 [ 81.515403] R13: ffff8880184c61e8 R14: ffff888020ddd800 R15: 0000000000000000 [ 81.515957] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.516918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.517518] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.518086] PKRU: 55555554 [ 81.518404] Call Trace: [ 81.518625] [ 81.518800] iommufd_access_destroy_object+0x65/0x170 [ 81.519282] iommufd_object_destroy_user+0x18e/0x220 [ 81.519722] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.520214] iommufd_access_destroy+0x43/0x70 [ 81.520652] iommufd_test_staccess_release+0x8d/0xd0 [ 81.521067] __fput+0x26d/0xa40 [ 81.521459] ____fput+0x1e/0x30 [ 81.521727] task_work_run+0x1a4/0x2d0 [ 81.522038] ? __pfx_task_work_run+0x10/0x10 [ 81.522387] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.522935] ? switch_task_namespaces+0xa9/0xe0 [ 81.523317] do_exit+0xb17/0x2ef0 [ 81.523590] ? lock_acquire+0x427/0x4c0 [ 81.523972] ? __pfx_lock_release+0x10/0x10 [ 81.524365] ? __kasan_check_write+0x18/0x20 [ 81.524714] ? do_raw_spin_lock+0x132/0x2a0 [ 81.525195] ? __pfx_do_exit+0x10/0x10 [ 81.525510] ? debug_smp_processor_id+0x20/0x30 [ 81.525927] ? rcu_is_watching+0x19/0xb0 [ 81.526323] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.526703] ? trace_hardirqs_on+0x26/0x120 [ 81.527046] do_group_exit+0xe0/0x2b0 [ 81.527500] __x64_sys_exit_group+0x47/0x50 [ 81.527839] do_syscall_64+0x3b/0x90 [ 81.528148] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.528676] RIP: 0033:0x7f4b87518a4d [ 81.528969] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.529585] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.530194] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.530883] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.531444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.532141] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.532756] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.533395] [ 81.533606] irq event stamp: 0 [ 81.533947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.534442] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.535253] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.535934] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.536511] ---[ end trace 0000000000000000 ]--- [ 81.537280] ------------[ cut here ]------------ [ 81.537648] WARNING: CPU: 0 PID: 688 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.538605] Modules linked in: [ 81.538860] CPU: 0 PID: 688 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.539704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.540757] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.541164] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.542767] RSP: 0018:ffff888016757b78 EFLAGS: 00010246 [ 81.543285] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.543951] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 81.544707] RBP: ffff888016757b98 R08: ffffed1003098c3e R09: ffffed1003098c3e [ 81.545319] R10: ffff8880184c61ef R11: ffffed1003098c3d R12: ffff8880184c6290 [ 81.546053] R13: ffff8880184c60a8 R14: ffffffffffffffff R15: ffff888016757c60 [ 81.546828] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.547507] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.548147] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.548736] PKRU: 55555554 [ 81.549003] Call Trace: [ 81.549355] [ 81.549549] iommufd_ioas_destroy+0x53/0x70 [ 81.549918] iommufd_fops_release+0x1f7/0x370 [ 81.550446] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.550879] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.551298] ? write_comp_data+0x2f/0x90 [ 81.551797] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.552215] __fput+0x26d/0xa40 [ 81.552533] ____fput+0x1e/0x30 [ 81.552927] task_work_run+0x1a4/0x2d0 [ 81.553260] ? __pfx_task_work_run+0x10/0x10 [ 81.553696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.554184] ? switch_task_namespaces+0xa9/0xe0 [ 81.554600] do_exit+0xb17/0x2ef0 [ 81.555042] ? lock_acquire+0x427/0x4c0 [ 81.555396] ? __pfx_lock_release+0x10/0x10 [ 81.555763] ? __kasan_check_write+0x18/0x20 [ 81.556166] ? do_raw_spin_lock+0x132/0x2a0 [ 81.556644] ? __pfx_do_exit+0x10/0x10 [ 81.556998] ? debug_smp_processor_id+0x20/0x30 [ 81.557571] ? rcu_is_watching+0x19/0xb0 [ 81.557934] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.558410] ? trace_hardirqs_on+0x26/0x120 [ 81.558902] do_group_exit+0xe0/0x2b0 [ 81.559248] __x64_sys_exit_group+0x47/0x50 [ 81.559623] do_syscall_64+0x3b/0x90 [ 81.560033] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.560610] RIP: 0033:0x7f4b87518a4d [ 81.560954] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.561655] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.562501] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.563163] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.563867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.564590] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.565391] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.566096] [ 81.566417] irq event stamp: 0 [ 81.566718] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.567290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.568022] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.568752] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.569302] ---[ end trace 0000000000000000 ]--- [ 81.573801] ------------[ cut here ]------------ [ 81.574256] WARNING: CPU: 0 PID: 689 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.575226] Modules linked in: [ 81.575512] CPU: 0 PID: 689 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.576264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.577248] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.577707] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.579399] RSP: 0018:ffff888017267bb8 EFLAGS: 00010246 [ 81.579898] RAX: 0000000000000000 RBX: ffff8880137660a8 RCX: 0000000000000000 [ 81.580556] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 81.581212] RBP: ffff888017267bd0 R08: ffffed10026ecc33 R09: ffffed10026ecc33 [ 81.581860] R10: ffff888013766193 R11: ffffed10026ecc32 R12: ffff8880189e3c00 [ 81.582542] R13: ffff8880137661e8 R14: ffffffff8352e670 R15: ffff888017267e68 [ 81.583226] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.583971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.584500] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ef0 [ 81.585152] PKRU: 55555554 [ 81.585418] Call Trace: [ 81.585656] [ 81.585866] __iommufd_access_detach+0x1c2/0x2b0 [ 81.586317] iommufd_access_change_pt+0x149/0x270 [ 81.586800] iommufd_access_replace+0xb4/0x120 [ 81.587250] iommufd_test+0x3e5/0x37e0 [ 81.587609] ? lock_release+0x532/0x770 [ 81.587986] ? __might_fault+0x102/0x1b0 [ 81.588378] ? lock_acquire+0x427/0x4c0 [ 81.588762] ? __pfx_iommufd_test+0x10/0x10 [ 81.589160] ? __pfx_lock_release+0x10/0x10 [ 81.589573] ? __pfx_lock_acquire+0x10/0x10 [ 81.589981] ? write_comp_data+0x2f/0x90 [ 81.590363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.590842] ? write_comp_data+0x2f/0x90 [ 81.591249] iommufd_fops_ioctl+0x37d/0x510 [ 81.591660] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.592126] ? write_comp_data+0x2f/0x90 [ 81.592513] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.592969] __x64_sys_ioctl+0x1a3/0x230 [ 81.593359] do_syscall_64+0x3b/0x90 [ 81.593712] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.594199] RIP: 0033:0x7f4b8743ee5d [ 81.594589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.596277] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.596984] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.597640] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.598296] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.599001] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.599668] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.600334] [ 81.600551] irq event stamp: 0 [ 81.600844] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.601425] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.602197] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.603053] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.603654] ---[ end trace 0000000000000000 ]--- [ 81.606762] ------------[ cut here ]------------ [ 81.607248] WARNING: CPU: 0 PID: 689 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.608173] Modules linked in: [ 81.608467] CPU: 0 PID: 689 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.609259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.610295] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.610960] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.612653] RSP: 0018:ffff888017267bd0 EFLAGS: 00010246 [ 81.613151] RAX: 0000000000000000 RBX: ffff8880137660a8 RCX: 0000000000000000 [ 81.613804] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 81.614454] RBP: ffff888017267be8 R08: ffffed10026ecc33 R09: ffffed10026ecc33 [ 81.615170] R10: ffff888013766193 R11: ffffed10026ecc32 R12: ffff888020b30000 [ 81.615847] R13: ffff8880137661e8 R14: ffff88800fd08d00 R15: 0000000000000000 [ 81.616509] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.617248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.617777] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.618426] PKRU: 55555554 [ 81.618719] Call Trace: [ 81.618959] [ 81.619179] iommufd_access_destroy_object+0x65/0x170 [ 81.619668] iommufd_object_destroy_user+0x18e/0x220 [ 81.620152] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.620690] iommufd_access_destroy+0x43/0x70 [ 81.621113] iommufd_test_staccess_release+0x8d/0xd0 [ 81.621589] __fput+0x26d/0xa40 [ 81.621909] ____fput+0x1e/0x30 [ 81.622220] task_work_run+0x1a4/0x2d0 [ 81.622617] ? __pfx_task_work_run+0x10/0x10 [ 81.623034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.623504] ? switch_task_namespaces+0xa9/0xe0 [ 81.623958] do_exit+0xb17/0x2ef0 [ 81.624286] ? lock_acquire+0x427/0x4c0 [ 81.624665] ? __pfx_lock_release+0x10/0x10 [ 81.625078] ? __kasan_check_write+0x18/0x20 [ 81.625497] ? do_raw_spin_lock+0x132/0x2a0 [ 81.625908] ? __pfx_do_exit+0x10/0x10 [ 81.626282] ? debug_smp_processor_id+0x20/0x30 [ 81.626753] ? rcu_is_watching+0x19/0xb0 [ 81.627149] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.627593] ? trace_hardirqs_on+0x26/0x120 [ 81.628012] do_group_exit+0xe0/0x2b0 [ 81.628376] __x64_sys_exit_group+0x47/0x50 [ 81.628786] do_syscall_64+0x3b/0x90 [ 81.629150] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.629648] RIP: 0033:0x7f4b87518a4d [ 81.629999] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.630597] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.631319] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.631985] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.632649] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.633330] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.634005] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.634703] [ 81.634926] irq event stamp: 0 [ 81.635234] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.635827] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.636601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.637378] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.637972] ---[ end trace 0000000000000000 ]--- [ 81.638784] ------------[ cut here ]------------ [ 81.639248] WARNING: CPU: 0 PID: 689 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.640183] Modules linked in: [ 81.640489] CPU: 0 PID: 689 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.641299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.642341] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.642857] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.644578] RSP: 0018:ffff888017267b78 EFLAGS: 00010246 [ 81.645083] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.645739] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 81.646396] RBP: ffff888017267b98 R08: ffffed10026ecc3e R09: ffffed10026ecc3e [ 81.647072] R10: ffff8880137661ef R11: ffffed10026ecc3d R12: ffff888013766290 [ 81.647750] R13: ffff8880137660a8 R14: ffffffffffffffff R15: ffff888017267c60 [ 81.648409] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.649154] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.649692] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.650361] PKRU: 55555554 [ 81.650647] Call Trace: [ 81.650894] [ 81.651105] iommufd_ioas_destroy+0x53/0x70 [ 81.651527] iommufd_fops_release+0x1f7/0x370 [ 81.651955] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.652427] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.652899] ? write_comp_data+0x2f/0x90 [ 81.653290] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.653770] __fput+0x26d/0xa40 [ 81.654104] ____fput+0x1e/0x30 [ 81.654431] task_work_run+0x1a4/0x2d0 [ 81.654830] ? __pfx_task_work_run+0x10/0x10 [ 81.655275] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.655741] ? switch_task_namespaces+0xa9/0xe0 [ 81.656187] do_exit+0xb17/0x2ef0 [ 81.656517] ? lock_acquire+0x427/0x4c0 [ 81.656904] ? __pfx_lock_release+0x10/0x10 [ 81.657316] ? __kasan_check_write+0x18/0x20 [ 81.657735] ? do_raw_spin_lock+0x132/0x2a0 [ 81.658146] ? __pfx_do_exit+0x10/0x10 [ 81.658551] ? debug_smp_processor_id+0x20/0x30 [ 81.659001] ? rcu_is_watching+0x19/0xb0 [ 81.659398] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.659828] ? trace_hardirqs_on+0x26/0x120 [ 81.660248] do_group_exit+0xe0/0x2b0 [ 81.660613] __x64_sys_exit_group+0x47/0x50 [ 81.661025] do_syscall_64+0x3b/0x90 [ 81.661391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.661896] RIP: 0033:0x7f4b87518a4d [ 81.662249] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.662848] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.663578] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.664248] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.664909] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.665574] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.666242] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.666938] [ 81.667175] irq event stamp: 0 [ 81.667474] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.668064] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.668848] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.669628] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.670229] ---[ end trace 0000000000000000 ]--- [ 81.674461] ------------[ cut here ]------------ [ 81.675015] WARNING: CPU: 0 PID: 690 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.675970] Modules linked in: [ 81.676268] CPU: 0 PID: 690 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.677070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.678104] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.678784] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.680482] RSP: 0018:ffff888017257bb8 EFLAGS: 00010246 [ 81.680973] RAX: 0000000000000000 RBX: ffff8880147048a8 RCX: 0000000000000000 [ 81.681628] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 81.682285] RBP: ffff888017257bd0 R08: ffffed10028e0933 R09: ffffed10028e0933 [ 81.682961] R10: ffff888014704993 R11: ffffed10028e0932 R12: ffff88800ae90400 [ 81.683633] R13: ffff8880147049e8 R14: ffffffff8352e670 R15: ffff888017257e68 [ 81.684294] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.685045] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.685582] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ef0 [ 81.686241] PKRU: 55555554 [ 81.686522] Call Trace: [ 81.686761] [ 81.686973] __iommufd_access_detach+0x1c2/0x2b0 [ 81.687442] iommufd_access_change_pt+0x149/0x270 [ 81.687880] iommufd_access_replace+0xb4/0x120 [ 81.688296] iommufd_test+0x3e5/0x37e0 [ 81.688642] ? lock_release+0x532/0x770 [ 81.689001] ? __might_fault+0x102/0x1b0 [ 81.689366] ? lock_acquire+0x427/0x4c0 [ 81.689723] ? __pfx_iommufd_test+0x10/0x10 [ 81.690105] ? __pfx_lock_release+0x10/0x10 [ 81.690492] ? __pfx_lock_acquire+0x10/0x10 [ 81.690907] ? write_comp_data+0x2f/0x90 [ 81.691285] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.691713] ? write_comp_data+0x2f/0x90 [ 81.692083] iommufd_fops_ioctl+0x37d/0x510 [ 81.692466] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.692902] ? write_comp_data+0x2f/0x90 [ 81.693271] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.693701] __x64_sys_ioctl+0x1a3/0x230 [ 81.694066] do_syscall_64+0x3b/0x90 [ 81.694405] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.694897] RIP: 0033:0x7f4b8743ee5d [ 81.695244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.696858] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.697520] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.698140] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.698777] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.699407] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.700027] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.700656] [ 81.700864] irq event stamp: 0 [ 81.701143] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.701697] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.702428] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.703193] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.703755] ---[ end trace 0000000000000000 ]--- [ 81.706685] ------------[ cut here ]------------ [ 81.707138] WARNING: CPU: 0 PID: 690 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.708014] Modules linked in: [ 81.708296] CPU: 0 PID: 690 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.709050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.710025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.710458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.712110] RSP: 0018:ffff888017257bd0 EFLAGS: 00010246 [ 81.712579] RAX: 0000000000000000 RBX: ffff8880147048a8 RCX: 0000000000000000 [ 81.713201] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 81.713827] RBP: ffff888017257be8 R08: ffffed10028e0933 R09: ffffed10028e0933 [ 81.714451] R10: ffff888014704993 R11: ffffed10028e0932 R12: ffff8880189e1400 [ 81.715088] R13: ffff8880147049e8 R14: ffff8880139bb400 R15: 0000000000000000 [ 81.715718] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.716414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.716918] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.717536] PKRU: 55555554 [ 81.717783] Call Trace: [ 81.718007] [ 81.718204] iommufd_access_destroy_object+0x65/0x170 [ 81.718690] iommufd_object_destroy_user+0x18e/0x220 [ 81.719153] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.719674] iommufd_access_destroy+0x43/0x70 [ 81.720080] iommufd_test_staccess_release+0x8d/0xd0 [ 81.720530] __fput+0x26d/0xa40 [ 81.720834] ____fput+0x1e/0x30 [ 81.721129] task_work_run+0x1a4/0x2d0 [ 81.721475] ? __pfx_task_work_run+0x10/0x10 [ 81.721863] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.722291] ? switch_task_namespaces+0xa9/0xe0 [ 81.722727] do_exit+0xb17/0x2ef0 [ 81.723032] ? lock_acquire+0x427/0x4c0 [ 81.723413] ? __pfx_lock_release+0x10/0x10 [ 81.723804] ? __kasan_check_write+0x18/0x20 [ 81.724198] ? do_raw_spin_lock+0x132/0x2a0 [ 81.724584] ? __pfx_do_exit+0x10/0x10 [ 81.724939] ? debug_smp_processor_id+0x20/0x30 [ 81.725352] ? rcu_is_watching+0x19/0xb0 [ 81.725712] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.726117] ? trace_hardirqs_on+0x26/0x120 [ 81.726503] do_group_exit+0xe0/0x2b0 [ 81.726874] __x64_sys_exit_group+0x47/0x50 [ 81.727263] do_syscall_64+0x3b/0x90 [ 81.727599] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.728055] RIP: 0033:0x7f4b87518a4d [ 81.728382] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.728918] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.729577] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.730206] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.730842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.731471] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.732091] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.732720] [ 81.732927] irq event stamp: 0 [ 81.733202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.733757] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.734483] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.735253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.735805] ---[ end trace 0000000000000000 ]--- [ 81.736564] ------------[ cut here ]------------ [ 81.736984] WARNING: CPU: 0 PID: 690 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.737869] Modules linked in: [ 81.738151] CPU: 0 PID: 690 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.738921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.739908] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.740361] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.741953] RSP: 0018:ffff888017257b78 EFLAGS: 00010246 [ 81.742418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.743059] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 81.743694] RBP: ffff888017257b98 R08: ffffed10028e093e R09: ffffed10028e093e [ 81.744316] R10: ffff8880147049ef R11: ffffed10028e093d R12: ffff888014704a90 [ 81.744939] R13: ffff8880147048a8 R14: ffffffffffffffff R15: ffff888017257c60 [ 81.745556] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.746257] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.746782] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 81.747412] PKRU: 55555554 [ 81.747657] Call Trace: [ 81.747881] [ 81.748076] iommufd_ioas_destroy+0x53/0x70 [ 81.748459] iommufd_fops_release+0x1f7/0x370 [ 81.748862] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.749304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.749740] ? write_comp_data+0x2f/0x90 [ 81.750105] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.750562] __fput+0x26d/0xa40 [ 81.750871] ____fput+0x1e/0x30 [ 81.751183] task_work_run+0x1a4/0x2d0 [ 81.751533] ? __pfx_task_work_run+0x10/0x10 [ 81.751936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.752371] ? switch_task_namespaces+0xa9/0xe0 [ 81.752792] do_exit+0xb17/0x2ef0 [ 81.753102] ? lock_acquire+0x427/0x4c0 [ 81.753473] ? __pfx_lock_release+0x10/0x10 [ 81.753863] ? __kasan_check_write+0x18/0x20 [ 81.754253] ? do_raw_spin_lock+0x132/0x2a0 [ 81.754654] ? __pfx_do_exit+0x10/0x10 [ 81.755010] ? debug_smp_processor_id+0x20/0x30 [ 81.755436] ? rcu_is_watching+0x19/0xb0 [ 81.755793] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.756195] ? trace_hardirqs_on+0x26/0x120 [ 81.756583] do_group_exit+0xe0/0x2b0 [ 81.756919] __x64_sys_exit_group+0x47/0x50 [ 81.757299] do_syscall_64+0x3b/0x90 [ 81.757638] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.758102] RIP: 0033:0x7f4b87518a4d [ 81.758434] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.758989] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.759665] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.760290] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.760918] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.761540] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.762163] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.762828] [ 81.763041] irq event stamp: 0 [ 81.763328] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.763880] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.764609] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.765334] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.765886] ---[ end trace 0000000000000000 ]--- [ 81.771389] ------------[ cut here ]------------ [ 81.771972] WARNING: CPU: 1 PID: 691 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.773075] Modules linked in: [ 81.773431] CPU: 1 PID: 691 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.774380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.775705] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.776285] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.778643] RSP: 0018:ffff888021b67bb8 EFLAGS: 00010246 [ 81.779303] RAX: 0000000000000000 RBX: ffff88801856c8a8 RCX: 0000000000000000 [ 81.780174] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 81.781007] RBP: ffff888021b67bd0 R08: ffffed10030ad933 R09: ffffed10030ad933 [ 81.781962] R10: ffff88801856c993 R11: ffffed10030ad932 R12: ffff888017ba0400 [ 81.783000] R13: ffff88801856c9e8 R14: ffffffff8352e670 R15: ffff888021b67e68 [ 81.783924] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.784915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.785713] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 81.786627] PKRU: 55555554 [ 81.787042] Call Trace: [ 81.787444] [ 81.787714] __iommufd_access_detach+0x1c2/0x2b0 [ 81.788310] iommufd_access_change_pt+0x149/0x270 [ 81.788981] iommufd_access_replace+0xb4/0x120 [ 81.789578] iommufd_test+0x3e5/0x37e0 [ 81.790112] ? lock_release+0x532/0x770 [ 81.790662] ? __might_fault+0x102/0x1b0 [ 81.791220] ? lock_acquire+0x427/0x4c0 [ 81.791783] ? __pfx_iommufd_test+0x10/0x10 [ 81.792296] ? __pfx_lock_release+0x10/0x10 [ 81.792938] ? __pfx_lock_acquire+0x10/0x10 [ 81.793466] ? write_comp_data+0x2f/0x90 [ 81.794106] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.794750] ? write_comp_data+0x2f/0x90 [ 81.795314] iommufd_fops_ioctl+0x37d/0x510 [ 81.795935] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.796561] ? write_comp_data+0x2f/0x90 [ 81.797137] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.797753] __x64_sys_ioctl+0x1a3/0x230 [ 81.798328] do_syscall_64+0x3b/0x90 [ 81.798863] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.799577] RIP: 0033:0x7f4b8743ee5d [ 81.800103] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.802584] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.803454] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.804267] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.804926] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.805733] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.806454] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.807258] [ 81.807481] irq event stamp: 0 [ 81.807772] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.808506] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.809372] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.810218] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.810960] ---[ end trace 0000000000000000 ]--- [ 81.814069] ------------[ cut here ]------------ [ 81.814772] WARNING: CPU: 1 PID: 691 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.815722] Modules linked in: [ 81.816115] CPU: 1 PID: 691 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.816999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.818224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.819062] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.820920] RSP: 0018:ffff888021b67bd0 EFLAGS: 00010246 [ 81.821463] RAX: 0000000000000000 RBX: ffff88801856c8a8 RCX: 0000000000000000 [ 81.822263] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 81.823046] RBP: ffff888021b67be8 R08: ffffed10030ad933 R09: ffffed10030ad933 [ 81.823807] R10: ffff88801856c993 R11: ffffed10030ad932 R12: ffff8880148c5000 [ 81.824637] R13: ffff88801856c9e8 R14: ffff888020e7a000 R15: 0000000000000000 [ 81.825454] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.826464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.827088] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 81.827954] PKRU: 55555554 [ 81.828340] Call Trace: [ 81.828598] [ 81.828831] iommufd_access_destroy_object+0x65/0x170 [ 81.829471] iommufd_object_destroy_user+0x18e/0x220 [ 81.830088] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.830771] iommufd_access_destroy+0x43/0x70 [ 81.831338] iommufd_test_staccess_release+0x8d/0xd0 [ 81.831485] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 81.831866] __fput+0x26d/0xa40 [ 81.833979] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 81.834273] ____fput+0x1e/0x30 [ 81.836113] task_work_run+0x1a4/0x2d0 [ 81.836541] ? __pfx_task_work_run+0x10/0x10 [ 81.837014] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.837524] ? switch_task_namespaces+0xa9/0xe0 [ 81.838013] do_exit+0xb17/0x2ef0 [ 81.838365] ? lock_acquire+0x427/0x4c0 [ 81.838804] ? __pfx_lock_release+0x10/0x10 [ 81.839256] ? __kasan_check_write+0x18/0x20 [ 81.839710] ? do_raw_spin_lock+0x132/0x2a0 [ 81.840147] ? __pfx_do_exit+0x10/0x10 [ 81.840547] ? debug_smp_processor_id+0x20/0x30 [ 81.841027] ? rcu_is_watching+0x19/0xb0 [ 81.841457] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.841933] ? trace_hardirqs_on+0x26/0x120 [ 81.842380] do_group_exit+0xe0/0x2b0 [ 81.842806] __x64_sys_exit_group+0x47/0x50 [ 81.843275] do_syscall_64+0x3b/0x90 [ 81.843673] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.844456] RIP: 0033:0x7f4b87518a4d [ 81.844843] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.845552] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.846414] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.847360] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.848091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.848816] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.849546] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.850280] [ 81.850545] irq event stamp: 0 [ 81.850868] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.851593] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.852576] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.853427] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.854070] ---[ end trace 0000000000000000 ]--- [ 81.855041] ------------[ cut here ]------------ [ 81.855558] WARNING: CPU: 1 PID: 691 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.856585] Modules linked in: [ 81.856911] CPU: 1 PID: 691 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.857786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.859014] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.859558] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.861377] RSP: 0018:ffff888021b67b78 EFLAGS: 00010246 [ 81.861873] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.862548] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 81.863214] RBP: ffff888021b67b98 R08: ffffed10030ad93e R09: ffffed10030ad93e [ 81.863869] R10: ffff88801856c9ef R11: ffffed10030ad93d R12: ffff88801856ca90 [ 81.864521] R13: ffff88801856c8a8 R14: ffffffffffffffff R15: ffff888021b67c60 [ 81.865175] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.865902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.866437] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 81.867132] PKRU: 55555554 [ 81.867398] Call Trace: [ 81.867636] [ 81.867851] iommufd_ioas_destroy+0x53/0x70 [ 81.868257] iommufd_fops_release+0x1f7/0x370 [ 81.868682] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.869150] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.869614] ? write_comp_data+0x2f/0x90 [ 81.870002] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.870463] __fput+0x26d/0xa40 [ 81.870805] ____fput+0x1e/0x30 [ 81.871130] task_work_run+0x1a4/0x2d0 [ 81.871502] ? __pfx_task_work_run+0x10/0x10 [ 81.871916] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.872374] ? switch_task_namespaces+0xa9/0xe0 [ 81.872823] do_exit+0xb17/0x2ef0 [ 81.873148] ? lock_acquire+0x427/0x4c0 [ 81.873530] ? __pfx_lock_release+0x10/0x10 [ 81.873946] ? __kasan_check_write+0x18/0x20 [ 81.874360] ? do_raw_spin_lock+0x132/0x2a0 [ 81.874790] ? __pfx_do_exit+0x10/0x10 [ 81.875180] ? debug_smp_processor_id+0x20/0x30 [ 81.875615] ? rcu_is_watching+0x19/0xb0 [ 81.875992] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.876439] ? trace_hardirqs_on+0x26/0x120 [ 81.876971] do_group_exit+0xe0/0x2b0 [ 81.877442] __x64_sys_exit_group+0x47/0x50 [ 81.877845] do_syscall_64+0x3b/0x90 [ 81.878201] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.878757] RIP: 0033:0x7f4b87518a4d [ 81.879176] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.879735] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.880517] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.881237] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.882034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.882723] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.883532] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.884175] [ 81.884413] irq event stamp: 0 [ 81.884751] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.885302] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.886152] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.886893] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.887581] ---[ end trace 0000000000000000 ]--- [ 81.892167] ------------[ cut here ]------------ [ 81.892616] WARNING: CPU: 1 PID: 693 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.893478] Modules linked in: [ 81.893758] CPU: 1 PID: 693 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.894502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.895534] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.895955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.897488] RSP: 0018:ffff88800e857bb8 EFLAGS: 00010246 [ 81.897933] RAX: 0000000000000000 RBX: ffff8880208cf0a8 RCX: 0000000000000000 [ 81.898552] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 81.899163] RBP: ffff88800e857bd0 R08: ffffed1004119e33 R09: ffffed1004119e33 [ 81.899772] R10: ffff8880208cf193 R11: ffffed1004119e32 R12: ffff8880129c6400 [ 81.900375] R13: ffff8880208cf1e8 R14: ffffffff8352e670 R15: ffff88800e857e68 [ 81.900979] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.901663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.902152] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 81.902776] PKRU: 55555554 [ 81.903021] Call Trace: [ 81.903254] [ 81.903448] __iommufd_access_detach+0x1c2/0x2b0 [ 81.903864] iommufd_access_change_pt+0x149/0x270 [ 81.904285] iommufd_access_replace+0xb4/0x120 [ 81.904689] iommufd_test+0x3e5/0x37e0 [ 81.905023] ? lock_release+0x532/0x770 [ 81.905374] ? __might_fault+0x102/0x1b0 [ 81.905731] ? lock_acquire+0x427/0x4c0 [ 81.906077] ? __pfx_iommufd_test+0x10/0x10 [ 81.906444] ? __pfx_lock_release+0x10/0x10 [ 81.906831] ? __pfx_lock_acquire+0x10/0x10 [ 81.907199] ? write_comp_data+0x2f/0x90 [ 81.907541] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.907940] ? write_comp_data+0x2f/0x90 [ 81.908279] iommufd_fops_ioctl+0x37d/0x510 [ 81.908632] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.909029] ? write_comp_data+0x2f/0x90 [ 81.909367] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.909765] __x64_sys_ioctl+0x1a3/0x230 [ 81.910107] do_syscall_64+0x3b/0x90 [ 81.910415] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.910862] RIP: 0033:0x7f4b8743ee5d [ 81.911180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.912646] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.913261] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.913836] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.914408] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.915006] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.915594] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.916184] [ 81.916373] irq event stamp: 0 [ 81.916629] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.917136] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.917809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.918475] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.919005] ---[ end trace 0000000000000000 ]--- [ 81.921776] ------------[ cut here ]------------ [ 81.922170] WARNING: CPU: 1 PID: 693 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.922989] Modules linked in: [ 81.923267] CPU: 1 PID: 693 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.923952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.924842] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.925237] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.926688] RSP: 0018:ffff88800e857bd0 EFLAGS: 00010246 [ 81.927116] RAX: 0000000000000000 RBX: ffff8880208cf0a8 RCX: 0000000000000000 [ 81.927678] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 81.928239] RBP: ffff88800e857be8 R08: ffffed1004119e33 R09: ffffed1004119e33 [ 81.928800] R10: ffff8880208cf193 R11: ffffed1004119e32 R12: ffff888017ba0000 [ 81.929361] R13: ffff8880208cf1e8 R14: ffff888020a8e700 R15: 0000000000000000 [ 81.929920] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.930572] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.931033] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 81.931613] PKRU: 55555554 [ 81.931831] Call Trace: [ 81.932032] [ 81.932209] iommufd_access_destroy_object+0x65/0x170 [ 81.932610] iommufd_object_destroy_user+0x18e/0x220 [ 81.933014] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 81.933466] iommufd_access_destroy+0x43/0x70 [ 81.933825] iommufd_test_staccess_release+0x8d/0xd0 [ 81.934228] __fput+0x26d/0xa40 [ 81.934500] ____fput+0x1e/0x30 [ 81.934792] task_work_run+0x1a4/0x2d0 [ 81.935105] ? __pfx_task_work_run+0x10/0x10 [ 81.935466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.935849] ? switch_task_namespaces+0xa9/0xe0 [ 81.936218] do_exit+0xb17/0x2ef0 [ 81.936486] ? lock_acquire+0x427/0x4c0 [ 81.936806] ? __pfx_lock_release+0x10/0x10 [ 81.937144] ? __kasan_check_write+0x18/0x20 [ 81.937488] ? do_raw_spin_lock+0x132/0x2a0 [ 81.937817] ? __pfx_do_exit+0x10/0x10 [ 81.938122] ? debug_smp_processor_id+0x20/0x30 [ 81.938492] ? rcu_is_watching+0x19/0xb0 [ 81.938838] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.939198] ? trace_hardirqs_on+0x26/0x120 [ 81.939533] do_group_exit+0xe0/0x2b0 [ 81.939829] __x64_sys_exit_group+0x47/0x50 [ 81.940159] do_syscall_64+0x3b/0x90 [ 81.940454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.940870] RIP: 0033:0x7f4b87518a4d [ 81.941154] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.941615] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.942186] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.942745] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.943300] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.943831] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.944371] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.944923] [ 81.945107] irq event stamp: 0 [ 81.945351] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.945834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.946470] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.947127] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.947603] ---[ end trace 0000000000000000 ]--- [ 81.948277] ------------[ cut here ]------------ [ 81.948631] WARNING: CPU: 1 PID: 693 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 81.949400] Modules linked in: [ 81.949647] CPU: 1 PID: 693 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.950297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.951168] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 81.951561] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 81.952932] RSP: 0018:ffff88800e857b78 EFLAGS: 00010246 [ 81.953339] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 81.953881] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 81.954411] RBP: ffff88800e857b98 R08: ffffed1004119e3e R09: ffffed1004119e3e [ 81.954973] R10: ffff8880208cf1ef R11: ffffed1004119e3d R12: ffff8880208cf290 [ 81.955524] R13: ffff8880208cf0a8 R14: ffffffffffffffff R15: ffff88800e857c60 [ 81.956063] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 81.956670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.957107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 81.957643] PKRU: 55555554 [ 81.957860] Call Trace: [ 81.958053] [ 81.958224] iommufd_ioas_destroy+0x53/0x70 [ 81.958578] iommufd_fops_release+0x1f7/0x370 [ 81.958925] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.959325] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.959699] ? write_comp_data+0x2f/0x90 [ 81.960008] ? __pfx_iommufd_fops_release+0x10/0x10 [ 81.960378] __fput+0x26d/0xa40 [ 81.960635] ____fput+0x1e/0x30 [ 81.960885] task_work_run+0x1a4/0x2d0 [ 81.961180] ? __pfx_task_work_run+0x10/0x10 [ 81.961507] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.961874] ? switch_task_namespaces+0xa9/0xe0 [ 81.962226] do_exit+0xb17/0x2ef0 [ 81.962484] ? lock_acquire+0x427/0x4c0 [ 81.962809] ? __pfx_lock_release+0x10/0x10 [ 81.963141] ? __kasan_check_write+0x18/0x20 [ 81.963475] ? do_raw_spin_lock+0x132/0x2a0 [ 81.963800] ? __pfx_do_exit+0x10/0x10 [ 81.964101] ? debug_smp_processor_id+0x20/0x30 [ 81.964449] ? rcu_is_watching+0x19/0xb0 [ 81.964751] ? _raw_spin_unlock_irq+0x2b/0x60 [ 81.965090] ? trace_hardirqs_on+0x26/0x120 [ 81.965413] do_group_exit+0xe0/0x2b0 [ 81.965699] __x64_sys_exit_group+0x47/0x50 [ 81.966019] do_syscall_64+0x3b/0x90 [ 81.966304] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.966715] RIP: 0033:0x7f4b87518a4d [ 81.966992] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 81.967455] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 81.968013] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 81.968539] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 81.969060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 81.969589] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 81.970115] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 81.970673] [ 81.970853] irq event stamp: 0 [ 81.971091] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.971571] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 81.972205] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 81.972819] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 81.973282] ---[ end trace 0000000000000000 ]--- [ 81.977021] ------------[ cut here ]------------ [ 81.977412] WARNING: CPU: 0 PID: 694 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 81.978172] Modules linked in: [ 81.978414] CPU: 0 PID: 694 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 81.979149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 81.979996] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 81.980372] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 81.981738] RSP: 0018:ffff888020f97bb8 EFLAGS: 00010246 [ 81.982137] RAX: 0000000000000000 RBX: ffff88801587b0a8 RCX: 0000000000000000 [ 81.982704] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 81.983254] RBP: ffff888020f97bd0 R08: ffffed1002b0f633 R09: ffffed1002b0f633 [ 81.983788] R10: ffff88801587b193 R11: ffffed1002b0f632 R12: ffff88801892e400 [ 81.984326] R13: ffff88801587b1e8 R14: ffffffff8352e670 R15: ffff888020f97e68 [ 81.984861] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 81.985466] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.985904] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ef0 [ 81.986442] PKRU: 55555554 [ 81.986680] Call Trace: [ 81.986881] [ 81.987055] __iommufd_access_detach+0x1c2/0x2b0 [ 81.987443] iommufd_access_change_pt+0x149/0x270 [ 81.987820] iommufd_access_replace+0xb4/0x120 [ 81.988179] iommufd_test+0x3e5/0x37e0 [ 81.988476] ? lock_release+0x532/0x770 [ 81.988789] ? __might_fault+0x102/0x1b0 [ 81.989106] ? lock_acquire+0x427/0x4c0 [ 81.989417] ? __pfx_iommufd_test+0x10/0x10 [ 81.989747] ? __pfx_lock_release+0x10/0x10 [ 81.990082] ? __pfx_lock_acquire+0x10/0x10 [ 81.990423] ? write_comp_data+0x2f/0x90 [ 81.990758] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 81.991143] ? write_comp_data+0x2f/0x90 [ 81.991464] iommufd_fops_ioctl+0x37d/0x510 [ 81.991795] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.992171] ? write_comp_data+0x2f/0x90 [ 81.992489] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 81.992864] __x64_sys_ioctl+0x1a3/0x230 [ 81.993181] do_syscall_64+0x3b/0x90 [ 81.993471] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 81.993877] RIP: 0033:0x7f4b8743ee5d [ 81.994162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 81.995555] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 81.996131] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 81.996657] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 81.997183] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 81.997710] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 81.998235] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 81.998784] [ 81.998961] irq event stamp: 0 [ 81.999204] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 81.999678] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.000297] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.000914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.001379] ---[ end trace 0000000000000000 ]--- [ 82.004016] ------------[ cut here ]------------ [ 82.004393] WARNING: CPU: 0 PID: 694 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.005139] Modules linked in: [ 82.005377] CPU: 0 PID: 694 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.006013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.006854] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.007234] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.008586] RSP: 0018:ffff888020f97bd0 EFLAGS: 00010246 [ 82.008980] RAX: 0000000000000000 RBX: ffff88801587b0a8 RCX: 0000000000000000 [ 82.009510] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 82.010032] RBP: ffff888020f97be8 R08: ffffed1002b0f633 R09: ffffed1002b0f633 [ 82.010574] R10: ffff88801587b193 R11: ffffed1002b0f632 R12: ffff88800ae90800 [ 82.011100] R13: ffff88801587b1e8 R14: ffff888010aaab00 R15: 0000000000000000 [ 82.011635] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.012230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.012657] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.013184] PKRU: 55555554 [ 82.013396] Call Trace: [ 82.013586] [ 82.013755] iommufd_access_destroy_object+0x65/0x170 [ 82.014142] iommufd_object_destroy_user+0x18e/0x220 [ 82.014539] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.014973] iommufd_access_destroy+0x43/0x70 [ 82.015322] iommufd_test_staccess_release+0x8d/0xd0 [ 82.015706] __fput+0x26d/0xa40 [ 82.015970] ____fput+0x1e/0x30 [ 82.016225] task_work_run+0x1a4/0x2d0 [ 82.016523] ? __pfx_task_work_run+0x10/0x10 [ 82.016857] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.017229] ? switch_task_namespaces+0xa9/0xe0 [ 82.017591] do_exit+0xb17/0x2ef0 [ 82.017851] ? lock_acquire+0x427/0x4c0 [ 82.018156] ? __pfx_lock_release+0x10/0x10 [ 82.018485] ? __kasan_check_write+0x18/0x20 [ 82.018841] ? do_raw_spin_lock+0x132/0x2a0 [ 82.019172] ? __pfx_do_exit+0x10/0x10 [ 82.019474] ? debug_smp_processor_id+0x20/0x30 [ 82.019830] ? rcu_is_watching+0x19/0xb0 [ 82.020139] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.020483] ? trace_hardirqs_on+0x26/0x120 [ 82.020813] do_group_exit+0xe0/0x2b0 [ 82.021098] __x64_sys_exit_group+0x47/0x50 [ 82.021419] do_syscall_64+0x3b/0x90 [ 82.021706] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.022100] RIP: 0033:0x7f4b87518a4d [ 82.022376] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.022849] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.023421] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.023952] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.024477] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.025005] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.025529] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.026060] [ 82.026235] irq event stamp: 0 [ 82.026470] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.026955] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.027583] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.028199] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.028663] ---[ end trace 0000000000000000 ]--- [ 82.029421] ------------[ cut here ]------------ [ 82.029775] WARNING: CPU: 0 PID: 694 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.030545] Modules linked in: [ 82.030793] CPU: 0 PID: 694 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.031448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.032283] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.032669] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.034021] RSP: 0018:ffff888020f97b78 EFLAGS: 00010246 [ 82.034423] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.035009] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 82.035752] RBP: ffff888020f97b98 R08: ffffed1002b0f63e R09: ffffed1002b0f63e [ 82.036456] R10: ffff88801587b1ef R11: ffffed1002b0f63d R12: ffff88801587b290 [ 82.036985] R13: ffff88801587b0a8 R14: ffffffffffffffff R15: ffff888020f97c60 [ 82.037508] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.038097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.038553] CR2: 00007f4b875fca50 CR3: 0000000014000000 CR4: 0000000000750ef0 [ 82.039082] PKRU: 55555554 [ 82.039307] Call Trace: [ 82.039497] [ 82.039667] iommufd_ioas_destroy+0x53/0x70 [ 82.039998] iommufd_fops_release+0x1f7/0x370 [ 82.040338] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.040712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.041080] ? write_comp_data+0x2f/0x90 [ 82.041391] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.041764] __fput+0x26d/0xa40 [ 82.042027] ____fput+0x1e/0x30 [ 82.042283] task_work_run+0x1a4/0x2d0 [ 82.042596] ? __pfx_task_work_run+0x10/0x10 [ 82.042933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.043310] ? switch_task_namespaces+0xa9/0xe0 [ 82.043669] do_exit+0xb17/0x2ef0 [ 82.043929] ? lock_acquire+0x427/0x4c0 [ 82.044241] ? __pfx_lock_release+0x10/0x10 [ 82.044570] ? __kasan_check_write+0x18/0x20 [ 82.044905] ? do_raw_spin_lock+0x132/0x2a0 [ 82.045231] ? __pfx_do_exit+0x10/0x10 [ 82.045530] ? debug_smp_processor_id+0x20/0x30 [ 82.045886] ? rcu_is_watching+0x19/0xb0 [ 82.046191] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.046547] ? trace_hardirqs_on+0x26/0x120 [ 82.046877] do_group_exit+0xe0/0x2b0 [ 82.047173] __x64_sys_exit_group+0x47/0x50 [ 82.047499] do_syscall_64+0x3b/0x90 [ 82.047788] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.048179] RIP: 0033:0x7f4b87518a4d [ 82.048456] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.048912] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.049473] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.050000] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.050546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.051075] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.051608] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.052140] [ 82.052314] irq event stamp: 0 [ 82.052552] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.053018] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.053640] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.054259] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.054741] ---[ end trace 0000000000000000 ]--- [ 82.058883] ------------[ cut here ]------------ [ 82.059264] WARNING: CPU: 0 PID: 695 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.060153] Modules linked in: [ 82.060403] CPU: 0 PID: 695 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.061147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.062101] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.062526] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.063961] RSP: 0018:ffff888023f47bb8 EFLAGS: 00010246 [ 82.064485] RAX: 0000000000000000 RBX: ffff888012c540a8 RCX: 0000000000000000 [ 82.065013] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 82.065673] RBP: ffff888023f47bd0 R08: ffffed100258a833 R09: ffffed100258a833 [ 82.066253] R10: ffff888012c54193 R11: ffffed100258a832 R12: ffff888021bac400 [ 82.066865] R13: ffff888012c541e8 R14: ffffffff8352e670 R15: ffff888023f47e68 [ 82.067404] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.068134] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.068634] CR2: 00007f4b877410e8 CR3: 0000000013e00000 CR4: 0000000000750ef0 [ 82.069243] PKRU: 55555554 [ 82.069511] Call Trace: [ 82.069773] [ 82.069942] __iommufd_access_detach+0x1c2/0x2b0 [ 82.070308] iommufd_access_change_pt+0x149/0x270 [ 82.070827] iommufd_access_replace+0xb4/0x120 [ 82.071189] iommufd_test+0x3e5/0x37e0 [ 82.071482] ? lock_release+0x532/0x770 [ 82.071849] ? __might_fault+0x102/0x1b0 [ 82.072244] ? lock_acquire+0x427/0x4c0 [ 82.072553] ? __pfx_iommufd_test+0x10/0x10 [ 82.073019] ? __pfx_lock_release+0x10/0x10 [ 82.073349] ? __pfx_lock_acquire+0x10/0x10 [ 82.073712] ? write_comp_data+0x2f/0x90 [ 82.074106] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.074475] ? write_comp_data+0x2f/0x90 [ 82.074860] iommufd_fops_ioctl+0x37d/0x510 [ 82.075276] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.075649] ? write_comp_data+0x2f/0x90 [ 82.075971] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.076410] __x64_sys_ioctl+0x1a3/0x230 [ 82.076820] do_syscall_64+0x3b/0x90 [ 82.077131] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.077656] RIP: 0033:0x7f4b8743ee5d [ 82.077944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.079507] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.080148] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.080756] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.081429] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.081991] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.082657] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.083217] [ 82.083431] irq event stamp: 0 [ 82.083771] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.084252] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.085030] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.085800] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.086278] ---[ end trace 0000000000000000 ]--- [ 82.089338] ------------[ cut here ]------------ [ 82.089737] WARNING: CPU: 0 PID: 695 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.090614] Modules linked in: [ 82.090860] CPU: 0 PID: 695 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.091521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.092368] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.092748] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.094114] RSP: 0018:ffff888023f47bd0 EFLAGS: 00010246 [ 82.094537] RAX: 0000000000000000 RBX: ffff888012c540a8 RCX: 0000000000000000 [ 82.095079] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 82.095622] RBP: ffff888023f47be8 R08: ffffed100258a833 R09: ffffed100258a833 [ 82.096156] R10: ffff888012c54193 R11: ffffed100258a832 R12: ffff88801892c800 [ 82.096685] R13: ffff888012c541e8 R14: ffff888016e16d00 R15: 0000000000000000 [ 82.097213] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.097812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.098244] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 82.098795] PKRU: 55555554 [ 82.099013] Call Trace: [ 82.099213] [ 82.099387] iommufd_access_destroy_object+0x65/0x170 [ 82.099781] iommufd_object_destroy_user+0x18e/0x220 [ 82.100168] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.100611] iommufd_access_destroy+0x43/0x70 [ 82.100961] iommufd_test_staccess_release+0x8d/0xd0 [ 82.101349] __fput+0x26d/0xa40 [ 82.101613] ____fput+0x1e/0x30 [ 82.101875] task_work_run+0x1a4/0x2d0 [ 82.102178] ? __pfx_task_work_run+0x10/0x10 [ 82.102531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.102910] ? switch_task_namespaces+0xa9/0xe0 [ 82.103283] do_exit+0xb17/0x2ef0 [ 82.103548] ? lock_acquire+0x427/0x4c0 [ 82.103856] ? __pfx_lock_release+0x10/0x10 [ 82.104186] ? __kasan_check_write+0x18/0x20 [ 82.104521] ? do_raw_spin_lock+0x132/0x2a0 [ 82.104848] ? __pfx_do_exit+0x10/0x10 [ 82.105151] ? debug_smp_processor_id+0x20/0x30 [ 82.105504] ? rcu_is_watching+0x19/0xb0 [ 82.105815] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.106166] ? trace_hardirqs_on+0x26/0x120 [ 82.106496] do_group_exit+0xe0/0x2b0 [ 82.106809] __x64_sys_exit_group+0x47/0x50 [ 82.107140] do_syscall_64+0x3b/0x90 [ 82.107430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.107826] RIP: 0033:0x7f4b87518a4d [ 82.108104] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.108561] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.109134] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.109668] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.110200] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.110750] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.111305] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.111849] [ 82.112026] irq event stamp: 0 [ 82.112264] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.112735] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.113361] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.113982] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.114453] ---[ end trace 0000000000000000 ]--- [ 82.115218] ------------[ cut here ]------------ [ 82.115659] WARNING: CPU: 0 PID: 695 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.116549] Modules linked in: [ 82.116860] CPU: 0 PID: 695 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.117585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.118595] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.118988] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.120520] RSP: 0018:ffff888023f47b78 EFLAGS: 00010246 [ 82.121067] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.121601] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 82.122267] RBP: ffff888023f47b98 R08: ffffed100258a83e R09: ffffed100258a83e [ 82.123029] R10: ffff888012c541ef R11: ffffed100258a83d R12: ffff888012c54290 [ 82.123604] R13: ffff888012c540a8 R14: ffffffffffffffff R15: ffff888023f47c60 [ 82.124256] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.124997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.125436] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 82.126124] PKRU: 55555554 [ 82.126340] Call Trace: [ 82.126554] [ 82.126736] iommufd_ioas_destroy+0x53/0x70 [ 82.127087] iommufd_fops_release+0x1f7/0x370 [ 82.127560] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.127943] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.128379] ? write_comp_data+0x2f/0x90 [ 82.128772] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.129154] __fput+0x26d/0xa40 [ 82.129425] ____fput+0x1e/0x30 [ 82.129763] task_work_run+0x1a4/0x2d0 [ 82.130193] ? __pfx_task_work_run+0x10/0x10 [ 82.130568] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.130965] ? switch_task_namespaces+0xa9/0xe0 [ 82.131381] do_exit+0xb17/0x2ef0 [ 82.131798] ? lock_acquire+0x427/0x4c0 [ 82.132119] ? __pfx_lock_release+0x10/0x10 [ 82.132461] ? __kasan_check_write+0x18/0x20 [ 82.132957] ? do_raw_spin_lock+0x132/0x2a0 [ 82.133298] ? __pfx_do_exit+0x10/0x10 [ 82.133641] ? debug_smp_processor_id+0x20/0x30 [ 82.134113] ? rcu_is_watching+0x19/0xb0 [ 82.134433] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.134928] ? trace_hardirqs_on+0x26/0x120 [ 82.135283] do_group_exit+0xe0/0x2b0 [ 82.135582] __x64_sys_exit_group+0x47/0x50 [ 82.135922] do_syscall_64+0x3b/0x90 [ 82.136235] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.136771] RIP: 0033:0x7f4b87518a4d [ 82.137067] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.137542] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.138121] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.138690] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.139250] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.139800] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.140343] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.140896] [ 82.141076] irq event stamp: 0 [ 82.141318] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.141802] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.142446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.143100] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.143593] ---[ end trace 0000000000000000 ]--- [ 82.147973] ------------[ cut here ]------------ [ 82.148364] WARNING: CPU: 0 PID: 696 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.149129] Modules linked in: [ 82.149374] CPU: 0 PID: 696 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.150033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.150920] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.151306] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.152688] RSP: 0018:ffff888015f4fbb8 EFLAGS: 00010246 [ 82.153094] RAX: 0000000000000000 RBX: ffff88800f63d0a8 RCX: 0000000000000000 [ 82.153632] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 82.154169] RBP: ffff888015f4fbd0 R08: ffffed1001ec7a33 R09: ffffed1001ec7a33 [ 82.154721] R10: ffff88800f63d193 R11: ffffed1001ec7a32 R12: ffff88800fcb2000 [ 82.155272] R13: ffff88800f63d1e8 R14: ffffffff8352e670 R15: ffff888015f4fe68 [ 82.155813] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.156424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.156867] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ef0 [ 82.157412] PKRU: 55555554 [ 82.157628] Call Trace: [ 82.157823] [ 82.157996] __iommufd_access_detach+0x1c2/0x2b0 [ 82.158372] iommufd_access_change_pt+0x149/0x270 [ 82.158765] iommufd_access_replace+0xb4/0x120 [ 82.159130] iommufd_test+0x3e5/0x37e0 [ 82.159431] ? lock_release+0x532/0x770 [ 82.159746] ? __might_fault+0x102/0x1b0 [ 82.160067] ? lock_acquire+0x427/0x4c0 [ 82.160381] ? __pfx_iommufd_test+0x10/0x10 [ 82.160714] ? __pfx_lock_release+0x10/0x10 [ 82.161051] ? __pfx_lock_acquire+0x10/0x10 [ 82.161390] ? write_comp_data+0x2f/0x90 [ 82.161712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.162088] ? write_comp_data+0x2f/0x90 [ 82.162408] iommufd_fops_ioctl+0x37d/0x510 [ 82.162755] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.163141] ? write_comp_data+0x2f/0x90 [ 82.163463] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.163839] __x64_sys_ioctl+0x1a3/0x230 [ 82.164166] do_syscall_64+0x3b/0x90 [ 82.164462] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.164869] RIP: 0033:0x7f4b8743ee5d [ 82.165156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.166555] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.167139] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.167682] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.168225] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.168765] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.169306] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.169856] [ 82.170035] irq event stamp: 0 [ 82.170278] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.170775] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.171423] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.172062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.172539] ---[ end trace 0000000000000000 ]--- [ 82.175239] ------------[ cut here ]------------ [ 82.175618] WARNING: CPU: 0 PID: 696 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.176382] Modules linked in: [ 82.176629] CPU: 0 PID: 696 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.177293] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.178151] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.178555] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.179952] RSP: 0018:ffff888015f4fbd0 EFLAGS: 00010246 [ 82.180362] RAX: 0000000000000000 RBX: ffff88800f63d0a8 RCX: 0000000000000000 [ 82.180907] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 82.181451] RBP: ffff888015f4fbe8 R08: ffffed1001ec7a33 R09: ffffed1001ec7a33 [ 82.181998] R10: ffff88800f63d193 R11: ffffed1001ec7a32 R12: ffff888021bac000 [ 82.182562] R13: ffff88800f63d1e8 R14: ffff888013c90700 R15: 0000000000000000 [ 82.183096] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.183699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.184131] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.184664] PKRU: 55555554 [ 82.184878] Call Trace: [ 82.185068] [ 82.185237] iommufd_access_destroy_object+0x65/0x170 [ 82.185628] iommufd_object_destroy_user+0x18e/0x220 [ 82.186014] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.186454] iommufd_access_destroy+0x43/0x70 [ 82.186816] iommufd_test_staccess_release+0x8d/0xd0 [ 82.187210] __fput+0x26d/0xa40 [ 82.187475] ____fput+0x1e/0x30 [ 82.187735] task_work_run+0x1a4/0x2d0 [ 82.188037] ? __pfx_task_work_run+0x10/0x10 [ 82.188373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.188744] ? switch_task_namespaces+0xa9/0xe0 [ 82.189103] do_exit+0xb17/0x2ef0 [ 82.189364] ? lock_acquire+0x427/0x4c0 [ 82.189672] ? __pfx_lock_release+0x10/0x10 [ 82.190005] ? __kasan_check_write+0x18/0x20 [ 82.190339] ? do_raw_spin_lock+0x132/0x2a0 [ 82.190691] ? __pfx_do_exit+0x10/0x10 [ 82.190992] ? debug_smp_processor_id+0x20/0x30 [ 82.191352] ? rcu_is_watching+0x19/0xb0 [ 82.191662] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.192007] ? trace_hardirqs_on+0x26/0x120 [ 82.192339] do_group_exit+0xe0/0x2b0 [ 82.192631] __x64_sys_exit_group+0x47/0x50 [ 82.192951] do_syscall_64+0x3b/0x90 [ 82.193238] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.193633] RIP: 0033:0x7f4b87518a4d [ 82.193915] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.194372] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.194953] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.195490] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.196023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.196552] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.197085] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.197621] [ 82.197799] irq event stamp: 0 [ 82.198036] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.198520] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.199150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.199770] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.200237] ---[ end trace 0000000000000000 ]--- [ 82.200906] ------------[ cut here ]------------ [ 82.201262] WARNING: CPU: 0 PID: 696 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.202018] Modules linked in: [ 82.202261] CPU: 0 PID: 696 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.202924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.203773] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.204158] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.205512] RSP: 0018:ffff888015f4fb78 EFLAGS: 00010246 [ 82.205918] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.206447] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 82.206995] RBP: ffff888015f4fb98 R08: ffffed1001ec7a3e R09: ffffed1001ec7a3e [ 82.207534] R10: ffff88800f63d1ef R11: ffffed1001ec7a3d R12: ffff88800f63d290 [ 82.208066] R13: ffff88800f63d0a8 R14: ffffffffffffffff R15: ffff888015f4fc60 [ 82.208593] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.209195] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.209632] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.210164] PKRU: 55555554 [ 82.210379] Call Trace: [ 82.210589] [ 82.210765] iommufd_ioas_destroy+0x53/0x70 [ 82.211101] iommufd_fops_release+0x1f7/0x370 [ 82.211454] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.211834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.212213] ? write_comp_data+0x2f/0x90 [ 82.212527] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.212903] __fput+0x26d/0xa40 [ 82.213169] ____fput+0x1e/0x30 [ 82.213429] task_work_run+0x1a4/0x2d0 [ 82.213729] ? __pfx_task_work_run+0x10/0x10 [ 82.214065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.214439] ? switch_task_namespaces+0xa9/0xe0 [ 82.214820] do_exit+0xb17/0x2ef0 [ 82.215085] ? lock_acquire+0x427/0x4c0 [ 82.215399] ? __pfx_lock_release+0x10/0x10 [ 82.215733] ? __kasan_check_write+0x18/0x20 [ 82.216068] ? do_raw_spin_lock+0x132/0x2a0 [ 82.216396] ? __pfx_do_exit+0x10/0x10 [ 82.216697] ? debug_smp_processor_id+0x20/0x30 [ 82.217049] ? rcu_is_watching+0x19/0xb0 [ 82.217356] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.217705] ? trace_hardirqs_on+0x26/0x120 [ 82.218038] do_group_exit+0xe0/0x2b0 [ 82.218327] __x64_sys_exit_group+0x47/0x50 [ 82.218680] do_syscall_64+0x3b/0x90 [ 82.218974] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.219376] RIP: 0033:0x7f4b87518a4d [ 82.219659] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.220120] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.220689] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.221223] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.221757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.222290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.222840] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.223392] [ 82.223575] irq event stamp: 0 [ 82.223814] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.224287] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.224915] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.225541] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.226016] ---[ end trace 0000000000000000 ]--- [ 82.229709] ------------[ cut here ]------------ [ 82.230164] WARNING: CPU: 1 PID: 697 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.231302] Modules linked in: [ 82.231585] CPU: 1 PID: 697 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.232329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.233280] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.233692] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.235264] RSP: 0018:ffff888020f97bb8 EFLAGS: 00010246 [ 82.235711] RAX: 0000000000000000 RBX: ffff888020b010a8 RCX: 0000000000000000 [ 82.236302] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 82.236899] RBP: ffff888020f97bd0 R08: ffffed1004160233 R09: ffffed1004160233 [ 82.237508] R10: ffff888020b01193 R11: ffffed1004160232 R12: ffff888014582800 [ 82.238119] R13: ffff888020b011e8 R14: ffffffff8352e670 R15: ffff888020f97e68 [ 82.238734] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 82.239415] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.239903] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 82.240498] PKRU: 55555554 [ 82.240740] Call Trace: [ 82.240958] [ 82.241154] __iommufd_access_detach+0x1c2/0x2b0 [ 82.241572] iommufd_access_change_pt+0x149/0x270 [ 82.241995] iommufd_access_replace+0xb4/0x120 [ 82.242398] iommufd_test+0x3e5/0x37e0 [ 82.242750] ? lock_release+0x532/0x770 [ 82.243098] ? __might_fault+0x102/0x1b0 [ 82.243459] ? lock_acquire+0x427/0x4c0 [ 82.243802] ? __pfx_iommufd_test+0x10/0x10 [ 82.244163] ? __pfx_lock_release+0x10/0x10 [ 82.244535] ? __pfx_lock_acquire+0x10/0x10 [ 82.244911] ? write_comp_data+0x2f/0x90 [ 82.245266] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.245679] ? write_comp_data+0x2f/0x90 [ 82.246033] iommufd_fops_ioctl+0x37d/0x510 [ 82.246404] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.246840] ? write_comp_data+0x2f/0x90 [ 82.247202] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.247611] __x64_sys_ioctl+0x1a3/0x230 [ 82.247962] do_syscall_64+0x3b/0x90 [ 82.248287] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.248732] RIP: 0033:0x7f4b8743ee5d [ 82.249048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.250596] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.251246] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.251842] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.252433] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.253025] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.253618] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.254219] [ 82.254417] irq event stamp: 0 [ 82.254707] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.255252] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.255953] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.256660] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.257190] ---[ end trace 0000000000000000 ]--- [ 82.260346] ------------[ cut here ]------------ [ 82.260737] WARNING: CPU: 0 PID: 697 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.261482] Modules linked in: [ 82.261721] CPU: 0 PID: 697 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.262357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.263319] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.263689] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.265035] RSP: 0018:ffff888020f97bd0 EFLAGS: 00010246 [ 82.265430] RAX: 0000000000000000 RBX: ffff888020b010a8 RCX: 0000000000000000 [ 82.265952] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 82.266477] RBP: ffff888020f97be8 R08: ffffed1004160233 R09: ffffed1004160233 [ 82.267015] R10: ffff888020b01193 R11: ffffed1004160232 R12: ffff8880129c4000 [ 82.267557] R13: ffff888020b011e8 R14: ffff88802184bb00 R15: 0000000000000000 [ 82.268084] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.268684] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.269116] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 82.269645] PKRU: 55555554 [ 82.269855] Call Trace: [ 82.270046] [ 82.270218] iommufd_access_destroy_object+0x65/0x170 [ 82.270626] iommufd_object_destroy_user+0x18e/0x220 [ 82.271019] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.271470] iommufd_access_destroy+0x43/0x70 [ 82.271815] iommufd_test_staccess_release+0x8d/0xd0 [ 82.272203] __fput+0x26d/0xa40 [ 82.272468] ____fput+0x1e/0x30 [ 82.272730] task_work_run+0x1a4/0x2d0 [ 82.273031] ? __pfx_task_work_run+0x10/0x10 [ 82.273370] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.273741] ? switch_task_namespaces+0xa9/0xe0 [ 82.274103] do_exit+0xb17/0x2ef0 [ 82.274363] ? lock_acquire+0x427/0x4c0 [ 82.274687] ? __pfx_lock_release+0x10/0x10 [ 82.275020] ? __kasan_check_write+0x18/0x20 [ 82.275365] ? do_raw_spin_lock+0x132/0x2a0 [ 82.275693] ? __pfx_do_exit+0x10/0x10 [ 82.275993] ? debug_smp_processor_id+0x20/0x30 [ 82.276344] ? rcu_is_watching+0x19/0xb0 [ 82.276652] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.276999] ? trace_hardirqs_on+0x26/0x120 [ 82.277328] do_group_exit+0xe0/0x2b0 [ 82.277618] __x64_sys_exit_group+0x47/0x50 [ 82.277943] do_syscall_64+0x3b/0x90 [ 82.278231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.278650] RIP: 0033:0x7f4b87518a4d [ 82.278933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.279399] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.279966] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.280492] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.281019] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.281547] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.282074] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.282630] [ 82.282812] irq event stamp: 0 [ 82.283056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.283536] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.284165] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.284793] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.285263] ---[ end trace 0000000000000000 ]--- [ 82.285943] ------------[ cut here ]------------ [ 82.286301] WARNING: CPU: 0 PID: 697 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.287069] Modules linked in: [ 82.287325] CPU: 0 PID: 697 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.287973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.288807] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.289194] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.290561] RSP: 0018:ffff888020f97b78 EFLAGS: 00010246 [ 82.290960] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.291493] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 82.292019] RBP: ffff888020f97b98 R08: ffffed100416023e R09: ffffed100416023e [ 82.292545] R10: ffff888020b011ef R11: ffffed100416023d R12: ffff888020b01290 [ 82.293074] R13: ffff888020b010a8 R14: ffffffffffffffff R15: ffff888020f97c60 [ 82.293600] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.294195] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.294650] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 82.295195] PKRU: 55555554 [ 82.295407] Call Trace: [ 82.295598] [ 82.295768] iommufd_ioas_destroy+0x53/0x70 [ 82.296096] iommufd_fops_release+0x1f7/0x370 [ 82.296436] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.296811] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.297182] ? write_comp_data+0x2f/0x90 [ 82.297494] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.297869] __fput+0x26d/0xa40 [ 82.298130] ____fput+0x1e/0x30 [ 82.298383] task_work_run+0x1a4/0x2d0 [ 82.298697] ? __pfx_task_work_run+0x10/0x10 [ 82.299033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.299411] ? switch_task_namespaces+0xa9/0xe0 [ 82.299770] do_exit+0xb17/0x2ef0 [ 82.300028] ? lock_acquire+0x427/0x4c0 [ 82.300334] ? __pfx_lock_release+0x10/0x10 [ 82.300660] ? __kasan_check_write+0x18/0x20 [ 82.300999] ? do_raw_spin_lock+0x132/0x2a0 [ 82.301330] ? __pfx_do_exit+0x10/0x10 [ 82.301634] ? debug_smp_processor_id+0x20/0x30 [ 82.301991] ? rcu_is_watching+0x19/0xb0 [ 82.302306] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.302672] ? trace_hardirqs_on+0x26/0x120 [ 82.303008] do_group_exit+0xe0/0x2b0 [ 82.303305] __x64_sys_exit_group+0x47/0x50 [ 82.303625] do_syscall_64+0x3b/0x90 [ 82.303912] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.304304] RIP: 0033:0x7f4b87518a4d [ 82.304584] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.305047] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.305619] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.306156] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.306710] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.307258] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.307795] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.308338] [ 82.308518] irq event stamp: 0 [ 82.308760] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.309236] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.309871] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.310501] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.310997] ---[ end trace 0000000000000000 ]--- [ 82.315238] ------------[ cut here ]------------ [ 82.315634] WARNING: CPU: 0 PID: 698 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.316393] Modules linked in: [ 82.316636] CPU: 0 PID: 698 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.317287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.318131] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.318559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.319937] RSP: 0018:ffff888015fafbb8 EFLAGS: 00010246 [ 82.320337] RAX: 0000000000000000 RBX: ffff8880184fd0a8 RCX: 0000000000000000 [ 82.320871] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 82.321407] RBP: ffff888015fafbd0 R08: ffffed100309fa33 R09: ffffed100309fa33 [ 82.321945] R10: ffff8880184fd193 R11: ffffed100309fa32 R12: ffff8880189e0800 [ 82.322485] R13: ffff8880184fd1e8 R14: ffffffff8352e670 R15: ffff888015fafe68 [ 82.323047] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.323670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.324110] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ef0 [ 82.324652] PKRU: 55555554 [ 82.324866] Call Trace: [ 82.325061] [ 82.325233] __iommufd_access_detach+0x1c2/0x2b0 [ 82.325609] iommufd_access_change_pt+0x149/0x270 [ 82.325985] iommufd_access_replace+0xb4/0x120 [ 82.326342] iommufd_test+0x3e5/0x37e0 [ 82.326653] ? lock_release+0x532/0x770 [ 82.326971] ? __might_fault+0x102/0x1b0 [ 82.327299] ? lock_acquire+0x427/0x4c0 [ 82.327614] ? __pfx_iommufd_test+0x10/0x10 [ 82.327946] ? __pfx_lock_release+0x10/0x10 [ 82.328286] ? __pfx_lock_acquire+0x10/0x10 [ 82.328623] ? write_comp_data+0x2f/0x90 [ 82.328942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.329318] ? write_comp_data+0x2f/0x90 [ 82.329640] iommufd_fops_ioctl+0x37d/0x510 [ 82.329976] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.330351] ? write_comp_data+0x2f/0x90 [ 82.330687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.331059] __x64_sys_ioctl+0x1a3/0x230 [ 82.331389] do_syscall_64+0x3b/0x90 [ 82.331685] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.332085] RIP: 0033:0x7f4b8743ee5d [ 82.332371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.333746] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.334321] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.334875] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.335425] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.335979] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.336521] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.337071] [ 82.337253] irq event stamp: 0 [ 82.337493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.337972] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.338633] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.339279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.339767] ---[ end trace 0000000000000000 ]--- [ 82.342748] ------------[ cut here ]------------ [ 82.343160] WARNING: CPU: 0 PID: 698 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.344048] Modules linked in: [ 82.344300] CPU: 0 PID: 698 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.345117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.346132] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.346537] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.348120] RSP: 0018:ffff888015fafbd0 EFLAGS: 00010246 [ 82.348536] RAX: 0000000000000000 RBX: ffff8880184fd0a8 RCX: 0000000000000000 [ 82.349151] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 82.349783] RBP: ffff888015fafbe8 R08: ffffed100309fa33 R09: ffffed100309fa33 [ 82.350366] R10: ffff8880184fd193 R11: ffffed100309fa32 R12: ffff88800fcb3800 [ 82.351043] R13: ffff8880184fd1e8 R14: ffff888020985300 R15: 0000000000000000 [ 82.351603] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.352376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.352826] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.353448] PKRU: 55555554 [ 82.353740] Call Trace: [ 82.353943] [ 82.354120] iommufd_access_destroy_object+0x65/0x170 [ 82.354547] iommufd_object_destroy_user+0x18e/0x220 [ 82.354951] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.355569] iommufd_access_destroy+0x43/0x70 [ 82.355931] iommufd_test_staccess_release+0x8d/0xd0 [ 82.356336] __fput+0x26d/0xa40 [ 82.356660] ____fput+0x1e/0x30 [ 82.357010] task_work_run+0x1a4/0x2d0 [ 82.357327] ? __pfx_task_work_run+0x10/0x10 [ 82.357704] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.358193] ? switch_task_namespaces+0xa9/0xe0 [ 82.358586] do_exit+0xb17/0x2ef0 [ 82.358860] ? lock_acquire+0x427/0x4c0 [ 82.359193] ? __pfx_lock_release+0x10/0x10 [ 82.359610] ? __kasan_check_write+0x18/0x20 [ 82.360049] ? do_raw_spin_lock+0x132/0x2a0 [ 82.360391] ? __pfx_do_exit+0x10/0x10 [ 82.360702] ? debug_smp_processor_id+0x20/0x30 [ 82.361141] ? rcu_is_watching+0x19/0xb0 [ 82.361528] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.361892] ? trace_hardirqs_on+0x26/0x120 [ 82.362303] do_group_exit+0xe0/0x2b0 [ 82.362689] __x64_sys_exit_group+0x47/0x50 [ 82.363028] do_syscall_64+0x3b/0x90 [ 82.363319] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.363732] RIP: 0033:0x7f4b87518a4d [ 82.364094] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.364674] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.365419] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.366003] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.366676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.367279] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.367924] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.368549] [ 82.368794] irq event stamp: 0 [ 82.369046] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.369599] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.370331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.371149] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.371642] ---[ end trace 0000000000000000 ]--- [ 82.372485] ------------[ cut here ]------------ [ 82.372857] WARNING: CPU: 0 PID: 698 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.373797] Modules linked in: [ 82.374120] CPU: 0 PID: 698 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.374887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.375938] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.376418] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.377975] RSP: 0018:ffff888015fafb78 EFLAGS: 00010246 [ 82.378583] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.379244] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 82.379918] RBP: ffff888015fafb98 R08: ffffed100309fa3e R09: ffffed100309fa3e [ 82.380542] R10: ffff8880184fd1ef R11: ffffed100309fa3d R12: ffff8880184fd290 [ 82.381115] R13: ffff8880184fd0a8 R14: ffffffffffffffff R15: ffff888015fafc60 [ 82.381685] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.382330] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.382821] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.383405] PKRU: 55555554 [ 82.383634] Call Trace: [ 82.383841] [ 82.384026] iommufd_ioas_destroy+0x53/0x70 [ 82.384384] iommufd_fops_release+0x1f7/0x370 [ 82.384758] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.385166] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.385566] ? write_comp_data+0x2f/0x90 [ 82.385904] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.386309] __fput+0x26d/0xa40 [ 82.386608] ____fput+0x1e/0x30 [ 82.386889] task_work_run+0x1a4/0x2d0 [ 82.387222] ? __pfx_task_work_run+0x10/0x10 [ 82.387590] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.387988] ? switch_task_namespaces+0xa9/0xe0 [ 82.388374] do_exit+0xb17/0x2ef0 [ 82.388664] ? lock_acquire+0x427/0x4c0 [ 82.388998] ? __pfx_lock_release+0x10/0x10 [ 82.389352] ? __kasan_check_write+0x18/0x20 [ 82.389715] ? do_raw_spin_lock+0x132/0x2a0 [ 82.390065] ? __pfx_do_exit+0x10/0x10 [ 82.390387] ? debug_smp_processor_id+0x20/0x30 [ 82.390794] ? rcu_is_watching+0x19/0xb0 [ 82.391137] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.391517] ? trace_hardirqs_on+0x26/0x120 [ 82.391875] do_group_exit+0xe0/0x2b0 [ 82.392188] __x64_sys_exit_group+0x47/0x50 [ 82.392539] do_syscall_64+0x3b/0x90 [ 82.392855] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.393286] RIP: 0033:0x7f4b87518a4d [ 82.393590] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.394085] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.394719] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.395304] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.395869] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.396437] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.397018] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.397585] [ 82.397783] irq event stamp: 0 [ 82.398040] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.398588] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.399267] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.400082] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.400592] ---[ end trace 0000000000000000 ]--- [ 82.404995] ------------[ cut here ]------------ [ 82.405503] WARNING: CPU: 0 PID: 699 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.406477] Modules linked in: [ 82.406936] CPU: 0 PID: 699 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.407687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.408735] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.409308] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.410979] RSP: 0018:ffff888017b3fbb8 EFLAGS: 00010246 [ 82.411498] RAX: 0000000000000000 RBX: ffff888020add0a8 RCX: 0000000000000000 [ 82.412186] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 82.412925] RBP: ffff888017b3fbd0 R08: ffffed100415ba33 R09: ffffed100415ba33 [ 82.413501] R10: ffff888020add193 R11: ffffed100415ba32 R12: ffff888012eae800 [ 82.414254] R13: ffff888020add1e8 R14: ffffffff8352e670 R15: ffff888017b3fe68 [ 82.414918] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.415696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.416187] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ef0 [ 82.416968] PKRU: 55555554 [ 82.417204] Call Trace: [ 82.417414] [ 82.417666] __iommufd_access_detach+0x1c2/0x2b0 [ 82.418167] iommufd_access_change_pt+0x149/0x270 [ 82.418619] iommufd_access_replace+0xb4/0x120 [ 82.419115] iommufd_test+0x3e5/0x37e0 [ 82.419442] ? lock_release+0x532/0x770 [ 82.419779] ? __might_fault+0x102/0x1b0 [ 82.420186] ? lock_acquire+0x427/0x4c0 [ 82.420632] ? __pfx_iommufd_test+0x10/0x10 [ 82.420990] ? __pfx_lock_release+0x10/0x10 [ 82.421423] ? __pfx_lock_acquire+0x10/0x10 [ 82.421871] ? write_comp_data+0x2f/0x90 [ 82.422237] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.422807] ? write_comp_data+0x2f/0x90 [ 82.423172] iommufd_fops_ioctl+0x37d/0x510 [ 82.423536] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.424044] ? write_comp_data+0x2f/0x90 [ 82.424535] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.424955] __x64_sys_ioctl+0x1a3/0x230 [ 82.425481] do_syscall_64+0x3b/0x90 [ 82.425815] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.426331] RIP: 0033:0x7f4b8743ee5d [ 82.426778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.428562] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.429419] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.430054] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.430880] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.431540] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.432312] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.433126] [ 82.433335] irq event stamp: 0 [ 82.433610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.434360] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.435144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.436018] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.436590] ---[ end trace 0000000000000000 ]--- [ 82.439691] ------------[ cut here ]------------ [ 82.440127] WARNING: CPU: 0 PID: 699 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.440995] Modules linked in: [ 82.441271] CPU: 0 PID: 699 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.442012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.442997] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.443436] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.445007] RSP: 0018:ffff888017b3fbd0 EFLAGS: 00010246 [ 82.445474] RAX: 0000000000000000 RBX: ffff888020add0a8 RCX: 0000000000000000 [ 82.446094] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 82.446726] RBP: ffff888017b3fbe8 R08: ffffed100415ba33 R09: ffffed100415ba33 [ 82.447352] R10: ffff888020add193 R11: ffffed100415ba32 R12: ffff8880189e2c00 [ 82.447970] R13: ffff888020add1e8 R14: ffff888014058f00 R15: 0000000000000000 [ 82.448587] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.449284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.449786] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.450404] PKRU: 55555554 [ 82.450672] Call Trace: [ 82.450897] [ 82.451117] iommufd_access_destroy_object+0x65/0x170 [ 82.451586] iommufd_object_destroy_user+0x18e/0x220 [ 82.452037] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.452553] iommufd_access_destroy+0x43/0x70 [ 82.452961] iommufd_test_staccess_release+0x8d/0xd0 [ 82.453416] __fput+0x26d/0xa40 [ 82.453728] ____fput+0x1e/0x30 [ 82.454026] task_work_run+0x1a4/0x2d0 [ 82.454382] ? __pfx_task_work_run+0x10/0x10 [ 82.454802] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.455264] ? switch_task_namespaces+0xa9/0xe0 [ 82.455694] do_exit+0xb17/0x2ef0 [ 82.456000] ? lock_acquire+0x427/0x4c0 [ 82.456360] ? __pfx_lock_release+0x10/0x10 [ 82.456746] ? __kasan_check_write+0x18/0x20 [ 82.457138] ? do_raw_spin_lock+0x132/0x2a0 [ 82.457523] ? __pfx_do_exit+0x10/0x10 [ 82.457878] ? debug_smp_processor_id+0x20/0x30 [ 82.458292] ? rcu_is_watching+0x19/0xb0 [ 82.458690] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.459121] ? trace_hardirqs_on+0x26/0x120 [ 82.459515] do_group_exit+0xe0/0x2b0 [ 82.459853] __x64_sys_exit_group+0x47/0x50 [ 82.460241] do_syscall_64+0x3b/0x90 [ 82.460576] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.461040] RIP: 0033:0x7f4b87518a4d [ 82.461377] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.461952] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.462673] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.463341] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.463997] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.464658] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.465320] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.465990] [ 82.466212] irq event stamp: 0 [ 82.466533] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.467144] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.467928] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.468706] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.469287] ---[ end trace 0000000000000000 ]--- [ 82.470077] ------------[ cut here ]------------ [ 82.470552] WARNING: CPU: 0 PID: 699 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.471502] Modules linked in: [ 82.471805] CPU: 0 PID: 699 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.472597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.473636] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.474117] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.475837] RSP: 0018:ffff888017b3fb78 EFLAGS: 00010246 [ 82.476337] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.476986] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 82.477640] RBP: ffff888017b3fb98 R08: ffffed100415ba3e R09: ffffed100415ba3e [ 82.478299] R10: ffff888020add1ef R11: ffffed100415ba3d R12: ffff888020add290 [ 82.478974] R13: ffff888020add0a8 R14: ffffffffffffffff R15: ffff888017b3fc60 [ 82.479644] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.480387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.480926] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.481588] PKRU: 55555554 [ 82.481857] Call Trace: [ 82.482105] [ 82.482323] iommufd_ioas_destroy+0x53/0x70 [ 82.482774] iommufd_fops_release+0x1f7/0x370 [ 82.483222] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.483696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.484165] ? write_comp_data+0x2f/0x90 [ 82.484554] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.485026] __fput+0x26d/0xa40 [ 82.485346] ____fput+0x1e/0x30 [ 82.485660] task_work_run+0x1a4/0x2d0 [ 82.486038] ? __pfx_task_work_run+0x10/0x10 [ 82.486459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.486950] ? switch_task_namespaces+0xa9/0xe0 [ 82.487425] do_exit+0xb17/0x2ef0 [ 82.487757] ? lock_acquire+0x427/0x4c0 [ 82.488141] ? __pfx_lock_release+0x10/0x10 [ 82.488554] ? __kasan_check_write+0x18/0x20 [ 82.488978] ? do_raw_spin_lock+0x132/0x2a0 [ 82.489386] ? __pfx_do_exit+0x10/0x10 [ 82.489762] ? debug_smp_processor_id+0x20/0x30 [ 82.490209] ? rcu_is_watching+0x19/0xb0 [ 82.490619] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.491059] ? trace_hardirqs_on+0x26/0x120 [ 82.491497] do_group_exit+0xe0/0x2b0 [ 82.491871] __x64_sys_exit_group+0x47/0x50 [ 82.492286] do_syscall_64+0x3b/0x90 [ 82.492655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.493157] RIP: 0033:0x7f4b87518a4d [ 82.493509] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.494083] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.494825] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.495509] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.496183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.496852] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.497523] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.498198] [ 82.498422] irq event stamp: 0 [ 82.498747] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.499365] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.500158] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.500949] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.501542] ---[ end trace 0000000000000000 ]--- [ 82.506154] ------------[ cut here ]------------ [ 82.506862] WARNING: CPU: 0 PID: 700 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.507835] Modules linked in: [ 82.508143] CPU: 0 PID: 700 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.508961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.510018] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.510490] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.512481] RSP: 0018:ffff8880172afbb8 EFLAGS: 00010246 [ 82.512996] RAX: 0000000000000000 RBX: ffff8880184aa8a8 RCX: 0000000000000000 [ 82.513663] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 82.514335] RBP: ffff8880172afbd0 R08: ffffed1003095533 R09: ffffed1003095533 [ 82.515137] R10: ffff8880184aa993 R11: ffffed1003095532 R12: ffff888010c09800 [ 82.515875] R13: ffff8880184aa9e8 R14: ffffffff8352e670 R15: ffff8880172afe68 [ 82.516603] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.517429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.518023] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ef0 [ 82.518788] PKRU: 55555554 [ 82.519087] Call Trace: [ 82.519366] [ 82.519598] __iommufd_access_detach+0x1c2/0x2b0 [ 82.520113] iommufd_access_change_pt+0x149/0x270 [ 82.520616] iommufd_access_replace+0xb4/0x120 [ 82.521097] iommufd_test+0x3e5/0x37e0 [ 82.521498] ? lock_release+0x532/0x770 [ 82.521912] ? __might_fault+0x102/0x1b0 [ 82.522352] ? lock_acquire+0x427/0x4c0 [ 82.522821] ? __pfx_iommufd_test+0x10/0x10 [ 82.523288] ? __pfx_lock_release+0x10/0x10 [ 82.523744] ? __pfx_lock_acquire+0x10/0x10 [ 82.524200] ? write_comp_data+0x2f/0x90 [ 82.524636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.525143] ? write_comp_data+0x2f/0x90 [ 82.525572] iommufd_fops_ioctl+0x37d/0x510 [ 82.526025] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.526551] ? write_comp_data+0x2f/0x90 [ 82.526983] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.527504] __x64_sys_ioctl+0x1a3/0x230 [ 82.527932] do_syscall_64+0x3b/0x90 [ 82.528332] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.528876] RIP: 0033:0x7f4b8743ee5d [ 82.529266] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.531173] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.531970] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.532695] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.533435] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.534177] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.534955] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.535721] [ 82.535960] irq event stamp: 0 [ 82.536286] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.536932] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.537784] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.538668] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.539336] ---[ end trace 0000000000000000 ]--- [ 82.542474] ------------[ cut here ]------------ [ 82.543024] WARNING: CPU: 0 PID: 700 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.544060] Modules linked in: [ 82.544384] CPU: 0 PID: 700 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.545270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.546414] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.546962] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.548850] RSP: 0018:ffff8880172afbd0 EFLAGS: 00010246 [ 82.549394] RAX: 0000000000000000 RBX: ffff8880184aa8a8 RCX: 0000000000000000 [ 82.550119] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 82.550891] RBP: ffff8880172afbe8 R08: ffffed1003095533 R09: ffffed1003095533 [ 82.551647] R10: ffff8880184aa993 R11: ffffed1003095532 R12: ffff888012eafc00 [ 82.552378] R13: ffff8880184aa9e8 R14: ffff88800fa20300 R15: 0000000000000000 [ 82.553100] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.553922] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.554565] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.555329] PKRU: 55555554 [ 82.555632] Call Trace: [ 82.555902] [ 82.556136] iommufd_access_destroy_object+0x65/0x170 [ 82.556672] iommufd_object_destroy_user+0x18e/0x220 [ 82.557203] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.557826] iommufd_access_destroy+0x43/0x70 [ 82.558297] iommufd_test_staccess_release+0x8d/0xd0 [ 82.558876] __fput+0x26d/0xa40 [ 82.559244] ____fput+0x1e/0x30 [ 82.559594] task_work_run+0x1a4/0x2d0 [ 82.560011] ? __pfx_task_work_run+0x10/0x10 [ 82.560462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.560965] ? switch_task_namespaces+0xa9/0xe0 [ 82.561450] do_exit+0xb17/0x2ef0 [ 82.561809] ? lock_acquire+0x427/0x4c0 [ 82.562232] ? __pfx_lock_release+0x10/0x10 [ 82.562736] ? __kasan_check_write+0x18/0x20 [ 82.563212] ? do_raw_spin_lock+0x132/0x2a0 [ 82.563669] ? __pfx_do_exit+0x10/0x10 [ 82.564084] ? debug_smp_processor_id+0x20/0x30 [ 82.564568] ? rcu_is_watching+0x19/0xb0 [ 82.564987] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.565455] ? trace_hardirqs_on+0x26/0x120 [ 82.565899] do_group_exit+0xe0/0x2b0 [ 82.566292] __x64_sys_exit_group+0x47/0x50 [ 82.566777] do_syscall_64+0x3b/0x90 [ 82.567190] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.567732] RIP: 0033:0x7f4b87518a4d [ 82.568125] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.568752] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.569533] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.570262] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.571030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.571789] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.572514] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.573253] [ 82.573498] irq event stamp: 0 [ 82.573825] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.574479] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.575415] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.576265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.576914] ---[ end trace 0000000000000000 ]--- [ 82.577780] ------------[ cut here ]------------ [ 82.578260] WARNING: CPU: 0 PID: 700 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.579340] Modules linked in: [ 82.579679] CPU: 0 PID: 700 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.580582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.581728] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.582248] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.584136] RSP: 0018:ffff8880172afb78 EFLAGS: 00010246 [ 82.584685] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.585405] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 82.586125] RBP: ffff8880172afb98 R08: ffffed100309553e R09: ffffed100309553e [ 82.586871] R10: ffff8880184aa9ef R11: ffffed100309553d R12: ffff8880184aaa90 [ 82.587601] R13: ffff8880184aa8a8 R14: ffffffffffffffff R15: ffff8880172afc60 [ 82.588314] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.589118] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.589709] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.590429] PKRU: 55555554 [ 82.590755] Call Trace: [ 82.591015] [ 82.591262] iommufd_ioas_destroy+0x53/0x70 [ 82.591710] iommufd_fops_release+0x1f7/0x370 [ 82.592168] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.592672] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.593169] ? write_comp_data+0x2f/0x90 [ 82.593592] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.594098] __fput+0x26d/0xa40 [ 82.594449] ____fput+0x1e/0x30 [ 82.594825] task_work_run+0x1a4/0x2d0 [ 82.595250] ? __pfx_task_work_run+0x10/0x10 [ 82.595706] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.596204] ? switch_task_namespaces+0xa9/0xe0 [ 82.596690] do_exit+0xb17/0x2ef0 [ 82.597046] ? lock_acquire+0x427/0x4c0 [ 82.597455] ? __pfx_lock_release+0x10/0x10 [ 82.597896] ? __kasan_check_write+0x18/0x20 [ 82.598343] ? do_raw_spin_lock+0x132/0x2a0 [ 82.598813] ? __pfx_do_exit+0x10/0x10 [ 82.599230] ? debug_smp_processor_id+0x20/0x30 [ 82.599709] ? rcu_is_watching+0x19/0xb0 [ 82.600130] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.600605] ? trace_hardirqs_on+0x26/0x120 [ 82.601357] do_group_exit+0xe0/0x2b0 [ 82.602076] __x64_sys_exit_group+0x47/0x50 [ 82.602626] do_syscall_64+0x3b/0x90 [ 82.603153] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.603690] RIP: 0033:0x7f4b87518a4d [ 82.604129] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.604925] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.605778] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.606677] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.607428] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.608164] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.609146] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.609891] [ 82.610141] irq event stamp: 0 [ 82.610468] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.611394] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.612274] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.613140] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.614348] ---[ end trace 0000000000000000 ]--- [ 82.622177] ------------[ cut here ]------------ [ 82.623284] WARNING: CPU: 0 PID: 701 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.624577] Modules linked in: [ 82.624994] CPU: 0 PID: 701 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.626093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.627583] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.628234] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.630572] RSP: 0018:ffff888017b3fbb8 EFLAGS: 00010246 [ 82.631463] RAX: 0000000000000000 RBX: ffff888023d5f0a8 RCX: 0000000000000000 [ 82.632198] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 82.632920] RBP: ffff888017b3fbd0 R08: ffffed10047abe33 R09: ffffed10047abe33 [ 82.633645] R10: ffff888023d5f193 R11: ffffed10047abe32 R12: ffff888020b32400 [ 82.634368] R13: ffff888023d5f1e8 R14: ffffffff8352e670 R15: ffff888017b3fe68 [ 82.635166] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.635996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.636589] CR2: 00007f4b877410e8 CR3: 000000001476c000 CR4: 0000000000750ef0 [ 82.637320] PKRU: 55555554 [ 82.637615] Call Trace: [ 82.637887] [ 82.638121] __iommufd_access_detach+0x1c2/0x2b0 [ 82.638655] iommufd_access_change_pt+0x149/0x270 [ 82.639178] iommufd_access_replace+0xb4/0x120 [ 82.639670] iommufd_test+0x3e5/0x37e0 [ 82.640074] ? lock_release+0x532/0x770 [ 82.640498] ? __might_fault+0x102/0x1b0 [ 82.640923] ? lock_acquire+0x427/0x4c0 [ 82.641345] ? __pfx_iommufd_test+0x10/0x10 [ 82.641794] ? __pfx_lock_release+0x10/0x10 [ 82.642252] ? __pfx_lock_acquire+0x10/0x10 [ 82.642743] ? write_comp_data+0x2f/0x90 [ 82.643192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.643700] ? write_comp_data+0x2f/0x90 [ 82.644135] iommufd_fops_ioctl+0x37d/0x510 [ 82.644583] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.645093] ? write_comp_data+0x2f/0x90 [ 82.645528] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.646030] __x64_sys_ioctl+0x1a3/0x230 [ 82.646463] do_syscall_64+0x3b/0x90 [ 82.646890] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.647452] RIP: 0033:0x7f4b8743ee5d [ 82.647840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.649719] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.650529] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.651278] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.652008] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.652742] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.653481] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.654238] [ 82.654482] irq event stamp: 0 [ 82.654836] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.655531] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.656412] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.657286] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.657940] ---[ end trace 0000000000000000 ]--- [ 82.661461] ------------[ cut here ]------------ [ 82.662302] WARNING: CPU: 0 PID: 701 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.663655] Modules linked in: [ 82.663997] CPU: 0 PID: 701 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.664921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.666551] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.667079] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.669301] RSP: 0018:ffff888017b3fbd0 EFLAGS: 00010246 [ 82.669851] RAX: 0000000000000000 RBX: ffff888023d5f0a8 RCX: 0000000000000000 [ 82.670672] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 82.671673] RBP: ffff888017b3fbe8 R08: ffffed10047abe33 R09: ffffed10047abe33 [ 82.672404] R10: ffff888023d5f193 R11: ffffed10047abe32 R12: ffff888010c09400 [ 82.673141] R13: ffff888023d5f1e8 R14: ffff88801218c300 R15: 0000000000000000 [ 82.674041] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.675471] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.676321] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.677612] PKRU: 55555554 [ 82.678377] Call Trace: [ 82.678811] [ 82.679236] iommufd_access_destroy_object+0x65/0x170 [ 82.680090] iommufd_object_destroy_user+0x18e/0x220 [ 82.680991] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.681813] iommufd_access_destroy+0x43/0x70 [ 82.682607] iommufd_test_staccess_release+0x8d/0xd0 [ 82.683546] __fput+0x26d/0xa40 [ 82.684025] ____fput+0x1e/0x30 [ 82.684587] task_work_run+0x1a4/0x2d0 [ 82.685231] ? __pfx_task_work_run+0x10/0x10 [ 82.686035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.686735] ? switch_task_namespaces+0xa9/0xe0 [ 82.687624] do_exit+0xb17/0x2ef0 [ 82.688097] ? lock_acquire+0x427/0x4c0 [ 82.688860] ? __pfx_lock_release+0x10/0x10 [ 82.689452] ? __kasan_check_write+0x18/0x20 [ 82.690283] ? do_raw_spin_lock+0x132/0x2a0 [ 82.690895] ? __pfx_do_exit+0x10/0x10 [ 82.691671] ? debug_smp_processor_id+0x20/0x30 [ 82.692302] ? rcu_is_watching+0x19/0xb0 [ 82.692880] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.693654] ? trace_hardirqs_on+0x26/0x120 [ 82.694460] do_group_exit+0xe0/0x2b0 [ 82.695012] __x64_sys_exit_group+0x47/0x50 [ 82.695699] do_syscall_64+0x3b/0x90 [ 82.696351] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.697269] RIP: 0033:0x7f4b87518a4d [ 82.697774] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.698835] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.699855] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.700781] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.701707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.702664] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.703610] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.704556] [ 82.704872] irq event stamp: 0 [ 82.705291] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.706116] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.707256] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.708347] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.709171] ---[ end trace 0000000000000000 ]--- [ 82.710596] ------------[ cut here ]------------ [ 82.711342] WARNING: CPU: 0 PID: 701 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.712420] Modules linked in: [ 82.712778] CPU: 0 PID: 701 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.713676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.714920] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.715495] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.717566] RSP: 0018:ffff888017b3fb78 EFLAGS: 00010246 [ 82.718117] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.718898] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 82.719650] RBP: ffff888017b3fb98 R08: ffffed10047abe3e R09: ffffed10047abe3e [ 82.720357] R10: ffff888023d5f1ef R11: ffffed10047abe3d R12: ffff888023d5f290 [ 82.721131] R13: ffff888023d5f0a8 R14: ffffffffffffffff R15: ffff888017b3fc60 [ 82.721862] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.722716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.723329] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.724053] PKRU: 55555554 [ 82.724342] Call Trace: [ 82.724600] [ 82.724846] iommufd_ioas_destroy+0x53/0x70 [ 82.725292] iommufd_fops_release+0x1f7/0x370 [ 82.725745] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.726266] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.726767] ? write_comp_data+0x2f/0x90 [ 82.727187] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.727661] __fput+0x26d/0xa40 [ 82.727990] ____fput+0x1e/0x30 [ 82.728310] task_work_run+0x1a4/0x2d0 [ 82.728698] ? __pfx_task_work_run+0x10/0x10 [ 82.729139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.729604] ? switch_task_namespaces+0xa9/0xe0 [ 82.730043] do_exit+0xb17/0x2ef0 [ 82.730380] ? lock_acquire+0x427/0x4c0 [ 82.730790] ? __pfx_lock_release+0x10/0x10 [ 82.731207] ? __kasan_check_write+0x18/0x20 [ 82.731647] ? do_raw_spin_lock+0x132/0x2a0 [ 82.732044] ? __pfx_do_exit+0x10/0x10 [ 82.732428] ? debug_smp_processor_id+0x20/0x30 [ 82.732879] ? rcu_is_watching+0x19/0xb0 [ 82.733254] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.733696] ? trace_hardirqs_on+0x26/0x120 [ 82.734110] do_group_exit+0xe0/0x2b0 [ 82.734465] __x64_sys_exit_group+0x47/0x50 [ 82.734915] do_syscall_64+0x3b/0x90 [ 82.735280] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.735797] RIP: 0033:0x7f4b87518a4d [ 82.736151] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.736732] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.737456] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.738160] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.738855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.739559] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.740241] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.740929] [ 82.741169] irq event stamp: 0 [ 82.741477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.742074] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.742905] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.743692] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.744248] ---[ end trace 0000000000000000 ]--- [ 82.748559] ------------[ cut here ]------------ [ 82.749140] WARNING: CPU: 0 PID: 702 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.750043] Modules linked in: [ 82.750338] CPU: 0 PID: 702 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.751398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.752426] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.752872] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.754573] RSP: 0018:ffff88800ae8fbb8 EFLAGS: 00010246 [ 82.755059] RAX: 0000000000000000 RBX: ffff8880170bd0a8 RCX: 0000000000000000 [ 82.755733] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 82.756374] RBP: ffff88800ae8fbd0 R08: ffffed1002e17a33 R09: ffffed1002e17a33 [ 82.757029] R10: ffff8880170bd193 R11: ffffed1002e17a32 R12: ffff88800efce800 [ 82.757680] R13: ffff8880170bd1e8 R14: ffffffff8352e670 R15: ffff88800ae8fe68 [ 82.758310] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.759057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.759570] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 82.760170] PKRU: 55555554 [ 82.760418] Call Trace: [ 82.760638] [ 82.760839] __iommufd_access_detach+0x1c2/0x2b0 [ 82.761245] iommufd_access_change_pt+0x149/0x270 [ 82.761674] iommufd_access_replace+0xb4/0x120 [ 82.762076] iommufd_test+0x3e5/0x37e0 [ 82.762392] ? lock_release+0x532/0x770 [ 82.762769] ? __might_fault+0x102/0x1b0 [ 82.763141] ? lock_acquire+0x427/0x4c0 [ 82.763473] ? __pfx_iommufd_test+0x10/0x10 [ 82.763858] ? __pfx_lock_release+0x10/0x10 [ 82.764238] ? __pfx_lock_acquire+0x10/0x10 [ 82.764608] ? write_comp_data+0x2f/0x90 [ 82.764996] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.765415] ? write_comp_data+0x2f/0x90 [ 82.765780] iommufd_fops_ioctl+0x37d/0x510 [ 82.766177] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.766606] ? write_comp_data+0x2f/0x90 [ 82.766970] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.767665] __x64_sys_ioctl+0x1a3/0x230 [ 82.768155] do_syscall_64+0x3b/0x90 [ 82.768597] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.769193] RIP: 0033:0x7f4b8743ee5d [ 82.769616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.771677] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.772525] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.773318] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.774110] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.774923] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.775658] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.776232] [ 82.776411] irq event stamp: 0 [ 82.776663] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.777164] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.777819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.778460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.778995] ---[ end trace 0000000000000000 ]--- [ 82.781848] ------------[ cut here ]------------ [ 82.782257] WARNING: CPU: 0 PID: 702 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.783061] Modules linked in: [ 82.783335] CPU: 0 PID: 702 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.784005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.784906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.785297] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.786746] RSP: 0018:ffff88800ae8fbd0 EFLAGS: 00010246 [ 82.787157] RAX: 0000000000000000 RBX: ffff8880170bd0a8 RCX: 0000000000000000 [ 82.787729] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 82.788276] RBP: ffff88800ae8fbe8 R08: ffffed1002e17a33 R09: ffffed1002e17a33 [ 82.788874] R10: ffff8880170bd193 R11: ffffed1002e17a32 R12: ffff888020b30800 [ 82.789415] R13: ffff8880170bd1e8 R14: ffff88802090b400 R15: 0000000000000000 [ 82.790003] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.790618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.791128] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.791663] PKRU: 55555554 [ 82.791909] Call Trace: [ 82.792143] [ 82.792314] iommufd_access_destroy_object+0x65/0x170 [ 82.792704] iommufd_object_destroy_user+0x18e/0x220 [ 82.793159] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.793603] iommufd_access_destroy+0x43/0x70 [ 82.793973] iommufd_test_staccess_release+0x8d/0xd0 [ 82.794403] __fput+0x26d/0xa40 [ 82.794678] ____fput+0x1e/0x30 [ 82.794940] task_work_run+0x1a4/0x2d0 [ 82.795299] ? __pfx_task_work_run+0x10/0x10 [ 82.795638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.796020] ? switch_task_namespaces+0xa9/0xe0 [ 82.796437] do_exit+0xb17/0x2ef0 [ 82.796699] ? lock_acquire+0x427/0x4c0 [ 82.797009] ? __pfx_lock_release+0x10/0x10 [ 82.797398] ? __kasan_check_write+0x18/0x20 [ 82.797743] ? do_raw_spin_lock+0x132/0x2a0 [ 82.798064] ? __pfx_do_exit+0x10/0x10 [ 82.798389] ? debug_smp_processor_id+0x20/0x30 [ 82.798778] ? rcu_is_watching+0x19/0xb0 [ 82.799083] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.799464] ? trace_hardirqs_on+0x26/0x120 [ 82.799806] do_group_exit+0xe0/0x2b0 [ 82.800100] __x64_sys_exit_group+0x47/0x50 [ 82.800436] do_syscall_64+0x3b/0x90 [ 82.800745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.801137] RIP: 0033:0x7f4b87518a4d [ 82.801427] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.801915] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.802496] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.803088] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.803649] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.804191] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.804739] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.805281] [ 82.805454] irq event stamp: 0 [ 82.805686] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.806181] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.806824] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.807460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.807925] ---[ end trace 0000000000000000 ]--- [ 82.808606] ------------[ cut here ]------------ [ 82.808961] WARNING: CPU: 0 PID: 702 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.809739] Modules linked in: [ 82.809978] CPU: 0 PID: 702 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.810684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.811564] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.811940] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.813330] RSP: 0018:ffff88800ae8fb78 EFLAGS: 00010246 [ 82.813749] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.814267] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 82.814830] RBP: ffff88800ae8fb98 R08: ffffed1002e17a3e R09: ffffed1002e17a3e [ 82.815354] R10: ffff8880170bd1ef R11: ffffed1002e17a3d R12: ffff8880170bd290 [ 82.815895] R13: ffff8880170bd0a8 R14: ffffffffffffffff R15: ffff88800ae8fc60 [ 82.816407] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.817040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.817481] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.818034] PKRU: 55555554 [ 82.818244] Call Trace: [ 82.818433] [ 82.818628] iommufd_ioas_destroy+0x53/0x70 [ 82.818989] iommufd_fops_release+0x1f7/0x370 [ 82.819335] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.819715] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.820110] ? write_comp_data+0x2f/0x90 [ 82.820422] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.820796] __fput+0x26d/0xa40 [ 82.821072] ____fput+0x1e/0x30 [ 82.821322] task_work_run+0x1a4/0x2d0 [ 82.821620] ? __pfx_task_work_run+0x10/0x10 [ 82.821968] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.822340] ? switch_task_namespaces+0xa9/0xe0 [ 82.822708] do_exit+0xb17/0x2ef0 [ 82.822979] ? lock_acquire+0x427/0x4c0 [ 82.823311] ? __pfx_lock_release+0x10/0x10 [ 82.823634] ? __kasan_check_write+0x18/0x20 [ 82.823962] ? do_raw_spin_lock+0x132/0x2a0 [ 82.824315] ? __pfx_do_exit+0x10/0x10 [ 82.824613] ? debug_smp_processor_id+0x20/0x30 [ 82.824954] ? rcu_is_watching+0x19/0xb0 [ 82.825281] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.825620] ? trace_hardirqs_on+0x26/0x120 [ 82.825939] do_group_exit+0xe0/0x2b0 [ 82.826231] __x64_sys_exit_group+0x47/0x50 [ 82.826573] do_syscall_64+0x3b/0x90 [ 82.826857] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.827253] RIP: 0033:0x7f4b87518a4d [ 82.827543] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.827988] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.828556] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.829070] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.829602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.830114] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.830673] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.831209] [ 82.831380] irq event stamp: 0 [ 82.831625] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.832091] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.832720] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.833344] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.833814] ---[ end trace 0000000000000000 ]--- [ 82.837434] ------------[ cut here ]------------ [ 82.837826] WARNING: CPU: 1 PID: 703 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.838616] Modules linked in: [ 82.838858] CPU: 1 PID: 703 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.839513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.840348] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.840720] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.842083] RSP: 0018:ffff888015fafbb8 EFLAGS: 00010246 [ 82.842488] RAX: 0000000000000000 RBX: ffff88800f5ef0a8 RCX: 0000000000000000 [ 82.843048] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 82.843599] RBP: ffff888015fafbd0 R08: ffffed1001ebde33 R09: ffffed1001ebde33 [ 82.844140] R10: ffff88800f5ef193 R11: ffffed1001ebde32 R12: ffff88800a724000 [ 82.844678] R13: ffff88800f5ef1e8 R14: ffffffff8352e670 R15: ffff888015fafe68 [ 82.845221] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 82.845830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.846271] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 82.846830] PKRU: 55555554 [ 82.847048] Call Trace: [ 82.847252] [ 82.847425] __iommufd_access_detach+0x1c2/0x2b0 [ 82.847804] iommufd_access_change_pt+0x149/0x270 [ 82.848190] iommufd_access_replace+0xb4/0x120 [ 82.848560] iommufd_test+0x3e5/0x37e0 [ 82.848858] ? lock_release+0x532/0x770 [ 82.849175] ? __might_fault+0x102/0x1b0 [ 82.849496] ? lock_acquire+0x427/0x4c0 [ 82.849812] ? __pfx_iommufd_test+0x10/0x10 [ 82.850139] ? __pfx_lock_release+0x10/0x10 [ 82.850477] ? __pfx_lock_acquire+0x10/0x10 [ 82.850845] ? write_comp_data+0x2f/0x90 [ 82.851182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.851562] ? write_comp_data+0x2f/0x90 [ 82.851885] iommufd_fops_ioctl+0x37d/0x510 [ 82.852219] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.852604] ? write_comp_data+0x2f/0x90 [ 82.852924] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.853295] __x64_sys_ioctl+0x1a3/0x230 [ 82.853621] do_syscall_64+0x3b/0x90 [ 82.853918] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.854325] RIP: 0033:0x7f4b8743ee5d [ 82.854635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.856042] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.856620] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.857160] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.857700] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.858245] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.858816] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.859382] [ 82.859567] irq event stamp: 0 [ 82.859815] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.860736] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.861902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.863020] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.863811] ---[ end trace 0000000000000000 ]--- [ 82.868095] ------------[ cut here ]------------ [ 82.868656] WARNING: CPU: 1 PID: 703 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.869816] Modules linked in: [ 82.870240] CPU: 1 PID: 703 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.871644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.872944] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.873515] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.875653] RSP: 0018:ffff888015fafbd0 EFLAGS: 00010246 [ 82.876308] RAX: 0000000000000000 RBX: ffff88800f5ef0a8 RCX: 0000000000000000 [ 82.877151] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 82.877967] RBP: ffff888015fafbe8 R08: ffffed1001ebde33 R09: ffffed1001ebde33 [ 82.878888] R10: ffff88800f5ef193 R11: ffffed1001ebde32 R12: ffff888014581800 [ 82.879785] R13: ffff88800f5ef1e8 R14: ffff88800fd8cb00 R15: 0000000000000000 [ 82.880632] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 82.881638] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.882401] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 82.883276] PKRU: 55555554 [ 82.883663] Call Trace: [ 82.883961] [ 82.884229] iommufd_access_destroy_object+0x65/0x170 [ 82.884876] iommufd_object_destroy_user+0x18e/0x220 [ 82.885517] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.886305] iommufd_access_destroy+0x43/0x70 [ 82.886877] iommufd_test_staccess_release+0x8d/0xd0 [ 82.887567] __fput+0x26d/0xa40 [ 82.887968] ____fput+0x1e/0x30 [ 82.888399] task_work_run+0x1a4/0x2d0 [ 82.888904] ? __pfx_task_work_run+0x10/0x10 [ 82.889408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.890060] ? switch_task_namespaces+0xa9/0xe0 [ 82.890644] do_exit+0xb17/0x2ef0 [ 82.891068] ? lock_acquire+0x427/0x4c0 [ 82.891583] ? __pfx_lock_release+0x10/0x10 [ 82.892079] ? __kasan_check_write+0x18/0x20 [ 82.892669] ? do_raw_spin_lock+0x132/0x2a0 [ 82.893157] ? __pfx_do_exit+0x10/0x10 [ 82.893658] ? debug_smp_processor_id+0x20/0x30 [ 82.894219] ? rcu_is_watching+0x19/0xb0 [ 82.894769] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.895340] ? trace_hardirqs_on+0x26/0x120 [ 82.895837] do_group_exit+0xe0/0x2b0 [ 82.896353] __x64_sys_exit_group+0x47/0x50 [ 82.896839] do_syscall_64+0x3b/0x90 [ 82.897326] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.897954] RIP: 0033:0x7f4b87518a4d [ 82.898373] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.899187] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.900081] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.900907] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.901790] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.902632] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.903476] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.904374] [ 82.904641] irq event stamp: 0 [ 82.904995] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.905778] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.906817] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.907758] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.908457] ---[ end trace 0000000000000000 ]--- [ 82.909402] ------------[ cut here ]------------ [ 82.909793] WARNING: CPU: 0 PID: 703 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 82.910824] Modules linked in: [ 82.911075] CPU: 0 PID: 703 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.911800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.912711] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 82.913105] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 82.914610] RSP: 0018:ffff888015fafb78 EFLAGS: 00010246 [ 82.915051] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.915641] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 82.916212] RBP: ffff888015fafb98 R08: ffffed1001ebde3e R09: ffffed1001ebde3e [ 82.916797] R10: ffff88800f5ef1ef R11: ffffed1001ebde3d R12: ffff88800f5ef290 [ 82.917376] R13: ffff88800f5ef0a8 R14: ffffffffffffffff R15: ffff888015fafc60 [ 82.917972] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.918616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.919122] CR2: 00007ff8de5a7020 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 82.919675] PKRU: 55555554 [ 82.919925] Call Trace: [ 82.920140] [ 82.920316] iommufd_ioas_destroy+0x53/0x70 [ 82.920664] iommufd_fops_release+0x1f7/0x370 [ 82.921051] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.921466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.921859] ? write_comp_data+0x2f/0x90 [ 82.922220] ? __pfx_iommufd_fops_release+0x10/0x10 [ 82.922646] __fput+0x26d/0xa40 [ 82.922927] ____fput+0x1e/0x30 [ 82.923224] task_work_run+0x1a4/0x2d0 [ 82.923562] ? __pfx_task_work_run+0x10/0x10 [ 82.923914] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.924337] ? switch_task_namespaces+0xa9/0xe0 [ 82.924725] do_exit+0xb17/0x2ef0 [ 82.924998] ? lock_acquire+0x427/0x4c0 [ 82.925347] ? __pfx_lock_release+0x10/0x10 [ 82.925717] ? __kasan_check_write+0x18/0x20 [ 82.926063] ? do_raw_spin_lock+0x132/0x2a0 [ 82.926433] ? __pfx_do_exit+0x10/0x10 [ 82.926794] ? debug_smp_processor_id+0x20/0x30 [ 82.927179] ? rcu_is_watching+0x19/0xb0 [ 82.927541] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.927913] ? trace_hardirqs_on+0x26/0x120 [ 82.928256] do_group_exit+0xe0/0x2b0 [ 82.928608] __x64_sys_exit_group+0x47/0x50 [ 82.928963] do_syscall_64+0x3b/0x90 [ 82.929261] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.929714] RIP: 0033:0x7f4b87518a4d [ 82.930015] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.930528] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.931167] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.931751] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.932325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.932918] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.933474] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.934077] [ 82.934270] irq event stamp: 0 [ 82.934535] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.935085] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.935748] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.936443] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.936950] ---[ end trace 0000000000000000 ]--- [ 82.941231] ------------[ cut here ]------------ [ 82.941643] WARNING: CPU: 0 PID: 704 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.942448] Modules linked in: [ 82.942796] CPU: 0 PID: 704 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.943510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.944413] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.944843] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.946312] RSP: 0018:ffff888016f8fbb8 EFLAGS: 00010246 [ 82.946763] RAX: 0000000000000000 RBX: ffff8880165350a8 RCX: 0000000000000000 [ 82.947347] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 82.947914] RBP: ffff888016f8fbd0 R08: ffffed1002ca6a33 R09: ffffed1002ca6a33 [ 82.948495] R10: ffff888016535193 R11: ffffed1002ca6a32 R12: ffff888016630000 [ 82.949073] R13: ffff8880165351e8 R14: ffffffff8352e670 R15: ffff888016f8fe68 [ 82.949646] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.950299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.950784] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 82.951383] PKRU: 55555554 [ 82.951616] Call Trace: [ 82.951816] [ 82.952011] __iommufd_access_detach+0x1c2/0x2b0 [ 82.952400] iommufd_access_change_pt+0x149/0x270 [ 82.952809] iommufd_access_replace+0xb4/0x120 [ 82.953191] iommufd_test+0x3e5/0x37e0 [ 82.953512] ? lock_release+0x532/0x770 [ 82.953846] ? __might_fault+0x102/0x1b0 [ 82.954190] ? lock_acquire+0x427/0x4c0 [ 82.954544] ? __pfx_iommufd_test+0x10/0x10 [ 82.954917] ? __pfx_lock_release+0x10/0x10 [ 82.955289] ? __pfx_lock_acquire+0x10/0x10 [ 82.955652] ? write_comp_data+0x2f/0x90 [ 82.955992] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.956396] ? write_comp_data+0x2f/0x90 [ 82.956745] iommufd_fops_ioctl+0x37d/0x510 [ 82.957105] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.957511] ? write_comp_data+0x2f/0x90 [ 82.957864] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 82.958242] __x64_sys_ioctl+0x1a3/0x230 [ 82.958610] do_syscall_64+0x3b/0x90 [ 82.958946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.959382] RIP: 0033:0x7f4b8743ee5d [ 82.959686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 82.961142] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 82.961737] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 82.962303] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 82.962895] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 82.963477] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 82.964043] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 82.964617] [ 82.964809] irq event stamp: 0 [ 82.965063] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.965565] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 82.966224] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 82.966920] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 82.967598] ---[ end trace 0000000000000000 ]--- [ 82.971956] ------------[ cut here ]------------ [ 82.972495] WARNING: CPU: 0 PID: 704 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 82.973593] Modules linked in: [ 82.973950] CPU: 0 PID: 704 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 82.975372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 82.976595] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 82.977142] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 82.979133] RSP: 0018:ffff888016f8fbd0 EFLAGS: 00010246 [ 82.979724] RAX: 0000000000000000 RBX: ffff8880165350a8 RCX: 0000000000000000 [ 82.980499] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 82.981270] RBP: ffff888016f8fbe8 R08: ffffed1002ca6a33 R09: ffffed1002ca6a33 [ 82.982048] R10: ffff888016535193 R11: ffffed1002ca6a32 R12: ffff88800efcc400 [ 82.982850] R13: ffff8880165351e8 R14: ffff8880149b0700 R15: 0000000000000000 [ 82.983619] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 82.984231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.984689] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 82.985225] PKRU: 55555554 [ 82.985434] Call Trace: [ 82.985623] [ 82.985819] iommufd_access_destroy_object+0x65/0x170 [ 82.986209] iommufd_object_destroy_user+0x18e/0x220 [ 82.986614] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 82.987085] iommufd_access_destroy+0x43/0x70 [ 82.987437] iommufd_test_staccess_release+0x8d/0xd0 [ 82.987830] __fput+0x26d/0xa40 [ 82.988119] ____fput+0x1e/0x30 [ 82.988372] task_work_run+0x1a4/0x2d0 [ 82.988667] ? __pfx_task_work_run+0x10/0x10 [ 82.989017] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 82.989413] ? switch_task_namespaces+0xa9/0xe0 [ 82.989765] do_exit+0xb17/0x2ef0 [ 82.990030] ? lock_acquire+0x427/0x4c0 [ 82.990388] ? __pfx_lock_release+0x10/0x10 [ 82.990743] ? __kasan_check_write+0x18/0x20 [ 82.991084] ? do_raw_spin_lock+0x132/0x2a0 [ 82.991442] ? __pfx_do_exit+0x10/0x10 [ 82.991744] ? debug_smp_processor_id+0x20/0x30 [ 82.992098] ? rcu_is_watching+0x19/0xb0 [ 82.992440] ? _raw_spin_unlock_irq+0x2b/0x60 [ 82.992785] ? trace_hardirqs_on+0x26/0x120 [ 82.993111] do_group_exit+0xe0/0x2b0 [ 82.993429] __x64_sys_exit_group+0x47/0x50 [ 82.993755] do_syscall_64+0x3b/0x90 [ 82.994038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.994449] RIP: 0033:0x7f4b87518a4d [ 82.994772] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 82.995241] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.995851] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 82.996373] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 82.996957] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 82.997488] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 82.998069] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 82.998638] [ 82.998840] irq event stamp: 0 [ 82.999091] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 82.999554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.000220] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.000840] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.001322] ---[ end trace 0000000000000000 ]--- [ 83.002213] ------------[ cut here ]------------ [ 83.002578] WARNING: CPU: 0 PID: 704 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.003405] Modules linked in: [ 83.003639] CPU: 0 PID: 704 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.004313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.005141] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.005542] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.007004] RSP: 0018:ffff888016f8fb78 EFLAGS: 00010246 [ 83.007439] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.007979] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 83.008511] RBP: ffff888016f8fb98 R08: ffffed1002ca6a3e R09: ffffed1002ca6a3e [ 83.009049] R10: ffff8880165351ef R11: ffffed1002ca6a3d R12: ffff888016535290 [ 83.009579] R13: ffff8880165350a8 R14: ffffffffffffffff R15: ffff888016f8fc60 [ 83.010119] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.010750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.011178] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.011709] PKRU: 55555554 [ 83.011941] Call Trace: [ 83.012125] [ 83.012288] iommufd_ioas_destroy+0x53/0x70 [ 83.012614] iommufd_fops_release+0x1f7/0x370 [ 83.012975] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.013343] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.013714] ? write_comp_data+0x2f/0x90 [ 83.014044] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.014407] __fput+0x26d/0xa40 [ 83.014683] ____fput+0x1e/0x30 [ 83.014952] task_work_run+0x1a4/0x2d0 [ 83.015264] ? __pfx_task_work_run+0x10/0x10 [ 83.015589] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.015966] ? switch_task_namespaces+0xa9/0xe0 [ 83.016331] do_exit+0xb17/0x2ef0 [ 83.016583] ? lock_acquire+0x427/0x4c0 [ 83.016891] ? __pfx_lock_release+0x10/0x10 [ 83.017251] ? __kasan_check_write+0x18/0x20 [ 83.017572] ? do_raw_spin_lock+0x132/0x2a0 [ 83.017899] ? __pfx_do_exit+0x10/0x10 [ 83.018214] ? debug_smp_processor_id+0x20/0x30 [ 83.018600] ? rcu_is_watching+0x19/0xb0 [ 83.018900] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.019285] ? trace_hardirqs_on+0x26/0x120 [ 83.019624] do_group_exit+0xe0/0x2b0 [ 83.019902] __x64_sys_exit_group+0x47/0x50 [ 83.020232] do_syscall_64+0x3b/0x90 [ 83.020552] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.020932] RIP: 0033:0x7f4b87518a4d [ 83.021211] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.021702] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.022252] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.022822] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.023349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.023921] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.024444] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.025030] [ 83.025199] irq event stamp: 0 [ 83.025437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.025950] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.026568] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.027228] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.027683] ---[ end trace 0000000000000000 ]--- [ 83.031538] ------------[ cut here ]------------ [ 83.031908] WARNING: CPU: 0 PID: 705 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.032674] Modules linked in: [ 83.032902] CPU: 0 PID: 705 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.033566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.034390] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.034780] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.036095] RSP: 0018:ffff88800b6afbb8 EFLAGS: 00010246 [ 83.036493] RAX: 0000000000000000 RBX: ffff88801818d8a8 RCX: 0000000000000000 [ 83.036995] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 83.037506] RBP: ffff88800b6afbd0 R08: ffffed1003031b33 R09: ffffed1003031b33 [ 83.038008] R10: ffff88801818d993 R11: ffffed1003031b32 R12: ffff88801805dc00 [ 83.038537] R13: ffff88801818d9e8 R14: ffffffff8352e670 R15: ffff88800b6afe68 [ 83.039046] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.039629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.040042] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 83.040549] PKRU: 55555554 [ 83.040763] Call Trace: [ 83.040959] [ 83.041118] __iommufd_access_detach+0x1c2/0x2b0 [ 83.041461] iommufd_access_change_pt+0x149/0x270 [ 83.041840] iommufd_access_replace+0xb4/0x120 [ 83.042172] iommufd_test+0x3e5/0x37e0 [ 83.042444] ? lock_release+0x532/0x770 [ 83.042766] ? __might_fault+0x102/0x1b0 [ 83.043071] ? lock_acquire+0x427/0x4c0 [ 83.043366] ? __pfx_iommufd_test+0x10/0x10 [ 83.043675] ? __pfx_lock_release+0x10/0x10 [ 83.044008] ? __pfx_lock_acquire+0x10/0x10 [ 83.044317] ? write_comp_data+0x2f/0x90 [ 83.044609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.044975] ? write_comp_data+0x2f/0x90 [ 83.045280] iommufd_fops_ioctl+0x37d/0x510 [ 83.045586] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.045949] ? write_comp_data+0x2f/0x90 [ 83.046254] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.046610] __x64_sys_ioctl+0x1a3/0x230 [ 83.046916] do_syscall_64+0x3b/0x90 [ 83.047219] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.047588] RIP: 0033:0x7f4b8743ee5d [ 83.047850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.049156] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.049694] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.050205] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.050721] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.051237] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.051755] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.052266] [ 83.052442] irq event stamp: 0 [ 83.052676] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.053113] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.053721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.054300] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.054783] ---[ end trace 0000000000000000 ]--- [ 83.057442] ------------[ cut here ]------------ [ 83.057815] WARNING: CPU: 0 PID: 705 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.058543] Modules linked in: [ 83.058786] CPU: 0 PID: 705 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.059407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.060216] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.060563] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.061871] RSP: 0018:ffff88800b6afbd0 EFLAGS: 00010246 [ 83.062261] RAX: 0000000000000000 RBX: ffff88801818d8a8 RCX: 0000000000000000 [ 83.062781] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 83.063317] RBP: ffff88800b6afbe8 R08: ffffed1003031b33 R09: ffffed1003031b33 [ 83.063812] R10: ffff88801818d993 R11: ffffed1003031b32 R12: ffff888016633000 [ 83.064349] R13: ffff88801818d9e8 R14: ffff88801202de00 R15: 0000000000000000 [ 83.064843] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.065449] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.065852] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.066371] PKRU: 55555554 [ 83.066599] Call Trace: [ 83.066780] [ 83.066943] iommufd_access_destroy_object+0x65/0x170 [ 83.067330] iommufd_object_destroy_user+0x18e/0x220 [ 83.067718] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.068126] iommufd_access_destroy+0x43/0x70 [ 83.068469] iommufd_test_staccess_release+0x8d/0xd0 [ 83.068861] __fput+0x26d/0xa40 [ 83.069109] ____fput+0x1e/0x30 [ 83.069359] task_work_run+0x1a4/0x2d0 [ 83.069676] ? __pfx_task_work_run+0x10/0x10 [ 83.069993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.070340] ? switch_task_namespaces+0xa9/0xe0 [ 83.070729] do_exit+0xb17/0x2ef0 [ 83.070981] ? lock_acquire+0x427/0x4c0 [ 83.071277] ? __pfx_lock_release+0x10/0x10 [ 83.071608] ? __kasan_check_write+0x18/0x20 [ 83.071950] ? do_raw_spin_lock+0x132/0x2a0 [ 83.072253] ? __pfx_do_exit+0x10/0x10 [ 83.072539] ? debug_smp_processor_id+0x20/0x30 [ 83.072921] ? rcu_is_watching+0x19/0xb0 [ 83.073208] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.073529] ? trace_hardirqs_on+0x26/0x120 [ 83.073868] do_group_exit+0xe0/0x2b0 [ 83.074152] __x64_sys_exit_group+0x47/0x50 [ 83.074451] do_syscall_64+0x3b/0x90 [ 83.074758] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.075174] RIP: 0033:0x7f4b87518a4d [ 83.075434] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.075888] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.076440] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.076949] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.077469] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.077975] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.078521] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.079037] [ 83.079229] irq event stamp: 0 [ 83.079465] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.079905] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.080535] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.081122] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.081595] ---[ end trace 0000000000000000 ]--- [ 83.082290] ------------[ cut here ]------------ [ 83.082676] WARNING: CPU: 0 PID: 705 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.083414] Modules linked in: [ 83.083665] CPU: 0 PID: 705 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.084262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.085089] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.085459] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.086856] RSP: 0018:ffff88800b6afb78 EFLAGS: 00010246 [ 83.087236] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.087761] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 83.088267] RBP: ffff88800b6afb98 R08: ffffed1003031b3e R09: ffffed1003031b3e [ 83.088795] R10: ffff88801818d9ef R11: ffffed1003031b3d R12: ffff88801818da90 [ 83.089303] R13: ffff88801818d8a8 R14: ffffffffffffffff R15: ffff88800b6afc60 [ 83.089823] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.090399] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.090833] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.091366] PKRU: 55555554 [ 83.091564] Call Trace: [ 83.091742] [ 83.091921] iommufd_ioas_destroy+0x53/0x70 [ 83.092258] iommufd_fops_release+0x1f7/0x370 [ 83.092576] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.092934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.093322] ? write_comp_data+0x2f/0x90 [ 83.093607] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.093965] __fput+0x26d/0xa40 [ 83.094240] ____fput+0x1e/0x30 [ 83.094489] task_work_run+0x1a4/0x2d0 [ 83.094791] ? __pfx_task_work_run+0x10/0x10 [ 83.095206] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.095728] ? switch_task_namespaces+0xa9/0xe0 [ 83.096237] do_exit+0xb17/0x2ef0 [ 83.096608] ? lock_acquire+0x427/0x4c0 [ 83.097039] ? __pfx_lock_release+0x10/0x10 [ 83.097501] ? __kasan_check_write+0x18/0x20 [ 83.097970] ? do_raw_spin_lock+0x132/0x2a0 [ 83.098428] ? __pfx_do_exit+0x10/0x10 [ 83.098904] ? debug_smp_processor_id+0x20/0x30 [ 83.099416] ? rcu_is_watching+0x19/0xb0 [ 83.099852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.100338] ? trace_hardirqs_on+0x26/0x120 [ 83.100801] do_group_exit+0xe0/0x2b0 [ 83.101208] __x64_sys_exit_group+0x47/0x50 [ 83.101660] do_syscall_64+0x3b/0x90 [ 83.102067] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.102650] RIP: 0033:0x7f4b87518a4d [ 83.103046] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.103552] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.104086] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.104586] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.105080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.105574] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.106071] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.106590] [ 83.106759] irq event stamp: 0 [ 83.106981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.107435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.108017] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.108599] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.109038] ---[ end trace 0000000000000000 ]--- [ 83.112487] ------------[ cut here ]------------ [ 83.112839] WARNING: CPU: 0 PID: 706 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.113544] Modules linked in: [ 83.113768] CPU: 0 PID: 706 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.114369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.115337] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.115694] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.116968] RSP: 0018:ffff888013a57bb8 EFLAGS: 00010246 [ 83.117340] RAX: 0000000000000000 RBX: ffff888020aca8a8 RCX: 0000000000000000 [ 83.117839] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 83.118338] RBP: ffff888013a57bd0 R08: ffffed1004159533 R09: ffffed1004159533 [ 83.118848] R10: ffff888020aca993 R11: ffffed1004159532 R12: ffff8880188db400 [ 83.119355] R13: ffff888020aca9e8 R14: ffffffff8352e670 R15: ffff888013a57e68 [ 83.119850] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.120411] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.120814] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ef0 [ 83.121311] PKRU: 55555554 [ 83.121510] Call Trace: [ 83.121692] [ 83.121851] __iommufd_access_detach+0x1c2/0x2b0 [ 83.122195] iommufd_access_change_pt+0x149/0x270 [ 83.122557] iommufd_access_replace+0xb4/0x120 [ 83.122896] iommufd_test+0x3e5/0x37e0 [ 83.123179] ? lock_release+0x532/0x770 [ 83.123474] ? __might_fault+0x102/0x1b0 [ 83.123812] ? lock_acquire+0x427/0x4c0 [ 83.124395] ? __pfx_iommufd_test+0x10/0x10 [ 83.124721] ? __pfx_lock_release+0x10/0x10 [ 83.125217] ? __pfx_lock_acquire+0x10/0x10 [ 83.125538] ? write_comp_data+0x2f/0x90 [ 83.125833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.126179] ? write_comp_data+0x2f/0x90 [ 83.126597] iommufd_fops_ioctl+0x37d/0x510 [ 83.126905] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.127265] ? write_comp_data+0x2f/0x90 [ 83.127579] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.128005] __x64_sys_ioctl+0x1a3/0x230 [ 83.128299] do_syscall_64+0x3b/0x90 [ 83.128595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.129020] RIP: 0033:0x7f4b8743ee5d [ 83.129284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.130670] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.131209] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.131708] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.132204] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.132699] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.133194] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.133696] [ 83.133861] irq event stamp: 0 [ 83.134081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.134536] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.135130] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.135712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.136155] ---[ end trace 0000000000000000 ]--- [ 83.138855] ------------[ cut here ]------------ [ 83.139204] WARNING: CPU: 0 PID: 706 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.140016] Modules linked in: [ 83.140240] CPU: 0 PID: 706 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.140947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.141756] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.142160] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.143579] RSP: 0018:ffff888013a57bd0 EFLAGS: 00010246 [ 83.143960] RAX: 0000000000000000 RBX: ffff888020aca8a8 RCX: 0000000000000000 [ 83.144573] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 83.145084] RBP: ffff888013a57be8 R08: ffffed1004159533 R09: ffffed1004159533 [ 83.145663] R10: ffff888020aca993 R11: ffffed1004159532 R12: ffff88801805cc00 [ 83.146208] R13: ffff888020aca9e8 R14: ffff888016e16b00 R15: 0000000000000000 [ 83.146776] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.147382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.147859] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.148376] PKRU: 55555554 [ 83.148713] Call Trace: [ 83.148897] [ 83.149060] iommufd_access_destroy_object+0x65/0x170 [ 83.149473] iommufd_object_destroy_user+0x18e/0x220 [ 83.149921] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.150351] iommufd_access_destroy+0x43/0x70 [ 83.150812] iommufd_test_staccess_release+0x8d/0xd0 [ 83.151193] __fput+0x26d/0xa40 [ 83.151444] ____fput+0x1e/0x30 [ 83.151697] task_work_run+0x1a4/0x2d0 [ 83.152119] ? __pfx_task_work_run+0x10/0x10 [ 83.152442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.152815] ? switch_task_namespaces+0xa9/0xe0 [ 83.153257] do_exit+0xb17/0x2ef0 [ 83.153506] ? lock_acquire+0x427/0x4c0 [ 83.153825] ? __pfx_lock_release+0x10/0x10 [ 83.154251] ? __kasan_check_write+0x18/0x20 [ 83.154587] ? do_raw_spin_lock+0x132/0x2a0 [ 83.154899] ? __pfx_do_exit+0x10/0x10 [ 83.155223] ? debug_smp_processor_id+0x20/0x30 [ 83.155646] ? rcu_is_watching+0x19/0xb0 [ 83.155946] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.156302] ? trace_hardirqs_on+0x26/0x120 [ 83.156713] do_group_exit+0xe0/0x2b0 [ 83.156988] __x64_sys_exit_group+0x47/0x50 [ 83.157326] do_syscall_64+0x3b/0x90 [ 83.157680] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.158064] RIP: 0033:0x7f4b87518a4d [ 83.158409] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.158945] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.159504] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.160184] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.160699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.161341] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.161862] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.162492] [ 83.162677] irq event stamp: 0 [ 83.162905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.163496] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.164105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.164869] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.165355] ---[ end trace 0000000000000000 ]--- [ 83.166093] ------------[ cut here ]------------ [ 83.166607] WARNING: CPU: 0 PID: 706 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.167350] Modules linked in: [ 83.167586] CPU: 0 PID: 706 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.168369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.169326] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.169701] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.171185] RSP: 0018:ffff888013a57b78 EFLAGS: 00010246 [ 83.171582] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.172399] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 83.173165] RBP: ffff888013a57b98 R08: ffffed100415953e R09: ffffed100415953e [ 83.173948] R10: ffff888020aca9ef R11: ffffed100415953d R12: ffff888020acaa90 [ 83.174994] R13: ffff888020aca8a8 R14: ffffffffffffffff R15: ffff888013a57c60 [ 83.175794] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.176943] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.177888] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.178705] PKRU: 55555554 [ 83.179022] Call Trace: [ 83.179329] [ 83.179579] iommufd_ioas_destroy+0x53/0x70 [ 83.180006] iommufd_fops_release+0x1f7/0x370 [ 83.180331] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.180664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.181051] ? write_comp_data+0x2f/0x90 [ 83.181507] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.181882] __fput+0x26d/0xa40 [ 83.182138] ____fput+0x1e/0x30 [ 83.182389] task_work_run+0x1a4/0x2d0 [ 83.182721] ? __pfx_task_work_run+0x10/0x10 [ 83.183198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.183564] ? switch_task_namespaces+0xa9/0xe0 [ 83.183919] do_exit+0xb17/0x2ef0 [ 83.184176] ? lock_acquire+0x427/0x4c0 [ 83.184475] ? __pfx_lock_release+0x10/0x10 [ 83.184798] ? __kasan_check_write+0x18/0x20 [ 83.185135] ? do_raw_spin_lock+0x132/0x2a0 [ 83.185629] ? __pfx_do_exit+0x10/0x10 [ 83.185926] ? debug_smp_processor_id+0x20/0x30 [ 83.186268] ? rcu_is_watching+0x19/0xb0 [ 83.186595] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.186944] ? trace_hardirqs_on+0x26/0x120 [ 83.187438] do_group_exit+0xe0/0x2b0 [ 83.187722] __x64_sys_exit_group+0x47/0x50 [ 83.188037] do_syscall_64+0x3b/0x90 [ 83.188319] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.188773] RIP: 0033:0x7f4b87518a4d [ 83.189136] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.189587] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.190151] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.190787] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.191320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.191884] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.192478] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.193006] [ 83.193183] irq event stamp: 0 [ 83.193435] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.194016] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.194640] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.195384] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.195851] ---[ end trace 0000000000000000 ]--- [ 83.201785] ------------[ cut here ]------------ [ 83.202283] WARNING: CPU: 0 PID: 707 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.203089] Modules linked in: [ 83.203343] CPU: 0 PID: 707 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.204094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.204907] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.205272] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.206603] RSP: 0018:ffff888018517bb8 EFLAGS: 00010246 [ 83.206992] RAX: 0000000000000000 RBX: ffff888014adc0a8 RCX: 0000000000000000 [ 83.207521] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 83.208037] RBP: ffff888018517bd0 R08: ffffed100295b833 R09: ffffed100295b833 [ 83.208553] R10: ffff888014adc193 R11: ffffed100295b832 R12: ffff888021bacc00 [ 83.209072] R13: ffff888014adc1e8 R14: ffffffff8352e670 R15: ffff888018517e68 [ 83.209589] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.210170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.210612] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 83.211142] PKRU: 55555554 [ 83.211353] Call Trace: [ 83.211545] [ 83.211713] __iommufd_access_detach+0x1c2/0x2b0 [ 83.212074] iommufd_access_change_pt+0x149/0x270 [ 83.212435] iommufd_access_replace+0xb4/0x120 [ 83.212777] iommufd_test+0x3e5/0x37e0 [ 83.213062] ? lock_release+0x532/0x770 [ 83.213361] ? __might_fault+0x102/0x1b0 [ 83.213664] ? lock_acquire+0x427/0x4c0 [ 83.213961] ? __pfx_iommufd_test+0x10/0x10 [ 83.214272] ? __pfx_lock_release+0x10/0x10 [ 83.214609] ? __pfx_lock_acquire+0x10/0x10 [ 83.214936] ? write_comp_data+0x2f/0x90 [ 83.215238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.215592] ? write_comp_data+0x2f/0x90 [ 83.215903] iommufd_fops_ioctl+0x37d/0x510 [ 83.216233] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.216598] ? write_comp_data+0x2f/0x90 [ 83.216907] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.217267] __x64_sys_ioctl+0x1a3/0x230 [ 83.217577] do_syscall_64+0x3b/0x90 [ 83.217866] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.218260] RIP: 0033:0x7f4b8743ee5d [ 83.218553] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.219889] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.220458] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.220980] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.221495] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.222015] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.222550] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.223078] [ 83.223261] irq event stamp: 0 [ 83.223494] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.223957] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.224573] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.225184] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.225648] ---[ end trace 0000000000000000 ]--- [ 83.228596] ------------[ cut here ]------------ [ 83.228961] WARNING: CPU: 0 PID: 707 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.229847] Modules linked in: [ 83.230084] CPU: 0 PID: 707 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.230741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.231707] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.232075] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.233534] RSP: 0018:ffff888018517bd0 EFLAGS: 00010246 [ 83.233925] RAX: 0000000000000000 RBX: ffff888014adc0a8 RCX: 0000000000000000 [ 83.234447] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 83.235136] RBP: ffff888018517be8 R08: ffffed100295b833 R09: ffffed100295b833 [ 83.235668] R10: ffff888014adc193 R11: ffffed100295b832 R12: ffff888016621000 [ 83.236189] R13: ffff888014adc1e8 R14: ffff888018bac000 R15: 0000000000000000 [ 83.236729] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.237424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.237869] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.238547] PKRU: 55555554 [ 83.238765] Call Trace: [ 83.238958] [ 83.239141] iommufd_access_destroy_object+0x65/0x170 [ 83.239539] iommufd_object_destroy_user+0x18e/0x220 [ 83.239929] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.240373] iommufd_access_destroy+0x43/0x70 [ 83.240722] iommufd_test_staccess_release+0x8d/0xd0 [ 83.241111] __fput+0x26d/0xa40 [ 83.241372] ____fput+0x1e/0x30 [ 83.241628] task_work_run+0x1a4/0x2d0 [ 83.241931] ? __pfx_task_work_run+0x10/0x10 [ 83.242271] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.242670] ? switch_task_namespaces+0xa9/0xe0 [ 83.243034] do_exit+0xb17/0x2ef0 [ 83.243305] ? lock_acquire+0x427/0x4c0 [ 83.243616] ? __pfx_lock_release+0x10/0x10 [ 83.243948] ? __kasan_check_write+0x18/0x20 [ 83.244285] ? do_raw_spin_lock+0x132/0x2a0 [ 83.244614] ? __pfx_do_exit+0x10/0x10 [ 83.244915] ? debug_smp_processor_id+0x20/0x30 [ 83.245269] ? rcu_is_watching+0x19/0xb0 [ 83.245576] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.245924] ? trace_hardirqs_on+0x26/0x120 [ 83.246254] do_group_exit+0xe0/0x2b0 [ 83.246557] __x64_sys_exit_group+0x47/0x50 [ 83.246887] do_syscall_64+0x3b/0x90 [ 83.247188] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.247585] RIP: 0033:0x7f4b87518a4d [ 83.247867] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.248325] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.248943] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.249623] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.250158] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.250843] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.251408] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.251963] [ 83.252143] irq event stamp: 0 [ 83.252388] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.252876] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.253690] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.254331] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.254837] ---[ end trace 0000000000000000 ]--- [ 83.255712] ------------[ cut here ]------------ [ 83.256082] WARNING: CPU: 0 PID: 707 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.256854] Modules linked in: [ 83.257166] CPU: 0 PID: 707 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.257918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.258936] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.259355] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.260783] RSP: 0018:ffff888018517b78 EFLAGS: 00010246 [ 83.261210] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.261764] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 83.262323] RBP: ffff888018517b98 R08: ffffed100295b83e R09: ffffed100295b83e [ 83.262903] R10: ffff888014adc1ef R11: ffffed100295b83d R12: ffff888014adc290 [ 83.263477] R13: ffff888014adc0a8 R14: ffffffffffffffff R15: ffff888018517c60 [ 83.264037] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.264669] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.265125] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.265686] PKRU: 55555554 [ 83.265914] Call Trace: [ 83.266117] [ 83.266298] iommufd_ioas_destroy+0x53/0x70 [ 83.266665] iommufd_fops_release+0x1f7/0x370 [ 83.267030] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.267444] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.267844] ? write_comp_data+0x2f/0x90 [ 83.268176] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.268575] __fput+0x26d/0xa40 [ 83.268859] ____fput+0x1e/0x30 [ 83.269129] task_work_run+0x1a4/0x2d0 [ 83.269444] ? __pfx_task_work_run+0x10/0x10 [ 83.269800] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.270193] ? switch_task_namespaces+0xa9/0xe0 [ 83.270599] do_exit+0xb17/0x2ef0 [ 83.270884] ? lock_acquire+0x427/0x4c0 [ 83.271220] ? __pfx_lock_release+0x10/0x10 [ 83.271565] ? __kasan_check_write+0x18/0x20 [ 83.271914] ? do_raw_spin_lock+0x132/0x2a0 [ 83.272253] ? __pfx_do_exit+0x10/0x10 [ 83.272566] ? debug_smp_processor_id+0x20/0x30 [ 83.272933] ? rcu_is_watching+0x19/0xb0 [ 83.273251] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.273613] ? trace_hardirqs_on+0x26/0x120 [ 83.273957] do_group_exit+0xe0/0x2b0 [ 83.274256] __x64_sys_exit_group+0x47/0x50 [ 83.274610] do_syscall_64+0x3b/0x90 [ 83.274910] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.275333] RIP: 0033:0x7f4b87518a4d [ 83.275628] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.276106] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.276693] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.277244] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.277794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.278341] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.278914] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.279493] [ 83.279681] irq event stamp: 0 [ 83.279928] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.280420] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.281072] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.281724] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.282212] ---[ end trace 0000000000000000 ]--- [ 83.286494] ------------[ cut here ]------------ [ 83.286939] WARNING: CPU: 0 PID: 708 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.287885] Modules linked in: [ 83.288208] CPU: 0 PID: 708 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.288947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.289834] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.290246] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.291842] RSP: 0018:ffff888013a57bb8 EFLAGS: 00010246 [ 83.292293] RAX: 0000000000000000 RBX: ffff8880171bc8a8 RCX: 0000000000000000 [ 83.292868] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 83.293461] RBP: ffff888013a57bd0 R08: ffffed1002e37933 R09: ffffed1002e37933 [ 83.294043] R10: ffff8880171bc993 R11: ffffed1002e37932 R12: ffff8880129c7400 [ 83.294642] R13: ffff8880171bc9e8 R14: ffffffff8352e670 R15: ffff888013a57e68 [ 83.295247] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.295920] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.296392] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 83.297039] PKRU: 55555554 [ 83.297420] Call Trace: [ 83.297631] [ 83.297816] __iommufd_access_detach+0x1c2/0x2b0 [ 83.298215] iommufd_access_change_pt+0x149/0x270 [ 83.298650] iommufd_access_replace+0xb4/0x120 [ 83.299034] iommufd_test+0x3e5/0x37e0 [ 83.299369] ? lock_release+0x532/0x770 [ 83.299701] ? __might_fault+0x102/0x1b0 [ 83.300038] ? lock_acquire+0x427/0x4c0 [ 83.300374] ? __pfx_iommufd_test+0x10/0x10 [ 83.300731] ? __pfx_lock_release+0x10/0x10 [ 83.301091] ? __pfx_lock_acquire+0x10/0x10 [ 83.301450] ? write_comp_data+0x2f/0x90 [ 83.301786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.302187] ? write_comp_data+0x2f/0x90 [ 83.302543] iommufd_fops_ioctl+0x37d/0x510 [ 83.302901] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.303314] ? write_comp_data+0x2f/0x90 [ 83.303662] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.304056] __x64_sys_ioctl+0x1a3/0x230 [ 83.304397] do_syscall_64+0x3b/0x90 [ 83.304714] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.305139] RIP: 0033:0x7f4b8743ee5d [ 83.305439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.306919] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.307554] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.308132] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.308705] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.309280] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.309852] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.310431] [ 83.310648] irq event stamp: 0 [ 83.310908] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.311430] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.312113] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.312809] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.313319] ---[ end trace 0000000000000000 ]--- [ 83.316612] ------------[ cut here ]------------ [ 83.317016] WARNING: CPU: 0 PID: 708 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.318030] Modules linked in: [ 83.318369] CPU: 0 PID: 708 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.319207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.320117] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.320522] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.321988] RSP: 0018:ffff888013a57bd0 EFLAGS: 00010246 [ 83.322423] RAX: 0000000000000000 RBX: ffff8880171bc8a8 RCX: 0000000000000000 [ 83.323052] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 83.323679] RBP: ffff888013a57be8 R08: ffffed1002e37933 R09: ffffed1002e37933 [ 83.324295] R10: ffff8880171bc993 R11: ffffed1002e37932 R12: ffff888021bae400 [ 83.324901] R13: ffff8880171bc9e8 R14: ffff888020dddb00 R15: 0000000000000000 [ 83.325496] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.326176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.326693] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.327291] PKRU: 55555554 [ 83.327502] Call Trace: [ 83.327697] [ 83.327892] iommufd_access_destroy_object+0x65/0x170 [ 83.328335] iommufd_object_destroy_user+0x18e/0x220 [ 83.328772] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.329267] iommufd_access_destroy+0x43/0x70 [ 83.329658] iommufd_test_staccess_release+0x8d/0xd0 [ 83.330112] __fput+0x26d/0xa40 [ 83.330429] ____fput+0x1e/0x30 [ 83.330761] task_work_run+0x1a4/0x2d0 [ 83.331135] ? __pfx_task_work_run+0x10/0x10 [ 83.331534] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.331973] ? switch_task_namespaces+0xa9/0xe0 [ 83.332389] do_exit+0xb17/0x2ef0 [ 83.332696] ? lock_acquire+0x427/0x4c0 [ 83.333057] ? __pfx_lock_release+0x10/0x10 [ 83.333442] ? __kasan_check_write+0x18/0x20 [ 83.333833] ? do_raw_spin_lock+0x132/0x2a0 [ 83.334217] ? __pfx_do_exit+0x10/0x10 [ 83.334595] ? debug_smp_processor_id+0x20/0x30 [ 83.335013] ? rcu_is_watching+0x19/0xb0 [ 83.335393] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.335799] ? trace_hardirqs_on+0x26/0x120 [ 83.336189] do_group_exit+0xe0/0x2b0 [ 83.336529] __x64_sys_exit_group+0x47/0x50 [ 83.336903] do_syscall_64+0x3b/0x90 [ 83.337240] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.337701] RIP: 0033:0x7f4b87518a4d [ 83.338031] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.338590] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.339268] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.339889] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.340508] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.341133] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.341756] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.342385] [ 83.342621] irq event stamp: 0 [ 83.342902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.343466] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.344193] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.344917] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.345464] ---[ end trace 0000000000000000 ]--- [ 83.346774] ------------[ cut here ]------------ [ 83.347215] WARNING: CPU: 0 PID: 708 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.348108] Modules linked in: [ 83.348396] CPU: 0 PID: 708 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.349170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.350392] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.350943] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.352751] RSP: 0018:ffff888013a57b78 EFLAGS: 00010246 [ 83.353244] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.353902] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 83.354603] RBP: ffff888013a57b98 R08: ffffed1002e3793e R09: ffffed1002e3793e [ 83.355307] R10: ffff8880171bc9ef R11: ffffed1002e3793d R12: ffff8880171bca90 [ 83.355972] R13: ffff8880171bc8a8 R14: ffffffffffffffff R15: ffff888013a57c60 [ 83.356627] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.357365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.357901] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.358592] PKRU: 55555554 [ 83.358863] Call Trace: [ 83.359103] [ 83.359340] iommufd_ioas_destroy+0x53/0x70 [ 83.359756] iommufd_fops_release+0x1f7/0x370 [ 83.360179] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.360649] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.361112] ? write_comp_data+0x2f/0x90 [ 83.361498] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.361966] __fput+0x26d/0xa40 [ 83.362290] ____fput+0x1e/0x30 [ 83.362644] task_work_run+0x1a4/0x2d0 [ 83.363018] ? __pfx_task_work_run+0x10/0x10 [ 83.363450] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.363911] ? switch_task_namespaces+0xa9/0xe0 [ 83.364355] do_exit+0xb17/0x2ef0 [ 83.364686] ? lock_acquire+0x427/0x4c0 [ 83.365066] ? __pfx_lock_release+0x10/0x10 [ 83.365473] ? __kasan_check_write+0x18/0x20 [ 83.365890] ? do_raw_spin_lock+0x132/0x2a0 [ 83.366294] ? __pfx_do_exit+0x10/0x10 [ 83.366695] ? debug_smp_processor_id+0x20/0x30 [ 83.367157] ? rcu_is_watching+0x19/0xb0 [ 83.367543] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.367999] ? trace_hardirqs_on+0x26/0x120 [ 83.368419] do_group_exit+0xe0/0x2b0 [ 83.368790] __x64_sys_exit_group+0x47/0x50 [ 83.369198] do_syscall_64+0x3b/0x90 [ 83.369558] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.370054] RIP: 0033:0x7f4b87518a4d [ 83.370404] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.371000] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.371717] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.372376] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.373040] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.373697] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.374356] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.375054] [ 83.375297] irq event stamp: 0 [ 83.375591] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.376178] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.376960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.377747] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.378346] ---[ end trace 0000000000000000 ]--- [ 83.383252] ------------[ cut here ]------------ [ 83.383739] WARNING: CPU: 0 PID: 709 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.384995] Modules linked in: [ 83.385305] CPU: 0 PID: 709 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.386131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.387573] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.388067] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.389803] RSP: 0018:ffff888018517bb8 EFLAGS: 00010246 [ 83.390314] RAX: 0000000000000000 RBX: ffff888013bed8a8 RCX: 0000000000000000 [ 83.391038] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 83.391732] RBP: ffff888018517bd0 R08: ffffed100277db33 R09: ffffed100277db33 [ 83.392406] R10: ffff888013bed993 R11: ffffed100277db32 R12: ffff888021bbfc00 [ 83.393077] R13: ffff888013bed9e8 R14: ffffffff8352e670 R15: ffff888018517e68 [ 83.393750] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.394541] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.395089] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 83.395803] PKRU: 55555554 [ 83.396073] Call Trace: [ 83.396318] [ 83.396536] __iommufd_access_detach+0x1c2/0x2b0 [ 83.397005] iommufd_access_change_pt+0x149/0x270 [ 83.397474] iommufd_access_replace+0xb4/0x120 [ 83.397926] iommufd_test+0x3e5/0x37e0 [ 83.398296] ? lock_release+0x532/0x770 [ 83.398725] ? __might_fault+0x102/0x1b0 [ 83.399142] ? lock_acquire+0x427/0x4c0 [ 83.399531] ? __pfx_iommufd_test+0x10/0x10 [ 83.399948] ? __pfx_lock_release+0x10/0x10 [ 83.400371] ? __pfx_lock_acquire+0x10/0x10 [ 83.400795] ? write_comp_data+0x2f/0x90 [ 83.401200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.401674] ? write_comp_data+0x2f/0x90 [ 83.402073] iommufd_fops_ioctl+0x37d/0x510 [ 83.402490] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.403003] ? write_comp_data+0x2f/0x90 [ 83.403419] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.403886] __x64_sys_ioctl+0x1a3/0x230 [ 83.404282] do_syscall_64+0x3b/0x90 [ 83.404646] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.405140] RIP: 0033:0x7f4b8743ee5d [ 83.405490] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.407239] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.407968] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.408644] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.409310] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.409977] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.410680] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.411384] [ 83.411609] irq event stamp: 0 [ 83.411910] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.412504] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.413296] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.414082] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.414702] ---[ end trace 0000000000000000 ]--- [ 83.418119] ------------[ cut here ]------------ [ 83.418806] WARNING: CPU: 0 PID: 709 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.419781] Modules linked in: [ 83.420086] CPU: 0 PID: 709 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.421003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.422245] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.422759] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.424529] RSP: 0018:ffff888018517bd0 EFLAGS: 00010246 [ 83.425047] RAX: 0000000000000000 RBX: ffff888013bed8a8 RCX: 0000000000000000 [ 83.426039] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 83.426755] RBP: ffff888018517be8 R08: ffffed100277db33 R09: ffffed100277db33 [ 83.427457] R10: ffff888013bed993 R11: ffffed100277db32 R12: ffff8880129c5400 [ 83.428155] R13: ffff888013bed9e8 R14: ffff88800fa0b100 R15: 0000000000000000 [ 83.429143] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.429913] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.430536] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 83.431291] PKRU: 55555554 [ 83.431587] Call Trace: [ 83.431854] [ 83.432088] iommufd_access_destroy_object+0x65/0x170 [ 83.432638] iommufd_object_destroy_user+0x18e/0x220 [ 83.433172] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.433776] iommufd_access_destroy+0x43/0x70 [ 83.434250] iommufd_test_staccess_release+0x8d/0xd0 [ 83.434820] __fput+0x26d/0xa40 [ 83.435198] ____fput+0x1e/0x30 [ 83.435549] task_work_run+0x1a4/0x2d0 [ 83.435969] ? __pfx_task_work_run+0x10/0x10 [ 83.436436] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.436950] ? switch_task_namespaces+0xa9/0xe0 [ 83.437444] do_exit+0xb17/0x2ef0 [ 83.437804] ? lock_acquire+0x427/0x4c0 [ 83.438224] ? __pfx_lock_release+0x10/0x10 [ 83.438708] ? __kasan_check_write+0x18/0x20 [ 83.439189] ? do_raw_spin_lock+0x132/0x2a0 [ 83.439638] ? __pfx_do_exit+0x10/0x10 [ 83.440053] ? debug_smp_processor_id+0x20/0x30 [ 83.440547] ? rcu_is_watching+0x19/0xb0 [ 83.440972] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.441529] ? trace_hardirqs_on+0x26/0x120 [ 83.442126] do_group_exit+0xe0/0x2b0 [ 83.442847] __x64_sys_exit_group+0x47/0x50 [ 83.443331] do_syscall_64+0x3b/0x90 [ 83.443733] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.444283] RIP: 0033:0x7f4b87518a4d [ 83.444671] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.445356] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.446442] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.447230] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.447955] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.448690] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.449675] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.450601] [ 83.450856] irq event stamp: 0 [ 83.451206] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.451867] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.453023] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.454116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.454798] ---[ end trace 0000000000000000 ]--- [ 83.456504] ------------[ cut here ]------------ [ 83.457013] WARNING: CPU: 0 PID: 709 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.458196] Modules linked in: [ 83.458691] CPU: 0 PID: 709 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.459803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.461085] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.461814] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.463904] RSP: 0018:ffff888018517b78 EFLAGS: 00010246 [ 83.464467] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.465204] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 83.465944] RBP: ffff888018517b98 R08: ffffed100277db3e R09: ffffed100277db3e [ 83.466699] R10: ffff888013bed9ef R11: ffffed100277db3d R12: ffff888013beda90 [ 83.467453] R13: ffff888013bed8a8 R14: ffffffffffffffff R15: ffff888018517c60 [ 83.468186] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 83.469009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.469606] CR2: 00007f82e2b3b000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 83.470356] PKRU: 55555554 [ 83.470684] Call Trace: [ 83.470950] [ 83.471212] iommufd_ioas_destroy+0x53/0x70 [ 83.471675] iommufd_fops_release+0x1f7/0x370 [ 83.472146] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.472667] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.473183] ? write_comp_data+0x2f/0x90 [ 83.473620] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.474146] __fput+0x26d/0xa40 [ 83.474526] ____fput+0x1e/0x30 [ 83.474883] task_work_run+0x1a4/0x2d0 [ 83.475307] ? __pfx_task_work_run+0x10/0x10 [ 83.475772] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.476289] ? switch_task_namespaces+0xa9/0xe0 [ 83.476791] do_exit+0xb17/0x2ef0 [ 83.477160] ? lock_acquire+0x427/0x4c0 [ 83.477589] ? __pfx_lock_release+0x10/0x10 [ 83.478040] ? __kasan_check_write+0x18/0x20 [ 83.478526] ? do_raw_spin_lock+0x132/0x2a0 [ 83.478978] ? __pfx_do_exit+0x10/0x10 [ 83.479408] ? debug_smp_processor_id+0x20/0x30 [ 83.479890] ? rcu_is_watching+0x19/0xb0 [ 83.480307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.480771] ? trace_hardirqs_on+0x26/0x120 [ 83.481219] do_group_exit+0xe0/0x2b0 [ 83.481608] __x64_sys_exit_group+0x47/0x50 [ 83.482051] do_syscall_64+0x3b/0x90 [ 83.482444] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.483004] RIP: 0033:0x7f4b87518a4d [ 83.483408] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.484041] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.484824] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.485550] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.486275] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.487031] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.487770] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.488509] [ 83.488750] irq event stamp: 0 [ 83.489077] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.489721] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.490607] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.491474] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.492122] ---[ end trace 0000000000000000 ]--- [ 83.501655] ------------[ cut here ]------------ [ 83.502767] WARNING: CPU: 1 PID: 710 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.504456] Modules linked in: [ 83.504904] CPU: 1 PID: 710 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.506243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.508046] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.509067] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.511840] RSP: 0018:ffff888021b67bb8 EFLAGS: 00010246 [ 83.512548] RAX: 0000000000000000 RBX: ffff888012b030a8 RCX: 0000000000000000 [ 83.513465] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 83.514381] RBP: ffff888021b67bd0 R08: ffffed1002560633 R09: ffffed1002560633 [ 83.515363] R10: ffff888012b03193 R11: ffffed1002560632 R12: ffff888021bc7c00 [ 83.516136] R13: ffff888012b031e8 R14: ffffffff8352e670 R15: ffff888021b67e68 [ 83.516801] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.517533] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.518064] CR2: 00007f4b877410e8 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 83.518764] PKRU: 55555554 [ 83.519030] Call Trace: [ 83.519279] [ 83.519486] __iommufd_access_detach+0x1c2/0x2b0 [ 83.519936] iommufd_access_change_pt+0x149/0x270 [ 83.520382] iommufd_access_replace+0xb4/0x120 [ 83.520806] iommufd_test+0x3e5/0x37e0 [ 83.521157] ? lock_release+0x532/0x770 [ 83.521527] ? __might_fault+0x102/0x1b0 [ 83.521901] ? lock_acquire+0x427/0x4c0 [ 83.522271] ? __pfx_iommufd_test+0x10/0x10 [ 83.522691] ? __pfx_lock_release+0x10/0x10 [ 83.523091] ? __pfx_lock_acquire+0x10/0x10 [ 83.523500] ? write_comp_data+0x2f/0x90 [ 83.523873] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.524294] ? write_comp_data+0x2f/0x90 [ 83.524653] iommufd_fops_ioctl+0x37d/0x510 [ 83.525032] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.525466] ? write_comp_data+0x2f/0x90 [ 83.525825] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.526245] __x64_sys_ioctl+0x1a3/0x230 [ 83.526627] do_syscall_64+0x3b/0x90 [ 83.526961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.527423] RIP: 0033:0x7f4b8743ee5d [ 83.527747] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.529304] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.529953] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.530577] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.531194] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.531804] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.532415] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.533038] [ 83.533240] irq event stamp: 0 [ 83.533510] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.534049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.534787] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.535507] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.536047] ---[ end trace 0000000000000000 ]--- [ 83.539039] ------------[ cut here ]------------ [ 83.539492] WARNING: CPU: 1 PID: 710 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.540351] Modules linked in: [ 83.540627] CPU: 1 PID: 710 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.541367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.542325] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.542790] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.544350] RSP: 0018:ffff888021b67bd0 EFLAGS: 00010246 [ 83.544780] RAX: 0000000000000000 RBX: ffff888012b030a8 RCX: 0000000000000000 [ 83.545354] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 83.545929] RBP: ffff888021b67be8 R08: ffffed1002560633 R09: ffffed1002560633 [ 83.546538] R10: ffff888012b03193 R11: ffffed1002560632 R12: ffff88800a726400 [ 83.547126] R13: ffff888012b031e8 R14: ffff88800fa33000 R15: 0000000000000000 [ 83.547700] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.548345] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.548812] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.549379] PKRU: 55555554 [ 83.549609] Call Trace: [ 83.549817] [ 83.550001] iommufd_access_destroy_object+0x65/0x170 [ 83.550422] iommufd_object_destroy_user+0x18e/0x220 [ 83.550869] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.551358] iommufd_access_destroy+0x43/0x70 [ 83.551735] iommufd_test_staccess_release+0x8d/0xd0 [ 83.552157] __fput+0x26d/0xa40 [ 83.552440] ____fput+0x1e/0x30 [ 83.552717] task_work_run+0x1a4/0x2d0 [ 83.553045] ? __pfx_task_work_run+0x10/0x10 [ 83.553410] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.553816] ? switch_task_namespaces+0xa9/0xe0 [ 83.554207] do_exit+0xb17/0x2ef0 [ 83.554491] ? lock_acquire+0x427/0x4c0 [ 83.554848] ? __pfx_lock_release+0x10/0x10 [ 83.555216] ? __kasan_check_write+0x18/0x20 [ 83.555584] ? do_raw_spin_lock+0x132/0x2a0 [ 83.555939] ? __pfx_do_exit+0x10/0x10 [ 83.556265] ? debug_smp_processor_id+0x20/0x30 [ 83.556649] ? rcu_is_watching+0x19/0xb0 [ 83.556982] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.557357] ? trace_hardirqs_on+0x26/0x120 [ 83.557719] do_group_exit+0xe0/0x2b0 [ 83.558030] __x64_sys_exit_group+0x47/0x50 [ 83.558378] do_syscall_64+0x3b/0x90 [ 83.558707] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.559144] RIP: 0033:0x7f4b87518a4d [ 83.559448] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.559944] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.560556] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.561128] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.561700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.562274] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.562868] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.563466] [ 83.563658] irq event stamp: 0 [ 83.563916] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.564428] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.565106] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.565777] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.566283] ---[ end trace 0000000000000000 ]--- [ 83.567020] ------------[ cut here ]------------ [ 83.567411] WARNING: CPU: 1 PID: 710 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.568232] Modules linked in: [ 83.568493] CPU: 1 PID: 710 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.569195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.570105] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.570542] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.572023] RSP: 0018:ffff888021b67b78 EFLAGS: 00010246 [ 83.572454] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.573028] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 83.573597] RBP: ffff888021b67b98 R08: ffffed100256063e R09: ffffed100256063e [ 83.574167] R10: ffff888012b031ef R11: ffffed100256063d R12: ffff888012b03290 [ 83.574756] R13: ffff888012b030a8 R14: ffffffffffffffff R15: ffff888021b67c60 [ 83.575344] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.575995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.576463] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.577037] PKRU: 55555554 [ 83.577266] Call Trace: [ 83.577474] [ 83.577660] iommufd_ioas_destroy+0x53/0x70 [ 83.578011] iommufd_fops_release+0x1f7/0x370 [ 83.578372] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.578785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.579191] ? write_comp_data+0x2f/0x90 [ 83.579519] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.579917] __fput+0x26d/0xa40 [ 83.580197] ____fput+0x1e/0x30 [ 83.580467] task_work_run+0x1a4/0x2d0 [ 83.580782] ? __pfx_task_work_run+0x10/0x10 [ 83.581137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.581530] ? switch_task_namespaces+0xa9/0xe0 [ 83.581911] do_exit+0xb17/0x2ef0 [ 83.582187] ? lock_acquire+0x427/0x4c0 [ 83.582531] ? __pfx_lock_release+0x10/0x10 [ 83.582883] ? __kasan_check_write+0x18/0x20 [ 83.583248] ? do_raw_spin_lock+0x132/0x2a0 [ 83.583596] ? __pfx_do_exit+0x10/0x10 [ 83.583923] ? debug_smp_processor_id+0x20/0x30 [ 83.584299] ? rcu_is_watching+0x19/0xb0 [ 83.584628] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.584997] ? trace_hardirqs_on+0x26/0x120 [ 83.585341] do_group_exit+0xe0/0x2b0 [ 83.585640] __x64_sys_exit_group+0x47/0x50 [ 83.585975] do_syscall_64+0x3b/0x90 [ 83.586273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.586701] RIP: 0033:0x7f4b87518a4d [ 83.586994] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.587480] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.588069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.588619] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.589166] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.589719] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.590269] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.590845] [ 83.591028] irq event stamp: 0 [ 83.591282] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.591770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.592422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.593068] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.593553] ---[ end trace 0000000000000000 ]--- [ 83.598207] ------------[ cut here ]------------ [ 83.598662] WARNING: CPU: 1 PID: 711 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.599464] Modules linked in: [ 83.599713] CPU: 1 PID: 711 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.600381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.601250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.601636] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.603127] RSP: 0018:ffff88801619fbb8 EFLAGS: 00010246 [ 83.603544] RAX: 0000000000000000 RBX: ffff8880167208a8 RCX: 0000000000000000 [ 83.604094] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 83.604643] RBP: ffff88801619fbd0 R08: ffffed1002ce4133 R09: ffffed1002ce4133 [ 83.605193] R10: ffff888016720993 R11: ffffed1002ce4132 R12: ffff88800efcc800 [ 83.605741] R13: ffff8880167209e8 R14: ffffffff8352e670 R15: ffff88801619fe68 [ 83.606295] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.606939] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.607399] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 83.607950] PKRU: 55555554 [ 83.608169] Call Trace: [ 83.608368] [ 83.608542] __iommufd_access_detach+0x1c2/0x2b0 [ 83.608925] iommufd_access_change_pt+0x149/0x270 [ 83.609312] iommufd_access_replace+0xb4/0x120 [ 83.609679] iommufd_test+0x3e5/0x37e0 [ 83.609986] ? lock_release+0x532/0x770 [ 83.610311] ? __might_fault+0x102/0x1b0 [ 83.610657] ? lock_acquire+0x427/0x4c0 [ 83.610983] ? __pfx_iommufd_test+0x10/0x10 [ 83.611332] ? __pfx_lock_release+0x10/0x10 [ 83.611679] ? __pfx_lock_acquire+0x10/0x10 [ 83.612024] ? write_comp_data+0x2f/0x90 [ 83.612352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.612736] ? write_comp_data+0x2f/0x90 [ 83.613066] iommufd_fops_ioctl+0x37d/0x510 [ 83.613411] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.613801] ? write_comp_data+0x2f/0x90 [ 83.614131] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.614537] __x64_sys_ioctl+0x1a3/0x230 [ 83.614873] do_syscall_64+0x3b/0x90 [ 83.615185] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.615602] RIP: 0033:0x7f4b8743ee5d [ 83.615897] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.617303] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.617893] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.618447] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.619019] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.619591] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.620141] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.620704] [ 83.620888] irq event stamp: 0 [ 83.621133] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.621626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.622276] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.622946] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.623448] ---[ end trace 0000000000000000 ]--- [ 83.626193] ------------[ cut here ]------------ [ 83.626616] WARNING: CPU: 1 PID: 711 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.627410] Modules linked in: [ 83.627665] CPU: 1 PID: 711 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.628741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.629707] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.630172] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.631738] RSP: 0018:ffff88801619fbd0 EFLAGS: 00010246 [ 83.632150] RAX: 0000000000000000 RBX: ffff8880167208a8 RCX: 0000000000000000 [ 83.632771] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 83.633355] RBP: ffff88801619fbe8 R08: ffffed1002ce4133 R09: ffffed1002ce4133 [ 83.633926] R10: ffff888016720993 R11: ffffed1002ce4132 R12: ffff888021bc5400 [ 83.634625] R13: ffff8880167209e8 R14: ffff8880143e1200 R15: 0000000000000000 [ 83.635198] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.635804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.636398] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.636954] PKRU: 55555554 [ 83.637199] Call Trace: [ 83.637433] [ 83.637659] iommufd_access_destroy_object+0x65/0x170 [ 83.638071] iommufd_object_destroy_user+0x18e/0x220 [ 83.638561] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.639051] iommufd_access_destroy+0x43/0x70 [ 83.639417] iommufd_test_staccess_release+0x8d/0xd0 [ 83.639817] __fput+0x26d/0xa40 [ 83.640152] ____fput+0x1e/0x30 [ 83.640472] task_work_run+0x1a4/0x2d0 [ 83.640780] ? __pfx_task_work_run+0x10/0x10 [ 83.641191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.641629] ? switch_task_namespaces+0xa9/0xe0 [ 83.641994] do_exit+0xb17/0x2ef0 [ 83.642343] ? lock_acquire+0x427/0x4c0 [ 83.642743] ? __pfx_lock_release+0x10/0x10 [ 83.643081] ? __kasan_check_write+0x18/0x20 [ 83.643432] ? do_raw_spin_lock+0x132/0x2a0 [ 83.643790] ? __pfx_do_exit+0x10/0x10 [ 83.644164] ? debug_smp_processor_id+0x20/0x30 [ 83.644533] ? rcu_is_watching+0x19/0xb0 [ 83.644860] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.645390] ? trace_hardirqs_on+0x26/0x120 [ 83.645736] do_group_exit+0xe0/0x2b0 [ 83.646049] __x64_sys_exit_group+0x47/0x50 [ 83.646531] do_syscall_64+0x3b/0x90 [ 83.646842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.647277] RIP: 0033:0x7f4b87518a4d [ 83.647591] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.648158] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.648766] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.649404] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.649989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.650613] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.651173] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.651844] [ 83.652028] irq event stamp: 0 [ 83.652272] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.652870] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.653512] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.654274] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.654815] ---[ end trace 0000000000000000 ]--- [ 83.655584] ------------[ cut here ]------------ [ 83.655954] WARNING: CPU: 1 PID: 711 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.656857] Modules linked in: [ 83.657107] CPU: 1 PID: 711 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.657910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.658866] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.659307] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.660821] RSP: 0018:ffff88801619fb78 EFLAGS: 00010246 [ 83.661295] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.661896] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 83.662476] RBP: ffff88801619fb98 R08: ffffed1002ce413e R09: ffffed1002ce413e [ 83.663156] R10: ffff8880167209ef R11: ffffed1002ce413d R12: ffff888016720a90 [ 83.663716] R13: ffff8880167208a8 R14: ffffffffffffffff R15: ffff88801619fc60 [ 83.664383] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.665020] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.665555] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.666110] PKRU: 55555554 [ 83.666401] Call Trace: [ 83.666666] [ 83.666848] iommufd_ioas_destroy+0x53/0x70 [ 83.667204] iommufd_fops_release+0x1f7/0x370 [ 83.667564] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.668070] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.668470] ? write_comp_data+0x2f/0x90 [ 83.668794] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.669194] __fput+0x26d/0xa40 [ 83.669474] ____fput+0x1e/0x30 [ 83.669741] task_work_run+0x1a4/0x2d0 [ 83.670052] ? __pfx_task_work_run+0x10/0x10 [ 83.670400] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.670809] ? switch_task_namespaces+0xa9/0xe0 [ 83.671202] do_exit+0xb17/0x2ef0 [ 83.671480] ? lock_acquire+0x427/0x4c0 [ 83.671801] ? __pfx_lock_release+0x10/0x10 [ 83.672151] ? __kasan_check_write+0x18/0x20 [ 83.672503] ? do_raw_spin_lock+0x132/0x2a0 [ 83.672846] ? __pfx_do_exit+0x10/0x10 [ 83.673165] ? debug_smp_processor_id+0x20/0x30 [ 83.673538] ? rcu_is_watching+0x19/0xb0 [ 83.673868] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.674234] ? trace_hardirqs_on+0x26/0x120 [ 83.674601] do_group_exit+0xe0/0x2b0 [ 83.674909] __x64_sys_exit_group+0x47/0x50 [ 83.675258] do_syscall_64+0x3b/0x90 [ 83.675564] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.675978] RIP: 0033:0x7f4b87518a4d [ 83.676276] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.676763] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.677417] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.677984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.678566] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.679134] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.679694] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.680266] [ 83.680448] irq event stamp: 0 [ 83.680703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.681203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.681866] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.682549] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.683041] ---[ end trace 0000000000000000 ]--- [ 83.687197] ------------[ cut here ]------------ [ 83.687593] WARNING: CPU: 1 PID: 712 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.688381] Modules linked in: [ 83.688634] CPU: 1 PID: 712 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.689303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.690179] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.690621] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.692071] RSP: 0018:ffff8880163b7bb8 EFLAGS: 00010246 [ 83.692490] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 83.693055] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 83.693618] RBP: ffff8880163b7bd0 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 83.694174] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff888013b17c00 [ 83.694757] R13: ffff888017a471e8 R14: ffffffff8352e670 R15: ffff8880163b7e68 [ 83.695329] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.695967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.696423] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ee0 [ 83.696985] PKRU: 55555554 [ 83.697210] Call Trace: [ 83.697410] [ 83.697591] __iommufd_access_detach+0x1c2/0x2b0 [ 83.697985] iommufd_access_change_pt+0x149/0x270 [ 83.698389] iommufd_access_replace+0xb4/0x120 [ 83.698782] iommufd_test+0x3e5/0x37e0 [ 83.699096] ? lock_release+0x532/0x770 [ 83.699438] ? __might_fault+0x102/0x1b0 [ 83.699773] ? lock_acquire+0x427/0x4c0 [ 83.700096] ? __pfx_iommufd_test+0x10/0x10 [ 83.700441] ? __pfx_lock_release+0x10/0x10 [ 83.700793] ? __pfx_lock_acquire+0x10/0x10 [ 83.701147] ? write_comp_data+0x2f/0x90 [ 83.701481] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.701868] ? write_comp_data+0x2f/0x90 [ 83.702278] iommufd_fops_ioctl+0x37d/0x510 [ 83.702644] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.703034] ? write_comp_data+0x2f/0x90 [ 83.703374] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.703755] __x64_sys_ioctl+0x1a3/0x230 [ 83.704083] do_syscall_64+0x3b/0x90 [ 83.704395] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.704807] RIP: 0033:0x7f4b8743ee5d [ 83.705098] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.706543] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.707155] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.707714] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.708267] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.708823] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.709419] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.709995] [ 83.710184] irq event stamp: 0 [ 83.710437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.710960] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.711969] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.712906] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.713605] ---[ end trace 0000000000000000 ]--- [ 83.717985] ------------[ cut here ]------------ [ 83.718573] WARNING: CPU: 1 PID: 712 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.719715] Modules linked in: [ 83.720080] CPU: 1 PID: 712 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.721044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.722290] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.722891] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.724931] RSP: 0018:ffff8880163b7bd0 EFLAGS: 00010246 [ 83.725533] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 83.726324] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 83.727165] RBP: ffff8880163b7be8 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 83.727959] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff88800efcec00 [ 83.728750] R13: ffff888017a471e8 R14: ffff88800fd1b600 R15: 0000000000000000 [ 83.729540] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.730427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.731105] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.731918] PKRU: 55555554 [ 83.732239] Call Trace: [ 83.732531] [ 83.732791] iommufd_access_destroy_object+0x65/0x170 [ 83.733378] iommufd_object_destroy_user+0x18e/0x220 [ 83.733957] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.734652] iommufd_access_destroy+0x43/0x70 [ 83.735192] iommufd_test_staccess_release+0x8d/0xd0 [ 83.735778] __fput+0x26d/0xa40 [ 83.736175] ____fput+0x1e/0x30 [ 83.736564] task_work_run+0x1a4/0x2d0 [ 83.737017] ? __pfx_task_work_run+0x10/0x10 [ 83.737517] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.738067] ? switch_task_namespaces+0xa9/0xe0 [ 83.738636] do_exit+0xb17/0x2ef0 [ 83.739031] ? lock_acquire+0x427/0x4c0 [ 83.739502] ? __pfx_lock_release+0x10/0x10 [ 83.739992] ? __kasan_check_write+0x18/0x20 [ 83.740489] ? do_raw_spin_lock+0x132/0x2a0 [ 83.740974] ? __pfx_do_exit+0x10/0x10 [ 83.741421] ? debug_smp_processor_id+0x20/0x30 [ 83.741946] ? rcu_is_watching+0x19/0xb0 [ 83.742401] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.742951] ? trace_hardirqs_on+0x26/0x120 [ 83.743457] do_group_exit+0xe0/0x2b0 [ 83.743887] __x64_sys_exit_group+0x47/0x50 [ 83.744366] do_syscall_64+0x3b/0x90 [ 83.744794] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.745377] RIP: 0033:0x7f4b87518a4d [ 83.745794] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.746470] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.747338] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.748121] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.748898] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.749673] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.750452] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.751282] [ 83.751549] irq event stamp: 0 [ 83.751906] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.752598] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.753513] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.754424] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.755159] ---[ end trace 0000000000000000 ]--- [ 83.756282] ------------[ cut here ]------------ [ 83.756801] WARNING: CPU: 1 PID: 712 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.757905] Modules linked in: [ 83.758263] CPU: 1 PID: 712 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.759259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.760487] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.761057] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.763068] RSP: 0018:ffff8880163b7b78 EFLAGS: 00010246 [ 83.763671] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.764446] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 83.765224] RBP: ffff8880163b7b98 R08: ffffed1002f48e3e R09: ffffed1002f48e3e [ 83.766004] R10: ffff888017a471ef R11: ffffed1002f48e3d R12: ffff888017a47290 [ 83.766816] R13: ffff888017a470a8 R14: ffffffffffffffff R15: ffff8880163b7c60 [ 83.767586] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.768205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.768640] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.769170] PKRU: 55555554 [ 83.769381] Call Trace: [ 83.769573] [ 83.769743] iommufd_ioas_destroy+0x53/0x70 [ 83.770071] iommufd_fops_release+0x1f7/0x370 [ 83.770405] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.770807] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.771196] ? write_comp_data+0x2f/0x90 [ 83.771512] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.771886] __fput+0x26d/0xa40 [ 83.772144] ____fput+0x1e/0x30 [ 83.772400] task_work_run+0x1a4/0x2d0 [ 83.772696] ? __pfx_task_work_run+0x10/0x10 [ 83.773083] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.773450] ? switch_task_namespaces+0xa9/0xe0 [ 83.773809] do_exit+0xb17/0x2ef0 [ 83.774068] ? lock_acquire+0x427/0x4c0 [ 83.774371] ? __pfx_lock_release+0x10/0x10 [ 83.774719] ? __kasan_check_write+0x18/0x20 [ 83.775053] ? do_raw_spin_lock+0x132/0x2a0 [ 83.775381] ? __pfx_do_exit+0x10/0x10 [ 83.775686] ? debug_smp_processor_id+0x20/0x30 [ 83.776038] ? rcu_is_watching+0x19/0xb0 [ 83.776350] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.776691] ? trace_hardirqs_on+0x26/0x120 [ 83.777021] do_group_exit+0xe0/0x2b0 [ 83.777305] __x64_sys_exit_group+0x47/0x50 [ 83.777628] do_syscall_64+0x3b/0x90 [ 83.777919] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.778311] RIP: 0033:0x7f4b87518a4d [ 83.778616] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.779070] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.779648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.780166] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.780683] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.781203] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.781726] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.782258] [ 83.782434] irq event stamp: 0 [ 83.782686] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.783163] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.783788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.784415] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.784880] ---[ end trace 0000000000000000 ]--- [ 83.788608] ------------[ cut here ]------------ [ 83.788987] WARNING: CPU: 1 PID: 713 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.789722] Modules linked in: [ 83.789955] CPU: 1 PID: 713 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.790789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.791652] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.792024] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.793352] RSP: 0018:ffff88801818fbb8 EFLAGS: 00010246 [ 83.793742] RAX: 0000000000000000 RBX: ffff88801472e8a8 RCX: 0000000000000000 [ 83.794267] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 83.794816] RBP: ffff88801818fbd0 R08: ffffed10028e5d33 R09: ffffed10028e5d33 [ 83.795349] R10: ffff88801472e993 R11: ffffed10028e5d32 R12: ffff88801341f400 [ 83.795876] R13: ffff88801472e9e8 R14: ffffffff8352e670 R15: ffff88801818fe68 [ 83.796404] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.797001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.797432] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 83.797957] PKRU: 55555554 [ 83.798167] Call Trace: [ 83.798353] [ 83.798540] __iommufd_access_detach+0x1c2/0x2b0 [ 83.798904] iommufd_access_change_pt+0x149/0x270 [ 83.799272] iommufd_access_replace+0xb4/0x120 [ 83.799615] iommufd_test+0x3e5/0x37e0 [ 83.799898] ? lock_release+0x532/0x770 [ 83.800197] ? __might_fault+0x102/0x1b0 [ 83.800509] ? lock_acquire+0x427/0x4c0 [ 83.800816] ? __pfx_iommufd_test+0x10/0x10 [ 83.801136] ? __pfx_lock_release+0x10/0x10 [ 83.801454] ? __pfx_lock_acquire+0x10/0x10 [ 83.801782] ? write_comp_data+0x2f/0x90 [ 83.802089] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.802447] ? write_comp_data+0x2f/0x90 [ 83.802773] iommufd_fops_ioctl+0x37d/0x510 [ 83.803111] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.803480] ? write_comp_data+0x2f/0x90 [ 83.803791] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.804162] __x64_sys_ioctl+0x1a3/0x230 [ 83.804475] do_syscall_64+0x3b/0x90 [ 83.804760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.805217] RIP: 0033:0x7f4b8743ee5d [ 83.805488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.806864] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.807449] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.807974] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.808500] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.809019] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.809539] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.810066] [ 83.810240] irq event stamp: 0 [ 83.810475] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.810960] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.811594] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.812214] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.812700] ---[ end trace 0000000000000000 ]--- [ 83.815353] ------------[ cut here ]------------ [ 83.815724] WARNING: CPU: 1 PID: 713 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.816475] Modules linked in: [ 83.816722] CPU: 1 PID: 713 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.817369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.818210] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.818771] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.820145] RSP: 0018:ffff88801818fbd0 EFLAGS: 00010246 [ 83.820548] RAX: 0000000000000000 RBX: ffff88801472e8a8 RCX: 0000000000000000 [ 83.821078] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 83.821604] RBP: ffff88801818fbe8 R08: ffffed10028e5d33 R09: ffffed10028e5d33 [ 83.822133] R10: ffff88801472e993 R11: ffffed10028e5d32 R12: ffff888013b16000 [ 83.822678] R13: ffff88801472e9e8 R14: ffff8880139bb200 R15: 0000000000000000 [ 83.823229] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.823827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.824257] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.824791] PKRU: 55555554 [ 83.825004] Call Trace: [ 83.825192] [ 83.825364] iommufd_access_destroy_object+0x65/0x170 [ 83.825756] iommufd_object_destroy_user+0x18e/0x220 [ 83.826147] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.826621] iommufd_access_destroy+0x43/0x70 [ 83.826983] iommufd_test_staccess_release+0x8d/0xd0 [ 83.827382] __fput+0x26d/0xa40 [ 83.827642] ____fput+0x1e/0x30 [ 83.827898] task_work_run+0x1a4/0x2d0 [ 83.828197] ? __pfx_task_work_run+0x10/0x10 [ 83.828540] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.828921] ? switch_task_namespaces+0xa9/0xe0 [ 83.829285] do_exit+0xb17/0x2ef0 [ 83.829552] ? lock_acquire+0x427/0x4c0 [ 83.829857] ? __pfx_lock_release+0x10/0x10 [ 83.830183] ? __kasan_check_write+0x18/0x20 [ 83.830534] ? do_raw_spin_lock+0x132/0x2a0 [ 83.830861] ? __pfx_do_exit+0x10/0x10 [ 83.831169] ? debug_smp_processor_id+0x20/0x30 [ 83.831524] ? rcu_is_watching+0x19/0xb0 [ 83.831833] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.832179] ? trace_hardirqs_on+0x26/0x120 [ 83.832514] do_group_exit+0xe0/0x2b0 [ 83.832805] __x64_sys_exit_group+0x47/0x50 [ 83.833128] do_syscall_64+0x3b/0x90 [ 83.833416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.833813] RIP: 0033:0x7f4b87518a4d [ 83.834097] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.834581] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.835162] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.835701] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.836237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.836771] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.837382] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.837919] [ 83.838099] irq event stamp: 0 [ 83.838334] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.838824] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.839457] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.840073] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.840544] ---[ end trace 0000000000000000 ]--- [ 83.841203] ------------[ cut here ]------------ [ 83.841556] WARNING: CPU: 1 PID: 713 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.842319] Modules linked in: [ 83.842587] CPU: 1 PID: 713 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.843253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.844103] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.844497] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.845857] RSP: 0018:ffff88801818fb78 EFLAGS: 00010246 [ 83.846261] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.846809] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 83.847354] RBP: ffff88801818fb98 R08: ffffed10028e5d3e R09: ffffed10028e5d3e [ 83.847891] R10: ffff88801472e9ef R11: ffffed10028e5d3d R12: ffff88801472ea90 [ 83.848425] R13: ffff88801472e8a8 R14: ffffffffffffffff R15: ffff88801818fc60 [ 83.848966] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.849565] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.849995] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.850548] PKRU: 55555554 [ 83.850762] Call Trace: [ 83.850958] [ 83.851150] iommufd_ioas_destroy+0x53/0x70 [ 83.851491] iommufd_fops_release+0x1f7/0x370 [ 83.851837] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.852218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.852600] ? write_comp_data+0x2f/0x90 [ 83.852918] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.853301] __fput+0x26d/0xa40 [ 83.853569] ____fput+0x1e/0x30 [ 83.853829] task_work_run+0x1a4/0x2d0 [ 83.854131] ? __pfx_task_work_run+0x10/0x10 [ 83.854470] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.854871] ? switch_task_namespaces+0xa9/0xe0 [ 83.855255] do_exit+0xb17/0x2ef0 [ 83.855528] ? lock_acquire+0x427/0x4c0 [ 83.855840] ? __pfx_lock_release+0x10/0x10 [ 83.856174] ? __kasan_check_write+0x18/0x20 [ 83.856512] ? do_raw_spin_lock+0x132/0x2a0 [ 83.856847] ? __pfx_do_exit+0x10/0x10 [ 83.857150] ? debug_smp_processor_id+0x20/0x30 [ 83.857509] ? rcu_is_watching+0x19/0xb0 [ 83.857817] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.858165] ? trace_hardirqs_on+0x26/0x120 [ 83.858500] do_group_exit+0xe0/0x2b0 [ 83.858815] __x64_sys_exit_group+0x47/0x50 [ 83.859158] do_syscall_64+0x3b/0x90 [ 83.859451] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.859844] RIP: 0033:0x7f4b87518a4d [ 83.860128] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.860592] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.861167] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.861705] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.862238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.862795] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.863342] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.863881] [ 83.864061] irq event stamp: 0 [ 83.864303] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.864781] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.865410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.866039] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.866532] ---[ end trace 0000000000000000 ]--- [ 83.870694] ------------[ cut here ]------------ [ 83.871095] WARNING: CPU: 1 PID: 714 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.871865] Modules linked in: [ 83.872111] CPU: 1 PID: 714 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.872761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.873600] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.873971] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.875361] RSP: 0018:ffff888015897bb8 EFLAGS: 00010246 [ 83.875763] RAX: 0000000000000000 RBX: ffff888014ade0a8 RCX: 0000000000000000 [ 83.876295] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 83.876828] RBP: ffff888015897bd0 R08: ffffed100295bc33 R09: ffffed100295bc33 [ 83.877363] R10: ffff888014ade193 R11: ffffed100295bc32 R12: ffff888012eac400 [ 83.877894] R13: ffff888014ade1e8 R14: ffffffff8352e670 R15: ffff888015897e68 [ 83.878430] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.879047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.879498] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 83.880036] PKRU: 55555554 [ 83.880247] Call Trace: [ 83.880444] [ 83.880616] __iommufd_access_detach+0x1c2/0x2b0 [ 83.880986] iommufd_access_change_pt+0x149/0x270 [ 83.881362] iommufd_access_replace+0xb4/0x120 [ 83.881720] iommufd_test+0x3e5/0x37e0 [ 83.882018] ? lock_release+0x532/0x770 [ 83.882329] ? __might_fault+0x102/0x1b0 [ 83.882658] ? lock_acquire+0x427/0x4c0 [ 83.882972] ? __pfx_iommufd_test+0x10/0x10 [ 83.883303] ? __pfx_lock_release+0x10/0x10 [ 83.883641] ? __pfx_lock_acquire+0x10/0x10 [ 83.883976] ? write_comp_data+0x2f/0x90 [ 83.884292] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.884664] ? write_comp_data+0x2f/0x90 [ 83.884976] iommufd_fops_ioctl+0x37d/0x510 [ 83.885315] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.885694] ? write_comp_data+0x2f/0x90 [ 83.886011] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.886379] __x64_sys_ioctl+0x1a3/0x230 [ 83.886712] do_syscall_64+0x3b/0x90 [ 83.887008] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.887429] RIP: 0033:0x7f4b8743ee5d [ 83.887719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.889490] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.890112] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.890762] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.891309] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.891901] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.892465] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.893030] [ 83.893265] irq event stamp: 0 [ 83.893505] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.893981] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.894734] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.895367] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.895838] ---[ end trace 0000000000000000 ]--- [ 83.898492] ------------[ cut here ]------------ [ 83.898988] WARNING: CPU: 1 PID: 714 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.899766] Modules linked in: [ 83.900017] CPU: 1 PID: 714 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.900794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.901750] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.902198] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.903719] RSP: 0018:ffff888015897bd0 EFLAGS: 00010246 [ 83.904134] RAX: 0000000000000000 RBX: ffff888014ade0a8 RCX: 0000000000000000 [ 83.904681] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 83.905331] RBP: ffff888015897be8 R08: ffffed100295bc33 R09: ffffed100295bc33 [ 83.905876] R10: ffff888014ade193 R11: ffffed100295bc32 R12: ffff88801341d800 [ 83.906486] R13: ffff888014ade1e8 R14: ffff88800f211900 R15: 0000000000000000 [ 83.907126] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.907750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.908254] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.908855] PKRU: 55555554 [ 83.909075] Call Trace: [ 83.909278] [ 83.909484] iommufd_access_destroy_object+0x65/0x170 [ 83.909950] iommufd_object_destroy_user+0x18e/0x220 [ 83.910351] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 83.910850] iommufd_access_destroy+0x43/0x70 [ 83.911281] iommufd_test_staccess_release+0x8d/0xd0 [ 83.911689] __fput+0x26d/0xa40 [ 83.911963] ____fput+0x1e/0x30 [ 83.912223] task_work_run+0x1a4/0x2d0 [ 83.912533] ? __pfx_task_work_run+0x10/0x10 [ 83.912946] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.913356] ? switch_task_namespaces+0xa9/0xe0 [ 83.913725] do_exit+0xb17/0x2ef0 [ 83.913999] ? lock_acquire+0x427/0x4c0 [ 83.914372] ? __pfx_lock_release+0x10/0x10 [ 83.914759] ? __kasan_check_write+0x18/0x20 [ 83.915113] ? do_raw_spin_lock+0x132/0x2a0 [ 83.915452] ? __pfx_do_exit+0x10/0x10 [ 83.915768] ? debug_smp_processor_id+0x20/0x30 [ 83.916199] ? rcu_is_watching+0x19/0xb0 [ 83.916568] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.916926] ? trace_hardirqs_on+0x26/0x120 [ 83.917268] do_group_exit+0xe0/0x2b0 [ 83.917625] __x64_sys_exit_group+0x47/0x50 [ 83.918009] do_syscall_64+0x3b/0x90 [ 83.918305] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.918731] RIP: 0033:0x7f4b87518a4d [ 83.919018] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.919571] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.920215] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.920805] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.921417] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.921963] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.922654] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.923220] [ 83.923400] irq event stamp: 0 [ 83.923644] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.924224] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.924867] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.925630] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.926111] ---[ end trace 0000000000000000 ]--- [ 83.926825] ------------[ cut here ]------------ [ 83.927197] WARNING: CPU: 1 PID: 714 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 83.927969] Modules linked in: [ 83.928220] CPU: 1 PID: 714 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.929008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.929903] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 83.930368] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 83.931939] RSP: 0018:ffff888015897b78 EFLAGS: 00010246 [ 83.932406] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.933006] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 83.933621] RBP: ffff888015897b98 R08: ffffed100295bc3e R09: ffffed100295bc3e [ 83.934222] R10: ffff888014ade1ef R11: ffffed100295bc3d R12: ffff888014ade290 [ 83.934809] R13: ffff888014ade0a8 R14: ffffffffffffffff R15: ffff888015897c60 [ 83.935469] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.936088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.936597] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.937211] PKRU: 55555554 [ 83.937430] Call Trace: [ 83.937627] [ 83.937832] iommufd_ioas_destroy+0x53/0x70 [ 83.938278] iommufd_fops_release+0x1f7/0x370 [ 83.938658] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.939048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.939446] ? write_comp_data+0x2f/0x90 [ 83.939809] ? __pfx_iommufd_fops_release+0x10/0x10 [ 83.940325] __fput+0x26d/0xa40 [ 83.940599] ____fput+0x1e/0x30 [ 83.940861] task_work_run+0x1a4/0x2d0 [ 83.941199] ? __pfx_task_work_run+0x10/0x10 [ 83.941677] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.942061] ? switch_task_namespaces+0xa9/0xe0 [ 83.942431] do_exit+0xb17/0x2ef0 [ 83.942851] ? lock_acquire+0x427/0x4c0 [ 83.943183] ? __pfx_lock_release+0x10/0x10 [ 83.943526] ? __kasan_check_write+0x18/0x20 [ 83.943873] ? do_raw_spin_lock+0x132/0x2a0 [ 83.944213] ? __pfx_do_exit+0x10/0x10 [ 83.944588] ? debug_smp_processor_id+0x20/0x30 [ 83.945050] ? rcu_is_watching+0x19/0xb0 [ 83.945364] ? _raw_spin_unlock_irq+0x2b/0x60 [ 83.945722] ? trace_hardirqs_on+0x26/0x120 [ 83.946133] do_group_exit+0xe0/0x2b0 [ 83.946544] __x64_sys_exit_group+0x47/0x50 [ 83.946881] do_syscall_64+0x3b/0x90 [ 83.947193] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.947598] RIP: 0033:0x7f4b87518a4d [ 83.947941] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 83.948513] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 83.949096] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 83.949788] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 83.950337] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 83.950971] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 83.951594] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 83.952153] [ 83.952332] irq event stamp: 0 [ 83.952604] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.953220] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.953864] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.954685] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.955179] ---[ end trace 0000000000000000 ]--- [ 83.959242] ------------[ cut here ]------------ [ 83.959636] WARNING: CPU: 1 PID: 715 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.960565] Modules linked in: [ 83.960826] CPU: 1 PID: 715 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.961492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.962602] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.962988] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.964552] RSP: 0018:ffff888021a37bb8 EFLAGS: 00010246 [ 83.965066] RAX: 0000000000000000 RBX: ffff88800fb418a8 RCX: 0000000000000000 [ 83.965696] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 83.966245] RBP: ffff888021a37bd0 R08: ffffed1001f68333 R09: ffffed1001f68333 [ 83.966937] R10: ffff88800fb41993 R11: ffffed1001f68332 R12: ffff888013af8400 [ 83.967496] R13: ffff88800fb419e8 R14: ffffffff8352e670 R15: ffff888021a37e68 [ 83.968045] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.968668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.969289] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ee0 [ 83.969832] PKRU: 55555554 [ 83.970052] Call Trace: [ 83.970251] [ 83.970425] __iommufd_access_detach+0x1c2/0x2b0 [ 83.970873] iommufd_access_change_pt+0x149/0x270 [ 83.971329] iommufd_access_replace+0xb4/0x120 [ 83.971691] iommufd_test+0x3e5/0x37e0 [ 83.971995] ? lock_release+0x532/0x770 [ 83.972313] ? __might_fault+0x102/0x1b0 [ 83.972637] ? lock_acquire+0x427/0x4c0 [ 83.972958] ? __pfx_iommufd_test+0x10/0x10 [ 83.973328] ? __pfx_lock_release+0x10/0x10 [ 83.973803] ? __pfx_lock_acquire+0x10/0x10 [ 83.974153] ? write_comp_data+0x2f/0x90 [ 83.974483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 83.974895] ? write_comp_data+0x2f/0x90 [ 83.975235] iommufd_fops_ioctl+0x37d/0x510 [ 83.975582] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.976013] ? write_comp_data+0x2f/0x90 [ 83.976467] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 83.976849] __x64_sys_ioctl+0x1a3/0x230 [ 83.977181] do_syscall_64+0x3b/0x90 [ 83.977480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 83.977962] RIP: 0033:0x7f4b8743ee5d [ 83.978343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 83.979864] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 83.980579] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 83.981125] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 83.981669] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 83.982219] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 83.982947] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 83.983512] [ 83.983693] irq event stamp: 0 [ 83.983942] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 83.984427] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 83.985214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 83.985856] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 83.986357] ---[ end trace 0000000000000000 ]--- [ 83.989350] ------------[ cut here ]------------ [ 83.989742] WARNING: CPU: 1 PID: 715 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 83.990561] Modules linked in: [ 83.990811] CPU: 1 PID: 715 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 83.991504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 83.992378] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 83.992760] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 83.994162] RSP: 0018:ffff888021a37bd0 EFLAGS: 00010246 [ 83.994606] RAX: 0000000000000000 RBX: ffff88800fb418a8 RCX: 0000000000000000 [ 83.995270] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 83.995821] RBP: ffff888021a37be8 R08: ffffed1001f68333 R09: ffffed1001f68333 [ 83.996372] R10: ffff88800fb41993 R11: ffffed1001f68332 R12: ffff888012eac000 [ 83.996952] R13: ffff88800fb419e8 R14: ffff888013f64b00 R15: 0000000000000000 [ 83.997498] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 83.998121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.998591] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 83.999153] PKRU: 55555554 [ 83.999377] Call Trace: [ 83.999578] [ 83.999755] iommufd_access_destroy_object+0x65/0x170 [ 84.000163] iommufd_object_destroy_user+0x18e/0x220 [ 84.000565] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.001020] iommufd_access_destroy+0x43/0x70 [ 84.001380] iommufd_test_staccess_release+0x8d/0xd0 [ 84.001789] __fput+0x26d/0xa40 [ 84.002058] ____fput+0x1e/0x30 [ 84.002323] task_work_run+0x1a4/0x2d0 [ 84.002662] ? __pfx_task_work_run+0x10/0x10 [ 84.003013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.003421] ? switch_task_namespaces+0xa9/0xe0 [ 84.003795] do_exit+0xb17/0x2ef0 [ 84.004069] ? lock_acquire+0x427/0x4c0 [ 84.004389] ? __pfx_lock_release+0x10/0x10 [ 84.004734] ? __kasan_check_write+0x18/0x20 [ 84.005082] ? do_raw_spin_lock+0x132/0x2a0 [ 84.005427] ? __pfx_do_exit+0x10/0x10 [ 84.005743] ? debug_smp_processor_id+0x20/0x30 [ 84.006117] ? rcu_is_watching+0x19/0xb0 [ 84.006444] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.006833] ? trace_hardirqs_on+0x26/0x120 [ 84.007204] do_group_exit+0xe0/0x2b0 [ 84.007514] __x64_sys_exit_group+0x47/0x50 [ 84.007859] do_syscall_64+0x3b/0x90 [ 84.008168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.008589] RIP: 0033:0x7f4b87518a4d [ 84.008886] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.009384] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.009998] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.010587] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.011169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.011736] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.012305] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.012873] [ 84.013055] irq event stamp: 0 [ 84.013306] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.013808] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.014469] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.015164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.015662] ---[ end trace 0000000000000000 ]--- [ 84.016381] ------------[ cut here ]------------ [ 84.016753] WARNING: CPU: 1 PID: 715 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.017562] Modules linked in: [ 84.017824] CPU: 1 PID: 715 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.018538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.019438] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.019850] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.021283] RSP: 0018:ffff888021a37b78 EFLAGS: 00010246 [ 84.021706] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.022279] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 84.022872] RBP: ffff888021a37b98 R08: ffffed1001f6833e R09: ffffed1001f6833e [ 84.023443] R10: ffff88800fb419ef R11: ffffed1001f6833d R12: ffff88800fb41a90 [ 84.024012] R13: ffff88800fb418a8 R14: ffffffffffffffff R15: ffff888021a37c60 [ 84.024576] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.025224] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.025683] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.026253] PKRU: 55555554 [ 84.026482] Call Trace: [ 84.026710] [ 84.026893] iommufd_ioas_destroy+0x53/0x70 [ 84.027250] iommufd_fops_release+0x1f7/0x370 [ 84.027615] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.028021] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.028417] ? write_comp_data+0x2f/0x90 [ 84.028761] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.029222] __fput+0x26d/0xa40 [ 84.029502] ____fput+0x1e/0x30 [ 84.029773] task_work_run+0x1a4/0x2d0 [ 84.030094] ? __pfx_task_work_run+0x10/0x10 [ 84.030451] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.030871] ? switch_task_namespaces+0xa9/0xe0 [ 84.031262] do_exit+0xb17/0x2ef0 [ 84.031548] ? lock_acquire+0x427/0x4c0 [ 84.031871] ? __pfx_lock_release+0x10/0x10 [ 84.032227] ? __kasan_check_write+0x18/0x20 [ 84.032579] ? do_raw_spin_lock+0x132/0x2a0 [ 84.032932] ? __pfx_do_exit+0x10/0x10 [ 84.033251] ? debug_smp_processor_id+0x20/0x30 [ 84.033624] ? rcu_is_watching+0x19/0xb0 [ 84.033944] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.034309] ? trace_hardirqs_on+0x26/0x120 [ 84.034701] do_group_exit+0xe0/0x2b0 [ 84.035018] __x64_sys_exit_group+0x47/0x50 [ 84.035378] do_syscall_64+0x3b/0x90 [ 84.035686] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.036106] RIP: 0033:0x7f4b87518a4d [ 84.036406] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.036890] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.037487] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.038049] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.038622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.039192] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.039753] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.040306] [ 84.040490] irq event stamp: 0 [ 84.040738] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.041235] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.041885] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.042550] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.043034] ---[ end trace 0000000000000000 ]--- [ 84.047032] ------------[ cut here ]------------ [ 84.047448] WARNING: CPU: 1 PID: 716 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.048238] Modules linked in: [ 84.048491] CPU: 1 PID: 716 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.049154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.050011] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.050394] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.052019] RSP: 0018:ffff88800f7f7bb8 EFLAGS: 00010246 [ 84.052440] RAX: 0000000000000000 RBX: ffff8880167778a8 RCX: 0000000000000000 [ 84.052997] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 84.053547] RBP: ffff88800f7f7bd0 R08: ffffed1002ceef33 R09: ffffed1002ceef33 [ 84.054113] R10: ffff888016777993 R11: ffffed1002ceef32 R12: ffff888017ba4400 [ 84.054681] R13: ffff8880167779e8 R14: ffffffff8352e670 R15: ffff88800f7f7e68 [ 84.055243] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.055862] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.056306] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 84.056855] PKRU: 55555554 [ 84.057073] Call Trace: [ 84.057276] [ 84.057455] __iommufd_access_detach+0x1c2/0x2b0 [ 84.057847] iommufd_access_change_pt+0x149/0x270 [ 84.058231] iommufd_access_replace+0xb4/0x120 [ 84.058628] iommufd_test+0x3e5/0x37e0 [ 84.058942] ? lock_release+0x532/0x770 [ 84.059280] ? __might_fault+0x102/0x1b0 [ 84.059604] ? lock_acquire+0x427/0x4c0 [ 84.059933] ? __pfx_iommufd_test+0x10/0x10 [ 84.060271] ? __pfx_lock_release+0x10/0x10 [ 84.060613] ? __pfx_lock_acquire+0x10/0x10 [ 84.061015] ? write_comp_data+0x2f/0x90 [ 84.061347] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.061732] ? write_comp_data+0x2f/0x90 [ 84.062063] iommufd_fops_ioctl+0x37d/0x510 [ 84.062405] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.062812] ? write_comp_data+0x2f/0x90 [ 84.063155] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.063538] __x64_sys_ioctl+0x1a3/0x230 [ 84.063877] do_syscall_64+0x3b/0x90 [ 84.064189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.064600] RIP: 0033:0x7f4b8743ee5d [ 84.064890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.066309] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.066925] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.067505] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.068054] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.068610] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.069161] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.069718] [ 84.069901] irq event stamp: 0 [ 84.070147] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.070653] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.071307] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.071946] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.072429] ---[ end trace 0000000000000000 ]--- [ 84.075212] ------------[ cut here ]------------ [ 84.075616] WARNING: CPU: 1 PID: 716 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.076391] Modules linked in: [ 84.076648] CPU: 1 PID: 716 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.077318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.078194] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.078594] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.080000] RSP: 0018:ffff88800f7f7bd0 EFLAGS: 00010246 [ 84.080404] RAX: 0000000000000000 RBX: ffff8880167778a8 RCX: 0000000000000000 [ 84.080943] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 84.081482] RBP: ffff88800f7f7be8 R08: ffffed1002ceef33 R09: ffffed1002ceef33 [ 84.082028] R10: ffff888016777993 R11: ffffed1002ceef32 R12: ffff888018149800 [ 84.082583] R13: ffff8880167779e8 R14: ffff88801371c300 R15: 0000000000000000 [ 84.083134] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.083745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.084187] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.084721] PKRU: 55555554 [ 84.084936] Call Trace: [ 84.085129] [ 84.085299] iommufd_access_destroy_object+0x65/0x170 [ 84.085694] iommufd_object_destroy_user+0x18e/0x220 [ 84.086080] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.086540] iommufd_access_destroy+0x43/0x70 [ 84.086893] iommufd_test_staccess_release+0x8d/0xd0 [ 84.087291] __fput+0x26d/0xa40 [ 84.087558] ____fput+0x1e/0x30 [ 84.087822] task_work_run+0x1a4/0x2d0 [ 84.088129] ? __pfx_task_work_run+0x10/0x10 [ 84.088469] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.088850] ? switch_task_namespaces+0xa9/0xe0 [ 84.089215] do_exit+0xb17/0x2ef0 [ 84.089481] ? lock_acquire+0x427/0x4c0 [ 84.089791] ? __pfx_lock_release+0x10/0x10 [ 84.090125] ? __kasan_check_write+0x18/0x20 [ 84.090464] ? do_raw_spin_lock+0x132/0x2a0 [ 84.090815] ? __pfx_do_exit+0x10/0x10 [ 84.091133] ? debug_smp_processor_id+0x20/0x30 [ 84.091494] ? rcu_is_watching+0x19/0xb0 [ 84.091808] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.092161] ? trace_hardirqs_on+0x26/0x120 [ 84.092500] do_group_exit+0xe0/0x2b0 [ 84.092790] __x64_sys_exit_group+0x47/0x50 [ 84.093177] do_syscall_64+0x3b/0x90 [ 84.093467] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.093865] RIP: 0033:0x7f4b87518a4d [ 84.094149] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.094636] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.095228] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.095775] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.096305] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.096844] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.097379] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.097924] [ 84.098106] irq event stamp: 0 [ 84.098348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.098840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.099483] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.100113] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.100595] ---[ end trace 0000000000000000 ]--- [ 84.101261] ------------[ cut here ]------------ [ 84.101619] WARNING: CPU: 1 PID: 716 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.102388] Modules linked in: [ 84.102653] CPU: 1 PID: 716 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.103327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.104177] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.104570] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.105934] RSP: 0018:ffff88800f7f7b78 EFLAGS: 00010246 [ 84.106338] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.106893] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 84.107434] RBP: ffff88800f7f7b98 R08: ffffed1002ceef3e R09: ffffed1002ceef3e [ 84.107973] R10: ffff8880167779ef R11: ffffed1002ceef3d R12: ffff888016777a90 [ 84.108506] R13: ffff8880167778a8 R14: ffffffffffffffff R15: ffff88800f7f7c60 [ 84.109049] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.109731] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.110166] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.110727] PKRU: 55555554 [ 84.110937] Call Trace: [ 84.111148] [ 84.111321] iommufd_ioas_destroy+0x53/0x70 [ 84.111656] iommufd_fops_release+0x1f7/0x370 [ 84.112001] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.112380] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.112749] ? write_comp_data+0x2f/0x90 [ 84.113059] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.113439] __fput+0x26d/0xa40 [ 84.113697] ____fput+0x1e/0x30 [ 84.113950] task_work_run+0x1a4/0x2d0 [ 84.114250] ? __pfx_task_work_run+0x10/0x10 [ 84.114600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.114969] ? switch_task_namespaces+0xa9/0xe0 [ 84.115328] do_exit+0xb17/0x2ef0 [ 84.115587] ? lock_acquire+0x427/0x4c0 [ 84.115891] ? __pfx_lock_release+0x10/0x10 [ 84.116221] ? __kasan_check_write+0x18/0x20 [ 84.116557] ? do_raw_spin_lock+0x132/0x2a0 [ 84.116894] ? __pfx_do_exit+0x10/0x10 [ 84.117191] ? debug_smp_processor_id+0x20/0x30 [ 84.117541] ? rcu_is_watching+0x19/0xb0 [ 84.117853] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.118195] ? trace_hardirqs_on+0x26/0x120 [ 84.118537] do_group_exit+0xe0/0x2b0 [ 84.118826] __x64_sys_exit_group+0x47/0x50 [ 84.119159] do_syscall_64+0x3b/0x90 [ 84.119444] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.119836] RIP: 0033:0x7f4b87518a4d [ 84.120124] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.120584] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.121150] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.121689] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.122235] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.122819] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.123372] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.123918] [ 84.124098] irq event stamp: 0 [ 84.124337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.124810] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.125486] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.126109] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.126601] ---[ end trace 0000000000000000 ]--- [ 84.131144] ------------[ cut here ]------------ [ 84.131525] WARNING: CPU: 1 PID: 717 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.132271] Modules linked in: [ 84.132512] CPU: 1 PID: 717 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.133159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.134008] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.134383] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.135808] RSP: 0018:ffff888017be7bb8 EFLAGS: 00010246 [ 84.136221] RAX: 0000000000000000 RBX: ffff8880128340a8 RCX: 0000000000000000 [ 84.136753] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 84.137284] RBP: ffff888017be7bd0 R08: ffffed1002506833 R09: ffffed1002506833 [ 84.137813] R10: ffff888012834193 R11: ffffed1002506832 R12: ffff88801849fc00 [ 84.138347] R13: ffff8880128341e8 R14: ffffffff8352e670 R15: ffff888017be7e68 [ 84.138892] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.139508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.139957] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 84.140500] PKRU: 55555554 [ 84.140724] Call Trace: [ 84.140923] [ 84.141094] __iommufd_access_detach+0x1c2/0x2b0 [ 84.141480] iommufd_access_change_pt+0x149/0x270 [ 84.141859] iommufd_access_replace+0xb4/0x120 [ 84.142216] iommufd_test+0x3e5/0x37e0 [ 84.142533] ? lock_release+0x532/0x770 [ 84.142843] ? __might_fault+0x102/0x1b0 [ 84.143175] ? lock_acquire+0x427/0x4c0 [ 84.143488] ? __pfx_iommufd_test+0x10/0x10 [ 84.143814] ? __pfx_lock_release+0x10/0x10 [ 84.144147] ? __pfx_lock_acquire+0x10/0x10 [ 84.144493] ? write_comp_data+0x2f/0x90 [ 84.144811] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.145193] ? write_comp_data+0x2f/0x90 [ 84.145514] iommufd_fops_ioctl+0x37d/0x510 [ 84.145851] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.146228] ? write_comp_data+0x2f/0x90 [ 84.146565] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.146943] __x64_sys_ioctl+0x1a3/0x230 [ 84.147286] do_syscall_64+0x3b/0x90 [ 84.147590] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.148181] RIP: 0033:0x7f4b8743ee5d [ 84.148471] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.149968] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.150679] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.151230] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.151893] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.152433] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.153067] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.153617] [ 84.153855] irq event stamp: 0 [ 84.154138] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.154638] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.155301] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.156001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.156509] ---[ end trace 0000000000000000 ]--- [ 84.159362] ------------[ cut here ]------------ [ 84.159748] WARNING: CPU: 1 PID: 717 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.160608] Modules linked in: [ 84.160864] CPU: 1 PID: 717 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.161701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.163090] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.163688] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.165818] RSP: 0018:ffff888017be7bd0 EFLAGS: 00010246 [ 84.166480] RAX: 0000000000000000 RBX: ffff8880128340a8 RCX: 0000000000000000 [ 84.167392] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 84.168178] RBP: ffff888017be7be8 R08: ffffed1002506833 R09: ffffed1002506833 [ 84.169062] R10: ffff888012834193 R11: ffffed1002506832 R12: ffff888017ba4000 [ 84.169935] R13: ffff8880128341e8 R14: ffff88800b1cfa00 R15: 0000000000000000 [ 84.170788] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.171718] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.172468] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.173345] PKRU: 55555554 [ 84.173667] Call Trace: [ 84.173959] [ 84.174235] iommufd_access_destroy_object+0x65/0x170 [ 84.174916] iommufd_object_destroy_user+0x18e/0x220 [ 84.175538] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.176317] iommufd_access_destroy+0x43/0x70 [ 84.176860] iommufd_test_staccess_release+0x8d/0xd0 [ 84.177519] __fput+0x26d/0xa40 [ 84.177920] ____fput+0x1e/0x30 [ 84.178395] task_work_run+0x1a4/0x2d0 [ 84.178895] ? __pfx_task_work_run+0x10/0x10 [ 84.179454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.180083] ? switch_task_namespaces+0xa9/0xe0 [ 84.180686] do_exit+0xb17/0x2ef0 [ 84.181132] ? lock_acquire+0x427/0x4c0 [ 84.181618] ? __pfx_lock_release+0x10/0x10 [ 84.182235] ? __kasan_check_write+0x18/0x20 [ 84.182812] ? do_raw_spin_lock+0x132/0x2a0 [ 84.183440] ? __pfx_do_exit+0x10/0x10 [ 84.183920] ? debug_smp_processor_id+0x20/0x30 [ 84.184473] ? rcu_is_watching+0x19/0xb0 [ 84.185027] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.185553] ? trace_hardirqs_on+0x26/0x120 [ 84.186166] do_group_exit+0xe0/0x2b0 [ 84.186660] __x64_sys_exit_group+0x47/0x50 [ 84.187188] do_syscall_64+0x3b/0x90 [ 84.187727] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.188348] RIP: 0033:0x7f4b87518a4d [ 84.188880] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.189600] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.190621] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.191567] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.192391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.193307] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.194263] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.195171] [ 84.195547] irq event stamp: 0 [ 84.195922] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.196667] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.197711] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.198712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.199463] ---[ end trace 0000000000000000 ]--- [ 84.200635] ------------[ cut here ]------------ [ 84.201188] WARNING: CPU: 1 PID: 717 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.202365] Modules linked in: [ 84.202788] CPU: 1 PID: 717 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.203674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.204606] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.205031] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.206503] RSP: 0018:ffff888017be7b78 EFLAGS: 00010246 [ 84.206989] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.207595] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 84.208207] RBP: ffff888017be7b98 R08: ffffed100250683e R09: ffffed100250683e [ 84.208825] R10: ffff8880128341ef R11: ffffed100250683d R12: ffff888012834290 [ 84.209446] R13: ffff8880128340a8 R14: ffffffffffffffff R15: ffff888017be7c60 [ 84.210085] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.210816] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.211337] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.211960] PKRU: 55555554 [ 84.212216] Call Trace: [ 84.212439] [ 84.212643] iommufd_ioas_destroy+0x53/0x70 [ 84.213035] iommufd_fops_release+0x1f7/0x370 [ 84.213443] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.213882] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.214326] ? write_comp_data+0x2f/0x90 [ 84.214738] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.215218] __fput+0x26d/0xa40 [ 84.215535] ____fput+0x1e/0x30 [ 84.215851] task_work_run+0x1a4/0x2d0 [ 84.216219] ? __pfx_task_work_run+0x10/0x10 [ 84.216619] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.217070] ? switch_task_namespaces+0xa9/0xe0 [ 84.217496] do_exit+0xb17/0x2ef0 [ 84.217840] ? lock_acquire+0x427/0x4c0 [ 84.218209] ? __pfx_lock_release+0x10/0x10 [ 84.218634] ? __kasan_check_write+0x18/0x20 [ 84.219155] ? do_raw_spin_lock+0x132/0x2a0 [ 84.219552] ? __pfx_do_exit+0x10/0x10 [ 84.219944] ? debug_smp_processor_id+0x20/0x30 [ 84.220413] ? rcu_is_watching+0x19/0xb0 [ 84.220784] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.221220] ? trace_hardirqs_on+0x26/0x120 [ 84.221608] do_group_exit+0xe0/0x2b0 [ 84.221948] __x64_sys_exit_group+0x47/0x50 [ 84.222332] do_syscall_64+0x3b/0x90 [ 84.222718] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.223204] RIP: 0033:0x7f4b87518a4d [ 84.223545] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.224098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.224777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.225409] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.226039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.226684] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.227331] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.227957] [ 84.228159] irq event stamp: 0 [ 84.228437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.228984] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.229716] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.230438] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.231015] ---[ end trace 0000000000000000 ]--- [ 84.234896] ------------[ cut here ]------------ [ 84.235392] WARNING: CPU: 1 PID: 718 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.236264] Modules linked in: [ 84.236547] CPU: 1 PID: 718 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.237290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.238257] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.238933] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.240537] RSP: 0018:ffff8880170a7bb8 EFLAGS: 00010246 [ 84.241007] RAX: 0000000000000000 RBX: ffff888012c540a8 RCX: 0000000000000000 [ 84.241654] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 84.242279] RBP: ffff8880170a7bd0 R08: ffffed100258a833 R09: ffffed100258a833 [ 84.242949] R10: ffff888012c54193 R11: ffffed100258a832 R12: ffff88800f6bf800 [ 84.243599] R13: ffff888012c541e8 R14: ffffffff8352e670 R15: ffff8880170a7e68 [ 84.244217] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.244918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.245427] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ee0 [ 84.246062] PKRU: 55555554 [ 84.246313] Call Trace: [ 84.246558] [ 84.246756] __iommufd_access_detach+0x1c2/0x2b0 [ 84.247203] iommufd_access_change_pt+0x149/0x270 [ 84.247636] iommufd_access_replace+0xb4/0x120 [ 84.248049] iommufd_test+0x3e5/0x37e0 [ 84.248395] ? lock_release+0x532/0x770 [ 84.248763] ? __might_fault+0x102/0x1b0 [ 84.249129] ? lock_acquire+0x427/0x4c0 [ 84.249492] ? __pfx_iommufd_test+0x10/0x10 [ 84.249866] ? __pfx_lock_release+0x10/0x10 [ 84.250248] ? __pfx_lock_acquire+0x10/0x10 [ 84.250674] ? write_comp_data+0x2f/0x90 [ 84.251055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.251504] ? write_comp_data+0x2f/0x90 [ 84.251882] iommufd_fops_ioctl+0x37d/0x510 [ 84.252263] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.252691] ? write_comp_data+0x2f/0x90 [ 84.253183] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.253706] __x64_sys_ioctl+0x1a3/0x230 [ 84.254101] do_syscall_64+0x3b/0x90 [ 84.254447] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.254955] RIP: 0033:0x7f4b8743ee5d [ 84.255302] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.256903] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.257577] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.258206] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.258872] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.259522] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.260138] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.260767] [ 84.260972] irq event stamp: 0 [ 84.261243] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.261790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.262547] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.263292] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.263847] ---[ end trace 0000000000000000 ]--- [ 84.266753] ------------[ cut here ]------------ [ 84.267224] WARNING: CPU: 1 PID: 718 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.268090] Modules linked in: [ 84.268372] CPU: 1 PID: 718 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.269118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.270084] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.270547] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.272171] RSP: 0018:ffff8880170a7bd0 EFLAGS: 00010246 [ 84.272651] RAX: 0000000000000000 RBX: ffff888012c540a8 RCX: 0000000000000000 [ 84.273270] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 84.273892] RBP: ffff8880170a7be8 R08: ffffed100258a833 R09: ffffed100258a833 [ 84.274561] R10: ffff888012c54193 R11: ffffed100258a832 R12: ffff88801849d400 [ 84.275235] R13: ffff888012c541e8 R14: ffff888016e16d00 R15: 0000000000000000 [ 84.275874] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.276584] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.277105] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.277733] PKRU: 55555554 [ 84.277978] Call Trace: [ 84.278210] [ 84.278408] iommufd_access_destroy_object+0x65/0x170 [ 84.278908] iommufd_object_destroy_user+0x18e/0x220 [ 84.279379] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.279900] iommufd_access_destroy+0x43/0x70 [ 84.280307] iommufd_test_staccess_release+0x8d/0xd0 [ 84.280776] __fput+0x26d/0xa40 [ 84.281088] ____fput+0x1e/0x30 [ 84.281392] task_work_run+0x1a4/0x2d0 [ 84.281749] ? __pfx_task_work_run+0x10/0x10 [ 84.282147] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.282611] ? switch_task_namespaces+0xa9/0xe0 [ 84.283037] do_exit+0xb17/0x2ef0 [ 84.283364] ? lock_acquire+0x427/0x4c0 [ 84.283725] ? __pfx_lock_release+0x10/0x10 [ 84.284112] ? __kasan_check_write+0x18/0x20 [ 84.284517] ? do_raw_spin_lock+0x132/0x2a0 [ 84.284907] ? __pfx_do_exit+0x10/0x10 [ 84.285349] ? debug_smp_processor_id+0x20/0x30 [ 84.285776] ? rcu_is_watching+0x19/0xb0 [ 84.286145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.286594] ? trace_hardirqs_on+0x26/0x120 [ 84.286991] do_group_exit+0xe0/0x2b0 [ 84.287358] __x64_sys_exit_group+0x47/0x50 [ 84.287747] do_syscall_64+0x3b/0x90 [ 84.288090] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.288561] RIP: 0033:0x7f4b87518a4d [ 84.288893] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.289445] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.290122] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.290787] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.291461] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.292136] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.292803] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.293477] [ 84.293740] irq event stamp: 0 [ 84.294104] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.294774] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.295566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.296346] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.296950] ---[ end trace 0000000000000000 ]--- [ 84.297748] ------------[ cut here ]------------ [ 84.298191] WARNING: CPU: 1 PID: 718 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.299199] Modules linked in: [ 84.299502] CPU: 1 PID: 718 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.300304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.301410] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.301994] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.304108] RSP: 0018:ffff8880170a7b78 EFLAGS: 00010246 [ 84.304628] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.305303] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 84.305984] RBP: ffff8880170a7b98 R08: ffffed100258a83e R09: ffffed100258a83e [ 84.306687] R10: ffff888012c541ef R11: ffffed100258a83d R12: ffff888012c54290 [ 84.307402] R13: ffff888012c540a8 R14: ffffffffffffffff R15: ffff8880170a7c60 [ 84.308089] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.308859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.309428] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.310223] PKRU: 55555554 [ 84.310609] Call Trace: [ 84.310899] [ 84.311158] iommufd_ioas_destroy+0x53/0x70 [ 84.311603] iommufd_fops_release+0x1f7/0x370 [ 84.312048] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.312536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.313013] ? write_comp_data+0x2f/0x90 [ 84.313413] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.313909] __fput+0x26d/0xa40 [ 84.314251] ____fput+0x1e/0x30 [ 84.314621] task_work_run+0x1a4/0x2d0 [ 84.315007] ? __pfx_task_work_run+0x10/0x10 [ 84.315447] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.315928] ? switch_task_namespaces+0xa9/0xe0 [ 84.316383] do_exit+0xb17/0x2ef0 [ 84.316723] ? lock_acquire+0x427/0x4c0 [ 84.317194] ? __pfx_lock_release+0x10/0x10 [ 84.317625] ? __kasan_check_write+0x18/0x20 [ 84.318063] ? do_raw_spin_lock+0x132/0x2a0 [ 84.318498] ? __pfx_do_exit+0x10/0x10 [ 84.319014] ? debug_smp_processor_id+0x20/0x30 [ 84.319547] ? rcu_is_watching+0x19/0xb0 [ 84.319980] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.320460] ? trace_hardirqs_on+0x26/0x120 [ 84.320926] do_group_exit+0xe0/0x2b0 [ 84.321325] __x64_sys_exit_group+0x47/0x50 [ 84.321769] do_syscall_64+0x3b/0x90 [ 84.322167] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.322759] RIP: 0033:0x7f4b87518a4d [ 84.323167] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.323801] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.324590] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.325329] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.326062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.326836] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.327591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.328468] [ 84.328714] irq event stamp: 0 [ 84.329049] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.329700] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.330625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.331530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.332187] ---[ end trace 0000000000000000 ]--- [ 84.338180] ------------[ cut here ]------------ [ 84.338971] WARNING: CPU: 1 PID: 719 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.340029] Modules linked in: [ 84.340434] CPU: 1 PID: 719 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.341432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.342656] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.343194] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.345082] RSP: 0018:ffff88800fe4fbb8 EFLAGS: 00010246 [ 84.345629] RAX: 0000000000000000 RBX: ffff88800b9fa0a8 RCX: 0000000000000000 [ 84.346368] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 84.347155] RBP: ffff88800fe4fbd0 R08: ffffed100173f433 R09: ffffed100173f433 [ 84.347904] R10: ffff88800b9fa193 R11: ffffed100173f432 R12: ffff888014391c00 [ 84.348639] R13: ffff88800b9fa1e8 R14: ffffffff8352e670 R15: ffff88800fe4fe68 [ 84.349473] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.350318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.350955] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ee0 [ 84.351725] PKRU: 55555554 [ 84.352025] Call Trace: [ 84.352298] [ 84.352540] __iommufd_access_detach+0x1c2/0x2b0 [ 84.353064] iommufd_access_change_pt+0x149/0x270 [ 84.353584] iommufd_access_replace+0xb4/0x120 [ 84.354077] iommufd_test+0x3e5/0x37e0 [ 84.354491] ? lock_release+0x532/0x770 [ 84.354964] ? __might_fault+0x102/0x1b0 [ 84.355417] ? lock_acquire+0x427/0x4c0 [ 84.355852] ? __pfx_iommufd_test+0x10/0x10 [ 84.356314] ? __pfx_lock_release+0x10/0x10 [ 84.356787] ? __pfx_lock_acquire+0x10/0x10 [ 84.357257] ? write_comp_data+0x2f/0x90 [ 84.357700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.358216] ? write_comp_data+0x2f/0x90 [ 84.358689] iommufd_fops_ioctl+0x37d/0x510 [ 84.359177] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.359701] ? write_comp_data+0x2f/0x90 [ 84.360146] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.360674] __x64_sys_ioctl+0x1a3/0x230 [ 84.361119] do_syscall_64+0x3b/0x90 [ 84.361534] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.362089] RIP: 0033:0x7f4b8743ee5d [ 84.362489] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.364477] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.365280] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.366030] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.366814] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.367584] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.368332] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.369098] [ 84.369347] irq event stamp: 0 [ 84.369682] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.370350] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.371275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.372170] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.372847] ---[ end trace 0000000000000000 ]--- [ 84.376227] ------------[ cut here ]------------ [ 84.376760] WARNING: CPU: 1 PID: 719 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.377814] Modules linked in: [ 84.378152] CPU: 1 PID: 719 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.379087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.380247] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.380768] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.382757] RSP: 0018:ffff88800fe4fbd0 EFLAGS: 00010246 [ 84.383323] RAX: 0000000000000000 RBX: ffff88800b9fa0a8 RCX: 0000000000000000 [ 84.384055] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 84.384796] RBP: ffff88800fe4fbe8 R08: ffffed100173f433 R09: ffffed100173f433 [ 84.385548] R10: ffff88800b9fa193 R11: ffffed100173f432 R12: ffff88800f6be800 [ 84.386284] R13: ffff88800b9fa1e8 R14: ffff888013c90f00 R15: 0000000000000000 [ 84.387054] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.387919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.388542] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.389310] PKRU: 55555554 [ 84.389609] Call Trace: [ 84.389881] [ 84.390118] iommufd_access_destroy_object+0x65/0x170 [ 84.390709] iommufd_object_destroy_user+0x18e/0x220 [ 84.391256] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.391874] iommufd_access_destroy+0x43/0x70 [ 84.392358] iommufd_test_staccess_release+0x8d/0xd0 [ 84.392907] __fput+0x26d/0xa40 [ 84.393274] ____fput+0x1e/0x30 [ 84.393627] task_work_run+0x1a4/0x2d0 [ 84.394049] ? __pfx_task_work_run+0x10/0x10 [ 84.394549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.395071] ? switch_task_namespaces+0xa9/0xe0 [ 84.395611] do_exit+0xb17/0x2ef0 [ 84.395979] ? lock_acquire+0x427/0x4c0 [ 84.396405] ? __pfx_lock_release+0x10/0x10 [ 84.396864] ? __kasan_check_write+0x18/0x20 [ 84.397331] ? do_raw_spin_lock+0x132/0x2a0 [ 84.397784] ? __pfx_do_exit+0x10/0x10 [ 84.398207] ? debug_smp_processor_id+0x20/0x30 [ 84.398731] ? rcu_is_watching+0x19/0xb0 [ 84.399180] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.399672] ? trace_hardirqs_on+0x26/0x120 [ 84.400135] do_group_exit+0xe0/0x2b0 [ 84.400543] __x64_sys_exit_group+0x47/0x50 [ 84.400999] do_syscall_64+0x3b/0x90 [ 84.401399] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.401952] RIP: 0033:0x7f4b87518a4d [ 84.402346] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.403047] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.403872] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.404633] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.405371] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.406101] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.406871] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.407642] [ 84.407885] irq event stamp: 0 [ 84.408220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.408886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.410393] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.411347] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.412014] ---[ end trace 0000000000000000 ]--- [ 84.413169] ------------[ cut here ]------------ [ 84.413659] WARNING: CPU: 1 PID: 719 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.414816] Modules linked in: [ 84.415168] CPU: 1 PID: 719 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.416081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.417561] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.418107] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.420395] RSP: 0018:ffff88800fe4fb78 EFLAGS: 00010246 [ 84.420974] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.421720] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 84.422469] RBP: ffff88800fe4fb98 R08: ffffed100173f43e R09: ffffed100173f43e [ 84.423357] R10: ffff88800b9fa1ef R11: ffffed100173f43d R12: ffff88800b9fa290 [ 84.424273] R13: ffff88800b9fa0a8 R14: ffffffffffffffff R15: ffff88800fe4fc60 [ 84.425025] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.425879] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.426577] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.427574] PKRU: 55555554 [ 84.427882] Call Trace: [ 84.428159] [ 84.428403] iommufd_ioas_destroy+0x53/0x70 [ 84.428874] iommufd_fops_release+0x1f7/0x370 [ 84.429358] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.429939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.430693] ? write_comp_data+0x2f/0x90 [ 84.431163] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.431701] __fput+0x26d/0xa40 [ 84.432070] ____fput+0x1e/0x30 [ 84.432437] task_work_run+0x1a4/0x2d0 [ 84.432962] ? __pfx_task_work_run+0x10/0x10 [ 84.433583] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.434111] ? switch_task_namespaces+0xa9/0xe0 [ 84.434643] do_exit+0xb17/0x2ef0 [ 84.435018] ? lock_acquire+0x427/0x4c0 [ 84.435511] ? __pfx_lock_release+0x10/0x10 [ 84.436159] ? __kasan_check_write+0x18/0x20 [ 84.436650] ? do_raw_spin_lock+0x132/0x2a0 [ 84.437115] ? __pfx_do_exit+0x10/0x10 [ 84.437543] ? debug_smp_processor_id+0x20/0x30 [ 84.438049] ? rcu_is_watching+0x19/0xb0 [ 84.438610] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.439309] ? trace_hardirqs_on+0x26/0x120 [ 84.439781] do_group_exit+0xe0/0x2b0 [ 84.440193] __x64_sys_exit_group+0x47/0x50 [ 84.440652] do_syscall_64+0x3b/0x90 [ 84.441064] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.441809] RIP: 0033:0x7f4b87518a4d [ 84.442353] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.443041] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.443861] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.444867] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.445709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.446477] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.447361] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.448222] [ 84.448477] irq event stamp: 0 [ 84.448810] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.449488] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.450702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.451596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.452264] ---[ end trace 0000000000000000 ]--- [ 84.459754] ------------[ cut here ]------------ [ 84.460321] WARNING: CPU: 1 PID: 720 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.461599] Modules linked in: [ 84.462263] CPU: 1 PID: 720 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.463256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.464713] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.465343] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.467306] RSP: 0018:ffff8880180bfbb8 EFLAGS: 00010246 [ 84.468033] RAX: 0000000000000000 RBX: ffff8880184ff0a8 RCX: 0000000000000000 [ 84.468927] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 84.469680] RBP: ffff8880180bfbd0 R08: ffffed100309fe33 R09: ffffed100309fe33 [ 84.470471] R10: ffff8880184ff193 R11: ffffed100309fe32 R12: ffff888013e57c00 [ 84.471528] R13: ffff8880184ff1e8 R14: ffffffff8352e670 R15: ffff8880180bfe68 [ 84.472273] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.473106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.473872] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 84.474913] PKRU: 55555554 [ 84.475209] Call Trace: [ 84.475472] [ 84.475706] __iommufd_access_detach+0x1c2/0x2b0 [ 84.476206] iommufd_access_change_pt+0x149/0x270 [ 84.476705] iommufd_access_replace+0xb4/0x120 [ 84.477433] iommufd_test+0x3e5/0x37e0 [ 84.477958] ? lock_release+0x532/0x770 [ 84.478379] ? __might_fault+0x102/0x1b0 [ 84.478841] ? lock_acquire+0x427/0x4c0 [ 84.479277] ? __pfx_iommufd_test+0x10/0x10 [ 84.479726] ? __pfx_lock_release+0x10/0x10 [ 84.480271] ? __pfx_lock_acquire+0x10/0x10 [ 84.480837] ? write_comp_data+0x2f/0x90 [ 84.481494] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.482001] ? write_comp_data+0x2f/0x90 [ 84.482435] iommufd_fops_ioctl+0x37d/0x510 [ 84.482928] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.483482] ? write_comp_data+0x2f/0x90 [ 84.484102] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.484623] __x64_sys_ioctl+0x1a3/0x230 [ 84.485043] do_syscall_64+0x3b/0x90 [ 84.485450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.486049] RIP: 0033:0x7f4b8743ee5d [ 84.486613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.488673] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.489712] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.490577] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.491321] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.492096] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.493121] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.493876] [ 84.494121] irq event stamp: 0 [ 84.494453] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.495256] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.496426] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.497299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.498018] ---[ end trace 0000000000000000 ]--- [ 84.503547] ------------[ cut here ]------------ [ 84.504217] WARNING: CPU: 1 PID: 720 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.505266] Modules linked in: [ 84.505624] CPU: 1 PID: 720 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.506952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.508138] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.508674] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.511106] RSP: 0018:ffff8880180bfbd0 EFLAGS: 00010246 [ 84.511704] RAX: 0000000000000000 RBX: ffff8880184ff0a8 RCX: 0000000000000000 [ 84.512523] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 84.513536] RBP: ffff8880180bfbe8 R08: ffffed100309fe33 R09: ffffed100309fe33 [ 84.514287] R10: ffff8880184ff193 R11: ffffed100309fe32 R12: ffff888014393000 [ 84.515056] R13: ffff8880184ff1e8 R14: ffff8880139beb00 R15: 0000000000000000 [ 84.516014] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.516947] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.517553] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 84.518383] PKRU: 55555554 [ 84.518855] Call Trace: [ 84.519138] [ 84.519382] iommufd_access_destroy_object+0x65/0x170 [ 84.519940] iommufd_object_destroy_user+0x18e/0x220 [ 84.520489] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.521249] iommufd_access_destroy+0x43/0x70 [ 84.521868] iommufd_test_staccess_release+0x8d/0xd0 [ 84.522415] __fput+0x26d/0xa40 [ 84.522806] ____fput+0x1e/0x30 [ 84.523172] task_work_run+0x1a4/0x2d0 [ 84.523588] ? __pfx_task_work_run+0x10/0x10 [ 84.524223] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.524874] ? switch_task_namespaces+0xa9/0xe0 [ 84.525378] do_exit+0xb17/0x2ef0 [ 84.525739] ? lock_acquire+0x427/0x4c0 [ 84.526169] ? __pfx_lock_release+0x10/0x10 [ 84.526740] ? __kasan_check_write+0x18/0x20 [ 84.527426] ? do_raw_spin_lock+0x132/0x2a0 [ 84.527887] ? __pfx_do_exit+0x10/0x10 [ 84.528312] ? debug_smp_processor_id+0x20/0x30 [ 84.528798] ? rcu_is_watching+0x19/0xb0 [ 84.529225] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.529858] ? trace_hardirqs_on+0x26/0x120 [ 84.530478] do_group_exit+0xe0/0x2b0 [ 84.530923] __x64_sys_exit_group+0x47/0x50 [ 84.531389] do_syscall_64+0x3b/0x90 [ 84.531796] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.532344] RIP: 0033:0x7f4b87518a4d [ 84.532914] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.533567] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.534361] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.535319] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.536055] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.536797] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.537747] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.538534] [ 84.538789] irq event stamp: 0 [ 84.539140] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.540027] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.540914] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.542014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.542760] ---[ end trace 0000000000000000 ]--- [ 84.544616] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 84.547005] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 84.557064] ------------[ cut here ]------------ [ 84.557600] WARNING: CPU: 1 PID: 720 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.558670] Modules linked in: [ 84.559001] CPU: 1 PID: 720 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.559911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.561065] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.561816] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.563699] RSP: 0018:ffff8880180bfb78 EFLAGS: 00010246 [ 84.564248] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.565089] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 84.565871] RBP: ffff8880180bfb98 R08: ffffed100309fe3e R09: ffffed100309fe3e [ 84.566585] R10: ffff8880184ff1ef R11: ffffed100309fe3d R12: ffff8880184ff290 [ 84.567259] R13: ffff8880184ff0a8 R14: ffffffffffffffff R15: ffff8880180bfc60 [ 84.567928] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.568687] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.569236] CR2: 00007f82e2e6f000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 84.569905] PKRU: 55555554 [ 84.570171] Call Trace: [ 84.570410] [ 84.570645] iommufd_ioas_destroy+0x53/0x70 [ 84.571061] iommufd_fops_release+0x1f7/0x370 [ 84.571507] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.571985] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.572627] ? write_comp_data+0x2f/0x90 [ 84.573104] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.573582] __fput+0x26d/0xa40 [ 84.573914] ____fput+0x1e/0x30 [ 84.574233] task_work_run+0x1a4/0x2d0 [ 84.574630] ? __pfx_task_work_run+0x10/0x10 [ 84.575050] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.575528] ? switch_task_namespaces+0xa9/0xe0 [ 84.575979] do_exit+0xb17/0x2ef0 [ 84.576306] ? lock_acquire+0x427/0x4c0 [ 84.576700] ? __pfx_lock_release+0x10/0x10 [ 84.577113] ? __kasan_check_write+0x18/0x20 [ 84.577528] ? do_raw_spin_lock+0x132/0x2a0 [ 84.577935] ? __pfx_do_exit+0x10/0x10 [ 84.578312] ? debug_smp_processor_id+0x20/0x30 [ 84.578786] ? rcu_is_watching+0x19/0xb0 [ 84.579182] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.579616] ? trace_hardirqs_on+0x26/0x120 [ 84.580029] do_group_exit+0xe0/0x2b0 [ 84.580390] __x64_sys_exit_group+0x47/0x50 [ 84.580793] do_syscall_64+0x3b/0x90 [ 84.581154] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.581651] RIP: 0033:0x7f4b87518a4d [ 84.582001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.582594] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.583325] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.583996] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.584666] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.585333] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.585998] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.586700] [ 84.586926] irq event stamp: 0 [ 84.587250] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.587846] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.588638] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.589423] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.590011] ---[ end trace 0000000000000000 ]--- [ 84.595300] ------------[ cut here ]------------ [ 84.595793] WARNING: CPU: 1 PID: 722 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.596713] Modules linked in: [ 84.597008] CPU: 1 PID: 722 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.597816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.598911] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.599384] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.601057] RSP: 0018:ffff88801606fbb8 EFLAGS: 00010246 [ 84.601552] RAX: 0000000000000000 RBX: ffff888011f638a8 RCX: 0000000000000000 [ 84.602207] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 84.602892] RBP: ffff88801606fbd0 R08: ffffed10023ec733 R09: ffffed10023ec733 [ 84.603557] R10: ffff888011f63993 R11: ffffed10023ec732 R12: ffff888020b30800 [ 84.604221] R13: ffff888011f639e8 R14: ffffffff8352e670 R15: ffff88801606fe68 [ 84.604872] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.605690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.606227] CR2: 00007f4b877410e8 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 84.606912] PKRU: 55555554 [ 84.607186] Call Trace: [ 84.607426] [ 84.607636] __iommufd_access_detach+0x1c2/0x2b0 [ 84.608089] iommufd_access_change_pt+0x149/0x270 [ 84.608549] iommufd_access_replace+0xb4/0x120 [ 84.608981] iommufd_test+0x3e5/0x37e0 [ 84.609350] ? lock_release+0x532/0x770 [ 84.609733] ? __might_fault+0x102/0x1b0 [ 84.610113] ? lock_acquire+0x427/0x4c0 [ 84.610496] ? __pfx_iommufd_test+0x10/0x10 [ 84.610926] ? __pfx_lock_release+0x10/0x10 [ 84.611350] ? __pfx_lock_acquire+0x10/0x10 [ 84.611764] ? write_comp_data+0x2f/0x90 [ 84.612150] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.612602] ? write_comp_data+0x2f/0x90 [ 84.612985] iommufd_fops_ioctl+0x37d/0x510 [ 84.613391] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.613849] ? write_comp_data+0x2f/0x90 [ 84.614236] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.614716] __x64_sys_ioctl+0x1a3/0x230 [ 84.615120] do_syscall_64+0x3b/0x90 [ 84.615478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.615944] RIP: 0033:0x7f4b8743ee5d [ 84.616272] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.617853] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.618539] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.619176] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.619794] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.620409] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.621024] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.621647] [ 84.621853] irq event stamp: 0 [ 84.622127] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.622698] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.623446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.624173] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.624722] ---[ end trace 0000000000000000 ]--- [ 84.627865] ------------[ cut here ]------------ [ 84.628317] WARNING: CPU: 1 PID: 722 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.629194] Modules linked in: [ 84.629473] CPU: 1 PID: 722 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.630218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.631228] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.631660] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.633238] RSP: 0018:ffff88801606fbd0 EFLAGS: 00010246 [ 84.633699] RAX: 0000000000000000 RBX: ffff888011f638a8 RCX: 0000000000000000 [ 84.634316] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 84.634954] RBP: ffff88801606fbe8 R08: ffffed10023ec733 R09: ffffed10023ec733 [ 84.635582] R10: ffff888011f63993 R11: ffffed10023ec732 R12: ffff888013e55400 [ 84.636198] R13: ffff888011f639e8 R14: ffff888018baca00 R15: 0000000000000000 [ 84.636818] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.637587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.638090] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.638738] PKRU: 55555554 [ 84.638985] Call Trace: [ 84.639218] [ 84.639415] iommufd_access_destroy_object+0x65/0x170 [ 84.639867] iommufd_object_destroy_user+0x18e/0x220 [ 84.640314] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.640824] iommufd_access_destroy+0x43/0x70 [ 84.641228] iommufd_test_staccess_release+0x8d/0xd0 [ 84.641686] __fput+0x26d/0xa40 [ 84.641988] ____fput+0x1e/0x30 [ 84.642285] task_work_run+0x1a4/0x2d0 [ 84.642663] ? __pfx_task_work_run+0x10/0x10 [ 84.643055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.643501] ? switch_task_namespaces+0xa9/0xe0 [ 84.643923] do_exit+0xb17/0x2ef0 [ 84.644232] ? lock_acquire+0x427/0x4c0 [ 84.644591] ? __pfx_lock_release+0x10/0x10 [ 84.644980] ? __kasan_check_write+0x18/0x20 [ 84.645371] ? do_raw_spin_lock+0x132/0x2a0 [ 84.645754] ? __pfx_do_exit+0x10/0x10 [ 84.646107] ? debug_smp_processor_id+0x20/0x30 [ 84.646552] ? rcu_is_watching+0x19/0xb0 [ 84.646910] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.647328] ? trace_hardirqs_on+0x26/0x120 [ 84.647719] do_group_exit+0xe0/0x2b0 [ 84.648055] __x64_sys_exit_group+0x47/0x50 [ 84.648429] do_syscall_64+0x3b/0x90 [ 84.648757] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.649204] RIP: 0033:0x7f4b87518a4d [ 84.649522] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.650040] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.650679] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.651278] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.651859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.652438] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.653022] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.653608] [ 84.653803] irq event stamp: 0 [ 84.654061] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.654594] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.655292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.655990] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.656506] ---[ end trace 0000000000000000 ]--- [ 84.657229] ------------[ cut here ]------------ [ 84.657619] WARNING: CPU: 1 PID: 722 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.658446] Modules linked in: [ 84.658729] CPU: 1 PID: 722 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.659458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.660380] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.660806] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.662291] RSP: 0018:ffff88801606fb78 EFLAGS: 00010246 [ 84.662750] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.663340] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 84.663918] RBP: ffff88801606fb98 R08: ffffed10023ec73e R09: ffffed10023ec73e [ 84.664501] R10: ffff888011f639ef R11: ffffed10023ec73d R12: ffff888011f63a90 [ 84.665088] R13: ffff888011f638a8 R14: ffffffffffffffff R15: ffff88801606fc60 [ 84.665672] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.666325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.666820] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.667411] PKRU: 55555554 [ 84.667645] Call Trace: [ 84.667857] [ 84.668045] iommufd_ioas_destroy+0x53/0x70 [ 84.668405] iommufd_fops_release+0x1f7/0x370 [ 84.668785] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.669366] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.669860] ? write_comp_data+0x2f/0x90 [ 84.670208] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.670653] __fput+0x26d/0xa40 [ 84.670943] ____fput+0x1e/0x30 [ 84.671236] task_work_run+0x1a4/0x2d0 [ 84.671637] ? __pfx_task_work_run+0x10/0x10 [ 84.672060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.672469] ? switch_task_namespaces+0xa9/0xe0 [ 84.672867] do_exit+0xb17/0x2ef0 [ 84.673156] ? lock_acquire+0x427/0x4c0 [ 84.673547] ? __pfx_lock_release+0x10/0x10 [ 84.673961] ? __kasan_check_write+0x18/0x20 [ 84.674331] ? do_raw_spin_lock+0x132/0x2a0 [ 84.674714] ? __pfx_do_exit+0x10/0x10 [ 84.675048] ? debug_smp_processor_id+0x20/0x30 [ 84.675442] ? rcu_is_watching+0x19/0xb0 [ 84.675781] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.676235] ? trace_hardirqs_on+0x26/0x120 [ 84.676646] do_group_exit+0xe0/0x2b0 [ 84.676965] __x64_sys_exit_group+0x47/0x50 [ 84.677319] do_syscall_64+0x3b/0x90 [ 84.677634] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.678066] RIP: 0033:0x7f4b87518a4d [ 84.678371] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.678901] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.679620] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.680362] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.680948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.681525] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.682216] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.682880] [ 84.683071] irq event stamp: 0 [ 84.683340] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.683855] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.684616] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.685348] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.685859] ---[ end trace 0000000000000000 ]--- [ 84.689548] ------------[ cut here ]------------ [ 84.689966] WARNING: CPU: 1 PID: 723 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.690938] Modules linked in: [ 84.691213] CPU: 1 PID: 723 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.691929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.692936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.693396] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.695022] RSP: 0018:ffff8880180bfbb8 EFLAGS: 00010246 [ 84.695464] RAX: 0000000000000000 RBX: ffff8880147058a8 RCX: 0000000000000000 [ 84.696041] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 84.696618] RBP: ffff8880180bfbd0 R08: ffffed10028e0b33 R09: ffffed10028e0b33 [ 84.697323] R10: ffff888014705993 R11: ffffed10028e0b32 R12: ffff8880189e3800 [ 84.697903] R13: ffff8880147059e8 R14: ffffffff8352e670 R15: ffff8880180bfe68 [ 84.698484] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.699294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.699768] CR2: 00007f4b877410e8 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 84.700349] PKRU: 55555554 [ 84.700583] Call Trace: [ 84.700795] [ 84.700983] __iommufd_access_detach+0x1c2/0x2b0 [ 84.701466] iommufd_access_change_pt+0x149/0x270 [ 84.701915] iommufd_access_replace+0xb4/0x120 [ 84.702302] iommufd_test+0x3e5/0x37e0 [ 84.702652] ? lock_release+0x532/0x770 [ 84.702989] ? __might_fault+0x102/0x1b0 [ 84.703340] ? lock_acquire+0x427/0x4c0 [ 84.703700] ? __pfx_iommufd_test+0x10/0x10 [ 84.704304] ? __pfx_lock_release+0x10/0x10 [ 84.704673] ? __pfx_lock_acquire+0x10/0x10 [ 84.705040] ? write_comp_data+0x2f/0x90 [ 84.705378] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.706070] ? write_comp_data+0x2f/0x90 [ 84.706419] iommufd_fops_ioctl+0x37d/0x510 [ 84.706822] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.707240] ? write_comp_data+0x2f/0x90 [ 84.707584] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.707980] __x64_sys_ioctl+0x1a3/0x230 [ 84.708367] do_syscall_64+0x3b/0x90 [ 84.708750] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.709176] RIP: 0033:0x7f4b8743ee5d [ 84.709480] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.711096] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.711723] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.712302] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.713012] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.713593] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.714174] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.714897] [ 84.715090] irq event stamp: 0 [ 84.715364] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.715877] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.716554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.717368] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.717881] ---[ end trace 0000000000000000 ]--- [ 84.720983] ------------[ cut here ]------------ [ 84.721454] WARNING: CPU: 1 PID: 723 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.722278] Modules linked in: [ 84.722569] CPU: 1 PID: 723 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.723409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.724319] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.724730] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.726345] RSP: 0018:ffff8880180bfbd0 EFLAGS: 00010246 [ 84.726842] RAX: 0000000000000000 RBX: ffff8880147058a8 RCX: 0000000000000000 [ 84.727471] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 84.728075] RBP: ffff8880180bfbe8 R08: ffffed10028e0b33 R09: ffffed10028e0b33 [ 84.728664] R10: ffff888014705993 R11: ffffed10028e0b32 R12: ffff888020b32c00 [ 84.729248] R13: ffff8880147059e8 R14: ffff8880143e1300 R15: 0000000000000000 [ 84.729829] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.730494] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.730997] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 84.731590] PKRU: 55555554 [ 84.731822] Call Trace: [ 84.732032] [ 84.732217] iommufd_access_destroy_object+0x65/0x170 [ 84.732646] iommufd_object_destroy_user+0x18e/0x220 [ 84.733147] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.733631] iommufd_access_destroy+0x43/0x70 [ 84.734010] iommufd_test_staccess_release+0x8d/0xd0 [ 84.734435] __fput+0x26d/0xa40 [ 84.734746] ____fput+0x1e/0x30 [ 84.735026] task_work_run+0x1a4/0x2d0 [ 84.735364] ? __pfx_task_work_run+0x10/0x10 [ 84.735732] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.736150] ? switch_task_namespaces+0xa9/0xe0 [ 84.736546] do_exit+0xb17/0x2ef0 [ 84.736829] ? lock_acquire+0x427/0x4c0 [ 84.737159] ? __pfx_lock_release+0x10/0x10 [ 84.737514] ? __kasan_check_write+0x18/0x20 [ 84.737874] ? do_raw_spin_lock+0x132/0x2a0 [ 84.738230] ? __pfx_do_exit+0x10/0x10 [ 84.738575] ? debug_smp_processor_id+0x20/0x30 [ 84.739039] ? rcu_is_watching+0x19/0xb0 [ 84.739383] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.739796] ? trace_hardirqs_on+0x26/0x120 [ 84.740255] do_group_exit+0xe0/0x2b0 [ 84.740568] __x64_sys_exit_group+0x47/0x50 [ 84.740920] do_syscall_64+0x3b/0x90 [ 84.741231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.741660] RIP: 0033:0x7f4b87518a4d [ 84.741971] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.742616] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.743236] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.743809] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.744389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.745074] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.745658] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.746238] [ 84.746430] irq event stamp: 0 [ 84.746718] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.747245] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.748050] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.748720] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.749236] ---[ end trace 0000000000000000 ]--- [ 84.749958] ------------[ cut here ]------------ [ 84.750343] WARNING: CPU: 1 PID: 723 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.751225] Modules linked in: [ 84.751490] CPU: 1 PID: 723 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.752235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.753221] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.753640] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.755257] RSP: 0018:ffff8880180bfb78 EFLAGS: 00010246 [ 84.755689] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.756264] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 84.756872] RBP: ffff8880180bfb98 R08: ffffed10028e0b3e R09: ffffed10028e0b3e [ 84.757528] R10: ffff8880147059ef R11: ffffed10028e0b3d R12: ffff888014705a90 [ 84.758105] R13: ffff8880147058a8 R14: ffffffffffffffff R15: ffff8880180bfc60 [ 84.758697] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.759347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.759814] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 84.760382] PKRU: 55555554 [ 84.760612] Call Trace: [ 84.760820] [ 84.761006] iommufd_ioas_destroy+0x53/0x70 [ 84.761370] iommufd_fops_release+0x1f7/0x370 [ 84.761737] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.762140] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.762559] ? write_comp_data+0x2f/0x90 [ 84.762897] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.763312] __fput+0x26d/0xa40 [ 84.763594] ____fput+0x1e/0x30 [ 84.763868] task_work_run+0x1a4/0x2d0 [ 84.764189] ? __pfx_task_work_run+0x10/0x10 [ 84.764549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.765004] ? switch_task_namespaces+0xa9/0xe0 [ 84.765396] do_exit+0xb17/0x2ef0 [ 84.765682] ? lock_acquire+0x427/0x4c0 [ 84.766014] ? __pfx_lock_release+0x10/0x10 [ 84.766369] ? __kasan_check_write+0x18/0x20 [ 84.766752] ? do_raw_spin_lock+0x132/0x2a0 [ 84.767103] ? __pfx_do_exit+0x10/0x10 [ 84.767434] ? debug_smp_processor_id+0x20/0x30 [ 84.767815] ? rcu_is_watching+0x19/0xb0 [ 84.768148] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.768519] ? trace_hardirqs_on+0x26/0x120 [ 84.768877] do_group_exit+0xe0/0x2b0 [ 84.769186] __x64_sys_exit_group+0x47/0x50 [ 84.769533] do_syscall_64+0x3b/0x90 [ 84.769845] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.770269] RIP: 0033:0x7f4b87518a4d [ 84.770599] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.771098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.771718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.772292] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.772858] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.773427] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.774000] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.774604] [ 84.774796] irq event stamp: 0 [ 84.775052] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.775564] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.776231] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.776896] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.777399] ---[ end trace 0000000000000000 ]--- [ 84.781313] ------------[ cut here ]------------ [ 84.781727] WARNING: CPU: 1 PID: 724 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.782713] Modules linked in: [ 84.782969] CPU: 1 PID: 724 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.783663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.784530] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.784922] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.786339] RSP: 0018:ffff8880172d7bb8 EFLAGS: 00010246 [ 84.786801] RAX: 0000000000000000 RBX: ffff888012c550a8 RCX: 0000000000000000 [ 84.787358] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 84.787910] RBP: ffff8880172d7bd0 R08: ffffed100258aa33 R09: ffffed100258aa33 [ 84.788461] R10: ffff888012c55193 R11: ffffed100258aa32 R12: ffff888010b27800 [ 84.789012] R13: ffff888012c551e8 R14: ffffffff8352e670 R15: ffff8880172d7e68 [ 84.789566] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.790187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.790650] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 84.791215] PKRU: 55555554 [ 84.791438] Call Trace: [ 84.791636] [ 84.791812] __iommufd_access_detach+0x1c2/0x2b0 [ 84.792196] iommufd_access_change_pt+0x149/0x270 [ 84.792580] iommufd_access_replace+0xb4/0x120 [ 84.792949] iommufd_test+0x3e5/0x37e0 [ 84.793256] ? lock_release+0x532/0x770 [ 84.793579] ? __might_fault+0x102/0x1b0 [ 84.793902] ? lock_acquire+0x427/0x4c0 [ 84.794221] ? __pfx_iommufd_test+0x10/0x10 [ 84.794573] ? __pfx_lock_release+0x10/0x10 [ 84.794919] ? __pfx_lock_acquire+0x10/0x10 [ 84.795274] ? write_comp_data+0x2f/0x90 [ 84.795603] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.795991] ? write_comp_data+0x2f/0x90 [ 84.796325] iommufd_fops_ioctl+0x37d/0x510 [ 84.796685] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.797195] ? write_comp_data+0x2f/0x90 [ 84.797668] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.798054] __x64_sys_ioctl+0x1a3/0x230 [ 84.798383] do_syscall_64+0x3b/0x90 [ 84.798729] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.799153] RIP: 0033:0x7f4b8743ee5d [ 84.799445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.800994] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.801594] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.802196] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.802859] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.803417] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.803967] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.804578] [ 84.804823] irq event stamp: 0 [ 84.805070] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.805560] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.806208] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.806992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.807486] ---[ end trace 0000000000000000 ]--- [ 84.810181] ------------[ cut here ]------------ [ 84.810600] WARNING: CPU: 1 PID: 724 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.811512] Modules linked in: [ 84.811765] CPU: 1 PID: 724 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.812452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.813434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.813825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.815371] RSP: 0018:ffff8880172d7bd0 EFLAGS: 00010246 [ 84.815787] RAX: 0000000000000000 RBX: ffff888012c550a8 RCX: 0000000000000000 [ 84.816340] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 84.816895] RBP: ffff8880172d7be8 R08: ffffed100258aa33 R09: ffffed100258aa33 [ 84.817551] R10: ffff888012c55193 R11: ffffed100258aa32 R12: ffff8880189e2800 [ 84.818101] R13: ffff888012c551e8 R14: ffff88800fd08d00 R15: 0000000000000000 [ 84.818667] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.819301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.819783] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.820408] PKRU: 55555554 [ 84.820631] Call Trace: [ 84.820829] [ 84.821006] iommufd_access_destroy_object+0x65/0x170 [ 84.821417] iommufd_object_destroy_user+0x18e/0x220 [ 84.821915] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.822373] iommufd_access_destroy+0x43/0x70 [ 84.822753] iommufd_test_staccess_release+0x8d/0xd0 [ 84.823167] __fput+0x26d/0xa40 [ 84.823442] ____fput+0x1e/0x30 [ 84.823715] task_work_run+0x1a4/0x2d0 [ 84.824032] ? __pfx_task_work_run+0x10/0x10 [ 84.824383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.824770] ? switch_task_namespaces+0xa9/0xe0 [ 84.825143] do_exit+0xb17/0x2ef0 [ 84.825415] ? lock_acquire+0x427/0x4c0 [ 84.825735] ? __pfx_lock_release+0x10/0x10 [ 84.826076] ? __kasan_check_write+0x18/0x20 [ 84.826423] ? do_raw_spin_lock+0x132/0x2a0 [ 84.826784] ? __pfx_do_exit+0x10/0x10 [ 84.827099] ? debug_smp_processor_id+0x20/0x30 [ 84.827480] ? rcu_is_watching+0x19/0xb0 [ 84.827806] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.828167] ? trace_hardirqs_on+0x26/0x120 [ 84.828512] do_group_exit+0xe0/0x2b0 [ 84.828813] __x64_sys_exit_group+0x47/0x50 [ 84.829223] do_syscall_64+0x3b/0x90 [ 84.829522] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.829934] RIP: 0033:0x7f4b87518a4d [ 84.830225] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.830728] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.831329] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.831881] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.832437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.832987] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.833536] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.834093] [ 84.834277] irq event stamp: 0 [ 84.834544] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.835036] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.835710] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.836448] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.837053] ---[ end trace 0000000000000000 ]--- [ 84.837773] ------------[ cut here ]------------ [ 84.838138] WARNING: CPU: 1 PID: 724 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.838945] Modules linked in: [ 84.839208] CPU: 1 PID: 724 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.839886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.840740] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.841134] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.842600] RSP: 0018:ffff8880172d7b78 EFLAGS: 00010246 [ 84.843010] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.843563] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 84.844112] RBP: ffff8880172d7b98 R08: ffffed100258aa3e R09: ffffed100258aa3e [ 84.844654] R10: ffff888012c551ef R11: ffffed100258aa3d R12: ffff888012c55290 [ 84.845194] R13: ffff888012c550a8 R14: ffffffffffffffff R15: ffff8880172d7c60 [ 84.845733] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.846346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.846805] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.847371] PKRU: 55555554 [ 84.847592] Call Trace: [ 84.847787] [ 84.847961] iommufd_ioas_destroy+0x53/0x70 [ 84.848300] iommufd_fops_release+0x1f7/0x370 [ 84.848650] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.849035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.849415] ? write_comp_data+0x2f/0x90 [ 84.849736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.850118] __fput+0x26d/0xa40 [ 84.850387] ____fput+0x1e/0x30 [ 84.850668] task_work_run+0x1a4/0x2d0 [ 84.850977] ? __pfx_task_work_run+0x10/0x10 [ 84.851324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.851704] ? switch_task_namespaces+0xa9/0xe0 [ 84.852076] do_exit+0xb17/0x2ef0 [ 84.852342] ? lock_acquire+0x427/0x4c0 [ 84.852656] ? __pfx_lock_release+0x10/0x10 [ 84.852993] ? __kasan_check_write+0x18/0x20 [ 84.853332] ? do_raw_spin_lock+0x132/0x2a0 [ 84.853662] ? __pfx_do_exit+0x10/0x10 [ 84.853969] ? debug_smp_processor_id+0x20/0x30 [ 84.854331] ? rcu_is_watching+0x19/0xb0 [ 84.854664] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.855021] ? trace_hardirqs_on+0x26/0x120 [ 84.855367] do_group_exit+0xe0/0x2b0 [ 84.855664] __x64_sys_exit_group+0x47/0x50 [ 84.855998] do_syscall_64+0x3b/0x90 [ 84.856296] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.856698] RIP: 0033:0x7f4b87518a4d [ 84.856987] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.857460] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.858038] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.858599] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.859152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.859695] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.860237] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.860790] [ 84.861021] irq event stamp: 0 [ 84.861264] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.861748] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.862389] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.863044] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.863529] ---[ end trace 0000000000000000 ]--- [ 84.868231] ------------[ cut here ]------------ [ 84.868621] WARNING: CPU: 1 PID: 725 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.869388] Modules linked in: [ 84.869632] CPU: 1 PID: 725 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.870291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.871179] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.871563] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.872948] RSP: 0018:ffff88801440fbb8 EFLAGS: 00010246 [ 84.873357] RAX: 0000000000000000 RBX: ffff888023df68a8 RCX: 0000000000000000 [ 84.873898] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 84.874443] RBP: ffff88801440fbd0 R08: ffffed10047bed33 R09: ffffed10047bed33 [ 84.874998] R10: ffff888023df6993 R11: ffffed10047bed32 R12: ffff888012eacc00 [ 84.875552] R13: ffff888023df69e8 R14: ffffffff8352e670 R15: ffff88801440fe68 [ 84.876094] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.876704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.877148] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ee0 [ 84.877691] PKRU: 55555554 [ 84.877907] Call Trace: [ 84.878104] [ 84.878277] __iommufd_access_detach+0x1c2/0x2b0 [ 84.878667] iommufd_access_change_pt+0x149/0x270 [ 84.879047] iommufd_access_replace+0xb4/0x120 [ 84.879425] iommufd_test+0x3e5/0x37e0 [ 84.879724] ? lock_release+0x532/0x770 [ 84.880039] ? __might_fault+0x102/0x1b0 [ 84.880357] ? lock_acquire+0x427/0x4c0 [ 84.880670] ? __pfx_iommufd_test+0x10/0x10 [ 84.880998] ? __pfx_lock_release+0x10/0x10 [ 84.881335] ? __pfx_lock_acquire+0x10/0x10 [ 84.881674] ? write_comp_data+0x2f/0x90 [ 84.881994] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.882371] ? write_comp_data+0x2f/0x90 [ 84.882710] iommufd_fops_ioctl+0x37d/0x510 [ 84.883051] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.883442] ? write_comp_data+0x2f/0x90 [ 84.883762] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.884134] __x64_sys_ioctl+0x1a3/0x230 [ 84.884455] do_syscall_64+0x3b/0x90 [ 84.884754] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.885161] RIP: 0033:0x7f4b8743ee5d [ 84.885447] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.886852] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.887450] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.887995] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.888540] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.889081] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.889621] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.890175] [ 84.890355] irq event stamp: 0 [ 84.890623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.891111] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.891757] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.892392] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.892866] ---[ end trace 0000000000000000 ]--- [ 84.895613] ------------[ cut here ]------------ [ 84.895979] WARNING: CPU: 1 PID: 725 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.896729] Modules linked in: [ 84.896968] CPU: 1 PID: 725 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.897610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.898456] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.898852] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.900209] RSP: 0018:ffff88801440fbd0 EFLAGS: 00010246 [ 84.900608] RAX: 0000000000000000 RBX: ffff888023df68a8 RCX: 0000000000000000 [ 84.901140] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 84.901666] RBP: ffff88801440fbe8 R08: ffffed10047bed33 R09: ffffed10047bed33 [ 84.902193] R10: ffff888023df6993 R11: ffffed10047bed32 R12: ffff888010b26800 [ 84.902735] R13: ffff888023df69e8 R14: ffff888020a7d100 R15: 0000000000000000 [ 84.903276] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.903872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.904301] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.904830] PKRU: 55555554 [ 84.905043] Call Trace: [ 84.905235] [ 84.905407] iommufd_access_destroy_object+0x65/0x170 [ 84.905801] iommufd_object_destroy_user+0x18e/0x220 [ 84.906188] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.906652] iommufd_access_destroy+0x43/0x70 [ 84.907004] iommufd_test_staccess_release+0x8d/0xd0 [ 84.907402] __fput+0x26d/0xa40 [ 84.907670] ____fput+0x1e/0x30 [ 84.907926] task_work_run+0x1a4/0x2d0 [ 84.908226] ? __pfx_task_work_run+0x10/0x10 [ 84.908562] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.908933] ? switch_task_namespaces+0xa9/0xe0 [ 84.909296] do_exit+0xb17/0x2ef0 [ 84.909559] ? lock_acquire+0x427/0x4c0 [ 84.909868] ? __pfx_lock_release+0x10/0x10 [ 84.910198] ? __kasan_check_write+0x18/0x20 [ 84.910553] ? do_raw_spin_lock+0x132/0x2a0 [ 84.910883] ? __pfx_do_exit+0x10/0x10 [ 84.911205] ? debug_smp_processor_id+0x20/0x30 [ 84.911559] ? rcu_is_watching+0x19/0xb0 [ 84.911874] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.912220] ? trace_hardirqs_on+0x26/0x120 [ 84.912555] do_group_exit+0xe0/0x2b0 [ 84.912848] __x64_sys_exit_group+0x47/0x50 [ 84.913169] do_syscall_64+0x3b/0x90 [ 84.913456] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.913853] RIP: 0033:0x7f4b87518a4d [ 84.914136] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.914622] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.915196] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.915725] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.916255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.916790] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.917320] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.917858] [ 84.918034] irq event stamp: 0 [ 84.918270] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.918766] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.919397] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.920017] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.920490] ---[ end trace 0000000000000000 ]--- [ 84.921158] ------------[ cut here ]------------ [ 84.921511] WARNING: CPU: 1 PID: 725 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 84.922265] Modules linked in: [ 84.922530] CPU: 1 PID: 725 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.923181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.924018] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 84.924407] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 84.925823] RSP: 0018:ffff88801440fb78 EFLAGS: 00010246 [ 84.926229] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.926795] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 84.927341] RBP: ffff88801440fb98 R08: ffffed10047bed3e R09: ffffed10047bed3e [ 84.927876] R10: ffff888023df69ef R11: ffffed10047bed3d R12: ffff888023df6a90 [ 84.928406] R13: ffff888023df68a8 R14: ffffffffffffffff R15: ffff88801440fc60 [ 84.928935] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.929535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.929972] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.930527] PKRU: 55555554 [ 84.930742] Call Trace: [ 84.930935] [ 84.931114] iommufd_ioas_destroy+0x53/0x70 [ 84.931446] iommufd_fops_release+0x1f7/0x370 [ 84.931790] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.932169] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.932545] ? write_comp_data+0x2f/0x90 [ 84.932863] ? __pfx_iommufd_fops_release+0x10/0x10 [ 84.933242] __fput+0x26d/0xa40 [ 84.933505] ____fput+0x1e/0x30 [ 84.933763] task_work_run+0x1a4/0x2d0 [ 84.934062] ? __pfx_task_work_run+0x10/0x10 [ 84.934398] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.934791] ? switch_task_namespaces+0xa9/0xe0 [ 84.935172] do_exit+0xb17/0x2ef0 [ 84.935438] ? lock_acquire+0x427/0x4c0 [ 84.935750] ? __pfx_lock_release+0x10/0x10 [ 84.936084] ? __kasan_check_write+0x18/0x20 [ 84.936426] ? do_raw_spin_lock+0x132/0x2a0 [ 84.936754] ? __pfx_do_exit+0x10/0x10 [ 84.937052] ? debug_smp_processor_id+0x20/0x30 [ 84.937406] ? rcu_is_watching+0x19/0xb0 [ 84.937712] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.938061] ? trace_hardirqs_on+0x26/0x120 [ 84.938394] do_group_exit+0xe0/0x2b0 [ 84.938704] __x64_sys_exit_group+0x47/0x50 [ 84.939035] do_syscall_64+0x3b/0x90 [ 84.939331] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.939732] RIP: 0033:0x7f4b87518a4d [ 84.940011] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.940467] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.941037] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.941574] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.942103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.942658] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.943206] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 84.943753] [ 84.943928] irq event stamp: 0 [ 84.944166] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.944640] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.945262] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.945885] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.946356] ---[ end trace 0000000000000000 ]--- [ 84.950902] ------------[ cut here ]------------ [ 84.951295] WARNING: CPU: 1 PID: 726 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.952044] Modules linked in: [ 84.952285] CPU: 1 PID: 726 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.952929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.953765] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.954138] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.955726] RSP: 0018:ffff88800b9e7bb8 EFLAGS: 00010246 [ 84.956132] RAX: 0000000000000000 RBX: ffff88801619d8a8 RCX: 0000000000000000 [ 84.956662] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 84.957248] RBP: ffff88800b9e7bd0 R08: ffffed1002c33b33 R09: ffffed1002c33b33 [ 84.957776] R10: ffff88801619d993 R11: ffffed1002c33b32 R12: ffff888016c9b000 [ 84.958303] R13: ffff88801619d9e8 R14: ffffffff8352e670 R15: ffff88800b9e7e68 [ 84.958853] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.959459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.959894] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 84.960428] PKRU: 55555554 [ 84.960643] Call Trace: [ 84.960835] [ 84.961007] __iommufd_access_detach+0x1c2/0x2b0 [ 84.961379] iommufd_access_change_pt+0x149/0x270 [ 84.961749] iommufd_access_replace+0xb4/0x120 [ 84.962103] iommufd_test+0x3e5/0x37e0 [ 84.962398] ? lock_release+0x532/0x770 [ 84.962732] ? __might_fault+0x102/0x1b0 [ 84.963053] ? lock_acquire+0x427/0x4c0 [ 84.963372] ? __pfx_iommufd_test+0x10/0x10 [ 84.963696] ? __pfx_lock_release+0x10/0x10 [ 84.964024] ? __pfx_lock_acquire+0x10/0x10 [ 84.964363] ? write_comp_data+0x2f/0x90 [ 84.964677] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.965047] ? write_comp_data+0x2f/0x90 [ 84.965366] iommufd_fops_ioctl+0x37d/0x510 [ 84.965695] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.966068] ? write_comp_data+0x2f/0x90 [ 84.966383] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 84.966777] __x64_sys_ioctl+0x1a3/0x230 [ 84.967096] do_syscall_64+0x3b/0x90 [ 84.967394] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.967793] RIP: 0033:0x7f4b8743ee5d [ 84.968074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 84.969432] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 84.970008] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 84.970569] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 84.971103] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 84.971650] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 84.972178] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 84.972714] [ 84.972892] irq event stamp: 0 [ 84.973132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 84.973606] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 84.974228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 84.974874] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 84.975360] ---[ end trace 0000000000000000 ]--- [ 84.978019] ------------[ cut here ]------------ [ 84.978401] WARNING: CPU: 1 PID: 726 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 84.979189] Modules linked in: [ 84.979434] CPU: 1 PID: 726 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 84.980081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 84.980918] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 84.981295] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 84.982660] RSP: 0018:ffff88800b9e7bd0 EFLAGS: 00010246 [ 84.983062] RAX: 0000000000000000 RBX: ffff88801619d8a8 RCX: 0000000000000000 [ 84.983597] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 84.984127] RBP: ffff88800b9e7be8 R08: ffffed1002c33b33 R09: ffffed1002c33b33 [ 84.984654] R10: ffff88801619d993 R11: ffffed1002c33b32 R12: ffff888012eae400 [ 84.985181] R13: ffff88801619d9e8 R14: ffff88801287ee00 R15: 0000000000000000 [ 84.985712] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 84.986306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.986767] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 84.987311] PKRU: 55555554 [ 84.987523] Call Trace: [ 84.987716] [ 84.987886] iommufd_access_destroy_object+0x65/0x170 [ 84.988276] iommufd_object_destroy_user+0x18e/0x220 [ 84.988659] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 84.989152] iommufd_access_destroy+0x43/0x70 [ 84.989498] iommufd_test_staccess_release+0x8d/0xd0 [ 84.989884] __fput+0x26d/0xa40 [ 84.990145] ____fput+0x1e/0x30 [ 84.990402] task_work_run+0x1a4/0x2d0 [ 84.990725] ? __pfx_task_work_run+0x10/0x10 [ 84.991064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 84.991446] ? switch_task_namespaces+0xa9/0xe0 [ 84.991811] do_exit+0xb17/0x2ef0 [ 84.992074] ? lock_acquire+0x427/0x4c0 [ 84.992385] ? __pfx_lock_release+0x10/0x10 [ 84.992719] ? __kasan_check_write+0x18/0x20 [ 84.993052] ? do_raw_spin_lock+0x132/0x2a0 [ 84.993377] ? __pfx_do_exit+0x10/0x10 [ 84.993678] ? debug_smp_processor_id+0x20/0x30 [ 84.994035] ? rcu_is_watching+0x19/0xb0 [ 84.994342] ? _raw_spin_unlock_irq+0x2b/0x60 [ 84.994707] ? trace_hardirqs_on+0x26/0x120 [ 84.995038] do_group_exit+0xe0/0x2b0 [ 84.995328] __x64_sys_exit_group+0x47/0x50 [ 84.995652] do_syscall_64+0x3b/0x90 [ 84.995940] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 84.996335] RIP: 0033:0x7f4b87518a4d [ 84.996619] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 84.997078] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 84.997642] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 84.998174] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 84.998725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 84.999270] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 84.999803] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.000343] [ 85.000519] irq event stamp: 0 [ 85.000754] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.001225] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.001854] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.002477] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.002978] ---[ end trace 0000000000000000 ]--- [ 85.003660] ------------[ cut here ]------------ [ 85.004014] WARNING: CPU: 1 PID: 726 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.004773] Modules linked in: [ 85.005016] CPU: 1 PID: 726 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.005659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.006497] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.006918] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.008276] RSP: 0018:ffff88800b9e7b78 EFLAGS: 00010246 [ 85.008673] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.009195] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 85.009719] RBP: ffff88800b9e7b98 R08: ffffed1002c33b3e R09: ffffed1002c33b3e [ 85.010241] R10: ffff88801619d9ef R11: ffffed1002c33b3d R12: ffff88801619da90 [ 85.010786] R13: ffff88801619d8a8 R14: ffffffffffffffff R15: ffff88800b9e7c60 [ 85.011320] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.011915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.012342] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 85.012875] PKRU: 55555554 [ 85.013087] Call Trace: [ 85.013279] [ 85.013448] iommufd_ioas_destroy+0x53/0x70 [ 85.013780] iommufd_fops_release+0x1f7/0x370 [ 85.014120] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.014491] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.014892] ? write_comp_data+0x2f/0x90 [ 85.015214] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.015592] __fput+0x26d/0xa40 [ 85.015852] ____fput+0x1e/0x30 [ 85.016107] task_work_run+0x1a4/0x2d0 [ 85.016404] ? __pfx_task_work_run+0x10/0x10 [ 85.016738] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.017105] ? switch_task_namespaces+0xa9/0xe0 [ 85.017459] do_exit+0xb17/0x2ef0 [ 85.017716] ? lock_acquire+0x427/0x4c0 [ 85.018020] ? __pfx_lock_release+0x10/0x10 [ 85.018345] ? __kasan_check_write+0x18/0x20 [ 85.018701] ? do_raw_spin_lock+0x132/0x2a0 [ 85.019024] ? __pfx_do_exit+0x10/0x10 [ 85.019334] ? debug_smp_processor_id+0x20/0x30 [ 85.019687] ? rcu_is_watching+0x19/0xb0 [ 85.019992] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.020331] ? trace_hardirqs_on+0x26/0x120 [ 85.020659] do_group_exit+0xe0/0x2b0 [ 85.020994] __x64_sys_exit_group+0x47/0x50 [ 85.021319] do_syscall_64+0x3b/0x90 [ 85.021607] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.022001] RIP: 0033:0x7f4b87518a4d [ 85.022278] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.022754] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.023334] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.023870] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.024405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.024938] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.025472] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.026014] [ 85.026191] irq event stamp: 0 [ 85.026428] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.026936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.027594] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.028245] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.028751] ---[ end trace 0000000000000000 ]--- [ 85.032957] ------------[ cut here ]------------ [ 85.033347] WARNING: CPU: 1 PID: 727 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.034112] Modules linked in: [ 85.034358] CPU: 1 PID: 727 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.035242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.036098] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.036482] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.037878] RSP: 0018:ffff8880188efbb8 EFLAGS: 00010246 [ 85.038290] RAX: 0000000000000000 RBX: ffff8880189830a8 RCX: 0000000000000000 [ 85.038863] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 85.039434] RBP: ffff8880188efbd0 R08: ffffed1003130633 R09: ffffed1003130633 [ 85.039993] R10: ffff888018983193 R11: ffffed1003130632 R12: ffff888013c8d400 [ 85.040540] R13: ffff8880189831e8 R14: ffffffff8352e670 R15: ffff8880188efe68 [ 85.041092] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.041722] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.042179] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ee0 [ 85.042768] PKRU: 55555554 [ 85.042996] Call Trace: [ 85.043221] [ 85.043406] __iommufd_access_detach+0x1c2/0x2b0 [ 85.043809] iommufd_access_change_pt+0x149/0x270 [ 85.044211] iommufd_access_replace+0xb4/0x120 [ 85.044601] iommufd_test+0x3e5/0x37e0 [ 85.044926] ? lock_release+0x532/0x770 [ 85.045268] ? __might_fault+0x102/0x1b0 [ 85.045611] ? lock_acquire+0x427/0x4c0 [ 85.045947] ? __pfx_iommufd_test+0x10/0x10 [ 85.046300] ? __pfx_lock_release+0x10/0x10 [ 85.046702] ? __pfx_lock_acquire+0x10/0x10 [ 85.047068] ? write_comp_data+0x2f/0x90 [ 85.047414] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.047824] ? write_comp_data+0x2f/0x90 [ 85.048171] iommufd_fops_ioctl+0x37d/0x510 [ 85.048537] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.048950] ? write_comp_data+0x2f/0x90 [ 85.049294] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.049687] __x64_sys_ioctl+0x1a3/0x230 [ 85.050033] do_syscall_64+0x3b/0x90 [ 85.050349] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.050802] RIP: 0033:0x7f4b8743ee5d [ 85.051118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.052608] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.053464] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.054078] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.054690] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.055319] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.056007] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.056607] [ 85.056806] irq event stamp: 0 [ 85.057069] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.057663] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.058366] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.059083] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.059606] ---[ end trace 0000000000000000 ]--- [ 85.062378] ------------[ cut here ]------------ [ 85.062944] WARNING: CPU: 1 PID: 727 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.063812] Modules linked in: [ 85.064087] CPU: 1 PID: 727 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.064823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.065946] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.066380] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.068274] RSP: 0018:ffff8880188efbd0 EFLAGS: 00010246 [ 85.068780] RAX: 0000000000000000 RBX: ffff8880189830a8 RCX: 0000000000000000 [ 85.069399] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 85.070017] RBP: ffff8880188efbe8 R08: ffffed1003130633 R09: ffffed1003130633 [ 85.070677] R10: ffff888018983193 R11: ffffed1003130632 R12: ffff888016c99c00 [ 85.071417] R13: ffff8880189831e8 R14: ffff8880143e1100 R15: 0000000000000000 [ 85.072109] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.072810] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.073323] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 85.074116] PKRU: 55555554 [ 85.074362] Call Trace: [ 85.074618] [ 85.074819] iommufd_access_destroy_object+0x65/0x170 [ 85.075284] iommufd_object_destroy_user+0x18e/0x220 [ 85.075733] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.076253] iommufd_access_destroy+0x43/0x70 [ 85.076706] iommufd_test_staccess_release+0x8d/0xd0 [ 85.077260] __fput+0x26d/0xa40 [ 85.077566] ____fput+0x1e/0x30 [ 85.077865] task_work_run+0x1a4/0x2d0 [ 85.078215] ? __pfx_task_work_run+0x10/0x10 [ 85.078657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.079141] ? switch_task_namespaces+0xa9/0xe0 [ 85.079583] do_exit+0xb17/0x2ef0 [ 85.080012] ? lock_acquire+0x427/0x4c0 [ 85.080453] ? __pfx_lock_release+0x10/0x10 [ 85.080867] ? __kasan_check_write+0x18/0x20 [ 85.081276] ? do_raw_spin_lock+0x132/0x2a0 [ 85.081678] ? __pfx_do_exit+0x10/0x10 [ 85.082104] ? debug_smp_processor_id+0x20/0x30 [ 85.082730] ? rcu_is_watching+0x19/0xb0 [ 85.083129] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.083555] ? trace_hardirqs_on+0x26/0x120 [ 85.083968] do_group_exit+0xe0/0x2b0 [ 85.084328] __x64_sys_exit_group+0x47/0x50 [ 85.084743] do_syscall_64+0x3b/0x90 [ 85.085183] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.085774] RIP: 0033:0x7f4b87518a4d [ 85.086264] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.086873] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.087593] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.088250] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.088994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.089868] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.090579] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.091274] [ 85.091505] irq event stamp: 0 [ 85.091806] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.092459] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.093440] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.094225] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.094863] ---[ end trace 0000000000000000 ]--- [ 85.095685] ------------[ cut here ]------------ [ 85.096214] WARNING: CPU: 1 PID: 727 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.097337] Modules linked in: [ 85.097654] CPU: 1 PID: 727 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.098478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.099809] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.100310] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.102066] RSP: 0018:ffff8880188efb78 EFLAGS: 00010246 [ 85.102839] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.103800] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 85.104538] RBP: ffff8880188efb98 R08: ffffed100313063e R09: ffffed100313063e [ 85.105265] R10: ffff8880189831ef R11: ffffed100313063d R12: ffff888018983290 [ 85.105993] R13: ffff8880189830a8 R14: ffffffffffffffff R15: ffff8880188efc60 [ 85.106987] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.107939] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.108548] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 85.109291] PKRU: 55555554 [ 85.109590] Call Trace: [ 85.109858] [ 85.110186] iommufd_ioas_destroy+0x53/0x70 [ 85.110875] iommufd_fops_release+0x1f7/0x370 [ 85.111372] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.111898] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.112424] ? write_comp_data+0x2f/0x90 [ 85.112868] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.113390] __fput+0x26d/0xa40 [ 85.113846] ____fput+0x1e/0x30 [ 85.114321] task_work_run+0x1a4/0x2d0 [ 85.114906] ? __pfx_task_work_run+0x10/0x10 [ 85.115381] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.115899] ? switch_task_namespaces+0xa9/0xe0 [ 85.116397] do_exit+0xb17/0x2ef0 [ 85.116763] ? lock_acquire+0x427/0x4c0 [ 85.117274] ? __pfx_lock_release+0x10/0x10 [ 85.117813] ? __kasan_check_write+0x18/0x20 [ 85.118413] ? do_raw_spin_lock+0x132/0x2a0 [ 85.119031] ? __pfx_do_exit+0x10/0x10 [ 85.119463] ? debug_smp_processor_id+0x20/0x30 [ 85.119955] ? rcu_is_watching+0x19/0xb0 [ 85.120393] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.120866] ? trace_hardirqs_on+0x26/0x120 [ 85.121355] do_group_exit+0xe0/0x2b0 [ 85.121887] __x64_sys_exit_group+0x47/0x50 [ 85.122473] do_syscall_64+0x3b/0x90 [ 85.122923] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.123485] RIP: 0033:0x7f4b87518a4d [ 85.123885] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.124556] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.125437] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.126429] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.127367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.128111] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.128850] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.129600] [ 85.129903] irq event stamp: 0 [ 85.130332] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.131275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.132186] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.133041] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.133701] ---[ end trace 0000000000000000 ]--- [ 85.139555] ------------[ cut here ]------------ [ 85.140303] WARNING: CPU: 1 PID: 728 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.141370] Modules linked in: [ 85.141709] CPU: 1 PID: 728 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.142855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.144239] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.144810] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.147120] RSP: 0018:ffff88800b9e7bb8 EFLAGS: 00010246 [ 85.147706] RAX: 0000000000000000 RBX: ffff88800f1bd0a8 RCX: 0000000000000000 [ 85.148460] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 85.149391] RBP: ffff88800b9e7bd0 R08: ffffed1001e37a33 R09: ffffed1001e37a33 [ 85.150420] R10: ffff88800f1bd193 R11: ffffed1001e37a32 R12: ffff888021bca000 [ 85.151229] R13: ffff88800f1bd1e8 R14: ffffffff8352e670 R15: ffff88800b9e7e68 [ 85.151981] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.153006] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.153866] CR2: 00007f4b877410e8 CR3: 0000000014082000 CR4: 0000000000750ee0 [ 85.154668] PKRU: 55555554 [ 85.154978] Call Trace: [ 85.155271] [ 85.155527] __iommufd_access_detach+0x1c2/0x2b0 [ 85.156061] iommufd_access_change_pt+0x149/0x270 [ 85.156776] iommufd_access_replace+0xb4/0x120 [ 85.157378] iommufd_test+0x3e5/0x37e0 [ 85.157805] ? lock_release+0x532/0x770 [ 85.158279] ? __might_fault+0x102/0x1b0 [ 85.158767] ? lock_acquire+0x427/0x4c0 [ 85.159225] ? __pfx_iommufd_test+0x10/0x10 [ 85.159747] ? __pfx_lock_release+0x10/0x10 [ 85.160375] ? __pfx_lock_acquire+0x10/0x10 [ 85.160989] ? write_comp_data+0x2f/0x90 [ 85.161445] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.161979] ? write_comp_data+0x2f/0x90 [ 85.162430] iommufd_fops_ioctl+0x37d/0x510 [ 85.162960] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.163600] ? write_comp_data+0x2f/0x90 [ 85.164187] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.164717] __x64_sys_ioctl+0x1a3/0x230 [ 85.165172] do_syscall_64+0x3b/0x90 [ 85.165590] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.166189] RIP: 0033:0x7f4b8743ee5d [ 85.166810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.168748] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.169718] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.170783] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.171566] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.172325] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.173126] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.174177] [ 85.174435] irq event stamp: 0 [ 85.174801] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.175491] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.176441] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.177629] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.178304] ---[ end trace 0000000000000000 ]--- [ 85.183685] ------------[ cut here ]------------ [ 85.184239] WARNING: CPU: 1 PID: 728 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.185368] Modules linked in: [ 85.185848] CPU: 1 PID: 728 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.187018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.188200] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.188748] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.191084] RSP: 0018:ffff88800b9e7bd0 EFLAGS: 00010246 [ 85.191659] RAX: 0000000000000000 RBX: ffff88800f1bd0a8 RCX: 0000000000000000 [ 85.192395] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 85.193363] RBP: ffff88800b9e7be8 R08: ffffed1001e37a33 R09: ffffed1001e37a33 [ 85.194367] R10: ffff88800f1bd193 R11: ffffed1001e37a32 R12: ffff888013c8f400 [ 85.195140] R13: ffff88800f1bd1e8 R14: ffff8880139bb100 R15: 0000000000000000 [ 85.195887] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.196889] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.197724] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 85.198556] PKRU: 55555554 [ 85.198855] Call Trace: [ 85.199160] [ 85.199399] iommufd_access_destroy_object+0x65/0x170 [ 85.199952] iommufd_object_destroy_user+0x18e/0x220 [ 85.200639] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.201436] iommufd_access_destroy+0x43/0x70 [ 85.201920] iommufd_test_staccess_release+0x8d/0xd0 [ 85.202469] __fput+0x26d/0xa40 [ 85.202875] ____fput+0x1e/0x30 [ 85.203252] task_work_run+0x1a4/0x2d0 [ 85.203702] ? __pfx_task_work_run+0x10/0x10 [ 85.204333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.205025] ? switch_task_namespaces+0xa9/0xe0 [ 85.205534] do_exit+0xb17/0x2ef0 [ 85.205898] ? lock_acquire+0x427/0x4c0 [ 85.206324] ? __pfx_lock_release+0x10/0x10 [ 85.206809] ? __kasan_check_write+0x18/0x20 [ 85.207342] ? do_raw_spin_lock+0x132/0x2a0 [ 85.207948] ? __pfx_do_exit+0x10/0x10 [ 85.208483] ? debug_smp_processor_id+0x20/0x30 [ 85.208983] ? rcu_is_watching+0x19/0xb0 [ 85.209403] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.209884] ? trace_hardirqs_on+0x26/0x120 [ 85.210367] do_group_exit+0xe0/0x2b0 [ 85.210927] __x64_sys_exit_group+0x47/0x50 [ 85.211526] do_syscall_64+0x3b/0x90 [ 85.211941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.212491] RIP: 0033:0x7f4b87518a4d [ 85.212884] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.213608] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.214697] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.215574] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.216320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.217058] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.218029] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.219060] [ 85.219320] irq event stamp: 0 [ 85.219718] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.220380] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.221397] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.222561] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.223222] ---[ end trace 0000000000000000 ]--- [ 85.226051] ------------[ cut here ]------------ [ 85.226689] WARNING: CPU: 1 PID: 728 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.227855] Modules linked in: [ 85.228288] CPU: 1 PID: 728 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.229350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.230481] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.231039] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.233413] RSP: 0018:ffff88800b9e7b78 EFLAGS: 00010246 [ 85.233957] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.234698] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 85.235503] RBP: ffff88800b9e7b98 R08: ffffed1001e37a3e R09: ffffed1001e37a3e [ 85.236467] R10: ffff88800f1bd1ef R11: ffffed1001e37a3d R12: ffff88800f1bd290 [ 85.237183] R13: ffff88800f1bd0a8 R14: ffffffffffffffff R15: ffff88800b9e7c60 [ 85.237897] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.238918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.239736] CR2: 00007f82e2ed5000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 85.240458] PKRU: 55555554 [ 85.240746] Call Trace: [ 85.241011] [ 85.241242] iommufd_ioas_destroy+0x53/0x70 [ 85.241728] iommufd_fops_release+0x1f7/0x370 [ 85.242366] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.243041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.243565] ? write_comp_data+0x2f/0x90 [ 85.243987] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.244501] __fput+0x26d/0xa40 [ 85.244865] ____fput+0x1e/0x30 [ 85.245391] task_work_run+0x1a4/0x2d0 [ 85.245956] ? __pfx_task_work_run+0x10/0x10 [ 85.246605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.247106] ? switch_task_namespaces+0xa9/0xe0 [ 85.247607] do_exit+0xb17/0x2ef0 [ 85.247962] ? lock_acquire+0x427/0x4c0 [ 85.248381] ? __pfx_lock_release+0x10/0x10 [ 85.248950] ? __kasan_check_write+0x18/0x20 [ 85.249543] ? do_raw_spin_lock+0x132/0x2a0 [ 85.250152] ? __pfx_do_exit+0x10/0x10 [ 85.250582] ? debug_smp_processor_id+0x20/0x30 [ 85.251063] ? rcu_is_watching+0x19/0xb0 [ 85.251490] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.251960] ? trace_hardirqs_on+0x26/0x120 [ 85.252484] do_group_exit+0xe0/0x2b0 [ 85.252995] __x64_sys_exit_group+0x47/0x50 [ 85.253637] do_syscall_64+0x3b/0x90 [ 85.254089] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.254647] RIP: 0033:0x7f4b87518a4d [ 85.255020] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.255670] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.256600] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.257630] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.258372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.259128] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.259922] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.260951] [ 85.261200] irq event stamp: 0 [ 85.261519] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.262177] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.263065] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.264229] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.265027] ---[ end trace 0000000000000000 ]--- [ 85.273389] ------------[ cut here ]------------ [ 85.273922] WARNING: CPU: 1 PID: 729 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.275035] Modules linked in: [ 85.275478] CPU: 1 PID: 729 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.276445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.277690] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.278293] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.280376] RSP: 0018:ffff888020dd7bb8 EFLAGS: 00010246 [ 85.280930] RAX: 0000000000000000 RBX: ffff888010fdf8a8 RCX: 0000000000000000 [ 85.281861] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 85.282597] RBP: ffff888020dd7bd0 R08: ffffed10021fbf33 R09: ffffed10021fbf33 [ 85.283325] R10: ffff888010fdf993 R11: ffffed10021fbf32 R12: ffff88800fca8400 [ 85.284250] R13: ffff888010fdf9e8 R14: ffffffff8352e670 R15: ffff888020dd7e68 [ 85.284967] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.285972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.286604] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ee0 [ 85.287375] PKRU: 55555554 [ 85.287832] Call Trace: [ 85.288101] [ 85.288337] __iommufd_access_detach+0x1c2/0x2b0 [ 85.288851] iommufd_access_change_pt+0x149/0x270 [ 85.289376] iommufd_access_replace+0xb4/0x120 [ 85.290039] iommufd_test+0x3e5/0x37e0 [ 85.290441] ? lock_release+0x532/0x770 [ 85.290882] ? __might_fault+0x102/0x1b0 [ 85.291378] ? lock_acquire+0x427/0x4c0 [ 85.291908] ? __pfx_iommufd_test+0x10/0x10 [ 85.292346] ? __pfx_lock_release+0x10/0x10 [ 85.292796] ? __pfx_lock_acquire+0x10/0x10 [ 85.293358] ? write_comp_data+0x2f/0x90 [ 85.293933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.294444] ? write_comp_data+0x2f/0x90 [ 85.294915] iommufd_fops_ioctl+0x37d/0x510 [ 85.295427] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.296066] ? write_comp_data+0x2f/0x90 [ 85.296495] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.297052] __x64_sys_ioctl+0x1a3/0x230 [ 85.297597] do_syscall_64+0x3b/0x90 [ 85.298005] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.298667] RIP: 0033:0x7f4b8743ee5d [ 85.299196] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.301070] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.301853] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.302624] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.303374] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.304099] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.304834] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.305573] [ 85.305812] irq event stamp: 0 [ 85.306138] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.306810] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.307903] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.308749] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.309440] ---[ end trace 0000000000000000 ]--- [ 85.315833] ------------[ cut here ]------------ [ 85.316766] WARNING: CPU: 0 PID: 729 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.318454] Modules linked in: [ 85.318959] CPU: 0 PID: 729 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.320122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.321585] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.322243] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.324669] RSP: 0018:ffff888020dd7bd0 EFLAGS: 00010246 [ 85.325385] RAX: 0000000000000000 RBX: ffff888010fdf8a8 RCX: 0000000000000000 [ 85.326318] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 85.327304] RBP: ffff888020dd7be8 R08: ffffed10021fbf33 R09: ffffed10021fbf33 [ 85.328244] R10: ffff888010fdf993 R11: ffffed10021fbf32 R12: ffff888021bcb800 [ 85.329176] R13: ffff888010fdf9e8 R14: ffff888020e58500 R15: 0000000000000000 [ 85.330104] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.331221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.331993] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 85.332926] PKRU: 55555554 [ 85.333305] Call Trace: [ 85.333650] [ 85.333962] iommufd_access_destroy_object+0x65/0x170 [ 85.334693] iommufd_object_destroy_user+0x18e/0x220 [ 85.335395] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.336166] iommufd_access_destroy+0x43/0x70 [ 85.336774] iommufd_test_staccess_release+0x8d/0xd0 [ 85.337432] __fput+0x26d/0xa40 [ 85.337898] ____fput+0x1e/0x30 [ 85.338353] task_work_run+0x1a4/0x2d0 [ 85.338935] ? __pfx_task_work_run+0x10/0x10 [ 85.339553] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.340208] ? switch_task_namespaces+0xa9/0xe0 [ 85.340840] do_exit+0xb17/0x2ef0 [ 85.341303] ? lock_acquire+0x427/0x4c0 [ 85.341843] ? __pfx_lock_release+0x10/0x10 [ 85.342421] ? __kasan_check_write+0x18/0x20 [ 85.343042] ? do_raw_spin_lock+0x132/0x2a0 [ 85.343632] ? __pfx_do_exit+0x10/0x10 [ 85.344162] ? debug_smp_processor_id+0x20/0x30 [ 85.344781] ? rcu_is_watching+0x19/0xb0 [ 85.345320] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.345924] ? trace_hardirqs_on+0x26/0x120 [ 85.346538] do_group_exit+0xe0/0x2b0 [ 85.347056] __x64_sys_exit_group+0x47/0x50 [ 85.347611] do_syscall_64+0x3b/0x90 [ 85.348120] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.348811] RIP: 0033:0x7f4b87518a4d [ 85.349305] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.350110] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.351187] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.352124] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.353047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.353970] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.354929] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.355883] [ 85.356183] irq event stamp: 0 [ 85.356584] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.357369] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.358410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.359484] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.360274] ---[ end trace 0000000000000000 ]--- [ 85.362150] ------------[ cut here ]------------ [ 85.362789] WARNING: CPU: 0 PID: 729 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.364013] Modules linked in: [ 85.364400] CPU: 0 PID: 729 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.365358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.366936] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.367523] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.369431] RSP: 0018:ffff888020dd7b78 EFLAGS: 00010246 [ 85.370017] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.370820] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 85.371778] RBP: ffff888020dd7b98 R08: ffffed10021fbf3e R09: ffffed10021fbf3e [ 85.372642] R10: ffff888010fdf9ef R11: ffffed10021fbf3d R12: ffff888010fdfa90 [ 85.373498] R13: ffff888010fdf8a8 R14: ffffffffffffffff R15: ffff888020dd7c60 [ 85.374350] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.375382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.376096] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 85.376959] PKRU: 55555554 [ 85.377307] Call Trace: [ 85.377619] [ 85.377903] iommufd_ioas_destroy+0x53/0x70 [ 85.378444] iommufd_fops_release+0x1f7/0x370 [ 85.379057] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.379673] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.380272] ? write_comp_data+0x2f/0x90 [ 85.380780] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.381390] __fput+0x26d/0xa40 [ 85.381819] ____fput+0x1e/0x30 [ 85.382221] task_work_run+0x1a4/0x2d0 [ 85.382729] ? __pfx_task_work_run+0x10/0x10 [ 85.383364] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.383794] ? switch_task_namespaces+0xa9/0xe0 [ 85.384188] do_exit+0xb17/0x2ef0 [ 85.384469] ? lock_acquire+0x427/0x4c0 [ 85.384797] ? __pfx_lock_release+0x10/0x10 [ 85.385156] ? __kasan_check_write+0x18/0x20 [ 85.385512] ? do_raw_spin_lock+0x132/0x2a0 [ 85.385858] ? __pfx_do_exit+0x10/0x10 [ 85.386184] ? debug_smp_processor_id+0x20/0x30 [ 85.386591] ? rcu_is_watching+0x19/0xb0 [ 85.387018] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.387403] ? trace_hardirqs_on+0x26/0x120 [ 85.387759] do_group_exit+0xe0/0x2b0 [ 85.388075] __x64_sys_exit_group+0x47/0x50 [ 85.388421] do_syscall_64+0x3b/0x90 [ 85.388729] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.389160] RIP: 0033:0x7f4b87518a4d [ 85.389459] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.389951] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.390589] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.391269] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.391847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.392424] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.392993] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.393581] [ 85.393770] irq event stamp: 0 [ 85.394024] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.394558] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.395324] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.396006] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.396512] ---[ end trace 0000000000000000 ]--- [ 85.400897] ------------[ cut here ]------------ [ 85.401300] WARNING: CPU: 0 PID: 730 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.402107] Modules linked in: [ 85.402364] CPU: 0 PID: 730 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.403143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.404101] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.404500] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.406038] RSP: 0018:ffff8880208d7bb8 EFLAGS: 00010246 [ 85.406462] RAX: 0000000000000000 RBX: ffff888020b510a8 RCX: 0000000000000000 [ 85.407054] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 85.407684] RBP: ffff8880208d7bd0 R08: ffffed100416a233 R09: ffffed100416a233 [ 85.408261] R10: ffff888020b51193 R11: ffffed100416a232 R12: ffff88800fcb1400 [ 85.408831] R13: ffff888020b511e8 R14: ffffffff8352e670 R15: ffff8880208d7e68 [ 85.409404] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.410048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.410541] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 85.411182] PKRU: 55555554 [ 85.411420] Call Trace: [ 85.411626] [ 85.411810] __iommufd_access_detach+0x1c2/0x2b0 [ 85.412209] iommufd_access_change_pt+0x149/0x270 [ 85.412615] iommufd_access_replace+0xb4/0x120 [ 85.412999] iommufd_test+0x3e5/0x37e0 [ 85.413313] ? lock_release+0x532/0x770 [ 85.413658] ? __might_fault+0x102/0x1b0 [ 85.413994] ? lock_acquire+0x427/0x4c0 [ 85.414325] ? __pfx_iommufd_test+0x10/0x10 [ 85.414709] ? __pfx_lock_release+0x10/0x10 [ 85.415196] ? __pfx_lock_acquire+0x10/0x10 [ 85.415565] ? write_comp_data+0x2f/0x90 [ 85.415911] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.416307] ? write_comp_data+0x2f/0x90 [ 85.416643] iommufd_fops_ioctl+0x37d/0x510 [ 85.417000] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.417397] ? write_comp_data+0x2f/0x90 [ 85.417734] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.418132] __x64_sys_ioctl+0x1a3/0x230 [ 85.418472] do_syscall_64+0x3b/0x90 [ 85.418808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.419349] RIP: 0033:0x7f4b8743ee5d [ 85.419643] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.421064] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.421665] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.422216] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.422802] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.423438] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.424006] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.424572] [ 85.424764] irq event stamp: 0 [ 85.425011] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.425500] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.426157] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.426829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.427655] ---[ end trace 0000000000000000 ]--- [ 85.431996] ------------[ cut here ]------------ [ 85.432540] WARNING: CPU: 0 PID: 730 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.433647] Modules linked in: [ 85.434009] CPU: 0 PID: 730 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.434995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.436231] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.436788] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.438813] RSP: 0018:ffff8880208d7bd0 EFLAGS: 00010246 [ 85.439422] RAX: 0000000000000000 RBX: ffff888020b510a8 RCX: 0000000000000000 [ 85.440203] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 85.440981] RBP: ffff8880208d7be8 R08: ffffed100416a233 R09: ffffed100416a233 [ 85.441756] R10: ffff888020b51193 R11: ffffed100416a232 R12: ffff888021bbe800 [ 85.442562] R13: ffff888020b511e8 R14: ffff888010c9fe00 R15: 0000000000000000 [ 85.443358] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.444240] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.444881] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 85.445668] PKRU: 55555554 [ 85.445986] Call Trace: [ 85.446271] [ 85.446553] iommufd_access_destroy_object+0x65/0x170 [ 85.447142] iommufd_object_destroy_user+0x18e/0x220 [ 85.447707] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.448349] iommufd_access_destroy+0x43/0x70 [ 85.448856] iommufd_test_staccess_release+0x8d/0xd0 [ 85.449424] __fput+0x26d/0xa40 [ 85.449814] ____fput+0x1e/0x30 [ 85.450194] task_work_run+0x1a4/0x2d0 [ 85.450681] ? __pfx_task_work_run+0x10/0x10 [ 85.451191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.451739] ? switch_task_namespaces+0xa9/0xe0 [ 85.452267] do_exit+0xb17/0x2ef0 [ 85.452653] ? lock_acquire+0x427/0x4c0 [ 85.453095] ? __pfx_lock_release+0x10/0x10 [ 85.453566] ? __kasan_check_write+0x18/0x20 [ 85.454042] ? do_raw_spin_lock+0x132/0x2a0 [ 85.454531] ? __pfx_do_exit+0x10/0x10 [ 85.454965] ? debug_smp_processor_id+0x20/0x30 [ 85.455479] ? rcu_is_watching+0x19/0xb0 [ 85.455918] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.456410] ? trace_hardirqs_on+0x26/0x120 [ 85.456881] do_group_exit+0xe0/0x2b0 [ 85.457294] __x64_sys_exit_group+0x47/0x50 [ 85.457755] do_syscall_64+0x3b/0x90 [ 85.458167] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.458773] RIP: 0033:0x7f4b87518a4d [ 85.459182] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.459827] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.460617] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.461357] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.462098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.462885] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.463643] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.464398] [ 85.464650] irq event stamp: 0 [ 85.464986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.465643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.466545] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.467430] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.468087] ---[ end trace 0000000000000000 ]--- [ 85.469156] ------------[ cut here ]------------ [ 85.469650] WARNING: CPU: 0 PID: 730 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.470726] Modules linked in: [ 85.471073] CPU: 0 PID: 730 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.471985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.473143] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.473680] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.475581] RSP: 0018:ffff8880208d7b78 EFLAGS: 00010246 [ 85.476143] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.476883] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 85.477620] RBP: ffff8880208d7b98 R08: ffffed100416a23e R09: ffffed100416a23e [ 85.478361] R10: ffff888020b511ef R11: ffffed100416a23d R12: ffff888020b51290 [ 85.479311] R13: ffff888020b510a8 R14: ffffffffffffffff R15: ffff8880208d7c60 [ 85.479875] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.480464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.480891] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 85.481415] PKRU: 55555554 [ 85.481623] Call Trace: [ 85.481814] [ 85.481982] iommufd_ioas_destroy+0x53/0x70 [ 85.482303] iommufd_fops_release+0x1f7/0x370 [ 85.482666] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.483032] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.483404] ? write_comp_data+0x2f/0x90 [ 85.483711] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.484079] __fput+0x26d/0xa40 [ 85.484334] ____fput+0x1e/0x30 [ 85.484583] task_work_run+0x1a4/0x2d0 [ 85.484876] ? __pfx_task_work_run+0x10/0x10 [ 85.485210] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.485577] ? switch_task_namespaces+0xa9/0xe0 [ 85.485932] do_exit+0xb17/0x2ef0 [ 85.486189] ? lock_acquire+0x427/0x4c0 [ 85.486487] ? __pfx_lock_release+0x10/0x10 [ 85.486829] ? __kasan_check_write+0x18/0x20 [ 85.487165] ? do_raw_spin_lock+0x132/0x2a0 [ 85.487486] ? __pfx_do_exit+0x10/0x10 [ 85.487780] ? debug_smp_processor_id+0x20/0x30 [ 85.488125] ? rcu_is_watching+0x19/0xb0 [ 85.488423] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.488765] ? trace_hardirqs_on+0x26/0x120 [ 85.489093] do_group_exit+0xe0/0x2b0 [ 85.489378] __x64_sys_exit_group+0x47/0x50 [ 85.489699] do_syscall_64+0x3b/0x90 [ 85.489985] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.490375] RIP: 0033:0x7f4b87518a4d [ 85.490669] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.491125] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.491677] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.492190] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.492703] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.493219] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.493736] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.494259] [ 85.494430] irq event stamp: 0 [ 85.494680] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.495145] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.495756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.496358] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.496813] ---[ end trace 0000000000000000 ]--- [ 85.500716] ------------[ cut here ]------------ [ 85.501135] WARNING: CPU: 0 PID: 731 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.501862] Modules linked in: [ 85.502096] CPU: 0 PID: 731 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.502768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.503587] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.503948] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.505263] RSP: 0018:ffff888023e5fbb8 EFLAGS: 00010246 [ 85.505650] RAX: 0000000000000000 RBX: ffff8880184fd8a8 RCX: 0000000000000000 [ 85.506162] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 85.506691] RBP: ffff888023e5fbd0 R08: ffffed100309fb33 R09: ffffed100309fb33 [ 85.507211] R10: ffff8880184fd993 R11: ffffed100309fb32 R12: ffff888013e56c00 [ 85.507727] R13: ffff8880184fd9e8 R14: ffffffff8352e670 R15: ffff888023e5fe68 [ 85.508240] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.508817] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.509235] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 85.509752] PKRU: 55555554 [ 85.509959] Call Trace: [ 85.510147] [ 85.510315] __iommufd_access_detach+0x1c2/0x2b0 [ 85.510701] iommufd_access_change_pt+0x149/0x270 [ 85.511063] iommufd_access_replace+0xb4/0x120 [ 85.511414] iommufd_test+0x3e5/0x37e0 [ 85.511700] ? lock_release+0x532/0x770 [ 85.512005] ? __might_fault+0x102/0x1b0 [ 85.512312] ? lock_acquire+0x427/0x4c0 [ 85.512617] ? __pfx_iommufd_test+0x10/0x10 [ 85.512937] ? __pfx_lock_release+0x10/0x10 [ 85.513267] ? __pfx_lock_acquire+0x10/0x10 [ 85.513602] ? write_comp_data+0x2f/0x90 [ 85.513914] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.514278] ? write_comp_data+0x2f/0x90 [ 85.514602] iommufd_fops_ioctl+0x37d/0x510 [ 85.514923] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.515306] ? write_comp_data+0x2f/0x90 [ 85.515615] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.515971] __x64_sys_ioctl+0x1a3/0x230 [ 85.516276] do_syscall_64+0x3b/0x90 [ 85.516562] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.516945] RIP: 0033:0x7f4b8743ee5d [ 85.517217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.518544] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.519104] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.519632] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.520148] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.520666] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.521184] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.521706] [ 85.521878] irq event stamp: 0 [ 85.522109] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.522596] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.523217] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.523819] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.524275] ---[ end trace 0000000000000000 ]--- [ 85.526898] ------------[ cut here ]------------ [ 85.527274] WARNING: CPU: 0 PID: 731 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.528005] Modules linked in: [ 85.528240] CPU: 0 PID: 731 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.528866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.529684] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.530045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.531376] RSP: 0018:ffff888023e5fbd0 EFLAGS: 00010246 [ 85.531764] RAX: 0000000000000000 RBX: ffff8880184fd8a8 RCX: 0000000000000000 [ 85.532278] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 85.532789] RBP: ffff888023e5fbe8 R08: ffffed100309fb33 R09: ffffed100309fb33 [ 85.533355] R10: ffff8880184fd993 R11: ffffed100309fb32 R12: ffff88800fcb3400 [ 85.533866] R13: ffff8880184fd9e8 R14: ffff888020872600 R15: 0000000000000000 [ 85.534385] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.534979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.535408] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 85.535924] PKRU: 55555554 [ 85.536132] Call Trace: [ 85.536319] [ 85.536485] iommufd_access_destroy_object+0x65/0x170 [ 85.536868] iommufd_object_destroy_user+0x18e/0x220 [ 85.537245] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.537673] iommufd_access_destroy+0x43/0x70 [ 85.538013] iommufd_test_staccess_release+0x8d/0xd0 [ 85.538393] __fput+0x26d/0xa40 [ 85.538667] ____fput+0x1e/0x30 [ 85.538922] task_work_run+0x1a4/0x2d0 [ 85.539225] ? __pfx_task_work_run+0x10/0x10 [ 85.539552] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.539914] ? switch_task_namespaces+0xa9/0xe0 [ 85.540264] do_exit+0xb17/0x2ef0 [ 85.540519] ? lock_acquire+0x427/0x4c0 [ 85.540818] ? __pfx_lock_release+0x10/0x10 [ 85.541139] ? __kasan_check_write+0x18/0x20 [ 85.541463] ? do_raw_spin_lock+0x132/0x2a0 [ 85.541779] ? __pfx_do_exit+0x10/0x10 [ 85.542072] ? debug_smp_processor_id+0x20/0x30 [ 85.542417] ? rcu_is_watching+0x19/0xb0 [ 85.542733] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.543073] ? trace_hardirqs_on+0x26/0x120 [ 85.543401] do_group_exit+0xe0/0x2b0 [ 85.543682] __x64_sys_exit_group+0x47/0x50 [ 85.543996] do_syscall_64+0x3b/0x90 [ 85.544277] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.544661] RIP: 0033:0x7f4b87518a4d [ 85.544933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.545378] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.545932] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.546616] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.547179] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.547700] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.548226] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.548767] [ 85.548942] irq event stamp: 0 [ 85.549179] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.549648] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.550269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.550903] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.551380] ---[ end trace 0000000000000000 ]--- [ 85.552051] ------------[ cut here ]------------ [ 85.552401] WARNING: CPU: 0 PID: 731 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.553150] Modules linked in: [ 85.553391] CPU: 0 PID: 731 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.554040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.554892] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.555282] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.556654] RSP: 0018:ffff888023e5fb78 EFLAGS: 00010246 [ 85.557054] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.557591] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 85.558118] RBP: ffff888023e5fb98 R08: ffffed100309fb3e R09: ffffed100309fb3e [ 85.558665] R10: ffff8880184fd9ef R11: ffffed100309fb3d R12: ffff8880184fda90 [ 85.559206] R13: ffff8880184fd8a8 R14: ffffffffffffffff R15: ffff888023e5fc60 [ 85.559738] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.560331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.560765] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 85.561295] PKRU: 55555554 [ 85.561506] Call Trace: [ 85.561696] [ 85.561869] iommufd_ioas_destroy+0x53/0x70 [ 85.562199] iommufd_fops_release+0x1f7/0x370 [ 85.562556] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.562935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.563317] ? write_comp_data+0x2f/0x90 [ 85.563633] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.564011] __fput+0x26d/0xa40 [ 85.564274] ____fput+0x1e/0x30 [ 85.564530] task_work_run+0x1a4/0x2d0 [ 85.564828] ? __pfx_task_work_run+0x10/0x10 [ 85.565211] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.565582] ? switch_task_namespaces+0xa9/0xe0 [ 85.565941] do_exit+0xb17/0x2ef0 [ 85.566204] ? lock_acquire+0x427/0x4c0 [ 85.566546] ? __pfx_lock_release+0x10/0x10 [ 85.566877] ? __kasan_check_write+0x18/0x20 [ 85.567218] ? do_raw_spin_lock+0x132/0x2a0 [ 85.567543] ? __pfx_do_exit+0x10/0x10 [ 85.567845] ? debug_smp_processor_id+0x20/0x30 [ 85.568194] ? rcu_is_watching+0x19/0xb0 [ 85.568502] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.568847] ? trace_hardirqs_on+0x26/0x120 [ 85.569178] do_group_exit+0xe0/0x2b0 [ 85.569465] __x64_sys_exit_group+0x47/0x50 [ 85.569792] do_syscall_64+0x3b/0x90 [ 85.570079] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.570471] RIP: 0033:0x7f4b87518a4d [ 85.570781] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.571249] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.571828] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.572775] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.573433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.573951] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.574619] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.575165] [ 85.575364] irq event stamp: 0 [ 85.575691] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.576162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.576909] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.577638] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.578101] ---[ end trace 0000000000000000 ]--- [ 85.583314] ------------[ cut here ]------------ [ 85.583695] WARNING: CPU: 0 PID: 732 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.584576] Modules linked in: [ 85.584825] CPU: 0 PID: 732 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.585603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.586445] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.586876] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.588252] RSP: 0018:ffff888020dd7bb8 EFLAGS: 00010246 [ 85.588658] RAX: 0000000000000000 RBX: ffff888013acf8a8 RCX: 0000000000000000 [ 85.589199] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 85.589747] RBP: ffff888020dd7bd0 R08: ffffed1002759f33 R09: ffffed1002759f33 [ 85.590297] R10: ffff888013acf993 R11: ffffed1002759f32 R12: ffff888018148000 [ 85.590867] R13: ffff888013acf9e8 R14: ffffffff8352e670 R15: ffff888020dd7e68 [ 85.591429] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.592223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.592671] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 85.593224] PKRU: 55555554 [ 85.593443] Call Trace: [ 85.593642] [ 85.593817] __iommufd_access_detach+0x1c2/0x2b0 [ 85.594197] iommufd_access_change_pt+0x149/0x270 [ 85.594594] iommufd_access_replace+0xb4/0x120 [ 85.594960] iommufd_test+0x3e5/0x37e0 [ 85.595269] ? lock_release+0x532/0x770 [ 85.595586] ? __might_fault+0x102/0x1b0 [ 85.595907] ? lock_acquire+0x427/0x4c0 [ 85.596228] ? __pfx_iommufd_test+0x10/0x10 [ 85.596564] ? __pfx_lock_release+0x10/0x10 [ 85.596911] ? __pfx_lock_acquire+0x10/0x10 [ 85.597324] ? write_comp_data+0x2f/0x90 [ 85.597648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.598032] ? write_comp_data+0x2f/0x90 [ 85.598357] iommufd_fops_ioctl+0x37d/0x510 [ 85.598713] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.599099] ? write_comp_data+0x2f/0x90 [ 85.599432] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.599813] __x64_sys_ioctl+0x1a3/0x230 [ 85.600139] do_syscall_64+0x3b/0x90 [ 85.600439] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.600851] RIP: 0033:0x7f4b8743ee5d [ 85.601139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.602556] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.603158] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.603708] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.604256] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.604801] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.605354] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.605909] [ 85.606091] irq event stamp: 0 [ 85.606339] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.606846] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.607512] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.608156] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.608640] ---[ end trace 0000000000000000 ]--- [ 85.611617] ------------[ cut here ]------------ [ 85.612058] WARNING: CPU: 0 PID: 732 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.612903] Modules linked in: [ 85.613215] CPU: 0 PID: 732 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.613948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.614970] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.615368] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.616903] RSP: 0018:ffff888020dd7bd0 EFLAGS: 00010246 [ 85.617445] RAX: 0000000000000000 RBX: ffff888013acf8a8 RCX: 0000000000000000 [ 85.617995] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 85.618687] RBP: ffff888020dd7be8 R08: ffffed1002759f33 R09: ffffed1002759f33 [ 85.619243] R10: ffff888013acf993 R11: ffffed1002759f32 R12: ffff888013e56000 [ 85.619931] R13: ffff888013acf9e8 R14: ffff888010918b00 R15: 0000000000000000 [ 85.620493] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.621223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.621719] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 85.622334] PKRU: 55555554 [ 85.622572] Call Trace: [ 85.622774] [ 85.622982] iommufd_access_destroy_object+0x65/0x170 [ 85.623490] iommufd_object_destroy_user+0x18e/0x220 [ 85.623896] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.624489] iommufd_access_destroy+0x43/0x70 [ 85.624854] iommufd_test_staccess_release+0x8d/0xd0 [ 85.625322] __fput+0x26d/0xa40 [ 85.625663] ____fput+0x1e/0x30 [ 85.625927] task_work_run+0x1a4/0x2d0 [ 85.626276] ? __pfx_task_work_run+0x10/0x10 [ 85.626715] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.627106] ? switch_task_namespaces+0xa9/0xe0 [ 85.627493] do_exit+0xb17/0x2ef0 [ 85.627908] ? lock_acquire+0x427/0x4c0 [ 85.628227] ? __pfx_lock_release+0x10/0x10 [ 85.628569] ? __kasan_check_write+0x18/0x20 [ 85.629123] ? do_raw_spin_lock+0x132/0x2a0 [ 85.629461] ? __pfx_do_exit+0x10/0x10 [ 85.629807] ? debug_smp_processor_id+0x20/0x30 [ 85.630260] ? rcu_is_watching+0x19/0xb0 [ 85.630613] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.630982] ? trace_hardirqs_on+0x26/0x120 [ 85.631488] do_group_exit+0xe0/0x2b0 [ 85.631796] __x64_sys_exit_group+0x47/0x50 [ 85.632140] do_syscall_64+0x3b/0x90 [ 85.632589] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.633028] RIP: 0033:0x7f4b87518a4d [ 85.633333] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.633989] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.634669] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.635342] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.635921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.636666] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.637247] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.637969] [ 85.638162] irq event stamp: 0 [ 85.638420] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.639086] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.639781] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.640613] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.641129] ---[ end trace 0000000000000000 ]--- [ 85.641987] ------------[ cut here ]------------ [ 85.642431] WARNING: CPU: 0 PID: 732 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.643393] Modules linked in: [ 85.643677] CPU: 0 PID: 732 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.644507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.645590] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.646030] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.647677] RSP: 0018:ffff888020dd7b78 EFLAGS: 00010246 [ 85.648201] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.648860] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 85.649513] RBP: ffff888020dd7b98 R08: ffffed1002759f3e R09: ffffed1002759f3e [ 85.650152] R10: ffff888013acf9ef R11: ffffed1002759f3d R12: ffff888013acfa90 [ 85.650894] R13: ffff888013acf8a8 R14: ffffffffffffffff R15: ffff888020dd7c60 [ 85.651485] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.652304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.652784] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 85.653516] PKRU: 55555554 [ 85.653751] Call Trace: [ 85.653959] [ 85.654214] iommufd_ioas_destroy+0x53/0x70 [ 85.654660] iommufd_fops_release+0x1f7/0x370 [ 85.655039] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.655488] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.656004] ? write_comp_data+0x2f/0x90 [ 85.656350] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.656836] __fput+0x26d/0xa40 [ 85.657196] ____fput+0x1e/0x30 [ 85.657476] task_work_run+0x1a4/0x2d0 [ 85.657848] ? __pfx_task_work_run+0x10/0x10 [ 85.658290] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.658715] ? switch_task_namespaces+0xa9/0xe0 [ 85.659139] do_exit+0xb17/0x2ef0 [ 85.659611] ? lock_acquire+0x427/0x4c0 [ 85.659964] ? __pfx_lock_release+0x10/0x10 [ 85.660341] ? __kasan_check_write+0x18/0x20 [ 85.660883] ? do_raw_spin_lock+0x132/0x2a0 [ 85.661318] ? __pfx_do_exit+0x10/0x10 [ 85.661691] ? debug_smp_processor_id+0x20/0x30 [ 85.662204] ? rcu_is_watching+0x19/0xb0 [ 85.662575] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.662976] ? trace_hardirqs_on+0x26/0x120 [ 85.663555] do_group_exit+0xe0/0x2b0 [ 85.663891] __x64_sys_exit_group+0x47/0x50 [ 85.664268] do_syscall_64+0x3b/0x90 [ 85.664683] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.665189] RIP: 0033:0x7f4b87518a4d [ 85.665512] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.666192] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.666903] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.667623] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.668238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.669021] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.669689] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.670400] [ 85.670636] irq event stamp: 0 [ 85.670915] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.671468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.672194] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.672911] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.673455] ---[ end trace 0000000000000000 ]--- [ 85.678087] ------------[ cut here ]------------ [ 85.678747] WARNING: CPU: 1 PID: 733 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.679648] Modules linked in: [ 85.679928] CPU: 1 PID: 733 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.680681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.681655] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.682091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.683708] RSP: 0018:ffff888023e5fbb8 EFLAGS: 00010246 [ 85.684175] RAX: 0000000000000000 RBX: ffff88800f3730a8 RCX: 0000000000000000 [ 85.684800] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 85.685419] RBP: ffff888023e5fbd0 R08: ffffed1001e6e633 R09: ffffed1001e6e633 [ 85.686039] R10: ffff88800f373193 R11: ffffed1001e6e632 R12: ffff888013b21400 [ 85.686675] R13: ffff88800f3731e8 R14: ffffffff8352e670 R15: ffff888023e5fe68 [ 85.687304] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.688014] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.688523] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 85.689148] PKRU: 55555554 [ 85.689398] Call Trace: [ 85.689624] [ 85.689829] __iommufd_access_detach+0x1c2/0x2b0 [ 85.690263] iommufd_access_change_pt+0x149/0x270 [ 85.690724] iommufd_access_replace+0xb4/0x120 [ 85.691148] iommufd_test+0x3e5/0x37e0 [ 85.691494] ? lock_release+0x532/0x770 [ 85.691863] ? __might_fault+0x102/0x1b0 [ 85.692234] ? lock_acquire+0x427/0x4c0 [ 85.692600] ? __pfx_iommufd_test+0x10/0x10 [ 85.692982] ? __pfx_lock_release+0x10/0x10 [ 85.693374] ? __pfx_lock_acquire+0x10/0x10 [ 85.693768] ? write_comp_data+0x2f/0x90 [ 85.694135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.694591] ? write_comp_data+0x2f/0x90 [ 85.694963] iommufd_fops_ioctl+0x37d/0x510 [ 85.695356] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.695792] ? write_comp_data+0x2f/0x90 [ 85.696159] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.696587] __x64_sys_ioctl+0x1a3/0x230 [ 85.696955] do_syscall_64+0x3b/0x90 [ 85.697294] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.697766] RIP: 0033:0x7f4b8743ee5d [ 85.698098] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.699705] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.700339] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.700926] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.701515] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.702106] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.702725] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.703334] [ 85.703533] irq event stamp: 0 [ 85.703798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.704323] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.705021] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.705710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.706231] ---[ end trace 0000000000000000 ]--- [ 85.709091] ------------[ cut here ]------------ [ 85.709512] WARNING: CPU: 1 PID: 733 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.710342] Modules linked in: [ 85.710639] CPU: 1 PID: 733 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.711362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.712291] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.712706] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.714204] RSP: 0018:ffff888023e5fbd0 EFLAGS: 00010246 [ 85.714662] RAX: 0000000000000000 RBX: ffff88800f3730a8 RCX: 0000000000000000 [ 85.715255] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 85.715839] RBP: ffff888023e5fbe8 R08: ffffed1001e6e633 R09: ffffed1001e6e633 [ 85.716428] R10: ffff88800f373193 R11: ffffed1001e6e632 R12: ffff88800fca8000 [ 85.717014] R13: ffff88800f3731e8 R14: ffff888012132500 R15: 0000000000000000 [ 85.717602] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.718264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.718764] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 85.719367] PKRU: 55555554 [ 85.719605] Call Trace: [ 85.719817] [ 85.720004] iommufd_access_destroy_object+0x65/0x170 [ 85.720436] iommufd_object_destroy_user+0x18e/0x220 [ 85.720866] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.721354] iommufd_access_destroy+0x43/0x70 [ 85.721738] iommufd_test_staccess_release+0x8d/0xd0 [ 85.722168] __fput+0x26d/0xa40 [ 85.722456] ____fput+0x1e/0x30 [ 85.722757] task_work_run+0x1a4/0x2d0 [ 85.723097] ? __pfx_task_work_run+0x10/0x10 [ 85.723476] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.723894] ? switch_task_namespaces+0xa9/0xe0 [ 85.724291] do_exit+0xb17/0x2ef0 [ 85.724581] ? lock_acquire+0x427/0x4c0 [ 85.724919] ? __pfx_lock_release+0x10/0x10 [ 85.725287] ? __kasan_check_write+0x18/0x20 [ 85.725658] ? do_raw_spin_lock+0x132/0x2a0 [ 85.726018] ? __pfx_do_exit+0x10/0x10 [ 85.726353] ? debug_smp_processor_id+0x20/0x30 [ 85.726765] ? rcu_is_watching+0x19/0xb0 [ 85.727124] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.727510] ? trace_hardirqs_on+0x26/0x120 [ 85.727875] do_group_exit+0xe0/0x2b0 [ 85.728195] __x64_sys_exit_group+0x47/0x50 [ 85.728554] do_syscall_64+0x3b/0x90 [ 85.728871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.729305] RIP: 0033:0x7f4b87518a4d [ 85.729615] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.730124] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.730768] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.731364] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.731955] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.732544] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.733130] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.733724] [ 85.733919] irq event stamp: 0 [ 85.734179] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.734725] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.735428] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.736128] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.736647] ---[ end trace 0000000000000000 ]--- [ 85.737384] ------------[ cut here ]------------ [ 85.737776] WARNING: CPU: 1 PID: 733 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.738649] Modules linked in: [ 85.738921] CPU: 1 PID: 733 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.739661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.740588] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.741017] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.742543] RSP: 0018:ffff888023e5fb78 EFLAGS: 00010246 [ 85.742986] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.743583] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 85.744171] RBP: ffff888023e5fb98 R08: ffffed1001e6e63e R09: ffffed1001e6e63e [ 85.744762] R10: ffff88800f3731ef R11: ffffed1001e6e63d R12: ffff88800f373290 [ 85.745348] R13: ffff88800f3730a8 R14: ffffffffffffffff R15: ffff888023e5fc60 [ 85.745945] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.746630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.747123] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 85.747709] PKRU: 55555554 [ 85.747944] Call Trace: [ 85.748156] [ 85.748348] iommufd_ioas_destroy+0x53/0x70 [ 85.748715] iommufd_fops_release+0x1f7/0x370 [ 85.749095] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.749513] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.749928] ? write_comp_data+0x2f/0x90 [ 85.750273] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.750711] __fput+0x26d/0xa40 [ 85.751003] ____fput+0x1e/0x30 [ 85.751303] task_work_run+0x1a4/0x2d0 [ 85.751641] ? __pfx_task_work_run+0x10/0x10 [ 85.752014] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.752423] ? switch_task_namespaces+0xa9/0xe0 [ 85.752824] do_exit+0xb17/0x2ef0 [ 85.753115] ? lock_acquire+0x427/0x4c0 [ 85.753458] ? __pfx_lock_release+0x10/0x10 [ 85.753823] ? __kasan_check_write+0x18/0x20 [ 85.754194] ? do_raw_spin_lock+0x132/0x2a0 [ 85.754577] ? __pfx_do_exit+0x10/0x10 [ 85.754916] ? debug_smp_processor_id+0x20/0x30 [ 85.755317] ? rcu_is_watching+0x19/0xb0 [ 85.755657] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.756046] ? trace_hardirqs_on+0x26/0x120 [ 85.756414] do_group_exit+0xe0/0x2b0 [ 85.756733] __x64_sys_exit_group+0x47/0x50 [ 85.757097] do_syscall_64+0x3b/0x90 [ 85.757420] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.757863] RIP: 0033:0x7f4b87518a4d [ 85.758172] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.758701] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.759340] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.759918] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.760492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.761061] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.761633] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.762212] [ 85.762400] irq event stamp: 0 [ 85.762675] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.763196] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.763869] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.764535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.765039] ---[ end trace 0000000000000000 ]--- [ 85.769715] ------------[ cut here ]------------ [ 85.770132] WARNING: CPU: 1 PID: 734 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.770987] Modules linked in: [ 85.771257] CPU: 1 PID: 734 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.771951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.772844] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.773245] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.774752] RSP: 0018:ffff88801856fbb8 EFLAGS: 00010246 [ 85.775191] RAX: 0000000000000000 RBX: ffff888021ae90a8 RCX: 0000000000000000 [ 85.775762] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 85.776331] RBP: ffff88801856fbd0 R08: ffffed100435d233 R09: ffffed100435d233 [ 85.776904] R10: ffff888021ae9193 R11: ffffed100435d232 R12: ffff888013b15000 [ 85.777470] R13: ffff888021ae91e8 R14: ffffffff8352e670 R15: ffff88801856fe68 [ 85.778037] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 85.778699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.779177] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ee0 [ 85.779756] PKRU: 55555554 [ 85.779995] Call Trace: [ 85.780210] [ 85.780396] __iommufd_access_detach+0x1c2/0x2b0 [ 85.780802] iommufd_access_change_pt+0x149/0x270 [ 85.781218] iommufd_access_replace+0xb4/0x120 [ 85.781597] iommufd_test+0x3e5/0x37e0 [ 85.781914] ? lock_release+0x532/0x770 [ 85.782244] ? __might_fault+0x102/0x1b0 [ 85.782606] ? lock_acquire+0x427/0x4c0 [ 85.782941] ? __pfx_iommufd_test+0x10/0x10 [ 85.783294] ? __pfx_lock_release+0x10/0x10 [ 85.783650] ? __pfx_lock_acquire+0x10/0x10 [ 85.784005] ? write_comp_data+0x2f/0x90 [ 85.784339] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.784732] ? write_comp_data+0x2f/0x90 [ 85.785067] iommufd_fops_ioctl+0x37d/0x510 [ 85.785418] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.785812] ? write_comp_data+0x2f/0x90 [ 85.786148] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.786558] __x64_sys_ioctl+0x1a3/0x230 [ 85.786902] do_syscall_64+0x3b/0x90 [ 85.787226] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.787649] RIP: 0033:0x7f4b8743ee5d [ 85.787949] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.789429] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.790042] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.790641] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.791225] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.791794] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.792363] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.792948] [ 85.793138] irq event stamp: 0 [ 85.793394] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.793899] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.794590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.795261] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.795758] ---[ end trace 0000000000000000 ]--- [ 85.801106] ------------[ cut here ]------------ [ 85.801675] WARNING: CPU: 0 PID: 734 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.802827] Modules linked in: [ 85.803211] CPU: 0 PID: 734 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.804159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.805384] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.805935] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.808094] RSP: 0018:ffff88801856fbd0 EFLAGS: 00010246 [ 85.808690] RAX: 0000000000000000 RBX: ffff888021ae90a8 RCX: 0000000000000000 [ 85.809469] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 85.810247] RBP: ffff88801856fbe8 R08: ffffed100435d233 R09: ffffed100435d233 [ 85.811063] R10: ffff888021ae9193 R11: ffffed100435d232 R12: ffff888013b21800 [ 85.811859] R13: ffff888021ae91e8 R14: ffff88800f211800 R15: 0000000000000000 [ 85.812640] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.813510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.814142] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 85.814946] PKRU: 55555554 [ 85.815363] Call Trace: [ 85.815569] [ 85.815743] iommufd_access_destroy_object+0x65/0x170 [ 85.816145] iommufd_object_destroy_user+0x18e/0x220 [ 85.816534] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.816971] iommufd_access_destroy+0x43/0x70 [ 85.817314] iommufd_test_staccess_release+0x8d/0xd0 [ 85.817698] __fput+0x26d/0xa40 [ 85.817958] ____fput+0x1e/0x30 [ 85.818211] task_work_run+0x1a4/0x2d0 [ 85.818542] ? __pfx_task_work_run+0x10/0x10 [ 85.818877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.819257] ? switch_task_namespaces+0xa9/0xe0 [ 85.819617] do_exit+0xb17/0x2ef0 [ 85.819878] ? lock_acquire+0x427/0x4c0 [ 85.820186] ? __pfx_lock_release+0x10/0x10 [ 85.820513] ? __kasan_check_write+0x18/0x20 [ 85.820846] ? do_raw_spin_lock+0x132/0x2a0 [ 85.821238] ? __pfx_do_exit+0x10/0x10 [ 85.821536] ? debug_smp_processor_id+0x20/0x30 [ 85.821883] ? rcu_is_watching+0x19/0xb0 [ 85.822186] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.822568] ? trace_hardirqs_on+0x26/0x120 [ 85.822904] do_group_exit+0xe0/0x2b0 [ 85.823202] __x64_sys_exit_group+0x47/0x50 [ 85.823527] do_syscall_64+0x3b/0x90 [ 85.823819] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.824213] RIP: 0033:0x7f4b87518a4d [ 85.824493] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.824952] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.825524] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.826055] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.826593] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.827124] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.827652] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.828191] [ 85.828364] irq event stamp: 0 [ 85.828596] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.829057] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.829680] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.830305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.830786] ---[ end trace 0000000000000000 ]--- [ 85.831455] ------------[ cut here ]------------ [ 85.831810] WARNING: CPU: 0 PID: 734 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.832974] Modules linked in: [ 85.833308] CPU: 0 PID: 734 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.834050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.834908] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.835311] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.836836] RSP: 0018:ffff88801856fb78 EFLAGS: 00010246 [ 85.837297] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.837820] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 85.838337] RBP: ffff88801856fb98 R08: ffffed100435d23e R09: ffffed100435d23e [ 85.838872] R10: ffff888021ae91ef R11: ffffed100435d23d R12: ffff888021ae9290 [ 85.839437] R13: ffff888021ae90a8 R14: ffffffffffffffff R15: ffff88801856fc60 [ 85.839954] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.840538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.840962] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 85.841481] PKRU: 55555554 [ 85.841688] Call Trace: [ 85.841876] [ 85.842046] iommufd_ioas_destroy+0x53/0x70 [ 85.842367] iommufd_fops_release+0x1f7/0x370 [ 85.842726] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.843101] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.843483] ? write_comp_data+0x2f/0x90 [ 85.843867] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.844352] __fput+0x26d/0xa40 [ 85.844614] ____fput+0x1e/0x30 [ 85.844866] task_work_run+0x1a4/0x2d0 [ 85.845182] ? __pfx_task_work_run+0x10/0x10 [ 85.845606] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.845971] ? switch_task_namespaces+0xa9/0xe0 [ 85.846383] do_exit+0xb17/0x2ef0 [ 85.846730] ? lock_acquire+0x427/0x4c0 [ 85.847039] ? __pfx_lock_release+0x10/0x10 [ 85.847376] ? __kasan_check_write+0x18/0x20 [ 85.847765] ? do_raw_spin_lock+0x132/0x2a0 [ 85.848162] ? __pfx_do_exit+0x10/0x10 [ 85.848459] ? debug_smp_processor_id+0x20/0x30 [ 85.848925] ? rcu_is_watching+0x19/0xb0 [ 85.849227] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.849593] ? trace_hardirqs_on+0x26/0x120 [ 85.850012] do_group_exit+0xe0/0x2b0 [ 85.850303] __x64_sys_exit_group+0x47/0x50 [ 85.850693] do_syscall_64+0x3b/0x90 [ 85.851058] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.851462] RIP: 0033:0x7f4b87518a4d [ 85.851745] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.852333] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.852901] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.853605] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.854157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.854796] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.855340] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.856023] [ 85.856206] irq event stamp: 0 [ 85.856447] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.857063] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.857735] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.858460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.859096] ---[ end trace 0000000000000000 ]--- [ 85.862795] ------------[ cut here ]------------ [ 85.863255] WARNING: CPU: 0 PID: 735 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.864085] Modules linked in: [ 85.864458] CPU: 0 PID: 735 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.865122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.866097] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.866624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.868031] RSP: 0018:ffff888023de7bb8 EFLAGS: 00010246 [ 85.868446] RAX: 0000000000000000 RBX: ffff888023e010a8 RCX: 0000000000000000 [ 85.868995] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 85.869541] RBP: ffff888023de7bd0 R08: ffffed10047c0233 R09: ffffed10047c0233 [ 85.870086] R10: ffff888023e01193 R11: ffffed10047c0232 R12: ffff888014392000 [ 85.870659] R13: ffff888023e011e8 R14: ffffffff8352e670 R15: ffff888023de7e68 [ 85.871241] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.871887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.872353] CR2: 00007f4b877410e8 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 85.872934] PKRU: 55555554 [ 85.873166] Call Trace: [ 85.873373] [ 85.873721] __iommufd_access_detach+0x1c2/0x2b0 [ 85.874268] iommufd_access_change_pt+0x149/0x270 [ 85.874897] iommufd_access_replace+0xb4/0x120 [ 85.875456] iommufd_test+0x3e5/0x37e0 [ 85.875909] ? lock_release+0x532/0x770 [ 85.876382] ? __might_fault+0x102/0x1b0 [ 85.876861] ? lock_acquire+0x427/0x4c0 [ 85.877334] ? __pfx_iommufd_test+0x10/0x10 [ 85.877825] ? __pfx_lock_release+0x10/0x10 [ 85.878330] ? __pfx_lock_acquire+0x10/0x10 [ 85.878880] ? write_comp_data+0x2f/0x90 [ 85.879368] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.879939] ? write_comp_data+0x2f/0x90 [ 85.880421] iommufd_fops_ioctl+0x37d/0x510 [ 85.880922] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.881487] ? write_comp_data+0x2f/0x90 [ 85.881966] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 85.882565] __x64_sys_ioctl+0x1a3/0x230 [ 85.883053] do_syscall_64+0x3b/0x90 [ 85.883519] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.884130] RIP: 0033:0x7f4b8743ee5d [ 85.884562] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 85.886647] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 85.887530] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 85.888337] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 85.889143] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 85.889949] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 85.890801] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 85.891640] [ 85.891914] irq event stamp: 0 [ 85.892281] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.892995] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.893940] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.894914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.895645] ---[ end trace 0000000000000000 ]--- [ 85.900862] ------------[ cut here ]------------ [ 85.901473] WARNING: CPU: 0 PID: 735 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.903201] Modules linked in: [ 85.903749] CPU: 0 PID: 735 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.904982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.906502] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.907205] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.909517] RSP: 0018:ffff888023de7bd0 EFLAGS: 00010246 [ 85.910340] RAX: 0000000000000000 RBX: ffff888023e010a8 RCX: 0000000000000000 [ 85.911416] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 85.912261] RBP: ffff888023de7be8 R08: ffffed10047c0233 R09: ffffed10047c0233 [ 85.913294] R10: ffff888023e01193 R11: ffffed10047c0232 R12: ffff88801814b000 [ 85.914324] R13: ffff888023e011e8 R14: ffff8880149bb500 R15: 0000000000000000 [ 85.915422] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.916403] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.917239] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 85.918277] PKRU: 55555554 [ 85.918670] Call Trace: [ 85.918989] [ 85.919311] iommufd_access_destroy_object+0x65/0x170 [ 85.920093] iommufd_object_destroy_user+0x18e/0x220 [ 85.920891] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 85.921600] iommufd_access_destroy+0x43/0x70 [ 85.922347] iommufd_test_staccess_release+0x8d/0xd0 [ 85.923039] __fput+0x26d/0xa40 [ 85.923639] ____fput+0x1e/0x30 [ 85.924074] task_work_run+0x1a4/0x2d0 [ 85.924598] ? __pfx_task_work_run+0x10/0x10 [ 85.925296] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.925918] ? switch_task_namespaces+0xa9/0xe0 [ 85.926560] do_exit+0xb17/0x2ef0 [ 85.927001] ? lock_acquire+0x427/0x4c0 [ 85.927524] ? __pfx_lock_release+0x10/0x10 [ 85.928067] ? __kasan_check_write+0x18/0x20 [ 85.928620] ? do_raw_spin_lock+0x132/0x2a0 [ 85.929155] ? __pfx_do_exit+0x10/0x10 [ 85.929653] ? debug_smp_processor_id+0x20/0x30 [ 85.930234] ? rcu_is_watching+0x19/0xb0 [ 85.930782] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.931375] ? trace_hardirqs_on+0x26/0x120 [ 85.931921] do_group_exit+0xe0/0x2b0 [ 85.932400] __x64_sys_exit_group+0x47/0x50 [ 85.932930] do_syscall_64+0x3b/0x90 [ 85.933403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.934052] RIP: 0033:0x7f4b87518a4d [ 85.934553] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.935319] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.936253] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.937131] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.938013] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.938946] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.939856] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.940777] [ 85.941082] irq event stamp: 0 [ 85.941488] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.942286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.943417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.944482] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.945281] ---[ end trace 0000000000000000 ]--- [ 85.946628] ------------[ cut here ]------------ [ 85.947258] WARNING: CPU: 0 PID: 735 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 85.948530] Modules linked in: [ 85.948945] CPU: 0 PID: 735 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.950032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.951497] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 85.952158] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 85.954443] RSP: 0018:ffff888023de7b78 EFLAGS: 00010246 [ 85.955410] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 85.956204] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 85.956892] RBP: ffff888023de7b98 R08: ffffed10047c023e R09: ffffed10047c023e [ 85.957579] R10: ffff888023e011ef R11: ffffed10047c023d R12: ffff888023e01290 [ 85.958261] R13: ffff888023e010a8 R14: ffffffffffffffff R15: ffff888023de7c60 [ 85.959006] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.959808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.960385] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 85.961073] PKRU: 55555554 [ 85.961349] Call Trace: [ 85.961595] [ 85.961818] iommufd_ioas_destroy+0x53/0x70 [ 85.962238] iommufd_fops_release+0x1f7/0x370 [ 85.962715] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.963226] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.963724] ? write_comp_data+0x2f/0x90 [ 85.964139] ? __pfx_iommufd_fops_release+0x10/0x10 [ 85.964635] __fput+0x26d/0xa40 [ 85.964981] ____fput+0x1e/0x30 [ 85.965317] task_work_run+0x1a4/0x2d0 [ 85.965709] ? __pfx_task_work_run+0x10/0x10 [ 85.966138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 85.966653] ? switch_task_namespaces+0xa9/0xe0 [ 85.967135] do_exit+0xb17/0x2ef0 [ 85.967475] ? lock_acquire+0x427/0x4c0 [ 85.967873] ? __pfx_lock_release+0x10/0x10 [ 85.968306] ? __kasan_check_write+0x18/0x20 [ 85.968741] ? do_raw_spin_lock+0x132/0x2a0 [ 85.969166] ? __pfx_do_exit+0x10/0x10 [ 85.969549] ? debug_smp_processor_id+0x20/0x30 [ 85.970006] ? rcu_is_watching+0x19/0xb0 [ 85.970405] ? _raw_spin_unlock_irq+0x2b/0x60 [ 85.970902] ? trace_hardirqs_on+0x26/0x120 [ 85.971347] do_group_exit+0xe0/0x2b0 [ 85.971723] __x64_sys_exit_group+0x47/0x50 [ 85.972148] do_syscall_64+0x3b/0x90 [ 85.972523] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 85.973029] RIP: 0033:0x7f4b87518a4d [ 85.973397] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 85.973995] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 85.974764] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 85.975471] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 85.976163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 85.976850] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 85.977539] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 85.978235] [ 85.978463] irq event stamp: 0 [ 85.978808] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 85.979433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 85.980247] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 85.981131] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 85.981797] ---[ end trace 0000000000000000 ]--- [ 85.987558] ------------[ cut here ]------------ [ 85.988124] WARNING: CPU: 0 PID: 736 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 85.989169] Modules linked in: [ 85.989503] CPU: 0 PID: 736 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 85.990405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 85.991819] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 85.992349] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 85.994252] RSP: 0018:ffff888023eb7bb8 EFLAGS: 00010246 [ 85.994851] RAX: 0000000000000000 RBX: ffff8880208f78a8 RCX: 0000000000000000 [ 85.995613] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 85.996364] RBP: ffff888023eb7bd0 R08: ffffed100411ef33 R09: ffffed100411ef33 [ 85.997114] R10: ffff8880208f7993 R11: ffffed100411ef32 R12: ffff888017ba2000 [ 85.997858] R13: ffff8880208f79e8 R14: ffffffff8352e670 R15: ffff888023eb7e68 [ 85.998646] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 85.999508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.000110] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 86.000857] PKRU: 55555554 [ 86.001155] Call Trace: [ 86.001428] [ 86.001673] __iommufd_access_detach+0x1c2/0x2b0 [ 86.002190] iommufd_access_change_pt+0x149/0x270 [ 86.002734] iommufd_access_replace+0xb4/0x120 [ 86.003237] iommufd_test+0x3e5/0x37e0 [ 86.003646] ? lock_release+0x532/0x770 [ 86.004079] ? __might_fault+0x102/0x1b0 [ 86.004514] ? lock_acquire+0x427/0x4c0 [ 86.004972] ? __pfx_iommufd_test+0x10/0x10 [ 86.005433] ? __pfx_lock_release+0x10/0x10 [ 86.005910] ? __pfx_lock_acquire+0x10/0x10 [ 86.006388] ? write_comp_data+0x2f/0x90 [ 86.006877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.007409] ? write_comp_data+0x2f/0x90 [ 86.007862] iommufd_fops_ioctl+0x37d/0x510 [ 86.008325] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.008849] ? write_comp_data+0x2f/0x90 [ 86.009295] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.009801] __x64_sys_ioctl+0x1a3/0x230 [ 86.010248] do_syscall_64+0x3b/0x90 [ 86.010701] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.011260] RIP: 0033:0x7f4b8743ee5d [ 86.011656] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.013574] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.014373] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.015165] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.015917] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.016679] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.017417] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.018185] [ 86.018435] irq event stamp: 0 [ 86.018816] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.019496] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.020369] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.021258] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.021929] ---[ end trace 0000000000000000 ]--- [ 86.025408] ------------[ cut here ]------------ [ 86.025956] WARNING: CPU: 0 PID: 736 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.027079] Modules linked in: [ 86.027438] CPU: 0 PID: 736 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.028359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.029554] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.030088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.032057] RSP: 0018:ffff888023eb7bd0 EFLAGS: 00010246 [ 86.032627] RAX: 0000000000000000 RBX: ffff8880208f78a8 RCX: 0000000000000000 [ 86.033380] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 86.034133] RBP: ffff888023eb7be8 R08: ffffed100411ef33 R09: ffffed100411ef33 [ 86.034916] R10: ffff8880208f7993 R11: ffffed100411ef32 R12: ffff888014393c00 [ 86.035673] R13: ffff8880208f79e8 R14: ffff888020e6e300 R15: 0000000000000000 [ 86.036432] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.037299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.037929] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.038746] PKRU: 55555554 [ 86.039065] Call Trace: [ 86.039361] [ 86.039616] iommufd_access_destroy_object+0x65/0x170 [ 86.040186] iommufd_object_destroy_user+0x18e/0x220 [ 86.040742] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.041365] iommufd_access_destroy+0x43/0x70 [ 86.041854] iommufd_test_staccess_release+0x8d/0xd0 [ 86.042410] __fput+0x26d/0xa40 [ 86.042823] ____fput+0x1e/0x30 [ 86.043209] task_work_run+0x1a4/0x2d0 [ 86.043649] ? __pfx_task_work_run+0x10/0x10 [ 86.044139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.044703] ? switch_task_namespaces+0xa9/0xe0 [ 86.045231] do_exit+0xb17/0x2ef0 [ 86.045622] ? lock_acquire+0x427/0x4c0 [ 86.046074] ? __pfx_lock_release+0x10/0x10 [ 86.046615] ? __kasan_check_write+0x18/0x20 [ 86.047135] ? do_raw_spin_lock+0x132/0x2a0 [ 86.047632] ? __pfx_do_exit+0x10/0x10 [ 86.048084] ? debug_smp_processor_id+0x20/0x30 [ 86.048618] ? rcu_is_watching+0x19/0xb0 [ 86.049081] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.049592] ? trace_hardirqs_on+0x26/0x120 [ 86.050088] do_group_exit+0xe0/0x2b0 [ 86.050587] __x64_sys_exit_group+0x47/0x50 [ 86.051080] do_syscall_64+0x3b/0x90 [ 86.051523] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.052101] RIP: 0033:0x7f4b87518a4d [ 86.052514] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.053183] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.054011] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.054851] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.055642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.056421] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.057197] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.057987] [ 86.058243] irq event stamp: 0 [ 86.058628] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.059324] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.060235] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.061149] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.061832] ---[ end trace 0000000000000000 ]--- [ 86.062905] ------------[ cut here ]------------ [ 86.063456] WARNING: CPU: 0 PID: 736 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.064546] Modules linked in: [ 86.064892] CPU: 0 PID: 736 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.065824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.067098] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.067682] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.069639] RSP: 0018:ffff888023eb7b78 EFLAGS: 00010246 [ 86.070220] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.071048] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 86.071827] RBP: ffff888023eb7b98 R08: ffffed100411ef3e R09: ffffed100411ef3e [ 86.072582] R10: ffff8880208f79ef R11: ffffed100411ef3d R12: ffff8880208f7a90 [ 86.073337] R13: ffff8880208f78a8 R14: ffffffffffffffff R15: ffff888023eb7c60 [ 86.074094] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.074986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.075631] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.076407] PKRU: 55555554 [ 86.076713] Call Trace: [ 86.076994] [ 86.077242] iommufd_ioas_destroy+0x53/0x70 [ 86.077715] iommufd_fops_release+0x1f7/0x370 [ 86.078213] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.078813] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.079370] ? write_comp_data+0x2f/0x90 [ 86.079829] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.080380] __fput+0x26d/0xa40 [ 86.080762] ____fput+0x1e/0x30 [ 86.081131] task_work_run+0x1a4/0x2d0 [ 86.081567] ? __pfx_task_work_run+0x10/0x10 [ 86.082053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.082645] ? switch_task_namespaces+0xa9/0xe0 [ 86.083176] do_exit+0xb17/0x2ef0 [ 86.083564] ? lock_acquire+0x427/0x4c0 [ 86.084005] ? __pfx_lock_release+0x10/0x10 [ 86.084487] ? __kasan_check_write+0x18/0x20 [ 86.084973] ? do_raw_spin_lock+0x132/0x2a0 [ 86.085442] ? __pfx_do_exit+0x10/0x10 [ 86.085877] ? debug_smp_processor_id+0x20/0x30 [ 86.086384] ? rcu_is_watching+0x19/0xb0 [ 86.086864] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.087371] ? trace_hardirqs_on+0x26/0x120 [ 86.087855] do_group_exit+0xe0/0x2b0 [ 86.088278] __x64_sys_exit_group+0x47/0x50 [ 86.088759] do_syscall_64+0x3b/0x90 [ 86.089175] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.089744] RIP: 0033:0x7f4b87518a4d [ 86.090279] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.091243] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.092082] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.092987] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.093932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.094762] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.095547] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.096455] [ 86.096949] irq event stamp: 0 [ 86.097292] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.097976] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.098957] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.100037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.100719] ---[ end trace 0000000000000000 ]--- [ 86.105672] ------------[ cut here ]------------ [ 86.106219] WARNING: CPU: 0 PID: 737 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.107751] Modules linked in: [ 86.108109] CPU: 0 PID: 737 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.109032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.110252] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.110841] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.112846] RSP: 0018:ffff888023de7bb8 EFLAGS: 00010246 [ 86.113432] RAX: 0000000000000000 RBX: ffff888016f8a8a8 RCX: 0000000000000000 [ 86.114211] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 86.115025] RBP: ffff888023de7bd0 R08: ffffed1002df1533 R09: ffffed1002df1533 [ 86.115827] R10: ffff888016f8a993 R11: ffffed1002df1532 R12: ffff888016634c00 [ 86.116607] R13: ffff888016f8a9e8 R14: ffffffff8352e670 R15: ffff888023de7e68 [ 86.117390] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.118270] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.118947] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 86.119747] PKRU: 55555554 [ 86.120073] Call Trace: [ 86.120360] [ 86.120609] __iommufd_access_detach+0x1c2/0x2b0 [ 86.121131] iommufd_access_change_pt+0x149/0x270 [ 86.121669] iommufd_access_replace+0xb4/0x120 [ 86.122184] iommufd_test+0x3e5/0x37e0 [ 86.122661] ? lock_release+0x532/0x770 [ 86.123112] ? __might_fault+0x102/0x1b0 [ 86.123566] ? lock_acquire+0x427/0x4c0 [ 86.124013] ? __pfx_iommufd_test+0x10/0x10 [ 86.124481] ? __pfx_lock_release+0x10/0x10 [ 86.124974] ? __pfx_lock_acquire+0x10/0x10 [ 86.125454] ? write_comp_data+0x2f/0x90 [ 86.125900] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.126432] ? write_comp_data+0x2f/0x90 [ 86.126918] iommufd_fops_ioctl+0x37d/0x510 [ 86.127399] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.127930] ? write_comp_data+0x2f/0x90 [ 86.128386] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.128913] __x64_sys_ioctl+0x1a3/0x230 [ 86.129366] do_syscall_64+0x3b/0x90 [ 86.129787] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.130356] RIP: 0033:0x7f4b8743ee5d [ 86.130794] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.132777] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.133621] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.134393] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.135219] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.135989] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.136756] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.137531] [ 86.137779] irq event stamp: 0 [ 86.138114] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.138818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.139724] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.140598] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.141270] ---[ end trace 0000000000000000 ]--- [ 86.145083] ------------[ cut here ]------------ [ 86.145609] WARNING: CPU: 0 PID: 737 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.146968] Modules linked in: [ 86.147439] CPU: 0 PID: 737 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.148346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.149553] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.150222] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.152245] RSP: 0018:ffff888023de7bd0 EFLAGS: 00010246 [ 86.152839] RAX: 0000000000000000 RBX: ffff888016f8a8a8 RCX: 0000000000000000 [ 86.153817] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 86.154699] RBP: ffff888023de7be8 R08: ffffed1002df1533 R09: ffffed1002df1533 [ 86.155452] R10: ffff888016f8a993 R11: ffffed1002df1532 R12: ffff888017ba3800 [ 86.156233] R13: ffff888016f8a9e8 R14: ffff888012134300 R15: 0000000000000000 [ 86.157204] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.158158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.158886] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.159640] PKRU: 55555554 [ 86.160006] Call Trace: [ 86.160387] [ 86.160622] iommufd_access_destroy_object+0x65/0x170 [ 86.161176] iommufd_object_destroy_user+0x18e/0x220 [ 86.161762] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.162499] iommufd_access_destroy+0x43/0x70 [ 86.163033] iommufd_test_staccess_release+0x8d/0xd0 [ 86.163697] __fput+0x26d/0xa40 [ 86.164124] ____fput+0x1e/0x30 [ 86.164478] task_work_run+0x1a4/0x2d0 [ 86.164929] ? __pfx_task_work_run+0x10/0x10 [ 86.165558] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.166074] ? switch_task_namespaces+0xa9/0xe0 [ 86.166610] do_exit+0xb17/0x2ef0 [ 86.166982] ? lock_acquire+0x427/0x4c0 [ 86.167641] ? __pfx_lock_release+0x10/0x10 [ 86.168095] ? __kasan_check_write+0x18/0x20 [ 86.168582] ? do_raw_spin_lock+0x132/0x2a0 [ 86.169211] ? __pfx_do_exit+0x10/0x10 [ 86.169632] ? debug_smp_processor_id+0x20/0x30 [ 86.170151] ? rcu_is_watching+0x19/0xb0 [ 86.170759] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.171244] ? trace_hardirqs_on+0x26/0x120 [ 86.171707] do_group_exit+0xe0/0x2b0 [ 86.172153] __x64_sys_exit_group+0x47/0x50 [ 86.172755] do_syscall_64+0x3b/0x90 [ 86.173163] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.173784] RIP: 0033:0x7f4b87518a4d [ 86.174258] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.174913] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.175827] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.176718] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.177661] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.178399] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.179315] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.180066] [ 86.180463] irq event stamp: 0 [ 86.180782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.181435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.182434] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.183512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.184154] ---[ end trace 0000000000000000 ]--- [ 86.185054] ------------[ cut here ]------------ [ 86.185646] WARNING: CPU: 0 PID: 737 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.186908] Modules linked in: [ 86.187238] CPU: 0 PID: 737 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.188335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.189670] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.190206] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.192312] RSP: 0018:ffff888023de7b78 EFLAGS: 00010246 [ 86.192937] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.193774] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 86.194741] RBP: ffff888023de7b98 R08: ffffed1002df153e R09: ffffed1002df153e [ 86.195477] R10: ffff888016f8a9ef R11: ffffed1002df153d R12: ffff888016f8aa90 [ 86.196438] R13: ffff888016f8a8a8 R14: ffffffffffffffff R15: ffff888023de7c60 [ 86.197159] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.198167] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.198733] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.199597] PKRU: 55555554 [ 86.199864] Call Trace: [ 86.200106] [ 86.200319] iommufd_ioas_destroy+0x53/0x70 [ 86.200906] iommufd_fops_release+0x1f7/0x370 [ 86.201334] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.201803] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.202273] ? write_comp_data+0x2f/0x90 [ 86.202686] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.203174] __fput+0x26d/0xa40 [ 86.203501] ____fput+0x1e/0x30 [ 86.203819] task_work_run+0x1a4/0x2d0 [ 86.204191] ? __pfx_task_work_run+0x10/0x10 [ 86.204605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.205067] ? switch_task_namespaces+0xa9/0xe0 [ 86.205516] do_exit+0xb17/0x2ef0 [ 86.205849] ? lock_acquire+0x427/0x4c0 [ 86.206238] ? __pfx_lock_release+0x10/0x10 [ 86.206673] ? __kasan_check_write+0x18/0x20 [ 86.207090] ? do_raw_spin_lock+0x132/0x2a0 [ 86.207502] ? __pfx_do_exit+0x10/0x10 [ 86.207877] ? debug_smp_processor_id+0x20/0x30 [ 86.208315] ? rcu_is_watching+0x19/0xb0 [ 86.208702] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.209130] ? trace_hardirqs_on+0x26/0x120 [ 86.209547] do_group_exit+0xe0/0x2b0 [ 86.209902] __x64_sys_exit_group+0x47/0x50 [ 86.210302] do_syscall_64+0x3b/0x90 [ 86.210693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.211200] RIP: 0033:0x7f4b87518a4d [ 86.211546] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.212116] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.212820] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.213479] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.214132] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.214808] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.215475] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.216132] [ 86.216346] irq event stamp: 0 [ 86.216636] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.217209] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.217971] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.218756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.219336] ---[ end trace 0000000000000000 ]--- [ 86.224363] ------------[ cut here ]------------ [ 86.224808] WARNING: CPU: 0 PID: 738 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.225672] Modules linked in: [ 86.225951] CPU: 0 PID: 738 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.226731] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.227709] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.228148] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.229713] RSP: 0018:ffff8880149efbb8 EFLAGS: 00010246 [ 86.230170] RAX: 0000000000000000 RBX: ffff888012b040a8 RCX: 0000000000000000 [ 86.230801] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 86.231415] RBP: ffff8880149efbd0 R08: ffffed1002560833 R09: ffffed1002560833 [ 86.232034] R10: ffff888012b04193 R11: ffffed1002560832 R12: ffff888014390c00 [ 86.232647] R13: ffff888012b041e8 R14: ffffffff8352e670 R15: ffff8880149efe68 [ 86.233262] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.233956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.234467] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ef0 [ 86.235116] PKRU: 55555554 [ 86.235369] Call Trace: [ 86.235596] [ 86.235793] __iommufd_access_detach+0x1c2/0x2b0 [ 86.236225] iommufd_access_change_pt+0x149/0x270 [ 86.236656] iommufd_access_replace+0xb4/0x120 [ 86.237068] iommufd_test+0x3e5/0x37e0 [ 86.237410] ? lock_release+0x532/0x770 [ 86.237771] ? __might_fault+0x102/0x1b0 [ 86.238134] ? lock_acquire+0x427/0x4c0 [ 86.238491] ? __pfx_iommufd_test+0x10/0x10 [ 86.238900] ? __pfx_lock_release+0x10/0x10 [ 86.239297] ? __pfx_lock_acquire+0x10/0x10 [ 86.239686] ? write_comp_data+0x2f/0x90 [ 86.240055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.240484] ? write_comp_data+0x2f/0x90 [ 86.240851] iommufd_fops_ioctl+0x37d/0x510 [ 86.241231] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.241667] ? write_comp_data+0x2f/0x90 [ 86.242032] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.242455] __x64_sys_ioctl+0x1a3/0x230 [ 86.242854] do_syscall_64+0x3b/0x90 [ 86.243203] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.243664] RIP: 0033:0x7f4b8743ee5d [ 86.243993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.245567] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.246230] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.246858] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.247478] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.248086] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.248683] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.249271] [ 86.249464] irq event stamp: 0 [ 86.249725] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.250251] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.250960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.251649] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.252173] ---[ end trace 0000000000000000 ]--- [ 86.255025] ------------[ cut here ]------------ [ 86.255449] WARNING: CPU: 0 PID: 738 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.256269] Modules linked in: [ 86.256535] CPU: 0 PID: 738 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.257238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.258152] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.258788] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.260285] RSP: 0018:ffff8880149efbd0 EFLAGS: 00010246 [ 86.260721] RAX: 0000000000000000 RBX: ffff888012b040a8 RCX: 0000000000000000 [ 86.261306] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 86.261887] RBP: ffff8880149efbe8 R08: ffffed1002560833 R09: ffffed1002560833 [ 86.262467] R10: ffff888012b04193 R11: ffffed1002560832 R12: ffff888016636400 [ 86.263078] R13: ffff888012b041e8 R14: ffff8880129b2000 R15: 0000000000000000 [ 86.263680] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.264338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.264813] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.265393] PKRU: 55555554 [ 86.265624] Call Trace: [ 86.265836] [ 86.266024] iommufd_access_destroy_object+0x65/0x170 [ 86.266455] iommufd_object_destroy_user+0x18e/0x220 [ 86.266899] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.267391] iommufd_access_destroy+0x43/0x70 [ 86.267770] iommufd_test_staccess_release+0x8d/0xd0 [ 86.268196] __fput+0x26d/0xa40 [ 86.268486] ____fput+0x1e/0x30 [ 86.268770] task_work_run+0x1a4/0x2d0 [ 86.269107] ? __pfx_task_work_run+0x10/0x10 [ 86.269484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.269896] ? switch_task_namespaces+0xa9/0xe0 [ 86.270290] do_exit+0xb17/0x2ef0 [ 86.270602] ? lock_acquire+0x427/0x4c0 [ 86.270945] ? __pfx_lock_release+0x10/0x10 [ 86.271321] ? __kasan_check_write+0x18/0x20 [ 86.271692] ? do_raw_spin_lock+0x132/0x2a0 [ 86.272055] ? __pfx_do_exit+0x10/0x10 [ 86.272385] ? debug_smp_processor_id+0x20/0x30 [ 86.272773] ? rcu_is_watching+0x19/0xb0 [ 86.273111] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.273488] ? trace_hardirqs_on+0x26/0x120 [ 86.273852] do_group_exit+0xe0/0x2b0 [ 86.274168] __x64_sys_exit_group+0x47/0x50 [ 86.274540] do_syscall_64+0x3b/0x90 [ 86.274859] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.275301] RIP: 0033:0x7f4b87518a4d [ 86.275611] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.276113] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.276739] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.277316] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.277902] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.278479] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.279073] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.279669] [ 86.279864] irq event stamp: 0 [ 86.280122] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.280637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.281332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.282024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.282569] ---[ end trace 0000000000000000 ]--- [ 86.283307] ------------[ cut here ]------------ [ 86.283700] WARNING: CPU: 0 PID: 738 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.284544] Modules linked in: [ 86.284810] CPU: 0 PID: 738 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.285518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.286434] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.286866] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.288323] RSP: 0018:ffff8880149efb78 EFLAGS: 00010246 [ 86.288752] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.289314] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 86.289883] RBP: ffff8880149efb98 R08: ffffed100256083e R09: ffffed100256083e [ 86.290448] R10: ffff888012b041ef R11: ffffed100256083d R12: ffff888012b04290 [ 86.291038] R13: ffff888012b040a8 R14: ffffffffffffffff R15: ffff8880149efc60 [ 86.291611] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.292245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.292706] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.293270] PKRU: 55555554 [ 86.293495] Call Trace: [ 86.293699] [ 86.293881] iommufd_ioas_destroy+0x53/0x70 [ 86.294231] iommufd_fops_release+0x1f7/0x370 [ 86.294618] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.295024] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.295441] ? write_comp_data+0x2f/0x90 [ 86.295780] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.296186] __fput+0x26d/0xa40 [ 86.296465] ____fput+0x1e/0x30 [ 86.296739] task_work_run+0x1a4/0x2d0 [ 86.297068] ? __pfx_task_work_run+0x10/0x10 [ 86.297430] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.297825] ? switch_task_namespaces+0xa9/0xe0 [ 86.298213] do_exit+0xb17/0x2ef0 [ 86.298492] ? lock_acquire+0x427/0x4c0 [ 86.298855] ? __pfx_lock_release+0x10/0x10 [ 86.299220] ? __kasan_check_write+0x18/0x20 [ 86.299580] ? do_raw_spin_lock+0x132/0x2a0 [ 86.299928] ? __pfx_do_exit+0x10/0x10 [ 86.300249] ? debug_smp_processor_id+0x20/0x30 [ 86.300627] ? rcu_is_watching+0x19/0xb0 [ 86.300955] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.301324] ? trace_hardirqs_on+0x26/0x120 [ 86.301682] do_group_exit+0xe0/0x2b0 [ 86.301992] __x64_sys_exit_group+0x47/0x50 [ 86.302345] do_syscall_64+0x3b/0x90 [ 86.302680] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.303106] RIP: 0033:0x7f4b87518a4d [ 86.303413] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.303893] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.304482] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.305030] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.305578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.306131] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.306698] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.307270] [ 86.307454] irq event stamp: 0 [ 86.307704] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.308197] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.308860] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.309514] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.310004] ---[ end trace 0000000000000000 ]--- [ 86.314806] ------------[ cut here ]------------ [ 86.315244] WARNING: CPU: 0 PID: 739 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.316046] Modules linked in: [ 86.316300] CPU: 0 PID: 739 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.316989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.317868] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.318258] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.319718] RSP: 0018:ffff888017a87bb8 EFLAGS: 00010246 [ 86.320141] RAX: 0000000000000000 RBX: ffff888015d2f8a8 RCX: 0000000000000000 [ 86.320700] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 86.321261] RBP: ffff888017a87bd0 R08: ffffed1002ba5f33 R09: ffffed1002ba5f33 [ 86.321826] R10: ffff888015d2f993 R11: ffffed1002ba5f32 R12: ffff888020b31800 [ 86.322385] R13: ffff888015d2f9e8 R14: ffffffff8352e670 R15: ffff888017a87e68 [ 86.322965] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.323603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.324059] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 86.324611] PKRU: 55555554 [ 86.324833] Call Trace: [ 86.325033] [ 86.325210] __iommufd_access_detach+0x1c2/0x2b0 [ 86.325598] iommufd_access_change_pt+0x149/0x270 [ 86.325987] iommufd_access_replace+0xb4/0x120 [ 86.326353] iommufd_test+0x3e5/0x37e0 [ 86.326679] ? lock_release+0x532/0x770 [ 86.327007] ? __might_fault+0x102/0x1b0 [ 86.327335] ? lock_acquire+0x427/0x4c0 [ 86.327652] ? __pfx_iommufd_test+0x10/0x10 [ 86.327986] ? __pfx_lock_release+0x10/0x10 [ 86.328325] ? __pfx_lock_acquire+0x10/0x10 [ 86.328670] ? write_comp_data+0x2f/0x90 [ 86.328997] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.329375] ? write_comp_data+0x2f/0x90 [ 86.329697] iommufd_fops_ioctl+0x37d/0x510 [ 86.330032] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.330412] ? write_comp_data+0x2f/0x90 [ 86.330756] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.331142] __x64_sys_ioctl+0x1a3/0x230 [ 86.331467] do_syscall_64+0x3b/0x90 [ 86.331768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.332173] RIP: 0033:0x7f4b8743ee5d [ 86.332465] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.333846] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.334426] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.334997] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.335555] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.336102] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.336641] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.337188] [ 86.337370] irq event stamp: 0 [ 86.337614] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.338093] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.338756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.339408] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.339889] ---[ end trace 0000000000000000 ]--- [ 86.342656] ------------[ cut here ]------------ [ 86.343044] WARNING: CPU: 0 PID: 739 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.343818] Modules linked in: [ 86.344064] CPU: 0 PID: 739 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.344722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.345585] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.345969] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.347381] RSP: 0018:ffff888017a87bd0 EFLAGS: 00010246 [ 86.347794] RAX: 0000000000000000 RBX: ffff888015d2f8a8 RCX: 0000000000000000 [ 86.348337] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 86.348879] RBP: ffff888017a87be8 R08: ffffed1002ba5f33 R09: ffffed1002ba5f33 [ 86.349500] R10: ffff888015d2f993 R11: ffffed1002ba5f32 R12: ffff888014391c00 [ 86.350171] R13: ffff888015d2f9e8 R14: ffff888013c90800 R15: 0000000000000000 [ 86.350732] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.351477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.351918] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.352461] PKRU: 55555554 [ 86.352678] Call Trace: [ 86.352877] [ 86.353080] iommufd_access_destroy_object+0x65/0x170 [ 86.353585] iommufd_object_destroy_user+0x18e/0x220 [ 86.353983] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.354436] iommufd_access_destroy+0x43/0x70 [ 86.354806] iommufd_test_staccess_release+0x8d/0xd0 [ 86.355211] __fput+0x26d/0xa40 [ 86.355478] ____fput+0x1e/0x30 [ 86.355743] task_work_run+0x1a4/0x2d0 [ 86.356184] ? __pfx_task_work_run+0x10/0x10 [ 86.356527] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.356905] ? switch_task_namespaces+0xa9/0xe0 [ 86.357273] do_exit+0xb17/0x2ef0 [ 86.357564] ? lock_acquire+0x427/0x4c0 [ 86.357985] ? __pfx_lock_release+0x10/0x10 [ 86.358325] ? __kasan_check_write+0x18/0x20 [ 86.358694] ? do_raw_spin_lock+0x132/0x2a0 [ 86.359028] ? __pfx_do_exit+0x10/0x10 [ 86.359344] ? debug_smp_processor_id+0x20/0x30 [ 86.359704] ? rcu_is_watching+0x19/0xb0 [ 86.360043] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.360515] ? trace_hardirqs_on+0x26/0x120 [ 86.360853] do_group_exit+0xe0/0x2b0 [ 86.361146] __x64_sys_exit_group+0x47/0x50 [ 86.361476] do_syscall_64+0x3b/0x90 [ 86.361807] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.362313] RIP: 0033:0x7f4b87518a4d [ 86.362623] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.363092] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.363678] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.364234] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.364895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.365436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.365975] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.366676] [ 86.366858] irq event stamp: 0 [ 86.367101] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.367589] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.368225] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.369000] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.369482] ---[ end trace 0000000000000000 ]--- [ 86.370157] ------------[ cut here ]------------ [ 86.370619] WARNING: CPU: 0 PID: 739 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.371399] Modules linked in: [ 86.371643] CPU: 0 PID: 739 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.372297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.373290] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.373683] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.375231] RSP: 0018:ffff888017a87b78 EFLAGS: 00010246 [ 86.375643] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.376180] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 86.376850] RBP: ffff888017a87b98 R08: ffffed1002ba5f3e R09: ffffed1002ba5f3e [ 86.377387] R10: ffff888015d2f9ef R11: ffffed1002ba5f3d R12: ffff888015d2fa90 [ 86.377927] R13: ffff888015d2f8a8 R14: ffffffffffffffff R15: ffff888017a87c60 [ 86.378624] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.379230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.379667] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.380206] PKRU: 55555554 [ 86.380468] Call Trace: [ 86.380754] [ 86.380931] iommufd_ioas_destroy+0x53/0x70 [ 86.381269] iommufd_fops_release+0x1f7/0x370 [ 86.381617] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.381999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.382502] ? write_comp_data+0x2f/0x90 [ 86.382849] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.383235] __fput+0x26d/0xa40 [ 86.383502] ____fput+0x1e/0x30 [ 86.383765] task_work_run+0x1a4/0x2d0 [ 86.384068] ? __pfx_task_work_run+0x10/0x10 [ 86.384406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.384843] ? switch_task_namespaces+0xa9/0xe0 [ 86.385285] do_exit+0xb17/0x2ef0 [ 86.385550] ? lock_acquire+0x427/0x4c0 [ 86.385864] ? __pfx_lock_release+0x10/0x10 [ 86.386198] ? __kasan_check_write+0x18/0x20 [ 86.386686] ? do_raw_spin_lock+0x132/0x2a0 [ 86.387021] ? __pfx_do_exit+0x10/0x10 [ 86.387341] ? debug_smp_processor_id+0x20/0x30 [ 86.387700] ? rcu_is_watching+0x19/0xb0 [ 86.388014] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.388366] ? trace_hardirqs_on+0x26/0x120 [ 86.388703] do_group_exit+0xe0/0x2b0 [ 86.389133] __x64_sys_exit_group+0x47/0x50 [ 86.389464] do_syscall_64+0x3b/0x90 [ 86.389758] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.390159] RIP: 0033:0x7f4b87518a4d [ 86.390444] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.391056] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.391641] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.392180] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.392720] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.393390] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.393929] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.394474] [ 86.394703] irq event stamp: 0 [ 86.395055] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.395545] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.396182] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.396815] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.397450] ---[ end trace 0000000000000000 ]--- [ 86.402163] ------------[ cut here ]------------ [ 86.402631] WARNING: CPU: 0 PID: 740 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.403554] Modules linked in: [ 86.403800] CPU: 0 PID: 740 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.404452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.405416] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.405795] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.407228] RSP: 0018:ffff8880161b7bb8 EFLAGS: 00010246 [ 86.407635] RAX: 0000000000000000 RBX: ffff8880187e90a8 RCX: 0000000000000000 [ 86.408171] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 86.408710] RBP: ffff8880161b7bd0 R08: ffffed10030fd233 R09: ffffed10030fd233 [ 86.409244] R10: ffff8880187e9193 R11: ffffed10030fd232 R12: ffff88800efcd800 [ 86.409779] R13: ffff8880187e91e8 R14: ffffffff8352e670 R15: ffff8880161b7e68 [ 86.410315] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.410947] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.411397] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ef0 [ 86.411941] PKRU: 55555554 [ 86.412156] Call Trace: [ 86.412351] [ 86.412525] __iommufd_access_detach+0x1c2/0x2b0 [ 86.413026] iommufd_access_change_pt+0x149/0x270 [ 86.413404] iommufd_access_replace+0xb4/0x120 [ 86.413762] iommufd_test+0x3e5/0x37e0 [ 86.414062] ? lock_release+0x532/0x770 [ 86.414378] ? __might_fault+0x102/0x1b0 [ 86.414724] ? lock_acquire+0x427/0x4c0 [ 86.415041] ? __pfx_iommufd_test+0x10/0x10 [ 86.415375] ? __pfx_lock_release+0x10/0x10 [ 86.415717] ? __pfx_lock_acquire+0x10/0x10 [ 86.416063] ? write_comp_data+0x2f/0x90 [ 86.416383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.416758] ? write_comp_data+0x2f/0x90 [ 86.417082] iommufd_fops_ioctl+0x37d/0x510 [ 86.417416] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.417794] ? write_comp_data+0x2f/0x90 [ 86.418113] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.418483] __x64_sys_ioctl+0x1a3/0x230 [ 86.418830] do_syscall_64+0x3b/0x90 [ 86.419134] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.419536] RIP: 0033:0x7f4b8743ee5d [ 86.419820] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.421209] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.421782] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.422327] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.422892] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.423445] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.423989] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.424537] [ 86.424716] irq event stamp: 0 [ 86.424955] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.425429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.426063] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.426711] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.427194] ---[ end trace 0000000000000000 ]--- [ 86.430307] ------------[ cut here ]------------ [ 86.430717] WARNING: CPU: 0 PID: 740 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.431492] Modules linked in: [ 86.431740] CPU: 0 PID: 740 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.432441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.433400] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.433779] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.435306] RSP: 0018:ffff8880161b7bd0 EFLAGS: 00010246 [ 86.435711] RAX: 0000000000000000 RBX: ffff8880187e90a8 RCX: 0000000000000000 [ 86.436251] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 86.436789] RBP: ffff8880161b7be8 R08: ffffed10030fd233 R09: ffffed10030fd233 [ 86.437326] R10: ffff8880187e9193 R11: ffffed10030fd232 R12: ffff888020b31000 [ 86.437874] R13: ffff8880187e91e8 R14: ffff888012c24800 R15: 0000000000000000 [ 86.438414] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.439042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.439492] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.440034] PKRU: 55555554 [ 86.440248] Call Trace: [ 86.440443] [ 86.440616] iommufd_access_destroy_object+0x65/0x170 [ 86.441015] iommufd_object_destroy_user+0x18e/0x220 [ 86.441410] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.441859] iommufd_access_destroy+0x43/0x70 [ 86.442210] iommufd_test_staccess_release+0x8d/0xd0 [ 86.442626] __fput+0x26d/0xa40 [ 86.442898] ____fput+0x1e/0x30 [ 86.443168] task_work_run+0x1a4/0x2d0 [ 86.443474] ? __pfx_task_work_run+0x10/0x10 [ 86.443816] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.444195] ? switch_task_namespaces+0xa9/0xe0 [ 86.444561] do_exit+0xb17/0x2ef0 [ 86.444829] ? lock_acquire+0x427/0x4c0 [ 86.445141] ? __pfx_lock_release+0x10/0x10 [ 86.445481] ? __kasan_check_write+0x18/0x20 [ 86.445824] ? do_raw_spin_lock+0x132/0x2a0 [ 86.446154] ? __pfx_do_exit+0x10/0x10 [ 86.446461] ? debug_smp_processor_id+0x20/0x30 [ 86.446842] ? rcu_is_watching+0x19/0xb0 [ 86.447164] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.447518] ? trace_hardirqs_on+0x26/0x120 [ 86.447853] do_group_exit+0xe0/0x2b0 [ 86.448149] __x64_sys_exit_group+0x47/0x50 [ 86.448479] do_syscall_64+0x3b/0x90 [ 86.448772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.449172] RIP: 0033:0x7f4b87518a4d [ 86.449455] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.449924] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.450497] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.451065] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.451607] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.452144] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.452682] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.453227] [ 86.453405] irq event stamp: 0 [ 86.453645] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.454124] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.454790] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.455441] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.455921] ---[ end trace 0000000000000000 ]--- [ 86.456649] ------------[ cut here ]------------ [ 86.457124] WARNING: CPU: 0 PID: 740 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.457891] Modules linked in: [ 86.458141] CPU: 0 PID: 740 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.458988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.459845] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.460237] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.461764] RSP: 0018:ffff8880161b7b78 EFLAGS: 00010246 [ 86.462174] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.462894] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 86.463500] RBP: ffff8880161b7b98 R08: ffffed10030fd23e R09: ffffed10030fd23e [ 86.464129] R10: ffff8880187e91ef R11: ffffed10030fd23d R12: ffff8880187e9290 [ 86.464676] R13: ffff8880187e90a8 R14: ffffffffffffffff R15: ffff8880161b7c60 [ 86.465214] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.465955] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.466395] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.466959] PKRU: 55555554 [ 86.467238] Call Trace: [ 86.467522] [ 86.467696] iommufd_ioas_destroy+0x53/0x70 [ 86.468035] iommufd_fops_release+0x1f7/0x370 [ 86.468385] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.468772] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.469152] ? write_comp_data+0x2f/0x90 [ 86.469517] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.469985] __fput+0x26d/0xa40 [ 86.470254] ____fput+0x1e/0x30 [ 86.470542] task_work_run+0x1a4/0x2d0 [ 86.470852] ? __pfx_task_work_run+0x10/0x10 [ 86.471208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.471724] ? switch_task_namespaces+0xa9/0xe0 [ 86.472093] do_exit+0xb17/0x2ef0 [ 86.472358] ? lock_acquire+0x427/0x4c0 [ 86.472674] ? __pfx_lock_release+0x10/0x10 [ 86.473015] ? __kasan_check_write+0x18/0x20 [ 86.473508] ? do_raw_spin_lock+0x132/0x2a0 [ 86.473848] ? __pfx_do_exit+0x10/0x10 [ 86.474155] ? debug_smp_processor_id+0x20/0x30 [ 86.474536] ? rcu_is_watching+0x19/0xb0 [ 86.474877] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.475341] ? trace_hardirqs_on+0x26/0x120 [ 86.475682] do_group_exit+0xe0/0x2b0 [ 86.475979] __x64_sys_exit_group+0x47/0x50 [ 86.476309] do_syscall_64+0x3b/0x90 [ 86.476606] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.477163] RIP: 0033:0x7f4b87518a4d [ 86.477450] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.477915] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.478572] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.479197] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.479738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.480346] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.480962] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.481507] [ 86.481687] irq event stamp: 0 [ 86.481928] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.482547] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.483195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.483866] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.484437] ---[ end trace 0000000000000000 ]--- [ 86.489925] ------------[ cut here ]------------ [ 86.490297] WARNING: CPU: 0 PID: 741 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.491247] Modules linked in: [ 86.491494] CPU: 0 PID: 741 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.492145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.492994] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.493369] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.494749] RSP: 0018:ffff888018367bb8 EFLAGS: 00010246 [ 86.495165] RAX: 0000000000000000 RBX: ffff8880165330a8 RCX: 0000000000000000 [ 86.495706] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 86.496247] RBP: ffff888018367bd0 R08: ffffed1002ca6633 R09: ffffed1002ca6633 [ 86.496785] R10: ffff888016533193 R11: ffffed1002ca6632 R12: ffff88800fcb2000 [ 86.497323] R13: ffff8880165331e8 R14: ffffffff8352e670 R15: ffff888018367e68 [ 86.497864] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.498470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.498928] CR2: 00007f4b877410e8 CR3: 000000001421a000 CR4: 0000000000750ef0 [ 86.499479] PKRU: 55555554 [ 86.499695] Call Trace: [ 86.499890] [ 86.500062] __iommufd_access_detach+0x1c2/0x2b0 [ 86.500435] iommufd_access_change_pt+0x149/0x270 [ 86.500815] iommufd_access_replace+0xb4/0x120 [ 86.501174] iommufd_test+0x3e5/0x37e0 [ 86.501471] ? lock_release+0x532/0x770 [ 86.501786] ? __might_fault+0x102/0x1b0 [ 86.502102] ? lock_acquire+0x427/0x4c0 [ 86.502416] ? __pfx_iommufd_test+0x10/0x10 [ 86.502762] ? __pfx_lock_release+0x10/0x10 [ 86.503100] ? __pfx_lock_acquire+0x10/0x10 [ 86.503443] ? write_comp_data+0x2f/0x90 [ 86.503762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.504141] ? write_comp_data+0x2f/0x90 [ 86.504458] iommufd_fops_ioctl+0x37d/0x510 [ 86.504794] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.505169] ? write_comp_data+0x2f/0x90 [ 86.505487] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.505857] __x64_sys_ioctl+0x1a3/0x230 [ 86.506179] do_syscall_64+0x3b/0x90 [ 86.506473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.506893] RIP: 0033:0x7f4b8743ee5d [ 86.507182] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.508552] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.509124] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.509663] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.510198] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.510746] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.511300] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.511845] [ 86.512022] irq event stamp: 0 [ 86.512256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.512722] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.513345] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.513962] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.514430] ---[ end trace 0000000000000000 ]--- [ 86.517383] ------------[ cut here ]------------ [ 86.517880] WARNING: CPU: 0 PID: 741 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.518733] Modules linked in: [ 86.519040] CPU: 0 PID: 741 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.519692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.520665] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.521096] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.522540] RSP: 0018:ffff888018367bd0 EFLAGS: 00010246 [ 86.522939] RAX: 0000000000000000 RBX: ffff8880165330a8 RCX: 0000000000000000 [ 86.523473] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 86.523998] RBP: ffff888018367be8 R08: ffffed1002ca6633 R09: ffffed1002ca6633 [ 86.524524] R10: ffff888016533193 R11: ffffed1002ca6632 R12: ffff88800efcd000 [ 86.525054] R13: ffff8880165331e8 R14: ffff88800f124a00 R15: 0000000000000000 [ 86.525580] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.526187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.526637] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.527173] PKRU: 55555554 [ 86.527386] Call Trace: [ 86.527577] [ 86.527752] iommufd_access_destroy_object+0x65/0x170 [ 86.528141] iommufd_object_destroy_user+0x18e/0x220 [ 86.528528] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.528972] iommufd_access_destroy+0x43/0x70 [ 86.529334] iommufd_test_staccess_release+0x8d/0xd0 [ 86.529727] __fput+0x26d/0xa40 [ 86.529989] ____fput+0x1e/0x30 [ 86.530250] task_work_run+0x1a4/0x2d0 [ 86.530575] ? __pfx_task_work_run+0x10/0x10 [ 86.530913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.531293] ? switch_task_namespaces+0xa9/0xe0 [ 86.531657] do_exit+0xb17/0x2ef0 [ 86.531918] ? lock_acquire+0x427/0x4c0 [ 86.532228] ? __pfx_lock_release+0x10/0x10 [ 86.532567] ? __kasan_check_write+0x18/0x20 [ 86.532905] ? do_raw_spin_lock+0x132/0x2a0 [ 86.533237] ? __pfx_do_exit+0x10/0x10 [ 86.533544] ? debug_smp_processor_id+0x20/0x30 [ 86.533896] ? rcu_is_watching+0x19/0xb0 [ 86.534203] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.534576] ? trace_hardirqs_on+0x26/0x120 [ 86.534914] do_group_exit+0xe0/0x2b0 [ 86.535212] __x64_sys_exit_group+0x47/0x50 [ 86.535538] do_syscall_64+0x3b/0x90 [ 86.535825] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.536217] RIP: 0033:0x7f4b87518a4d [ 86.536497] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.536954] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.537518] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.538047] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.538595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.539141] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.539675] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.540314] [ 86.540620] irq event stamp: 0 [ 86.540862] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.541396] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.542064] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.542839] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.543322] ---[ end trace 0000000000000000 ]--- [ 86.544071] ------------[ cut here ]------------ [ 86.544425] WARNING: CPU: 0 PID: 741 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.545306] Modules linked in: [ 86.545549] CPU: 0 PID: 741 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.546326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.547334] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.547724] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.549075] RSP: 0018:ffff888018367b78 EFLAGS: 00010246 [ 86.549470] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.549995] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 86.550548] RBP: ffff888018367b98 R08: ffffed1002ca663e R09: ffffed1002ca663e [ 86.551084] R10: ffff8880165331ef R11: ffffed1002ca663d R12: ffff888016533290 [ 86.551619] R13: ffff8880165330a8 R14: ffffffffffffffff R15: ffff888018367c60 [ 86.552147] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 86.552741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.553171] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 86.553698] PKRU: 55555554 [ 86.553908] Call Trace: [ 86.554098] [ 86.554269] iommufd_ioas_destroy+0x53/0x70 [ 86.554615] iommufd_fops_release+0x1f7/0x370 [ 86.554958] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.555338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.555726] ? write_comp_data+0x2f/0x90 [ 86.556040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.556415] __fput+0x26d/0xa40 [ 86.556677] ____fput+0x1e/0x30 [ 86.556933] task_work_run+0x1a4/0x2d0 [ 86.557234] ? __pfx_task_work_run+0x10/0x10 [ 86.557568] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.557941] ? switch_task_namespaces+0xa9/0xe0 [ 86.558301] do_exit+0xb17/0x2ef0 [ 86.558582] ? lock_acquire+0x427/0x4c0 [ 86.558896] ? __pfx_lock_release+0x10/0x10 [ 86.559236] ? __kasan_check_write+0x18/0x20 [ 86.559573] ? do_raw_spin_lock+0x132/0x2a0 [ 86.559900] ? __pfx_do_exit+0x10/0x10 [ 86.560200] ? debug_smp_processor_id+0x20/0x30 [ 86.560551] ? rcu_is_watching+0x19/0xb0 [ 86.560858] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.561206] ? trace_hardirqs_on+0x26/0x120 [ 86.561535] do_group_exit+0xe0/0x2b0 [ 86.561824] __x64_sys_exit_group+0x47/0x50 [ 86.562146] do_syscall_64+0x3b/0x90 [ 86.562434] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.562846] RIP: 0033:0x7f4b87518a4d [ 86.563134] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.563593] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.564164] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.564690] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.565222] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.565748] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.566278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.566830] [ 86.567007] irq event stamp: 0 [ 86.567253] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.567719] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.568341] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.568959] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.569425] ---[ end trace 0000000000000000 ]--- [ 86.573562] ------------[ cut here ]------------ [ 86.574091] WARNING: CPU: 1 PID: 742 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.574937] Modules linked in: [ 86.575239] CPU: 1 PID: 742 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.575871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.576820] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.577207] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.578748] RSP: 0018:ffff888016677bb8 EFLAGS: 00010246 [ 86.579160] RAX: 0000000000000000 RBX: ffff888010fdc0a8 RCX: 0000000000000000 [ 86.579750] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 86.580320] RBP: ffff888016677bd0 R08: ffffed10021fb833 R09: ffffed10021fb833 [ 86.580909] R10: ffff888010fdc193 R11: ffffed10021fb832 R12: ffff888021bcb000 [ 86.581490] R13: ffff888010fdc1e8 R14: ffffffff8352e670 R15: ffff888016677e68 [ 86.582018] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.582632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.583075] CR2: 00007f4b877410e8 CR3: 0000000014502000 CR4: 0000000000750ee0 [ 86.583617] PKRU: 55555554 [ 86.583830] Call Trace: [ 86.584022] [ 86.584192] __iommufd_access_detach+0x1c2/0x2b0 [ 86.584562] iommufd_access_change_pt+0x149/0x270 [ 86.584936] iommufd_access_replace+0xb4/0x120 [ 86.585293] iommufd_test+0x3e5/0x37e0 [ 86.585586] ? lock_release+0x532/0x770 [ 86.585892] ? __might_fault+0x102/0x1b0 [ 86.586202] ? lock_acquire+0x427/0x4c0 [ 86.586533] ? __pfx_iommufd_test+0x10/0x10 [ 86.586863] ? __pfx_lock_release+0x10/0x10 [ 86.587209] ? __pfx_lock_acquire+0x10/0x10 [ 86.587543] ? write_comp_data+0x2f/0x90 [ 86.587859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.588230] ? write_comp_data+0x2f/0x90 [ 86.588545] iommufd_fops_ioctl+0x37d/0x510 [ 86.588877] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.589251] ? write_comp_data+0x2f/0x90 [ 86.589573] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.589941] __x64_sys_ioctl+0x1a3/0x230 [ 86.590260] do_syscall_64+0x3b/0x90 [ 86.590567] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.590963] RIP: 0033:0x7f4b8743ee5d [ 86.591260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.592615] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.593190] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.593720] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.594249] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.594804] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.595345] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.595886] [ 86.596065] irq event stamp: 0 [ 86.596300] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.596771] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.597406] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.598029] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.598530] ---[ end trace 0000000000000000 ]--- [ 86.601464] ------------[ cut here ]------------ [ 86.601853] WARNING: CPU: 1 PID: 742 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.602631] Modules linked in: [ 86.602874] CPU: 1 PID: 742 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.603526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.604387] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.604763] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.606141] RSP: 0018:ffff888016677bd0 EFLAGS: 00010246 [ 86.606575] RAX: 0000000000000000 RBX: ffff888010fdc0a8 RCX: 0000000000000000 [ 86.607133] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 86.607679] RBP: ffff888016677be8 R08: ffffed10021fb833 R09: ffffed10021fb833 [ 86.608366] R10: ffff888010fdc193 R11: ffffed10021fb832 R12: ffff888013b16000 [ 86.608904] R13: ffff888010fdc1e8 R14: ffff888020814c00 R15: 0000000000000000 [ 86.609540] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.610154] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.610680] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 86.611269] PKRU: 55555554 [ 86.611485] Call Trace: [ 86.611679] [ 86.611853] iommufd_access_destroy_object+0x65/0x170 [ 86.612362] iommufd_object_destroy_user+0x18e/0x220 [ 86.612757] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.613258] iommufd_access_destroy+0x43/0x70 [ 86.613656] iommufd_test_staccess_release+0x8d/0xd0 [ 86.614054] __fput+0x26d/0xa40 [ 86.614337] ____fput+0x1e/0x30 [ 86.614683] task_work_run+0x1a4/0x2d0 [ 86.614986] ? __pfx_task_work_run+0x10/0x10 [ 86.615333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.615712] ? switch_task_namespaces+0xa9/0xe0 [ 86.616180] do_exit+0xb17/0x2ef0 [ 86.616446] ? lock_acquire+0x427/0x4c0 [ 86.616751] ? __pfx_lock_release+0x10/0x10 [ 86.617080] ? __kasan_check_write+0x18/0x20 [ 86.617414] ? do_raw_spin_lock+0x132/0x2a0 [ 86.617745] ? __pfx_do_exit+0x10/0x10 [ 86.618044] ? debug_smp_processor_id+0x20/0x30 [ 86.618400] ? rcu_is_watching+0x19/0xb0 [ 86.618724] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.619071] ? trace_hardirqs_on+0x26/0x120 [ 86.619424] do_group_exit+0xe0/0x2b0 [ 86.619716] __x64_sys_exit_group+0x47/0x50 [ 86.620037] do_syscall_64+0x3b/0x90 [ 86.620322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.620724] RIP: 0033:0x7f4b87518a4d [ 86.620996] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.621451] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.622019] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.622568] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.623102] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.623640] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.624168] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.624701] [ 86.624875] irq event stamp: 0 [ 86.625115] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.625581] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.626199] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.626840] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.627326] ---[ end trace 0000000000000000 ]--- [ 86.627997] ------------[ cut here ]------------ [ 86.628353] WARNING: CPU: 1 PID: 742 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.629105] Modules linked in: [ 86.629342] CPU: 1 PID: 742 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.629989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.630841] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.631247] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.632611] RSP: 0018:ffff888016677b78 EFLAGS: 00010246 [ 86.633019] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.633553] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 86.634086] RBP: ffff888016677b98 R08: ffffed10021fb83e R09: ffffed10021fb83e [ 86.634636] R10: ffff888010fdc1ef R11: ffffed10021fb83d R12: ffff888010fdc290 [ 86.635175] R13: ffff888010fdc0a8 R14: ffffffffffffffff R15: ffff888016677c60 [ 86.635712] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.636315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.636750] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 86.637276] PKRU: 55555554 [ 86.637485] Call Trace: [ 86.637674] [ 86.637848] iommufd_ioas_destroy+0x53/0x70 [ 86.638172] iommufd_fops_release+0x1f7/0x370 [ 86.638534] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.638907] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.639291] ? write_comp_data+0x2f/0x90 [ 86.639600] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.639974] __fput+0x26d/0xa40 [ 86.640232] ____fput+0x1e/0x30 [ 86.640489] task_work_run+0x1a4/0x2d0 [ 86.640785] ? __pfx_task_work_run+0x10/0x10 [ 86.641118] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.641491] ? switch_task_namespaces+0xa9/0xe0 [ 86.641844] do_exit+0xb17/0x2ef0 [ 86.642102] ? lock_acquire+0x427/0x4c0 [ 86.642403] ? __pfx_lock_release+0x10/0x10 [ 86.642742] ? __kasan_check_write+0x18/0x20 [ 86.643073] ? do_raw_spin_lock+0x132/0x2a0 [ 86.643405] ? __pfx_do_exit+0x10/0x10 [ 86.643704] ? debug_smp_processor_id+0x20/0x30 [ 86.644046] ? rcu_is_watching+0x19/0xb0 [ 86.644346] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.644686] ? trace_hardirqs_on+0x26/0x120 [ 86.645010] do_group_exit+0xe0/0x2b0 [ 86.645297] __x64_sys_exit_group+0x47/0x50 [ 86.645615] do_syscall_64+0x3b/0x90 [ 86.645907] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.646297] RIP: 0033:0x7f4b87518a4d [ 86.646587] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.647050] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.647624] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.648148] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.648689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.649210] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.649737] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.650262] [ 86.650434] irq event stamp: 0 [ 86.650686] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.651163] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.651784] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.652393] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.652861] ---[ end trace 0000000000000000 ]--- [ 86.656958] ------------[ cut here ]------------ [ 86.657329] WARNING: CPU: 1 PID: 743 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.658079] Modules linked in: [ 86.658314] CPU: 1 PID: 743 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.659143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.659974] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.660347] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.661680] RSP: 0018:ffff888016157bb8 EFLAGS: 00010246 [ 86.662069] RAX: 0000000000000000 RBX: ffff88801015e0a8 RCX: 0000000000000000 [ 86.662622] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 86.663173] RBP: ffff888016157bd0 R08: ffffed100202bc33 R09: ffffed100202bc33 [ 86.663695] R10: ffff88801015e193 R11: ffffed100202bc32 R12: ffff88800f170400 [ 86.664214] R13: ffff88801015e1e8 R14: ffffffff8352e670 R15: ffff888016157e68 [ 86.664731] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.665325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.665755] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 86.666278] PKRU: 55555554 [ 86.666499] Call Trace: [ 86.666711] [ 86.666881] __iommufd_access_detach+0x1c2/0x2b0 [ 86.667265] iommufd_access_change_pt+0x149/0x270 [ 86.667631] iommufd_access_replace+0xb4/0x120 [ 86.667980] iommufd_test+0x3e5/0x37e0 [ 86.668266] ? lock_release+0x532/0x770 [ 86.668575] ? __might_fault+0x102/0x1b0 [ 86.668884] ? lock_acquire+0x427/0x4c0 [ 86.669185] ? __pfx_iommufd_test+0x10/0x10 [ 86.669499] ? __pfx_lock_release+0x10/0x10 [ 86.669822] ? __pfx_lock_acquire+0x10/0x10 [ 86.670149] ? write_comp_data+0x2f/0x90 [ 86.670460] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.670839] ? write_comp_data+0x2f/0x90 [ 86.671166] iommufd_fops_ioctl+0x37d/0x510 [ 86.671492] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.671865] ? write_comp_data+0x2f/0x90 [ 86.672172] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.672539] __x64_sys_ioctl+0x1a3/0x230 [ 86.672851] do_syscall_64+0x3b/0x90 [ 86.673143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.673535] RIP: 0033:0x7f4b8743ee5d [ 86.673810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.675184] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.675756] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.676275] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.676804] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.677336] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.677858] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.678386] [ 86.678575] irq event stamp: 0 [ 86.678812] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.679288] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.679906] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.680529] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.680996] ---[ end trace 0000000000000000 ]--- [ 86.683715] ------------[ cut here ]------------ [ 86.684091] WARNING: CPU: 1 PID: 743 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.684823] Modules linked in: [ 86.685061] CPU: 1 PID: 743 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.685692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.686563] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.686930] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.688309] RSP: 0018:ffff888016157bd0 EFLAGS: 00010246 [ 86.688698] RAX: 0000000000000000 RBX: ffff88801015e0a8 RCX: 0000000000000000 [ 86.689224] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 86.689750] RBP: ffff888016157be8 R08: ffffed100202bc33 R09: ffffed100202bc33 [ 86.690277] R10: ffff88801015e193 R11: ffffed100202bc32 R12: ffff888021bc9c00 [ 86.690832] R13: ffff88801015e1e8 R14: ffff88800fd08d00 R15: 0000000000000000 [ 86.691377] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.691972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.692402] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 86.692922] PKRU: 55555554 [ 86.693133] Call Trace: [ 86.693328] [ 86.693495] iommufd_access_destroy_object+0x65/0x170 [ 86.693888] iommufd_object_destroy_user+0x18e/0x220 [ 86.694265] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.694723] iommufd_access_destroy+0x43/0x70 [ 86.695075] iommufd_test_staccess_release+0x8d/0xd0 [ 86.695465] __fput+0x26d/0xa40 [ 86.695729] ____fput+0x1e/0x30 [ 86.695981] task_work_run+0x1a4/0x2d0 [ 86.696278] ? __pfx_task_work_run+0x10/0x10 [ 86.696622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.696987] ? switch_task_namespaces+0xa9/0xe0 [ 86.697340] do_exit+0xb17/0x2ef0 [ 86.697598] ? lock_acquire+0x427/0x4c0 [ 86.697909] ? __pfx_lock_release+0x10/0x10 [ 86.698237] ? __kasan_check_write+0x18/0x20 [ 86.698610] ? do_raw_spin_lock+0x132/0x2a0 [ 86.698932] ? __pfx_do_exit+0x10/0x10 [ 86.699236] ? debug_smp_processor_id+0x20/0x30 [ 86.699591] ? rcu_is_watching+0x19/0xb0 [ 86.699902] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.700244] ? trace_hardirqs_on+0x26/0x120 [ 86.700577] do_group_exit+0xe0/0x2b0 [ 86.700858] __x64_sys_exit_group+0x47/0x50 [ 86.701181] do_syscall_64+0x3b/0x90 [ 86.701466] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.701860] RIP: 0033:0x7f4b87518a4d [ 86.702142] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.702623] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.703195] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.703724] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.704246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.704774] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.705295] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.705828] [ 86.706001] irq event stamp: 0 [ 86.706235] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.706711] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.707338] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.707959] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.708432] ---[ end trace 0000000000000000 ]--- [ 86.709097] ------------[ cut here ]------------ [ 86.709443] WARNING: CPU: 1 PID: 743 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.710187] Modules linked in: [ 86.710431] CPU: 1 PID: 743 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.711098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.711937] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.712317] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.713653] RSP: 0018:ffff888016157b78 EFLAGS: 00010246 [ 86.714052] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.714593] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 86.715122] RBP: ffff888016157b98 R08: ffffed100202bc3e R09: ffffed100202bc3e [ 86.715652] R10: ffff88801015e1ef R11: ffffed100202bc3d R12: ffff88801015e290 [ 86.716179] R13: ffff88801015e0a8 R14: ffffffffffffffff R15: ffff888016157c60 [ 86.716706] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.717296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.717727] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 86.718258] PKRU: 55555554 [ 86.718469] Call Trace: [ 86.718675] [ 86.718847] iommufd_ioas_destroy+0x53/0x70 [ 86.719180] iommufd_fops_release+0x1f7/0x370 [ 86.719519] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.719893] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.720258] ? write_comp_data+0x2f/0x90 [ 86.720568] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.720941] __fput+0x26d/0xa40 [ 86.721199] ____fput+0x1e/0x30 [ 86.721452] task_work_run+0x1a4/0x2d0 [ 86.721748] ? __pfx_task_work_run+0x10/0x10 [ 86.722081] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.722461] ? switch_task_namespaces+0xa9/0xe0 [ 86.722858] do_exit+0xb17/0x2ef0 [ 86.723127] ? lock_acquire+0x427/0x4c0 [ 86.723435] ? __pfx_lock_release+0x10/0x10 [ 86.723761] ? __kasan_check_write+0x18/0x20 [ 86.724094] ? do_raw_spin_lock+0x132/0x2a0 [ 86.724419] ? __pfx_do_exit+0x10/0x10 [ 86.724716] ? debug_smp_processor_id+0x20/0x30 [ 86.725072] ? rcu_is_watching+0x19/0xb0 [ 86.725377] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.725720] ? trace_hardirqs_on+0x26/0x120 [ 86.726047] do_group_exit+0xe0/0x2b0 [ 86.726330] __x64_sys_exit_group+0x47/0x50 [ 86.726671] do_syscall_64+0x3b/0x90 [ 86.726957] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.727368] RIP: 0033:0x7f4b87518a4d [ 86.727643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.728107] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.728676] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.729204] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.729728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.730262] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.730802] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.731355] [ 86.731528] irq event stamp: 0 [ 86.731762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.732229] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.732865] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.733488] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.733960] ---[ end trace 0000000000000000 ]--- [ 86.738034] ------------[ cut here ]------------ [ 86.738410] WARNING: CPU: 1 PID: 744 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.739254] Modules linked in: [ 86.739499] CPU: 1 PID: 744 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.740141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.740966] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.741338] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.742714] RSP: 0018:ffff88801225fbb8 EFLAGS: 00010246 [ 86.743126] RAX: 0000000000000000 RBX: ffff888021b600a8 RCX: 0000000000000000 [ 86.743661] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 86.744197] RBP: ffff88801225fbd0 R08: ffffed100436c033 R09: ffffed100436c033 [ 86.744730] R10: ffff888021b60193 R11: ffffed100436c032 R12: ffff888013c8c800 [ 86.745265] R13: ffff888021b601e8 R14: ffffffff8352e670 R15: ffff88801225fe68 [ 86.745794] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.746390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.746849] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 86.747400] PKRU: 55555554 [ 86.747620] Call Trace: [ 86.747815] [ 86.747990] __iommufd_access_detach+0x1c2/0x2b0 [ 86.748364] iommufd_access_change_pt+0x149/0x270 [ 86.748749] iommufd_access_replace+0xb4/0x120 [ 86.749110] iommufd_test+0x3e5/0x37e0 [ 86.749407] ? lock_release+0x532/0x770 [ 86.749723] ? __might_fault+0x102/0x1b0 [ 86.750047] ? lock_acquire+0x427/0x4c0 [ 86.750367] ? __pfx_iommufd_test+0x10/0x10 [ 86.750727] ? __pfx_lock_release+0x10/0x10 [ 86.751068] ? __pfx_lock_acquire+0x10/0x10 [ 86.751425] ? write_comp_data+0x2f/0x90 [ 86.751754] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.752141] ? write_comp_data+0x2f/0x90 [ 86.752470] iommufd_fops_ioctl+0x37d/0x510 [ 86.752816] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.753207] ? write_comp_data+0x2f/0x90 [ 86.753536] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.753925] __x64_sys_ioctl+0x1a3/0x230 [ 86.754258] do_syscall_64+0x3b/0x90 [ 86.754594] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.755013] RIP: 0033:0x7f4b8743ee5d [ 86.755320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.756726] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.757323] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.757882] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.758432] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.759007] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.759569] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.760141] [ 86.760325] irq event stamp: 0 [ 86.760572] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.761061] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.761704] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.762352] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.762871] ---[ end trace 0000000000000000 ]--- [ 86.765824] ------------[ cut here ]------------ [ 86.766240] WARNING: CPU: 1 PID: 744 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.767132] Modules linked in: [ 86.767404] CPU: 1 PID: 744 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.768108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.769014] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.769440] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.770968] RSP: 0018:ffff88801225fbd0 EFLAGS: 00010246 [ 86.771426] RAX: 0000000000000000 RBX: ffff888021b600a8 RCX: 0000000000000000 [ 86.772006] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 86.772587] RBP: ffff88801225fbe8 R08: ffffed100436c033 R09: ffffed100436c033 [ 86.773177] R10: ffff888021b60193 R11: ffffed100436c032 R12: ffff88800f170000 [ 86.773757] R13: ffff888021b601e8 R14: ffff888013c59300 R15: 0000000000000000 [ 86.774337] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.775029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.775518] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 86.776104] PKRU: 55555554 [ 86.776334] Call Trace: [ 86.776540] [ 86.776727] iommufd_access_destroy_object+0x65/0x170 [ 86.777153] iommufd_object_destroy_user+0x18e/0x220 [ 86.777577] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.778059] iommufd_access_destroy+0x43/0x70 [ 86.778433] iommufd_test_staccess_release+0x8d/0xd0 [ 86.778893] __fput+0x26d/0xa40 [ 86.779203] ____fput+0x1e/0x30 [ 86.779498] task_work_run+0x1a4/0x2d0 [ 86.779843] ? __pfx_task_work_run+0x10/0x10 [ 86.780227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.780659] ? switch_task_namespaces+0xa9/0xe0 [ 86.781082] do_exit+0xb17/0x2ef0 [ 86.781379] ? lock_acquire+0x427/0x4c0 [ 86.781729] ? __pfx_lock_release+0x10/0x10 [ 86.782106] ? __kasan_check_write+0x18/0x20 [ 86.782496] ? do_raw_spin_lock+0x132/0x2a0 [ 86.782920] ? __pfx_do_exit+0x10/0x10 [ 86.783292] ? debug_smp_processor_id+0x20/0x30 [ 86.783706] ? rcu_is_watching+0x19/0xb0 [ 86.784068] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.784481] ? trace_hardirqs_on+0x26/0x120 [ 86.784893] do_group_exit+0xe0/0x2b0 [ 86.785237] __x64_sys_exit_group+0x47/0x50 [ 86.785621] do_syscall_64+0x3b/0x90 [ 86.785971] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.786439] RIP: 0033:0x7f4b87518a4d [ 86.786809] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.787380] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.788047] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.788669] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.789298] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.789912] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.790600] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.791249] [ 86.791462] irq event stamp: 0 [ 86.791742] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.792307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.793035] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.793768] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.794319] ---[ end trace 0000000000000000 ]--- [ 86.795151] ------------[ cut here ]------------ [ 86.795576] WARNING: CPU: 1 PID: 744 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.796469] Modules linked in: [ 86.796763] CPU: 1 PID: 744 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.797511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.798493] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.799010] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.800642] RSP: 0018:ffff88801225fb78 EFLAGS: 00010246 [ 86.801158] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.801830] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 86.802552] RBP: ffff88801225fb98 R08: ffffed100436c03e R09: ffffed100436c03e [ 86.803232] R10: ffff888021b601ef R11: ffffed100436c03d R12: ffff888021b60290 [ 86.803886] R13: ffff888021b600a8 R14: ffffffffffffffff R15: ffff88801225fc60 [ 86.804548] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.805289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.805837] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 86.806498] PKRU: 55555554 [ 86.806800] Call Trace: [ 86.807050] [ 86.807272] iommufd_ioas_destroy+0x53/0x70 [ 86.807681] iommufd_fops_release+0x1f7/0x370 [ 86.808113] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.808583] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.809067] ? write_comp_data+0x2f/0x90 [ 86.809468] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.809952] __fput+0x26d/0xa40 [ 86.810279] ____fput+0x1e/0x30 [ 86.810659] task_work_run+0x1a4/0x2d0 [ 86.811041] ? __pfx_task_work_run+0x10/0x10 [ 86.811482] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.811958] ? switch_task_namespaces+0xa9/0xe0 [ 86.812414] do_exit+0xb17/0x2ef0 [ 86.812742] ? lock_acquire+0x427/0x4c0 [ 86.813124] ? __pfx_lock_release+0x10/0x10 [ 86.813534] ? __kasan_check_write+0x18/0x20 [ 86.813966] ? do_raw_spin_lock+0x132/0x2a0 [ 86.814375] ? __pfx_do_exit+0x10/0x10 [ 86.814788] ? debug_smp_processor_id+0x20/0x30 [ 86.815251] ? rcu_is_watching+0x19/0xb0 [ 86.815659] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.816106] ? trace_hardirqs_on+0x26/0x120 [ 86.816521] do_group_exit+0xe0/0x2b0 [ 86.816901] __x64_sys_exit_group+0x47/0x50 [ 86.817317] do_syscall_64+0x3b/0x90 [ 86.817691] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.818196] RIP: 0033:0x7f4b87518a4d [ 86.818594] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.819206] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.819942] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.820614] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.821290] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.821966] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.822675] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.823369] [ 86.823603] irq event stamp: 0 [ 86.823899] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.824499] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.825292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.826100] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.826742] ---[ end trace 0000000000000000 ]--- [ 86.832499] ------------[ cut here ]------------ [ 86.832998] WARNING: CPU: 1 PID: 745 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.833943] Modules linked in: [ 86.834240] CPU: 1 PID: 745 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.835145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.836243] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.836720] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.838425] RSP: 0018:ffff8880183d7bb8 EFLAGS: 00010246 [ 86.838962] RAX: 0000000000000000 RBX: ffff8880187a20a8 RCX: 0000000000000000 [ 86.839713] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 86.840437] RBP: ffff8880183d7bd0 R08: ffffed10030f4433 R09: ffffed10030f4433 [ 86.841162] R10: ffff8880187a2193 R11: ffffed10030f4432 R12: ffff888012f1e000 [ 86.841895] R13: ffff8880187a21e8 R14: ffffffff8352e670 R15: ffff8880183d7e68 [ 86.842682] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.843548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.844141] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ee0 [ 86.844875] PKRU: 55555554 [ 86.845168] Call Trace: [ 86.845447] [ 86.845681] __iommufd_access_detach+0x1c2/0x2b0 [ 86.846194] iommufd_access_change_pt+0x149/0x270 [ 86.846761] iommufd_access_replace+0xb4/0x120 [ 86.847262] iommufd_test+0x3e5/0x37e0 [ 86.847678] ? lock_release+0x532/0x770 [ 86.848119] ? __might_fault+0x102/0x1b0 [ 86.848546] ? lock_acquire+0x427/0x4c0 [ 86.848992] ? __pfx_iommufd_test+0x10/0x10 [ 86.849440] ? __pfx_lock_release+0x10/0x10 [ 86.849908] ? __pfx_lock_acquire+0x10/0x10 [ 86.850370] ? write_comp_data+0x2f/0x90 [ 86.850871] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.851434] ? write_comp_data+0x2f/0x90 [ 86.851877] iommufd_fops_ioctl+0x37d/0x510 [ 86.852345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.852869] ? write_comp_data+0x2f/0x90 [ 86.853313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.853830] __x64_sys_ioctl+0x1a3/0x230 [ 86.854267] do_syscall_64+0x3b/0x90 [ 86.854712] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.855299] RIP: 0033:0x7f4b8743ee5d [ 86.855691] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.857549] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.858335] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.859106] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.859862] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.860590] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.861317] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.862059] [ 86.862303] irq event stamp: 0 [ 86.862668] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.863348] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.864219] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.865145] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.865980] ---[ end trace 0000000000000000 ]--- [ 86.869515] ------------[ cut here ]------------ [ 86.870042] WARNING: CPU: 1 PID: 745 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.871151] Modules linked in: [ 86.871528] CPU: 1 PID: 745 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.872734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.873880] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.874397] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.876796] RSP: 0018:ffff8880183d7bd0 EFLAGS: 00010246 [ 86.877611] RAX: 0000000000000000 RBX: ffff8880187a20a8 RCX: 0000000000000000 [ 86.878337] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 86.879120] RBP: ffff8880183d7be8 R08: ffffed10030f4433 R09: ffffed10030f4433 [ 86.879856] R10: ffff8880187a2193 R11: ffffed10030f4432 R12: ffff888013c8ec00 [ 86.880658] R13: ffff8880187a21e8 R14: ffff88800f7e4100 R15: 0000000000000000 [ 86.881700] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.882558] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.883172] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 86.883935] PKRU: 55555554 [ 86.884324] Call Trace: [ 86.884671] [ 86.885013] iommufd_access_destroy_object+0x65/0x170 [ 86.885752] iommufd_object_destroy_user+0x18e/0x220 [ 86.886290] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 86.886932] iommufd_access_destroy+0x43/0x70 [ 86.887431] iommufd_test_staccess_release+0x8d/0xd0 [ 86.887971] __fput+0x26d/0xa40 [ 86.888329] ____fput+0x1e/0x30 [ 86.888744] task_work_run+0x1a4/0x2d0 [ 86.889299] ? __pfx_task_work_run+0x10/0x10 [ 86.889948] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.890477] ? switch_task_namespaces+0xa9/0xe0 [ 86.891018] do_exit+0xb17/0x2ef0 [ 86.891414] ? lock_acquire+0x427/0x4c0 [ 86.891847] ? __pfx_lock_release+0x10/0x10 [ 86.892381] ? __kasan_check_write+0x18/0x20 [ 86.893001] ? do_raw_spin_lock+0x132/0x2a0 [ 86.893615] ? __pfx_do_exit+0x10/0x10 [ 86.894044] ? debug_smp_processor_id+0x20/0x30 [ 86.894583] ? rcu_is_watching+0x19/0xb0 [ 86.895017] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.895516] ? trace_hardirqs_on+0x26/0x120 [ 86.895985] do_group_exit+0xe0/0x2b0 [ 86.896495] __x64_sys_exit_group+0x47/0x50 [ 86.897090] do_syscall_64+0x3b/0x90 [ 86.897641] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.898196] RIP: 0033:0x7f4b87518a4d [ 86.898631] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.899310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.900102] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.901049] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.902095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.902888] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.903647] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.904404] [ 86.904716] irq event stamp: 0 [ 86.905148] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.906078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.906997] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.907878] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.908530] ---[ end trace 0000000000000000 ]--- [ 86.909577] ------------[ cut here ]------------ [ 86.910069] WARNING: CPU: 1 PID: 745 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 86.911182] Modules linked in: [ 86.911528] CPU: 1 PID: 745 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.912562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.914125] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 86.914712] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 86.916841] RSP: 0018:ffff8880183d7b78 EFLAGS: 00010246 [ 86.917638] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 86.918395] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 86.919196] RBP: ffff8880183d7b98 R08: ffffed10030f443e R09: ffffed10030f443e [ 86.919976] R10: ffff8880187a21ef R11: ffffed10030f443d R12: ffff8880187a2290 [ 86.920954] R13: ffff8880187a20a8 R14: ffffffffffffffff R15: ffff8880183d7c60 [ 86.921991] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.922863] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.923488] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 86.924240] PKRU: 55555554 [ 86.924625] Call Trace: [ 86.924969] [ 86.925289] iommufd_ioas_destroy+0x53/0x70 [ 86.925924] iommufd_fops_release+0x1f7/0x370 [ 86.926405] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.926983] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.927533] ? write_comp_data+0x2f/0x90 [ 86.927973] ? __pfx_iommufd_fops_release+0x10/0x10 [ 86.928504] __fput+0x26d/0xa40 [ 86.928982] ____fput+0x1e/0x30 [ 86.929475] task_work_run+0x1a4/0x2d0 [ 86.930041] ? __pfx_task_work_run+0x10/0x10 [ 86.930552] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.931075] ? switch_task_namespaces+0xa9/0xe0 [ 86.931591] do_exit+0xb17/0x2ef0 [ 86.931959] ? lock_acquire+0x427/0x4c0 [ 86.932389] ? __pfx_lock_release+0x10/0x10 [ 86.932962] ? __kasan_check_write+0x18/0x20 [ 86.933601] ? do_raw_spin_lock+0x132/0x2a0 [ 86.934230] ? __pfx_do_exit+0x10/0x10 [ 86.934705] ? debug_smp_processor_id+0x20/0x30 [ 86.935212] ? rcu_is_watching+0x19/0xb0 [ 86.935646] ? _raw_spin_unlock_irq+0x2b/0x60 [ 86.936128] ? trace_hardirqs_on+0x26/0x120 [ 86.936590] do_group_exit+0xe0/0x2b0 [ 86.936998] __x64_sys_exit_group+0x47/0x50 [ 86.937586] do_syscall_64+0x3b/0x90 [ 86.938149] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.938932] RIP: 0033:0x7f4b87518a4d [ 86.939353] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 86.940007] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 86.940797] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 86.941637] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 86.942711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 86.943475] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 86.944221] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 86.944976] [ 86.945306] irq event stamp: 0 [ 86.945740] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.946637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.947512] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.948368] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.949041] ---[ end trace 0000000000000000 ]--- [ 86.954633] ------------[ cut here ]------------ [ 86.955378] WARNING: CPU: 1 PID: 746 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.956410] Modules linked in: [ 86.956740] CPU: 1 PID: 746 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.957620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.959365] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.959930] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 86.961860] RSP: 0018:ffff88801225fbb8 EFLAGS: 00010246 [ 86.962678] RAX: 0000000000000000 RBX: ffff888010b788a8 RCX: 0000000000000000 [ 86.963603] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 86.964339] RBP: ffff88801225fbd0 R08: ffffed100216f133 R09: ffffed100216f133 [ 86.965080] R10: ffff888010b78993 R11: ffffed100216f132 R12: ffff888017ba1c00 [ 86.965948] R13: ffff888010b789e8 R14: ffffffff8352e670 R15: ffff88801225fe68 [ 86.967052] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 86.967898] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.968492] CR2: 00007f4b877410e8 CR3: 0000000010b2e000 CR4: 0000000000750ee0 [ 86.969221] PKRU: 55555554 [ 86.969588] Call Trace: [ 86.969931] [ 86.970462] __iommufd_access_detach+0x1c2/0x2b0 [ 86.971046] iommufd_access_change_pt+0x149/0x270 [ 86.971588] iommufd_access_replace+0xb4/0x120 [ 86.972071] iommufd_test+0x3e5/0x37e0 [ 86.972488] ? lock_release+0x532/0x770 [ 86.973152] ? __might_fault+0x102/0x1b0 [ 86.973977] ? lock_acquire+0x427/0x4c0 [ 86.974414] ? __pfx_iommufd_test+0x10/0x10 [ 86.974934] ? __pfx_lock_release+0x10/0x10 [ 86.975407] ? __pfx_lock_acquire+0x10/0x10 [ 86.975855] ? write_comp_data+0x2f/0x90 [ 86.976352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 86.977001] ? write_comp_data+0x2f/0x90 [ 86.977647] iommufd_fops_ioctl+0x37d/0x510 [ 86.978104] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.978650] ? write_comp_data+0x2f/0x90 [ 86.979074] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 86.979593] __x64_sys_ioctl+0x1a3/0x230 [ 86.980020] do_syscall_64+0x3b/0x90 [ 86.980408] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 86.981249] RIP: 0033:0x7f4b8743ee5d [ 86.981627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 86.983757] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 86.984463] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 86.985259] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 86.985976] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 86.986654] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 86.987350] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 86.988174] [ 86.988397] irq event stamp: 0 [ 86.988689] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 86.989332] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 86.990210] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 86.991028] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 86.991826] ---[ end trace 0000000000000000 ]--- [ 86.995002] ------------[ cut here ]------------ [ 86.995650] WARNING: CPU: 1 PID: 746 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 86.996566] Modules linked in: [ 86.996868] CPU: 1 PID: 746 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 86.997839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 86.999292] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 86.999748] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.001566] RSP: 0018:ffff88801225fbd0 EFLAGS: 00010246 [ 87.002021] RAX: 0000000000000000 RBX: ffff888010b788a8 RCX: 0000000000000000 [ 87.002640] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 87.003430] RBP: ffff88801225fbe8 R08: ffffed100216f133 R09: ffffed100216f133 [ 87.004126] R10: ffff888010b78993 R11: ffffed100216f132 R12: ffff888012f1f800 [ 87.004737] R13: ffff888010b789e8 R14: ffff888020a7d500 R15: 0000000000000000 [ 87.005393] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.006233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.006741] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 87.007358] PKRU: 55555554 [ 87.007668] Call Trace: [ 87.007974] [ 87.008213] iommufd_access_destroy_object+0x65/0x170 [ 87.008658] iommufd_object_destroy_user+0x18e/0x220 [ 87.009097] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.009633] iommufd_access_destroy+0x43/0x70 [ 87.010177] iommufd_test_staccess_release+0x8d/0xd0 [ 87.010632] __fput+0x26d/0xa40 [ 87.010928] ____fput+0x1e/0x30 [ 87.011227] task_work_run+0x1a4/0x2d0 [ 87.011567] ? __pfx_task_work_run+0x10/0x10 [ 87.012058] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.012585] ? switch_task_namespaces+0xa9/0xe0 [ 87.012989] do_exit+0xb17/0x2ef0 [ 87.013273] ? lock_acquire+0x427/0x4c0 [ 87.013609] ? __pfx_lock_release+0x10/0x10 [ 87.014011] ? __kasan_check_write+0x18/0x20 [ 87.014488] ? do_raw_spin_lock+0x132/0x2a0 [ 87.014861] ? __pfx_do_exit+0x10/0x10 [ 87.015195] ? debug_smp_processor_id+0x20/0x30 [ 87.015575] ? rcu_is_watching+0x19/0xb0 [ 87.015940] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.016430] ? trace_hardirqs_on+0x26/0x120 [ 87.016783] do_group_exit+0xe0/0x2b0 [ 87.017092] __x64_sys_exit_group+0x47/0x50 [ 87.017441] do_syscall_64+0x3b/0x90 [ 87.017746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.018293] RIP: 0033:0x7f4b87518a4d [ 87.018610] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.019098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.019727] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.020455] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.021023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.021591] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.022324] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.022930] [ 87.023129] irq event stamp: 0 [ 87.023390] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.023903] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.024729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.025394] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.025907] ---[ end trace 0000000000000000 ]--- [ 87.028605] ------------[ cut here ]------------ [ 87.029004] WARNING: CPU: 1 PID: 746 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.029950] Modules linked in: [ 87.030210] CPU: 1 PID: 746 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.031083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.032126] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.032543] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.034174] RSP: 0018:ffff88801225fb78 EFLAGS: 00010246 [ 87.034667] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.035249] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 87.035939] RBP: ffff88801225fb98 R08: ffffed100216f13e R09: ffffed100216f13e [ 87.036523] R10: ffff888010b789ef R11: ffffed100216f13d R12: ffff888010b78a90 [ 87.037170] R13: ffff888010b788a8 R14: ffffffffffffffff R15: ffff88801225fc60 [ 87.037773] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.038455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.038956] CR2: 00007f82e2fc2000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 87.039634] PKRU: 55555554 [ 87.039870] Call Trace: [ 87.040099] [ 87.040319] iommufd_ioas_destroy+0x53/0x70 [ 87.040704] iommufd_fops_release+0x1f7/0x370 [ 87.041080] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.041606] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.042016] ? write_comp_data+0x2f/0x90 [ 87.042359] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.042888] __fput+0x26d/0xa40 [ 87.043183] ____fput+0x1e/0x30 [ 87.043463] task_work_run+0x1a4/0x2d0 [ 87.043780] ? __pfx_task_work_run+0x10/0x10 [ 87.044136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.044554] ? switch_task_namespaces+0xa9/0xe0 [ 87.045018] do_exit+0xb17/0x2ef0 [ 87.045300] ? lock_acquire+0x427/0x4c0 [ 87.045648] ? __pfx_lock_release+0x10/0x10 [ 87.046095] ? __kasan_check_write+0x18/0x20 [ 87.046458] ? do_raw_spin_lock+0x132/0x2a0 [ 87.046831] ? __pfx_do_exit+0x10/0x10 [ 87.047170] ? debug_smp_processor_id+0x20/0x30 [ 87.047666] ? rcu_is_watching+0x19/0xb0 [ 87.047989] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.048352] ? trace_hardirqs_on+0x26/0x120 [ 87.048802] do_group_exit+0xe0/0x2b0 [ 87.049111] __x64_sys_exit_group+0x47/0x50 [ 87.049448] do_syscall_64+0x3b/0x90 [ 87.049849] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.050263] RIP: 0033:0x7f4b87518a4d [ 87.050579] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.051073] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.051765] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.052383] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.052987] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.053609] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.054198] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.054839] [ 87.055067] irq event stamp: 0 [ 87.055318] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.055809] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.056575] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.057251] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.057816] ---[ end trace 0000000000000000 ]--- [ 87.062372] ------------[ cut here ]------------ [ 87.062830] WARNING: CPU: 1 PID: 747 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.063633] Modules linked in: [ 87.063883] CPU: 1 PID: 747 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.064547] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.065406] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.065786] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.067200] RSP: 0018:ffff888020ac7bb8 EFLAGS: 00010246 [ 87.067613] RAX: 0000000000000000 RBX: ffff888023e058a8 RCX: 0000000000000000 [ 87.068160] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 87.068703] RBP: ffff888020ac7bd0 R08: ffffed10047c0b33 R09: ffffed10047c0b33 [ 87.069245] R10: ffff888023e05993 R11: ffffed10047c0b32 R12: ffff88801341e400 [ 87.069793] R13: ffff888023e059e8 R14: ffffffff8352e670 R15: ffff888020ac7e68 [ 87.070333] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.070959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.071410] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ee0 [ 87.071956] PKRU: 55555554 [ 87.072173] Call Trace: [ 87.072370] [ 87.072544] __iommufd_access_detach+0x1c2/0x2b0 [ 87.072922] iommufd_access_change_pt+0x149/0x270 [ 87.073302] iommufd_access_replace+0xb4/0x120 [ 87.073663] iommufd_test+0x3e5/0x37e0 [ 87.073967] ? lock_release+0x532/0x770 [ 87.074284] ? __might_fault+0x102/0x1b0 [ 87.074616] ? lock_acquire+0x427/0x4c0 [ 87.074934] ? __pfx_iommufd_test+0x10/0x10 [ 87.075272] ? __pfx_lock_release+0x10/0x10 [ 87.075611] ? __pfx_lock_acquire+0x10/0x10 [ 87.075953] ? write_comp_data+0x2f/0x90 [ 87.076278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.076659] ? write_comp_data+0x2f/0x90 [ 87.076982] iommufd_fops_ioctl+0x37d/0x510 [ 87.077318] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.077699] ? write_comp_data+0x2f/0x90 [ 87.078021] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.078393] __x64_sys_ioctl+0x1a3/0x230 [ 87.078728] do_syscall_64+0x3b/0x90 [ 87.079026] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.079448] RIP: 0033:0x7f4b8743ee5d [ 87.079733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.081114] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.081689] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.082228] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.082768] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.083316] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.083845] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.084379] [ 87.084552] irq event stamp: 0 [ 87.084788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.085261] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.085891] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.086520] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.086989] ---[ end trace 0000000000000000 ]--- [ 87.089883] ------------[ cut here ]------------ [ 87.090301] WARNING: CPU: 0 PID: 747 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.091096] Modules linked in: [ 87.091347] CPU: 0 PID: 747 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.091985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.092810] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.093177] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.094534] RSP: 0018:ffff888020ac7bd0 EFLAGS: 00010246 [ 87.094927] RAX: 0000000000000000 RBX: ffff888023e058a8 RCX: 0000000000000000 [ 87.095460] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 87.095982] RBP: ffff888020ac7be8 R08: ffffed10047c0b33 R09: ffffed10047c0b33 [ 87.096504] R10: ffff888023e05993 R11: ffffed10047c0b32 R12: ffff888017ba0c00 [ 87.097024] R13: ffff888023e059e8 R14: ffff88800fd1b100 R15: 0000000000000000 [ 87.097548] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.098138] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.098576] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 87.099117] PKRU: 55555554 [ 87.099326] Call Trace: [ 87.099512] [ 87.099677] iommufd_access_destroy_object+0x65/0x170 [ 87.100058] iommufd_object_destroy_user+0x18e/0x220 [ 87.100435] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.100861] iommufd_access_destroy+0x43/0x70 [ 87.101196] iommufd_test_staccess_release+0x8d/0xd0 [ 87.101573] __fput+0x26d/0xa40 [ 87.101834] ____fput+0x1e/0x30 [ 87.102083] task_work_run+0x1a4/0x2d0 [ 87.102377] ? __pfx_task_work_run+0x10/0x10 [ 87.102745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.103113] ? switch_task_namespaces+0xa9/0xe0 [ 87.103466] do_exit+0xb17/0x2ef0 [ 87.103723] ? lock_acquire+0x427/0x4c0 [ 87.104022] ? __pfx_lock_release+0x10/0x10 [ 87.104345] ? __kasan_check_write+0x18/0x20 [ 87.104672] ? do_raw_spin_lock+0x132/0x2a0 [ 87.104994] ? __pfx_do_exit+0x10/0x10 [ 87.105288] ? debug_smp_processor_id+0x20/0x30 [ 87.105631] ? rcu_is_watching+0x19/0xb0 [ 87.105931] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.106267] ? trace_hardirqs_on+0x26/0x120 [ 87.106607] do_group_exit+0xe0/0x2b0 [ 87.106890] __x64_sys_exit_group+0x47/0x50 [ 87.107212] do_syscall_64+0x3b/0x90 [ 87.107494] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.107879] RIP: 0033:0x7f4b87518a4d [ 87.108151] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.108596] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.109149] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.109662] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.110175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.110702] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.111224] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.111749] [ 87.111921] irq event stamp: 0 [ 87.112151] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.112609] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.113219] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.113829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.114283] ---[ end trace 0000000000000000 ]--- [ 87.115044] ------------[ cut here ]------------ [ 87.115399] WARNING: CPU: 0 PID: 747 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.116135] Modules linked in: [ 87.116370] CPU: 0 PID: 747 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.116994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.117801] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.118171] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.119673] RSP: 0018:ffff888020ac7b78 EFLAGS: 00010246 [ 87.120060] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.120564] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 87.121070] RBP: ffff888020ac7b98 R08: ffffed10047c0b3e R09: ffffed10047c0b3e [ 87.121578] R10: ffff888023e059ef R11: ffffed10047c0b3d R12: ffff888023e05a90 [ 87.122087] R13: ffff888023e058a8 R14: ffffffffffffffff R15: ffff888020ac7c60 [ 87.122611] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.123190] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.123607] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 87.124107] PKRU: 55555554 [ 87.124315] Call Trace: [ 87.124495] [ 87.124655] iommufd_ioas_destroy+0x53/0x70 [ 87.124963] iommufd_fops_release+0x1f7/0x370 [ 87.125285] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.125639] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.125988] ? write_comp_data+0x2f/0x90 [ 87.126285] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.126656] __fput+0x26d/0xa40 [ 87.126907] ____fput+0x1e/0x30 [ 87.127159] task_work_run+0x1a4/0x2d0 [ 87.127448] ? __pfx_task_work_run+0x10/0x10 [ 87.127768] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.128121] ? switch_task_namespaces+0xa9/0xe0 [ 87.128463] do_exit+0xb17/0x2ef0 [ 87.128711] ? lock_acquire+0x427/0x4c0 [ 87.129005] ? __pfx_lock_release+0x10/0x10 [ 87.129318] ? __kasan_check_write+0x18/0x20 [ 87.129637] ? do_raw_spin_lock+0x132/0x2a0 [ 87.129945] ? __pfx_do_exit+0x10/0x10 [ 87.130229] ? debug_smp_processor_id+0x20/0x30 [ 87.130578] ? rcu_is_watching+0x19/0xb0 [ 87.130878] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.131213] ? trace_hardirqs_on+0x26/0x120 [ 87.131525] do_group_exit+0xe0/0x2b0 [ 87.131797] __x64_sys_exit_group+0x47/0x50 [ 87.132104] do_syscall_64+0x3b/0x90 [ 87.132375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.132750] RIP: 0033:0x7f4b87518a4d [ 87.133018] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.133454] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.133992] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.134499] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.135036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.135546] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.136048] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.136555] [ 87.136724] irq event stamp: 0 [ 87.136948] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.137391] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.137983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.138584] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.139027] ---[ end trace 0000000000000000 ]--- [ 87.146780] ------------[ cut here ]------------ [ 87.147308] WARNING: CPU: 1 PID: 748 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.148107] Modules linked in: [ 87.148337] CPU: 1 PID: 748 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.149000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.149842] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.150247] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.151657] RSP: 0018:ffff888013abfbb8 EFLAGS: 00010246 [ 87.152039] RAX: 0000000000000000 RBX: ffff888023c438a8 RCX: 0000000000000000 [ 87.152632] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 87.153149] RBP: ffff888013abfbd0 R08: ffffed1004788733 R09: ffffed1004788733 [ 87.153782] R10: ffff888023c43993 R11: ffffed1004788732 R12: ffff888014594000 [ 87.154327] R13: ffff888023c439e8 R14: ffffffff8352e670 R15: ffff888013abfe68 [ 87.154947] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.155593] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.156064] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ee0 [ 87.156624] PKRU: 55555554 [ 87.156833] Call Trace: [ 87.157060] [ 87.157226] __iommufd_access_detach+0x1c2/0x2b0 [ 87.157611] iommufd_access_change_pt+0x149/0x270 [ 87.158017] iommufd_access_replace+0xb4/0x120 [ 87.158365] iommufd_test+0x3e5/0x37e0 [ 87.158716] ? lock_release+0x532/0x770 [ 87.159063] ? __might_fault+0x102/0x1b0 [ 87.159388] ? lock_acquire+0x427/0x4c0 [ 87.159687] ? __pfx_iommufd_test+0x10/0x10 [ 87.159998] ? __pfx_lock_release+0x10/0x10 [ 87.160315] ? __pfx_lock_acquire+0x10/0x10 [ 87.160638] ? write_comp_data+0x2f/0x90 [ 87.160939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.161296] ? write_comp_data+0x2f/0x90 [ 87.161605] iommufd_fops_ioctl+0x37d/0x510 [ 87.161925] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.162282] ? write_comp_data+0x2f/0x90 [ 87.162607] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.162964] __x64_sys_ioctl+0x1a3/0x230 [ 87.163279] do_syscall_64+0x3b/0x90 [ 87.163558] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.163940] RIP: 0033:0x7f4b8743ee5d [ 87.164207] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.165542] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.166107] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.166673] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.167242] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.167804] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.168371] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.168960] [ 87.169153] irq event stamp: 0 [ 87.169412] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.169933] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.170646] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.171335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.171849] ---[ end trace 0000000000000000 ]--- [ 87.174653] ------------[ cut here ]------------ [ 87.175075] WARNING: CPU: 1 PID: 748 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.175931] Modules linked in: [ 87.176192] CPU: 1 PID: 748 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.176893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.177801] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.178207] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.179719] RSP: 0018:ffff888013abfbd0 EFLAGS: 00010246 [ 87.180152] RAX: 0000000000000000 RBX: ffff888023c438a8 RCX: 0000000000000000 [ 87.180731] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 87.181306] RBP: ffff888013abfbe8 R08: ffffed1004788733 R09: ffffed1004788733 [ 87.181880] R10: ffff888023c43993 R11: ffffed1004788732 R12: ffff88801341cc00 [ 87.182467] R13: ffff888023c439e8 R14: ffff88800fa20f00 R15: 0000000000000000 [ 87.183056] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.183659] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.184079] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 87.184591] PKRU: 55555554 [ 87.184798] Call Trace: [ 87.184981] [ 87.185146] iommufd_access_destroy_object+0x65/0x170 [ 87.185527] iommufd_object_destroy_user+0x18e/0x220 [ 87.185900] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.186326] iommufd_access_destroy+0x43/0x70 [ 87.186677] iommufd_test_staccess_release+0x8d/0xd0 [ 87.187054] __fput+0x26d/0xa40 [ 87.187317] ____fput+0x1e/0x30 [ 87.187563] task_work_run+0x1a4/0x2d0 [ 87.187854] ? __pfx_task_work_run+0x10/0x10 [ 87.188179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.188537] ? switch_task_namespaces+0xa9/0xe0 [ 87.188887] do_exit+0xb17/0x2ef0 [ 87.189139] ? lock_acquire+0x427/0x4c0 [ 87.189435] ? __pfx_lock_release+0x10/0x10 [ 87.189751] ? __kasan_check_write+0x18/0x20 [ 87.190074] ? do_raw_spin_lock+0x132/0x2a0 [ 87.190390] ? __pfx_do_exit+0x10/0x10 [ 87.190703] ? debug_smp_processor_id+0x20/0x30 [ 87.191050] ? rcu_is_watching+0x19/0xb0 [ 87.191364] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.191701] ? trace_hardirqs_on+0x26/0x120 [ 87.192019] do_group_exit+0xe0/0x2b0 [ 87.192297] __x64_sys_exit_group+0x47/0x50 [ 87.192614] do_syscall_64+0x3b/0x90 [ 87.192897] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.193279] RIP: 0033:0x7f4b87518a4d [ 87.193550] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.193991] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.194549] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.195062] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.195578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.196090] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.196598] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.197116] [ 87.197287] irq event stamp: 0 [ 87.197514] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.197965] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.198579] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.199187] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.199651] ---[ end trace 0000000000000000 ]--- [ 87.200307] ------------[ cut here ]------------ [ 87.200651] WARNING: CPU: 1 PID: 748 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.201378] Modules linked in: [ 87.201613] CPU: 1 PID: 748 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.202251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.203088] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.203515] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.204917] RSP: 0018:ffff888013abfb78 EFLAGS: 00010246 [ 87.205325] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.205864] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 87.206408] RBP: ffff888013abfb98 R08: ffffed100478873e R09: ffffed100478873e [ 87.206967] R10: ffff888023c439ef R11: ffffed100478873d R12: ffff888023c43a90 [ 87.207528] R13: ffff888023c438a8 R14: ffffffffffffffff R15: ffff888013abfc60 [ 87.208081] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.208696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.209138] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 87.209680] PKRU: 55555554 [ 87.209900] Call Trace: [ 87.210097] [ 87.210271] iommufd_ioas_destroy+0x53/0x70 [ 87.210629] iommufd_fops_release+0x1f7/0x370 [ 87.210982] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.211394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.211780] ? write_comp_data+0x2f/0x90 [ 87.212100] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.212504] __fput+0x26d/0xa40 [ 87.212776] ____fput+0x1e/0x30 [ 87.213038] task_work_run+0x1a4/0x2d0 [ 87.213343] ? __pfx_task_work_run+0x10/0x10 [ 87.213687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.214066] ? switch_task_namespaces+0xa9/0xe0 [ 87.214434] do_exit+0xb17/0x2ef0 [ 87.214723] ? lock_acquire+0x427/0x4c0 [ 87.215044] ? __pfx_lock_release+0x10/0x10 [ 87.215402] ? __kasan_check_write+0x18/0x20 [ 87.215754] ? do_raw_spin_lock+0x132/0x2a0 [ 87.216092] ? __pfx_do_exit+0x10/0x10 [ 87.216400] ? debug_smp_processor_id+0x20/0x30 [ 87.216762] ? rcu_is_watching+0x19/0xb0 [ 87.217075] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.217435] ? trace_hardirqs_on+0x26/0x120 [ 87.217776] do_group_exit+0xe0/0x2b0 [ 87.218080] __x64_sys_exit_group+0x47/0x50 [ 87.218414] do_syscall_64+0x3b/0x90 [ 87.218731] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.219153] RIP: 0033:0x7f4b87518a4d [ 87.219440] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.219928] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.220509] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.221054] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.221595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.222137] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.222700] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.223269] [ 87.223452] irq event stamp: 0 [ 87.223697] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.224185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.224830] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.225469] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.225958] ---[ end trace 0000000000000000 ]--- [ 87.229911] ------------[ cut here ]------------ [ 87.230307] WARNING: CPU: 1 PID: 749 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.231171] Modules linked in: [ 87.231423] CPU: 1 PID: 749 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.232086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.232962] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.233351] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.234766] RSP: 0018:ffff888018aafbb8 EFLAGS: 00010246 [ 87.235191] RAX: 0000000000000000 RBX: ffff8880171c20a8 RCX: 0000000000000000 [ 87.235737] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 87.236287] RBP: ffff888018aafbd0 R08: ffffed1002e38433 R09: ffffed1002e38433 [ 87.236831] R10: ffff8880171c2193 R11: ffffed1002e38432 R12: ffff888013e7a400 [ 87.237377] R13: ffff8880171c21e8 R14: ffffffff8352e670 R15: ffff888018aafe68 [ 87.237920] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.238561] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.239008] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 87.239584] PKRU: 55555554 [ 87.239806] Call Trace: [ 87.240004] [ 87.240180] __iommufd_access_detach+0x1c2/0x2b0 [ 87.240559] iommufd_access_change_pt+0x149/0x270 [ 87.240939] iommufd_access_replace+0xb4/0x120 [ 87.241305] iommufd_test+0x3e5/0x37e0 [ 87.241609] ? lock_release+0x532/0x770 [ 87.241927] ? __might_fault+0x102/0x1b0 [ 87.242248] ? lock_acquire+0x427/0x4c0 [ 87.242581] ? __pfx_iommufd_test+0x10/0x10 [ 87.242925] ? __pfx_lock_release+0x10/0x10 [ 87.243282] ? __pfx_lock_acquire+0x10/0x10 [ 87.243627] ? write_comp_data+0x2f/0x90 [ 87.243950] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.244334] ? write_comp_data+0x2f/0x90 [ 87.244658] iommufd_fops_ioctl+0x37d/0x510 [ 87.245015] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.245399] ? write_comp_data+0x2f/0x90 [ 87.245726] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.246109] __x64_sys_ioctl+0x1a3/0x230 [ 87.246438] do_syscall_64+0x3b/0x90 [ 87.246764] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.247198] RIP: 0033:0x7f4b8743ee5d [ 87.247489] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.248892] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.249489] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.250040] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.250608] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.251171] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.251716] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.252277] [ 87.252459] irq event stamp: 0 [ 87.252701] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.253186] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.253835] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.254483] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.254989] ---[ end trace 0000000000000000 ]--- [ 87.257831] ------------[ cut here ]------------ [ 87.258225] WARNING: CPU: 1 PID: 749 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.259024] Modules linked in: [ 87.259290] CPU: 1 PID: 749 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.259952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.260816] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.261205] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.262626] RSP: 0018:ffff888018aafbd0 EFLAGS: 00010246 [ 87.263041] RAX: 0000000000000000 RBX: ffff8880171c20a8 RCX: 0000000000000000 [ 87.263603] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 87.264153] RBP: ffff888018aafbe8 R08: ffffed1002e38433 R09: ffffed1002e38433 [ 87.264706] R10: ffff8880171c2193 R11: ffffed1002e38432 R12: ffff888014597000 [ 87.265255] R13: ffff8880171c21e8 R14: ffff888020c33300 R15: 0000000000000000 [ 87.265803] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.266419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.266892] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 87.267456] PKRU: 55555554 [ 87.267677] Call Trace: [ 87.267879] [ 87.268056] iommufd_access_destroy_object+0x65/0x170 [ 87.268463] iommufd_object_destroy_user+0x18e/0x220 [ 87.268876] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.269328] iommufd_access_destroy+0x43/0x70 [ 87.269682] iommufd_test_staccess_release+0x8d/0xd0 [ 87.270084] __fput+0x26d/0xa40 [ 87.270353] ____fput+0x1e/0x30 [ 87.270647] task_work_run+0x1a4/0x2d0 [ 87.270959] ? __pfx_task_work_run+0x10/0x10 [ 87.271321] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.271711] ? switch_task_namespaces+0xa9/0xe0 [ 87.272087] do_exit+0xb17/0x2ef0 [ 87.272356] ? lock_acquire+0x427/0x4c0 [ 87.272674] ? __pfx_lock_release+0x10/0x10 [ 87.273023] ? __kasan_check_write+0x18/0x20 [ 87.273369] ? do_raw_spin_lock+0x132/0x2a0 [ 87.273705] ? __pfx_do_exit+0x10/0x10 [ 87.274040] ? debug_smp_processor_id+0x20/0x30 [ 87.274405] ? rcu_is_watching+0x19/0xb0 [ 87.274746] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.275105] ? trace_hardirqs_on+0x26/0x120 [ 87.275459] do_group_exit+0xe0/0x2b0 [ 87.275758] __x64_sys_exit_group+0x47/0x50 [ 87.276091] do_syscall_64+0x3b/0x90 [ 87.276393] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.276802] RIP: 0033:0x7f4b87518a4d [ 87.277092] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.277567] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.278154] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.278725] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.279285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.279836] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.280384] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.280945] [ 87.281129] irq event stamp: 0 [ 87.281374] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.281864] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.282538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.282828] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 87.283201] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.283213] ---[ end trace 0000000000000000 ]--- [ 87.283543] ------------[ cut here ]------------ [ 87.285467] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 87.285914] WARNING: CPU: 1 PID: 749 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.288647] Modules linked in: [ 87.288895] CPU: 1 PID: 749 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.289558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.290423] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.290838] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.292322] RSP: 0018:ffff888018aafb78 EFLAGS: 00010246 [ 87.292760] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.293344] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 87.293925] RBP: ffff888018aafb98 R08: ffffed1002e3843e R09: ffffed1002e3843e [ 87.294527] R10: ffff8880171c21ef R11: ffffed1002e3843d R12: ffff8880171c2290 [ 87.295129] R13: ffff8880171c20a8 R14: ffffffffffffffff R15: ffff888018aafc60 [ 87.295715] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.296375] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.296848] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 87.297434] PKRU: 55555554 [ 87.297667] Call Trace: [ 87.297876] [ 87.298064] iommufd_ioas_destroy+0x53/0x70 [ 87.298430] iommufd_fops_release+0x1f7/0x370 [ 87.298838] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.299268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.299691] ? write_comp_data+0x2f/0x90 [ 87.300035] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.300449] __fput+0x26d/0xa40 [ 87.300735] ____fput+0x1e/0x30 [ 87.301019] task_work_run+0x1a4/0x2d0 [ 87.301353] ? __pfx_task_work_run+0x10/0x10 [ 87.301726] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.302139] ? switch_task_namespaces+0xa9/0xe0 [ 87.302554] do_exit+0xb17/0x2ef0 [ 87.302847] ? lock_acquire+0x427/0x4c0 [ 87.303195] ? __pfx_lock_release+0x10/0x10 [ 87.303561] ? __kasan_check_write+0x18/0x20 [ 87.303929] ? do_raw_spin_lock+0x132/0x2a0 [ 87.304292] ? __pfx_do_exit+0x10/0x10 [ 87.304627] ? debug_smp_processor_id+0x20/0x30 [ 87.305017] ? rcu_is_watching+0x19/0xb0 [ 87.305353] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.305731] ? trace_hardirqs_on+0x26/0x120 [ 87.306091] do_group_exit+0xe0/0x2b0 [ 87.306408] __x64_sys_exit_group+0x47/0x50 [ 87.306784] do_syscall_64+0x3b/0x90 [ 87.307098] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.307537] RIP: 0033:0x7f4b87518a4d [ 87.307847] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.308358] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.308986] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.309569] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.310153] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.310761] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.311362] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.311966] [ 87.312162] irq event stamp: 0 [ 87.312423] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.312942] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.313632] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.314319] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.314859] ---[ end trace 0000000000000000 ]--- [ 87.319446] ------------[ cut here ]------------ [ 87.319883] WARNING: CPU: 1 PID: 751 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.320721] Modules linked in: [ 87.320984] CPU: 1 PID: 751 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.321690] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.322652] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.323063] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.324857] RSP: 0018:ffff888013abfbb8 EFLAGS: 00010246 [ 87.325302] RAX: 0000000000000000 RBX: ffff8880171bc0a8 RCX: 0000000000000000 [ 87.325885] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 87.326471] RBP: ffff888013abfbd0 R08: ffffed1002e37833 R09: ffffed1002e37833 [ 87.327300] R10: ffff8880171bc193 R11: ffffed1002e37832 R12: ffff88801422d400 [ 87.327806] R13: ffff8880171bc1e8 R14: ffffffff8352e670 R15: ffff888013abfe68 [ 87.328336] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.328937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.329364] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 87.329888] PKRU: 55555554 [ 87.330096] Call Trace: [ 87.330284] [ 87.330452] __iommufd_access_detach+0x1c2/0x2b0 [ 87.330832] iommufd_access_change_pt+0x149/0x270 [ 87.331212] iommufd_access_replace+0xb4/0x120 [ 87.331564] iommufd_test+0x3e5/0x37e0 [ 87.331873] ? lock_release+0x532/0x770 [ 87.332273] ? __might_fault+0x102/0x1b0 [ 87.332583] ? lock_acquire+0x427/0x4c0 [ 87.332886] ? __pfx_iommufd_test+0x10/0x10 [ 87.333206] ? __pfx_lock_release+0x10/0x10 [ 87.333533] ? __pfx_lock_acquire+0x10/0x10 [ 87.333865] ? write_comp_data+0x2f/0x90 [ 87.334175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.334562] ? write_comp_data+0x2f/0x90 [ 87.334874] iommufd_fops_ioctl+0x37d/0x510 [ 87.335217] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.335588] ? write_comp_data+0x2f/0x90 [ 87.335971] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.336394] __x64_sys_ioctl+0x1a3/0x230 [ 87.336715] do_syscall_64+0x3b/0x90 [ 87.337028] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.337503] RIP: 0033:0x7f4b8743ee5d [ 87.337778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.339153] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.339722] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.340310] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.340912] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.341499] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.342078] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.342640] [ 87.342821] irq event stamp: 0 [ 87.343060] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.343563] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.344331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.344975] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.345478] ---[ end trace 0000000000000000 ]--- [ 87.348571] ------------[ cut here ]------------ [ 87.349006] WARNING: CPU: 1 PID: 751 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.349871] Modules linked in: [ 87.350140] CPU: 1 PID: 751 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.350883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.351897] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.352402] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.354060] RSP: 0018:ffff888013abfbd0 EFLAGS: 00010246 [ 87.354537] RAX: 0000000000000000 RBX: ffff8880171bc0a8 RCX: 0000000000000000 [ 87.355160] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 87.355834] RBP: ffff888013abfbe8 R08: ffffed1002e37833 R09: ffffed1002e37833 [ 87.356505] R10: ffff8880171bc193 R11: ffffed1002e37832 R12: ffff888013e78800 [ 87.357122] R13: ffff8880171bc1e8 R14: ffff88800ca5ad00 R15: 0000000000000000 [ 87.357755] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.358544] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.359037] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 87.359787] PKRU: 55555554 [ 87.360023] Call Trace: [ 87.360241] [ 87.360432] iommufd_access_destroy_object+0x65/0x170 [ 87.361012] iommufd_object_destroy_user+0x18e/0x220 [ 87.361445] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.361985] iommufd_access_destroy+0x43/0x70 [ 87.362429] iommufd_test_staccess_release+0x8d/0xd0 [ 87.362955] __fput+0x26d/0xa40 [ 87.363401] ____fput+0x1e/0x30 [ 87.363694] task_work_run+0x1a4/0x2d0 [ 87.364036] ? __pfx_task_work_run+0x10/0x10 [ 87.364490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.364942] ? switch_task_namespaces+0xa9/0xe0 [ 87.365351] do_exit+0xb17/0x2ef0 [ 87.365697] ? lock_acquire+0x427/0x4c0 [ 87.366117] ? __pfx_lock_release+0x10/0x10 [ 87.366497] ? __kasan_check_write+0x18/0x20 [ 87.366917] ? do_raw_spin_lock+0x132/0x2a0 [ 87.367389] ? __pfx_do_exit+0x10/0x10 [ 87.367791] ? debug_smp_processor_id+0x20/0x30 [ 87.368201] ? rcu_is_watching+0x19/0xb0 [ 87.368600] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.369047] ? trace_hardirqs_on+0x26/0x120 [ 87.369422] do_group_exit+0xe0/0x2b0 [ 87.369752] __x64_sys_exit_group+0x47/0x50 [ 87.370235] do_syscall_64+0x3b/0x90 [ 87.370584] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.371026] RIP: 0033:0x7f4b87518a4d [ 87.371347] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.371998] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.372628] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.373348] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.373943] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.374697] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.375309] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.376076] [ 87.376278] irq event stamp: 0 [ 87.376549] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.377091] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.377925] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.378795] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.379476] ---[ end trace 0000000000000000 ]--- [ 87.380293] ------------[ cut here ]------------ [ 87.380700] WARNING: CPU: 1 PID: 751 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.381579] Modules linked in: [ 87.381838] CPU: 1 PID: 751 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.382605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.383525] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.383960] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.385800] RSP: 0018:ffff888013abfb78 EFLAGS: 00010246 [ 87.386369] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.386988] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 87.387617] RBP: ffff888013abfb98 R08: ffffed1002e3783e R09: ffffed1002e3783e [ 87.388357] R10: ffff8880171bc1ef R11: ffffed1002e3783d R12: ffff8880171bc290 [ 87.388953] R13: ffff8880171bc0a8 R14: ffffffffffffffff R15: ffff888013abfc60 [ 87.389701] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.390374] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.390999] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 87.391623] PKRU: 55555554 [ 87.391865] Call Trace: [ 87.392085] [ 87.392319] iommufd_ioas_destroy+0x53/0x70 [ 87.392769] iommufd_fops_release+0x1f7/0x370 [ 87.393155] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.393639] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.394124] ? write_comp_data+0x2f/0x90 [ 87.394495] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.394973] __fput+0x26d/0xa40 [ 87.395288] ____fput+0x1e/0x30 [ 87.395653] task_work_run+0x1a4/0x2d0 [ 87.396043] ? __pfx_task_work_run+0x10/0x10 [ 87.396432] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.396971] ? switch_task_namespaces+0xa9/0xe0 [ 87.397376] do_exit+0xb17/0x2ef0 [ 87.397673] ? lock_acquire+0x427/0x4c0 [ 87.398048] ? __pfx_lock_release+0x10/0x10 [ 87.398501] ? __kasan_check_write+0x18/0x20 [ 87.398898] ? do_raw_spin_lock+0x132/0x2a0 [ 87.399277] ? __pfx_do_exit+0x10/0x10 [ 87.399620] ? debug_smp_processor_id+0x20/0x30 [ 87.400160] ? rcu_is_watching+0x19/0xb0 [ 87.400514] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.400902] ? trace_hardirqs_on+0x26/0x120 [ 87.401415] do_group_exit+0xe0/0x2b0 [ 87.401746] __x64_sys_exit_group+0x47/0x50 [ 87.402111] do_syscall_64+0x3b/0x90 [ 87.402487] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.403050] RIP: 0033:0x7f4b87518a4d [ 87.403379] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.404020] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.404672] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.405413] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.406023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.406794] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.407416] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.408166] [ 87.408371] irq event stamp: 0 [ 87.408642] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.409303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.410034] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.410912] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.411463] ---[ end trace 0000000000000000 ]--- [ 87.416339] ------------[ cut here ]------------ [ 87.416804] WARNING: CPU: 1 PID: 752 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.417808] Modules linked in: [ 87.418088] CPU: 1 PID: 752 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.418903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.419878] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.420304] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.421873] RSP: 0018:ffff888018aafbb8 EFLAGS: 00010246 [ 87.422336] RAX: 0000000000000000 RBX: ffff888021b848a8 RCX: 0000000000000000 [ 87.422975] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 87.423599] RBP: ffff888018aafbd0 R08: ffffed1004370933 R09: ffffed1004370933 [ 87.424208] R10: ffff888021b84993 R11: ffffed1004370932 R12: ffff88801226dc00 [ 87.424825] R13: ffff888021b849e8 R14: ffffffff8352e670 R15: ffff888018aafe68 [ 87.425429] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 87.426104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.426622] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 87.427245] PKRU: 55555554 [ 87.427492] Call Trace: [ 87.427714] [ 87.427907] __iommufd_access_detach+0x1c2/0x2b0 [ 87.428328] iommufd_access_change_pt+0x149/0x270 [ 87.428752] iommufd_access_replace+0xb4/0x120 [ 87.429157] iommufd_test+0x3e5/0x37e0 [ 87.429493] ? lock_release+0x532/0x770 [ 87.429850] ? __might_fault+0x102/0x1b0 [ 87.430214] ? lock_acquire+0x427/0x4c0 [ 87.430595] ? __pfx_iommufd_test+0x10/0x10 [ 87.430968] ? __pfx_lock_release+0x10/0x10 [ 87.431363] ? __pfx_lock_acquire+0x10/0x10 [ 87.431744] ? write_comp_data+0x2f/0x90 [ 87.432105] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.432533] ? write_comp_data+0x2f/0x90 [ 87.432896] iommufd_fops_ioctl+0x37d/0x510 [ 87.433277] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.433705] ? write_comp_data+0x2f/0x90 [ 87.434068] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.434531] __x64_sys_ioctl+0x1a3/0x230 [ 87.434895] do_syscall_64+0x3b/0x90 [ 87.435253] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.435708] RIP: 0033:0x7f4b8743ee5d [ 87.436035] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.437581] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.438240] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.438875] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.439499] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.440114] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.440725] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.441348] [ 87.441550] irq event stamp: 0 [ 87.441821] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.442372] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.443122] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.443846] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.444392] ---[ end trace 0000000000000000 ]--- [ 87.447792] ------------[ cut here ]------------ [ 87.448248] WARNING: CPU: 0 PID: 752 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.449096] Modules linked in: [ 87.449372] CPU: 0 PID: 752 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.450105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.451070] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.451503] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.453087] RSP: 0018:ffff888018aafbd0 EFLAGS: 00010246 [ 87.453536] RAX: 0000000000000000 RBX: ffff888021b848a8 RCX: 0000000000000000 [ 87.454133] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 87.454750] RBP: ffff888018aafbe8 R08: ffffed1004370933 R09: ffffed1004370933 [ 87.455358] R10: ffff888021b84993 R11: ffffed1004370932 R12: ffff88801422d800 [ 87.455966] R13: ffff888021b849e8 R14: ffff888020a70800 R15: 0000000000000000 [ 87.456565] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.457251] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.457733] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 87.458304] PKRU: 55555554 [ 87.458553] Call Trace: [ 87.458759] [ 87.458942] iommufd_access_destroy_object+0x65/0x170 [ 87.459367] iommufd_object_destroy_user+0x18e/0x220 [ 87.459782] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.460255] iommufd_access_destroy+0x43/0x70 [ 87.460625] iommufd_test_staccess_release+0x8d/0xd0 [ 87.461043] __fput+0x26d/0xa40 [ 87.461322] ____fput+0x1e/0x30 [ 87.461594] task_work_run+0x1a4/0x2d0 [ 87.461912] ? __pfx_task_work_run+0x10/0x10 [ 87.462275] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.462697] ? switch_task_namespaces+0xa9/0xe0 [ 87.463088] do_exit+0xb17/0x2ef0 [ 87.463381] ? lock_acquire+0x427/0x4c0 [ 87.463708] ? __pfx_lock_release+0x10/0x10 [ 87.464062] ? __kasan_check_write+0x18/0x20 [ 87.464420] ? do_raw_spin_lock+0x132/0x2a0 [ 87.464767] ? __pfx_do_exit+0x10/0x10 [ 87.465088] ? debug_smp_processor_id+0x20/0x30 [ 87.465463] ? rcu_is_watching+0x19/0xb0 [ 87.465793] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.466160] ? trace_hardirqs_on+0x26/0x120 [ 87.466526] do_group_exit+0xe0/0x2b0 [ 87.466840] __x64_sys_exit_group+0x47/0x50 [ 87.467206] do_syscall_64+0x3b/0x90 [ 87.467515] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.467935] RIP: 0033:0x7f4b87518a4d [ 87.468233] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.468721] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.469326] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.469888] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.470452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.471036] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.471628] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.472211] [ 87.472407] irq event stamp: 0 [ 87.472668] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.473173] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.473839] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.474501] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.475041] ---[ end trace 0000000000000000 ]--- [ 87.475912] ------------[ cut here ]------------ [ 87.476293] WARNING: CPU: 0 PID: 752 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.477098] Modules linked in: [ 87.477355] CPU: 0 PID: 752 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.478045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.479036] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.479470] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.480914] RSP: 0018:ffff888018aafb78 EFLAGS: 00010246 [ 87.481344] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.481916] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 87.482485] RBP: ffff888018aafb98 R08: ffffed100437093e R09: ffffed100437093e [ 87.483080] R10: ffff888021b849ef R11: ffffed100437093d R12: ffff888021b84a90 [ 87.483675] R13: ffff888021b848a8 R14: ffffffffffffffff R15: ffff888018aafc60 [ 87.484241] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.484880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.485390] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 87.485962] PKRU: 55555554 [ 87.486189] Call Trace: [ 87.486394] [ 87.486593] iommufd_ioas_destroy+0x53/0x70 [ 87.486947] iommufd_fops_release+0x1f7/0x370 [ 87.487309] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.487707] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.488107] ? write_comp_data+0x2f/0x90 [ 87.488443] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.488846] __fput+0x26d/0xa40 [ 87.489124] ____fput+0x1e/0x30 [ 87.489401] task_work_run+0x1a4/0x2d0 [ 87.489726] ? __pfx_task_work_run+0x10/0x10 [ 87.490086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.490485] ? switch_task_namespaces+0xa9/0xe0 [ 87.490894] do_exit+0xb17/0x2ef0 [ 87.491185] ? lock_acquire+0x427/0x4c0 [ 87.491517] ? __pfx_lock_release+0x10/0x10 [ 87.491871] ? __kasan_check_write+0x18/0x20 [ 87.492233] ? do_raw_spin_lock+0x132/0x2a0 [ 87.492584] ? __pfx_do_exit+0x10/0x10 [ 87.492911] ? debug_smp_processor_id+0x20/0x30 [ 87.493298] ? rcu_is_watching+0x19/0xb0 [ 87.493631] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.494003] ? trace_hardirqs_on+0x26/0x120 [ 87.494359] do_group_exit+0xe0/0x2b0 [ 87.494693] __x64_sys_exit_group+0x47/0x50 [ 87.495044] do_syscall_64+0x3b/0x90 [ 87.495362] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.495797] RIP: 0033:0x7f4b87518a4d [ 87.496097] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.496587] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.497201] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.497776] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.498353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.498939] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.499524] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.500108] [ 87.500298] irq event stamp: 0 [ 87.500558] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.501044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.501690] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.502333] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.502847] ---[ end trace 0000000000000000 ]--- [ 87.507010] ------------[ cut here ]------------ [ 87.507431] WARNING: CPU: 0 PID: 753 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.508219] Modules linked in: [ 87.508473] CPU: 0 PID: 753 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.509141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.510006] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.510388] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.511912] RSP: 0018:ffff888016e0fbb8 EFLAGS: 00010246 [ 87.512326] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 87.512878] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 87.513425] RBP: ffff888016e0fbd0 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 87.513970] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff888013b14400 [ 87.514537] R13: ffff88800f3709e8 R14: ffffffff8352e670 R15: ffff888016e0fe68 [ 87.515093] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.515723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.516178] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 87.516726] PKRU: 55555554 [ 87.516977] Call Trace: [ 87.517189] [ 87.517362] __iommufd_access_detach+0x1c2/0x2b0 [ 87.517736] iommufd_access_change_pt+0x149/0x270 [ 87.518114] iommufd_access_replace+0xb4/0x120 [ 87.518477] iommufd_test+0x3e5/0x37e0 [ 87.518800] ? lock_release+0x532/0x770 [ 87.519127] ? __might_fault+0x102/0x1b0 [ 87.519448] ? lock_acquire+0x427/0x4c0 [ 87.519764] ? __pfx_iommufd_test+0x10/0x10 [ 87.520093] ? __pfx_lock_release+0x10/0x10 [ 87.520431] ? __pfx_lock_acquire+0x10/0x10 [ 87.520772] ? write_comp_data+0x2f/0x90 [ 87.521094] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.521476] ? write_comp_data+0x2f/0x90 [ 87.521795] iommufd_fops_ioctl+0x37d/0x510 [ 87.522134] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.522535] ? write_comp_data+0x2f/0x90 [ 87.522860] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.523239] __x64_sys_ioctl+0x1a3/0x230 [ 87.523563] do_syscall_64+0x3b/0x90 [ 87.523861] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.524268] RIP: 0033:0x7f4b8743ee5d [ 87.524556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.525941] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.526543] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.527094] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.527642] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.528183] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.528723] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.529276] [ 87.529457] irq event stamp: 0 [ 87.529703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.530188] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.530847] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.531491] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.531976] ---[ end trace 0000000000000000 ]--- [ 87.534684] ------------[ cut here ]------------ [ 87.535079] WARNING: CPU: 0 PID: 753 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.535873] Modules linked in: [ 87.536123] CPU: 0 PID: 753 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.536785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.537642] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.538023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.539452] RSP: 0018:ffff888016e0fbd0 EFLAGS: 00010246 [ 87.540296] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 87.540853] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 87.541530] RBP: ffff888016e0fbe8 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 87.542077] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff88800fcb3400 [ 87.542655] R13: ffff88800f3709e8 R14: ffff888013705c00 R15: 0000000000000000 [ 87.543222] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.543915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.544458] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.545050] PKRU: 55555554 [ 87.545364] Call Trace: [ 87.545567] [ 87.545742] iommufd_access_destroy_object+0x65/0x170 [ 87.546187] iommufd_object_destroy_user+0x18e/0x220 [ 87.546686] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.547156] iommufd_access_destroy+0x43/0x70 [ 87.547516] iommufd_test_staccess_release+0x8d/0xd0 [ 87.548085] __fput+0x26d/0xa40 [ 87.548362] ____fput+0x1e/0x30 [ 87.548628] task_work_run+0x1a4/0x2d0 [ 87.549027] ? __pfx_task_work_run+0x10/0x10 [ 87.549455] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.549838] ? switch_task_namespaces+0xa9/0xe0 [ 87.550281] do_exit+0xb17/0x2ef0 [ 87.550644] ? lock_acquire+0x427/0x4c0 [ 87.550964] ? __pfx_lock_release+0x10/0x10 [ 87.551315] ? __kasan_check_write+0x18/0x20 [ 87.551664] ? do_raw_spin_lock+0x132/0x2a0 [ 87.551998] ? __pfx_do_exit+0x10/0x10 [ 87.552308] ? debug_smp_processor_id+0x20/0x30 [ 87.552665] ? rcu_is_watching+0x19/0xb0 [ 87.552979] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.553334] ? trace_hardirqs_on+0x26/0x120 [ 87.553674] do_group_exit+0xe0/0x2b0 [ 87.553968] __x64_sys_exit_group+0x47/0x50 [ 87.554299] do_syscall_64+0x3b/0x90 [ 87.554619] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.555023] RIP: 0033:0x7f4b87518a4d [ 87.555319] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.555788] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.556367] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.556919] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.557459] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.558002] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.558567] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.559124] [ 87.559306] irq event stamp: 0 [ 87.559545] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.560026] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.560662] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.561299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.561781] ---[ end trace 0000000000000000 ]--- [ 87.562538] ------------[ cut here ]------------ [ 87.563022] WARNING: CPU: 0 PID: 753 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.563813] Modules linked in: [ 87.564145] CPU: 0 PID: 753 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.564875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.565863] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.566261] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.567867] RSP: 0018:ffff888016e0fb78 EFLAGS: 00010246 [ 87.568341] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.568952] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 87.569556] RBP: ffff888016e0fb98 R08: ffffed1001e6e13e R09: ffffed1001e6e13e [ 87.570181] R10: ffff88800f3709ef R11: ffffed1001e6e13d R12: ffff88800f370a90 [ 87.570808] R13: ffff88800f3708a8 R14: ffffffffffffffff R15: ffff888016e0fc60 [ 87.571440] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.572091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.572627] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.573183] PKRU: 55555554 [ 87.573442] Call Trace: [ 87.573744] [ 87.573918] iommufd_ioas_destroy+0x53/0x70 [ 87.574256] iommufd_fops_release+0x1f7/0x370 [ 87.574779] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.575176] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.575559] ? write_comp_data+0x2f/0x90 [ 87.575923] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.576388] __fput+0x26d/0xa40 [ 87.576664] ____fput+0x1e/0x30 [ 87.576937] task_work_run+0x1a4/0x2d0 [ 87.577386] ? __pfx_task_work_run+0x10/0x10 [ 87.577736] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.578128] ? switch_task_namespaces+0xa9/0xe0 [ 87.578647] do_exit+0xb17/0x2ef0 [ 87.578924] ? lock_acquire+0x427/0x4c0 [ 87.579260] ? __pfx_lock_release+0x10/0x10 [ 87.579619] ? __kasan_check_write+0x18/0x20 [ 87.580061] ? do_raw_spin_lock+0x132/0x2a0 [ 87.580538] ? __pfx_do_exit+0x10/0x10 [ 87.580867] ? debug_smp_processor_id+0x20/0x30 [ 87.581363] ? rcu_is_watching+0x19/0xb0 [ 87.581805] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.582179] ? trace_hardirqs_on+0x26/0x120 [ 87.582626] do_group_exit+0xe0/0x2b0 [ 87.583048] __x64_sys_exit_group+0x47/0x50 [ 87.583409] do_syscall_64+0x3b/0x90 [ 87.583720] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.584214] RIP: 0033:0x7f4b87518a4d [ 87.584627] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.585121] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.585916] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.586564] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.587215] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.587788] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.588435] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.589140] [ 87.589383] irq event stamp: 0 [ 87.589653] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.590250] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.591147] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.591826] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.592409] ---[ end trace 0000000000000000 ]--- [ 87.597428] ------------[ cut here ]------------ [ 87.597827] WARNING: CPU: 0 PID: 754 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.598823] Modules linked in: [ 87.599086] CPU: 0 PID: 754 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.599801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.600700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.601103] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.602593] RSP: 0018:ffff888018aafbb8 EFLAGS: 00010246 [ 87.603036] RAX: 0000000000000000 RBX: ffff888015c620a8 RCX: 0000000000000000 [ 87.603618] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 87.604191] RBP: ffff888018aafbd0 R08: ffffed1002b8c433 R09: ffffed1002b8c433 [ 87.604762] R10: ffff888015c62193 R11: ffffed1002b8c432 R12: ffff88800f172c00 [ 87.605336] R13: ffff888015c621e8 R14: ffffffff8352e670 R15: ffff888018aafe68 [ 87.605912] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.606585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.607065] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 87.607650] PKRU: 55555554 [ 87.607882] Call Trace: [ 87.608091] [ 87.608275] __iommufd_access_detach+0x1c2/0x2b0 [ 87.608674] iommufd_access_change_pt+0x149/0x270 [ 87.609078] iommufd_access_replace+0xb4/0x120 [ 87.609461] iommufd_test+0x3e5/0x37e0 [ 87.609780] ? lock_release+0x532/0x770 [ 87.610113] ? __might_fault+0x102/0x1b0 [ 87.610471] ? lock_acquire+0x427/0x4c0 [ 87.610840] ? __pfx_iommufd_test+0x10/0x10 [ 87.611207] ? __pfx_lock_release+0x10/0x10 [ 87.611566] ? __pfx_lock_acquire+0x10/0x10 [ 87.611931] ? write_comp_data+0x2f/0x90 [ 87.612278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.612692] ? write_comp_data+0x2f/0x90 [ 87.613081] iommufd_fops_ioctl+0x37d/0x510 [ 87.613441] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.613852] ? write_comp_data+0x2f/0x90 [ 87.614206] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.614642] __x64_sys_ioctl+0x1a3/0x230 [ 87.614992] do_syscall_64+0x3b/0x90 [ 87.615322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.615754] RIP: 0033:0x7f4b8743ee5d [ 87.616064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.617528] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.618151] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.618759] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.619350] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.619924] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.620499] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.621085] [ 87.621281] irq event stamp: 0 [ 87.621540] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.622054] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.622760] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.623455] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.623974] ---[ end trace 0000000000000000 ]--- [ 87.626833] ------------[ cut here ]------------ [ 87.627291] WARNING: CPU: 0 PID: 754 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.628144] Modules linked in: [ 87.628418] CPU: 0 PID: 754 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.629165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.630133] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.630668] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.632262] RSP: 0018:ffff888018aafbd0 EFLAGS: 00010246 [ 87.632729] RAX: 0000000000000000 RBX: ffff888015c620a8 RCX: 0000000000000000 [ 87.633341] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 87.633958] RBP: ffff888018aafbe8 R08: ffffed1002b8c433 R09: ffffed1002b8c433 [ 87.634606] R10: ffff888015c62193 R11: ffffed1002b8c432 R12: ffff888013b15800 [ 87.635235] R13: ffff888015c621e8 R14: ffff88800f7e4a00 R15: 0000000000000000 [ 87.635851] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.636541] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.637043] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.637655] PKRU: 55555554 [ 87.637906] Call Trace: [ 87.638131] [ 87.638331] iommufd_access_destroy_object+0x65/0x170 [ 87.638811] iommufd_object_destroy_user+0x18e/0x220 [ 87.639272] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.639791] iommufd_access_destroy+0x43/0x70 [ 87.640192] iommufd_test_staccess_release+0x8d/0xd0 [ 87.640640] __fput+0x26d/0xa40 [ 87.640947] ____fput+0x1e/0x30 [ 87.641241] task_work_run+0x1a4/0x2d0 [ 87.641587] ? __pfx_task_work_run+0x10/0x10 [ 87.641983] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.642414] ? switch_task_namespaces+0xa9/0xe0 [ 87.642858] do_exit+0xb17/0x2ef0 [ 87.643179] ? lock_acquire+0x427/0x4c0 [ 87.643530] ? __pfx_lock_release+0x10/0x10 [ 87.643905] ? __kasan_check_write+0x18/0x20 [ 87.644290] ? do_raw_spin_lock+0x132/0x2a0 [ 87.644665] ? __pfx_do_exit+0x10/0x10 [ 87.645064] ? debug_smp_processor_id+0x20/0x30 [ 87.645480] ? rcu_is_watching+0x19/0xb0 [ 87.645852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.646270] ? trace_hardirqs_on+0x26/0x120 [ 87.646692] do_group_exit+0xe0/0x2b0 [ 87.647049] __x64_sys_exit_group+0x47/0x50 [ 87.647463] do_syscall_64+0x3b/0x90 [ 87.647820] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.648307] RIP: 0033:0x7f4b87518a4d [ 87.648650] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.649210] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.649905] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.650574] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.651238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.651878] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.652531] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.653186] [ 87.653401] irq event stamp: 0 [ 87.653693] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.654275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.655092] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.655879] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.656458] ---[ end trace 0000000000000000 ]--- [ 87.657235] ------------[ cut here ]------------ [ 87.657663] WARNING: CPU: 0 PID: 754 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.658615] Modules linked in: [ 87.658915] CPU: 0 PID: 754 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.659728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.660749] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.661224] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.662902] RSP: 0018:ffff888018aafb78 EFLAGS: 00010246 [ 87.663424] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.664074] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 87.664730] RBP: ffff888018aafb98 R08: ffffed1002b8c43e R09: ffffed1002b8c43e [ 87.665380] R10: ffff888015c621ef R11: ffffed1002b8c43d R12: ffff888015c62290 [ 87.666063] R13: ffff888015c620a8 R14: ffffffffffffffff R15: ffff888018aafc60 [ 87.666761] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.667532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.668082] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.668759] PKRU: 55555554 [ 87.669027] Call Trace: [ 87.669267] [ 87.669485] iommufd_ioas_destroy+0x53/0x70 [ 87.669903] iommufd_fops_release+0x1f7/0x370 [ 87.670330] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.670827] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.671317] ? write_comp_data+0x2f/0x90 [ 87.671719] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.672193] __fput+0x26d/0xa40 [ 87.672521] ____fput+0x1e/0x30 [ 87.672854] task_work_run+0x1a4/0x2d0 [ 87.673229] ? __pfx_task_work_run+0x10/0x10 [ 87.673647] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.674117] ? switch_task_namespaces+0xa9/0xe0 [ 87.674600] do_exit+0xb17/0x2ef0 [ 87.674941] ? lock_acquire+0x427/0x4c0 [ 87.675362] ? __pfx_lock_release+0x10/0x10 [ 87.675783] ? __kasan_check_write+0x18/0x20 [ 87.676199] ? do_raw_spin_lock+0x132/0x2a0 [ 87.676602] ? __pfx_do_exit+0x10/0x10 [ 87.677017] ? debug_smp_processor_id+0x20/0x30 [ 87.677462] ? rcu_is_watching+0x19/0xb0 [ 87.677862] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.678299] ? trace_hardirqs_on+0x26/0x120 [ 87.678748] do_group_exit+0xe0/0x2b0 [ 87.679129] __x64_sys_exit_group+0x47/0x50 [ 87.679548] do_syscall_64+0x3b/0x90 [ 87.679920] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.680420] RIP: 0033:0x7f4b87518a4d [ 87.680778] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.681361] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.682080] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.682778] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.683463] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.684138] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.684814] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.685494] [ 87.685718] irq event stamp: 0 [ 87.686019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.686640] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.687449] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.688231] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.688829] ---[ end trace 0000000000000000 ]--- [ 87.693753] ------------[ cut here ]------------ [ 87.694253] WARNING: CPU: 0 PID: 755 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.695417] Modules linked in: [ 87.695729] CPU: 0 PID: 755 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.696539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.697592] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.698064] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.699892] RSP: 0018:ffff888013977bb8 EFLAGS: 00010246 [ 87.700404] RAX: 0000000000000000 RBX: ffff888015df90a8 RCX: 0000000000000000 [ 87.701084] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 87.701763] RBP: ffff888013977bd0 R08: ffffed1002bbf233 R09: ffffed1002bbf233 [ 87.702439] R10: ffff888015df9193 R11: ffffed1002bbf232 R12: ffff88801849f000 [ 87.703180] R13: ffff888015df91e8 R14: ffffffff8352e670 R15: ffff888013977e68 [ 87.703863] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.704622] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.705173] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ef0 [ 87.705844] PKRU: 55555554 [ 87.706114] Call Trace: [ 87.706355] [ 87.706602] __iommufd_access_detach+0x1c2/0x2b0 [ 87.707082] iommufd_access_change_pt+0x149/0x270 [ 87.707561] iommufd_access_replace+0xb4/0x120 [ 87.708011] iommufd_test+0x3e5/0x37e0 [ 87.708380] ? lock_release+0x532/0x770 [ 87.708767] ? __might_fault+0x102/0x1b0 [ 87.709205] ? lock_acquire+0x427/0x4c0 [ 87.709588] ? __pfx_iommufd_test+0x10/0x10 [ 87.709999] ? __pfx_lock_release+0x10/0x10 [ 87.710421] ? __pfx_lock_acquire+0x10/0x10 [ 87.710884] ? write_comp_data+0x2f/0x90 [ 87.711289] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.711755] ? write_comp_data+0x2f/0x90 [ 87.712156] iommufd_fops_ioctl+0x37d/0x510 [ 87.712575] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.713044] ? write_comp_data+0x2f/0x90 [ 87.713439] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.713902] __x64_sys_ioctl+0x1a3/0x230 [ 87.714305] do_syscall_64+0x3b/0x90 [ 87.714713] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.715230] RIP: 0033:0x7f4b8743ee5d [ 87.715545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.717238] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.717971] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.718687] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.719383] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.720060] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.720740] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.721425] [ 87.721651] irq event stamp: 0 [ 87.721950] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.722600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.723413] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.724204] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.724807] ---[ end trace 0000000000000000 ]--- [ 87.727982] ------------[ cut here ]------------ [ 87.728467] WARNING: CPU: 0 PID: 755 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.729418] Modules linked in: [ 87.729723] CPU: 0 PID: 755 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.730567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.731650] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.732125] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.733846] RSP: 0018:ffff888013977bd0 EFLAGS: 00010246 [ 87.734352] RAX: 0000000000000000 RBX: ffff888015df90a8 RCX: 0000000000000000 [ 87.735052] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 87.735743] RBP: ffff888013977be8 R08: ffffed1002bbf233 R09: ffffed1002bbf233 [ 87.736433] R10: ffff888015df9193 R11: ffffed1002bbf232 R12: ffff88800f172000 [ 87.737102] R13: ffff888015df91e8 R14: ffff8880139be900 R15: 0000000000000000 [ 87.737773] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.738565] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.739137] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.739817] PKRU: 55555554 [ 87.740088] Call Trace: [ 87.740331] [ 87.740553] iommufd_access_destroy_object+0x65/0x170 [ 87.741106] iommufd_object_destroy_user+0x18e/0x220 [ 87.741603] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.742165] iommufd_access_destroy+0x43/0x70 [ 87.742630] iommufd_test_staccess_release+0x8d/0xd0 [ 87.743143] __fput+0x26d/0xa40 [ 87.743480] ____fput+0x1e/0x30 [ 87.743802] task_work_run+0x1a4/0x2d0 [ 87.744187] ? __pfx_task_work_run+0x10/0x10 [ 87.744618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.745097] ? switch_task_namespaces+0xa9/0xe0 [ 87.745554] do_exit+0xb17/0x2ef0 [ 87.745894] ? lock_acquire+0x427/0x4c0 [ 87.746282] ? __pfx_lock_release+0x10/0x10 [ 87.746748] ? __kasan_check_write+0x18/0x20 [ 87.747189] ? do_raw_spin_lock+0x132/0x2a0 [ 87.747610] ? __pfx_do_exit+0x10/0x10 [ 87.748003] ? debug_smp_processor_id+0x20/0x30 [ 87.748451] ? rcu_is_watching+0x19/0xb0 [ 87.748838] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.749285] ? trace_hardirqs_on+0x26/0x120 [ 87.749708] do_group_exit+0xe0/0x2b0 [ 87.750081] __x64_sys_exit_group+0x47/0x50 [ 87.750539] do_syscall_64+0x3b/0x90 [ 87.750914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.751427] RIP: 0033:0x7f4b87518a4d [ 87.751785] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.752376] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.753102] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.753782] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.754453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.755176] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.755870] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.756558] [ 87.756783] irq event stamp: 0 [ 87.757084] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.757686] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.758477] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.759311] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.759911] ---[ end trace 0000000000000000 ]--- [ 87.760721] ------------[ cut here ]------------ [ 87.761172] WARNING: CPU: 0 PID: 755 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.762129] Modules linked in: [ 87.762438] CPU: 0 PID: 755 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.763321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.764390] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.764879] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.766636] RSP: 0018:ffff888013977b78 EFLAGS: 00010246 [ 87.767159] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.767831] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 87.768509] RBP: ffff888013977b98 R08: ffffed1002bbf23e R09: ffffed1002bbf23e [ 87.769190] R10: ffff888015df91ef R11: ffffed1002bbf23d R12: ffff888015df9290 [ 87.769866] R13: ffff888015df90a8 R14: ffffffffffffffff R15: ffff888013977c60 [ 87.770560] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.771337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.771885] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.772558] PKRU: 55555554 [ 87.772829] Call Trace: [ 87.773122] [ 87.773338] iommufd_ioas_destroy+0x53/0x70 [ 87.773765] iommufd_fops_release+0x1f7/0x370 [ 87.774202] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.774724] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.775220] ? write_comp_data+0x2f/0x90 [ 87.775624] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.776112] __fput+0x26d/0xa40 [ 87.776452] ____fput+0x1e/0x30 [ 87.776788] task_work_run+0x1a4/0x2d0 [ 87.777176] ? __pfx_task_work_run+0x10/0x10 [ 87.777608] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.778080] ? switch_task_namespaces+0xa9/0xe0 [ 87.778562] do_exit+0xb17/0x2ef0 [ 87.778898] ? lock_acquire+0x427/0x4c0 [ 87.779300] ? __pfx_lock_release+0x10/0x10 [ 87.779722] ? __kasan_check_write+0x18/0x20 [ 87.780147] ? do_raw_spin_lock+0x132/0x2a0 [ 87.780559] ? __pfx_do_exit+0x10/0x10 [ 87.780942] ? debug_smp_processor_id+0x20/0x30 [ 87.781386] ? rcu_is_watching+0x19/0xb0 [ 87.781774] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.782208] ? trace_hardirqs_on+0x26/0x120 [ 87.782647] do_group_exit+0xe0/0x2b0 [ 87.783017] __x64_sys_exit_group+0x47/0x50 [ 87.783437] do_syscall_64+0x3b/0x90 [ 87.783805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.784307] RIP: 0033:0x7f4b87518a4d [ 87.784664] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.785246] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.786022] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.786721] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.787421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.788102] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.788784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.789474] [ 87.789703] irq event stamp: 0 [ 87.790013] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.790650] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.791483] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.792285] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.793531] ---[ end trace 0000000000000000 ]--- [ 87.798668] ------------[ cut here ]------------ [ 87.799181] WARNING: CPU: 0 PID: 756 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.800699] Modules linked in: [ 87.801018] CPU: 0 PID: 756 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.801841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.803187] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.803661] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.805425] RSP: 0018:ffff88800fb07bb8 EFLAGS: 00010246 [ 87.805930] RAX: 0000000000000000 RBX: ffff888016c718a8 RCX: 0000000000000000 [ 87.806619] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 87.807305] RBP: ffff88800fb07bd0 R08: ffffed1002d8e333 R09: ffffed1002d8e333 [ 87.807976] R10: ffff888016c71993 R11: ffffed1002d8e332 R12: ffff888017ba0400 [ 87.808652] R13: ffff888016c719e8 R14: ffffffff8352e670 R15: ffff88800fb07e68 [ 87.809329] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.810094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.810684] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 87.811383] PKRU: 55555554 [ 87.811656] Call Trace: [ 87.811901] [ 87.812116] __iommufd_access_detach+0x1c2/0x2b0 [ 87.812591] iommufd_access_change_pt+0x149/0x270 [ 87.813070] iommufd_access_replace+0xb4/0x120 [ 87.813526] iommufd_test+0x3e5/0x37e0 [ 87.813905] ? lock_release+0x532/0x770 [ 87.814302] ? __might_fault+0x102/0x1b0 [ 87.814737] ? lock_acquire+0x427/0x4c0 [ 87.815149] ? __pfx_iommufd_test+0x10/0x10 [ 87.815577] ? __pfx_lock_release+0x10/0x10 [ 87.816006] ? __pfx_lock_acquire+0x10/0x10 [ 87.816437] ? write_comp_data+0x2f/0x90 [ 87.816843] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.817361] ? write_comp_data+0x2f/0x90 [ 87.817789] iommufd_fops_ioctl+0x37d/0x510 [ 87.818212] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.818736] ? write_comp_data+0x2f/0x90 [ 87.819171] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.819644] __x64_sys_ioctl+0x1a3/0x230 [ 87.820048] do_syscall_64+0x3b/0x90 [ 87.820411] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.820914] RIP: 0033:0x7f4b8743ee5d [ 87.821271] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.823029] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.823766] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.824436] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.825114] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.825783] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.826452] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.827183] [ 87.827410] irq event stamp: 0 [ 87.827710] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.828309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.829090] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.829874] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.830476] ---[ end trace 0000000000000000 ]--- [ 87.833828] ------------[ cut here ]------------ [ 87.834611] WARNING: CPU: 0 PID: 756 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.835602] Modules linked in: [ 87.835921] CPU: 0 PID: 756 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.837188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.838559] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.839085] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.841017] RSP: 0018:ffff88800fb07bd0 EFLAGS: 00010246 [ 87.841561] RAX: 0000000000000000 RBX: ffff888016c718a8 RCX: 0000000000000000 [ 87.842290] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 87.843066] RBP: ffff88800fb07be8 R08: ffffed1002d8e333 R09: ffffed1002d8e333 [ 87.843814] R10: ffff888016c71993 R11: ffffed1002d8e332 R12: ffff88801849dc00 [ 87.844551] R13: ffff888016c719e8 R14: ffff888020e58e00 R15: 0000000000000000 [ 87.845276] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.846084] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.846716] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.847493] PKRU: 55555554 [ 87.847810] Call Trace: [ 87.848072] [ 87.848312] iommufd_access_destroy_object+0x65/0x170 [ 87.848858] iommufd_object_destroy_user+0x18e/0x220 [ 87.849384] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.849980] iommufd_access_destroy+0x43/0x70 [ 87.850448] iommufd_test_staccess_release+0x8d/0xd0 [ 87.851012] __fput+0x26d/0xa40 [ 87.851392] ____fput+0x1e/0x30 [ 87.851742] task_work_run+0x1a4/0x2d0 [ 87.852157] ? __pfx_task_work_run+0x10/0x10 [ 87.852613] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.853126] ? switch_task_namespaces+0xa9/0xe0 [ 87.853618] do_exit+0xb17/0x2ef0 [ 87.853976] ? lock_acquire+0x427/0x4c0 [ 87.854394] ? __pfx_lock_release+0x10/0x10 [ 87.854870] ? __kasan_check_write+0x18/0x20 [ 87.855340] ? do_raw_spin_lock+0x132/0x2a0 [ 87.855779] ? __pfx_do_exit+0x10/0x10 [ 87.856186] ? debug_smp_processor_id+0x20/0x30 [ 87.856662] ? rcu_is_watching+0x19/0xb0 [ 87.857089] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.857565] ? trace_hardirqs_on+0x26/0x120 [ 87.858011] do_group_exit+0xe0/0x2b0 [ 87.858398] __x64_sys_exit_group+0x47/0x50 [ 87.858879] do_syscall_64+0x3b/0x90 [ 87.859288] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.859826] RIP: 0033:0x7f4b87518a4d [ 87.860213] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.860841] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.861614] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.862330] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.863075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.863824] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.864549] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.865290] [ 87.865536] irq event stamp: 0 [ 87.865860] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.866537] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.867404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.868279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.869000] ---[ end trace 0000000000000000 ]--- [ 87.870028] ------------[ cut here ]------------ [ 87.871085] WARNING: CPU: 0 PID: 756 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.872136] Modules linked in: [ 87.872471] CPU: 0 PID: 756 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.873367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.875098] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.875659] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.877506] RSP: 0018:ffff88800fb07b78 EFLAGS: 00010246 [ 87.878059] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.879031] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 87.880047] RBP: ffff88800fb07b98 R08: ffffed1002d8e33e R09: ffffed1002d8e33e [ 87.880790] R10: ffff888016c719ef R11: ffffed1002d8e33d R12: ffff888016c71a90 [ 87.881520] R13: ffff888016c718a8 R14: ffffffffffffffff R15: ffff88800fb07c60 [ 87.882329] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.883493] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.884207] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.885070] PKRU: 55555554 [ 87.885386] Call Trace: [ 87.885672] [ 87.885981] iommufd_ioas_destroy+0x53/0x70 [ 87.886671] iommufd_fops_release+0x1f7/0x370 [ 87.887345] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.887869] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.888377] ? write_comp_data+0x2f/0x90 [ 87.888808] ? __pfx_iommufd_fops_release+0x10/0x10 [ 87.889336] __fput+0x26d/0xa40 [ 87.889768] ____fput+0x1e/0x30 [ 87.890262] task_work_run+0x1a4/0x2d0 [ 87.890859] ? __pfx_task_work_run+0x10/0x10 [ 87.891347] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.891860] ? switch_task_namespaces+0xa9/0xe0 [ 87.892360] do_exit+0xb17/0x2ef0 [ 87.892720] ? lock_acquire+0x427/0x4c0 [ 87.893143] ? __pfx_lock_release+0x10/0x10 [ 87.893719] ? __kasan_check_write+0x18/0x20 [ 87.894452] ? do_raw_spin_lock+0x132/0x2a0 [ 87.894965] ? __pfx_do_exit+0x10/0x10 [ 87.895416] ? debug_smp_processor_id+0x20/0x30 [ 87.895920] ? rcu_is_watching+0x19/0xb0 [ 87.896347] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.896827] ? trace_hardirqs_on+0x26/0x120 [ 87.897285] do_group_exit+0xe0/0x2b0 [ 87.897792] __x64_sys_exit_group+0x47/0x50 [ 87.898393] do_syscall_64+0x3b/0x90 [ 87.899000] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.899561] RIP: 0033:0x7f4b87518a4d [ 87.899947] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.900579] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.901417] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.902235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.903353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.904089] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.904807] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.905544] [ 87.905863] irq event stamp: 0 [ 87.906284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.907309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.908171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.909030] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.909673] ---[ end trace 0000000000000000 ]--- [ 87.914715] ------------[ cut here ]------------ [ 87.915278] WARNING: CPU: 0 PID: 757 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.916584] Modules linked in: [ 87.917122] CPU: 0 PID: 757 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.918024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.919246] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.919774] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.921664] RSP: 0018:ffff888013977bb8 EFLAGS: 00010246 [ 87.922210] RAX: 0000000000000000 RBX: ffff8880186180a8 RCX: 0000000000000000 [ 87.922974] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 87.923725] RBP: ffff888013977bd0 R08: ffffed10030c3033 R09: ffffed10030c3033 [ 87.924457] R10: ffff888018618193 R11: ffffed10030c3032 R12: ffff888010e00c00 [ 87.925191] R13: ffff8880186181e8 R14: ffffffff8352e670 R15: ffff888013977e68 [ 87.925920] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.926773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.927385] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 87.928123] PKRU: 55555554 [ 87.928420] Call Trace: [ 87.928688] [ 87.928923] __iommufd_access_detach+0x1c2/0x2b0 [ 87.929443] iommufd_access_change_pt+0x149/0x270 [ 87.929960] iommufd_access_replace+0xb4/0x120 [ 87.930447] iommufd_test+0x3e5/0x37e0 [ 87.930891] ? lock_release+0x532/0x770 [ 87.931328] ? __might_fault+0x102/0x1b0 [ 87.931755] ? lock_acquire+0x427/0x4c0 [ 87.932182] ? __pfx_iommufd_test+0x10/0x10 [ 87.932634] ? __pfx_lock_release+0x10/0x10 [ 87.933145] ? __pfx_lock_acquire+0x10/0x10 [ 87.933602] ? write_comp_data+0x2f/0x90 [ 87.934033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.934581] ? write_comp_data+0x2f/0x90 [ 87.935021] iommufd_fops_ioctl+0x37d/0x510 [ 87.935490] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.936006] ? write_comp_data+0x2f/0x90 [ 87.936438] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 87.936942] __x64_sys_ioctl+0x1a3/0x230 [ 87.937370] do_syscall_64+0x3b/0x90 [ 87.937769] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.938302] RIP: 0033:0x7f4b8743ee5d [ 87.938783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 87.940655] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 87.941427] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 87.942142] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 87.942899] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 87.943633] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 87.944352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 87.945089] [ 87.945328] irq event stamp: 0 [ 87.945658] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.946309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.947215] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.948066] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.948802] ---[ end trace 0000000000000000 ]--- [ 87.952527] ------------[ cut here ]------------ [ 87.953184] WARNING: CPU: 0 PID: 757 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 87.954486] Modules linked in: [ 87.954863] CPU: 0 PID: 757 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.955781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.956962] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 87.957669] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 87.959744] RSP: 0018:ffff888013977bd0 EFLAGS: 00010246 [ 87.960306] RAX: 0000000000000000 RBX: ffff8880186180a8 RCX: 0000000000000000 [ 87.961083] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 87.961812] RBP: ffff888013977be8 R08: ffffed10030c3033 R09: ffffed10030c3033 [ 87.962578] R10: ffff888018618193 R11: ffffed10030c3032 R12: ffff888017ba0000 [ 87.963337] R13: ffff8880186181e8 R14: ffff888013a7d800 R15: 0000000000000000 [ 87.964082] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 87.964918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.965692] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 87.966825] PKRU: 55555554 [ 87.967134] Call Trace: [ 87.967399] [ 87.967630] iommufd_access_destroy_object+0x65/0x170 [ 87.968174] iommufd_object_destroy_user+0x18e/0x220 [ 87.968701] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 87.969359] iommufd_access_destroy+0x43/0x70 [ 87.969985] iommufd_test_staccess_release+0x8d/0xd0 [ 87.970709] __fput+0x26d/0xa40 [ 87.971080] ____fput+0x1e/0x30 [ 87.971451] task_work_run+0x1a4/0x2d0 [ 87.971856] ? __pfx_task_work_run+0x10/0x10 [ 87.972306] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 87.972813] ? switch_task_namespaces+0xa9/0xe0 [ 87.973305] do_exit+0xb17/0x2ef0 [ 87.973665] ? lock_acquire+0x427/0x4c0 [ 87.974137] ? __pfx_lock_release+0x10/0x10 [ 87.974666] ? __kasan_check_write+0x18/0x20 [ 87.975152] ? do_raw_spin_lock+0x132/0x2a0 [ 87.975605] ? __pfx_do_exit+0x10/0x10 [ 87.976012] ? debug_smp_processor_id+0x20/0x30 [ 87.976495] ? rcu_is_watching+0x19/0xb0 [ 87.976915] ? _raw_spin_unlock_irq+0x2b/0x60 [ 87.977385] ? trace_hardirqs_on+0x26/0x120 [ 87.977836] do_group_exit+0xe0/0x2b0 [ 87.978225] __x64_sys_exit_group+0x47/0x50 [ 87.978696] do_syscall_64+0x3b/0x90 [ 87.979092] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 87.979664] RIP: 0033:0x7f4b87518a4d [ 87.980054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 87.980694] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 87.981466] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 87.982177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 87.982939] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 87.983684] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 87.984410] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 87.985134] [ 87.985373] irq event stamp: 0 [ 87.985693] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 87.986340] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 87.987257] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 87.988131] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 87.988783] ---[ end trace 0000000000000000 ]--- [ 87.989763] ------------[ cut here ]------------ [ 87.990479] WARNING: CPU: 0 PID: 757 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 87.991588] Modules linked in: [ 87.991924] CPU: 0 PID: 757 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 87.992868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 87.994311] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 87.994890] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 87.997089] RSP: 0018:ffff888013977b78 EFLAGS: 00010246 [ 87.997815] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 87.998588] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 87.999351] RBP: ffff888013977b98 R08: ffffed10030c303e R09: ffffed10030c303e [ 88.000278] R10: ffff8880186181ef R11: ffffed10030c303d R12: ffff888018618290 [ 88.001192] R13: ffff8880186180a8 R14: ffffffffffffffff R15: ffff888013977c60 [ 88.001943] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 88.002989] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.003812] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 88.004548] PKRU: 55555554 [ 88.004841] Call Trace: [ 88.005108] [ 88.005343] iommufd_ioas_destroy+0x53/0x70 [ 88.005844] iommufd_fops_release+0x1f7/0x370 [ 88.006607] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.007327] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.007839] ? write_comp_data+0x2f/0x90 [ 88.008279] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.008944] __fput+0x26d/0xa40 [ 88.009433] ____fput+0x1e/0x30 [ 88.009907] task_work_run+0x1a4/0x2d0 [ 88.010329] ? __pfx_task_work_run+0x10/0x10 [ 88.010837] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.011368] ? switch_task_namespaces+0xa9/0xe0 [ 88.011866] do_exit+0xb17/0x2ef0 [ 88.012228] ? lock_acquire+0x427/0x4c0 [ 88.012691] ? __pfx_lock_release+0x10/0x10 [ 88.013153] ? __kasan_check_write+0x18/0x20 [ 88.013612] ? do_raw_spin_lock+0x132/0x2a0 [ 88.014057] ? __pfx_do_exit+0x10/0x10 [ 88.014465] ? debug_smp_processor_id+0x20/0x30 [ 88.015009] ? rcu_is_watching+0x19/0xb0 [ 88.015459] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.015938] ? trace_hardirqs_on+0x26/0x120 [ 88.016400] do_group_exit+0xe0/0x2b0 [ 88.016801] __x64_sys_exit_group+0x47/0x50 [ 88.017380] do_syscall_64+0x3b/0x90 [ 88.017878] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.018613] RIP: 0033:0x7f4b87518a4d [ 88.019000] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.019642] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.020680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.021538] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.022263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.023011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.023757] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.024498] [ 88.024741] irq event stamp: 0 [ 88.025062] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.025707] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.026590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.027439] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.028090] ---[ end trace 0000000000000000 ]--- [ 88.034499] ------------[ cut here ]------------ [ 88.035054] WARNING: CPU: 0 PID: 758 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.036219] Modules linked in: [ 88.036621] CPU: 0 PID: 758 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.037614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.038949] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.039626] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.041727] RSP: 0018:ffff88800fb07bb8 EFLAGS: 00010246 [ 88.042272] RAX: 0000000000000000 RBX: ffff88801609c0a8 RCX: 0000000000000000 [ 88.043167] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 88.043997] RBP: ffff88800fb07bd0 R08: ffffed1002c13833 R09: ffffed1002c13833 [ 88.044727] R10: ffff88801609c193 R11: ffffed1002c13832 R12: ffff88800fca9800 [ 88.045525] R13: ffff88801609c1e8 R14: ffffffff8352e670 R15: ffff88800fb07e68 [ 88.046193] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 88.047162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.047710] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 88.048580] PKRU: 55555554 [ 88.048854] Call Trace: [ 88.049155] [ 88.049374] __iommufd_access_detach+0x1c2/0x2b0 [ 88.049920] iommufd_access_change_pt+0x149/0x270 [ 88.050541] iommufd_access_replace+0xb4/0x120 [ 88.050991] iommufd_test+0x3e5/0x37e0 [ 88.051379] ? lock_release+0x532/0x770 [ 88.051869] ? __might_fault+0x102/0x1b0 [ 88.052346] ? lock_acquire+0x427/0x4c0 [ 88.052742] ? __pfx_iommufd_test+0x10/0x10 [ 88.053155] ? __pfx_lock_release+0x10/0x10 [ 88.053573] ? __pfx_lock_acquire+0x10/0x10 [ 88.053994] ? write_comp_data+0x2f/0x90 [ 88.054395] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.054890] ? write_comp_data+0x2f/0x90 [ 88.055298] iommufd_fops_ioctl+0x37d/0x510 [ 88.055711] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.056177] ? write_comp_data+0x2f/0x90 [ 88.056573] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.057032] __x64_sys_ioctl+0x1a3/0x230 [ 88.057429] do_syscall_64+0x3b/0x90 [ 88.057790] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.058286] RIP: 0033:0x7f4b8743ee5d [ 88.058663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.060389] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.061154] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.061821] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.062488] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.063211] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.063883] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.064561] [ 88.064774] irq event stamp: 0 [ 88.065064] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.065641] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.066406] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.067198] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.067775] ---[ end trace 0000000000000000 ]--- [ 88.071196] ------------[ cut here ]------------ [ 88.071757] WARNING: CPU: 0 PID: 758 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.072772] Modules linked in: [ 88.073067] CPU: 0 PID: 758 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.074064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.075173] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.075639] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.077289] RSP: 0018:ffff88800fb07bd0 EFLAGS: 00010246 [ 88.077774] RAX: 0000000000000000 RBX: ffff88801609c0a8 RCX: 0000000000000000 [ 88.078419] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 88.079097] RBP: ffff88800fb07be8 R08: ffffed1002c13833 R09: ffffed1002c13833 [ 88.079766] R10: ffff88801609c193 R11: ffffed1002c13832 R12: ffff888010e01800 [ 88.080425] R13: ffff88801609c1e8 R14: ffff888012155b00 R15: 0000000000000000 [ 88.081275] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 88.081967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.082466] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 88.083106] PKRU: 55555554 [ 88.083365] Call Trace: [ 88.083588] [ 88.083783] iommufd_access_destroy_object+0x65/0x170 [ 88.084233] iommufd_object_destroy_user+0x18e/0x220 [ 88.084675] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.085180] iommufd_access_destroy+0x43/0x70 [ 88.085577] iommufd_test_staccess_release+0x8d/0xd0 [ 88.086025] __fput+0x26d/0xa40 [ 88.086331] ____fput+0x1e/0x30 [ 88.086650] task_work_run+0x1a4/0x2d0 [ 88.086998] ? __pfx_task_work_run+0x10/0x10 [ 88.087395] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.087875] ? switch_task_namespaces+0xa9/0xe0 [ 88.088294] do_exit+0xb17/0x2ef0 [ 88.088596] ? lock_acquire+0x427/0x4c0 [ 88.088950] ? __pfx_lock_release+0x10/0x10 [ 88.089331] ? __kasan_check_write+0x18/0x20 [ 88.089714] ? do_raw_spin_lock+0x132/0x2a0 [ 88.090088] ? __pfx_do_exit+0x10/0x10 [ 88.090433] ? debug_smp_processor_id+0x20/0x30 [ 88.090867] ? rcu_is_watching+0x19/0xb0 [ 88.091235] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.091650] ? trace_hardirqs_on+0x26/0x120 [ 88.092034] do_group_exit+0xe0/0x2b0 [ 88.092364] __x64_sys_exit_group+0x47/0x50 [ 88.092734] do_syscall_64+0x3b/0x90 [ 88.093114] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.093571] RIP: 0033:0x7f4b87518a4d [ 88.093897] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.094431] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.095126] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.095753] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.096368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.096982] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.097591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.098213] [ 88.098417] irq event stamp: 0 [ 88.098714] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.099274] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.099994] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.100712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.101256] ---[ end trace 0000000000000000 ]--- [ 88.102098] ------------[ cut here ]------------ [ 88.102902] WARNING: CPU: 0 PID: 758 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 88.103804] Modules linked in: [ 88.104086] CPU: 0 PID: 758 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.105039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.106000] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 88.106675] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 88.108356] RSP: 0018:ffff88800fb07b78 EFLAGS: 00010246 [ 88.108933] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 88.109545] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 88.110360] RBP: ffff88800fb07b98 R08: ffffed1002c1383e R09: ffffed1002c1383e [ 88.110994] R10: ffff88801609c1ef R11: ffffed1002c1383d R12: ffff88801609c290 [ 88.111620] R13: ffff88801609c0a8 R14: ffffffffffffffff R15: ffff88800fb07c60 [ 88.112430] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 88.113117] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.113697] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 88.114464] PKRU: 55555554 [ 88.114734] Call Trace: [ 88.114959] [ 88.115167] iommufd_ioas_destroy+0x53/0x70 [ 88.115586] iommufd_fops_release+0x1f7/0x370 [ 88.116110] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.116543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.116979] ? write_comp_data+0x2f/0x90 [ 88.117512] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.117950] __fput+0x26d/0xa40 [ 88.118252] ____fput+0x1e/0x30 [ 88.118577] task_work_run+0x1a4/0x2d0 [ 88.118926] ? __pfx_task_work_run+0x10/0x10 [ 88.119367] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.119903] ? switch_task_namespaces+0xa9/0xe0 [ 88.120317] do_exit+0xb17/0x2ef0 [ 88.120622] ? lock_acquire+0x427/0x4c0 [ 88.121031] ? __pfx_lock_release+0x10/0x10 [ 88.121525] ? __kasan_check_write+0x18/0x20 [ 88.121911] ? do_raw_spin_lock+0x132/0x2a0 [ 88.122286] ? __pfx_do_exit+0x10/0x10 [ 88.122825] ? debug_smp_processor_id+0x20/0x30 [ 88.123247] ? rcu_is_watching+0x19/0xb0 [ 88.123602] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.124001] ? trace_hardirqs_on+0x26/0x120 [ 88.124390] do_group_exit+0xe0/0x2b0 [ 88.124801] __x64_sys_exit_group+0x47/0x50 [ 88.125354] do_syscall_64+0x3b/0x90 [ 88.125690] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.126144] RIP: 0033:0x7f4b87518a4d [ 88.126651] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.127194] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.127852] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.128558] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.129309] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.129926] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.130754] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.131382] [ 88.131584] irq event stamp: 0 [ 88.131856] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.132398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.133117] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.133831] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.134373] ---[ end trace 0000000000000000 ]--- [ 88.138484] ------------[ cut here ]------------ [ 88.139080] WARNING: CPU: 1 PID: 759 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.140163] Modules linked in: [ 88.140540] CPU: 1 PID: 759 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.141471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.142701] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.143246] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.145225] RSP: 0018:ffff888018477bb8 EFLAGS: 00010246 [ 88.145735] RAX: 0000000000000000 RBX: ffff88801085f0a8 RCX: 0000000000000000 [ 88.146598] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 88.147338] RBP: ffff888018477bd0 R08: ffffed100210be33 R09: ffffed100210be33 [ 88.148125] R10: ffff88801085f193 R11: ffffed100210be32 R12: ffff888012f1f800 [ 88.148884] R13: ffff88801085f1e8 R14: ffffffff8352e670 R15: ffff888018477e68 [ 88.149665] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.150608] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.151171] CR2: 00007f4b877410e8 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 88.151950] PKRU: 55555554 [ 88.152223] Call Trace: [ 88.152473] [ 88.152697] __iommufd_access_detach+0x1c2/0x2b0 [ 88.153300] iommufd_access_change_pt+0x149/0x270 [ 88.153777] iommufd_access_replace+0xb4/0x120 [ 88.154291] iommufd_test+0x3e5/0x37e0 [ 88.154734] ? lock_release+0x532/0x770 [ 88.155141] ? __might_fault+0x102/0x1b0 [ 88.155543] ? lock_acquire+0x427/0x4c0 [ 88.155941] ? __pfx_iommufd_test+0x10/0x10 [ 88.156445] ? __pfx_lock_release+0x10/0x10 [ 88.156916] ? __pfx_lock_acquire+0x10/0x10 [ 88.157344] ? write_comp_data+0x2f/0x90 [ 88.157810] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.158342] ? write_comp_data+0x2f/0x90 [ 88.158788] iommufd_fops_ioctl+0x37d/0x510 [ 88.159385] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.160030] ? write_comp_data+0x2f/0x90 [ 88.160589] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.161298] __x64_sys_ioctl+0x1a3/0x230 [ 88.161854] do_syscall_64+0x3b/0x90 [ 88.162445] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.163197] RIP: 0033:0x7f4b8743ee5d [ 88.163728] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.166101] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.167201] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.168227] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.169095] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.169947] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.170922] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.171746] [ 88.171983] irq event stamp: 0 [ 88.172286] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.172895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.173698] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.174494] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.175141] ---[ end trace 0000000000000000 ]--- [ 88.178208] ------------[ cut here ]------------ [ 88.178725] WARNING: CPU: 0 PID: 759 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.179610] Modules linked in: [ 88.179891] CPU: 0 PID: 759 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.180633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.181596] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.182022] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.183621] RSP: 0018:ffff888018477bd0 EFLAGS: 00010246 [ 88.184082] RAX: 0000000000000000 RBX: ffff88801085f0a8 RCX: 0000000000000000 [ 88.184689] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 88.185301] RBP: ffff888018477be8 R08: ffffed100210be33 R09: ffffed100210be33 [ 88.185910] R10: ffff88801085f193 R11: ffffed100210be32 R12: ffff88801226c400 [ 88.186541] R13: ffff88801085f1e8 R14: ffff88800f211c00 R15: 0000000000000000 [ 88.187169] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 88.187862] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.188361] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 88.189024] PKRU: 55555554 [ 88.189271] Call Trace: [ 88.189493] [ 88.189690] iommufd_access_destroy_object+0x65/0x170 [ 88.190142] iommufd_object_destroy_user+0x18e/0x220 [ 88.190608] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.191124] iommufd_access_destroy+0x43/0x70 [ 88.191522] iommufd_test_staccess_release+0x8d/0xd0 [ 88.191956] __fput+0x26d/0xa40 [ 88.192240] ____fput+0x1e/0x30 [ 88.192516] task_work_run+0x1a4/0x2d0 [ 88.192847] ? __pfx_task_work_run+0x10/0x10 [ 88.193212] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.193613] ? switch_task_namespaces+0xa9/0xe0 [ 88.194006] do_exit+0xb17/0x2ef0 [ 88.194291] ? lock_acquire+0x427/0x4c0 [ 88.194642] ? __pfx_lock_release+0x10/0x10 [ 88.194999] ? __kasan_check_write+0x18/0x20 [ 88.195378] ? do_raw_spin_lock+0x132/0x2a0 [ 88.195736] ? __pfx_do_exit+0x10/0x10 [ 88.196062] ? debug_smp_processor_id+0x20/0x30 [ 88.196442] ? rcu_is_watching+0x19/0xb0 [ 88.196776] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.197152] ? trace_hardirqs_on+0x26/0x120 [ 88.197510] do_group_exit+0xe0/0x2b0 [ 88.197823] __x64_sys_exit_group+0x47/0x50 [ 88.198172] do_syscall_64+0x3b/0x90 [ 88.198485] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.198949] RIP: 0033:0x7f4b87518a4d [ 88.199264] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.199764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.200379] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.200954] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.201529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.202103] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.202698] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.203314] [ 88.203503] irq event stamp: 0 [ 88.203760] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.204271] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.204946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.205621] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.206129] ---[ end trace 0000000000000000 ]--- [ 88.207178] ------------[ cut here ]------------ [ 88.207573] WARNING: CPU: 0 PID: 759 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 88.208391] Modules linked in: [ 88.208653] CPU: 0 PID: 759 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.209351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.210256] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 88.210703] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 88.212187] RSP: 0018:ffff888018477b78 EFLAGS: 00010246 [ 88.212621] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 88.213199] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 88.213775] RBP: ffff888018477b98 R08: ffffed100210be3e R09: ffffed100210be3e [ 88.214349] R10: ffff88801085f1ef R11: ffffed100210be3d R12: ffff88801085f290 [ 88.214948] R13: ffff88801085f0a8 R14: ffffffffffffffff R15: ffff888018477c60 [ 88.215535] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 88.216190] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.216660] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 88.217245] PKRU: 55555554 [ 88.217473] Call Trace: [ 88.217684] [ 88.217871] iommufd_ioas_destroy+0x53/0x70 [ 88.218233] iommufd_fops_release+0x1f7/0x370 [ 88.218633] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.219048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.219467] ? write_comp_data+0x2f/0x90 [ 88.219808] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.220217] __fput+0x26d/0xa40 [ 88.220502] ____fput+0x1e/0x30 [ 88.220778] task_work_run+0x1a4/0x2d0 [ 88.221150] ? __pfx_task_work_run+0x10/0x10 [ 88.221514] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.221925] ? switch_task_namespaces+0xa9/0xe0 [ 88.222317] do_exit+0xb17/0x2ef0 [ 88.222626] ? lock_acquire+0x427/0x4c0 [ 88.222963] ? __pfx_lock_release+0x10/0x10 [ 88.223331] ? __kasan_check_write+0x18/0x20 [ 88.223697] ? do_raw_spin_lock+0x132/0x2a0 [ 88.224052] ? __pfx_do_exit+0x10/0x10 [ 88.224379] ? debug_smp_processor_id+0x20/0x30 [ 88.224762] ? rcu_is_watching+0x19/0xb0 [ 88.225096] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.225467] ? trace_hardirqs_on+0x26/0x120 [ 88.225824] do_group_exit+0xe0/0x2b0 [ 88.226139] __x64_sys_exit_group+0x47/0x50 [ 88.226492] do_syscall_64+0x3b/0x90 [ 88.226832] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.227273] RIP: 0033:0x7f4b87518a4d [ 88.227578] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.228072] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.228692] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.229282] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.229858] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.230429] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.231030] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.231621] [ 88.231813] irq event stamp: 0 [ 88.232069] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.232580] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.233261] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.233938] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.234446] ---[ end trace 0000000000000000 ]--- [ 88.240184] ------------[ cut here ]------------ [ 88.240795] WARNING: CPU: 1 PID: 760 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.241975] Modules linked in: [ 88.242357] CPU: 1 PID: 760 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.243514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.244551] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.245010] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.246690] RSP: 0018:ffff88800fb07bb8 EFLAGS: 00010246 [ 88.247193] RAX: 0000000000000000 RBX: ffff8880244010a8 RCX: 0000000000000000 [ 88.247842] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 88.248492] RBP: ffff88800fb07bd0 R08: ffffed1004880233 R09: ffffed1004880233 [ 88.249139] R10: ffff888024401193 R11: ffffed1004880232 R12: ffff888010c09400 [ 88.249791] R13: ffff8880244011e8 R14: ffffffff8352e670 R15: ffff88800fb07e68 [ 88.250438] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.251200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.251739] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 88.252391] PKRU: 55555554 [ 88.252650] Call Trace: [ 88.252888] [ 88.253102] __iommufd_access_detach+0x1c2/0x2b0 [ 88.253552] iommufd_access_change_pt+0x149/0x270 [ 88.254003] iommufd_access_replace+0xb4/0x120 [ 88.254432] iommufd_test+0x3e5/0x37e0 [ 88.254811] ? lock_release+0x532/0x770 [ 88.255199] ? __might_fault+0x102/0x1b0 [ 88.255582] ? lock_acquire+0x427/0x4c0 [ 88.255959] ? __pfx_iommufd_test+0x10/0x10 [ 88.256359] ? __pfx_lock_release+0x10/0x10 [ 88.256763] ? __pfx_lock_acquire+0x10/0x10 [ 88.257164] ? write_comp_data+0x2f/0x90 [ 88.257540] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.257993] ? write_comp_data+0x2f/0x90 [ 88.258367] iommufd_fops_ioctl+0x37d/0x510 [ 88.258787] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.259240] ? write_comp_data+0x2f/0x90 [ 88.259616] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.260057] __x64_sys_ioctl+0x1a3/0x230 [ 88.260434] do_syscall_64+0x3b/0x90 [ 88.260781] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.261258] RIP: 0033:0x7f4b8743ee5d [ 88.261597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.263222] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.263891] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.264515] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.265138] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.265759] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.266381] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.267026] [ 88.267241] irq event stamp: 0 [ 88.267521] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.268076] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.268808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.269537] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.270092] ---[ end trace 0000000000000000 ]--- [ 88.272908] ------------[ cut here ]------------ [ 88.273353] WARNING: CPU: 1 PID: 760 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.274236] Modules linked in: [ 88.274575] CPU: 1 PID: 760 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.275353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.276346] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.276784] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.278381] RSP: 0018:ffff88800fb07bd0 EFLAGS: 00010246 [ 88.278865] RAX: 0000000000000000 RBX: ffff8880244010a8 RCX: 0000000000000000 [ 88.279497] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 88.280120] RBP: ffff88800fb07be8 R08: ffffed1004880233 R09: ffffed1004880233 [ 88.280742] R10: ffff888024401193 R11: ffffed1004880232 R12: ffff888012f1e800 [ 88.281367] R13: ffff8880244011e8 R14: ffff888020c33400 R15: 0000000000000000 [ 88.281990] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.282708] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.283225] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.283854] PKRU: 55555554 [ 88.284101] Call Trace: [ 88.284328] [ 88.284526] iommufd_access_destroy_object+0x65/0x170 [ 88.284986] iommufd_object_destroy_user+0x18e/0x220 [ 88.285443] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.285959] iommufd_access_destroy+0x43/0x70 [ 88.286360] iommufd_test_staccess_release+0x8d/0xd0 [ 88.286826] __fput+0x26d/0xa40 [ 88.287136] ____fput+0x1e/0x30 [ 88.287434] task_work_run+0x1a4/0x2d0 [ 88.287781] ? __pfx_task_work_run+0x10/0x10 [ 88.288169] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.288601] ? switch_task_namespaces+0xa9/0xe0 [ 88.289016] do_exit+0xb17/0x2ef0 [ 88.289319] ? lock_acquire+0x427/0x4c0 [ 88.289677] ? __pfx_lock_release+0x10/0x10 [ 88.290059] ? __kasan_check_write+0x18/0x20 [ 88.290447] ? do_raw_spin_lock+0x132/0x2a0 [ 88.290854] ? __pfx_do_exit+0x10/0x10 [ 88.291219] ? debug_smp_processor_id+0x20/0x30 [ 88.291629] ? rcu_is_watching+0x19/0xb0 [ 88.291988] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.292389] ? trace_hardirqs_on+0x26/0x120 [ 88.292778] do_group_exit+0xe0/0x2b0 [ 88.293111] __x64_sys_exit_group+0x47/0x50 [ 88.293485] do_syscall_64+0x3b/0x90 [ 88.293822] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.294283] RIP: 0033:0x7f4b87518a4d [ 88.294626] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.295172] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.295830] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.296448] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.297064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.297679] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.298295] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.298931] [ 88.299140] irq event stamp: 0 [ 88.299417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.299965] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.300694] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.301417] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.301970] ---[ end trace 0000000000000000 ]--- [ 88.302780] ------------[ cut here ]------------ [ 88.303217] WARNING: CPU: 1 PID: 760 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 88.304101] Modules linked in: [ 88.304380] CPU: 1 PID: 760 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.305133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.306112] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 88.306646] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 88.308227] RSP: 0018:ffff88800fb07b78 EFLAGS: 00010246 [ 88.308677] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 88.309283] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 88.309890] RBP: ffff88800fb07b98 R08: ffffed100488023e R09: ffffed100488023e [ 88.310506] R10: ffff8880244011ef R11: ffffed100488023d R12: ffff888024401290 [ 88.311139] R13: ffff8880244010a8 R14: ffffffffffffffff R15: ffff88800fb07c60 [ 88.311747] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.312432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.312929] CR2: 00007f4b875fca50 CR3: 0000000014928000 CR4: 0000000000750ee0 [ 88.313540] PKRU: 55555554 [ 88.313784] Call Trace: [ 88.314003] [ 88.314198] iommufd_ioas_destroy+0x53/0x70 [ 88.314592] iommufd_fops_release+0x1f7/0x370 [ 88.314986] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.315434] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.315977] ? write_comp_data+0x2f/0x90 [ 88.316420] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.316856] __fput+0x26d/0xa40 [ 88.317242] ____fput+0x1e/0x30 [ 88.317568] task_work_run+0x1a4/0x2d0 [ 88.317911] ? __pfx_task_work_run+0x10/0x10 [ 88.318319] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.318838] ? switch_task_namespaces+0xa9/0xe0 [ 88.319257] do_exit+0xb17/0x2ef0 [ 88.319626] ? lock_acquire+0x427/0x4c0 [ 88.320024] ? __pfx_lock_release+0x10/0x10 [ 88.320407] ? __kasan_check_write+0x18/0x20 [ 88.320794] ? do_raw_spin_lock+0x132/0x2a0 [ 88.321240] ? __pfx_do_exit+0x10/0x10 [ 88.321634] ? debug_smp_processor_id+0x20/0x30 [ 88.322045] ? rcu_is_watching+0x19/0xb0 [ 88.322469] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.322938] ? trace_hardirqs_on+0x26/0x120 [ 88.323333] do_group_exit+0xe0/0x2b0 [ 88.323670] __x64_sys_exit_group+0x47/0x50 [ 88.324119] do_syscall_64+0x3b/0x90 [ 88.324495] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.324968] RIP: 0033:0x7f4b87518a4d [ 88.325386] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.325927] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.326717] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.327345] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.328072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.328683] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.329400] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.330018] [ 88.330249] irq event stamp: 0 [ 88.330606] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.331157] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.332004] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.332726] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.333378] ---[ end trace 0000000000000000 ]--- [ 88.337450] ------------[ cut here ]------------ [ 88.337919] WARNING: CPU: 1 PID: 761 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.338886] Modules linked in: [ 88.339170] CPU: 1 PID: 761 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.340032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.341094] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.341522] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.343323] RSP: 0018:ffff888021b5fbb8 EFLAGS: 00010246 [ 88.343792] RAX: 0000000000000000 RBX: ffff888015e668a8 RCX: 0000000000000000 [ 88.344473] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 88.345149] RBP: ffff888021b5fbd0 R08: ffffed1002bccd33 R09: ffffed1002bccd33 [ 88.345860] R10: ffff888015e66993 R11: ffffed1002bccd32 R12: ffff888021bc9800 [ 88.346490] R13: ffff888015e669e8 R14: ffffffff8352e670 R15: ffff888021b5fe68 [ 88.347284] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.348007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.348654] CR2: 00007f4b877410e8 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 88.349289] PKRU: 55555554 [ 88.349615] Call Trace: [ 88.349902] [ 88.350112] __iommufd_access_detach+0x1c2/0x2b0 [ 88.350577] iommufd_access_change_pt+0x149/0x270 [ 88.351041] iommufd_access_replace+0xb4/0x120 [ 88.351594] iommufd_test+0x3e5/0x37e0 [ 88.351941] ? lock_release+0x532/0x770 [ 88.352374] ? __might_fault+0x102/0x1b0 [ 88.352802] ? lock_acquire+0x427/0x4c0 [ 88.353164] ? __pfx_iommufd_test+0x10/0x10 [ 88.353580] ? __pfx_lock_release+0x10/0x10 [ 88.354017] ? __pfx_lock_acquire+0x10/0x10 [ 88.354407] ? write_comp_data+0x2f/0x90 [ 88.354886] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.355380] ? write_comp_data+0x2f/0x90 [ 88.355749] iommufd_fops_ioctl+0x37d/0x510 [ 88.356133] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.356696] ? write_comp_data+0x2f/0x90 [ 88.357063] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.357512] __x64_sys_ioctl+0x1a3/0x230 [ 88.357926] do_syscall_64+0x3b/0x90 [ 88.358266] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.358828] RIP: 0033:0x7f4b8743ee5d [ 88.359171] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.360756] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.361417] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.362034] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.362673] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.363307] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.363925] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.364554] [ 88.364759] irq event stamp: 0 [ 88.365034] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.365587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.366310] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.367053] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.367610] ---[ end trace 0000000000000000 ]--- [ 88.370392] ------------[ cut here ]------------ [ 88.370884] WARNING: CPU: 1 PID: 761 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.371793] Modules linked in: [ 88.372082] CPU: 1 PID: 761 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.372844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.373839] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.374289] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.375965] RSP: 0018:ffff888021b5fbd0 EFLAGS: 00010246 [ 88.376443] RAX: 0000000000000000 RBX: ffff888015e668a8 RCX: 0000000000000000 [ 88.377076] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 88.377703] RBP: ffff888021b5fbe8 R08: ffffed1002bccd33 R09: ffffed1002bccd33 [ 88.378331] R10: ffff888015e66993 R11: ffffed1002bccd32 R12: ffff888010c08800 [ 88.378978] R13: ffff888015e669e8 R14: ffff888020a70600 R15: 0000000000000000 [ 88.379621] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.380336] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.380851] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.381483] PKRU: 55555554 [ 88.381733] Call Trace: [ 88.381961] [ 88.382162] iommufd_access_destroy_object+0x65/0x170 [ 88.382647] iommufd_object_destroy_user+0x18e/0x220 [ 88.383105] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.383631] iommufd_access_destroy+0x43/0x70 [ 88.384028] iommufd_test_staccess_release+0x8d/0xd0 [ 88.384489] __fput+0x26d/0xa40 [ 88.384802] ____fput+0x1e/0x30 [ 88.385108] task_work_run+0x1a4/0x2d0 [ 88.385467] ? __pfx_task_work_run+0x10/0x10 [ 88.385860] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.386294] ? switch_task_namespaces+0xa9/0xe0 [ 88.386731] do_exit+0xb17/0x2ef0 [ 88.387041] ? lock_acquire+0x427/0x4c0 [ 88.387408] ? __pfx_lock_release+0x10/0x10 [ 88.387791] ? __kasan_check_write+0x18/0x20 [ 88.388182] ? do_raw_spin_lock+0x132/0x2a0 [ 88.388569] ? __pfx_do_exit+0x10/0x10 [ 88.388934] ? debug_smp_processor_id+0x20/0x30 [ 88.389351] ? rcu_is_watching+0x19/0xb0 [ 88.389713] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.390123] ? trace_hardirqs_on+0x26/0x120 [ 88.390534] do_group_exit+0xe0/0x2b0 [ 88.390879] __x64_sys_exit_group+0x47/0x50 [ 88.391440] do_syscall_64+0x3b/0x90 [ 88.391903] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.392514] RIP: 0033:0x7f4b87518a4d [ 88.392949] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.393657] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.394575] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.395420] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.396242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.397064] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.397883] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.398729] [ 88.399007] irq event stamp: 0 [ 88.399380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.400085] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.401017] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.401950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.402690] ---[ end trace 0000000000000000 ]--- [ 88.403893] ------------[ cut here ]------------ [ 88.404428] WARNING: CPU: 1 PID: 761 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 88.405553] Modules linked in: [ 88.405922] CPU: 1 PID: 761 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.406921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.408188] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 88.408773] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 88.410825] RSP: 0018:ffff888021b5fb78 EFLAGS: 00010246 [ 88.411442] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 88.412239] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 88.413034] RBP: ffff888021b5fb98 R08: ffffed1002bccd3e R09: ffffed1002bccd3e [ 88.413828] R10: ffff888015e669ef R11: ffffed1002bccd3d R12: ffff888015e66a90 [ 88.414653] R13: ffff888015e668a8 R14: ffffffffffffffff R15: ffff888021b5fc60 [ 88.415468] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.416363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.417011] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.417809] PKRU: 55555554 [ 88.418134] Call Trace: [ 88.418427] [ 88.418720] iommufd_ioas_destroy+0x53/0x70 [ 88.419237] iommufd_fops_release+0x1f7/0x370 [ 88.419761] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.420330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.420893] ? write_comp_data+0x2f/0x90 [ 88.421368] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.421936] __fput+0x26d/0xa40 [ 88.422334] ____fput+0x1e/0x30 [ 88.422754] task_work_run+0x1a4/0x2d0 [ 88.423224] ? __pfx_task_work_run+0x10/0x10 [ 88.423731] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.424291] ? switch_task_namespaces+0xa9/0xe0 [ 88.424836] do_exit+0xb17/0x2ef0 [ 88.425235] ? lock_acquire+0x427/0x4c0 [ 88.425703] ? __pfx_lock_release+0x10/0x10 [ 88.426206] ? __kasan_check_write+0x18/0x20 [ 88.426746] ? do_raw_spin_lock+0x132/0x2a0 [ 88.427261] ? __pfx_do_exit+0x10/0x10 [ 88.427719] ? debug_smp_processor_id+0x20/0x30 [ 88.428254] ? rcu_is_watching+0x19/0xb0 [ 88.428718] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.429238] ? trace_hardirqs_on+0x26/0x120 [ 88.429736] do_group_exit+0xe0/0x2b0 [ 88.430165] __x64_sys_exit_group+0x47/0x50 [ 88.430675] do_syscall_64+0x3b/0x90 [ 88.431154] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.431665] RIP: 0033:0x7f4b87518a4d [ 88.431994] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.432533] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.433194] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.433813] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.434434] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.435080] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.435714] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.436347] [ 88.436551] irq event stamp: 0 [ 88.436830] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.437378] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.438105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.438847] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.439406] ---[ end trace 0000000000000000 ]--- [ 88.443341] ------------[ cut here ]------------ [ 88.443775] WARNING: CPU: 1 PID: 762 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.444648] Modules linked in: [ 88.444926] CPU: 1 PID: 762 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.445677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.446936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.447390] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.448985] RSP: 0018:ffff888016dcfbb8 EFLAGS: 00010246 [ 88.449449] RAX: 0000000000000000 RBX: ffff888021acf0a8 RCX: 0000000000000000 [ 88.450068] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 88.450709] RBP: ffff888016dcfbd0 R08: ffffed1004359e33 R09: ffffed1004359e33 [ 88.451339] R10: ffff888021acf193 R11: ffffed1004359e32 R12: ffff88800f6bcc00 [ 88.451959] R13: ffff888021acf1e8 R14: ffffffff8352e670 R15: ffff888016dcfe68 [ 88.452579] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.453271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.453773] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 88.454382] PKRU: 55555554 [ 88.454641] Call Trace: [ 88.454864] [ 88.455060] __iommufd_access_detach+0x1c2/0x2b0 [ 88.455484] iommufd_access_change_pt+0x149/0x270 [ 88.455910] iommufd_access_replace+0xb4/0x120 [ 88.456312] iommufd_test+0x3e5/0x37e0 [ 88.456648] ? lock_release+0x532/0x770 [ 88.457009] ? __might_fault+0x102/0x1b0 [ 88.457364] ? lock_acquire+0x427/0x4c0 [ 88.457713] ? __pfx_iommufd_test+0x10/0x10 [ 88.458081] ? __pfx_lock_release+0x10/0x10 [ 88.458458] ? __pfx_lock_acquire+0x10/0x10 [ 88.458865] ? write_comp_data+0x2f/0x90 [ 88.459232] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.459658] ? write_comp_data+0x2f/0x90 [ 88.460015] iommufd_fops_ioctl+0x37d/0x510 [ 88.460389] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.460813] ? write_comp_data+0x2f/0x90 [ 88.461171] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.461586] __x64_sys_ioctl+0x1a3/0x230 [ 88.461943] do_syscall_64+0x3b/0x90 [ 88.462271] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.462742] RIP: 0033:0x7f4b8743ee5d [ 88.463066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.464641] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.465288] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.465892] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.466497] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.467135] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.467746] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.468359] [ 88.468558] irq event stamp: 0 [ 88.468831] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.469366] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.470079] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.470804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.471349] ---[ end trace 0000000000000000 ]--- [ 88.474022] ------------[ cut here ]------------ [ 88.474455] WARNING: CPU: 1 PID: 762 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.475354] Modules linked in: [ 88.475635] CPU: 1 PID: 762 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.476375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.477335] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.477764] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.479338] RSP: 0018:ffff888016dcfbd0 EFLAGS: 00010246 [ 88.479795] RAX: 0000000000000000 RBX: ffff888021acf0a8 RCX: 0000000000000000 [ 88.480404] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 88.481021] RBP: ffff888016dcfbe8 R08: ffffed1004359e33 R09: ffffed1004359e33 [ 88.481635] R10: ffff888021acf193 R11: ffffed1004359e32 R12: ffff888021bc9000 [ 88.482258] R13: ffff888021acf1e8 R14: ffff88801287e600 R15: 0000000000000000 [ 88.482889] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.483608] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.484112] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.484721] PKRU: 55555554 [ 88.484962] Call Trace: [ 88.485187] [ 88.485384] iommufd_access_destroy_object+0x65/0x170 [ 88.485835] iommufd_object_destroy_user+0x18e/0x220 [ 88.486288] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.486825] iommufd_access_destroy+0x43/0x70 [ 88.487235] iommufd_test_staccess_release+0x8d/0xd0 [ 88.487684] __fput+0x26d/0xa40 [ 88.487986] ____fput+0x1e/0x30 [ 88.488278] task_work_run+0x1a4/0x2d0 [ 88.488625] ? __pfx_task_work_run+0x10/0x10 [ 88.489011] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.489437] ? switch_task_namespaces+0xa9/0xe0 [ 88.489849] do_exit+0xb17/0x2ef0 [ 88.490149] ? lock_acquire+0x427/0x4c0 [ 88.490502] ? __pfx_lock_release+0x10/0x10 [ 88.490903] ? __kasan_check_write+0x18/0x20 [ 88.491293] ? do_raw_spin_lock+0x132/0x2a0 [ 88.491666] ? __pfx_do_exit+0x10/0x10 [ 88.492009] ? debug_smp_processor_id+0x20/0x30 [ 88.492409] ? rcu_is_watching+0x19/0xb0 [ 88.492758] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.493151] ? trace_hardirqs_on+0x26/0x120 [ 88.493532] do_group_exit+0xe0/0x2b0 [ 88.493870] __x64_sys_exit_group+0x47/0x50 [ 88.494246] do_syscall_64+0x3b/0x90 [ 88.494602] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.495062] RIP: 0033:0x7f4b87518a4d [ 88.495409] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.495942] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.496596] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.497216] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.497832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.498461] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.499116] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.499759] [ 88.499967] irq event stamp: 0 [ 88.500246] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.500804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.501550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.502288] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.502863] ---[ end trace 0000000000000000 ]--- [ 88.503618] ------------[ cut here ]------------ [ 88.504047] WARNING: CPU: 1 PID: 762 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 88.504950] Modules linked in: [ 88.505239] CPU: 1 PID: 762 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.506027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.507050] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 88.507533] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 88.509157] RSP: 0018:ffff888016dcfb78 EFLAGS: 00010246 [ 88.509631] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 88.510264] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 88.510912] RBP: ffff888016dcfb98 R08: ffffed1004359e3e R09: ffffed1004359e3e [ 88.511560] R10: ffff888021acf1ef R11: ffffed1004359e3d R12: ffff888021acf290 [ 88.512196] R13: ffff888021acf0a8 R14: ffffffffffffffff R15: ffff888016dcfc60 [ 88.512830] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.513542] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.514061] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.514716] PKRU: 55555554 [ 88.514974] Call Trace: [ 88.515219] [ 88.515420] iommufd_ioas_destroy+0x53/0x70 [ 88.515814] iommufd_fops_release+0x1f7/0x370 [ 88.516225] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.516677] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.517129] ? write_comp_data+0x2f/0x90 [ 88.517518] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.517976] __fput+0x26d/0xa40 [ 88.518293] ____fput+0x1e/0x30 [ 88.518624] task_work_run+0x1a4/0x2d0 [ 88.518989] ? __pfx_task_work_run+0x10/0x10 [ 88.519404] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.519846] ? switch_task_namespaces+0xa9/0xe0 [ 88.520272] do_exit+0xb17/0x2ef0 [ 88.520585] ? lock_acquire+0x427/0x4c0 [ 88.520953] ? __pfx_lock_release+0x10/0x10 [ 88.521354] ? __kasan_check_write+0x18/0x20 [ 88.521755] ? do_raw_spin_lock+0x132/0x2a0 [ 88.522143] ? __pfx_do_exit+0x10/0x10 [ 88.522525] ? debug_smp_processor_id+0x20/0x30 [ 88.522951] ? rcu_is_watching+0x19/0xb0 [ 88.523345] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.523765] ? trace_hardirqs_on+0x26/0x120 [ 88.524168] do_group_exit+0xe0/0x2b0 [ 88.524527] __x64_sys_exit_group+0x47/0x50 [ 88.524927] do_syscall_64+0x3b/0x90 [ 88.525279] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.525766] RIP: 0033:0x7f4b87518a4d [ 88.526111] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.526686] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.527382] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.528029] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.528688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.529341] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.529997] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.530702] [ 88.530931] irq event stamp: 0 [ 88.531240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.531829] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.532595] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.533352] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.533924] ---[ end trace 0000000000000000 ]--- [ 88.538339] ------------[ cut here ]------------ [ 88.538878] WARNING: CPU: 1 PID: 763 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.539816] Modules linked in: [ 88.540111] CPU: 1 PID: 763 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.540907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.541945] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.542406] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.544133] RSP: 0018:ffff888017b27bb8 EFLAGS: 00010246 [ 88.544625] RAX: 0000000000000000 RBX: ffff888012b1b0a8 RCX: 0000000000000000 [ 88.545277] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 88.545932] RBP: ffff888017b27bd0 R08: ffffed1002563633 R09: ffffed1002563633 [ 88.546612] R10: ffff888012b1b193 R11: ffffed1002563632 R12: ffff888014583c00 [ 88.547288] R13: ffff888012b1b1e8 R14: ffffffff8352e670 R15: ffff888017b27e68 [ 88.547952] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.548693] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.549220] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ee0 [ 88.549866] PKRU: 55555554 [ 88.550124] Call Trace: [ 88.550362] [ 88.550599] __iommufd_access_detach+0x1c2/0x2b0 [ 88.551052] iommufd_access_change_pt+0x149/0x270 [ 88.551520] iommufd_access_replace+0xb4/0x120 [ 88.551963] iommufd_test+0x3e5/0x37e0 [ 88.552335] ? lock_release+0x532/0x770 [ 88.552724] ? __might_fault+0x102/0x1b0 [ 88.553116] ? lock_acquire+0x427/0x4c0 [ 88.553506] ? __pfx_iommufd_test+0x10/0x10 [ 88.553905] ? __pfx_lock_release+0x10/0x10 [ 88.554313] ? __pfx_lock_acquire+0x10/0x10 [ 88.554750] ? write_comp_data+0x2f/0x90 [ 88.555152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.555608] ? write_comp_data+0x2f/0x90 [ 88.555991] iommufd_fops_ioctl+0x37d/0x510 [ 88.556393] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.556860] ? write_comp_data+0x2f/0x90 [ 88.557255] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.557711] __x64_sys_ioctl+0x1a3/0x230 [ 88.558118] do_syscall_64+0x3b/0x90 [ 88.558487] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.559036] RIP: 0033:0x7f4b8743ee5d [ 88.559414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.561106] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.561834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.562550] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.563251] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.563915] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.564572] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.565244] [ 88.565471] irq event stamp: 0 [ 88.565773] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.566371] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.567193] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.567996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.568594] ---[ end trace 0000000000000000 ]--- [ 88.571584] ------------[ cut here ]------------ [ 88.572246] WARNING: CPU: 1 PID: 763 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.573233] Modules linked in: [ 88.573647] CPU: 1 PID: 763 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.574497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.575757] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.576271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.578227] RSP: 0018:ffff888017b27bd0 EFLAGS: 00010246 [ 88.578794] RAX: 0000000000000000 RBX: ffff888012b1b0a8 RCX: 0000000000000000 [ 88.579801] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 88.580697] RBP: ffff888017b27be8 R08: ffffed1002563633 R09: ffffed1002563633 [ 88.581800] R10: ffff888012b1b193 R11: ffffed1002563632 R12: ffff888013b21800 [ 88.582810] R13: ffff888012b1b1e8 R14: ffff88800ca5a300 R15: 0000000000000000 [ 88.583722] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.584921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.585760] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.586832] PKRU: 55555554 [ 88.587240] Call Trace: [ 88.587687] [ 88.587980] iommufd_access_destroy_object+0x65/0x170 [ 88.588679] iommufd_object_destroy_user+0x18e/0x220 [ 88.589361] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.590204] iommufd_access_destroy+0x43/0x70 [ 88.590859] iommufd_test_staccess_release+0x8d/0xd0 [ 88.591555] __fput+0x26d/0xa40 [ 88.592089] ____fput+0x1e/0x30 [ 88.592585] task_work_run+0x1a4/0x2d0 [ 88.593107] ? __pfx_task_work_run+0x10/0x10 [ 88.593786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.594443] ? switch_task_namespaces+0xa9/0xe0 [ 88.595262] do_exit+0xb17/0x2ef0 [ 88.595727] ? lock_acquire+0x427/0x4c0 [ 88.596286] ? __pfx_lock_release+0x10/0x10 [ 88.596942] ? __kasan_check_write+0x18/0x20 [ 88.597517] ? do_raw_spin_lock+0x132/0x2a0 [ 88.598250] ? __pfx_do_exit+0x10/0x10 [ 88.598823] ? debug_smp_processor_id+0x20/0x30 [ 88.599455] ? rcu_is_watching+0x19/0xb0 [ 88.600169] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.600771] ? trace_hardirqs_on+0x26/0x120 [ 88.601413] do_group_exit+0xe0/0x2b0 [ 88.601908] __x64_sys_exit_group+0x47/0x50 [ 88.602494] do_syscall_64+0x3b/0x90 [ 88.603156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.603835] RIP: 0033:0x7f4b87518a4d [ 88.604345] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.605215] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.606306] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.607318] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.608342] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.609312] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.610321] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.611457] [ 88.611781] irq event stamp: 0 [ 88.612193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.613148] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.614373] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.615538] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.616451] ---[ end trace 0000000000000000 ]--- [ 88.617759] ------------[ cut here ]------------ [ 88.618398] WARNING: CPU: 1 PID: 763 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 88.620009] Modules linked in: [ 88.620471] CPU: 1 PID: 763 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.621819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.623588] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 88.624361] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 88.627100] RSP: 0018:ffff888017b27b78 EFLAGS: 00010246 [ 88.627911] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 88.628959] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 88.630107] RBP: ffff888017b27b98 R08: ffffed100256363e R09: ffffed100256363e [ 88.631225] R10: ffff888012b1b1ef R11: ffffed100256363d R12: ffff888012b1b290 [ 88.632279] R13: ffff888012b1b0a8 R14: ffffffffffffffff R15: ffff888017b27c60 [ 88.633367] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.634594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.635560] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.636566] PKRU: 55555554 [ 88.637059] Call Trace: [ 88.637416] [ 88.637735] iommufd_ioas_destroy+0x53/0x70 [ 88.638597] iommufd_fops_release+0x1f7/0x370 [ 88.639275] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.639969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.640841] ? write_comp_data+0x2f/0x90 [ 88.641444] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.642261] __fput+0x26d/0xa40 [ 88.642937] ____fput+0x1e/0x30 [ 88.643461] task_work_run+0x1a4/0x2d0 [ 88.644014] ? __pfx_task_work_run+0x10/0x10 [ 88.644753] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.645431] ? switch_task_namespaces+0xa9/0xe0 [ 88.646088] do_exit+0xb17/0x2ef0 [ 88.646648] ? lock_acquire+0x427/0x4c0 [ 88.647275] ? __pfx_lock_release+0x10/0x10 [ 88.647878] ? __kasan_check_write+0x18/0x20 [ 88.648488] ? do_raw_spin_lock+0x132/0x2a0 [ 88.649094] ? __pfx_do_exit+0x10/0x10 [ 88.649658] ? debug_smp_processor_id+0x20/0x30 [ 88.650306] ? rcu_is_watching+0x19/0xb0 [ 88.650992] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.651685] ? trace_hardirqs_on+0x26/0x120 [ 88.652306] do_group_exit+0xe0/0x2b0 [ 88.652848] __x64_sys_exit_group+0x47/0x50 [ 88.653440] do_syscall_64+0x3b/0x90 [ 88.653966] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.654752] RIP: 0033:0x7f4b87518a4d [ 88.655315] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.656141] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.657192] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.658165] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.659218] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.660178] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.661152] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.662139] [ 88.662485] irq event stamp: 0 [ 88.662990] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.663763] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.664719] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.665668] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.666399] ---[ end trace 0000000000000000 ]--- [ 88.673555] ------------[ cut here ]------------ [ 88.674249] WARNING: CPU: 1 PID: 764 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.676034] Modules linked in: [ 88.676526] CPU: 1 PID: 764 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.677703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.679315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.679992] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.682384] RSP: 0018:ffff888015877bb8 EFLAGS: 00010246 [ 88.683162] RAX: 0000000000000000 RBX: ffff888016e0b0a8 RCX: 0000000000000000 [ 88.684114] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 88.685052] RBP: ffff888015877bd0 R08: ffffed1002dc1633 R09: ffffed1002dc1633 [ 88.685992] R10: ffff888016e0b193 R11: ffffed1002dc1632 R12: ffff888021bbc800 [ 88.686970] R13: ffff888016e0b1e8 R14: ffffffff8352e670 R15: ffff888015877e68 [ 88.687949] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.689016] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.689782] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 88.690771] PKRU: 55555554 [ 88.691174] Call Trace: [ 88.691526] [ 88.691836] __iommufd_access_detach+0x1c2/0x2b0 [ 88.692497] iommufd_access_change_pt+0x149/0x270 [ 88.693161] iommufd_access_replace+0xb4/0x120 [ 88.693793] iommufd_test+0x3e5/0x37e0 [ 88.694316] ? lock_release+0x532/0x770 [ 88.694911] ? __might_fault+0x102/0x1b0 [ 88.695492] ? lock_acquire+0x427/0x4c0 [ 88.696046] ? __pfx_iommufd_test+0x10/0x10 [ 88.696621] ? __pfx_lock_release+0x10/0x10 [ 88.697209] ? __pfx_lock_acquire+0x10/0x10 [ 88.697802] ? write_comp_data+0x2f/0x90 [ 88.698369] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.699068] ? write_comp_data+0x2f/0x90 [ 88.699655] iommufd_fops_ioctl+0x37d/0x510 [ 88.700251] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.700914] ? write_comp_data+0x2f/0x90 [ 88.701476] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.702124] __x64_sys_ioctl+0x1a3/0x230 [ 88.702719] do_syscall_64+0x3b/0x90 [ 88.703257] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.703961] RIP: 0033:0x7f4b8743ee5d [ 88.704461] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.706889] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.707929] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.708876] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.709818] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.710830] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.711802] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.712754] [ 88.713071] irq event stamp: 0 [ 88.713495] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.714328] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.715476] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.716589] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.717422] ---[ end trace 0000000000000000 ]--- [ 88.722348] ------------[ cut here ]------------ [ 88.723053] WARNING: CPU: 1 PID: 764 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.724382] Modules linked in: [ 88.724824] CPU: 1 PID: 764 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.725970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.727505] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.728191] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.730624] RSP: 0018:ffff888015877bd0 EFLAGS: 00010246 [ 88.731358] RAX: 0000000000000000 RBX: ffff888016e0b0a8 RCX: 0000000000000000 [ 88.732307] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 88.733235] RBP: ffff888015877be8 R08: ffffed1002dc1633 R09: ffffed1002dc1633 [ 88.734134] R10: ffff888016e0b193 R11: ffffed1002dc1632 R12: ffff888014582000 [ 88.735075] R13: ffff888016e0b1e8 R14: ffff888013d36f00 R15: 0000000000000000 [ 88.735998] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.737022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.737759] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.738702] PKRU: 55555554 [ 88.739072] Call Trace: [ 88.739390] [ 88.739647] iommufd_access_destroy_object+0x65/0x170 [ 88.740279] iommufd_object_destroy_user+0x18e/0x220 [ 88.740930] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.741673] iommufd_access_destroy+0x43/0x70 [ 88.742264] iommufd_test_staccess_release+0x8d/0xd0 [ 88.742963] __fput+0x26d/0xa40 [ 88.743447] ____fput+0x1e/0x30 [ 88.743898] task_work_run+0x1a4/0x2d0 [ 88.744412] ? __pfx_task_work_run+0x10/0x10 [ 88.744987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.745621] ? switch_task_namespaces+0xa9/0xe0 [ 88.746234] do_exit+0xb17/0x2ef0 [ 88.746715] ? lock_acquire+0x427/0x4c0 [ 88.747279] ? __pfx_lock_release+0x10/0x10 [ 88.747870] ? __kasan_check_write+0x18/0x20 [ 88.748471] ? do_raw_spin_lock+0x132/0x2a0 [ 88.749046] ? __pfx_do_exit+0x10/0x10 [ 88.749580] ? debug_smp_processor_id+0x20/0x30 [ 88.750194] ? rcu_is_watching+0x19/0xb0 [ 88.750803] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.751451] ? trace_hardirqs_on+0x26/0x120 [ 88.752037] do_group_exit+0xe0/0x2b0 [ 88.752538] __x64_sys_exit_group+0x47/0x50 [ 88.753091] do_syscall_64+0x3b/0x90 [ 88.753587] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.754266] RIP: 0033:0x7f4b87518a4d [ 88.754784] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.755608] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.756587] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.757500] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.758403] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.759349] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.760259] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.761182] [ 88.761489] irq event stamp: 0 [ 88.761893] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.762729] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.763821] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.764877] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.765678] ---[ end trace 0000000000000000 ]--- [ 88.767003] ------------[ cut here ]------------ [ 88.767642] WARNING: CPU: 1 PID: 764 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 88.768611] Modules linked in: [ 88.768916] CPU: 1 PID: 764 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.769745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.771162] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 88.771658] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 88.773392] RSP: 0018:ffff888015877b78 EFLAGS: 00010246 [ 88.773899] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 88.774604] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 88.775291] RBP: ffff888015877b98 R08: ffffed1002dc163e R09: ffffed1002dc163e [ 88.775963] R10: ffff888016e0b1ef R11: ffffed1002dc163d R12: ffff888016e0b290 [ 88.776647] R13: ffff888016e0b0a8 R14: ffffffffffffffff R15: ffff888015877c60 [ 88.777329] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.778100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.778706] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.779407] PKRU: 55555554 [ 88.779686] Call Trace: [ 88.779940] [ 88.780156] iommufd_ioas_destroy+0x53/0x70 [ 88.780580] iommufd_fops_release+0x1f7/0x370 [ 88.781022] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.781511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.781984] ? write_comp_data+0x2f/0x90 [ 88.782388] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.782902] __fput+0x26d/0xa40 [ 88.783258] ____fput+0x1e/0x30 [ 88.783588] task_work_run+0x1a4/0x2d0 [ 88.783977] ? __pfx_task_work_run+0x10/0x10 [ 88.784410] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.784897] ? switch_task_namespaces+0xa9/0xe0 [ 88.785363] do_exit+0xb17/0x2ef0 [ 88.785703] ? lock_acquire+0x427/0x4c0 [ 88.786097] ? __pfx_lock_release+0x10/0x10 [ 88.786540] ? __kasan_check_write+0x18/0x20 [ 88.786966] ? do_raw_spin_lock+0x132/0x2a0 [ 88.787395] ? __pfx_do_exit+0x10/0x10 [ 88.787783] ? debug_smp_processor_id+0x20/0x30 [ 88.788230] ? rcu_is_watching+0x19/0xb0 [ 88.788622] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.789061] ? trace_hardirqs_on+0x26/0x120 [ 88.789482] do_group_exit+0xe0/0x2b0 [ 88.789853] __x64_sys_exit_group+0x47/0x50 [ 88.790274] do_syscall_64+0x3b/0x90 [ 88.790671] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.791182] RIP: 0033:0x7f4b87518a4d [ 88.791540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.792128] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.792850] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.793527] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.794206] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.794905] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.795591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.796282] [ 88.796505] irq event stamp: 0 [ 88.796807] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.797408] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.798200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.799016] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.799624] ---[ end trace 0000000000000000 ]--- [ 88.805050] ------------[ cut here ]------------ [ 88.805564] WARNING: CPU: 1 PID: 765 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.806497] Modules linked in: [ 88.806914] CPU: 1 PID: 765 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.807737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.808785] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.809250] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.810976] RSP: 0018:ffff88802442fbb8 EFLAGS: 00010246 [ 88.811487] RAX: 0000000000000000 RBX: ffff888017b240a8 RCX: 0000000000000000 [ 88.812152] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 88.812809] RBP: ffff88802442fbd0 R08: ffffed1002f64833 R09: ffffed1002f64833 [ 88.813469] R10: ffff888017b24193 R11: ffffed1002f64832 R12: ffff888012e90000 [ 88.814137] R13: ffff888017b241e8 R14: ffffffff8352e670 R15: ffff88802442fe68 [ 88.814830] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.815603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.816147] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ee0 [ 88.816817] PKRU: 55555554 [ 88.817083] Call Trace: [ 88.817324] [ 88.817535] __iommufd_access_detach+0x1c2/0x2b0 [ 88.817997] iommufd_access_change_pt+0x149/0x270 [ 88.818464] iommufd_access_replace+0xb4/0x120 [ 88.818936] iommufd_test+0x3e5/0x37e0 [ 88.819318] ? lock_release+0x532/0x770 [ 88.819706] ? __might_fault+0x102/0x1b0 [ 88.820103] ? lock_acquire+0x427/0x4c0 [ 88.820491] ? __pfx_iommufd_test+0x10/0x10 [ 88.820893] ? __pfx_lock_release+0x10/0x10 [ 88.821306] ? __pfx_lock_acquire+0x10/0x10 [ 88.821733] ? write_comp_data+0x2f/0x90 [ 88.822133] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.822622] ? write_comp_data+0x2f/0x90 [ 88.823022] iommufd_fops_ioctl+0x37d/0x510 [ 88.823450] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.823920] ? write_comp_data+0x2f/0x90 [ 88.824314] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.824772] __x64_sys_ioctl+0x1a3/0x230 [ 88.825168] do_syscall_64+0x3b/0x90 [ 88.825531] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.826026] RIP: 0033:0x7f4b8743ee5d [ 88.826388] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.828137] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.828860] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.829533] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.830204] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.830999] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.832249] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.833186] [ 88.833502] irq event stamp: 0 [ 88.834229] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.835089] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.836211] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.837563] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.838369] ---[ end trace 0000000000000000 ]--- [ 88.843605] ------------[ cut here ]------------ [ 88.844229] WARNING: CPU: 1 PID: 765 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.845826] Modules linked in: [ 88.846255] CPU: 1 PID: 765 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.847475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.849100] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.849752] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.852263] RSP: 0018:ffff88802442fbd0 EFLAGS: 00010246 [ 88.852969] RAX: 0000000000000000 RBX: ffff888017b240a8 RCX: 0000000000000000 [ 88.854040] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 88.855004] RBP: ffff88802442fbe8 R08: ffffed1002f64833 R09: ffffed1002f64833 [ 88.855961] R10: ffff888017b24193 R11: ffffed1002f64832 R12: ffff888021bbec00 [ 88.857030] R13: ffff888017b241e8 R14: ffff88800fd1b800 R15: 0000000000000000 [ 88.857953] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.859166] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.859927] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.860838] PKRU: 55555554 [ 88.861202] Call Trace: [ 88.861631] [ 88.861983] iommufd_access_destroy_object+0x65/0x170 [ 88.862694] iommufd_object_destroy_user+0x18e/0x220 [ 88.863396] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.864184] iommufd_access_destroy+0x43/0x70 [ 88.864892] iommufd_test_staccess_release+0x8d/0xd0 [ 88.865572] __fput+0x26d/0xa40 [ 88.866028] ____fput+0x1e/0x30 [ 88.866478] task_work_run+0x1a4/0x2d0 [ 88.867215] ? __pfx_task_work_run+0x10/0x10 [ 88.867803] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.868449] ? switch_task_namespaces+0xa9/0xe0 [ 88.869079] do_exit+0xb17/0x2ef0 [ 88.869550] ? lock_acquire+0x427/0x4c0 [ 88.870220] ? __pfx_lock_release+0x10/0x10 [ 88.870840] ? __kasan_check_write+0x18/0x20 [ 88.871453] ? do_raw_spin_lock+0x132/0x2a0 [ 88.872021] ? __pfx_do_exit+0x10/0x10 [ 88.872635] ? debug_smp_processor_id+0x20/0x30 [ 88.873304] ? rcu_is_watching+0x19/0xb0 [ 88.873847] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.874442] ? trace_hardirqs_on+0x26/0x120 [ 88.875139] do_group_exit+0xe0/0x2b0 [ 88.875713] __x64_sys_exit_group+0x47/0x50 [ 88.876276] do_syscall_64+0x3b/0x90 [ 88.876782] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.877459] RIP: 0033:0x7f4b87518a4d [ 88.878028] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.878916] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.879917] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.880933] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.881900] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.882858] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.883949] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.884875] [ 88.885197] irq event stamp: 0 [ 88.885612] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.886594] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.887698] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.888768] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.889725] ---[ end trace 0000000000000000 ]--- [ 88.891098] ------------[ cut here ]------------ [ 88.891846] WARNING: CPU: 1 PID: 765 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 88.893186] Modules linked in: [ 88.893617] CPU: 1 PID: 765 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.894924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.896387] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 88.897092] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 88.899664] RSP: 0018:ffff88802442fb78 EFLAGS: 00010246 [ 88.900436] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 88.901341] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 88.902310] RBP: ffff88802442fb98 R08: ffffed1002f6483e R09: ffffed1002f6483e [ 88.903365] R10: ffff888017b241ef R11: ffffed1002f6483d R12: ffff888017b24290 [ 88.904281] R13: ffff888017b240a8 R14: ffffffffffffffff R15: ffff88802442fc60 [ 88.905289] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.906400] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.907228] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.908311] PKRU: 55555554 [ 88.908688] Call Trace: [ 88.909028] [ 88.909322] iommufd_ioas_destroy+0x53/0x70 [ 88.909893] iommufd_fops_release+0x1f7/0x370 [ 88.910690] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.911378] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.912022] ? write_comp_data+0x2f/0x90 [ 88.912565] ? __pfx_iommufd_fops_release+0x10/0x10 [ 88.913314] __fput+0x26d/0xa40 [ 88.913826] ____fput+0x1e/0x30 [ 88.914283] task_work_run+0x1a4/0x2d0 [ 88.914840] ? __pfx_task_work_run+0x10/0x10 [ 88.915453] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.916186] ? switch_task_namespaces+0xa9/0xe0 [ 88.916831] do_exit+0xb17/0x2ef0 [ 88.917290] ? lock_acquire+0x427/0x4c0 [ 88.917816] ? __pfx_lock_release+0x10/0x10 [ 88.918474] ? __kasan_check_write+0x18/0x20 [ 88.919216] ? do_raw_spin_lock+0x132/0x2a0 [ 88.919765] ? __pfx_do_exit+0x10/0x10 [ 88.920275] ? debug_smp_processor_id+0x20/0x30 [ 88.920861] ? rcu_is_watching+0x19/0xb0 [ 88.921565] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.922147] ? trace_hardirqs_on+0x26/0x120 [ 88.922735] do_group_exit+0xe0/0x2b0 [ 88.923257] __x64_sys_exit_group+0x47/0x50 [ 88.923829] do_syscall_64+0x3b/0x90 [ 88.924414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.925072] RIP: 0033:0x7f4b87518a4d [ 88.925598] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.926430] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.927435] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.928317] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.929191] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.930066] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.930948] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.931823] [ 88.932112] irq event stamp: 0 [ 88.932496] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.933249] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.934246] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.935274] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.936031] ---[ end trace 0000000000000000 ]--- [ 88.941378] ------------[ cut here ]------------ [ 88.941851] WARNING: CPU: 1 PID: 766 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.942950] Modules linked in: [ 88.943247] CPU: 1 PID: 766 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.944010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.944986] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.945421] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.946969] RSP: 0018:ffff88801085fbb8 EFLAGS: 00010246 [ 88.947416] RAX: 0000000000000000 RBX: ffff8880170be0a8 RCX: 0000000000000000 [ 88.947997] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 88.948581] RBP: ffff88801085fbd0 R08: ffffed1002e17c33 R09: ffffed1002e17c33 [ 88.949160] R10: ffff8880170be193 R11: ffffed1002e17c32 R12: ffff88801341ec00 [ 88.949738] R13: ffff8880170be1e8 R14: ffffffff8352e670 R15: ffff88801085fe68 [ 88.950315] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.950984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.951473] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ee0 [ 88.952056] PKRU: 55555554 [ 88.952290] Call Trace: [ 88.952500] [ 88.952685] __iommufd_access_detach+0x1c2/0x2b0 [ 88.953089] iommufd_access_change_pt+0x149/0x270 [ 88.953493] iommufd_access_replace+0xb4/0x120 [ 88.953879] iommufd_test+0x3e5/0x37e0 [ 88.954202] ? lock_release+0x532/0x770 [ 88.954558] ? __might_fault+0x102/0x1b0 [ 88.954901] ? lock_acquire+0x427/0x4c0 [ 88.955247] ? __pfx_iommufd_test+0x10/0x10 [ 88.955602] ? __pfx_lock_release+0x10/0x10 [ 88.955966] ? __pfx_lock_acquire+0x10/0x10 [ 88.956331] ? write_comp_data+0x2f/0x90 [ 88.956678] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.957085] ? write_comp_data+0x2f/0x90 [ 88.957430] iommufd_fops_ioctl+0x37d/0x510 [ 88.957790] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.958195] ? write_comp_data+0x2f/0x90 [ 88.958559] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 88.958963] __x64_sys_ioctl+0x1a3/0x230 [ 88.959321] do_syscall_64+0x3b/0x90 [ 88.959641] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.960072] RIP: 0033:0x7f4b8743ee5d [ 88.960377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 88.961881] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 88.962527] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 88.963116] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 88.963700] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 88.964279] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 88.964860] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 88.965447] [ 88.965640] irq event stamp: 0 [ 88.965900] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.966413] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.967125] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.967813] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.968331] ---[ end trace 0000000000000000 ]--- [ 88.971212] ------------[ cut here ]------------ [ 88.971630] WARNING: CPU: 1 PID: 766 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 88.972453] Modules linked in: [ 88.972717] CPU: 1 PID: 766 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 88.973428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 88.974345] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 88.974781] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 88.976276] RSP: 0018:ffff88801085fbd0 EFLAGS: 00010246 [ 88.976717] RAX: 0000000000000000 RBX: ffff8880170be0a8 RCX: 0000000000000000 [ 88.977297] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 88.977878] RBP: ffff88801085fbe8 R08: ffffed1002e17c33 R09: ffffed1002e17c33 [ 88.978458] R10: ffff8880170be193 R11: ffffed1002e17c32 R12: ffff888021bcb800 [ 88.979060] R13: ffff8880170be1e8 R14: ffff888018b9d100 R15: 0000000000000000 [ 88.979654] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 88.980305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.980780] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 88.981364] PKRU: 55555554 [ 88.981598] Call Trace: [ 88.981808] [ 88.981998] iommufd_access_destroy_object+0x65/0x170 [ 88.982431] iommufd_object_destroy_user+0x18e/0x220 [ 88.982870] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 88.983362] iommufd_access_destroy+0x43/0x70 [ 88.983741] iommufd_test_staccess_release+0x8d/0xd0 [ 88.984167] __fput+0x26d/0xa40 [ 88.984456] ____fput+0x1e/0x30 [ 88.984745] task_work_run+0x1a4/0x2d0 [ 88.985073] ? __pfx_task_work_run+0x10/0x10 [ 88.985436] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 88.985840] ? switch_task_namespaces+0xa9/0xe0 [ 88.986233] do_exit+0xb17/0x2ef0 [ 88.986549] ? lock_acquire+0x427/0x4c0 [ 88.986893] ? __pfx_lock_release+0x10/0x10 [ 88.987267] ? __kasan_check_write+0x18/0x20 [ 88.987634] ? do_raw_spin_lock+0x132/0x2a0 [ 88.987988] ? __pfx_do_exit+0x10/0x10 [ 88.988315] ? debug_smp_processor_id+0x20/0x30 [ 88.988699] ? rcu_is_watching+0x19/0xb0 [ 88.989041] ? _raw_spin_unlock_irq+0x2b/0x60 [ 88.989417] ? trace_hardirqs_on+0x26/0x120 [ 88.989779] do_group_exit+0xe0/0x2b0 [ 88.990092] __x64_sys_exit_group+0x47/0x50 [ 88.990443] do_syscall_64+0x3b/0x90 [ 88.990783] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 88.991221] RIP: 0033:0x7f4b87518a4d [ 88.991530] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 88.992034] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 88.992649] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 88.993229] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 88.993805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 88.994382] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 88.994978] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 88.995575] [ 88.995766] irq event stamp: 0 [ 88.996022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 88.996538] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 88.997219] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 88.997893] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 88.998405] ---[ end trace 0000000000000000 ]--- [ 88.999146] ------------[ cut here ]------------ [ 88.999535] WARNING: CPU: 1 PID: 766 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.000363] Modules linked in: [ 89.000628] CPU: 1 PID: 766 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.001338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.002255] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.002701] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.004176] RSP: 0018:ffff88801085fb78 EFLAGS: 00010246 [ 89.004608] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.005170] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 89.005732] RBP: ffff88801085fb98 R08: ffffed1002e17c3e R09: ffffed1002e17c3e [ 89.006294] R10: ffff8880170be1ef R11: ffffed1002e17c3d R12: ffff8880170be290 [ 89.006881] R13: ffff8880170be0a8 R14: ffffffffffffffff R15: ffff88801085fc60 [ 89.007455] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.008091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.008550] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.009115] PKRU: 55555554 [ 89.009342] Call Trace: [ 89.009546] [ 89.009729] iommufd_ioas_destroy+0x53/0x70 [ 89.010086] iommufd_fops_release+0x1f7/0x370 [ 89.010453] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.010877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.011287] ? write_comp_data+0x2f/0x90 [ 89.011628] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.012035] __fput+0x26d/0xa40 [ 89.012318] ____fput+0x1e/0x30 [ 89.012593] task_work_run+0x1a4/0x2d0 [ 89.012914] ? __pfx_task_work_run+0x10/0x10 [ 89.013276] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.013671] ? switch_task_namespaces+0xa9/0xe0 [ 89.014059] do_exit+0xb17/0x2ef0 [ 89.014338] ? lock_acquire+0x427/0x4c0 [ 89.014686] ? __pfx_lock_release+0x10/0x10 [ 89.015039] ? __kasan_check_write+0x18/0x20 [ 89.015407] ? do_raw_spin_lock+0x132/0x2a0 [ 89.015760] ? __pfx_do_exit+0x10/0x10 [ 89.016080] ? debug_smp_processor_id+0x20/0x30 [ 89.016456] ? rcu_is_watching+0x19/0xb0 [ 89.016781] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.017145] ? trace_hardirqs_on+0x26/0x120 [ 89.017492] do_group_exit+0xe0/0x2b0 [ 89.017795] __x64_sys_exit_group+0x47/0x50 [ 89.018132] do_syscall_64+0x3b/0x90 [ 89.018433] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.018870] RIP: 0033:0x7f4b87518a4d [ 89.019174] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.019664] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.020254] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.020804] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.021369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.021923] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.022475] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.023058] [ 89.023252] irq event stamp: 0 [ 89.023502] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.023997] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.024649] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.025299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.025790] ---[ end trace 0000000000000000 ]--- [ 89.029608] ------------[ cut here ]------------ [ 89.030013] WARNING: CPU: 0 PID: 767 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.030832] Modules linked in: [ 89.031083] CPU: 0 PID: 767 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.031762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.032628] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.033009] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.034391] RSP: 0018:ffff888015877bb8 EFLAGS: 00010246 [ 89.034831] RAX: 0000000000000000 RBX: ffff888021b800a8 RCX: 0000000000000000 [ 89.035389] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 89.035934] RBP: ffff888015877bd0 R08: ffffed1004370033 R09: ffffed1004370033 [ 89.036479] R10: ffff888021b80193 R11: ffffed1004370032 R12: ffff888016633400 [ 89.037019] R13: ffff888021b801e8 R14: ffffffff8352e670 R15: ffff888015877e68 [ 89.037565] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.038174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.038631] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ef0 [ 89.039187] PKRU: 55555554 [ 89.039404] Call Trace: [ 89.039601] [ 89.039775] __iommufd_access_detach+0x1c2/0x2b0 [ 89.040151] iommufd_access_change_pt+0x149/0x270 [ 89.040539] iommufd_access_replace+0xb4/0x120 [ 89.040902] iommufd_test+0x3e5/0x37e0 [ 89.041202] ? lock_release+0x532/0x770 [ 89.041517] ? __might_fault+0x102/0x1b0 [ 89.041841] ? lock_acquire+0x427/0x4c0 [ 89.042157] ? __pfx_iommufd_test+0x10/0x10 [ 89.042490] ? __pfx_lock_release+0x10/0x10 [ 89.042863] ? __pfx_lock_acquire+0x10/0x10 [ 89.043219] ? write_comp_data+0x2f/0x90 [ 89.043543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.043927] ? write_comp_data+0x2f/0x90 [ 89.044252] iommufd_fops_ioctl+0x37d/0x510 [ 89.044589] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.044972] ? write_comp_data+0x2f/0x90 [ 89.045298] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.045670] __x64_sys_ioctl+0x1a3/0x230 [ 89.045994] do_syscall_64+0x3b/0x90 [ 89.046289] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.046714] RIP: 0033:0x7f4b8743ee5d [ 89.047010] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.048416] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.049003] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.049556] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.050099] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.050670] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.051233] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.051793] [ 89.051975] irq event stamp: 0 [ 89.052221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.052708] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.053349] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.053990] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.054476] ---[ end trace 0000000000000000 ]--- [ 89.057236] ------------[ cut here ]------------ [ 89.057627] WARNING: CPU: 0 PID: 767 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.058399] Modules linked in: [ 89.058698] CPU: 0 PID: 767 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.059375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.060234] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.060617] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.062006] RSP: 0018:ffff888015877bd0 EFLAGS: 00010246 [ 89.062413] RAX: 0000000000000000 RBX: ffff888021b800a8 RCX: 0000000000000000 [ 89.063011] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 89.063578] RBP: ffff888015877be8 R08: ffffed1004370033 R09: ffffed1004370033 [ 89.064123] R10: ffff888021b80193 R11: ffffed1004370032 R12: ffff88800fca9400 [ 89.064666] R13: ffff888021b801e8 R14: ffff888020985600 R15: 0000000000000000 [ 89.065212] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.065823] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.066266] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 89.066833] PKRU: 55555554 [ 89.067054] Call Trace: [ 89.067268] [ 89.067446] iommufd_access_destroy_object+0x65/0x170 [ 89.067855] iommufd_object_destroy_user+0x18e/0x220 [ 89.068255] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.068714] iommufd_access_destroy+0x43/0x70 [ 89.069077] iommufd_test_staccess_release+0x8d/0xd0 [ 89.069479] __fput+0x26d/0xa40 [ 89.069758] ____fput+0x1e/0x30 [ 89.070027] task_work_run+0x1a4/0x2d0 [ 89.070341] ? __pfx_task_work_run+0x10/0x10 [ 89.070717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.071105] ? switch_task_namespaces+0xa9/0xe0 [ 89.071488] do_exit+0xb17/0x2ef0 [ 89.071759] ? lock_acquire+0x427/0x4c0 [ 89.072077] ? __pfx_lock_release+0x10/0x10 [ 89.072424] ? __kasan_check_write+0x18/0x20 [ 89.072771] ? do_raw_spin_lock+0x132/0x2a0 [ 89.073112] ? __pfx_do_exit+0x10/0x10 [ 89.073427] ? debug_smp_processor_id+0x20/0x30 [ 89.073791] ? rcu_is_watching+0x19/0xb0 [ 89.074109] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.074466] ? trace_hardirqs_on+0x26/0x120 [ 89.074836] do_group_exit+0xe0/0x2b0 [ 89.075153] __x64_sys_exit_group+0x47/0x50 [ 89.075489] do_syscall_64+0x3b/0x90 [ 89.075785] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.076192] RIP: 0033:0x7f4b87518a4d [ 89.076479] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.076949] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.077532] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.078086] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.078657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.079220] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.079772] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.080323] [ 89.080502] irq event stamp: 0 [ 89.080744] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.081229] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.081872] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.082530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.083011] ---[ end trace 0000000000000000 ]--- [ 89.084022] ------------[ cut here ]------------ [ 89.084391] WARNING: CPU: 0 PID: 767 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.085173] Modules linked in: [ 89.085423] CPU: 0 PID: 767 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.086084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.086977] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.087394] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.088805] RSP: 0018:ffff888015877b78 EFLAGS: 00010246 [ 89.089218] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.089764] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 89.090308] RBP: ffff888015877b98 R08: ffffed100437003e R09: ffffed100437003e [ 89.090889] R10: ffff888021b801ef R11: ffffed100437003d R12: ffff888021b80290 [ 89.092048] R13: ffff888021b800a8 R14: ffffffffffffffff R15: ffff888015877c60 [ 89.093078] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.094183] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.094867] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 89.095853] PKRU: 55555554 [ 89.096180] Call Trace: [ 89.096495] [ 89.096933] iommufd_ioas_destroy+0x53/0x70 [ 89.097436] iommufd_fops_release+0x1f7/0x370 [ 89.098112] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.098726] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.099415] ? write_comp_data+0x2f/0x90 [ 89.099893] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.100616] __fput+0x26d/0xa40 [ 89.101015] ____fput+0x1e/0x30 [ 89.101562] task_work_run+0x1a4/0x2d0 [ 89.102019] ? __pfx_task_work_run+0x10/0x10 [ 89.102716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.103293] ? switch_task_namespaces+0xa9/0xe0 [ 89.103878] do_exit+0xb17/0x2ef0 [ 89.104358] ? lock_acquire+0x427/0x4c0 [ 89.104834] ? __pfx_lock_release+0x10/0x10 [ 89.105440] ? __kasan_check_write+0x18/0x20 [ 89.106089] ? do_raw_spin_lock+0x132/0x2a0 [ 89.106626] ? __pfx_do_exit+0x10/0x10 [ 89.107084] ? debug_smp_processor_id+0x20/0x30 [ 89.107789] ? rcu_is_watching+0x19/0xb0 [ 89.108255] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.108911] ? trace_hardirqs_on+0x26/0x120 [ 89.109427] do_group_exit+0xe0/0x2b0 [ 89.109969] __x64_sys_exit_group+0x47/0x50 [ 89.110456] do_syscall_64+0x3b/0x90 [ 89.111057] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.111661] RIP: 0033:0x7f4b87518a4d [ 89.112245] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.112934] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.113924] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.114895] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.115843] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.116649] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.117557] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.118500] [ 89.118813] irq event stamp: 0 [ 89.119434] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.120141] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.121235] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.122307] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.123252] ---[ end trace 0000000000000000 ]--- [ 89.127148] ------------[ cut here ]------------ [ 89.127522] WARNING: CPU: 0 PID: 768 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.128607] Modules linked in: [ 89.128864] CPU: 0 PID: 768 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.129781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.130825] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.131238] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.132698] RSP: 0018:ffff8880120f7bb8 EFLAGS: 00010246 [ 89.133125] RAX: 0000000000000000 RBX: ffff88800b3190a8 RCX: 0000000000000000 [ 89.133691] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 89.134259] RBP: ffff8880120f7bd0 R08: ffffed1001663233 R09: ffffed1001663233 [ 89.134854] R10: ffff88800b319193 R11: ffffed1001663232 R12: ffff888021bac800 [ 89.135443] R13: ffff88800b3191e8 R14: ffffffff8352e670 R15: ffff8880120f7e68 [ 89.136018] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.136665] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.137133] CR2: 00007f4b877410e8 CR3: 0000000015bd8000 CR4: 0000000000750ef0 [ 89.137706] PKRU: 55555554 [ 89.137937] Call Trace: [ 89.138143] [ 89.138326] __iommufd_access_detach+0x1c2/0x2b0 [ 89.138739] iommufd_access_change_pt+0x149/0x270 [ 89.139153] iommufd_access_replace+0xb4/0x120 [ 89.139534] iommufd_test+0x3e5/0x37e0 [ 89.139849] ? lock_release+0x532/0x770 [ 89.140184] ? __might_fault+0x102/0x1b0 [ 89.140520] ? lock_acquire+0x427/0x4c0 [ 89.140851] ? __pfx_iommufd_test+0x10/0x10 [ 89.141197] ? __pfx_lock_release+0x10/0x10 [ 89.141559] ? __pfx_lock_acquire+0x10/0x10 [ 89.141917] ? write_comp_data+0x2f/0x90 [ 89.142257] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.142678] ? write_comp_data+0x2f/0x90 [ 89.143029] iommufd_fops_ioctl+0x37d/0x510 [ 89.143402] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.143806] ? write_comp_data+0x2f/0x90 [ 89.144146] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.144540] __x64_sys_ioctl+0x1a3/0x230 [ 89.144881] do_syscall_64+0x3b/0x90 [ 89.145195] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.145622] RIP: 0033:0x7f4b8743ee5d [ 89.145931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.147442] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.148061] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.148628] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.149191] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.149754] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.150317] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.150909] [ 89.151099] irq event stamp: 0 [ 89.151368] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.151875] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.152550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.153206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.153705] ---[ end trace 0000000000000000 ]--- [ 89.156806] ------------[ cut here ]------------ [ 89.157234] WARNING: CPU: 0 PID: 768 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.158160] Modules linked in: [ 89.158425] CPU: 0 PID: 768 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.159381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.160270] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.160819] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.162394] RSP: 0018:ffff8880120f7bd0 EFLAGS: 00010246 [ 89.162882] RAX: 0000000000000000 RBX: ffff88800b3190a8 RCX: 0000000000000000 [ 89.163534] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 89.164122] RBP: ffff8880120f7be8 R08: ffffed1001663233 R09: ffffed1001663233 [ 89.164810] R10: ffff88800b319193 R11: ffffed1001663232 R12: ffff888016631800 [ 89.165423] R13: ffff88800b3191e8 R14: ffff88800f046100 R15: 0000000000000000 [ 89.166091] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.166754] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.167235] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 89.167810] PKRU: 55555554 [ 89.168045] Call Trace: [ 89.168253] [ 89.168439] iommufd_access_destroy_object+0x65/0x170 [ 89.168864] iommufd_object_destroy_user+0x18e/0x220 [ 89.169283] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.169753] iommufd_access_destroy+0x43/0x70 [ 89.170117] iommufd_test_staccess_release+0x8d/0xd0 [ 89.170551] __fput+0x26d/0xa40 [ 89.170831] ____fput+0x1e/0x30 [ 89.171116] task_work_run+0x1a4/0x2d0 [ 89.171439] ? __pfx_task_work_run+0x10/0x10 [ 89.171795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.172189] ? switch_task_namespaces+0xa9/0xe0 [ 89.172574] do_exit+0xb17/0x2ef0 [ 89.172860] ? lock_acquire+0x427/0x4c0 [ 89.173190] ? __pfx_lock_release+0x10/0x10 [ 89.173539] ? __kasan_check_write+0x18/0x20 [ 89.173897] ? do_raw_spin_lock+0x132/0x2a0 [ 89.174248] ? __pfx_do_exit+0x10/0x10 [ 89.174588] ? debug_smp_processor_id+0x20/0x30 [ 89.174971] ? rcu_is_watching+0x19/0xb0 [ 89.175307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.175678] ? trace_hardirqs_on+0x26/0x120 [ 89.176038] do_group_exit+0xe0/0x2b0 [ 89.176352] __x64_sys_exit_group+0x47/0x50 [ 89.176694] do_syscall_64+0x3b/0x90 [ 89.177001] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.177419] RIP: 0033:0x7f4b87518a4d [ 89.177719] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.178217] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.178851] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.179426] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.179996] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.180557] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.181118] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.181685] [ 89.181871] irq event stamp: 0 [ 89.182122] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.182638] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.183310] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.183971] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.184470] ---[ end trace 0000000000000000 ]--- [ 89.185176] ------------[ cut here ]------------ [ 89.185552] WARNING: CPU: 0 PID: 768 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.186350] Modules linked in: [ 89.186640] CPU: 0 PID: 768 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.187344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.188232] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.188639] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.190101] RSP: 0018:ffff8880120f7b78 EFLAGS: 00010246 [ 89.190542] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.191115] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 89.191689] RBP: ffff8880120f7b98 R08: ffffed100166323e R09: ffffed100166323e [ 89.192254] R10: ffff88800b3191ef R11: ffffed100166323d R12: ffff88800b319290 [ 89.192813] R13: ffff88800b3190a8 R14: ffffffffffffffff R15: ffff8880120f7c60 [ 89.193377] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.194021] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.194480] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 89.195078] PKRU: 55555554 [ 89.195320] Call Trace: [ 89.195524] [ 89.195707] iommufd_ioas_destroy+0x53/0x70 [ 89.196060] iommufd_fops_release+0x1f7/0x370 [ 89.196429] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.196833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.197234] ? write_comp_data+0x2f/0x90 [ 89.197567] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.197972] __fput+0x26d/0xa40 [ 89.198249] ____fput+0x1e/0x30 [ 89.198542] task_work_run+0x1a4/0x2d0 [ 89.198860] ? __pfx_task_work_run+0x10/0x10 [ 89.199227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.199621] ? switch_task_namespaces+0xa9/0xe0 [ 89.200003] do_exit+0xb17/0x2ef0 [ 89.200282] ? lock_acquire+0x427/0x4c0 [ 89.200608] ? __pfx_lock_release+0x10/0x10 [ 89.200962] ? __kasan_check_write+0x18/0x20 [ 89.201312] ? do_raw_spin_lock+0x132/0x2a0 [ 89.201656] ? __pfx_do_exit+0x10/0x10 [ 89.201977] ? debug_smp_processor_id+0x20/0x30 [ 89.202353] ? rcu_is_watching+0x19/0xb0 [ 89.202707] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.203087] ? trace_hardirqs_on+0x26/0x120 [ 89.203451] do_group_exit+0xe0/0x2b0 [ 89.203766] __x64_sys_exit_group+0x47/0x50 [ 89.204116] do_syscall_64+0x3b/0x90 [ 89.204425] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.204850] RIP: 0033:0x7f4b87518a4d [ 89.205152] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.205642] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.206241] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.206838] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.207414] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.207977] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.208539] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.209110] [ 89.209301] irq event stamp: 0 [ 89.209555] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.210056] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.210759] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.211432] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.211932] ---[ end trace 0000000000000000 ]--- [ 89.216337] ------------[ cut here ]------------ [ 89.216744] WARNING: CPU: 0 PID: 769 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.217538] Modules linked in: [ 89.217794] CPU: 0 PID: 769 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.218475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.219412] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.219812] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.221247] RSP: 0018:ffff88800fc3fbb8 EFLAGS: 00010246 [ 89.221671] RAX: 0000000000000000 RBX: ffff888011d9f8a8 RCX: 0000000000000000 [ 89.222230] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 89.222815] RBP: ffff88800fc3fbd0 R08: ffffed10023b3f33 R09: ffffed10023b3f33 [ 89.223385] R10: ffff888011d9f993 R11: ffffed10023b3f32 R12: ffff888021bc9c00 [ 89.223951] R13: ffff888011d9f9e8 R14: ffffffff8352e670 R15: ffff88800fc3fe68 [ 89.224510] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.225148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.225605] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 89.226167] PKRU: 55555554 [ 89.226396] Call Trace: [ 89.226627] [ 89.226816] __iommufd_access_detach+0x1c2/0x2b0 [ 89.227239] iommufd_access_change_pt+0x149/0x270 [ 89.227634] iommufd_access_replace+0xb4/0x120 [ 89.228009] iommufd_test+0x3e5/0x37e0 [ 89.228320] ? lock_release+0x532/0x770 [ 89.228649] ? __might_fault+0x102/0x1b0 [ 89.228980] ? lock_acquire+0x427/0x4c0 [ 89.229306] ? __pfx_iommufd_test+0x10/0x10 [ 89.229650] ? __pfx_lock_release+0x10/0x10 [ 89.230002] ? __pfx_lock_acquire+0x10/0x10 [ 89.230357] ? write_comp_data+0x2f/0x90 [ 89.230719] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.231132] ? write_comp_data+0x2f/0x90 [ 89.231468] iommufd_fops_ioctl+0x37d/0x510 [ 89.231820] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.232219] ? write_comp_data+0x2f/0x90 [ 89.232556] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.232948] __x64_sys_ioctl+0x1a3/0x230 [ 89.233287] do_syscall_64+0x3b/0x90 [ 89.233595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.234017] RIP: 0033:0x7f4b8743ee5d [ 89.234322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.235826] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.236441] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.237005] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.237563] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.238124] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.238701] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.239286] [ 89.239473] irq event stamp: 0 [ 89.239732] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.240240] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.240913] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.241579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.242080] ---[ end trace 0000000000000000 ]--- [ 89.244874] ------------[ cut here ]------------ [ 89.245287] WARNING: CPU: 0 PID: 769 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.246085] Modules linked in: [ 89.246350] CPU: 0 PID: 769 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.247088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.247995] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.248392] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.249836] RSP: 0018:ffff88800fc3fbd0 EFLAGS: 00010246 [ 89.250260] RAX: 0000000000000000 RBX: ffff888011d9f8a8 RCX: 0000000000000000 [ 89.250841] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 89.251412] RBP: ffff88800fc3fbe8 R08: ffffed10023b3f33 R09: ffffed10023b3f33 [ 89.251974] R10: ffff888011d9f993 R11: ffffed10023b3f32 R12: ffff888021baec00 [ 89.252533] R13: ffff888011d9f9e8 R14: ffff88800f94be00 R15: 0000000000000000 [ 89.253100] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.253735] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.254201] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 89.254795] PKRU: 55555554 [ 89.255033] Call Trace: [ 89.255252] [ 89.255433] iommufd_access_destroy_object+0x65/0x170 [ 89.255852] iommufd_object_destroy_user+0x18e/0x220 [ 89.256261] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.256726] iommufd_access_destroy+0x43/0x70 [ 89.257092] iommufd_test_staccess_release+0x8d/0xd0 [ 89.257502] __fput+0x26d/0xa40 [ 89.257780] ____fput+0x1e/0x30 [ 89.258053] task_work_run+0x1a4/0x2d0 [ 89.258373] ? __pfx_task_work_run+0x10/0x10 [ 89.258754] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.259161] ? switch_task_namespaces+0xa9/0xe0 [ 89.259546] do_exit+0xb17/0x2ef0 [ 89.259827] ? lock_acquire+0x427/0x4c0 [ 89.260151] ? __pfx_lock_release+0x10/0x10 [ 89.260501] ? __kasan_check_write+0x18/0x20 [ 89.260858] ? do_raw_spin_lock+0x132/0x2a0 [ 89.261205] ? __pfx_do_exit+0x10/0x10 [ 89.261523] ? debug_smp_processor_id+0x20/0x30 [ 89.261896] ? rcu_is_watching+0x19/0xb0 [ 89.262221] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.262605] ? trace_hardirqs_on+0x26/0x120 [ 89.262956] do_group_exit+0xe0/0x2b0 [ 89.263273] __x64_sys_exit_group+0x47/0x50 [ 89.263618] do_syscall_64+0x3b/0x90 [ 89.263929] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.264347] RIP: 0033:0x7f4b87518a4d [ 89.264642] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.265129] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.265732] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.266294] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.266885] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.267462] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.268025] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.268598] [ 89.268793] irq event stamp: 0 [ 89.269048] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.269554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.270216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.270902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.271407] ---[ end trace 0000000000000000 ]--- [ 89.272106] ------------[ cut here ]------------ [ 89.272483] WARNING: CPU: 0 PID: 769 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.273283] Modules linked in: [ 89.273539] CPU: 0 PID: 769 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.274227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.275165] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.275592] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.277065] RSP: 0018:ffff88800fc3fb78 EFLAGS: 00010246 [ 89.277497] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.278074] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 89.278669] RBP: ffff88800fc3fb98 R08: ffffed10023b3f3e R09: ffffed10023b3f3e [ 89.279241] R10: ffff888011d9f9ef R11: ffffed10023b3f3d R12: ffff888011d9fa90 [ 89.279816] R13: ffff888011d9f8a8 R14: ffffffffffffffff R15: ffff88800fc3fc60 [ 89.280377] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.281009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.281468] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 89.282042] PKRU: 55555554 [ 89.282276] Call Trace: [ 89.282484] [ 89.282691] iommufd_ioas_destroy+0x53/0x70 [ 89.283047] iommufd_fops_release+0x1f7/0x370 [ 89.283440] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.283848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.284250] ? write_comp_data+0x2f/0x90 [ 89.284585] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.284982] __fput+0x26d/0xa40 [ 89.285263] ____fput+0x1e/0x30 [ 89.285536] task_work_run+0x1a4/0x2d0 [ 89.285859] ? __pfx_task_work_run+0x10/0x10 [ 89.286219] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.286635] ? switch_task_namespaces+0xa9/0xe0 [ 89.287022] do_exit+0xb17/0x2ef0 [ 89.287319] ? lock_acquire+0x427/0x4c0 [ 89.287658] ? __pfx_lock_release+0x10/0x10 [ 89.288011] ? __kasan_check_write+0x18/0x20 [ 89.288364] ? do_raw_spin_lock+0x132/0x2a0 [ 89.288711] ? __pfx_do_exit+0x10/0x10 [ 89.289027] ? debug_smp_processor_id+0x20/0x30 [ 89.289396] ? rcu_is_watching+0x19/0xb0 [ 89.289721] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.290085] ? trace_hardirqs_on+0x26/0x120 [ 89.290434] do_group_exit+0xe0/0x2b0 [ 89.290757] __x64_sys_exit_group+0x47/0x50 [ 89.291102] do_syscall_64+0x3b/0x90 [ 89.291419] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.291855] RIP: 0033:0x7f4b87518a4d [ 89.292160] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.292643] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.293229] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.293776] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.294322] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.294902] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.295468] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.296029] [ 89.296214] irq event stamp: 0 [ 89.296463] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.296952] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.297590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.298230] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.298747] ---[ end trace 0000000000000000 ]--- [ 89.304135] ------------[ cut here ]------------ [ 89.304724] WARNING: CPU: 1 PID: 770 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.305842] Modules linked in: [ 89.306209] CPU: 1 PID: 770 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.307486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.308381] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.308766] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.310155] RSP: 0018:ffff888015877bb8 EFLAGS: 00010246 [ 89.310579] RAX: 0000000000000000 RBX: ffff888015e678a8 RCX: 0000000000000000 [ 89.311140] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 89.311681] RBP: ffff888015877bd0 R08: ffffed1002bccf33 R09: ffffed1002bccf33 [ 89.312222] R10: ffff888015e67993 R11: ffffed1002bccf32 R12: ffff888013af8800 [ 89.312764] R13: ffff888015e679e8 R14: ffffffff8352e670 R15: ffff888015877e68 [ 89.313309] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.313924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.314364] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ee0 [ 89.314923] PKRU: 55555554 [ 89.315151] Call Trace: [ 89.315349] [ 89.315524] __iommufd_access_detach+0x1c2/0x2b0 [ 89.315901] iommufd_access_change_pt+0x149/0x270 [ 89.316283] iommufd_access_replace+0xb4/0x120 [ 89.316645] iommufd_test+0x3e5/0x37e0 [ 89.316945] ? lock_release+0x532/0x770 [ 89.317261] ? __might_fault+0x102/0x1b0 [ 89.317579] ? lock_acquire+0x427/0x4c0 [ 89.317893] ? __pfx_iommufd_test+0x10/0x10 [ 89.318222] ? __pfx_lock_release+0x10/0x10 [ 89.318575] ? __pfx_lock_acquire+0x10/0x10 [ 89.318918] ? write_comp_data+0x2f/0x90 [ 89.319249] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.319630] ? write_comp_data+0x2f/0x90 [ 89.319953] iommufd_fops_ioctl+0x37d/0x510 [ 89.320288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.320669] ? write_comp_data+0x2f/0x90 [ 89.320990] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.321364] __x64_sys_ioctl+0x1a3/0x230 [ 89.321687] do_syscall_64+0x3b/0x90 [ 89.321986] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.322389] RIP: 0033:0x7f4b8743ee5d [ 89.322692] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.324091] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.324674] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.325219] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.325768] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.326313] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.326872] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.327433] [ 89.327617] irq event stamp: 0 [ 89.327862] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.328344] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.328997] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.329618] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.330086] ---[ end trace 0000000000000000 ]--- [ 89.332838] ------------[ cut here ]------------ [ 89.333223] WARNING: CPU: 1 PID: 770 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.333974] Modules linked in: [ 89.334214] CPU: 1 PID: 770 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.334881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.335726] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.336111] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.337506] RSP: 0018:ffff888015877bd0 EFLAGS: 00010246 [ 89.337907] RAX: 0000000000000000 RBX: ffff888015e678a8 RCX: 0000000000000000 [ 89.338439] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 89.339212] RBP: ffff888015877be8 R08: ffffed1002bccf33 R09: ffffed1002bccf33 [ 89.339749] R10: ffff888015e67993 R11: ffffed1002bccf32 R12: ffff88801341e400 [ 89.340282] R13: ffff888015e679e8 R14: ffff888020a70a00 R15: 0000000000000000 [ 89.340816] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.341416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.341852] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.342385] PKRU: 55555554 [ 89.342614] Call Trace: [ 89.342808] [ 89.342982] iommufd_access_destroy_object+0x65/0x170 [ 89.343382] iommufd_object_destroy_user+0x18e/0x220 [ 89.343772] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.344204] iommufd_access_destroy+0x43/0x70 [ 89.344542] iommufd_test_staccess_release+0x8d/0xd0 [ 89.344921] __fput+0x26d/0xa40 [ 89.345179] ____fput+0x1e/0x30 [ 89.345434] task_work_run+0x1a4/0x2d0 [ 89.345740] ? __pfx_task_work_run+0x10/0x10 [ 89.346068] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.346432] ? switch_task_namespaces+0xa9/0xe0 [ 89.346802] do_exit+0xb17/0x2ef0 [ 89.347064] ? lock_acquire+0x427/0x4c0 [ 89.347379] ? __pfx_lock_release+0x10/0x10 [ 89.347718] ? __kasan_check_write+0x18/0x20 [ 89.348055] ? do_raw_spin_lock+0x132/0x2a0 [ 89.348473] ? __pfx_do_exit+0x10/0x10 [ 89.348855] ? debug_smp_processor_id+0x20/0x30 [ 89.349206] ? rcu_is_watching+0x19/0xb0 [ 89.349525] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.349967] ? trace_hardirqs_on+0x26/0x120 [ 89.350294] do_group_exit+0xe0/0x2b0 [ 89.350602] __x64_sys_exit_group+0x47/0x50 [ 89.351024] do_syscall_64+0x3b/0x90 [ 89.351323] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.351717] RIP: 0033:0x7f4b87518a4d [ 89.352022] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.352550] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.353137] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.353729] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.354295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.354877] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.355414] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.355952] [ 89.356188] irq event stamp: 0 [ 89.356484] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.356951] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.357672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.358288] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.358887] ---[ end trace 0000000000000000 ]--- [ 89.359766] ------------[ cut here ]------------ [ 89.360151] WARNING: CPU: 1 PID: 770 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.360961] Modules linked in: [ 89.361216] CPU: 1 PID: 770 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.361944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.362923] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.363325] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.364807] RSP: 0018:ffff888015877b78 EFLAGS: 00010246 [ 89.365210] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.365854] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 89.366388] RBP: ffff888015877b98 R08: ffffed1002bccf3e R09: ffffed1002bccf3e [ 89.367049] R10: ffff888015e679ef R11: ffffed1002bccf3d R12: ffff888015e67a90 [ 89.367599] R13: ffff888015e678a8 R14: ffffffffffffffff R15: ffff888015877c60 [ 89.368199] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.368851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.369307] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.369923] PKRU: 55555554 [ 89.370137] Call Trace: [ 89.370330] [ 89.370541] iommufd_ioas_destroy+0x53/0x70 [ 89.370925] iommufd_fops_release+0x1f7/0x370 [ 89.371277] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.371660] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.372057] ? write_comp_data+0x2f/0x90 [ 89.372466] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.372862] __fput+0x26d/0xa40 [ 89.373136] ____fput+0x1e/0x30 [ 89.373402] task_work_run+0x1a4/0x2d0 [ 89.373732] ? __pfx_task_work_run+0x10/0x10 [ 89.374171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.374574] ? switch_task_namespaces+0xa9/0xe0 [ 89.374946] do_exit+0xb17/0x2ef0 [ 89.375230] ? lock_acquire+0x427/0x4c0 [ 89.375557] ? __pfx_lock_release+0x10/0x10 [ 89.375931] ? __kasan_check_write+0x18/0x20 [ 89.376348] ? do_raw_spin_lock+0x132/0x2a0 [ 89.376695] ? __pfx_do_exit+0x10/0x10 [ 89.377014] ? debug_smp_processor_id+0x20/0x30 [ 89.377387] ? rcu_is_watching+0x19/0xb0 [ 89.377829] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.378195] ? trace_hardirqs_on+0x26/0x120 [ 89.378560] do_group_exit+0xe0/0x2b0 [ 89.378917] __x64_sys_exit_group+0x47/0x50 [ 89.379374] do_syscall_64+0x3b/0x90 [ 89.379683] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.380105] RIP: 0033:0x7f4b87518a4d [ 89.380427] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.381017] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.381608] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.382188] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.382850] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.383414] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.383966] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.384651] [ 89.384834] irq event stamp: 0 [ 89.385085] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.385587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.386385] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.387095] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.387626] ---[ end trace 0000000000000000 ]--- [ 89.391508] ------------[ cut here ]------------ [ 89.392078] WARNING: CPU: 1 PID: 771 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.392898] Modules linked in: [ 89.393163] CPU: 1 PID: 771 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.394031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.394978] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.395565] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.397065] RSP: 0018:ffff88801479fbb8 EFLAGS: 00010246 [ 89.397501] RAX: 0000000000000000 RBX: ffff888016e778a8 RCX: 0000000000000000 [ 89.398086] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 89.398866] RBP: ffff88801479fbd0 R08: ffffed1002dcef33 R09: ffffed1002dcef33 [ 89.399470] R10: ffff888016e77993 R11: ffffed1002dcef32 R12: ffff8880140fd400 [ 89.400092] R13: ffff888016e779e8 R14: ffffffff8352e670 R15: ffff88801479fe68 [ 89.400710] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.401509] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.402117] CR2: 00007f4b877410e8 CR3: 0000000014082000 CR4: 0000000000750ee0 [ 89.402762] PKRU: 55555554 [ 89.403015] Call Trace: [ 89.403250] [ 89.403455] __iommufd_access_detach+0x1c2/0x2b0 [ 89.403897] iommufd_access_change_pt+0x149/0x270 [ 89.404372] iommufd_access_replace+0xb4/0x120 [ 89.404914] iommufd_test+0x3e5/0x37e0 [ 89.405260] ? lock_release+0x532/0x770 [ 89.405617] ? __might_fault+0x102/0x1b0 [ 89.405979] ? lock_acquire+0x427/0x4c0 [ 89.406336] ? __pfx_iommufd_test+0x10/0x10 [ 89.406748] ? __pfx_lock_release+0x10/0x10 [ 89.407148] ? __pfx_lock_acquire+0x10/0x10 [ 89.407543] ? write_comp_data+0x2f/0x90 [ 89.408069] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.408507] ? write_comp_data+0x2f/0x90 [ 89.408877] iommufd_fops_ioctl+0x37d/0x510 [ 89.409271] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.409714] ? write_comp_data+0x2f/0x90 [ 89.410193] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.410749] __x64_sys_ioctl+0x1a3/0x230 [ 89.411129] do_syscall_64+0x3b/0x90 [ 89.411469] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.411932] RIP: 0033:0x7f4b8743ee5d [ 89.412263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.413993] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.414695] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.415329] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.415955] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.416781] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.417401] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.418030] [ 89.418243] irq event stamp: 0 [ 89.418638] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.419286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.420015] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.420736] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.421291] ---[ end trace 0000000000000000 ]--- [ 89.424500] ------------[ cut here ]------------ [ 89.424966] WARNING: CPU: 1 PID: 771 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.425916] Modules linked in: [ 89.426229] CPU: 1 PID: 771 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.427406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.428458] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.428934] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.430837] RSP: 0018:ffff88801479fbd0 EFLAGS: 00010246 [ 89.431355] RAX: 0000000000000000 RBX: ffff888016e778a8 RCX: 0000000000000000 [ 89.432020] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 89.432682] RBP: ffff88801479fbe8 R08: ffffed1002dcef33 R09: ffffed1002dcef33 [ 89.433479] R10: ffff888016e77993 R11: ffffed1002dcef32 R12: ffff888013afac00 [ 89.434334] R13: ffff888016e779e8 R14: ffff888013824500 R15: 0000000000000000 [ 89.435028] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.435786] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.436327] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 89.437147] PKRU: 55555554 [ 89.437523] Call Trace: [ 89.437764] [ 89.437981] iommufd_access_destroy_object+0x65/0x170 [ 89.438475] iommufd_object_destroy_user+0x18e/0x220 [ 89.439006] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.439581] iommufd_access_destroy+0x43/0x70 [ 89.440047] iommufd_test_staccess_release+0x8d/0xd0 [ 89.440659] __fput+0x26d/0xa40 [ 89.441143] ____fput+0x1e/0x30 [ 89.441468] task_work_run+0x1a4/0x2d0 [ 89.441847] ? __pfx_task_work_run+0x10/0x10 [ 89.442274] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.442781] ? switch_task_namespaces+0xa9/0xe0 [ 89.443251] do_exit+0xb17/0x2ef0 [ 89.443585] ? lock_acquire+0x427/0x4c0 [ 89.444086] ? __pfx_lock_release+0x10/0x10 [ 89.444672] ? __kasan_check_write+0x18/0x20 [ 89.445095] ? do_raw_spin_lock+0x132/0x2a0 [ 89.445509] ? __pfx_do_exit+0x10/0x10 [ 89.445891] ? debug_smp_processor_id+0x20/0x30 [ 89.446338] ? rcu_is_watching+0x19/0xb0 [ 89.446761] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.447392] ? trace_hardirqs_on+0x26/0x120 [ 89.447814] do_group_exit+0xe0/0x2b0 [ 89.448177] __x64_sys_exit_group+0x47/0x50 [ 89.448588] do_syscall_64+0x3b/0x90 [ 89.448964] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.449458] RIP: 0033:0x7f4b87518a4d [ 89.449819] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.450555] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.451488] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.452235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.452968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.453746] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.454754] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.455714] [ 89.455964] irq event stamp: 0 [ 89.456288] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.456932] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.457797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.458824] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.459771] ---[ end trace 0000000000000000 ]--- [ 89.460806] ------------[ cut here ]------------ [ 89.461301] WARNING: CPU: 1 PID: 771 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.462378] Modules linked in: [ 89.462907] CPU: 1 PID: 771 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.464329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.465829] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.466706] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.469251] RSP: 0018:ffff88801479fb78 EFLAGS: 00010246 [ 89.470242] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.471304] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 89.472256] RBP: ffff88801479fb98 R08: ffffed1002dcef3e R09: ffffed1002dcef3e [ 89.473412] R10: ffff888016e779ef R11: ffffed1002dcef3d R12: ffff888016e77a90 [ 89.474357] R13: ffff888016e778a8 R14: ffffffffffffffff R15: ffff88801479fc60 [ 89.475512] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.476696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.477474] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 89.478599] PKRU: 55555554 [ 89.479097] Call Trace: [ 89.479467] [ 89.479779] iommufd_ioas_destroy+0x53/0x70 [ 89.480375] iommufd_fops_release+0x1f7/0x370 [ 89.480994] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.481785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.482676] ? write_comp_data+0x2f/0x90 [ 89.483273] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.483955] __fput+0x26d/0xa40 [ 89.484420] ____fput+0x1e/0x30 [ 89.484880] task_work_run+0x1a4/0x2d0 [ 89.485416] ? __pfx_task_work_run+0x10/0x10 [ 89.486020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.486739] ? switch_task_namespaces+0xa9/0xe0 [ 89.487408] do_exit+0xb17/0x2ef0 [ 89.487866] ? lock_acquire+0x427/0x4c0 [ 89.488396] ? __pfx_lock_release+0x10/0x10 [ 89.488968] ? __kasan_check_write+0x18/0x20 [ 89.489561] ? do_raw_spin_lock+0x132/0x2a0 [ 89.490137] ? __pfx_do_exit+0x10/0x10 [ 89.490709] ? debug_smp_processor_id+0x20/0x30 [ 89.491339] ? rcu_is_watching+0x19/0xb0 [ 89.491880] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.492494] ? trace_hardirqs_on+0x26/0x120 [ 89.493075] do_group_exit+0xe0/0x2b0 [ 89.493573] __x64_sys_exit_group+0x47/0x50 [ 89.494132] do_syscall_64+0x3b/0x90 [ 89.494708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.495438] RIP: 0033:0x7f4b87518a4d [ 89.495933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.496728] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.497704] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.498680] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.499660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.500583] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.501511] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.502447] [ 89.502813] irq event stamp: 0 [ 89.503253] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.504071] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.505150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.506213] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.507085] ---[ end trace 0000000000000000 ]--- [ 89.514419] ------------[ cut here ]------------ [ 89.515169] WARNING: CPU: 1 PID: 772 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.516514] Modules linked in: [ 89.516952] CPU: 1 PID: 772 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.518096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.519666] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.520349] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.522836] RSP: 0018:ffff888016707bb8 EFLAGS: 00010246 [ 89.523599] RAX: 0000000000000000 RBX: ffff888021ace8a8 RCX: 0000000000000000 [ 89.524546] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 89.525489] RBP: ffff888016707bd0 R08: ffffed1004359d33 R09: ffffed1004359d33 [ 89.526433] R10: ffff888021ace993 R11: ffffed1004359d32 R12: ffff88801890ec00 [ 89.527469] R13: ffff888021ace9e8 R14: ffffffff8352e670 R15: ffff888016707e68 [ 89.528424] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.529489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.530257] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ee0 [ 89.531284] PKRU: 55555554 [ 89.531674] Call Trace: [ 89.532027] [ 89.532339] __iommufd_access_detach+0x1c2/0x2b0 [ 89.533003] iommufd_access_change_pt+0x149/0x270 [ 89.533664] iommufd_access_replace+0xb4/0x120 [ 89.534296] iommufd_test+0x3e5/0x37e0 [ 89.534877] ? lock_release+0x532/0x770 [ 89.535466] ? __might_fault+0x102/0x1b0 [ 89.536031] ? lock_acquire+0x427/0x4c0 [ 89.536583] ? __pfx_iommufd_test+0x10/0x10 [ 89.537163] ? __pfx_lock_release+0x10/0x10 [ 89.537756] ? __pfx_lock_acquire+0x10/0x10 [ 89.538350] ? write_comp_data+0x2f/0x90 [ 89.538975] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.539677] ? write_comp_data+0x2f/0x90 [ 89.540245] iommufd_fops_ioctl+0x37d/0x510 [ 89.540840] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.541510] ? write_comp_data+0x2f/0x90 [ 89.542078] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.542789] __x64_sys_ioctl+0x1a3/0x230 [ 89.543387] do_syscall_64+0x3b/0x90 [ 89.543909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.544612] RIP: 0033:0x7f4b8743ee5d [ 89.545117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.547613] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.548634] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.549590] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.550601] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.551584] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.552531] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.553487] [ 89.553807] irq event stamp: 0 [ 89.554234] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.555162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.556279] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.557390] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.558221] ---[ end trace 0000000000000000 ]--- [ 89.563354] ------------[ cut here ]------------ [ 89.564028] WARNING: CPU: 1 PID: 772 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.565352] Modules linked in: [ 89.565780] CPU: 1 PID: 772 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.567010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.568559] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.569264] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.571793] RSP: 0018:ffff888016707bd0 EFLAGS: 00010246 [ 89.572552] RAX: 0000000000000000 RBX: ffff888021ace8a8 RCX: 0000000000000000 [ 89.573528] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 89.574563] RBP: ffff888016707be8 R08: ffffed1004359d33 R09: ffffed1004359d33 [ 89.575585] R10: ffff888021ace993 R11: ffffed1004359d32 R12: ffff8880140ff400 [ 89.576565] R13: ffff888021ace9e8 R14: ffff888021826100 R15: 0000000000000000 [ 89.577548] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.578706] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.579548] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.580532] PKRU: 55555554 [ 89.580947] Call Trace: [ 89.581320] [ 89.581650] iommufd_access_destroy_object+0x65/0x170 [ 89.582383] iommufd_object_destroy_user+0x18e/0x220 [ 89.583203] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.584041] iommufd_access_destroy+0x43/0x70 [ 89.584695] iommufd_test_staccess_release+0x8d/0xd0 [ 89.585427] __fput+0x26d/0xa40 [ 89.585936] ____fput+0x1e/0x30 [ 89.586427] task_work_run+0x1a4/0x2d0 [ 89.587038] ? __pfx_task_work_run+0x10/0x10 [ 89.587698] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.588394] ? switch_task_namespaces+0xa9/0xe0 [ 89.589080] do_exit+0xb17/0x2ef0 [ 89.589585] ? lock_acquire+0x427/0x4c0 [ 89.590160] ? __pfx_lock_release+0x10/0x10 [ 89.590840] ? __kasan_check_write+0x18/0x20 [ 89.591498] ? do_raw_spin_lock+0x132/0x2a0 [ 89.592101] ? __pfx_do_exit+0x10/0x10 [ 89.592667] ? debug_smp_processor_id+0x20/0x30 [ 89.593336] ? rcu_is_watching+0x19/0xb0 [ 89.593914] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.594611] ? trace_hardirqs_on+0x26/0x120 [ 89.595267] do_group_exit+0xe0/0x2b0 [ 89.595818] __x64_sys_exit_group+0x47/0x50 [ 89.596433] do_syscall_64+0x3b/0x90 [ 89.596981] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.597725] RIP: 0033:0x7f4b87518a4d [ 89.598255] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.599189] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.600240] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.601216] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.602194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.603272] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.604251] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.605248] [ 89.605595] irq event stamp: 0 [ 89.606032] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.606962] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.608135] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.609244] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.610384] ---[ end trace 0000000000000000 ]--- [ 89.611816] ------------[ cut here ]------------ [ 89.612455] WARNING: CPU: 1 PID: 772 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.614008] Modules linked in: [ 89.614446] CPU: 1 PID: 772 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.615757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.617330] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.618024] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.620727] RSP: 0018:ffff888016707b78 EFLAGS: 00010246 [ 89.621444] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.622634] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 89.623591] RBP: ffff888016707b98 R08: ffffed1004359d3e R09: ffffed1004359d3e [ 89.624549] R10: ffff888021ace9ef R11: ffffed1004359d3d R12: ffff888021acea90 [ 89.625656] R13: ffff888021ace8a8 R14: ffffffffffffffff R15: ffff888016707c60 [ 89.626682] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.627822] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.628714] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.629669] PKRU: 55555554 [ 89.630055] Call Trace: [ 89.630568] [ 89.630931] iommufd_ioas_destroy+0x53/0x70 [ 89.631541] iommufd_fops_release+0x1f7/0x370 [ 89.632159] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.632829] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.633592] ? write_comp_data+0x2f/0x90 [ 89.634233] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.634958] __fput+0x26d/0xa40 [ 89.635454] ____fput+0x1e/0x30 [ 89.635915] task_work_run+0x1a4/0x2d0 [ 89.636455] ? __pfx_task_work_run+0x10/0x10 [ 89.637208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.637870] ? switch_task_namespaces+0xa9/0xe0 [ 89.638571] do_exit+0xb17/0x2ef0 [ 89.639046] ? lock_acquire+0x427/0x4c0 [ 89.639685] ? __pfx_lock_release+0x10/0x10 [ 89.640360] ? __kasan_check_write+0x18/0x20 [ 89.640957] ? do_raw_spin_lock+0x132/0x2a0 [ 89.641542] ? __pfx_do_exit+0x10/0x10 [ 89.642080] ? debug_smp_processor_id+0x20/0x30 [ 89.642940] ? rcu_is_watching+0x19/0xb0 [ 89.643522] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.644144] ? trace_hardirqs_on+0x26/0x120 [ 89.644734] do_group_exit+0xe0/0x2b0 [ 89.645248] __x64_sys_exit_group+0x47/0x50 [ 89.645922] do_syscall_64+0x3b/0x90 [ 89.646574] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.647303] RIP: 0033:0x7f4b87518a4d [ 89.647806] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.648621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.649823] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.650819] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.651788] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.652930] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.653874] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.654987] [ 89.655411] irq event stamp: 0 [ 89.655835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.656671] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.657811] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.659073] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.659933] ---[ end trace 0000000000000000 ]--- [ 89.667593] ------------[ cut here ]------------ [ 89.668275] WARNING: CPU: 1 PID: 773 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.669795] Modules linked in: [ 89.670231] CPU: 1 PID: 773 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.671518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.673010] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.673687] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.676206] RSP: 0018:ffff888015877bb8 EFLAGS: 00010246 [ 89.676933] RAX: 0000000000000000 RBX: ffff88800cb920a8 RCX: 0000000000000000 [ 89.677873] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 89.678872] RBP: ffff888015877bd0 R08: ffffed1001972433 R09: ffffed1001972433 [ 89.679862] R10: ffff88800cb92193 R11: ffffed1001972432 R12: ffff888021ba5c00 [ 89.680822] R13: ffff88800cb921e8 R14: ffffffff8352e670 R15: ffff888015877e68 [ 89.681778] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.682901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.683704] CR2: 00007f4b877410e8 CR3: 0000000015bd8000 CR4: 0000000000750ee0 [ 89.684655] PKRU: 55555554 [ 89.685040] Call Trace: [ 89.685385] [ 89.685699] __iommufd_access_detach+0x1c2/0x2b0 [ 89.686363] iommufd_access_change_pt+0x149/0x270 [ 89.687079] iommufd_access_replace+0xb4/0x120 [ 89.687747] iommufd_test+0x3e5/0x37e0 [ 89.688281] ? lock_release+0x532/0x770 [ 89.688830] ? __might_fault+0x102/0x1b0 [ 89.689387] ? lock_acquire+0x427/0x4c0 [ 89.689937] ? __pfx_iommufd_test+0x10/0x10 [ 89.690567] ? __pfx_lock_release+0x10/0x10 [ 89.691182] ? __pfx_lock_acquire+0x10/0x10 [ 89.691781] ? write_comp_data+0x2f/0x90 [ 89.692341] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.693002] ? write_comp_data+0x2f/0x90 [ 89.693564] iommufd_fops_ioctl+0x37d/0x510 [ 89.694151] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.694867] ? write_comp_data+0x2f/0x90 [ 89.695458] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.696115] __x64_sys_ioctl+0x1a3/0x230 [ 89.696676] do_syscall_64+0x3b/0x90 [ 89.697198] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.697903] RIP: 0033:0x7f4b8743ee5d [ 89.698408] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.700882] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.701893] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.702870] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.703815] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.704766] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.705711] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.706714] [ 89.707042] irq event stamp: 0 [ 89.707490] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.708326] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.709423] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.710565] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.711421] ---[ end trace 0000000000000000 ]--- [ 89.716417] ------------[ cut here ]------------ [ 89.717076] WARNING: CPU: 1 PID: 773 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.718396] Modules linked in: [ 89.718888] CPU: 1 PID: 773 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.720040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.721516] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.722181] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.724667] RSP: 0018:ffff888015877bd0 EFLAGS: 00010246 [ 89.725383] RAX: 0000000000000000 RBX: ffff88800cb920a8 RCX: 0000000000000000 [ 89.726316] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 89.727311] RBP: ffff888015877be8 R08: ffffed1001972433 R09: ffffed1001972433 [ 89.728299] R10: ffff88800cb92193 R11: ffffed1001972432 R12: ffff88801890cc00 [ 89.729248] R13: ffff88800cb921e8 R14: ffff88800fd8c500 R15: 0000000000000000 [ 89.730189] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.731312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.732094] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.733047] PKRU: 55555554 [ 89.733429] Call Trace: [ 89.733774] [ 89.734084] iommufd_access_destroy_object+0x65/0x170 [ 89.734818] iommufd_object_destroy_user+0x18e/0x220 [ 89.735501] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.736264] iommufd_access_destroy+0x43/0x70 [ 89.736863] iommufd_test_staccess_release+0x8d/0xd0 [ 89.737532] __fput+0x26d/0xa40 [ 89.737987] ____fput+0x1e/0x30 [ 89.738435] task_work_run+0x1a4/0x2d0 [ 89.739013] ? __pfx_task_work_run+0x10/0x10 [ 89.739640] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.740302] ? switch_task_namespaces+0xa9/0xe0 [ 89.740948] do_exit+0xb17/0x2ef0 [ 89.741419] ? lock_acquire+0x427/0x4c0 [ 89.741960] ? __pfx_lock_release+0x10/0x10 [ 89.742556] ? __kasan_check_write+0x18/0x20 [ 89.743146] ? do_raw_spin_lock+0x132/0x2a0 [ 89.743705] ? __pfx_do_exit+0x10/0x10 [ 89.744205] ? debug_smp_processor_id+0x20/0x30 [ 89.744789] ? rcu_is_watching+0x19/0xb0 [ 89.745299] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.745872] ? trace_hardirqs_on+0x26/0x120 [ 89.746418] do_group_exit+0xe0/0x2b0 [ 89.746937] __x64_sys_exit_group+0x47/0x50 [ 89.747485] do_syscall_64+0x3b/0x90 [ 89.747965] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.748621] RIP: 0033:0x7f4b87518a4d [ 89.749097] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.749875] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.750869] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.751794] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.752688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.753562] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.754436] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.755367] [ 89.755667] irq event stamp: 0 [ 89.756064] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.756837] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.757862] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.758914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.759688] ---[ end trace 0000000000000000 ]--- [ 89.760891] ------------[ cut here ]------------ [ 89.761455] WARNING: CPU: 1 PID: 773 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.762688] Modules linked in: [ 89.763086] CPU: 1 PID: 773 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.764133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.765467] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.766082] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.768279] RSP: 0018:ffff888015877b78 EFLAGS: 00010246 [ 89.768924] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.769768] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 89.770643] RBP: ffff888015877b98 R08: ffffed100197243e R09: ffffed100197243e [ 89.771507] R10: ffff88800cb921ef R11: ffffed100197243d R12: ffff88800cb92290 [ 89.772357] R13: ffff88800cb920a8 R14: ffffffffffffffff R15: ffff888015877c60 [ 89.773202] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.774159] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.774888] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.775756] PKRU: 55555554 [ 89.776099] Call Trace: [ 89.776411] [ 89.776693] iommufd_ioas_destroy+0x53/0x70 [ 89.777227] iommufd_fops_release+0x1f7/0x370 [ 89.777755] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.778329] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.778928] ? write_comp_data+0x2f/0x90 [ 89.779432] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.780006] __fput+0x26d/0xa40 [ 89.780408] ____fput+0x1e/0x30 [ 89.780802] task_work_run+0x1a4/0x2d0 [ 89.781263] ? __pfx_task_work_run+0x10/0x10 [ 89.781776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.782341] ? switch_task_namespaces+0xa9/0xe0 [ 89.782931] do_exit+0xb17/0x2ef0 [ 89.783351] ? lock_acquire+0x427/0x4c0 [ 89.783824] ? __pfx_lock_release+0x10/0x10 [ 89.784329] ? __kasan_check_write+0x18/0x20 [ 89.784839] ? do_raw_spin_lock+0x132/0x2a0 [ 89.785336] ? __pfx_do_exit+0x10/0x10 [ 89.785794] ? debug_smp_processor_id+0x20/0x30 [ 89.786333] ? rcu_is_watching+0x19/0xb0 [ 89.786828] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.787373] ? trace_hardirqs_on+0x26/0x120 [ 89.787878] do_group_exit+0xe0/0x2b0 [ 89.788319] __x64_sys_exit_group+0x47/0x50 [ 89.788809] do_syscall_64+0x3b/0x90 [ 89.789249] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.789850] RIP: 0033:0x7f4b87518a4d [ 89.790277] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.791005] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.791876] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.792679] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.793484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.794286] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.795129] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.795953] [ 89.796224] irq event stamp: 0 [ 89.796587] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.797299] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.798241] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.799218] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.799934] ---[ end trace 0000000000000000 ]--- [ 89.806069] ------------[ cut here ]------------ [ 89.806760] WARNING: CPU: 1 PID: 774 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.807893] Modules linked in: [ 89.808256] CPU: 1 PID: 774 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.809211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.810449] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.811034] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.813046] RSP: 0018:ffff888018b67bb8 EFLAGS: 00010246 [ 89.813639] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 89.814428] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 89.815250] RBP: ffff888018b67bd0 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 89.816047] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff88801341dc00 [ 89.816838] R13: ffff8880104669e8 R14: ffffffff8352e670 R15: ffff888018b67e68 [ 89.817633] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.818554] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.819220] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ee0 [ 89.820015] PKRU: 55555554 [ 89.820336] Call Trace: [ 89.820626] [ 89.820885] __iommufd_access_detach+0x1c2/0x2b0 [ 89.821437] iommufd_access_change_pt+0x149/0x270 [ 89.821998] iommufd_access_replace+0xb4/0x120 [ 89.822561] iommufd_test+0x3e5/0x37e0 [ 89.823007] ? lock_release+0x532/0x770 [ 89.823479] ? __might_fault+0x102/0x1b0 [ 89.823949] ? lock_acquire+0x427/0x4c0 [ 89.824411] ? __pfx_iommufd_test+0x10/0x10 [ 89.824894] ? __pfx_lock_release+0x10/0x10 [ 89.825398] ? __pfx_lock_acquire+0x10/0x10 [ 89.825897] ? write_comp_data+0x2f/0x90 [ 89.826366] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.826940] ? write_comp_data+0x2f/0x90 [ 89.827424] iommufd_fops_ioctl+0x37d/0x510 [ 89.827913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.828463] ? write_comp_data+0x2f/0x90 [ 89.828930] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.829470] __x64_sys_ioctl+0x1a3/0x230 [ 89.829939] do_syscall_64+0x3b/0x90 [ 89.830369] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.830979] RIP: 0033:0x7f4b8743ee5d [ 89.831411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.833400] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.834232] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.835041] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.835844] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.836642] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.837429] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.838222] [ 89.838489] irq event stamp: 0 [ 89.838875] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.839593] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.840519] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.841443] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.842140] ---[ end trace 0000000000000000 ]--- [ 89.846420] ------------[ cut here ]------------ [ 89.846983] WARNING: CPU: 1 PID: 774 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.848073] Modules linked in: [ 89.848430] CPU: 1 PID: 774 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.849354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.850585] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.851142] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.853072] RSP: 0018:ffff888018b67bd0 EFLAGS: 00010246 [ 89.853647] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 89.854409] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 89.855213] RBP: ffff888018b67be8 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 89.855978] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff888021ba4c00 [ 89.856743] R13: ffff8880104669e8 R14: ffff8880143e1400 R15: 0000000000000000 [ 89.857511] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.858373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.859026] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.859812] PKRU: 55555554 [ 89.860123] Call Trace: [ 89.860404] [ 89.860654] iommufd_access_destroy_object+0x65/0x170 [ 89.861221] iommufd_object_destroy_user+0x18e/0x220 [ 89.861780] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.862417] iommufd_access_destroy+0x43/0x70 [ 89.862954] iommufd_test_staccess_release+0x8d/0xd0 [ 89.863540] __fput+0x26d/0xa40 [ 89.863921] ____fput+0x1e/0x30 [ 89.864290] task_work_run+0x1a4/0x2d0 [ 89.864724] ? __pfx_task_work_run+0x10/0x10 [ 89.865208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.865743] ? switch_task_namespaces+0xa9/0xe0 [ 89.866260] do_exit+0xb17/0x2ef0 [ 89.866667] ? lock_acquire+0x427/0x4c0 [ 89.867125] ? __pfx_lock_release+0x10/0x10 [ 89.867599] ? __kasan_check_write+0x18/0x20 [ 89.868105] ? do_raw_spin_lock+0x132/0x2a0 [ 89.868658] ? __pfx_do_exit+0x10/0x10 [ 89.869096] ? debug_smp_processor_id+0x20/0x30 [ 89.869621] ? rcu_is_watching+0x19/0xb0 [ 89.870121] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.870643] ? trace_hardirqs_on+0x26/0x120 [ 89.871201] do_group_exit+0xe0/0x2b0 [ 89.871618] __x64_sys_exit_group+0x47/0x50 [ 89.872079] do_syscall_64+0x3b/0x90 [ 89.872569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.873133] RIP: 0033:0x7f4b87518a4d [ 89.873533] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.874274] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.875104] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.875921] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.876695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.877487] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.878254] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.879136] [ 89.879398] irq event stamp: 0 [ 89.879738] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.880456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.881396] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.882356] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.883058] ---[ end trace 0000000000000000 ]--- [ 89.884007] ------------[ cut here ]------------ [ 89.884359] WARNING: CPU: 1 PID: 774 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.885344] Modules linked in: [ 89.885586] CPU: 1 PID: 774 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.886388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.887373] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.887760] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.889209] RSP: 0018:ffff888018b67b78 EFLAGS: 00010246 [ 89.889637] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.890219] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 89.890791] RBP: ffff888018b67b98 R08: ffffed100208cd3e R09: ffffed100208cd3e [ 89.891370] R10: ffff8880104669ef R11: ffffed100208cd3d R12: ffff888010466a90 [ 89.891903] R13: ffff8880104668a8 R14: ffffffffffffffff R15: ffff888018b67c60 [ 89.892534] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 89.893133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.893678] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 89.894213] PKRU: 55555554 [ 89.894451] Call Trace: [ 89.894725] [ 89.894900] iommufd_ioas_destroy+0x53/0x70 [ 89.895239] iommufd_fops_release+0x1f7/0x370 [ 89.895587] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.895990] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.896416] ? write_comp_data+0x2f/0x90 [ 89.896733] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.897159] __fput+0x26d/0xa40 [ 89.897459] ____fput+0x1e/0x30 [ 89.897718] task_work_run+0x1a4/0x2d0 [ 89.898027] ? __pfx_task_work_run+0x10/0x10 [ 89.898458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.898857] ? switch_task_namespaces+0xa9/0xe0 [ 89.899238] do_exit+0xb17/0x2ef0 [ 89.899509] ? lock_acquire+0x427/0x4c0 [ 89.899840] ? __pfx_lock_release+0x10/0x10 [ 89.900254] ? __kasan_check_write+0x18/0x20 [ 89.900599] ? do_raw_spin_lock+0x132/0x2a0 [ 89.900934] ? __pfx_do_exit+0x10/0x10 [ 89.901333] ? debug_smp_processor_id+0x20/0x30 [ 89.901692] ? rcu_is_watching+0x19/0xb0 [ 89.902008] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.902416] ? trace_hardirqs_on+0x26/0x120 [ 89.902810] do_group_exit+0xe0/0x2b0 [ 89.903111] __x64_sys_exit_group+0x47/0x50 [ 89.903441] do_syscall_64+0x3b/0x90 [ 89.903737] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.904225] RIP: 0033:0x7f4b87518a4d [ 89.904513] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.905009] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.905655] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.906226] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.906843] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.907398] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.908035] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.908590] [ 89.908770] irq event stamp: 0 [ 89.909090] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.909595] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.910281] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.911014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.911512] ---[ end trace 0000000000000000 ]--- [ 89.917146] ------------[ cut here ]------------ [ 89.917548] WARNING: CPU: 0 PID: 775 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.918333] Modules linked in: [ 89.918822] CPU: 0 PID: 775 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.919514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.920388] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.920778] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.922197] RSP: 0018:ffff88800b68fbb8 EFLAGS: 00010246 [ 89.922635] RAX: 0000000000000000 RBX: ffff888018aad8a8 RCX: 0000000000000000 [ 89.923198] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 89.923749] RBP: ffff88800b68fbd0 R08: ffffed1003155b33 R09: ffffed1003155b33 [ 89.924294] R10: ffff888018aad993 R11: ffffed1003155b32 R12: ffff88800a725400 [ 89.924848] R13: ffff888018aad9e8 R14: ffffffff8352e670 R15: ffff88800b68fe68 [ 89.925398] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.926010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.926452] CR2: 0000000020000140 CR3: 0000000012f20000 CR4: 0000000000750ef0 [ 89.927022] PKRU: 55555554 [ 89.927248] Call Trace: [ 89.927446] [ 89.927621] __iommufd_access_detach+0x1c2/0x2b0 [ 89.928001] iommufd_access_change_pt+0x149/0x270 [ 89.928381] iommufd_access_replace+0xb4/0x120 [ 89.928744] iommufd_test+0x3e5/0x37e0 [ 89.929044] ? lock_release+0x532/0x770 [ 89.929358] ? __might_fault+0x102/0x1b0 [ 89.929675] ? lock_acquire+0x427/0x4c0 [ 89.929990] ? __pfx_iommufd_test+0x10/0x10 [ 89.930318] ? __pfx_lock_release+0x10/0x10 [ 89.930671] ? __pfx_lock_acquire+0x10/0x10 [ 89.931012] ? write_comp_data+0x2f/0x90 [ 89.931342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.931729] ? write_comp_data+0x2f/0x90 [ 89.932059] iommufd_fops_ioctl+0x37d/0x510 [ 89.932398] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.932777] ? write_comp_data+0x2f/0x90 [ 89.933109] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 89.933492] __x64_sys_ioctl+0x1a3/0x230 [ 89.933823] do_syscall_64+0x3b/0x90 [ 89.934126] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.934556] RIP: 0033:0x7f4b8743ee5d [ 89.934845] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 89.936259] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 89.936857] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 89.937419] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 89.937977] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 89.938554] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 89.939123] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 89.939691] [ 89.939875] irq event stamp: 0 [ 89.940123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.940617] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.941270] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.941918] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.942409] ---[ end trace 0000000000000000 ]--- [ 89.945245] ------------[ cut here ]------------ [ 89.945643] WARNING: CPU: 0 PID: 775 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 89.946426] Modules linked in: [ 89.946710] CPU: 0 PID: 775 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.947398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.948271] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 89.948658] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 89.950068] RSP: 0018:ffff88800b68fbd0 EFLAGS: 00010246 [ 89.950481] RAX: 0000000000000000 RBX: ffff888018aad8a8 RCX: 0000000000000000 [ 89.951055] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 89.951624] RBP: ffff88800b68fbe8 R08: ffffed1003155b33 R09: ffffed1003155b33 [ 89.952187] R10: ffff888018aad993 R11: ffffed1003155b32 R12: ffff888021bcb800 [ 89.952739] R13: ffff888018aad9e8 R14: ffff888018bacf00 R15: 0000000000000000 [ 89.953288] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.953911] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.954360] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 89.954926] PKRU: 55555554 [ 89.955158] Call Trace: [ 89.955360] [ 89.955539] iommufd_access_destroy_object+0x65/0x170 [ 89.955948] iommufd_object_destroy_user+0x18e/0x220 [ 89.956350] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 89.956807] iommufd_access_destroy+0x43/0x70 [ 89.957168] iommufd_test_staccess_release+0x8d/0xd0 [ 89.957573] __fput+0x26d/0xa40 [ 89.957849] ____fput+0x1e/0x30 [ 89.958119] task_work_run+0x1a4/0x2d0 [ 89.958439] ? __pfx_task_work_run+0x10/0x10 [ 89.958811] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.959214] ? switch_task_namespaces+0xa9/0xe0 [ 89.959596] do_exit+0xb17/0x2ef0 [ 89.959873] ? lock_acquire+0x427/0x4c0 [ 89.960201] ? __pfx_lock_release+0x10/0x10 [ 89.960547] ? __kasan_check_write+0x18/0x20 [ 89.960897] ? do_raw_spin_lock+0x132/0x2a0 [ 89.961237] ? __pfx_do_exit+0x10/0x10 [ 89.961553] ? debug_smp_processor_id+0x20/0x30 [ 89.961921] ? rcu_is_watching+0x19/0xb0 [ 89.962245] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.962636] ? trace_hardirqs_on+0x26/0x120 [ 89.962985] do_group_exit+0xe0/0x2b0 [ 89.963301] __x64_sys_exit_group+0x47/0x50 [ 89.963644] do_syscall_64+0x3b/0x90 [ 89.963952] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.964371] RIP: 0033:0x7f4b87518a4d [ 89.964667] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.965151] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.965750] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.966307] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.966888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.967459] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.968016] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.968582] [ 89.968768] irq event stamp: 0 [ 89.969018] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.969517] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.970172] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.970850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.971355] ---[ end trace 0000000000000000 ]--- [ 89.972056] ------------[ cut here ]------------ [ 89.972427] WARNING: CPU: 0 PID: 775 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 89.973224] Modules linked in: [ 89.973479] CPU: 0 PID: 775 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 89.974158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 89.975070] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 89.975494] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 89.976920] RSP: 0018:ffff88800b68fb78 EFLAGS: 00010246 [ 89.977340] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 89.977895] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 89.978453] RBP: ffff88800b68fb98 R08: ffffed1003155b3e R09: ffffed1003155b3e [ 89.979038] R10: ffff888018aad9ef R11: ffffed1003155b3d R12: ffff888018aada90 [ 89.979606] R13: ffff888018aad8a8 R14: ffffffffffffffff R15: ffff88800b68fc60 [ 89.980169] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 89.980802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.981257] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 89.981816] PKRU: 55555554 [ 89.982040] Call Trace: [ 89.982241] [ 89.982420] iommufd_ioas_destroy+0x53/0x70 [ 89.982795] iommufd_fops_release+0x1f7/0x370 [ 89.983165] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.983565] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.983959] ? write_comp_data+0x2f/0x90 [ 89.984290] ? __pfx_iommufd_fops_release+0x10/0x10 [ 89.984684] __fput+0x26d/0xa40 [ 89.984960] ____fput+0x1e/0x30 [ 89.985227] task_work_run+0x1a4/0x2d0 [ 89.985545] ? __pfx_task_work_run+0x10/0x10 [ 89.985899] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 89.986291] ? switch_task_namespaces+0xa9/0xe0 [ 89.986696] do_exit+0xb17/0x2ef0 [ 89.986976] ? lock_acquire+0x427/0x4c0 [ 89.987315] ? __pfx_lock_release+0x10/0x10 [ 89.987663] ? __kasan_check_write+0x18/0x20 [ 89.988015] ? do_raw_spin_lock+0x132/0x2a0 [ 89.988357] ? __pfx_do_exit+0x10/0x10 [ 89.988674] ? debug_smp_processor_id+0x20/0x30 [ 89.989054] ? rcu_is_watching+0x19/0xb0 [ 89.989376] ? _raw_spin_unlock_irq+0x2b/0x60 [ 89.989739] ? trace_hardirqs_on+0x26/0x120 [ 89.990087] do_group_exit+0xe0/0x2b0 [ 89.990389] __x64_sys_exit_group+0x47/0x50 [ 89.990750] do_syscall_64+0x3b/0x90 [ 89.991055] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 89.991488] RIP: 0033:0x7f4b87518a4d [ 89.991788] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 89.992274] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 89.992873] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 89.993430] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 89.993987] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 89.994570] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 89.995147] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 89.995712] [ 89.995898] irq event stamp: 0 [ 89.996153] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 89.996656] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 89.997315] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 89.997970] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 89.998466] ---[ end trace 0000000000000000 ]--- [ 90.002350] ------------[ cut here ]------------ [ 90.003003] WARNING: CPU: 0 PID: 776 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.003809] Modules linked in: [ 90.004062] CPU: 0 PID: 776 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.004735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.005611] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.006000] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.007448] RSP: 0018:ffff8880167bfbb8 EFLAGS: 00010246 [ 90.007870] RAX: 0000000000000000 RBX: ffff888011d9b0a8 RCX: 0000000000000000 [ 90.008422] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 90.008976] RBP: ffff8880167bfbd0 R08: ffffed10023b3633 R09: ffffed10023b3633 [ 90.009530] R10: ffff888011d9b193 R11: ffffed10023b3632 R12: ffff88801226d000 [ 90.010087] R13: ffff888011d9b1e8 R14: ffffffff8352e670 R15: ffff8880167bfe68 [ 90.010662] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.011301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.011754] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ef0 [ 90.012314] PKRU: 55555554 [ 90.012537] Call Trace: [ 90.012746] [ 90.012929] __iommufd_access_detach+0x1c2/0x2b0 [ 90.013317] iommufd_access_change_pt+0x149/0x270 [ 90.013706] iommufd_access_replace+0xb4/0x120 [ 90.014081] iommufd_test+0x3e5/0x37e0 [ 90.014388] ? lock_release+0x532/0x770 [ 90.014737] ? __might_fault+0x102/0x1b0 [ 90.015069] ? lock_acquire+0x427/0x4c0 [ 90.015404] ? __pfx_iommufd_test+0x10/0x10 [ 90.015746] ? __pfx_lock_release+0x10/0x10 [ 90.016096] ? __pfx_lock_acquire+0x10/0x10 [ 90.016445] ? write_comp_data+0x2f/0x90 [ 90.016779] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.017169] ? write_comp_data+0x2f/0x90 [ 90.017499] iommufd_fops_ioctl+0x37d/0x510 [ 90.017845] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.018236] ? write_comp_data+0x2f/0x90 [ 90.018594] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.018982] __x64_sys_ioctl+0x1a3/0x230 [ 90.019327] do_syscall_64+0x3b/0x90 [ 90.019631] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.020045] RIP: 0033:0x7f4b8743ee5d [ 90.020341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.021766] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.022367] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.022953] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.023528] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.024086] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.024641] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.025205] [ 90.025390] irq event stamp: 0 [ 90.025641] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.026140] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.026816] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.027484] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.027982] ---[ end trace 0000000000000000 ]--- [ 90.031142] ------------[ cut here ]------------ [ 90.031548] WARNING: CPU: 0 PID: 776 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.032334] Modules linked in: [ 90.032586] CPU: 0 PID: 776 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.033261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.034130] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.034571] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.036007] RSP: 0018:ffff8880167bfbd0 EFLAGS: 00010246 [ 90.036427] RAX: 0000000000000000 RBX: ffff888011d9b0a8 RCX: 0000000000000000 [ 90.036983] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 90.037539] RBP: ffff8880167bfbe8 R08: ffffed10023b3633 R09: ffffed10023b3633 [ 90.038094] R10: ffff888011d9b193 R11: ffffed10023b3632 R12: ffff88800a727c00 [ 90.038668] R13: ffff888011d9b1e8 R14: ffff888012155a00 R15: 0000000000000000 [ 90.039237] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.039864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.040316] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.040871] PKRU: 55555554 [ 90.041093] Call Trace: [ 90.041295] [ 90.041476] iommufd_access_destroy_object+0x65/0x170 [ 90.041887] iommufd_object_destroy_user+0x18e/0x220 [ 90.042294] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.042772] iommufd_access_destroy+0x43/0x70 [ 90.043149] iommufd_test_staccess_release+0x8d/0xd0 [ 90.043562] __fput+0x26d/0xa40 [ 90.043842] ____fput+0x1e/0x30 [ 90.044111] task_work_run+0x1a4/0x2d0 [ 90.044429] ? __pfx_task_work_run+0x10/0x10 [ 90.044781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.045186] ? switch_task_namespaces+0xa9/0xe0 [ 90.045562] do_exit+0xb17/0x2ef0 [ 90.045835] ? lock_acquire+0x427/0x4c0 [ 90.046157] ? __pfx_lock_release+0x10/0x10 [ 90.046540] ? __kasan_check_write+0x18/0x20 [ 90.046892] ? do_raw_spin_lock+0x132/0x2a0 [ 90.047249] ? __pfx_do_exit+0x10/0x10 [ 90.047570] ? debug_smp_processor_id+0x20/0x30 [ 90.047942] ? rcu_is_watching+0x19/0xb0 [ 90.048272] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.048636] ? trace_hardirqs_on+0x26/0x120 [ 90.048982] do_group_exit+0xe0/0x2b0 [ 90.049286] __x64_sys_exit_group+0x47/0x50 [ 90.049626] do_syscall_64+0x3b/0x90 [ 90.049931] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.050348] RIP: 0033:0x7f4b87518a4d [ 90.050690] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.051189] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.051790] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.052347] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.052904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.053463] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.054021] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.054610] [ 90.054799] irq event stamp: 0 [ 90.055046] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.055548] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.056209] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.056866] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.057362] ---[ end trace 0000000000000000 ]--- [ 90.058085] ------------[ cut here ]------------ [ 90.058458] WARNING: CPU: 0 PID: 776 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.059297] Modules linked in: [ 90.059556] CPU: 0 PID: 776 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.060233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.061111] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.061517] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.062965] RSP: 0018:ffff8880167bfb78 EFLAGS: 00010246 [ 90.063397] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.063953] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 90.064510] RBP: ffff8880167bfb98 R08: ffffed10023b363e R09: ffffed10023b363e [ 90.065066] R10: ffff888011d9b1ef R11: ffffed10023b363d R12: ffff888011d9b290 [ 90.065623] R13: ffff888011d9b0a8 R14: ffffffffffffffff R15: ffff8880167bfc60 [ 90.066176] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.066821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.067288] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.067846] PKRU: 55555554 [ 90.068070] Call Trace: [ 90.068271] [ 90.068450] iommufd_ioas_destroy+0x53/0x70 [ 90.068798] iommufd_fops_release+0x1f7/0x370 [ 90.069157] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.069552] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.069942] ? write_comp_data+0x2f/0x90 [ 90.070270] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.070702] __fput+0x26d/0xa40 [ 90.070978] ____fput+0x1e/0x30 [ 90.071260] task_work_run+0x1a4/0x2d0 [ 90.071578] ? __pfx_task_work_run+0x10/0x10 [ 90.071933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.072318] ? switch_task_namespaces+0xa9/0xe0 [ 90.072698] do_exit+0xb17/0x2ef0 [ 90.072970] ? lock_acquire+0x427/0x4c0 [ 90.073291] ? __pfx_lock_release+0x10/0x10 [ 90.073637] ? __kasan_check_write+0x18/0x20 [ 90.073986] ? do_raw_spin_lock+0x132/0x2a0 [ 90.074326] ? __pfx_do_exit+0x10/0x10 [ 90.074672] ? debug_smp_processor_id+0x20/0x30 [ 90.075042] ? rcu_is_watching+0x19/0xb0 [ 90.075373] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.075734] ? trace_hardirqs_on+0x26/0x120 [ 90.076083] do_group_exit+0xe0/0x2b0 [ 90.076388] __x64_sys_exit_group+0x47/0x50 [ 90.076730] do_syscall_64+0x3b/0x90 [ 90.077035] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.077448] RIP: 0033:0x7f4b87518a4d [ 90.077741] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.078219] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.078830] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.079403] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.079962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.080519] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.081072] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.081633] [ 90.081816] irq event stamp: 0 [ 90.082065] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.082576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.083241] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.083899] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.084392] ---[ end trace 0000000000000000 ]--- [ 90.088374] ------------[ cut here ]------------ [ 90.088779] WARNING: CPU: 0 PID: 777 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.089563] Modules linked in: [ 90.089813] CPU: 0 PID: 777 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.090485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.091567] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.091957] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.093368] RSP: 0018:ffff888012977bb8 EFLAGS: 00010246 [ 90.093782] RAX: 0000000000000000 RBX: ffff888021b010a8 RCX: 0000000000000000 [ 90.094334] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 90.094901] RBP: ffff888012977bd0 R08: ffffed1004360233 R09: ffffed1004360233 [ 90.095465] R10: ffff888021b01193 R11: ffffed1004360232 R12: ffff88800ef6a800 [ 90.096018] R13: ffff888021b011e8 R14: ffffffff8352e670 R15: ffff888012977e68 [ 90.096574] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.097198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.097647] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ef0 [ 90.098201] PKRU: 55555554 [ 90.098423] Call Trace: [ 90.098636] [ 90.098815] __iommufd_access_detach+0x1c2/0x2b0 [ 90.099205] iommufd_access_change_pt+0x149/0x270 [ 90.099592] iommufd_access_replace+0xb4/0x120 [ 90.099964] iommufd_test+0x3e5/0x37e0 [ 90.100272] ? lock_release+0x532/0x770 [ 90.100594] ? __might_fault+0x102/0x1b0 [ 90.100918] ? lock_acquire+0x427/0x4c0 [ 90.101239] ? __pfx_iommufd_test+0x10/0x10 [ 90.101575] ? __pfx_lock_release+0x10/0x10 [ 90.101919] ? __pfx_lock_acquire+0x10/0x10 [ 90.102266] ? write_comp_data+0x2f/0x90 [ 90.102611] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.103000] ? write_comp_data+0x2f/0x90 [ 90.103337] iommufd_fops_ioctl+0x37d/0x510 [ 90.103679] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.104063] ? write_comp_data+0x2f/0x90 [ 90.104390] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.104771] __x64_sys_ioctl+0x1a3/0x230 [ 90.105099] do_syscall_64+0x3b/0x90 [ 90.105405] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.105819] RIP: 0033:0x7f4b8743ee5d [ 90.106111] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.107562] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.108157] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.108712] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.109265] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.109817] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.110371] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.110948] [ 90.111142] irq event stamp: 0 [ 90.111391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.111884] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.112538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.113186] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.113674] ---[ end trace 0000000000000000 ]--- [ 90.116454] ------------[ cut here ]------------ [ 90.116857] WARNING: CPU: 0 PID: 777 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.117639] Modules linked in: [ 90.117890] CPU: 0 PID: 777 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.118581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.119465] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.119853] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.121264] RSP: 0018:ffff888012977bd0 EFLAGS: 00010246 [ 90.121677] RAX: 0000000000000000 RBX: ffff888021b010a8 RCX: 0000000000000000 [ 90.122229] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 90.122806] RBP: ffff888012977be8 R08: ffffed1004360233 R09: ffffed1004360233 [ 90.123367] R10: ffff888021b01193 R11: ffffed1004360232 R12: ffff88801226f400 [ 90.123926] R13: ffff888021b011e8 R14: ffff888013a6d500 R15: 0000000000000000 [ 90.124479] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.125110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.125564] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.126118] PKRU: 55555554 [ 90.126338] Call Trace: [ 90.126560] [ 90.126742] iommufd_access_destroy_object+0x65/0x170 [ 90.127157] iommufd_object_destroy_user+0x18e/0x220 [ 90.127564] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.128023] iommufd_access_destroy+0x43/0x70 [ 90.128386] iommufd_test_staccess_release+0x8d/0xd0 [ 90.128805] __fput+0x26d/0xa40 [ 90.129117] ____fput+0x1e/0x30 [ 90.129569] task_work_run+0x1a4/0x2d0 [ 90.129888] ? __pfx_task_work_run+0x10/0x10 [ 90.130238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.130644] ? switch_task_namespaces+0xa9/0xe0 [ 90.131024] do_exit+0xb17/0x2ef0 [ 90.131374] ? lock_acquire+0x427/0x4c0 [ 90.131779] ? __pfx_lock_release+0x10/0x10 [ 90.132127] ? __kasan_check_write+0x18/0x20 [ 90.132476] ? do_raw_spin_lock+0x132/0x2a0 [ 90.132816] ? __pfx_do_exit+0x10/0x10 [ 90.133201] ? debug_smp_processor_id+0x20/0x30 [ 90.133649] ? rcu_is_watching+0x19/0xb0 [ 90.133972] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.134334] ? trace_hardirqs_on+0x26/0x120 [ 90.134694] do_group_exit+0xe0/0x2b0 [ 90.134998] __x64_sys_exit_group+0x47/0x50 [ 90.135342] do_syscall_64+0x3b/0x90 [ 90.135643] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.136073] RIP: 0033:0x7f4b87518a4d [ 90.136497] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.136977] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.137571] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.138148] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.138841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.139402] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.139956] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.140515] [ 90.140771] irq event stamp: 0 [ 90.141094] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.141585] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.142235] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.143033] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.143539] ---[ end trace 0000000000000000 ]--- [ 90.144219] ------------[ cut here ]------------ [ 90.144587] WARNING: CPU: 0 PID: 777 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.145565] Modules linked in: [ 90.145820] CPU: 0 PID: 777 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.146497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.147445] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.147979] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.149449] RSP: 0018:ffff888012977b78 EFLAGS: 00010246 [ 90.149964] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.150553] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 90.151118] RBP: ffff888012977b98 R08: ffffed100436023e R09: ffffed100436023e [ 90.151751] R10: ffff888021b011ef R11: ffffed100436023d R12: ffff888021b01290 [ 90.152405] R13: ffff888021b010a8 R14: ffffffffffffffff R15: ffff888012977c60 [ 90.152961] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.153658] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.154194] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.154769] PKRU: 55555554 [ 90.154995] Call Trace: [ 90.155208] [ 90.155390] iommufd_ioas_destroy+0x53/0x70 [ 90.155738] iommufd_fops_release+0x1f7/0x370 [ 90.156136] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.156622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.157012] ? write_comp_data+0x2f/0x90 [ 90.157341] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.157738] __fput+0x26d/0xa40 [ 90.158084] ____fput+0x1e/0x30 [ 90.158424] task_work_run+0x1a4/0x2d0 [ 90.158760] ? __pfx_task_work_run+0x10/0x10 [ 90.159117] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.159508] ? switch_task_namespaces+0xa9/0xe0 [ 90.159891] do_exit+0xb17/0x2ef0 [ 90.160164] ? lock_acquire+0x427/0x4c0 [ 90.160557] ? __pfx_lock_release+0x10/0x10 [ 90.160999] ? __kasan_check_write+0x18/0x20 [ 90.161359] ? do_raw_spin_lock+0x132/0x2a0 [ 90.161704] ? __pfx_do_exit+0x10/0x10 [ 90.162025] ? debug_smp_processor_id+0x20/0x30 [ 90.162436] ? rcu_is_watching+0x19/0xb0 [ 90.162894] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.163269] ? trace_hardirqs_on+0x26/0x120 [ 90.163617] do_group_exit+0xe0/0x2b0 [ 90.163923] __x64_sys_exit_group+0x47/0x50 [ 90.164264] do_syscall_64+0x3b/0x90 [ 90.164565] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.165028] RIP: 0033:0x7f4b87518a4d [ 90.165449] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.165936] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.166568] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.167139] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.167779] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.168433] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.169003] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.169655] [ 90.169943] irq event stamp: 0 [ 90.170207] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.170750] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.171459] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.172327] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.172847] ---[ end trace 0000000000000000 ]--- [ 90.176819] ------------[ cut here ]------------ [ 90.177238] WARNING: CPU: 0 PID: 778 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.178236] Modules linked in: [ 90.178501] CPU: 0 PID: 778 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.179285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.180209] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.180777] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.182348] RSP: 0018:ffff888021b1fbb8 EFLAGS: 00010246 [ 90.182910] RAX: 0000000000000000 RBX: ffff888020dd08a8 RCX: 0000000000000000 [ 90.183513] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 90.184103] RBP: ffff888021b1fbd0 R08: ffffed10041ba133 R09: ffffed10041ba133 [ 90.184759] R10: ffff888020dd0993 R11: ffffed10041ba132 R12: ffff88800f172800 [ 90.185451] R13: ffff888020dd09e8 R14: ffffffff8352e670 R15: ffff888021b1fe68 [ 90.186037] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.186900] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.187390] CR2: 00007f4b877410e8 CR3: 0000000015bd8000 CR4: 0000000000750ef0 [ 90.187981] PKRU: 55555554 [ 90.188229] Call Trace: [ 90.188441] [ 90.188629] __iommufd_access_detach+0x1c2/0x2b0 [ 90.189228] iommufd_access_change_pt+0x149/0x270 [ 90.189638] iommufd_access_replace+0xb4/0x120 [ 90.190026] iommufd_test+0x3e5/0x37e0 [ 90.190351] ? lock_release+0x532/0x770 [ 90.190719] ? __might_fault+0x102/0x1b0 [ 90.191256] ? lock_acquire+0x427/0x4c0 [ 90.191601] ? __pfx_iommufd_test+0x10/0x10 [ 90.191961] ? __pfx_lock_release+0x10/0x10 [ 90.192329] ? __pfx_lock_acquire+0x10/0x10 [ 90.192699] ? write_comp_data+0x2f/0x90 [ 90.193046] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.193481] ? write_comp_data+0x2f/0x90 [ 90.193998] iommufd_fops_ioctl+0x37d/0x510 [ 90.194362] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.194803] ? write_comp_data+0x2f/0x90 [ 90.195160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.195571] __x64_sys_ioctl+0x1a3/0x230 [ 90.195924] do_syscall_64+0x3b/0x90 [ 90.196308] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.196842] RIP: 0033:0x7f4b8743ee5d [ 90.197153] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.198858] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.199508] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.200095] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.200860] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.201452] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.202041] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.202832] [ 90.203031] irq event stamp: 0 [ 90.203301] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.203822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.204514] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.205376] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.205899] ---[ end trace 0000000000000000 ]--- [ 90.208959] ------------[ cut here ]------------ [ 90.209499] WARNING: CPU: 0 PID: 778 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.210332] Modules linked in: [ 90.210672] CPU: 0 PID: 778 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.211396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.212475] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.212886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.214384] RSP: 0018:ffff888021b1fbd0 EFLAGS: 00010246 [ 90.214855] RAX: 0000000000000000 RBX: ffff888020dd08a8 RCX: 0000000000000000 [ 90.215449] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 90.216038] RBP: ffff888021b1fbe8 R08: ffffed10041ba133 R09: ffffed10041ba133 [ 90.216623] R10: ffff888020dd0993 R11: ffffed10041ba132 R12: ffff88800ef6bc00 [ 90.217209] R13: ffff888020dd09e8 R14: ffff888013a7d800 R15: 0000000000000000 [ 90.217797] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.218458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.218957] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 90.219562] PKRU: 55555554 [ 90.219799] Call Trace: [ 90.220013] [ 90.220200] iommufd_access_destroy_object+0x65/0x170 [ 90.220637] iommufd_object_destroy_user+0x18e/0x220 [ 90.221060] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.221546] iommufd_access_destroy+0x43/0x70 [ 90.221930] iommufd_test_staccess_release+0x8d/0xd0 [ 90.222364] __fput+0x26d/0xa40 [ 90.222686] ____fput+0x1e/0x30 [ 90.222972] task_work_run+0x1a4/0x2d0 [ 90.223316] ? __pfx_task_work_run+0x10/0x10 [ 90.223689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.224104] ? switch_task_namespaces+0xa9/0xe0 [ 90.224504] do_exit+0xb17/0x2ef0 [ 90.224801] ? lock_acquire+0x427/0x4c0 [ 90.225147] ? __pfx_lock_release+0x10/0x10 [ 90.225514] ? __kasan_check_write+0x18/0x20 [ 90.225894] ? do_raw_spin_lock+0x132/0x2a0 [ 90.226262] ? __pfx_do_exit+0x10/0x10 [ 90.226622] ? debug_smp_processor_id+0x20/0x30 [ 90.227017] ? rcu_is_watching+0x19/0xb0 [ 90.227369] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.227752] ? trace_hardirqs_on+0x26/0x120 [ 90.228115] do_group_exit+0xe0/0x2b0 [ 90.228435] __x64_sys_exit_group+0x47/0x50 [ 90.228791] do_syscall_64+0x3b/0x90 [ 90.229110] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.229561] RIP: 0033:0x7f4b87518a4d [ 90.229884] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.230411] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.231094] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.231719] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.232332] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.232950] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.233560] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.234175] [ 90.234377] irq event stamp: 0 [ 90.234674] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.235237] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.235960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.236676] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.237230] ---[ end trace 0000000000000000 ]--- [ 90.238173] ------------[ cut here ]------------ [ 90.238769] WARNING: CPU: 0 PID: 778 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.239663] Modules linked in: [ 90.239952] CPU: 0 PID: 778 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.240700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.241780] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.242322] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.244171] RSP: 0018:ffff888021b1fb78 EFLAGS: 00010246 [ 90.244648] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.245271] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 90.245896] RBP: ffff888021b1fb98 R08: ffffed10041ba13e R09: ffffed10041ba13e [ 90.246579] R10: ffff888020dd09ef R11: ffffed10041ba13d R12: ffff888020dd0a90 [ 90.247389] R13: ffff888020dd08a8 R14: ffffffffffffffff R15: ffff888021b1fc60 [ 90.248016] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.248722] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.249319] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 90.250065] PKRU: 55555554 [ 90.250317] Call Trace: [ 90.250572] [ 90.250777] iommufd_ioas_destroy+0x53/0x70 [ 90.250951] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 90.251179] iommufd_fops_release+0x1f7/0x370 [ 90.253663] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 90.253992] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.256161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.256604] ? write_comp_data+0x2f/0x90 [ 90.256978] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.257423] __fput+0x26d/0xa40 [ 90.257738] ____fput+0x1e/0x30 [ 90.258152] task_work_run+0x1a4/0x2d0 [ 90.258677] ? __pfx_task_work_run+0x10/0x10 [ 90.259076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.259525] ? switch_task_namespaces+0xa9/0xe0 [ 90.259957] do_exit+0xb17/0x2ef0 [ 90.260272] ? lock_acquire+0x427/0x4c0 [ 90.260640] ? __pfx_lock_release+0x10/0x10 [ 90.261037] ? __kasan_check_write+0x18/0x20 [ 90.261438] ? do_raw_spin_lock+0x132/0x2a0 [ 90.261824] ? __pfx_do_exit+0x10/0x10 [ 90.262181] ? debug_smp_processor_id+0x20/0x30 [ 90.262626] ? rcu_is_watching+0x19/0xb0 [ 90.262999] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.263427] ? trace_hardirqs_on+0x26/0x120 [ 90.263835] do_group_exit+0xe0/0x2b0 [ 90.264185] __x64_sys_exit_group+0x47/0x50 [ 90.264569] do_syscall_64+0x3b/0x90 [ 90.264994] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.265647] RIP: 0033:0x7f4b87518a4d [ 90.265989] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.266586] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.267334] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.268010] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.268699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.269385] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.270064] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.270910] [ 90.271331] irq event stamp: 0 [ 90.271633] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.272218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.273002] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.273782] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.274385] ---[ end trace 0000000000000000 ]--- [ 90.289043] ------------[ cut here ]------------ [ 90.289685] WARNING: CPU: 0 PID: 780 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.290865] Modules linked in: [ 90.291193] CPU: 0 PID: 780 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.292024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.293357] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.293837] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.295869] RSP: 0018:ffff8880181c7bb8 EFLAGS: 00010246 [ 90.296389] RAX: 0000000000000000 RBX: ffff888015d2e8a8 RCX: 0000000000000000 [ 90.297117] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 90.297862] RBP: ffff8880181c7bd0 R08: ffffed1002ba5d33 R09: ffffed1002ba5d33 [ 90.298632] R10: ffff888015d2e993 R11: ffffed1002ba5d32 R12: ffff888021bb4800 [ 90.299385] R13: ffff888015d2e9e8 R14: ffffffff8352e670 R15: ffff8880181c7e68 [ 90.300124] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.300949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.301551] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 90.302286] PKRU: 55555554 [ 90.302631] Call Trace: [ 90.302903] [ 90.303161] __iommufd_access_detach+0x1c2/0x2b0 [ 90.303691] iommufd_access_change_pt+0x149/0x270 [ 90.304215] iommufd_access_replace+0xb4/0x120 [ 90.304711] iommufd_test+0x3e5/0x37e0 [ 90.305116] ? lock_release+0x532/0x770 [ 90.305536] ? __might_fault+0x102/0x1b0 [ 90.305970] ? lock_acquire+0x427/0x4c0 [ 90.306392] ? __pfx_iommufd_test+0x10/0x10 [ 90.306883] ? __pfx_lock_release+0x10/0x10 [ 90.307355] ? __pfx_lock_acquire+0x10/0x10 [ 90.307822] ? write_comp_data+0x2f/0x90 [ 90.308262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.308774] ? write_comp_data+0x2f/0x90 [ 90.309208] iommufd_fops_ioctl+0x37d/0x510 [ 90.309656] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.310163] ? write_comp_data+0x2f/0x90 [ 90.310639] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.311171] __x64_sys_ioctl+0x1a3/0x230 [ 90.311610] do_syscall_64+0x3b/0x90 [ 90.312007] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.312545] RIP: 0033:0x7f4b8743ee5d [ 90.312941] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.314885] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.315711] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.316445] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.317176] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.317906] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.318687] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.319449] [ 90.319696] irq event stamp: 0 [ 90.320022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.320683] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.321554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.322422] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.323145] ---[ end trace 0000000000000000 ]--- [ 90.326688] ------------[ cut here ]------------ [ 90.327389] WARNING: CPU: 0 PID: 780 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.328585] Modules linked in: [ 90.328920] CPU: 0 PID: 780 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.329815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.331566] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.332095] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.333984] RSP: 0018:ffff8880181c7bd0 EFLAGS: 00010246 [ 90.334587] RAX: 0000000000000000 RBX: ffff888015d2e8a8 RCX: 0000000000000000 [ 90.335344] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 90.336096] RBP: ffff8880181c7be8 R08: ffffed1002ba5d33 R09: ffffed1002ba5d33 [ 90.336838] R10: ffff888015d2e993 R11: ffffed1002ba5d32 R12: ffff88800f173c00 [ 90.337736] R13: ffff888015d2e9e8 R14: ffff888014060c00 R15: 0000000000000000 [ 90.338829] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.339678] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.340285] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.341026] PKRU: 55555554 [ 90.341327] Call Trace: [ 90.341593] [ 90.341831] iommufd_access_destroy_object+0x65/0x170 [ 90.342373] iommufd_object_destroy_user+0x18e/0x220 [ 90.342944] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.343568] iommufd_access_destroy+0x43/0x70 [ 90.344049] iommufd_test_staccess_release+0x8d/0xd0 [ 90.344585] __fput+0x26d/0xa40 [ 90.344957] ____fput+0x1e/0x30 [ 90.345326] task_work_run+0x1a4/0x2d0 [ 90.345750] ? __pfx_task_work_run+0x10/0x10 [ 90.346224] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.346915] ? switch_task_namespaces+0xa9/0xe0 [ 90.347645] do_exit+0xb17/0x2ef0 [ 90.348019] ? lock_acquire+0x427/0x4c0 [ 90.348444] ? __pfx_lock_release+0x10/0x10 [ 90.348904] ? __kasan_check_write+0x18/0x20 [ 90.349370] ? do_raw_spin_lock+0x132/0x2a0 [ 90.349827] ? __pfx_do_exit+0x10/0x10 [ 90.350241] ? debug_smp_processor_id+0x20/0x30 [ 90.350773] ? rcu_is_watching+0x19/0xb0 [ 90.351224] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.351710] ? trace_hardirqs_on+0x26/0x120 [ 90.352173] do_group_exit+0xe0/0x2b0 [ 90.352606] __x64_sys_exit_group+0x47/0x50 [ 90.353187] do_syscall_64+0x3b/0x90 [ 90.353847] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.354396] RIP: 0033:0x7f4b87518a4d [ 90.354852] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.355503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.356289] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.357025] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.357823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.358877] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.359798] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.360539] [ 90.360784] irq event stamp: 0 [ 90.361109] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.361899] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.363104] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.364013] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.364660] ---[ end trace 0000000000000000 ]--- [ 90.365569] ------------[ cut here ]------------ [ 90.366255] WARNING: CPU: 0 PID: 780 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.367561] Modules linked in: [ 90.367905] CPU: 0 PID: 780 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.369092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.370628] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.371196] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.373097] RSP: 0018:ffff8880181c7b78 EFLAGS: 00010246 [ 90.373657] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.374399] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 90.375204] RBP: ffff8880181c7b98 R08: ffffed1002ba5d3e R09: ffffed1002ba5d3e [ 90.375950] R10: ffff888015d2e9ef R11: ffffed1002ba5d3d R12: ffff888015d2ea90 [ 90.376683] R13: ffff888015d2e8a8 R14: ffffffffffffffff R15: ffff8880181c7c60 [ 90.377424] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.378249] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.378879] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.379642] PKRU: 55555554 [ 90.379943] Call Trace: [ 90.380207] [ 90.380442] iommufd_ioas_destroy+0x53/0x70 [ 90.380907] iommufd_fops_release+0x1f7/0x370 [ 90.381387] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.381911] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.382424] ? write_comp_data+0x2f/0x90 [ 90.382892] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.383432] __fput+0x26d/0xa40 [ 90.383789] ____fput+0x1e/0x30 [ 90.384136] task_work_run+0x1a4/0x2d0 [ 90.384548] ? __pfx_task_work_run+0x10/0x10 [ 90.385007] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.385517] ? switch_task_namespaces+0xa9/0xe0 [ 90.386019] do_exit+0xb17/0x2ef0 [ 90.386382] ? lock_acquire+0x427/0x4c0 [ 90.386835] ? __pfx_lock_release+0x10/0x10 [ 90.387317] ? __kasan_check_write+0x18/0x20 [ 90.387783] ? do_raw_spin_lock+0x132/0x2a0 [ 90.388234] ? __pfx_do_exit+0x10/0x10 [ 90.388654] ? debug_smp_processor_id+0x20/0x30 [ 90.389145] ? rcu_is_watching+0x19/0xb0 [ 90.389565] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.390041] ? trace_hardirqs_on+0x26/0x120 [ 90.390500] do_group_exit+0xe0/0x2b0 [ 90.390948] __x64_sys_exit_group+0x47/0x50 [ 90.391433] do_syscall_64+0x3b/0x90 [ 90.391836] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.392381] RIP: 0033:0x7f4b87518a4d [ 90.392773] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.393413] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.394206] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.394984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.395752] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.396490] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.397233] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.397974] [ 90.398218] irq event stamp: 0 [ 90.398576] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.399244] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.400106] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.400978] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.401645] ---[ end trace 0000000000000000 ]--- [ 90.407613] ------------[ cut here ]------------ [ 90.408148] WARNING: CPU: 0 PID: 781 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.409197] Modules linked in: [ 90.409528] CPU: 0 PID: 781 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.410405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.411630] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.412154] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.414030] RSP: 0018:ffff888021b1fbb8 EFLAGS: 00010246 [ 90.414635] RAX: 0000000000000000 RBX: ffff88800b7d00a8 RCX: 0000000000000000 [ 90.415383] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 90.416113] RBP: ffff888021b1fbd0 R08: ffffed10016fa033 R09: ffffed10016fa033 [ 90.416845] R10: ffff88800b7d0193 R11: ffffed10016fa032 R12: ffff88800efcd400 [ 90.417579] R13: ffff88800b7d01e8 R14: ffffffff8352e670 R15: ffff888021b1fe68 [ 90.418330] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.419226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.419842] CR2: 00007f4b877410e8 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 90.420583] PKRU: 55555554 [ 90.420877] Call Trace: [ 90.421143] [ 90.421380] __iommufd_access_detach+0x1c2/0x2b0 [ 90.421889] iommufd_access_change_pt+0x149/0x270 [ 90.422399] iommufd_access_replace+0xb4/0x120 [ 90.422921] iommufd_test+0x3e5/0x37e0 [ 90.423347] ? lock_release+0x532/0x770 [ 90.423774] ? __might_fault+0x102/0x1b0 [ 90.424204] ? lock_acquire+0x427/0x4c0 [ 90.424627] ? __pfx_iommufd_test+0x10/0x10 [ 90.425070] ? __pfx_lock_release+0x10/0x10 [ 90.425528] ? __pfx_lock_acquire+0x10/0x10 [ 90.425996] ? write_comp_data+0x2f/0x90 [ 90.426431] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.426972] ? write_comp_data+0x2f/0x90 [ 90.427430] iommufd_fops_ioctl+0x37d/0x510 [ 90.427890] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.428398] ? write_comp_data+0x2f/0x90 [ 90.428827] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.429326] __x64_sys_ioctl+0x1a3/0x230 [ 90.429763] do_syscall_64+0x3b/0x90 [ 90.430158] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.430743] RIP: 0033:0x7f4b8743ee5d [ 90.431151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.433027] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.433824] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.434592] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.435352] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.436092] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.436823] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.437567] [ 90.437811] irq event stamp: 0 [ 90.438140] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.438833] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.439725] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.440579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.441226] ---[ end trace 0000000000000000 ]--- [ 90.444560] ------------[ cut here ]------------ [ 90.445111] WARNING: CPU: 0 PID: 781 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.446733] Modules linked in: [ 90.447086] CPU: 0 PID: 781 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.448003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.449535] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.450056] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.452304] RSP: 0018:ffff888021b1fbd0 EFLAGS: 00010246 [ 90.452869] RAX: 0000000000000000 RBX: ffff88800b7d00a8 RCX: 0000000000000000 [ 90.453937] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 90.454701] RBP: ffff888021b1fbe8 R08: ffffed10016fa033 R09: ffffed10016fa033 [ 90.455450] R10: ffff88800b7d0193 R11: ffffed10016fa032 R12: ffff888021bb6c00 [ 90.456514] R13: ffff88800b7d01e8 R14: ffff888013824800 R15: 0000000000000000 [ 90.457257] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.458377] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.459017] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.459784] PKRU: 55555554 [ 90.460082] Call Trace: [ 90.460348] [ 90.460582] iommufd_access_destroy_object+0x65/0x170 [ 90.461289] iommufd_object_destroy_user+0x18e/0x220 [ 90.461996] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.462848] iommufd_access_destroy+0x43/0x70 [ 90.463354] iommufd_test_staccess_release+0x8d/0xd0 [ 90.463892] __fput+0x26d/0xa40 [ 90.464248] ____fput+0x1e/0x30 [ 90.464604] task_work_run+0x1a4/0x2d0 [ 90.465019] ? __pfx_task_work_run+0x10/0x10 [ 90.465611] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.466312] ? switch_task_namespaces+0xa9/0xe0 [ 90.467073] do_exit+0xb17/0x2ef0 [ 90.467456] ? lock_acquire+0x427/0x4c0 [ 90.467888] ? __pfx_lock_release+0x10/0x10 [ 90.468343] ? __kasan_check_write+0x18/0x20 [ 90.468811] ? do_raw_spin_lock+0x132/0x2a0 [ 90.469267] ? __pfx_do_exit+0x10/0x10 [ 90.469800] ? debug_smp_processor_id+0x20/0x30 [ 90.470691] ? rcu_is_watching+0x19/0xb0 [ 90.471134] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.471624] ? trace_hardirqs_on+0x26/0x120 [ 90.472090] do_group_exit+0xe0/0x2b0 [ 90.472500] __x64_sys_exit_group+0x47/0x50 [ 90.472958] do_syscall_64+0x3b/0x90 [ 90.473371] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.474042] RIP: 0033:0x7f4b87518a4d [ 90.474619] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.475481] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.476295] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.477051] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.477910] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.479130] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.479909] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.480681] [ 90.480933] irq event stamp: 0 [ 90.481268] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.482143] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.483300] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.484191] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.484874] ---[ end trace 0000000000000000 ]--- [ 90.485965] ------------[ cut here ]------------ [ 90.486468] WARNING: CPU: 0 PID: 781 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.487593] Modules linked in: [ 90.487937] CPU: 0 PID: 781 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.488978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.490309] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.491161] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.493168] RSP: 0018:ffff888021b1fb78 EFLAGS: 00010246 [ 90.493904] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.494690] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 90.495522] RBP: ffff888021b1fb98 R08: ffffed10016fa03e R09: ffffed10016fa03e [ 90.496468] R10: ffff88800b7d01ef R11: ffffed10016fa03d R12: ffff88800b7d0290 [ 90.497214] R13: ffff88800b7d00a8 R14: ffffffffffffffff R15: ffff888021b1fc60 [ 90.498216] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.499124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.499743] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.500762] PKRU: 55555554 [ 90.501062] Call Trace: [ 90.501333] [ 90.501572] iommufd_ioas_destroy+0x53/0x70 [ 90.502041] iommufd_fops_release+0x1f7/0x370 [ 90.502841] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.503388] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.503913] ? write_comp_data+0x2f/0x90 [ 90.504361] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.504950] __fput+0x26d/0xa40 [ 90.505474] ____fput+0x1e/0x30 [ 90.505836] task_work_run+0x1a4/0x2d0 [ 90.506264] ? __pfx_task_work_run+0x10/0x10 [ 90.506777] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.507345] ? switch_task_namespaces+0xa9/0xe0 [ 90.507864] do_exit+0xb17/0x2ef0 [ 90.508310] ? lock_acquire+0x427/0x4c0 [ 90.508995] ? __pfx_lock_release+0x10/0x10 [ 90.509471] ? __kasan_check_write+0x18/0x20 [ 90.509950] ? do_raw_spin_lock+0x132/0x2a0 [ 90.510415] ? __pfx_do_exit+0x10/0x10 [ 90.510877] ? debug_smp_processor_id+0x20/0x30 [ 90.511395] ? rcu_is_watching+0x19/0xb0 [ 90.511827] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.512487] ? trace_hardirqs_on+0x26/0x120 [ 90.513163] do_group_exit+0xe0/0x2b0 [ 90.513578] __x64_sys_exit_group+0x47/0x50 [ 90.514043] do_syscall_64+0x3b/0x90 [ 90.514448] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.515038] RIP: 0033:0x7f4b87518a4d [ 90.515453] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.516111] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.517192] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.518150] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.518941] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.519715] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.520592] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.521752] [ 90.522005] irq event stamp: 0 [ 90.522334] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.523037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.523954] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.524917] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.525888] ---[ end trace 0000000000000000 ]--- [ 90.530673] ------------[ cut here ]------------ [ 90.531208] WARNING: CPU: 0 PID: 782 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.532536] Modules linked in: [ 90.532878] CPU: 0 PID: 782 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.533793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.535029] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.535583] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.537474] RSP: 0018:ffff8880181c7bb8 EFLAGS: 00010246 [ 90.538045] RAX: 0000000000000000 RBX: ffff88800f3718a8 RCX: 0000000000000000 [ 90.538830] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 90.539593] RBP: ffff8880181c7bd0 R08: ffffed1001e6e333 R09: ffffed1001e6e333 [ 90.540337] R10: ffff88800f371993 R11: ffffed1001e6e332 R12: ffff88801890f400 [ 90.541086] R13: ffff88800f3719e8 R14: ffffffff8352e670 R15: ffff8880181c7e68 [ 90.541833] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.542696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.543304] CR2: 00007f4b877410e8 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 90.544055] PKRU: 55555554 [ 90.544356] Call Trace: [ 90.544632] [ 90.544875] __iommufd_access_detach+0x1c2/0x2b0 [ 90.545402] iommufd_access_change_pt+0x149/0x270 [ 90.545926] iommufd_access_replace+0xb4/0x120 [ 90.546431] iommufd_test+0x3e5/0x37e0 [ 90.546883] ? lock_release+0x532/0x770 [ 90.547330] ? __might_fault+0x102/0x1b0 [ 90.547764] ? lock_acquire+0x427/0x4c0 [ 90.548192] ? __pfx_iommufd_test+0x10/0x10 [ 90.548641] ? __pfx_lock_release+0x10/0x10 [ 90.549110] ? __pfx_lock_acquire+0x10/0x10 [ 90.549591] ? write_comp_data+0x2f/0x90 [ 90.550034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.550586] ? write_comp_data+0x2f/0x90 [ 90.551030] iommufd_fops_ioctl+0x37d/0x510 [ 90.551520] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.552048] ? write_comp_data+0x2f/0x90 [ 90.552504] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.553021] __x64_sys_ioctl+0x1a3/0x230 [ 90.553464] do_syscall_64+0x3b/0x90 [ 90.553869] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.554417] RIP: 0033:0x7f4b8743ee5d [ 90.554862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.556810] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.557622] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.558371] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.559164] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.559929] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.560661] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.561409] [ 90.561656] irq event stamp: 0 [ 90.561981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.562673] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.563566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.564431] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.565085] ---[ end trace 0000000000000000 ]--- [ 90.568992] ------------[ cut here ]------------ [ 90.569691] WARNING: CPU: 0 PID: 782 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.571003] Modules linked in: [ 90.571365] CPU: 0 PID: 782 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.572283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.573678] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.574497] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.576462] RSP: 0018:ffff8880181c7bd0 EFLAGS: 00010246 [ 90.577029] RAX: 0000000000000000 RBX: ffff88800f3718a8 RCX: 0000000000000000 [ 90.578033] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 90.579027] RBP: ffff8880181c7be8 R08: ffffed1001e6e333 R09: ffffed1001e6e333 [ 90.579784] R10: ffff88800f371993 R11: ffffed1001e6e332 R12: ffff88800efcf400 [ 90.580533] R13: ffff88800f3719e8 R14: ffff888013cc1400 R15: 0000000000000000 [ 90.581411] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.582567] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.583224] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.583986] PKRU: 55555554 [ 90.584285] Call Trace: [ 90.584561] [ 90.584804] iommufd_access_destroy_object+0x65/0x170 [ 90.585508] iommufd_object_destroy_user+0x18e/0x220 [ 90.586232] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.587036] iommufd_access_destroy+0x43/0x70 [ 90.587554] iommufd_test_staccess_release+0x8d/0xd0 [ 90.588113] __fput+0x26d/0xa40 [ 90.588487] ____fput+0x1e/0x30 [ 90.588852] task_work_run+0x1a4/0x2d0 [ 90.589327] ? __pfx_task_work_run+0x10/0x10 [ 90.589969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.590686] ? switch_task_namespaces+0xa9/0xe0 [ 90.591209] do_exit+0xb17/0x2ef0 [ 90.591585] ? lock_acquire+0x427/0x4c0 [ 90.592010] ? __pfx_lock_release+0x10/0x10 [ 90.592471] ? __kasan_check_write+0x18/0x20 [ 90.592942] ? do_raw_spin_lock+0x132/0x2a0 [ 90.593534] ? __pfx_do_exit+0x10/0x10 [ 90.594103] ? debug_smp_processor_id+0x20/0x30 [ 90.594770] ? rcu_is_watching+0x19/0xb0 [ 90.595216] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.595703] ? trace_hardirqs_on+0x26/0x120 [ 90.596174] do_group_exit+0xe0/0x2b0 [ 90.596575] __x64_sys_exit_group+0x47/0x50 [ 90.597015] do_syscall_64+0x3b/0x90 [ 90.597412] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.598104] RIP: 0033:0x7f4b87518a4d [ 90.598631] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.599402] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.600175] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.600898] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.601665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.602647] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.603548] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.604258] [ 90.604484] irq event stamp: 0 [ 90.604783] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.605394] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.606423] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.607247] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.607847] ---[ end trace 0000000000000000 ]--- [ 90.608821] ------------[ cut here ]------------ [ 90.609268] WARNING: CPU: 0 PID: 782 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.610413] Modules linked in: [ 90.610749] CPU: 0 PID: 782 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.611598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.612825] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.613499] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.615444] RSP: 0018:ffff8880181c7b78 EFLAGS: 00010246 [ 90.615951] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.616812] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 90.617484] RBP: ffff8880181c7b98 R08: ffffed1001e6e33e R09: ffffed1001e6e33e [ 90.618321] R10: ffff88800f3719ef R11: ffffed1001e6e33d R12: ffff88800f371a90 [ 90.619004] R13: ffff88800f3718a8 R14: ffffffffffffffff R15: ffff8880181c7c60 [ 90.619854] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.620603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.621326] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.621999] PKRU: 55555554 [ 90.622345] Call Trace: [ 90.622728] [ 90.622947] iommufd_ioas_destroy+0x53/0x70 [ 90.623378] iommufd_fops_release+0x1f7/0x370 [ 90.623810] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.624280] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.624749] ? write_comp_data+0x2f/0x90 [ 90.625147] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.625629] __fput+0x26d/0xa40 [ 90.625955] ____fput+0x1e/0x30 [ 90.626273] task_work_run+0x1a4/0x2d0 [ 90.626673] ? __pfx_task_work_run+0x10/0x10 [ 90.627103] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.627585] ? switch_task_namespaces+0xa9/0xe0 [ 90.628035] do_exit+0xb17/0x2ef0 [ 90.628365] ? lock_acquire+0x427/0x4c0 [ 90.628749] ? __pfx_lock_release+0x10/0x10 [ 90.629165] ? __kasan_check_write+0x18/0x20 [ 90.629586] ? do_raw_spin_lock+0x132/0x2a0 [ 90.629995] ? __pfx_do_exit+0x10/0x10 [ 90.630372] ? debug_smp_processor_id+0x20/0x30 [ 90.630846] ? rcu_is_watching+0x19/0xb0 [ 90.631253] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.631688] ? trace_hardirqs_on+0x26/0x120 [ 90.632097] do_group_exit+0xe0/0x2b0 [ 90.632452] __x64_sys_exit_group+0x47/0x50 [ 90.632849] do_syscall_64+0x3b/0x90 [ 90.633203] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.633692] RIP: 0033:0x7f4b87518a4d [ 90.634037] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.634629] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.635345] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.636000] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.636660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.637323] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.637970] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.638622] [ 90.638830] irq event stamp: 0 [ 90.639115] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.639669] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.640392] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.641118] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.641663] ---[ end trace 0000000000000000 ]--- [ 90.646882] ------------[ cut here ]------------ [ 90.647440] WARNING: CPU: 0 PID: 783 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.648513] Modules linked in: [ 90.648860] CPU: 0 PID: 783 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.649688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.650826] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.651280] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.652853] RSP: 0018:ffff888021b1fbb8 EFLAGS: 00010246 [ 90.653314] RAX: 0000000000000000 RBX: ffff88800a7848a8 RCX: 0000000000000000 [ 90.653927] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 90.654559] RBP: ffff888021b1fbd0 R08: ffffed10014f0933 R09: ffffed10014f0933 [ 90.655194] R10: ffff88800a784993 R11: ffffed10014f0932 R12: ffff88800fcb2800 [ 90.655812] R13: ffff88800a7849e8 R14: ffffffff8352e670 R15: ffff888021b1fe68 [ 90.656428] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.657121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.657620] CR2: 00007f4b877410e8 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 90.658234] PKRU: 55555554 [ 90.658485] Call Trace: [ 90.658733] [ 90.658932] __iommufd_access_detach+0x1c2/0x2b0 [ 90.659375] iommufd_access_change_pt+0x149/0x270 [ 90.659807] iommufd_access_replace+0xb4/0x120 [ 90.660228] iommufd_test+0x3e5/0x37e0 [ 90.660572] ? lock_release+0x532/0x770 [ 90.660932] ? __might_fault+0x102/0x1b0 [ 90.661294] ? lock_acquire+0x427/0x4c0 [ 90.661649] ? __pfx_iommufd_test+0x10/0x10 [ 90.662022] ? __pfx_lock_release+0x10/0x10 [ 90.662403] ? __pfx_lock_acquire+0x10/0x10 [ 90.662813] ? write_comp_data+0x2f/0x90 [ 90.663196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.663625] ? write_comp_data+0x2f/0x90 [ 90.663989] iommufd_fops_ioctl+0x37d/0x510 [ 90.664368] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.664796] ? write_comp_data+0x2f/0x90 [ 90.665160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.665584] __x64_sys_ioctl+0x1a3/0x230 [ 90.665950] do_syscall_64+0x3b/0x90 [ 90.666284] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.666759] RIP: 0033:0x7f4b8743ee5d [ 90.667088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.668671] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.669331] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.669945] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.670581] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.671173] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.671752] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.672342] [ 90.672536] irq event stamp: 0 [ 90.672797] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.673318] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.674008] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.674727] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.675256] ---[ end trace 0000000000000000 ]--- [ 90.678155] ------------[ cut here ]------------ [ 90.678622] WARNING: CPU: 0 PID: 783 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.679467] Modules linked in: [ 90.679732] CPU: 0 PID: 783 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.680441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.681360] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.681767] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.683464] RSP: 0018:ffff888021b1fbd0 EFLAGS: 00010246 [ 90.683905] RAX: 0000000000000000 RBX: ffff88800a7848a8 RCX: 0000000000000000 [ 90.684487] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 90.685071] RBP: ffff888021b1fbe8 R08: ffffed10014f0933 R09: ffffed10014f0933 [ 90.685656] R10: ffff88800a784993 R11: ffffed10014f0932 R12: ffff88801890fc00 [ 90.686241] R13: ffff88800a7849e8 R14: ffff88800fa0ba00 R15: 0000000000000000 [ 90.686845] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.687521] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.687996] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.688584] PKRU: 55555554 [ 90.688818] Call Trace: [ 90.689030] [ 90.689217] iommufd_access_destroy_object+0x65/0x170 [ 90.689645] iommufd_object_destroy_user+0x18e/0x220 [ 90.690071] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.690577] iommufd_access_destroy+0x43/0x70 [ 90.690965] iommufd_test_staccess_release+0x8d/0xd0 [ 90.691404] __fput+0x26d/0xa40 [ 90.691695] ____fput+0x1e/0x30 [ 90.691979] task_work_run+0x1a4/0x2d0 [ 90.692313] ? __pfx_task_work_run+0x10/0x10 [ 90.692684] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.693094] ? switch_task_namespaces+0xa9/0xe0 [ 90.693490] do_exit+0xb17/0x2ef0 [ 90.693780] ? lock_acquire+0x427/0x4c0 [ 90.694118] ? __pfx_lock_release+0x10/0x10 [ 90.694481] ? __kasan_check_write+0x18/0x20 [ 90.694878] ? do_raw_spin_lock+0x132/0x2a0 [ 90.695247] ? __pfx_do_exit+0x10/0x10 [ 90.695580] ? debug_smp_processor_id+0x20/0x30 [ 90.695971] ? rcu_is_watching+0x19/0xb0 [ 90.696310] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.696693] ? trace_hardirqs_on+0x26/0x120 [ 90.697060] do_group_exit+0xe0/0x2b0 [ 90.697379] __x64_sys_exit_group+0x47/0x50 [ 90.697736] do_syscall_64+0x3b/0x90 [ 90.698054] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.698492] RIP: 0033:0x7f4b87518a4d [ 90.698828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.699357] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.699983] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.700564] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.701145] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.701727] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.702313] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.702930] [ 90.703129] irq event stamp: 0 [ 90.703380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.703884] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.704551] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.705217] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.705717] ---[ end trace 0000000000000000 ]--- [ 90.706431] ------------[ cut here ]------------ [ 90.706840] WARNING: CPU: 0 PID: 783 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.707659] Modules linked in: [ 90.707916] CPU: 0 PID: 783 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.708608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.709502] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.709915] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.711395] RSP: 0018:ffff888021b1fb78 EFLAGS: 00010246 [ 90.711824] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.712386] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 90.712941] RBP: ffff888021b1fb98 R08: ffffed10014f093e R09: ffffed10014f093e [ 90.713497] R10: ffff88800a7849ef R11: ffffed10014f093d R12: ffff88800a784a90 [ 90.714051] R13: ffff88800a7848a8 R14: ffffffffffffffff R15: ffff888021b1fc60 [ 90.714625] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.715266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.715723] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.716279] PKRU: 55555554 [ 90.716502] Call Trace: [ 90.716705] [ 90.716886] iommufd_ioas_destroy+0x53/0x70 [ 90.717232] iommufd_fops_release+0x1f7/0x370 [ 90.717594] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.717987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.718375] ? write_comp_data+0x2f/0x90 [ 90.718729] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.719135] __fput+0x26d/0xa40 [ 90.719411] ____fput+0x1e/0x30 [ 90.719681] task_work_run+0x1a4/0x2d0 [ 90.719995] ? __pfx_task_work_run+0x10/0x10 [ 90.720344] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.720735] ? switch_task_namespaces+0xa9/0xe0 [ 90.721110] do_exit+0xb17/0x2ef0 [ 90.721381] ? lock_acquire+0x427/0x4c0 [ 90.721708] ? __pfx_lock_release+0x10/0x10 [ 90.722052] ? __kasan_check_write+0x18/0x20 [ 90.722401] ? do_raw_spin_lock+0x132/0x2a0 [ 90.722764] ? __pfx_do_exit+0x10/0x10 [ 90.723080] ? debug_smp_processor_id+0x20/0x30 [ 90.723462] ? rcu_is_watching+0x19/0xb0 [ 90.723790] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.724157] ? trace_hardirqs_on+0x26/0x120 [ 90.724504] do_group_exit+0xe0/0x2b0 [ 90.724806] __x64_sys_exit_group+0x47/0x50 [ 90.725145] do_syscall_64+0x3b/0x90 [ 90.725446] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.725858] RIP: 0033:0x7f4b87518a4d [ 90.726152] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.726655] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.727258] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.727817] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.728373] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.728928] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.729484] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.730047] [ 90.730229] irq event stamp: 0 [ 90.730478] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.730986] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.731647] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.732302] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.732792] ---[ end trace 0000000000000000 ]--- [ 90.736604] ------------[ cut here ]------------ [ 90.736990] WARNING: CPU: 0 PID: 784 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.737755] Modules linked in: [ 90.738000] CPU: 0 PID: 784 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.738882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.739747] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.740126] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.741511] RSP: 0018:ffff88800fc9fbb8 EFLAGS: 00010246 [ 90.741919] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 90.742457] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 90.743016] RBP: ffff88800fc9fbd0 R08: ffffed100208c133 R09: ffffed100208c133 [ 90.743568] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff888021ba8000 [ 90.744115] R13: ffff8880104609e8 R14: ffffffff8352e670 R15: ffff88800fc9fe68 [ 90.744654] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.745263] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.745708] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 90.746250] PKRU: 55555554 [ 90.746468] Call Trace: [ 90.746683] [ 90.746859] __iommufd_access_detach+0x1c2/0x2b0 [ 90.747249] iommufd_access_change_pt+0x149/0x270 [ 90.747631] iommufd_access_replace+0xb4/0x120 [ 90.747992] iommufd_test+0x3e5/0x37e0 [ 90.748296] ? lock_release+0x532/0x770 [ 90.748614] ? __might_fault+0x102/0x1b0 [ 90.748933] ? lock_acquire+0x427/0x4c0 [ 90.749251] ? __pfx_iommufd_test+0x10/0x10 [ 90.749583] ? __pfx_lock_release+0x10/0x10 [ 90.749921] ? __pfx_lock_acquire+0x10/0x10 [ 90.750260] ? write_comp_data+0x2f/0x90 [ 90.750603] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.750982] ? write_comp_data+0x2f/0x90 [ 90.751315] iommufd_fops_ioctl+0x37d/0x510 [ 90.751657] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.752036] ? write_comp_data+0x2f/0x90 [ 90.752357] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.752731] __x64_sys_ioctl+0x1a3/0x230 [ 90.753053] do_syscall_64+0x3b/0x90 [ 90.753350] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.753756] RIP: 0033:0x7f4b8743ee5d [ 90.754041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.755459] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.756042] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.756583] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.757125] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.757666] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.758206] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.758773] [ 90.758954] irq event stamp: 0 [ 90.759205] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.759689] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.760371] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.761167] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.761655] ---[ end trace 0000000000000000 ]--- [ 90.764607] ------------[ cut here ]------------ [ 90.764981] WARNING: CPU: 0 PID: 784 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.765877] Modules linked in: [ 90.766125] CPU: 0 PID: 784 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.766831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.767697] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.768142] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.769616] RSP: 0018:ffff88800fc9fbd0 EFLAGS: 00010246 [ 90.770174] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 90.770742] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 90.771301] RBP: ffff88800fc9fbe8 R08: ffffed100208c133 R09: ffffed100208c133 [ 90.772034] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff88800fcb3000 [ 90.772578] R13: ffff8880104609e8 R14: ffff888013d36900 R15: 0000000000000000 [ 90.773123] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.773902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.774346] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.774972] PKRU: 55555554 [ 90.775295] Call Trace: [ 90.775495] [ 90.775671] iommufd_access_destroy_object+0x65/0x170 [ 90.776073] iommufd_object_destroy_user+0x18e/0x220 [ 90.776469] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.777075] iommufd_access_destroy+0x43/0x70 [ 90.777438] iommufd_test_staccess_release+0x8d/0xd0 [ 90.777839] __fput+0x26d/0xa40 [ 90.778110] ____fput+0x1e/0x30 [ 90.778413] task_work_run+0x1a4/0x2d0 [ 90.778843] ? __pfx_task_work_run+0x10/0x10 [ 90.779205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.779590] ? switch_task_namespaces+0xa9/0xe0 [ 90.779966] do_exit+0xb17/0x2ef0 [ 90.780237] ? lock_acquire+0x427/0x4c0 [ 90.780617] ? __pfx_lock_release+0x10/0x10 [ 90.781042] ? __kasan_check_write+0x18/0x20 [ 90.781389] ? do_raw_spin_lock+0x132/0x2a0 [ 90.781728] ? __pfx_do_exit+0x10/0x10 [ 90.782083] ? debug_smp_processor_id+0x20/0x30 [ 90.782573] ? rcu_is_watching+0x19/0xb0 [ 90.782890] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.783257] ? trace_hardirqs_on+0x26/0x120 [ 90.783599] do_group_exit+0xe0/0x2b0 [ 90.783907] __x64_sys_exit_group+0x47/0x50 [ 90.784385] do_syscall_64+0x3b/0x90 [ 90.784689] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.785094] RIP: 0033:0x7f4b87518a4d [ 90.785398] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.786022] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.786624] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.787186] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.787885] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.788433] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.788974] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.789658] [ 90.789841] irq event stamp: 0 [ 90.790083] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.790590] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.791369] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.792008] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.792489] ---[ end trace 0000000000000000 ]--- [ 90.793312] ------------[ cut here ]------------ [ 90.793676] WARNING: CPU: 0 PID: 784 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.794454] Modules linked in: [ 90.794811] CPU: 0 PID: 784 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.795594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.796598] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.796997] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.798550] RSP: 0018:ffff88800fc9fb78 EFLAGS: 00010246 [ 90.798961] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.799654] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 90.800195] RBP: ffff88800fc9fb98 R08: ffffed100208c13e R09: ffffed100208c13e [ 90.800746] R10: ffff8880104609ef R11: ffffed100208c13d R12: ffff888010460a90 [ 90.801399] R13: ffff8880104608a8 R14: ffffffffffffffff R15: ffff88800fc9fc60 [ 90.801960] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.802753] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.803211] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.803766] PKRU: 55555554 [ 90.804056] Call Trace: [ 90.804343] [ 90.804523] iommufd_ioas_destroy+0x53/0x70 [ 90.804873] iommufd_fops_release+0x1f7/0x370 [ 90.805248] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.805784] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.806178] ? write_comp_data+0x2f/0x90 [ 90.806548] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.806951] __fput+0x26d/0xa40 [ 90.807238] ____fput+0x1e/0x30 [ 90.807507] task_work_run+0x1a4/0x2d0 [ 90.807821] ? __pfx_task_work_run+0x10/0x10 [ 90.808182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.808573] ? switch_task_namespaces+0xa9/0xe0 [ 90.808953] do_exit+0xb17/0x2ef0 [ 90.809233] ? lock_acquire+0x427/0x4c0 [ 90.809568] ? __pfx_lock_release+0x10/0x10 [ 90.809927] ? __kasan_check_write+0x18/0x20 [ 90.810289] ? do_raw_spin_lock+0x132/0x2a0 [ 90.810651] ? __pfx_do_exit+0x10/0x10 [ 90.810970] ? debug_smp_processor_id+0x20/0x30 [ 90.811348] ? rcu_is_watching+0x19/0xb0 [ 90.811669] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.812032] ? trace_hardirqs_on+0x26/0x120 [ 90.812380] do_group_exit+0xe0/0x2b0 [ 90.812687] __x64_sys_exit_group+0x47/0x50 [ 90.813027] do_syscall_64+0x3b/0x90 [ 90.813329] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.813747] RIP: 0033:0x7f4b87518a4d [ 90.814038] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.814537] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.815151] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.815706] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.816260] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.816817] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.817373] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.817938] [ 90.818123] irq event stamp: 0 [ 90.818372] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.818918] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.819587] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.820241] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.820734] ---[ end trace 0000000000000000 ]--- [ 90.825132] ------------[ cut here ]------------ [ 90.825533] WARNING: CPU: 0 PID: 785 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.826321] Modules linked in: [ 90.826635] CPU: 0 PID: 785 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.827327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.828201] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.828591] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.830011] RSP: 0018:ffff888015f87bb8 EFLAGS: 00010246 [ 90.830425] RAX: 0000000000000000 RBX: ffff888010fdc8a8 RCX: 0000000000000000 [ 90.831028] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 90.831594] RBP: ffff888015f87bd0 R08: ffffed10021fb933 R09: ffffed10021fb933 [ 90.832152] R10: ffff888010fdc993 R11: ffffed10021fb932 R12: ffff888012e94000 [ 90.832711] R13: ffff888010fdc9e8 R14: ffffffff8352e670 R15: ffff888015f87e68 [ 90.833266] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.833893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.834345] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ef0 [ 90.834921] PKRU: 55555554 [ 90.835155] Call Trace: [ 90.835360] [ 90.835542] __iommufd_access_detach+0x1c2/0x2b0 [ 90.835938] iommufd_access_change_pt+0x149/0x270 [ 90.836332] iommufd_access_replace+0xb4/0x120 [ 90.836707] iommufd_test+0x3e5/0x37e0 [ 90.837017] ? lock_release+0x532/0x770 [ 90.837342] ? __might_fault+0x102/0x1b0 [ 90.837675] ? lock_acquire+0x427/0x4c0 [ 90.838003] ? __pfx_iommufd_test+0x10/0x10 [ 90.838342] ? __pfx_lock_release+0x10/0x10 [ 90.838716] ? __pfx_lock_acquire+0x10/0x10 [ 90.839072] ? write_comp_data+0x2f/0x90 [ 90.839411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.839805] ? write_comp_data+0x2f/0x90 [ 90.840138] iommufd_fops_ioctl+0x37d/0x510 [ 90.840486] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.840883] ? write_comp_data+0x2f/0x90 [ 90.841218] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.841605] __x64_sys_ioctl+0x1a3/0x230 [ 90.841945] do_syscall_64+0x3b/0x90 [ 90.842256] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.842704] RIP: 0033:0x7f4b8743ee5d [ 90.843008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.844466] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.845076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.845645] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.846213] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.846799] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.847379] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.847966] [ 90.848161] irq event stamp: 0 [ 90.848417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.848929] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.849602] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.850264] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.850790] ---[ end trace 0000000000000000 ]--- [ 90.853722] ------------[ cut here ]------------ [ 90.854128] WARNING: CPU: 0 PID: 785 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.854960] Modules linked in: [ 90.855234] CPU: 0 PID: 785 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.855928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.856824] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.857221] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.858696] RSP: 0018:ffff888015f87bd0 EFLAGS: 00010246 [ 90.859129] RAX: 0000000000000000 RBX: ffff888010fdc8a8 RCX: 0000000000000000 [ 90.859697] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 90.860260] RBP: ffff888015f87be8 R08: ffffed10021fb933 R09: ffffed10021fb933 [ 90.860829] R10: ffff888010fdc993 R11: ffffed10021fb932 R12: ffff888021bab000 [ 90.861394] R13: ffff888010fdc9e8 R14: ffff888018bac700 R15: 0000000000000000 [ 90.861964] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.862620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.863083] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.863656] PKRU: 55555554 [ 90.863882] Call Trace: [ 90.864088] [ 90.864269] iommufd_access_destroy_object+0x65/0x170 [ 90.864687] iommufd_object_destroy_user+0x18e/0x220 [ 90.865095] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.865568] iommufd_access_destroy+0x43/0x70 [ 90.865938] iommufd_test_staccess_release+0x8d/0xd0 [ 90.866351] __fput+0x26d/0xa40 [ 90.866651] ____fput+0x1e/0x30 [ 90.866927] task_work_run+0x1a4/0x2d0 [ 90.867259] ? __pfx_task_work_run+0x10/0x10 [ 90.867620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.868017] ? switch_task_namespaces+0xa9/0xe0 [ 90.868403] do_exit+0xb17/0x2ef0 [ 90.868685] ? lock_acquire+0x427/0x4c0 [ 90.869015] ? __pfx_lock_release+0x10/0x10 [ 90.869368] ? __kasan_check_write+0x18/0x20 [ 90.869726] ? do_raw_spin_lock+0x132/0x2a0 [ 90.870075] ? __pfx_do_exit+0x10/0x10 [ 90.870397] ? debug_smp_processor_id+0x20/0x30 [ 90.870796] ? rcu_is_watching+0x19/0xb0 [ 90.871134] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.871505] ? trace_hardirqs_on+0x26/0x120 [ 90.871863] do_group_exit+0xe0/0x2b0 [ 90.872172] __x64_sys_exit_group+0x47/0x50 [ 90.872519] do_syscall_64+0x3b/0x90 [ 90.872831] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.873256] RIP: 0033:0x7f4b87518a4d [ 90.873554] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.874045] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.874671] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.875250] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.875819] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.876396] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.876970] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.877548] [ 90.877737] irq event stamp: 0 [ 90.877998] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.878501] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.879216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.879881] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.880383] ---[ end trace 0000000000000000 ]--- [ 90.881101] ------------[ cut here ]------------ [ 90.881480] WARNING: CPU: 0 PID: 785 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.882287] Modules linked in: [ 90.882588] CPU: 0 PID: 785 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.883290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.884188] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.884601] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.886053] RSP: 0018:ffff888015f87b78 EFLAGS: 00010246 [ 90.886480] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.887064] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 90.887645] RBP: ffff888015f87b98 R08: ffffed10021fb93e R09: ffffed10021fb93e [ 90.888210] R10: ffff888010fdc9ef R11: ffffed10021fb93d R12: ffff888010fdca90 [ 90.888772] R13: ffff888010fdc8a8 R14: ffffffffffffffff R15: ffff888015f87c60 [ 90.889339] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.889978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.890445] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.891033] PKRU: 55555554 [ 90.891270] Call Trace: [ 90.891475] [ 90.891659] iommufd_ioas_destroy+0x53/0x70 [ 90.892017] iommufd_fops_release+0x1f7/0x370 [ 90.892387] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.892791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.893193] ? write_comp_data+0x2f/0x90 [ 90.893530] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.893937] __fput+0x26d/0xa40 [ 90.894220] ____fput+0x1e/0x30 [ 90.894493] task_work_run+0x1a4/0x2d0 [ 90.894843] ? __pfx_task_work_run+0x10/0x10 [ 90.895213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.895612] ? switch_task_namespaces+0xa9/0xe0 [ 90.895999] do_exit+0xb17/0x2ef0 [ 90.896279] ? lock_acquire+0x427/0x4c0 [ 90.896613] ? __pfx_lock_release+0x10/0x10 [ 90.896970] ? __kasan_check_write+0x18/0x20 [ 90.897328] ? do_raw_spin_lock+0x132/0x2a0 [ 90.897683] ? __pfx_do_exit+0x10/0x10 [ 90.898008] ? debug_smp_processor_id+0x20/0x30 [ 90.898388] ? rcu_is_watching+0x19/0xb0 [ 90.898738] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.899113] ? trace_hardirqs_on+0x26/0x120 [ 90.899467] do_group_exit+0xe0/0x2b0 [ 90.899779] __x64_sys_exit_group+0x47/0x50 [ 90.900128] do_syscall_64+0x3b/0x90 [ 90.900436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.900860] RIP: 0033:0x7f4b87518a4d [ 90.901161] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.901651] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.902261] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.902849] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.903425] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.903995] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.904560] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.905135] [ 90.905322] irq event stamp: 0 [ 90.905574] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.906073] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.906758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.907432] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.907934] ---[ end trace 0000000000000000 ]--- [ 90.913005] ------------[ cut here ]------------ [ 90.913419] WARNING: CPU: 0 PID: 786 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.914221] Modules linked in: [ 90.914477] CPU: 0 PID: 786 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.915204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.916100] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.916494] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.917936] RSP: 0018:ffff888016dd7bb8 EFLAGS: 00010246 [ 90.918359] RAX: 0000000000000000 RBX: ffff888015b2b0a8 RCX: 0000000000000000 [ 90.918936] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 90.919512] RBP: ffff888016dd7bd0 R08: ffffed1002b65633 R09: ffffed1002b65633 [ 90.920077] R10: ffff888015b2b193 R11: ffffed1002b65632 R12: ffff888013e78000 [ 90.920642] R13: ffff888015b2b1e8 R14: ffffffff8352e670 R15: ffff888016dd7e68 [ 90.921209] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.921850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.922312] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 90.922894] PKRU: 55555554 [ 90.923128] Call Trace: [ 90.923336] [ 90.923521] __iommufd_access_detach+0x1c2/0x2b0 [ 90.923917] iommufd_access_change_pt+0x149/0x270 [ 90.924312] iommufd_access_replace+0xb4/0x120 [ 90.924689] iommufd_test+0x3e5/0x37e0 [ 90.925003] ? lock_release+0x532/0x770 [ 90.925331] ? __might_fault+0x102/0x1b0 [ 90.925661] ? lock_acquire+0x427/0x4c0 [ 90.925989] ? __pfx_iommufd_test+0x10/0x10 [ 90.926333] ? __pfx_lock_release+0x10/0x10 [ 90.926703] ? __pfx_lock_acquire+0x10/0x10 [ 90.927061] ? write_comp_data+0x2f/0x90 [ 90.927408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.927805] ? write_comp_data+0x2f/0x90 [ 90.928143] iommufd_fops_ioctl+0x37d/0x510 [ 90.928501] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.928899] ? write_comp_data+0x2f/0x90 [ 90.929234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 90.929626] __x64_sys_ioctl+0x1a3/0x230 [ 90.929965] do_syscall_64+0x3b/0x90 [ 90.930280] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.930729] RIP: 0033:0x7f4b8743ee5d [ 90.931032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 90.932490] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 90.933100] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 90.933666] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 90.934234] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 90.934826] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 90.935407] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 90.935984] [ 90.936172] irq event stamp: 0 [ 90.936426] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.936929] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.937601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.938269] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.938803] ---[ end trace 0000000000000000 ]--- [ 90.941612] ------------[ cut here ]------------ [ 90.942021] WARNING: CPU: 0 PID: 786 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 90.942858] Modules linked in: [ 90.943128] CPU: 0 PID: 786 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.943819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.944713] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 90.945111] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 90.946578] RSP: 0018:ffff888016dd7bd0 EFLAGS: 00010246 [ 90.947004] RAX: 0000000000000000 RBX: ffff888015b2b0a8 RCX: 0000000000000000 [ 90.947580] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 90.948146] RBP: ffff888016dd7be8 R08: ffffed1002b65633 R09: ffffed1002b65633 [ 90.948710] R10: ffff888015b2b193 R11: ffffed1002b65632 R12: ffff888012e96800 [ 90.949276] R13: ffff888015b2b1e8 R14: ffff88800f211b00 R15: 0000000000000000 [ 90.949841] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.950482] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.950971] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.951547] PKRU: 55555554 [ 90.951774] Call Trace: [ 90.951980] [ 90.952165] iommufd_access_destroy_object+0x65/0x170 [ 90.952583] iommufd_object_destroy_user+0x18e/0x220 [ 90.952994] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 90.953464] iommufd_access_destroy+0x43/0x70 [ 90.953834] iommufd_test_staccess_release+0x8d/0xd0 [ 90.954248] __fput+0x26d/0xa40 [ 90.954556] ____fput+0x1e/0x30 [ 90.954833] task_work_run+0x1a4/0x2d0 [ 90.955167] ? __pfx_task_work_run+0x10/0x10 [ 90.955527] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.955927] ? switch_task_namespaces+0xa9/0xe0 [ 90.956320] do_exit+0xb17/0x2ef0 [ 90.956603] ? lock_acquire+0x427/0x4c0 [ 90.956934] ? __pfx_lock_release+0x10/0x10 [ 90.957287] ? __kasan_check_write+0x18/0x20 [ 90.957645] ? do_raw_spin_lock+0x132/0x2a0 [ 90.958013] ? __pfx_do_exit+0x10/0x10 [ 90.958337] ? debug_smp_processor_id+0x20/0x30 [ 90.958743] ? rcu_is_watching+0x19/0xb0 [ 90.959086] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.959463] ? trace_hardirqs_on+0x26/0x120 [ 90.959819] do_group_exit+0xe0/0x2b0 [ 90.960129] __x64_sys_exit_group+0x47/0x50 [ 90.960478] do_syscall_64+0x3b/0x90 [ 90.960787] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.961211] RIP: 0033:0x7f4b87518a4d [ 90.961514] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.962004] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.962632] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.963208] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.963775] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.964344] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.964922] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.965502] [ 90.965691] irq event stamp: 0 [ 90.965947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.966450] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.967147] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.967819] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.968327] ---[ end trace 0000000000000000 ]--- [ 90.969042] ------------[ cut here ]------------ [ 90.969423] WARNING: CPU: 0 PID: 786 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 90.970231] Modules linked in: [ 90.970491] CPU: 0 PID: 786 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 90.971219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 90.972119] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 90.972535] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 90.973995] RSP: 0018:ffff888016dd7b78 EFLAGS: 00010246 [ 90.974422] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 90.975020] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 90.975603] RBP: ffff888016dd7b98 R08: ffffed1002b6563e R09: ffffed1002b6563e [ 90.976177] R10: ffff888015b2b1ef R11: ffffed1002b6563d R12: ffff888015b2b290 [ 90.976746] R13: ffff888015b2b0a8 R14: ffffffffffffffff R15: ffff888016dd7c60 [ 90.977314] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 90.977950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 90.978409] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 90.978994] PKRU: 55555554 [ 90.979235] Call Trace: [ 90.979441] [ 90.979625] iommufd_ioas_destroy+0x53/0x70 [ 90.979981] iommufd_fops_release+0x1f7/0x370 [ 90.980348] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.980755] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.981156] ? write_comp_data+0x2f/0x90 [ 90.981501] ? __pfx_iommufd_fops_release+0x10/0x10 [ 90.981905] __fput+0x26d/0xa40 [ 90.982187] ____fput+0x1e/0x30 [ 90.982461] task_work_run+0x1a4/0x2d0 [ 90.982804] ? __pfx_task_work_run+0x10/0x10 [ 90.983177] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 90.983579] ? switch_task_namespaces+0xa9/0xe0 [ 90.983969] do_exit+0xb17/0x2ef0 [ 90.984252] ? lock_acquire+0x427/0x4c0 [ 90.984585] ? __pfx_lock_release+0x10/0x10 [ 90.984939] ? __kasan_check_write+0x18/0x20 [ 90.985296] ? do_raw_spin_lock+0x132/0x2a0 [ 90.985644] ? __pfx_do_exit+0x10/0x10 [ 90.985975] ? debug_smp_processor_id+0x20/0x30 [ 90.986363] ? rcu_is_watching+0x19/0xb0 [ 90.986736] ? _raw_spin_unlock_irq+0x2b/0x60 [ 90.987120] ? trace_hardirqs_on+0x26/0x120 [ 90.987480] do_group_exit+0xe0/0x2b0 [ 90.987795] __x64_sys_exit_group+0x47/0x50 [ 90.988141] do_syscall_64+0x3b/0x90 [ 90.988451] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 90.988877] RIP: 0033:0x7f4b87518a4d [ 90.989179] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 90.989666] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 90.990275] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 90.990862] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 90.991441] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 90.992012] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 90.992581] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 90.993157] [ 90.993344] irq event stamp: 0 [ 90.993599] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 90.994104] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 90.994792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 90.995475] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 90.995981] ---[ end trace 0000000000000000 ]--- [ 90.999967] ------------[ cut here ]------------ [ 91.000376] WARNING: CPU: 0 PID: 787 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.001176] Modules linked in: [ 91.001433] CPU: 0 PID: 787 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.002120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.003235] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.003637] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.005079] RSP: 0018:ffff888016f97bb8 EFLAGS: 00010246 [ 91.005503] RAX: 0000000000000000 RBX: ffff8880186cc0a8 RCX: 0000000000000000 [ 91.006067] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 91.006648] RBP: ffff888016f97bd0 R08: ffffed10030d9833 R09: ffffed10030d9833 [ 91.007225] R10: ffff8880186cc193 R11: ffffed10030d9832 R12: ffff888016635000 [ 91.007788] R13: ffff8880186cc1e8 R14: ffffffff8352e670 R15: ffff888016f97e68 [ 91.008351] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.008986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.009446] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ef0 [ 91.010017] PKRU: 55555554 [ 91.010251] Call Trace: [ 91.010458] [ 91.010662] __iommufd_access_detach+0x1c2/0x2b0 [ 91.011057] iommufd_access_change_pt+0x149/0x270 [ 91.011457] iommufd_access_replace+0xb4/0x120 [ 91.011829] iommufd_test+0x3e5/0x37e0 [ 91.012139] ? lock_release+0x532/0x770 [ 91.012467] ? __might_fault+0x102/0x1b0 [ 91.012796] ? lock_acquire+0x427/0x4c0 [ 91.013121] ? __pfx_iommufd_test+0x10/0x10 [ 91.013459] ? __pfx_lock_release+0x10/0x10 [ 91.013807] ? __pfx_lock_acquire+0x10/0x10 [ 91.014158] ? write_comp_data+0x2f/0x90 [ 91.014489] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.014903] ? write_comp_data+0x2f/0x90 [ 91.015242] iommufd_fops_ioctl+0x37d/0x510 [ 91.015589] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.015980] ? write_comp_data+0x2f/0x90 [ 91.016313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.016702] __x64_sys_ioctl+0x1a3/0x230 [ 91.017039] do_syscall_64+0x3b/0x90 [ 91.017343] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.017757] RIP: 0033:0x7f4b8743ee5d [ 91.018050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.019495] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.020097] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.020667] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.021722] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.022292] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.023029] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.023609] [ 91.023795] irq event stamp: 0 [ 91.024044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.024615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.025335] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.026022] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.026605] ---[ end trace 0000000000000000 ]--- [ 91.029518] ------------[ cut here ]------------ [ 91.029897] WARNING: CPU: 0 PID: 787 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.030841] Modules linked in: [ 91.031095] CPU: 0 PID: 787 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.031784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.032814] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.033204] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.034782] RSP: 0018:ffff888016f97bd0 EFLAGS: 00010246 [ 91.035210] RAX: 0000000000000000 RBX: ffff8880186cc0a8 RCX: 0000000000000000 [ 91.035797] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 91.036633] RBP: ffff888016f97be8 R08: ffffed10030d9833 R09: ffffed10030d9833 [ 91.037371] R10: ffff8880186cc193 R11: ffffed10030d9832 R12: ffff888013e7b000 [ 91.038169] R13: ffff8880186cc1e8 R14: ffff8880148a8200 R15: 0000000000000000 [ 91.039106] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.039947] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.040570] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.041431] PKRU: 55555554 [ 91.041738] Call Trace: [ 91.042059] [ 91.042386] iommufd_access_destroy_object+0x65/0x170 [ 91.042876] iommufd_object_destroy_user+0x18e/0x220 [ 91.043329] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.043929] iommufd_access_destroy+0x43/0x70 [ 91.044538] iommufd_test_staccess_release+0x8d/0xd0 [ 91.045083] __fput+0x26d/0xa40 [ 91.045520] ____fput+0x1e/0x30 [ 91.045990] task_work_run+0x1a4/0x2d0 [ 91.046402] ? __pfx_task_work_run+0x10/0x10 [ 91.046967] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.047598] ? switch_task_namespaces+0xa9/0xe0 [ 91.048121] do_exit+0xb17/0x2ef0 [ 91.048486] ? lock_acquire+0x427/0x4c0 [ 91.049107] ? __pfx_lock_release+0x10/0x10 [ 91.049573] ? __kasan_check_write+0x18/0x20 [ 91.050015] ? do_raw_spin_lock+0x132/0x2a0 [ 91.050670] ? __pfx_do_exit+0x10/0x10 [ 91.051088] ? debug_smp_processor_id+0x20/0x30 [ 91.051590] ? rcu_is_watching+0x19/0xb0 [ 91.052015] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.052642] ? trace_hardirqs_on+0x26/0x120 [ 91.053114] do_group_exit+0xe0/0x2b0 [ 91.053535] __x64_sys_exit_group+0x47/0x50 [ 91.054090] do_syscall_64+0x3b/0x90 [ 91.054499] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.055069] RIP: 0033:0x7f4b87518a4d [ 91.055775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.056316] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.057375] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.058392] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.059263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.060289] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.061479] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.062654] [ 91.062944] irq event stamp: 0 [ 91.063477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.064200] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.065133] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.066066] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.066817] ---[ end trace 0000000000000000 ]--- [ 91.068159] ------------[ cut here ]------------ [ 91.068697] WARNING: CPU: 0 PID: 787 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.069998] Modules linked in: [ 91.070602] CPU: 0 PID: 787 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.071647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.072986] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.073570] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.075635] RSP: 0018:ffff888016f97b78 EFLAGS: 00010246 [ 91.076238] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.077027] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 91.077812] RBP: ffff888016f97b98 R08: ffffed10030d983e R09: ffffed10030d983e [ 91.078636] R10: ffff8880186cc1ef R11: ffffed10030d983d R12: ffff8880186cc290 [ 91.079442] R13: ffff8880186cc0a8 R14: ffffffffffffffff R15: ffff888016f97c60 [ 91.080228] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.081114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.081755] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.082578] PKRU: 55555554 [ 91.082904] Call Trace: [ 91.083205] [ 91.083464] iommufd_ioas_destroy+0x53/0x70 [ 91.083959] iommufd_fops_release+0x1f7/0x370 [ 91.084470] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.085033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.085590] ? write_comp_data+0x2f/0x90 [ 91.086062] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.086658] __fput+0x26d/0xa40 [ 91.087060] ____fput+0x1e/0x30 [ 91.087437] task_work_run+0x1a4/0x2d0 [ 91.087769] ? __pfx_task_work_run+0x10/0x10 [ 91.088130] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.088529] ? switch_task_namespaces+0xa9/0xe0 [ 91.088916] do_exit+0xb17/0x2ef0 [ 91.089197] ? lock_acquire+0x427/0x4c0 [ 91.089527] ? __pfx_lock_release+0x10/0x10 [ 91.089885] ? __kasan_check_write+0x18/0x20 [ 91.090241] ? do_raw_spin_lock+0x132/0x2a0 [ 91.090621] ? __pfx_do_exit+0x10/0x10 [ 91.090947] ? debug_smp_processor_id+0x20/0x30 [ 91.091339] ? rcu_is_watching+0x19/0xb0 [ 91.091672] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.092045] ? trace_hardirqs_on+0x26/0x120 [ 91.092400] do_group_exit+0xe0/0x2b0 [ 91.092712] __x64_sys_exit_group+0x47/0x50 [ 91.093062] do_syscall_64+0x3b/0x90 [ 91.093374] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.093800] RIP: 0033:0x7f4b87518a4d [ 91.094105] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.094620] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.095239] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.095813] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.096384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.096956] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.097527] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.098109] [ 91.098299] irq event stamp: 0 [ 91.098577] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.099105] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.099795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.100467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.100975] ---[ end trace 0000000000000000 ]--- [ 91.107984] ------------[ cut here ]------------ [ 91.108446] WARNING: CPU: 1 PID: 788 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.109481] Modules linked in: [ 91.109785] CPU: 1 PID: 788 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.110700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.111819] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.112277] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.114014] RSP: 0018:ffff88801839fbb8 EFLAGS: 00010246 [ 91.114539] RAX: 0000000000000000 RBX: ffff8880138f30a8 RCX: 0000000000000000 [ 91.115193] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 91.115929] RBP: ffff88801839fbd0 R08: ffffed100271e633 R09: ffffed100271e633 [ 91.116590] R10: ffff8880138f3193 R11: ffffed100271e632 R12: ffff8880189e2c00 [ 91.117281] R13: ffff8880138f31e8 R14: ffffffff8352e670 R15: ffff88801839fe68 [ 91.117938] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.118712] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.119283] CR2: 00007f4b877410e8 CR3: 0000000014502000 CR4: 0000000000750ee0 [ 91.119966] PKRU: 55555554 [ 91.120231] Call Trace: [ 91.120491] [ 91.120744] __iommufd_access_detach+0x1c2/0x2b0 [ 91.121193] iommufd_access_change_pt+0x149/0x270 [ 91.121651] iommufd_access_replace+0xb4/0x120 [ 91.122175] iommufd_test+0x3e5/0x37e0 [ 91.122548] ? lock_release+0x532/0x770 [ 91.122919] ? __might_fault+0x102/0x1b0 [ 91.123360] ? lock_acquire+0x427/0x4c0 [ 91.123747] ? __pfx_iommufd_test+0x10/0x10 [ 91.124138] ? __pfx_lock_release+0x10/0x10 [ 91.124588] ? __pfx_lock_acquire+0x10/0x10 [ 91.125024] ? write_comp_data+0x2f/0x90 [ 91.125396] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.125877] ? write_comp_data+0x2f/0x90 [ 91.126283] iommufd_fops_ioctl+0x37d/0x510 [ 91.126692] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.127196] ? write_comp_data+0x2f/0x90 [ 91.127615] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.128049] __x64_sys_ioctl+0x1a3/0x230 [ 91.128458] do_syscall_64+0x3b/0x90 [ 91.128845] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.129332] RIP: 0033:0x7f4b8743ee5d [ 91.129703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.131555] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.132256] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.133061] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.133708] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.134482] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.135172] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.135961] [ 91.136179] irq event stamp: 0 [ 91.136465] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.137160] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.137924] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.138696] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.139274] ---[ end trace 0000000000000000 ]--- [ 91.142305] ------------[ cut here ]------------ [ 91.142811] WARNING: CPU: 0 PID: 788 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.143673] Modules linked in: [ 91.143943] CPU: 0 PID: 788 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.144665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.145628] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.146061] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.147713] RSP: 0018:ffff88801839fbd0 EFLAGS: 00010246 [ 91.148176] RAX: 0000000000000000 RBX: ffff8880138f30a8 RCX: 0000000000000000 [ 91.148799] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 91.149425] RBP: ffff88801839fbe8 R08: ffffed100271e633 R09: ffffed100271e633 [ 91.150049] R10: ffff8880138f3193 R11: ffffed100271e632 R12: ffff88801341e400 [ 91.150704] R13: ffff8880138f31e8 R14: ffff8880139bb200 R15: 0000000000000000 [ 91.151343] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.152049] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.152560] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 91.153187] PKRU: 55555554 [ 91.153442] Call Trace: [ 91.153669] [ 91.153871] iommufd_access_destroy_object+0x65/0x170 [ 91.154339] iommufd_object_destroy_user+0x18e/0x220 [ 91.154820] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.155358] iommufd_access_destroy+0x43/0x70 [ 91.155775] iommufd_test_staccess_release+0x8d/0xd0 [ 91.156242] __fput+0x26d/0xa40 [ 91.156557] ____fput+0x1e/0x30 [ 91.156864] task_work_run+0x1a4/0x2d0 [ 91.157221] ? __pfx_task_work_run+0x10/0x10 [ 91.157621] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.158067] ? switch_task_namespaces+0xa9/0xe0 [ 91.158494] do_exit+0xb17/0x2ef0 [ 91.158842] ? lock_acquire+0x427/0x4c0 [ 91.159219] ? __pfx_lock_release+0x10/0x10 [ 91.159613] ? __kasan_check_write+0x18/0x20 [ 91.160014] ? do_raw_spin_lock+0x132/0x2a0 [ 91.160401] ? __pfx_do_exit+0x10/0x10 [ 91.160763] ? debug_smp_processor_id+0x20/0x30 [ 91.161179] ? rcu_is_watching+0x19/0xb0 [ 91.161541] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.161946] ? trace_hardirqs_on+0x26/0x120 [ 91.162337] do_group_exit+0xe0/0x2b0 [ 91.162719] __x64_sys_exit_group+0x47/0x50 [ 91.163132] do_syscall_64+0x3b/0x90 [ 91.163490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.163962] RIP: 0033:0x7f4b87518a4d [ 91.164293] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.164843] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.165518] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.166146] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.166806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.167451] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.168077] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.168717] [ 91.168927] irq event stamp: 0 [ 91.169204] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.169759] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.170492] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.171286] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.171844] ---[ end trace 0000000000000000 ]--- [ 91.172884] ------------[ cut here ]------------ [ 91.173307] WARNING: CPU: 0 PID: 788 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.174245] Modules linked in: [ 91.174606] CPU: 0 PID: 788 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.175435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.176489] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.176985] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.178723] RSP: 0018:ffff88801839fb78 EFLAGS: 00010246 [ 91.179239] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.179907] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 91.180567] RBP: ffff88801839fb98 R08: ffffed100271e63e R09: ffffed100271e63e [ 91.181229] R10: ffff8880138f31ef R11: ffffed100271e63d R12: ffff8880138f3290 [ 91.181892] R13: ffff8880138f30a8 R14: ffffffffffffffff R15: ffff88801839fc60 [ 91.182582] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.183357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.183910] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 91.184577] PKRU: 55555554 [ 91.184845] Call Trace: [ 91.185081] [ 91.185292] iommufd_ioas_destroy+0x53/0x70 [ 91.185703] iommufd_fops_release+0x1f7/0x370 [ 91.186132] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.186640] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.187144] ? write_comp_data+0x2f/0x90 [ 91.187540] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.188021] __fput+0x26d/0xa40 [ 91.188354] ____fput+0x1e/0x30 [ 91.188678] task_work_run+0x1a4/0x2d0 [ 91.189059] ? __pfx_task_work_run+0x10/0x10 [ 91.189492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.189957] ? switch_task_namespaces+0xa9/0xe0 [ 91.190408] do_exit+0xb17/0x2ef0 [ 91.190771] ? lock_acquire+0x427/0x4c0 [ 91.191167] ? __pfx_lock_release+0x10/0x10 [ 91.191585] ? __kasan_check_write+0x18/0x20 [ 91.192004] ? do_raw_spin_lock+0x132/0x2a0 [ 91.192411] ? __pfx_do_exit+0x10/0x10 [ 91.192790] ? debug_smp_processor_id+0x20/0x30 [ 91.193229] ? rcu_is_watching+0x19/0xb0 [ 91.193613] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.194044] ? trace_hardirqs_on+0x26/0x120 [ 91.194460] do_group_exit+0xe0/0x2b0 [ 91.194856] __x64_sys_exit_group+0x47/0x50 [ 91.195279] do_syscall_64+0x3b/0x90 [ 91.195643] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.196137] RIP: 0033:0x7f4b87518a4d [ 91.196482] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.197063] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.197773] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.198431] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.199128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.199792] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.200450] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.201117] [ 91.201340] irq event stamp: 0 [ 91.201638] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.202234] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.203069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.203886] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.204490] ---[ end trace 0000000000000000 ]--- [ 91.210695] ------------[ cut here ]------------ [ 91.211239] WARNING: CPU: 0 PID: 789 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.212202] Modules linked in: [ 91.212510] CPU: 0 PID: 789 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.213342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.214427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.214951] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.216732] RSP: 0018:ffff888013f37bb8 EFLAGS: 00010246 [ 91.217258] RAX: 0000000000000000 RBX: ffff88800f63d0a8 RCX: 0000000000000000 [ 91.217949] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 91.218659] RBP: ffff888013f37bd0 R08: ffffed1001ec7a33 R09: ffffed1001ec7a33 [ 91.219360] R10: ffff88800f63d193 R11: ffffed1001ec7a32 R12: ffff88800f171800 [ 91.220044] R13: ffff88800f63d1e8 R14: ffffffff8352e670 R15: ffff888013f37e68 [ 91.220735] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.221500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.222058] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ef0 [ 91.222769] PKRU: 55555554 [ 91.223048] Call Trace: [ 91.223305] [ 91.223530] __iommufd_access_detach+0x1c2/0x2b0 [ 91.224010] iommufd_access_change_pt+0x149/0x270 [ 91.224489] iommufd_access_replace+0xb4/0x120 [ 91.224945] iommufd_test+0x3e5/0x37e0 [ 91.225321] ? lock_release+0x532/0x770 [ 91.225712] ? __might_fault+0x102/0x1b0 [ 91.226119] ? lock_acquire+0x427/0x4c0 [ 91.226538] ? __pfx_iommufd_test+0x10/0x10 [ 91.226960] ? __pfx_lock_release+0x10/0x10 [ 91.227400] ? __pfx_lock_acquire+0x10/0x10 [ 91.227833] ? write_comp_data+0x2f/0x90 [ 91.228235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.228723] ? write_comp_data+0x2f/0x90 [ 91.229135] iommufd_fops_ioctl+0x37d/0x510 [ 91.229561] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.230045] ? write_comp_data+0x2f/0x90 [ 91.230453] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.230948] __x64_sys_ioctl+0x1a3/0x230 [ 91.231371] do_syscall_64+0x3b/0x90 [ 91.231748] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.232260] RIP: 0033:0x7f4b8743ee5d [ 91.232621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.234384] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.235157] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.235854] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.236539] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.237224] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.237913] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.238638] [ 91.238874] irq event stamp: 0 [ 91.239197] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.239825] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.240652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.241456] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.242064] ---[ end trace 0000000000000000 ]--- [ 91.245219] ------------[ cut here ]------------ [ 91.245702] WARNING: CPU: 0 PID: 789 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.246728] Modules linked in: [ 91.247048] CPU: 0 PID: 789 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.247911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.248992] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.249474] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.251288] RSP: 0018:ffff888013f37bd0 EFLAGS: 00010246 [ 91.251814] RAX: 0000000000000000 RBX: ffff88800f63d0a8 RCX: 0000000000000000 [ 91.252498] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 91.253178] RBP: ffff888013f37be8 R08: ffffed1001ec7a33 R09: ffffed1001ec7a33 [ 91.253864] R10: ffff88800f63d193 R11: ffffed1001ec7a32 R12: ffff888016634400 [ 91.254571] R13: ffff88800f63d1e8 R14: ffff88800fa0b000 R15: 0000000000000000 [ 91.255271] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.256048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.256606] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.257293] PKRU: 55555554 [ 91.257566] Call Trace: [ 91.257814] [ 91.258035] iommufd_access_destroy_object+0x65/0x170 [ 91.258568] iommufd_object_destroy_user+0x18e/0x220 [ 91.259066] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.259644] iommufd_access_destroy+0x43/0x70 [ 91.260091] iommufd_test_staccess_release+0x8d/0xd0 [ 91.260599] __fput+0x26d/0xa40 [ 91.260937] ____fput+0x1e/0x30 [ 91.261264] task_work_run+0x1a4/0x2d0 [ 91.261646] ? __pfx_task_work_run+0x10/0x10 [ 91.262072] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.262569] ? switch_task_namespaces+0xa9/0xe0 [ 91.263033] do_exit+0xb17/0x2ef0 [ 91.263383] ? lock_acquire+0x427/0x4c0 [ 91.263778] ? __pfx_lock_release+0x10/0x10 [ 91.264204] ? __kasan_check_write+0x18/0x20 [ 91.264637] ? do_raw_spin_lock+0x132/0x2a0 [ 91.265059] ? __pfx_do_exit+0x10/0x10 [ 91.265449] ? debug_smp_processor_id+0x20/0x30 [ 91.265906] ? rcu_is_watching+0x19/0xb0 [ 91.266301] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.266773] ? trace_hardirqs_on+0x26/0x120 [ 91.267210] do_group_exit+0xe0/0x2b0 [ 91.267578] __x64_sys_exit_group+0x47/0x50 [ 91.267996] do_syscall_64+0x3b/0x90 [ 91.268370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.268881] RIP: 0033:0x7f4b87518a4d [ 91.269245] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.269833] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.270609] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.271328] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.272018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.272703] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.273388] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.274081] [ 91.274309] irq event stamp: 0 [ 91.274639] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.275283] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.276104] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.276924] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.277545] ---[ end trace 0000000000000000 ]--- [ 91.278386] ------------[ cut here ]------------ [ 91.278875] WARNING: CPU: 0 PID: 789 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.279873] Modules linked in: [ 91.280191] CPU: 0 PID: 789 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.281032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.282118] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.282651] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.284443] RSP: 0018:ffff888013f37b78 EFLAGS: 00010246 [ 91.284967] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.285663] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 91.286349] RBP: ffff888013f37b98 R08: ffffed1001ec7a3e R09: ffffed1001ec7a3e [ 91.287071] R10: ffff88800f63d1ef R11: ffffed1001ec7a3d R12: ffff88800f63d290 [ 91.287782] R13: ffff88800f63d0a8 R14: ffffffffffffffff R15: ffff888013f37c60 [ 91.288487] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.289935] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.290555] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.291255] PKRU: 55555554 [ 91.291525] Call Trace: [ 91.291769] [ 91.291986] iommufd_ioas_destroy+0x53/0x70 [ 91.292412] iommufd_fops_release+0x1f7/0x370 [ 91.292984] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.293633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.294113] ? write_comp_data+0x2f/0x90 [ 91.294552] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.295040] __fput+0x26d/0xa40 [ 91.295388] ____fput+0x1e/0x30 [ 91.295720] task_work_run+0x1a4/0x2d0 [ 91.296147] ? __pfx_task_work_run+0x10/0x10 [ 91.296868] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.297353] ? switch_task_namespaces+0xa9/0xe0 [ 91.297817] do_exit+0xb17/0x2ef0 [ 91.298154] ? lock_acquire+0x427/0x4c0 [ 91.298594] ? __pfx_lock_release+0x10/0x10 [ 91.299317] ? __kasan_check_write+0x18/0x20 [ 91.299754] ? do_raw_spin_lock+0x132/0x2a0 [ 91.300184] ? __pfx_do_exit+0x10/0x10 [ 91.300576] ? debug_smp_processor_id+0x20/0x30 [ 91.301035] ? rcu_is_watching+0x19/0xb0 [ 91.301434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.301887] ? trace_hardirqs_on+0x26/0x120 [ 91.302433] do_group_exit+0xe0/0x2b0 [ 91.303059] __x64_sys_exit_group+0x47/0x50 [ 91.303537] do_syscall_64+0x3b/0x90 [ 91.303944] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.304506] RIP: 0033:0x7f4b87518a4d [ 91.304995] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.305914] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.306755] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.307555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.308671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.309416] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.310167] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.311078] [ 91.311424] irq event stamp: 0 [ 91.311945] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.312620] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.313517] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.314718] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.315616] ---[ end trace 0000000000000000 ]--- [ 91.321887] ------------[ cut here ]------------ [ 91.322414] WARNING: CPU: 0 PID: 790 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.323860] Modules linked in: [ 91.324202] CPU: 0 PID: 790 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.325110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.326280] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.326834] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.328738] RSP: 0018:ffff888015f77bb8 EFLAGS: 00010246 [ 91.329290] RAX: 0000000000000000 RBX: ffff8880159178a8 RCX: 0000000000000000 [ 91.330022] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 91.330795] RBP: ffff888015f77bd0 R08: ffffed1002b22f33 R09: ffffed1002b22f33 [ 91.331552] R10: ffff888015917993 R11: ffffed1002b22f32 R12: ffff88801892c000 [ 91.332290] R13: ffff8880159179e8 R14: ffffffff8352e670 R15: ffff888015f77e68 [ 91.333018] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.333844] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.334439] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ef0 [ 91.335235] PKRU: 55555554 [ 91.335538] Call Trace: [ 91.335814] [ 91.336069] __iommufd_access_detach+0x1c2/0x2b0 [ 91.336601] iommufd_access_change_pt+0x149/0x270 [ 91.337116] iommufd_access_replace+0xb4/0x120 [ 91.337602] iommufd_test+0x3e5/0x37e0 [ 91.338015] ? lock_release+0x532/0x770 [ 91.338446] ? __might_fault+0x102/0x1b0 [ 91.338924] ? lock_acquire+0x427/0x4c0 [ 91.339379] ? __pfx_iommufd_test+0x10/0x10 [ 91.339842] ? __pfx_lock_release+0x10/0x10 [ 91.340305] ? __pfx_lock_acquire+0x10/0x10 [ 91.340770] ? write_comp_data+0x2f/0x90 [ 91.341202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.341712] ? write_comp_data+0x2f/0x90 [ 91.342149] iommufd_fops_ioctl+0x37d/0x510 [ 91.342641] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.343169] ? write_comp_data+0x2f/0x90 [ 91.343605] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.344102] __x64_sys_ioctl+0x1a3/0x230 [ 91.344533] do_syscall_64+0x3b/0x90 [ 91.344926] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.345465] RIP: 0033:0x7f4b8743ee5d [ 91.345856] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.347789] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.348592] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.349333] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.350072] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.350840] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.351590] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.352337] [ 91.352589] irq event stamp: 0 [ 91.352915] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.353564] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.354424] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.355330] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.355990] ---[ end trace 0000000000000000 ]--- [ 91.359724] ------------[ cut here ]------------ [ 91.360469] WARNING: CPU: 0 PID: 790 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.361780] Modules linked in: [ 91.362113] CPU: 0 PID: 790 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.363203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.364491] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.365147] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.367555] RSP: 0018:ffff888015f77bd0 EFLAGS: 00010246 [ 91.368129] RAX: 0000000000000000 RBX: ffff8880159178a8 RCX: 0000000000000000 [ 91.369192] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 91.369945] RBP: ffff888015f77be8 R08: ffffed1002b22f33 R09: ffffed1002b22f33 [ 91.371003] R10: ffff888015917993 R11: ffffed1002b22f32 R12: ffff88800f171000 [ 91.371768] R13: ffff8880159179e8 R14: ffff888013f64a00 R15: 0000000000000000 [ 91.372653] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.373689] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.374640] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.375413] PKRU: 55555554 [ 91.375711] Call Trace: [ 91.376022] [ 91.376450] iommufd_access_destroy_object+0x65/0x170 [ 91.377003] iommufd_object_destroy_user+0x18e/0x220 [ 91.377546] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.378442] iommufd_access_destroy+0x43/0x70 [ 91.378977] iommufd_test_staccess_release+0x8d/0xd0 [ 91.379544] __fput+0x26d/0xa40 [ 91.380055] ____fput+0x1e/0x30 [ 91.380514] task_work_run+0x1a4/0x2d0 [ 91.380954] ? __pfx_task_work_run+0x10/0x10 [ 91.381424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.382222] ? switch_task_namespaces+0xa9/0xe0 [ 91.382771] do_exit+0xb17/0x2ef0 [ 91.383158] ? lock_acquire+0x427/0x4c0 [ 91.383628] ? __pfx_lock_release+0x10/0x10 [ 91.384287] ? __kasan_check_write+0x18/0x20 [ 91.384764] ? do_raw_spin_lock+0x132/0x2a0 [ 91.385306] ? __pfx_do_exit+0x10/0x10 [ 91.385864] ? debug_smp_processor_id+0x20/0x30 [ 91.386374] ? rcu_is_watching+0x19/0xb0 [ 91.386844] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.387619] ? trace_hardirqs_on+0x26/0x120 [ 91.388090] do_group_exit+0xe0/0x2b0 [ 91.388498] __x64_sys_exit_group+0x47/0x50 [ 91.388997] do_syscall_64+0x3b/0x90 [ 91.389614] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.390181] RIP: 0033:0x7f4b87518a4d [ 91.390621] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.391573] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.392421] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.393350] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.394354] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.395171] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.395974] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.396913] [ 91.397170] irq event stamp: 0 [ 91.397536] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.398389] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.399422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.400442] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.401347] ---[ end trace 0000000000000000 ]--- [ 91.403721] ------------[ cut here ]------------ [ 91.404246] WARNING: CPU: 0 PID: 790 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.405531] Modules linked in: [ 91.405911] CPU: 0 PID: 790 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.407017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.408235] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.408784] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.410739] RSP: 0018:ffff888015f77b78 EFLAGS: 00010246 [ 91.411315] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.412048] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 91.412780] RBP: ffff888015f77b98 R08: ffffed1002b22f3e R09: ffffed1002b22f3e [ 91.413520] R10: ffff8880159179ef R11: ffffed1002b22f3d R12: ffff888015917a90 [ 91.414259] R13: ffff8880159178a8 R14: ffffffffffffffff R15: ffff888015f77c60 [ 91.415033] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.415894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.416500] CR2: 00007f82e2efa008 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 91.417238] PKRU: 55555554 [ 91.417533] Call Trace: [ 91.417797] [ 91.418030] iommufd_ioas_destroy+0x53/0x70 [ 91.418490] iommufd_fops_release+0x1f7/0x370 [ 91.419011] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.419514] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.419969] ? write_comp_data+0x2f/0x90 [ 91.420394] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.420929] __fput+0x26d/0xa40 [ 91.421295] ____fput+0x1e/0x30 [ 91.421651] task_work_run+0x1a4/0x2d0 [ 91.422071] ? __pfx_task_work_run+0x10/0x10 [ 91.422579] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.423122] ? switch_task_namespaces+0xa9/0xe0 [ 91.423641] do_exit+0xb17/0x2ef0 [ 91.424014] ? lock_acquire+0x427/0x4c0 [ 91.424446] ? __pfx_lock_release+0x10/0x10 [ 91.424907] ? __kasan_check_write+0x18/0x20 [ 91.425378] ? do_raw_spin_lock+0x132/0x2a0 [ 91.425846] ? __pfx_do_exit+0x10/0x10 [ 91.426276] ? debug_smp_processor_id+0x20/0x30 [ 91.426825] ? rcu_is_watching+0x19/0xb0 [ 91.427281] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.427767] ? trace_hardirqs_on+0x26/0x120 [ 91.428234] do_group_exit+0xe0/0x2b0 [ 91.428642] __x64_sys_exit_group+0x47/0x50 [ 91.429099] do_syscall_64+0x3b/0x90 [ 91.429494] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.430049] RIP: 0033:0x7f4b87518a4d [ 91.430443] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.431167] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.431967] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.432719] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.433467] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.434214] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.435018] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.435807] [ 91.436062] irq event stamp: 0 [ 91.436398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.437071] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.437971] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.438910] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.439607] ---[ end trace 0000000000000000 ]--- [ 91.445482] ------------[ cut here ]------------ [ 91.446004] WARNING: CPU: 0 PID: 791 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.447355] Modules linked in: [ 91.447702] CPU: 0 PID: 791 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.448843] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.450267] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.450845] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.453261] RSP: 0018:ffff888020cdfbb8 EFLAGS: 00010246 [ 91.453965] RAX: 0000000000000000 RBX: ffff888013af40a8 RCX: 0000000000000000 [ 91.454746] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 91.455515] RBP: ffff888020cdfbd0 R08: ffffed100275e833 R09: ffffed100275e833 [ 91.456376] R10: ffff888013af4193 R11: ffffed100275e832 R12: ffff88800fcb1c00 [ 91.457404] R13: ffff888013af41e8 R14: ffffffff8352e670 R15: ffff888020cdfe68 [ 91.458163] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.459083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.459888] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ef0 [ 91.460760] PKRU: 55555554 [ 91.461063] Call Trace: [ 91.461334] [ 91.461571] __iommufd_access_detach+0x1c2/0x2b0 [ 91.462095] iommufd_access_change_pt+0x149/0x270 [ 91.462706] iommufd_access_replace+0xb4/0x120 [ 91.463399] iommufd_test+0x3e5/0x37e0 [ 91.463828] ? lock_release+0x532/0x770 [ 91.464268] ? __might_fault+0x102/0x1b0 [ 91.464707] ? lock_acquire+0x427/0x4c0 [ 91.465146] ? __pfx_iommufd_test+0x10/0x10 [ 91.465610] ? __pfx_lock_release+0x10/0x10 [ 91.466220] ? __pfx_lock_acquire+0x10/0x10 [ 91.467008] ? write_comp_data+0x2f/0x90 [ 91.467461] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.467980] ? write_comp_data+0x2f/0x90 [ 91.468413] iommufd_fops_ioctl+0x37d/0x510 [ 91.468879] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.469456] ? write_comp_data+0x2f/0x90 [ 91.470061] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.470746] __x64_sys_ioctl+0x1a3/0x230 [ 91.471213] do_syscall_64+0x3b/0x90 [ 91.471624] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.472185] RIP: 0033:0x7f4b8743ee5d [ 91.472584] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.475137] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.475950] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.476697] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.477564] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.478651] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.479415] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.480179] [ 91.480429] irq event stamp: 0 [ 91.480803] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.481659] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.482790] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.483675] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.484329] ---[ end trace 0000000000000000 ]--- [ 91.487977] ------------[ cut here ]------------ [ 91.488487] WARNING: CPU: 0 PID: 791 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.489539] Modules linked in: [ 91.489930] CPU: 0 PID: 791 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.491180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.492367] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.492891] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.495352] RSP: 0018:ffff888020cdfbd0 EFLAGS: 00010246 [ 91.495902] RAX: 0000000000000000 RBX: ffff888013af40a8 RCX: 0000000000000000 [ 91.496645] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 91.497393] RBP: ffff888020cdfbe8 R08: ffffed100275e833 R09: ffffed100275e833 [ 91.498130] R10: ffff888013af4193 R11: ffffed100275e832 R12: ffff88801892f000 [ 91.498921] R13: ffff888013af41e8 R14: ffff888012c24d00 R15: 0000000000000000 [ 91.499681] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.500517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.501117] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.501870] PKRU: 55555554 [ 91.502172] Call Trace: [ 91.502440] [ 91.502713] iommufd_access_destroy_object+0x65/0x170 [ 91.503284] iommufd_object_destroy_user+0x18e/0x220 [ 91.503830] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.504447] iommufd_access_destroy+0x43/0x70 [ 91.504937] iommufd_test_staccess_release+0x8d/0xd0 [ 91.505485] __fput+0x26d/0xa40 [ 91.505853] ____fput+0x1e/0x30 [ 91.506209] task_work_run+0x1a4/0x2d0 [ 91.506684] ? __pfx_task_work_run+0x10/0x10 [ 91.507163] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.507684] ? switch_task_namespaces+0xa9/0xe0 [ 91.508184] do_exit+0xb17/0x2ef0 [ 91.508544] ? lock_acquire+0x427/0x4c0 [ 91.508975] ? __pfx_lock_release+0x10/0x10 [ 91.509436] ? __kasan_check_write+0x18/0x20 [ 91.509905] ? do_raw_spin_lock+0x132/0x2a0 [ 91.510362] ? __pfx_do_exit+0x10/0x10 [ 91.510824] ? debug_smp_processor_id+0x20/0x30 [ 91.511339] ? rcu_is_watching+0x19/0xb0 [ 91.511776] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.512263] ? trace_hardirqs_on+0x26/0x120 [ 91.512725] do_group_exit+0xe0/0x2b0 [ 91.513131] __x64_sys_exit_group+0x47/0x50 [ 91.513586] do_syscall_64+0x3b/0x90 [ 91.513992] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.514614] RIP: 0033:0x7f4b87518a4d [ 91.515016] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.515675] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.516471] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.517214] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.517948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.518741] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.519504] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.520269] [ 91.520513] irq event stamp: 0 [ 91.520839] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.521497] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.522369] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.523301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.523967] ---[ end trace 0000000000000000 ]--- [ 91.524873] ------------[ cut here ]------------ [ 91.525366] WARNING: CPU: 0 PID: 791 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.526409] Modules linked in: [ 91.526821] CPU: 0 PID: 791 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.527740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.528908] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.529452] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.531430] RSP: 0018:ffff888020cdfb78 EFLAGS: 00010246 [ 91.531999] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.532734] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 91.533463] RBP: ffff888020cdfb98 R08: ffffed100275e83e R09: ffffed100275e83e [ 91.534200] R10: ffff888013af41ef R11: ffffed100275e83d R12: ffff888013af4290 [ 91.535013] R13: ffff888013af40a8 R14: ffffffffffffffff R15: ffff888020cdfc60 [ 91.535753] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.536576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.537662] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.538690] PKRU: 55555554 [ 91.539103] Call Trace: [ 91.539489] [ 91.539801] iommufd_ioas_destroy+0x53/0x70 [ 91.540409] iommufd_fops_release+0x1f7/0x370 [ 91.541028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.541696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.542354] ? write_comp_data+0x2f/0x90 [ 91.542963] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.543658] __fput+0x26d/0xa40 [ 91.544136] ____fput+0x1e/0x30 [ 91.544592] task_work_run+0x1a4/0x2d0 [ 91.545133] ? __pfx_task_work_run+0x10/0x10 [ 91.545726] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.546382] ? switch_task_namespaces+0xa9/0xe0 [ 91.547057] do_exit+0xb17/0x2ef0 [ 91.547558] ? lock_acquire+0x427/0x4c0 [ 91.548111] ? __pfx_lock_release+0x10/0x10 [ 91.548698] ? __kasan_check_write+0x18/0x20 [ 91.549293] ? do_raw_spin_lock+0x132/0x2a0 [ 91.549869] ? __pfx_do_exit+0x10/0x10 [ 91.550405] ? debug_smp_processor_id+0x20/0x30 [ 91.551069] ? rcu_is_watching+0x19/0xb0 [ 91.551639] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.552264] ? trace_hardirqs_on+0x26/0x120 [ 91.552850] do_group_exit+0xe0/0x2b0 [ 91.553360] __x64_sys_exit_group+0x47/0x50 [ 91.553930] do_syscall_64+0x3b/0x90 [ 91.554440] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.555200] RIP: 0033:0x7f4b87518a4d [ 91.555704] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.556524] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.557525] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.558463] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.559505] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.560254] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.560978] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.561733] [ 91.561977] irq event stamp: 0 [ 91.562305] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.562978] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.563849] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.564701] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.565342] ---[ end trace 0000000000000000 ]--- [ 91.573757] ------------[ cut here ]------------ [ 91.574494] WARNING: CPU: 1 PID: 792 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.576302] Modules linked in: [ 91.576748] CPU: 1 PID: 792 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.577901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.579781] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.580481] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.583100] RSP: 0018:ffff8880161e7bb8 EFLAGS: 00010246 [ 91.583870] RAX: 0000000000000000 RBX: ffff888023e078a8 RCX: 0000000000000000 [ 91.585044] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 91.585999] RBP: ffff8880161e7bd0 R08: ffffed10047c0f33 R09: ffffed10047c0f33 [ 91.587049] R10: ffff888023e07993 R11: ffffed10047c0f32 R12: ffff888013b20800 [ 91.588141] R13: ffff888023e079e8 R14: ffffffff8352e670 R15: ffff8880161e7e68 [ 91.589104] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.590286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.591210] CR2: 00007f4b877410e8 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 91.592162] PKRU: 55555554 [ 91.592556] Call Trace: [ 91.592905] [ 91.593259] __iommufd_access_detach+0x1c2/0x2b0 [ 91.594059] iommufd_access_change_pt+0x149/0x270 [ 91.594800] iommufd_access_replace+0xb4/0x120 [ 91.595472] iommufd_test+0x3e5/0x37e0 [ 91.596016] ? lock_release+0x532/0x770 [ 91.596703] ? __might_fault+0x102/0x1b0 [ 91.597359] ? lock_acquire+0x427/0x4c0 [ 91.597925] ? __pfx_iommufd_test+0x10/0x10 [ 91.598552] ? __pfx_lock_release+0x10/0x10 [ 91.599197] ? __pfx_lock_acquire+0x10/0x10 [ 91.599956] ? write_comp_data+0x2f/0x90 [ 91.600744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.601361] ? write_comp_data+0x2f/0x90 [ 91.601902] iommufd_fops_ioctl+0x37d/0x510 [ 91.602457] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.603320] ? write_comp_data+0x2f/0x90 [ 91.604012] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.604642] __x64_sys_ioctl+0x1a3/0x230 [ 91.605176] do_syscall_64+0x3b/0x90 [ 91.605667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.606330] RIP: 0033:0x7f4b8743ee5d [ 91.607037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.609536] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.610497] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.611727] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.612790] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.613692] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.614635] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.615576] [ 91.615878] irq event stamp: 0 [ 91.616284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.617071] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.618109] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.619284] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.620089] ---[ end trace 0000000000000000 ]--- [ 91.624142] ------------[ cut here ]------------ [ 91.624628] WARNING: CPU: 1 PID: 792 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.625544] Modules linked in: [ 91.625836] CPU: 1 PID: 792 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.626664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.627700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.628158] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.629825] RSP: 0018:ffff8880161e7bd0 EFLAGS: 00010246 [ 91.630311] RAX: 0000000000000000 RBX: ffff888023e078a8 RCX: 0000000000000000 [ 91.631076] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 91.631755] RBP: ffff8880161e7be8 R08: ffffed10047c0f33 R09: ffffed10047c0f33 [ 91.632402] R10: ffff888023e07993 R11: ffffed10047c0f32 R12: ffff8880189e2000 [ 91.633052] R13: ffff888023e079e8 R14: ffff888014060000 R15: 0000000000000000 [ 91.633708] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.634441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.635001] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 91.635673] PKRU: 55555554 [ 91.635933] Call Trace: [ 91.636172] [ 91.636380] iommufd_access_destroy_object+0x65/0x170 [ 91.636869] iommufd_object_destroy_user+0x18e/0x220 [ 91.637352] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.637905] iommufd_access_destroy+0x43/0x70 [ 91.638328] iommufd_test_staccess_release+0x8d/0xd0 [ 91.638837] __fput+0x26d/0xa40 [ 91.639183] ____fput+0x1e/0x30 [ 91.639502] task_work_run+0x1a4/0x2d0 [ 91.639878] ? __pfx_task_work_run+0x10/0x10 [ 91.640293] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.640750] ? switch_task_namespaces+0xa9/0xe0 [ 91.641189] do_exit+0xb17/0x2ef0 [ 91.641510] ? lock_acquire+0x427/0x4c0 [ 91.641890] ? __pfx_lock_release+0x10/0x10 [ 91.642285] ? __kasan_check_write+0x18/0x20 [ 91.642743] ? do_raw_spin_lock+0x132/0x2a0 [ 91.643166] ? __pfx_do_exit+0x10/0x10 [ 91.643536] ? debug_smp_processor_id+0x20/0x30 [ 91.643960] ? rcu_is_watching+0x19/0xb0 [ 91.644329] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.644750] ? trace_hardirqs_on+0x26/0x120 [ 91.645148] do_group_exit+0xe0/0x2b0 [ 91.645494] __x64_sys_exit_group+0x47/0x50 [ 91.645888] do_syscall_64+0x3b/0x90 [ 91.646237] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.646731] RIP: 0033:0x7f4b87518a4d [ 91.647068] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.647639] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.648337] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.648976] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.649614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.650249] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.650920] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.651582] [ 91.651797] irq event stamp: 0 [ 91.652081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.652651] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.653413] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.654166] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.654760] ---[ end trace 0000000000000000 ]--- [ 91.655575] ------------[ cut here ]------------ [ 91.656005] WARNING: CPU: 1 PID: 792 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.656926] Modules linked in: [ 91.657221] CPU: 1 PID: 792 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.658017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.659071] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.659557] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.661193] RSP: 0018:ffff8880161e7b78 EFLAGS: 00010246 [ 91.661672] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.662313] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 91.662975] RBP: ffff8880161e7b98 R08: ffffed10047c0f3e R09: ffffed10047c0f3e [ 91.663625] R10: ffff888023e079ef R11: ffffed10047c0f3d R12: ffff888023e07a90 [ 91.664267] R13: ffff888023e078a8 R14: ffffffffffffffff R15: ffff8880161e7c60 [ 91.664914] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.665624] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.666123] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 91.666760] PKRU: 55555554 [ 91.667013] Call Trace: [ 91.667248] [ 91.667444] iommufd_ioas_destroy+0x53/0x70 [ 91.667819] iommufd_fops_release+0x1f7/0x370 [ 91.668211] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.668648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.669079] ? write_comp_data+0x2f/0x90 [ 91.669445] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.669888] __fput+0x26d/0xa40 [ 91.670191] ____fput+0x1e/0x30 [ 91.670487] task_work_run+0x1a4/0x2d0 [ 91.670864] ? __pfx_task_work_run+0x10/0x10 [ 91.671265] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.671692] ? switch_task_namespaces+0xa9/0xe0 [ 91.672108] do_exit+0xb17/0x2ef0 [ 91.672409] ? lock_acquire+0x427/0x4c0 [ 91.672757] ? __pfx_lock_release+0x10/0x10 [ 91.673136] ? __kasan_check_write+0x18/0x20 [ 91.673515] ? do_raw_spin_lock+0x132/0x2a0 [ 91.673883] ? __pfx_do_exit+0x10/0x10 [ 91.674226] ? debug_smp_processor_id+0x20/0x30 [ 91.674649] ? rcu_is_watching+0x19/0xb0 [ 91.675010] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.675423] ? trace_hardirqs_on+0x26/0x120 [ 91.675808] do_group_exit+0xe0/0x2b0 [ 91.676144] __x64_sys_exit_group+0x47/0x50 [ 91.676515] do_syscall_64+0x3b/0x90 [ 91.676845] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.677300] RIP: 0033:0x7f4b87518a4d [ 91.677620] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.678144] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.678836] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.679466] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.680071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.680686] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.681304] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.681921] [ 91.682119] irq event stamp: 0 [ 91.682388] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.682948] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.683683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.684394] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.684925] ---[ end trace 0000000000000000 ]--- [ 91.689662] ------------[ cut here ]------------ [ 91.690106] WARNING: CPU: 1 PID: 793 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.691042] Modules linked in: [ 91.691338] CPU: 1 PID: 793 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.692068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.693011] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.693438] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.694994] RSP: 0018:ffff88800b2c7bb8 EFLAGS: 00010246 [ 91.695459] RAX: 0000000000000000 RBX: ffff888010b780a8 RCX: 0000000000000000 [ 91.696062] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 91.696665] RBP: ffff88800b2c7bd0 R08: ffffed100216f033 R09: ffffed100216f033 [ 91.697265] R10: ffff888010b78193 R11: ffffed100216f032 R12: ffff888010826c00 [ 91.697870] R13: ffff888010b781e8 R14: ffffffff8352e670 R15: ffff88800b2c7e68 [ 91.698473] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.699169] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.699638] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ee0 [ 91.700207] PKRU: 55555554 [ 91.700434] Call Trace: [ 91.700636] [ 91.700817] __iommufd_access_detach+0x1c2/0x2b0 [ 91.701218] iommufd_access_change_pt+0x149/0x270 [ 91.701616] iommufd_access_replace+0xb4/0x120 [ 91.701997] iommufd_test+0x3e5/0x37e0 [ 91.702306] ? lock_release+0x532/0x770 [ 91.702654] ? __might_fault+0x102/0x1b0 [ 91.702990] ? lock_acquire+0x427/0x4c0 [ 91.703326] ? __pfx_iommufd_test+0x10/0x10 [ 91.703673] ? __pfx_lock_release+0x10/0x10 [ 91.704025] ? __pfx_lock_acquire+0x10/0x10 [ 91.704380] ? write_comp_data+0x2f/0x90 [ 91.704717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.705109] ? write_comp_data+0x2f/0x90 [ 91.705447] iommufd_fops_ioctl+0x37d/0x510 [ 91.705801] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.706192] ? write_comp_data+0x2f/0x90 [ 91.706546] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.706937] __x64_sys_ioctl+0x1a3/0x230 [ 91.707281] do_syscall_64+0x3b/0x90 [ 91.707591] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.708010] RIP: 0033:0x7f4b8743ee5d [ 91.708307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.709755] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.710356] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.710953] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.711537] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.712109] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.712677] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.713249] [ 91.713436] irq event stamp: 0 [ 91.713688] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.714189] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.714877] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.715563] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.716067] ---[ end trace 0000000000000000 ]--- [ 91.718977] ------------[ cut here ]------------ [ 91.719397] WARNING: CPU: 1 PID: 793 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.720196] Modules linked in: [ 91.720452] CPU: 1 PID: 793 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.721138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.722027] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.722422] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.723901] RSP: 0018:ffff88800b2c7bd0 EFLAGS: 00010246 [ 91.724334] RAX: 0000000000000000 RBX: ffff888010b780a8 RCX: 0000000000000000 [ 91.724900] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 91.725466] RBP: ffff88800b2c7be8 R08: ffffed100216f033 R09: ffffed100216f033 [ 91.726036] R10: ffff888010b78193 R11: ffffed100216f032 R12: ffff888013b21000 [ 91.726625] R13: ffff888010b781e8 R14: ffff888013c73800 R15: 0000000000000000 [ 91.727207] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.727844] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.728304] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 91.728873] PKRU: 55555554 [ 91.729100] Call Trace: [ 91.729306] [ 91.729487] iommufd_access_destroy_object+0x65/0x170 [ 91.729906] iommufd_object_destroy_user+0x18e/0x220 [ 91.730318] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.730803] iommufd_access_destroy+0x43/0x70 [ 91.731183] iommufd_test_staccess_release+0x8d/0xd0 [ 91.731597] __fput+0x26d/0xa40 [ 91.731881] ____fput+0x1e/0x30 [ 91.732151] task_work_run+0x1a4/0x2d0 [ 91.732471] ? __pfx_task_work_run+0x10/0x10 [ 91.732828] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.733221] ? switch_task_namespaces+0xa9/0xe0 [ 91.733601] do_exit+0xb17/0x2ef0 [ 91.733880] ? lock_acquire+0x427/0x4c0 [ 91.734208] ? __pfx_lock_release+0x10/0x10 [ 91.734572] ? __kasan_check_write+0x18/0x20 [ 91.734929] ? do_raw_spin_lock+0x132/0x2a0 [ 91.735288] ? __pfx_do_exit+0x10/0x10 [ 91.735609] ? debug_smp_processor_id+0x20/0x30 [ 91.735988] ? rcu_is_watching+0x19/0xb0 [ 91.736316] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.736694] ? trace_hardirqs_on+0x26/0x120 [ 91.737047] do_group_exit+0xe0/0x2b0 [ 91.737355] __x64_sys_exit_group+0x47/0x50 [ 91.737700] do_syscall_64+0x3b/0x90 [ 91.738006] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.738426] RIP: 0033:0x7f4b87518a4d [ 91.738745] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.739247] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.739856] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.740421] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.740989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.741556] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.742124] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.742716] [ 91.742909] irq event stamp: 0 [ 91.743175] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.743676] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.744342] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.745004] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.745508] ---[ end trace 0000000000000000 ]--- [ 91.746208] ------------[ cut here ]------------ [ 91.746603] WARNING: CPU: 1 PID: 793 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.747427] Modules linked in: [ 91.747690] CPU: 1 PID: 793 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.748390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.749286] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.749702] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.751183] RSP: 0018:ffff88800b2c7b78 EFLAGS: 00010246 [ 91.751615] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.752180] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 91.752745] RBP: ffff88800b2c7b98 R08: ffffed100216f03e R09: ffffed100216f03e [ 91.753314] R10: ffff888010b781ef R11: ffffed100216f03d R12: ffff888010b78290 [ 91.753876] R13: ffff888010b780a8 R14: ffffffffffffffff R15: ffff88800b2c7c60 [ 91.754441] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.755092] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.755569] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 91.756138] PKRU: 55555554 [ 91.756366] Call Trace: [ 91.756571] [ 91.756757] iommufd_ioas_destroy+0x53/0x70 [ 91.757106] iommufd_fops_release+0x1f7/0x370 [ 91.757472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.757871] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.758265] ? write_comp_data+0x2f/0x90 [ 91.758617] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.759026] __fput+0x26d/0xa40 [ 91.759315] ____fput+0x1e/0x30 [ 91.759589] task_work_run+0x1a4/0x2d0 [ 91.759910] ? __pfx_task_work_run+0x10/0x10 [ 91.760269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.760668] ? switch_task_namespaces+0xa9/0xe0 [ 91.761060] do_exit+0xb17/0x2ef0 [ 91.761342] ? lock_acquire+0x427/0x4c0 [ 91.761667] ? __pfx_lock_release+0x10/0x10 [ 91.762022] ? __kasan_check_write+0x18/0x20 [ 91.762379] ? do_raw_spin_lock+0x132/0x2a0 [ 91.762738] ? __pfx_do_exit+0x10/0x10 [ 91.763051] ? debug_smp_processor_id+0x20/0x30 [ 91.763427] ? rcu_is_watching+0x19/0xb0 [ 91.763742] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.764099] ? trace_hardirqs_on+0x26/0x120 [ 91.764444] do_group_exit+0xe0/0x2b0 [ 91.764743] __x64_sys_exit_group+0x47/0x50 [ 91.765076] do_syscall_64+0x3b/0x90 [ 91.765372] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.765782] RIP: 0033:0x7f4b87518a4d [ 91.766071] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.766559] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.767156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.767707] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.768254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.768801] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.769346] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.769898] [ 91.770083] irq event stamp: 0 [ 91.770331] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.770837] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.771499] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.772139] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.772623] ---[ end trace 0000000000000000 ]--- [ 91.777061] ------------[ cut here ]------------ [ 91.777461] WARNING: CPU: 1 PID: 794 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.778243] Modules linked in: [ 91.778489] CPU: 1 PID: 794 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.779196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.780058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.780442] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.781837] RSP: 0018:ffff888018b7fbb8 EFLAGS: 00010246 [ 91.782247] RAX: 0000000000000000 RBX: ffff8880161e68a8 RCX: 0000000000000000 [ 91.782809] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 91.783369] RBP: ffff888018b7fbd0 R08: ffffed1002c3cd33 R09: ffffed1002c3cd33 [ 91.783916] R10: ffff8880161e6993 R11: ffffed1002c3cd32 R12: ffff888014594000 [ 91.784473] R13: ffff8880161e69e8 R14: ffffffff8352e670 R15: ffff888018b7fe68 [ 91.785017] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.785639] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.786088] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ee0 [ 91.786653] PKRU: 55555554 [ 91.786878] Call Trace: [ 91.787079] [ 91.787264] __iommufd_access_detach+0x1c2/0x2b0 [ 91.787648] iommufd_access_change_pt+0x149/0x270 [ 91.788034] iommufd_access_replace+0xb4/0x120 [ 91.788401] iommufd_test+0x3e5/0x37e0 [ 91.788706] ? lock_release+0x532/0x770 [ 91.789027] ? __might_fault+0x102/0x1b0 [ 91.789351] ? lock_acquire+0x427/0x4c0 [ 91.789670] ? __pfx_iommufd_test+0x10/0x10 [ 91.790002] ? __pfx_lock_release+0x10/0x10 [ 91.790343] ? __pfx_lock_acquire+0x10/0x10 [ 91.790704] ? write_comp_data+0x2f/0x90 [ 91.791030] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.791429] ? write_comp_data+0x2f/0x90 [ 91.791765] iommufd_fops_ioctl+0x37d/0x510 [ 91.792166] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.792705] ? write_comp_data+0x2f/0x90 [ 91.793035] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.793412] __x64_sys_ioctl+0x1a3/0x230 [ 91.793829] do_syscall_64+0x3b/0x90 [ 91.794156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.794581] RIP: 0033:0x7f4b8743ee5d [ 91.794880] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.796544] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.797189] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.797776] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.798413] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.798983] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.799567] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.800247] [ 91.800432] irq event stamp: 0 [ 91.800678] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.801252] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.801921] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.802726] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.803232] ---[ end trace 0000000000000000 ]--- [ 91.805970] ------------[ cut here ]------------ [ 91.806393] WARNING: CPU: 1 PID: 794 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.807287] Modules linked in: [ 91.807541] CPU: 1 PID: 794 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.808337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.809230] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.809727] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.811293] RSP: 0018:ffff888018b7fbd0 EFLAGS: 00010246 [ 91.811712] RAX: 0000000000000000 RBX: ffff8880161e68a8 RCX: 0000000000000000 [ 91.812360] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 91.812910] RBP: ffff888018b7fbe8 R08: ffffed1002c3cd33 R09: ffffed1002c3cd33 [ 91.813525] R10: ffff8880161e6993 R11: ffffed1002c3cd32 R12: ffff888010827000 [ 91.814135] R13: ffff8880161e69e8 R14: ffff888020a7de00 R15: 0000000000000000 [ 91.814745] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.815429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.815892] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 91.816526] PKRU: 55555554 [ 91.816823] Call Trace: [ 91.817031] [ 91.817215] iommufd_access_destroy_object+0x65/0x170 [ 91.817669] iommufd_object_destroy_user+0x18e/0x220 [ 91.818167] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.818674] iommufd_access_destroy+0x43/0x70 [ 91.819044] iommufd_test_staccess_release+0x8d/0xd0 [ 91.819554] __fput+0x26d/0xa40 [ 91.819877] ____fput+0x1e/0x30 [ 91.820154] task_work_run+0x1a4/0x2d0 [ 91.820478] ? __pfx_task_work_run+0x10/0x10 [ 91.820925] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.821401] ? switch_task_namespaces+0xa9/0xe0 [ 91.821793] do_exit+0xb17/0x2ef0 [ 91.822103] ? lock_acquire+0x427/0x4c0 [ 91.822536] ? __pfx_lock_release+0x10/0x10 [ 91.822893] ? __kasan_check_write+0x18/0x20 [ 91.823260] ? do_raw_spin_lock+0x132/0x2a0 [ 91.823609] ? __pfx_do_exit+0x10/0x10 [ 91.824006] ? debug_smp_processor_id+0x20/0x30 [ 91.824451] ? rcu_is_watching+0x19/0xb0 [ 91.824783] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.825167] ? trace_hardirqs_on+0x26/0x120 [ 91.825610] do_group_exit+0xe0/0x2b0 [ 91.825920] __x64_sys_exit_group+0x47/0x50 [ 91.826270] do_syscall_64+0x3b/0x90 [ 91.826640] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.827132] RIP: 0033:0x7f4b87518a4d [ 91.827437] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.827924] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.828648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.829222] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.829868] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.830477] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.831077] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.831789] [ 91.831979] irq event stamp: 0 [ 91.832232] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.832737] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.833546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.834214] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.834879] ---[ end trace 0000000000000000 ]--- [ 91.835612] ------------[ cut here ]------------ [ 91.836007] WARNING: CPU: 1 PID: 794 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.836952] Modules linked in: [ 91.837217] CPU: 1 PID: 794 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.838041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.838984] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.839523] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.841151] RSP: 0018:ffff888018b7fb78 EFLAGS: 00010246 [ 91.841586] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.842244] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 91.843045] RBP: ffff888018b7fb98 R08: ffffed1002c3cd3e R09: ffffed1002c3cd3e [ 91.843877] R10: ffff8880161e69ef R11: ffffed1002c3cd3d R12: ffff8880161e6a90 [ 91.844665] R13: ffff8880161e68a8 R14: ffffffffffffffff R15: ffff888018b7fc60 [ 91.845471] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.846392] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.847064] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 91.847901] PKRU: 55555554 [ 91.848230] Call Trace: [ 91.848545] [ 91.848787] iommufd_ioas_destroy+0x53/0x70 [ 91.849285] iommufd_fops_release+0x1f7/0x370 [ 91.849785] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.850212] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.850657] ? write_comp_data+0x2f/0x90 [ 91.851039] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.851563] __fput+0x26d/0xa40 [ 91.851932] ____fput+0x1e/0x30 [ 91.852290] task_work_run+0x1a4/0x2d0 [ 91.852649] ? __pfx_task_work_run+0x10/0x10 [ 91.853117] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.853653] ? switch_task_namespaces+0xa9/0xe0 [ 91.854129] do_exit+0xb17/0x2ef0 [ 91.854441] ? lock_acquire+0x427/0x4c0 [ 91.854836] ? __pfx_lock_release+0x10/0x10 [ 91.855369] ? __kasan_check_write+0x18/0x20 [ 91.855782] ? do_raw_spin_lock+0x132/0x2a0 [ 91.856229] ? __pfx_do_exit+0x10/0x10 [ 91.856579] ? debug_smp_processor_id+0x20/0x30 [ 91.857001] ? rcu_is_watching+0x19/0xb0 [ 91.857435] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.857884] ? trace_hardirqs_on+0x26/0x120 [ 91.858274] do_group_exit+0xe0/0x2b0 [ 91.858634] __x64_sys_exit_group+0x47/0x50 [ 91.859170] do_syscall_64+0x3b/0x90 [ 91.859508] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.859973] RIP: 0033:0x7f4b87518a4d [ 91.860298] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.860986] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.861651] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.862406] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.863049] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.863683] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.864443] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.865085] [ 91.865313] irq event stamp: 0 [ 91.865637] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.866249] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.867146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.867880] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.868449] ---[ end trace 0000000000000000 ]--- [ 91.873512] ------------[ cut here ]------------ [ 91.873971] WARNING: CPU: 1 PID: 795 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.875081] Modules linked in: [ 91.875379] CPU: 1 PID: 795 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.876125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.877093] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.877518] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.879100] RSP: 0018:ffff888015937bb8 EFLAGS: 00010246 [ 91.879570] RAX: 0000000000000000 RBX: ffff888017afb0a8 RCX: 0000000000000000 [ 91.880182] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 91.880793] RBP: ffff888015937bd0 R08: ffffed1002f5f633 R09: ffffed1002f5f633 [ 91.881402] R10: ffff888017afb193 R11: ffffed1002f5f632 R12: ffff888021bca800 [ 91.882020] R13: ffff888017afb1e8 R14: ffffffff8352e670 R15: ffff888015937e68 [ 91.882648] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 91.883358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.883853] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 91.884471] PKRU: 55555554 [ 91.884720] Call Trace: [ 91.884939] [ 91.885140] __iommufd_access_detach+0x1c2/0x2b0 [ 91.885566] iommufd_access_change_pt+0x149/0x270 [ 91.885993] iommufd_access_replace+0xb4/0x120 [ 91.886398] iommufd_test+0x3e5/0x37e0 [ 91.886755] ? lock_release+0x532/0x770 [ 91.887125] ? __might_fault+0x102/0x1b0 [ 91.887491] ? lock_acquire+0x427/0x4c0 [ 91.887841] ? __pfx_iommufd_test+0x10/0x10 [ 91.888207] ? __pfx_lock_release+0x10/0x10 [ 91.888580] ? __pfx_lock_acquire+0x10/0x10 [ 91.888954] ? write_comp_data+0x2f/0x90 [ 91.889310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.889728] ? write_comp_data+0x2f/0x90 [ 91.890085] iommufd_fops_ioctl+0x37d/0x510 [ 91.890461] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.890905] ? write_comp_data+0x2f/0x90 [ 91.891277] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.891693] __x64_sys_ioctl+0x1a3/0x230 [ 91.892054] do_syscall_64+0x3b/0x90 [ 91.892384] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.892841] RIP: 0033:0x7f4b8743ee5d [ 91.893170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.894756] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.895418] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.896017] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.896613] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.897214] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.897814] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.898429] [ 91.898655] irq event stamp: 0 [ 91.898929] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.899476] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.900197] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.900917] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.901469] ---[ end trace 0000000000000000 ]--- [ 91.905132] ------------[ cut here ]------------ [ 91.905600] WARNING: CPU: 0 PID: 795 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.906460] Modules linked in: [ 91.906773] CPU: 0 PID: 795 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.907528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.908494] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.908926] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.910482] RSP: 0018:ffff888015937bd0 EFLAGS: 00010246 [ 91.910965] RAX: 0000000000000000 RBX: ffff888017afb0a8 RCX: 0000000000000000 [ 91.911578] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 91.912187] RBP: ffff888015937be8 R08: ffffed1002f5f633 R09: ffffed1002f5f633 [ 91.912797] R10: ffff888017afb193 R11: ffffed1002f5f632 R12: ffff888012f1f000 [ 91.913407] R13: ffff888017afb1e8 R14: ffff888013fbe200 R15: 0000000000000000 [ 91.914027] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.914735] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.915249] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.915867] PKRU: 55555554 [ 91.916111] Call Trace: [ 91.916333] [ 91.916531] iommufd_access_destroy_object+0x65/0x170 [ 91.916980] iommufd_object_destroy_user+0x18e/0x220 [ 91.917422] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 91.917925] iommufd_access_destroy+0x43/0x70 [ 91.918325] iommufd_test_staccess_release+0x8d/0xd0 [ 91.918795] __fput+0x26d/0xa40 [ 91.919100] ____fput+0x1e/0x30 [ 91.919411] task_work_run+0x1a4/0x2d0 [ 91.919760] ? __pfx_task_work_run+0x10/0x10 [ 91.920145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.920573] ? switch_task_namespaces+0xa9/0xe0 [ 91.920988] do_exit+0xb17/0x2ef0 [ 91.921290] ? lock_acquire+0x427/0x4c0 [ 91.921646] ? __pfx_lock_release+0x10/0x10 [ 91.922028] ? __kasan_check_write+0x18/0x20 [ 91.922410] ? do_raw_spin_lock+0x132/0x2a0 [ 91.922805] ? __pfx_do_exit+0x10/0x10 [ 91.923161] ? debug_smp_processor_id+0x20/0x30 [ 91.923570] ? rcu_is_watching+0x19/0xb0 [ 91.923925] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.924322] ? trace_hardirqs_on+0x26/0x120 [ 91.924705] do_group_exit+0xe0/0x2b0 [ 91.925042] __x64_sys_exit_group+0x47/0x50 [ 91.925415] do_syscall_64+0x3b/0x90 [ 91.925741] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.926186] RIP: 0033:0x7f4b87518a4d [ 91.926534] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.927064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.927716] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.928313] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.928913] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.929499] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.930077] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.930680] [ 91.930872] irq event stamp: 0 [ 91.931136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.931646] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.932330] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.933007] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.933518] ---[ end trace 0000000000000000 ]--- [ 91.934247] ------------[ cut here ]------------ [ 91.934656] WARNING: CPU: 0 PID: 795 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 91.935490] Modules linked in: [ 91.935755] CPU: 0 PID: 795 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.936458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.937364] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 91.937793] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 91.939309] RSP: 0018:ffff888015937b78 EFLAGS: 00010246 [ 91.939760] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 91.940348] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 91.940929] RBP: ffff888015937b98 R08: ffffed1002f5f63e R09: ffffed1002f5f63e [ 91.941508] R10: ffff888017afb1ef R11: ffffed1002f5f63d R12: ffff888017afb290 [ 91.942090] R13: ffff888017afb0a8 R14: ffffffffffffffff R15: ffff888015937c60 [ 91.942694] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.943364] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.943841] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 91.944425] PKRU: 55555554 [ 91.944656] Call Trace: [ 91.944867] [ 91.945056] iommufd_ioas_destroy+0x53/0x70 [ 91.945417] iommufd_fops_release+0x1f7/0x370 [ 91.945793] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.946205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.946634] ? write_comp_data+0x2f/0x90 [ 91.946985] ? __pfx_iommufd_fops_release+0x10/0x10 [ 91.947406] __fput+0x26d/0xa40 [ 91.947693] ____fput+0x1e/0x30 [ 91.947977] task_work_run+0x1a4/0x2d0 [ 91.948308] ? __pfx_task_work_run+0x10/0x10 [ 91.948678] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.949088] ? switch_task_namespaces+0xa9/0xe0 [ 91.949482] do_exit+0xb17/0x2ef0 [ 91.949771] ? lock_acquire+0x427/0x4c0 [ 91.950111] ? __pfx_lock_release+0x10/0x10 [ 91.950474] ? __kasan_check_write+0x18/0x20 [ 91.950868] ? do_raw_spin_lock+0x132/0x2a0 [ 91.951241] ? __pfx_do_exit+0x10/0x10 [ 91.951570] ? debug_smp_processor_id+0x20/0x30 [ 91.951957] ? rcu_is_watching+0x19/0xb0 [ 91.952295] ? _raw_spin_unlock_irq+0x2b/0x60 [ 91.952679] ? trace_hardirqs_on+0x26/0x120 [ 91.953047] do_group_exit+0xe0/0x2b0 [ 91.953365] __x64_sys_exit_group+0x47/0x50 [ 91.953721] do_syscall_64+0x3b/0x90 [ 91.954039] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.954471] RIP: 0033:0x7f4b87518a4d [ 91.954805] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 91.955321] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 91.955939] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 91.956525] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 91.957104] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 91.957685] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 91.958267] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 91.958869] [ 91.959063] irq event stamp: 0 [ 91.959328] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.959843] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.960529] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.961210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.961725] ---[ end trace 0000000000000000 ]--- [ 91.966492] ------------[ cut here ]------------ [ 91.966960] WARNING: CPU: 0 PID: 796 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.967799] Modules linked in: [ 91.968064] CPU: 0 PID: 796 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.968777] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.969702] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.970112] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 91.971801] RSP: 0018:ffff888014b57bb8 EFLAGS: 00010246 [ 91.972235] RAX: 0000000000000000 RBX: ffff888023e470a8 RCX: 0000000000000000 [ 91.972804] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 91.973370] RBP: ffff888014b57bd0 R08: ffffed10047c8e33 R09: ffffed10047c8e33 [ 91.973937] R10: ffff888023e47193 R11: ffffed10047c8e32 R12: ffff888021bbe800 [ 91.974521] R13: ffff888023e471e8 R14: ffffffff8352e670 R15: ffff888014b57e68 [ 91.975094] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 91.975746] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.976208] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ef0 [ 91.976777] PKRU: 55555554 [ 91.977007] Call Trace: [ 91.977212] [ 91.977395] __iommufd_access_detach+0x1c2/0x2b0 [ 91.977790] iommufd_access_change_pt+0x149/0x270 [ 91.978189] iommufd_access_replace+0xb4/0x120 [ 91.978592] iommufd_test+0x3e5/0x37e0 [ 91.978911] ? lock_release+0x532/0x770 [ 91.979250] ? __might_fault+0x102/0x1b0 [ 91.979589] ? lock_acquire+0x427/0x4c0 [ 91.979926] ? __pfx_iommufd_test+0x10/0x10 [ 91.980276] ? __pfx_lock_release+0x10/0x10 [ 91.980632] ? __pfx_lock_acquire+0x10/0x10 [ 91.980992] ? write_comp_data+0x2f/0x90 [ 91.981330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 91.981725] ? write_comp_data+0x2f/0x90 [ 91.982062] iommufd_fops_ioctl+0x37d/0x510 [ 91.982418] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.982837] ? write_comp_data+0x2f/0x90 [ 91.983184] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 91.983579] __x64_sys_ioctl+0x1a3/0x230 [ 91.983920] do_syscall_64+0x3b/0x90 [ 91.984230] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.984658] RIP: 0033:0x7f4b8743ee5d [ 91.984962] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 91.986390] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 91.987012] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 91.987579] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 91.988139] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 91.988697] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 91.989256] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 91.989820] [ 91.990006] irq event stamp: 0 [ 91.990255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 91.990770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 91.991441] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 91.992099] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 91.992596] ---[ end trace 0000000000000000 ]--- [ 91.995421] ------------[ cut here ]------------ [ 91.995818] WARNING: CPU: 0 PID: 796 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 91.996616] Modules linked in: [ 91.996871] CPU: 0 PID: 796 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 91.997549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 91.998439] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 91.998860] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.000295] RSP: 0018:ffff888014b57bd0 EFLAGS: 00010246 [ 92.000712] RAX: 0000000000000000 RBX: ffff888023e470a8 RCX: 0000000000000000 [ 92.001265] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 92.001819] RBP: ffff888014b57be8 R08: ffffed10047c8e33 R09: ffffed10047c8e33 [ 92.002373] R10: ffff888023e47193 R11: ffffed10047c8e32 R12: ffff88800fcb3800 [ 92.002935] R13: ffff888023e471e8 R14: ffff8880103e0b00 R15: 0000000000000000 [ 92.003485] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.004099] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.004542] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.005085] PKRU: 55555554 [ 92.005300] Call Trace: [ 92.005496] [ 92.005669] iommufd_access_destroy_object+0x65/0x170 [ 92.006069] iommufd_object_destroy_user+0x18e/0x220 [ 92.006463] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.006933] iommufd_access_destroy+0x43/0x70 [ 92.007295] iommufd_test_staccess_release+0x8d/0xd0 [ 92.007694] __fput+0x26d/0xa40 [ 92.007964] ____fput+0x1e/0x30 [ 92.008230] task_work_run+0x1a4/0x2d0 [ 92.008538] ? __pfx_task_work_run+0x10/0x10 [ 92.008885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.009266] ? switch_task_namespaces+0xa9/0xe0 [ 92.009637] do_exit+0xb17/0x2ef0 [ 92.009905] ? lock_acquire+0x427/0x4c0 [ 92.010222] ? __pfx_lock_release+0x10/0x10 [ 92.010585] ? __kasan_check_write+0x18/0x20 [ 92.010941] ? do_raw_spin_lock+0x132/0x2a0 [ 92.011286] ? __pfx_do_exit+0x10/0x10 [ 92.011592] ? debug_smp_processor_id+0x20/0x30 [ 92.011949] ? rcu_is_watching+0x19/0xb0 [ 92.012262] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.012622] ? trace_hardirqs_on+0x26/0x120 [ 92.012957] do_group_exit+0xe0/0x2b0 [ 92.013247] __x64_sys_exit_group+0x47/0x50 [ 92.013576] do_syscall_64+0x3b/0x90 [ 92.013871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.014275] RIP: 0033:0x7f4b87518a4d [ 92.014599] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.015079] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.015680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.016218] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.016760] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.017298] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.017837] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.018385] [ 92.018595] irq event stamp: 0 [ 92.018845] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.019331] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.019976] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.020610] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.021091] ---[ end trace 0000000000000000 ]--- [ 92.021769] ------------[ cut here ]------------ [ 92.022126] WARNING: CPU: 0 PID: 796 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.022938] Modules linked in: [ 92.023197] CPU: 0 PID: 796 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.023857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.024722] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.025125] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.026559] RSP: 0018:ffff888014b57b78 EFLAGS: 00010246 [ 92.026979] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.027529] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 92.028078] RBP: ffff888014b57b98 R08: ffffed10047c8e3e R09: ffffed10047c8e3e [ 92.028625] R10: ffff888023e471ef R11: ffffed10047c8e3d R12: ffff888023e47290 [ 92.029172] R13: ffff888023e470a8 R14: ffffffffffffffff R15: ffff888014b57c60 [ 92.029736] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.030388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.030884] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.031466] PKRU: 55555554 [ 92.031692] Call Trace: [ 92.031895] [ 92.032076] iommufd_ioas_destroy+0x53/0x70 [ 92.032424] iommufd_fops_release+0x1f7/0x370 [ 92.032788] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.033187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.033580] ? write_comp_data+0x2f/0x90 [ 92.033908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.034304] __fput+0x26d/0xa40 [ 92.034607] ____fput+0x1e/0x30 [ 92.034883] task_work_run+0x1a4/0x2d0 [ 92.035215] ? __pfx_task_work_run+0x10/0x10 [ 92.035573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.035966] ? switch_task_namespaces+0xa9/0xe0 [ 92.036348] do_exit+0xb17/0x2ef0 [ 92.036634] ? lock_acquire+0x427/0x4c0 [ 92.036964] ? __pfx_lock_release+0x10/0x10 [ 92.037320] ? __kasan_check_write+0x18/0x20 [ 92.037673] ? do_raw_spin_lock+0x132/0x2a0 [ 92.038019] ? __pfx_do_exit+0x10/0x10 [ 92.038338] ? debug_smp_processor_id+0x20/0x30 [ 92.038747] ? rcu_is_watching+0x19/0xb0 [ 92.039076] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.039451] ? trace_hardirqs_on+0x26/0x120 [ 92.039801] do_group_exit+0xe0/0x2b0 [ 92.040110] __x64_sys_exit_group+0x47/0x50 [ 92.040449] do_syscall_64+0x3b/0x90 [ 92.040753] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.041172] RIP: 0033:0x7f4b87518a4d [ 92.041467] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.041965] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.042598] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.043184] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.043757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.044337] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.044912] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.045486] [ 92.045677] irq event stamp: 0 [ 92.045931] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.046432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.047162] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.047833] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.048330] ---[ end trace 0000000000000000 ]--- [ 92.057712] ------------[ cut here ]------------ [ 92.058300] WARNING: CPU: 1 PID: 797 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.059663] Modules linked in: [ 92.060165] CPU: 1 PID: 797 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.061375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.062763] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.063349] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.065590] RSP: 0018:ffff8880167c7bb8 EFLAGS: 00010246 [ 92.066211] RAX: 0000000000000000 RBX: ffff888011f710a8 RCX: 0000000000000000 [ 92.067186] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 92.068027] RBP: ffff8880167c7bd0 R08: ffffed10023ee233 R09: ffffed10023ee233 [ 92.068979] R10: ffff888011f71193 R11: ffffed10023ee232 R12: ffff88801842b400 [ 92.069866] R13: ffff888011f711e8 R14: ffffffff8352e670 R15: ffff8880167c7e68 [ 92.070810] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 92.071896] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.072593] CR2: 00007f4b877410e8 CR3: 0000000013e00000 CR4: 0000000000750ee0 [ 92.073554] PKRU: 55555554 [ 92.073899] Call Trace: [ 92.074208] [ 92.074580] __iommufd_access_detach+0x1c2/0x2b0 [ 92.075203] iommufd_access_change_pt+0x149/0x270 [ 92.075849] iommufd_access_replace+0xb4/0x120 [ 92.076467] iommufd_test+0x3e5/0x37e0 [ 92.076947] ? lock_release+0x532/0x770 [ 92.077500] ? __might_fault+0x102/0x1b0 [ 92.078074] ? lock_acquire+0x427/0x4c0 [ 92.078620] ? __pfx_iommufd_test+0x10/0x10 [ 92.079307] ? __pfx_lock_release+0x10/0x10 [ 92.079853] ? __pfx_lock_acquire+0x10/0x10 [ 92.080399] ? write_comp_data+0x2f/0x90 [ 92.081044] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.081652] ? write_comp_data+0x2f/0x90 [ 92.082243] iommufd_fops_ioctl+0x37d/0x510 [ 92.082847] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.083479] ? write_comp_data+0x2f/0x90 [ 92.084128] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.084753] __x64_sys_ioctl+0x1a3/0x230 [ 92.085347] do_syscall_64+0x3b/0x90 [ 92.085886] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.086580] RIP: 0033:0x7f4b8743ee5d [ 92.087200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.089663] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.090779] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.091749] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.092706] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.093733] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.094670] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.095839] [ 92.096158] irq event stamp: 0 [ 92.096577] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.097572] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.098843] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.099951] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.100986] ---[ end trace 0000000000000000 ]--- [ 92.110097] ------------[ cut here ]------------ [ 92.110874] WARNING: CPU: 1 PID: 797 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.112414] Modules linked in: [ 92.112849] CPU: 1 PID: 797 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.113995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.115541] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.116214] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.118636] RSP: 0018:ffff8880167c7bd0 EFLAGS: 00010246 [ 92.119359] RAX: 0000000000000000 RBX: ffff888011f710a8 RCX: 0000000000000000 [ 92.120318] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 92.121305] RBP: ffff8880167c7be8 R08: ffffed10023ee233 R09: ffffed10023ee233 [ 92.122261] R10: ffff888011f71193 R11: ffffed10023ee232 R12: ffff888021bbfc00 [ 92.123296] R13: ffff888011f711e8 R14: ffff8880148a8800 R15: 0000000000000000 [ 92.124238] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 92.125285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.126042] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 92.127024] PKRU: 55555554 [ 92.127420] Call Trace: [ 92.127764] [ 92.128072] iommufd_access_destroy_object+0x65/0x170 [ 92.128768] iommufd_object_destroy_user+0x18e/0x220 [ 92.129452] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.130225] iommufd_access_destroy+0x43/0x70 [ 92.130876] iommufd_test_staccess_release+0x8d/0xd0 [ 92.131648] __fput+0x26d/0xa40 [ 92.132119] ____fput+0x1e/0x30 [ 92.132573] task_work_run+0x1a4/0x2d0 [ 92.133104] ? __pfx_task_work_run+0x10/0x10 [ 92.133693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.134351] ? switch_task_namespaces+0xa9/0xe0 [ 92.135021] do_exit+0xb17/0x2ef0 [ 92.135500] ? lock_acquire+0x427/0x4c0 [ 92.136046] ? __pfx_lock_release+0x10/0x10 [ 92.136623] ? __kasan_check_write+0x18/0x20 [ 92.137209] ? do_raw_spin_lock+0x132/0x2a0 [ 92.137778] ? __pfx_do_exit+0x10/0x10 [ 92.138305] ? debug_smp_processor_id+0x20/0x30 [ 92.138963] ? rcu_is_watching+0x19/0xb0 [ 92.139527] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.140144] ? trace_hardirqs_on+0x26/0x120 [ 92.140728] do_group_exit+0xe0/0x2b0 [ 92.141238] __x64_sys_exit_group+0x47/0x50 [ 92.141790] do_syscall_64+0x3b/0x90 [ 92.142288] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.143019] RIP: 0033:0x7f4b87518a4d [ 92.143540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.144354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.145354] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.146295] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.147317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.148255] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.149187] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.150107] [ 92.150411] irq event stamp: 0 [ 92.150854] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.151690] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.152785] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.153868] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.154720] ---[ end trace 0000000000000000 ]--- [ 92.155866] ------------[ cut here ]------------ [ 92.156463] WARNING: CPU: 0 PID: 797 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.157514] Modules linked in: [ 92.157849] CPU: 0 PID: 797 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.159043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.160254] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.160795] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.162781] RSP: 0018:ffff8880167c7b78 EFLAGS: 00010246 [ 92.163388] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.164138] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 92.164890] RBP: ffff8880167c7b98 R08: ffffed10023ee23e R09: ffffed10023ee23e [ 92.165649] R10: ffff888011f711ef R11: ffffed10023ee23d R12: ffff888011f71290 [ 92.166398] R13: ffff888011f710a8 R14: ffffffffffffffff R15: ffff8880167c7c60 [ 92.167226] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.168085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.168692] CR2: 00007f82e2f42010 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 92.169439] PKRU: 55555554 [ 92.169741] Call Trace: [ 92.170011] [ 92.170255] iommufd_ioas_destroy+0x53/0x70 [ 92.170778] iommufd_fops_release+0x1f7/0x370 [ 92.171269] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.171818] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.172347] ? write_comp_data+0x2f/0x90 [ 92.172788] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.173317] __fput+0x26d/0xa40 [ 92.173685] ____fput+0x1e/0x30 [ 92.174036] task_work_run+0x1a4/0x2d0 [ 92.174452] ? __pfx_task_work_run+0x10/0x10 [ 92.174978] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.175520] ? switch_task_namespaces+0xa9/0xe0 [ 92.176029] do_exit+0xb17/0x2ef0 [ 92.176399] ? lock_acquire+0x427/0x4c0 [ 92.176830] ? __pfx_lock_release+0x10/0x10 [ 92.177295] ? __kasan_check_write+0x18/0x20 [ 92.177766] ? do_raw_spin_lock+0x132/0x2a0 [ 92.178228] ? __pfx_do_exit+0x10/0x10 [ 92.178703] ? debug_smp_processor_id+0x20/0x30 [ 92.179230] ? rcu_is_watching+0x19/0xb0 [ 92.179679] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.180173] ? trace_hardirqs_on+0x26/0x120 [ 92.180648] do_group_exit+0xe0/0x2b0 [ 92.181059] __x64_sys_exit_group+0x47/0x50 [ 92.181513] do_syscall_64+0x3b/0x90 [ 92.181920] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.182486] RIP: 0033:0x7f4b87518a4d [ 92.182978] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.183650] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.184477] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.185227] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.185976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.186799] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.187566] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.188330] [ 92.188580] irq event stamp: 0 [ 92.188916] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.189581] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.190469] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.191418] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.192100] ---[ end trace 0000000000000000 ]--- [ 92.197386] ------------[ cut here ]------------ [ 92.197952] WARNING: CPU: 0 PID: 798 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.199136] Modules linked in: [ 92.199477] CPU: 0 PID: 798 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.200382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.201562] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.202100] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.204110] RSP: 0018:ffff888020c07bb8 EFLAGS: 00010246 [ 92.204708] RAX: 0000000000000000 RBX: ffff8880146868a8 RCX: 0000000000000000 [ 92.205485] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 92.206258] RBP: ffff888020c07bd0 R08: ffffed10028d0d33 R09: ffffed10028d0d33 [ 92.207101] R10: ffff888014686993 R11: ffffed10028d0d32 R12: ffff88801422ec00 [ 92.207880] R13: ffff8880146869e8 R14: ffffffff8352e670 R15: ffff888020c07e68 [ 92.208626] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.209456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.210051] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ef0 [ 92.210831] PKRU: 55555554 [ 92.211144] Call Trace: [ 92.211429] [ 92.211693] __iommufd_access_detach+0x1c2/0x2b0 [ 92.212263] iommufd_access_change_pt+0x149/0x270 [ 92.212784] iommufd_access_replace+0xb4/0x120 [ 92.213270] iommufd_test+0x3e5/0x37e0 [ 92.213696] ? lock_release+0x532/0x770 [ 92.214149] ? __might_fault+0x102/0x1b0 [ 92.214685] ? lock_acquire+0x427/0x4c0 [ 92.215149] ? __pfx_iommufd_test+0x10/0x10 [ 92.215604] ? __pfx_lock_release+0x10/0x10 [ 92.216074] ? __pfx_lock_acquire+0x10/0x10 [ 92.216565] ? write_comp_data+0x2f/0x90 [ 92.217006] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.217527] ? write_comp_data+0x2f/0x90 [ 92.217976] iommufd_fops_ioctl+0x37d/0x510 [ 92.218446] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.219031] ? write_comp_data+0x2f/0x90 [ 92.219509] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.220039] __x64_sys_ioctl+0x1a3/0x230 [ 92.220480] do_syscall_64+0x3b/0x90 [ 92.220886] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.221452] RIP: 0033:0x7f4b8743ee5d [ 92.221851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.223836] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.224650] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.225402] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.226151] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.226973] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.227752] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.228519] [ 92.228767] irq event stamp: 0 [ 92.229097] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.229779] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.230707] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.231606] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.232273] ---[ end trace 0000000000000000 ]--- [ 92.235675] ------------[ cut here ]------------ [ 92.236227] WARNING: CPU: 0 PID: 798 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.237274] Modules linked in: [ 92.237613] CPU: 0 PID: 798 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.238500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.239946] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.240468] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.242369] RSP: 0018:ffff888020c07bd0 EFLAGS: 00010246 [ 92.242987] RAX: 0000000000000000 RBX: ffff8880146868a8 RCX: 0000000000000000 [ 92.243742] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 92.244475] RBP: ffff888020c07be8 R08: ffffed10028d0d33 R09: ffffed10028d0d33 [ 92.245212] R10: ffff888014686993 R11: ffffed10028d0d32 R12: ffff888010e01800 [ 92.245950] R13: ffff8880146869e8 R14: ffff888013a7d300 R15: 0000000000000000 [ 92.246728] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.247575] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.248175] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.248916] PKRU: 55555554 [ 92.249210] Call Trace: [ 92.249475] [ 92.249714] iommufd_access_destroy_object+0x65/0x170 [ 92.250260] iommufd_object_destroy_user+0x18e/0x220 [ 92.250836] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.251454] iommufd_access_destroy+0x43/0x70 [ 92.251926] iommufd_test_staccess_release+0x8d/0xd0 [ 92.252463] __fput+0x26d/0xa40 [ 92.252824] ____fput+0x1e/0x30 [ 92.253173] task_work_run+0x1a4/0x2d0 [ 92.253589] ? __pfx_task_work_run+0x10/0x10 [ 92.254053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.254604] ? switch_task_namespaces+0xa9/0xe0 [ 92.255102] do_exit+0xb17/0x2ef0 [ 92.255481] ? lock_acquire+0x427/0x4c0 [ 92.255904] ? __pfx_lock_release+0x10/0x10 [ 92.256354] ? __kasan_check_write+0x18/0x20 [ 92.256821] ? do_raw_spin_lock+0x132/0x2a0 [ 92.257268] ? __pfx_do_exit+0x10/0x10 [ 92.257676] ? debug_smp_processor_id+0x20/0x30 [ 92.258157] ? rcu_is_watching+0x19/0xb0 [ 92.258620] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.259099] ? trace_hardirqs_on+0x26/0x120 [ 92.259567] do_group_exit+0xe0/0x2b0 [ 92.259966] __x64_sys_exit_group+0x47/0x50 [ 92.260416] do_syscall_64+0x3b/0x90 [ 92.260814] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.261358] RIP: 0033:0x7f4b87518a4d [ 92.261743] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.262373] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.263198] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.263936] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.264667] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.265395] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.266125] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.266899] [ 92.267153] irq event stamp: 0 [ 92.267481] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.268131] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.268992] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.269848] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.270496] ---[ end trace 0000000000000000 ]--- [ 92.271427] ------------[ cut here ]------------ [ 92.271915] WARNING: CPU: 0 PID: 798 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.272968] Modules linked in: [ 92.273300] CPU: 0 PID: 798 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.274187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.275388] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.275923] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.277680] RSP: 0018:ffff888020c07b78 EFLAGS: 00010246 [ 92.278181] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.278872] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 92.279554] RBP: ffff888020c07b98 R08: ffffed10028d0d3e R09: ffffed10028d0d3e [ 92.280227] R10: ffff8880146869ef R11: ffffed10028d0d3d R12: ffff888014686a90 [ 92.280899] R13: ffff8880146868a8 R14: ffffffffffffffff R15: ffff888020c07c60 [ 92.281572] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.282327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.282901] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.283590] PKRU: 55555554 [ 92.283861] Call Trace: [ 92.284109] [ 92.284325] iommufd_ioas_destroy+0x53/0x70 [ 92.284741] iommufd_fops_release+0x1f7/0x370 [ 92.285180] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.285653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.286117] ? write_comp_data+0x2f/0x90 [ 92.286539] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.287008] __fput+0x26d/0xa40 [ 92.287353] ____fput+0x1e/0x30 [ 92.287675] task_work_run+0x1a4/0x2d0 [ 92.288054] ? __pfx_task_work_run+0x10/0x10 [ 92.288474] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.288936] ? switch_task_namespaces+0xa9/0xe0 [ 92.289381] do_exit+0xb17/0x2ef0 [ 92.289705] ? lock_acquire+0x427/0x4c0 [ 92.290085] ? __pfx_lock_release+0x10/0x10 [ 92.290496] ? __kasan_check_write+0x18/0x20 [ 92.290933] ? do_raw_spin_lock+0x132/0x2a0 [ 92.291325] ? __pfx_do_exit+0x10/0x10 [ 92.291684] ? debug_smp_processor_id+0x20/0x30 [ 92.292098] ? rcu_is_watching+0x19/0xb0 [ 92.292461] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.292873] ? trace_hardirqs_on+0x26/0x120 [ 92.293265] do_group_exit+0xe0/0x2b0 [ 92.293605] __x64_sys_exit_group+0x47/0x50 [ 92.293986] do_syscall_64+0x3b/0x90 [ 92.294326] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.294813] RIP: 0033:0x7f4b87518a4d [ 92.295151] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.295697] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.296359] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.296981] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.297601] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.298218] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.298858] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.299500] [ 92.299711] irq event stamp: 0 [ 92.299991] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.300541] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.301282] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.302021] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.302600] ---[ end trace 0000000000000000 ]--- [ 92.307708] ------------[ cut here ]------------ [ 92.308140] WARNING: CPU: 0 PID: 799 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.308977] Modules linked in: [ 92.309241] CPU: 0 PID: 799 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.309951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.310987] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.311410] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.312908] RSP: 0018:ffff888020cdfbb8 EFLAGS: 00010246 [ 92.313343] RAX: 0000000000000000 RBX: ffff8880178198a8 RCX: 0000000000000000 [ 92.313925] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 92.314528] RBP: ffff888020cdfbd0 R08: ffffed1002f03333 R09: ffffed1002f03333 [ 92.315118] R10: ffff888017819993 R11: ffffed1002f03332 R12: ffff888017ba4000 [ 92.315712] R13: ffff8880178199e8 R14: ffffffff8352e670 R15: ffff888020cdfe68 [ 92.316298] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.316960] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.317440] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ef0 [ 92.318030] PKRU: 55555554 [ 92.318264] Call Trace: [ 92.318478] [ 92.318683] __iommufd_access_detach+0x1c2/0x2b0 [ 92.319094] iommufd_access_change_pt+0x149/0x270 [ 92.319513] iommufd_access_replace+0xb4/0x120 [ 92.319903] iommufd_test+0x3e5/0x37e0 [ 92.320226] ? lock_release+0x532/0x770 [ 92.320569] ? __might_fault+0x102/0x1b0 [ 92.320917] ? lock_acquire+0x427/0x4c0 [ 92.321255] ? __pfx_iommufd_test+0x10/0x10 [ 92.321613] ? __pfx_lock_release+0x10/0x10 [ 92.321979] ? __pfx_lock_acquire+0x10/0x10 [ 92.322343] ? write_comp_data+0x2f/0x90 [ 92.322714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.323133] ? write_comp_data+0x2f/0x90 [ 92.323479] iommufd_fops_ioctl+0x37d/0x510 [ 92.323844] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.324252] ? write_comp_data+0x2f/0x90 [ 92.324600] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.325004] __x64_sys_ioctl+0x1a3/0x230 [ 92.325351] do_syscall_64+0x3b/0x90 [ 92.325667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.326103] RIP: 0033:0x7f4b8743ee5d [ 92.326410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.327929] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.328561] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.329155] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.329745] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.330327] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.330922] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.331522] [ 92.331724] irq event stamp: 0 [ 92.331990] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.332513] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.333216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.333908] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.334435] ---[ end trace 0000000000000000 ]--- [ 92.337347] ------------[ cut here ]------------ [ 92.337774] WARNING: CPU: 0 PID: 799 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.338638] Modules linked in: [ 92.338909] CPU: 0 PID: 799 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.339625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.340550] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.340966] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.342468] RSP: 0018:ffff888020cdfbd0 EFLAGS: 00010246 [ 92.342926] RAX: 0000000000000000 RBX: ffff8880178198a8 RCX: 0000000000000000 [ 92.343520] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 92.344108] RBP: ffff888020cdfbe8 R08: ffffed1002f03333 R09: ffffed1002f03333 [ 92.344693] R10: ffff888017819993 R11: ffffed1002f03332 R12: ffff88801422d400 [ 92.345280] R13: ffff8880178199e8 R14: ffff88802087e900 R15: 0000000000000000 [ 92.345865] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.346550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.347033] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.347636] PKRU: 55555554 [ 92.347871] Call Trace: [ 92.348086] [ 92.348276] iommufd_access_destroy_object+0x65/0x170 [ 92.348712] iommufd_object_destroy_user+0x18e/0x220 [ 92.349156] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.349641] iommufd_access_destroy+0x43/0x70 [ 92.350023] iommufd_test_staccess_release+0x8d/0xd0 [ 92.350453] __fput+0x26d/0xa40 [ 92.350764] ____fput+0x1e/0x30 [ 92.351052] task_work_run+0x1a4/0x2d0 [ 92.351399] ? __pfx_task_work_run+0x10/0x10 [ 92.351766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.352173] ? switch_task_namespaces+0xa9/0xe0 [ 92.352563] do_exit+0xb17/0x2ef0 [ 92.352849] ? lock_acquire+0x427/0x4c0 [ 92.353184] ? __pfx_lock_release+0x10/0x10 [ 92.353537] ? __kasan_check_write+0x18/0x20 [ 92.353895] ? do_raw_spin_lock+0x132/0x2a0 [ 92.354239] ? __pfx_do_exit+0x10/0x10 [ 92.354578] ? debug_smp_processor_id+0x20/0x30 [ 92.354952] ? rcu_is_watching+0x19/0xb0 [ 92.355291] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.355659] ? trace_hardirqs_on+0x26/0x120 [ 92.356011] do_group_exit+0xe0/0x2b0 [ 92.356315] __x64_sys_exit_group+0x47/0x50 [ 92.356657] do_syscall_64+0x3b/0x90 [ 92.356961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.357379] RIP: 0033:0x7f4b87518a4d [ 92.357673] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.358153] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.358775] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.359345] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.359918] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.360480] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.361039] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.361608] [ 92.361794] irq event stamp: 0 [ 92.362042] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.362569] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.363241] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.363904] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.364565] ---[ end trace 0000000000000000 ]--- [ 92.365651] ------------[ cut here ]------------ [ 92.366027] WARNING: CPU: 0 PID: 799 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.366992] Modules linked in: [ 92.367259] CPU: 0 PID: 799 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.367933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.368809] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.369208] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.370918] RSP: 0018:ffff888020cdfb78 EFLAGS: 00010246 [ 92.371345] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.371899] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 92.372605] RBP: ffff888020cdfb98 R08: ffffed1002f0333e R09: ffffed1002f0333e [ 92.373161] R10: ffff8880178199ef R11: ffffed1002f0333d R12: ffff888017819a90 [ 92.373713] R13: ffff8880178198a8 R14: ffffffffffffffff R15: ffff888020cdfc60 [ 92.374337] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.375051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.375509] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.376068] PKRU: 55555554 [ 92.376292] Call Trace: [ 92.376494] [ 92.376705] iommufd_ioas_destroy+0x53/0x70 [ 92.377168] iommufd_fops_release+0x1f7/0x370 [ 92.377533] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.377928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.378318] ? write_comp_data+0x2f/0x90 [ 92.378736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.379228] __fput+0x26d/0xa40 [ 92.379506] ____fput+0x1e/0x30 [ 92.379862] task_work_run+0x1a4/0x2d0 [ 92.380283] ? __pfx_task_work_run+0x10/0x10 [ 92.380638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.381033] ? switch_task_namespaces+0xa9/0xe0 [ 92.381434] do_exit+0xb17/0x2ef0 [ 92.381825] ? lock_acquire+0x427/0x4c0 [ 92.382164] ? __pfx_lock_release+0x10/0x10 [ 92.382532] ? __kasan_check_write+0x18/0x20 [ 92.383026] ? do_raw_spin_lock+0x132/0x2a0 [ 92.383378] ? __pfx_do_exit+0x10/0x10 [ 92.383692] ? debug_smp_processor_id+0x20/0x30 [ 92.384062] ? rcu_is_watching+0x19/0xb0 [ 92.384384] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.384748] ? trace_hardirqs_on+0x26/0x120 [ 92.385098] do_group_exit+0xe0/0x2b0 [ 92.385408] __x64_sys_exit_group+0x47/0x50 [ 92.385749] do_syscall_64+0x3b/0x90 [ 92.386056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.386473] RIP: 0033:0x7f4b87518a4d [ 92.386828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.387321] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.387920] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.388480] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.389037] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.389593] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.390153] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.390734] [ 92.390920] irq event stamp: 0 [ 92.391181] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.391673] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.392422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.393074] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.393564] ---[ end trace 0000000000000000 ]--- [ 92.398352] ------------[ cut here ]------------ [ 92.399032] WARNING: CPU: 0 PID: 800 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.399835] Modules linked in: [ 92.400235] CPU: 0 PID: 800 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.400909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.401919] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.402314] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.403956] RSP: 0018:ffff88801637fbb8 EFLAGS: 00010246 [ 92.404419] RAX: 0000000000000000 RBX: ffff888018b220a8 RCX: 0000000000000000 [ 92.405124] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 92.405730] RBP: ffff88801637fbd0 R08: ffffed1003164433 R09: ffffed1003164433 [ 92.406442] R10: ffff888018b22193 R11: ffffed1003164432 R12: ffff888021baa000 [ 92.407064] R13: ffff888018b221e8 R14: ffffffff8352e670 R15: ffff88801637fe68 [ 92.407827] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.408485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.409110] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ef0 [ 92.409701] PKRU: 55555554 [ 92.409935] Call Trace: [ 92.410182] [ 92.410457] __iommufd_access_detach+0x1c2/0x2b0 [ 92.410885] iommufd_access_change_pt+0x149/0x270 [ 92.411306] iommufd_access_replace+0xb4/0x120 [ 92.411726] iommufd_test+0x3e5/0x37e0 [ 92.412158] ? lock_release+0x532/0x770 [ 92.412498] ? __might_fault+0x102/0x1b0 [ 92.412842] ? lock_acquire+0x427/0x4c0 [ 92.413340] ? __pfx_iommufd_test+0x10/0x10 [ 92.413698] ? __pfx_lock_release+0x10/0x10 [ 92.414057] ? __pfx_lock_acquire+0x10/0x10 [ 92.414591] ? write_comp_data+0x2f/0x90 [ 92.414935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.415357] ? write_comp_data+0x2f/0x90 [ 92.415710] iommufd_fops_ioctl+0x37d/0x510 [ 92.416227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.416633] ? write_comp_data+0x2f/0x90 [ 92.416981] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.417456] __x64_sys_ioctl+0x1a3/0x230 [ 92.417854] do_syscall_64+0x3b/0x90 [ 92.418171] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.418703] RIP: 0033:0x7f4b8743ee5d [ 92.419060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.420708] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.421338] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.422069] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.422677] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.423433] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.424016] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.424753] [ 92.424945] irq event stamp: 0 [ 92.425204] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.425747] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.426550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.427251] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.427931] ---[ end trace 0000000000000000 ]--- [ 92.430925] ------------[ cut here ]------------ [ 92.431371] WARNING: CPU: 0 PID: 800 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.432295] Modules linked in: [ 92.432601] CPU: 0 PID: 800 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.433394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.434467] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.434906] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.436586] RSP: 0018:ffff88801637fbd0 EFLAGS: 00010246 [ 92.437176] RAX: 0000000000000000 RBX: ffff888018b220a8 RCX: 0000000000000000 [ 92.437759] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 92.438482] RBP: ffff88801637fbe8 R08: ffffed1003164433 R09: ffffed1003164433 [ 92.439094] R10: ffff888018b22193 R11: ffffed1003164432 R12: ffff888017ba7000 [ 92.439707] R13: ffff888018b221e8 R14: ffff888020972b00 R15: 0000000000000000 [ 92.440458] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.441122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.441758] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.442346] PKRU: 55555554 [ 92.442642] Call Trace: [ 92.442970] [ 92.443175] iommufd_access_destroy_object+0x65/0x170 [ 92.443608] iommufd_object_destroy_user+0x18e/0x220 [ 92.444032] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.444677] iommufd_access_destroy+0x43/0x70 [ 92.445061] iommufd_test_staccess_release+0x8d/0xd0 [ 92.445492] __fput+0x26d/0xa40 [ 92.445954] ____fput+0x1e/0x30 [ 92.446243] task_work_run+0x1a4/0x2d0 [ 92.446616] ? __pfx_task_work_run+0x10/0x10 [ 92.447008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.447528] ? switch_task_namespaces+0xa9/0xe0 [ 92.448011] do_exit+0xb17/0x2ef0 [ 92.448316] ? lock_acquire+0x427/0x4c0 [ 92.448670] ? __pfx_lock_release+0x10/0x10 [ 92.449223] ? __kasan_check_write+0x18/0x20 [ 92.449611] ? do_raw_spin_lock+0x132/0x2a0 [ 92.449985] ? __pfx_do_exit+0x10/0x10 [ 92.450498] ? debug_smp_processor_id+0x20/0x30 [ 92.450936] ? rcu_is_watching+0x19/0xb0 [ 92.451322] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.451727] ? trace_hardirqs_on+0x26/0x120 [ 92.452333] do_group_exit+0xe0/0x2b0 [ 92.452684] __x64_sys_exit_group+0x47/0x50 [ 92.453069] do_syscall_64+0x3b/0x90 [ 92.453434] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.454045] RIP: 0033:0x7f4b87518a4d [ 92.454380] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.455004] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.455777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.456405] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.457196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.457817] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.458664] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.459307] [ 92.459517] irq event stamp: 0 [ 92.459796] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.460526] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.461260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.462130] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.462725] ---[ end trace 0000000000000000 ]--- [ 92.463621] ------------[ cut here ]------------ [ 92.464030] WARNING: CPU: 0 PID: 800 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.464913] Modules linked in: [ 92.465195] CPU: 0 PID: 800 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.465948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.466950] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.467419] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.469024] RSP: 0018:ffff88801637fb78 EFLAGS: 00010246 [ 92.469487] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.470105] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 92.470757] RBP: ffff88801637fb98 R08: ffffed100316443e R09: ffffed100316443e [ 92.471393] R10: ffff888018b221ef R11: ffffed100316443d R12: ffff888018b22290 [ 92.472013] R13: ffff888018b220a8 R14: ffffffffffffffff R15: ffff88801637fc60 [ 92.472640] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.473335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.473839] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.474480] PKRU: 55555554 [ 92.474751] Call Trace: [ 92.474977] [ 92.475183] iommufd_ioas_destroy+0x53/0x70 [ 92.475567] iommufd_fops_release+0x1f7/0x370 [ 92.475968] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.476406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.476839] ? write_comp_data+0x2f/0x90 [ 92.477206] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.477643] __fput+0x26d/0xa40 [ 92.477948] ____fput+0x1e/0x30 [ 92.478244] task_work_run+0x1a4/0x2d0 [ 92.478623] ? __pfx_task_work_run+0x10/0x10 [ 92.479014] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.479450] ? switch_task_namespaces+0xa9/0xe0 [ 92.479867] do_exit+0xb17/0x2ef0 [ 92.480170] ? lock_acquire+0x427/0x4c0 [ 92.480526] ? __pfx_lock_release+0x10/0x10 [ 92.480908] ? __kasan_check_write+0x18/0x20 [ 92.481296] ? do_raw_spin_lock+0x132/0x2a0 [ 92.481675] ? __pfx_do_exit+0x10/0x10 [ 92.482028] ? debug_smp_processor_id+0x20/0x30 [ 92.482437] ? rcu_is_watching+0x19/0xb0 [ 92.482821] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.483228] ? trace_hardirqs_on+0x26/0x120 [ 92.483611] do_group_exit+0xe0/0x2b0 [ 92.483946] __x64_sys_exit_group+0x47/0x50 [ 92.484322] do_syscall_64+0x3b/0x90 [ 92.484653] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.485108] RIP: 0033:0x7f4b87518a4d [ 92.485432] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.485965] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.486654] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.487298] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.487917] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.488531] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.489150] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.489777] [ 92.489980] irq event stamp: 0 [ 92.490251] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.490829] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.491562] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.492294] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.492838] ---[ end trace 0000000000000000 ]--- [ 92.497229] ------------[ cut here ]------------ [ 92.497683] WARNING: CPU: 0 PID: 801 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.498625] Modules linked in: [ 92.498889] CPU: 0 PID: 801 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.499605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.500518] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.500925] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.502413] RSP: 0018:ffff88800fe37bb8 EFLAGS: 00010246 [ 92.502868] RAX: 0000000000000000 RBX: ffff888021b860a8 RCX: 0000000000000000 [ 92.503456] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 92.504031] RBP: ffff88800fe37bd0 R08: ffffed1004370c33 R09: ffffed1004370c33 [ 92.504609] R10: ffff888021b86193 R11: ffffed1004370c32 R12: ffff888013b22000 [ 92.505184] R13: ffff888021b861e8 R14: ffffffff8352e670 R15: ffff88800fe37e68 [ 92.505763] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.506417] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.506907] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ef0 [ 92.507507] PKRU: 55555554 [ 92.507739] Call Trace: [ 92.507948] [ 92.508133] __iommufd_access_detach+0x1c2/0x2b0 [ 92.508534] iommufd_access_change_pt+0x149/0x270 [ 92.508938] iommufd_access_replace+0xb4/0x120 [ 92.509323] iommufd_test+0x3e5/0x37e0 [ 92.509640] ? lock_release+0x532/0x770 [ 92.509976] ? __might_fault+0x102/0x1b0 [ 92.510317] ? lock_acquire+0x427/0x4c0 [ 92.510668] ? __pfx_iommufd_test+0x10/0x10 [ 92.511023] ? __pfx_lock_release+0x10/0x10 [ 92.511392] ? __pfx_lock_acquire+0x10/0x10 [ 92.511753] ? write_comp_data+0x2f/0x90 [ 92.512095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.512499] ? write_comp_data+0x2f/0x90 [ 92.512842] iommufd_fops_ioctl+0x37d/0x510 [ 92.513200] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.513610] ? write_comp_data+0x2f/0x90 [ 92.513953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.514352] __x64_sys_ioctl+0x1a3/0x230 [ 92.514716] do_syscall_64+0x3b/0x90 [ 92.515038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.515480] RIP: 0033:0x7f4b8743ee5d [ 92.515792] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.517280] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.517903] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.518483] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.519096] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.519690] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.520272] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.520856] [ 92.521048] irq event stamp: 0 [ 92.521308] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.521822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.522525] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.523212] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.523727] ---[ end trace 0000000000000000 ]--- [ 92.526580] ------------[ cut here ]------------ [ 92.526997] WARNING: CPU: 0 PID: 801 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.527835] Modules linked in: [ 92.528102] CPU: 0 PID: 801 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.528811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.529728] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.530137] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.531651] RSP: 0018:ffff88800fe37bd0 EFLAGS: 00010246 [ 92.532091] RAX: 0000000000000000 RBX: ffff888021b860a8 RCX: 0000000000000000 [ 92.532670] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 92.533246] RBP: ffff88800fe37be8 R08: ffffed1004370c33 R09: ffffed1004370c33 [ 92.533827] R10: ffff888021b86193 R11: ffffed1004370c32 R12: ffff888021bab800 [ 92.534406] R13: ffff888021b861e8 R14: ffff888013d16d00 R15: 0000000000000000 [ 92.535000] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.535663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.536137] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.536715] PKRU: 55555554 [ 92.536946] Call Trace: [ 92.537155] [ 92.537340] iommufd_access_destroy_object+0x65/0x170 [ 92.537768] iommufd_object_destroy_user+0x18e/0x220 [ 92.538193] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.538695] iommufd_access_destroy+0x43/0x70 [ 92.539062] iommufd_test_staccess_release+0x8d/0xd0 [ 92.539487] __fput+0x26d/0xa40 [ 92.539770] ____fput+0x1e/0x30 [ 92.540042] task_work_run+0x1a4/0x2d0 [ 92.540363] ? __pfx_task_work_run+0x10/0x10 [ 92.540720] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.541120] ? switch_task_namespaces+0xa9/0xe0 [ 92.541503] do_exit+0xb17/0x2ef0 [ 92.541782] ? lock_acquire+0x427/0x4c0 [ 92.542115] ? __pfx_lock_release+0x10/0x10 [ 92.542468] ? __kasan_check_write+0x18/0x20 [ 92.542853] ? do_raw_spin_lock+0x132/0x2a0 [ 92.543211] ? __pfx_do_exit+0x10/0x10 [ 92.543530] ? debug_smp_processor_id+0x20/0x30 [ 92.543908] ? rcu_is_watching+0x19/0xb0 [ 92.544234] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.544601] ? trace_hardirqs_on+0x26/0x120 [ 92.544958] do_group_exit+0xe0/0x2b0 [ 92.545263] __x64_sys_exit_group+0x47/0x50 [ 92.545606] do_syscall_64+0x3b/0x90 [ 92.545911] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.546333] RIP: 0033:0x7f4b87518a4d [ 92.546647] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.547150] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.547751] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.548317] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.548884] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.549447] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.550007] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.550588] [ 92.550775] irq event stamp: 0 [ 92.551026] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.551526] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.552176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.552828] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.553321] ---[ end trace 0000000000000000 ]--- [ 92.554018] ------------[ cut here ]------------ [ 92.554384] WARNING: CPU: 0 PID: 801 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.555217] Modules linked in: [ 92.555471] CPU: 0 PID: 801 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.556147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.557024] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.557430] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.558875] RSP: 0018:ffff88800fe37b78 EFLAGS: 00010246 [ 92.559306] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.559864] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 92.560423] RBP: ffff88800fe37b98 R08: ffffed1004370c3e R09: ffffed1004370c3e [ 92.560982] R10: ffff888021b861ef R11: ffffed1004370c3d R12: ffff888021b86290 [ 92.561539] R13: ffff888021b860a8 R14: ffffffffffffffff R15: ffff88800fe37c60 [ 92.562097] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.562753] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.563224] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.563783] PKRU: 55555554 [ 92.564006] Call Trace: [ 92.564209] [ 92.564389] iommufd_ioas_destroy+0x53/0x70 [ 92.564740] iommufd_fops_release+0x1f7/0x370 [ 92.565099] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.565496] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.565892] ? write_comp_data+0x2f/0x90 [ 92.566220] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.566638] __fput+0x26d/0xa40 [ 92.566913] ____fput+0x1e/0x30 [ 92.567190] task_work_run+0x1a4/0x2d0 [ 92.567506] ? __pfx_task_work_run+0x10/0x10 [ 92.567855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.568244] ? switch_task_namespaces+0xa9/0xe0 [ 92.568627] do_exit+0xb17/0x2ef0 [ 92.568905] ? lock_acquire+0x427/0x4c0 [ 92.569228] ? __pfx_lock_release+0x10/0x10 [ 92.569573] ? __kasan_check_write+0x18/0x20 [ 92.569923] ? do_raw_spin_lock+0x132/0x2a0 [ 92.570265] ? __pfx_do_exit+0x10/0x10 [ 92.570606] ? debug_smp_processor_id+0x20/0x30 [ 92.570980] ? rcu_is_watching+0x19/0xb0 [ 92.571312] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.571678] ? trace_hardirqs_on+0x26/0x120 [ 92.572024] do_group_exit+0xe0/0x2b0 [ 92.572325] __x64_sys_exit_group+0x47/0x50 [ 92.572663] do_syscall_64+0x3b/0x90 [ 92.572967] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.573381] RIP: 0033:0x7f4b87518a4d [ 92.573674] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.574155] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.574770] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.575336] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.575895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.576452] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.577010] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.577575] [ 92.577763] irq event stamp: 0 [ 92.578016] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.578542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.579208] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.579861] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.580356] ---[ end trace 0000000000000000 ]--- [ 92.584268] ------------[ cut here ]------------ [ 92.584677] WARNING: CPU: 0 PID: 802 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.585460] Modules linked in: [ 92.585713] CPU: 0 PID: 802 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.586385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.587343] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.587735] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.589150] RSP: 0018:ffff888023eb7bb8 EFLAGS: 00010246 [ 92.589564] RAX: 0000000000000000 RBX: ffff888010b990a8 RCX: 0000000000000000 [ 92.590119] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 92.590687] RBP: ffff888023eb7bd0 R08: ffffed1002173233 R09: ffffed1002173233 [ 92.591255] R10: ffff888010b99193 R11: ffffed1002173232 R12: ffff888013b15800 [ 92.591812] R13: ffff888010b991e8 R14: ffffffff8352e670 R15: ffff888023eb7e68 [ 92.592365] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.592990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.593440] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 92.593995] PKRU: 55555554 [ 92.594216] Call Trace: [ 92.594415] [ 92.594612] __iommufd_access_detach+0x1c2/0x2b0 [ 92.594997] iommufd_access_change_pt+0x149/0x270 [ 92.595397] iommufd_access_replace+0xb4/0x120 [ 92.595768] iommufd_test+0x3e5/0x37e0 [ 92.596080] ? lock_release+0x532/0x770 [ 92.596403] ? __might_fault+0x102/0x1b0 [ 92.596732] ? lock_acquire+0x427/0x4c0 [ 92.597054] ? __pfx_iommufd_test+0x10/0x10 [ 92.597393] ? __pfx_lock_release+0x10/0x10 [ 92.597740] ? __pfx_lock_acquire+0x10/0x10 [ 92.598087] ? write_comp_data+0x2f/0x90 [ 92.598418] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.598830] ? write_comp_data+0x2f/0x90 [ 92.599174] iommufd_fops_ioctl+0x37d/0x510 [ 92.599521] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.599916] ? write_comp_data+0x2f/0x90 [ 92.600247] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.600629] __x64_sys_ioctl+0x1a3/0x230 [ 92.600960] do_syscall_64+0x3b/0x90 [ 92.601264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.601678] RIP: 0033:0x7f4b8743ee5d [ 92.601976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.603437] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.604039] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.604598] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.605171] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.605727] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.606280] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.606865] [ 92.607050] irq event stamp: 0 [ 92.607309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.607803] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.608458] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.609111] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.609604] ---[ end trace 0000000000000000 ]--- [ 92.612637] ------------[ cut here ]------------ [ 92.613135] WARNING: CPU: 0 PID: 802 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.614032] Modules linked in: [ 92.614286] CPU: 0 PID: 802 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.615403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.616290] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.616714] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.618235] RSP: 0018:ffff888023eb7bd0 EFLAGS: 00010246 [ 92.618675] RAX: 0000000000000000 RBX: ffff888010b990a8 RCX: 0000000000000000 [ 92.619235] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 92.619789] RBP: ffff888023eb7be8 R08: ffffed1002173233 R09: ffffed1002173233 [ 92.620342] R10: ffff888010b99193 R11: ffffed1002173232 R12: ffff888013b22800 [ 92.620893] R13: ffff888010b991e8 R14: ffff88802185ed00 R15: 0000000000000000 [ 92.621448] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.622073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.622547] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.623107] PKRU: 55555554 [ 92.623338] Call Trace: [ 92.623543] [ 92.623727] iommufd_access_destroy_object+0x65/0x170 [ 92.624140] iommufd_object_destroy_user+0x18e/0x220 [ 92.624546] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.625010] iommufd_access_destroy+0x43/0x70 [ 92.625375] iommufd_test_staccess_release+0x8d/0xd0 [ 92.625782] __fput+0x26d/0xa40 [ 92.626059] ____fput+0x1e/0x30 [ 92.626329] task_work_run+0x1a4/0x2d0 [ 92.626670] ? __pfx_task_work_run+0x10/0x10 [ 92.627027] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.627433] ? switch_task_namespaces+0xa9/0xe0 [ 92.627813] do_exit+0xb17/0x2ef0 [ 92.628091] ? lock_acquire+0x427/0x4c0 [ 92.628414] ? __pfx_lock_release+0x10/0x10 [ 92.628760] ? __kasan_check_write+0x18/0x20 [ 92.629109] ? do_raw_spin_lock+0x132/0x2a0 [ 92.629448] ? __pfx_do_exit+0x10/0x10 [ 92.629760] ? debug_smp_processor_id+0x20/0x30 [ 92.630126] ? rcu_is_watching+0x19/0xb0 [ 92.630446] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.630827] ? trace_hardirqs_on+0x26/0x120 [ 92.631188] do_group_exit+0xe0/0x2b0 [ 92.631493] __x64_sys_exit_group+0x47/0x50 [ 92.631832] do_syscall_64+0x3b/0x90 [ 92.632135] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.632547] RIP: 0033:0x7f4b87518a4d [ 92.632842] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.633323] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.633915] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.634473] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.635063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.635642] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.636202] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.636763] [ 92.636952] irq event stamp: 0 [ 92.637202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.637694] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.638350] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.639023] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.639529] ---[ end trace 0000000000000000 ]--- [ 92.640382] ------------[ cut here ]------------ [ 92.640890] WARNING: CPU: 0 PID: 802 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.641688] Modules linked in: [ 92.641944] CPU: 0 PID: 802 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.642806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.643702] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.644120] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.645712] RSP: 0018:ffff888023eb7b78 EFLAGS: 00010246 [ 92.646277] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.647007] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 92.647580] RBP: ffff888023eb7b98 R08: ffffed100217323e R09: ffffed100217323e [ 92.648197] R10: ffff888010b991ef R11: ffffed100217323d R12: ffff888010b99290 [ 92.648856] R13: ffff888010b990a8 R14: ffffffffffffffff R15: ffff888023eb7c60 [ 92.649427] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.650197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.650679] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.651266] PKRU: 55555554 [ 92.651507] Call Trace: [ 92.651763] [ 92.652036] iommufd_ioas_destroy+0x53/0x70 [ 92.652393] iommufd_fops_release+0x1f7/0x370 [ 92.652757] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.653233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.653725] ? write_comp_data+0x2f/0x90 [ 92.654059] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.654449] __fput+0x26d/0xa40 [ 92.654815] ____fput+0x1e/0x30 [ 92.655163] task_work_run+0x1a4/0x2d0 [ 92.655491] ? __pfx_task_work_run+0x10/0x10 [ 92.655861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.656266] ? switch_task_namespaces+0xa9/0xe0 [ 92.656658] do_exit+0xb17/0x2ef0 [ 92.657020] ? lock_acquire+0x427/0x4c0 [ 92.657436] ? __pfx_lock_release+0x10/0x10 [ 92.657798] ? __kasan_check_write+0x18/0x20 [ 92.658169] ? do_raw_spin_lock+0x132/0x2a0 [ 92.658703] ? __pfx_do_exit+0x10/0x10 [ 92.659051] ? debug_smp_processor_id+0x20/0x30 [ 92.659448] ? rcu_is_watching+0x19/0xb0 [ 92.659791] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.660170] ? trace_hardirqs_on+0x26/0x120 [ 92.660533] do_group_exit+0xe0/0x2b0 [ 92.660855] __x64_sys_exit_group+0x47/0x50 [ 92.661274] do_syscall_64+0x3b/0x90 [ 92.661703] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.662136] RIP: 0033:0x7f4b87518a4d [ 92.662442] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.662974] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.663604] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.664348] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.664931] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.665521] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.666182] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.666894] [ 92.667097] irq event stamp: 0 [ 92.667374] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.667897] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.668599] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.669436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.669960] ---[ end trace 0000000000000000 ]--- [ 92.674272] ------------[ cut here ]------------ [ 92.674728] WARNING: CPU: 0 PID: 803 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.675724] Modules linked in: [ 92.675990] CPU: 0 PID: 803 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.676695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.677765] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.678174] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.679692] RSP: 0018:ffff8880143afbb8 EFLAGS: 00010246 [ 92.680135] RAX: 0000000000000000 RBX: ffff88800b8100a8 RCX: 0000000000000000 [ 92.680894] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 92.681476] RBP: ffff8880143afbd0 R08: ffffed1001702033 R09: ffffed1001702033 [ 92.682058] R10: ffff88800b810193 R11: ffffed1001702032 R12: ffff888012e96400 [ 92.682795] R13: ffff88800b8101e8 R14: ffffffff8352e670 R15: ffff8880143afe68 [ 92.683383] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.684047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.684526] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 92.685112] PKRU: 55555554 [ 92.685348] Call Trace: [ 92.685561] [ 92.685750] __iommufd_access_detach+0x1c2/0x2b0 [ 92.686160] iommufd_access_change_pt+0x149/0x270 [ 92.686587] iommufd_access_replace+0xb4/0x120 [ 92.686975] iommufd_test+0x3e5/0x37e0 [ 92.687306] ? lock_release+0x532/0x770 [ 92.687650] ? __might_fault+0x102/0x1b0 [ 92.687996] ? lock_acquire+0x427/0x4c0 [ 92.688335] ? __pfx_iommufd_test+0x10/0x10 [ 92.688689] ? __pfx_lock_release+0x10/0x10 [ 92.689053] ? __pfx_lock_acquire+0x10/0x10 [ 92.689421] ? write_comp_data+0x2f/0x90 [ 92.689771] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.690175] ? write_comp_data+0x2f/0x90 [ 92.690542] iommufd_fops_ioctl+0x37d/0x510 [ 92.690906] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.691322] ? write_comp_data+0x2f/0x90 [ 92.691667] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.692066] __x64_sys_ioctl+0x1a3/0x230 [ 92.692411] do_syscall_64+0x3b/0x90 [ 92.692734] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.693173] RIP: 0033:0x7f4b8743ee5d [ 92.693485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.695000] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.695639] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.696222] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.696804] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.697388] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.697979] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.698612] [ 92.698810] irq event stamp: 0 [ 92.699079] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.699612] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.700303] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.700994] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.701747] ---[ end trace 0000000000000000 ]--- [ 92.704880] ------------[ cut here ]------------ [ 92.705283] WARNING: CPU: 0 PID: 803 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.706270] Modules linked in: [ 92.706587] CPU: 0 PID: 803 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.707303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.708383] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.708790] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.710271] RSP: 0018:ffff8880143afbd0 EFLAGS: 00010246 [ 92.710736] RAX: 0000000000000000 RBX: ffff88800b8100a8 RCX: 0000000000000000 [ 92.711326] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 92.711910] RBP: ffff8880143afbe8 R08: ffffed1001702033 R09: ffffed1001702033 [ 92.712494] R10: ffff88800b810193 R11: ffffed1001702032 R12: ffff888013b14c00 [ 92.713278] R13: ffff88800b8101e8 R14: ffff88800fa20200 R15: 0000000000000000 [ 92.713871] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.714563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.715043] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.715805] PKRU: 55555554 [ 92.716038] Call Trace: [ 92.716248] [ 92.716434] iommufd_access_destroy_object+0x65/0x170 [ 92.716869] iommufd_object_destroy_user+0x18e/0x220 [ 92.717291] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.717772] iommufd_access_destroy+0x43/0x70 [ 92.718150] iommufd_test_staccess_release+0x8d/0xd0 [ 92.718626] __fput+0x26d/0xa40 [ 92.718918] ____fput+0x1e/0x30 [ 92.719209] task_work_run+0x1a4/0x2d0 [ 92.719542] ? __pfx_task_work_run+0x10/0x10 [ 92.719913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.720318] ? switch_task_namespaces+0xa9/0xe0 [ 92.720714] do_exit+0xb17/0x2ef0 [ 92.721003] ? lock_acquire+0x427/0x4c0 [ 92.721343] ? __pfx_lock_release+0x10/0x10 [ 92.721707] ? __kasan_check_write+0x18/0x20 [ 92.722076] ? do_raw_spin_lock+0x132/0x2a0 [ 92.722433] ? __pfx_do_exit+0x10/0x10 [ 92.722791] ? debug_smp_processor_id+0x20/0x30 [ 92.723195] ? rcu_is_watching+0x19/0xb0 [ 92.723533] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.723911] ? trace_hardirqs_on+0x26/0x120 [ 92.724277] do_group_exit+0xe0/0x2b0 [ 92.724598] __x64_sys_exit_group+0x47/0x50 [ 92.725061] do_syscall_64+0x3b/0x90 [ 92.725494] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.725933] RIP: 0033:0x7f4b87518a4d [ 92.726242] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.726771] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.727594] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.728184] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.728775] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.729518] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.730103] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.730709] [ 92.730907] irq event stamp: 0 [ 92.731202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.731854] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.732542] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.733261] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.733877] ---[ end trace 0000000000000000 ]--- [ 92.735822] ------------[ cut here ]------------ [ 92.736223] WARNING: CPU: 0 PID: 803 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.737046] Modules linked in: [ 92.737471] CPU: 0 PID: 803 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.738178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.739183] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.739657] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.741258] RSP: 0018:ffff8880143afb78 EFLAGS: 00010246 [ 92.741702] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.742284] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 92.742888] RBP: ffff8880143afb98 R08: ffffed100170203e R09: ffffed100170203e [ 92.743480] R10: ffff88800b8101ef R11: ffffed100170203d R12: ffff88800b810290 [ 92.744068] R13: ffff88800b8100a8 R14: ffffffffffffffff R15: ffff8880143afc60 [ 92.744653] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.745309] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.745783] CR2: 00007f82e2fb6008 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 92.746370] PKRU: 55555554 [ 92.746620] Call Trace: [ 92.746833] [ 92.747023] iommufd_ioas_destroy+0x53/0x70 [ 92.747400] iommufd_fops_release+0x1f7/0x370 [ 92.747779] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.748202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.748614] ? write_comp_data+0x2f/0x90 [ 92.748959] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.749372] __fput+0x26d/0xa40 [ 92.749664] ____fput+0x1e/0x30 [ 92.749947] task_work_run+0x1a4/0x2d0 [ 92.750278] ? __pfx_task_work_run+0x10/0x10 [ 92.750674] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.751086] ? switch_task_namespaces+0xa9/0xe0 [ 92.751488] do_exit+0xb17/0x2ef0 [ 92.751774] ? lock_acquire+0x427/0x4c0 [ 92.752110] ? __pfx_lock_release+0x10/0x10 [ 92.752465] ? __kasan_check_write+0x18/0x20 [ 92.752818] ? do_raw_spin_lock+0x132/0x2a0 [ 92.753165] ? __pfx_do_exit+0x10/0x10 [ 92.753486] ? debug_smp_processor_id+0x20/0x30 [ 92.753860] ? rcu_is_watching+0x19/0xb0 [ 92.754187] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.754575] ? trace_hardirqs_on+0x26/0x120 [ 92.754933] do_group_exit+0xe0/0x2b0 [ 92.755250] __x64_sys_exit_group+0x47/0x50 [ 92.755596] do_syscall_64+0x3b/0x90 [ 92.755906] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.756326] RIP: 0033:0x7f4b87518a4d [ 92.756623] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.757111] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.757721] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.758285] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.758871] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.759452] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.760022] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.760594] [ 92.760780] irq event stamp: 0 [ 92.761035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.761536] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.762200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.762894] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.763404] ---[ end trace 0000000000000000 ]--- [ 92.767803] ------------[ cut here ]------------ [ 92.768186] WARNING: CPU: 0 PID: 804 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.769138] Modules linked in: [ 92.769389] CPU: 0 PID: 804 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.770210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.771250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.771644] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.773227] RSP: 0018:ffff88801715fbb8 EFLAGS: 00010246 [ 92.773697] RAX: 0000000000000000 RBX: ffff88800ba420a8 RCX: 0000000000000000 [ 92.774333] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 92.774978] RBP: ffff88801715fbd0 R08: ffffed1001748433 R09: ffffed1001748433 [ 92.775633] R10: ffff88800ba42193 R11: ffffed1001748432 R12: ffff888016634800 [ 92.776190] R13: ffff88800ba421e8 R14: ffffffff8352e670 R15: ffff88801715fe68 [ 92.776882] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.777535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.778082] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ef0 [ 92.778685] PKRU: 55555554 [ 92.778996] Call Trace: [ 92.779203] [ 92.779381] __iommufd_access_detach+0x1c2/0x2b0 [ 92.779772] iommufd_access_change_pt+0x149/0x270 [ 92.780217] iommufd_access_replace+0xb4/0x120 [ 92.780685] iommufd_test+0x3e5/0x37e0 [ 92.781000] ? lock_release+0x532/0x770 [ 92.781361] ? __might_fault+0x102/0x1b0 [ 92.781769] ? lock_acquire+0x427/0x4c0 [ 92.782099] ? __pfx_iommufd_test+0x10/0x10 [ 92.782444] ? __pfx_lock_release+0x10/0x10 [ 92.782976] ? __pfx_lock_acquire+0x10/0x10 [ 92.783353] ? write_comp_data+0x2f/0x90 [ 92.783703] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.784114] ? write_comp_data+0x2f/0x90 [ 92.784627] iommufd_fops_ioctl+0x37d/0x510 [ 92.784992] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.785408] ? write_comp_data+0x2f/0x90 [ 92.785908] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.786313] __x64_sys_ioctl+0x1a3/0x230 [ 92.786684] do_syscall_64+0x3b/0x90 [ 92.787003] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.787599] RIP: 0033:0x7f4b8743ee5d [ 92.787909] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.789582] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.790383] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.791013] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.791736] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.792333] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.793094] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.793688] [ 92.793920] irq event stamp: 0 [ 92.794307] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.794847] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.795543] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.796371] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.796893] ---[ end trace 0000000000000000 ]--- [ 92.800133] ------------[ cut here ]------------ [ 92.800557] WARNING: CPU: 0 PID: 804 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.801379] Modules linked in: [ 92.801644] CPU: 0 PID: 804 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.802351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.803304] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.803713] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.805224] RSP: 0018:ffff88801715fbd0 EFLAGS: 00010246 [ 92.805656] RAX: 0000000000000000 RBX: ffff88800ba420a8 RCX: 0000000000000000 [ 92.806236] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 92.806833] RBP: ffff88801715fbe8 R08: ffffed1001748433 R09: ffffed1001748433 [ 92.807422] R10: ffff88800ba42193 R11: ffffed1001748432 R12: ffff888012e94400 [ 92.808003] R13: ffff88800ba421e8 R14: ffff88800fd8c600 R15: 0000000000000000 [ 92.808581] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.809236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.809711] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.810296] PKRU: 55555554 [ 92.810560] Call Trace: [ 92.810776] [ 92.810966] iommufd_access_destroy_object+0x65/0x170 [ 92.811408] iommufd_object_destroy_user+0x18e/0x220 [ 92.811832] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.812315] iommufd_access_destroy+0x43/0x70 [ 92.812695] iommufd_test_staccess_release+0x8d/0xd0 [ 92.813123] __fput+0x26d/0xa40 [ 92.813414] ____fput+0x1e/0x30 [ 92.813696] task_work_run+0x1a4/0x2d0 [ 92.814026] ? __pfx_task_work_run+0x10/0x10 [ 92.814394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.814826] ? switch_task_namespaces+0xa9/0xe0 [ 92.815236] do_exit+0xb17/0x2ef0 [ 92.815528] ? lock_acquire+0x427/0x4c0 [ 92.815865] ? __pfx_lock_release+0x10/0x10 [ 92.816231] ? __kasan_check_write+0x18/0x20 [ 92.816600] ? do_raw_spin_lock+0x132/0x2a0 [ 92.816967] ? __pfx_do_exit+0x10/0x10 [ 92.817303] ? debug_smp_processor_id+0x20/0x30 [ 92.817692] ? rcu_is_watching+0x19/0xb0 [ 92.818030] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.818409] ? trace_hardirqs_on+0x26/0x120 [ 92.818791] do_group_exit+0xe0/0x2b0 [ 92.819116] __x64_sys_exit_group+0x47/0x50 [ 92.819475] do_syscall_64+0x3b/0x90 [ 92.819797] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.820237] RIP: 0033:0x7f4b87518a4d [ 92.820547] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.821057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.821683] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.822264] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.822882] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.823473] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.824059] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.824651] [ 92.824845] irq event stamp: 0 [ 92.825106] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.825627] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.826311] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.827007] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.827533] ---[ end trace 0000000000000000 ]--- [ 92.828252] ------------[ cut here ]------------ [ 92.828640] WARNING: CPU: 0 PID: 804 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.829469] Modules linked in: [ 92.829739] CPU: 0 PID: 804 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.830447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.831399] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.831828] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.833318] RSP: 0018:ffff88801715fb78 EFLAGS: 00010246 [ 92.833755] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.834339] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 92.834940] RBP: ffff88801715fb98 R08: ffffed100174843e R09: ffffed100174843e [ 92.835537] R10: ffff88800ba421ef R11: ffffed100174843d R12: ffff88800ba42290 [ 92.836131] R13: ffff88800ba420a8 R14: ffffffffffffffff R15: ffff88801715fc60 [ 92.836716] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.837371] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.837851] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.838430] PKRU: 55555554 [ 92.838687] Call Trace: [ 92.838901] [ 92.839089] iommufd_ioas_destroy+0x53/0x70 [ 92.839461] iommufd_fops_release+0x1f7/0x370 [ 92.839839] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.840256] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.840663] ? write_comp_data+0x2f/0x90 [ 92.841015] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.841429] __fput+0x26d/0xa40 [ 92.841714] ____fput+0x1e/0x30 [ 92.841994] task_work_run+0x1a4/0x2d0 [ 92.842323] ? __pfx_task_work_run+0x10/0x10 [ 92.842710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.843130] ? switch_task_namespaces+0xa9/0xe0 [ 92.843533] do_exit+0xb17/0x2ef0 [ 92.843821] ? lock_acquire+0x427/0x4c0 [ 92.844161] ? __pfx_lock_release+0x10/0x10 [ 92.844527] ? __kasan_check_write+0x18/0x20 [ 92.844896] ? do_raw_spin_lock+0x132/0x2a0 [ 92.845258] ? __pfx_do_exit+0x10/0x10 [ 92.845594] ? debug_smp_processor_id+0x20/0x30 [ 92.845982] ? rcu_is_watching+0x19/0xb0 [ 92.846319] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.846728] ? trace_hardirqs_on+0x26/0x120 [ 92.847095] do_group_exit+0xe0/0x2b0 [ 92.847422] __x64_sys_exit_group+0x47/0x50 [ 92.847779] do_syscall_64+0x3b/0x90 [ 92.848098] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.848532] RIP: 0033:0x7f4b87518a4d [ 92.848838] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.849343] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.849968] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.850573] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.851172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.851763] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.852345] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.852935] [ 92.853127] irq event stamp: 0 [ 92.853388] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.853906] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.854621] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.855329] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.855850] ---[ end trace 0000000000000000 ]--- [ 92.859971] ------------[ cut here ]------------ [ 92.860406] WARNING: CPU: 0 PID: 805 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.861227] Modules linked in: [ 92.861491] CPU: 0 PID: 805 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.862210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.863249] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.863671] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.865164] RSP: 0018:ffff88801792fbb8 EFLAGS: 00010246 [ 92.865604] RAX: 0000000000000000 RBX: ffff888021b738a8 RCX: 0000000000000000 [ 92.866188] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 92.866797] RBP: ffff88801792fbd0 R08: ffffed100436e733 R09: ffffed100436e733 [ 92.867400] R10: ffff888021b73993 R11: ffffed100436e732 R12: ffff88801341e400 [ 92.867986] R13: ffff888021b739e8 R14: ffffffff8352e670 R15: ffff88801792fe68 [ 92.868569] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.869232] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.869710] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 92.870305] PKRU: 55555554 [ 92.870562] Call Trace: [ 92.870778] [ 92.870967] __iommufd_access_detach+0x1c2/0x2b0 [ 92.871384] iommufd_access_change_pt+0x149/0x270 [ 92.871801] iommufd_access_replace+0xb4/0x120 [ 92.872299] iommufd_test+0x3e5/0x37e0 [ 92.872794] ? lock_release+0x532/0x770 [ 92.873144] ? __might_fault+0x102/0x1b0 [ 92.873515] ? lock_acquire+0x427/0x4c0 [ 92.873984] ? __pfx_iommufd_test+0x10/0x10 [ 92.874351] ? __pfx_lock_release+0x10/0x10 [ 92.874769] ? __pfx_lock_acquire+0x10/0x10 [ 92.875518] ? write_comp_data+0x2f/0x90 [ 92.876017] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.876609] ? write_comp_data+0x2f/0x90 [ 92.877281] iommufd_fops_ioctl+0x37d/0x510 [ 92.877796] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.878621] ? write_comp_data+0x2f/0x90 [ 92.879145] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 92.879920] __x64_sys_ioctl+0x1a3/0x230 [ 92.880424] do_syscall_64+0x3b/0x90 [ 92.881072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.881702] RIP: 0033:0x7f4b8743ee5d [ 92.882484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 92.885109] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 92.886345] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 92.887505] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 92.888392] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 92.889400] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 92.890457] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 92.891604] [ 92.891900] irq event stamp: 0 [ 92.892282] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.893271] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.894321] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.895498] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.896536] ---[ end trace 0000000000000000 ]--- [ 92.901383] ------------[ cut here ]------------ [ 92.901999] WARNING: CPU: 0 PID: 805 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.903604] Modules linked in: [ 92.904019] CPU: 0 PID: 805 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.905077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.906445] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 92.907104] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 92.909334] RSP: 0018:ffff88801792fbd0 EFLAGS: 00010246 [ 92.909993] RAX: 0000000000000000 RBX: ffff888021b738a8 RCX: 0000000000000000 [ 92.910909] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 92.911800] RBP: ffff88801792fbe8 R08: ffffed100436e733 R09: ffffed100436e733 [ 92.912673] R10: ffff888021b73993 R11: ffffed100436e732 R12: ffff888016636c00 [ 92.913547] R13: ffff888021b739e8 R14: ffff8880149bb600 R15: 0000000000000000 [ 92.914420] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.915483] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.916207] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.917080] PKRU: 55555554 [ 92.917431] Call Trace: [ 92.917750] [ 92.918038] iommufd_access_destroy_object+0x65/0x170 [ 92.918750] iommufd_object_destroy_user+0x18e/0x220 [ 92.919437] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 92.920180] iommufd_access_destroy+0x43/0x70 [ 92.920767] iommufd_test_staccess_release+0x8d/0xd0 [ 92.921429] __fput+0x26d/0xa40 [ 92.921883] ____fput+0x1e/0x30 [ 92.922324] task_work_run+0x1a4/0x2d0 [ 92.922887] ? __pfx_task_work_run+0x10/0x10 [ 92.923484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.924120] ? switch_task_namespaces+0xa9/0xe0 [ 92.924736] do_exit+0xb17/0x2ef0 [ 92.925184] ? lock_acquire+0x427/0x4c0 [ 92.925704] ? __pfx_lock_release+0x10/0x10 [ 92.926272] ? __kasan_check_write+0x18/0x20 [ 92.926894] ? do_raw_spin_lock+0x132/0x2a0 [ 92.927480] ? __pfx_do_exit+0x10/0x10 [ 92.927997] ? debug_smp_processor_id+0x20/0x30 [ 92.928596] ? rcu_is_watching+0x19/0xb0 [ 92.929123] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.929716] ? trace_hardirqs_on+0x26/0x120 [ 92.930282] do_group_exit+0xe0/0x2b0 [ 92.930830] __x64_sys_exit_group+0x47/0x50 [ 92.931413] do_syscall_64+0x3b/0x90 [ 92.931908] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.932578] RIP: 0033:0x7f4b87518a4d [ 92.933053] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.933830] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.934829] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.935748] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.936648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.937547] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.938455] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.939437] [ 92.939755] irq event stamp: 0 [ 92.940168] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.940960] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.942014] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.943141] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.943949] ---[ end trace 0000000000000000 ]--- [ 92.945221] ------------[ cut here ]------------ [ 92.945825] WARNING: CPU: 0 PID: 805 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 92.947170] Modules linked in: [ 92.947594] CPU: 0 PID: 805 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.948684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 92.950089] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 92.950791] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 92.953102] RSP: 0018:ffff88801792fb78 EFLAGS: 00010246 [ 92.953778] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 92.954722] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 92.955640] RBP: ffff88801792fb98 R08: ffffed100436e73e R09: ffffed100436e73e [ 92.956540] R10: ffff888021b739ef R11: ffffed100436e73d R12: ffff888021b73a90 [ 92.957446] R13: ffff888021b738a8 R14: ffffffffffffffff R15: ffff88801792fc60 [ 92.958348] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 92.959425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.960171] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 92.961071] PKRU: 55555554 [ 92.961432] Call Trace: [ 92.961760] [ 92.962057] iommufd_ioas_destroy+0x53/0x70 [ 92.962665] iommufd_fops_release+0x1f7/0x370 [ 92.963280] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.963929] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.964562] ? write_comp_data+0x2f/0x90 [ 92.965096] ? __pfx_iommufd_fops_release+0x10/0x10 [ 92.965738] __fput+0x26d/0xa40 [ 92.966187] ____fput+0x1e/0x30 [ 92.966674] task_work_run+0x1a4/0x2d0 [ 92.967209] ? __pfx_task_work_run+0x10/0x10 [ 92.967781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 92.968412] ? switch_task_namespaces+0xa9/0xe0 [ 92.969025] do_exit+0xb17/0x2ef0 [ 92.969474] ? lock_acquire+0x427/0x4c0 [ 92.969995] ? __pfx_lock_release+0x10/0x10 [ 92.970605] ? __kasan_check_write+0x18/0x20 [ 92.971201] ? do_raw_spin_lock+0x132/0x2a0 [ 92.971761] ? __pfx_do_exit+0x10/0x10 [ 92.972272] ? debug_smp_processor_id+0x20/0x30 [ 92.972872] ? rcu_is_watching+0x19/0xb0 [ 92.973397] ? _raw_spin_unlock_irq+0x2b/0x60 [ 92.973987] ? trace_hardirqs_on+0x26/0x120 [ 92.974597] do_group_exit+0xe0/0x2b0 [ 92.975100] __x64_sys_exit_group+0x47/0x50 [ 92.975678] do_syscall_64+0x3b/0x90 [ 92.976179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 92.976854] RIP: 0033:0x7f4b87518a4d [ 92.977329] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 92.978102] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 92.979106] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 92.980029] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 92.980929] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 92.981823] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 92.982762] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 92.983708] [ 92.984011] irq event stamp: 0 [ 92.984417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 92.985213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 92.986265] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 92.987377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 92.988183] ---[ end trace 0000000000000000 ]--- [ 92.995367] ------------[ cut here ]------------ [ 92.996002] WARNING: CPU: 0 PID: 806 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 92.997262] Modules linked in: [ 92.997673] CPU: 0 PID: 806 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 92.999098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.000537] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.001176] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.003539] RSP: 0018:ffff88801891fbb8 EFLAGS: 00010246 [ 93.004231] RAX: 0000000000000000 RBX: ffff888015e608a8 RCX: 0000000000000000 [ 93.005137] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 93.006032] RBP: ffff88801891fbd0 R08: ffffed1002bcc133 R09: ffffed1002bcc133 [ 93.006978] R10: ffff888015e60993 R11: ffffed1002bcc132 R12: ffff88800efcfc00 [ 93.007900] R13: ffff888015e609e8 R14: ffffffff8352e670 R15: ffff88801891fe68 [ 93.008796] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.009802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.010581] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ef0 [ 93.011500] PKRU: 55555554 [ 93.011861] Call Trace: [ 93.012189] [ 93.012482] __iommufd_access_detach+0x1c2/0x2b0 [ 93.013109] iommufd_access_change_pt+0x149/0x270 [ 93.013741] iommufd_access_replace+0xb4/0x120 [ 93.014342] iommufd_test+0x3e5/0x37e0 [ 93.014888] ? lock_release+0x532/0x770 [ 93.015461] ? __might_fault+0x102/0x1b0 [ 93.015855] ? lock_acquire+0x427/0x4c0 [ 93.016260] ? __pfx_iommufd_test+0x10/0x10 [ 93.016661] ? __pfx_lock_release+0x10/0x10 [ 93.017096] ? __pfx_lock_acquire+0x10/0x10 [ 93.017505] ? write_comp_data+0x2f/0x90 [ 93.017889] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.018369] ? write_comp_data+0x2f/0x90 [ 93.018820] iommufd_fops_ioctl+0x37d/0x510 [ 93.019278] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.019752] ? write_comp_data+0x2f/0x90 [ 93.020137] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.020603] __x64_sys_ioctl+0x1a3/0x230 [ 93.021012] do_syscall_64+0x3b/0x90 [ 93.021387] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.021878] RIP: 0033:0x7f4b8743ee5d [ 93.022224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.024067] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.024970] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.025821] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.026715] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.027604] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.028457] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.029172] [ 93.029392] irq event stamp: 0 [ 93.029688] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.030286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.031100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.031950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.032634] ---[ end trace 0000000000000000 ]--- [ 93.037120] ------------[ cut here ]------------ [ 93.037723] WARNING: CPU: 0 PID: 806 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.039029] Modules linked in: [ 93.039447] CPU: 0 PID: 806 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.040469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.041894] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.042582] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.044831] RSP: 0018:ffff88801891fbd0 EFLAGS: 00010246 [ 93.045489] RAX: 0000000000000000 RBX: ffff888015e608a8 RCX: 0000000000000000 [ 93.046360] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 93.047289] RBP: ffff88801891fbe8 R08: ffffed1002bcc133 R09: ffffed1002bcc133 [ 93.048174] R10: ffff888015e60993 R11: ffffed1002bcc132 R12: ffff88801341cc00 [ 93.049050] R13: ffff888015e609e8 R14: ffff88800b8fcd00 R15: 0000000000000000 [ 93.049919] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.050940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.051667] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.052547] PKRU: 55555554 [ 93.052901] Call Trace: [ 93.053222] [ 93.053509] iommufd_access_destroy_object+0x65/0x170 [ 93.054157] iommufd_object_destroy_user+0x18e/0x220 [ 93.054831] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.055579] iommufd_access_destroy+0x43/0x70 [ 93.056153] iommufd_test_staccess_release+0x8d/0xd0 [ 93.056794] __fput+0x26d/0xa40 [ 93.057229] ____fput+0x1e/0x30 [ 93.057655] task_work_run+0x1a4/0x2d0 [ 93.058153] ? __pfx_task_work_run+0x10/0x10 [ 93.058773] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.059408] ? switch_task_namespaces+0xa9/0xe0 [ 93.060000] do_exit+0xb17/0x2ef0 [ 93.060435] ? lock_acquire+0x427/0x4c0 [ 93.060942] ? __pfx_lock_release+0x10/0x10 [ 93.061487] ? __kasan_check_write+0x18/0x20 [ 93.062039] ? do_raw_spin_lock+0x132/0x2a0 [ 93.062627] ? __pfx_do_exit+0x10/0x10 [ 93.063139] ? debug_smp_processor_id+0x20/0x30 [ 93.063720] ? rcu_is_watching+0x19/0xb0 [ 93.064229] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.064797] ? trace_hardirqs_on+0x26/0x120 [ 93.065340] do_group_exit+0xe0/0x2b0 [ 93.065817] __x64_sys_exit_group+0x47/0x50 [ 93.066348] do_syscall_64+0x3b/0x90 [ 93.066861] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.067522] RIP: 0033:0x7f4b87518a4d [ 93.067985] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.068736] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.069659] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.070558] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.071439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.072308] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.073172] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.074053] [ 93.074345] irq event stamp: 0 [ 93.074766] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.075546] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.076560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.077573] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.078341] ---[ end trace 0000000000000000 ]--- [ 93.079661] ------------[ cut here ]------------ [ 93.080254] WARNING: CPU: 0 PID: 806 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.081476] Modules linked in: [ 93.081876] CPU: 0 PID: 806 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.083002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.084385] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.085015] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.087384] RSP: 0018:ffff88801891fb78 EFLAGS: 00010246 [ 93.087934] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.088589] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 93.089246] RBP: ffff88801891fb98 R08: ffffed1002bcc13e R09: ffffed1002bcc13e [ 93.089891] R10: ffff888015e609ef R11: ffffed1002bcc13d R12: ffff888015e60a90 [ 93.090563] R13: ffff888015e608a8 R14: ffffffffffffffff R15: ffff88801891fc60 [ 93.091234] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.091966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.092493] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.093147] PKRU: 55555554 [ 93.093410] Call Trace: [ 93.093646] [ 93.093854] iommufd_ioas_destroy+0x53/0x70 [ 93.094269] iommufd_fops_release+0x1f7/0x370 [ 93.094711] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.095179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.095643] ? write_comp_data+0x2f/0x90 [ 93.096031] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.096495] __fput+0x26d/0xa40 [ 93.096815] ____fput+0x1e/0x30 [ 93.097125] task_work_run+0x1a4/0x2d0 [ 93.097490] ? __pfx_task_work_run+0x10/0x10 [ 93.097899] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.098350] ? switch_task_namespaces+0xa9/0xe0 [ 93.098816] do_exit+0xb17/0x2ef0 [ 93.099154] ? lock_acquire+0x427/0x4c0 [ 93.099526] ? __pfx_lock_release+0x10/0x10 [ 93.099929] ? __kasan_check_write+0x18/0x20 [ 93.100338] ? do_raw_spin_lock+0x132/0x2a0 [ 93.100738] ? __pfx_do_exit+0x10/0x10 [ 93.101109] ? debug_smp_processor_id+0x20/0x30 [ 93.101541] ? rcu_is_watching+0x19/0xb0 [ 93.101903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.102302] ? trace_hardirqs_on+0x26/0x120 [ 93.102711] do_group_exit+0xe0/0x2b0 [ 93.103048] __x64_sys_exit_group+0x47/0x50 [ 93.103438] do_syscall_64+0x3b/0x90 [ 93.103778] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.104239] RIP: 0033:0x7f4b87518a4d [ 93.104561] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.105093] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.105749] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.106365] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.107005] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.107635] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.108251] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.108876] [ 93.109080] irq event stamp: 0 [ 93.109354] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.109898] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.110642] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.111380] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.111919] ---[ end trace 0000000000000000 ]--- [ 93.116893] ------------[ cut here ]------------ [ 93.117350] WARNING: CPU: 0 PID: 807 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.118214] Modules linked in: [ 93.118493] CPU: 0 PID: 807 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.119429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.120378] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.120798] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.122337] RSP: 0018:ffff888017337bb8 EFLAGS: 00010246 [ 93.122837] RAX: 0000000000000000 RBX: ffff8880143ab0a8 RCX: 0000000000000000 [ 93.123450] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 93.124053] RBP: ffff888017337bd0 R08: ffffed1002875633 R09: ffffed1002875633 [ 93.124658] R10: ffff8880143ab193 R11: ffffed1002875632 R12: ffff88800fd3d000 [ 93.125239] R13: ffff8880143ab1e8 R14: ffffffff8352e670 R15: ffff888017337e68 [ 93.125810] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.126453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.126938] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ef0 [ 93.127527] PKRU: 55555554 [ 93.127755] Call Trace: [ 93.127964] [ 93.128146] __iommufd_access_detach+0x1c2/0x2b0 [ 93.128546] iommufd_access_change_pt+0x149/0x270 [ 93.129480] iommufd_access_replace+0xb4/0x120 [ 93.129875] iommufd_test+0x3e5/0x37e0 [ 93.130191] ? lock_release+0x532/0x770 [ 93.130551] ? __might_fault+0x102/0x1b0 [ 93.131055] ? lock_acquire+0x427/0x4c0 [ 93.131399] ? __pfx_iommufd_test+0x10/0x10 [ 93.131744] ? __pfx_lock_release+0x10/0x10 [ 93.132098] ? __pfx_lock_acquire+0x10/0x10 [ 93.132508] ? write_comp_data+0x2f/0x90 [ 93.132932] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.133327] ? write_comp_data+0x2f/0x90 [ 93.133662] iommufd_fops_ioctl+0x37d/0x510 [ 93.134012] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.134586] ? write_comp_data+0x2f/0x90 [ 93.134928] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.135328] __x64_sys_ioctl+0x1a3/0x230 [ 93.135666] do_syscall_64+0x3b/0x90 [ 93.135979] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.136403] RIP: 0033:0x7f4b8743ee5d [ 93.136704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.138321] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.139111] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.139691] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.140259] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.140987] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.141581] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.142274] [ 93.142465] irq event stamp: 0 [ 93.142737] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.143331] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.144075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.144887] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.145390] ---[ end trace 0000000000000000 ]--- [ 93.148513] ------------[ cut here ]------------ [ 93.148903] WARNING: CPU: 0 PID: 807 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.149868] Modules linked in: [ 93.150126] CPU: 0 PID: 807 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.150929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.151924] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.152390] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.153942] RSP: 0018:ffff888017337bd0 EFLAGS: 00010246 [ 93.154530] RAX: 0000000000000000 RBX: ffff8880143ab0a8 RCX: 0000000000000000 [ 93.155105] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 93.155763] RBP: ffff888017337be8 R08: ffffed1002875633 R09: ffffed1002875633 [ 93.156409] R10: ffff8880143ab193 R11: ffffed1002875632 R12: ffff88800efcd400 [ 93.157057] R13: ffff8880143ab1e8 R14: ffff888010b65200 R15: 0000000000000000 [ 93.157702] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.158492] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.158979] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.159630] PKRU: 55555554 [ 93.159935] Call Trace: [ 93.160144] [ 93.160330] iommufd_access_destroy_object+0x65/0x170 [ 93.160766] iommufd_object_destroy_user+0x18e/0x220 [ 93.161301] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.161771] iommufd_access_destroy+0x43/0x70 [ 93.162217] iommufd_test_staccess_release+0x8d/0xd0 [ 93.162731] __fput+0x26d/0xa40 [ 93.163015] ____fput+0x1e/0x30 [ 93.163286] task_work_run+0x1a4/0x2d0 [ 93.163631] ? __pfx_task_work_run+0x10/0x10 [ 93.164116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.164516] ? switch_task_namespaces+0xa9/0xe0 [ 93.164964] do_exit+0xb17/0x2ef0 [ 93.165341] ? lock_acquire+0x427/0x4c0 [ 93.165677] ? __pfx_lock_release+0x10/0x10 [ 93.166062] ? __kasan_check_write+0x18/0x20 [ 93.166555] ? do_raw_spin_lock+0x132/0x2a0 [ 93.166919] ? __pfx_do_exit+0x10/0x10 [ 93.167253] ? debug_smp_processor_id+0x20/0x30 [ 93.167635] ? rcu_is_watching+0x19/0xb0 [ 93.168015] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.168476] ? trace_hardirqs_on+0x26/0x120 [ 93.168837] do_group_exit+0xe0/0x2b0 [ 93.169202] __x64_sys_exit_group+0x47/0x50 [ 93.169664] do_syscall_64+0x3b/0x90 [ 93.169976] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.170442] RIP: 0033:0x7f4b87518a4d [ 93.170868] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.171366] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.172046] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.172721] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.173364] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.174038] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.174796] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.175388] [ 93.175580] irq event stamp: 0 [ 93.175853] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.176514] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.177227] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.177966] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.178612] ---[ end trace 0000000000000000 ]--- [ 93.179317] ------------[ cut here ]------------ [ 93.179691] WARNING: CPU: 0 PID: 807 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.180651] Modules linked in: [ 93.180905] CPU: 0 PID: 807 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.181726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.182779] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.183196] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.184790] RSP: 0018:ffff888017337b78 EFLAGS: 00010246 [ 93.185327] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.185885] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 93.186597] RBP: ffff888017337b98 R08: ffffed100287563e R09: ffffed100287563e [ 93.187160] R10: ffff8880143ab1ef R11: ffffed100287563d R12: ffff8880143ab290 [ 93.187787] R13: ffff8880143ab0a8 R14: ffffffffffffffff R15: ffff888017337c60 [ 93.188438] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.189065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.189519] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.190080] PKRU: 55555554 [ 93.190302] Call Trace: [ 93.190527] [ 93.190710] iommufd_ioas_destroy+0x53/0x70 [ 93.190812] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 93.191060] iommufd_fops_release+0x1f7/0x370 [ 93.192632] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 93.192948] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.194377] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.194773] ? write_comp_data+0x2f/0x90 [ 93.195096] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.195496] __fput+0x26d/0xa40 [ 93.195764] ____fput+0x1e/0x30 [ 93.196027] task_work_run+0x1a4/0x2d0 [ 93.196340] ? __pfx_task_work_run+0x10/0x10 [ 93.196686] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.197066] ? switch_task_namespaces+0xa9/0xe0 [ 93.197436] do_exit+0xb17/0x2ef0 [ 93.197706] ? lock_acquire+0x427/0x4c0 [ 93.198021] ? __pfx_lock_release+0x10/0x10 [ 93.198363] ? __kasan_check_write+0x18/0x20 [ 93.198723] ? do_raw_spin_lock+0x132/0x2a0 [ 93.199060] ? __pfx_do_exit+0x10/0x10 [ 93.199382] ? debug_smp_processor_id+0x20/0x30 [ 93.199750] ? rcu_is_watching+0x19/0xb0 [ 93.200067] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.200426] ? trace_hardirqs_on+0x26/0x120 [ 93.200769] do_group_exit+0xe0/0x2b0 [ 93.201065] __x64_sys_exit_group+0x47/0x50 [ 93.201397] do_syscall_64+0x3b/0x90 [ 93.201693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.202101] RIP: 0033:0x7f4b87518a4d [ 93.202388] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.202878] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.203471] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.204017] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.204565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.205107] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.205652] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.206201] [ 93.206381] irq event stamp: 0 [ 93.206646] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.207139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.207782] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.208423] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.208905] ---[ end trace 0000000000000000 ]--- [ 93.221365] ------------[ cut here ]------------ [ 93.221749] WARNING: CPU: 1 PID: 809 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.222496] Modules linked in: [ 93.223000] CPU: 1 PID: 809 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.223657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.224483] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.224852] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.226200] RSP: 0018:ffff88801891fbb8 EFLAGS: 00010246 [ 93.226605] RAX: 0000000000000000 RBX: ffff8880161820a8 RCX: 0000000000000000 [ 93.227137] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 93.227667] RBP: ffff88801891fbd0 R08: ffffed1002c30433 R09: ffffed1002c30433 [ 93.228202] R10: ffff888016182193 R11: ffffed1002c30432 R12: ffff888017ba4c00 [ 93.228738] R13: ffff8880161821e8 R14: ffffffff8352e670 R15: ffff88801891fe68 [ 93.229277] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.229882] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.230320] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 93.230870] PKRU: 55555554 [ 93.231083] Call Trace: [ 93.231292] [ 93.231464] __iommufd_access_detach+0x1c2/0x2b0 [ 93.231831] iommufd_access_change_pt+0x149/0x270 [ 93.232200] iommufd_access_replace+0xb4/0x120 [ 93.232555] iommufd_test+0x3e5/0x37e0 [ 93.232854] ? lock_release+0x532/0x770 [ 93.233169] ? __might_fault+0x102/0x1b0 [ 93.233481] ? lock_acquire+0x427/0x4c0 [ 93.233792] ? __pfx_iommufd_test+0x10/0x10 [ 93.234114] ? __pfx_lock_release+0x10/0x10 [ 93.234442] ? __pfx_lock_acquire+0x10/0x10 [ 93.234791] ? write_comp_data+0x2f/0x90 [ 93.235119] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.235509] ? write_comp_data+0x2f/0x90 [ 93.235824] iommufd_fops_ioctl+0x37d/0x510 [ 93.236152] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.236527] ? write_comp_data+0x2f/0x90 [ 93.236847] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.237218] __x64_sys_ioctl+0x1a3/0x230 [ 93.237539] do_syscall_64+0x3b/0x90 [ 93.237836] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.238240] RIP: 0033:0x7f4b8743ee5d [ 93.238545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.239917] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.240496] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.241038] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.241576] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.242107] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.242658] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.243223] [ 93.243405] irq event stamp: 0 [ 93.243646] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.244126] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.244753] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.245380] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.245848] ---[ end trace 0000000000000000 ]--- [ 93.248776] ------------[ cut here ]------------ [ 93.249192] WARNING: CPU: 0 PID: 809 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.249967] Modules linked in: [ 93.250217] CPU: 0 PID: 809 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.250986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.251861] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.252244] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.253647] RSP: 0018:ffff88801891fbd0 EFLAGS: 00010246 [ 93.254055] RAX: 0000000000000000 RBX: ffff8880161820a8 RCX: 0000000000000000 [ 93.254619] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 93.255179] RBP: ffff88801891fbe8 R08: ffffed1002c30433 R09: ffffed1002c30433 [ 93.255728] R10: ffff888016182193 R11: ffffed1002c30432 R12: ffff888018429000 [ 93.256276] R13: ffff8880161821e8 R14: ffff8880143e1200 R15: 0000000000000000 [ 93.256822] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.257440] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.257887] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.258437] PKRU: 55555554 [ 93.258673] Call Trace: [ 93.258874] [ 93.259050] iommufd_access_destroy_object+0x65/0x170 [ 93.259463] iommufd_object_destroy_user+0x18e/0x220 [ 93.259865] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.260321] iommufd_access_destroy+0x43/0x70 [ 93.260683] iommufd_test_staccess_release+0x8d/0xd0 [ 93.261093] __fput+0x26d/0xa40 [ 93.261366] ____fput+0x1e/0x30 [ 93.261635] task_work_run+0x1a4/0x2d0 [ 93.261948] ? __pfx_task_work_run+0x10/0x10 [ 93.262298] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.262704] ? switch_task_namespaces+0xa9/0xe0 [ 93.263082] do_exit+0xb17/0x2ef0 [ 93.263357] ? lock_acquire+0x427/0x4c0 [ 93.263676] ? __pfx_lock_release+0x10/0x10 [ 93.264018] ? __kasan_check_write+0x18/0x20 [ 93.264363] ? do_raw_spin_lock+0x132/0x2a0 [ 93.264703] ? __pfx_do_exit+0x10/0x10 [ 93.265017] ? debug_smp_processor_id+0x20/0x30 [ 93.265383] ? rcu_is_watching+0x19/0xb0 [ 93.265702] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.266060] ? trace_hardirqs_on+0x26/0x120 [ 93.266403] do_group_exit+0xe0/0x2b0 [ 93.266725] __x64_sys_exit_group+0x47/0x50 [ 93.267064] do_syscall_64+0x3b/0x90 [ 93.267373] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.267784] RIP: 0033:0x7f4b87518a4d [ 93.268079] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.268556] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.269146] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.269699] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.270253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.270826] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.271385] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.271939] [ 93.272117] irq event stamp: 0 [ 93.272356] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.272833] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.273468] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.274099] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.274595] ---[ end trace 0000000000000000 ]--- [ 93.275295] ------------[ cut here ]------------ [ 93.275652] WARNING: CPU: 0 PID: 809 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.276420] Modules linked in: [ 93.276665] CPU: 0 PID: 809 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.277321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.278169] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.278584] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.279975] RSP: 0018:ffff88801891fb78 EFLAGS: 00010246 [ 93.280384] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.280921] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 93.281460] RBP: ffff88801891fb98 R08: ffffed1002c3043e R09: ffffed1002c3043e [ 93.281997] R10: ffff8880161821ef R11: ffffed1002c3043d R12: ffff888016182290 [ 93.282724] R13: ffff8880161820a8 R14: ffffffffffffffff R15: ffff88801891fc60 [ 93.283291] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.283894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.284326] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.284857] PKRU: 55555554 [ 93.285069] Call Trace: [ 93.285262] [ 93.285432] iommufd_ioas_destroy+0x53/0x70 [ 93.285763] iommufd_fops_release+0x1f7/0x370 [ 93.286107] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.286485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.286878] ? write_comp_data+0x2f/0x90 [ 93.287200] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.287580] __fput+0x26d/0xa40 [ 93.287845] ____fput+0x1e/0x30 [ 93.288105] task_work_run+0x1a4/0x2d0 [ 93.288409] ? __pfx_task_work_run+0x10/0x10 [ 93.288745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.289119] ? switch_task_namespaces+0xa9/0xe0 [ 93.289484] do_exit+0xb17/0x2ef0 [ 93.289761] ? lock_acquire+0x427/0x4c0 [ 93.290068] ? __pfx_lock_release+0x10/0x10 [ 93.290400] ? __kasan_check_write+0x18/0x20 [ 93.290752] ? do_raw_spin_lock+0x132/0x2a0 [ 93.291078] ? __pfx_do_exit+0x10/0x10 [ 93.291393] ? debug_smp_processor_id+0x20/0x30 [ 93.291758] ? rcu_is_watching+0x19/0xb0 [ 93.292077] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.292424] ? trace_hardirqs_on+0x26/0x120 [ 93.292759] do_group_exit+0xe0/0x2b0 [ 93.293051] __x64_sys_exit_group+0x47/0x50 [ 93.293379] do_syscall_64+0x3b/0x90 [ 93.293671] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.294074] RIP: 0033:0x7f4b87518a4d [ 93.294357] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.294833] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.295413] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.295945] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.296476] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.297008] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.297542] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.298080] [ 93.298258] irq event stamp: 0 [ 93.298496] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.298987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.299624] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.300250] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.300720] ---[ end trace 0000000000000000 ]--- [ 93.304685] ------------[ cut here ]------------ [ 93.305090] WARNING: CPU: 0 PID: 810 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.305841] Modules linked in: [ 93.306077] CPU: 0 PID: 810 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.306749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.307584] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.307951] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.309282] RSP: 0018:ffff888016f17bb8 EFLAGS: 00010246 [ 93.309673] RAX: 0000000000000000 RBX: ffff888012a8a0a8 RCX: 0000000000000000 [ 93.310194] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 93.310729] RBP: ffff888016f17bd0 R08: ffffed1002551433 R09: ffffed1002551433 [ 93.311263] R10: ffff888012a8a193 R11: ffffed1002551432 R12: ffff8880189e1800 [ 93.311785] R13: ffff888012a8a1e8 R14: ffffffff8352e670 R15: ffff888016f17e68 [ 93.312307] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.312894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.313317] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 93.313838] PKRU: 55555554 [ 93.314047] Call Trace: [ 93.314235] [ 93.314403] __iommufd_access_detach+0x1c2/0x2b0 [ 93.314779] iommufd_access_change_pt+0x149/0x270 [ 93.315155] iommufd_access_replace+0xb4/0x120 [ 93.315504] iommufd_test+0x3e5/0x37e0 [ 93.315793] ? lock_release+0x532/0x770 [ 93.316096] ? __might_fault+0x102/0x1b0 [ 93.316402] ? lock_acquire+0x427/0x4c0 [ 93.316704] ? __pfx_iommufd_test+0x10/0x10 [ 93.317022] ? __pfx_lock_release+0x10/0x10 [ 93.317346] ? __pfx_lock_acquire+0x10/0x10 [ 93.317674] ? write_comp_data+0x2f/0x90 [ 93.317984] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.318348] ? write_comp_data+0x2f/0x90 [ 93.318673] iommufd_fops_ioctl+0x37d/0x510 [ 93.318999] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.319373] ? write_comp_data+0x2f/0x90 [ 93.319682] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.320041] __x64_sys_ioctl+0x1a3/0x230 [ 93.320353] do_syscall_64+0x3b/0x90 [ 93.320637] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.321018] RIP: 0033:0x7f4b8743ee5d [ 93.321287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.322648] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.323219] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.323745] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.324266] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.324785] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.325303] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.325834] [ 93.326008] irq event stamp: 0 [ 93.326243] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.326722] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.327353] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.327968] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.328436] ---[ end trace 0000000000000000 ]--- [ 93.331097] ------------[ cut here ]------------ [ 93.331486] WARNING: CPU: 0 PID: 810 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.332224] Modules linked in: [ 93.332460] CPU: 0 PID: 810 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.333095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.333917] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.334281] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.335641] RSP: 0018:ffff888016f17bd0 EFLAGS: 00010246 [ 93.336036] RAX: 0000000000000000 RBX: ffff888012a8a0a8 RCX: 0000000000000000 [ 93.336549] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 93.337070] RBP: ffff888016f17be8 R08: ffffed1002551433 R09: ffffed1002551433 [ 93.337591] R10: ffff888012a8a193 R11: ffffed1002551432 R12: ffff88800fd3c400 [ 93.338118] R13: ffff888012a8a1e8 R14: ffff888013fbed00 R15: 0000000000000000 [ 93.338660] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.339256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.339683] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.340206] PKRU: 55555554 [ 93.340415] Call Trace: [ 93.340606] [ 93.340774] iommufd_access_destroy_object+0x65/0x170 [ 93.341164] iommufd_object_destroy_user+0x18e/0x220 [ 93.341546] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.341979] iommufd_access_destroy+0x43/0x70 [ 93.342318] iommufd_test_staccess_release+0x8d/0xd0 [ 93.342718] __fput+0x26d/0xa40 [ 93.342983] ____fput+0x1e/0x30 [ 93.343255] task_work_run+0x1a4/0x2d0 [ 93.343555] ? __pfx_task_work_run+0x10/0x10 [ 93.343887] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.344250] ? switch_task_namespaces+0xa9/0xe0 [ 93.344604] do_exit+0xb17/0x2ef0 [ 93.344876] ? lock_acquire+0x427/0x4c0 [ 93.345180] ? __pfx_lock_release+0x10/0x10 [ 93.345507] ? __kasan_check_write+0x18/0x20 [ 93.345835] ? do_raw_spin_lock+0x132/0x2a0 [ 93.346166] ? __pfx_do_exit+0x10/0x10 [ 93.346461] ? debug_smp_processor_id+0x20/0x30 [ 93.346822] ? rcu_is_watching+0x19/0xb0 [ 93.347134] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.347477] ? trace_hardirqs_on+0x26/0x120 [ 93.347806] do_group_exit+0xe0/0x2b0 [ 93.348090] __x64_sys_exit_group+0x47/0x50 [ 93.348407] do_syscall_64+0x3b/0x90 [ 93.348693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.349084] RIP: 0033:0x7f4b87518a4d [ 93.349359] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.349810] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.350354] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.350884] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.351408] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.351928] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.352446] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.352971] [ 93.353144] irq event stamp: 0 [ 93.353376] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.353839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.354450] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.355081] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.355551] ---[ end trace 0000000000000000 ]--- [ 93.356215] ------------[ cut here ]------------ [ 93.356567] WARNING: CPU: 0 PID: 810 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.357312] Modules linked in: [ 93.357547] CPU: 0 PID: 810 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.358174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.359004] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.359392] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.360704] RSP: 0018:ffff888016f17b78 EFLAGS: 00010246 [ 93.361092] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.361613] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 93.362132] RBP: ffff888016f17b98 R08: ffffed100255143e R09: ffffed100255143e [ 93.362667] R10: ffff888012a8a1ef R11: ffffed100255143d R12: ffff888012a8a290 [ 93.363193] R13: ffff888012a8a0a8 R14: ffffffffffffffff R15: ffff888016f17c60 [ 93.363715] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.364300] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.364725] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.365244] PKRU: 55555554 [ 93.365451] Call Trace: [ 93.365638] [ 93.365805] iommufd_ioas_destroy+0x53/0x70 [ 93.366129] iommufd_fops_release+0x1f7/0x370 [ 93.366464] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.366855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.367230] ? write_comp_data+0x2f/0x90 [ 93.367540] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.367911] __fput+0x26d/0xa40 [ 93.368171] ____fput+0x1e/0x30 [ 93.368425] task_work_run+0x1a4/0x2d0 [ 93.368721] ? __pfx_task_work_run+0x10/0x10 [ 93.369052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.369416] ? switch_task_namespaces+0xa9/0xe0 [ 93.369773] do_exit+0xb17/0x2ef0 [ 93.370030] ? lock_acquire+0x427/0x4c0 [ 93.370331] ? __pfx_lock_release+0x10/0x10 [ 93.370672] ? __kasan_check_write+0x18/0x20 [ 93.371005] ? do_raw_spin_lock+0x132/0x2a0 [ 93.371330] ? __pfx_do_exit+0x10/0x10 [ 93.371625] ? debug_smp_processor_id+0x20/0x30 [ 93.371966] ? rcu_is_watching+0x19/0xb0 [ 93.372263] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.372601] ? trace_hardirqs_on+0x26/0x120 [ 93.372930] do_group_exit+0xe0/0x2b0 [ 93.373214] __x64_sys_exit_group+0x47/0x50 [ 93.373532] do_syscall_64+0x3b/0x90 [ 93.373816] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.374202] RIP: 0033:0x7f4b87518a4d [ 93.374477] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.374956] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.375519] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.376041] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.376561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.377081] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.377602] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.378126] [ 93.378296] irq event stamp: 0 [ 93.378544] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.379009] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.379627] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.380237] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.380698] ---[ end trace 0000000000000000 ]--- [ 93.384660] ------------[ cut here ]------------ [ 93.385047] WARNING: CPU: 0 PID: 811 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.385776] Modules linked in: [ 93.386009] CPU: 0 PID: 811 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.386760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.387570] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.388108] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.389647] RSP: 0018:ffff888010417bb8 EFLAGS: 00010246 [ 93.390160] RAX: 0000000000000000 RBX: ffff888013b878a8 RCX: 0000000000000000 [ 93.390700] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 93.391341] RBP: ffff888010417bd0 R08: ffffed1002770f33 R09: ffffed1002770f33 [ 93.391858] R10: ffff888013b87993 R11: ffffed1002770f32 R12: ffff888018149000 [ 93.392488] R13: ffff888013b879e8 R14: ffffffff8352e670 R15: ffff888010417e68 [ 93.393001] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.393711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.394131] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 93.394721] PKRU: 55555554 [ 93.395004] Call Trace: [ 93.395196] [ 93.395363] __iommufd_access_detach+0x1c2/0x2b0 [ 93.395725] iommufd_access_change_pt+0x149/0x270 [ 93.396090] iommufd_access_replace+0xb4/0x120 [ 93.396558] iommufd_test+0x3e5/0x37e0 [ 93.396845] ? lock_release+0x532/0x770 [ 93.397146] ? __might_fault+0x102/0x1b0 [ 93.397501] ? lock_acquire+0x427/0x4c0 [ 93.397866] ? __pfx_iommufd_test+0x10/0x10 [ 93.398184] ? __pfx_lock_release+0x10/0x10 [ 93.398546] ? __pfx_lock_acquire+0x10/0x10 [ 93.398950] ? write_comp_data+0x2f/0x90 [ 93.399267] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.399629] ? write_comp_data+0x2f/0x90 [ 93.399938] iommufd_fops_ioctl+0x37d/0x510 [ 93.400377] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.400741] ? write_comp_data+0x2f/0x90 [ 93.401049] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.401530] __x64_sys_ioctl+0x1a3/0x230 [ 93.401837] do_syscall_64+0x3b/0x90 [ 93.402118] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.402636] RIP: 0033:0x7f4b8743ee5d [ 93.402912] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.404394] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.404965] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.405621] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.406152] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.406836] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.407374] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.408048] [ 93.408224] irq event stamp: 0 [ 93.408462] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.408952] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.409689] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.410453] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.410951] ---[ end trace 0000000000000000 ]--- [ 93.414199] ------------[ cut here ]------------ [ 93.414600] WARNING: CPU: 0 PID: 811 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.415502] Modules linked in: [ 93.415747] CPU: 0 PID: 811 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.416417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.417328] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.417819] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.419453] RSP: 0018:ffff888010417bd0 EFLAGS: 00010246 [ 93.419859] RAX: 0000000000000000 RBX: ffff888013b878a8 RCX: 0000000000000000 [ 93.420398] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 93.421073] RBP: ffff888010417be8 R08: ffffed1002770f33 R09: ffffed1002770f33 [ 93.421627] R10: ffff888013b87993 R11: ffffed1002770f32 R12: ffff8880189e1000 [ 93.422272] R13: ffff888013b879e8 R14: ffff88800fcee400 R15: 0000000000000000 [ 93.422852] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.423553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.423993] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.424664] PKRU: 55555554 [ 93.424883] Call Trace: [ 93.425083] [ 93.425259] iommufd_access_destroy_object+0x65/0x170 [ 93.425803] iommufd_object_destroy_user+0x18e/0x220 [ 93.426209] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.426697] iommufd_access_destroy+0x43/0x70 [ 93.427060] iommufd_test_staccess_release+0x8d/0xd0 [ 93.427627] __fput+0x26d/0xa40 [ 93.427904] ____fput+0x1e/0x30 [ 93.428171] task_work_run+0x1a4/0x2d0 [ 93.428551] ? __pfx_task_work_run+0x10/0x10 [ 93.428977] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.429372] ? switch_task_namespaces+0xa9/0xe0 [ 93.429789] do_exit+0xb17/0x2ef0 [ 93.430162] ? lock_acquire+0x427/0x4c0 [ 93.430485] ? __pfx_lock_release+0x10/0x10 [ 93.430857] ? __kasan_check_write+0x18/0x20 [ 93.431235] ? do_raw_spin_lock+0x132/0x2a0 [ 93.431683] ? __pfx_do_exit+0x10/0x10 [ 93.431998] ? debug_smp_processor_id+0x20/0x30 [ 93.432367] ? rcu_is_watching+0x19/0xb0 [ 93.432841] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.433202] ? trace_hardirqs_on+0x26/0x120 [ 93.433550] do_group_exit+0xe0/0x2b0 [ 93.434007] __x64_sys_exit_group+0x47/0x50 [ 93.434345] do_syscall_64+0x3b/0x90 [ 93.434675] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.435093] RIP: 0033:0x7f4b87518a4d [ 93.435416] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.436013] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.436654] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.437285] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.437913] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.438580] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.439142] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.439867] [ 93.440052] irq event stamp: 0 [ 93.440299] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.440936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.441596] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.442401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.442911] ---[ end trace 0000000000000000 ]--- [ 93.443686] ------------[ cut here ]------------ [ 93.444058] WARNING: CPU: 0 PID: 811 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.445017] Modules linked in: [ 93.445269] CPU: 0 PID: 811 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.446017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.447020] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.447500] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.449005] RSP: 0018:ffff888010417b78 EFLAGS: 00010246 [ 93.449420] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.449980] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 93.450573] RBP: ffff888010417b98 R08: ffffed1002770f3e R09: ffffed1002770f3e [ 93.451145] R10: ffff888013b879ef R11: ffffed1002770f3d R12: ffff888013b87a90 [ 93.451710] R13: ffff888013b878a8 R14: ffffffffffffffff R15: ffff888010417c60 [ 93.452271] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.452906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.453363] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.453925] PKRU: 55555554 [ 93.454150] Call Trace: [ 93.454353] [ 93.454554] iommufd_ioas_destroy+0x53/0x70 [ 93.454905] iommufd_fops_release+0x1f7/0x370 [ 93.455276] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.455680] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.456079] ? write_comp_data+0x2f/0x90 [ 93.456412] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.456809] __fput+0x26d/0xa40 [ 93.457083] ____fput+0x1e/0x30 [ 93.457352] task_work_run+0x1a4/0x2d0 [ 93.457671] ? __pfx_task_work_run+0x10/0x10 [ 93.458023] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.458415] ? switch_task_namespaces+0xa9/0xe0 [ 93.458815] do_exit+0xb17/0x2ef0 [ 93.459091] ? lock_acquire+0x427/0x4c0 [ 93.459421] ? __pfx_lock_release+0x10/0x10 [ 93.459768] ? __kasan_check_write+0x18/0x20 [ 93.460121] ? do_raw_spin_lock+0x132/0x2a0 [ 93.460461] ? __pfx_do_exit+0x10/0x10 [ 93.460775] ? debug_smp_processor_id+0x20/0x30 [ 93.461144] ? rcu_is_watching+0x19/0xb0 [ 93.461467] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.461835] ? trace_hardirqs_on+0x26/0x120 [ 93.462186] do_group_exit+0xe0/0x2b0 [ 93.462490] __x64_sys_exit_group+0x47/0x50 [ 93.462855] do_syscall_64+0x3b/0x90 [ 93.463167] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.463581] RIP: 0033:0x7f4b87518a4d [ 93.463874] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.464358] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.464952] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.465506] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.466060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.466649] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.467220] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.467783] [ 93.467967] irq event stamp: 0 [ 93.468213] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.468705] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.469361] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.470014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.470525] ---[ end trace 0000000000000000 ]--- [ 93.474290] ------------[ cut here ]------------ [ 93.474727] WARNING: CPU: 0 PID: 812 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.475526] Modules linked in: [ 93.475776] CPU: 0 PID: 812 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.476451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.477323] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.477716] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.479316] RSP: 0018:ffff888014ac7bb8 EFLAGS: 00010246 [ 93.479738] RAX: 0000000000000000 RBX: ffff88801861a8a8 RCX: 0000000000000000 [ 93.480289] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 93.480843] RBP: ffff888014ac7bd0 R08: ffffed10030c3533 R09: ffffed10030c3533 [ 93.481395] R10: ffff88801861a993 R11: ffffed10030c3532 R12: ffff888014583c00 [ 93.481950] R13: ffff88801861a9e8 R14: ffffffff8352e670 R15: ffff888014ac7e68 [ 93.482522] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.483158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.483612] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 93.484169] PKRU: 55555554 [ 93.484392] Call Trace: [ 93.484591] [ 93.484765] __iommufd_access_detach+0x1c2/0x2b0 [ 93.485142] iommufd_access_change_pt+0x149/0x270 [ 93.485524] iommufd_access_replace+0xb4/0x120 [ 93.485887] iommufd_test+0x3e5/0x37e0 [ 93.486189] ? lock_release+0x532/0x770 [ 93.486526] ? __might_fault+0x102/0x1b0 [ 93.486855] ? lock_acquire+0x427/0x4c0 [ 93.487176] ? __pfx_iommufd_test+0x10/0x10 [ 93.487508] ? __pfx_lock_release+0x10/0x10 [ 93.487845] ? __pfx_lock_acquire+0x10/0x10 [ 93.488189] ? write_comp_data+0x2f/0x90 [ 93.488512] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.488893] ? write_comp_data+0x2f/0x90 [ 93.489222] iommufd_fops_ioctl+0x37d/0x510 [ 93.489559] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.489940] ? write_comp_data+0x2f/0x90 [ 93.490265] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.490660] __x64_sys_ioctl+0x1a3/0x230 [ 93.490985] do_syscall_64+0x3b/0x90 [ 93.491287] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.491692] RIP: 0033:0x7f4b8743ee5d [ 93.491978] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.493364] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.493949] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.494492] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.495059] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.495608] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.496150] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.496699] [ 93.496882] irq event stamp: 0 [ 93.497123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.497607] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.498250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.498918] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.499413] ---[ end trace 0000000000000000 ]--- [ 93.502134] ------------[ cut here ]------------ [ 93.502535] WARNING: CPU: 0 PID: 812 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.503315] Modules linked in: [ 93.503564] CPU: 0 PID: 812 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.504222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.505080] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.505465] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.506876] RSP: 0018:ffff888014ac7bd0 EFLAGS: 00010246 [ 93.507293] RAX: 0000000000000000 RBX: ffff88801861a8a8 RCX: 0000000000000000 [ 93.507842] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 93.508383] RBP: ffff888014ac7be8 R08: ffffed10030c3533 R09: ffffed10030c3533 [ 93.508926] R10: ffff88801861a993 R11: ffffed10030c3532 R12: ffff888018148400 [ 93.509466] R13: ffff88801861a9e8 R14: ffff888012c24400 R15: 0000000000000000 [ 93.510009] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.510641] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.511091] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.511641] PKRU: 55555554 [ 93.511858] Call Trace: [ 93.512057] [ 93.512231] iommufd_access_destroy_object+0x65/0x170 [ 93.512632] iommufd_object_destroy_user+0x18e/0x220 [ 93.513033] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.513480] iommufd_access_destroy+0x43/0x70 [ 93.513833] iommufd_test_staccess_release+0x8d/0xd0 [ 93.514228] __fput+0x26d/0xa40 [ 93.514497] ____fput+0x1e/0x30 [ 93.514784] task_work_run+0x1a4/0x2d0 [ 93.515096] ? __pfx_task_work_run+0x10/0x10 [ 93.515451] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.515840] ? switch_task_namespaces+0xa9/0xe0 [ 93.516220] do_exit+0xb17/0x2ef0 [ 93.516494] ? lock_acquire+0x427/0x4c0 [ 93.516816] ? __pfx_lock_release+0x10/0x10 [ 93.517158] ? __kasan_check_write+0x18/0x20 [ 93.517503] ? do_raw_spin_lock+0x132/0x2a0 [ 93.517837] ? __pfx_do_exit+0x10/0x10 [ 93.518148] ? debug_smp_processor_id+0x20/0x30 [ 93.518530] ? rcu_is_watching+0x19/0xb0 [ 93.518847] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.519213] ? trace_hardirqs_on+0x26/0x120 [ 93.519555] do_group_exit+0xe0/0x2b0 [ 93.519852] __x64_sys_exit_group+0x47/0x50 [ 93.520183] do_syscall_64+0x3b/0x90 [ 93.520480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.520890] RIP: 0033:0x7f4b87518a4d [ 93.521177] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.521643] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.522220] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.522776] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.523326] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.523872] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.524418] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.524973] [ 93.525153] irq event stamp: 0 [ 93.525394] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.525879] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.526522] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.527152] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.527624] ---[ end trace 0000000000000000 ]--- [ 93.528296] ------------[ cut here ]------------ [ 93.528652] WARNING: CPU: 0 PID: 812 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.529411] Modules linked in: [ 93.529653] CPU: 0 PID: 812 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.530305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.531176] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.531566] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.532929] RSP: 0018:ffff888014ac7b78 EFLAGS: 00010246 [ 93.533330] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.533860] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 93.534392] RBP: ffff888014ac7b98 R08: ffffed10030c353e R09: ffffed10030c353e [ 93.534938] R10: ffff88801861a9ef R11: ffffed10030c353d R12: ffff88801861aa90 [ 93.535480] R13: ffff88801861a8a8 R14: ffffffffffffffff R15: ffff888014ac7c60 [ 93.536013] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.536612] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.537046] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.537579] PKRU: 55555554 [ 93.537790] Call Trace: [ 93.537983] [ 93.538156] iommufd_ioas_destroy+0x53/0x70 [ 93.538488] iommufd_fops_release+0x1f7/0x370 [ 93.538868] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.539255] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.539632] ? write_comp_data+0x2f/0x90 [ 93.539946] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.540328] __fput+0x26d/0xa40 [ 93.540600] ____fput+0x1e/0x30 [ 93.540858] task_work_run+0x1a4/0x2d0 [ 93.541162] ? __pfx_task_work_run+0x10/0x10 [ 93.541502] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.541875] ? switch_task_namespaces+0xa9/0xe0 [ 93.542238] do_exit+0xb17/0x2ef0 [ 93.542502] ? lock_acquire+0x427/0x4c0 [ 93.542835] ? __pfx_lock_release+0x10/0x10 [ 93.543177] ? __kasan_check_write+0x18/0x20 [ 93.543520] ? do_raw_spin_lock+0x132/0x2a0 [ 93.543852] ? __pfx_do_exit+0x10/0x10 [ 93.544159] ? debug_smp_processor_id+0x20/0x30 [ 93.544515] ? rcu_is_watching+0x19/0xb0 [ 93.544826] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.545172] ? trace_hardirqs_on+0x26/0x120 [ 93.545503] do_group_exit+0xe0/0x2b0 [ 93.545793] __x64_sys_exit_group+0x47/0x50 [ 93.546117] do_syscall_64+0x3b/0x90 [ 93.546406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.546827] RIP: 0033:0x7f4b87518a4d [ 93.547120] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.547585] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.548153] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.548686] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.549218] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.549748] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.550279] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.550835] [ 93.551012] irq event stamp: 0 [ 93.551255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.551725] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.552356] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.552984] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.553455] ---[ end trace 0000000000000000 ]--- [ 93.557245] ------------[ cut here ]------------ [ 93.557625] WARNING: CPU: 0 PID: 813 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.558365] Modules linked in: [ 93.558674] CPU: 0 PID: 813 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.559318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.560129] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.560490] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.561800] RSP: 0018:ffff88800ff67bb8 EFLAGS: 00010246 [ 93.562186] RAX: 0000000000000000 RBX: ffff888010b7b8a8 RCX: 0000000000000000 [ 93.562725] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 93.563255] RBP: ffff88800ff67bd0 R08: ffffed100216f733 R09: ffffed100216f733 [ 93.563782] R10: ffff888010b7b993 R11: ffffed100216f732 R12: ffff888021bc6c00 [ 93.564307] R13: ffff888010b7b9e8 R14: ffffffff8352e670 R15: ffff88800ff67e68 [ 93.564837] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.565434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.565862] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 93.566390] PKRU: 55555554 [ 93.566620] Call Trace: [ 93.566813] [ 93.566983] __iommufd_access_detach+0x1c2/0x2b0 [ 93.567360] iommufd_access_change_pt+0x149/0x270 [ 93.567730] iommufd_access_replace+0xb4/0x120 [ 93.568080] iommufd_test+0x3e5/0x37e0 [ 93.568373] ? lock_release+0x532/0x770 [ 93.568682] ? __might_fault+0x102/0x1b0 [ 93.568996] ? lock_acquire+0x427/0x4c0 [ 93.569307] ? __pfx_iommufd_test+0x10/0x10 [ 93.569633] ? __pfx_lock_release+0x10/0x10 [ 93.569968] ? __pfx_lock_acquire+0x10/0x10 [ 93.570307] ? write_comp_data+0x2f/0x90 [ 93.570648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.571023] ? write_comp_data+0x2f/0x90 [ 93.571346] iommufd_fops_ioctl+0x37d/0x510 [ 93.571676] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.572046] ? write_comp_data+0x2f/0x90 [ 93.572361] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.572723] __x64_sys_ioctl+0x1a3/0x230 [ 93.573036] do_syscall_64+0x3b/0x90 [ 93.573320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.573711] RIP: 0033:0x7f4b8743ee5d [ 93.573989] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.575351] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.575928] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.576465] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.577003] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.577536] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.578068] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.578628] [ 93.578810] irq event stamp: 0 [ 93.579052] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.579542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.580176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.580807] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.581280] ---[ end trace 0000000000000000 ]--- [ 93.584128] ------------[ cut here ]------------ [ 93.584519] WARNING: CPU: 0 PID: 813 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.585288] Modules linked in: [ 93.585535] CPU: 0 PID: 813 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.586203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.587089] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.587485] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.588878] RSP: 0018:ffff88800ff67bd0 EFLAGS: 00010246 [ 93.589286] RAX: 0000000000000000 RBX: ffff888010b7b8a8 RCX: 0000000000000000 [ 93.589831] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 93.590377] RBP: ffff88800ff67be8 R08: ffffed100216f733 R09: ffffed100216f733 [ 93.590937] R10: ffff888010b7b993 R11: ffffed100216f732 R12: ffff88800efcf400 [ 93.591497] R13: ffff888010b7b9e8 R14: ffff88801287ec00 R15: 0000000000000000 [ 93.592047] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.592663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.593107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.593656] PKRU: 55555554 [ 93.593876] Call Trace: [ 93.594075] [ 93.594251] iommufd_access_destroy_object+0x65/0x170 [ 93.594680] iommufd_object_destroy_user+0x18e/0x220 [ 93.595080] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.595543] iommufd_access_destroy+0x43/0x70 [ 93.595905] iommufd_test_staccess_release+0x8d/0xd0 [ 93.596309] __fput+0x26d/0xa40 [ 93.596581] ____fput+0x1e/0x30 [ 93.596848] task_work_run+0x1a4/0x2d0 [ 93.597160] ? __pfx_task_work_run+0x10/0x10 [ 93.597507] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.597894] ? switch_task_namespaces+0xa9/0xe0 [ 93.598266] do_exit+0xb17/0x2ef0 [ 93.598559] ? lock_acquire+0x427/0x4c0 [ 93.598885] ? __pfx_lock_release+0x10/0x10 [ 93.599241] ? __kasan_check_write+0x18/0x20 [ 93.599594] ? do_raw_spin_lock+0x132/0x2a0 [ 93.599931] ? __pfx_do_exit+0x10/0x10 [ 93.600244] ? debug_smp_processor_id+0x20/0x30 [ 93.600610] ? rcu_is_watching+0x19/0xb0 [ 93.600929] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.601287] ? trace_hardirqs_on+0x26/0x120 [ 93.601634] do_group_exit+0xe0/0x2b0 [ 93.601936] __x64_sys_exit_group+0x47/0x50 [ 93.602275] do_syscall_64+0x3b/0x90 [ 93.602605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.603033] RIP: 0033:0x7f4b87518a4d [ 93.603344] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.603822] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.604415] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.604965] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.605524] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.606101] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.606702] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.607299] [ 93.607491] irq event stamp: 0 [ 93.607748] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.608262] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.608937] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.609616] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.610126] ---[ end trace 0000000000000000 ]--- [ 93.610859] ------------[ cut here ]------------ [ 93.611266] WARNING: CPU: 0 PID: 813 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.612092] Modules linked in: [ 93.612358] CPU: 0 PID: 813 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.613056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.613965] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.614381] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.615902] RSP: 0018:ffff88800ff67b78 EFLAGS: 00010246 [ 93.616342] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.616926] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 93.617504] RBP: ffff88800ff67b98 R08: ffffed100216f73e R09: ffffed100216f73e [ 93.618083] R10: ffff888010b7b9ef R11: ffffed100216f73d R12: ffff888010b7ba90 [ 93.618682] R13: ffff888010b7b8a8 R14: ffffffffffffffff R15: ffff88800ff67c60 [ 93.619276] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 93.619926] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.620401] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 93.620981] PKRU: 55555554 [ 93.621215] Call Trace: [ 93.621429] [ 93.621614] iommufd_ioas_destroy+0x53/0x70 [ 93.621974] iommufd_fops_release+0x1f7/0x370 [ 93.622346] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.622776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.623194] ? write_comp_data+0x2f/0x90 [ 93.623541] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.623957] __fput+0x26d/0xa40 [ 93.624247] ____fput+0x1e/0x30 [ 93.624526] task_work_run+0x1a4/0x2d0 [ 93.624857] ? __pfx_task_work_run+0x10/0x10 [ 93.625224] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.625627] ? switch_task_namespaces+0xa9/0xe0 [ 93.626018] do_exit+0xb17/0x2ef0 [ 93.626303] ? lock_acquire+0x427/0x4c0 [ 93.626655] ? __pfx_lock_release+0x10/0x10 [ 93.627012] ? __kasan_check_write+0x18/0x20 [ 93.627383] ? do_raw_spin_lock+0x132/0x2a0 [ 93.627738] ? __pfx_do_exit+0x10/0x10 [ 93.628066] ? debug_smp_processor_id+0x20/0x30 [ 93.628448] ? rcu_is_watching+0x19/0xb0 [ 93.628781] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.629156] ? trace_hardirqs_on+0x26/0x120 [ 93.629513] do_group_exit+0xe0/0x2b0 [ 93.629827] __x64_sys_exit_group+0x47/0x50 [ 93.630177] do_syscall_64+0x3b/0x90 [ 93.630490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.630940] RIP: 0033:0x7f4b87518a4d [ 93.631251] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.631753] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.632372] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.632947] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.633520] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.634090] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.634696] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.635288] [ 93.635477] irq event stamp: 0 [ 93.635737] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.636245] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.636922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.637595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.638104] ---[ end trace 0000000000000000 ]--- [ 93.643234] ------------[ cut here ]------------ [ 93.643644] WARNING: CPU: 1 PID: 814 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.644431] Modules linked in: [ 93.644683] CPU: 1 PID: 814 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.645358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.646232] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.646874] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.648318] RSP: 0018:ffff888014ac7bb8 EFLAGS: 00010246 [ 93.648737] RAX: 0000000000000000 RBX: ffff888011e7e8a8 RCX: 0000000000000000 [ 93.649293] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 93.649851] RBP: ffff888014ac7bd0 R08: ffffed10023cfd33 R09: ffffed10023cfd33 [ 93.650406] R10: ffff888011e7e993 R11: ffffed10023cfd32 R12: ffff888021baac00 [ 93.650981] R13: ffff888011e7e9e8 R14: ffffffff8352e670 R15: ffff888014ac7e68 [ 93.651548] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.652177] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.652629] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 93.653186] PKRU: 55555554 [ 93.653407] Call Trace: [ 93.653610] [ 93.653787] __iommufd_access_detach+0x1c2/0x2b0 [ 93.654179] iommufd_access_change_pt+0x149/0x270 [ 93.654589] iommufd_access_replace+0xb4/0x120 [ 93.654965] iommufd_test+0x3e5/0x37e0 [ 93.655285] ? lock_release+0x532/0x770 [ 93.655609] ? __might_fault+0x102/0x1b0 [ 93.655938] ? lock_acquire+0x427/0x4c0 [ 93.656264] ? __pfx_iommufd_test+0x10/0x10 [ 93.656603] ? __pfx_lock_release+0x10/0x10 [ 93.656949] ? __pfx_lock_acquire+0x10/0x10 [ 93.657305] ? write_comp_data+0x2f/0x90 [ 93.657637] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.658022] ? write_comp_data+0x2f/0x90 [ 93.658350] iommufd_fops_ioctl+0x37d/0x510 [ 93.658708] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.659096] ? write_comp_data+0x2f/0x90 [ 93.659430] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.659810] __x64_sys_ioctl+0x1a3/0x230 [ 93.660146] do_syscall_64+0x3b/0x90 [ 93.660453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.660869] RIP: 0033:0x7f4b8743ee5d [ 93.661164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.662602] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.663205] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.663760] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.664316] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.664873] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.665429] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.665992] [ 93.666177] irq event stamp: 0 [ 93.666424] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.666933] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.667601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.668258] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.668750] ---[ end trace 0000000000000000 ]--- [ 93.671583] ------------[ cut here ]------------ [ 93.671988] WARNING: CPU: 1 PID: 814 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.672764] Modules linked in: [ 93.673009] CPU: 1 PID: 814 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.673664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.674531] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.674909] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.676300] RSP: 0018:ffff888014ac7bd0 EFLAGS: 00010246 [ 93.676706] RAX: 0000000000000000 RBX: ffff888011e7e8a8 RCX: 0000000000000000 [ 93.677244] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 93.677785] RBP: ffff888014ac7be8 R08: ffffed10023cfd33 R09: ffffed10023cfd33 [ 93.678322] R10: ffff888011e7e993 R11: ffffed10023cfd32 R12: ffff888017ba6400 [ 93.678881] R13: ffff888011e7e9e8 R14: ffff888012132500 R15: 0000000000000000 [ 93.679439] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.680051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.680488] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 93.681033] PKRU: 55555554 [ 93.681247] Call Trace: [ 93.681442] [ 93.681613] iommufd_access_destroy_object+0x65/0x170 [ 93.682015] iommufd_object_destroy_user+0x18e/0x220 [ 93.682406] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.682880] iommufd_access_destroy+0x43/0x70 [ 93.683247] iommufd_test_staccess_release+0x8d/0xd0 [ 93.683645] __fput+0x26d/0xa40 [ 93.683910] ____fput+0x1e/0x30 [ 93.684170] task_work_run+0x1a4/0x2d0 [ 93.684476] ? __pfx_task_work_run+0x10/0x10 [ 93.684820] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.685201] ? switch_task_namespaces+0xa9/0xe0 [ 93.685568] do_exit+0xb17/0x2ef0 [ 93.685837] ? lock_acquire+0x427/0x4c0 [ 93.686148] ? __pfx_lock_release+0x10/0x10 [ 93.686483] ? __kasan_check_write+0x18/0x20 [ 93.686849] ? do_raw_spin_lock+0x132/0x2a0 [ 93.687192] ? __pfx_do_exit+0x10/0x10 [ 93.687501] ? debug_smp_processor_id+0x20/0x30 [ 93.687861] ? rcu_is_watching+0x19/0xb0 [ 93.688172] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.688524] ? trace_hardirqs_on+0x26/0x120 [ 93.688858] do_group_exit+0xe0/0x2b0 [ 93.689153] __x64_sys_exit_group+0x47/0x50 [ 93.689480] do_syscall_64+0x3b/0x90 [ 93.689773] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.690174] RIP: 0033:0x7f4b87518a4d [ 93.690458] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.690937] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.691524] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.692063] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.692600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.693141] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.693682] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.694228] [ 93.694408] irq event stamp: 0 [ 93.694666] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.695154] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.695782] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.696410] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.696882] ---[ end trace 0000000000000000 ]--- [ 93.697560] ------------[ cut here ]------------ [ 93.697921] WARNING: CPU: 1 PID: 814 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.698702] Modules linked in: [ 93.698947] CPU: 1 PID: 814 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.699624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.700883] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.701285] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.703001] RSP: 0018:ffff888014ac7b78 EFLAGS: 00010246 [ 93.703502] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.704040] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 93.704688] RBP: ffff888014ac7b98 R08: ffffed10023cfd3e R09: ffffed10023cfd3e [ 93.705225] R10: ffff888011e7e9ef R11: ffffed10023cfd3d R12: ffff888011e7ea90 [ 93.705876] R13: ffff888011e7e8a8 R14: ffffffffffffffff R15: ffff888014ac7c60 [ 93.706415] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.707038] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.707601] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 93.708146] PKRU: 55555554 [ 93.708363] Call Trace: [ 93.708561] [ 93.708796] iommufd_ioas_destroy+0x53/0x70 [ 93.709184] iommufd_fops_release+0x1f7/0x370 [ 93.709535] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.709921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.710423] ? write_comp_data+0x2f/0x90 [ 93.710762] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.711152] __fput+0x26d/0xa40 [ 93.711421] ____fput+0x1e/0x30 [ 93.711730] task_work_run+0x1a4/0x2d0 [ 93.712099] ? __pfx_task_work_run+0x10/0x10 [ 93.712443] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.712824] ? switch_task_namespaces+0xa9/0xe0 [ 93.713241] do_exit+0xb17/0x2ef0 [ 93.713508] ? lock_acquire+0x427/0x4c0 [ 93.713864] ? __pfx_lock_release+0x10/0x10 [ 93.714200] ? __kasan_check_write+0x18/0x20 [ 93.714622] ? do_raw_spin_lock+0x132/0x2a0 [ 93.715023] ? __pfx_do_exit+0x10/0x10 [ 93.715341] ? debug_smp_processor_id+0x20/0x30 [ 93.715702] ? rcu_is_watching+0x19/0xb0 [ 93.716022] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.716411] ? trace_hardirqs_on+0x26/0x120 [ 93.716803] do_group_exit+0xe0/0x2b0 [ 93.717099] __x64_sys_exit_group+0x47/0x50 [ 93.717430] do_syscall_64+0x3b/0x90 [ 93.717797] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.718250] RIP: 0033:0x7f4b87518a4d [ 93.718557] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.719030] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.719738] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.720283] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.720890] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.721479] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.722044] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.722699] [ 93.722881] irq event stamp: 0 [ 93.723140] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.723626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.724432] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.725085] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.725650] ---[ end trace 0000000000000000 ]--- [ 93.729659] ------------[ cut here ]------------ [ 93.730061] WARNING: CPU: 1 PID: 815 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.730991] Modules linked in: [ 93.731264] CPU: 1 PID: 815 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.731961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.733019] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.733437] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.735126] RSP: 0018:ffff8880208afbb8 EFLAGS: 00010246 [ 93.735655] RAX: 0000000000000000 RBX: ffff888010ec50a8 RCX: 0000000000000000 [ 93.736257] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 93.736965] RBP: ffff8880208afbd0 R08: ffffed10021d8a33 R09: ffffed10021d8a33 [ 93.737536] R10: ffff888010ec5193 R11: ffffed10021d8a32 R12: ffff888010c08400 [ 93.738165] R13: ffff888010ec51e8 R14: ffffffff8352e670 R15: ffff8880208afe68 [ 93.738847] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.739504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.740122] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 93.740684] PKRU: 55555554 [ 93.740934] Call Trace: [ 93.741190] [ 93.741467] __iommufd_access_detach+0x1c2/0x2b0 [ 93.741868] iommufd_access_change_pt+0x149/0x270 [ 93.742281] iommufd_access_replace+0xb4/0x120 [ 93.742775] iommufd_test+0x3e5/0x37e0 [ 93.743206] ? lock_release+0x532/0x770 [ 93.743551] ? __might_fault+0x102/0x1b0 [ 93.743899] ? lock_acquire+0x427/0x4c0 [ 93.744258] ? __pfx_iommufd_test+0x10/0x10 [ 93.744705] ? __pfx_lock_release+0x10/0x10 [ 93.745068] ? __pfx_lock_acquire+0x10/0x10 [ 93.745434] ? write_comp_data+0x2f/0x90 [ 93.745849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.746290] ? write_comp_data+0x2f/0x90 [ 93.746665] iommufd_fops_ioctl+0x37d/0x510 [ 93.747027] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.747589] ? write_comp_data+0x2f/0x90 [ 93.748008] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.748406] __x64_sys_ioctl+0x1a3/0x230 [ 93.748766] do_syscall_64+0x3b/0x90 [ 93.749243] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.749674] RIP: 0033:0x7f4b8743ee5d [ 93.749973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.751631] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.752426] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.752996] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.753602] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.754296] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.754880] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.755638] [ 93.755835] irq event stamp: 0 [ 93.756096] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.756619] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.757504] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.758253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.758917] ---[ end trace 0000000000000000 ]--- [ 93.761900] ------------[ cut here ]------------ [ 93.762334] WARNING: CPU: 1 PID: 815 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.763472] Modules linked in: [ 93.763761] CPU: 1 PID: 815 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.764505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.765677] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.766155] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.768068] RSP: 0018:ffff8880208afbd0 EFLAGS: 00010246 [ 93.768627] RAX: 0000000000000000 RBX: ffff888010ec50a8 RCX: 0000000000000000 [ 93.769241] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 93.769962] RBP: ffff8880208afbe8 R08: ffffed10021d8a33 R09: ffffed10021d8a33 [ 93.770704] R10: ffff888010ec5193 R11: ffffed10021d8a32 R12: ffff888021baa000 [ 93.771336] R13: ffff888010ec51e8 R14: ffff888020a7d100 R15: 0000000000000000 [ 93.772137] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.772845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.773460] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 93.774168] PKRU: 55555554 [ 93.774414] Call Trace: [ 93.774657] [ 93.774855] iommufd_access_destroy_object+0x65/0x170 [ 93.775408] iommufd_object_destroy_user+0x18e/0x220 [ 93.775948] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.776457] iommufd_access_destroy+0x43/0x70 [ 93.776930] iommufd_test_staccess_release+0x8d/0xd0 [ 93.777469] __fput+0x26d/0xa40 [ 93.777774] ____fput+0x1e/0x30 [ 93.778100] task_work_run+0x1a4/0x2d0 [ 93.778615] ? __pfx_task_work_run+0x10/0x10 [ 93.779020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.779479] ? switch_task_namespaces+0xa9/0xe0 [ 93.779933] do_exit+0xb17/0x2ef0 [ 93.780306] ? lock_acquire+0x427/0x4c0 [ 93.780798] ? __pfx_lock_release+0x10/0x10 [ 93.781210] ? __kasan_check_write+0x18/0x20 [ 93.781717] ? do_raw_spin_lock+0x132/0x2a0 [ 93.782241] ? __pfx_do_exit+0x10/0x10 [ 93.782639] ? debug_smp_processor_id+0x20/0x30 [ 93.783079] ? rcu_is_watching+0x19/0xb0 [ 93.783454] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.783972] ? trace_hardirqs_on+0x26/0x120 [ 93.784462] do_group_exit+0xe0/0x2b0 [ 93.784816] __x64_sys_exit_group+0x47/0x50 [ 93.785300] do_syscall_64+0x3b/0x90 [ 93.785760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.786244] RIP: 0033:0x7f4b87518a4d [ 93.786613] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.787224] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.788080] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.788715] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.789546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.790192] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.791063] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.791744] [ 93.791961] irq event stamp: 0 [ 93.792255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.792945] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.793846] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.794759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.795437] ---[ end trace 0000000000000000 ]--- [ 93.796505] ------------[ cut here ]------------ [ 93.797140] WARNING: CPU: 1 PID: 815 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.798104] Modules linked in: [ 93.798536] CPU: 1 PID: 815 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.799467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.800536] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.801170] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.803041] RSP: 0018:ffff8880208afb78 EFLAGS: 00010246 [ 93.803552] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.804292] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 93.805046] RBP: ffff8880208afb98 R08: ffffed10021d8a3e R09: ffffed10021d8a3e [ 93.805788] R10: ffff888010ec51ef R11: ffffed10021d8a3d R12: ffff888010ec5290 [ 93.806583] R13: ffff888010ec50a8 R14: ffffffffffffffff R15: ffff8880208afc60 [ 93.807266] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.808201] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.808737] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 93.809478] PKRU: 55555554 [ 93.809843] Call Trace: [ 93.810078] [ 93.810293] iommufd_ioas_destroy+0x53/0x70 [ 93.810736] iommufd_fops_release+0x1f7/0x370 [ 93.811168] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.811833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.812293] ? write_comp_data+0x2f/0x90 [ 93.812681] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.813319] __fput+0x26d/0xa40 [ 93.813649] ____fput+0x1e/0x30 [ 93.813996] task_work_run+0x1a4/0x2d0 [ 93.814406] ? __pfx_task_work_run+0x10/0x10 [ 93.814897] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.815425] ? switch_task_namespaces+0xa9/0xe0 [ 93.815908] do_exit+0xb17/0x2ef0 [ 93.816258] ? lock_acquire+0x427/0x4c0 [ 93.816672] ? __pfx_lock_release+0x10/0x10 [ 93.817107] ? __kasan_check_write+0x18/0x20 [ 93.817554] ? do_raw_spin_lock+0x132/0x2a0 [ 93.817989] ? __pfx_do_exit+0x10/0x10 [ 93.818390] ? debug_smp_processor_id+0x20/0x30 [ 93.818892] ? rcu_is_watching+0x19/0xb0 [ 93.819327] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.819781] ? trace_hardirqs_on+0x26/0x120 [ 93.820214] do_group_exit+0xe0/0x2b0 [ 93.820600] __x64_sys_exit_group+0x47/0x50 [ 93.821036] do_syscall_64+0x3b/0x90 [ 93.821417] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.821956] RIP: 0033:0x7f4b87518a4d [ 93.822334] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.822969] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.823761] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.824482] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.825189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.825899] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.826660] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.827403] [ 93.827647] irq event stamp: 0 [ 93.827958] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.828595] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.829432] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.830263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.830936] ---[ end trace 0000000000000000 ]--- [ 93.835488] ------------[ cut here ]------------ [ 93.836024] WARNING: CPU: 1 PID: 816 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.837036] Modules linked in: [ 93.837366] CPU: 1 PID: 816 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.838228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.839435] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.839957] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.841804] RSP: 0018:ffff8880144b7bb8 EFLAGS: 00010246 [ 93.842352] RAX: 0000000000000000 RBX: ffff888015e640a8 RCX: 0000000000000000 [ 93.843126] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 93.843857] RBP: ffff8880144b7bd0 R08: ffffed1002bcc833 R09: ffffed1002bcc833 [ 93.844573] R10: ffff888015e64193 R11: ffffed1002bcc832 R12: ffff888013af9800 [ 93.845292] R13: ffff888015e641e8 R14: ffffffff8352e670 R15: ffff8880144b7e68 [ 93.846004] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.846836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.847438] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 93.848171] PKRU: 55555554 [ 93.848470] Call Trace: [ 93.848733] [ 93.848961] __iommufd_access_detach+0x1c2/0x2b0 [ 93.849453] iommufd_access_change_pt+0x149/0x270 [ 93.849957] iommufd_access_replace+0xb4/0x120 [ 93.850422] iommufd_test+0x3e5/0x37e0 [ 93.850847] ? lock_release+0x532/0x770 [ 93.851286] ? __might_fault+0x102/0x1b0 [ 93.851709] ? lock_acquire+0x427/0x4c0 [ 93.852125] ? __pfx_iommufd_test+0x10/0x10 [ 93.852555] ? __pfx_lock_release+0x10/0x10 [ 93.852995] ? __pfx_lock_acquire+0x10/0x10 [ 93.853437] ? write_comp_data+0x2f/0x90 [ 93.853859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.854344] ? write_comp_data+0x2f/0x90 [ 93.854789] iommufd_fops_ioctl+0x37d/0x510 [ 93.855246] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.855758] ? write_comp_data+0x2f/0x90 [ 93.856191] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.856670] __x64_sys_ioctl+0x1a3/0x230 [ 93.857086] do_syscall_64+0x3b/0x90 [ 93.857466] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.857987] RIP: 0033:0x7f4b8743ee5d [ 93.858362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.860261] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.861001] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.861653] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.862308] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.862993] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.863668] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.864340] [ 93.864562] irq event stamp: 0 [ 93.864854] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.865428] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.866198] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.866991] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.867589] ---[ end trace 0000000000000000 ]--- [ 93.870650] ------------[ cut here ]------------ [ 93.871146] WARNING: CPU: 1 PID: 816 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.872077] Modules linked in: [ 93.872374] CPU: 1 PID: 816 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.873164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.874201] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.874699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.876368] RSP: 0018:ffff8880144b7bd0 EFLAGS: 00010246 [ 93.876863] RAX: 0000000000000000 RBX: ffff888015e640a8 RCX: 0000000000000000 [ 93.877510] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 93.878155] RBP: ffff8880144b7be8 R08: ffffed1002bcc833 R09: ffffed1002bcc833 [ 93.878829] R10: ffff888015e64193 R11: ffffed1002bcc832 R12: ffff888010c0b400 [ 93.879504] R13: ffff888015e641e8 R14: ffff88800f211100 R15: 0000000000000000 [ 93.880170] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.880914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.881450] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 93.882119] PKRU: 55555554 [ 93.882380] Call Trace: [ 93.882639] [ 93.882856] iommufd_access_destroy_object+0x65/0x170 [ 93.883364] iommufd_object_destroy_user+0x18e/0x220 [ 93.883841] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.884386] iommufd_access_destroy+0x43/0x70 [ 93.884812] iommufd_test_staccess_release+0x8d/0xd0 [ 93.885284] __fput+0x26d/0xa40 [ 93.885613] ____fput+0x1e/0x30 [ 93.885922] task_work_run+0x1a4/0x2d0 [ 93.886286] ? __pfx_task_work_run+0x10/0x10 [ 93.886733] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.887207] ? switch_task_namespaces+0xa9/0xe0 [ 93.887656] do_exit+0xb17/0x2ef0 [ 93.887980] ? lock_acquire+0x427/0x4c0 [ 93.888358] ? __pfx_lock_release+0x10/0x10 [ 93.888766] ? __kasan_check_write+0x18/0x20 [ 93.889172] ? do_raw_spin_lock+0x132/0x2a0 [ 93.889564] ? __pfx_do_exit+0x10/0x10 [ 93.889933] ? debug_smp_processor_id+0x20/0x30 [ 93.890370] ? rcu_is_watching+0x19/0xb0 [ 93.890788] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.891224] ? trace_hardirqs_on+0x26/0x120 [ 93.891636] do_group_exit+0xe0/0x2b0 [ 93.891987] __x64_sys_exit_group+0x47/0x50 [ 93.892384] do_syscall_64+0x3b/0x90 [ 93.892750] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.893238] RIP: 0033:0x7f4b87518a4d [ 93.893578] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.894149] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.894885] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.895562] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.896209] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.896858] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.897517] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.898177] [ 93.898395] irq event stamp: 0 [ 93.898733] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.899358] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.900127] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.900893] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.901486] ---[ end trace 0000000000000000 ]--- [ 93.902289] ------------[ cut here ]------------ [ 93.902751] WARNING: CPU: 1 PID: 816 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 93.903677] Modules linked in: [ 93.903974] CPU: 1 PID: 816 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.904744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.905773] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 93.906249] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 93.907947] RSP: 0018:ffff8880144b7b78 EFLAGS: 00010246 [ 93.908447] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 93.909086] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 93.909738] RBP: ffff8880144b7b98 R08: ffffed1002bcc83e R09: ffffed1002bcc83e [ 93.910387] R10: ffff888015e641ef R11: ffffed1002bcc83d R12: ffff888015e64290 [ 93.911059] R13: ffff888015e640a8 R14: ffffffffffffffff R15: ffff8880144b7c60 [ 93.911736] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.912480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.913008] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 93.913658] PKRU: 55555554 [ 93.913924] Call Trace: [ 93.914158] [ 93.914366] iommufd_ioas_destroy+0x53/0x70 [ 93.914800] iommufd_fops_release+0x1f7/0x370 [ 93.915238] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.915704] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.916162] ? write_comp_data+0x2f/0x90 [ 93.916547] ? __pfx_iommufd_fops_release+0x10/0x10 [ 93.917002] __fput+0x26d/0xa40 [ 93.917319] ____fput+0x1e/0x30 [ 93.917637] task_work_run+0x1a4/0x2d0 [ 93.918000] ? __pfx_task_work_run+0x10/0x10 [ 93.918408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.918878] ? switch_task_namespaces+0xa9/0xe0 [ 93.919342] do_exit+0xb17/0x2ef0 [ 93.919659] ? lock_acquire+0x427/0x4c0 [ 93.920038] ? __pfx_lock_release+0x10/0x10 [ 93.920437] ? __kasan_check_write+0x18/0x20 [ 93.920845] ? do_raw_spin_lock+0x132/0x2a0 [ 93.921243] ? __pfx_do_exit+0x10/0x10 [ 93.921607] ? debug_smp_processor_id+0x20/0x30 [ 93.922038] ? rcu_is_watching+0x19/0xb0 [ 93.922411] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.922858] ? trace_hardirqs_on+0x26/0x120 [ 93.923282] do_group_exit+0xe0/0x2b0 [ 93.923636] __x64_sys_exit_group+0x47/0x50 [ 93.924026] do_syscall_64+0x3b/0x90 [ 93.924375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.924851] RIP: 0033:0x7f4b87518a4d [ 93.925189] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.925741] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.926431] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.927113] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.927776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.928425] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.929077] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.929723] [ 93.929929] irq event stamp: 0 [ 93.930201] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.930767] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.931519] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.932241] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.932795] ---[ end trace 0000000000000000 ]--- [ 93.936860] ------------[ cut here ]------------ [ 93.937301] WARNING: CPU: 1 PID: 817 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.938150] Modules linked in: [ 93.938418] CPU: 1 PID: 817 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.939238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.940189] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.940613] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.942165] RSP: 0018:ffff888023c57bb8 EFLAGS: 00010246 [ 93.942643] RAX: 0000000000000000 RBX: ffff888014ac30a8 RCX: 0000000000000000 [ 93.943267] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 93.943875] RBP: ffff888023c57bd0 R08: ffffed1002958633 R09: ffffed1002958633 [ 93.944481] R10: ffff888014ac3193 R11: ffffed1002958632 R12: ffff888012e92800 [ 93.945090] R13: ffff888014ac31e8 R14: ffffffff8352e670 R15: ffff888023c57e68 [ 93.945698] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.946376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.946895] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 93.947522] PKRU: 55555554 [ 93.947765] Call Trace: [ 93.947988] [ 93.948181] __iommufd_access_detach+0x1c2/0x2b0 [ 93.948607] iommufd_access_change_pt+0x149/0x270 [ 93.949041] iommufd_access_replace+0xb4/0x120 [ 93.949449] iommufd_test+0x3e5/0x37e0 [ 93.949785] ? lock_release+0x532/0x770 [ 93.950142] ? __might_fault+0x102/0x1b0 [ 93.950498] ? lock_acquire+0x427/0x4c0 [ 93.950886] ? __pfx_iommufd_test+0x10/0x10 [ 93.951275] ? __pfx_lock_release+0x10/0x10 [ 93.951665] ? __pfx_lock_acquire+0x10/0x10 [ 93.952051] ? write_comp_data+0x2f/0x90 [ 93.952409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.952836] ? write_comp_data+0x2f/0x90 [ 93.953209] iommufd_fops_ioctl+0x37d/0x510 [ 93.953584] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.954027] ? write_comp_data+0x2f/0x90 [ 93.954399] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 93.954848] __x64_sys_ioctl+0x1a3/0x230 [ 93.955226] do_syscall_64+0x3b/0x90 [ 93.955559] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.956016] RIP: 0033:0x7f4b8743ee5d [ 93.956337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 93.957890] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 93.958553] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 93.959177] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 93.959829] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 93.960637] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 93.961256] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 93.962030] [ 93.962236] irq event stamp: 0 [ 93.962532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.963103] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.963972] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 93.964760] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 93.965375] ---[ end trace 0000000000000000 ]--- [ 93.968320] ------------[ cut here ]------------ [ 93.968769] WARNING: CPU: 1 PID: 817 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 93.969784] Modules linked in: [ 93.970053] CPU: 1 PID: 817 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 93.970808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 93.971897] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 93.972321] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 93.974084] RSP: 0018:ffff888023c57bd0 EFLAGS: 00010246 [ 93.974664] RAX: 0000000000000000 RBX: ffff888014ac30a8 RCX: 0000000000000000 [ 93.975286] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 93.975980] RBP: ffff888023c57be8 R08: ffffed1002958633 R09: ffffed1002958633 [ 93.976654] R10: ffff888014ac3193 R11: ffffed1002958632 R12: ffff888013af9000 [ 93.977293] R13: ffff888014ac31e8 R14: ffff888013824000 R15: 0000000000000000 [ 93.978005] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 93.978760] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.979354] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 93.979975] PKRU: 55555554 [ 93.980231] Call Trace: [ 93.980483] [ 93.980764] iommufd_access_destroy_object+0x65/0x170 [ 93.981307] iommufd_object_destroy_user+0x18e/0x220 [ 93.981783] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 93.982478] iommufd_access_destroy+0x43/0x70 [ 93.982949] iommufd_test_staccess_release+0x8d/0xd0 [ 93.983455] __fput+0x26d/0xa40 [ 93.983780] ____fput+0x1e/0x30 [ 93.984182] task_work_run+0x1a4/0x2d0 [ 93.984636] ? __pfx_task_work_run+0x10/0x10 [ 93.985052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 93.985529] ? switch_task_namespaces+0xa9/0xe0 [ 93.986146] do_exit+0xb17/0x2ef0 [ 93.986474] ? lock_acquire+0x427/0x4c0 [ 93.986891] ? __pfx_lock_release+0x10/0x10 [ 93.987306] ? __kasan_check_write+0x18/0x20 [ 93.987880] ? do_raw_spin_lock+0x132/0x2a0 [ 93.988290] ? __pfx_do_exit+0x10/0x10 [ 93.988659] ? debug_smp_processor_id+0x20/0x30 [ 93.989170] ? rcu_is_watching+0x19/0xb0 [ 93.989643] ? _raw_spin_unlock_irq+0x2b/0x60 [ 93.990071] ? trace_hardirqs_on+0x26/0x120 [ 93.990497] do_group_exit+0xe0/0x2b0 [ 93.991002] __x64_sys_exit_group+0x47/0x50 [ 93.991428] do_syscall_64+0x3b/0x90 [ 93.991786] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 93.992284] RIP: 0033:0x7f4b87518a4d [ 93.992696] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 93.993387] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 93.994086] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 93.994934] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 93.995608] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 93.996336] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 93.997102] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 93.997794] [ 93.998125] irq event stamp: 0 [ 93.998420] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 93.999050] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 93.999866] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.000812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.001421] ---[ end trace 0000000000000000 ]--- [ 94.002399] ------------[ cut here ]------------ [ 94.002885] WARNING: CPU: 1 PID: 817 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.003938] Modules linked in: [ 94.004343] CPU: 1 PID: 817 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.005140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.006359] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.006867] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.008871] RSP: 0018:ffff888023c57b78 EFLAGS: 00010246 [ 94.009599] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.010334] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 94.011240] RBP: ffff888023c57b98 R08: ffffed100295863e R09: ffffed100295863e [ 94.012043] R10: ffff888014ac31ef R11: ffffed100295863d R12: ffff888014ac3290 [ 94.012775] R13: ffff888014ac30a8 R14: ffffffffffffffff R15: ffff888023c57c60 [ 94.013720] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.014565] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.015259] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 94.016121] PKRU: 55555554 [ 94.016420] Call Trace: [ 94.016688] [ 94.016958] iommufd_ioas_destroy+0x53/0x70 [ 94.017563] iommufd_fops_release+0x1f7/0x370 [ 94.018032] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.018582] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.019098] ? write_comp_data+0x2f/0x90 [ 94.019537] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.020038] __fput+0x26d/0xa40 [ 94.020388] ____fput+0x1e/0x30 [ 94.020730] task_work_run+0x1a4/0x2d0 [ 94.021134] ? __pfx_task_work_run+0x10/0x10 [ 94.021589] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.022084] ? switch_task_namespaces+0xa9/0xe0 [ 94.022600] do_exit+0xb17/0x2ef0 [ 94.022956] ? lock_acquire+0x427/0x4c0 [ 94.023391] ? __pfx_lock_release+0x10/0x10 [ 94.023840] ? __kasan_check_write+0x18/0x20 [ 94.024291] ? do_raw_spin_lock+0x132/0x2a0 [ 94.024722] ? __pfx_do_exit+0x10/0x10 [ 94.025127] ? debug_smp_processor_id+0x20/0x30 [ 94.025607] ? rcu_is_watching+0x19/0xb0 [ 94.026026] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.026480] ? trace_hardirqs_on+0x26/0x120 [ 94.026944] do_group_exit+0xe0/0x2b0 [ 94.027355] __x64_sys_exit_group+0x47/0x50 [ 94.027789] do_syscall_64+0x3b/0x90 [ 94.028173] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.028699] RIP: 0033:0x7f4b87518a4d [ 94.029074] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.029694] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.030462] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.031222] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.031943] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.032653] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.033368] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.034099] [ 94.034334] irq event stamp: 0 [ 94.034682] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.035338] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.036181] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.037014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.037648] ---[ end trace 0000000000000000 ]--- [ 94.042639] ------------[ cut here ]------------ [ 94.043168] WARNING: CPU: 1 PID: 818 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.044098] Modules linked in: [ 94.044387] CPU: 1 PID: 818 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.045173] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.046204] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.046696] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.048384] RSP: 0018:ffff8880178cfbb8 EFLAGS: 00010246 [ 94.048871] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 94.049526] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 94.050196] RBP: ffff8880178cfbd0 R08: ffffed100173f333 R09: ffffed100173f333 [ 94.050872] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff888013b14400 [ 94.051550] R13: ffff88800b9f99e8 R14: ffffffff8352e670 R15: ffff8880178cfe68 [ 94.052210] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.052958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.053500] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 94.054162] PKRU: 55555554 [ 94.054418] Call Trace: [ 94.054676] [ 94.054885] __iommufd_access_detach+0x1c2/0x2b0 [ 94.055353] iommufd_access_change_pt+0x149/0x270 [ 94.055808] iommufd_access_replace+0xb4/0x120 [ 94.056251] iommufd_test+0x3e5/0x37e0 [ 94.056608] ? lock_release+0x532/0x770 [ 94.056990] ? __might_fault+0x102/0x1b0 [ 94.057373] ? lock_acquire+0x427/0x4c0 [ 94.057754] ? __pfx_iommufd_test+0x10/0x10 [ 94.058153] ? __pfx_lock_release+0x10/0x10 [ 94.058572] ? __pfx_lock_acquire+0x10/0x10 [ 94.058982] ? write_comp_data+0x2f/0x90 [ 94.059378] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.059836] ? write_comp_data+0x2f/0x90 [ 94.060218] iommufd_fops_ioctl+0x37d/0x510 [ 94.060629] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.061094] ? write_comp_data+0x2f/0x90 [ 94.061480] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.061935] __x64_sys_ioctl+0x1a3/0x230 [ 94.062323] do_syscall_64+0x3b/0x90 [ 94.062705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.063241] RIP: 0033:0x7f4b8743ee5d [ 94.063597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.065291] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.065982] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.066641] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.067312] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.067959] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.068611] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.069264] [ 94.069477] irq event stamp: 0 [ 94.069758] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.070323] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.071124] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.071891] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.072463] ---[ end trace 0000000000000000 ]--- [ 94.076087] ------------[ cut here ]------------ [ 94.076584] WARNING: CPU: 0 PID: 818 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.077566] Modules linked in: [ 94.077855] CPU: 0 PID: 818 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.078862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.079867] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.080293] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.081842] RSP: 0018:ffff8880178cfbd0 EFLAGS: 00010246 [ 94.082295] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 94.082924] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 94.083543] RBP: ffff8880178cfbe8 R08: ffffed100173f333 R09: ffffed100173f333 [ 94.084154] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff888012e93800 [ 94.084764] R13: ffff88800b9f99e8 R14: ffff888010aa6200 R15: 0000000000000000 [ 94.085372] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.086060] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.086580] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.087195] PKRU: 55555554 [ 94.087438] Call Trace: [ 94.087657] [ 94.087850] iommufd_access_destroy_object+0x65/0x170 [ 94.088297] iommufd_object_destroy_user+0x18e/0x220 [ 94.088739] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.089245] iommufd_access_destroy+0x43/0x70 [ 94.089644] iommufd_test_staccess_release+0x8d/0xd0 [ 94.090085] __fput+0x26d/0xa40 [ 94.090381] ____fput+0x1e/0x30 [ 94.090697] task_work_run+0x1a4/0x2d0 [ 94.091043] ? __pfx_task_work_run+0x10/0x10 [ 94.091454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.091887] ? switch_task_namespaces+0xa9/0xe0 [ 94.092298] do_exit+0xb17/0x2ef0 [ 94.092601] ? lock_acquire+0x427/0x4c0 [ 94.092953] ? __pfx_lock_release+0x10/0x10 [ 94.093330] ? __kasan_check_write+0x18/0x20 [ 94.093716] ? do_raw_spin_lock+0x132/0x2a0 [ 94.094090] ? __pfx_do_exit+0x10/0x10 [ 94.094431] ? debug_smp_processor_id+0x20/0x30 [ 94.094858] ? rcu_is_watching+0x19/0xb0 [ 94.095222] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.095621] ? trace_hardirqs_on+0x26/0x120 [ 94.096003] do_group_exit+0xe0/0x2b0 [ 94.096330] __x64_sys_exit_group+0x47/0x50 [ 94.096784] do_syscall_64+0x3b/0x90 [ 94.097117] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.097572] RIP: 0033:0x7f4b87518a4d [ 94.097894] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.098419] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.099122] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.099739] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.100350] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.100958] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.101573] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.102194] [ 94.102396] irq event stamp: 0 [ 94.102697] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.103251] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.103967] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.104676] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.105211] ---[ end trace 0000000000000000 ]--- [ 94.105976] ------------[ cut here ]------------ [ 94.106384] WARNING: CPU: 0 PID: 818 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.107289] Modules linked in: [ 94.107574] CPU: 0 PID: 818 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.108320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.109337] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.109781] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.111375] RSP: 0018:ffff8880178cfb78 EFLAGS: 00010246 [ 94.111842] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.112450] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 94.113057] RBP: ffff8880178cfb98 R08: ffffed100173f33e R09: ffffed100173f33e [ 94.113667] R10: ffff88800b9f99ef R11: ffffed100173f33d R12: ffff88800b9f9a90 [ 94.114271] R13: ffff88800b9f98a8 R14: ffffffffffffffff R15: ffff8880178cfc60 [ 94.114907] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.115611] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.116115] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.116726] PKRU: 55555554 [ 94.116971] Call Trace: [ 94.117191] [ 94.117387] iommufd_ioas_destroy+0x53/0x70 [ 94.117769] iommufd_fops_release+0x1f7/0x370 [ 94.118165] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.118624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.119064] ? write_comp_data+0x2f/0x90 [ 94.119436] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.119870] __fput+0x26d/0xa40 [ 94.120173] ____fput+0x1e/0x30 [ 94.120470] task_work_run+0x1a4/0x2d0 [ 94.120817] ? __pfx_task_work_run+0x10/0x10 [ 94.121205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.121630] ? switch_task_namespaces+0xa9/0xe0 [ 94.122043] do_exit+0xb17/0x2ef0 [ 94.122347] ? lock_acquire+0x427/0x4c0 [ 94.122727] ? __pfx_lock_release+0x10/0x10 [ 94.123118] ? __kasan_check_write+0x18/0x20 [ 94.123502] ? do_raw_spin_lock+0x132/0x2a0 [ 94.123879] ? __pfx_do_exit+0x10/0x10 [ 94.124223] ? debug_smp_processor_id+0x20/0x30 [ 94.124630] ? rcu_is_watching+0x19/0xb0 [ 94.124987] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.125383] ? trace_hardirqs_on+0x26/0x120 [ 94.125765] do_group_exit+0xe0/0x2b0 [ 94.126096] __x64_sys_exit_group+0x47/0x50 [ 94.126464] do_syscall_64+0x3b/0x90 [ 94.126820] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.127293] RIP: 0033:0x7f4b87518a4d [ 94.127621] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.128154] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.128808] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.129431] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.130060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.130703] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.131342] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.131994] [ 94.132201] irq event stamp: 0 [ 94.132477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.133037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.133771] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.134537] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.135096] ---[ end trace 0000000000000000 ]--- [ 94.139834] ------------[ cut here ]------------ [ 94.140290] WARNING: CPU: 0 PID: 819 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.141238] Modules linked in: [ 94.141519] CPU: 0 PID: 819 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.142270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.143421] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.143875] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.145459] RSP: 0018:ffff888011e97bb8 EFLAGS: 00010246 [ 94.145924] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 94.146575] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 94.147209] RBP: ffff888011e97bd0 R08: ffffed1001702333 R09: ffffed1001702333 [ 94.147831] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff888012e97c00 [ 94.148457] R13: ffff88800b8119e8 R14: ffffffff8352e670 R15: ffff888011e97e68 [ 94.149079] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.149784] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.150292] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 94.150949] PKRU: 55555554 [ 94.151210] Call Trace: [ 94.151438] [ 94.151641] __iommufd_access_detach+0x1c2/0x2b0 [ 94.152074] iommufd_access_change_pt+0x149/0x270 [ 94.152506] iommufd_access_replace+0xb4/0x120 [ 94.152922] iommufd_test+0x3e5/0x37e0 [ 94.153264] ? lock_release+0x532/0x770 [ 94.153634] ? __might_fault+0x102/0x1b0 [ 94.154023] ? lock_acquire+0x427/0x4c0 [ 94.154414] ? __pfx_iommufd_test+0x10/0x10 [ 94.154855] ? __pfx_lock_release+0x10/0x10 [ 94.155300] ? __pfx_lock_acquire+0x10/0x10 [ 94.155719] ? write_comp_data+0x2f/0x90 [ 94.156113] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.156573] ? write_comp_data+0x2f/0x90 [ 94.156969] iommufd_fops_ioctl+0x37d/0x510 [ 94.157385] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.157852] ? write_comp_data+0x2f/0x90 [ 94.158253] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.158788] __x64_sys_ioctl+0x1a3/0x230 [ 94.159202] do_syscall_64+0x3b/0x90 [ 94.159565] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.160063] RIP: 0033:0x7f4b8743ee5d [ 94.160412] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.162101] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.162894] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.163564] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.164218] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.164868] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.165517] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.166174] [ 94.166389] irq event stamp: 0 [ 94.166726] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.167323] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.168092] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.168855] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.169428] ---[ end trace 0000000000000000 ]--- [ 94.172531] ------------[ cut here ]------------ [ 94.173078] WARNING: CPU: 0 PID: 819 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.174020] Modules linked in: [ 94.174323] CPU: 0 PID: 819 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.175231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.176280] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.176759] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.178494] RSP: 0018:ffff888011e97bd0 EFLAGS: 00010246 [ 94.179032] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 94.179712] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 94.180376] RBP: ffff888011e97be8 R08: ffffed1001702333 R09: ffffed1001702333 [ 94.181039] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff888021bc5c00 [ 94.181706] R13: ffff88800b8119e8 R14: ffff88800f0e4f00 R15: 0000000000000000 [ 94.182369] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.183174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.183735] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.184404] PKRU: 55555554 [ 94.184671] Call Trace: [ 94.184914] [ 94.185132] iommufd_access_destroy_object+0x65/0x170 [ 94.185620] iommufd_object_destroy_user+0x18e/0x220 [ 94.186101] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.186690] iommufd_access_destroy+0x43/0x70 [ 94.187168] iommufd_test_staccess_release+0x8d/0xd0 [ 94.187667] __fput+0x26d/0xa40 [ 94.188011] ____fput+0x1e/0x30 [ 94.188338] task_work_run+0x1a4/0x2d0 [ 94.188729] ? __pfx_task_work_run+0x10/0x10 [ 94.189161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.189622] ? switch_task_namespaces+0xa9/0xe0 [ 94.190072] do_exit+0xb17/0x2ef0 [ 94.190394] ? lock_acquire+0x427/0x4c0 [ 94.190823] ? __pfx_lock_release+0x10/0x10 [ 94.191253] ? __kasan_check_write+0x18/0x20 [ 94.191676] ? do_raw_spin_lock+0x132/0x2a0 [ 94.192080] ? __pfx_do_exit+0x10/0x10 [ 94.192455] ? debug_smp_processor_id+0x20/0x30 [ 94.192897] ? rcu_is_watching+0x19/0xb0 [ 94.193285] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.193710] ? trace_hardirqs_on+0x26/0x120 [ 94.194114] do_group_exit+0xe0/0x2b0 [ 94.194480] __x64_sys_exit_group+0x47/0x50 [ 94.194924] do_syscall_64+0x3b/0x90 [ 94.195294] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.195771] RIP: 0033:0x7f4b87518a4d [ 94.196117] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.196688] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.197405] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.198071] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.198765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.199461] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.200130] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.200806] [ 94.201034] irq event stamp: 0 [ 94.201329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.201912] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.202731] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.203524] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.204114] ---[ end trace 0000000000000000 ]--- [ 94.205021] ------------[ cut here ]------------ [ 94.205470] WARNING: CPU: 0 PID: 819 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.206424] Modules linked in: [ 94.206787] CPU: 0 PID: 819 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.207609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.208628] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.209099] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.210783] RSP: 0018:ffff888011e97b78 EFLAGS: 00010246 [ 94.211287] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.211931] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 94.212573] RBP: ffff888011e97b98 R08: ffffed100170233e R09: ffffed100170233e [ 94.213222] R10: ffff88800b8119ef R11: ffffed100170233d R12: ffff88800b811a90 [ 94.213866] R13: ffff88800b8118a8 R14: ffffffffffffffff R15: ffff888011e97c60 [ 94.214554] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.215301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.215822] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.216477] PKRU: 55555554 [ 94.216736] Call Trace: [ 94.216973] [ 94.217165] iommufd_ioas_destroy+0x53/0x70 [ 94.217546] iommufd_fops_release+0x1f7/0x370 [ 94.217965] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.218424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.218941] ? write_comp_data+0x2f/0x90 [ 94.219349] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.219814] __fput+0x26d/0xa40 [ 94.220135] ____fput+0x1e/0x30 [ 94.220445] task_work_run+0x1a4/0x2d0 [ 94.220808] ? __pfx_task_work_run+0x10/0x10 [ 94.221210] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.221647] ? switch_task_namespaces+0xa9/0xe0 [ 94.222058] do_exit+0xb17/0x2ef0 [ 94.222359] ? lock_acquire+0x427/0x4c0 [ 94.222750] ? __pfx_lock_release+0x10/0x10 [ 94.223140] ? __kasan_check_write+0x18/0x20 [ 94.223529] ? do_raw_spin_lock+0x132/0x2a0 [ 94.223905] ? __pfx_do_exit+0x10/0x10 [ 94.224303] ? debug_smp_processor_id+0x20/0x30 [ 94.224932] ? rcu_is_watching+0x19/0xb0 [ 94.225294] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.225691] ? trace_hardirqs_on+0x26/0x120 [ 94.226068] do_group_exit+0xe0/0x2b0 [ 94.226443] __x64_sys_exit_group+0x47/0x50 [ 94.226999] do_syscall_64+0x3b/0x90 [ 94.227342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.227798] RIP: 0033:0x7f4b87518a4d [ 94.228117] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.228638] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.229284] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.229885] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.230484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.231119] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.231728] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.232346] [ 94.232547] irq event stamp: 0 [ 94.232823] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.233600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.234316] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.235062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.235622] ---[ end trace 0000000000000000 ]--- [ 94.239886] ------------[ cut here ]------------ [ 94.240349] WARNING: CPU: 0 PID: 820 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.241372] Modules linked in: [ 94.241654] CPU: 0 PID: 820 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.242396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.243622] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.244053] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.245601] RSP: 0018:ffff8880178cfbb8 EFLAGS: 00010246 [ 94.246053] RAX: 0000000000000000 RBX: ffff8880102af0a8 RCX: 0000000000000000 [ 94.246692] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 94.247311] RBP: ffff8880178cfbd0 R08: ffffed1002055e33 R09: ffffed1002055e33 [ 94.247930] R10: ffff8880102af193 R11: ffffed1002055e32 R12: ffff8880189e2400 [ 94.248535] R13: ffff8880102af1e8 R14: ffffffff8352e670 R15: ffff8880178cfe68 [ 94.249139] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.249825] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.250321] CR2: 00007f4b877410e8 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 94.250958] PKRU: 55555554 [ 94.251230] Call Trace: [ 94.251451] [ 94.251648] __iommufd_access_detach+0x1c2/0x2b0 [ 94.252083] iommufd_access_change_pt+0x149/0x270 [ 94.252506] iommufd_access_replace+0xb4/0x120 [ 94.252911] iommufd_test+0x3e5/0x37e0 [ 94.253249] ? lock_release+0x532/0x770 [ 94.253602] ? __might_fault+0x102/0x1b0 [ 94.253958] ? lock_acquire+0x427/0x4c0 [ 94.254311] ? __pfx_iommufd_test+0x10/0x10 [ 94.254708] ? __pfx_lock_release+0x10/0x10 [ 94.255092] ? __pfx_lock_acquire+0x10/0x10 [ 94.255485] ? write_comp_data+0x2f/0x90 [ 94.255845] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.256265] ? write_comp_data+0x2f/0x90 [ 94.256629] iommufd_fops_ioctl+0x37d/0x510 [ 94.257006] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.257435] ? write_comp_data+0x2f/0x90 [ 94.257793] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.258215] __x64_sys_ioctl+0x1a3/0x230 [ 94.258606] do_syscall_64+0x3b/0x90 [ 94.258946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.259410] RIP: 0033:0x7f4b8743ee5d [ 94.259731] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.261315] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.261967] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.262605] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.263220] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.263833] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.264440] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.265053] [ 94.265257] irq event stamp: 0 [ 94.265532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.266072] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.266818] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.267548] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.268088] ---[ end trace 0000000000000000 ]--- [ 94.271238] ------------[ cut here ]------------ [ 94.271707] WARNING: CPU: 0 PID: 820 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.272709] Modules linked in: [ 94.272983] CPU: 0 PID: 820 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.273709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.275096] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.275539] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.277060] RSP: 0018:ffff8880178cfbd0 EFLAGS: 00010246 [ 94.277704] RAX: 0000000000000000 RBX: ffff8880102af0a8 RCX: 0000000000000000 [ 94.278310] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 94.278929] RBP: ffff8880178cfbe8 R08: ffffed1002055e33 R09: ffffed1002055e33 [ 94.279533] R10: ffff8880102af193 R11: ffffed1002055e32 R12: ffff888012e94c00 [ 94.280314] R13: ffff8880102af1e8 R14: ffff888013d44600 R15: 0000000000000000 [ 94.280911] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.281580] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.282093] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.282833] PKRU: 55555554 [ 94.283072] Call Trace: [ 94.283309] [ 94.283500] iommufd_access_destroy_object+0x65/0x170 [ 94.283949] iommufd_object_destroy_user+0x18e/0x220 [ 94.284385] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.284950] iommufd_access_destroy+0x43/0x70 [ 94.285413] iommufd_test_staccess_release+0x8d/0xd0 [ 94.285831] __fput+0x26d/0xa40 [ 94.286116] ____fput+0x1e/0x30 [ 94.286394] task_work_run+0x1a4/0x2d0 [ 94.286742] ? __pfx_task_work_run+0x10/0x10 [ 94.287257] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.287660] ? switch_task_namespaces+0xa9/0xe0 [ 94.288052] do_exit+0xb17/0x2ef0 [ 94.288339] ? lock_acquire+0x427/0x4c0 [ 94.288673] ? __pfx_lock_release+0x10/0x10 [ 94.289028] ? __kasan_check_write+0x18/0x20 [ 94.289386] ? do_raw_spin_lock+0x132/0x2a0 [ 94.289767] ? __pfx_do_exit+0x10/0x10 [ 94.290213] ? debug_smp_processor_id+0x20/0x30 [ 94.290617] ? rcu_is_watching+0x19/0xb0 [ 94.290952] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.291335] ? trace_hardirqs_on+0x26/0x120 [ 94.291700] do_group_exit+0xe0/0x2b0 [ 94.292041] __x64_sys_exit_group+0x47/0x50 [ 94.292522] do_syscall_64+0x3b/0x90 [ 94.292836] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.293259] RIP: 0033:0x7f4b87518a4d [ 94.293560] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.294053] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.294683] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.295267] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.295914] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.296586] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.297305] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.297892] [ 94.298083] irq event stamp: 0 [ 94.298339] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.298863] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.299560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.300229] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.300738] ---[ end trace 0000000000000000 ]--- [ 94.301595] ------------[ cut here ]------------ [ 94.301982] WARNING: CPU: 0 PID: 820 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.302995] Modules linked in: [ 94.303268] CPU: 0 PID: 820 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.303971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.304867] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.305279] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.306755] RSP: 0018:ffff8880178cfb78 EFLAGS: 00010246 [ 94.307197] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.307765] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 94.308337] RBP: ffff8880178cfb98 R08: ffffed1002055e3e R09: ffffed1002055e3e [ 94.308905] R10: ffff8880102af1ef R11: ffffed1002055e3d R12: ffff8880102af290 [ 94.309470] R13: ffff8880102af0a8 R14: ffffffffffffffff R15: ffff8880178cfc60 [ 94.310043] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.310709] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.311181] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.311751] PKRU: 55555554 [ 94.311982] Call Trace: [ 94.312188] [ 94.312372] iommufd_ioas_destroy+0x53/0x70 [ 94.312729] iommufd_fops_release+0x1f7/0x370 [ 94.313098] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.313504] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.313902] ? write_comp_data+0x2f/0x90 [ 94.314243] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.314666] __fput+0x26d/0xa40 [ 94.314947] ____fput+0x1e/0x30 [ 94.315241] task_work_run+0x1a4/0x2d0 [ 94.315568] ? __pfx_task_work_run+0x10/0x10 [ 94.315939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.316353] ? switch_task_namespaces+0xa9/0xe0 [ 94.316741] do_exit+0xb17/0x2ef0 [ 94.317021] ? lock_acquire+0x427/0x4c0 [ 94.317351] ? __pfx_lock_release+0x10/0x10 [ 94.317703] ? __kasan_check_write+0x18/0x20 [ 94.318062] ? do_raw_spin_lock+0x132/0x2a0 [ 94.318413] ? __pfx_do_exit+0x10/0x10 [ 94.318765] ? debug_smp_processor_id+0x20/0x30 [ 94.319152] ? rcu_is_watching+0x19/0xb0 [ 94.319485] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.319858] ? trace_hardirqs_on+0x26/0x120 [ 94.320213] do_group_exit+0xe0/0x2b0 [ 94.320525] __x64_sys_exit_group+0x47/0x50 [ 94.320876] do_syscall_64+0x3b/0x90 [ 94.321184] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.321607] RIP: 0033:0x7f4b87518a4d [ 94.321908] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.322400] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.323034] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.323619] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.324189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.324757] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.325331] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.325917] [ 94.326109] irq event stamp: 0 [ 94.326363] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.326892] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.327570] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.328241] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.328744] ---[ end trace 0000000000000000 ]--- [ 94.333096] ------------[ cut here ]------------ [ 94.333493] WARNING: CPU: 0 PID: 821 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.334489] Modules linked in: [ 94.334782] CPU: 0 PID: 821 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.335487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.336393] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.336966] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.338419] RSP: 0018:ffff888011e97bb8 EFLAGS: 00010246 [ 94.338882] RAX: 0000000000000000 RBX: ffff8880218af0a8 RCX: 0000000000000000 [ 94.339460] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 94.340029] RBP: ffff888011e97bd0 R08: ffffed1004315e33 R09: ffffed1004315e33 [ 94.340597] R10: ffff8880218af193 R11: ffffed1004315e32 R12: ffff888012ea8400 [ 94.341163] R13: ffff8880218af1e8 R14: ffffffff8352e670 R15: ffff888011e97e68 [ 94.341732] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.342377] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.342870] CR2: 00007f4b877410e8 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 94.343457] PKRU: 55555554 [ 94.343689] Call Trace: [ 94.343896] [ 94.344079] __iommufd_access_detach+0x1c2/0x2b0 [ 94.344475] iommufd_access_change_pt+0x149/0x270 [ 94.344877] iommufd_access_replace+0xb4/0x120 [ 94.345331] iommufd_test+0x3e5/0x37e0 [ 94.345767] ? lock_release+0x532/0x770 [ 94.346103] ? __might_fault+0x102/0x1b0 [ 94.346439] ? lock_acquire+0x427/0x4c0 [ 94.346801] ? __pfx_iommufd_test+0x10/0x10 [ 94.347177] ? __pfx_lock_release+0x10/0x10 [ 94.347537] ? __pfx_lock_acquire+0x10/0x10 [ 94.347900] ? write_comp_data+0x2f/0x90 [ 94.348277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.348795] ? write_comp_data+0x2f/0x90 [ 94.349139] iommufd_fops_ioctl+0x37d/0x510 [ 94.349496] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.349897] ? write_comp_data+0x2f/0x90 [ 94.350257] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.350810] __x64_sys_ioctl+0x1a3/0x230 [ 94.351160] do_syscall_64+0x3b/0x90 [ 94.351472] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.351904] RIP: 0033:0x7f4b8743ee5d [ 94.352206] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.353858] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.354470] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.355095] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.355703] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.356424] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.356991] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.357570] [ 94.357774] irq event stamp: 0 [ 94.358091] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.358683] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.359362] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.360032] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.360712] ---[ end trace 0000000000000000 ]--- [ 94.363706] ------------[ cut here ]------------ [ 94.364108] WARNING: CPU: 0 PID: 821 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.365140] Modules linked in: [ 94.365399] CPU: 0 PID: 821 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.366092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.367193] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.367600] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.369059] RSP: 0018:ffff888011e97bd0 EFLAGS: 00010246 [ 94.369489] RAX: 0000000000000000 RBX: ffff8880218af0a8 RCX: 0000000000000000 [ 94.370054] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 94.370650] RBP: ffff888011e97be8 R08: ffffed1004315e33 R09: ffffed1004315e33 [ 94.371223] R10: ffff8880218af193 R11: ffffed1004315e32 R12: ffff8880189e0800 [ 94.371780] R13: ffff8880218af1e8 R14: ffff888014aa0b00 R15: 0000000000000000 [ 94.372352] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.372997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.373462] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 94.374034] PKRU: 55555554 [ 94.374262] Call Trace: [ 94.374469] [ 94.374675] iommufd_access_destroy_object+0x65/0x170 [ 94.375102] iommufd_object_destroy_user+0x18e/0x220 [ 94.375530] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.376003] iommufd_access_destroy+0x43/0x70 [ 94.376376] iommufd_test_staccess_release+0x8d/0xd0 [ 94.376797] __fput+0x26d/0xa40 [ 94.377081] ____fput+0x1e/0x30 [ 94.377359] task_work_run+0x1a4/0x2d0 [ 94.377686] ? __pfx_task_work_run+0x10/0x10 [ 94.378047] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.378450] ? switch_task_namespaces+0xa9/0xe0 [ 94.378869] do_exit+0xb17/0x2ef0 [ 94.379172] ? lock_acquire+0x427/0x4c0 [ 94.379504] ? __pfx_lock_release+0x10/0x10 [ 94.379862] ? __kasan_check_write+0x18/0x20 [ 94.380222] ? do_raw_spin_lock+0x132/0x2a0 [ 94.380571] ? __pfx_do_exit+0x10/0x10 [ 94.380894] ? debug_smp_processor_id+0x20/0x30 [ 94.381276] ? rcu_is_watching+0x19/0xb0 [ 94.381608] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.381981] ? trace_hardirqs_on+0x26/0x120 [ 94.382334] do_group_exit+0xe0/0x2b0 [ 94.382669] __x64_sys_exit_group+0x47/0x50 [ 94.383024] do_syscall_64+0x3b/0x90 [ 94.383341] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.383765] RIP: 0033:0x7f4b87518a4d [ 94.384067] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.384559] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.385173] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.385739] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.386307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.386901] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.387481] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.388059] [ 94.388248] irq event stamp: 0 [ 94.388499] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.389003] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.389672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.390336] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.390859] ---[ end trace 0000000000000000 ]--- [ 94.391670] ------------[ cut here ]------------ [ 94.392249] WARNING: CPU: 0 PID: 821 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.393039] Modules linked in: [ 94.393291] CPU: 0 PID: 821 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.393971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.395098] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.395518] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.397014] RSP: 0018:ffff888011e97b78 EFLAGS: 00010246 [ 94.397595] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.398155] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 94.398737] RBP: ffff888011e97b98 R08: ffffed1004315e3e R09: ffffed1004315e3e [ 94.399303] R10: ffff8880218af1ef R11: ffffed1004315e3d R12: ffff8880218af290 [ 94.400008] R13: ffff8880218af0a8 R14: ffffffffffffffff R15: ffff888011e97c60 [ 94.400562] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.401188] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.401658] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 94.402334] PKRU: 55555554 [ 94.402580] Call Trace: [ 94.402785] [ 94.402962] iommufd_ioas_destroy+0x53/0x70 [ 94.403316] iommufd_fops_release+0x1f7/0x370 [ 94.403678] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.404076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.404497] ? write_comp_data+0x2f/0x90 [ 94.404957] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.405353] __fput+0x26d/0xa40 [ 94.405624] ____fput+0x1e/0x30 [ 94.405891] task_work_run+0x1a4/0x2d0 [ 94.406209] ? __pfx_task_work_run+0x10/0x10 [ 94.406615] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.407080] ? switch_task_namespaces+0xa9/0xe0 [ 94.407469] do_exit+0xb17/0x2ef0 [ 94.407744] ? lock_acquire+0x427/0x4c0 [ 94.408065] ? __pfx_lock_release+0x10/0x10 [ 94.408471] ? __kasan_check_write+0x18/0x20 [ 94.408823] ? do_raw_spin_lock+0x132/0x2a0 [ 94.409165] ? __pfx_do_exit+0x10/0x10 [ 94.409552] ? debug_smp_processor_id+0x20/0x30 [ 94.410018] ? rcu_is_watching+0x19/0xb0 [ 94.410340] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.410729] ? trace_hardirqs_on+0x26/0x120 [ 94.411075] do_group_exit+0xe0/0x2b0 [ 94.411394] __x64_sys_exit_group+0x47/0x50 [ 94.411878] do_syscall_64+0x3b/0x90 [ 94.412181] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.412593] RIP: 0033:0x7f4b87518a4d [ 94.412886] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.413365] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.414110] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.414684] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.415246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.415870] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.416517] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.417081] [ 94.417268] irq event stamp: 0 [ 94.417517] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.418168] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.418841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.419501] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.420008] ---[ end trace 0000000000000000 ]--- [ 94.425846] ------------[ cut here ]------------ [ 94.426230] WARNING: CPU: 0 PID: 822 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.427087] Modules linked in: [ 94.427450] CPU: 0 PID: 822 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.428126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.429075] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.429468] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.430897] RSP: 0018:ffff888014227bb8 EFLAGS: 00010246 [ 94.431323] RAX: 0000000000000000 RBX: ffff888020c150a8 RCX: 0000000000000000 [ 94.431873] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 94.432422] RBP: ffff888014227bd0 R08: ffffed1004182a33 R09: ffffed1004182a33 [ 94.432975] R10: ffff888020c15193 R11: ffffed1004182a32 R12: ffff888021bb4800 [ 94.433529] R13: ffff888020c151e8 R14: ffffffff8352e670 R15: ffff888014227e68 [ 94.434078] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.434726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.435189] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 94.435751] PKRU: 55555554 [ 94.435974] Call Trace: [ 94.436175] [ 94.436352] __iommufd_access_detach+0x1c2/0x2b0 [ 94.436739] iommufd_access_change_pt+0x149/0x270 [ 94.437128] iommufd_access_replace+0xb4/0x120 [ 94.437494] iommufd_test+0x3e5/0x37e0 [ 94.437800] ? lock_release+0x532/0x770 [ 94.438126] ? __might_fault+0x102/0x1b0 [ 94.438457] ? lock_acquire+0x427/0x4c0 [ 94.438807] ? __pfx_iommufd_test+0x10/0x10 [ 94.439157] ? __pfx_lock_release+0x10/0x10 [ 94.439502] ? __pfx_lock_acquire+0x10/0x10 [ 94.439855] ? write_comp_data+0x2f/0x90 [ 94.440180] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.440564] ? write_comp_data+0x2f/0x90 [ 94.440894] iommufd_fops_ioctl+0x37d/0x510 [ 94.441238] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.441623] ? write_comp_data+0x2f/0x90 [ 94.441952] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.442335] __x64_sys_ioctl+0x1a3/0x230 [ 94.442682] do_syscall_64+0x3b/0x90 [ 94.442984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.443415] RIP: 0033:0x7f4b8743ee5d [ 94.443717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.445143] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.445735] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.446293] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.446874] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.447438] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.447996] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.448559] [ 94.448746] irq event stamp: 0 [ 94.448994] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.449487] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.450145] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.450817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.451319] ---[ end trace 0000000000000000 ]--- [ 94.454280] ------------[ cut here ]------------ [ 94.454861] WARNING: CPU: 0 PID: 822 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.455664] Modules linked in: [ 94.455918] CPU: 0 PID: 822 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.456592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.457539] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.458000] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.459520] RSP: 0018:ffff888014227bd0 EFLAGS: 00010246 [ 94.460028] RAX: 0000000000000000 RBX: ffff888020c150a8 RCX: 0000000000000000 [ 94.460585] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 94.461195] RBP: ffff888014227be8 R08: ffffed1004182a33 R09: ffffed1004182a33 [ 94.461772] R10: ffff888020c15193 R11: ffffed1004182a32 R12: ffff888012ea8000 [ 94.462444] R13: ffff888020c151e8 R14: ffff888014589f00 R15: 0000000000000000 [ 94.463022] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.463661] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.464112] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.464664] PKRU: 55555554 [ 94.464886] Call Trace: [ 94.465086] [ 94.465264] iommufd_access_destroy_object+0x65/0x170 [ 94.465672] iommufd_object_destroy_user+0x18e/0x220 [ 94.466075] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.466558] iommufd_access_destroy+0x43/0x70 [ 94.466923] iommufd_test_staccess_release+0x8d/0xd0 [ 94.467334] __fput+0x26d/0xa40 [ 94.467610] ____fput+0x1e/0x30 [ 94.467878] task_work_run+0x1a4/0x2d0 [ 94.468191] ? __pfx_task_work_run+0x10/0x10 [ 94.468541] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.468931] ? switch_task_namespaces+0xa9/0xe0 [ 94.469486] do_exit+0xb17/0x2ef0 [ 94.469765] ? lock_acquire+0x427/0x4c0 [ 94.470088] ? __pfx_lock_release+0x10/0x10 [ 94.470431] ? __kasan_check_write+0x18/0x20 [ 94.470812] ? do_raw_spin_lock+0x132/0x2a0 [ 94.471163] ? __pfx_do_exit+0x10/0x10 [ 94.471480] ? debug_smp_processor_id+0x20/0x30 [ 94.471925] ? rcu_is_watching+0x19/0xb0 [ 94.472339] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.472702] ? trace_hardirqs_on+0x26/0x120 [ 94.473046] do_group_exit+0xe0/0x2b0 [ 94.473348] __x64_sys_exit_group+0x47/0x50 [ 94.473683] do_syscall_64+0x3b/0x90 [ 94.473983] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.474394] RIP: 0033:0x7f4b87518a4d [ 94.474708] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.475207] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.475803] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.476512] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.477071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.477763] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.478317] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.479035] [ 94.479230] irq event stamp: 0 [ 94.479482] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.479972] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.480790] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.481443] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.482067] ---[ end trace 0000000000000000 ]--- [ 94.482795] ------------[ cut here ]------------ [ 94.483205] WARNING: CPU: 0 PID: 822 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.484083] Modules linked in: [ 94.484348] CPU: 0 PID: 822 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.485137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.486009] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.486409] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.487930] RSP: 0018:ffff888014227b78 EFLAGS: 00010246 [ 94.488427] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.488981] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 94.489704] RBP: ffff888014227b98 R08: ffffed1004182a3e R09: ffffed1004182a3e [ 94.490317] R10: ffff888020c151ef R11: ffffed1004182a3d R12: ffff888020c15290 [ 94.491003] R13: ffff888020c150a8 R14: ffffffffffffffff R15: ffff888014227c60 [ 94.491658] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.492390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.493026] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.493597] PKRU: 55555554 [ 94.493828] Call Trace: [ 94.494102] [ 94.494372] iommufd_ioas_destroy+0x53/0x70 [ 94.494750] iommufd_fops_release+0x1f7/0x370 [ 94.495131] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.495691] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.496102] ? write_comp_data+0x2f/0x90 [ 94.496442] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.496985] __fput+0x26d/0xa40 [ 94.497268] ____fput+0x1e/0x30 [ 94.497547] task_work_run+0x1a4/0x2d0 [ 94.497942] ? __pfx_task_work_run+0x10/0x10 [ 94.498457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.498877] ? switch_task_namespaces+0xa9/0xe0 [ 94.499447] do_exit+0xb17/0x2ef0 [ 94.499731] ? lock_acquire+0x427/0x4c0 [ 94.500063] ? __pfx_lock_release+0x10/0x10 [ 94.500483] ? __kasan_check_write+0x18/0x20 [ 94.500941] ? do_raw_spin_lock+0x132/0x2a0 [ 94.501295] ? __pfx_do_exit+0x10/0x10 [ 94.501689] ? debug_smp_processor_id+0x20/0x30 [ 94.502176] ? rcu_is_watching+0x19/0xb0 [ 94.502524] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.502965] ? trace_hardirqs_on+0x26/0x120 [ 94.503402] do_group_exit+0xe0/0x2b0 [ 94.503723] __x64_sys_exit_group+0x47/0x50 [ 94.504093] do_syscall_64+0x3b/0x90 [ 94.504555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.504985] RIP: 0033:0x7f4b87518a4d [ 94.505305] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.505955] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.506618] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.507322] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.507963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.508636] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.509282] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.509961] [ 94.510153] irq event stamp: 0 [ 94.510581] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.511088] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.511961] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.512635] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.513316] ---[ end trace 0000000000000000 ]--- [ 94.518785] ------------[ cut here ]------------ [ 94.519232] WARNING: CPU: 1 PID: 823 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.520059] Modules linked in: [ 94.520325] CPU: 1 PID: 823 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.521038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.521962] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.522374] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.524097] RSP: 0018:ffff888020d67bb8 EFLAGS: 00010246 [ 94.524539] RAX: 0000000000000000 RBX: ffff888016c550a8 RCX: 0000000000000000 [ 94.525125] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 94.525710] RBP: ffff888020d67bd0 R08: ffffed1002d8aa33 R09: ffffed1002d8aa33 [ 94.526296] R10: ffff888016c55193 R11: ffffed1002d8aa32 R12: ffff888016c99000 [ 94.526896] R13: ffff888016c551e8 R14: ffffffff8352e670 R15: ffff888020d67e68 [ 94.527492] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.528157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.528643] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 94.529240] PKRU: 55555554 [ 94.529480] Call Trace: [ 94.529691] [ 94.529886] __iommufd_access_detach+0x1c2/0x2b0 [ 94.530299] iommufd_access_change_pt+0x149/0x270 [ 94.530731] iommufd_access_replace+0xb4/0x120 [ 94.531127] iommufd_test+0x3e5/0x37e0 [ 94.531453] ? lock_release+0x532/0x770 [ 94.531803] ? __might_fault+0x102/0x1b0 [ 94.532150] ? lock_acquire+0x427/0x4c0 [ 94.532489] ? __pfx_iommufd_test+0x10/0x10 [ 94.532846] ? __pfx_lock_release+0x10/0x10 [ 94.533213] ? __pfx_lock_acquire+0x10/0x10 [ 94.533576] ? write_comp_data+0x2f/0x90 [ 94.533918] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.534322] ? write_comp_data+0x2f/0x90 [ 94.534688] iommufd_fops_ioctl+0x37d/0x510 [ 94.535051] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.535465] ? write_comp_data+0x2f/0x90 [ 94.535813] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.536209] __x64_sys_ioctl+0x1a3/0x230 [ 94.536555] do_syscall_64+0x3b/0x90 [ 94.536873] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.537303] RIP: 0033:0x7f4b8743ee5d [ 94.537608] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.539142] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.539766] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.540342] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.540919] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.541498] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.542078] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.542688] [ 94.542883] irq event stamp: 0 [ 94.543148] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.543665] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.544347] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.545024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.545533] ---[ end trace 0000000000000000 ]--- [ 94.548413] ------------[ cut here ]------------ [ 94.548831] WARNING: CPU: 1 PID: 823 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.549643] Modules linked in: [ 94.549908] CPU: 1 PID: 823 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.550661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.551584] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.551990] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.553474] RSP: 0018:ffff888020d67bd0 EFLAGS: 00010246 [ 94.553909] RAX: 0000000000000000 RBX: ffff888016c550a8 RCX: 0000000000000000 [ 94.554478] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 94.555077] RBP: ffff888020d67be8 R08: ffffed1002d8aa33 R09: ffffed1002d8aa33 [ 94.555673] R10: ffff888016c55193 R11: ffffed1002d8aa32 R12: ffff888013b15800 [ 94.556254] R13: ffff888016c551e8 R14: ffff88800f046d00 R15: 0000000000000000 [ 94.556827] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.557482] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.557952] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 94.558547] PKRU: 55555554 [ 94.558779] Call Trace: [ 94.558992] [ 94.559185] iommufd_access_destroy_object+0x65/0x170 [ 94.559621] iommufd_object_destroy_user+0x18e/0x220 [ 94.560043] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.560526] iommufd_access_destroy+0x43/0x70 [ 94.560905] iommufd_test_staccess_release+0x8d/0xd0 [ 94.561330] __fput+0x26d/0xa40 [ 94.561617] ____fput+0x1e/0x30 [ 94.561900] task_work_run+0x1a4/0x2d0 [ 94.562231] ? __pfx_task_work_run+0x10/0x10 [ 94.562616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.563025] ? switch_task_namespaces+0xa9/0xe0 [ 94.563428] do_exit+0xb17/0x2ef0 [ 94.563720] ? lock_acquire+0x427/0x4c0 [ 94.564058] ? __pfx_lock_release+0x10/0x10 [ 94.564417] ? __kasan_check_write+0x18/0x20 [ 94.564783] ? do_raw_spin_lock+0x132/0x2a0 [ 94.565141] ? __pfx_do_exit+0x10/0x10 [ 94.565469] ? debug_smp_processor_id+0x20/0x30 [ 94.565858] ? rcu_is_watching+0x19/0xb0 [ 94.566194] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.566589] ? trace_hardirqs_on+0x26/0x120 [ 94.566954] do_group_exit+0xe0/0x2b0 [ 94.567280] __x64_sys_exit_group+0x47/0x50 [ 94.567635] do_syscall_64+0x3b/0x90 [ 94.567949] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.568380] RIP: 0033:0x7f4b87518a4d [ 94.568686] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.569185] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.569805] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.570379] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.570975] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.571562] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.572145] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.572737] [ 94.572936] irq event stamp: 0 [ 94.573195] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.573714] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.574400] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.575117] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.575637] ---[ end trace 0000000000000000 ]--- [ 94.576358] ------------[ cut here ]------------ [ 94.576747] WARNING: CPU: 1 PID: 823 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.577577] Modules linked in: [ 94.577842] CPU: 1 PID: 823 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.578573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.579500] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.579925] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.581406] RSP: 0018:ffff888020d67b78 EFLAGS: 00010246 [ 94.581844] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.582428] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 94.583032] RBP: ffff888020d67b98 R08: ffffed1002d8aa3e R09: ffffed1002d8aa3e [ 94.583623] R10: ffff888016c551ef R11: ffffed1002d8aa3d R12: ffff888016c55290 [ 94.584206] R13: ffff888016c550a8 R14: ffffffffffffffff R15: ffff888020d67c60 [ 94.584789] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.585445] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.585922] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 94.586499] PKRU: 55555554 [ 94.586759] Call Trace: [ 94.586969] [ 94.587164] iommufd_ioas_destroy+0x53/0x70 [ 94.587531] iommufd_fops_release+0x1f7/0x370 [ 94.587908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.588321] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.588736] ? write_comp_data+0x2f/0x90 [ 94.589084] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.589495] __fput+0x26d/0xa40 [ 94.589782] ____fput+0x1e/0x30 [ 94.590068] task_work_run+0x1a4/0x2d0 [ 94.590398] ? __pfx_task_work_run+0x10/0x10 [ 94.590785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.591204] ? switch_task_namespaces+0xa9/0xe0 [ 94.591598] do_exit+0xb17/0x2ef0 [ 94.591883] ? lock_acquire+0x427/0x4c0 [ 94.592220] ? __pfx_lock_release+0x10/0x10 [ 94.592582] ? __kasan_check_write+0x18/0x20 [ 94.592948] ? do_raw_spin_lock+0x132/0x2a0 [ 94.593300] ? __pfx_do_exit+0x10/0x10 [ 94.593628] ? debug_smp_processor_id+0x20/0x30 [ 94.594014] ? rcu_is_watching+0x19/0xb0 [ 94.594348] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.594747] ? trace_hardirqs_on+0x26/0x120 [ 94.595128] do_group_exit+0xe0/0x2b0 [ 94.595448] __x64_sys_exit_group+0x47/0x50 [ 94.595801] do_syscall_64+0x3b/0x90 [ 94.596114] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.596545] RIP: 0033:0x7f4b87518a4d [ 94.596851] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.597353] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.597972] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.598573] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.599163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.599735] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.600295] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.600860] [ 94.601047] irq event stamp: 0 [ 94.601300] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.601799] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.602457] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.603141] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.603646] ---[ end trace 0000000000000000 ]--- [ 94.608095] ------------[ cut here ]------------ [ 94.608503] WARNING: CPU: 1 PID: 824 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.609287] Modules linked in: [ 94.609539] CPU: 1 PID: 824 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.610214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.611143] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.611534] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.612957] RSP: 0018:ffff88801622fbb8 EFLAGS: 00010246 [ 94.613374] RAX: 0000000000000000 RBX: ffff888012be00a8 RCX: 0000000000000000 [ 94.613927] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 94.614481] RBP: ffff88801622fbd0 R08: ffffed100257c033 R09: ffffed100257c033 [ 94.615047] R10: ffff888012be0193 R11: ffffed100257c032 R12: ffff888018479000 [ 94.615611] R13: ffff888012be01e8 R14: ffffffff8352e670 R15: ffff88801622fe68 [ 94.616166] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.616792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.617251] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 94.617808] PKRU: 55555554 [ 94.618029] Call Trace: [ 94.618228] [ 94.618406] __iommufd_access_detach+0x1c2/0x2b0 [ 94.618804] iommufd_access_change_pt+0x149/0x270 [ 94.619205] iommufd_access_replace+0xb4/0x120 [ 94.619581] iommufd_test+0x3e5/0x37e0 [ 94.619889] ? lock_release+0x532/0x770 [ 94.620212] ? __might_fault+0x102/0x1b0 [ 94.620540] ? lock_acquire+0x427/0x4c0 [ 94.620865] ? __pfx_iommufd_test+0x10/0x10 [ 94.621208] ? __pfx_lock_release+0x10/0x10 [ 94.621554] ? __pfx_lock_acquire+0x10/0x10 [ 94.621905] ? write_comp_data+0x2f/0x90 [ 94.622234] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.622636] ? write_comp_data+0x2f/0x90 [ 94.622975] iommufd_fops_ioctl+0x37d/0x510 [ 94.623327] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.623720] ? write_comp_data+0x2f/0x90 [ 94.624056] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.624453] __x64_sys_ioctl+0x1a3/0x230 [ 94.624794] do_syscall_64+0x3b/0x90 [ 94.625104] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.625520] RIP: 0033:0x7f4b8743ee5d [ 94.625814] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.627273] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.627877] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.628444] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.629002] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.629557] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.630112] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.630693] [ 94.630879] irq event stamp: 0 [ 94.631138] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.631637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.632298] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.632959] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.633459] ---[ end trace 0000000000000000 ]--- [ 94.636229] ------------[ cut here ]------------ [ 94.636636] WARNING: CPU: 1 PID: 824 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.637430] Modules linked in: [ 94.637683] CPU: 1 PID: 824 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.638363] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.639464] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.639872] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.641309] RSP: 0018:ffff88801622fbd0 EFLAGS: 00010246 [ 94.641750] RAX: 0000000000000000 RBX: ffff888012be00a8 RCX: 0000000000000000 [ 94.642326] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 94.642934] RBP: ffff88801622fbe8 R08: ffffed100257c033 R09: ffffed100257c033 [ 94.643536] R10: ffff888012be0193 R11: ffffed100257c032 R12: ffff888016c98400 [ 94.644133] R13: ffff888012be01e8 R14: ffff8880121ea600 R15: 0000000000000000 [ 94.644722] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.645397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.645888] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 94.646477] PKRU: 55555554 [ 94.646744] Call Trace: [ 94.646961] [ 94.647161] iommufd_access_destroy_object+0x65/0x170 [ 94.647600] iommufd_object_destroy_user+0x18e/0x220 [ 94.648032] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.648517] iommufd_access_destroy+0x43/0x70 [ 94.648906] iommufd_test_staccess_release+0x8d/0xd0 [ 94.649340] __fput+0x26d/0xa40 [ 94.649632] ____fput+0x1e/0x30 [ 94.649917] task_work_run+0x1a4/0x2d0 [ 94.650254] ? __pfx_task_work_run+0x10/0x10 [ 94.650657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.651074] ? switch_task_namespaces+0xa9/0xe0 [ 94.651492] do_exit+0xb17/0x2ef0 [ 94.651789] ? lock_acquire+0x427/0x4c0 [ 94.652132] ? __pfx_lock_release+0x10/0x10 [ 94.652499] ? __kasan_check_write+0x18/0x20 [ 94.652874] ? do_raw_spin_lock+0x132/0x2a0 [ 94.653237] ? __pfx_do_exit+0x10/0x10 [ 94.653577] ? debug_smp_processor_id+0x20/0x30 [ 94.653972] ? rcu_is_watching+0x19/0xb0 [ 94.654315] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.654749] ? trace_hardirqs_on+0x26/0x120 [ 94.655139] do_group_exit+0xe0/0x2b0 [ 94.655463] __x64_sys_exit_group+0x47/0x50 [ 94.655824] do_syscall_64+0x3b/0x90 [ 94.656147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.656592] RIP: 0033:0x7f4b87518a4d [ 94.656909] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.657456] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.658116] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.658779] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.659423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.660054] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.660694] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.661334] [ 94.661549] irq event stamp: 0 [ 94.661831] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.662386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.663195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.663943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.664499] ---[ end trace 0000000000000000 ]--- [ 94.665289] ------------[ cut here ]------------ [ 94.665714] WARNING: CPU: 1 PID: 824 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.666667] Modules linked in: [ 94.666962] CPU: 1 PID: 824 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.667739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.668737] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.669200] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.670864] RSP: 0018:ffff88801622fb78 EFLAGS: 00010246 [ 94.671350] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.671987] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 94.672630] RBP: ffff88801622fb98 R08: ffffed100257c03e R09: ffffed100257c03e [ 94.673262] R10: ffff888012be01ef R11: ffffed100257c03d R12: ffff888012be0290 [ 94.673893] R13: ffff888012be00a8 R14: ffffffffffffffff R15: ffff88801622fc60 [ 94.674556] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.675331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.675884] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 94.676565] PKRU: 55555554 [ 94.676839] Call Trace: [ 94.677082] [ 94.677297] iommufd_ioas_destroy+0x53/0x70 [ 94.677713] iommufd_fops_release+0x1f7/0x370 [ 94.678146] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.678679] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.679164] ? write_comp_data+0x2f/0x90 [ 94.679558] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.680034] __fput+0x26d/0xa40 [ 94.680363] ____fput+0x1e/0x30 [ 94.680681] task_work_run+0x1a4/0x2d0 [ 94.681058] ? __pfx_task_work_run+0x10/0x10 [ 94.681475] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.681943] ? switch_task_namespaces+0xa9/0xe0 [ 94.682389] do_exit+0xb17/0x2ef0 [ 94.682747] ? lock_acquire+0x427/0x4c0 [ 94.683144] ? __pfx_lock_release+0x10/0x10 [ 94.683567] ? __kasan_check_write+0x18/0x20 [ 94.683986] ? do_raw_spin_lock+0x132/0x2a0 [ 94.684397] ? __pfx_do_exit+0x10/0x10 [ 94.684775] ? debug_smp_processor_id+0x20/0x30 [ 94.685225] ? rcu_is_watching+0x19/0xb0 [ 94.685614] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.686048] ? trace_hardirqs_on+0x26/0x120 [ 94.686459] do_group_exit+0xe0/0x2b0 [ 94.686856] __x64_sys_exit_group+0x47/0x50 [ 94.687282] do_syscall_64+0x3b/0x90 [ 94.687653] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.688152] RIP: 0033:0x7f4b87518a4d [ 94.688502] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.689085] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.689821] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.690497] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.691233] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.691908] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.692593] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.693299] [ 94.693530] irq event stamp: 0 [ 94.693837] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.694442] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.695304] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.696116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.696719] ---[ end trace 0000000000000000 ]--- [ 94.702190] ------------[ cut here ]------------ [ 94.702924] WARNING: CPU: 1 PID: 825 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.703898] Modules linked in: [ 94.704202] CPU: 1 PID: 825 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.705021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.706088] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.706610] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.708351] RSP: 0018:ffff888013527bb8 EFLAGS: 00010246 [ 94.708862] RAX: 0000000000000000 RBX: ffff88800fe360a8 RCX: 0000000000000000 [ 94.709547] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 94.710221] RBP: ffff888013527bd0 R08: ffffed1001fc6c33 R09: ffffed1001fc6c33 [ 94.710934] R10: ffff88800fe36193 R11: ffffed1001fc6c32 R12: ffff888016632000 [ 94.711632] R13: ffff88800fe361e8 R14: ffffffff8352e670 R15: ffff888013527e68 [ 94.712316] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.713080] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.713635] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 94.714345] PKRU: 55555554 [ 94.714683] Call Trace: [ 94.714950] [ 94.715205] __iommufd_access_detach+0x1c2/0x2b0 [ 94.715725] iommufd_access_change_pt+0x149/0x270 [ 94.716235] iommufd_access_replace+0xb4/0x120 [ 94.716719] iommufd_test+0x3e5/0x37e0 [ 94.717127] ? lock_release+0x532/0x770 [ 94.717555] ? __might_fault+0x102/0x1b0 [ 94.717996] ? lock_acquire+0x427/0x4c0 [ 94.718436] ? __pfx_iommufd_test+0x10/0x10 [ 94.718920] ? __pfx_lock_release+0x10/0x10 [ 94.719397] ? __pfx_lock_acquire+0x10/0x10 [ 94.719859] ? write_comp_data+0x2f/0x90 [ 94.720296] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.720809] ? write_comp_data+0x2f/0x90 [ 94.721245] iommufd_fops_ioctl+0x37d/0x510 [ 94.721702] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.722226] ? write_comp_data+0x2f/0x90 [ 94.722701] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.723222] __x64_sys_ioctl+0x1a3/0x230 [ 94.723665] do_syscall_64+0x3b/0x90 [ 94.724072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.724630] RIP: 0033:0x7f4b8743ee5d [ 94.725033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.726988] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.727810] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.728567] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.729308] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.730034] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.730799] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.731550] [ 94.731793] irq event stamp: 0 [ 94.732121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.732768] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.733622] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.734464] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.735153] ---[ end trace 0000000000000000 ]--- [ 94.742141] ------------[ cut here ]------------ [ 94.743178] WARNING: CPU: 0 PID: 825 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.744874] Modules linked in: [ 94.745665] CPU: 0 PID: 825 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.747208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.749008] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.749682] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.752511] RSP: 0018:ffff888013527bd0 EFLAGS: 00010246 [ 94.753558] RAX: 0000000000000000 RBX: ffff88800fe360a8 RCX: 0000000000000000 [ 94.754792] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 94.755746] RBP: ffff888013527be8 R08: ffffed1001fc6c33 R09: ffffed1001fc6c33 [ 94.756692] R10: ffff88800fe36193 R11: ffffed1001fc6c32 R12: ffff888018478400 [ 94.757626] R13: ffff88800fe361e8 R14: ffff888020917300 R15: 0000000000000000 [ 94.758626] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.759708] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.760474] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 94.761416] PKRU: 55555554 [ 94.761797] Call Trace: [ 94.762144] [ 94.762454] iommufd_access_destroy_object+0x65/0x170 [ 94.763236] iommufd_object_destroy_user+0x18e/0x220 [ 94.763931] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.764706] iommufd_access_destroy+0x43/0x70 [ 94.765321] iommufd_test_staccess_release+0x8d/0xd0 [ 94.766009] __fput+0x26d/0xa40 [ 94.766477] ____fput+0x1e/0x30 [ 94.766989] task_work_run+0x1a4/0x2d0 [ 94.767561] ? __pfx_task_work_run+0x10/0x10 [ 94.768167] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.768825] ? switch_task_namespaces+0xa9/0xe0 [ 94.769467] do_exit+0xb17/0x2ef0 [ 94.769939] ? lock_acquire+0x427/0x4c0 [ 94.770485] ? __pfx_lock_release+0x10/0x10 [ 94.771134] ? __kasan_check_write+0x18/0x20 [ 94.771740] ? do_raw_spin_lock+0x132/0x2a0 [ 94.772322] ? __pfx_do_exit+0x10/0x10 [ 94.772855] ? debug_smp_processor_id+0x20/0x30 [ 94.773481] ? rcu_is_watching+0x19/0xb0 [ 94.774025] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.774680] ? trace_hardirqs_on+0x26/0x120 [ 94.775302] do_group_exit+0xe0/0x2b0 [ 94.775829] __x64_sys_exit_group+0x47/0x50 [ 94.776405] do_syscall_64+0x3b/0x90 [ 94.776922] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.777620] RIP: 0033:0x7f4b87518a4d [ 94.778117] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.778972] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.779996] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.780935] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.781867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.782845] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.783810] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.784762] [ 94.785079] irq event stamp: 0 [ 94.785497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.786320] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.787473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.788580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.789415] ---[ end trace 0000000000000000 ]--- [ 94.791233] ------------[ cut here ]------------ [ 94.791895] WARNING: CPU: 0 PID: 825 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.793091] Modules linked in: [ 94.793492] CPU: 0 PID: 825 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.795029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.796335] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.796886] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.799808] RSP: 0018:ffff888013527b78 EFLAGS: 00010246 [ 94.800577] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.801801] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 94.803145] RBP: ffff888013527b98 R08: ffffed1001fc6c3e R09: ffffed1001fc6c3e [ 94.804096] R10: ffff88800fe361ef R11: ffffed1001fc6c3d R12: ffff88800fe36290 [ 94.805350] R13: ffff88800fe360a8 R14: ffffffffffffffff R15: ffff888013527c60 [ 94.806636] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.807730] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.808781] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 94.809747] PKRU: 55555554 [ 94.810128] Call Trace: [ 94.810472] [ 94.810843] iommufd_ioas_destroy+0x53/0x70 [ 94.811468] iommufd_fops_release+0x1f7/0x370 [ 94.812082] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.812756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.813422] ? write_comp_data+0x2f/0x90 [ 94.813977] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.814702] __fput+0x26d/0xa40 [ 94.815198] ____fput+0x1e/0x30 [ 94.815657] task_work_run+0x1a4/0x2d0 [ 94.816189] ? __pfx_task_work_run+0x10/0x10 [ 94.816784] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.817441] ? switch_task_namespaces+0xa9/0xe0 [ 94.818082] do_exit+0xb17/0x2ef0 [ 94.818603] ? lock_acquire+0x427/0x4c0 [ 94.819172] ? __pfx_lock_release+0x10/0x10 [ 94.819756] ? __kasan_check_write+0x18/0x20 [ 94.820347] ? do_raw_spin_lock+0x132/0x2a0 [ 94.820926] ? __pfx_do_exit+0x10/0x10 [ 94.821456] ? debug_smp_processor_id+0x20/0x30 [ 94.822081] ? rcu_is_watching+0x19/0xb0 [ 94.822676] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.823307] ? trace_hardirqs_on+0x26/0x120 [ 94.823894] do_group_exit+0xe0/0x2b0 [ 94.824407] __x64_sys_exit_group+0x47/0x50 [ 94.824978] do_syscall_64+0x3b/0x90 [ 94.825490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.826186] RIP: 0033:0x7f4b87518a4d [ 94.826738] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.827569] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.828563] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.829494] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.830431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.831424] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.832365] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.833319] [ 94.833636] irq event stamp: 0 [ 94.834058] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.834933] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.836076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.837160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.838003] ---[ end trace 0000000000000000 ]--- [ 94.846424] ------------[ cut here ]------------ [ 94.847246] WARNING: CPU: 0 PID: 826 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.848852] Modules linked in: [ 94.849297] CPU: 0 PID: 826 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.850444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.852017] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.852697] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.855176] RSP: 0018:ffff888013937bb8 EFLAGS: 00010246 [ 94.855902] RAX: 0000000000000000 RBX: ffff888023eb10a8 RCX: 0000000000000000 [ 94.856836] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 94.857771] RBP: ffff888013937bd0 R08: ffffed10047d6233 R09: ffffed10047d6233 [ 94.858750] R10: ffff888023eb1193 R11: ffffed10047d6232 R12: ffff888014390800 [ 94.859706] R13: ffff888023eb11e8 R14: ffffffff8352e670 R15: ffff888013937e68 [ 94.860649] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.861711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.862480] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 94.863509] PKRU: 55555554 [ 94.863892] Call Trace: [ 94.864235] [ 94.864544] __iommufd_access_detach+0x1c2/0x2b0 [ 94.865204] iommufd_access_change_pt+0x149/0x270 [ 94.865860] iommufd_access_replace+0xb4/0x120 [ 94.866486] iommufd_test+0x3e5/0x37e0 [ 94.867069] ? lock_release+0x532/0x770 [ 94.867635] ? __might_fault+0x102/0x1b0 [ 94.868189] ? lock_acquire+0x427/0x4c0 [ 94.868739] ? __pfx_iommufd_test+0x10/0x10 [ 94.869316] ? __pfx_lock_release+0x10/0x10 [ 94.869914] ? __pfx_lock_acquire+0x10/0x10 [ 94.870573] ? write_comp_data+0x2f/0x90 [ 94.871176] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.871850] ? write_comp_data+0x2f/0x90 [ 94.872425] iommufd_fops_ioctl+0x37d/0x510 [ 94.873038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.873721] ? write_comp_data+0x2f/0x90 [ 94.874303] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.875045] __x64_sys_ioctl+0x1a3/0x230 [ 94.875674] do_syscall_64+0x3b/0x90 [ 94.876214] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.876941] RIP: 0033:0x7f4b8743ee5d [ 94.877460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 94.879939] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 94.880948] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 94.881875] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.882862] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 94.883823] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 94.884749] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 94.885693] [ 94.886015] irq event stamp: 0 [ 94.886432] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.887335] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.888441] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.889541] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.890375] ---[ end trace 0000000000000000 ]--- [ 94.896511] ------------[ cut here ]------------ [ 94.897279] WARNING: CPU: 0 PID: 826 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.898841] Modules linked in: [ 94.899442] CPU: 0 PID: 826 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.900644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.902044] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.902734] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.904603] RSP: 0018:ffff888013937bd0 EFLAGS: 00010246 [ 94.905101] RAX: 0000000000000000 RBX: ffff888023eb10a8 RCX: 0000000000000000 [ 94.905929] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 94.906612] RBP: ffff888013937be8 R08: ffffed10047d6233 R09: ffffed10047d6233 [ 94.907452] R10: ffff888023eb1193 R11: ffffed10047d6232 R12: ffff88800a727c00 [ 94.908122] R13: ffff888023eb11e8 R14: ffff88800f211100 R15: 0000000000000000 [ 94.909048] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.909804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.910561] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.911269] PKRU: 55555554 [ 94.911540] Call Trace: [ 94.911831] [ 94.912147] iommufd_access_destroy_object+0x65/0x170 [ 94.912644] iommufd_object_destroy_user+0x18e/0x220 [ 94.913137] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 94.913838] iommufd_access_destroy+0x43/0x70 [ 94.914276] iommufd_test_staccess_release+0x8d/0xd0 [ 94.914963] __fput+0x26d/0xa40 [ 94.915305] ____fput+0x1e/0x30 [ 94.915641] task_work_run+0x1a4/0x2d0 [ 94.916030] ? __pfx_task_work_run+0x10/0x10 [ 94.916488] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.917107] ? switch_task_namespaces+0xa9/0xe0 [ 94.917559] do_exit+0xb17/0x2ef0 [ 94.917974] ? lock_acquire+0x427/0x4c0 [ 94.918442] ? __pfx_lock_release+0x10/0x10 [ 94.918889] ? __kasan_check_write+0x18/0x20 [ 94.919325] ? do_raw_spin_lock+0x132/0x2a0 [ 94.919820] ? __pfx_do_exit+0x10/0x10 [ 94.920326] ? debug_smp_processor_id+0x20/0x30 [ 94.920769] ? rcu_is_watching+0x19/0xb0 [ 94.921239] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.921776] ? trace_hardirqs_on+0x26/0x120 [ 94.922191] do_group_exit+0xe0/0x2b0 [ 94.922637] __x64_sys_exit_group+0x47/0x50 [ 94.923158] do_syscall_64+0x3b/0x90 [ 94.923520] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.924017] RIP: 0033:0x7f4b87518a4d [ 94.924459] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.925156] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.926066] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.926763] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.927507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.928347] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.929094] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.929860] [ 94.930080] irq event stamp: 0 [ 94.930434] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.931159] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.931974] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.932949] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.933616] ---[ end trace 0000000000000000 ]--- [ 94.934586] ------------[ cut here ]------------ [ 94.935045] WARNING: CPU: 0 PID: 826 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 94.936216] Modules linked in: [ 94.936522] CPU: 0 PID: 826 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.937546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.938958] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 94.939521] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 94.941726] RSP: 0018:ffff888013937b78 EFLAGS: 00010246 [ 94.942550] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 94.943296] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 94.944227] RBP: ffff888013937b98 R08: ffffed10047d623e R09: ffffed10047d623e [ 94.944964] R10: ffff888023eb11ef R11: ffffed10047d623d R12: ffff888023eb1290 [ 94.945692] R13: ffff888023eb10a8 R14: ffffffffffffffff R15: ffff888013937c60 [ 94.946420] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 94.947284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.947893] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 94.948628] PKRU: 55555554 [ 94.948926] Call Trace: [ 94.949194] [ 94.949430] iommufd_ioas_destroy+0x53/0x70 [ 94.949892] iommufd_fops_release+0x1f7/0x370 [ 94.950359] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.950915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.951437] ? write_comp_data+0x2f/0x90 [ 94.951866] ? __pfx_iommufd_fops_release+0x10/0x10 [ 94.952385] __fput+0x26d/0xa40 [ 94.952749] ____fput+0x1e/0x30 [ 94.953092] task_work_run+0x1a4/0x2d0 [ 94.953496] ? __pfx_task_work_run+0x10/0x10 [ 94.953952] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.954447] ? switch_task_namespaces+0xa9/0xe0 [ 94.954965] do_exit+0xb17/0x2ef0 [ 94.955333] ? lock_acquire+0x427/0x4c0 [ 94.955750] ? __pfx_lock_release+0x10/0x10 [ 94.956198] ? __kasan_check_write+0x18/0x20 [ 94.956647] ? do_raw_spin_lock+0x132/0x2a0 [ 94.957084] ? __pfx_do_exit+0x10/0x10 [ 94.957494] ? debug_smp_processor_id+0x20/0x30 [ 94.957979] ? rcu_is_watching+0x19/0xb0 [ 94.958404] ? _raw_spin_unlock_irq+0x2b/0x60 [ 94.958913] ? trace_hardirqs_on+0x26/0x120 [ 94.959403] do_group_exit+0xe0/0x2b0 [ 94.959800] __x64_sys_exit_group+0x47/0x50 [ 94.960233] do_syscall_64+0x3b/0x90 [ 94.960617] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 94.961151] RIP: 0033:0x7f4b87518a4d [ 94.961524] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 94.962136] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 94.962930] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 94.963661] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 94.964383] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 94.965099] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 94.965814] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 94.966573] [ 94.966822] irq event stamp: 0 [ 94.967153] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 94.967789] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 94.968627] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 94.969468] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 94.970108] ---[ end trace 0000000000000000 ]--- [ 94.975475] ------------[ cut here ]------------ [ 94.976184] WARNING: CPU: 1 PID: 827 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 94.977369] Modules linked in: [ 94.978022] CPU: 1 PID: 827 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 94.979004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 94.980407] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 94.980925] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 94.983157] RSP: 0018:ffff888013ae7bb8 EFLAGS: 00010246 [ 94.983735] RAX: 0000000000000000 RBX: ffff8880104678a8 RCX: 0000000000000000 [ 94.984468] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 94.985411] RBP: ffff888013ae7bd0 R08: ffffed100208cf33 R09: ffffed100208cf33 [ 94.986146] R10: ffff888010467993 R11: ffffed100208cf32 R12: ffff888010c09400 [ 94.987249] R13: ffff8880104679e8 R14: ffffffff8352e670 R15: ffff888013ae7e68 [ 94.988006] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 94.989069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.989675] CR2: 00007f4b877410e8 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 94.990594] PKRU: 55555554 [ 94.990968] Call Trace: [ 94.991259] [ 94.991495] __iommufd_access_detach+0x1c2/0x2b0 [ 94.992006] iommufd_access_change_pt+0x149/0x270 [ 94.992736] iommufd_access_replace+0xb4/0x120 [ 94.993220] iommufd_test+0x3e5/0x37e0 [ 94.993626] ? lock_release+0x532/0x770 [ 94.994209] ? __might_fault+0x102/0x1b0 [ 94.994700] ? lock_acquire+0x427/0x4c0 [ 94.995139] ? __pfx_iommufd_test+0x10/0x10 [ 94.995607] ? __pfx_lock_release+0x10/0x10 [ 94.996137] ? __pfx_lock_acquire+0x10/0x10 [ 94.996760] ? write_comp_data+0x2f/0x90 [ 94.997199] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 94.997769] ? write_comp_data+0x2f/0x90 [ 94.998366] iommufd_fops_ioctl+0x37d/0x510 [ 94.998851] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.999380] ? write_comp_data+0x2f/0x90 [ 94.999842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.000360] __x64_sys_ioctl+0x1a3/0x230 [ 95.000787] do_syscall_64+0x3b/0x90 [ 95.001192] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.001978] RIP: 0033:0x7f4b8743ee5d [ 95.002371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.004557] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.005356] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.006322] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.007085] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.007907] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.008830] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.009638] [ 95.010061] irq event stamp: 0 [ 95.010390] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.011078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.012115] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.013068] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.013730] ---[ end trace 0000000000000000 ]--- [ 95.017331] ------------[ cut here ]------------ [ 95.017901] WARNING: CPU: 0 PID: 827 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.019043] Modules linked in: [ 95.019384] CPU: 0 PID: 827 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.020283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.021436] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.021947] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.023896] RSP: 0018:ffff888013ae7bd0 EFLAGS: 00010246 [ 95.024449] RAX: 0000000000000000 RBX: ffff8880104678a8 RCX: 0000000000000000 [ 95.025187] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 95.025936] RBP: ffff888013ae7be8 R08: ffffed100208cf33 R09: ffffed100208cf33 [ 95.026709] R10: ffff888010467993 R11: ffffed100208cf32 R12: ffff888016633800 [ 95.027460] R13: ffff8880104679e8 R14: ffff88800b8fce00 R15: 0000000000000000 [ 95.028193] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.029024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.029621] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 95.030370] PKRU: 55555554 [ 95.030697] Call Trace: [ 95.030963] [ 95.031216] iommufd_access_destroy_object+0x65/0x170 [ 95.031763] iommufd_object_destroy_user+0x18e/0x220 [ 95.032296] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.032895] iommufd_access_destroy+0x43/0x70 [ 95.033367] iommufd_test_staccess_release+0x8d/0xd0 [ 95.033892] __fput+0x26d/0xa40 [ 95.034242] ____fput+0x1e/0x30 [ 95.034610] task_work_run+0x1a4/0x2d0 [ 95.035016] ? __pfx_task_work_run+0x10/0x10 [ 95.035463] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.035961] ? switch_task_namespaces+0xa9/0xe0 [ 95.036437] do_exit+0xb17/0x2ef0 [ 95.036791] ? lock_acquire+0x427/0x4c0 [ 95.037286] ? __pfx_lock_release+0x10/0x10 [ 95.037723] ? __kasan_check_write+0x18/0x20 [ 95.038171] ? do_raw_spin_lock+0x132/0x2a0 [ 95.038636] ? __pfx_do_exit+0x10/0x10 [ 95.039044] ? debug_smp_processor_id+0x20/0x30 [ 95.039545] ? rcu_is_watching+0x19/0xb0 [ 95.039964] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.040430] ? trace_hardirqs_on+0x26/0x120 [ 95.040876] do_group_exit+0xe0/0x2b0 [ 95.041269] __x64_sys_exit_group+0x47/0x50 [ 95.041679] do_syscall_64+0x3b/0x90 [ 95.042038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.042551] RIP: 0033:0x7f4b87518a4d [ 95.042903] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.043481] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.044187] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.044837] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.045491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.046149] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.046823] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.047498] [ 95.047715] irq event stamp: 0 [ 95.048005] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.048580] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.049350] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.050103] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.050691] ---[ end trace 0000000000000000 ]--- [ 95.051749] ------------[ cut here ]------------ [ 95.052191] WARNING: CPU: 0 PID: 827 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.053190] Modules linked in: [ 95.053484] CPU: 0 PID: 827 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.054265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.055318] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.055761] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.057312] RSP: 0018:ffff888013ae7b78 EFLAGS: 00010246 [ 95.057771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.058376] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 95.058995] RBP: ffff888013ae7b98 R08: ffffed100208cf3e R09: ffffed100208cf3e [ 95.059614] R10: ffff8880104679ef R11: ffffed100208cf3d R12: ffff888010467a90 [ 95.060219] R13: ffff8880104678a8 R14: ffffffffffffffff R15: ffff888013ae7c60 [ 95.060827] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.061508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.062003] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 95.062629] PKRU: 55555554 [ 95.062876] Call Trace: [ 95.063097] [ 95.063306] iommufd_ioas_destroy+0x53/0x70 [ 95.063683] iommufd_fops_release+0x1f7/0x370 [ 95.064076] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.064505] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.064926] ? write_comp_data+0x2f/0x90 [ 95.065282] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.065710] __fput+0x26d/0xa40 [ 95.066008] ____fput+0x1e/0x30 [ 95.066299] task_work_run+0x1a4/0x2d0 [ 95.066662] ? __pfx_task_work_run+0x10/0x10 [ 95.067051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.067484] ? switch_task_namespaces+0xa9/0xe0 [ 95.067896] do_exit+0xb17/0x2ef0 [ 95.068197] ? lock_acquire+0x427/0x4c0 [ 95.068549] ? __pfx_lock_release+0x10/0x10 [ 95.068981] ? __kasan_check_write+0x18/0x20 [ 95.069366] ? do_raw_spin_lock+0x132/0x2a0 [ 95.069735] ? __pfx_do_exit+0x10/0x10 [ 95.070073] ? debug_smp_processor_id+0x20/0x30 [ 95.070456] ? rcu_is_watching+0x19/0xb0 [ 95.070806] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.071193] ? trace_hardirqs_on+0x26/0x120 [ 95.071550] do_group_exit+0xe0/0x2b0 [ 95.071860] __x64_sys_exit_group+0x47/0x50 [ 95.072209] do_syscall_64+0x3b/0x90 [ 95.072525] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.072950] RIP: 0033:0x7f4b87518a4d [ 95.073254] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.073748] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.074361] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.074968] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.075548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.076125] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.076694] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.077273] [ 95.077460] irq event stamp: 0 [ 95.077717] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.078226] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.078922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.079631] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.080138] ---[ end trace 0000000000000000 ]--- [ 95.084303] ------------[ cut here ]------------ [ 95.084713] WARNING: CPU: 0 PID: 828 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.085530] Modules linked in: [ 95.085787] CPU: 0 PID: 828 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.086480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.087444] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.087848] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.089309] RSP: 0018:ffff888023d6fbb8 EFLAGS: 00010246 [ 95.089737] RAX: 0000000000000000 RBX: ffff888010b9f8a8 RCX: 0000000000000000 [ 95.090312] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 95.090911] RBP: ffff888023d6fbd0 R08: ffffed1002173f33 R09: ffffed1002173f33 [ 95.091493] R10: ffff888010b9f993 R11: ffffed1002173f32 R12: ffff888012e96400 [ 95.092074] R13: ffff888010b9f9e8 R14: ffffffff8352e670 R15: ffff888023d6fe68 [ 95.092650] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.093290] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.093761] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 95.094338] PKRU: 55555554 [ 95.094588] Call Trace: [ 95.094800] [ 95.094983] __iommufd_access_detach+0x1c2/0x2b0 [ 95.095392] iommufd_access_change_pt+0x149/0x270 [ 95.095797] iommufd_access_replace+0xb4/0x120 [ 95.096177] iommufd_test+0x3e5/0x37e0 [ 95.096494] ? lock_release+0x532/0x770 [ 95.096827] ? __might_fault+0x102/0x1b0 [ 95.097165] ? lock_acquire+0x427/0x4c0 [ 95.097498] ? __pfx_iommufd_test+0x10/0x10 [ 95.097849] ? __pfx_lock_release+0x10/0x10 [ 95.098214] ? __pfx_lock_acquire+0x10/0x10 [ 95.098601] ? write_comp_data+0x2f/0x90 [ 95.098947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.099357] ? write_comp_data+0x2f/0x90 [ 95.099699] iommufd_fops_ioctl+0x37d/0x510 [ 95.100054] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.100454] ? write_comp_data+0x2f/0x90 [ 95.100797] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.101259] __x64_sys_ioctl+0x1a3/0x230 [ 95.101597] do_syscall_64+0x3b/0x90 [ 95.101908] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.102334] RIP: 0033:0x7f4b8743ee5d [ 95.102662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.104137] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.104755] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.105326] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.105895] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.106464] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.107055] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.107642] [ 95.107835] irq event stamp: 0 [ 95.108091] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.108596] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.109269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.109941] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.110446] ---[ end trace 0000000000000000 ]--- [ 95.113265] ------------[ cut here ]------------ [ 95.113678] WARNING: CPU: 0 PID: 828 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.114483] Modules linked in: [ 95.114773] CPU: 0 PID: 828 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.115481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.116354] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.116744] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.118150] RSP: 0018:ffff888023d6fbd0 EFLAGS: 00010246 [ 95.118582] RAX: 0000000000000000 RBX: ffff888010b9f8a8 RCX: 0000000000000000 [ 95.119154] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 95.119699] RBP: ffff888023d6fbe8 R08: ffffed1002173f33 R09: ffffed1002173f33 [ 95.120256] R10: ffff888010b9f993 R11: ffffed1002173f32 R12: ffff888014392000 [ 95.120817] R13: ffff888010b9f9e8 R14: ffff888010aa6100 R15: 0000000000000000 [ 95.121372] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.121997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.122447] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.123022] PKRU: 55555554 [ 95.123256] Call Trace: [ 95.123458] [ 95.123637] iommufd_access_destroy_object+0x65/0x170 [ 95.124045] iommufd_object_destroy_user+0x18e/0x220 [ 95.124445] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.124906] iommufd_access_destroy+0x43/0x70 [ 95.125269] iommufd_test_staccess_release+0x8d/0xd0 [ 95.125678] __fput+0x26d/0xa40 [ 95.125958] ____fput+0x1e/0x30 [ 95.126225] task_work_run+0x1a4/0x2d0 [ 95.126566] ? __pfx_task_work_run+0x10/0x10 [ 95.126920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.127320] ? switch_task_namespaces+0xa9/0xe0 [ 95.127702] do_exit+0xb17/0x2ef0 [ 95.127978] ? lock_acquire+0x427/0x4c0 [ 95.128301] ? __pfx_lock_release+0x10/0x10 [ 95.128649] ? __kasan_check_write+0x18/0x20 [ 95.128998] ? do_raw_spin_lock+0x132/0x2a0 [ 95.129338] ? __pfx_do_exit+0x10/0x10 [ 95.129656] ? debug_smp_processor_id+0x20/0x30 [ 95.130026] ? rcu_is_watching+0x19/0xb0 [ 95.130349] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.130734] ? trace_hardirqs_on+0x26/0x120 [ 95.131084] do_group_exit+0xe0/0x2b0 [ 95.131393] __x64_sys_exit_group+0x47/0x50 [ 95.131732] do_syscall_64+0x3b/0x90 [ 95.132038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.132451] RIP: 0033:0x7f4b87518a4d [ 95.132745] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.133284] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.133878] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.134432] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.135008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.135575] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.136131] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.136696] [ 95.136882] irq event stamp: 0 [ 95.137128] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.137617] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.138272] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.138952] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.139451] ---[ end trace 0000000000000000 ]--- [ 95.140152] ------------[ cut here ]------------ [ 95.140526] WARNING: CPU: 0 PID: 828 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.141316] Modules linked in: [ 95.141576] CPU: 0 PID: 828 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.142252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.143162] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.143574] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.144981] RSP: 0018:ffff888023d6fb78 EFLAGS: 00010246 [ 95.145389] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.145933] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 95.146480] RBP: ffff888023d6fb98 R08: ffffed1002173f3e R09: ffffed1002173f3e [ 95.147052] R10: ffff888010b9f9ef R11: ffffed1002173f3d R12: ffff888010b9fa90 [ 95.147607] R13: ffff888010b9f8a8 R14: ffffffffffffffff R15: ffff888023d6fc60 [ 95.148149] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.148761] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.149204] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.149746] PKRU: 55555554 [ 95.149965] Call Trace: [ 95.150162] [ 95.150337] iommufd_ioas_destroy+0x53/0x70 [ 95.150695] iommufd_fops_release+0x1f7/0x370 [ 95.151050] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.151456] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.151840] ? write_comp_data+0x2f/0x90 [ 95.152165] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.152554] __fput+0x26d/0xa40 [ 95.152825] ____fput+0x1e/0x30 [ 95.153087] task_work_run+0x1a4/0x2d0 [ 95.153398] ? __pfx_task_work_run+0x10/0x10 [ 95.153745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.154131] ? switch_task_namespaces+0xa9/0xe0 [ 95.154529] do_exit+0xb17/0x2ef0 [ 95.154803] ? lock_acquire+0x427/0x4c0 [ 95.155129] ? __pfx_lock_release+0x10/0x10 [ 95.155471] ? __kasan_check_write+0x18/0x20 [ 95.155819] ? do_raw_spin_lock+0x132/0x2a0 [ 95.156159] ? __pfx_do_exit+0x10/0x10 [ 95.156469] ? debug_smp_processor_id+0x20/0x30 [ 95.156830] ? rcu_is_watching+0x19/0xb0 [ 95.157143] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.157504] ? trace_hardirqs_on+0x26/0x120 [ 95.157841] do_group_exit+0xe0/0x2b0 [ 95.158142] __x64_sys_exit_group+0x47/0x50 [ 95.158477] do_syscall_64+0x3b/0x90 [ 95.158795] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.159211] RIP: 0033:0x7f4b87518a4d [ 95.159501] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.159973] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.160553] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.161097] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.161637] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.162179] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.162738] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.163302] [ 95.163484] irq event stamp: 0 [ 95.163730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.164218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.164866] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.165560] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.166045] ---[ end trace 0000000000000000 ]--- [ 95.170252] ------------[ cut here ]------------ [ 95.170712] WARNING: CPU: 0 PID: 829 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.171506] Modules linked in: [ 95.171755] CPU: 0 PID: 829 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.172422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.173287] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.173670] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.175119] RSP: 0018:ffff888015a4fbb8 EFLAGS: 00010246 [ 95.175535] RAX: 0000000000000000 RBX: ffff888010b7f0a8 RCX: 0000000000000000 [ 95.176087] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 95.176633] RBP: ffff888015a4fbd0 R08: ffffed100216fe33 R09: ffffed100216fe33 [ 95.177179] R10: ffff888010b7f193 R11: ffffed100216fe32 R12: ffff888012eaa400 [ 95.177727] R13: ffff888010b7f1e8 R14: ffffffff8352e670 R15: ffff888015a4fe68 [ 95.178275] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.178913] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.179380] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 95.179932] PKRU: 55555554 [ 95.180155] Call Trace: [ 95.180354] [ 95.180534] __iommufd_access_detach+0x1c2/0x2b0 [ 95.180920] iommufd_access_change_pt+0x149/0x270 [ 95.181304] iommufd_access_replace+0xb4/0x120 [ 95.181672] iommufd_test+0x3e5/0x37e0 [ 95.181977] ? lock_release+0x532/0x770 [ 95.182296] ? __might_fault+0x102/0x1b0 [ 95.182639] ? lock_acquire+0x427/0x4c0 [ 95.182961] ? __pfx_iommufd_test+0x10/0x10 [ 95.183311] ? __pfx_lock_release+0x10/0x10 [ 95.183657] ? __pfx_lock_acquire+0x10/0x10 [ 95.184008] ? write_comp_data+0x2f/0x90 [ 95.184332] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.184722] ? write_comp_data+0x2f/0x90 [ 95.185052] iommufd_fops_ioctl+0x37d/0x510 [ 95.185393] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.185776] ? write_comp_data+0x2f/0x90 [ 95.186107] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.186486] __x64_sys_ioctl+0x1a3/0x230 [ 95.186837] do_syscall_64+0x3b/0x90 [ 95.187146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.187559] RIP: 0033:0x7f4b8743ee5d [ 95.187854] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.189257] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.189850] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.190396] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.190973] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.191537] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.192084] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.192651] [ 95.192839] irq event stamp: 0 [ 95.193085] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.193577] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.194230] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.194892] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.195389] ---[ end trace 0000000000000000 ]--- [ 95.198152] ------------[ cut here ]------------ [ 95.198572] WARNING: CPU: 0 PID: 829 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.199360] Modules linked in: [ 95.199610] CPU: 0 PID: 829 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.200279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.201158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.201543] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.202980] RSP: 0018:ffff888015a4fbd0 EFLAGS: 00010246 [ 95.203403] RAX: 0000000000000000 RBX: ffff888010b7f0a8 RCX: 0000000000000000 [ 95.203951] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 95.204506] RBP: ffff888015a4fbe8 R08: ffffed100216fe33 R09: ffffed100216fe33 [ 95.205062] R10: ffff888010b7f193 R11: ffffed100216fe32 R12: ffff888012e94400 [ 95.205613] R13: ffff888010b7f1e8 R14: ffff8880218d4c00 R15: 0000000000000000 [ 95.206159] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.206799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.207254] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.207803] PKRU: 55555554 [ 95.208026] Call Trace: [ 95.208223] [ 95.208399] iommufd_access_destroy_object+0x65/0x170 [ 95.208805] iommufd_object_destroy_user+0x18e/0x220 [ 95.209203] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.209660] iommufd_access_destroy+0x43/0x70 [ 95.210016] iommufd_test_staccess_release+0x8d/0xd0 [ 95.210420] __fput+0x26d/0xa40 [ 95.210707] ____fput+0x1e/0x30 [ 95.210972] task_work_run+0x1a4/0x2d0 [ 95.211291] ? __pfx_task_work_run+0x10/0x10 [ 95.211640] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.212030] ? switch_task_namespaces+0xa9/0xe0 [ 95.212404] do_exit+0xb17/0x2ef0 [ 95.212676] ? lock_acquire+0x427/0x4c0 [ 95.212994] ? __pfx_lock_release+0x10/0x10 [ 95.213335] ? __kasan_check_write+0x18/0x20 [ 95.213689] ? do_raw_spin_lock+0x132/0x2a0 [ 95.214032] ? __pfx_do_exit+0x10/0x10 [ 95.214348] ? debug_smp_processor_id+0x20/0x30 [ 95.214730] ? rcu_is_watching+0x19/0xb0 [ 95.215048] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.215421] ? trace_hardirqs_on+0x26/0x120 [ 95.215766] do_group_exit+0xe0/0x2b0 [ 95.216070] __x64_sys_exit_group+0x47/0x50 [ 95.216405] do_syscall_64+0x3b/0x90 [ 95.216702] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.217112] RIP: 0033:0x7f4b87518a4d [ 95.217401] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.217874] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.218462] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.219036] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.219596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.220149] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.220701] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.221259] [ 95.221442] irq event stamp: 0 [ 95.221687] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.222177] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.222845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.223500] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.223986] ---[ end trace 0000000000000000 ]--- [ 95.224683] ------------[ cut here ]------------ [ 95.225050] WARNING: CPU: 0 PID: 829 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.225833] Modules linked in: [ 95.226083] CPU: 0 PID: 829 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.226768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.227643] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.228047] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.229503] RSP: 0018:ffff888015a4fb78 EFLAGS: 00010246 [ 95.229913] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.230460] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 95.231039] RBP: ffff888015a4fb98 R08: ffffed100216fe3e R09: ffffed100216fe3e [ 95.231597] R10: ffff888010b7f1ef R11: ffffed100216fe3d R12: ffff888010b7f290 [ 95.232148] R13: ffff888010b7f0a8 R14: ffffffffffffffff R15: ffff888015a4fc60 [ 95.232696] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.233313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.233760] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.234310] PKRU: 55555554 [ 95.234542] Call Trace: [ 95.234744] [ 95.234920] iommufd_ioas_destroy+0x53/0x70 [ 95.235274] iommufd_fops_release+0x1f7/0x370 [ 95.235629] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.236022] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.236415] ? write_comp_data+0x2f/0x90 [ 95.236738] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.237129] __fput+0x26d/0xa40 [ 95.237400] ____fput+0x1e/0x30 [ 95.237666] task_work_run+0x1a4/0x2d0 [ 95.237979] ? __pfx_task_work_run+0x10/0x10 [ 95.238327] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.238732] ? switch_task_namespaces+0xa9/0xe0 [ 95.239115] do_exit+0xb17/0x2ef0 [ 95.239387] ? lock_acquire+0x427/0x4c0 [ 95.239711] ? __pfx_lock_release+0x10/0x10 [ 95.240055] ? __kasan_check_write+0x18/0x20 [ 95.240401] ? do_raw_spin_lock+0x132/0x2a0 [ 95.240739] ? __pfx_do_exit+0x10/0x10 [ 95.241051] ? debug_smp_processor_id+0x20/0x30 [ 95.241418] ? rcu_is_watching+0x19/0xb0 [ 95.241741] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.242101] ? trace_hardirqs_on+0x26/0x120 [ 95.242446] do_group_exit+0xe0/0x2b0 [ 95.242765] __x64_sys_exit_group+0x47/0x50 [ 95.243105] do_syscall_64+0x3b/0x90 [ 95.243412] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.243821] RIP: 0033:0x7f4b87518a4d [ 95.244110] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.244584] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.245174] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.245726] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.246280] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.246848] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.247414] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.247974] [ 95.248158] irq event stamp: 0 [ 95.248407] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.248899] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.249546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.250190] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.250692] ---[ end trace 0000000000000000 ]--- [ 95.254627] ------------[ cut here ]------------ [ 95.255020] WARNING: CPU: 0 PID: 830 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.255808] Modules linked in: [ 95.256060] CPU: 0 PID: 830 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.256724] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.257590] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.257974] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.259589] RSP: 0018:ffff888012cb7bb8 EFLAGS: 00010246 [ 95.260012] RAX: 0000000000000000 RBX: ffff8880139748a8 RCX: 0000000000000000 [ 95.260561] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 95.261170] RBP: ffff888012cb7bd0 R08: ffffed100272e933 R09: ffffed100272e933 [ 95.261725] R10: ffff888013974993 R11: ffffed100272e932 R12: ffff888021bb7400 [ 95.262272] R13: ffff8880139749e8 R14: ffffffff8352e670 R15: ffff888012cb7e68 [ 95.262850] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.263576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.264147] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 95.264761] PKRU: 55555554 [ 95.265076] Call Trace: [ 95.265276] [ 95.265454] __iommufd_access_detach+0x1c2/0x2b0 [ 95.265838] iommufd_access_change_pt+0x149/0x270 [ 95.266267] iommufd_access_replace+0xb4/0x120 [ 95.266742] iommufd_test+0x3e5/0x37e0 [ 95.267049] ? lock_release+0x532/0x770 [ 95.267378] ? __might_fault+0x102/0x1b0 [ 95.267764] ? lock_acquire+0x427/0x4c0 [ 95.268162] ? __pfx_iommufd_test+0x10/0x10 [ 95.268500] ? __pfx_lock_release+0x10/0x10 [ 95.268904] ? __pfx_lock_acquire+0x10/0x10 [ 95.269308] ? write_comp_data+0x2f/0x90 [ 95.269637] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.270081] ? write_comp_data+0x2f/0x90 [ 95.270494] iommufd_fops_ioctl+0x37d/0x510 [ 95.270865] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.271259] ? write_comp_data+0x2f/0x90 [ 95.271649] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.272115] __x64_sys_ioctl+0x1a3/0x230 [ 95.272444] do_syscall_64+0x3b/0x90 [ 95.272785] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.273278] RIP: 0033:0x7f4b8743ee5d [ 95.273570] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.275163] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.275832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.276486] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.277034] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.277591] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.278301] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.278892] [ 95.279077] irq event stamp: 0 [ 95.279344] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.279840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.280563] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.281305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.281935] ---[ end trace 0000000000000000 ]--- [ 95.284765] ------------[ cut here ]------------ [ 95.285142] WARNING: CPU: 0 PID: 830 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.286048] Modules linked in: [ 95.286296] CPU: 0 PID: 830 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.287127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.287994] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.288443] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.289937] RSP: 0018:ffff888012cb7bd0 EFLAGS: 00010246 [ 95.290480] RAX: 0000000000000000 RBX: ffff8880139748a8 RCX: 0000000000000000 [ 95.291068] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 95.291722] RBP: ffff888012cb7be8 R08: ffffed100272e933 R09: ffffed100272e933 [ 95.292398] R10: ffff888013974993 R11: ffffed100272e932 R12: ffff888012ea8800 [ 95.293150] R13: ffff8880139749e8 R14: ffff888014589500 R15: 0000000000000000 [ 95.293727] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.294549] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.295022] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.295651] PKRU: 55555554 [ 95.295976] Call Trace: [ 95.296188] [ 95.296373] iommufd_access_destroy_object+0x65/0x170 [ 95.296839] iommufd_object_destroy_user+0x18e/0x220 [ 95.297340] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.297817] iommufd_access_destroy+0x43/0x70 [ 95.298258] iommufd_test_staccess_release+0x8d/0xd0 [ 95.298782] __fput+0x26d/0xa40 [ 95.299068] ____fput+0x1e/0x30 [ 95.299366] task_work_run+0x1a4/0x2d0 [ 95.299744] ? __pfx_task_work_run+0x10/0x10 [ 95.300192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.300598] ? switch_task_namespaces+0xa9/0xe0 [ 95.301057] do_exit+0xb17/0x2ef0 [ 95.301433] ? lock_acquire+0x427/0x4c0 [ 95.301772] ? __pfx_lock_release+0x10/0x10 [ 95.302164] ? __kasan_check_write+0x18/0x20 [ 95.302648] ? do_raw_spin_lock+0x132/0x2a0 [ 95.303005] ? __pfx_do_exit+0x10/0x10 [ 95.303340] ? debug_smp_processor_id+0x20/0x30 [ 95.303791] ? rcu_is_watching+0x19/0xb0 [ 95.304214] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.304593] ? trace_hardirqs_on+0x26/0x120 [ 95.304984] do_group_exit+0xe0/0x2b0 [ 95.305399] __x64_sys_exit_group+0x47/0x50 [ 95.305750] do_syscall_64+0x3b/0x90 [ 95.306061] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.306648] RIP: 0033:0x7f4b87518a4d [ 95.306954] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.307468] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.308156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.308817] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.309529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.310107] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.310842] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.311450] [ 95.311643] irq event stamp: 0 [ 95.311939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.312542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.313397] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.314083] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.314686] ---[ end trace 0000000000000000 ]--- [ 95.315495] ------------[ cut here ]------------ [ 95.315937] WARNING: CPU: 0 PID: 830 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.316863] Modules linked in: [ 95.317154] CPU: 0 PID: 830 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.317945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.319010] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.319438] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.321098] RSP: 0018:ffff888012cb7b78 EFLAGS: 00010246 [ 95.321727] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.322331] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 95.323137] RBP: ffff888012cb7b98 R08: ffffed100272e93e R09: ffffed100272e93e [ 95.323742] R10: ffff8880139749ef R11: ffffed100272e93d R12: ffff888013974a90 [ 95.324419] R13: ffff8880139748a8 R14: ffffffffffffffff R15: ffff888012cb7c60 [ 95.325185] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.326050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.326571] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.327569] PKRU: 55555554 [ 95.327914] Call Trace: [ 95.328339] [ 95.328840] iommufd_ioas_destroy+0x53/0x70 [ 95.329383] iommufd_fops_release+0x1f7/0x370 [ 95.330204] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.330935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.331655] ? write_comp_data+0x2f/0x90 [ 95.332162] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.333019] __fput+0x26d/0xa40 [ 95.333453] ____fput+0x1e/0x30 [ 95.334077] task_work_run+0x1a4/0x2d0 [ 95.334617] ? __pfx_task_work_run+0x10/0x10 [ 95.335231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.335986] ? switch_task_namespaces+0xa9/0xe0 [ 95.336791] do_exit+0xb17/0x2ef0 [ 95.337227] ? lock_acquire+0x427/0x4c0 [ 95.337775] ? __pfx_lock_release+0x10/0x10 [ 95.338463] ? __kasan_check_write+0x18/0x20 [ 95.339060] ? do_raw_spin_lock+0x132/0x2a0 [ 95.339720] ? __pfx_do_exit+0x10/0x10 [ 95.340209] ? debug_smp_processor_id+0x20/0x30 [ 95.341028] ? rcu_is_watching+0x19/0xb0 [ 95.341518] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.342249] ? trace_hardirqs_on+0x26/0x120 [ 95.342817] do_group_exit+0xe0/0x2b0 [ 95.343284] __x64_sys_exit_group+0x47/0x50 [ 95.344001] do_syscall_64+0x3b/0x90 [ 95.344461] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.345276] RIP: 0033:0x7f4b87518a4d [ 95.345727] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.346669] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.347569] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.348590] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.349617] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.350686] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.351530] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.352580] [ 95.352865] irq event stamp: 0 [ 95.353234] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.353963] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.354963] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.355960] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.356686] ---[ end trace 0000000000000000 ]--- [ 95.361206] ------------[ cut here ]------------ [ 95.361654] WARNING: CPU: 0 PID: 831 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.362468] Modules linked in: [ 95.362948] CPU: 0 PID: 831 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.363656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.364556] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.364957] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.366409] RSP: 0018:ffff8880170d7bb8 EFLAGS: 00010246 [ 95.366855] RAX: 0000000000000000 RBX: ffff888023d6b0a8 RCX: 0000000000000000 [ 95.367430] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 95.368000] RBP: ffff8880170d7bd0 R08: ffffed10047ad633 R09: ffffed10047ad633 [ 95.368573] R10: ffff888023d6b193 R11: ffffed10047ad632 R12: ffff88801847bc00 [ 95.369142] R13: ffff888023d6b1e8 R14: ffffffff8352e670 R15: ffff8880170d7e68 [ 95.369712] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.370357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.370847] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ef0 [ 95.371436] PKRU: 55555554 [ 95.371669] Call Trace: [ 95.371875] [ 95.372061] __iommufd_access_detach+0x1c2/0x2b0 [ 95.372454] iommufd_access_change_pt+0x149/0x270 [ 95.372857] iommufd_access_replace+0xb4/0x120 [ 95.373234] iommufd_test+0x3e5/0x37e0 [ 95.373550] ? lock_release+0x532/0x770 [ 95.373880] ? __might_fault+0x102/0x1b0 [ 95.374217] ? lock_acquire+0x427/0x4c0 [ 95.374576] ? __pfx_iommufd_test+0x10/0x10 [ 95.374930] ? __pfx_lock_release+0x10/0x10 [ 95.375312] ? __pfx_lock_acquire+0x10/0x10 [ 95.375672] ? write_comp_data+0x2f/0x90 [ 95.376010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.376410] ? write_comp_data+0x2f/0x90 [ 95.376746] iommufd_fops_ioctl+0x37d/0x510 [ 95.377098] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.377504] ? write_comp_data+0x2f/0x90 [ 95.377846] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.378241] __x64_sys_ioctl+0x1a3/0x230 [ 95.378611] do_syscall_64+0x3b/0x90 [ 95.378924] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.379357] RIP: 0033:0x7f4b8743ee5d [ 95.379663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.381098] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.381707] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.382269] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.382861] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.383445] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.384005] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.384574] [ 95.384762] irq event stamp: 0 [ 95.385017] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.385515] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.386175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.386855] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.387354] ---[ end trace 0000000000000000 ]--- [ 95.390194] ------------[ cut here ]------------ [ 95.390620] WARNING: CPU: 0 PID: 831 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.391422] Modules linked in: [ 95.391677] CPU: 0 PID: 831 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.392360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.393242] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.393633] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.395084] RSP: 0018:ffff8880170d7bd0 EFLAGS: 00010246 [ 95.395512] RAX: 0000000000000000 RBX: ffff888023d6b0a8 RCX: 0000000000000000 [ 95.396076] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 95.396640] RBP: ffff8880170d7be8 R08: ffffed10047ad633 R09: ffffed10047ad633 [ 95.397202] R10: ffff888023d6b193 R11: ffffed10047ad632 R12: ffff888021bb5800 [ 95.397763] R13: ffff888023d6b1e8 R14: ffff888013d16d00 R15: 0000000000000000 [ 95.398323] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.398965] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.399438] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.400007] PKRU: 55555554 [ 95.400237] Call Trace: [ 95.400442] [ 95.400624] iommufd_access_destroy_object+0x65/0x170 [ 95.401046] iommufd_object_destroy_user+0x18e/0x220 [ 95.401460] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.401934] iommufd_access_destroy+0x43/0x70 [ 95.402305] iommufd_test_staccess_release+0x8d/0xd0 [ 95.402743] __fput+0x26d/0xa40 [ 95.403028] ____fput+0x1e/0x30 [ 95.403329] task_work_run+0x1a4/0x2d0 [ 95.403653] ? __pfx_task_work_run+0x10/0x10 [ 95.404020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.404421] ? switch_task_namespaces+0xa9/0xe0 [ 95.404806] do_exit+0xb17/0x2ef0 [ 95.405087] ? lock_acquire+0x427/0x4c0 [ 95.405418] ? __pfx_lock_release+0x10/0x10 [ 95.405772] ? __kasan_check_write+0x18/0x20 [ 95.406132] ? do_raw_spin_lock+0x132/0x2a0 [ 95.406487] ? __pfx_do_exit+0x10/0x10 [ 95.406838] ? debug_smp_processor_id+0x20/0x30 [ 95.407214] ? rcu_is_watching+0x19/0xb0 [ 95.407539] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.407902] ? trace_hardirqs_on+0x26/0x120 [ 95.408249] do_group_exit+0xe0/0x2b0 [ 95.408552] __x64_sys_exit_group+0x47/0x50 [ 95.408892] do_syscall_64+0x3b/0x90 [ 95.409197] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.409610] RIP: 0033:0x7f4b87518a4d [ 95.409904] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.410388] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.411008] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.411572] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.412124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.412682] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.413235] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.413796] [ 95.413981] irq event stamp: 0 [ 95.414228] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.414743] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.415404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.416052] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.416540] ---[ end trace 0000000000000000 ]--- [ 95.417236] ------------[ cut here ]------------ [ 95.417603] WARNING: CPU: 0 PID: 831 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.418388] Modules linked in: [ 95.418663] CPU: 0 PID: 831 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.419356] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.420227] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.420628] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.422091] RSP: 0018:ffff8880170d7b78 EFLAGS: 00010246 [ 95.422528] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.423074] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 95.423619] RBP: ffff8880170d7b98 R08: ffffed10047ad63e R09: ffffed10047ad63e [ 95.424161] R10: ffff888023d6b1ef R11: ffffed10047ad63d R12: ffff888023d6b290 [ 95.424701] R13: ffff888023d6b0a8 R14: ffffffffffffffff R15: ffff8880170d7c60 [ 95.425241] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.425851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.426291] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.426866] PKRU: 55555554 [ 95.427084] Call Trace: [ 95.427286] [ 95.427461] iommufd_ioas_destroy+0x53/0x70 [ 95.427799] iommufd_fops_release+0x1f7/0x370 [ 95.428150] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.428540] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.428929] ? write_comp_data+0x2f/0x90 [ 95.429259] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.429649] __fput+0x26d/0xa40 [ 95.429919] ____fput+0x1e/0x30 [ 95.430182] task_work_run+0x1a4/0x2d0 [ 95.430487] ? __pfx_task_work_run+0x10/0x10 [ 95.430858] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.431244] ? switch_task_namespaces+0xa9/0xe0 [ 95.431614] do_exit+0xb17/0x2ef0 [ 95.431884] ? lock_acquire+0x427/0x4c0 [ 95.432201] ? __pfx_lock_release+0x10/0x10 [ 95.432538] ? __kasan_check_write+0x18/0x20 [ 95.432881] ? do_raw_spin_lock+0x132/0x2a0 [ 95.433212] ? __pfx_do_exit+0x10/0x10 [ 95.433520] ? debug_smp_processor_id+0x20/0x30 [ 95.433880] ? rcu_is_watching+0x19/0xb0 [ 95.434196] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.434567] ? trace_hardirqs_on+0x26/0x120 [ 95.434906] do_group_exit+0xe0/0x2b0 [ 95.435218] __x64_sys_exit_group+0x47/0x50 [ 95.435550] do_syscall_64+0x3b/0x90 [ 95.435842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.436244] RIP: 0033:0x7f4b87518a4d [ 95.436529] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.436996] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.437572] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.438117] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.438689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.439242] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.439782] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.440328] [ 95.440506] irq event stamp: 0 [ 95.440747] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.441227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.441860] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.442493] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.442991] ---[ end trace 0000000000000000 ]--- [ 95.447797] ------------[ cut here ]------------ [ 95.448185] WARNING: CPU: 0 PID: 832 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.448932] Modules linked in: [ 95.449170] CPU: 0 PID: 832 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.449809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.450826] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.451207] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.452551] RSP: 0018:ffff888015d17bb8 EFLAGS: 00010246 [ 95.453012] RAX: 0000000000000000 RBX: ffff8880184230a8 RCX: 0000000000000000 [ 95.453578] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 95.454102] RBP: ffff888015d17bd0 R08: ffffed1003084633 R09: ffffed1003084633 [ 95.454645] R10: ffff888018423193 R11: ffffed1003084632 R12: ffff888017ba3800 [ 95.455177] R13: ffff8880184231e8 R14: ffffffff8352e670 R15: ffff888015d17e68 [ 95.455703] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.456295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.456724] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 95.457251] PKRU: 55555554 [ 95.457462] Call Trace: [ 95.457658] [ 95.457827] __iommufd_access_detach+0x1c2/0x2b0 [ 95.458193] iommufd_access_change_pt+0x149/0x270 [ 95.458573] iommufd_access_replace+0xb4/0x120 [ 95.458925] iommufd_test+0x3e5/0x37e0 [ 95.459225] ? lock_release+0x532/0x770 [ 95.459532] ? __might_fault+0x102/0x1b0 [ 95.459842] ? lock_acquire+0x427/0x4c0 [ 95.460149] ? __pfx_iommufd_test+0x10/0x10 [ 95.460475] ? __pfx_lock_release+0x10/0x10 [ 95.460808] ? __pfx_lock_acquire+0x10/0x10 [ 95.461140] ? write_comp_data+0x2f/0x90 [ 95.461455] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.461827] ? write_comp_data+0x2f/0x90 [ 95.462140] iommufd_fops_ioctl+0x37d/0x510 [ 95.462468] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.462854] ? write_comp_data+0x2f/0x90 [ 95.463173] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.463540] __x64_sys_ioctl+0x1a3/0x230 [ 95.463857] do_syscall_64+0x3b/0x90 [ 95.464144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.464541] RIP: 0033:0x7f4b8743ee5d [ 95.464818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.466168] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.466748] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.467284] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.467817] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.468352] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.468893] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.469431] [ 95.469612] irq event stamp: 0 [ 95.469854] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.470324] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.470973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.471626] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.472102] ---[ end trace 0000000000000000 ]--- [ 95.474757] ------------[ cut here ]------------ [ 95.475147] WARNING: CPU: 0 PID: 832 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.475896] Modules linked in: [ 95.476139] CPU: 0 PID: 832 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.476790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.477626] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.478001] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.479372] RSP: 0018:ffff888015d17bd0 EFLAGS: 00010246 [ 95.479767] RAX: 0000000000000000 RBX: ffff8880184230a8 RCX: 0000000000000000 [ 95.480287] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 95.480816] RBP: ffff888015d17be8 R08: ffffed1003084633 R09: ffffed1003084633 [ 95.481349] R10: ffff888018423193 R11: ffffed1003084632 R12: ffff888018479400 [ 95.481881] R13: ffff8880184231e8 R14: ffff8880143e0800 R15: 0000000000000000 [ 95.482417] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.483042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.483486] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.484025] PKRU: 55555554 [ 95.484241] Call Trace: [ 95.484434] [ 95.484606] iommufd_access_destroy_object+0x65/0x170 [ 95.485056] iommufd_object_destroy_user+0x18e/0x220 [ 95.485447] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.485894] iommufd_access_destroy+0x43/0x70 [ 95.486255] iommufd_test_staccess_release+0x8d/0xd0 [ 95.486690] __fput+0x26d/0xa40 [ 95.486961] ____fput+0x1e/0x30 [ 95.487238] task_work_run+0x1a4/0x2d0 [ 95.487548] ? __pfx_task_work_run+0x10/0x10 [ 95.487887] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.488261] ? switch_task_namespaces+0xa9/0xe0 [ 95.488635] do_exit+0xb17/0x2ef0 [ 95.488903] ? lock_acquire+0x427/0x4c0 [ 95.489216] ? __pfx_lock_release+0x10/0x10 [ 95.489547] ? __kasan_check_write+0x18/0x20 [ 95.489890] ? do_raw_spin_lock+0x132/0x2a0 [ 95.490222] ? __pfx_do_exit+0x10/0x10 [ 95.490558] ? debug_smp_processor_id+0x20/0x30 [ 95.490920] ? rcu_is_watching+0x19/0xb0 [ 95.491237] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.491589] ? trace_hardirqs_on+0x26/0x120 [ 95.491922] do_group_exit+0xe0/0x2b0 [ 95.492211] __x64_sys_exit_group+0x47/0x50 [ 95.492533] do_syscall_64+0x3b/0x90 [ 95.492825] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.493224] RIP: 0033:0x7f4b87518a4d [ 95.493507] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.493969] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.494560] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.495095] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.495632] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.496175] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.496722] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.497283] [ 95.497470] irq event stamp: 0 [ 95.497713] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.498216] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.498913] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.499577] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.500073] ---[ end trace 0000000000000000 ]--- [ 95.500755] ------------[ cut here ]------------ [ 95.501118] WARNING: CPU: 0 PID: 832 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.501895] Modules linked in: [ 95.502146] CPU: 0 PID: 832 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.502839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.503718] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.504120] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.505522] RSP: 0018:ffff888015d17b78 EFLAGS: 00010246 [ 95.505939] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.506484] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 95.507071] RBP: ffff888015d17b98 R08: ffffed100308463e R09: ffffed100308463e [ 95.507638] R10: ffff8880184231ef R11: ffffed100308463d R12: ffff888018423290 [ 95.508191] R13: ffff8880184230a8 R14: ffffffffffffffff R15: ffff888015d17c60 [ 95.508753] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.509402] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.509880] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.510465] PKRU: 55555554 [ 95.510736] Call Trace: [ 95.510950] [ 95.511148] iommufd_ioas_destroy+0x53/0x70 [ 95.511511] iommufd_fops_release+0x1f7/0x370 [ 95.511891] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.512300] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.512717] ? write_comp_data+0x2f/0x90 [ 95.513059] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.513475] __fput+0x26d/0xa40 [ 95.513761] ____fput+0x1e/0x30 [ 95.514040] task_work_run+0x1a4/0x2d0 [ 95.514374] ? __pfx_task_work_run+0x10/0x10 [ 95.514778] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.515206] ? switch_task_namespaces+0xa9/0xe0 [ 95.515605] do_exit+0xb17/0x2ef0 [ 95.515902] ? lock_acquire+0x427/0x4c0 [ 95.516240] ? __pfx_lock_release+0x10/0x10 [ 95.516601] ? __kasan_check_write+0x18/0x20 [ 95.517022] ? do_raw_spin_lock+0x132/0x2a0 [ 95.517384] ? __pfx_do_exit+0x10/0x10 [ 95.517974] ? debug_smp_processor_id+0x20/0x30 [ 95.518371] ? rcu_is_watching+0x19/0xb0 [ 95.518749] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.519142] ? trace_hardirqs_on+0x26/0x120 [ 95.519510] do_group_exit+0xe0/0x2b0 [ 95.519854] __x64_sys_exit_group+0x47/0x50 [ 95.520384] do_syscall_64+0x3b/0x90 [ 95.520726] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.521178] RIP: 0033:0x7f4b87518a4d [ 95.521503] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.522030] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.522919] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.523534] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.524142] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.524764] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.525382] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.526231] [ 95.526441] irq event stamp: 0 [ 95.526747] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.527302] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.528028] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.528848] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.529523] ---[ end trace 0000000000000000 ]--- [ 95.534787] ------------[ cut here ]------------ [ 95.535241] WARNING: CPU: 0 PID: 833 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.536103] Modules linked in: [ 95.536380] CPU: 0 PID: 833 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.537665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.538733] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.539227] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.540985] RSP: 0018:ffff8880186cfbb8 EFLAGS: 00010246 [ 95.541451] RAX: 0000000000000000 RBX: ffff8880189058a8 RCX: 0000000000000000 [ 95.542066] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 95.542707] RBP: ffff8880186cfbd0 R08: ffffed1003120b33 R09: ffffed1003120b33 [ 95.543343] R10: ffff888018905993 R11: ffffed1003120b32 R12: ffff888016633000 [ 95.543957] R13: ffff8880189059e8 R14: ffffffff8352e670 R15: ffff8880186cfe68 [ 95.544610] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.545354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.545894] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ef0 [ 95.546587] PKRU: 55555554 [ 95.546853] Call Trace: [ 95.547095] [ 95.547322] __iommufd_access_detach+0x1c2/0x2b0 [ 95.547783] iommufd_access_change_pt+0x149/0x270 [ 95.548242] iommufd_access_replace+0xb4/0x120 [ 95.548689] iommufd_test+0x3e5/0x37e0 [ 95.549134] ? lock_release+0x532/0x770 [ 95.549524] ? __might_fault+0x102/0x1b0 [ 95.549915] ? lock_acquire+0x427/0x4c0 [ 95.550296] ? __pfx_iommufd_test+0x10/0x10 [ 95.550745] ? __pfx_lock_release+0x10/0x10 [ 95.551174] ? __pfx_lock_acquire+0x10/0x10 [ 95.551587] ? write_comp_data+0x2f/0x90 [ 95.551982] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.552448] ? write_comp_data+0x2f/0x90 [ 95.552844] iommufd_fops_ioctl+0x37d/0x510 [ 95.553253] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.553719] ? write_comp_data+0x2f/0x90 [ 95.554118] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.554616] __x64_sys_ioctl+0x1a3/0x230 [ 95.555017] do_syscall_64+0x3b/0x90 [ 95.555391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.555885] RIP: 0033:0x7f4b8743ee5d [ 95.556237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.557946] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.558721] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.559404] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.560075] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.560747] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.561418] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.562114] [ 95.562348] irq event stamp: 0 [ 95.562701] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.563348] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.564142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.564933] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.565540] ---[ end trace 0000000000000000 ]--- [ 95.569100] ------------[ cut here ]------------ [ 95.569579] WARNING: CPU: 0 PID: 833 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.570904] Modules linked in: [ 95.571236] CPU: 0 PID: 833 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.572066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.573139] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.573915] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.575687] RSP: 0018:ffff8880186cfbd0 EFLAGS: 00010246 [ 95.576472] RAX: 0000000000000000 RBX: ffff8880189058a8 RCX: 0000000000000000 [ 95.577159] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 95.577842] RBP: ffff8880186cfbe8 R08: ffffed1003120b33 R09: ffffed1003120b33 [ 95.578550] R10: ffff888018905993 R11: ffffed1003120b32 R12: ffff888017ba2800 [ 95.579236] R13: ffff8880189059e8 R14: ffff888013ced400 R15: 0000000000000000 [ 95.579935] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.580735] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.581384] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.582165] PKRU: 55555554 [ 95.582477] Call Trace: [ 95.582821] [ 95.583083] iommufd_access_destroy_object+0x65/0x170 [ 95.583664] iommufd_object_destroy_user+0x18e/0x220 [ 95.584235] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.584862] iommufd_access_destroy+0x43/0x70 [ 95.585343] iommufd_test_staccess_release+0x8d/0xd0 [ 95.585905] __fput+0x26d/0xa40 [ 95.586305] ____fput+0x1e/0x30 [ 95.586770] task_work_run+0x1a4/0x2d0 [ 95.587218] ? __pfx_task_work_run+0x10/0x10 [ 95.587705] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.588244] ? switch_task_namespaces+0xa9/0xe0 [ 95.588770] do_exit+0xb17/0x2ef0 [ 95.589152] ? lock_acquire+0x427/0x4c0 [ 95.589794] ? __pfx_lock_release+0x10/0x10 [ 95.590615] ? __kasan_check_write+0x18/0x20 [ 95.591124] ? do_raw_spin_lock+0x132/0x2a0 [ 95.591602] ? __pfx_do_exit+0x10/0x10 [ 95.592033] ? debug_smp_processor_id+0x20/0x30 [ 95.592632] ? rcu_is_watching+0x19/0xb0 [ 95.593285] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.593783] ? trace_hardirqs_on+0x26/0x120 [ 95.594259] do_group_exit+0xe0/0x2b0 [ 95.594737] __x64_sys_exit_group+0x47/0x50 [ 95.595207] do_syscall_64+0x3b/0x90 [ 95.595608] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.596165] RIP: 0033:0x7f4b87518a4d [ 95.596568] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.597212] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.598032] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.598842] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.599608] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.600355] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.601120] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.601877] [ 95.602134] irq event stamp: 0 [ 95.602479] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.603214] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.604114] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.604998] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.605668] ---[ end trace 0000000000000000 ]--- [ 95.606848] ------------[ cut here ]------------ [ 95.607395] WARNING: CPU: 0 PID: 833 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.608472] Modules linked in: [ 95.608818] CPU: 0 PID: 833 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.609976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.611555] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.612110] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.614670] RSP: 0018:ffff8880186cfb78 EFLAGS: 00010246 [ 95.615244] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.615987] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 95.616733] RBP: ffff8880186cfb98 R08: ffffed1003120b3e R09: ffffed1003120b3e [ 95.617485] R10: ffff8880189059ef R11: ffffed1003120b3d R12: ffff888018905a90 [ 95.618227] R13: ffff8880189058a8 R14: ffffffffffffffff R15: ffff8880186cfc60 [ 95.619012] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.619884] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.620493] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.621238] PKRU: 55555554 [ 95.621541] Call Trace: [ 95.621814] [ 95.622059] iommufd_ioas_destroy+0x53/0x70 [ 95.622571] iommufd_fops_release+0x1f7/0x370 [ 95.623055] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.623598] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.624130] ? write_comp_data+0x2f/0x90 [ 95.624577] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.625125] __fput+0x26d/0xa40 [ 95.625495] ____fput+0x1e/0x30 [ 95.625857] task_work_run+0x1a4/0x2d0 [ 95.626281] ? __pfx_task_work_run+0x10/0x10 [ 95.626822] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.627373] ? switch_task_namespaces+0xa9/0xe0 [ 95.627887] do_exit+0xb17/0x2ef0 [ 95.628256] ? lock_acquire+0x427/0x4c0 [ 95.628686] ? __pfx_lock_release+0x10/0x10 [ 95.629184] ? __kasan_check_write+0x18/0x20 [ 95.629804] ? do_raw_spin_lock+0x132/0x2a0 [ 95.630604] ? __pfx_do_exit+0x10/0x10 [ 95.631038] ? debug_smp_processor_id+0x20/0x30 [ 95.631566] ? rcu_is_watching+0x19/0xb0 [ 95.632010] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.632602] ? trace_hardirqs_on+0x26/0x120 [ 95.633387] do_group_exit+0xe0/0x2b0 [ 95.633804] __x64_sys_exit_group+0x47/0x50 [ 95.634252] do_syscall_64+0x3b/0x90 [ 95.634695] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.635296] RIP: 0033:0x7f4b87518a4d [ 95.635866] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.636752] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.637572] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.638377] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.639506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.640272] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.641041] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.642259] [ 95.642552] irq event stamp: 0 [ 95.642894] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.643585] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.644593] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.645810] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.646542] ---[ end trace 0000000000000000 ]--- [ 95.653489] ------------[ cut here ]------------ [ 95.654121] WARNING: CPU: 0 PID: 834 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.655617] Modules linked in: [ 95.655974] CPU: 0 PID: 834 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.656885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.658095] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.658670] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.660628] RSP: 0018:ffff888012a17bb8 EFLAGS: 00010246 [ 95.661193] RAX: 0000000000000000 RBX: ffff88800fe308a8 RCX: 0000000000000000 [ 95.661944] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 95.662760] RBP: ffff888012a17bd0 R08: ffffed1001fc6133 R09: ffffed1001fc6133 [ 95.663537] R10: ffff88800fe30993 R11: ffffed1001fc6132 R12: ffff88800fd3f400 [ 95.664303] R13: ffff88800fe309e8 R14: ffffffff8352e670 R15: ffff888012a17e68 [ 95.665061] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.665903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.666568] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ef0 [ 95.667345] PKRU: 55555554 [ 95.667643] Call Trace: [ 95.667917] [ 95.668154] __iommufd_access_detach+0x1c2/0x2b0 [ 95.668675] iommufd_access_change_pt+0x149/0x270 [ 95.669192] iommufd_access_replace+0xb4/0x120 [ 95.669692] iommufd_test+0x3e5/0x37e0 [ 95.670110] ? lock_release+0x532/0x770 [ 95.670609] ? __might_fault+0x102/0x1b0 [ 95.671057] ? lock_acquire+0x427/0x4c0 [ 95.671505] ? __pfx_iommufd_test+0x10/0x10 [ 95.671970] ? __pfx_lock_release+0x10/0x10 [ 95.672438] ? __pfx_lock_acquire+0x10/0x10 [ 95.672911] ? write_comp_data+0x2f/0x90 [ 95.673354] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.673879] ? write_comp_data+0x2f/0x90 [ 95.674320] iommufd_fops_ioctl+0x37d/0x510 [ 95.674842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.675397] ? write_comp_data+0x2f/0x90 [ 95.675854] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.676368] __x64_sys_ioctl+0x1a3/0x230 [ 95.676817] do_syscall_64+0x3b/0x90 [ 95.677301] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.677861] RIP: 0033:0x7f4b8743ee5d [ 95.678262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.680239] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.681057] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.681818] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.682613] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.683381] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.684125] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.684884] [ 95.685138] irq event stamp: 0 [ 95.685472] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.686137] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.687086] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.687986] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.688653] ---[ end trace 0000000000000000 ]--- [ 95.692541] ------------[ cut here ]------------ [ 95.693125] WARNING: CPU: 0 PID: 834 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.694484] Modules linked in: [ 95.694862] CPU: 0 PID: 834 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.695808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.697501] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.698042] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.700401] RSP: 0018:ffff888012a17bd0 EFLAGS: 00010246 [ 95.700971] RAX: 0000000000000000 RBX: ffff88800fe308a8 RCX: 0000000000000000 [ 95.701725] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 95.702481] RBP: ffff888012a17be8 R08: ffffed1001fc6133 R09: ffffed1001fc6133 [ 95.703470] R10: ffff88800fe30993 R11: ffffed1001fc6132 R12: ffff888016631c00 [ 95.704399] R13: ffff88800fe309e8 R14: ffff888020917e00 R15: 0000000000000000 [ 95.705157] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.706014] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.706861] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.707775] PKRU: 55555554 [ 95.708087] Call Trace: [ 95.708362] [ 95.708605] iommufd_access_destroy_object+0x65/0x170 [ 95.709258] iommufd_object_destroy_user+0x18e/0x220 [ 95.710000] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.710837] iommufd_access_destroy+0x43/0x70 [ 95.711347] iommufd_test_staccess_release+0x8d/0xd0 [ 95.711900] __fput+0x26d/0xa40 [ 95.712274] ____fput+0x1e/0x30 [ 95.712647] task_work_run+0x1a4/0x2d0 [ 95.713126] ? __pfx_task_work_run+0x10/0x10 [ 95.713889] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.714430] ? switch_task_namespaces+0xa9/0xe0 [ 95.715008] do_exit+0xb17/0x2ef0 [ 95.715399] ? lock_acquire+0x427/0x4c0 [ 95.715838] ? __pfx_lock_release+0x10/0x10 [ 95.716305] ? __kasan_check_write+0x18/0x20 [ 95.716888] ? do_raw_spin_lock+0x132/0x2a0 [ 95.717525] ? __pfx_do_exit+0x10/0x10 [ 95.717961] ? debug_smp_processor_id+0x20/0x30 [ 95.718467] ? rcu_is_watching+0x19/0xb0 [ 95.718955] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.719471] ? trace_hardirqs_on+0x26/0x120 [ 95.719951] do_group_exit+0xe0/0x2b0 [ 95.720481] __x64_sys_exit_group+0x47/0x50 [ 95.721119] do_syscall_64+0x3b/0x90 [ 95.721533] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.722097] RIP: 0033:0x7f4b87518a4d [ 95.722500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.723209] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.724379] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.725138] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.725905] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.726869] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.727826] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.728593] [ 95.728847] irq event stamp: 0 [ 95.729186] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.730019] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.731148] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.732054] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.733021] ---[ end trace 0000000000000000 ]--- [ 95.734414] ------------[ cut here ]------------ [ 95.735000] WARNING: CPU: 0 PID: 834 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.736369] Modules linked in: [ 95.736722] CPU: 0 PID: 834 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.737694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.739180] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.739742] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.742061] RSP: 0018:ffff888012a17b78 EFLAGS: 00010246 [ 95.742668] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.743549] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 95.744475] RBP: ffff888012a17b98 R08: ffffed1001fc613e R09: ffffed1001fc613e [ 95.745244] R10: ffff88800fe309ef R11: ffffed1001fc613d R12: ffff88800fe30a90 [ 95.746059] R13: ffff88800fe308a8 R14: ffffffffffffffff R15: ffff888012a17c60 [ 95.747225] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.748216] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.748857] CR2: 00007f82e2bca000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 95.749634] PKRU: 55555554 [ 95.749950] Call Trace: [ 95.750233] [ 95.750480] iommufd_ioas_destroy+0x53/0x70 [ 95.751012] iommufd_fops_release+0x1f7/0x370 [ 95.751530] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.752077] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.752627] ? write_comp_data+0x2f/0x90 [ 95.753084] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.753640] __fput+0x26d/0xa40 [ 95.754014] ____fput+0x1e/0x30 [ 95.754381] task_work_run+0x1a4/0x2d0 [ 95.754860] ? __pfx_task_work_run+0x10/0x10 [ 95.755361] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.755901] ? switch_task_namespaces+0xa9/0xe0 [ 95.756436] do_exit+0xb17/0x2ef0 [ 95.756825] ? lock_acquire+0x427/0x4c0 [ 95.757275] ? __pfx_lock_release+0x10/0x10 [ 95.757757] ? __kasan_check_write+0x18/0x20 [ 95.758243] ? do_raw_spin_lock+0x132/0x2a0 [ 95.758763] ? __pfx_do_exit+0x10/0x10 [ 95.759240] ? debug_smp_processor_id+0x20/0x30 [ 95.759761] ? rcu_is_watching+0x19/0xb0 [ 95.760215] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.760721] ? trace_hardirqs_on+0x26/0x120 [ 95.761197] do_group_exit+0xe0/0x2b0 [ 95.761611] __x64_sys_exit_group+0x47/0x50 [ 95.762080] do_syscall_64+0x3b/0x90 [ 95.762496] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.763126] RIP: 0033:0x7f4b87518a4d [ 95.763540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.764212] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.765037] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.765806] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.766616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.767422] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.768216] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.769001] [ 95.769254] irq event stamp: 0 [ 95.769597] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.770283] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.771242] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.772160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.772844] ---[ end trace 0000000000000000 ]--- [ 95.785050] ------------[ cut here ]------------ [ 95.785796] WARNING: CPU: 1 PID: 835 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.787583] Modules linked in: [ 95.788053] CPU: 1 PID: 835 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.789603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.791535] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.792388] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.795203] RSP: 0018:ffff888011ecfbb8 EFLAGS: 00010246 [ 95.796015] RAX: 0000000000000000 RBX: ffff888015d280a8 RCX: 0000000000000000 [ 95.797105] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 95.798297] RBP: ffff888011ecfbd0 R08: ffffed1002ba5033 R09: ffffed1002ba5033 [ 95.799343] R10: ffff888015d28193 R11: ffffed1002ba5032 R12: ffff88800f170c00 [ 95.800532] R13: ffff888015d281e8 R14: ffffffff8352e670 R15: ffff888011ecfe68 [ 95.801729] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 95.802872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.803915] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 95.804905] PKRU: 55555554 [ 95.805307] Call Trace: [ 95.805664] [ 95.806198] __iommufd_access_detach+0x1c2/0x2b0 [ 95.806956] iommufd_access_change_pt+0x149/0x270 [ 95.807685] iommufd_access_replace+0xb4/0x120 [ 95.808551] iommufd_test+0x3e5/0x37e0 [ 95.809095] ? lock_release+0x532/0x770 [ 95.809717] ? __might_fault+0x102/0x1b0 [ 95.810416] ? lock_acquire+0x427/0x4c0 [ 95.811040] ? __pfx_iommufd_test+0x10/0x10 [ 95.811688] ? __pfx_lock_release+0x10/0x10 [ 95.812452] ? __pfx_lock_acquire+0x10/0x10 [ 95.813053] ? write_comp_data+0x2f/0x90 [ 95.813798] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.814459] ? write_comp_data+0x2f/0x90 [ 95.815087] iommufd_fops_ioctl+0x37d/0x510 [ 95.815863] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.816532] ? write_comp_data+0x2f/0x90 [ 95.817136] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.818040] __x64_sys_ioctl+0x1a3/0x230 [ 95.818677] do_syscall_64+0x3b/0x90 [ 95.819358] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.820144] RIP: 0033:0x7f4b8743ee5d [ 95.820666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.823584] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.824607] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.825784] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.826993] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.827962] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.828901] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.829857] [ 95.830177] irq event stamp: 0 [ 95.830651] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.831518] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.832620] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.833716] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.834581] ---[ end trace 0000000000000000 ]--- [ 95.838339] ------------[ cut here ]------------ [ 95.839011] WARNING: CPU: 0 PID: 835 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.840109] Modules linked in: [ 95.840450] CPU: 0 PID: 835 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.841361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.842564] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.843071] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.844909] RSP: 0018:ffff888011ecfbd0 EFLAGS: 00010246 [ 95.845442] RAX: 0000000000000000 RBX: ffff888015d280a8 RCX: 0000000000000000 [ 95.846159] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 95.846897] RBP: ffff888011ecfbe8 R08: ffffed1002ba5033 R09: ffffed1002ba5033 [ 95.847625] R10: ffff888015d28193 R11: ffffed1002ba5032 R12: ffff888010c0b400 [ 95.848343] R13: ffff888015d281e8 R14: ffff88800fceef00 R15: 0000000000000000 [ 95.849056] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 95.849858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.850446] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 95.851230] PKRU: 55555554 [ 95.851525] Call Trace: [ 95.851788] [ 95.852020] iommufd_access_destroy_object+0x65/0x170 [ 95.852548] iommufd_object_destroy_user+0x18e/0x220 [ 95.853059] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.853645] iommufd_access_destroy+0x43/0x70 [ 95.854108] iommufd_test_staccess_release+0x8d/0xd0 [ 95.854651] __fput+0x26d/0xa40 [ 95.855001] ____fput+0x1e/0x30 [ 95.855369] task_work_run+0x1a4/0x2d0 [ 95.855781] ? __pfx_task_work_run+0x10/0x10 [ 95.856231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.856738] ? switch_task_namespaces+0xa9/0xe0 [ 95.857230] do_exit+0xb17/0x2ef0 [ 95.857585] ? lock_acquire+0x427/0x4c0 [ 95.858000] ? __pfx_lock_release+0x10/0x10 [ 95.858445] ? __kasan_check_write+0x18/0x20 [ 95.858922] ? do_raw_spin_lock+0x132/0x2a0 [ 95.859395] ? __pfx_do_exit+0x10/0x10 [ 95.859803] ? debug_smp_processor_id+0x20/0x30 [ 95.860285] ? rcu_is_watching+0x19/0xb0 [ 95.860702] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.861168] ? trace_hardirqs_on+0x26/0x120 [ 95.861612] do_group_exit+0xe0/0x2b0 [ 95.861997] __x64_sys_exit_group+0x47/0x50 [ 95.862425] do_syscall_64+0x3b/0x90 [ 95.862826] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.863361] RIP: 0033:0x7f4b87518a4d [ 95.863719] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.864289] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.864992] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.865654] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.866326] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.867012] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.867679] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.868347] [ 95.868566] irq event stamp: 0 [ 95.868858] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.869517] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.870293] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.871099] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.871710] ---[ end trace 0000000000000000 ]--- [ 95.872965] ------------[ cut here ]------------ [ 95.873621] WARNING: CPU: 1 PID: 835 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.875036] Modules linked in: [ 95.875491] CPU: 1 PID: 835 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.876586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.878000] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.878711] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.881000] RSP: 0018:ffff888011ecfb78 EFLAGS: 00010246 [ 95.881668] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.882585] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 95.883483] RBP: ffff888011ecfb98 R08: ffffed1002ba503e R09: ffffed1002ba503e [ 95.884352] R10: ffff888015d281ef R11: ffffed1002ba503d R12: ffff888015d28290 [ 95.885199] R13: ffff888015d280a8 R14: ffffffffffffffff R15: ffff888011ecfc60 [ 95.886049] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 95.887045] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.887766] CR2: 00007f82e2bd4000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 95.888613] PKRU: 55555554 [ 95.888957] Call Trace: [ 95.889270] [ 95.889546] iommufd_ioas_destroy+0x53/0x70 [ 95.890078] iommufd_fops_release+0x1f7/0x370 [ 95.890672] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.891303] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.891902] ? write_comp_data+0x2f/0x90 [ 95.892407] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.893014] __fput+0x26d/0xa40 [ 95.893438] ____fput+0x1e/0x30 [ 95.893853] task_work_run+0x1a4/0x2d0 [ 95.894336] ? __pfx_task_work_run+0x10/0x10 [ 95.894916] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.895534] ? switch_task_namespaces+0xa9/0xe0 [ 95.896115] do_exit+0xb17/0x2ef0 [ 95.896539] ? lock_acquire+0x427/0x4c0 [ 95.897035] ? __pfx_lock_release+0x10/0x10 [ 95.897567] ? __kasan_check_write+0x18/0x20 [ 95.898102] ? do_raw_spin_lock+0x132/0x2a0 [ 95.898662] ? __pfx_do_exit+0x10/0x10 [ 95.899163] ? debug_smp_processor_id+0x20/0x30 [ 95.899724] ? rcu_is_watching+0x19/0xb0 [ 95.900213] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.900739] ? trace_hardirqs_on+0x26/0x120 [ 95.901237] do_group_exit+0xe0/0x2b0 [ 95.901671] __x64_sys_exit_group+0x47/0x50 [ 95.902160] do_syscall_64+0x3b/0x90 [ 95.902629] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.903313] RIP: 0033:0x7f4b87518a4d [ 95.903625] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.904130] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.904742] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.905318] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.905892] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.906467] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.907063] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.907659] [ 95.907850] irq event stamp: 0 [ 95.908110] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.908621] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.909302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.909963] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.910454] ---[ end trace 0000000000000000 ]--- [ 95.914810] ------------[ cut here ]------------ [ 95.915224] WARNING: CPU: 1 PID: 836 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.916001] Modules linked in: [ 95.916249] CPU: 1 PID: 836 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.916918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.917785] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.918169] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.919718] RSP: 0018:ffff888020bf7bb8 EFLAGS: 00010246 [ 95.920132] RAX: 0000000000000000 RBX: ffff888017a410a8 RCX: 0000000000000000 [ 95.920680] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 95.921228] RBP: ffff888020bf7bd0 R08: ffffed1002f48233 R09: ffffed1002f48233 [ 95.921779] R10: ffff888017a41193 R11: ffffed1002f48232 R12: ffff88800b9b6c00 [ 95.922326] R13: ffff888017a411e8 R14: ffffffff8352e670 R15: ffff888020bf7e68 [ 95.922891] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 95.923522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.923969] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 95.924521] PKRU: 55555554 [ 95.924742] Call Trace: [ 95.924941] [ 95.925116] __iommufd_access_detach+0x1c2/0x2b0 [ 95.925502] iommufd_access_change_pt+0x149/0x270 [ 95.925887] iommufd_access_replace+0xb4/0x120 [ 95.926254] iommufd_test+0x3e5/0x37e0 [ 95.926593] ? lock_release+0x532/0x770 [ 95.926918] ? __might_fault+0x102/0x1b0 [ 95.927258] ? lock_acquire+0x427/0x4c0 [ 95.927581] ? __pfx_iommufd_test+0x10/0x10 [ 95.927919] ? __pfx_lock_release+0x10/0x10 [ 95.928262] ? __pfx_lock_acquire+0x10/0x10 [ 95.928612] ? write_comp_data+0x2f/0x90 [ 95.928939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.929323] ? write_comp_data+0x2f/0x90 [ 95.929650] iommufd_fops_ioctl+0x37d/0x510 [ 95.930003] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.930391] ? write_comp_data+0x2f/0x90 [ 95.930742] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 95.931132] __x64_sys_ioctl+0x1a3/0x230 [ 95.931463] do_syscall_64+0x3b/0x90 [ 95.931765] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.932180] RIP: 0033:0x7f4b8743ee5d [ 95.932471] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 95.933954] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 95.934571] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 95.935137] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 95.935692] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 95.936244] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 95.936799] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 95.937359] [ 95.937542] irq event stamp: 0 [ 95.937793] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.938283] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.938985] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.939651] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.940146] ---[ end trace 0000000000000000 ]--- [ 95.942860] ------------[ cut here ]------------ [ 95.943265] WARNING: CPU: 1 PID: 836 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 95.944042] Modules linked in: [ 95.944295] CPU: 1 PID: 836 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.944965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.945841] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 95.946231] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 95.947703] RSP: 0018:ffff888020bf7bd0 EFLAGS: 00010246 [ 95.948125] RAX: 0000000000000000 RBX: ffff888017a410a8 RCX: 0000000000000000 [ 95.948677] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 95.949227] RBP: ffff888020bf7be8 R08: ffffed1002f48233 R09: ffffed1002f48233 [ 95.949783] R10: ffff888017a41193 R11: ffffed1002f48232 R12: ffff88800f172400 [ 95.950335] R13: ffff888017a411e8 R14: ffff888014915500 R15: 0000000000000000 [ 95.950902] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 95.951548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.951999] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 95.952539] PKRU: 55555554 [ 95.952757] Call Trace: [ 95.952954] [ 95.953129] iommufd_access_destroy_object+0x65/0x170 [ 95.953537] iommufd_object_destroy_user+0x18e/0x220 [ 95.953940] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 95.954397] iommufd_access_destroy+0x43/0x70 [ 95.954774] iommufd_test_staccess_release+0x8d/0xd0 [ 95.955189] __fput+0x26d/0xa40 [ 95.955465] ____fput+0x1e/0x30 [ 95.955731] task_work_run+0x1a4/0x2d0 [ 95.956046] ? __pfx_task_work_run+0x10/0x10 [ 95.956395] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.956781] ? switch_task_namespaces+0xa9/0xe0 [ 95.957156] do_exit+0xb17/0x2ef0 [ 95.957427] ? lock_acquire+0x427/0x4c0 [ 95.957736] ? __pfx_lock_release+0x10/0x10 [ 95.958080] ? __kasan_check_write+0x18/0x20 [ 95.958428] ? do_raw_spin_lock+0x132/0x2a0 [ 95.958786] ? __pfx_do_exit+0x10/0x10 [ 95.959100] ? debug_smp_processor_id+0x20/0x30 [ 95.959471] ? rcu_is_watching+0x19/0xb0 [ 95.959781] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.960138] ? trace_hardirqs_on+0x26/0x120 [ 95.960480] do_group_exit+0xe0/0x2b0 [ 95.960782] __x64_sys_exit_group+0x47/0x50 [ 95.961117] do_syscall_64+0x3b/0x90 [ 95.961416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.961827] RIP: 0033:0x7f4b87518a4d [ 95.962116] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.962604] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.963202] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.963754] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.964315] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.964866] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.965476] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.966033] [ 95.966218] irq event stamp: 0 [ 95.966463] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.966970] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.967625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.968272] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.968761] ---[ end trace 0000000000000000 ]--- [ 95.969461] ------------[ cut here ]------------ [ 95.969829] WARNING: CPU: 1 PID: 836 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 95.970637] Modules linked in: [ 95.970892] CPU: 1 PID: 836 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 95.971566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 95.972431] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 95.972829] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 95.974225] RSP: 0018:ffff888020bf7b78 EFLAGS: 00010246 [ 95.974648] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 95.975199] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 95.975748] RBP: ffff888020bf7b98 R08: ffffed1002f4823e R09: ffffed1002f4823e [ 95.976297] R10: ffff888017a411ef R11: ffffed1002f4823d R12: ffff888017a41290 [ 95.976851] R13: ffff888017a410a8 R14: ffffffffffffffff R15: ffff888020bf7c60 [ 95.977408] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 95.978028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.978479] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 95.979054] PKRU: 55555554 [ 95.979297] Call Trace: [ 95.979501] [ 95.979677] iommufd_ioas_destroy+0x53/0x70 [ 95.980024] iommufd_fops_release+0x1f7/0x370 [ 95.980384] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.980773] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.981158] ? write_comp_data+0x2f/0x90 [ 95.981484] ? __pfx_iommufd_fops_release+0x10/0x10 [ 95.981874] __fput+0x26d/0xa40 [ 95.982151] ____fput+0x1e/0x30 [ 95.982417] task_work_run+0x1a4/0x2d0 [ 95.982750] ? __pfx_task_work_run+0x10/0x10 [ 95.983047] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 95.983105] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 95.984734] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 95.985090] ? switch_task_namespaces+0xa9/0xe0 [ 95.986541] do_exit+0xb17/0x2ef0 [ 95.986818] ? lock_acquire+0x427/0x4c0 [ 95.987145] ? __pfx_lock_release+0x10/0x10 [ 95.987488] ? __kasan_check_write+0x18/0x20 [ 95.987834] ? do_raw_spin_lock+0x132/0x2a0 [ 95.988175] ? __pfx_do_exit+0x10/0x10 [ 95.988487] ? debug_smp_processor_id+0x20/0x30 [ 95.988851] ? rcu_is_watching+0x19/0xb0 [ 95.989169] ? _raw_spin_unlock_irq+0x2b/0x60 [ 95.989527] ? trace_hardirqs_on+0x26/0x120 [ 95.989869] do_group_exit+0xe0/0x2b0 [ 95.990166] __x64_sys_exit_group+0x47/0x50 [ 95.990500] do_syscall_64+0x3b/0x90 [ 95.990814] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 95.991228] RIP: 0033:0x7f4b87518a4d [ 95.991517] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 95.991994] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 95.992579] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 95.993126] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 95.993675] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 95.994231] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 95.994799] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 95.995371] [ 95.995556] irq event stamp: 0 [ 95.995808] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 95.996303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 95.997008] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 95.997652] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 95.998141] ---[ end trace 0000000000000000 ]--- [ 96.004681] ------------[ cut here ]------------ [ 96.005100] WARNING: CPU: 0 PID: 838 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.005921] Modules linked in: [ 96.006186] CPU: 0 PID: 838 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.006942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.007864] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.008275] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.009747] RSP: 0018:ffff888023dc7bb8 EFLAGS: 00010246 [ 96.010179] RAX: 0000000000000000 RBX: ffff888011d9e0a8 RCX: 0000000000000000 [ 96.010771] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 96.011354] RBP: ffff888023dc7bd0 R08: ffffed10023b3c33 R09: ffffed10023b3c33 [ 96.011933] R10: ffff888011d9e193 R11: ffffed10023b3c32 R12: ffff888014390c00 [ 96.012513] R13: ffff888011d9e1e8 R14: ffffffff8352e670 R15: ffff888023dc7e68 [ 96.013089] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 96.013738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.014211] CR2: 00007f4b877410e8 CR3: 00000000182ec000 CR4: 0000000000750ef0 [ 96.014811] PKRU: 55555554 [ 96.015047] Call Trace: [ 96.015265] [ 96.015452] __iommufd_access_detach+0x1c2/0x2b0 [ 96.015861] iommufd_access_change_pt+0x149/0x270 [ 96.016274] iommufd_access_replace+0xb4/0x120 [ 96.016666] iommufd_test+0x3e5/0x37e0 [ 96.016990] ? lock_release+0x532/0x770 [ 96.017349] ? __might_fault+0x102/0x1b0 [ 96.017692] ? lock_acquire+0x427/0x4c0 [ 96.018029] ? __pfx_iommufd_test+0x10/0x10 [ 96.018379] ? __pfx_lock_release+0x10/0x10 [ 96.018766] ? __pfx_lock_acquire+0x10/0x10 [ 96.019140] ? write_comp_data+0x2f/0x90 [ 96.019485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.019890] ? write_comp_data+0x2f/0x90 [ 96.020233] iommufd_fops_ioctl+0x37d/0x510 [ 96.020593] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.020997] ? write_comp_data+0x2f/0x90 [ 96.021343] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.021747] __x64_sys_ioctl+0x1a3/0x230 [ 96.022094] do_syscall_64+0x3b/0x90 [ 96.022411] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.022860] RIP: 0033:0x7f4b8743ee5d [ 96.023183] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.024657] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.025280] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.025862] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.026440] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.027042] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.027636] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.028223] [ 96.028415] irq event stamp: 0 [ 96.028675] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.029189] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.029876] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.030579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.031098] ---[ end trace 0000000000000000 ]--- [ 96.034369] ------------[ cut here ]------------ [ 96.034880] WARNING: CPU: 1 PID: 838 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.036136] Modules linked in: [ 96.036404] CPU: 1 PID: 838 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.037481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.038585] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.039094] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.040816] RSP: 0018:ffff888023dc7bd0 EFLAGS: 00010246 [ 96.041269] RAX: 0000000000000000 RBX: ffff888011d9e0a8 RCX: 0000000000000000 [ 96.042056] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 96.042676] RBP: ffff888023dc7be8 R08: ffffed10023b3c33 R09: ffffed10023b3c33 [ 96.043464] R10: ffff888011d9e193 R11: ffffed10023b3c32 R12: ffff88800fd3c400 [ 96.044074] R13: ffff888011d9e1e8 R14: ffff888013a64a00 R15: 0000000000000000 [ 96.044695] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.045567] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.046068] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 96.046750] PKRU: 55555554 [ 96.047107] Call Trace: [ 96.047337] [ 96.047540] iommufd_access_destroy_object+0x65/0x170 [ 96.047996] iommufd_object_destroy_user+0x18e/0x220 [ 96.048450] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.049137] iommufd_access_destroy+0x43/0x70 [ 96.049539] iommufd_test_staccess_release+0x8d/0xd0 [ 96.049995] __fput+0x26d/0xa40 [ 96.050443] ____fput+0x1e/0x30 [ 96.050760] task_work_run+0x1a4/0x2d0 [ 96.051119] ? __pfx_task_work_run+0x10/0x10 [ 96.051511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.051947] ? switch_task_namespaces+0xa9/0xe0 [ 96.052548] do_exit+0xb17/0x2ef0 [ 96.052856] ? lock_acquire+0x427/0x4c0 [ 96.053209] ? __pfx_lock_release+0x10/0x10 [ 96.053612] ? __kasan_check_write+0x18/0x20 [ 96.054122] ? do_raw_spin_lock+0x132/0x2a0 [ 96.054530] ? __pfx_do_exit+0x10/0x10 [ 96.054885] ? debug_smp_processor_id+0x20/0x30 [ 96.055301] ? rcu_is_watching+0x19/0xb0 [ 96.055695] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.056206] ? trace_hardirqs_on+0x26/0x120 [ 96.056593] do_group_exit+0xe0/0x2b0 [ 96.056935] __x64_sys_exit_group+0x47/0x50 [ 96.057447] do_syscall_64+0x3b/0x90 [ 96.057785] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.058244] RIP: 0033:0x7f4b87518a4d [ 96.058595] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.059154] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.059956] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.060575] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.061421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.062048] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.062858] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.063496] [ 96.063701] irq event stamp: 0 [ 96.063977] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.064705] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.065431] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.066321] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.066890] ---[ end trace 0000000000000000 ]--- [ 96.067741] ------------[ cut here ]------------ [ 96.068263] WARNING: CPU: 1 PID: 838 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.069139] Modules linked in: [ 96.069540] CPU: 1 PID: 838 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.070292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.071519] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.071977] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.073698] RSP: 0018:ffff888023dc7b78 EFLAGS: 00010246 [ 96.074162] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.074903] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 96.075534] RBP: ffff888023dc7b98 R08: ffffed10023b3c3e R09: ffffed10023b3c3e [ 96.076165] R10: ffff888011d9e1ef R11: ffffed10023b3c3d R12: ffff888011d9e290 [ 96.076939] R13: ffff888011d9e0a8 R14: ffffffffffffffff R15: ffff888023dc7c60 [ 96.077563] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.078406] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.078938] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 96.079578] PKRU: 55555554 [ 96.079885] Call Trace: [ 96.080192] [ 96.080394] iommufd_ioas_destroy+0x53/0x70 [ 96.080780] iommufd_fops_release+0x1f7/0x370 [ 96.081251] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.081810] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.082239] ? write_comp_data+0x2f/0x90 [ 96.082623] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.083065] __fput+0x26d/0xa40 [ 96.083467] ____fput+0x1e/0x30 [ 96.083775] task_work_run+0x1a4/0x2d0 [ 96.084128] ? __pfx_task_work_run+0x10/0x10 [ 96.084517] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.085018] ? switch_task_namespaces+0xa9/0xe0 [ 96.085485] do_exit+0xb17/0x2ef0 [ 96.085791] ? lock_acquire+0x427/0x4c0 [ 96.086150] ? __pfx_lock_release+0x10/0x10 [ 96.086711] ? __kasan_check_write+0x18/0x20 [ 96.087149] ? do_raw_spin_lock+0x132/0x2a0 [ 96.087558] ? __pfx_do_exit+0x10/0x10 [ 96.087927] ? debug_smp_processor_id+0x20/0x30 [ 96.088408] ? rcu_is_watching+0x19/0xb0 [ 96.088911] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.089337] ? trace_hardirqs_on+0x26/0x120 [ 96.089741] do_group_exit+0xe0/0x2b0 [ 96.090237] __x64_sys_exit_group+0x47/0x50 [ 96.090673] do_syscall_64+0x3b/0x90 [ 96.091038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.091539] RIP: 0033:0x7f4b87518a4d [ 96.091909] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.092617] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.093385] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.094217] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.094901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.095597] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.096397] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.097070] [ 96.097390] irq event stamp: 0 [ 96.097749] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.098344] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.099273] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.100066] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.100652] ---[ end trace 0000000000000000 ]--- [ 96.105874] ------------[ cut here ]------------ [ 96.106356] WARNING: CPU: 1 PID: 839 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.107407] Modules linked in: [ 96.107807] CPU: 1 PID: 839 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.108608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.109795] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.110258] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.112182] RSP: 0018:ffff8880172d7bb8 EFLAGS: 00010246 [ 96.112718] RAX: 0000000000000000 RBX: ffff88801587a0a8 RCX: 0000000000000000 [ 96.113576] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 96.114236] RBP: ffff8880172d7bd0 R08: ffffed1002b0f433 R09: ffffed1002b0f433 [ 96.114936] R10: ffff88801587a193 R11: ffffed1002b0f432 R12: ffff88801226e800 [ 96.115604] R13: ffff88801587a1e8 R14: ffffffff8352e670 R15: ffff8880172d7e68 [ 96.116467] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.117237] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.117773] CR2: 00007f4b877410e8 CR3: 00000000182ec000 CR4: 0000000000750ee0 [ 96.118431] PKRU: 55555554 [ 96.118720] Call Trace: [ 96.119037] [ 96.119373] __iommufd_access_detach+0x1c2/0x2b0 [ 96.119832] iommufd_access_change_pt+0x149/0x270 [ 96.120292] iommufd_access_replace+0xb4/0x120 [ 96.120729] iommufd_test+0x3e5/0x37e0 [ 96.121093] ? lock_release+0x532/0x770 [ 96.121471] ? __might_fault+0x102/0x1b0 [ 96.121864] ? lock_acquire+0x427/0x4c0 [ 96.122366] ? __pfx_iommufd_test+0x10/0x10 [ 96.122874] ? __pfx_lock_release+0x10/0x10 [ 96.123303] ? __pfx_lock_acquire+0x10/0x10 [ 96.123715] ? write_comp_data+0x2f/0x90 [ 96.124102] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.124559] ? write_comp_data+0x2f/0x90 [ 96.125039] iommufd_fops_ioctl+0x37d/0x510 [ 96.125528] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.126108] ? write_comp_data+0x2f/0x90 [ 96.126496] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.126991] __x64_sys_ioctl+0x1a3/0x230 [ 96.127392] do_syscall_64+0x3b/0x90 [ 96.127756] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.128247] RIP: 0033:0x7f4b8743ee5d [ 96.128627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.130464] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.131204] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.131901] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.132718] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.133382] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.134046] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.134730] [ 96.134951] irq event stamp: 0 [ 96.135250] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.135839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.136607] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.137372] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.137953] ---[ end trace 0000000000000000 ]--- [ 96.141111] ------------[ cut here ]------------ [ 96.141585] WARNING: CPU: 1 PID: 839 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.142494] Modules linked in: [ 96.142829] CPU: 1 PID: 839 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.143623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.144643] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.145092] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.146755] RSP: 0018:ffff8880172d7bd0 EFLAGS: 00010246 [ 96.147252] RAX: 0000000000000000 RBX: ffff88801587a0a8 RCX: 0000000000000000 [ 96.147896] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 96.148535] RBP: ffff8880172d7be8 R08: ffffed1002b0f433 R09: ffffed1002b0f433 [ 96.149187] R10: ffff88801587a193 R11: ffffed1002b0f432 R12: ffff88800b9b7000 [ 96.149827] R13: ffff88801587a1e8 R14: ffff8880149bb600 R15: 0000000000000000 [ 96.150467] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.151217] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.151749] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.152398] PKRU: 55555554 [ 96.152657] Call Trace: [ 96.152889] [ 96.153094] iommufd_access_destroy_object+0x65/0x170 [ 96.153539] iommufd_object_destroy_user+0x18e/0x220 [ 96.153982] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.154484] iommufd_access_destroy+0x43/0x70 [ 96.154902] iommufd_test_staccess_release+0x8d/0xd0 [ 96.155351] __fput+0x26d/0xa40 [ 96.155650] ____fput+0x1e/0x30 [ 96.155945] task_work_run+0x1a4/0x2d0 [ 96.156289] ? __pfx_task_work_run+0x10/0x10 [ 96.156674] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.157176] ? switch_task_namespaces+0xa9/0xe0 [ 96.157584] do_exit+0xb17/0x2ef0 [ 96.157882] ? lock_acquire+0x427/0x4c0 [ 96.158233] ? __pfx_lock_release+0x10/0x10 [ 96.158640] ? __kasan_check_write+0x18/0x20 [ 96.159025] ? do_raw_spin_lock+0x132/0x2a0 [ 96.159410] ? __pfx_do_exit+0x10/0x10 [ 96.159753] ? debug_smp_processor_id+0x20/0x30 [ 96.160161] ? rcu_is_watching+0x19/0xb0 [ 96.160518] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.160918] ? trace_hardirqs_on+0x26/0x120 [ 96.161295] do_group_exit+0xe0/0x2b0 [ 96.161624] __x64_sys_exit_group+0x47/0x50 [ 96.161995] do_syscall_64+0x3b/0x90 [ 96.162322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.162788] RIP: 0033:0x7f4b87518a4d [ 96.163116] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.163644] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.164293] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.164906] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.165516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.166131] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.166756] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.167383] [ 96.167588] irq event stamp: 0 [ 96.167861] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.168400] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.169125] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.169833] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.170369] ---[ end trace 0000000000000000 ]--- [ 96.171150] ------------[ cut here ]------------ [ 96.171556] WARNING: CPU: 1 PID: 839 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.172435] Modules linked in: [ 96.172718] CPU: 1 PID: 839 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.173465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.174437] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.174906] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.176479] RSP: 0018:ffff8880172d7b78 EFLAGS: 00010246 [ 96.176938] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.177548] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 96.178168] RBP: ffff8880172d7b98 R08: ffffed1002b0f43e R09: ffffed1002b0f43e [ 96.178790] R10: ffff88801587a1ef R11: ffffed1002b0f43d R12: ffff88801587a290 [ 96.179409] R13: ffff88801587a0a8 R14: ffffffffffffffff R15: ffff8880172d7c60 [ 96.179989] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.180633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.181101] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.181677] PKRU: 55555554 [ 96.181907] Call Trace: [ 96.182112] [ 96.182297] iommufd_ioas_destroy+0x53/0x70 [ 96.182669] iommufd_fops_release+0x1f7/0x370 [ 96.183038] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.183450] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.183852] ? write_comp_data+0x2f/0x90 [ 96.184189] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.184596] __fput+0x26d/0xa40 [ 96.184882] ____fput+0x1e/0x30 [ 96.185157] task_work_run+0x1a4/0x2d0 [ 96.185482] ? __pfx_task_work_run+0x10/0x10 [ 96.185847] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.186251] ? switch_task_namespaces+0xa9/0xe0 [ 96.186656] do_exit+0xb17/0x2ef0 [ 96.186948] ? lock_acquire+0x427/0x4c0 [ 96.187293] ? __pfx_lock_release+0x10/0x10 [ 96.187653] ? __kasan_check_write+0x18/0x20 [ 96.188017] ? do_raw_spin_lock+0x132/0x2a0 [ 96.188369] ? __pfx_do_exit+0x10/0x10 [ 96.188695] ? debug_smp_processor_id+0x20/0x30 [ 96.189139] ? rcu_is_watching+0x19/0xb0 [ 96.189476] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.189848] ? trace_hardirqs_on+0x26/0x120 [ 96.190208] do_group_exit+0xe0/0x2b0 [ 96.190535] __x64_sys_exit_group+0x47/0x50 [ 96.190885] do_syscall_64+0x3b/0x90 [ 96.191210] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.191641] RIP: 0033:0x7f4b87518a4d [ 96.191942] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.192440] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.193054] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.193633] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.194211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.194828] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.195416] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.196002] [ 96.196194] irq event stamp: 0 [ 96.196450] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.196963] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.197639] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.198315] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.198846] ---[ end trace 0000000000000000 ]--- [ 96.203537] ------------[ cut here ]------------ [ 96.203959] WARNING: CPU: 1 PID: 840 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.204765] Modules linked in: [ 96.205024] CPU: 1 PID: 840 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.205721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.206808] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.207223] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.208690] RSP: 0018:ffff8880101bfbb8 EFLAGS: 00010246 [ 96.209121] RAX: 0000000000000000 RBX: ffff888023dc18a8 RCX: 0000000000000000 [ 96.209696] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 96.210267] RBP: ffff8880101bfbd0 R08: ffffed10047b8333 R09: ffffed10047b8333 [ 96.210863] R10: ffff888023dc1993 R11: ffffed10047b8332 R12: ffff88801341ec00 [ 96.211449] R13: ffff888023dc19e8 R14: ffffffff8352e670 R15: ffff8880101bfe68 [ 96.212024] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.212682] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.213150] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 96.213736] PKRU: 55555554 [ 96.213967] Call Trace: [ 96.214174] [ 96.214358] __iommufd_access_detach+0x1c2/0x2b0 [ 96.214775] iommufd_access_change_pt+0x149/0x270 [ 96.215181] iommufd_access_replace+0xb4/0x120 [ 96.215562] iommufd_test+0x3e5/0x37e0 [ 96.215880] ? lock_release+0x532/0x770 [ 96.216218] ? __might_fault+0x102/0x1b0 [ 96.216556] ? lock_acquire+0x427/0x4c0 [ 96.216892] ? __pfx_iommufd_test+0x10/0x10 [ 96.217239] ? __pfx_lock_release+0x10/0x10 [ 96.217599] ? __pfx_lock_acquire+0x10/0x10 [ 96.217963] ? write_comp_data+0x2f/0x90 [ 96.218305] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.218726] ? write_comp_data+0x2f/0x90 [ 96.219074] iommufd_fops_ioctl+0x37d/0x510 [ 96.219446] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.219852] ? write_comp_data+0x2f/0x90 [ 96.220190] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.220586] __x64_sys_ioctl+0x1a3/0x230 [ 96.220991] do_syscall_64+0x3b/0x90 [ 96.221306] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.221735] RIP: 0033:0x7f4b8743ee5d [ 96.222037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.223522] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.224149] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.224723] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.225292] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.225863] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.226436] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.227039] [ 96.227242] irq event stamp: 0 [ 96.227503] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.228013] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.228689] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.229367] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.229873] ---[ end trace 0000000000000000 ]--- [ 96.232671] ------------[ cut here ]------------ [ 96.233090] WARNING: CPU: 1 PID: 840 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.233902] Modules linked in: [ 96.234162] CPU: 1 PID: 840 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.234887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.235814] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.236337] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.237988] RSP: 0018:ffff8880101bfbd0 EFLAGS: 00010246 [ 96.238492] RAX: 0000000000000000 RBX: ffff888023dc18a8 RCX: 0000000000000000 [ 96.239093] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 96.239763] RBP: ffff8880101bfbe8 R08: ffffed10047b8333 R09: ffffed10047b8333 [ 96.240406] R10: ffff888023dc1993 R11: ffffed10047b8332 R12: ffff88801226e400 [ 96.240982] R13: ffff888023dc19e8 R14: ffff88801287e800 R15: 0000000000000000 [ 96.241695] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.242357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.242974] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.243561] PKRU: 55555554 [ 96.243797] Call Trace: [ 96.244008] [ 96.244195] iommufd_access_destroy_object+0x65/0x170 [ 96.244749] iommufd_object_destroy_user+0x18e/0x220 [ 96.245174] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.245650] iommufd_access_destroy+0x43/0x70 [ 96.246138] iommufd_test_staccess_release+0x8d/0xd0 [ 96.246591] __fput+0x26d/0xa40 [ 96.246886] ____fput+0x1e/0x30 [ 96.247178] task_work_run+0x1a4/0x2d0 [ 96.247505] ? __pfx_task_work_run+0x10/0x10 [ 96.247870] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.248389] ? switch_task_namespaces+0xa9/0xe0 [ 96.248786] do_exit+0xb17/0x2ef0 [ 96.249071] ? lock_acquire+0x427/0x4c0 [ 96.249452] ? __pfx_lock_release+0x10/0x10 [ 96.249872] ? __kasan_check_write+0x18/0x20 [ 96.250241] ? do_raw_spin_lock+0x132/0x2a0 [ 96.250616] ? __pfx_do_exit+0x10/0x10 [ 96.250946] ? debug_smp_processor_id+0x20/0x30 [ 96.251408] ? rcu_is_watching+0x19/0xb0 [ 96.251794] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.252171] ? trace_hardirqs_on+0x26/0x120 [ 96.252531] do_group_exit+0xe0/0x2b0 [ 96.253015] __x64_sys_exit_group+0x47/0x50 [ 96.253374] do_syscall_64+0x3b/0x90 [ 96.253694] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.254124] RIP: 0033:0x7f4b87518a4d [ 96.254588] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.255094] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.255722] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.256421] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.257008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.257624] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.258275] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.258898] [ 96.259177] irq event stamp: 0 [ 96.259444] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.259960] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.260638] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.261426] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.261938] ---[ end trace 0000000000000000 ]--- [ 96.262841] ------------[ cut here ]------------ [ 96.263239] WARNING: CPU: 1 PID: 840 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.264138] Modules linked in: [ 96.264448] CPU: 1 PID: 840 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.265146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.266186] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.266659] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.268264] RSP: 0018:ffff8880101bfb78 EFLAGS: 00010246 [ 96.268717] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.269391] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 96.269966] RBP: ffff8880101bfb98 R08: ffffed10047b833e R09: ffffed10047b833e [ 96.270730] R10: ffff888023dc19ef R11: ffffed10047b833d R12: ffff888023dc1a90 [ 96.271361] R13: ffff888023dc18a8 R14: ffffffffffffffff R15: ffff8880101bfc60 [ 96.272011] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.272762] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.273257] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 96.274009] PKRU: 55555554 [ 96.274253] Call Trace: [ 96.274471] [ 96.274698] iommufd_ioas_destroy+0x53/0x70 [ 96.275082] iommufd_fops_release+0x1f7/0x370 [ 96.275612] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.276045] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.276470] ? write_comp_data+0x2f/0x90 [ 96.276908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.277392] __fput+0x26d/0xa40 [ 96.277698] ____fput+0x1e/0x30 [ 96.277997] task_work_run+0x1a4/0x2d0 [ 96.278345] ? __pfx_task_work_run+0x10/0x10 [ 96.278756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.279195] ? switch_task_namespaces+0xa9/0xe0 [ 96.279613] do_exit+0xb17/0x2ef0 [ 96.279919] ? lock_acquire+0x427/0x4c0 [ 96.280275] ? __pfx_lock_release+0x10/0x10 [ 96.280656] ? __kasan_check_write+0x18/0x20 [ 96.281042] ? do_raw_spin_lock+0x132/0x2a0 [ 96.281414] ? __pfx_do_exit+0x10/0x10 [ 96.281758] ? debug_smp_processor_id+0x20/0x30 [ 96.282165] ? rcu_is_watching+0x19/0xb0 [ 96.282542] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.282944] ? trace_hardirqs_on+0x26/0x120 [ 96.283336] do_group_exit+0xe0/0x2b0 [ 96.283669] __x64_sys_exit_group+0x47/0x50 [ 96.284042] do_syscall_64+0x3b/0x90 [ 96.284372] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.284827] RIP: 0033:0x7f4b87518a4d [ 96.285210] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.285743] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.286396] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.287029] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.287644] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.288253] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.288863] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.289482] [ 96.289687] irq event stamp: 0 [ 96.289958] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.290503] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.291251] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.291967] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.292508] ---[ end trace 0000000000000000 ]--- [ 96.296980] ------------[ cut here ]------------ [ 96.297427] WARNING: CPU: 1 PID: 841 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.298285] Modules linked in: [ 96.298750] CPU: 1 PID: 841 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.299503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.300462] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.300888] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.302447] RSP: 0018:ffff888015cd7bb8 EFLAGS: 00010246 [ 96.302929] RAX: 0000000000000000 RBX: ffff888012cb28a8 RCX: 0000000000000000 [ 96.303559] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 96.304174] RBP: ffff888015cd7bd0 R08: ffffed1002596533 R09: ffffed1002596533 [ 96.304792] R10: ffff888012cb2993 R11: ffffed1002596532 R12: ffff888016631c00 [ 96.305409] R13: ffff888012cb29e8 R14: ffffffff8352e670 R15: ffff888015cd7e68 [ 96.306027] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.306734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.307245] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 96.307861] PKRU: 55555554 [ 96.308107] Call Trace: [ 96.308328] [ 96.308526] __iommufd_access_detach+0x1c2/0x2b0 [ 96.308947] iommufd_access_change_pt+0x149/0x270 [ 96.309374] iommufd_access_replace+0xb4/0x120 [ 96.309775] iommufd_test+0x3e5/0x37e0 [ 96.310115] ? lock_release+0x532/0x770 [ 96.310466] ? __might_fault+0x102/0x1b0 [ 96.310828] ? lock_acquire+0x427/0x4c0 [ 96.311173] ? __pfx_iommufd_test+0x10/0x10 [ 96.311531] ? __pfx_lock_release+0x10/0x10 [ 96.311890] ? __pfx_lock_acquire+0x10/0x10 [ 96.312249] ? write_comp_data+0x2f/0x90 [ 96.312597] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.313002] ? write_comp_data+0x2f/0x90 [ 96.313344] iommufd_fops_ioctl+0x37d/0x510 [ 96.313703] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.314110] ? write_comp_data+0x2f/0x90 [ 96.314451] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.314867] __x64_sys_ioctl+0x1a3/0x230 [ 96.315224] do_syscall_64+0x3b/0x90 [ 96.315542] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.315971] RIP: 0033:0x7f4b8743ee5d [ 96.316276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.317810] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.318423] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.319018] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.319618] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.320192] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.320768] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.321347] [ 96.321538] irq event stamp: 0 [ 96.321798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.322310] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.323002] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.323688] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.324197] ---[ end trace 0000000000000000 ]--- [ 96.326996] ------------[ cut here ]------------ [ 96.327419] WARNING: CPU: 1 PID: 841 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.328224] Modules linked in: [ 96.328484] CPU: 1 PID: 841 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.329179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.330077] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.330477] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.331995] RSP: 0018:ffff888015cd7bd0 EFLAGS: 00010246 [ 96.332427] RAX: 0000000000000000 RBX: ffff888012cb28a8 RCX: 0000000000000000 [ 96.333001] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 96.333571] RBP: ffff888015cd7be8 R08: ffffed1002596533 R09: ffffed1002596533 [ 96.334141] R10: ffff888012cb2993 R11: ffffed1002596532 R12: ffff88801341e400 [ 96.334746] R13: ffff888012cb29e8 R14: ffff88800fd0e700 R15: 0000000000000000 [ 96.335345] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.336000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.336468] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.337040] PKRU: 55555554 [ 96.337268] Call Trace: [ 96.337484] [ 96.337670] iommufd_access_destroy_object+0x65/0x170 [ 96.338094] iommufd_object_destroy_user+0x18e/0x220 [ 96.338540] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.339025] iommufd_access_destroy+0x43/0x70 [ 96.339411] iommufd_test_staccess_release+0x8d/0xd0 [ 96.339837] __fput+0x26d/0xa40 [ 96.340124] ____fput+0x1e/0x30 [ 96.340406] task_work_run+0x1a4/0x2d0 [ 96.340739] ? __pfx_task_work_run+0x10/0x10 [ 96.341107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.341511] ? switch_task_namespaces+0xa9/0xe0 [ 96.341901] do_exit+0xb17/0x2ef0 [ 96.342186] ? lock_acquire+0x427/0x4c0 [ 96.342542] ? __pfx_lock_release+0x10/0x10 [ 96.342900] ? __kasan_check_write+0x18/0x20 [ 96.343276] ? do_raw_spin_lock+0x132/0x2a0 [ 96.343630] ? __pfx_do_exit+0x10/0x10 [ 96.343955] ? debug_smp_processor_id+0x20/0x30 [ 96.344340] ? rcu_is_watching+0x19/0xb0 [ 96.344673] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.345051] ? trace_hardirqs_on+0x26/0x120 [ 96.345412] do_group_exit+0xe0/0x2b0 [ 96.345724] __x64_sys_exit_group+0x47/0x50 [ 96.346073] do_syscall_64+0x3b/0x90 [ 96.346382] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.346838] RIP: 0033:0x7f4b87518a4d [ 96.347151] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.347654] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.348266] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.348842] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.349465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.350044] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.350644] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.351251] [ 96.351444] irq event stamp: 0 [ 96.351704] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.352219] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.352894] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.353568] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.354085] ---[ end trace 0000000000000000 ]--- [ 96.354836] ------------[ cut here ]------------ [ 96.355235] WARNING: CPU: 1 PID: 841 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.356053] Modules linked in: [ 96.356332] CPU: 1 PID: 841 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.357040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.357940] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.358353] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.359982] RSP: 0018:ffff888015cd7b78 EFLAGS: 00010246 [ 96.360425] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.360997] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 96.361568] RBP: ffff888015cd7b98 R08: ffffed100259653e R09: ffffed100259653e [ 96.362140] R10: ffff888012cb29ef R11: ffffed100259653d R12: ffff888012cb2a90 [ 96.362728] R13: ffff888012cb28a8 R14: ffffffffffffffff R15: ffff888015cd7c60 [ 96.363318] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.363968] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.364442] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.365026] PKRU: 55555554 [ 96.365265] Call Trace: [ 96.365480] [ 96.365666] iommufd_ioas_destroy+0x53/0x70 [ 96.366024] iommufd_fops_release+0x1f7/0x370 [ 96.366399] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.366851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.367295] ? write_comp_data+0x2f/0x90 [ 96.367650] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.368084] __fput+0x26d/0xa40 [ 96.368380] ____fput+0x1e/0x30 [ 96.368671] task_work_run+0x1a4/0x2d0 [ 96.369013] ? __pfx_task_work_run+0x10/0x10 [ 96.369398] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.369828] ? switch_task_namespaces+0xa9/0xe0 [ 96.370243] do_exit+0xb17/0x2ef0 [ 96.370570] ? lock_acquire+0x427/0x4c0 [ 96.370927] ? __pfx_lock_release+0x10/0x10 [ 96.371317] ? __kasan_check_write+0x18/0x20 [ 96.371702] ? do_raw_spin_lock+0x132/0x2a0 [ 96.372078] ? __pfx_do_exit+0x10/0x10 [ 96.372427] ? debug_smp_processor_id+0x20/0x30 [ 96.372840] ? rcu_is_watching+0x19/0xb0 [ 96.373195] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.373589] ? trace_hardirqs_on+0x26/0x120 [ 96.373973] do_group_exit+0xe0/0x2b0 [ 96.374309] __x64_sys_exit_group+0x47/0x50 [ 96.374717] do_syscall_64+0x3b/0x90 [ 96.375051] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.375510] RIP: 0033:0x7f4b87518a4d [ 96.375834] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.376366] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.377021] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.377632] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.378247] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.378888] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.379508] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.380125] [ 96.380323] irq event stamp: 0 [ 96.380598] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.381195] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.381921] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.382661] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.383227] ---[ end trace 0000000000000000 ]--- [ 96.387774] ------------[ cut here ]------------ [ 96.388229] WARNING: CPU: 1 PID: 842 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.389093] Modules linked in: [ 96.389372] CPU: 1 PID: 842 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.390112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.391168] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.391605] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.393171] RSP: 0018:ffff8880185dfbb8 EFLAGS: 00010246 [ 96.393636] RAX: 0000000000000000 RBX: ffff8880146a60a8 RCX: 0000000000000000 [ 96.394245] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 96.394882] RBP: ffff8880185dfbd0 R08: ffffed10028d4c33 R09: ffffed10028d4c33 [ 96.395521] R10: ffff8880146a6193 R11: ffffed10028d4c32 R12: ffff88800fd3fc00 [ 96.396132] R13: ffff8880146a61e8 R14: ffffffff8352e670 R15: ffff8880185dfe68 [ 96.396748] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.397441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.397940] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ee0 [ 96.398572] PKRU: 55555554 [ 96.398821] Call Trace: [ 96.399046] [ 96.399248] __iommufd_access_detach+0x1c2/0x2b0 [ 96.399676] iommufd_access_change_pt+0x149/0x270 [ 96.400103] iommufd_access_replace+0xb4/0x120 [ 96.400506] iommufd_test+0x3e5/0x37e0 [ 96.400844] ? lock_release+0x532/0x770 [ 96.401200] ? __might_fault+0x102/0x1b0 [ 96.401558] ? lock_acquire+0x427/0x4c0 [ 96.401915] ? __pfx_iommufd_test+0x10/0x10 [ 96.402296] ? __pfx_lock_release+0x10/0x10 [ 96.402708] ? __pfx_lock_acquire+0x10/0x10 [ 96.403101] ? write_comp_data+0x2f/0x90 [ 96.403476] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.403901] ? write_comp_data+0x2f/0x90 [ 96.404261] iommufd_fops_ioctl+0x37d/0x510 [ 96.404640] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.405065] ? write_comp_data+0x2f/0x90 [ 96.405426] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.405855] __x64_sys_ioctl+0x1a3/0x230 [ 96.406223] do_syscall_64+0x3b/0x90 [ 96.406582] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.407042] RIP: 0033:0x7f4b8743ee5d [ 96.407369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.408933] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.409589] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.410198] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.410831] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.411460] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.412081] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.412713] [ 96.412920] irq event stamp: 0 [ 96.413255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.413827] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.414616] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.415392] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.415966] ---[ end trace 0000000000000000 ]--- [ 96.418925] ------------[ cut here ]------------ [ 96.419403] WARNING: CPU: 1 PID: 842 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.420314] Modules linked in: [ 96.420610] CPU: 1 PID: 842 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.421398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.422434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.422964] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.424631] RSP: 0018:ffff8880185dfbd0 EFLAGS: 00010246 [ 96.425124] RAX: 0000000000000000 RBX: ffff8880146a60a8 RCX: 0000000000000000 [ 96.425768] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 96.426414] RBP: ffff8880185dfbe8 R08: ffffed10028d4c33 R09: ffffed10028d4c33 [ 96.427088] R10: ffff8880146a6193 R11: ffffed10028d4c32 R12: ffff888016630c00 [ 96.427750] R13: ffff8880146a61e8 R14: ffff8880143e0700 R15: 0000000000000000 [ 96.428411] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.429151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.429685] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.430333] PKRU: 55555554 [ 96.430621] Call Trace: [ 96.430859] [ 96.431070] iommufd_access_destroy_object+0x65/0x170 [ 96.431580] iommufd_object_destroy_user+0x18e/0x220 [ 96.432059] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.432589] iommufd_access_destroy+0x43/0x70 [ 96.433013] iommufd_test_staccess_release+0x8d/0xd0 [ 96.433487] __fput+0x26d/0xa40 [ 96.433806] ____fput+0x1e/0x30 [ 96.434123] task_work_run+0x1a4/0x2d0 [ 96.434491] ? __pfx_task_work_run+0x10/0x10 [ 96.434929] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.435396] ? switch_task_namespaces+0xa9/0xe0 [ 96.435833] do_exit+0xb17/0x2ef0 [ 96.436154] ? lock_acquire+0x427/0x4c0 [ 96.436533] ? __pfx_lock_release+0x10/0x10 [ 96.436935] ? __kasan_check_write+0x18/0x20 [ 96.437344] ? do_raw_spin_lock+0x132/0x2a0 [ 96.437745] ? __pfx_do_exit+0x10/0x10 [ 96.438111] ? debug_smp_processor_id+0x20/0x30 [ 96.438575] ? rcu_is_watching+0x19/0xb0 [ 96.438966] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.439411] ? trace_hardirqs_on+0x26/0x120 [ 96.439823] do_group_exit+0xe0/0x2b0 [ 96.440179] __x64_sys_exit_group+0x47/0x50 [ 96.440577] do_syscall_64+0x3b/0x90 [ 96.440942] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.441436] RIP: 0033:0x7f4b87518a4d [ 96.441787] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.442349] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.443081] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.443761] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.444413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.445138] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.445798] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.446460] [ 96.446701] irq event stamp: 0 [ 96.446997] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.447603] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.448392] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.449183] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.449784] ---[ end trace 0000000000000000 ]--- [ 96.450621] ------------[ cut here ]------------ [ 96.451075] WARNING: CPU: 1 PID: 842 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.452025] Modules linked in: [ 96.452323] CPU: 1 PID: 842 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.453131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.454192] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.454703] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.456414] RSP: 0018:ffff8880185dfb78 EFLAGS: 00010246 [ 96.456918] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.457584] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 96.458250] RBP: ffff8880185dfb98 R08: ffffed10028d4c3e R09: ffffed10028d4c3e [ 96.458944] R10: ffff8880146a61ef R11: ffffed10028d4c3d R12: ffff8880146a6290 [ 96.459631] R13: ffff8880146a60a8 R14: ffffffffffffffff R15: ffff8880185dfc60 [ 96.460303] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.461060] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.461602] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.462275] PKRU: 55555554 [ 96.462565] Call Trace: [ 96.462815] [ 96.463032] iommufd_ioas_destroy+0x53/0x70 [ 96.463472] iommufd_fops_release+0x1f7/0x370 [ 96.463916] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.464399] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.464871] ? write_comp_data+0x2f/0x90 [ 96.465264] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.465735] __fput+0x26d/0xa40 [ 96.466056] ____fput+0x1e/0x30 [ 96.466368] task_work_run+0x1a4/0x2d0 [ 96.466778] ? __pfx_task_work_run+0x10/0x10 [ 96.467207] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.467678] ? switch_task_namespaces+0xa9/0xe0 [ 96.468128] do_exit+0xb17/0x2ef0 [ 96.468458] ? lock_acquire+0x427/0x4c0 [ 96.468841] ? __pfx_lock_release+0x10/0x10 [ 96.469260] ? __kasan_check_write+0x18/0x20 [ 96.469684] ? do_raw_spin_lock+0x132/0x2a0 [ 96.470090] ? __pfx_do_exit+0x10/0x10 [ 96.470463] ? debug_smp_processor_id+0x20/0x30 [ 96.470923] ? rcu_is_watching+0x19/0xb0 [ 96.471321] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.471751] ? trace_hardirqs_on+0x26/0x120 [ 96.472166] do_group_exit+0xe0/0x2b0 [ 96.472533] __x64_sys_exit_group+0x47/0x50 [ 96.472937] do_syscall_64+0x3b/0x90 [ 96.473295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.473784] RIP: 0033:0x7f4b87518a4d [ 96.474134] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.474732] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.475462] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.476143] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.476823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.477550] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.478218] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.478928] [ 96.479159] irq event stamp: 0 [ 96.479462] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.480061] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.480845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.481644] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.482247] ---[ end trace 0000000000000000 ]--- [ 96.486441] ------------[ cut here ]------------ [ 96.486976] WARNING: CPU: 1 PID: 843 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.487936] Modules linked in: [ 96.488236] CPU: 1 PID: 843 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.489031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.490064] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.490605] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.492601] RSP: 0018:ffff88801837fbb8 EFLAGS: 00010246 [ 96.493106] RAX: 0000000000000000 RBX: ffff888010f0d0a8 RCX: 0000000000000000 [ 96.493795] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 96.494643] RBP: ffff88801837fbd0 R08: ffffed10021e1a33 R09: ffffed10021e1a33 [ 96.495347] R10: ffff888010f0d193 R11: ffffed10021e1a32 R12: ffff888016c9a800 [ 96.496364] R13: ffff888010f0d1e8 R14: ffffffff8352e670 R15: ffff88801837fe68 [ 96.497260] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.498689] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.499458] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 96.500575] PKRU: 55555554 [ 96.500946] Call Trace: [ 96.501271] [ 96.501561] __iommufd_access_detach+0x1c2/0x2b0 [ 96.502394] iommufd_access_change_pt+0x149/0x270 [ 96.503099] iommufd_access_replace+0xb4/0x120 [ 96.503787] iommufd_test+0x3e5/0x37e0 [ 96.504365] ? lock_release+0x532/0x770 [ 96.504897] ? __might_fault+0x102/0x1b0 [ 96.505439] ? lock_acquire+0x427/0x4c0 [ 96.506148] ? __pfx_iommufd_test+0x10/0x10 [ 96.506774] ? __pfx_lock_release+0x10/0x10 [ 96.507367] ? __pfx_lock_acquire+0x10/0x10 [ 96.508098] ? write_comp_data+0x2f/0x90 [ 96.508624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.509235] ? write_comp_data+0x2f/0x90 [ 96.509918] iommufd_fops_ioctl+0x37d/0x510 [ 96.510475] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.511197] ? write_comp_data+0x2f/0x90 [ 96.511899] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.512530] __x64_sys_ioctl+0x1a3/0x230 [ 96.513077] do_syscall_64+0x3b/0x90 [ 96.513723] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.514385] RIP: 0033:0x7f4b8743ee5d [ 96.514921] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.517440] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.518381] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.519500] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.520396] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.521448] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.522365] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.523482] [ 96.523798] irq event stamp: 0 [ 96.524202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.525165] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.526306] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.527505] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.528440] ---[ end trace 0000000000000000 ]--- [ 96.533645] ------------[ cut here ]------------ [ 96.534556] WARNING: CPU: 1 PID: 843 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.535933] Modules linked in: [ 96.536479] CPU: 1 PID: 843 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.537652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.539296] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.540091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.542402] RSP: 0018:ffff88801837fbd0 EFLAGS: 00010246 [ 96.543008] RAX: 0000000000000000 RBX: ffff888010f0d0a8 RCX: 0000000000000000 [ 96.543762] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 96.544699] RBP: ffff88801837fbe8 R08: ffffed10021e1a33 R09: ffffed10021e1a33 [ 96.545428] R10: ffff888010f0d193 R11: ffffed10021e1a32 R12: ffff88800fd3d400 [ 96.546352] R13: ffff888010f0d1e8 R14: ffff888012132a00 R15: 0000000000000000 [ 96.547138] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.548008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.548942] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.549672] PKRU: 55555554 [ 96.549959] Call Trace: [ 96.550220] [ 96.550448] iommufd_access_destroy_object+0x65/0x170 [ 96.551038] iommufd_object_destroy_user+0x18e/0x220 [ 96.551579] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.552272] iommufd_access_destroy+0x43/0x70 [ 96.552891] iommufd_test_staccess_release+0x8d/0xd0 [ 96.553524] __fput+0x26d/0xa40 [ 96.553876] ____fput+0x1e/0x30 [ 96.554221] task_work_run+0x1a4/0x2d0 [ 96.554651] ? __pfx_task_work_run+0x10/0x10 [ 96.555134] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.555636] ? switch_task_namespaces+0xa9/0xe0 [ 96.556126] do_exit+0xb17/0x2ef0 [ 96.556535] ? lock_acquire+0x427/0x4c0 [ 96.557126] ? __pfx_lock_release+0x10/0x10 [ 96.557736] ? __kasan_check_write+0x18/0x20 [ 96.558202] ? do_raw_spin_lock+0x132/0x2a0 [ 96.558679] ? __pfx_do_exit+0x10/0x10 [ 96.559096] ? debug_smp_processor_id+0x20/0x30 [ 96.559586] ? rcu_is_watching+0x19/0xb0 [ 96.560007] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.560476] ? trace_hardirqs_on+0x26/0x120 [ 96.560922] do_group_exit+0xe0/0x2b0 [ 96.561423] __x64_sys_exit_group+0x47/0x50 [ 96.562039] do_syscall_64+0x3b/0x90 [ 96.562617] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.563161] RIP: 0033:0x7f4b87518a4d [ 96.563534] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.564175] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.564966] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.566119] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.567103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.568037] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.569072] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.570029] [ 96.570320] irq event stamp: 0 [ 96.570818] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.571678] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.572790] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.573953] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.574820] ---[ end trace 0000000000000000 ]--- [ 96.575774] ------------[ cut here ]------------ [ 96.576260] WARNING: CPU: 1 PID: 843 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.577639] Modules linked in: [ 96.578136] CPU: 1 PID: 843 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.579088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.580303] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.580849] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.583326] RSP: 0018:ffff88801837fb78 EFLAGS: 00010246 [ 96.583925] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.584668] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 96.585400] RBP: ffff88801837fb98 R08: ffffed10021e1a3e R09: ffffed10021e1a3e [ 96.586130] R10: ffff888010f0d1ef R11: ffffed10021e1a3d R12: ffff888010f0d290 [ 96.587154] R13: ffff888010f0d0a8 R14: ffffffffffffffff R15: ffff88801837fc60 [ 96.588112] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.588934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.589525] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.590258] PKRU: 55555554 [ 96.590611] Call Trace: [ 96.590885] [ 96.591142] iommufd_ioas_destroy+0x53/0x70 [ 96.591640] iommufd_fops_release+0x1f7/0x370 [ 96.592356] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.592921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.593445] ? write_comp_data+0x2f/0x90 [ 96.593889] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.594407] __fput+0x26d/0xa40 [ 96.594815] ____fput+0x1e/0x30 [ 96.595197] task_work_run+0x1a4/0x2d0 [ 96.595624] ? __pfx_task_work_run+0x10/0x10 [ 96.596097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.596743] ? switch_task_namespaces+0xa9/0xe0 [ 96.597412] do_exit+0xb17/0x2ef0 [ 96.597935] ? lock_acquire+0x427/0x4c0 [ 96.598361] ? __pfx_lock_release+0x10/0x10 [ 96.598844] ? __kasan_check_write+0x18/0x20 [ 96.599317] ? do_raw_spin_lock+0x132/0x2a0 [ 96.599766] ? __pfx_do_exit+0x10/0x10 [ 96.600179] ? debug_smp_processor_id+0x20/0x30 [ 96.600675] ? rcu_is_watching+0x19/0xb0 [ 96.601110] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.601687] ? trace_hardirqs_on+0x26/0x120 [ 96.602287] do_group_exit+0xe0/0x2b0 [ 96.602917] __x64_sys_exit_group+0x47/0x50 [ 96.603404] do_syscall_64+0x3b/0x90 [ 96.603814] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.604367] RIP: 0033:0x7f4b87518a4d [ 96.604767] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.605403] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.606188] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.606974] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.608043] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.609034] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.609765] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.610555] [ 96.610801] irq event stamp: 0 [ 96.611159] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.611834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.612798] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.614031] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.614749] ---[ end trace 0000000000000000 ]--- [ 96.619229] ------------[ cut here ]------------ [ 96.619814] WARNING: CPU: 1 PID: 844 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.621067] Modules linked in: [ 96.621603] CPU: 1 PID: 844 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.622570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.623768] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.624305] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.626765] RSP: 0018:ffff8880185dfbb8 EFLAGS: 00010246 [ 96.627359] RAX: 0000000000000000 RBX: ffff8880104670a8 RCX: 0000000000000000 [ 96.628105] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 96.628859] RBP: ffff8880185dfbd0 R08: ffffed100208ce33 R09: ffffed100208ce33 [ 96.629674] R10: ffff888010467193 R11: ffffed100208ce32 R12: ffff8880183db800 [ 96.630791] R13: ffff8880104671e8 R14: ffffffff8352e670 R15: ffff8880185dfe68 [ 96.631571] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.632414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.633025] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 96.633785] PKRU: 55555554 [ 96.634160] Call Trace: [ 96.634548] [ 96.635099] __iommufd_access_detach+0x1c2/0x2b0 [ 96.635837] iommufd_access_change_pt+0x149/0x270 [ 96.636543] iommufd_access_replace+0xb4/0x120 [ 96.637223] iommufd_test+0x3e5/0x37e0 [ 96.637780] ? lock_release+0x532/0x770 [ 96.638625] ? __might_fault+0x102/0x1b0 [ 96.639268] ? lock_acquire+0x427/0x4c0 [ 96.639840] ? __pfx_iommufd_test+0x10/0x10 [ 96.640448] ? __pfx_lock_release+0x10/0x10 [ 96.641069] ? __pfx_lock_acquire+0x10/0x10 [ 96.641732] ? write_comp_data+0x2f/0x90 [ 96.642666] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.643389] ? write_comp_data+0x2f/0x90 [ 96.643967] iommufd_fops_ioctl+0x37d/0x510 [ 96.644436] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.645134] ? write_comp_data+0x2f/0x90 [ 96.645558] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.646052] __x64_sys_ioctl+0x1a3/0x230 [ 96.646478] do_syscall_64+0x3b/0x90 [ 96.647061] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.647625] RIP: 0033:0x7f4b8743ee5d [ 96.648015] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.650087] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.651050] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.651811] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.652550] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.653478] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.654208] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.655132] [ 96.655408] irq event stamp: 0 [ 96.655736] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.656386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.657467] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.658331] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.659186] ---[ end trace 0000000000000000 ]--- [ 96.662828] ------------[ cut here ]------------ [ 96.663405] WARNING: CPU: 1 PID: 844 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.664428] Modules linked in: [ 96.664766] CPU: 1 PID: 844 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.665650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.666843] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.667380] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.669266] RSP: 0018:ffff8880185dfbd0 EFLAGS: 00010246 [ 96.669809] RAX: 0000000000000000 RBX: ffff8880104670a8 RCX: 0000000000000000 [ 96.670567] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 96.671316] RBP: ffff8880185dfbe8 R08: ffffed100208ce33 R09: ffffed100208ce33 [ 96.672045] R10: ffff888010467193 R11: ffffed100208ce32 R12: ffff888016c9bc00 [ 96.672774] R13: ffff8880104671e8 R14: ffff8880121e9100 R15: 0000000000000000 [ 96.673502] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.674325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.674953] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 96.675714] PKRU: 55555554 [ 96.676012] Call Trace: [ 96.676282] [ 96.676523] iommufd_access_destroy_object+0x65/0x170 [ 96.677066] iommufd_object_destroy_user+0x18e/0x220 [ 96.677592] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.678193] iommufd_access_destroy+0x43/0x70 [ 96.678712] iommufd_test_staccess_release+0x8d/0xd0 [ 96.679270] __fput+0x26d/0xa40 [ 96.679635] ____fput+0x1e/0x30 [ 96.679995] task_work_run+0x1a4/0x2d0 [ 96.680407] ? __pfx_task_work_run+0x10/0x10 [ 96.680864] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.681373] ? switch_task_namespaces+0xa9/0xe0 [ 96.681876] do_exit+0xb17/0x2ef0 [ 96.682240] ? lock_acquire+0x427/0x4c0 [ 96.682678] ? __pfx_lock_release+0x10/0x10 [ 96.683138] ? __kasan_check_write+0x18/0x20 [ 96.683602] ? do_raw_spin_lock+0x132/0x2a0 [ 96.684050] ? __pfx_do_exit+0x10/0x10 [ 96.684470] ? debug_smp_processor_id+0x20/0x30 [ 96.684960] ? rcu_is_watching+0x19/0xb0 [ 96.685382] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.685854] ? trace_hardirqs_on+0x26/0x120 [ 96.686306] do_group_exit+0xe0/0x2b0 [ 96.686736] __x64_sys_exit_group+0x47/0x50 [ 96.687206] do_syscall_64+0x3b/0x90 [ 96.687616] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.688170] RIP: 0033:0x7f4b87518a4d [ 96.688563] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.689209] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.689996] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.690767] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.691522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.692258] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.692997] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.693747] [ 96.693993] irq event stamp: 0 [ 96.694325] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.695016] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.695927] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.696815] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.697470] ---[ end trace 0000000000000000 ]--- [ 96.698337] ------------[ cut here ]------------ [ 96.698868] WARNING: CPU: 1 PID: 844 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.699942] Modules linked in: [ 96.700279] CPU: 1 PID: 844 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.701158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.702300] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.702848] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.704719] RSP: 0018:ffff8880185dfb78 EFLAGS: 00010246 [ 96.705266] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.706010] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 96.706755] RBP: ffff8880185dfb98 R08: ffffed100208ce3e R09: ffffed100208ce3e [ 96.707493] R10: ffff8880104671ef R11: ffffed100208ce3d R12: ffff888010467290 [ 96.708224] R13: ffff8880104670a8 R14: ffffffffffffffff R15: ffff8880185dfc60 [ 96.708950] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.709774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.710370] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 96.711140] PKRU: 55555554 [ 96.711445] Call Trace: [ 96.711713] [ 96.711950] iommufd_ioas_destroy+0x53/0x70 [ 96.712403] iommufd_fops_release+0x1f7/0x370 [ 96.712872] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.713382] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.713891] ? write_comp_data+0x2f/0x90 [ 96.714319] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.714868] __fput+0x26d/0xa40 [ 96.715254] ____fput+0x1e/0x30 [ 96.715607] task_work_run+0x1a4/0x2d0 [ 96.716019] ? __pfx_task_work_run+0x10/0x10 [ 96.716474] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.716984] ? switch_task_namespaces+0xa9/0xe0 [ 96.717476] do_exit+0xb17/0x2ef0 [ 96.717830] ? lock_acquire+0x427/0x4c0 [ 96.718247] ? __pfx_lock_release+0x10/0x10 [ 96.718722] ? __kasan_check_write+0x18/0x20 [ 96.719191] ? do_raw_spin_lock+0x132/0x2a0 [ 96.719635] ? __pfx_do_exit+0x10/0x10 [ 96.720039] ? debug_smp_processor_id+0x20/0x30 [ 96.720476] ? rcu_is_watching+0x19/0xb0 [ 96.720852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.721282] ? trace_hardirqs_on+0x26/0x120 [ 96.721702] do_group_exit+0xe0/0x2b0 [ 96.722065] __x64_sys_exit_group+0x47/0x50 [ 96.722467] do_syscall_64+0x3b/0x90 [ 96.722851] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.723354] RIP: 0033:0x7f4b87518a4d [ 96.723701] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.724268] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.724967] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.725621] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.726278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.726955] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.727626] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.728294] [ 96.728516] irq event stamp: 0 [ 96.728812] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.729396] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.730197] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.731001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.731613] ---[ end trace 0000000000000000 ]--- [ 96.736713] ------------[ cut here ]------------ [ 96.737203] WARNING: CPU: 1 PID: 845 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.738136] Modules linked in: [ 96.738432] CPU: 1 PID: 845 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.739466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.740527] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.741005] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.742713] RSP: 0018:ffff888010fffbb8 EFLAGS: 00010246 [ 96.743231] RAX: 0000000000000000 RBX: ffff8880244318a8 RCX: 0000000000000000 [ 96.743891] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 96.744552] RBP: ffff888010fffbd0 R08: ffffed1004886333 R09: ffffed1004886333 [ 96.745213] R10: ffff888024431993 R11: ffffed1004886332 R12: ffff888016634400 [ 96.745877] R13: ffff8880244319e8 R14: ffffffff8352e670 R15: ffff888010fffe68 [ 96.746572] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.747349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.747899] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 96.748588] PKRU: 55555554 [ 96.748863] Call Trace: [ 96.749107] [ 96.749327] __iommufd_access_detach+0x1c2/0x2b0 [ 96.749788] iommufd_access_change_pt+0x149/0x270 [ 96.750262] iommufd_access_replace+0xb4/0x120 [ 96.750743] iommufd_test+0x3e5/0x37e0 [ 96.751134] ? lock_release+0x532/0x770 [ 96.751531] ? __might_fault+0x102/0x1b0 [ 96.751933] ? lock_acquire+0x427/0x4c0 [ 96.752330] ? __pfx_iommufd_test+0x10/0x10 [ 96.752743] ? __pfx_lock_release+0x10/0x10 [ 96.753178] ? __pfx_lock_acquire+0x10/0x10 [ 96.753597] ? write_comp_data+0x2f/0x90 [ 96.754111] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.754726] ? write_comp_data+0x2f/0x90 [ 96.755143] iommufd_fops_ioctl+0x37d/0x510 [ 96.755558] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.756031] ? write_comp_data+0x2f/0x90 [ 96.756425] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.756882] __x64_sys_ioctl+0x1a3/0x230 [ 96.757275] do_syscall_64+0x3b/0x90 [ 96.757668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.758310] RIP: 0033:0x7f4b8743ee5d [ 96.758703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.760422] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.761138] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.761999] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.762708] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.763387] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.764055] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.764732] [ 96.765038] irq event stamp: 0 [ 96.765485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.766083] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.766902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.767700] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.768288] ---[ end trace 0000000000000000 ]--- [ 96.771405] ------------[ cut here ]------------ [ 96.771988] WARNING: CPU: 1 PID: 845 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.773057] Modules linked in: [ 96.773395] CPU: 1 PID: 845 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.774278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.775625] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.776336] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.778191] RSP: 0018:ffff888010fffbd0 EFLAGS: 00010246 [ 96.778769] RAX: 0000000000000000 RBX: ffff8880244318a8 RCX: 0000000000000000 [ 96.779519] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 96.780401] RBP: ffff888010fffbe8 R08: ffffed1004886333 R09: ffffed1004886333 [ 96.781407] R10: ffff888024431993 R11: ffffed1004886332 R12: ffff8880183da800 [ 96.782139] R13: ffff8880244319e8 R14: ffff88800fd8c700 R15: 0000000000000000 [ 96.782907] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.783741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.784343] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.785178] PKRU: 55555554 [ 96.785559] Call Trace: [ 96.785980] [ 96.786290] iommufd_access_destroy_object+0x65/0x170 [ 96.786855] iommufd_object_destroy_user+0x18e/0x220 [ 96.787388] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.787984] iommufd_access_destroy+0x43/0x70 [ 96.788455] iommufd_test_staccess_release+0x8d/0xd0 [ 96.788987] __fput+0x26d/0xa40 [ 96.789376] ____fput+0x1e/0x30 [ 96.789823] task_work_run+0x1a4/0x2d0 [ 96.790363] ? __pfx_task_work_run+0x10/0x10 [ 96.791019] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.791543] ? switch_task_namespaces+0xa9/0xe0 [ 96.792037] do_exit+0xb17/0x2ef0 [ 96.792397] ? lock_acquire+0x427/0x4c0 [ 96.792819] ? __pfx_lock_release+0x10/0x10 [ 96.793270] ? __kasan_check_write+0x18/0x20 [ 96.793730] ? do_raw_spin_lock+0x132/0x2a0 [ 96.794175] ? __pfx_do_exit+0x10/0x10 [ 96.794704] ? debug_smp_processor_id+0x20/0x30 [ 96.795413] ? rcu_is_watching+0x19/0xb0 [ 96.795842] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.796323] ? trace_hardirqs_on+0x26/0x120 [ 96.796773] do_group_exit+0xe0/0x2b0 [ 96.797169] __x64_sys_exit_group+0x47/0x50 [ 96.797607] do_syscall_64+0x3b/0x90 [ 96.798004] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.798653] RIP: 0033:0x7f4b87518a4d [ 96.799173] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.800003] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.800783] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.801506] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.802226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.803020] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.804311] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.805258] [ 96.805609] irq event stamp: 0 [ 96.806052] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.807005] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.808490] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.809625] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.810487] ---[ end trace 0000000000000000 ]--- [ 96.812113] ------------[ cut here ]------------ [ 96.812814] WARNING: CPU: 1 PID: 845 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.814190] Modules linked in: [ 96.814834] CPU: 1 PID: 845 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.816097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.817594] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.818495] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.821242] RSP: 0018:ffff888010fffb78 EFLAGS: 00010246 [ 96.821974] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.823174] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 96.824126] RBP: ffff888010fffb98 R08: ffffed100488633e R09: ffffed100488633e [ 96.825265] R10: ffff8880244319ef R11: ffffed100488633d R12: ffff888024431a90 [ 96.826224] R13: ffff8880244318a8 R14: ffffffffffffffff R15: ffff888010fffc60 [ 96.827447] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.828529] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.829493] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 96.830444] PKRU: 55555554 [ 96.831082] Call Trace: [ 96.831457] [ 96.831766] iommufd_ioas_destroy+0x53/0x70 [ 96.832360] iommufd_fops_release+0x1f7/0x370 [ 96.833161] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.833841] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.834613] ? write_comp_data+0x2f/0x90 [ 96.835259] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.835947] __fput+0x26d/0xa40 [ 96.836445] ____fput+0x1e/0x30 [ 96.836921] task_work_run+0x1a4/0x2d0 [ 96.837449] ? __pfx_task_work_run+0x10/0x10 [ 96.838035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.838833] ? switch_task_namespaces+0xa9/0xe0 [ 96.839508] do_exit+0xb17/0x2ef0 [ 96.839978] ? lock_acquire+0x427/0x4c0 [ 96.840519] ? __pfx_lock_release+0x10/0x10 [ 96.841097] ? __kasan_check_write+0x18/0x20 [ 96.841686] ? do_raw_spin_lock+0x132/0x2a0 [ 96.842255] ? __pfx_do_exit+0x10/0x10 [ 96.842843] ? debug_smp_processor_id+0x20/0x30 [ 96.843503] ? rcu_is_watching+0x19/0xb0 [ 96.844052] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.844659] ? trace_hardirqs_on+0x26/0x120 [ 96.845243] do_group_exit+0xe0/0x2b0 [ 96.845752] __x64_sys_exit_group+0x47/0x50 [ 96.846315] do_syscall_64+0x3b/0x90 [ 96.846880] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.847609] RIP: 0033:0x7f4b87518a4d [ 96.848105] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.848916] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.849907] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.850908] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.851873] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.852813] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.853742] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.854738] [ 96.855067] irq event stamp: 0 [ 96.855517] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.856349] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.857439] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.858571] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.859417] ---[ end trace 0000000000000000 ]--- [ 96.866282] ------------[ cut here ]------------ [ 96.866993] WARNING: CPU: 1 PID: 846 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.868187] Modules linked in: [ 96.868538] CPU: 1 PID: 846 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.869436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.870613] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.871139] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.873009] RSP: 0018:ffff88801451fbb8 EFLAGS: 00010246 [ 96.873551] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 96.874278] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 96.875028] RBP: ffff88801451fbd0 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 96.875779] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff888010825400 [ 96.876516] R13: ffff88801609d1e8 R14: ffffffff8352e670 R15: ffff88801451fe68 [ 96.877275] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.878107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.878736] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 96.879485] PKRU: 55555554 [ 96.879781] Call Trace: [ 96.880044] [ 96.880278] __iommufd_access_detach+0x1c2/0x2b0 [ 96.880780] iommufd_access_change_pt+0x149/0x270 [ 96.881284] iommufd_access_replace+0xb4/0x120 [ 96.881764] iommufd_test+0x3e5/0x37e0 [ 96.882166] ? lock_release+0x532/0x770 [ 96.882623] ? __might_fault+0x102/0x1b0 [ 96.883052] ? lock_acquire+0x427/0x4c0 [ 96.883490] ? __pfx_iommufd_test+0x10/0x10 [ 96.883916] ? __pfx_lock_release+0x10/0x10 [ 96.884330] ? __pfx_lock_acquire+0x10/0x10 [ 96.884749] ? write_comp_data+0x2f/0x90 [ 96.885144] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.885612] ? write_comp_data+0x2f/0x90 [ 96.886011] iommufd_fops_ioctl+0x37d/0x510 [ 96.886423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.886914] ? write_comp_data+0x2f/0x90 [ 96.887326] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.887788] __x64_sys_ioctl+0x1a3/0x230 [ 96.888186] do_syscall_64+0x3b/0x90 [ 96.888555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.889060] RIP: 0033:0x7f4b8743ee5d [ 96.889415] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.891165] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.891888] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.892558] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.893239] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.893905] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.894609] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.895306] [ 96.895529] irq event stamp: 0 [ 96.895829] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.896425] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.897216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.897998] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.898622] ---[ end trace 0000000000000000 ]--- [ 96.901651] ------------[ cut here ]------------ [ 96.902121] WARNING: CPU: 1 PID: 846 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.903078] Modules linked in: [ 96.903397] CPU: 1 PID: 846 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.904197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.905227] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.905663] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.907287] RSP: 0018:ffff88801451fbd0 EFLAGS: 00010246 [ 96.907755] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 96.908377] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 96.908997] RBP: ffff88801451fbe8 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 96.909623] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff888016634000 [ 96.910245] R13: ffff88801609d1e8 R14: ffff888013a64600 R15: 0000000000000000 [ 96.910886] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.911597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.912104] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.912734] PKRU: 55555554 [ 96.912983] Call Trace: [ 96.913208] [ 96.913405] iommufd_access_destroy_object+0x65/0x170 [ 96.913861] iommufd_object_destroy_user+0x18e/0x220 [ 96.914311] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 96.914842] iommufd_access_destroy+0x43/0x70 [ 96.915258] iommufd_test_staccess_release+0x8d/0xd0 [ 96.915711] __fput+0x26d/0xa40 [ 96.916017] ____fput+0x1e/0x30 [ 96.916314] task_work_run+0x1a4/0x2d0 [ 96.916669] ? __pfx_task_work_run+0x10/0x10 [ 96.917064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.917498] ? switch_task_namespaces+0xa9/0xe0 [ 96.917916] do_exit+0xb17/0x2ef0 [ 96.918227] ? lock_acquire+0x427/0x4c0 [ 96.918622] ? __pfx_lock_release+0x10/0x10 [ 96.919007] ? __kasan_check_write+0x18/0x20 [ 96.919410] ? do_raw_spin_lock+0x132/0x2a0 [ 96.919793] ? __pfx_do_exit+0x10/0x10 [ 96.920148] ? debug_smp_processor_id+0x20/0x30 [ 96.920560] ? rcu_is_watching+0x19/0xb0 [ 96.920918] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.921321] ? trace_hardirqs_on+0x26/0x120 [ 96.921705] do_group_exit+0xe0/0x2b0 [ 96.922039] __x64_sys_exit_group+0x47/0x50 [ 96.922414] do_syscall_64+0x3b/0x90 [ 96.922768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.923237] RIP: 0033:0x7f4b87518a4d [ 96.923566] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.924101] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.924759] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.925380] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.925994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.926628] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.927259] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.927889] [ 96.928098] irq event stamp: 0 [ 96.928374] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.928918] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.929645] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.930370] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.930940] ---[ end trace 0000000000000000 ]--- [ 96.931711] ------------[ cut here ]------------ [ 96.932128] WARNING: CPU: 1 PID: 846 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 96.933027] Modules linked in: [ 96.933308] CPU: 1 PID: 846 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.934060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.935060] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 96.935518] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 96.937099] RSP: 0018:ffff88801451fb78 EFLAGS: 00010246 [ 96.937560] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 96.938167] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 96.938790] RBP: ffff88801451fb98 R08: ffffed1002c13a3e R09: ffffed1002c13a3e [ 96.939388] R10: ffff88801609d1ef R11: ffffed1002c13a3d R12: ffff88801609d290 [ 96.939976] R13: ffff88801609d0a8 R14: ffffffffffffffff R15: ffff88801451fc60 [ 96.940567] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.941226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.941699] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 96.942284] PKRU: 55555554 [ 96.942539] Call Trace: [ 96.942751] [ 96.942941] iommufd_ioas_destroy+0x53/0x70 [ 96.943312] iommufd_fops_release+0x1f7/0x370 [ 96.943693] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.944115] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.944526] ? write_comp_data+0x2f/0x90 [ 96.944865] ? __pfx_iommufd_fops_release+0x10/0x10 [ 96.945284] __fput+0x26d/0xa40 [ 96.945575] ____fput+0x1e/0x30 [ 96.945858] task_work_run+0x1a4/0x2d0 [ 96.946190] ? __pfx_task_work_run+0x10/0x10 [ 96.946585] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.946999] ? switch_task_namespaces+0xa9/0xe0 [ 96.947413] do_exit+0xb17/0x2ef0 [ 96.947703] ? lock_acquire+0x427/0x4c0 [ 96.948040] ? __pfx_lock_release+0x10/0x10 [ 96.948402] ? __kasan_check_write+0x18/0x20 [ 96.948770] ? do_raw_spin_lock+0x132/0x2a0 [ 96.949127] ? __pfx_do_exit+0x10/0x10 [ 96.949457] ? debug_smp_processor_id+0x20/0x30 [ 96.949848] ? rcu_is_watching+0x19/0xb0 [ 96.950185] ? _raw_spin_unlock_irq+0x2b/0x60 [ 96.950580] ? trace_hardirqs_on+0x26/0x120 [ 96.950954] do_group_exit+0xe0/0x2b0 [ 96.951276] __x64_sys_exit_group+0x47/0x50 [ 96.951631] do_syscall_64+0x3b/0x90 [ 96.951950] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.952382] RIP: 0033:0x7f4b87518a4d [ 96.952689] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 96.953193] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 96.953817] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 96.954406] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 96.955012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 96.955601] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 96.956183] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 96.956774] [ 96.956968] irq event stamp: 0 [ 96.957230] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.957752] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.958449] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.959160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.959679] ---[ end trace 0000000000000000 ]--- [ 96.964526] ------------[ cut here ]------------ [ 96.964964] WARNING: CPU: 1 PID: 847 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.965787] Modules linked in: [ 96.966051] CPU: 1 PID: 847 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.966786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.967725] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.968133] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.969619] RSP: 0018:ffff88801848fbb8 EFLAGS: 00010246 [ 96.970054] RAX: 0000000000000000 RBX: ffff888020bf40a8 RCX: 0000000000000000 [ 96.970652] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 96.971242] RBP: ffff88801848fbd0 R08: ffffed100417e833 R09: ffffed100417e833 [ 96.971828] R10: ffff888020bf4193 R11: ffffed100417e832 R12: ffff888013b23c00 [ 96.972410] R13: ffff888020bf41e8 R14: ffffffff8352e670 R15: ffff88801848fe68 [ 96.972992] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 96.973648] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.974121] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 96.974720] PKRU: 55555554 [ 96.974958] Call Trace: [ 96.975177] [ 96.975365] __iommufd_access_detach+0x1c2/0x2b0 [ 96.975772] iommufd_access_change_pt+0x149/0x270 [ 96.976179] iommufd_access_replace+0xb4/0x120 [ 96.976567] iommufd_test+0x3e5/0x37e0 [ 96.976899] ? lock_release+0x532/0x770 [ 96.977250] ? __might_fault+0x102/0x1b0 [ 96.977598] ? lock_acquire+0x427/0x4c0 [ 96.977936] ? __pfx_iommufd_test+0x10/0x10 [ 96.978294] ? __pfx_lock_release+0x10/0x10 [ 96.978684] ? __pfx_lock_acquire+0x10/0x10 [ 96.979052] ? write_comp_data+0x2f/0x90 [ 96.979413] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 96.979825] ? write_comp_data+0x2f/0x90 [ 96.980172] iommufd_fops_ioctl+0x37d/0x510 [ 96.980537] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.980946] ? write_comp_data+0x2f/0x90 [ 96.981292] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 96.981692] __x64_sys_ioctl+0x1a3/0x230 [ 96.982036] do_syscall_64+0x3b/0x90 [ 96.982357] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 96.982817] RIP: 0033:0x7f4b8743ee5d [ 96.983138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 96.984634] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 96.985267] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 96.985851] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 96.986433] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 96.987036] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 96.987635] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 96.988228] [ 96.988421] irq event stamp: 0 [ 96.988680] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 96.989207] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 96.989897] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 96.990604] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 96.991131] ---[ end trace 0000000000000000 ]--- [ 96.993957] ------------[ cut here ]------------ [ 96.994377] WARNING: CPU: 1 PID: 847 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 96.995243] Modules linked in: [ 96.995514] CPU: 1 PID: 847 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 96.996226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 96.997148] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 96.997560] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 96.999064] RSP: 0018:ffff88801848fbd0 EFLAGS: 00010246 [ 96.999513] RAX: 0000000000000000 RBX: ffff888020bf40a8 RCX: 0000000000000000 [ 97.000100] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 97.000681] RBP: ffff88801848fbe8 R08: ffffed100417e833 R09: ffffed100417e833 [ 97.001262] R10: ffff888020bf4193 R11: ffffed100417e832 R12: ffff888010824400 [ 97.001843] R13: ffff888020bf41e8 R14: ffff8880149bb100 R15: 0000000000000000 [ 97.002422] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.003094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.003576] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 97.004140] PKRU: 55555554 [ 97.004365] Call Trace: [ 97.004569] [ 97.004750] iommufd_access_destroy_object+0x65/0x170 [ 97.005166] iommufd_object_destroy_user+0x18e/0x220 [ 97.005578] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.006046] iommufd_access_destroy+0x43/0x70 [ 97.006413] iommufd_test_staccess_release+0x8d/0xd0 [ 97.006839] __fput+0x26d/0xa40 [ 97.007126] ____fput+0x1e/0x30 [ 97.007406] task_work_run+0x1a4/0x2d0 [ 97.007734] ? __pfx_task_work_run+0x10/0x10 [ 97.008145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.008816] ? switch_task_namespaces+0xa9/0xe0 [ 97.009206] do_exit+0xb17/0x2ef0 [ 97.009483] ? lock_acquire+0x427/0x4c0 [ 97.009905] ? __pfx_lock_release+0x10/0x10 [ 97.010256] ? __kasan_check_write+0x18/0x20 [ 97.010637] ? do_raw_spin_lock+0x132/0x2a0 [ 97.010982] ? __pfx_do_exit+0x10/0x10 [ 97.011399] ? debug_smp_processor_id+0x20/0x30 [ 97.011787] ? rcu_is_watching+0x19/0xb0 [ 97.012117] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.012497] ? trace_hardirqs_on+0x26/0x120 [ 97.012938] do_group_exit+0xe0/0x2b0 [ 97.013246] __x64_sys_exit_group+0x47/0x50 [ 97.013594] do_syscall_64+0x3b/0x90 [ 97.013912] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.014628] RIP: 0033:0x7f4b87518a4d [ 97.015060] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.015760] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.016699] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.017579] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.018367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.019310] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.020106] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.020989] [ 97.021260] irq event stamp: 0 [ 97.021614] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.022406] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.023438] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.024407] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.025165] ---[ end trace 0000000000000000 ]--- [ 97.026460] ------------[ cut here ]------------ [ 97.027117] WARNING: CPU: 1 PID: 847 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.028342] Modules linked in: [ 97.028704] CPU: 1 PID: 847 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.029734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.031455] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.032044] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.034187] RSP: 0018:ffff88801848fb78 EFLAGS: 00010246 [ 97.034815] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.035673] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 97.036512] RBP: ffff88801848fb98 R08: ffffed100417e83e R09: ffffed100417e83e [ 97.037385] R10: ffff888020bf41ef R11: ffffed100417e83d R12: ffff888020bf4290 [ 97.038216] R13: ffff888020bf40a8 R14: ffffffffffffffff R15: ffff88801848fc60 [ 97.039089] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.039948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.040715] CR2: 00007f4b875fca50 CR3: 00000000141f6000 CR4: 0000000000750ee0 [ 97.041565] PKRU: 55555554 [ 97.041896] Call Trace: [ 97.042191] [ 97.042453] iommufd_ioas_destroy+0x53/0x70 [ 97.043051] iommufd_fops_release+0x1f7/0x370 [ 97.043598] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.044168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.044810] ? write_comp_data+0x2f/0x90 [ 97.045287] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.045907] __fput+0x26d/0xa40 [ 97.046320] ____fput+0x1e/0x30 [ 97.046748] task_work_run+0x1a4/0x2d0 [ 97.047236] ? __pfx_task_work_run+0x10/0x10 [ 97.047801] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.048359] ? switch_task_namespaces+0xa9/0xe0 [ 97.048982] do_exit+0xb17/0x2ef0 [ 97.049380] ? lock_acquire+0x427/0x4c0 [ 97.049849] ? __pfx_lock_release+0x10/0x10 [ 97.050428] ? __kasan_check_write+0x18/0x20 [ 97.050982] ? do_raw_spin_lock+0x132/0x2a0 [ 97.051503] ? __pfx_do_exit+0x10/0x10 [ 97.052024] ? debug_smp_processor_id+0x20/0x30 [ 97.052590] ? rcu_is_watching+0x19/0xb0 [ 97.053060] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.053678] ? trace_hardirqs_on+0x26/0x120 [ 97.054185] do_group_exit+0xe0/0x2b0 [ 97.054676] __x64_sys_exit_group+0x47/0x50 [ 97.055355] do_syscall_64+0x3b/0x90 [ 97.055682] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.056113] RIP: 0033:0x7f4b87518a4d [ 97.056691] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.057396] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.058357] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.059274] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.060137] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.061002] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.061852] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.062802] [ 97.063078] irq event stamp: 0 [ 97.063453] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.064277] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.065220] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.066160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.066912] ---[ end trace 0000000000000000 ]--- [ 97.073511] ------------[ cut here ]------------ [ 97.074072] WARNING: CPU: 1 PID: 848 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.075534] Modules linked in: [ 97.075911] CPU: 1 PID: 848 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.076888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.078147] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.078747] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.080774] RSP: 0018:ffff88801619fbb8 EFLAGS: 00010246 [ 97.081369] RAX: 0000000000000000 RBX: ffff8880244378a8 RCX: 0000000000000000 [ 97.082157] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 97.082979] RBP: ffff88801619fbd0 R08: ffffed1004886f33 R09: ffffed1004886f33 [ 97.083782] R10: ffff888024437993 R11: ffffed1004886f32 R12: ffff888013b17c00 [ 97.084342] R13: ffff8880244379e8 R14: ffffffff8352e670 R15: ffff88801619fe68 [ 97.084892] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.085510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.085959] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 97.086543] PKRU: 55555554 [ 97.086766] Call Trace: [ 97.086966] [ 97.087157] __iommufd_access_detach+0x1c2/0x2b0 [ 97.087540] iommufd_access_change_pt+0x149/0x270 [ 97.087925] iommufd_access_replace+0xb4/0x120 [ 97.088291] iommufd_test+0x3e5/0x37e0 [ 97.088594] ? lock_release+0x532/0x770 [ 97.088913] ? __might_fault+0x102/0x1b0 [ 97.089237] ? lock_acquire+0x427/0x4c0 [ 97.089556] ? __pfx_iommufd_test+0x10/0x10 [ 97.089890] ? __pfx_lock_release+0x10/0x10 [ 97.090232] ? __pfx_lock_acquire+0x10/0x10 [ 97.090594] ? write_comp_data+0x2f/0x90 [ 97.090923] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.091312] ? write_comp_data+0x2f/0x90 [ 97.091640] iommufd_fops_ioctl+0x37d/0x510 [ 97.091978] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.092365] ? write_comp_data+0x2f/0x90 [ 97.092692] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.093071] __x64_sys_ioctl+0x1a3/0x230 [ 97.093402] do_syscall_64+0x3b/0x90 [ 97.093704] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.094117] RIP: 0033:0x7f4b8743ee5d [ 97.094408] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.095847] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.096441] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.096992] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.097544] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.098094] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.098671] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.099245] [ 97.099428] irq event stamp: 0 [ 97.099675] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.100167] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.100820] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.101476] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.101967] ---[ end trace 0000000000000000 ]--- [ 97.104690] ------------[ cut here ]------------ [ 97.105090] WARNING: CPU: 1 PID: 848 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.105886] Modules linked in: [ 97.106136] CPU: 1 PID: 848 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.106859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.107743] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.108135] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.109570] RSP: 0018:ffff88801619fbd0 EFLAGS: 00010246 [ 97.109990] RAX: 0000000000000000 RBX: ffff8880244378a8 RCX: 0000000000000000 [ 97.110567] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 97.111129] RBP: ffff88801619fbe8 R08: ffffed1004886f33 R09: ffffed1004886f33 [ 97.111680] R10: ffff888024437993 R11: ffffed1004886f32 R12: ffff888013b22000 [ 97.112243] R13: ffff8880244379e8 R14: ffff888012c24100 R15: 0000000000000000 [ 97.112803] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.113435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.113885] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 97.114444] PKRU: 55555554 [ 97.114681] Call Trace: [ 97.114888] [ 97.115067] iommufd_access_destroy_object+0x65/0x170 [ 97.115484] iommufd_object_destroy_user+0x18e/0x220 [ 97.115887] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.116345] iommufd_access_destroy+0x43/0x70 [ 97.116708] iommufd_test_staccess_release+0x8d/0xd0 [ 97.117118] __fput+0x26d/0xa40 [ 97.117395] ____fput+0x1e/0x30 [ 97.117662] task_work_run+0x1a4/0x2d0 [ 97.117976] ? __pfx_task_work_run+0x10/0x10 [ 97.118325] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.118731] ? switch_task_namespaces+0xa9/0xe0 [ 97.119116] do_exit+0xb17/0x2ef0 [ 97.119391] ? lock_acquire+0x427/0x4c0 [ 97.119712] ? __pfx_lock_release+0x10/0x10 [ 97.120057] ? __kasan_check_write+0x18/0x20 [ 97.120406] ? do_raw_spin_lock+0x132/0x2a0 [ 97.120742] ? __pfx_do_exit+0x10/0x10 [ 97.121061] ? debug_smp_processor_id+0x20/0x30 [ 97.121430] ? rcu_is_watching+0x19/0xb0 [ 97.121751] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.122112] ? trace_hardirqs_on+0x26/0x120 [ 97.122456] do_group_exit+0xe0/0x2b0 [ 97.122774] __x64_sys_exit_group+0x47/0x50 [ 97.123122] do_syscall_64+0x3b/0x90 [ 97.123425] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.123843] RIP: 0033:0x7f4b87518a4d [ 97.124135] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.124621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.125212] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.125763] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.126319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.126896] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.127457] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.128018] [ 97.128204] irq event stamp: 0 [ 97.128451] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.128952] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.129613] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.130266] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.130778] ---[ end trace 0000000000000000 ]--- [ 97.131484] ------------[ cut here ]------------ [ 97.131851] WARNING: CPU: 1 PID: 848 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.132640] Modules linked in: [ 97.132892] CPU: 1 PID: 848 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.133572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.134454] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.134879] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.136307] RSP: 0018:ffff88801619fb78 EFLAGS: 00010246 [ 97.136724] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.137278] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 97.137829] RBP: ffff88801619fb98 R08: ffffed1004886f3e R09: ffffed1004886f3e [ 97.138381] R10: ffff8880244379ef R11: ffffed1004886f3d R12: ffff888024437a90 [ 97.138950] R13: ffff8880244378a8 R14: ffffffffffffffff R15: ffff88801619fc60 [ 97.139514] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.140138] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.140588] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 97.141144] PKRU: 55555554 [ 97.141366] Call Trace: [ 97.141569] [ 97.141746] iommufd_ioas_destroy+0x53/0x70 [ 97.142089] iommufd_fops_release+0x1f7/0x370 [ 97.142445] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.142856] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.143259] ? write_comp_data+0x2f/0x90 [ 97.143588] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.143983] __fput+0x26d/0xa40 [ 97.144256] ____fput+0x1e/0x30 [ 97.144525] task_work_run+0x1a4/0x2d0 [ 97.144839] ? __pfx_task_work_run+0x10/0x10 [ 97.145189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.145573] ? switch_task_namespaces+0xa9/0xe0 [ 97.145949] do_exit+0xb17/0x2ef0 [ 97.146221] ? lock_acquire+0x427/0x4c0 [ 97.146559] ? __pfx_lock_release+0x10/0x10 [ 97.146904] ? __kasan_check_write+0x18/0x20 [ 97.147263] ? do_raw_spin_lock+0x132/0x2a0 [ 97.147604] ? __pfx_do_exit+0x10/0x10 [ 97.147922] ? debug_smp_processor_id+0x20/0x30 [ 97.148295] ? rcu_is_watching+0x19/0xb0 [ 97.148619] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.148985] ? trace_hardirqs_on+0x26/0x120 [ 97.149334] do_group_exit+0xe0/0x2b0 [ 97.149637] __x64_sys_exit_group+0x47/0x50 [ 97.149975] do_syscall_64+0x3b/0x90 [ 97.150282] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.150717] RIP: 0033:0x7f4b87518a4d [ 97.151014] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.151503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.152102] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.152656] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.153214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.153769] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.154328] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.154919] [ 97.155111] irq event stamp: 0 [ 97.155361] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.155853] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.156508] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.157159] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.157658] ---[ end trace 0000000000000000 ]--- [ 97.161422] ------------[ cut here ]------------ [ 97.161822] WARNING: CPU: 1 PID: 849 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.162633] Modules linked in: [ 97.162888] CPU: 1 PID: 849 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.163573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.164456] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.164843] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.166261] RSP: 0018:ffff88801484fbb8 EFLAGS: 00010246 [ 97.166737] RAX: 0000000000000000 RBX: ffff88800f6388a8 RCX: 0000000000000000 [ 97.167295] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 97.167851] RBP: ffff88801484fbd0 R08: ffffed1001ec7133 R09: ffffed1001ec7133 [ 97.168404] R10: ffff88800f638993 R11: ffffed1001ec7132 R12: ffff888021bc6c00 [ 97.168959] R13: ffff88800f6389e8 R14: ffffffff8352e670 R15: ffff88801484fe68 [ 97.169519] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.170157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.170625] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 97.171195] PKRU: 55555554 [ 97.171431] Call Trace: [ 97.171638] [ 97.171814] __iommufd_access_detach+0x1c2/0x2b0 [ 97.172201] iommufd_access_change_pt+0x149/0x270 [ 97.172595] iommufd_access_replace+0xb4/0x120 [ 97.172967] iommufd_test+0x3e5/0x37e0 [ 97.173275] ? lock_release+0x532/0x770 [ 97.173595] ? __might_fault+0x102/0x1b0 [ 97.173921] ? lock_acquire+0x427/0x4c0 [ 97.174244] ? __pfx_iommufd_test+0x10/0x10 [ 97.174600] ? __pfx_lock_release+0x10/0x10 [ 97.174949] ? __pfx_lock_acquire+0x10/0x10 [ 97.175306] ? write_comp_data+0x2f/0x90 [ 97.175644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.176034] ? write_comp_data+0x2f/0x90 [ 97.176364] iommufd_fops_ioctl+0x37d/0x510 [ 97.176710] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.177101] ? write_comp_data+0x2f/0x90 [ 97.177435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.177819] __x64_sys_ioctl+0x1a3/0x230 [ 97.178151] do_syscall_64+0x3b/0x90 [ 97.178460] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.178905] RIP: 0033:0x7f4b8743ee5d [ 97.179211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.180632] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.181231] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.181783] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.182337] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.182911] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.183476] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.184047] [ 97.184233] irq event stamp: 0 [ 97.184483] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.184975] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.185628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.186278] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.186794] ---[ end trace 0000000000000000 ]--- [ 97.189587] ------------[ cut here ]------------ [ 97.189990] WARNING: CPU: 1 PID: 849 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.190801] Modules linked in: [ 97.191057] CPU: 1 PID: 849 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.191744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.192620] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.193010] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.194430] RSP: 0018:ffff88801484fbd0 EFLAGS: 00010246 [ 97.194865] RAX: 0000000000000000 RBX: ffff88800f6388a8 RCX: 0000000000000000 [ 97.195427] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 97.195981] RBP: ffff88801484fbe8 R08: ffffed1001ec7133 R09: ffffed1001ec7133 [ 97.196539] R10: ffff88800f638993 R11: ffffed1001ec7132 R12: ffff888013b16000 [ 97.197095] R13: ffff88800f6389e8 R14: ffff88800fd68400 R15: 0000000000000000 [ 97.197655] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.198283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.198755] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 97.199325] PKRU: 55555554 [ 97.199555] Call Trace: [ 97.199755] [ 97.199934] iommufd_access_destroy_object+0x65/0x170 [ 97.200343] iommufd_object_destroy_user+0x18e/0x220 [ 97.200752] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.201209] iommufd_access_destroy+0x43/0x70 [ 97.201575] iommufd_test_staccess_release+0x8d/0xd0 [ 97.201981] __fput+0x26d/0xa40 [ 97.202254] ____fput+0x1e/0x30 [ 97.202535] task_work_run+0x1a4/0x2d0 [ 97.202852] ? __pfx_task_work_run+0x10/0x10 [ 97.203213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.203611] ? switch_task_namespaces+0xa9/0xe0 [ 97.203986] do_exit+0xb17/0x2ef0 [ 97.204263] ? lock_acquire+0x427/0x4c0 [ 97.204585] ? __pfx_lock_release+0x10/0x10 [ 97.204931] ? __kasan_check_write+0x18/0x20 [ 97.205279] ? do_raw_spin_lock+0x132/0x2a0 [ 97.205622] ? __pfx_do_exit+0x10/0x10 [ 97.205935] ? debug_smp_processor_id+0x20/0x30 [ 97.206304] ? rcu_is_watching+0x19/0xb0 [ 97.206646] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.207013] ? trace_hardirqs_on+0x26/0x120 [ 97.207372] do_group_exit+0xe0/0x2b0 [ 97.207673] __x64_sys_exit_group+0x47/0x50 [ 97.208010] do_syscall_64+0x3b/0x90 [ 97.208311] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.208723] RIP: 0033:0x7f4b87518a4d [ 97.209019] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.209499] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.210077] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.210639] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.211189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.211731] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.212270] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.212816] [ 97.212997] irq event stamp: 0 [ 97.213239] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.213719] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.214356] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.215009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.215501] ---[ end trace 0000000000000000 ]--- [ 97.216174] ------------[ cut here ]------------ [ 97.216532] WARNING: CPU: 1 PID: 849 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.217295] Modules linked in: [ 97.217540] CPU: 1 PID: 849 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.218200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.219062] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.219462] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.220842] RSP: 0018:ffff88801484fb78 EFLAGS: 00010246 [ 97.221248] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.221783] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 97.222318] RBP: ffff88801484fb98 R08: ffffed1001ec713e R09: ffffed1001ec713e [ 97.222876] R10: ffff88800f6389ef R11: ffffed1001ec713d R12: ffff88800f638a90 [ 97.223427] R13: ffff88800f6388a8 R14: ffffffffffffffff R15: ffff88801484fc60 [ 97.223967] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.224574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.225013] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 97.225552] PKRU: 55555554 [ 97.225765] Call Trace: [ 97.225960] [ 97.226132] iommufd_ioas_destroy+0x53/0x70 [ 97.226467] iommufd_fops_release+0x1f7/0x370 [ 97.226827] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.227222] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.227598] ? write_comp_data+0x2f/0x90 [ 97.227917] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.228296] __fput+0x26d/0xa40 [ 97.228562] ____fput+0x1e/0x30 [ 97.228822] task_work_run+0x1a4/0x2d0 [ 97.229128] ? __pfx_task_work_run+0x10/0x10 [ 97.229469] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.229845] ? switch_task_namespaces+0xa9/0xe0 [ 97.230209] do_exit+0xb17/0x2ef0 [ 97.230473] ? lock_acquire+0x427/0x4c0 [ 97.230801] ? __pfx_lock_release+0x10/0x10 [ 97.231145] ? __kasan_check_write+0x18/0x20 [ 97.231485] ? do_raw_spin_lock+0x132/0x2a0 [ 97.231817] ? __pfx_do_exit+0x10/0x10 [ 97.232125] ? debug_smp_processor_id+0x20/0x30 [ 97.232483] ? rcu_is_watching+0x19/0xb0 [ 97.232793] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.233142] ? trace_hardirqs_on+0x26/0x120 [ 97.233475] do_group_exit+0xe0/0x2b0 [ 97.233765] __x64_sys_exit_group+0x47/0x50 [ 97.234089] do_syscall_64+0x3b/0x90 [ 97.234383] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.234800] RIP: 0033:0x7f4b87518a4d [ 97.235092] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.235570] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.236143] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.236682] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.237218] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.237777] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.238314] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.238879] [ 97.239061] irq event stamp: 0 [ 97.239308] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.239783] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.240417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.241052] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.241535] ---[ end trace 0000000000000000 ]--- [ 97.245183] ------------[ cut here ]------------ [ 97.245575] WARNING: CPU: 0 PID: 850 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.246331] Modules linked in: [ 97.246615] CPU: 0 PID: 850 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.247275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.248109] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.248481] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.249819] RSP: 0018:ffff88801406fbb8 EFLAGS: 00010246 [ 97.250214] RAX: 0000000000000000 RBX: ffff8880185f68a8 RCX: 0000000000000000 [ 97.250959] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 97.251498] RBP: ffff88801406fbd0 R08: ffffed10030bed33 R09: ffffed10030bed33 [ 97.252026] R10: ffff8880185f6993 R11: ffffed10030bed32 R12: ffff888010b27800 [ 97.252561] R13: ffff8880185f69e8 R14: ffffffff8352e670 R15: ffff88801406fe68 [ 97.253108] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.253721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.254171] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 97.254742] PKRU: 55555554 [ 97.254964] Call Trace: [ 97.255168] [ 97.255344] __iommufd_access_detach+0x1c2/0x2b0 [ 97.255723] iommufd_access_change_pt+0x149/0x270 [ 97.256102] iommufd_access_replace+0xb4/0x120 [ 97.256465] iommufd_test+0x3e5/0x37e0 [ 97.256769] ? lock_release+0x532/0x770 [ 97.257082] ? __might_fault+0x102/0x1b0 [ 97.257398] ? lock_acquire+0x427/0x4c0 [ 97.257710] ? __pfx_iommufd_test+0x10/0x10 [ 97.258038] ? __pfx_lock_release+0x10/0x10 [ 97.258373] ? __pfx_lock_acquire+0x10/0x10 [ 97.258734] ? write_comp_data+0x2f/0x90 [ 97.259055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.259451] ? write_comp_data+0x2f/0x90 [ 97.259781] iommufd_fops_ioctl+0x37d/0x510 [ 97.260117] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.260494] ? write_comp_data+0x2f/0x90 [ 97.260815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.261190] __x64_sys_ioctl+0x1a3/0x230 [ 97.261511] do_syscall_64+0x3b/0x90 [ 97.261808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.262213] RIP: 0033:0x7f4b8743ee5d [ 97.262500] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.263917] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.264502] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.265045] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.265586] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.266127] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.266691] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.267253] [ 97.267432] irq event stamp: 0 [ 97.267674] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.268154] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.268789] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.269425] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.269903] ---[ end trace 0000000000000000 ]--- [ 97.278855] ------------[ cut here ]------------ [ 97.279440] WARNING: CPU: 1 PID: 850 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.280451] Modules linked in: [ 97.280822] CPU: 1 PID: 850 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.281876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.283242] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.283644] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.285704] RSP: 0018:ffff88801406fbd0 EFLAGS: 00010246 [ 97.286317] RAX: 0000000000000000 RBX: ffff8880185f68a8 RCX: 0000000000000000 [ 97.287275] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 97.288084] RBP: ffff88801406fbe8 R08: ffffed10030bed33 R09: ffffed10030bed33 [ 97.288990] R10: ffff8880185f6993 R11: ffffed10030bed32 R12: ffff888014392000 [ 97.289867] R13: ffff8880185f69e8 R14: ffff8880181b8300 R15: 0000000000000000 [ 97.290743] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.291761] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.292422] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 97.293333] PKRU: 55555554 [ 97.293660] Call Trace: [ 97.293956] [ 97.294312] iommufd_access_destroy_object+0x65/0x170 [ 97.294945] iommufd_object_destroy_user+0x18e/0x220 [ 97.295580] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.296296] iommufd_access_destroy+0x43/0x70 [ 97.296839] iommufd_test_staccess_release+0x8d/0xd0 [ 97.297492] __fput+0x26d/0xa40 [ 97.297897] ____fput+0x1e/0x30 [ 97.298316] task_work_run+0x1a4/0x2d0 [ 97.298855] ? __pfx_task_work_run+0x10/0x10 [ 97.299362] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.299968] ? switch_task_namespaces+0xa9/0xe0 [ 97.300529] do_exit+0xb17/0x2ef0 [ 97.300937] ? lock_acquire+0x427/0x4c0 [ 97.301501] ? __pfx_lock_release+0x10/0x10 [ 97.302001] ? __kasan_check_write+0x18/0x20 [ 97.302566] ? do_raw_spin_lock+0x132/0x2a0 [ 97.303132] ? __pfx_do_exit+0x10/0x10 [ 97.303602] ? debug_smp_processor_id+0x20/0x30 [ 97.304244] ? rcu_is_watching+0x19/0xb0 [ 97.304719] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.305248] ? trace_hardirqs_on+0x26/0x120 [ 97.305821] do_group_exit+0xe0/0x2b0 [ 97.306269] __x64_sys_exit_group+0x47/0x50 [ 97.306839] do_syscall_64+0x3b/0x90 [ 97.307352] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.307960] RIP: 0033:0x7f4b87518a4d [ 97.308489] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.309190] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.310151] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.310983] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.311930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.312745] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.313623] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.314560] [ 97.314835] irq event stamp: 0 [ 97.315227] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.315951] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.316902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.317953] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.318808] ---[ end trace 0000000000000000 ]--- [ 97.323410] ------------[ cut here ]------------ [ 97.324008] WARNING: CPU: 1 PID: 850 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.325201] Modules linked in: [ 97.325678] CPU: 1 PID: 850 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.326730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.328107] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.328787] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.330937] RSP: 0018:ffff88801406fb78 EFLAGS: 00010246 [ 97.331726] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.332557] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 97.333422] RBP: ffff88801406fb98 R08: ffffed10030bed3e R09: ffffed10030bed3e [ 97.334327] R10: ffff8880185f69ef R11: ffffed10030bed3d R12: ffff8880185f6a90 [ 97.335197] R13: ffff8880185f68a8 R14: ffffffffffffffff R15: ffff88801406fc60 [ 97.335803] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.336464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.336946] CR2: 00007f82e2f0e000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 97.337528] PKRU: 55555554 [ 97.337763] Call Trace: [ 97.337979] [ 97.338166] iommufd_ioas_destroy+0x53/0x70 [ 97.338547] iommufd_fops_release+0x1f7/0x370 [ 97.338926] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.339350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.339762] ? write_comp_data+0x2f/0x90 [ 97.340109] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.340523] __fput+0x26d/0xa40 [ 97.340818] ____fput+0x1e/0x30 [ 97.341108] task_work_run+0x1a4/0x2d0 [ 97.341442] ? __pfx_task_work_run+0x10/0x10 [ 97.341813] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.342230] ? switch_task_namespaces+0xa9/0xe0 [ 97.342651] do_exit+0xb17/0x2ef0 [ 97.342946] ? lock_acquire+0x427/0x4c0 [ 97.343297] ? __pfx_lock_release+0x10/0x10 [ 97.343672] ? __kasan_check_write+0x18/0x20 [ 97.344044] ? do_raw_spin_lock+0x132/0x2a0 [ 97.344401] ? __pfx_do_exit+0x10/0x10 [ 97.344731] ? debug_smp_processor_id+0x20/0x30 [ 97.345117] ? rcu_is_watching+0x19/0xb0 [ 97.345456] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.345853] ? trace_hardirqs_on+0x26/0x120 [ 97.346232] do_group_exit+0xe0/0x2b0 [ 97.346586] __x64_sys_exit_group+0x47/0x50 [ 97.346960] do_syscall_64+0x3b/0x90 [ 97.347300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.347759] RIP: 0033:0x7f4b87518a4d [ 97.348086] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.348613] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.349262] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.349867] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.350478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.351107] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.351738] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.352365] [ 97.352569] irq event stamp: 0 [ 97.352845] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.353390] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.354112] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.354860] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.355421] ---[ end trace 0000000000000000 ]--- [ 97.359735] ------------[ cut here ]------------ [ 97.360204] WARNING: CPU: 1 PID: 851 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.361065] Modules linked in: [ 97.361346] CPU: 1 PID: 851 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.362102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.363367] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.363812] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.365415] RSP: 0018:ffff88801472fbb8 EFLAGS: 00010246 [ 97.365890] RAX: 0000000000000000 RBX: ffff88801440c0a8 RCX: 0000000000000000 [ 97.366541] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 97.367175] RBP: ffff88801472fbd0 R08: ffffed1002881833 R09: ffffed1002881833 [ 97.367803] R10: ffff88801440c193 R11: ffffed1002881832 R12: ffff888010c08000 [ 97.368433] R13: ffff88801440c1e8 R14: ffffffff8352e670 R15: ffff88801472fe68 [ 97.369064] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.369771] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.370288] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ee0 [ 97.370950] PKRU: 55555554 [ 97.371234] Call Trace: [ 97.371468] [ 97.371667] __iommufd_access_detach+0x1c2/0x2b0 [ 97.372101] iommufd_access_change_pt+0x149/0x270 [ 97.372539] iommufd_access_replace+0xb4/0x120 [ 97.372954] iommufd_test+0x3e5/0x37e0 [ 97.373304] ? lock_release+0x532/0x770 [ 97.373667] ? __might_fault+0x102/0x1b0 [ 97.374031] ? lock_acquire+0x427/0x4c0 [ 97.374391] ? __pfx_iommufd_test+0x10/0x10 [ 97.374794] ? __pfx_lock_release+0x10/0x10 [ 97.375201] ? __pfx_lock_acquire+0x10/0x10 [ 97.375606] ? write_comp_data+0x2f/0x90 [ 97.375987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.376428] ? write_comp_data+0x2f/0x90 [ 97.376806] iommufd_fops_ioctl+0x37d/0x510 [ 97.377200] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.377643] ? write_comp_data+0x2f/0x90 [ 97.378021] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.378456] __x64_sys_ioctl+0x1a3/0x230 [ 97.378856] do_syscall_64+0x3b/0x90 [ 97.379212] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.379683] RIP: 0033:0x7f4b8743ee5d [ 97.380016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.381617] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.382298] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.382951] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.383590] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.384232] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.384863] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.385498] [ 97.385713] irq event stamp: 0 [ 97.385998] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.386581] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.387349] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.388130] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.388734] ---[ end trace 0000000000000000 ]--- [ 97.393330] ------------[ cut here ]------------ [ 97.393944] WARNING: CPU: 0 PID: 851 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.395202] Modules linked in: [ 97.395588] CPU: 0 PID: 851 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.396610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.397895] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.398492] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.400700] RSP: 0018:ffff88801472fbd0 EFLAGS: 00010246 [ 97.401323] RAX: 0000000000000000 RBX: ffff88801440c0a8 RCX: 0000000000000000 [ 97.402162] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 97.403160] RBP: ffff88801472fbe8 R08: ffffed1002881833 R09: ffffed1002881833 [ 97.403990] R10: ffff88801440c193 R11: ffffed1002881832 R12: ffff888021bc6000 [ 97.404830] R13: ffff88801440c1e8 R14: ffff88801706c000 R15: 0000000000000000 [ 97.405704] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.406704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.407418] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.408262] PKRU: 55555554 [ 97.408597] Call Trace: [ 97.408899] [ 97.409174] iommufd_access_destroy_object+0x65/0x170 [ 97.409781] iommufd_object_destroy_user+0x18e/0x220 [ 97.410383] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.411162] iommufd_access_destroy+0x43/0x70 [ 97.411717] iommufd_test_staccess_release+0x8d/0xd0 [ 97.412324] __fput+0x26d/0xa40 [ 97.412727] ____fput+0x1e/0x30 [ 97.413127] task_work_run+0x1a4/0x2d0 [ 97.413599] ? __pfx_task_work_run+0x10/0x10 [ 97.414121] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.414806] ? switch_task_namespaces+0xa9/0xe0 [ 97.415398] do_exit+0xb17/0x2ef0 [ 97.415814] ? lock_acquire+0x427/0x4c0 [ 97.416296] ? __pfx_lock_release+0x10/0x10 [ 97.416815] ? __kasan_check_write+0x18/0x20 [ 97.417343] ? do_raw_spin_lock+0x132/0x2a0 [ 97.417861] ? __pfx_do_exit+0x10/0x10 [ 97.418342] ? debug_smp_processor_id+0x20/0x30 [ 97.418941] ? rcu_is_watching+0x19/0xb0 [ 97.419404] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.419830] ? trace_hardirqs_on+0x26/0x120 [ 97.420232] do_group_exit+0xe0/0x2b0 [ 97.420585] __x64_sys_exit_group+0x47/0x50 [ 97.420978] do_syscall_64+0x3b/0x90 [ 97.421345] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.421829] RIP: 0033:0x7f4b87518a4d [ 97.422173] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.422772] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.423486] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.424133] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.424783] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.425443] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.426096] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.426789] [ 97.427011] irq event stamp: 0 [ 97.427309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.427883] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.428661] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.429433] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.430018] ---[ end trace 0000000000000000 ]--- [ 97.430869] ------------[ cut here ]------------ [ 97.431328] WARNING: CPU: 0 PID: 851 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.432269] Modules linked in: [ 97.432566] CPU: 0 PID: 851 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.433353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.434374] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.434881] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.436560] RSP: 0018:ffff88801472fb78 EFLAGS: 00010246 [ 97.437102] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.437745] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 97.438398] RBP: ffff88801472fb98 R08: ffffed100288183e R09: ffffed100288183e [ 97.439073] R10: ffff88801440c1ef R11: ffffed100288183d R12: ffff88801440c290 [ 97.439741] R13: ffff88801440c0a8 R14: ffffffffffffffff R15: ffff88801472fc60 [ 97.440397] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.441141] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.441701] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.442358] PKRU: 55555554 [ 97.442650] Call Trace: [ 97.442888] [ 97.443098] iommufd_ioas_destroy+0x53/0x70 [ 97.443517] iommufd_fops_release+0x1f7/0x370 [ 97.443942] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.444409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.444868] ? write_comp_data+0x2f/0x90 [ 97.445251] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.445719] __fput+0x26d/0xa40 [ 97.446039] ____fput+0x1e/0x30 [ 97.446352] task_work_run+0x1a4/0x2d0 [ 97.446747] ? __pfx_task_work_run+0x10/0x10 [ 97.447177] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.447652] ? switch_task_namespaces+0xa9/0xe0 [ 97.448096] do_exit+0xb17/0x2ef0 [ 97.448419] ? lock_acquire+0x427/0x4c0 [ 97.448794] ? __pfx_lock_release+0x10/0x10 [ 97.449199] ? __kasan_check_write+0x18/0x20 [ 97.449614] ? do_raw_spin_lock+0x132/0x2a0 [ 97.450018] ? __pfx_do_exit+0x10/0x10 [ 97.450407] ? debug_smp_processor_id+0x20/0x30 [ 97.450887] ? rcu_is_watching+0x19/0xb0 [ 97.451287] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.451712] ? trace_hardirqs_on+0x26/0x120 [ 97.452115] do_group_exit+0xe0/0x2b0 [ 97.452471] __x64_sys_exit_group+0x47/0x50 [ 97.452864] do_syscall_64+0x3b/0x90 [ 97.453220] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.453700] RIP: 0033:0x7f4b87518a4d [ 97.454043] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.454630] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.455358] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.456014] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.456672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.457385] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.458076] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.458778] [ 97.459002] irq event stamp: 0 [ 97.459309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.459897] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.460672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.461446] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.462036] ---[ end trace 0000000000000000 ]--- [ 97.467829] ------------[ cut here ]------------ [ 97.468333] WARNING: CPU: 0 PID: 852 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.469308] Modules linked in: [ 97.469610] CPU: 0 PID: 852 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.470416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.471530] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.472008] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.473693] RSP: 0018:ffff888023effbb8 EFLAGS: 00010246 [ 97.474192] RAX: 0000000000000000 RBX: ffff888020ff60a8 RCX: 0000000000000000 [ 97.474922] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 97.475624] RBP: ffff888023effbd0 R08: ffffed10041fec33 R09: ffffed10041fec33 [ 97.476292] R10: ffff888020ff6193 R11: ffffed10041fec32 R12: ffff888021ba9c00 [ 97.476964] R13: ffff888020ff61e8 R14: ffffffff8352e670 R15: ffff888023effe68 [ 97.477634] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.478385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.479014] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 97.480217] PKRU: 55555554 [ 97.480551] Call Trace: [ 97.481076] [ 97.481300] __iommufd_access_detach+0x1c2/0x2b0 [ 97.481787] iommufd_access_change_pt+0x149/0x270 [ 97.482286] iommufd_access_replace+0xb4/0x120 [ 97.482825] iommufd_test+0x3e5/0x37e0 [ 97.483261] ? lock_release+0x532/0x770 [ 97.483687] ? __might_fault+0x102/0x1b0 [ 97.484122] ? lock_acquire+0x427/0x4c0 [ 97.484549] ? __pfx_iommufd_test+0x10/0x10 [ 97.485000] ? __pfx_lock_release+0x10/0x10 [ 97.485464] ? __pfx_lock_acquire+0x10/0x10 [ 97.485935] ? write_comp_data+0x2f/0x90 [ 97.486380] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.486957] ? write_comp_data+0x2f/0x90 [ 97.487419] iommufd_fops_ioctl+0x37d/0x510 [ 97.487883] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.488393] ? write_comp_data+0x2f/0x90 [ 97.488823] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.489343] __x64_sys_ioctl+0x1a3/0x230 [ 97.489785] do_syscall_64+0x3b/0x90 [ 97.490197] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.490785] RIP: 0033:0x7f4b8743ee5d [ 97.491203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.493094] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.493890] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.494680] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.495442] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.496194] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.496944] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.497697] [ 97.497942] irq event stamp: 0 [ 97.498276] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.498983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.499892] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.500767] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.501473] ---[ end trace 0000000000000000 ]--- [ 97.505164] ------------[ cut here ]------------ [ 97.505712] WARNING: CPU: 0 PID: 852 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.506814] Modules linked in: [ 97.507165] CPU: 0 PID: 852 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.508064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.509213] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.509725] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.511620] RSP: 0018:ffff888023effbd0 EFLAGS: 00010246 [ 97.512164] RAX: 0000000000000000 RBX: ffff888020ff60a8 RCX: 0000000000000000 [ 97.512891] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 97.513635] RBP: ffff888023effbe8 R08: ffffed10041fec33 R09: ffffed10041fec33 [ 97.514379] R10: ffff888020ff6193 R11: ffffed10041fec32 R12: ffff888010b26800 [ 97.515161] R13: ffff888020ff61e8 R14: ffff888020a7c200 R15: 0000000000000000 [ 97.515897] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.516722] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.517325] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.518066] PKRU: 55555554 [ 97.518363] Call Trace: [ 97.518682] [ 97.518924] iommufd_access_destroy_object+0x65/0x170 [ 97.519504] iommufd_object_destroy_user+0x18e/0x220 [ 97.520027] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.520631] iommufd_access_destroy+0x43/0x70 [ 97.521106] iommufd_test_staccess_release+0x8d/0xd0 [ 97.521648] __fput+0x26d/0xa40 [ 97.522016] ____fput+0x1e/0x30 [ 97.522372] task_work_run+0x1a4/0x2d0 [ 97.522836] ? __pfx_task_work_run+0x10/0x10 [ 97.523314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.523838] ? switch_task_namespaces+0xa9/0xe0 [ 97.524333] do_exit+0xb17/0x2ef0 [ 97.524695] ? lock_acquire+0x427/0x4c0 [ 97.525117] ? __pfx_lock_release+0x10/0x10 [ 97.525571] ? __kasan_check_write+0x18/0x20 [ 97.526027] ? do_raw_spin_lock+0x132/0x2a0 [ 97.526473] ? __pfx_do_exit+0x10/0x10 [ 97.526941] ? debug_smp_processor_id+0x20/0x30 [ 97.527469] ? rcu_is_watching+0x19/0xb0 [ 97.527909] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.528546] ? trace_hardirqs_on+0x26/0x120 [ 97.529224] do_group_exit+0xe0/0x2b0 [ 97.529636] __x64_sys_exit_group+0x47/0x50 [ 97.530232] do_syscall_64+0x3b/0x90 [ 97.530862] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.531427] RIP: 0033:0x7f4b87518a4d [ 97.531820] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.532464] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.533302] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.534037] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.534821] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.535571] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.536299] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.537044] [ 97.537290] irq event stamp: 0 [ 97.537615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.538261] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.539175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.540047] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.540699] ---[ end trace 0000000000000000 ]--- [ 97.541718] ------------[ cut here ]------------ [ 97.542237] WARNING: CPU: 0 PID: 852 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.543373] Modules linked in: [ 97.543726] CPU: 0 PID: 852 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.544818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.545985] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.546599] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.548511] RSP: 0018:ffff888023effb78 EFLAGS: 00010246 [ 97.549079] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.549829] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 97.550637] RBP: ffff888023effb98 R08: ffffed10041fec3e R09: ffffed10041fec3e [ 97.551417] R10: ffff888020ff61ef R11: ffffed10041fec3d R12: ffff888020ff6290 [ 97.552166] R13: ffff888020ff60a8 R14: ffffffffffffffff R15: ffff888023effc60 [ 97.552913] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.553759] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.554364] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.555177] PKRU: 55555554 [ 97.555489] Call Trace: [ 97.555766] [ 97.556008] iommufd_ioas_destroy+0x53/0x70 [ 97.556475] iommufd_fops_release+0x1f7/0x370 [ 97.556961] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.557492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.558018] ? write_comp_data+0x2f/0x90 [ 97.558455] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.559031] __fput+0x26d/0xa40 [ 97.559415] ____fput+0x1e/0x30 [ 97.559774] task_work_run+0x1a4/0x2d0 [ 97.560189] ? __pfx_task_work_run+0x10/0x10 [ 97.560659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.561176] ? switch_task_namespaces+0xa9/0xe0 [ 97.561679] do_exit+0xb17/0x2ef0 [ 97.562048] ? lock_acquire+0x427/0x4c0 [ 97.562477] ? __pfx_lock_release+0x10/0x10 [ 97.562985] ? __kasan_check_write+0x18/0x20 [ 97.563470] ? do_raw_spin_lock+0x132/0x2a0 [ 97.563931] ? __pfx_do_exit+0x10/0x10 [ 97.564348] ? debug_smp_processor_id+0x20/0x30 [ 97.564844] ? rcu_is_watching+0x19/0xb0 [ 97.565335] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.565816] ? trace_hardirqs_on+0x26/0x120 [ 97.566276] do_group_exit+0xe0/0x2b0 [ 97.566725] __x64_sys_exit_group+0x47/0x50 [ 97.567183] do_syscall_64+0x3b/0x90 [ 97.567581] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.568144] RIP: 0033:0x7f4b87518a4d [ 97.568534] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.569172] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.569958] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.570735] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.571480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.572222] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.572962] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.573723] [ 97.573977] irq event stamp: 0 [ 97.574310] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.575021] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.575921] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.576800] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.577470] ---[ end trace 0000000000000000 ]--- [ 97.583549] ------------[ cut here ]------------ [ 97.584424] WARNING: CPU: 0 PID: 853 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.585495] Modules linked in: [ 97.585833] CPU: 0 PID: 853 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.587165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.588494] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.589029] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.591303] RSP: 0018:ffff88801716fbb8 EFLAGS: 00010246 [ 97.591879] RAX: 0000000000000000 RBX: ffff8880160748a8 RCX: 0000000000000000 [ 97.592638] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 97.593400] RBP: ffff88801716fbd0 R08: ffffed1002c0e933 R09: ffffed1002c0e933 [ 97.594387] R10: ffff888016074993 R11: ffffed1002c0e932 R12: ffff888018149400 [ 97.595356] R13: ffff8880160749e8 R14: ffffffff8352e670 R15: ffff88801716fe68 [ 97.596124] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.597036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.597724] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ef0 [ 97.598890] PKRU: 55555554 [ 97.599208] Call Trace: [ 97.599482] [ 97.599724] __iommufd_access_detach+0x1c2/0x2b0 [ 97.600238] iommufd_access_change_pt+0x149/0x270 [ 97.600757] iommufd_access_replace+0xb4/0x120 [ 97.601253] iommufd_test+0x3e5/0x37e0 [ 97.601730] ? lock_release+0x532/0x770 [ 97.602328] ? __might_fault+0x102/0x1b0 [ 97.602976] ? lock_acquire+0x427/0x4c0 [ 97.603434] ? __pfx_iommufd_test+0x10/0x10 [ 97.603891] ? __pfx_lock_release+0x10/0x10 [ 97.604352] ? __pfx_lock_acquire+0x10/0x10 [ 97.604821] ? write_comp_data+0x2f/0x90 [ 97.605262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.605827] ? write_comp_data+0x2f/0x90 [ 97.606429] iommufd_fops_ioctl+0x37d/0x510 [ 97.607113] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.607646] ? write_comp_data+0x2f/0x90 [ 97.608087] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.608596] __x64_sys_ioctl+0x1a3/0x230 [ 97.609038] do_syscall_64+0x3b/0x90 [ 97.609446] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.610176] RIP: 0033:0x7f4b8743ee5d [ 97.610797] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.612715] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.613532] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.614495] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.615488] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.616238] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.616990] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.617885] [ 97.618235] irq event stamp: 0 [ 97.618754] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.619426] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.620300] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.621211] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.622078] ---[ end trace 0000000000000000 ]--- [ 97.625751] ------------[ cut here ]------------ [ 97.626273] WARNING: CPU: 0 PID: 853 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.627395] Modules linked in: [ 97.627740] CPU: 0 PID: 853 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.628749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.630344] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.630912] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.632961] RSP: 0018:ffff88801716fbd0 EFLAGS: 00010246 [ 97.633740] RAX: 0000000000000000 RBX: ffff8880160748a8 RCX: 0000000000000000 [ 97.634492] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 97.635320] RBP: ffff88801716fbe8 R08: ffffed1002c0e933 R09: ffffed1002c0e933 [ 97.636070] R10: ffff888016074993 R11: ffffed1002c0e932 R12: ffff888021ba8c00 [ 97.637062] R13: ffff8880160749e8 R14: ffff88800b8fcb00 R15: 0000000000000000 [ 97.638131] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.638997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.639625] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.640390] PKRU: 55555554 [ 97.640692] Call Trace: [ 97.641040] [ 97.641383] iommufd_access_destroy_object+0x65/0x170 [ 97.642109] iommufd_object_destroy_user+0x18e/0x220 [ 97.642695] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.643335] iommufd_access_destroy+0x43/0x70 [ 97.643822] iommufd_test_staccess_release+0x8d/0xd0 [ 97.644369] __fput+0x26d/0xa40 [ 97.644771] ____fput+0x1e/0x30 [ 97.645260] task_work_run+0x1a4/0x2d0 [ 97.645843] ? __pfx_task_work_run+0x10/0x10 [ 97.646321] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.646883] ? switch_task_namespaces+0xa9/0xe0 [ 97.647422] do_exit+0xb17/0x2ef0 [ 97.647795] ? lock_acquire+0x427/0x4c0 [ 97.648229] ? __pfx_lock_release+0x10/0x10 [ 97.648768] ? __kasan_check_write+0x18/0x20 [ 97.649409] ? do_raw_spin_lock+0x132/0x2a0 [ 97.650020] ? __pfx_do_exit+0x10/0x10 [ 97.650459] ? debug_smp_processor_id+0x20/0x30 [ 97.650998] ? rcu_is_watching+0x19/0xb0 [ 97.651450] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.651935] ? trace_hardirqs_on+0x26/0x120 [ 97.652401] do_group_exit+0xe0/0x2b0 [ 97.652810] __x64_sys_exit_group+0x47/0x50 [ 97.653413] do_syscall_64+0x3b/0x90 [ 97.654003] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.654583] RIP: 0033:0x7f4b87518a4d [ 97.654977] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.655628] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.656428] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.657331] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.658419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.659203] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.659951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.660697] [ 97.660982] irq event stamp: 0 [ 97.661390] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.662275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.663338] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.664205] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.664864] ---[ end trace 0000000000000000 ]--- [ 97.665947] ------------[ cut here ]------------ [ 97.666441] WARNING: CPU: 0 PID: 853 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.667561] Modules linked in: [ 97.667907] CPU: 0 PID: 853 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.668902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.670323] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.670904] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.673250] RSP: 0018:ffff88801716fb78 EFLAGS: 00010246 [ 97.673811] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.674584] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 97.675343] RBP: ffff88801716fb98 R08: ffffed1002c0e93e R09: ffffed1002c0e93e [ 97.676190] R10: ffff8880160749ef R11: ffffed1002c0e93d R12: ffff888016074a90 [ 97.677164] R13: ffff8880160748a8 R14: ffffffffffffffff R15: ffff88801716fc60 [ 97.677901] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.678767] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.679396] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.680455] PKRU: 55555554 [ 97.680746] Call Trace: [ 97.681005] [ 97.681231] iommufd_ioas_destroy+0x53/0x70 [ 97.681682] iommufd_fops_release+0x1f7/0x370 [ 97.682143] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.682684] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.683336] ? write_comp_data+0x2f/0x90 [ 97.683897] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.684400] __fput+0x26d/0xa40 [ 97.684747] ____fput+0x1e/0x30 [ 97.685090] task_work_run+0x1a4/0x2d0 [ 97.685491] ? __pfx_task_work_run+0x10/0x10 [ 97.685935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.686471] ? switch_task_namespaces+0xa9/0xe0 [ 97.687135] do_exit+0xb17/0x2ef0 [ 97.687631] ? lock_acquire+0x427/0x4c0 [ 97.688049] ? __pfx_lock_release+0x10/0x10 [ 97.688490] ? __kasan_check_write+0x18/0x20 [ 97.688936] ? do_raw_spin_lock+0x132/0x2a0 [ 97.689370] ? __pfx_do_exit+0x10/0x10 [ 97.689771] ? debug_smp_processor_id+0x20/0x30 [ 97.690275] ? rcu_is_watching+0x19/0xb0 [ 97.690846] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.691455] ? trace_hardirqs_on+0x26/0x120 [ 97.691893] do_group_exit+0xe0/0x2b0 [ 97.692273] __x64_sys_exit_group+0x47/0x50 [ 97.692669] do_syscall_64+0x3b/0x90 [ 97.693057] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.693544] RIP: 0033:0x7f4b87518a4d [ 97.693957] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.694727] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.695442] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.696091] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.696744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.697396] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.698046] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.698732] [ 97.698953] irq event stamp: 0 [ 97.699258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.699837] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.700605] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.701364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.701940] ---[ end trace 0000000000000000 ]--- [ 97.709568] ------------[ cut here ]------------ [ 97.710355] WARNING: CPU: 1 PID: 854 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.711682] Modules linked in: [ 97.712145] CPU: 1 PID: 854 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.713242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.714681] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.715464] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.717772] RSP: 0018:ffff888017317bb8 EFLAGS: 00010246 [ 97.718580] RAX: 0000000000000000 RBX: ffff8880186320a8 RCX: 0000000000000000 [ 97.719501] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 97.720439] RBP: ffff888017317bd0 R08: ffffed10030c6433 R09: ffffed10030c6433 [ 97.721427] R10: ffff888018632193 R11: ffffed10030c6432 R12: ffff888010825c00 [ 97.722301] R13: ffff8880186321e8 R14: ffffffff8352e670 R15: ffff888017317e68 [ 97.723337] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 97.724397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.725165] CR2: 00007f4b877410e8 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 97.726043] PKRU: 55555554 [ 97.726554] Call Trace: [ 97.726876] [ 97.727179] __iommufd_access_detach+0x1c2/0x2b0 [ 97.727830] iommufd_access_change_pt+0x149/0x270 [ 97.728500] iommufd_access_replace+0xb4/0x120 [ 97.729087] iommufd_test+0x3e5/0x37e0 [ 97.729640] ? lock_release+0x532/0x770 [ 97.730164] ? __might_fault+0x102/0x1b0 [ 97.730744] ? lock_acquire+0x427/0x4c0 [ 97.731469] ? __pfx_iommufd_test+0x10/0x10 [ 97.731900] ? __pfx_lock_release+0x10/0x10 [ 97.732307] ? __pfx_lock_acquire+0x10/0x10 [ 97.732800] ? write_comp_data+0x2f/0x90 [ 97.733244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.733697] ? write_comp_data+0x2f/0x90 [ 97.734086] iommufd_fops_ioctl+0x37d/0x510 [ 97.734656] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.735122] ? write_comp_data+0x2f/0x90 [ 97.735512] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.736047] __x64_sys_ioctl+0x1a3/0x230 [ 97.736499] do_syscall_64+0x3b/0x90 [ 97.736856] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.737360] RIP: 0033:0x7f4b8743ee5d [ 97.737823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.739704] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.740415] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.741215] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.741885] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.742644] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.743318] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.743991] [ 97.744209] irq event stamp: 0 [ 97.744501] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.745087] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.745859] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.746648] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.747249] ---[ end trace 0000000000000000 ]--- [ 97.750359] ------------[ cut here ]------------ [ 97.751143] WARNING: CPU: 0 PID: 854 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.752030] Modules linked in: [ 97.752307] CPU: 0 PID: 854 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.753044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.753999] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.754426] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.755998] RSP: 0018:ffff888017317bd0 EFLAGS: 00010246 [ 97.756456] RAX: 0000000000000000 RBX: ffff8880186320a8 RCX: 0000000000000000 [ 97.757112] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 97.757729] RBP: ffff888017317be8 R08: ffffed10030c6433 R09: ffffed10030c6433 [ 97.758341] R10: ffff888018632193 R11: ffffed10030c6432 R12: ffff888010c0a800 [ 97.758969] R13: ffff8880186321e8 R14: ffff88800fd8cc00 R15: 0000000000000000 [ 97.759586] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.760272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.760767] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 97.761375] PKRU: 55555554 [ 97.761616] Call Trace: [ 97.761836] [ 97.762030] iommufd_access_destroy_object+0x65/0x170 [ 97.762481] iommufd_object_destroy_user+0x18e/0x220 [ 97.762954] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.763471] iommufd_access_destroy+0x43/0x70 [ 97.763870] iommufd_test_staccess_release+0x8d/0xd0 [ 97.764315] __fput+0x26d/0xa40 [ 97.764613] ____fput+0x1e/0x30 [ 97.764906] task_work_run+0x1a4/0x2d0 [ 97.765248] ? __pfx_task_work_run+0x10/0x10 [ 97.765633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.766066] ? switch_task_namespaces+0xa9/0xe0 [ 97.766480] do_exit+0xb17/0x2ef0 [ 97.766806] ? lock_acquire+0x427/0x4c0 [ 97.767179] ? __pfx_lock_release+0x10/0x10 [ 97.767561] ? __kasan_check_write+0x18/0x20 [ 97.767943] ? do_raw_spin_lock+0x132/0x2a0 [ 97.768317] ? __pfx_do_exit+0x10/0x10 [ 97.768663] ? debug_smp_processor_id+0x20/0x30 [ 97.769067] ? rcu_is_watching+0x19/0xb0 [ 97.769419] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.769812] ? trace_hardirqs_on+0x26/0x120 [ 97.770185] do_group_exit+0xe0/0x2b0 [ 97.770530] __x64_sys_exit_group+0x47/0x50 [ 97.770904] do_syscall_64+0x3b/0x90 [ 97.771244] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.771697] RIP: 0033:0x7f4b87518a4d [ 97.772017] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.772547] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.773197] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.773803] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.774413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.775043] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.775676] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.776292] [ 97.776497] irq event stamp: 0 [ 97.776774] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.777314] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.778030] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.778764] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.779318] ---[ end trace 0000000000000000 ]--- [ 97.780109] ------------[ cut here ]------------ [ 97.780494] WARNING: CPU: 0 PID: 854 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.781305] Modules linked in: [ 97.781566] CPU: 0 PID: 854 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.782259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.783351] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.783777] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.785240] RSP: 0018:ffff888017317b78 EFLAGS: 00010246 [ 97.785664] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.786236] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 97.786840] RBP: ffff888017317b98 R08: ffffed10030c643e R09: ffffed10030c643e [ 97.787516] R10: ffff8880186321ef R11: ffffed10030c643d R12: ffff888018632290 [ 97.788231] R13: ffff8880186320a8 R14: ffffffffffffffff R15: ffff888017317c60 [ 97.788969] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.789628] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.790092] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 97.790687] PKRU: 55555554 [ 97.790920] Call Trace: [ 97.791134] [ 97.791320] iommufd_ioas_destroy+0x53/0x70 [ 97.791679] iommufd_fops_release+0x1f7/0x370 [ 97.792116] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.792614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.793021] ? write_comp_data+0x2f/0x90 [ 97.793428] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.793907] __fput+0x26d/0xa40 [ 97.794192] ____fput+0x1e/0x30 [ 97.794472] task_work_run+0x1a4/0x2d0 [ 97.794952] ? __pfx_task_work_run+0x10/0x10 [ 97.795327] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.795727] ? switch_task_namespaces+0xa9/0xe0 [ 97.796120] do_exit+0xb17/0x2ef0 [ 97.796554] ? lock_acquire+0x427/0x4c0 [ 97.796893] ? __pfx_lock_release+0x10/0x10 [ 97.797250] ? __kasan_check_write+0x18/0x20 [ 97.797674] ? do_raw_spin_lock+0x132/0x2a0 [ 97.798145] ? __pfx_do_exit+0x10/0x10 [ 97.798483] ? debug_smp_processor_id+0x20/0x30 [ 97.798917] ? rcu_is_watching+0x19/0xb0 [ 97.799316] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.799802] ? trace_hardirqs_on+0x26/0x120 [ 97.800177] do_group_exit+0xe0/0x2b0 [ 97.800503] __x64_sys_exit_group+0x47/0x50 [ 97.801019] do_syscall_64+0x3b/0x90 [ 97.801342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.801783] RIP: 0033:0x7f4b87518a4d [ 97.802247] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.802789] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.803441] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.804209] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.804810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.805551] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.806151] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.806977] [ 97.807201] irq event stamp: 0 [ 97.807458] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.807998] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.808776] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.809602] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.810118] ---[ end trace 0000000000000000 ]--- [ 97.813998] ------------[ cut here ]------------ [ 97.814412] WARNING: CPU: 0 PID: 855 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.815314] Modules linked in: [ 97.815591] CPU: 0 PID: 855 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.816317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.817263] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.817683] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.819258] RSP: 0018:ffff88801716fbb8 EFLAGS: 00010246 [ 97.819708] RAX: 0000000000000000 RBX: ffff8880171be8a8 RCX: 0000000000000000 [ 97.820307] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 97.820907] RBP: ffff88801716fbd0 R08: ffffed1002e37d33 R09: ffffed1002e37d33 [ 97.821552] R10: ffff8880171be993 R11: ffffed1002e37d32 R12: ffff88801226e400 [ 97.822147] R13: ffff8880171be9e8 R14: ffffffff8352e670 R15: ffff88801716fe68 [ 97.822766] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.823456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.823944] CR2: 00007f4b877410e8 CR3: 000000000f56e000 CR4: 0000000000750ef0 [ 97.824552] PKRU: 55555554 [ 97.824792] Call Trace: [ 97.825008] [ 97.825199] __iommufd_access_detach+0x1c2/0x2b0 [ 97.825617] iommufd_access_change_pt+0x149/0x270 [ 97.826040] iommufd_access_replace+0xb4/0x120 [ 97.826456] iommufd_test+0x3e5/0x37e0 [ 97.826813] ? lock_release+0x532/0x770 [ 97.827184] ? __might_fault+0x102/0x1b0 [ 97.827540] ? lock_acquire+0x427/0x4c0 [ 97.827890] ? __pfx_iommufd_test+0x10/0x10 [ 97.828257] ? __pfx_lock_release+0x10/0x10 [ 97.828633] ? __pfx_lock_acquire+0x10/0x10 [ 97.829013] ? write_comp_data+0x2f/0x90 [ 97.829368] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.829799] ? write_comp_data+0x2f/0x90 [ 97.830155] iommufd_fops_ioctl+0x37d/0x510 [ 97.830553] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.830982] ? write_comp_data+0x2f/0x90 [ 97.831344] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.831758] __x64_sys_ioctl+0x1a3/0x230 [ 97.832111] do_syscall_64+0x3b/0x90 [ 97.832435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.832879] RIP: 0033:0x7f4b8743ee5d [ 97.833195] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.834800] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.835462] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.836077] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.836688] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.837284] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.837886] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.838502] [ 97.838736] irq event stamp: 0 [ 97.839008] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.839564] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.840272] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.840970] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.841502] ---[ end trace 0000000000000000 ]--- [ 97.844380] ------------[ cut here ]------------ [ 97.844822] WARNING: CPU: 0 PID: 855 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.845666] Modules linked in: [ 97.845942] CPU: 0 PID: 855 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.846715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.847666] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.848091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.849619] RSP: 0018:ffff88801716fbd0 EFLAGS: 00010246 [ 97.850067] RAX: 0000000000000000 RBX: ffff8880171be8a8 RCX: 0000000000000000 [ 97.850694] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 97.851309] RBP: ffff88801716fbe8 R08: ffffed1002e37d33 R09: ffffed1002e37d33 [ 97.851911] R10: ffff8880171be993 R11: ffffed1002e37d32 R12: ffff88801814b400 [ 97.852510] R13: ffff8880171be9e8 R14: ffff88800fcf6700 R15: 0000000000000000 [ 97.853159] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.853830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.854316] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.854941] PKRU: 55555554 [ 97.855206] Call Trace: [ 97.855426] [ 97.855617] iommufd_access_destroy_object+0x65/0x170 [ 97.856062] iommufd_object_destroy_user+0x18e/0x220 [ 97.856498] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.856997] iommufd_access_destroy+0x43/0x70 [ 97.857385] iommufd_test_staccess_release+0x8d/0xd0 [ 97.857821] __fput+0x26d/0xa40 [ 97.858118] ____fput+0x1e/0x30 [ 97.858407] task_work_run+0x1a4/0x2d0 [ 97.858766] ? __pfx_task_work_run+0x10/0x10 [ 97.859155] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.859576] ? switch_task_namespaces+0xa9/0xe0 [ 97.859982] do_exit+0xb17/0x2ef0 [ 97.860278] ? lock_acquire+0x427/0x4c0 [ 97.860621] ? __pfx_lock_release+0x10/0x10 [ 97.860998] ? __kasan_check_write+0x18/0x20 [ 97.861373] ? do_raw_spin_lock+0x132/0x2a0 [ 97.861739] ? __pfx_do_exit+0x10/0x10 [ 97.862079] ? debug_smp_processor_id+0x20/0x30 [ 97.862478] ? rcu_is_watching+0x19/0xb0 [ 97.862850] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.863255] ? trace_hardirqs_on+0x26/0x120 [ 97.863628] do_group_exit+0xe0/0x2b0 [ 97.863953] __x64_sys_exit_group+0x47/0x50 [ 97.864319] do_syscall_64+0x3b/0x90 [ 97.864643] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.865086] RIP: 0033:0x7f4b87518a4d [ 97.865402] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.865919] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.866585] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.867202] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.867800] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.868406] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.869000] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.869606] [ 97.869807] irq event stamp: 0 [ 97.870074] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.870628] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.871351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.872050] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.872580] ---[ end trace 0000000000000000 ]--- [ 97.873335] ------------[ cut here ]------------ [ 97.873736] WARNING: CPU: 0 PID: 855 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.874629] Modules linked in: [ 97.874908] CPU: 0 PID: 855 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.875644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.876588] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.877027] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.878581] RSP: 0018:ffff88801716fb78 EFLAGS: 00010246 [ 97.879035] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.879638] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 97.880240] RBP: ffff88801716fb98 R08: ffffed1002e37d3e R09: ffffed1002e37d3e [ 97.880834] R10: ffff8880171be9ef R11: ffffed1002e37d3d R12: ffff8880171bea90 [ 97.881431] R13: ffff8880171be8a8 R14: ffffffffffffffff R15: ffff88801716fc60 [ 97.882027] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.882734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.883240] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.883840] PKRU: 55555554 [ 97.884082] Call Trace: [ 97.884299] [ 97.884491] iommufd_ioas_destroy+0x53/0x70 [ 97.884862] iommufd_fops_release+0x1f7/0x370 [ 97.885289] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.885713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.886131] ? write_comp_data+0x2f/0x90 [ 97.886483] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.886939] __fput+0x26d/0xa40 [ 97.887242] ____fput+0x1e/0x30 [ 97.887534] task_work_run+0x1a4/0x2d0 [ 97.887873] ? __pfx_task_work_run+0x10/0x10 [ 97.888253] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.888673] ? switch_task_namespaces+0xa9/0xe0 [ 97.889083] do_exit+0xb17/0x2ef0 [ 97.889381] ? lock_acquire+0x427/0x4c0 [ 97.889727] ? __pfx_lock_release+0x10/0x10 [ 97.890100] ? __kasan_check_write+0x18/0x20 [ 97.890478] ? do_raw_spin_lock+0x132/0x2a0 [ 97.890875] ? __pfx_do_exit+0x10/0x10 [ 97.891229] ? debug_smp_processor_id+0x20/0x30 [ 97.891630] ? rcu_is_watching+0x19/0xb0 [ 97.891975] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.892364] ? trace_hardirqs_on+0x26/0x120 [ 97.892735] do_group_exit+0xe0/0x2b0 [ 97.893059] __x64_sys_exit_group+0x47/0x50 [ 97.893423] do_syscall_64+0x3b/0x90 [ 97.893747] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.894188] RIP: 0033:0x7f4b87518a4d [ 97.894529] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.895044] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.895680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.896279] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.896873] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.897467] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.898057] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.898677] [ 97.898876] irq event stamp: 0 [ 97.899154] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.899677] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.900373] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.901069] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.901593] ---[ end trace 0000000000000000 ]--- [ 97.905814] ------------[ cut here ]------------ [ 97.906241] WARNING: CPU: 0 PID: 856 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.907196] Modules linked in: [ 97.907470] CPU: 0 PID: 856 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.908184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.909113] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.909523] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.911221] RSP: 0018:ffff8880178cfbb8 EFLAGS: 00010246 [ 97.911667] RAX: 0000000000000000 RBX: ffff888010b9b0a8 RCX: 0000000000000000 [ 97.912255] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 97.912841] RBP: ffff8880178cfbd0 R08: ffffed1002173633 R09: ffffed1002173633 [ 97.913429] R10: ffff888010b9b193 R11: ffffed1002173632 R12: ffff888012e94000 [ 97.914025] R13: ffff888010b9b1e8 R14: ffffffff8352e670 R15: ffff8880178cfe68 [ 97.914628] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.915306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.915785] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ef0 [ 97.916372] PKRU: 55555554 [ 97.916605] Call Trace: [ 97.916816] [ 97.917056] __iommufd_access_detach+0x1c2/0x2b0 [ 97.917463] iommufd_access_change_pt+0x149/0x270 [ 97.917872] iommufd_access_replace+0xb4/0x120 [ 97.918261] iommufd_test+0x3e5/0x37e0 [ 97.918605] ? lock_release+0x532/0x770 [ 97.918952] ? __might_fault+0x102/0x1b0 [ 97.919305] ? lock_acquire+0x427/0x4c0 [ 97.919650] ? __pfx_iommufd_test+0x10/0x10 [ 97.920006] ? __pfx_lock_release+0x10/0x10 [ 97.920373] ? __pfx_lock_acquire+0x10/0x10 [ 97.920740] ? write_comp_data+0x2f/0x90 [ 97.921089] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.921497] ? write_comp_data+0x2f/0x90 [ 97.921846] iommufd_fops_ioctl+0x37d/0x510 [ 97.922208] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.922635] ? write_comp_data+0x2f/0x90 [ 97.922986] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 97.923398] __x64_sys_ioctl+0x1a3/0x230 [ 97.923746] do_syscall_64+0x3b/0x90 [ 97.924067] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.924503] RIP: 0033:0x7f4b8743ee5d [ 97.924818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 97.926323] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 97.926978] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 97.927586] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 97.928179] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 97.928776] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 97.929363] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 97.929961] [ 97.930156] irq event stamp: 0 [ 97.930417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.930961] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.931665] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.932362] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.932882] ---[ end trace 0000000000000000 ]--- [ 97.935684] ------------[ cut here ]------------ [ 97.936115] WARNING: CPU: 0 PID: 856 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.936948] Modules linked in: [ 97.937218] CPU: 0 PID: 856 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.937942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.938911] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.939338] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 97.940847] RSP: 0018:ffff8880178cfbd0 EFLAGS: 00010246 [ 97.941288] RAX: 0000000000000000 RBX: ffff888010b9b0a8 RCX: 0000000000000000 [ 97.941886] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 97.942477] RBP: ffff8880178cfbe8 R08: ffffed1002173633 R09: ffffed1002173633 [ 97.943087] R10: ffff888010b9b193 R11: ffffed1002173632 R12: ffff88801226ec00 [ 97.943688] R13: ffff888010b9b1e8 R14: ffff88801287e900 R15: 0000000000000000 [ 97.944280] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.944959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.945449] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.946040] PKRU: 55555554 [ 97.946292] Call Trace: [ 97.946534] [ 97.946728] iommufd_access_destroy_object+0x65/0x170 [ 97.947173] iommufd_object_destroy_user+0x18e/0x220 [ 97.947602] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 97.948092] iommufd_access_destroy+0x43/0x70 [ 97.948474] iommufd_test_staccess_release+0x8d/0xd0 [ 97.948906] __fput+0x26d/0xa40 [ 97.949242] ____fput+0x1e/0x30 [ 97.949524] task_work_run+0x1a4/0x2d0 [ 97.949861] ? __pfx_task_work_run+0x10/0x10 [ 97.950235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.950666] ? switch_task_namespaces+0xa9/0xe0 [ 97.951070] do_exit+0xb17/0x2ef0 [ 97.951370] ? lock_acquire+0x427/0x4c0 [ 97.951713] ? __pfx_lock_release+0x10/0x10 [ 97.952081] ? __kasan_check_write+0x18/0x20 [ 97.952459] ? do_raw_spin_lock+0x132/0x2a0 [ 97.952825] ? __pfx_do_exit+0x10/0x10 [ 97.953170] ? debug_smp_processor_id+0x20/0x30 [ 97.953569] ? rcu_is_watching+0x19/0xb0 [ 97.953917] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.954299] ? trace_hardirqs_on+0x26/0x120 [ 97.954689] do_group_exit+0xe0/0x2b0 [ 97.955015] __x64_sys_exit_group+0x47/0x50 [ 97.955387] do_syscall_64+0x3b/0x90 [ 97.955711] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.956150] RIP: 0033:0x7f4b87518a4d [ 97.956463] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.956978] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.957612] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.958202] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.958816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.959421] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.960014] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.960611] [ 97.960806] irq event stamp: 0 [ 97.961069] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.961596] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.962290] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.963013] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.963550] ---[ end trace 0000000000000000 ]--- [ 97.964269] ------------[ cut here ]------------ [ 97.964662] WARNING: CPU: 0 PID: 856 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 97.965507] Modules linked in: [ 97.965774] CPU: 0 PID: 856 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.966490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.967460] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 97.967892] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 97.969402] RSP: 0018:ffff8880178cfb78 EFLAGS: 00010246 [ 97.969848] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 97.970436] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 97.971047] RBP: ffff8880178cfb98 R08: ffffed100217363e R09: ffffed100217363e [ 97.971660] R10: ffff888010b9b1ef R11: ffffed100217363d R12: ffff888010b9b290 [ 97.972255] R13: ffff888010b9b0a8 R14: ffffffffffffffff R15: ffff8880178cfc60 [ 97.972845] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 97.973515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.973998] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 97.974609] PKRU: 55555554 [ 97.974856] Call Trace: [ 97.975075] [ 97.975280] iommufd_ioas_destroy+0x53/0x70 [ 97.975647] iommufd_fops_release+0x1f7/0x370 [ 97.976028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.976453] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.976865] ? write_comp_data+0x2f/0x90 [ 97.977219] ? __pfx_iommufd_fops_release+0x10/0x10 [ 97.977651] __fput+0x26d/0xa40 [ 97.977946] ____fput+0x1e/0x30 [ 97.978230] task_work_run+0x1a4/0x2d0 [ 97.978587] ? __pfx_task_work_run+0x10/0x10 [ 97.978967] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 97.979389] ? switch_task_namespaces+0xa9/0xe0 [ 97.979786] do_exit+0xb17/0x2ef0 [ 97.980084] ? lock_acquire+0x427/0x4c0 [ 97.980428] ? __pfx_lock_release+0x10/0x10 [ 97.980798] ? __kasan_check_write+0x18/0x20 [ 97.981207] ? do_raw_spin_lock+0x132/0x2a0 [ 97.981569] ? __pfx_do_exit+0x10/0x10 [ 97.981903] ? debug_smp_processor_id+0x20/0x30 [ 97.982297] ? rcu_is_watching+0x19/0xb0 [ 97.982660] ? _raw_spin_unlock_irq+0x2b/0x60 [ 97.983049] ? trace_hardirqs_on+0x26/0x120 [ 97.983402] do_group_exit+0xe0/0x2b0 [ 97.983698] __x64_sys_exit_group+0x47/0x50 [ 97.984025] do_syscall_64+0x3b/0x90 [ 97.984319] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 97.984722] RIP: 0033:0x7f4b87518a4d [ 97.985006] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 97.985469] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 97.986039] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 97.986598] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 97.987143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 97.987685] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 97.988219] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 97.988756] [ 97.988933] irq event stamp: 0 [ 97.989171] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 97.989643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 97.990261] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 97.990913] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 97.991392] ---[ end trace 0000000000000000 ]--- [ 97.995646] ------------[ cut here ]------------ [ 97.996014] WARNING: CPU: 0 PID: 857 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 97.996750] Modules linked in: [ 97.996991] CPU: 0 PID: 857 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 97.997625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 97.998448] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 97.998899] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.000258] RSP: 0018:ffff888010307bb8 EFLAGS: 00010246 [ 98.000650] RAX: 0000000000000000 RBX: ffff88801832f8a8 RCX: 0000000000000000 [ 98.001171] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 98.001699] RBP: ffff888010307bd0 R08: ffffed1003065f33 R09: ffffed1003065f33 [ 98.002232] R10: ffff88801832f993 R11: ffffed1003065f32 R12: ffff888018479400 [ 98.002809] R13: ffff88801832f9e8 R14: ffffffff8352e670 R15: ffff888010307e68 [ 98.003359] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.003964] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.004424] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 98.005008] PKRU: 55555554 [ 98.005239] Call Trace: [ 98.005446] [ 98.005630] __iommufd_access_detach+0x1c2/0x2b0 [ 98.006032] iommufd_access_change_pt+0x149/0x270 [ 98.006431] iommufd_access_replace+0xb4/0x120 [ 98.006840] iommufd_test+0x3e5/0x37e0 [ 98.007168] ? lock_release+0x532/0x770 [ 98.007505] ? __might_fault+0x102/0x1b0 [ 98.007839] ? lock_acquire+0x427/0x4c0 [ 98.008170] ? __pfx_iommufd_test+0x10/0x10 [ 98.008518] ? __pfx_lock_release+0x10/0x10 [ 98.008870] ? __pfx_lock_acquire+0x10/0x10 [ 98.009226] ? write_comp_data+0x2f/0x90 [ 98.009567] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.009968] ? write_comp_data+0x2f/0x90 [ 98.010307] iommufd_fops_ioctl+0x37d/0x510 [ 98.010678] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.011086] ? write_comp_data+0x2f/0x90 [ 98.011432] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.011832] __x64_sys_ioctl+0x1a3/0x230 [ 98.012171] do_syscall_64+0x3b/0x90 [ 98.012480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.012907] RIP: 0033:0x7f4b8743ee5d [ 98.013258] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.014778] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.015414] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.015992] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.016571] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.017149] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.017723] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.018301] [ 98.018494] irq event stamp: 0 [ 98.018792] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.019321] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.020000] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.020672] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.021178] ---[ end trace 0000000000000000 ]--- [ 98.023985] ------------[ cut here ]------------ [ 98.024365] WARNING: CPU: 0 PID: 857 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.025103] Modules linked in: [ 98.025340] CPU: 0 PID: 857 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.025973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.026936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.027315] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.028657] RSP: 0018:ffff888010307bd0 EFLAGS: 00010246 [ 98.029050] RAX: 0000000000000000 RBX: ffff88801832f8a8 RCX: 0000000000000000 [ 98.029574] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 98.030095] RBP: ffff888010307be8 R08: ffffed1003065f33 R09: ffffed1003065f33 [ 98.030644] R10: ffff88801832f993 R11: ffffed1003065f32 R12: ffff888012e96800 [ 98.031196] R13: ffff88801832f9e8 R14: ffff888012bfba00 R15: 0000000000000000 [ 98.031724] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.032321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.032748] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.033280] PKRU: 55555554 [ 98.033491] Call Trace: [ 98.033681] [ 98.033848] iommufd_access_destroy_object+0x65/0x170 [ 98.034232] iommufd_object_destroy_user+0x18e/0x220 [ 98.034630] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.035068] iommufd_access_destroy+0x43/0x70 [ 98.035410] iommufd_test_staccess_release+0x8d/0xd0 [ 98.035784] __fput+0x26d/0xa40 [ 98.036047] ____fput+0x1e/0x30 [ 98.036305] task_work_run+0x1a4/0x2d0 [ 98.036607] ? __pfx_task_work_run+0x10/0x10 [ 98.036944] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.037314] ? switch_task_namespaces+0xa9/0xe0 [ 98.037670] do_exit+0xb17/0x2ef0 [ 98.037928] ? lock_acquire+0x427/0x4c0 [ 98.038233] ? __pfx_lock_release+0x10/0x10 [ 98.038577] ? __kasan_check_write+0x18/0x20 [ 98.038921] ? do_raw_spin_lock+0x132/0x2a0 [ 98.039265] ? __pfx_do_exit+0x10/0x10 [ 98.039568] ? debug_smp_processor_id+0x20/0x30 [ 98.039927] ? rcu_is_watching+0x19/0xb0 [ 98.040310] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.040774] ? trace_hardirqs_on+0x26/0x120 [ 98.041116] do_group_exit+0xe0/0x2b0 [ 98.041443] __x64_sys_exit_group+0x47/0x50 [ 98.041905] do_syscall_64+0x3b/0x90 [ 98.042211] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.042669] RIP: 0033:0x7f4b87518a4d [ 98.043139] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.043652] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.044434] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.045071] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.045817] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.046400] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.047009] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.047784] [ 98.047981] irq event stamp: 0 [ 98.048243] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.048770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.049628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.050485] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.051065] ---[ end trace 0000000000000000 ]--- [ 98.051819] ------------[ cut here ]------------ [ 98.052410] WARNING: CPU: 0 PID: 857 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.053278] Modules linked in: [ 98.053692] CPU: 0 PID: 857 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.054395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.055351] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.055783] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.057459] RSP: 0018:ffff888010307b78 EFLAGS: 00010246 [ 98.057896] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.058473] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 98.059120] RBP: ffff888010307b98 R08: ffffed1003065f3e R09: ffffed1003065f3e [ 98.059921] R10: ffff88801832f9ef R11: ffffed1003065f3d R12: ffff88801832fa90 [ 98.060505] R13: ffff88801832f8a8 R14: ffffffffffffffff R15: ffff888010307c60 [ 98.061082] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.061762] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.062419] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.063032] PKRU: 55555554 [ 98.063286] Call Trace: [ 98.063496] [ 98.063687] iommufd_ioas_destroy+0x53/0x70 [ 98.064053] iommufd_fops_release+0x1f7/0x370 [ 98.064661] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.065074] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.065481] ? write_comp_data+0x2f/0x90 [ 98.065822] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.066234] __fput+0x26d/0xa40 [ 98.066630] ____fput+0x1e/0x30 [ 98.067004] task_work_run+0x1a4/0x2d0 [ 98.067345] ? __pfx_task_work_run+0x10/0x10 [ 98.067714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.068118] ? switch_task_namespaces+0xa9/0xe0 [ 98.068511] do_exit+0xb17/0x2ef0 [ 98.068823] ? lock_acquire+0x427/0x4c0 [ 98.069348] ? __pfx_lock_release+0x10/0x10 [ 98.069713] ? __kasan_check_write+0x18/0x20 [ 98.070076] ? do_raw_spin_lock+0x132/0x2a0 [ 98.070429] ? __pfx_do_exit+0x10/0x10 [ 98.070782] ? debug_smp_processor_id+0x20/0x30 [ 98.071235] ? rcu_is_watching+0x19/0xb0 [ 98.071709] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.072091] ? trace_hardirqs_on+0x26/0x120 [ 98.072454] do_group_exit+0xe0/0x2b0 [ 98.072769] __x64_sys_exit_group+0x47/0x50 [ 98.073121] do_syscall_64+0x3b/0x90 [ 98.073450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.074061] RIP: 0033:0x7f4b87518a4d [ 98.074363] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.074883] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.075507] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.076321] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.076901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.077535] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.078110] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.078870] [ 98.079055] irq event stamp: 0 [ 98.079300] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.079780] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.080444] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.081234] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.081719] ---[ end trace 0000000000000000 ]--- [ 98.087102] ------------[ cut here ]------------ [ 98.087561] WARNING: CPU: 0 PID: 858 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.088472] Modules linked in: [ 98.088732] CPU: 0 PID: 858 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.089420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.090581] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.090992] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.092453] RSP: 0018:ffff888021a7fbb8 EFLAGS: 00010246 [ 98.092893] RAX: 0000000000000000 RBX: ffff8880102048a8 RCX: 0000000000000000 [ 98.093716] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 98.094285] RBP: ffff888021a7fbd0 R08: ffffed1002040933 R09: ffffed1002040933 [ 98.094888] R10: ffff888010204993 R11: ffffed1002040932 R12: ffff888014583400 [ 98.095484] R13: ffff8880102049e8 R14: ffffffff8352e670 R15: ffff888021a7fe68 [ 98.096275] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.096914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.097374] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 98.097940] PKRU: 55555554 [ 98.098164] Call Trace: [ 98.098367] [ 98.098574] __iommufd_access_detach+0x1c2/0x2b0 [ 98.098971] iommufd_access_change_pt+0x149/0x270 [ 98.099370] iommufd_access_replace+0xb4/0x120 [ 98.099746] iommufd_test+0x3e5/0x37e0 [ 98.100058] ? lock_release+0x532/0x770 [ 98.100390] ? __might_fault+0x102/0x1b0 [ 98.100723] ? lock_acquire+0x427/0x4c0 [ 98.101055] ? __pfx_iommufd_test+0x10/0x10 [ 98.101403] ? __pfx_lock_release+0x10/0x10 [ 98.101755] ? __pfx_lock_acquire+0x10/0x10 [ 98.102115] ? write_comp_data+0x2f/0x90 [ 98.102449] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.102871] ? write_comp_data+0x2f/0x90 [ 98.103221] iommufd_fops_ioctl+0x37d/0x510 [ 98.103577] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.103974] ? write_comp_data+0x2f/0x90 [ 98.104313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.104708] __x64_sys_ioctl+0x1a3/0x230 [ 98.105048] do_syscall_64+0x3b/0x90 [ 98.105361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.105799] RIP: 0033:0x7f4b8743ee5d [ 98.106113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.107665] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.108314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.109261] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.109862] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.110716] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.111324] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.111923] [ 98.112119] irq event stamp: 0 [ 98.112380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.112900] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.113591] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.114275] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.114820] ---[ end trace 0000000000000000 ]--- [ 98.117892] ------------[ cut here ]------------ [ 98.118368] WARNING: CPU: 0 PID: 858 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.119396] Modules linked in: [ 98.119665] CPU: 0 PID: 858 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.120378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.121303] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.121713] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.123250] RSP: 0018:ffff888021a7fbd0 EFLAGS: 00010246 [ 98.123691] RAX: 0000000000000000 RBX: ffff8880102048a8 RCX: 0000000000000000 [ 98.124274] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 98.124859] RBP: ffff888021a7fbe8 R08: ffffed1002040933 R09: ffffed1002040933 [ 98.125444] R10: ffff888010204993 R11: ffffed1002040932 R12: ffff88801847b400 [ 98.126028] R13: ffff8880102049e8 R14: ffff8880142ec600 R15: 0000000000000000 [ 98.126641] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.127308] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.127785] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.128370] PKRU: 55555554 [ 98.128611] Call Trace: [ 98.128823] [ 98.129011] iommufd_access_destroy_object+0x65/0x170 [ 98.129443] iommufd_object_destroy_user+0x18e/0x220 [ 98.129867] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.130352] iommufd_access_destroy+0x43/0x70 [ 98.130752] iommufd_test_staccess_release+0x8d/0xd0 [ 98.131199] __fput+0x26d/0xa40 [ 98.131494] ____fput+0x1e/0x30 [ 98.131775] task_work_run+0x1a4/0x2d0 [ 98.132107] ? __pfx_task_work_run+0x10/0x10 [ 98.132475] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.132885] ? switch_task_namespaces+0xa9/0xe0 [ 98.133276] do_exit+0xb17/0x2ef0 [ 98.133564] ? lock_acquire+0x427/0x4c0 [ 98.133901] ? __pfx_lock_release+0x10/0x10 [ 98.134262] ? __kasan_check_write+0x18/0x20 [ 98.134651] ? do_raw_spin_lock+0x132/0x2a0 [ 98.135012] ? __pfx_do_exit+0x10/0x10 [ 98.135355] ? debug_smp_processor_id+0x20/0x30 [ 98.135743] ? rcu_is_watching+0x19/0xb0 [ 98.136080] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.136458] ? trace_hardirqs_on+0x26/0x120 [ 98.136822] do_group_exit+0xe0/0x2b0 [ 98.137137] __x64_sys_exit_group+0x47/0x50 [ 98.137489] do_syscall_64+0x3b/0x90 [ 98.137806] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.138236] RIP: 0033:0x7f4b87518a4d [ 98.138558] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.139067] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.139704] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.140288] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.140867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.141499] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.142081] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.142690] [ 98.142884] irq event stamp: 0 [ 98.143150] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.143668] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.144347] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.145020] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.145520] ---[ end trace 0000000000000000 ]--- [ 98.146307] ------------[ cut here ]------------ [ 98.147175] WARNING: CPU: 0 PID: 858 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.148008] Modules linked in: [ 98.148373] CPU: 0 PID: 858 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.149204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.150111] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.150550] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.152023] RSP: 0018:ffff888021a7fb78 EFLAGS: 00010246 [ 98.152451] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.153022] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 98.153589] RBP: ffff888021a7fb98 R08: ffffed100204093e R09: ffffed100204093e [ 98.154159] R10: ffff8880102049ef R11: ffffed100204093d R12: ffff888010204a90 [ 98.154747] R13: ffff8880102048a8 R14: ffffffffffffffff R15: ffff888021a7fc60 [ 98.155312] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.155898] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.156324] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.156842] PKRU: 55555554 [ 98.157049] Call Trace: [ 98.157238] [ 98.157408] iommufd_ioas_destroy+0x53/0x70 [ 98.157730] iommufd_fops_release+0x1f7/0x370 [ 98.158067] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.158438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.158822] ? write_comp_data+0x2f/0x90 [ 98.159136] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.159506] __fput+0x26d/0xa40 [ 98.159764] ____fput+0x1e/0x30 [ 98.160015] task_work_run+0x1a4/0x2d0 [ 98.160309] ? __pfx_task_work_run+0x10/0x10 [ 98.160640] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.161002] ? switch_task_namespaces+0xa9/0xe0 [ 98.161355] do_exit+0xb17/0x2ef0 [ 98.161611] ? lock_acquire+0x427/0x4c0 [ 98.161914] ? __pfx_lock_release+0x10/0x10 [ 98.162236] ? __kasan_check_write+0x18/0x20 [ 98.162578] ? do_raw_spin_lock+0x132/0x2a0 [ 98.162898] ? __pfx_do_exit+0x10/0x10 [ 98.163200] ? debug_smp_processor_id+0x20/0x30 [ 98.163549] ? rcu_is_watching+0x19/0xb0 [ 98.163852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.164190] ? trace_hardirqs_on+0x26/0x120 [ 98.164516] do_group_exit+0xe0/0x2b0 [ 98.164800] __x64_sys_exit_group+0x47/0x50 [ 98.165119] do_syscall_64+0x3b/0x90 [ 98.165402] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.165786] RIP: 0033:0x7f4b87518a4d [ 98.166055] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.166495] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.167063] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.167582] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.168092] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.168604] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.169114] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.169633] [ 98.169803] irq event stamp: 0 [ 98.170032] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.170486] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.171115] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.171718] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.172172] ---[ end trace 0000000000000000 ]--- [ 98.177697] ------------[ cut here ]------------ [ 98.178045] WARNING: CPU: 0 PID: 859 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.178786] Modules linked in: [ 98.179015] CPU: 0 PID: 859 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.179699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.180604] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.180959] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.182392] RSP: 0018:ffff888010307bb8 EFLAGS: 00010246 [ 98.182804] RAX: 0000000000000000 RBX: ffff88800f6030a8 RCX: 0000000000000000 [ 98.183313] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 98.183814] RBP: ffff888010307bd0 R08: ffffed1001ec0633 R09: ffffed1001ec0633 [ 98.184471] R10: ffff88800f603193 R11: ffffed1001ec0632 R12: ffff888016635800 [ 98.184973] R13: ffff88800f6031e8 R14: ffffffff8352e670 R15: ffff888010307e68 [ 98.185475] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.186069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.186638] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 98.187148] PKRU: 55555554 [ 98.187349] Call Trace: [ 98.187529] [ 98.187689] __iommufd_access_detach+0x1c2/0x2b0 [ 98.188039] iommufd_access_change_pt+0x149/0x270 [ 98.188404] iommufd_access_replace+0xb4/0x120 [ 98.188882] iommufd_test+0x3e5/0x37e0 [ 98.189162] ? lock_release+0x532/0x770 [ 98.189456] ? __might_fault+0x102/0x1b0 [ 98.189753] ? lock_acquire+0x427/0x4c0 [ 98.190044] ? __pfx_iommufd_test+0x10/0x10 [ 98.190376] ? __pfx_lock_release+0x10/0x10 [ 98.190848] ? __pfx_lock_acquire+0x10/0x10 [ 98.191173] ? write_comp_data+0x2f/0x90 [ 98.191474] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.191824] ? write_comp_data+0x2f/0x90 [ 98.192122] iommufd_fops_ioctl+0x37d/0x510 [ 98.192433] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.192786] ? write_comp_data+0x2f/0x90 [ 98.193102] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.193590] __x64_sys_ioctl+0x1a3/0x230 [ 98.193894] do_syscall_64+0x3b/0x90 [ 98.194168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.194559] RIP: 0033:0x7f4b8743ee5d [ 98.194828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.196302] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.196844] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.197348] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.198004] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.198532] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.199042] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.199554] [ 98.199722] irq event stamp: 0 [ 98.199950] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.200567] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.201155] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.201742] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.202347] ---[ end trace 0000000000000000 ]--- [ 98.205169] ------------[ cut here ]------------ [ 98.205597] WARNING: CPU: 0 PID: 859 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.206411] Modules linked in: [ 98.206678] CPU: 0 PID: 859 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.207419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.208357] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.208712] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.210138] RSP: 0018:ffff888010307bd0 EFLAGS: 00010246 [ 98.210619] RAX: 0000000000000000 RBX: ffff88800f6030a8 RCX: 0000000000000000 [ 98.211189] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 98.211698] RBP: ffff888010307be8 R08: ffffed1001ec0633 R09: ffffed1001ec0633 [ 98.212205] R10: ffff88800f603193 R11: ffffed1001ec0632 R12: ffff888014580c00 [ 98.212708] R13: ffff88800f6031e8 R14: ffff888012132d00 R15: 0000000000000000 [ 98.213210] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.213782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.214194] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 98.214725] PKRU: 55555554 [ 98.214934] Call Trace: [ 98.215128] [ 98.215295] iommufd_access_destroy_object+0x65/0x170 [ 98.215676] iommufd_object_destroy_user+0x18e/0x220 [ 98.216052] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.216478] iommufd_access_destroy+0x43/0x70 [ 98.216813] iommufd_test_staccess_release+0x8d/0xd0 [ 98.217188] __fput+0x26d/0xa40 [ 98.217443] ____fput+0x1e/0x30 [ 98.217696] task_work_run+0x1a4/0x2d0 [ 98.217994] ? __pfx_task_work_run+0x10/0x10 [ 98.218323] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.218746] ? switch_task_namespaces+0xa9/0xe0 [ 98.219136] do_exit+0xb17/0x2ef0 [ 98.219403] ? lock_acquire+0x427/0x4c0 [ 98.219732] ? __pfx_lock_release+0x10/0x10 [ 98.220054] ? __kasan_check_write+0x18/0x20 [ 98.220380] ? do_raw_spin_lock+0x132/0x2a0 [ 98.220696] ? __pfx_do_exit+0x10/0x10 [ 98.220990] ? debug_smp_processor_id+0x20/0x30 [ 98.221330] ? rcu_is_watching+0x19/0xb0 [ 98.221631] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.221965] ? trace_hardirqs_on+0x26/0x120 [ 98.222286] do_group_exit+0xe0/0x2b0 [ 98.222590] __x64_sys_exit_group+0x47/0x50 [ 98.222910] do_syscall_64+0x3b/0x90 [ 98.223203] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.223591] RIP: 0033:0x7f4b87518a4d [ 98.223871] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.224321] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.224881] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.225405] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.225929] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.226454] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.226997] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.227541] [ 98.227717] irq event stamp: 0 [ 98.227951] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.228415] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.229040] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.229668] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.230143] ---[ end trace 0000000000000000 ]--- [ 98.230910] ------------[ cut here ]------------ [ 98.231537] WARNING: CPU: 0 PID: 859 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.232343] Modules linked in: [ 98.232640] CPU: 0 PID: 859 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.233429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.234483] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.235097] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.236752] RSP: 0018:ffff888010307b78 EFLAGS: 00010246 [ 98.237275] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.237938] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 98.238554] RBP: ffff888010307b98 R08: ffffed1001ec063e R09: ffffed1001ec063e [ 98.239207] R10: ffff88800f6031ef R11: ffffed1001ec063d R12: ffff88800f603290 [ 98.239764] R13: ffff88800f6030a8 R14: ffffffffffffffff R15: ffff888010307c60 [ 98.240475] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.241117] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.241740] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 98.242323] PKRU: 55555554 [ 98.242604] Call Trace: [ 98.242830] [ 98.243026] iommufd_ioas_destroy+0x53/0x70 [ 98.243587] iommufd_fops_release+0x1f7/0x370 [ 98.243964] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.244373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.244853] ? write_comp_data+0x2f/0x90 [ 98.245256] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.245674] __fput+0x26d/0xa40 [ 98.245969] ____fput+0x1e/0x30 [ 98.246350] task_work_run+0x1a4/0x2d0 [ 98.246775] ? __pfx_task_work_run+0x10/0x10 [ 98.247164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.247572] ? switch_task_namespaces+0xa9/0xe0 [ 98.247997] do_exit+0xb17/0x2ef0 [ 98.248417] ? lock_acquire+0x427/0x4c0 [ 98.248758] ? __pfx_lock_release+0x10/0x10 [ 98.249127] ? __kasan_check_write+0x18/0x20 [ 98.249573] ? do_raw_spin_lock+0x132/0x2a0 [ 98.250015] ? __pfx_do_exit+0x10/0x10 [ 98.250348] ? debug_smp_processor_id+0x20/0x30 [ 98.250783] ? rcu_is_watching+0x19/0xb0 [ 98.251266] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.251653] ? trace_hardirqs_on+0x26/0x120 [ 98.252029] do_group_exit+0xe0/0x2b0 [ 98.252360] __x64_sys_exit_group+0x47/0x50 [ 98.252817] do_syscall_64+0x3b/0x90 [ 98.253268] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.253719] RIP: 0033:0x7f4b87518a4d [ 98.254072] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.254770] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.255439] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.256129] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.256855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.257532] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.258266] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.258919] [ 98.259298] irq event stamp: 0 [ 98.259573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.260114] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.260922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.261719] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.262346] ---[ end trace 0000000000000000 ]--- [ 98.267720] ------------[ cut here ]------------ [ 98.268313] WARNING: CPU: 0 PID: 860 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.269388] Modules linked in: [ 98.269803] CPU: 0 PID: 860 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.270629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.271894] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.272367] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.274261] RSP: 0018:ffff888010f1fbb8 EFLAGS: 00010246 [ 98.275047] RAX: 0000000000000000 RBX: ffff8880165300a8 RCX: 0000000000000000 [ 98.275736] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 98.276481] RBP: ffff888010f1fbd0 R08: ffffed1002ca6033 R09: ffffed1002ca6033 [ 98.277277] R10: ffff888016530193 R11: ffffed1002ca6032 R12: ffff8880189e3400 [ 98.278054] R13: ffff8880165301e8 R14: ffffffff8352e670 R15: ffff888010f1fe68 [ 98.278860] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.279643] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.280279] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 98.281109] PKRU: 55555554 [ 98.281378] Call Trace: [ 98.281700] [ 98.282109] __iommufd_access_detach+0x1c2/0x2b0 [ 98.282652] iommufd_access_change_pt+0x149/0x270 [ 98.283199] iommufd_access_replace+0xb4/0x120 [ 98.283689] iommufd_test+0x3e5/0x37e0 [ 98.284366] ? lock_release+0x532/0x770 [ 98.284798] ? __might_fault+0x102/0x1b0 [ 98.285225] ? lock_acquire+0x427/0x4c0 [ 98.285768] ? __pfx_iommufd_test+0x10/0x10 [ 98.286318] ? __pfx_lock_release+0x10/0x10 [ 98.286809] ? __pfx_lock_acquire+0x10/0x10 [ 98.287286] ? write_comp_data+0x2f/0x90 [ 98.287714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.288209] ? write_comp_data+0x2f/0x90 [ 98.288628] iommufd_fops_ioctl+0x37d/0x510 [ 98.289069] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.289571] ? write_comp_data+0x2f/0x90 [ 98.290001] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.290493] __x64_sys_ioctl+0x1a3/0x230 [ 98.290986] do_syscall_64+0x3b/0x90 [ 98.291404] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.291949] RIP: 0033:0x7f4b8743ee5d [ 98.292335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.294185] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.295018] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.295760] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.296487] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.297224] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.297949] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.298720] [ 98.298970] irq event stamp: 0 [ 98.299315] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.299991] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.301210] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.302344] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.303040] ---[ end trace 0000000000000000 ]--- [ 98.306455] ------------[ cut here ]------------ [ 98.306997] WARNING: CPU: 0 PID: 860 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.308048] Modules linked in: [ 98.308376] CPU: 0 PID: 860 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.309251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.310378] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.310923] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.312830] RSP: 0018:ffff888010f1fbd0 EFLAGS: 00010246 [ 98.313404] RAX: 0000000000000000 RBX: ffff8880165300a8 RCX: 0000000000000000 [ 98.314147] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 98.314919] RBP: ffff888010f1fbe8 R08: ffffed1002ca6033 R09: ffffed1002ca6033 [ 98.315695] R10: ffff888016530193 R11: ffffed1002ca6032 R12: ffff888016635000 [ 98.316437] R13: ffff8880165301e8 R14: ffff888013ced000 R15: 0000000000000000 [ 98.317177] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.318009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.318638] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.319414] PKRU: 55555554 [ 98.319713] Call Trace: [ 98.319985] [ 98.320226] iommufd_access_destroy_object+0x65/0x170 [ 98.320769] iommufd_object_destroy_user+0x18e/0x220 [ 98.321313] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.321918] iommufd_access_destroy+0x43/0x70 [ 98.322405] iommufd_test_staccess_release+0x8d/0xd0 [ 98.322982] __fput+0x26d/0xa40 [ 98.323373] ____fput+0x1e/0x30 [ 98.323735] task_work_run+0x1a4/0x2d0 [ 98.324159] ? __pfx_task_work_run+0x10/0x10 [ 98.324622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.325138] ? switch_task_namespaces+0xa9/0xe0 [ 98.325646] do_exit+0xb17/0x2ef0 [ 98.326010] ? lock_acquire+0x427/0x4c0 [ 98.326442] ? __pfx_lock_release+0x10/0x10 [ 98.326937] ? __kasan_check_write+0x18/0x20 [ 98.327431] ? do_raw_spin_lock+0x132/0x2a0 [ 98.327887] ? __pfx_do_exit+0x10/0x10 [ 98.328308] ? debug_smp_processor_id+0x20/0x30 [ 98.328801] ? rcu_is_watching+0x19/0xb0 [ 98.329227] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.329705] ? trace_hardirqs_on+0x26/0x120 [ 98.330167] do_group_exit+0xe0/0x2b0 [ 98.330592] __x64_sys_exit_group+0x47/0x50 [ 98.331043] do_syscall_64+0x3b/0x90 [ 98.331462] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.331998] RIP: 0033:0x7f4b87518a4d [ 98.332369] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.333056] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.333826] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.334595] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.335349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.336086] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.336804] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.337555] [ 98.337814] irq event stamp: 0 [ 98.338168] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.338882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.339812] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.340686] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.341353] ---[ end trace 0000000000000000 ]--- [ 98.342247] ------------[ cut here ]------------ [ 98.342827] WARNING: CPU: 0 PID: 860 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.343911] Modules linked in: [ 98.344250] CPU: 0 PID: 860 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.345155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.346321] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.346921] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.348830] RSP: 0018:ffff888010f1fb78 EFLAGS: 00010246 [ 98.349397] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.350128] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 98.350943] RBP: ffff888010f1fb98 R08: ffffed1002ca603e R09: ffffed1002ca603e [ 98.351762] R10: ffff8880165301ef R11: ffffed1002ca603d R12: ffff888016530290 [ 98.352504] R13: ffff8880165300a8 R14: ffffffffffffffff R15: ffff888010f1fc60 [ 98.353263] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.354121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.354780] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.355559] PKRU: 55555554 [ 98.355861] Call Trace: [ 98.356147] [ 98.356410] iommufd_ioas_destroy+0x53/0x70 [ 98.356971] iommufd_fops_release+0x1f7/0x370 [ 98.357591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.358137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.358734] ? write_comp_data+0x2f/0x90 [ 98.359197] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.359724] __fput+0x26d/0xa40 [ 98.360084] ____fput+0x1e/0x30 [ 98.360438] task_work_run+0x1a4/0x2d0 [ 98.360846] ? __pfx_task_work_run+0x10/0x10 [ 98.361330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.361849] ? switch_task_namespaces+0xa9/0xe0 [ 98.362346] do_exit+0xb17/0x2ef0 [ 98.362758] ? lock_acquire+0x427/0x4c0 [ 98.363234] ? __pfx_lock_release+0x10/0x10 [ 98.363684] ? __kasan_check_write+0x18/0x20 [ 98.364154] ? do_raw_spin_lock+0x132/0x2a0 [ 98.364624] ? __pfx_do_exit+0x10/0x10 [ 98.365099] ? debug_smp_processor_id+0x20/0x30 [ 98.365590] ? rcu_is_watching+0x19/0xb0 [ 98.366013] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.366496] ? trace_hardirqs_on+0x26/0x120 [ 98.367026] do_group_exit+0xe0/0x2b0 [ 98.367474] __x64_sys_exit_group+0x47/0x50 [ 98.367926] do_syscall_64+0x3b/0x90 [ 98.368328] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.368880] RIP: 0033:0x7f4b87518a4d [ 98.369271] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.369909] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.370752] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.371523] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.372269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.373013] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.373745] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.374489] [ 98.374783] irq event stamp: 0 [ 98.375128] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.375790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.376658] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.377520] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.378168] ---[ end trace 0000000000000000 ]--- [ 98.384459] ------------[ cut here ]------------ [ 98.385159] WARNING: CPU: 1 PID: 861 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.386476] Modules linked in: [ 98.387464] CPU: 1 PID: 861 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.388647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.390117] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.390824] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.393184] RSP: 0018:ffff888021a7fbb8 EFLAGS: 00010246 [ 98.393883] RAX: 0000000000000000 RBX: ffff888023eb78a8 RCX: 0000000000000000 [ 98.394854] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 98.395798] RBP: ffff888021a7fbd0 R08: ffffed10047d6f33 R09: ffffed10047d6f33 [ 98.396727] R10: ffff888023eb7993 R11: ffffed10047d6f32 R12: ffff888012f1d800 [ 98.397655] R13: ffff888023eb79e8 R14: ffffffff8352e670 R15: ffff888021a7fe68 [ 98.398638] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 98.399702] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.400461] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 98.401389] PKRU: 55555554 [ 98.401765] Call Trace: [ 98.402105] [ 98.402410] __iommufd_access_detach+0x1c2/0x2b0 [ 98.403100] iommufd_access_change_pt+0x149/0x270 [ 98.403770] iommufd_access_replace+0xb4/0x120 [ 98.404391] iommufd_test+0x3e5/0x37e0 [ 98.404909] ? lock_release+0x532/0x770 [ 98.405448] ? __might_fault+0x102/0x1b0 [ 98.405994] ? lock_acquire+0x427/0x4c0 [ 98.406569] ? __pfx_iommufd_test+0x10/0x10 [ 98.407148] ? __pfx_lock_release+0x10/0x10 [ 98.407726] ? __pfx_lock_acquire+0x10/0x10 [ 98.408308] ? write_comp_data+0x2f/0x90 [ 98.408857] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.409503] ? write_comp_data+0x2f/0x90 [ 98.410054] iommufd_fops_ioctl+0x37d/0x510 [ 98.410659] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.411326] ? write_comp_data+0x2f/0x90 [ 98.411877] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.412513] __x64_sys_ioctl+0x1a3/0x230 [ 98.413068] do_syscall_64+0x3b/0x90 [ 98.413576] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.414273] RIP: 0033:0x7f4b8743ee5d [ 98.414801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.417158] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.418148] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.419107] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.420050] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.420971] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.421894] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.422873] [ 98.423203] irq event stamp: 0 [ 98.423607] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.424426] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.425513] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.426629] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.427468] ---[ end trace 0000000000000000 ]--- [ 98.432555] ------------[ cut here ]------------ [ 98.433216] WARNING: CPU: 1 PID: 861 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.435040] Modules linked in: [ 98.435493] CPU: 1 PID: 861 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.436627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.438091] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.438793] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.440912] RSP: 0018:ffff888021a7fbd0 EFLAGS: 00010246 [ 98.441458] RAX: 0000000000000000 RBX: ffff888023eb78a8 RCX: 0000000000000000 [ 98.442188] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 98.442962] RBP: ffff888021a7fbe8 R08: ffffed10047d6f33 R09: ffffed10047d6f33 [ 98.443989] R10: ffff888023eb7993 R11: ffffed10047d6f32 R12: ffff888010824400 [ 98.444931] R13: ffff888023eb79e8 R14: ffff888010aa6300 R15: 0000000000000000 [ 98.445867] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 98.446984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.447783] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 98.448728] PKRU: 55555554 [ 98.449109] Call Trace: [ 98.449453] [ 98.449763] iommufd_access_destroy_object+0x65/0x170 [ 98.450455] iommufd_object_destroy_user+0x18e/0x220 [ 98.451185] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.451970] iommufd_access_destroy+0x43/0x70 [ 98.452581] iommufd_test_staccess_release+0x8d/0xd0 [ 98.453266] __fput+0x26d/0xa40 [ 98.453729] ____fput+0x1e/0x30 [ 98.454188] task_work_run+0x1a4/0x2d0 [ 98.454757] ? __pfx_task_work_run+0x10/0x10 [ 98.455374] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.456032] ? switch_task_namespaces+0xa9/0xe0 [ 98.456670] do_exit+0xb17/0x2ef0 [ 98.457133] ? lock_acquire+0x427/0x4c0 [ 98.457677] ? __pfx_lock_release+0x10/0x10 [ 98.458261] ? __kasan_check_write+0x18/0x20 [ 98.458889] ? do_raw_spin_lock+0x132/0x2a0 [ 98.459489] ? __pfx_do_exit+0x10/0x10 [ 98.460024] ? debug_smp_processor_id+0x20/0x30 [ 98.460648] ? rcu_is_watching+0x19/0xb0 [ 98.461190] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.461797] ? trace_hardirqs_on+0x26/0x120 [ 98.462380] do_group_exit+0xe0/0x2b0 [ 98.462928] __x64_sys_exit_group+0x47/0x50 [ 98.463515] do_syscall_64+0x3b/0x90 [ 98.464025] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.464721] RIP: 0033:0x7f4b87518a4d [ 98.465216] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.466023] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.467046] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.467998] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.468930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.469852] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.470811] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.471769] [ 98.472081] irq event stamp: 0 [ 98.472500] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.473322] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.474408] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.475529] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.476354] ---[ end trace 0000000000000000 ]--- [ 98.477438] ------------[ cut here ]------------ [ 98.478001] WARNING: CPU: 0 PID: 861 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.479130] Modules linked in: [ 98.479465] CPU: 0 PID: 861 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.480345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.481497] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.482022] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.483956] RSP: 0018:ffff888021a7fb78 EFLAGS: 00010246 [ 98.484501] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.485225] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 98.485938] RBP: ffff888021a7fb98 R08: ffffed10047d6f3e R09: ffffed10047d6f3e [ 98.486676] R10: ffff888023eb79ef R11: ffffed10047d6f3d R12: ffff888023eb7a90 [ 98.487397] R13: ffff888023eb78a8 R14: ffffffffffffffff R15: ffff888021a7fc60 [ 98.488119] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.488946] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.489521] CR2: 00007f82e2fb6000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 98.490203] PKRU: 55555554 [ 98.490471] Call Trace: [ 98.490762] [ 98.490981] iommufd_ioas_destroy+0x53/0x70 [ 98.491413] iommufd_fops_release+0x1f7/0x370 [ 98.491855] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.492333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.492795] ? write_comp_data+0x2f/0x90 [ 98.493236] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.493700] __fput+0x26d/0xa40 [ 98.494029] ____fput+0x1e/0x30 [ 98.494349] task_work_run+0x1a4/0x2d0 [ 98.494753] ? __pfx_task_work_run+0x10/0x10 [ 98.495195] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.495660] ? switch_task_namespaces+0xa9/0xe0 [ 98.496126] do_exit+0xb17/0x2ef0 [ 98.496453] ? lock_acquire+0x427/0x4c0 [ 98.496836] ? __pfx_lock_release+0x10/0x10 [ 98.497248] ? __kasan_check_write+0x18/0x20 [ 98.497660] ? do_raw_spin_lock+0x132/0x2a0 [ 98.498057] ? __pfx_do_exit+0x10/0x10 [ 98.498440] ? debug_smp_processor_id+0x20/0x30 [ 98.498927] ? rcu_is_watching+0x19/0xb0 [ 98.499327] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.499758] ? trace_hardirqs_on+0x26/0x120 [ 98.500181] do_group_exit+0xe0/0x2b0 [ 98.500534] __x64_sys_exit_group+0x47/0x50 [ 98.500933] do_syscall_64+0x3b/0x90 [ 98.501290] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.501778] RIP: 0033:0x7f4b87518a4d [ 98.502124] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.502718] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.503429] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.504089] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.504737] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.505381] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.506014] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.506693] [ 98.506917] irq event stamp: 0 [ 98.507231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.507797] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.508536] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.509277] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.509807] ---[ end trace 0000000000000000 ]--- [ 98.514319] ------------[ cut here ]------------ [ 98.514817] WARNING: CPU: 0 PID: 862 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.515701] Modules linked in: [ 98.515976] CPU: 0 PID: 862 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.516709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.517672] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.518094] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.519867] RSP: 0018:ffff888012e4fbb8 EFLAGS: 00010246 [ 98.520328] RAX: 0000000000000000 RBX: ffff8880161c08a8 RCX: 0000000000000000 [ 98.520946] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 98.521549] RBP: ffff888012e4fbd0 R08: ffffed1002c38133 R09: ffffed1002c38133 [ 98.522151] R10: ffff8880161c0993 R11: ffffed1002c38132 R12: ffff88800efce400 [ 98.522774] R13: ffff8880161c09e8 R14: ffffffff8352e670 R15: ffff888012e4fe68 [ 98.523389] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.524038] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.524505] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 98.525110] PKRU: 55555554 [ 98.525335] Call Trace: [ 98.525550] [ 98.525732] __iommufd_access_detach+0x1c2/0x2b0 [ 98.526136] iommufd_access_change_pt+0x149/0x270 [ 98.526555] iommufd_access_replace+0xb4/0x120 [ 98.526954] iommufd_test+0x3e5/0x37e0 [ 98.527293] ? lock_release+0x532/0x770 [ 98.527624] ? __might_fault+0x102/0x1b0 [ 98.527959] ? lock_acquire+0x427/0x4c0 [ 98.528289] ? __pfx_iommufd_test+0x10/0x10 [ 98.528645] ? __pfx_lock_release+0x10/0x10 [ 98.529008] ? __pfx_lock_acquire+0x10/0x10 [ 98.529370] ? write_comp_data+0x2f/0x90 [ 98.529714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.530123] ? write_comp_data+0x2f/0x90 [ 98.530471] iommufd_fops_ioctl+0x37d/0x510 [ 98.530844] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.531266] ? write_comp_data+0x2f/0x90 [ 98.531602] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.531999] __x64_sys_ioctl+0x1a3/0x230 [ 98.532342] do_syscall_64+0x3b/0x90 [ 98.532657] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.533096] RIP: 0033:0x7f4b8743ee5d [ 98.533396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.534884] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.535510] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.536079] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.536659] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.537233] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.537806] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.538385] [ 98.538594] irq event stamp: 0 [ 98.538860] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.539375] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.540067] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.540735] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.541237] ---[ end trace 0000000000000000 ]--- [ 98.544070] ------------[ cut here ]------------ [ 98.544469] WARNING: CPU: 0 PID: 862 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.545255] Modules linked in: [ 98.545503] CPU: 0 PID: 862 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.546181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.547088] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.547485] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.548913] RSP: 0018:ffff888012e4fbd0 EFLAGS: 00010246 [ 98.549336] RAX: 0000000000000000 RBX: ffff8880161c08a8 RCX: 0000000000000000 [ 98.549895] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 98.550442] RBP: ffff888012e4fbe8 R08: ffffed1002c38133 R09: ffffed1002c38133 [ 98.551022] R10: ffff8880161c0993 R11: ffffed1002c38132 R12: ffff8880189e1800 [ 98.551600] R13: ffff8880161c09e8 R14: ffff88801706cc00 R15: 0000000000000000 [ 98.552156] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.552796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.553241] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.553801] PKRU: 55555554 [ 98.554023] Call Trace: [ 98.554226] [ 98.554404] iommufd_access_destroy_object+0x65/0x170 [ 98.554827] iommufd_object_destroy_user+0x18e/0x220 [ 98.555242] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.555702] iommufd_access_destroy+0x43/0x70 [ 98.556059] iommufd_test_staccess_release+0x8d/0xd0 [ 98.556465] __fput+0x26d/0xa40 [ 98.556731] ____fput+0x1e/0x30 [ 98.557041] task_work_run+0x1a4/0x2d0 [ 98.557362] ? __pfx_task_work_run+0x10/0x10 [ 98.557947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.558333] ? switch_task_namespaces+0xa9/0xe0 [ 98.558727] do_exit+0xb17/0x2ef0 [ 98.559005] ? lock_acquire+0x427/0x4c0 [ 98.559331] ? __pfx_lock_release+0x10/0x10 [ 98.559672] ? __kasan_check_write+0x18/0x20 [ 98.560059] ? do_raw_spin_lock+0x132/0x2a0 [ 98.560518] ? __pfx_do_exit+0x10/0x10 [ 98.560829] ? debug_smp_processor_id+0x20/0x30 [ 98.561201] ? rcu_is_watching+0x19/0xb0 [ 98.561516] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.561870] ? trace_hardirqs_on+0x26/0x120 [ 98.562280] do_group_exit+0xe0/0x2b0 [ 98.562686] __x64_sys_exit_group+0x47/0x50 [ 98.563022] do_syscall_64+0x3b/0x90 [ 98.563321] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.563726] RIP: 0033:0x7f4b87518a4d [ 98.564013] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.564491] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.565080] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.565630] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.566337] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.566914] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.567480] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.568042] [ 98.568224] irq event stamp: 0 [ 98.568532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.569105] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.569750] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.570397] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.571069] ---[ end trace 0000000000000000 ]--- [ 98.571772] ------------[ cut here ]------------ [ 98.572139] WARNING: CPU: 0 PID: 862 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.572926] Modules linked in: [ 98.573172] CPU: 0 PID: 862 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.574013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.574902] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.575316] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.576885] RSP: 0018:ffff888012e4fb78 EFLAGS: 00010246 [ 98.577290] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.577833] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 98.578531] RBP: ffff888012e4fb98 R08: ffffed1002c3813e R09: ffffed1002c3813e [ 98.579094] R10: ffff8880161c09ef R11: ffffed1002c3813d R12: ffff8880161c0a90 [ 98.579651] R13: ffff8880161c08a8 R14: ffffffffffffffff R15: ffff888012e4fc60 [ 98.580198] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.580885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.581423] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.581976] PKRU: 55555554 [ 98.582197] Call Trace: [ 98.582395] [ 98.582594] iommufd_ioas_destroy+0x53/0x70 [ 98.582933] iommufd_fops_release+0x1f7/0x370 [ 98.583292] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.583861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.584244] ? write_comp_data+0x2f/0x90 [ 98.584568] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.584963] __fput+0x26d/0xa40 [ 98.585231] ____fput+0x1e/0x30 [ 98.585502] task_work_run+0x1a4/0x2d0 [ 98.585884] ? __pfx_task_work_run+0x10/0x10 [ 98.586314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.586728] ? switch_task_namespaces+0xa9/0xe0 [ 98.587100] do_exit+0xb17/0x2ef0 [ 98.587379] ? lock_acquire+0x427/0x4c0 [ 98.587694] ? __pfx_lock_release+0x10/0x10 [ 98.588045] ? __kasan_check_write+0x18/0x20 [ 98.588394] ? do_raw_spin_lock+0x132/0x2a0 [ 98.588873] ? __pfx_do_exit+0x10/0x10 [ 98.589234] ? debug_smp_processor_id+0x20/0x30 [ 98.589595] ? rcu_is_watching+0x19/0xb0 [ 98.589915] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.590270] ? trace_hardirqs_on+0x26/0x120 [ 98.590646] do_group_exit+0xe0/0x2b0 [ 98.591094] __x64_sys_exit_group+0x47/0x50 [ 98.591438] do_syscall_64+0x3b/0x90 [ 98.591732] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.592149] RIP: 0033:0x7f4b87518a4d [ 98.592437] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.592904] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.593489] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.594192] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.594754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.595308] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.595861] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.596414] [ 98.596626] irq event stamp: 0 [ 98.597012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.597502] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.598141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.598835] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.599451] ---[ end trace 0000000000000000 ]--- [ 98.603202] ------------[ cut here ]------------ [ 98.603606] WARNING: CPU: 0 PID: 863 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.604514] Modules linked in: [ 98.604764] CPU: 0 PID: 863 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.605425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.606436] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.606851] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.608244] RSP: 0018:ffff888021a7fbb8 EFLAGS: 00010246 [ 98.608684] RAX: 0000000000000000 RBX: ffff88801587d0a8 RCX: 0000000000000000 [ 98.609345] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 98.609882] RBP: ffff888021a7fbd0 R08: ffffed1002b0fa33 R09: ffffed1002b0fa33 [ 98.610419] R10: ffff88801587d193 R11: ffffed1002b0fa32 R12: ffff8880129c7400 [ 98.611140] R13: ffff88801587d1e8 R14: ffffffff8352e670 R15: ffff888021a7fe68 [ 98.611683] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.612289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.612727] CR2: 00007f4b877410e8 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 98.613330] PKRU: 55555554 [ 98.613660] Call Trace: [ 98.613862] [ 98.614041] __iommufd_access_detach+0x1c2/0x2b0 [ 98.614425] iommufd_access_change_pt+0x149/0x270 [ 98.614837] iommufd_access_replace+0xb4/0x120 [ 98.615213] iommufd_test+0x3e5/0x37e0 [ 98.615526] ? lock_release+0x532/0x770 [ 98.615855] ? __might_fault+0x102/0x1b0 [ 98.616268] ? lock_acquire+0x427/0x4c0 [ 98.616706] ? __pfx_iommufd_test+0x10/0x10 [ 98.617055] ? __pfx_lock_release+0x10/0x10 [ 98.617405] ? __pfx_lock_acquire+0x10/0x10 [ 98.617761] ? write_comp_data+0x2f/0x90 [ 98.618126] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.618677] ? write_comp_data+0x2f/0x90 [ 98.619030] iommufd_fops_ioctl+0x37d/0x510 [ 98.619391] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.619798] ? write_comp_data+0x2f/0x90 [ 98.620133] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.620524] __x64_sys_ioctl+0x1a3/0x230 [ 98.620874] do_syscall_64+0x3b/0x90 [ 98.621407] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.621832] RIP: 0033:0x7f4b8743ee5d [ 98.622135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.623848] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.624463] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.625048] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.625611] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.626350] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.626939] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.627530] [ 98.627719] irq event stamp: 0 [ 98.627972] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.628498] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.629308] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.629983] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.630489] ---[ end trace 0000000000000000 ]--- [ 98.633668] ------------[ cut here ]------------ [ 98.634076] WARNING: CPU: 0 PID: 863 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.634918] Modules linked in: [ 98.635200] CPU: 0 PID: 863 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.635975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.636989] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.637389] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.639059] RSP: 0018:ffff888021a7fbd0 EFLAGS: 00010246 [ 98.639505] RAX: 0000000000000000 RBX: ffff88801587d0a8 RCX: 0000000000000000 [ 98.640070] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 98.640708] RBP: ffff888021a7fbe8 R08: ffffed1002b0fa33 R09: ffffed1002b0fa33 [ 98.641364] R10: ffff88801587d193 R11: ffffed1002b0fa32 R12: ffff888012e96800 [ 98.641930] R13: ffff88801587d1e8 R14: ffff888013a64b00 R15: 0000000000000000 [ 98.642545] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.643354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.643827] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 98.644394] PKRU: 55555554 [ 98.644621] Call Trace: [ 98.644835] [ 98.645018] iommufd_access_destroy_object+0x65/0x170 [ 98.645506] iommufd_object_destroy_user+0x18e/0x220 [ 98.646004] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.646486] iommufd_access_destroy+0x43/0x70 [ 98.646897] iommufd_test_staccess_release+0x8d/0xd0 [ 98.647333] __fput+0x26d/0xa40 [ 98.647612] ____fput+0x1e/0x30 [ 98.647885] task_work_run+0x1a4/0x2d0 [ 98.648379] ? __pfx_task_work_run+0x10/0x10 [ 98.648740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.649142] ? switch_task_namespaces+0xa9/0xe0 [ 98.649525] do_exit+0xb17/0x2ef0 [ 98.649806] ? lock_acquire+0x427/0x4c0 [ 98.650164] ? __pfx_lock_release+0x10/0x10 [ 98.650684] ? __kasan_check_write+0x18/0x20 [ 98.651044] ? do_raw_spin_lock+0x132/0x2a0 [ 98.651405] ? __pfx_do_exit+0x10/0x10 [ 98.651733] ? debug_smp_processor_id+0x20/0x30 [ 98.652123] ? rcu_is_watching+0x19/0xb0 [ 98.652531] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.653069] ? trace_hardirqs_on+0x26/0x120 [ 98.653439] do_group_exit+0xe0/0x2b0 [ 98.653785] __x64_sys_exit_group+0x47/0x50 [ 98.654230] do_syscall_64+0x3b/0x90 [ 98.654573] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.655002] RIP: 0033:0x7f4b87518a4d [ 98.655375] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.655986] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.656623] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.657324] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.657947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.658637] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.659235] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.659966] [ 98.660157] irq event stamp: 0 [ 98.660422] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.661109] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.661808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.662694] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.663247] ---[ end trace 0000000000000000 ]--- [ 98.664145] ------------[ cut here ]------------ [ 98.664548] WARNING: CPU: 0 PID: 863 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.665618] Modules linked in: [ 98.665896] CPU: 0 PID: 863 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.666812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.667791] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.668242] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.669805] RSP: 0018:ffff888021a7fb78 EFLAGS: 00010246 [ 98.670271] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.670911] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 98.671543] RBP: ffff888021a7fb98 R08: ffffed1002b0fa3e R09: ffffed1002b0fa3e [ 98.672157] R10: ffff88801587d1ef R11: ffffed1002b0fa3d R12: ffff88801587d290 [ 98.672768] R13: ffff88801587d0a8 R14: ffffffffffffffff R15: ffff888021a7fc60 [ 98.673385] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.674079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.674611] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 98.675249] PKRU: 55555554 [ 98.675494] Call Trace: [ 98.675713] [ 98.675907] iommufd_ioas_destroy+0x53/0x70 [ 98.676286] iommufd_fops_release+0x1f7/0x370 [ 98.676674] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.677113] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.677539] ? write_comp_data+0x2f/0x90 [ 98.677909] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.678341] __fput+0x26d/0xa40 [ 98.678679] ____fput+0x1e/0x30 [ 98.678973] task_work_run+0x1a4/0x2d0 [ 98.679324] ? __pfx_task_work_run+0x10/0x10 [ 98.679716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.680155] ? switch_task_namespaces+0xa9/0xe0 [ 98.680566] do_exit+0xb17/0x2ef0 [ 98.680865] ? lock_acquire+0x427/0x4c0 [ 98.681223] ? __pfx_lock_release+0x10/0x10 [ 98.681600] ? __kasan_check_write+0x18/0x20 [ 98.681980] ? do_raw_spin_lock+0x132/0x2a0 [ 98.682347] ? __pfx_do_exit+0x10/0x10 [ 98.682715] ? debug_smp_processor_id+0x20/0x30 [ 98.683131] ? rcu_is_watching+0x19/0xb0 [ 98.683481] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.683878] ? trace_hardirqs_on+0x26/0x120 [ 98.684263] do_group_exit+0xe0/0x2b0 [ 98.684591] __x64_sys_exit_group+0x47/0x50 [ 98.685007] do_syscall_64+0x3b/0x90 [ 98.685342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.685797] RIP: 0033:0x7f4b87518a4d [ 98.686121] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.686670] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.687340] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.687948] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.688566] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.689181] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.689787] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.690398] [ 98.690623] irq event stamp: 0 [ 98.690900] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.691454] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.692176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.692885] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.693427] ---[ end trace 0000000000000000 ]--- [ 98.698210] ------------[ cut here ]------------ [ 98.698699] WARNING: CPU: 0 PID: 864 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.699714] Modules linked in: [ 98.700044] CPU: 0 PID: 864 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.700896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.702009] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.702436] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.704230] RSP: 0018:ffff888012e4fbb8 EFLAGS: 00010246 [ 98.704733] RAX: 0000000000000000 RBX: ffff888010b9b8a8 RCX: 0000000000000000 [ 98.705469] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 98.706123] RBP: ffff888012e4fbd0 R08: ffffed1002173733 R09: ffffed1002173733 [ 98.706870] R10: ffff888010b9b993 R11: ffffed1002173732 R12: ffff888012eaa800 [ 98.707497] R13: ffff888010b9b9e8 R14: ffffffff8352e670 R15: ffff888012e4fe68 [ 98.708269] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.708954] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.709609] CR2: 00007f4b877410e8 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 98.710217] PKRU: 55555554 [ 98.710555] Call Trace: [ 98.710893] [ 98.711092] __iommufd_access_detach+0x1c2/0x2b0 [ 98.711541] iommufd_access_change_pt+0x149/0x270 [ 98.711978] iommufd_access_replace+0xb4/0x120 [ 98.712534] iommufd_test+0x3e5/0x37e0 [ 98.712875] ? lock_release+0x532/0x770 [ 98.713248] ? __might_fault+0x102/0x1b0 [ 98.713748] ? lock_acquire+0x427/0x4c0 [ 98.714103] ? __pfx_iommufd_test+0x10/0x10 [ 98.714476] ? __pfx_lock_release+0x10/0x10 [ 98.714909] ? __pfx_lock_acquire+0x10/0x10 [ 98.715473] ? write_comp_data+0x2f/0x90 [ 98.715835] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.716258] ? write_comp_data+0x2f/0x90 [ 98.716709] iommufd_fops_ioctl+0x37d/0x510 [ 98.717234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.717665] ? write_comp_data+0x2f/0x90 [ 98.718106] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.718615] __x64_sys_ioctl+0x1a3/0x230 [ 98.718980] do_syscall_64+0x3b/0x90 [ 98.719334] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.719784] RIP: 0033:0x7f4b8743ee5d [ 98.720106] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.721652] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.722313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.722959] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.723588] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.724209] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.724816] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.725435] [ 98.725640] irq event stamp: 0 [ 98.725908] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.726454] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.727203] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.727934] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.728470] ---[ end trace 0000000000000000 ]--- [ 98.731452] ------------[ cut here ]------------ [ 98.731890] WARNING: CPU: 0 PID: 864 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.732765] Modules linked in: [ 98.733040] CPU: 0 PID: 864 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.733791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.734773] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.735200] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.736693] RSP: 0018:ffff888012e4fbd0 EFLAGS: 00010246 [ 98.737125] RAX: 0000000000000000 RBX: ffff888010b9b8a8 RCX: 0000000000000000 [ 98.737703] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 98.738276] RBP: ffff888012e4fbe8 R08: ffffed1002173733 R09: ffffed1002173733 [ 98.738873] R10: ffff888010b9b993 R11: ffffed1002173732 R12: ffff8880129c4800 [ 98.739462] R13: ffff888010b9b9e8 R14: ffff888020a7d900 R15: 0000000000000000 [ 98.740041] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.740694] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.741165] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.741754] PKRU: 55555554 [ 98.741990] Call Trace: [ 98.742200] [ 98.742385] iommufd_access_destroy_object+0x65/0x170 [ 98.742841] iommufd_object_destroy_user+0x18e/0x220 [ 98.743271] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.743761] iommufd_access_destroy+0x43/0x70 [ 98.744143] iommufd_test_staccess_release+0x8d/0xd0 [ 98.744566] __fput+0x26d/0xa40 [ 98.744847] ____fput+0x1e/0x30 [ 98.745121] task_work_run+0x1a4/0x2d0 [ 98.745459] ? __pfx_task_work_run+0x10/0x10 [ 98.745820] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.746218] ? switch_task_namespaces+0xa9/0xe0 [ 98.746641] do_exit+0xb17/0x2ef0 [ 98.746935] ? lock_acquire+0x427/0x4c0 [ 98.747289] ? __pfx_lock_release+0x10/0x10 [ 98.747648] ? __kasan_check_write+0x18/0x20 [ 98.748013] ? do_raw_spin_lock+0x132/0x2a0 [ 98.748365] ? __pfx_do_exit+0x10/0x10 [ 98.748689] ? debug_smp_processor_id+0x20/0x30 [ 98.749118] ? rcu_is_watching+0x19/0xb0 [ 98.749453] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.749835] ? trace_hardirqs_on+0x26/0x120 [ 98.750191] do_group_exit+0xe0/0x2b0 [ 98.750500] __x64_sys_exit_group+0x47/0x50 [ 98.750881] do_syscall_64+0x3b/0x90 [ 98.751206] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.751644] RIP: 0033:0x7f4b87518a4d [ 98.751945] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.752438] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.753059] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.753630] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.754213] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.754814] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.755401] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.755977] [ 98.756179] irq event stamp: 0 [ 98.756433] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.756947] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.757625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.758303] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.758842] ---[ end trace 0000000000000000 ]--- [ 98.759568] ------------[ cut here ]------------ [ 98.759949] WARNING: CPU: 0 PID: 864 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.760768] Modules linked in: [ 98.761037] CPU: 0 PID: 864 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.761731] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.762651] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.763072] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.764571] RSP: 0018:ffff888012e4fb78 EFLAGS: 00010246 [ 98.764999] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.765577] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 98.766154] RBP: ffff888012e4fb98 R08: ffffed100217373e R09: ffffed100217373e [ 98.766746] R10: ffff888010b9b9ef R11: ffffed100217373d R12: ffff888010b9ba90 [ 98.767344] R13: ffff888010b9b8a8 R14: ffffffffffffffff R15: ffff888012e4fc60 [ 98.767913] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.768567] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.769042] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.769616] PKRU: 55555554 [ 98.769843] Call Trace: [ 98.770050] [ 98.770238] iommufd_ioas_destroy+0x53/0x70 [ 98.770618] iommufd_fops_release+0x1f7/0x370 [ 98.770995] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.771417] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.771825] ? write_comp_data+0x2f/0x90 [ 98.772164] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.772567] __fput+0x26d/0xa40 [ 98.772858] ____fput+0x1e/0x30 [ 98.773131] task_work_run+0x1a4/0x2d0 [ 98.773461] ? __pfx_task_work_run+0x10/0x10 [ 98.773823] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.774231] ? switch_task_namespaces+0xa9/0xe0 [ 98.774639] do_exit+0xb17/0x2ef0 [ 98.774928] ? lock_acquire+0x427/0x4c0 [ 98.775266] ? __pfx_lock_release+0x10/0x10 [ 98.775632] ? __kasan_check_write+0x18/0x20 [ 98.776002] ? do_raw_spin_lock+0x132/0x2a0 [ 98.776359] ? __pfx_do_exit+0x10/0x10 [ 98.776682] ? debug_smp_processor_id+0x20/0x30 [ 98.777061] ? rcu_is_watching+0x19/0xb0 [ 98.777401] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.777782] ? trace_hardirqs_on+0x26/0x120 [ 98.778138] do_group_exit+0xe0/0x2b0 [ 98.778452] __x64_sys_exit_group+0x47/0x50 [ 98.778835] do_syscall_64+0x3b/0x90 [ 98.779160] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.779604] RIP: 0033:0x7f4b87518a4d [ 98.779906] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.780413] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.781093] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.781672] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.782253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.782858] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.783460] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.784044] [ 98.784235] irq event stamp: 0 [ 98.784492] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.785014] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.785691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.786367] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.786955] ---[ end trace 0000000000000000 ]--- [ 98.790808] ------------[ cut here ]------------ [ 98.791208] WARNING: CPU: 0 PID: 865 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.791999] Modules linked in: [ 98.792260] CPU: 0 PID: 865 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.792935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.793819] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.794215] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.795847] RSP: 0018:ffff888021a37bb8 EFLAGS: 00010246 [ 98.796273] RAX: 0000000000000000 RBX: ffff8880161670a8 RCX: 0000000000000000 [ 98.796828] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 98.797395] RBP: ffff888021a37bd0 R08: ffffed1002c2ce33 R09: ffffed1002c2ce33 [ 98.797957] R10: ffff888016167193 R11: ffffed1002c2ce32 R12: ffff88801805ec00 [ 98.798543] R13: ffff8880161671e8 R14: ffffffff8352e670 R15: ffff888021a37e68 [ 98.799099] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.799740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.800198] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 98.800761] PKRU: 55555554 [ 98.800985] Call Trace: [ 98.801187] [ 98.801366] __iommufd_access_detach+0x1c2/0x2b0 [ 98.801760] iommufd_access_change_pt+0x149/0x270 [ 98.802152] iommufd_access_replace+0xb4/0x120 [ 98.802536] iommufd_test+0x3e5/0x37e0 [ 98.802846] ? lock_release+0x532/0x770 [ 98.803173] ? __might_fault+0x102/0x1b0 [ 98.803494] ? lock_acquire+0x427/0x4c0 [ 98.803818] ? __pfx_iommufd_test+0x10/0x10 [ 98.804148] ? __pfx_lock_release+0x10/0x10 [ 98.804486] ? __pfx_lock_acquire+0x10/0x10 [ 98.804834] ? write_comp_data+0x2f/0x90 [ 98.805158] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.805549] ? write_comp_data+0x2f/0x90 [ 98.805874] iommufd_fops_ioctl+0x37d/0x510 [ 98.806227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.806633] ? write_comp_data+0x2f/0x90 [ 98.806962] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.807348] __x64_sys_ioctl+0x1a3/0x230 [ 98.807679] do_syscall_64+0x3b/0x90 [ 98.807981] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.808387] RIP: 0033:0x7f4b8743ee5d [ 98.808679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.810093] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.810712] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.811279] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.811839] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.812394] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.812973] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.813549] [ 98.813729] irq event stamp: 0 [ 98.813973] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.814469] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.815144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.815808] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.816318] ---[ end trace 0000000000000000 ]--- [ 98.819265] ------------[ cut here ]------------ [ 98.819768] WARNING: CPU: 0 PID: 865 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.820564] Modules linked in: [ 98.820927] CPU: 0 PID: 865 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.821594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.822736] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.823148] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.824705] RSP: 0018:ffff888021a37bd0 EFLAGS: 00010246 [ 98.825253] RAX: 0000000000000000 RBX: ffff8880161670a8 RCX: 0000000000000000 [ 98.825803] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 98.826498] RBP: ffff888021a37be8 R08: ffffed1002c2ce33 R09: ffffed1002c2ce33 [ 98.827084] R10: ffff888016167193 R11: ffffed1002c2ce32 R12: ffff888012eabc00 [ 98.827699] R13: ffff8880161671e8 R14: ffff88800f025300 R15: 0000000000000000 [ 98.828340] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.829005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.829534] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.830095] PKRU: 55555554 [ 98.830432] Call Trace: [ 98.830655] [ 98.830829] iommufd_access_destroy_object+0x65/0x170 [ 98.831246] iommufd_object_destroy_user+0x18e/0x220 [ 98.831642] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.832236] iommufd_access_destroy+0x43/0x70 [ 98.832603] iommufd_test_staccess_release+0x8d/0xd0 [ 98.833068] __fput+0x26d/0xa40 [ 98.833439] ____fput+0x1e/0x30 [ 98.833724] task_work_run+0x1a4/0x2d0 [ 98.834044] ? __pfx_task_work_run+0x10/0x10 [ 98.834463] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.834991] ? switch_task_namespaces+0xa9/0xe0 [ 98.835397] do_exit+0xb17/0x2ef0 [ 98.835687] ? lock_acquire+0x427/0x4c0 [ 98.836056] ? __pfx_lock_release+0x10/0x10 [ 98.836539] ? __kasan_check_write+0x18/0x20 [ 98.836905] ? do_raw_spin_lock+0x132/0x2a0 [ 98.837263] ? __pfx_do_exit+0x10/0x10 [ 98.837744] ? debug_smp_processor_id+0x20/0x30 [ 98.838135] ? rcu_is_watching+0x19/0xb0 [ 98.838454] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.839046] ? trace_hardirqs_on+0x26/0x120 [ 98.839427] do_group_exit+0xe0/0x2b0 [ 98.839744] __x64_sys_exit_group+0x47/0x50 [ 98.840094] do_syscall_64+0x3b/0x90 [ 98.840438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.840995] RIP: 0033:0x7f4b87518a4d [ 98.841301] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.841937] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.842589] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.843182] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.843919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.844506] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.845270] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.845873] [ 98.846133] irq event stamp: 0 [ 98.846462] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.847002] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.847758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.848529] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.849047] ---[ end trace 0000000000000000 ]--- [ 98.849908] ------------[ cut here ]------------ [ 98.850293] WARNING: CPU: 0 PID: 865 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.851290] Modules linked in: [ 98.851568] CPU: 0 PID: 865 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.852463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.853403] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.853848] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.855421] RSP: 0018:ffff888021a37b78 EFLAGS: 00010246 [ 98.855878] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.856468] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 98.857064] RBP: ffff888021a37b98 R08: ffffed1002c2ce3e R09: ffffed1002c2ce3e [ 98.857655] R10: ffff8880161671ef R11: ffffed1002c2ce3d R12: ffff888016167290 [ 98.858259] R13: ffff8880161670a8 R14: ffffffffffffffff R15: ffff888021a37c60 [ 98.858891] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 98.859585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.860079] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 98.860678] PKRU: 55555554 [ 98.860920] Call Trace: [ 98.861149] [ 98.861340] iommufd_ioas_destroy+0x53/0x70 [ 98.861710] iommufd_fops_release+0x1f7/0x370 [ 98.862094] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.862539] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.862956] ? write_comp_data+0x2f/0x90 [ 98.863326] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.863758] __fput+0x26d/0xa40 [ 98.864063] ____fput+0x1e/0x30 [ 98.864353] task_work_run+0x1a4/0x2d0 [ 98.864692] ? __pfx_task_work_run+0x10/0x10 [ 98.865067] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.865489] ? switch_task_namespaces+0xa9/0xe0 [ 98.865890] do_exit+0xb17/0x2ef0 [ 98.866184] ? lock_acquire+0x427/0x4c0 [ 98.866550] ? __pfx_lock_release+0x10/0x10 [ 98.866925] ? __kasan_check_write+0x18/0x20 [ 98.867308] ? do_raw_spin_lock+0x132/0x2a0 [ 98.867680] ? __pfx_do_exit+0x10/0x10 [ 98.868027] ? debug_smp_processor_id+0x20/0x30 [ 98.868420] ? rcu_is_watching+0x19/0xb0 [ 98.868778] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.869164] ? trace_hardirqs_on+0x26/0x120 [ 98.869546] do_group_exit+0xe0/0x2b0 [ 98.869869] __x64_sys_exit_group+0x47/0x50 [ 98.870240] do_syscall_64+0x3b/0x90 [ 98.870588] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.870844] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 98.871046] RIP: 0033:0x7f4b87518a4d [ 98.872830] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 98.873108] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.874849] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.875506] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.876109] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.876708] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.877347] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.877938] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.878566] [ 98.878776] irq event stamp: 0 [ 98.879045] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.879597] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.880308] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.881020] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.881559] ---[ end trace 0000000000000000 ]--- [ 98.885609] ------------[ cut here ]------------ [ 98.886052] WARNING: CPU: 1 PID: 867 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.886975] Modules linked in: [ 98.887266] CPU: 1 PID: 867 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.888017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.888990] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.889423] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.891011] RSP: 0018:ffff888014b8fbb8 EFLAGS: 00010246 [ 98.891482] RAX: 0000000000000000 RBX: ffff888015fee0a8 RCX: 0000000000000000 [ 98.892104] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 98.892729] RBP: ffff888014b8fbd0 R08: ffffed1002bfdc33 R09: ffffed1002bfdc33 [ 98.893350] R10: ffff888015fee193 R11: ffffed1002bfdc32 R12: ffff888014581000 [ 98.893970] R13: ffff888015fee1e8 R14: ffffffff8352e670 R15: ffff888014b8fe68 [ 98.894597] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 98.895299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.895802] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 98.896420] PKRU: 55555554 [ 98.896667] Call Trace: [ 98.896894] [ 98.897091] __iommufd_access_detach+0x1c2/0x2b0 [ 98.897516] iommufd_access_change_pt+0x149/0x270 [ 98.897951] iommufd_access_replace+0xb4/0x120 [ 98.898362] iommufd_test+0x3e5/0x37e0 [ 98.898721] ? lock_release+0x532/0x770 [ 98.899079] ? __might_fault+0x102/0x1b0 [ 98.899450] ? lock_acquire+0x427/0x4c0 [ 98.899807] ? __pfx_iommufd_test+0x10/0x10 [ 98.900182] ? __pfx_lock_release+0x10/0x10 [ 98.900569] ? __pfx_lock_acquire+0x10/0x10 [ 98.900957] ? write_comp_data+0x2f/0x90 [ 98.901322] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.901749] ? write_comp_data+0x2f/0x90 [ 98.902112] iommufd_fops_ioctl+0x37d/0x510 [ 98.902497] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.902945] ? write_comp_data+0x2f/0x90 [ 98.903317] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 98.903750] __x64_sys_ioctl+0x1a3/0x230 [ 98.904120] do_syscall_64+0x3b/0x90 [ 98.904457] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.904925] RIP: 0033:0x7f4b8743ee5d [ 98.905252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 98.906853] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 98.907530] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 98.908157] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 98.908782] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 98.909404] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 98.910025] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 98.910718] [ 98.910935] irq event stamp: 0 [ 98.911235] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.911818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.912589] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.913355] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.913935] ---[ end trace 0000000000000000 ]--- [ 98.917350] ------------[ cut here ]------------ [ 98.917830] WARNING: CPU: 1 PID: 867 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.919219] Modules linked in: [ 98.919524] CPU: 1 PID: 867 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.920319] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.921512] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.921974] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.923839] RSP: 0018:ffff888014b8fbd0 EFLAGS: 00010246 [ 98.924371] RAX: 0000000000000000 RBX: ffff888015fee0a8 RCX: 0000000000000000 [ 98.925139] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 98.925797] RBP: ffff888014b8fbe8 R08: ffffed1002bfdc33 R09: ffffed1002bfdc33 [ 98.926615] R10: ffff888015fee193 R11: ffffed1002bfdc32 R12: ffff888012f1d400 [ 98.927290] R13: ffff888015fee1e8 R14: ffff888020e5f700 R15: 0000000000000000 [ 98.927987] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 98.928825] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.929356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 98.930150] PKRU: 55555554 [ 98.930412] Call Trace: [ 98.930674] [ 98.930889] iommufd_access_destroy_object+0x65/0x170 [ 98.931391] iommufd_object_destroy_user+0x18e/0x220 [ 98.931958] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 98.932608] iommufd_access_destroy+0x43/0x70 [ 98.933041] iommufd_test_staccess_release+0x8d/0xd0 [ 98.933622] __fput+0x26d/0xa40 [ 98.934063] ____fput+0x1e/0x30 [ 98.934386] task_work_run+0x1a4/0x2d0 [ 98.934785] ? __pfx_task_work_run+0x10/0x10 [ 98.935227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.935785] ? switch_task_namespaces+0xa9/0xe0 [ 98.936370] do_exit+0xb17/0x2ef0 [ 98.936695] ? lock_acquire+0x427/0x4c0 [ 98.937080] ? __pfx_lock_release+0x10/0x10 [ 98.937628] ? __kasan_check_write+0x18/0x20 [ 98.938048] ? do_raw_spin_lock+0x132/0x2a0 [ 98.938457] ? __pfx_do_exit+0x10/0x10 [ 98.938852] ? debug_smp_processor_id+0x20/0x30 [ 98.939324] ? rcu_is_watching+0x19/0xb0 [ 98.939841] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.940275] ? trace_hardirqs_on+0x26/0x120 [ 98.940691] do_group_exit+0xe0/0x2b0 [ 98.941113] __x64_sys_exit_group+0x47/0x50 [ 98.941594] do_syscall_64+0x3b/0x90 [ 98.941949] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.942435] RIP: 0033:0x7f4b87518a4d [ 98.942859] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.943500] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.944219] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.944968] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.945702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.946380] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.947180] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.947845] [ 98.948069] irq event stamp: 0 [ 98.948381] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.949075] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.949847] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.950641] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.951233] ---[ end trace 0000000000000000 ]--- [ 98.952034] ------------[ cut here ]------------ [ 98.952469] WARNING: CPU: 1 PID: 867 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 98.953399] Modules linked in: [ 98.953697] CPU: 1 PID: 867 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.954486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.955541] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 98.956013] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 98.957690] RSP: 0018:ffff888014b8fb78 EFLAGS: 00010246 [ 98.958177] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 98.958842] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 98.959488] RBP: ffff888014b8fb98 R08: ffffed1002bfdc3e R09: ffffed1002bfdc3e [ 98.960129] R10: ffff888015fee1ef R11: ffffed1002bfdc3d R12: ffff888015fee290 [ 98.960773] R13: ffff888015fee0a8 R14: ffffffffffffffff R15: ffff888014b8fc60 [ 98.961416] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 98.962143] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.962693] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 98.963349] PKRU: 55555554 [ 98.963606] Call Trace: [ 98.963839] [ 98.964048] iommufd_ioas_destroy+0x53/0x70 [ 98.964451] iommufd_fops_release+0x1f7/0x370 [ 98.964875] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.965330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.965785] ? write_comp_data+0x2f/0x90 [ 98.966164] ? __pfx_iommufd_fops_release+0x10/0x10 [ 98.966642] __fput+0x26d/0xa40 [ 98.966960] ____fput+0x1e/0x30 [ 98.967278] task_work_run+0x1a4/0x2d0 [ 98.967643] ? __pfx_task_work_run+0x10/0x10 [ 98.968050] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 98.968503] ? switch_task_namespaces+0xa9/0xe0 [ 98.968918] do_exit+0xb17/0x2ef0 [ 98.969223] ? lock_acquire+0x427/0x4c0 [ 98.969579] ? __pfx_lock_release+0x10/0x10 [ 98.969958] ? __kasan_check_write+0x18/0x20 [ 98.970344] ? do_raw_spin_lock+0x132/0x2a0 [ 98.970738] ? __pfx_do_exit+0x10/0x10 [ 98.971089] ? debug_smp_processor_id+0x20/0x30 [ 98.971500] ? rcu_is_watching+0x19/0xb0 [ 98.971856] ? _raw_spin_unlock_irq+0x2b/0x60 [ 98.972255] ? trace_hardirqs_on+0x26/0x120 [ 98.972636] do_group_exit+0xe0/0x2b0 [ 98.972967] __x64_sys_exit_group+0x47/0x50 [ 98.973336] do_syscall_64+0x3b/0x90 [ 98.973666] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 98.974114] RIP: 0033:0x7f4b87518a4d [ 98.974434] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 98.974978] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 98.975634] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 98.976244] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 98.976852] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 98.977462] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 98.978071] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 98.978720] [ 98.978924] irq event stamp: 0 [ 98.979203] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 98.979742] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 98.980466] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 98.981173] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 98.981714] ---[ end trace 0000000000000000 ]--- [ 98.985484] ------------[ cut here ]------------ [ 98.985938] WARNING: CPU: 1 PID: 868 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 98.986837] Modules linked in: [ 98.987128] CPU: 1 PID: 868 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 98.987865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 98.988829] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 98.989257] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 98.990827] RSP: 0018:ffff888015b67bb8 EFLAGS: 00010246 [ 98.991294] RAX: 0000000000000000 RBX: ffff88800f6038a8 RCX: 0000000000000000 [ 98.991904] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 98.992504] RBP: ffff888015b67bd0 R08: ffffed1001ec0733 R09: ffffed1001ec0733 [ 98.993106] R10: ffff88800f603993 R11: ffffed1001ec0732 R12: ffff888010c0b400 [ 98.993706] R13: ffff88800f6039e8 R14: ffffffff8352e670 R15: ffff888015b67e68 [ 98.994307] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 98.995001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.995495] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 98.996070] PKRU: 55555554 [ 98.996301] Call Trace: [ 98.996510] [ 98.996694] __iommufd_access_detach+0x1c2/0x2b0 [ 98.997118] iommufd_access_change_pt+0x149/0x270 [ 98.997521] iommufd_access_replace+0xb4/0x120 [ 98.997905] iommufd_test+0x3e5/0x37e0 [ 98.998226] ? lock_release+0x532/0x770 [ 98.998585] ? __might_fault+0x102/0x1b0 [ 98.998930] ? lock_acquire+0x427/0x4c0 [ 98.999271] ? __pfx_iommufd_test+0x10/0x10 [ 98.999628] ? __pfx_lock_release+0x10/0x10 [ 98.999987] ? __pfx_lock_acquire+0x10/0x10 [ 99.000345] ? write_comp_data+0x2f/0x90 [ 99.000687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.001095] ? write_comp_data+0x2f/0x90 [ 99.001433] iommufd_fops_ioctl+0x37d/0x510 [ 99.001787] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.002186] ? write_comp_data+0x2f/0x90 [ 99.002545] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.002943] __x64_sys_ioctl+0x1a3/0x230 [ 99.003295] do_syscall_64+0x3b/0x90 [ 99.003614] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.004046] RIP: 0033:0x7f4b8743ee5d [ 99.004349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.005828] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.006444] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.007042] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.007623] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.008193] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.008762] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.009343] [ 99.009531] irq event stamp: 0 [ 99.009785] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.010289] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.010984] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.011665] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.012176] ---[ end trace 0000000000000000 ]--- [ 99.014981] ------------[ cut here ]------------ [ 99.015399] WARNING: CPU: 1 PID: 868 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.016210] Modules linked in: [ 99.016473] CPU: 1 PID: 868 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.017179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.018090] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.018497] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.020018] RSP: 0018:ffff888015b67bd0 EFLAGS: 00010246 [ 99.020453] RAX: 0000000000000000 RBX: ffff88800f6038a8 RCX: 0000000000000000 [ 99.021032] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 99.021604] RBP: ffff888015b67be8 R08: ffffed1001ec0733 R09: ffffed1001ec0733 [ 99.022179] R10: ffff88800f603993 R11: ffffed1001ec0732 R12: ffff888014580400 [ 99.022776] R13: ffff88800f6039e8 R14: ffff88800fd8c500 R15: 0000000000000000 [ 99.023368] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.024013] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.024483] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.025063] PKRU: 55555554 [ 99.025294] Call Trace: [ 99.025501] [ 99.025686] iommufd_access_destroy_object+0x65/0x170 [ 99.026109] iommufd_object_destroy_user+0x18e/0x220 [ 99.026544] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.027026] iommufd_access_destroy+0x43/0x70 [ 99.027410] iommufd_test_staccess_release+0x8d/0xd0 [ 99.027835] __fput+0x26d/0xa40 [ 99.028122] ____fput+0x1e/0x30 [ 99.028406] task_work_run+0x1a4/0x2d0 [ 99.028729] ? __pfx_task_work_run+0x10/0x10 [ 99.029091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.029491] ? switch_task_namespaces+0xa9/0xe0 [ 99.029882] do_exit+0xb17/0x2ef0 [ 99.030169] ? lock_acquire+0x427/0x4c0 [ 99.030526] ? __pfx_lock_release+0x10/0x10 [ 99.030884] ? __kasan_check_write+0x18/0x20 [ 99.031261] ? do_raw_spin_lock+0x132/0x2a0 [ 99.031616] ? __pfx_do_exit+0x10/0x10 [ 99.031940] ? debug_smp_processor_id+0x20/0x30 [ 99.032327] ? rcu_is_watching+0x19/0xb0 [ 99.032660] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.033033] ? trace_hardirqs_on+0x26/0x120 [ 99.033388] do_group_exit+0xe0/0x2b0 [ 99.033697] __x64_sys_exit_group+0x47/0x50 [ 99.034048] do_syscall_64+0x3b/0x90 [ 99.034361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.034805] RIP: 0033:0x7f4b87518a4d [ 99.035122] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.035621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.036231] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.036812] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.037383] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.037959] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.038546] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.039141] [ 99.039332] irq event stamp: 0 [ 99.039590] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.040100] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.040771] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.041430] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.041920] ---[ end trace 0000000000000000 ]--- [ 99.042644] ------------[ cut here ]------------ [ 99.043018] WARNING: CPU: 1 PID: 868 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.043833] Modules linked in: [ 99.044087] CPU: 1 PID: 868 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.044764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.045638] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.046064] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.047557] RSP: 0018:ffff888015b67b78 EFLAGS: 00010246 [ 99.047981] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.048533] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 99.049084] RBP: ffff888015b67b98 R08: ffffed1001ec073e R09: ffffed1001ec073e [ 99.049640] R10: ffff88800f6039ef R11: ffffed1001ec073d R12: ffff88800f603a90 [ 99.050191] R13: ffff88800f6038a8 R14: ffffffffffffffff R15: ffff888015b67c60 [ 99.050764] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.051394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.051836] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.052389] PKRU: 55555554 [ 99.052610] Call Trace: [ 99.052807] [ 99.052981] iommufd_ioas_destroy+0x53/0x70 [ 99.053319] iommufd_fops_release+0x1f7/0x370 [ 99.053670] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.054056] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.054443] ? write_comp_data+0x2f/0x90 [ 99.054786] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.055186] __fput+0x26d/0xa40 [ 99.055456] ____fput+0x1e/0x30 [ 99.055721] task_work_run+0x1a4/0x2d0 [ 99.056032] ? __pfx_task_work_run+0x10/0x10 [ 99.056377] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.056756] ? switch_task_namespaces+0xa9/0xe0 [ 99.057125] do_exit+0xb17/0x2ef0 [ 99.057399] ? lock_acquire+0x427/0x4c0 [ 99.057717] ? __pfx_lock_release+0x10/0x10 [ 99.058057] ? __kasan_check_write+0x18/0x20 [ 99.058403] ? do_raw_spin_lock+0x132/0x2a0 [ 99.058754] ? __pfx_do_exit+0x10/0x10 [ 99.059065] ? debug_smp_processor_id+0x20/0x30 [ 99.059434] ? rcu_is_watching+0x19/0xb0 [ 99.059754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.060108] ? trace_hardirqs_on+0x26/0x120 [ 99.060445] do_group_exit+0xe0/0x2b0 [ 99.060742] __x64_sys_exit_group+0x47/0x50 [ 99.061071] do_syscall_64+0x3b/0x90 [ 99.061369] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.061777] RIP: 0033:0x7f4b87518a4d [ 99.062064] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.062558] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.063160] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.063705] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.064250] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.064793] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.065335] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.065886] [ 99.066092] irq event stamp: 0 [ 99.066334] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.066830] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.067473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.068116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.068598] ---[ end trace 0000000000000000 ]--- [ 99.073004] ------------[ cut here ]------------ [ 99.073417] WARNING: CPU: 1 PID: 869 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.074420] Modules linked in: [ 99.074722] CPU: 1 PID: 869 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.075479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.076428] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.076818] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.078321] RSP: 0018:ffff888012d5fbb8 EFLAGS: 00010246 [ 99.078871] RAX: 0000000000000000 RBX: ffff888023f250a8 RCX: 0000000000000000 [ 99.079428] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 99.079977] RBP: ffff888012d5fbd0 R08: ffffed10047e4a33 R09: ffffed10047e4a33 [ 99.080666] R10: ffff888023f25193 R11: ffffed10047e4a32 R12: ffff888010b27000 [ 99.081217] R13: ffff888023f251e8 R14: ffffffff8352e670 R15: ffff888012d5fe68 [ 99.081829] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.082548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.083002] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 99.083710] PKRU: 55555554 [ 99.083940] Call Trace: [ 99.084141] [ 99.084319] __iommufd_access_detach+0x1c2/0x2b0 [ 99.084708] iommufd_access_change_pt+0x149/0x270 [ 99.085163] iommufd_access_replace+0xb4/0x120 [ 99.085607] iommufd_test+0x3e5/0x37e0 [ 99.085918] ? lock_release+0x532/0x770 [ 99.086262] ? __might_fault+0x102/0x1b0 [ 99.086704] ? lock_acquire+0x427/0x4c0 [ 99.087032] ? __pfx_iommufd_test+0x10/0x10 [ 99.087383] ? __pfx_lock_release+0x10/0x10 [ 99.087734] ? __pfx_lock_acquire+0x10/0x10 [ 99.088086] ? write_comp_data+0x2f/0x90 [ 99.088539] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.088936] ? write_comp_data+0x2f/0x90 [ 99.089266] iommufd_fops_ioctl+0x37d/0x510 [ 99.089655] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.090107] ? write_comp_data+0x2f/0x90 [ 99.090438] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.090843] __x64_sys_ioctl+0x1a3/0x230 [ 99.091189] do_syscall_64+0x3b/0x90 [ 99.091559] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.092057] RIP: 0033:0x7f4b8743ee5d [ 99.092354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.094284] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.095371] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.096171] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.097213] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.098001] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.099025] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.099871] [ 99.100156] irq event stamp: 0 [ 99.100570] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.101318] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.102341] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.103377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.103898] ---[ end trace 0000000000000000 ]--- [ 99.106675] ------------[ cut here ]------------ [ 99.107083] WARNING: CPU: 1 PID: 869 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.108004] Modules linked in: [ 99.108334] CPU: 1 PID: 869 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.109039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.110081] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.110493] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.112040] RSP: 0018:ffff888012d5fbd0 EFLAGS: 00010246 [ 99.112575] RAX: 0000000000000000 RBX: ffff888023f250a8 RCX: 0000000000000000 [ 99.113152] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 99.113732] RBP: ffff888012d5fbe8 R08: ffffed10047e4a33 R09: ffffed10047e4a33 [ 99.114441] R10: ffff888023f25193 R11: ffffed10047e4a32 R12: ffff888010c0bc00 [ 99.115038] R13: ffff888023f251e8 R14: ffff88800ef8a800 R15: 0000000000000000 [ 99.115626] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.116358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.116891] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.117509] PKRU: 55555554 [ 99.117764] Call Trace: [ 99.117988] [ 99.118266] iommufd_access_destroy_object+0x65/0x170 [ 99.118826] iommufd_object_destroy_user+0x18e/0x220 [ 99.119282] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.119794] iommufd_access_destroy+0x43/0x70 [ 99.120198] iommufd_test_staccess_release+0x8d/0xd0 [ 99.120697] __fput+0x26d/0xa40 [ 99.121099] ____fput+0x1e/0x30 [ 99.121397] task_work_run+0x1a4/0x2d0 [ 99.121744] ? __pfx_task_work_run+0x10/0x10 [ 99.122137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.122621] ? switch_task_namespaces+0xa9/0xe0 [ 99.123143] do_exit+0xb17/0x2ef0 [ 99.123449] ? lock_acquire+0x427/0x4c0 [ 99.123811] ? __pfx_lock_release+0x10/0x10 [ 99.124197] ? __kasan_check_write+0x18/0x20 [ 99.124590] ? do_raw_spin_lock+0x132/0x2a0 [ 99.124971] ? __pfx_do_exit+0x10/0x10 [ 99.125399] ? debug_smp_processor_id+0x20/0x30 [ 99.125870] ? rcu_is_watching+0x19/0xb0 [ 99.126233] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.126660] ? trace_hardirqs_on+0x26/0x120 [ 99.127048] do_group_exit+0xe0/0x2b0 [ 99.127400] __x64_sys_exit_group+0x47/0x50 [ 99.127815] do_syscall_64+0x3b/0x90 [ 99.128264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.128730] RIP: 0033:0x7f4b87518a4d [ 99.129056] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.129591] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.130406] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.131058] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.131693] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.132312] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.133087] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.133709] [ 99.133912] irq event stamp: 0 [ 99.134190] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.134925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.135671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.136395] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.136984] ---[ end trace 0000000000000000 ]--- [ 99.137898] ------------[ cut here ]------------ [ 99.138338] WARNING: CPU: 1 PID: 869 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.139311] Modules linked in: [ 99.139612] CPU: 1 PID: 869 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.140411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.141448] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.141926] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.143632] RSP: 0018:ffff888012d5fb78 EFLAGS: 00010246 [ 99.144125] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.144784] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 99.145442] RBP: ffff888012d5fb98 R08: ffffed10047e4a3e R09: ffffed10047e4a3e [ 99.146102] R10: ffff888023f251ef R11: ffffed10047e4a3d R12: ffff888023f25290 [ 99.146775] R13: ffff888023f250a8 R14: ffffffffffffffff R15: ffff888012d5fc60 [ 99.147440] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.148176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.148706] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.149354] PKRU: 55555554 [ 99.149615] Call Trace: [ 99.149848] [ 99.150056] iommufd_ioas_destroy+0x53/0x70 [ 99.150459] iommufd_fops_release+0x1f7/0x370 [ 99.150907] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.151390] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.151842] ? write_comp_data+0x2f/0x90 [ 99.152223] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.152680] __fput+0x26d/0xa40 [ 99.152998] ____fput+0x1e/0x30 [ 99.153310] task_work_run+0x1a4/0x2d0 [ 99.153675] ? __pfx_task_work_run+0x10/0x10 [ 99.154077] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.154552] ? switch_task_namespaces+0xa9/0xe0 [ 99.154994] do_exit+0xb17/0x2ef0 [ 99.155335] ? lock_acquire+0x427/0x4c0 [ 99.155733] ? __pfx_lock_release+0x10/0x10 [ 99.156150] ? __kasan_check_write+0x18/0x20 [ 99.156568] ? do_raw_spin_lock+0x132/0x2a0 [ 99.156974] ? __pfx_do_exit+0x10/0x10 [ 99.157356] ? debug_smp_processor_id+0x20/0x30 [ 99.157796] ? rcu_is_watching+0x19/0xb0 [ 99.158185] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.158645] ? trace_hardirqs_on+0x26/0x120 [ 99.159067] do_group_exit+0xe0/0x2b0 [ 99.159446] __x64_sys_exit_group+0x47/0x50 [ 99.159851] do_syscall_64+0x3b/0x90 [ 99.160213] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.160700] RIP: 0033:0x7f4b87518a4d [ 99.161049] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.161621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.162331] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.163020] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.163695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.164352] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.165012] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.165679] [ 99.165900] irq event stamp: 0 [ 99.166193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.166804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.167600] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.168378] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.168964] ---[ end trace 0000000000000000 ]--- [ 99.173960] ------------[ cut here ]------------ [ 99.174445] WARNING: CPU: 1 PID: 870 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.175444] Modules linked in: [ 99.175749] CPU: 1 PID: 870 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.176563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.177611] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.178082] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.179906] RSP: 0018:ffff8880180bfbb8 EFLAGS: 00010246 [ 99.180413] RAX: 0000000000000000 RBX: ffff8880149fa8a8 RCX: 0000000000000000 [ 99.181074] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 99.181732] RBP: ffff8880180bfbd0 R08: ffffed100293f533 R09: ffffed100293f533 [ 99.182389] R10: ffff8880149fa993 R11: ffffed100293f532 R12: ffff888016632000 [ 99.183075] R13: ffff8880149fa9e8 R14: ffffffff8352e670 R15: ffff8880180bfe68 [ 99.183749] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.184492] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.185032] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 99.185688] PKRU: 55555554 [ 99.185962] Call Trace: [ 99.186201] [ 99.186410] __iommufd_access_detach+0x1c2/0x2b0 [ 99.186893] iommufd_access_change_pt+0x149/0x270 [ 99.187383] iommufd_access_replace+0xb4/0x120 [ 99.187825] iommufd_test+0x3e5/0x37e0 [ 99.188193] ? lock_release+0x532/0x770 [ 99.188575] ? __might_fault+0x102/0x1b0 [ 99.188964] ? lock_acquire+0x427/0x4c0 [ 99.189347] ? __pfx_iommufd_test+0x10/0x10 [ 99.189752] ? __pfx_lock_release+0x10/0x10 [ 99.190166] ? __pfx_lock_acquire+0x10/0x10 [ 99.190607] ? write_comp_data+0x2f/0x90 [ 99.191004] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.191485] ? write_comp_data+0x2f/0x90 [ 99.191880] iommufd_fops_ioctl+0x37d/0x510 [ 99.192288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.192750] ? write_comp_data+0x2f/0x90 [ 99.193144] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.193599] __x64_sys_ioctl+0x1a3/0x230 [ 99.193998] do_syscall_64+0x3b/0x90 [ 99.194356] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.194868] RIP: 0033:0x7f4b8743ee5d [ 99.195229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.196917] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.197631] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.198311] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.199006] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.199688] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.200351] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.201020] [ 99.201241] irq event stamp: 0 [ 99.201534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.202121] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.202923] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.203710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.204296] ---[ end trace 0000000000000000 ]--- [ 99.208787] ------------[ cut here ]------------ [ 99.209262] WARNING: CPU: 1 PID: 870 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.210194] Modules linked in: [ 99.210495] CPU: 1 PID: 870 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.211369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.212415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.212890] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.214613] RSP: 0018:ffff8880180bfbd0 EFLAGS: 00010246 [ 99.215128] RAX: 0000000000000000 RBX: ffff8880149fa8a8 RCX: 0000000000000000 [ 99.215792] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 99.216456] RBP: ffff8880180bfbe8 R08: ffffed100293f533 R09: ffffed100293f533 [ 99.217124] R10: ffff8880149fa993 R11: ffffed100293f532 R12: ffff888010b25c00 [ 99.217789] R13: ffff8880149fa9e8 R14: ffff888020986c00 R15: 0000000000000000 [ 99.218464] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.219266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.219820] CR2: 0000000020000140 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 99.220485] PKRU: 55555554 [ 99.220754] Call Trace: [ 99.220997] [ 99.221212] iommufd_access_destroy_object+0x65/0x170 [ 99.221705] iommufd_object_destroy_user+0x18e/0x220 [ 99.222186] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.222770] iommufd_access_destroy+0x43/0x70 [ 99.223219] iommufd_test_staccess_release+0x8d/0xd0 [ 99.223713] __fput+0x26d/0xa40 [ 99.224045] ____fput+0x1e/0x30 [ 99.224369] task_work_run+0x1a4/0x2d0 [ 99.224745] ? __pfx_task_work_run+0x10/0x10 [ 99.225168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.225638] ? switch_task_namespaces+0xa9/0xe0 [ 99.226094] do_exit+0xb17/0x2ef0 [ 99.226423] ? lock_acquire+0x427/0x4c0 [ 99.226849] ? __pfx_lock_release+0x10/0x10 [ 99.227281] ? __kasan_check_write+0x18/0x20 [ 99.227703] ? do_raw_spin_lock+0x132/0x2a0 [ 99.228112] ? __pfx_do_exit+0x10/0x10 [ 99.228492] ? debug_smp_processor_id+0x20/0x30 [ 99.228931] ? rcu_is_watching+0x19/0xb0 [ 99.229318] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.229753] ? trace_hardirqs_on+0x26/0x120 [ 99.230169] do_group_exit+0xe0/0x2b0 [ 99.230598] __x64_sys_exit_group+0x47/0x50 [ 99.231007] do_syscall_64+0x3b/0x90 [ 99.231378] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.231875] RIP: 0033:0x7f4b87518a4d [ 99.232225] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.232798] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.233499] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.234157] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.234867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.235548] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.236212] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.236883] [ 99.237107] irq event stamp: 0 [ 99.237405] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.237992] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.238810] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.239599] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.240177] ---[ end trace 0000000000000000 ]--- [ 99.240988] ------------[ cut here ]------------ [ 99.241430] WARNING: CPU: 1 PID: 870 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.242375] Modules linked in: [ 99.242715] CPU: 1 PID: 870 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.243545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.244599] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.245085] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.246829] RSP: 0018:ffff8880180bfb78 EFLAGS: 00010246 [ 99.247353] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.248017] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 99.248680] RBP: ffff8880180bfb98 R08: ffffed100293f53e R09: ffffed100293f53e [ 99.249336] R10: ffff8880149fa9ef R11: ffffed100293f53d R12: ffff8880149faa90 [ 99.250013] R13: ffff8880149fa8a8 R14: ffffffffffffffff R15: ffff8880180bfc60 [ 99.250713] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.251490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.252040] CR2: 0000000020000140 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 99.252705] PKRU: 55555554 [ 99.252970] Call Trace: [ 99.253210] [ 99.253418] iommufd_ioas_destroy+0x53/0x70 [ 99.253832] iommufd_fops_release+0x1f7/0x370 [ 99.254261] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.254766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.255242] ? write_comp_data+0x2f/0x90 [ 99.255622] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.256095] __fput+0x26d/0xa40 [ 99.256419] ____fput+0x1e/0x30 [ 99.256738] task_work_run+0x1a4/0x2d0 [ 99.257112] ? __pfx_task_work_run+0x10/0x10 [ 99.257534] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.257996] ? switch_task_namespaces+0xa9/0xe0 [ 99.258456] do_exit+0xb17/0x2ef0 [ 99.258845] ? lock_acquire+0x427/0x4c0 [ 99.259278] ? __pfx_lock_release+0x10/0x10 [ 99.259730] ? __kasan_check_write+0x18/0x20 [ 99.260182] ? do_raw_spin_lock+0x132/0x2a0 [ 99.260620] ? __pfx_do_exit+0x10/0x10 [ 99.261044] ? debug_smp_processor_id+0x20/0x30 [ 99.261522] ? rcu_is_watching+0x19/0xb0 [ 99.261933] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.262396] ? trace_hardirqs_on+0x26/0x120 [ 99.262891] do_group_exit+0xe0/0x2b0 [ 99.263302] __x64_sys_exit_group+0x47/0x50 [ 99.263761] do_syscall_64+0x3b/0x90 [ 99.264152] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.264693] RIP: 0033:0x7f4b87518a4d [ 99.265078] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.265704] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.266480] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.267291] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.268018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.268744] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.269471] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.270201] [ 99.270441] irq event stamp: 0 [ 99.270797] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.271455] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.272302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.273142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.273784] ---[ end trace 0000000000000000 ]--- [ 99.278793] ------------[ cut here ]------------ [ 99.279374] WARNING: CPU: 1 PID: 871 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.280403] Modules linked in: [ 99.280730] CPU: 1 PID: 871 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.281613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.282991] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.283525] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.285381] RSP: 0018:ffff888010167bb8 EFLAGS: 00010246 [ 99.285934] RAX: 0000000000000000 RBX: ffff888023eb18a8 RCX: 0000000000000000 [ 99.286700] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 99.287447] RBP: ffff888010167bd0 R08: ffffed10047d6333 R09: ffffed10047d6333 [ 99.288175] R10: ffff888023eb1993 R11: ffffed10047d6332 R12: ffff888012e90000 [ 99.288908] R13: ffff888023eb19e8 R14: ffffffff8352e670 R15: ffff888010167e68 [ 99.289643] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.290467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.291103] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 99.291867] PKRU: 55555554 [ 99.292159] Call Trace: [ 99.292421] [ 99.292650] __iommufd_access_detach+0x1c2/0x2b0 [ 99.293161] iommufd_access_change_pt+0x149/0x270 [ 99.293667] iommufd_access_replace+0xb4/0x120 [ 99.294163] iommufd_test+0x3e5/0x37e0 [ 99.294610] ? lock_release+0x532/0x770 [ 99.295042] ? __might_fault+0x102/0x1b0 [ 99.295521] ? lock_acquire+0x427/0x4c0 [ 99.295944] ? __pfx_iommufd_test+0x10/0x10 [ 99.296393] ? __pfx_lock_release+0x10/0x10 [ 99.296847] ? __pfx_lock_acquire+0x10/0x10 [ 99.297303] ? write_comp_data+0x2f/0x90 [ 99.297736] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.298252] ? write_comp_data+0x2f/0x90 [ 99.298731] iommufd_fops_ioctl+0x37d/0x510 [ 99.299203] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.299716] ? write_comp_data+0x2f/0x90 [ 99.300152] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.300657] __x64_sys_ioctl+0x1a3/0x230 [ 99.301088] do_syscall_64+0x3b/0x90 [ 99.301490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.302032] RIP: 0033:0x7f4b8743ee5d [ 99.302420] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.304368] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.305173] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.305913] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.306677] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.307418] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.308146] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.308882] [ 99.309123] irq event stamp: 0 [ 99.309442] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.310083] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.310961] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.311826] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.312470] ---[ end trace 0000000000000000 ]--- [ 99.315729] ------------[ cut here ]------------ [ 99.316261] WARNING: CPU: 1 PID: 871 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.317283] Modules linked in: [ 99.317608] CPU: 1 PID: 871 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.318484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.319685] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.320198] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.322050] RSP: 0018:ffff888010167bd0 EFLAGS: 00010246 [ 99.322611] RAX: 0000000000000000 RBX: ffff888023eb18a8 RCX: 0000000000000000 [ 99.323349] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 99.324118] RBP: ffff888010167be8 R08: ffffed10047d6333 R09: ffffed10047d6333 [ 99.324838] R10: ffff888023eb1993 R11: ffffed10047d6332 R12: ffff888016633800 [ 99.325567] R13: ffff888023eb19e8 R14: ffff8880149bbc00 R15: 0000000000000000 [ 99.326292] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.327150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.327754] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.328489] PKRU: 55555554 [ 99.328781] Call Trace: [ 99.329052] [ 99.329291] iommufd_access_destroy_object+0x65/0x170 [ 99.329834] iommufd_object_destroy_user+0x18e/0x220 [ 99.330371] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.331023] iommufd_access_destroy+0x43/0x70 [ 99.331513] iommufd_test_staccess_release+0x8d/0xd0 [ 99.332046] __fput+0x26d/0xa40 [ 99.332400] ____fput+0x1e/0x30 [ 99.332748] task_work_run+0x1a4/0x2d0 [ 99.333159] ? __pfx_task_work_run+0x10/0x10 [ 99.333619] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.334125] ? switch_task_namespaces+0xa9/0xe0 [ 99.334641] do_exit+0xb17/0x2ef0 [ 99.334998] ? lock_acquire+0x427/0x4c0 [ 99.335454] ? __pfx_lock_release+0x10/0x10 [ 99.335919] ? __kasan_check_write+0x18/0x20 [ 99.336390] ? do_raw_spin_lock+0x132/0x2a0 [ 99.336842] ? __pfx_do_exit+0x10/0x10 [ 99.337250] ? debug_smp_processor_id+0x20/0x30 [ 99.337733] ? rcu_is_watching+0x19/0xb0 [ 99.338158] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.338661] ? trace_hardirqs_on+0x26/0x120 [ 99.339130] do_group_exit+0xe0/0x2b0 [ 99.339528] __x64_sys_exit_group+0x47/0x50 [ 99.339974] do_syscall_64+0x3b/0x90 [ 99.340366] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.340902] RIP: 0033:0x7f4b87518a4d [ 99.341287] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.341909] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.342703] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.343433] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.344157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.344883] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.345604] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.346281] [ 99.346501] irq event stamp: 0 [ 99.346826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.347424] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.348212] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.348992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.349581] ---[ end trace 0000000000000000 ]--- [ 99.350403] ------------[ cut here ]------------ [ 99.350880] WARNING: CPU: 1 PID: 871 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.351842] Modules linked in: [ 99.352150] CPU: 1 PID: 871 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.352957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.353998] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.354480] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.356205] RSP: 0018:ffff888010167b78 EFLAGS: 00010246 [ 99.356712] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.357377] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 99.358040] RBP: ffff888010167b98 R08: ffffed10047d633e R09: ffffed10047d633e [ 99.358720] R10: ffff888023eb19ef R11: ffffed10047d633d R12: ffff888023eb1a90 [ 99.359410] R13: ffff888023eb18a8 R14: ffffffffffffffff R15: ffff888010167c60 [ 99.360074] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.360824] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.361370] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.362048] PKRU: 55555554 [ 99.362317] Call Trace: [ 99.362597] [ 99.362816] iommufd_ioas_destroy+0x53/0x70 [ 99.363237] iommufd_fops_release+0x1f7/0x370 [ 99.363673] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.364146] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.364618] ? write_comp_data+0x2f/0x90 [ 99.365005] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.365469] __fput+0x26d/0xa40 [ 99.365792] ____fput+0x1e/0x30 [ 99.366111] task_work_run+0x1a4/0x2d0 [ 99.366481] ? __pfx_task_work_run+0x10/0x10 [ 99.366914] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.367390] ? switch_task_namespaces+0xa9/0xe0 [ 99.367839] do_exit+0xb17/0x2ef0 [ 99.368164] ? lock_acquire+0x427/0x4c0 [ 99.368545] ? __pfx_lock_release+0x10/0x10 [ 99.368956] ? __kasan_check_write+0x18/0x20 [ 99.369372] ? do_raw_spin_lock+0x132/0x2a0 [ 99.369773] ? __pfx_do_exit+0x10/0x10 [ 99.370148] ? debug_smp_processor_id+0x20/0x30 [ 99.370619] ? rcu_is_watching+0x19/0xb0 [ 99.371009] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.371446] ? trace_hardirqs_on+0x26/0x120 [ 99.371862] do_group_exit+0xe0/0x2b0 [ 99.372222] __x64_sys_exit_group+0x47/0x50 [ 99.372626] do_syscall_64+0x3b/0x90 [ 99.372984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.373479] RIP: 0033:0x7f4b87518a4d [ 99.373829] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.374397] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.375147] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.375819] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.376475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.377132] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.377786] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.378458] [ 99.378702] irq event stamp: 0 [ 99.379002] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.379607] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.380496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.381492] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.382082] ---[ end trace 0000000000000000 ]--- [ 99.386201] ------------[ cut here ]------------ [ 99.386937] WARNING: CPU: 1 PID: 872 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.387891] Modules linked in: [ 99.388263] CPU: 1 PID: 872 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.389171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.390363] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.390882] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.392793] RSP: 0018:ffff888010ee7bb8 EFLAGS: 00010246 [ 99.393299] RAX: 0000000000000000 RBX: ffff888012d588a8 RCX: 0000000000000000 [ 99.394049] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 99.394822] RBP: ffff888010ee7bd0 R08: ffffed10025ab133 R09: ffffed10025ab133 [ 99.395504] R10: ffff888012d58993 R11: ffffed10025ab132 R12: ffff888013af9c00 [ 99.396348] R13: ffff888012d589e8 R14: ffffffff8352e670 R15: ffff888010ee7e68 [ 99.397027] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.397967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.398541] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 99.399284] PKRU: 55555554 [ 99.399649] Call Trace: [ 99.399899] [ 99.400122] __iommufd_access_detach+0x1c2/0x2b0 [ 99.400595] iommufd_access_change_pt+0x149/0x270 [ 99.401138] iommufd_access_replace+0xb4/0x120 [ 99.401674] iommufd_test+0x3e5/0x37e0 [ 99.402048] ? lock_release+0x532/0x770 [ 99.402438] ? __might_fault+0x102/0x1b0 [ 99.402946] ? lock_acquire+0x427/0x4c0 [ 99.403436] ? __pfx_iommufd_test+0x10/0x10 [ 99.403857] ? __pfx_lock_release+0x10/0x10 [ 99.404284] ? __pfx_lock_acquire+0x10/0x10 [ 99.404803] ? write_comp_data+0x2f/0x90 [ 99.405296] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.405770] ? write_comp_data+0x2f/0x90 [ 99.406172] iommufd_fops_ioctl+0x37d/0x510 [ 99.406786] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.407274] ? write_comp_data+0x2f/0x90 [ 99.407674] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.408169] __x64_sys_ioctl+0x1a3/0x230 [ 99.408719] do_syscall_64+0x3b/0x90 [ 99.409120] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.409667] RIP: 0033:0x7f4b8743ee5d [ 99.410129] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.412246] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.413094] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.413881] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.414830] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.415588] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.416522] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.417270] [ 99.417517] irq event stamp: 0 [ 99.417913] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.418683] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.419566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.420607] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.421273] ---[ end trace 0000000000000000 ]--- [ 99.426378] ------------[ cut here ]------------ [ 99.426966] WARNING: CPU: 1 PID: 872 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.428214] Modules linked in: [ 99.428552] CPU: 1 PID: 872 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.429447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.430882] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.431422] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.433530] RSP: 0018:ffff888010ee7bd0 EFLAGS: 00010246 [ 99.434245] RAX: 0000000000000000 RBX: ffff888012d588a8 RCX: 0000000000000000 [ 99.435005] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 99.435962] RBP: ffff888010ee7be8 R08: ffffed10025ab133 R09: ffffed10025ab133 [ 99.436700] R10: ffff888012d58993 R11: ffffed10025ab132 R12: ffff888012e93c00 [ 99.437507] R13: ffff888012d589e8 R14: ffff888010aa6100 R15: 0000000000000000 [ 99.438362] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.439235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.440021] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.440770] PKRU: 55555554 [ 99.441074] Call Trace: [ 99.441426] [ 99.441760] iommufd_access_destroy_object+0x65/0x170 [ 99.442326] iommufd_object_destroy_user+0x18e/0x220 [ 99.442899] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.443762] iommufd_access_destroy+0x43/0x70 [ 99.444259] iommufd_test_staccess_release+0x8d/0xd0 [ 99.444804] __fput+0x26d/0xa40 [ 99.445253] ____fput+0x1e/0x30 [ 99.445719] task_work_run+0x1a4/0x2d0 [ 99.446143] ? __pfx_task_work_run+0x10/0x10 [ 99.446637] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.447286] ? switch_task_namespaces+0xa9/0xe0 [ 99.447931] do_exit+0xb17/0x2ef0 [ 99.448306] ? lock_acquire+0x427/0x4c0 [ 99.448738] ? __pfx_lock_release+0x10/0x10 [ 99.449313] ? __kasan_check_write+0x18/0x20 [ 99.449882] ? do_raw_spin_lock+0x132/0x2a0 [ 99.450342] ? __pfx_do_exit+0x10/0x10 [ 99.450815] ? debug_smp_processor_id+0x20/0x30 [ 99.451457] ? rcu_is_watching+0x19/0xb0 [ 99.451992] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.452483] ? trace_hardirqs_on+0x26/0x120 [ 99.452952] do_group_exit+0xe0/0x2b0 [ 99.453545] __x64_sys_exit_group+0x47/0x50 [ 99.454007] do_syscall_64+0x3b/0x90 [ 99.454409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.454989] RIP: 0033:0x7f4b87518a4d [ 99.455584] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.456232] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.457125] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.457984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.458747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.459733] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.460484] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.461455] [ 99.461705] irq event stamp: 0 [ 99.462038] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.462724] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.463825] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.464697] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.465573] ---[ end trace 0000000000000000 ]--- [ 99.468490] ------------[ cut here ]------------ [ 99.469238] WARNING: CPU: 1 PID: 872 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.470299] Modules linked in: [ 99.470734] CPU: 1 PID: 872 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.471863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.473076] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.473755] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.475919] RSP: 0018:ffff888010ee7b78 EFLAGS: 00010246 [ 99.476486] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.477399] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 99.478149] RBP: ffff888010ee7b98 R08: ffffed10025ab13e R09: ffffed10025ab13e [ 99.478952] R10: ffff888012d589ef R11: ffffed10025ab13d R12: ffff888012d58a90 [ 99.479856] R13: ffff888012d588a8 R14: ffffffffffffffff R15: ffff888010ee7c60 [ 99.480605] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.481436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.482039] CR2: 00007f82e2ab4000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 99.482808] PKRU: 55555554 [ 99.483099] Call Trace: [ 99.483376] [ 99.483609] iommufd_ioas_destroy+0x53/0x70 [ 99.484067] iommufd_fops_release+0x1f7/0x370 [ 99.484539] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.485062] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.485577] ? write_comp_data+0x2f/0x90 [ 99.486010] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.486562] __fput+0x26d/0xa40 [ 99.486925] ____fput+0x1e/0x30 [ 99.487291] task_work_run+0x1a4/0x2d0 [ 99.487716] ? __pfx_task_work_run+0x10/0x10 [ 99.488182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.488687] ? switch_task_namespaces+0xa9/0xe0 [ 99.489176] do_exit+0xb17/0x2ef0 [ 99.489533] ? lock_acquire+0x427/0x4c0 [ 99.489948] ? __pfx_lock_release+0x10/0x10 [ 99.490396] ? __kasan_check_write+0x18/0x20 [ 99.490889] ? do_raw_spin_lock+0x132/0x2a0 [ 99.491344] ? __pfx_do_exit+0x10/0x10 [ 99.491751] ? debug_smp_processor_id+0x20/0x30 [ 99.492218] ? rcu_is_watching+0x19/0xb0 [ 99.492627] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.493086] ? trace_hardirqs_on+0x26/0x120 [ 99.493522] do_group_exit+0xe0/0x2b0 [ 99.493905] __x64_sys_exit_group+0x47/0x50 [ 99.494335] do_syscall_64+0x3b/0x90 [ 99.494746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.495283] RIP: 0033:0x7f4b87518a4d [ 99.495659] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.496273] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.497029] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.497748] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.498470] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.499216] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.499936] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.500647] [ 99.500880] irq event stamp: 0 [ 99.501198] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.501822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.502676] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.503508] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.504083] ---[ end trace 0000000000000000 ]--- [ 99.509189] ------------[ cut here ]------------ [ 99.509665] WARNING: CPU: 1 PID: 873 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.510754] Modules linked in: [ 99.511050] CPU: 1 PID: 873 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.511858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.512887] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.513342] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.515006] RSP: 0018:ffff88801893fbb8 EFLAGS: 00010246 [ 99.515500] RAX: 0000000000000000 RBX: ffff888010b9c0a8 RCX: 0000000000000000 [ 99.516135] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 99.516778] RBP: ffff88801893fbd0 R08: ffffed1002173833 R09: ffffed1002173833 [ 99.517417] R10: ffff888010b9c193 R11: ffffed1002173832 R12: ffff88801341f000 [ 99.518053] R13: ffff888010b9c1e8 R14: ffffffff8352e670 R15: ffff88801893fe68 [ 99.518712] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.519443] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.519966] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 99.520604] PKRU: 55555554 [ 99.520846] Call Trace: [ 99.521064] [ 99.521261] __iommufd_access_detach+0x1c2/0x2b0 [ 99.521679] iommufd_access_change_pt+0x149/0x270 [ 99.522106] iommufd_access_replace+0xb4/0x120 [ 99.522530] iommufd_test+0x3e5/0x37e0 [ 99.522952] ? lock_release+0x532/0x770 [ 99.523484] ? __might_fault+0x102/0x1b0 [ 99.523846] ? lock_acquire+0x427/0x4c0 [ 99.524199] ? __pfx_iommufd_test+0x10/0x10 [ 99.524567] ? __pfx_lock_release+0x10/0x10 [ 99.524947] ? __pfx_lock_acquire+0x10/0x10 [ 99.525326] ? write_comp_data+0x2f/0x90 [ 99.525684] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.526105] ? write_comp_data+0x2f/0x90 [ 99.526463] iommufd_fops_ioctl+0x37d/0x510 [ 99.526860] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.527292] ? write_comp_data+0x2f/0x90 [ 99.527655] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.528077] __x64_sys_ioctl+0x1a3/0x230 [ 99.528438] do_syscall_64+0x3b/0x90 [ 99.528770] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.529224] RIP: 0033:0x7f4b8743ee5d [ 99.529543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.531125] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.531791] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.532398] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.533009] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.533614] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.534218] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.534849] [ 99.535055] irq event stamp: 0 [ 99.535345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.535886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.536600] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.537308] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.537844] ---[ end trace 0000000000000000 ]--- [ 99.540731] ------------[ cut here ]------------ [ 99.541169] WARNING: CPU: 1 PID: 873 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.542027] Modules linked in: [ 99.542303] CPU: 1 PID: 873 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.543065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.544037] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.544461] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.546011] RSP: 0018:ffff88801893fbd0 EFLAGS: 00010246 [ 99.546460] RAX: 0000000000000000 RBX: ffff888010b9c0a8 RCX: 0000000000000000 [ 99.547078] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 99.547691] RBP: ffff88801893fbe8 R08: ffffed1002173833 R09: ffffed1002173833 [ 99.548301] R10: ffff888010b9c193 R11: ffffed1002173832 R12: ffff888013af8c00 [ 99.548911] R13: ffff888010b9c1e8 R14: ffff88800f59b200 R15: 0000000000000000 [ 99.549519] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.550200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.550711] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.551325] PKRU: 55555554 [ 99.551567] Call Trace: [ 99.551787] [ 99.551977] iommufd_access_destroy_object+0x65/0x170 [ 99.552413] iommufd_object_destroy_user+0x18e/0x220 [ 99.552846] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.553334] iommufd_access_destroy+0x43/0x70 [ 99.553703] iommufd_test_staccess_release+0x8d/0xd0 [ 99.554122] __fput+0x26d/0xa40 [ 99.554401] ____fput+0x1e/0x30 [ 99.554687] task_work_run+0x1a4/0x2d0 [ 99.555014] ? __pfx_task_work_run+0x10/0x10 [ 99.555391] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.555790] ? switch_task_namespaces+0xa9/0xe0 [ 99.556176] do_exit+0xb17/0x2ef0 [ 99.556458] ? lock_acquire+0x427/0x4c0 [ 99.556788] ? __pfx_lock_release+0x10/0x10 [ 99.557140] ? __kasan_check_write+0x18/0x20 [ 99.557500] ? do_raw_spin_lock+0x132/0x2a0 [ 99.557850] ? __pfx_do_exit+0x10/0x10 [ 99.558193] ? debug_smp_processor_id+0x20/0x30 [ 99.558595] ? rcu_is_watching+0x19/0xb0 [ 99.558925] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.559307] ? trace_hardirqs_on+0x26/0x120 [ 99.559664] do_group_exit+0xe0/0x2b0 [ 99.559976] __x64_sys_exit_group+0x47/0x50 [ 99.560324] do_syscall_64+0x3b/0x90 [ 99.560634] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.561060] RIP: 0033:0x7f4b87518a4d [ 99.561360] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.561857] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.562468] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.563054] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.563643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.564219] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.564790] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.565369] [ 99.565558] irq event stamp: 0 [ 99.565813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.566328] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.567019] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.567697] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.568202] ---[ end trace 0000000000000000 ]--- [ 99.568913] ------------[ cut here ]------------ [ 99.569298] WARNING: CPU: 1 PID: 873 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.570108] Modules linked in: [ 99.570365] CPU: 1 PID: 873 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.571080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.571990] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.572409] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.573863] RSP: 0018:ffff88801893fb78 EFLAGS: 00010246 [ 99.574289] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.574874] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 99.575453] RBP: ffff88801893fb98 R08: ffffed100217383e R09: ffffed100217383e [ 99.576038] R10: ffff888010b9c1ef R11: ffffed100217383d R12: ffff888010b9c290 [ 99.576597] R13: ffff888010b9c0a8 R14: ffffffffffffffff R15: ffff88801893fc60 [ 99.577149] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.577774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.578225] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.578803] PKRU: 55555554 [ 99.579026] Call Trace: [ 99.579237] [ 99.579415] iommufd_ioas_destroy+0x53/0x70 [ 99.579762] iommufd_fops_release+0x1f7/0x370 [ 99.580125] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.580520] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.580910] ? write_comp_data+0x2f/0x90 [ 99.581240] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.581638] __fput+0x26d/0xa40 [ 99.581915] ____fput+0x1e/0x30 [ 99.582187] task_work_run+0x1a4/0x2d0 [ 99.582500] ? __pfx_task_work_run+0x10/0x10 [ 99.582874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.583274] ? switch_task_namespaces+0xa9/0xe0 [ 99.583652] do_exit+0xb17/0x2ef0 [ 99.583931] ? lock_acquire+0x427/0x4c0 [ 99.584256] ? __pfx_lock_release+0x10/0x10 [ 99.584604] ? __kasan_check_write+0x18/0x20 [ 99.584956] ? do_raw_spin_lock+0x132/0x2a0 [ 99.585297] ? __pfx_do_exit+0x10/0x10 [ 99.585614] ? debug_smp_processor_id+0x20/0x30 [ 99.585984] ? rcu_is_watching+0x19/0xb0 [ 99.586306] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.586686] ? trace_hardirqs_on+0x26/0x120 [ 99.587038] do_group_exit+0xe0/0x2b0 [ 99.587350] __x64_sys_exit_group+0x47/0x50 [ 99.587692] do_syscall_64+0x3b/0x90 [ 99.587991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.588405] RIP: 0033:0x7f4b87518a4d [ 99.588698] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.589181] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.589774] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.590333] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.590920] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.591494] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.592055] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.592619] [ 99.592806] irq event stamp: 0 [ 99.593062] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.593554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.594216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.594885] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.595393] ---[ end trace 0000000000000000 ]--- [ 99.599576] ------------[ cut here ]------------ [ 99.599984] WARNING: CPU: 1 PID: 874 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.600762] Modules linked in: [ 99.601012] CPU: 1 PID: 874 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.601688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.602575] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.602963] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.604380] RSP: 0018:ffff88801715fbb8 EFLAGS: 00010246 [ 99.604793] RAX: 0000000000000000 RBX: ffff888010f0a0a8 RCX: 0000000000000000 [ 99.605350] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 99.605902] RBP: ffff88801715fbd0 R08: ffffed10021e1433 R09: ffffed10021e1433 [ 99.606452] R10: ffff888010f0a193 R11: ffffed10021e1432 R12: ffff888010827400 [ 99.607021] R13: ffff888010f0a1e8 R14: ffffffff8352e670 R15: ffff88801715fe68 [ 99.607593] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.608218] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.608676] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 99.609229] PKRU: 55555554 [ 99.609451] Call Trace: [ 99.609651] [ 99.609829] __iommufd_access_detach+0x1c2/0x2b0 [ 99.610213] iommufd_access_change_pt+0x149/0x270 [ 99.610619] iommufd_access_replace+0xb4/0x120 [ 99.610994] iommufd_test+0x3e5/0x37e0 [ 99.611311] ? lock_release+0x532/0x770 [ 99.611638] ? __might_fault+0x102/0x1b0 [ 99.611965] ? lock_acquire+0x427/0x4c0 [ 99.612286] ? __pfx_iommufd_test+0x10/0x10 [ 99.612621] ? __pfx_lock_release+0x10/0x10 [ 99.612971] ? __pfx_lock_acquire+0x10/0x10 [ 99.613325] ? write_comp_data+0x2f/0x90 [ 99.613658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.614044] ? write_comp_data+0x2f/0x90 [ 99.614370] iommufd_fops_ioctl+0x37d/0x510 [ 99.614730] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.615132] ? write_comp_data+0x2f/0x90 [ 99.615459] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.615840] __x64_sys_ioctl+0x1a3/0x230 [ 99.616171] do_syscall_64+0x3b/0x90 [ 99.616470] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.616881] RIP: 0033:0x7f4b8743ee5d [ 99.617172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.618596] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.619205] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.619766] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.620315] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.620868] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.621420] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.621984] [ 99.622174] irq event stamp: 0 [ 99.622423] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.622939] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.623601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.624250] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.624738] ---[ end trace 0000000000000000 ]--- [ 99.627467] ------------[ cut here ]------------ [ 99.627864] WARNING: CPU: 1 PID: 874 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.628644] Modules linked in: [ 99.628895] CPU: 1 PID: 874 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.629562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.630428] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.630843] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.632261] RSP: 0018:ffff88801715fbd0 EFLAGS: 00010246 [ 99.632673] RAX: 0000000000000000 RBX: ffff888010f0a0a8 RCX: 0000000000000000 [ 99.633224] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 99.633774] RBP: ffff88801715fbe8 R08: ffffed10021e1433 R09: ffffed10021e1433 [ 99.634326] R10: ffff888010f0a193 R11: ffffed10021e1432 R12: ffff88801341d000 [ 99.634892] R13: ffff888010f0a1e8 R14: ffff888010aa6a00 R15: 0000000000000000 [ 99.635463] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.636097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.636883] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.637445] PKRU: 55555554 [ 99.637666] Call Trace: [ 99.637940] [ 99.638166] iommufd_access_destroy_object+0x65/0x170 [ 99.638593] iommufd_object_destroy_user+0x18e/0x220 [ 99.638993] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.639528] iommufd_access_destroy+0x43/0x70 [ 99.639936] iommufd_test_staccess_release+0x8d/0xd0 [ 99.640337] __fput+0x26d/0xa40 [ 99.640612] ____fput+0x1e/0x30 [ 99.640963] task_work_run+0x1a4/0x2d0 [ 99.641274] ? __pfx_task_work_run+0x10/0x10 [ 99.641620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.642003] ? switch_task_namespaces+0xa9/0xe0 [ 99.642488] do_exit+0xb17/0x2ef0 [ 99.642775] ? lock_acquire+0x427/0x4c0 [ 99.643096] ? __pfx_lock_release+0x10/0x10 [ 99.643447] ? __kasan_check_write+0x18/0x20 [ 99.643796] ? do_raw_spin_lock+0x132/0x2a0 [ 99.644155] ? __pfx_do_exit+0x10/0x10 [ 99.644556] ? debug_smp_processor_id+0x20/0x30 [ 99.644923] ? rcu_is_watching+0x19/0xb0 [ 99.645244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.645635] ? trace_hardirqs_on+0x26/0x120 [ 99.646036] do_group_exit+0xe0/0x2b0 [ 99.646336] __x64_sys_exit_group+0x47/0x50 [ 99.646693] do_syscall_64+0x3b/0x90 [ 99.646995] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.647441] RIP: 0033:0x7f4b87518a4d [ 99.647820] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.648299] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.648953] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.649555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.650103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.650776] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.651334] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.651904] [ 99.652134] irq event stamp: 0 [ 99.652430] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.652928] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.653675] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.654326] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.654876] ---[ end trace 0000000000000000 ]--- [ 99.655627] ------------[ cut here ]------------ [ 99.655992] WARNING: CPU: 1 PID: 874 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.656890] Modules linked in: [ 99.657142] CPU: 1 PID: 874 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.657811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.658803] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.659214] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.660746] RSP: 0018:ffff88801715fb78 EFLAGS: 00010246 [ 99.661254] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.661806] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 99.662372] RBP: ffff88801715fb98 R08: ffffed10021e143e R09: ffffed10021e143e [ 99.663040] R10: ffff888010f0a1ef R11: ffffed10021e143d R12: ffff888010f0a290 [ 99.663607] R13: ffff888010f0a0a8 R14: ffffffffffffffff R15: ffff88801715fc60 [ 99.664219] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.664889] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.665338] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.666002] PKRU: 55555554 [ 99.666222] Call Trace: [ 99.666420] [ 99.666614] iommufd_ioas_destroy+0x53/0x70 [ 99.666960] iommufd_fops_release+0x1f7/0x370 [ 99.667352] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.667806] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.668196] ? write_comp_data+0x2f/0x90 [ 99.668528] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.669034] __fput+0x26d/0xa40 [ 99.669309] ____fput+0x1e/0x30 [ 99.669575] task_work_run+0x1a4/0x2d0 [ 99.669895] ? __pfx_task_work_run+0x10/0x10 [ 99.670311] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.670768] ? switch_task_namespaces+0xa9/0xe0 [ 99.671153] do_exit+0xb17/0x2ef0 [ 99.671426] ? lock_acquire+0x427/0x4c0 [ 99.671745] ? __pfx_lock_release+0x10/0x10 [ 99.672145] ? __kasan_check_write+0x18/0x20 [ 99.672540] ? do_raw_spin_lock+0x132/0x2a0 [ 99.672880] ? __pfx_do_exit+0x10/0x10 [ 99.673195] ? debug_smp_processor_id+0x20/0x30 [ 99.673678] ? rcu_is_watching+0x19/0xb0 [ 99.674005] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.674367] ? trace_hardirqs_on+0x26/0x120 [ 99.674743] do_group_exit+0xe0/0x2b0 [ 99.675136] __x64_sys_exit_group+0x47/0x50 [ 99.675483] do_syscall_64+0x3b/0x90 [ 99.675789] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.676219] RIP: 0033:0x7f4b87518a4d [ 99.676525] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.677147] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.677765] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.678468] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.679067] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.679655] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.680336] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.680927] [ 99.681117] irq event stamp: 0 [ 99.681389] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.681984] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.682684] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.683443] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.684022] ---[ end trace 0000000000000000 ]--- [ 99.688042] ------------[ cut here ]------------ [ 99.688530] WARNING: CPU: 1 PID: 875 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.689428] Modules linked in: [ 99.689776] CPU: 1 PID: 875 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.690585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.691666] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.692076] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.693694] RSP: 0018:ffff88800f47fbb8 EFLAGS: 00010246 [ 99.694133] RAX: 0000000000000000 RBX: ffff888021a268a8 RCX: 0000000000000000 [ 99.694860] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 99.695455] RBP: ffff88800f47fbd0 R08: ffffed1004344d33 R09: ffffed1004344d33 [ 99.696053] R10: ffff888021a26993 R11: ffffed1004344d32 R12: ffff88801422c400 [ 99.696731] R13: ffff888021a269e8 R14: ffffffff8352e670 R15: ffff88800f47fe68 [ 99.697313] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.698094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.698589] CR2: 00007f4b877410e8 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 99.699187] PKRU: 55555554 [ 99.699493] Call Trace: [ 99.699766] [ 99.699953] __iommufd_access_detach+0x1c2/0x2b0 [ 99.700355] iommufd_access_change_pt+0x149/0x270 [ 99.700779] iommufd_access_replace+0xb4/0x120 [ 99.701257] iommufd_test+0x3e5/0x37e0 [ 99.701576] ? lock_release+0x532/0x770 [ 99.701918] ? __might_fault+0x102/0x1b0 [ 99.702258] ? lock_acquire+0x427/0x4c0 [ 99.702613] ? __pfx_iommufd_test+0x10/0x10 [ 99.702968] ? __pfx_lock_release+0x10/0x10 [ 99.703338] ? __pfx_lock_acquire+0x10/0x10 [ 99.703699] ? write_comp_data+0x2f/0x90 [ 99.704041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.704447] ? write_comp_data+0x2f/0x90 [ 99.704789] iommufd_fops_ioctl+0x37d/0x510 [ 99.705149] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.705550] ? write_comp_data+0x2f/0x90 [ 99.705890] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.706288] __x64_sys_ioctl+0x1a3/0x230 [ 99.706647] do_syscall_64+0x3b/0x90 [ 99.706966] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.707408] RIP: 0033:0x7f4b8743ee5d [ 99.707714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.709193] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.709815] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.710385] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.710986] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.711576] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.712165] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.712748] [ 99.712940] irq event stamp: 0 [ 99.713196] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.713704] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.714375] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.715063] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.715585] ---[ end trace 0000000000000000 ]--- [ 99.719095] ------------[ cut here ]------------ [ 99.719565] WARNING: CPU: 0 PID: 875 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.720392] Modules linked in: [ 99.720659] CPU: 0 PID: 875 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.721371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.722279] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.722872] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.724359] RSP: 0018:ffff88800f47fbd0 EFLAGS: 00010246 [ 99.724790] RAX: 0000000000000000 RBX: ffff888021a268a8 RCX: 0000000000000000 [ 99.725367] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 99.725941] RBP: ffff88800f47fbe8 R08: ffffed1004344d33 R09: ffffed1004344d33 [ 99.726539] R10: ffff888021a26993 R11: ffffed1004344d32 R12: ffff888010826c00 [ 99.727130] R13: ffff888021a269e8 R14: ffff888013d16300 R15: 0000000000000000 [ 99.727710] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 99.728363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.728834] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 99.729414] PKRU: 55555554 [ 99.729645] Call Trace: [ 99.729857] [ 99.730042] iommufd_access_destroy_object+0x65/0x170 [ 99.730465] iommufd_object_destroy_user+0x18e/0x220 [ 99.730904] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.731391] iommufd_access_destroy+0x43/0x70 [ 99.731768] iommufd_test_staccess_release+0x8d/0xd0 [ 99.732193] __fput+0x26d/0xa40 [ 99.732479] ____fput+0x1e/0x30 [ 99.732754] task_work_run+0x1a4/0x2d0 [ 99.733078] ? __pfx_task_work_run+0x10/0x10 [ 99.733437] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.733840] ? switch_task_namespaces+0xa9/0xe0 [ 99.734229] do_exit+0xb17/0x2ef0 [ 99.734533] ? lock_acquire+0x427/0x4c0 [ 99.734870] ? __pfx_lock_release+0x10/0x10 [ 99.735242] ? __kasan_check_write+0x18/0x20 [ 99.735608] ? do_raw_spin_lock+0x132/0x2a0 [ 99.735957] ? __pfx_do_exit+0x10/0x10 [ 99.736276] ? debug_smp_processor_id+0x20/0x30 [ 99.736652] ? rcu_is_watching+0x19/0xb0 [ 99.736980] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.737344] ? trace_hardirqs_on+0x26/0x120 [ 99.737696] do_group_exit+0xe0/0x2b0 [ 99.738003] __x64_sys_exit_group+0x47/0x50 [ 99.738343] do_syscall_64+0x3b/0x90 [ 99.738678] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.739107] RIP: 0033:0x7f4b87518a4d [ 99.739412] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.739896] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.740495] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.741054] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.741619] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.742178] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.742764] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.743345] [ 99.743532] irq event stamp: 0 [ 99.743786] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.744286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.744940] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.745586] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.746076] ---[ end trace 0000000000000000 ]--- [ 99.746793] ------------[ cut here ]------------ [ 99.747161] WARNING: CPU: 0 PID: 875 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.747928] Modules linked in: [ 99.748172] CPU: 0 PID: 875 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.748830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.749681] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.750072] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.751501] RSP: 0018:ffff88800f47fb78 EFLAGS: 00010246 [ 99.751911] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.752449] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 99.752991] RBP: ffff88800f47fb98 R08: ffffed1004344d3e R09: ffffed1004344d3e [ 99.753532] R10: ffff888021a269ef R11: ffffed1004344d3d R12: ffff888021a26a90 [ 99.754070] R13: ffff888021a268a8 R14: ffffffffffffffff R15: ffff88800f47fc60 [ 99.754624] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 99.755238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.755678] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 99.756218] PKRU: 55555554 [ 99.756433] Call Trace: [ 99.756634] [ 99.756808] iommufd_ioas_destroy+0x53/0x70 [ 99.757146] iommufd_fops_release+0x1f7/0x370 [ 99.757497] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.757884] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.758264] ? write_comp_data+0x2f/0x90 [ 99.758600] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.758995] __fput+0x26d/0xa40 [ 99.759273] ____fput+0x1e/0x30 [ 99.759540] task_work_run+0x1a4/0x2d0 [ 99.759853] ? __pfx_task_work_run+0x10/0x10 [ 99.760207] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.760594] ? switch_task_namespaces+0xa9/0xe0 [ 99.760969] do_exit+0xb17/0x2ef0 [ 99.761240] ? lock_acquire+0x427/0x4c0 [ 99.761554] ? __pfx_lock_release+0x10/0x10 [ 99.761889] ? __kasan_check_write+0x18/0x20 [ 99.762228] ? do_raw_spin_lock+0x132/0x2a0 [ 99.762576] ? __pfx_do_exit+0x10/0x10 [ 99.762887] ? debug_smp_processor_id+0x20/0x30 [ 99.763250] ? rcu_is_watching+0x19/0xb0 [ 99.763571] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.763934] ? trace_hardirqs_on+0x26/0x120 [ 99.764274] do_group_exit+0xe0/0x2b0 [ 99.764577] __x64_sys_exit_group+0x47/0x50 [ 99.764910] do_syscall_64+0x3b/0x90 [ 99.765206] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.765612] RIP: 0033:0x7f4b87518a4d [ 99.765905] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.766385] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.766998] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.767556] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.768109] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.768659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.769210] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.769767] [ 99.769950] irq event stamp: 0 [ 99.770198] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.770706] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.771362] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.772010] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.772493] ---[ end trace 0000000000000000 ]--- [ 99.776929] ------------[ cut here ]------------ [ 99.777337] WARNING: CPU: 0 PID: 876 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.778124] Modules linked in: [ 99.778376] CPU: 0 PID: 876 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.779120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.779998] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.780391] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.781809] RSP: 0018:ffff888018317bb8 EFLAGS: 00010246 [ 99.782225] RAX: 0000000000000000 RBX: ffff888023dd88a8 RCX: 0000000000000000 [ 99.782800] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 99.783362] RBP: ffff888018317bd0 R08: ffffed10047bb133 R09: ffffed10047bb133 [ 99.783925] R10: ffff888023dd8993 R11: ffffed10047bb132 R12: ffff888012e93000 [ 99.784482] R13: ffff888023dd89e8 R14: ffffffff8352e670 R15: ffff888018317e68 [ 99.785043] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 99.785675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.786127] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 99.786704] PKRU: 55555554 [ 99.786928] Call Trace: [ 99.787135] [ 99.787315] __iommufd_access_detach+0x1c2/0x2b0 [ 99.787707] iommufd_access_change_pt+0x149/0x270 [ 99.788102] iommufd_access_replace+0xb4/0x120 [ 99.788472] iommufd_test+0x3e5/0x37e0 [ 99.788779] ? lock_release+0x532/0x770 [ 99.789104] ? __might_fault+0x102/0x1b0 [ 99.789432] ? lock_acquire+0x427/0x4c0 [ 99.789755] ? __pfx_iommufd_test+0x10/0x10 [ 99.790095] ? __pfx_lock_release+0x10/0x10 [ 99.790445] ? __pfx_lock_acquire+0x10/0x10 [ 99.790824] ? write_comp_data+0x2f/0x90 [ 99.791168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.791560] ? write_comp_data+0x2f/0x90 [ 99.791894] iommufd_fops_ioctl+0x37d/0x510 [ 99.792243] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.792637] ? write_comp_data+0x2f/0x90 [ 99.792969] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.793355] __x64_sys_ioctl+0x1a3/0x230 [ 99.793683] do_syscall_64+0x3b/0x90 [ 99.793982] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.794387] RIP: 0033:0x7f4b8743ee5d [ 99.794697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.796103] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.796684] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.797235] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.797783] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.798334] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.798900] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.799468] [ 99.799649] irq event stamp: 0 [ 99.799893] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.800377] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.801026] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.801663] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.802142] ---[ end trace 0000000000000000 ]--- [ 99.804888] ------------[ cut here ]------------ [ 99.805286] WARNING: CPU: 0 PID: 876 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.806054] Modules linked in: [ 99.806303] CPU: 0 PID: 876 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.807020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.807894] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.808277] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.809667] RSP: 0018:ffff888018317bd0 EFLAGS: 00010246 [ 99.810075] RAX: 0000000000000000 RBX: ffff888023dd88a8 RCX: 0000000000000000 [ 99.810637] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 99.811187] RBP: ffff888018317be8 R08: ffffed10047bb133 R09: ffffed10047bb133 [ 99.811739] R10: ffff888023dd8993 R11: ffffed10047bb132 R12: ffff88801805f000 [ 99.812283] R13: ffff888023dd89e8 R14: ffff8880123ec900 R15: 0000000000000000 [ 99.812826] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 99.813441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.813886] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 99.814436] PKRU: 55555554 [ 99.814671] Call Trace: [ 99.814872] [ 99.815050] iommufd_access_destroy_object+0x65/0x170 [ 99.815458] iommufd_object_destroy_user+0x18e/0x220 [ 99.815854] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.816307] iommufd_access_destroy+0x43/0x70 [ 99.816666] iommufd_test_staccess_release+0x8d/0xd0 [ 99.817064] __fput+0x26d/0xa40 [ 99.817333] ____fput+0x1e/0x30 [ 99.817596] task_work_run+0x1a4/0x2d0 [ 99.817910] ? __pfx_task_work_run+0x10/0x10 [ 99.818258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.818659] ? switch_task_namespaces+0xa9/0xe0 [ 99.819038] do_exit+0xb17/0x2ef0 [ 99.819314] ? lock_acquire+0x427/0x4c0 [ 99.819634] ? __pfx_lock_release+0x10/0x10 [ 99.819976] ? __kasan_check_write+0x18/0x20 [ 99.820318] ? do_raw_spin_lock+0x132/0x2a0 [ 99.820653] ? __pfx_do_exit+0x10/0x10 [ 99.820963] ? debug_smp_processor_id+0x20/0x30 [ 99.821326] ? rcu_is_watching+0x19/0xb0 [ 99.821647] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.822008] ? trace_hardirqs_on+0x26/0x120 [ 99.822350] do_group_exit+0xe0/0x2b0 [ 99.822665] __x64_sys_exit_group+0x47/0x50 [ 99.823000] do_syscall_64+0x3b/0x90 [ 99.823304] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.823714] RIP: 0033:0x7f4b87518a4d [ 99.824005] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.824477] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.825063] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.825611] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.826159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.826720] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.827277] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.827834] [ 99.828017] irq event stamp: 0 [ 99.828262] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.828743] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.829387] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.830029] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.830536] ---[ end trace 0000000000000000 ]--- [ 99.831225] ------------[ cut here ]------------ [ 99.831588] WARNING: CPU: 0 PID: 876 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.832366] Modules linked in: [ 99.832615] CPU: 0 PID: 876 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.833280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.834146] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.834565] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.835989] RSP: 0018:ffff888018317b78 EFLAGS: 00010246 [ 99.836401] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.836944] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 99.837520] RBP: ffff888018317b98 R08: ffffed10047bb13e R09: ffffed10047bb13e [ 99.838072] R10: ffff888023dd89ef R11: ffffed10047bb13d R12: ffff888023dd8a90 [ 99.838658] R13: ffff888023dd88a8 R14: ffffffffffffffff R15: ffff888018317c60 [ 99.839218] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 99.839836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.840282] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 99.840827] PKRU: 55555554 [ 99.841048] Call Trace: [ 99.841245] [ 99.841420] iommufd_ioas_destroy+0x53/0x70 [ 99.841760] iommufd_fops_release+0x1f7/0x370 [ 99.842114] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.842529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.842912] ? write_comp_data+0x2f/0x90 [ 99.843240] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.843629] __fput+0x26d/0xa40 [ 99.843898] ____fput+0x1e/0x30 [ 99.844167] task_work_run+0x1a4/0x2d0 [ 99.844475] ? __pfx_task_work_run+0x10/0x10 [ 99.844821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.845203] ? switch_task_namespaces+0xa9/0xe0 [ 99.845572] do_exit+0xb17/0x2ef0 [ 99.845843] ? lock_acquire+0x427/0x4c0 [ 99.846160] ? __pfx_lock_release+0x10/0x10 [ 99.846498] ? __kasan_check_write+0x18/0x20 [ 99.846869] ? do_raw_spin_lock+0x132/0x2a0 [ 99.847212] ? __pfx_do_exit+0x10/0x10 [ 99.847523] ? debug_smp_processor_id+0x20/0x30 [ 99.847887] ? rcu_is_watching+0x19/0xb0 [ 99.848205] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.848561] ? trace_hardirqs_on+0x26/0x120 [ 99.848902] do_group_exit+0xe0/0x2b0 [ 99.849196] __x64_sys_exit_group+0x47/0x50 [ 99.849530] do_syscall_64+0x3b/0x90 [ 99.849827] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.850235] RIP: 0033:0x7f4b87518a4d [ 99.850540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.851020] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.851615] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.852166] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.852717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.853264] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.853805] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.854358] [ 99.854560] irq event stamp: 0 [ 99.854806] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.855298] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.855937] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.856576] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.857056] ---[ end trace 0000000000000000 ]--- [ 99.861496] ------------[ cut here ]------------ [ 99.861897] WARNING: CPU: 1 PID: 877 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.862714] Modules linked in: [ 99.862962] CPU: 1 PID: 877 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.863631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.864486] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.864863] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.866230] RSP: 0018:ffff88800f47fbb8 EFLAGS: 00010246 [ 99.866645] RAX: 0000000000000000 RBX: ffff88800bd5b0a8 RCX: 0000000000000000 [ 99.867185] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 99.867720] RBP: ffff88800f47fbd0 R08: ffffed10017ab633 R09: ffffed10017ab633 [ 99.868254] R10: ffff88800bd5b193 R11: ffffed10017ab632 R12: ffff888013e78400 [ 99.868791] R13: ffff88800bd5b1e8 R14: ffffffff8352e670 R15: ffff88800f47fe68 [ 99.869403] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.870025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.870468] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 99.871024] PKRU: 55555554 [ 99.871256] Call Trace: [ 99.871454] [ 99.871627] __iommufd_access_detach+0x1c2/0x2b0 [ 99.872003] iommufd_access_change_pt+0x149/0x270 [ 99.872379] iommufd_access_replace+0xb4/0x120 [ 99.872740] iommufd_test+0x3e5/0x37e0 [ 99.873038] ? lock_release+0x532/0x770 [ 99.873352] ? __might_fault+0x102/0x1b0 [ 99.873666] ? lock_acquire+0x427/0x4c0 [ 99.873982] ? __pfx_iommufd_test+0x10/0x10 [ 99.874307] ? __pfx_lock_release+0x10/0x10 [ 99.874657] ? __pfx_lock_acquire+0x10/0x10 [ 99.874997] ? write_comp_data+0x2f/0x90 [ 99.875319] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.875694] ? write_comp_data+0x2f/0x90 [ 99.876010] iommufd_fops_ioctl+0x37d/0x510 [ 99.876340] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.876712] ? write_comp_data+0x2f/0x90 [ 99.877026] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.877395] __x64_sys_ioctl+0x1a3/0x230 [ 99.877714] do_syscall_64+0x3b/0x90 [ 99.878010] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.878408] RIP: 0033:0x7f4b8743ee5d [ 99.878713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.880093] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.880669] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.881204] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.881745] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.882281] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.882837] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.883391] [ 99.883569] irq event stamp: 0 [ 99.883805] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.884281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.884910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.885543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.886017] ---[ end trace 0000000000000000 ]--- [ 99.888707] ------------[ cut here ]------------ [ 99.889093] WARNING: CPU: 1 PID: 877 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.889852] Modules linked in: [ 99.890097] CPU: 1 PID: 877 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.890980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.891836] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.892215] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.893597] RSP: 0018:ffff88800f47fbd0 EFLAGS: 00010246 [ 99.894002] RAX: 0000000000000000 RBX: ffff88800bd5b0a8 RCX: 0000000000000000 [ 99.894559] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 99.895117] RBP: ffff88800f47fbe8 R08: ffffed10017ab633 R09: ffffed10017ab633 [ 99.895718] R10: ffff88800bd5b193 R11: ffffed10017ab632 R12: ffff88801422ec00 [ 99.896356] R13: ffff88800bd5b1e8 R14: ffff888020e8bc00 R15: 0000000000000000 [ 99.896901] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.897629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.898072] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.898646] PKRU: 55555554 [ 99.898939] Call Trace: [ 99.899143] [ 99.899316] iommufd_access_destroy_object+0x65/0x170 [ 99.899715] iommufd_object_destroy_user+0x18e/0x220 [ 99.900108] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.900667] iommufd_access_destroy+0x43/0x70 [ 99.901079] iommufd_test_staccess_release+0x8d/0xd0 [ 99.901477] __fput+0x26d/0xa40 [ 99.901769] ____fput+0x1e/0x30 [ 99.902093] task_work_run+0x1a4/0x2d0 [ 99.902400] ? __pfx_task_work_run+0x10/0x10 [ 99.902762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.903156] ? switch_task_namespaces+0xa9/0xe0 [ 99.903599] do_exit+0xb17/0x2ef0 [ 99.903932] ? lock_acquire+0x427/0x4c0 [ 99.904254] ? __pfx_lock_release+0x10/0x10 [ 99.904599] ? __kasan_check_write+0x18/0x20 [ 99.904983] ? do_raw_spin_lock+0x132/0x2a0 [ 99.905393] ? __pfx_do_exit+0x10/0x10 [ 99.905711] ? debug_smp_processor_id+0x20/0x30 [ 99.906079] ? rcu_is_watching+0x19/0xb0 [ 99.906466] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.906885] ? trace_hardirqs_on+0x26/0x120 [ 99.907238] do_group_exit+0xe0/0x2b0 [ 99.907539] __x64_sys_exit_group+0x47/0x50 [ 99.907877] do_syscall_64+0x3b/0x90 [ 99.908208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.908696] RIP: 0033:0x7f4b87518a4d [ 99.908991] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.909470] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.910174] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.910748] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.911312] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.911986] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.912542] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.913154] [ 99.913378] irq event stamp: 0 [ 99.913626] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.914125] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.914902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.915563] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.916069] ---[ end trace 0000000000000000 ]--- [ 99.916914] ------------[ cut here ]------------ [ 99.917287] WARNING: CPU: 1 PID: 877 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 99.918181] Modules linked in: [ 99.918438] CPU: 1 PID: 877 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.919180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.920119] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 99.920534] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 99.922066] RSP: 0018:ffff88800f47fb78 EFLAGS: 00010246 [ 99.922780] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 99.923343] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 99.923908] RBP: ffff88800f47fb98 R08: ffffed10017ab63e R09: ffffed10017ab63e [ 99.924593] R10: ffff88800bd5b1ef R11: ffffed10017ab63d R12: ffff88800bd5b290 [ 99.925156] R13: ffff88800bd5b0a8 R14: ffffffffffffffff R15: ffff88800f47fc60 [ 99.925780] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.926469] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.926951] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 99.927618] PKRU: 55555554 [ 99.927907] Call Trace: [ 99.928118] [ 99.928306] iommufd_ioas_destroy+0x53/0x70 [ 99.928669] iommufd_fops_release+0x1f7/0x370 [ 99.929116] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.929590] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.930000] ? write_comp_data+0x2f/0x90 [ 99.930346] ? __pfx_iommufd_fops_release+0x10/0x10 [ 99.930894] __fput+0x26d/0xa40 [ 99.931188] ____fput+0x1e/0x30 [ 99.931468] task_work_run+0x1a4/0x2d0 [ 99.931800] ? __pfx_task_work_run+0x10/0x10 [ 99.932168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.932696] ? switch_task_namespaces+0xa9/0xe0 [ 99.933149] do_exit+0xb17/0x2ef0 [ 99.933440] ? lock_acquire+0x427/0x4c0 [ 99.933781] ? __pfx_lock_release+0x10/0x10 [ 99.934266] ? __kasan_check_write+0x18/0x20 [ 99.934652] ? do_raw_spin_lock+0x132/0x2a0 [ 99.935013] ? __pfx_do_exit+0x10/0x10 [ 99.935353] ? debug_smp_processor_id+0x20/0x30 [ 99.935770] ? rcu_is_watching+0x19/0xb0 [ 99.936199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 99.936578] ? trace_hardirqs_on+0x26/0x120 [ 99.936943] do_group_exit+0xe0/0x2b0 [ 99.937290] __x64_sys_exit_group+0x47/0x50 [ 99.937734] do_syscall_64+0x3b/0x90 [ 99.938054] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.938491] RIP: 0033:0x7f4b87518a4d [ 99.938827] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 99.939476] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 99.940099] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 99.940714] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 99.941371] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 99.941947] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 99.942660] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 99.943261] [ 99.943455] irq event stamp: 0 [ 99.943716] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.944361] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.945044] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.945853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.946372] ---[ end trace 0000000000000000 ]--- [ 99.950113] ------------[ cut here ]------------ [ 99.950579] WARNING: CPU: 1 PID: 878 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.951476] Modules linked in: [ 99.951801] CPU: 1 PID: 878 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.952507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.953551] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.953958] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.955608] RSP: 0018:ffff888016017bb8 EFLAGS: 00010246 [ 99.956049] RAX: 0000000000000000 RBX: ffff88801789e8a8 RCX: 0000000000000000 [ 99.956761] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 99.957345] RBP: ffff888016017bd0 R08: ffffed1002f13d33 R09: ffffed1002f13d33 [ 99.957988] R10: ffff88801789e993 R11: ffffed1002f13d32 R12: ffff888017ba6800 [ 99.958645] R13: ffff88801789e9e8 R14: ffffffff8352e670 R15: ffff888016017e68 [ 99.959237] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.960021] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.960494] CR2: 00007f4b877410e8 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 99.961117] PKRU: 55555554 [ 99.961520] Call Trace: [ 99.961732] [ 99.961918] __iommufd_access_detach+0x1c2/0x2b0 [ 99.962326] iommufd_access_change_pt+0x149/0x270 [ 99.962877] iommufd_access_replace+0xb4/0x120 [ 99.963272] iommufd_test+0x3e5/0x37e0 [ 99.963595] ? lock_release+0x532/0x770 [ 99.963934] ? __might_fault+0x102/0x1b0 [ 99.964300] ? lock_acquire+0x427/0x4c0 [ 99.964730] ? __pfx_iommufd_test+0x10/0x10 [ 99.965124] ? __pfx_lock_release+0x10/0x10 [ 99.965487] ? __pfx_lock_acquire+0x10/0x10 [ 99.965921] ? write_comp_data+0x2f/0x90 [ 99.966320] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.966752] ? write_comp_data+0x2f/0x90 [ 99.967104] iommufd_fops_ioctl+0x37d/0x510 [ 99.967472] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.968009] ? write_comp_data+0x2f/0x90 [ 99.968356] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 99.968758] __x64_sys_ioctl+0x1a3/0x230 [ 99.969134] do_syscall_64+0x3b/0x90 [ 99.969527] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 99.969960] RIP: 0033:0x7f4b8743ee5d [ 99.970272] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 99.971908] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 99.972610] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 99.973251] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 99.973833] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 99.974567] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 99.975159] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 99.975814] [ 99.976071] irq event stamp: 0 [ 99.976333] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 99.976849] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 99.977662] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 99.978352] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 99.978964] ---[ end trace 0000000000000000 ]--- [ 99.981894] ------------[ cut here ]------------ [ 99.982409] WARNING: CPU: 1 PID: 878 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 99.983273] Modules linked in: [ 99.983557] CPU: 1 PID: 878 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 99.984357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 99.985269] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 99.985674] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 99.987211] RSP: 0018:ffff888016017bd0 EFLAGS: 00010246 [ 99.987648] RAX: 0000000000000000 RBX: ffff88801789e8a8 RCX: 0000000000000000 [ 99.988232] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 99.988809] RBP: ffff888016017be8 R08: ffffed1002f13d33 R09: ffffed1002f13d33 [ 99.989387] R10: ffff88801789e993 R11: ffffed1002f13d32 R12: ffff888013e78000 [ 99.989963] R13: ffff88801789e9e8 R14: ffff8880142ece00 R15: 0000000000000000 [ 99.990561] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 99.991227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 99.991702] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 99.992283] PKRU: 55555554 [ 99.992520] Call Trace: [ 99.992728] [ 99.992916] iommufd_access_destroy_object+0x65/0x170 [ 99.993353] iommufd_object_destroy_user+0x18e/0x220 [ 99.993768] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 99.994240] iommufd_access_destroy+0x43/0x70 [ 99.994640] iommufd_test_staccess_release+0x8d/0xd0 [ 99.995068] __fput+0x26d/0xa40 [ 99.995360] ____fput+0x1e/0x30 [ 99.995645] task_work_run+0x1a4/0x2d0 [ 99.995979] ? __pfx_task_work_run+0x10/0x10 [ 99.996343] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 99.996747] ? switch_task_namespaces+0xa9/0xe0 [ 99.997200] do_exit+0xb17/0x2ef0 [ 99.997489] ? lock_acquire+0x427/0x4c0 [ 99.997824] ? __pfx_lock_release+0x10/0x10 [ 99.998190] ? __kasan_check_write+0x18/0x20 [ 99.998582] ? do_raw_spin_lock+0x132/0x2a0 [ 99.998938] ? __pfx_do_exit+0x10/0x10 [ 99.999275] ? debug_smp_processor_id+0x20/0x30 [ 99.999661] ? rcu_is_watching+0x19/0xb0 [ 99.999997] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.000367] ? trace_hardirqs_on+0x26/0x120 [ 100.000723] do_group_exit+0xe0/0x2b0 [ 100.001033] __x64_sys_exit_group+0x47/0x50 [ 100.001385] do_syscall_64+0x3b/0x90 [ 100.001702] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.002127] RIP: 0033:0x7f4b87518a4d [ 100.002427] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.002947] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.003563] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.004139] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.004721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.005295] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.005870] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.006456] [ 100.006675] irq event stamp: 0 [ 100.006937] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.007455] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.008136] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.008808] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.009318] ---[ end trace 0000000000000000 ]--- [ 100.010082] ------------[ cut here ]------------ [ 100.010472] WARNING: CPU: 1 PID: 878 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.011489] Modules linked in: [ 100.011757] CPU: 1 PID: 878 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.012455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.013372] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.013793] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.015291] RSP: 0018:ffff888016017b78 EFLAGS: 00010246 [ 100.015725] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.016296] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 100.016880] RBP: ffff888016017b98 R08: ffffed1002f13d3e R09: ffffed1002f13d3e [ 100.017457] R10: ffff88801789e9ef R11: ffffed1002f13d3d R12: ffff88801789ea90 [ 100.018035] R13: ffff88801789e8a8 R14: ffffffffffffffff R15: ffff888016017c60 [ 100.018639] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 100.019294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.019761] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 100.020336] PKRU: 55555554 [ 100.020565] Call Trace: [ 100.020772] [ 100.020956] iommufd_ioas_destroy+0x53/0x70 [ 100.021319] iommufd_fops_release+0x1f7/0x370 [ 100.021689] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.022094] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.022496] ? write_comp_data+0x2f/0x90 [ 100.022864] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.023279] __fput+0x26d/0xa40 [ 100.023564] ____fput+0x1e/0x30 [ 100.023842] task_work_run+0x1a4/0x2d0 [ 100.024167] ? __pfx_task_work_run+0x10/0x10 [ 100.024529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.024931] ? switch_task_namespaces+0xa9/0xe0 [ 100.025320] do_exit+0xb17/0x2ef0 [ 100.025604] ? lock_acquire+0x427/0x4c0 [ 100.025939] ? __pfx_lock_release+0x10/0x10 [ 100.026293] ? __kasan_check_write+0x18/0x20 [ 100.026670] ? do_raw_spin_lock+0x132/0x2a0 [ 100.027025] ? __pfx_do_exit+0x10/0x10 [ 100.027352] ? debug_smp_processor_id+0x20/0x30 [ 100.027741] ? rcu_is_watching+0x19/0xb0 [ 100.028073] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.028440] ? trace_hardirqs_on+0x26/0x120 [ 100.028795] do_group_exit+0xe0/0x2b0 [ 100.029161] __x64_sys_exit_group+0x47/0x50 [ 100.029509] do_syscall_64+0x3b/0x90 [ 100.029818] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.030243] RIP: 0033:0x7f4b87518a4d [ 100.030558] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.031055] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.031671] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.032239] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.032815] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.033389] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.033962] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.034577] [ 100.034769] irq event stamp: 0 [ 100.035026] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.035538] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.036214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.036890] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.037408] ---[ end trace 0000000000000000 ]--- [ 100.041771] ------------[ cut here ]------------ [ 100.042189] WARNING: CPU: 1 PID: 879 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.043057] Modules linked in: [ 100.043348] CPU: 1 PID: 879 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.044092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.045043] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.045466] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.047088] RSP: 0018:ffff88801589fbb8 EFLAGS: 00010246 [ 100.047578] RAX: 0000000000000000 RBX: ffff888023eb10a8 RCX: 0000000000000000 [ 100.048179] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 100.048786] RBP: ffff88801589fbd0 R08: ffffed10047d6233 R09: ffffed10047d6233 [ 100.049393] R10: ffff888023eb1193 R11: ffffed10047d6232 R12: ffff888016c98c00 [ 100.049998] R13: ffff888023eb11e8 R14: ffffffff8352e670 R15: ffff88801589fe68 [ 100.050639] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 100.051339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.051838] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ee0 [ 100.052434] PKRU: 55555554 [ 100.052667] Call Trace: [ 100.052876] [ 100.053059] __iommufd_access_detach+0x1c2/0x2b0 [ 100.053464] iommufd_access_change_pt+0x149/0x270 [ 100.053886] iommufd_access_replace+0xb4/0x120 [ 100.054286] iommufd_test+0x3e5/0x37e0 [ 100.054646] ? lock_release+0x532/0x770 [ 100.054999] ? __might_fault+0x102/0x1b0 [ 100.055360] ? lock_acquire+0x427/0x4c0 [ 100.055713] ? __pfx_iommufd_test+0x10/0x10 [ 100.056091] ? __pfx_lock_release+0x10/0x10 [ 100.056469] ? __pfx_lock_acquire+0x10/0x10 [ 100.056851] ? write_comp_data+0x2f/0x90 [ 100.057213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.057643] ? write_comp_data+0x2f/0x90 [ 100.058007] iommufd_fops_ioctl+0x37d/0x510 [ 100.058394] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.058854] ? write_comp_data+0x2f/0x90 [ 100.059234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.059668] __x64_sys_ioctl+0x1a3/0x230 [ 100.060034] do_syscall_64+0x3b/0x90 [ 100.060376] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.060846] RIP: 0033:0x7f4b8743ee5d [ 100.061257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.062853] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.063536] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.064156] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.064779] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.065396] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.066014] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.066682] [ 100.066891] irq event stamp: 0 [ 100.067176] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.067729] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.068472] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.069208] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.069765] ---[ end trace 0000000000000000 ]--- [ 100.072766] ------------[ cut here ]------------ [ 100.073211] WARNING: CPU: 1 PID: 879 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.074079] Modules linked in: [ 100.074358] CPU: 1 PID: 879 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.075165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.076140] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.076572] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.078185] RSP: 0018:ffff88801589fbd0 EFLAGS: 00010246 [ 100.078725] RAX: 0000000000000000 RBX: ffff888023eb10a8 RCX: 0000000000000000 [ 100.079415] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 100.080076] RBP: ffff88801589fbe8 R08: ffffed10047d6233 R09: ffffed10047d6233 [ 100.080733] R10: ffff888023eb1193 R11: ffffed10047d6232 R12: ffff888017ba7c00 [ 100.081383] R13: ffff888023eb11e8 R14: ffff88801230fc00 R15: 0000000000000000 [ 100.082043] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 100.082833] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.083388] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 100.084060] PKRU: 55555554 [ 100.084327] Call Trace: [ 100.084571] [ 100.084786] iommufd_access_destroy_object+0x65/0x170 [ 100.085274] iommufd_object_destroy_user+0x18e/0x220 [ 100.085759] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.086305] iommufd_access_destroy+0x43/0x70 [ 100.086777] iommufd_test_staccess_release+0x8d/0xd0 [ 100.087274] __fput+0x26d/0xa40 [ 100.087603] ____fput+0x1e/0x30 [ 100.087931] task_work_run+0x1a4/0x2d0 [ 100.088303] ? __pfx_task_work_run+0x10/0x10 [ 100.088717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.089178] ? switch_task_namespaces+0xa9/0xe0 [ 100.089623] do_exit+0xb17/0x2ef0 [ 100.089953] ? lock_acquire+0x427/0x4c0 [ 100.090337] ? __pfx_lock_release+0x10/0x10 [ 100.090794] ? __kasan_check_write+0x18/0x20 [ 100.091230] ? do_raw_spin_lock+0x132/0x2a0 [ 100.091645] ? __pfx_do_exit+0x10/0x10 [ 100.092015] ? debug_smp_processor_id+0x20/0x30 [ 100.092459] ? rcu_is_watching+0x19/0xb0 [ 100.092853] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.093376] ? trace_hardirqs_on+0x26/0x120 [ 100.093800] do_group_exit+0xe0/0x2b0 [ 100.094180] __x64_sys_exit_group+0x47/0x50 [ 100.094641] do_syscall_64+0x3b/0x90 [ 100.095021] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.095541] RIP: 0033:0x7f4b87518a4d [ 100.095908] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.096503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.097230] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.097914] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.098619] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.099314] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.099992] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.100678] [ 100.100901] irq event stamp: 0 [ 100.101200] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.101799] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.102632] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.103451] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.104058] ---[ end trace 0000000000000000 ]--- [ 100.104899] ------------[ cut here ]------------ [ 100.105352] WARNING: CPU: 1 PID: 879 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.106324] Modules linked in: [ 100.106683] CPU: 1 PID: 879 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.107536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.108636] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.109134] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.110899] RSP: 0018:ffff88801589fb78 EFLAGS: 00010246 [ 100.111443] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.112118] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 100.112797] RBP: ffff88801589fb98 R08: ffffed10047d623e R09: ffffed10047d623e [ 100.113474] R10: ffff888023eb11ef R11: ffffed10047d623d R12: ffff888023eb1290 [ 100.114155] R13: ffff888023eb10a8 R14: ffffffffffffffff R15: ffff88801589fc60 [ 100.114856] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 100.115632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.116195] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 100.116876] PKRU: 55555554 [ 100.117149] Call Trace: [ 100.117399] [ 100.117619] iommufd_ioas_destroy+0x53/0x70 [ 100.118045] iommufd_fops_release+0x1f7/0x370 [ 100.118485] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.119005] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.119496] ? write_comp_data+0x2f/0x90 [ 100.119896] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.120382] __fput+0x26d/0xa40 [ 100.120720] ____fput+0x1e/0x30 [ 100.121053] task_work_run+0x1a4/0x2d0 [ 100.121435] ? __pfx_task_work_run+0x10/0x10 [ 100.121872] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.122347] ? switch_task_namespaces+0xa9/0xe0 [ 100.122845] do_exit+0xb17/0x2ef0 [ 100.123205] ? lock_acquire+0x427/0x4c0 [ 100.123608] ? __pfx_lock_release+0x10/0x10 [ 100.124042] ? __kasan_check_write+0x18/0x20 [ 100.124467] ? do_raw_spin_lock+0x132/0x2a0 [ 100.124890] ? __pfx_do_exit+0x10/0x10 [ 100.125338] ? debug_smp_processor_id+0x20/0x30 [ 100.125798] ? rcu_is_watching+0x19/0xb0 [ 100.126200] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.126686] ? trace_hardirqs_on+0x26/0x120 [ 100.127126] do_group_exit+0xe0/0x2b0 [ 100.127514] __x64_sys_exit_group+0x47/0x50 [ 100.127962] do_syscall_64+0x3b/0x90 [ 100.128362] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.128914] RIP: 0033:0x7f4b87518a4d [ 100.129296] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.129928] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.130752] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.131500] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.132232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.132965] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.133697] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.134444] [ 100.134733] irq event stamp: 0 [ 100.135070] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.135744] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.136624] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.137485] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.138142] ---[ end trace 0000000000000000 ]--- [ 100.144839] ------------[ cut here ]------------ [ 100.145575] WARNING: CPU: 0 PID: 880 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.147251] Modules linked in: [ 100.147734] CPU: 0 PID: 880 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.148892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.150391] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.151516] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.153949] RSP: 0018:ffff888016017bb8 EFLAGS: 00010246 [ 100.154759] RAX: 0000000000000000 RBX: ffff888021aef8a8 RCX: 0000000000000000 [ 100.155816] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 100.157182] RBP: ffff888016017bd0 R08: ffffed100435df33 R09: ffffed100435df33 [ 100.158148] R10: ffff888021aef993 R11: ffffed100435df32 R12: ffff888016635c00 [ 100.159243] R13: ffff888021aef9e8 R14: ffffffff8352e670 R15: ffff888016017e68 [ 100.160281] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.161411] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.162238] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ef0 [ 100.163382] PKRU: 55555554 [ 100.163814] Call Trace: [ 100.164186] [ 100.164515] __iommufd_access_detach+0x1c2/0x2b0 [ 100.165220] iommufd_access_change_pt+0x149/0x270 [ 100.165944] iommufd_access_replace+0xb4/0x120 [ 100.166704] iommufd_test+0x3e5/0x37e0 [ 100.167320] ? lock_release+0x532/0x770 [ 100.167914] ? __might_fault+0x102/0x1b0 [ 100.168517] ? lock_acquire+0x427/0x4c0 [ 100.169116] ? __pfx_iommufd_test+0x10/0x10 [ 100.169731] ? __pfx_lock_release+0x10/0x10 [ 100.170337] ? __pfx_lock_acquire+0x10/0x10 [ 100.170997] ? write_comp_data+0x2f/0x90 [ 100.171610] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.172298] ? write_comp_data+0x2f/0x90 [ 100.172893] iommufd_fops_ioctl+0x37d/0x510 [ 100.173493] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.174156] ? write_comp_data+0x2f/0x90 [ 100.174801] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.175505] __x64_sys_ioctl+0x1a3/0x230 [ 100.176089] do_syscall_64+0x3b/0x90 [ 100.176626] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.177342] RIP: 0033:0x7f4b8743ee5d [ 100.177861] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.180344] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.181377] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.182340] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.183369] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.184331] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.185276] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.186228] [ 100.186624] irq event stamp: 0 [ 100.187059] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.187938] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.189032] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.190117] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.191008] ---[ end trace 0000000000000000 ]--- [ 100.196566] ------------[ cut here ]------------ [ 100.197507] WARNING: CPU: 0 PID: 880 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.199002] Modules linked in: [ 100.199437] CPU: 0 PID: 880 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.200546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.202050] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.202922] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.205359] RSP: 0018:ffff888016017bd0 EFLAGS: 00010246 [ 100.206221] RAX: 0000000000000000 RBX: ffff888021aef8a8 RCX: 0000000000000000 [ 100.207161] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 100.208224] RBP: ffff888016017be8 R08: ffffed100435df33 R09: ffffed100435df33 [ 100.209177] R10: ffff888021aef993 R11: ffffed100435df32 R12: ffff888012e93c00 [ 100.210180] R13: ffff888021aef9e8 R14: ffff888014b9eb00 R15: 0000000000000000 [ 100.211322] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.212362] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.213204] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.214277] PKRU: 55555554 [ 100.214668] Call Trace: [ 100.214988] [ 100.215293] iommufd_access_destroy_object+0x65/0x170 [ 100.216143] iommufd_object_destroy_user+0x18e/0x220 [ 100.216783] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.217700] iommufd_access_destroy+0x43/0x70 [ 100.218275] iommufd_test_staccess_release+0x8d/0xd0 [ 100.219177] __fput+0x26d/0xa40 [ 100.219637] ____fput+0x1e/0x30 [ 100.220078] task_work_run+0x1a4/0x2d0 [ 100.220676] ? __pfx_task_work_run+0x10/0x10 [ 100.221362] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.222003] ? switch_task_namespaces+0xa9/0xe0 [ 100.222870] do_exit+0xb17/0x2ef0 [ 100.223337] ? lock_acquire+0x427/0x4c0 [ 100.223881] ? __pfx_lock_release+0x10/0x10 [ 100.224607] ? __kasan_check_write+0x18/0x20 [ 100.225184] ? do_raw_spin_lock+0x132/0x2a0 [ 100.225935] ? __pfx_do_exit+0x10/0x10 [ 100.226453] ? debug_smp_processor_id+0x20/0x30 [ 100.227089] ? rcu_is_watching+0x19/0xb0 [ 100.227854] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.228452] ? trace_hardirqs_on+0x26/0x120 [ 100.229096] do_group_exit+0xe0/0x2b0 [ 100.229695] __x64_sys_exit_group+0x47/0x50 [ 100.230246] do_syscall_64+0x3b/0x90 [ 100.230803] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.231628] RIP: 0033:0x7f4b87518a4d [ 100.232117] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.233106] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.234152] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.235274] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.236455] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.237393] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.238606] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.239636] [ 100.240102] irq event stamp: 0 [ 100.240525] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.241448] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.242726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.244086] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.245028] ---[ end trace 0000000000000000 ]--- [ 100.250135] ------------[ cut here ]------------ [ 100.250991] WARNING: CPU: 0 PID: 880 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.252616] Modules linked in: [ 100.253057] CPU: 0 PID: 880 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.254446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.256222] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.256909] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.259556] RSP: 0018:ffff888016017b78 EFLAGS: 00010246 [ 100.260257] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.261185] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 100.262109] RBP: ffff888016017b98 R08: ffffed100435df3e R09: ffffed100435df3e [ 100.263072] R10: ffff888021aef9ef R11: ffffed100435df3d R12: ffff888021aefa90 [ 100.264020] R13: ffff888021aef8a8 R14: ffffffffffffffff R15: ffff888016017c60 [ 100.264946] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.265982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.266788] CR2: 00007f82e2b19000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 100.267727] PKRU: 55555554 [ 100.268105] Call Trace: [ 100.268446] [ 100.268753] iommufd_ioas_destroy+0x53/0x70 [ 100.269338] iommufd_fops_release+0x1f7/0x370 [ 100.269940] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.270647] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.271326] ? write_comp_data+0x2f/0x90 [ 100.271878] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.272545] __fput+0x26d/0xa40 [ 100.273012] ____fput+0x1e/0x30 [ 100.273466] task_work_run+0x1a4/0x2d0 [ 100.274000] ? __pfx_task_work_run+0x10/0x10 [ 100.274633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.275306] ? switch_task_namespaces+0xa9/0xe0 [ 100.275942] do_exit+0xb17/0x2ef0 [ 100.276402] ? lock_acquire+0x427/0x4c0 [ 100.276939] ? __pfx_lock_release+0x10/0x10 [ 100.277516] ? __kasan_check_write+0x18/0x20 [ 100.278104] ? do_raw_spin_lock+0x132/0x2a0 [ 100.278714] ? __pfx_do_exit+0x10/0x10 [ 100.279264] ? debug_smp_processor_id+0x20/0x30 [ 100.279883] ? rcu_is_watching+0x19/0xb0 [ 100.280422] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.281027] ? trace_hardirqs_on+0x26/0x120 [ 100.281607] do_group_exit+0xe0/0x2b0 [ 100.282116] __x64_sys_exit_group+0x47/0x50 [ 100.282725] do_syscall_64+0x3b/0x90 [ 100.283257] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.283954] RIP: 0033:0x7f4b87518a4d [ 100.284445] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.285247] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.286237] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.287242] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.288180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.289106] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.290037] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.291027] [ 100.291357] irq event stamp: 0 [ 100.291782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.292608] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.293694] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.294822] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.295672] ---[ end trace 0000000000000000 ]--- [ 100.302301] ------------[ cut here ]------------ [ 100.303304] WARNING: CPU: 0 PID: 881 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.304573] Modules linked in: [ 100.304977] CPU: 0 PID: 881 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.306024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.307433] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.308050] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.310236] RSP: 0018:ffff888021b3fbb8 EFLAGS: 00010246 [ 100.310905] RAX: 0000000000000000 RBX: ffff888010b7a0a8 RCX: 0000000000000000 [ 100.311765] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 100.312600] RBP: ffff888021b3fbd0 R08: ffffed100216f433 R09: ffffed100216f433 [ 100.313436] R10: ffff888010b7a193 R11: ffffed100216f432 R12: ffff888010c0ac00 [ 100.314275] R13: ffff888010b7a1e8 R14: ffffffff8352e670 R15: ffff888021b3fe68 [ 100.315169] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.316120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.316806] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 100.317645] PKRU: 55555554 [ 100.317983] Call Trace: [ 100.318293] [ 100.318616] __iommufd_access_detach+0x1c2/0x2b0 [ 100.319221] iommufd_access_change_pt+0x149/0x270 [ 100.319817] iommufd_access_replace+0xb4/0x120 [ 100.320380] iommufd_test+0x3e5/0x37e0 [ 100.320849] ? lock_release+0x532/0x770 [ 100.321339] ? __might_fault+0x102/0x1b0 [ 100.321841] ? lock_acquire+0x427/0x4c0 [ 100.322331] ? __pfx_iommufd_test+0x10/0x10 [ 100.322881] ? __pfx_lock_release+0x10/0x10 [ 100.323424] ? __pfx_lock_acquire+0x10/0x10 [ 100.323958] ? write_comp_data+0x2f/0x90 [ 100.324459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.325052] ? write_comp_data+0x2f/0x90 [ 100.325545] iommufd_fops_ioctl+0x37d/0x510 [ 100.326052] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.326658] ? write_comp_data+0x2f/0x90 [ 100.327163] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.327746] __x64_sys_ioctl+0x1a3/0x230 [ 100.328250] do_syscall_64+0x3b/0x90 [ 100.328699] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.329306] RIP: 0033:0x7f4b8743ee5d [ 100.329743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.331878] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.332758] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.333588] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.334400] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.335245] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.336077] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.336951] [ 100.337240] irq event stamp: 0 [ 100.337619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.338349] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.339365] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.340319] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.341042] ---[ end trace 0000000000000000 ]--- [ 100.345485] ------------[ cut here ]------------ [ 100.346054] WARNING: CPU: 0 PID: 881 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.347446] Modules linked in: [ 100.347727] CPU: 0 PID: 881 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.348458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.349383] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.349804] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.351405] RSP: 0018:ffff888021b3fbd0 EFLAGS: 00010246 [ 100.351864] RAX: 0000000000000000 RBX: ffff888010b7a0a8 RCX: 0000000000000000 [ 100.352465] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 100.353063] RBP: ffff888021b3fbe8 R08: ffffed100216f433 R09: ffffed100216f433 [ 100.353662] R10: ffff888010b7a193 R11: ffffed100216f432 R12: ffff888016634c00 [ 100.354259] R13: ffff888010b7a1e8 R14: ffff888020806d00 R15: 0000000000000000 [ 100.354909] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.355607] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.356110] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.356721] PKRU: 55555554 [ 100.356978] Call Trace: [ 100.357197] [ 100.357392] iommufd_access_destroy_object+0x65/0x170 [ 100.357853] iommufd_object_destroy_user+0x18e/0x220 [ 100.358299] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.358817] iommufd_access_destroy+0x43/0x70 [ 100.359248] iommufd_test_staccess_release+0x8d/0xd0 [ 100.359696] __fput+0x26d/0xa40 [ 100.360012] ____fput+0x1e/0x30 [ 100.360303] task_work_run+0x1a4/0x2d0 [ 100.360644] ? __pfx_task_work_run+0x10/0x10 [ 100.361022] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.361459] ? switch_task_namespaces+0xa9/0xe0 [ 100.361863] do_exit+0xb17/0x2ef0 [ 100.362174] ? lock_acquire+0x427/0x4c0 [ 100.362550] ? __pfx_lock_release+0x10/0x10 [ 100.362927] ? __kasan_check_write+0x18/0x20 [ 100.363324] ? do_raw_spin_lock+0x132/0x2a0 [ 100.363670] ? __pfx_do_exit+0x10/0x10 [ 100.363985] ? debug_smp_processor_id+0x20/0x30 [ 100.364378] ? rcu_is_watching+0x19/0xb0 [ 100.364698] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.365061] ? trace_hardirqs_on+0x26/0x120 [ 100.365422] do_group_exit+0xe0/0x2b0 [ 100.365736] __x64_sys_exit_group+0x47/0x50 [ 100.366080] do_syscall_64+0x3b/0x90 [ 100.366384] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.366842] RIP: 0033:0x7f4b87518a4d [ 100.367151] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.367653] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.368254] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.368838] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.369394] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.369973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.370553] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.371151] [ 100.371336] irq event stamp: 0 [ 100.371584] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.372092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.372748] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.373420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.373911] ---[ end trace 0000000000000000 ]--- [ 100.374697] ------------[ cut here ]------------ [ 100.375073] WARNING: CPU: 0 PID: 881 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.375900] Modules linked in: [ 100.376153] CPU: 0 PID: 881 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.376858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.377765] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.378168] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.379667] RSP: 0018:ffff888021b3fb78 EFLAGS: 00010246 [ 100.380090] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.380658] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 100.381279] RBP: ffff888021b3fb98 R08: ffffed100216f43e R09: ffffed100216f43e [ 100.381857] R10: ffff888010b7a1ef R11: ffffed100216f43d R12: ffff888010b7a290 [ 100.382421] R13: ffff888010b7a0a8 R14: ffffffffffffffff R15: ffff888021b3fc60 [ 100.383028] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.383670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.384147] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.384696] PKRU: 55555554 [ 100.384914] Call Trace: [ 100.385133] [ 100.385310] iommufd_ioas_destroy+0x53/0x70 [ 100.385651] iommufd_fops_release+0x1f7/0x370 [ 100.386009] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.386420] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.386821] ? write_comp_data+0x2f/0x90 [ 100.387155] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.387565] __fput+0x26d/0xa40 [ 100.387835] ____fput+0x1e/0x30 [ 100.388097] task_work_run+0x1a4/0x2d0 [ 100.388420] ? __pfx_task_work_run+0x10/0x10 [ 100.388763] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.389150] ? switch_task_namespaces+0xa9/0xe0 [ 100.389531] do_exit+0xb17/0x2ef0 [ 100.389799] ? lock_acquire+0x427/0x4c0 [ 100.390113] ? __pfx_lock_release+0x10/0x10 [ 100.390463] ? __kasan_check_write+0x18/0x20 [ 100.390833] ? do_raw_spin_lock+0x132/0x2a0 [ 100.391180] ? __pfx_do_exit+0x10/0x10 [ 100.391493] ? debug_smp_processor_id+0x20/0x30 [ 100.391870] ? rcu_is_watching+0x19/0xb0 [ 100.392183] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.392534] ? trace_hardirqs_on+0x26/0x120 [ 100.392886] do_group_exit+0xe0/0x2b0 [ 100.393180] __x64_sys_exit_group+0x47/0x50 [ 100.393510] do_syscall_64+0x3b/0x90 [ 100.393817] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.394225] RIP: 0033:0x7f4b87518a4d [ 100.394536] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.395026] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.395616] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.396175] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.396721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.397275] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.397818] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.398385] [ 100.398598] irq event stamp: 0 [ 100.398843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.399353] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.399996] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.400649] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.401131] ---[ end trace 0000000000000000 ]--- [ 100.404797] ------------[ cut here ]------------ [ 100.405183] WARNING: CPU: 0 PID: 882 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.405967] Modules linked in: [ 100.406212] CPU: 0 PID: 882 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.406923] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.407781] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.408173] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.409551] RSP: 0018:ffff888017a87bb8 EFLAGS: 00010246 [ 100.409956] RAX: 0000000000000000 RBX: ffff88801781f0a8 RCX: 0000000000000000 [ 100.410524] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 100.411072] RBP: ffff888017a87bd0 R08: ffffed1002f03e33 R09: ffffed1002f03e33 [ 100.411736] R10: ffff88801781f193 R11: ffffed1002f03e32 R12: ffff888012e96800 [ 100.412424] R13: ffff88801781f1e8 R14: ffffffff8352e670 R15: ffff888017a87e68 [ 100.412994] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.413725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.414168] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ef0 [ 100.414882] PKRU: 55555554 [ 100.415106] Call Trace: [ 100.415313] [ 100.415493] __iommufd_access_detach+0x1c2/0x2b0 [ 100.416017] iommufd_access_change_pt+0x149/0x270 [ 100.416397] iommufd_access_replace+0xb4/0x120 [ 100.416774] iommufd_test+0x3e5/0x37e0 [ 100.417135] ? lock_release+0x532/0x770 [ 100.417532] ? __might_fault+0x102/0x1b0 [ 100.417870] ? lock_acquire+0x427/0x4c0 [ 100.418185] ? __pfx_iommufd_test+0x10/0x10 [ 100.418539] ? __pfx_lock_release+0x10/0x10 [ 100.418936] ? __pfx_lock_acquire+0x10/0x10 [ 100.419384] ? write_comp_data+0x2f/0x90 [ 100.419713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.420106] ? write_comp_data+0x2f/0x90 [ 100.420477] iommufd_fops_ioctl+0x37d/0x510 [ 100.420891] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.421284] ? write_comp_data+0x2f/0x90 [ 100.421618] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.422119] __x64_sys_ioctl+0x1a3/0x230 [ 100.422443] do_syscall_64+0x3b/0x90 [ 100.422767] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.423199] RIP: 0033:0x7f4b8743ee5d [ 100.423548] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.425044] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.425791] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.426353] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.427089] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.427671] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.428284] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.428935] [ 100.429121] irq event stamp: 0 [ 100.429368] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.430009] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.430681] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.431499] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.432010] ---[ end trace 0000000000000000 ]--- [ 100.434944] ------------[ cut here ]------------ [ 100.435540] WARNING: CPU: 0 PID: 882 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.436354] Modules linked in: [ 100.436769] CPU: 0 PID: 882 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.437470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.438540] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.438935] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.440537] RSP: 0018:ffff888017a87bd0 EFLAGS: 00010246 [ 100.440960] RAX: 0000000000000000 RBX: ffff88801781f0a8 RCX: 0000000000000000 [ 100.441512] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 100.442076] RBP: ffff888017a87be8 R08: ffffed1002f03e33 R09: ffffed1002f03e33 [ 100.442661] R10: ffff88801781f193 R11: ffffed1002f03e32 R12: ffff888010c0b800 [ 100.443238] R13: ffff88801781f1e8 R14: ffff88800f59b900 R15: 0000000000000000 [ 100.443803] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.444424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.444902] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.445457] PKRU: 55555554 [ 100.445681] Call Trace: [ 100.445884] [ 100.446087] iommufd_access_destroy_object+0x65/0x170 [ 100.446495] iommufd_object_destroy_user+0x18e/0x220 [ 100.446929] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.447408] iommufd_access_destroy+0x43/0x70 [ 100.447772] iommufd_test_staccess_release+0x8d/0xd0 [ 100.448202] __fput+0x26d/0xa40 [ 100.448476] ____fput+0x1e/0x30 [ 100.448744] task_work_run+0x1a4/0x2d0 [ 100.449059] ? __pfx_task_work_run+0x10/0x10 [ 100.449426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.449811] ? switch_task_namespaces+0xa9/0xe0 [ 100.450184] do_exit+0xb17/0x2ef0 [ 100.450488] ? lock_acquire+0x427/0x4c0 [ 100.450838] ? __pfx_lock_release+0x10/0x10 [ 100.451195] ? __kasan_check_write+0x18/0x20 [ 100.451562] ? do_raw_spin_lock+0x132/0x2a0 [ 100.451903] ? __pfx_do_exit+0x10/0x10 [ 100.452218] ? debug_smp_processor_id+0x20/0x30 [ 100.452613] ? rcu_is_watching+0x19/0xb0 [ 100.452937] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.453301] ? trace_hardirqs_on+0x26/0x120 [ 100.453659] do_group_exit+0xe0/0x2b0 [ 100.453962] __x64_sys_exit_group+0x47/0x50 [ 100.454299] do_syscall_64+0x3b/0x90 [ 100.454625] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.455053] RIP: 0033:0x7f4b87518a4d [ 100.455357] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.455849] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.456439] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.457012] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.457569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.458138] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.458714] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.459323] [ 100.459508] irq event stamp: 0 [ 100.459762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.460275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.460934] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.461600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.462097] ---[ end trace 0000000000000000 ]--- [ 100.462928] ------------[ cut here ]------------ [ 100.463545] WARNING: CPU: 0 PID: 882 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.464344] Modules linked in: [ 100.464637] CPU: 0 PID: 882 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.465412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.466446] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.467078] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.468686] RSP: 0018:ffff888017a87b78 EFLAGS: 00010246 [ 100.469155] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.469809] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 100.470391] RBP: ffff888017a87b98 R08: ffffed1002f03e3e R09: ffffed1002f03e3e [ 100.471143] R10: ffff88801781f1ef R11: ffffed1002f03e3d R12: ffff88801781f290 [ 100.471704] R13: ffff88801781f0a8 R14: ffffffffffffffff R15: ffff888017a87c60 [ 100.472420] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.473050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.473581] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.474208] PKRU: 55555554 [ 100.474444] Call Trace: [ 100.474668] [ 100.474848] iommufd_ioas_destroy+0x53/0x70 [ 100.475280] iommufd_fops_release+0x1f7/0x370 [ 100.475742] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.476162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.476656] ? write_comp_data+0x2f/0x90 [ 100.477082] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.477498] __fput+0x26d/0xa40 [ 100.477794] ____fput+0x1e/0x30 [ 100.478133] task_work_run+0x1a4/0x2d0 [ 100.478541] ? __pfx_task_work_run+0x10/0x10 [ 100.478931] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.479348] ? switch_task_namespaces+0xa9/0xe0 [ 100.479821] do_exit+0xb17/0x2ef0 [ 100.480214] ? lock_acquire+0x427/0x4c0 [ 100.480564] ? __pfx_lock_release+0x10/0x10 [ 100.480940] ? __kasan_check_write+0x18/0x20 [ 100.481469] ? do_raw_spin_lock+0x132/0x2a0 [ 100.481832] ? __pfx_do_exit+0x10/0x10 [ 100.482188] ? debug_smp_processor_id+0x20/0x30 [ 100.482672] ? rcu_is_watching+0x19/0xb0 [ 100.483124] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.483504] ? trace_hardirqs_on+0x26/0x120 [ 100.483868] do_group_exit+0xe0/0x2b0 [ 100.484185] __x64_sys_exit_group+0x47/0x50 [ 100.484616] do_syscall_64+0x3b/0x90 [ 100.485020] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.485452] RIP: 0033:0x7f4b87518a4d [ 100.485792] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.486413] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.487061] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.487813] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.488388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.489120] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.489707] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.490375] [ 100.490649] irq event stamp: 0 [ 100.490909] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.491424] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.492116] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.492804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.493316] ---[ end trace 0000000000000000 ]--- [ 100.498128] ------------[ cut here ]------------ [ 100.498726] WARNING: CPU: 0 PID: 883 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.499560] Modules linked in: [ 100.499823] CPU: 0 PID: 883 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.500521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.501426] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.501830] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.503429] RSP: 0018:ffff888011dd7bb8 EFLAGS: 00010246 [ 100.503883] RAX: 0000000000000000 RBX: ffff8880165198a8 RCX: 0000000000000000 [ 100.504455] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 100.505024] RBP: ffff888011dd7bd0 R08: ffffed1002ca3333 R09: ffffed1002ca3333 [ 100.505594] R10: ffff888016519993 R11: ffffed1002ca3332 R12: ffff888013b15800 [ 100.506165] R13: ffff8880165199e8 R14: ffffffff8352e670 R15: ffff888011dd7e68 [ 100.506748] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.507404] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.507875] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ef0 [ 100.508459] PKRU: 55555554 [ 100.508693] Call Trace: [ 100.508906] [ 100.509096] __iommufd_access_detach+0x1c2/0x2b0 [ 100.509497] iommufd_access_change_pt+0x149/0x270 [ 100.509902] iommufd_access_replace+0xb4/0x120 [ 100.510288] iommufd_test+0x3e5/0x37e0 [ 100.510627] ? lock_release+0x532/0x770 [ 100.510966] ? __might_fault+0x102/0x1b0 [ 100.511322] ? lock_acquire+0x427/0x4c0 [ 100.511656] ? __pfx_iommufd_test+0x10/0x10 [ 100.512005] ? __pfx_lock_release+0x10/0x10 [ 100.512361] ? __pfx_lock_acquire+0x10/0x10 [ 100.512720] ? write_comp_data+0x2f/0x90 [ 100.513056] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.513454] ? write_comp_data+0x2f/0x90 [ 100.513793] iommufd_fops_ioctl+0x37d/0x510 [ 100.514149] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.514575] ? write_comp_data+0x2f/0x90 [ 100.514922] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.515324] __x64_sys_ioctl+0x1a3/0x230 [ 100.515665] do_syscall_64+0x3b/0x90 [ 100.515976] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.516399] RIP: 0033:0x7f4b8743ee5d [ 100.516699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.518153] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.518787] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.519372] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.519941] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.520531] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.521102] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.521680] [ 100.521873] irq event stamp: 0 [ 100.522133] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.522664] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.523356] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.524024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.524533] ---[ end trace 0000000000000000 ]--- [ 100.527356] ------------[ cut here ]------------ [ 100.527774] WARNING: CPU: 0 PID: 883 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.528579] Modules linked in: [ 100.528838] CPU: 0 PID: 883 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.529532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.530435] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.530886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.532372] RSP: 0018:ffff888011dd7bd0 EFLAGS: 00010246 [ 100.532802] RAX: 0000000000000000 RBX: ffff8880165198a8 RCX: 0000000000000000 [ 100.533370] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 100.533938] RBP: ffff888011dd7be8 R08: ffffed1002ca3333 R09: ffffed1002ca3333 [ 100.534541] R10: ffff888016519993 R11: ffffed1002ca3332 R12: ffff888012e95000 [ 100.535131] R13: ffff8880165199e8 R14: ffff8880103e0e00 R15: 0000000000000000 [ 100.535703] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.536354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.536822] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.537396] PKRU: 55555554 [ 100.537624] Call Trace: [ 100.537832] [ 100.538017] iommufd_access_destroy_object+0x65/0x170 [ 100.538441] iommufd_object_destroy_user+0x18e/0x220 [ 100.538878] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.539374] iommufd_access_destroy+0x43/0x70 [ 100.539749] iommufd_test_staccess_release+0x8d/0xd0 [ 100.540169] __fput+0x26d/0xa40 [ 100.540449] ____fput+0x1e/0x30 [ 100.540729] task_work_run+0x1a4/0x2d0 [ 100.541061] ? __pfx_task_work_run+0x10/0x10 [ 100.541421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.541826] ? switch_task_namespaces+0xa9/0xe0 [ 100.542216] do_exit+0xb17/0x2ef0 [ 100.542497] ? lock_acquire+0x427/0x4c0 [ 100.542857] ? __pfx_lock_release+0x10/0x10 [ 100.543239] ? __kasan_check_write+0x18/0x20 [ 100.543604] ? do_raw_spin_lock+0x132/0x2a0 [ 100.543957] ? __pfx_do_exit+0x10/0x10 [ 100.544283] ? debug_smp_processor_id+0x20/0x30 [ 100.544667] ? rcu_is_watching+0x19/0xb0 [ 100.545005] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.545381] ? trace_hardirqs_on+0x26/0x120 [ 100.545737] do_group_exit+0xe0/0x2b0 [ 100.546047] __x64_sys_exit_group+0x47/0x50 [ 100.546396] do_syscall_64+0x3b/0x90 [ 100.546730] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.547171] RIP: 0033:0x7f4b87518a4d [ 100.547473] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.547973] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.548605] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.549197] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.549775] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.550347] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.550951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.551554] [ 100.551748] irq event stamp: 0 [ 100.552008] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.552516] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.553205] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.553893] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.554404] ---[ end trace 0000000000000000 ]--- [ 100.555150] ------------[ cut here ]------------ [ 100.555533] WARNING: CPU: 0 PID: 883 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.556353] Modules linked in: [ 100.556614] CPU: 0 PID: 883 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.557307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.558225] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.558671] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.560151] RSP: 0018:ffff888011dd7b78 EFLAGS: 00010246 [ 100.560577] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.561148] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 100.561718] RBP: ffff888011dd7b98 R08: ffffed1002ca333e R09: ffffed1002ca333e [ 100.562294] R10: ffff8880165199ef R11: ffffed1002ca333d R12: ffff888016519a90 [ 100.562889] R13: ffff8880165198a8 R14: ffffffffffffffff R15: ffff888011dd7c60 [ 100.563476] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.564120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.564592] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.565166] PKRU: 55555554 [ 100.565395] Call Trace: [ 100.565603] [ 100.565788] iommufd_ioas_destroy+0x53/0x70 [ 100.566143] iommufd_fops_release+0x1f7/0x370 [ 100.566532] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.566943] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.567358] ? write_comp_data+0x2f/0x90 [ 100.567695] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.568099] __fput+0x26d/0xa40 [ 100.568382] ____fput+0x1e/0x30 [ 100.568660] task_work_run+0x1a4/0x2d0 [ 100.568982] ? __pfx_task_work_run+0x10/0x10 [ 100.569345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.569745] ? switch_task_namespaces+0xa9/0xe0 [ 100.570130] do_exit+0xb17/0x2ef0 [ 100.570409] ? lock_acquire+0x427/0x4c0 [ 100.570759] ? __pfx_lock_release+0x10/0x10 [ 100.571120] ? __kasan_check_write+0x18/0x20 [ 100.571481] ? do_raw_spin_lock+0x132/0x2a0 [ 100.571832] ? __pfx_do_exit+0x10/0x10 [ 100.572160] ? debug_smp_processor_id+0x20/0x30 [ 100.572539] ? rcu_is_watching+0x19/0xb0 [ 100.572869] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.573237] ? trace_hardirqs_on+0x26/0x120 [ 100.573591] do_group_exit+0xe0/0x2b0 [ 100.573899] __x64_sys_exit_group+0x47/0x50 [ 100.574246] do_syscall_64+0x3b/0x90 [ 100.574563] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.574976] RIP: 0033:0x7f4b87518a4d [ 100.575279] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.575756] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.576346] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.576898] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.577446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.577996] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.578573] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.579146] [ 100.579330] irq event stamp: 0 [ 100.579580] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.580071] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.580726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.581377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.581866] ---[ end trace 0000000000000000 ]--- [ 100.586208] ------------[ cut here ]------------ [ 100.586830] WARNING: CPU: 0 PID: 884 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.587642] Modules linked in: [ 100.587895] CPU: 0 PID: 884 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.588565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.589434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.589822] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.591234] RSP: 0018:ffff888016157bb8 EFLAGS: 00010246 [ 100.591641] RAX: 0000000000000000 RBX: ffff88801612c0a8 RCX: 0000000000000000 [ 100.592181] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 100.592723] RBP: ffff888016157bd0 R08: ffffed1002c25833 R09: ffffed1002c25833 [ 100.593273] R10: ffff88801612c193 R11: ffffed1002c25832 R12: ffff8880140fc400 [ 100.593821] R13: ffff88801612c1e8 R14: ffffffff8352e670 R15: ffff888016157e68 [ 100.594370] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.595004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.595483] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 100.596037] PKRU: 55555554 [ 100.596258] Call Trace: [ 100.596453] [ 100.596626] __iommufd_access_detach+0x1c2/0x2b0 [ 100.597000] iommufd_access_change_pt+0x149/0x270 [ 100.597384] iommufd_access_replace+0xb4/0x120 [ 100.597743] iommufd_test+0x3e5/0x37e0 [ 100.598041] ? lock_release+0x532/0x770 [ 100.598359] ? __might_fault+0x102/0x1b0 [ 100.598696] ? lock_acquire+0x427/0x4c0 [ 100.599020] ? __pfx_iommufd_test+0x10/0x10 [ 100.599369] ? __pfx_lock_release+0x10/0x10 [ 100.599713] ? __pfx_lock_acquire+0x10/0x10 [ 100.600060] ? write_comp_data+0x2f/0x90 [ 100.600390] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.600777] ? write_comp_data+0x2f/0x90 [ 100.601105] iommufd_fops_ioctl+0x37d/0x510 [ 100.601441] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.601820] ? write_comp_data+0x2f/0x90 [ 100.602144] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.602543] __x64_sys_ioctl+0x1a3/0x230 [ 100.602873] do_syscall_64+0x3b/0x90 [ 100.603182] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.603592] RIP: 0033:0x7f4b8743ee5d [ 100.603882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.605287] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.605872] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.606425] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.607006] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.607565] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.608105] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.608665] [ 100.608846] irq event stamp: 0 [ 100.609090] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.609571] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.610226] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.610898] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.611399] ---[ end trace 0000000000000000 ]--- [ 100.614057] ------------[ cut here ]------------ [ 100.614432] WARNING: CPU: 0 PID: 884 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.615238] Modules linked in: [ 100.615488] CPU: 0 PID: 884 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.616149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.617008] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.617392] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.618792] RSP: 0018:ffff888016157bd0 EFLAGS: 00010246 [ 100.619209] RAX: 0000000000000000 RBX: ffff88801612c0a8 RCX: 0000000000000000 [ 100.619760] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 100.620309] RBP: ffff888016157be8 R08: ffffed1002c25833 R09: ffffed1002c25833 [ 100.620866] R10: ffff88801612c193 R11: ffffed1002c25832 R12: ffff888013b14c00 [ 100.621415] R13: ffff88801612c1e8 R14: ffff88800b8e3b00 R15: 0000000000000000 [ 100.621955] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.622602] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.623060] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.623627] PKRU: 55555554 [ 100.623851] Call Trace: [ 100.624052] [ 100.624233] iommufd_access_destroy_object+0x65/0x170 [ 100.624646] iommufd_object_destroy_user+0x18e/0x220 [ 100.625049] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.625506] iommufd_access_destroy+0x43/0x70 [ 100.625866] iommufd_test_staccess_release+0x8d/0xd0 [ 100.626273] __fput+0x26d/0xa40 [ 100.626575] ____fput+0x1e/0x30 [ 100.626846] task_work_run+0x1a4/0x2d0 [ 100.627169] ? __pfx_task_work_run+0x10/0x10 [ 100.627522] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.627913] ? switch_task_namespaces+0xa9/0xe0 [ 100.628291] do_exit+0xb17/0x2ef0 [ 100.628564] ? lock_acquire+0x427/0x4c0 [ 100.628884] ? __pfx_lock_release+0x10/0x10 [ 100.629228] ? __kasan_check_write+0x18/0x20 [ 100.629579] ? do_raw_spin_lock+0x132/0x2a0 [ 100.629917] ? __pfx_do_exit+0x10/0x10 [ 100.630233] ? debug_smp_processor_id+0x20/0x30 [ 100.630621] ? rcu_is_watching+0x19/0xb0 [ 100.630945] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.631316] ? trace_hardirqs_on+0x26/0x120 [ 100.631666] do_group_exit+0xe0/0x2b0 [ 100.631969] __x64_sys_exit_group+0x47/0x50 [ 100.632309] do_syscall_64+0x3b/0x90 [ 100.632610] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.633024] RIP: 0033:0x7f4b87518a4d [ 100.633317] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.633796] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.634385] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.634964] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.635536] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.636092] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.636646] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.637203] [ 100.637387] irq event stamp: 0 [ 100.637634] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.638137] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.638809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.639472] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.639964] ---[ end trace 0000000000000000 ]--- [ 100.640654] ------------[ cut here ]------------ [ 100.641021] WARNING: CPU: 0 PID: 884 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.641818] Modules linked in: [ 100.642070] CPU: 0 PID: 884 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.642775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.643669] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.644076] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.645491] RSP: 0018:ffff888016157b78 EFLAGS: 00010246 [ 100.645908] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.646461] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 100.647042] RBP: ffff888016157b98 R08: ffffed1002c2583e R09: ffffed1002c2583e [ 100.647609] R10: ffff88801612c1ef R11: ffffed1002c2583d R12: ffff88801612c290 [ 100.648164] R13: ffff88801612c0a8 R14: ffffffffffffffff R15: ffff888016157c60 [ 100.648716] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.649337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.649786] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.650343] PKRU: 55555554 [ 100.650582] Call Trace: [ 100.650786] [ 100.650968] iommufd_ioas_destroy+0x53/0x70 [ 100.651325] iommufd_fops_release+0x1f7/0x370 [ 100.651685] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.652081] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.652471] ? write_comp_data+0x2f/0x90 [ 100.652799] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.653193] __fput+0x26d/0xa40 [ 100.653469] ____fput+0x1e/0x30 [ 100.653737] task_work_run+0x1a4/0x2d0 [ 100.654050] ? __pfx_task_work_run+0x10/0x10 [ 100.654401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.654811] ? switch_task_namespaces+0xa9/0xe0 [ 100.655201] do_exit+0xb17/0x2ef0 [ 100.655478] ? lock_acquire+0x427/0x4c0 [ 100.655802] ? __pfx_lock_release+0x10/0x10 [ 100.656149] ? __kasan_check_write+0x18/0x20 [ 100.656505] ? do_raw_spin_lock+0x132/0x2a0 [ 100.656852] ? __pfx_do_exit+0x10/0x10 [ 100.657168] ? debug_smp_processor_id+0x20/0x30 [ 100.657540] ? rcu_is_watching+0x19/0xb0 [ 100.657862] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.658225] ? trace_hardirqs_on+0x26/0x120 [ 100.658591] do_group_exit+0xe0/0x2b0 [ 100.658899] __x64_sys_exit_group+0x47/0x50 [ 100.659251] do_syscall_64+0x3b/0x90 [ 100.659551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.659963] RIP: 0033:0x7f4b87518a4d [ 100.660255] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.660738] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.661330] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.661882] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.662434] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.663006] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.663579] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.664149] [ 100.664336] irq event stamp: 0 [ 100.664583] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.665077] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.665732] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.666384] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.666898] ---[ end trace 0000000000000000 ]--- [ 100.671537] ------------[ cut here ]------------ [ 100.671931] WARNING: CPU: 0 PID: 885 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.672708] Modules linked in: [ 100.672959] CPU: 0 PID: 885 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.673632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.674538] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.674931] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.676602] RSP: 0018:ffff888023e07bb8 EFLAGS: 00010246 [ 100.677031] RAX: 0000000000000000 RBX: ffff8880167f58a8 RCX: 0000000000000000 [ 100.677589] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 100.678291] RBP: ffff888023e07bd0 R08: ffffed1002cfeb33 R09: ffffed1002cfeb33 [ 100.678870] R10: ffff8880167f5993 R11: ffffed1002cfeb32 R12: ffff888021baa800 [ 100.679578] R13: ffff8880167f59e8 R14: ffffffff8352e670 R15: ffff888023e07e68 [ 100.680137] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.680899] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.681351] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 100.682048] PKRU: 55555554 [ 100.682275] Call Trace: [ 100.682476] [ 100.682674] __iommufd_access_detach+0x1c2/0x2b0 [ 100.683065] iommufd_access_change_pt+0x149/0x270 [ 100.683482] iommufd_access_replace+0xb4/0x120 [ 100.683980] iommufd_test+0x3e5/0x37e0 [ 100.684291] ? lock_release+0x532/0x770 [ 100.684616] ? __might_fault+0x102/0x1b0 [ 100.684945] ? lock_acquire+0x427/0x4c0 [ 100.685393] ? __pfx_iommufd_test+0x10/0x10 [ 100.685734] ? __pfx_lock_release+0x10/0x10 [ 100.686083] ? __pfx_lock_acquire+0x10/0x10 [ 100.686491] ? write_comp_data+0x2f/0x90 [ 100.686915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.687314] ? write_comp_data+0x2f/0x90 [ 100.687645] iommufd_fops_ioctl+0x37d/0x510 [ 100.688025] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.688507] ? write_comp_data+0x2f/0x90 [ 100.688844] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.689226] __x64_sys_ioctl+0x1a3/0x230 [ 100.689683] do_syscall_64+0x3b/0x90 [ 100.689987] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.690404] RIP: 0033:0x7f4b8743ee5d [ 100.690762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.692273] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.693010] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.693564] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.694117] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.694710] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.695280] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.695845] [ 100.696028] irq event stamp: 0 [ 100.696274] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.696766] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.697417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.698077] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.698586] ---[ end trace 0000000000000000 ]--- [ 100.701704] ------------[ cut here ]------------ [ 100.702084] WARNING: CPU: 0 PID: 885 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.703052] Modules linked in: [ 100.703318] CPU: 0 PID: 885 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.704012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.704930] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.705337] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.706825] RSP: 0018:ffff888023e07bd0 EFLAGS: 00010246 [ 100.707282] RAX: 0000000000000000 RBX: ffff8880167f58a8 RCX: 0000000000000000 [ 100.707869] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 100.708443] RBP: ffff888023e07be8 R08: ffffed1002cfeb33 R09: ffffed1002cfeb33 [ 100.709013] R10: ffff8880167f5993 R11: ffffed1002cfeb32 R12: ffff8880140fc000 [ 100.709584] R13: ffff8880167f59e8 R14: ffff888010aa9f00 R15: 0000000000000000 [ 100.710154] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.710818] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.711300] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.711872] PKRU: 55555554 [ 100.712100] Call Trace: [ 100.712308] [ 100.712493] iommufd_access_destroy_object+0x65/0x170 [ 100.712921] iommufd_object_destroy_user+0x18e/0x220 [ 100.713335] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.713806] iommufd_access_destroy+0x43/0x70 [ 100.714178] iommufd_test_staccess_release+0x8d/0xd0 [ 100.714617] __fput+0x26d/0xa40 [ 100.714906] ____fput+0x1e/0x30 [ 100.715197] task_work_run+0x1a4/0x2d0 [ 100.715525] ? __pfx_task_work_run+0x10/0x10 [ 100.715889] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.716291] ? switch_task_namespaces+0xa9/0xe0 [ 100.716678] do_exit+0xb17/0x2ef0 [ 100.716960] ? lock_acquire+0x427/0x4c0 [ 100.717292] ? __pfx_lock_release+0x10/0x10 [ 100.717646] ? __kasan_check_write+0x18/0x20 [ 100.718011] ? do_raw_spin_lock+0x132/0x2a0 [ 100.718364] ? __pfx_do_exit+0x10/0x10 [ 100.718712] ? debug_smp_processor_id+0x20/0x30 [ 100.719102] ? rcu_is_watching+0x19/0xb0 [ 100.719454] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.719832] ? trace_hardirqs_on+0x26/0x120 [ 100.720195] do_group_exit+0xe0/0x2b0 [ 100.720509] __x64_sys_exit_group+0x47/0x50 [ 100.720859] do_syscall_64+0x3b/0x90 [ 100.721171] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.721596] RIP: 0033:0x7f4b87518a4d [ 100.721898] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.722396] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.723037] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.723623] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.724194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.724764] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.725333] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.725913] [ 100.726104] irq event stamp: 0 [ 100.726359] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.726890] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.727587] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.728271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.728780] ---[ end trace 0000000000000000 ]--- [ 100.729545] ------------[ cut here ]------------ [ 100.730090] WARNING: CPU: 0 PID: 885 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.730947] Modules linked in: [ 100.731281] CPU: 0 PID: 885 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.732103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.733162] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.733585] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.735239] RSP: 0018:ffff888023e07b78 EFLAGS: 00010246 [ 100.735819] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.736396] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 100.737023] RBP: ffff888023e07b98 R08: ffffed1002cfeb3e R09: ffffed1002cfeb3e [ 100.737678] R10: ffff8880167f59ef R11: ffffed1002cfeb3d R12: ffff8880167f5a90 [ 100.738290] R13: ffff8880167f58a8 R14: ffffffffffffffff R15: ffff888023e07c60 [ 100.738983] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.739640] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.740108] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.740685] PKRU: 55555554 [ 100.740917] Call Trace: [ 100.741124] [ 100.741306] iommufd_ioas_destroy+0x53/0x70 [ 100.741666] iommufd_fops_release+0x1f7/0x370 [ 100.742051] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.742458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.742886] ? write_comp_data+0x2f/0x90 [ 100.743247] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.743658] __fput+0x26d/0xa40 [ 100.743953] ____fput+0x1e/0x30 [ 100.744235] task_work_run+0x1a4/0x2d0 [ 100.744567] ? __pfx_task_work_run+0x10/0x10 [ 100.744930] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.745328] ? switch_task_namespaces+0xa9/0xe0 [ 100.745718] do_exit+0xb17/0x2ef0 [ 100.746000] ? lock_acquire+0x427/0x4c0 [ 100.746335] ? __pfx_lock_release+0x10/0x10 [ 100.746716] ? __kasan_check_write+0x18/0x20 [ 100.747086] ? do_raw_spin_lock+0x132/0x2a0 [ 100.747450] ? __pfx_do_exit+0x10/0x10 [ 100.747779] ? debug_smp_processor_id+0x20/0x30 [ 100.748160] ? rcu_is_watching+0x19/0xb0 [ 100.748492] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.748865] ? trace_hardirqs_on+0x26/0x120 [ 100.749221] do_group_exit+0xe0/0x2b0 [ 100.749532] __x64_sys_exit_group+0x47/0x50 [ 100.749880] do_syscall_64+0x3b/0x90 [ 100.750190] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.750635] RIP: 0033:0x7f4b87518a4d [ 100.750937] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.751439] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.752053] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.752623] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.753196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.753764] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.754334] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.754928] [ 100.755132] irq event stamp: 0 [ 100.755389] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.755895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.756569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.757244] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.757752] ---[ end trace 0000000000000000 ]--- [ 100.761951] ------------[ cut here ]------------ [ 100.762556] WARNING: CPU: 0 PID: 886 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.763394] Modules linked in: [ 100.763672] CPU: 0 PID: 886 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.764483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.765386] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.765787] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.767287] RSP: 0018:ffff888016427bb8 EFLAGS: 00010246 [ 100.767720] RAX: 0000000000000000 RBX: ffff888010f0f0a8 RCX: 0000000000000000 [ 100.768290] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 100.768860] RBP: ffff888016427bd0 R08: ffffed10021e1e33 R09: ffffed10021e1e33 [ 100.769431] R10: ffff888010f0f193 R11: ffffed10021e1e32 R12: ffff888010b27400 [ 100.770002] R13: ffff888010f0f1e8 R14: ffffffff8352e670 R15: ffff888016427e68 [ 100.770592] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.771252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.771727] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 100.772298] PKRU: 55555554 [ 100.772528] Call Trace: [ 100.772735] [ 100.772918] __iommufd_access_detach+0x1c2/0x2b0 [ 100.773315] iommufd_access_change_pt+0x149/0x270 [ 100.773714] iommufd_access_replace+0xb4/0x120 [ 100.774096] iommufd_test+0x3e5/0x37e0 [ 100.774412] ? lock_release+0x532/0x770 [ 100.774771] ? __might_fault+0x102/0x1b0 [ 100.775118] ? lock_acquire+0x427/0x4c0 [ 100.775454] ? __pfx_iommufd_test+0x10/0x10 [ 100.775802] ? __pfx_lock_release+0x10/0x10 [ 100.776158] ? __pfx_lock_acquire+0x10/0x10 [ 100.776523] ? write_comp_data+0x2f/0x90 [ 100.776870] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.777273] ? write_comp_data+0x2f/0x90 [ 100.777614] iommufd_fops_ioctl+0x37d/0x510 [ 100.777971] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.778367] ? write_comp_data+0x2f/0x90 [ 100.778726] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.779135] __x64_sys_ioctl+0x1a3/0x230 [ 100.779488] do_syscall_64+0x3b/0x90 [ 100.779811] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.780243] RIP: 0033:0x7f4b8743ee5d [ 100.780546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.782012] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.782654] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.783243] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.783813] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.784385] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.784958] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.785544] [ 100.785733] irq event stamp: 0 [ 100.785986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.786496] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.787201] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.787877] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.788390] ---[ end trace 0000000000000000 ]--- [ 100.791510] ------------[ cut here ]------------ [ 100.791913] WARNING: CPU: 0 PID: 886 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.792907] Modules linked in: [ 100.793169] CPU: 0 PID: 886 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.793932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.794947] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.795363] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.796983] RSP: 0018:ffff888016427bd0 EFLAGS: 00010246 [ 100.797570] RAX: 0000000000000000 RBX: ffff888010f0f0a8 RCX: 0000000000000000 [ 100.798154] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 100.798829] RBP: ffff888016427be8 R08: ffffed10021e1e33 R09: ffffed10021e1e33 [ 100.799493] R10: ffff888010f0f193 R11: ffffed10021e1e32 R12: ffff888021babc00 [ 100.800083] R13: ffff888010f0f1e8 R14: ffff888013996b00 R15: 0000000000000000 [ 100.800830] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.801486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.802119] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.802723] PKRU: 55555554 [ 100.802956] Call Trace: [ 100.803175] [ 100.803431] iommufd_access_destroy_object+0x65/0x170 [ 100.803947] iommufd_object_destroy_user+0x18e/0x220 [ 100.804365] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.804908] iommufd_access_destroy+0x43/0x70 [ 100.805352] iommufd_test_staccess_release+0x8d/0xd0 [ 100.805778] __fput+0x26d/0xa40 [ 100.806066] ____fput+0x1e/0x30 [ 100.806485] task_work_run+0x1a4/0x2d0 [ 100.806841] ? __pfx_task_work_run+0x10/0x10 [ 100.807224] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.807628] ? switch_task_namespaces+0xa9/0xe0 [ 100.808036] do_exit+0xb17/0x2ef0 [ 100.808457] ? lock_acquire+0x427/0x4c0 [ 100.808788] ? __pfx_lock_release+0x10/0x10 [ 100.809144] ? __kasan_check_write+0x18/0x20 [ 100.809526] ? do_raw_spin_lock+0x132/0x2a0 [ 100.810009] ? __pfx_do_exit+0x10/0x10 [ 100.810341] ? debug_smp_processor_id+0x20/0x30 [ 100.810742] ? rcu_is_watching+0x19/0xb0 [ 100.811075] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.811610] ? trace_hardirqs_on+0x26/0x120 [ 100.811968] do_group_exit+0xe0/0x2b0 [ 100.812281] __x64_sys_exit_group+0x47/0x50 [ 100.812629] do_syscall_64+0x3b/0x90 [ 100.813069] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.813493] RIP: 0033:0x7f4b87518a4d [ 100.813797] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.814438] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.815093] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.815694] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.816429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.817004] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.817721] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.818314] [ 100.818532] irq event stamp: 0 [ 100.818793] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.819475] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.820164] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.820995] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.821510] ---[ end trace 0000000000000000 ]--- [ 100.822360] ------------[ cut here ]------------ [ 100.822794] WARNING: CPU: 0 PID: 886 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.823845] Modules linked in: [ 100.824126] CPU: 0 PID: 886 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.824868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.825961] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.826476] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.828191] RSP: 0018:ffff888016427b78 EFLAGS: 00010246 [ 100.828736] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.829374] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 100.830129] RBP: ffff888016427b98 R08: ffffed10021e1e3e R09: ffffed10021e1e3e [ 100.830781] R10: ffff888010f0f1ef R11: ffffed10021e1e3d R12: ffff888010f0f290 [ 100.831578] R13: ffff888010f0f0a8 R14: ffffffffffffffff R15: ffff888016427c60 [ 100.832207] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.833082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.833589] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.834239] PKRU: 55555554 [ 100.834637] Call Trace: [ 100.834866] [ 100.835061] iommufd_ioas_destroy+0x53/0x70 [ 100.835461] iommufd_fops_release+0x1f7/0x370 [ 100.835875] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.836557] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.836999] ? write_comp_data+0x2f/0x90 [ 100.837367] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.837973] __fput+0x26d/0xa40 [ 100.838283] ____fput+0x1e/0x30 [ 100.838607] task_work_run+0x1a4/0x2d0 [ 100.838963] ? __pfx_task_work_run+0x10/0x10 [ 100.839372] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.840004] ? switch_task_namespaces+0xa9/0xe0 [ 100.840426] do_exit+0xb17/0x2ef0 [ 100.840736] ? lock_acquire+0x427/0x4c0 [ 100.841245] ? __pfx_lock_release+0x10/0x10 [ 100.841633] ? __kasan_check_write+0x18/0x20 [ 100.842027] ? do_raw_spin_lock+0x132/0x2a0 [ 100.842426] ? __pfx_do_exit+0x10/0x10 [ 100.842935] ? debug_smp_processor_id+0x20/0x30 [ 100.843372] ? rcu_is_watching+0x19/0xb0 [ 100.843738] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.844140] ? trace_hardirqs_on+0x26/0x120 [ 100.844704] do_group_exit+0xe0/0x2b0 [ 100.845050] __x64_sys_exit_group+0x47/0x50 [ 100.845432] do_syscall_64+0x3b/0x90 [ 100.845795] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.846406] RIP: 0033:0x7f4b87518a4d [ 100.846762] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.847317] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.848158] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.848775] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.849554] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.850173] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.850992] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.851640] [ 100.851849] irq event stamp: 0 [ 100.852130] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.852762] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.853598] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.854497] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.855079] ---[ end trace 0000000000000000 ]--- [ 100.859310] ------------[ cut here ]------------ [ 100.859786] WARNING: CPU: 0 PID: 887 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.860701] Modules linked in: [ 100.860997] CPU: 0 PID: 887 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.861800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.862922] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.863399] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.865047] RSP: 0018:ffff888016157bb8 EFLAGS: 00010246 [ 100.865528] RAX: 0000000000000000 RBX: ffff88801587c0a8 RCX: 0000000000000000 [ 100.866168] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 100.866855] RBP: ffff888016157bd0 R08: ffffed1002b0f833 R09: ffffed1002b0f833 [ 100.867540] R10: ffff88801587c193 R11: ffffed1002b0f832 R12: ffff888016630c00 [ 100.868202] R13: ffff88801587c1e8 R14: ffffffff8352e670 R15: ffff888016157e68 [ 100.868862] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.869601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.870130] CR2: 00007f4b877410e8 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 100.870812] PKRU: 55555554 [ 100.871085] Call Trace: [ 100.871331] [ 100.871540] __iommufd_access_detach+0x1c2/0x2b0 [ 100.871996] iommufd_access_change_pt+0x149/0x270 [ 100.872457] iommufd_access_replace+0xb4/0x120 [ 100.872891] iommufd_test+0x3e5/0x37e0 [ 100.873251] ? lock_release+0x532/0x770 [ 100.873623] ? __might_fault+0x102/0x1b0 [ 100.874001] ? lock_acquire+0x427/0x4c0 [ 100.874374] ? __pfx_iommufd_test+0x10/0x10 [ 100.874792] ? __pfx_lock_release+0x10/0x10 [ 100.875222] ? __pfx_lock_acquire+0x10/0x10 [ 100.875638] ? write_comp_data+0x2f/0x90 [ 100.876031] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.876491] ? write_comp_data+0x2f/0x90 [ 100.876875] iommufd_fops_ioctl+0x37d/0x510 [ 100.877285] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.877748] ? write_comp_data+0x2f/0x90 [ 100.878139] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.878611] __x64_sys_ioctl+0x1a3/0x230 [ 100.879004] do_syscall_64+0x3b/0x90 [ 100.879368] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.879830] RIP: 0033:0x7f4b8743ee5d [ 100.880159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.881740] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.882405] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.883051] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.883673] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.884292] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.884911] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.885544] [ 100.885750] irq event stamp: 0 [ 100.886026] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.886598] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.887343] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.888062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.888613] ---[ end trace 0000000000000000 ]--- [ 100.891805] ------------[ cut here ]------------ [ 100.892256] WARNING: CPU: 0 PID: 887 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.893118] Modules linked in: [ 100.893396] CPU: 0 PID: 887 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.894141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.895163] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.895613] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.897209] RSP: 0018:ffff888016157bd0 EFLAGS: 00010246 [ 100.897666] RAX: 0000000000000000 RBX: ffff88801587c0a8 RCX: 0000000000000000 [ 100.898280] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 100.898918] RBP: ffff888016157be8 R08: ffffed1002b0f833 R09: ffffed1002b0f833 [ 100.899547] R10: ffff88801587c193 R11: ffffed1002b0f832 R12: ffff888010b25800 [ 100.900172] R13: ffff88801587c1e8 R14: ffff888013ceda00 R15: 0000000000000000 [ 100.900800] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.901504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.902013] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.902665] PKRU: 55555554 [ 100.902919] Call Trace: [ 100.903159] [ 100.903362] iommufd_access_destroy_object+0x65/0x170 [ 100.903824] iommufd_object_destroy_user+0x18e/0x220 [ 100.904281] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 100.904795] iommufd_access_destroy+0x43/0x70 [ 100.905204] iommufd_test_staccess_release+0x8d/0xd0 [ 100.905664] __fput+0x26d/0xa40 [ 100.905972] ____fput+0x1e/0x30 [ 100.906277] task_work_run+0x1a4/0x2d0 [ 100.906659] ? __pfx_task_work_run+0x10/0x10 [ 100.907060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.907523] ? switch_task_namespaces+0xa9/0xe0 [ 100.907952] do_exit+0xb17/0x2ef0 [ 100.908264] ? lock_acquire+0x427/0x4c0 [ 100.908632] ? __pfx_lock_release+0x10/0x10 [ 100.909029] ? __kasan_check_write+0x18/0x20 [ 100.909424] ? do_raw_spin_lock+0x132/0x2a0 [ 100.909809] ? __pfx_do_exit+0x10/0x10 [ 100.910167] ? debug_smp_processor_id+0x20/0x30 [ 100.910618] ? rcu_is_watching+0x19/0xb0 [ 100.910994] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.911416] ? trace_hardirqs_on+0x26/0x120 [ 100.911808] do_group_exit+0xe0/0x2b0 [ 100.912155] __x64_sys_exit_group+0x47/0x50 [ 100.912541] do_syscall_64+0x3b/0x90 [ 100.912889] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.913367] RIP: 0033:0x7f4b87518a4d [ 100.913710] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.914261] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.914973] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.915617] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.916239] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.916875] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.917502] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.918142] [ 100.918351] irq event stamp: 0 [ 100.918667] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.919243] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.919976] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.920707] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.921257] ---[ end trace 0000000000000000 ]--- [ 100.922027] ------------[ cut here ]------------ [ 100.922446] WARNING: CPU: 0 PID: 887 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 100.923370] Modules linked in: [ 100.923663] CPU: 0 PID: 887 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.924426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.925425] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 100.925881] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 100.927525] RSP: 0018:ffff888016157b78 EFLAGS: 00010246 [ 100.928017] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 100.928670] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 100.929297] RBP: ffff888016157b98 R08: ffffed1002b0f83e R09: ffffed1002b0f83e [ 100.929920] R10: ffff88801587c1ef R11: ffffed1002b0f83d R12: ffff88801587c290 [ 100.930583] R13: ffff88801587c0a8 R14: ffffffffffffffff R15: ffff888016157c60 [ 100.931303] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.932030] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.932541] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 100.933164] PKRU: 55555554 [ 100.933418] Call Trace: [ 100.933645] [ 100.933859] iommufd_ioas_destroy+0x53/0x70 [ 100.934256] iommufd_fops_release+0x1f7/0x370 [ 100.934727] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.935308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.935866] ? write_comp_data+0x2f/0x90 [ 100.936317] ? __pfx_iommufd_fops_release+0x10/0x10 [ 100.937123] __fput+0x26d/0xa40 [ 100.937533] ____fput+0x1e/0x30 [ 100.937939] task_work_run+0x1a4/0x2d0 [ 100.938420] ? __pfx_task_work_run+0x10/0x10 [ 100.938952] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.939485] ? switch_task_namespaces+0xa9/0xe0 [ 100.939922] do_exit+0xb17/0x2ef0 [ 100.940356] ? lock_acquire+0x427/0x4c0 [ 100.940862] ? __pfx_lock_release+0x10/0x10 [ 100.941255] ? __kasan_check_write+0x18/0x20 [ 100.941645] ? do_raw_spin_lock+0x132/0x2a0 [ 100.942023] ? __pfx_do_exit+0x10/0x10 [ 100.942376] ? debug_smp_processor_id+0x20/0x30 [ 100.942892] ? rcu_is_watching+0x19/0xb0 [ 100.943382] ? _raw_spin_unlock_irq+0x2b/0x60 [ 100.943797] ? trace_hardirqs_on+0x26/0x120 [ 100.944190] do_group_exit+0xe0/0x2b0 [ 100.944530] __x64_sys_exit_group+0x47/0x50 [ 100.944918] do_syscall_64+0x3b/0x90 [ 100.945261] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.945733] RIP: 0033:0x7f4b87518a4d [ 100.946129] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 100.946860] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 100.947545] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 100.948164] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 100.949001] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 100.949619] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 100.950256] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 100.950973] [ 100.951278] irq event stamp: 0 [ 100.951762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.952366] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.953146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.954007] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.954877] ---[ end trace 0000000000000000 ]--- [ 100.960256] ------------[ cut here ]------------ [ 100.960744] WARNING: CPU: 0 PID: 888 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.961723] Modules linked in: [ 100.962124] CPU: 0 PID: 888 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 100.963100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 100.964179] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 100.964671] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 100.966410] RSP: 0018:ffff888023e07bb8 EFLAGS: 00010246 [ 100.966972] RAX: 0000000000000000 RBX: ffff88800fe238a8 RCX: 0000000000000000 [ 100.967668] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 100.968344] RBP: ffff888023e07bd0 R08: ffffed1001fc4733 R09: ffffed1001fc4733 [ 100.969028] R10: ffff88800fe23993 R11: ffffed1001fc4732 R12: ffff888010825c00 [ 100.969705] R13: ffff88800fe239e8 R14: ffffffff8352e670 R15: ffff888023e07e68 [ 100.970384] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 100.971197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.971764] CR2: 00007f4b877410e8 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 100.972451] PKRU: 55555554 [ 100.972733] Call Trace: [ 100.972982] [ 100.973210] __iommufd_access_detach+0x1c2/0x2b0 [ 100.973685] iommufd_access_change_pt+0x149/0x270 [ 100.974160] iommufd_access_replace+0xb4/0x120 [ 100.974655] iommufd_test+0x3e5/0x37e0 [ 100.975046] ? lock_release+0x532/0x770 [ 100.975472] ? __might_fault+0x102/0x1b0 [ 100.975882] ? lock_acquire+0x427/0x4c0 [ 100.976277] ? __pfx_iommufd_test+0x10/0x10 [ 100.976691] ? __pfx_lock_release+0x10/0x10 [ 100.977118] ? __pfx_lock_acquire+0x10/0x10 [ 100.977541] ? write_comp_data+0x2f/0x90 [ 100.977948] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 100.978422] ? write_comp_data+0x2f/0x90 [ 100.978890] iommufd_fops_ioctl+0x37d/0x510 [ 100.979340] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.979821] ? write_comp_data+0x2f/0x90 [ 100.980230] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 100.980708] __x64_sys_ioctl+0x1a3/0x230 [ 100.981124] do_syscall_64+0x3b/0x90 [ 100.981504] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 100.982041] RIP: 0033:0x7f4b8743ee5d [ 100.982436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 100.984385] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 100.985204] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 100.985956] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 100.986753] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 100.987528] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 100.988278] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 100.989036] [ 100.989284] irq event stamp: 0 [ 100.989616] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 100.990275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 100.991228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 100.992133] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 100.992794] ---[ end trace 0000000000000000 ]--- [ 100.996398] ------------[ cut here ]------------ [ 100.996933] WARNING: CPU: 0 PID: 888 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 100.998274] Modules linked in: [ 100.999177] CPU: 0 PID: 888 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.000109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.001280] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.001811] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.004266] RSP: 0018:ffff888023e07bd0 EFLAGS: 00010246 [ 101.004849] RAX: 0000000000000000 RBX: ffff88800fe238a8 RCX: 0000000000000000 [ 101.005587] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 101.006326] RBP: ffff888023e07be8 R08: ffffed1001fc4733 R09: ffffed1001fc4733 [ 101.007102] R10: ffff88800fe23993 R11: ffffed1001fc4732 R12: ffff888016632400 [ 101.007865] R13: ffff88800fe239e8 R14: ffff888020986f00 R15: 0000000000000000 [ 101.008612] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.009469] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.010090] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.010891] PKRU: 55555554 [ 101.011220] Call Trace: [ 101.011489] [ 101.011731] iommufd_access_destroy_object+0x65/0x170 [ 101.012282] iommufd_object_destroy_user+0x18e/0x220 [ 101.012816] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.013426] iommufd_access_destroy+0x43/0x70 [ 101.013913] iommufd_test_staccess_release+0x8d/0xd0 [ 101.014452] __fput+0x26d/0xa40 [ 101.014866] ____fput+0x1e/0x30 [ 101.015245] task_work_run+0x1a4/0x2d0 [ 101.015678] ? __pfx_task_work_run+0x10/0x10 [ 101.016172] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.016715] ? switch_task_namespaces+0xa9/0xe0 [ 101.017223] do_exit+0xb17/0x2ef0 [ 101.017599] ? lock_acquire+0x427/0x4c0 [ 101.018036] ? __pfx_lock_release+0x10/0x10 [ 101.018503] ? __kasan_check_write+0x18/0x20 [ 101.019049] ? do_raw_spin_lock+0x132/0x2a0 [ 101.019527] ? __pfx_do_exit+0x10/0x10 [ 101.019956] ? debug_smp_processor_id+0x20/0x30 [ 101.020453] ? rcu_is_watching+0x19/0xb0 [ 101.020894] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.021381] ? trace_hardirqs_on+0x26/0x120 [ 101.021852] do_group_exit+0xe0/0x2b0 [ 101.022259] __x64_sys_exit_group+0x47/0x50 [ 101.022770] do_syscall_64+0x3b/0x90 [ 101.023191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.023748] RIP: 0033:0x7f4b87518a4d [ 101.024143] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.024793] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.025591] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.026349] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.027179] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.027940] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.028698] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.029461] [ 101.029712] irq event stamp: 0 [ 101.030043] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.030768] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.031697] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.032574] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.033255] ---[ end trace 0000000000000000 ]--- [ 101.034315] ------------[ cut here ]------------ [ 101.035215] WARNING: CPU: 0 PID: 888 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.036281] Modules linked in: [ 101.036627] CPU: 0 PID: 888 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.037527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.039043] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.039788] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.041727] RSP: 0018:ffff888023e07b78 EFLAGS: 00010246 [ 101.042380] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.043612] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 101.044398] RBP: ffff888023e07b98 R08: ffffed1001fc473e R09: ffffed1001fc473e [ 101.045163] R10: ffff88800fe239ef R11: ffffed1001fc473d R12: ffff88800fe23a90 [ 101.045977] R13: ffff88800fe238a8 R14: ffffffffffffffff R15: ffff888023e07c60 [ 101.047074] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.048162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.048787] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.049558] PKRU: 55555554 [ 101.049870] Call Trace: [ 101.050178] [ 101.050558] iommufd_ioas_destroy+0x53/0x70 [ 101.051265] iommufd_fops_release+0x1f7/0x370 [ 101.051770] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.052316] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.052848] ? write_comp_data+0x2f/0x90 [ 101.053317] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.053990] __fput+0x26d/0xa40 [ 101.054503] ____fput+0x1e/0x30 [ 101.055076] task_work_run+0x1a4/0x2d0 [ 101.055533] ? __pfx_task_work_run+0x10/0x10 [ 101.056020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.056543] ? switch_task_namespaces+0xa9/0xe0 [ 101.057062] do_exit+0xb17/0x2ef0 [ 101.057453] ? lock_acquire+0x427/0x4c0 [ 101.057979] ? __pfx_lock_release+0x10/0x10 [ 101.058724] ? __kasan_check_write+0x18/0x20 [ 101.059369] ? do_raw_spin_lock+0x132/0x2a0 [ 101.059835] ? __pfx_do_exit+0x10/0x10 [ 101.060267] ? debug_smp_processor_id+0x20/0x30 [ 101.060782] ? rcu_is_watching+0x19/0xb0 [ 101.061224] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.061758] ? trace_hardirqs_on+0x26/0x120 [ 101.062419] do_group_exit+0xe0/0x2b0 [ 101.063083] __x64_sys_exit_group+0x47/0x50 [ 101.063585] do_syscall_64+0x3b/0x90 [ 101.064001] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.064563] RIP: 0033:0x7f4b87518a4d [ 101.064969] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.065663] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.066777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.067743] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.068515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.069288] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.070325] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.071395] [ 101.071671] irq event stamp: 0 [ 101.072013] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.072710] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.073893] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.075035] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.075765] ---[ end trace 0000000000000000 ]--- [ 101.084345] ------------[ cut here ]------------ [ 101.084958] WARNING: CPU: 0 PID: 889 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.086388] Modules linked in: [ 101.087056] CPU: 0 PID: 889 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.088077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.089497] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.090139] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.092620] RSP: 0018:ffff888010e67bb8 EFLAGS: 00010246 [ 101.093362] RAX: 0000000000000000 RBX: ffff88800b8138a8 RCX: 0000000000000000 [ 101.094230] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 101.095190] RBP: ffff888010e67bd0 R08: ffffed1001702733 R09: ffffed1001702733 [ 101.096142] R10: ffff88800b813993 R11: ffffed1001702732 R12: ffff88800fcb3c00 [ 101.097063] R13: ffff88800b8139e8 R14: ffffffff8352e670 R15: ffff888010e67e68 [ 101.098022] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.099036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.099735] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 101.100640] PKRU: 55555554 [ 101.101017] Call Trace: [ 101.101352] [ 101.101653] __iommufd_access_detach+0x1c2/0x2b0 [ 101.102297] iommufd_access_change_pt+0x149/0x270 [ 101.103003] iommufd_access_replace+0xb4/0x120 [ 101.103573] iommufd_test+0x3e5/0x37e0 [ 101.104005] ? lock_release+0x532/0x770 [ 101.104443] ? __might_fault+0x102/0x1b0 [ 101.104887] ? lock_acquire+0x427/0x4c0 [ 101.105321] ? __pfx_iommufd_test+0x10/0x10 [ 101.105779] ? __pfx_lock_release+0x10/0x10 [ 101.106250] ? __pfx_lock_acquire+0x10/0x10 [ 101.106764] ? write_comp_data+0x2f/0x90 [ 101.107250] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.107784] ? write_comp_data+0x2f/0x90 [ 101.108228] iommufd_fops_ioctl+0x37d/0x510 [ 101.108697] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.109225] ? write_comp_data+0x2f/0x90 [ 101.109674] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.110194] __x64_sys_ioctl+0x1a3/0x230 [ 101.110675] do_syscall_64+0x3b/0x90 [ 101.111090] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.111663] RIP: 0033:0x7f4b8743ee5d [ 101.112073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.114018] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.114891] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.115694] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.116459] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.117227] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.117989] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.118812] [ 101.119071] irq event stamp: 0 [ 101.119421] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.120090] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.120970] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.121850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.122543] ---[ end trace 0000000000000000 ]--- [ 101.126167] ------------[ cut here ]------------ [ 101.126771] WARNING: CPU: 0 PID: 889 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.127953] Modules linked in: [ 101.128411] CPU: 0 PID: 889 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.129510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.130754] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.131310] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.133691] RSP: 0018:ffff888010e67bd0 EFLAGS: 00010246 [ 101.134395] RAX: 0000000000000000 RBX: ffff88800b8138a8 RCX: 0000000000000000 [ 101.135210] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 101.135970] RBP: ffff888010e67be8 R08: ffffed1001702733 R09: ffffed1001702733 [ 101.136724] R10: ffff88800b813993 R11: ffffed1001702732 R12: ffff888010824c00 [ 101.137642] R13: ffff88800b8139e8 R14: ffff8880104c0500 R15: 0000000000000000 [ 101.138708] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.139571] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.140174] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.140924] PKRU: 55555554 [ 101.141226] Call Trace: [ 101.141581] [ 101.141891] iommufd_access_destroy_object+0x65/0x170 [ 101.142781] iommufd_object_destroy_user+0x18e/0x220 [ 101.143347] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.143970] iommufd_access_destroy+0x43/0x70 [ 101.144448] iommufd_test_staccess_release+0x8d/0xd0 [ 101.144998] __fput+0x26d/0xa40 [ 101.145359] ____fput+0x1e/0x30 [ 101.145716] task_work_run+0x1a4/0x2d0 [ 101.146131] ? __pfx_task_work_run+0x10/0x10 [ 101.146636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.147343] ? switch_task_namespaces+0xa9/0xe0 [ 101.147987] do_exit+0xb17/0x2ef0 [ 101.148491] ? lock_acquire+0x427/0x4c0 [ 101.148925] ? __pfx_lock_release+0x10/0x10 [ 101.149386] ? __kasan_check_write+0x18/0x20 [ 101.149855] ? do_raw_spin_lock+0x132/0x2a0 [ 101.150314] ? __pfx_do_exit+0x10/0x10 [ 101.150774] ? debug_smp_processor_id+0x20/0x30 [ 101.151293] ? rcu_is_watching+0x19/0xb0 [ 101.151726] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.152272] ? trace_hardirqs_on+0x26/0x120 [ 101.152884] do_group_exit+0xe0/0x2b0 [ 101.153437] __x64_sys_exit_group+0x47/0x50 [ 101.153905] do_syscall_64+0x3b/0x90 [ 101.154308] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.154896] RIP: 0033:0x7f4b87518a4d [ 101.155303] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.155939] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.156825] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.157802] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.158816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.159572] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.160302] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.161041] [ 101.161361] irq event stamp: 0 [ 101.161783] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.162660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.163542] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.164394] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.165087] ---[ end trace 0000000000000000 ]--- [ 101.166204] ------------[ cut here ]------------ [ 101.166729] WARNING: CPU: 0 PID: 889 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.167771] Modules linked in: [ 101.168104] CPU: 0 PID: 889 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.169068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.170633] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.171179] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.173151] RSP: 0018:ffff888010e67b78 EFLAGS: 00010246 [ 101.173876] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.174814] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 101.175560] RBP: ffff888010e67b98 R08: ffffed100170273e R09: ffffed100170273e [ 101.176290] R10: ffff88800b8139ef R11: ffffed100170273d R12: ffff88800b813a90 [ 101.177064] R13: ffff88800b8138a8 R14: ffffffffffffffff R15: ffff888010e67c60 [ 101.178051] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.178993] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.179556] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.180223] PKRU: 55555554 [ 101.180489] Call Trace: [ 101.180733] [ 101.181000] iommufd_ioas_destroy+0x53/0x70 [ 101.181556] iommufd_fops_release+0x1f7/0x370 [ 101.181990] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.182459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.182952] ? write_comp_data+0x2f/0x90 [ 101.183373] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.183851] __fput+0x26d/0xa40 [ 101.184182] ____fput+0x1e/0x30 [ 101.184551] task_work_run+0x1a4/0x2d0 [ 101.185092] ? __pfx_task_work_run+0x10/0x10 [ 101.185517] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.185979] ? switch_task_namespaces+0xa9/0xe0 [ 101.186435] do_exit+0xb17/0x2ef0 [ 101.186800] ? lock_acquire+0x427/0x4c0 [ 101.187199] ? __pfx_lock_release+0x10/0x10 [ 101.187621] ? __kasan_check_write+0x18/0x20 [ 101.188271] ? do_raw_spin_lock+0x132/0x2a0 [ 101.188682] ? __pfx_do_exit+0x10/0x10 [ 101.189064] ? debug_smp_processor_id+0x20/0x30 [ 101.189514] ? rcu_is_watching+0x19/0xb0 [ 101.189905] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.190338] ? trace_hardirqs_on+0x26/0x120 [ 101.190902] do_group_exit+0xe0/0x2b0 [ 101.191424] __x64_sys_exit_group+0x47/0x50 [ 101.191840] do_syscall_64+0x3b/0x90 [ 101.192203] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.192700] RIP: 0033:0x7f4b87518a4d [ 101.193044] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.193617] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.194472] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.195312] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.195978] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.196635] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.197292] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.198173] [ 101.198390] irq event stamp: 0 [ 101.198710] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.199319] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.200094] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.201011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.201731] ---[ end trace 0000000000000000 ]--- [ 101.206581] ------------[ cut here ]------------ [ 101.207023] WARNING: CPU: 0 PID: 890 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.207915] Modules linked in: [ 101.208211] CPU: 0 PID: 890 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.209140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.210116] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.210608] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.212350] RSP: 0018:ffff888023e07bb8 EFLAGS: 00010246 [ 101.212817] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 101.213434] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 101.214049] RBP: ffff888023e07bd0 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 101.214680] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff888013afbc00 [ 101.215319] R13: ffff88801781f9e8 R14: ffffffff8352e670 R15: ffff888023e07e68 [ 101.215942] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.216640] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.217155] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 101.217778] PKRU: 55555554 [ 101.218026] Call Trace: [ 101.218252] [ 101.218451] __iommufd_access_detach+0x1c2/0x2b0 [ 101.218902] iommufd_access_change_pt+0x149/0x270 [ 101.219347] iommufd_access_replace+0xb4/0x120 [ 101.219761] iommufd_test+0x3e5/0x37e0 [ 101.220106] ? lock_release+0x532/0x770 [ 101.220468] ? __might_fault+0x102/0x1b0 [ 101.220833] ? lock_acquire+0x427/0x4c0 [ 101.221196] ? __pfx_iommufd_test+0x10/0x10 [ 101.221576] ? __pfx_lock_release+0x10/0x10 [ 101.221962] ? __pfx_lock_acquire+0x10/0x10 [ 101.222349] ? write_comp_data+0x2f/0x90 [ 101.222744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.223194] ? write_comp_data+0x2f/0x90 [ 101.223564] iommufd_fops_ioctl+0x37d/0x510 [ 101.223949] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.224379] ? write_comp_data+0x2f/0x90 [ 101.224743] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.225170] __x64_sys_ioctl+0x1a3/0x230 [ 101.225537] do_syscall_64+0x3b/0x90 [ 101.225875] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.226336] RIP: 0033:0x7f4b8743ee5d [ 101.226746] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.228355] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.229016] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.229649] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.230264] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.230911] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.231538] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.232170] [ 101.232377] irq event stamp: 0 [ 101.232648] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.233185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.233899] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.234632] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.235181] ---[ end trace 0000000000000000 ]--- [ 101.238167] ------------[ cut here ]------------ [ 101.238640] WARNING: CPU: 0 PID: 890 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.239522] Modules linked in: [ 101.239801] CPU: 0 PID: 890 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.240536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.241494] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.241919] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.243509] RSP: 0018:ffff888023e07bd0 EFLAGS: 00010246 [ 101.243963] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 101.244570] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 101.245178] RBP: ffff888023e07be8 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 101.245788] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff88800fcb1c00 [ 101.246405] R13: ffff88801781f9e8 R14: ffff888010aa9700 R15: 0000000000000000 [ 101.247044] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.247745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.248241] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.248851] PKRU: 55555554 [ 101.249093] Call Trace: [ 101.249313] [ 101.249510] iommufd_access_destroy_object+0x65/0x170 [ 101.249959] iommufd_object_destroy_user+0x18e/0x220 [ 101.250400] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.250923] iommufd_access_destroy+0x43/0x70 [ 101.251333] iommufd_test_staccess_release+0x8d/0xd0 [ 101.251777] __fput+0x26d/0xa40 [ 101.252079] ____fput+0x1e/0x30 [ 101.252372] task_work_run+0x1a4/0x2d0 [ 101.252718] ? __pfx_task_work_run+0x10/0x10 [ 101.253106] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.253534] ? switch_task_namespaces+0xa9/0xe0 [ 101.253950] do_exit+0xb17/0x2ef0 [ 101.254252] ? lock_acquire+0x427/0x4c0 [ 101.254633] ? __pfx_lock_release+0x10/0x10 [ 101.255016] ? __kasan_check_write+0x18/0x20 [ 101.255416] ? do_raw_spin_lock+0x132/0x2a0 [ 101.255799] ? __pfx_do_exit+0x10/0x10 [ 101.256149] ? debug_smp_processor_id+0x20/0x30 [ 101.256555] ? rcu_is_watching+0x19/0xb0 [ 101.256910] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.257303] ? trace_hardirqs_on+0x26/0x120 [ 101.257686] do_group_exit+0xe0/0x2b0 [ 101.258023] __x64_sys_exit_group+0x47/0x50 [ 101.258394] do_syscall_64+0x3b/0x90 [ 101.258753] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.259235] RIP: 0033:0x7f4b87518a4d [ 101.259560] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.260075] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.260697] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.261282] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.261864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.262447] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.263054] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.263659] [ 101.263853] irq event stamp: 0 [ 101.264113] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.264641] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.265331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.266011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.266551] ---[ end trace 0000000000000000 ]--- [ 101.267295] ------------[ cut here ]------------ [ 101.267685] WARNING: CPU: 0 PID: 890 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.268485] Modules linked in: [ 101.268746] CPU: 0 PID: 890 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.269430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.270322] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.270751] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.272182] RSP: 0018:ffff888023e07b78 EFLAGS: 00010246 [ 101.272606] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.273168] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 101.273732] RBP: ffff888023e07b98 R08: ffffed1002f03f3e R09: ffffed1002f03f3e [ 101.274297] R10: ffff88801781f9ef R11: ffffed1002f03f3d R12: ffff88801781fa90 [ 101.274886] R13: ffff88801781f8a8 R14: ffffffffffffffff R15: ffff888023e07c60 [ 101.275468] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.276144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.276634] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.277237] PKRU: 55555554 [ 101.277480] Call Trace: [ 101.277702] [ 101.277900] iommufd_ioas_destroy+0x53/0x70 [ 101.278281] iommufd_fops_release+0x1f7/0x370 [ 101.278695] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.279138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.279569] ? write_comp_data+0x2f/0x90 [ 101.279928] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.280361] __fput+0x26d/0xa40 [ 101.280665] ____fput+0x1e/0x30 [ 101.280958] task_work_run+0x1a4/0x2d0 [ 101.281301] ? __pfx_task_work_run+0x10/0x10 [ 101.281689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.282114] ? switch_task_namespaces+0xa9/0xe0 [ 101.282547] do_exit+0xb17/0x2ef0 [ 101.282847] ? lock_acquire+0x427/0x4c0 [ 101.283206] ? __pfx_lock_release+0x10/0x10 [ 101.283580] ? __kasan_check_write+0x18/0x20 [ 101.283958] ? do_raw_spin_lock+0x132/0x2a0 [ 101.284324] ? __pfx_do_exit+0x10/0x10 [ 101.284665] ? debug_smp_processor_id+0x20/0x30 [ 101.285067] ? rcu_is_watching+0x19/0xb0 [ 101.285417] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.285808] ? trace_hardirqs_on+0x26/0x120 [ 101.286183] do_group_exit+0xe0/0x2b0 [ 101.286532] __x64_sys_exit_group+0x47/0x50 [ 101.286901] do_syscall_64+0x3b/0x90 [ 101.287236] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.287687] RIP: 0033:0x7f4b87518a4d [ 101.288005] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.288526] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.289168] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.289771] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.290370] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.290994] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.291610] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.292225] [ 101.292424] irq event stamp: 0 [ 101.292695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.293231] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.293944] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.294686] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.295241] ---[ end trace 0000000000000000 ]--- [ 101.299832] ------------[ cut here ]------------ [ 101.300261] WARNING: CPU: 0 PID: 891 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.301129] Modules linked in: [ 101.301399] CPU: 0 PID: 891 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.302124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.303125] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.303556] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.305086] RSP: 0018:ffff888018297bb8 EFLAGS: 00010246 [ 101.305532] RAX: 0000000000000000 RBX: ffff888015e660a8 RCX: 0000000000000000 [ 101.306127] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 101.306748] RBP: ffff888018297bd0 R08: ffffed1002bccc33 R09: ffffed1002bccc33 [ 101.307366] R10: ffff888015e66193 R11: ffffed1002bccc32 R12: ffff888021baa800 [ 101.307972] R13: ffff888015e661e8 R14: ffffffff8352e670 R15: ffff888018297e68 [ 101.308571] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.309304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.309785] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ef0 [ 101.310380] PKRU: 55555554 [ 101.310636] Call Trace: [ 101.310850] [ 101.311040] __iommufd_access_detach+0x1c2/0x2b0 [ 101.311464] iommufd_access_change_pt+0x149/0x270 [ 101.311878] iommufd_access_replace+0xb4/0x120 [ 101.312271] iommufd_test+0x3e5/0x37e0 [ 101.312598] ? lock_release+0x532/0x770 [ 101.312943] ? __might_fault+0x102/0x1b0 [ 101.313289] ? lock_acquire+0x427/0x4c0 [ 101.313628] ? __pfx_iommufd_test+0x10/0x10 [ 101.313989] ? __pfx_lock_release+0x10/0x10 [ 101.314358] ? __pfx_lock_acquire+0x10/0x10 [ 101.314773] ? write_comp_data+0x2f/0x90 [ 101.315143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.315558] ? write_comp_data+0x2f/0x90 [ 101.315909] iommufd_fops_ioctl+0x37d/0x510 [ 101.316276] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.316690] ? write_comp_data+0x2f/0x90 [ 101.317040] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.317449] __x64_sys_ioctl+0x1a3/0x230 [ 101.317800] do_syscall_64+0x3b/0x90 [ 101.318125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.318591] RIP: 0033:0x7f4b8743ee5d [ 101.318908] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.320437] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.321073] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.321666] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.322259] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.322872] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.323478] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.324083] [ 101.324278] irq event stamp: 0 [ 101.324541] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.325069] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.325767] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.326477] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.327030] ---[ end trace 0000000000000000 ]--- [ 101.329894] ------------[ cut here ]------------ [ 101.330322] WARNING: CPU: 0 PID: 891 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.331214] Modules linked in: [ 101.331486] CPU: 0 PID: 891 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.332206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.333143] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.333561] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.335097] RSP: 0018:ffff888018297bd0 EFLAGS: 00010246 [ 101.335562] RAX: 0000000000000000 RBX: ffff888015e660a8 RCX: 0000000000000000 [ 101.336167] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 101.336771] RBP: ffff888018297be8 R08: ffffed1002bccc33 R09: ffffed1002bccc33 [ 101.337376] R10: ffff888015e66193 R11: ffffed1002bccc32 R12: ffff888013af9400 [ 101.337974] R13: ffff888015e661e8 R14: ffff8880103e0000 R15: 0000000000000000 [ 101.338603] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.339289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.339778] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.340374] PKRU: 55555554 [ 101.340612] Call Trace: [ 101.340831] [ 101.341016] iommufd_access_destroy_object+0x65/0x170 [ 101.341455] iommufd_object_destroy_user+0x18e/0x220 [ 101.341885] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.342376] iommufd_access_destroy+0x43/0x70 [ 101.342782] iommufd_test_staccess_release+0x8d/0xd0 [ 101.343236] __fput+0x26d/0xa40 [ 101.343532] ____fput+0x1e/0x30 [ 101.343819] task_work_run+0x1a4/0x2d0 [ 101.344155] ? __pfx_task_work_run+0x10/0x10 [ 101.344531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.344947] ? switch_task_namespaces+0xa9/0xe0 [ 101.345351] do_exit+0xb17/0x2ef0 [ 101.345647] ? lock_acquire+0x427/0x4c0 [ 101.345990] ? __pfx_lock_release+0x10/0x10 [ 101.346360] ? __kasan_check_write+0x18/0x20 [ 101.346750] ? do_raw_spin_lock+0x132/0x2a0 [ 101.347122] ? __pfx_do_exit+0x10/0x10 [ 101.347460] ? debug_smp_processor_id+0x20/0x30 [ 101.347862] ? rcu_is_watching+0x19/0xb0 [ 101.348208] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.348594] ? trace_hardirqs_on+0x26/0x120 [ 101.348967] do_group_exit+0xe0/0x2b0 [ 101.349288] __x64_sys_exit_group+0x47/0x50 [ 101.349650] do_syscall_64+0x3b/0x90 [ 101.349972] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.350412] RIP: 0033:0x7f4b87518a4d [ 101.350758] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.351288] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.351926] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.352524] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.353116] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.353708] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.354303] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.354930] [ 101.355142] irq event stamp: 0 [ 101.355406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.355929] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.356615] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.357300] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.357812] ---[ end trace 0000000000000000 ]--- [ 101.358549] ------------[ cut here ]------------ [ 101.358938] WARNING: CPU: 0 PID: 891 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.359784] Modules linked in: [ 101.360050] CPU: 0 PID: 891 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.360762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.361687] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.362116] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.363649] RSP: 0018:ffff888018297b78 EFLAGS: 00010246 [ 101.364089] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.364677] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 101.365263] RBP: ffff888018297b98 R08: ffffed1002bccc3e R09: ffffed1002bccc3e [ 101.365847] R10: ffff888015e661ef R11: ffffed1002bccc3d R12: ffff888015e66290 [ 101.366434] R13: ffff888015e660a8 R14: ffffffffffffffff R15: ffff888018297c60 [ 101.367042] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.367714] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.368190] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.368777] PKRU: 55555554 [ 101.369015] Call Trace: [ 101.369228] [ 101.369417] iommufd_ioas_destroy+0x53/0x70 [ 101.369781] iommufd_fops_release+0x1f7/0x370 [ 101.370157] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.370596] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.371009] ? write_comp_data+0x2f/0x90 [ 101.371367] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.371785] __fput+0x26d/0xa40 [ 101.372072] ____fput+0x1e/0x30 [ 101.372353] task_work_run+0x1a4/0x2d0 [ 101.372686] ? __pfx_task_work_run+0x10/0x10 [ 101.373052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.373465] ? switch_task_namespaces+0xa9/0xe0 [ 101.373865] do_exit+0xb17/0x2ef0 [ 101.374151] ? lock_acquire+0x427/0x4c0 [ 101.374490] ? __pfx_lock_release+0x10/0x10 [ 101.374888] ? __kasan_check_write+0x18/0x20 [ 101.375273] ? do_raw_spin_lock+0x132/0x2a0 [ 101.375642] ? __pfx_do_exit+0x10/0x10 [ 101.375980] ? debug_smp_processor_id+0x20/0x30 [ 101.376371] ? rcu_is_watching+0x19/0xb0 [ 101.376714] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.377096] ? trace_hardirqs_on+0x26/0x120 [ 101.377462] do_group_exit+0xe0/0x2b0 [ 101.377783] __x64_sys_exit_group+0x47/0x50 [ 101.378139] do_syscall_64+0x3b/0x90 [ 101.378454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.378915] RIP: 0033:0x7f4b87518a4d [ 101.379243] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.379754] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.380378] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.380966] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.381555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.382137] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.382751] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.383365] [ 101.383562] irq event stamp: 0 [ 101.383825] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.384344] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.385034] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.385718] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.386234] ---[ end trace 0000000000000000 ]--- [ 101.389904] ------------[ cut here ]------------ [ 101.390348] WARNING: CPU: 1 PID: 892 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.391446] Modules linked in: [ 101.391715] CPU: 1 PID: 892 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.392425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.393347] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.393754] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.395268] RSP: 0018:ffff888018a27bb8 EFLAGS: 00010246 [ 101.395707] RAX: 0000000000000000 RBX: ffff8880219ff0a8 RCX: 0000000000000000 [ 101.396294] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 101.396888] RBP: ffff888018a27bd0 R08: ffffed100433fe33 R09: ffffed100433fe33 [ 101.397482] R10: ffff8880219ff193 R11: ffffed100433fe32 R12: ffff88801805e000 [ 101.398065] R13: ffff8880219ff1e8 R14: ffffffff8352e670 R15: ffff888018a27e68 [ 101.398668] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.399334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.399812] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ee0 [ 101.400404] PKRU: 55555554 [ 101.400635] Call Trace: [ 101.400851] [ 101.401040] __iommufd_access_detach+0x1c2/0x2b0 [ 101.401443] iommufd_access_change_pt+0x149/0x270 [ 101.401849] iommufd_access_replace+0xb4/0x120 [ 101.402240] iommufd_test+0x3e5/0x37e0 [ 101.402577] ? lock_release+0x532/0x770 [ 101.402917] ? __might_fault+0x102/0x1b0 [ 101.403271] ? lock_acquire+0x427/0x4c0 [ 101.403612] ? __pfx_iommufd_test+0x10/0x10 [ 101.403972] ? __pfx_lock_release+0x10/0x10 [ 101.404338] ? __pfx_lock_acquire+0x10/0x10 [ 101.404706] ? write_comp_data+0x2f/0x90 [ 101.405133] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.405545] ? write_comp_data+0x2f/0x90 [ 101.405899] iommufd_fops_ioctl+0x37d/0x510 [ 101.406262] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.406689] ? write_comp_data+0x2f/0x90 [ 101.407036] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.407452] __x64_sys_ioctl+0x1a3/0x230 [ 101.407801] do_syscall_64+0x3b/0x90 [ 101.408121] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.408560] RIP: 0033:0x7f4b8743ee5d [ 101.408868] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.410369] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.411021] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.411620] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.412210] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.412803] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.413388] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.413988] [ 101.414185] irq event stamp: 0 [ 101.414449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.415002] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.415701] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.416384] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.416904] ---[ end trace 0000000000000000 ]--- [ 101.419735] ------------[ cut here ]------------ [ 101.420159] WARNING: CPU: 1 PID: 892 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.420973] Modules linked in: [ 101.421235] CPU: 1 PID: 892 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.421937] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.422873] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.423286] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.424762] RSP: 0018:ffff888018a27bd0 EFLAGS: 00010246 [ 101.425194] RAX: 0000000000000000 RBX: ffff8880219ff0a8 RCX: 0000000000000000 [ 101.425781] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 101.426357] RBP: ffff888018a27be8 R08: ffffed100433fe33 R09: ffffed100433fe33 [ 101.426954] R10: ffff8880219ff193 R11: ffffed100433fe32 R12: ffff888016c9ac00 [ 101.427544] R13: ffff8880219ff1e8 R14: ffff8880181b8000 R15: 0000000000000000 [ 101.428137] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.428789] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.429266] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 101.429845] PKRU: 55555554 [ 101.430081] Call Trace: [ 101.430290] [ 101.430477] iommufd_access_destroy_object+0x65/0x170 [ 101.430926] iommufd_object_destroy_user+0x18e/0x220 [ 101.431356] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.431837] iommufd_access_destroy+0x43/0x70 [ 101.432213] iommufd_test_staccess_release+0x8d/0xd0 [ 101.432638] __fput+0x26d/0xa40 [ 101.432922] ____fput+0x1e/0x30 [ 101.433204] task_work_run+0x1a4/0x2d0 [ 101.433533] ? __pfx_task_work_run+0x10/0x10 [ 101.433900] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.434306] ? switch_task_namespaces+0xa9/0xe0 [ 101.434717] do_exit+0xb17/0x2ef0 [ 101.435007] ? lock_acquire+0x427/0x4c0 [ 101.435351] ? __pfx_lock_release+0x10/0x10 [ 101.435714] ? __kasan_check_write+0x18/0x20 [ 101.436079] ? do_raw_spin_lock+0x132/0x2a0 [ 101.436442] ? __pfx_do_exit+0x10/0x10 [ 101.436776] ? debug_smp_processor_id+0x20/0x30 [ 101.437216] ? rcu_is_watching+0x19/0xb0 [ 101.437547] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.437933] ? trace_hardirqs_on+0x26/0x120 [ 101.438304] do_group_exit+0xe0/0x2b0 [ 101.438647] __x64_sys_exit_group+0x47/0x50 [ 101.439017] do_syscall_64+0x3b/0x90 [ 101.439341] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.439772] RIP: 0033:0x7f4b87518a4d [ 101.440089] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.440599] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.441211] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.441787] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.442361] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.442973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.443561] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.444143] [ 101.444333] irq event stamp: 0 [ 101.444591] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.445103] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.445781] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.446456] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.446994] ---[ end trace 0000000000000000 ]--- [ 101.449236] ------------[ cut here ]------------ [ 101.449705] WARNING: CPU: 0 PID: 892 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.450739] Modules linked in: [ 101.451014] CPU: 0 PID: 892 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.451751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.452693] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.453130] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.454676] RSP: 0018:ffff888018a27b78 EFLAGS: 00010246 [ 101.455144] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.455747] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 101.456341] RBP: ffff888018a27b98 R08: ffffed100433fe3e R09: ffffed100433fe3e [ 101.456949] R10: ffff8880219ff1ef R11: ffffed100433fe3d R12: ffff8880219ff290 [ 101.457546] R13: ffff8880219ff0a8 R14: ffffffffffffffff R15: ffff888018a27c60 [ 101.458140] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.458847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.459292] CR2: 00007f82e2bc8010 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 101.459822] PKRU: 55555554 [ 101.460032] Call Trace: [ 101.460221] [ 101.460404] iommufd_ioas_destroy+0x53/0x70 [ 101.460729] iommufd_fops_release+0x1f7/0x370 [ 101.461069] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.461447] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.461821] ? write_comp_data+0x2f/0x90 [ 101.462128] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.462501] __fput+0x26d/0xa40 [ 101.462783] ____fput+0x1e/0x30 [ 101.463039] task_work_run+0x1a4/0x2d0 [ 101.463343] ? __pfx_task_work_run+0x10/0x10 [ 101.463681] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.464049] ? switch_task_namespaces+0xa9/0xe0 [ 101.464412] do_exit+0xb17/0x2ef0 [ 101.464672] ? lock_acquire+0x427/0x4c0 [ 101.464980] ? __pfx_lock_release+0x10/0x10 [ 101.465303] ? __kasan_check_write+0x18/0x20 [ 101.465629] ? do_raw_spin_lock+0x132/0x2a0 [ 101.465953] ? __pfx_do_exit+0x10/0x10 [ 101.466260] ? debug_smp_processor_id+0x20/0x30 [ 101.466638] ? rcu_is_watching+0x19/0xb0 [ 101.466946] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.467298] ? trace_hardirqs_on+0x26/0x120 [ 101.467631] do_group_exit+0xe0/0x2b0 [ 101.467913] __x64_sys_exit_group+0x47/0x50 [ 101.468238] do_syscall_64+0x3b/0x90 [ 101.468528] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.468917] RIP: 0033:0x7f4b87518a4d [ 101.469195] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.469654] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.470222] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.470771] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.471309] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.471841] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.472370] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.472910] [ 101.473087] irq event stamp: 0 [ 101.473322] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.473794] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.474414] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.475055] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.475536] ---[ end trace 0000000000000000 ]--- [ 101.479714] ------------[ cut here ]------------ [ 101.480084] WARNING: CPU: 0 PID: 893 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.481010] Modules linked in: [ 101.481254] CPU: 0 PID: 893 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.482030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.482888] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.483404] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.484933] RSP: 0018:ffff8880140b7bb8 EFLAGS: 00010246 [ 101.485339] RAX: 0000000000000000 RBX: ffff88800ea398a8 RCX: 0000000000000000 [ 101.486014] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 101.486582] RBP: ffff8880140b7bd0 R08: ffffed1001d47333 R09: ffffed1001d47333 [ 101.487182] R10: ffff88800ea39993 R11: ffffed1001d47332 R12: ffff88800f173000 [ 101.487800] R13: ffff88800ea399e8 R14: ffffffff8352e670 R15: ffff8880140b7e68 [ 101.488382] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.489067] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.489532] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 101.490156] PKRU: 55555554 [ 101.490385] Call Trace: [ 101.490601] [ 101.490778] __iommufd_access_detach+0x1c2/0x2b0 [ 101.491218] iommufd_access_change_pt+0x149/0x270 [ 101.491647] iommufd_access_replace+0xb4/0x120 [ 101.492017] iommufd_test+0x3e5/0x37e0 [ 101.492341] ? lock_release+0x532/0x770 [ 101.492755] ? __might_fault+0x102/0x1b0 [ 101.493077] ? lock_acquire+0x427/0x4c0 [ 101.493387] ? __pfx_iommufd_test+0x10/0x10 [ 101.493839] ? __pfx_lock_release+0x10/0x10 [ 101.494172] ? __pfx_lock_acquire+0x10/0x10 [ 101.494534] ? write_comp_data+0x2f/0x90 [ 101.494855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.495387] ? write_comp_data+0x2f/0x90 [ 101.495708] iommufd_fops_ioctl+0x37d/0x510 [ 101.496042] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.496466] ? write_comp_data+0x2f/0x90 [ 101.496866] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.497245] __x64_sys_ioctl+0x1a3/0x230 [ 101.497624] do_syscall_64+0x3b/0x90 [ 101.498004] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.498410] RIP: 0033:0x7f4b8743ee5d [ 101.498751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.500245] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.500964] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.501511] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.502174] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.502741] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.503356] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.504008] [ 101.504197] irq event stamp: 0 [ 101.504473] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.505044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.505720] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.506438] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.506980] ---[ end trace 0000000000000000 ]--- [ 101.510037] ------------[ cut here ]------------ [ 101.510415] WARNING: CPU: 0 PID: 893 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.511362] Modules linked in: [ 101.511616] CPU: 0 PID: 893 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.512286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.513175] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.513568] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.515023] RSP: 0018:ffff8880140b7bd0 EFLAGS: 00010246 [ 101.515459] RAX: 0000000000000000 RBX: ffff88800ea398a8 RCX: 0000000000000000 [ 101.516017] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 101.516572] RBP: ffff8880140b7be8 R08: ffffed1001d47333 R09: ffffed1001d47333 [ 101.517133] R10: ffff88800ea39993 R11: ffffed1001d47332 R12: ffff888018148c00 [ 101.517692] R13: ffff88800ea399e8 R14: ffff8880123ec600 R15: 0000000000000000 [ 101.518254] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.518909] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.519374] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 101.519940] PKRU: 55555554 [ 101.520169] Call Trace: [ 101.520373] [ 101.520555] iommufd_access_destroy_object+0x65/0x170 [ 101.520972] iommufd_object_destroy_user+0x18e/0x220 [ 101.521380] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.521851] iommufd_access_destroy+0x43/0x70 [ 101.522211] iommufd_test_staccess_release+0x8d/0xd0 [ 101.522645] __fput+0x26d/0xa40 [ 101.522923] ____fput+0x1e/0x30 [ 101.523209] task_work_run+0x1a4/0x2d0 [ 101.523534] ? __pfx_task_work_run+0x10/0x10 [ 101.523893] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.524290] ? switch_task_namespaces+0xa9/0xe0 [ 101.524669] do_exit+0xb17/0x2ef0 [ 101.524947] ? lock_acquire+0x427/0x4c0 [ 101.525273] ? __pfx_lock_release+0x10/0x10 [ 101.525619] ? __kasan_check_write+0x18/0x20 [ 101.525972] ? do_raw_spin_lock+0x132/0x2a0 [ 101.526313] ? __pfx_do_exit+0x10/0x10 [ 101.526651] ? debug_smp_processor_id+0x20/0x30 [ 101.527027] ? rcu_is_watching+0x19/0xb0 [ 101.527361] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.527732] ? trace_hardirqs_on+0x26/0x120 [ 101.528089] do_group_exit+0xe0/0x2b0 [ 101.528400] __x64_sys_exit_group+0x47/0x50 [ 101.528739] do_syscall_64+0x3b/0x90 [ 101.529042] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.529461] RIP: 0033:0x7f4b87518a4d [ 101.529761] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.530244] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.530878] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.531451] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.532013] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.532589] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.533175] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.533749] [ 101.533935] irq event stamp: 0 [ 101.534189] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.534714] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.535387] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.536043] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.536551] ---[ end trace 0000000000000000 ]--- [ 101.537412] ------------[ cut here ]------------ [ 101.537928] WARNING: CPU: 0 PID: 893 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.538807] Modules linked in: [ 101.539072] CPU: 0 PID: 893 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.539922] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.540815] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.541221] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.542680] RSP: 0018:ffff8880140b7b78 EFLAGS: 00010246 [ 101.543103] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.543683] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 101.544249] RBP: ffff8880140b7b98 R08: ffffed1001d4733e R09: ffffed1001d4733e [ 101.544814] R10: ffff88800ea399ef R11: ffffed1001d4733d R12: ffff88800ea39a90 [ 101.545376] R13: ffff88800ea398a8 R14: ffffffffffffffff R15: ffff8880140b7c60 [ 101.545934] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.546588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.547050] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 101.547637] PKRU: 55555554 [ 101.547863] Call Trace: [ 101.548067] [ 101.548254] iommufd_ioas_destroy+0x53/0x70 [ 101.548602] iommufd_fops_release+0x1f7/0x370 [ 101.548965] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.549362] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.549755] ? write_comp_data+0x2f/0x90 [ 101.550088] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.550530] __fput+0x26d/0xa40 [ 101.550821] ____fput+0x1e/0x30 [ 101.551095] task_work_run+0x1a4/0x2d0 [ 101.551422] ? __pfx_task_work_run+0x10/0x10 [ 101.551776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.552169] ? switch_task_namespaces+0xa9/0xe0 [ 101.552551] do_exit+0xb17/0x2ef0 [ 101.552831] ? lock_acquire+0x427/0x4c0 [ 101.553162] ? __pfx_lock_release+0x10/0x10 [ 101.553513] ? __kasan_check_write+0x18/0x20 [ 101.553867] ? do_raw_spin_lock+0x132/0x2a0 [ 101.554220] ? __pfx_do_exit+0x10/0x10 [ 101.554562] ? debug_smp_processor_id+0x20/0x30 [ 101.554946] ? rcu_is_watching+0x19/0xb0 [ 101.555284] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.555644] ? trace_hardirqs_on+0x26/0x120 [ 101.555989] do_group_exit+0xe0/0x2b0 [ 101.556298] __x64_sys_exit_group+0x47/0x50 [ 101.556635] do_syscall_64+0x3b/0x90 [ 101.556948] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.557371] RIP: 0033:0x7f4b87518a4d [ 101.557675] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.558153] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.558767] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.559337] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.559898] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.560462] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.561022] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.561593] [ 101.561778] irq event stamp: 0 [ 101.562035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.562565] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.563239] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.563905] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.564397] ---[ end trace 0000000000000000 ]--- [ 101.569808] ------------[ cut here ]------------ [ 101.570201] WARNING: CPU: 1 PID: 894 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.571097] Modules linked in: [ 101.571500] CPU: 1 PID: 894 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.572171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.573241] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.573791] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.575725] RSP: 0018:ffff888018a27bb8 EFLAGS: 00010246 [ 101.576188] RAX: 0000000000000000 RBX: ffff88801050b8a8 RCX: 0000000000000000 [ 101.576817] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 101.577363] RBP: ffff888018a27bd0 R08: ffffed10020a1733 R09: ffffed10020a1733 [ 101.578030] R10: ffff88801050b993 R11: ffffed10020a1732 R12: ffff8880183dbc00 [ 101.578602] R13: ffff88801050b9e8 R14: ffffffff8352e670 R15: ffff888018a27e68 [ 101.579168] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.579900] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.580348] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 101.580937] PKRU: 55555554 [ 101.581218] Call Trace: [ 101.581417] [ 101.581597] __iommufd_access_detach+0x1c2/0x2b0 [ 101.581982] iommufd_access_change_pt+0x149/0x270 [ 101.582393] iommufd_access_replace+0xb4/0x120 [ 101.582856] iommufd_test+0x3e5/0x37e0 [ 101.583177] ? lock_release+0x532/0x770 [ 101.583503] ? __might_fault+0x102/0x1b0 [ 101.583834] ? lock_acquire+0x427/0x4c0 [ 101.584184] ? __pfx_iommufd_test+0x10/0x10 [ 101.584629] ? __pfx_lock_release+0x10/0x10 [ 101.584991] ? __pfx_lock_acquire+0x10/0x10 [ 101.585356] ? write_comp_data+0x2f/0x90 [ 101.585705] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.586210] ? write_comp_data+0x2f/0x90 [ 101.586569] iommufd_fops_ioctl+0x37d/0x510 [ 101.586931] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.587345] ? write_comp_data+0x2f/0x90 [ 101.587713] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.588201] __x64_sys_ioctl+0x1a3/0x230 [ 101.588549] do_syscall_64+0x3b/0x90 [ 101.588867] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.589377] RIP: 0033:0x7f4b8743ee5d [ 101.589737] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.591383] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.592006] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.592604] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.593324] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.593906] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.594617] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.595223] [ 101.595415] irq event stamp: 0 [ 101.595676] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.596273] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.597095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.597837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.598400] ---[ end trace 0000000000000000 ]--- [ 101.601311] ------------[ cut here ]------------ [ 101.601734] WARNING: CPU: 1 PID: 894 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.602653] Modules linked in: [ 101.602947] CPU: 1 PID: 894 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.603662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.604656] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.605121] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.606756] RSP: 0018:ffff888018a27bd0 EFLAGS: 00010246 [ 101.607208] RAX: 0000000000000000 RBX: ffff88801050b8a8 RCX: 0000000000000000 [ 101.607824] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 101.608499] RBP: ffff888018a27be8 R08: ffffed10020a1733 R09: ffffed10020a1733 [ 101.609079] R10: ffff88801050b993 R11: ffffed10020a1732 R12: ffff88801805f800 [ 101.609798] R13: ffff88801050b9e8 R14: ffff8880138ab900 R15: 0000000000000000 [ 101.610379] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.611131] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.611664] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 101.612272] PKRU: 55555554 [ 101.612519] Call Trace: [ 101.612741] [ 101.613018] iommufd_access_destroy_object+0x65/0x170 [ 101.613534] iommufd_object_destroy_user+0x18e/0x220 [ 101.613985] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.614587] iommufd_access_destroy+0x43/0x70 [ 101.615057] iommufd_test_staccess_release+0x8d/0xd0 [ 101.615528] __fput+0x26d/0xa40 [ 101.615830] ____fput+0x1e/0x30 [ 101.616129] task_work_run+0x1a4/0x2d0 [ 101.616503] ? __pfx_task_work_run+0x10/0x10 [ 101.617020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.617451] ? switch_task_namespaces+0xa9/0xe0 [ 101.617868] do_exit+0xb17/0x2ef0 [ 101.618238] ? lock_acquire+0x427/0x4c0 [ 101.618679] ? __pfx_lock_release+0x10/0x10 [ 101.619063] ? __kasan_check_write+0x18/0x20 [ 101.619458] ? do_raw_spin_lock+0x132/0x2a0 [ 101.619837] ? __pfx_do_exit+0x10/0x10 [ 101.620215] ? debug_smp_processor_id+0x20/0x30 [ 101.620736] ? rcu_is_watching+0x19/0xb0 [ 101.621102] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.621508] ? trace_hardirqs_on+0x26/0x120 [ 101.621973] do_group_exit+0xe0/0x2b0 [ 101.622376] __x64_sys_exit_group+0x47/0x50 [ 101.622781] do_syscall_64+0x3b/0x90 [ 101.623124] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.623586] RIP: 0033:0x7f4b87518a4d [ 101.623970] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.624606] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.625279] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.626046] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.626694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.627337] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.628119] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.628748] [ 101.629033] irq event stamp: 0 [ 101.629370] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.629992] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.630741] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.631564] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.632181] ---[ end trace 0000000000000000 ]--- [ 101.632935] ------------[ cut here ]------------ [ 101.633437] WARNING: CPU: 1 PID: 894 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.634317] Modules linked in: [ 101.634699] CPU: 1 PID: 894 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.635525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.636501] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.637078] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.638835] RSP: 0018:ffff888018a27b78 EFLAGS: 00010246 [ 101.639314] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.639934] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 101.640712] RBP: ffff888018a27b98 R08: ffffed10020a173e R09: ffffed10020a173e [ 101.641330] R10: ffff88801050b9ef R11: ffffed10020a173d R12: ffff88801050ba90 [ 101.642022] R13: ffff88801050b8a8 R14: ffffffffffffffff R15: ffff888018a27c60 [ 101.642732] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.643439] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.643986] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 101.644701] PKRU: 55555554 [ 101.644947] Call Trace: [ 101.645169] [ 101.645368] iommufd_ioas_destroy+0x53/0x70 [ 101.645882] iommufd_fops_release+0x1f7/0x370 [ 101.646287] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.646826] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.647289] ? write_comp_data+0x2f/0x90 [ 101.647736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.648247] __fput+0x26d/0xa40 [ 101.648555] ____fput+0x1e/0x30 [ 101.648855] task_work_run+0x1a4/0x2d0 [ 101.649253] ? __pfx_task_work_run+0x10/0x10 [ 101.649708] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.650149] ? switch_task_namespaces+0xa9/0xe0 [ 101.650599] do_exit+0xb17/0x2ef0 [ 101.650910] ? lock_acquire+0x427/0x4c0 [ 101.651285] ? __pfx_lock_release+0x10/0x10 [ 101.651736] ? __kasan_check_write+0x18/0x20 [ 101.652195] ? do_raw_spin_lock+0x132/0x2a0 [ 101.652575] ? __pfx_do_exit+0x10/0x10 [ 101.652928] ? debug_smp_processor_id+0x20/0x30 [ 101.653424] ? rcu_is_watching+0x19/0xb0 [ 101.653863] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.654269] ? trace_hardirqs_on+0x26/0x120 [ 101.654681] do_group_exit+0xe0/0x2b0 [ 101.655024] __x64_sys_exit_group+0x47/0x50 [ 101.655456] do_syscall_64+0x3b/0x90 [ 101.655872] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.656331] RIP: 0033:0x7f4b87518a4d [ 101.656656] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.657285] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.658007] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.658668] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.659374] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.660048] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.660674] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.661491] [ 101.661704] irq event stamp: 0 [ 101.661979] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.662542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.663276] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.663987] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.664521] ---[ end trace 0000000000000000 ]--- [ 101.666709] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 101.668582] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 101.668970] ------------[ cut here ]------------ [ 101.670260] WARNING: CPU: 1 PID: 895 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.671157] Modules linked in: [ 101.671431] CPU: 1 PID: 895 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.672166] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.673118] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.673542] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.675106] RSP: 0018:ffff888023fc7bb8 EFLAGS: 00010246 [ 101.675569] RAX: 0000000000000000 RBX: ffff88800e8f10a8 RCX: 0000000000000000 [ 101.676181] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 101.676789] RBP: ffff888023fc7bd0 R08: ffffed1001d1e233 R09: ffffed1001d1e233 [ 101.677401] R10: ffff88800e8f1193 R11: ffffed1001d1e232 R12: ffff888010e00000 [ 101.678009] R13: ffff88800e8f11e8 R14: ffffffff8352e670 R15: ffff888023fc7e68 [ 101.678637] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.679352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.679863] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 101.680481] PKRU: 55555554 [ 101.680728] Call Trace: [ 101.680949] [ 101.681146] __iommufd_access_detach+0x1c2/0x2b0 [ 101.681572] iommufd_access_change_pt+0x149/0x270 [ 101.681999] iommufd_access_replace+0xb4/0x120 [ 101.682407] iommufd_test+0x3e5/0x37e0 [ 101.682822] ? lock_release+0x532/0x770 [ 101.683186] ? __might_fault+0x102/0x1b0 [ 101.683545] ? lock_acquire+0x427/0x4c0 [ 101.683903] ? __pfx_iommufd_test+0x10/0x10 [ 101.684271] ? __pfx_lock_release+0x10/0x10 [ 101.684646] ? __pfx_lock_acquire+0x10/0x10 [ 101.685026] ? write_comp_data+0x2f/0x90 [ 101.685384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.685807] ? write_comp_data+0x2f/0x90 [ 101.686170] iommufd_fops_ioctl+0x37d/0x510 [ 101.686566] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.686992] ? write_comp_data+0x2f/0x90 [ 101.687361] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.687781] __x64_sys_ioctl+0x1a3/0x230 [ 101.688141] do_syscall_64+0x3b/0x90 [ 101.688474] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.688928] RIP: 0033:0x7f4b8743ee5d [ 101.689249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.690841] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.691517] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.692131] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.692752] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.693441] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.694050] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.694687] [ 101.694892] irq event stamp: 0 [ 101.695179] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.696020] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.697016] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.698139] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.698949] ---[ end trace 0000000000000000 ]--- [ 101.702026] ------------[ cut here ]------------ [ 101.702458] WARNING: CPU: 1 PID: 895 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.703374] Modules linked in: [ 101.703651] CPU: 1 PID: 895 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.704386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.705489] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.705915] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.707561] RSP: 0018:ffff888023fc7bd0 EFLAGS: 00010246 [ 101.708048] RAX: 0000000000000000 RBX: ffff88800e8f10a8 RCX: 0000000000000000 [ 101.708694] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 101.709442] RBP: ffff888023fc7be8 R08: ffffed1001d1e233 R09: ffffed1001d1e233 [ 101.710152] R10: ffff88800e8f1193 R11: ffffed1001d1e232 R12: ffff8880183d9400 [ 101.710820] R13: ffff88800e8f11e8 R14: ffff888013cc1900 R15: 0000000000000000 [ 101.711499] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.712228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.712749] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 101.713394] PKRU: 55555554 [ 101.713653] Call Trace: [ 101.713889] [ 101.714096] iommufd_access_destroy_object+0x65/0x170 [ 101.714606] iommufd_object_destroy_user+0x18e/0x220 [ 101.715142] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.715798] iommufd_access_destroy+0x43/0x70 [ 101.716229] iommufd_test_staccess_release+0x8d/0xd0 [ 101.716706] __fput+0x26d/0xa40 [ 101.717124] ____fput+0x1e/0x30 [ 101.717503] task_work_run+0x1a4/0x2d0 [ 101.717878] ? __pfx_task_work_run+0x10/0x10 [ 101.718286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.718823] ? switch_task_namespaces+0xa9/0xe0 [ 101.719328] do_exit+0xb17/0x2ef0 [ 101.719650] ? lock_acquire+0x427/0x4c0 [ 101.720027] ? __pfx_lock_release+0x10/0x10 [ 101.720436] ? __kasan_check_write+0x18/0x20 [ 101.720848] ? do_raw_spin_lock+0x132/0x2a0 [ 101.721414] ? __pfx_do_exit+0x10/0x10 [ 101.721781] ? debug_smp_processor_id+0x20/0x30 [ 101.722212] ? rcu_is_watching+0x19/0xb0 [ 101.722618] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.723052] ? trace_hardirqs_on+0x26/0x120 [ 101.723469] do_group_exit+0xe0/0x2b0 [ 101.723850] __x64_sys_exit_group+0x47/0x50 [ 101.724384] do_syscall_64+0x3b/0x90 [ 101.724747] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.725313] RIP: 0033:0x7f4b87518a4d [ 101.725663] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.726216] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.726940] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.727600] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.728258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.728907] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.729549] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.730200] [ 101.730411] irq event stamp: 0 [ 101.730716] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.731290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.732050] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.732803] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.733373] ---[ end trace 0000000000000000 ]--- [ 101.734155] ------------[ cut here ]------------ [ 101.734630] WARNING: CPU: 1 PID: 895 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.735556] Modules linked in: [ 101.735848] CPU: 1 PID: 895 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.736631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.737650] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.738122] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.740007] RSP: 0018:ffff888023fc7b78 EFLAGS: 00010246 [ 101.740491] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.741128] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 101.741772] RBP: ffff888023fc7b98 R08: ffffed1001d1e23e R09: ffffed1001d1e23e [ 101.742414] R10: ffff88800e8f11ef R11: ffffed1001d1e23d R12: ffff88800e8f1290 [ 101.743078] R13: ffff88800e8f10a8 R14: ffffffffffffffff R15: ffff888023fc7c60 [ 101.743738] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.744461] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.744982] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 101.745625] PKRU: 55555554 [ 101.745886] Call Trace: [ 101.746120] [ 101.746326] iommufd_ioas_destroy+0x53/0x70 [ 101.746750] iommufd_fops_release+0x1f7/0x370 [ 101.747179] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.747637] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.748090] ? write_comp_data+0x2f/0x90 [ 101.748467] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.748922] __fput+0x26d/0xa40 [ 101.749238] ____fput+0x1e/0x30 [ 101.749549] task_work_run+0x1a4/0x2d0 [ 101.749911] ? __pfx_task_work_run+0x10/0x10 [ 101.750314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.750785] ? switch_task_namespaces+0xa9/0xe0 [ 101.751229] do_exit+0xb17/0x2ef0 [ 101.751551] ? lock_acquire+0x427/0x4c0 [ 101.751927] ? __pfx_lock_release+0x10/0x10 [ 101.752321] ? __kasan_check_write+0x18/0x20 [ 101.752726] ? do_raw_spin_lock+0x132/0x2a0 [ 101.753123] ? __pfx_do_exit+0x10/0x10 [ 101.753487] ? debug_smp_processor_id+0x20/0x30 [ 101.753918] ? rcu_is_watching+0x19/0xb0 [ 101.754292] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.754733] ? trace_hardirqs_on+0x26/0x120 [ 101.755145] do_group_exit+0xe0/0x2b0 [ 101.755496] __x64_sys_exit_group+0x47/0x50 [ 101.755890] do_syscall_64+0x3b/0x90 [ 101.756237] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.756713] RIP: 0033:0x7f4b87518a4d [ 101.757109] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.757667] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.758365] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.759052] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.759709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.760354] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.761008] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.761667] [ 101.761884] irq event stamp: 0 [ 101.762175] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.762779] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.763563] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.764293] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.764839] ---[ end trace 0000000000000000 ]--- [ 101.769662] ------------[ cut here ]------------ [ 101.770107] WARNING: CPU: 1 PID: 897 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.771014] Modules linked in: [ 101.771319] CPU: 1 PID: 897 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.772058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.773019] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.773444] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.775032] RSP: 0018:ffff888016617bb8 EFLAGS: 00010246 [ 101.775502] RAX: 0000000000000000 RBX: ffff888011d9b0a8 RCX: 0000000000000000 [ 101.776118] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 101.776733] RBP: ffff888016617bd0 R08: ffffed10023b3633 R09: ffffed10023b3633 [ 101.777346] R10: ffff888011d9b193 R11: ffffed10023b3632 R12: ffff888010c09000 [ 101.777961] R13: ffff888011d9b1e8 R14: ffffffff8352e670 R15: ffff888016617e68 [ 101.778594] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.779297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.779794] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 101.780403] PKRU: 55555554 [ 101.780653] Call Trace: [ 101.780875] [ 101.781073] __iommufd_access_detach+0x1c2/0x2b0 [ 101.781494] iommufd_access_change_pt+0x149/0x270 [ 101.781921] iommufd_access_replace+0xb4/0x120 [ 101.782325] iommufd_test+0x3e5/0x37e0 [ 101.782687] ? lock_release+0x532/0x770 [ 101.783045] ? __might_fault+0x102/0x1b0 [ 101.783411] ? lock_acquire+0x427/0x4c0 [ 101.783762] ? __pfx_iommufd_test+0x10/0x10 [ 101.784130] ? __pfx_lock_release+0x10/0x10 [ 101.784521] ? __pfx_lock_acquire+0x10/0x10 [ 101.784900] ? write_comp_data+0x2f/0x90 [ 101.785258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.785684] ? write_comp_data+0x2f/0x90 [ 101.786048] iommufd_fops_ioctl+0x37d/0x510 [ 101.786423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.786873] ? write_comp_data+0x2f/0x90 [ 101.787240] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.787664] __x64_sys_ioctl+0x1a3/0x230 [ 101.788025] do_syscall_64+0x3b/0x90 [ 101.788361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.788818] RIP: 0033:0x7f4b8743ee5d [ 101.789224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.790849] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.791542] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.792163] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.792780] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.793390] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.793999] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.794647] [ 101.794856] irq event stamp: 0 [ 101.795133] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.795677] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.796396] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.797110] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.797648] ---[ end trace 0000000000000000 ]--- [ 101.800563] ------------[ cut here ]------------ [ 101.801005] WARNING: CPU: 1 PID: 897 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.801867] Modules linked in: [ 101.802145] CPU: 1 PID: 897 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.802923] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.803916] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.804354] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.805919] RSP: 0018:ffff888016617bd0 EFLAGS: 00010246 [ 101.806386] RAX: 0000000000000000 RBX: ffff888011d9b0a8 RCX: 0000000000000000 [ 101.807017] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 101.807642] RBP: ffff888016617be8 R08: ffffed10023b3633 R09: ffffed10023b3633 [ 101.808249] R10: ffff888011d9b193 R11: ffffed10023b3632 R12: ffff888010e02000 [ 101.808865] R13: ffff888011d9b1e8 R14: ffff888013c61e00 R15: 0000000000000000 [ 101.809482] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.810185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.810707] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 101.811344] PKRU: 55555554 [ 101.811596] Call Trace: [ 101.811823] [ 101.812021] iommufd_access_destroy_object+0x65/0x170 [ 101.812477] iommufd_object_destroy_user+0x18e/0x220 [ 101.812928] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.813446] iommufd_access_destroy+0x43/0x70 [ 101.813847] iommufd_test_staccess_release+0x8d/0xd0 [ 101.814299] __fput+0x26d/0xa40 [ 101.814635] ____fput+0x1e/0x30 [ 101.814936] task_work_run+0x1a4/0x2d0 [ 101.815300] ? __pfx_task_work_run+0x10/0x10 [ 101.815694] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.816125] ? switch_task_namespaces+0xa9/0xe0 [ 101.816537] do_exit+0xb17/0x2ef0 [ 101.816841] ? lock_acquire+0x427/0x4c0 [ 101.817198] ? __pfx_lock_release+0x10/0x10 [ 101.817581] ? __kasan_check_write+0x18/0x20 [ 101.817970] ? do_raw_spin_lock+0x132/0x2a0 [ 101.818344] ? __pfx_do_exit+0x10/0x10 [ 101.818721] ? debug_smp_processor_id+0x20/0x30 [ 101.819150] ? rcu_is_watching+0x19/0xb0 [ 101.819511] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.819908] ? trace_hardirqs_on+0x26/0x120 [ 101.820286] do_group_exit+0xe0/0x2b0 [ 101.820616] __x64_sys_exit_group+0x47/0x50 [ 101.821058] do_syscall_64+0x3b/0x90 [ 101.821392] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.821845] RIP: 0033:0x7f4b87518a4d [ 101.822166] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.822721] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.823383] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.823991] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.824598] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.825216] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.825838] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.826477] [ 101.826717] irq event stamp: 0 [ 101.827000] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.827563] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.828292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.829020] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.829563] ---[ end trace 0000000000000000 ]--- [ 101.830313] ------------[ cut here ]------------ [ 101.830755] WARNING: CPU: 1 PID: 897 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.831647] Modules linked in: [ 101.831926] CPU: 1 PID: 897 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.832667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.833634] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.834085] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.835815] RSP: 0018:ffff888016617b78 EFLAGS: 00010246 [ 101.836323] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.836972] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 101.837625] RBP: ffff888016617b98 R08: ffffed10023b363e R09: ffffed10023b363e [ 101.838280] R10: ffff888011d9b1ef R11: ffffed10023b363d R12: ffff888011d9b290 [ 101.838954] R13: ffff888011d9b0a8 R14: ffffffffffffffff R15: ffff888016617c60 [ 101.839624] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 101.840365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.840900] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 101.841563] PKRU: 55555554 [ 101.841831] Call Trace: [ 101.842073] [ 101.842286] iommufd_ioas_destroy+0x53/0x70 [ 101.842724] iommufd_fops_release+0x1f7/0x370 [ 101.843164] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.843636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.844095] ? write_comp_data+0x2f/0x90 [ 101.844476] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.844937] __fput+0x26d/0xa40 [ 101.845260] ____fput+0x1e/0x30 [ 101.845572] task_work_run+0x1a4/0x2d0 [ 101.845941] ? __pfx_task_work_run+0x10/0x10 [ 101.846352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.846852] ? switch_task_namespaces+0xa9/0xe0 [ 101.847325] do_exit+0xb17/0x2ef0 [ 101.847660] ? lock_acquire+0x427/0x4c0 [ 101.848037] ? __pfx_lock_release+0x10/0x10 [ 101.848438] ? __kasan_check_write+0x18/0x20 [ 101.848847] ? do_raw_spin_lock+0x132/0x2a0 [ 101.849251] ? __pfx_do_exit+0x10/0x10 [ 101.849633] ? debug_smp_processor_id+0x20/0x30 [ 101.850082] ? rcu_is_watching+0x19/0xb0 [ 101.850473] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.850947] ? trace_hardirqs_on+0x26/0x120 [ 101.851391] do_group_exit+0xe0/0x2b0 [ 101.851780] __x64_sys_exit_group+0x47/0x50 [ 101.852199] do_syscall_64+0x3b/0x90 [ 101.852565] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.853128] RIP: 0033:0x7f4b87518a4d [ 101.853483] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.854059] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.854832] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.855532] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.856206] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.856885] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.857556] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.858244] [ 101.858470] irq event stamp: 0 [ 101.858805] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.859420] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.860227] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.861030] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.861626] ---[ end trace 0000000000000000 ]--- [ 101.868434] ------------[ cut here ]------------ [ 101.869096] WARNING: CPU: 0 PID: 898 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.870362] Modules linked in: [ 101.870840] CPU: 0 PID: 898 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.871965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.873378] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.874012] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.876340] RSP: 0018:ffff888023fc7bb8 EFLAGS: 00010246 [ 101.877022] RAX: 0000000000000000 RBX: ffff8880104628a8 RCX: 0000000000000000 [ 101.877926] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 101.878864] RBP: ffff888023fc7bd0 R08: ffffed100208c533 R09: ffffed100208c533 [ 101.879792] R10: ffff888010462993 R11: ffffed100208c532 R12: ffff888012e95000 [ 101.880699] R13: ffff8880104629e8 R14: ffffffff8352e670 R15: ffff888023fc7e68 [ 101.881599] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.882659] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.883421] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 101.884327] PKRU: 55555554 [ 101.884696] Call Trace: [ 101.885031] [ 101.885329] __iommufd_access_detach+0x1c2/0x2b0 [ 101.885960] iommufd_access_change_pt+0x149/0x270 [ 101.886632] iommufd_access_replace+0xb4/0x120 [ 101.887255] iommufd_test+0x3e5/0x37e0 [ 101.887758] ? lock_release+0x532/0x770 [ 101.888292] ? __might_fault+0x102/0x1b0 [ 101.888827] ? lock_acquire+0x427/0x4c0 [ 101.889355] ? __pfx_iommufd_test+0x10/0x10 [ 101.889911] ? __pfx_lock_release+0x10/0x10 [ 101.890482] ? __pfx_lock_acquire+0x10/0x10 [ 101.891149] ? write_comp_data+0x2f/0x90 [ 101.891694] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.892325] ? write_comp_data+0x2f/0x90 [ 101.892864] iommufd_fops_ioctl+0x37d/0x510 [ 101.893427] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.894063] ? write_comp_data+0x2f/0x90 [ 101.894650] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 101.895298] __x64_sys_ioctl+0x1a3/0x230 [ 101.895839] do_syscall_64+0x3b/0x90 [ 101.896336] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.897011] RIP: 0033:0x7f4b8743ee5d [ 101.897490] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 101.899828] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 101.900799] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 101.901702] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 101.902638] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 101.903559] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 101.904458] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 101.905374] [ 101.905677] irq event stamp: 0 [ 101.906082] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.906922] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.908005] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.909059] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.909856] ---[ end trace 0000000000000000 ]--- [ 101.914743] ------------[ cut here ]------------ [ 101.915392] WARNING: CPU: 0 PID: 898 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 101.916661] Modules linked in: [ 101.917076] CPU: 0 PID: 898 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.918170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.919653] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 101.920298] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 101.922640] RSP: 0018:ffff888023fc7bd0 EFLAGS: 00010246 [ 101.923345] RAX: 0000000000000000 RBX: ffff8880104628a8 RCX: 0000000000000000 [ 101.924251] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 101.925152] RBP: ffff888023fc7be8 R08: ffffed100208c533 R09: ffffed100208c533 [ 101.926049] R10: ffff888010462993 R11: ffffed100208c532 R12: ffff88800f170c00 [ 101.927005] R13: ffff8880104629e8 R14: ffff88800bf3b500 R15: 0000000000000000 [ 101.927932] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.928950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.929685] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.930653] PKRU: 55555554 [ 101.931025] Call Trace: [ 101.931378] [ 101.931681] iommufd_access_destroy_object+0x65/0x170 [ 101.932460] iommufd_object_destroy_user+0x18e/0x220 [ 101.933481] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 101.934264] iommufd_access_destroy+0x43/0x70 [ 101.934919] iommufd_test_staccess_release+0x8d/0xd0 [ 101.936035] __fput+0x26d/0xa40 [ 101.936503] ____fput+0x1e/0x30 [ 101.936950] task_work_run+0x1a4/0x2d0 [ 101.937463] ? __pfx_task_work_run+0x10/0x10 [ 101.938038] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.938742] ? switch_task_namespaces+0xa9/0xe0 [ 101.939396] do_exit+0xb17/0x2ef0 [ 101.939850] ? lock_acquire+0x427/0x4c0 [ 101.940374] ? __pfx_lock_release+0x10/0x10 [ 101.940936] ? __kasan_check_write+0x18/0x20 [ 101.941507] ? do_raw_spin_lock+0x132/0x2a0 [ 101.942067] ? __pfx_do_exit+0x10/0x10 [ 101.942645] ? debug_smp_processor_id+0x20/0x30 [ 101.943276] ? rcu_is_watching+0x19/0xb0 [ 101.943804] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.944396] ? trace_hardirqs_on+0x26/0x120 [ 101.944964] do_group_exit+0xe0/0x2b0 [ 101.945461] __x64_sys_exit_group+0x47/0x50 [ 101.946017] do_syscall_64+0x3b/0x90 [ 101.946581] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.947281] RIP: 0033:0x7f4b87518a4d [ 101.947765] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.948545] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.949580] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.950869] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.951798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.952699] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 101.954034] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 101.955029] [ 101.955366] irq event stamp: 0 [ 101.955776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 101.956655] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 101.957960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 101.959090] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 101.960226] ---[ end trace 0000000000000000 ]--- [ 101.961515] ------------[ cut here ]------------ [ 101.962127] WARNING: CPU: 0 PID: 898 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 101.963835] Modules linked in: [ 101.964269] CPU: 0 PID: 898 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 101.965369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 101.967618] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 101.968293] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 101.970913] RSP: 0018:ffff888023fc7b78 EFLAGS: 00010246 [ 101.971620] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 101.972525] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 101.973422] RBP: ffff888023fc7b98 R08: ffffed100208c53e R09: ffffed100208c53e [ 101.974318] R10: ffff8880104629ef R11: ffffed100208c53d R12: ffff888010462a90 [ 101.975284] R13: ffff8880104628a8 R14: ffffffffffffffff R15: ffff888023fc7c60 [ 101.976197] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 101.977217] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.977953] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 101.978930] PKRU: 55555554 [ 101.979335] Call Trace: [ 101.979673] [ 101.979973] iommufd_ioas_destroy+0x53/0x70 [ 101.980538] iommufd_fops_release+0x1f7/0x370 [ 101.981122] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.981764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.982400] ? write_comp_data+0x2f/0x90 [ 101.982997] ? __pfx_iommufd_fops_release+0x10/0x10 [ 101.983667] __fput+0x26d/0xa40 [ 101.984117] ____fput+0x1e/0x30 [ 101.984558] task_work_run+0x1a4/0x2d0 [ 101.985076] ? __pfx_task_work_run+0x10/0x10 [ 101.985651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 101.986288] ? switch_task_namespaces+0xa9/0xe0 [ 101.986961] do_exit+0xb17/0x2ef0 [ 101.987444] ? lock_acquire+0x427/0x4c0 [ 101.987973] ? __pfx_lock_release+0x10/0x10 [ 101.988537] ? __kasan_check_write+0x18/0x20 [ 101.989119] ? do_raw_spin_lock+0x132/0x2a0 [ 101.989678] ? __pfx_do_exit+0x10/0x10 [ 101.990196] ? debug_smp_processor_id+0x20/0x30 [ 101.990859] ? rcu_is_watching+0x19/0xb0 [ 101.991426] ? _raw_spin_unlock_irq+0x2b/0x60 [ 101.992025] ? trace_hardirqs_on+0x26/0x120 [ 101.992589] do_group_exit+0xe0/0x2b0 [ 101.993087] __x64_sys_exit_group+0x47/0x50 [ 101.993639] do_syscall_64+0x3b/0x90 [ 101.994130] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 101.994861] RIP: 0033:0x7f4b87518a4d [ 101.995370] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 101.996153] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 101.997118] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 101.998021] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 101.998973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 101.999894] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.000795] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.001707] [ 102.002008] irq event stamp: 0 [ 102.002414] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.003272] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.004335] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.005394] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.006195] ---[ end trace 0000000000000000 ]--- [ 102.017086] ------------[ cut here ]------------ [ 102.017749] WARNING: CPU: 0 PID: 899 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.019525] Modules linked in: [ 102.019951] CPU: 0 PID: 899 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.021008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.022420] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.023138] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.025429] RSP: 0018:ffff88801429fbb8 EFLAGS: 00010246 [ 102.026108] RAX: 0000000000000000 RBX: ffff8880163b78a8 RCX: 0000000000000000 [ 102.027057] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 102.027981] RBP: ffff88801429fbd0 R08: ffffed1002c76f33 R09: ffffed1002c76f33 [ 102.028879] R10: ffff8880163b7993 R11: ffffed1002c76f32 R12: ffff888014582800 [ 102.029776] R13: ffff8880163b79e8 R14: ffffffff8352e670 R15: ffff88801429fe68 [ 102.030721] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.031754] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.032495] CR2: 00007f4b877410e8 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 102.033375] PKRU: 55555554 [ 102.033728] Call Trace: [ 102.034052] [ 102.034341] __iommufd_access_detach+0x1c2/0x2b0 [ 102.035006] iommufd_access_change_pt+0x149/0x270 [ 102.035643] iommufd_access_replace+0xb4/0x120 [ 102.036231] iommufd_test+0x3e5/0x37e0 [ 102.036720] ? lock_release+0x532/0x770 [ 102.037230] ? __might_fault+0x102/0x1b0 [ 102.037745] ? lock_acquire+0x427/0x4c0 [ 102.038256] ? __pfx_iommufd_test+0x10/0x10 [ 102.038847] ? __pfx_lock_release+0x10/0x10 [ 102.039422] ? __pfx_lock_acquire+0x10/0x10 [ 102.039961] ? write_comp_data+0x2f/0x90 [ 102.040468] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.041063] ? write_comp_data+0x2f/0x90 [ 102.041569] iommufd_fops_ioctl+0x37d/0x510 [ 102.042098] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.042737] ? write_comp_data+0x2f/0x90 [ 102.043267] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.043856] __x64_sys_ioctl+0x1a3/0x230 [ 102.044365] do_syscall_64+0x3b/0x90 [ 102.044832] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.045468] RIP: 0033:0x7f4b8743ee5d [ 102.045922] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.048125] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.049042] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.049893] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.050781] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.051651] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.052505] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.053372] [ 102.053661] irq event stamp: 0 [ 102.054044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.054840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.055849] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.056788] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.057502] ---[ end trace 0000000000000000 ]--- [ 102.062642] ------------[ cut here ]------------ [ 102.063217] WARNING: CPU: 0 PID: 899 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.064595] Modules linked in: [ 102.064992] CPU: 0 PID: 899 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.066144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.067687] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.068266] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.070554] RSP: 0018:ffff88801429fbd0 EFLAGS: 00010246 [ 102.071422] RAX: 0000000000000000 RBX: ffff8880163b78a8 RCX: 0000000000000000 [ 102.072229] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 102.073225] RBP: ffff88801429fbe8 R08: ffffed1002c76f33 R09: ffffed1002c76f33 [ 102.074124] R10: ffff8880163b7993 R11: ffffed1002c76f32 R12: ffff888012e95c00 [ 102.075041] R13: ffff8880163b79e8 R14: ffff88802094ed00 R15: 0000000000000000 [ 102.076051] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.076961] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.077814] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.078674] PKRU: 55555554 [ 102.079191] Call Trace: [ 102.079492] [ 102.079756] iommufd_access_destroy_object+0x65/0x170 [ 102.080439] iommufd_object_destroy_user+0x18e/0x220 [ 102.081140] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.081839] iommufd_access_destroy+0x43/0x70 [ 102.082571] iommufd_test_staccess_release+0x8d/0xd0 [ 102.083184] __fput+0x26d/0xa40 [ 102.083590] ____fput+0x1e/0x30 [ 102.084136] task_work_run+0x1a4/0x2d0 [ 102.084600] ? __pfx_task_work_run+0x10/0x10 [ 102.085113] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.085679] ? switch_task_namespaces+0xa9/0xe0 [ 102.086230] do_exit+0xb17/0x2ef0 [ 102.086669] ? lock_acquire+0x427/0x4c0 [ 102.087155] ? __pfx_lock_release+0x10/0x10 [ 102.087659] ? __kasan_check_write+0x18/0x20 [ 102.088169] ? do_raw_spin_lock+0x132/0x2a0 [ 102.088668] ? __pfx_do_exit+0x10/0x10 [ 102.089130] ? debug_smp_processor_id+0x20/0x30 [ 102.089671] ? rcu_is_watching+0x19/0xb0 [ 102.090138] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.090702] ? trace_hardirqs_on+0x26/0x120 [ 102.091261] do_group_exit+0xe0/0x2b0 [ 102.091597] __x64_sys_exit_group+0x47/0x50 [ 102.091954] do_syscall_64+0x3b/0x90 [ 102.092272] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.092713] RIP: 0033:0x7f4b87518a4d [ 102.093020] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.093524] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.094148] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.094776] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.095378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.095957] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.096547] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.097133] [ 102.097324] irq event stamp: 0 [ 102.097582] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.098093] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.098786] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.099468] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.099982] ---[ end trace 0000000000000000 ]--- [ 102.101083] ------------[ cut here ]------------ [ 102.101498] WARNING: CPU: 0 PID: 899 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.102659] Modules linked in: [ 102.102934] CPU: 0 PID: 899 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.103662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.104608] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.105039] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.106554] RSP: 0018:ffff88801429fb78 EFLAGS: 00010246 [ 102.106991] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.107576] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 102.108162] RBP: ffff88801429fb98 R08: ffffed1002c76f3e R09: ffffed1002c76f3e [ 102.108747] R10: ffff8880163b79ef R11: ffffed1002c76f3d R12: ffff8880163b7a90 [ 102.109331] R13: ffff8880163b78a8 R14: ffffffffffffffff R15: ffff88801429fc60 [ 102.109913] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.110590] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.111070] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.111667] PKRU: 55555554 [ 102.111904] Call Trace: [ 102.112118] [ 102.112309] iommufd_ioas_destroy+0x53/0x70 [ 102.112672] iommufd_fops_release+0x1f7/0x370 [ 102.113049] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.113466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.113875] ? write_comp_data+0x2f/0x90 [ 102.114219] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.114657] __fput+0x26d/0xa40 [ 102.114947] ____fput+0x1e/0x30 [ 102.115235] task_work_run+0x1a4/0x2d0 [ 102.115568] ? __pfx_task_work_run+0x10/0x10 [ 102.115940] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.116353] ? switch_task_namespaces+0xa9/0xe0 [ 102.116739] do_exit+0xb17/0x2ef0 [ 102.117019] ? lock_acquire+0x427/0x4c0 [ 102.117346] ? __pfx_lock_release+0x10/0x10 [ 102.117699] ? __kasan_check_write+0x18/0x20 [ 102.118058] ? do_raw_spin_lock+0x132/0x2a0 [ 102.118406] ? __pfx_do_exit+0x10/0x10 [ 102.118750] ? debug_smp_processor_id+0x20/0x30 [ 102.119140] ? rcu_is_watching+0x19/0xb0 [ 102.119467] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.119837] ? trace_hardirqs_on+0x26/0x120 [ 102.120187] do_group_exit+0xe0/0x2b0 [ 102.120493] __x64_sys_exit_group+0x47/0x50 [ 102.120834] do_syscall_64+0x3b/0x90 [ 102.121137] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.121558] RIP: 0033:0x7f4b87518a4d [ 102.121855] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.122338] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.122962] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.123542] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.124110] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.124680] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.125244] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.125815] [ 102.126003] irq event stamp: 0 [ 102.126253] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.126780] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.127453] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.128113] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.128610] ---[ end trace 0000000000000000 ]--- [ 102.133783] ------------[ cut here ]------------ [ 102.134391] WARNING: CPU: 0 PID: 900 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.135307] Modules linked in: [ 102.135562] CPU: 0 PID: 900 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.136445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.137326] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.137717] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.139170] RSP: 0018:ffff888021a3fbb8 EFLAGS: 00010246 [ 102.139590] RAX: 0000000000000000 RBX: ffff888021b810a8 RCX: 0000000000000000 [ 102.140262] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 102.140920] RBP: ffff888021a3fbd0 R08: ffffed1004370233 R09: ffffed1004370233 [ 102.141577] R10: ffff888021b81193 R11: ffffed1004370232 R12: ffff888020b32000 [ 102.142235] R13: ffff888021b811e8 R14: ffffffff8352e670 R15: ffff888021a3fe68 [ 102.142811] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.143631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.144094] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 102.144843] PKRU: 55555554 [ 102.145070] Call Trace: [ 102.145273] [ 102.145454] __iommufd_access_detach+0x1c2/0x2b0 [ 102.145860] iommufd_access_change_pt+0x149/0x270 [ 102.146420] iommufd_access_replace+0xb4/0x120 [ 102.146811] iommufd_test+0x3e5/0x37e0 [ 102.147132] ? lock_release+0x532/0x770 [ 102.147556] ? __might_fault+0x102/0x1b0 [ 102.147994] ? lock_acquire+0x427/0x4c0 [ 102.148322] ? __pfx_iommufd_test+0x10/0x10 [ 102.148665] ? __pfx_lock_release+0x10/0x10 [ 102.149115] ? __pfx_lock_acquire+0x10/0x10 [ 102.149568] ? write_comp_data+0x2f/0x90 [ 102.149909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.150345] ? write_comp_data+0x2f/0x90 [ 102.150827] iommufd_fops_ioctl+0x37d/0x510 [ 102.151181] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.151576] ? write_comp_data+0x2f/0x90 [ 102.152014] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.152520] __x64_sys_ioctl+0x1a3/0x230 [ 102.152863] do_syscall_64+0x3b/0x90 [ 102.153178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.153801] RIP: 0033:0x7f4b8743ee5d [ 102.154107] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.155770] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.156507] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.157207] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.157865] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.158581] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.159181] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.159778] [ 102.159977] irq event stamp: 0 [ 102.160238] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.160759] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.161457] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.162141] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.162678] ---[ end trace 0000000000000000 ]--- [ 102.165690] ------------[ cut here ]------------ [ 102.166198] WARNING: CPU: 0 PID: 900 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.167163] Modules linked in: [ 102.167435] CPU: 0 PID: 900 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.168323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.169299] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.169783] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.171525] RSP: 0018:ffff888021a3fbd0 EFLAGS: 00010246 [ 102.171966] RAX: 0000000000000000 RBX: ffff888021b810a8 RCX: 0000000000000000 [ 102.172591] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 102.173283] RBP: ffff888021a3fbe8 R08: ffffed1004370233 R09: ffffed1004370233 [ 102.173877] R10: ffff888021b81193 R11: ffffed1004370232 R12: ffff888014583c00 [ 102.174646] R13: ffff888021b811e8 R14: ffff8880104a0e00 R15: 0000000000000000 [ 102.175241] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.175972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.176535] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.177127] PKRU: 55555554 [ 102.177417] Call Trace: [ 102.177711] [ 102.177900] iommufd_access_destroy_object+0x65/0x170 [ 102.178335] iommufd_object_destroy_user+0x18e/0x220 [ 102.178819] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.179411] iommufd_access_destroy+0x43/0x70 [ 102.179792] iommufd_test_staccess_release+0x8d/0xd0 [ 102.180219] __fput+0x26d/0xa40 [ 102.180505] ____fput+0x1e/0x30 [ 102.180782] task_work_run+0x1a4/0x2d0 [ 102.181280] ? __pfx_task_work_run+0x10/0x10 [ 102.181644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.182052] ? switch_task_namespaces+0xa9/0xe0 [ 102.182485] do_exit+0xb17/0x2ef0 [ 102.182916] ? lock_acquire+0x427/0x4c0 [ 102.183260] ? __pfx_lock_release+0x10/0x10 [ 102.183623] ? __kasan_check_write+0x18/0x20 [ 102.184057] ? do_raw_spin_lock+0x132/0x2a0 [ 102.184511] ? __pfx_do_exit+0x10/0x10 [ 102.184844] ? debug_smp_processor_id+0x20/0x30 [ 102.185233] ? rcu_is_watching+0x19/0xb0 [ 102.185637] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.186090] ? trace_hardirqs_on+0x26/0x120 [ 102.186449] do_group_exit+0xe0/0x2b0 [ 102.186779] __x64_sys_exit_group+0x47/0x50 [ 102.187297] do_syscall_64+0x3b/0x90 [ 102.187615] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.188046] RIP: 0033:0x7f4b87518a4d [ 102.188385] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.189013] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.189632] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.190359] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.190955] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.191705] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.192287] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.192871] [ 102.193060] irq event stamp: 0 [ 102.193316] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.193822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.194496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.195193] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.195698] ---[ end trace 0000000000000000 ]--- [ 102.197575] ------------[ cut here ]------------ [ 102.197976] WARNING: CPU: 0 PID: 900 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.198833] Modules linked in: [ 102.199095] CPU: 0 PID: 900 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.199804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.200711] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.201124] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.202653] RSP: 0018:ffff888021a3fb78 EFLAGS: 00010246 [ 102.203086] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.203666] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 102.204236] RBP: ffff888021a3fb98 R08: ffffed100437023e R09: ffffed100437023e [ 102.204808] R10: ffff888021b811ef R11: ffffed100437023d R12: ffff888021b81290 [ 102.205372] R13: ffff888021b810a8 R14: ffffffffffffffff R15: ffff888021a3fc60 [ 102.205944] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.206607] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.207074] CR2: 00007f82e2ea9008 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 102.207650] PKRU: 55555554 [ 102.207882] Call Trace: [ 102.208089] [ 102.208271] iommufd_ioas_destroy+0x53/0x70 [ 102.208624] iommufd_fops_release+0x1f7/0x370 [ 102.208994] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.209401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.209803] ? write_comp_data+0x2f/0x90 [ 102.210141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.210567] __fput+0x26d/0xa40 [ 102.210851] ____fput+0x1e/0x30 [ 102.211133] task_work_run+0x1a4/0x2d0 [ 102.211462] ? __pfx_task_work_run+0x10/0x10 [ 102.211828] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.212229] ? switch_task_namespaces+0xa9/0xe0 [ 102.212619] do_exit+0xb17/0x2ef0 [ 102.212901] ? lock_acquire+0x427/0x4c0 [ 102.213232] ? __pfx_lock_release+0x10/0x10 [ 102.213590] ? __kasan_check_write+0x18/0x20 [ 102.213956] ? do_raw_spin_lock+0x132/0x2a0 [ 102.214307] ? __pfx_do_exit+0x10/0x10 [ 102.214650] ? debug_smp_processor_id+0x20/0x30 [ 102.215038] ? rcu_is_watching+0x19/0xb0 [ 102.215382] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.215755] ? trace_hardirqs_on+0x26/0x120 [ 102.216112] do_group_exit+0xe0/0x2b0 [ 102.216424] __x64_sys_exit_group+0x47/0x50 [ 102.216772] do_syscall_64+0x3b/0x90 [ 102.217084] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.217511] RIP: 0033:0x7f4b87518a4d [ 102.217813] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.218309] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.218938] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.219523] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.220097] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.220670] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.221241] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.221821] [ 102.222013] irq event stamp: 0 [ 102.222270] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.222804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.223496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.224184] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.224700] ---[ end trace 0000000000000000 ]--- [ 102.229464] ------------[ cut here ]------------ [ 102.229880] WARNING: CPU: 0 PID: 901 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.230745] Modules linked in: [ 102.231008] CPU: 0 PID: 901 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.231711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.232589] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.232982] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.234403] RSP: 0018:ffff888016617bb8 EFLAGS: 00010246 [ 102.234860] RAX: 0000000000000000 RBX: ffff8880166588a8 RCX: 0000000000000000 [ 102.235426] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 102.235981] RBP: ffff888016617bd0 R08: ffffed1002ccb133 R09: ffffed1002ccb133 [ 102.236535] R10: ffff888016658993 R11: ffffed1002ccb132 R12: ffff888013afa000 [ 102.237085] R13: ffff8880166589e8 R14: ffffffff8352e670 R15: ffff888016617e68 [ 102.237641] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.238288] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.238765] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 102.239334] PKRU: 55555554 [ 102.239559] Call Trace: [ 102.239760] [ 102.239939] __iommufd_access_detach+0x1c2/0x2b0 [ 102.240327] iommufd_access_change_pt+0x149/0x270 [ 102.240721] iommufd_access_replace+0xb4/0x120 [ 102.241091] iommufd_test+0x3e5/0x37e0 [ 102.241398] ? lock_release+0x532/0x770 [ 102.241723] ? __might_fault+0x102/0x1b0 [ 102.242053] ? lock_acquire+0x427/0x4c0 [ 102.242376] ? __pfx_iommufd_test+0x10/0x10 [ 102.242734] ? __pfx_lock_release+0x10/0x10 [ 102.243091] ? __pfx_lock_acquire+0x10/0x10 [ 102.243449] ? write_comp_data+0x2f/0x90 [ 102.243776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.244158] ? write_comp_data+0x2f/0x90 [ 102.244482] iommufd_fops_ioctl+0x37d/0x510 [ 102.244819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.245199] ? write_comp_data+0x2f/0x90 [ 102.245521] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.245899] __x64_sys_ioctl+0x1a3/0x230 [ 102.246226] do_syscall_64+0x3b/0x90 [ 102.246546] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.246957] RIP: 0033:0x7f4b8743ee5d [ 102.247253] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.248652] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.249237] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.249784] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.250337] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.250916] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.251475] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.252034] [ 102.252215] irq event stamp: 0 [ 102.252460] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.252947] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.253590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.254234] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.254740] ---[ end trace 0000000000000000 ]--- [ 102.257449] ------------[ cut here ]------------ [ 102.257837] WARNING: CPU: 0 PID: 901 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.258643] Modules linked in: [ 102.258893] CPU: 0 PID: 901 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.259563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.260425] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.260804] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.262170] RSP: 0018:ffff888016617bd0 EFLAGS: 00010246 [ 102.262590] RAX: 0000000000000000 RBX: ffff8880166588a8 RCX: 0000000000000000 [ 102.263127] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 102.263660] RBP: ffff888016617be8 R08: ffffed1002ccb133 R09: ffffed1002ccb133 [ 102.264195] R10: ffff888016658993 R11: ffffed1002ccb132 R12: ffff888020b33800 [ 102.264730] R13: ffff8880166589e8 R14: ffff888020806000 R15: 0000000000000000 [ 102.265262] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.265864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.266302] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.266859] PKRU: 55555554 [ 102.267077] Call Trace: [ 102.267285] [ 102.267459] iommufd_access_destroy_object+0x65/0x170 [ 102.267857] iommufd_object_destroy_user+0x18e/0x220 [ 102.268250] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.268696] iommufd_access_destroy+0x43/0x70 [ 102.269042] iommufd_test_staccess_release+0x8d/0xd0 [ 102.269434] __fput+0x26d/0xa40 [ 102.269703] ____fput+0x1e/0x30 [ 102.269963] task_work_run+0x1a4/0x2d0 [ 102.270265] ? __pfx_task_work_run+0x10/0x10 [ 102.270622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.270999] ? switch_task_namespaces+0xa9/0xe0 [ 102.271373] do_exit+0xb17/0x2ef0 [ 102.271638] ? lock_acquire+0x427/0x4c0 [ 102.271950] ? __pfx_lock_release+0x10/0x10 [ 102.272285] ? __kasan_check_write+0x18/0x20 [ 102.272623] ? do_raw_spin_lock+0x132/0x2a0 [ 102.272952] ? __pfx_do_exit+0x10/0x10 [ 102.273254] ? debug_smp_processor_id+0x20/0x30 [ 102.273613] ? rcu_is_watching+0x19/0xb0 [ 102.273923] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.274270] ? trace_hardirqs_on+0x26/0x120 [ 102.274622] do_group_exit+0xe0/0x2b0 [ 102.274918] __x64_sys_exit_group+0x47/0x50 [ 102.275250] do_syscall_64+0x3b/0x90 [ 102.275546] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.275947] RIP: 0033:0x7f4b87518a4d [ 102.276229] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.276692] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.277261] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.277792] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.278327] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.278876] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.279417] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.279960] [ 102.280138] irq event stamp: 0 [ 102.280375] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.280851] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.281475] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.282104] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.282597] ---[ end trace 0000000000000000 ]--- [ 102.283286] ------------[ cut here ]------------ [ 102.283646] WARNING: CPU: 0 PID: 901 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.284391] Modules linked in: [ 102.284630] CPU: 0 PID: 901 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.285265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.286095] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.286477] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.287846] RSP: 0018:ffff888016617b78 EFLAGS: 00010246 [ 102.288242] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.288766] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 102.289290] RBP: ffff888016617b98 R08: ffffed1002ccb13e R09: ffffed1002ccb13e [ 102.289813] R10: ffff8880166589ef R11: ffffed1002ccb13d R12: ffff888016658a90 [ 102.290336] R13: ffff8880166588a8 R14: ffffffffffffffff R15: ffff888016617c60 [ 102.290875] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.291474] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.291904] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.292427] PKRU: 55555554 [ 102.292635] Call Trace: [ 102.292826] [ 102.292997] iommufd_ioas_destroy+0x53/0x70 [ 102.293321] iommufd_fops_release+0x1f7/0x370 [ 102.293659] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.294030] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.294400] ? write_comp_data+0x2f/0x90 [ 102.294728] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.295104] __fput+0x26d/0xa40 [ 102.295370] ____fput+0x1e/0x30 [ 102.295626] task_work_run+0x1a4/0x2d0 [ 102.295923] ? __pfx_task_work_run+0x10/0x10 [ 102.296256] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.296624] ? switch_task_namespaces+0xa9/0xe0 [ 102.296980] do_exit+0xb17/0x2ef0 [ 102.297238] ? lock_acquire+0x427/0x4c0 [ 102.297541] ? __pfx_lock_release+0x10/0x10 [ 102.297869] ? __kasan_check_write+0x18/0x20 [ 102.298197] ? do_raw_spin_lock+0x132/0x2a0 [ 102.298533] ? __pfx_do_exit+0x10/0x10 [ 102.298834] ? debug_smp_processor_id+0x20/0x30 [ 102.299189] ? rcu_is_watching+0x19/0xb0 [ 102.299493] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.299833] ? trace_hardirqs_on+0x26/0x120 [ 102.300159] do_group_exit+0xe0/0x2b0 [ 102.300447] __x64_sys_exit_group+0x47/0x50 [ 102.300767] do_syscall_64+0x3b/0x90 [ 102.301053] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.301445] RIP: 0033:0x7f4b87518a4d [ 102.301721] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.302174] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.302747] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.303275] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.303806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.304330] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.304854] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.305388] [ 102.305562] irq event stamp: 0 [ 102.305796] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.306269] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.306901] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.307535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.308005] ---[ end trace 0000000000000000 ]--- [ 102.311776] ------------[ cut here ]------------ [ 102.312167] WARNING: CPU: 0 PID: 902 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.312912] Modules linked in: [ 102.313155] CPU: 0 PID: 902 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.313794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.314654] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.315023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.316374] RSP: 0018:ffff888018887bb8 EFLAGS: 00010246 [ 102.316767] RAX: 0000000000000000 RBX: ffff888012c468a8 RCX: 0000000000000000 [ 102.317296] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 102.317829] RBP: ffff888018887bd0 R08: ffffed1002588d33 R09: ffffed1002588d33 [ 102.318357] R10: ffff888012c46993 R11: ffffed1002588d32 R12: ffff888021bc6800 [ 102.318910] R13: ffff888012c469e8 R14: ffffffff8352e670 R15: ffff888018887e68 [ 102.319452] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.320051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.320483] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ef0 [ 102.321013] PKRU: 55555554 [ 102.321225] Call Trace: [ 102.321416] [ 102.321588] __iommufd_access_detach+0x1c2/0x2b0 [ 102.321957] iommufd_access_change_pt+0x149/0x270 [ 102.322329] iommufd_access_replace+0xb4/0x120 [ 102.322702] iommufd_test+0x3e5/0x37e0 [ 102.322997] ? lock_release+0x532/0x770 [ 102.323312] ? __might_fault+0x102/0x1b0 [ 102.323622] ? lock_acquire+0x427/0x4c0 [ 102.323930] ? __pfx_iommufd_test+0x10/0x10 [ 102.324251] ? __pfx_lock_release+0x10/0x10 [ 102.324579] ? __pfx_lock_acquire+0x10/0x10 [ 102.324914] ? write_comp_data+0x2f/0x90 [ 102.325228] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.325597] ? write_comp_data+0x2f/0x90 [ 102.325909] iommufd_fops_ioctl+0x37d/0x510 [ 102.326234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.326620] ? write_comp_data+0x2f/0x90 [ 102.326937] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.327307] __x64_sys_ioctl+0x1a3/0x230 [ 102.327622] do_syscall_64+0x3b/0x90 [ 102.327915] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.328315] RIP: 0033:0x7f4b8743ee5d [ 102.328597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.329945] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.330536] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.331065] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.331597] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.332127] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.332658] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.333192] [ 102.333367] irq event stamp: 0 [ 102.333602] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.334070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.334723] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.335357] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.335831] ---[ end trace 0000000000000000 ]--- [ 102.338484] ------------[ cut here ]------------ [ 102.338879] WARNING: CPU: 0 PID: 902 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.339645] Modules linked in: [ 102.339885] CPU: 0 PID: 902 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.340526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.341357] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.341727] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.343088] RSP: 0018:ffff888018887bd0 EFLAGS: 00010246 [ 102.343493] RAX: 0000000000000000 RBX: ffff888012c468a8 RCX: 0000000000000000 [ 102.344019] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 102.344545] RBP: ffff888018887be8 R08: ffffed1002588d33 R09: ffffed1002588d33 [ 102.345074] R10: ffff888012c46993 R11: ffffed1002588d32 R12: ffff888013afb800 [ 102.345588] R13: ffff888012c469e8 R14: ffff88800b95fb00 R15: 0000000000000000 [ 102.346105] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.346702] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.347130] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.347650] PKRU: 55555554 [ 102.347856] Call Trace: [ 102.348042] [ 102.348210] iommufd_access_destroy_object+0x65/0x170 [ 102.348595] iommufd_object_destroy_user+0x18e/0x220 [ 102.348972] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.349402] iommufd_access_destroy+0x43/0x70 [ 102.349733] iommufd_test_staccess_release+0x8d/0xd0 [ 102.350107] __fput+0x26d/0xa40 [ 102.350361] ____fput+0x1e/0x30 [ 102.350631] task_work_run+0x1a4/0x2d0 [ 102.350929] ? __pfx_task_work_run+0x10/0x10 [ 102.351270] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.351643] ? switch_task_namespaces+0xa9/0xe0 [ 102.352000] do_exit+0xb17/0x2ef0 [ 102.352259] ? lock_acquire+0x427/0x4c0 [ 102.352564] ? __pfx_lock_release+0x10/0x10 [ 102.352887] ? __kasan_check_write+0x18/0x20 [ 102.353216] ? do_raw_spin_lock+0x132/0x2a0 [ 102.353539] ? __pfx_do_exit+0x10/0x10 [ 102.353841] ? debug_smp_processor_id+0x20/0x30 [ 102.354196] ? rcu_is_watching+0x19/0xb0 [ 102.354501] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.354871] ? trace_hardirqs_on+0x26/0x120 [ 102.355212] do_group_exit+0xe0/0x2b0 [ 102.355496] __x64_sys_exit_group+0x47/0x50 [ 102.355813] do_syscall_64+0x3b/0x90 [ 102.356094] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.356478] RIP: 0033:0x7f4b87518a4d [ 102.356753] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.357198] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.357744] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.358253] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.358778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.359296] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.359805] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.360320] [ 102.360489] irq event stamp: 0 [ 102.360713] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.361162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.361759] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.362361] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.362832] ---[ end trace 0000000000000000 ]--- [ 102.363512] ------------[ cut here ]------------ [ 102.363853] WARNING: CPU: 0 PID: 902 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.364571] Modules linked in: [ 102.364802] CPU: 0 PID: 902 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.365421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.366235] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.366622] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.367925] RSP: 0018:ffff888018887b78 EFLAGS: 00010246 [ 102.368307] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.368821] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 102.369333] RBP: ffff888018887b98 R08: ffffed1002588d3e R09: ffffed1002588d3e [ 102.369840] R10: ffff888012c469ef R11: ffffed1002588d3d R12: ffff888012c46a90 [ 102.370344] R13: ffff888012c468a8 R14: ffffffffffffffff R15: ffff888018887c60 [ 102.370879] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.371465] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.371880] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.372387] PKRU: 55555554 [ 102.372588] Call Trace: [ 102.372773] [ 102.372935] iommufd_ioas_destroy+0x53/0x70 [ 102.373252] iommufd_fops_release+0x1f7/0x370 [ 102.373580] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.373947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.374303] ? write_comp_data+0x2f/0x90 [ 102.374618] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.374981] __fput+0x26d/0xa40 [ 102.375241] ____fput+0x1e/0x30 [ 102.375489] task_work_run+0x1a4/0x2d0 [ 102.375778] ? __pfx_task_work_run+0x10/0x10 [ 102.376099] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.376457] ? switch_task_namespaces+0xa9/0xe0 [ 102.376807] do_exit+0xb17/0x2ef0 [ 102.377064] ? lock_acquire+0x427/0x4c0 [ 102.377363] ? __pfx_lock_release+0x10/0x10 [ 102.377689] ? __kasan_check_write+0x18/0x20 [ 102.378010] ? do_raw_spin_lock+0x132/0x2a0 [ 102.378321] ? __pfx_do_exit+0x10/0x10 [ 102.378622] ? debug_smp_processor_id+0x20/0x30 [ 102.378962] ? rcu_is_watching+0x19/0xb0 [ 102.379263] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.379601] ? trace_hardirqs_on+0x26/0x120 [ 102.379926] do_group_exit+0xe0/0x2b0 [ 102.380208] __x64_sys_exit_group+0x47/0x50 [ 102.380524] do_syscall_64+0x3b/0x90 [ 102.380807] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.381193] RIP: 0033:0x7f4b87518a4d [ 102.381458] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.381900] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.382438] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.382961] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.383474] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.383983] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.384490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.385003] [ 102.385174] irq event stamp: 0 [ 102.385400] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.385848] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.386444] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.387064] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.387521] ---[ end trace 0000000000000000 ]--- [ 102.391632] ------------[ cut here ]------------ [ 102.392015] WARNING: CPU: 0 PID: 903 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.392751] Modules linked in: [ 102.392986] CPU: 0 PID: 903 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.393619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.394434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.394811] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.396132] RSP: 0018:ffff888015b2fbb8 EFLAGS: 00010246 [ 102.396524] RAX: 0000000000000000 RBX: ffff888016fe68a8 RCX: 0000000000000000 [ 102.397057] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 102.397573] RBP: ffff888015b2fbd0 R08: ffffed1002dfcd33 R09: ffffed1002dfcd33 [ 102.398084] R10: ffff888016fe6993 R11: ffffed1002dfcd32 R12: ffff8880148c6000 [ 102.398609] R13: ffff888016fe69e8 R14: ffffffff8352e670 R15: ffff888015b2fe68 [ 102.399133] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.399712] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.400128] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 102.400639] PKRU: 55555554 [ 102.400845] Call Trace: [ 102.401029] [ 102.401193] __iommufd_access_detach+0x1c2/0x2b0 [ 102.401558] iommufd_access_change_pt+0x149/0x270 [ 102.401918] iommufd_access_replace+0xb4/0x120 [ 102.402259] iommufd_test+0x3e5/0x37e0 [ 102.402557] ? lock_release+0x532/0x770 [ 102.402857] ? __might_fault+0x102/0x1b0 [ 102.403164] ? lock_acquire+0x427/0x4c0 [ 102.403459] ? __pfx_iommufd_test+0x10/0x10 [ 102.403767] ? __pfx_lock_release+0x10/0x10 [ 102.404082] ? __pfx_lock_acquire+0x10/0x10 [ 102.404399] ? write_comp_data+0x2f/0x90 [ 102.404701] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.405058] ? write_comp_data+0x2f/0x90 [ 102.405363] iommufd_fops_ioctl+0x37d/0x510 [ 102.405679] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.406036] ? write_comp_data+0x2f/0x90 [ 102.406339] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.406710] __x64_sys_ioctl+0x1a3/0x230 [ 102.407022] do_syscall_64+0x3b/0x90 [ 102.407307] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.407691] RIP: 0033:0x7f4b8743ee5d [ 102.407962] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.409276] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.409817] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.410320] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.410851] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.411374] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.411887] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.412401] [ 102.412568] irq event stamp: 0 [ 102.412793] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.413243] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.413842] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.414441] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.414908] ---[ end trace 0000000000000000 ]--- [ 102.417436] ------------[ cut here ]------------ [ 102.417779] WARNING: CPU: 0 PID: 903 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.418478] Modules linked in: [ 102.418726] CPU: 0 PID: 903 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.419340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.420125] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.420476] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.421751] RSP: 0018:ffff888015b2fbd0 EFLAGS: 00010246 [ 102.422132] RAX: 0000000000000000 RBX: ffff888016fe68a8 RCX: 0000000000000000 [ 102.422650] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 102.423151] RBP: ffff888015b2fbe8 R08: ffffed1002dfcd33 R09: ffffed1002dfcd33 [ 102.423654] R10: ffff888016fe6993 R11: ffffed1002dfcd32 R12: ffff888021bc7c00 [ 102.424158] R13: ffff888016fe69e8 R14: ffff88800b8e3f00 R15: 0000000000000000 [ 102.424662] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.425231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.425645] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.426157] PKRU: 55555554 [ 102.426361] Call Trace: [ 102.426555] [ 102.426716] iommufd_access_destroy_object+0x65/0x170 [ 102.427087] iommufd_object_destroy_user+0x18e/0x220 [ 102.427463] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.427881] iommufd_access_destroy+0x43/0x70 [ 102.428213] iommufd_test_staccess_release+0x8d/0xd0 [ 102.428587] __fput+0x26d/0xa40 [ 102.428832] ____fput+0x1e/0x30 [ 102.429074] task_work_run+0x1a4/0x2d0 [ 102.429359] ? __pfx_task_work_run+0x10/0x10 [ 102.429681] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.430035] ? switch_task_namespaces+0xa9/0xe0 [ 102.430378] do_exit+0xb17/0x2ef0 [ 102.430657] ? lock_acquire+0x427/0x4c0 [ 102.430953] ? __pfx_lock_release+0x10/0x10 [ 102.431276] ? __kasan_check_write+0x18/0x20 [ 102.431603] ? do_raw_spin_lock+0x132/0x2a0 [ 102.431920] ? __pfx_do_exit+0x10/0x10 [ 102.432214] ? debug_smp_processor_id+0x20/0x30 [ 102.432557] ? rcu_is_watching+0x19/0xb0 [ 102.432941] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.433596] ? trace_hardirqs_on+0x26/0x120 [ 102.433918] do_group_exit+0xe0/0x2b0 [ 102.434194] __x64_sys_exit_group+0x47/0x50 [ 102.434645] do_syscall_64+0x3b/0x90 [ 102.434919] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.435307] RIP: 0033:0x7f4b87518a4d [ 102.435576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.436127] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.436664] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.437280] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.437784] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.438340] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.438925] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.439444] [ 102.439613] irq event stamp: 0 [ 102.439839] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.440338] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.441022] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.441742] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.442192] ---[ end trace 0000000000000000 ]--- [ 102.442853] ------------[ cut here ]------------ [ 102.443314] WARNING: CPU: 0 PID: 903 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.444036] Modules linked in: [ 102.444317] CPU: 0 PID: 903 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.445009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.445935] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.446309] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.447769] RSP: 0018:ffff888015b2fb78 EFLAGS: 00010246 [ 102.448162] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.448816] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 102.449335] RBP: ffff888015b2fb98 R08: ffffed1002dfcd3e R09: ffffed1002dfcd3e [ 102.449899] R10: ffff888016fe69ef R11: ffffed1002dfcd3d R12: ffff888016fe6a90 [ 102.450495] R13: ffff888016fe68a8 R14: ffffffffffffffff R15: ffff888015b2fc60 [ 102.451034] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.451755] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.452180] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.452825] PKRU: 55555554 [ 102.453035] Call Trace: [ 102.453221] [ 102.453388] iommufd_ioas_destroy+0x53/0x70 [ 102.453746] iommufd_fops_release+0x1f7/0x370 [ 102.454166] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.454556] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.454925] ? write_comp_data+0x2f/0x90 [ 102.455245] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.455737] __fput+0x26d/0xa40 [ 102.455997] ____fput+0x1e/0x30 [ 102.456249] task_work_run+0x1a4/0x2d0 [ 102.456562] ? __pfx_task_work_run+0x10/0x10 [ 102.456981] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.457350] ? switch_task_namespaces+0xa9/0xe0 [ 102.457704] do_exit+0xb17/0x2ef0 [ 102.458009] ? lock_acquire+0x427/0x4c0 [ 102.458393] ? __pfx_lock_release+0x10/0x10 [ 102.458745] ? __kasan_check_write+0x18/0x20 [ 102.459076] ? do_raw_spin_lock+0x132/0x2a0 [ 102.459406] ? __pfx_do_exit+0x10/0x10 [ 102.459755] ? debug_smp_processor_id+0x20/0x30 [ 102.460183] ? rcu_is_watching+0x19/0xb0 [ 102.460485] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.460856] ? trace_hardirqs_on+0x26/0x120 [ 102.461273] do_group_exit+0xe0/0x2b0 [ 102.461564] __x64_sys_exit_group+0x47/0x50 [ 102.461888] do_syscall_64+0x3b/0x90 [ 102.462201] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.462715] RIP: 0033:0x7f4b87518a4d [ 102.462999] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.463460] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.464156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.464687] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.465274] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.465889] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.466447] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.467100] [ 102.467288] irq event stamp: 0 [ 102.467525] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.468006] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.468749] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.469401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.469965] ---[ end trace 0000000000000000 ]--- [ 102.474239] ------------[ cut here ]------------ [ 102.474716] WARNING: CPU: 0 PID: 904 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.475502] Modules linked in: [ 102.475749] CPU: 0 PID: 904 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.476400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.477242] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.477615] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.479003] RSP: 0018:ffff888016617bb8 EFLAGS: 00010246 [ 102.479416] RAX: 0000000000000000 RBX: ffff8880167f20a8 RCX: 0000000000000000 [ 102.479952] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 102.480489] RBP: ffff888016617bd0 R08: ffffed1002cfe433 R09: ffffed1002cfe433 [ 102.481022] R10: ffff8880167f2193 R11: ffffed1002cfe432 R12: ffff888010e00c00 [ 102.481553] R13: ffff8880167f21e8 R14: ffffffff8352e670 R15: ffff888016617e68 [ 102.482088] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.482710] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.483155] CR2: 00007f4b877410e8 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 102.483694] PKRU: 55555554 [ 102.483908] Call Trace: [ 102.484101] [ 102.484272] __iommufd_access_detach+0x1c2/0x2b0 [ 102.484641] iommufd_access_change_pt+0x149/0x270 [ 102.485013] iommufd_access_replace+0xb4/0x120 [ 102.485367] iommufd_test+0x3e5/0x37e0 [ 102.485659] ? lock_release+0x532/0x770 [ 102.485967] ? __might_fault+0x102/0x1b0 [ 102.486280] ? lock_acquire+0x427/0x4c0 [ 102.486607] ? __pfx_iommufd_test+0x10/0x10 [ 102.486933] ? __pfx_lock_release+0x10/0x10 [ 102.487272] ? __pfx_lock_acquire+0x10/0x10 [ 102.487610] ? write_comp_data+0x2f/0x90 [ 102.487925] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.488297] ? write_comp_data+0x2f/0x90 [ 102.488616] iommufd_fops_ioctl+0x37d/0x510 [ 102.488944] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.489315] ? write_comp_data+0x2f/0x90 [ 102.489630] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.490007] __x64_sys_ioctl+0x1a3/0x230 [ 102.490322] do_syscall_64+0x3b/0x90 [ 102.490630] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.491028] RIP: 0033:0x7f4b8743ee5d [ 102.491315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.492678] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.493245] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.493779] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.494312] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.494864] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.495409] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.495953] [ 102.496129] irq event stamp: 0 [ 102.496366] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.496840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.497468] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.498089] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.498571] ---[ end trace 0000000000000000 ]--- [ 102.501703] ------------[ cut here ]------------ [ 102.502217] WARNING: CPU: 0 PID: 904 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.503000] Modules linked in: [ 102.503257] CPU: 0 PID: 904 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.503970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.504888] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.505319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.506762] RSP: 0018:ffff888016617bd0 EFLAGS: 00010246 [ 102.507234] RAX: 0000000000000000 RBX: ffff8880167f20a8 RCX: 0000000000000000 [ 102.507848] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 102.508412] RBP: ffff888016617be8 R08: ffffed1002cfe433 R09: ffffed1002cfe433 [ 102.509069] R10: ffff8880167f2193 R11: ffffed1002cfe432 R12: ffff8880148c7800 [ 102.509605] R13: ffff8880167f21e8 R14: ffff88800f7e0000 R15: 0000000000000000 [ 102.510286] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.510910] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.511393] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.512030] PKRU: 55555554 [ 102.512245] Call Trace: [ 102.512441] [ 102.512612] iommufd_access_destroy_object+0x65/0x170 [ 102.513127] iommufd_object_destroy_user+0x18e/0x220 [ 102.513517] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.513975] iommufd_access_destroy+0x43/0x70 [ 102.514441] iommufd_test_staccess_release+0x8d/0xd0 [ 102.514857] __fput+0x26d/0xa40 [ 102.515130] ____fput+0x1e/0x30 [ 102.515394] task_work_run+0x1a4/0x2d0 [ 102.515762] ? __pfx_task_work_run+0x10/0x10 [ 102.516171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.516552] ? switch_task_namespaces+0xa9/0xe0 [ 102.516931] do_exit+0xb17/0x2ef0 [ 102.517301] ? asm_common_interrupt+0x2b/0x40 [ 102.517648] ? __pfx_do_exit+0x10/0x10 [ 102.517958] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.518362] ? _raw_spin_unlock_irq+0x31/0x60 [ 102.518802] do_group_exit+0xe0/0x2b0 [ 102.519100] __x64_sys_exit_group+0x47/0x50 [ 102.519440] do_syscall_64+0x3b/0x90 [ 102.519734] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.520189] RIP: 0033:0x7f4b87518a4d [ 102.520542] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.521010] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.521718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.522256] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.522871] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.523479] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.524020] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.524718] [ 102.524899] irq event stamp: 0 [ 102.525138] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.525637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.526368] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.527071] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.527640] ---[ end trace 0000000000000000 ]--- [ 102.528308] ------------[ cut here ]------------ [ 102.528719] WARNING: CPU: 0 PID: 904 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.529573] Modules linked in: [ 102.529833] CPU: 0 PID: 904 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.530617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.531630] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.532060] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.533447] RSP: 0018:ffff888016617b78 EFLAGS: 00010246 [ 102.533855] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.534567] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 102.535118] RBP: ffff888016617b98 R08: ffffed1002cfe43e R09: ffffed1002cfe43e [ 102.535646] R10: ffff8880167f21ef R11: ffffed1002cfe43d R12: ffff8880167f2290 [ 102.536291] R13: ffff8880167f20a8 R14: ffffffffffffffff R15: ffff888016617c60 [ 102.536834] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.537445] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.537883] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.538422] PKRU: 55555554 [ 102.538656] Call Trace: [ 102.538854] [ 102.539028] iommufd_ioas_destroy+0x53/0x70 [ 102.539380] iommufd_fops_release+0x1f7/0x370 [ 102.539732] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.540116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.540500] ? write_comp_data+0x2f/0x90 [ 102.540823] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.541207] __fput+0x26d/0xa40 [ 102.541476] ____fput+0x1e/0x30 [ 102.541740] task_work_run+0x1a4/0x2d0 [ 102.542046] ? __pfx_task_work_run+0x10/0x10 [ 102.542383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.542785] ? switch_task_namespaces+0xa9/0xe0 [ 102.543160] do_exit+0xb17/0x2ef0 [ 102.543430] ? asm_common_interrupt+0x2b/0x40 [ 102.543778] ? __pfx_do_exit+0x10/0x10 [ 102.544087] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.544440] ? _raw_spin_unlock_irq+0x31/0x60 [ 102.544794] do_group_exit+0xe0/0x2b0 [ 102.545089] __x64_sys_exit_group+0x47/0x50 [ 102.545418] do_syscall_64+0x3b/0x90 [ 102.545715] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.546119] RIP: 0033:0x7f4b87518a4d [ 102.546402] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.546891] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.547474] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.548012] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.548550] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.549091] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.549632] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.550177] [ 102.550356] irq event stamp: 0 [ 102.550619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.551101] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.551743] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.552376] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.552851] ---[ end trace 0000000000000000 ]--- [ 102.557470] ------------[ cut here ]------------ [ 102.557972] WARNING: CPU: 1 PID: 905 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.558781] Modules linked in: [ 102.559036] CPU: 1 PID: 905 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.559810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.560663] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.561125] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.562611] RSP: 0018:ffff88801817fbb8 EFLAGS: 00010246 [ 102.563015] RAX: 0000000000000000 RBX: ffff88801587d8a8 RCX: 0000000000000000 [ 102.563554] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 102.564194] RBP: ffff88801817fbd0 R08: ffffed1002b0fb33 R09: ffffed1002b0fb33 [ 102.564726] R10: ffff88801587d993 R11: ffffed1002b0fb32 R12: ffff888010826c00 [ 102.565289] R13: ffff88801587d9e8 R14: ffffffff8352e670 R15: ffff88801817fe68 [ 102.565879] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.566479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.567035] CR2: 00007f4b877410e8 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 102.567583] PKRU: 55555554 [ 102.567799] Call Trace: [ 102.567992] [ 102.568164] __iommufd_access_detach+0x1c2/0x2b0 [ 102.568592] iommufd_access_change_pt+0x149/0x270 [ 102.569018] iommufd_access_replace+0xb4/0x120 [ 102.569382] iommufd_test+0x3e5/0x37e0 [ 102.569683] ? lock_release+0x532/0x770 [ 102.570075] ? __might_fault+0x102/0x1b0 [ 102.570429] ? lock_acquire+0x427/0x4c0 [ 102.570772] ? __pfx_iommufd_test+0x10/0x10 [ 102.571122] ? __pfx_lock_release+0x10/0x10 [ 102.571469] ? __pfx_lock_acquire+0x10/0x10 [ 102.571830] ? write_comp_data+0x2f/0x90 [ 102.572242] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.572640] ? write_comp_data+0x2f/0x90 [ 102.572973] iommufd_fops_ioctl+0x37d/0x510 [ 102.573380] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.573819] ? write_comp_data+0x2f/0x90 [ 102.574150] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.574558] __x64_sys_ioctl+0x1a3/0x230 [ 102.574886] do_syscall_64+0x3b/0x90 [ 102.575321] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.575731] RIP: 0033:0x7f4b8743ee5d [ 102.576017] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.577503] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.578150] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.578769] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.579327] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.580021] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.580627] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.581197] [ 102.581449] irq event stamp: 0 [ 102.581696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.582178] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.582912] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.583627] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.584114] ---[ end trace 0000000000000000 ]--- [ 102.587026] ------------[ cut here ]------------ [ 102.587466] WARNING: CPU: 1 PID: 905 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.588435] Modules linked in: [ 102.588696] CPU: 1 PID: 905 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.589527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.590492] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.590928] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.592561] RSP: 0018:ffff88801817fbd0 EFLAGS: 00010246 [ 102.593091] RAX: 0000000000000000 RBX: ffff88801587d8a8 RCX: 0000000000000000 [ 102.593676] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 102.594264] RBP: ffff88801817fbe8 R08: ffffed1002b0fb33 R09: ffffed1002b0fb33 [ 102.595030] R10: ffff88801587d993 R11: ffffed1002b0fb32 R12: ffff888010c0b800 [ 102.595777] R13: ffff88801587d9e8 R14: ffff8880218e9e00 R15: 0000000000000000 [ 102.596415] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.597185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.597648] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 102.598227] PKRU: 55555554 [ 102.598525] Call Trace: [ 102.598783] [ 102.598967] iommufd_access_destroy_object+0x65/0x170 [ 102.599415] iommufd_object_destroy_user+0x18e/0x220 [ 102.599841] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.600418] iommufd_access_destroy+0x43/0x70 [ 102.600799] iommufd_test_staccess_release+0x8d/0xd0 [ 102.601229] __fput+0x26d/0xa40 [ 102.601517] ____fput+0x1e/0x30 [ 102.601798] task_work_run+0x1a4/0x2d0 [ 102.602127] ? __pfx_task_work_run+0x10/0x10 [ 102.602494] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.602974] ? switch_task_namespaces+0xa9/0xe0 [ 102.603379] do_exit+0xb17/0x2ef0 [ 102.603665] ? lock_acquire+0x427/0x4c0 [ 102.603995] ? __pfx_lock_release+0x10/0x10 [ 102.604352] ? __kasan_check_write+0x18/0x20 [ 102.604712] ? do_raw_spin_lock+0x132/0x2a0 [ 102.605063] ? __pfx_do_exit+0x10/0x10 [ 102.605387] ? debug_smp_processor_id+0x20/0x30 [ 102.605770] ? rcu_is_watching+0x19/0xb0 [ 102.606104] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.606478] ? trace_hardirqs_on+0x26/0x120 [ 102.606856] do_group_exit+0xe0/0x2b0 [ 102.607183] __x64_sys_exit_group+0x47/0x50 [ 102.607538] do_syscall_64+0x3b/0x90 [ 102.607854] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.608279] RIP: 0033:0x7f4b87518a4d [ 102.608580] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.609083] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.609695] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.610259] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.610849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.611430] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.612002] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.612580] [ 102.612771] irq event stamp: 0 [ 102.613026] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.613532] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.614207] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.614898] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.615415] ---[ end trace 0000000000000000 ]--- [ 102.616251] ------------[ cut here ]------------ [ 102.616667] WARNING: CPU: 0 PID: 905 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.617499] Modules linked in: [ 102.617762] CPU: 0 PID: 905 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.618461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.619456] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.619884] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.621357] RSP: 0018:ffff88801817fb78 EFLAGS: 00010246 [ 102.621793] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.622367] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 102.622967] RBP: ffff88801817fb98 R08: ffffed1002b0fb3e R09: ffffed1002b0fb3e [ 102.623563] R10: ffff88801587d9ef R11: ffffed1002b0fb3d R12: ffff88801587da90 [ 102.624144] R13: ffff88801587d8a8 R14: ffffffffffffffff R15: ffff88801817fc60 [ 102.624724] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.625382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.625855] CR2: 00007f82e2eed000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 102.626442] PKRU: 55555554 [ 102.626696] Call Trace: [ 102.626908] [ 102.627099] iommufd_ioas_destroy+0x53/0x70 [ 102.627470] iommufd_fops_release+0x1f7/0x370 [ 102.627849] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.628263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.628673] ? write_comp_data+0x2f/0x90 [ 102.629022] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.629436] __fput+0x26d/0xa40 [ 102.629725] ____fput+0x1e/0x30 [ 102.630007] task_work_run+0x1a4/0x2d0 [ 102.630337] ? __pfx_task_work_run+0x10/0x10 [ 102.630725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.631141] ? switch_task_namespaces+0xa9/0xe0 [ 102.631537] do_exit+0xb17/0x2ef0 [ 102.631828] ? lock_acquire+0x427/0x4c0 [ 102.632164] ? __pfx_lock_release+0x10/0x10 [ 102.632527] ? __kasan_check_write+0x18/0x20 [ 102.632899] ? do_raw_spin_lock+0x132/0x2a0 [ 102.633257] ? __pfx_do_exit+0x10/0x10 [ 102.633586] ? debug_smp_processor_id+0x20/0x30 [ 102.633982] ? rcu_is_watching+0x19/0xb0 [ 102.634324] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.634732] ? trace_hardirqs_on+0x26/0x120 [ 102.635116] do_group_exit+0xe0/0x2b0 [ 102.635441] __x64_sys_exit_group+0x47/0x50 [ 102.635798] do_syscall_64+0x3b/0x90 [ 102.636114] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.636547] RIP: 0033:0x7f4b87518a4d [ 102.636858] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.637362] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.637982] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.638595] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.639197] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.639794] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.640387] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.640981] [ 102.641177] irq event stamp: 0 [ 102.641437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.641954] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.642674] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.643375] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.643895] ---[ end trace 0000000000000000 ]--- [ 102.648975] ------------[ cut here ]------------ [ 102.649413] WARNING: CPU: 0 PID: 906 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.650246] Modules linked in: [ 102.650548] CPU: 0 PID: 906 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.651286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.652219] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.652632] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.654137] RSP: 0018:ffff8880186efbb8 EFLAGS: 00010246 [ 102.654601] RAX: 0000000000000000 RBX: ffff88800b8100a8 RCX: 0000000000000000 [ 102.655196] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 102.655789] RBP: ffff8880186efbd0 R08: ffffed1001702033 R09: ffffed1001702033 [ 102.656382] R10: ffff88800b810193 R11: ffffed1001702032 R12: ffff888014393800 [ 102.656985] R13: ffff88800b8101e8 R14: ffffffff8352e670 R15: ffff8880186efe68 [ 102.657578] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.658250] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.658758] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ef0 [ 102.659362] PKRU: 55555554 [ 102.659597] Call Trace: [ 102.659810] [ 102.659997] __iommufd_access_detach+0x1c2/0x2b0 [ 102.660408] iommufd_access_change_pt+0x149/0x270 [ 102.660822] iommufd_access_replace+0xb4/0x120 [ 102.661213] iommufd_test+0x3e5/0x37e0 [ 102.661543] ? lock_release+0x532/0x770 [ 102.661889] ? __might_fault+0x102/0x1b0 [ 102.662244] ? lock_acquire+0x427/0x4c0 [ 102.662616] ? __pfx_iommufd_test+0x10/0x10 [ 102.662983] ? __pfx_lock_release+0x10/0x10 [ 102.663369] ? __pfx_lock_acquire+0x10/0x10 [ 102.663747] ? write_comp_data+0x2f/0x90 [ 102.664096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.664511] ? write_comp_data+0x2f/0x90 [ 102.664866] iommufd_fops_ioctl+0x37d/0x510 [ 102.665234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.665646] ? write_comp_data+0x2f/0x90 [ 102.665997] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.666403] __x64_sys_ioctl+0x1a3/0x230 [ 102.666777] do_syscall_64+0x3b/0x90 [ 102.667104] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.667557] RIP: 0033:0x7f4b8743ee5d [ 102.667875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.669404] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.670054] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.670681] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.671289] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.671879] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.672466] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.673063] [ 102.673259] irq event stamp: 0 [ 102.673521] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.674043] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.674761] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.675467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.675987] ---[ end trace 0000000000000000 ]--- [ 102.678840] ------------[ cut here ]------------ [ 102.679272] WARNING: CPU: 0 PID: 906 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.680116] Modules linked in: [ 102.680385] CPU: 0 PID: 906 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.681104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.682043] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.682461] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.684006] RSP: 0018:ffff8880186efbd0 EFLAGS: 00010246 [ 102.684455] RAX: 0000000000000000 RBX: ffff88800b8100a8 RCX: 0000000000000000 [ 102.685049] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 102.685636] RBP: ffff8880186efbe8 R08: ffffed1001702033 R09: ffffed1001702033 [ 102.686227] R10: ffff88800b810193 R11: ffffed1001702032 R12: ffff888010e01800 [ 102.686840] R13: ffff88800b8101e8 R14: ffff888014060300 R15: 0000000000000000 [ 102.687438] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.688104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.688588] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.689182] PKRU: 55555554 [ 102.689420] Call Trace: [ 102.689634] [ 102.689822] iommufd_access_destroy_object+0x65/0x170 [ 102.690257] iommufd_object_destroy_user+0x18e/0x220 [ 102.690705] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.691212] iommufd_access_destroy+0x43/0x70 [ 102.691602] iommufd_test_staccess_release+0x8d/0xd0 [ 102.692039] __fput+0x26d/0xa40 [ 102.692330] ____fput+0x1e/0x30 [ 102.692616] task_work_run+0x1a4/0x2d0 [ 102.692949] ? __pfx_task_work_run+0x10/0x10 [ 102.693318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.693733] ? switch_task_namespaces+0xa9/0xe0 [ 102.694135] do_exit+0xb17/0x2ef0 [ 102.694431] ? lock_acquire+0x427/0x4c0 [ 102.694805] ? __pfx_lock_release+0x10/0x10 [ 102.695191] ? __kasan_check_write+0x18/0x20 [ 102.695563] ? do_raw_spin_lock+0x132/0x2a0 [ 102.695932] ? __pfx_do_exit+0x10/0x10 [ 102.696272] ? debug_smp_processor_id+0x20/0x30 [ 102.696667] ? rcu_is_watching+0x19/0xb0 [ 102.697014] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.697398] ? trace_hardirqs_on+0x26/0x120 [ 102.697765] do_group_exit+0xe0/0x2b0 [ 102.698085] __x64_sys_exit_group+0x47/0x50 [ 102.698446] do_syscall_64+0x3b/0x90 [ 102.698792] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.699253] RIP: 0033:0x7f4b87518a4d [ 102.699564] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.700075] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.700704] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.701296] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.701888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.702478] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.703103] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.703826] [ 102.704400] irq event stamp: 0 [ 102.704672] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.705225] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.706033] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.706766] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.707304] ---[ end trace 0000000000000000 ]--- [ 102.708121] ------------[ cut here ]------------ [ 102.708520] WARNING: CPU: 0 PID: 906 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.709445] Modules linked in: [ 102.709826] CPU: 0 PID: 906 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.710588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.711753] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.712204] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.713775] RSP: 0018:ffff8880186efb78 EFLAGS: 00010246 [ 102.714241] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.714955] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 102.715599] RBP: ffff8880186efb98 R08: ffffed100170203e R09: ffffed100170203e [ 102.716228] R10: ffff88800b8101ef R11: ffffed100170203d R12: ffff88800b810290 [ 102.717037] R13: ffff88800b8100a8 R14: ffffffffffffffff R15: ffff8880186efc60 [ 102.717657] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 102.718371] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.718909] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 102.719549] PKRU: 55555554 [ 102.719799] Call Trace: [ 102.720023] [ 102.720228] iommufd_ioas_destroy+0x53/0x70 [ 102.720617] iommufd_fops_release+0x1f7/0x370 [ 102.721015] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.721453] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.721884] ? write_comp_data+0x2f/0x90 [ 102.722250] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.722711] __fput+0x26d/0xa40 [ 102.723020] ____fput+0x1e/0x30 [ 102.723336] task_work_run+0x1a4/0x2d0 [ 102.723689] ? __pfx_task_work_run+0x10/0x10 [ 102.724084] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.724514] ? switch_task_namespaces+0xa9/0xe0 [ 102.724936] do_exit+0xb17/0x2ef0 [ 102.725239] ? lock_acquire+0x427/0x4c0 [ 102.725594] ? __pfx_lock_release+0x10/0x10 [ 102.725973] ? __kasan_check_write+0x18/0x20 [ 102.726362] ? do_raw_spin_lock+0x132/0x2a0 [ 102.726768] ? __pfx_do_exit+0x10/0x10 [ 102.727129] ? debug_smp_processor_id+0x20/0x30 [ 102.727546] ? rcu_is_watching+0x19/0xb0 [ 102.727905] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.728309] ? trace_hardirqs_on+0x26/0x120 [ 102.728701] do_group_exit+0xe0/0x2b0 [ 102.729039] __x64_sys_exit_group+0x47/0x50 [ 102.729419] do_syscall_64+0x3b/0x90 [ 102.729759] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.730224] RIP: 0033:0x7f4b87518a4d [ 102.730584] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.731138] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.731806] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.732435] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.733060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.733686] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.734307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.734970] [ 102.735199] irq event stamp: 0 [ 102.735478] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.736031] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.736763] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.737505] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.738054] ---[ end trace 0000000000000000 ]--- [ 102.742302] ------------[ cut here ]------------ [ 102.742881] WARNING: CPU: 1 PID: 907 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.743868] Modules linked in: [ 102.744258] CPU: 1 PID: 907 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.745060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.746299] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.746800] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.748698] RSP: 0018:ffff8880184c7bb8 EFLAGS: 00010246 [ 102.749332] RAX: 0000000000000000 RBX: ffff888018ae20a8 RCX: 0000000000000000 [ 102.750129] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 102.750816] RBP: ffff8880184c7bd0 R08: ffffed100315c433 R09: ffffed100315c433 [ 102.751669] R10: ffff888018ae2193 R11: ffffed100315c432 R12: ffff88801890d000 [ 102.752334] R13: ffff888018ae21e8 R14: ffffffff8352e670 R15: ffff8880184c7e68 [ 102.753138] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.753905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.754454] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ee0 [ 102.755320] PKRU: 55555554 [ 102.755597] Call Trace: [ 102.755842] [ 102.756066] __iommufd_access_detach+0x1c2/0x2b0 [ 102.756686] iommufd_access_change_pt+0x149/0x270 [ 102.757173] iommufd_access_replace+0xb4/0x120 [ 102.757627] iommufd_test+0x3e5/0x37e0 [ 102.758000] ? lock_release+0x532/0x770 [ 102.758562] ? __might_fault+0x102/0x1b0 [ 102.758968] ? lock_acquire+0x427/0x4c0 [ 102.759373] ? __pfx_iommufd_test+0x10/0x10 [ 102.759809] ? __pfx_lock_release+0x10/0x10 [ 102.760355] ? __pfx_lock_acquire+0x10/0x10 [ 102.760790] ? write_comp_data+0x2f/0x90 [ 102.761207] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.761744] ? write_comp_data+0x2f/0x90 [ 102.762235] iommufd_fops_ioctl+0x37d/0x510 [ 102.762689] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.763171] ? write_comp_data+0x2f/0x90 [ 102.763649] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.764198] __x64_sys_ioctl+0x1a3/0x230 [ 102.764606] do_syscall_64+0x3b/0x90 [ 102.764989] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.765670] RIP: 0033:0x7f4b8743ee5d [ 102.766069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.768224] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.769048] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.769967] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.770728] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.771682] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.772438] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.773281] [ 102.773626] irq event stamp: 0 [ 102.773959] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.774648] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.775752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.776632] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.777376] ---[ end trace 0000000000000000 ]--- [ 102.782797] ------------[ cut here ]------------ [ 102.783489] WARNING: CPU: 1 PID: 907 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.784652] Modules linked in: [ 102.784999] CPU: 1 PID: 907 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.786112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.787389] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.788020] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.790173] RSP: 0018:ffff8880184c7bd0 EFLAGS: 00010246 [ 102.790801] RAX: 0000000000000000 RBX: ffff888018ae20a8 RCX: 0000000000000000 [ 102.791786] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 102.792558] RBP: ffff8880184c7be8 R08: ffffed100315c433 R09: ffffed100315c433 [ 102.793371] R10: ffff888018ae2193 R11: ffffed100315c432 R12: ffff888010827000 [ 102.794259] R13: ffff888018ae21e8 R14: ffff888013447000 R15: 0000000000000000 [ 102.795064] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.795946] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.796567] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 102.797325] PKRU: 55555554 [ 102.797633] Call Trace: [ 102.797907] [ 102.798152] iommufd_access_destroy_object+0x65/0x170 [ 102.798751] iommufd_object_destroy_user+0x18e/0x220 [ 102.799325] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.799950] iommufd_access_destroy+0x43/0x70 [ 102.800445] iommufd_test_staccess_release+0x8d/0xd0 [ 102.801001] __fput+0x26d/0xa40 [ 102.801375] ____fput+0x1e/0x30 [ 102.801736] task_work_run+0x1a4/0x2d0 [ 102.802160] ? __pfx_task_work_run+0x10/0x10 [ 102.802656] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.803185] ? switch_task_namespaces+0xa9/0xe0 [ 102.803692] do_exit+0xb17/0x2ef0 [ 102.804062] ? lock_acquire+0x427/0x4c0 [ 102.804492] ? __pfx_lock_release+0x10/0x10 [ 102.804952] ? __kasan_check_write+0x18/0x20 [ 102.805418] ? do_raw_spin_lock+0x132/0x2a0 [ 102.805870] ? __pfx_do_exit+0x10/0x10 [ 102.806297] ? debug_smp_processor_id+0x20/0x30 [ 102.806816] ? rcu_is_watching+0x19/0xb0 [ 102.807263] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.807747] ? trace_hardirqs_on+0x26/0x120 [ 102.808208] do_group_exit+0xe0/0x2b0 [ 102.808613] __x64_sys_exit_group+0x47/0x50 [ 102.809072] do_syscall_64+0x3b/0x90 [ 102.809478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.810029] RIP: 0033:0x7f4b87518a4d [ 102.810426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.811100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.811910] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.812664] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.813498] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.814254] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.815039] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.815826] [ 102.816079] irq event stamp: 0 [ 102.816412] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.817078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.817956] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.818872] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.819561] ---[ end trace 0000000000000000 ]--- [ 102.820470] ------------[ cut here ]------------ [ 102.820992] WARNING: CPU: 1 PID: 907 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.822069] Modules linked in: [ 102.822416] CPU: 1 PID: 907 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.823381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.824568] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.825116] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.827058] RSP: 0018:ffff8880184c7b78 EFLAGS: 00010246 [ 102.827658] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.828419] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 102.829208] RBP: ffff8880184c7b98 R08: ffffed100315c43e R09: ffffed100315c43e [ 102.829964] R10: ffff888018ae21ef R11: ffffed100315c43d R12: ffff888018ae2290 [ 102.830749] R13: ffff888018ae20a8 R14: ffffffffffffffff R15: ffff8880184c7c60 [ 102.831537] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.832380] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.832991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 102.833733] PKRU: 55555554 [ 102.834030] Call Trace: [ 102.834305] [ 102.834570] iommufd_ioas_destroy+0x53/0x70 [ 102.835054] iommufd_fops_release+0x1f7/0x370 [ 102.835562] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.836118] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.836659] ? write_comp_data+0x2f/0x90 [ 102.837118] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.837656] __fput+0x26d/0xa40 [ 102.838025] ____fput+0x1e/0x30 [ 102.838386] task_work_run+0x1a4/0x2d0 [ 102.838842] ? __pfx_task_work_run+0x10/0x10 [ 102.839332] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.839853] ? switch_task_namespaces+0xa9/0xe0 [ 102.840353] do_exit+0xb17/0x2ef0 [ 102.840719] ? lock_acquire+0x427/0x4c0 [ 102.841149] ? __pfx_lock_release+0x10/0x10 [ 102.841609] ? __kasan_check_write+0x18/0x20 [ 102.842074] ? do_raw_spin_lock+0x132/0x2a0 [ 102.842555] ? __pfx_do_exit+0x10/0x10 [ 102.842985] ? debug_smp_processor_id+0x20/0x30 [ 102.843510] ? rcu_is_watching+0x19/0xb0 [ 102.843948] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.844434] ? trace_hardirqs_on+0x26/0x120 [ 102.844903] do_group_exit+0xe0/0x2b0 [ 102.845363] __x64_sys_exit_group+0x47/0x50 [ 102.845819] do_syscall_64+0x3b/0x90 [ 102.846220] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.846815] RIP: 0033:0x7f4b87518a4d [ 102.847226] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.847874] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.848668] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.849410] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.850139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.850906] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.851648] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.852393] [ 102.852641] irq event stamp: 0 [ 102.852966] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.853610] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.854481] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.855383] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.856029] ---[ end trace 0000000000000000 ]--- [ 102.860795] ------------[ cut here ]------------ [ 102.861325] WARNING: CPU: 1 PID: 908 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.862333] Modules linked in: [ 102.862948] CPU: 1 PID: 908 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.863849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.864995] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.865505] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.867392] RSP: 0018:ffff888012a8fbb8 EFLAGS: 00010246 [ 102.867948] RAX: 0000000000000000 RBX: ffff888016f608a8 RCX: 0000000000000000 [ 102.868680] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 102.869412] RBP: ffff888012a8fbd0 R08: ffffed1002dec133 R09: ffffed1002dec133 [ 102.870146] R10: ffff888016f60993 R11: ffffed1002dec132 R12: ffff88800ae93400 [ 102.870885] R13: ffff888016f609e8 R14: ffffffff8352e670 R15: ffff888012a8fe68 [ 102.871625] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.872452] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.873057] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 102.873783] PKRU: 55555554 [ 102.874083] Call Trace: [ 102.874353] [ 102.874614] __iommufd_access_detach+0x1c2/0x2b0 [ 102.875137] iommufd_access_change_pt+0x149/0x270 [ 102.875651] iommufd_access_replace+0xb4/0x120 [ 102.876137] iommufd_test+0x3e5/0x37e0 [ 102.876538] ? lock_release+0x532/0x770 [ 102.877031] ? __might_fault+0x102/0x1b0 [ 102.877451] ? lock_acquire+0x427/0x4c0 [ 102.877871] ? __pfx_iommufd_test+0x10/0x10 [ 102.878315] ? __pfx_lock_release+0x10/0x10 [ 102.878794] ? __pfx_lock_acquire+0x10/0x10 [ 102.879278] ? write_comp_data+0x2f/0x90 [ 102.879701] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.880202] ? write_comp_data+0x2f/0x90 [ 102.880638] iommufd_fops_ioctl+0x37d/0x510 [ 102.881091] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.881585] ? write_comp_data+0x2f/0x90 [ 102.882016] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.882533] __x64_sys_ioctl+0x1a3/0x230 [ 102.882964] do_syscall_64+0x3b/0x90 [ 102.883370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.883904] RIP: 0033:0x7f4b8743ee5d [ 102.884281] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.886112] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.886910] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.887638] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.888356] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.889079] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.889797] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.890554] [ 102.890800] irq event stamp: 0 [ 102.891149] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.891784] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.892630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.893480] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.894127] ---[ end trace 0000000000000000 ]--- [ 102.897335] ------------[ cut here ]------------ [ 102.897854] WARNING: CPU: 1 PID: 908 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.898903] Modules linked in: [ 102.899239] CPU: 1 PID: 908 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.900105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.901241] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.901745] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.903605] RSP: 0018:ffff888012a8fbd0 EFLAGS: 00010246 [ 102.904111] RAX: 0000000000000000 RBX: ffff888016f608a8 RCX: 0000000000000000 [ 102.904774] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 102.905440] RBP: ffff888012a8fbe8 R08: ffffed1002dec133 R09: ffffed1002dec133 [ 102.906103] R10: ffff888016f60993 R11: ffffed1002dec132 R12: ffff88801890fc00 [ 102.906793] R13: ffff888016f609e8 R14: ffff88800fa5ec00 R15: 0000000000000000 [ 102.907465] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.908221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.908764] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 102.909488] PKRU: 55555554 [ 102.909756] Call Trace: [ 102.909995] [ 102.910208] iommufd_access_destroy_object+0x65/0x170 [ 102.910734] iommufd_object_destroy_user+0x18e/0x220 [ 102.911248] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 102.911805] iommufd_access_destroy+0x43/0x70 [ 102.912236] iommufd_test_staccess_release+0x8d/0xd0 [ 102.912719] __fput+0x26d/0xa40 [ 102.913042] ____fput+0x1e/0x30 [ 102.913362] task_work_run+0x1a4/0x2d0 [ 102.913734] ? __pfx_task_work_run+0x10/0x10 [ 102.914150] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.914634] ? switch_task_namespaces+0xa9/0xe0 [ 102.915087] do_exit+0xb17/0x2ef0 [ 102.915424] ? lock_acquire+0x427/0x4c0 [ 102.915814] ? __pfx_lock_release+0x10/0x10 [ 102.916234] ? __kasan_check_write+0x18/0x20 [ 102.916663] ? do_raw_spin_lock+0x132/0x2a0 [ 102.917087] ? __pfx_do_exit+0x10/0x10 [ 102.917466] ? debug_smp_processor_id+0x20/0x30 [ 102.917906] ? rcu_is_watching+0x19/0xb0 [ 102.918288] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.918748] ? trace_hardirqs_on+0x26/0x120 [ 102.919174] do_group_exit+0xe0/0x2b0 [ 102.919543] __x64_sys_exit_group+0x47/0x50 [ 102.919953] do_syscall_64+0x3b/0x90 [ 102.920323] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.920829] RIP: 0033:0x7f4b87518a4d [ 102.921184] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.921769] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.922478] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.923179] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.923794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.924377] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.925048] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.925727] [ 102.925953] irq event stamp: 0 [ 102.926256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.926884] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.927710] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.928493] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.929086] ---[ end trace 0000000000000000 ]--- [ 102.929922] ------------[ cut here ]------------ [ 102.930367] WARNING: CPU: 1 PID: 908 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 102.931354] Modules linked in: [ 102.931666] CPU: 1 PID: 908 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.932532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.933600] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 102.934096] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 102.935872] RSP: 0018:ffff888012a8fb78 EFLAGS: 00010246 [ 102.936385] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 102.937062] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 102.937730] RBP: ffff888012a8fb98 R08: ffffed1002dec13e R09: ffffed1002dec13e [ 102.938397] R10: ffff888016f609ef R11: ffffed1002dec13d R12: ffff888016f60a90 [ 102.939085] R13: ffff888016f608a8 R14: ffffffffffffffff R15: ffff888012a8fc60 [ 102.939763] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.940523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.941137] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 102.941810] PKRU: 55555554 [ 102.942076] Call Trace: [ 102.942321] [ 102.942554] iommufd_ioas_destroy+0x53/0x70 [ 102.942975] iommufd_fops_release+0x1f7/0x370 [ 102.943422] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.943907] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.944378] ? write_comp_data+0x2f/0x90 [ 102.944776] ? __pfx_iommufd_fops_release+0x10/0x10 [ 102.945261] __fput+0x26d/0xa40 [ 102.945588] ____fput+0x1e/0x30 [ 102.945919] task_work_run+0x1a4/0x2d0 [ 102.946300] ? __pfx_task_work_run+0x10/0x10 [ 102.946754] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.947229] ? switch_task_namespaces+0xa9/0xe0 [ 102.947679] do_exit+0xb17/0x2ef0 [ 102.948007] ? lock_acquire+0x427/0x4c0 [ 102.948391] ? __pfx_lock_release+0x10/0x10 [ 102.948848] ? __kasan_check_write+0x18/0x20 [ 102.949309] ? do_raw_spin_lock+0x132/0x2a0 [ 102.949768] ? __pfx_do_exit+0x10/0x10 [ 102.950180] ? debug_smp_processor_id+0x20/0x30 [ 102.950850] ? rcu_is_watching+0x19/0xb0 [ 102.951499] ? _raw_spin_unlock_irq+0x2b/0x60 [ 102.951979] ? trace_hardirqs_on+0x26/0x120 [ 102.952442] do_group_exit+0xe0/0x2b0 [ 102.952841] __x64_sys_exit_group+0x47/0x50 [ 102.953297] do_syscall_64+0x3b/0x90 [ 102.953698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.954246] RIP: 0033:0x7f4b87518a4d [ 102.954774] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 102.955619] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 102.956600] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 102.957333] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 102.958063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 102.958826] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 102.959565] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 102.960331] [ 102.960614] irq event stamp: 0 [ 102.961034] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 102.961906] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 102.962834] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 102.963695] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 102.964337] ---[ end trace 0000000000000000 ]--- [ 102.968596] ------------[ cut here ]------------ [ 102.969275] WARNING: CPU: 1 PID: 909 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 102.970627] Modules linked in: [ 102.970948] CPU: 1 PID: 909 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 102.971824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 102.973033] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 102.973685] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 102.976015] RSP: 0018:ffff8880184c7bb8 EFLAGS: 00010246 [ 102.976555] RAX: 0000000000000000 RBX: ffff88801804f0a8 RCX: 0000000000000000 [ 102.977281] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 102.978005] RBP: ffff8880184c7bd0 R08: ffffed1003009e33 R09: ffffed1003009e33 [ 102.978959] R10: ffff88801804f193 R11: ffffed1003009e32 R12: ffff8880183dbc00 [ 102.980016] R13: ffff88801804f1e8 R14: ffffffff8352e670 R15: ffff8880184c7e68 [ 102.980743] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 102.981559] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.982155] CR2: 00007f4b877410e8 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 102.982919] PKRU: 55555554 [ 102.983230] Call Trace: [ 102.983512] [ 102.983809] __iommufd_access_detach+0x1c2/0x2b0 [ 102.984457] iommufd_access_change_pt+0x149/0x270 [ 102.984936] iommufd_access_replace+0xb4/0x120 [ 102.985379] iommufd_test+0x3e5/0x37e0 [ 102.985738] ? lock_release+0x532/0x770 [ 102.986119] ? __might_fault+0x102/0x1b0 [ 102.986527] ? lock_acquire+0x427/0x4c0 [ 102.987010] ? __pfx_iommufd_test+0x10/0x10 [ 102.987510] ? __pfx_lock_release+0x10/0x10 [ 102.987919] ? __pfx_lock_acquire+0x10/0x10 [ 102.988330] ? write_comp_data+0x2f/0x90 [ 102.988717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 102.989174] ? write_comp_data+0x2f/0x90 [ 102.989560] iommufd_fops_ioctl+0x37d/0x510 [ 102.989964] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.990482] ? write_comp_data+0x2f/0x90 [ 102.991005] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 102.991468] __x64_sys_ioctl+0x1a3/0x230 [ 102.991859] do_syscall_64+0x3b/0x90 [ 102.992221] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 102.992711] RIP: 0033:0x7f4b8743ee5d [ 102.993058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 102.994967] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 102.995682] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 102.996345] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 102.997004] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 102.997771] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 102.998539] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 102.999214] [ 102.999436] irq event stamp: 0 [ 102.999730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.000309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.001146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.002153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.002760] ---[ end trace 0000000000000000 ]--- [ 103.005950] ------------[ cut here ]------------ [ 103.006421] WARNING: CPU: 1 PID: 909 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.007382] Modules linked in: [ 103.007674] CPU: 1 PID: 909 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.008683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.009816] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.010266] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.012038] RSP: 0018:ffff8880184c7bd0 EFLAGS: 00010246 [ 103.012659] RAX: 0000000000000000 RBX: ffff88801804f0a8 RCX: 0000000000000000 [ 103.013301] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 103.013940] RBP: ffff8880184c7be8 R08: ffffed1003009e33 R09: ffffed1003009e33 [ 103.014608] R10: ffff88801804f193 R11: ffffed1003009e32 R12: ffff88800ae91800 [ 103.015287] R13: ffff88801804f1e8 R14: ffff88800b95f200 R15: 0000000000000000 [ 103.016069] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 103.016922] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.017446] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 103.018107] PKRU: 55555554 [ 103.018355] Call Trace: [ 103.018602] [ 103.018860] iommufd_access_destroy_object+0x65/0x170 [ 103.019417] iommufd_object_destroy_user+0x18e/0x220 [ 103.019858] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.020362] iommufd_access_destroy+0x43/0x70 [ 103.020763] iommufd_test_staccess_release+0x8d/0xd0 [ 103.021209] __fput+0x26d/0xa40 [ 103.021513] ____fput+0x1e/0x30 [ 103.021809] task_work_run+0x1a4/0x2d0 [ 103.022246] ? __pfx_task_work_run+0x10/0x10 [ 103.022726] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.023171] ? switch_task_namespaces+0xa9/0xe0 [ 103.023586] do_exit+0xb17/0x2ef0 [ 103.023890] ? lock_acquire+0x427/0x4c0 [ 103.024244] ? __pfx_lock_release+0x10/0x10 [ 103.024622] ? __kasan_check_write+0x18/0x20 [ 103.025014] ? do_raw_spin_lock+0x132/0x2a0 [ 103.025456] ? __pfx_do_exit+0x10/0x10 [ 103.025861] ? debug_smp_processor_id+0x20/0x30 [ 103.026277] ? rcu_is_watching+0x19/0xb0 [ 103.026664] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.027058] ? trace_hardirqs_on+0x26/0x120 [ 103.027446] do_group_exit+0xe0/0x2b0 [ 103.027777] __x64_sys_exit_group+0x47/0x50 [ 103.028148] do_syscall_64+0x3b/0x90 [ 103.028482] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.029034] RIP: 0033:0x7f4b87518a4d [ 103.029438] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.029965] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.030637] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.031256] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.031882] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.032634] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.033242] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.033859] [ 103.034062] irq event stamp: 0 [ 103.034339] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.035052] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.035785] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.036494] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.037100] ---[ end trace 0000000000000000 ]--- [ 103.038023] ------------[ cut here ]------------ [ 103.038426] WARNING: CPU: 1 PID: 909 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.039374] Modules linked in: [ 103.039656] CPU: 1 PID: 909 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.040397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.041504] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.041948] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.043555] RSP: 0018:ffff8880184c7b78 EFLAGS: 00010246 [ 103.044073] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.044786] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 103.045395] RBP: ffff8880184c7b98 R08: ffffed1003009e3e R09: ffffed1003009e3e [ 103.046134] R10: ffff88801804f1ef R11: ffffed1003009e3d R12: ffff88801804f290 [ 103.046770] R13: ffff88801804f0a8 R14: ffffffffffffffff R15: ffff8880184c7c60 [ 103.047416] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 103.048215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.048712] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 103.049455] PKRU: 55555554 [ 103.049700] Call Trace: [ 103.049920] [ 103.050115] iommufd_ioas_destroy+0x53/0x70 [ 103.050500] iommufd_fops_release+0x1f7/0x370 [ 103.051050] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.051514] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.051947] ? write_comp_data+0x2f/0x90 [ 103.052308] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.052818] __fput+0x26d/0xa40 [ 103.053174] ____fput+0x1e/0x30 [ 103.053469] task_work_run+0x1a4/0x2d0 [ 103.053819] ? __pfx_task_work_run+0x10/0x10 [ 103.054223] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.054770] ? switch_task_namespaces+0xa9/0xe0 [ 103.055198] do_exit+0xb17/0x2ef0 [ 103.055502] ? lock_acquire+0x427/0x4c0 [ 103.055857] ? __pfx_lock_release+0x10/0x10 [ 103.056296] ? __kasan_check_write+0x18/0x20 [ 103.056745] ? do_raw_spin_lock+0x132/0x2a0 [ 103.057133] ? __pfx_do_exit+0x10/0x10 [ 103.057482] ? debug_smp_processor_id+0x20/0x30 [ 103.057961] ? rcu_is_watching+0x19/0xb0 [ 103.058368] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.058791] ? trace_hardirqs_on+0x26/0x120 [ 103.059184] do_group_exit+0xe0/0x2b0 [ 103.059513] __x64_sys_exit_group+0x47/0x50 [ 103.059953] do_syscall_64+0x3b/0x90 [ 103.060353] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.060807] RIP: 0033:0x7f4b87518a4d [ 103.061221] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.061881] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.062559] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.063187] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.063933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.064547] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.065443] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.066309] [ 103.066714] irq event stamp: 0 [ 103.067100] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.067869] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.068976] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.069971] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.070854] ---[ end trace 0000000000000000 ]--- [ 103.076543] ------------[ cut here ]------------ [ 103.077097] WARNING: CPU: 0 PID: 910 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.078113] Modules linked in: [ 103.078392] CPU: 0 PID: 910 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.079190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.080366] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.080805] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.082381] RSP: 0018:ffff888012a8fbb8 EFLAGS: 00010246 [ 103.082874] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 103.083509] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 103.084119] RBP: ffff888012a8fbd0 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 103.084725] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff888016632800 [ 103.085395] R13: ffff888011f621e8 R14: ffffffff8352e670 R15: ffff888012a8fe68 [ 103.086159] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.086886] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.087400] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ef0 [ 103.088019] PKRU: 55555554 [ 103.088356] Call Trace: [ 103.088583] [ 103.088862] __iommufd_access_detach+0x1c2/0x2b0 [ 103.089287] iommufd_access_change_pt+0x149/0x270 [ 103.089716] iommufd_access_replace+0xb4/0x120 [ 103.090119] iommufd_test+0x3e5/0x37e0 [ 103.090456] ? lock_release+0x532/0x770 [ 103.090873] ? __might_fault+0x102/0x1b0 [ 103.091241] ? lock_acquire+0x427/0x4c0 [ 103.091595] ? __pfx_iommufd_test+0x10/0x10 [ 103.091968] ? __pfx_lock_release+0x10/0x10 [ 103.092353] ? __pfx_lock_acquire+0x10/0x10 [ 103.092734] ? write_comp_data+0x2f/0x90 [ 103.093096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.093521] ? write_comp_data+0x2f/0x90 [ 103.093881] iommufd_fops_ioctl+0x37d/0x510 [ 103.094260] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.094727] ? write_comp_data+0x2f/0x90 [ 103.095094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.095524] __x64_sys_ioctl+0x1a3/0x230 [ 103.095886] do_syscall_64+0x3b/0x90 [ 103.096223] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.096676] RIP: 0033:0x7f4b8743ee5d [ 103.096996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.098832] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.099493] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.100105] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.100714] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.101418] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.102115] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.102756] [ 103.102958] irq event stamp: 0 [ 103.103236] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.103773] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.104500] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.105305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.105938] ---[ end trace 0000000000000000 ]--- [ 103.109559] ------------[ cut here ]------------ [ 103.109953] WARNING: CPU: 0 PID: 910 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.110791] Modules linked in: [ 103.111051] CPU: 0 PID: 910 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.111769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.112672] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.113073] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.114555] RSP: 0018:ffff888012a8fbd0 EFLAGS: 00010246 [ 103.114983] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 103.115558] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 103.116131] RBP: ffff888012a8fbe8 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 103.116707] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff888014390800 [ 103.117277] R13: ffff888011f621e8 R14: ffff88800fa7fd00 R15: 0000000000000000 [ 103.117845] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.118486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.118971] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.119553] PKRU: 55555554 [ 103.119787] Call Trace: [ 103.119996] [ 103.120185] iommufd_access_destroy_object+0x65/0x170 [ 103.120611] iommufd_object_destroy_user+0x18e/0x220 [ 103.121034] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.121513] iommufd_access_destroy+0x43/0x70 [ 103.121890] iommufd_test_staccess_release+0x8d/0xd0 [ 103.122314] __fput+0x26d/0xa40 [ 103.122624] ____fput+0x1e/0x30 [ 103.122911] task_work_run+0x1a4/0x2d0 [ 103.123245] ? __pfx_task_work_run+0x10/0x10 [ 103.123609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.124015] ? switch_task_namespaces+0xa9/0xe0 [ 103.124408] do_exit+0xb17/0x2ef0 [ 103.124697] ? lock_acquire+0x427/0x4c0 [ 103.125031] ? __pfx_lock_release+0x10/0x10 [ 103.125395] ? __kasan_check_write+0x18/0x20 [ 103.125766] ? do_raw_spin_lock+0x132/0x2a0 [ 103.126118] ? __pfx_do_exit+0x10/0x10 [ 103.126443] ? debug_smp_processor_id+0x20/0x30 [ 103.126850] ? rcu_is_watching+0x19/0xb0 [ 103.127197] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.127574] ? trace_hardirqs_on+0x26/0x120 [ 103.127936] do_group_exit+0xe0/0x2b0 [ 103.128248] __x64_sys_exit_group+0x47/0x50 [ 103.128597] do_syscall_64+0x3b/0x90 [ 103.128910] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.129333] RIP: 0033:0x7f4b87518a4d [ 103.129637] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.130135] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.130764] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.131346] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.131921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.132494] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.133068] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.133645] [ 103.133836] irq event stamp: 0 [ 103.134094] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.134622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.135305] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.135982] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.136490] ---[ end trace 0000000000000000 ]--- [ 103.137203] ------------[ cut here ]------------ [ 103.137590] WARNING: CPU: 0 PID: 910 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.138408] Modules linked in: [ 103.138695] CPU: 0 PID: 910 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.139413] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.140316] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.140734] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.142204] RSP: 0018:ffff888012a8fb78 EFLAGS: 00010246 [ 103.142659] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.143253] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 103.143830] RBP: ffff888012a8fb98 R08: ffffed10023ec43e R09: ffffed10023ec43e [ 103.144409] R10: ffff888011f621ef R11: ffffed10023ec43d R12: ffff888011f62290 [ 103.144979] R13: ffff888011f620a8 R14: ffffffffffffffff R15: ffff888012a8fc60 [ 103.145551] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.146197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.146684] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.147265] PKRU: 55555554 [ 103.147496] Call Trace: [ 103.147707] [ 103.147891] iommufd_ioas_destroy+0x53/0x70 [ 103.148248] iommufd_fops_release+0x1f7/0x370 [ 103.148617] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.149026] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.149427] ? write_comp_data+0x2f/0x90 [ 103.149766] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.150172] __fput+0x26d/0xa40 [ 103.150454] ____fput+0x1e/0x30 [ 103.150751] task_work_run+0x1a4/0x2d0 [ 103.151082] ? __pfx_task_work_run+0x10/0x10 [ 103.151457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.151867] ? switch_task_namespaces+0xa9/0xe0 [ 103.152256] do_exit+0xb17/0x2ef0 [ 103.152538] ? lock_acquire+0x427/0x4c0 [ 103.152870] ? __pfx_lock_release+0x10/0x10 [ 103.153225] ? __kasan_check_write+0x18/0x20 [ 103.153584] ? do_raw_spin_lock+0x132/0x2a0 [ 103.153935] ? __pfx_do_exit+0x10/0x10 [ 103.154261] ? debug_smp_processor_id+0x20/0x30 [ 103.154680] ? rcu_is_watching+0x19/0xb0 [ 103.155016] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.155397] ? trace_hardirqs_on+0x26/0x120 [ 103.155757] do_group_exit+0xe0/0x2b0 [ 103.156074] __x64_sys_exit_group+0x47/0x50 [ 103.156427] do_syscall_64+0x3b/0x90 [ 103.156741] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.157167] RIP: 0033:0x7f4b87518a4d [ 103.157470] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.157965] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.158603] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.159191] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.159769] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.160339] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.160903] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.161470] [ 103.161657] irq event stamp: 0 [ 103.161905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.162394] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.163071] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.163734] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.164233] ---[ end trace 0000000000000000 ]--- [ 103.168138] ------------[ cut here ]------------ [ 103.168537] WARNING: CPU: 0 PID: 911 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.169324] Modules linked in: [ 103.169575] CPU: 0 PID: 911 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.170249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.171166] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.171561] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.172974] RSP: 0018:ffff888020d6fbb8 EFLAGS: 00010246 [ 103.173387] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 103.173945] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 103.174523] RBP: ffff888020d6fbd0 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 103.175077] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff888021bc7c00 [ 103.175628] R13: ffff8880158789e8 R14: ffffffff8352e670 R15: ffff888020d6fe68 [ 103.176171] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.176782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.177224] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ef0 [ 103.177771] PKRU: 55555554 [ 103.177989] Call Trace: [ 103.178185] [ 103.178358] __iommufd_access_detach+0x1c2/0x2b0 [ 103.178753] iommufd_access_change_pt+0x149/0x270 [ 103.179138] iommufd_access_replace+0xb4/0x120 [ 103.179506] iommufd_test+0x3e5/0x37e0 [ 103.179809] ? lock_release+0x532/0x770 [ 103.180124] ? __might_fault+0x102/0x1b0 [ 103.180443] ? lock_acquire+0x427/0x4c0 [ 103.180762] ? __pfx_iommufd_test+0x10/0x10 [ 103.181091] ? __pfx_lock_release+0x10/0x10 [ 103.181427] ? __pfx_lock_acquire+0x10/0x10 [ 103.181772] ? write_comp_data+0x2f/0x90 [ 103.182092] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.182470] ? write_comp_data+0x2f/0x90 [ 103.182809] iommufd_fops_ioctl+0x37d/0x510 [ 103.183156] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.183544] ? write_comp_data+0x2f/0x90 [ 103.183871] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.184249] __x64_sys_ioctl+0x1a3/0x230 [ 103.184580] do_syscall_64+0x3b/0x90 [ 103.184881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.185288] RIP: 0033:0x7f4b8743ee5d [ 103.185577] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.186992] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.187590] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.188136] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.188679] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.189221] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.189763] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.190314] [ 103.190494] irq event stamp: 0 [ 103.190754] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.191250] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.191891] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.192535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.193018] ---[ end trace 0000000000000000 ]--- [ 103.195723] ------------[ cut here ]------------ [ 103.196118] WARNING: CPU: 0 PID: 911 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.196886] Modules linked in: [ 103.197135] CPU: 0 PID: 911 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.197799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.198677] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.199061] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.200459] RSP: 0018:ffff888020d6fbd0 EFLAGS: 00010246 [ 103.200865] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 103.201406] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 103.201948] RBP: ffff888020d6fbe8 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 103.202490] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff888016633c00 [ 103.203049] R13: ffff8880158789e8 R14: ffff88800af2bd00 R15: 0000000000000000 [ 103.203604] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.204219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.204661] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.205207] PKRU: 55555554 [ 103.205428] Call Trace: [ 103.205626] [ 103.205801] iommufd_access_destroy_object+0x65/0x170 [ 103.206200] iommufd_object_destroy_user+0x18e/0x220 [ 103.206616] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.207072] iommufd_access_destroy+0x43/0x70 [ 103.207439] iommufd_test_staccess_release+0x8d/0xd0 [ 103.207847] __fput+0x26d/0xa40 [ 103.208124] ____fput+0x1e/0x30 [ 103.208438] task_work_run+0x1a4/0x2d0 [ 103.208897] ? __pfx_task_work_run+0x10/0x10 [ 103.209261] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.209647] ? switch_task_namespaces+0xa9/0xe0 [ 103.210161] do_exit+0xb17/0x2ef0 [ 103.210442] ? lock_acquire+0x427/0x4c0 [ 103.210781] ? __pfx_lock_release+0x10/0x10 [ 103.211132] ? __kasan_check_write+0x18/0x20 [ 103.211657] ? do_raw_spin_lock+0x132/0x2a0 [ 103.212004] ? __pfx_do_exit+0x10/0x10 [ 103.212317] ? debug_smp_processor_id+0x20/0x30 [ 103.212682] ? rcu_is_watching+0x19/0xb0 [ 103.212998] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.213502] ? trace_hardirqs_on+0x26/0x120 [ 103.213848] do_group_exit+0xe0/0x2b0 [ 103.214146] __x64_sys_exit_group+0x47/0x50 [ 103.214671] do_syscall_64+0x3b/0x90 [ 103.214970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.215385] RIP: 0033:0x7f4b87518a4d [ 103.215676] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.216304] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.216889] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.217580] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.218127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.218856] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.219417] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.219971] [ 103.220167] irq event stamp: 0 [ 103.220568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.221062] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.221888] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.222555] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.223043] ---[ end trace 0000000000000000 ]--- [ 103.223923] ------------[ cut here ]------------ [ 103.224294] WARNING: CPU: 0 PID: 911 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.225252] Modules linked in: [ 103.225509] CPU: 0 PID: 911 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.226311] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.227439] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.228044] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.230036] RSP: 0018:ffff888020d6fb78 EFLAGS: 00010246 [ 103.230673] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.231496] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 103.232287] RBP: ffff888020d6fb98 R08: ffffed1002b0f13e R09: ffffed1002b0f13e [ 103.233078] R10: ffff8880158789ef R11: ffffed1002b0f13d R12: ffff888015878a90 [ 103.233862] R13: ffff8880158788a8 R14: ffffffffffffffff R15: ffff888020d6fc60 [ 103.234687] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.235598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.236246] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 103.237037] PKRU: 55555554 [ 103.237361] Call Trace: [ 103.237653] [ 103.237917] iommufd_ioas_destroy+0x53/0x70 [ 103.238411] iommufd_fops_release+0x1f7/0x370 [ 103.238969] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.239550] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.240107] ? write_comp_data+0x2f/0x90 [ 103.240581] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.241144] __fput+0x26d/0xa40 [ 103.241541] ____fput+0x1e/0x30 [ 103.241928] task_work_run+0x1a4/0x2d0 [ 103.242380] ? __pfx_task_work_run+0x10/0x10 [ 103.242920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.243492] ? switch_task_namespaces+0xa9/0xe0 [ 103.244035] do_exit+0xb17/0x2ef0 [ 103.244430] ? lock_acquire+0x427/0x4c0 [ 103.244892] ? __pfx_lock_release+0x10/0x10 [ 103.245388] ? __kasan_check_write+0x18/0x20 [ 103.245891] ? do_raw_spin_lock+0x132/0x2a0 [ 103.246378] ? __pfx_do_exit+0x10/0x10 [ 103.246864] ? debug_smp_processor_id+0x20/0x30 [ 103.247410] ? rcu_is_watching+0x19/0xb0 [ 103.247874] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.248389] ? trace_hardirqs_on+0x26/0x120 [ 103.248883] do_group_exit+0xe0/0x2b0 [ 103.249316] __x64_sys_exit_group+0x47/0x50 [ 103.249799] do_syscall_64+0x3b/0x90 [ 103.250230] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.250853] RIP: 0033:0x7f4b87518a4d [ 103.251284] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.251943] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.252755] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.253518] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.254280] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.255074] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.255847] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.256622] [ 103.256880] irq event stamp: 0 [ 103.257223] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.257898] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.258826] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.259736] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.260415] ---[ end trace 0000000000000000 ]--- [ 103.267944] ------------[ cut here ]------------ [ 103.268564] WARNING: CPU: 0 PID: 912 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.269802] Modules linked in: [ 103.270298] CPU: 0 PID: 912 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.271505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.272712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.273252] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.275271] RSP: 0018:ffff888012a8fbb8 EFLAGS: 00010246 [ 103.275702] RAX: 0000000000000000 RBX: ffff888010c5b8a8 RCX: 0000000000000000 [ 103.276253] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 103.276803] RBP: ffff888012a8fbd0 R08: ffffed100218b733 R09: ffffed100218b733 [ 103.277353] R10: ffff888010c5b993 R11: ffffed100218b732 R12: ffff88800fd3fc00 [ 103.277902] R13: ffff888010c5b9e8 R14: ffffffff8352e670 R15: ffff888012a8fe68 [ 103.278452] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.279094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.279558] CR2: 00007f4b877410e8 CR3: 00000000182ec000 CR4: 0000000000750ef0 [ 103.280117] PKRU: 55555554 [ 103.280341] Call Trace: [ 103.280545] [ 103.280726] __iommufd_access_detach+0x1c2/0x2b0 [ 103.281117] iommufd_access_change_pt+0x149/0x270 [ 103.281510] iommufd_access_replace+0xb4/0x120 [ 103.281879] iommufd_test+0x3e5/0x37e0 [ 103.282187] ? lock_release+0x532/0x770 [ 103.282527] ? __might_fault+0x102/0x1b0 [ 103.282856] ? lock_acquire+0x427/0x4c0 [ 103.283185] ? __pfx_iommufd_test+0x10/0x10 [ 103.283523] ? __pfx_lock_release+0x10/0x10 [ 103.283870] ? __pfx_lock_acquire+0x10/0x10 [ 103.284217] ? write_comp_data+0x2f/0x90 [ 103.284546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.284931] ? write_comp_data+0x2f/0x90 [ 103.285259] iommufd_fops_ioctl+0x37d/0x510 [ 103.285603] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.285989] ? write_comp_data+0x2f/0x90 [ 103.286321] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.286723] __x64_sys_ioctl+0x1a3/0x230 [ 103.287056] do_syscall_64+0x3b/0x90 [ 103.287370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.287785] RIP: 0033:0x7f4b8743ee5d [ 103.288077] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.289496] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.290093] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.290677] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.291259] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.291820] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.292376] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.292942] [ 103.293128] irq event stamp: 0 [ 103.293375] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.293870] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.294545] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.295204] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.295696] ---[ end trace 0000000000000000 ]--- [ 103.298892] ------------[ cut here ]------------ [ 103.299294] WARNING: CPU: 0 PID: 912 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.300349] Modules linked in: [ 103.300606] CPU: 0 PID: 912 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.301419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.302310] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.302899] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.304483] RSP: 0018:ffff888012a8fbd0 EFLAGS: 00010246 [ 103.304897] RAX: 0000000000000000 RBX: ffff888010c5b8a8 RCX: 0000000000000000 [ 103.305509] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 103.306148] RBP: ffff888012a8fbe8 R08: ffffed100218b733 R09: ffffed100218b733 [ 103.306751] R10: ffff888010c5b993 R11: ffffed100218b732 R12: ffff888021bc5400 [ 103.307415] R13: ffff888010c5b9e8 R14: ffff88800f8ad500 R15: 0000000000000000 [ 103.307969] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.308749] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.309209] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.310068] PKRU: 55555554 [ 103.310400] Call Trace: [ 103.310749] [ 103.311016] iommufd_access_destroy_object+0x65/0x170 [ 103.311821] iommufd_object_destroy_user+0x18e/0x220 [ 103.312404] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.313239] iommufd_access_destroy+0x43/0x70 [ 103.313764] iommufd_test_staccess_release+0x8d/0xd0 [ 103.314549] __fput+0x26d/0xa40 [ 103.314953] ____fput+0x1e/0x30 [ 103.315358] task_work_run+0x1a4/0x2d0 [ 103.315982] ? __pfx_task_work_run+0x10/0x10 [ 103.316493] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.317233] ? switch_task_namespaces+0xa9/0xe0 [ 103.317775] do_exit+0xb17/0x2ef0 [ 103.318169] ? lock_acquire+0x427/0x4c0 [ 103.318677] ? __pfx_lock_release+0x10/0x10 [ 103.319251] ? __kasan_check_write+0x18/0x20 [ 103.319626] ? do_raw_spin_lock+0x132/0x2a0 [ 103.319964] ? __pfx_do_exit+0x10/0x10 [ 103.320282] ? debug_smp_processor_id+0x20/0x30 [ 103.320647] ? rcu_is_watching+0x19/0xb0 [ 103.320965] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.321330] ? trace_hardirqs_on+0x26/0x120 [ 103.321672] do_group_exit+0xe0/0x2b0 [ 103.321970] __x64_sys_exit_group+0x47/0x50 [ 103.322304] do_syscall_64+0x3b/0x90 [ 103.322632] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.323046] RIP: 0033:0x7f4b87518a4d [ 103.323341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.323817] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.324404] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.324957] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.325509] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.326060] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.326632] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.327199] [ 103.327385] irq event stamp: 0 [ 103.327632] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.328118] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.328761] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.329401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.329885] ---[ end trace 0000000000000000 ]--- [ 103.330595] ------------[ cut here ]------------ [ 103.330962] WARNING: CPU: 0 PID: 912 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.331756] Modules linked in: [ 103.332003] CPU: 0 PID: 912 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.332665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.333525] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.333921] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.335471] RSP: 0018:ffff888012a8fb78 EFLAGS: 00010246 [ 103.335891] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.336438] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 103.336982] RBP: ffff888012a8fb98 R08: ffffed100218b73e R09: ffffed100218b73e [ 103.337532] R10: ffff888010c5b9ef R11: ffffed100218b73d R12: ffff888010c5ba90 [ 103.338088] R13: ffff888010c5b8a8 R14: ffffffffffffffff R15: ffff888012a8fc60 [ 103.338650] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.339281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.339725] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.340281] PKRU: 55555554 [ 103.340501] Call Trace: [ 103.340699] [ 103.340873] iommufd_ioas_destroy+0x53/0x70 [ 103.341211] iommufd_fops_release+0x1f7/0x370 [ 103.341565] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.341955] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.342338] ? write_comp_data+0x2f/0x90 [ 103.342682] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.343071] __fput+0x26d/0xa40 [ 103.343351] ____fput+0x1e/0x30 [ 103.343618] task_work_run+0x1a4/0x2d0 [ 103.343927] ? __pfx_task_work_run+0x10/0x10 [ 103.344273] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.344653] ? switch_task_namespaces+0xa9/0xe0 [ 103.345021] do_exit+0xb17/0x2ef0 [ 103.345292] ? lock_acquire+0x427/0x4c0 [ 103.345610] ? __pfx_lock_release+0x10/0x10 [ 103.345951] ? __kasan_check_write+0x18/0x20 [ 103.346295] ? do_raw_spin_lock+0x132/0x2a0 [ 103.346651] ? __pfx_do_exit+0x10/0x10 [ 103.346960] ? debug_smp_processor_id+0x20/0x30 [ 103.347331] ? rcu_is_watching+0x19/0xb0 [ 103.347651] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.348006] ? trace_hardirqs_on+0x26/0x120 [ 103.348346] do_group_exit+0xe0/0x2b0 [ 103.348641] __x64_sys_exit_group+0x47/0x50 [ 103.348973] do_syscall_64+0x3b/0x90 [ 103.349270] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.349675] RIP: 0033:0x7f4b87518a4d [ 103.349964] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.350441] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.351046] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.351603] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.352152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.352699] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.353251] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.353808] [ 103.353989] irq event stamp: 0 [ 103.354234] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.354738] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.355391] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.356034] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.356520] ---[ end trace 0000000000000000 ]--- [ 103.360089] ------------[ cut here ]------------ [ 103.360476] WARNING: CPU: 0 PID: 913 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.361246] Modules linked in: [ 103.361496] CPU: 0 PID: 913 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.362161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.363100] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.363494] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.364894] RSP: 0018:ffff8880160bfbb8 EFLAGS: 00010246 [ 103.365300] RAX: 0000000000000000 RBX: ffff8880181708a8 RCX: 0000000000000000 [ 103.365854] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 103.366396] RBP: ffff8880160bfbd0 R08: ffffed100302e133 R09: ffffed100302e133 [ 103.366956] R10: ffff888018170993 R11: ffffed100302e132 R12: ffff8880129c7000 [ 103.367515] R13: ffff8880181709e8 R14: ffffffff8352e670 R15: ffff8880160bfe68 [ 103.368072] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.368696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.369148] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 103.369715] PKRU: 55555554 [ 103.369938] Call Trace: [ 103.370138] [ 103.370313] __iommufd_access_detach+0x1c2/0x2b0 [ 103.370721] iommufd_access_change_pt+0x149/0x270 [ 103.371118] iommufd_access_replace+0xb4/0x120 [ 103.371486] iommufd_test+0x3e5/0x37e0 [ 103.371791] ? lock_release+0x532/0x770 [ 103.372117] ? __might_fault+0x102/0x1b0 [ 103.372442] ? lock_acquire+0x427/0x4c0 [ 103.372766] ? __pfx_iommufd_test+0x10/0x10 [ 103.373106] ? __pfx_lock_release+0x10/0x10 [ 103.373451] ? __pfx_lock_acquire+0x10/0x10 [ 103.373795] ? write_comp_data+0x2f/0x90 [ 103.374122] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.374535] ? write_comp_data+0x2f/0x90 [ 103.374864] iommufd_fops_ioctl+0x37d/0x510 [ 103.375218] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.375606] ? write_comp_data+0x2f/0x90 [ 103.375934] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.376315] __x64_sys_ioctl+0x1a3/0x230 [ 103.376645] do_syscall_64+0x3b/0x90 [ 103.376945] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.377356] RIP: 0033:0x7f4b8743ee5d [ 103.377649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.379089] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.379691] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.380237] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.380787] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.381331] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.381873] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.382422] [ 103.382619] irq event stamp: 0 [ 103.382863] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.383357] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.383999] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.384638] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.385121] ---[ end trace 0000000000000000 ]--- [ 103.387831] ------------[ cut here ]------------ [ 103.388210] WARNING: CPU: 0 PID: 913 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.388979] Modules linked in: [ 103.389227] CPU: 0 PID: 913 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.389891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.390801] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.391191] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.392609] RSP: 0018:ffff8880160bfbd0 EFLAGS: 00010246 [ 103.393017] RAX: 0000000000000000 RBX: ffff8880181708a8 RCX: 0000000000000000 [ 103.393560] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 103.394102] RBP: ffff8880160bfbe8 R08: ffffed100302e133 R09: ffffed100302e133 [ 103.394664] R10: ffff888018170993 R11: ffffed100302e132 R12: ffff88800fd3d400 [ 103.395217] R13: ffff8880181709e8 R14: ffff8880181b2b00 R15: 0000000000000000 [ 103.395766] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.396373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.396811] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.397343] PKRU: 55555554 [ 103.397554] Call Trace: [ 103.397746] [ 103.397916] iommufd_access_destroy_object+0x65/0x170 [ 103.398310] iommufd_object_destroy_user+0x18e/0x220 [ 103.398720] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.399167] iommufd_access_destroy+0x43/0x70 [ 103.399519] iommufd_test_staccess_release+0x8d/0xd0 [ 103.399907] __fput+0x26d/0xa40 [ 103.400169] ____fput+0x1e/0x30 [ 103.400425] task_work_run+0x1a4/0x2d0 [ 103.400728] ? __pfx_task_work_run+0x10/0x10 [ 103.401067] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.401441] ? switch_task_namespaces+0xa9/0xe0 [ 103.401803] do_exit+0xb17/0x2ef0 [ 103.402067] ? lock_acquire+0x427/0x4c0 [ 103.402376] ? __pfx_lock_release+0x10/0x10 [ 103.402725] ? __kasan_check_write+0x18/0x20 [ 103.403066] ? do_raw_spin_lock+0x132/0x2a0 [ 103.403406] ? __pfx_do_exit+0x10/0x10 [ 103.403714] ? debug_smp_processor_id+0x20/0x30 [ 103.404071] ? rcu_is_watching+0x19/0xb0 [ 103.404390] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.404743] ? trace_hardirqs_on+0x26/0x120 [ 103.405078] do_group_exit+0xe0/0x2b0 [ 103.405368] __x64_sys_exit_group+0x47/0x50 [ 103.405695] do_syscall_64+0x3b/0x90 [ 103.405988] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.406385] RIP: 0033:0x7f4b87518a4d [ 103.406687] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.407162] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.407736] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.408272] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.408812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.409343] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.409880] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.410421] [ 103.410616] irq event stamp: 0 [ 103.410856] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.411343] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.411976] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.412603] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.413076] ---[ end trace 0000000000000000 ]--- [ 103.413742] ------------[ cut here ]------------ [ 103.414097] WARNING: CPU: 0 PID: 913 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.414875] Modules linked in: [ 103.415135] CPU: 0 PID: 913 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.415793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.416637] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.417026] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.418390] RSP: 0018:ffff8880160bfb78 EFLAGS: 00010246 [ 103.418806] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.419346] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 103.419885] RBP: ffff8880160bfb98 R08: ffffed100302e13e R09: ffffed100302e13e [ 103.420418] R10: ffff8880181709ef R11: ffffed100302e13d R12: ffff888018170a90 [ 103.420953] R13: ffff8880181708a8 R14: ffffffffffffffff R15: ffff8880160bfc60 [ 103.421492] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.422096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.422559] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.423098] PKRU: 55555554 [ 103.423319] Call Trace: [ 103.423513] [ 103.423685] iommufd_ioas_destroy+0x53/0x70 [ 103.424015] iommufd_fops_release+0x1f7/0x370 [ 103.424360] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.424742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.425115] ? write_comp_data+0x2f/0x90 [ 103.425432] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.425811] __fput+0x26d/0xa40 [ 103.426076] ____fput+0x1e/0x30 [ 103.426341] task_work_run+0x1a4/0x2d0 [ 103.426665] ? __pfx_task_work_run+0x10/0x10 [ 103.427012] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.427392] ? switch_task_namespaces+0xa9/0xe0 [ 103.427754] do_exit+0xb17/0x2ef0 [ 103.428024] ? lock_acquire+0x427/0x4c0 [ 103.428334] ? __pfx_lock_release+0x10/0x10 [ 103.428668] ? __kasan_check_write+0x18/0x20 [ 103.429006] ? do_raw_spin_lock+0x132/0x2a0 [ 103.429333] ? __pfx_do_exit+0x10/0x10 [ 103.429635] ? debug_smp_processor_id+0x20/0x30 [ 103.429989] ? rcu_is_watching+0x19/0xb0 [ 103.430298] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.430666] ? trace_hardirqs_on+0x26/0x120 [ 103.431006] do_group_exit+0xe0/0x2b0 [ 103.431302] __x64_sys_exit_group+0x47/0x50 [ 103.431629] do_syscall_64+0x3b/0x90 [ 103.431917] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.432313] RIP: 0033:0x7f4b87518a4d [ 103.432593] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.433054] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.433621] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.434154] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.434701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.435240] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.435782] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.436322] [ 103.436499] irq event stamp: 0 [ 103.436739] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.437210] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.437841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.438471] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.438971] ---[ end trace 0000000000000000 ]--- [ 103.442571] ------------[ cut here ]------------ [ 103.442957] WARNING: CPU: 0 PID: 914 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.443724] Modules linked in: [ 103.443966] CPU: 0 PID: 914 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.444612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.445449] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.445819] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.447231] RSP: 0018:ffff888016d67bb8 EFLAGS: 00010246 [ 103.447624] RAX: 0000000000000000 RBX: ffff8880140b20a8 RCX: 0000000000000000 [ 103.448144] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 103.448673] RBP: ffff888016d67bd0 R08: ffffed1002816433 R09: ffffed1002816433 [ 103.449194] R10: ffff8880140b2193 R11: ffffed1002816432 R12: ffff88801341cc00 [ 103.449715] R13: ffff8880140b21e8 R14: ffffffff8352e670 R15: ffff888016d67e68 [ 103.450239] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.450842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.451280] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ef0 [ 103.451807] PKRU: 55555554 [ 103.452020] Call Trace: [ 103.452208] [ 103.452377] __iommufd_access_detach+0x1c2/0x2b0 [ 103.452745] iommufd_access_change_pt+0x149/0x270 [ 103.453112] iommufd_access_replace+0xb4/0x120 [ 103.453461] iommufd_test+0x3e5/0x37e0 [ 103.453752] ? lock_release+0x532/0x770 [ 103.454057] ? __might_fault+0x102/0x1b0 [ 103.454367] ? lock_acquire+0x427/0x4c0 [ 103.454691] ? __pfx_iommufd_test+0x10/0x10 [ 103.455018] ? __pfx_lock_release+0x10/0x10 [ 103.455352] ? __pfx_lock_acquire+0x10/0x10 [ 103.455685] ? write_comp_data+0x2f/0x90 [ 103.455999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.456366] ? write_comp_data+0x2f/0x90 [ 103.456678] iommufd_fops_ioctl+0x37d/0x510 [ 103.457004] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.457369] ? write_comp_data+0x2f/0x90 [ 103.457682] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.458043] __x64_sys_ioctl+0x1a3/0x230 [ 103.458356] do_syscall_64+0x3b/0x90 [ 103.458658] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.459054] RIP: 0033:0x7f4b8743ee5d [ 103.459339] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.460692] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.461259] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.461784] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.462308] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.462852] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.463385] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.463920] [ 103.464098] irq event stamp: 0 [ 103.464335] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.465414] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.466691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.467947] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.468923] ---[ end trace 0000000000000000 ]--- [ 103.473457] ------------[ cut here ]------------ [ 103.473988] WARNING: CPU: 0 PID: 914 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.475408] Modules linked in: [ 103.475686] CPU: 0 PID: 914 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.476825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.478158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.478876] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.480970] RSP: 0018:ffff888016d67bd0 EFLAGS: 00010246 [ 103.481687] RAX: 0000000000000000 RBX: ffff8880140b20a8 RCX: 0000000000000000 [ 103.482607] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 103.483377] RBP: ffff888016d67be8 R08: ffffed1002816433 R09: ffffed1002816433 [ 103.484294] R10: ffff8880140b2193 R11: ffffed1002816432 R12: ffff8880129c7400 [ 103.485056] R13: ffff8880140b21e8 R14: ffff8880181b8300 R15: 0000000000000000 [ 103.485949] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.486970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.487622] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.488561] PKRU: 55555554 [ 103.488880] Call Trace: [ 103.489166] [ 103.489454] iommufd_access_destroy_object+0x65/0x170 [ 103.490109] iommufd_object_destroy_user+0x18e/0x220 [ 103.490853] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.491503] iommufd_access_destroy+0x43/0x70 [ 103.492021] iommufd_test_staccess_release+0x8d/0xd0 [ 103.492741] __fput+0x26d/0xa40 [ 103.493135] ____fput+0x1e/0x30 [ 103.493563] task_work_run+0x1a4/0x2d0 [ 103.494087] ? __pfx_task_work_run+0x10/0x10 [ 103.494625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.495282] ? switch_task_namespaces+0xa9/0xe0 [ 103.495818] do_exit+0xb17/0x2ef0 [ 103.496257] ? lock_acquire+0x427/0x4c0 [ 103.496810] ? __pfx_lock_release+0x10/0x10 [ 103.497304] ? __kasan_check_write+0x18/0x20 [ 103.497946] ? do_raw_spin_lock+0x132/0x2a0 [ 103.498439] ? __pfx_do_exit+0x10/0x10 [ 103.499075] ? debug_smp_processor_id+0x20/0x30 [ 103.499618] ? rcu_is_watching+0x19/0xb0 [ 103.500081] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.500600] ? trace_hardirqs_on+0x26/0x120 [ 103.501095] do_group_exit+0xe0/0x2b0 [ 103.501530] __x64_sys_exit_group+0x47/0x50 [ 103.502015] do_syscall_64+0x3b/0x90 [ 103.502450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.503077] RIP: 0033:0x7f4b87518a4d [ 103.503515] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.504198] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.505045] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.505838] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.506660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.507405] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.507967] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.508526] [ 103.508708] irq event stamp: 0 [ 103.508953] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.509442] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.510089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.510775] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.511272] ---[ end trace 0000000000000000 ]--- [ 103.512029] ------------[ cut here ]------------ [ 103.512617] WARNING: CPU: 0 PID: 914 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.513475] Modules linked in: [ 103.514039] CPU: 0 PID: 914 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.514757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.515785] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.516189] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.517732] RSP: 0018:ffff888016d67b78 EFLAGS: 00010246 [ 103.518453] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.519305] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 103.520263] RBP: ffff888016d67b98 R08: ffffed100281643e R09: ffffed100281643e [ 103.521205] R10: ffff8880140b21ef R11: ffffed100281643d R12: ffff8880140b2290 [ 103.522017] R13: ffff8880140b20a8 R14: ffffffffffffffff R15: ffff888016d67c60 [ 103.522953] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.524150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.525154] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.525995] PKRU: 55555554 [ 103.526494] Call Trace: [ 103.526831] [ 103.527093] iommufd_ioas_destroy+0x53/0x70 [ 103.527806] iommufd_fops_release+0x1f7/0x370 [ 103.528351] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.528947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.529525] ? write_comp_data+0x2f/0x90 [ 103.530013] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.530650] __fput+0x26d/0xa40 [ 103.531045] ____fput+0x1e/0x30 [ 103.531437] task_work_run+0x1a4/0x2d0 [ 103.531881] ? __pfx_task_work_run+0x10/0x10 [ 103.532373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.532921] ? switch_task_namespaces+0xa9/0xe0 [ 103.533454] do_exit+0xb17/0x2ef0 [ 103.533839] ? lock_acquire+0x427/0x4c0 [ 103.534289] ? __pfx_lock_release+0x10/0x10 [ 103.534809] ? __kasan_check_write+0x18/0x20 [ 103.535325] ? do_raw_spin_lock+0x132/0x2a0 [ 103.535808] ? __pfx_do_exit+0x10/0x10 [ 103.536255] ? debug_smp_processor_id+0x20/0x30 [ 103.536782] ? rcu_is_watching+0x19/0xb0 [ 103.537239] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.537745] ? trace_hardirqs_on+0x26/0x120 [ 103.538229] do_group_exit+0xe0/0x2b0 [ 103.538702] __x64_sys_exit_group+0x47/0x50 [ 103.539352] do_syscall_64+0x3b/0x90 [ 103.539661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.540072] RIP: 0033:0x7f4b87518a4d [ 103.540365] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.540842] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.541430] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.541980] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.542593] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.543202] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.543791] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.544383] [ 103.544577] irq event stamp: 0 [ 103.544843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.545362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.546050] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.546759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.547292] ---[ end trace 0000000000000000 ]--- [ 103.552345] ------------[ cut here ]------------ [ 103.552776] WARNING: CPU: 0 PID: 915 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.553600] Modules linked in: [ 103.553871] CPU: 0 PID: 915 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.554790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.555740] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.556156] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.557730] RSP: 0018:ffff88801429fbb8 EFLAGS: 00010246 [ 103.558194] RAX: 0000000000000000 RBX: ffff8880244440a8 RCX: 0000000000000000 [ 103.558866] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 103.559506] RBP: ffff88801429fbd0 R08: ffffed1004888833 R09: ffffed1004888833 [ 103.560132] R10: ffff888024444193 R11: ffffed1004888832 R12: ffff88800efcd000 [ 103.560755] R13: ffff8880244441e8 R14: ffffffff8352e670 R15: ffff88801429fe68 [ 103.561385] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.562088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.562634] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 103.563272] PKRU: 55555554 [ 103.563528] Call Trace: [ 103.563758] [ 103.563960] __iommufd_access_detach+0x1c2/0x2b0 [ 103.564410] iommufd_access_change_pt+0x149/0x270 [ 103.564850] iommufd_access_replace+0xb4/0x120 [ 103.565269] iommufd_test+0x3e5/0x37e0 [ 103.565617] ? lock_release+0x532/0x770 [ 103.565985] ? __might_fault+0x102/0x1b0 [ 103.566355] ? lock_acquire+0x427/0x4c0 [ 103.566761] ? __pfx_iommufd_test+0x10/0x10 [ 103.567156] ? __pfx_lock_release+0x10/0x10 [ 103.567551] ? __pfx_lock_acquire+0x10/0x10 [ 103.567947] ? write_comp_data+0x2f/0x90 [ 103.568313] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.568751] ? write_comp_data+0x2f/0x90 [ 103.569123] iommufd_fops_ioctl+0x37d/0x510 [ 103.569511] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.569949] ? write_comp_data+0x2f/0x90 [ 103.570326] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.570791] __x64_sys_ioctl+0x1a3/0x230 [ 103.571187] do_syscall_64+0x3b/0x90 [ 103.571541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.572022] RIP: 0033:0x7f4b8743ee5d [ 103.572354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.573964] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.574679] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.575349] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.576014] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.576680] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.577351] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.578024] [ 103.578245] irq event stamp: 0 [ 103.578578] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.579187] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.579976] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.580762] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.581356] ---[ end trace 0000000000000000 ]--- [ 103.584425] ------------[ cut here ]------------ [ 103.584898] WARNING: CPU: 0 PID: 915 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.585856] Modules linked in: [ 103.586162] CPU: 0 PID: 915 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.587044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.588127] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.588607] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.590343] RSP: 0018:ffff88801429fbd0 EFLAGS: 00010246 [ 103.590888] RAX: 0000000000000000 RBX: ffff8880244440a8 RCX: 0000000000000000 [ 103.591581] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 103.592262] RBP: ffff88801429fbe8 R08: ffffed1004888833 R09: ffffed1004888833 [ 103.592937] R10: ffff888024444193 R11: ffffed1004888832 R12: ffff88801341c800 [ 103.593618] R13: ffff8880244441e8 R14: ffff888010aa9300 R15: 0000000000000000 [ 103.594294] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.595085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.595654] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.596328] PKRU: 55555554 [ 103.596599] Call Trace: [ 103.596843] [ 103.597060] iommufd_access_destroy_object+0x65/0x170 [ 103.597561] iommufd_object_destroy_user+0x18e/0x220 [ 103.598052] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.598652] iommufd_access_destroy+0x43/0x70 [ 103.599097] iommufd_test_staccess_release+0x8d/0xd0 [ 103.599598] __fput+0x26d/0xa40 [ 103.599934] ____fput+0x1e/0x30 [ 103.600288] task_work_run+0x1a4/0x2d0 [ 103.600707] ? __pfx_task_work_run+0x10/0x10 [ 103.601173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.601685] ? switch_task_namespaces+0xa9/0xe0 [ 103.602183] do_exit+0xb17/0x2ef0 [ 103.602588] ? lock_acquire+0x427/0x4c0 [ 103.603019] ? __pfx_lock_release+0x10/0x10 [ 103.603492] ? __kasan_check_write+0x18/0x20 [ 103.603959] ? do_raw_spin_lock+0x132/0x2a0 [ 103.604412] ? __pfx_do_exit+0x10/0x10 [ 103.604841] ? debug_smp_processor_id+0x20/0x30 [ 103.605334] ? rcu_is_watching+0x19/0xb0 [ 103.605766] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.606248] ? trace_hardirqs_on+0x26/0x120 [ 103.606752] do_group_exit+0xe0/0x2b0 [ 103.607170] __x64_sys_exit_group+0x47/0x50 [ 103.607629] do_syscall_64+0x3b/0x90 [ 103.608037] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.608586] RIP: 0033:0x7f4b87518a4d [ 103.608981] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.609671] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.610478] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.611284] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.612030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.612766] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.613515] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.614264] [ 103.614542] irq event stamp: 0 [ 103.614872] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.615548] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.616424] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.617297] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.617966] ---[ end trace 0000000000000000 ]--- [ 103.619450] ------------[ cut here ]------------ [ 103.619949] WARNING: CPU: 0 PID: 915 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.621011] Modules linked in: [ 103.621352] CPU: 0 PID: 915 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.622258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.623539] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.624098] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.626007] RSP: 0018:ffff88801429fb78 EFLAGS: 00010246 [ 103.626605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.627366] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 103.628114] RBP: ffff88801429fb98 R08: ffffed100488883e R09: ffffed100488883e [ 103.628861] R10: ffff8880244441ef R11: ffffed100488883d R12: ffff888024444290 [ 103.629595] R13: ffff8880244440a8 R14: ffffffffffffffff R15: ffff88801429fc60 [ 103.630346] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.631234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.631842] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.632603] PKRU: 55555554 [ 103.632900] Call Trace: [ 103.633178] [ 103.633417] iommufd_ioas_destroy+0x53/0x70 [ 103.633885] iommufd_fops_release+0x1f7/0x370 [ 103.634357] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.634912] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.635449] ? write_comp_data+0x2f/0x90 [ 103.635891] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.636432] __fput+0x26d/0xa40 [ 103.636805] ____fput+0x1e/0x30 [ 103.637161] task_work_run+0x1a4/0x2d0 [ 103.637577] ? __pfx_task_work_run+0x10/0x10 [ 103.638048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.638624] ? switch_task_namespaces+0xa9/0xe0 [ 103.639146] do_exit+0xb17/0x2ef0 [ 103.639516] ? lock_acquire+0x427/0x4c0 [ 103.639945] ? __pfx_lock_release+0x10/0x10 [ 103.640405] ? __kasan_check_write+0x18/0x20 [ 103.640870] ? do_raw_spin_lock+0x132/0x2a0 [ 103.641324] ? __pfx_do_exit+0x10/0x10 [ 103.641739] ? debug_smp_processor_id+0x20/0x30 [ 103.642231] ? rcu_is_watching+0x19/0xb0 [ 103.642701] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.643203] ? trace_hardirqs_on+0x26/0x120 [ 103.643664] do_group_exit+0xe0/0x2b0 [ 103.644057] __x64_sys_exit_group+0x47/0x50 [ 103.644503] do_syscall_64+0x3b/0x90 [ 103.644904] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.645451] RIP: 0033:0x7f4b87518a4d [ 103.645839] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.646482] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.647339] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.648095] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.648851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.649600] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.650349] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.651158] [ 103.651418] irq event stamp: 0 [ 103.651759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.652434] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.653320] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.654198] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.654905] ---[ end trace 0000000000000000 ]--- [ 103.660716] ------------[ cut here ]------------ [ 103.661261] WARNING: CPU: 0 PID: 916 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.662317] Modules linked in: [ 103.662901] CPU: 0 PID: 916 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.663841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.665026] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.665555] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.667532] RSP: 0018:ffff88800fca7bb8 EFLAGS: 00010246 [ 103.668108] RAX: 0000000000000000 RBX: ffff8880129488a8 RCX: 0000000000000000 [ 103.668869] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 103.669640] RBP: ffff88800fca7bd0 R08: ffffed1002529133 R09: ffffed1002529133 [ 103.670400] R10: ffff888012948993 R11: ffffed1002529132 R12: ffff888021bcac00 [ 103.671208] R13: ffff8880129489e8 R14: ffffffff8352e670 R15: ffff88800fca7e68 [ 103.671967] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.672815] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.673434] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 103.674226] PKRU: 55555554 [ 103.674576] Call Trace: [ 103.674854] [ 103.675104] __iommufd_access_detach+0x1c2/0x2b0 [ 103.675642] iommufd_access_change_pt+0x149/0x270 [ 103.676165] iommufd_access_replace+0xb4/0x120 [ 103.676660] iommufd_test+0x3e5/0x37e0 [ 103.677077] ? lock_release+0x532/0x770 [ 103.677517] ? __might_fault+0x102/0x1b0 [ 103.677962] ? lock_acquire+0x427/0x4c0 [ 103.678393] ? __pfx_iommufd_test+0x10/0x10 [ 103.678906] ? __pfx_lock_release+0x10/0x10 [ 103.679381] ? __pfx_lock_acquire+0x10/0x10 [ 103.679859] ? write_comp_data+0x2f/0x90 [ 103.680308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.680834] ? write_comp_data+0x2f/0x90 [ 103.681284] iommufd_fops_ioctl+0x37d/0x510 [ 103.681751] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.682276] ? write_comp_data+0x2f/0x90 [ 103.682772] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.683310] __x64_sys_ioctl+0x1a3/0x230 [ 103.683763] do_syscall_64+0x3b/0x90 [ 103.684169] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.684727] RIP: 0033:0x7f4b8743ee5d [ 103.685122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.687104] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.687937] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.688696] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.689453] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.690215] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.691008] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.691795] [ 103.692058] irq event stamp: 0 [ 103.692396] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.693066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.693954] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.694873] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.695558] ---[ end trace 0000000000000000 ]--- [ 103.698833] ------------[ cut here ]------------ [ 103.699387] WARNING: CPU: 0 PID: 916 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.700450] Modules linked in: [ 103.700790] CPU: 0 PID: 916 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.701706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.702948] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.703511] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.705444] RSP: 0018:ffff88800fca7bd0 EFLAGS: 00010246 [ 103.706015] RAX: 0000000000000000 RBX: ffff8880129488a8 RCX: 0000000000000000 [ 103.706796] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 103.707562] RBP: ffff88800fca7be8 R08: ffffed1002529133 R09: ffffed1002529133 [ 103.708318] R10: ffff888012948993 R11: ffffed1002529132 R12: ffff88800efcc400 [ 103.709070] R13: ffff8880129489e8 R14: ffff8880138abe00 R15: 0000000000000000 [ 103.709823] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.710714] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.711350] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.712119] PKRU: 55555554 [ 103.712430] Call Trace: [ 103.712701] [ 103.712952] iommufd_access_destroy_object+0x65/0x170 [ 103.713503] iommufd_object_destroy_user+0x18e/0x220 [ 103.714051] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.714718] iommufd_access_destroy+0x43/0x70 [ 103.715230] iommufd_test_staccess_release+0x8d/0xd0 [ 103.715782] __fput+0x26d/0xa40 [ 103.716149] ____fput+0x1e/0x30 [ 103.716508] task_work_run+0x1a4/0x2d0 [ 103.716935] ? __pfx_task_work_run+0x10/0x10 [ 103.717413] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.717942] ? switch_task_namespaces+0xa9/0xe0 [ 103.718456] do_exit+0xb17/0x2ef0 [ 103.718878] ? lock_acquire+0x427/0x4c0 [ 103.719323] ? __pfx_lock_release+0x10/0x10 [ 103.719790] ? __kasan_check_write+0x18/0x20 [ 103.720261] ? do_raw_spin_lock+0x132/0x2a0 [ 103.720726] ? __pfx_do_exit+0x10/0x10 [ 103.721147] ? debug_smp_processor_id+0x20/0x30 [ 103.721647] ? rcu_is_watching+0x19/0xb0 [ 103.722082] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.722599] ? trace_hardirqs_on+0x26/0x120 [ 103.723066] do_group_exit+0xe0/0x2b0 [ 103.723491] __x64_sys_exit_group+0x47/0x50 [ 103.723961] do_syscall_64+0x3b/0x90 [ 103.724378] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.724947] RIP: 0033:0x7f4b87518a4d [ 103.725670] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.726703] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.727527] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.728271] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.729694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.730730] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.731732] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.732779] [ 103.733396] irq event stamp: 0 [ 103.733843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.734757] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.736015] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.737540] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.738407] ---[ end trace 0000000000000000 ]--- [ 103.739839] ------------[ cut here ]------------ [ 103.740814] WARNING: CPU: 0 PID: 916 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.742187] Modules linked in: [ 103.742786] CPU: 0 PID: 916 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.744157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.745689] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.746739] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.749217] RSP: 0018:ffff88800fca7b78 EFLAGS: 00010246 [ 103.750182] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.751246] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 103.752253] RBP: ffff88800fca7b98 R08: ffffed100252913e R09: ffffed100252913e [ 103.753401] R10: ffff8880129489ef R11: ffffed100252913d R12: ffff888012948a90 [ 103.754371] R13: ffff8880129488a8 R14: ffffffffffffffff R15: ffff88800fca7c60 [ 103.755687] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.756838] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.757430] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.758298] PKRU: 55555554 [ 103.758835] Call Trace: [ 103.759095] [ 103.759351] iommufd_ioas_destroy+0x53/0x70 [ 103.759791] iommufd_fops_release+0x1f7/0x370 [ 103.760253] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.760761] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.761330] ? write_comp_data+0x2f/0x90 [ 103.761911] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.762597] __fput+0x26d/0xa40 [ 103.762952] ____fput+0x1e/0x30 [ 103.763320] task_work_run+0x1a4/0x2d0 [ 103.763734] ? __pfx_task_work_run+0x10/0x10 [ 103.764189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.764749] ? switch_task_namespaces+0xa9/0xe0 [ 103.765396] do_exit+0xb17/0x2ef0 [ 103.765885] ? lock_acquire+0x427/0x4c0 [ 103.766311] ? __pfx_lock_release+0x10/0x10 [ 103.766793] ? __kasan_check_write+0x18/0x20 [ 103.767272] ? do_raw_spin_lock+0x132/0x2a0 [ 103.767733] ? __pfx_do_exit+0x10/0x10 [ 103.768193] ? debug_smp_processor_id+0x20/0x30 [ 103.768872] ? rcu_is_watching+0x19/0xb0 [ 103.769443] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.769924] ? trace_hardirqs_on+0x26/0x120 [ 103.770389] do_group_exit+0xe0/0x2b0 [ 103.770821] __x64_sys_exit_group+0x47/0x50 [ 103.771281] do_syscall_64+0x3b/0x90 [ 103.771774] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.772497] RIP: 0033:0x7f4b87518a4d [ 103.772885] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.773518] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.774308] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.775223] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.776126] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.776860] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.777593] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.778537] [ 103.778929] irq event stamp: 0 [ 103.779278] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.779927] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.780776] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.781794] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.782740] ---[ end trace 0000000000000000 ]--- [ 103.790722] ------------[ cut here ]------------ [ 103.791284] WARNING: CPU: 0 PID: 917 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.793175] Modules linked in: [ 103.793518] CPU: 0 PID: 917 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.794403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.795964] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.796612] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.798436] RSP: 0018:ffff888016387bb8 EFLAGS: 00010246 [ 103.798993] RAX: 0000000000000000 RBX: ffff8880245bf8a8 RCX: 0000000000000000 [ 103.799745] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 103.800471] RBP: ffff888016387bd0 R08: ffffed10048b7f33 R09: ffffed10048b7f33 [ 103.801197] R10: ffff8880245bf993 R11: ffffed10048b7f32 R12: ffff888012eaa000 [ 103.801920] R13: ffff8880245bf9e8 R14: ffffffff8352e670 R15: ffff888016387e68 [ 103.802690] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.803532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.804125] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 103.804851] PKRU: 55555554 [ 103.805143] Call Trace: [ 103.805410] [ 103.805640] __iommufd_access_detach+0x1c2/0x2b0 [ 103.806144] iommufd_access_change_pt+0x149/0x270 [ 103.806690] iommufd_access_replace+0xb4/0x120 [ 103.807189] iommufd_test+0x3e5/0x37e0 [ 103.807590] ? lock_release+0x532/0x770 [ 103.808008] ? __might_fault+0x102/0x1b0 [ 103.808442] ? lock_acquire+0x427/0x4c0 [ 103.808873] ? __pfx_iommufd_test+0x10/0x10 [ 103.809316] ? __pfx_lock_release+0x10/0x10 [ 103.809761] ? __pfx_lock_acquire+0x10/0x10 [ 103.810217] ? write_comp_data+0x2f/0x90 [ 103.810681] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.811197] ? write_comp_data+0x2f/0x90 [ 103.811629] iommufd_fops_ioctl+0x37d/0x510 [ 103.812087] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.812598] ? write_comp_data+0x2f/0x90 [ 103.813026] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.813520] __x64_sys_ioctl+0x1a3/0x230 [ 103.813952] do_syscall_64+0x3b/0x90 [ 103.814351] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.814933] RIP: 0033:0x7f4b8743ee5d [ 103.815339] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.817225] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.818022] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.818794] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.819546] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.820268] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.820985] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.821715] [ 103.821961] irq event stamp: 0 [ 103.822282] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.822962] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.823833] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.824688] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.825330] ---[ end trace 0000000000000000 ]--- [ 103.829039] ------------[ cut here ]------------ [ 103.829566] WARNING: CPU: 0 PID: 917 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.830718] Modules linked in: [ 103.831292] CPU: 0 PID: 917 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.832175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.833308] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.833812] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.836758] RSP: 0018:ffff888016387bd0 EFLAGS: 00010246 [ 103.837452] RAX: 0000000000000000 RBX: ffff8880245bf8a8 RCX: 0000000000000000 [ 103.838415] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 103.839913] RBP: ffff888016387be8 R08: ffffed10048b7f33 R09: ffffed10048b7f33 [ 103.840870] R10: ffff8880245bf993 R11: ffffed10048b7f32 R12: ffff888021bca000 [ 103.841839] R13: ffff8880245bf9e8 R14: ffff88800f210b00 R15: 0000000000000000 [ 103.843366] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.844263] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.844889] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.845644] PKRU: 55555554 [ 103.846074] Call Trace: [ 103.846558] [ 103.846964] iommufd_access_destroy_object+0x65/0x170 [ 103.847531] iommufd_object_destroy_user+0x18e/0x220 [ 103.848070] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.848699] iommufd_access_destroy+0x43/0x70 [ 103.849186] iommufd_test_staccess_release+0x8d/0xd0 [ 103.849775] __fput+0x26d/0xa40 [ 103.850239] ____fput+0x1e/0x30 [ 103.850806] task_work_run+0x1a4/0x2d0 [ 103.851254] ? __pfx_task_work_run+0x10/0x10 [ 103.851747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.852273] ? switch_task_namespaces+0xa9/0xe0 [ 103.852789] do_exit+0xb17/0x2ef0 [ 103.853163] ? lock_acquire+0x427/0x4c0 [ 103.853707] ? __pfx_lock_release+0x10/0x10 [ 103.854391] ? __kasan_check_write+0x18/0x20 [ 103.854905] ? do_raw_spin_lock+0x132/0x2a0 [ 103.855402] ? __pfx_do_exit+0x10/0x10 [ 103.855839] ? debug_smp_processor_id+0x20/0x30 [ 103.856341] ? rcu_is_watching+0x19/0xb0 [ 103.856787] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.857368] ? trace_hardirqs_on+0x26/0x120 [ 103.858037] do_group_exit+0xe0/0x2b0 [ 103.858449] __x64_sys_exit_group+0x47/0x50 [ 103.858942] do_syscall_64+0x3b/0x90 [ 103.859368] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.859935] RIP: 0033:0x7f4b87518a4d [ 103.860461] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.861371] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.862176] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.862957] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.863782] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.864839] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.865601] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.866365] [ 103.866644] irq event stamp: 0 [ 103.867000] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.867865] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.868835] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.869815] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.870491] ---[ end trace 0000000000000000 ]--- [ 103.872621] ------------[ cut here ]------------ [ 103.873148] WARNING: CPU: 0 PID: 917 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.874496] Modules linked in: [ 103.874888] CPU: 0 PID: 917 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.875808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.877212] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.877756] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.879872] RSP: 0018:ffff888016387b78 EFLAGS: 00010246 [ 103.880527] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.881276] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 103.882024] RBP: ffff888016387b98 R08: ffffed10048b7f3e R09: ffffed10048b7f3e [ 103.882804] R10: ffff8880245bf9ef R11: ffffed10048b7f3d R12: ffff8880245bfa90 [ 103.883584] R13: ffff8880245bf8a8 R14: ffffffffffffffff R15: ffff888016387c60 [ 103.884330] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.885174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.885782] CR2: 00007f82e2f9f000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 103.886563] PKRU: 55555554 [ 103.886862] Call Trace: [ 103.887137] [ 103.887378] iommufd_ioas_destroy+0x53/0x70 [ 103.887834] iommufd_fops_release+0x1f7/0x370 [ 103.888269] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.888751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.889226] ? write_comp_data+0x2f/0x90 [ 103.889626] ? __pfx_iommufd_fops_release+0x10/0x10 [ 103.890111] __fput+0x26d/0xa40 [ 103.890445] ____fput+0x1e/0x30 [ 103.890798] task_work_run+0x1a4/0x2d0 [ 103.891191] ? __pfx_task_work_run+0x10/0x10 [ 103.891624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.892096] ? switch_task_namespaces+0xa9/0xe0 [ 103.892559] do_exit+0xb17/0x2ef0 [ 103.892900] ? lock_acquire+0x427/0x4c0 [ 103.893292] ? __pfx_lock_release+0x10/0x10 [ 103.893713] ? __kasan_check_write+0x18/0x20 [ 103.894141] ? do_raw_spin_lock+0x132/0x2a0 [ 103.894582] ? __pfx_do_exit+0x10/0x10 [ 103.894977] ? debug_smp_processor_id+0x20/0x30 [ 103.895441] ? rcu_is_watching+0x19/0xb0 [ 103.895837] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.896279] ? trace_hardirqs_on+0x26/0x120 [ 103.896701] do_group_exit+0xe0/0x2b0 [ 103.897071] __x64_sys_exit_group+0x47/0x50 [ 103.897487] do_syscall_64+0x3b/0x90 [ 103.897851] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.898357] RIP: 0033:0x7f4b87518a4d [ 103.898741] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.899339] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.900061] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.900746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.901506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.902167] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.902851] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.903526] [ 103.903744] irq event stamp: 0 [ 103.904041] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.904620] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.905389] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.906153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.906751] ---[ end trace 0000000000000000 ]--- [ 103.913800] ------------[ cut here ]------------ [ 103.914407] WARNING: CPU: 0 PID: 918 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.915958] Modules linked in: [ 103.916405] CPU: 0 PID: 918 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.917593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.919199] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.919881] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.922168] RSP: 0018:ffff888015f8fbb8 EFLAGS: 00010246 [ 103.923069] RAX: 0000000000000000 RBX: ffff8880181718a8 RCX: 0000000000000000 [ 103.923939] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 103.924993] RBP: ffff888015f8fbd0 R08: ffffed100302e333 R09: ffffed100302e333 [ 103.925920] R10: ffff888018171993 R11: ffffed100302e332 R12: ffff888010c0b000 [ 103.926947] R13: ffff8880181719e8 R14: ffffffff8352e670 R15: ffff888015f8fe68 [ 103.928028] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.928987] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.929888] CR2: 0000000020000140 CR3: 00000000136d6000 CR4: 0000000000750ef0 [ 103.930809] PKRU: 55555554 [ 103.931309] Call Trace: [ 103.931627] [ 103.931903] __iommufd_access_detach+0x1c2/0x2b0 [ 103.932567] iommufd_access_change_pt+0x149/0x270 [ 103.933305] iommufd_access_replace+0xb4/0x120 [ 103.933882] iommufd_test+0x3e5/0x37e0 [ 103.934578] ? lock_release+0x532/0x770 [ 103.935085] ? __might_fault+0x102/0x1b0 [ 103.935610] ? lock_acquire+0x427/0x4c0 [ 103.936178] ? __pfx_iommufd_test+0x10/0x10 [ 103.936830] ? __pfx_lock_release+0x10/0x10 [ 103.937372] ? __pfx_lock_acquire+0x10/0x10 [ 103.938105] ? write_comp_data+0x2f/0x90 [ 103.938687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.939317] ? write_comp_data+0x2f/0x90 [ 103.940043] iommufd_fops_ioctl+0x37d/0x510 [ 103.940576] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.941364] ? write_comp_data+0x2f/0x90 [ 103.941880] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 103.942473] __x64_sys_ioctl+0x1a3/0x230 [ 103.943273] do_syscall_64+0x3b/0x90 [ 103.943642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.944110] RIP: 0033:0x7f4b8743ee5d [ 103.944536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 103.946216] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 103.947093] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 103.947733] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 103.948364] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 103.948993] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 103.949621] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 103.950262] [ 103.950470] irq event stamp: 0 [ 103.950775] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.951349] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.952095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.952837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.953390] ---[ end trace 0000000000000000 ]--- [ 103.956457] ------------[ cut here ]------------ [ 103.956910] WARNING: CPU: 0 PID: 918 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 103.957783] Modules linked in: [ 103.958067] CPU: 0 PID: 918 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.958846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.959846] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 103.960284] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 103.961862] RSP: 0018:ffff888015f8fbd0 EFLAGS: 00010246 [ 103.962328] RAX: 0000000000000000 RBX: ffff8880181718a8 RCX: 0000000000000000 [ 103.962984] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 103.963612] RBP: ffff888015f8fbe8 R08: ffffed100302e333 R09: ffffed100302e333 [ 103.964242] R10: ffff888018171993 R11: ffffed100302e332 R12: ffff888012eab800 [ 103.964866] R13: ffff8880181719e8 R14: ffff888013807400 R15: 0000000000000000 [ 103.965471] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.966170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.966751] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.967400] PKRU: 55555554 [ 103.967646] Call Trace: [ 103.967867] [ 103.968070] iommufd_access_destroy_object+0x65/0x170 [ 103.968530] iommufd_object_destroy_user+0x18e/0x220 [ 103.968977] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 103.969490] iommufd_access_destroy+0x43/0x70 [ 103.969895] iommufd_test_staccess_release+0x8d/0xd0 [ 103.970344] __fput+0x26d/0xa40 [ 103.970681] ____fput+0x1e/0x30 [ 103.970983] task_work_run+0x1a4/0x2d0 [ 103.971346] ? __pfx_task_work_run+0x10/0x10 [ 103.971738] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 103.972168] ? switch_task_namespaces+0xa9/0xe0 [ 103.972580] do_exit+0xb17/0x2ef0 [ 103.972883] ? lock_acquire+0x427/0x4c0 [ 103.973239] ? __pfx_lock_release+0x10/0x10 [ 103.973618] ? __kasan_check_write+0x18/0x20 [ 103.974001] ? do_raw_spin_lock+0x132/0x2a0 [ 103.974379] ? __pfx_do_exit+0x10/0x10 [ 103.974750] ? debug_smp_processor_id+0x20/0x30 [ 103.975171] ? rcu_is_watching+0x19/0xb0 [ 103.975533] ? _raw_spin_unlock_irq+0x2b/0x60 [ 103.975934] ? trace_hardirqs_on+0x26/0x120 [ 103.976320] do_group_exit+0xe0/0x2b0 [ 103.976654] __x64_sys_exit_group+0x47/0x50 [ 103.977028] do_syscall_64+0x3b/0x90 [ 103.977360] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 103.977816] RIP: 0033:0x7f4b87518a4d [ 103.978140] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 103.978701] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 103.979376] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 103.980000] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 103.980623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 103.981237] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 103.981850] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 103.982470] [ 103.982706] irq event stamp: 0 [ 103.982986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 103.983556] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 103.984286] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 103.985142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 103.985849] ---[ end trace 0000000000000000 ]--- [ 103.986685] ------------[ cut here ]------------ [ 103.987104] WARNING: CPU: 0 PID: 918 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 103.987988] Modules linked in: [ 103.988314] CPU: 0 PID: 918 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 103.989258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 103.990234] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 103.990874] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 103.992654] RSP: 0018:ffff888015f8fb78 EFLAGS: 00010246 [ 103.993122] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 103.993735] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 103.994352] RBP: ffff888015f8fb98 R08: ffffed100302e33e R09: ffffed100302e33e [ 103.995170] R10: ffff8880181719ef R11: ffffed100302e33d R12: ffff888018171a90 [ 103.995789] R13: ffff8880181718a8 R14: ffffffffffffffff R15: ffff888015f8fc60 [ 103.996413] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 103.997114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.997620] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 103.998241] PKRU: 55555554 [ 103.998489] Call Trace: [ 103.998742] [ 103.998949] iommufd_ioas_destroy+0x53/0x70 [ 103.999347] iommufd_fops_release+0x1f7/0x370 [ 103.999749] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.000193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.000634] ? write_comp_data+0x2f/0x90 [ 104.001001] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.001442] __fput+0x26d/0xa40 [ 104.001752] ____fput+0x1e/0x30 [ 104.002054] task_work_run+0x1a4/0x2d0 [ 104.002411] ? __pfx_task_work_run+0x10/0x10 [ 104.002830] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.003274] ? switch_task_namespaces+0xa9/0xe0 [ 104.003703] do_exit+0xb17/0x2ef0 [ 104.004006] ? lock_acquire+0x427/0x4c0 [ 104.004366] ? __pfx_lock_release+0x10/0x10 [ 104.004749] ? __kasan_check_write+0x18/0x20 [ 104.005136] ? do_raw_spin_lock+0x132/0x2a0 [ 104.005508] ? __pfx_do_exit+0x10/0x10 [ 104.005846] ? debug_smp_processor_id+0x20/0x30 [ 104.006237] ? rcu_is_watching+0x19/0xb0 [ 104.006602] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.006988] ? trace_hardirqs_on+0x26/0x120 [ 104.007360] do_group_exit+0xe0/0x2b0 [ 104.007681] __x64_sys_exit_group+0x47/0x50 [ 104.008041] do_syscall_64+0x3b/0x90 [ 104.008363] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.008800] RIP: 0033:0x7f4b87518a4d [ 104.009107] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.009617] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.010244] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.010852] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.011453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.012054] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.012649] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.013250] [ 104.013448] irq event stamp: 0 [ 104.013710] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.014232] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.014969] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.015679] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.016202] ---[ end trace 0000000000000000 ]--- [ 104.022978] ------------[ cut here ]------------ [ 104.023597] WARNING: CPU: 1 PID: 919 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.024921] Modules linked in: [ 104.025294] CPU: 1 PID: 919 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.026570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.027975] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.028546] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.030890] RSP: 0018:ffff888021a1fbb8 EFLAGS: 00010246 [ 104.031518] RAX: 0000000000000000 RBX: ffff88801609d8a8 RCX: 0000000000000000 [ 104.032324] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 104.033130] RBP: ffff888021a1fbd0 R08: ffffed1002c13b33 R09: ffffed1002c13b33 [ 104.033930] R10: ffff88801609d993 R11: ffffed1002c13b32 R12: ffff888010e03c00 [ 104.034768] R13: ffff88801609d9e8 R14: ffffffff8352e670 R15: ffff888021a1fe68 [ 104.035590] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.036497] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.037154] CR2: 00007f4b877410e8 CR3: 00000000143a2000 CR4: 0000000000750ee0 [ 104.037959] PKRU: 55555554 [ 104.038285] Call Trace: [ 104.038613] [ 104.038882] __iommufd_access_detach+0x1c2/0x2b0 [ 104.039461] iommufd_access_change_pt+0x149/0x270 [ 104.040028] iommufd_access_replace+0xb4/0x120 [ 104.040568] iommufd_test+0x3e5/0x37e0 [ 104.041016] ? lock_release+0x532/0x770 [ 104.041486] ? __might_fault+0x102/0x1b0 [ 104.041964] ? lock_acquire+0x427/0x4c0 [ 104.042434] ? __pfx_iommufd_test+0x10/0x10 [ 104.042961] ? __pfx_lock_release+0x10/0x10 [ 104.043480] ? __pfx_lock_acquire+0x10/0x10 [ 104.043989] ? write_comp_data+0x2f/0x90 [ 104.044470] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.045038] ? write_comp_data+0x2f/0x90 [ 104.045520] iommufd_fops_ioctl+0x37d/0x510 [ 104.046022] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.046623] ? write_comp_data+0x2f/0x90 [ 104.047154] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.047611] __x64_sys_ioctl+0x1a3/0x230 [ 104.047973] do_syscall_64+0x3b/0x90 [ 104.048294] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.048730] RIP: 0033:0x7f4b8743ee5d [ 104.049037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.050548] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.051176] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.051760] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.052342] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.052928] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.053511] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.054101] [ 104.054295] irq event stamp: 0 [ 104.054573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.055090] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.055776] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.056459] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.056975] ---[ end trace 0000000000000000 ]--- [ 104.059975] ------------[ cut here ]------------ [ 104.060392] WARNING: CPU: 1 PID: 919 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.061229] Modules linked in: [ 104.061495] CPU: 1 PID: 919 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.062208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.063157] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.063566] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.065055] RSP: 0018:ffff888021a1fbd0 EFLAGS: 00010246 [ 104.065491] RAX: 0000000000000000 RBX: ffff88801609d8a8 RCX: 0000000000000000 [ 104.066073] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 104.066674] RBP: ffff888021a1fbe8 R08: ffffed1002c13b33 R09: ffffed1002c13b33 [ 104.067266] R10: ffff88801609d993 R11: ffffed1002c13b32 R12: ffff8880183db800 [ 104.067847] R13: ffff88801609d9e8 R14: ffff888010ab0600 R15: 0000000000000000 [ 104.068430] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.069086] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.069563] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.070147] PKRU: 55555554 [ 104.070380] Call Trace: [ 104.070624] [ 104.070815] iommufd_access_destroy_object+0x65/0x170 [ 104.071255] iommufd_object_destroy_user+0x18e/0x220 [ 104.071684] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.072169] iommufd_access_destroy+0x43/0x70 [ 104.072546] iommufd_test_staccess_release+0x8d/0xd0 [ 104.072972] __fput+0x26d/0xa40 [ 104.073262] ____fput+0x1e/0x30 [ 104.073547] task_work_run+0x1a4/0x2d0 [ 104.073881] ? __pfx_task_work_run+0x10/0x10 [ 104.074254] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.074690] ? switch_task_namespaces+0xa9/0xe0 [ 104.075093] do_exit+0xb17/0x2ef0 [ 104.075391] ? lock_acquire+0x427/0x4c0 [ 104.075736] ? __pfx_lock_release+0x10/0x10 [ 104.076100] ? __kasan_check_write+0x18/0x20 [ 104.076472] ? do_raw_spin_lock+0x132/0x2a0 [ 104.076833] ? __pfx_do_exit+0x10/0x10 [ 104.077165] ? debug_smp_processor_id+0x20/0x30 [ 104.077554] ? rcu_is_watching+0x19/0xb0 [ 104.077897] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.078281] ? trace_hardirqs_on+0x26/0x120 [ 104.078662] do_group_exit+0xe0/0x2b0 [ 104.078981] __x64_sys_exit_group+0x47/0x50 [ 104.079347] do_syscall_64+0x3b/0x90 [ 104.079661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.080090] RIP: 0033:0x7f4b87518a4d [ 104.080386] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.080880] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.081487] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.082055] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.082636] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.083214] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.083778] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.084351] [ 104.084540] irq event stamp: 0 [ 104.084792] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.085294] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.085956] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.086633] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.087143] ---[ end trace 0000000000000000 ]--- [ 104.087848] ------------[ cut here ]------------ [ 104.088227] WARNING: CPU: 1 PID: 919 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.089033] Modules linked in: [ 104.089288] CPU: 1 PID: 919 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.089963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.090857] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.091270] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.092686] RSP: 0018:ffff888021a1fb78 EFLAGS: 00010246 [ 104.093105] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.093656] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 104.094209] RBP: ffff888021a1fb98 R08: ffffed1002c13b3e R09: ffffed1002c13b3e [ 104.094772] R10: ffff88801609d9ef R11: ffffed1002c13b3d R12: ffff88801609da90 [ 104.095335] R13: ffff88801609d8a8 R14: ffffffffffffffff R15: ffff888021a1fc60 [ 104.095891] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.096513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.096964] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.097524] PKRU: 55555554 [ 104.097743] Call Trace: [ 104.097942] [ 104.098121] iommufd_ioas_destroy+0x53/0x70 [ 104.098466] iommufd_fops_release+0x1f7/0x370 [ 104.098843] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.099248] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.099640] ? write_comp_data+0x2f/0x90 [ 104.099965] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.100358] __fput+0x26d/0xa40 [ 104.100633] ____fput+0x1e/0x30 [ 104.100905] task_work_run+0x1a4/0x2d0 [ 104.101218] ? __pfx_task_work_run+0x10/0x10 [ 104.101577] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.101971] ? switch_task_namespaces+0xa9/0xe0 [ 104.102347] do_exit+0xb17/0x2ef0 [ 104.102637] ? lock_acquire+0x427/0x4c0 [ 104.102964] ? __pfx_lock_release+0x10/0x10 [ 104.103316] ? __kasan_check_write+0x18/0x20 [ 104.103664] ? do_raw_spin_lock+0x132/0x2a0 [ 104.104004] ? __pfx_do_exit+0x10/0x10 [ 104.104323] ? debug_smp_processor_id+0x20/0x30 [ 104.104694] ? rcu_is_watching+0x19/0xb0 [ 104.105014] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.105376] ? trace_hardirqs_on+0x26/0x120 [ 104.105723] do_group_exit+0xe0/0x2b0 [ 104.106031] __x64_sys_exit_group+0x47/0x50 [ 104.106372] do_syscall_64+0x3b/0x90 [ 104.106691] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.107106] RIP: 0033:0x7f4b87518a4d [ 104.107407] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.107887] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.108480] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.109033] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.109586] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.110140] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.110708] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.111278] [ 104.111462] irq event stamp: 0 [ 104.111713] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.112211] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.112872] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.113527] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.114021] ---[ end trace 0000000000000000 ]--- [ 104.118111] ------------[ cut here ]------------ [ 104.118564] WARNING: CPU: 1 PID: 920 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.119378] Modules linked in: [ 104.119635] CPU: 1 PID: 920 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.120319] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.121202] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.121593] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.123051] RSP: 0018:ffff8880245dfbb8 EFLAGS: 00010246 [ 104.123476] RAX: 0000000000000000 RBX: ffff88801839c8a8 RCX: 0000000000000000 [ 104.124034] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 104.124592] RBP: ffff8880245dfbd0 R08: ffffed1003073933 R09: ffffed1003073933 [ 104.125150] R10: ffff88801839c993 R11: ffffed1003073932 R12: ffff8880129c6800 [ 104.125709] R13: ffff88801839c9e8 R14: ffffffff8352e670 R15: ffff8880245dfe68 [ 104.126269] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.126914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.127381] CR2: 0000000020000140 CR3: 00000000136d6000 CR4: 0000000000750ee0 [ 104.127950] PKRU: 55555554 [ 104.128182] Call Trace: [ 104.128385] [ 104.128565] __iommufd_access_detach+0x1c2/0x2b0 [ 104.128953] iommufd_access_change_pt+0x149/0x270 [ 104.129360] iommufd_access_replace+0xb4/0x120 [ 104.129738] iommufd_test+0x3e5/0x37e0 [ 104.130050] ? lock_release+0x532/0x770 [ 104.130380] ? __might_fault+0x102/0x1b0 [ 104.130732] ? lock_acquire+0x427/0x4c0 [ 104.131063] ? __pfx_iommufd_test+0x10/0x10 [ 104.131413] ? __pfx_lock_release+0x10/0x10 [ 104.131765] ? __pfx_lock_acquire+0x10/0x10 [ 104.132118] ? write_comp_data+0x2f/0x90 [ 104.132454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.132846] ? write_comp_data+0x2f/0x90 [ 104.133180] iommufd_fops_ioctl+0x37d/0x510 [ 104.133531] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.133923] ? write_comp_data+0x2f/0x90 [ 104.134261] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.134665] __x64_sys_ioctl+0x1a3/0x230 [ 104.135005] do_syscall_64+0x3b/0x90 [ 104.135333] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.135759] RIP: 0033:0x7f4b8743ee5d [ 104.136055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.137487] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.138086] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.138679] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.139249] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.139816] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.140380] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.140947] [ 104.141133] irq event stamp: 0 [ 104.141383] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.141880] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.142559] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.143228] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.143731] ---[ end trace 0000000000000000 ]--- [ 104.146472] ------------[ cut here ]------------ [ 104.146893] WARNING: CPU: 1 PID: 920 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.147699] Modules linked in: [ 104.147955] CPU: 1 PID: 920 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.148639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.149525] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.149922] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.151374] RSP: 0018:ffff8880245dfbd0 EFLAGS: 00010246 [ 104.151802] RAX: 0000000000000000 RBX: ffff88801839c8a8 RCX: 0000000000000000 [ 104.152362] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 104.152922] RBP: ffff8880245dfbe8 R08: ffffed1003073933 R09: ffffed1003073933 [ 104.153486] R10: ffff88801839c993 R11: ffffed1003073932 R12: ffff888010e00800 [ 104.154052] R13: ffff88801839c9e8 R14: ffff888012de0d00 R15: 0000000000000000 [ 104.154631] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.155272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.155733] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.156298] PKRU: 55555554 [ 104.156522] Call Trace: [ 104.156723] [ 104.156905] iommufd_access_destroy_object+0x65/0x170 [ 104.157332] iommufd_object_destroy_user+0x18e/0x220 [ 104.157741] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.158208] iommufd_access_destroy+0x43/0x70 [ 104.158591] iommufd_test_staccess_release+0x8d/0xd0 [ 104.159014] __fput+0x26d/0xa40 [ 104.159297] ____fput+0x1e/0x30 [ 104.159571] task_work_run+0x1a4/0x2d0 [ 104.159887] ? __pfx_task_work_run+0x10/0x10 [ 104.160235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.160624] ? switch_task_namespaces+0xa9/0xe0 [ 104.160997] do_exit+0xb17/0x2ef0 [ 104.161270] ? lock_acquire+0x427/0x4c0 [ 104.161586] ? __pfx_lock_release+0x10/0x10 [ 104.161931] ? __kasan_check_write+0x18/0x20 [ 104.162279] ? do_raw_spin_lock+0x132/0x2a0 [ 104.162631] ? __pfx_do_exit+0x10/0x10 [ 104.162948] ? debug_smp_processor_id+0x20/0x30 [ 104.163321] ? rcu_is_watching+0x19/0xb0 [ 104.163641] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.164000] ? trace_hardirqs_on+0x26/0x120 [ 104.164345] do_group_exit+0xe0/0x2b0 [ 104.164645] __x64_sys_exit_group+0x47/0x50 [ 104.164981] do_syscall_64+0x3b/0x90 [ 104.165279] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.165688] RIP: 0033:0x7f4b87518a4d [ 104.165981] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.166457] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.167068] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.167625] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.168173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.168720] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.169269] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.169824] [ 104.170006] irq event stamp: 0 [ 104.170252] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.170755] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.171409] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.172049] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.172531] ---[ end trace 0000000000000000 ]--- [ 104.173220] ------------[ cut here ]------------ [ 104.173586] WARNING: CPU: 1 PID: 920 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.174364] Modules linked in: [ 104.174632] CPU: 1 PID: 920 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.175307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.176168] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.176565] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.177961] RSP: 0018:ffff8880245dfb78 EFLAGS: 00010246 [ 104.178371] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.178942] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 104.179502] RBP: ffff8880245dfb98 R08: ffffed100307393e R09: ffffed100307393e [ 104.180052] R10: ffff88801839c9ef R11: ffffed100307393d R12: ffff88801839ca90 [ 104.180604] R13: ffff88801839c8a8 R14: ffffffffffffffff R15: ffff8880245dfc60 [ 104.181154] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.181776] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.182225] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.182792] PKRU: 55555554 [ 104.183013] Call Trace: [ 104.183226] [ 104.183405] iommufd_ioas_destroy+0x53/0x70 [ 104.183750] iommufd_fops_release+0x1f7/0x370 [ 104.184104] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.184492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.184877] ? write_comp_data+0x2f/0x90 [ 104.185204] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.185591] __fput+0x26d/0xa40 [ 104.185861] ____fput+0x1e/0x30 [ 104.186126] task_work_run+0x1a4/0x2d0 [ 104.186437] ? __pfx_task_work_run+0x10/0x10 [ 104.186801] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.187189] ? switch_task_namespaces+0xa9/0xe0 [ 104.187561] do_exit+0xb17/0x2ef0 [ 104.187833] ? lock_acquire+0x427/0x4c0 [ 104.188153] ? __pfx_lock_release+0x10/0x10 [ 104.188495] ? __kasan_check_write+0x18/0x20 [ 104.188840] ? do_raw_spin_lock+0x132/0x2a0 [ 104.189178] ? __pfx_do_exit+0x10/0x10 [ 104.189490] ? debug_smp_processor_id+0x20/0x30 [ 104.189857] ? rcu_is_watching+0x19/0xb0 [ 104.190173] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.190549] ? trace_hardirqs_on+0x26/0x120 [ 104.190893] do_group_exit+0xe0/0x2b0 [ 104.191200] __x64_sys_exit_group+0x47/0x50 [ 104.191535] do_syscall_64+0x3b/0x90 [ 104.191836] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.192245] RIP: 0033:0x7f4b87518a4d [ 104.192538] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.193017] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.193607] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.194155] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.194719] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.195274] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.195823] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.196380] [ 104.196561] irq event stamp: 0 [ 104.196823] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.197311] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.197967] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.198627] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.199121] ---[ end trace 0000000000000000 ]--- [ 104.203270] ------------[ cut here ]------------ [ 104.203674] WARNING: CPU: 1 PID: 921 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.204444] Modules linked in: [ 104.204694] CPU: 1 PID: 921 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.205361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.206223] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.206799] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.208205] RSP: 0018:ffff88802460fbb8 EFLAGS: 00010246 [ 104.208619] RAX: 0000000000000000 RBX: ffff8880181760a8 RCX: 0000000000000000 [ 104.209163] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 104.209706] RBP: ffff88802460fbd0 R08: ffffed100302ec33 R09: ffffed100302ec33 [ 104.210252] R10: ffff888018176193 R11: ffffed100302ec32 R12: ffff8880189e3800 [ 104.210814] R13: ffff8880181761e8 R14: ffffffff8352e670 R15: ffff88802460fe68 [ 104.211368] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.211980] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.212423] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 104.212966] PKRU: 55555554 [ 104.213185] Call Trace: [ 104.213381] [ 104.213554] __iommufd_access_detach+0x1c2/0x2b0 [ 104.213932] iommufd_access_change_pt+0x149/0x270 [ 104.214315] iommufd_access_replace+0xb4/0x120 [ 104.214692] iommufd_test+0x3e5/0x37e0 [ 104.214993] ? lock_release+0x532/0x770 [ 104.215317] ? __might_fault+0x102/0x1b0 [ 104.215637] ? lock_acquire+0x427/0x4c0 [ 104.215954] ? __pfx_iommufd_test+0x10/0x10 [ 104.216282] ? __pfx_lock_release+0x10/0x10 [ 104.216619] ? __pfx_lock_acquire+0x10/0x10 [ 104.216963] ? write_comp_data+0x2f/0x90 [ 104.217286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.217663] ? write_comp_data+0x2f/0x90 [ 104.217987] iommufd_fops_ioctl+0x37d/0x510 [ 104.218321] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.218715] ? write_comp_data+0x2f/0x90 [ 104.219037] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.219421] __x64_sys_ioctl+0x1a3/0x230 [ 104.219761] do_syscall_64+0x3b/0x90 [ 104.220062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.220467] RIP: 0033:0x7f4b8743ee5d [ 104.220760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.222148] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.222754] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.223304] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.223851] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.224395] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.224938] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.225490] [ 104.225674] irq event stamp: 0 [ 104.225915] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.226397] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.227064] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.227720] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.228212] ---[ end trace 0000000000000000 ]--- [ 104.230950] ------------[ cut here ]------------ [ 104.231342] WARNING: CPU: 1 PID: 921 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.232111] Modules linked in: [ 104.232359] CPU: 1 PID: 921 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.233021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.233880] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.234261] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.235681] RSP: 0018:ffff88802460fbd0 EFLAGS: 00010246 [ 104.236095] RAX: 0000000000000000 RBX: ffff8880181760a8 RCX: 0000000000000000 [ 104.236640] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 104.237185] RBP: ffff88802460fbe8 R08: ffffed100302ec33 R09: ffffed100302ec33 [ 104.237727] R10: ffff888018176193 R11: ffffed100302ec32 R12: ffff8880129c7800 [ 104.238266] R13: ffff8880181761e8 R14: ffff888014060500 R15: 0000000000000000 [ 104.238821] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.239448] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.239898] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.240446] PKRU: 55555554 [ 104.240672] Call Trace: [ 104.240873] [ 104.241093] iommufd_access_destroy_object+0x65/0x170 [ 104.241790] iommufd_object_destroy_user+0x18e/0x220 [ 104.242209] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.242681] iommufd_access_destroy+0x43/0x70 [ 104.243033] iommufd_test_staccess_release+0x8d/0xd0 [ 104.243442] __fput+0x26d/0xa40 [ 104.243711] ____fput+0x1e/0x30 [ 104.244016] task_work_run+0x1a4/0x2d0 [ 104.244406] ? __pfx_task_work_run+0x10/0x10 [ 104.244756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.245140] ? switch_task_namespaces+0xa9/0xe0 [ 104.245512] do_exit+0xb17/0x2ef0 [ 104.245784] ? lock_acquire+0x427/0x4c0 [ 104.246102] ? __pfx_lock_release+0x10/0x10 [ 104.246475] ? __kasan_check_write+0x18/0x20 [ 104.246957] ? do_raw_spin_lock+0x132/0x2a0 [ 104.247306] ? __pfx_do_exit+0x10/0x10 [ 104.247621] ? debug_smp_processor_id+0x20/0x30 [ 104.247986] ? rcu_is_watching+0x19/0xb0 [ 104.248306] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.248665] ? trace_hardirqs_on+0x26/0x120 [ 104.249015] do_group_exit+0xe0/0x2b0 [ 104.249318] __x64_sys_exit_group+0x47/0x50 [ 104.249657] do_syscall_64+0x3b/0x90 [ 104.249958] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.250398] RIP: 0033:0x7f4b87518a4d [ 104.250840] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.251338] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.251930] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.252481] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.253034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.253727] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.254278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.254874] [ 104.255060] irq event stamp: 0 [ 104.255314] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.255805] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.256456] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.257210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.257703] ---[ end trace 0000000000000000 ]--- [ 104.258398] ------------[ cut here ]------------ [ 104.258801] WARNING: CPU: 1 PID: 921 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.259620] Modules linked in: [ 104.259987] CPU: 1 PID: 921 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.260674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.261548] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.261951] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.263545] RSP: 0018:ffff88802460fb78 EFLAGS: 00010246 [ 104.263965] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.264515] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 104.265066] RBP: ffff88802460fb98 R08: ffffed100302ec3e R09: ffffed100302ec3e [ 104.265739] R10: ffff8880181761ef R11: ffffed100302ec3d R12: ffff888018176290 [ 104.266294] R13: ffff8880181760a8 R14: ffffffffffffffff R15: ffff88802460fc60 [ 104.266867] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.267504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.267958] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.268644] PKRU: 55555554 [ 104.268871] Call Trace: [ 104.269072] [ 104.269252] iommufd_ioas_destroy+0x53/0x70 [ 104.269594] iommufd_fops_release+0x1f7/0x370 [ 104.269954] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.270351] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.270777] ? write_comp_data+0x2f/0x90 [ 104.271210] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.271608] __fput+0x26d/0xa40 [ 104.271883] ____fput+0x1e/0x30 [ 104.272152] task_work_run+0x1a4/0x2d0 [ 104.272468] ? __pfx_task_work_run+0x10/0x10 [ 104.272826] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.273213] ? switch_task_namespaces+0xa9/0xe0 [ 104.273589] do_exit+0xb17/0x2ef0 [ 104.273864] ? lock_acquire+0x427/0x4c0 [ 104.274255] ? __pfx_lock_release+0x10/0x10 [ 104.274688] ? __kasan_check_write+0x18/0x20 [ 104.275042] ? do_raw_spin_lock+0x132/0x2a0 [ 104.275393] ? __pfx_do_exit+0x10/0x10 [ 104.275712] ? debug_smp_processor_id+0x20/0x30 [ 104.276082] ? rcu_is_watching+0x19/0xb0 [ 104.276402] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.276763] ? trace_hardirqs_on+0x26/0x120 [ 104.277110] do_group_exit+0xe0/0x2b0 [ 104.277473] __x64_sys_exit_group+0x47/0x50 [ 104.277859] do_syscall_64+0x3b/0x90 [ 104.278165] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.278602] RIP: 0033:0x7f4b87518a4d [ 104.278901] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.279397] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.279993] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.280628] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.281246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.281813] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.282371] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.282978] [ 104.283226] irq event stamp: 0 [ 104.283539] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.284043] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.284704] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.285438] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.286001] ---[ end trace 0000000000000000 ]--- [ 104.290603] ------------[ cut here ]------------ [ 104.291069] WARNING: CPU: 1 PID: 922 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.291873] Modules linked in: [ 104.292130] CPU: 1 PID: 922 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.292873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.293820] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.294226] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.295828] RSP: 0018:ffff88800ff67bb8 EFLAGS: 00010246 [ 104.296255] RAX: 0000000000000000 RBX: ffff88800fb358a8 RCX: 0000000000000000 [ 104.296953] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 104.297513] RBP: ffff88800ff67bd0 R08: ffffed1001f66b33 R09: ffffed1001f66b33 [ 104.298080] R10: ffff88800fb35993 R11: ffffed1001f66b32 R12: ffff88801814a800 [ 104.298781] R13: ffff88800fb359e8 R14: ffffffff8352e670 R15: ffff88800ff67e68 [ 104.299357] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.300020] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.300574] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 104.301148] PKRU: 55555554 [ 104.301379] Call Trace: [ 104.301585] [ 104.301803] __iommufd_access_detach+0x1c2/0x2b0 [ 104.302251] iommufd_access_change_pt+0x149/0x270 [ 104.302664] iommufd_access_replace+0xb4/0x120 [ 104.303041] iommufd_test+0x3e5/0x37e0 [ 104.303364] ? lock_release+0x532/0x770 [ 104.303726] ? __might_fault+0x102/0x1b0 [ 104.304155] ? lock_acquire+0x427/0x4c0 [ 104.304484] ? __pfx_iommufd_test+0x10/0x10 [ 104.304836] ? __pfx_lock_release+0x10/0x10 [ 104.305191] ? __pfx_lock_acquire+0x10/0x10 [ 104.305613] ? write_comp_data+0x2f/0x90 [ 104.306002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.306397] ? write_comp_data+0x2f/0x90 [ 104.306761] iommufd_fops_ioctl+0x37d/0x510 [ 104.307134] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.307563] ? write_comp_data+0x2f/0x90 [ 104.307957] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.308351] __x64_sys_ioctl+0x1a3/0x230 [ 104.308686] do_syscall_64+0x3b/0x90 [ 104.309018] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.309544] RIP: 0033:0x7f4b8743ee5d [ 104.309858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.311513] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.312147] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.312733] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.313437] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.314020] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.314703] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.315371] [ 104.315565] irq event stamp: 0 [ 104.315830] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.316355] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.317176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.317862] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.318458] ---[ end trace 0000000000000000 ]--- [ 104.321480] ------------[ cut here ]------------ [ 104.321972] WARNING: CPU: 1 PID: 922 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.323059] Modules linked in: [ 104.323347] CPU: 1 PID: 922 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.324194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.325116] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.325594] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.327168] RSP: 0018:ffff88800ff67bd0 EFLAGS: 00010246 [ 104.327734] RAX: 0000000000000000 RBX: ffff88800fb358a8 RCX: 0000000000000000 [ 104.328316] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 104.328896] RBP: ffff88800ff67be8 R08: ffffed1001f66b33 R09: ffffed1001f66b33 [ 104.329614] R10: ffff88800fb35993 R11: ffffed1001f66b32 R12: ffff8880189e2800 [ 104.330197] R13: ffff88800fb359e8 R14: ffff8880149b9d00 R15: 0000000000000000 [ 104.330814] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.331615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.332090] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.332678] PKRU: 55555554 [ 104.332954] Call Trace: [ 104.333259] [ 104.333449] iommufd_access_destroy_object+0x65/0x170 [ 104.333879] iommufd_object_destroy_user+0x18e/0x220 [ 104.334303] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.334929] iommufd_access_destroy+0x43/0x70 [ 104.335326] iommufd_test_staccess_release+0x8d/0xd0 [ 104.335765] __fput+0x26d/0xa40 [ 104.336062] ____fput+0x1e/0x30 [ 104.336348] task_work_run+0x1a4/0x2d0 [ 104.336866] ? __pfx_task_work_run+0x10/0x10 [ 104.337391] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.337966] ? switch_task_namespaces+0xa9/0xe0 [ 104.338566] do_exit+0xb17/0x2ef0 [ 104.338982] ? lock_acquire+0x427/0x4c0 [ 104.339613] ? __pfx_lock_release+0x10/0x10 [ 104.340393] ? __kasan_check_write+0x18/0x20 [ 104.340919] ? do_raw_spin_lock+0x132/0x2a0 [ 104.341423] ? __pfx_do_exit+0x10/0x10 [ 104.341891] ? debug_smp_processor_id+0x20/0x30 [ 104.342684] ? rcu_is_watching+0x19/0xb0 [ 104.343307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.343717] ? trace_hardirqs_on+0x26/0x120 [ 104.344093] do_group_exit+0xe0/0x2b0 [ 104.344423] __x64_sys_exit_group+0x47/0x50 [ 104.344950] do_syscall_64+0x3b/0x90 [ 104.345280] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.345728] RIP: 0033:0x7f4b87518a4d [ 104.346047] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.346766] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.347433] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.348041] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.348798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.349408] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.350015] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.350806] [ 104.351015] irq event stamp: 0 [ 104.351311] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.351868] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.352740] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.353466] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.354103] ---[ end trace 0000000000000000 ]--- [ 104.355001] ------------[ cut here ]------------ [ 104.355441] WARNING: CPU: 1 PID: 922 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.356501] Modules linked in: [ 104.356789] CPU: 1 PID: 922 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.357545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.358733] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.359205] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.360991] RSP: 0018:ffff88800ff67b78 EFLAGS: 00010246 [ 104.361458] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.362075] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 104.362884] RBP: ffff88800ff67b98 R08: ffffed1001f66b3e R09: ffffed1001f66b3e [ 104.363524] R10: ffff88800fb359ef R11: ffffed1001f66b3d R12: ffff88800fb35a90 [ 104.364152] R13: ffff88800fb358a8 R14: ffffffffffffffff R15: ffff88800ff67c60 [ 104.364934] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.365639] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.366164] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.366930] PKRU: 55555554 [ 104.367188] Call Trace: [ 104.367413] [ 104.367613] iommufd_ioas_destroy+0x53/0x70 [ 104.368002] iommufd_fops_release+0x1f7/0x370 [ 104.368471] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.368979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.369421] ? write_comp_data+0x2f/0x90 [ 104.369808] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.370341] __fput+0x26d/0xa40 [ 104.370702] ____fput+0x1e/0x30 [ 104.371007] task_work_run+0x1a4/0x2d0 [ 104.371372] ? __pfx_task_work_run+0x10/0x10 [ 104.371767] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.372210] ? switch_task_namespaces+0xa9/0xe0 [ 104.372793] do_exit+0xb17/0x2ef0 [ 104.373101] ? lock_acquire+0x427/0x4c0 [ 104.373460] ? __pfx_lock_release+0x10/0x10 [ 104.373853] ? __kasan_check_write+0x18/0x20 [ 104.374332] ? do_raw_spin_lock+0x132/0x2a0 [ 104.374814] ? __pfx_do_exit+0x10/0x10 [ 104.375184] ? debug_smp_processor_id+0x20/0x30 [ 104.375605] ? rcu_is_watching+0x19/0xb0 [ 104.375969] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.376370] ? trace_hardirqs_on+0x26/0x120 [ 104.376881] do_group_exit+0xe0/0x2b0 [ 104.377220] __x64_sys_exit_group+0x47/0x50 [ 104.377599] do_syscall_64+0x3b/0x90 [ 104.377941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.378576] RIP: 0033:0x7f4b87518a4d [ 104.378911] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.379466] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.380135] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.380925] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.381551] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.382176] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.382947] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.383593] [ 104.383803] irq event stamp: 0 [ 104.384085] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.384788] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.385525] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.386268] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.386989] ---[ end trace 0000000000000000 ]--- [ 104.392260] ------------[ cut here ]------------ [ 104.392721] WARNING: CPU: 1 PID: 923 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.393585] Modules linked in: [ 104.393863] CPU: 1 PID: 923 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.394671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.395660] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.396091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.397662] RSP: 0018:ffff88802464fbb8 EFLAGS: 00010246 [ 104.398123] RAX: 0000000000000000 RBX: ffff88800cb960a8 RCX: 0000000000000000 [ 104.398759] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 104.399388] RBP: ffff88802464fbd0 R08: ffffed1001972c33 R09: ffffed1001972c33 [ 104.400000] R10: ffff88800cb96193 R11: ffffed1001972c32 R12: ffff88801422d800 [ 104.400618] R13: ffff88800cb961e8 R14: ffffffff8352e670 R15: ffff88802464fe68 [ 104.401231] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.401921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.402417] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 104.403053] PKRU: 55555554 [ 104.403321] Call Trace: [ 104.403545] [ 104.403742] __iommufd_access_detach+0x1c2/0x2b0 [ 104.404169] iommufd_access_change_pt+0x149/0x270 [ 104.404598] iommufd_access_replace+0xb4/0x120 [ 104.405010] iommufd_test+0x3e5/0x37e0 [ 104.405369] ? lock_release+0x532/0x770 [ 104.405776] ? __might_fault+0x102/0x1b0 [ 104.406146] ? lock_acquire+0x427/0x4c0 [ 104.406546] ? __pfx_iommufd_test+0x10/0x10 [ 104.406929] ? __pfx_lock_release+0x10/0x10 [ 104.407327] ? __pfx_lock_acquire+0x10/0x10 [ 104.407723] ? write_comp_data+0x2f/0x90 [ 104.408090] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.408521] ? write_comp_data+0x2f/0x90 [ 104.408892] iommufd_fops_ioctl+0x37d/0x510 [ 104.409308] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.409758] ? write_comp_data+0x2f/0x90 [ 104.410131] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.410592] __x64_sys_ioctl+0x1a3/0x230 [ 104.410966] do_syscall_64+0x3b/0x90 [ 104.411329] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.411790] RIP: 0033:0x7f4b8743ee5d [ 104.412117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.413762] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.414427] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.415065] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.415702] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.416315] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.416931] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.417560] [ 104.417765] irq event stamp: 0 [ 104.418039] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.418613] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.419352] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.420072] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.420640] ---[ end trace 0000000000000000 ]--- [ 104.423714] ------------[ cut here ]------------ [ 104.424221] WARNING: CPU: 1 PID: 923 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.425141] Modules linked in: [ 104.425438] CPU: 1 PID: 923 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.426236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.427315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.427783] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.429478] RSP: 0018:ffff88802464fbd0 EFLAGS: 00010246 [ 104.429969] RAX: 0000000000000000 RBX: ffff88800cb960a8 RCX: 0000000000000000 [ 104.430660] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 104.431328] RBP: ffff88802464fbe8 R08: ffffed1001972c33 R09: ffffed1001972c33 [ 104.431983] R10: ffff88800cb96193 R11: ffffed1001972c32 R12: ffff88801814bc00 [ 104.432640] R13: ffff88800cb961e8 R14: ffff888013596c00 R15: 0000000000000000 [ 104.433301] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.434039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.434609] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.435282] PKRU: 55555554 [ 104.435544] Call Trace: [ 104.435783] [ 104.435992] iommufd_access_destroy_object+0x65/0x170 [ 104.436475] iommufd_object_destroy_user+0x18e/0x220 [ 104.436947] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.437489] iommufd_access_destroy+0x43/0x70 [ 104.437920] iommufd_test_staccess_release+0x8d/0xd0 [ 104.438400] __fput+0x26d/0xa40 [ 104.438757] ____fput+0x1e/0x30 [ 104.439074] task_work_run+0x1a4/0x2d0 [ 104.439455] ? __pfx_task_work_run+0x10/0x10 [ 104.439867] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.440320] ? switch_task_namespaces+0xa9/0xe0 [ 104.440761] do_exit+0xb17/0x2ef0 [ 104.441079] ? lock_acquire+0x427/0x4c0 [ 104.441454] ? __pfx_lock_release+0x10/0x10 [ 104.441865] ? __kasan_check_write+0x18/0x20 [ 104.442280] ? do_raw_spin_lock+0x132/0x2a0 [ 104.442710] ? __pfx_do_exit+0x10/0x10 [ 104.443082] ? debug_smp_processor_id+0x20/0x30 [ 104.443531] ? rcu_is_watching+0x19/0xb0 [ 104.443910] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.444334] ? trace_hardirqs_on+0x26/0x120 [ 104.444744] do_group_exit+0xe0/0x2b0 [ 104.445092] __x64_sys_exit_group+0x47/0x50 [ 104.445485] do_syscall_64+0x3b/0x90 [ 104.445834] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.446313] RIP: 0033:0x7f4b87518a4d [ 104.446694] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.447272] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.447967] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.448623] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.449278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.449930] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.450612] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.451327] [ 104.451550] irq event stamp: 0 [ 104.451845] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.452424] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.453199] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.453962] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.454567] ---[ end trace 0000000000000000 ]--- [ 104.455377] ------------[ cut here ]------------ [ 104.455816] WARNING: CPU: 1 PID: 923 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.456780] Modules linked in: [ 104.457081] CPU: 1 PID: 923 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.457883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.458955] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.459458] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.461126] RSP: 0018:ffff88802464fb78 EFLAGS: 00010246 [ 104.461623] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.462318] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 104.463019] RBP: ffff88802464fb98 R08: ffffed1001972c3e R09: ffffed1001972c3e [ 104.463698] R10: ffff88800cb961ef R11: ffffed1001972c3d R12: ffff88800cb96290 [ 104.464361] R13: ffff88800cb960a8 R14: ffffffffffffffff R15: ffff88802464fc60 [ 104.465022] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.465773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.466315] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.467038] PKRU: 55555554 [ 104.467321] Call Trace: [ 104.467567] [ 104.467785] iommufd_ioas_destroy+0x53/0x70 [ 104.468199] iommufd_fops_release+0x1f7/0x370 [ 104.468625] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.469097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.469555] ? write_comp_data+0x2f/0x90 [ 104.469945] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.470421] __fput+0x26d/0xa40 [ 104.470788] ____fput+0x1e/0x30 [ 104.471123] task_work_run+0x1a4/0x2d0 [ 104.471499] ? __pfx_task_work_run+0x10/0x10 [ 104.471920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.472384] ? switch_task_namespaces+0xa9/0xe0 [ 104.472837] do_exit+0xb17/0x2ef0 [ 104.473161] ? lock_acquire+0x427/0x4c0 [ 104.473541] ? __pfx_lock_release+0x10/0x10 [ 104.473952] ? __kasan_check_write+0x18/0x20 [ 104.474365] ? do_raw_spin_lock+0x132/0x2a0 [ 104.474805] ? __pfx_do_exit+0x10/0x10 [ 104.475200] ? debug_smp_processor_id+0x20/0x30 [ 104.475649] ? rcu_is_watching+0x19/0xb0 [ 104.476033] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.476460] ? trace_hardirqs_on+0x26/0x120 [ 104.476873] do_group_exit+0xe0/0x2b0 [ 104.477229] __x64_sys_exit_group+0x47/0x50 [ 104.477628] do_syscall_64+0x3b/0x90 [ 104.477984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.478472] RIP: 0033:0x7f4b87518a4d [ 104.478856] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.479443] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.480156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.480827] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.481505] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.482187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.482902] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.483593] [ 104.483821] irq event stamp: 0 [ 104.484123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.484720] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.485500] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.486278] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.486902] ---[ end trace 0000000000000000 ]--- [ 104.491850] ------------[ cut here ]------------ [ 104.492345] WARNING: CPU: 1 PID: 924 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.493291] Modules linked in: [ 104.493593] CPU: 1 PID: 924 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.494403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.495595] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.496074] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.497782] RSP: 0018:ffff8880180a7bb8 EFLAGS: 00010246 [ 104.498286] RAX: 0000000000000000 RBX: ffff8880219e00a8 RCX: 0000000000000000 [ 104.498983] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 104.499662] RBP: ffff8880180a7bd0 R08: ffffed100433c033 R09: ffffed100433c033 [ 104.500322] R10: ffff8880219e0193 R11: ffffed100433c032 R12: ffff888013e78800 [ 104.500993] R13: ffff8880219e01e8 R14: ffffffff8352e670 R15: ffff8880180a7e68 [ 104.501936] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.502751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.503315] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ee0 [ 104.503988] PKRU: 55555554 [ 104.504261] Call Trace: [ 104.504515] [ 104.504780] __iommufd_access_detach+0x1c2/0x2b0 [ 104.505393] iommufd_access_change_pt+0x149/0x270 [ 104.505875] iommufd_access_replace+0xb4/0x120 [ 104.506312] iommufd_test+0x3e5/0x37e0 [ 104.506704] ? lock_release+0x532/0x770 [ 104.507086] ? __might_fault+0x102/0x1b0 [ 104.507494] ? lock_acquire+0x427/0x4c0 [ 104.508032] ? __pfx_iommufd_test+0x10/0x10 [ 104.508443] ? __pfx_lock_release+0x10/0x10 [ 104.508863] ? __pfx_lock_acquire+0x10/0x10 [ 104.508973] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 104.509292] ? write_comp_data+0x2f/0x90 [ 104.509320] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.512738] ? write_comp_data+0x2f/0x90 [ 104.513150] iommufd_fops_ioctl+0x37d/0x510 [ 104.513584] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.514060] ? write_comp_data+0x2f/0x90 [ 104.514459] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.515099] __x64_sys_ioctl+0x1a3/0x230 [ 104.515668] do_syscall_64+0x3b/0x90 [ 104.515962] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 104.516045] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.518323] RIP: 0033:0x7f4b8743ee5d [ 104.518701] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.520419] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.521145] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.521812] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.522484] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.523202] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.523891] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.524655] [ 104.524910] irq event stamp: 0 [ 104.525308] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.526270] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.527215] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.528085] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.528748] ---[ end trace 0000000000000000 ]--- [ 104.532126] ------------[ cut here ]------------ [ 104.532659] WARNING: CPU: 1 PID: 924 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.533686] Modules linked in: [ 104.534017] CPU: 1 PID: 924 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.535104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.536283] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.536812] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.538780] RSP: 0018:ffff8880180a7bd0 EFLAGS: 00010246 [ 104.539371] RAX: 0000000000000000 RBX: ffff8880219e00a8 RCX: 0000000000000000 [ 104.540100] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 104.540830] RBP: ffff8880180a7be8 R08: ffffed100433c033 R09: ffffed100433c033 [ 104.541569] R10: ffff8880219e0193 R11: ffffed100433c032 R12: ffff88801422f400 [ 104.542313] R13: ffff8880219e01e8 R14: ffff88800bf3bb00 R15: 0000000000000000 [ 104.543081] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.544246] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.545113] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.545868] PKRU: 55555554 [ 104.546170] Call Trace: [ 104.546435] [ 104.546716] iommufd_access_destroy_object+0x65/0x170 [ 104.547282] iommufd_object_destroy_user+0x18e/0x220 [ 104.547836] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.548662] iommufd_access_destroy+0x43/0x70 [ 104.549384] iommufd_test_staccess_release+0x8d/0xd0 [ 104.549944] __fput+0x26d/0xa40 [ 104.550318] ____fput+0x1e/0x30 [ 104.550718] task_work_run+0x1a4/0x2d0 [ 104.551152] ? __pfx_task_work_run+0x10/0x10 [ 104.551627] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.552152] ? switch_task_namespaces+0xa9/0xe0 [ 104.552659] do_exit+0xb17/0x2ef0 [ 104.553024] ? lock_acquire+0x427/0x4c0 [ 104.553447] ? __pfx_lock_release+0x10/0x10 [ 104.553912] ? __kasan_check_write+0x18/0x20 [ 104.554387] ? do_raw_spin_lock+0x132/0x2a0 [ 104.554897] ? __pfx_do_exit+0x10/0x10 [ 104.555478] ? debug_smp_processor_id+0x20/0x30 [ 104.556160] ? rcu_is_watching+0x19/0xb0 [ 104.556621] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.557102] ? trace_hardirqs_on+0x26/0x120 [ 104.557569] do_group_exit+0xe0/0x2b0 [ 104.557981] __x64_sys_exit_group+0x47/0x50 [ 104.558440] do_syscall_64+0x3b/0x90 [ 104.558907] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.559499] RIP: 0033:0x7f4b87518a4d [ 104.559908] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.560777] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.561798] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.562619] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.563412] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.564185] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.565068] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.566185] [ 104.566447] irq event stamp: 0 [ 104.566836] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.567560] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.568451] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.569341] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.570228] ---[ end trace 0000000000000000 ]--- [ 104.590943] ------------[ cut here ]------------ [ 104.591584] WARNING: CPU: 1 PID: 924 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.593047] Modules linked in: [ 104.593393] CPU: 1 PID: 924 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.594320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.595583] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.596296] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.598597] RSP: 0018:ffff8880180a7b78 EFLAGS: 00010246 [ 104.599185] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.599936] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 104.600687] RBP: ffff8880180a7b98 R08: ffffed100433c03e R09: ffffed100433c03e [ 104.601440] R10: ffff8880219e01ef R11: ffffed100433c03d R12: ffff8880219e0290 [ 104.602184] R13: ffff8880219e00a8 R14: ffffffffffffffff R15: ffff8880180a7c60 [ 104.602957] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.603798] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.604394] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 104.605137] PKRU: 55555554 [ 104.605433] Call Trace: [ 104.605702] [ 104.605936] iommufd_ioas_destroy+0x53/0x70 [ 104.606394] iommufd_fops_release+0x1f7/0x370 [ 104.606911] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.607459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.607972] ? write_comp_data+0x2f/0x90 [ 104.608410] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.608935] __fput+0x26d/0xa40 [ 104.609295] ____fput+0x1e/0x30 [ 104.609646] task_work_run+0x1a4/0x2d0 [ 104.610057] ? __pfx_task_work_run+0x10/0x10 [ 104.610545] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.611059] ? switch_task_namespaces+0xa9/0xe0 [ 104.611564] do_exit+0xb17/0x2ef0 [ 104.611930] ? lock_acquire+0x427/0x4c0 [ 104.612358] ? __pfx_lock_release+0x10/0x10 [ 104.612867] ? __kasan_check_write+0x18/0x20 [ 104.613537] ? do_raw_spin_lock+0x132/0x2a0 [ 104.613990] ? __pfx_do_exit+0x10/0x10 [ 104.614407] ? debug_smp_processor_id+0x20/0x30 [ 104.614932] ? rcu_is_watching+0x19/0xb0 [ 104.615380] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.615860] ? trace_hardirqs_on+0x26/0x120 [ 104.616327] do_group_exit+0xe0/0x2b0 [ 104.616737] __x64_sys_exit_group+0x47/0x50 [ 104.617215] do_syscall_64+0x3b/0x90 [ 104.617813] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.618364] RIP: 0033:0x7f4b87518a4d [ 104.618787] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.619441] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.620228] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.620968] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.621700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.622441] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.623243] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.624003] [ 104.624248] irq event stamp: 0 [ 104.624577] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.625231] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.626248] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.627267] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.627930] ---[ end trace 0000000000000000 ]--- [ 104.635193] ------------[ cut here ]------------ [ 104.635943] WARNING: CPU: 1 PID: 926 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.636983] Modules linked in: [ 104.637321] CPU: 1 PID: 926 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.638227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.639663] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.640363] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.642240] RSP: 0018:ffff88802464fbb8 EFLAGS: 00010246 [ 104.642832] RAX: 0000000000000000 RBX: ffff888010b9a8a8 RCX: 0000000000000000 [ 104.643581] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 104.644318] RBP: ffff88802464fbd0 R08: ffffed1002173533 R09: ffffed1002173533 [ 104.645183] R10: ffff888010b9a993 R11: ffffed1002173532 R12: ffff88801890f400 [ 104.646162] R13: ffff888010b9a9e8 R14: ffffffff8352e670 R15: ffff88802464fe68 [ 104.647135] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.647967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.648564] CR2: 00007f4b877410e8 CR3: 0000000016496000 CR4: 0000000000750ee0 [ 104.649304] PKRU: 55555554 [ 104.649602] Call Trace: [ 104.649867] [ 104.650099] __iommufd_access_detach+0x1c2/0x2b0 [ 104.650792] iommufd_access_change_pt+0x149/0x270 [ 104.651463] iommufd_access_replace+0xb4/0x120 [ 104.651958] iommufd_test+0x3e5/0x37e0 [ 104.652366] ? lock_release+0x532/0x770 [ 104.652796] ? __might_fault+0x102/0x1b0 [ 104.653227] ? lock_acquire+0x427/0x4c0 [ 104.653658] ? __pfx_iommufd_test+0x10/0x10 [ 104.654112] ? __pfx_lock_release+0x10/0x10 [ 104.654622] ? __pfx_lock_acquire+0x10/0x10 [ 104.655097] ? write_comp_data+0x2f/0x90 [ 104.655696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.656383] ? write_comp_data+0x2f/0x90 [ 104.656995] iommufd_fops_ioctl+0x37d/0x510 [ 104.657454] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.657965] ? write_comp_data+0x2f/0x90 [ 104.658400] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.658972] __x64_sys_ioctl+0x1a3/0x230 [ 104.659435] do_syscall_64+0x3b/0x90 [ 104.659842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.660394] RIP: 0033:0x7f4b8743ee5d [ 104.660859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.663121] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.663928] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.664656] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.665468] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.666457] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.667467] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.668219] [ 104.668462] irq event stamp: 0 [ 104.668792] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.669456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.670367] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.671606] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.672258] ---[ end trace 0000000000000000 ]--- [ 104.675745] ------------[ cut here ]------------ [ 104.676297] WARNING: CPU: 1 PID: 926 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.677346] Modules linked in: [ 104.677684] CPU: 1 PID: 926 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.678787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.680146] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.680677] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.682880] RSP: 0018:ffff88802464fbd0 EFLAGS: 00010246 [ 104.683461] RAX: 0000000000000000 RBX: ffff888010b9a8a8 RCX: 0000000000000000 [ 104.684254] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 104.685106] RBP: ffff88802464fbe8 R08: ffffed1002173533 R09: ffffed1002173533 [ 104.685844] R10: ffff888010b9a993 R11: ffffed1002173532 R12: ffff888013e7ac00 [ 104.686808] R13: ffff888010b9a9e8 R14: ffff888013647600 R15: 0000000000000000 [ 104.687568] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.688432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.689205] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 104.689950] PKRU: 55555554 [ 104.690248] Call Trace: [ 104.690620] [ 104.690943] iommufd_access_destroy_object+0x65/0x170 [ 104.691505] iommufd_object_destroy_user+0x18e/0x220 [ 104.692034] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.692638] iommufd_access_destroy+0x43/0x70 [ 104.693334] iommufd_test_staccess_release+0x8d/0xd0 [ 104.693882] __fput+0x26d/0xa40 [ 104.694261] ____fput+0x1e/0x30 [ 104.694657] task_work_run+0x1a4/0x2d0 [ 104.695120] ? __pfx_task_work_run+0x10/0x10 [ 104.695741] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.696256] ? switch_task_namespaces+0xa9/0xe0 [ 104.696757] do_exit+0xb17/0x2ef0 [ 104.697153] ? lock_acquire+0x427/0x4c0 [ 104.697726] ? __pfx_lock_release+0x10/0x10 [ 104.698185] ? __kasan_check_write+0x18/0x20 [ 104.698686] ? do_raw_spin_lock+0x132/0x2a0 [ 104.699159] ? __pfx_do_exit+0x10/0x10 [ 104.699698] ? debug_smp_processor_id+0x20/0x30 [ 104.700300] ? rcu_is_watching+0x19/0xb0 [ 104.700745] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.701243] ? trace_hardirqs_on+0x26/0x120 [ 104.701820] do_group_exit+0xe0/0x2b0 [ 104.702314] __x64_sys_exit_group+0x47/0x50 [ 104.702805] do_syscall_64+0x3b/0x90 [ 104.703230] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.703791] RIP: 0033:0x7f4b87518a4d [ 104.704306] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.705062] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.705859] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.706852] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.707604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.708346] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.709097] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.709850] [ 104.710098] irq event stamp: 0 [ 104.710423] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.711201] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.712079] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.712956] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.713618] ---[ end trace 0000000000000000 ]--- [ 104.714722] ------------[ cut here ]------------ [ 104.715260] WARNING: CPU: 1 PID: 926 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.716333] Modules linked in: [ 104.716681] CPU: 1 PID: 926 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.717592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.718820] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.719377] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.721273] RSP: 0018:ffff88802464fb78 EFLAGS: 00010246 [ 104.721841] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.722613] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 104.723364] RBP: ffff88802464fb98 R08: ffffed100217353e R09: ffffed100217353e [ 104.724108] R10: ffff888010b9a9ef R11: ffffed100217353d R12: ffff888010b9aa90 [ 104.724842] R13: ffff888010b9a8a8 R14: ffffffffffffffff R15: ffff88802464fc60 [ 104.725591] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.726405] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.727036] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 104.727789] PKRU: 55555554 [ 104.728082] Call Trace: [ 104.728344] [ 104.728582] iommufd_ioas_destroy+0x53/0x70 [ 104.729038] iommufd_fops_release+0x1f7/0x370 [ 104.729508] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.730019] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.730563] ? write_comp_data+0x2f/0x90 [ 104.730989] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.731513] __fput+0x26d/0xa40 [ 104.731869] ____fput+0x1e/0x30 [ 104.732221] task_work_run+0x1a4/0x2d0 [ 104.732632] ? __pfx_task_work_run+0x10/0x10 [ 104.733090] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.733601] ? switch_task_namespaces+0xa9/0xe0 [ 104.734086] do_exit+0xb17/0x2ef0 [ 104.734438] ? lock_acquire+0x427/0x4c0 [ 104.734892] ? __pfx_lock_release+0x10/0x10 [ 104.735355] ? __kasan_check_write+0x18/0x20 [ 104.735810] ? do_raw_spin_lock+0x132/0x2a0 [ 104.736248] ? __pfx_do_exit+0x10/0x10 [ 104.736648] ? debug_smp_processor_id+0x20/0x30 [ 104.737128] ? rcu_is_watching+0x19/0xb0 [ 104.737541] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.738004] ? trace_hardirqs_on+0x26/0x120 [ 104.738448] do_group_exit+0xe0/0x2b0 [ 104.738865] __x64_sys_exit_group+0x47/0x50 [ 104.739319] do_syscall_64+0x3b/0x90 [ 104.739708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.740242] RIP: 0033:0x7f4b87518a4d [ 104.740616] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.741237] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.742003] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.742746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.743485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.744207] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.744927] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.745656] [ 104.745890] irq event stamp: 0 [ 104.746231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.746854] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.747645] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.748409] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.748992] ---[ end trace 0000000000000000 ]--- [ 104.753158] ------------[ cut here ]------------ [ 104.753646] WARNING: CPU: 1 PID: 927 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.754624] Modules linked in: [ 104.754926] CPU: 1 PID: 927 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.755743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.756781] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.757238] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.758938] RSP: 0018:ffff88801596fbb8 EFLAGS: 00010246 [ 104.759443] RAX: 0000000000000000 RBX: ffff8880147010a8 RCX: 0000000000000000 [ 104.760112] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 104.760887] RBP: ffff88801596fbd0 R08: ffffed10028e0233 R09: ffffed10028e0233 [ 104.761548] R10: ffff888014701193 R11: ffffed10028e0232 R12: ffff8880189e0c00 [ 104.762216] R13: ffff8880147011e8 R14: ffffffff8352e670 R15: ffff88801596fe68 [ 104.762903] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.763672] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.764210] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 104.764872] PKRU: 55555554 [ 104.765140] Call Trace: [ 104.765378] [ 104.765590] __iommufd_access_detach+0x1c2/0x2b0 [ 104.766052] iommufd_access_change_pt+0x149/0x270 [ 104.766531] iommufd_access_replace+0xb4/0x120 [ 104.766969] iommufd_test+0x3e5/0x37e0 [ 104.767345] ? lock_release+0x532/0x770 [ 104.767728] ? __might_fault+0x102/0x1b0 [ 104.768114] ? lock_acquire+0x427/0x4c0 [ 104.768490] ? __pfx_iommufd_test+0x10/0x10 [ 104.768893] ? __pfx_lock_release+0x10/0x10 [ 104.769305] ? __pfx_lock_acquire+0x10/0x10 [ 104.769713] ? write_comp_data+0x2f/0x90 [ 104.770105] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.770584] ? write_comp_data+0x2f/0x90 [ 104.770969] iommufd_fops_ioctl+0x37d/0x510 [ 104.771378] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.771826] ? write_comp_data+0x2f/0x90 [ 104.772206] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.772651] __x64_sys_ioctl+0x1a3/0x230 [ 104.773032] do_syscall_64+0x3b/0x90 [ 104.773384] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.773866] RIP: 0033:0x7f4b8743ee5d [ 104.774208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.775910] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.776606] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.777248] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.777867] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.778479] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.779127] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.779758] [ 104.779962] irq event stamp: 0 [ 104.780235] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.780777] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.781498] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.782216] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.782776] ---[ end trace 0000000000000000 ]--- [ 104.785693] ------------[ cut here ]------------ [ 104.786124] WARNING: CPU: 1 PID: 927 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.787021] Modules linked in: [ 104.787318] CPU: 1 PID: 927 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.788058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.789025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.789459] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.791037] RSP: 0018:ffff88801596fbd0 EFLAGS: 00010246 [ 104.791504] RAX: 0000000000000000 RBX: ffff8880147010a8 RCX: 0000000000000000 [ 104.792118] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 104.792731] RBP: ffff88801596fbe8 R08: ffffed10028e0233 R09: ffffed10028e0233 [ 104.793343] R10: ffff888014701193 R11: ffffed10028e0232 R12: ffff88801890d000 [ 104.793954] R13: ffff8880147011e8 R14: ffff88800f8add00 R15: 0000000000000000 [ 104.794582] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.795286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.795789] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.796402] PKRU: 55555554 [ 104.796651] Call Trace: [ 104.796872] [ 104.797070] iommufd_access_destroy_object+0x65/0x170 [ 104.797521] iommufd_object_destroy_user+0x18e/0x220 [ 104.797966] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.798474] iommufd_access_destroy+0x43/0x70 [ 104.798892] iommufd_test_staccess_release+0x8d/0xd0 [ 104.799349] __fput+0x26d/0xa40 [ 104.799651] ____fput+0x1e/0x30 [ 104.799947] task_work_run+0x1a4/0x2d0 [ 104.800295] ? __pfx_task_work_run+0x10/0x10 [ 104.800685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.801114] ? switch_task_namespaces+0xa9/0xe0 [ 104.801530] do_exit+0xb17/0x2ef0 [ 104.801824] ? lock_acquire+0x427/0x4c0 [ 104.802166] ? __pfx_lock_release+0x10/0x10 [ 104.802556] ? __kasan_check_write+0x18/0x20 [ 104.802930] ? do_raw_spin_lock+0x132/0x2a0 [ 104.803301] ? __pfx_do_exit+0x10/0x10 [ 104.803631] ? debug_smp_processor_id+0x20/0x30 [ 104.804019] ? rcu_is_watching+0x19/0xb0 [ 104.804362] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.804745] ? trace_hardirqs_on+0x26/0x120 [ 104.805110] do_group_exit+0xe0/0x2b0 [ 104.805426] __x64_sys_exit_group+0x47/0x50 [ 104.805782] do_syscall_64+0x3b/0x90 [ 104.806096] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.806563] RIP: 0033:0x7f4b87518a4d [ 104.806878] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.807389] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.808014] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.808603] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.809184] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.809764] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.810349] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.810960] [ 104.811176] irq event stamp: 0 [ 104.811439] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.811955] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.812644] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.813326] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.813841] ---[ end trace 0000000000000000 ]--- [ 104.814600] ------------[ cut here ]------------ [ 104.814995] WARNING: CPU: 1 PID: 927 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.815834] Modules linked in: [ 104.816100] CPU: 1 PID: 927 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.816811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.817740] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.818172] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.819711] RSP: 0018:ffff88801596fb78 EFLAGS: 00010246 [ 104.820153] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.820730] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 104.821306] RBP: ffff88801596fb98 R08: ffffed10028e023e R09: ffffed10028e023e [ 104.821889] R10: ffff8880147011ef R11: ffffed10028e023d R12: ffff888014701290 [ 104.822472] R13: ffff8880147010a8 R14: ffffffffffffffff R15: ffff88801596fc60 [ 104.823072] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.823745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.824221] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.824805] PKRU: 55555554 [ 104.825038] Call Trace: [ 104.825248] [ 104.825435] iommufd_ioas_destroy+0x53/0x70 [ 104.825797] iommufd_fops_release+0x1f7/0x370 [ 104.826172] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.826607] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.827019] ? write_comp_data+0x2f/0x90 [ 104.827371] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.827787] __fput+0x26d/0xa40 [ 104.828074] ____fput+0x1e/0x30 [ 104.828354] task_work_run+0x1a4/0x2d0 [ 104.828686] ? __pfx_task_work_run+0x10/0x10 [ 104.829055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.829464] ? switch_task_namespaces+0xa9/0xe0 [ 104.829863] do_exit+0xb17/0x2ef0 [ 104.830150] ? lock_acquire+0x427/0x4c0 [ 104.830486] ? __pfx_lock_release+0x10/0x10 [ 104.830877] ? __kasan_check_write+0x18/0x20 [ 104.831257] ? do_raw_spin_lock+0x132/0x2a0 [ 104.831617] ? __pfx_do_exit+0x10/0x10 [ 104.831946] ? debug_smp_processor_id+0x20/0x30 [ 104.832334] ? rcu_is_watching+0x19/0xb0 [ 104.832672] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.833051] ? trace_hardirqs_on+0x26/0x120 [ 104.833413] do_group_exit+0xe0/0x2b0 [ 104.833727] __x64_sys_exit_group+0x47/0x50 [ 104.834081] do_syscall_64+0x3b/0x90 [ 104.834397] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.834858] RIP: 0033:0x7f4b87518a4d [ 104.835184] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.835696] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.836326] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.836923] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.837507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.838097] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.838719] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.839326] [ 104.839524] irq event stamp: 0 [ 104.839785] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.840301] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.840983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.841663] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.842177] ---[ end trace 0000000000000000 ]--- [ 104.847006] ------------[ cut here ]------------ [ 104.847432] WARNING: CPU: 1 PID: 928 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.848229] Modules linked in: [ 104.848486] CPU: 1 PID: 928 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.849171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.850058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.850454] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.852113] RSP: 0018:ffff888015b7fbb8 EFLAGS: 00010246 [ 104.852537] RAX: 0000000000000000 RBX: ffff88801665d0a8 RCX: 0000000000000000 [ 104.853097] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 104.853648] RBP: ffff888015b7fbd0 R08: ffffed1002ccba33 R09: ffffed1002ccba33 [ 104.854203] R10: ffff88801665d193 R11: ffffed1002ccba32 R12: ffff88801892dc00 [ 104.854777] R13: ffff88801665d1e8 R14: ffffffff8352e670 R15: ffff888015b7fe68 [ 104.855332] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.855960] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.856410] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ee0 [ 104.856959] PKRU: 55555554 [ 104.857177] Call Trace: [ 104.857374] [ 104.857551] __iommufd_access_detach+0x1c2/0x2b0 [ 104.857932] iommufd_access_change_pt+0x149/0x270 [ 104.858314] iommufd_access_replace+0xb4/0x120 [ 104.858701] iommufd_test+0x3e5/0x37e0 [ 104.859006] ? lock_release+0x532/0x770 [ 104.859333] ? __might_fault+0x102/0x1b0 [ 104.859660] ? lock_acquire+0x427/0x4c0 [ 104.859977] ? __pfx_iommufd_test+0x10/0x10 [ 104.860310] ? __pfx_lock_release+0x10/0x10 [ 104.860655] ? __pfx_lock_acquire+0x10/0x10 [ 104.861066] ? write_comp_data+0x2f/0x90 [ 104.861392] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.861773] ? write_comp_data+0x2f/0x90 [ 104.862098] iommufd_fops_ioctl+0x37d/0x510 [ 104.862440] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.862848] ? write_comp_data+0x2f/0x90 [ 104.863186] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.863567] __x64_sys_ioctl+0x1a3/0x230 [ 104.863897] do_syscall_64+0x3b/0x90 [ 104.864198] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.864611] RIP: 0033:0x7f4b8743ee5d [ 104.864903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.866313] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.866927] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.867484] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.868040] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.868593] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.869145] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.869711] [ 104.869897] irq event stamp: 0 [ 104.870143] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.870663] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.871321] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.871966] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.872456] ---[ end trace 0000000000000000 ]--- [ 104.875226] ------------[ cut here ]------------ [ 104.875621] WARNING: CPU: 1 PID: 928 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.876398] Modules linked in: [ 104.876648] CPU: 1 PID: 928 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.877314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.878176] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.878585] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.879997] RSP: 0018:ffff888015b7fbd0 EFLAGS: 00010246 [ 104.880409] RAX: 0000000000000000 RBX: ffff88801665d0a8 RCX: 0000000000000000 [ 104.880961] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 104.881509] RBP: ffff888015b7fbe8 R08: ffffed1002ccba33 R09: ffffed1002ccba33 [ 104.882056] R10: ffff88801665d193 R11: ffffed1002ccba32 R12: ffff8880189e2400 [ 104.882627] R13: ffff88801665d1e8 R14: ffff888020987300 R15: 0000000000000000 [ 104.883184] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.883804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.884251] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.884800] PKRU: 55555554 [ 104.885021] Call Trace: [ 104.885221] [ 104.885398] iommufd_access_destroy_object+0x65/0x170 [ 104.885812] iommufd_object_destroy_user+0x18e/0x220 [ 104.886210] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.886697] iommufd_access_destroy+0x43/0x70 [ 104.887061] iommufd_test_staccess_release+0x8d/0xd0 [ 104.887478] __fput+0x26d/0xa40 [ 104.887753] ____fput+0x1e/0x30 [ 104.888026] task_work_run+0x1a4/0x2d0 [ 104.888338] ? __pfx_task_work_run+0x10/0x10 [ 104.888687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.889075] ? switch_task_namespaces+0xa9/0xe0 [ 104.889447] do_exit+0xb17/0x2ef0 [ 104.889719] ? lock_acquire+0x427/0x4c0 [ 104.890037] ? __pfx_lock_release+0x10/0x10 [ 104.890378] ? __kasan_check_write+0x18/0x20 [ 104.890753] ? do_raw_spin_lock+0x132/0x2a0 [ 104.891092] ? __pfx_do_exit+0x10/0x10 [ 104.891413] ? debug_smp_processor_id+0x20/0x30 [ 104.891783] ? rcu_is_watching+0x19/0xb0 [ 104.892105] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.892466] ? trace_hardirqs_on+0x26/0x120 [ 104.892812] do_group_exit+0xe0/0x2b0 [ 104.893113] __x64_sys_exit_group+0x47/0x50 [ 104.893448] do_syscall_64+0x3b/0x90 [ 104.893745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.894156] RIP: 0033:0x7f4b87518a4d [ 104.894446] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.894950] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.895553] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.896106] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.896657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.897206] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.897756] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.898311] [ 104.898495] irq event stamp: 0 [ 104.898792] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.899292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.899944] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.900590] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.901081] ---[ end trace 0000000000000000 ]--- [ 104.901768] ------------[ cut here ]------------ [ 104.902139] WARNING: CPU: 1 PID: 928 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.902944] Modules linked in: [ 104.903204] CPU: 1 PID: 928 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.903874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.904747] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.905152] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.906576] RSP: 0018:ffff888015b7fb78 EFLAGS: 00010246 [ 104.906989] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.907547] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 104.908095] RBP: ffff888015b7fb98 R08: ffffed1002ccba3e R09: ffffed1002ccba3e [ 104.908644] R10: ffff88801665d1ef R11: ffffed1002ccba3d R12: ffff88801665d290 [ 104.909197] R13: ffff88801665d0a8 R14: ffffffffffffffff R15: ffff888015b7fc60 [ 104.909753] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.910377] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.910849] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.911413] PKRU: 55555554 [ 104.911635] Call Trace: [ 104.911834] [ 104.912012] iommufd_ioas_destroy+0x53/0x70 [ 104.912354] iommufd_fops_release+0x1f7/0x370 [ 104.912712] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.913105] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.913498] ? write_comp_data+0x2f/0x90 [ 104.913821] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.914213] __fput+0x26d/0xa40 [ 104.914486] ____fput+0x1e/0x30 [ 104.914777] task_work_run+0x1a4/0x2d0 [ 104.915091] ? __pfx_task_work_run+0x10/0x10 [ 104.915448] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.915834] ? switch_task_namespaces+0xa9/0xe0 [ 104.916208] do_exit+0xb17/0x2ef0 [ 104.916480] ? lock_acquire+0x427/0x4c0 [ 104.916799] ? __pfx_lock_release+0x10/0x10 [ 104.917143] ? __kasan_check_write+0x18/0x20 [ 104.917492] ? do_raw_spin_lock+0x132/0x2a0 [ 104.917832] ? __pfx_do_exit+0x10/0x10 [ 104.918144] ? debug_smp_processor_id+0x20/0x30 [ 104.918533] ? rcu_is_watching+0x19/0xb0 [ 104.918857] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.919228] ? trace_hardirqs_on+0x26/0x120 [ 104.919576] do_group_exit+0xe0/0x2b0 [ 104.919882] __x64_sys_exit_group+0x47/0x50 [ 104.920221] do_syscall_64+0x3b/0x90 [ 104.920523] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.920936] RIP: 0033:0x7f4b87518a4d [ 104.921228] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.921702] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.922291] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.922870] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.923437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.923986] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.924536] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.925093] [ 104.925275] irq event stamp: 0 [ 104.925520] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.926005] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.926672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.927328] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.927815] ---[ end trace 0000000000000000 ]--- [ 104.932917] ------------[ cut here ]------------ [ 104.933323] WARNING: CPU: 1 PID: 929 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.934095] Modules linked in: [ 104.934345] CPU: 1 PID: 929 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.935073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.935958] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.936345] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.937744] RSP: 0018:ffff888015c0fbb8 EFLAGS: 00010246 [ 104.938155] RAX: 0000000000000000 RBX: ffff888013aa28a8 RCX: 0000000000000000 [ 104.938723] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 104.939278] RBP: ffff888015c0fbd0 R08: ffffed1002754533 R09: ffffed1002754533 [ 104.939828] R10: ffff888013aa2993 R11: ffffed1002754532 R12: ffff888013c8f000 [ 104.940374] R13: ffff888013aa29e8 R14: ffffffff8352e670 R15: ffff888015c0fe68 [ 104.940922] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.941541] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.941988] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 104.942568] PKRU: 55555554 [ 104.942790] Call Trace: [ 104.942989] [ 104.943176] __iommufd_access_detach+0x1c2/0x2b0 [ 104.943561] iommufd_access_change_pt+0x149/0x270 [ 104.943947] iommufd_access_replace+0xb4/0x120 [ 104.944324] iommufd_test+0x3e5/0x37e0 [ 104.944631] ? lock_release+0x532/0x770 [ 104.944951] ? __might_fault+0x102/0x1b0 [ 104.945272] ? lock_acquire+0x427/0x4c0 [ 104.945601] ? __pfx_iommufd_test+0x10/0x10 [ 104.945936] ? __pfx_lock_release+0x10/0x10 [ 104.946278] ? __pfx_lock_acquire+0x10/0x10 [ 104.946646] ? write_comp_data+0x2f/0x90 [ 104.946977] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.947368] ? write_comp_data+0x2f/0x90 [ 104.947692] iommufd_fops_ioctl+0x37d/0x510 [ 104.948033] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.948419] ? write_comp_data+0x2f/0x90 [ 104.948744] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 104.949121] __x64_sys_ioctl+0x1a3/0x230 [ 104.949447] do_syscall_64+0x3b/0x90 [ 104.949745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.950153] RIP: 0033:0x7f4b8743ee5d [ 104.950440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 104.951876] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 104.952462] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 104.953010] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 104.953558] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 104.954107] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 104.954678] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 104.955242] [ 104.955440] irq event stamp: 0 [ 104.955684] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.956173] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.956819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.957459] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.957947] ---[ end trace 0000000000000000 ]--- [ 104.960740] ------------[ cut here ]------------ [ 104.961139] WARNING: CPU: 1 PID: 929 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 104.961918] Modules linked in: [ 104.962170] CPU: 1 PID: 929 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.962865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.963746] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 104.964134] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 104.965537] RSP: 0018:ffff888015c0fbd0 EFLAGS: 00010246 [ 104.965950] RAX: 0000000000000000 RBX: ffff888013aa28a8 RCX: 0000000000000000 [ 104.966499] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 104.967077] RBP: ffff888015c0fbe8 R08: ffffed1002754533 R09: ffffed1002754533 [ 104.967635] R10: ffff888013aa2993 R11: ffffed1002754532 R12: ffff88801892cc00 [ 104.968184] R13: ffff888013aa29e8 R14: ffff88800f210100 R15: 0000000000000000 [ 104.968732] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.969354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.969804] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.970353] PKRU: 55555554 [ 104.970598] Call Trace: [ 104.970800] [ 104.970977] iommufd_access_destroy_object+0x65/0x170 [ 104.971390] iommufd_object_destroy_user+0x18e/0x220 [ 104.971794] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 104.972251] iommufd_access_destroy+0x43/0x70 [ 104.972609] iommufd_test_staccess_release+0x8d/0xd0 [ 104.973014] __fput+0x26d/0xa40 [ 104.973287] ____fput+0x1e/0x30 [ 104.973552] task_work_run+0x1a4/0x2d0 [ 104.973866] ? __pfx_task_work_run+0x10/0x10 [ 104.974216] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.974627] ? switch_task_namespaces+0xa9/0xe0 [ 104.975002] do_exit+0xb17/0x2ef0 [ 104.975285] ? lock_acquire+0x427/0x4c0 [ 104.975611] ? __pfx_lock_release+0x10/0x10 [ 104.975960] ? __kasan_check_write+0x18/0x20 [ 104.976307] ? do_raw_spin_lock+0x132/0x2a0 [ 104.976648] ? __pfx_do_exit+0x10/0x10 [ 104.976964] ? debug_smp_processor_id+0x20/0x30 [ 104.977331] ? rcu_is_watching+0x19/0xb0 [ 104.977651] ? _raw_spin_unlock_irq+0x2b/0x60 [ 104.978010] ? trace_hardirqs_on+0x26/0x120 [ 104.978355] do_group_exit+0xe0/0x2b0 [ 104.978677] __x64_sys_exit_group+0x47/0x50 [ 104.979016] do_syscall_64+0x3b/0x90 [ 104.979327] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 104.979740] RIP: 0033:0x7f4b87518a4d [ 104.980039] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 104.980520] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 104.981108] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 104.981656] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 104.982204] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 104.982781] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 104.983347] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 104.983906] [ 104.984087] irq event stamp: 0 [ 104.984331] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 104.984820] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 104.985467] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 104.986115] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 104.986636] ---[ end trace 0000000000000000 ]--- [ 104.987336] ------------[ cut here ]------------ [ 104.987710] WARNING: CPU: 1 PID: 929 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 104.988493] Modules linked in: [ 104.988746] CPU: 1 PID: 929 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 104.989411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 104.990277] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 104.990703] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 104.992120] RSP: 0018:ffff888015c0fb78 EFLAGS: 00010246 [ 104.992533] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 104.993081] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 104.993632] RBP: ffff888015c0fb98 R08: ffffed100275453e R09: ffffed100275453e [ 104.994184] R10: ffff888013aa29ef R11: ffffed100275453d R12: ffff888013aa2a90 [ 104.994758] R13: ffff888013aa28a8 R14: ffffffffffffffff R15: ffff888015c0fc60 [ 104.995322] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 104.995942] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.996394] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 104.996944] PKRU: 55555554 [ 104.997163] Call Trace: [ 104.997361] [ 104.997538] iommufd_ioas_destroy+0x53/0x70 [ 104.997881] iommufd_fops_release+0x1f7/0x370 [ 104.998238] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.998652] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 104.999040] ? write_comp_data+0x2f/0x90 [ 104.999375] ? __pfx_iommufd_fops_release+0x10/0x10 [ 104.999767] __fput+0x26d/0xa40 [ 105.000046] ____fput+0x1e/0x30 [ 105.000314] task_work_run+0x1a4/0x2d0 [ 105.000622] ? __pfx_task_work_run+0x10/0x10 [ 105.000971] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.001356] ? switch_task_namespaces+0xa9/0xe0 [ 105.001728] do_exit+0xb17/0x2ef0 [ 105.002000] ? lock_acquire+0x427/0x4c0 [ 105.002319] ? __pfx_lock_release+0x10/0x10 [ 105.002686] ? __kasan_check_write+0x18/0x20 [ 105.003038] ? do_raw_spin_lock+0x132/0x2a0 [ 105.003385] ? __pfx_do_exit+0x10/0x10 [ 105.003699] ? debug_smp_processor_id+0x20/0x30 [ 105.004069] ? rcu_is_watching+0x19/0xb0 [ 105.004387] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.004746] ? trace_hardirqs_on+0x26/0x120 [ 105.005092] do_group_exit+0xe0/0x2b0 [ 105.005391] __x64_sys_exit_group+0x47/0x50 [ 105.005726] do_syscall_64+0x3b/0x90 [ 105.006026] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.006436] RIP: 0033:0x7f4b87518a4d [ 105.006756] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.007244] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.007836] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.008387] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.008937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.009487] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.010039] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.010620] [ 105.010806] irq event stamp: 0 [ 105.011051] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.011547] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.012196] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.012838] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.013323] ---[ end trace 0000000000000000 ]--- [ 105.019637] ------------[ cut here ]------------ [ 105.020050] WARNING: CPU: 0 PID: 930 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.020832] Modules linked in: [ 105.021078] CPU: 0 PID: 930 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.021747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.022993] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.023524] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.025024] RSP: 0018:ffff88801596fbb8 EFLAGS: 00010246 [ 105.025438] RAX: 0000000000000000 RBX: ffff8880148030a8 RCX: 0000000000000000 [ 105.025993] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 105.026571] RBP: ffff88801596fbd0 R08: ffffed1002900633 R09: ffffed1002900633 [ 105.027258] R10: ffff888014803193 R11: ffffed1002900632 R12: ffff888017ba0400 [ 105.027811] R13: ffff8880148031e8 R14: ffffffff8352e670 R15: ffff88801596fe68 [ 105.028374] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.028999] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.029460] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ef0 [ 105.030014] PKRU: 55555554 [ 105.030234] Call Trace: [ 105.030442] [ 105.030652] __iommufd_access_detach+0x1c2/0x2b0 [ 105.031145] iommufd_access_change_pt+0x149/0x270 [ 105.031543] iommufd_access_replace+0xb4/0x120 [ 105.031911] iommufd_test+0x3e5/0x37e0 [ 105.032238] ? lock_release+0x532/0x770 [ 105.032570] ? __might_fault+0x102/0x1b0 [ 105.032897] ? lock_acquire+0x427/0x4c0 [ 105.033225] ? __pfx_iommufd_test+0x10/0x10 [ 105.033569] ? __pfx_lock_release+0x10/0x10 [ 105.033918] ? __pfx_lock_acquire+0x10/0x10 [ 105.034278] ? write_comp_data+0x2f/0x90 [ 105.034643] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.035138] ? write_comp_data+0x2f/0x90 [ 105.035472] iommufd_fops_ioctl+0x37d/0x510 [ 105.035828] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.036215] ? write_comp_data+0x2f/0x90 [ 105.036545] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.036934] __x64_sys_ioctl+0x1a3/0x230 [ 105.037264] do_syscall_64+0x3b/0x90 [ 105.037566] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.037986] RIP: 0033:0x7f4b8743ee5d [ 105.038279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.039738] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.040456] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.041017] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.041581] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.042133] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.042725] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.043357] [ 105.043555] irq event stamp: 0 [ 105.043804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.044301] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.044962] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.045609] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.046103] ---[ end trace 0000000000000000 ]--- [ 105.049112] ------------[ cut here ]------------ [ 105.049500] WARNING: CPU: 0 PID: 930 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.050279] Modules linked in: [ 105.050563] CPU: 0 PID: 930 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.051295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.052160] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.052556] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.053962] RSP: 0018:ffff88801596fbd0 EFLAGS: 00010246 [ 105.054376] RAX: 0000000000000000 RBX: ffff8880148030a8 RCX: 0000000000000000 [ 105.054970] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 105.055603] RBP: ffff88801596fbe8 R08: ffffed1002900633 R09: ffffed1002900633 [ 105.056175] R10: ffff888014803193 R11: ffffed1002900632 R12: ffff888010c08400 [ 105.056731] R13: ffff8880148031e8 R14: ffff88800b95f900 R15: 0000000000000000 [ 105.057275] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.057898] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.058345] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.058954] PKRU: 55555554 [ 105.059285] Call Trace: [ 105.059489] [ 105.059668] iommufd_access_destroy_object+0x65/0x170 [ 105.060074] iommufd_object_destroy_user+0x18e/0x220 [ 105.060472] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 105.060923] iommufd_access_destroy+0x43/0x70 [ 105.061281] iommufd_test_staccess_release+0x8d/0xd0 [ 105.061680] __fput+0x26d/0xa40 [ 105.061949] ____fput+0x1e/0x30 [ 105.062212] task_work_run+0x1a4/0x2d0 [ 105.062556] ? __pfx_task_work_run+0x10/0x10 [ 105.062907] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.063298] ? switch_task_namespaces+0xa9/0xe0 [ 105.063672] do_exit+0xb17/0x2ef0 [ 105.063946] ? lock_acquire+0x427/0x4c0 [ 105.064262] ? __pfx_lock_release+0x10/0x10 [ 105.064606] ? __kasan_check_write+0x18/0x20 [ 105.064951] ? do_raw_spin_lock+0x132/0x2a0 [ 105.065285] ? __pfx_do_exit+0x10/0x10 [ 105.065594] ? debug_smp_processor_id+0x20/0x30 [ 105.065962] ? rcu_is_watching+0x19/0xb0 [ 105.066281] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.066653] ? trace_hardirqs_on+0x26/0x120 [ 105.067001] do_group_exit+0xe0/0x2b0 [ 105.067312] __x64_sys_exit_group+0x47/0x50 [ 105.067645] do_syscall_64+0x3b/0x90 [ 105.067946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.068356] RIP: 0033:0x7f4b87518a4d [ 105.068644] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.069118] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.069702] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.070248] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.070815] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.071374] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.071925] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.072483] [ 105.072665] irq event stamp: 0 [ 105.072910] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.073395] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.074046] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.074710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.075210] ---[ end trace 0000000000000000 ]--- [ 105.075929] ------------[ cut here ]------------ [ 105.076294] WARNING: CPU: 0 PID: 930 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 105.077079] Modules linked in: [ 105.077328] CPU: 0 PID: 930 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.078000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.078911] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 105.079322] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 105.080730] RSP: 0018:ffff88801596fb78 EFLAGS: 00010246 [ 105.081145] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 105.081691] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 105.082243] RBP: ffff88801596fb98 R08: ffffed100290063e R09: ffffed100290063e [ 105.082811] R10: ffff8880148031ef R11: ffffed100290063d R12: ffff888014803290 [ 105.083370] R13: ffff8880148030a8 R14: ffffffffffffffff R15: ffff88801596fc60 [ 105.083923] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.084549] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.085051] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.085604] PKRU: 55555554 [ 105.085824] Call Trace: [ 105.086024] [ 105.086202] iommufd_ioas_destroy+0x53/0x70 [ 105.086561] iommufd_fops_release+0x1f7/0x370 [ 105.086916] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.087315] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.087700] ? write_comp_data+0x2f/0x90 [ 105.088025] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.088413] __fput+0x26d/0xa40 [ 105.088684] ____fput+0x1e/0x30 [ 105.088953] task_work_run+0x1a4/0x2d0 [ 105.089264] ? __pfx_task_work_run+0x10/0x10 [ 105.089616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.090003] ? switch_task_namespaces+0xa9/0xe0 [ 105.090372] do_exit+0xb17/0x2ef0 [ 105.090662] ? lock_acquire+0x427/0x4c0 [ 105.090981] ? __pfx_lock_release+0x10/0x10 [ 105.091335] ? __kasan_check_write+0x18/0x20 [ 105.091679] ? do_raw_spin_lock+0x132/0x2a0 [ 105.092011] ? __pfx_do_exit+0x10/0x10 [ 105.092321] ? debug_smp_processor_id+0x20/0x30 [ 105.092689] ? rcu_is_watching+0x19/0xb0 [ 105.093003] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.093359] ? trace_hardirqs_on+0x26/0x120 [ 105.093698] do_group_exit+0xe0/0x2b0 [ 105.093998] __x64_sys_exit_group+0x47/0x50 [ 105.094329] do_syscall_64+0x3b/0x90 [ 105.094641] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.095050] RIP: 0033:0x7f4b87518a4d [ 105.095350] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.095823] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.096407] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.096949] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.097492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.098040] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.098599] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.099170] [ 105.099350] irq event stamp: 0 [ 105.099592] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.100070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.100708] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.101346] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.101825] ---[ end trace 0000000000000000 ]--- [ 105.105956] ------------[ cut here ]------------ [ 105.106342] WARNING: CPU: 0 PID: 931 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.107198] Modules linked in: [ 105.107447] CPU: 0 PID: 931 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.108105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.108954] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.109330] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.110720] RSP: 0018:ffff888010fbfbb8 EFLAGS: 00010246 [ 105.111135] RAX: 0000000000000000 RBX: ffff888013ae30a8 RCX: 0000000000000000 [ 105.111674] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 105.112215] RBP: ffff888010fbfbd0 R08: ffffed100275c633 R09: ffffed100275c633 [ 105.112759] R10: ffff888013ae3193 R11: ffffed100275c632 R12: ffff8880182c2400 [ 105.113297] R13: ffff888013ae31e8 R14: ffffffff8352e670 R15: ffff888010fbfe68 [ 105.113836] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.114443] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.114895] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ef0 [ 105.115446] PKRU: 55555554 [ 105.115661] Call Trace: [ 105.115857] [ 105.116031] __iommufd_access_detach+0x1c2/0x2b0 [ 105.116402] iommufd_access_change_pt+0x149/0x270 [ 105.116782] iommufd_access_replace+0xb4/0x120 [ 105.117195] iommufd_test+0x3e5/0x37e0 [ 105.117493] ? lock_release+0x532/0x770 [ 105.117806] ? __might_fault+0x102/0x1b0 [ 105.118125] ? lock_acquire+0x427/0x4c0 [ 105.118437] ? __pfx_iommufd_test+0x10/0x10 [ 105.118783] ? __pfx_lock_release+0x10/0x10 [ 105.119130] ? __pfx_lock_acquire+0x10/0x10 [ 105.119474] ? write_comp_data+0x2f/0x90 [ 105.119795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.120172] ? write_comp_data+0x2f/0x90 [ 105.120493] iommufd_fops_ioctl+0x37d/0x510 [ 105.120826] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.121202] ? write_comp_data+0x2f/0x90 [ 105.121522] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.121893] __x64_sys_ioctl+0x1a3/0x230 [ 105.122212] do_syscall_64+0x3b/0x90 [ 105.122523] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.122928] RIP: 0033:0x7f4b8743ee5d [ 105.123220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.124599] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.125177] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.125716] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.126255] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.126808] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.127361] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.127908] [ 105.128086] irq event stamp: 0 [ 105.128328] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.128807] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.129445] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.130077] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.130570] ---[ end trace 0000000000000000 ]--- [ 105.133357] ------------[ cut here ]------------ [ 105.133755] WARNING: CPU: 0 PID: 931 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.134542] Modules linked in: [ 105.134791] CPU: 0 PID: 931 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.135461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.136313] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.136695] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.138078] RSP: 0018:ffff888010fbfbd0 EFLAGS: 00010246 [ 105.138489] RAX: 0000000000000000 RBX: ffff888013ae30a8 RCX: 0000000000000000 [ 105.139048] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 105.139598] RBP: ffff888010fbfbe8 R08: ffffed100275c633 R09: ffffed100275c633 [ 105.140127] R10: ffff888013ae3193 R11: ffffed100275c632 R12: ffff888017ba0000 [ 105.140656] R13: ffff888013ae31e8 R14: ffff8880121a4400 R15: 0000000000000000 [ 105.141182] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.141779] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.142206] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.142748] PKRU: 55555554 [ 105.142959] Call Trace: [ 105.143157] [ 105.143327] iommufd_access_destroy_object+0x65/0x170 [ 105.143720] iommufd_object_destroy_user+0x18e/0x220 [ 105.144103] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 105.144542] iommufd_access_destroy+0x43/0x70 [ 105.144886] iommufd_test_staccess_release+0x8d/0xd0 [ 105.145274] __fput+0x26d/0xa40 [ 105.145535] ____fput+0x1e/0x30 [ 105.145791] task_work_run+0x1a4/0x2d0 [ 105.146093] ? __pfx_task_work_run+0x10/0x10 [ 105.146426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.146813] ? switch_task_namespaces+0xa9/0xe0 [ 105.147177] do_exit+0xb17/0x2ef0 [ 105.147441] ? lock_acquire+0x427/0x4c0 [ 105.147750] ? __pfx_lock_release+0x10/0x10 [ 105.148078] ? __kasan_check_write+0x18/0x20 [ 105.148410] ? do_raw_spin_lock+0x132/0x2a0 [ 105.148733] ? __pfx_do_exit+0x10/0x10 [ 105.149087] ? debug_smp_processor_id+0x20/0x30 [ 105.149441] ? rcu_is_watching+0x19/0xb0 [ 105.149746] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.150088] ? trace_hardirqs_on+0x26/0x120 [ 105.150417] do_group_exit+0xe0/0x2b0 [ 105.150721] __x64_sys_exit_group+0x47/0x50 [ 105.151045] do_syscall_64+0x3b/0x90 [ 105.151339] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.151737] RIP: 0033:0x7f4b87518a4d [ 105.152015] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.152470] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.153034] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.153563] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.154088] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.154641] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.155178] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.155716] [ 105.155890] irq event stamp: 0 [ 105.156125] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.156589] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.157210] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.157826] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.158293] ---[ end trace 0000000000000000 ]--- [ 105.159004] ------------[ cut here ]------------ [ 105.159367] WARNING: CPU: 0 PID: 931 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 105.160119] Modules linked in: [ 105.160359] CPU: 0 PID: 931 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.161004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.161839] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 105.162222] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 105.163614] RSP: 0018:ffff888010fbfb78 EFLAGS: 00010246 [ 105.164013] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 105.164538] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 105.165068] RBP: ffff888010fbfb98 R08: ffffed100275c63e R09: ffffed100275c63e [ 105.165593] R10: ffff888013ae31ef R11: ffffed100275c63d R12: ffff888013ae3290 [ 105.166120] R13: ffff888013ae30a8 R14: ffffffffffffffff R15: ffff888010fbfc60 [ 105.166659] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.167274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.167706] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.168237] PKRU: 55555554 [ 105.168449] Call Trace: [ 105.168639] [ 105.168807] iommufd_ioas_destroy+0x53/0x70 [ 105.169138] iommufd_fops_release+0x1f7/0x370 [ 105.169478] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.169853] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.170229] ? write_comp_data+0x2f/0x90 [ 105.170561] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.170940] __fput+0x26d/0xa40 [ 105.171207] ____fput+0x1e/0x30 [ 105.171468] task_work_run+0x1a4/0x2d0 [ 105.171772] ? __pfx_task_work_run+0x10/0x10 [ 105.172108] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.172474] ? switch_task_namespaces+0xa9/0xe0 [ 105.172832] do_exit+0xb17/0x2ef0 [ 105.173092] ? lock_acquire+0x427/0x4c0 [ 105.173397] ? __pfx_lock_release+0x10/0x10 [ 105.173727] ? __kasan_check_write+0x18/0x20 [ 105.174059] ? do_raw_spin_lock+0x132/0x2a0 [ 105.174382] ? __pfx_do_exit+0x10/0x10 [ 105.174698] ? debug_smp_processor_id+0x20/0x30 [ 105.175050] ? rcu_is_watching+0x19/0xb0 [ 105.175362] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.175712] ? trace_hardirqs_on+0x26/0x120 [ 105.176047] do_group_exit+0xe0/0x2b0 [ 105.176338] __x64_sys_exit_group+0x47/0x50 [ 105.176665] do_syscall_64+0x3b/0x90 [ 105.176955] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.177355] RIP: 0033:0x7f4b87518a4d [ 105.177634] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.178098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.178680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.179217] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.179745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.180268] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.180794] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.181380] [ 105.181556] irq event stamp: 0 [ 105.181788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.182252] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.182887] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.183513] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.183981] ---[ end trace 0000000000000000 ]--- [ 105.187375] ------------[ cut here ]------------ [ 105.187738] WARNING: CPU: 0 PID: 932 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.188472] Modules linked in: [ 105.188705] CPU: 0 PID: 932 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.189331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.190145] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.190685] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.192020] RSP: 0018:ffff8880163ffbb8 EFLAGS: 00010246 [ 105.192406] RAX: 0000000000000000 RBX: ffff888020b200a8 RCX: 0000000000000000 [ 105.192922] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 105.193441] RBP: ffff8880163ffbd0 R08: ffffed1004164033 R09: ffffed1004164033 [ 105.193959] R10: ffff888020b20193 R11: ffffed1004164032 R12: ffff88800efcf800 [ 105.194476] R13: ffff888020b201e8 R14: ffffffff8352e670 R15: ffff8880163ffe68 [ 105.195009] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.195603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.196027] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 105.196548] PKRU: 55555554 [ 105.196757] Call Trace: [ 105.196945] [ 105.197112] __iommufd_access_detach+0x1c2/0x2b0 [ 105.197472] iommufd_access_change_pt+0x149/0x270 [ 105.197842] iommufd_access_replace+0xb4/0x120 [ 105.198190] iommufd_test+0x3e5/0x37e0 [ 105.198479] ? lock_release+0x532/0x770 [ 105.198811] ? __might_fault+0x102/0x1b0 [ 105.199136] ? lock_acquire+0x427/0x4c0 [ 105.199438] ? __pfx_iommufd_test+0x10/0x10 [ 105.199758] ? __pfx_lock_release+0x10/0x10 [ 105.200083] ? __pfx_lock_acquire+0x10/0x10 [ 105.200413] ? write_comp_data+0x2f/0x90 [ 105.200722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.201084] ? write_comp_data+0x2f/0x90 [ 105.201396] iommufd_fops_ioctl+0x37d/0x510 [ 105.201720] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.202082] ? write_comp_data+0x2f/0x90 [ 105.202392] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.202770] __x64_sys_ioctl+0x1a3/0x230 [ 105.203083] do_syscall_64+0x3b/0x90 [ 105.203374] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.203769] RIP: 0033:0x7f4b8743ee5d [ 105.204046] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.205378] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.205932] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.206494] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.207038] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.207565] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.208086] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.208614] [ 105.208787] irq event stamp: 0 [ 105.209022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.209484] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.210099] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.210730] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.211205] ---[ end trace 0000000000000000 ]--- [ 105.213869] ------------[ cut here ]------------ [ 105.214219] WARNING: CPU: 0 PID: 932 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.214977] Modules linked in: [ 105.215226] CPU: 0 PID: 932 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.215858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.216676] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.217045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.218372] RSP: 0018:ffff8880163ffbd0 EFLAGS: 00010246 [ 105.218785] RAX: 0000000000000000 RBX: ffff888020b200a8 RCX: 0000000000000000 [ 105.219313] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 105.219835] RBP: ffff8880163ffbe8 R08: ffffed1004164033 R09: ffffed1004164033 [ 105.220355] R10: ffff888020b20193 R11: ffffed1004164032 R12: ffff8880182c0800 [ 105.220877] R13: ffff888020b201e8 R14: ffff888017060100 R15: 0000000000000000 [ 105.221401] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.221989] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.222415] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.222960] PKRU: 55555554 [ 105.223174] Call Trace: [ 105.223366] [ 105.223536] iommufd_access_destroy_object+0x65/0x170 [ 105.223921] iommufd_object_destroy_user+0x18e/0x220 [ 105.224300] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 105.224730] iommufd_access_destroy+0x43/0x70 [ 105.225070] iommufd_test_staccess_release+0x8d/0xd0 [ 105.225453] __fput+0x26d/0xa40 [ 105.225710] ____fput+0x1e/0x30 [ 105.225961] task_work_run+0x1a4/0x2d0 [ 105.226256] ? __pfx_task_work_run+0x10/0x10 [ 105.226601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.226970] ? switch_task_namespaces+0xa9/0xe0 [ 105.227348] do_exit+0xb17/0x2ef0 [ 105.227611] ? lock_acquire+0x427/0x4c0 [ 105.227915] ? __pfx_lock_release+0x10/0x10 [ 105.228242] ? __kasan_check_write+0x18/0x20 [ 105.228571] ? do_raw_spin_lock+0x132/0x2a0 [ 105.228892] ? __pfx_do_exit+0x10/0x10 [ 105.229189] ? debug_smp_processor_id+0x20/0x30 [ 105.229537] ? rcu_is_watching+0x19/0xb0 [ 105.229840] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.230179] ? trace_hardirqs_on+0x26/0x120 [ 105.230524] do_group_exit+0xe0/0x2b0 [ 105.230812] __x64_sys_exit_group+0x47/0x50 [ 105.231138] do_syscall_64+0x3b/0x90 [ 105.231422] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.231811] RIP: 0033:0x7f4b87518a4d [ 105.232089] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.232540] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.233100] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.233625] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.234146] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.234688] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.235222] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.235756] [ 105.235934] irq event stamp: 0 [ 105.236167] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.236636] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.237263] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.237889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.238358] ---[ end trace 0000000000000000 ]--- [ 105.239045] ------------[ cut here ]------------ [ 105.239406] WARNING: CPU: 0 PID: 932 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 105.240165] Modules linked in: [ 105.240409] CPU: 0 PID: 932 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.241053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.241888] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 105.242274] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 105.243663] RSP: 0018:ffff8880163ffb78 EFLAGS: 00010246 [ 105.244069] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 105.244601] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 105.245187] RBP: ffff8880163ffb98 R08: ffffed100416403e R09: ffffed100416403e [ 105.245719] R10: ffff888020b201ef R11: ffffed100416403d R12: ffff888020b20290 [ 105.246252] R13: ffff888020b200a8 R14: ffffffffffffffff R15: ffff8880163ffc60 [ 105.246798] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.247410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.247844] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.248375] PKRU: 55555554 [ 105.248587] Call Trace: [ 105.248782] [ 105.248955] iommufd_ioas_destroy+0x53/0x70 [ 105.249293] iommufd_fops_release+0x1f7/0x370 [ 105.249643] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.250020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.250395] ? write_comp_data+0x2f/0x90 [ 105.250729] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.251118] __fput+0x26d/0xa40 [ 105.251555] ____fput+0x1e/0x30 [ 105.251825] task_work_run+0x1a4/0x2d0 [ 105.252135] ? __pfx_task_work_run+0x10/0x10 [ 105.252475] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.252852] ? switch_task_namespaces+0xa9/0xe0 [ 105.253216] do_exit+0xb17/0x2ef0 [ 105.253483] ? lock_acquire+0x427/0x4c0 [ 105.253794] ? __pfx_lock_release+0x10/0x10 [ 105.254123] ? __kasan_check_write+0x18/0x20 [ 105.254460] ? do_raw_spin_lock+0x132/0x2a0 [ 105.254947] ? __pfx_do_exit+0x10/0x10 [ 105.255270] ? debug_smp_processor_id+0x20/0x30 [ 105.255628] ? rcu_is_watching+0x19/0xb0 [ 105.255937] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.256286] ? trace_hardirqs_on+0x26/0x120 [ 105.256760] do_group_exit+0xe0/0x2b0 [ 105.257055] __x64_sys_exit_group+0x47/0x50 [ 105.257383] do_syscall_64+0x3b/0x90 [ 105.257678] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.258077] RIP: 0033:0x7f4b87518a4d [ 105.258379] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.258997] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.259594] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.260148] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.260862] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.261415] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.261956] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.262525] [ 105.262707] irq event stamp: 0 [ 105.262949] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.263512] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.264250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.264896] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.265379] ---[ end trace 0000000000000000 ]--- [ 105.270198] ------------[ cut here ]------------ [ 105.270731] WARNING: CPU: 0 PID: 933 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.271530] Modules linked in: [ 105.271777] CPU: 0 PID: 933 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.272504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.273437] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.273825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.275434] RSP: 0018:ffff88801592fbb8 EFLAGS: 00010246 [ 105.275848] RAX: 0000000000000000 RBX: ffff88800efc48a8 RCX: 0000000000000000 [ 105.276395] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 105.277016] RBP: ffff88801592fbd0 R08: ffffed1001df8933 R09: ffffed1001df8933 [ 105.277558] R10: ffff88800efc4993 R11: ffffed1001df8932 R12: ffff888016c99000 [ 105.278098] R13: ffff88800efc49e8 R14: ffffffff8352e670 R15: ffff88801592fe68 [ 105.278665] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.279299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.279747] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 105.280295] PKRU: 55555554 [ 105.280517] Call Trace: [ 105.280719] [ 105.280897] __iommufd_access_detach+0x1c2/0x2b0 [ 105.281283] iommufd_access_change_pt+0x149/0x270 [ 105.281678] iommufd_access_replace+0xb4/0x120 [ 105.282061] iommufd_test+0x3e5/0x37e0 [ 105.282381] ? lock_release+0x532/0x770 [ 105.282747] ? __might_fault+0x102/0x1b0 [ 105.283095] ? lock_acquire+0x427/0x4c0 [ 105.283428] ? __pfx_iommufd_test+0x10/0x10 [ 105.283777] ? __pfx_lock_release+0x10/0x10 [ 105.284138] ? __pfx_lock_acquire+0x10/0x10 [ 105.284504] ? write_comp_data+0x2f/0x90 [ 105.284848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.285252] ? write_comp_data+0x2f/0x90 [ 105.285597] iommufd_fops_ioctl+0x37d/0x510 [ 105.285954] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.286354] ? write_comp_data+0x2f/0x90 [ 105.286721] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.287133] __x64_sys_ioctl+0x1a3/0x230 [ 105.287476] do_syscall_64+0x3b/0x90 [ 105.287796] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.288226] RIP: 0033:0x7f4b8743ee5d [ 105.288529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.289991] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.290642] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.291244] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.291834] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.292423] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.292997] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.293584] [ 105.293777] irq event stamp: 0 [ 105.294030] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.294564] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.295256] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.295940] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.296452] ---[ end trace 0000000000000000 ]--- [ 105.299536] ------------[ cut here ]------------ [ 105.300110] WARNING: CPU: 0 PID: 933 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.300952] Modules linked in: [ 105.301262] CPU: 0 PID: 933 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.302135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.303188] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.303744] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.305550] RSP: 0018:ffff88801592fbd0 EFLAGS: 00010246 [ 105.306017] RAX: 0000000000000000 RBX: ffff88800efc48a8 RCX: 0000000000000000 [ 105.306650] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 105.307441] RBP: ffff88801592fbe8 R08: ffffed1001df8933 R09: ffffed1001df8933 [ 105.308056] R10: ffff88800efc4993 R11: ffffed1001df8932 R12: ffff88800efce800 [ 105.308748] R13: ffff88800efc49e8 R14: ffff888020a46900 R15: 0000000000000000 [ 105.309523] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.310273] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.310906] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.312284] PKRU: 55555554 [ 105.312539] Call Trace: [ 105.312761] [ 105.312959] iommufd_access_destroy_object+0x65/0x170 [ 105.313415] iommufd_object_destroy_user+0x18e/0x220 [ 105.314069] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 105.314613] iommufd_access_destroy+0x43/0x70 [ 105.315012] iommufd_test_staccess_release+0x8d/0xd0 [ 105.315572] __fput+0x26d/0xa40 [ 105.316025] ____fput+0x1e/0x30 [ 105.316347] task_work_run+0x1a4/0x2d0 [ 105.316718] ? __pfx_task_work_run+0x10/0x10 [ 105.317173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.317775] ? switch_task_namespaces+0xa9/0xe0 [ 105.318229] do_exit+0xb17/0x2ef0 [ 105.318572] ? lock_acquire+0x427/0x4c0 [ 105.319166] ? __pfx_lock_release+0x10/0x10 [ 105.319576] ? __kasan_check_write+0x18/0x20 [ 105.319992] ? do_raw_spin_lock+0x132/0x2a0 [ 105.320399] ? __pfx_do_exit+0x10/0x10 [ 105.320867] ? debug_smp_processor_id+0x20/0x30 [ 105.321406] ? rcu_is_watching+0x19/0xb0 [ 105.321785] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.322243] ? trace_hardirqs_on+0x26/0x120 [ 105.322829] do_group_exit+0xe0/0x2b0 [ 105.323198] __x64_sys_exit_group+0x47/0x50 [ 105.323598] do_syscall_64+0x3b/0x90 [ 105.323957] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.324639] RIP: 0033:0x7f4b87518a4d [ 105.324993] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.325561] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.326473] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.327186] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.328078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.328756] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.329506] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.330313] [ 105.330577] irq event stamp: 0 [ 105.330883] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.331703] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.332504] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.333506] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.334108] ---[ end trace 0000000000000000 ]--- [ 105.336761] ------------[ cut here ]------------ [ 105.337224] WARNING: CPU: 0 PID: 933 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 105.338223] Modules linked in: [ 105.338661] CPU: 0 PID: 933 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.339829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.341307] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 105.341851] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 105.344125] RSP: 0018:ffff88801592fb78 EFLAGS: 00010246 [ 105.344683] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 105.345401] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 105.346128] RBP: ffff88801592fb98 R08: ffffed1001df893e R09: ffffed1001df893e [ 105.346883] R10: ffff88800efc49ef R11: ffffed1001df893d R12: ffff88800efc4a90 [ 105.347656] R13: ffff88800efc48a8 R14: ffffffffffffffff R15: ffff88801592fc60 [ 105.348536] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.349365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.349959] CR2: 00007f82e2ac7000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 105.350727] PKRU: 55555554 [ 105.351032] Call Trace: [ 105.351317] [ 105.351552] iommufd_ioas_destroy+0x53/0x70 [ 105.352001] iommufd_fops_release+0x1f7/0x370 [ 105.352470] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.352983] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.353494] ? write_comp_data+0x2f/0x90 [ 105.353928] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.354438] __fput+0x26d/0xa40 [ 105.354825] ____fput+0x1e/0x30 [ 105.355196] task_work_run+0x1a4/0x2d0 [ 105.355624] ? __pfx_task_work_run+0x10/0x10 [ 105.356080] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.356587] ? switch_task_namespaces+0xa9/0xe0 [ 105.357080] do_exit+0xb17/0x2ef0 [ 105.357431] ? lock_acquire+0x427/0x4c0 [ 105.357849] ? __pfx_lock_release+0x10/0x10 [ 105.358294] ? __kasan_check_write+0x18/0x20 [ 105.358781] ? do_raw_spin_lock+0x132/0x2a0 [ 105.359255] ? __pfx_do_exit+0x10/0x10 [ 105.359667] ? debug_smp_processor_id+0x20/0x30 [ 105.360165] ? rcu_is_watching+0x19/0xb0 [ 105.360596] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.361067] ? trace_hardirqs_on+0x26/0x120 [ 105.361513] do_group_exit+0xe0/0x2b0 [ 105.361912] __x64_sys_exit_group+0x47/0x50 [ 105.362365] do_syscall_64+0x3b/0x90 [ 105.362791] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.363356] RIP: 0033:0x7f4b87518a4d [ 105.363738] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.364371] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.365160] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.365885] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.366641] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.367397] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.368115] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.368868] [ 105.369111] irq event stamp: 0 [ 105.369441] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.370079] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.370950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.371814] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.372456] ---[ end trace 0000000000000000 ]--- [ 105.377799] ------------[ cut here ]------------ [ 105.378361] WARNING: CPU: 0 PID: 934 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.379683] Modules linked in: [ 105.380031] CPU: 0 PID: 934 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.380914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.382420] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.382980] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.385194] RSP: 0018:ffff888021807bb8 EFLAGS: 00010246 [ 105.385751] RAX: 0000000000000000 RBX: ffff8880246080a8 RCX: 0000000000000000 [ 105.386786] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 105.387534] RBP: ffff888021807bd0 R08: ffffed10048c1033 R09: ffffed10048c1033 [ 105.388447] R10: ffff888024608193 R11: ffffed10048c1032 R12: ffff888021bc4c00 [ 105.389332] R13: ffff8880246081e8 R14: ffffffff8352e670 R15: ffff888021807e68 [ 105.390212] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.391274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.391883] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ef0 [ 105.393185] PKRU: 55555554 [ 105.393494] Call Trace: [ 105.393765] [ 105.394002] __iommufd_access_detach+0x1c2/0x2b0 [ 105.395139] iommufd_access_change_pt+0x149/0x270 [ 105.395832] iommufd_access_replace+0xb4/0x120 [ 105.396476] iommufd_test+0x3e5/0x37e0 [ 105.397457] ? lock_release+0x532/0x770 [ 105.398035] ? __might_fault+0x102/0x1b0 [ 105.398673] ? lock_acquire+0x427/0x4c0 [ 105.399545] ? __pfx_iommufd_test+0x10/0x10 [ 105.400141] ? __pfx_lock_release+0x10/0x10 [ 105.400783] ? __pfx_lock_acquire+0x10/0x10 [ 105.401651] ? write_comp_data+0x2f/0x90 [ 105.402234] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.403276] ? write_comp_data+0x2f/0x90 [ 105.403862] iommufd_fops_ioctl+0x37d/0x510 [ 105.404468] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.405462] ? write_comp_data+0x2f/0x90 [ 105.406050] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.406804] __x64_sys_ioctl+0x1a3/0x230 [ 105.407617] do_syscall_64+0x3b/0x90 [ 105.408156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.409176] RIP: 0033:0x7f4b8743ee5d [ 105.409701] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.412440] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.413464] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.414413] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.415451] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.416404] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.417348] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.418308] [ 105.418707] irq event stamp: 0 [ 105.419164] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.419996] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.421105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.422213] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.423137] ---[ end trace 0000000000000000 ]--- [ 105.429092] ------------[ cut here ]------------ [ 105.429752] WARNING: CPU: 0 PID: 934 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.431487] Modules linked in: [ 105.431943] CPU: 0 PID: 934 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.433098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.434984] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.435712] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.438487] RSP: 0018:ffff888021807bd0 EFLAGS: 00010246 [ 105.439672] RAX: 0000000000000000 RBX: ffff8880246080a8 RCX: 0000000000000000 [ 105.440630] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 105.441874] RBP: ffff888021807be8 R08: ffffed10048c1033 R09: ffffed10048c1033 [ 105.442909] R10: ffff888024608193 R11: ffffed10048c1032 R12: ffff888016c98400 [ 105.443908] R13: ffff8880246081e8 R14: ffff8880123ece00 R15: 0000000000000000 [ 105.445195] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.446272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.447215] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.448355] PKRU: 55555554 [ 105.448759] Call Trace: [ 105.449113] [ 105.449435] iommufd_access_destroy_object+0x65/0x170 [ 105.450456] iommufd_object_destroy_user+0x18e/0x220 [ 105.451331] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 105.452178] iommufd_access_destroy+0x43/0x70 [ 105.453025] iommufd_test_staccess_release+0x8d/0xd0 [ 105.453745] __fput+0x26d/0xa40 [ 105.454323] ____fput+0x1e/0x30 [ 105.455030] task_work_run+0x1a4/0x2d0 [ 105.455642] ? __pfx_task_work_run+0x10/0x10 [ 105.456287] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.457265] ? switch_task_namespaces+0xa9/0xe0 [ 105.457939] do_exit+0xb17/0x2ef0 [ 105.458429] ? lock_acquire+0x427/0x4c0 [ 105.459050] ? __pfx_lock_release+0x10/0x10 [ 105.459971] ? __kasan_check_write+0x18/0x20 [ 105.460612] ? do_raw_spin_lock+0x132/0x2a0 [ 105.461218] ? __pfx_do_exit+0x10/0x10 [ 105.462075] ? debug_smp_processor_id+0x20/0x30 [ 105.462789] ? rcu_is_watching+0x19/0xb0 [ 105.463391] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.464069] ? trace_hardirqs_on+0x26/0x120 [ 105.464918] do_group_exit+0xe0/0x2b0 [ 105.465464] __x64_sys_exit_group+0x47/0x50 [ 105.466056] do_syscall_64+0x3b/0x90 [ 105.466897] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.467654] RIP: 0033:0x7f4b87518a4d [ 105.468177] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.469005] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.470408] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.471459] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.472433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.473710] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.474749] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.475800] [ 105.476384] irq event stamp: 0 [ 105.476835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.477679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.479160] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.480288] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.481144] ---[ end trace 0000000000000000 ]--- [ 105.483453] ------------[ cut here ]------------ [ 105.484133] WARNING: CPU: 1 PID: 934 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 105.485539] Modules linked in: [ 105.486107] CPU: 1 PID: 934 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.487458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.488978] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 105.489835] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 105.492280] RSP: 0018:ffff888021807b78 EFLAGS: 00010246 [ 105.493199] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 105.494101] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 105.495077] RBP: ffff888021807b98 R08: ffffed10048c103e R09: ffffed10048c103e [ 105.496027] R10: ffff8880246081ef R11: ffffed10048c103d R12: ffff888024608290 [ 105.497183] R13: ffff8880246080a8 R14: ffffffffffffffff R15: ffff888021807c60 [ 105.498129] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 105.499280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.500195] CR2: 00007ff8de560000 CR3: 000000001444e000 CR4: 0000000000750ee0 [ 105.501244] PKRU: 55555554 [ 105.501626] Call Trace: [ 105.501971] [ 105.502278] iommufd_ioas_destroy+0x53/0x70 [ 105.502924] iommufd_fops_release+0x1f7/0x370 [ 105.503679] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.504460] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.505117] ? write_comp_data+0x2f/0x90 [ 105.505672] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.506344] __fput+0x26d/0xa40 [ 105.506864] ____fput+0x1e/0x30 [ 105.507544] task_work_run+0x1a4/0x2d0 [ 105.508085] ? __pfx_task_work_run+0x10/0x10 [ 105.508683] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.509341] ? switch_task_namespaces+0xa9/0xe0 [ 105.509980] do_exit+0xb17/0x2ef0 [ 105.510449] ? lock_acquire+0x427/0x4c0 [ 105.511232] ? __pfx_lock_release+0x10/0x10 [ 105.511822] ? __kasan_check_write+0x18/0x20 [ 105.512417] ? do_raw_spin_lock+0x132/0x2a0 [ 105.512999] ? __pfx_do_exit+0x10/0x10 [ 105.513549] ? debug_smp_processor_id+0x20/0x30 [ 105.514263] ? rcu_is_watching+0x19/0xb0 [ 105.515000] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.515669] ? trace_hardirqs_on+0x26/0x120 [ 105.516277] do_group_exit+0xe0/0x2b0 [ 105.516794] __x64_sys_exit_group+0x47/0x50 [ 105.517369] do_syscall_64+0x3b/0x90 [ 105.517882] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.518849] RIP: 0033:0x7f4b87518a4d [ 105.519370] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.520184] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.521189] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.522341] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.523344] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.524286] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.525240] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.526412] [ 105.526785] irq event stamp: 0 [ 105.527240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.528073] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.529294] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.530494] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.531415] ---[ end trace 0000000000000000 ]--- [ 105.542975] ------------[ cut here ]------------ [ 105.543719] WARNING: CPU: 1 PID: 935 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.545050] Modules linked in: [ 105.545590] CPU: 1 PID: 935 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.546925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.548446] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.549332] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.551796] RSP: 0018:ffff88801840fbb8 EFLAGS: 00010246 [ 105.552713] RAX: 0000000000000000 RBX: ffff88801781c0a8 RCX: 0000000000000000 [ 105.553652] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 105.554646] RBP: ffff88801840fbd0 R08: ffffed1002f03833 R09: ffffed1002f03833 [ 105.555804] R10: ffff88801781c193 R11: ffffed1002f03832 R12: ffff88800fcb2c00 [ 105.556904] R13: ffff88801781c1e8 R14: ffffffff8352e670 R15: ffff88801840fe68 [ 105.557906] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 105.559329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.560149] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 105.561135] PKRU: 55555554 [ 105.561530] Call Trace: [ 105.561931] [ 105.562372] __iommufd_access_detach+0x1c2/0x2b0 [ 105.563100] iommufd_access_change_pt+0x149/0x270 [ 105.563824] iommufd_access_replace+0xb4/0x120 [ 105.564479] iommufd_test+0x3e5/0x37e0 [ 105.565078] ? lock_release+0x532/0x770 [ 105.565768] ? __might_fault+0x102/0x1b0 [ 105.566351] ? lock_acquire+0x427/0x4c0 [ 105.566939] ? __pfx_iommufd_test+0x10/0x10 [ 105.567570] ? __pfx_lock_release+0x10/0x10 [ 105.568184] ? __pfx_lock_acquire+0x10/0x10 [ 105.569002] ? write_comp_data+0x2f/0x90 [ 105.569586] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.570269] ? write_comp_data+0x2f/0x90 [ 105.570925] iommufd_fops_ioctl+0x37d/0x510 [ 105.571590] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.572499] ? write_comp_data+0x2f/0x90 [ 105.573081] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.573757] __x64_sys_ioctl+0x1a3/0x230 [ 105.574343] do_syscall_64+0x3b/0x90 [ 105.574953] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.575814] RIP: 0033:0x7f4b8743ee5d [ 105.576336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.579085] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.580156] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.581186] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.582329] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.583406] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.584397] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.585619] [ 105.585953] irq event stamp: 0 [ 105.586398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.587339] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.588721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.589870] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.590781] ---[ end trace 0000000000000000 ]--- [ 105.600001] ------------[ cut here ]------------ [ 105.600712] WARNING: CPU: 0 PID: 935 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.602504] Modules linked in: [ 105.603066] CPU: 0 PID: 935 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.604299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.606195] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.607069] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.609873] RSP: 0018:ffff88801840fbd0 EFLAGS: 00010246 [ 105.610697] RAX: 0000000000000000 RBX: ffff88801781c0a8 RCX: 0000000000000000 [ 105.611816] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 105.612948] RBP: ffff88801840fbe8 R08: ffffed1002f03833 R09: ffffed1002f03833 [ 105.614223] R10: ffff88801781c193 R11: ffffed1002f03832 R12: ffff888013c8c000 [ 105.615301] R13: ffff88801781c1e8 R14: ffff888020972200 R15: 0000000000000000 [ 105.616405] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.617668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.618819] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.619839] PKRU: 55555554 [ 105.620251] Call Trace: [ 105.620673] [ 105.621200] iommufd_access_destroy_object+0x65/0x170 [ 105.621945] iommufd_object_destroy_user+0x18e/0x220 [ 105.622824] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 105.623815] iommufd_access_destroy+0x43/0x70 [ 105.624488] iommufd_test_staccess_release+0x8d/0xd0 [ 105.625512] __fput+0x26d/0xa40 [ 105.626024] ____fput+0x1e/0x30 [ 105.626572] task_work_run+0x1a4/0x2d0 [ 105.627182] ? __pfx_task_work_run+0x10/0x10 [ 105.628106] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.628816] ? switch_task_namespaces+0xa9/0xe0 [ 105.629496] do_exit+0xb17/0x2ef0 [ 105.630240] ? lock_acquire+0x427/0x4c0 [ 105.630889] ? __pfx_lock_release+0x10/0x10 [ 105.631550] ? __kasan_check_write+0x18/0x20 [ 105.632304] ? do_raw_spin_lock+0x132/0x2a0 [ 105.633104] ? __pfx_do_exit+0x10/0x10 [ 105.633687] ? debug_smp_processor_id+0x20/0x30 [ 105.634462] ? rcu_is_watching+0x19/0xb0 [ 105.635298] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.635948] ? trace_hardirqs_on+0x26/0x120 [ 105.636614] do_group_exit+0xe0/0x2b0 [ 105.637322] __x64_sys_exit_group+0x47/0x50 [ 105.637936] do_syscall_64+0x3b/0x90 [ 105.638486] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.639331] RIP: 0033:0x7f4b87518a4d [ 105.639856] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.640704] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.641722] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.642768] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.643791] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.644780] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.645763] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.646828] [ 105.647213] irq event stamp: 0 [ 105.647662] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.648542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.649692] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.650904] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.651811] ---[ end trace 0000000000000000 ]--- [ 105.654306] ------------[ cut here ]------------ [ 105.655075] WARNING: CPU: 0 PID: 935 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 105.656879] Modules linked in: [ 105.657351] CPU: 0 PID: 935 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.659385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.661281] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 105.662031] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 105.664915] RSP: 0018:ffff88801840fb78 EFLAGS: 00010246 [ 105.665961] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 105.667010] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 105.668335] RBP: ffff88801840fb98 R08: ffffed1002f0383e R09: ffffed1002f0383e [ 105.669324] R10: ffff88801781c1ef R11: ffffed1002f0383d R12: ffff88801781c290 [ 105.670663] R13: ffff88801781c0a8 R14: ffffffffffffffff R15: ffff88801840fc60 [ 105.671690] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.673100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.673966] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 105.675248] PKRU: 55555554 [ 105.675667] Call Trace: [ 105.676070] [ 105.676630] iommufd_ioas_destroy+0x53/0x70 [ 105.677255] iommufd_fops_release+0x1f7/0x370 [ 105.677891] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.678902] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.679635] ? write_comp_data+0x2f/0x90 [ 105.680227] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.681255] __fput+0x26d/0xa40 [ 105.681763] ____fput+0x1e/0x30 [ 105.682244] task_work_run+0x1a4/0x2d0 [ 105.683151] ? __pfx_task_work_run+0x10/0x10 [ 105.683795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.684498] ? switch_task_namespaces+0xa9/0xe0 [ 105.685185] do_exit+0xb17/0x2ef0 [ 105.685686] ? lock_acquire+0x427/0x4c0 [ 105.686270] ? __pfx_lock_release+0x10/0x10 [ 105.686962] ? __kasan_check_write+0x18/0x20 [ 105.687636] ? do_raw_spin_lock+0x132/0x2a0 [ 105.688259] ? __pfx_do_exit+0x10/0x10 [ 105.688834] ? debug_smp_processor_id+0x20/0x30 [ 105.689493] ? rcu_is_watching+0x19/0xb0 [ 105.690072] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.690790] ? trace_hardirqs_on+0x26/0x120 [ 105.691452] do_group_exit+0xe0/0x2b0 [ 105.691996] __x64_sys_exit_group+0x47/0x50 [ 105.692585] do_syscall_64+0x3b/0x90 [ 105.693111] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.693824] RIP: 0033:0x7f4b87518a4d [ 105.694339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.695244] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.696266] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.697227] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.698192] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.699218] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.700173] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.701142] [ 105.701471] irq event stamp: 0 [ 105.701897] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.702794] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.703941] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.705069] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.705931] ---[ end trace 0000000000000000 ]--- [ 105.711893] ------------[ cut here ]------------ [ 105.712474] WARNING: CPU: 1 PID: 936 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.713539] Modules linked in: [ 105.714013] CPU: 1 PID: 936 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.715352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.716527] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.717048] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.719312] RSP: 0018:ffff88801723fbb8 EFLAGS: 00010246 [ 105.719877] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 105.720642] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 105.721403] RBP: ffff88801723fbd0 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 105.722155] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff888012e91000 [ 105.722943] R13: ffff8880158789e8 R14: ffffffff8352e670 R15: ffff88801723fe68 [ 105.723703] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 105.724796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.725652] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 105.726477] PKRU: 55555554 [ 105.726821] Call Trace: [ 105.727099] [ 105.727357] __iommufd_access_detach+0x1c2/0x2b0 [ 105.727891] iommufd_access_change_pt+0x149/0x270 [ 105.728411] iommufd_access_replace+0xb4/0x120 [ 105.728906] iommufd_test+0x3e5/0x37e0 [ 105.729327] ? lock_release+0x532/0x770 [ 105.729900] ? __might_fault+0x102/0x1b0 [ 105.730560] ? lock_acquire+0x427/0x4c0 [ 105.731005] ? __pfx_iommufd_test+0x10/0x10 [ 105.731478] ? __pfx_lock_release+0x10/0x10 [ 105.731947] ? __pfx_lock_acquire+0x10/0x10 [ 105.732425] ? write_comp_data+0x2f/0x90 [ 105.732873] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.733387] ? write_comp_data+0x2f/0x90 [ 105.733823] iommufd_fops_ioctl+0x37d/0x510 [ 105.734385] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.735179] ? write_comp_data+0x2f/0x90 [ 105.735627] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.736149] __x64_sys_ioctl+0x1a3/0x230 [ 105.736591] do_syscall_64+0x3b/0x90 [ 105.736994] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.737546] RIP: 0033:0x7f4b8743ee5d [ 105.737936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.740314] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.741125] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.741869] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.742649] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.743421] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.744197] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.745229] [ 105.745583] irq event stamp: 0 [ 105.746012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.746721] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.747629] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.748507] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.749174] ---[ end trace 0000000000000000 ]--- [ 105.753022] ------------[ cut here ]------------ [ 105.753568] WARNING: CPU: 1 PID: 936 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.755020] Modules linked in: [ 105.755383] CPU: 1 PID: 936 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.756299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.757479] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.758019] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.760390] RSP: 0018:ffff88801723fbd0 EFLAGS: 00010246 [ 105.761028] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 105.761787] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 105.762556] RBP: ffff88801723fbe8 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 105.763320] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff88800fcb1400 [ 105.764072] R13: ffff8880158789e8 R14: ffff888012bf9f00 R15: 0000000000000000 [ 105.764892] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 105.766048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.766760] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 105.767545] PKRU: 55555554 [ 105.767855] Call Trace: [ 105.768121] [ 105.768362] iommufd_access_destroy_object+0x65/0x170 [ 105.768917] iommufd_object_destroy_user+0x18e/0x220 [ 105.769459] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 105.770226] iommufd_access_destroy+0x43/0x70 [ 105.770917] iommufd_test_staccess_release+0x8d/0xd0 [ 105.771492] __fput+0x26d/0xa40 [ 105.771863] ____fput+0x1e/0x30 [ 105.772224] task_work_run+0x1a4/0x2d0 [ 105.772646] ? __pfx_task_work_run+0x10/0x10 [ 105.773129] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.773662] ? switch_task_namespaces+0xa9/0xe0 [ 105.774168] do_exit+0xb17/0x2ef0 [ 105.774585] ? lock_acquire+0x427/0x4c0 [ 105.775029] ? __pfx_lock_release+0x10/0x10 [ 105.775518] ? __kasan_check_write+0x18/0x20 [ 105.776046] ? do_raw_spin_lock+0x132/0x2a0 [ 105.776639] ? __pfx_do_exit+0x10/0x10 [ 105.777201] ? debug_smp_processor_id+0x20/0x30 [ 105.777698] ? rcu_is_watching+0x19/0xb0 [ 105.778137] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.778671] ? trace_hardirqs_on+0x26/0x120 [ 105.779167] do_group_exit+0xe0/0x2b0 [ 105.779595] __x64_sys_exit_group+0x47/0x50 [ 105.780060] do_syscall_64+0x3b/0x90 [ 105.780473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.781071] RIP: 0033:0x7f4b87518a4d [ 105.781581] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.782483] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.783342] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.784113] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.784880] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.785636] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.786736] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.787630] [ 105.787885] irq event stamp: 0 [ 105.788226] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.788902] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.789801] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.790721] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.791402] ---[ end trace 0000000000000000 ]--- [ 105.792464] ------------[ cut here ]------------ [ 105.792969] WARNING: CPU: 1 PID: 936 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 105.794036] Modules linked in: [ 105.794384] CPU: 1 PID: 936 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.795351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.796975] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 105.797533] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 105.799543] RSP: 0018:ffff88801723fb78 EFLAGS: 00010246 [ 105.800116] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 105.800871] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 105.801844] RBP: ffff88801723fb98 R08: ffffed1002b0f13e R09: ffffed1002b0f13e [ 105.802867] R10: ffff8880158789ef R11: ffffed1002b0f13d R12: ffff888015878a90 [ 105.803638] R13: ffff8880158788a8 R14: ffffffffffffffff R15: ffff88801723fc60 [ 105.804410] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 105.805264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.805883] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 105.806763] PKRU: 55555554 [ 105.807180] Call Trace: [ 105.807457] [ 105.807699] iommufd_ioas_destroy+0x53/0x70 [ 105.808169] iommufd_fops_release+0x1f7/0x370 [ 105.808641] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.809170] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.809698] ? write_comp_data+0x2f/0x90 [ 105.810277] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.811057] __fput+0x26d/0xa40 [ 105.811474] ____fput+0x1e/0x30 [ 105.811838] task_work_run+0x1a4/0x2d0 [ 105.812266] ? __pfx_task_work_run+0x10/0x10 [ 105.812744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.813264] ? switch_task_namespaces+0xa9/0xe0 [ 105.813764] do_exit+0xb17/0x2ef0 [ 105.814212] ? lock_acquire+0x427/0x4c0 [ 105.814837] ? __pfx_lock_release+0x10/0x10 [ 105.815474] ? __kasan_check_write+0x18/0x20 [ 105.815965] ? do_raw_spin_lock+0x132/0x2a0 [ 105.816423] ? __pfx_do_exit+0x10/0x10 [ 105.816851] ? debug_smp_processor_id+0x20/0x30 [ 105.817357] ? rcu_is_watching+0x19/0xb0 [ 105.817801] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.818352] ? trace_hardirqs_on+0x26/0x120 [ 105.819041] do_group_exit+0xe0/0x2b0 [ 105.819472] __x64_sys_exit_group+0x47/0x50 [ 105.819937] do_syscall_64+0x3b/0x90 [ 105.820335] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.820884] RIP: 0033:0x7f4b87518a4d [ 105.821278] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.822031] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.823174] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.823929] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.824691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.825443] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.826354] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.827395] [ 105.827654] irq event stamp: 0 [ 105.827992] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.828662] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.829543] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.830715] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.831585] ---[ end trace 0000000000000000 ]--- [ 105.838701] ------------[ cut here ]------------ [ 105.839309] WARNING: CPU: 1 PID: 937 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.840404] Modules linked in: [ 105.840791] CPU: 1 PID: 937 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.842031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.843328] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.843886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.846330] RSP: 0018:ffff88801840fbb8 EFLAGS: 00010246 [ 105.846973] RAX: 0000000000000000 RBX: ffff888015d2b0a8 RCX: 0000000000000000 [ 105.847771] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 105.848552] RBP: ffff88801840fbd0 R08: ffffed1002ba5633 R09: ffffed1002ba5633 [ 105.849428] R10: ffff888015d2b193 R11: ffffed1002ba5632 R12: ffff88800ae93400 [ 105.850463] R13: ffff888015d2b1e8 R14: ffffffff8352e670 R15: ffff88801840fe68 [ 105.851424] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 105.852310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.852943] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 105.853739] PKRU: 55555554 [ 105.854125] Call Trace: [ 105.854576] [ 105.854938] __iommufd_access_detach+0x1c2/0x2b0 [ 105.855495] iommufd_access_change_pt+0x149/0x270 [ 105.856042] iommufd_access_replace+0xb4/0x120 [ 105.856558] iommufd_test+0x3e5/0x37e0 [ 105.856992] ? lock_release+0x532/0x770 [ 105.857443] ? __might_fault+0x102/0x1b0 [ 105.857903] ? lock_acquire+0x427/0x4c0 [ 105.858457] ? __pfx_iommufd_test+0x10/0x10 [ 105.859161] ? __pfx_lock_release+0x10/0x10 [ 105.859816] ? __pfx_lock_acquire+0x10/0x10 [ 105.860320] ? write_comp_data+0x2f/0x90 [ 105.860786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.861330] ? write_comp_data+0x2f/0x90 [ 105.861792] iommufd_fops_ioctl+0x37d/0x510 [ 105.862282] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.862890] ? write_comp_data+0x2f/0x90 [ 105.863531] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.864264] __x64_sys_ioctl+0x1a3/0x230 [ 105.864738] do_syscall_64+0x3b/0x90 [ 105.865171] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.865748] RIP: 0033:0x7f4b8743ee5d [ 105.866153] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.868394] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.869439] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.870224] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.871020] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.871807] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.872627] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.873693] [ 105.873961] irq event stamp: 0 [ 105.874315] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.875040] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.875984] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.876911] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.877827] ---[ end trace 0000000000000000 ]--- [ 105.883609] ------------[ cut here ]------------ [ 105.884191] WARNING: CPU: 1 PID: 937 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.885310] Modules linked in: [ 105.885790] CPU: 1 PID: 937 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.887056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.888317] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.888871] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.891502] RSP: 0018:ffff88801840fbd0 EFLAGS: 00010246 [ 105.892155] RAX: 0000000000000000 RBX: ffff888015d2b0a8 RCX: 0000000000000000 [ 105.892960] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 105.893755] RBP: ffff88801840fbe8 R08: ffffed1002ba5633 R09: ffffed1002ba5633 [ 105.894599] R10: ffff888015d2b193 R11: ffffed1002ba5632 R12: ffff888012e92400 [ 105.895619] R13: ffff888015d2b1e8 R14: ffff88801230fb00 R15: 0000000000000000 [ 105.896579] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 105.897464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.898105] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 105.898916] PKRU: 55555554 [ 105.899272] Call Trace: [ 105.899644] [ 105.899983] iommufd_access_destroy_object+0x65/0x170 [ 105.900722] iommufd_object_destroy_user+0x18e/0x220 [ 105.901292] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 105.901942] iommufd_access_destroy+0x43/0x70 [ 105.902461] iommufd_test_staccess_release+0x8d/0xd0 [ 105.903077] __fput+0x26d/0xa40 [ 105.903479] ____fput+0x1e/0x30 [ 105.903913] task_work_run+0x1a4/0x2d0 [ 105.904529] ? __pfx_task_work_run+0x10/0x10 [ 105.905188] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.905728] ? switch_task_namespaces+0xa9/0xe0 [ 105.906246] do_exit+0xb17/0x2ef0 [ 105.906652] ? lock_acquire+0x427/0x4c0 [ 105.907087] ? __pfx_lock_release+0x10/0x10 [ 105.907569] ? __kasan_check_write+0x18/0x20 [ 105.908049] ? do_raw_spin_lock+0x132/0x2a0 [ 105.908656] ? __pfx_do_exit+0x10/0x10 [ 105.909305] ? debug_smp_processor_id+0x20/0x30 [ 105.909808] ? rcu_is_watching+0x19/0xb0 [ 105.910248] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.910771] ? trace_hardirqs_on+0x26/0x120 [ 105.911255] do_group_exit+0xe0/0x2b0 [ 105.911666] __x64_sys_exit_group+0x47/0x50 [ 105.912137] do_syscall_64+0x3b/0x90 [ 105.912580] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.913343] RIP: 0033:0x7f4b87518a4d [ 105.913933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.914623] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.915456] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.916223] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.916993] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.917754] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.918570] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.919368] [ 105.919634] irq event stamp: 0 [ 105.919981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.920657] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.921567] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.922466] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.923240] ---[ end trace 0000000000000000 ]--- [ 105.924656] ------------[ cut here ]------------ [ 105.925391] WARNING: CPU: 0 PID: 937 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 105.926943] Modules linked in: [ 105.927449] CPU: 0 PID: 937 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.928637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.930172] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 105.930957] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 105.933475] RSP: 0018:ffff88801840fb78 EFLAGS: 00010246 [ 105.934221] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 105.935327] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 105.936101] RBP: ffff88801840fb98 R08: ffffed1002ba563e R09: ffffed1002ba563e [ 105.936860] R10: ffff888015d2b1ef R11: ffffed1002ba563d R12: ffff888015d2b290 [ 105.937612] R13: ffff888015d2b0a8 R14: ffffffffffffffff R15: ffff88801840fc60 [ 105.938371] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.939272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.939897] CR2: 00007f82e2b0b020 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 105.940662] PKRU: 55555554 [ 105.940982] Call Trace: [ 105.941258] [ 105.941501] iommufd_ioas_destroy+0x53/0x70 [ 105.941983] iommufd_fops_release+0x1f7/0x370 [ 105.942480] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.943047] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.943594] ? write_comp_data+0x2f/0x90 [ 105.944045] ? __pfx_iommufd_fops_release+0x10/0x10 [ 105.944580] __fput+0x26d/0xa40 [ 105.944957] ____fput+0x1e/0x30 [ 105.945319] task_work_run+0x1a4/0x2d0 [ 105.945748] ? __pfx_task_work_run+0x10/0x10 [ 105.946233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.946788] ? switch_task_namespaces+0xa9/0xe0 [ 105.947326] do_exit+0xb17/0x2ef0 [ 105.947709] ? lock_acquire+0x427/0x4c0 [ 105.948151] ? __pfx_lock_release+0x10/0x10 [ 105.948623] ? __kasan_check_write+0x18/0x20 [ 105.949105] ? do_raw_spin_lock+0x132/0x2a0 [ 105.949571] ? __pfx_do_exit+0x10/0x10 [ 105.950004] ? debug_smp_processor_id+0x20/0x30 [ 105.950540] ? rcu_is_watching+0x19/0xb0 [ 105.950987] ? _raw_spin_unlock_irq+0x2b/0x60 [ 105.951487] ? trace_hardirqs_on+0x26/0x120 [ 105.951965] do_group_exit+0xe0/0x2b0 [ 105.952394] __x64_sys_exit_group+0x47/0x50 [ 105.952870] do_syscall_64+0x3b/0x90 [ 105.953287] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.953853] RIP: 0033:0x7f4b87518a4d [ 105.954254] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 105.954939] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 105.955775] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 105.956537] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 105.957305] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 105.958069] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 105.958863] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 105.959657] [ 105.959918] irq event stamp: 0 [ 105.960261] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 105.960936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 105.961828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 105.962755] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 105.963450] ---[ end trace 0000000000000000 ]--- [ 105.968892] ------------[ cut here ]------------ [ 105.969444] WARNING: CPU: 0 PID: 938 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 105.970474] Modules linked in: [ 105.970893] CPU: 0 PID: 938 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 105.971810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 105.972976] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 105.973499] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 105.975446] RSP: 0018:ffff888012d87bb8 EFLAGS: 00010246 [ 105.976010] RAX: 0000000000000000 RBX: ffff88800efc58a8 RCX: 0000000000000000 [ 105.976761] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 105.977505] RBP: ffff888012d87bd0 R08: ffffed1001df8b33 R09: ffffed1001df8b33 [ 105.978249] R10: ffff88800efc5993 R11: ffffed1001df8b32 R12: ffff888010824400 [ 105.979025] R13: ffff88800efc59e8 R14: ffffffff8352e670 R15: ffff888012d87e68 [ 105.979785] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 105.980627] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.981236] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 105.981977] PKRU: 55555554 [ 105.982278] Call Trace: [ 105.982584] [ 105.982822] __iommufd_access_detach+0x1c2/0x2b0 [ 105.983344] iommufd_access_change_pt+0x149/0x270 [ 105.983851] iommufd_access_replace+0xb4/0x120 [ 105.984352] iommufd_test+0x3e5/0x37e0 [ 105.984770] ? lock_release+0x532/0x770 [ 105.985200] ? __might_fault+0x102/0x1b0 [ 105.985641] ? lock_acquire+0x427/0x4c0 [ 105.986079] ? __pfx_iommufd_test+0x10/0x10 [ 105.986561] ? __pfx_lock_release+0x10/0x10 [ 105.987026] ? __pfx_lock_acquire+0x10/0x10 [ 105.987506] ? write_comp_data+0x2f/0x90 [ 105.987945] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 105.988455] ? write_comp_data+0x2f/0x90 [ 105.988891] iommufd_fops_ioctl+0x37d/0x510 [ 105.989351] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.989876] ? write_comp_data+0x2f/0x90 [ 105.990316] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 105.990848] __x64_sys_ioctl+0x1a3/0x230 [ 105.991298] do_syscall_64+0x3b/0x90 [ 105.991696] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 105.992248] RIP: 0033:0x7f4b8743ee5d [ 105.992643] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 105.994555] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 105.995378] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 105.996139] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 105.996873] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 105.997616] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 105.998371] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 105.999181] [ 105.999445] irq event stamp: 0 [ 105.999780] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.000435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.001314] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.002191] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.002880] ---[ end trace 0000000000000000 ]--- [ 106.006228] ------------[ cut here ]------------ [ 106.006802] WARNING: CPU: 0 PID: 938 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.007872] Modules linked in: [ 106.008211] CPU: 0 PID: 938 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.009097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.010254] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.010809] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.012698] RSP: 0018:ffff888012d87bd0 EFLAGS: 00010246 [ 106.013265] RAX: 0000000000000000 RBX: ffff88800efc58a8 RCX: 0000000000000000 [ 106.014005] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 106.014784] RBP: ffff888012d87be8 R08: ffffed1001df8b33 R09: ffffed1001df8b33 [ 106.015545] R10: ffff88800efc5993 R11: ffffed1001df8b32 R12: ffff888021bc4400 [ 106.016283] R13: ffff88800efc59e8 R14: ffff88800fa2ac00 R15: 0000000000000000 [ 106.017025] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.017856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.018456] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 106.019246] PKRU: 55555554 [ 106.019560] Call Trace: [ 106.019834] [ 106.020072] iommufd_access_destroy_object+0x65/0x170 [ 106.020608] iommufd_object_destroy_user+0x18e/0x220 [ 106.021146] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.021766] iommufd_access_destroy+0x43/0x70 [ 106.022256] iommufd_test_staccess_release+0x8d/0xd0 [ 106.022853] __fput+0x26d/0xa40 [ 106.023236] ____fput+0x1e/0x30 [ 106.023596] task_work_run+0x1a4/0x2d0 [ 106.024029] ? __pfx_task_work_run+0x10/0x10 [ 106.024498] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.025013] ? switch_task_namespaces+0xa9/0xe0 [ 106.025511] do_exit+0xb17/0x2ef0 [ 106.025872] ? lock_acquire+0x427/0x4c0 [ 106.026294] ? __pfx_lock_release+0x10/0x10 [ 106.026783] ? __kasan_check_write+0x18/0x20 [ 106.027269] ? do_raw_spin_lock+0x132/0x2a0 [ 106.027730] ? __pfx_do_exit+0x10/0x10 [ 106.028159] ? debug_smp_processor_id+0x20/0x30 [ 106.028649] ? rcu_is_watching+0x19/0xb0 [ 106.029074] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.029559] ? trace_hardirqs_on+0x26/0x120 [ 106.030029] do_group_exit+0xe0/0x2b0 [ 106.030440] __x64_sys_exit_group+0x47/0x50 [ 106.030940] do_syscall_64+0x3b/0x90 [ 106.031361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.031927] RIP: 0033:0x7f4b87518a4d [ 106.032326] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.032969] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.033767] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.034542] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.035299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.036046] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.036793] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.037536] [ 106.037783] irq event stamp: 0 [ 106.038123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.038827] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.039727] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.040602] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.041252] ---[ end trace 0000000000000000 ]--- [ 106.042140] ------------[ cut here ]------------ [ 106.042662] WARNING: CPU: 0 PID: 938 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.043733] Modules linked in: [ 106.044073] CPU: 0 PID: 938 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.044984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.046173] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.046751] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.048682] RSP: 0018:ffff888012d87b78 EFLAGS: 00010246 [ 106.049240] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.049987] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 106.050779] RBP: ffff888012d87b98 R08: ffffed1001df8b3e R09: ffffed1001df8b3e [ 106.051532] R10: ffff88800efc59ef R11: ffffed1001df8b3d R12: ffff88800efc5a90 [ 106.052280] R13: ffff88800efc58a8 R14: ffffffffffffffff R15: ffff888012d87c60 [ 106.053031] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.053864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.054475] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 106.055272] PKRU: 55555554 [ 106.055576] Call Trace: [ 106.055852] [ 106.056096] iommufd_ioas_destroy+0x53/0x70 [ 106.056567] iommufd_fops_release+0x1f7/0x370 [ 106.057048] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.057582] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.058117] ? write_comp_data+0x2f/0x90 [ 106.058617] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.059176] __fput+0x26d/0xa40 [ 106.059550] ____fput+0x1e/0x30 [ 106.059923] task_work_run+0x1a4/0x2d0 [ 106.060341] ? __pfx_task_work_run+0x10/0x10 [ 106.060806] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.061344] ? switch_task_namespaces+0xa9/0xe0 [ 106.061857] do_exit+0xb17/0x2ef0 [ 106.062230] ? lock_acquire+0x427/0x4c0 [ 106.062679] ? __pfx_lock_release+0x10/0x10 [ 106.063144] ? __kasan_check_write+0x18/0x20 [ 106.063604] ? do_raw_spin_lock+0x132/0x2a0 [ 106.064061] ? __pfx_do_exit+0x10/0x10 [ 106.064488] ? debug_smp_processor_id+0x20/0x30 [ 106.064995] ? rcu_is_watching+0x19/0xb0 [ 106.065438] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.065928] ? trace_hardirqs_on+0x26/0x120 [ 106.066409] do_group_exit+0xe0/0x2b0 [ 106.066880] __x64_sys_exit_group+0x47/0x50 [ 106.067356] do_syscall_64+0x3b/0x90 [ 106.067766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.068320] RIP: 0033:0x7f4b87518a4d [ 106.068707] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.069350] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.070139] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.070904] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.071659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.072403] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.073171] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.073914] [ 106.074166] irq event stamp: 0 [ 106.074532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.075228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.076110] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.077000] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.077664] ---[ end trace 0000000000000000 ]--- [ 106.084735] ------------[ cut here ]------------ [ 106.085450] WARNING: CPU: 1 PID: 939 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.086890] Modules linked in: [ 106.087365] CPU: 1 PID: 939 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.088534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.090049] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.090787] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.093296] RSP: 0018:ffff888012807bb8 EFLAGS: 00010246 [ 106.094034] RAX: 0000000000000000 RBX: ffff888020adb8a8 RCX: 0000000000000000 [ 106.095061] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 106.096054] RBP: ffff888012807bd0 R08: ffffed100415b733 R09: ffffed100415b733 [ 106.097027] R10: ffff888020adb993 R11: ffffed100415b732 R12: ffff88801892c000 [ 106.098007] R13: ffff888020adb9e8 R14: ffffffff8352e670 R15: ffff888012807e68 [ 106.099082] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.100219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.101013] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 106.101986] PKRU: 55555554 [ 106.102378] Call Trace: [ 106.102787] [ 106.103131] __iommufd_access_detach+0x1c2/0x2b0 [ 106.103812] iommufd_access_change_pt+0x149/0x270 [ 106.104491] iommufd_access_replace+0xb4/0x120 [ 106.105137] iommufd_test+0x3e5/0x37e0 [ 106.105679] ? lock_release+0x532/0x770 [ 106.106247] ? __might_fault+0x102/0x1b0 [ 106.106874] ? lock_acquire+0x427/0x4c0 [ 106.107472] ? __pfx_iommufd_test+0x10/0x10 [ 106.108067] ? __pfx_lock_release+0x10/0x10 [ 106.108669] ? __pfx_lock_acquire+0x10/0x10 [ 106.109276] ? write_comp_data+0x2f/0x90 [ 106.109855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.110580] ? write_comp_data+0x2f/0x90 [ 106.111178] iommufd_fops_ioctl+0x37d/0x510 [ 106.111781] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.112460] ? write_comp_data+0x2f/0x90 [ 106.113035] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.113703] __x64_sys_ioctl+0x1a3/0x230 [ 106.114279] do_syscall_64+0x3b/0x90 [ 106.114866] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.115613] RIP: 0033:0x7f4b8743ee5d [ 106.116133] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 106.118584] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 106.119603] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 106.120541] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 106.121478] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 106.122415] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 106.123468] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 106.124447] [ 106.124761] irq event stamp: 0 [ 106.125179] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.126008] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.127172] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.128270] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.129099] ---[ end trace 0000000000000000 ]--- [ 106.134124] ------------[ cut here ]------------ [ 106.134845] WARNING: CPU: 1 PID: 939 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.136199] Modules linked in: [ 106.136631] CPU: 1 PID: 939 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.137766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.139305] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.139979] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.142347] RSP: 0018:ffff888012807bd0 EFLAGS: 00010246 [ 106.143106] RAX: 0000000000000000 RBX: ffff888020adb8a8 RCX: 0000000000000000 [ 106.144073] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 106.145011] RBP: ffff888012807be8 R08: ffffed100415b733 R09: ffffed100415b733 [ 106.145946] R10: ffff888020adb993 R11: ffffed100415b732 R12: ffff88800ae91800 [ 106.146927] R13: ffff888020adb9e8 R14: ffff888013447500 R15: 0000000000000000 [ 106.147885] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.148937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.149698] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.150689] PKRU: 55555554 [ 106.151081] Call Trace: [ 106.151441] [ 106.151753] iommufd_access_destroy_object+0x65/0x170 [ 106.152451] iommufd_object_destroy_user+0x18e/0x220 [ 106.153131] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.153903] iommufd_access_destroy+0x43/0x70 [ 106.154556] iommufd_test_staccess_release+0x8d/0xd0 [ 106.155280] __fput+0x26d/0xa40 [ 106.155758] ____fput+0x1e/0x30 [ 106.156223] task_work_run+0x1a4/0x2d0 [ 106.156767] ? __pfx_task_work_run+0x10/0x10 [ 106.157371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.158039] ? switch_task_namespaces+0xa9/0xe0 [ 106.158764] do_exit+0xb17/0x2ef0 [ 106.159262] ? lock_acquire+0x427/0x4c0 [ 106.159809] ? __pfx_lock_release+0x10/0x10 [ 106.160381] ? __kasan_check_write+0x18/0x20 [ 106.160978] ? do_raw_spin_lock+0x132/0x2a0 [ 106.161555] ? __pfx_do_exit+0x10/0x10 [ 106.162090] ? debug_smp_processor_id+0x20/0x30 [ 106.162769] ? rcu_is_watching+0x19/0xb0 [ 106.163339] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.163955] ? trace_hardirqs_on+0x26/0x120 [ 106.164543] do_group_exit+0xe0/0x2b0 [ 106.165059] __x64_sys_exit_group+0x47/0x50 [ 106.165634] do_syscall_64+0x3b/0x90 [ 106.166147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.166898] RIP: 0033:0x7f4b87518a4d [ 106.167417] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.168234] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.169297] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.170729] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.172059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.173013] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.173984] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.175280] [ 106.175611] irq event stamp: 0 [ 106.176066] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.177030] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.178179] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.179496] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.180389] ---[ end trace 0000000000000000 ]--- [ 106.181990] ------------[ cut here ]------------ [ 106.182828] WARNING: CPU: 1 PID: 939 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.184194] Modules linked in: [ 106.184630] CPU: 1 PID: 939 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.186038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.188223] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.188919] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.191735] RSP: 0018:ffff888012807b78 EFLAGS: 00010246 [ 106.192497] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.193279] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 106.194315] RBP: ffff888012807b98 R08: ffffed100415b73e R09: ffffed100415b73e [ 106.195095] R10: ffff888020adb9ef R11: ffffed100415b73d R12: ffff888020adba90 [ 106.195857] R13: ffff888020adb8a8 R14: ffffffffffffffff R15: ffff888012807c60 [ 106.196843] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.197676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.198373] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.199270] PKRU: 55555554 [ 106.199588] Call Trace: [ 106.199847] [ 106.200080] iommufd_ioas_destroy+0x53/0x70 [ 106.200653] iommufd_fops_release+0x1f7/0x370 [ 106.201222] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.201750] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.202247] ? write_comp_data+0x2f/0x90 [ 106.202837] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.203441] __fput+0x26d/0xa40 [ 106.203800] ____fput+0x1e/0x30 [ 106.204173] task_work_run+0x1a4/0x2d0 [ 106.204585] ? __pfx_task_work_run+0x10/0x10 [ 106.205202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.205824] ? switch_task_namespaces+0xa9/0xe0 [ 106.206343] do_exit+0xb17/0x2ef0 [ 106.206742] ? lock_acquire+0x427/0x4c0 [ 106.207185] ? __pfx_lock_release+0x10/0x10 [ 106.207982] ? __kasan_check_write+0x18/0x20 [ 106.208455] ? do_raw_spin_lock+0x132/0x2a0 [ 106.208904] ? __pfx_do_exit+0x10/0x10 [ 106.209322] ? debug_smp_processor_id+0x20/0x30 [ 106.210017] ? rcu_is_watching+0x19/0xb0 [ 106.210446] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.210985] ? trace_hardirqs_on+0x26/0x120 [ 106.211463] do_group_exit+0xe0/0x2b0 [ 106.211855] __x64_sys_exit_group+0x47/0x50 [ 106.212460] do_syscall_64+0x3b/0x90 [ 106.212874] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.213407] RIP: 0033:0x7f4b87518a4d [ 106.213785] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.214669] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.215464] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.216176] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.217098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.217808] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.218680] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.219548] [ 106.219796] irq event stamp: 0 [ 106.220113] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.220744] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.221772] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.222658] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.223354] ---[ end trace 0000000000000000 ]--- [ 106.229308] ------------[ cut here ]------------ [ 106.229859] WARNING: CPU: 1 PID: 940 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.231096] Modules linked in: [ 106.231437] CPU: 1 PID: 940 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.232223] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.233512] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.234036] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.236213] RSP: 0018:ffff88801386fbb8 EFLAGS: 00010246 [ 106.236854] RAX: 0000000000000000 RBX: ffff8880219e60a8 RCX: 0000000000000000 [ 106.237822] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 106.238587] RBP: ffff88801386fbd0 R08: ffffed100433cc33 R09: ffffed100433cc33 [ 106.239357] R10: ffff8880219e6193 R11: ffffed100433cc32 R12: ffff88801805e000 [ 106.240087] R13: ffff8880219e61e8 R14: ffffffff8352e670 R15: ffff88801386fe68 [ 106.240822] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.241903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.242794] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 106.243544] PKRU: 55555554 [ 106.243836] Call Trace: [ 106.244099] [ 106.244330] __iommufd_access_detach+0x1c2/0x2b0 [ 106.244852] iommufd_access_change_pt+0x149/0x270 [ 106.245359] iommufd_access_replace+0xb4/0x120 [ 106.245839] iommufd_test+0x3e5/0x37e0 [ 106.246365] ? lock_release+0x532/0x770 [ 106.246975] ? __might_fault+0x102/0x1b0 [ 106.247415] ? lock_acquire+0x427/0x4c0 [ 106.247832] ? __pfx_iommufd_test+0x10/0x10 [ 106.248289] ? __pfx_lock_release+0x10/0x10 [ 106.248749] ? __pfx_lock_acquire+0x10/0x10 [ 106.249196] ? write_comp_data+0x2f/0x90 [ 106.249614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.250113] ? write_comp_data+0x2f/0x90 [ 106.250647] iommufd_fops_ioctl+0x37d/0x510 [ 106.251295] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.251803] ? write_comp_data+0x2f/0x90 [ 106.252229] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.252717] __x64_sys_ioctl+0x1a3/0x230 [ 106.253153] do_syscall_64+0x3b/0x90 [ 106.253548] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.254096] RIP: 0033:0x7f4b8743ee5d [ 106.254480] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 106.256920] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 106.257712] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 106.258420] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 106.259194] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 106.259928] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 106.260789] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 106.261755] [ 106.261994] irq event stamp: 0 [ 106.262317] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.262998] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.263883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.264727] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.265474] ---[ end trace 0000000000000000 ]--- [ 106.268919] ------------[ cut here ]------------ [ 106.269456] WARNING: CPU: 1 PID: 940 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.270831] Modules linked in: [ 106.271299] CPU: 1 PID: 940 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.272180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.273261] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.273720] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.275769] RSP: 0018:ffff88801386fbd0 EFLAGS: 00010246 [ 106.276271] RAX: 0000000000000000 RBX: ffff8880219e60a8 RCX: 0000000000000000 [ 106.276938] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 106.277605] RBP: ffff88801386fbe8 R08: ffffed100433cc33 R09: ffffed100433cc33 [ 106.278297] R10: ffff8880219e6193 R11: ffffed100433cc32 R12: ffff88801892f000 [ 106.279188] R13: ffff8880219e61e8 R14: ffff88800fa31a00 R15: 0000000000000000 [ 106.279853] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.280592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.281123] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.281791] PKRU: 55555554 [ 106.282056] Call Trace: [ 106.282364] [ 106.282687] iommufd_access_destroy_object+0x65/0x170 [ 106.283211] iommufd_object_destroy_user+0x18e/0x220 [ 106.283692] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.284239] iommufd_access_destroy+0x43/0x70 [ 106.284676] iommufd_test_staccess_release+0x8d/0xd0 [ 106.285156] __fput+0x26d/0xa40 [ 106.285476] ____fput+0x1e/0x30 [ 106.285794] task_work_run+0x1a4/0x2d0 [ 106.286295] ? __pfx_task_work_run+0x10/0x10 [ 106.286902] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.287381] ? switch_task_namespaces+0xa9/0xe0 [ 106.287837] do_exit+0xb17/0x2ef0 [ 106.288168] ? lock_acquire+0x427/0x4c0 [ 106.288563] ? __pfx_lock_release+0x10/0x10 [ 106.288970] ? __kasan_check_write+0x18/0x20 [ 106.289392] ? do_raw_spin_lock+0x132/0x2a0 [ 106.289794] ? __pfx_do_exit+0x10/0x10 [ 106.290164] ? debug_smp_processor_id+0x20/0x30 [ 106.290734] ? rcu_is_watching+0x19/0xb0 [ 106.291251] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.291693] ? trace_hardirqs_on+0x26/0x120 [ 106.292102] do_group_exit+0xe0/0x2b0 [ 106.292461] __x64_sys_exit_group+0x47/0x50 [ 106.292866] do_syscall_64+0x3b/0x90 [ 106.293215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.293705] RIP: 0033:0x7f4b87518a4d [ 106.294045] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.294690] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.295658] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.296314] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.296956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.297607] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.298260] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.299021] [ 106.299358] irq event stamp: 0 [ 106.299663] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.300235] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.300990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.301756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.302332] ---[ end trace 0000000000000000 ]--- [ 106.303308] ------------[ cut here ]------------ [ 106.303753] WARNING: CPU: 1 PID: 940 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.304684] Modules linked in: [ 106.304975] CPU: 1 PID: 940 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.305772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.307121] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.307601] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.309188] RSP: 0018:ffff88801386fb78 EFLAGS: 00010246 [ 106.309687] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.310400] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 106.311023] RBP: ffff88801386fb98 R08: ffffed100433cc3e R09: ffffed100433cc3e [ 106.311659] R10: ffff8880219e61ef R11: ffffed100433cc3d R12: ffff8880219e6290 [ 106.312277] R13: ffff8880219e60a8 R14: ffffffffffffffff R15: ffff88801386fc60 [ 106.312885] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.313750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.314255] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.314899] PKRU: 55555554 [ 106.315152] Call Trace: [ 106.315376] [ 106.315573] iommufd_ioas_destroy+0x53/0x70 [ 106.315961] iommufd_fops_release+0x1f7/0x370 [ 106.316351] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.316905] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.317397] ? write_comp_data+0x2f/0x90 [ 106.317754] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.318196] __fput+0x26d/0xa40 [ 106.318495] ____fput+0x1e/0x30 [ 106.318827] task_work_run+0x1a4/0x2d0 [ 106.319186] ? __pfx_task_work_run+0x10/0x10 [ 106.319543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.319924] ? switch_task_namespaces+0xa9/0xe0 [ 106.320459] do_exit+0xb17/0x2ef0 [ 106.320787] ? lock_acquire+0x427/0x4c0 [ 106.321147] ? __pfx_lock_release+0x10/0x10 [ 106.321527] ? __kasan_check_write+0x18/0x20 [ 106.321914] ? do_raw_spin_lock+0x132/0x2a0 [ 106.322293] ? __pfx_do_exit+0x10/0x10 [ 106.322671] ? debug_smp_processor_id+0x20/0x30 [ 106.323089] ? rcu_is_watching+0x19/0xb0 [ 106.323460] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.323867] ? trace_hardirqs_on+0x26/0x120 [ 106.324384] do_group_exit+0xe0/0x2b0 [ 106.324715] __x64_sys_exit_group+0x47/0x50 [ 106.325087] do_syscall_64+0x3b/0x90 [ 106.325421] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.325874] RIP: 0033:0x7f4b87518a4d [ 106.326205] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.326827] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.327617] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.328230] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.328847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.329465] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.330071] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.330860] [ 106.331067] irq event stamp: 0 [ 106.331363] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.331902] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.332624] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.333334] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.333909] ---[ end trace 0000000000000000 ]--- [ 106.340947] ------------[ cut here ]------------ [ 106.341391] WARNING: CPU: 1 PID: 941 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.342395] Modules linked in: [ 106.342735] CPU: 1 PID: 941 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.343511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.344620] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.345065] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.346815] RSP: 0018:ffff88801294fbb8 EFLAGS: 00010246 [ 106.347304] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 106.348069] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 106.348689] RBP: ffff88801294fbd0 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 106.349423] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff888010c0b800 [ 106.350056] R13: ffff888017a461e8 R14: ffffffff8352e670 R15: ffff88801294fe68 [ 106.350699] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.351513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.352021] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ee0 [ 106.352634] PKRU: 55555554 [ 106.352966] Call Trace: [ 106.353245] [ 106.353441] __iommufd_access_detach+0x1c2/0x2b0 [ 106.353869] iommufd_access_change_pt+0x149/0x270 [ 106.354309] iommufd_access_replace+0xb4/0x120 [ 106.354862] iommufd_test+0x3e5/0x37e0 [ 106.355216] ? lock_release+0x532/0x770 [ 106.355582] ? __might_fault+0x102/0x1b0 [ 106.355945] ? lock_acquire+0x427/0x4c0 [ 106.356303] ? __pfx_iommufd_test+0x10/0x10 [ 106.356821] ? __pfx_lock_release+0x10/0x10 [ 106.357204] ? __pfx_lock_acquire+0x10/0x10 [ 106.357601] ? write_comp_data+0x2f/0x90 [ 106.357978] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.358409] ? write_comp_data+0x2f/0x90 [ 106.358817] iommufd_fops_ioctl+0x37d/0x510 [ 106.359213] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.359650] ? write_comp_data+0x2f/0x90 [ 106.360017] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.360446] __x64_sys_ioctl+0x1a3/0x230 [ 106.360808] do_syscall_64+0x3b/0x90 [ 106.361148] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.361605] RIP: 0033:0x7f4b8743ee5d [ 106.361941] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 106.363551] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 106.364225] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 106.364852] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 106.365467] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 106.366083] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 106.366725] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 106.367396] [ 106.367602] irq event stamp: 0 [ 106.367887] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.368430] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.369146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.369870] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.370418] ---[ end trace 0000000000000000 ]--- [ 106.373441] ------------[ cut here ]------------ [ 106.373875] WARNING: CPU: 1 PID: 941 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.374769] Modules linked in: [ 106.375055] CPU: 1 PID: 941 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.375824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.376783] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.377219] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.378813] RSP: 0018:ffff88801294fbd0 EFLAGS: 00010246 [ 106.379298] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 106.379909] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 106.380527] RBP: ffff88801294fbe8 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 106.381135] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff88801805f800 [ 106.381751] R13: ffff888017a461e8 R14: ffff888020987000 R15: 0000000000000000 [ 106.382356] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.383066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.383578] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.384198] PKRU: 55555554 [ 106.384441] Call Trace: [ 106.384662] [ 106.384858] iommufd_access_destroy_object+0x65/0x170 [ 106.385316] iommufd_object_destroy_user+0x18e/0x220 [ 106.385767] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.386284] iommufd_access_destroy+0x43/0x70 [ 106.386699] iommufd_test_staccess_release+0x8d/0xd0 [ 106.387143] __fput+0x26d/0xa40 [ 106.387474] ____fput+0x1e/0x30 [ 106.387759] task_work_run+0x1a4/0x2d0 [ 106.388096] ? __pfx_task_work_run+0x10/0x10 [ 106.388459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.388852] ? switch_task_namespaces+0xa9/0xe0 [ 106.389239] do_exit+0xb17/0x2ef0 [ 106.389529] ? lock_acquire+0x427/0x4c0 [ 106.389855] ? __pfx_lock_release+0x10/0x10 [ 106.390214] ? __kasan_check_write+0x18/0x20 [ 106.390593] ? do_raw_spin_lock+0x132/0x2a0 [ 106.390957] ? __pfx_do_exit+0x10/0x10 [ 106.391299] ? debug_smp_processor_id+0x20/0x30 [ 106.391677] ? rcu_is_watching+0x19/0xb0 [ 106.392005] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.392374] ? trace_hardirqs_on+0x26/0x120 [ 106.392736] do_group_exit+0xe0/0x2b0 [ 106.393047] __x64_sys_exit_group+0x47/0x50 [ 106.393396] do_syscall_64+0x3b/0x90 [ 106.393710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.394139] RIP: 0033:0x7f4b87518a4d [ 106.394432] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.394952] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.395567] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.396152] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.396725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.397304] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.397880] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.398461] [ 106.398689] irq event stamp: 0 [ 106.398947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.399477] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.400146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.400811] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.401320] ---[ end trace 0000000000000000 ]--- [ 106.402028] ------------[ cut here ]------------ [ 106.402416] WARNING: CPU: 1 PID: 941 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.403276] Modules linked in: [ 106.403540] CPU: 1 PID: 941 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.404246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.405160] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.405579] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.407078] RSP: 0018:ffff88801294fb78 EFLAGS: 00010246 [ 106.407533] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.408120] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 106.408689] RBP: ffff88801294fb98 R08: ffffed1002f48c3e R09: ffffed1002f48c3e [ 106.409272] R10: ffff888017a461ef R11: ffffed1002f48c3d R12: ffff888017a46290 [ 106.409846] R13: ffff888017a460a8 R14: ffffffffffffffff R15: ffff88801294fc60 [ 106.410417] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.411081] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.411576] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.412153] PKRU: 55555554 [ 106.412383] Call Trace: [ 106.412598] [ 106.412780] iommufd_ioas_destroy+0x53/0x70 [ 106.413133] iommufd_fops_release+0x1f7/0x370 [ 106.413510] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.413920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.414334] ? write_comp_data+0x2f/0x90 [ 106.414697] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.415124] __fput+0x26d/0xa40 [ 106.415407] ____fput+0x1e/0x30 [ 106.415680] task_work_run+0x1a4/0x2d0 [ 106.415998] ? __pfx_task_work_run+0x10/0x10 [ 106.416354] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.416757] ? switch_task_namespaces+0xa9/0xe0 [ 106.417145] do_exit+0xb17/0x2ef0 [ 106.417428] ? lock_acquire+0x427/0x4c0 [ 106.417775] ? __pfx_lock_release+0x10/0x10 [ 106.418138] ? __kasan_check_write+0x18/0x20 [ 106.418498] ? do_raw_spin_lock+0x132/0x2a0 [ 106.418877] ? __pfx_do_exit+0x10/0x10 [ 106.419226] ? debug_smp_processor_id+0x20/0x30 [ 106.419619] ? rcu_is_watching+0x19/0xb0 [ 106.419960] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.420348] ? trace_hardirqs_on+0x26/0x120 [ 106.420708] do_group_exit+0xe0/0x2b0 [ 106.421017] __x64_sys_exit_group+0x47/0x50 [ 106.421365] do_syscall_64+0x3b/0x90 [ 106.421677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.422102] RIP: 0033:0x7f4b87518a4d [ 106.422411] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.422934] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.423583] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.424163] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.424790] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.425486] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.426070] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.426793] [ 106.426986] irq event stamp: 0 [ 106.427267] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.427785] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.428540] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.429265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.429775] ---[ end trace 0000000000000000 ]--- [ 106.434746] ------------[ cut here ]------------ [ 106.435196] WARNING: CPU: 1 PID: 942 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.436008] Modules linked in: [ 106.436308] CPU: 1 PID: 942 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.437098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.438101] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.438580] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.440199] RSP: 0018:ffff888015da7bb8 EFLAGS: 00010246 [ 106.440634] RAX: 0000000000000000 RBX: ffff888015d2f8a8 RCX: 0000000000000000 [ 106.441325] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 106.441916] RBP: ffff888015da7bd0 R08: ffffed1002ba5f33 R09: ffffed1002ba5f33 [ 106.442585] R10: ffff888015d2f993 R11: ffffed1002ba5f32 R12: ffff888010e01400 [ 106.443230] R13: ffff888015d2f9e8 R14: ffffffff8352e670 R15: ffff888015da7e68 [ 106.443808] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.444561] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.445038] CR2: 00007f4b877410e8 CR3: 0000000016496000 CR4: 0000000000750ee0 [ 106.445658] PKRU: 55555554 [ 106.445974] Call Trace: [ 106.446185] [ 106.446378] __iommufd_access_detach+0x1c2/0x2b0 [ 106.446804] iommufd_access_change_pt+0x149/0x270 [ 106.447292] iommufd_access_replace+0xb4/0x120 [ 106.447721] iommufd_test+0x3e5/0x37e0 [ 106.448042] ? lock_release+0x532/0x770 [ 106.448381] ? __might_fault+0x102/0x1b0 [ 106.448720] ? lock_acquire+0x427/0x4c0 [ 106.449065] ? __pfx_iommufd_test+0x10/0x10 [ 106.449410] ? __pfx_lock_release+0x10/0x10 [ 106.449774] ? __pfx_lock_acquire+0x10/0x10 [ 106.450130] ? write_comp_data+0x2f/0x90 [ 106.450464] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.450902] ? write_comp_data+0x2f/0x90 [ 106.451248] iommufd_fops_ioctl+0x37d/0x510 [ 106.451608] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.452010] ? write_comp_data+0x2f/0x90 [ 106.452354] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.452752] __x64_sys_ioctl+0x1a3/0x230 [ 106.453090] do_syscall_64+0x3b/0x90 [ 106.453402] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.453833] RIP: 0033:0x7f4b8743ee5d [ 106.454134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 106.455650] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 106.456273] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 106.456894] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 106.457532] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 106.458099] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 106.458688] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 106.459287] [ 106.459473] irq event stamp: 0 [ 106.459726] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.460240] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.460911] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.461588] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.462099] ---[ end trace 0000000000000000 ]--- [ 106.465182] ------------[ cut here ]------------ [ 106.465594] WARNING: CPU: 1 PID: 942 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.466396] Modules linked in: [ 106.466700] CPU: 1 PID: 942 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.467413] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.468346] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.468751] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.470243] RSP: 0018:ffff888015da7bd0 EFLAGS: 00010246 [ 106.470711] RAX: 0000000000000000 RBX: ffff888015d2f8a8 RCX: 0000000000000000 [ 106.471306] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 106.471881] RBP: ffff888015da7be8 R08: ffffed1002ba5f33 R09: ffffed1002ba5f33 [ 106.472475] R10: ffff888015d2f993 R11: ffffed1002ba5f32 R12: ffff888012e95c00 [ 106.473052] R13: ffff888015d2f9e8 R14: ffff88800ca5a400 R15: 0000000000000000 [ 106.473640] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.474298] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.474796] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.475397] PKRU: 55555554 [ 106.475632] Call Trace: [ 106.475843] [ 106.476031] iommufd_access_destroy_object+0x65/0x170 [ 106.476462] iommufd_object_destroy_user+0x18e/0x220 [ 106.476900] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.477387] iommufd_access_destroy+0x43/0x70 [ 106.477755] iommufd_test_staccess_release+0x8d/0xd0 [ 106.478182] __fput+0x26d/0xa40 [ 106.478467] ____fput+0x1e/0x30 [ 106.478775] task_work_run+0x1a4/0x2d0 [ 106.479106] ? __pfx_task_work_run+0x10/0x10 [ 106.479498] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.479903] ? switch_task_namespaces+0xa9/0xe0 [ 106.480296] do_exit+0xb17/0x2ef0 [ 106.480581] ? lock_acquire+0x427/0x4c0 [ 106.480919] ? __pfx_lock_release+0x10/0x10 [ 106.481280] ? __kasan_check_write+0x18/0x20 [ 106.481642] ? do_raw_spin_lock+0x132/0x2a0 [ 106.481998] ? __pfx_do_exit+0x10/0x10 [ 106.482327] ? debug_smp_processor_id+0x20/0x30 [ 106.482735] ? rcu_is_watching+0x19/0xb0 [ 106.483073] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.483454] ? trace_hardirqs_on+0x26/0x120 [ 106.483819] do_group_exit+0xe0/0x2b0 [ 106.484137] __x64_sys_exit_group+0x47/0x50 [ 106.484494] do_syscall_64+0x3b/0x90 [ 106.484811] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.485243] RIP: 0033:0x7f4b87518a4d [ 106.485552] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.486056] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.486701] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.487293] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.487879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.488463] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.489034] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.489631] [ 106.489843] irq event stamp: 0 [ 106.490110] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.490658] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.491359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.492043] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.492556] ---[ end trace 0000000000000000 ]--- [ 106.493293] ------------[ cut here ]------------ [ 106.493679] WARNING: CPU: 1 PID: 942 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.494532] Modules linked in: [ 106.494798] CPU: 1 PID: 942 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.495519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.496441] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.496861] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.498345] RSP: 0018:ffff888015da7b78 EFLAGS: 00010246 [ 106.498799] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.499391] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 106.499971] RBP: ffff888015da7b98 R08: ffffed1002ba5f3e R09: ffffed1002ba5f3e [ 106.500549] R10: ffff888015d2f9ef R11: ffffed1002ba5f3d R12: ffff888015d2fa90 [ 106.501128] R13: ffff888015d2f8a8 R14: ffffffffffffffff R15: ffff888015da7c60 [ 106.501705] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.502358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.502861] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.503479] PKRU: 55555554 [ 106.503710] Call Trace: [ 106.503919] [ 106.504103] iommufd_ioas_destroy+0x53/0x70 [ 106.504462] iommufd_fops_release+0x1f7/0x370 [ 106.504838] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.505247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.505650] ? write_comp_data+0x2f/0x90 [ 106.505980] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.506375] __fput+0x26d/0xa40 [ 106.506671] ____fput+0x1e/0x30 [ 106.506947] task_work_run+0x1a4/0x2d0 [ 106.507278] ? __pfx_task_work_run+0x10/0x10 [ 106.507632] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.508023] ? switch_task_namespaces+0xa9/0xe0 [ 106.508411] do_exit+0xb17/0x2ef0 [ 106.508687] ? lock_acquire+0x427/0x4c0 [ 106.509006] ? __pfx_lock_release+0x10/0x10 [ 106.509345] ? __kasan_check_write+0x18/0x20 [ 106.509693] ? do_raw_spin_lock+0x132/0x2a0 [ 106.510030] ? __pfx_do_exit+0x10/0x10 [ 106.510342] ? debug_smp_processor_id+0x20/0x30 [ 106.510739] ? rcu_is_watching+0x19/0xb0 [ 106.511060] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.511445] ? trace_hardirqs_on+0x26/0x120 [ 106.511790] do_group_exit+0xe0/0x2b0 [ 106.512094] __x64_sys_exit_group+0x47/0x50 [ 106.512431] do_syscall_64+0x3b/0x90 [ 106.512729] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.513140] RIP: 0033:0x7f4b87518a4d [ 106.513428] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.513916] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.514541] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.515096] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.515665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.516217] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.516767] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.517323] [ 106.517503] irq event stamp: 0 [ 106.517750] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.518248] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.518917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.519569] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.520058] ---[ end trace 0000000000000000 ]--- [ 106.524012] ------------[ cut here ]------------ [ 106.524427] WARNING: CPU: 1 PID: 943 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.525237] Modules linked in: [ 106.525490] CPU: 1 PID: 943 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.526168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.527070] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.527462] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.528871] RSP: 0018:ffff88800e957bb8 EFLAGS: 00010246 [ 106.529306] RAX: 0000000000000000 RBX: ffff88800e8f48a8 RCX: 0000000000000000 [ 106.529859] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 106.530412] RBP: ffff88800e957bd0 R08: ffffed1001d1e933 R09: ffffed1001d1e933 [ 106.530987] R10: ffff88800e8f4993 R11: ffffed1001d1e932 R12: ffff88801892e400 [ 106.531556] R13: ffff88800e8f49e8 R14: ffffffff8352e670 R15: ffff88800e957e68 [ 106.532118] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.532739] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.533188] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 106.533748] PKRU: 55555554 [ 106.533969] Call Trace: [ 106.534169] [ 106.534346] __iommufd_access_detach+0x1c2/0x2b0 [ 106.534777] iommufd_access_change_pt+0x149/0x270 [ 106.535184] iommufd_access_replace+0xb4/0x120 [ 106.535565] iommufd_test+0x3e5/0x37e0 [ 106.535872] ? lock_release+0x532/0x770 [ 106.536198] ? __might_fault+0x102/0x1b0 [ 106.536529] ? lock_acquire+0x427/0x4c0 [ 106.536854] ? __pfx_iommufd_test+0x10/0x10 [ 106.537193] ? __pfx_lock_release+0x10/0x10 [ 106.537546] ? __pfx_lock_acquire+0x10/0x10 [ 106.537894] ? write_comp_data+0x2f/0x90 [ 106.538225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.538642] ? write_comp_data+0x2f/0x90 [ 106.538972] iommufd_fops_ioctl+0x37d/0x510 [ 106.539331] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.539732] ? write_comp_data+0x2f/0x90 [ 106.540061] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.540438] __x64_sys_ioctl+0x1a3/0x230 [ 106.540768] do_syscall_64+0x3b/0x90 [ 106.541091] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.541512] RIP: 0033:0x7f4b8743ee5d [ 106.541810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 106.543255] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 106.543853] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 106.544407] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 106.544970] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 106.545527] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 106.546093] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 106.546712] [ 106.546911] irq event stamp: 0 [ 106.547190] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.547719] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.548410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.549095] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.549617] ---[ end trace 0000000000000000 ]--- [ 106.552582] ------------[ cut here ]------------ [ 106.552991] WARNING: CPU: 1 PID: 943 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.553836] Modules linked in: [ 106.554134] CPU: 1 PID: 943 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.554882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.555833] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.556252] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.557761] RSP: 0018:ffff88800e957bd0 EFLAGS: 00010246 [ 106.558216] RAX: 0000000000000000 RBX: ffff88800e8f48a8 RCX: 0000000000000000 [ 106.558833] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 106.559456] RBP: ffff88800e957be8 R08: ffffed1001d1e933 R09: ffffed1001d1e933 [ 106.560055] R10: ffff88800e8f4993 R11: ffffed1001d1e932 R12: ffff888010e03400 [ 106.560646] R13: ffff88800e8f49e8 R14: ffff88801381c800 R15: 0000000000000000 [ 106.561235] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.561899] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.562384] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.562999] PKRU: 55555554 [ 106.563243] Call Trace: [ 106.563453] [ 106.563642] iommufd_access_destroy_object+0x65/0x170 [ 106.564073] iommufd_object_destroy_user+0x18e/0x220 [ 106.564500] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.564987] iommufd_access_destroy+0x43/0x70 [ 106.565374] iommufd_test_staccess_release+0x8d/0xd0 [ 106.565835] __fput+0x26d/0xa40 [ 106.566147] ____fput+0x1e/0x30 [ 106.566445] task_work_run+0x1a4/0x2d0 [ 106.566824] ? __pfx_task_work_run+0x10/0x10 [ 106.567243] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.567763] ? switch_task_namespaces+0xa9/0xe0 [ 106.568312] do_exit+0xb17/0x2ef0 [ 106.568717] ? lock_acquire+0x427/0x4c0 [ 106.569176] ? __pfx_lock_release+0x10/0x10 [ 106.569668] ? __kasan_check_write+0x18/0x20 [ 106.570192] ? do_raw_spin_lock+0x132/0x2a0 [ 106.570754] ? __pfx_do_exit+0x10/0x10 [ 106.571229] ? debug_smp_processor_id+0x20/0x30 [ 106.571651] ? rcu_is_watching+0x19/0xb0 [ 106.572010] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.572403] ? trace_hardirqs_on+0x26/0x120 [ 106.572782] do_group_exit+0xe0/0x2b0 [ 106.573122] __x64_sys_exit_group+0x47/0x50 [ 106.573490] do_syscall_64+0x3b/0x90 [ 106.573821] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.574284] RIP: 0033:0x7f4b87518a4d [ 106.574648] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.575205] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.575877] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.576506] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.577130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.577758] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.578375] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.579029] [ 106.579266] irq event stamp: 0 [ 106.579555] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.580165] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.580950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.581717] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.582313] ---[ end trace 0000000000000000 ]--- [ 106.583216] ------------[ cut here ]------------ [ 106.583679] WARNING: CPU: 1 PID: 943 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.584646] Modules linked in: [ 106.584958] CPU: 1 PID: 943 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.585780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.586895] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.587430] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.589211] RSP: 0018:ffff88800e957b78 EFLAGS: 00010246 [ 106.589725] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.590405] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 106.591147] RBP: ffff88800e957b98 R08: ffffed1001d1e93e R09: ffffed1001d1e93e [ 106.591836] R10: ffff88800e8f49ef R11: ffffed1001d1e93d R12: ffff88800e8f4a90 [ 106.592548] R13: ffff88800e8f48a8 R14: ffffffffffffffff R15: ffff88800e957c60 [ 106.593291] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 106.594143] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.594791] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 106.595546] PKRU: 55555554 [ 106.595856] Call Trace: [ 106.596124] [ 106.596369] iommufd_ioas_destroy+0x53/0x70 [ 106.596832] iommufd_fops_release+0x1f7/0x370 [ 106.597318] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.597857] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.598373] ? write_comp_data+0x2f/0x90 [ 106.598856] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.599413] __fput+0x26d/0xa40 [ 106.599792] ____fput+0x1e/0x30 [ 106.600159] task_work_run+0x1a4/0x2d0 [ 106.600591] ? __pfx_task_work_run+0x10/0x10 [ 106.601059] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.601575] ? switch_task_namespaces+0xa9/0xe0 [ 106.602106] do_exit+0xb17/0x2ef0 [ 106.602483] ? lock_acquire+0x427/0x4c0 [ 106.602958] ? __pfx_lock_release+0x10/0x10 [ 106.603431] ? __kasan_check_write+0x18/0x20 [ 106.603908] ? do_raw_spin_lock+0x132/0x2a0 [ 106.604365] ? __pfx_do_exit+0x10/0x10 [ 106.604786] ? debug_smp_processor_id+0x20/0x30 [ 106.605287] ? rcu_is_watching+0x19/0xb0 [ 106.605727] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.606227] ? trace_hardirqs_on+0x26/0x120 [ 106.606738] do_group_exit+0xe0/0x2b0 [ 106.607177] __x64_sys_exit_group+0x47/0x50 [ 106.607638] do_syscall_64+0x3b/0x90 [ 106.608051] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.608618] RIP: 0033:0x7f4b87518a4d [ 106.609018] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.609673] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.610475] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.611290] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.612051] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.612802] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.613546] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.614310] [ 106.614601] irq event stamp: 0 [ 106.614931] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.615612] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.616530] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.617426] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.618103] ---[ end trace 0000000000000000 ]--- [ 106.625279] ------------[ cut here ]------------ [ 106.626018] WARNING: CPU: 0 PID: 944 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.627641] Modules linked in: [ 106.628139] CPU: 0 PID: 944 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.629325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.630919] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.631657] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.634101] RSP: 0018:ffff88801294fbb8 EFLAGS: 00010246 [ 106.634910] RAX: 0000000000000000 RBX: ffff88802460f8a8 RCX: 0000000000000000 [ 106.635903] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 106.636844] RBP: ffff88801294fbd0 R08: ffffed10048c1f33 R09: ffffed10048c1f33 [ 106.637794] R10: ffff88802460f993 R11: ffffed10048c1f32 R12: ffff888021ba9000 [ 106.638812] R13: ffff88802460f9e8 R14: ffffffff8352e670 R15: ffff88801294fe68 [ 106.639823] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.640917] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.641723] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 106.642779] PKRU: 55555554 [ 106.643237] Call Trace: [ 106.643616] [ 106.643947] __iommufd_access_detach+0x1c2/0x2b0 [ 106.644648] iommufd_access_change_pt+0x149/0x270 [ 106.645362] iommufd_access_replace+0xb4/0x120 [ 106.646056] iommufd_test+0x3e5/0x37e0 [ 106.646696] ? lock_release+0x532/0x770 [ 106.647312] ? __might_fault+0x102/0x1b0 [ 106.647906] ? lock_acquire+0x427/0x4c0 [ 106.648485] ? __pfx_iommufd_test+0x10/0x10 [ 106.649106] ? __pfx_lock_release+0x10/0x10 [ 106.649753] ? __pfx_lock_acquire+0x10/0x10 [ 106.650398] ? write_comp_data+0x2f/0x90 [ 106.651087] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.651847] ? write_comp_data+0x2f/0x90 [ 106.652446] iommufd_fops_ioctl+0x37d/0x510 [ 106.653080] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.653795] ? write_comp_data+0x2f/0x90 [ 106.654404] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.655249] __x64_sys_ioctl+0x1a3/0x230 [ 106.655819] do_syscall_64+0x3b/0x90 [ 106.656236] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.656788] RIP: 0033:0x7f4b8743ee5d [ 106.657191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 106.659349] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 106.660437] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 106.661444] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 106.662446] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 106.663580] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 106.664601] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 106.665648] [ 106.666012] irq event stamp: 0 [ 106.666473] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.667483] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.668659] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.669837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.670819] ---[ end trace 0000000000000000 ]--- [ 106.674985] ------------[ cut here ]------------ [ 106.675554] WARNING: CPU: 0 PID: 944 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.676625] Modules linked in: [ 106.676966] CPU: 0 PID: 944 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.677895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.679556] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.680180] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.682086] RSP: 0018:ffff88801294fbd0 EFLAGS: 00010246 [ 106.682729] RAX: 0000000000000000 RBX: ffff88802460f8a8 RCX: 0000000000000000 [ 106.683736] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 106.684659] RBP: ffff88801294fbe8 R08: ffffed10048c1f33 R09: ffffed10048c1f33 [ 106.685839] R10: ffff88802460f993 R11: ffffed10048c1f32 R12: ffff888010827000 [ 106.686825] R13: ffff88802460f9e8 R14: ffff88801706df00 R15: 0000000000000000 [ 106.687765] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.688737] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.689363] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 106.690133] PKRU: 55555554 [ 106.690425] Call Trace: [ 106.690759] [ 106.691063] iommufd_access_destroy_object+0x65/0x170 [ 106.691691] iommufd_object_destroy_user+0x18e/0x220 [ 106.692243] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.692884] iommufd_access_destroy+0x43/0x70 [ 106.693385] iommufd_test_staccess_release+0x8d/0xd0 [ 106.693952] __fput+0x26d/0xa40 [ 106.694320] ____fput+0x1e/0x30 [ 106.694726] task_work_run+0x1a4/0x2d0 [ 106.695257] ? __pfx_task_work_run+0x10/0x10 [ 106.695785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.696314] ? switch_task_namespaces+0xa9/0xe0 [ 106.696840] do_exit+0xb17/0x2ef0 [ 106.697217] ? lock_acquire+0x427/0x4c0 [ 106.697662] ? __pfx_lock_release+0x10/0x10 [ 106.698137] ? __kasan_check_write+0x18/0x20 [ 106.698672] ? do_raw_spin_lock+0x132/0x2a0 [ 106.699409] ? __pfx_do_exit+0x10/0x10 [ 106.700042] ? debug_smp_processor_id+0x20/0x30 [ 106.700741] ? rcu_is_watching+0x19/0xb0 [ 106.701346] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.702032] ? trace_hardirqs_on+0x26/0x120 [ 106.702803] do_group_exit+0xe0/0x2b0 [ 106.703434] __x64_sys_exit_group+0x47/0x50 [ 106.704089] do_syscall_64+0x3b/0x90 [ 106.704667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.705436] RIP: 0033:0x7f4b87518a4d [ 106.706003] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.706945] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.708087] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.709102] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.710123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.711254] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.712264] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.713289] [ 106.713651] irq event stamp: 0 [ 106.714111] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.715082] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.716322] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.717517] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.718430] ---[ end trace 0000000000000000 ]--- [ 106.720517] ------------[ cut here ]------------ [ 106.721206] WARNING: CPU: 0 PID: 944 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.723499] Modules linked in: [ 106.724464] CPU: 0 PID: 944 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.725692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.727723] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.728480] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.731552] RSP: 0018:ffff88801294fb78 EFLAGS: 00010246 [ 106.732852] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.733863] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 106.735478] RBP: ffff88801294fb98 R08: ffffed10048c1f3e R09: ffffed10048c1f3e [ 106.736945] R10: ffff88802460f9ef R11: ffffed10048c1f3d R12: ffff88802460fa90 [ 106.737942] R13: ffff88802460f8a8 R14: ffffffffffffffff R15: ffff88801294fc60 [ 106.739369] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.740494] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.741654] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 106.742739] PKRU: 55555554 [ 106.743454] Call Trace: [ 106.743839] [ 106.744162] iommufd_ioas_destroy+0x53/0x70 [ 106.744787] iommufd_fops_release+0x1f7/0x370 [ 106.745768] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.746492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.747552] ? write_comp_data+0x2f/0x90 [ 106.748152] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.748851] __fput+0x26d/0xa40 [ 106.749364] ____fput+0x1e/0x30 [ 106.749872] task_work_run+0x1a4/0x2d0 [ 106.750460] ? __pfx_task_work_run+0x10/0x10 [ 106.751187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.751927] ? switch_task_namespaces+0xa9/0xe0 [ 106.752684] do_exit+0xb17/0x2ef0 [ 106.753389] ? lock_acquire+0x427/0x4c0 [ 106.753969] ? __pfx_lock_release+0x10/0x10 [ 106.754675] ? __kasan_check_write+0x18/0x20 [ 106.755501] ? do_raw_spin_lock+0x132/0x2a0 [ 106.756142] ? __pfx_do_exit+0x10/0x10 [ 106.756826] ? debug_smp_processor_id+0x20/0x30 [ 106.757668] ? rcu_is_watching+0x19/0xb0 [ 106.758264] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.759211] ? trace_hardirqs_on+0x26/0x120 [ 106.759848] do_group_exit+0xe0/0x2b0 [ 106.760394] __x64_sys_exit_group+0x47/0x50 [ 106.761021] do_syscall_64+0x3b/0x90 [ 106.761594] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.762379] RIP: 0033:0x7f4b87518a4d [ 106.762989] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.763894] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.764992] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.766033] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.767147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.768191] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.769228] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.770282] [ 106.770722] irq event stamp: 0 [ 106.771229] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.772107] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.773275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.774445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.775441] ---[ end trace 0000000000000000 ]--- [ 106.786144] ------------[ cut here ]------------ [ 106.787214] WARNING: CPU: 0 PID: 945 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.788600] Modules linked in: [ 106.789046] CPU: 0 PID: 945 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.790195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.791754] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.792418] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.794855] RSP: 0018:ffff88800ff0fbb8 EFLAGS: 00010246 [ 106.795586] RAX: 0000000000000000 RBX: ffff8880186900a8 RCX: 0000000000000000 [ 106.796531] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 106.797499] RBP: ffff88800ff0fbd0 R08: ffffed10030d2033 R09: ffffed10030d2033 [ 106.798449] R10: ffff888018690193 R11: ffffed10030d2032 R12: ffff88800ef68400 [ 106.799499] R13: ffff8880186901e8 R14: ffffffff8352e670 R15: ffff88800ff0fe68 [ 106.800458] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.801562] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.802358] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 106.803402] PKRU: 55555554 [ 106.803807] Call Trace: [ 106.804168] [ 106.804489] __iommufd_access_detach+0x1c2/0x2b0 [ 106.805174] iommufd_access_change_pt+0x149/0x270 [ 106.805865] iommufd_access_replace+0xb4/0x120 [ 106.806572] iommufd_test+0x3e5/0x37e0 [ 106.807144] ? lock_release+0x532/0x770 [ 106.807714] ? __might_fault+0x102/0x1b0 [ 106.808289] ? lock_acquire+0x427/0x4c0 [ 106.808856] ? __pfx_iommufd_test+0x10/0x10 [ 106.809450] ? __pfx_lock_release+0x10/0x10 [ 106.810060] ? __pfx_lock_acquire+0x10/0x10 [ 106.810719] ? write_comp_data+0x2f/0x90 [ 106.811317] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.811998] ? write_comp_data+0x2f/0x90 [ 106.812575] iommufd_fops_ioctl+0x37d/0x510 [ 106.813180] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.813859] ? write_comp_data+0x2f/0x90 [ 106.814435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.815169] __x64_sys_ioctl+0x1a3/0x230 [ 106.815760] do_syscall_64+0x3b/0x90 [ 106.816291] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.817010] RIP: 0033:0x7f4b8743ee5d [ 106.817514] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 106.820027] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 106.821095] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 106.822069] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 106.823079] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 106.824074] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 106.825044] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 106.826028] [ 106.826356] irq event stamp: 0 [ 106.826841] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.827724] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.828860] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.829993] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.830892] ---[ end trace 0000000000000000 ]--- [ 106.834846] ------------[ cut here ]------------ [ 106.835396] WARNING: CPU: 0 PID: 945 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.836660] Modules linked in: [ 106.837144] CPU: 0 PID: 945 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.838065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.839598] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.840136] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.842344] RSP: 0018:ffff88800ff0fbd0 EFLAGS: 00010246 [ 106.842942] RAX: 0000000000000000 RBX: ffff8880186900a8 RCX: 0000000000000000 [ 106.843871] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 106.844770] RBP: ffff88800ff0fbe8 R08: ffffed10030d2033 R09: ffffed10030d2033 [ 106.845534] R10: ffff888018690193 R11: ffffed10030d2032 R12: ffff888021ba8400 [ 106.846988] R13: ffff8880186901e8 R14: ffff888018bbd100 R15: 0000000000000000 [ 106.848082] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.849296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.849910] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 106.850934] PKRU: 55555554 [ 106.851247] Call Trace: [ 106.851521] [ 106.851762] iommufd_access_destroy_object+0x65/0x170 [ 106.852321] iommufd_object_destroy_user+0x18e/0x220 [ 106.853128] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.853756] iommufd_access_destroy+0x43/0x70 [ 106.854249] iommufd_test_staccess_release+0x8d/0xd0 [ 106.855053] __fput+0x26d/0xa40 [ 106.855447] ____fput+0x1e/0x30 [ 106.855814] task_work_run+0x1a4/0x2d0 [ 106.856246] ? __pfx_task_work_run+0x10/0x10 [ 106.856733] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.857524] ? switch_task_namespaces+0xa9/0xe0 [ 106.858037] do_exit+0xb17/0x2ef0 [ 106.858412] ? lock_acquire+0x427/0x4c0 [ 106.858876] ? __pfx_lock_release+0x10/0x10 [ 106.859554] ? __kasan_check_write+0x18/0x20 [ 106.860034] ? do_raw_spin_lock+0x132/0x2a0 [ 106.860492] ? __pfx_do_exit+0x10/0x10 [ 106.860918] ? debug_smp_processor_id+0x20/0x30 [ 106.861676] ? rcu_is_watching+0x19/0xb0 [ 106.862116] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.862632] ? trace_hardirqs_on+0x26/0x120 [ 106.863103] do_group_exit+0xe0/0x2b0 [ 106.863770] __x64_sys_exit_group+0x47/0x50 [ 106.864239] do_syscall_64+0x3b/0x90 [ 106.864652] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.865343] RIP: 0033:0x7f4b87518a4d [ 106.865887] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.866571] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.867501] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.868359] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.869152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.870171] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.870963] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.872040] [ 106.872309] irq event stamp: 0 [ 106.872647] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.873421] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.874472] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.875473] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.876310] ---[ end trace 0000000000000000 ]--- [ 106.878344] ------------[ cut here ]------------ [ 106.878928] WARNING: CPU: 0 PID: 945 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.880333] Modules linked in: [ 106.880686] CPU: 0 PID: 945 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.881878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.883139] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.883886] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.886091] RSP: 0018:ffff88800ff0fb78 EFLAGS: 00010246 [ 106.886688] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 106.887726] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 106.888494] RBP: ffff88800ff0fb98 R08: ffffed10030d203e R09: ffffed10030d203e [ 106.889482] R10: ffff8880186901ef R11: ffffed10030d203d R12: ffff888018690290 [ 106.890237] R13: ffff8880186900a8 R14: ffffffffffffffff R15: ffff88800ff0fc60 [ 106.891133] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.892148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.892780] CR2: 00007f82e2b95000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 106.893549] PKRU: 55555554 [ 106.893852] Call Trace: [ 106.894124] [ 106.894365] iommufd_ioas_destroy+0x53/0x70 [ 106.894863] iommufd_fops_release+0x1f7/0x370 [ 106.895364] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.895902] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.896435] ? write_comp_data+0x2f/0x90 [ 106.896879] ? __pfx_iommufd_fops_release+0x10/0x10 [ 106.897421] __fput+0x26d/0xa40 [ 106.897795] ____fput+0x1e/0x30 [ 106.898166] task_work_run+0x1a4/0x2d0 [ 106.898632] ? __pfx_task_work_run+0x10/0x10 [ 106.899132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.899664] ? switch_task_namespaces+0xa9/0xe0 [ 106.900178] do_exit+0xb17/0x2ef0 [ 106.900548] ? lock_acquire+0x427/0x4c0 [ 106.900984] ? __pfx_lock_release+0x10/0x10 [ 106.901450] ? __kasan_check_write+0x18/0x20 [ 106.901920] ? do_raw_spin_lock+0x132/0x2a0 [ 106.902377] ? __pfx_do_exit+0x10/0x10 [ 106.902827] ? debug_smp_processor_id+0x20/0x30 [ 106.903333] ? rcu_is_watching+0x19/0xb0 [ 106.903774] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.904266] ? trace_hardirqs_on+0x26/0x120 [ 106.904736] do_group_exit+0xe0/0x2b0 [ 106.905140] __x64_sys_exit_group+0x47/0x50 [ 106.905593] do_syscall_64+0x3b/0x90 [ 106.905992] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.906567] RIP: 0033:0x7f4b87518a4d [ 106.906968] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.907639] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.908444] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.909196] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.909961] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.910730] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.911490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.912259] [ 106.912510] irq event stamp: 0 [ 106.912842] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.913505] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.914389] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.915317] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.915994] ---[ end trace 0000000000000000 ]--- [ 106.921061] ------------[ cut here ]------------ [ 106.921731] WARNING: CPU: 0 PID: 946 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.922934] Modules linked in: [ 106.923291] CPU: 0 PID: 946 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.924209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.925379] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.925899] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.927840] RSP: 0018:ffff88801294fbb8 EFLAGS: 00010246 [ 106.928404] RAX: 0000000000000000 RBX: ffff888023f1c0a8 RCX: 0000000000000000 [ 106.929148] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 106.929894] RBP: ffff88801294fbd0 R08: ffffed10047e3833 R09: ffffed10047e3833 [ 106.930644] R10: ffff888023f1c193 R11: ffffed10047e3832 R12: ffff8880182c1c00 [ 106.931396] R13: ffff888023f1c1e8 R14: ffffffff8352e670 R15: ffff88801294fe68 [ 106.932144] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.932988] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.933589] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 106.934331] PKRU: 55555554 [ 106.934644] Call Trace: [ 106.934915] [ 106.935184] __iommufd_access_detach+0x1c2/0x2b0 [ 106.935706] iommufd_access_change_pt+0x149/0x270 [ 106.936228] iommufd_access_replace+0xb4/0x120 [ 106.936725] iommufd_test+0x3e5/0x37e0 [ 106.937131] ? lock_release+0x532/0x770 [ 106.937558] ? __might_fault+0x102/0x1b0 [ 106.937993] ? lock_acquire+0x427/0x4c0 [ 106.938419] ? __pfx_iommufd_test+0x10/0x10 [ 106.938892] ? __pfx_lock_release+0x10/0x10 [ 106.939364] ? __pfx_lock_acquire+0x10/0x10 [ 106.939834] ? write_comp_data+0x2f/0x90 [ 106.940274] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.940791] ? write_comp_data+0x2f/0x90 [ 106.941226] iommufd_fops_ioctl+0x37d/0x510 [ 106.941682] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.942193] ? write_comp_data+0x2f/0x90 [ 106.942663] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 106.943191] __x64_sys_ioctl+0x1a3/0x230 [ 106.943636] do_syscall_64+0x3b/0x90 [ 106.944040] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.944589] RIP: 0033:0x7f4b8743ee5d [ 106.944975] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 106.946869] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 106.947661] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 106.948387] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 106.949111] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 106.949838] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 106.950575] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 106.951329] [ 106.951576] irq event stamp: 0 [ 106.951905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.952555] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.953418] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.954266] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.954939] ---[ end trace 0000000000000000 ]--- [ 106.958227] ------------[ cut here ]------------ [ 106.958740] WARNING: CPU: 0 PID: 946 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 106.960027] Modules linked in: [ 106.960335] CPU: 0 PID: 946 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.961143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.962204] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 106.963010] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 106.964729] RSP: 0018:ffff88801294fbd0 EFLAGS: 00010246 [ 106.965228] RAX: 0000000000000000 RBX: ffff888023f1c0a8 RCX: 0000000000000000 [ 106.965958] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 106.966814] RBP: ffff88801294fbe8 R08: ffffed10047e3833 R09: ffffed10047e3833 [ 106.967506] R10: ffff888023f1c193 R11: ffffed10047e3832 R12: ffff88800f171800 [ 106.968188] R13: ffff888023f1c1e8 R14: ffff888020a42700 R15: 0000000000000000 [ 106.968873] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 106.969888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.970452] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 106.971163] PKRU: 55555554 [ 106.971446] Call Trace: [ 106.971699] [ 106.971917] iommufd_access_destroy_object+0x65/0x170 [ 106.972422] iommufd_object_destroy_user+0x18e/0x220 [ 106.973135] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 106.973695] iommufd_access_destroy+0x43/0x70 [ 106.974131] iommufd_test_staccess_release+0x8d/0xd0 [ 106.974665] __fput+0x26d/0xa40 [ 106.974999] ____fput+0x1e/0x30 [ 106.975333] task_work_run+0x1a4/0x2d0 [ 106.975722] ? __pfx_task_work_run+0x10/0x10 [ 106.976153] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 106.976845] ? switch_task_namespaces+0xa9/0xe0 [ 106.977298] do_exit+0xb17/0x2ef0 [ 106.977630] ? lock_acquire+0x427/0x4c0 [ 106.978017] ? __pfx_lock_release+0x10/0x10 [ 106.978433] ? __kasan_check_write+0x18/0x20 [ 106.978918] ? do_raw_spin_lock+0x132/0x2a0 [ 106.979347] ? __pfx_do_exit+0x10/0x10 [ 106.979758] ? debug_smp_processor_id+0x20/0x30 [ 106.980413] ? rcu_is_watching+0x19/0xb0 [ 106.980807] ? _raw_spin_unlock_irq+0x2b/0x60 [ 106.981243] ? trace_hardirqs_on+0x26/0x120 [ 106.981660] do_group_exit+0xe0/0x2b0 [ 106.982024] __x64_sys_exit_group+0x47/0x50 [ 106.982437] do_syscall_64+0x3b/0x90 [ 106.983044] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 106.983561] RIP: 0033:0x7f4b87518a4d [ 106.983915] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 106.984496] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 106.985211] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 106.985890] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 106.986837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 106.987527] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 106.988211] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 106.988898] [ 106.989131] irq event stamp: 0 [ 106.989456] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 106.990254] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 106.991089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 106.991906] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 106.992521] ---[ end trace 0000000000000000 ]--- [ 106.993525] ------------[ cut here ]------------ [ 106.993978] WARNING: CPU: 0 PID: 946 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 106.994974] Modules linked in: [ 106.995302] CPU: 0 PID: 946 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 106.996128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 106.997413] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 106.997906] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 106.999709] RSP: 0018:ffff88801294fb78 EFLAGS: 00010246 [ 107.000371] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.001042] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 107.001705] RBP: ffff88801294fb98 R08: ffffed10047e383e R09: ffffed10047e383e [ 107.002373] R10: ffff888023f1c1ef R11: ffffed10047e383d R12: ffff888023f1c290 [ 107.003299] R13: ffff888023f1c0a8 R14: ffffffffffffffff R15: ffff88801294fc60 [ 107.003977] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.004738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.005351] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 107.006182] PKRU: 55555554 [ 107.006455] Call Trace: [ 107.006724] [ 107.006946] iommufd_ioas_destroy+0x53/0x70 [ 107.007463] iommufd_fops_release+0x1f7/0x370 [ 107.008042] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.008529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.009009] ? write_comp_data+0x2f/0x90 [ 107.009502] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.010115] __fput+0x26d/0xa40 [ 107.010450] ____fput+0x1e/0x30 [ 107.010804] task_work_run+0x1a4/0x2d0 [ 107.011205] ? __pfx_task_work_run+0x10/0x10 [ 107.011691] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.012283] ? switch_task_namespaces+0xa9/0xe0 [ 107.012779] do_exit+0xb17/0x2ef0 [ 107.013147] ? lock_acquire+0x427/0x4c0 [ 107.013811] ? __pfx_lock_release+0x10/0x10 [ 107.014266] ? __kasan_check_write+0x18/0x20 [ 107.014760] ? do_raw_spin_lock+0x132/0x2a0 [ 107.015229] ? __pfx_do_exit+0x10/0x10 [ 107.015647] ? debug_smp_processor_id+0x20/0x30 [ 107.016408] ? rcu_is_watching+0x19/0xb0 [ 107.016832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.017301] ? trace_hardirqs_on+0x26/0x120 [ 107.017849] do_group_exit+0xe0/0x2b0 [ 107.018340] __x64_sys_exit_group+0x47/0x50 [ 107.018813] do_syscall_64+0x3b/0x90 [ 107.019217] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.019761] RIP: 0033:0x7f4b87518a4d [ 107.020384] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.021023] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.021839] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.022802] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.023557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.024410] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.025275] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.026018] [ 107.026374] irq event stamp: 0 [ 107.026820] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.027480] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.028371] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.029414] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.030091] ---[ end trace 0000000000000000 ]--- [ 107.036430] ------------[ cut here ]------------ [ 107.036954] WARNING: CPU: 0 PID: 947 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.037977] Modules linked in: [ 107.038303] CPU: 0 PID: 947 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.039406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.040557] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.041066] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.042937] RSP: 0018:ffff88801369fbb8 EFLAGS: 00010246 [ 107.043496] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 107.044222] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 107.044949] RBP: ffff88801369fbd0 R08: ffffed100173f833 R09: ffffed100173f833 [ 107.045668] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff888010c0bc00 [ 107.046389] R13: ffff88800b9fc1e8 R14: ffffffff8352e670 R15: ffff88801369fe68 [ 107.047143] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.047980] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.048577] CR2: 00007f4b877410e8 CR3: 0000000016496000 CR4: 0000000000750ef0 [ 107.049303] PKRU: 55555554 [ 107.049594] Call Trace: [ 107.049859] [ 107.050086] __iommufd_access_detach+0x1c2/0x2b0 [ 107.050631] iommufd_access_change_pt+0x149/0x270 [ 107.051165] iommufd_access_replace+0xb4/0x120 [ 107.051646] iommufd_test+0x3e5/0x37e0 [ 107.052046] ? lock_release+0x532/0x770 [ 107.052462] ? __might_fault+0x102/0x1b0 [ 107.052889] ? lock_acquire+0x427/0x4c0 [ 107.053312] ? __pfx_iommufd_test+0x10/0x10 [ 107.053758] ? __pfx_lock_release+0x10/0x10 [ 107.054206] ? __pfx_lock_acquire+0x10/0x10 [ 107.054693] ? write_comp_data+0x2f/0x90 [ 107.055139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.055651] ? write_comp_data+0x2f/0x90 [ 107.056082] iommufd_fops_ioctl+0x37d/0x510 [ 107.056528] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.057033] ? write_comp_data+0x2f/0x90 [ 107.057460] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.057959] __x64_sys_ioctl+0x1a3/0x230 [ 107.058389] do_syscall_64+0x3b/0x90 [ 107.058830] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.059399] RIP: 0033:0x7f4b8743ee5d [ 107.059786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.061656] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.062433] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.063214] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.063965] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.064700] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.065434] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.066173] [ 107.066417] irq event stamp: 0 [ 107.066768] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.067436] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.068294] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.069154] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.069805] ---[ end trace 0000000000000000 ]--- [ 107.072991] ------------[ cut here ]------------ [ 107.073528] WARNING: CPU: 0 PID: 947 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.074652] Modules linked in: [ 107.074998] CPU: 0 PID: 947 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.075897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.077055] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.077570] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.079500] RSP: 0018:ffff88801369fbd0 EFLAGS: 00010246 [ 107.080075] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 107.080800] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 107.081524] RBP: ffff88801369fbe8 R08: ffffed100173f833 R09: ffffed100173f833 [ 107.082241] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff8880182c0c00 [ 107.082996] R13: ffff88800b9fc1e8 R14: ffff88802099cb00 R15: 0000000000000000 [ 107.083743] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.084564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.085154] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 107.085883] PKRU: 55555554 [ 107.086176] Call Trace: [ 107.086442] [ 107.086702] iommufd_access_destroy_object+0x65/0x170 [ 107.087262] iommufd_object_destroy_user+0x18e/0x220 [ 107.087791] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.088384] iommufd_access_destroy+0x43/0x70 [ 107.088866] iommufd_test_staccess_release+0x8d/0xd0 [ 107.089398] __fput+0x26d/0xa40 [ 107.089752] ____fput+0x1e/0x30 [ 107.090102] task_work_run+0x1a4/0x2d0 [ 107.090533] ? __pfx_task_work_run+0x10/0x10 [ 107.090996] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.091517] ? switch_task_namespaces+0xa9/0xe0 [ 107.092015] do_exit+0xb17/0x2ef0 [ 107.092381] ? lock_acquire+0x427/0x4c0 [ 107.092802] ? __pfx_lock_release+0x10/0x10 [ 107.093260] ? __kasan_check_write+0x18/0x20 [ 107.093728] ? do_raw_spin_lock+0x132/0x2a0 [ 107.094182] ? __pfx_do_exit+0x10/0x10 [ 107.094622] ? debug_smp_processor_id+0x20/0x30 [ 107.095131] ? rcu_is_watching+0x19/0xb0 [ 107.095561] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.096040] ? trace_hardirqs_on+0x26/0x120 [ 107.096502] do_group_exit+0xe0/0x2b0 [ 107.096916] __x64_sys_exit_group+0x47/0x50 [ 107.097369] do_syscall_64+0x3b/0x90 [ 107.097760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.098302] RIP: 0033:0x7f4b87518a4d [ 107.098718] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.099366] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.100143] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.100879] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.101616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.102356] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.103124] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.103873] [ 107.104119] irq event stamp: 0 [ 107.104441] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.105089] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.105941] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.106807] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.107464] ---[ end trace 0000000000000000 ]--- [ 107.108407] ------------[ cut here ]------------ [ 107.108895] WARNING: CPU: 0 PID: 947 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.109926] Modules linked in: [ 107.110262] CPU: 0 PID: 947 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.111195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.112354] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.112877] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.114756] RSP: 0018:ffff88801369fb78 EFLAGS: 00010246 [ 107.115303] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.115974] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 107.116642] RBP: ffff88801369fb98 R08: ffffed100173f83e R09: ffffed100173f83e [ 107.117311] R10: ffff88800b9fc1ef R11: ffffed100173f83d R12: ffff88800b9fc290 [ 107.117989] R13: ffff88800b9fc0a8 R14: ffffffffffffffff R15: ffff88801369fc60 [ 107.118697] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.119484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.120033] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 107.120710] PKRU: 55555554 [ 107.120979] Call Trace: [ 107.121221] [ 107.121437] iommufd_ioas_destroy+0x53/0x70 [ 107.121856] iommufd_fops_release+0x1f7/0x370 [ 107.122292] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.122797] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.123287] ? write_comp_data+0x2f/0x90 [ 107.123693] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.124170] __fput+0x26d/0xa40 [ 107.124498] ____fput+0x1e/0x30 [ 107.124825] task_work_run+0x1a4/0x2d0 [ 107.125210] ? __pfx_task_work_run+0x10/0x10 [ 107.125636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.126106] ? switch_task_namespaces+0xa9/0xe0 [ 107.126578] do_exit+0xb17/0x2ef0 [ 107.126910] ? lock_acquire+0x427/0x4c0 [ 107.127301] ? __pfx_lock_release+0x10/0x10 [ 107.127713] ? __kasan_check_write+0x18/0x20 [ 107.128136] ? do_raw_spin_lock+0x132/0x2a0 [ 107.128541] ? __pfx_do_exit+0x10/0x10 [ 107.128924] ? debug_smp_processor_id+0x20/0x30 [ 107.129369] ? rcu_is_watching+0x19/0xb0 [ 107.129754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.130187] ? trace_hardirqs_on+0x26/0x120 [ 107.130621] do_group_exit+0xe0/0x2b0 [ 107.130985] __x64_sys_exit_group+0x47/0x50 [ 107.131404] do_syscall_64+0x3b/0x90 [ 107.131772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.132268] RIP: 0033:0x7f4b87518a4d [ 107.132616] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.133195] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.133907] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.134588] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.135270] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.135950] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.136617] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.137292] [ 107.137510] irq event stamp: 0 [ 107.137828] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.138419] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.139228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.140022] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.140618] ---[ end trace 0000000000000000 ]--- [ 107.145543] ------------[ cut here ]------------ [ 107.146028] WARNING: CPU: 0 PID: 948 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.147174] Modules linked in: [ 107.147474] CPU: 0 PID: 948 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.148275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.149306] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.149766] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.151478] RSP: 0018:ffff8880162cfbb8 EFLAGS: 00010246 [ 107.151970] RAX: 0000000000000000 RBX: ffff888010b9e0a8 RCX: 0000000000000000 [ 107.152623] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 107.153279] RBP: ffff8880162cfbd0 R08: ffffed1002173c33 R09: ffffed1002173c33 [ 107.153931] R10: ffff888010b9e193 R11: ffffed1002173c32 R12: ffff888013b20c00 [ 107.154591] R13: ffff888010b9e1e8 R14: ffffffff8352e670 R15: ffff8880162cfe68 [ 107.155249] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.155950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.156453] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 107.157071] PKRU: 55555554 [ 107.157318] Call Trace: [ 107.157543] [ 107.157741] __iommufd_access_detach+0x1c2/0x2b0 [ 107.158173] iommufd_access_change_pt+0x149/0x270 [ 107.158628] iommufd_access_replace+0xb4/0x120 [ 107.159041] iommufd_test+0x3e5/0x37e0 [ 107.159390] ? lock_release+0x532/0x770 [ 107.159755] ? __might_fault+0x102/0x1b0 [ 107.160119] ? lock_acquire+0x427/0x4c0 [ 107.160478] ? __pfx_iommufd_test+0x10/0x10 [ 107.160860] ? __pfx_lock_release+0x10/0x10 [ 107.161244] ? __pfx_lock_acquire+0x10/0x10 [ 107.161629] ? write_comp_data+0x2f/0x90 [ 107.161993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.162421] ? write_comp_data+0x2f/0x90 [ 107.162810] iommufd_fops_ioctl+0x37d/0x510 [ 107.163205] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.163646] ? write_comp_data+0x2f/0x90 [ 107.164011] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.164440] __x64_sys_ioctl+0x1a3/0x230 [ 107.164806] do_syscall_64+0x3b/0x90 [ 107.165142] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.165596] RIP: 0033:0x7f4b8743ee5d [ 107.165922] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.167538] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.168207] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.168828] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.169446] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.170067] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.170716] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.171349] [ 107.171555] irq event stamp: 0 [ 107.171829] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.172380] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.173110] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.173837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.174382] ---[ end trace 0000000000000000 ]--- [ 107.177310] ------------[ cut here ]------------ [ 107.177749] WARNING: CPU: 0 PID: 948 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.178659] Modules linked in: [ 107.178944] CPU: 0 PID: 948 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.179698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.180667] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.181098] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.182722] RSP: 0018:ffff8880162cfbd0 EFLAGS: 00010246 [ 107.183192] RAX: 0000000000000000 RBX: ffff888010b9e0a8 RCX: 0000000000000000 [ 107.183809] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 107.184420] RBP: ffff8880162cfbe8 R08: ffffed1002173c33 R09: ffffed1002173c33 [ 107.185034] R10: ffff888010b9e193 R11: ffffed1002173c32 R12: ffff888010c09800 [ 107.185654] R13: ffff888010b9e1e8 R14: ffff8880121b3300 R15: 0000000000000000 [ 107.186267] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.186984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.187497] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 107.188114] PKRU: 55555554 [ 107.188360] Call Trace: [ 107.188582] [ 107.188777] iommufd_access_destroy_object+0x65/0x170 [ 107.189240] iommufd_object_destroy_user+0x18e/0x220 [ 107.189688] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.190197] iommufd_access_destroy+0x43/0x70 [ 107.190616] iommufd_test_staccess_release+0x8d/0xd0 [ 107.191072] __fput+0x26d/0xa40 [ 107.191388] ____fput+0x1e/0x30 [ 107.191686] task_work_run+0x1a4/0x2d0 [ 107.192037] ? __pfx_task_work_run+0x10/0x10 [ 107.192429] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.192867] ? switch_task_namespaces+0xa9/0xe0 [ 107.193284] do_exit+0xb17/0x2ef0 [ 107.193588] ? lock_acquire+0x427/0x4c0 [ 107.193944] ? __pfx_lock_release+0x10/0x10 [ 107.194332] ? __kasan_check_write+0x18/0x20 [ 107.194742] ? do_raw_spin_lock+0x132/0x2a0 [ 107.195130] ? __pfx_do_exit+0x10/0x10 [ 107.195485] ? debug_smp_processor_id+0x20/0x30 [ 107.195896] ? rcu_is_watching+0x19/0xb0 [ 107.196722] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.197109] ? trace_hardirqs_on+0x26/0x120 [ 107.197468] do_group_exit+0xe0/0x2b0 [ 107.197802] __x64_sys_exit_group+0x47/0x50 [ 107.198429] do_syscall_64+0x3b/0x90 [ 107.198773] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.199220] RIP: 0033:0x7f4b87518a4d [ 107.199598] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.200189] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.200809] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.201544] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.202126] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.202731] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.203479] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.204067] [ 107.204264] irq event stamp: 0 [ 107.204525] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.205197] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.205879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.206730] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.207254] ---[ end trace 0000000000000000 ]--- [ 107.207974] ------------[ cut here ]------------ [ 107.208529] WARNING: CPU: 0 PID: 948 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.209360] Modules linked in: [ 107.209666] CPU: 0 PID: 948 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.210483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.211655] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.212101] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.213829] RSP: 0018:ffff8880162cfb78 EFLAGS: 00010246 [ 107.214290] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.214968] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 107.215676] RBP: ffff8880162cfb98 R08: ffffed1002173c3e R09: ffffed1002173c3e [ 107.216293] R10: ffff888010b9e1ef R11: ffffed1002173c3d R12: ffff888010b9e290 [ 107.217073] R13: ffff888010b9e0a8 R14: ffffffffffffffff R15: ffff8880162cfc60 [ 107.217688] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.218576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.219083] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 107.219707] PKRU: 55555554 [ 107.219956] Call Trace: [ 107.220183] [ 107.220379] iommufd_ioas_destroy+0x53/0x70 [ 107.220765] iommufd_fops_release+0x1f7/0x370 [ 107.221162] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.221597] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.222030] ? write_comp_data+0x2f/0x90 [ 107.222395] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.222855] __fput+0x26d/0xa40 [ 107.223174] ____fput+0x1e/0x30 [ 107.223478] task_work_run+0x1a4/0x2d0 [ 107.223834] ? __pfx_task_work_run+0x10/0x10 [ 107.224276] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.224874] ? switch_task_namespaces+0xa9/0xe0 [ 107.225296] do_exit+0xb17/0x2ef0 [ 107.225608] ? lock_acquire+0x427/0x4c0 [ 107.226130] ? __pfx_lock_release+0x10/0x10 [ 107.226535] ? __kasan_check_write+0x18/0x20 [ 107.226928] ? do_raw_spin_lock+0x132/0x2a0 [ 107.227316] ? __pfx_do_exit+0x10/0x10 [ 107.227669] ? debug_smp_processor_id+0x20/0x30 [ 107.228079] ? rcu_is_watching+0x19/0xb0 [ 107.228435] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.228834] ? trace_hardirqs_on+0x26/0x120 [ 107.229215] do_group_exit+0xe0/0x2b0 [ 107.229548] __x64_sys_exit_group+0x47/0x50 [ 107.229920] do_syscall_64+0x3b/0x90 [ 107.230253] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.230738] RIP: 0033:0x7f4b87518a4d [ 107.231064] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.231611] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.232361] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.233085] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.233750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.234462] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.235124] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.235758] [ 107.235965] irq event stamp: 0 [ 107.236241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.236786] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.237511] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.238234] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.238807] ---[ end trace 0000000000000000 ]--- [ 107.243178] ------------[ cut here ]------------ [ 107.243799] WARNING: CPU: 0 PID: 949 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.244666] Modules linked in: [ 107.245017] CPU: 0 PID: 949 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.245848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.247040] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.247488] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.249048] RSP: 0018:ffff88801369fbb8 EFLAGS: 00010246 [ 107.249505] RAX: 0000000000000000 RBX: ffff88800a7858a8 RCX: 0000000000000000 [ 107.250111] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 107.250744] RBP: ffff88801369fbd0 R08: ffffed10014f0b33 R09: ffffed10014f0b33 [ 107.251370] R10: ffff88800a785993 R11: ffffed10014f0b32 R12: ffff88801341c800 [ 107.251980] R13: ffff88800a7859e8 R14: ffffffff8352e670 R15: ffff88801369fe68 [ 107.252585] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.253269] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.253767] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 107.254373] PKRU: 55555554 [ 107.254642] Call Trace: [ 107.254865] [ 107.255060] __iommufd_access_detach+0x1c2/0x2b0 [ 107.255493] iommufd_access_change_pt+0x149/0x270 [ 107.255920] iommufd_access_replace+0xb4/0x120 [ 107.256325] iommufd_test+0x3e5/0x37e0 [ 107.256660] ? lock_release+0x532/0x770 [ 107.257012] ? __might_fault+0x102/0x1b0 [ 107.257367] ? lock_acquire+0x427/0x4c0 [ 107.257717] ? __pfx_iommufd_test+0x10/0x10 [ 107.258086] ? __pfx_lock_release+0x10/0x10 [ 107.258462] ? __pfx_lock_acquire+0x10/0x10 [ 107.258865] ? write_comp_data+0x2f/0x90 [ 107.259238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.259661] ? write_comp_data+0x2f/0x90 [ 107.260017] iommufd_fops_ioctl+0x37d/0x510 [ 107.260391] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.260812] ? write_comp_data+0x2f/0x90 [ 107.261174] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.261588] __x64_sys_ioctl+0x1a3/0x230 [ 107.261949] do_syscall_64+0x3b/0x90 [ 107.262285] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.262755] RIP: 0033:0x7f4b8743ee5d [ 107.263093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.264656] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.265318] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.265926] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.266553] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.267176] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.267783] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.268403] [ 107.268604] irq event stamp: 0 [ 107.268874] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.269415] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.270128] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.270862] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.271416] ---[ end trace 0000000000000000 ]--- [ 107.274680] ------------[ cut here ]------------ [ 107.275103] WARNING: CPU: 0 PID: 949 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.276186] Modules linked in: [ 107.276464] CPU: 0 PID: 949 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.277203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.278158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.278785] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.280352] RSP: 0018:ffff88801369fbd0 EFLAGS: 00010246 [ 107.280808] RAX: 0000000000000000 RBX: ffff88800a7858a8 RCX: 0000000000000000 [ 107.281416] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 107.282209] RBP: ffff88801369fbe8 R08: ffffed10014f0b33 R09: ffffed10014f0b33 [ 107.282838] R10: ffff88800a785993 R11: ffffed10014f0b32 R12: ffff888013b22400 [ 107.283456] R13: ffff88800a7859e8 R14: ffff888018b93c00 R15: 0000000000000000 [ 107.284068] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.284808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.285434] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 107.286050] PKRU: 55555554 [ 107.286295] Call Trace: [ 107.286545] [ 107.286742] iommufd_access_destroy_object+0x65/0x170 [ 107.287216] iommufd_object_destroy_user+0x18e/0x220 [ 107.287663] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.288383] iommufd_access_destroy+0x43/0x70 [ 107.288782] iommufd_test_staccess_release+0x8d/0xd0 [ 107.289226] __fput+0x26d/0xa40 [ 107.289526] ____fput+0x1e/0x30 [ 107.289817] task_work_run+0x1a4/0x2d0 [ 107.290162] ? __pfx_task_work_run+0x10/0x10 [ 107.290572] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.290998] ? switch_task_namespaces+0xa9/0xe0 [ 107.291460] do_exit+0xb17/0x2ef0 [ 107.291924] ? lock_acquire+0x427/0x4c0 [ 107.292283] ? __pfx_lock_release+0x10/0x10 [ 107.292664] ? __kasan_check_write+0x18/0x20 [ 107.293051] ? do_raw_spin_lock+0x132/0x2a0 [ 107.293425] ? __pfx_do_exit+0x10/0x10 [ 107.293775] ? debug_smp_processor_id+0x20/0x30 [ 107.294376] ? rcu_is_watching+0x19/0xb0 [ 107.294755] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.295159] ? trace_hardirqs_on+0x26/0x120 [ 107.295541] do_group_exit+0xe0/0x2b0 [ 107.295873] __x64_sys_exit_group+0x47/0x50 [ 107.296245] do_syscall_64+0x3b/0x90 [ 107.296574] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.297027] RIP: 0033:0x7f4b87518a4d [ 107.297388] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.298055] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.298731] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.299351] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.299966] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.300619] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.301385] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.302005] [ 107.302207] irq event stamp: 0 [ 107.302482] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.303045] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.303776] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.304658] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.305203] ---[ end trace 0000000000000000 ]--- [ 107.305945] ------------[ cut here ]------------ [ 107.306353] WARNING: CPU: 0 PID: 949 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.307435] Modules linked in: [ 107.307719] CPU: 0 PID: 949 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.308462] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.309421] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.310059] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.311648] RSP: 0018:ffff88801369fb78 EFLAGS: 00010246 [ 107.312108] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.312749] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 107.313532] RBP: ffff88801369fb98 R08: ffffed10014f0b3e R09: ffffed10014f0b3e [ 107.314147] R10: ffff88800a7859ef R11: ffffed10014f0b3d R12: ffff88800a785a90 [ 107.314773] R13: ffff88800a7858a8 R14: ffffffffffffffff R15: ffff88801369fc60 [ 107.315406] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.316289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.316790] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 107.317403] PKRU: 55555554 [ 107.317651] Call Trace: [ 107.317871] [ 107.318068] iommufd_ioas_destroy+0x53/0x70 [ 107.318475] iommufd_fops_release+0x1f7/0x370 [ 107.319050] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.319494] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.319930] ? write_comp_data+0x2f/0x90 [ 107.320292] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.320730] __fput+0x26d/0xa40 [ 107.321032] ____fput+0x1e/0x30 [ 107.321327] task_work_run+0x1a4/0x2d0 [ 107.321673] ? __pfx_task_work_run+0x10/0x10 [ 107.322157] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.322708] ? switch_task_namespaces+0xa9/0xe0 [ 107.323133] do_exit+0xb17/0x2ef0 [ 107.323443] ? lock_acquire+0x427/0x4c0 [ 107.323802] ? __pfx_lock_release+0x10/0x10 [ 107.324190] ? __kasan_check_write+0x18/0x20 [ 107.324573] ? do_raw_spin_lock+0x132/0x2a0 [ 107.324949] ? __pfx_do_exit+0x10/0x10 [ 107.325343] ? debug_smp_processor_id+0x20/0x30 [ 107.325906] ? rcu_is_watching+0x19/0xb0 [ 107.326260] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.326675] ? trace_hardirqs_on+0x26/0x120 [ 107.327061] do_group_exit+0xe0/0x2b0 [ 107.327401] __x64_sys_exit_group+0x47/0x50 [ 107.327775] do_syscall_64+0x3b/0x90 [ 107.328109] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.328563] RIP: 0033:0x7f4b87518a4d [ 107.329069] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.329600] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.330255] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.330904] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.331526] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.332223] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.332959] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.333580] [ 107.333782] irq event stamp: 0 [ 107.334052] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.334613] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.335509] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.336226] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.336768] ---[ end trace 0000000000000000 ]--- [ 107.340787] ------------[ cut here ]------------ [ 107.341346] WARNING: CPU: 0 PID: 950 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.342208] Modules linked in: [ 107.342484] CPU: 0 PID: 950 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.343295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.344392] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.344821] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.346378] RSP: 0018:ffff8880162cfbb8 EFLAGS: 00010246 [ 107.346859] RAX: 0000000000000000 RBX: ffff88801294b0a8 RCX: 0000000000000000 [ 107.347479] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 107.348100] RBP: ffff8880162cfbd0 R08: ffffed1002529633 R09: ffffed1002529633 [ 107.348712] R10: ffff88801294b193 R11: ffffed1002529632 R12: ffff888021ba9c00 [ 107.349330] R13: ffff88801294b1e8 R14: ffffffff8352e670 R15: ffff8880162cfe68 [ 107.350188] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.350907] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.351406] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 107.352015] PKRU: 55555554 [ 107.352259] Call Trace: [ 107.352478] [ 107.352705] __iommufd_access_detach+0x1c2/0x2b0 [ 107.353259] iommufd_access_change_pt+0x149/0x270 [ 107.353684] iommufd_access_replace+0xb4/0x120 [ 107.354089] iommufd_test+0x3e5/0x37e0 [ 107.354429] ? lock_release+0x532/0x770 [ 107.354810] ? __might_fault+0x102/0x1b0 [ 107.355183] ? lock_acquire+0x427/0x4c0 [ 107.355538] ? __pfx_iommufd_test+0x10/0x10 [ 107.355907] ? __pfx_lock_release+0x10/0x10 [ 107.356286] ? __pfx_lock_acquire+0x10/0x10 [ 107.356670] ? write_comp_data+0x2f/0x90 [ 107.357069] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.357642] ? write_comp_data+0x2f/0x90 [ 107.358006] iommufd_fops_ioctl+0x37d/0x510 [ 107.358383] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.358836] ? write_comp_data+0x2f/0x90 [ 107.359212] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.359659] __x64_sys_ioctl+0x1a3/0x230 [ 107.360199] do_syscall_64+0x3b/0x90 [ 107.360534] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.360990] RIP: 0033:0x7f4b8743ee5d [ 107.361313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.363099] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.363773] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.364387] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.365070] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.365799] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.366414] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.367058] [ 107.367274] irq event stamp: 0 [ 107.367589] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.368273] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.368995] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.369709] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.370248] ---[ end trace 0000000000000000 ]--- [ 107.373274] ------------[ cut here ]------------ [ 107.373717] WARNING: CPU: 0 PID: 950 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.374638] Modules linked in: [ 107.374913] CPU: 0 PID: 950 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.375654] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.376599] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.377019] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.378616] RSP: 0018:ffff8880162cfbd0 EFLAGS: 00010246 [ 107.379072] RAX: 0000000000000000 RBX: ffff88801294b0a8 RCX: 0000000000000000 [ 107.379681] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 107.380278] RBP: ffff8880162cfbe8 R08: ffffed1002529633 R09: ffffed1002529633 [ 107.380855] R10: ffff88801294b193 R11: ffffed1002529632 R12: ffff88801341d400 [ 107.381427] R13: ffff88801294b1e8 R14: ffff888018bbd600 R15: 0000000000000000 [ 107.382002] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.382668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.383148] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 107.383726] PKRU: 55555554 [ 107.383955] Call Trace: [ 107.384163] [ 107.384349] iommufd_access_destroy_object+0x65/0x170 [ 107.384778] iommufd_object_destroy_user+0x18e/0x220 [ 107.385197] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.385674] iommufd_access_destroy+0x43/0x70 [ 107.386049] iommufd_test_staccess_release+0x8d/0xd0 [ 107.386471] __fput+0x26d/0xa40 [ 107.386779] ____fput+0x1e/0x30 [ 107.387063] task_work_run+0x1a4/0x2d0 [ 107.387397] ? __pfx_task_work_run+0x10/0x10 [ 107.387775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.388181] ? switch_task_namespaces+0xa9/0xe0 [ 107.388571] do_exit+0xb17/0x2ef0 [ 107.388859] ? lock_acquire+0x427/0x4c0 [ 107.389192] ? __pfx_lock_release+0x10/0x10 [ 107.389550] ? __kasan_check_write+0x18/0x20 [ 107.389910] ? do_raw_spin_lock+0x132/0x2a0 [ 107.390266] ? __pfx_do_exit+0x10/0x10 [ 107.390617] ? debug_smp_processor_id+0x20/0x30 [ 107.391000] ? rcu_is_watching+0x19/0xb0 [ 107.391339] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.391717] ? trace_hardirqs_on+0x26/0x120 [ 107.392082] do_group_exit+0xe0/0x2b0 [ 107.392396] __x64_sys_exit_group+0x47/0x50 [ 107.392748] do_syscall_64+0x3b/0x90 [ 107.393061] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.393494] RIP: 0033:0x7f4b87518a4d [ 107.393799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.394309] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.394955] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.395558] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.396133] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.396714] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.397290] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.397877] [ 107.398072] irq event stamp: 0 [ 107.398329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.398874] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.399584] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.400271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.400793] ---[ end trace 0000000000000000 ]--- [ 107.401723] ------------[ cut here ]------------ [ 107.402115] WARNING: CPU: 0 PID: 950 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.402984] Modules linked in: [ 107.403266] CPU: 0 PID: 950 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.403973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.404892] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.405314] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.406827] RSP: 0018:ffff8880162cfb78 EFLAGS: 00010246 [ 107.407272] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.407853] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 107.408430] RBP: ffff8880162cfb98 R08: ffffed100252963e R09: ffffed100252963e [ 107.409029] R10: ffff88801294b1ef R11: ffffed100252963d R12: ffff88801294b290 [ 107.409637] R13: ffff88801294b0a8 R14: ffffffffffffffff R15: ffff8880162cfc60 [ 107.410252] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.410971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.411485] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 107.412096] PKRU: 55555554 [ 107.412337] Call Trace: [ 107.412555] [ 107.412754] iommufd_ioas_destroy+0x53/0x70 [ 107.413134] iommufd_fops_release+0x1f7/0x370 [ 107.413529] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.413972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.414405] ? write_comp_data+0x2f/0x90 [ 107.414802] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.415248] __fput+0x26d/0xa40 [ 107.415555] ____fput+0x1e/0x30 [ 107.415855] task_work_run+0x1a4/0x2d0 [ 107.416201] ? __pfx_task_work_run+0x10/0x10 [ 107.416588] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.417015] ? switch_task_namespaces+0xa9/0xe0 [ 107.417428] do_exit+0xb17/0x2ef0 [ 107.417730] ? lock_acquire+0x427/0x4c0 [ 107.418086] ? __pfx_lock_release+0x10/0x10 [ 107.418467] ? __kasan_check_write+0x18/0x20 [ 107.418890] ? do_raw_spin_lock+0x132/0x2a0 [ 107.419281] ? __pfx_do_exit+0x10/0x10 [ 107.419638] ? debug_smp_processor_id+0x20/0x30 [ 107.420068] ? rcu_is_watching+0x19/0xb0 [ 107.420422] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.420821] ? trace_hardirqs_on+0x26/0x120 [ 107.421203] do_group_exit+0xe0/0x2b0 [ 107.421538] __x64_sys_exit_group+0x47/0x50 [ 107.421911] do_syscall_64+0x3b/0x90 [ 107.422245] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.422726] RIP: 0033:0x7f4b87518a4d [ 107.423052] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.423590] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.424249] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.424863] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.425476] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.426087] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.426718] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.427352] [ 107.427562] irq event stamp: 0 [ 107.427833] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.428379] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.429102] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.429817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.430353] ---[ end trace 0000000000000000 ]--- [ 107.436093] ------------[ cut here ]------------ [ 107.436709] WARNING: CPU: 1 PID: 951 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.437901] Modules linked in: [ 107.438292] CPU: 1 PID: 951 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.439393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.440728] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.441330] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.443613] RSP: 0018:ffff88801369fbb8 EFLAGS: 00010246 [ 107.444262] RAX: 0000000000000000 RBX: ffff88801047e8a8 RCX: 0000000000000000 [ 107.445110] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 107.445958] RBP: ffff88801369fbd0 R08: ffffed100208fd33 R09: ffffed100208fd33 [ 107.446847] R10: ffff88801047e993 R11: ffffed100208fd32 R12: ffff8880148c7c00 [ 107.447720] R13: ffff88801047e9e8 R14: ffffffff8352e670 R15: ffff88801369fe68 [ 107.448570] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.449525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.450218] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 107.451128] PKRU: 55555554 [ 107.451482] Call Trace: [ 107.451796] [ 107.452077] __iommufd_access_detach+0x1c2/0x2b0 [ 107.452669] iommufd_access_change_pt+0x149/0x270 [ 107.453265] iommufd_access_replace+0xb4/0x120 [ 107.453836] iommufd_test+0x3e5/0x37e0 [ 107.454308] ? lock_release+0x532/0x770 [ 107.454839] ? __might_fault+0x102/0x1b0 [ 107.455361] ? lock_acquire+0x427/0x4c0 [ 107.455857] ? __pfx_iommufd_test+0x10/0x10 [ 107.456379] ? __pfx_lock_release+0x10/0x10 [ 107.456983] ? __pfx_lock_acquire+0x10/0x10 [ 107.457619] ? write_comp_data+0x2f/0x90 [ 107.458130] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.458832] ? write_comp_data+0x2f/0x90 [ 107.459368] iommufd_fops_ioctl+0x37d/0x510 [ 107.459900] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.460494] ? write_comp_data+0x2f/0x90 [ 107.461117] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.461708] __x64_sys_ioctl+0x1a3/0x230 [ 107.462219] do_syscall_64+0x3b/0x90 [ 107.462815] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.463471] RIP: 0033:0x7f4b8743ee5d [ 107.463930] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.466201] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.467244] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.468125] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.469022] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.469956] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.470850] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.471795] [ 107.472096] irq event stamp: 0 [ 107.472475] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.473244] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.474295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.475446] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.476197] ---[ end trace 0000000000000000 ]--- [ 107.480940] ------------[ cut here ]------------ [ 107.481530] WARNING: CPU: 1 PID: 951 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.482904] Modules linked in: [ 107.483308] CPU: 1 PID: 951 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.484470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.485852] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.486493] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.488835] RSP: 0018:ffff88801369fbd0 EFLAGS: 00010246 [ 107.489521] RAX: 0000000000000000 RBX: ffff88801047e8a8 RCX: 0000000000000000 [ 107.490424] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 107.491462] RBP: ffff88801369fbe8 R08: ffffed100208fd33 R09: ffffed100208fd33 [ 107.492313] R10: ffff88801047e993 R11: ffffed100208fd32 R12: ffff88801892dc00 [ 107.493228] R13: ffff88801047e9e8 R14: ffff8880149b9a00 R15: 0000000000000000 [ 107.494162] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.495352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.496066] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.496933] PKRU: 55555554 [ 107.497281] Call Trace: [ 107.497603] [ 107.497898] iommufd_access_destroy_object+0x65/0x170 [ 107.498613] iommufd_object_destroy_user+0x18e/0x220 [ 107.499273] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.499999] iommufd_access_destroy+0x43/0x70 [ 107.500572] iommufd_test_staccess_release+0x8d/0xd0 [ 107.501210] __fput+0x26d/0xa40 [ 107.501645] ____fput+0x1e/0x30 [ 107.502069] task_work_run+0x1a4/0x2d0 [ 107.502616] ? __pfx_task_work_run+0x10/0x10 [ 107.503198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.503745] ? switch_task_namespaces+0xa9/0xe0 [ 107.504185] do_exit+0xb17/0x2ef0 [ 107.504498] ? lock_acquire+0x427/0x4c0 [ 107.504860] ? __pfx_lock_release+0x10/0x10 [ 107.505246] ? __kasan_check_write+0x18/0x20 [ 107.505640] ? do_raw_spin_lock+0x132/0x2a0 [ 107.506025] ? __pfx_do_exit+0x10/0x10 [ 107.506378] ? debug_smp_processor_id+0x20/0x30 [ 107.506855] ? rcu_is_watching+0x19/0xb0 [ 107.507249] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.507659] ? trace_hardirqs_on+0x26/0x120 [ 107.508054] do_group_exit+0xe0/0x2b0 [ 107.508399] __x64_sys_exit_group+0x47/0x50 [ 107.508780] do_syscall_64+0x3b/0x90 [ 107.509125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.509589] RIP: 0033:0x7f4b87518a4d [ 107.509920] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.510459] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.511172] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.511807] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.512442] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.513091] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.513726] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.514375] [ 107.514615] irq event stamp: 0 [ 107.514902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.515479] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.516237] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.516986] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.517550] ---[ end trace 0000000000000000 ]--- [ 107.518320] ------------[ cut here ]------------ [ 107.518784] WARNING: CPU: 1 PID: 951 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.519723] Modules linked in: [ 107.520019] CPU: 1 PID: 951 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.520785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.521790] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.522254] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.523939] RSP: 0018:ffff88801369fb78 EFLAGS: 00010246 [ 107.524427] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.525073] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 107.525718] RBP: ffff88801369fb98 R08: ffffed100208fd3e R09: ffffed100208fd3e [ 107.526376] R10: ffff88801047e9ef R11: ffffed100208fd3d R12: ffff88801047ea90 [ 107.527062] R13: ffff88801047e8a8 R14: ffffffffffffffff R15: ffff88801369fc60 [ 107.527735] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.528480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.529017] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.529682] PKRU: 55555554 [ 107.529950] Call Trace: [ 107.530194] [ 107.530412] iommufd_ioas_destroy+0x53/0x70 [ 107.530871] iommufd_fops_release+0x1f7/0x370 [ 107.531316] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.531789] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.532254] ? write_comp_data+0x2f/0x90 [ 107.532681] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.533189] __fput+0x26d/0xa40 [ 107.533554] ____fput+0x1e/0x30 [ 107.533902] task_work_run+0x1a4/0x2d0 [ 107.534303] ? __pfx_task_work_run+0x10/0x10 [ 107.534800] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.535330] ? switch_task_namespaces+0xa9/0xe0 [ 107.535820] do_exit+0xb17/0x2ef0 [ 107.536185] ? lock_acquire+0x427/0x4c0 [ 107.536605] ? __pfx_lock_release+0x10/0x10 [ 107.537053] ? __kasan_check_write+0x18/0x20 [ 107.537504] ? do_raw_spin_lock+0x132/0x2a0 [ 107.537945] ? __pfx_do_exit+0x10/0x10 [ 107.538354] ? debug_smp_processor_id+0x20/0x30 [ 107.538880] ? rcu_is_watching+0x19/0xb0 [ 107.539337] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.539812] ? trace_hardirqs_on+0x26/0x120 [ 107.540264] do_group_exit+0xe0/0x2b0 [ 107.540645] __x64_sys_exit_group+0x47/0x50 [ 107.541078] do_syscall_64+0x3b/0x90 [ 107.541459] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.541987] RIP: 0033:0x7f4b87518a4d [ 107.542359] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.543004] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.543746] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.544470] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.545187] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.545901] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.546654] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.547414] [ 107.547650] irq event stamp: 0 [ 107.547959] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.548595] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.549460] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.550313] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.551007] ---[ end trace 0000000000000000 ]--- [ 107.555557] ------------[ cut here ]------------ [ 107.556100] WARNING: CPU: 1 PID: 952 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.557097] Modules linked in: [ 107.557418] CPU: 1 PID: 952 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.558278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.559461] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.559976] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.561817] RSP: 0018:ffff888010ec7bb8 EFLAGS: 00010246 [ 107.562352] RAX: 0000000000000000 RBX: ffff888012bd10a8 RCX: 0000000000000000 [ 107.563091] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 107.563844] RBP: ffff888010ec7bd0 R08: ffffed100257a233 R09: ffffed100257a233 [ 107.564555] R10: ffff888012bd1193 R11: ffffed100257a232 R12: ffff888010b27400 [ 107.565266] R13: ffff888012bd11e8 R14: ffffffff8352e670 R15: ffff888010ec7e68 [ 107.565991] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.566840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.567402] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ee0 [ 107.568116] PKRU: 55555554 [ 107.568413] Call Trace: [ 107.568677] [ 107.568910] __iommufd_access_detach+0x1c2/0x2b0 [ 107.569410] iommufd_access_change_pt+0x149/0x270 [ 107.569922] iommufd_access_replace+0xb4/0x120 [ 107.570404] iommufd_test+0x3e5/0x37e0 [ 107.570852] ? lock_release+0x532/0x770 [ 107.571290] ? __might_fault+0x102/0x1b0 [ 107.571728] ? lock_acquire+0x427/0x4c0 [ 107.572150] ? __pfx_iommufd_test+0x10/0x10 [ 107.572594] ? __pfx_lock_release+0x10/0x10 [ 107.573044] ? __pfx_lock_acquire+0x10/0x10 [ 107.573498] ? write_comp_data+0x2f/0x90 [ 107.573936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.574443] ? write_comp_data+0x2f/0x90 [ 107.574902] iommufd_fops_ioctl+0x37d/0x510 [ 107.575378] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.575893] ? write_comp_data+0x2f/0x90 [ 107.576324] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.576823] __x64_sys_ioctl+0x1a3/0x230 [ 107.577250] do_syscall_64+0x3b/0x90 [ 107.577636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.578180] RIP: 0033:0x7f4b8743ee5d [ 107.578600] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.580497] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.581289] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.582019] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.582779] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.583615] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.584374] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.585152] [ 107.585404] irq event stamp: 0 [ 107.585742] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.586412] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.587360] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.588234] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.588891] ---[ end trace 0000000000000000 ]--- [ 107.592141] ------------[ cut here ]------------ [ 107.592667] WARNING: CPU: 1 PID: 952 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.593704] Modules linked in: [ 107.594030] CPU: 1 PID: 952 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.594956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.596155] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.596679] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.598615] RSP: 0018:ffff888010ec7bd0 EFLAGS: 00010246 [ 107.599193] RAX: 0000000000000000 RBX: ffff888012bd10a8 RCX: 0000000000000000 [ 107.599930] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 107.600677] RBP: ffff888010ec7be8 R08: ffffed100257a233 R09: ffffed100257a233 [ 107.601418] R10: ffff888012bd1193 R11: ffffed100257a232 R12: ffff8880148c5400 [ 107.602155] R13: ffff888012bd11e8 R14: ffff88801706d400 R15: 0000000000000000 [ 107.602923] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.603788] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.604403] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.605153] PKRU: 55555554 [ 107.605449] Call Trace: [ 107.605721] [ 107.605963] iommufd_access_destroy_object+0x65/0x170 [ 107.606539] iommufd_object_destroy_user+0x18e/0x220 [ 107.607077] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.607700] iommufd_access_destroy+0x43/0x70 [ 107.608182] iommufd_test_staccess_release+0x8d/0xd0 [ 107.608726] __fput+0x26d/0xa40 [ 107.609098] ____fput+0x1e/0x30 [ 107.609450] task_work_run+0x1a4/0x2d0 [ 107.609869] ? __pfx_task_work_run+0x10/0x10 [ 107.610341] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.610911] ? switch_task_namespaces+0xa9/0xe0 [ 107.611422] do_exit+0xb17/0x2ef0 [ 107.611786] ? lock_acquire+0x427/0x4c0 [ 107.612218] ? __pfx_lock_release+0x10/0x10 [ 107.612665] ? __kasan_check_write+0x18/0x20 [ 107.613134] ? do_raw_spin_lock+0x132/0x2a0 [ 107.613582] ? __pfx_do_exit+0x10/0x10 [ 107.613982] ? debug_smp_processor_id+0x20/0x30 [ 107.614455] ? rcu_is_watching+0x19/0xb0 [ 107.614901] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.615375] ? trace_hardirqs_on+0x26/0x120 [ 107.615837] do_group_exit+0xe0/0x2b0 [ 107.616233] __x64_sys_exit_group+0x47/0x50 [ 107.616677] do_syscall_64+0x3b/0x90 [ 107.617072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.617607] RIP: 0033:0x7f4b87518a4d [ 107.617987] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.618640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.619434] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.620169] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.620921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.621655] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.622383] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.623156] [ 107.623399] irq event stamp: 0 [ 107.623732] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.624377] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.625228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.626077] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.626742] ---[ end trace 0000000000000000 ]--- [ 107.627625] ------------[ cut here ]------------ [ 107.628117] WARNING: CPU: 1 PID: 952 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.629161] Modules linked in: [ 107.629496] CPU: 1 PID: 952 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.630383] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.631581] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.632118] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.633983] RSP: 0018:ffff888010ec7b78 EFLAGS: 00010246 [ 107.634557] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.635301] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 107.636039] RBP: ffff888010ec7b98 R08: ffffed100257a23e R09: ffffed100257a23e [ 107.636769] R10: ffff888012bd11ef R11: ffffed100257a23d R12: ffff888012bd1290 [ 107.637499] R13: ffff888012bd10a8 R14: ffffffffffffffff R15: ffff888010ec7c60 [ 107.638227] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.639075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.639697] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.640428] PKRU: 55555554 [ 107.640721] Call Trace: [ 107.640982] [ 107.641216] iommufd_ioas_destroy+0x53/0x70 [ 107.641686] iommufd_fops_release+0x1f7/0x370 [ 107.642151] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.642700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.643247] ? write_comp_data+0x2f/0x90 [ 107.643684] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.644221] __fput+0x26d/0xa40 [ 107.644573] ____fput+0x1e/0x30 [ 107.644923] task_work_run+0x1a4/0x2d0 [ 107.645334] ? __pfx_task_work_run+0x10/0x10 [ 107.645802] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.646312] ? switch_task_namespaces+0xa9/0xe0 [ 107.646841] do_exit+0xb17/0x2ef0 [ 107.647236] ? lock_acquire+0x427/0x4c0 [ 107.647664] ? __pfx_lock_release+0x10/0x10 [ 107.648123] ? __kasan_check_write+0x18/0x20 [ 107.648582] ? do_raw_spin_lock+0x132/0x2a0 [ 107.649029] ? __pfx_do_exit+0x10/0x10 [ 107.649438] ? debug_smp_processor_id+0x20/0x30 [ 107.649918] ? rcu_is_watching+0x19/0xb0 [ 107.650344] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.650850] ? trace_hardirqs_on+0x26/0x120 [ 107.651326] do_group_exit+0xe0/0x2b0 [ 107.651721] __x64_sys_exit_group+0x47/0x50 [ 107.652164] do_syscall_64+0x3b/0x90 [ 107.652554] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.653086] RIP: 0033:0x7f4b87518a4d [ 107.653459] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.654079] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.654878] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.655632] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.656377] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.657119] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.657859] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.658640] [ 107.658884] irq event stamp: 0 [ 107.659235] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.659879] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.660737] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.661593] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.662249] ---[ end trace 0000000000000000 ]--- [ 107.667835] ------------[ cut here ]------------ [ 107.668375] WARNING: CPU: 1 PID: 953 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.669379] Modules linked in: [ 107.669698] CPU: 1 PID: 953 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.670815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.671968] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.672476] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.674305] RSP: 0018:ffff88802442fbb8 EFLAGS: 00010246 [ 107.674865] RAX: 0000000000000000 RBX: ffff8880244570a8 RCX: 0000000000000000 [ 107.675604] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 107.676324] RBP: ffff88802442fbd0 R08: ffffed100488ae33 R09: ffffed100488ae33 [ 107.677045] R10: ffff888024457193 R11: ffffed100488ae32 R12: ffff888013c8f800 [ 107.677758] R13: ffff8880244571e8 R14: ffffffff8352e670 R15: ffff88802442fe68 [ 107.678466] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.679315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.679904] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 107.680622] PKRU: 55555554 [ 107.680907] Call Trace: [ 107.681164] [ 107.681390] __iommufd_access_detach+0x1c2/0x2b0 [ 107.681882] iommufd_access_change_pt+0x149/0x270 [ 107.682398] iommufd_access_replace+0xb4/0x120 [ 107.682903] iommufd_test+0x3e5/0x37e0 [ 107.683323] ? lock_release+0x532/0x770 [ 107.683740] ? __might_fault+0x102/0x1b0 [ 107.684160] ? lock_acquire+0x427/0x4c0 [ 107.684571] ? __pfx_iommufd_test+0x10/0x10 [ 107.685003] ? __pfx_lock_release+0x10/0x10 [ 107.685447] ? __pfx_lock_acquire+0x10/0x10 [ 107.685891] ? write_comp_data+0x2f/0x90 [ 107.686307] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.686868] ? write_comp_data+0x2f/0x90 [ 107.687422] iommufd_fops_ioctl+0x37d/0x510 [ 107.687994] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.688629] ? write_comp_data+0x2f/0x90 [ 107.689445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.689950] __x64_sys_ioctl+0x1a3/0x230 [ 107.690369] do_syscall_64+0x3b/0x90 [ 107.690811] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.691354] RIP: 0033:0x7f4b8743ee5d [ 107.691688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.693317] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.693992] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.694660] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.695007] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 107.695326] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.695338] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.697940] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 107.698497] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.698538] [ 107.698544] irq event stamp: 0 [ 107.698548] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.698560] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.703183] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.703939] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.704499] ---[ end trace 0000000000000000 ]--- [ 107.707592] ------------[ cut here ]------------ [ 107.708064] WARNING: CPU: 1 PID: 953 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.708978] Modules linked in: [ 107.709278] CPU: 1 PID: 953 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.710064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.711154] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.711614] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.713272] RSP: 0018:ffff88802442fbd0 EFLAGS: 00010246 [ 107.713756] RAX: 0000000000000000 RBX: ffff8880244570a8 RCX: 0000000000000000 [ 107.714403] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 107.715291] RBP: ffff88802442fbe8 R08: ffffed100488ae33 R09: ffffed100488ae33 [ 107.715942] R10: ffff888024457193 R11: ffffed100488ae32 R12: ffff888010b25800 [ 107.716589] R13: ffff8880244571e8 R14: ffff88802099c300 R15: 0000000000000000 [ 107.717235] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.717959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.718481] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.719167] PKRU: 55555554 [ 107.719428] Call Trace: [ 107.719667] [ 107.719875] iommufd_access_destroy_object+0x65/0x170 [ 107.720350] iommufd_object_destroy_user+0x18e/0x220 [ 107.720813] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.721342] iommufd_access_destroy+0x43/0x70 [ 107.721733] iommufd_test_staccess_release+0x8d/0xd0 [ 107.722175] __fput+0x26d/0xa40 [ 107.722473] ____fput+0x1e/0x30 [ 107.722801] task_work_run+0x1a4/0x2d0 [ 107.723162] ? __pfx_task_work_run+0x10/0x10 [ 107.723509] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.723878] ? switch_task_namespaces+0xa9/0xe0 [ 107.724278] do_exit+0xb17/0x2ef0 [ 107.724582] ? lock_acquire+0x427/0x4c0 [ 107.724935] ? __pfx_lock_release+0x10/0x10 [ 107.725302] ? __kasan_check_write+0x18/0x20 [ 107.725684] ? do_raw_spin_lock+0x132/0x2a0 [ 107.726057] ? __pfx_do_exit+0x10/0x10 [ 107.726397] ? debug_smp_processor_id+0x20/0x30 [ 107.726825] ? rcu_is_watching+0x19/0xb0 [ 107.727190] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.727586] ? trace_hardirqs_on+0x26/0x120 [ 107.727966] do_group_exit+0xe0/0x2b0 [ 107.728296] __x64_sys_exit_group+0x47/0x50 [ 107.728663] do_syscall_64+0x3b/0x90 [ 107.728990] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.729437] RIP: 0033:0x7f4b87518a4d [ 107.729753] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.730269] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.730958] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.731575] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.732186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.732797] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.733397] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.734003] [ 107.734200] irq event stamp: 0 [ 107.734470] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.735027] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.735743] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.736448] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.736981] ---[ end trace 0000000000000000 ]--- [ 107.737813] ------------[ cut here ]------------ [ 107.738233] WARNING: CPU: 1 PID: 953 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.739136] Modules linked in: [ 107.739419] CPU: 1 PID: 953 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.740156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.741115] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.741566] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.743808] RSP: 0018:ffff88802442fb78 EFLAGS: 00010246 [ 107.744270] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.744874] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 107.745471] RBP: ffff88802442fb98 R08: ffffed100488ae3e R09: ffffed100488ae3e [ 107.746068] R10: ffff8880244571ef R11: ffffed100488ae3d R12: ffff888024457290 [ 107.746688] R13: ffff8880244570a8 R14: ffffffffffffffff R15: ffff88802442fc60 [ 107.747307] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.747986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.748473] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.749076] PKRU: 55555554 [ 107.749316] Call Trace: [ 107.749532] [ 107.749726] iommufd_ioas_destroy+0x53/0x70 [ 107.750100] iommufd_fops_release+0x1f7/0x370 [ 107.750492] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.750949] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.751388] ? write_comp_data+0x2f/0x90 [ 107.751748] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.752177] __fput+0x26d/0xa40 [ 107.752474] ____fput+0x1e/0x30 [ 107.752768] task_work_run+0x1a4/0x2d0 [ 107.753111] ? __pfx_task_work_run+0x10/0x10 [ 107.753490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.753908] ? switch_task_namespaces+0xa9/0xe0 [ 107.754312] do_exit+0xb17/0x2ef0 [ 107.754631] ? lock_acquire+0x427/0x4c0 [ 107.754978] ? __pfx_lock_release+0x10/0x10 [ 107.755373] ? __kasan_check_write+0x18/0x20 [ 107.755762] ? do_raw_spin_lock+0x132/0x2a0 [ 107.756136] ? __pfx_do_exit+0x10/0x10 [ 107.756481] ? debug_smp_processor_id+0x20/0x30 [ 107.756890] ? rcu_is_watching+0x19/0xb0 [ 107.757244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.757644] ? trace_hardirqs_on+0x26/0x120 [ 107.758030] do_group_exit+0xe0/0x2b0 [ 107.758363] __x64_sys_exit_group+0x47/0x50 [ 107.758750] do_syscall_64+0x3b/0x90 [ 107.759084] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.759550] RIP: 0033:0x7f4b87518a4d [ 107.759870] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.760388] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.761030] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.761633] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.762235] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.762860] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.763474] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.764087] [ 107.764288] irq event stamp: 0 [ 107.764554] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.765088] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.765799] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.766500] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.767072] ---[ end trace 0000000000000000 ]--- [ 107.771352] ------------[ cut here ]------------ [ 107.771779] WARNING: CPU: 1 PID: 955 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.772633] Modules linked in: [ 107.772903] CPU: 1 PID: 955 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.773633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.774626] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.775048] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.776604] RSP: 0018:ffff888015d07bb8 EFLAGS: 00010246 [ 107.777053] RAX: 0000000000000000 RBX: ffff8880180948a8 RCX: 0000000000000000 [ 107.777648] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 107.778250] RBP: ffff888015d07bd0 R08: ffffed1003012933 R09: ffffed1003012933 [ 107.778889] R10: ffff888018094993 R11: ffffed1003012932 R12: ffff888012f1fc00 [ 107.779518] R13: ffff8880180949e8 R14: ffffffff8352e670 R15: ffff888015d07e68 [ 107.780131] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.780813] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.781306] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ee0 [ 107.781908] PKRU: 55555554 [ 107.782147] Call Trace: [ 107.782364] [ 107.782579] __iommufd_access_detach+0x1c2/0x2b0 [ 107.783004] iommufd_access_change_pt+0x149/0x270 [ 107.783447] iommufd_access_replace+0xb4/0x120 [ 107.783846] iommufd_test+0x3e5/0x37e0 [ 107.784177] ? lock_release+0x532/0x770 [ 107.784523] ? __might_fault+0x102/0x1b0 [ 107.784875] ? lock_acquire+0x427/0x4c0 [ 107.785223] ? __pfx_iommufd_test+0x10/0x10 [ 107.785585] ? __pfx_lock_release+0x10/0x10 [ 107.785961] ? __pfx_lock_acquire+0x10/0x10 [ 107.786338] ? write_comp_data+0x2f/0x90 [ 107.786717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.787165] ? write_comp_data+0x2f/0x90 [ 107.787529] iommufd_fops_ioctl+0x37d/0x510 [ 107.787905] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.788326] ? write_comp_data+0x2f/0x90 [ 107.788682] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.789097] __x64_sys_ioctl+0x1a3/0x230 [ 107.789463] do_syscall_64+0x3b/0x90 [ 107.789792] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.790237] RIP: 0033:0x7f4b8743ee5d [ 107.790587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.792145] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.792753] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.793318] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.793882] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.794446] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.795044] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.795631] [ 107.795820] irq event stamp: 0 [ 107.796071] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.796574] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.797241] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.797906] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.798404] ---[ end trace 0000000000000000 ]--- [ 107.801192] ------------[ cut here ]------------ [ 107.801592] WARNING: CPU: 1 PID: 955 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.802409] Modules linked in: [ 107.802722] CPU: 1 PID: 955 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.803435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.804342] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.804747] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.806216] RSP: 0018:ffff888015d07bd0 EFLAGS: 00010246 [ 107.806689] RAX: 0000000000000000 RBX: ffff8880180948a8 RCX: 0000000000000000 [ 107.807274] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 107.807847] RBP: ffff888015d07be8 R08: ffffed1003012933 R09: ffffed1003012933 [ 107.808418] R10: ffff888018094993 R11: ffffed1003012932 R12: ffff888013c8e800 [ 107.808988] R13: ffff8880180949e8 R14: ffff888020a7a700 R15: 0000000000000000 [ 107.809563] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.810209] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.810702] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.811302] PKRU: 55555554 [ 107.811534] Call Trace: [ 107.811741] [ 107.811927] iommufd_access_destroy_object+0x65/0x170 [ 107.812355] iommufd_object_destroy_user+0x18e/0x220 [ 107.812777] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.813256] iommufd_access_destroy+0x43/0x70 [ 107.813632] iommufd_test_staccess_release+0x8d/0xd0 [ 107.814051] __fput+0x26d/0xa40 [ 107.814332] ____fput+0x1e/0x30 [ 107.814636] task_work_run+0x1a4/0x2d0 [ 107.814965] ? __pfx_task_work_run+0x10/0x10 [ 107.815340] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.815745] ? switch_task_namespaces+0xa9/0xe0 [ 107.816138] do_exit+0xb17/0x2ef0 [ 107.816424] ? lock_acquire+0x427/0x4c0 [ 107.816759] ? __pfx_lock_release+0x10/0x10 [ 107.817120] ? __kasan_check_write+0x18/0x20 [ 107.817488] ? do_raw_spin_lock+0x132/0x2a0 [ 107.817843] ? __pfx_do_exit+0x10/0x10 [ 107.818169] ? debug_smp_processor_id+0x20/0x30 [ 107.818584] ? rcu_is_watching+0x19/0xb0 [ 107.818919] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.819309] ? trace_hardirqs_on+0x26/0x120 [ 107.819670] do_group_exit+0xe0/0x2b0 [ 107.819984] __x64_sys_exit_group+0x47/0x50 [ 107.820339] do_syscall_64+0x3b/0x90 [ 107.820652] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.821081] RIP: 0033:0x7f4b87518a4d [ 107.821382] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.821877] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.822485] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.823091] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.823683] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.824257] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.824840] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.825429] [ 107.825620] irq event stamp: 0 [ 107.825878] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.826388] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.827089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.827790] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.828298] ---[ end trace 0000000000000000 ]--- [ 107.829008] ------------[ cut here ]------------ [ 107.829386] WARNING: CPU: 1 PID: 955 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.830205] Modules linked in: [ 107.830466] CPU: 1 PID: 955 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.831206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.832118] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.832538] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.834010] RSP: 0018:ffff888015d07b78 EFLAGS: 00010246 [ 107.834442] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.835041] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 107.835629] RBP: ffff888015d07b98 R08: ffffed100301293e R09: ffffed100301293e [ 107.836207] R10: ffff8880180949ef R11: ffffed100301293d R12: ffff888018094a90 [ 107.836784] R13: ffff8880180948a8 R14: ffffffffffffffff R15: ffff888015d07c60 [ 107.837361] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.838018] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.838489] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.839092] PKRU: 55555554 [ 107.839345] Call Trace: [ 107.839556] [ 107.839743] iommufd_ioas_destroy+0x53/0x70 [ 107.840102] iommufd_fops_release+0x1f7/0x370 [ 107.840472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.840879] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.841282] ? write_comp_data+0x2f/0x90 [ 107.841623] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.842042] __fput+0x26d/0xa40 [ 107.842327] ____fput+0x1e/0x30 [ 107.842631] task_work_run+0x1a4/0x2d0 [ 107.842964] ? __pfx_task_work_run+0x10/0x10 [ 107.843343] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.843748] ? switch_task_namespaces+0xa9/0xe0 [ 107.844138] do_exit+0xb17/0x2ef0 [ 107.844429] ? lock_acquire+0x427/0x4c0 [ 107.844769] ? __pfx_lock_release+0x10/0x10 [ 107.845130] ? __kasan_check_write+0x18/0x20 [ 107.845493] ? do_raw_spin_lock+0x132/0x2a0 [ 107.845844] ? __pfx_do_exit+0x10/0x10 [ 107.846171] ? debug_smp_processor_id+0x20/0x30 [ 107.846582] ? rcu_is_watching+0x19/0xb0 [ 107.846919] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.847303] ? trace_hardirqs_on+0x26/0x120 [ 107.847669] do_group_exit+0xe0/0x2b0 [ 107.847983] __x64_sys_exit_group+0x47/0x50 [ 107.848330] do_syscall_64+0x3b/0x90 [ 107.848642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.849068] RIP: 0033:0x7f4b87518a4d [ 107.849368] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.849865] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.850477] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.851089] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.851674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.852246] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.852820] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.853416] [ 107.853607] irq event stamp: 0 [ 107.853855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.854348] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.855025] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.855691] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.856188] ---[ end trace 0000000000000000 ]--- [ 107.860739] ------------[ cut here ]------------ [ 107.861139] WARNING: CPU: 1 PID: 956 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.861905] Modules linked in: [ 107.862149] CPU: 1 PID: 956 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.862989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.863854] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.864239] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.865646] RSP: 0018:ffff888017b3fbb8 EFLAGS: 00010246 [ 107.866058] RAX: 0000000000000000 RBX: ffff8880145a98a8 RCX: 0000000000000000 [ 107.866635] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 107.867217] RBP: ffff888017b3fbd0 R08: ffffed10028b5333 R09: ffffed10028b5333 [ 107.867774] R10: ffff8880145a9993 R11: ffffed10028b5332 R12: ffff888013e7a400 [ 107.868324] R13: ffff8880145a99e8 R14: ffffffff8352e670 R15: ffff888017b3fe68 [ 107.868867] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.869493] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.869951] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 107.870529] PKRU: 55555554 [ 107.870753] Call Trace: [ 107.870959] [ 107.871144] __iommufd_access_detach+0x1c2/0x2b0 [ 107.871528] iommufd_access_change_pt+0x149/0x270 [ 107.871912] iommufd_access_replace+0xb4/0x120 [ 107.872275] iommufd_test+0x3e5/0x37e0 [ 107.872573] ? lock_release+0x532/0x770 [ 107.872890] ? __might_fault+0x102/0x1b0 [ 107.873208] ? lock_acquire+0x427/0x4c0 [ 107.873520] ? __pfx_iommufd_test+0x10/0x10 [ 107.873848] ? __pfx_lock_release+0x10/0x10 [ 107.874183] ? __pfx_lock_acquire+0x10/0x10 [ 107.874543] ? write_comp_data+0x2f/0x90 [ 107.874870] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.875272] ? write_comp_data+0x2f/0x90 [ 107.875598] iommufd_fops_ioctl+0x37d/0x510 [ 107.875944] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.876326] ? write_comp_data+0x2f/0x90 [ 107.876654] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.877032] __x64_sys_ioctl+0x1a3/0x230 [ 107.877356] do_syscall_64+0x3b/0x90 [ 107.877658] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.878068] RIP: 0033:0x7f4b8743ee5d [ 107.878356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.879780] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.880372] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.880921] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.881468] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.882015] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.882578] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.883143] [ 107.883327] irq event stamp: 0 [ 107.883571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.884058] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.884702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.885341] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.885822] ---[ end trace 0000000000000000 ]--- [ 107.888552] ------------[ cut here ]------------ [ 107.888929] WARNING: CPU: 1 PID: 956 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.889705] Modules linked in: [ 107.889952] CPU: 1 PID: 956 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.890643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.891526] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.891912] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.893310] RSP: 0018:ffff888017b3fbd0 EFLAGS: 00010246 [ 107.893721] RAX: 0000000000000000 RBX: ffff8880145a98a8 RCX: 0000000000000000 [ 107.894266] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 107.894836] RBP: ffff888017b3fbe8 R08: ffffed10028b5333 R09: ffffed10028b5333 [ 107.895398] R10: ffff8880145a9993 R11: ffffed10028b5332 R12: ffff888012f1d400 [ 107.895948] R13: ffff8880145a99e8 R14: ffff88800f025300 R15: 0000000000000000 [ 107.896493] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.897108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.897552] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.898098] PKRU: 55555554 [ 107.898318] Call Trace: [ 107.898540] [ 107.898719] iommufd_access_destroy_object+0x65/0x170 [ 107.899134] iommufd_object_destroy_user+0x18e/0x220 [ 107.899538] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.899994] iommufd_access_destroy+0x43/0x70 [ 107.900351] iommufd_test_staccess_release+0x8d/0xd0 [ 107.900754] __fput+0x26d/0xa40 [ 107.901024] ____fput+0x1e/0x30 [ 107.901287] task_work_run+0x1a4/0x2d0 [ 107.901601] ? __pfx_task_work_run+0x10/0x10 [ 107.901951] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.902336] ? switch_task_namespaces+0xa9/0xe0 [ 107.902732] do_exit+0xb17/0x2ef0 [ 107.903003] ? lock_acquire+0x427/0x4c0 [ 107.903339] ? __pfx_lock_release+0x10/0x10 [ 107.903683] ? __kasan_check_write+0x18/0x20 [ 107.904031] ? do_raw_spin_lock+0x132/0x2a0 [ 107.904369] ? __pfx_do_exit+0x10/0x10 [ 107.904676] ? debug_smp_processor_id+0x20/0x30 [ 107.905033] ? rcu_is_watching+0x19/0xb0 [ 107.905341] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.905690] ? trace_hardirqs_on+0x26/0x120 [ 107.906031] do_group_exit+0xe0/0x2b0 [ 107.906327] __x64_sys_exit_group+0x47/0x50 [ 107.906681] do_syscall_64+0x3b/0x90 [ 107.906984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.907401] RIP: 0033:0x7f4b87518a4d [ 107.907692] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.908166] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.908754] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.909302] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.909843] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.910389] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.910968] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.911530] [ 107.911713] irq event stamp: 0 [ 107.911958] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.912441] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.913083] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.913722] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.914204] ---[ end trace 0000000000000000 ]--- [ 107.914916] ------------[ cut here ]------------ [ 107.915299] WARNING: CPU: 1 PID: 956 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 107.916077] Modules linked in: [ 107.916327] CPU: 1 PID: 956 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.916995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.917857] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 107.918258] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 107.919699] RSP: 0018:ffff888017b3fb78 EFLAGS: 00010246 [ 107.920114] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 107.920662] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 107.921235] RBP: ffff888017b3fb98 R08: ffffed10028b533e R09: ffffed10028b533e [ 107.921785] R10: ffff8880145a99ef R11: ffffed10028b533d R12: ffff8880145a9a90 [ 107.922333] R13: ffff8880145a98a8 R14: ffffffffffffffff R15: ffff888017b3fc60 [ 107.922911] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 107.923551] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.924005] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 107.924553] PKRU: 55555554 [ 107.924774] Call Trace: [ 107.924973] [ 107.925154] iommufd_ioas_destroy+0x53/0x70 [ 107.925495] iommufd_fops_release+0x1f7/0x370 [ 107.925850] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.926240] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.926649] ? write_comp_data+0x2f/0x90 [ 107.926976] ? __pfx_iommufd_fops_release+0x10/0x10 [ 107.927375] __fput+0x26d/0xa40 [ 107.927647] ____fput+0x1e/0x30 [ 107.927909] task_work_run+0x1a4/0x2d0 [ 107.928218] ? __pfx_task_work_run+0x10/0x10 [ 107.928567] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.928953] ? switch_task_namespaces+0xa9/0xe0 [ 107.929324] do_exit+0xb17/0x2ef0 [ 107.929594] ? lock_acquire+0x427/0x4c0 [ 107.929912] ? __pfx_lock_release+0x10/0x10 [ 107.930253] ? __kasan_check_write+0x18/0x20 [ 107.930625] ? do_raw_spin_lock+0x132/0x2a0 [ 107.930965] ? __pfx_do_exit+0x10/0x10 [ 107.931288] ? debug_smp_processor_id+0x20/0x30 [ 107.931657] ? rcu_is_watching+0x19/0xb0 [ 107.931976] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.932331] ? trace_hardirqs_on+0x26/0x120 [ 107.932673] do_group_exit+0xe0/0x2b0 [ 107.932975] __x64_sys_exit_group+0x47/0x50 [ 107.933317] do_syscall_64+0x3b/0x90 [ 107.933620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.934040] RIP: 0033:0x7f4b87518a4d [ 107.934333] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.934843] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.935444] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.935996] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.936540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.937090] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.937636] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.938191] [ 107.938375] irq event stamp: 0 [ 107.938641] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.939139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.939786] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.940436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.940920] ---[ end trace 0000000000000000 ]--- [ 107.945419] ------------[ cut here ]------------ [ 107.945832] WARNING: CPU: 0 PID: 957 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.946840] Modules linked in: [ 107.947099] CPU: 0 PID: 957 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.947786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.948661] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.949056] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.950687] RSP: 0018:ffff888012d87bb8 EFLAGS: 00010246 [ 107.951139] RAX: 0000000000000000 RBX: ffff888020cfa8a8 RCX: 0000000000000000 [ 107.951697] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 107.952261] RBP: ffff888012d87bd0 R08: ffffed100419f533 R09: ffffed100419f533 [ 107.952822] R10: ffff888020cfa993 R11: ffffed100419f532 R12: ffff88800f172400 [ 107.953384] R13: ffff888020cfa9e8 R14: ffffffff8352e670 R15: ffff888012d87e68 [ 107.953943] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.954590] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.955048] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 107.955621] PKRU: 55555554 [ 107.955847] Call Trace: [ 107.956050] [ 107.956231] __iommufd_access_detach+0x1c2/0x2b0 [ 107.956625] iommufd_access_change_pt+0x149/0x270 [ 107.957017] iommufd_access_replace+0xb4/0x120 [ 107.957404] iommufd_test+0x3e5/0x37e0 [ 107.957717] ? lock_release+0x532/0x770 [ 107.958047] ? __might_fault+0x102/0x1b0 [ 107.958379] ? lock_acquire+0x427/0x4c0 [ 107.958724] ? __pfx_iommufd_test+0x10/0x10 [ 107.959069] ? __pfx_lock_release+0x10/0x10 [ 107.959426] ? __pfx_lock_acquire+0x10/0x10 [ 107.959776] ? write_comp_data+0x2f/0x90 [ 107.960107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.960496] ? write_comp_data+0x2f/0x90 [ 107.960833] iommufd_fops_ioctl+0x37d/0x510 [ 107.961183] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.961576] ? write_comp_data+0x2f/0x90 [ 107.961913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 107.962304] __x64_sys_ioctl+0x1a3/0x230 [ 107.962657] do_syscall_64+0x3b/0x90 [ 107.962966] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.963398] RIP: 0033:0x7f4b8743ee5d [ 107.963699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 107.965150] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 107.965750] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 107.966313] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 107.966905] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 107.967481] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 107.968046] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 107.968619] [ 107.968807] irq event stamp: 0 [ 107.969053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.969550] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 107.970210] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 107.970888] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 107.971386] ---[ end trace 0000000000000000 ]--- [ 107.974761] ------------[ cut here ]------------ [ 107.975175] WARNING: CPU: 0 PID: 957 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 107.975962] Modules linked in: [ 107.976214] CPU: 0 PID: 957 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 107.976892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 107.977772] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 107.978162] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 107.979861] RSP: 0018:ffff888012d87bd0 EFLAGS: 00010246 [ 107.980291] RAX: 0000000000000000 RBX: ffff888020cfa8a8 RCX: 0000000000000000 [ 107.980853] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 107.981411] RBP: ffff888012d87be8 R08: ffffed100419f533 R09: ffffed100419f533 [ 107.981967] R10: ffff888020cfa993 R11: ffffed100419f532 R12: ffff888021ba8c00 [ 107.982544] R13: ffff888020cfa9e8 R14: ffff888020a46400 R15: 0000000000000000 [ 107.983118] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 107.983751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.984206] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 107.984765] PKRU: 55555554 [ 107.984990] Call Trace: [ 107.985194] [ 107.985372] iommufd_access_destroy_object+0x65/0x170 [ 107.985786] iommufd_object_destroy_user+0x18e/0x220 [ 107.986194] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 107.986678] iommufd_access_destroy+0x43/0x70 [ 107.987048] iommufd_test_staccess_release+0x8d/0xd0 [ 107.987471] __fput+0x26d/0xa40 [ 107.987748] ____fput+0x1e/0x30 [ 107.988018] task_work_run+0x1a4/0x2d0 [ 107.988338] ? __pfx_task_work_run+0x10/0x10 [ 107.988696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 107.989091] ? switch_task_namespaces+0xa9/0xe0 [ 107.989470] do_exit+0xb17/0x2ef0 [ 107.989748] ? lock_acquire+0x427/0x4c0 [ 107.990073] ? __pfx_lock_release+0x10/0x10 [ 107.990423] ? __kasan_check_write+0x18/0x20 [ 107.990809] ? do_raw_spin_lock+0x132/0x2a0 [ 107.991167] ? __pfx_do_exit+0x10/0x10 [ 107.991490] ? debug_smp_processor_id+0x20/0x30 [ 107.991865] ? rcu_is_watching+0x19/0xb0 [ 107.992189] ? _raw_spin_unlock_irq+0x2b/0x60 [ 107.992550] ? trace_hardirqs_on+0x26/0x120 [ 107.992902] do_group_exit+0xe0/0x2b0 [ 107.993204] __x64_sys_exit_group+0x47/0x50 [ 107.993546] do_syscall_64+0x3b/0x90 [ 107.993849] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 107.994267] RIP: 0033:0x7f4b87518a4d [ 107.994584] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 107.995075] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 107.995684] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 107.996245] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 107.996807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 107.997391] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 107.997945] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 107.998524] [ 107.998712] irq event stamp: 0 [ 107.998960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 107.999456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.000109] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.000758] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.001246] ---[ end trace 0000000000000000 ]--- [ 108.002075] ------------[ cut here ]------------ [ 108.002455] WARNING: CPU: 0 PID: 957 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.003452] Modules linked in: [ 108.003714] CPU: 0 PID: 957 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.004389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.005265] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.005672] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.007128] RSP: 0018:ffff888012d87b78 EFLAGS: 00010246 [ 108.007544] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.008094] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 108.008647] RBP: ffff888012d87b98 R08: ffffed100419f53e R09: ffffed100419f53e [ 108.009199] R10: ffff888020cfa9ef R11: ffffed100419f53d R12: ffff888020cfaa90 [ 108.009751] R13: ffff888020cfa8a8 R14: ffffffffffffffff R15: ffff888012d87c60 [ 108.010303] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.010952] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.011419] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.011979] PKRU: 55555554 [ 108.012203] Call Trace: [ 108.012407] [ 108.012586] iommufd_ioas_destroy+0x53/0x70 [ 108.012933] iommufd_fops_release+0x1f7/0x370 [ 108.013295] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.013694] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.014086] ? write_comp_data+0x2f/0x90 [ 108.014418] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.014829] __fput+0x26d/0xa40 [ 108.015105] ____fput+0x1e/0x30 [ 108.015386] task_work_run+0x1a4/0x2d0 [ 108.015705] ? __pfx_task_work_run+0x10/0x10 [ 108.016058] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.016443] ? switch_task_namespaces+0xa9/0xe0 [ 108.016817] do_exit+0xb17/0x2ef0 [ 108.017090] ? lock_acquire+0x427/0x4c0 [ 108.017409] ? __pfx_lock_release+0x10/0x10 [ 108.017759] ? __kasan_check_write+0x18/0x20 [ 108.018107] ? do_raw_spin_lock+0x132/0x2a0 [ 108.018446] ? __pfx_do_exit+0x10/0x10 [ 108.018778] ? debug_smp_processor_id+0x20/0x30 [ 108.019160] ? rcu_is_watching+0x19/0xb0 [ 108.019487] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.019850] ? trace_hardirqs_on+0x26/0x120 [ 108.020195] do_group_exit+0xe0/0x2b0 [ 108.020498] __x64_sys_exit_group+0x47/0x50 [ 108.020839] do_syscall_64+0x3b/0x90 [ 108.021141] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.021559] RIP: 0033:0x7f4b87518a4d [ 108.021855] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.022333] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.022944] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.023514] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.024072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.024620] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.025172] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.025739] [ 108.025923] irq event stamp: 0 [ 108.026176] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.026686] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.027347] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.028000] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.028486] ---[ end trace 0000000000000000 ]--- [ 108.032372] ------------[ cut here ]------------ [ 108.032778] WARNING: CPU: 0 PID: 958 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.033558] Modules linked in: [ 108.033808] CPU: 0 PID: 958 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.034478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.035402] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.035795] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.037210] RSP: 0018:ffff88801366fbb8 EFLAGS: 00010246 [ 108.037622] RAX: 0000000000000000 RBX: ffff888016ec70a8 RCX: 0000000000000000 [ 108.038176] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 108.038738] RBP: ffff88801366fbd0 R08: ffffed1002dd8e33 R09: ffffed1002dd8e33 [ 108.039309] R10: ffff888016ec7193 R11: ffffed1002dd8e32 R12: ffff888017ba0c00 [ 108.039869] R13: ffff888016ec71e8 R14: ffffffff8352e670 R15: ffff88801366fe68 [ 108.040425] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.041053] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.041504] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ef0 [ 108.042063] PKRU: 55555554 [ 108.042288] Call Trace: [ 108.042488] [ 108.042681] __iommufd_access_detach+0x1c2/0x2b0 [ 108.043066] iommufd_access_change_pt+0x149/0x270 [ 108.043458] iommufd_access_replace+0xb4/0x120 [ 108.043819] iommufd_test+0x3e5/0x37e0 [ 108.044119] ? lock_release+0x532/0x770 [ 108.044453] ? __might_fault+0x102/0x1b0 [ 108.044778] ? lock_acquire+0x427/0x4c0 [ 108.045105] ? __pfx_iommufd_test+0x10/0x10 [ 108.045447] ? __pfx_lock_release+0x10/0x10 [ 108.045793] ? __pfx_lock_acquire+0x10/0x10 [ 108.046144] ? write_comp_data+0x2f/0x90 [ 108.046471] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.046879] ? write_comp_data+0x2f/0x90 [ 108.047232] iommufd_fops_ioctl+0x37d/0x510 [ 108.047574] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.047965] ? write_comp_data+0x2f/0x90 [ 108.048295] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.048678] __x64_sys_ioctl+0x1a3/0x230 [ 108.049015] do_syscall_64+0x3b/0x90 [ 108.049317] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.049731] RIP: 0033:0x7f4b8743ee5d [ 108.050028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.051467] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.052065] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.052626] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.053179] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.053730] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.054279] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.054863] [ 108.055050] irq event stamp: 0 [ 108.055312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.055804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.056457] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.057106] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.057597] ---[ end trace 0000000000000000 ]--- [ 108.060383] ------------[ cut here ]------------ [ 108.060772] WARNING: CPU: 0 PID: 958 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.061558] Modules linked in: [ 108.061809] CPU: 0 PID: 958 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.062484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.063424] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.063818] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.065228] RSP: 0018:ffff88801366fbd0 EFLAGS: 00010246 [ 108.065641] RAX: 0000000000000000 RBX: ffff888016ec70a8 RCX: 0000000000000000 [ 108.066187] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 108.066769] RBP: ffff88801366fbe8 R08: ffffed1002dd8e33 R09: ffffed1002dd8e33 [ 108.067333] R10: ffff888016ec7193 R11: ffffed1002dd8e32 R12: ffff88800f170800 [ 108.067885] R13: ffff888016ec71e8 R14: ffff888014229d00 R15: 0000000000000000 [ 108.068442] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.069066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.069517] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.070077] PKRU: 55555554 [ 108.070298] Call Trace: [ 108.070498] [ 108.070700] iommufd_access_destroy_object+0x65/0x170 [ 108.071120] iommufd_object_destroy_user+0x18e/0x220 [ 108.071525] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.071988] iommufd_access_destroy+0x43/0x70 [ 108.072350] iommufd_test_staccess_release+0x8d/0xd0 [ 108.072756] __fput+0x26d/0xa40 [ 108.073027] ____fput+0x1e/0x30 [ 108.073296] task_work_run+0x1a4/0x2d0 [ 108.073611] ? __pfx_task_work_run+0x10/0x10 [ 108.073961] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.074356] ? switch_task_namespaces+0xa9/0xe0 [ 108.074752] do_exit+0xb17/0x2ef0 [ 108.075032] ? lock_acquire+0x427/0x4c0 [ 108.075369] ? __pfx_lock_release+0x10/0x10 [ 108.075717] ? __kasan_check_write+0x18/0x20 [ 108.076070] ? do_raw_spin_lock+0x132/0x2a0 [ 108.076409] ? __pfx_do_exit+0x10/0x10 [ 108.076727] ? debug_smp_processor_id+0x20/0x30 [ 108.077099] ? rcu_is_watching+0x19/0xb0 [ 108.077422] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.077783] ? trace_hardirqs_on+0x26/0x120 [ 108.078128] do_group_exit+0xe0/0x2b0 [ 108.078429] __x64_sys_exit_group+0x47/0x50 [ 108.078791] do_syscall_64+0x3b/0x90 [ 108.079096] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.079518] RIP: 0033:0x7f4b87518a4d [ 108.079814] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.080293] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.080884] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.081436] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.081992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.082566] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.083131] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.083692] [ 108.083878] irq event stamp: 0 [ 108.084125] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.084618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.085269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.085915] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.086402] ---[ end trace 0000000000000000 ]--- [ 108.087149] ------------[ cut here ]------------ [ 108.087526] WARNING: CPU: 0 PID: 958 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.088308] Modules linked in: [ 108.088564] CPU: 0 PID: 958 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.089240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.090107] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.090543] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.091968] RSP: 0018:ffff88801366fb78 EFLAGS: 00010246 [ 108.092387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.092939] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 108.093496] RBP: ffff88801366fb98 R08: ffffed1002dd8e3e R09: ffffed1002dd8e3e [ 108.094047] R10: ffff888016ec71ef R11: ffffed1002dd8e3d R12: ffff888016ec7290 [ 108.094643] R13: ffff888016ec70a8 R14: ffffffffffffffff R15: ffff88801366fc60 [ 108.095216] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.095846] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.096299] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.096851] PKRU: 55555554 [ 108.097076] Call Trace: [ 108.097277] [ 108.097457] iommufd_ioas_destroy+0x53/0x70 [ 108.097800] iommufd_fops_release+0x1f7/0x370 [ 108.098159] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.098573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.098969] ? write_comp_data+0x2f/0x90 [ 108.099310] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.099703] __fput+0x26d/0xa40 [ 108.099975] ____fput+0x1e/0x30 [ 108.100245] task_work_run+0x1a4/0x2d0 [ 108.100559] ? __pfx_task_work_run+0x10/0x10 [ 108.100913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.101296] ? switch_task_namespaces+0xa9/0xe0 [ 108.101672] do_exit+0xb17/0x2ef0 [ 108.101943] ? lock_acquire+0x427/0x4c0 [ 108.102260] ? __pfx_lock_release+0x10/0x10 [ 108.102624] ? __kasan_check_write+0x18/0x20 [ 108.102978] ? do_raw_spin_lock+0x132/0x2a0 [ 108.103331] ? __pfx_do_exit+0x10/0x10 [ 108.103647] ? debug_smp_processor_id+0x20/0x30 [ 108.104019] ? rcu_is_watching+0x19/0xb0 [ 108.104342] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.104702] ? trace_hardirqs_on+0x26/0x120 [ 108.105047] do_group_exit+0xe0/0x2b0 [ 108.105348] __x64_sys_exit_group+0x47/0x50 [ 108.105684] do_syscall_64+0x3b/0x90 [ 108.105989] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.106402] RIP: 0033:0x7f4b87518a4d [ 108.106719] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.107212] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.107905] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.108483] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.109037] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.109585] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.110142] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.110725] [ 108.110914] irq event stamp: 0 [ 108.111173] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.111671] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.112325] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.112977] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.113472] ---[ end trace 0000000000000000 ]--- [ 108.117412] ------------[ cut here ]------------ [ 108.117810] WARNING: CPU: 0 PID: 959 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.118774] Modules linked in: [ 108.119027] CPU: 0 PID: 959 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.119707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.120577] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.120962] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.122366] RSP: 0018:ffff88801051fbb8 EFLAGS: 00010246 [ 108.122798] RAX: 0000000000000000 RBX: ffff88800e94f0a8 RCX: 0000000000000000 [ 108.123361] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 108.123913] RBP: ffff88801051fbd0 R08: ffffed1001d29e33 R09: ffffed1001d29e33 [ 108.124462] R10: ffff88800e94f193 R11: ffffed1001d29e32 R12: ffff88800fd3d800 [ 108.125028] R13: ffff88800e94f1e8 R14: ffffffff8352e670 R15: ffff88801051fe68 [ 108.125578] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.126196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.126659] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ef0 [ 108.127230] PKRU: 55555554 [ 108.127451] Call Trace: [ 108.127652] [ 108.127831] __iommufd_access_detach+0x1c2/0x2b0 [ 108.128217] iommufd_access_change_pt+0x149/0x270 [ 108.128601] iommufd_access_replace+0xb4/0x120 [ 108.128967] iommufd_test+0x3e5/0x37e0 [ 108.129274] ? lock_release+0x532/0x770 [ 108.129599] ? __might_fault+0x102/0x1b0 [ 108.129925] ? lock_acquire+0x427/0x4c0 [ 108.130250] ? __pfx_iommufd_test+0x10/0x10 [ 108.130607] ? __pfx_lock_release+0x10/0x10 [ 108.130958] ? __pfx_lock_acquire+0x10/0x10 [ 108.131319] ? write_comp_data+0x2f/0x90 [ 108.131652] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.132039] ? write_comp_data+0x2f/0x90 [ 108.132365] iommufd_fops_ioctl+0x37d/0x510 [ 108.132713] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.133101] ? write_comp_data+0x2f/0x90 [ 108.133429] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.133810] __x64_sys_ioctl+0x1a3/0x230 [ 108.134140] do_syscall_64+0x3b/0x90 [ 108.134443] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.134877] RIP: 0033:0x7f4b8743ee5d [ 108.135184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.136604] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.137192] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.137747] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.138304] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.138876] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.139445] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.140012] [ 108.140195] irq event stamp: 0 [ 108.140442] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.140941] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.141595] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.142247] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.142755] ---[ end trace 0000000000000000 ]--- [ 108.145511] ------------[ cut here ]------------ [ 108.145904] WARNING: CPU: 0 PID: 959 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.146708] Modules linked in: [ 108.146960] CPU: 0 PID: 959 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.147653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.148525] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.148916] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.150329] RSP: 0018:ffff88801051fbd0 EFLAGS: 00010246 [ 108.150774] RAX: 0000000000000000 RBX: ffff88800e94f0a8 RCX: 0000000000000000 [ 108.151343] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 108.151897] RBP: ffff88801051fbe8 R08: ffffed1001d29e33 R09: ffffed1001d29e33 [ 108.152458] R10: ffff88800e94f193 R11: ffffed1001d29e32 R12: ffff888017ba2400 [ 108.153015] R13: ffff88800e94f1e8 R14: ffff88800fa2d200 R15: 0000000000000000 [ 108.153567] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.154192] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.154663] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.155245] PKRU: 55555554 [ 108.155468] Call Trace: [ 108.155673] [ 108.155853] iommufd_access_destroy_object+0x65/0x170 [ 108.156263] iommufd_object_destroy_user+0x18e/0x220 [ 108.156662] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.157121] iommufd_access_destroy+0x43/0x70 [ 108.157491] iommufd_test_staccess_release+0x8d/0xd0 [ 108.157898] __fput+0x26d/0xa40 [ 108.158173] ____fput+0x1e/0x30 [ 108.158446] task_work_run+0x1a4/0x2d0 [ 108.158786] ? __pfx_task_work_run+0x10/0x10 [ 108.159151] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.159541] ? switch_task_namespaces+0xa9/0xe0 [ 108.159924] do_exit+0xb17/0x2ef0 [ 108.160198] ? lock_acquire+0x427/0x4c0 [ 108.160519] ? __pfx_lock_release+0x10/0x10 [ 108.160867] ? __kasan_check_write+0x18/0x20 [ 108.161220] ? do_raw_spin_lock+0x132/0x2a0 [ 108.161562] ? __pfx_do_exit+0x10/0x10 [ 108.161879] ? debug_smp_processor_id+0x20/0x30 [ 108.162244] ? rcu_is_watching+0x19/0xb0 [ 108.162582] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.162942] ? trace_hardirqs_on+0x26/0x120 [ 108.163297] do_group_exit+0xe0/0x2b0 [ 108.163597] __x64_sys_exit_group+0x47/0x50 [ 108.163934] do_syscall_64+0x3b/0x90 [ 108.164237] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.164648] RIP: 0033:0x7f4b87518a4d [ 108.164945] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.165422] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.166010] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.166583] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.167153] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.167703] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.168253] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.168814] [ 108.169001] irq event stamp: 0 [ 108.169246] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.169734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.170379] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.171044] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.171578] ---[ end trace 0000000000000000 ]--- [ 108.172746] ------------[ cut here ]------------ [ 108.173307] WARNING: CPU: 0 PID: 959 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.174419] Modules linked in: [ 108.174822] CPU: 0 PID: 959 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.175787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.177016] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.177586] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.179626] RSP: 0018:ffff88801051fb78 EFLAGS: 00010246 [ 108.180222] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.181011] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 108.181794] RBP: ffff88801051fb98 R08: ffffed1001d29e3e R09: ffffed1001d29e3e [ 108.182617] R10: ffff88800e94f1ef R11: ffffed1001d29e3d R12: ffff88800e94f290 [ 108.183422] R13: ffff88800e94f0a8 R14: ffffffffffffffff R15: ffff88801051fc60 [ 108.184208] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.185088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.185727] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.186540] PKRU: 55555554 [ 108.186865] Call Trace: [ 108.187162] [ 108.187421] iommufd_ioas_destroy+0x53/0x70 [ 108.187934] iommufd_fops_release+0x1f7/0x370 [ 108.188448] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.189010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.189567] ? write_comp_data+0x2f/0x90 [ 108.190035] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.190621] __fput+0x26d/0xa40 [ 108.191019] ____fput+0x1e/0x30 [ 108.191438] task_work_run+0x1a4/0x2d0 [ 108.191891] ? __pfx_task_work_run+0x10/0x10 [ 108.192386] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.192933] ? switch_task_namespaces+0xa9/0xe0 [ 108.193463] do_exit+0xb17/0x2ef0 [ 108.193851] ? lock_acquire+0x427/0x4c0 [ 108.194303] ? __pfx_lock_release+0x10/0x10 [ 108.194812] ? __kasan_check_write+0x18/0x20 [ 108.195315] ? do_raw_spin_lock+0x132/0x2a0 [ 108.195794] ? __pfx_do_exit+0x10/0x10 [ 108.196237] ? debug_smp_processor_id+0x20/0x30 [ 108.196757] ? rcu_is_watching+0x19/0xb0 [ 108.197209] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.197717] ? trace_hardirqs_on+0x26/0x120 [ 108.198203] do_group_exit+0xe0/0x2b0 [ 108.198657] __x64_sys_exit_group+0x47/0x50 [ 108.199143] do_syscall_64+0x3b/0x90 [ 108.199569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.200145] RIP: 0033:0x7f4b87518a4d [ 108.200557] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.201224] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.202048] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.202870] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.203657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.204430] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.205200] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.205983] [ 108.206242] irq event stamp: 0 [ 108.206614] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.207310] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.208216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.209117] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.209800] ---[ end trace 0000000000000000 ]--- [ 108.216016] ------------[ cut here ]------------ [ 108.216539] WARNING: CPU: 0 PID: 960 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.217596] Modules linked in: [ 108.217937] CPU: 0 PID: 960 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.218901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.220081] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.220606] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.222486] RSP: 0018:ffff888024567bb8 EFLAGS: 00010246 [ 108.223063] RAX: 0000000000000000 RBX: ffff888011c2e8a8 RCX: 0000000000000000 [ 108.223758] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 108.224277] RBP: ffff888024567bd0 R08: ffffed1002385d33 R09: ffffed1002385d33 [ 108.224778] R10: ffff888011c2e993 R11: ffffed1002385d32 R12: ffff888016478800 [ 108.225280] R13: ffff888011c2e9e8 R14: ffffffff8352e670 R15: ffff888024567e68 [ 108.225782] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.226344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.226769] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 108.227276] PKRU: 55555554 [ 108.227474] Call Trace: [ 108.227653] [ 108.227813] __iommufd_access_detach+0x1c2/0x2b0 [ 108.228163] iommufd_access_change_pt+0x149/0x270 [ 108.228512] iommufd_access_replace+0xb4/0x120 [ 108.228844] iommufd_test+0x3e5/0x37e0 [ 108.229119] ? lock_release+0x532/0x770 [ 108.229408] ? __might_fault+0x102/0x1b0 [ 108.229705] ? lock_acquire+0x427/0x4c0 [ 108.229993] ? __pfx_iommufd_test+0x10/0x10 [ 108.230291] ? __pfx_lock_release+0x10/0x10 [ 108.230608] ? __pfx_lock_acquire+0x10/0x10 [ 108.230921] ? write_comp_data+0x2f/0x90 [ 108.231224] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.231564] ? write_comp_data+0x2f/0x90 [ 108.231853] iommufd_fops_ioctl+0x37d/0x510 [ 108.232155] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.232491] ? write_comp_data+0x2f/0x90 [ 108.232769] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.233094] __x64_sys_ioctl+0x1a3/0x230 [ 108.233373] do_syscall_64+0x3b/0x90 [ 108.233628] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.233977] RIP: 0033:0x7f4b8743ee5d [ 108.234224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.235433] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.235934] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.236401] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.236870] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.237336] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.237805] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.238279] [ 108.238433] irq event stamp: 0 [ 108.238653] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.239067] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.239620] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.240170] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.240585] ---[ end trace 0000000000000000 ]--- [ 108.242942] ------------[ cut here ]------------ [ 108.243265] WARNING: CPU: 0 PID: 960 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.243916] Modules linked in: [ 108.244127] CPU: 0 PID: 960 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.244690] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.245420] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.245744] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.246944] RSP: 0018:ffff888024567bd0 EFLAGS: 00010246 [ 108.247296] RAX: 0000000000000000 RBX: ffff888011c2e8a8 RCX: 0000000000000000 [ 108.247761] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 108.248222] RBP: ffff888024567be8 R08: ffffed1002385d33 R09: ffffed1002385d33 [ 108.248684] R10: ffff888011c2e993 R11: ffffed1002385d32 R12: ffff88800fd3d000 [ 108.249147] R13: ffff888011c2e9e8 R14: ffff888010804400 R15: 0000000000000000 [ 108.249608] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.250132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.250519] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.250982] PKRU: 55555554 [ 108.251178] Call Trace: [ 108.251346] [ 108.251493] iommufd_access_destroy_object+0x65/0x170 [ 108.251825] iommufd_object_destroy_user+0x18e/0x220 [ 108.252155] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.252532] iommufd_access_destroy+0x43/0x70 [ 108.252828] iommufd_test_staccess_release+0x8d/0xd0 [ 108.253166] __fput+0x26d/0xa40 [ 108.253391] ____fput+0x1e/0x30 [ 108.253611] task_work_run+0x1a4/0x2d0 [ 108.253872] ? __pfx_task_work_run+0x10/0x10 [ 108.254161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.254477] ? switch_task_namespaces+0xa9/0xe0 [ 108.254797] do_exit+0xb17/0x2ef0 [ 108.255022] ? lock_acquire+0x427/0x4c0 [ 108.255296] ? __pfx_lock_release+0x10/0x10 [ 108.255579] ? __kasan_check_write+0x18/0x20 [ 108.255866] ? do_raw_spin_lock+0x132/0x2a0 [ 108.256144] ? __pfx_do_exit+0x10/0x10 [ 108.256402] ? debug_smp_processor_id+0x20/0x30 [ 108.256705] ? rcu_is_watching+0x19/0xb0 [ 108.256967] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.257262] ? trace_hardirqs_on+0x26/0x120 [ 108.257544] do_group_exit+0xe0/0x2b0 [ 108.257790] __x64_sys_exit_group+0x47/0x50 [ 108.258065] do_syscall_64+0x3b/0x90 [ 108.258313] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.258654] RIP: 0033:0x7f4b87518a4d [ 108.258889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.259284] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.259762] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.260210] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.260656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.261103] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.261549] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.262003] [ 108.262151] irq event stamp: 0 [ 108.262351] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.262755] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.263285] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.263809] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.264204] ---[ end trace 0000000000000000 ]--- [ 108.264745] ------------[ cut here ]------------ [ 108.265040] WARNING: CPU: 0 PID: 960 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.265676] Modules linked in: [ 108.265878] CPU: 0 PID: 960 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.266426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.267151] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.267491] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.268652] RSP: 0018:ffff888024567b78 EFLAGS: 00010246 [ 108.268991] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.269440] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 108.269888] RBP: ffff888024567b98 R08: ffffed1002385d3e R09: ffffed1002385d3e [ 108.270336] R10: ffff888011c2e9ef R11: ffffed1002385d3d R12: ffff888011c2ea90 [ 108.270799] R13: ffff888011c2e8a8 R14: ffffffffffffffff R15: ffff888024567c60 [ 108.271259] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.271769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.272136] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.272589] PKRU: 55555554 [ 108.272769] Call Trace: [ 108.272932] [ 108.273077] iommufd_ioas_destroy+0x53/0x70 [ 108.273358] iommufd_fops_release+0x1f7/0x370 [ 108.273652] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.273977] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.274295] ? write_comp_data+0x2f/0x90 [ 108.274575] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.274900] __fput+0x26d/0xa40 [ 108.275130] ____fput+0x1e/0x30 [ 108.275349] task_work_run+0x1a4/0x2d0 [ 108.275605] ? __pfx_task_work_run+0x10/0x10 [ 108.275890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.276208] ? switch_task_namespaces+0xa9/0xe0 [ 108.276514] do_exit+0xb17/0x2ef0 [ 108.276738] ? lock_acquire+0x427/0x4c0 [ 108.277000] ? __pfx_lock_release+0x10/0x10 [ 108.277281] ? __kasan_check_write+0x18/0x20 [ 108.277565] ? do_raw_spin_lock+0x132/0x2a0 [ 108.277844] ? __pfx_do_exit+0x10/0x10 [ 108.278102] ? debug_smp_processor_id+0x20/0x30 [ 108.278403] ? rcu_is_watching+0x19/0xb0 [ 108.278674] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.278969] ? trace_hardirqs_on+0x26/0x120 [ 108.279257] do_group_exit+0xe0/0x2b0 [ 108.279503] __x64_sys_exit_group+0x47/0x50 [ 108.279778] do_syscall_64+0x3b/0x90 [ 108.280026] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.280361] RIP: 0033:0x7f4b87518a4d [ 108.280598] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.280989] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.281469] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.281920] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.282370] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.282829] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.283297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.283755] [ 108.283904] irq event stamp: 0 [ 108.284105] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.284506] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.285039] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.285571] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.285973] ---[ end trace 0000000000000000 ]--- [ 108.289157] ------------[ cut here ]------------ [ 108.289506] WARNING: CPU: 1 PID: 961 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.290156] Modules linked in: [ 108.290366] CPU: 1 PID: 961 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.290950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.291683] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.292004] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.293174] RSP: 0018:ffff88801366fbb8 EFLAGS: 00010246 [ 108.293519] RAX: 0000000000000000 RBX: ffff8880245438a8 RCX: 0000000000000000 [ 108.293977] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 108.294439] RBP: ffff88801366fbd0 R08: ffffed10048a8733 R09: ffffed10048a8733 [ 108.294933] R10: ffff888024543993 R11: ffffed10048a8732 R12: ffff888013e05000 [ 108.295404] R13: ffff8880245439e8 R14: ffffffff8352e670 R15: ffff88801366fe68 [ 108.295869] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.296391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.296771] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 108.297234] PKRU: 55555554 [ 108.297417] Call Trace: [ 108.297583] [ 108.297732] __iommufd_access_detach+0x1c2/0x2b0 [ 108.298052] iommufd_access_change_pt+0x149/0x270 [ 108.298377] iommufd_access_replace+0xb4/0x120 [ 108.298695] iommufd_test+0x3e5/0x37e0 [ 108.298953] ? lock_release+0x532/0x770 [ 108.299231] ? __might_fault+0x102/0x1b0 [ 108.299505] ? lock_acquire+0x427/0x4c0 [ 108.299775] ? __pfx_iommufd_test+0x10/0x10 [ 108.300057] ? __pfx_lock_release+0x10/0x10 [ 108.300345] ? __pfx_lock_acquire+0x10/0x10 [ 108.300635] ? write_comp_data+0x2f/0x90 [ 108.300908] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.301229] ? write_comp_data+0x2f/0x90 [ 108.301506] iommufd_fops_ioctl+0x37d/0x510 [ 108.301803] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.302124] ? write_comp_data+0x2f/0x90 [ 108.302403] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.302746] __x64_sys_ioctl+0x1a3/0x230 [ 108.303032] do_syscall_64+0x3b/0x90 [ 108.303295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.303642] RIP: 0033:0x7f4b8743ee5d [ 108.303885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.305064] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.305559] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.306026] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.306485] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.306971] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.307449] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.307921] [ 108.308073] irq event stamp: 0 [ 108.308279] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.308686] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.309236] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.309778] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.310186] ---[ end trace 0000000000000000 ]--- [ 108.312535] ------------[ cut here ]------------ [ 108.312867] WARNING: CPU: 1 PID: 961 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.313517] Modules linked in: [ 108.313727] CPU: 1 PID: 961 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.314285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.315227] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.315558] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.316732] RSP: 0018:ffff88801366fbd0 EFLAGS: 00010246 [ 108.317083] RAX: 0000000000000000 RBX: ffff8880245438a8 RCX: 0000000000000000 [ 108.317543] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 108.318009] RBP: ffff88801366fbe8 R08: ffffed10048a8733 R09: ffffed10048a8733 [ 108.318468] R10: ffff888024543993 R11: ffffed10048a8732 R12: ffff888013e78800 [ 108.318947] R13: ffff8880245439e8 R14: ffff88800fa2a900 R15: 0000000000000000 [ 108.319418] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.319940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.320316] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.320776] PKRU: 55555554 [ 108.320959] Call Trace: [ 108.321126] [ 108.321274] iommufd_access_destroy_object+0x65/0x170 [ 108.321613] iommufd_object_destroy_user+0x18e/0x220 [ 108.321949] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.322341] iommufd_access_destroy+0x43/0x70 [ 108.322665] iommufd_test_staccess_release+0x8d/0xd0 [ 108.323012] __fput+0x26d/0xa40 [ 108.323248] ____fput+0x1e/0x30 [ 108.323472] task_work_run+0x1a4/0x2d0 [ 108.323736] ? __pfx_task_work_run+0x10/0x10 [ 108.324034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.324372] ? switch_task_namespaces+0xa9/0xe0 [ 108.324685] do_exit+0xb17/0x2ef0 [ 108.324917] ? lock_acquire+0x427/0x4c0 [ 108.325185] ? __pfx_lock_release+0x10/0x10 [ 108.325474] ? __kasan_check_write+0x18/0x20 [ 108.325765] ? do_raw_spin_lock+0x132/0x2a0 [ 108.326048] ? __pfx_do_exit+0x10/0x10 [ 108.326311] ? debug_smp_processor_id+0x20/0x30 [ 108.326635] ? rcu_is_watching+0x19/0xb0 [ 108.326904] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.327211] ? trace_hardirqs_on+0x26/0x120 [ 108.327496] do_group_exit+0xe0/0x2b0 [ 108.327746] __x64_sys_exit_group+0x47/0x50 [ 108.328028] do_syscall_64+0x3b/0x90 [ 108.328279] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.328620] RIP: 0033:0x7f4b87518a4d [ 108.328863] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.329262] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.329756] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.330223] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.330695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.331171] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.331636] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.332105] [ 108.332258] irq event stamp: 0 [ 108.332463] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.332875] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.333420] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.333970] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.334386] ---[ end trace 0000000000000000 ]--- [ 108.335058] ------------[ cut here ]------------ [ 108.335381] WARNING: CPU: 1 PID: 961 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.336042] Modules linked in: [ 108.336253] CPU: 1 PID: 961 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.336826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.337563] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.337902] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.339143] RSP: 0018:ffff88801366fb78 EFLAGS: 00010246 [ 108.339498] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.339968] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 108.340438] RBP: ffff88801366fb98 R08: ffffed10048a873e R09: ffffed10048a873e [ 108.340905] R10: ffff8880245439ef R11: ffffed10048a873d R12: ffff888024543a90 [ 108.341375] R13: ffff8880245438a8 R14: ffffffffffffffff R15: ffff88801366fc60 [ 108.341845] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.342385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.342791] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.343281] PKRU: 55555554 [ 108.343471] Call Trace: [ 108.343641] [ 108.343792] iommufd_ioas_destroy+0x53/0x70 [ 108.344084] iommufd_fops_release+0x1f7/0x370 [ 108.344387] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.344720] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.345050] ? write_comp_data+0x2f/0x90 [ 108.345327] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.345660] __fput+0x26d/0xa40 [ 108.345892] ____fput+0x1e/0x30 [ 108.346118] task_work_run+0x1a4/0x2d0 [ 108.346381] ? __pfx_task_work_run+0x10/0x10 [ 108.346697] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.347031] ? switch_task_namespaces+0xa9/0xe0 [ 108.347370] do_exit+0xb17/0x2ef0 [ 108.347615] ? lock_acquire+0x427/0x4c0 [ 108.347891] ? __pfx_lock_release+0x10/0x10 [ 108.348187] ? __kasan_check_write+0x18/0x20 [ 108.348487] ? do_raw_spin_lock+0x132/0x2a0 [ 108.348776] ? __pfx_do_exit+0x10/0x10 [ 108.349044] ? debug_smp_processor_id+0x20/0x30 [ 108.349356] ? rcu_is_watching+0x19/0xb0 [ 108.349630] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.349940] ? trace_hardirqs_on+0x26/0x120 [ 108.350237] do_group_exit+0xe0/0x2b0 [ 108.350495] __x64_sys_exit_group+0x47/0x50 [ 108.350807] do_syscall_64+0x3b/0x90 [ 108.351067] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.351436] RIP: 0033:0x7f4b87518a4d [ 108.351689] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.352105] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.352615] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.353095] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.353574] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.354063] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.354567] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.355061] [ 108.355231] irq event stamp: 0 [ 108.355449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.355890] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.356464] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.357031] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.357464] ---[ end trace 0000000000000000 ]--- [ 108.361467] ------------[ cut here ]------------ [ 108.361836] WARNING: CPU: 1 PID: 962 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.362700] Modules linked in: [ 108.362923] CPU: 1 PID: 962 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.363519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.364279] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.364617] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.365842] RSP: 0018:ffff88802449fbb8 EFLAGS: 00010246 [ 108.366202] RAX: 0000000000000000 RBX: ffff8880146848a8 RCX: 0000000000000000 [ 108.366695] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 108.367197] RBP: ffff88802449fbd0 R08: ffffed10028d0933 R09: ffffed10028d0933 [ 108.367697] R10: ffff888014684993 R11: ffffed10028d0932 R12: ffff8880104d7400 [ 108.368193] R13: ffff8880146849e8 R14: ffffffff8352e670 R15: ffff88802449fe68 [ 108.368694] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.369255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.369662] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ee0 [ 108.370164] PKRU: 55555554 [ 108.370363] Call Trace: [ 108.370559] [ 108.370719] __iommufd_access_detach+0x1c2/0x2b0 [ 108.371070] iommufd_access_change_pt+0x149/0x270 [ 108.371431] iommufd_access_replace+0xb4/0x120 [ 108.371764] iommufd_test+0x3e5/0x37e0 [ 108.372040] ? lock_release+0x532/0x770 [ 108.372331] ? __might_fault+0x102/0x1b0 [ 108.372631] ? lock_acquire+0x427/0x4c0 [ 108.372922] ? __pfx_iommufd_test+0x10/0x10 [ 108.373225] ? __pfx_lock_release+0x10/0x10 [ 108.373535] ? __pfx_lock_acquire+0x10/0x10 [ 108.373852] ? write_comp_data+0x2f/0x90 [ 108.374151] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.374499] ? write_comp_data+0x2f/0x90 [ 108.374819] iommufd_fops_ioctl+0x37d/0x510 [ 108.375137] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.375487] ? write_comp_data+0x2f/0x90 [ 108.375786] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.376132] __x64_sys_ioctl+0x1a3/0x230 [ 108.376432] do_syscall_64+0x3b/0x90 [ 108.376706] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.377085] RIP: 0033:0x7f4b8743ee5d [ 108.377354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.378650] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.379193] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.379692] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.380192] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.380689] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.381196] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.381707] [ 108.381872] irq event stamp: 0 [ 108.382096] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.382561] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.383164] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.383755] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.384198] ---[ end trace 0000000000000000 ]--- [ 108.386747] ------------[ cut here ]------------ [ 108.387102] WARNING: CPU: 1 PID: 962 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.387818] Modules linked in: [ 108.388047] CPU: 1 PID: 962 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.388659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.389449] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.389802] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.391144] RSP: 0018:ffff88802449fbd0 EFLAGS: 00010246 [ 108.391535] RAX: 0000000000000000 RBX: ffff8880146848a8 RCX: 0000000000000000 [ 108.392047] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 108.392561] RBP: ffff88802449fbe8 R08: ffffed10028d0933 R09: ffffed10028d0933 [ 108.393077] R10: ffff888014684993 R11: ffffed10028d0932 R12: ffff888013e04400 [ 108.393590] R13: ffff8880146849e8 R14: ffff888010aa9e00 R15: 0000000000000000 [ 108.394098] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.394696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.395120] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.395631] PKRU: 55555554 [ 108.395835] Call Trace: [ 108.396019] [ 108.396184] iommufd_access_destroy_object+0x65/0x170 [ 108.396562] iommufd_object_destroy_user+0x18e/0x220 [ 108.396938] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.397365] iommufd_access_destroy+0x43/0x70 [ 108.397701] iommufd_test_staccess_release+0x8d/0xd0 [ 108.398073] __fput+0x26d/0xa40 [ 108.398326] ____fput+0x1e/0x30 [ 108.398601] task_work_run+0x1a4/0x2d0 [ 108.398901] ? __pfx_task_work_run+0x10/0x10 [ 108.399239] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.399613] ? switch_task_namespaces+0xa9/0xe0 [ 108.399968] do_exit+0xb17/0x2ef0 [ 108.400227] ? lock_acquire+0x427/0x4c0 [ 108.400527] ? __pfx_lock_release+0x10/0x10 [ 108.400851] ? __kasan_check_write+0x18/0x20 [ 108.401180] ? do_raw_spin_lock+0x132/0x2a0 [ 108.401503] ? __pfx_do_exit+0x10/0x10 [ 108.401796] ? debug_smp_processor_id+0x20/0x30 [ 108.402145] ? rcu_is_watching+0x19/0xb0 [ 108.402451] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.402818] ? trace_hardirqs_on+0x26/0x120 [ 108.403154] do_group_exit+0xe0/0x2b0 [ 108.403440] __x64_sys_exit_group+0x47/0x50 [ 108.403756] do_syscall_64+0x3b/0x90 [ 108.404039] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.404432] RIP: 0033:0x7f4b87518a4d [ 108.404710] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.405165] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.405725] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.406247] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.406787] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.407315] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.407835] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.408360] [ 108.408533] irq event stamp: 0 [ 108.408765] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.409229] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.409837] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.410451] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.410932] ---[ end trace 0000000000000000 ]--- [ 108.411587] ------------[ cut here ]------------ [ 108.411932] WARNING: CPU: 1 PID: 962 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.412666] Modules linked in: [ 108.412900] CPU: 1 PID: 962 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.413533] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.414348] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.414741] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.416074] RSP: 0018:ffff88802449fb78 EFLAGS: 00010246 [ 108.416463] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.416980] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 108.417498] RBP: ffff88802449fb98 R08: ffffed10028d093e R09: ffffed10028d093e [ 108.418023] R10: ffff8880146849ef R11: ffffed10028d093d R12: ffff888014684a90 [ 108.418558] R13: ffff8880146848a8 R14: ffffffffffffffff R15: ffff88802449fc60 [ 108.419080] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.419669] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.420090] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.420607] PKRU: 55555554 [ 108.420816] Call Trace: [ 108.421002] [ 108.421177] iommufd_ioas_destroy+0x53/0x70 [ 108.421508] iommufd_fops_release+0x1f7/0x370 [ 108.421852] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.422228] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.422622] ? write_comp_data+0x2f/0x90 [ 108.422940] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.423321] __fput+0x26d/0xa40 [ 108.423583] ____fput+0x1e/0x30 [ 108.423840] task_work_run+0x1a4/0x2d0 [ 108.424142] ? __pfx_task_work_run+0x10/0x10 [ 108.424478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.424849] ? switch_task_namespaces+0xa9/0xe0 [ 108.425210] do_exit+0xb17/0x2ef0 [ 108.425474] ? lock_acquire+0x427/0x4c0 [ 108.425779] ? __pfx_lock_release+0x10/0x10 [ 108.426106] ? __kasan_check_write+0x18/0x20 [ 108.426437] ? do_raw_spin_lock+0x132/0x2a0 [ 108.426781] ? __pfx_do_exit+0x10/0x10 [ 108.427084] ? debug_smp_processor_id+0x20/0x30 [ 108.427442] ? rcu_is_watching+0x19/0xb0 [ 108.427747] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.428088] ? trace_hardirqs_on+0x26/0x120 [ 108.428420] do_group_exit+0xe0/0x2b0 [ 108.428707] __x64_sys_exit_group+0x47/0x50 [ 108.429026] do_syscall_64+0x3b/0x90 [ 108.429313] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.429705] RIP: 0033:0x7f4b87518a4d [ 108.429984] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.430444] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.431033] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.431571] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.432101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.432631] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.433158] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.433696] [ 108.433870] irq event stamp: 0 [ 108.434106] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.434592] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.435227] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.435846] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.436314] ---[ end trace 0000000000000000 ]--- [ 108.440103] ------------[ cut here ]------------ [ 108.440500] WARNING: CPU: 1 PID: 963 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.441253] Modules linked in: [ 108.441491] CPU: 1 PID: 963 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.442132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.443014] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.443394] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.444755] RSP: 0018:ffff888024497bb8 EFLAGS: 00010246 [ 108.445159] RAX: 0000000000000000 RBX: ffff888011eeb8a8 RCX: 0000000000000000 [ 108.445696] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 108.446233] RBP: ffff888024497bd0 R08: ffffed10023dd733 R09: ffffed10023dd733 [ 108.446787] R10: ffff888011eeb993 R11: ffffed10023dd732 R12: ffff88800fe73c00 [ 108.447335] R13: ffff888011eeb9e8 R14: ffffffff8352e670 R15: ffff888024497e68 [ 108.447876] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.448481] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.448921] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 108.449465] PKRU: 55555554 [ 108.449680] Call Trace: [ 108.449875] [ 108.450046] __iommufd_access_detach+0x1c2/0x2b0 [ 108.450420] iommufd_access_change_pt+0x149/0x270 [ 108.450813] iommufd_access_replace+0xb4/0x120 [ 108.451175] iommufd_test+0x3e5/0x37e0 [ 108.451471] ? lock_release+0x532/0x770 [ 108.451781] ? __might_fault+0x102/0x1b0 [ 108.452098] ? lock_acquire+0x427/0x4c0 [ 108.452410] ? __pfx_iommufd_test+0x10/0x10 [ 108.452735] ? __pfx_lock_release+0x10/0x10 [ 108.453068] ? __pfx_lock_acquire+0x10/0x10 [ 108.453406] ? write_comp_data+0x2f/0x90 [ 108.453730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.454106] ? write_comp_data+0x2f/0x90 [ 108.454426] iommufd_fops_ioctl+0x37d/0x510 [ 108.454785] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.455179] ? write_comp_data+0x2f/0x90 [ 108.455501] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.455875] __x64_sys_ioctl+0x1a3/0x230 [ 108.456205] do_syscall_64+0x3b/0x90 [ 108.456504] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.456917] RIP: 0033:0x7f4b8743ee5d [ 108.457207] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.458648] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.459254] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.459814] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.460375] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.460930] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.461484] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.462050] [ 108.462235] irq event stamp: 0 [ 108.462482] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.463010] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.463679] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.464326] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.464821] ---[ end trace 0000000000000000 ]--- [ 108.467528] ------------[ cut here ]------------ [ 108.467919] WARNING: CPU: 1 PID: 963 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.468696] Modules linked in: [ 108.468950] CPU: 1 PID: 963 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.469625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.470497] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.470904] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.472466] RSP: 0018:ffff888024497bd0 EFLAGS: 00010246 [ 108.472883] RAX: 0000000000000000 RBX: ffff888011eeb8a8 RCX: 0000000000000000 [ 108.473435] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 108.473981] RBP: ffff888024497be8 R08: ffffed10023dd733 R09: ffffed10023dd733 [ 108.474566] R10: ffff888011eeb993 R11: ffffed10023dd732 R12: ffff8880104d5800 [ 108.475140] R13: ffff888011eeb9e8 R14: ffff8880121a4d00 R15: 0000000000000000 [ 108.475688] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.476306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.476757] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.477307] PKRU: 55555554 [ 108.477529] Call Trace: [ 108.477729] [ 108.477907] iommufd_access_destroy_object+0x65/0x170 [ 108.478310] iommufd_object_destroy_user+0x18e/0x220 [ 108.478723] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.479184] iommufd_access_destroy+0x43/0x70 [ 108.479542] iommufd_test_staccess_release+0x8d/0xd0 [ 108.479942] __fput+0x26d/0xa40 [ 108.480211] ____fput+0x1e/0x30 [ 108.480475] task_work_run+0x1a4/0x2d0 [ 108.480786] ? __pfx_task_work_run+0x10/0x10 [ 108.481132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.481516] ? switch_task_namespaces+0xa9/0xe0 [ 108.481884] do_exit+0xb17/0x2ef0 [ 108.482154] ? lock_acquire+0x427/0x4c0 [ 108.482471] ? __pfx_lock_release+0x10/0x10 [ 108.482824] ? __kasan_check_write+0x18/0x20 [ 108.483176] ? do_raw_spin_lock+0x132/0x2a0 [ 108.483514] ? __pfx_do_exit+0x10/0x10 [ 108.483824] ? debug_smp_processor_id+0x20/0x30 [ 108.484189] ? rcu_is_watching+0x19/0xb0 [ 108.484507] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.484862] ? trace_hardirqs_on+0x26/0x120 [ 108.485205] do_group_exit+0xe0/0x2b0 [ 108.485504] __x64_sys_exit_group+0x47/0x50 [ 108.485843] do_syscall_64+0x3b/0x90 [ 108.486144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.486571] RIP: 0033:0x7f4b87518a4d [ 108.486862] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.487354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.487940] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.488490] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.489039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.489585] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.490134] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.490707] [ 108.490893] irq event stamp: 0 [ 108.491144] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.491628] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.492274] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.492922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.493405] ---[ end trace 0000000000000000 ]--- [ 108.494092] ------------[ cut here ]------------ [ 108.494454] WARNING: CPU: 1 PID: 963 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.495255] Modules linked in: [ 108.495508] CPU: 1 PID: 963 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.496178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.497042] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.497438] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.498853] RSP: 0018:ffff888024497b78 EFLAGS: 00010246 [ 108.499267] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.499816] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 108.500362] RBP: ffff888024497b98 R08: ffffed10023dd73e R09: ffffed10023dd73e [ 108.500912] R10: ffff888011eeb9ef R11: ffffed10023dd73d R12: ffff888011eeba90 [ 108.501458] R13: ffff888011eeb8a8 R14: ffffffffffffffff R15: ffff888024497c60 [ 108.502005] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.502635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.503085] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.503637] PKRU: 55555554 [ 108.503856] Call Trace: [ 108.504054] [ 108.504229] iommufd_ioas_destroy+0x53/0x70 [ 108.504568] iommufd_fops_release+0x1f7/0x370 [ 108.504921] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.505312] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.505699] ? write_comp_data+0x2f/0x90 [ 108.506032] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.506419] __fput+0x26d/0xa40 [ 108.506703] ____fput+0x1e/0x30 [ 108.506968] task_work_run+0x1a4/0x2d0 [ 108.507284] ? __pfx_task_work_run+0x10/0x10 [ 108.507630] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.508013] ? switch_task_namespaces+0xa9/0xe0 [ 108.508383] do_exit+0xb17/0x2ef0 [ 108.508653] ? lock_acquire+0x427/0x4c0 [ 108.508971] ? __pfx_lock_release+0x10/0x10 [ 108.509312] ? __kasan_check_write+0x18/0x20 [ 108.509653] ? do_raw_spin_lock+0x132/0x2a0 [ 108.509981] ? __pfx_do_exit+0x10/0x10 [ 108.510283] ? debug_smp_processor_id+0x20/0x30 [ 108.510651] ? rcu_is_watching+0x19/0xb0 [ 108.510962] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.511313] ? trace_hardirqs_on+0x26/0x120 [ 108.511647] do_group_exit+0xe0/0x2b0 [ 108.511935] __x64_sys_exit_group+0x47/0x50 [ 108.512259] do_syscall_64+0x3b/0x90 [ 108.512548] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.512945] RIP: 0033:0x7f4b87518a4d [ 108.513223] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.513683] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.514251] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.514795] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.515331] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.515855] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.516376] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.516906] [ 108.517078] irq event stamp: 0 [ 108.517310] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.517772] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.518383] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.519009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.519477] ---[ end trace 0000000000000000 ]--- [ 108.523548] ------------[ cut here ]------------ [ 108.523928] WARNING: CPU: 1 PID: 964 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.524654] Modules linked in: [ 108.524888] CPU: 1 PID: 964 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.525512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.526320] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.526898] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.528183] RSP: 0018:ffff88800fa97bb8 EFLAGS: 00010246 [ 108.528551] RAX: 0000000000000000 RBX: ffff888016ef60a8 RCX: 0000000000000000 [ 108.529044] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 108.529536] RBP: ffff88800fa97bd0 R08: ffffed1002ddec33 R09: ffffed1002ddec33 [ 108.530028] R10: ffff888016ef6193 R11: ffffed1002ddec32 R12: ffff88802190d400 [ 108.530531] R13: ffff888016ef61e8 R14: ffffffff8352e670 R15: ffff88800fa97e68 [ 108.531029] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.531589] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.531991] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 108.532486] PKRU: 55555554 [ 108.532682] Call Trace: [ 108.532860] [ 108.533017] __iommufd_access_detach+0x1c2/0x2b0 [ 108.533357] iommufd_access_change_pt+0x149/0x270 [ 108.533704] iommufd_access_replace+0xb4/0x120 [ 108.534031] iommufd_test+0x3e5/0x37e0 [ 108.534303] ? lock_release+0x532/0x770 [ 108.534599] ? __might_fault+0x102/0x1b0 [ 108.534890] ? lock_acquire+0x427/0x4c0 [ 108.535180] ? __pfx_iommufd_test+0x10/0x10 [ 108.535481] ? __pfx_lock_release+0x10/0x10 [ 108.535790] ? __pfx_lock_acquire+0x10/0x10 [ 108.536100] ? write_comp_data+0x2f/0x90 [ 108.536392] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.536737] ? write_comp_data+0x2f/0x90 [ 108.537031] iommufd_fops_ioctl+0x37d/0x510 [ 108.537335] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.537680] ? write_comp_data+0x2f/0x90 [ 108.537973] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.538312] __x64_sys_ioctl+0x1a3/0x230 [ 108.538615] do_syscall_64+0x3b/0x90 [ 108.538885] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.539255] RIP: 0033:0x7f4b8743ee5d [ 108.539515] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.540767] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.541286] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.541771] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.542256] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.542754] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.543252] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.543748] [ 108.543910] irq event stamp: 0 [ 108.544123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.544548] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.545115] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.545674] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.546096] ---[ end trace 0000000000000000 ]--- [ 108.548473] ------------[ cut here ]------------ [ 108.548795] WARNING: CPU: 1 PID: 964 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.549469] Modules linked in: [ 108.549685] CPU: 1 PID: 964 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.550269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.551214] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.551550] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.552774] RSP: 0018:ffff88800fa97bd0 EFLAGS: 00010246 [ 108.553131] RAX: 0000000000000000 RBX: ffff888016ef60a8 RCX: 0000000000000000 [ 108.553608] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 108.554086] RBP: ffff88800fa97be8 R08: ffffed1002ddec33 R09: ffffed1002ddec33 [ 108.554572] R10: ffff888016ef6193 R11: ffffed1002ddec32 R12: ffff88800fe71400 [ 108.555045] R13: ffff888016ef61e8 R14: ffff88801663f800 R15: 0000000000000000 [ 108.555523] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.556055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.556440] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.556913] PKRU: 55555554 [ 108.557101] Call Trace: [ 108.557271] [ 108.557421] iommufd_access_destroy_object+0x65/0x170 [ 108.557767] iommufd_object_destroy_user+0x18e/0x220 [ 108.558110] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.558501] iommufd_access_destroy+0x43/0x70 [ 108.558823] iommufd_test_staccess_release+0x8d/0xd0 [ 108.559183] __fput+0x26d/0xa40 [ 108.559417] ____fput+0x1e/0x30 [ 108.559644] task_work_run+0x1a4/0x2d0 [ 108.559907] ? __pfx_task_work_run+0x10/0x10 [ 108.560201] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.560525] ? switch_task_namespaces+0xa9/0xe0 [ 108.560840] do_exit+0xb17/0x2ef0 [ 108.561071] ? lock_acquire+0x427/0x4c0 [ 108.561340] ? __pfx_lock_release+0x10/0x10 [ 108.561629] ? __kasan_check_write+0x18/0x20 [ 108.561921] ? do_raw_spin_lock+0x132/0x2a0 [ 108.562206] ? __pfx_do_exit+0x10/0x10 [ 108.562470] ? debug_smp_processor_id+0x20/0x30 [ 108.562788] ? rcu_is_watching+0x19/0xb0 [ 108.563057] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.563362] ? trace_hardirqs_on+0x26/0x120 [ 108.563650] do_group_exit+0xe0/0x2b0 [ 108.563902] __x64_sys_exit_group+0x47/0x50 [ 108.564184] do_syscall_64+0x3b/0x90 [ 108.564436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.564778] RIP: 0033:0x7f4b87518a4d [ 108.565018] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.565414] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.565904] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.566362] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.566828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.567287] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.567745] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.568208] [ 108.568359] irq event stamp: 0 [ 108.568563] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.568969] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.569504] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.570039] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.570442] ---[ end trace 0000000000000000 ]--- [ 108.571005] ------------[ cut here ]------------ [ 108.571309] WARNING: CPU: 1 PID: 964 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.571959] Modules linked in: [ 108.572165] CPU: 1 PID: 964 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.572725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.573448] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.573781] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.574948] RSP: 0018:ffff88800fa97b78 EFLAGS: 00010246 [ 108.575289] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.575738] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 108.576188] RBP: ffff88800fa97b98 R08: ffffed1002ddec3e R09: ffffed1002ddec3e [ 108.576640] R10: ffff888016ef61ef R11: ffffed1002ddec3d R12: ffff888016ef6290 [ 108.577084] R13: ffff888016ef60a8 R14: ffffffffffffffff R15: ffff88800fa97c60 [ 108.577528] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.578029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.578390] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.578844] PKRU: 55555554 [ 108.579023] Call Trace: [ 108.579188] [ 108.579331] iommufd_ioas_destroy+0x53/0x70 [ 108.579606] iommufd_fops_release+0x1f7/0x370 [ 108.579897] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.580214] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.580526] ? write_comp_data+0x2f/0x90 [ 108.580790] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.581106] __fput+0x26d/0xa40 [ 108.581325] ____fput+0x1e/0x30 [ 108.581541] task_work_run+0x1a4/0x2d0 [ 108.581795] ? __pfx_task_work_run+0x10/0x10 [ 108.582077] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.582389] ? switch_task_namespaces+0xa9/0xe0 [ 108.582706] do_exit+0xb17/0x2ef0 [ 108.582927] ? lock_acquire+0x427/0x4c0 [ 108.583189] ? __pfx_lock_release+0x10/0x10 [ 108.583468] ? __kasan_check_write+0x18/0x20 [ 108.583749] ? do_raw_spin_lock+0x132/0x2a0 [ 108.584025] ? __pfx_do_exit+0x10/0x10 [ 108.584278] ? debug_smp_processor_id+0x20/0x30 [ 108.584575] ? rcu_is_watching+0x19/0xb0 [ 108.584832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.585121] ? trace_hardirqs_on+0x26/0x120 [ 108.585397] do_group_exit+0xe0/0x2b0 [ 108.585639] __x64_sys_exit_group+0x47/0x50 [ 108.585910] do_syscall_64+0x3b/0x90 [ 108.586151] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.586481] RIP: 0033:0x7f4b87518a4d [ 108.586729] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.587122] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.587596] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.588041] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.588486] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.588930] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.589386] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.589833] [ 108.589980] irq event stamp: 0 [ 108.590177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.590577] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.591092] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.591611] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.591993] ---[ end trace 0000000000000000 ]--- [ 108.594959] ------------[ cut here ]------------ [ 108.595278] WARNING: CPU: 1 PID: 965 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.595893] Modules linked in: [ 108.596089] CPU: 1 PID: 965 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.596617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.597304] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.597607] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.598735] RSP: 0018:ffff8880244efbb8 EFLAGS: 00010246 [ 108.599059] RAX: 0000000000000000 RBX: ffff8880173450a8 RCX: 0000000000000000 [ 108.599495] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 108.599927] RBP: ffff8880244efbd0 R08: ffffed1002e68a33 R09: ffffed1002e68a33 [ 108.600359] R10: ffff888017345193 R11: ffffed1002e68a32 R12: ffff888012ffc400 [ 108.600791] R13: ffff8880173451e8 R14: ffffffff8352e670 R15: ffff8880244efe68 [ 108.601223] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.601713] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.602065] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ee0 [ 108.602499] PKRU: 55555554 [ 108.602686] Call Trace: [ 108.602845] [ 108.602984] __iommufd_access_detach+0x1c2/0x2b0 [ 108.603287] iommufd_access_change_pt+0x149/0x270 [ 108.603591] iommufd_access_replace+0xb4/0x120 [ 108.603879] iommufd_test+0x3e5/0x37e0 [ 108.604118] ? lock_release+0x532/0x770 [ 108.604370] ? __might_fault+0x102/0x1b0 [ 108.604624] ? lock_acquire+0x427/0x4c0 [ 108.604877] ? __pfx_iommufd_test+0x10/0x10 [ 108.605140] ? __pfx_lock_release+0x10/0x10 [ 108.605412] ? __pfx_lock_acquire+0x10/0x10 [ 108.605686] ? write_comp_data+0x2f/0x90 [ 108.605942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.606245] ? write_comp_data+0x2f/0x90 [ 108.606502] iommufd_fops_ioctl+0x37d/0x510 [ 108.606783] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.607085] ? write_comp_data+0x2f/0x90 [ 108.607342] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.607637] __x64_sys_ioctl+0x1a3/0x230 [ 108.607892] do_syscall_64+0x3b/0x90 [ 108.608125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.608445] RIP: 0033:0x7f4b8743ee5d [ 108.608669] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.609764] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.610220] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.610656] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.611087] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.611517] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.611949] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.612384] [ 108.612527] irq event stamp: 0 [ 108.612720] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.613095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.613589] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.614090] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.614468] ---[ end trace 0000000000000000 ]--- [ 108.616575] ------------[ cut here ]------------ [ 108.616863] WARNING: CPU: 1 PID: 965 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.617466] Modules linked in: [ 108.617656] CPU: 1 PID: 965 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.618169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.618854] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.619159] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.620257] RSP: 0018:ffff8880244efbd0 EFLAGS: 00010246 [ 108.620577] RAX: 0000000000000000 RBX: ffff8880173450a8 RCX: 0000000000000000 [ 108.621009] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 108.621430] RBP: ffff8880244efbe8 R08: ffffed1002e68a33 R09: ffffed1002e68a33 [ 108.621857] R10: ffff888017345193 R11: ffffed1002e68a32 R12: ffff88802190f400 [ 108.622283] R13: ffff8880173451e8 R14: ffff8880209b7500 R15: 0000000000000000 [ 108.622717] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.623206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.623555] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.623981] PKRU: 55555554 [ 108.624151] Call Trace: [ 108.624307] [ 108.624443] iommufd_access_destroy_object+0x65/0x170 [ 108.624754] iommufd_object_destroy_user+0x18e/0x220 [ 108.625064] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.625416] iommufd_access_destroy+0x43/0x70 [ 108.625691] iommufd_test_staccess_release+0x8d/0xd0 [ 108.626000] __fput+0x26d/0xa40 [ 108.626205] ____fput+0x1e/0x30 [ 108.626412] task_work_run+0x1a4/0x2d0 [ 108.626661] ? __pfx_task_work_run+0x10/0x10 [ 108.626932] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.627231] ? switch_task_namespaces+0xa9/0xe0 [ 108.627520] do_exit+0xb17/0x2ef0 [ 108.627729] ? lock_acquire+0x427/0x4c0 [ 108.627971] ? __pfx_lock_release+0x10/0x10 [ 108.628236] ? __kasan_check_write+0x18/0x20 [ 108.628500] ? do_raw_spin_lock+0x132/0x2a0 [ 108.628760] ? __pfx_do_exit+0x10/0x10 [ 108.629001] ? debug_smp_processor_id+0x20/0x30 [ 108.629280] ? rcu_is_watching+0x19/0xb0 [ 108.629524] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.629800] ? trace_hardirqs_on+0x26/0x120 [ 108.630065] do_group_exit+0xe0/0x2b0 [ 108.630296] __x64_sys_exit_group+0x47/0x50 [ 108.630566] do_syscall_64+0x3b/0x90 [ 108.630798] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.631116] RIP: 0033:0x7f4b87518a4d [ 108.631340] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.631708] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.632162] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.632580] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.633002] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.633424] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.633844] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.634272] [ 108.634412] irq event stamp: 0 [ 108.634613] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.634991] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.635493] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.635979] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.636347] ---[ end trace 0000000000000000 ]--- [ 108.636858] ------------[ cut here ]------------ [ 108.637133] WARNING: CPU: 1 PID: 965 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.637732] Modules linked in: [ 108.637922] CPU: 1 PID: 965 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.638440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.639124] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.639432] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.640521] RSP: 0018:ffff8880244efb78 EFLAGS: 00010246 [ 108.640836] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.641257] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 108.641667] RBP: ffff8880244efb98 R08: ffffed1002e68a3e R09: ffffed1002e68a3e [ 108.642075] R10: ffff8880173451ef R11: ffffed1002e68a3d R12: ffff888017345290 [ 108.642494] R13: ffff8880173450a8 R14: ffffffffffffffff R15: ffff8880244efc60 [ 108.642933] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.643413] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.643753] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.644161] PKRU: 55555554 [ 108.644325] Call Trace: [ 108.644473] [ 108.644609] iommufd_ioas_destroy+0x53/0x70 [ 108.644868] iommufd_fops_release+0x1f7/0x370 [ 108.645132] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.645423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.645710] ? write_comp_data+0x2f/0x90 [ 108.645961] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.646262] __fput+0x26d/0xa40 [ 108.646469] ____fput+0x1e/0x30 [ 108.646683] task_work_run+0x1a4/0x2d0 [ 108.646923] ? __pfx_task_work_run+0x10/0x10 [ 108.647195] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.647491] ? switch_task_namespaces+0xa9/0xe0 [ 108.647778] do_exit+0xb17/0x2ef0 [ 108.647987] ? lock_acquire+0x427/0x4c0 [ 108.648232] ? __pfx_lock_release+0x10/0x10 [ 108.648489] ? __kasan_check_write+0x18/0x20 [ 108.648746] ? do_raw_spin_lock+0x132/0x2a0 [ 108.648996] ? __pfx_do_exit+0x10/0x10 [ 108.649232] ? debug_smp_processor_id+0x20/0x30 [ 108.649510] ? rcu_is_watching+0x19/0xb0 [ 108.649748] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.650014] ? trace_hardirqs_on+0x26/0x120 [ 108.650267] do_group_exit+0xe0/0x2b0 [ 108.650492] __x64_sys_exit_group+0x47/0x50 [ 108.650765] do_syscall_64+0x3b/0x90 [ 108.650995] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.651313] RIP: 0033:0x7f4b87518a4d [ 108.651534] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.651900] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.652351] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.652774] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.653196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.653617] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.654037] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.654460] [ 108.654607] irq event stamp: 0 [ 108.654799] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.655174] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.655664] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.656143] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.656513] ---[ end trace 0000000000000000 ]--- [ 108.660164] ------------[ cut here ]------------ [ 108.660453] WARNING: CPU: 1 PID: 966 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.661026] Modules linked in: [ 108.661212] CPU: 1 PID: 966 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.661709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.662351] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.662791] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.663855] RSP: 0018:ffff8880134d7bb8 EFLAGS: 00010246 [ 108.664160] RAX: 0000000000000000 RBX: ffff8880136770a8 RCX: 0000000000000000 [ 108.664571] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 108.664973] RBP: ffff8880134d7bd0 R08: ffffed10026cee33 R09: ffffed10026cee33 [ 108.665381] R10: ffff888013677193 R11: ffffed10026cee32 R12: ffff888013e98400 [ 108.665792] R13: ffff8880136771e8 R14: ffffffff8352e670 R15: ffff8880134d7e68 [ 108.666193] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.666665] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.667009] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 108.667435] PKRU: 55555554 [ 108.667603] Call Trace: [ 108.667755] [ 108.667890] __iommufd_access_detach+0x1c2/0x2b0 [ 108.668180] iommufd_access_change_pt+0x149/0x270 [ 108.668475] iommufd_access_replace+0xb4/0x120 [ 108.668756] iommufd_test+0x3e5/0x37e0 [ 108.668983] ? lock_release+0x532/0x770 [ 108.669227] ? __might_fault+0x102/0x1b0 [ 108.669466] ? lock_acquire+0x427/0x4c0 [ 108.669699] ? __pfx_iommufd_test+0x10/0x10 [ 108.669948] ? __pfx_lock_release+0x10/0x10 [ 108.670212] ? __pfx_lock_acquire+0x10/0x10 [ 108.670479] ? write_comp_data+0x2f/0x90 [ 108.670737] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.671033] ? write_comp_data+0x2f/0x90 [ 108.671289] iommufd_fops_ioctl+0x37d/0x510 [ 108.671549] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.671835] ? write_comp_data+0x2f/0x90 [ 108.672073] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.672356] __x64_sys_ioctl+0x1a3/0x230 [ 108.672594] do_syscall_64+0x3b/0x90 [ 108.672820] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.673119] RIP: 0033:0x7f4b8743ee5d [ 108.673329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.674367] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.674812] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.675235] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.675656] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.676064] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.676474] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.676881] [ 108.677021] irq event stamp: 0 [ 108.677200] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.677559] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.678032] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.678531] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.678904] ---[ end trace 0000000000000000 ]--- [ 108.680958] ------------[ cut here ]------------ [ 108.681234] WARNING: CPU: 1 PID: 966 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.681809] Modules linked in: [ 108.681998] CPU: 1 PID: 966 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.682520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.683185] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.683479] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.684533] RSP: 0018:ffff8880134d7bd0 EFLAGS: 00010246 [ 108.684830] RAX: 0000000000000000 RBX: ffff8880136770a8 RCX: 0000000000000000 [ 108.685237] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 108.685648] RBP: ffff8880134d7be8 R08: ffffed10026cee33 R09: ffffed10026cee33 [ 108.686045] R10: ffff888013677193 R11: ffffed10026cee32 R12: ffff888012ffc000 [ 108.686456] R13: ffff8880136771e8 R14: ffff8880142edb00 R15: 0000000000000000 [ 108.686884] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.687367] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.687711] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.688110] PKRU: 55555554 [ 108.688266] Call Trace: [ 108.688407] [ 108.688541] iommufd_access_destroy_object+0x65/0x170 [ 108.688842] iommufd_object_destroy_user+0x18e/0x220 [ 108.689136] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.689461] iommufd_access_destroy+0x43/0x70 [ 108.689727] iommufd_test_staccess_release+0x8d/0xd0 [ 108.690043] __fput+0x26d/0xa40 [ 108.690252] ____fput+0x1e/0x30 [ 108.690455] task_work_run+0x1a4/0x2d0 [ 108.690701] ? __pfx_task_work_run+0x10/0x10 [ 108.690966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.691261] ? switch_task_namespaces+0xa9/0xe0 [ 108.691544] do_exit+0xb17/0x2ef0 [ 108.691749] ? lock_acquire+0x427/0x4c0 [ 108.691990] ? __pfx_lock_release+0x10/0x10 [ 108.692250] ? __kasan_check_write+0x18/0x20 [ 108.692503] ? do_raw_spin_lock+0x132/0x2a0 [ 108.692742] ? __pfx_do_exit+0x10/0x10 [ 108.692962] ? debug_smp_processor_id+0x20/0x30 [ 108.693220] ? rcu_is_watching+0x19/0xb0 [ 108.693459] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.693722] ? trace_hardirqs_on+0x26/0x120 [ 108.693963] do_group_exit+0xe0/0x2b0 [ 108.694174] __x64_sys_exit_group+0x47/0x50 [ 108.694419] do_syscall_64+0x3b/0x90 [ 108.694655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.694965] RIP: 0033:0x7f4b87518a4d [ 108.695185] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.695545] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.695987] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.696402] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.696817] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.697208] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.697599] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.698013] [ 108.698151] irq event stamp: 0 [ 108.698337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.698714] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.699204] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.699691] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.700059] ---[ end trace 0000000000000000 ]--- [ 108.700568] ------------[ cut here ]------------ [ 108.700840] WARNING: CPU: 1 PID: 966 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.701418] Modules linked in: [ 108.701593] CPU: 1 PID: 966 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.702063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.702719] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.703019] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.704053] RSP: 0018:ffff8880134d7b78 EFLAGS: 00010246 [ 108.704345] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.704752] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 108.705143] RBP: ffff8880134d7b98 R08: ffffed10026cee3e R09: ffffed10026cee3e [ 108.705532] R10: ffff8880136771ef R11: ffffed10026cee3d R12: ffff888013677290 [ 108.705943] R13: ffff8880136770a8 R14: ffffffffffffffff R15: ffff8880134d7c60 [ 108.706357] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.706831] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.707171] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.707586] PKRU: 55555554 [ 108.707751] Call Trace: [ 108.707902] [ 108.708036] iommufd_ioas_destroy+0x53/0x70 [ 108.708291] iommufd_fops_release+0x1f7/0x370 [ 108.708559] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.708853] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.709143] ? write_comp_data+0x2f/0x90 [ 108.709385] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.709659] __fput+0x26d/0xa40 [ 108.709849] ____fput+0x1e/0x30 [ 108.710037] task_work_run+0x1a4/0x2d0 [ 108.710271] ? __pfx_task_work_run+0x10/0x10 [ 108.710537] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.710827] ? switch_task_namespaces+0xa9/0xe0 [ 108.711112] do_exit+0xb17/0x2ef0 [ 108.711316] ? lock_acquire+0x427/0x4c0 [ 108.711557] ? __pfx_lock_release+0x10/0x10 [ 108.711815] ? __kasan_check_write+0x18/0x20 [ 108.712076] ? do_raw_spin_lock+0x132/0x2a0 [ 108.712330] ? __pfx_do_exit+0x10/0x10 [ 108.712556] ? debug_smp_processor_id+0x20/0x30 [ 108.712824] ? rcu_is_watching+0x19/0xb0 [ 108.713048] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.713306] ? trace_hardirqs_on+0x26/0x120 [ 108.713558] do_group_exit+0xe0/0x2b0 [ 108.713770] __x64_sys_exit_group+0x47/0x50 [ 108.714020] do_syscall_64+0x3b/0x90 [ 108.714245] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.714561] RIP: 0033:0x7f4b87518a4d [ 108.714779] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.715141] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.715583] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.715997] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.716411] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.716824] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.717238] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.717632] [ 108.717767] irq event stamp: 0 [ 108.717952] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.718318] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.718815] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.719302] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.719667] ---[ end trace 0000000000000000 ]--- [ 108.723125] ------------[ cut here ]------------ [ 108.723421] WARNING: CPU: 1 PID: 967 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.724010] Modules linked in: [ 108.724200] CPU: 1 PID: 967 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.724712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.725370] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.725666] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.726882] RSP: 0018:ffff888020d5fbb8 EFLAGS: 00010246 [ 108.727199] RAX: 0000000000000000 RBX: ffff8880244630a8 RCX: 0000000000000000 [ 108.727614] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 108.728029] RBP: ffff888020d5fbd0 R08: ffffed100488c633 R09: ffffed100488c633 [ 108.728445] R10: ffff888024463193 R11: ffffed100488c632 R12: ffff888013407c00 [ 108.728861] R13: ffff8880244631e8 R14: ffffffff8352e670 R15: ffff888020d5fe68 [ 108.729276] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.729745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.730084] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 108.730501] PKRU: 55555554 [ 108.730678] Call Trace: [ 108.730829] [ 108.730963] __iommufd_access_detach+0x1c2/0x2b0 [ 108.731256] iommufd_access_change_pt+0x149/0x270 [ 108.731548] iommufd_access_replace+0xb4/0x120 [ 108.731826] iommufd_test+0x3e5/0x37e0 [ 108.732057] ? lock_release+0x532/0x770 [ 108.732299] ? __might_fault+0x102/0x1b0 [ 108.732544] ? lock_acquire+0x427/0x4c0 [ 108.732787] ? __pfx_iommufd_test+0x10/0x10 [ 108.733041] ? __pfx_lock_release+0x10/0x10 [ 108.733302] ? __pfx_lock_acquire+0x10/0x10 [ 108.733565] ? write_comp_data+0x2f/0x90 [ 108.733813] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.734104] ? write_comp_data+0x2f/0x90 [ 108.734352] iommufd_fops_ioctl+0x37d/0x510 [ 108.734619] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.734911] ? write_comp_data+0x2f/0x90 [ 108.735165] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.735452] __x64_sys_ioctl+0x1a3/0x230 [ 108.735700] do_syscall_64+0x3b/0x90 [ 108.735927] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.736236] RIP: 0033:0x7f4b8743ee5d [ 108.736454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.737516] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.737961] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.738377] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.738800] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.739220] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.739636] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.740057] [ 108.740194] irq event stamp: 0 [ 108.740381] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.740749] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.741237] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.741726] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.742094] ---[ end trace 0000000000000000 ]--- [ 108.744209] ------------[ cut here ]------------ [ 108.744488] WARNING: CPU: 1 PID: 967 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.745071] Modules linked in: [ 108.745258] CPU: 1 PID: 967 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.745761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.746415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.746717] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.747780] RSP: 0018:ffff888020d5fbd0 EFLAGS: 00010246 [ 108.748090] RAX: 0000000000000000 RBX: ffff8880244630a8 RCX: 0000000000000000 [ 108.748504] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 108.748917] RBP: ffff888020d5fbe8 R08: ffffed100488c633 R09: ffffed100488c633 [ 108.749332] R10: ffff888024463193 R11: ffffed100488c632 R12: ffff888013e98000 [ 108.749746] R13: ffff8880244631e8 R14: ffff888020987600 R15: 0000000000000000 [ 108.750160] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.750634] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.750973] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.751397] PKRU: 55555554 [ 108.751562] Call Trace: [ 108.751713] [ 108.751846] iommufd_access_destroy_object+0x65/0x170 [ 108.752150] iommufd_object_destroy_user+0x18e/0x220 [ 108.752452] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.752796] iommufd_access_destroy+0x43/0x70 [ 108.753068] iommufd_test_staccess_release+0x8d/0xd0 [ 108.753372] __fput+0x26d/0xa40 [ 108.753577] ____fput+0x1e/0x30 [ 108.753779] task_work_run+0x1a4/0x2d0 [ 108.754014] ? __pfx_task_work_run+0x10/0x10 [ 108.754278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.754583] ? switch_task_namespaces+0xa9/0xe0 [ 108.754866] do_exit+0xb17/0x2ef0 [ 108.755070] ? lock_acquire+0x427/0x4c0 [ 108.755312] ? __pfx_lock_release+0x10/0x10 [ 108.755570] ? __kasan_check_write+0x18/0x20 [ 108.755830] ? do_raw_spin_lock+0x132/0x2a0 [ 108.756085] ? __pfx_do_exit+0x10/0x10 [ 108.756323] ? debug_smp_processor_id+0x20/0x30 [ 108.756597] ? rcu_is_watching+0x19/0xb0 [ 108.756840] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.757109] ? trace_hardirqs_on+0x26/0x120 [ 108.757367] do_group_exit+0xe0/0x2b0 [ 108.757593] __x64_sys_exit_group+0x47/0x50 [ 108.757846] do_syscall_64+0x3b/0x90 [ 108.758072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.758381] RIP: 0033:0x7f4b87518a4d [ 108.758606] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.758964] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.759412] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.759826] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.760240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.760653] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.761067] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.761486] [ 108.761623] irq event stamp: 0 [ 108.761809] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.762175] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.762671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.763162] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.763529] ---[ end trace 0000000000000000 ]--- [ 108.764034] ------------[ cut here ]------------ [ 108.764306] WARNING: CPU: 1 PID: 967 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.764891] Modules linked in: [ 108.765078] CPU: 1 PID: 967 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.765583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.766239] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.766548] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.767611] RSP: 0018:ffff888020d5fb78 EFLAGS: 00010246 [ 108.767920] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.768334] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 108.768748] RBP: ffff888020d5fb98 R08: ffffed100488c63e R09: ffffed100488c63e [ 108.769162] R10: ffff8880244631ef R11: ffffed100488c63d R12: ffff888024463290 [ 108.769577] R13: ffff8880244630a8 R14: ffffffffffffffff R15: ffff888020d5fc60 [ 108.769991] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.770459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.770779] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.771163] PKRU: 55555554 [ 108.771329] Call Trace: [ 108.771479] [ 108.771612] iommufd_ioas_destroy+0x53/0x70 [ 108.771867] iommufd_fops_release+0x1f7/0x370 [ 108.772135] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.772430] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.772717] ? write_comp_data+0x2f/0x90 [ 108.772943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.773213] __fput+0x26d/0xa40 [ 108.773400] ____fput+0x1e/0x30 [ 108.773585] task_work_run+0x1a4/0x2d0 [ 108.773818] ? __pfx_task_work_run+0x10/0x10 [ 108.774065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.774331] ? switch_task_namespaces+0xa9/0xe0 [ 108.774598] do_exit+0xb17/0x2ef0 [ 108.774799] ? lock_acquire+0x427/0x4c0 [ 108.775039] ? __pfx_lock_release+0x10/0x10 [ 108.775301] ? __kasan_check_write+0x18/0x20 [ 108.775564] ? do_raw_spin_lock+0x132/0x2a0 [ 108.775819] ? __pfx_do_exit+0x10/0x10 [ 108.776055] ? debug_smp_processor_id+0x20/0x30 [ 108.776329] ? rcu_is_watching+0x19/0xb0 [ 108.776568] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.776838] ? trace_hardirqs_on+0x26/0x120 [ 108.777096] do_group_exit+0xe0/0x2b0 [ 108.777321] __x64_sys_exit_group+0x47/0x50 [ 108.777554] do_syscall_64+0x3b/0x90 [ 108.777763] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.778044] RIP: 0033:0x7f4b87518a4d [ 108.778248] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.778613] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.779055] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.779469] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.779882] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.780295] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.780707] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.781126] [ 108.781263] irq event stamp: 0 [ 108.781448] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.781813] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.782298] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.782790] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.783164] ---[ end trace 0000000000000000 ]--- [ 108.786061] ------------[ cut here ]------------ [ 108.786349] WARNING: CPU: 1 PID: 968 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.787083] Modules linked in: [ 108.787280] CPU: 1 PID: 968 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.787783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.788434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.788724] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.789775] RSP: 0018:ffff88800f0d7bb8 EFLAGS: 00010246 [ 108.790085] RAX: 0000000000000000 RBX: ffff888011ed00a8 RCX: 0000000000000000 [ 108.790498] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 108.790929] RBP: ffff88800f0d7bd0 R08: ffffed10023da033 R09: ffffed10023da033 [ 108.791342] R10: ffff888011ed0193 R11: ffffed10023da032 R12: ffff8880144d5400 [ 108.791752] R13: ffff888011ed01e8 R14: ffffffff8352e670 R15: ffff88800f0d7e68 [ 108.792160] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.792620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.792955] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 108.793363] PKRU: 55555554 [ 108.793527] Call Trace: [ 108.793675] [ 108.793806] __iommufd_access_detach+0x1c2/0x2b0 [ 108.794090] iommufd_access_change_pt+0x149/0x270 [ 108.794377] iommufd_access_replace+0xb4/0x120 [ 108.794658] iommufd_test+0x3e5/0x37e0 [ 108.794886] ? lock_release+0x532/0x770 [ 108.795128] ? __might_fault+0x102/0x1b0 [ 108.795370] ? lock_acquire+0x427/0x4c0 [ 108.795609] ? __pfx_iommufd_test+0x10/0x10 [ 108.795859] ? __pfx_lock_release+0x10/0x10 [ 108.796116] ? __pfx_lock_acquire+0x10/0x10 [ 108.796374] ? write_comp_data+0x2f/0x90 [ 108.796616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.796902] ? write_comp_data+0x2f/0x90 [ 108.797146] iommufd_fops_ioctl+0x37d/0x510 [ 108.797400] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.797686] ? write_comp_data+0x2f/0x90 [ 108.797930] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.798212] __x64_sys_ioctl+0x1a3/0x230 [ 108.798455] do_syscall_64+0x3b/0x90 [ 108.798686] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.798992] RIP: 0033:0x7f4b8743ee5d [ 108.799208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.800254] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.800690] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.801101] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.801510] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.801918] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.802326] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.802750] [ 108.802886] irq event stamp: 0 [ 108.803069] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.803433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.803913] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.804391] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.804751] ---[ end trace 0000000000000000 ]--- [ 108.806875] ------------[ cut here ]------------ [ 108.807153] WARNING: CPU: 1 PID: 968 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.807729] Modules linked in: [ 108.807914] CPU: 1 PID: 968 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.808410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.809055] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.809341] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.810382] RSP: 0018:ffff88800f0d7bd0 EFLAGS: 00010246 [ 108.810695] RAX: 0000000000000000 RBX: ffff888011ed00a8 RCX: 0000000000000000 [ 108.811107] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 108.811519] RBP: ffff88800f0d7be8 R08: ffffed10023da033 R09: ffffed10023da033 [ 108.811929] R10: ffff888011ed0193 R11: ffffed10023da032 R12: ffff888013405400 [ 108.812339] R13: ffff888011ed01e8 R14: ffff888013d63500 R15: 0000000000000000 [ 108.812750] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.813212] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.813545] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.813953] PKRU: 55555554 [ 108.814119] Call Trace: [ 108.814267] [ 108.814399] iommufd_access_destroy_object+0x65/0x170 [ 108.814709] iommufd_object_destroy_user+0x18e/0x220 [ 108.815009] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.815353] iommufd_access_destroy+0x43/0x70 [ 108.815620] iommufd_test_staccess_release+0x8d/0xd0 [ 108.815920] __fput+0x26d/0xa40 [ 108.816122] ____fput+0x1e/0x30 [ 108.816321] task_work_run+0x1a4/0x2d0 [ 108.816552] ? __pfx_task_work_run+0x10/0x10 [ 108.816811] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.817097] ? switch_task_namespaces+0xa9/0xe0 [ 108.817375] do_exit+0xb17/0x2ef0 [ 108.817577] ? lock_acquire+0x427/0x4c0 [ 108.817814] ? __pfx_lock_release+0x10/0x10 [ 108.818069] ? __kasan_check_write+0x18/0x20 [ 108.818326] ? do_raw_spin_lock+0x132/0x2a0 [ 108.818585] ? __pfx_do_exit+0x10/0x10 [ 108.818818] ? debug_smp_processor_id+0x20/0x30 [ 108.819088] ? rcu_is_watching+0x19/0xb0 [ 108.819326] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.819592] ? trace_hardirqs_on+0x26/0x120 [ 108.819848] do_group_exit+0xe0/0x2b0 [ 108.820070] __x64_sys_exit_group+0x47/0x50 [ 108.820319] do_syscall_64+0x3b/0x90 [ 108.820541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.820848] RIP: 0033:0x7f4b87518a4d [ 108.821062] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.821414] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.821847] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.822254] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.822672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.823079] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.823489] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.823904] [ 108.824039] irq event stamp: 0 [ 108.824221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.824581] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.825061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.825539] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.825899] ---[ end trace 0000000000000000 ]--- [ 108.826397] ------------[ cut here ]------------ [ 108.826674] WARNING: CPU: 1 PID: 968 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.827254] Modules linked in: [ 108.827438] CPU: 1 PID: 968 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.827934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.828576] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.828870] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.829909] RSP: 0018:ffff88800f0d7b78 EFLAGS: 00010246 [ 108.830212] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.830628] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 108.831036] RBP: ffff88800f0d7b98 R08: ffffed10023da03e R09: ffffed10023da03e [ 108.831447] R10: ffff888011ed01ef R11: ffffed10023da03d R12: ffff888011ed0290 [ 108.831855] R13: ffff888011ed00a8 R14: ffffffffffffffff R15: ffff88800f0d7c60 [ 108.832263] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 108.832723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.833056] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 108.833464] PKRU: 55555554 [ 108.833627] Call Trace: [ 108.833774] [ 108.833905] iommufd_ioas_destroy+0x53/0x70 [ 108.834157] iommufd_fops_release+0x1f7/0x370 [ 108.834422] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.834719] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.835007] ? write_comp_data+0x2f/0x90 [ 108.835252] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.835543] __fput+0x26d/0xa40 [ 108.835745] ____fput+0x1e/0x30 [ 108.835944] task_work_run+0x1a4/0x2d0 [ 108.836178] ? __pfx_task_work_run+0x10/0x10 [ 108.836438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.836726] ? switch_task_namespaces+0xa9/0xe0 [ 108.837004] do_exit+0xb17/0x2ef0 [ 108.837205] ? lock_acquire+0x427/0x4c0 [ 108.837442] ? __pfx_lock_release+0x10/0x10 [ 108.837697] ? __kasan_check_write+0x18/0x20 [ 108.837956] ? do_raw_spin_lock+0x132/0x2a0 [ 108.838207] ? __pfx_do_exit+0x10/0x10 [ 108.838439] ? debug_smp_processor_id+0x20/0x30 [ 108.838719] ? rcu_is_watching+0x19/0xb0 [ 108.838956] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.839223] ? trace_hardirqs_on+0x26/0x120 [ 108.839477] do_group_exit+0xe0/0x2b0 [ 108.839699] __x64_sys_exit_group+0x47/0x50 [ 108.839951] do_syscall_64+0x3b/0x90 [ 108.840173] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.840476] RIP: 0033:0x7f4b87518a4d [ 108.840690] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.841042] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.841475] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.841885] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.842291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.842708] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.843118] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.843530] [ 108.843667] irq event stamp: 0 [ 108.843849] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.844208] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.844684] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.845162] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.845521] ---[ end trace 0000000000000000 ]--- [ 108.848588] ------------[ cut here ]------------ [ 108.848969] WARNING: CPU: 0 PID: 969 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.849670] Modules linked in: [ 108.849892] CPU: 0 PID: 969 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.850492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.851514] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.851861] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.853128] RSP: 0018:ffff88800fb1fbb8 EFLAGS: 00010246 [ 108.853498] RAX: 0000000000000000 RBX: ffff888023d9a8a8 RCX: 0000000000000000 [ 108.853992] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 108.854483] RBP: ffff88800fb1fbd0 R08: ffffed10047b3533 R09: ffffed10047b3533 [ 108.854991] R10: ffff888023d9a993 R11: ffffed10047b3532 R12: ffff8880135d0000 [ 108.855487] R13: ffff888023d9a9e8 R14: ffffffff8352e670 R15: ffff88800fb1fe68 [ 108.855980] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.856536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.856938] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 108.857430] PKRU: 55555554 [ 108.857626] Call Trace: [ 108.857791] [ 108.857933] __iommufd_access_detach+0x1c2/0x2b0 [ 108.858242] iommufd_access_change_pt+0x149/0x270 [ 108.858588] iommufd_access_replace+0xb4/0x120 [ 108.858917] iommufd_test+0x3e5/0x37e0 [ 108.859192] ? lock_release+0x532/0x770 [ 108.859478] ? __might_fault+0x102/0x1b0 [ 108.859766] ? lock_acquire+0x427/0x4c0 [ 108.860052] ? __pfx_iommufd_test+0x10/0x10 [ 108.860352] ? __pfx_lock_release+0x10/0x10 [ 108.860658] ? __pfx_lock_acquire+0x10/0x10 [ 108.861045] ? write_comp_data+0x2f/0x90 [ 108.861336] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.861677] ? write_comp_data+0x2f/0x90 [ 108.861971] iommufd_fops_ioctl+0x37d/0x510 [ 108.862276] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.862629] ? write_comp_data+0x2f/0x90 [ 108.862920] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.863262] __x64_sys_ioctl+0x1a3/0x230 [ 108.863555] do_syscall_64+0x3b/0x90 [ 108.863821] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.864187] RIP: 0033:0x7f4b8743ee5d [ 108.864448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.865718] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.866247] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.866751] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.867248] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.867741] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.868234] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.868733] [ 108.868896] irq event stamp: 0 [ 108.869117] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.869554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.870135] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.870727] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.871171] ---[ end trace 0000000000000000 ]--- [ 108.880441] ------------[ cut here ]------------ [ 108.880794] WARNING: CPU: 0 PID: 969 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.881499] Modules linked in: [ 108.881722] CPU: 0 PID: 969 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.882328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.883197] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.883550] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.884822] RSP: 0018:ffff88800fb1fbd0 EFLAGS: 00010246 [ 108.885191] RAX: 0000000000000000 RBX: ffff888023d9a8a8 RCX: 0000000000000000 [ 108.885685] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 108.886183] RBP: ffff88800fb1fbe8 R08: ffffed10047b3533 R09: ffffed10047b3533 [ 108.886697] R10: ffff888023d9a993 R11: ffffed10047b3532 R12: ffff88801647ac00 [ 108.887248] R13: ffff888023d9a9e8 R14: ffff88800b8e3a00 R15: 0000000000000000 [ 108.887827] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.888505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.889006] CR2: 00007ff8dd3fba18 CR3: 000000001444e000 CR4: 0000000000750ef0 [ 108.889519] PKRU: 55555554 [ 108.889691] Call Trace: [ 108.889841] [ 108.889972] iommufd_access_destroy_object+0x65/0x170 [ 108.890352] iommufd_object_destroy_user+0x18e/0x220 [ 108.890823] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.891397] iommufd_access_destroy+0x43/0x70 [ 108.891785] iommufd_test_staccess_release+0x8d/0xd0 [ 108.892238] __fput+0x26d/0xa40 [ 108.892547] ____fput+0x1e/0x30 [ 108.892889] task_work_run+0x1a4/0x2d0 [ 108.893172] ? __pfx_task_work_run+0x10/0x10 [ 108.893488] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.893836] ? switch_task_namespaces+0xa9/0xe0 [ 108.894184] do_exit+0xb17/0x2ef0 [ 108.894492] ? lock_acquire+0x427/0x4c0 [ 108.894750] ? __pfx_lock_release+0x10/0x10 [ 108.895030] ? __kasan_check_write+0x18/0x20 [ 108.895344] ? do_raw_spin_lock+0x132/0x2a0 [ 108.895687] ? __pfx_do_exit+0x10/0x10 [ 108.896026] ? debug_smp_processor_id+0x20/0x30 [ 108.896431] ? rcu_is_watching+0x19/0xb0 [ 108.896790] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.897252] ? trace_hardirqs_on+0x26/0x120 [ 108.897606] do_group_exit+0xe0/0x2b0 [ 108.897884] __x64_sys_exit_group+0x47/0x50 [ 108.898203] do_syscall_64+0x3b/0x90 [ 108.898473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.898867] RIP: 0033:0x7f4b87518a4d [ 108.899094] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.899548] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.900104] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.900561] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.901094] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.901701] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.902211] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.902837] [ 108.902978] irq event stamp: 0 [ 108.903173] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.903560] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.904082] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.904669] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.905097] ---[ end trace 0000000000000000 ]--- [ 108.905870] ------------[ cut here ]------------ [ 108.906220] WARNING: CPU: 0 PID: 969 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.906999] Modules linked in: [ 108.907351] CPU: 0 PID: 969 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.907985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.908811] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.909263] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.910702] RSP: 0018:ffff88800fb1fb78 EFLAGS: 00010246 [ 108.911127] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.911650] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 108.912190] RBP: ffff88800fb1fb98 R08: ffffed10047b353e R09: ffffed10047b353e [ 108.912778] R10: ffff888023d9a9ef R11: ffffed10047b353d R12: ffff888023d9aa90 [ 108.913307] R13: ffff888023d9a8a8 R14: ffffffffffffffff R15: ffff88800fb1fc60 [ 108.913926] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.914538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.914951] CR2: 00007ff8dd3fba18 CR3: 000000001444e000 CR4: 0000000000750ef0 [ 108.915600] PKRU: 55555554 [ 108.915808] Call Trace: [ 108.916015] [ 108.916185] iommufd_ioas_destroy+0x53/0x70 [ 108.916505] iommufd_fops_release+0x1f7/0x370 [ 108.916841] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.917303] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.917662] ? write_comp_data+0x2f/0x90 [ 108.917976] ? __pfx_iommufd_fops_release+0x10/0x10 [ 108.918354] __fput+0x26d/0xa40 [ 108.918674] ____fput+0x1e/0x30 [ 108.918887] task_work_run+0x1a4/0x2d0 [ 108.919150] ? __pfx_task_work_run+0x10/0x10 [ 108.919430] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.919724] ? switch_task_namespaces+0xa9/0xe0 [ 108.920096] do_exit+0xb17/0x2ef0 [ 108.920312] ? lock_acquire+0x427/0x4c0 [ 108.920578] ? __pfx_lock_release+0x10/0x10 [ 108.920898] ? __kasan_check_write+0x18/0x20 [ 108.921230] ? do_raw_spin_lock+0x132/0x2a0 [ 108.921626] ? __pfx_do_exit+0x10/0x10 [ 108.921928] ? debug_smp_processor_id+0x20/0x30 [ 108.922273] ? rcu_is_watching+0x19/0xb0 [ 108.922598] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.922953] ? trace_hardirqs_on+0x26/0x120 [ 108.923333] do_group_exit+0xe0/0x2b0 [ 108.923672] __x64_sys_exit_group+0x47/0x50 [ 108.923985] do_syscall_64+0x3b/0x90 [ 108.924262] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.924641] RIP: 0033:0x7f4b87518a4d [ 108.925012] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.925448] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.925897] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.926400] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.926842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.927373] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.927977] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.928497] [ 108.928667] irq event stamp: 0 [ 108.928889] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.929384] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.930065] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.930677] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.931185] ---[ end trace 0000000000000000 ]--- [ 108.935561] ------------[ cut here ]------------ [ 108.935971] WARNING: CPU: 0 PID: 970 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.936648] Modules linked in: [ 108.936918] CPU: 0 PID: 970 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.937646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.938784] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.939187] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.940624] RSP: 0018:ffff888014a97bb8 EFLAGS: 00010246 [ 108.941011] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 108.941525] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 108.942165] RBP: ffff888014a97bd0 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 108.942752] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff888014583400 [ 108.943317] R13: ffff888017a471e8 R14: ffffffff8352e670 R15: ffff888014a97e68 [ 108.943863] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.944528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.944956] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 108.945596] PKRU: 55555554 [ 108.945812] Call Trace: [ 108.946006] [ 108.946181] __iommufd_access_detach+0x1c2/0x2b0 [ 108.946578] iommufd_access_change_pt+0x149/0x270 [ 108.946975] iommufd_access_replace+0xb4/0x120 [ 108.947468] iommufd_test+0x3e5/0x37e0 [ 108.947766] ? lock_release+0x532/0x770 [ 108.948070] ? __might_fault+0x102/0x1b0 [ 108.948376] ? lock_acquire+0x427/0x4c0 [ 108.948693] ? __pfx_iommufd_test+0x10/0x10 [ 108.949107] ? __pfx_lock_release+0x10/0x10 [ 108.949438] ? __pfx_lock_acquire+0x10/0x10 [ 108.949766] ? write_comp_data+0x2f/0x90 [ 108.950069] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.950563] ? write_comp_data+0x2f/0x90 [ 108.950888] iommufd_fops_ioctl+0x37d/0x510 [ 108.951236] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.951599] ? write_comp_data+0x2f/0x90 [ 108.952074] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 108.952374] __x64_sys_ioctl+0x1a3/0x230 [ 108.952729] do_syscall_64+0x3b/0x90 [ 108.952961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.953285] RIP: 0033:0x7f4b8743ee5d [ 108.953561] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 108.955061] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 108.955691] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 108.956311] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 108.956836] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 108.957449] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 108.957962] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 108.958491] [ 108.958696] irq event stamp: 0 [ 108.958928] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.959522] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.960125] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.960769] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.961301] ---[ end trace 0000000000000000 ]--- [ 108.964300] ------------[ cut here ]------------ [ 108.964647] WARNING: CPU: 0 PID: 970 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 108.965404] Modules linked in: [ 108.965721] CPU: 0 PID: 970 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.966351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.967304] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 108.967679] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 108.969042] RSP: 0018:ffff888014a97bd0 EFLAGS: 00010246 [ 108.969490] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 108.970005] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 108.970654] RBP: ffff888014a97be8 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 108.971225] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff8880135d3000 [ 108.971758] R13: ffff888017a471e8 R14: ffff888013796600 R15: 0000000000000000 [ 108.972316] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.972985] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.973410] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.973969] PKRU: 55555554 [ 108.974251] Call Trace: [ 108.974438] [ 108.974621] iommufd_access_destroy_object+0x65/0x170 [ 108.975005] iommufd_object_destroy_user+0x18e/0x220 [ 108.975396] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 108.975922] iommufd_access_destroy+0x43/0x70 [ 108.976259] iommufd_test_staccess_release+0x8d/0xd0 [ 108.976644] __fput+0x26d/0xa40 [ 108.976903] ____fput+0x1e/0x30 [ 108.977186] task_work_run+0x1a4/0x2d0 [ 108.977570] ? __pfx_task_work_run+0x10/0x10 [ 108.977909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 108.978286] ? switch_task_namespaces+0xa9/0xe0 [ 108.978687] do_exit+0xb17/0x2ef0 [ 108.978962] ? lock_acquire+0x427/0x4c0 [ 108.979290] ? __pfx_lock_release+0x10/0x10 [ 108.979730] ? __kasan_check_write+0x18/0x20 [ 108.980059] ? do_raw_spin_lock+0x132/0x2a0 [ 108.980377] ? __pfx_do_exit+0x10/0x10 [ 108.980660] ? debug_smp_processor_id+0x20/0x30 [ 108.981037] ? rcu_is_watching+0x19/0xb0 [ 108.981410] ? _raw_spin_unlock_irq+0x2b/0x60 [ 108.981732] ? trace_hardirqs_on+0x26/0x120 [ 108.982052] do_group_exit+0xe0/0x2b0 [ 108.982338] __x64_sys_exit_group+0x47/0x50 [ 108.982747] do_syscall_64+0x3b/0x90 [ 108.983012] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 108.983407] RIP: 0033:0x7f4b87518a4d [ 108.983674] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 108.984089] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 108.984732] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 108.985226] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 108.985673] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 108.986159] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 108.986597] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 108.987059] [ 108.987261] irq event stamp: 0 [ 108.987583] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 108.988030] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 108.988537] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 108.989121] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 108.989494] ---[ end trace 0000000000000000 ]--- [ 108.990104] ------------[ cut here ]------------ [ 108.990395] WARNING: CPU: 0 PID: 970 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 108.991014] Modules linked in: [ 108.991310] CPU: 0 PID: 970 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 108.991831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 108.992498] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 108.992850] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 108.994021] RSP: 0018:ffff888014a97b78 EFLAGS: 00010246 [ 108.994418] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 108.994865] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 108.995409] RBP: ffff888014a97b98 R08: ffffed1002f48e3e R09: ffffed1002f48e3e [ 108.995957] R10: ffff888017a471ef R11: ffffed1002f48e3d R12: ffff888017a47290 [ 108.996523] R13: ffff888017a470a8 R14: ffffffffffffffff R15: ffff888014a97c60 [ 108.997013] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 108.997689] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.998095] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 108.998623] PKRU: 55555554 [ 108.998841] Call Trace: [ 108.999049] [ 108.999318] iommufd_ioas_destroy+0x53/0x70 [ 108.999633] iommufd_fops_release+0x1f7/0x370 [ 108.999953] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.000312] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.000704] ? write_comp_data+0x2f/0x90 [ 109.000964] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.001264] __fput+0x26d/0xa40 [ 109.001480] ____fput+0x1e/0x30 [ 109.001725] task_work_run+0x1a4/0x2d0 [ 109.002042] ? __pfx_task_work_run+0x10/0x10 [ 109.002322] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.002631] ? switch_task_namespaces+0xa9/0xe0 [ 109.002923] do_exit+0xb17/0x2ef0 [ 109.003150] ? lock_acquire+0x427/0x4c0 [ 109.003443] ? __pfx_lock_release+0x10/0x10 [ 109.003765] ? __kasan_check_write+0x18/0x20 [ 109.004031] ? do_raw_spin_lock+0x132/0x2a0 [ 109.004294] ? __pfx_do_exit+0x10/0x10 [ 109.004554] ? debug_smp_processor_id+0x20/0x30 [ 109.004919] ? rcu_is_watching+0x19/0xb0 [ 109.005165] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.005445] ? trace_hardirqs_on+0x26/0x120 [ 109.005733] do_group_exit+0xe0/0x2b0 [ 109.006041] __x64_sys_exit_group+0x47/0x50 [ 109.006301] do_syscall_64+0x3b/0x90 [ 109.006551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.006875] RIP: 0033:0x7f4b87518a4d [ 109.007116] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.007605] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.008069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.008634] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.009146] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.009683] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.010262] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.010891] [ 109.011072] irq event stamp: 0 [ 109.011332] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.011766] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.012367] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.012868] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.013272] ---[ end trace 0000000000000000 ]--- [ 109.017253] ------------[ cut here ]------------ [ 109.017554] WARNING: CPU: 0 PID: 971 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.018179] Modules linked in: [ 109.018488] CPU: 0 PID: 971 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.019239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.020171] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.020497] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.021894] RSP: 0018:ffff8880165bfbb8 EFLAGS: 00010246 [ 109.022287] RAX: 0000000000000000 RBX: ffff88801587c0a8 RCX: 0000000000000000 [ 109.022730] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 109.023270] RBP: ffff8880165bfbd0 R08: ffffed1002b0f833 R09: ffffed1002b0f833 [ 109.023706] R10: ffff88801587c193 R11: ffffed1002b0f832 R12: ffff88800ae93400 [ 109.024141] R13: ffff88801587c1e8 R14: ffffffff8352e670 R15: ffff8880165bfe68 [ 109.024663] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.025196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.025676] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 109.026295] PKRU: 55555554 [ 109.026558] Call Trace: [ 109.026768] [ 109.026947] __iommufd_access_detach+0x1c2/0x2b0 [ 109.027448] iommufd_access_change_pt+0x149/0x270 [ 109.027803] iommufd_access_replace+0xb4/0x120 [ 109.028092] iommufd_test+0x3e5/0x37e0 [ 109.028339] ? lock_release+0x532/0x770 [ 109.028590] ? __might_fault+0x102/0x1b0 [ 109.028843] ? lock_acquire+0x427/0x4c0 [ 109.029092] ? __pfx_iommufd_test+0x10/0x10 [ 109.029359] ? __pfx_lock_release+0x10/0x10 [ 109.029631] ? __pfx_lock_acquire+0x10/0x10 [ 109.029901] ? write_comp_data+0x2f/0x90 [ 109.030153] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.030450] ? write_comp_data+0x2f/0x90 [ 109.030716] iommufd_fops_ioctl+0x37d/0x510 [ 109.030993] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.031370] ? write_comp_data+0x2f/0x90 [ 109.031677] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.032038] __x64_sys_ioctl+0x1a3/0x230 [ 109.032337] do_syscall_64+0x3b/0x90 [ 109.032571] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.032895] RIP: 0033:0x7f4b8743ee5d [ 109.033129] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.034214] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.034687] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.035141] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.035581] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.036013] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.036456] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.036888] [ 109.037031] irq event stamp: 0 [ 109.037226] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.037618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.038119] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.038638] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.039023] ---[ end trace 0000000000000000 ]--- [ 109.041988] ------------[ cut here ]------------ [ 109.042339] WARNING: CPU: 0 PID: 971 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.043219] Modules linked in: [ 109.043458] CPU: 0 PID: 971 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.044081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.044906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.045214] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.046404] RSP: 0018:ffff8880165bfbd0 EFLAGS: 00010246 [ 109.046738] RAX: 0000000000000000 RBX: ffff88801587c0a8 RCX: 0000000000000000 [ 109.047197] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 109.047641] RBP: ffff8880165bfbe8 R08: ffffed1002b0f833 R09: ffffed1002b0f833 [ 109.048168] R10: ffff88801587c193 R11: ffffed1002b0f832 R12: ffff888014580c00 [ 109.048612] R13: ffff88801587c1e8 R14: ffff8880121b3100 R15: 0000000000000000 [ 109.049147] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.049639] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.049990] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.050427] PKRU: 55555554 [ 109.050610] Call Trace: [ 109.050776] [ 109.050922] iommufd_access_destroy_object+0x65/0x170 [ 109.051271] iommufd_object_destroy_user+0x18e/0x220 [ 109.051600] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.051961] iommufd_access_destroy+0x43/0x70 [ 109.052243] iommufd_test_staccess_release+0x8d/0xd0 [ 109.052559] __fput+0x26d/0xa40 [ 109.052773] ____fput+0x1e/0x30 [ 109.052982] task_work_run+0x1a4/0x2d0 [ 109.053228] ? __pfx_task_work_run+0x10/0x10 [ 109.053506] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.053816] ? switch_task_namespaces+0xa9/0xe0 [ 109.054113] do_exit+0xb17/0x2ef0 [ 109.054329] ? lock_acquire+0x427/0x4c0 [ 109.054594] ? __pfx_lock_release+0x10/0x10 [ 109.054864] ? __kasan_check_write+0x18/0x20 [ 109.055156] ? do_raw_spin_lock+0x132/0x2a0 [ 109.055429] ? __pfx_do_exit+0x10/0x10 [ 109.055675] ? debug_smp_processor_id+0x20/0x30 [ 109.055963] ? rcu_is_watching+0x19/0xb0 [ 109.056260] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.056631] ? trace_hardirqs_on+0x26/0x120 [ 109.056928] do_group_exit+0xe0/0x2b0 [ 109.057213] __x64_sys_exit_group+0x47/0x50 [ 109.057583] do_syscall_64+0x3b/0x90 [ 109.057941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.058323] RIP: 0033:0x7f4b87518a4d [ 109.058607] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.058984] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.059467] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.059897] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.060328] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.060753] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.061189] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.061625] [ 109.061767] irq event stamp: 0 [ 109.061960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.062341] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.062882] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.063430] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.063891] ---[ end trace 0000000000000000 ]--- [ 109.064719] ------------[ cut here ]------------ [ 109.065052] WARNING: CPU: 0 PID: 971 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.065767] Modules linked in: [ 109.065970] CPU: 0 PID: 971 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.066496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.067357] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.067683] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.068780] RSP: 0018:ffff8880165bfb78 EFLAGS: 00010246 [ 109.069101] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.069528] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 109.069956] RBP: ffff8880165bfb98 R08: ffffed1002b0f83e R09: ffffed1002b0f83e [ 109.070386] R10: ffff88801587c1ef R11: ffffed1002b0f83d R12: ffff88801587c290 [ 109.070834] R13: ffff88801587c0a8 R14: ffffffffffffffff R15: ffff8880165bfc60 [ 109.071307] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.071798] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.072197] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.072720] PKRU: 55555554 [ 109.072894] Call Trace: [ 109.073050] [ 109.073195] iommufd_ioas_destroy+0x53/0x70 [ 109.073565] iommufd_fops_release+0x1f7/0x370 [ 109.073858] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.074177] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.074483] ? write_comp_data+0x2f/0x90 [ 109.074857] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.075193] __fput+0x26d/0xa40 [ 109.075414] ____fput+0x1e/0x30 [ 109.075625] task_work_run+0x1a4/0x2d0 [ 109.075877] ? __pfx_task_work_run+0x10/0x10 [ 109.076173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.076554] ? switch_task_namespaces+0xa9/0xe0 [ 109.076852] do_exit+0xb17/0x2ef0 [ 109.077073] ? lock_acquire+0x427/0x4c0 [ 109.077356] ? __pfx_lock_release+0x10/0x10 [ 109.077700] ? __kasan_check_write+0x18/0x20 [ 109.077983] ? do_raw_spin_lock+0x132/0x2a0 [ 109.078259] ? __pfx_do_exit+0x10/0x10 [ 109.078541] ? debug_smp_processor_id+0x20/0x30 [ 109.078924] ? rcu_is_watching+0x19/0xb0 [ 109.079199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.079494] ? trace_hardirqs_on+0x26/0x120 [ 109.079770] do_group_exit+0xe0/0x2b0 [ 109.080013] __x64_sys_exit_group+0x47/0x50 [ 109.080329] do_syscall_64+0x3b/0x90 [ 109.080639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.080970] RIP: 0033:0x7f4b87518a4d [ 109.081208] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.081640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.082175] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.082629] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.083104] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.083652] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.084097] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.084646] [ 109.084797] irq event stamp: 0 [ 109.084998] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.085398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.086032] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.086574] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.086983] ---[ end trace 0000000000000000 ]--- [ 109.091363] ------------[ cut here ]------------ [ 109.091797] WARNING: CPU: 0 PID: 972 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.092441] Modules linked in: [ 109.092648] CPU: 0 PID: 972 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.093302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.094035] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.094431] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.095726] RSP: 0018:ffff88800ea1fbb8 EFLAGS: 00010246 [ 109.096071] RAX: 0000000000000000 RBX: ffff888020ad88a8 RCX: 0000000000000000 [ 109.096532] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 109.096991] RBP: ffff88800ea1fbd0 R08: ffffed100415b133 R09: ffffed100415b133 [ 109.097446] R10: ffff888020ad8993 R11: ffffed100415b132 R12: ffff888013b16c00 [ 109.097902] R13: ffff888020ad89e8 R14: ffffffff8352e670 R15: ffff88800ea1fe68 [ 109.098357] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.098893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.099289] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 109.099750] PKRU: 55555554 [ 109.099935] Call Trace: [ 109.100102] [ 109.100251] __iommufd_access_detach+0x1c2/0x2b0 [ 109.100572] iommufd_access_change_pt+0x149/0x270 [ 109.100896] iommufd_access_replace+0xb4/0x120 [ 109.101204] iommufd_test+0x3e5/0x37e0 [ 109.101460] ? lock_release+0x532/0x770 [ 109.101730] ? __might_fault+0x102/0x1b0 [ 109.102003] ? lock_acquire+0x427/0x4c0 [ 109.102271] ? __pfx_iommufd_test+0x10/0x10 [ 109.102566] ? __pfx_lock_release+0x10/0x10 [ 109.102856] ? __pfx_lock_acquire+0x10/0x10 [ 109.103155] ? write_comp_data+0x2f/0x90 [ 109.103433] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.103758] ? write_comp_data+0x2f/0x90 [ 109.104035] iommufd_fops_ioctl+0x37d/0x510 [ 109.104323] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.104647] ? write_comp_data+0x2f/0x90 [ 109.104919] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.105235] __x64_sys_ioctl+0x1a3/0x230 [ 109.105508] do_syscall_64+0x3b/0x90 [ 109.105760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.106103] RIP: 0033:0x7f4b8743ee5d [ 109.106346] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.107543] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.108037] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.108497] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.108958] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.109417] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.109876] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.110342] [ 109.110495] irq event stamp: 0 [ 109.110713] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.111136] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.111690] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.112236] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.112646] ---[ end trace 0000000000000000 ]--- [ 109.115324] ------------[ cut here ]------------ [ 109.115656] WARNING: CPU: 0 PID: 972 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.116389] Modules linked in: [ 109.116688] CPU: 0 PID: 972 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.117265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.118027] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.118388] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.119752] RSP: 0018:ffff88800ea1fbd0 EFLAGS: 00010246 [ 109.120120] RAX: 0000000000000000 RBX: ffff888020ad88a8 RCX: 0000000000000000 [ 109.120597] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 109.121224] RBP: ffff88800ea1fbe8 R08: ffffed100415b133 R09: ffffed100415b133 [ 109.121705] R10: ffff888020ad8993 R11: ffffed100415b132 R12: ffff88801890d000 [ 109.122188] R13: ffff888020ad89e8 R14: ffff88800b8e3d00 R15: 0000000000000000 [ 109.122680] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.123256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.123771] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.124278] PKRU: 55555554 [ 109.124478] Call Trace: [ 109.124661] [ 109.124823] iommufd_access_destroy_object+0x65/0x170 [ 109.125194] iommufd_object_destroy_user+0x18e/0x220 [ 109.125710] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.126133] iommufd_access_destroy+0x43/0x70 [ 109.126463] iommufd_test_staccess_release+0x8d/0xd0 [ 109.126851] __fput+0x26d/0xa40 [ 109.127107] ____fput+0x1e/0x30 [ 109.127363] task_work_run+0x1a4/0x2d0 [ 109.127650] ? __pfx_task_work_run+0x10/0x10 [ 109.127976] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.128336] ? switch_task_namespaces+0xa9/0xe0 [ 109.128699] do_exit+0xb17/0x2ef0 [ 109.129096] ? lock_acquire+0x427/0x4c0 [ 109.129392] ? __pfx_lock_release+0x10/0x10 [ 109.129708] ? __kasan_check_write+0x18/0x20 [ 109.130025] ? do_raw_spin_lock+0x132/0x2a0 [ 109.130336] ? __pfx_do_exit+0x10/0x10 [ 109.130641] ? debug_smp_processor_id+0x20/0x30 [ 109.130977] ? rcu_is_watching+0x19/0xb0 [ 109.131280] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.131610] ? trace_hardirqs_on+0x26/0x120 [ 109.131925] do_group_exit+0xe0/0x2b0 [ 109.132351] __x64_sys_exit_group+0x47/0x50 [ 109.132668] do_syscall_64+0x3b/0x90 [ 109.132952] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.133338] RIP: 0033:0x7f4b87518a4d [ 109.133614] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.134068] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.134788] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.135324] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.135847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.136369] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.136896] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.137427] [ 109.137602] irq event stamp: 0 [ 109.137833] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.138295] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.138922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.139542] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.140006] ---[ end trace 0000000000000000 ]--- [ 109.140740] ------------[ cut here ]------------ [ 109.141093] WARNING: CPU: 0 PID: 972 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.141841] Modules linked in: [ 109.142084] CPU: 0 PID: 972 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.142789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.143823] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.144219] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.145593] RSP: 0018:ffff88800ea1fb78 EFLAGS: 00010246 [ 109.146129] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.146705] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 109.147259] RBP: ffff88800ea1fb98 R08: ffffed100415b13e R09: ffffed100415b13e [ 109.147812] R10: ffff888020ad89ef R11: ffffed100415b13d R12: ffff888020ad8a90 [ 109.148372] R13: ffff888020ad88a8 R14: ffffffffffffffff R15: ffff88800ea1fc60 [ 109.148924] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.149725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.150179] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.150757] PKRU: 55555554 [ 109.150984] Call Trace: [ 109.151198] [ 109.151378] iommufd_ioas_destroy+0x53/0x70 [ 109.151726] iommufd_fops_release+0x1f7/0x370 [ 109.152087] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.152484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.152915] ? write_comp_data+0x2f/0x90 [ 109.153386] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.153798] __fput+0x26d/0xa40 [ 109.154074] ____fput+0x1e/0x30 [ 109.154347] task_work_run+0x1a4/0x2d0 [ 109.154690] ? __pfx_task_work_run+0x10/0x10 [ 109.155047] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.155464] ? switch_task_namespaces+0xa9/0xe0 [ 109.155845] do_exit+0xb17/0x2ef0 [ 109.156201] ? lock_acquire+0x427/0x4c0 [ 109.156600] ? __pfx_lock_release+0x10/0x10 [ 109.156956] ? __kasan_check_write+0x18/0x20 [ 109.157310] ? do_raw_spin_lock+0x132/0x2a0 [ 109.157715] ? __pfx_do_exit+0x10/0x10 [ 109.158102] ? debug_smp_processor_id+0x20/0x30 [ 109.158472] ? rcu_is_watching+0x19/0xb0 [ 109.158827] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.159208] ? trace_hardirqs_on+0x26/0x120 [ 109.159584] do_group_exit+0xe0/0x2b0 [ 109.159997] __x64_sys_exit_group+0x47/0x50 [ 109.160342] do_syscall_64+0x3b/0x90 [ 109.160655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.161144] RIP: 0033:0x7f4b87518a4d [ 109.161496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.162002] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.162781] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.163380] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.163968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.164712] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.165300] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.165904] [ 109.166160] irq event stamp: 0 [ 109.166501] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.167052] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.167768] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.168650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.169173] ---[ end trace 0000000000000000 ]--- [ 109.173107] ------------[ cut here ]------------ [ 109.173700] WARNING: CPU: 0 PID: 973 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.174625] Modules linked in: [ 109.174913] CPU: 0 PID: 973 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.175903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.176875] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.177315] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.178924] RSP: 0018:ffff888015a8fbb8 EFLAGS: 00010246 [ 109.179410] RAX: 0000000000000000 RBX: ffff8880244180a8 RCX: 0000000000000000 [ 109.180030] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 109.180659] RBP: ffff888015a8fbd0 R08: ffffed1004883033 R09: ffffed1004883033 [ 109.181284] R10: ffff888024418193 R11: ffffed1004883032 R12: ffff8880188da000 [ 109.181905] R13: ffff8880244181e8 R14: ffffffff8352e670 R15: ffff888015a8fe68 [ 109.182545] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.183281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.183794] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ef0 [ 109.184422] PKRU: 55555554 [ 109.184680] Call Trace: [ 109.184910] [ 109.185122] __iommufd_access_detach+0x1c2/0x2b0 [ 109.185566] iommufd_access_change_pt+0x149/0x270 [ 109.186005] iommufd_access_replace+0xb4/0x120 [ 109.186422] iommufd_test+0x3e5/0x37e0 [ 109.186794] ? lock_release+0x532/0x770 [ 109.187167] ? __might_fault+0x102/0x1b0 [ 109.187536] ? lock_acquire+0x427/0x4c0 [ 109.187900] ? __pfx_iommufd_test+0x10/0x10 [ 109.188282] ? __pfx_lock_release+0x10/0x10 [ 109.188672] ? __pfx_lock_acquire+0x10/0x10 [ 109.189071] ? write_comp_data+0x2f/0x90 [ 109.189441] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.189875] ? write_comp_data+0x2f/0x90 [ 109.190257] iommufd_fops_ioctl+0x37d/0x510 [ 109.190682] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.191143] ? write_comp_data+0x2f/0x90 [ 109.191525] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.191960] __x64_sys_ioctl+0x1a3/0x230 [ 109.192333] do_syscall_64+0x3b/0x90 [ 109.192676] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.193146] RIP: 0033:0x7f4b8743ee5d [ 109.193481] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.195105] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.195797] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.196430] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.197058] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.197691] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.198319] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.198990] [ 109.199216] irq event stamp: 0 [ 109.199493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.200041] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.200769] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.201491] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.202052] ---[ end trace 0000000000000000 ]--- [ 109.205504] ------------[ cut here ]------------ [ 109.205941] WARNING: CPU: 0 PID: 973 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.207185] Modules linked in: [ 109.207493] CPU: 0 PID: 973 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.208298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.209556] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.210031] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.211992] RSP: 0018:ffff888015a8fbd0 EFLAGS: 00010246 [ 109.212498] RAX: 0000000000000000 RBX: ffff8880244180a8 RCX: 0000000000000000 [ 109.213386] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 109.214059] RBP: ffff888015a8fbe8 R08: ffffed1004883033 R09: ffffed1004883033 [ 109.214990] R10: ffff888024418193 R11: ffffed1004883032 R12: ffff888013b16800 [ 109.215692] R13: ffff8880244181e8 R14: ffff88800b8fcb00 R15: 0000000000000000 [ 109.216381] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.217367] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.217921] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.218842] PKRU: 55555554 [ 109.219132] Call Trace: [ 109.219382] [ 109.219598] iommufd_access_destroy_object+0x65/0x170 [ 109.220103] iommufd_object_destroy_user+0x18e/0x220 [ 109.220654] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.221355] iommufd_access_destroy+0x43/0x70 [ 109.221810] iommufd_test_staccess_release+0x8d/0xd0 [ 109.222376] __fput+0x26d/0xa40 [ 109.222883] ____fput+0x1e/0x30 [ 109.223236] task_work_run+0x1a4/0x2d0 [ 109.223629] ? __pfx_task_work_run+0x10/0x10 [ 109.224065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.224595] ? switch_task_namespaces+0xa9/0xe0 [ 109.225227] do_exit+0xb17/0x2ef0 [ 109.225597] ? lock_acquire+0x427/0x4c0 [ 109.226045] ? __pfx_lock_release+0x10/0x10 [ 109.226648] ? __kasan_check_write+0x18/0x20 [ 109.227290] ? do_raw_spin_lock+0x132/0x2a0 [ 109.227757] ? __pfx_do_exit+0x10/0x10 [ 109.228183] ? debug_smp_processor_id+0x20/0x30 [ 109.228730] ? rcu_is_watching+0x19/0xb0 [ 109.229334] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.229809] ? trace_hardirqs_on+0x26/0x120 [ 109.230271] do_group_exit+0xe0/0x2b0 [ 109.230722] __x64_sys_exit_group+0x47/0x50 [ 109.231205] do_syscall_64+0x3b/0x90 [ 109.231609] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.232164] RIP: 0033:0x7f4b87518a4d [ 109.232563] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.233204] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.233993] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.234778] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.235563] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.236328] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.237185] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.238144] [ 109.238402] irq event stamp: 0 [ 109.238764] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.239555] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.240572] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.241436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.242093] ---[ end trace 0000000000000000 ]--- [ 109.243023] ------------[ cut here ]------------ [ 109.243553] WARNING: CPU: 0 PID: 973 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.244671] Modules linked in: [ 109.245268] CPU: 0 PID: 973 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.246176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.247645] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.248203] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.250124] RSP: 0018:ffff888015a8fb78 EFLAGS: 00010246 [ 109.250716] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.251491] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 109.252252] RBP: ffff888015a8fb98 R08: ffffed100488303e R09: ffffed100488303e [ 109.252991] R10: ffff8880244181ef R11: ffffed100488303d R12: ffff888024418290 [ 109.253741] R13: ffff8880244180a8 R14: ffffffffffffffff R15: ffff888015a8fc60 [ 109.254476] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.255360] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.255966] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.256704] PKRU: 55555554 [ 109.257000] Call Trace: [ 109.257273] [ 109.257510] iommufd_ioas_destroy+0x53/0x70 [ 109.257967] iommufd_fops_release+0x1f7/0x370 [ 109.258445] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.259005] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.259546] ? write_comp_data+0x2f/0x90 [ 109.259981] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.260502] __fput+0x26d/0xa40 [ 109.260855] ____fput+0x1e/0x30 [ 109.261204] task_work_run+0x1a4/0x2d0 [ 109.261615] ? __pfx_task_work_run+0x10/0x10 [ 109.262078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.262617] ? switch_task_namespaces+0xa9/0xe0 [ 109.263124] do_exit+0xb17/0x2ef0 [ 109.263487] ? lock_acquire+0x427/0x4c0 [ 109.263913] ? __pfx_lock_release+0x10/0x10 [ 109.264374] ? __kasan_check_write+0x18/0x20 [ 109.264838] ? do_raw_spin_lock+0x132/0x2a0 [ 109.265292] ? __pfx_do_exit+0x10/0x10 [ 109.265707] ? debug_smp_processor_id+0x20/0x30 [ 109.266194] ? rcu_is_watching+0x19/0xb0 [ 109.266661] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.267182] ? trace_hardirqs_on+0x26/0x120 [ 109.267647] do_group_exit+0xe0/0x2b0 [ 109.268051] __x64_sys_exit_group+0x47/0x50 [ 109.268507] do_syscall_64+0x3b/0x90 [ 109.268910] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.269467] RIP: 0033:0x7f4b87518a4d [ 109.269861] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.270541] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.271371] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.272109] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.272857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.273595] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.274328] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.275119] [ 109.275385] irq event stamp: 0 [ 109.275721] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.276375] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.277254] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.278116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.278802] ---[ end trace 0000000000000000 ]--- [ 109.286035] ------------[ cut here ]------------ [ 109.286998] WARNING: CPU: 1 PID: 974 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.288054] Modules linked in: [ 109.288546] CPU: 1 PID: 974 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.289629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.291041] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.291608] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.293672] RSP: 0018:ffff88800e94fbb8 EFLAGS: 00010246 [ 109.294218] RAX: 0000000000000000 RBX: ffff8880149728a8 RCX: 0000000000000000 [ 109.294996] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 109.295944] RBP: ffff88800e94fbd0 R08: ffffed100292e533 R09: ffffed100292e533 [ 109.296660] R10: ffff888014972993 R11: ffffed100292e532 R12: ffff88800ba2d800 [ 109.297387] R13: ffff8880149729e8 R14: ffffffff8352e670 R15: ffff88800e94fe68 [ 109.298331] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.299216] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.299834] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 109.300807] PKRU: 55555554 [ 109.301113] Call Trace: [ 109.301381] [ 109.301615] __iommufd_access_detach+0x1c2/0x2b0 [ 109.302135] iommufd_access_change_pt+0x149/0x270 [ 109.302884] iommufd_access_replace+0xb4/0x120 [ 109.303400] iommufd_test+0x3e5/0x37e0 [ 109.303810] ? lock_release+0x532/0x770 [ 109.304231] ? __might_fault+0x102/0x1b0 [ 109.304686] ? lock_acquire+0x427/0x4c0 [ 109.305306] ? __pfx_iommufd_test+0x10/0x10 [ 109.305760] ? __pfx_lock_release+0x10/0x10 [ 109.306218] ? __pfx_lock_acquire+0x10/0x10 [ 109.306717] ? write_comp_data+0x2f/0x90 [ 109.307384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.307896] ? write_comp_data+0x2f/0x90 [ 109.308336] iommufd_fops_ioctl+0x37d/0x510 [ 109.308795] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.309566] ? write_comp_data+0x2f/0x90 [ 109.310083] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.310650] __x64_sys_ioctl+0x1a3/0x230 [ 109.311094] do_syscall_64+0x3b/0x90 [ 109.311514] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.312170] RIP: 0033:0x7f4b8743ee5d [ 109.312659] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.314810] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.315634] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.316377] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.317348] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.318087] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.318860] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.319871] [ 109.320119] irq event stamp: 0 [ 109.320451] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.321096] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.322142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.323034] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.323704] ---[ end trace 0000000000000000 ]--- [ 109.327032] ------------[ cut here ]------------ [ 109.327580] WARNING: CPU: 1 PID: 974 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.328742] Modules linked in: [ 109.329167] CPU: 1 PID: 974 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.330057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.331703] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.332241] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.334337] RSP: 0018:ffff88800e94fbd0 EFLAGS: 00010246 [ 109.334922] RAX: 0000000000000000 RBX: ffff8880149728a8 RCX: 0000000000000000 [ 109.335706] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 109.336597] RBP: ffff88800e94fbe8 R08: ffffed100292e533 R09: ffffed100292e533 [ 109.337340] R10: ffff888014972993 R11: ffffed100292e532 R12: ffff8880144d7000 [ 109.338293] R13: ffff8880149729e8 R14: ffff8880122e4900 R15: 0000000000000000 [ 109.339207] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.340044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.340691] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 109.341667] PKRU: 55555554 [ 109.341987] Call Trace: [ 109.342255] [ 109.342495] iommufd_access_destroy_object+0x65/0x170 [ 109.343088] iommufd_object_destroy_user+0x18e/0x220 [ 109.343918] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.344541] iommufd_access_destroy+0x43/0x70 [ 109.345032] iommufd_test_staccess_release+0x8d/0xd0 [ 109.345577] __fput+0x26d/0xa40 [ 109.346165] ____fput+0x1e/0x30 [ 109.346563] task_work_run+0x1a4/0x2d0 [ 109.346981] ? __pfx_task_work_run+0x10/0x10 [ 109.347475] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.348160] ? switch_task_namespaces+0xa9/0xe0 [ 109.348751] do_exit+0xb17/0x2ef0 [ 109.349118] ? lock_acquire+0x427/0x4c0 [ 109.349553] ? __pfx_lock_release+0x10/0x10 [ 109.350017] ? __kasan_check_write+0x18/0x20 [ 109.350784] ? do_raw_spin_lock+0x132/0x2a0 [ 109.351262] ? __pfx_do_exit+0x10/0x10 [ 109.351694] ? debug_smp_processor_id+0x20/0x30 [ 109.352197] ? rcu_is_watching+0x19/0xb0 [ 109.352805] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.353414] ? trace_hardirqs_on+0x26/0x120 [ 109.353878] do_group_exit+0xe0/0x2b0 [ 109.354282] __x64_sys_exit_group+0x47/0x50 [ 109.354798] do_syscall_64+0x3b/0x90 [ 109.355375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.355935] RIP: 0033:0x7f4b87518a4d [ 109.356327] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.357032] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.357991] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.358761] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.359756] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.360492] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.361234] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.362253] [ 109.362537] irq event stamp: 0 [ 109.362871] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.363550] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.364683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.365552] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.366376] ---[ end trace 0000000000000000 ]--- [ 109.368922] ------------[ cut here ]------------ [ 109.369455] WARNING: CPU: 1 PID: 974 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.370725] Modules linked in: [ 109.371102] CPU: 1 PID: 974 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.372027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.373509] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.374064] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.376397] RSP: 0018:ffff88800e94fb78 EFLAGS: 00010246 [ 109.376975] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.377743] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 109.378730] RBP: ffff88800e94fb98 R08: ffffed100292e53e R09: ffffed100292e53e [ 109.379488] R10: ffff8880149729ef R11: ffffed100292e53d R12: ffff888014972a90 [ 109.380399] R13: ffff8880149728a8 R14: ffffffffffffffff R15: ffff88800e94fc60 [ 109.381247] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.382102] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.382994] CR2: 00007f82e2f94018 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 109.383759] PKRU: 55555554 [ 109.384065] Call Trace: [ 109.384339] [ 109.384579] iommufd_ioas_destroy+0x53/0x70 [ 109.385285] iommufd_fops_release+0x1f7/0x370 [ 109.385766] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.386310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.386880] ? write_comp_data+0x2f/0x90 [ 109.387541] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.388088] __fput+0x26d/0xa40 [ 109.388470] ____fput+0x1e/0x30 [ 109.388835] task_work_run+0x1a4/0x2d0 [ 109.389340] ? __pfx_task_work_run+0x10/0x10 [ 109.389969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.390488] ? switch_task_namespaces+0xa9/0xe0 [ 109.391023] do_exit+0xb17/0x2ef0 [ 109.391402] ? lock_acquire+0x427/0x4c0 [ 109.392108] ? __pfx_lock_release+0x10/0x10 [ 109.392572] ? __kasan_check_write+0x18/0x20 [ 109.393039] ? do_raw_spin_lock+0x132/0x2a0 [ 109.393499] ? __pfx_do_exit+0x10/0x10 [ 109.394083] ? debug_smp_processor_id+0x20/0x30 [ 109.394692] ? rcu_is_watching+0x19/0xb0 [ 109.395150] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.395645] ? trace_hardirqs_on+0x26/0x120 [ 109.396161] do_group_exit+0xe0/0x2b0 [ 109.396738] __x64_sys_exit_group+0x47/0x50 [ 109.397194] do_syscall_64+0x3b/0x90 [ 109.397600] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.398152] RIP: 0033:0x7f4b87518a4d [ 109.398696] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.399413] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.400213] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.401208] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.401961] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.402735] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.403726] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.404490] [ 109.404748] irq event stamp: 0 [ 109.405083] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.405937] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.406855] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.407750] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.408410] ---[ end trace 0000000000000000 ]--- [ 109.413665] ------------[ cut here ]------------ [ 109.414212] WARNING: CPU: 1 PID: 975 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.415528] Modules linked in: [ 109.415863] CPU: 1 PID: 975 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.416806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.418100] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.418633] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.420725] RSP: 0018:ffff8880159a7bb8 EFLAGS: 00010246 [ 109.421492] RAX: 0000000000000000 RBX: ffff88802460c8a8 RCX: 0000000000000000 [ 109.422213] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 109.422964] RBP: ffff8880159a7bd0 R08: ffffed10048c1933 R09: ffffed10048c1933 [ 109.424134] R10: ffff88802460c993 R11: ffffed10048c1932 R12: ffff888013b21000 [ 109.425126] R13: ffff88802460c9e8 R14: ffffffff8352e670 R15: ffff8880159a7e68 [ 109.426204] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.427470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.428373] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ee0 [ 109.429448] PKRU: 55555554 [ 109.429943] Call Trace: [ 109.430297] [ 109.430666] __iommufd_access_detach+0x1c2/0x2b0 [ 109.431413] iommufd_access_change_pt+0x149/0x270 [ 109.432204] iommufd_access_replace+0xb4/0x120 [ 109.432856] iommufd_test+0x3e5/0x37e0 [ 109.433423] ? lock_release+0x532/0x770 [ 109.434120] ? __might_fault+0x102/0x1b0 [ 109.434740] ? lock_acquire+0x427/0x4c0 [ 109.435340] ? __pfx_iommufd_test+0x10/0x10 [ 109.435926] ? __pfx_lock_release+0x10/0x10 [ 109.436596] ? __pfx_lock_acquire+0x10/0x10 [ 109.437313] ? write_comp_data+0x2f/0x90 [ 109.437890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.438674] ? write_comp_data+0x2f/0x90 [ 109.439417] iommufd_fops_ioctl+0x37d/0x510 [ 109.440028] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.440706] ? write_comp_data+0x2f/0x90 [ 109.441506] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.442175] __x64_sys_ioctl+0x1a3/0x230 [ 109.442822] do_syscall_64+0x3b/0x90 [ 109.443416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.444264] RIP: 0033:0x7f4b8743ee5d [ 109.444784] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.447611] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.448928] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.449948] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.451080] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.452066] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.453236] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.454205] [ 109.454714] irq event stamp: 0 [ 109.455294] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.456143] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.457491] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.458687] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.459777] ---[ end trace 0000000000000000 ]--- [ 109.464954] ------------[ cut here ]------------ [ 109.465890] WARNING: CPU: 1 PID: 975 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.467387] Modules linked in: [ 109.467912] CPU: 1 PID: 975 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.469172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.471415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.472000] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.474421] RSP: 0018:ffff8880159a7bd0 EFLAGS: 00010246 [ 109.475202] RAX: 0000000000000000 RBX: ffff88802460c8a8 RCX: 0000000000000000 [ 109.475946] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 109.476737] RBP: ffff8880159a7be8 R08: ffffed10048c1933 R09: ffffed10048c1933 [ 109.477636] R10: ffff88802460c993 R11: ffffed10048c1932 R12: ffff88800ba2d000 [ 109.478377] R13: ffff88802460c9e8 R14: ffff8880143e0f00 R15: 0000000000000000 [ 109.479365] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.480219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.480839] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 109.481828] PKRU: 55555554 [ 109.482127] Call Trace: [ 109.482401] [ 109.482696] iommufd_access_destroy_object+0x65/0x170 [ 109.483267] iommufd_object_destroy_user+0x18e/0x220 [ 109.483869] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.484645] iommufd_access_destroy+0x43/0x70 [ 109.485138] iommufd_test_staccess_release+0x8d/0xd0 [ 109.485701] __fput+0x26d/0xa40 [ 109.486194] ____fput+0x1e/0x30 [ 109.486704] task_work_run+0x1a4/0x2d0 [ 109.487155] ? __pfx_task_work_run+0x10/0x10 [ 109.487628] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.488276] ? switch_task_namespaces+0xa9/0xe0 [ 109.488984] do_exit+0xb17/0x2ef0 [ 109.489362] ? lock_acquire+0x427/0x4c0 [ 109.489806] ? __pfx_lock_release+0x10/0x10 [ 109.490275] ? __kasan_check_write+0x18/0x20 [ 109.490914] ? do_raw_spin_lock+0x132/0x2a0 [ 109.491482] ? __pfx_do_exit+0x10/0x10 [ 109.491910] ? debug_smp_processor_id+0x20/0x30 [ 109.492415] ? rcu_is_watching+0x19/0xb0 [ 109.492844] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.493432] ? trace_hardirqs_on+0x26/0x120 [ 109.493999] do_group_exit+0xe0/0x2b0 [ 109.494401] __x64_sys_exit_group+0x47/0x50 [ 109.494906] do_syscall_64+0x3b/0x90 [ 109.495330] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.495992] RIP: 0033:0x7f4b87518a4d [ 109.496492] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.497130] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.498001] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.498905] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.499662] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.500442] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.501418] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.502170] [ 109.502426] irq event stamp: 0 [ 109.502840] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.503652] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.504517] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.505506] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.506257] ---[ end trace 0000000000000000 ]--- [ 109.507481] ------------[ cut here ]------------ [ 109.508111] WARNING: CPU: 1 PID: 975 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.509150] Modules linked in: [ 109.509604] CPU: 1 PID: 975 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.510676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.512050] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.512594] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.514747] RSP: 0018:ffff8880159a7b78 EFLAGS: 00010246 [ 109.515325] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.516170] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 109.516981] RBP: ffff8880159a7b98 R08: ffffed10048c193e R09: ffffed10048c193e [ 109.517720] R10: ffff88802460c9ef R11: ffffed10048c193d R12: ffff88802460ca90 [ 109.518698] R13: ffff88802460c8a8 R14: ffffffffffffffff R15: ffff8880159a7c60 [ 109.519454] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.520408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.521104] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 109.521842] PKRU: 55555554 [ 109.522169] Call Trace: [ 109.522624] [ 109.522870] iommufd_ioas_destroy+0x53/0x70 [ 109.523338] iommufd_fops_release+0x1f7/0x370 [ 109.523811] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.524394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.525016] ? write_comp_data+0x2f/0x90 [ 109.525448] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.525975] __fput+0x26d/0xa40 [ 109.526365] ____fput+0x1e/0x30 [ 109.526950] task_work_run+0x1a4/0x2d0 [ 109.527378] ? __pfx_task_work_run+0x10/0x10 [ 109.527841] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.528354] ? switch_task_namespaces+0xa9/0xe0 [ 109.528849] do_exit+0xb17/0x2ef0 [ 109.529216] ? lock_acquire+0x427/0x4c0 [ 109.529705] ? __pfx_lock_release+0x10/0x10 [ 109.530284] ? __kasan_check_write+0x18/0x20 [ 109.530789] ? do_raw_spin_lock+0x132/0x2a0 [ 109.531256] ? __pfx_do_exit+0x10/0x10 [ 109.531674] ? debug_smp_processor_id+0x20/0x30 [ 109.532169] ? rcu_is_watching+0x19/0xb0 [ 109.532710] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.533330] ? trace_hardirqs_on+0x26/0x120 [ 109.533800] do_group_exit+0xe0/0x2b0 [ 109.534211] __x64_sys_exit_group+0x47/0x50 [ 109.534819] do_syscall_64+0x3b/0x90 [ 109.535320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.535881] RIP: 0033:0x7f4b87518a4d [ 109.536282] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.537061] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.537987] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.538765] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.539761] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.540513] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.541263] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.542226] [ 109.542475] irq event stamp: 0 [ 109.542836] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.543547] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.544548] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.545415] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.546251] ---[ end trace 0000000000000000 ]--- [ 109.552040] ------------[ cut here ]------------ [ 109.552584] WARNING: CPU: 1 PID: 976 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.553823] Modules linked in: [ 109.554157] CPU: 1 PID: 976 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.555228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.556492] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.557052] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.559149] RSP: 0018:ffff8880181d7bb8 EFLAGS: 00010246 [ 109.559927] RAX: 0000000000000000 RBX: ffff888015d2a8a8 RCX: 0000000000000000 [ 109.560671] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 109.561414] RBP: ffff8880181d7bd0 R08: ffffed1002ba5533 R09: ffffed1002ba5533 [ 109.562386] R10: ffff888015d2a993 R11: ffffed1002ba5532 R12: ffff888010e01000 [ 109.563187] R13: ffff888015d2a9e8 R14: ffffffff8352e670 R15: ffff8880181d7e68 [ 109.564036] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.565059] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.565673] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 109.566648] PKRU: 55555554 [ 109.566944] Call Trace: [ 109.567225] [ 109.567465] __iommufd_access_detach+0x1c2/0x2b0 [ 109.567978] iommufd_access_change_pt+0x149/0x270 [ 109.568695] iommufd_access_replace+0xb4/0x120 [ 109.569187] iommufd_test+0x3e5/0x37e0 [ 109.569591] ? lock_release+0x532/0x770 [ 109.570013] ? __might_fault+0x102/0x1b0 [ 109.570574] ? lock_acquire+0x427/0x4c0 [ 109.571070] ? __pfx_iommufd_test+0x10/0x10 [ 109.571526] ? __pfx_lock_release+0x10/0x10 [ 109.571985] ? __pfx_lock_acquire+0x10/0x10 [ 109.572495] ? write_comp_data+0x2f/0x90 [ 109.573051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.573568] ? write_comp_data+0x2f/0x90 [ 109.574005] iommufd_fops_ioctl+0x37d/0x510 [ 109.574487] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.575181] ? write_comp_data+0x2f/0x90 [ 109.575698] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.576212] __x64_sys_ioctl+0x1a3/0x230 [ 109.576741] do_syscall_64+0x3b/0x90 [ 109.577238] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.577787] RIP: 0033:0x7f4b8743ee5d [ 109.578174] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.580310] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.581310] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.582049] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.582834] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.583748] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.584491] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.585342] [ 109.585639] irq event stamp: 0 [ 109.585968] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.586644] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.587711] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.588575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.589296] ---[ end trace 0000000000000000 ]--- [ 109.594463] ------------[ cut here ]------------ [ 109.595221] WARNING: CPU: 1 PID: 976 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.596262] Modules linked in: [ 109.596571] CPU: 1 PID: 976 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.597552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.598629] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.599244] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.601116] RSP: 0018:ffff8880181d7bd0 EFLAGS: 00010246 [ 109.601615] RAX: 0000000000000000 RBX: ffff888015d2a8a8 RCX: 0000000000000000 [ 109.602277] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 109.603138] RBP: ffff8880181d7be8 R08: ffffed1002ba5533 R09: ffffed1002ba5533 [ 109.603805] R10: ffff888015d2a993 R11: ffffed1002ba5532 R12: ffff888013b23400 [ 109.604553] R13: ffff888015d2a9e8 R14: ffff888014b9f200 R15: 0000000000000000 [ 109.605310] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.606058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.606788] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 109.607455] PKRU: 55555554 [ 109.607722] Call Trace: [ 109.607966] [ 109.608178] iommufd_access_destroy_object+0x65/0x170 [ 109.608823] iommufd_object_destroy_user+0x18e/0x220 [ 109.609301] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.609849] iommufd_access_destroy+0x43/0x70 [ 109.610446] iommufd_test_staccess_release+0x8d/0xd0 [ 109.610950] __fput+0x26d/0xa40 [ 109.611289] ____fput+0x1e/0x30 [ 109.611610] task_work_run+0x1a4/0x2d0 [ 109.612004] ? __pfx_task_work_run+0x10/0x10 [ 109.612562] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.613030] ? switch_task_namespaces+0xa9/0xe0 [ 109.613482] do_exit+0xb17/0x2ef0 [ 109.613849] ? lock_acquire+0x427/0x4c0 [ 109.614357] ? __pfx_lock_release+0x10/0x10 [ 109.614804] ? __kasan_check_write+0x18/0x20 [ 109.615251] ? do_raw_spin_lock+0x132/0x2a0 [ 109.615663] ? __pfx_do_exit+0x10/0x10 [ 109.616176] ? debug_smp_processor_id+0x20/0x30 [ 109.616627] ? rcu_is_watching+0x19/0xb0 [ 109.617026] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.617468] ? trace_hardirqs_on+0x26/0x120 [ 109.617980] do_group_exit+0xe0/0x2b0 [ 109.618413] __x64_sys_exit_group+0x47/0x50 [ 109.618844] do_syscall_64+0x3b/0x90 [ 109.619212] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.619773] RIP: 0033:0x7f4b87518a4d [ 109.620198] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.620785] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.621518] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.622311] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.622997] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.623767] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.624472] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.625126] [ 109.625385] irq event stamp: 0 [ 109.625788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.626360] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.627145] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.628018] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.628589] ---[ end trace 0000000000000000 ]--- [ 109.631239] ------------[ cut here ]------------ [ 109.631672] WARNING: CPU: 1 PID: 976 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.632473] Modules linked in: [ 109.632887] CPU: 1 PID: 976 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.633671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.634893] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.635370] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.637163] RSP: 0018:ffff8880181d7b78 EFLAGS: 00010246 [ 109.637652] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.638356] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 109.639087] RBP: ffff8880181d7b98 R08: ffffed1002ba553e R09: ffffed1002ba553e [ 109.639747] R10: ffff888015d2a9ef R11: ffffed1002ba553d R12: ffff888015d2aa90 [ 109.640537] R13: ffff888015d2a8a8 R14: ffffffffffffffff R15: ffff8880181d7c60 [ 109.641178] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.641937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.642588] CR2: 00007f82e2fa8000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 109.643241] PKRU: 55555554 [ 109.643507] Call Trace: [ 109.643760] [ 109.644043] iommufd_ioas_destroy+0x53/0x70 [ 109.644533] iommufd_fops_release+0x1f7/0x370 [ 109.644962] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.645426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.646036] ? write_comp_data+0x2f/0x90 [ 109.646422] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.646900] __fput+0x26d/0xa40 [ 109.647246] ____fput+0x1e/0x30 [ 109.647609] task_work_run+0x1a4/0x2d0 [ 109.648063] ? __pfx_task_work_run+0x10/0x10 [ 109.648473] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.648935] ? switch_task_namespaces+0xa9/0xe0 [ 109.649415] do_exit+0xb17/0x2ef0 [ 109.649848] ? lock_acquire+0x427/0x4c0 [ 109.650222] ? __pfx_lock_release+0x10/0x10 [ 109.650641] ? __kasan_check_write+0x18/0x20 [ 109.651047] ? do_raw_spin_lock+0x132/0x2a0 [ 109.651591] ? __pfx_do_exit+0x10/0x10 [ 109.651965] ? debug_smp_processor_id+0x20/0x30 [ 109.652391] ? rcu_is_watching+0x19/0xb0 [ 109.652759] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.653237] ? trace_hardirqs_on+0x26/0x120 [ 109.653677] do_group_exit+0xe0/0x2b0 [ 109.654009] __x64_sys_exit_group+0x47/0x50 [ 109.654388] do_syscall_64+0x3b/0x90 [ 109.654737] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.655334] RIP: 0033:0x7f4b87518a4d [ 109.655658] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.656187] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.656977] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.657585] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.658198] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.658976] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.659597] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.660253] [ 109.660540] irq event stamp: 0 [ 109.660814] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.661429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.662293] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.663028] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.663578] ---[ end trace 0000000000000000 ]--- [ 109.670052] ------------[ cut here ]------------ [ 109.670487] WARNING: CPU: 1 PID: 977 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.671797] Modules linked in: [ 109.672081] CPU: 1 PID: 977 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.672823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.674191] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.674699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.676409] RSP: 0018:ffff888014627bb8 EFLAGS: 00010246 [ 109.677007] RAX: 0000000000000000 RBX: ffff88800a7810a8 RCX: 0000000000000000 [ 109.677618] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 109.678262] RBP: ffff888014627bd0 R08: ffffed10014f0233 R09: ffffed10014f0233 [ 109.678988] R10: ffff88800a781193 R11: ffffed10014f0232 R12: ffff8880129c4800 [ 109.679617] R13: ffff88800a7811e8 R14: ffffffff8352e670 R15: ffff888014627e68 [ 109.680306] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.681054] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.681560] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 109.682264] PKRU: 55555554 [ 109.682603] Call Trace: [ 109.682829] [ 109.683029] __iommufd_access_detach+0x1c2/0x2b0 [ 109.683471] iommufd_access_change_pt+0x149/0x270 [ 109.683968] iommufd_access_replace+0xb4/0x120 [ 109.684450] iommufd_test+0x3e5/0x37e0 [ 109.684791] ? lock_release+0x532/0x770 [ 109.685154] ? __might_fault+0x102/0x1b0 [ 109.685517] ? lock_acquire+0x427/0x4c0 [ 109.686004] ? __pfx_iommufd_test+0x10/0x10 [ 109.686382] ? __pfx_lock_release+0x10/0x10 [ 109.686788] ? __pfx_lock_acquire+0x10/0x10 [ 109.687185] ? write_comp_data+0x2f/0x90 [ 109.687629] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.688131] ? write_comp_data+0x2f/0x90 [ 109.688498] iommufd_fops_ioctl+0x37d/0x510 [ 109.688878] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.689382] ? write_comp_data+0x2f/0x90 [ 109.689814] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.690240] __x64_sys_ioctl+0x1a3/0x230 [ 109.690630] do_syscall_64+0x3b/0x90 [ 109.690970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.691586] RIP: 0033:0x7f4b8743ee5d [ 109.691923] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.693643] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.694302] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.695063] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.695680] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.696296] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.697070] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.697689] [ 109.697893] irq event stamp: 0 [ 109.698164] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.698885] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.699633] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.700440] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.701044] ---[ end trace 0000000000000000 ]--- [ 109.705667] ------------[ cut here ]------------ [ 109.706207] WARNING: CPU: 1 PID: 977 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.707149] Modules linked in: [ 109.707449] CPU: 1 PID: 977 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.708312] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.709368] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.709866] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.711608] RSP: 0018:ffff888014627bd0 EFLAGS: 00010246 [ 109.712067] RAX: 0000000000000000 RBX: ffff88800a7810a8 RCX: 0000000000000000 [ 109.712685] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 109.713440] RBP: ffff888014627be8 R08: ffffed10014f0233 R09: ffffed10014f0233 [ 109.714043] R10: ffff88800a781193 R11: ffffed10014f0232 R12: ffff888010e01400 [ 109.714737] R13: ffff88800a7811e8 R14: ffff88800fcf6400 R15: 0000000000000000 [ 109.715426] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.716111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.716746] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 109.717357] PKRU: 55555554 [ 109.717602] Call Trace: [ 109.717823] [ 109.718037] iommufd_access_destroy_object+0x65/0x170 [ 109.718618] iommufd_object_destroy_user+0x18e/0x220 [ 109.719065] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.719576] iommufd_access_destroy+0x43/0x70 [ 109.720048] iommufd_test_staccess_release+0x8d/0xd0 [ 109.720595] __fput+0x26d/0xa40 [ 109.720898] ____fput+0x1e/0x30 [ 109.721193] task_work_run+0x1a4/0x2d0 [ 109.721538] ? __pfx_task_work_run+0x10/0x10 [ 109.722000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.722530] ? switch_task_namespaces+0xa9/0xe0 [ 109.722941] do_exit+0xb17/0x2ef0 [ 109.723246] ? lock_acquire+0x427/0x4c0 [ 109.723667] ? __pfx_lock_release+0x10/0x10 [ 109.724133] ? __kasan_check_write+0x18/0x20 [ 109.724518] ? do_raw_spin_lock+0x132/0x2a0 [ 109.724890] ? __pfx_do_exit+0x10/0x10 [ 109.725251] ? debug_smp_processor_id+0x20/0x30 [ 109.725775] ? rcu_is_watching+0x19/0xb0 [ 109.726133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.726549] ? trace_hardirqs_on+0x26/0x120 [ 109.726928] do_group_exit+0xe0/0x2b0 [ 109.727339] __x64_sys_exit_group+0x47/0x50 [ 109.727715] do_syscall_64+0x3b/0x90 [ 109.728044] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.728504] RIP: 0033:0x7f4b87518a4d [ 109.728831] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.729354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.730006] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.730638] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.731251] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.731858] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.732470] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.733086] [ 109.733288] irq event stamp: 0 [ 109.733556] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.734094] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.734829] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.735540] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.736068] ---[ end trace 0000000000000000 ]--- [ 109.736843] ------------[ cut here ]------------ [ 109.737263] WARNING: CPU: 0 PID: 977 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.738100] Modules linked in: [ 109.738364] CPU: 0 PID: 977 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.739158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.740091] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.740511] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.741989] RSP: 0018:ffff888014627b78 EFLAGS: 00010246 [ 109.742424] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.743027] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 109.743621] RBP: ffff888014627b98 R08: ffffed10014f023e R09: ffffed10014f023e [ 109.744200] R10: ffff88800a7811ef R11: ffffed10014f023d R12: ffff88800a781290 [ 109.744784] R13: ffff88800a7810a8 R14: ffffffffffffffff R15: ffff888014627c60 [ 109.745365] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.746023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.746526] CR2: 00007f82e2fb2000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 109.747122] PKRU: 55555554 [ 109.747355] Call Trace: [ 109.747566] [ 109.747753] iommufd_ioas_destroy+0x53/0x70 [ 109.748113] iommufd_fops_release+0x1f7/0x370 [ 109.748487] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.748900] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.749308] ? write_comp_data+0x2f/0x90 [ 109.749652] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.750062] __fput+0x26d/0xa40 [ 109.750353] ____fput+0x1e/0x30 [ 109.750653] task_work_run+0x1a4/0x2d0 [ 109.750984] ? __pfx_task_work_run+0x10/0x10 [ 109.751361] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.751767] ? switch_task_namespaces+0xa9/0xe0 [ 109.752161] do_exit+0xb17/0x2ef0 [ 109.752444] ? lock_acquire+0x427/0x4c0 [ 109.752773] ? __pfx_lock_release+0x10/0x10 [ 109.753131] ? __kasan_check_write+0x18/0x20 [ 109.753497] ? do_raw_spin_lock+0x132/0x2a0 [ 109.753852] ? __pfx_do_exit+0x10/0x10 [ 109.754185] ? debug_smp_processor_id+0x20/0x30 [ 109.754596] ? rcu_is_watching+0x19/0xb0 [ 109.754936] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.755328] ? trace_hardirqs_on+0x26/0x120 [ 109.755693] do_group_exit+0xe0/0x2b0 [ 109.756007] __x64_sys_exit_group+0x47/0x50 [ 109.756362] do_syscall_64+0x3b/0x90 [ 109.756679] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.757117] RIP: 0033:0x7f4b87518a4d [ 109.757427] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.757928] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.758568] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.759170] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.759753] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.760334] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.760918] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.761511] [ 109.761706] irq event stamp: 0 [ 109.761966] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.762491] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.763226] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.763916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.764429] ---[ end trace 0000000000000000 ]--- [ 109.768643] ------------[ cut here ]------------ [ 109.769068] WARNING: CPU: 0 PID: 978 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.769888] Modules linked in: [ 109.770150] CPU: 0 PID: 978 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.770877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.771799] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.772202] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.773666] RSP: 0018:ffff888023f47bb8 EFLAGS: 00010246 [ 109.774099] RAX: 0000000000000000 RBX: ffff88802441a8a8 RCX: 0000000000000000 [ 109.774691] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 109.775291] RBP: ffff888023f47bd0 R08: ffffed1004883533 R09: ffffed1004883533 [ 109.775872] R10: ffff88802441a993 R11: ffffed1004883532 R12: ffff888014392800 [ 109.776456] R13: ffff88802441a9e8 R14: ffffffff8352e670 R15: ffff888023f47e68 [ 109.777036] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.777695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.778168] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ef0 [ 109.778763] PKRU: 55555554 [ 109.778996] Call Trace: [ 109.779214] [ 109.779400] __iommufd_access_detach+0x1c2/0x2b0 [ 109.779805] iommufd_access_change_pt+0x149/0x270 [ 109.780214] iommufd_access_replace+0xb4/0x120 [ 109.780598] iommufd_test+0x3e5/0x37e0 [ 109.780914] ? lock_release+0x532/0x770 [ 109.781251] ? __might_fault+0x102/0x1b0 [ 109.781591] ? lock_acquire+0x427/0x4c0 [ 109.781930] ? __pfx_iommufd_test+0x10/0x10 [ 109.782274] ? __pfx_lock_release+0x10/0x10 [ 109.782641] ? __pfx_lock_acquire+0x10/0x10 [ 109.782996] ? write_comp_data+0x2f/0x90 [ 109.783334] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.783716] ? write_comp_data+0x2f/0x90 [ 109.784043] iommufd_fops_ioctl+0x37d/0x510 [ 109.784393] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.784784] ? write_comp_data+0x2f/0x90 [ 109.785119] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.785502] __x64_sys_ioctl+0x1a3/0x230 [ 109.785833] do_syscall_64+0x3b/0x90 [ 109.786139] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.786580] RIP: 0033:0x7f4b8743ee5d [ 109.786877] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.788310] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.788903] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.789455] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.790011] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.790587] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.791152] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.791715] [ 109.791901] irq event stamp: 0 [ 109.792153] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.792643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.793297] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.793949] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.794444] ---[ end trace 0000000000000000 ]--- [ 109.797272] ------------[ cut here ]------------ [ 109.797667] WARNING: CPU: 0 PID: 978 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.798440] Modules linked in: [ 109.798723] CPU: 0 PID: 978 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.799412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.800285] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.800676] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.802095] RSP: 0018:ffff888023f47bd0 EFLAGS: 00010246 [ 109.802536] RAX: 0000000000000000 RBX: ffff88802441a8a8 RCX: 0000000000000000 [ 109.803093] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 109.803653] RBP: ffff888023f47be8 R08: ffffed1004883533 R09: ffffed1004883533 [ 109.804209] R10: ffff88802441a993 R11: ffffed1004883532 R12: ffff8880188db000 [ 109.804766] R13: ffff88802441a9e8 R14: ffff888020f60100 R15: 0000000000000000 [ 109.805322] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.805948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.806404] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.806991] PKRU: 55555554 [ 109.807229] Call Trace: [ 109.807433] [ 109.807613] iommufd_access_destroy_object+0x65/0x170 [ 109.808027] iommufd_object_destroy_user+0x18e/0x220 [ 109.808432] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.808897] iommufd_access_destroy+0x43/0x70 [ 109.809261] iommufd_test_staccess_release+0x8d/0xd0 [ 109.809669] __fput+0x26d/0xa40 [ 109.809947] ____fput+0x1e/0x30 [ 109.810223] task_work_run+0x1a4/0x2d0 [ 109.810566] ? __pfx_task_work_run+0x10/0x10 [ 109.810920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.811318] ? switch_task_namespaces+0xa9/0xe0 [ 109.811699] do_exit+0xb17/0x2ef0 [ 109.811975] ? lock_acquire+0x427/0x4c0 [ 109.812300] ? __pfx_lock_release+0x10/0x10 [ 109.812649] ? __kasan_check_write+0x18/0x20 [ 109.813002] ? do_raw_spin_lock+0x132/0x2a0 [ 109.813345] ? __pfx_do_exit+0x10/0x10 [ 109.813664] ? debug_smp_processor_id+0x20/0x30 [ 109.814034] ? rcu_is_watching+0x19/0xb0 [ 109.814357] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.814740] ? trace_hardirqs_on+0x26/0x120 [ 109.815087] do_group_exit+0xe0/0x2b0 [ 109.815401] __x64_sys_exit_group+0x47/0x50 [ 109.815742] do_syscall_64+0x3b/0x90 [ 109.816037] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.816443] RIP: 0033:0x7f4b87518a4d [ 109.816732] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.817207] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.817795] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.818344] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.818926] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.819490] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.820042] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.820598] [ 109.820782] irq event stamp: 0 [ 109.821026] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.821507] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.822148] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.822816] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.823312] ---[ end trace 0000000000000000 ]--- [ 109.824000] ------------[ cut here ]------------ [ 109.824360] WARNING: CPU: 0 PID: 978 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.825136] Modules linked in: [ 109.825387] CPU: 0 PID: 978 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.826052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.826944] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.827357] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.828749] RSP: 0018:ffff888023f47b78 EFLAGS: 00010246 [ 109.829163] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.829707] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 109.830259] RBP: ffff888023f47b98 R08: ffffed100488353e R09: ffffed100488353e [ 109.830833] R10: ffff88802441a9ef R11: ffffed100488353d R12: ffff88802441aa90 [ 109.831396] R13: ffff88802441a8a8 R14: ffffffffffffffff R15: ffff888023f47c60 [ 109.831944] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.832560] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.833003] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.833548] PKRU: 55555554 [ 109.833770] Call Trace: [ 109.833968] [ 109.834145] iommufd_ioas_destroy+0x53/0x70 [ 109.834486] iommufd_fops_release+0x1f7/0x370 [ 109.834864] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.835264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.835651] ? write_comp_data+0x2f/0x90 [ 109.835984] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.836381] __fput+0x26d/0xa40 [ 109.836652] ____fput+0x1e/0x30 [ 109.836920] task_work_run+0x1a4/0x2d0 [ 109.837232] ? __pfx_task_work_run+0x10/0x10 [ 109.837580] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.837962] ? switch_task_namespaces+0xa9/0xe0 [ 109.838333] do_exit+0xb17/0x2ef0 [ 109.838629] ? lock_acquire+0x427/0x4c0 [ 109.838955] ? __pfx_lock_release+0x10/0x10 [ 109.839314] ? __kasan_check_write+0x18/0x20 [ 109.839665] ? do_raw_spin_lock+0x132/0x2a0 [ 109.840005] ? __pfx_do_exit+0x10/0x10 [ 109.840317] ? debug_smp_processor_id+0x20/0x30 [ 109.840683] ? rcu_is_watching+0x19/0xb0 [ 109.841000] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.841355] ? trace_hardirqs_on+0x26/0x120 [ 109.841696] do_group_exit+0xe0/0x2b0 [ 109.841996] __x64_sys_exit_group+0x47/0x50 [ 109.842329] do_syscall_64+0x3b/0x90 [ 109.842651] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.843064] RIP: 0033:0x7f4b87518a4d [ 109.843364] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.843836] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.844422] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.844968] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.845511] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.846055] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.846622] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.847190] [ 109.847371] irq event stamp: 0 [ 109.847615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.848100] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.848742] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.849385] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.849870] ---[ end trace 0000000000000000 ]--- [ 109.854968] ------------[ cut here ]------------ [ 109.855411] WARNING: CPU: 0 PID: 979 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.856183] Modules linked in: [ 109.856431] CPU: 0 PID: 979 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.857091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.857952] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.858335] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.859987] RSP: 0018:ffff8880134b7bb8 EFLAGS: 00010246 [ 109.860403] RAX: 0000000000000000 RBX: ffff88800fc8d8a8 RCX: 0000000000000000 [ 109.860951] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 109.861498] RBP: ffff8880134b7bd0 R08: ffffed1001f91b33 R09: ffffed1001f91b33 [ 109.862041] R10: ffff88800fc8d993 R11: ffffed1001f91b32 R12: ffff8880144d5c00 [ 109.862600] R13: ffff88800fc8d9e8 R14: ffffffff8352e670 R15: ffff8880134b7e68 [ 109.863156] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.863771] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.864218] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ef0 [ 109.864763] PKRU: 55555554 [ 109.864984] Call Trace: [ 109.865181] [ 109.865357] __iommufd_access_detach+0x1c2/0x2b0 [ 109.865738] iommufd_access_change_pt+0x149/0x270 [ 109.866122] iommufd_access_replace+0xb4/0x120 [ 109.866486] iommufd_test+0x3e5/0x37e0 [ 109.866825] ? lock_release+0x532/0x770 [ 109.867155] ? __might_fault+0x102/0x1b0 [ 109.867479] ? lock_acquire+0x427/0x4c0 [ 109.867799] ? __pfx_iommufd_test+0x10/0x10 [ 109.868135] ? __pfx_lock_release+0x10/0x10 [ 109.868480] ? __pfx_lock_acquire+0x10/0x10 [ 109.868825] ? write_comp_data+0x2f/0x90 [ 109.869153] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.869534] ? write_comp_data+0x2f/0x90 [ 109.869860] iommufd_fops_ioctl+0x37d/0x510 [ 109.870198] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.870608] ? write_comp_data+0x2f/0x90 [ 109.870936] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.871339] __x64_sys_ioctl+0x1a3/0x230 [ 109.871666] do_syscall_64+0x3b/0x90 [ 109.871970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.872377] RIP: 0033:0x7f4b8743ee5d [ 109.872666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.874059] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.874669] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.875226] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.875776] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.876323] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.876870] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.877425] [ 109.877607] irq event stamp: 0 [ 109.877851] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.878335] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.879013] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.879670] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.880155] ---[ end trace 0000000000000000 ]--- [ 109.882956] ------------[ cut here ]------------ [ 109.883362] WARNING: CPU: 0 PID: 979 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.884135] Modules linked in: [ 109.884384] CPU: 0 PID: 979 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.885049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.885912] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.886296] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.887720] RSP: 0018:ffff8880134b7bd0 EFLAGS: 00010246 [ 109.888132] RAX: 0000000000000000 RBX: ffff88800fc8d8a8 RCX: 0000000000000000 [ 109.888679] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 109.889225] RBP: ffff8880134b7be8 R08: ffffed1001f91b33 R09: ffffed1001f91b33 [ 109.889768] R10: ffff88800fc8d993 R11: ffffed1001f91b32 R12: ffff888014393800 [ 109.890314] R13: ffff88800fc8d9e8 R14: ffff8880122e4e00 R15: 0000000000000000 [ 109.890878] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.891500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.891949] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.892498] PKRU: 55555554 [ 109.892718] Call Trace: [ 109.892916] [ 109.893095] iommufd_access_destroy_object+0x65/0x170 [ 109.893497] iommufd_object_destroy_user+0x18e/0x220 [ 109.893898] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.894348] iommufd_access_destroy+0x43/0x70 [ 109.894744] iommufd_test_staccess_release+0x8d/0xd0 [ 109.895158] __fput+0x26d/0xa40 [ 109.895430] ____fput+0x1e/0x30 [ 109.895693] task_work_run+0x1a4/0x2d0 [ 109.896005] ? __pfx_task_work_run+0x10/0x10 [ 109.896350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.896731] ? switch_task_namespaces+0xa9/0xe0 [ 109.897104] do_exit+0xb17/0x2ef0 [ 109.897374] ? lock_acquire+0x427/0x4c0 [ 109.897695] ? __pfx_lock_release+0x10/0x10 [ 109.898033] ? __kasan_check_write+0x18/0x20 [ 109.898376] ? do_raw_spin_lock+0x132/0x2a0 [ 109.898732] ? __pfx_do_exit+0x10/0x10 [ 109.899044] ? debug_smp_processor_id+0x20/0x30 [ 109.899415] ? rcu_is_watching+0x19/0xb0 [ 109.899738] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.900097] ? trace_hardirqs_on+0x26/0x120 [ 109.900439] do_group_exit+0xe0/0x2b0 [ 109.900739] __x64_sys_exit_group+0x47/0x50 [ 109.901075] do_syscall_64+0x3b/0x90 [ 109.901370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.901775] RIP: 0033:0x7f4b87518a4d [ 109.902076] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.902579] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.903176] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.903723] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.904269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.904815] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.905358] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.905914] [ 109.906095] irq event stamp: 0 [ 109.906337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.906841] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.907487] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.908130] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.908613] ---[ end trace 0000000000000000 ]--- [ 109.909326] ------------[ cut here ]------------ [ 109.909689] WARNING: CPU: 0 PID: 979 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.910469] Modules linked in: [ 109.910771] CPU: 0 PID: 979 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.911449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.912310] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.912709] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.914104] RSP: 0018:ffff8880134b7b78 EFLAGS: 00010246 [ 109.914557] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.915105] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 109.915657] RBP: ffff8880134b7b98 R08: ffffed1001f91b3e R09: ffffed1001f91b3e [ 109.916199] R10: ffff88800fc8d9ef R11: ffffed1001f91b3d R12: ffff88800fc8da90 [ 109.916741] R13: ffff88800fc8d8a8 R14: ffffffffffffffff R15: ffff8880134b7c60 [ 109.917284] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 109.917900] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.918344] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 109.918920] PKRU: 55555554 [ 109.919146] Call Trace: [ 109.919346] [ 109.919523] iommufd_ioas_destroy+0x53/0x70 [ 109.919859] iommufd_fops_release+0x1f7/0x370 [ 109.920203] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.920583] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.920957] ? write_comp_data+0x2f/0x90 [ 109.921272] ? __pfx_iommufd_fops_release+0x10/0x10 [ 109.921653] __fput+0x26d/0xa40 [ 109.921920] ____fput+0x1e/0x30 [ 109.922181] task_work_run+0x1a4/0x2d0 [ 109.922485] ? __pfx_task_work_run+0x10/0x10 [ 109.922848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.923234] ? switch_task_namespaces+0xa9/0xe0 [ 109.923606] do_exit+0xb17/0x2ef0 [ 109.923873] ? lock_acquire+0x427/0x4c0 [ 109.924182] ? __pfx_lock_release+0x10/0x10 [ 109.924516] ? __kasan_check_write+0x18/0x20 [ 109.924855] ? do_raw_spin_lock+0x132/0x2a0 [ 109.925185] ? __pfx_do_exit+0x10/0x10 [ 109.925488] ? debug_smp_processor_id+0x20/0x30 [ 109.925845] ? rcu_is_watching+0x19/0xb0 [ 109.926155] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.926532] ? trace_hardirqs_on+0x26/0x120 [ 109.926866] do_group_exit+0xe0/0x2b0 [ 109.927171] __x64_sys_exit_group+0x47/0x50 [ 109.927499] do_syscall_64+0x3b/0x90 [ 109.927789] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.928189] RIP: 0033:0x7f4b87518a4d [ 109.928471] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.928932] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.929507] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.930041] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.930595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.931142] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.931677] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.932221] [ 109.932400] irq event stamp: 0 [ 109.932637] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.933112] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.933744] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.934370] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.934860] ---[ end trace 0000000000000000 ]--- [ 109.940391] ------------[ cut here ]------------ [ 109.940959] WARNING: CPU: 1 PID: 980 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.942046] Modules linked in: [ 109.942400] CPU: 1 PID: 980 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.943656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.944504] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.944886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.946233] RSP: 0018:ffff888023f47bb8 EFLAGS: 00010246 [ 109.946644] RAX: 0000000000000000 RBX: ffff88800e9410a8 RCX: 0000000000000000 [ 109.947188] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 109.947715] RBP: ffff888023f47bd0 R08: ffffed1001d28233 R09: ffffed1001d28233 [ 109.948243] R10: ffff88800e941193 R11: ffffed1001d28232 R12: ffff888013c04000 [ 109.948769] R13: ffff88800e9411e8 R14: ffffffff8352e670 R15: ffff888023f47e68 [ 109.949299] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.949897] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.950329] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 109.950885] PKRU: 55555554 [ 109.951106] Call Trace: [ 109.951306] [ 109.951477] __iommufd_access_detach+0x1c2/0x2b0 [ 109.951845] iommufd_access_change_pt+0x149/0x270 [ 109.952215] iommufd_access_replace+0xb4/0x120 [ 109.952567] iommufd_test+0x3e5/0x37e0 [ 109.952862] ? lock_release+0x532/0x770 [ 109.953169] ? __might_fault+0x102/0x1b0 [ 109.953480] ? lock_acquire+0x427/0x4c0 [ 109.953789] ? __pfx_iommufd_test+0x10/0x10 [ 109.954111] ? __pfx_lock_release+0x10/0x10 [ 109.954442] ? __pfx_lock_acquire+0x10/0x10 [ 109.954793] ? write_comp_data+0x2f/0x90 [ 109.955118] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.955484] ? write_comp_data+0x2f/0x90 [ 109.955795] iommufd_fops_ioctl+0x37d/0x510 [ 109.956122] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.956487] ? write_comp_data+0x2f/0x90 [ 109.956798] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 109.957156] __x64_sys_ioctl+0x1a3/0x230 [ 109.957468] do_syscall_64+0x3b/0x90 [ 109.957754] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.958142] RIP: 0033:0x7f4b8743ee5d [ 109.958417] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 109.959783] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 109.960342] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 109.960864] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 109.961384] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 109.961904] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 109.962426] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 109.962978] [ 109.963170] irq event stamp: 0 [ 109.963403] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.963866] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.964486] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.965103] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.965565] ---[ end trace 0000000000000000 ]--- [ 109.968331] ------------[ cut here ]------------ [ 109.968711] WARNING: CPU: 1 PID: 980 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 109.969447] Modules linked in: [ 109.969684] CPU: 1 PID: 980 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.970316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.971177] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 109.971543] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 109.972867] RSP: 0018:ffff888023f47bd0 EFLAGS: 00010246 [ 109.973256] RAX: 0000000000000000 RBX: ffff88800e9410a8 RCX: 0000000000000000 [ 109.973773] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 109.974293] RBP: ffff888023f47be8 R08: ffffed1001d28233 R09: ffffed1001d28233 [ 109.974828] R10: ffff88800e941193 R11: ffffed1001d28232 R12: ffff8880129c6400 [ 109.975356] R13: ffff88800e9411e8 R14: ffff8880178e1400 R15: 0000000000000000 [ 109.975882] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 109.976470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.976896] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 109.977417] PKRU: 55555554 [ 109.977627] Call Trace: [ 109.977816] [ 109.977987] iommufd_access_destroy_object+0x65/0x170 [ 109.978375] iommufd_object_destroy_user+0x18e/0x220 [ 109.978786] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 109.979228] iommufd_access_destroy+0x43/0x70 [ 109.979569] iommufd_test_staccess_release+0x8d/0xd0 [ 109.979952] __fput+0x26d/0xa40 [ 109.980211] ____fput+0x1e/0x30 [ 109.980464] task_work_run+0x1a4/0x2d0 [ 109.980760] ? __pfx_task_work_run+0x10/0x10 [ 109.981092] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 109.981462] ? switch_task_namespaces+0xa9/0xe0 [ 109.981817] do_exit+0xb17/0x2ef0 [ 109.982074] ? lock_acquire+0x427/0x4c0 [ 109.982375] ? __pfx_lock_release+0x10/0x10 [ 109.982724] ? __kasan_check_write+0x18/0x20 [ 109.983059] ? do_raw_spin_lock+0x132/0x2a0 [ 109.983408] ? __pfx_do_exit+0x10/0x10 [ 109.983710] ? debug_smp_processor_id+0x20/0x30 [ 109.984061] ? rcu_is_watching+0x19/0xb0 [ 109.984362] ? _raw_spin_unlock_irq+0x2b/0x60 [ 109.984703] ? trace_hardirqs_on+0x26/0x120 [ 109.985034] do_group_exit+0xe0/0x2b0 [ 109.985318] __x64_sys_exit_group+0x47/0x50 [ 109.985637] do_syscall_64+0x3b/0x90 [ 109.985920] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 109.986306] RIP: 0033:0x7f4b87518a4d [ 109.986602] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 109.987053] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 109.987624] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 109.988151] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 109.988676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 109.989201] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 109.989727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 109.990269] [ 109.990439] irq event stamp: 0 [ 109.990682] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 109.991114] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 109.991729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 109.992339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 109.992807] ---[ end trace 0000000000000000 ]--- [ 109.993480] ------------[ cut here ]------------ [ 109.993843] WARNING: CPU: 1 PID: 980 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 109.994655] Modules linked in: [ 109.994909] CPU: 1 PID: 980 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 109.995574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 109.996427] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 109.996818] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 109.998173] RSP: 0018:ffff888023f47b78 EFLAGS: 00010246 [ 109.998609] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 109.999160] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 109.999695] RBP: ffff888023f47b98 R08: ffffed1001d2823e R09: ffffed1001d2823e [ 110.000230] R10: ffff88800e9411ef R11: ffffed1001d2823d R12: ffff88800e941290 [ 110.000759] R13: ffff88800e9410a8 R14: ffffffffffffffff R15: ffff888023f47c60 [ 110.001290] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.001883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.002314] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.002875] PKRU: 55555554 [ 110.003095] Call Trace: [ 110.003297] [ 110.003471] iommufd_ioas_destroy+0x53/0x70 [ 110.003810] iommufd_fops_release+0x1f7/0x370 [ 110.004159] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.004538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.004922] ? write_comp_data+0x2f/0x90 [ 110.005239] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.005621] __fput+0x26d/0xa40 [ 110.005887] ____fput+0x1e/0x30 [ 110.006146] task_work_run+0x1a4/0x2d0 [ 110.006449] ? __pfx_task_work_run+0x10/0x10 [ 110.006821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.007210] ? switch_task_namespaces+0xa9/0xe0 [ 110.007575] do_exit+0xb17/0x2ef0 [ 110.007844] ? lock_acquire+0x427/0x4c0 [ 110.008160] ? __pfx_lock_release+0x10/0x10 [ 110.008499] ? __kasan_check_write+0x18/0x20 [ 110.008841] ? do_raw_spin_lock+0x132/0x2a0 [ 110.009172] ? __pfx_do_exit+0x10/0x10 [ 110.009478] ? debug_smp_processor_id+0x20/0x30 [ 110.009837] ? rcu_is_watching+0x19/0xb0 [ 110.010152] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.010532] ? trace_hardirqs_on+0x26/0x120 [ 110.010870] do_group_exit+0xe0/0x2b0 [ 110.011176] __x64_sys_exit_group+0x47/0x50 [ 110.011509] do_syscall_64+0x3b/0x90 [ 110.011807] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.012212] RIP: 0033:0x7f4b87518a4d [ 110.012499] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.012984] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.013558] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.014098] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.014661] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.015209] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.015746] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.016290] [ 110.016467] irq event stamp: 0 [ 110.016704] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.017183] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.017809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.018432] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.018929] ---[ end trace 0000000000000000 ]--- [ 110.023156] ------------[ cut here ]------------ [ 110.023557] WARNING: CPU: 1 PID: 981 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.024319] Modules linked in: [ 110.024564] CPU: 1 PID: 981 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.025227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.026078] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.026455] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.027992] RSP: 0018:ffff8880134b7bb8 EFLAGS: 00010246 [ 110.028397] RAX: 0000000000000000 RBX: ffff88801445d0a8 RCX: 0000000000000000 [ 110.028927] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 110.029455] RBP: ffff8880134b7bd0 R08: ffffed100288ba33 R09: ffffed100288ba33 [ 110.029983] R10: ffff88801445d193 R11: ffffed100288ba32 R12: ffff888013e9ac00 [ 110.030524] R13: ffff88801445d1e8 R14: ffffffff8352e670 R15: ffff8880134b7e68 [ 110.031056] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.031646] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.032064] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 110.032582] PKRU: 55555554 [ 110.032790] Call Trace: [ 110.032977] [ 110.033143] __iommufd_access_detach+0x1c2/0x2b0 [ 110.033500] iommufd_access_change_pt+0x149/0x270 [ 110.033865] iommufd_access_replace+0xb4/0x120 [ 110.034210] iommufd_test+0x3e5/0x37e0 [ 110.034496] ? lock_release+0x532/0x770 [ 110.034815] ? __might_fault+0x102/0x1b0 [ 110.035125] ? lock_acquire+0x427/0x4c0 [ 110.035427] ? __pfx_iommufd_test+0x10/0x10 [ 110.035743] ? __pfx_lock_release+0x10/0x10 [ 110.036067] ? __pfx_lock_acquire+0x10/0x10 [ 110.036394] ? write_comp_data+0x2f/0x90 [ 110.036702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.037065] ? write_comp_data+0x2f/0x90 [ 110.037370] iommufd_fops_ioctl+0x37d/0x510 [ 110.037685] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.038041] ? write_comp_data+0x2f/0x90 [ 110.038347] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.038715] __x64_sys_ioctl+0x1a3/0x230 [ 110.039023] do_syscall_64+0x3b/0x90 [ 110.039312] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.039694] RIP: 0033:0x7f4b8743ee5d [ 110.039968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.041250] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.041788] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.042287] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.042797] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.043297] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.043791] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.044289] [ 110.044451] irq event stamp: 0 [ 110.044670] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.045106] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.045693] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.046277] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.046727] ---[ end trace 0000000000000000 ]--- [ 110.049153] ------------[ cut here ]------------ [ 110.049483] WARNING: CPU: 1 PID: 981 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.050178] Modules linked in: [ 110.050400] CPU: 1 PID: 981 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.051029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.051799] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.052138] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.053372] RSP: 0018:ffff8880134b7bd0 EFLAGS: 00010246 [ 110.053727] RAX: 0000000000000000 RBX: ffff88801445d0a8 RCX: 0000000000000000 [ 110.054204] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 110.054692] RBP: ffff8880134b7be8 R08: ffffed100288ba33 R09: ffffed100288ba33 [ 110.055173] R10: ffff88801445d193 R11: ffffed100288ba32 R12: ffff888013404800 [ 110.055648] R13: ffff88801445d1e8 R14: ffff888020e8b400 R15: 0000000000000000 [ 110.056124] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.056659] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.057048] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.057524] PKRU: 55555554 [ 110.057713] Call Trace: [ 110.057884] [ 110.058038] iommufd_access_destroy_object+0x65/0x170 [ 110.058386] iommufd_object_destroy_user+0x18e/0x220 [ 110.058741] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.059151] iommufd_access_destroy+0x43/0x70 [ 110.059465] iommufd_test_staccess_release+0x8d/0xd0 [ 110.059814] __fput+0x26d/0xa40 [ 110.060050] ____fput+0x1e/0x30 [ 110.060280] task_work_run+0x1a4/0x2d0 [ 110.060550] ? __pfx_task_work_run+0x10/0x10 [ 110.060851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.061184] ? switch_task_namespaces+0xa9/0xe0 [ 110.061506] do_exit+0xb17/0x2ef0 [ 110.061740] ? lock_acquire+0x427/0x4c0 [ 110.062015] ? __pfx_lock_release+0x10/0x10 [ 110.062310] ? __kasan_check_write+0x18/0x20 [ 110.062624] ? do_raw_spin_lock+0x132/0x2a0 [ 110.062916] ? __pfx_do_exit+0x10/0x10 [ 110.063188] ? debug_smp_processor_id+0x20/0x30 [ 110.063504] ? rcu_is_watching+0x19/0xb0 [ 110.063780] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.064086] ? trace_hardirqs_on+0x26/0x120 [ 110.064378] do_group_exit+0xe0/0x2b0 [ 110.064633] __x64_sys_exit_group+0x47/0x50 [ 110.064919] do_syscall_64+0x3b/0x90 [ 110.065179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.065528] RIP: 0033:0x7f4b87518a4d [ 110.065775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.066180] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.066689] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.067169] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.067639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.068110] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.068580] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.069056] [ 110.069210] irq event stamp: 0 [ 110.069420] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.069831] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.070371] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.070920] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.071336] ---[ end trace 0000000000000000 ]--- [ 110.071907] ------------[ cut here ]------------ [ 110.072210] WARNING: CPU: 1 PID: 981 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.072857] Modules linked in: [ 110.073063] CPU: 1 PID: 981 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.073618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.074338] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.074684] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.075859] RSP: 0018:ffff8880134b7b78 EFLAGS: 00010246 [ 110.076202] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.076651] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 110.077101] RBP: ffff8880134b7b98 R08: ffffed100288ba3e R09: ffffed100288ba3e [ 110.077552] R10: ffff88801445d1ef R11: ffffed100288ba3d R12: ffff88801445d290 [ 110.078004] R13: ffff88801445d0a8 R14: ffffffffffffffff R15: ffff8880134b7c60 [ 110.078455] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.079148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.079519] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.079971] PKRU: 55555554 [ 110.080153] Call Trace: [ 110.080317] [ 110.080463] iommufd_ioas_destroy+0x53/0x70 [ 110.080741] iommufd_fops_release+0x1f7/0x370 [ 110.081035] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.081357] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.081672] ? write_comp_data+0x2f/0x90 [ 110.081940] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.082260] __fput+0x26d/0xa40 [ 110.082482] ____fput+0x1e/0x30 [ 110.082711] task_work_run+0x1a4/0x2d0 [ 110.082968] ? __pfx_task_work_run+0x10/0x10 [ 110.083260] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.083576] ? switch_task_namespaces+0xa9/0xe0 [ 110.083883] do_exit+0xb17/0x2ef0 [ 110.084108] ? lock_acquire+0x427/0x4c0 [ 110.084370] ? __pfx_lock_release+0x10/0x10 [ 110.084652] ? __kasan_check_write+0x18/0x20 [ 110.084937] ? do_raw_spin_lock+0x132/0x2a0 [ 110.085214] ? __pfx_do_exit+0x10/0x10 [ 110.085470] ? debug_smp_processor_id+0x20/0x30 [ 110.085768] ? rcu_is_watching+0x19/0xb0 [ 110.086031] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.086324] ? trace_hardirqs_on+0x26/0x120 [ 110.086613] do_group_exit+0xe0/0x2b0 [ 110.086859] __x64_sys_exit_group+0x47/0x50 [ 110.087143] do_syscall_64+0x3b/0x90 [ 110.087385] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.087715] RIP: 0033:0x7f4b87518a4d [ 110.087948] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.088333] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.088806] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.089248] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.089685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.090121] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.090568] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.091016] [ 110.091171] irq event stamp: 0 [ 110.091368] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.091756] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.092269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.092782] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.093168] ---[ end trace 0000000000000000 ]--- [ 110.096193] ------------[ cut here ]------------ [ 110.096501] WARNING: CPU: 1 PID: 982 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.097117] Modules linked in: [ 110.097308] CPU: 1 PID: 982 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.097838] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.098671] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.098978] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.100107] RSP: 0018:ffff888016f5fbb8 EFLAGS: 00010246 [ 110.100435] RAX: 0000000000000000 RBX: ffff888015b600a8 RCX: 0000000000000000 [ 110.100875] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 110.101313] RBP: ffff888016f5fbd0 R08: ffffed1002b6c033 R09: ffffed1002b6c033 [ 110.101752] R10: ffff888015b60193 R11: ffffed1002b6c032 R12: ffff888013b07400 [ 110.102193] R13: ffff888015b601e8 R14: ffffffff8352e670 R15: ffff888016f5fe68 [ 110.102642] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.103142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.103506] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 110.103944] PKRU: 55555554 [ 110.104119] Call Trace: [ 110.104278] [ 110.104418] __iommufd_access_detach+0x1c2/0x2b0 [ 110.104719] iommufd_access_change_pt+0x149/0x270 [ 110.105028] iommufd_access_replace+0xb4/0x120 [ 110.105322] iommufd_test+0x3e5/0x37e0 [ 110.105565] ? lock_release+0x532/0x770 [ 110.105821] ? __might_fault+0x102/0x1b0 [ 110.106085] ? lock_acquire+0x427/0x4c0 [ 110.106339] ? __pfx_iommufd_test+0x10/0x10 [ 110.106618] ? __pfx_lock_release+0x10/0x10 [ 110.106897] ? __pfx_lock_acquire+0x10/0x10 [ 110.107179] ? write_comp_data+0x2f/0x90 [ 110.107441] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.107745] ? write_comp_data+0x2f/0x90 [ 110.108003] iommufd_fops_ioctl+0x37d/0x510 [ 110.108273] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.108577] ? write_comp_data+0x2f/0x90 [ 110.108838] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.109139] __x64_sys_ioctl+0x1a3/0x230 [ 110.109396] do_syscall_64+0x3b/0x90 [ 110.109632] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.109954] RIP: 0033:0x7f4b8743ee5d [ 110.110184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.111290] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.111745] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.112171] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.112596] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.113023] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.113448] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.113880] [ 110.114020] irq event stamp: 0 [ 110.114211] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.114599] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.114743] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 110.115100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.116379] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 110.116851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.118091] ---[ end trace 0000000000000000 ]--- [ 110.120262] ------------[ cut here ]------------ [ 110.120550] WARNING: CPU: 1 PID: 982 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.121150] Modules linked in: [ 110.121343] CPU: 1 PID: 982 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.121861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.122544] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.122842] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.123943] RSP: 0018:ffff888016f5fbd0 EFLAGS: 00010246 [ 110.124261] RAX: 0000000000000000 RBX: ffff888015b600a8 RCX: 0000000000000000 [ 110.124686] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 110.125110] RBP: ffff888016f5fbe8 R08: ffffed1002b6c033 R09: ffffed1002b6c033 [ 110.125536] R10: ffff888015b60193 R11: ffffed1002b6c032 R12: ffff888013e9a000 [ 110.125961] R13: ffff888015b601e8 R14: ffff888010aa6e00 R15: 0000000000000000 [ 110.126385] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.126882] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.127236] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.127668] PKRU: 55555554 [ 110.127838] Call Trace: [ 110.127995] [ 110.128132] iommufd_access_destroy_object+0x65/0x170 [ 110.128445] iommufd_object_destroy_user+0x18e/0x220 [ 110.128755] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.129108] iommufd_access_destroy+0x43/0x70 [ 110.129386] iommufd_test_staccess_release+0x8d/0xd0 [ 110.129699] __fput+0x26d/0xa40 [ 110.129912] ____fput+0x1e/0x30 [ 110.130120] task_work_run+0x1a4/0x2d0 [ 110.130362] ? __pfx_task_work_run+0x10/0x10 [ 110.130643] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.130941] ? switch_task_namespaces+0xa9/0xe0 [ 110.131239] do_exit+0xb17/0x2ef0 [ 110.131450] ? lock_acquire+0x427/0x4c0 [ 110.131698] ? __pfx_lock_release+0x10/0x10 [ 110.131964] ? __kasan_check_write+0x18/0x20 [ 110.132232] ? do_raw_spin_lock+0x132/0x2a0 [ 110.132494] ? __pfx_do_exit+0x10/0x10 [ 110.132736] ? debug_smp_processor_id+0x20/0x30 [ 110.133021] ? rcu_is_watching+0x19/0xb0 [ 110.133268] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.133546] ? trace_hardirqs_on+0x26/0x120 [ 110.133811] do_group_exit+0xe0/0x2b0 [ 110.134043] __x64_sys_exit_group+0x47/0x50 [ 110.134303] do_syscall_64+0x3b/0x90 [ 110.134545] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.134863] RIP: 0033:0x7f4b87518a4d [ 110.135087] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.135459] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.135915] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.136340] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.136766] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.137191] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.137616] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.138047] [ 110.138188] irq event stamp: 0 [ 110.138378] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.138768] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.139275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.139786] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.140171] ---[ end trace 0000000000000000 ]--- [ 110.140709] ------------[ cut here ]------------ [ 110.141000] WARNING: CPU: 1 PID: 982 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.141619] Modules linked in: [ 110.141817] CPU: 1 PID: 982 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.142349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.143048] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.143371] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.144485] RSP: 0018:ffff888016f5fb78 EFLAGS: 00010246 [ 110.144810] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.145247] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 110.145681] RBP: ffff888016f5fb98 R08: ffffed1002b6c03e R09: ffffed1002b6c03e [ 110.146119] R10: ffff888015b601ef R11: ffffed1002b6c03d R12: ffff888015b60290 [ 110.146564] R13: ffff888015b600a8 R14: ffffffffffffffff R15: ffff888016f5fc60 [ 110.147002] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.147500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.147856] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.148296] PKRU: 55555554 [ 110.148470] Call Trace: [ 110.148628] [ 110.148769] iommufd_ioas_destroy+0x53/0x70 [ 110.149038] iommufd_fops_release+0x1f7/0x370 [ 110.149320] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.149631] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.149936] ? write_comp_data+0x2f/0x90 [ 110.150195] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.150524] __fput+0x26d/0xa40 [ 110.150742] ____fput+0x1e/0x30 [ 110.150955] task_work_run+0x1a4/0x2d0 [ 110.151209] ? __pfx_task_work_run+0x10/0x10 [ 110.151487] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.151792] ? switch_task_namespaces+0xa9/0xe0 [ 110.152088] do_exit+0xb17/0x2ef0 [ 110.152303] ? lock_acquire+0x427/0x4c0 [ 110.152557] ? __pfx_lock_release+0x10/0x10 [ 110.152829] ? __kasan_check_write+0x18/0x20 [ 110.153104] ? do_raw_spin_lock+0x132/0x2a0 [ 110.153373] ? __pfx_do_exit+0x10/0x10 [ 110.153622] ? debug_smp_processor_id+0x20/0x30 [ 110.153912] ? rcu_is_watching+0x19/0xb0 [ 110.154165] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.154449] ? trace_hardirqs_on+0x26/0x120 [ 110.154733] do_group_exit+0xe0/0x2b0 [ 110.154973] __x64_sys_exit_group+0x47/0x50 [ 110.155245] do_syscall_64+0x3b/0x90 [ 110.155483] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.155808] RIP: 0033:0x7f4b87518a4d [ 110.156037] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.156414] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.156879] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.157315] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.157749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.158184] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.158628] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.159071] [ 110.159226] irq event stamp: 0 [ 110.159420] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.159805] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.160316] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.160826] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.161210] ---[ end trace 0000000000000000 ]--- [ 110.164976] ------------[ cut here ]------------ [ 110.165277] WARNING: CPU: 1 PID: 984 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.165879] Modules linked in: [ 110.166076] CPU: 1 PID: 984 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.166638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.167332] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.167632] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.168717] RSP: 0018:ffff888016097bb8 EFLAGS: 00010246 [ 110.169036] RAX: 0000000000000000 RBX: ffff888023da90a8 RCX: 0000000000000000 [ 110.169460] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 110.169884] RBP: ffff888016097bd0 R08: ffffed10047b5233 R09: ffffed10047b5233 [ 110.170309] R10: ffff888023da9193 R11: ffffed10047b5232 R12: ffff8880144ccc00 [ 110.170774] R13: ffff888023da91e8 R14: ffffffff8352e670 R15: ffff888016097e68 [ 110.171211] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.171691] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.172038] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ee0 [ 110.172465] PKRU: 55555554 [ 110.172635] Call Trace: [ 110.172789] [ 110.172926] __iommufd_access_detach+0x1c2/0x2b0 [ 110.173222] iommufd_access_change_pt+0x149/0x270 [ 110.173522] iommufd_access_replace+0xb4/0x120 [ 110.173809] iommufd_test+0x3e5/0x37e0 [ 110.174045] ? lock_release+0x532/0x770 [ 110.174294] ? __might_fault+0x102/0x1b0 [ 110.174555] ? lock_acquire+0x427/0x4c0 [ 110.174804] ? __pfx_iommufd_test+0x10/0x10 [ 110.175064] ? __pfx_lock_release+0x10/0x10 [ 110.175340] ? __pfx_lock_acquire+0x10/0x10 [ 110.175608] ? write_comp_data+0x2f/0x90 [ 110.175861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.176159] ? write_comp_data+0x2f/0x90 [ 110.176412] iommufd_fops_ioctl+0x37d/0x510 [ 110.176676] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.176975] ? write_comp_data+0x2f/0x90 [ 110.177227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.177520] __x64_sys_ioctl+0x1a3/0x230 [ 110.177773] do_syscall_64+0x3b/0x90 [ 110.178005] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.178322] RIP: 0033:0x7f4b8743ee5d [ 110.178555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.179651] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.180105] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.180532] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.180956] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.181383] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.181809] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.182239] [ 110.182380] irq event stamp: 0 [ 110.182579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.182957] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.183463] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.183964] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.184340] ---[ end trace 0000000000000000 ]--- [ 110.186581] ------------[ cut here ]------------ [ 110.186870] WARNING: CPU: 1 PID: 984 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.187478] Modules linked in: [ 110.187672] CPU: 1 PID: 984 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.188193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.188863] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.189161] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.190245] RSP: 0018:ffff888016097bd0 EFLAGS: 00010246 [ 110.190572] RAX: 0000000000000000 RBX: ffff888023da90a8 RCX: 0000000000000000 [ 110.190995] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 110.191424] RBP: ffff888016097be8 R08: ffffed10047b5233 R09: ffffed10047b5233 [ 110.191846] R10: ffff888023da9193 R11: ffffed10047b5232 R12: ffff888013b05800 [ 110.192268] R13: ffff888023da91e8 R14: ffff888020917700 R15: 0000000000000000 [ 110.192691] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.193169] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.193513] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.193936] PKRU: 55555554 [ 110.194105] Call Trace: [ 110.194259] [ 110.194394] iommufd_access_destroy_object+0x65/0x170 [ 110.194712] iommufd_object_destroy_user+0x18e/0x220 [ 110.195020] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.195378] iommufd_access_destroy+0x43/0x70 [ 110.195654] iommufd_test_staccess_release+0x8d/0xd0 [ 110.195966] __fput+0x26d/0xa40 [ 110.196175] ____fput+0x1e/0x30 [ 110.196380] task_work_run+0x1a4/0x2d0 [ 110.196619] ? __pfx_task_work_run+0x10/0x10 [ 110.196887] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.197182] ? switch_task_namespaces+0xa9/0xe0 [ 110.197470] do_exit+0xb17/0x2ef0 [ 110.197678] ? lock_acquire+0x427/0x4c0 [ 110.197922] ? __pfx_lock_release+0x10/0x10 [ 110.198186] ? __kasan_check_write+0x18/0x20 [ 110.198452] ? do_raw_spin_lock+0x132/0x2a0 [ 110.198720] ? __pfx_do_exit+0x10/0x10 [ 110.198963] ? debug_smp_processor_id+0x20/0x30 [ 110.199252] ? rcu_is_watching+0x19/0xb0 [ 110.199498] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.199776] ? trace_hardirqs_on+0x26/0x120 [ 110.200040] do_group_exit+0xe0/0x2b0 [ 110.200269] __x64_sys_exit_group+0x47/0x50 [ 110.200527] do_syscall_64+0x3b/0x90 [ 110.200757] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.201074] RIP: 0033:0x7f4b87518a4d [ 110.201296] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.201662] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.202111] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.202543] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.202968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.203395] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.203827] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.204255] [ 110.204395] irq event stamp: 0 [ 110.204583] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.204967] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.205462] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.205955] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.206330] ---[ end trace 0000000000000000 ]--- [ 110.206860] ------------[ cut here ]------------ [ 110.207143] WARNING: CPU: 1 PID: 984 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.207741] Modules linked in: [ 110.207932] CPU: 1 PID: 984 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.208445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.209109] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.209413] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.210489] RSP: 0018:ffff888016097b78 EFLAGS: 00010246 [ 110.210813] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.211247] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 110.211667] RBP: ffff888016097b98 R08: ffffed10047b523e R09: ffffed10047b523e [ 110.212088] R10: ffff888023da91ef R11: ffffed10047b523d R12: ffff888023da9290 [ 110.212509] R13: ffff888023da90a8 R14: ffffffffffffffff R15: ffff888016097c60 [ 110.212932] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.213407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.213751] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.214173] PKRU: 55555554 [ 110.214341] Call Trace: [ 110.214494] [ 110.214640] iommufd_ioas_destroy+0x53/0x70 [ 110.214900] iommufd_fops_release+0x1f7/0x370 [ 110.215178] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.215480] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.215776] ? write_comp_data+0x2f/0x90 [ 110.216030] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.216330] __fput+0x26d/0xa40 [ 110.216539] ____fput+0x1e/0x30 [ 110.216744] task_work_run+0x1a4/0x2d0 [ 110.216983] ? __pfx_task_work_run+0x10/0x10 [ 110.217251] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.217547] ? switch_task_namespaces+0xa9/0xe0 [ 110.217835] do_exit+0xb17/0x2ef0 [ 110.218043] ? lock_acquire+0x427/0x4c0 [ 110.218288] ? __pfx_lock_release+0x10/0x10 [ 110.218562] ? __kasan_check_write+0x18/0x20 [ 110.218830] ? do_raw_spin_lock+0x132/0x2a0 [ 110.219090] ? __pfx_do_exit+0x10/0x10 [ 110.219341] ? debug_smp_processor_id+0x20/0x30 [ 110.219622] ? rcu_is_watching+0x19/0xb0 [ 110.219865] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.220138] ? trace_hardirqs_on+0x26/0x120 [ 110.220398] do_group_exit+0xe0/0x2b0 [ 110.220626] __x64_sys_exit_group+0x47/0x50 [ 110.220882] do_syscall_64+0x3b/0x90 [ 110.221110] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.221425] RIP: 0033:0x7f4b87518a4d [ 110.221644] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.222009] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.222454] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.222886] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.223310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.223729] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.224149] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.224574] [ 110.224713] irq event stamp: 0 [ 110.224900] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.225305] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.225797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.226289] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.226671] ---[ end trace 0000000000000000 ]--- [ 110.230556] ------------[ cut here ]------------ [ 110.230859] WARNING: CPU: 1 PID: 985 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.231465] Modules linked in: [ 110.231656] CPU: 1 PID: 985 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.232167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.232828] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.233122] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.234194] RSP: 0018:ffff888017357bb8 EFLAGS: 00010246 [ 110.234524] RAX: 0000000000000000 RBX: ffff8880149ef8a8 RCX: 0000000000000000 [ 110.234943] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 110.235368] RBP: ffff888017357bd0 R08: ffffed100293df33 R09: ffffed100293df33 [ 110.235785] R10: ffff8880149ef993 R11: ffffed100293df32 R12: ffff88800fe70400 [ 110.236205] R13: ffff8880149ef9e8 R14: ffffffff8352e670 R15: ffff888017357e68 [ 110.236623] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.237096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.237437] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 110.237859] PKRU: 55555554 [ 110.238026] Call Trace: [ 110.238178] [ 110.238313] __iommufd_access_detach+0x1c2/0x2b0 [ 110.238613] iommufd_access_change_pt+0x149/0x270 [ 110.238908] iommufd_access_replace+0xb4/0x120 [ 110.239197] iommufd_test+0x3e5/0x37e0 [ 110.239429] ? lock_release+0x532/0x770 [ 110.239672] ? __might_fault+0x102/0x1b0 [ 110.239919] ? lock_acquire+0x427/0x4c0 [ 110.240166] ? __pfx_iommufd_test+0x10/0x10 [ 110.240421] ? __pfx_lock_release+0x10/0x10 [ 110.240683] ? __pfx_lock_acquire+0x10/0x10 [ 110.240948] ? write_comp_data+0x2f/0x90 [ 110.241197] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.241490] ? write_comp_data+0x2f/0x90 [ 110.241739] iommufd_fops_ioctl+0x37d/0x510 [ 110.241999] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.242293] ? write_comp_data+0x2f/0x90 [ 110.242556] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.242846] __x64_sys_ioctl+0x1a3/0x230 [ 110.243098] do_syscall_64+0x3b/0x90 [ 110.243332] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.243644] RIP: 0033:0x7f4b8743ee5d [ 110.243867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.244935] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.245381] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.245801] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.246219] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.246651] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.247068] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.247497] [ 110.247634] irq event stamp: 0 [ 110.247821] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.248190] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.248678] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.249169] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.249538] ---[ end trace 0000000000000000 ]--- [ 110.251685] ------------[ cut here ]------------ [ 110.251966] WARNING: CPU: 1 PID: 985 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.252553] Modules linked in: [ 110.252741] CPU: 1 PID: 985 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.253249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.253906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.254198] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.255284] RSP: 0018:ffff888017357bd0 EFLAGS: 00010246 [ 110.255597] RAX: 0000000000000000 RBX: ffff8880149ef8a8 RCX: 0000000000000000 [ 110.256015] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 110.256431] RBP: ffff888017357be8 R08: ffffed100293df33 R09: ffffed100293df33 [ 110.256847] R10: ffff8880149ef993 R11: ffffed100293df32 R12: ffff8880144ce400 [ 110.257265] R13: ffff8880149ef9e8 R14: ffff88802094eb00 R15: 0000000000000000 [ 110.257681] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.258152] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.258492] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.258919] PKRU: 55555554 [ 110.259086] Call Trace: [ 110.259244] [ 110.259380] iommufd_access_destroy_object+0x65/0x170 [ 110.259686] iommufd_object_destroy_user+0x18e/0x220 [ 110.259989] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.260337] iommufd_access_destroy+0x43/0x70 [ 110.260609] iommufd_test_staccess_release+0x8d/0xd0 [ 110.260915] __fput+0x26d/0xa40 [ 110.261121] ____fput+0x1e/0x30 [ 110.261323] task_work_run+0x1a4/0x2d0 [ 110.261559] ? __pfx_task_work_run+0x10/0x10 [ 110.261824] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.262115] ? switch_task_namespaces+0xa9/0xe0 [ 110.262398] do_exit+0xb17/0x2ef0 [ 110.262612] ? lock_acquire+0x427/0x4c0 [ 110.262856] ? __pfx_lock_release+0x10/0x10 [ 110.263122] ? __kasan_check_write+0x18/0x20 [ 110.263386] ? do_raw_spin_lock+0x132/0x2a0 [ 110.263642] ? __pfx_do_exit+0x10/0x10 [ 110.263879] ? debug_smp_processor_id+0x20/0x30 [ 110.264155] ? rcu_is_watching+0x19/0xb0 [ 110.264399] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.264670] ? trace_hardirqs_on+0x26/0x120 [ 110.264929] do_group_exit+0xe0/0x2b0 [ 110.265156] __x64_sys_exit_group+0x47/0x50 [ 110.265424] do_syscall_64+0x3b/0x90 [ 110.265651] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.265961] RIP: 0033:0x7f4b87518a4d [ 110.266179] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.266550] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.266996] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.267416] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.267832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.268251] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.268668] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.269092] [ 110.269229] irq event stamp: 0 [ 110.269415] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.269782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.270269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.270764] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.271138] ---[ end trace 0000000000000000 ]--- [ 110.271646] ------------[ cut here ]------------ [ 110.271920] WARNING: CPU: 1 PID: 985 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.272509] Modules linked in: [ 110.272697] CPU: 1 PID: 985 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.273207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.273863] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.274167] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.275247] RSP: 0018:ffff888017357b78 EFLAGS: 00010246 [ 110.275559] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.275976] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 110.276393] RBP: ffff888017357b98 R08: ffffed100293df3e R09: ffffed100293df3e [ 110.276809] R10: ffff8880149ef9ef R11: ffffed100293df3d R12: ffff8880149efa90 [ 110.277222] R13: ffff8880149ef8a8 R14: ffffffffffffffff R15: ffff888017357c60 [ 110.277635] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.278100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.278437] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.278860] PKRU: 55555554 [ 110.279025] Call Trace: [ 110.279181] [ 110.279315] iommufd_ioas_destroy+0x53/0x70 [ 110.279571] iommufd_fops_release+0x1f7/0x370 [ 110.279843] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.280137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.280428] ? write_comp_data+0x2f/0x90 [ 110.280674] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.280971] __fput+0x26d/0xa40 [ 110.281175] ____fput+0x1e/0x30 [ 110.281377] task_work_run+0x1a4/0x2d0 [ 110.281612] ? __pfx_task_work_run+0x10/0x10 [ 110.281874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.282165] ? switch_task_namespaces+0xa9/0xe0 [ 110.282446] do_exit+0xb17/0x2ef0 [ 110.282659] ? lock_acquire+0x427/0x4c0 [ 110.282901] ? __pfx_lock_release+0x10/0x10 [ 110.283165] ? __kasan_check_write+0x18/0x20 [ 110.283427] ? do_raw_spin_lock+0x132/0x2a0 [ 110.283682] ? __pfx_do_exit+0x10/0x10 [ 110.283919] ? debug_smp_processor_id+0x20/0x30 [ 110.284194] ? rcu_is_watching+0x19/0xb0 [ 110.284434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.284704] ? trace_hardirqs_on+0x26/0x120 [ 110.284962] do_group_exit+0xe0/0x2b0 [ 110.285188] __x64_sys_exit_group+0x47/0x50 [ 110.285442] do_syscall_64+0x3b/0x90 [ 110.285668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.285976] RIP: 0033:0x7f4b87518a4d [ 110.286195] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.286567] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.287011] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.287429] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.287843] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.288257] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.288670] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.289090] [ 110.289227] irq event stamp: 0 [ 110.289413] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.289778] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.290267] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.290763] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.291136] ---[ end trace 0000000000000000 ]--- [ 110.294773] ------------[ cut here ]------------ [ 110.295068] WARNING: CPU: 1 PID: 986 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.295662] Modules linked in: [ 110.295852] CPU: 1 PID: 986 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.296358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.297012] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.297303] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.298363] RSP: 0018:ffff888016c1fbb8 EFLAGS: 00010246 [ 110.298829] RAX: 0000000000000000 RBX: ffff8880161dc0a8 RCX: 0000000000000000 [ 110.299249] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 110.299663] RBP: ffff888016c1fbd0 R08: ffffed1002c3b833 R09: ffffed1002c3b833 [ 110.300080] R10: ffff8880161dc193 R11: ffffed1002c3b832 R12: ffff8880182e2c00 [ 110.300493] R13: ffff8880161dc1e8 R14: ffffffff8352e670 R15: ffff888016c1fe68 [ 110.300911] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.301379] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.301718] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 110.302133] PKRU: 55555554 [ 110.302298] Call Trace: [ 110.302448] [ 110.302590] __iommufd_access_detach+0x1c2/0x2b0 [ 110.302879] iommufd_access_change_pt+0x149/0x270 [ 110.303177] iommufd_access_replace+0xb4/0x120 [ 110.303453] iommufd_test+0x3e5/0x37e0 [ 110.303697] ? lock_release+0x532/0x770 [ 110.303937] ? __might_fault+0x102/0x1b0 [ 110.304180] ? lock_acquire+0x427/0x4c0 [ 110.304421] ? __pfx_iommufd_test+0x10/0x10 [ 110.304672] ? __pfx_lock_release+0x10/0x10 [ 110.304930] ? __pfx_lock_acquire+0x10/0x10 [ 110.305190] ? write_comp_data+0x2f/0x90 [ 110.305434] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.305721] ? write_comp_data+0x2f/0x90 [ 110.305969] iommufd_fops_ioctl+0x37d/0x510 [ 110.306224] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.306522] ? write_comp_data+0x2f/0x90 [ 110.306768] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.307053] __x64_sys_ioctl+0x1a3/0x230 [ 110.307303] do_syscall_64+0x3b/0x90 [ 110.307529] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.307835] RIP: 0033:0x7f4b8743ee5d [ 110.308051] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.309105] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.309543] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.309956] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.310370] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.310791] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.311208] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.311627] [ 110.311763] irq event stamp: 0 [ 110.311947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.312313] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.312795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.313279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.313643] ---[ end trace 0000000000000000 ]--- [ 110.315769] ------------[ cut here ]------------ [ 110.316046] WARNING: CPU: 1 PID: 986 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.316627] Modules linked in: [ 110.316814] CPU: 1 PID: 986 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.317314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.317963] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.318251] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.319319] RSP: 0018:ffff888016c1fbd0 EFLAGS: 00010246 [ 110.319627] RAX: 0000000000000000 RBX: ffff8880161dc0a8 RCX: 0000000000000000 [ 110.320038] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 110.320449] RBP: ffff888016c1fbe8 R08: ffffed1002c3b833 R09: ffffed1002c3b833 [ 110.320859] R10: ffff8880161dc193 R11: ffffed1002c3b832 R12: ffff88800fe70000 [ 110.321271] R13: ffff8880161dc1e8 R14: ffff888013d16e00 R15: 0000000000000000 [ 110.321681] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.322147] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.322483] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.322909] PKRU: 55555554 [ 110.323075] Call Trace: [ 110.323229] [ 110.323362] iommufd_access_destroy_object+0x65/0x170 [ 110.323663] iommufd_object_destroy_user+0x18e/0x220 [ 110.323964] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.324307] iommufd_access_destroy+0x43/0x70 [ 110.324576] iommufd_test_staccess_release+0x8d/0xd0 [ 110.324881] __fput+0x26d/0xa40 [ 110.325084] ____fput+0x1e/0x30 [ 110.325285] task_work_run+0x1a4/0x2d0 [ 110.325518] ? __pfx_task_work_run+0x10/0x10 [ 110.325780] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.326068] ? switch_task_namespaces+0xa9/0xe0 [ 110.326349] do_exit+0xb17/0x2ef0 [ 110.326562] ? lock_acquire+0x427/0x4c0 [ 110.326805] ? __pfx_lock_release+0x10/0x10 [ 110.327062] ? __kasan_check_write+0x18/0x20 [ 110.327327] ? do_raw_spin_lock+0x132/0x2a0 [ 110.327581] ? __pfx_do_exit+0x10/0x10 [ 110.327817] ? debug_smp_processor_id+0x20/0x30 [ 110.328093] ? rcu_is_watching+0x19/0xb0 [ 110.328331] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.328600] ? trace_hardirqs_on+0x26/0x120 [ 110.328857] do_group_exit+0xe0/0x2b0 [ 110.329082] __x64_sys_exit_group+0x47/0x50 [ 110.329333] do_syscall_64+0x3b/0x90 [ 110.329558] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.329865] RIP: 0033:0x7f4b87518a4d [ 110.330082] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.330438] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.330889] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.331311] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.331721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.332132] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.332541] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.332958] [ 110.333095] irq event stamp: 0 [ 110.333279] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.333641] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.334124] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.334613] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.334976] ---[ end trace 0000000000000000 ]--- [ 110.335482] ------------[ cut here ]------------ [ 110.335751] WARNING: CPU: 1 PID: 986 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.336333] Modules linked in: [ 110.336518] CPU: 1 PID: 986 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.337018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.337668] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.337964] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.339026] RSP: 0018:ffff888016c1fb78 EFLAGS: 00010246 [ 110.339342] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.339751] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 110.340163] RBP: ffff888016c1fb98 R08: ffffed1002c3b83e R09: ffffed1002c3b83e [ 110.340575] R10: ffff8880161dc1ef R11: ffffed1002c3b83d R12: ffff8880161dc290 [ 110.340984] R13: ffff8880161dc0a8 R14: ffffffffffffffff R15: ffff888016c1fc60 [ 110.341396] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.341861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.342194] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.342613] PKRU: 55555554 [ 110.342781] Call Trace: [ 110.342930] [ 110.343062] iommufd_ioas_destroy+0x53/0x70 [ 110.343322] iommufd_fops_release+0x1f7/0x370 [ 110.343590] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.343886] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.344174] ? write_comp_data+0x2f/0x90 [ 110.344419] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.344713] __fput+0x26d/0xa40 [ 110.344916] ____fput+0x1e/0x30 [ 110.345118] task_work_run+0x1a4/0x2d0 [ 110.345351] ? __pfx_task_work_run+0x10/0x10 [ 110.345613] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.345901] ? switch_task_namespaces+0xa9/0xe0 [ 110.346181] do_exit+0xb17/0x2ef0 [ 110.346384] ? lock_acquire+0x427/0x4c0 [ 110.346636] ? __pfx_lock_release+0x10/0x10 [ 110.346895] ? __kasan_check_write+0x18/0x20 [ 110.347161] ? do_raw_spin_lock+0x132/0x2a0 [ 110.347414] ? __pfx_do_exit+0x10/0x10 [ 110.347649] ? debug_smp_processor_id+0x20/0x30 [ 110.347922] ? rcu_is_watching+0x19/0xb0 [ 110.348160] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.348428] ? trace_hardirqs_on+0x26/0x120 [ 110.348684] do_group_exit+0xe0/0x2b0 [ 110.348908] __x64_sys_exit_group+0x47/0x50 [ 110.349159] do_syscall_64+0x3b/0x90 [ 110.349384] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.349689] RIP: 0033:0x7f4b87518a4d [ 110.349908] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.350263] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.350709] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.351124] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.351535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.351944] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.352355] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.352771] [ 110.352907] irq event stamp: 0 [ 110.353093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.353456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.353939] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.354420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.354790] ---[ end trace 0000000000000000 ]--- [ 110.358041] ------------[ cut here ]------------ [ 110.358333] WARNING: CPU: 1 PID: 987 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.358947] Modules linked in: [ 110.359147] CPU: 1 PID: 987 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.359648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.360296] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.360584] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.361630] RSP: 0018:ffff888023eafbb8 EFLAGS: 00010246 [ 110.361938] RAX: 0000000000000000 RBX: ffff888016ec08a8 RCX: 0000000000000000 [ 110.362352] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 110.362905] RBP: ffff888023eafbd0 R08: ffffed1002dd8133 R09: ffffed1002dd8133 [ 110.363320] R10: ffff888016ec0993 R11: ffffed1002dd8132 R12: ffff888010c01c00 [ 110.363729] R13: ffff888016ec09e8 R14: ffffffff8352e670 R15: ffff888023eafe68 [ 110.364139] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.364600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.364936] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 110.365363] PKRU: 55555554 [ 110.365526] Call Trace: [ 110.365674] [ 110.365806] __iommufd_access_detach+0x1c2/0x2b0 [ 110.366088] iommufd_access_change_pt+0x149/0x270 [ 110.366376] iommufd_access_replace+0xb4/0x120 [ 110.366658] iommufd_test+0x3e5/0x37e0 [ 110.366886] ? lock_release+0x532/0x770 [ 110.367132] ? __might_fault+0x102/0x1b0 [ 110.367374] ? lock_acquire+0x427/0x4c0 [ 110.367613] ? __pfx_iommufd_test+0x10/0x10 [ 110.367862] ? __pfx_lock_release+0x10/0x10 [ 110.368121] ? __pfx_lock_acquire+0x10/0x10 [ 110.368380] ? write_comp_data+0x2f/0x90 [ 110.368623] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.368911] ? write_comp_data+0x2f/0x90 [ 110.369156] iommufd_fops_ioctl+0x37d/0x510 [ 110.369410] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.369697] ? write_comp_data+0x2f/0x90 [ 110.369940] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.370225] __x64_sys_ioctl+0x1a3/0x230 [ 110.370468] do_syscall_64+0x3b/0x90 [ 110.370705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.371013] RIP: 0033:0x7f4b8743ee5d [ 110.371233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.372280] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.372715] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.373122] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.373531] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.373940] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.374351] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.374775] [ 110.374911] irq event stamp: 0 [ 110.375094] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.375465] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.375946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.376426] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.376787] ---[ end trace 0000000000000000 ]--- [ 110.378919] ------------[ cut here ]------------ [ 110.379209] WARNING: CPU: 1 PID: 987 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.379784] Modules linked in: [ 110.379970] CPU: 1 PID: 987 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.380471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.381119] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.381406] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.382451] RSP: 0018:ffff888023eafbd0 EFLAGS: 00010246 [ 110.382911] RAX: 0000000000000000 RBX: ffff888016ec08a8 RCX: 0000000000000000 [ 110.383329] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 110.383738] RBP: ffff888023eafbe8 R08: ffffed1002dd8133 R09: ffffed1002dd8133 [ 110.384148] R10: ffff888016ec0993 R11: ffffed1002dd8132 R12: ffff8880182e2000 [ 110.384557] R13: ffff888016ec09e8 R14: ffff888013996200 R15: 0000000000000000 [ 110.384969] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.385430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.385766] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.386176] PKRU: 55555554 [ 110.386339] Call Trace: [ 110.386488] [ 110.386628] iommufd_access_destroy_object+0x65/0x170 [ 110.386932] iommufd_object_destroy_user+0x18e/0x220 [ 110.387237] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.387577] iommufd_access_destroy+0x43/0x70 [ 110.387845] iommufd_test_staccess_release+0x8d/0xd0 [ 110.388147] __fput+0x26d/0xa40 [ 110.388350] ____fput+0x1e/0x30 [ 110.388549] task_work_run+0x1a4/0x2d0 [ 110.388781] ? __pfx_task_work_run+0x10/0x10 [ 110.389042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.389330] ? switch_task_namespaces+0xa9/0xe0 [ 110.389609] do_exit+0xb17/0x2ef0 [ 110.389811] ? lock_acquire+0x427/0x4c0 [ 110.390049] ? __pfx_lock_release+0x10/0x10 [ 110.390304] ? __kasan_check_write+0x18/0x20 [ 110.390575] ? do_raw_spin_lock+0x132/0x2a0 [ 110.390827] ? __pfx_do_exit+0x10/0x10 [ 110.391063] ? debug_smp_processor_id+0x20/0x30 [ 110.391341] ? rcu_is_watching+0x19/0xb0 [ 110.391579] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.391846] ? trace_hardirqs_on+0x26/0x120 [ 110.392101] do_group_exit+0xe0/0x2b0 [ 110.392324] __x64_sys_exit_group+0x47/0x50 [ 110.392574] do_syscall_64+0x3b/0x90 [ 110.392797] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.393102] RIP: 0033:0x7f4b87518a4d [ 110.393316] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.393670] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.394105] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.394523] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.394933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.395347] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.395757] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.396174] [ 110.396310] irq event stamp: 0 [ 110.396493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.396853] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.397335] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.397817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.398180] ---[ end trace 0000000000000000 ]--- [ 110.398702] ------------[ cut here ]------------ [ 110.398971] WARNING: CPU: 1 PID: 987 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.399560] Modules linked in: [ 110.399744] CPU: 1 PID: 987 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.400244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.400886] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.401181] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.402225] RSP: 0018:ffff888023eafb78 EFLAGS: 00010246 [ 110.402622] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.403032] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 110.403446] RBP: ffff888023eafb98 R08: ffffed1002dd813e R09: ffffed1002dd813e [ 110.403857] R10: ffff888016ec09ef R11: ffffed1002dd813d R12: ffff888016ec0a90 [ 110.404275] R13: ffff888016ec08a8 R14: ffffffffffffffff R15: ffff888023eafc60 [ 110.404684] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.405152] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.405485] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.405898] PKRU: 55555554 [ 110.406067] Call Trace: [ 110.406232] [ 110.406374] iommufd_ioas_destroy+0x53/0x70 [ 110.406661] iommufd_fops_release+0x1f7/0x370 [ 110.406991] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.407342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.407645] ? write_comp_data+0x2f/0x90 [ 110.407900] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.408191] __fput+0x26d/0xa40 [ 110.408403] ____fput+0x1e/0x30 [ 110.408616] task_work_run+0x1a4/0x2d0 [ 110.408850] ? __pfx_task_work_run+0x10/0x10 [ 110.409111] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.409399] ? switch_task_namespaces+0xa9/0xe0 [ 110.409684] do_exit+0xb17/0x2ef0 [ 110.409894] ? lock_acquire+0x427/0x4c0 [ 110.410132] ? __pfx_lock_release+0x10/0x10 [ 110.410389] ? __kasan_check_write+0x18/0x20 [ 110.410662] ? do_raw_spin_lock+0x132/0x2a0 [ 110.410924] ? __pfx_do_exit+0x10/0x10 [ 110.411234] ? debug_smp_processor_id+0x20/0x30 [ 110.411567] ? rcu_is_watching+0x19/0xb0 [ 110.411846] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.412161] ? trace_hardirqs_on+0x26/0x120 [ 110.412425] do_group_exit+0xe0/0x2b0 [ 110.412658] __x64_sys_exit_group+0x47/0x50 [ 110.412911] do_syscall_64+0x3b/0x90 [ 110.413144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.413452] RIP: 0033:0x7f4b87518a4d [ 110.413682] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.414046] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.414588] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.415121] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.415574] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.415987] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.416396] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.416813] [ 110.416949] irq event stamp: 0 [ 110.417132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.417494] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.417975] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.418459] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.418833] ---[ end trace 0000000000000000 ]--- [ 110.422357] ------------[ cut here ]------------ [ 110.422697] WARNING: CPU: 1 PID: 988 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.423396] Modules linked in: [ 110.423647] CPU: 1 PID: 988 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.424251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.425006] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.425296] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.426353] RSP: 0018:ffff88800cbcfbb8 EFLAGS: 00010246 [ 110.426725] RAX: 0000000000000000 RBX: ffff88800fc838a8 RCX: 0000000000000000 [ 110.427170] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 110.427588] RBP: ffff88800cbcfbd0 R08: ffffed1001f90733 R09: ffffed1001f90733 [ 110.428076] R10: ffff88800fc83993 R11: ffffed1001f90732 R12: ffff888013e7bc00 [ 110.428545] R13: ffff88800fc839e8 R14: ffffffff8352e670 R15: ffff88800cbcfe68 [ 110.429019] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.429507] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.429843] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 110.430255] PKRU: 55555554 [ 110.430427] Call Trace: [ 110.430593] [ 110.430728] __iommufd_access_detach+0x1c2/0x2b0 [ 110.431018] iommufd_access_change_pt+0x149/0x270 [ 110.431320] iommufd_access_replace+0xb4/0x120 [ 110.431603] iommufd_test+0x3e5/0x37e0 [ 110.431832] ? lock_release+0x532/0x770 [ 110.432076] ? __might_fault+0x102/0x1b0 [ 110.432321] ? lock_acquire+0x427/0x4c0 [ 110.432563] ? __pfx_iommufd_test+0x10/0x10 [ 110.432817] ? __pfx_lock_release+0x10/0x10 [ 110.433079] ? __pfx_lock_acquire+0x10/0x10 [ 110.433343] ? write_comp_data+0x2f/0x90 [ 110.433591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.433886] ? write_comp_data+0x2f/0x90 [ 110.434142] iommufd_fops_ioctl+0x37d/0x510 [ 110.434399] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.434708] ? write_comp_data+0x2f/0x90 [ 110.434960] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.435267] __x64_sys_ioctl+0x1a3/0x230 [ 110.435526] do_syscall_64+0x3b/0x90 [ 110.435803] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.436168] RIP: 0033:0x7f4b8743ee5d [ 110.436411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.437508] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.438003] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.438497] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.439015] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.439542] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.440019] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.440450] [ 110.440587] irq event stamp: 0 [ 110.440772] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.441138] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.441637] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.442186] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.442639] ---[ end trace 0000000000000000 ]--- [ 110.445369] ------------[ cut here ]------------ [ 110.445739] WARNING: CPU: 1 PID: 988 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.446490] Modules linked in: [ 110.446925] CPU: 1 PID: 988 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.447547] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.448370] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.448782] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.450255] RSP: 0018:ffff88800cbcfbd0 EFLAGS: 00010246 [ 110.450747] RAX: 0000000000000000 RBX: ffff88800fc838a8 RCX: 0000000000000000 [ 110.451334] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 110.451878] RBP: ffff88800cbcfbe8 R08: ffffed1001f90733 R09: ffffed1001f90733 [ 110.452511] R10: ffff88800fc83993 R11: ffffed1001f90732 R12: ffff888010c00c00 [ 110.453072] R13: ffff88800fc839e8 R14: ffff888014589d00 R15: 0000000000000000 [ 110.453632] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.454267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.454802] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.455386] PKRU: 55555554 [ 110.455608] Call Trace: [ 110.455810] [ 110.455990] iommufd_access_destroy_object+0x65/0x170 [ 110.456438] iommufd_object_destroy_user+0x18e/0x220 [ 110.456868] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.457338] iommufd_access_destroy+0x43/0x70 [ 110.457707] iommufd_test_staccess_release+0x8d/0xd0 [ 110.458171] __fput+0x26d/0xa40 [ 110.458458] ____fput+0x1e/0x30 [ 110.458748] task_work_run+0x1a4/0x2d0 [ 110.459071] ? __pfx_task_work_run+0x10/0x10 [ 110.459457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.459866] ? switch_task_namespaces+0xa9/0xe0 [ 110.460302] do_exit+0xb17/0x2ef0 [ 110.460571] ? lock_acquire+0x427/0x4c0 [ 110.460883] ? __pfx_lock_release+0x10/0x10 [ 110.461230] ? __kasan_check_write+0x18/0x20 [ 110.461583] ? do_raw_spin_lock+0x132/0x2a0 [ 110.462011] ? __pfx_do_exit+0x10/0x10 [ 110.462332] ? debug_smp_processor_id+0x20/0x30 [ 110.462735] ? rcu_is_watching+0x19/0xb0 [ 110.463083] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.463459] ? trace_hardirqs_on+0x26/0x120 [ 110.463808] do_group_exit+0xe0/0x2b0 [ 110.464221] __x64_sys_exit_group+0x47/0x50 [ 110.464575] do_syscall_64+0x3b/0x90 [ 110.464877] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.465372] RIP: 0033:0x7f4b87518a4d [ 110.465862] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.466580] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.467406] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.468089] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.468657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.469262] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.469896] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.470464] [ 110.470684] irq event stamp: 0 [ 110.470942] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.471535] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.472225] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.472896] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.473448] ---[ end trace 0000000000000000 ]--- [ 110.474173] ------------[ cut here ]------------ [ 110.474586] WARNING: CPU: 1 PID: 988 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.475476] Modules linked in: [ 110.475733] CPU: 1 PID: 988 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.476425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.477370] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.477793] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.479303] RSP: 0018:ffff88800cbcfb78 EFLAGS: 00010246 [ 110.479743] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.480316] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 110.480948] RBP: ffff88800cbcfb98 R08: ffffed1001f9073e R09: ffffed1001f9073e [ 110.481515] R10: ffff88800fc839ef R11: ffffed1001f9073d R12: ffff88800fc83a90 [ 110.482048] R13: ffff88800fc838a8 R14: ffffffffffffffff R15: ffff88800cbcfc60 [ 110.482677] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.483304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.483761] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 110.484393] PKRU: 55555554 [ 110.484645] Call Trace: [ 110.484850] [ 110.485029] iommufd_ioas_destroy+0x53/0x70 [ 110.485371] iommufd_fops_release+0x1f7/0x370 [ 110.485768] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.486211] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.486618] ? write_comp_data+0x2f/0x90 [ 110.486908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.487220] __fput+0x26d/0xa40 [ 110.487455] ____fput+0x1e/0x30 [ 110.487686] task_work_run+0x1a4/0x2d0 [ 110.487974] ? __pfx_task_work_run+0x10/0x10 [ 110.488330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.488725] ? switch_task_namespaces+0xa9/0xe0 [ 110.489144] do_exit+0xb17/0x2ef0 [ 110.489454] ? lock_acquire+0x427/0x4c0 [ 110.489782] ? __pfx_lock_release+0x10/0x10 [ 110.490141] ? __kasan_check_write+0x18/0x20 [ 110.490528] ? do_raw_spin_lock+0x132/0x2a0 [ 110.490885] ? __pfx_do_exit+0x10/0x10 [ 110.491287] ? debug_smp_processor_id+0x20/0x30 [ 110.491676] ? rcu_is_watching+0x19/0xb0 [ 110.492008] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.492388] ? trace_hardirqs_on+0x26/0x120 [ 110.492758] do_group_exit+0xe0/0x2b0 [ 110.493099] __x64_sys_exit_group+0x47/0x50 [ 110.493491] do_syscall_64+0x3b/0x90 [ 110.493800] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.494214] RIP: 0033:0x7f4b87518a4d [ 110.494540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.495077] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.495683] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.496219] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.496803] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.497421] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.498000] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.498602] [ 110.498853] irq event stamp: 0 [ 110.499107] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.499622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.500277] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.500973] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.501464] ---[ end trace 0000000000000000 ]--- [ 110.505597] ------------[ cut here ]------------ [ 110.505997] WARNING: CPU: 1 PID: 989 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.506942] Modules linked in: [ 110.507222] CPU: 1 PID: 989 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.507890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.508807] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.509245] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.510749] RSP: 0018:ffff88801644fbb8 EFLAGS: 00010246 [ 110.511186] RAX: 0000000000000000 RBX: ffff88800f3748a8 RCX: 0000000000000000 [ 110.511746] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 110.512389] RBP: ffff88801644fbd0 R08: ffffed1001e6e933 R09: ffffed1001e6e933 [ 110.512951] R10: ffff88800f374993 R11: ffffed1001e6e932 R12: ffff88800fd3e800 [ 110.513550] R13: ffff88800f3749e8 R14: ffffffff8352e670 R15: ffff88801644fe68 [ 110.514169] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.514801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.515282] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 110.515888] PKRU: 55555554 [ 110.516107] Call Trace: [ 110.516293] [ 110.516431] __iommufd_access_detach+0x1c2/0x2b0 [ 110.516756] iommufd_access_change_pt+0x149/0x270 [ 110.517112] iommufd_access_replace+0xb4/0x120 [ 110.517402] iommufd_test+0x3e5/0x37e0 [ 110.517639] ? lock_release+0x532/0x770 [ 110.517901] ? __might_fault+0x102/0x1b0 [ 110.518165] ? lock_acquire+0x427/0x4c0 [ 110.518477] ? __pfx_iommufd_test+0x10/0x10 [ 110.518764] ? __pfx_lock_release+0x10/0x10 [ 110.519069] ? __pfx_lock_acquire+0x10/0x10 [ 110.519396] ? write_comp_data+0x2f/0x90 [ 110.519774] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.520160] ? write_comp_data+0x2f/0x90 [ 110.520488] iommufd_fops_ioctl+0x37d/0x510 [ 110.520870] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.521313] ? write_comp_data+0x2f/0x90 [ 110.521652] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.522039] __x64_sys_ioctl+0x1a3/0x230 [ 110.522400] do_syscall_64+0x3b/0x90 [ 110.522826] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.523281] RIP: 0033:0x7f4b8743ee5d [ 110.523577] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.525099] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.525698] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.526314] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.526879] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.527496] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.528079] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.528644] [ 110.528821] irq event stamp: 0 [ 110.529048] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.529475] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.530080] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.530827] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.531367] ---[ end trace 0000000000000000 ]--- [ 110.535685] ------------[ cut here ]------------ [ 110.536045] WARNING: CPU: 1 PID: 989 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.536919] Modules linked in: [ 110.537169] CPU: 1 PID: 989 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.537736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.538568] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.538946] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.540472] RSP: 0018:ffff88801644fbd0 EFLAGS: 00010246 [ 110.540907] RAX: 0000000000000000 RBX: ffff88800f3748a8 RCX: 0000000000000000 [ 110.541430] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 110.541912] RBP: ffff88801644fbe8 R08: ffffed1001e6e933 R09: ffffed1001e6e933 [ 110.542404] R10: ffff88800f374993 R11: ffffed1001e6e932 R12: ffff888013e79400 [ 110.542878] R13: ffff88800f3749e8 R14: ffff88800fa76400 R15: 0000000000000000 [ 110.543379] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.543894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.544299] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.544797] PKRU: 55555554 [ 110.544976] Call Trace: [ 110.545136] [ 110.545278] iommufd_access_destroy_object+0x65/0x170 [ 110.545636] iommufd_object_destroy_user+0x18e/0x220 [ 110.546001] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.546364] iommufd_access_destroy+0x43/0x70 [ 110.546661] iommufd_test_staccess_release+0x8d/0xd0 [ 110.547021] __fput+0x26d/0xa40 [ 110.547292] ____fput+0x1e/0x30 [ 110.547514] task_work_run+0x1a4/0x2d0 [ 110.547761] ? __pfx_task_work_run+0x10/0x10 [ 110.548058] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.548396] ? switch_task_namespaces+0xa9/0xe0 [ 110.548720] do_exit+0xb17/0x2ef0 [ 110.548949] ? lock_acquire+0x427/0x4c0 [ 110.549209] ? __pfx_lock_release+0x10/0x10 [ 110.549524] ? __kasan_check_write+0x18/0x20 [ 110.549842] ? do_raw_spin_lock+0x132/0x2a0 [ 110.550126] ? __pfx_do_exit+0x10/0x10 [ 110.550389] ? debug_smp_processor_id+0x20/0x30 [ 110.550760] ? rcu_is_watching+0x19/0xb0 [ 110.551155] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.551545] ? trace_hardirqs_on+0x26/0x120 [ 110.551898] do_group_exit+0xe0/0x2b0 [ 110.552167] __x64_sys_exit_group+0x47/0x50 [ 110.552469] do_syscall_64+0x3b/0x90 [ 110.552802] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.553156] RIP: 0033:0x7f4b87518a4d [ 110.553397] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.553793] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.554360] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.554905] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.555517] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.556106] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.556683] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.557305] [ 110.557542] irq event stamp: 0 [ 110.557791] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.558294] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.559009] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.559626] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.560035] ---[ end trace 0000000000000000 ]--- [ 110.562308] ------------[ cut here ]------------ [ 110.562683] WARNING: CPU: 1 PID: 989 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.563455] Modules linked in: [ 110.563668] CPU: 1 PID: 989 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.564232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.565064] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.565408] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.566702] RSP: 0018:ffff88801644fb78 EFLAGS: 00010246 [ 110.567070] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.567625] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 110.568098] RBP: ffff88801644fb98 R08: ffffed1001e6e93e R09: ffffed1001e6e93e [ 110.568579] R10: ffff88800f3749ef R11: ffffed1001e6e93d R12: ffff88800f374a90 [ 110.569140] R13: ffff88800f3748a8 R14: ffffffffffffffff R15: ffff88801644fc60 [ 110.569622] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.570187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.570663] CR2: 00007f82e2acd000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.571156] PKRU: 55555554 [ 110.571352] Call Trace: [ 110.571530] [ 110.571691] iommufd_ioas_destroy+0x53/0x70 [ 110.572037] iommufd_fops_release+0x1f7/0x370 [ 110.572394] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.572743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.573091] ? write_comp_data+0x2f/0x90 [ 110.573435] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.573785] __fput+0x26d/0xa40 [ 110.574028] ____fput+0x1e/0x30 [ 110.574263] task_work_run+0x1a4/0x2d0 [ 110.574596] ? __pfx_task_work_run+0x10/0x10 [ 110.574988] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.575345] ? switch_task_namespaces+0xa9/0xe0 [ 110.575686] do_exit+0xb17/0x2ef0 [ 110.575940] ? lock_acquire+0x427/0x4c0 [ 110.576239] ? __pfx_lock_release+0x10/0x10 [ 110.576602] ? __kasan_check_write+0x18/0x20 [ 110.576971] ? do_raw_spin_lock+0x132/0x2a0 [ 110.577285] ? __pfx_do_exit+0x10/0x10 [ 110.577582] ? debug_smp_processor_id+0x20/0x30 [ 110.577961] ? rcu_is_watching+0x19/0xb0 [ 110.578352] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.578704] ? trace_hardirqs_on+0x26/0x120 [ 110.579023] do_group_exit+0xe0/0x2b0 [ 110.579318] __x64_sys_exit_group+0x47/0x50 [ 110.579656] do_syscall_64+0x3b/0x90 [ 110.579976] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.580352] RIP: 0033:0x7f4b87518a4d [ 110.580618] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.581102] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.581685] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.582205] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.582829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.583354] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.583896] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.584483] [ 110.584700] irq event stamp: 0 [ 110.584933] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.585399] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.586110] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.586763] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.587253] ---[ end trace 0000000000000000 ]--- [ 110.591796] ------------[ cut here ]------------ [ 110.592328] WARNING: CPU: 1 PID: 990 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.593108] Modules linked in: [ 110.593651] CPU: 1 PID: 990 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.594314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.595305] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.595696] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.597232] RSP: 0018:ffff88800cbcfbb8 EFLAGS: 00010246 [ 110.597653] RAX: 0000000000000000 RBX: ffff88800b8128a8 RCX: 0000000000000000 [ 110.598215] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 110.598901] RBP: ffff88800cbcfbd0 R08: ffffed1001702533 R09: ffffed1001702533 [ 110.599477] R10: ffff88800b812993 R11: ffffed1001702532 R12: ffff888010c09000 [ 110.600058] R13: ffff88800b8129e8 R14: ffffffff8352e670 R15: ffff88800cbcfe68 [ 110.600695] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.601330] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.601884] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 110.602448] PKRU: 55555554 [ 110.602698] Call Trace: [ 110.602905] [ 110.603088] __iommufd_access_detach+0x1c2/0x2b0 [ 110.603554] iommufd_access_change_pt+0x149/0x270 [ 110.603994] iommufd_access_replace+0xb4/0x120 [ 110.604373] iommufd_test+0x3e5/0x37e0 [ 110.604680] ? lock_release+0x532/0x770 [ 110.605063] ? __might_fault+0x102/0x1b0 [ 110.605435] ? lock_acquire+0x427/0x4c0 [ 110.605760] ? __pfx_iommufd_test+0x10/0x10 [ 110.606095] ? __pfx_lock_release+0x10/0x10 [ 110.606480] ? __pfx_lock_acquire+0x10/0x10 [ 110.606901] ? write_comp_data+0x2f/0x90 [ 110.607245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.607634] ? write_comp_data+0x2f/0x90 [ 110.607969] iommufd_fops_ioctl+0x37d/0x510 [ 110.608330] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.608799] ? write_comp_data+0x2f/0x90 [ 110.609132] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.609517] __x64_sys_ioctl+0x1a3/0x230 [ 110.609886] do_syscall_64+0x3b/0x90 [ 110.610243] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.610693] RIP: 0033:0x7f4b8743ee5d [ 110.610997] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.612610] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.613233] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.613941] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.614544] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.615179] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.615824] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.616415] [ 110.616609] irq event stamp: 0 [ 110.616938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.617515] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.618202] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.619022] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.619549] ---[ end trace 0000000000000000 ]--- [ 110.622536] ------------[ cut here ]------------ [ 110.622954] WARNING: CPU: 1 PID: 990 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.623920] Modules linked in: [ 110.624186] CPU: 1 PID: 990 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.624913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.625904] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.626310] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.627925] RSP: 0018:ffff88800cbcfbd0 EFLAGS: 00010246 [ 110.628385] RAX: 0000000000000000 RBX: ffff88800b8128a8 RCX: 0000000000000000 [ 110.629058] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 110.629634] RBP: ffff88800cbcfbe8 R08: ffffed1001702533 R09: ffffed1001702533 [ 110.630316] R10: ffff88800b812993 R11: ffffed1001702532 R12: ffff88800fd3fc00 [ 110.630911] R13: ffff88800b8129e8 R14: ffff8880181b3600 R15: 0000000000000000 [ 110.631505] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.632287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.632764] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.633389] PKRU: 55555554 [ 110.633688] Call Trace: [ 110.633901] [ 110.634090] iommufd_access_destroy_object+0x65/0x170 [ 110.634544] iommufd_object_destroy_user+0x18e/0x220 [ 110.634973] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.635598] iommufd_access_destroy+0x43/0x70 [ 110.635981] iommufd_test_staccess_release+0x8d/0xd0 [ 110.636407] __fput+0x26d/0xa40 [ 110.636698] ____fput+0x1e/0x30 [ 110.637068] task_work_run+0x1a4/0x2d0 [ 110.637404] ? __pfx_task_work_run+0x10/0x10 [ 110.637775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.638189] ? switch_task_namespaces+0xa9/0xe0 [ 110.638679] do_exit+0xb17/0x2ef0 [ 110.638979] ? lock_acquire+0x427/0x4c0 [ 110.639331] ? __pfx_lock_release+0x10/0x10 [ 110.639698] ? __kasan_check_write+0x18/0x20 [ 110.640070] ? do_raw_spin_lock+0x132/0x2a0 [ 110.640492] ? __pfx_do_exit+0x10/0x10 [ 110.640855] ? debug_smp_processor_id+0x20/0x30 [ 110.641249] ? rcu_is_watching+0x19/0xb0 [ 110.641586] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.642012] ? trace_hardirqs_on+0x26/0x120 [ 110.642427] do_group_exit+0xe0/0x2b0 [ 110.642767] __x64_sys_exit_group+0x47/0x50 [ 110.643138] do_syscall_64+0x3b/0x90 [ 110.643458] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.643924] RIP: 0033:0x7f4b87518a4d [ 110.644338] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.644844] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.645515] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.646194] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.646811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.647413] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.648161] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.648751] [ 110.648949] irq event stamp: 0 [ 110.649210] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.649887] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.650616] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.651377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.651961] ---[ end trace 0000000000000000 ]--- [ 110.652710] ------------[ cut here ]------------ [ 110.653242] WARNING: CPU: 1 PID: 990 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.654092] Modules linked in: [ 110.654385] CPU: 1 PID: 990 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.655259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.656193] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.656775] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.658422] RSP: 0018:ffff88800cbcfb78 EFLAGS: 00010246 [ 110.658880] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.659470] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 110.660177] RBP: ffff88800cbcfb98 R08: ffffed100170253e R09: ffffed100170253e [ 110.660754] R10: ffff88800b8129ef R11: ffffed100170253d R12: ffff88800b812a90 [ 110.661328] R13: ffff88800b8128a8 R14: ffffffffffffffff R15: ffff88800cbcfc60 [ 110.662027] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.662697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.663177] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.663873] PKRU: 55555554 [ 110.664103] Call Trace: [ 110.664311] [ 110.664499] iommufd_ioas_destroy+0x53/0x70 [ 110.664931] iommufd_fops_release+0x1f7/0x370 [ 110.665374] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.665785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.666188] ? write_comp_data+0x2f/0x90 [ 110.666657] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.667073] __fput+0x26d/0xa40 [ 110.667371] ____fput+0x1e/0x30 [ 110.667653] task_work_run+0x1a4/0x2d0 [ 110.667979] ? __pfx_task_work_run+0x10/0x10 [ 110.668392] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.668853] ? switch_task_namespaces+0xa9/0xe0 [ 110.669244] do_exit+0xb17/0x2ef0 [ 110.669529] ? lock_acquire+0x427/0x4c0 [ 110.669928] ? __pfx_lock_release+0x10/0x10 [ 110.670354] ? __kasan_check_write+0x18/0x20 [ 110.670743] ? do_raw_spin_lock+0x132/0x2a0 [ 110.671100] ? __pfx_do_exit+0x10/0x10 [ 110.671437] ? debug_smp_processor_id+0x20/0x30 [ 110.671884] ? rcu_is_watching+0x19/0xb0 [ 110.672278] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.672656] ? trace_hardirqs_on+0x26/0x120 [ 110.673022] do_group_exit+0xe0/0x2b0 [ 110.673341] __x64_sys_exit_group+0x47/0x50 [ 110.673694] do_syscall_64+0x3b/0x90 [ 110.674011] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.674441] RIP: 0033:0x7f4b87518a4d [ 110.674799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.675396] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.676016] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.676600] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.677312] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.677887] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.678536] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.679186] [ 110.679380] irq event stamp: 0 [ 110.679642] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.680153] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.680962] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.681640] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.682291] ---[ end trace 0000000000000000 ]--- [ 110.687202] ------------[ cut here ]------------ [ 110.687708] WARNING: CPU: 1 PID: 991 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.688522] Modules linked in: [ 110.688823] CPU: 1 PID: 991 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.689595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.690628] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.691038] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.692549] RSP: 0018:ffff88801729fbb8 EFLAGS: 00010246 [ 110.693088] RAX: 0000000000000000 RBX: ffff8880139188a8 RCX: 0000000000000000 [ 110.693665] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 110.694287] RBP: ffff88801729fbd0 R08: ffffed1002723133 R09: ffffed1002723133 [ 110.694938] R10: ffff888013918993 R11: ffffed1002723132 R12: ffff88801226cc00 [ 110.695526] R13: ffff8880139189e8 R14: ffffffff8352e670 R15: ffff88801729fe68 [ 110.696157] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.696876] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.697350] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 110.698050] PKRU: 55555554 [ 110.698283] Call Trace: [ 110.698495] [ 110.698705] __iommufd_access_detach+0x1c2/0x2b0 [ 110.699134] iommufd_access_change_pt+0x149/0x270 [ 110.699544] iommufd_access_replace+0xb4/0x120 [ 110.700051] iommufd_test+0x3e5/0x37e0 [ 110.700373] ? lock_release+0x532/0x770 [ 110.700717] ? __might_fault+0x102/0x1b0 [ 110.701061] ? lock_acquire+0x427/0x4c0 [ 110.701464] ? __pfx_iommufd_test+0x10/0x10 [ 110.701899] ? __pfx_lock_release+0x10/0x10 [ 110.702269] ? __pfx_lock_acquire+0x10/0x10 [ 110.702669] ? write_comp_data+0x2f/0x90 [ 110.703028] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.703568] ? write_comp_data+0x2f/0x90 [ 110.703919] iommufd_fops_ioctl+0x37d/0x510 [ 110.704281] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.704689] ? write_comp_data+0x2f/0x90 [ 110.705110] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.705590] __x64_sys_ioctl+0x1a3/0x230 [ 110.705943] do_syscall_64+0x3b/0x90 [ 110.706262] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.706770] RIP: 0033:0x7f4b8743ee5d [ 110.707170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.708661] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.709405] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.709985] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.710720] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.711320] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.711901] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.712626] [ 110.712823] irq event stamp: 0 [ 110.713083] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.713607] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.714430] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.715151] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.715668] ---[ end trace 0000000000000000 ]--- [ 110.718921] ------------[ cut here ]------------ [ 110.719433] WARNING: CPU: 1 PID: 991 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.720238] Modules linked in: [ 110.720506] CPU: 1 PID: 991 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.721292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.722224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.722710] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.724285] RSP: 0018:ffff88801729fbd0 EFLAGS: 00010246 [ 110.724709] RAX: 0000000000000000 RBX: ffff8880139188a8 RCX: 0000000000000000 [ 110.725272] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 110.725950] RBP: ffff88801729fbe8 R08: ffffed1002723133 R09: ffffed1002723133 [ 110.726531] R10: ffff888013918993 R11: ffffed1002723132 R12: ffff888010c0a400 [ 110.727131] R13: ffff8880139189e8 R14: ffff888020987f00 R15: 0000000000000000 [ 110.727776] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.728409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.728973] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 110.729545] PKRU: 55555554 [ 110.729771] Call Trace: [ 110.729974] [ 110.730154] iommufd_access_destroy_object+0x65/0x170 [ 110.730701] iommufd_object_destroy_user+0x18e/0x220 [ 110.731125] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.731590] iommufd_access_destroy+0x43/0x70 [ 110.732025] iommufd_test_staccess_release+0x8d/0xd0 [ 110.732504] __fput+0x26d/0xa40 [ 110.732784] ____fput+0x1e/0x30 [ 110.733057] task_work_run+0x1a4/0x2d0 [ 110.733382] ? __pfx_task_work_run+0x10/0x10 [ 110.733866] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.734263] ? switch_task_namespaces+0xa9/0xe0 [ 110.734674] do_exit+0xb17/0x2ef0 [ 110.734958] ? lock_acquire+0x427/0x4c0 [ 110.735360] ? __pfx_lock_release+0x10/0x10 [ 110.735759] ? __kasan_check_write+0x18/0x20 [ 110.736113] ? do_raw_spin_lock+0x132/0x2a0 [ 110.736465] ? __pfx_do_exit+0x10/0x10 [ 110.736840] ? debug_smp_processor_id+0x20/0x30 [ 110.737282] ? rcu_is_watching+0x19/0xb0 [ 110.737610] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.737974] ? trace_hardirqs_on+0x26/0x120 [ 110.738376] do_group_exit+0xe0/0x2b0 [ 110.738761] __x64_sys_exit_group+0x47/0x50 [ 110.739102] do_syscall_64+0x3b/0x90 [ 110.739417] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.739842] RIP: 0033:0x7f4b87518a4d [ 110.740225] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.740706] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.741303] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.741972] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.742545] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.743094] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.743654] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.744218] [ 110.744430] irq event stamp: 0 [ 110.744769] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.745265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.745923] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.746699] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.747202] ---[ end trace 0000000000000000 ]--- [ 110.747927] ------------[ cut here ]------------ [ 110.748354] WARNING: CPU: 1 PID: 991 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.749162] Modules linked in: [ 110.749513] CPU: 1 PID: 991 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.750195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.751223] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.751629] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.753164] RSP: 0018:ffff88801729fb78 EFLAGS: 00010246 [ 110.753582] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.754171] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 110.754871] RBP: ffff88801729fb98 R08: ffffed100272313e R09: ffffed100272313e [ 110.755441] R10: ffff8880139189ef R11: ffffed100272313d R12: ffff888013918a90 [ 110.756033] R13: ffff8880139188a8 R14: ffffffffffffffff R15: ffff88801729fc60 [ 110.756657] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.757279] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.757834] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.758390] PKRU: 55555554 [ 110.758631] Call Trace: [ 110.758838] [ 110.759018] iommufd_ioas_destroy+0x53/0x70 [ 110.759400] iommufd_fops_release+0x1f7/0x370 [ 110.759837] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.760227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.760620] ? write_comp_data+0x2f/0x90 [ 110.761002] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.761465] __fput+0x26d/0xa40 [ 110.761741] ____fput+0x1e/0x30 [ 110.762010] task_work_run+0x1a4/0x2d0 [ 110.762324] ? __pfx_task_work_run+0x10/0x10 [ 110.762814] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.763207] ? switch_task_namespaces+0xa9/0xe0 [ 110.763585] do_exit+0xb17/0x2ef0 [ 110.763862] ? lock_acquire+0x427/0x4c0 [ 110.764188] ? __pfx_lock_release+0x10/0x10 [ 110.764595] ? __kasan_check_write+0x18/0x20 [ 110.764995] ? do_raw_spin_lock+0x132/0x2a0 [ 110.765340] ? __pfx_do_exit+0x10/0x10 [ 110.765651] ? debug_smp_processor_id+0x20/0x30 [ 110.766079] ? rcu_is_watching+0x19/0xb0 [ 110.766457] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.766843] ? trace_hardirqs_on+0x26/0x120 [ 110.767198] do_group_exit+0xe0/0x2b0 [ 110.767504] __x64_sys_exit_group+0x47/0x50 [ 110.767863] do_syscall_64+0x3b/0x90 [ 110.768254] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.768669] RIP: 0033:0x7f4b87518a4d [ 110.768961] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.769484] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.770135] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.770706] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.771299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.771925] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.772474] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.773153] [ 110.773339] irq event stamp: 0 [ 110.773589] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.774083] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.774868] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.775522] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.776010] ---[ end trace 0000000000000000 ]--- [ 110.780693] ------------[ cut here ]------------ [ 110.781137] WARNING: CPU: 1 PID: 992 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.782021] Modules linked in: [ 110.782270] CPU: 1 PID: 992 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.782959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.783836] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.784219] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.785775] RSP: 0018:ffff88800cbcfbb8 EFLAGS: 00010246 [ 110.786178] RAX: 0000000000000000 RBX: ffff8880180690a8 RCX: 0000000000000000 [ 110.786756] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 110.787309] RBP: ffff88800cbcfbd0 R08: ffffed100300d233 R09: ffffed100300d233 [ 110.787935] R10: ffff888018069193 R11: ffffed100300d232 R12: ffff88801890ec00 [ 110.788554] R13: ffff8880180691e8 R14: ffffffff8352e670 R15: ffff88800cbcfe68 [ 110.789105] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.789718] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.790186] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 110.790895] PKRU: 55555554 [ 110.791132] Call Trace: [ 110.791337] [ 110.791513] __iommufd_access_detach+0x1c2/0x2b0 [ 110.791893] iommufd_access_change_pt+0x149/0x270 [ 110.792274] iommufd_access_replace+0xb4/0x120 [ 110.792635] iommufd_test+0x3e5/0x37e0 [ 110.792939] ? lock_release+0x532/0x770 [ 110.793253] ? __might_fault+0x102/0x1b0 [ 110.793572] ? lock_acquire+0x427/0x4c0 [ 110.793905] ? __pfx_iommufd_test+0x10/0x10 [ 110.794361] ? __pfx_lock_release+0x10/0x10 [ 110.794727] ? __pfx_lock_acquire+0x10/0x10 [ 110.795073] ? write_comp_data+0x2f/0x90 [ 110.795403] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.795787] ? write_comp_data+0x2f/0x90 [ 110.796109] iommufd_fops_ioctl+0x37d/0x510 [ 110.796445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.796832] ? write_comp_data+0x2f/0x90 [ 110.797171] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.797622] __x64_sys_ioctl+0x1a3/0x230 [ 110.797944] do_syscall_64+0x3b/0x90 [ 110.798239] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.798667] RIP: 0033:0x7f4b8743ee5d [ 110.798953] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.800327] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.800999] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.801551] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.802084] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.802640] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.803185] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.803729] [ 110.803947] irq event stamp: 0 [ 110.804244] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.804722] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.805354] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.805984] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.806492] ---[ end trace 0000000000000000 ]--- [ 110.809477] ------------[ cut here ]------------ [ 110.809893] WARNING: CPU: 1 PID: 992 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.810771] Modules linked in: [ 110.811022] CPU: 1 PID: 992 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.811686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.812527] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.812933] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.814394] RSP: 0018:ffff88800cbcfbd0 EFLAGS: 00010246 [ 110.814820] RAX: 0000000000000000 RBX: ffff8880180690a8 RCX: 0000000000000000 [ 110.815368] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 110.815903] RBP: ffff88800cbcfbe8 R08: ffffed100300d233 R09: ffffed100300d233 [ 110.816560] R10: ffff888018069193 R11: ffffed100300d232 R12: ffff88801226dc00 [ 110.817095] R13: ffff8880180691e8 R14: ffff888013a33700 R15: 0000000000000000 [ 110.817631] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.818235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.818714] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.819354] PKRU: 55555554 [ 110.819570] Call Trace: [ 110.819764] [ 110.819935] iommufd_access_destroy_object+0x65/0x170 [ 110.820330] iommufd_object_destroy_user+0x18e/0x220 [ 110.820716] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.821160] iommufd_access_destroy+0x43/0x70 [ 110.821507] iommufd_test_staccess_release+0x8d/0xd0 [ 110.821896] __fput+0x26d/0xa40 [ 110.822207] ____fput+0x1e/0x30 [ 110.822539] task_work_run+0x1a4/0x2d0 [ 110.822843] ? __pfx_task_work_run+0x10/0x10 [ 110.823202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.823577] ? switch_task_namespaces+0xa9/0xe0 [ 110.823939] do_exit+0xb17/0x2ef0 [ 110.824209] ? lock_acquire+0x427/0x4c0 [ 110.824522] ? __pfx_lock_release+0x10/0x10 [ 110.824861] ? __kasan_check_write+0x18/0x20 [ 110.825204] ? do_raw_spin_lock+0x132/0x2a0 [ 110.825577] ? __pfx_do_exit+0x10/0x10 [ 110.825961] ? debug_smp_processor_id+0x20/0x30 [ 110.826321] ? rcu_is_watching+0x19/0xb0 [ 110.826659] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.827013] ? trace_hardirqs_on+0x26/0x120 [ 110.827404] do_group_exit+0xe0/0x2b0 [ 110.827700] __x64_sys_exit_group+0x47/0x50 [ 110.828032] do_syscall_64+0x3b/0x90 [ 110.828327] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.828733] RIP: 0033:0x7f4b87518a4d [ 110.829080] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.829600] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.830181] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.830750] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.831289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.831810] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.832490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.833056] [ 110.833244] irq event stamp: 0 [ 110.833492] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.833982] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.834671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.835414] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.835970] ---[ end trace 0000000000000000 ]--- [ 110.836694] ------------[ cut here ]------------ [ 110.837064] WARNING: CPU: 1 PID: 992 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.837862] Modules linked in: [ 110.838184] CPU: 1 PID: 992 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.838921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.839803] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.840208] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.841745] RSP: 0018:ffff88800cbcfb78 EFLAGS: 00010246 [ 110.842157] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.842739] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 110.843302] RBP: ffff88800cbcfb98 R08: ffffed100300d23e R09: ffffed100300d23e [ 110.843856] R10: ffff8880180691ef R11: ffffed100300d23d R12: ffff888018069290 [ 110.844518] R13: ffff8880180690a8 R14: ffffffffffffffff R15: ffff88800cbcfc60 [ 110.845066] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.845687] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.846136] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.846738] PKRU: 55555554 [ 110.847024] Call Trace: [ 110.847236] [ 110.847417] iommufd_ioas_destroy+0x53/0x70 [ 110.847761] iommufd_fops_release+0x1f7/0x370 [ 110.848114] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.848506] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.848888] ? write_comp_data+0x2f/0x90 [ 110.849214] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.849608] __fput+0x26d/0xa40 [ 110.849919] ____fput+0x1e/0x30 [ 110.850249] task_work_run+0x1a4/0x2d0 [ 110.850587] ? __pfx_task_work_run+0x10/0x10 [ 110.850933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.851330] ? switch_task_namespaces+0xa9/0xe0 [ 110.851705] do_exit+0xb17/0x2ef0 [ 110.851975] ? lock_acquire+0x427/0x4c0 [ 110.852289] ? __pfx_lock_release+0x10/0x10 [ 110.852629] ? __kasan_check_write+0x18/0x20 [ 110.852979] ? do_raw_spin_lock+0x132/0x2a0 [ 110.853426] ? __pfx_do_exit+0x10/0x10 [ 110.853740] ? debug_smp_processor_id+0x20/0x30 [ 110.854108] ? rcu_is_watching+0x19/0xb0 [ 110.854435] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.854817] ? trace_hardirqs_on+0x26/0x120 [ 110.855174] do_group_exit+0xe0/0x2b0 [ 110.855482] __x64_sys_exit_group+0x47/0x50 [ 110.855815] do_syscall_64+0x3b/0x90 [ 110.856116] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.856553] RIP: 0033:0x7f4b87518a4d [ 110.856931] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.857409] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.857988] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.858563] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.859127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.859711] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.860348] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.860899] [ 110.861082] irq event stamp: 0 [ 110.861338] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.861901] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.862564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.863210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.863817] ---[ end trace 0000000000000000 ]--- [ 110.868554] ------------[ cut here ]------------ [ 110.868994] WARNING: CPU: 1 PID: 993 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.869754] Modules linked in: [ 110.870012] CPU: 1 PID: 993 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.870779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.871639] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.872080] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.873511] RSP: 0018:ffff888013b5fbb8 EFLAGS: 00010246 [ 110.874011] RAX: 0000000000000000 RBX: ffff888010b9d0a8 RCX: 0000000000000000 [ 110.874574] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 110.875135] RBP: ffff888013b5fbd0 R08: ffffed1002173a33 R09: ffffed1002173a33 [ 110.875734] R10: ffff888010b9d193 R11: ffffed1002173a32 R12: ffff88801422e400 [ 110.876335] R13: ffff888010b9d1e8 R14: ffffffff8352e670 R15: ffff888013b5fe68 [ 110.876875] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.877592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.878031] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 110.878594] PKRU: 55555554 [ 110.878813] Call Trace: [ 110.879009] [ 110.879233] __iommufd_access_detach+0x1c2/0x2b0 [ 110.879668] iommufd_access_change_pt+0x149/0x270 [ 110.880059] iommufd_access_replace+0xb4/0x120 [ 110.880432] iommufd_test+0x3e5/0x37e0 [ 110.880741] ? lock_release+0x532/0x770 [ 110.881189] ? __might_fault+0x102/0x1b0 [ 110.881520] ? lock_acquire+0x427/0x4c0 [ 110.881841] ? __pfx_iommufd_test+0x10/0x10 [ 110.882181] ? __pfx_lock_release+0x10/0x10 [ 110.882564] ? __pfx_lock_acquire+0x10/0x10 [ 110.883003] ? write_comp_data+0x2f/0x90 [ 110.883347] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.883733] ? write_comp_data+0x2f/0x90 [ 110.884064] iommufd_fops_ioctl+0x37d/0x510 [ 110.884409] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.884860] ? write_comp_data+0x2f/0x90 [ 110.885261] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.885644] __x64_sys_ioctl+0x1a3/0x230 [ 110.885973] do_syscall_64+0x3b/0x90 [ 110.886273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.886843] RIP: 0033:0x7f4b8743ee5d [ 110.887144] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.888586] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.889248] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.889797] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.890413] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.891037] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.891605] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.892183] [ 110.892407] irq event stamp: 0 [ 110.892696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.893183] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.893831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.894608] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.895096] ---[ end trace 0000000000000000 ]--- [ 110.897933] ------------[ cut here ]------------ [ 110.898333] WARNING: CPU: 1 PID: 993 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.899190] Modules linked in: [ 110.899443] CPU: 1 PID: 993 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.900246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.901119] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.901536] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.903042] RSP: 0018:ffff888013b5fbd0 EFLAGS: 00010246 [ 110.903472] RAX: 0000000000000000 RBX: ffff888010b9d0a8 RCX: 0000000000000000 [ 110.904137] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 110.904684] RBP: ffff888013b5fbe8 R08: ffffed1002173a33 R09: ffffed1002173a33 [ 110.905292] R10: ffff888010b9d193 R11: ffffed1002173a32 R12: ffff88801890cc00 [ 110.905910] R13: ffff888010b9d1e8 R14: ffff888010fd7b00 R15: 0000000000000000 [ 110.906458] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.907170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.907691] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.908244] PKRU: 55555554 [ 110.908470] Call Trace: [ 110.908670] [ 110.908846] iommufd_access_destroy_object+0x65/0x170 [ 110.909372] iommufd_object_destroy_user+0x18e/0x220 [ 110.909772] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 110.910227] iommufd_access_destroy+0x43/0x70 [ 110.910608] iommufd_test_staccess_release+0x8d/0xd0 [ 110.911115] __fput+0x26d/0xa40 [ 110.911398] ____fput+0x1e/0x30 [ 110.911669] task_work_run+0x1a4/0x2d0 [ 110.911985] ? __pfx_task_work_run+0x10/0x10 [ 110.912338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.912726] ? switch_task_namespaces+0xa9/0xe0 [ 110.913103] do_exit+0xb17/0x2ef0 [ 110.913378] ? lock_acquire+0x427/0x4c0 [ 110.913699] ? __pfx_lock_release+0x10/0x10 [ 110.914055] ? __kasan_check_write+0x18/0x20 [ 110.914470] ? do_raw_spin_lock+0x132/0x2a0 [ 110.914867] ? __pfx_do_exit+0x10/0x10 [ 110.915192] ? debug_smp_processor_id+0x20/0x30 [ 110.915561] ? rcu_is_watching+0x19/0xb0 [ 110.915883] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.916244] ? trace_hardirqs_on+0x26/0x120 [ 110.916587] do_group_exit+0xe0/0x2b0 [ 110.916887] __x64_sys_exit_group+0x47/0x50 [ 110.917226] do_syscall_64+0x3b/0x90 [ 110.917547] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.918051] RIP: 0033:0x7f4b87518a4d [ 110.918339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.918837] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.919435] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.919984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.920531] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.921146] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.921747] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.922302] [ 110.922484] irq event stamp: 0 [ 110.922749] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.923244] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.923895] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.924643] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.925127] ---[ end trace 0000000000000000 ]--- [ 110.925851] ------------[ cut here ]------------ [ 110.926219] WARNING: CPU: 1 PID: 993 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 110.927095] Modules linked in: [ 110.927430] CPU: 1 PID: 993 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.928098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.928962] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 110.929357] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 110.930912] RSP: 0018:ffff888013b5fb78 EFLAGS: 00010246 [ 110.931335] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 110.931882] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 110.932427] RBP: ffff888013b5fb98 R08: ffffed1002173a3e R09: ffffed1002173a3e [ 110.932974] R10: ffff888010b9d1ef R11: ffffed1002173a3d R12: ffff888010b9d290 [ 110.933588] R13: ffff888010b9d0a8 R14: ffffffffffffffff R15: ffff888013b5fc60 [ 110.934189] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.934830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.935285] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 110.935836] PKRU: 55555554 [ 110.936056] Call Trace: [ 110.936255] [ 110.936434] iommufd_ioas_destroy+0x53/0x70 [ 110.936802] iommufd_fops_release+0x1f7/0x370 [ 110.937236] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.937625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.938017] ? write_comp_data+0x2f/0x90 [ 110.938347] ? __pfx_iommufd_fops_release+0x10/0x10 [ 110.938763] __fput+0x26d/0xa40 [ 110.939041] ____fput+0x1e/0x30 [ 110.939317] task_work_run+0x1a4/0x2d0 [ 110.939642] ? __pfx_task_work_run+0x10/0x10 [ 110.940003] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.940462] ? switch_task_namespaces+0xa9/0xe0 [ 110.940911] do_exit+0xb17/0x2ef0 [ 110.941189] ? lock_acquire+0x427/0x4c0 [ 110.941516] ? __pfx_lock_release+0x10/0x10 [ 110.941867] ? __kasan_check_write+0x18/0x20 [ 110.942219] ? do_raw_spin_lock+0x132/0x2a0 [ 110.942593] ? __pfx_do_exit+0x10/0x10 [ 110.942927] ? debug_smp_processor_id+0x20/0x30 [ 110.943328] ? rcu_is_watching+0x19/0xb0 [ 110.943659] ? _raw_spin_unlock_irq+0x2b/0x60 [ 110.944134] ? trace_hardirqs_on+0x26/0x120 [ 110.944486] do_group_exit+0xe0/0x2b0 [ 110.944790] __x64_sys_exit_group+0x47/0x50 [ 110.945141] do_syscall_64+0x3b/0x90 [ 110.945457] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.945886] RIP: 0033:0x7f4b87518a4d [ 110.946191] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 110.946812] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 110.947445] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 110.948024] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 110.948608] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 110.949187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 110.949769] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 110.950498] [ 110.950732] irq event stamp: 0 [ 110.950991] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.951519] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.952198] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.952871] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.953390] ---[ end trace 0000000000000000 ]--- [ 110.958079] ------------[ cut here ]------------ [ 110.958585] WARNING: CPU: 1 PID: 994 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.959440] Modules linked in: [ 110.959782] CPU: 1 PID: 994 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.960550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.961540] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.961994] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.963652] RSP: 0018:ffff88800cbcfbb8 EFLAGS: 00010246 [ 110.964102] RAX: 0000000000000000 RBX: ffff888015d2e0a8 RCX: 0000000000000000 [ 110.964755] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 110.965406] RBP: ffff88800cbcfbd0 R08: ffffed1002ba5c33 R09: ffffed1002ba5c33 [ 110.966007] R10: ffff888015d2e193 R11: ffffed1002ba5c32 R12: ffff888017ba2800 [ 110.966725] R13: ffff888015d2e1e8 R14: ffffffff8352e670 R15: ffff88800cbcfe68 [ 110.967325] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 110.968058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.968592] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 110.969193] PKRU: 55555554 [ 110.969431] Call Trace: [ 110.969691] [ 110.969929] __iommufd_access_detach+0x1c2/0x2b0 [ 110.970339] iommufd_access_change_pt+0x149/0x270 [ 110.970767] iommufd_access_replace+0xb4/0x120 [ 110.971164] iommufd_test+0x3e5/0x37e0 [ 110.971585] ? lock_release+0x532/0x770 [ 110.971927] ? __might_fault+0x102/0x1b0 [ 110.972271] ? lock_acquire+0x427/0x4c0 [ 110.972621] ? __pfx_iommufd_test+0x10/0x10 [ 110.973048] ? __pfx_lock_release+0x10/0x10 [ 110.973471] ? __pfx_lock_acquire+0x10/0x10 [ 110.973840] ? write_comp_data+0x2f/0x90 [ 110.974186] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 110.974690] ? write_comp_data+0x2f/0x90 [ 110.975093] iommufd_fops_ioctl+0x37d/0x510 [ 110.975469] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.975893] ? write_comp_data+0x2f/0x90 [ 110.976242] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 110.976651] __x64_sys_ioctl+0x1a3/0x230 [ 110.976999] do_syscall_64+0x3b/0x90 [ 110.977350] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 110.977888] RIP: 0033:0x7f4b8743ee5d [ 110.978211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 110.979928] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 110.980583] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 110.981302] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 110.981938] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 110.982580] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 110.983350] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 110.983966] [ 110.984171] irq event stamp: 0 [ 110.984445] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 110.985112] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 110.985828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 110.986646] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.987266] ---[ end trace 0000000000000000 ]--- [ 110.990147] ------------[ cut here ]------------ [ 110.990672] WARNING: CPU: 1 PID: 994 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 110.991553] Modules linked in: [ 110.991883] CPU: 1 PID: 994 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 110.992694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 110.993742] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 110.994232] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 110.995971] RSP: 0018:ffff88800cbcfbd0 EFLAGS: 00010246 [ 110.996440] RAX: 0000000000000000 RBX: ffff888015d2e0a8 RCX: 0000000000000000 [ 110.997073] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 110.997820] RBP: ffff88800cbcfbe8 R08: ffffed1002ba5c33 R09: ffffed1002ba5c33 [ 110.998451] R10: ffff888015d2e193 R11: ffffed1002ba5c32 R12: ffff88801422c800 [ 110.999100] R13: ffff888015d2e1e8 R14: ffff8880181b3000 R15: 0000000000000000 [ 110.999869] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.000566] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.001071] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.001828] PKRU: 55555554 [ 111.002082] Call Trace: [ 111.002308] [ 111.002548] iommufd_access_destroy_object+0x65/0x170 [ 111.003017] iommufd_object_destroy_user+0x18e/0x220 [ 111.003537] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.004134] iommufd_access_destroy+0x43/0x70 [ 111.004537] iommufd_test_staccess_release+0x8d/0xd0 [ 111.004995] __fput+0x26d/0xa40 [ 111.005352] ____fput+0x1e/0x30 [ 111.005707] task_work_run+0x1a4/0x2d0 [ 111.006061] ? __pfx_task_work_run+0x10/0x10 [ 111.006464] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.006928] ? switch_task_namespaces+0xa9/0xe0 [ 111.007365] do_exit+0xb17/0x2ef0 [ 111.007802] ? lock_acquire+0x427/0x4c0 [ 111.008172] ? __pfx_lock_release+0x10/0x10 [ 111.008560] ? __kasan_check_write+0x18/0x20 [ 111.008956] ? do_raw_spin_lock+0x132/0x2a0 [ 111.009378] ? __pfx_do_exit+0x10/0x10 [ 111.009793] ? debug_smp_processor_id+0x20/0x30 [ 111.010205] ? rcu_is_watching+0x19/0xb0 [ 111.010597] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.011004] ? trace_hardirqs_on+0x26/0x120 [ 111.011463] do_group_exit+0xe0/0x2b0 [ 111.011855] __x64_sys_exit_group+0x47/0x50 [ 111.012234] do_syscall_64+0x3b/0x90 [ 111.012571] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.013031] RIP: 0033:0x7f4b87518a4d [ 111.013483] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.014021] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.014711] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.015418] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.016093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.016710] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.017434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.018061] [ 111.018269] irq event stamp: 0 [ 111.018567] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.019192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.019983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.020708] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.021376] ---[ end trace 0000000000000000 ]--- [ 111.022154] ------------[ cut here ]------------ [ 111.022633] WARNING: CPU: 1 PID: 994 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.023654] Modules linked in: [ 111.023942] CPU: 1 PID: 994 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.024711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.025800] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.026254] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.027999] RSP: 0018:ffff88800cbcfb78 EFLAGS: 00010246 [ 111.028463] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.029211] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 111.029826] RBP: ffff88800cbcfb98 R08: ffffed1002ba5c3e R09: ffffed1002ba5c3e [ 111.030536] R10: ffff888015d2e1ef R11: ffffed1002ba5c3d R12: ffff888015d2e290 [ 111.031223] R13: ffff888015d2e0a8 R14: ffffffffffffffff R15: ffff88800cbcfc60 [ 111.031848] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.032638] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.033169] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.033793] PKRU: 55555554 [ 111.034045] Call Trace: [ 111.034344] [ 111.034629] iommufd_ioas_destroy+0x53/0x70 [ 111.035017] iommufd_fops_release+0x1f7/0x370 [ 111.035431] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.035870] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.036342] ? write_comp_data+0x2f/0x90 [ 111.036776] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.037226] __fput+0x26d/0xa40 [ 111.037530] ____fput+0x1e/0x30 [ 111.037829] task_work_run+0x1a4/0x2d0 [ 111.038254] ? __pfx_task_work_run+0x10/0x10 [ 111.038721] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.039169] ? switch_task_namespaces+0xa9/0xe0 [ 111.039592] do_exit+0xb17/0x2ef0 [ 111.039900] ? lock_acquire+0x427/0x4c0 [ 111.040258] ? __pfx_lock_release+0x10/0x10 [ 111.040715] ? __kasan_check_write+0x18/0x20 [ 111.041160] ? do_raw_spin_lock+0x132/0x2a0 [ 111.041544] ? __pfx_do_exit+0x10/0x10 [ 111.041896] ? debug_smp_processor_id+0x20/0x30 [ 111.042349] ? rcu_is_watching+0x19/0xb0 [ 111.042821] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.043241] ? trace_hardirqs_on+0x26/0x120 [ 111.043625] do_group_exit+0xe0/0x2b0 [ 111.043962] __x64_sys_exit_group+0x47/0x50 [ 111.044374] do_syscall_64+0x3b/0x90 [ 111.044796] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.045262] RIP: 0033:0x7f4b87518a4d [ 111.045589] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.046153] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.046922] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.047555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.048179] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.048935] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.049557] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.050257] [ 111.050557] irq event stamp: 0 [ 111.050835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.051393] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.052154] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.052949] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.053500] ---[ end trace 0000000000000000 ]--- [ 111.057569] ------------[ cut here ]------------ [ 111.058042] WARNING: CPU: 1 PID: 995 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.058944] Modules linked in: [ 111.059242] CPU: 1 PID: 995 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.060119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.061087] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.061628] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.063366] RSP: 0018:ffff888013b5fbb8 EFLAGS: 00010246 [ 111.063832] RAX: 0000000000000000 RBX: ffff888011d9e8a8 RCX: 0000000000000000 [ 111.064445] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 111.065176] RBP: ffff888013b5fbd0 R08: ffffed10023b3d33 R09: ffffed10023b3d33 [ 111.065804] R10: ffff888011d9e993 R11: ffffed10023b3d32 R12: ffff888014392c00 [ 111.066424] R13: ffff888011d9e9e8 R14: ffffffff8352e670 R15: ffff888013b5fe68 [ 111.067184] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.067885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.068391] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 111.069204] PKRU: 55555554 [ 111.069455] Call Trace: [ 111.069677] [ 111.069876] __iommufd_access_detach+0x1c2/0x2b0 [ 111.070320] iommufd_access_change_pt+0x149/0x270 [ 111.070883] iommufd_access_replace+0xb4/0x120 [ 111.071304] iommufd_test+0x3e5/0x37e0 [ 111.071650] ? lock_release+0x532/0x770 [ 111.072008] ? __might_fault+0x102/0x1b0 [ 111.072404] ? lock_acquire+0x427/0x4c0 [ 111.072823] ? __pfx_iommufd_test+0x10/0x10 [ 111.073196] ? __pfx_lock_release+0x10/0x10 [ 111.073584] ? __pfx_lock_acquire+0x10/0x10 [ 111.073972] ? write_comp_data+0x2f/0x90 [ 111.074442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.074896] ? write_comp_data+0x2f/0x90 [ 111.075279] iommufd_fops_ioctl+0x37d/0x510 [ 111.075663] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.076110] ? write_comp_data+0x2f/0x90 [ 111.076571] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.076999] __x64_sys_ioctl+0x1a3/0x230 [ 111.077366] do_syscall_64+0x3b/0x90 [ 111.077705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.078303] RIP: 0033:0x7f4b8743ee5d [ 111.078662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.080396] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.081062] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.081689] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.082440] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.083079] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.083731] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.084471] [ 111.084678] irq event stamp: 0 [ 111.084952] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.085543] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.086323] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.087072] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.087715] ---[ end trace 0000000000000000 ]--- [ 111.090909] ------------[ cut here ]------------ [ 111.091515] WARNING: CPU: 1 PID: 995 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.092391] Modules linked in: [ 111.092676] CPU: 1 PID: 995 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.093552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.094576] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.095083] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.096740] RSP: 0018:ffff888013b5fbd0 EFLAGS: 00010246 [ 111.097254] RAX: 0000000000000000 RBX: ffff888011d9e8a8 RCX: 0000000000000000 [ 111.097866] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 111.098614] RBP: ffff888013b5fbe8 R08: ffffed10023b3d33 R09: ffffed10023b3d33 [ 111.099263] R10: ffff888011d9e993 R11: ffffed10023b3d32 R12: ffff888017ba3c00 [ 111.099881] R13: ffff888011d9e9e8 R14: ffff888012de2000 R15: 0000000000000000 [ 111.100633] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.101333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.101836] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 111.102599] PKRU: 55555554 [ 111.102846] Call Trace: [ 111.103074] [ 111.103287] iommufd_access_destroy_object+0x65/0x170 [ 111.103756] iommufd_object_destroy_user+0x18e/0x220 [ 111.104287] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.104835] iommufd_access_destroy+0x43/0x70 [ 111.105240] iommufd_test_staccess_release+0x8d/0xd0 [ 111.105709] __fput+0x26d/0xa40 [ 111.106105] ____fput+0x1e/0x30 [ 111.106405] task_work_run+0x1a4/0x2d0 [ 111.106790] ? __pfx_task_work_run+0x10/0x10 [ 111.107192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.107627] ? switch_task_namespaces+0xa9/0xe0 [ 111.108186] do_exit+0xb17/0x2ef0 [ 111.108494] ? lock_acquire+0x427/0x4c0 [ 111.108852] ? __pfx_lock_release+0x10/0x10 [ 111.109240] ? __kasan_check_write+0x18/0x20 [ 111.109703] ? do_raw_spin_lock+0x132/0x2a0 [ 111.110135] ? __pfx_do_exit+0x10/0x10 [ 111.110489] ? debug_smp_processor_id+0x20/0x30 [ 111.110987] ? rcu_is_watching+0x19/0xb0 [ 111.111357] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.111759] ? trace_hardirqs_on+0x26/0x120 [ 111.112141] do_group_exit+0xe0/0x2b0 [ 111.112478] __x64_sys_exit_group+0x47/0x50 [ 111.112855] do_syscall_64+0x3b/0x90 [ 111.113191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.113648] RIP: 0033:0x7f4b87518a4d [ 111.113973] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.114526] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.115201] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.115818] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.116437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.117056] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.117671] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.118299] [ 111.118532] irq event stamp: 0 [ 111.118808] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.119367] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.120089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.120813] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.121357] ---[ end trace 0000000000000000 ]--- [ 111.122213] ------------[ cut here ]------------ [ 111.122654] WARNING: CPU: 1 PID: 995 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.123543] Modules linked in: [ 111.123830] CPU: 1 PID: 995 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.124590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.125558] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.126005] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.127628] RSP: 0018:ffff888013b5fb78 EFLAGS: 00010246 [ 111.128098] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.128713] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 111.129325] RBP: ffff888013b5fb98 R08: ffffed10023b3d3e R09: ffffed10023b3d3e [ 111.129953] R10: ffff888011d9e9ef R11: ffffed10023b3d3d R12: ffff888011d9ea90 [ 111.130599] R13: ffff888011d9e8a8 R14: ffffffffffffffff R15: ffff888013b5fc60 [ 111.131234] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.131935] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.132453] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 111.133086] PKRU: 55555554 [ 111.133332] Call Trace: [ 111.133554] [ 111.133753] iommufd_ioas_destroy+0x53/0x70 [ 111.134147] iommufd_fops_release+0x1f7/0x370 [ 111.134574] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.135013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.135463] ? write_comp_data+0x2f/0x90 [ 111.135831] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.136287] __fput+0x26d/0xa40 [ 111.136691] ____fput+0x1e/0x30 [ 111.137070] task_work_run+0x1a4/0x2d0 [ 111.137424] ? __pfx_task_work_run+0x10/0x10 [ 111.137820] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.138253] ? switch_task_namespaces+0xa9/0xe0 [ 111.138810] do_exit+0xb17/0x2ef0 [ 111.139135] ? lock_acquire+0x427/0x4c0 [ 111.139528] ? __pfx_lock_release+0x10/0x10 [ 111.139915] ? __kasan_check_write+0x18/0x20 [ 111.140344] ? do_raw_spin_lock+0x132/0x2a0 [ 111.140807] ? __pfx_do_exit+0x10/0x10 [ 111.141166] ? debug_smp_processor_id+0x20/0x30 [ 111.141580] ? rcu_is_watching+0x19/0xb0 [ 111.141936] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.142447] ? trace_hardirqs_on+0x26/0x120 [ 111.142854] do_group_exit+0xe0/0x2b0 [ 111.143206] __x64_sys_exit_group+0x47/0x50 [ 111.143590] do_syscall_64+0x3b/0x90 [ 111.144013] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.144535] RIP: 0033:0x7f4b87518a4d [ 111.144870] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.145410] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.146074] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.146731] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.147357] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.147976] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.148598] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.149228] [ 111.149433] irq event stamp: 0 [ 111.149711] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.150265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.151026] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.151762] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.152307] ---[ end trace 0000000000000000 ]--- [ 111.156912] ------------[ cut here ]------------ [ 111.157363] WARNING: CPU: 1 PID: 996 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.158234] Modules linked in: [ 111.158554] CPU: 1 PID: 996 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.159318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.160287] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.160719] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.162286] RSP: 0018:ffff888014a07bb8 EFLAGS: 00010246 [ 111.162758] RAX: 0000000000000000 RBX: ffff88801729b8a8 RCX: 0000000000000000 [ 111.163358] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 111.163937] RBP: ffff888014a07bd0 R08: ffffed1002e53733 R09: ffffed1002e53733 [ 111.164515] R10: ffff88801729b993 R11: ffffed1002e53732 R12: ffff888012e94000 [ 111.165096] R13: ffff88801729b9e8 R14: ffffffff8352e670 R15: ffff888014a07e68 [ 111.165678] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.166333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.166832] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 111.167429] PKRU: 55555554 [ 111.167668] Call Trace: [ 111.167878] [ 111.168066] __iommufd_access_detach+0x1c2/0x2b0 [ 111.168471] iommufd_access_change_pt+0x149/0x270 [ 111.168876] iommufd_access_replace+0xb4/0x120 [ 111.169267] iommufd_test+0x3e5/0x37e0 [ 111.169607] ? lock_release+0x532/0x770 [ 111.169955] ? __might_fault+0x102/0x1b0 [ 111.170294] ? lock_acquire+0x427/0x4c0 [ 111.170656] ? __pfx_iommufd_test+0x10/0x10 [ 111.171012] ? __pfx_lock_release+0x10/0x10 [ 111.171385] ? __pfx_lock_acquire+0x10/0x10 [ 111.171749] ? write_comp_data+0x2f/0x90 [ 111.172093] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.172497] ? write_comp_data+0x2f/0x90 [ 111.172843] iommufd_fops_ioctl+0x37d/0x510 [ 111.173204] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.173610] ? write_comp_data+0x2f/0x90 [ 111.173953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.174356] __x64_sys_ioctl+0x1a3/0x230 [ 111.174722] do_syscall_64+0x3b/0x90 [ 111.175045] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.175485] RIP: 0033:0x7f4b8743ee5d [ 111.175791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.177272] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.177910] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.178491] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.179099] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.179689] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.180271] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.180858] [ 111.181051] irq event stamp: 0 [ 111.181312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.181828] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.182546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.183263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.183782] ---[ end trace 0000000000000000 ]--- [ 111.186637] ------------[ cut here ]------------ [ 111.187054] WARNING: CPU: 1 PID: 996 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.187883] Modules linked in: [ 111.188150] CPU: 1 PID: 996 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.188854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.189767] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.190177] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.191690] RSP: 0018:ffff888014a07bd0 EFLAGS: 00010246 [ 111.192126] RAX: 0000000000000000 RBX: ffff88801729b8a8 RCX: 0000000000000000 [ 111.192706] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 111.193284] RBP: ffff888014a07be8 R08: ffffed1002e53733 R09: ffffed1002e53733 [ 111.193862] R10: ffff88801729b993 R11: ffffed1002e53732 R12: ffff888014390400 [ 111.194445] R13: ffff88801729b9e8 R14: ffff8880181b3200 R15: 0000000000000000 [ 111.195042] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.195707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.196183] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.196763] PKRU: 55555554 [ 111.196995] Call Trace: [ 111.197209] [ 111.197393] iommufd_access_destroy_object+0x65/0x170 [ 111.197820] iommufd_object_destroy_user+0x18e/0x220 [ 111.198253] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.198755] iommufd_access_destroy+0x43/0x70 [ 111.199156] iommufd_test_staccess_release+0x8d/0xd0 [ 111.199583] __fput+0x26d/0xa40 [ 111.199868] ____fput+0x1e/0x30 [ 111.200164] task_work_run+0x1a4/0x2d0 [ 111.200497] ? __pfx_task_work_run+0x10/0x10 [ 111.200861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.201266] ? switch_task_namespaces+0xa9/0xe0 [ 111.201664] do_exit+0xb17/0x2ef0 [ 111.201952] ? lock_acquire+0x427/0x4c0 [ 111.202290] ? __pfx_lock_release+0x10/0x10 [ 111.202670] ? __kasan_check_write+0x18/0x20 [ 111.203042] ? do_raw_spin_lock+0x132/0x2a0 [ 111.203417] ? __pfx_do_exit+0x10/0x10 [ 111.203747] ? debug_smp_processor_id+0x20/0x30 [ 111.204133] ? rcu_is_watching+0x19/0xb0 [ 111.204468] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.204848] ? trace_hardirqs_on+0x26/0x120 [ 111.205208] do_group_exit+0xe0/0x2b0 [ 111.205521] __x64_sys_exit_group+0x47/0x50 [ 111.205873] do_syscall_64+0x3b/0x90 [ 111.206191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.206641] RIP: 0033:0x7f4b87518a4d [ 111.206951] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.207460] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.208061] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.208623] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.209192] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.209752] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.210314] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.210913] [ 111.211102] irq event stamp: 0 [ 111.211362] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.211868] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.212535] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.213198] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.213695] ---[ end trace 0000000000000000 ]--- [ 111.214395] ------------[ cut here ]------------ [ 111.214791] WARNING: CPU: 1 PID: 996 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.215616] Modules linked in: [ 111.215871] CPU: 1 PID: 996 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.216567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.217455] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.217882] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.219350] RSP: 0018:ffff888014a07b78 EFLAGS: 00010246 [ 111.219772] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.220322] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 111.220871] RBP: ffff888014a07b98 R08: ffffed1002e5373e R09: ffffed1002e5373e [ 111.221421] R10: ffff88801729b9ef R11: ffffed1002e5373d R12: ffff88801729ba90 [ 111.221974] R13: ffff88801729b8a8 R14: ffffffffffffffff R15: ffff888014a07c60 [ 111.222543] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.223179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.223641] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.224198] PKRU: 55555554 [ 111.224421] Call Trace: [ 111.224624] [ 111.224803] iommufd_ioas_destroy+0x53/0x70 [ 111.225147] iommufd_fops_release+0x1f7/0x370 [ 111.225507] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.225902] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.226291] ? write_comp_data+0x2f/0x90 [ 111.226640] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.227037] __fput+0x26d/0xa40 [ 111.227318] ____fput+0x1e/0x30 [ 111.227585] task_work_run+0x1a4/0x2d0 [ 111.227890] ? __pfx_task_work_run+0x10/0x10 [ 111.228240] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.228631] ? switch_task_namespaces+0xa9/0xe0 [ 111.229012] do_exit+0xb17/0x2ef0 [ 111.229291] ? lock_acquire+0x427/0x4c0 [ 111.229611] ? __pfx_lock_release+0x10/0x10 [ 111.229960] ? __kasan_check_write+0x18/0x20 [ 111.230312] ? do_raw_spin_lock+0x132/0x2a0 [ 111.230670] ? __pfx_do_exit+0x10/0x10 [ 111.230988] ? debug_smp_processor_id+0x20/0x30 [ 111.231376] ? rcu_is_watching+0x19/0xb0 [ 111.231699] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.232058] ? trace_hardirqs_on+0x26/0x120 [ 111.232407] do_group_exit+0xe0/0x2b0 [ 111.232709] __x64_sys_exit_group+0x47/0x50 [ 111.233059] do_syscall_64+0x3b/0x90 [ 111.233363] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.233773] RIP: 0033:0x7f4b87518a4d [ 111.234062] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.234577] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.235185] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.235739] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.236295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.236846] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.237400] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.237961] [ 111.238143] irq event stamp: 0 [ 111.238388] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.238899] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.239556] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.240202] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.240688] ---[ end trace 0000000000000000 ]--- [ 111.245262] ------------[ cut here ]------------ [ 111.245660] WARNING: CPU: 1 PID: 997 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.246436] Modules linked in: [ 111.246757] CPU: 1 PID: 997 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.247451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.248340] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.248729] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.250131] RSP: 0018:ffff88801882fbb8 EFLAGS: 00010246 [ 111.250752] RAX: 0000000000000000 RBX: ffff88800f5510a8 RCX: 0000000000000000 [ 111.251309] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 111.251859] RBP: ffff88801882fbd0 R08: ffffed1001eaa233 R09: ffffed1001eaa233 [ 111.252408] R10: ffff88800f551193 R11: ffffed1001eaa232 R12: ffff88800b9b7000 [ 111.252953] R13: ffff88800f5511e8 R14: ffffffff8352e670 R15: ffff88801882fe68 [ 111.253501] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.254118] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.254586] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 111.255150] PKRU: 55555554 [ 111.255371] Call Trace: [ 111.255570] [ 111.255745] __iommufd_access_detach+0x1c2/0x2b0 [ 111.256129] iommufd_access_change_pt+0x149/0x270 [ 111.256517] iommufd_access_replace+0xb4/0x120 [ 111.256883] iommufd_test+0x3e5/0x37e0 [ 111.257190] ? lock_release+0x532/0x770 [ 111.257512] ? __might_fault+0x102/0x1b0 [ 111.257835] ? lock_acquire+0x427/0x4c0 [ 111.258159] ? __pfx_iommufd_test+0x10/0x10 [ 111.258495] ? __pfx_lock_release+0x10/0x10 [ 111.258864] ? __pfx_lock_acquire+0x10/0x10 [ 111.259223] ? write_comp_data+0x2f/0x90 [ 111.259553] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.259938] ? write_comp_data+0x2f/0x90 [ 111.260266] iommufd_fops_ioctl+0x37d/0x510 [ 111.260607] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.260986] ? write_comp_data+0x2f/0x90 [ 111.261311] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.261688] __x64_sys_ioctl+0x1a3/0x230 [ 111.262016] do_syscall_64+0x3b/0x90 [ 111.262316] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.262745] RIP: 0033:0x7f4b8743ee5d [ 111.263034] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.264470] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.265057] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.265606] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.266153] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.266726] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.267284] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.267841] [ 111.268023] irq event stamp: 0 [ 111.268268] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.268756] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.269405] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.270049] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.270556] ---[ end trace 0000000000000000 ]--- [ 111.273312] ------------[ cut here ]------------ [ 111.273703] WARNING: CPU: 1 PID: 997 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.274481] Modules linked in: [ 111.274761] CPU: 1 PID: 997 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.275444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.276319] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.276707] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.278115] RSP: 0018:ffff88801882fbd0 EFLAGS: 00010246 [ 111.278554] RAX: 0000000000000000 RBX: ffff88800f5510a8 RCX: 0000000000000000 [ 111.279155] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 111.279708] RBP: ffff88801882fbe8 R08: ffffed1001eaa233 R09: ffffed1001eaa233 [ 111.280257] R10: ffff88800f551193 R11: ffffed1001eaa232 R12: ffff888012e96800 [ 111.280811] R13: ffff88800f5511e8 R14: ffff8880123af400 R15: 0000000000000000 [ 111.281365] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.281984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.282434] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.283016] PKRU: 55555554 [ 111.283257] Call Trace: [ 111.283460] [ 111.283639] iommufd_access_destroy_object+0x65/0x170 [ 111.284047] iommufd_object_destroy_user+0x18e/0x220 [ 111.284448] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.284908] iommufd_access_destroy+0x43/0x70 [ 111.285273] iommufd_test_staccess_release+0x8d/0xd0 [ 111.285681] __fput+0x26d/0xa40 [ 111.285955] ____fput+0x1e/0x30 [ 111.286226] task_work_run+0x1a4/0x2d0 [ 111.286567] ? __pfx_task_work_run+0x10/0x10 [ 111.286919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.287318] ? switch_task_namespaces+0xa9/0xe0 [ 111.287695] do_exit+0xb17/0x2ef0 [ 111.287969] ? lock_acquire+0x427/0x4c0 [ 111.288297] ? __pfx_lock_release+0x10/0x10 [ 111.288647] ? __kasan_check_write+0x18/0x20 [ 111.289000] ? do_raw_spin_lock+0x132/0x2a0 [ 111.289346] ? __pfx_do_exit+0x10/0x10 [ 111.289673] ? debug_smp_processor_id+0x20/0x30 [ 111.290053] ? rcu_is_watching+0x19/0xb0 [ 111.290376] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.290766] ? trace_hardirqs_on+0x26/0x120 [ 111.291128] do_group_exit+0xe0/0x2b0 [ 111.291435] __x64_sys_exit_group+0x47/0x50 [ 111.291776] do_syscall_64+0x3b/0x90 [ 111.292078] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.292491] RIP: 0033:0x7f4b87518a4d [ 111.292785] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.293262] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.293851] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.294426] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.294998] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.295566] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.296120] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.296684] [ 111.296870] irq event stamp: 0 [ 111.297119] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.297608] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.298270] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.298951] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.299471] ---[ end trace 0000000000000000 ]--- [ 111.300183] ------------[ cut here ]------------ [ 111.300570] WARNING: CPU: 1 PID: 997 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.301405] Modules linked in: [ 111.301672] CPU: 1 PID: 997 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.302382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.303340] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.303772] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.305266] RSP: 0018:ffff88801882fb78 EFLAGS: 00010246 [ 111.305708] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.306289] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 111.306900] RBP: ffff88801882fb98 R08: ffffed1001eaa23e R09: ffffed1001eaa23e [ 111.307512] R10: ffff88800f5511ef R11: ffffed1001eaa23d R12: ffff88800f551290 [ 111.308093] R13: ffff88800f5510a8 R14: ffffffffffffffff R15: ffff88801882fc60 [ 111.308682] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.309343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.309846] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.310435] PKRU: 55555554 [ 111.310696] Call Trace: [ 111.310913] [ 111.311102] iommufd_ioas_destroy+0x53/0x70 [ 111.311488] iommufd_fops_release+0x1f7/0x370 [ 111.311876] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.312304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.312729] ? write_comp_data+0x2f/0x90 [ 111.313084] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.313510] __fput+0x26d/0xa40 [ 111.313809] ____fput+0x1e/0x30 [ 111.314098] task_work_run+0x1a4/0x2d0 [ 111.314431] ? __pfx_task_work_run+0x10/0x10 [ 111.314843] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.315268] ? switch_task_namespaces+0xa9/0xe0 [ 111.315665] do_exit+0xb17/0x2ef0 [ 111.315952] ? lock_acquire+0x427/0x4c0 [ 111.316288] ? __pfx_lock_release+0x10/0x10 [ 111.316651] ? __kasan_check_write+0x18/0x20 [ 111.317021] ? do_raw_spin_lock+0x132/0x2a0 [ 111.317379] ? __pfx_do_exit+0x10/0x10 [ 111.317706] ? debug_smp_processor_id+0x20/0x30 [ 111.318092] ? rcu_is_watching+0x19/0xb0 [ 111.318434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.318841] ? trace_hardirqs_on+0x26/0x120 [ 111.319224] do_group_exit+0xe0/0x2b0 [ 111.319549] __x64_sys_exit_group+0x47/0x50 [ 111.319926] do_syscall_64+0x3b/0x90 [ 111.320263] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.320722] RIP: 0033:0x7f4b87518a4d [ 111.321045] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.321569] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.322223] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.322862] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.323489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.324095] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.324696] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.325321] [ 111.325521] irq event stamp: 0 [ 111.325794] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.326338] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.327081] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.327793] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.328344] ---[ end trace 0000000000000000 ]--- [ 111.332540] ------------[ cut here ]------------ [ 111.333000] WARNING: CPU: 1 PID: 998 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.333870] Modules linked in: [ 111.334150] CPU: 1 PID: 998 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.334938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.335927] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.336362] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.337956] RSP: 0018:ffff888010167bb8 EFLAGS: 00010246 [ 111.338425] RAX: 0000000000000000 RBX: ffff8880181c68a8 RCX: 0000000000000000 [ 111.339080] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 111.339737] RBP: ffff888010167bd0 R08: ffffed1003038d33 R09: ffffed1003038d33 [ 111.340390] R10: ffff8880181c6993 R11: ffffed1003038d32 R12: ffff888013af9800 [ 111.341011] R13: ffff8880181c69e8 R14: ffffffff8352e670 R15: ffff888010167e68 [ 111.341630] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.342332] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.342867] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ee0 [ 111.343500] PKRU: 55555554 [ 111.343754] Call Trace: [ 111.343979] [ 111.344180] __iommufd_access_detach+0x1c2/0x2b0 [ 111.344616] iommufd_access_change_pt+0x149/0x270 [ 111.345055] iommufd_access_replace+0xb4/0x120 [ 111.345477] iommufd_test+0x3e5/0x37e0 [ 111.345823] ? lock_release+0x532/0x770 [ 111.346184] ? __might_fault+0x102/0x1b0 [ 111.346576] ? lock_acquire+0x427/0x4c0 [ 111.346943] ? __pfx_iommufd_test+0x10/0x10 [ 111.347346] ? __pfx_lock_release+0x10/0x10 [ 111.347735] ? __pfx_lock_acquire+0x10/0x10 [ 111.348128] ? write_comp_data+0x2f/0x90 [ 111.348496] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.348931] ? write_comp_data+0x2f/0x90 [ 111.349300] iommufd_fops_ioctl+0x37d/0x510 [ 111.349691] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.350129] ? write_comp_data+0x2f/0x90 [ 111.350498] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.350964] __x64_sys_ioctl+0x1a3/0x230 [ 111.351344] do_syscall_64+0x3b/0x90 [ 111.351692] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.352169] RIP: 0033:0x7f4b8743ee5d [ 111.352503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.354098] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.354830] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.355483] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.356103] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.356727] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.357352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.357987] [ 111.358197] irq event stamp: 0 [ 111.358472] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.359043] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.359792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.360542] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.361124] ---[ end trace 0000000000000000 ]--- [ 111.364185] ------------[ cut here ]------------ [ 111.364665] WARNING: CPU: 1 PID: 998 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.365593] Modules linked in: [ 111.365897] CPU: 1 PID: 998 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.366949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.368013] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.368482] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.370143] RSP: 0018:ffff888010167bd0 EFLAGS: 00010246 [ 111.370664] RAX: 0000000000000000 RBX: ffff8880181c68a8 RCX: 0000000000000000 [ 111.371354] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 111.372014] RBP: ffff888010167be8 R08: ffffed1003038d33 R09: ffffed1003038d33 [ 111.372670] R10: ffff8880181c6993 R11: ffffed1003038d32 R12: ffff88800b9b5c00 [ 111.373322] R13: ffff8880181c69e8 R14: ffff88802185e500 R15: 0000000000000000 [ 111.373975] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.374738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.375293] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.375956] PKRU: 55555554 [ 111.376223] Call Trace: [ 111.376459] [ 111.376667] iommufd_access_destroy_object+0x65/0x170 [ 111.377150] iommufd_object_destroy_user+0x18e/0x220 [ 111.377623] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.378167] iommufd_access_destroy+0x43/0x70 [ 111.378628] iommufd_test_staccess_release+0x8d/0xd0 [ 111.379108] __fput+0x26d/0xa40 [ 111.379440] ____fput+0x1e/0x30 [ 111.379753] task_work_run+0x1a4/0x2d0 [ 111.380122] ? __pfx_task_work_run+0x10/0x10 [ 111.380536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.380991] ? switch_task_namespaces+0xa9/0xe0 [ 111.381429] do_exit+0xb17/0x2ef0 [ 111.381753] ? lock_acquire+0x427/0x4c0 [ 111.382128] ? __pfx_lock_release+0x10/0x10 [ 111.382554] ? __kasan_check_write+0x18/0x20 [ 111.382968] ? do_raw_spin_lock+0x132/0x2a0 [ 111.383378] ? __pfx_do_exit+0x10/0x10 [ 111.383745] ? debug_smp_processor_id+0x20/0x30 [ 111.384183] ? rcu_is_watching+0x19/0xb0 [ 111.384564] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.384998] ? trace_hardirqs_on+0x26/0x120 [ 111.385406] do_group_exit+0xe0/0x2b0 [ 111.385761] __x64_sys_exit_group+0x47/0x50 [ 111.386163] do_syscall_64+0x3b/0x90 [ 111.386547] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.387032] RIP: 0033:0x7f4b87518a4d [ 111.387397] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.387967] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.388662] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.389311] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.389981] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.390681] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.391357] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.392033] [ 111.392255] irq event stamp: 0 [ 111.392551] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.393155] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.393937] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.394735] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.395338] ---[ end trace 0000000000000000 ]--- [ 111.396145] ------------[ cut here ]------------ [ 111.396587] WARNING: CPU: 1 PID: 998 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.397721] Modules linked in: [ 111.398448] CPU: 1 PID: 998 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.399328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.400387] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.400875] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.402794] RSP: 0018:ffff888010167b78 EFLAGS: 00010246 [ 111.403306] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.403988] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 111.404673] RBP: ffff888010167b98 R08: ffffed1003038d3e R09: ffffed1003038d3e [ 111.405423] R10: ffff8880181c69ef R11: ffffed1003038d3d R12: ffff8880181c6a90 [ 111.406194] R13: ffff8880181c68a8 R14: ffffffffffffffff R15: ffff888010167c60 [ 111.406918] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.407701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.408254] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.408947] PKRU: 55555554 [ 111.409225] Call Trace: [ 111.409579] [ 111.409901] iommufd_ioas_destroy+0x53/0x70 [ 111.410342] iommufd_fops_release+0x1f7/0x370 [ 111.410854] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.411386] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.411898] ? write_comp_data+0x2f/0x90 [ 111.412329] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.412859] __fput+0x26d/0xa40 [ 111.413219] ____fput+0x1e/0x30 [ 111.413578] task_work_run+0x1a4/0x2d0 [ 111.414137] ? __pfx_task_work_run+0x10/0x10 [ 111.414737] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.415271] ? switch_task_namespaces+0xa9/0xe0 [ 111.415768] do_exit+0xb17/0x2ef0 [ 111.416131] ? lock_acquire+0x427/0x4c0 [ 111.416558] ? __pfx_lock_release+0x10/0x10 [ 111.417008] ? __kasan_check_write+0x18/0x20 [ 111.417474] ? do_raw_spin_lock+0x132/0x2a0 [ 111.417949] ? __pfx_do_exit+0x10/0x10 [ 111.418598] ? debug_smp_processor_id+0x20/0x30 [ 111.419094] ? rcu_is_watching+0x19/0xb0 [ 111.419535] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.420018] ? trace_hardirqs_on+0x26/0x120 [ 111.420488] do_group_exit+0xe0/0x2b0 [ 111.420895] __x64_sys_exit_group+0x47/0x50 [ 111.421337] do_syscall_64+0x3b/0x90 [ 111.421749] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.422356] RIP: 0033:0x7f4b87518a4d [ 111.423001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.423654] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.424448] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.425188] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.425928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.426739] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.427720] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.428472] [ 111.428714] irq event stamp: 0 [ 111.429040] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.429690] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.430588] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.431467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.432361] ---[ end trace 0000000000000000 ]--- [ 111.438756] ------------[ cut here ]------------ [ 111.439322] WARNING: CPU: 1 PID: 999 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.440465] Modules linked in: [ 111.441234] CPU: 1 PID: 999 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.442131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.443398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.443860] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.446319] RSP: 0018:ffff888012e5fbb8 EFLAGS: 00010246 [ 111.446910] RAX: 0000000000000000 RBX: ffff8880173190a8 RCX: 0000000000000000 [ 111.447662] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 111.448387] RBP: ffff888012e5fbd0 R08: ffffed1002e63233 R09: ffffed1002e63233 [ 111.449130] R10: ffff888017319193 R11: ffffed1002e63232 R12: ffff888021bc4000 [ 111.450071] R13: ffff8880173191e8 R14: ffffffff8352e670 R15: ffff888012e5fe68 [ 111.451155] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.451986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.452584] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 111.453303] PKRU: 55555554 [ 111.453593] Call Trace: [ 111.453859] [ 111.454094] __iommufd_access_detach+0x1c2/0x2b0 [ 111.454775] iommufd_access_change_pt+0x149/0x270 [ 111.455485] iommufd_access_replace+0xb4/0x120 [ 111.456002] iommufd_test+0x3e5/0x37e0 [ 111.456417] ? lock_release+0x532/0x770 [ 111.456839] ? __might_fault+0x102/0x1b0 [ 111.457276] ? lock_acquire+0x427/0x4c0 [ 111.457708] ? __pfx_iommufd_test+0x10/0x10 [ 111.458163] ? __pfx_lock_release+0x10/0x10 [ 111.458834] ? __pfx_lock_acquire+0x10/0x10 [ 111.459487] ? write_comp_data+0x2f/0x90 [ 111.459920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.460431] ? write_comp_data+0x2f/0x90 [ 111.460874] iommufd_fops_ioctl+0x37d/0x510 [ 111.461341] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.461856] ? write_comp_data+0x2f/0x90 [ 111.462325] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.463084] __x64_sys_ioctl+0x1a3/0x230 [ 111.463544] do_syscall_64+0x3b/0x90 [ 111.463946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.464488] RIP: 0033:0x7f4b8743ee5d [ 111.464876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.467050] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.468022] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.468767] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.469497] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.470229] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.471131] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.471992] [ 111.472238] irq event stamp: 0 [ 111.472564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.473211] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.474088] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.475212] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.476019] ---[ end trace 0000000000000000 ]--- [ 111.481206] ------------[ cut here ]------------ [ 111.481748] WARNING: CPU: 1 PID: 999 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.483015] Modules linked in: [ 111.483498] CPU: 1 PID: 999 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.484390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.485537] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.486054] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.488391] RSP: 0018:ffff888012e5fbd0 EFLAGS: 00010246 [ 111.488947] RAX: 0000000000000000 RBX: ffff8880173190a8 RCX: 0000000000000000 [ 111.489678] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 111.490406] RBP: ffff888012e5fbe8 R08: ffffed1002e63233 R09: ffffed1002e63233 [ 111.491408] R10: ffff888017319193 R11: ffffed1002e63232 R12: ffff888012eab400 [ 111.492365] R13: ffff8880173191e8 R14: ffff88800f6d3f00 R15: 0000000000000000 [ 111.493086] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.493910] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.494530] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.495432] PKRU: 55555554 [ 111.495872] Call Trace: [ 111.496145] [ 111.496376] iommufd_access_destroy_object+0x65/0x170 [ 111.496911] iommufd_object_destroy_user+0x18e/0x220 [ 111.497438] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.498040] iommufd_access_destroy+0x43/0x70 [ 111.498559] iommufd_test_staccess_release+0x8d/0xd0 [ 111.499286] __fput+0x26d/0xa40 [ 111.499827] ____fput+0x1e/0x30 [ 111.500172] task_work_run+0x1a4/0x2d0 [ 111.500581] ? __pfx_task_work_run+0x10/0x10 [ 111.501041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.501545] ? switch_task_namespaces+0xa9/0xe0 [ 111.502039] do_exit+0xb17/0x2ef0 [ 111.502445] ? lock_acquire+0x427/0x4c0 [ 111.503091] ? __pfx_lock_release+0x10/0x10 [ 111.503565] ? __kasan_check_write+0x18/0x20 [ 111.504022] ? do_raw_spin_lock+0x132/0x2a0 [ 111.504467] ? __pfx_do_exit+0x10/0x10 [ 111.504879] ? debug_smp_processor_id+0x20/0x30 [ 111.505360] ? rcu_is_watching+0x19/0xb0 [ 111.505804] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.506465] ? trace_hardirqs_on+0x26/0x120 [ 111.507071] do_group_exit+0xe0/0x2b0 [ 111.507484] __x64_sys_exit_group+0x47/0x50 [ 111.507927] do_syscall_64+0x3b/0x90 [ 111.508322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.508866] RIP: 0033:0x7f4b87518a4d [ 111.509254] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.510020] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.511074] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.511819] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.512559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.513302] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.514346] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.515142] [ 111.515398] irq event stamp: 0 [ 111.515732] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.516386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.517237] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.518421] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.519099] ---[ end trace 0000000000000000 ]--- [ 111.522066] ------------[ cut here ]------------ [ 111.522662] WARNING: CPU: 1 PID: 999 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.524006] Modules linked in: [ 111.524337] CPU: 1 PID: 999 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.525203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.526570] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.527098] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.529132] RSP: 0018:ffff888012e5fb78 EFLAGS: 00010246 [ 111.529781] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.530643] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 111.531398] RBP: ffff888012e5fb98 R08: ffffed1002e6323e R09: ffffed1002e6323e [ 111.532285] R10: ffff8880173191ef R11: ffffed1002e6323d R12: ffff888017319290 [ 111.533012] R13: ffff8880173190a8 R14: ffffffffffffffff R15: ffff888012e5fc60 [ 111.533809] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.534776] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.535384] CR2: 00007f82e2b32010 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 111.536294] PKRU: 55555554 [ 111.536588] Call Trace: [ 111.536851] [ 111.537090] iommufd_ioas_destroy+0x53/0x70 [ 111.537547] iommufd_fops_release+0x1f7/0x370 [ 111.538208] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.538757] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.539291] ? write_comp_data+0x2f/0x90 [ 111.539724] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.540430] __fput+0x26d/0xa40 [ 111.540794] ____fput+0x1e/0x30 [ 111.541145] task_work_run+0x1a4/0x2d0 [ 111.541560] ? __pfx_task_work_run+0x10/0x10 [ 111.542087] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.542703] ? switch_task_namespaces+0xa9/0xe0 [ 111.543212] do_exit+0xb17/0x2ef0 [ 111.543581] ? lock_acquire+0x427/0x4c0 [ 111.544055] ? __pfx_lock_release+0x10/0x10 [ 111.544620] ? __kasan_check_write+0x18/0x20 [ 111.545094] ? do_raw_spin_lock+0x132/0x2a0 [ 111.545547] ? __pfx_do_exit+0x10/0x10 [ 111.545986] ? debug_smp_processor_id+0x20/0x30 [ 111.546644] ? rcu_is_watching+0x19/0xb0 [ 111.547072] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.547560] ? trace_hardirqs_on+0x26/0x120 [ 111.548022] do_group_exit+0xe0/0x2b0 [ 111.548604] __x64_sys_exit_group+0x47/0x50 [ 111.549054] do_syscall_64+0x3b/0x90 [ 111.549455] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.549997] RIP: 0033:0x7f4b87518a4d [ 111.550550] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.551204] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.552001] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.552910] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.553647] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.554435] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.555279] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.556015] [ 111.556281] irq event stamp: 0 [ 111.556736] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.557383] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.558278] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.559333] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.559990] ---[ end trace 0000000000000000 ]--- [ 111.567642] ------------[ cut here ]------------ [ 111.568290] WARNING: CPU: 1 PID: 1000 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.569396] Modules linked in: [ 111.569727] CPU: 1 PID: 1000 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.570867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.572068] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.572691] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.574729] RSP: 0018:ffff88801015fbb8 EFLAGS: 00010246 [ 111.575412] RAX: 0000000000000000 RBX: ffff888020cd80a8 RCX: 0000000000000000 [ 111.576159] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 111.577060] RBP: ffff88801015fbd0 R08: ffffed100419b033 R09: ffffed100419b033 [ 111.577817] R10: ffff888020cd8193 R11: ffffed100419b032 R12: ffff8880183dac00 [ 111.578597] R13: ffff888020cd81e8 R14: ffffffff8352e670 R15: ffff88801015fe68 [ 111.579567] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.580409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.581115] CR2: 00007f4b877410e8 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 111.581986] PKRU: 55555554 [ 111.582293] Call Trace: [ 111.582588] [ 111.582852] __iommufd_access_detach+0x1c2/0x2b0 [ 111.583501] iommufd_access_change_pt+0x149/0x270 [ 111.584017] iommufd_access_replace+0xb4/0x120 [ 111.584507] iommufd_test+0x3e5/0x37e0 [ 111.584979] ? lock_release+0x532/0x770 [ 111.585549] ? __might_fault+0x102/0x1b0 [ 111.585994] ? lock_acquire+0x427/0x4c0 [ 111.586429] ? __pfx_iommufd_test+0x10/0x10 [ 111.586933] ? __pfx_lock_release+0x10/0x10 [ 111.587609] ? __pfx_lock_acquire+0x10/0x10 [ 111.588092] ? write_comp_data+0x2f/0x90 [ 111.588549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.589069] ? write_comp_data+0x2f/0x90 [ 111.589660] iommufd_fops_ioctl+0x37d/0x510 [ 111.590125] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.590678] ? write_comp_data+0x2f/0x90 [ 111.591136] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.591827] __x64_sys_ioctl+0x1a3/0x230 [ 111.592277] do_syscall_64+0x3b/0x90 [ 111.592690] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.593250] RIP: 0033:0x7f4b8743ee5d [ 111.593742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.595787] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.596770] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.597513] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.598438] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.599234] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.599998] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.600943] [ 111.601195] irq event stamp: 0 [ 111.601533] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.602233] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.603263] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.604174] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.604978] ---[ end trace 0000000000000000 ]--- [ 111.610347] ------------[ cut here ]------------ [ 111.610900] WARNING: CPU: 1 PID: 1000 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.612099] Modules linked in: [ 111.612534] CPU: 1 PID: 1000 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.613457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.614891] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.615446] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.617560] RSP: 0018:ffff88801015fbd0 EFLAGS: 00010246 [ 111.618223] RAX: 0000000000000000 RBX: ffff888020cd80a8 RCX: 0000000000000000 [ 111.619067] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 111.619852] RBP: ffff88801015fbe8 R08: ffffed100419b033 R09: ffffed100419b033 [ 111.620621] R10: ffff888020cd8193 R11: ffffed100419b032 R12: ffff888021bc7000 [ 111.621387] R13: ffff888020cd81e8 R14: ffff888020c43900 R15: 0000000000000000 [ 111.622159] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.623013] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.623636] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 111.624391] PKRU: 55555554 [ 111.624688] Call Trace: [ 111.624956] [ 111.625196] iommufd_access_destroy_object+0x65/0x170 [ 111.625740] iommufd_object_destroy_user+0x18e/0x220 [ 111.626278] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.626934] iommufd_access_destroy+0x43/0x70 [ 111.627437] iommufd_test_staccess_release+0x8d/0xd0 [ 111.627980] __fput+0x26d/0xa40 [ 111.628341] ____fput+0x1e/0x30 [ 111.628694] task_work_run+0x1a4/0x2d0 [ 111.629104] ? __pfx_task_work_run+0x10/0x10 [ 111.629565] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.630077] ? switch_task_namespaces+0xa9/0xe0 [ 111.630599] do_exit+0xb17/0x2ef0 [ 111.630961] ? lock_acquire+0x427/0x4c0 [ 111.631391] ? __pfx_lock_release+0x10/0x10 [ 111.631843] ? __kasan_check_write+0x18/0x20 [ 111.632301] ? do_raw_spin_lock+0x132/0x2a0 [ 111.632744] ? __pfx_do_exit+0x10/0x10 [ 111.633159] ? debug_smp_processor_id+0x20/0x30 [ 111.633644] ? rcu_is_watching+0x19/0xb0 [ 111.634073] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.634591] ? trace_hardirqs_on+0x26/0x120 [ 111.635046] do_group_exit+0xe0/0x2b0 [ 111.635457] __x64_sys_exit_group+0x47/0x50 [ 111.635911] do_syscall_64+0x3b/0x90 [ 111.636309] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.636860] RIP: 0033:0x7f4b87518a4d [ 111.637253] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.637887] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.638692] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.639432] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.640168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.640897] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.641628] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.642378] [ 111.642650] irq event stamp: 0 [ 111.642984] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.643649] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.644507] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.645365] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.646016] ---[ end trace 0000000000000000 ]--- [ 111.646949] ------------[ cut here ]------------ [ 111.647466] WARNING: CPU: 1 PID: 1000 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.648519] Modules linked in: [ 111.648859] CPU: 1 PID: 1000 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.649758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.650954] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.651512] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.653341] RSP: 0018:ffff88801015fb78 EFLAGS: 00010246 [ 111.653877] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.654756] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 111.655505] RBP: ffff88801015fb98 R08: ffffed100419b03e R09: ffffed100419b03e [ 111.656396] R10: ffff888020cd81ef R11: ffffed100419b03d R12: ffff888020cd8290 [ 111.657234] R13: ffff888020cd80a8 R14: ffffffffffffffff R15: ffff88801015fc60 [ 111.657964] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.658977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.659584] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 111.660313] PKRU: 55555554 [ 111.660665] Call Trace: [ 111.661052] [ 111.661290] iommufd_ioas_destroy+0x53/0x70 [ 111.661736] iommufd_fops_release+0x1f7/0x370 [ 111.662196] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.662738] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.663336] ? write_comp_data+0x2f/0x90 [ 111.663844] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.664355] __fput+0x26d/0xa40 [ 111.664704] ____fput+0x1e/0x30 [ 111.665051] task_work_run+0x1a4/0x2d0 [ 111.665561] ? __pfx_task_work_run+0x10/0x10 [ 111.666048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.666595] ? switch_task_namespaces+0xa9/0xe0 [ 111.667106] do_exit+0xb17/0x2ef0 [ 111.667478] ? lock_acquire+0x427/0x4c0 [ 111.667992] ? __pfx_lock_release+0x10/0x10 [ 111.668518] ? __kasan_check_write+0x18/0x20 [ 111.668972] ? do_raw_spin_lock+0x132/0x2a0 [ 111.669456] ? __pfx_do_exit+0x10/0x10 [ 111.669972] ? debug_smp_processor_id+0x20/0x30 [ 111.670557] ? rcu_is_watching+0x19/0xb0 [ 111.670983] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.671470] ? trace_hardirqs_on+0x26/0x120 [ 111.671919] do_group_exit+0xe0/0x2b0 [ 111.672371] __x64_sys_exit_group+0x47/0x50 [ 111.672907] do_syscall_64+0x3b/0x90 [ 111.673295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.673837] RIP: 0033:0x7f4b87518a4d [ 111.674218] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.675048] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.675834] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.676555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.677459] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.678175] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.678963] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.679809] [ 111.680052] irq event stamp: 0 [ 111.680375] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.681016] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.682038] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.682914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.683558] ---[ end trace 0000000000000000 ]--- [ 111.688341] ------------[ cut here ]------------ [ 111.688839] WARNING: CPU: 1 PID: 1001 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.689774] Modules linked in: [ 111.690072] CPU: 1 PID: 1001 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.691179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.692232] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.692705] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.694402] RSP: 0018:ffff88801057fbb8 EFLAGS: 00010246 [ 111.694926] RAX: 0000000000000000 RBX: ffff88800b9fd0a8 RCX: 0000000000000000 [ 111.695604] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 111.696264] RBP: ffff88801057fbd0 R08: ffffed100173fa33 R09: ffffed100173fa33 [ 111.696927] R10: ffff88800b9fd193 R11: ffffed100173fa32 R12: ffff888020b33c00 [ 111.697587] R13: ffff88800b9fd1e8 R14: ffffffff8352e670 R15: ffff88801057fe68 [ 111.698238] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.699010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.699566] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 111.700260] PKRU: 55555554 [ 111.700525] Call Trace: [ 111.700761] [ 111.700970] __iommufd_access_detach+0x1c2/0x2b0 [ 111.701427] iommufd_access_change_pt+0x149/0x270 [ 111.701886] iommufd_access_replace+0xb4/0x120 [ 111.702324] iommufd_test+0x3e5/0x37e0 [ 111.702712] ? lock_release+0x532/0x770 [ 111.703094] ? __might_fault+0x102/0x1b0 [ 111.703495] ? lock_acquire+0x427/0x4c0 [ 111.703886] ? __pfx_iommufd_test+0x10/0x10 [ 111.704287] ? __pfx_lock_release+0x10/0x10 [ 111.704700] ? __pfx_lock_acquire+0x10/0x10 [ 111.705114] ? write_comp_data+0x2f/0x90 [ 111.705503] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.705961] ? write_comp_data+0x2f/0x90 [ 111.706347] iommufd_fops_ioctl+0x37d/0x510 [ 111.706782] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.707259] ? write_comp_data+0x2f/0x90 [ 111.707655] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.708110] __x64_sys_ioctl+0x1a3/0x230 [ 111.708495] do_syscall_64+0x3b/0x90 [ 111.708850] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.709336] RIP: 0033:0x7f4b8743ee5d [ 111.709682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.711388] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.712083] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.712727] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.713372] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.714014] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.714677] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.715348] [ 111.715577] irq event stamp: 0 [ 111.715868] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.716437] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.717201] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.717963] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.718535] ---[ end trace 0000000000000000 ]--- [ 111.721590] ------------[ cut here ]------------ [ 111.722016] WARNING: CPU: 1 PID: 1001 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.722926] Modules linked in: [ 111.723219] CPU: 1 PID: 1001 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.723971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.724934] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.725366] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.726940] RSP: 0018:ffff88801057fbd0 EFLAGS: 00010246 [ 111.727417] RAX: 0000000000000000 RBX: ffff88800b9fd0a8 RCX: 0000000000000000 [ 111.728030] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 111.728640] RBP: ffff88801057fbe8 R08: ffffed100173fa33 R09: ffffed100173fa33 [ 111.729250] R10: ffff88800b9fd193 R11: ffffed100173fa32 R12: ffff8880183da000 [ 111.729865] R13: ffff88800b9fd1e8 R14: ffff8880121b3a00 R15: 0000000000000000 [ 111.730480] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.731247] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.731757] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.732374] PKRU: 55555554 [ 111.732622] Call Trace: [ 111.732843] [ 111.733040] iommufd_access_destroy_object+0x65/0x170 [ 111.733490] iommufd_object_destroy_user+0x18e/0x220 [ 111.733928] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.734438] iommufd_access_destroy+0x43/0x70 [ 111.734867] iommufd_test_staccess_release+0x8d/0xd0 [ 111.735336] __fput+0x26d/0xa40 [ 111.735642] ____fput+0x1e/0x30 [ 111.735938] task_work_run+0x1a4/0x2d0 [ 111.736291] ? __pfx_task_work_run+0x10/0x10 [ 111.736679] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.737107] ? switch_task_namespaces+0xa9/0xe0 [ 111.737510] do_exit+0xb17/0x2ef0 [ 111.737810] ? lock_acquire+0x427/0x4c0 [ 111.738159] ? __pfx_lock_release+0x10/0x10 [ 111.738563] ? __kasan_check_write+0x18/0x20 [ 111.738953] ? do_raw_spin_lock+0x132/0x2a0 [ 111.739345] ? __pfx_do_exit+0x10/0x10 [ 111.739686] ? debug_smp_processor_id+0x20/0x30 [ 111.740091] ? rcu_is_watching+0x19/0xb0 [ 111.740449] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.740843] ? trace_hardirqs_on+0x26/0x120 [ 111.741227] do_group_exit+0xe0/0x2b0 [ 111.741553] __x64_sys_exit_group+0x47/0x50 [ 111.741917] do_syscall_64+0x3b/0x90 [ 111.742241] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.742711] RIP: 0033:0x7f4b87518a4d [ 111.743032] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.743565] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.744222] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.744848] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.745454] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.746051] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.746675] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.747272] [ 111.747467] irq event stamp: 0 [ 111.747725] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.748242] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.748925] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.749607] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.750117] ---[ end trace 0000000000000000 ]--- [ 111.750869] ------------[ cut here ]------------ [ 111.751275] WARNING: CPU: 1 PID: 1001 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.752110] Modules linked in: [ 111.752374] CPU: 1 PID: 1001 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.753086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.754002] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.754424] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.755941] RSP: 0018:ffff88801057fb78 EFLAGS: 00010246 [ 111.756386] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.756971] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 111.757553] RBP: ffff88801057fb98 R08: ffffed100173fa3e R09: ffffed100173fa3e [ 111.758138] R10: ffff88800b9fd1ef R11: ffffed100173fa3d R12: ffff88800b9fd290 [ 111.758738] R13: ffff88800b9fd0a8 R14: ffffffffffffffff R15: ffff88801057fc60 [ 111.759336] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.759981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.760460] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 111.761043] PKRU: 55555554 [ 111.761277] Call Trace: [ 111.761503] [ 111.761697] iommufd_ioas_destroy+0x53/0x70 [ 111.762060] iommufd_fops_release+0x1f7/0x370 [ 111.762437] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.762876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.763295] ? write_comp_data+0x2f/0x90 [ 111.763640] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.764051] __fput+0x26d/0xa40 [ 111.764338] ____fput+0x1e/0x30 [ 111.764620] task_work_run+0x1a4/0x2d0 [ 111.764949] ? __pfx_task_work_run+0x10/0x10 [ 111.765321] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.765728] ? switch_task_namespaces+0xa9/0xe0 [ 111.766119] do_exit+0xb17/0x2ef0 [ 111.766407] ? lock_acquire+0x427/0x4c0 [ 111.766764] ? __pfx_lock_release+0x10/0x10 [ 111.767139] ? __kasan_check_write+0x18/0x20 [ 111.767505] ? do_raw_spin_lock+0x132/0x2a0 [ 111.767862] ? __pfx_do_exit+0x10/0x10 [ 111.768195] ? debug_smp_processor_id+0x20/0x30 [ 111.768580] ? rcu_is_watching+0x19/0xb0 [ 111.768916] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.769294] ? trace_hardirqs_on+0x26/0x120 [ 111.769658] do_group_exit+0xe0/0x2b0 [ 111.769974] __x64_sys_exit_group+0x47/0x50 [ 111.770329] do_syscall_64+0x3b/0x90 [ 111.770667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.771105] RIP: 0033:0x7f4b87518a4d [ 111.771420] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.771921] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.772543] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.773121] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.773702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.774278] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.774876] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.775483] [ 111.775679] irq event stamp: 0 [ 111.775937] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.776458] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.777139] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.777822] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.778333] ---[ end trace 0000000000000000 ]--- [ 111.782203] ------------[ cut here ]------------ [ 111.782684] WARNING: CPU: 0 PID: 1002 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.783549] Modules linked in: [ 111.783815] CPU: 0 PID: 1002 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.784555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.785490] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.785910] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.787490] RSP: 0018:ffff888012e5fbb8 EFLAGS: 00010246 [ 111.787960] RAX: 0000000000000000 RBX: ffff8880104600a8 RCX: 0000000000000000 [ 111.788545] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 111.789149] RBP: ffff888012e5fbd0 R08: ffffed100208c033 R09: ffffed100208c033 [ 111.789742] R10: ffff888010460193 R11: ffffed100208c032 R12: ffff88801422d800 [ 111.790348] R13: ffff8880104601e8 R14: ffffffff8352e670 R15: ffff888012e5fe68 [ 111.790978] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 111.791662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.792163] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ef0 [ 111.792778] PKRU: 55555554 [ 111.793036] Call Trace: [ 111.793251] [ 111.793447] __iommufd_access_detach+0x1c2/0x2b0 [ 111.793866] iommufd_access_change_pt+0x149/0x270 [ 111.794296] iommufd_access_replace+0xb4/0x120 [ 111.794715] iommufd_test+0x3e5/0x37e0 [ 111.795041] ? lock_release+0x532/0x770 [ 111.795416] ? __might_fault+0x102/0x1b0 [ 111.795776] ? lock_acquire+0x427/0x4c0 [ 111.796117] ? __pfx_iommufd_test+0x10/0x10 [ 111.796496] ? __pfx_lock_release+0x10/0x10 [ 111.796871] ? __pfx_lock_acquire+0x10/0x10 [ 111.797247] ? write_comp_data+0x2f/0x90 [ 111.797605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.798023] ? write_comp_data+0x2f/0x90 [ 111.798377] iommufd_fops_ioctl+0x37d/0x510 [ 111.798766] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.799178] ? write_comp_data+0x2f/0x90 [ 111.799537] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.799938] __x64_sys_ioctl+0x1a3/0x230 [ 111.800275] do_syscall_64+0x3b/0x90 [ 111.800604] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.801040] RIP: 0033:0x7f4b8743ee5d [ 111.801341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.802867] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.803498] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.804093] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.804661] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.805257] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.805827] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.806428] [ 111.806636] irq event stamp: 0 [ 111.806895] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.807439] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.808117] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.808785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.809298] ---[ end trace 0000000000000000 ]--- [ 111.812413] ------------[ cut here ]------------ [ 111.812848] WARNING: CPU: 0 PID: 1002 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.813655] Modules linked in: [ 111.813920] CPU: 0 PID: 1002 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.814887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.815795] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.816202] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.817652] RSP: 0018:ffff888012e5fbd0 EFLAGS: 00010246 [ 111.818095] RAX: 0000000000000000 RBX: ffff8880104600a8 RCX: 0000000000000000 [ 111.818675] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 111.819286] RBP: ffff888012e5fbe8 R08: ffffed100208c033 R09: ffffed100208c033 [ 111.819842] R10: ffff888010460193 R11: ffffed100208c032 R12: ffff8880144d4c00 [ 111.820428] R13: ffff8880104601e8 R14: ffff888020910100 R15: 0000000000000000 [ 111.820995] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 111.821643] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.822107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 111.822700] PKRU: 55555554 [ 111.822925] Call Trace: [ 111.823147] [ 111.823336] iommufd_access_destroy_object+0x65/0x170 [ 111.823752] iommufd_object_destroy_user+0x18e/0x220 [ 111.824156] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.824638] iommufd_access_destroy+0x43/0x70 [ 111.824991] iommufd_test_staccess_release+0x8d/0xd0 [ 111.825401] __fput+0x26d/0xa40 [ 111.825695] ____fput+0x1e/0x30 [ 111.825960] task_work_run+0x1a4/0x2d0 [ 111.826267] ? __pfx_task_work_run+0x10/0x10 [ 111.826663] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.827054] ? switch_task_namespaces+0xa9/0xe0 [ 111.827443] do_exit+0xb17/0x2ef0 [ 111.827738] ? lock_acquire+0x427/0x4c0 [ 111.828056] ? __pfx_lock_release+0x10/0x10 [ 111.828395] ? __kasan_check_write+0x18/0x20 [ 111.828776] ? do_raw_spin_lock+0x132/0x2a0 [ 111.829122] ? __pfx_do_exit+0x10/0x10 [ 111.829432] ? debug_smp_processor_id+0x20/0x30 [ 111.829813] ? rcu_is_watching+0x19/0xb0 [ 111.830142] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.830499] ? trace_hardirqs_on+0x26/0x120 [ 111.830885] do_group_exit+0xe0/0x2b0 [ 111.831205] __x64_sys_exit_group+0x47/0x50 [ 111.831539] do_syscall_64+0x3b/0x90 [ 111.831848] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.832273] RIP: 0033:0x7f4b87518a4d [ 111.832563] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.833055] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.833648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.834227] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.834794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.835379] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.835922] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.836508] [ 111.836691] irq event stamp: 0 [ 111.836935] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.837445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.838091] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.838778] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.839290] ---[ end trace 0000000000000000 ]--- [ 111.840105] ------------[ cut here ]------------ [ 111.840498] WARNING: CPU: 0 PID: 1002 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.841299] Modules linked in: [ 111.841559] CPU: 0 PID: 1002 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.842242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.843332] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.843748] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.845177] RSP: 0018:ffff888012e5fb78 EFLAGS: 00010246 [ 111.845589] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.846158] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 111.846729] RBP: ffff888012e5fb98 R08: ffffed100208c03e R09: ffffed100208c03e [ 111.847322] R10: ffff8880104601ef R11: ffffed100208c03d R12: ffff888010460290 [ 111.847869] R13: ffff8880104600a8 R14: ffffffffffffffff R15: ffff888012e5fc60 [ 111.848438] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 111.849067] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.849523] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 111.850070] PKRU: 55555554 [ 111.850314] Call Trace: [ 111.850539] [ 111.850728] iommufd_ioas_destroy+0x53/0x70 [ 111.851071] iommufd_fops_release+0x1f7/0x370 [ 111.851457] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.851852] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.852233] ? write_comp_data+0x2f/0x90 [ 111.852578] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.852982] __fput+0x26d/0xa40 [ 111.853251] ____fput+0x1e/0x30 [ 111.853536] task_work_run+0x1a4/0x2d0 [ 111.853859] ? __pfx_task_work_run+0x10/0x10 [ 111.854209] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.854629] ? switch_task_namespaces+0xa9/0xe0 [ 111.855025] do_exit+0xb17/0x2ef0 [ 111.855310] ? lock_acquire+0x427/0x4c0 [ 111.855653] ? __pfx_lock_release+0x10/0x10 [ 111.856006] ? __kasan_check_write+0x18/0x20 [ 111.856355] ? do_raw_spin_lock+0x132/0x2a0 [ 111.856712] ? __pfx_do_exit+0x10/0x10 [ 111.857034] ? debug_smp_processor_id+0x20/0x30 [ 111.857397] ? rcu_is_watching+0x19/0xb0 [ 111.857733] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.858098] ? trace_hardirqs_on+0x26/0x120 [ 111.858438] do_group_exit+0xe0/0x2b0 [ 111.858766] __x64_sys_exit_group+0x47/0x50 [ 111.859119] do_syscall_64+0x3b/0x90 [ 111.859428] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.859850] RIP: 0033:0x7f4b87518a4d [ 111.860145] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.860624] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.861225] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.861786] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.862354] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.862929] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.863522] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.864079] [ 111.864281] irq event stamp: 0 [ 111.864531] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.865020] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.865678] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.866323] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.866840] ---[ end trace 0000000000000000 ]--- [ 111.871044] ------------[ cut here ]------------ [ 111.871453] WARNING: CPU: 0 PID: 1003 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.872260] Modules linked in: [ 111.872511] CPU: 0 PID: 1003 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.873200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.874067] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.874461] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.875920] RSP: 0018:ffff88801057fbb8 EFLAGS: 00010246 [ 111.876343] RAX: 0000000000000000 RBX: ffff8880171bc8a8 RCX: 0000000000000000 [ 111.876900] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 111.877461] RBP: ffff88801057fbd0 R08: ffffed1002e37933 R09: ffffed1002e37933 [ 111.878008] R10: ffff8880171bc993 R11: ffffed1002e37932 R12: ffff88801226c800 [ 111.878585] R13: ffff8880171bc9e8 R14: ffffffff8352e670 R15: ffff88801057fe68 [ 111.879143] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 111.879780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.880227] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ef0 [ 111.880792] PKRU: 55555554 [ 111.881010] Call Trace: [ 111.881207] [ 111.881391] __iommufd_access_detach+0x1c2/0x2b0 [ 111.881778] iommufd_access_change_pt+0x149/0x270 [ 111.882158] iommufd_access_replace+0xb4/0x120 [ 111.882549] iommufd_test+0x3e5/0x37e0 [ 111.882863] ? lock_release+0x532/0x770 [ 111.883188] ? __might_fault+0x102/0x1b0 [ 111.883521] ? lock_acquire+0x427/0x4c0 [ 111.883841] ? __pfx_iommufd_test+0x10/0x10 [ 111.884183] ? __pfx_lock_release+0x10/0x10 [ 111.884524] ? __pfx_lock_acquire+0x10/0x10 [ 111.884877] ? write_comp_data+0x2f/0x90 [ 111.885215] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.885598] ? write_comp_data+0x2f/0x90 [ 111.885933] iommufd_fops_ioctl+0x37d/0x510 [ 111.886280] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.886690] ? write_comp_data+0x2f/0x90 [ 111.887023] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.887421] __x64_sys_ioctl+0x1a3/0x230 [ 111.887756] do_syscall_64+0x3b/0x90 [ 111.888058] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.888471] RIP: 0033:0x7f4b8743ee5d [ 111.888762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.890153] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.890771] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.891342] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.891895] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.892443] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.892990] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.893545] [ 111.893731] irq event stamp: 0 [ 111.893978] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.894469] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.895142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.895791] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.896279] ---[ end trace 0000000000000000 ]--- [ 111.898956] ------------[ cut here ]------------ [ 111.899358] WARNING: CPU: 0 PID: 1003 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.900135] Modules linked in: [ 111.900385] CPU: 0 PID: 1003 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.901052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.901911] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.902294] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.903702] RSP: 0018:ffff88801057fbd0 EFLAGS: 00010246 [ 111.904115] RAX: 0000000000000000 RBX: ffff8880171bc8a8 RCX: 0000000000000000 [ 111.904663] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 111.905208] RBP: ffff88801057fbe8 R08: ffffed1002e37933 R09: ffffed1002e37933 [ 111.905751] R10: ffff8880171bc993 R11: ffffed1002e37932 R12: ffff88801422f400 [ 111.906295] R13: ffff8880171bc9e8 R14: ffff88800f6d3400 R15: 0000000000000000 [ 111.906861] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 111.907491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.907936] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 111.908489] PKRU: 55555554 [ 111.908709] Call Trace: [ 111.908908] [ 111.909084] iommufd_access_destroy_object+0x65/0x170 [ 111.909488] iommufd_object_destroy_user+0x18e/0x220 [ 111.909886] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 111.910339] iommufd_access_destroy+0x43/0x70 [ 111.910713] iommufd_test_staccess_release+0x8d/0xd0 [ 111.911120] __fput+0x26d/0xa40 [ 111.911393] ____fput+0x1e/0x30 [ 111.911660] task_work_run+0x1a4/0x2d0 [ 111.911970] ? __pfx_task_work_run+0x10/0x10 [ 111.912316] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.912698] ? switch_task_namespaces+0xa9/0xe0 [ 111.913070] do_exit+0xb17/0x2ef0 [ 111.913362] ? lock_acquire+0x427/0x4c0 [ 111.913682] ? __pfx_lock_release+0x10/0x10 [ 111.914021] ? __kasan_check_write+0x18/0x20 [ 111.914364] ? do_raw_spin_lock+0x132/0x2a0 [ 111.914720] ? __pfx_do_exit+0x10/0x10 [ 111.915035] ? debug_smp_processor_id+0x20/0x30 [ 111.915408] ? rcu_is_watching+0x19/0xb0 [ 111.915727] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.916081] ? trace_hardirqs_on+0x26/0x120 [ 111.916419] do_group_exit+0xe0/0x2b0 [ 111.916715] __x64_sys_exit_group+0x47/0x50 [ 111.917050] do_syscall_64+0x3b/0x90 [ 111.917347] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.917750] RIP: 0033:0x7f4b87518a4d [ 111.918036] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.918533] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.919121] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.919671] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.920216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.920765] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.921309] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.921862] [ 111.922045] irq event stamp: 0 [ 111.922289] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.922789] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.923439] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.924081] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.924566] ---[ end trace 0000000000000000 ]--- [ 111.930953] ------------[ cut here ]------------ [ 111.931578] WARNING: CPU: 1 PID: 1003 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 111.932380] Modules linked in: [ 111.932664] CPU: 1 PID: 1003 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.933605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.934632] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 111.935042] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 111.936582] RSP: 0018:ffff88801057fb78 EFLAGS: 00010246 [ 111.937004] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 111.937619] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 111.938224] RBP: ffff88801057fb98 R08: ffffed1002e3793e R09: ffffed1002e3793e [ 111.938810] R10: ffff8880171bc9ef R11: ffffed1002e3793d R12: ffff8880171bca90 [ 111.939489] R13: ffff8880171bc8a8 R14: ffffffffffffffff R15: ffff88801057fc60 [ 111.940047] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 111.940742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.941263] CR2: 00007f82e2b93000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 111.941828] PKRU: 55555554 [ 111.942071] Call Trace: [ 111.942301] [ 111.942569] iommufd_ioas_destroy+0x53/0x70 [ 111.942921] iommufd_fops_release+0x1f7/0x370 [ 111.943302] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.943706] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.944204] ? write_comp_data+0x2f/0x90 [ 111.944540] ? __pfx_iommufd_fops_release+0x10/0x10 [ 111.944942] __fput+0x26d/0xa40 [ 111.945223] ____fput+0x1e/0x30 [ 111.945553] task_work_run+0x1a4/0x2d0 [ 111.945955] ? __pfx_task_work_run+0x10/0x10 [ 111.946318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.946732] ? switch_task_namespaces+0xa9/0xe0 [ 111.947178] do_exit+0xb17/0x2ef0 [ 111.947509] ? lock_acquire+0x427/0x4c0 [ 111.947840] ? __pfx_lock_release+0x10/0x10 [ 111.948196] ? __kasan_check_write+0x18/0x20 [ 111.948555] ? do_raw_spin_lock+0x132/0x2a0 [ 111.949013] ? __pfx_do_exit+0x10/0x10 [ 111.949333] ? debug_smp_processor_id+0x20/0x30 [ 111.949705] ? rcu_is_watching+0x19/0xb0 [ 111.950029] ? _raw_spin_unlock_irq+0x2b/0x60 [ 111.950532] ? trace_hardirqs_on+0x26/0x120 [ 111.950892] do_group_exit+0xe0/0x2b0 [ 111.951214] __x64_sys_exit_group+0x47/0x50 [ 111.951568] do_syscall_64+0x3b/0x90 [ 111.951911] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.952407] RIP: 0033:0x7f4b87518a4d [ 111.952719] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 111.953229] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 111.953982] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 111.954603] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 111.955247] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 111.955902] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 111.956495] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 111.957213] [ 111.957415] irq event stamp: 0 [ 111.957678] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.958203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.959042] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.959759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.960402] ---[ end trace 0000000000000000 ]--- [ 111.966845] ------------[ cut here ]------------ [ 111.967274] WARNING: CPU: 0 PID: 1004 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.968277] Modules linked in: [ 111.968540] CPU: 0 PID: 1004 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 111.969382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 111.970294] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 111.970724] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 111.972193] RSP: 0018:ffff888018977bb8 EFLAGS: 00010246 [ 111.972622] RAX: 0000000000000000 RBX: ffff888014a000a8 RCX: 0000000000000000 [ 111.973193] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 111.973763] RBP: ffff888018977bd0 R08: ffffed1002940033 R09: ffffed1002940033 [ 111.974333] R10: ffff888014a00193 R11: ffffed1002940032 R12: ffff888013b14c00 [ 111.974932] R13: ffff888014a001e8 R14: ffffffff8352e670 R15: ffff888018977e68 [ 111.975513] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 111.976163] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.976819] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ef0 [ 111.977401] PKRU: 55555554 [ 111.977632] Call Trace: [ 111.977839] [ 111.978059] __iommufd_access_detach+0x1c2/0x2b0 [ 111.978558] iommufd_access_change_pt+0x149/0x270 [ 111.978960] iommufd_access_replace+0xb4/0x120 [ 111.979354] iommufd_test+0x3e5/0x37e0 [ 111.979673] ? lock_release+0x532/0x770 [ 111.980052] ? __might_fault+0x102/0x1b0 [ 111.980490] ? lock_acquire+0x427/0x4c0 [ 111.980825] ? __pfx_iommufd_test+0x10/0x10 [ 111.981174] ? __pfx_lock_release+0x10/0x10 [ 111.981583] ? __pfx_lock_acquire+0x10/0x10 [ 111.982029] ? write_comp_data+0x2f/0x90 [ 111.982375] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 111.982793] ? write_comp_data+0x2f/0x90 [ 111.983147] iommufd_fops_ioctl+0x37d/0x510 [ 111.983529] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.984040] ? write_comp_data+0x2f/0x90 [ 111.984387] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 111.984781] __x64_sys_ioctl+0x1a3/0x230 [ 111.985193] do_syscall_64+0x3b/0x90 [ 111.985571] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 111.986001] RIP: 0033:0x7f4b8743ee5d [ 111.986307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 111.987808] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 111.988453] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 111.989058] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 111.989659] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 111.990258] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 111.990883] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 111.991501] [ 111.991703] irq event stamp: 0 [ 111.991970] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 111.992519] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 111.993436] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 111.994157] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 111.994738] ---[ end trace 0000000000000000 ]--- [ 111.997883] ------------[ cut here ]------------ [ 111.998346] WARNING: CPU: 0 PID: 1004 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 111.999380] Modules linked in: [ 111.999661] CPU: 0 PID: 1004 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.000570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.001531] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.001961] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.003599] RSP: 0018:ffff888018977bd0 EFLAGS: 00010246 [ 112.004059] RAX: 0000000000000000 RBX: ffff888014a000a8 RCX: 0000000000000000 [ 112.004665] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 112.005270] RBP: ffff888018977be8 R08: ffffed1002940033 R09: ffffed1002940033 [ 112.005875] R10: ffff888014a00193 R11: ffffed1002940032 R12: ffff88801226f000 [ 112.006484] R13: ffff888014a001e8 R14: ffff88800fa31900 R15: 0000000000000000 [ 112.007117] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.007810] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.008305] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.008915] PKRU: 55555554 [ 112.009163] Call Trace: [ 112.009384] [ 112.009581] iommufd_access_destroy_object+0x65/0x170 [ 112.010029] iommufd_object_destroy_user+0x18e/0x220 [ 112.010467] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.010990] iommufd_access_destroy+0x43/0x70 [ 112.011402] iommufd_test_staccess_release+0x8d/0xd0 [ 112.011848] __fput+0x26d/0xa40 [ 112.012147] ____fput+0x1e/0x30 [ 112.012439] task_work_run+0x1a4/0x2d0 [ 112.012784] ? __pfx_task_work_run+0x10/0x10 [ 112.013170] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.013599] ? switch_task_namespaces+0xa9/0xe0 [ 112.014011] do_exit+0xb17/0x2ef0 [ 112.014314] ? lock_acquire+0x427/0x4c0 [ 112.014688] ? __pfx_lock_release+0x10/0x10 [ 112.015071] ? __kasan_check_write+0x18/0x20 [ 112.015468] ? do_raw_spin_lock+0x132/0x2a0 [ 112.015842] ? __pfx_do_exit+0x10/0x10 [ 112.016187] ? debug_smp_processor_id+0x20/0x30 [ 112.016589] ? rcu_is_watching+0x19/0xb0 [ 112.016941] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.017333] ? trace_hardirqs_on+0x26/0x120 [ 112.017711] do_group_exit+0xe0/0x2b0 [ 112.018041] __x64_sys_exit_group+0x47/0x50 [ 112.018412] do_syscall_64+0x3b/0x90 [ 112.018761] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.019231] RIP: 0033:0x7f4b87518a4d [ 112.019554] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.020077] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.020729] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.021337] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.021959] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.022588] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.023218] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.023838] [ 112.024045] irq event stamp: 0 [ 112.024322] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.024871] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.025588] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.026300] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.026874] ---[ end trace 0000000000000000 ]--- [ 112.027672] ------------[ cut here ]------------ [ 112.028080] WARNING: CPU: 0 PID: 1004 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.029068] Modules linked in: [ 112.029501] CPU: 0 PID: 1004 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.030256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.031691] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.032149] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.033866] RSP: 0018:ffff888018977b78 EFLAGS: 00010246 [ 112.034326] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.034956] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 112.035590] RBP: ffff888018977b98 R08: ffffed100294003e R09: ffffed100294003e [ 112.036203] R10: ffff888014a001ef R11: ffffed100294003d R12: ffff888014a00290 [ 112.036818] R13: ffff888014a000a8 R14: ffffffffffffffff R15: ffff888018977c60 [ 112.037425] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.038116] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.038632] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.039256] PKRU: 55555554 [ 112.039500] Call Trace: [ 112.039722] [ 112.039921] iommufd_ioas_destroy+0x53/0x70 [ 112.040306] iommufd_fops_release+0x1f7/0x370 [ 112.040703] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.041138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.041565] ? write_comp_data+0x2f/0x90 [ 112.041923] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.042354] __fput+0x26d/0xa40 [ 112.042674] ____fput+0x1e/0x30 [ 112.042972] task_work_run+0x1a4/0x2d0 [ 112.043329] ? __pfx_task_work_run+0x10/0x10 [ 112.043713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.044136] ? switch_task_namespaces+0xa9/0xe0 [ 112.044549] do_exit+0xb17/0x2ef0 [ 112.044849] ? lock_acquire+0x427/0x4c0 [ 112.045204] ? __pfx_lock_release+0x10/0x10 [ 112.045586] ? __kasan_check_write+0x18/0x20 [ 112.045974] ? do_raw_spin_lock+0x132/0x2a0 [ 112.046350] ? __pfx_do_exit+0x10/0x10 [ 112.046720] ? debug_smp_processor_id+0x20/0x30 [ 112.047146] ? rcu_is_watching+0x19/0xb0 [ 112.047503] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.047899] ? trace_hardirqs_on+0x26/0x120 [ 112.048279] do_group_exit+0xe0/0x2b0 [ 112.048608] __x64_sys_exit_group+0x47/0x50 [ 112.048975] do_syscall_64+0x3b/0x90 [ 112.049309] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.049765] RIP: 0033:0x7f4b87518a4d [ 112.050096] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.050649] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.051317] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.051934] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.052550] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.053177] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.053792] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.054413] [ 112.054638] irq event stamp: 0 [ 112.054916] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.055470] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.056190] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.056902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.057444] ---[ end trace 0000000000000000 ]--- [ 112.061895] ------------[ cut here ]------------ [ 112.062308] WARNING: CPU: 0 PID: 1005 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.063302] Modules linked in: [ 112.063566] CPU: 0 PID: 1005 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.064272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.065178] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.065581] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.067065] RSP: 0018:ffff88800f5efbb8 EFLAGS: 00010246 [ 112.067505] RAX: 0000000000000000 RBX: ffff88800fe280a8 RCX: 0000000000000000 [ 112.068077] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 112.068647] RBP: ffff88800f5efbd0 R08: ffffed1001fc5033 R09: ffffed1001fc5033 [ 112.069219] R10: ffff88800fe28193 R11: ffffed1001fc5032 R12: ffff8880182c1000 [ 112.069789] R13: ffff88800fe281e8 R14: ffffffff8352e670 R15: ffff88800f5efe68 [ 112.070368] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.071037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.071530] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 112.072113] PKRU: 55555554 [ 112.072345] Call Trace: [ 112.072556] [ 112.072743] __iommufd_access_detach+0x1c2/0x2b0 [ 112.073145] iommufd_access_change_pt+0x149/0x270 [ 112.073546] iommufd_access_replace+0xb4/0x120 [ 112.073928] iommufd_test+0x3e5/0x37e0 [ 112.074248] ? lock_release+0x532/0x770 [ 112.074598] ? __might_fault+0x102/0x1b0 [ 112.074937] ? lock_acquire+0x427/0x4c0 [ 112.075281] ? __pfx_iommufd_test+0x10/0x10 [ 112.075629] ? __pfx_lock_release+0x10/0x10 [ 112.075986] ? __pfx_lock_acquire+0x10/0x10 [ 112.076346] ? write_comp_data+0x2f/0x90 [ 112.076687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.077090] ? write_comp_data+0x2f/0x90 [ 112.077428] iommufd_fops_ioctl+0x37d/0x510 [ 112.077781] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.078182] ? write_comp_data+0x2f/0x90 [ 112.078543] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.078944] __x64_sys_ioctl+0x1a3/0x230 [ 112.079296] do_syscall_64+0x3b/0x90 [ 112.079609] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.080034] RIP: 0033:0x7f4b8743ee5d [ 112.080338] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.081796] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.082417] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.083008] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.083597] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.084172] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.084748] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.085334] [ 112.085524] irq event stamp: 0 [ 112.085781] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.086288] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.086987] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.087671] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.088186] ---[ end trace 0000000000000000 ]--- [ 112.091451] ------------[ cut here ]------------ [ 112.091840] WARNING: CPU: 0 PID: 1005 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.092740] Modules linked in: [ 112.093098] CPU: 0 PID: 1005 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.093806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.094928] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.095351] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.096999] RSP: 0018:ffff88800f5efbd0 EFLAGS: 00010246 [ 112.097438] RAX: 0000000000000000 RBX: ffff88800fe280a8 RCX: 0000000000000000 [ 112.098014] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 112.098766] RBP: ffff88800f5efbe8 R08: ffffed1001fc5033 R09: ffffed1001fc5033 [ 112.099356] R10: ffff88800fe28193 R11: ffffed1001fc5032 R12: ffff888013b15c00 [ 112.099932] R13: ffff88800fe281e8 R14: ffff8880141bdd00 R15: 0000000000000000 [ 112.100661] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.101313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.101813] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.102522] PKRU: 55555554 [ 112.102760] Call Trace: [ 112.102968] [ 112.103164] iommufd_access_destroy_object+0x65/0x170 [ 112.103592] iommufd_object_destroy_user+0x18e/0x220 [ 112.104171] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.104650] iommufd_access_destroy+0x43/0x70 [ 112.105027] iommufd_test_staccess_release+0x8d/0xd0 [ 112.105515] __fput+0x26d/0xa40 [ 112.105896] ____fput+0x1e/0x30 [ 112.106179] task_work_run+0x1a4/0x2d0 [ 112.106527] ? __pfx_task_work_run+0x10/0x10 [ 112.106892] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.107310] ? switch_task_namespaces+0xa9/0xe0 [ 112.107863] do_exit+0xb17/0x2ef0 [ 112.108150] ? lock_acquire+0x427/0x4c0 [ 112.108490] ? __pfx_lock_release+0x10/0x10 [ 112.108848] ? __kasan_check_write+0x18/0x20 [ 112.109266] ? do_raw_spin_lock+0x132/0x2a0 [ 112.109715] ? __pfx_do_exit+0x10/0x10 [ 112.110043] ? debug_smp_processor_id+0x20/0x30 [ 112.110427] ? rcu_is_watching+0x19/0xb0 [ 112.110809] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.111280] ? trace_hardirqs_on+0x26/0x120 [ 112.111657] do_group_exit+0xe0/0x2b0 [ 112.111980] __x64_sys_exit_group+0x47/0x50 [ 112.112346] do_syscall_64+0x3b/0x90 [ 112.112674] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.113203] RIP: 0033:0x7f4b87518a4d [ 112.113614] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.114139] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.114965] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.115579] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.116180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.116781] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.117386] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.118005] [ 112.118213] irq event stamp: 0 [ 112.118487] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.119054] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.119790] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.120512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.121056] ---[ end trace 0000000000000000 ]--- [ 112.121911] ------------[ cut here ]------------ [ 112.122328] WARNING: CPU: 0 PID: 1005 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.123265] Modules linked in: [ 112.123639] CPU: 0 PID: 1005 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.124534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.125581] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.126113] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.127764] RSP: 0018:ffff88800f5efb78 EFLAGS: 00010246 [ 112.128227] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.129009] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 112.129625] RBP: ffff88800f5efb98 R08: ffffed1001fc503e R09: ffffed1001fc503e [ 112.130239] R10: ffff88800fe281ef R11: ffffed1001fc503d R12: ffff88800fe28290 [ 112.130877] R13: ffff88800fe280a8 R14: ffffffffffffffff R15: ffff88800f5efc60 [ 112.131503] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.132198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.132699] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.133311] PKRU: 55555554 [ 112.133555] Call Trace: [ 112.133776] [ 112.133973] iommufd_ioas_destroy+0x53/0x70 [ 112.134354] iommufd_fops_release+0x1f7/0x370 [ 112.134769] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.135217] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.135646] ? write_comp_data+0x2f/0x90 [ 112.136010] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.136444] __fput+0x26d/0xa40 [ 112.136744] ____fput+0x1e/0x30 [ 112.137038] task_work_run+0x1a4/0x2d0 [ 112.137389] ? __pfx_task_work_run+0x10/0x10 [ 112.137773] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.138197] ? switch_task_namespaces+0xa9/0xe0 [ 112.138637] do_exit+0xb17/0x2ef0 [ 112.138943] ? lock_acquire+0x427/0x4c0 [ 112.139311] ? __pfx_lock_release+0x10/0x10 [ 112.139696] ? __kasan_check_write+0x18/0x20 [ 112.140083] ? do_raw_spin_lock+0x132/0x2a0 [ 112.140467] ? __pfx_do_exit+0x10/0x10 [ 112.140813] ? debug_smp_processor_id+0x20/0x30 [ 112.141223] ? rcu_is_watching+0x19/0xb0 [ 112.141577] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.141969] ? trace_hardirqs_on+0x26/0x120 [ 112.142344] do_group_exit+0xe0/0x2b0 [ 112.142704] __x64_sys_exit_group+0x47/0x50 [ 112.143087] do_syscall_64+0x3b/0x90 [ 112.143430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.143880] RIP: 0033:0x7f4b87518a4d [ 112.144198] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.144733] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.145388] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.145999] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.146629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.147249] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.147860] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.148480] [ 112.148682] irq event stamp: 0 [ 112.148955] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.149498] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.150217] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.150948] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.151498] ---[ end trace 0000000000000000 ]--- [ 112.157873] ------------[ cut here ]------------ [ 112.158296] WARNING: CPU: 0 PID: 1006 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.159401] Modules linked in: [ 112.159684] CPU: 0 PID: 1006 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.160444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.161415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.161849] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.163446] RSP: 0018:ffff8880101f7bb8 EFLAGS: 00010246 [ 112.163913] RAX: 0000000000000000 RBX: ffff88800fc158a8 RCX: 0000000000000000 [ 112.164529] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 112.165141] RBP: ffff8880101f7bd0 R08: ffffed1001f82b33 R09: ffffed1001f82b33 [ 112.165754] R10: ffff88800fc15993 R11: ffffed1001f82b32 R12: ffff888012f1d000 [ 112.166372] R13: ffff88800fc159e8 R14: ffffffff8352e670 R15: ffff8880101f7e68 [ 112.167008] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.167715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.168220] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 112.168839] PKRU: 55555554 [ 112.169087] Call Trace: [ 112.169313] [ 112.169511] __iommufd_access_detach+0x1c2/0x2b0 [ 112.169941] iommufd_access_change_pt+0x149/0x270 [ 112.170369] iommufd_access_replace+0xb4/0x120 [ 112.170805] iommufd_test+0x3e5/0x37e0 [ 112.171165] ? lock_release+0x532/0x770 [ 112.171526] ? __might_fault+0x102/0x1b0 [ 112.171886] ? lock_acquire+0x427/0x4c0 [ 112.172242] ? __pfx_iommufd_test+0x10/0x10 [ 112.172618] ? __pfx_lock_release+0x10/0x10 [ 112.173006] ? __pfx_lock_acquire+0x10/0x10 [ 112.173395] ? write_comp_data+0x2f/0x90 [ 112.173760] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.174184] ? write_comp_data+0x2f/0x90 [ 112.174575] iommufd_fops_ioctl+0x37d/0x510 [ 112.174965] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.175404] ? write_comp_data+0x2f/0x90 [ 112.175772] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.176200] __x64_sys_ioctl+0x1a3/0x230 [ 112.176563] do_syscall_64+0x3b/0x90 [ 112.176899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.177357] RIP: 0033:0x7f4b8743ee5d [ 112.177684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.179310] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.179977] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.180602] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.181241] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.181866] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.182478] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.183134] [ 112.183342] irq event stamp: 0 [ 112.183629] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.184183] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.184929] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.185647] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.186196] ---[ end trace 0000000000000000 ]--- [ 112.189591] ------------[ cut here ]------------ [ 112.190151] WARNING: CPU: 0 PID: 1006 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.191187] Modules linked in: [ 112.191469] CPU: 0 PID: 1006 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.192233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.193407] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.193845] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.195496] RSP: 0018:ffff8880101f7bd0 EFLAGS: 00010246 [ 112.195975] RAX: 0000000000000000 RBX: ffff88800fc158a8 RCX: 0000000000000000 [ 112.196596] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 112.197248] RBP: ffff8880101f7be8 R08: ffffed1001f82b33 R09: ffffed1001f82b33 [ 112.198199] R10: ffff88800fc15993 R11: ffffed1001f82b32 R12: ffff8880182c0400 [ 112.198898] R13: ffff88800fc159e8 R14: ffff888012ce0c00 R15: 0000000000000000 [ 112.199591] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.200338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.200887] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.201824] PKRU: 55555554 [ 112.202106] Call Trace: [ 112.202348] [ 112.202599] iommufd_access_destroy_object+0x65/0x170 [ 112.203104] iommufd_object_destroy_user+0x18e/0x220 [ 112.203614] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.204173] iommufd_access_destroy+0x43/0x70 [ 112.204868] iommufd_test_staccess_release+0x8d/0xd0 [ 112.205362] __fput+0x26d/0xa40 [ 112.205697] ____fput+0x1e/0x30 [ 112.206025] task_work_run+0x1a4/0x2d0 [ 112.206401] ? __pfx_task_work_run+0x10/0x10 [ 112.206857] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.207353] ? switch_task_namespaces+0xa9/0xe0 [ 112.207869] do_exit+0xb17/0x2ef0 [ 112.208404] ? lock_acquire+0x427/0x4c0 [ 112.208808] ? __pfx_lock_release+0x10/0x10 [ 112.209240] ? __kasan_check_write+0x18/0x20 [ 112.209679] ? do_raw_spin_lock+0x132/0x2a0 [ 112.210100] ? __pfx_do_exit+0x10/0x10 [ 112.210566] ? debug_smp_processor_id+0x20/0x30 [ 112.211236] ? rcu_is_watching+0x19/0xb0 [ 112.211642] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.212086] ? trace_hardirqs_on+0x26/0x120 [ 112.212513] do_group_exit+0xe0/0x2b0 [ 112.212895] __x64_sys_exit_group+0x47/0x50 [ 112.213555] do_syscall_64+0x3b/0x90 [ 112.213916] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.214416] RIP: 0033:0x7f4b87518a4d [ 112.214808] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.215465] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.216370] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.217053] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.217938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.218651] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.219396] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.220621] [ 112.220929] irq event stamp: 0 [ 112.221326] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.222426] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.223774] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.225280] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.226149] ---[ end trace 0000000000000000 ]--- [ 112.227941] ------------[ cut here ]------------ [ 112.228663] WARNING: CPU: 0 PID: 1006 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.230247] Modules linked in: [ 112.231099] CPU: 0 PID: 1006 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.232308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.234107] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.235283] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.237915] RSP: 0018:ffff8880101f7b78 EFLAGS: 00010246 [ 112.238991] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.239983] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 112.241225] RBP: ffff8880101f7b98 R08: ffffed1001f82b3e R09: ffffed1001f82b3e [ 112.242188] R10: ffff88800fc159ef R11: ffffed1001f82b3d R12: ffff88800fc15a90 [ 112.243543] R13: ffff88800fc158a8 R14: ffffffffffffffff R15: ffff8880101f7c60 [ 112.244528] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.245911] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.246805] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.247921] PKRU: 55555554 [ 112.248504] Call Trace: [ 112.248876] [ 112.249200] iommufd_ioas_destroy+0x53/0x70 [ 112.249862] iommufd_fops_release+0x1f7/0x370 [ 112.250713] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.251424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.252115] ? write_comp_data+0x2f/0x90 [ 112.252980] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.253688] __fput+0x26d/0xa40 [ 112.254228] ____fput+0x1e/0x30 [ 112.254962] task_work_run+0x1a4/0x2d0 [ 112.255570] ? __pfx_task_work_run+0x10/0x10 [ 112.256193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.256937] ? switch_task_namespaces+0xa9/0xe0 [ 112.257785] do_exit+0xb17/0x2ef0 [ 112.258299] ? lock_acquire+0x427/0x4c0 [ 112.258952] ? __pfx_lock_release+0x10/0x10 [ 112.259773] ? __kasan_check_write+0x18/0x20 [ 112.260415] ? do_raw_spin_lock+0x132/0x2a0 [ 112.261037] ? __pfx_do_exit+0x10/0x10 [ 112.261885] ? debug_smp_processor_id+0x20/0x30 [ 112.262605] ? rcu_is_watching+0x19/0xb0 [ 112.263226] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.264186] ? trace_hardirqs_on+0x26/0x120 [ 112.264803] do_group_exit+0xe0/0x2b0 [ 112.265348] __x64_sys_exit_group+0x47/0x50 [ 112.266263] do_syscall_64+0x3b/0x90 [ 112.266882] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.267640] RIP: 0033:0x7f4b87518a4d [ 112.268225] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.269285] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.270433] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.271646] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.272617] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.273842] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.274954] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.276108] [ 112.276449] irq event stamp: 0 [ 112.276888] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.278025] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.279258] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.280653] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.281491] ---[ end trace 0000000000000000 ]--- [ 112.289220] ------------[ cut here ]------------ [ 112.289890] WARNING: CPU: 0 PID: 1007 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.291320] Modules linked in: [ 112.291765] CPU: 0 PID: 1007 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.292927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.294415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.295153] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.297551] RSP: 0018:ffff888016227bb8 EFLAGS: 00010246 [ 112.298271] RAX: 0000000000000000 RBX: ffff888015da10a8 RCX: 0000000000000000 [ 112.299277] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 112.300211] RBP: ffff888016227bd0 R08: ffffed1002bb4233 R09: ffffed1002bb4233 [ 112.301162] R10: ffff888015da1193 R11: ffffed1002bb4232 R12: ffff8880129c5000 [ 112.302111] R13: ffff888015da11e8 R14: ffffffff8352e670 R15: ffff888016227e68 [ 112.303104] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.304195] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.304970] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 112.305923] PKRU: 55555554 [ 112.306300] Call Trace: [ 112.306686] [ 112.306996] __iommufd_access_detach+0x1c2/0x2b0 [ 112.307669] iommufd_access_change_pt+0x149/0x270 [ 112.308316] iommufd_access_replace+0xb4/0x120 [ 112.308929] iommufd_test+0x3e5/0x37e0 [ 112.309446] ? lock_release+0x532/0x770 [ 112.309998] ? __might_fault+0x102/0x1b0 [ 112.310594] ? lock_acquire+0x427/0x4c0 [ 112.311160] ? __pfx_iommufd_test+0x10/0x10 [ 112.311732] ? __pfx_lock_release+0x10/0x10 [ 112.312314] ? __pfx_lock_acquire+0x10/0x10 [ 112.312889] ? write_comp_data+0x2f/0x90 [ 112.313434] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.314072] ? write_comp_data+0x2f/0x90 [ 112.314679] iommufd_fops_ioctl+0x37d/0x510 [ 112.315300] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.315956] ? write_comp_data+0x2f/0x90 [ 112.316510] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.317145] __x64_sys_ioctl+0x1a3/0x230 [ 112.317692] do_syscall_64+0x3b/0x90 [ 112.318194] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.318927] RIP: 0033:0x7f4b8743ee5d [ 112.319439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.321772] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.322799] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.323744] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.324667] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.325577] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.326467] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.327451] [ 112.327769] irq event stamp: 0 [ 112.328178] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.328995] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.330069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.331213] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.332043] ---[ end trace 0000000000000000 ]--- [ 112.337024] ------------[ cut here ]------------ [ 112.337668] WARNING: CPU: 0 PID: 1007 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.339036] Modules linked in: [ 112.339487] CPU: 0 PID: 1007 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.340618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.342059] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.342773] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.345149] RSP: 0018:ffff888016227bd0 EFLAGS: 00010246 [ 112.345852] RAX: 0000000000000000 RBX: ffff888015da10a8 RCX: 0000000000000000 [ 112.346840] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 112.347811] RBP: ffff888016227be8 R08: ffffed1002bb4233 R09: ffffed1002bb4233 [ 112.348732] R10: ffff888015da1193 R11: ffffed1002bb4232 R12: ffff888012f1c400 [ 112.349651] R13: ffff888015da11e8 R14: ffff888020c43400 R15: 0000000000000000 [ 112.350626] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.351694] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.352451] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.353375] PKRU: 55555554 [ 112.353749] Call Trace: [ 112.354090] [ 112.354398] iommufd_access_destroy_object+0x65/0x170 [ 112.355195] iommufd_object_destroy_user+0x18e/0x220 [ 112.355892] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.356664] iommufd_access_destroy+0x43/0x70 [ 112.357274] iommufd_test_staccess_release+0x8d/0xd0 [ 112.357953] __fput+0x26d/0xa40 [ 112.358411] ____fput+0x1e/0x30 [ 112.358921] task_work_run+0x1a4/0x2d0 [ 112.359496] ? __pfx_task_work_run+0x10/0x10 [ 112.360087] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.360738] ? switch_task_namespaces+0xa9/0xe0 [ 112.361368] do_exit+0xb17/0x2ef0 [ 112.361832] ? lock_acquire+0x427/0x4c0 [ 112.362372] ? __pfx_lock_release+0x10/0x10 [ 112.363044] ? __kasan_check_write+0x18/0x20 [ 112.363661] ? do_raw_spin_lock+0x132/0x2a0 [ 112.364240] ? __pfx_do_exit+0x10/0x10 [ 112.364771] ? debug_smp_processor_id+0x20/0x30 [ 112.365390] ? rcu_is_watching+0x19/0xb0 [ 112.365926] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.366597] ? trace_hardirqs_on+0x26/0x120 [ 112.367218] do_group_exit+0xe0/0x2b0 [ 112.367728] __x64_sys_exit_group+0x47/0x50 [ 112.368295] do_syscall_64+0x3b/0x90 [ 112.368801] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.369489] RIP: 0033:0x7f4b87518a4d [ 112.369983] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.370845] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.371872] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.372800] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.373722] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.374702] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.375653] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.376599] [ 112.376915] irq event stamp: 0 [ 112.377332] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.378155] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.379325] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.380436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.381283] ---[ end trace 0000000000000000 ]--- [ 112.382719] ------------[ cut here ]------------ [ 112.383376] WARNING: CPU: 0 PID: 1007 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.384736] Modules linked in: [ 112.385171] CPU: 0 PID: 1007 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.386335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.387911] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.388608] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.391042] RSP: 0018:ffff888016227b78 EFLAGS: 00010246 [ 112.391787] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.392731] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 112.393671] RBP: ffff888016227b98 R08: ffffed1002bb423e R09: ffffed1002bb423e [ 112.394670] R10: ffff888015da11ef R11: ffffed1002bb423d R12: ffff888015da1290 [ 112.395655] R13: ffff888015da10a8 R14: ffffffffffffffff R15: ffff888016227c60 [ 112.396610] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.397662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.398426] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.399459] PKRU: 55555554 [ 112.399856] Call Trace: [ 112.400204] [ 112.400519] iommufd_ioas_destroy+0x53/0x70 [ 112.401111] iommufd_fops_release+0x1f7/0x370 [ 112.401710] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.402361] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.403053] ? write_comp_data+0x2f/0x90 [ 112.403635] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.404310] __fput+0x26d/0xa40 [ 112.404779] ____fput+0x1e/0x30 [ 112.405242] task_work_run+0x1a4/0x2d0 [ 112.405785] ? __pfx_task_work_run+0x10/0x10 [ 112.406389] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.407140] ? switch_task_namespaces+0xa9/0xe0 [ 112.407802] do_exit+0xb17/0x2ef0 [ 112.408269] ? lock_acquire+0x427/0x4c0 [ 112.408800] ? __pfx_lock_release+0x10/0x10 [ 112.409377] ? __kasan_check_write+0x18/0x20 [ 112.409974] ? do_raw_spin_lock+0x132/0x2a0 [ 112.410591] ? __pfx_do_exit+0x10/0x10 [ 112.411148] ? debug_smp_processor_id+0x20/0x30 [ 112.411769] ? rcu_is_watching+0x19/0xb0 [ 112.412298] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.412895] ? trace_hardirqs_on+0x26/0x120 [ 112.413468] do_group_exit+0xe0/0x2b0 [ 112.413970] __x64_sys_exit_group+0x47/0x50 [ 112.414570] do_syscall_64+0x3b/0x90 [ 112.415076] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.415780] RIP: 0033:0x7f4b87518a4d [ 112.416264] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.417061] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.418036] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.418999] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.419929] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.420901] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.421590] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.422270] [ 112.422489] irq event stamp: 0 [ 112.422833] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.423456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.424252] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.425045] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.425638] ---[ end trace 0000000000000000 ]--- [ 112.430016] ------------[ cut here ]------------ [ 112.430756] WARNING: CPU: 1 PID: 1008 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.431727] Modules linked in: [ 112.432323] CPU: 1 PID: 1008 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.433128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.434314] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.434825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.436734] RSP: 0018:ffff88800efa7bb8 EFLAGS: 00010246 [ 112.437231] RAX: 0000000000000000 RBX: ffff888011d9c8a8 RCX: 0000000000000000 [ 112.437894] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 112.438745] RBP: ffff88800efa7bd0 R08: ffffed10023b3933 R09: ffffed10023b3933 [ 112.439419] R10: ffff888011d9c993 R11: ffffed10023b3932 R12: ffff88800fcb3c00 [ 112.440095] R13: ffff888011d9c9e8 R14: ffffffff8352e670 R15: ffff88800efa7e68 [ 112.440940] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.441696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.442244] CR2: 00007f4b877410e8 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 112.443101] PKRU: 55555554 [ 112.443385] Call Trace: [ 112.443625] [ 112.443839] __iommufd_access_detach+0x1c2/0x2b0 [ 112.444300] iommufd_access_change_pt+0x149/0x270 [ 112.444811] iommufd_access_replace+0xb4/0x120 [ 112.445354] iommufd_test+0x3e5/0x37e0 [ 112.445720] ? lock_release+0x532/0x770 [ 112.446102] ? __might_fault+0x102/0x1b0 [ 112.446545] ? lock_acquire+0x427/0x4c0 [ 112.447040] ? __pfx_iommufd_test+0x10/0x10 [ 112.447464] ? __pfx_lock_release+0x10/0x10 [ 112.447882] ? __pfx_lock_acquire+0x10/0x10 [ 112.448297] ? write_comp_data+0x2f/0x90 [ 112.448692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.449325] ? write_comp_data+0x2f/0x90 [ 112.449720] iommufd_fops_ioctl+0x37d/0x510 [ 112.450134] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.450633] ? write_comp_data+0x2f/0x90 [ 112.451037] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.451688] __x64_sys_ioctl+0x1a3/0x230 [ 112.452083] do_syscall_64+0x3b/0x90 [ 112.452442] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.452937] RIP: 0033:0x7f4b8743ee5d [ 112.453441] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.455238] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.456054] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.456725] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.457392] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.458247] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.458944] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.459648] [ 112.459892] irq event stamp: 0 [ 112.460342] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.460940] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.461721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.462722] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.463335] ---[ end trace 0000000000000000 ]--- [ 112.466682] ------------[ cut here ]------------ [ 112.467168] WARNING: CPU: 1 PID: 1008 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.468118] Modules linked in: [ 112.468516] CPU: 1 PID: 1008 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.469441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.470689] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.471180] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.473000] RSP: 0018:ffff88800efa7bd0 EFLAGS: 00010246 [ 112.473491] RAX: 0000000000000000 RBX: ffff888011d9c8a8 RCX: 0000000000000000 [ 112.474143] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 112.474944] RBP: ffff88800efa7be8 R08: ffffed10023b3933 R09: ffffed10023b3933 [ 112.475616] R10: ffff888011d9c993 R11: ffffed10023b3932 R12: ffff888020b31000 [ 112.476267] R13: ffff888011d9c9e8 R14: ffff88800ca5ae00 R15: 0000000000000000 [ 112.477015] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.477798] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.478337] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 112.479024] PKRU: 55555554 [ 112.479307] Call Trace: [ 112.479549] [ 112.479758] iommufd_access_destroy_object+0x65/0x170 [ 112.480244] iommufd_object_destroy_user+0x18e/0x220 [ 112.480722] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.481260] iommufd_access_destroy+0x43/0x70 [ 112.481684] iommufd_test_staccess_release+0x8d/0xd0 [ 112.482167] __fput+0x26d/0xa40 [ 112.482488] ____fput+0x1e/0x30 [ 112.482836] task_work_run+0x1a4/0x2d0 [ 112.483215] ? __pfx_task_work_run+0x10/0x10 [ 112.483628] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.484081] ? switch_task_namespaces+0xa9/0xe0 [ 112.484530] do_exit+0xb17/0x2ef0 [ 112.484851] ? lock_acquire+0x427/0x4c0 [ 112.485232] ? __pfx_lock_release+0x10/0x10 [ 112.485643] ? __kasan_check_write+0x18/0x20 [ 112.486058] ? do_raw_spin_lock+0x132/0x2a0 [ 112.486463] ? __pfx_do_exit+0x10/0x10 [ 112.486859] ? debug_smp_processor_id+0x20/0x30 [ 112.487310] ? rcu_is_watching+0x19/0xb0 [ 112.487692] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.488126] ? trace_hardirqs_on+0x26/0x120 [ 112.488541] do_group_exit+0xe0/0x2b0 [ 112.488896] __x64_sys_exit_group+0x47/0x50 [ 112.489292] do_syscall_64+0x3b/0x90 [ 112.489648] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.490134] RIP: 0033:0x7f4b87518a4d [ 112.490479] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.491078] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.491794] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.492446] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.493101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.493754] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.494411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.495100] [ 112.495332] irq event stamp: 0 [ 112.495628] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.496214] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.496993] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.497756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.498327] ---[ end trace 0000000000000000 ]--- [ 112.499223] ------------[ cut here ]------------ [ 112.499726] WARNING: CPU: 0 PID: 1008 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.500659] Modules linked in: [ 112.500954] CPU: 0 PID: 1008 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.501749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.503146] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.503620] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.505278] RSP: 0018:ffff88800efa7b78 EFLAGS: 00010246 [ 112.505761] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.506406] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 112.507082] RBP: ffff88800efa7b98 R08: ffffed10023b393e R09: ffffed10023b393e [ 112.507745] R10: ffff888011d9c9ef R11: ffffed10023b393d R12: ffff888011d9ca90 [ 112.508392] R13: ffff888011d9c8a8 R14: ffffffffffffffff R15: ffff88800efa7c60 [ 112.509041] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.509773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.510302] CR2: 00007f82e2bc4010 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 112.510969] PKRU: 55555554 [ 112.511238] Call Trace: [ 112.511465] [ 112.511672] iommufd_ioas_destroy+0x53/0x70 [ 112.512061] iommufd_fops_release+0x1f7/0x370 [ 112.512458] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.512893] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.513323] ? write_comp_data+0x2f/0x90 [ 112.513683] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.514118] __fput+0x26d/0xa40 [ 112.514417] ____fput+0x1e/0x30 [ 112.514731] task_work_run+0x1a4/0x2d0 [ 112.515076] ? __pfx_task_work_run+0x10/0x10 [ 112.515479] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.515899] ? switch_task_namespaces+0xa9/0xe0 [ 112.516316] do_exit+0xb17/0x2ef0 [ 112.516623] ? lock_acquire+0x427/0x4c0 [ 112.516978] ? __pfx_lock_release+0x10/0x10 [ 112.517360] ? __kasan_check_write+0x18/0x20 [ 112.517750] ? do_raw_spin_lock+0x132/0x2a0 [ 112.518130] ? __pfx_do_exit+0x10/0x10 [ 112.518482] ? debug_smp_processor_id+0x20/0x30 [ 112.518919] ? rcu_is_watching+0x19/0xb0 [ 112.519296] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.519743] ? trace_hardirqs_on+0x26/0x120 [ 112.520128] do_group_exit+0xe0/0x2b0 [ 112.520464] __x64_sys_exit_group+0x47/0x50 [ 112.520829] do_syscall_64+0x3b/0x90 [ 112.521156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.521613] RIP: 0033:0x7f4b87518a4d [ 112.521938] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.522470] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.523160] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.523773] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.524380] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.524995] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.525611] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.526239] [ 112.526446] irq event stamp: 0 [ 112.526745] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.527304] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.528026] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.528745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.529288] ---[ end trace 0000000000000000 ]--- [ 112.535851] ------------[ cut here ]------------ [ 112.536439] WARNING: CPU: 1 PID: 1009 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.537578] Modules linked in: [ 112.537947] CPU: 1 PID: 1009 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.538973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.540248] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.540816] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.542867] RSP: 0018:ffff888010887bb8 EFLAGS: 00010246 [ 112.543480] RAX: 0000000000000000 RBX: ffff8880244530a8 RCX: 0000000000000000 [ 112.544282] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 112.545077] RBP: ffff888010887bd0 R08: ffffed100488a633 R09: ffffed100488a633 [ 112.545871] R10: ffff888024453193 R11: ffffed100488a632 R12: ffff888010e03c00 [ 112.546699] R13: ffff8880244531e8 R14: ffffffff8352e670 R15: ffff888010887e68 [ 112.547510] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.548409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.549062] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 112.549863] PKRU: 55555554 [ 112.550187] Call Trace: [ 112.550481] [ 112.550776] __iommufd_access_detach+0x1c2/0x2b0 [ 112.551351] iommufd_access_change_pt+0x149/0x270 [ 112.551917] iommufd_access_replace+0xb4/0x120 [ 112.552452] iommufd_test+0x3e5/0x37e0 [ 112.552897] ? lock_release+0x532/0x770 [ 112.553365] ? __might_fault+0x102/0x1b0 [ 112.553839] ? lock_acquire+0x427/0x4c0 [ 112.554308] ? __pfx_iommufd_test+0x10/0x10 [ 112.554830] ? __pfx_lock_release+0x10/0x10 [ 112.555349] ? __pfx_lock_acquire+0x10/0x10 [ 112.555856] ? write_comp_data+0x2f/0x90 [ 112.556333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.556894] ? write_comp_data+0x2f/0x90 [ 112.557374] iommufd_fops_ioctl+0x37d/0x510 [ 112.557871] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.558431] ? write_comp_data+0x2f/0x90 [ 112.558943] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.559518] __x64_sys_ioctl+0x1a3/0x230 [ 112.559991] do_syscall_64+0x3b/0x90 [ 112.560424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.561012] RIP: 0033:0x7f4b8743ee5d [ 112.561432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.563455] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.564145] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.564707] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.565269] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.565828] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.566387] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.566989] [ 112.567242] irq event stamp: 0 [ 112.567498] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.567992] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.568651] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.569300] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.569798] ---[ end trace 0000000000000000 ]--- [ 112.572750] ------------[ cut here ]------------ [ 112.573131] WARNING: CPU: 1 PID: 1009 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.573920] Modules linked in: [ 112.574171] CPU: 1 PID: 1009 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.574879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.575842] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.576238] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.577641] RSP: 0018:ffff888010887bd0 EFLAGS: 00010246 [ 112.578058] RAX: 0000000000000000 RBX: ffff8880244530a8 RCX: 0000000000000000 [ 112.578629] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 112.579252] RBP: ffff888010887be8 R08: ffffed100488a633 R09: ffffed100488a633 [ 112.579804] R10: ffff888024453193 R11: ffffed100488a632 R12: ffff88800fcb1c00 [ 112.580359] R13: ffff8880244531e8 R14: ffff8880143c9000 R15: 0000000000000000 [ 112.580898] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.581524] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.581977] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 112.582557] PKRU: 55555554 [ 112.582835] Call Trace: [ 112.583057] [ 112.583242] iommufd_access_destroy_object+0x65/0x170 [ 112.583654] iommufd_object_destroy_user+0x18e/0x220 [ 112.584048] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.584505] iommufd_access_destroy+0x43/0x70 [ 112.584861] iommufd_test_staccess_release+0x8d/0xd0 [ 112.585267] __fput+0x26d/0xa40 [ 112.585545] ____fput+0x1e/0x30 [ 112.585819] task_work_run+0x1a4/0x2d0 [ 112.586132] ? __pfx_task_work_run+0x10/0x10 [ 112.586481] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.586993] ? switch_task_namespaces+0xa9/0xe0 [ 112.587384] do_exit+0xb17/0x2ef0 [ 112.587657] ? lock_acquire+0x427/0x4c0 [ 112.587978] ? __pfx_lock_release+0x10/0x10 [ 112.588333] ? __kasan_check_write+0x18/0x20 [ 112.588675] ? do_raw_spin_lock+0x132/0x2a0 [ 112.589005] ? __pfx_do_exit+0x10/0x10 [ 112.589319] ? debug_smp_processor_id+0x20/0x30 [ 112.589681] ? rcu_is_watching+0x19/0xb0 [ 112.589994] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.590361] ? trace_hardirqs_on+0x26/0x120 [ 112.590741] do_group_exit+0xe0/0x2b0 [ 112.591140] __x64_sys_exit_group+0x47/0x50 [ 112.591524] do_syscall_64+0x3b/0x90 [ 112.591821] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.592230] RIP: 0033:0x7f4b87518a4d [ 112.592531] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.593009] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.593601] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.594146] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.594733] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.595377] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.595926] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.596476] [ 112.596656] irq event stamp: 0 [ 112.596904] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.597390] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.598034] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.598700] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.599284] ---[ end trace 0000000000000000 ]--- [ 112.599967] ------------[ cut here ]------------ [ 112.600338] WARNING: CPU: 1 PID: 1009 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.601115] Modules linked in: [ 112.601370] CPU: 1 PID: 1009 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.602030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.602918] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.603411] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.604811] RSP: 0018:ffff888010887b78 EFLAGS: 00010246 [ 112.605223] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.605771] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 112.606309] RBP: ffff888010887b98 R08: ffffed100488a63e R09: ffffed100488a63e [ 112.606880] R10: ffff8880244531ef R11: ffffed100488a63d R12: ffff888024453290 [ 112.607504] R13: ffff8880244530a8 R14: ffffffffffffffff R15: ffff888010887c60 [ 112.608069] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.608684] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.609138] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 112.609680] PKRU: 55555554 [ 112.609905] Call Trace: [ 112.610101] [ 112.610276] iommufd_ioas_destroy+0x53/0x70 [ 112.610645] iommufd_fops_release+0x1f7/0x370 [ 112.611095] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.611589] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.611982] ? write_comp_data+0x2f/0x90 [ 112.612310] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.612698] __fput+0x26d/0xa40 [ 112.612966] ____fput+0x1e/0x30 [ 112.613229] task_work_run+0x1a4/0x2d0 [ 112.613540] ? __pfx_task_work_run+0x10/0x10 [ 112.613885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.614267] ? switch_task_namespaces+0xa9/0xe0 [ 112.614668] do_exit+0xb17/0x2ef0 [ 112.614942] ? lock_acquire+0x427/0x4c0 [ 112.615270] ? __pfx_lock_release+0x10/0x10 [ 112.615611] ? __kasan_check_write+0x18/0x20 [ 112.615956] ? do_raw_spin_lock+0x132/0x2a0 [ 112.616294] ? __pfx_do_exit+0x10/0x10 [ 112.616606] ? debug_smp_processor_id+0x20/0x30 [ 112.616971] ? rcu_is_watching+0x19/0xb0 [ 112.617291] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.617648] ? trace_hardirqs_on+0x26/0x120 [ 112.617989] do_group_exit+0xe0/0x2b0 [ 112.618291] __x64_sys_exit_group+0x47/0x50 [ 112.618644] do_syscall_64+0x3b/0x90 [ 112.618946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.619365] RIP: 0033:0x7f4b87518a4d [ 112.619656] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.620136] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.620725] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.621280] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.621829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.622381] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.622956] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.623527] [ 112.623710] irq event stamp: 0 [ 112.623956] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.624446] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.625097] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.625739] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.626226] ---[ end trace 0000000000000000 ]--- [ 112.630225] ------------[ cut here ]------------ [ 112.630681] WARNING: CPU: 1 PID: 1010 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.631480] Modules linked in: [ 112.631733] CPU: 1 PID: 1010 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.632411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.633277] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.633663] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.635101] RSP: 0018:ffff888017bf7bb8 EFLAGS: 00010246 [ 112.635532] RAX: 0000000000000000 RBX: ffff88800eaca8a8 RCX: 0000000000000000 [ 112.636084] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 112.636632] RBP: ffff888017bf7bd0 R08: ffffed1001d59533 R09: ffffed1001d59533 [ 112.637184] R10: ffff88800eaca993 R11: ffffed1001d59532 R12: ffff888017ba5000 [ 112.637738] R13: ffff88800eaca9e8 R14: ffffffff8352e670 R15: ffff888017bf7e68 [ 112.638287] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.638929] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.639386] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 112.639938] PKRU: 55555554 [ 112.640161] Call Trace: [ 112.640361] [ 112.640538] __iommufd_access_detach+0x1c2/0x2b0 [ 112.640925] iommufd_access_change_pt+0x149/0x270 [ 112.641313] iommufd_access_replace+0xb4/0x120 [ 112.641679] iommufd_test+0x3e5/0x37e0 [ 112.641982] ? lock_release+0x532/0x770 [ 112.642302] ? __might_fault+0x102/0x1b0 [ 112.642647] ? lock_acquire+0x427/0x4c0 [ 112.642976] ? __pfx_iommufd_test+0x10/0x10 [ 112.643324] ? __pfx_lock_release+0x10/0x10 [ 112.643672] ? __pfx_lock_acquire+0x10/0x10 [ 112.644020] ? write_comp_data+0x2f/0x90 [ 112.644347] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.644732] ? write_comp_data+0x2f/0x90 [ 112.645057] iommufd_fops_ioctl+0x37d/0x510 [ 112.645405] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.645791] ? write_comp_data+0x2f/0x90 [ 112.646121] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.646528] __x64_sys_ioctl+0x1a3/0x230 [ 112.646858] do_syscall_64+0x3b/0x90 [ 112.647167] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.647583] RIP: 0033:0x7f4b8743ee5d [ 112.647873] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.649284] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.649881] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.650432] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.651014] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.651584] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.652139] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.652702] [ 112.652891] irq event stamp: 0 [ 112.653136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.653629] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.654283] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.654955] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.655460] ---[ end trace 0000000000000000 ]--- [ 112.658143] ------------[ cut here ]------------ [ 112.658555] WARNING: CPU: 1 PID: 1010 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.659368] Modules linked in: [ 112.659625] CPU: 1 PID: 1010 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.660315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.661198] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.661593] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.663042] RSP: 0018:ffff888017bf7bd0 EFLAGS: 00010246 [ 112.663473] RAX: 0000000000000000 RBX: ffff88800eaca8a8 RCX: 0000000000000000 [ 112.664032] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 112.664591] RBP: ffff888017bf7be8 R08: ffffed1001d59533 R09: ffffed1001d59533 [ 112.665148] R10: ffff88800eaca993 R11: ffffed1001d59532 R12: ffff888010e00800 [ 112.665705] R13: ffff88800eaca9e8 R14: ffff88802097db00 R15: 0000000000000000 [ 112.666260] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.666908] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.667379] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 112.667941] PKRU: 55555554 [ 112.668165] Call Trace: [ 112.668369] [ 112.668549] iommufd_access_destroy_object+0x65/0x170 [ 112.668963] iommufd_object_destroy_user+0x18e/0x220 [ 112.669369] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.669833] iommufd_access_destroy+0x43/0x70 [ 112.670199] iommufd_test_staccess_release+0x8d/0xd0 [ 112.670635] __fput+0x26d/0xa40 [ 112.670913] ____fput+0x1e/0x30 [ 112.671192] task_work_run+0x1a4/0x2d0 [ 112.671508] ? __pfx_task_work_run+0x10/0x10 [ 112.671860] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.672250] ? switch_task_namespaces+0xa9/0xe0 [ 112.672628] do_exit+0xb17/0x2ef0 [ 112.672904] ? lock_acquire+0x427/0x4c0 [ 112.673229] ? __pfx_lock_release+0x10/0x10 [ 112.673578] ? __kasan_check_write+0x18/0x20 [ 112.673933] ? do_raw_spin_lock+0x132/0x2a0 [ 112.674275] ? __pfx_do_exit+0x10/0x10 [ 112.674618] ? debug_smp_processor_id+0x20/0x30 [ 112.674991] ? rcu_is_watching+0x19/0xb0 [ 112.675319] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.675684] ? trace_hardirqs_on+0x26/0x120 [ 112.676037] do_group_exit+0xe0/0x2b0 [ 112.676343] __x64_sys_exit_group+0x47/0x50 [ 112.676702] do_syscall_64+0x3b/0x90 [ 112.677008] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.677426] RIP: 0033:0x7f4b87518a4d [ 112.677720] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.678207] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.678826] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.679396] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.679957] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.680518] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.681080] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.681650] [ 112.681833] irq event stamp: 0 [ 112.682080] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.682599] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.683263] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.683922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.684426] ---[ end trace 0000000000000000 ]--- [ 112.685122] ------------[ cut here ]------------ [ 112.685493] WARNING: CPU: 1 PID: 1010 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.686294] Modules linked in: [ 112.686570] CPU: 1 PID: 1010 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.687271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.688236] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.688805] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.690377] RSP: 0018:ffff888017bf7b78 EFLAGS: 00010246 [ 112.690826] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.691388] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 112.692160] RBP: ffff888017bf7b98 R08: ffffed1001d5953e R09: ffffed1001d5953e [ 112.692958] R10: ffff88800eaca9ef R11: ffffed1001d5953d R12: ffff88800eacaa90 [ 112.693838] R13: ffff88800eaca8a8 R14: ffffffffffffffff R15: ffff888017bf7c60 [ 112.694676] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.695592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.696085] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 112.696653] PKRU: 55555554 [ 112.696872] Call Trace: [ 112.697071] [ 112.697263] iommufd_ioas_destroy+0x53/0x70 [ 112.697685] iommufd_fops_release+0x1f7/0x370 [ 112.698040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.698433] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.698855] ? write_comp_data+0x2f/0x90 [ 112.699196] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.699684] __fput+0x26d/0xa40 [ 112.699957] ____fput+0x1e/0x30 [ 112.700223] task_work_run+0x1a4/0x2d0 [ 112.700537] ? __pfx_task_work_run+0x10/0x10 [ 112.700911] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.701365] ? switch_task_namespaces+0xa9/0xe0 [ 112.701742] do_exit+0xb17/0x2ef0 [ 112.702016] ? lock_acquire+0x427/0x4c0 [ 112.702339] ? __pfx_lock_release+0x10/0x10 [ 112.702795] ? __kasan_check_write+0x18/0x20 [ 112.703154] ? do_raw_spin_lock+0x132/0x2a0 [ 112.703501] ? __pfx_do_exit+0x10/0x10 [ 112.703817] ? debug_smp_processor_id+0x20/0x30 [ 112.704187] ? rcu_is_watching+0x19/0xb0 [ 112.704511] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.704978] ? trace_hardirqs_on+0x26/0x120 [ 112.705324] do_group_exit+0xe0/0x2b0 [ 112.705625] __x64_sys_exit_group+0x47/0x50 [ 112.705962] do_syscall_64+0x3b/0x90 [ 112.706278] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.706786] RIP: 0033:0x7f4b87518a4d [ 112.707083] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.707571] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.708160] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.708815] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.709367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.709945] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.710608] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.711195] [ 112.711389] irq event stamp: 0 [ 112.711650] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.712295] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.712980] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.713687] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.714287] ---[ end trace 0000000000000000 ]--- [ 112.719173] ------------[ cut here ]------------ [ 112.719590] WARNING: CPU: 1 PID: 1011 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.720520] Modules linked in: [ 112.720786] CPU: 1 PID: 1011 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.721570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.722757] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.723183] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.724785] RSP: 0018:ffff8880149ffbb8 EFLAGS: 00010246 [ 112.725225] RAX: 0000000000000000 RBX: ffff888010ed38a8 RCX: 0000000000000000 [ 112.725915] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 112.726497] RBP: ffff8880149ffbd0 R08: ffffed10021da733 R09: ffffed10021da733 [ 112.727117] R10: ffff888010ed3993 R11: ffffed10021da732 R12: ffff88801849ec00 [ 112.727811] R13: ffff888010ed39e8 R14: ffffffff8352e670 R15: ffff8880149ffe68 [ 112.728395] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 112.729052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.729635] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 112.730219] PKRU: 55555554 [ 112.730460] Call Trace: [ 112.730700] [ 112.730892] __iommufd_access_detach+0x1c2/0x2b0 [ 112.731329] iommufd_access_change_pt+0x149/0x270 [ 112.731806] iommufd_access_replace+0xb4/0x120 [ 112.732192] iommufd_test+0x3e5/0x37e0 [ 112.732515] ? lock_release+0x532/0x770 [ 112.732854] ? __might_fault+0x102/0x1b0 [ 112.733304] ? lock_acquire+0x427/0x4c0 [ 112.733642] ? __pfx_iommufd_test+0x10/0x10 [ 112.734000] ? __pfx_lock_release+0x10/0x10 [ 112.734365] ? __pfx_lock_acquire+0x10/0x10 [ 112.734768] ? write_comp_data+0x2f/0x90 [ 112.735192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.735597] ? write_comp_data+0x2f/0x90 [ 112.735944] iommufd_fops_ioctl+0x37d/0x510 [ 112.736305] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.736712] ? write_comp_data+0x2f/0x90 [ 112.737151] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.737550] __x64_sys_ioctl+0x1a3/0x230 [ 112.737895] do_syscall_64+0x3b/0x90 [ 112.738214] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.738697] RIP: 0033:0x7f4b8743ee5d [ 112.739059] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.740553] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.741289] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.741873] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.742497] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.743159] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.743741] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.744330] [ 112.744591] irq event stamp: 0 [ 112.744898] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.745417] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.746122] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.746900] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.747447] ---[ end trace 0000000000000000 ]--- [ 112.750903] ------------[ cut here ]------------ [ 112.751352] WARNING: CPU: 0 PID: 1011 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.752247] Modules linked in: [ 112.752525] CPU: 0 PID: 1011 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.753282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.754242] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.754740] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.756307] RSP: 0018:ffff8880149ffbd0 EFLAGS: 00010246 [ 112.756758] RAX: 0000000000000000 RBX: ffff888010ed38a8 RCX: 0000000000000000 [ 112.757368] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 112.757979] RBP: ffff8880149ffbe8 R08: ffffed10021da733 R09: ffffed10021da733 [ 112.758613] R10: ffff888010ed3993 R11: ffffed10021da732 R12: ffff888017ba4400 [ 112.759222] R13: ffff888010ed39e8 R14: ffff888013428f00 R15: 0000000000000000 [ 112.759827] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.760511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.761002] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 112.761616] PKRU: 55555554 [ 112.761857] Call Trace: [ 112.762075] [ 112.762267] iommufd_access_destroy_object+0x65/0x170 [ 112.762740] iommufd_object_destroy_user+0x18e/0x220 [ 112.762939] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5462 of 7281 items, 4194304 file size, 767 bytes per hash table item), suggesting rotation. [ 112.763209] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.764944] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 112.765402] iommufd_access_destroy+0x43/0x70 [ 112.766973] iommufd_test_staccess_release+0x8d/0xd0 [ 112.767416] __fput+0x26d/0xa40 [ 112.767718] ____fput+0x1e/0x30 [ 112.768009] task_work_run+0x1a4/0x2d0 [ 112.768355] ? __pfx_task_work_run+0x10/0x10 [ 112.768735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.769155] ? switch_task_namespaces+0xa9/0xe0 [ 112.769562] do_exit+0xb17/0x2ef0 [ 112.769860] ? lock_acquire+0x427/0x4c0 [ 112.770205] ? __pfx_lock_release+0x10/0x10 [ 112.770592] ? __kasan_check_write+0x18/0x20 [ 112.770975] ? do_raw_spin_lock+0x132/0x2a0 [ 112.771362] ? __pfx_do_exit+0x10/0x10 [ 112.771713] ? debug_smp_processor_id+0x20/0x30 [ 112.772124] ? rcu_is_watching+0x19/0xb0 [ 112.772473] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.772861] ? trace_hardirqs_on+0x26/0x120 [ 112.773235] do_group_exit+0xe0/0x2b0 [ 112.773561] __x64_sys_exit_group+0x47/0x50 [ 112.773929] do_syscall_64+0x3b/0x90 [ 112.774258] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.774732] RIP: 0033:0x7f4b87518a4d [ 112.775054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.775587] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.776234] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.776834] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.777439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.778044] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.778668] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.779290] [ 112.779490] irq event stamp: 0 [ 112.779765] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.780300] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.781010] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.781728] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.782270] ---[ end trace 0000000000000000 ]--- [ 112.783605] ------------[ cut here ]------------ [ 112.784032] WARNING: CPU: 0 PID: 1011 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.784940] Modules linked in: [ 112.785218] CPU: 0 PID: 1011 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.785981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.786991] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.787468] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.789056] RSP: 0018:ffff8880149ffb78 EFLAGS: 00010246 [ 112.789520] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.790136] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 112.790781] RBP: ffff8880149ffb98 R08: ffffed10021da73e R09: ffffed10021da73e [ 112.791403] R10: ffff888010ed39ef R11: ffffed10021da73d R12: ffff888010ed3a90 [ 112.792017] R13: ffff888010ed38a8 R14: ffffffffffffffff R15: ffff8880149ffc60 [ 112.792638] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.793338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.793841] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 112.794459] PKRU: 55555554 [ 112.794723] Call Trace: [ 112.794947] [ 112.795150] iommufd_ioas_destroy+0x53/0x70 [ 112.795533] iommufd_fops_release+0x1f7/0x370 [ 112.795933] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.796374] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.796806] ? write_comp_data+0x2f/0x90 [ 112.797177] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.797620] __fput+0x26d/0xa40 [ 112.797923] ____fput+0x1e/0x30 [ 112.798221] task_work_run+0x1a4/0x2d0 [ 112.798588] ? __pfx_task_work_run+0x10/0x10 [ 112.798977] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.799412] ? switch_task_namespaces+0xa9/0xe0 [ 112.799824] do_exit+0xb17/0x2ef0 [ 112.800141] ? lock_acquire+0x427/0x4c0 [ 112.800504] ? __pfx_lock_release+0x10/0x10 [ 112.800900] ? __kasan_check_write+0x18/0x20 [ 112.801291] ? do_raw_spin_lock+0x132/0x2a0 [ 112.801668] ? __pfx_do_exit+0x10/0x10 [ 112.802017] ? debug_smp_processor_id+0x20/0x30 [ 112.802430] ? rcu_is_watching+0x19/0xb0 [ 112.802807] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.803222] ? trace_hardirqs_on+0x26/0x120 [ 112.803607] do_group_exit+0xe0/0x2b0 [ 112.803941] __x64_sys_exit_group+0x47/0x50 [ 112.804317] do_syscall_64+0x3b/0x90 [ 112.804652] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.805105] RIP: 0033:0x7f4b87518a4d [ 112.805428] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.805963] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.806636] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.807273] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.807896] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.808512] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.809128] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.809751] [ 112.809952] irq event stamp: 0 [ 112.810238] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.810798] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.811531] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.812253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.812796] ---[ end trace 0000000000000000 ]--- [ 112.817106] ------------[ cut here ]------------ [ 112.817553] WARNING: CPU: 0 PID: 1013 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.818424] Modules linked in: [ 112.818731] CPU: 0 PID: 1013 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.819503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.820467] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.820893] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.822449] RSP: 0018:ffff88800fc17bb8 EFLAGS: 00010246 [ 112.822922] RAX: 0000000000000000 RBX: ffff88800fc9c8a8 RCX: 0000000000000000 [ 112.823535] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 112.824128] RBP: ffff88800fc17bd0 R08: ffffed1001f93933 R09: ffffed1001f93933 [ 112.824705] R10: ffff88800fc9c993 R11: ffffed1001f93932 R12: ffff888014583c00 [ 112.825284] R13: ffff88800fc9c9e8 R14: ffffffff8352e670 R15: ffff88800fc17e68 [ 112.825861] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.826521] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.826986] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 112.827558] PKRU: 55555554 [ 112.827786] Call Trace: [ 112.827990] [ 112.828177] __iommufd_access_detach+0x1c2/0x2b0 [ 112.828576] iommufd_access_change_pt+0x149/0x270 [ 112.828980] iommufd_access_replace+0xb4/0x120 [ 112.829368] iommufd_test+0x3e5/0x37e0 [ 112.829686] ? lock_release+0x532/0x770 [ 112.830022] ? __might_fault+0x102/0x1b0 [ 112.830373] ? lock_acquire+0x427/0x4c0 [ 112.830725] ? __pfx_iommufd_test+0x10/0x10 [ 112.831088] ? __pfx_lock_release+0x10/0x10 [ 112.831458] ? __pfx_lock_acquire+0x10/0x10 [ 112.831821] ? write_comp_data+0x2f/0x90 [ 112.832169] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.832580] ? write_comp_data+0x2f/0x90 [ 112.832927] iommufd_fops_ioctl+0x37d/0x510 [ 112.833290] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.833700] ? write_comp_data+0x2f/0x90 [ 112.834048] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.834449] __x64_sys_ioctl+0x1a3/0x230 [ 112.834812] do_syscall_64+0x3b/0x90 [ 112.835141] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.835575] RIP: 0033:0x7f4b8743ee5d [ 112.835878] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.837359] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.837976] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.838573] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.839159] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.839736] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.840316] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.840904] [ 112.841096] irq event stamp: 0 [ 112.841357] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.841872] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.842574] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.843260] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.843771] ---[ end trace 0000000000000000 ]--- [ 112.846637] ------------[ cut here ]------------ [ 112.847056] WARNING: CPU: 0 PID: 1013 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.847897] Modules linked in: [ 112.848159] CPU: 0 PID: 1013 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.848869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.849787] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.850192] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.851680] RSP: 0018:ffff88800fc17bd0 EFLAGS: 00010246 [ 112.852116] RAX: 0000000000000000 RBX: ffff88800fc9c8a8 RCX: 0000000000000000 [ 112.852691] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 112.853274] RBP: ffff88800fc17be8 R08: ffffed1001f93933 R09: ffffed1001f93933 [ 112.853838] R10: ffff88800fc9c993 R11: ffffed1001f93932 R12: ffff8880129c5800 [ 112.854405] R13: ffff88800fc9c9e8 R14: ffff88800ace4100 R15: 0000000000000000 [ 112.854996] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.855673] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.856148] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.856727] PKRU: 55555554 [ 112.856955] Call Trace: [ 112.857163] [ 112.857350] iommufd_access_destroy_object+0x65/0x170 [ 112.857778] iommufd_object_destroy_user+0x18e/0x220 [ 112.858201] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.858699] iommufd_access_destroy+0x43/0x70 [ 112.859081] iommufd_test_staccess_release+0x8d/0xd0 [ 112.859514] __fput+0x26d/0xa40 [ 112.859800] ____fput+0x1e/0x30 [ 112.860080] task_work_run+0x1a4/0x2d0 [ 112.860409] ? __pfx_task_work_run+0x10/0x10 [ 112.860792] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.861200] ? switch_task_namespaces+0xa9/0xe0 [ 112.861597] do_exit+0xb17/0x2ef0 [ 112.861885] ? lock_acquire+0x427/0x4c0 [ 112.862230] ? __pfx_lock_release+0x10/0x10 [ 112.862604] ? __kasan_check_write+0x18/0x20 [ 112.862973] ? do_raw_spin_lock+0x132/0x2a0 [ 112.863351] ? __pfx_do_exit+0x10/0x10 [ 112.863677] ? debug_smp_processor_id+0x20/0x30 [ 112.864055] ? rcu_is_watching+0x19/0xb0 [ 112.864387] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.864759] ? trace_hardirqs_on+0x26/0x120 [ 112.865117] do_group_exit+0xe0/0x2b0 [ 112.865431] __x64_sys_exit_group+0x47/0x50 [ 112.865781] do_syscall_64+0x3b/0x90 [ 112.866096] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.866545] RIP: 0033:0x7f4b87518a4d [ 112.866846] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.867338] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.867940] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.868499] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.869059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.869618] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.870178] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.870754] [ 112.870938] irq event stamp: 0 [ 112.871194] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.871679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.872317] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.872950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.873434] ---[ end trace 0000000000000000 ]--- [ 112.874112] ------------[ cut here ]------------ [ 112.874477] WARNING: CPU: 0 PID: 1013 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.875296] Modules linked in: [ 112.875544] CPU: 0 PID: 1013 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.876218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.877094] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.877488] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.878890] RSP: 0018:ffff88800fc17b78 EFLAGS: 00010246 [ 112.879311] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.879854] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 112.880403] RBP: ffff88800fc17b98 R08: ffffed1001f9393e R09: ffffed1001f9393e [ 112.880944] R10: ffff88800fc9c9ef R11: ffffed1001f9393d R12: ffff88800fc9ca90 [ 112.881488] R13: ffff88800fc9c8a8 R14: ffffffffffffffff R15: ffff88800fc17c60 [ 112.882040] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.882663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.883106] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.883654] PKRU: 55555554 [ 112.883870] Call Trace: [ 112.884066] [ 112.884239] iommufd_ioas_destroy+0x53/0x70 [ 112.884579] iommufd_fops_release+0x1f7/0x370 [ 112.884929] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.885319] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.885709] ? write_comp_data+0x2f/0x90 [ 112.886040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.886434] __fput+0x26d/0xa40 [ 112.886723] ____fput+0x1e/0x30 [ 112.886990] task_work_run+0x1a4/0x2d0 [ 112.887305] ? __pfx_task_work_run+0x10/0x10 [ 112.887653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.888031] ? switch_task_namespaces+0xa9/0xe0 [ 112.888402] do_exit+0xb17/0x2ef0 [ 112.888675] ? lock_acquire+0x427/0x4c0 [ 112.888997] ? __pfx_lock_release+0x10/0x10 [ 112.889339] ? __kasan_check_write+0x18/0x20 [ 112.889684] ? do_raw_spin_lock+0x132/0x2a0 [ 112.890019] ? __pfx_do_exit+0x10/0x10 [ 112.890329] ? debug_smp_processor_id+0x20/0x30 [ 112.890726] ? rcu_is_watching+0x19/0xb0 [ 112.891045] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.891415] ? trace_hardirqs_on+0x26/0x120 [ 112.891761] do_group_exit+0xe0/0x2b0 [ 112.892067] __x64_sys_exit_group+0x47/0x50 [ 112.892409] do_syscall_64+0x3b/0x90 [ 112.892713] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.893122] RIP: 0033:0x7f4b87518a4d [ 112.893410] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.893878] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.894455] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.895160] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.895709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.896252] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.896792] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.897339] [ 112.897524] irq event stamp: 0 [ 112.897764] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.898250] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.898907] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.899555] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.900035] ---[ end trace 0000000000000000 ]--- [ 112.904779] ------------[ cut here ]------------ [ 112.905191] WARNING: CPU: 0 PID: 1014 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.905972] Modules linked in: [ 112.906221] CPU: 0 PID: 1014 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.906951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.907830] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.908211] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.909609] RSP: 0018:ffff888023effbb8 EFLAGS: 00010246 [ 112.910018] RAX: 0000000000000000 RBX: ffff88800ef030a8 RCX: 0000000000000000 [ 112.910655] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 112.911214] RBP: ffff888023effbd0 R08: ffffed1001de0633 R09: ffffed1001de0633 [ 112.911760] R10: ffff88800ef03193 R11: ffffed1001de0632 R12: ffff888017ba3000 [ 112.912305] R13: ffff88800ef031e8 R14: ffffffff8352e670 R15: ffff888023effe68 [ 112.912851] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.913464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.913911] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 112.914463] PKRU: 55555554 [ 112.914694] Call Trace: [ 112.914894] [ 112.915070] __iommufd_access_detach+0x1c2/0x2b0 [ 112.915462] iommufd_access_change_pt+0x149/0x270 [ 112.915843] iommufd_access_replace+0xb4/0x120 [ 112.916205] iommufd_test+0x3e5/0x37e0 [ 112.916508] ? lock_release+0x532/0x770 [ 112.916824] ? __might_fault+0x102/0x1b0 [ 112.917144] ? lock_acquire+0x427/0x4c0 [ 112.917457] ? __pfx_iommufd_test+0x10/0x10 [ 112.917788] ? __pfx_lock_release+0x10/0x10 [ 112.918124] ? __pfx_lock_acquire+0x10/0x10 [ 112.918465] ? write_comp_data+0x2f/0x90 [ 112.918799] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.919190] ? write_comp_data+0x2f/0x90 [ 112.919512] iommufd_fops_ioctl+0x37d/0x510 [ 112.919850] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.920230] ? write_comp_data+0x2f/0x90 [ 112.920550] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.920923] __x64_sys_ioctl+0x1a3/0x230 [ 112.921245] do_syscall_64+0x3b/0x90 [ 112.921540] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.921942] RIP: 0033:0x7f4b8743ee5d [ 112.922228] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.923618] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.924181] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.924709] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.925238] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.925766] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.926326] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 112.926874] [ 112.927050] irq event stamp: 0 [ 112.927301] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.927770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.928387] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.928996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.929452] ---[ end trace 0000000000000000 ]--- [ 112.932043] ------------[ cut here ]------------ [ 112.932411] WARNING: CPU: 0 PID: 1014 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.933136] Modules linked in: [ 112.933382] CPU: 0 PID: 1014 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.934010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.934826] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.935186] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.936480] RSP: 0018:ffff888023effbd0 EFLAGS: 00010246 [ 112.936856] RAX: 0000000000000000 RBX: ffff88800ef030a8 RCX: 0000000000000000 [ 112.937359] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 112.937865] RBP: ffff888023effbe8 R08: ffffed1001de0633 R09: ffffed1001de0633 [ 112.938371] R10: ffff88800ef03193 R11: ffffed1001de0632 R12: ffff888014581800 [ 112.938887] R13: ffff88800ef031e8 R14: ffff888020987f00 R15: 0000000000000000 [ 112.939405] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.939975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.940389] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.940895] PKRU: 55555554 [ 112.941096] Call Trace: [ 112.941279] [ 112.941440] iommufd_access_destroy_object+0x65/0x170 [ 112.941835] iommufd_object_destroy_user+0x18e/0x220 [ 112.942211] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 112.942634] iommufd_access_destroy+0x43/0x70 [ 112.942952] iommufd_test_staccess_release+0x8d/0xd0 [ 112.943321] __fput+0x26d/0xa40 [ 112.943562] ____fput+0x1e/0x30 [ 112.943797] task_work_run+0x1a4/0x2d0 [ 112.944074] ? __pfx_task_work_run+0x10/0x10 [ 112.944384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.944725] ? switch_task_namespaces+0xa9/0xe0 [ 112.945056] do_exit+0xb17/0x2ef0 [ 112.945296] ? lock_acquire+0x427/0x4c0 [ 112.945577] ? __pfx_lock_release+0x10/0x10 [ 112.945880] ? __kasan_check_write+0x18/0x20 [ 112.946186] ? do_raw_spin_lock+0x132/0x2a0 [ 112.946484] ? __pfx_do_exit+0x10/0x10 [ 112.946780] ? debug_smp_processor_id+0x20/0x30 [ 112.947105] ? rcu_is_watching+0x19/0xb0 [ 112.947394] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.947711] ? trace_hardirqs_on+0x26/0x120 [ 112.948013] do_group_exit+0xe0/0x2b0 [ 112.948279] __x64_sys_exit_group+0x47/0x50 [ 112.948575] do_syscall_64+0x3b/0x90 [ 112.948839] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.949203] RIP: 0033:0x7f4b87518a4d [ 112.949458] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.949878] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.950393] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.950890] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.951388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.951874] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.952360] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.952855] [ 112.953016] irq event stamp: 0 [ 112.953234] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.953667] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.954240] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.954817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.955252] ---[ end trace 0000000000000000 ]--- [ 112.955852] ------------[ cut here ]------------ [ 112.956170] WARNING: CPU: 0 PID: 1014 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 112.956853] Modules linked in: [ 112.957065] CPU: 0 PID: 1014 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.957643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.958422] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 112.958775] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 112.959990] RSP: 0018:ffff888023effb78 EFLAGS: 00010246 [ 112.960342] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 112.960812] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 112.961283] RBP: ffff888023effb98 R08: ffffed1001de063e R09: ffffed1001de063e [ 112.961753] R10: ffff88800ef031ef R11: ffffed1001de063d R12: ffff88800ef03290 [ 112.962223] R13: ffff88800ef030a8 R14: ffffffffffffffff R15: ffff888023effc60 [ 112.962701] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.963238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.963621] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 112.964093] PKRU: 55555554 [ 112.964281] Call Trace: [ 112.964451] [ 112.964602] iommufd_ioas_destroy+0x53/0x70 [ 112.964892] iommufd_fops_release+0x1f7/0x370 [ 112.965196] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.965530] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.965859] ? write_comp_data+0x2f/0x90 [ 112.966138] ? __pfx_iommufd_fops_release+0x10/0x10 [ 112.966472] __fput+0x26d/0xa40 [ 112.966719] ____fput+0x1e/0x30 [ 112.966948] task_work_run+0x1a4/0x2d0 [ 112.967226] ? __pfx_task_work_run+0x10/0x10 [ 112.967525] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.967854] ? switch_task_namespaces+0xa9/0xe0 [ 112.968171] do_exit+0xb17/0x2ef0 [ 112.968403] ? lock_acquire+0x427/0x4c0 [ 112.968673] ? __pfx_lock_release+0x10/0x10 [ 112.968964] ? __kasan_check_write+0x18/0x20 [ 112.969258] ? do_raw_spin_lock+0x132/0x2a0 [ 112.969545] ? __pfx_do_exit+0x10/0x10 [ 112.969810] ? debug_smp_processor_id+0x20/0x30 [ 112.970119] ? rcu_is_watching+0x19/0xb0 [ 112.970388] ? _raw_spin_unlock_irq+0x2b/0x60 [ 112.970699] ? trace_hardirqs_on+0x26/0x120 [ 112.970989] do_group_exit+0xe0/0x2b0 [ 112.971251] __x64_sys_exit_group+0x47/0x50 [ 112.971535] do_syscall_64+0x3b/0x90 [ 112.971788] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.972134] RIP: 0033:0x7f4b87518a4d [ 112.972379] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 112.972782] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 112.973287] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 112.973775] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 112.974241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 112.974716] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 112.975190] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 112.975657] [ 112.975808] irq event stamp: 0 [ 112.976011] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 112.976415] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 112.976950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 112.977485] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 112.977888] ---[ end trace 0000000000000000 ]--- [ 112.981951] ------------[ cut here ]------------ [ 112.982283] WARNING: CPU: 0 PID: 1015 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 112.983121] Modules linked in: [ 112.983317] CPU: 0 PID: 1015 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 112.983871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 112.984593] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 112.984912] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 112.986077] RSP: 0018:ffff8880219a7bb8 EFLAGS: 00010246 [ 112.986420] RAX: 0000000000000000 RBX: ffff888015d2a8a8 RCX: 0000000000000000 [ 112.987032] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 112.987494] RBP: ffff8880219a7bd0 R08: ffffed1002ba5533 R09: ffffed1002ba5533 [ 112.987949] R10: ffff888015d2a993 R11: ffffed1002ba5532 R12: ffff888021bc5400 [ 112.988405] R13: ffff888015d2a9e8 R14: ffffffff8352e670 R15: ffff8880219a7e68 [ 112.988861] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 112.989418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.989789] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 112.990245] PKRU: 55555554 [ 112.990430] Call Trace: [ 112.990604] [ 112.990750] __iommufd_access_detach+0x1c2/0x2b0 [ 112.991064] iommufd_access_change_pt+0x149/0x270 [ 112.991389] iommufd_access_replace+0xb4/0x120 [ 112.991691] iommufd_test+0x3e5/0x37e0 [ 112.991939] ? lock_release+0x532/0x770 [ 112.992197] ? __might_fault+0x102/0x1b0 [ 112.992462] ? lock_acquire+0x427/0x4c0 [ 112.992720] ? __pfx_iommufd_test+0x10/0x10 [ 112.992991] ? __pfx_lock_release+0x10/0x10 [ 112.993273] ? __pfx_lock_acquire+0x10/0x10 [ 112.993554] ? write_comp_data+0x2f/0x90 [ 112.993819] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 112.994126] ? write_comp_data+0x2f/0x90 [ 112.994388] iommufd_fops_ioctl+0x37d/0x510 [ 112.994669] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.994978] ? write_comp_data+0x2f/0x90 [ 112.995244] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 112.995548] __x64_sys_ioctl+0x1a3/0x230 [ 112.995810] do_syscall_64+0x3b/0x90 [ 112.996050] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 112.996378] RIP: 0033:0x7f4b8743ee5d [ 112.996609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 112.997732] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 112.998201] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 112.998658] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 112.999100] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 112.999545] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 112.999985] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.000431] [ 113.000576] irq event stamp: 0 [ 113.000774] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.001167] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.001683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.002199] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.002601] ---[ end trace 0000000000000000 ]--- [ 113.004866] ------------[ cut here ]------------ [ 113.005165] WARNING: CPU: 0 PID: 1015 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.005790] Modules linked in: [ 113.005990] CPU: 0 PID: 1015 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.006544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.007256] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.007566] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.008694] RSP: 0018:ffff8880219a7bd0 EFLAGS: 00010246 [ 113.009023] RAX: 0000000000000000 RBX: ffff888015d2a8a8 RCX: 0000000000000000 [ 113.009464] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 113.009906] RBP: ffff8880219a7be8 R08: ffffed1002ba5533 R09: ffffed1002ba5533 [ 113.010347] R10: ffff888015d2a993 R11: ffffed1002ba5532 R12: ffff888017ba1c00 [ 113.010796] R13: ffff888015d2a9e8 R14: ffff888013d16500 R15: 0000000000000000 [ 113.011243] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.011740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.012099] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.012542] PKRU: 55555554 [ 113.012718] Call Trace: [ 113.012878] [ 113.013020] iommufd_access_destroy_object+0x65/0x170 [ 113.013344] iommufd_object_destroy_user+0x18e/0x220 [ 113.013666] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.014032] iommufd_access_destroy+0x43/0x70 [ 113.014319] iommufd_test_staccess_release+0x8d/0xd0 [ 113.014655] __fput+0x26d/0xa40 [ 113.014875] ____fput+0x1e/0x30 [ 113.015089] task_work_run+0x1a4/0x2d0 [ 113.015349] ? __pfx_task_work_run+0x10/0x10 [ 113.015629] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.015937] ? switch_task_namespaces+0xa9/0xe0 [ 113.016236] do_exit+0xb17/0x2ef0 [ 113.016453] ? lock_acquire+0x427/0x4c0 [ 113.016709] ? __pfx_lock_release+0x10/0x10 [ 113.016984] ? __kasan_check_write+0x18/0x20 [ 113.017263] ? do_raw_spin_lock+0x132/0x2a0 [ 113.017533] ? __pfx_do_exit+0x10/0x10 [ 113.017784] ? debug_smp_processor_id+0x20/0x30 [ 113.018076] ? rcu_is_watching+0x19/0xb0 [ 113.018331] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.018644] ? trace_hardirqs_on+0x26/0x120 [ 113.018921] do_group_exit+0xe0/0x2b0 [ 113.019164] __x64_sys_exit_group+0x47/0x50 [ 113.019433] do_syscall_64+0x3b/0x90 [ 113.019674] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.020002] RIP: 0033:0x7f4b87518a4d [ 113.020244] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.020628] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.021097] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.021540] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.021984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.022421] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.022867] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.023309] [ 113.023452] irq event stamp: 0 [ 113.023647] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.024030] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.024537] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.025036] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.025411] ---[ end trace 0000000000000000 ]--- [ 113.025945] ------------[ cut here ]------------ [ 113.026225] WARNING: CPU: 0 PID: 1015 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.026845] Modules linked in: [ 113.027038] CPU: 0 PID: 1015 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.027564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.028234] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.028544] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.029631] RSP: 0018:ffff8880219a7b78 EFLAGS: 00010246 [ 113.029953] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.030381] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 113.030822] RBP: ffff8880219a7b98 R08: ffffed1002ba553e R09: ffffed1002ba553e [ 113.031267] R10: ffff888015d2a9ef R11: ffffed1002ba553d R12: ffff888015d2aa90 [ 113.031705] R13: ffff888015d2a8a8 R14: ffffffffffffffff R15: ffff8880219a7c60 [ 113.032133] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.032630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.032982] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.033408] PKRU: 55555554 [ 113.033579] Call Trace: [ 113.033735] [ 113.033872] iommufd_ioas_destroy+0x53/0x70 [ 113.034138] iommufd_fops_release+0x1f7/0x370 [ 113.034418] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.034735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.035036] ? write_comp_data+0x2f/0x90 [ 113.035301] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.035605] __fput+0x26d/0xa40 [ 113.035825] ____fput+0x1e/0x30 [ 113.036036] task_work_run+0x1a4/0x2d0 [ 113.036279] ? __pfx_task_work_run+0x10/0x10 [ 113.036551] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.036849] ? switch_task_namespaces+0xa9/0xe0 [ 113.037141] do_exit+0xb17/0x2ef0 [ 113.037352] ? lock_acquire+0x427/0x4c0 [ 113.037601] ? __pfx_lock_release+0x10/0x10 [ 113.037866] ? __kasan_check_write+0x18/0x20 [ 113.038136] ? do_raw_spin_lock+0x132/0x2a0 [ 113.038398] ? __pfx_do_exit+0x10/0x10 [ 113.038656] ? debug_smp_processor_id+0x20/0x30 [ 113.038943] ? rcu_is_watching+0x19/0xb0 [ 113.039198] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.039478] ? trace_hardirqs_on+0x26/0x120 [ 113.039746] do_group_exit+0xe0/0x2b0 [ 113.039979] __x64_sys_exit_group+0x47/0x50 [ 113.040239] do_syscall_64+0x3b/0x90 [ 113.040473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.040791] RIP: 0033:0x7f4b87518a4d [ 113.041015] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.041383] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.041837] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.042262] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.042699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.043131] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.043562] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.044001] [ 113.044145] irq event stamp: 0 [ 113.044340] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.044725] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.045235] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.045746] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.046131] ---[ end trace 0000000000000000 ]--- [ 113.049387] ------------[ cut here ]------------ [ 113.049717] WARNING: CPU: 1 PID: 1016 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.050354] Modules linked in: [ 113.050587] CPU: 1 PID: 1016 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.051152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.051857] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.052171] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.053306] RSP: 0018:ffff888023effbb8 EFLAGS: 00010246 [ 113.053642] RAX: 0000000000000000 RBX: ffff888010fa00a8 RCX: 0000000000000000 [ 113.054088] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 113.054574] RBP: ffff888023effbd0 R08: ffffed10021f4033 R09: ffffed10021f4033 [ 113.055023] R10: ffff888010fa0193 R11: ffffed10021f4032 R12: ffff888013c8e400 [ 113.055481] R13: ffff888010fa01e8 R14: ffffffff8352e670 R15: ffff888023effe68 [ 113.055928] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.056435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.056799] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 113.057246] PKRU: 55555554 [ 113.057426] Call Trace: [ 113.057590] [ 113.057735] __iommufd_access_detach+0x1c2/0x2b0 [ 113.058053] iommufd_access_change_pt+0x149/0x270 [ 113.058393] iommufd_access_replace+0xb4/0x120 [ 113.058722] iommufd_test+0x3e5/0x37e0 [ 113.058978] ? lock_release+0x532/0x770 [ 113.059258] ? __might_fault+0x102/0x1b0 [ 113.059529] ? lock_acquire+0x427/0x4c0 [ 113.059795] ? __pfx_iommufd_test+0x10/0x10 [ 113.060082] ? __pfx_lock_release+0x10/0x10 [ 113.060367] ? __pfx_lock_acquire+0x10/0x10 [ 113.060654] ? write_comp_data+0x2f/0x90 [ 113.060929] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.061251] ? write_comp_data+0x2f/0x90 [ 113.061527] iommufd_fops_ioctl+0x37d/0x510 [ 113.061815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.062138] ? write_comp_data+0x2f/0x90 [ 113.062416] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.062753] __x64_sys_ioctl+0x1a3/0x230 [ 113.063029] do_syscall_64+0x3b/0x90 [ 113.063296] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.063643] RIP: 0033:0x7f4b8743ee5d [ 113.063888] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.065072] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.065578] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.066047] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.066538] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.067009] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.067487] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.067978] [ 113.068134] irq event stamp: 0 [ 113.068348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.068765] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.069316] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.069863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.070282] ---[ end trace 0000000000000000 ]--- [ 113.072872] ------------[ cut here ]------------ [ 113.073205] WARNING: CPU: 1 PID: 1016 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.073868] Modules linked in: [ 113.074079] CPU: 1 PID: 1016 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.074692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.075435] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.075762] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.076948] RSP: 0018:ffff888023effbd0 EFLAGS: 00010246 [ 113.077294] RAX: 0000000000000000 RBX: ffff888010fa00a8 RCX: 0000000000000000 [ 113.077767] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 113.078241] RBP: ffff888023effbe8 R08: ffffed10021f4033 R09: ffffed10021f4033 [ 113.078731] R10: ffff888010fa0193 R11: ffffed10021f4032 R12: ffff888012f1c400 [ 113.079220] R13: ffff888010fa01e8 R14: ffff88800fcf6700 R15: 0000000000000000 [ 113.079702] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.080242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.080633] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.081115] PKRU: 55555554 [ 113.081309] Call Trace: [ 113.081483] [ 113.081637] iommufd_access_destroy_object+0x65/0x170 [ 113.081993] iommufd_object_destroy_user+0x18e/0x220 [ 113.082343] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.082760] iommufd_access_destroy+0x43/0x70 [ 113.083075] iommufd_test_staccess_release+0x8d/0xd0 [ 113.083436] __fput+0x26d/0xa40 [ 113.083678] ____fput+0x1e/0x30 [ 113.083913] task_work_run+0x1a4/0x2d0 [ 113.084187] ? __pfx_task_work_run+0x10/0x10 [ 113.084495] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.084834] ? switch_task_namespaces+0xa9/0xe0 [ 113.085159] do_exit+0xb17/0x2ef0 [ 113.085399] ? lock_acquire+0x427/0x4c0 [ 113.085676] ? __pfx_lock_release+0x10/0x10 [ 113.085976] ? __kasan_check_write+0x18/0x20 [ 113.086279] ? do_raw_spin_lock+0x132/0x2a0 [ 113.086593] ? __pfx_do_exit+0x10/0x10 [ 113.086866] ? debug_smp_processor_id+0x20/0x30 [ 113.087200] ? rcu_is_watching+0x19/0xb0 [ 113.087483] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.087798] ? trace_hardirqs_on+0x26/0x120 [ 113.088102] do_group_exit+0xe0/0x2b0 [ 113.088366] __x64_sys_exit_group+0x47/0x50 [ 113.088661] do_syscall_64+0x3b/0x90 [ 113.088925] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.089287] RIP: 0033:0x7f4b87518a4d [ 113.089542] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.089960] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.090483] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.090987] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.091480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.091962] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.092447] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.092936] [ 113.093097] irq event stamp: 0 [ 113.093312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.093739] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.094313] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.094896] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.095332] ---[ end trace 0000000000000000 ]--- [ 113.095948] ------------[ cut here ]------------ [ 113.096267] WARNING: CPU: 1 PID: 1016 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.096959] Modules linked in: [ 113.097180] CPU: 1 PID: 1016 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.097776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.098554] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.098907] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.100161] RSP: 0018:ffff888023effb78 EFLAGS: 00010246 [ 113.100524] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.101012] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 113.101509] RBP: ffff888023effb98 R08: ffffed10021f403e R09: ffffed10021f403e [ 113.101996] R10: ffff888010fa01ef R11: ffffed10021f403d R12: ffff888010fa0290 [ 113.102485] R13: ffff888010fa00a8 R14: ffffffffffffffff R15: ffff888023effc60 [ 113.102997] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.103547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.103950] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.104440] PKRU: 55555554 [ 113.104636] Call Trace: [ 113.104812] [ 113.104972] iommufd_ioas_destroy+0x53/0x70 [ 113.105278] iommufd_fops_release+0x1f7/0x370 [ 113.105606] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.105966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.106324] ? write_comp_data+0x2f/0x90 [ 113.106652] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.107022] __fput+0x26d/0xa40 [ 113.107282] ____fput+0x1e/0x30 [ 113.107529] task_work_run+0x1a4/0x2d0 [ 113.107815] ? __pfx_task_work_run+0x10/0x10 [ 113.108135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.108488] ? switch_task_namespaces+0xa9/0xe0 [ 113.108833] do_exit+0xb17/0x2ef0 [ 113.109086] ? lock_acquire+0x427/0x4c0 [ 113.109381] ? __pfx_lock_release+0x10/0x10 [ 113.109700] ? __kasan_check_write+0x18/0x20 [ 113.110025] ? do_raw_spin_lock+0x132/0x2a0 [ 113.110338] ? __pfx_do_exit+0x10/0x10 [ 113.110651] ? debug_smp_processor_id+0x20/0x30 [ 113.110996] ? rcu_is_watching+0x19/0xb0 [ 113.111302] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.111630] ? trace_hardirqs_on+0x26/0x120 [ 113.111947] do_group_exit+0xe0/0x2b0 [ 113.112223] __x64_sys_exit_group+0x47/0x50 [ 113.112530] do_syscall_64+0x3b/0x90 [ 113.112803] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.113176] RIP: 0033:0x7f4b87518a4d [ 113.113439] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.113874] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.114412] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.114940] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.115465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.115971] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.116483] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.116997] [ 113.117166] irq event stamp: 0 [ 113.117389] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.117835] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.118430] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.119048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.119507] ---[ end trace 0000000000000000 ]--- [ 113.123352] ------------[ cut here ]------------ [ 113.123718] WARNING: CPU: 1 PID: 1017 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.124430] Modules linked in: [ 113.124658] CPU: 1 PID: 1017 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.125274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.126064] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.126420] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.127913] RSP: 0018:ffff88801818fbb8 EFLAGS: 00010246 [ 113.128290] RAX: 0000000000000000 RBX: ffff88801058e0a8 RCX: 0000000000000000 [ 113.128781] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 113.129273] RBP: ffff88801818fbd0 R08: ffffed10020b1c33 R09: ffffed10020b1c33 [ 113.129768] R10: ffff88801058e193 R11: ffffed10020b1c32 R12: ffff888016c99400 [ 113.130263] R13: ffff88801058e1e8 R14: ffffffff8352e670 R15: ffff88801818fe68 [ 113.130775] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.131340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.131743] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 113.132238] PKRU: 55555554 [ 113.132436] Call Trace: [ 113.132616] [ 113.132775] __iommufd_access_detach+0x1c2/0x2b0 [ 113.133118] iommufd_access_change_pt+0x149/0x270 [ 113.133463] iommufd_access_replace+0xb4/0x120 [ 113.133791] iommufd_test+0x3e5/0x37e0 [ 113.134062] ? lock_release+0x532/0x770 [ 113.134350] ? __might_fault+0x102/0x1b0 [ 113.134659] ? lock_acquire+0x427/0x4c0 [ 113.134953] ? __pfx_iommufd_test+0x10/0x10 [ 113.135286] ? __pfx_lock_release+0x10/0x10 [ 113.135594] ? __pfx_lock_acquire+0x10/0x10 [ 113.135904] ? write_comp_data+0x2f/0x90 [ 113.136197] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.136543] ? write_comp_data+0x2f/0x90 [ 113.136836] iommufd_fops_ioctl+0x37d/0x510 [ 113.137141] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.137487] ? write_comp_data+0x2f/0x90 [ 113.137779] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.138117] __x64_sys_ioctl+0x1a3/0x230 [ 113.138412] do_syscall_64+0x3b/0x90 [ 113.138700] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.139073] RIP: 0033:0x7f4b8743ee5d [ 113.139342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.140609] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.141139] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.141635] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.142129] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.142639] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.143142] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.143645] [ 113.143809] irq event stamp: 0 [ 113.144028] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.144462] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.145040] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.145628] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.146071] ---[ end trace 0000000000000000 ]--- [ 113.148829] ------------[ cut here ]------------ [ 113.149202] WARNING: CPU: 1 PID: 1017 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.149914] Modules linked in: [ 113.150142] CPU: 1 PID: 1017 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.150783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.151589] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.151939] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.153215] RSP: 0018:ffff88801818fbd0 EFLAGS: 00010246 [ 113.153591] RAX: 0000000000000000 RBX: ffff88801058e0a8 RCX: 0000000000000000 [ 113.154089] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 113.154604] RBP: ffff88801818fbe8 R08: ffffed10020b1c33 R09: ffffed10020b1c33 [ 113.155106] R10: ffff88801058e193 R11: ffffed10020b1c32 R12: ffff888013c8c800 [ 113.155609] R13: ffff88801058e1e8 R14: ffff8880181b2b00 R15: 0000000000000000 [ 113.156109] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.156671] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.157080] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.157582] PKRU: 55555554 [ 113.157782] Call Trace: [ 113.157965] [ 113.158127] iommufd_access_destroy_object+0x65/0x170 [ 113.158492] iommufd_object_destroy_user+0x18e/0x220 [ 113.158877] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.159309] iommufd_access_destroy+0x43/0x70 [ 113.159634] iommufd_test_staccess_release+0x8d/0xd0 [ 113.159998] __fput+0x26d/0xa40 [ 113.160244] ____fput+0x1e/0x30 [ 113.160487] task_work_run+0x1a4/0x2d0 [ 113.160770] ? __pfx_task_work_run+0x10/0x10 [ 113.161084] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.161431] ? switch_task_namespaces+0xa9/0xe0 [ 113.161770] do_exit+0xb17/0x2ef0 [ 113.162015] ? lock_acquire+0x427/0x4c0 [ 113.162304] ? __pfx_lock_release+0x10/0x10 [ 113.162636] ? __kasan_check_write+0x18/0x20 [ 113.162953] ? do_raw_spin_lock+0x132/0x2a0 [ 113.163266] ? __pfx_do_exit+0x10/0x10 [ 113.163550] ? debug_smp_processor_id+0x20/0x30 [ 113.163882] ? rcu_is_watching+0x19/0xb0 [ 113.164172] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.164500] ? trace_hardirqs_on+0x26/0x120 [ 113.164815] do_group_exit+0xe0/0x2b0 [ 113.165086] __x64_sys_exit_group+0x47/0x50 [ 113.165392] do_syscall_64+0x3b/0x90 [ 113.165663] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.166032] RIP: 0033:0x7f4b87518a4d [ 113.166295] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.166744] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.167293] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.167792] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.168289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.168789] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.169287] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.169793] [ 113.169958] irq event stamp: 0 [ 113.170182] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.170636] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.171292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.171877] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.172317] ---[ end trace 0000000000000000 ]--- [ 113.172944] ------------[ cut here ]------------ [ 113.173275] WARNING: CPU: 1 PID: 1017 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.173985] Modules linked in: [ 113.174209] CPU: 1 PID: 1017 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.174837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.175640] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.176001] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.177266] RSP: 0018:ffff88801818fb78 EFLAGS: 00010246 [ 113.177637] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.178137] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 113.178644] RBP: ffff88801818fb98 R08: ffffed10020b1c3e R09: ffffed10020b1c3e [ 113.179149] R10: ffff88801058e1ef R11: ffffed10020b1c3d R12: ffff88801058e290 [ 113.179644] R13: ffff88801058e0a8 R14: ffffffffffffffff R15: ffff88801818fc60 [ 113.180138] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.180699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.181106] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.181603] PKRU: 55555554 [ 113.181801] Call Trace: [ 113.181980] [ 113.182139] iommufd_ioas_destroy+0x53/0x70 [ 113.182446] iommufd_fops_release+0x1f7/0x370 [ 113.182779] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.183137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.183483] ? write_comp_data+0x2f/0x90 [ 113.183774] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.184120] __fput+0x26d/0xa40 [ 113.184361] ____fput+0x1e/0x30 [ 113.184599] task_work_run+0x1a4/0x2d0 [ 113.184875] ? __pfx_task_work_run+0x10/0x10 [ 113.185184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.185527] ? switch_task_namespaces+0xa9/0xe0 [ 113.185859] do_exit+0xb17/0x2ef0 [ 113.186100] ? lock_acquire+0x427/0x4c0 [ 113.186384] ? __pfx_lock_release+0x10/0x10 [ 113.186702] ? __kasan_check_write+0x18/0x20 [ 113.187010] ? do_raw_spin_lock+0x132/0x2a0 [ 113.187323] ? __pfx_do_exit+0x10/0x10 [ 113.187603] ? debug_smp_processor_id+0x20/0x30 [ 113.187928] ? rcu_is_watching+0x19/0xb0 [ 113.188212] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.188541] ? trace_hardirqs_on+0x26/0x120 [ 113.188846] do_group_exit+0xe0/0x2b0 [ 113.189113] __x64_sys_exit_group+0x47/0x50 [ 113.189416] do_syscall_64+0x3b/0x90 [ 113.189687] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.190056] RIP: 0033:0x7f4b87518a4d [ 113.190316] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.190758] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.191292] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.191780] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.192266] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.192753] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.193241] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.193732] [ 113.193892] irq event stamp: 0 [ 113.194109] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.194552] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.195141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.195710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.196138] ---[ end trace 0000000000000000 ]--- [ 113.200280] ------------[ cut here ]------------ [ 113.200635] WARNING: CPU: 1 PID: 1018 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.201325] Modules linked in: [ 113.201543] CPU: 1 PID: 1018 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.202140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.202921] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.203273] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.204501] RSP: 0018:ffff88800bf4fbb8 EFLAGS: 00010246 [ 113.204861] RAX: 0000000000000000 RBX: ffff88802451c0a8 RCX: 0000000000000000 [ 113.205343] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 113.205823] RBP: ffff88800bf4fbd0 R08: ffffed10048a3833 R09: ffffed10048a3833 [ 113.206305] R10: ffff88802451c193 R11: ffffed10048a3832 R12: ffff88801892c000 [ 113.206797] R13: ffff88802451c1e8 R14: ffffffff8352e670 R15: ffff88800bf4fe68 [ 113.207288] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.207834] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.208227] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 113.208704] PKRU: 55555554 [ 113.208894] Call Trace: [ 113.209066] [ 113.209220] __iommufd_access_detach+0x1c2/0x2b0 [ 113.209553] iommufd_access_change_pt+0x149/0x270 [ 113.209888] iommufd_access_replace+0xb4/0x120 [ 113.210207] iommufd_test+0x3e5/0x37e0 [ 113.210471] ? lock_release+0x532/0x770 [ 113.210754] ? __might_fault+0x102/0x1b0 [ 113.211032] ? lock_acquire+0x427/0x4c0 [ 113.211312] ? __pfx_iommufd_test+0x10/0x10 [ 113.211599] ? __pfx_lock_release+0x10/0x10 [ 113.211892] ? __pfx_lock_acquire+0x10/0x10 [ 113.212189] ? write_comp_data+0x2f/0x90 [ 113.212467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.212794] ? write_comp_data+0x2f/0x90 [ 113.213073] iommufd_fops_ioctl+0x37d/0x510 [ 113.213363] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.213689] ? write_comp_data+0x2f/0x90 [ 113.213969] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.214290] __x64_sys_ioctl+0x1a3/0x230 [ 113.214578] do_syscall_64+0x3b/0x90 [ 113.214834] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.215189] RIP: 0033:0x7f4b8743ee5d [ 113.215436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.216629] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.217126] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.217594] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.218059] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.218540] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.219006] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.219487] [ 113.219641] irq event stamp: 0 [ 113.219850] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.220265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.220813] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.221364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.221777] ---[ end trace 0000000000000000 ]--- [ 113.224193] ------------[ cut here ]------------ [ 113.224512] WARNING: CPU: 1 PID: 1018 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.225177] Modules linked in: [ 113.225388] CPU: 1 PID: 1018 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.225956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.226701] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.227024] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.228209] RSP: 0018:ffff88800bf4fbd0 EFLAGS: 00010246 [ 113.228553] RAX: 0000000000000000 RBX: ffff88802451c0a8 RCX: 0000000000000000 [ 113.229015] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 113.229476] RBP: ffff88800bf4fbe8 R08: ffffed10048a3833 R09: ffffed10048a3833 [ 113.229936] R10: ffff88802451c193 R11: ffffed10048a3832 R12: ffff888016c9b400 [ 113.230397] R13: ffff88802451c1e8 R14: ffff888020a7df00 R15: 0000000000000000 [ 113.230870] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.231421] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.231798] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.232260] PKRU: 55555554 [ 113.232444] Call Trace: [ 113.232612] [ 113.232760] iommufd_access_destroy_object+0x65/0x170 [ 113.233098] iommufd_object_destroy_user+0x18e/0x220 [ 113.233435] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.233818] iommufd_access_destroy+0x43/0x70 [ 113.234119] iommufd_test_staccess_release+0x8d/0xd0 [ 113.234461] __fput+0x26d/0xa40 [ 113.234699] ____fput+0x1e/0x30 [ 113.234924] task_work_run+0x1a4/0x2d0 [ 113.235193] ? __pfx_task_work_run+0x10/0x10 [ 113.235486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.235809] ? switch_task_namespaces+0xa9/0xe0 [ 113.236125] do_exit+0xb17/0x2ef0 [ 113.236353] ? lock_acquire+0x427/0x4c0 [ 113.236618] ? __pfx_lock_release+0x10/0x10 [ 113.236901] ? __kasan_check_write+0x18/0x20 [ 113.237190] ? do_raw_spin_lock+0x132/0x2a0 [ 113.237468] ? __pfx_do_exit+0x10/0x10 [ 113.237726] ? debug_smp_processor_id+0x20/0x30 [ 113.238027] ? rcu_is_watching+0x19/0xb0 [ 113.238289] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.238595] ? trace_hardirqs_on+0x26/0x120 [ 113.238879] do_group_exit+0xe0/0x2b0 [ 113.239130] __x64_sys_exit_group+0x47/0x50 [ 113.239406] do_syscall_64+0x3b/0x90 [ 113.239652] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.239990] RIP: 0033:0x7f4b87518a4d [ 113.240227] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.240620] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.241102] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.241555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.242007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.242459] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.242920] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.243389] [ 113.243539] irq event stamp: 0 [ 113.243741] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.244141] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.244674] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.245204] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.245604] ---[ end trace 0000000000000000 ]--- [ 113.246159] ------------[ cut here ]------------ [ 113.246461] WARNING: CPU: 1 PID: 1018 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.247130] Modules linked in: [ 113.247335] CPU: 1 PID: 1018 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.247886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.248594] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.248919] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.250069] RSP: 0018:ffff88800bf4fb78 EFLAGS: 00010246 [ 113.250560] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.251017] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 113.251477] RBP: ffff88800bf4fb98 R08: ffffed10048a383e R09: ffffed10048a383e [ 113.251923] R10: ffff88802451c1ef R11: ffffed10048a383d R12: ffff88802451c290 [ 113.252368] R13: ffff88802451c0a8 R14: ffffffffffffffff R15: ffff88800bf4fc60 [ 113.252814] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.253319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.253683] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.254130] PKRU: 55555554 [ 113.254311] Call Trace: [ 113.254473] [ 113.254629] iommufd_ioas_destroy+0x53/0x70 [ 113.254907] iommufd_fops_release+0x1f7/0x370 [ 113.255213] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.255531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.255845] ? write_comp_data+0x2f/0x90 [ 113.256112] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.256433] __fput+0x26d/0xa40 [ 113.256654] ____fput+0x1e/0x30 [ 113.256872] task_work_run+0x1a4/0x2d0 [ 113.257126] ? __pfx_task_work_run+0x10/0x10 [ 113.257414] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.257727] ? switch_task_namespaces+0xa9/0xe0 [ 113.258031] do_exit+0xb17/0x2ef0 [ 113.258252] ? lock_acquire+0x427/0x4c0 [ 113.258523] ? __pfx_lock_release+0x10/0x10 [ 113.258804] ? __kasan_check_write+0x18/0x20 [ 113.259087] ? do_raw_spin_lock+0x132/0x2a0 [ 113.259381] ? __pfx_do_exit+0x10/0x10 [ 113.259635] ? debug_smp_processor_id+0x20/0x30 [ 113.259931] ? rcu_is_watching+0x19/0xb0 [ 113.260190] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.260481] ? trace_hardirqs_on+0x26/0x120 [ 113.260759] do_group_exit+0xe0/0x2b0 [ 113.261001] __x64_sys_exit_group+0x47/0x50 [ 113.261275] do_syscall_64+0x3b/0x90 [ 113.261517] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.261844] RIP: 0033:0x7f4b87518a4d [ 113.262074] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.262453] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.262933] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.263378] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.263815] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.264254] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.264692] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.265131] [ 113.265274] irq event stamp: 0 [ 113.265469] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.265854] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.266364] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.266882] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.267281] ---[ end trace 0000000000000000 ]--- [ 113.270393] ------------[ cut here ]------------ [ 113.270876] WARNING: CPU: 1 PID: 1019 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.271524] Modules linked in: [ 113.271723] CPU: 1 PID: 1019 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.272258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.272945] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.273250] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.274421] RSP: 0018:ffff888016ef7bb8 EFLAGS: 00010246 [ 113.274765] RAX: 0000000000000000 RBX: ffff888012df40a8 RCX: 0000000000000000 [ 113.275229] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 113.275707] RBP: ffff888016ef7bd0 R08: ffffed10025be833 R09: ffffed10025be833 [ 113.276144] R10: ffff888012df4193 R11: ffffed10025be832 R12: ffff8880172e8800 [ 113.276629] R13: ffff888012df41e8 R14: ffffffff8352e670 R15: ffff888016ef7e68 [ 113.277064] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.277603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.277959] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 113.278407] PKRU: 55555554 [ 113.278631] Call Trace: [ 113.278792] [ 113.278932] __iommufd_access_detach+0x1c2/0x2b0 [ 113.279245] iommufd_access_change_pt+0x149/0x270 [ 113.279577] iommufd_access_replace+0xb4/0x120 [ 113.279893] iommufd_test+0x3e5/0x37e0 [ 113.280135] ? lock_release+0x532/0x770 [ 113.280391] ? __might_fault+0x102/0x1b0 [ 113.280681] ? lock_acquire+0x427/0x4c0 [ 113.280947] ? __pfx_iommufd_test+0x10/0x10 [ 113.281212] ? __pfx_lock_release+0x10/0x10 [ 113.281485] ? __pfx_lock_acquire+0x10/0x10 [ 113.281804] ? write_comp_data+0x2f/0x90 [ 113.282064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.282370] ? write_comp_data+0x2f/0x90 [ 113.282655] iommufd_fops_ioctl+0x37d/0x510 [ 113.282957] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.283272] ? write_comp_data+0x2f/0x90 [ 113.283532] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.283859] __x64_sys_ioctl+0x1a3/0x230 [ 113.284132] do_syscall_64+0x3b/0x90 [ 113.284369] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.284702] RIP: 0033:0x7f4b8743ee5d [ 113.284964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.286119] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.286600] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.287057] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.287513] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.287954] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.288416] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.288853] [ 113.289004] irq event stamp: 0 [ 113.289221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.289607] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.290115] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.290649] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.291023] ---[ end trace 0000000000000000 ]--- [ 113.293345] ------------[ cut here ]------------ [ 113.293662] WARNING: CPU: 1 PID: 1019 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.294266] Modules linked in: [ 113.294467] CPU: 1 PID: 1019 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.295033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.295748] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.296046] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.297166] RSP: 0018:ffff888016ef7bd0 EFLAGS: 00010246 [ 113.297483] RAX: 0000000000000000 RBX: ffff888012df40a8 RCX: 0000000000000000 [ 113.297946] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 113.298370] RBP: ffff888016ef7be8 R08: ffffed10025be833 R09: ffffed10025be833 [ 113.298841] R10: ffff888012df4193 R11: ffffed10025be832 R12: ffff88801892f000 [ 113.299281] R13: ffff888012df41e8 R14: ffff88800fd8ce00 R15: 0000000000000000 [ 113.299716] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.300223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.300572] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.301038] PKRU: 55555554 [ 113.301207] Call Trace: [ 113.301363] [ 113.301500] iommufd_access_destroy_object+0x65/0x170 [ 113.301820] iommufd_object_destroy_user+0x18e/0x220 [ 113.302160] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.302525] iommufd_access_destroy+0x43/0x70 [ 113.302803] iommufd_test_staccess_release+0x8d/0xd0 [ 113.303163] __fput+0x26d/0xa40 [ 113.303374] ____fput+0x1e/0x30 [ 113.303580] task_work_run+0x1a4/0x2d0 [ 113.303820] ? __pfx_task_work_run+0x10/0x10 [ 113.304103] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.304425] ? switch_task_namespaces+0xa9/0xe0 [ 113.304713] do_exit+0xb17/0x2ef0 [ 113.304923] ? lock_acquire+0x427/0x4c0 [ 113.305188] ? __pfx_lock_release+0x10/0x10 [ 113.305476] ? __kasan_check_write+0x18/0x20 [ 113.305744] ? do_raw_spin_lock+0x132/0x2a0 [ 113.306005] ? __pfx_do_exit+0x10/0x10 [ 113.306276] ? debug_smp_processor_id+0x20/0x30 [ 113.306585] ? rcu_is_watching+0x19/0xb0 [ 113.306831] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.307118] ? trace_hardirqs_on+0x26/0x120 [ 113.307417] do_group_exit+0xe0/0x2b0 [ 113.307648] __x64_sys_exit_group+0x47/0x50 [ 113.307908] do_syscall_64+0x3b/0x90 [ 113.308140] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.308493] RIP: 0033:0x7f4b87518a4d [ 113.308717] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.309085] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.309572] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.309997] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.310432] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.310896] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.311330] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.311798] [ 113.311939] irq event stamp: 0 [ 113.312129] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.312517] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.313045] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.313555] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.313955] ---[ end trace 0000000000000000 ]--- [ 113.314481] ------------[ cut here ]------------ [ 113.314789] WARNING: CPU: 1 PID: 1019 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.315445] Modules linked in: [ 113.315644] CPU: 1 PID: 1019 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.316199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.316874] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.317212] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.318332] RSP: 0018:ffff888016ef7b78 EFLAGS: 00010246 [ 113.318661] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.319125] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 113.319557] RBP: ffff888016ef7b98 R08: ffffed10025be83e R09: ffffed10025be83e [ 113.319988] R10: ffff888012df41ef R11: ffffed10025be83d R12: ffff888012df4290 [ 113.320446] R13: ffff888012df40a8 R14: ffffffffffffffff R15: ffff888016ef7c60 [ 113.320869] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.321391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.321736] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.322168] PKRU: 55555554 [ 113.322370] Call Trace: [ 113.322535] [ 113.322672] iommufd_ioas_destroy+0x53/0x70 [ 113.322933] iommufd_fops_release+0x1f7/0x370 [ 113.323227] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.323565] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.323862] ? write_comp_data+0x2f/0x90 [ 113.324112] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.324447] __fput+0x26d/0xa40 [ 113.324669] ____fput+0x1e/0x30 [ 113.324875] task_work_run+0x1a4/0x2d0 [ 113.325115] ? __pfx_task_work_run+0x10/0x10 [ 113.325394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.325725] ? switch_task_namespaces+0xa9/0xe0 [ 113.326013] do_exit+0xb17/0x2ef0 [ 113.326221] ? lock_acquire+0x427/0x4c0 [ 113.326483] ? __pfx_lock_release+0x10/0x10 [ 113.326791] ? __kasan_check_write+0x18/0x20 [ 113.327059] ? do_raw_spin_lock+0x132/0x2a0 [ 113.327331] ? __pfx_do_exit+0x10/0x10 [ 113.327595] ? debug_smp_processor_id+0x20/0x30 [ 113.327894] ? rcu_is_watching+0x19/0xb0 [ 113.328138] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.328423] ? trace_hardirqs_on+0x26/0x120 [ 113.328707] do_group_exit+0xe0/0x2b0 [ 113.328949] __x64_sys_exit_group+0x47/0x50 [ 113.329207] do_syscall_64+0x3b/0x90 [ 113.329439] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.329783] RIP: 0033:0x7f4b87518a4d [ 113.330017] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.330381] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.330878] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.331317] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.331748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.332200] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.332621] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.333092] [ 113.333234] irq event stamp: 0 [ 113.333423] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.333804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.334333] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.334852] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.335271] ---[ end trace 0000000000000000 ]--- [ 113.339240] ------------[ cut here ]------------ [ 113.339567] WARNING: CPU: 1 PID: 1020 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.340174] Modules linked in: [ 113.340380] CPU: 1 PID: 1020 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.340927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.341631] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.341930] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.343055] RSP: 0018:ffff88801440fbb8 EFLAGS: 00010246 [ 113.343382] RAX: 0000000000000000 RBX: ffff888013ef70a8 RCX: 0000000000000000 [ 113.343828] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 113.344249] RBP: ffff88801440fbd0 R08: ffffed10027dee33 R09: ffffed10027dee33 [ 113.344690] R10: ffff888013ef7193 R11: ffffed10027dee32 R12: ffff888010554c00 [ 113.345123] R13: ffff888013ef71e8 R14: ffffffff8352e670 R15: ffff88801440fe68 [ 113.345546] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.346043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.346388] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ee0 [ 113.346846] PKRU: 55555554 [ 113.347025] Call Trace: [ 113.347180] [ 113.347322] __iommufd_access_detach+0x1c2/0x2b0 [ 113.347621] iommufd_access_change_pt+0x149/0x270 [ 113.347945] iommufd_access_replace+0xb4/0x120 [ 113.348239] iommufd_test+0x3e5/0x37e0 [ 113.348479] ? lock_release+0x532/0x770 [ 113.348738] ? __might_fault+0x102/0x1b0 [ 113.349008] ? lock_acquire+0x427/0x4c0 [ 113.349267] ? __pfx_iommufd_test+0x10/0x10 [ 113.349528] ? __pfx_lock_release+0x10/0x10 [ 113.349805] ? __pfx_lock_acquire+0x10/0x10 [ 113.350098] ? write_comp_data+0x2f/0x90 [ 113.350360] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.350669] ? write_comp_data+0x2f/0x90 [ 113.350935] iommufd_fops_ioctl+0x37d/0x510 [ 113.351246] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.351546] ? write_comp_data+0x2f/0x90 [ 113.351800] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.352108] __x64_sys_ioctl+0x1a3/0x230 [ 113.352384] do_syscall_64+0x3b/0x90 [ 113.352618] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.352934] RIP: 0033:0x7f4b8743ee5d [ 113.353174] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.354308] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.354784] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.355226] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.355679] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.356108] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.356570] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.356997] [ 113.357142] irq event stamp: 0 [ 113.357337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.357741] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.358238] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.358779] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.359156] ---[ end trace 0000000000000000 ]--- [ 113.361434] ------------[ cut here ]------------ [ 113.361732] WARNING: CPU: 1 PID: 1020 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.362347] Modules linked in: [ 113.362561] CPU: 1 PID: 1020 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.363106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.363790] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.364115] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.365223] RSP: 0018:ffff88801440fbd0 EFLAGS: 00010246 [ 113.365539] RAX: 0000000000000000 RBX: ffff888013ef70a8 RCX: 0000000000000000 [ 113.365967] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 113.366420] RBP: ffff88801440fbe8 R08: ffffed10027dee33 R09: ffffed10027dee33 [ 113.366873] R10: ffff888013ef7193 R11: ffffed10027dee32 R12: ffff8880172eac00 [ 113.367340] R13: ffff888013ef71e8 R14: ffff88800b8e3600 R15: 0000000000000000 [ 113.367803] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.368277] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.368640] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.369060] PKRU: 55555554 [ 113.369228] Call Trace: [ 113.369380] [ 113.369515] iommufd_access_destroy_object+0x65/0x170 [ 113.369839] iommufd_object_destroy_user+0x18e/0x220 [ 113.370143] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.370491] iommufd_access_destroy+0x43/0x70 [ 113.370800] iommufd_test_staccess_release+0x8d/0xd0 [ 113.371112] __fput+0x26d/0xa40 [ 113.371319] ____fput+0x1e/0x30 [ 113.371522] task_work_run+0x1a4/0x2d0 [ 113.371774] ? __pfx_task_work_run+0x10/0x10 [ 113.372041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.372337] ? switch_task_namespaces+0xa9/0xe0 [ 113.372620] do_exit+0xb17/0x2ef0 [ 113.372858] ? lock_acquire+0x427/0x4c0 [ 113.373105] ? __pfx_lock_release+0x10/0x10 [ 113.373367] ? __kasan_check_write+0x18/0x20 [ 113.373630] ? do_raw_spin_lock+0x132/0x2a0 [ 113.373905] ? __pfx_do_exit+0x10/0x10 [ 113.374143] ? debug_smp_processor_id+0x20/0x30 [ 113.374420] ? rcu_is_watching+0x19/0xb0 [ 113.374673] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.374956] ? trace_hardirqs_on+0x26/0x120 [ 113.375221] do_group_exit+0xe0/0x2b0 [ 113.375451] __x64_sys_exit_group+0x47/0x50 [ 113.375711] do_syscall_64+0x3b/0x90 [ 113.375941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.376264] RIP: 0033:0x7f4b87518a4d [ 113.376486] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.376851] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.377308] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.377732] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.378164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.378594] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.379015] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.379452] [ 113.379591] irq event stamp: 0 [ 113.379779] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.380147] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.380643] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.381133] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.381510] ---[ end trace 0000000000000000 ]--- [ 113.382025] ------------[ cut here ]------------ [ 113.382298] WARNING: CPU: 1 PID: 1020 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.382913] Modules linked in: [ 113.383104] CPU: 1 PID: 1020 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.383628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.384281] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.384591] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.385666] RSP: 0018:ffff88801440fb78 EFLAGS: 00010246 [ 113.385976] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.386390] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 113.386822] RBP: ffff88801440fb98 R08: ffffed10027dee3e R09: ffffed10027dee3e [ 113.387245] R10: ffff888013ef71ef R11: ffffed10027dee3d R12: ffff888013ef7290 [ 113.387661] R13: ffff888013ef70a8 R14: ffffffffffffffff R15: ffff88801440fc60 [ 113.388083] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.388552] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.388900] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 113.389317] PKRU: 55555554 [ 113.389483] Call Trace: [ 113.389634] [ 113.389768] iommufd_ioas_destroy+0x53/0x70 [ 113.390039] iommufd_fops_release+0x1f7/0x370 [ 113.390315] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.390624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.390919] ? write_comp_data+0x2f/0x90 [ 113.391188] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.391485] __fput+0x26d/0xa40 [ 113.391690] ____fput+0x1e/0x30 [ 113.391892] task_work_run+0x1a4/0x2d0 [ 113.392136] ? __pfx_task_work_run+0x10/0x10 [ 113.392423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.392714] ? switch_task_namespaces+0xa9/0xe0 [ 113.392997] do_exit+0xb17/0x2ef0 [ 113.393211] ? lock_acquire+0x427/0x4c0 [ 113.393475] ? __pfx_lock_release+0x10/0x10 [ 113.393735] ? __kasan_check_write+0x18/0x20 [ 113.393998] ? do_raw_spin_lock+0x132/0x2a0 [ 113.394263] ? __pfx_do_exit+0x10/0x10 [ 113.394531] ? debug_smp_processor_id+0x20/0x30 [ 113.394808] ? rcu_is_watching+0x19/0xb0 [ 113.395049] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.395339] ? trace_hardirqs_on+0x26/0x120 [ 113.395620] do_group_exit+0xe0/0x2b0 [ 113.395847] __x64_sys_exit_group+0x47/0x50 [ 113.396100] do_syscall_64+0x3b/0x90 [ 113.396336] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.396669] RIP: 0033:0x7f4b87518a4d [ 113.396887] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.397250] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.397720] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.398135] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.398582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.399009] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.399428] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.399877] [ 113.400015] irq event stamp: 0 [ 113.400201] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.400576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.401085] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.401577] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.401972] ---[ end trace 0000000000000000 ]--- [ 113.405351] ------------[ cut here ]------------ [ 113.405645] WARNING: CPU: 1 PID: 1021 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.406261] Modules linked in: [ 113.406449] CPU: 1 PID: 1021 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.407023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.407716] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.408014] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.409097] RSP: 0018:ffff888013fafbb8 EFLAGS: 00010246 [ 113.409426] RAX: 0000000000000000 RBX: ffff8880163d50a8 RCX: 0000000000000000 [ 113.409839] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 113.410258] RBP: ffff888013fafbd0 R08: ffffed1002c7aa33 R09: ffffed1002c7aa33 [ 113.410705] R10: ffff8880163d5193 R11: ffffed1002c7aa32 R12: ffff88800f29e400 [ 113.411127] R13: ffff8880163d51e8 R14: ffffffff8352e670 R15: ffff888013fafe68 [ 113.411569] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 113.412034] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.412380] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 113.412814] PKRU: 55555554 [ 113.412979] Call Trace: [ 113.413129] [ 113.413262] __iommufd_access_detach+0x1c2/0x2b0 [ 113.413568] iommufd_access_change_pt+0x149/0x270 [ 113.413870] iommufd_access_replace+0xb4/0x120 [ 113.414146] iommufd_test+0x3e5/0x37e0 [ 113.414375] ? lock_release+0x532/0x770 [ 113.414645] ? __might_fault+0x102/0x1b0 [ 113.414901] ? lock_acquire+0x427/0x4c0 [ 113.415147] ? __pfx_iommufd_test+0x10/0x10 [ 113.415400] ? __pfx_lock_release+0x10/0x10 [ 113.415676] ? __pfx_lock_acquire+0x10/0x10 [ 113.415948] ? write_comp_data+0x2f/0x90 [ 113.416193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.416482] ? write_comp_data+0x2f/0x90 [ 113.416747] iommufd_fops_ioctl+0x37d/0x510 [ 113.417015] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.417308] ? write_comp_data+0x2f/0x90 [ 113.417555] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.417857] __x64_sys_ioctl+0x1a3/0x230 [ 113.418115] do_syscall_64+0x3b/0x90 [ 113.418341] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.418665] RIP: 0033:0x7f4b8743ee5d [ 113.418897] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.419983] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.420434] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.420855] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.421290] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.421703] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.422132] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.422575] [ 113.422713] irq event stamp: 0 [ 113.422898] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.423298] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.423782] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.424282] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.424660] ---[ end trace 0000000000000000 ]--- [ 113.427188] ------------[ cut here ]------------ [ 113.427489] WARNING: CPU: 0 PID: 1021 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.428079] Modules linked in: [ 113.428267] CPU: 0 PID: 1021 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.428775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.429429] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.429718] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.430784] RSP: 0018:ffff888013fafbd0 EFLAGS: 00010246 [ 113.431095] RAX: 0000000000000000 RBX: ffff8880163d50a8 RCX: 0000000000000000 [ 113.431514] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 113.431928] RBP: ffff888013fafbe8 R08: ffffed1002c7aa33 R09: ffffed1002c7aa33 [ 113.432342] R10: ffff8880163d5193 R11: ffffed1002c7aa32 R12: ffff888010556400 [ 113.432756] R13: ffff8880163d51e8 R14: ffff888013a64e00 R15: 0000000000000000 [ 113.433169] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.433638] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.433976] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.434393] PKRU: 55555554 [ 113.434571] Call Trace: [ 113.434722] [ 113.434856] iommufd_access_destroy_object+0x65/0x170 [ 113.435167] iommufd_object_destroy_user+0x18e/0x220 [ 113.435469] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.435815] iommufd_access_destroy+0x43/0x70 [ 113.436086] iommufd_test_staccess_release+0x8d/0xd0 [ 113.436389] __fput+0x26d/0xa40 [ 113.436594] ____fput+0x1e/0x30 [ 113.436796] task_work_run+0x1a4/0x2d0 [ 113.437060] ? __pfx_task_work_run+0x10/0x10 [ 113.437324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.437614] ? switch_task_namespaces+0xa9/0xe0 [ 113.437897] do_exit+0xb17/0x2ef0 [ 113.438102] ? lock_acquire+0x427/0x4c0 [ 113.438344] ? __pfx_lock_release+0x10/0x10 [ 113.438640] ? __kasan_check_write+0x18/0x20 [ 113.438903] ? do_raw_spin_lock+0x132/0x2a0 [ 113.439163] ? __pfx_do_exit+0x10/0x10 [ 113.439403] ? debug_smp_processor_id+0x20/0x30 [ 113.439685] ? rcu_is_watching+0x19/0xb0 [ 113.439930] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.440206] ? trace_hardirqs_on+0x26/0x120 [ 113.440469] do_group_exit+0xe0/0x2b0 [ 113.440698] __x64_sys_exit_group+0x47/0x50 [ 113.440955] do_syscall_64+0x3b/0x90 [ 113.441184] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.441498] RIP: 0033:0x7f4b87518a4d [ 113.441719] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.442084] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.442539] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.442960] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.443384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.443805] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.444225] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.444652] [ 113.444791] irq event stamp: 0 [ 113.444980] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.445352] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.445845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.446338] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.446719] ---[ end trace 0000000000000000 ]--- [ 113.447270] ------------[ cut here ]------------ [ 113.447547] WARNING: CPU: 0 PID: 1021 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.448148] Modules linked in: [ 113.448337] CPU: 0 PID: 1021 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.448853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.449517] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.449821] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.450908] RSP: 0018:ffff888013fafb78 EFLAGS: 00010246 [ 113.451230] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.451650] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 113.452069] RBP: ffff888013fafb98 R08: ffffed1002c7aa3e R09: ffffed1002c7aa3e [ 113.452492] R10: ffff8880163d51ef R11: ffffed1002c7aa3d R12: ffff8880163d5290 [ 113.452912] R13: ffff8880163d50a8 R14: ffffffffffffffff R15: ffff888013fafc60 [ 113.453333] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.453809] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.454152] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.454580] PKRU: 55555554 [ 113.454749] Call Trace: [ 113.454901] [ 113.455036] iommufd_ioas_destroy+0x53/0x70 [ 113.455299] iommufd_fops_release+0x1f7/0x370 [ 113.455573] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.455873] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.456168] ? write_comp_data+0x2f/0x90 [ 113.456421] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.456721] __fput+0x26d/0xa40 [ 113.456928] ____fput+0x1e/0x30 [ 113.457133] task_work_run+0x1a4/0x2d0 [ 113.457371] ? __pfx_task_work_run+0x10/0x10 [ 113.457640] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.457935] ? switch_task_namespaces+0xa9/0xe0 [ 113.458221] do_exit+0xb17/0x2ef0 [ 113.458430] ? lock_acquire+0x427/0x4c0 [ 113.458684] ? __pfx_lock_release+0x10/0x10 [ 113.458947] ? __kasan_check_write+0x18/0x20 [ 113.459215] ? do_raw_spin_lock+0x132/0x2a0 [ 113.459474] ? __pfx_do_exit+0x10/0x10 [ 113.459713] ? debug_smp_processor_id+0x20/0x30 [ 113.459992] ? rcu_is_watching+0x19/0xb0 [ 113.460238] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.460512] ? trace_hardirqs_on+0x26/0x120 [ 113.460775] do_group_exit+0xe0/0x2b0 [ 113.461005] __x64_sys_exit_group+0x47/0x50 [ 113.461262] do_syscall_64+0x3b/0x90 [ 113.461493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.461806] RIP: 0033:0x7f4b87518a4d [ 113.462026] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.462389] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.462843] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.463273] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.463691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.464111] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.464529] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.464952] [ 113.465091] irq event stamp: 0 [ 113.465277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.465646] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.466135] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.466633] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.467003] ---[ end trace 0000000000000000 ]--- [ 113.470523] ------------[ cut here ]------------ [ 113.470819] WARNING: CPU: 0 PID: 1022 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.471428] Modules linked in: [ 113.471620] CPU: 0 PID: 1022 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.472136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.472802] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.473098] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.474172] RSP: 0018:ffff88801440fbb8 EFLAGS: 00010246 [ 113.474486] RAX: 0000000000000000 RBX: ffff88800babc8a8 RCX: 0000000000000000 [ 113.474960] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 113.475385] RBP: ffff88801440fbd0 R08: ffffed1001757933 R09: ffffed1001757933 [ 113.475805] R10: ffff88800babc993 R11: ffffed1001757932 R12: ffff88800fd3c800 [ 113.476226] R13: ffff88800babc9e8 R14: ffffffff8352e670 R15: ffff88801440fe68 [ 113.476646] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.477120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.477466] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ef0 [ 113.477888] PKRU: 55555554 [ 113.478056] Call Trace: [ 113.478208] [ 113.478343] __iommufd_access_detach+0x1c2/0x2b0 [ 113.478642] iommufd_access_change_pt+0x149/0x270 [ 113.478938] iommufd_access_replace+0xb4/0x120 [ 113.479224] iommufd_test+0x3e5/0x37e0 [ 113.479457] ? lock_release+0x532/0x770 [ 113.479701] ? __might_fault+0x102/0x1b0 [ 113.479949] ? lock_acquire+0x427/0x4c0 [ 113.480196] ? __pfx_iommufd_test+0x10/0x10 [ 113.480452] ? __pfx_lock_release+0x10/0x10 [ 113.480715] ? __pfx_lock_acquire+0x10/0x10 [ 113.480980] ? write_comp_data+0x2f/0x90 [ 113.481230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.481524] ? write_comp_data+0x2f/0x90 [ 113.481776] iommufd_fops_ioctl+0x37d/0x510 [ 113.482036] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.482331] ? write_comp_data+0x2f/0x90 [ 113.482589] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.482880] __x64_sys_ioctl+0x1a3/0x230 [ 113.483140] do_syscall_64+0x3b/0x90 [ 113.483369] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.483682] RIP: 0033:0x7f4b8743ee5d [ 113.483903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.484980] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.485434] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.485853] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.486270] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.486694] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.487115] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.487539] [ 113.487677] irq event stamp: 0 [ 113.487863] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.488232] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.488722] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.489211] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.489579] ---[ end trace 0000000000000000 ]--- [ 113.491734] ------------[ cut here ]------------ [ 113.492015] WARNING: CPU: 0 PID: 1022 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.492608] Modules linked in: [ 113.492797] CPU: 0 PID: 1022 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.493310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.493971] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.494266] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.495365] RSP: 0018:ffff88801440fbd0 EFLAGS: 00010246 [ 113.495678] RAX: 0000000000000000 RBX: ffff88800babc8a8 RCX: 0000000000000000 [ 113.496128] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 113.496545] RBP: ffff88801440fbe8 R08: ffffed1001757933 R09: ffffed1001757933 [ 113.496962] R10: ffff88800babc993 R11: ffffed1001757932 R12: ffff888021bc7400 [ 113.497381] R13: ffff88800babc9e8 R14: ffff888014589800 R15: 0000000000000000 [ 113.497799] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.498272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.498621] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.499041] PKRU: 55555554 [ 113.499211] Call Trace: [ 113.499362] [ 113.499497] iommufd_access_destroy_object+0x65/0x170 [ 113.499803] iommufd_object_destroy_user+0x18e/0x220 [ 113.500107] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.500453] iommufd_access_destroy+0x43/0x70 [ 113.500725] iommufd_test_staccess_release+0x8d/0xd0 [ 113.501043] __fput+0x26d/0xa40 [ 113.501250] ____fput+0x1e/0x30 [ 113.501453] task_work_run+0x1a4/0x2d0 [ 113.501690] ? __pfx_task_work_run+0x10/0x10 [ 113.501955] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.502249] ? switch_task_namespaces+0xa9/0xe0 [ 113.502543] do_exit+0xb17/0x2ef0 [ 113.502750] ? lock_acquire+0x427/0x4c0 [ 113.502992] ? __pfx_lock_release+0x10/0x10 [ 113.503256] ? __kasan_check_write+0x18/0x20 [ 113.503520] ? do_raw_spin_lock+0x132/0x2a0 [ 113.503777] ? __pfx_do_exit+0x10/0x10 [ 113.504016] ? debug_smp_processor_id+0x20/0x30 [ 113.504293] ? rcu_is_watching+0x19/0xb0 [ 113.504536] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.504808] ? trace_hardirqs_on+0x26/0x120 [ 113.505068] do_group_exit+0xe0/0x2b0 [ 113.505295] __x64_sys_exit_group+0x47/0x50 [ 113.505550] do_syscall_64+0x3b/0x90 [ 113.505778] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.506088] RIP: 0033:0x7f4b87518a4d [ 113.506308] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.506680] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.507135] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.507553] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.507970] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.508389] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.508806] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.509231] [ 113.509369] irq event stamp: 0 [ 113.509556] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.509924] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.510413] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.510910] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.511285] ---[ end trace 0000000000000000 ]--- [ 113.511798] ------------[ cut here ]------------ [ 113.512075] WARNING: CPU: 0 PID: 1022 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.512671] Modules linked in: [ 113.512860] CPU: 0 PID: 1022 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.513372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.514030] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.514332] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.515410] RSP: 0018:ffff88801440fb78 EFLAGS: 00010246 [ 113.515722] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.516137] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 113.516555] RBP: ffff88801440fb98 R08: ffffed100175793e R09: ffffed100175793e [ 113.516973] R10: ffff88800babc9ef R11: ffffed100175793d R12: ffff88800babca90 [ 113.517390] R13: ffff88800babc8a8 R14: ffffffffffffffff R15: ffff88801440fc60 [ 113.517804] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.518274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.518626] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.519043] PKRU: 55555554 [ 113.519214] Call Trace: [ 113.519364] [ 113.519498] iommufd_ioas_destroy+0x53/0x70 [ 113.519755] iommufd_fops_release+0x1f7/0x370 [ 113.520026] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.520324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.520617] ? write_comp_data+0x2f/0x90 [ 113.520864] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.521161] __fput+0x26d/0xa40 [ 113.521369] ____fput+0x1e/0x30 [ 113.521572] task_work_run+0x1a4/0x2d0 [ 113.521807] ? __pfx_task_work_run+0x10/0x10 [ 113.522072] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.522364] ? switch_task_namespaces+0xa9/0xe0 [ 113.522656] do_exit+0xb17/0x2ef0 [ 113.522862] ? lock_acquire+0x427/0x4c0 [ 113.523104] ? __pfx_lock_release+0x10/0x10 [ 113.523367] ? __kasan_check_write+0x18/0x20 [ 113.523629] ? do_raw_spin_lock+0x132/0x2a0 [ 113.523885] ? __pfx_do_exit+0x10/0x10 [ 113.524122] ? debug_smp_processor_id+0x20/0x30 [ 113.524398] ? rcu_is_watching+0x19/0xb0 [ 113.524639] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.524909] ? trace_hardirqs_on+0x26/0x120 [ 113.525168] do_group_exit+0xe0/0x2b0 [ 113.525395] __x64_sys_exit_group+0x47/0x50 [ 113.525648] do_syscall_64+0x3b/0x90 [ 113.525874] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.526183] RIP: 0033:0x7f4b87518a4d [ 113.526401] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.526767] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.527215] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.527631] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.528046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.528464] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.528879] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.529300] [ 113.529437] irq event stamp: 0 [ 113.529623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.529990] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.530479] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.530974] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.531346] ---[ end trace 0000000000000000 ]--- [ 113.534344] ------------[ cut here ]------------ [ 113.534661] WARNING: CPU: 0 PID: 1023 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.535266] Modules linked in: [ 113.535457] CPU: 0 PID: 1023 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.535971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.536634] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.536927] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.537996] RSP: 0018:ffff888013b3fbb8 EFLAGS: 00010246 [ 113.538310] RAX: 0000000000000000 RBX: ffff888015a478a8 RCX: 0000000000000000 [ 113.538765] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 113.539187] RBP: ffff888013b3fbd0 R08: ffffed1002b48f33 R09: ffffed1002b48f33 [ 113.539606] R10: ffff888015a47993 R11: ffffed1002b48f32 R12: ffff888016631800 [ 113.540025] R13: ffff888015a479e8 R14: ffffffff8352e670 R15: ffff888013b3fe68 [ 113.540443] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.540916] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.541254] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 113.541674] PKRU: 55555554 [ 113.541840] Call Trace: [ 113.541990] [ 113.542124] __iommufd_access_detach+0x1c2/0x2b0 [ 113.542412] iommufd_access_change_pt+0x149/0x270 [ 113.542713] iommufd_access_replace+0xb4/0x120 [ 113.542993] iommufd_test+0x3e5/0x37e0 [ 113.543231] ? lock_release+0x532/0x770 [ 113.543473] ? __might_fault+0x102/0x1b0 [ 113.543718] ? lock_acquire+0x427/0x4c0 [ 113.543959] ? __pfx_iommufd_test+0x10/0x10 [ 113.544212] ? __pfx_lock_release+0x10/0x10 [ 113.544472] ? __pfx_lock_acquire+0x10/0x10 [ 113.544733] ? write_comp_data+0x2f/0x90 [ 113.544979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.545269] ? write_comp_data+0x2f/0x90 [ 113.545516] iommufd_fops_ioctl+0x37d/0x510 [ 113.545772] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.546062] ? write_comp_data+0x2f/0x90 [ 113.546309] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.546602] __x64_sys_ioctl+0x1a3/0x230 [ 113.546848] do_syscall_64+0x3b/0x90 [ 113.547073] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.547392] RIP: 0033:0x7f4b8743ee5d [ 113.547610] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.548669] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.549109] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.549523] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.549935] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.550346] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.550767] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.551191] [ 113.551327] irq event stamp: 0 [ 113.551512] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.551878] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.552362] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.552846] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.553214] ---[ end trace 0000000000000000 ]--- [ 113.555350] ------------[ cut here ]------------ [ 113.555629] WARNING: CPU: 0 PID: 1023 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.556216] Modules linked in: [ 113.556404] CPU: 0 PID: 1023 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.556913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.557565] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.557855] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.559045] RSP: 0018:ffff888013b3fbd0 EFLAGS: 00010246 [ 113.559359] RAX: 0000000000000000 RBX: ffff888015a478a8 RCX: 0000000000000000 [ 113.559773] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 113.560187] RBP: ffff888013b3fbe8 R08: ffffed1002b48f33 R09: ffffed1002b48f33 [ 113.560601] R10: ffff888015a47993 R11: ffffed1002b48f32 R12: ffff88800fd3ec00 [ 113.561015] R13: ffff888015a479e8 R14: ffff888021841300 R15: 0000000000000000 [ 113.561429] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.561896] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.562234] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.562656] PKRU: 55555554 [ 113.562823] Call Trace: [ 113.562973] [ 113.563108] iommufd_access_destroy_object+0x65/0x170 [ 113.563415] iommufd_object_destroy_user+0x18e/0x220 [ 113.563716] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.564061] iommufd_access_destroy+0x43/0x70 [ 113.564332] iommufd_test_staccess_release+0x8d/0xd0 [ 113.564639] __fput+0x26d/0xa40 [ 113.564844] ____fput+0x1e/0x30 [ 113.565075] task_work_run+0x1a4/0x2d0 [ 113.565311] ? __pfx_task_work_run+0x10/0x10 [ 113.565573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.565863] ? switch_task_namespaces+0xa9/0xe0 [ 113.566145] do_exit+0xb17/0x2ef0 [ 113.566350] ? lock_acquire+0x427/0x4c0 [ 113.566601] ? __pfx_lock_release+0x10/0x10 [ 113.566861] ? __kasan_check_write+0x18/0x20 [ 113.567128] ? do_raw_spin_lock+0x132/0x2a0 [ 113.567382] ? __pfx_do_exit+0x10/0x10 [ 113.567618] ? debug_smp_processor_id+0x20/0x30 [ 113.567893] ? rcu_is_watching+0x19/0xb0 [ 113.568133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.568405] ? trace_hardirqs_on+0x26/0x120 [ 113.568664] do_group_exit+0xe0/0x2b0 [ 113.568889] __x64_sys_exit_group+0x47/0x50 [ 113.569142] do_syscall_64+0x3b/0x90 [ 113.569367] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.569675] RIP: 0033:0x7f4b87518a4d [ 113.569892] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.570250] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.570702] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.571118] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.571533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.571946] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.572360] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.572779] [ 113.572915] irq event stamp: 0 [ 113.573100] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.573467] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.573951] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.574436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.574808] ---[ end trace 0000000000000000 ]--- [ 113.575325] ------------[ cut here ]------------ [ 113.575598] WARNING: CPU: 0 PID: 1023 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.576187] Modules linked in: [ 113.576376] CPU: 0 PID: 1023 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.576884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.577535] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.577833] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.578902] RSP: 0018:ffff888013b3fb78 EFLAGS: 00010246 [ 113.579219] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.579632] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 113.580046] RBP: ffff888013b3fb98 R08: ffffed1002b48f3e R09: ffffed1002b48f3e [ 113.580459] R10: ffff888015a479ef R11: ffffed1002b48f3d R12: ffff888015a47a90 [ 113.580874] R13: ffff888015a478a8 R14: ffffffffffffffff R15: ffff888013b3fc60 [ 113.581288] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.581753] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.582089] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.582502] PKRU: 55555554 [ 113.582678] Call Trace: [ 113.582828] [ 113.582962] iommufd_ioas_destroy+0x53/0x70 [ 113.583220] iommufd_fops_release+0x1f7/0x370 [ 113.583490] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.583784] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.584073] ? write_comp_data+0x2f/0x90 [ 113.584321] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.584616] __fput+0x26d/0xa40 [ 113.584827] ____fput+0x1e/0x30 [ 113.585031] task_work_run+0x1a4/0x2d0 [ 113.585265] ? __pfx_task_work_run+0x10/0x10 [ 113.585527] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.585816] ? switch_task_namespaces+0xa9/0xe0 [ 113.586097] do_exit+0xb17/0x2ef0 [ 113.586300] ? lock_acquire+0x427/0x4c0 [ 113.586549] ? __pfx_lock_release+0x10/0x10 [ 113.586808] ? __kasan_check_write+0x18/0x20 [ 113.587069] ? do_raw_spin_lock+0x132/0x2a0 [ 113.587327] ? __pfx_do_exit+0x10/0x10 [ 113.587561] ? debug_smp_processor_id+0x20/0x30 [ 113.587834] ? rcu_is_watching+0x19/0xb0 [ 113.588072] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.588343] ? trace_hardirqs_on+0x26/0x120 [ 113.588599] do_group_exit+0xe0/0x2b0 [ 113.588824] __x64_sys_exit_group+0x47/0x50 [ 113.589075] do_syscall_64+0x3b/0x90 [ 113.589300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.589610] RIP: 0033:0x7f4b87518a4d [ 113.589826] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.590182] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.590629] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.591041] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.591456] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.591867] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.592278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.592695] [ 113.592831] irq event stamp: 0 [ 113.593015] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.593379] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.593864] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.594347] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.594719] ---[ end trace 0000000000000000 ]--- [ 113.598244] ------------[ cut here ]------------ [ 113.598560] WARNING: CPU: 0 PID: 1024 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.599159] Modules linked in: [ 113.599348] CPU: 0 PID: 1024 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.599859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.600516] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.600807] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.601865] RSP: 0018:ffff88801607fbb8 EFLAGS: 00010246 [ 113.602175] RAX: 0000000000000000 RBX: ffff888014b520a8 RCX: 0000000000000000 [ 113.602656] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 113.603071] RBP: ffff88801607fbd0 R08: ffffed100296a433 R09: ffffed100296a433 [ 113.603493] R10: ffff888014b52193 R11: ffffed100296a432 R12: ffff8880182e2400 [ 113.603909] R13: ffff888014b521e8 R14: ffffffff8352e670 R15: ffff88801607fe68 [ 113.604323] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.604792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.605131] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 113.605549] PKRU: 55555554 [ 113.605714] Call Trace: [ 113.605864] [ 113.605997] __iommufd_access_detach+0x1c2/0x2b0 [ 113.606282] iommufd_access_change_pt+0x149/0x270 [ 113.606580] iommufd_access_replace+0xb4/0x120 [ 113.606857] iommufd_test+0x3e5/0x37e0 [ 113.607086] ? lock_release+0x532/0x770 [ 113.607329] ? __might_fault+0x102/0x1b0 [ 113.607573] ? lock_acquire+0x427/0x4c0 [ 113.607815] ? __pfx_iommufd_test+0x10/0x10 [ 113.608068] ? __pfx_lock_release+0x10/0x10 [ 113.608329] ? __pfx_lock_acquire+0x10/0x10 [ 113.608590] ? write_comp_data+0x2f/0x90 [ 113.608836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.609127] ? write_comp_data+0x2f/0x90 [ 113.609374] iommufd_fops_ioctl+0x37d/0x510 [ 113.609630] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.609921] ? write_comp_data+0x2f/0x90 [ 113.610168] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.610456] __x64_sys_ioctl+0x1a3/0x230 [ 113.610710] do_syscall_64+0x3b/0x90 [ 113.610936] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.611255] RIP: 0033:0x7f4b8743ee5d [ 113.611472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.612523] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.612960] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.613371] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.613782] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.614192] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.614610] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.615028] [ 113.615168] irq event stamp: 0 [ 113.615352] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.615716] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.616198] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.616679] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.617041] ---[ end trace 0000000000000000 ]--- [ 113.619182] ------------[ cut here ]------------ [ 113.619458] WARNING: CPU: 0 PID: 1024 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.620040] Modules linked in: [ 113.620226] CPU: 0 PID: 1024 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.620728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.621373] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.621660] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.622722] RSP: 0018:ffff88801607fbd0 EFLAGS: 00010246 [ 113.623028] RAX: 0000000000000000 RBX: ffff888014b520a8 RCX: 0000000000000000 [ 113.623443] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 113.623853] RBP: ffff88801607fbe8 R08: ffffed100296a433 R09: ffffed100296a433 [ 113.624262] R10: ffff888014b52193 R11: ffffed100296a432 R12: ffff888016631000 [ 113.624673] R13: ffff888014b521e8 R14: ffff888014aa0200 R15: 0000000000000000 [ 113.625082] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.625545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.625879] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.626290] PKRU: 55555554 [ 113.626454] Call Trace: [ 113.626616] [ 113.626748] iommufd_access_destroy_object+0x65/0x170 [ 113.627050] iommufd_object_destroy_user+0x18e/0x220 [ 113.627355] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.627697] iommufd_access_destroy+0x43/0x70 [ 113.627966] iommufd_test_staccess_release+0x8d/0xd0 [ 113.628269] __fput+0x26d/0xa40 [ 113.628475] ____fput+0x1e/0x30 [ 113.628675] task_work_run+0x1a4/0x2d0 [ 113.628909] ? __pfx_task_work_run+0x10/0x10 [ 113.629202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.629490] ? switch_task_namespaces+0xa9/0xe0 [ 113.629769] do_exit+0xb17/0x2ef0 [ 113.629974] ? lock_acquire+0x427/0x4c0 [ 113.630215] ? __pfx_lock_release+0x10/0x10 [ 113.630472] ? __kasan_check_write+0x18/0x20 [ 113.630739] ? do_raw_spin_lock+0x132/0x2a0 [ 113.630993] ? __pfx_do_exit+0x10/0x10 [ 113.631233] ? debug_smp_processor_id+0x20/0x30 [ 113.631509] ? rcu_is_watching+0x19/0xb0 [ 113.631747] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.632016] ? trace_hardirqs_on+0x26/0x120 [ 113.632275] do_group_exit+0xe0/0x2b0 [ 113.632500] __x64_sys_exit_group+0x47/0x50 [ 113.632751] do_syscall_64+0x3b/0x90 [ 113.632975] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.633284] RIP: 0033:0x7f4b87518a4d [ 113.633500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.633856] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.634293] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.634714] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.635127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.635538] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.635948] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.636365] [ 113.636501] irq event stamp: 0 [ 113.636685] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.637049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.637529] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.638011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.638376] ---[ end trace 0000000000000000 ]--- [ 113.638886] ------------[ cut here ]------------ [ 113.639159] WARNING: CPU: 0 PID: 1024 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.639747] Modules linked in: [ 113.639933] CPU: 0 PID: 1024 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.640440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.641088] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.641386] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.642434] RSP: 0018:ffff88801607fb78 EFLAGS: 00010246 [ 113.642748] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.643165] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 113.643575] RBP: ffff88801607fb98 R08: ffffed100296a43e R09: ffffed100296a43e [ 113.643984] R10: ffff888014b521ef R11: ffffed100296a43d R12: ffff888014b52290 [ 113.644395] R13: ffff888014b520a8 R14: ffffffffffffffff R15: ffff88801607fc60 [ 113.644806] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.645267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.645600] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.646009] PKRU: 55555554 [ 113.646172] Call Trace: [ 113.646321] [ 113.646453] iommufd_ioas_destroy+0x53/0x70 [ 113.646712] iommufd_fops_release+0x1f7/0x370 [ 113.646979] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.647274] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.647563] ? write_comp_data+0x2f/0x90 [ 113.647806] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.648099] __fput+0x26d/0xa40 [ 113.648301] ____fput+0x1e/0x30 [ 113.648501] task_work_run+0x1a4/0x2d0 [ 113.648733] ? __pfx_task_work_run+0x10/0x10 [ 113.648993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.649282] ? switch_task_namespaces+0xa9/0xe0 [ 113.649561] do_exit+0xb17/0x2ef0 [ 113.649764] ? lock_acquire+0x427/0x4c0 [ 113.650002] ? __pfx_lock_release+0x10/0x10 [ 113.650261] ? __kasan_check_write+0x18/0x20 [ 113.650527] ? do_raw_spin_lock+0x132/0x2a0 [ 113.650779] ? __pfx_do_exit+0x10/0x10 [ 113.651013] ? debug_smp_processor_id+0x20/0x30 [ 113.651288] ? rcu_is_watching+0x19/0xb0 [ 113.651525] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.651792] ? trace_hardirqs_on+0x26/0x120 [ 113.652048] do_group_exit+0xe0/0x2b0 [ 113.652271] __x64_sys_exit_group+0x47/0x50 [ 113.652522] do_syscall_64+0x3b/0x90 [ 113.652745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.653051] RIP: 0033:0x7f4b87518a4d [ 113.653265] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.653620] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.654055] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.654464] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.654884] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.655296] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.655705] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.656119] [ 113.656255] irq event stamp: 0 [ 113.656438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.656799] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.657280] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.657759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.658119] ---[ end trace 0000000000000000 ]--- [ 113.660894] ------------[ cut here ]------------ [ 113.661205] WARNING: CPU: 0 PID: 1025 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.661791] Modules linked in: [ 113.661977] CPU: 0 PID: 1025 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.662483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.663245] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.663533] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.664577] RSP: 0018:ffff888018287bb8 EFLAGS: 00010246 [ 113.664882] RAX: 0000000000000000 RBX: ffff8880245710a8 RCX: 0000000000000000 [ 113.665290] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 113.665697] RBP: ffff888018287bd0 R08: ffffed10048ae233 R09: ffffed10048ae233 [ 113.666105] R10: ffff888024571193 R11: ffffed10048ae232 R12: ffff888020ecc800 [ 113.666524] R13: ffff8880245711e8 R14: ffffffff8352e670 R15: ffff888018287e68 [ 113.666934] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.667399] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.667732] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 113.668141] PKRU: 55555554 [ 113.668304] Call Trace: [ 113.668453] [ 113.668584] __iommufd_access_detach+0x1c2/0x2b0 [ 113.668867] iommufd_access_change_pt+0x149/0x270 [ 113.669154] iommufd_access_replace+0xb4/0x120 [ 113.669428] iommufd_test+0x3e5/0x37e0 [ 113.669654] ? lock_release+0x532/0x770 [ 113.669893] ? __might_fault+0x102/0x1b0 [ 113.670133] ? lock_acquire+0x427/0x4c0 [ 113.670371] ? __pfx_iommufd_test+0x10/0x10 [ 113.670627] ? __pfx_lock_release+0x10/0x10 [ 113.670884] ? __pfx_lock_acquire+0x10/0x10 [ 113.671145] ? write_comp_data+0x2f/0x90 [ 113.671389] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.671676] ? write_comp_data+0x2f/0x90 [ 113.671921] iommufd_fops_ioctl+0x37d/0x510 [ 113.672174] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.672461] ? write_comp_data+0x2f/0x90 [ 113.672704] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.672987] __x64_sys_ioctl+0x1a3/0x230 [ 113.673232] do_syscall_64+0x3b/0x90 [ 113.673455] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.673759] RIP: 0033:0x7f4b8743ee5d [ 113.673975] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.675026] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.675470] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.675878] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.676285] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.676693] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.677100] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.677514] [ 113.677649] irq event stamp: 0 [ 113.677831] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.678192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.678677] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.679162] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.679522] ---[ end trace 0000000000000000 ]--- [ 113.681621] ------------[ cut here ]------------ [ 113.681893] WARNING: CPU: 0 PID: 1025 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.682472] Modules linked in: [ 113.682668] CPU: 0 PID: 1025 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.683175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.683821] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.684108] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.685150] RSP: 0018:ffff888018287bd0 EFLAGS: 00010246 [ 113.685455] RAX: 0000000000000000 RBX: ffff8880245710a8 RCX: 0000000000000000 [ 113.685872] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 113.686285] RBP: ffff888018287be8 R08: ffffed10048ae233 R09: ffffed10048ae233 [ 113.686709] R10: ffff888024571193 R11: ffffed10048ae232 R12: ffff8880182e0800 [ 113.687122] R13: ffff8880245711e8 R14: ffff888013996b00 R15: 0000000000000000 [ 113.687530] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.687991] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.688325] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.688734] PKRU: 55555554 [ 113.688898] Call Trace: [ 113.689046] [ 113.689178] iommufd_access_destroy_object+0x65/0x170 [ 113.689478] iommufd_object_destroy_user+0x18e/0x220 [ 113.689777] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.690118] iommufd_access_destroy+0x43/0x70 [ 113.690385] iommufd_test_staccess_release+0x8d/0xd0 [ 113.690692] __fput+0x26d/0xa40 [ 113.690895] ____fput+0x1e/0x30 [ 113.691095] task_work_run+0x1a4/0x2d0 [ 113.691330] ? __pfx_task_work_run+0x10/0x10 [ 113.691590] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.691876] ? switch_task_namespaces+0xa9/0xe0 [ 113.692154] do_exit+0xb17/0x2ef0 [ 113.692356] ? lock_acquire+0x427/0x4c0 [ 113.692594] ? __pfx_lock_release+0x10/0x10 [ 113.692850] ? __kasan_check_write+0x18/0x20 [ 113.693123] ? do_raw_spin_lock+0x132/0x2a0 [ 113.693375] ? __pfx_do_exit+0x10/0x10 [ 113.693607] ? debug_smp_processor_id+0x20/0x30 [ 113.693878] ? rcu_is_watching+0x19/0xb0 [ 113.694114] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.694381] ? trace_hardirqs_on+0x26/0x120 [ 113.694642] do_group_exit+0xe0/0x2b0 [ 113.694865] __x64_sys_exit_group+0x47/0x50 [ 113.695117] do_syscall_64+0x3b/0x90 [ 113.695340] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.695644] RIP: 0033:0x7f4b87518a4d [ 113.695858] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.696212] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.696646] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.697054] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.697461] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.697867] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.698274] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.698694] [ 113.698830] irq event stamp: 0 [ 113.699013] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.699376] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.699854] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.700332] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.700693] ---[ end trace 0000000000000000 ]--- [ 113.701194] ------------[ cut here ]------------ [ 113.701461] WARNING: CPU: 0 PID: 1025 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.702043] Modules linked in: [ 113.702227] CPU: 0 PID: 1025 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.702735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.703382] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.703677] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.704715] RSP: 0018:ffff888018287b78 EFLAGS: 00010246 [ 113.705019] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.705424] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 113.705832] RBP: ffff888018287b98 R08: ffffed10048ae23e R09: ffffed10048ae23e [ 113.706242] R10: ffff8880245711ef R11: ffffed10048ae23d R12: ffff888024571290 [ 113.706657] R13: ffff8880245710a8 R14: ffffffffffffffff R15: ffff888018287c60 [ 113.707065] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.707535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.707868] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.708277] PKRU: 55555554 [ 113.708440] Call Trace: [ 113.708588] [ 113.708720] iommufd_ioas_destroy+0x53/0x70 [ 113.708972] iommufd_fops_release+0x1f7/0x370 [ 113.709238] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.709530] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.709817] ? write_comp_data+0x2f/0x90 [ 113.710060] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.710351] __fput+0x26d/0xa40 [ 113.710563] ____fput+0x1e/0x30 [ 113.710762] task_work_run+0x1a4/0x2d0 [ 113.710995] ? __pfx_task_work_run+0x10/0x10 [ 113.711257] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.711544] ? switch_task_namespaces+0xa9/0xe0 [ 113.711822] do_exit+0xb17/0x2ef0 [ 113.712024] ? lock_acquire+0x427/0x4c0 [ 113.712262] ? __pfx_lock_release+0x10/0x10 [ 113.712517] ? __kasan_check_write+0x18/0x20 [ 113.712775] ? do_raw_spin_lock+0x132/0x2a0 [ 113.713027] ? __pfx_do_exit+0x10/0x10 [ 113.713260] ? debug_smp_processor_id+0x20/0x30 [ 113.713534] ? rcu_is_watching+0x19/0xb0 [ 113.713770] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.714037] ? trace_hardirqs_on+0x26/0x120 [ 113.714291] do_group_exit+0xe0/0x2b0 [ 113.714521] __x64_sys_exit_group+0x47/0x50 [ 113.714770] do_syscall_64+0x3b/0x90 [ 113.714993] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.715304] RIP: 0033:0x7f4b87518a4d [ 113.715519] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.715872] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.716307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.716715] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.717122] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.717530] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.717938] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.718351] [ 113.718486] irq event stamp: 0 [ 113.718678] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.719041] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.719523] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.720001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.720362] ---[ end trace 0000000000000000 ]--- [ 113.723564] ------------[ cut here ]------------ [ 113.723855] WARNING: CPU: 0 PID: 1026 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.724442] Modules linked in: [ 113.724627] CPU: 0 PID: 1026 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.725159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.725806] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.726095] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.727298] RSP: 0018:ffff8880173c7bb8 EFLAGS: 00010246 [ 113.727606] RAX: 0000000000000000 RBX: ffff88801877a8a8 RCX: 0000000000000000 [ 113.728015] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 113.728424] RBP: ffff8880173c7bd0 R08: ffffed10030ef533 R09: ffffed10030ef533 [ 113.728833] R10: ffff88801877a993 R11: ffffed10030ef532 R12: ffff88801435f400 [ 113.729241] R13: ffff88801877a9e8 R14: ffffffff8352e670 R15: ffff8880173c7e68 [ 113.729651] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.730112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.730445] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 113.730873] PKRU: 55555554 [ 113.731038] Call Trace: [ 113.731189] [ 113.731321] __iommufd_access_detach+0x1c2/0x2b0 [ 113.731605] iommufd_access_change_pt+0x149/0x270 [ 113.731893] iommufd_access_replace+0xb4/0x120 [ 113.732167] iommufd_test+0x3e5/0x37e0 [ 113.732397] ? lock_release+0x532/0x770 [ 113.732636] ? __might_fault+0x102/0x1b0 [ 113.732877] ? lock_acquire+0x427/0x4c0 [ 113.733116] ? __pfx_iommufd_test+0x10/0x10 [ 113.733366] ? __pfx_lock_release+0x10/0x10 [ 113.733623] ? __pfx_lock_acquire+0x10/0x10 [ 113.733882] ? write_comp_data+0x2f/0x90 [ 113.734125] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.734412] ? write_comp_data+0x2f/0x90 [ 113.734664] iommufd_fops_ioctl+0x37d/0x510 [ 113.734919] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.735211] ? write_comp_data+0x2f/0x90 [ 113.735455] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.735738] __x64_sys_ioctl+0x1a3/0x230 [ 113.735982] do_syscall_64+0x3b/0x90 [ 113.736208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.736514] RIP: 0033:0x7f4b8743ee5d [ 113.736729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.737777] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.738216] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.738633] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.739042] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.739457] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.739866] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.740281] [ 113.740416] irq event stamp: 0 [ 113.740599] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.740959] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.741438] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.741916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.742279] ---[ end trace 0000000000000000 ]--- [ 113.744683] ------------[ cut here ]------------ [ 113.744960] WARNING: CPU: 0 PID: 1026 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.745541] Modules linked in: [ 113.745727] CPU: 0 PID: 1026 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.746232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.746903] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.747194] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.748240] RSP: 0018:ffff8880173c7bd0 EFLAGS: 00010246 [ 113.748545] RAX: 0000000000000000 RBX: ffff88801877a8a8 RCX: 0000000000000000 [ 113.748954] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 113.749363] RBP: ffff8880173c7be8 R08: ffffed10030ef533 R09: ffffed10030ef533 [ 113.749770] R10: ffff88801877a993 R11: ffffed10030ef532 R12: ffff888020ecec00 [ 113.750179] R13: ffff88801877a9e8 R14: ffff888013796800 R15: 0000000000000000 [ 113.750615] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.751076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.751418] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.751827] PKRU: 55555554 [ 113.751990] Call Trace: [ 113.752138] [ 113.752269] iommufd_access_destroy_object+0x65/0x170 [ 113.752568] iommufd_object_destroy_user+0x18e/0x220 [ 113.752865] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.753204] iommufd_access_destroy+0x43/0x70 [ 113.753471] iommufd_test_staccess_release+0x8d/0xd0 [ 113.753770] __fput+0x26d/0xa40 [ 113.753972] ____fput+0x1e/0x30 [ 113.754171] task_work_run+0x1a4/0x2d0 [ 113.754403] ? __pfx_task_work_run+0x10/0x10 [ 113.754669] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.755027] ? switch_task_namespaces+0xa9/0xe0 [ 113.755312] do_exit+0xb17/0x2ef0 [ 113.755513] ? lock_acquire+0x427/0x4c0 [ 113.755751] ? __pfx_lock_release+0x10/0x10 [ 113.756007] ? __kasan_check_write+0x18/0x20 [ 113.756265] ? do_raw_spin_lock+0x132/0x2a0 [ 113.756517] ? __pfx_do_exit+0x10/0x10 [ 113.756750] ? debug_smp_processor_id+0x20/0x30 [ 113.757029] ? rcu_is_watching+0x19/0xb0 [ 113.757268] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.757533] ? trace_hardirqs_on+0x26/0x120 [ 113.757787] do_group_exit+0xe0/0x2b0 [ 113.758010] __x64_sys_exit_group+0x47/0x50 [ 113.758260] do_syscall_64+0x3b/0x90 [ 113.758483] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.758800] RIP: 0033:0x7f4b87518a4d [ 113.759014] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.759371] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.759807] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.760217] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.760625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.761032] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.761443] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.761856] [ 113.761991] irq event stamp: 0 [ 113.762174] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.762551] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.763030] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.763514] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.763875] ---[ end trace 0000000000000000 ]--- [ 113.764376] ------------[ cut here ]------------ [ 113.764643] WARNING: CPU: 0 PID: 1026 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.765229] Modules linked in: [ 113.765413] CPU: 0 PID: 1026 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.765915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.766568] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.766863] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.767911] RSP: 0018:ffff8880173c7b78 EFLAGS: 00010246 [ 113.768217] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.768624] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 113.769034] RBP: ffff8880173c7b98 R08: ffffed10030ef53e R09: ffffed10030ef53e [ 113.769443] R10: ffff88801877a9ef R11: ffffed10030ef53d R12: ffff88801877aa90 [ 113.769851] R13: ffff88801877a8a8 R14: ffffffffffffffff R15: ffff8880173c7c60 [ 113.770259] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.770728] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.771062] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.771476] PKRU: 55555554 [ 113.771639] Call Trace: [ 113.771787] [ 113.771919] iommufd_ioas_destroy+0x53/0x70 [ 113.772172] iommufd_fops_release+0x1f7/0x370 [ 113.772437] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.772729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.773016] ? write_comp_data+0x2f/0x90 [ 113.773260] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.773555] __fput+0x26d/0xa40 [ 113.773756] ____fput+0x1e/0x30 [ 113.773955] task_work_run+0x1a4/0x2d0 [ 113.774186] ? __pfx_task_work_run+0x10/0x10 [ 113.774446] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.774742] ? switch_task_namespaces+0xa9/0xe0 [ 113.775020] do_exit+0xb17/0x2ef0 [ 113.775226] ? lock_acquire+0x427/0x4c0 [ 113.775463] ? __pfx_lock_release+0x10/0x10 [ 113.775717] ? __kasan_check_write+0x18/0x20 [ 113.775974] ? do_raw_spin_lock+0x132/0x2a0 [ 113.776225] ? __pfx_do_exit+0x10/0x10 [ 113.776457] ? debug_smp_processor_id+0x20/0x30 [ 113.776727] ? rcu_is_watching+0x19/0xb0 [ 113.776963] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.777229] ? trace_hardirqs_on+0x26/0x120 [ 113.777482] do_group_exit+0xe0/0x2b0 [ 113.777704] __x64_sys_exit_group+0x47/0x50 [ 113.777953] do_syscall_64+0x3b/0x90 [ 113.778175] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.778478] RIP: 0033:0x7f4b87518a4d [ 113.778703] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.779055] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.779491] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.779898] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.780303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.780710] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.781116] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.781528] [ 113.781663] irq event stamp: 0 [ 113.781845] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.782204] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.782687] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.783167] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.783525] ---[ end trace 0000000000000000 ]--- [ 113.786427] ------------[ cut here ]------------ [ 113.786906] WARNING: CPU: 0 PID: 1027 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.787491] Modules linked in: [ 113.787676] CPU: 0 PID: 1027 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.788174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.788811] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.789122] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.790153] RSP: 0018:ffff888016cffbb8 EFLAGS: 00010246 [ 113.790456] RAX: 0000000000000000 RBX: ffff8880244400a8 RCX: 0000000000000000 [ 113.790871] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 113.791279] RBP: ffff888016cffbd0 R08: ffffed1004888033 R09: ffffed1004888033 [ 113.791684] R10: ffff888024440193 R11: ffffed1004888032 R12: ffff888013b04400 [ 113.792088] R13: ffff8880244401e8 R14: ffffffff8352e670 R15: ffff888016cffe68 [ 113.792493] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.792948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.793279] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 113.793685] PKRU: 55555554 [ 113.793846] Call Trace: [ 113.793993] [ 113.794123] __iommufd_access_detach+0x1c2/0x2b0 [ 113.794404] iommufd_access_change_pt+0x149/0x270 [ 113.794695] iommufd_access_replace+0xb4/0x120 [ 113.794967] iommufd_test+0x3e5/0x37e0 [ 113.795199] ? lock_release+0x532/0x770 [ 113.795435] ? __might_fault+0x102/0x1b0 [ 113.795673] ? lock_acquire+0x427/0x4c0 [ 113.795910] ? __pfx_iommufd_test+0x10/0x10 [ 113.796157] ? __pfx_lock_release+0x10/0x10 [ 113.796412] ? __pfx_lock_acquire+0x10/0x10 [ 113.796665] ? write_comp_data+0x2f/0x90 [ 113.796903] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.797163] ? write_comp_data+0x2f/0x90 [ 113.797384] iommufd_fops_ioctl+0x37d/0x510 [ 113.797615] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.797898] ? write_comp_data+0x2f/0x90 [ 113.798140] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.798419] __x64_sys_ioctl+0x1a3/0x230 [ 113.798669] do_syscall_64+0x3b/0x90 [ 113.798891] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.799196] RIP: 0033:0x7f4b8743ee5d [ 113.799409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.800440] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.800870] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.801273] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.801677] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.802080] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.802482] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.802902] [ 113.803036] irq event stamp: 0 [ 113.803224] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.803581] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.804057] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.804492] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.804834] ---[ end trace 0000000000000000 ]--- [ 113.806971] ------------[ cut here ]------------ [ 113.807246] WARNING: CPU: 0 PID: 1027 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.807820] Modules linked in: [ 113.808003] CPU: 0 PID: 1027 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.808500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.809138] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.809423] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.810451] RSP: 0018:ffff888016cffbd0 EFLAGS: 00010246 [ 113.810763] RAX: 0000000000000000 RBX: ffff8880244400a8 RCX: 0000000000000000 [ 113.811173] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 113.811557] RBP: ffff888016cffbe8 R08: ffffed1004888033 R09: ffffed1004888033 [ 113.811929] R10: ffff888024440193 R11: ffffed1004888032 R12: ffff88801435d800 [ 113.812305] R13: ffff8880244401e8 R14: ffff888020e7a900 R15: 0000000000000000 [ 113.812693] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.813110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.813413] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.813808] PKRU: 55555554 [ 113.813970] Call Trace: [ 113.814116] [ 113.814248] iommufd_access_destroy_object+0x65/0x170 [ 113.814551] iommufd_object_destroy_user+0x18e/0x220 [ 113.814847] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.815189] iommufd_access_destroy+0x43/0x70 [ 113.815455] iommufd_test_staccess_release+0x8d/0xd0 [ 113.815753] __fput+0x26d/0xa40 [ 113.815954] ____fput+0x1e/0x30 [ 113.816148] task_work_run+0x1a4/0x2d0 [ 113.816359] ? __pfx_task_work_run+0x10/0x10 [ 113.816596] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.816857] ? switch_task_namespaces+0xa9/0xe0 [ 113.817121] do_exit+0xb17/0x2ef0 [ 113.817322] ? lock_acquire+0x427/0x4c0 [ 113.817539] ? __pfx_lock_release+0x10/0x10 [ 113.817771] ? __kasan_check_write+0x18/0x20 [ 113.818006] ? do_raw_spin_lock+0x132/0x2a0 [ 113.818237] ? __pfx_do_exit+0x10/0x10 [ 113.818471] ? debug_smp_processor_id+0x20/0x30 [ 113.818746] ? rcu_is_watching+0x19/0xb0 [ 113.818981] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.819251] ? trace_hardirqs_on+0x26/0x120 [ 113.819503] do_group_exit+0xe0/0x2b0 [ 113.819720] __x64_sys_exit_group+0x47/0x50 [ 113.819946] do_syscall_64+0x3b/0x90 [ 113.820148] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.820424] RIP: 0033:0x7f4b87518a4d [ 113.820632] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.820988] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.821383] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.821764] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.822168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.822579] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.822983] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.823395] [ 113.823529] irq event stamp: 0 [ 113.823710] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.824064] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.824519] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.824956] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.825297] ---[ end trace 0000000000000000 ]--- [ 113.825770] ------------[ cut here ]------------ [ 113.826014] WARNING: CPU: 0 PID: 1027 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.826579] Modules linked in: [ 113.826762] CPU: 0 PID: 1027 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.827266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.827903] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.828196] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.829227] RSP: 0018:ffff888016cffb78 EFLAGS: 00010246 [ 113.829529] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.829933] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 113.830337] RBP: ffff888016cffb98 R08: ffffed100488803e R09: ffffed100488803e [ 113.830753] R10: ffff8880244401ef R11: ffffed100488803d R12: ffff888024440290 [ 113.831159] R13: ffff8880244400a8 R14: ffffffffffffffff R15: ffff888016cffc60 [ 113.831563] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.832018] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.832349] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.832754] PKRU: 55555554 [ 113.832915] Call Trace: [ 113.833061] [ 113.833191] iommufd_ioas_destroy+0x53/0x70 [ 113.833441] iommufd_fops_release+0x1f7/0x370 [ 113.833704] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.833995] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.834279] ? write_comp_data+0x2f/0x90 [ 113.834530] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.834820] __fput+0x26d/0xa40 [ 113.835020] ____fput+0x1e/0x30 [ 113.835224] task_work_run+0x1a4/0x2d0 [ 113.835453] ? __pfx_task_work_run+0x10/0x10 [ 113.835711] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.835995] ? switch_task_namespaces+0xa9/0xe0 [ 113.836271] do_exit+0xb17/0x2ef0 [ 113.836470] ? lock_acquire+0x427/0x4c0 [ 113.836692] ? __pfx_lock_release+0x10/0x10 [ 113.836925] ? __kasan_check_write+0x18/0x20 [ 113.837159] ? do_raw_spin_lock+0x132/0x2a0 [ 113.837401] ? __pfx_do_exit+0x10/0x10 [ 113.837627] ? debug_smp_processor_id+0x20/0x30 [ 113.837885] ? rcu_is_watching+0x19/0xb0 [ 113.838100] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.838344] ? trace_hardirqs_on+0x26/0x120 [ 113.838592] do_group_exit+0xe0/0x2b0 [ 113.838812] __x64_sys_exit_group+0x47/0x50 [ 113.839060] do_syscall_64+0x3b/0x90 [ 113.839282] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.839584] RIP: 0033:0x7f4b87518a4d [ 113.839797] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.840146] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.840576] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.840967] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.841358] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.841729] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.842122] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.842538] [ 113.842673] irq event stamp: 0 [ 113.842854] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.843218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.843693] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.844167] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.844524] ---[ end trace 0000000000000000 ]--- [ 113.847601] ------------[ cut here ]------------ [ 113.847877] WARNING: CPU: 0 PID: 1028 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.848452] Modules linked in: [ 113.848635] CPU: 0 PID: 1028 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.849120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.849718] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.849987] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.851053] RSP: 0018:ffff88800b31fbb8 EFLAGS: 00010246 [ 113.851360] RAX: 0000000000000000 RBX: ffff8880245d60a8 RCX: 0000000000000000 [ 113.851764] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 113.852168] RBP: ffff88800b31fbd0 R08: ffffed10048bac33 R09: ffffed10048bac33 [ 113.852554] R10: ffff8880245d6193 R11: ffffed10048bac32 R12: ffff888013d23800 [ 113.852939] R13: ffff8880245d61e8 R14: ffffffff8352e670 R15: ffff88800b31fe68 [ 113.853326] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.853768] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.854096] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 113.854501] PKRU: 55555554 [ 113.854675] Call Trace: [ 113.854823] [ 113.854953] __iommufd_access_detach+0x1c2/0x2b0 [ 113.855237] iommufd_access_change_pt+0x149/0x270 [ 113.855521] iommufd_access_replace+0xb4/0x120 [ 113.855790] iommufd_test+0x3e5/0x37e0 [ 113.856009] ? lock_release+0x532/0x770 [ 113.856224] ? __might_fault+0x102/0x1b0 [ 113.856442] ? lock_acquire+0x427/0x4c0 [ 113.856658] ? __pfx_iommufd_test+0x10/0x10 [ 113.856899] ? __pfx_lock_release+0x10/0x10 [ 113.857150] ? __pfx_lock_acquire+0x10/0x10 [ 113.857383] ? write_comp_data+0x2f/0x90 [ 113.857603] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.857862] ? write_comp_data+0x2f/0x90 [ 113.858097] iommufd_fops_ioctl+0x37d/0x510 [ 113.858349] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.858640] ? write_comp_data+0x2f/0x90 [ 113.858880] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.859165] __x64_sys_ioctl+0x1a3/0x230 [ 113.859404] do_syscall_64+0x3b/0x90 [ 113.859605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.859879] RIP: 0033:0x7f4b8743ee5d [ 113.860073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.861037] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.861429] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.861819] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.862221] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.862631] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.863032] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.863440] [ 113.863573] irq event stamp: 0 [ 113.863753] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.864108] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.864543] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.864974] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.865323] ---[ end trace 0000000000000000 ]--- [ 113.867334] ------------[ cut here ]------------ [ 113.867604] WARNING: CPU: 0 PID: 1028 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.868137] Modules linked in: [ 113.868304] CPU: 0 PID: 1028 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.868778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.869375] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.869633] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.870663] RSP: 0018:ffff88800b31fbd0 EFLAGS: 00010246 [ 113.870964] RAX: 0000000000000000 RBX: ffff8880245d60a8 RCX: 0000000000000000 [ 113.871369] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 113.871771] RBP: ffff88800b31fbe8 R08: ffffed10048bac33 R09: ffffed10048bac33 [ 113.872160] R10: ffff8880245d6193 R11: ffffed10048bac32 R12: ffff888013b04000 [ 113.872546] R13: ffff8880245d61e8 R14: ffff888012cef300 R15: 0000000000000000 [ 113.872919] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.873350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.873660] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.874043] PKRU: 55555554 [ 113.874190] Call Trace: [ 113.874336] [ 113.874466] iommufd_access_destroy_object+0x65/0x170 [ 113.874769] iommufd_object_destroy_user+0x18e/0x220 [ 113.875063] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.875402] iommufd_access_destroy+0x43/0x70 [ 113.875665] iommufd_test_staccess_release+0x8d/0xd0 [ 113.875961] __fput+0x26d/0xa40 [ 113.876162] ____fput+0x1e/0x30 [ 113.876342] task_work_run+0x1a4/0x2d0 [ 113.876557] ? __pfx_task_work_run+0x10/0x10 [ 113.876801] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.877060] ? switch_task_namespaces+0xa9/0xe0 [ 113.877329] do_exit+0xb17/0x2ef0 [ 113.877517] ? lock_acquire+0x427/0x4c0 [ 113.877737] ? __pfx_lock_release+0x10/0x10 [ 113.877990] ? __kasan_check_write+0x18/0x20 [ 113.878245] ? do_raw_spin_lock+0x132/0x2a0 [ 113.878493] ? __pfx_do_exit+0x10/0x10 [ 113.878734] ? debug_smp_processor_id+0x20/0x30 [ 113.879002] ? rcu_is_watching+0x19/0xb0 [ 113.879238] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.879503] ? trace_hardirqs_on+0x26/0x120 [ 113.879755] do_group_exit+0xe0/0x2b0 [ 113.879975] __x64_sys_exit_group+0x47/0x50 [ 113.880210] do_syscall_64+0x3b/0x90 [ 113.880411] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.880687] RIP: 0033:0x7f4b87518a4d [ 113.880897] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.881235] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.881634] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.882012] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.882405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.882817] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.883222] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.883624] [ 113.883746] irq event stamp: 0 [ 113.883912] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.884241] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.884702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.885149] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.885477] ---[ end trace 0000000000000000 ]--- [ 113.885959] ------------[ cut here ]------------ [ 113.886222] WARNING: CPU: 0 PID: 1028 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.886805] Modules linked in: [ 113.886987] CPU: 0 PID: 1028 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.887483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.888115] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.888391] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.889377] RSP: 0018:ffff88800b31fb78 EFLAGS: 00010246 [ 113.889667] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.890069] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 113.890471] RBP: ffff88800b31fb98 R08: ffffed10048bac3e R09: ffffed10048bac3e [ 113.890882] R10: ffff8880245d61ef R11: ffffed10048bac3d R12: ffff8880245d6290 [ 113.891291] R13: ffff8880245d60a8 R14: ffffffffffffffff R15: ffff88800b31fc60 [ 113.891693] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.892124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.892425] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.892804] PKRU: 55555554 [ 113.892966] Call Trace: [ 113.893107] [ 113.893228] iommufd_ioas_destroy+0x53/0x70 [ 113.893457] iommufd_fops_release+0x1f7/0x370 [ 113.893698] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.893967] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.894251] ? write_comp_data+0x2f/0x90 [ 113.894495] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.894793] __fput+0x26d/0xa40 [ 113.894994] ____fput+0x1e/0x30 [ 113.895194] task_work_run+0x1a4/0x2d0 [ 113.895422] ? __pfx_task_work_run+0x10/0x10 [ 113.895657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.895916] ? switch_task_namespaces+0xa9/0xe0 [ 113.896168] do_exit+0xb17/0x2ef0 [ 113.896353] ? lock_acquire+0x427/0x4c0 [ 113.896587] ? __pfx_lock_release+0x10/0x10 [ 113.896824] ? __kasan_check_write+0x18/0x20 [ 113.897057] ? do_raw_spin_lock+0x132/0x2a0 [ 113.897288] ? __pfx_do_exit+0x10/0x10 [ 113.897500] ? debug_smp_processor_id+0x20/0x30 [ 113.897764] ? rcu_is_watching+0x19/0xb0 [ 113.897999] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.898264] ? trace_hardirqs_on+0x26/0x120 [ 113.898528] do_group_exit+0xe0/0x2b0 [ 113.898749] __x64_sys_exit_group+0x47/0x50 [ 113.898996] do_syscall_64+0x3b/0x90 [ 113.899224] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.899526] RIP: 0033:0x7f4b87518a4d [ 113.899738] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.900088] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.900494] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.900866] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.901242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.901626] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.901998] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.902373] [ 113.902519] irq event stamp: 0 [ 113.902700] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.903058] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.903539] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.904012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.904341] ---[ end trace 0000000000000000 ]--- [ 113.907544] ------------[ cut here ]------------ [ 113.907831] WARNING: CPU: 0 PID: 1029 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.908410] Modules linked in: [ 113.908594] CPU: 0 PID: 1029 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.909079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.909671] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.909944] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.911133] RSP: 0018:ffff88801723fbb8 EFLAGS: 00010246 [ 113.911438] RAX: 0000000000000000 RBX: ffff8880245a30a8 RCX: 0000000000000000 [ 113.911841] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 113.912241] RBP: ffff88801723fbd0 R08: ffffed10048b4633 R09: ffffed10048b4633 [ 113.912626] R10: ffff8880245a3193 R11: ffffed10048b4632 R12: ffff888013e99000 [ 113.912998] R13: ffff8880245a31e8 R14: ffffffff8352e670 R15: ffff88801723fe68 [ 113.913390] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.913823] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.914127] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ef0 [ 113.914519] PKRU: 55555554 [ 113.914683] Call Trace: [ 113.914830] [ 113.914961] __iommufd_access_detach+0x1c2/0x2b0 [ 113.915249] iommufd_access_change_pt+0x149/0x270 [ 113.915533] iommufd_access_replace+0xb4/0x120 [ 113.915799] iommufd_test+0x3e5/0x37e0 [ 113.916006] ? lock_release+0x532/0x770 [ 113.916241] ? __might_fault+0x102/0x1b0 [ 113.916461] ? lock_acquire+0x427/0x4c0 [ 113.916678] ? __pfx_iommufd_test+0x10/0x10 [ 113.916952] ? __pfx_lock_release+0x10/0x10 [ 113.917187] ? __pfx_lock_acquire+0x10/0x10 [ 113.917437] ? write_comp_data+0x2f/0x90 [ 113.917671] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.917932] ? write_comp_data+0x2f/0x90 [ 113.918175] iommufd_fops_ioctl+0x37d/0x510 [ 113.918408] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.918706] ? write_comp_data+0x2f/0x90 [ 113.918950] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.919240] __x64_sys_ioctl+0x1a3/0x230 [ 113.919485] do_syscall_64+0x3b/0x90 [ 113.919708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.919987] RIP: 0033:0x7f4b8743ee5d [ 113.920186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.921187] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.921621] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.922026] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.922432] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.922849] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.923261] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.923674] [ 113.923810] irq event stamp: 0 [ 113.923993] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.924349] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.924790] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.925233] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.925587] ---[ end trace 0000000000000000 ]--- [ 113.927729] ------------[ cut here ]------------ [ 113.928012] WARNING: CPU: 0 PID: 1029 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.928591] Modules linked in: [ 113.928777] CPU: 0 PID: 1029 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.929277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.929918] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.930208] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.931283] RSP: 0018:ffff88801723fbd0 EFLAGS: 00010246 [ 113.931593] RAX: 0000000000000000 RBX: ffff8880245a30a8 RCX: 0000000000000000 [ 113.932002] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 113.932410] RBP: ffff88801723fbe8 R08: ffffed10048b4633 R09: ffffed10048b4633 [ 113.932818] R10: ffff8880245a3193 R11: ffffed10048b4632 R12: ffff888013d22800 [ 113.933230] R13: ffff8880245a31e8 R14: ffff88801399e800 R15: 0000000000000000 [ 113.933645] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.934107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.934442] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.934870] PKRU: 55555554 [ 113.935039] Call Trace: [ 113.935195] [ 113.935328] iommufd_access_destroy_object+0x65/0x170 [ 113.935630] iommufd_object_destroy_user+0x18e/0x220 [ 113.935929] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 113.936270] iommufd_access_destroy+0x43/0x70 [ 113.936539] iommufd_test_staccess_release+0x8d/0xd0 [ 113.936844] __fput+0x26d/0xa40 [ 113.937152] ____fput+0x1e/0x30 [ 113.937354] task_work_run+0x1a4/0x2d0 [ 113.937590] ? __pfx_task_work_run+0x10/0x10 [ 113.937851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.938147] ? switch_task_namespaces+0xa9/0xe0 [ 113.938426] do_exit+0xb17/0x2ef0 [ 113.938649] ? lock_acquire+0x427/0x4c0 [ 113.938894] ? __pfx_lock_release+0x10/0x10 [ 113.939158] ? __kasan_check_write+0x18/0x20 [ 113.939422] ? do_raw_spin_lock+0x132/0x2a0 [ 113.939676] ? __pfx_do_exit+0x10/0x10 [ 113.939914] ? debug_smp_processor_id+0x20/0x30 [ 113.940188] ? rcu_is_watching+0x19/0xb0 [ 113.940427] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.940697] ? trace_hardirqs_on+0x26/0x120 [ 113.940956] do_group_exit+0xe0/0x2b0 [ 113.941182] __x64_sys_exit_group+0x47/0x50 [ 113.941434] do_syscall_64+0x3b/0x90 [ 113.941658] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.941966] RIP: 0033:0x7f4b87518a4d [ 113.942187] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.942552] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.942992] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.943407] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.943817] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.944234] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.944643] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.945060] [ 113.945199] irq event stamp: 0 [ 113.945382] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.945746] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.946228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.946721] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.947084] ---[ end trace 0000000000000000 ]--- [ 113.947834] ------------[ cut here ]------------ [ 113.948113] WARNING: CPU: 0 PID: 1029 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 113.948701] Modules linked in: [ 113.948888] CPU: 0 PID: 1029 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.949442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.950089] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 113.950387] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 113.951458] RSP: 0018:ffff88801723fb78 EFLAGS: 00010246 [ 113.951768] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 113.952178] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 113.952587] RBP: ffff88801723fb98 R08: ffffed10048b463e R09: ffffed10048b463e [ 113.952997] R10: ffff8880245a31ef R11: ffffed10048b463d R12: ffff8880245a3290 [ 113.953409] R13: ffff8880245a30a8 R14: ffffffffffffffff R15: ffff88801723fc60 [ 113.953820] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.954287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.954679] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.955099] PKRU: 55555554 [ 113.955282] Call Trace: [ 113.955434] [ 113.955583] iommufd_ioas_destroy+0x53/0x70 [ 113.955842] iommufd_fops_release+0x1f7/0x370 [ 113.956110] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.956411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.956707] ? write_comp_data+0x2f/0x90 [ 113.956955] ? __pfx_iommufd_fops_release+0x10/0x10 [ 113.957247] __fput+0x26d/0xa40 [ 113.957454] ____fput+0x1e/0x30 [ 113.957654] task_work_run+0x1a4/0x2d0 [ 113.957890] ? __pfx_task_work_run+0x10/0x10 [ 113.958160] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.958460] ? switch_task_namespaces+0xa9/0xe0 [ 113.958761] do_exit+0xb17/0x2ef0 [ 113.958973] ? lock_acquire+0x427/0x4c0 [ 113.959229] ? __pfx_lock_release+0x10/0x10 [ 113.959494] ? __kasan_check_write+0x18/0x20 [ 113.959756] ? do_raw_spin_lock+0x132/0x2a0 [ 113.960010] ? __pfx_do_exit+0x10/0x10 [ 113.960244] ? debug_smp_processor_id+0x20/0x30 [ 113.960517] ? rcu_is_watching+0x19/0xb0 [ 113.960757] ? _raw_spin_unlock_irq+0x2b/0x60 [ 113.961026] ? trace_hardirqs_on+0x26/0x120 [ 113.961284] do_group_exit+0xe0/0x2b0 [ 113.961509] __x64_sys_exit_group+0x47/0x50 [ 113.961759] do_syscall_64+0x3b/0x90 [ 113.961986] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.962292] RIP: 0033:0x7f4b87518a4d [ 113.962524] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 113.962884] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 113.963335] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 113.963747] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 113.964160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 113.964572] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 113.964983] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 113.965404] [ 113.965543] irq event stamp: 0 [ 113.965727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.966089] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.966590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.967088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.967467] ---[ end trace 0000000000000000 ]--- [ 113.970660] ------------[ cut here ]------------ [ 113.970965] WARNING: CPU: 0 PID: 1030 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.971575] Modules linked in: [ 113.971764] CPU: 0 PID: 1030 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.972275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.973013] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.973356] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.974429] RSP: 0018:ffff88801484fbb8 EFLAGS: 00010246 [ 113.974755] RAX: 0000000000000000 RBX: ffff8880173188a8 RCX: 0000000000000000 [ 113.975183] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 113.975605] RBP: ffff88801484fbd0 R08: ffffed1002e63133 R09: ffffed1002e63133 [ 113.976020] R10: ffff888017318993 R11: ffffed1002e63132 R12: ffff888014449000 [ 113.976439] R13: ffff8880173189e8 R14: ffffffff8352e670 R15: ffff88801484fe68 [ 113.976861] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.977331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.977672] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 113.978091] PKRU: 55555554 [ 113.978260] Call Trace: [ 113.978412] [ 113.978561] __iommufd_access_detach+0x1c2/0x2b0 [ 113.978855] iommufd_access_change_pt+0x149/0x270 [ 113.979153] iommufd_access_replace+0xb4/0x120 [ 113.979442] iommufd_test+0x3e5/0x37e0 [ 113.979676] ? lock_release+0x532/0x770 [ 113.979920] ? __might_fault+0x102/0x1b0 [ 113.980170] ? lock_acquire+0x427/0x4c0 [ 113.980414] ? __pfx_iommufd_test+0x10/0x10 [ 113.980668] ? __pfx_lock_release+0x10/0x10 [ 113.980980] ? __pfx_lock_acquire+0x10/0x10 [ 113.981248] ? write_comp_data+0x2f/0x90 [ 113.981497] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 113.981791] ? write_comp_data+0x2f/0x90 [ 113.982041] iommufd_fops_ioctl+0x37d/0x510 [ 113.982300] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.982613] ? write_comp_data+0x2f/0x90 [ 113.982865] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 113.983163] __x64_sys_ioctl+0x1a3/0x230 [ 113.983414] do_syscall_64+0x3b/0x90 [ 113.983644] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 113.983959] RIP: 0033:0x7f4b8743ee5d [ 113.984180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 113.985248] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 113.985701] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 113.986123] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 113.986559] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 113.986995] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 113.987422] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 113.987852] [ 113.987993] irq event stamp: 0 [ 113.988182] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 113.988555] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 113.989052] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 113.989549] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 113.989922] ---[ end trace 0000000000000000 ]--- [ 113.992480] ------------[ cut here ]------------ [ 113.992774] WARNING: CPU: 0 PID: 1030 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 113.993376] Modules linked in: [ 113.993568] CPU: 0 PID: 1030 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 113.994083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 113.994760] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 113.995057] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 113.996144] RSP: 0018:ffff88801484fbd0 EFLAGS: 00010246 [ 113.996461] RAX: 0000000000000000 RBX: ffff8880173188a8 RCX: 0000000000000000 [ 113.996880] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 113.997297] RBP: ffff88801484fbe8 R08: ffffed1002e63133 R09: ffffed1002e63133 [ 113.997715] R10: ffff888017318993 R11: ffffed1002e63132 R12: ffff888013e98400 [ 113.998138] R13: ffff8880173189e8 R14: ffff888020917700 R15: 0000000000000000 [ 113.998570] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 113.999044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.999394] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 113.999937] PKRU: 55555554 [ 114.000111] Call Trace: [ 114.000264] [ 114.000400] iommufd_access_destroy_object+0x65/0x170 [ 114.000712] iommufd_object_destroy_user+0x18e/0x220 [ 114.001023] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.001378] iommufd_access_destroy+0x43/0x70 [ 114.001655] iommufd_test_staccess_release+0x8d/0xd0 [ 114.001966] __fput+0x26d/0xa40 [ 114.002178] ____fput+0x1e/0x30 [ 114.002384] task_work_run+0x1a4/0x2d0 [ 114.002635] ? __pfx_task_work_run+0x10/0x10 [ 114.002906] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.003207] ? switch_task_namespaces+0xa9/0xe0 [ 114.003526] do_exit+0xb17/0x2ef0 [ 114.003762] ? lock_acquire+0x427/0x4c0 [ 114.004036] ? __pfx_lock_release+0x10/0x10 [ 114.004339] ? __kasan_check_write+0x18/0x20 [ 114.004630] ? do_raw_spin_lock+0x132/0x2a0 [ 114.004892] ? __pfx_do_exit+0x10/0x10 [ 114.005134] ? debug_smp_processor_id+0x20/0x30 [ 114.005416] ? rcu_is_watching+0x19/0xb0 [ 114.005662] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.005937] ? trace_hardirqs_on+0x26/0x120 [ 114.006199] do_group_exit+0xe0/0x2b0 [ 114.006428] __x64_sys_exit_group+0x47/0x50 [ 114.006696] do_syscall_64+0x3b/0x90 [ 114.006927] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.007251] RIP: 0033:0x7f4b87518a4d [ 114.007474] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.007839] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.008292] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.008721] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.009161] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.009603] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.010040] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.010563] [ 114.010736] irq event stamp: 0 [ 114.010970] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.011447] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.011956] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.012455] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.012833] ---[ end trace 0000000000000000 ]--- [ 114.013657] ------------[ cut here ]------------ [ 114.013947] WARNING: CPU: 0 PID: 1030 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.014589] Modules linked in: [ 114.014790] CPU: 0 PID: 1030 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.015327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.016124] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.016439] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.017614] RSP: 0018:ffff88801484fb78 EFLAGS: 00010246 [ 114.017937] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.018366] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 114.018806] RBP: ffff88801484fb98 R08: ffffed1002e6313e R09: ffffed1002e6313e [ 114.019348] R10: ffff8880173189ef R11: ffffed1002e6313d R12: ffff888017318a90 [ 114.019777] R13: ffff8880173188a8 R14: ffffffffffffffff R15: ffff88801484fc60 [ 114.020203] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.020701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.021137] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 114.021571] PKRU: 55555554 [ 114.021742] Call Trace: [ 114.021897] [ 114.022034] iommufd_ioas_destroy+0x53/0x70 [ 114.022301] iommufd_fops_release+0x1f7/0x370 [ 114.022597] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.022901] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.023215] ? write_comp_data+0x2f/0x90 [ 114.023507] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.023892] __fput+0x26d/0xa40 [ 114.024107] ____fput+0x1e/0x30 [ 114.024315] task_work_run+0x1a4/0x2d0 [ 114.024559] ? __pfx_task_work_run+0x10/0x10 [ 114.024831] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.025233] ? switch_task_namespaces+0xa9/0xe0 [ 114.025527] do_exit+0xb17/0x2ef0 [ 114.025743] ? lock_acquire+0x427/0x4c0 [ 114.025996] ? __pfx_lock_release+0x10/0x10 [ 114.026267] ? __kasan_check_write+0x18/0x20 [ 114.026558] ? do_raw_spin_lock+0x132/0x2a0 [ 114.026932] ? __pfx_do_exit+0x10/0x10 [ 114.027197] ? debug_smp_processor_id+0x20/0x30 [ 114.027490] ? rcu_is_watching+0x19/0xb0 [ 114.027747] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.028035] ? trace_hardirqs_on+0x26/0x120 [ 114.028316] do_group_exit+0xe0/0x2b0 [ 114.028562] __x64_sys_exit_group+0x47/0x50 [ 114.028850] do_syscall_64+0x3b/0x90 [ 114.029182] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.029514] RIP: 0033:0x7f4b87518a4d [ 114.029750] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.030131] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.031015] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.031752] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.032446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.033238] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.033928] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.034848] [ 114.035134] irq event stamp: 0 [ 114.035497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.036269] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.037064] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.037985] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.038616] ---[ end trace 0000000000000000 ]--- [ 114.044297] ------------[ cut here ]------------ [ 114.044802] WARNING: CPU: 0 PID: 1031 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.045795] Modules linked in: [ 114.046121] CPU: 0 PID: 1031 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.047103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.048232] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.048732] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.050552] RSP: 0018:ffff88801723fbb8 EFLAGS: 00010246 [ 114.051088] RAX: 0000000000000000 RBX: ffff888011e1a0a8 RCX: 0000000000000000 [ 114.051803] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 114.052510] RBP: ffff88801723fbd0 R08: ffffed10023c3433 R09: ffffed10023c3433 [ 114.053233] R10: ffff888011e1a193 R11: ffffed10023c3432 R12: ffff88800ba2e400 [ 114.053959] R13: ffff888011e1a1e8 R14: ffffffff8352e670 R15: ffff88801723fe68 [ 114.054715] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.055544] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.056140] CR2: 00007f4b877410e8 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 114.056874] PKRU: 55555554 [ 114.057171] Call Trace: [ 114.057444] [ 114.057687] __iommufd_access_detach+0x1c2/0x2b0 [ 114.058203] iommufd_access_change_pt+0x149/0x270 [ 114.058753] iommufd_access_replace+0xb4/0x120 [ 114.059267] iommufd_test+0x3e5/0x37e0 [ 114.059680] ? lock_release+0x532/0x770 [ 114.060111] ? __might_fault+0x102/0x1b0 [ 114.060546] ? lock_acquire+0x427/0x4c0 [ 114.060978] ? __pfx_iommufd_test+0x10/0x10 [ 114.061433] ? __pfx_lock_release+0x10/0x10 [ 114.061895] ? __pfx_lock_acquire+0x10/0x10 [ 114.062382] ? write_comp_data+0x2f/0x90 [ 114.063144] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.063673] ? write_comp_data+0x2f/0x90 [ 114.064116] iommufd_fops_ioctl+0x37d/0x510 [ 114.064576] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.065096] ? write_comp_data+0x2f/0x90 [ 114.065538] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.066048] __x64_sys_ioctl+0x1a3/0x230 [ 114.066492] do_syscall_64+0x3b/0x90 [ 114.066935] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.067498] RIP: 0033:0x7f4b8743ee5d [ 114.067890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.069750] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.070563] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.071312] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.072051] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.072786] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.073524] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.074281] [ 114.074563] irq event stamp: 0 [ 114.074903] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.075585] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.076455] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.077319] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.077973] ---[ end trace 0000000000000000 ]--- [ 114.080882] ------------[ cut here ]------------ [ 114.081302] WARNING: CPU: 1 PID: 1031 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.082132] Modules linked in: [ 114.082393] CPU: 1 PID: 1031 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.083187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.084109] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.084519] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.086164] RSP: 0018:ffff88801723fbd0 EFLAGS: 00010246 [ 114.086633] RAX: 0000000000000000 RBX: ffff888011e1a0a8 RCX: 0000000000000000 [ 114.087224] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 114.087829] RBP: ffff88801723fbe8 R08: ffffed10023c3433 R09: ffffed10023c3433 [ 114.088521] R10: ffff888011e1a193 R11: ffffed10023c3432 R12: ffff888014448400 [ 114.089107] R13: ffff888011e1a1e8 R14: ffff888013435800 R15: 0000000000000000 [ 114.089699] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.090381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.091010] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 114.091634] PKRU: 55555554 [ 114.091876] Call Trace: [ 114.092097] [ 114.092296] iommufd_access_destroy_object+0x65/0x170 [ 114.092745] iommufd_object_destroy_user+0x18e/0x220 [ 114.093190] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.093795] iommufd_access_destroy+0x43/0x70 [ 114.094192] iommufd_test_staccess_release+0x8d/0xd0 [ 114.094660] __fput+0x26d/0xa40 [ 114.094962] ____fput+0x1e/0x30 [ 114.095267] task_work_run+0x1a4/0x2d0 [ 114.095609] ? __pfx_task_work_run+0x10/0x10 [ 114.096021] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.096522] ? switch_task_namespaces+0xa9/0xe0 [ 114.096938] do_exit+0xb17/0x2ef0 [ 114.097241] ? lock_acquire+0x427/0x4c0 [ 114.097595] ? __pfx_lock_release+0x10/0x10 [ 114.097977] ? __kasan_check_write+0x18/0x20 [ 114.098374] ? do_raw_spin_lock+0x132/0x2a0 [ 114.098798] ? __pfx_do_exit+0x10/0x10 [ 114.099235] ? debug_smp_processor_id+0x20/0x30 [ 114.099649] ? rcu_is_watching+0x19/0xb0 [ 114.100005] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.100408] ? trace_hardirqs_on+0x26/0x120 [ 114.100790] do_group_exit+0xe0/0x2b0 [ 114.101124] __x64_sys_exit_group+0x47/0x50 [ 114.101526] do_syscall_64+0x3b/0x90 [ 114.101941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.102401] RIP: 0033:0x7f4b87518a4d [ 114.102758] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.103313] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.103988] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.104726] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.105353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.105979] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.106639] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.107403] [ 114.107616] irq event stamp: 0 [ 114.107897] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.108457] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.109205] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.110009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.110662] ---[ end trace 0000000000000000 ]--- [ 114.113354] ------------[ cut here ]------------ [ 114.113797] WARNING: CPU: 1 PID: 1031 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.114799] Modules linked in: [ 114.115172] CPU: 1 PID: 1031 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.116093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.117180] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.117661] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.119501] RSP: 0018:ffff88801723fb78 EFLAGS: 00010246 [ 114.119999] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.120653] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 114.121310] RBP: ffff88801723fb98 R08: ffffed10023c343e R09: ffffed10023c343e [ 114.122022] R10: ffff888011e1a1ef R11: ffffed10023c343d R12: ffff888011e1a290 [ 114.122753] R13: ffff888011e1a0a8 R14: ffffffffffffffff R15: ffff88801723fc60 [ 114.123428] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.124179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.124721] CR2: 00007f82e2f86030 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 114.125494] PKRU: 55555554 [ 114.125763] Call Trace: [ 114.126004] [ 114.126218] iommufd_ioas_destroy+0x53/0x70 [ 114.126661] iommufd_fops_release+0x1f7/0x370 [ 114.127089] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.127573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.128141] ? write_comp_data+0x2f/0x90 [ 114.128548] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.129036] __fput+0x26d/0xa40 [ 114.129373] ____fput+0x1e/0x30 [ 114.129702] task_work_run+0x1a4/0x2d0 [ 114.130086] ? __pfx_task_work_run+0x10/0x10 [ 114.130550] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.131157] ? switch_task_namespaces+0xa9/0xe0 [ 114.131628] do_exit+0xb17/0x2ef0 [ 114.131973] ? lock_acquire+0x427/0x4c0 [ 114.132371] ? __pfx_lock_release+0x10/0x10 [ 114.132819] ? __kasan_check_write+0x18/0x20 [ 114.133259] ? do_raw_spin_lock+0x132/0x2a0 [ 114.133689] ? __pfx_do_exit+0x10/0x10 [ 114.134168] ? debug_smp_processor_id+0x20/0x30 [ 114.134708] ? rcu_is_watching+0x19/0xb0 [ 114.135121] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.135577] ? trace_hardirqs_on+0x26/0x120 [ 114.136006] do_group_exit+0xe0/0x2b0 [ 114.136386] __x64_sys_exit_group+0x47/0x50 [ 114.136813] do_syscall_64+0x3b/0x90 [ 114.137315] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.137829] RIP: 0033:0x7f4b87518a4d [ 114.138193] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.138819] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.139574] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.140392] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.141086] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.141776] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.142490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.143264] [ 114.143502] irq event stamp: 0 [ 114.143817] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.144449] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.145286] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.146119] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.146876] ---[ end trace 0000000000000000 ]--- [ 114.152589] ------------[ cut here ]------------ [ 114.153141] WARNING: CPU: 1 PID: 1032 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.154313] Modules linked in: [ 114.154692] CPU: 1 PID: 1032 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.155577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.156705] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.157352] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.159210] RSP: 0018:ffff888017987bb8 EFLAGS: 00010246 [ 114.159758] RAX: 0000000000000000 RBX: ffff8880147010a8 RCX: 0000000000000000 [ 114.160618] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 114.161340] RBP: ffff888017987bd0 R08: ffffed10028e0233 R09: ffffed10028e0233 [ 114.162061] R10: ffff888014701193 R11: ffffed10028e0232 R12: ffff888010e00400 [ 114.162811] R13: ffff8880147011e8 R14: ffffffff8352e670 R15: ffff888017987e68 [ 114.163575] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.164540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.165128] CR2: 00007f4b877410e8 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 114.165843] PKRU: 55555554 [ 114.166131] Call Trace: [ 114.166391] [ 114.166652] __iommufd_access_detach+0x1c2/0x2b0 [ 114.167299] iommufd_access_change_pt+0x149/0x270 [ 114.167796] iommufd_access_replace+0xb4/0x120 [ 114.168268] iommufd_test+0x3e5/0x37e0 [ 114.168660] ? lock_release+0x532/0x770 [ 114.169073] ? __might_fault+0x102/0x1b0 [ 114.169500] ? lock_acquire+0x427/0x4c0 [ 114.169990] ? __pfx_iommufd_test+0x10/0x10 [ 114.170494] ? __pfx_lock_release+0x10/0x10 [ 114.170988] ? __pfx_lock_acquire+0x10/0x10 [ 114.171446] ? write_comp_data+0x2f/0x90 [ 114.171862] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.172357] ? write_comp_data+0x2f/0x90 [ 114.172780] iommufd_fops_ioctl+0x37d/0x510 [ 114.173290] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.173858] ? write_comp_data+0x2f/0x90 [ 114.174278] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.174789] __x64_sys_ioctl+0x1a3/0x230 [ 114.175230] do_syscall_64+0x3b/0x90 [ 114.175622] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.176157] RIP: 0033:0x7f4b8743ee5d [ 114.176541] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.178608] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.179404] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.180129] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.180856] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.181589] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.182321] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.183281] [ 114.183527] irq event stamp: 0 [ 114.183849] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.184499] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.185351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.186224] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.187062] ---[ end trace 0000000000000000 ]--- [ 114.190407] ------------[ cut here ]------------ [ 114.191174] WARNING: CPU: 1 PID: 1032 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.192276] Modules linked in: [ 114.192624] CPU: 1 PID: 1032 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.193559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.194998] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.195559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.197520] RSP: 0018:ffff888017987bd0 EFLAGS: 00010246 [ 114.198097] RAX: 0000000000000000 RBX: ffff8880147010a8 RCX: 0000000000000000 [ 114.199107] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 114.199895] RBP: ffff888017987be8 R08: ffffed10028e0233 R09: ffffed10028e0233 [ 114.200667] R10: ffff888014701193 R11: ffffed10028e0232 R12: ffff88800f29ec00 [ 114.201429] R13: ffff8880147011e8 R14: ffff888020935700 R15: 0000000000000000 [ 114.202232] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.203331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.203968] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 114.204739] PKRU: 55555554 [ 114.205044] Call Trace: [ 114.205324] [ 114.205567] iommufd_access_destroy_object+0x65/0x170 [ 114.206136] iommufd_object_destroy_user+0x18e/0x220 [ 114.206912] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.207559] iommufd_access_destroy+0x43/0x70 [ 114.208056] iommufd_test_staccess_release+0x8d/0xd0 [ 114.208612] __fput+0x26d/0xa40 [ 114.208988] ____fput+0x1e/0x30 [ 114.209357] task_work_run+0x1a4/0x2d0 [ 114.209791] ? __pfx_task_work_run+0x10/0x10 [ 114.210277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.210886] ? switch_task_namespaces+0xa9/0xe0 [ 114.211545] do_exit+0xb17/0x2ef0 [ 114.211904] ? lock_acquire+0x427/0x4c0 [ 114.212313] ? __pfx_lock_release+0x10/0x10 [ 114.212755] ? __kasan_check_write+0x18/0x20 [ 114.213209] ? do_raw_spin_lock+0x132/0x2a0 [ 114.213644] ? __pfx_do_exit+0x10/0x10 [ 114.214047] ? debug_smp_processor_id+0x20/0x30 [ 114.214567] ? rcu_is_watching+0x19/0xb0 [ 114.214983] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.215461] ? trace_hardirqs_on+0x26/0x120 [ 114.215938] do_group_exit+0xe0/0x2b0 [ 114.216442] __x64_sys_exit_group+0x47/0x50 [ 114.217056] do_syscall_64+0x3b/0x90 [ 114.217605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.218139] RIP: 0033:0x7f4b87518a4d [ 114.218558] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.219181] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.219941] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.220658] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.221408] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.222378] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.223307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.224042] [ 114.224284] irq event stamp: 0 [ 114.224605] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.225250] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.226159] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.227384] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.228022] ---[ end trace 0000000000000000 ]--- [ 114.228995] ------------[ cut here ]------------ [ 114.229486] WARNING: CPU: 1 PID: 1032 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.230579] Modules linked in: [ 114.230909] CPU: 1 PID: 1032 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.231845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.233121] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.233613] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.235397] RSP: 0018:ffff888017987b78 EFLAGS: 00010246 [ 114.236040] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.236698] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 114.237357] RBP: ffff888017987b98 R08: ffffed10028e023e R09: ffffed10028e023e [ 114.238015] R10: ffff8880147011ef R11: ffffed10028e023d R12: ffff888014701290 [ 114.238712] R13: ffff8880147010a8 R14: ffffffffffffffff R15: ffff888017987c60 [ 114.239382] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.240370] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.240908] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 114.241565] PKRU: 55555554 [ 114.241830] Call Trace: [ 114.242068] [ 114.242284] iommufd_ioas_destroy+0x53/0x70 [ 114.242738] iommufd_fops_release+0x1f7/0x370 [ 114.243345] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.243821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.244282] ? write_comp_data+0x2f/0x90 [ 114.244672] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.245142] __fput+0x26d/0xa40 [ 114.245466] ____fput+0x1e/0x30 [ 114.245783] task_work_run+0x1a4/0x2d0 [ 114.246157] ? __pfx_task_work_run+0x10/0x10 [ 114.246605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.247068] ? switch_task_namespaces+0xa9/0xe0 [ 114.247529] do_exit+0xb17/0x2ef0 [ 114.247910] ? lock_acquire+0x427/0x4c0 [ 114.248455] ? __pfx_lock_release+0x10/0x10 [ 114.248881] ? __kasan_check_write+0x18/0x20 [ 114.249301] ? do_raw_spin_lock+0x132/0x2a0 [ 114.249708] ? __pfx_do_exit+0x10/0x10 [ 114.250084] ? debug_smp_processor_id+0x20/0x30 [ 114.250566] ? rcu_is_watching+0x19/0xb0 [ 114.250949] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.251394] ? trace_hardirqs_on+0x26/0x120 [ 114.251807] do_group_exit+0xe0/0x2b0 [ 114.252216] __x64_sys_exit_group+0x47/0x50 [ 114.252725] do_syscall_64+0x3b/0x90 [ 114.253150] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.253631] RIP: 0033:0x7f4b87518a4d [ 114.253972] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.254567] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.255270] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.255922] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.256766] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.257425] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.258072] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.258766] [ 114.258981] irq event stamp: 0 [ 114.259281] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.259879] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.260922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.261684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.262260] ---[ end trace 0000000000000000 ]--- [ 114.268663] ------------[ cut here ]------------ [ 114.269180] WARNING: CPU: 1 PID: 1033 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.270133] Modules linked in: [ 114.270415] CPU: 1 PID: 1033 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.271241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.272216] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.272649] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.274375] RSP: 0018:ffff8880218ffbb8 EFLAGS: 00010246 [ 114.274855] RAX: 0000000000000000 RBX: ffff8880208aa0a8 RCX: 0000000000000000 [ 114.275483] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 114.276097] RBP: ffff8880218ffbd0 R08: ffffed1004115433 R09: ffffed1004115433 [ 114.276866] R10: ffff8880208aa193 R11: ffffed1004115432 R12: ffff888014582c00 [ 114.277476] R13: ffff8880208aa1e8 R14: ffffffff8352e670 R15: ffff8880218ffe68 [ 114.278082] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.278799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.279330] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 114.279995] PKRU: 55555554 [ 114.280359] Call Trace: [ 114.280584] [ 114.280782] __iommufd_access_detach+0x1c2/0x2b0 [ 114.281207] iommufd_access_change_pt+0x149/0x270 [ 114.281640] iommufd_access_replace+0xb4/0x120 [ 114.282048] iommufd_test+0x3e5/0x37e0 [ 114.282388] ? lock_release+0x532/0x770 [ 114.282765] ? __might_fault+0x102/0x1b0 [ 114.283136] ? lock_acquire+0x427/0x4c0 [ 114.283495] ? __pfx_iommufd_test+0x10/0x10 [ 114.283871] ? __pfx_lock_release+0x10/0x10 [ 114.284405] ? __pfx_lock_acquire+0x10/0x10 [ 114.284790] ? write_comp_data+0x2f/0x90 [ 114.285155] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.285581] ? write_comp_data+0x2f/0x90 [ 114.285940] iommufd_fops_ioctl+0x37d/0x510 [ 114.286318] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.286765] ? write_comp_data+0x2f/0x90 [ 114.287140] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.287562] __x64_sys_ioctl+0x1a3/0x230 [ 114.288020] do_syscall_64+0x3b/0x90 [ 114.288438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.288889] RIP: 0033:0x7f4b8743ee5d [ 114.289211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.290809] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.291477] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.292257] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.292866] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.293477] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.294089] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.294824] [ 114.295092] irq event stamp: 0 [ 114.295378] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.295921] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.296639] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.297357] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.297896] ---[ end trace 0000000000000000 ]--- [ 114.300863] ------------[ cut here ]------------ [ 114.301293] WARNING: CPU: 1 PID: 1033 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.302352] Modules linked in: [ 114.302674] CPU: 1 PID: 1033 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.303429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.304391] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.304823] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.306610] RSP: 0018:ffff8880218ffbd0 EFLAGS: 00010246 [ 114.307069] RAX: 0000000000000000 RBX: ffff8880208aa0a8 RCX: 0000000000000000 [ 114.307687] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 114.308293] RBP: ffff8880218ffbe8 R08: ffffed1004115433 R09: ffffed1004115433 [ 114.308900] R10: ffff8880208aa193 R11: ffffed1004115432 R12: ffff888010e03c00 [ 114.309664] R13: ffff8880208aa1e8 R14: ffff88800fa31b00 R15: 0000000000000000 [ 114.310271] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.310981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.311498] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 114.312108] PKRU: 55555554 [ 114.312354] Call Trace: [ 114.312575] [ 114.312772] iommufd_access_destroy_object+0x65/0x170 [ 114.313324] iommufd_object_destroy_user+0x18e/0x220 [ 114.313853] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.314358] iommufd_access_destroy+0x43/0x70 [ 114.314781] iommufd_test_staccess_release+0x8d/0xd0 [ 114.315241] __fput+0x26d/0xa40 [ 114.315545] ____fput+0x1e/0x30 [ 114.315840] task_work_run+0x1a4/0x2d0 [ 114.316190] ? __pfx_task_work_run+0x10/0x10 [ 114.316577] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.317036] ? switch_task_namespaces+0xa9/0xe0 [ 114.317598] do_exit+0xb17/0x2ef0 [ 114.317905] ? lock_acquire+0x427/0x4c0 [ 114.318259] ? __pfx_lock_release+0x10/0x10 [ 114.318664] ? __kasan_check_write+0x18/0x20 [ 114.319049] ? do_raw_spin_lock+0x132/0x2a0 [ 114.319432] ? __pfx_do_exit+0x10/0x10 [ 114.319781] ? debug_smp_processor_id+0x20/0x30 [ 114.320186] ? rcu_is_watching+0x19/0xb0 [ 114.320539] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.321041] ? trace_hardirqs_on+0x26/0x120 [ 114.321504] do_group_exit+0xe0/0x2b0 [ 114.321835] __x64_sys_exit_group+0x47/0x50 [ 114.322206] do_syscall_64+0x3b/0x90 [ 114.322558] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.323012] RIP: 0033:0x7f4b87518a4d [ 114.323344] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.323869] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.324560] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.325291] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.325899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.326533] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.327153] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.327772] [ 114.327990] irq event stamp: 0 [ 114.328375] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.328923] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.329638] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.330352] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.330922] ---[ end trace 0000000000000000 ]--- [ 114.331730] ------------[ cut here ]------------ [ 114.332229] WARNING: CPU: 1 PID: 1033 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.333101] Modules linked in: [ 114.333381] CPU: 1 PID: 1033 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.334139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.335220] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.335730] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.337290] RSP: 0018:ffff8880218ffb78 EFLAGS: 00010246 [ 114.337747] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.338358] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 114.339225] RBP: ffff8880218ffb98 R08: ffffed100411543e R09: ffffed100411543e [ 114.339841] R10: ffff8880208aa1ef R11: ffffed100411543d R12: ffff8880208aa290 [ 114.340450] R13: ffff8880208aa0a8 R14: ffffffffffffffff R15: ffff8880218ffc60 [ 114.341055] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.341742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.342417] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 114.343054] PKRU: 55555554 [ 114.343309] Call Trace: [ 114.343536] [ 114.343733] iommufd_ioas_destroy+0x53/0x70 [ 114.344116] iommufd_fops_release+0x1f7/0x370 [ 114.344509] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.344943] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.345372] ? write_comp_data+0x2f/0x90 [ 114.345790] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.346370] __fput+0x26d/0xa40 [ 114.346700] ____fput+0x1e/0x30 [ 114.346994] task_work_run+0x1a4/0x2d0 [ 114.347353] ? __pfx_task_work_run+0x10/0x10 [ 114.347742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.348168] ? switch_task_namespaces+0xa9/0xe0 [ 114.348580] do_exit+0xb17/0x2ef0 [ 114.348879] ? lock_acquire+0x427/0x4c0 [ 114.349232] ? __pfx_lock_release+0x10/0x10 [ 114.349611] ? __kasan_check_write+0x18/0x20 [ 114.350167] ? do_raw_spin_lock+0x132/0x2a0 [ 114.350586] ? __pfx_do_exit+0x10/0x10 [ 114.350936] ? debug_smp_processor_id+0x20/0x30 [ 114.351357] ? rcu_is_watching+0x19/0xb0 [ 114.351713] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.352108] ? trace_hardirqs_on+0x26/0x120 [ 114.352488] do_group_exit+0xe0/0x2b0 [ 114.352820] __x64_sys_exit_group+0x47/0x50 [ 114.353192] do_syscall_64+0x3b/0x90 [ 114.353541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.354200] RIP: 0033:0x7f4b87518a4d [ 114.354573] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.355100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.355761] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.356369] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.356973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.357655] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.358357] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.359004] [ 114.359220] irq event stamp: 0 [ 114.359497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.360041] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.360766] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.361579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.362268] ---[ end trace 0000000000000000 ]--- [ 114.368414] ------------[ cut here ]------------ [ 114.368954] WARNING: CPU: 1 PID: 1034 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.369926] Modules linked in: [ 114.370233] CPU: 1 PID: 1034 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.371022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.372130] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.372700] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.374292] RSP: 0018:ffff8880140cfbb8 EFLAGS: 00010246 [ 114.374988] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 114.375642] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 114.376240] RBP: ffff8880140cfbd0 R08: ffffed100208c133 R09: ffffed100208c133 [ 114.376879] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff88801341c800 [ 114.377701] R13: ffff8880104609e8 R14: ffffffff8352e670 R15: ffff8880140cfe68 [ 114.378302] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.379037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.379542] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 114.380331] PKRU: 55555554 [ 114.380574] Call Trace: [ 114.380804] [ 114.381011] __iommufd_access_detach+0x1c2/0x2b0 [ 114.381432] iommufd_access_change_pt+0x149/0x270 [ 114.381862] iommufd_access_replace+0xb4/0x120 [ 114.382308] iommufd_test+0x3e5/0x37e0 [ 114.382804] ? lock_release+0x532/0x770 [ 114.383197] ? __might_fault+0x102/0x1b0 [ 114.383552] ? lock_acquire+0x427/0x4c0 [ 114.383899] ? __pfx_iommufd_test+0x10/0x10 [ 114.384286] ? __pfx_lock_release+0x10/0x10 [ 114.384662] ? __pfx_lock_acquire+0x10/0x10 [ 114.385051] ? write_comp_data+0x2f/0x90 [ 114.385579] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.385999] ? write_comp_data+0x2f/0x90 [ 114.386380] iommufd_fops_ioctl+0x37d/0x510 [ 114.386782] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.387230] ? write_comp_data+0x2f/0x90 [ 114.387612] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.388078] __x64_sys_ioctl+0x1a3/0x230 [ 114.388557] do_syscall_64+0x3b/0x90 [ 114.388895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.389345] RIP: 0033:0x7f4b8743ee5d [ 114.389693] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.391524] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.392190] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.392801] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.393488] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.394246] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.394892] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.395520] [ 114.395732] irq event stamp: 0 [ 114.396024] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.396696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.397421] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.398148] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.398845] ---[ end trace 0000000000000000 ]--- [ 114.401897] ------------[ cut here ]------------ [ 114.402358] WARNING: CPU: 1 PID: 1034 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.403333] Modules linked in: [ 114.403646] CPU: 1 PID: 1034 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.404606] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.405603] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.406045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.407893] RSP: 0018:ffff8880140cfbd0 EFLAGS: 00010246 [ 114.408362] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 114.409051] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 114.409823] RBP: ffff8880140cfbe8 R08: ffffed100208c133 R09: ffffed100208c133 [ 114.410452] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff888014581c00 [ 114.411131] R13: ffff8880104609e8 R14: ffff88800b8cf800 R15: 0000000000000000 [ 114.411753] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.412705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.413237] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 114.413848] PKRU: 55555554 [ 114.414108] Call Trace: [ 114.414340] [ 114.414565] iommufd_access_destroy_object+0x65/0x170 [ 114.415019] iommufd_object_destroy_user+0x18e/0x220 [ 114.415497] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.416009] iommufd_access_destroy+0x43/0x70 [ 114.416589] iommufd_test_staccess_release+0x8d/0xd0 [ 114.417043] __fput+0x26d/0xa40 [ 114.417369] ____fput+0x1e/0x30 [ 114.417663] task_work_run+0x1a4/0x2d0 [ 114.418008] ? __pfx_task_work_run+0x10/0x10 [ 114.418407] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.418878] ? switch_task_namespaces+0xa9/0xe0 [ 114.419303] do_exit+0xb17/0x2ef0 [ 114.419630] ? lock_acquire+0x427/0x4c0 [ 114.420041] ? __pfx_lock_release+0x10/0x10 [ 114.420603] ? __kasan_check_write+0x18/0x20 [ 114.420997] ? do_raw_spin_lock+0x132/0x2a0 [ 114.421373] ? __pfx_do_exit+0x10/0x10 [ 114.421746] ? debug_smp_processor_id+0x20/0x30 [ 114.422156] ? rcu_is_watching+0x19/0xb0 [ 114.422546] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.422976] ? trace_hardirqs_on+0x26/0x120 [ 114.423371] do_group_exit+0xe0/0x2b0 [ 114.423765] __x64_sys_exit_group+0x47/0x50 [ 114.424278] do_syscall_64+0x3b/0x90 [ 114.424610] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.425091] RIP: 0033:0x7f4b87518a4d [ 114.425417] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.425967] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.426665] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.427344] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.428116] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.428735] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.429362] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.429990] [ 114.430195] irq event stamp: 0 [ 114.430556] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.431251] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.431997] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.432737] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.433282] ---[ end trace 0000000000000000 ]--- [ 114.434104] ------------[ cut here ]------------ [ 114.434759] WARNING: CPU: 1 PID: 1034 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.435657] Modules linked in: [ 114.435961] CPU: 1 PID: 1034 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.436712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.437716] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.438317] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.439961] RSP: 0018:ffff8880140cfb78 EFLAGS: 00010246 [ 114.440457] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.441069] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 114.441891] RBP: ffff8880140cfb98 R08: ffffed100208c13e R09: ffffed100208c13e [ 114.442563] R10: ffff8880104609ef R11: ffffed100208c13d R12: ffff888010460a90 [ 114.443188] R13: ffff8880104608a8 R14: ffffffffffffffff R15: ffff8880140cfc60 [ 114.443826] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.444539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.445085] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 114.445845] PKRU: 55555554 [ 114.446089] Call Trace: [ 114.446310] [ 114.446544] iommufd_ioas_destroy+0x53/0x70 [ 114.446951] iommufd_fops_release+0x1f7/0x370 [ 114.447361] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.447823] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.448253] ? write_comp_data+0x2f/0x90 [ 114.448614] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.449225] __fput+0x26d/0xa40 [ 114.449537] ____fput+0x1e/0x30 [ 114.449831] task_work_run+0x1a4/0x2d0 [ 114.450197] ? __pfx_task_work_run+0x10/0x10 [ 114.450617] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.451062] ? switch_task_namespaces+0xa9/0xe0 [ 114.451496] do_exit+0xb17/0x2ef0 [ 114.451798] ? lock_acquire+0x427/0x4c0 [ 114.452168] ? __pfx_lock_release+0x10/0x10 [ 114.452551] ? __kasan_check_write+0x18/0x20 [ 114.453083] ? do_raw_spin_lock+0x132/0x2a0 [ 114.453477] ? __pfx_do_exit+0x10/0x10 [ 114.453822] ? debug_smp_processor_id+0x20/0x30 [ 114.454225] ? rcu_is_watching+0x19/0xb0 [ 114.454637] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.455036] ? trace_hardirqs_on+0x26/0x120 [ 114.455447] do_group_exit+0xe0/0x2b0 [ 114.455780] __x64_sys_exit_group+0x47/0x50 [ 114.456152] do_syscall_64+0x3b/0x90 [ 114.456573] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.457128] RIP: 0033:0x7f4b87518a4d [ 114.457452] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.458009] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.458707] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.459333] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.459966] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.460757] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.461382] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.462023] [ 114.462228] irq event stamp: 0 [ 114.462502] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.463100] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.463861] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.464705] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.465270] ---[ end trace 0000000000000000 ]--- [ 114.469559] ------------[ cut here ]------------ [ 114.470046] WARNING: CPU: 1 PID: 1035 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.471220] Modules linked in: [ 114.471501] CPU: 1 PID: 1035 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.472268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.473241] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.473669] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.475461] RSP: 0018:ffff8880218ffbb8 EFLAGS: 00010246 [ 114.475920] RAX: 0000000000000000 RBX: ffff88801439b0a8 RCX: 0000000000000000 [ 114.476559] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 114.477190] RBP: ffff8880218ffbd0 R08: ffffed1002873633 R09: ffffed1002873633 [ 114.477996] R10: ffff88801439b193 R11: ffffed1002873632 R12: ffff88800f29c800 [ 114.478653] R13: ffff88801439b1e8 R14: ffffffff8352e670 R15: ffff8880218ffe68 [ 114.479268] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.479968] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.480466] CR2: 00007f4b877410e8 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 114.481250] PKRU: 55555554 [ 114.481497] Call Trace: [ 114.481737] [ 114.481934] __iommufd_access_detach+0x1c2/0x2b0 [ 114.482353] iommufd_access_change_pt+0x149/0x270 [ 114.482827] iommufd_access_replace+0xb4/0x120 [ 114.483243] iommufd_test+0x3e5/0x37e0 [ 114.483577] ? lock_release+0x532/0x770 [ 114.483946] ? __might_fault+0x102/0x1b0 [ 114.484317] ? lock_acquire+0x427/0x4c0 [ 114.484817] ? __pfx_iommufd_test+0x10/0x10 [ 114.485205] ? __pfx_lock_release+0x10/0x10 [ 114.485579] ? __pfx_lock_acquire+0x10/0x10 [ 114.485970] ? write_comp_data+0x2f/0x90 [ 114.486331] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.486780] ? write_comp_data+0x2f/0x90 [ 114.487178] iommufd_fops_ioctl+0x37d/0x510 [ 114.487559] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.488002] ? write_comp_data+0x2f/0x90 [ 114.488537] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.488955] __x64_sys_ioctl+0x1a3/0x230 [ 114.489340] do_syscall_64+0x3b/0x90 [ 114.489670] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.490115] RIP: 0033:0x7f4b8743ee5d [ 114.490449] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.492265] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.492933] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.493539] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.494159] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.494953] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.495572] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.496201] [ 114.496399] irq event stamp: 0 [ 114.496663] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.497216] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.498050] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.498866] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.499435] ---[ end trace 0000000000000000 ]--- [ 114.502647] ------------[ cut here ]------------ [ 114.503085] WARNING: CPU: 1 PID: 1035 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.503999] Modules linked in: [ 114.504274] CPU: 1 PID: 1035 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.505190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.506156] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.506620] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.508264] RSP: 0018:ffff8880218ffbd0 EFLAGS: 00010246 [ 114.508896] RAX: 0000000000000000 RBX: ffff88801439b0a8 RCX: 0000000000000000 [ 114.509514] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 114.510148] RBP: ffff8880218ffbe8 R08: ffffed1002873633 R09: ffffed1002873633 [ 114.510800] R10: ffff88801439b193 R11: ffffed1002873632 R12: ffff888010827000 [ 114.511445] R13: ffff88801439b1e8 R14: ffff888020959000 R15: 0000000000000000 [ 114.512265] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.512949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.513462] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 114.514070] PKRU: 55555554 [ 114.514312] Call Trace: [ 114.514591] [ 114.514793] iommufd_access_destroy_object+0x65/0x170 [ 114.515252] iommufd_object_destroy_user+0x18e/0x220 [ 114.515814] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.516407] iommufd_access_destroy+0x43/0x70 [ 114.516823] iommufd_test_staccess_release+0x8d/0xd0 [ 114.517264] __fput+0x26d/0xa40 [ 114.517560] ____fput+0x1e/0x30 [ 114.517870] task_work_run+0x1a4/0x2d0 [ 114.518214] ? __pfx_task_work_run+0x10/0x10 [ 114.518634] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.519233] ? switch_task_namespaces+0xa9/0xe0 [ 114.519651] do_exit+0xb17/0x2ef0 [ 114.519971] ? lock_acquire+0x427/0x4c0 [ 114.520324] ? __pfx_lock_release+0x10/0x10 [ 114.520702] ? __kasan_check_write+0x18/0x20 [ 114.521101] ? do_raw_spin_lock+0x132/0x2a0 [ 114.521477] ? __pfx_do_exit+0x10/0x10 [ 114.521818] ? debug_smp_processor_id+0x20/0x30 [ 114.522236] ? rcu_is_watching+0x19/0xb0 [ 114.522772] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.523209] ? trace_hardirqs_on+0x26/0x120 [ 114.523588] do_group_exit+0xe0/0x2b0 [ 114.523916] __x64_sys_exit_group+0x47/0x50 [ 114.524305] do_syscall_64+0x3b/0x90 [ 114.524628] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.525069] RIP: 0033:0x7f4b87518a4d [ 114.525404] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.526020] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.526789] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.527413] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.528035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.528651] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.529296] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.530042] [ 114.530245] irq event stamp: 0 [ 114.530556] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.531125] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.531854] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.532559] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.533268] ---[ end trace 0000000000000000 ]--- [ 114.534091] ------------[ cut here ]------------ [ 114.534563] WARNING: CPU: 1 PID: 1035 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.535488] Modules linked in: [ 114.535769] CPU: 1 PID: 1035 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.536701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.537691] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.538137] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.539967] RSP: 0018:ffff8880218ffb78 EFLAGS: 00010246 [ 114.540437] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.541068] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 114.541701] RBP: ffff8880218ffb98 R08: ffffed100287363e R09: ffffed100287363e [ 114.542311] R10: ffff88801439b1ef R11: ffffed100287363d R12: ffff88801439b290 [ 114.543057] R13: ffff88801439b0a8 R14: ffffffffffffffff R15: ffff8880218ffc60 [ 114.543739] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.544444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.544961] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 114.545575] PKRU: 55555554 [ 114.545821] Call Trace: [ 114.546063] [ 114.546278] iommufd_ioas_destroy+0x53/0x70 [ 114.546826] iommufd_fops_release+0x1f7/0x370 [ 114.547259] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.547696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.548125] ? write_comp_data+0x2f/0x90 [ 114.548504] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.548937] __fput+0x26d/0xa40 [ 114.549240] ____fput+0x1e/0x30 [ 114.549554] task_work_run+0x1a4/0x2d0 [ 114.549901] ? __pfx_task_work_run+0x10/0x10 [ 114.550448] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.550909] ? switch_task_namespaces+0xa9/0xe0 [ 114.551334] do_exit+0xb17/0x2ef0 [ 114.551662] ? lock_acquire+0x427/0x4c0 [ 114.552019] ? __pfx_lock_release+0x10/0x10 [ 114.552401] ? __kasan_check_write+0x18/0x20 [ 114.552804] ? do_raw_spin_lock+0x132/0x2a0 [ 114.553179] ? __pfx_do_exit+0x10/0x10 [ 114.553530] ? debug_smp_processor_id+0x20/0x30 [ 114.554106] ? rcu_is_watching+0x19/0xb0 [ 114.554474] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.554947] ? trace_hardirqs_on+0x26/0x120 [ 114.555345] do_group_exit+0xe0/0x2b0 [ 114.555679] __x64_sys_exit_group+0x47/0x50 [ 114.556075] do_syscall_64+0x3b/0x90 [ 114.556408] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.556864] RIP: 0033:0x7f4b87518a4d [ 114.557204] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.557869] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.558571] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.559206] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.559818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.560444] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.561054] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.561899] [ 114.562106] irq event stamp: 0 [ 114.562391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.562972] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.563726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.564447] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.565012] ---[ end trace 0000000000000000 ]--- [ 114.570266] ------------[ cut here ]------------ [ 114.570773] WARNING: CPU: 1 PID: 1036 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.571680] Modules linked in: [ 114.571958] CPU: 1 PID: 1036 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.573065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.574059] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.574493] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.576306] RSP: 0018:ffff8880144b7bb8 EFLAGS: 00010246 [ 114.576789] RAX: 0000000000000000 RBX: ffff888016faf0a8 RCX: 0000000000000000 [ 114.577395] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 114.578026] RBP: ffff8880144b7bd0 R08: ffffed1002df5e33 R09: ffffed1002df5e33 [ 114.578664] R10: ffff888016faf193 R11: ffffed1002df5e32 R12: ffff888010e03400 [ 114.579482] R13: ffff888016faf1e8 R14: ffffffff8352e670 R15: ffff8880144b7e68 [ 114.580117] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.580799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.581317] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 114.581996] PKRU: 55555554 [ 114.582326] Call Trace: [ 114.582616] [ 114.582821] __iommufd_access_detach+0x1c2/0x2b0 [ 114.583286] iommufd_access_change_pt+0x149/0x270 [ 114.583720] iommufd_access_replace+0xb4/0x120 [ 114.584130] iommufd_test+0x3e5/0x37e0 [ 114.584471] ? lock_release+0x532/0x770 [ 114.584858] ? __might_fault+0x102/0x1b0 [ 114.585326] ? lock_acquire+0x427/0x4c0 [ 114.585683] ? __pfx_iommufd_test+0x10/0x10 [ 114.586056] ? __pfx_lock_release+0x10/0x10 [ 114.586436] ? __pfx_lock_acquire+0x10/0x10 [ 114.586841] ? write_comp_data+0x2f/0x90 [ 114.587213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.587642] ? write_comp_data+0x2f/0x90 [ 114.588076] iommufd_fops_ioctl+0x37d/0x510 [ 114.588515] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.588944] ? write_comp_data+0x2f/0x90 [ 114.589307] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.589727] __x64_sys_ioctl+0x1a3/0x230 [ 114.590093] do_syscall_64+0x3b/0x90 [ 114.590430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.590907] RIP: 0033:0x7f4b8743ee5d [ 114.591245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.592808] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.593464] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.594256] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.594913] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.595540] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.596147] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.596771] [ 114.596974] irq event stamp: 0 [ 114.597352] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.597939] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.598683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.599411] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.599956] ---[ end trace 0000000000000000 ]--- [ 114.603017] ------------[ cut here ]------------ [ 114.603476] WARNING: CPU: 1 PID: 1036 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.604437] Modules linked in: [ 114.604764] CPU: 1 PID: 1036 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.605515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.606480] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.606969] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.608703] RSP: 0018:ffff8880144b7bd0 EFLAGS: 00010246 [ 114.609165] RAX: 0000000000000000 RBX: ffff888016faf0a8 RCX: 0000000000000000 [ 114.609772] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 114.610380] RBP: ffff8880144b7be8 R08: ffffed1002df5e33 R09: ffffed1002df5e33 [ 114.611033] R10: ffff888016faf193 R11: ffffed1002df5e32 R12: ffff88800f29fc00 [ 114.611772] R13: ffff888016faf1e8 R14: ffff888020a46500 R15: 0000000000000000 [ 114.612389] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.613079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.613573] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 114.614183] PKRU: 55555554 [ 114.614471] Call Trace: [ 114.614785] [ 114.615092] iommufd_access_destroy_object+0x65/0x170 [ 114.615554] iommufd_object_destroy_user+0x18e/0x220 [ 114.616000] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.616508] iommufd_access_destroy+0x43/0x70 [ 114.616910] iommufd_test_staccess_release+0x8d/0xd0 [ 114.617365] __fput+0x26d/0xa40 [ 114.617675] ____fput+0x1e/0x30 [ 114.617976] task_work_run+0x1a4/0x2d0 [ 114.618414] ? __pfx_task_work_run+0x10/0x10 [ 114.618926] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.619374] ? switch_task_namespaces+0xa9/0xe0 [ 114.619789] do_exit+0xb17/0x2ef0 [ 114.620093] ? lock_acquire+0x427/0x4c0 [ 114.620449] ? __pfx_lock_release+0x10/0x10 [ 114.620826] ? __kasan_check_write+0x18/0x20 [ 114.621211] ? do_raw_spin_lock+0x132/0x2a0 [ 114.621593] ? __pfx_do_exit+0x10/0x10 [ 114.621981] ? debug_smp_processor_id+0x20/0x30 [ 114.622568] ? rcu_is_watching+0x19/0xb0 [ 114.622925] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.623333] ? trace_hardirqs_on+0x26/0x120 [ 114.623716] do_group_exit+0xe0/0x2b0 [ 114.624051] __x64_sys_exit_group+0x47/0x50 [ 114.624425] do_syscall_64+0x3b/0x90 [ 114.624760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.625218] RIP: 0033:0x7f4b87518a4d [ 114.625546] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.626254] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.626950] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.627573] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.628183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.628797] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.629411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.630194] [ 114.630402] irq event stamp: 0 [ 114.630704] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.631258] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.631977] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.632695] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.633245] ---[ end trace 0000000000000000 ]--- [ 114.634177] ------------[ cut here ]------------ [ 114.634672] WARNING: CPU: 1 PID: 1036 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.635561] Modules linked in: [ 114.635847] CPU: 1 PID: 1036 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.636603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.637717] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.638161] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.639763] RSP: 0018:ffff8880144b7b78 EFLAGS: 00010246 [ 114.640236] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.640873] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 114.641596] RBP: ffff8880144b7b98 R08: ffffed1002df5e3e R09: ffffed1002df5e3e [ 114.642203] R10: ffff888016faf1ef R11: ffffed1002df5e3d R12: ffff888016faf290 [ 114.642834] R13: ffff888016faf0a8 R14: ffffffffffffffff R15: ffff8880144b7c60 [ 114.643452] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.644130] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.644773] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 114.645387] PKRU: 55555554 [ 114.645627] Call Trace: [ 114.645844] [ 114.646037] iommufd_ioas_destroy+0x53/0x70 [ 114.646410] iommufd_fops_release+0x1f7/0x370 [ 114.646825] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.647276] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.647698] ? write_comp_data+0x2f/0x90 [ 114.648122] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.648622] __fput+0x26d/0xa40 [ 114.648917] ____fput+0x1e/0x30 [ 114.649206] task_work_run+0x1a4/0x2d0 [ 114.649546] ? __pfx_task_work_run+0x10/0x10 [ 114.649927] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.650348] ? switch_task_namespaces+0xa9/0xe0 [ 114.650782] do_exit+0xb17/0x2ef0 [ 114.651081] ? lock_acquire+0x427/0x4c0 [ 114.651443] ? __pfx_lock_release+0x10/0x10 [ 114.651907] ? __kasan_check_write+0x18/0x20 [ 114.652367] ? do_raw_spin_lock+0x132/0x2a0 [ 114.652736] ? __pfx_do_exit+0x10/0x10 [ 114.653083] ? debug_smp_processor_id+0x20/0x30 [ 114.653485] ? rcu_is_watching+0x19/0xb0 [ 114.653834] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.654227] ? trace_hardirqs_on+0x26/0x120 [ 114.654634] do_group_exit+0xe0/0x2b0 [ 114.654964] __x64_sys_exit_group+0x47/0x50 [ 114.655344] do_syscall_64+0x3b/0x90 [ 114.655768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.656270] RIP: 0033:0x7f4b87518a4d [ 114.656585] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.657101] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.657744] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.658349] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.659155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.659763] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.660368] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.660976] [ 114.661175] irq event stamp: 0 [ 114.661445] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.662020] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.662863] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.663579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.664115] ---[ end trace 0000000000000000 ]--- [ 114.668359] ------------[ cut here ]------------ [ 114.668800] WARNING: CPU: 1 PID: 1037 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.669661] Modules linked in: [ 114.670021] CPU: 1 PID: 1037 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.670760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.671677] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.672081] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.673705] RSP: 0018:ffff88800f167bb8 EFLAGS: 00010246 [ 114.674137] RAX: 0000000000000000 RBX: ffff8880140c80a8 RCX: 0000000000000000 [ 114.674758] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 114.675348] RBP: ffff88800f167bd0 R08: ffffed1002819033 R09: ffffed1002819033 [ 114.675925] R10: ffff8880140c8193 R11: ffffed1002819032 R12: ffff88801580bc00 [ 114.676577] R13: ffff8880140c81e8 R14: ffffffff8352e670 R15: ffff88800f167e68 [ 114.677208] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.677856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.678325] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ee0 [ 114.678922] PKRU: 55555554 [ 114.679180] Call Trace: [ 114.679391] [ 114.679579] __iommufd_access_detach+0x1c2/0x2b0 [ 114.679985] iommufd_access_change_pt+0x149/0x270 [ 114.680461] iommufd_access_replace+0xb4/0x120 [ 114.680895] iommufd_test+0x3e5/0x37e0 [ 114.681216] ? lock_release+0x532/0x770 [ 114.681556] ? __might_fault+0x102/0x1b0 [ 114.681898] ? lock_acquire+0x427/0x4c0 [ 114.682237] ? __pfx_iommufd_test+0x10/0x10 [ 114.682649] ? __pfx_lock_release+0x10/0x10 [ 114.683066] ? __pfx_lock_acquire+0x10/0x10 [ 114.683442] ? write_comp_data+0x2f/0x90 [ 114.683783] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.684197] ? write_comp_data+0x2f/0x90 [ 114.684541] iommufd_fops_ioctl+0x37d/0x510 [ 114.684903] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.685309] ? write_comp_data+0x2f/0x90 [ 114.685770] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.686173] __x64_sys_ioctl+0x1a3/0x230 [ 114.686565] do_syscall_64+0x3b/0x90 [ 114.686883] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.687325] RIP: 0033:0x7f4b8743ee5d [ 114.687629] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.689264] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.689885] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.690473] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.691222] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.691809] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.692388] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.692975] [ 114.693169] irq event stamp: 0 [ 114.693479] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.694064] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.694771] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.695466] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.695983] ---[ end trace 0000000000000000 ]--- [ 114.698966] ------------[ cut here ]------------ [ 114.699413] WARNING: CPU: 1 PID: 1037 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.700269] Modules linked in: [ 114.700605] CPU: 1 PID: 1037 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.701402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.702355] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.702813] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.704515] RSP: 0018:ffff88800f167bd0 EFLAGS: 00010246 [ 114.704966] RAX: 0000000000000000 RBX: ffff8880140c80a8 RCX: 0000000000000000 [ 114.705566] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 114.706208] RBP: ffff88800f167be8 R08: ffffed1002819033 R09: ffffed1002819033 [ 114.706906] R10: ffff8880140c8193 R11: ffffed1002819032 R12: ffff888010e02400 [ 114.707526] R13: ffff8880140c81e8 R14: ffff88802094e700 R15: 0000000000000000 [ 114.708126] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.708879] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.709436] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 114.710041] PKRU: 55555554 [ 114.710284] Call Trace: [ 114.710529] [ 114.710726] iommufd_access_destroy_object+0x65/0x170 [ 114.711186] iommufd_object_destroy_user+0x18e/0x220 [ 114.711625] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.712256] iommufd_access_destroy+0x43/0x70 [ 114.712649] iommufd_test_staccess_release+0x8d/0xd0 [ 114.713097] __fput+0x26d/0xa40 [ 114.713398] ____fput+0x1e/0x30 [ 114.713687] task_work_run+0x1a4/0x2d0 [ 114.714027] ? __pfx_task_work_run+0x10/0x10 [ 114.714558] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.714992] ? switch_task_namespaces+0xa9/0xe0 [ 114.715421] do_exit+0xb17/0x2ef0 [ 114.715731] ? lock_acquire+0x427/0x4c0 [ 114.716088] ? __pfx_lock_release+0x10/0x10 [ 114.716476] ? __kasan_check_write+0x18/0x20 [ 114.716864] ? do_raw_spin_lock+0x132/0x2a0 [ 114.717258] ? __pfx_do_exit+0x10/0x10 [ 114.717709] ? debug_smp_processor_id+0x20/0x30 [ 114.718119] ? rcu_is_watching+0x19/0xb0 [ 114.718475] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.718902] ? trace_hardirqs_on+0x26/0x120 [ 114.719299] do_group_exit+0xe0/0x2b0 [ 114.719636] __x64_sys_exit_group+0x47/0x50 [ 114.720009] do_syscall_64+0x3b/0x90 [ 114.720466] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.720929] RIP: 0033:0x7f4b87518a4d [ 114.721255] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.721784] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.722438] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.723235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.723858] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.724478] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.725092] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.725831] [ 114.726038] irq event stamp: 0 [ 114.726311] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.726882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.727610] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.728344] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.728931] ---[ end trace 0000000000000000 ]--- [ 114.729670] ------------[ cut here ]------------ [ 114.730078] WARNING: CPU: 1 PID: 1037 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.730966] Modules linked in: [ 114.731256] CPU: 1 PID: 1037 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.732002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.732962] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.733400] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.734960] RSP: 0018:ffff88800f167b78 EFLAGS: 00010246 [ 114.735436] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.736040] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 114.736663] RBP: ffff88800f167b98 R08: ffffed100281903e R09: ffffed100281903e [ 114.737271] R10: ffff8880140c81ef R11: ffffed100281903d R12: ffff8880140c8290 [ 114.737875] R13: ffff8880140c80a8 R14: ffffffffffffffff R15: ffff88800f167c60 [ 114.738478] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 114.739183] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.739678] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 114.740290] PKRU: 55555554 [ 114.740533] Call Trace: [ 114.740751] [ 114.740946] iommufd_ioas_destroy+0x53/0x70 [ 114.741321] iommufd_fops_release+0x1f7/0x370 [ 114.741709] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.742139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.742579] ? write_comp_data+0x2f/0x90 [ 114.742939] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.743376] __fput+0x26d/0xa40 [ 114.743673] ____fput+0x1e/0x30 [ 114.743958] task_work_run+0x1a4/0x2d0 [ 114.744295] ? __pfx_task_work_run+0x10/0x10 [ 114.744664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.745061] ? switch_task_namespaces+0xa9/0xe0 [ 114.745449] do_exit+0xb17/0x2ef0 [ 114.745724] ? lock_acquire+0x427/0x4c0 [ 114.746047] ? __pfx_lock_release+0x10/0x10 [ 114.746394] ? __kasan_check_write+0x18/0x20 [ 114.746766] ? do_raw_spin_lock+0x132/0x2a0 [ 114.747130] ? __pfx_do_exit+0x10/0x10 [ 114.747458] ? debug_smp_processor_id+0x20/0x30 [ 114.747841] ? rcu_is_watching+0x19/0xb0 [ 114.748172] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.748544] ? trace_hardirqs_on+0x26/0x120 [ 114.748892] do_group_exit+0xe0/0x2b0 [ 114.749191] __x64_sys_exit_group+0x47/0x50 [ 114.749534] do_syscall_64+0x3b/0x90 [ 114.749835] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.750250] RIP: 0033:0x7f4b87518a4d [ 114.750561] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.751052] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.751668] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.752236] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.752812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.753387] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.753953] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.754548] [ 114.754743] irq event stamp: 0 [ 114.755001] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.755514] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.756172] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.756827] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.757318] ---[ end trace 0000000000000000 ]--- [ 114.761202] ------------[ cut here ]------------ [ 114.761650] WARNING: CPU: 0 PID: 1038 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.762615] Modules linked in: [ 114.762896] CPU: 0 PID: 1038 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.763665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.764638] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.765075] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.766680] RSP: 0018:ffff888024667bb8 EFLAGS: 00010246 [ 114.767203] RAX: 0000000000000000 RBX: ffff8880160990a8 RCX: 0000000000000000 [ 114.767825] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 114.768442] RBP: ffff888024667bd0 R08: ffffed1002c13233 R09: ffffed1002c13233 [ 114.769060] R10: ffff888016099193 R11: ffffed1002c13232 R12: ffff88801226d400 [ 114.769675] R13: ffff8880160991e8 R14: ffffffff8352e670 R15: ffff888024667e68 [ 114.770293] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.771023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.771553] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ef0 [ 114.772170] PKRU: 55555554 [ 114.772416] Call Trace: [ 114.772641] [ 114.772843] __iommufd_access_detach+0x1c2/0x2b0 [ 114.773272] iommufd_access_change_pt+0x149/0x270 [ 114.773701] iommufd_access_replace+0xb4/0x120 [ 114.774109] iommufd_test+0x3e5/0x37e0 [ 114.774449] ? lock_release+0x532/0x770 [ 114.774826] ? __might_fault+0x102/0x1b0 [ 114.775197] ? lock_acquire+0x427/0x4c0 [ 114.775557] ? __pfx_iommufd_test+0x10/0x10 [ 114.775934] ? __pfx_lock_release+0x10/0x10 [ 114.776324] ? __pfx_lock_acquire+0x10/0x10 [ 114.776716] ? write_comp_data+0x2f/0x90 [ 114.777081] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.777512] ? write_comp_data+0x2f/0x90 [ 114.777885] iommufd_fops_ioctl+0x37d/0x510 [ 114.778274] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.778751] ? write_comp_data+0x2f/0x90 [ 114.779140] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.779577] __x64_sys_ioctl+0x1a3/0x230 [ 114.779948] do_syscall_64+0x3b/0x90 [ 114.780286] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.780752] RIP: 0033:0x7f4b8743ee5d [ 114.781156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.782774] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.783453] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.784073] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.784693] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.785309] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.785926] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.786607] [ 114.786825] irq event stamp: 0 [ 114.787125] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.787717] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.788489] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.789246] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.789816] ---[ end trace 0000000000000000 ]--- [ 114.793008] ------------[ cut here ]------------ [ 114.793488] WARNING: CPU: 0 PID: 1038 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.794400] Modules linked in: [ 114.794733] CPU: 0 PID: 1038 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.795541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.796570] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.797023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.798704] RSP: 0018:ffff888024667bd0 EFLAGS: 00010246 [ 114.799223] RAX: 0000000000000000 RBX: ffff8880160990a8 RCX: 0000000000000000 [ 114.799873] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 114.800512] RBP: ffff888024667be8 R08: ffffed1002c13233 R09: ffffed1002c13233 [ 114.801157] R10: ffff888016099193 R11: ffffed1002c13232 R12: ffff88800ba2e000 [ 114.801804] R13: ffff8880160991e8 R14: ffff88801706c500 R15: 0000000000000000 [ 114.802459] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.803229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.803765] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 114.804416] PKRU: 55555554 [ 114.804674] Call Trace: [ 114.804907] [ 114.805115] iommufd_access_destroy_object+0x65/0x170 [ 114.805601] iommufd_object_destroy_user+0x18e/0x220 [ 114.806068] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.806634] iommufd_access_destroy+0x43/0x70 [ 114.807062] iommufd_test_staccess_release+0x8d/0xd0 [ 114.807551] __fput+0x26d/0xa40 [ 114.807869] ____fput+0x1e/0x30 [ 114.808174] task_work_run+0x1a4/0x2d0 [ 114.808535] ? __pfx_task_work_run+0x10/0x10 [ 114.808943] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.809393] ? switch_task_namespaces+0xa9/0xe0 [ 114.809836] do_exit+0xb17/0x2ef0 [ 114.810166] ? lock_acquire+0x427/0x4c0 [ 114.810582] ? __pfx_lock_release+0x10/0x10 [ 114.810996] ? __kasan_check_write+0x18/0x20 [ 114.811425] ? do_raw_spin_lock+0x132/0x2a0 [ 114.811828] ? __pfx_do_exit+0x10/0x10 [ 114.812201] ? debug_smp_processor_id+0x20/0x30 [ 114.812639] ? rcu_is_watching+0x19/0xb0 [ 114.813086] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.813512] ? trace_hardirqs_on+0x26/0x120 [ 114.813914] do_group_exit+0xe0/0x2b0 [ 114.814264] __x64_sys_exit_group+0x47/0x50 [ 114.814700] do_syscall_64+0x3b/0x90 [ 114.815068] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.815602] RIP: 0033:0x7f4b87518a4d [ 114.815958] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.816536] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.817254] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.817919] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.818617] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.819301] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.819965] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.820641] [ 114.820867] irq event stamp: 0 [ 114.821167] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.821775] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.822613] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.823450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.824073] ---[ end trace 0000000000000000 ]--- [ 114.824899] ------------[ cut here ]------------ [ 114.825370] WARNING: CPU: 0 PID: 1038 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.826355] Modules linked in: [ 114.826714] CPU: 0 PID: 1038 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.827583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.828657] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.829147] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.830917] RSP: 0018:ffff888024667b78 EFLAGS: 00010246 [ 114.831480] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.832168] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 114.832860] RBP: ffff888024667b98 R08: ffffed1002c1323e R09: ffffed1002c1323e [ 114.833553] R10: ffff8880160991ef R11: ffffed1002c1323d R12: ffff888016099290 [ 114.834237] R13: ffff8880160990a8 R14: ffffffffffffffff R15: ffff888024667c60 [ 114.834950] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.835756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.836351] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 114.837030] PKRU: 55555554 [ 114.837302] Call Trace: [ 114.837551] [ 114.837778] iommufd_ioas_destroy+0x53/0x70 [ 114.838232] iommufd_fops_release+0x1f7/0x370 [ 114.838723] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.839239] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.839726] ? write_comp_data+0x2f/0x90 [ 114.840122] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.840606] __fput+0x26d/0xa40 [ 114.840939] ____fput+0x1e/0x30 [ 114.841267] task_work_run+0x1a4/0x2d0 [ 114.841654] ? __pfx_task_work_run+0x10/0x10 [ 114.842082] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.842583] ? switch_task_namespaces+0xa9/0xe0 [ 114.843042] do_exit+0xb17/0x2ef0 [ 114.843391] ? lock_acquire+0x427/0x4c0 [ 114.843786] ? __pfx_lock_release+0x10/0x10 [ 114.844207] ? __kasan_check_write+0x18/0x20 [ 114.844637] ? do_raw_spin_lock+0x132/0x2a0 [ 114.845126] ? __pfx_do_exit+0x10/0x10 [ 114.845516] ? debug_smp_processor_id+0x20/0x30 [ 114.845973] ? rcu_is_watching+0x19/0xb0 [ 114.846373] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.846860] ? trace_hardirqs_on+0x26/0x120 [ 114.847300] do_group_exit+0xe0/0x2b0 [ 114.847673] __x64_sys_exit_group+0x47/0x50 [ 114.848086] do_syscall_64+0x3b/0x90 [ 114.848462] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.848976] RIP: 0033:0x7f4b87518a4d [ 114.849339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.849941] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.850731] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.851427] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.852109] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.852787] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.853467] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.854161] [ 114.854388] irq event stamp: 0 [ 114.854723] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.855362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.856160] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.856949] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.857545] ---[ end trace 0000000000000000 ]--- [ 114.864204] ------------[ cut here ]------------ [ 114.864815] WARNING: CPU: 0 PID: 1039 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.866011] Modules linked in: [ 114.866399] CPU: 0 PID: 1039 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.867853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.869182] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.869780] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.871949] RSP: 0018:ffff88800f167bb8 EFLAGS: 00010246 [ 114.872589] RAX: 0000000000000000 RBX: ffff888015d2e0a8 RCX: 0000000000000000 [ 114.873428] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 114.874263] RBP: ffff88800f167bd0 R08: ffffed1002ba5c33 R09: ffffed1002ba5c33 [ 114.875186] R10: ffff888015d2e193 R11: ffffed1002ba5c32 R12: ffff88800fcb1c00 [ 114.875920] R13: ffff888015d2e1e8 R14: ffffffff8352e670 R15: ffff88800f167e68 [ 114.876592] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.877403] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.877945] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ef0 [ 114.878656] PKRU: 55555554 [ 114.878929] Call Trace: [ 114.879183] [ 114.879398] __iommufd_access_detach+0x1c2/0x2b0 [ 114.879863] iommufd_access_change_pt+0x149/0x270 [ 114.880327] iommufd_access_replace+0xb4/0x120 [ 114.880770] iommufd_test+0x3e5/0x37e0 [ 114.881143] ? lock_release+0x532/0x770 [ 114.881526] ? __might_fault+0x102/0x1b0 [ 114.881916] ? lock_acquire+0x427/0x4c0 [ 114.882306] ? __pfx_iommufd_test+0x10/0x10 [ 114.882748] ? __pfx_lock_release+0x10/0x10 [ 114.883182] ? __pfx_lock_acquire+0x10/0x10 [ 114.883608] ? write_comp_data+0x2f/0x90 [ 114.884010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.884478] ? write_comp_data+0x2f/0x90 [ 114.884873] iommufd_fops_ioctl+0x37d/0x510 [ 114.885292] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.885768] ? write_comp_data+0x2f/0x90 [ 114.886175] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.886665] __x64_sys_ioctl+0x1a3/0x230 [ 114.887070] do_syscall_64+0x3b/0x90 [ 114.887452] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.887954] RIP: 0033:0x7f4b8743ee5d [ 114.888308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.890030] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.890785] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.891473] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.892148] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.892821] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.893499] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.894180] [ 114.894403] irq event stamp: 0 [ 114.894727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.895360] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.896149] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.896938] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.897541] ---[ end trace 0000000000000000 ]--- [ 114.900509] ------------[ cut here ]------------ [ 114.900992] WARNING: CPU: 0 PID: 1039 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.901949] Modules linked in: [ 114.902252] CPU: 0 PID: 1039 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.903128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.904199] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.904669] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.906407] RSP: 0018:ffff88800f167bd0 EFLAGS: 00010246 [ 114.906933] RAX: 0000000000000000 RBX: ffff888015d2e0a8 RCX: 0000000000000000 [ 114.907624] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 114.908296] RBP: ffff88800f167be8 R08: ffffed1002ba5c33 R09: ffffed1002ba5c33 [ 114.909050] R10: ffff888015d2e193 R11: ffffed1002ba5c32 R12: ffff88801226c800 [ 114.909741] R13: ffff888015d2e1e8 R14: ffff8880143c9300 R15: 0000000000000000 [ 114.910418] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.911230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.911796] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 114.912478] PKRU: 55555554 [ 114.912746] Call Trace: [ 114.912989] [ 114.913205] iommufd_access_destroy_object+0x65/0x170 [ 114.913705] iommufd_object_destroy_user+0x18e/0x220 [ 114.914206] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 114.914804] iommufd_access_destroy+0x43/0x70 [ 114.915274] iommufd_test_staccess_release+0x8d/0xd0 [ 114.915797] __fput+0x26d/0xa40 [ 114.916138] ____fput+0x1e/0x30 [ 114.916475] task_work_run+0x1a4/0x2d0 [ 114.916877] ? __pfx_task_work_run+0x10/0x10 [ 114.917323] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.917813] ? switch_task_namespaces+0xa9/0xe0 [ 114.918283] do_exit+0xb17/0x2ef0 [ 114.918677] ? lock_acquire+0x427/0x4c0 [ 114.919092] ? __pfx_lock_release+0x10/0x10 [ 114.919545] ? __kasan_check_write+0x18/0x20 [ 114.919993] ? do_raw_spin_lock+0x132/0x2a0 [ 114.920423] ? __pfx_do_exit+0x10/0x10 [ 114.920823] ? debug_smp_processor_id+0x20/0x30 [ 114.921292] ? rcu_is_watching+0x19/0xb0 [ 114.921701] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.922161] ? trace_hardirqs_on+0x26/0x120 [ 114.922635] do_group_exit+0xe0/0x2b0 [ 114.923019] __x64_sys_exit_group+0x47/0x50 [ 114.923455] do_syscall_64+0x3b/0x90 [ 114.923841] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.924360] RIP: 0033:0x7f4b87518a4d [ 114.924729] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.925332] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.926084] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.926825] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.927581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.928285] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.928987] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.929697] [ 114.929933] irq event stamp: 0 [ 114.930249] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.930898] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.931755] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.932575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.933199] ---[ end trace 0000000000000000 ]--- [ 114.934028] ------------[ cut here ]------------ [ 114.934538] WARNING: CPU: 0 PID: 1039 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 114.935564] Modules linked in: [ 114.935884] CPU: 0 PID: 1039 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.936748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.937852] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 114.938362] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 114.940184] RSP: 0018:ffff88800f167b78 EFLAGS: 00010246 [ 114.940719] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 114.941497] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 114.942197] RBP: ffff88800f167b98 R08: ffffed1002ba5c3e R09: ffffed1002ba5c3e [ 114.942909] R10: ffff888015d2e1ef R11: ffffed1002ba5c3d R12: ffff888015d2e290 [ 114.943619] R13: ffff888015d2e0a8 R14: ffffffffffffffff R15: ffff88800f167c60 [ 114.944315] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.945097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.945658] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 114.946352] PKRU: 55555554 [ 114.946652] Call Trace: [ 114.946906] [ 114.947141] iommufd_ioas_destroy+0x53/0x70 [ 114.947581] iommufd_fops_release+0x1f7/0x370 [ 114.948024] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.948519] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.949000] ? write_comp_data+0x2f/0x90 [ 114.949405] ? __pfx_iommufd_fops_release+0x10/0x10 [ 114.949898] __fput+0x26d/0xa40 [ 114.950231] ____fput+0x1e/0x30 [ 114.950584] task_work_run+0x1a4/0x2d0 [ 114.950976] ? __pfx_task_work_run+0x10/0x10 [ 114.951432] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.951918] ? switch_task_namespaces+0xa9/0xe0 [ 114.952383] do_exit+0xb17/0x2ef0 [ 114.952723] ? lock_acquire+0x427/0x4c0 [ 114.953118] ? __pfx_lock_release+0x10/0x10 [ 114.953546] ? __kasan_check_write+0x18/0x20 [ 114.953979] ? do_raw_spin_lock+0x132/0x2a0 [ 114.954400] ? __pfx_do_exit+0x10/0x10 [ 114.954810] ? debug_smp_processor_id+0x20/0x30 [ 114.955294] ? rcu_is_watching+0x19/0xb0 [ 114.955699] ? _raw_spin_unlock_irq+0x2b/0x60 [ 114.956144] ? trace_hardirqs_on+0x26/0x120 [ 114.956568] do_group_exit+0xe0/0x2b0 [ 114.956938] __x64_sys_exit_group+0x47/0x50 [ 114.957356] do_syscall_64+0x3b/0x90 [ 114.957726] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.958234] RIP: 0033:0x7f4b87518a4d [ 114.958607] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 114.959224] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 114.959965] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 114.960653] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 114.961341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 114.962028] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 114.962729] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 114.963438] [ 114.963664] irq event stamp: 0 [ 114.963970] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.964576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.965353] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.966127] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.966728] ---[ end trace 0000000000000000 ]--- [ 114.970556] ------------[ cut here ]------------ [ 114.971038] WARNING: CPU: 0 PID: 1040 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 114.971958] Modules linked in: [ 114.972244] CPU: 0 PID: 1040 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 114.973096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 114.974097] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 114.974581] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 114.976199] RSP: 0018:ffff8880165cfbb8 EFLAGS: 00010246 [ 114.976664] RAX: 0000000000000000 RBX: ffff88801349e8a8 RCX: 0000000000000000 [ 114.977292] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 114.977917] RBP: ffff8880165cfbd0 R08: ffffed1002693d33 R09: ffffed1002693d33 [ 114.978558] R10: ffff88801349e993 R11: ffffed1002693d32 R12: ffff88801890c800 [ 114.979197] R13: ffff88801349e9e8 R14: ffffffff8352e670 R15: ffff8880165cfe68 [ 114.979827] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 114.980532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 114.981037] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 114.981651] PKRU: 55555554 [ 114.981893] Call Trace: [ 114.982112] [ 114.982311] __iommufd_access_detach+0x1c2/0x2b0 [ 114.982744] iommufd_access_change_pt+0x149/0x270 [ 114.983176] iommufd_access_replace+0xb4/0x120 [ 114.983580] iommufd_test+0x3e5/0x37e0 [ 114.983918] ? lock_release+0x532/0x770 [ 114.984269] ? __might_fault+0x102/0x1b0 [ 114.984630] ? lock_acquire+0x427/0x4c0 [ 114.984984] ? __pfx_iommufd_test+0x10/0x10 [ 114.985356] ? __pfx_lock_release+0x10/0x10 [ 114.985739] ? __pfx_lock_acquire+0x10/0x10 [ 114.986123] ? write_comp_data+0x2f/0x90 [ 114.986484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 114.986928] ? write_comp_data+0x2f/0x90 [ 114.987293] iommufd_fops_ioctl+0x37d/0x510 [ 114.987673] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.988101] ? write_comp_data+0x2f/0x90 [ 114.988459] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 114.988878] __x64_sys_ioctl+0x1a3/0x230 [ 114.989237] do_syscall_64+0x3b/0x90 [ 114.989566] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 114.990025] RIP: 0033:0x7f4b8743ee5d [ 114.990346] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 114.991930] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 114.992580] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 114.993188] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 114.993793] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 114.994399] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 114.995025] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 114.995648] [ 114.995849] irq event stamp: 0 [ 114.996120] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 114.996654] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 114.997365] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 114.998073] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 114.998617] ---[ end trace 0000000000000000 ]--- [ 115.001217] ------------[ cut here ]------------ [ 115.001628] WARNING: CPU: 0 PID: 1040 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.002471] Modules linked in: [ 115.002763] CPU: 0 PID: 1040 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.003524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.004464] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.004880] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.006434] RSP: 0018:ffff8880165cfbd0 EFLAGS: 00010246 [ 115.006886] RAX: 0000000000000000 RBX: ffff88801349e8a8 RCX: 0000000000000000 [ 115.007518] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 115.008032] RBP: ffff8880165cfbe8 R08: ffffed1002693d33 R09: ffffed1002693d33 [ 115.008538] R10: ffff88801349e993 R11: ffffed1002693d32 R12: ffff88800fcb3800 [ 115.009040] R13: ffff88801349e9e8 R14: ffff888020959c00 R15: 0000000000000000 [ 115.009544] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.010110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.010545] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.011050] PKRU: 55555554 [ 115.011261] Call Trace: [ 115.011443] [ 115.011612] iommufd_access_destroy_object+0x65/0x170 [ 115.011984] iommufd_object_destroy_user+0x18e/0x220 [ 115.012352] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.012769] iommufd_access_destroy+0x43/0x70 [ 115.013097] iommufd_test_staccess_release+0x8d/0xd0 [ 115.013468] __fput+0x26d/0xa40 [ 115.013716] ____fput+0x1e/0x30 [ 115.013959] task_work_run+0x1a4/0x2d0 [ 115.014244] ? __pfx_task_work_run+0x10/0x10 [ 115.014578] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.014861] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 115.014934] ? switch_task_namespaces+0xa9/0xe0 [ 115.016463] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 115.016762] do_exit+0xb17/0x2ef0 [ 115.018026] ? lock_acquire+0x427/0x4c0 [ 115.018320] ? __pfx_lock_release+0x10/0x10 [ 115.018642] ? __kasan_check_write+0x18/0x20 [ 115.018962] ? do_raw_spin_lock+0x132/0x2a0 [ 115.019282] ? __pfx_do_exit+0x10/0x10 [ 115.019577] ? debug_smp_processor_id+0x20/0x30 [ 115.019913] ? rcu_is_watching+0x19/0xb0 [ 115.020213] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.020543] ? trace_hardirqs_on+0x26/0x120 [ 115.020857] do_group_exit+0xe0/0x2b0 [ 115.021133] __x64_sys_exit_group+0x47/0x50 [ 115.021441] do_syscall_64+0x3b/0x90 [ 115.021715] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.022093] RIP: 0033:0x7f4b87518a4d [ 115.022362] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.022815] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.023366] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.023883] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.024387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.024889] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.025392] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.025905] [ 115.026072] irq event stamp: 0 [ 115.026296] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.026767] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.027367] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.027966] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.028413] ---[ end trace 0000000000000000 ]--- [ 115.029049] ------------[ cut here ]------------ [ 115.029394] WARNING: CPU: 0 PID: 1040 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.030117] Modules linked in: [ 115.030349] CPU: 0 PID: 1040 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.030986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.031800] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.032166] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.033454] RSP: 0018:ffff8880165cfb78 EFLAGS: 00010246 [ 115.033830] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.034331] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 115.034846] RBP: ffff8880165cfb98 R08: ffffed1002693d3e R09: ffffed1002693d3e [ 115.035354] R10: ffff88801349e9ef R11: ffffed1002693d3d R12: ffff88801349ea90 [ 115.035866] R13: ffff88801349e8a8 R14: ffffffffffffffff R15: ffff8880165cfc60 [ 115.036372] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.036943] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.037357] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.037865] PKRU: 55555554 [ 115.038069] Call Trace: [ 115.038252] [ 115.038418] iommufd_ioas_destroy+0x53/0x70 [ 115.038759] iommufd_fops_release+0x1f7/0x370 [ 115.039088] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.039457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.039820] ? write_comp_data+0x2f/0x90 [ 115.040119] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.040480] __fput+0x26d/0xa40 [ 115.040731] ____fput+0x1e/0x30 [ 115.040976] task_work_run+0x1a4/0x2d0 [ 115.041263] ? __pfx_task_work_run+0x10/0x10 [ 115.041583] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.041936] ? switch_task_namespaces+0xa9/0xe0 [ 115.042279] do_exit+0xb17/0x2ef0 [ 115.042548] ? lock_acquire+0x427/0x4c0 [ 115.042845] ? __pfx_lock_release+0x10/0x10 [ 115.043166] ? __kasan_check_write+0x18/0x20 [ 115.043488] ? do_raw_spin_lock+0x132/0x2a0 [ 115.043807] ? __pfx_do_exit+0x10/0x10 [ 115.044096] ? debug_smp_processor_id+0x20/0x30 [ 115.044431] ? rcu_is_watching+0x19/0xb0 [ 115.044723] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.045050] ? trace_hardirqs_on+0x26/0x120 [ 115.045365] do_group_exit+0xe0/0x2b0 [ 115.045638] __x64_sys_exit_group+0x47/0x50 [ 115.045946] do_syscall_64+0x3b/0x90 [ 115.046221] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.046609] RIP: 0033:0x7f4b87518a4d [ 115.046878] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.047324] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.047870] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.048374] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.048877] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.049381] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.049883] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.050396] [ 115.050580] irq event stamp: 0 [ 115.050808] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.051265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.051867] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.052457] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.052902] ---[ end trace 0000000000000000 ]--- [ 115.056663] ------------[ cut here ]------------ [ 115.057044] WARNING: CPU: 0 PID: 1042 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.057764] Modules linked in: [ 115.057993] CPU: 0 PID: 1042 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.058781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.059580] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.059927] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.061189] RSP: 0018:ffff88802464fbb8 EFLAGS: 00010246 [ 115.061558] RAX: 0000000000000000 RBX: ffff888011c7e8a8 RCX: 0000000000000000 [ 115.062048] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 115.062547] RBP: ffff88802464fbd0 R08: ffffed100238fd33 R09: ffffed100238fd33 [ 115.063032] R10: ffff888011c7e993 R11: ffffed100238fd32 R12: ffff888013c0e800 [ 115.063531] R13: ffff888011c7e9e8 R14: ffffffff8352e670 R15: ffff88802464fe68 [ 115.064015] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.064563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.064958] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 115.065443] PKRU: 55555554 [ 115.065637] Call Trace: [ 115.065813] [ 115.065969] __iommufd_access_detach+0x1c2/0x2b0 [ 115.066306] iommufd_access_change_pt+0x149/0x270 [ 115.066657] iommufd_access_replace+0xb4/0x120 [ 115.066983] iommufd_test+0x3e5/0x37e0 [ 115.067257] ? lock_release+0x532/0x770 [ 115.067548] ? __might_fault+0x102/0x1b0 [ 115.067835] ? lock_acquire+0x427/0x4c0 [ 115.068117] ? __pfx_iommufd_test+0x10/0x10 [ 115.068413] ? __pfx_lock_release+0x10/0x10 [ 115.068716] ? __pfx_lock_acquire+0x10/0x10 [ 115.069021] ? write_comp_data+0x2f/0x90 [ 115.069310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.069649] ? write_comp_data+0x2f/0x90 [ 115.069938] iommufd_fops_ioctl+0x37d/0x510 [ 115.070243] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.070597] ? write_comp_data+0x2f/0x90 [ 115.070887] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.071228] __x64_sys_ioctl+0x1a3/0x230 [ 115.071526] do_syscall_64+0x3b/0x90 [ 115.071792] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.072155] RIP: 0033:0x7f4b8743ee5d [ 115.072411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.073714] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.074415] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.075098] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.075662] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.076303] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.076839] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.077335] [ 115.077498] irq event stamp: 0 [ 115.077778] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.078352] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.079065] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.079666] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.080099] ---[ end trace 0000000000000000 ]--- [ 115.082621] ------------[ cut here ]------------ [ 115.082959] WARNING: CPU: 0 PID: 1042 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.083671] Modules linked in: [ 115.083892] CPU: 0 PID: 1042 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.084488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.085251] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.085590] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.087019] RSP: 0018:ffff88802464fbd0 EFLAGS: 00010246 [ 115.087393] RAX: 0000000000000000 RBX: ffff888011c7e8a8 RCX: 0000000000000000 [ 115.087887] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 115.088374] RBP: ffff88802464fbe8 R08: ffffed100238fd33 R09: ffffed100238fd33 [ 115.088861] R10: ffff888011c7e993 R11: ffffed100238fd32 R12: ffff88800f29c800 [ 115.089350] R13: ffff888011c7e9e8 R14: ffff888014951400 R15: 0000000000000000 [ 115.089837] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.090387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.090800] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.091300] PKRU: 55555554 [ 115.091502] Call Trace: [ 115.091677] [ 115.091833] iommufd_access_destroy_object+0x65/0x170 [ 115.092196] iommufd_object_destroy_user+0x18e/0x220 [ 115.092548] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.092953] iommufd_access_destroy+0x43/0x70 [ 115.093270] iommufd_test_staccess_release+0x8d/0xd0 [ 115.093626] __fput+0x26d/0xa40 [ 115.093867] ____fput+0x1e/0x30 [ 115.094104] task_work_run+0x1a4/0x2d0 [ 115.094380] ? __pfx_task_work_run+0x10/0x10 [ 115.094701] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.095039] ? switch_task_namespaces+0xa9/0xe0 [ 115.095374] do_exit+0xb17/0x2ef0 [ 115.095617] ? lock_acquire+0x427/0x4c0 [ 115.095896] ? __pfx_lock_release+0x10/0x10 [ 115.096195] ? __kasan_check_write+0x18/0x20 [ 115.096498] ? do_raw_spin_lock+0x132/0x2a0 [ 115.096793] ? __pfx_do_exit+0x10/0x10 [ 115.097066] ? debug_smp_processor_id+0x20/0x30 [ 115.097387] ? rcu_is_watching+0x19/0xb0 [ 115.097664] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.097975] ? trace_hardirqs_on+0x26/0x120 [ 115.098276] do_group_exit+0xe0/0x2b0 [ 115.098560] __x64_sys_exit_group+0x47/0x50 [ 115.098855] do_syscall_64+0x3b/0x90 [ 115.099123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.099484] RIP: 0033:0x7f4b87518a4d [ 115.099743] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.100159] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.100669] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.101137] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.101607] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.102079] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.102564] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.103045] [ 115.103208] irq event stamp: 0 [ 115.103420] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.103841] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.104399] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.104952] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.105368] ---[ end trace 0000000000000000 ]--- [ 115.105968] ------------[ cut here ]------------ [ 115.106280] WARNING: CPU: 0 PID: 1042 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.107073] Modules linked in: [ 115.107328] CPU: 0 PID: 1042 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.108397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.109513] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.110032] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.112069] RSP: 0018:ffff88802464fb78 EFLAGS: 00010246 [ 115.112626] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.113355] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 115.114084] RBP: ffff88802464fb98 R08: ffffed100238fd3e R09: ffffed100238fd3e [ 115.114837] R10: ffff888011c7e9ef R11: ffffed100238fd3d R12: ffff888011c7ea90 [ 115.115562] R13: ffff888011c7e8a8 R14: ffffffffffffffff R15: ffff88802464fc60 [ 115.116271] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.117074] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.117669] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.118399] PKRU: 55555554 [ 115.118720] Call Trace: [ 115.118994] [ 115.119276] iommufd_ioas_destroy+0x53/0x70 [ 115.119583] iommufd_fops_release+0x1f7/0x370 [ 115.119890] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.120225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.120555] ? write_comp_data+0x2f/0x90 [ 115.120833] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.121167] __fput+0x26d/0xa40 [ 115.121399] ____fput+0x1e/0x30 [ 115.121627] task_work_run+0x1a4/0x2d0 [ 115.121894] ? __pfx_task_work_run+0x10/0x10 [ 115.122191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.122540] ? switch_task_namespaces+0xa9/0xe0 [ 115.122863] do_exit+0xb17/0x2ef0 [ 115.123101] ? lock_acquire+0x427/0x4c0 [ 115.123381] ? __pfx_lock_release+0x10/0x10 [ 115.123676] ? __kasan_check_write+0x18/0x20 [ 115.123973] ? do_raw_spin_lock+0x132/0x2a0 [ 115.124265] ? __pfx_do_exit+0x10/0x10 [ 115.124534] ? debug_smp_processor_id+0x20/0x30 [ 115.124849] ? rcu_is_watching+0x19/0xb0 [ 115.125121] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.125427] ? trace_hardirqs_on+0x26/0x120 [ 115.125719] do_group_exit+0xe0/0x2b0 [ 115.125977] __x64_sys_exit_group+0x47/0x50 [ 115.126263] do_syscall_64+0x3b/0x90 [ 115.126531] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.126885] RIP: 0033:0x7f4b87518a4d [ 115.127179] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.127610] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.128127] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.128688] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.129162] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.129644] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.130114] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.130629] [ 115.130789] irq event stamp: 0 [ 115.131000] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.131438] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.132013] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.132581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.133014] ---[ end trace 0000000000000000 ]--- [ 115.136575] ------------[ cut here ]------------ [ 115.137066] WARNING: CPU: 0 PID: 1043 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.137749] Modules linked in: [ 115.137991] CPU: 0 PID: 1043 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.138715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.139489] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.139822] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.141045] RSP: 0018:ffff8880165cfbb8 EFLAGS: 00010246 [ 115.141418] RAX: 0000000000000000 RBX: ffff88801789b0a8 RCX: 0000000000000000 [ 115.141889] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 115.142382] RBP: ffff8880165cfbd0 R08: ffffed1002f13633 R09: ffffed1002f13633 [ 115.142868] R10: ffff88801789b193 R11: ffffed1002f13632 R12: ffff888013c04000 [ 115.143368] R13: ffff88801789b1e8 R14: ffffffff8352e670 R15: ffff8880165cfe68 [ 115.143841] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.144381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.144788] CR2: 00007f4b877410e8 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 115.145259] PKRU: 55555554 [ 115.145473] Call Trace: [ 115.145655] [ 115.145807] __iommufd_access_detach+0x1c2/0x2b0 [ 115.146138] iommufd_access_change_pt+0x149/0x270 [ 115.146470] iommufd_access_replace+0xb4/0x120 [ 115.146821] iommufd_test+0x3e5/0x37e0 [ 115.147084] ? lock_release+0x532/0x770 [ 115.147366] ? __might_fault+0x102/0x1b0 [ 115.147666] ? lock_acquire+0x427/0x4c0 [ 115.147942] ? __pfx_iommufd_test+0x10/0x10 [ 115.148229] ? __pfx_lock_release+0x10/0x10 [ 115.148524] ? __pfx_lock_acquire+0x10/0x10 [ 115.148845] ? write_comp_data+0x2f/0x90 [ 115.149124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.149455] ? write_comp_data+0x2f/0x90 [ 115.149746] iommufd_fops_ioctl+0x37d/0x510 [ 115.150052] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.150384] ? write_comp_data+0x2f/0x90 [ 115.150678] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.151025] __x64_sys_ioctl+0x1a3/0x230 [ 115.151312] do_syscall_64+0x3b/0x90 [ 115.151570] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.151942] RIP: 0033:0x7f4b8743ee5d [ 115.152193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.153421] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.153925] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.154417] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.154905] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.155405] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.155878] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.156378] [ 115.156534] irq event stamp: 0 [ 115.156745] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.157163] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.157741] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.158304] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.158749] ---[ end trace 0000000000000000 ]--- [ 115.161515] ------------[ cut here ]------------ [ 115.161845] WARNING: CPU: 0 PID: 1043 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.162647] Modules linked in: [ 115.162863] CPU: 0 PID: 1043 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.163452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.164240] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.164644] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.165975] RSP: 0018:ffff8880165cfbd0 EFLAGS: 00010246 [ 115.166340] RAX: 0000000000000000 RBX: ffff88801789b0a8 RCX: 0000000000000000 [ 115.166844] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 115.167384] RBP: ffff8880165cfbe8 R08: ffffed1002f13633 R09: ffffed1002f13633 [ 115.167947] R10: ffff88801789b193 R11: ffffed1002f13632 R12: ffff888013c0fc00 [ 115.168437] R13: ffff88801789b1e8 R14: ffff888010aa6f00 R15: 0000000000000000 [ 115.169035] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.169585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.169983] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.170602] PKRU: 55555554 [ 115.170799] Call Trace: [ 115.170976] [ 115.171138] iommufd_access_destroy_object+0x65/0x170 [ 115.171502] iommufd_object_destroy_user+0x18e/0x220 [ 115.171859] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.172385] iommufd_access_destroy+0x43/0x70 [ 115.172707] iommufd_test_staccess_release+0x8d/0xd0 [ 115.173064] __fput+0x26d/0xa40 [ 115.173308] ____fput+0x1e/0x30 [ 115.173566] task_work_run+0x1a4/0x2d0 [ 115.173915] ? __pfx_task_work_run+0x10/0x10 [ 115.174226] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.174585] ? switch_task_namespaces+0xa9/0xe0 [ 115.174920] do_exit+0xb17/0x2ef0 [ 115.175171] ? lock_acquire+0x427/0x4c0 [ 115.175476] ? __pfx_lock_release+0x10/0x10 [ 115.175865] ? __kasan_check_write+0x18/0x20 [ 115.176176] ? do_raw_spin_lock+0x132/0x2a0 [ 115.176479] ? __pfx_do_exit+0x10/0x10 [ 115.176760] ? debug_smp_processor_id+0x20/0x30 [ 115.177209] ? rcu_is_watching+0x19/0xb0 [ 115.177497] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.177815] ? trace_hardirqs_on+0x26/0x120 [ 115.178125] do_group_exit+0xe0/0x2b0 [ 115.178424] __x64_sys_exit_group+0x47/0x50 [ 115.178821] do_syscall_64+0x3b/0x90 [ 115.179088] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.179458] RIP: 0033:0x7f4b87518a4d [ 115.179722] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.180142] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.180786] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.181275] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.181794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.182380] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.182893] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.183410] [ 115.183613] irq event stamp: 0 [ 115.183936] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.184377] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.184979] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.185695] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.186141] ---[ end trace 0000000000000000 ]--- [ 115.186880] ------------[ cut here ]------------ [ 115.187232] WARNING: CPU: 0 PID: 1043 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.187964] Modules linked in: [ 115.188196] CPU: 0 PID: 1043 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.188947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.189745] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.190228] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.191658] RSP: 0018:ffff8880165cfb78 EFLAGS: 00010246 [ 115.192039] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.192548] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 115.193057] RBP: ffff8880165cfb98 R08: ffffed1002f1363e R09: ffffed1002f1363e [ 115.193685] R10: ffff88801789b1ef R11: ffffed1002f1363d R12: ffff88801789b290 [ 115.194194] R13: ffff88801789b0a8 R14: ffffffffffffffff R15: ffff8880165cfc60 [ 115.194727] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.195435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.195972] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.196760] PKRU: 55555554 [ 115.197021] Call Trace: [ 115.197258] [ 115.197473] iommufd_ioas_destroy+0x53/0x70 [ 115.197869] iommufd_fops_release+0x1f7/0x370 [ 115.198409] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.198913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.199402] ? write_comp_data+0x2f/0x90 [ 115.199938] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.200417] __fput+0x26d/0xa40 [ 115.200763] ____fput+0x1e/0x30 [ 115.201114] task_work_run+0x1a4/0x2d0 [ 115.201645] ? __pfx_task_work_run+0x10/0x10 [ 115.202078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.202597] ? switch_task_namespaces+0xa9/0xe0 [ 115.203153] do_exit+0xb17/0x2ef0 [ 115.203494] ? lock_acquire+0x427/0x4c0 [ 115.203854] ? __pfx_lock_release+0x10/0x10 [ 115.204311] ? __kasan_check_write+0x18/0x20 [ 115.204807] ? do_raw_spin_lock+0x132/0x2a0 [ 115.205164] ? __pfx_do_exit+0x10/0x10 [ 115.205539] ? debug_smp_processor_id+0x20/0x30 [ 115.206134] ? rcu_is_watching+0x19/0xb0 [ 115.206576] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.207020] ? trace_hardirqs_on+0x26/0x120 [ 115.207620] do_group_exit+0xe0/0x2b0 [ 115.207991] __x64_sys_exit_group+0x47/0x50 [ 115.208392] do_syscall_64+0x3b/0x90 [ 115.208770] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.209343] RIP: 0033:0x7f4b87518a4d [ 115.209666] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.210242] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.211101] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.212212] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.212998] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.214037] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.214866] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.215783] [ 115.216053] irq event stamp: 0 [ 115.216416] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.217198] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.218246] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.219194] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.220008] ---[ end trace 0000000000000000 ]--- [ 115.229165] ------------[ cut here ]------------ [ 115.229687] WARNING: CPU: 0 PID: 1044 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.230953] Modules linked in: [ 115.231316] CPU: 0 PID: 1044 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.232238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.233415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.233945] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.235869] RSP: 0018:ffff88801873fbb8 EFLAGS: 00010246 [ 115.236432] RAX: 0000000000000000 RBX: ffff888015cd38a8 RCX: 0000000000000000 [ 115.237176] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 115.237924] RBP: ffff88801873fbd0 R08: ffffed1002b9a733 R09: ffffed1002b9a733 [ 115.238694] R10: ffff888015cd3993 R11: ffffed1002b9a732 R12: ffff88802190d800 [ 115.239456] R13: ffff888015cd39e8 R14: ffffffff8352e670 R15: ffff88801873fe68 [ 115.240204] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.241046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.241656] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 115.242406] PKRU: 55555554 [ 115.242729] Call Trace: [ 115.243007] [ 115.243263] __iommufd_access_detach+0x1c2/0x2b0 [ 115.243783] iommufd_access_change_pt+0x149/0x270 [ 115.244312] iommufd_access_replace+0xb4/0x120 [ 115.244816] iommufd_test+0x3e5/0x37e0 [ 115.245234] ? lock_release+0x532/0x770 [ 115.245673] ? __might_fault+0x102/0x1b0 [ 115.246118] ? lock_acquire+0x427/0x4c0 [ 115.246581] ? __pfx_iommufd_test+0x10/0x10 [ 115.247044] ? __pfx_lock_release+0x10/0x10 [ 115.247518] ? __pfx_lock_acquire+0x10/0x10 [ 115.247990] ? write_comp_data+0x2f/0x90 [ 115.248441] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.248963] ? write_comp_data+0x2f/0x90 [ 115.249412] iommufd_fops_ioctl+0x37d/0x510 [ 115.249875] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.250398] ? write_comp_data+0x2f/0x90 [ 115.250867] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.251392] __x64_sys_ioctl+0x1a3/0x230 [ 115.251838] do_syscall_64+0x3b/0x90 [ 115.252249] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.252805] RIP: 0033:0x7f4b8743ee5d [ 115.253199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.255097] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.255893] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.256632] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.257370] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.258109] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.258868] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.259633] [ 115.259885] irq event stamp: 0 [ 115.260220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.260874] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.261739] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.262631] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.263297] ---[ end trace 0000000000000000 ]--- [ 115.268044] ------------[ cut here ]------------ [ 115.268553] WARNING: CPU: 0 PID: 1044 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.269740] Modules linked in: [ 115.270085] CPU: 0 PID: 1044 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.271162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.272358] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.272955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.274973] RSP: 0018:ffff88801873fbd0 EFLAGS: 00010246 [ 115.275552] RAX: 0000000000000000 RBX: ffff888015cd38a8 RCX: 0000000000000000 [ 115.276402] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 115.277266] RBP: ffff88801873fbe8 R08: ffffed1002b9a733 R09: ffffed1002b9a733 [ 115.278006] R10: ffff888015cd3993 R11: ffffed1002b9a732 R12: ffff888013c07000 [ 115.278908] R13: ffff888015cd39e8 R14: ffff88800fd91f00 R15: 0000000000000000 [ 115.279661] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.280629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.281236] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.282094] PKRU: 55555554 [ 115.282397] Call Trace: [ 115.282696] [ 115.282943] iommufd_access_destroy_object+0x65/0x170 [ 115.283609] iommufd_object_destroy_user+0x18e/0x220 [ 115.284115] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.284667] iommufd_access_destroy+0x43/0x70 [ 115.285086] iommufd_test_staccess_release+0x8d/0xd0 [ 115.285669] __fput+0x26d/0xa40 [ 115.285999] ____fput+0x1e/0x30 [ 115.286317] task_work_run+0x1a4/0x2d0 [ 115.286713] ? __pfx_task_work_run+0x10/0x10 [ 115.287136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.287719] ? switch_task_namespaces+0xa9/0xe0 [ 115.288175] do_exit+0xb17/0x2ef0 [ 115.288508] ? lock_acquire+0x427/0x4c0 [ 115.288889] ? __pfx_lock_release+0x10/0x10 [ 115.289296] ? __kasan_check_write+0x18/0x20 [ 115.289818] ? do_raw_spin_lock+0x132/0x2a0 [ 115.290232] ? __pfx_do_exit+0x10/0x10 [ 115.290630] ? debug_smp_processor_id+0x20/0x30 [ 115.291064] ? rcu_is_watching+0x19/0xb0 [ 115.291451] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.291984] ? trace_hardirqs_on+0x26/0x120 [ 115.292397] do_group_exit+0xe0/0x2b0 [ 115.292765] __x64_sys_exit_group+0x47/0x50 [ 115.293170] do_syscall_64+0x3b/0x90 [ 115.293522] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.294115] RIP: 0033:0x7f4b87518a4d [ 115.294471] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.295057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.295744] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.296500] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.297163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.297805] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.298570] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.299262] [ 115.299496] irq event stamp: 0 [ 115.299795] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.300475] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.301261] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.302037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.302744] ---[ end trace 0000000000000000 ]--- [ 115.303714] ------------[ cut here ]------------ [ 115.304172] WARNING: CPU: 0 PID: 1044 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.305244] Modules linked in: [ 115.305559] CPU: 0 PID: 1044 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.306384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.307597] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.308031] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.309643] RSP: 0018:ffff88801873fb78 EFLAGS: 00010246 [ 115.310186] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.310796] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 115.311402] RBP: ffff88801873fb98 R08: ffffed1002b9a73e R09: ffffed1002b9a73e [ 115.312098] R10: ffff888015cd39ef R11: ffffed1002b9a73d R12: ffff888015cd3a90 [ 115.312691] R13: ffff888015cd38a8 R14: ffffffffffffffff R15: ffff88801873fc60 [ 115.313394] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.314059] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.314662] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.315266] PKRU: 55555554 [ 115.315500] Call Trace: [ 115.315710] [ 115.315898] iommufd_ioas_destroy+0x53/0x70 [ 115.316296] iommufd_fops_release+0x1f7/0x370 [ 115.316760] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.317180] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.317623] ? write_comp_data+0x2f/0x90 [ 115.318034] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.318451] __fput+0x26d/0xa40 [ 115.318754] ____fput+0x1e/0x30 [ 115.319037] task_work_run+0x1a4/0x2d0 [ 115.319418] ? __pfx_task_work_run+0x10/0x10 [ 115.319861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.320272] ? switch_task_namespaces+0xa9/0xe0 [ 115.320670] do_exit+0xb17/0x2ef0 [ 115.320995] ? lock_acquire+0x427/0x4c0 [ 115.321402] ? __pfx_lock_release+0x10/0x10 [ 115.321766] ? __kasan_check_write+0x18/0x20 [ 115.322134] ? do_raw_spin_lock+0x132/0x2a0 [ 115.322612] ? __pfx_do_exit+0x10/0x10 [ 115.322945] ? debug_smp_processor_id+0x20/0x30 [ 115.323345] ? rcu_is_watching+0x19/0xb0 [ 115.323690] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.324073] ? trace_hardirqs_on+0x26/0x120 [ 115.324482] do_group_exit+0xe0/0x2b0 [ 115.324897] __x64_sys_exit_group+0x47/0x50 [ 115.325330] do_syscall_64+0x3b/0x90 [ 115.325649] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.326179] RIP: 0033:0x7f4b87518a4d [ 115.326491] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.327019] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.328278] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.328788] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.329342] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.329912] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.330416] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.331055] [ 115.331232] irq event stamp: 0 [ 115.331458] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.331905] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.332554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.333192] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.333636] ---[ end trace 0000000000000000 ]--- [ 115.338223] ------------[ cut here ]------------ [ 115.338690] WARNING: CPU: 0 PID: 1045 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.339432] Modules linked in: [ 115.339675] CPU: 0 PID: 1045 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.340402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.341190] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.341542] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.342882] RSP: 0018:ffff8880165cfbb8 EFLAGS: 00010246 [ 115.343269] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 115.343767] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 115.344267] RBP: ffff8880165cfbd0 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 115.344764] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff888012e91c00 [ 115.345263] R13: ffff88800f3709e8 R14: ffffffff8352e670 R15: ffff8880165cfe68 [ 115.345760] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.346322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.346748] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 115.347258] PKRU: 55555554 [ 115.347461] Call Trace: [ 115.347645] [ 115.347806] __iommufd_access_detach+0x1c2/0x2b0 [ 115.348159] iommufd_access_change_pt+0x149/0x270 [ 115.348653] iommufd_access_replace+0xb4/0x120 [ 115.348989] iommufd_test+0x3e5/0x37e0 [ 115.349265] ? lock_release+0x532/0x770 [ 115.349558] ? __might_fault+0x102/0x1b0 [ 115.349861] ? lock_acquire+0x427/0x4c0 [ 115.350160] ? __pfx_iommufd_test+0x10/0x10 [ 115.350471] ? __pfx_lock_release+0x10/0x10 [ 115.350803] ? __pfx_lock_acquire+0x10/0x10 [ 115.351134] ? write_comp_data+0x2f/0x90 [ 115.351438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.351794] ? write_comp_data+0x2f/0x90 [ 115.352097] iommufd_fops_ioctl+0x37d/0x510 [ 115.352416] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.352772] ? write_comp_data+0x2f/0x90 [ 115.353076] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.353428] __x64_sys_ioctl+0x1a3/0x230 [ 115.353733] do_syscall_64+0x3b/0x90 [ 115.354011] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.354393] RIP: 0033:0x7f4b8743ee5d [ 115.354680] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.356004] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.356551] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.357108] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.357620] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.358131] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.358659] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.359186] [ 115.359354] irq event stamp: 0 [ 115.359576] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.360034] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.360645] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.361253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.361709] ---[ end trace 0000000000000000 ]--- [ 115.364519] ------------[ cut here ]------------ [ 115.364990] WARNING: CPU: 0 PID: 1045 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.365731] Modules linked in: [ 115.365968] CPU: 0 PID: 1045 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.366742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.367574] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.367951] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.369392] RSP: 0018:ffff8880165cfbd0 EFLAGS: 00010246 [ 115.369902] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 115.370424] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 115.370965] RBP: ffff8880165cfbe8 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 115.371622] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff88802190d000 [ 115.372146] R13: ffff88800f3709e8 R14: ffff8880121e9900 R15: 0000000000000000 [ 115.372665] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.373386] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.373810] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.374333] PKRU: 55555554 [ 115.374687] Call Trace: [ 115.374877] [ 115.375046] iommufd_access_destroy_object+0x65/0x170 [ 115.375446] iommufd_object_destroy_user+0x18e/0x220 [ 115.375826] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.376262] iommufd_access_destroy+0x43/0x70 [ 115.376724] iommufd_test_staccess_release+0x8d/0xd0 [ 115.377108] __fput+0x26d/0xa40 [ 115.377364] ____fput+0x1e/0x30 [ 115.377615] task_work_run+0x1a4/0x2d0 [ 115.377942] ? __pfx_task_work_run+0x10/0x10 [ 115.378345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.378726] ? switch_task_namespaces+0xa9/0xe0 [ 115.379080] do_exit+0xb17/0x2ef0 [ 115.379356] ? lock_acquire+0x427/0x4c0 [ 115.379662] ? __pfx_lock_release+0x10/0x10 [ 115.380112] ? __kasan_check_write+0x18/0x20 [ 115.380441] ? do_raw_spin_lock+0x132/0x2a0 [ 115.380761] ? __pfx_do_exit+0x10/0x10 [ 115.381056] ? debug_smp_processor_id+0x20/0x30 [ 115.381463] ? rcu_is_watching+0x19/0xb0 [ 115.381843] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.382191] ? trace_hardirqs_on+0x26/0x120 [ 115.382541] do_group_exit+0xe0/0x2b0 [ 115.382831] __x64_sys_exit_group+0x47/0x50 [ 115.383164] do_syscall_64+0x3b/0x90 [ 115.383588] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.383983] RIP: 0033:0x7f4b87518a4d [ 115.384264] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.384720] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.385425] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.385953] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.386555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.387158] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.387695] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.388235] [ 115.388467] irq event stamp: 0 [ 115.388805] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.389326] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.389980] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.390740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.391228] ---[ end trace 0000000000000000 ]--- [ 115.392287] ------------[ cut here ]------------ [ 115.392659] WARNING: CPU: 0 PID: 1045 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.393441] Modules linked in: [ 115.393729] CPU: 0 PID: 1045 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.394489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.395443] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.395907] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.397426] RSP: 0018:ffff8880165cfb78 EFLAGS: 00010246 [ 115.397837] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.398381] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 115.399066] RBP: ffff8880165cfb98 R08: ffffed1001e6e13e R09: ffffed1001e6e13e [ 115.399621] R10: ffff88800f3709ef R11: ffffed1001e6e13d R12: ffff88800f370a90 [ 115.400174] R13: ffff88800f3708a8 R14: ffffffffffffffff R15: ffff8880165cfc60 [ 115.400866] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.401485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.401934] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 115.402633] PKRU: 55555554 [ 115.402855] Call Trace: [ 115.403059] [ 115.403247] iommufd_ioas_destroy+0x53/0x70 [ 115.403595] iommufd_fops_release+0x1f7/0x370 [ 115.404107] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.404506] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.404889] ? write_comp_data+0x2f/0x90 [ 115.405220] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.405761] __fput+0x26d/0xa40 [ 115.406035] ____fput+0x1e/0x30 [ 115.406315] task_work_run+0x1a4/0x2d0 [ 115.406658] ? __pfx_task_work_run+0x10/0x10 [ 115.407028] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.407617] ? switch_task_namespaces+0xa9/0xe0 [ 115.408012] do_exit+0xb17/0x2ef0 [ 115.408305] ? lock_acquire+0x427/0x4c0 [ 115.408642] ? __pfx_lock_release+0x10/0x10 [ 115.409071] ? __kasan_check_write+0x18/0x20 [ 115.409524] ? do_raw_spin_lock+0x132/0x2a0 [ 115.409880] ? __pfx_do_exit+0x10/0x10 [ 115.410208] ? debug_smp_processor_id+0x20/0x30 [ 115.410624] ? rcu_is_watching+0x19/0xb0 [ 115.411078] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.411462] ? trace_hardirqs_on+0x26/0x120 [ 115.411826] do_group_exit+0xe0/0x2b0 [ 115.412138] __x64_sys_exit_group+0x47/0x50 [ 115.412638] do_syscall_64+0x3b/0x90 [ 115.412955] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.413384] RIP: 0033:0x7f4b87518a4d [ 115.413686] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.414350] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.414989] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.415575] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.416305] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.416879] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.417460] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.418219] [ 115.418414] irq event stamp: 0 [ 115.418694] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.419218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.419898] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.420575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.421137] ---[ end trace 0000000000000000 ]--- [ 115.426172] ------------[ cut here ]------------ [ 115.426718] WARNING: CPU: 0 PID: 1046 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.427543] Modules linked in: [ 115.427805] CPU: 0 PID: 1046 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.428503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.429400] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.429799] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.431282] RSP: 0018:ffff88801722fbb8 EFLAGS: 00010246 [ 115.431715] RAX: 0000000000000000 RBX: ffff8880165348a8 RCX: 0000000000000000 [ 115.432288] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 115.432858] RBP: ffff88801722fbd0 R08: ffffed1002ca6933 R09: ffffed1002ca6933 [ 115.433429] R10: ffff888016534993 R11: ffffed1002ca6932 R12: ffff88800fcb2c00 [ 115.433997] R13: ffff8880165349e8 R14: ffffffff8352e670 R15: ffff88801722fe68 [ 115.434584] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.435249] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.435723] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 115.436294] PKRU: 55555554 [ 115.436525] Call Trace: [ 115.436731] [ 115.436914] __iommufd_access_detach+0x1c2/0x2b0 [ 115.437308] iommufd_access_change_pt+0x149/0x270 [ 115.437706] iommufd_access_replace+0xb4/0x120 [ 115.438090] iommufd_test+0x3e5/0x37e0 [ 115.438404] ? lock_release+0x532/0x770 [ 115.438750] ? __might_fault+0x102/0x1b0 [ 115.439092] ? lock_acquire+0x427/0x4c0 [ 115.439429] ? __pfx_iommufd_test+0x10/0x10 [ 115.439776] ? __pfx_lock_release+0x10/0x10 [ 115.440129] ? __pfx_lock_acquire+0x10/0x10 [ 115.440490] ? write_comp_data+0x2f/0x90 [ 115.440833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.441236] ? write_comp_data+0x2f/0x90 [ 115.441573] iommufd_fops_ioctl+0x37d/0x510 [ 115.441927] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.442326] ? write_comp_data+0x2f/0x90 [ 115.442681] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.443077] __x64_sys_ioctl+0x1a3/0x230 [ 115.443429] do_syscall_64+0x3b/0x90 [ 115.443749] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.444177] RIP: 0033:0x7f4b8743ee5d [ 115.444478] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.445938] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.446570] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.447150] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.447729] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.448303] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.448874] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.449454] [ 115.449644] irq event stamp: 0 [ 115.449901] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.450410] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.451103] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.451785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.452293] ---[ end trace 0000000000000000 ]--- [ 115.455664] ------------[ cut here ]------------ [ 115.456062] WARNING: CPU: 0 PID: 1046 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.457059] Modules linked in: [ 115.457324] CPU: 0 PID: 1046 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.458037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.459097] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.459519] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.461014] RSP: 0018:ffff88801722fbd0 EFLAGS: 00010246 [ 115.461468] RAX: 0000000000000000 RBX: ffff8880165348a8 RCX: 0000000000000000 [ 115.462063] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 115.462684] RBP: ffff88801722fbe8 R08: ffffed1002ca6933 R09: ffffed1002ca6933 [ 115.463299] R10: ffff888016534993 R11: ffffed1002ca6932 R12: ffff888012e91800 [ 115.463896] R13: ffff8880165349e8 R14: ffff88800fd91500 R15: 0000000000000000 [ 115.464503] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.465176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.465662] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.466258] PKRU: 55555554 [ 115.466496] Call Trace: [ 115.466737] [ 115.466936] iommufd_access_destroy_object+0x65/0x170 [ 115.467395] iommufd_object_destroy_user+0x18e/0x220 [ 115.467832] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.468328] iommufd_access_destroy+0x43/0x70 [ 115.468717] iommufd_test_staccess_release+0x8d/0xd0 [ 115.469156] __fput+0x26d/0xa40 [ 115.469448] ____fput+0x1e/0x30 [ 115.469736] task_work_run+0x1a4/0x2d0 [ 115.470077] ? __pfx_task_work_run+0x10/0x10 [ 115.470453] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.470896] ? switch_task_namespaces+0xa9/0xe0 [ 115.471315] do_exit+0xb17/0x2ef0 [ 115.471611] ? lock_acquire+0x427/0x4c0 [ 115.471955] ? __pfx_lock_release+0x10/0x10 [ 115.472325] ? __kasan_check_write+0x18/0x20 [ 115.472711] ? do_raw_spin_lock+0x132/0x2a0 [ 115.473080] ? __pfx_do_exit+0x10/0x10 [ 115.473421] ? debug_smp_processor_id+0x20/0x30 [ 115.473817] ? rcu_is_watching+0x19/0xb0 [ 115.474165] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.474571] ? trace_hardirqs_on+0x26/0x120 [ 115.474946] do_group_exit+0xe0/0x2b0 [ 115.475280] __x64_sys_exit_group+0x47/0x50 [ 115.475647] do_syscall_64+0x3b/0x90 [ 115.475973] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.476417] RIP: 0033:0x7f4b87518a4d [ 115.476732] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.477255] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.477896] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.478487] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.479127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.479734] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.480334] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.480938] [ 115.481146] irq event stamp: 0 [ 115.481409] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.481936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.482668] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.483388] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.483923] ---[ end trace 0000000000000000 ]--- [ 115.484771] ------------[ cut here ]------------ [ 115.485380] WARNING: CPU: 1 PID: 1046 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.486247] Modules linked in: [ 115.486566] CPU: 1 PID: 1046 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.487478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.488467] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.489026] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.490816] RSP: 0018:ffff88801722fb78 EFLAGS: 00010246 [ 115.491297] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.491931] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 115.492683] RBP: ffff88801722fb98 R08: ffffed1002ca693e R09: ffffed1002ca693e [ 115.493311] R10: ffff8880165349ef R11: ffffed1002ca693d R12: ffff888016534a90 [ 115.493961] R13: ffff8880165348a8 R14: ffffffffffffffff R15: ffff88801722fc60 [ 115.494711] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 115.495433] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.496081] CR2: 00007f82e2aae000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 115.496694] PKRU: 55555554 [ 115.496937] Call Trace: [ 115.497181] [ 115.497378] iommufd_ioas_destroy+0x53/0x70 [ 115.497902] iommufd_fops_release+0x1f7/0x370 [ 115.498333] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.498803] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.499263] ? write_comp_data+0x2f/0x90 [ 115.499784] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.500228] __fput+0x26d/0xa40 [ 115.500560] ____fput+0x1e/0x30 [ 115.500865] task_work_run+0x1a4/0x2d0 [ 115.501220] ? __pfx_task_work_run+0x10/0x10 [ 115.501749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.502185] ? switch_task_namespaces+0xa9/0xe0 [ 115.502656] do_exit+0xb17/0x2ef0 [ 115.502967] ? lock_acquire+0x427/0x4c0 [ 115.503454] ? __pfx_lock_release+0x10/0x10 [ 115.503875] ? __kasan_check_write+0x18/0x20 [ 115.504270] ? do_raw_spin_lock+0x132/0x2a0 [ 115.504657] ? __pfx_do_exit+0x10/0x10 [ 115.505198] ? debug_smp_processor_id+0x20/0x30 [ 115.505625] ? rcu_is_watching+0x19/0xb0 [ 115.506036] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.506451] ? trace_hardirqs_on+0x26/0x120 [ 115.506933] do_group_exit+0xe0/0x2b0 [ 115.507395] __x64_sys_exit_group+0x47/0x50 [ 115.507783] do_syscall_64+0x3b/0x90 [ 115.508154] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.508654] RIP: 0033:0x7f4b87518a4d [ 115.509082] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.509634] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.510327] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.511147] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.511796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.512513] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.513205] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.513863] [ 115.514074] irq event stamp: 0 [ 115.514485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.515063] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.515819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.516688] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.517244] ---[ end trace 0000000000000000 ]--- [ 115.524260] ------------[ cut here ]------------ [ 115.524893] WARNING: CPU: 0 PID: 1047 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.525763] Modules linked in: [ 115.526043] CPU: 0 PID: 1047 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.527010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.527992] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.528448] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.530087] RSP: 0018:ffff888016267bb8 EFLAGS: 00010246 [ 115.530595] RAX: 0000000000000000 RBX: ffff888020fff0a8 RCX: 0000000000000000 [ 115.531264] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 115.531918] RBP: ffff888016267bd0 R08: ffffed10041ffe33 R09: ffffed10041ffe33 [ 115.532567] R10: ffff888020fff193 R11: ffffed10041ffe32 R12: ffff888013b17000 [ 115.533217] R13: ffff888020fff1e8 R14: ffffffff8352e670 R15: ffff888016267e68 [ 115.533857] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.534611] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.535152] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 115.535797] PKRU: 55555554 [ 115.536057] Call Trace: [ 115.536288] [ 115.536496] __iommufd_access_detach+0x1c2/0x2b0 [ 115.536941] iommufd_access_change_pt+0x149/0x270 [ 115.537383] iommufd_access_replace+0xb4/0x120 [ 115.537809] iommufd_test+0x3e5/0x37e0 [ 115.538165] ? lock_release+0x532/0x770 [ 115.538553] ? __might_fault+0x102/0x1b0 [ 115.538932] ? lock_acquire+0x427/0x4c0 [ 115.539312] ? __pfx_iommufd_test+0x10/0x10 [ 115.539702] ? __pfx_lock_release+0x10/0x10 [ 115.540097] ? __pfx_lock_acquire+0x10/0x10 [ 115.540499] ? write_comp_data+0x2f/0x90 [ 115.540875] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.541324] ? write_comp_data+0x2f/0x90 [ 115.541699] iommufd_fops_ioctl+0x37d/0x510 [ 115.542095] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.542565] ? write_comp_data+0x2f/0x90 [ 115.542948] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.543406] __x64_sys_ioctl+0x1a3/0x230 [ 115.543795] do_syscall_64+0x3b/0x90 [ 115.544146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.544631] RIP: 0033:0x7f4b8743ee5d [ 115.544975] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.546639] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.547355] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.548006] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.548659] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.549353] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.549996] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.550671] [ 115.550885] irq event stamp: 0 [ 115.551184] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.551757] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.552511] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.553260] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.553830] ---[ end trace 0000000000000000 ]--- [ 115.557126] ------------[ cut here ]------------ [ 115.557649] WARNING: CPU: 0 PID: 1047 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.558544] Modules linked in: [ 115.558825] CPU: 0 PID: 1047 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.559771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.560747] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.561358] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.562966] RSP: 0018:ffff888016267bd0 EFLAGS: 00010246 [ 115.563549] RAX: 0000000000000000 RBX: ffff888020fff0a8 RCX: 0000000000000000 [ 115.564165] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 115.564771] RBP: ffff888016267be8 R08: ffffed10041ffe33 R09: ffffed10041ffe33 [ 115.565554] R10: ffff888020fff193 R11: ffffed10041ffe32 R12: ffff88800fcb1400 [ 115.566162] R13: ffff888020fff1e8 R14: ffff888013596f00 R15: 0000000000000000 [ 115.566795] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.567681] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.568181] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.568794] PKRU: 55555554 [ 115.569041] Call Trace: [ 115.569345] [ 115.569622] iommufd_access_destroy_object+0x65/0x170 [ 115.570072] iommufd_object_destroy_user+0x18e/0x220 [ 115.570535] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.571040] iommufd_access_destroy+0x43/0x70 [ 115.571528] iommufd_test_staccess_release+0x8d/0xd0 [ 115.572071] __fput+0x26d/0xa40 [ 115.572372] ____fput+0x1e/0x30 [ 115.572664] task_work_run+0x1a4/0x2d0 [ 115.573011] ? __pfx_task_work_run+0x10/0x10 [ 115.573560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.573991] ? switch_task_namespaces+0xa9/0xe0 [ 115.574406] do_exit+0xb17/0x2ef0 [ 115.574731] ? lock_acquire+0x427/0x4c0 [ 115.575085] ? __pfx_lock_release+0x10/0x10 [ 115.575520] ? __kasan_check_write+0x18/0x20 [ 115.576023] ? do_raw_spin_lock+0x132/0x2a0 [ 115.576405] ? __pfx_do_exit+0x10/0x10 [ 115.576750] ? debug_smp_processor_id+0x20/0x30 [ 115.577155] ? rcu_is_watching+0x19/0xb0 [ 115.577591] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.578049] ? trace_hardirqs_on+0x26/0x120 [ 115.578432] do_group_exit+0xe0/0x2b0 [ 115.578786] __x64_sys_exit_group+0x47/0x50 [ 115.579167] do_syscall_64+0x3b/0x90 [ 115.579501] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.580140] RIP: 0033:0x7f4b87518a4d [ 115.580464] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.581036] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.581762] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.582472] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.583105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.583730] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.584502] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.585126] [ 115.585336] irq event stamp: 0 [ 115.585606] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.586321] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.587061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.587786] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.588515] ---[ end trace 0000000000000000 ]--- [ 115.589268] ------------[ cut here ]------------ [ 115.589683] WARNING: CPU: 0 PID: 1047 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.590763] Modules linked in: [ 115.591043] CPU: 0 PID: 1047 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.591800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.592931] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.593382] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.595139] RSP: 0018:ffff888016267b78 EFLAGS: 00010246 [ 115.595630] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.596313] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 115.597020] RBP: ffff888016267b98 R08: ffffed10041ffe3e R09: ffffed10041ffe3e [ 115.597630] R10: ffff888020fff1ef R11: ffffed10041ffe3d R12: ffff888020fff290 [ 115.598411] R13: ffff888020fff0a8 R14: ffffffffffffffff R15: ffff888016267c60 [ 115.599037] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.599749] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.600356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.601046] PKRU: 55555554 [ 115.601295] Call Trace: [ 115.601515] [ 115.601710] iommufd_ioas_destroy+0x53/0x70 [ 115.602147] iommufd_fops_release+0x1f7/0x370 [ 115.602655] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.603088] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.603523] ? write_comp_data+0x2f/0x90 [ 115.603888] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.604361] __fput+0x26d/0xa40 [ 115.604774] ____fput+0x1e/0x30 [ 115.605070] task_work_run+0x1a4/0x2d0 [ 115.605417] ? __pfx_task_work_run+0x10/0x10 [ 115.605805] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.606309] ? switch_task_namespaces+0xa9/0xe0 [ 115.606794] do_exit+0xb17/0x2ef0 [ 115.607103] ? lock_acquire+0x427/0x4c0 [ 115.607468] ? __pfx_lock_release+0x10/0x10 [ 115.607849] ? __kasan_check_write+0x18/0x20 [ 115.608240] ? do_raw_spin_lock+0x132/0x2a0 [ 115.608687] ? __pfx_do_exit+0x10/0x10 [ 115.609148] ? debug_smp_processor_id+0x20/0x30 [ 115.609561] ? rcu_is_watching+0x19/0xb0 [ 115.609916] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.610318] ? trace_hardirqs_on+0x26/0x120 [ 115.610889] do_group_exit+0xe0/0x2b0 [ 115.611234] __x64_sys_exit_group+0x47/0x50 [ 115.611609] do_syscall_64+0x3b/0x90 [ 115.611944] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.612400] RIP: 0033:0x7f4b87518a4d [ 115.612756] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.613462] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.614119] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.614922] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.615548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.616158] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.616773] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.617575] [ 115.617782] irq event stamp: 0 [ 115.618056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.618631] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.619553] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.620270] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.620813] ---[ end trace 0000000000000000 ]--- [ 115.625838] ------------[ cut here ]------------ [ 115.626267] WARNING: CPU: 0 PID: 1048 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.627196] Modules linked in: [ 115.627541] CPU: 0 PID: 1048 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.628382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.629427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.629945] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.631693] RSP: 0018:ffff88801882fbb8 EFLAGS: 00010246 [ 115.632172] RAX: 0000000000000000 RBX: ffff88801789b0a8 RCX: 0000000000000000 [ 115.632783] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 115.633393] RBP: ffff88801882fbd0 R08: ffffed1002f13633 R09: ffffed1002f13633 [ 115.634002] R10: ffff88801789b193 R11: ffffed1002f13632 R12: ffff88800a724000 [ 115.634631] R13: ffff88801789b1e8 R14: ffffffff8352e670 R15: ffff88801882fe68 [ 115.635260] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.635956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.636459] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 115.637068] PKRU: 55555554 [ 115.637319] Call Trace: [ 115.637542] [ 115.637737] __iommufd_access_detach+0x1c2/0x2b0 [ 115.638165] iommufd_access_change_pt+0x149/0x270 [ 115.638615] iommufd_access_replace+0xb4/0x120 [ 115.639025] iommufd_test+0x3e5/0x37e0 [ 115.639373] ? lock_release+0x532/0x770 [ 115.639726] ? __might_fault+0x102/0x1b0 [ 115.640088] ? lock_acquire+0x427/0x4c0 [ 115.640437] ? __pfx_iommufd_test+0x10/0x10 [ 115.640810] ? __pfx_lock_release+0x10/0x10 [ 115.641188] ? __pfx_lock_acquire+0x10/0x10 [ 115.641566] ? write_comp_data+0x2f/0x90 [ 115.641923] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.642347] ? write_comp_data+0x2f/0x90 [ 115.642729] iommufd_fops_ioctl+0x37d/0x510 [ 115.643119] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.643549] ? write_comp_data+0x2f/0x90 [ 115.643912] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.644335] __x64_sys_ioctl+0x1a3/0x230 [ 115.644696] do_syscall_64+0x3b/0x90 [ 115.645073] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.645532] RIP: 0033:0x7f4b8743ee5d [ 115.645855] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.647448] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.648129] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.648760] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.649385] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.650004] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.650642] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.651282] [ 115.651486] irq event stamp: 0 [ 115.651761] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.652310] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.653028] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.653745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.654291] ---[ end trace 0000000000000000 ]--- [ 115.657519] ------------[ cut here ]------------ [ 115.658033] WARNING: CPU: 0 PID: 1048 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.658934] Modules linked in: [ 115.659236] CPU: 0 PID: 1048 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.660031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.661206] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.661663] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.663620] RSP: 0018:ffff88801882fbd0 EFLAGS: 00010246 [ 115.664140] RAX: 0000000000000000 RBX: ffff88801789b0a8 RCX: 0000000000000000 [ 115.664988] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 115.665635] RBP: ffff88801882fbe8 R08: ffffed1002f13633 R09: ffffed1002f13633 [ 115.666393] R10: ffff88801789b193 R11: ffffed1002f13632 R12: ffff888013b14000 [ 115.667205] R13: ffff88801789b1e8 R14: ffff888020999800 R15: 0000000000000000 [ 115.667864] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.668701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.669370] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.670048] PKRU: 55555554 [ 115.670359] Call Trace: [ 115.670701] [ 115.671015] iommufd_access_destroy_object+0x65/0x170 [ 115.671525] iommufd_object_destroy_user+0x18e/0x220 [ 115.672017] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.672600] iommufd_access_destroy+0x43/0x70 [ 115.673241] iommufd_test_staccess_release+0x8d/0xd0 [ 115.673739] __fput+0x26d/0xa40 [ 115.674073] ____fput+0x1e/0x30 [ 115.674396] task_work_run+0x1a4/0x2d0 [ 115.675010] ? __pfx_task_work_run+0x10/0x10 [ 115.675449] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.675918] ? switch_task_namespaces+0xa9/0xe0 [ 115.676370] do_exit+0xb17/0x2ef0 [ 115.676702] ? lock_acquire+0x427/0x4c0 [ 115.677226] ? __pfx_lock_release+0x10/0x10 [ 115.677789] ? __kasan_check_write+0x18/0x20 [ 115.678220] ? do_raw_spin_lock+0x132/0x2a0 [ 115.678675] ? __pfx_do_exit+0x10/0x10 [ 115.679088] ? debug_smp_processor_id+0x20/0x30 [ 115.679862] ? rcu_is_watching+0x19/0xb0 [ 115.680291] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.680762] ? trace_hardirqs_on+0x26/0x120 [ 115.681214] do_group_exit+0xe0/0x2b0 [ 115.681739] __x64_sys_exit_group+0x47/0x50 [ 115.682342] do_syscall_64+0x3b/0x90 [ 115.682772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.683324] RIP: 0033:0x7f4b87518a4d [ 115.683711] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.684611] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.685388] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.686137] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.687101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.687844] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.688638] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.689563] [ 115.689815] irq event stamp: 0 [ 115.690143] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.690936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.691965] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.692822] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.693727] ---[ end trace 0000000000000000 ]--- [ 115.694623] ------------[ cut here ]------------ [ 115.695151] WARNING: CPU: 0 PID: 1048 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.696479] Modules linked in: [ 115.696817] CPU: 0 PID: 1048 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.697821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.699377] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.699933] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.702090] RSP: 0018:ffff88801882fb78 EFLAGS: 00010246 [ 115.702926] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.703664] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 115.704405] RBP: ffff88801882fb98 R08: ffffed1002f1363e R09: ffffed1002f1363e [ 115.705418] R10: ffff88801789b1ef R11: ffffed1002f1363d R12: ffff88801789b290 [ 115.706148] R13: ffff88801789b0a8 R14: ffffffffffffffff R15: ffff88801882fc60 [ 115.707014] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.707997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.708609] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.709516] PKRU: 55555554 [ 115.709959] Call Trace: [ 115.710229] [ 115.710467] iommufd_ioas_destroy+0x53/0x70 [ 115.710955] iommufd_fops_release+0x1f7/0x370 [ 115.711452] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.712095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.712767] ? write_comp_data+0x2f/0x90 [ 115.713203] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.713734] __fput+0x26d/0xa40 [ 115.714219] ____fput+0x1e/0x30 [ 115.714780] task_work_run+0x1a4/0x2d0 [ 115.715222] ? __pfx_task_work_run+0x10/0x10 [ 115.715692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.716209] ? switch_task_namespaces+0xa9/0xe0 [ 115.716827] do_exit+0xb17/0x2ef0 [ 115.717318] ? lock_acquire+0x427/0x4c0 [ 115.717756] ? __pfx_lock_release+0x10/0x10 [ 115.718223] ? __kasan_check_write+0x18/0x20 [ 115.718761] ? do_raw_spin_lock+0x132/0x2a0 [ 115.719422] ? __pfx_do_exit+0x10/0x10 [ 115.719856] ? debug_smp_processor_id+0x20/0x30 [ 115.720351] ? rcu_is_watching+0x19/0xb0 [ 115.720781] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.721381] ? trace_hardirqs_on+0x26/0x120 [ 115.722000] do_group_exit+0xe0/0x2b0 [ 115.722406] __x64_sys_exit_group+0x47/0x50 [ 115.722885] do_syscall_64+0x3b/0x90 [ 115.723306] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.723948] RIP: 0033:0x7f4b87518a4d [ 115.724497] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.725143] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.726058] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.726999] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.727778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.728622] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.729519] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.730270] [ 115.730580] irq event stamp: 0 [ 115.731122] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.731782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.732659] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.733794] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.734456] ---[ end trace 0000000000000000 ]--- [ 115.739384] ------------[ cut here ]------------ [ 115.739915] WARNING: CPU: 0 PID: 1049 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.741301] Modules linked in: [ 115.741643] CPU: 0 PID: 1049 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.742846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.744030] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.744557] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.746773] RSP: 0018:ffff88801895fbb8 EFLAGS: 00010246 [ 115.747358] RAX: 0000000000000000 RBX: ffff8880171b80a8 RCX: 0000000000000000 [ 115.748098] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 115.748834] RBP: ffff88801895fbd0 R08: ffffed1002e37033 R09: ffffed1002e37033 [ 115.749565] R10: ffff8880171b8193 R11: ffffed1002e37032 R12: ffff888014391c00 [ 115.750296] R13: ffff8880171b81e8 R14: ffffffff8352e670 R15: ffff88801895fe68 [ 115.751070] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.751919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.752529] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ef0 [ 115.753268] PKRU: 55555554 [ 115.753561] Call Trace: [ 115.753825] [ 115.754064] __iommufd_access_detach+0x1c2/0x2b0 [ 115.754606] iommufd_access_change_pt+0x149/0x270 [ 115.755144] iommufd_access_replace+0xb4/0x120 [ 115.755633] iommufd_test+0x3e5/0x37e0 [ 115.756040] ? lock_release+0x532/0x770 [ 115.756466] ? __might_fault+0x102/0x1b0 [ 115.756898] ? lock_acquire+0x427/0x4c0 [ 115.757324] ? __pfx_iommufd_test+0x10/0x10 [ 115.757770] ? __pfx_lock_release+0x10/0x10 [ 115.758222] ? __pfx_lock_acquire+0x10/0x10 [ 115.758720] ? write_comp_data+0x2f/0x90 [ 115.759191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.759703] ? write_comp_data+0x2f/0x90 [ 115.760141] iommufd_fops_ioctl+0x37d/0x510 [ 115.760607] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.761139] ? write_comp_data+0x2f/0x90 [ 115.761597] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.762116] __x64_sys_ioctl+0x1a3/0x230 [ 115.762591] do_syscall_64+0x3b/0x90 [ 115.763001] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.763567] RIP: 0033:0x7f4b8743ee5d [ 115.763954] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.765847] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.766670] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.767429] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.768175] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.768920] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.769656] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.770407] [ 115.770682] irq event stamp: 0 [ 115.771018] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.771694] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.772562] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.773464] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.774119] ---[ end trace 0000000000000000 ]--- [ 115.778034] ------------[ cut here ]------------ [ 115.778784] WARNING: CPU: 0 PID: 1049 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.779869] Modules linked in: [ 115.780208] CPU: 0 PID: 1049 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.781396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.782679] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.783378] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.785268] RSP: 0018:ffff88801895fbd0 EFLAGS: 00010246 [ 115.786093] RAX: 0000000000000000 RBX: ffff8880171b80a8 RCX: 0000000000000000 [ 115.786882] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 115.787705] RBP: ffff88801895fbe8 R08: ffffed1002e37033 R09: ffffed1002e37033 [ 115.788688] R10: ffff8880171b8193 R11: ffffed1002e37032 R12: ffff88800a726400 [ 115.789455] R13: ffff8880171b81e8 R14: ffff88800f6d3a00 R15: 0000000000000000 [ 115.790453] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.791342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.791953] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.792981] PKRU: 55555554 [ 115.793291] Call Trace: [ 115.793566] [ 115.793808] iommufd_access_destroy_object+0x65/0x170 [ 115.794410] iommufd_object_destroy_user+0x18e/0x220 [ 115.795142] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.795770] iommufd_access_destroy+0x43/0x70 [ 115.796270] iommufd_test_staccess_release+0x8d/0xd0 [ 115.796836] __fput+0x26d/0xa40 [ 115.797204] ____fput+0x1e/0x30 [ 115.797565] task_work_run+0x1a4/0x2d0 [ 115.797988] ? __pfx_task_work_run+0x10/0x10 [ 115.798459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.799012] ? switch_task_namespaces+0xa9/0xe0 [ 115.799533] do_exit+0xb17/0x2ef0 [ 115.799897] ? lock_acquire+0x427/0x4c0 [ 115.800326] ? __pfx_lock_release+0x10/0x10 [ 115.800789] ? __kasan_check_write+0x18/0x20 [ 115.801260] ? do_raw_spin_lock+0x132/0x2a0 [ 115.801717] ? __pfx_do_exit+0x10/0x10 [ 115.802133] ? debug_smp_processor_id+0x20/0x30 [ 115.802659] ? rcu_is_watching+0x19/0xb0 [ 115.803104] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.803615] ? trace_hardirqs_on+0x26/0x120 [ 115.804086] do_group_exit+0xe0/0x2b0 [ 115.804498] __x64_sys_exit_group+0x47/0x50 [ 115.804982] do_syscall_64+0x3b/0x90 [ 115.805411] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.805964] RIP: 0033:0x7f4b87518a4d [ 115.806359] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.807034] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.807850] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.808593] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.809335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.810084] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.810848] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.811623] [ 115.811874] irq event stamp: 0 [ 115.812202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.812855] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.813735] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.814632] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.815304] ---[ end trace 0000000000000000 ]--- [ 115.816251] ------------[ cut here ]------------ [ 115.817100] WARNING: CPU: 0 PID: 1049 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.818163] Modules linked in: [ 115.818553] CPU: 0 PID: 1049 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.819502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.820676] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.821370] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.823687] RSP: 0018:ffff88801895fb78 EFLAGS: 00010246 [ 115.824266] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.825007] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 115.826073] RBP: ffff88801895fb98 R08: ffffed1002e3703e R09: ffffed1002e3703e [ 115.826836] R10: ffff8880171b81ef R11: ffffed1002e3703d R12: ffff8880171b8290 [ 115.827587] R13: ffff8880171b80a8 R14: ffffffffffffffff R15: ffff88801895fc60 [ 115.828329] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.829170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.829785] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 115.830886] PKRU: 55555554 [ 115.831211] Call Trace: [ 115.831481] [ 115.831722] iommufd_ioas_destroy+0x53/0x70 [ 115.832186] iommufd_fops_release+0x1f7/0x370 [ 115.832664] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.833189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.833714] ? write_comp_data+0x2f/0x90 [ 115.834155] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.835060] __fput+0x26d/0xa40 [ 115.835446] ____fput+0x1e/0x30 [ 115.835806] task_work_run+0x1a4/0x2d0 [ 115.836224] ? __pfx_task_work_run+0x10/0x10 [ 115.836697] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.837267] ? switch_task_namespaces+0xa9/0xe0 [ 115.837765] do_exit+0xb17/0x2ef0 [ 115.838133] ? lock_acquire+0x427/0x4c0 [ 115.838601] ? __pfx_lock_release+0x10/0x10 [ 115.839067] ? __kasan_check_write+0x18/0x20 [ 115.839553] ? do_raw_spin_lock+0x132/0x2a0 [ 115.840165] ? __pfx_do_exit+0x10/0x10 [ 115.840767] ? debug_smp_processor_id+0x20/0x30 [ 115.841266] ? rcu_is_watching+0x19/0xb0 [ 115.841694] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.842172] ? trace_hardirqs_on+0x26/0x120 [ 115.842661] do_group_exit+0xe0/0x2b0 [ 115.843064] __x64_sys_exit_group+0x47/0x50 [ 115.843539] do_syscall_64+0x3b/0x90 [ 115.843947] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.844562] RIP: 0033:0x7f4b87518a4d [ 115.845185] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.845836] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.846666] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.847428] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.848165] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.849209] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.849959] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.850737] [ 115.850989] irq event stamp: 0 [ 115.851349] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.852002] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.853024] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.854062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.854754] ---[ end trace 0000000000000000 ]--- [ 115.859498] ------------[ cut here ]------------ [ 115.860137] WARNING: CPU: 0 PID: 1050 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.861348] Modules linked in: [ 115.861684] CPU: 0 PID: 1050 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.862676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.863952] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.864691] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.866611] RSP: 0018:ffff88801882fbb8 EFLAGS: 00010246 [ 115.867184] RAX: 0000000000000000 RBX: ffff88800b8138a8 RCX: 0000000000000000 [ 115.867927] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 115.868661] RBP: ffff88801882fbd0 R08: ffffed1001702733 R09: ffffed1001702733 [ 115.869447] R10: ffff88800b813993 R11: ffffed1001702732 R12: ffff888013b06800 [ 115.870179] R13: ffff88800b8139e8 R14: ffffffff8352e670 R15: ffff88801882fe68 [ 115.870948] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.871792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.872397] CR2: 00007f4b877410e8 CR3: 000000000f56e000 CR4: 0000000000750ef0 [ 115.873135] PKRU: 55555554 [ 115.873432] Call Trace: [ 115.873695] [ 115.873928] __iommufd_access_detach+0x1c2/0x2b0 [ 115.874438] iommufd_access_change_pt+0x149/0x270 [ 115.874974] iommufd_access_replace+0xb4/0x120 [ 115.875476] iommufd_test+0x3e5/0x37e0 [ 115.875887] ? lock_release+0x532/0x770 [ 115.876312] ? __might_fault+0x102/0x1b0 [ 115.876742] ? lock_acquire+0x427/0x4c0 [ 115.877164] ? __pfx_iommufd_test+0x10/0x10 [ 115.877602] ? __pfx_lock_release+0x10/0x10 [ 115.878054] ? __pfx_lock_acquire+0x10/0x10 [ 115.878534] ? write_comp_data+0x2f/0x90 [ 115.878972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.879511] ? write_comp_data+0x2f/0x90 [ 115.879953] iommufd_fops_ioctl+0x37d/0x510 [ 115.880415] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.880928] ? write_comp_data+0x2f/0x90 [ 115.881366] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 115.881874] __x64_sys_ioctl+0x1a3/0x230 [ 115.882310] do_syscall_64+0x3b/0x90 [ 115.882761] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.883348] RIP: 0033:0x7f4b8743ee5d [ 115.883748] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 115.885642] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 115.886573] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 115.887582] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 115.888333] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 115.889080] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 115.889818] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 115.890882] [ 115.891146] irq event stamp: 0 [ 115.891478] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.892145] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.893027] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.893892] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.894850] ---[ end trace 0000000000000000 ]--- [ 115.899284] ------------[ cut here ]------------ [ 115.899800] WARNING: CPU: 0 PID: 1050 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.900849] Modules linked in: [ 115.901237] CPU: 0 PID: 1050 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.902285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.903667] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.904197] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 115.906100] RSP: 0018:ffff88801882fbd0 EFLAGS: 00010246 [ 115.906690] RAX: 0000000000000000 RBX: ffff88800b8138a8 RCX: 0000000000000000 [ 115.907456] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 115.908201] RBP: ffff88801882fbe8 R08: ffffed1001702733 R09: ffffed1001702733 [ 115.908951] R10: ffff88800b813993 R11: ffffed1001702732 R12: ffff888014393000 [ 115.909697] R13: ffff88800b8139e8 R14: ffff888018b93d00 R15: 0000000000000000 [ 115.910439] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 115.911322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.911939] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 115.912685] PKRU: 55555554 [ 115.912986] Call Trace: [ 115.913256] [ 115.913497] iommufd_access_destroy_object+0x65/0x170 [ 115.914046] iommufd_object_destroy_user+0x18e/0x220 [ 115.914613] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 115.915253] iommufd_access_destroy+0x43/0x70 [ 115.915739] iommufd_test_staccess_release+0x8d/0xd0 [ 115.916281] __fput+0x26d/0xa40 [ 115.916646] ____fput+0x1e/0x30 [ 115.917002] task_work_run+0x1a4/0x2d0 [ 115.917419] ? __pfx_task_work_run+0x10/0x10 [ 115.917894] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.918415] ? switch_task_namespaces+0xa9/0xe0 [ 115.918950] do_exit+0xb17/0x2ef0 [ 115.919329] ? lock_acquire+0x427/0x4c0 [ 115.919756] ? __pfx_lock_release+0x10/0x10 [ 115.920213] ? __kasan_check_write+0x18/0x20 [ 115.920680] ? do_raw_spin_lock+0x132/0x2a0 [ 115.921142] ? __pfx_do_exit+0x10/0x10 [ 115.921563] ? debug_smp_processor_id+0x20/0x30 [ 115.922057] ? rcu_is_watching+0x19/0xb0 [ 115.922483] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.922994] ? trace_hardirqs_on+0x26/0x120 [ 115.923479] do_group_exit+0xe0/0x2b0 [ 115.923880] __x64_sys_exit_group+0x47/0x50 [ 115.924327] do_syscall_64+0x3b/0x90 [ 115.924734] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.925282] RIP: 0033:0x7f4b87518a4d [ 115.925678] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.926327] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.927161] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.927910] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.928657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.929396] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.930132] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.930908] [ 115.931177] irq event stamp: 0 [ 115.931515] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.932178] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.933101] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.933955] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.934641] ---[ end trace 0000000000000000 ]--- [ 115.935908] ------------[ cut here ]------------ [ 115.936682] WARNING: CPU: 1 PID: 1050 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 115.938044] Modules linked in: [ 115.938644] CPU: 1 PID: 1050 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.939816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.941482] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 115.942177] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 115.944840] RSP: 0018:ffff88801882fb78 EFLAGS: 00010246 [ 115.945653] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 115.946613] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 115.947745] RBP: ffff88801882fb98 R08: ffffed100170273e R09: ffffed100170273e [ 115.948680] R10: ffff88800b8139ef R11: ffffed100170273d R12: ffff88800b813a90 [ 115.949824] R13: ffff88800b8138a8 R14: ffffffffffffffff R15: ffff88801882fc60 [ 115.950797] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 115.952145] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.952913] CR2: 00007f82e2ae9000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 115.954084] PKRU: 55555554 [ 115.954461] Call Trace: [ 115.954835] [ 115.955157] iommufd_ioas_destroy+0x53/0x70 [ 115.955763] iommufd_fops_release+0x1f7/0x370 [ 115.956570] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.957239] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.958041] ? write_comp_data+0x2f/0x90 [ 115.958728] ? __pfx_iommufd_fops_release+0x10/0x10 [ 115.959418] __fput+0x26d/0xa40 [ 115.959885] ____fput+0x1e/0x30 [ 115.960557] task_work_run+0x1a4/0x2d0 [ 115.961090] ? __pfx_task_work_run+0x10/0x10 [ 115.961682] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 115.962466] ? switch_task_namespaces+0xa9/0xe0 [ 115.963262] do_exit+0xb17/0x2ef0 [ 115.963729] ? lock_acquire+0x427/0x4c0 [ 115.964271] ? __pfx_lock_release+0x10/0x10 [ 115.965085] ? __kasan_check_write+0x18/0x20 [ 115.965679] ? do_raw_spin_lock+0x132/0x2a0 [ 115.966253] ? __pfx_do_exit+0x10/0x10 [ 115.966900] ? debug_smp_processor_id+0x20/0x30 [ 115.967656] ? rcu_is_watching+0x19/0xb0 [ 115.968202] ? _raw_spin_unlock_irq+0x2b/0x60 [ 115.968811] ? trace_hardirqs_on+0x26/0x120 [ 115.969764] do_group_exit+0xe0/0x2b0 [ 115.970283] __x64_sys_exit_group+0x47/0x50 [ 115.970897] do_syscall_64+0x3b/0x90 [ 115.971605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 115.972331] RIP: 0033:0x7f4b87518a4d [ 115.972828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 115.973856] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 115.974887] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 115.975993] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 115.976963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 115.978025] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 115.979082] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 115.980109] [ 115.980618] irq event stamp: 0 [ 115.981040] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 115.981863] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 115.983189] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 115.984313] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 115.985261] ---[ end trace 0000000000000000 ]--- [ 115.994755] ------------[ cut here ]------------ [ 115.995312] WARNING: CPU: 0 PID: 1051 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 115.996703] Modules linked in: [ 115.997090] CPU: 0 PID: 1051 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 115.997972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 115.999292] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 115.999944] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.001775] RSP: 0018:ffff8880145afbb8 EFLAGS: 00010246 [ 116.002314] RAX: 0000000000000000 RBX: ffff8880138548a8 RCX: 0000000000000000 [ 116.003056] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 116.003795] RBP: ffff8880145afbd0 R08: ffffed100270a933 R09: ffffed100270a933 [ 116.004514] R10: ffff888013854993 R11: ffffed100270a932 R12: ffff88802188d400 [ 116.005236] R13: ffff8880138549e8 R14: ffffffff8352e670 R15: ffff8880145afe68 [ 116.006024] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.007084] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.007683] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ef0 [ 116.008409] PKRU: 55555554 [ 116.008699] Call Trace: [ 116.008959] [ 116.009193] __iommufd_access_detach+0x1c2/0x2b0 [ 116.009697] iommufd_access_change_pt+0x149/0x270 [ 116.010198] iommufd_access_replace+0xb4/0x120 [ 116.010707] iommufd_test+0x3e5/0x37e0 [ 116.011108] ? lock_release+0x532/0x770 [ 116.011550] ? __might_fault+0x102/0x1b0 [ 116.011968] ? lock_acquire+0x427/0x4c0 [ 116.012380] ? __pfx_iommufd_test+0x10/0x10 [ 116.012817] ? __pfx_lock_release+0x10/0x10 [ 116.013266] ? __pfx_lock_acquire+0x10/0x10 [ 116.013713] ? write_comp_data+0x2f/0x90 [ 116.014135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.014656] ? write_comp_data+0x2f/0x90 [ 116.015073] iommufd_fops_ioctl+0x37d/0x510 [ 116.015536] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.016062] ? write_comp_data+0x2f/0x90 [ 116.016498] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.016996] __x64_sys_ioctl+0x1a3/0x230 [ 116.017421] do_syscall_64+0x3b/0x90 [ 116.017810] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.018354] RIP: 0033:0x7f4b8743ee5d [ 116.018772] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.020605] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.021380] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.022089] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.022832] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.023559] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.024273] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.025004] [ 116.025241] irq event stamp: 0 [ 116.025561] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.026198] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.027076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.027932] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.028575] ---[ end trace 0000000000000000 ]--- [ 116.032132] ------------[ cut here ]------------ [ 116.032605] WARNING: CPU: 0 PID: 1051 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.033773] Modules linked in: [ 116.034074] CPU: 0 PID: 1051 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.034949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.036009] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.036471] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.038374] RSP: 0018:ffff8880145afbd0 EFLAGS: 00010246 [ 116.038906] RAX: 0000000000000000 RBX: ffff8880138548a8 RCX: 0000000000000000 [ 116.039595] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 116.040267] RBP: ffff8880145afbe8 R08: ffffed100270a933 R09: ffffed100270a933 [ 116.041157] R10: ffff888013854993 R11: ffffed100270a932 R12: ffff888013b07c00 [ 116.041829] R13: ffff8880138549e8 R14: ffff888020e7ab00 R15: 0000000000000000 [ 116.042498] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.043313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.043860] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.044524] PKRU: 55555554 [ 116.044790] Call Trace: [ 116.045031] [ 116.045243] iommufd_access_destroy_object+0x65/0x170 [ 116.045742] iommufd_object_destroy_user+0x18e/0x220 [ 116.046233] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.046820] iommufd_access_destroy+0x43/0x70 [ 116.047274] iommufd_test_staccess_release+0x8d/0xd0 [ 116.047767] __fput+0x26d/0xa40 [ 116.048212] ____fput+0x1e/0x30 [ 116.048662] task_work_run+0x1a4/0x2d0 [ 116.049047] ? __pfx_task_work_run+0x10/0x10 [ 116.049467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.049934] ? switch_task_namespaces+0xa9/0xe0 [ 116.050386] do_exit+0xb17/0x2ef0 [ 116.050746] ? lock_acquire+0x427/0x4c0 [ 116.051152] ? __pfx_lock_release+0x10/0x10 [ 116.051561] ? __kasan_check_write+0x18/0x20 [ 116.051976] ? do_raw_spin_lock+0x132/0x2a0 [ 116.052611] ? __pfx_do_exit+0x10/0x10 [ 116.053001] ? debug_smp_processor_id+0x20/0x30 [ 116.053447] ? rcu_is_watching+0x19/0xb0 [ 116.053834] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.054265] ? trace_hardirqs_on+0x26/0x120 [ 116.054723] do_group_exit+0xe0/0x2b0 [ 116.055089] __x64_sys_exit_group+0x47/0x50 [ 116.055505] do_syscall_64+0x3b/0x90 [ 116.055857] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.056561] RIP: 0033:0x7f4b87518a4d [ 116.056898] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.057449] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.058132] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.058802] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.059458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.060311] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.060980] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.061637] [ 116.061846] irq event stamp: 0 [ 116.062133] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.062726] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.063493] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.064473] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.065042] ---[ end trace 0000000000000000 ]--- [ 116.065820] ------------[ cut here ]------------ [ 116.066246] WARNING: CPU: 0 PID: 1051 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.067402] Modules linked in: [ 116.067699] CPU: 0 PID: 1051 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.068485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.069435] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.069872] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.071445] RSP: 0018:ffff8880145afb78 EFLAGS: 00010246 [ 116.071907] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.072508] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 116.073104] RBP: ffff8880145afb98 R08: ffffed100270a93e R09: ffffed100270a93e [ 116.073704] R10: ffff8880138549ef R11: ffffed100270a93d R12: ffff888013854a90 [ 116.074309] R13: ffff8880138548a8 R14: ffffffffffffffff R15: ffff8880145afc60 [ 116.074928] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.075630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.076126] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.076724] PKRU: 55555554 [ 116.076967] Call Trace: [ 116.077184] [ 116.077378] iommufd_ioas_destroy+0x53/0x70 [ 116.077751] iommufd_fops_release+0x1f7/0x370 [ 116.078141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.078596] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.079023] ? write_comp_data+0x2f/0x90 [ 116.079534] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.080153] __fput+0x26d/0xa40 [ 116.080573] ____fput+0x1e/0x30 [ 116.080984] task_work_run+0x1a4/0x2d0 [ 116.081464] ? __pfx_task_work_run+0x10/0x10 [ 116.081997] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.082641] ? switch_task_namespaces+0xa9/0xe0 [ 116.083238] do_exit+0xb17/0x2ef0 [ 116.083659] ? lock_acquire+0x427/0x4c0 [ 116.084151] ? __pfx_lock_release+0x10/0x10 [ 116.084677] ? __kasan_check_write+0x18/0x20 [ 116.085211] ? do_raw_spin_lock+0x132/0x2a0 [ 116.085730] ? __pfx_do_exit+0x10/0x10 [ 116.086213] ? debug_smp_processor_id+0x20/0x30 [ 116.086807] ? rcu_is_watching+0x19/0xb0 [ 116.087315] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.087867] ? trace_hardirqs_on+0x26/0x120 [ 116.088399] do_group_exit+0xe0/0x2b0 [ 116.088860] __x64_sys_exit_group+0x47/0x50 [ 116.089356] do_syscall_64+0x3b/0x90 [ 116.089795] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.090394] RIP: 0033:0x7f4b87518a4d [ 116.090849] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.091556] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.092414] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.093213] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.094006] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.094834] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.095642] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.096460] [ 116.096729] irq event stamp: 0 [ 116.097089] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.097794] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.098749] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.099695] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.100406] ---[ end trace 0000000000000000 ]--- [ 116.107167] ------------[ cut here ]------------ [ 116.107861] WARNING: CPU: 1 PID: 1052 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.108910] Modules linked in: [ 116.109194] CPU: 1 PID: 1052 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.109938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.110994] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.111436] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.113044] RSP: 0018:ffff88801824fbb8 EFLAGS: 00010246 [ 116.113509] RAX: 0000000000000000 RBX: ffff888015fbd8a8 RCX: 0000000000000000 [ 116.114166] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 116.114767] RBP: ffff88801824fbd0 R08: ffffed1002bf7b33 R09: ffffed1002bf7b33 [ 116.115426] R10: ffff888015fbd993 R11: ffffed1002bf7b32 R12: ffff88802190c000 [ 116.116066] R13: ffff888015fbd9e8 R14: ffffffff8352e670 R15: ffff88801824fe68 [ 116.116655] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 116.117442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.117920] CR2: 00007f4b877410e8 CR3: 0000000020eb0000 CR4: 0000000000750ee0 [ 116.118527] PKRU: 55555554 [ 116.118774] Call Trace: [ 116.119085] [ 116.119280] __iommufd_access_detach+0x1c2/0x2b0 [ 116.119685] iommufd_access_change_pt+0x149/0x270 [ 116.120094] iommufd_access_replace+0xb4/0x120 [ 116.120481] iommufd_test+0x3e5/0x37e0 [ 116.120940] ? lock_release+0x532/0x770 [ 116.121291] ? __might_fault+0x102/0x1b0 [ 116.121645] ? lock_acquire+0x427/0x4c0 [ 116.121982] ? __pfx_iommufd_test+0x10/0x10 [ 116.122359] ? __pfx_lock_release+0x10/0x10 [ 116.122833] ? __pfx_lock_acquire+0x10/0x10 [ 116.123219] ? write_comp_data+0x2f/0x90 [ 116.123566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.123975] ? write_comp_data+0x2f/0x90 [ 116.124441] iommufd_fops_ioctl+0x37d/0x510 [ 116.124802] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.125210] ? write_comp_data+0x2f/0x90 [ 116.125555] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.126004] __x64_sys_ioctl+0x1a3/0x230 [ 116.126413] do_syscall_64+0x3b/0x90 [ 116.126766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.127212] RIP: 0033:0x7f4b8743ee5d [ 116.127522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.129121] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.129868] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.130454] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.131057] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.131767] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.132355] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.132968] [ 116.133236] irq event stamp: 0 [ 116.133562] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.134078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.134794] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.135586] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.136109] ---[ end trace 0000000000000000 ]--- [ 116.141007] ------------[ cut here ]------------ [ 116.141453] WARNING: CPU: 1 PID: 1052 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.142415] Modules linked in: [ 116.142716] CPU: 1 PID: 1052 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.143449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.144494] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.144905] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.146541] RSP: 0018:ffff88801824fbd0 EFLAGS: 00010246 [ 116.146981] RAX: 0000000000000000 RBX: ffff888015fbd8a8 RCX: 0000000000000000 [ 116.147713] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 116.148298] RBP: ffff88801824fbe8 R08: ffffed1002bf7b33 R09: ffffed1002bf7b33 [ 116.148881] R10: ffff888015fbd993 R11: ffffed1002bf7b32 R12: ffff88801580a400 [ 116.149580] R13: ffff888015fbd9e8 R14: ffff888018b81c00 R15: 0000000000000000 [ 116.150160] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 116.150946] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.151436] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 116.152046] PKRU: 55555554 [ 116.152298] Call Trace: [ 116.152563] [ 116.152846] iommufd_access_destroy_object+0x65/0x170 [ 116.153299] iommufd_object_destroy_user+0x18e/0x220 [ 116.153741] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.154261] iommufd_access_destroy+0x43/0x70 [ 116.154788] iommufd_test_staccess_release+0x8d/0xd0 [ 116.155264] __fput+0x26d/0xa40 [ 116.155567] ____fput+0x1e/0x30 [ 116.155868] task_work_run+0x1a4/0x2d0 [ 116.156276] ? __pfx_task_work_run+0x10/0x10 [ 116.156745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.157181] ? switch_task_namespaces+0xa9/0xe0 [ 116.157601] do_exit+0xb17/0x2ef0 [ 116.157906] ? lock_acquire+0x427/0x4c0 [ 116.158396] ? __pfx_lock_release+0x10/0x10 [ 116.158815] ? __kasan_check_write+0x18/0x20 [ 116.159214] ? do_raw_spin_lock+0x132/0x2a0 [ 116.159595] ? __pfx_do_exit+0x10/0x10 [ 116.159984] ? debug_smp_processor_id+0x20/0x30 [ 116.160488] ? rcu_is_watching+0x19/0xb0 [ 116.160849] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.161258] ? trace_hardirqs_on+0x26/0x120 [ 116.161647] do_group_exit+0xe0/0x2b0 [ 116.162122] __x64_sys_exit_group+0x47/0x50 [ 116.162502] do_syscall_64+0x3b/0x90 [ 116.162862] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.163337] RIP: 0033:0x7f4b87518a4d [ 116.163699] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.164326] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.164988] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.165719] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.166357] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.166995] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.167787] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.168421] [ 116.168628] irq event stamp: 0 [ 116.168904] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.169451] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.170175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.170969] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.171590] ---[ end trace 0000000000000000 ]--- [ 116.172400] ------------[ cut here ]------------ [ 116.172821] WARNING: CPU: 1 PID: 1052 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.173868] Modules linked in: [ 116.174153] CPU: 1 PID: 1052 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.174968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.176108] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.176560] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.178321] RSP: 0018:ffff88801824fb78 EFLAGS: 00010246 [ 116.178823] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.179586] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 116.180211] RBP: ffff88801824fb98 R08: ffffed1002bf7b3e R09: ffffed1002bf7b3e [ 116.180828] R10: ffff888015fbd9ef R11: ffffed1002bf7b3d R12: ffff888015fbda90 [ 116.181578] R13: ffff888015fbd8a8 R14: ffffffffffffffff R15: ffff88801824fc60 [ 116.182193] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 116.182928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.183522] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 116.184198] PKRU: 55555554 [ 116.184445] Call Trace: [ 116.184669] [ 116.184871] iommufd_ioas_destroy+0x53/0x70 [ 116.185283] iommufd_fops_release+0x1f7/0x370 [ 116.185765] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.186201] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.186656] ? write_comp_data+0x2f/0x90 [ 116.187024] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.187522] __fput+0x26d/0xa40 [ 116.187881] ____fput+0x1e/0x30 [ 116.188180] task_work_run+0x1a4/0x2d0 [ 116.188527] ? __pfx_task_work_run+0x10/0x10 [ 116.188913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.189425] ? switch_task_namespaces+0xa9/0xe0 [ 116.189981] do_exit+0xb17/0x2ef0 [ 116.190310] ? lock_acquire+0x427/0x4c0 [ 116.190714] ? __pfx_lock_release+0x10/0x10 [ 116.191142] ? __kasan_check_write+0x18/0x20 [ 116.191577] ? do_raw_spin_lock+0x132/0x2a0 [ 116.192100] ? __pfx_do_exit+0x10/0x10 [ 116.192465] ? debug_smp_processor_id+0x20/0x30 [ 116.192906] ? rcu_is_watching+0x19/0xb0 [ 116.193284] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.193826] ? trace_hardirqs_on+0x26/0x120 [ 116.194233] do_group_exit+0xe0/0x2b0 [ 116.194616] __x64_sys_exit_group+0x47/0x50 [ 116.195023] do_syscall_64+0x3b/0x90 [ 116.195396] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.195975] RIP: 0033:0x7f4b87518a4d [ 116.196381] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.196952] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.197672] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.198433] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.199141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.199799] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.200609] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.201265] [ 116.201482] irq event stamp: 0 [ 116.201771] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.202476] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.203280] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.204042] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.204761] ---[ end trace 0000000000000000 ]--- [ 116.213281] ------------[ cut here ]------------ [ 116.213736] WARNING: CPU: 0 PID: 1053 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.214895] Modules linked in: [ 116.215204] CPU: 0 PID: 1053 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.215990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.217227] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.217681] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.219530] RSP: 0018:ffff8880145afbb8 EFLAGS: 00010246 [ 116.220013] RAX: 0000000000000000 RBX: ffff888021a7a8a8 RCX: 0000000000000000 [ 116.220652] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 116.221371] RBP: ffff8880145afbd0 R08: ffffed100434f533 R09: ffffed100434f533 [ 116.222017] R10: ffff888021a7a993 R11: ffffed100434f532 R12: ffff88800fcb2000 [ 116.222678] R13: ffff888021a7a9e8 R14: ffffffff8352e670 R15: ffff8880145afe68 [ 116.223342] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.224067] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.224597] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ef0 [ 116.225248] PKRU: 55555554 [ 116.225507] Call Trace: [ 116.225740] [ 116.225951] __iommufd_access_detach+0x1c2/0x2b0 [ 116.226397] iommufd_access_change_pt+0x149/0x270 [ 116.226870] iommufd_access_replace+0xb4/0x120 [ 116.227307] iommufd_test+0x3e5/0x37e0 [ 116.227661] ? lock_release+0x532/0x770 [ 116.228035] ? __might_fault+0x102/0x1b0 [ 116.228415] ? lock_acquire+0x427/0x4c0 [ 116.228789] ? __pfx_iommufd_test+0x10/0x10 [ 116.229180] ? __pfx_lock_release+0x10/0x10 [ 116.229581] ? __pfx_lock_acquire+0x10/0x10 [ 116.229982] ? write_comp_data+0x2f/0x90 [ 116.230360] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.230828] ? write_comp_data+0x2f/0x90 [ 116.231224] iommufd_fops_ioctl+0x37d/0x510 [ 116.231625] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.232079] ? write_comp_data+0x2f/0x90 [ 116.232462] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.232910] __x64_sys_ioctl+0x1a3/0x230 [ 116.233295] do_syscall_64+0x3b/0x90 [ 116.233643] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.234123] RIP: 0033:0x7f4b8743ee5d [ 116.234464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.236182] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.236896] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.237567] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.238206] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.238869] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.239526] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.240195] [ 116.240410] irq event stamp: 0 [ 116.240703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.241275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.242033] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.242829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.243419] ---[ end trace 0000000000000000 ]--- [ 116.246772] ------------[ cut here ]------------ [ 116.247238] WARNING: CPU: 0 PID: 1053 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.248156] Modules linked in: [ 116.248506] CPU: 0 PID: 1053 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.249479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.250829] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.251301] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.252982] RSP: 0018:ffff8880145afbd0 EFLAGS: 00010246 [ 116.253459] RAX: 0000000000000000 RBX: ffff888021a7a8a8 RCX: 0000000000000000 [ 116.254103] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 116.254768] RBP: ffff8880145afbe8 R08: ffffed100434f533 R09: ffffed100434f533 [ 116.255427] R10: ffff888021a7a993 R11: ffffed100434f532 R12: ffff88802188f400 [ 116.256074] R13: ffff888021a7a9e8 R14: ffff88801287e400 R15: 0000000000000000 [ 116.256717] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.257442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.257966] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.258643] PKRU: 55555554 [ 116.258912] Call Trace: [ 116.259158] [ 116.259370] iommufd_access_destroy_object+0x65/0x170 [ 116.259853] iommufd_object_destroy_user+0x18e/0x220 [ 116.260327] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.260868] iommufd_access_destroy+0x43/0x70 [ 116.261291] iommufd_test_staccess_release+0x8d/0xd0 [ 116.261769] __fput+0x26d/0xa40 [ 116.262091] ____fput+0x1e/0x30 [ 116.262402] task_work_run+0x1a4/0x2d0 [ 116.262796] ? __pfx_task_work_run+0x10/0x10 [ 116.263233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.263688] ? switch_task_namespaces+0xa9/0xe0 [ 116.264130] do_exit+0xb17/0x2ef0 [ 116.264447] ? lock_acquire+0x427/0x4c0 [ 116.264821] ? __pfx_lock_release+0x10/0x10 [ 116.265221] ? __kasan_check_write+0x18/0x20 [ 116.265627] ? do_raw_spin_lock+0x132/0x2a0 [ 116.266025] ? __pfx_do_exit+0x10/0x10 [ 116.266395] ? debug_smp_processor_id+0x20/0x30 [ 116.266843] ? rcu_is_watching+0x19/0xb0 [ 116.267237] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.267663] ? trace_hardirqs_on+0x26/0x120 [ 116.268066] do_group_exit+0xe0/0x2b0 [ 116.268420] __x64_sys_exit_group+0x47/0x50 [ 116.268813] do_syscall_64+0x3b/0x90 [ 116.269157] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.269637] RIP: 0033:0x7f4b87518a4d [ 116.269980] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.270569] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.271240] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.271854] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.272461] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.273077] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.273685] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.274311] [ 116.274538] irq event stamp: 0 [ 116.274810] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.275362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.276080] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.276800] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.277338] ---[ end trace 0000000000000000 ]--- [ 116.278145] ------------[ cut here ]------------ [ 116.278823] WARNING: CPU: 0 PID: 1053 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.279722] Modules linked in: [ 116.280000] CPU: 0 PID: 1053 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.280751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.281715] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.282223] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.284159] RSP: 0018:ffff8880145afb78 EFLAGS: 00010246 [ 116.284625] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.285288] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 116.285893] RBP: ffff8880145afb98 R08: ffffed100434f53e R09: ffffed100434f53e [ 116.286724] R10: ffff888021a7a9ef R11: ffffed100434f53d R12: ffff888021a7aa90 [ 116.287337] R13: ffff888021a7a8a8 R14: ffffffffffffffff R15: ffff8880145afc60 [ 116.287947] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.288632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.289133] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.289921] PKRU: 55555554 [ 116.290171] Call Trace: [ 116.290392] [ 116.290608] iommufd_ioas_destroy+0x53/0x70 [ 116.290994] iommufd_fops_release+0x1f7/0x370 [ 116.291395] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.291829] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.292261] ? write_comp_data+0x2f/0x90 [ 116.292624] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.293059] __fput+0x26d/0xa40 [ 116.293462] ____fput+0x1e/0x30 [ 116.293876] task_work_run+0x1a4/0x2d0 [ 116.294221] ? __pfx_task_work_run+0x10/0x10 [ 116.294625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.295048] ? switch_task_namespaces+0xa9/0xe0 [ 116.295465] do_exit+0xb17/0x2ef0 [ 116.295768] ? lock_acquire+0x427/0x4c0 [ 116.296121] ? __pfx_lock_release+0x10/0x10 [ 116.296498] ? __kasan_check_write+0x18/0x20 [ 116.296884] ? do_raw_spin_lock+0x132/0x2a0 [ 116.297306] ? __pfx_do_exit+0x10/0x10 [ 116.297770] ? debug_smp_processor_id+0x20/0x30 [ 116.298181] ? rcu_is_watching+0x19/0xb0 [ 116.298554] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.298947] ? trace_hardirqs_on+0x26/0x120 [ 116.299347] do_group_exit+0xe0/0x2b0 [ 116.299681] __x64_sys_exit_group+0x47/0x50 [ 116.300051] do_syscall_64+0x3b/0x90 [ 116.300388] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.300840] RIP: 0033:0x7f4b87518a4d [ 116.301238] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.301879] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.302550] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.303168] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.303773] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.304385] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.305195] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.305813] [ 116.306015] irq event stamp: 0 [ 116.306287] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.306856] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.307592] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.308333] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.309040] ---[ end trace 0000000000000000 ]--- [ 116.314154] ------------[ cut here ]------------ [ 116.314612] WARNING: CPU: 0 PID: 1054 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.315498] Modules linked in: [ 116.315831] CPU: 0 PID: 1054 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.317016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.318170] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.318638] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.320432] RSP: 0018:ffff888016707bb8 EFLAGS: 00010246 [ 116.320894] RAX: 0000000000000000 RBX: ffff888011f670a8 RCX: 0000000000000000 [ 116.321504] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 116.322116] RBP: ffff888016707bd0 R08: ffffed10023ece33 R09: ffffed10023ece33 [ 116.322750] R10: ffff888011f67193 R11: ffffed10023ece32 R12: ffff888010c0a400 [ 116.323562] R13: ffff888011f671e8 R14: ffffffff8352e670 R15: ffff888016707e68 [ 116.324181] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.324878] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.325379] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 116.326031] PKRU: 55555554 [ 116.326444] Call Trace: [ 116.326687] [ 116.326887] __iommufd_access_detach+0x1c2/0x2b0 [ 116.327328] iommufd_access_change_pt+0x149/0x270 [ 116.327762] iommufd_access_replace+0xb4/0x120 [ 116.328172] iommufd_test+0x3e5/0x37e0 [ 116.328513] ? lock_release+0x532/0x770 [ 116.328875] ? __might_fault+0x102/0x1b0 [ 116.329308] ? lock_acquire+0x427/0x4c0 [ 116.329770] ? __pfx_iommufd_test+0x10/0x10 [ 116.330149] ? __pfx_lock_release+0x10/0x10 [ 116.330549] ? __pfx_lock_acquire+0x10/0x10 [ 116.330940] ? write_comp_data+0x2f/0x90 [ 116.331312] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.331687] ? write_comp_data+0x2f/0x90 [ 116.332079] iommufd_fops_ioctl+0x37d/0x510 [ 116.332602] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.333047] ? write_comp_data+0x2f/0x90 [ 116.333422] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.333893] __x64_sys_ioctl+0x1a3/0x230 [ 116.334384] do_syscall_64+0x3b/0x90 [ 116.334743] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.335215] RIP: 0033:0x7f4b8743ee5d [ 116.335547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.337335] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.338180] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.338838] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.339486] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.340280] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.340898] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.341706] [ 116.341919] irq event stamp: 0 [ 116.342197] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.342781] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.343723] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.344457] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.345012] ---[ end trace 0000000000000000 ]--- [ 116.350018] ------------[ cut here ]------------ [ 116.350454] WARNING: CPU: 0 PID: 1054 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.351582] Modules linked in: [ 116.351867] CPU: 0 PID: 1054 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.352626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.353602] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.354040] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.355682] RSP: 0018:ffff888016707bd0 EFLAGS: 00010246 [ 116.356155] RAX: 0000000000000000 RBX: ffff888011f670a8 RCX: 0000000000000000 [ 116.356774] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 116.357391] RBP: ffff888016707be8 R08: ffffed10023ece33 R09: ffffed10023ece33 [ 116.358007] R10: ffff888011f67193 R11: ffffed10023ece32 R12: ffff88800fcb2800 [ 116.358640] R13: ffff888011f671e8 R14: ffff88800fd0ae00 R15: 0000000000000000 [ 116.359265] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.359951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.360447] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.361060] PKRU: 55555554 [ 116.361310] Call Trace: [ 116.361538] [ 116.361733] iommufd_access_destroy_object+0x65/0x170 [ 116.362186] iommufd_object_destroy_user+0x18e/0x220 [ 116.362653] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.363180] iommufd_access_destroy+0x43/0x70 [ 116.363581] iommufd_test_staccess_release+0x8d/0xd0 [ 116.364031] __fput+0x26d/0xa40 [ 116.364328] ____fput+0x1e/0x30 [ 116.364621] task_work_run+0x1a4/0x2d0 [ 116.364970] ? __pfx_task_work_run+0x10/0x10 [ 116.365357] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.365787] ? switch_task_namespaces+0xa9/0xe0 [ 116.366206] do_exit+0xb17/0x2ef0 [ 116.366535] ? lock_acquire+0x427/0x4c0 [ 116.366889] ? __pfx_lock_release+0x10/0x10 [ 116.367277] ? __kasan_check_write+0x18/0x20 [ 116.367662] ? do_raw_spin_lock+0x132/0x2a0 [ 116.368037] ? __pfx_do_exit+0x10/0x10 [ 116.368381] ? debug_smp_processor_id+0x20/0x30 [ 116.368789] ? rcu_is_watching+0x19/0xb0 [ 116.369148] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.369548] ? trace_hardirqs_on+0x26/0x120 [ 116.369932] do_group_exit+0xe0/0x2b0 [ 116.370265] __x64_sys_exit_group+0x47/0x50 [ 116.370663] do_syscall_64+0x3b/0x90 [ 116.371002] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.371475] RIP: 0033:0x7f4b87518a4d [ 116.371800] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.372326] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.372979] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.373588] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.374196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.374836] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.375473] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.376094] [ 116.376296] irq event stamp: 0 [ 116.376569] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.377117] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.377938] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.378685] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.379250] ---[ end trace 0000000000000000 ]--- [ 116.380084] ------------[ cut here ]------------ [ 116.380744] WARNING: CPU: 0 PID: 1054 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.381662] Modules linked in: [ 116.381945] CPU: 0 PID: 1054 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.382736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.383814] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.384357] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.385923] RSP: 0018:ffff888016707b78 EFLAGS: 00010246 [ 116.386384] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.387096] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 116.387722] RBP: ffff888016707b98 R08: ffffed10023ece3e R09: ffffed10023ece3e [ 116.388510] R10: ffff888011f671ef R11: ffffed10023ece3d R12: ffff888011f67290 [ 116.389122] R13: ffff888011f670a8 R14: ffffffffffffffff R15: ffff888016707c60 [ 116.389731] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.390419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.390988] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.391764] PKRU: 55555554 [ 116.392014] Call Trace: [ 116.392235] [ 116.392434] iommufd_ioas_destroy+0x53/0x70 [ 116.392815] iommufd_fops_release+0x1f7/0x370 [ 116.393209] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.393645] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.394076] ? write_comp_data+0x2f/0x90 [ 116.394488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.395062] __fput+0x26d/0xa40 [ 116.395374] ____fput+0x1e/0x30 [ 116.395670] task_work_run+0x1a4/0x2d0 [ 116.396016] ? __pfx_task_work_run+0x10/0x10 [ 116.396402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.396829] ? switch_task_namespaces+0xa9/0xe0 [ 116.397247] do_exit+0xb17/0x2ef0 [ 116.397550] ? lock_acquire+0x427/0x4c0 [ 116.397928] ? __pfx_lock_release+0x10/0x10 [ 116.398478] ? __kasan_check_write+0x18/0x20 [ 116.398913] ? do_raw_spin_lock+0x132/0x2a0 [ 116.399311] ? __pfx_do_exit+0x10/0x10 [ 116.399667] ? debug_smp_processor_id+0x20/0x30 [ 116.400089] ? rcu_is_watching+0x19/0xb0 [ 116.400457] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.400855] ? trace_hardirqs_on+0x26/0x120 [ 116.401240] do_group_exit+0xe0/0x2b0 [ 116.401574] __x64_sys_exit_group+0x47/0x50 [ 116.401949] do_syscall_64+0x3b/0x90 [ 116.402342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.402986] RIP: 0033:0x7f4b87518a4d [ 116.403323] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.403855] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.404507] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.405120] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.405738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.406620] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.407241] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.407858] [ 116.408061] irq event stamp: 0 [ 116.408333] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.408871] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.409659] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.410473] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.411036] ---[ end trace 0000000000000000 ]--- [ 116.417109] ------------[ cut here ]------------ [ 116.417865] WARNING: CPU: 0 PID: 1055 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.418818] Modules linked in: [ 116.419098] CPU: 0 PID: 1055 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.419870] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.420991] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.421518] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.423083] RSP: 0018:ffff888015c67bb8 EFLAGS: 00010246 [ 116.423544] RAX: 0000000000000000 RBX: ffff8880165b90a8 RCX: 0000000000000000 [ 116.424153] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 116.424756] RBP: ffff888015c67bd0 R08: ffffed1002cb7233 R09: ffffed1002cb7233 [ 116.425357] R10: ffff8880165b9193 R11: ffffed1002cb7232 R12: ffff888012e91800 [ 116.425959] R13: ffff8880165b91e8 R14: ffffffff8352e670 R15: ffff888015c67e68 [ 116.426583] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.427286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.427790] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ef0 [ 116.428401] PKRU: 55555554 [ 116.428641] Call Trace: [ 116.428853] [ 116.429057] __iommufd_access_detach+0x1c2/0x2b0 [ 116.429458] iommufd_access_change_pt+0x149/0x270 [ 116.429861] iommufd_access_replace+0xb4/0x120 [ 116.430249] iommufd_test+0x3e5/0x37e0 [ 116.430592] ? lock_release+0x532/0x770 [ 116.430930] ? __might_fault+0x102/0x1b0 [ 116.431286] ? lock_acquire+0x427/0x4c0 [ 116.431622] ? __pfx_iommufd_test+0x10/0x10 [ 116.431978] ? __pfx_lock_release+0x10/0x10 [ 116.432340] ? __pfx_lock_acquire+0x10/0x10 [ 116.432706] ? write_comp_data+0x2f/0x90 [ 116.433049] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.433458] ? write_comp_data+0x2f/0x90 [ 116.433802] iommufd_fops_ioctl+0x37d/0x510 [ 116.434161] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.434585] ? write_comp_data+0x2f/0x90 [ 116.434931] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.435341] __x64_sys_ioctl+0x1a3/0x230 [ 116.435691] do_syscall_64+0x3b/0x90 [ 116.436007] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.436435] RIP: 0033:0x7f4b8743ee5d [ 116.436743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.438229] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.438871] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.439465] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.440049] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.440639] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.441221] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.441811] [ 116.442005] irq event stamp: 0 [ 116.442268] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.442806] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.443509] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.444196] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.444710] ---[ end trace 0000000000000000 ]--- [ 116.447913] ------------[ cut here ]------------ [ 116.448415] WARNING: CPU: 0 PID: 1055 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.449244] Modules linked in: [ 116.449512] CPU: 0 PID: 1055 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.450392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.451336] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.451747] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.453402] RSP: 0018:ffff888015c67bd0 EFLAGS: 00010246 [ 116.453914] RAX: 0000000000000000 RBX: ffff8880165b90a8 RCX: 0000000000000000 [ 116.454573] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 116.455176] RBP: ffff888015c67be8 R08: ffffed1002cb7233 R09: ffffed1002cb7233 [ 116.455798] R10: ffff8880165b9193 R11: ffffed1002cb7232 R12: ffff888010c08000 [ 116.456504] R13: ffff8880165b91e8 R14: ffff88800ca5aa00 R15: 0000000000000000 [ 116.457089] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.457907] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.458385] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.459003] PKRU: 55555554 [ 116.459263] Call Trace: [ 116.459478] [ 116.459667] iommufd_access_destroy_object+0x65/0x170 [ 116.460266] iommufd_object_destroy_user+0x18e/0x220 [ 116.460689] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.461173] iommufd_access_destroy+0x43/0x70 [ 116.461573] iommufd_test_staccess_release+0x8d/0xd0 [ 116.462144] __fput+0x26d/0xa40 [ 116.462439] ____fput+0x1e/0x30 [ 116.462741] task_work_run+0x1a4/0x2d0 [ 116.463080] ? __pfx_task_work_run+0x10/0x10 [ 116.463458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.463886] ? switch_task_namespaces+0xa9/0xe0 [ 116.464498] do_exit+0xb17/0x2ef0 [ 116.464793] ? lock_acquire+0x427/0x4c0 [ 116.465130] ? __pfx_lock_release+0x10/0x10 [ 116.465494] ? __kasan_check_write+0x18/0x20 [ 116.465892] ? do_raw_spin_lock+0x132/0x2a0 [ 116.466382] ? __pfx_do_exit+0x10/0x10 [ 116.466736] ? debug_smp_processor_id+0x20/0x30 [ 116.467135] ? rcu_is_watching+0x19/0xb0 [ 116.467479] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.467863] ? trace_hardirqs_on+0x26/0x120 [ 116.468255] do_group_exit+0xe0/0x2b0 [ 116.468735] __x64_sys_exit_group+0x47/0x50 [ 116.469095] do_syscall_64+0x3b/0x90 [ 116.469412] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.469850] RIP: 0033:0x7f4b87518a4d [ 116.470191] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.470854] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.471490] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.472074] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.472841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.473428] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.474011] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.474799] [ 116.474994] irq event stamp: 0 [ 116.475278] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.475798] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.476487] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.477231] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.478030] ---[ end trace 0000000000000000 ]--- [ 116.478827] ------------[ cut here ]------------ [ 116.479261] WARNING: CPU: 0 PID: 1055 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.480137] Modules linked in: [ 116.480412] CPU: 0 PID: 1055 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.481160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.482377] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.482872] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.484466] RSP: 0018:ffff888015c67b78 EFLAGS: 00010246 [ 116.484928] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.485771] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 116.486389] RBP: ffff888015c67b98 R08: ffffed1002cb723e R09: ffffed1002cb723e [ 116.487027] R10: ffff8880165b91ef R11: ffffed1002cb723d R12: ffff8880165b9290 [ 116.487669] R13: ffff8880165b90a8 R14: ffffffffffffffff R15: ffff888015c67c60 [ 116.488365] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.489210] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.489716] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.490496] PKRU: 55555554 [ 116.490771] Call Trace: [ 116.490997] [ 116.491229] iommufd_ioas_destroy+0x53/0x70 [ 116.491625] iommufd_fops_release+0x1f7/0x370 [ 116.492032] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.492665] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.493104] ? write_comp_data+0x2f/0x90 [ 116.493474] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.493928] __fput+0x26d/0xa40 [ 116.494383] ____fput+0x1e/0x30 [ 116.494704] task_work_run+0x1a4/0x2d0 [ 116.495058] ? __pfx_task_work_run+0x10/0x10 [ 116.495472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.495905] ? switch_task_namespaces+0xa9/0xe0 [ 116.496332] do_exit+0xb17/0x2ef0 [ 116.496721] ? lock_acquire+0x427/0x4c0 [ 116.497154] ? __pfx_lock_release+0x10/0x10 [ 116.497540] ? __kasan_check_write+0x18/0x20 [ 116.497932] ? do_raw_spin_lock+0x132/0x2a0 [ 116.498354] ? __pfx_do_exit+0x10/0x10 [ 116.498804] ? debug_smp_processor_id+0x20/0x30 [ 116.499230] ? rcu_is_watching+0x19/0xb0 [ 116.499595] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.500005] ? trace_hardirqs_on+0x26/0x120 [ 116.500396] do_group_exit+0xe0/0x2b0 [ 116.500921] __x64_sys_exit_group+0x47/0x50 [ 116.501301] do_syscall_64+0x3b/0x90 [ 116.501642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.502105] RIP: 0033:0x7f4b87518a4d [ 116.502596] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.503155] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.503826] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.504453] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.505266] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.505890] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.506586] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.507309] [ 116.507514] irq event stamp: 0 [ 116.507791] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.508343] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.509340] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.510120] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.510900] ---[ end trace 0000000000000000 ]--- [ 116.516807] ------------[ cut here ]------------ [ 116.517367] WARNING: CPU: 0 PID: 1056 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.518424] Modules linked in: [ 116.518814] CPU: 0 PID: 1056 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.519825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.520866] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.521331] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.523035] RSP: 0018:ffff888023ec7bb8 EFLAGS: 00010246 [ 116.523560] RAX: 0000000000000000 RBX: ffff888017a438a8 RCX: 0000000000000000 [ 116.524227] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 116.524883] RBP: ffff888023ec7bd0 R08: ffffed1002f48733 R09: ffffed1002f48733 [ 116.525539] R10: ffff888017a43993 R11: ffffed1002f48732 R12: ffff8880144ce000 [ 116.526192] R13: ffff888017a439e8 R14: ffffffff8352e670 R15: ffff888023ec7e68 [ 116.526871] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.527627] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.528160] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ef0 [ 116.528823] PKRU: 55555554 [ 116.529088] Call Trace: [ 116.529324] [ 116.529532] __iommufd_access_detach+0x1c2/0x2b0 [ 116.530005] iommufd_access_change_pt+0x149/0x270 [ 116.530464] iommufd_access_replace+0xb4/0x120 [ 116.530932] iommufd_test+0x3e5/0x37e0 [ 116.531307] ? lock_release+0x532/0x770 [ 116.531689] ? __might_fault+0x102/0x1b0 [ 116.532070] ? lock_acquire+0x427/0x4c0 [ 116.532447] ? __pfx_iommufd_test+0x10/0x10 [ 116.532848] ? __pfx_lock_release+0x10/0x10 [ 116.533262] ? __pfx_lock_acquire+0x10/0x10 [ 116.533671] ? write_comp_data+0x2f/0x90 [ 116.534059] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.534534] ? write_comp_data+0x2f/0x90 [ 116.534922] iommufd_fops_ioctl+0x37d/0x510 [ 116.535345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.535806] ? write_comp_data+0x2f/0x90 [ 116.536201] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.536655] __x64_sys_ioctl+0x1a3/0x230 [ 116.537044] do_syscall_64+0x3b/0x90 [ 116.537396] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.537879] RIP: 0033:0x7f4b8743ee5d [ 116.538224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.539936] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.540644] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.541380] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.542037] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.542717] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.543383] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.544054] [ 116.544272] irq event stamp: 0 [ 116.544564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.545149] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.545922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.546712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.547305] ---[ end trace 0000000000000000 ]--- [ 116.550723] ------------[ cut here ]------------ [ 116.551196] WARNING: CPU: 0 PID: 1056 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.552129] Modules linked in: [ 116.552424] CPU: 0 PID: 1056 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.553279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.554443] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.554925] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.556894] RSP: 0018:ffff888023ec7bd0 EFLAGS: 00010246 [ 116.557390] RAX: 0000000000000000 RBX: ffff888017a438a8 RCX: 0000000000000000 [ 116.558041] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 116.558895] RBP: ffff888023ec7be8 R08: ffffed1002f48733 R09: ffffed1002f48733 [ 116.559565] R10: ffff888017a43993 R11: ffffed1002f48732 R12: ffff888012e91000 [ 116.560222] R13: ffff888017a439e8 R14: ffff8880209a6500 R15: 0000000000000000 [ 116.560877] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.561838] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.562374] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.563051] PKRU: 55555554 [ 116.563332] Call Trace: [ 116.563576] [ 116.563788] iommufd_access_destroy_object+0x65/0x170 [ 116.564328] iommufd_object_destroy_user+0x18e/0x220 [ 116.564926] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.565471] iommufd_access_destroy+0x43/0x70 [ 116.565900] iommufd_test_staccess_release+0x8d/0xd0 [ 116.566381] __fput+0x26d/0xa40 [ 116.566772] ____fput+0x1e/0x30 [ 116.567249] task_work_run+0x1a4/0x2d0 [ 116.567628] ? __pfx_task_work_run+0x10/0x10 [ 116.568060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.568532] ? switch_task_namespaces+0xa9/0xe0 [ 116.568999] do_exit+0xb17/0x2ef0 [ 116.569337] ? lock_acquire+0x427/0x4c0 [ 116.569726] ? __pfx_lock_release+0x10/0x10 [ 116.570367] ? __kasan_check_write+0x18/0x20 [ 116.570821] ? do_raw_spin_lock+0x132/0x2a0 [ 116.571252] ? __pfx_do_exit+0x10/0x10 [ 116.571630] ? debug_smp_processor_id+0x20/0x30 [ 116.572069] ? rcu_is_watching+0x19/0xb0 [ 116.572450] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.572879] ? trace_hardirqs_on+0x26/0x120 [ 116.573372] do_group_exit+0xe0/0x2b0 [ 116.573801] __x64_sys_exit_group+0x47/0x50 [ 116.574416] do_syscall_64+0x3b/0x90 [ 116.574809] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.575316] RIP: 0033:0x7f4b87518a4d [ 116.575667] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.576238] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.576940] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.577602] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.578412] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.579231] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.579912] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.580586] [ 116.580805] irq event stamp: 0 [ 116.581101] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.581686] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.582464] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.583291] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.583887] ---[ end trace 0000000000000000 ]--- [ 116.584729] ------------[ cut here ]------------ [ 116.585171] WARNING: CPU: 0 PID: 1056 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.586122] Modules linked in: [ 116.586455] CPU: 0 PID: 1056 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.587575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.588630] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.589108] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.591104] RSP: 0018:ffff888023ec7b78 EFLAGS: 00010246 [ 116.591629] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.592294] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 116.592977] RBP: ffff888023ec7b98 R08: ffffed1002f4873e R09: ffffed1002f4873e [ 116.593660] R10: ffff888017a439ef R11: ffffed1002f4873d R12: ffff888017a43a90 [ 116.594349] R13: ffff888017a438a8 R14: ffffffffffffffff R15: ffff888023ec7c60 [ 116.595345] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.596125] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.596685] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.597376] PKRU: 55555554 [ 116.597658] Call Trace: [ 116.597910] [ 116.598153] iommufd_ioas_destroy+0x53/0x70 [ 116.598835] iommufd_fops_release+0x1f7/0x370 [ 116.599290] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.599776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.600253] ? write_comp_data+0x2f/0x90 [ 116.600662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.601151] __fput+0x26d/0xa40 [ 116.601493] ____fput+0x1e/0x30 [ 116.601829] task_work_run+0x1a4/0x2d0 [ 116.602346] ? __pfx_task_work_run+0x10/0x10 [ 116.602989] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.603499] ? switch_task_namespaces+0xa9/0xe0 [ 116.604000] do_exit+0xb17/0x2ef0 [ 116.604368] ? lock_acquire+0x427/0x4c0 [ 116.604799] ? __pfx_lock_release+0x10/0x10 [ 116.605344] ? __kasan_check_write+0x18/0x20 [ 116.605816] ? do_raw_spin_lock+0x132/0x2a0 [ 116.606369] ? __pfx_do_exit+0x10/0x10 [ 116.606977] ? debug_smp_processor_id+0x20/0x30 [ 116.607489] ? rcu_is_watching+0x19/0xb0 [ 116.607924] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.608407] ? trace_hardirqs_on+0x26/0x120 [ 116.608862] do_group_exit+0xe0/0x2b0 [ 116.609265] __x64_sys_exit_group+0x47/0x50 [ 116.609729] do_syscall_64+0x3b/0x90 [ 116.610141] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.611090] RIP: 0033:0x7f4b87518a4d [ 116.611521] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.612169] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.612971] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.613714] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.614473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.615457] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.616402] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.617160] [ 116.617413] irq event stamp: 0 [ 116.617743] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.618405] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.619418] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.620527] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.621193] ---[ end trace 0000000000000000 ]--- [ 116.625873] ------------[ cut here ]------------ [ 116.626418] WARNING: CPU: 0 PID: 1057 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.627608] Modules linked in: [ 116.628147] CPU: 0 PID: 1057 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.629061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.630233] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.630793] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.632731] RSP: 0018:ffff888015c67bb8 EFLAGS: 00010246 [ 116.633298] RAX: 0000000000000000 RBX: ffff8880189398a8 RCX: 0000000000000000 [ 116.634050] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 116.634828] RBP: ffff888015c67bd0 R08: ffffed1003127333 R09: ffffed1003127333 [ 116.635594] R10: ffff888018939993 R11: ffffed1003127332 R12: ffff888013b15c00 [ 116.636360] R13: ffff8880189399e8 R14: ffffffff8352e670 R15: ffff888015c67e68 [ 116.637195] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.638052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.638709] CR2: 00007f4b877410e8 CR3: 00000000182ec000 CR4: 0000000000750ef0 [ 116.639490] PKRU: 55555554 [ 116.639793] Call Trace: [ 116.640067] [ 116.640311] __iommufd_access_detach+0x1c2/0x2b0 [ 116.640842] iommufd_access_change_pt+0x149/0x270 [ 116.641379] iommufd_access_replace+0xb4/0x120 [ 116.641885] iommufd_test+0x3e5/0x37e0 [ 116.642308] ? lock_release+0x532/0x770 [ 116.642786] ? __might_fault+0x102/0x1b0 [ 116.643246] ? lock_acquire+0x427/0x4c0 [ 116.643669] ? __pfx_iommufd_test+0x10/0x10 [ 116.644137] ? __pfx_lock_release+0x10/0x10 [ 116.644615] ? __pfx_lock_acquire+0x10/0x10 [ 116.645104] ? write_comp_data+0x2f/0x90 [ 116.645558] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.646098] ? write_comp_data+0x2f/0x90 [ 116.646604] iommufd_fops_ioctl+0x37d/0x510 [ 116.647088] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.647645] ? write_comp_data+0x2f/0x90 [ 116.648094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.648621] __x64_sys_ioctl+0x1a3/0x230 [ 116.649073] do_syscall_64+0x3b/0x90 [ 116.649490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.650050] RIP: 0033:0x7f4b8743ee5d [ 116.650450] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.652476] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.653306] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.654067] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.654857] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.655631] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.656384] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.657156] [ 116.657412] irq event stamp: 0 [ 116.657749] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.658424] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.659362] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.660252] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.660924] ---[ end trace 0000000000000000 ]--- [ 116.664666] ------------[ cut here ]------------ [ 116.665193] WARNING: CPU: 0 PID: 1057 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.666440] Modules linked in: [ 116.667033] CPU: 0 PID: 1057 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.667989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.669261] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.669799] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.672074] RSP: 0018:ffff888015c67bd0 EFLAGS: 00010246 [ 116.672658] RAX: 0000000000000000 RBX: ffff8880189398a8 RCX: 0000000000000000 [ 116.673418] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 116.674232] RBP: ffff888015c67be8 R08: ffffed1003127333 R09: ffffed1003127333 [ 116.675314] R10: ffff888018939993 R11: ffffed1003127332 R12: ffff8880144cf800 [ 116.676091] R13: ffff8880189399e8 R14: ffff88800b1f8500 R15: 0000000000000000 [ 116.676846] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.677711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.678371] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.679451] PKRU: 55555554 [ 116.679768] Call Trace: [ 116.680042] [ 116.680284] iommufd_access_destroy_object+0x65/0x170 [ 116.680848] iommufd_object_destroy_user+0x18e/0x220 [ 116.681400] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.682037] iommufd_access_destroy+0x43/0x70 [ 116.682686] iommufd_test_staccess_release+0x8d/0xd0 [ 116.683418] __fput+0x26d/0xa40 [ 116.683794] ____fput+0x1e/0x30 [ 116.684162] task_work_run+0x1a4/0x2d0 [ 116.684589] ? __pfx_task_work_run+0x10/0x10 [ 116.685068] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.685596] ? switch_task_namespaces+0xa9/0xe0 [ 116.686123] do_exit+0xb17/0x2ef0 [ 116.686648] ? lock_acquire+0x427/0x4c0 [ 116.687271] ? __pfx_lock_release+0x10/0x10 [ 116.687740] ? __kasan_check_write+0x18/0x20 [ 116.688216] ? do_raw_spin_lock+0x132/0x2a0 [ 116.688680] ? __pfx_do_exit+0x10/0x10 [ 116.689110] ? debug_smp_processor_id+0x20/0x30 [ 116.689619] ? rcu_is_watching+0x19/0xb0 [ 116.690068] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.690668] ? trace_hardirqs_on+0x26/0x120 [ 116.691346] do_group_exit+0xe0/0x2b0 [ 116.691770] __x64_sys_exit_group+0x47/0x50 [ 116.692238] do_syscall_64+0x3b/0x90 [ 116.692650] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.693209] RIP: 0033:0x7f4b87518a4d [ 116.693610] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.694269] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.695440] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.696204] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.696965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.697720] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.698492] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.699330] [ 116.699595] irq event stamp: 0 [ 116.699938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.700634] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.701598] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.702487] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.703233] ---[ end trace 0000000000000000 ]--- [ 116.704312] ------------[ cut here ]------------ [ 116.704994] WARNING: CPU: 0 PID: 1057 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.706092] Modules linked in: [ 116.706451] CPU: 0 PID: 1057 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.707482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.709060] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.709631] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.711668] RSP: 0018:ffff888015c67b78 EFLAGS: 00010246 [ 116.712262] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.713026] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 116.713781] RBP: ffff888015c67b98 R08: ffffed100312733e R09: ffffed100312733e [ 116.714574] R10: ffff8880189399ef R11: ffffed100312733d R12: ffff888018939a90 [ 116.715359] R13: ffff8880189398a8 R14: ffffffffffffffff R15: ffff888015c67c60 [ 116.716296] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.717414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.718035] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.718825] PKRU: 55555554 [ 116.719145] Call Trace: [ 116.719420] [ 116.719664] iommufd_ioas_destroy+0x53/0x70 [ 116.720139] iommufd_fops_release+0x1f7/0x370 [ 116.720631] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.721203] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.722030] ? write_comp_data+0x2f/0x90 [ 116.722481] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.723048] __fput+0x26d/0xa40 [ 116.723436] ____fput+0x1e/0x30 [ 116.723808] task_work_run+0x1a4/0x2d0 [ 116.724239] ? __pfx_task_work_run+0x10/0x10 [ 116.724719] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.725254] ? switch_task_namespaces+0xa9/0xe0 [ 116.725777] do_exit+0xb17/0x2ef0 [ 116.726253] ? lock_acquire+0x427/0x4c0 [ 116.727010] ? __pfx_lock_release+0x10/0x10 [ 116.727486] ? __kasan_check_write+0x18/0x20 [ 116.727970] ? do_raw_spin_lock+0x132/0x2a0 [ 116.728438] ? __pfx_do_exit+0x10/0x10 [ 116.728862] ? debug_smp_processor_id+0x20/0x30 [ 116.729366] ? rcu_is_watching+0x19/0xb0 [ 116.729923] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.730603] ? trace_hardirqs_on+0x26/0x120 [ 116.731081] do_group_exit+0xe0/0x2b0 [ 116.731508] __x64_sys_exit_group+0x47/0x50 [ 116.731967] do_syscall_64+0x3b/0x90 [ 116.732420] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.733276] RIP: 0033:0x7f4b87518a4d [ 116.733674] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.734327] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.735477] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.736262] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.737013] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.738045] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.738841] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.739622] [ 116.739936] irq event stamp: 0 [ 116.740452] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.741123] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.742069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.743133] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.743815] ---[ end trace 0000000000000000 ]--- [ 116.750743] ------------[ cut here ]------------ [ 116.751296] WARNING: CPU: 0 PID: 1058 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.752640] Modules linked in: [ 116.752979] CPU: 0 PID: 1058 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.753933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.755361] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.755914] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.758149] RSP: 0018:ffff888013aa7bb8 EFLAGS: 00010246 [ 116.758871] RAX: 0000000000000000 RBX: ffff888010b788a8 RCX: 0000000000000000 [ 116.759796] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 116.760554] RBP: ffff888013aa7bd0 R08: ffffed100216f133 R09: ffffed100216f133 [ 116.761581] R10: ffff888010b78993 R11: ffffed100216f132 R12: ffff88801422ec00 [ 116.762347] R13: ffff888010b789e8 R14: ffffffff8352e670 R15: ffff888013aa7e68 [ 116.763281] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.764299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.765018] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 116.766051] PKRU: 55555554 [ 116.766366] Call Trace: [ 116.766662] [ 116.766908] __iommufd_access_detach+0x1c2/0x2b0 [ 116.767494] iommufd_access_change_pt+0x149/0x270 [ 116.768231] iommufd_access_replace+0xb4/0x120 [ 116.768740] iommufd_test+0x3e5/0x37e0 [ 116.769164] ? lock_release+0x532/0x770 [ 116.769673] ? __might_fault+0x102/0x1b0 [ 116.770268] ? lock_acquire+0x427/0x4c0 [ 116.770760] ? __pfx_iommufd_test+0x10/0x10 [ 116.771245] ? __pfx_lock_release+0x10/0x10 [ 116.771742] ? __pfx_lock_acquire+0x10/0x10 [ 116.772418] ? write_comp_data+0x2f/0x90 [ 116.772871] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.773401] ? write_comp_data+0x2f/0x90 [ 116.773895] iommufd_fops_ioctl+0x37d/0x510 [ 116.774566] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.775092] ? write_comp_data+0x2f/0x90 [ 116.775562] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.776187] __x64_sys_ioctl+0x1a3/0x230 [ 116.776757] do_syscall_64+0x3b/0x90 [ 116.777172] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.777736] RIP: 0033:0x7f4b8743ee5d [ 116.778199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.780396] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.781479] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.782246] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.783161] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.784045] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.784814] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.785845] [ 116.786098] irq event stamp: 0 [ 116.786430] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.787143] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.788317] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.789202] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.790125] ---[ end trace 0000000000000000 ]--- [ 116.795643] ------------[ cut here ]------------ [ 116.796422] WARNING: CPU: 0 PID: 1058 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.797590] Modules linked in: [ 116.798030] CPU: 0 PID: 1058 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.799148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.800338] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.800876] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.802825] RSP: 0018:ffff888013aa7bd0 EFLAGS: 00010246 [ 116.803403] RAX: 0000000000000000 RBX: ffff888010b788a8 RCX: 0000000000000000 [ 116.804159] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 116.804908] RBP: ffff888013aa7be8 R08: ffffed100216f133 R09: ffffed100216f133 [ 116.805662] R10: ffff888010b78993 R11: ffffed100216f132 R12: ffff888013b16c00 [ 116.806413] R13: ffff888010b789e8 R14: ffff88800af28800 R15: 0000000000000000 [ 116.807207] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.808060] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.808677] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 116.809434] PKRU: 55555554 [ 116.809740] Call Trace: [ 116.810015] [ 116.810266] iommufd_access_destroy_object+0x65/0x170 [ 116.810853] iommufd_object_destroy_user+0x18e/0x220 [ 116.811433] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.812067] iommufd_access_destroy+0x43/0x70 [ 116.812564] iommufd_test_staccess_release+0x8d/0xd0 [ 116.813119] __fput+0x26d/0xa40 [ 116.813486] ____fput+0x1e/0x30 [ 116.813845] task_work_run+0x1a4/0x2d0 [ 116.814273] ? __pfx_task_work_run+0x10/0x10 [ 116.814775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.815323] ? switch_task_namespaces+0xa9/0xe0 [ 116.815839] do_exit+0xb17/0x2ef0 [ 116.816214] ? lock_acquire+0x427/0x4c0 [ 116.816658] ? __pfx_lock_release+0x10/0x10 [ 116.817129] ? __kasan_check_write+0x18/0x20 [ 116.817604] ? do_raw_spin_lock+0x132/0x2a0 [ 116.818066] ? __pfx_do_exit+0x10/0x10 [ 116.818493] ? debug_smp_processor_id+0x20/0x30 [ 116.819032] ? rcu_is_watching+0x19/0xb0 [ 116.819482] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.819972] ? trace_hardirqs_on+0x26/0x120 [ 116.820439] do_group_exit+0xe0/0x2b0 [ 116.820853] __x64_sys_exit_group+0x47/0x50 [ 116.821311] do_syscall_64+0x3b/0x90 [ 116.821717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.822293] RIP: 0033:0x7f4b87518a4d [ 116.822727] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.823398] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.824204] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.824951] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.825707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.826484] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.827285] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.828061] [ 116.828312] irq event stamp: 0 [ 116.828645] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.829391] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.830274] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.831198] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.831872] ---[ end trace 0000000000000000 ]--- [ 116.832878] ------------[ cut here ]------------ [ 116.833603] WARNING: CPU: 0 PID: 1058 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.834748] Modules linked in: [ 116.835104] CPU: 0 PID: 1058 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.836332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.837535] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.838208] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.840667] RSP: 0018:ffff888013aa7b78 EFLAGS: 00010246 [ 116.841494] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.842246] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 116.843062] RBP: ffff888013aa7b98 R08: ffffed100216f13e R09: ffffed100216f13e [ 116.844038] R10: ffff888010b789ef R11: ffffed100216f13d R12: ffff888010b78a90 [ 116.844796] R13: ffff888010b788a8 R14: ffffffffffffffff R15: ffff888013aa7c60 [ 116.845675] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.846694] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.847336] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 116.848335] PKRU: 55555554 [ 116.848648] Call Trace: [ 116.848927] [ 116.849174] iommufd_ioas_destroy+0x53/0x70 [ 116.849651] iommufd_fops_release+0x1f7/0x370 [ 116.850447] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.851009] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.851555] ? write_comp_data+0x2f/0x90 [ 116.852010] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.852851] __fput+0x26d/0xa40 [ 116.853224] ____fput+0x1e/0x30 [ 116.853590] task_work_run+0x1a4/0x2d0 [ 116.854023] ? __pfx_task_work_run+0x10/0x10 [ 116.854651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.855360] ? switch_task_namespaces+0xa9/0xe0 [ 116.855882] do_exit+0xb17/0x2ef0 [ 116.856269] ? lock_acquire+0x427/0x4c0 [ 116.856793] ? __pfx_lock_release+0x10/0x10 [ 116.857440] ? __kasan_check_write+0x18/0x20 [ 116.857921] ? do_raw_spin_lock+0x132/0x2a0 [ 116.858389] ? __pfx_do_exit+0x10/0x10 [ 116.858849] ? debug_smp_processor_id+0x20/0x30 [ 116.859645] ? rcu_is_watching+0x19/0xb0 [ 116.860099] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.860597] ? trace_hardirqs_on+0x26/0x120 [ 116.861184] do_group_exit+0xe0/0x2b0 [ 116.861820] __x64_sys_exit_group+0x47/0x50 [ 116.862288] do_syscall_64+0x3b/0x90 [ 116.862721] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.863312] RIP: 0033:0x7f4b87518a4d [ 116.863985] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.864643] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.865453] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.866471] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.867269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.868146] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.869086] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.869863] [ 116.870225] irq event stamp: 0 [ 116.870759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.871457] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.872421] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.873467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.874153] ---[ end trace 0000000000000000 ]--- [ 116.881128] ------------[ cut here ]------------ [ 116.881663] WARNING: CPU: 0 PID: 1059 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.883038] Modules linked in: [ 116.883401] CPU: 0 PID: 1059 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.884338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.885544] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.886082] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.888075] RSP: 0018:ffff888023e9fbb8 EFLAGS: 00010246 [ 116.888648] RAX: 0000000000000000 RBX: ffff888011f608a8 RCX: 0000000000000000 [ 116.889402] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 116.890162] RBP: ffff888023e9fbd0 R08: ffffed10023ec133 R09: ffffed10023ec133 [ 116.890951] R10: ffff888011f60993 R11: ffffed10023ec132 R12: ffff8880104d4000 [ 116.891730] R13: ffff888011f609e8 R14: ffffffff8352e670 R15: ffff888023e9fe68 [ 116.892486] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.893419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.894037] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 116.894823] PKRU: 55555554 [ 116.895148] Call Trace: [ 116.895424] [ 116.895670] __iommufd_access_detach+0x1c2/0x2b0 [ 116.896200] iommufd_access_change_pt+0x149/0x270 [ 116.896730] iommufd_access_replace+0xb4/0x120 [ 116.897232] iommufd_test+0x3e5/0x37e0 [ 116.897653] ? lock_release+0x532/0x770 [ 116.898094] ? __might_fault+0x102/0x1b0 [ 116.898563] ? lock_acquire+0x427/0x4c0 [ 116.899002] ? __pfx_iommufd_test+0x10/0x10 [ 116.899470] ? __pfx_lock_release+0x10/0x10 [ 116.899942] ? __pfx_lock_acquire+0x10/0x10 [ 116.900412] ? write_comp_data+0x2f/0x90 [ 116.900862] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.901390] ? write_comp_data+0x2f/0x90 [ 116.901840] iommufd_fops_ioctl+0x37d/0x510 [ 116.902309] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.902869] ? write_comp_data+0x2f/0x90 [ 116.903333] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 116.903858] __x64_sys_ioctl+0x1a3/0x230 [ 116.904311] do_syscall_64+0x3b/0x90 [ 116.904728] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.905287] RIP: 0033:0x7f4b8743ee5d [ 116.905688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 116.907676] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 116.908498] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 116.909256] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 116.910018] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 116.910808] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 116.911592] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 116.912371] [ 116.912626] irq event stamp: 0 [ 116.912969] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.913648] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.914568] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.915478] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.916151] ---[ end trace 0000000000000000 ]--- [ 116.920049] ------------[ cut here ]------------ [ 116.920592] WARNING: CPU: 0 PID: 1059 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 116.921933] Modules linked in: [ 116.922280] CPU: 0 PID: 1059 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.923280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.924714] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 116.925333] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 116.927307] RSP: 0018:ffff888023e9fbd0 EFLAGS: 00010246 [ 116.927877] RAX: 0000000000000000 RBX: ffff888011f608a8 RCX: 0000000000000000 [ 116.928626] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 116.929380] RBP: ffff888023e9fbe8 R08: ffffed10023ec133 R09: ffffed10023ec133 [ 116.930133] R10: ffff888011f60993 R11: ffffed10023ec132 R12: ffff88801422d400 [ 116.930910] R13: ffff888011f609e8 R14: ffff888017062d00 R15: 0000000000000000 [ 116.931697] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.932529] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.933203] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.934128] PKRU: 55555554 [ 116.934427] Call Trace: [ 116.934729] [ 116.934966] iommufd_access_destroy_object+0x65/0x170 [ 116.935535] iommufd_object_destroy_user+0x18e/0x220 [ 116.936317] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 116.936928] iommufd_access_destroy+0x43/0x70 [ 116.937405] iommufd_test_staccess_release+0x8d/0xd0 [ 116.937968] __fput+0x26d/0xa40 [ 116.938539] ____fput+0x1e/0x30 [ 116.938896] task_work_run+0x1a4/0x2d0 [ 116.939339] ? __pfx_task_work_run+0x10/0x10 [ 116.939804] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.940317] ? switch_task_namespaces+0xa9/0xe0 [ 116.940926] do_exit+0xb17/0x2ef0 [ 116.941414] ? lock_acquire+0x427/0x4c0 [ 116.941839] ? __pfx_lock_release+0x10/0x10 [ 116.942293] ? __kasan_check_write+0x18/0x20 [ 116.942778] ? do_raw_spin_lock+0x132/0x2a0 [ 116.943246] ? __pfx_do_exit+0x10/0x10 [ 116.943894] ? debug_smp_processor_id+0x20/0x30 [ 116.944392] ? rcu_is_watching+0x19/0xb0 [ 116.944818] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.945296] ? trace_hardirqs_on+0x26/0x120 [ 116.945880] do_group_exit+0xe0/0x2b0 [ 116.946394] __x64_sys_exit_group+0x47/0x50 [ 116.946865] do_syscall_64+0x3b/0x90 [ 116.947276] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.947832] RIP: 0033:0x7f4b87518a4d [ 116.948222] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.949154] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.949938] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.950806] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.951756] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.952498] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.953239] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.954240] [ 116.954488] irq event stamp: 0 [ 116.954841] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.955508] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.956620] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.957555] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.958207] ---[ end trace 0000000000000000 ]--- [ 116.959361] ------------[ cut here ]------------ [ 116.959862] WARNING: CPU: 0 PID: 1059 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 116.960920] Modules linked in: [ 116.961376] CPU: 0 PID: 1059 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 116.962434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 116.963921] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 116.964464] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 116.966573] RSP: 0018:ffff888023e9fb78 EFLAGS: 00010246 [ 116.967130] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 116.967860] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 116.968821] RBP: ffff888023e9fb98 R08: ffffed10023ec13e R09: ffffed10023ec13e [ 116.969543] R10: ffff888011f609ef R11: ffffed10023ec13d R12: ffff888011f60a90 [ 116.970302] R13: ffff888011f608a8 R14: ffffffffffffffff R15: ffff888023e9fc60 [ 116.971292] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 116.972110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.972725] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 116.973645] PKRU: 55555554 [ 116.973934] Call Trace: [ 116.974194] [ 116.974425] iommufd_ioas_destroy+0x53/0x70 [ 116.975018] iommufd_fops_release+0x1f7/0x370 [ 116.975642] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.976161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.976673] ? write_comp_data+0x2f/0x90 [ 116.977105] ? __pfx_iommufd_fops_release+0x10/0x10 [ 116.977852] __fput+0x26d/0xa40 [ 116.978207] ____fput+0x1e/0x30 [ 116.978581] task_work_run+0x1a4/0x2d0 [ 116.978993] ? __pfx_task_work_run+0x10/0x10 [ 116.979465] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 116.980219] ? switch_task_namespaces+0xa9/0xe0 [ 116.980709] do_exit+0xb17/0x2ef0 [ 116.981063] ? lock_acquire+0x427/0x4c0 [ 116.981483] ? __pfx_lock_release+0x10/0x10 [ 116.982040] ? __kasan_check_write+0x18/0x20 [ 116.982690] ? do_raw_spin_lock+0x132/0x2a0 [ 116.983146] ? __pfx_do_exit+0x10/0x10 [ 116.983563] ? debug_smp_processor_id+0x20/0x30 [ 116.984053] ? rcu_is_watching+0x19/0xb0 [ 116.984747] ? _raw_spin_unlock_irq+0x2b/0x60 [ 116.985224] ? trace_hardirqs_on+0x26/0x120 [ 116.985672] do_group_exit+0xe0/0x2b0 [ 116.986067] __x64_sys_exit_group+0x47/0x50 [ 116.986744] do_syscall_64+0x3b/0x90 [ 116.987137] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 116.987637] RIP: 0033:0x7f4b87518a4d [ 116.987987] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 116.988566] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 116.989540] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 116.990210] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 116.991106] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 116.991783] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 116.992459] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 116.993333] [ 116.993553] irq event stamp: 0 [ 116.993851] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 116.994443] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 116.995482] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 116.996266] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 116.996856] ---[ end trace 0000000000000000 ]--- [ 117.002394] ------------[ cut here ]------------ [ 117.003075] WARNING: CPU: 0 PID: 1060 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.004279] Modules linked in: [ 117.004584] CPU: 0 PID: 1060 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.005446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.006671] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.007161] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.008864] RSP: 0018:ffff888012ee7bb8 EFLAGS: 00010246 [ 117.009366] RAX: 0000000000000000 RBX: ffff888017a410a8 RCX: 0000000000000000 [ 117.010026] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 117.010712] RBP: ffff888012ee7bd0 R08: ffffed1002f48233 R09: ffffed1002f48233 [ 117.011375] R10: ffff888017a41193 R11: ffffed1002f48232 R12: ffff88802188c800 [ 117.012018] R13: ffff888017a411e8 R14: ffffffff8352e670 R15: ffff888012ee7e68 [ 117.012764] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 117.013630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.014155] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ef0 [ 117.015038] PKRU: 55555554 [ 117.015311] Call Trace: [ 117.015544] [ 117.015751] __iommufd_access_detach+0x1c2/0x2b0 [ 117.016204] iommufd_access_change_pt+0x149/0x270 [ 117.016738] iommufd_access_replace+0xb4/0x120 [ 117.017288] iommufd_test+0x3e5/0x37e0 [ 117.017649] ? lock_release+0x532/0x770 [ 117.018024] ? __might_fault+0x102/0x1b0 [ 117.018484] ? lock_acquire+0x427/0x4c0 [ 117.018996] ? __pfx_iommufd_test+0x10/0x10 [ 117.019409] ? __pfx_lock_release+0x10/0x10 [ 117.019818] ? __pfx_lock_acquire+0x10/0x10 [ 117.020223] ? write_comp_data+0x2f/0x90 [ 117.020699] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.021312] ? write_comp_data+0x2f/0x90 [ 117.021698] iommufd_fops_ioctl+0x37d/0x510 [ 117.022096] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.022760] ? write_comp_data+0x2f/0x90 [ 117.023155] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.023607] __x64_sys_ioctl+0x1a3/0x230 [ 117.023994] do_syscall_64+0x3b/0x90 [ 117.024348] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.024827] RIP: 0033:0x7f4b8743ee5d [ 117.025173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.026848] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.027541] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.028149] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.028753] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.029357] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.029959] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.030590] [ 117.030793] irq event stamp: 0 [ 117.031064] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.031613] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.032337] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.033049] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.033588] ---[ end trace 0000000000000000 ]--- [ 117.036680] ------------[ cut here ]------------ [ 117.037213] WARNING: CPU: 0 PID: 1060 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.038077] Modules linked in: [ 117.038427] CPU: 0 PID: 1060 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.039328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.040280] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.040791] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.042452] RSP: 0018:ffff888012ee7bd0 EFLAGS: 00010246 [ 117.043130] RAX: 0000000000000000 RBX: ffff888017a410a8 RCX: 0000000000000000 [ 117.043746] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 117.044357] RBP: ffff888012ee7be8 R08: ffffed1002f48233 R09: ffffed1002f48233 [ 117.045045] R10: ffff888017a41193 R11: ffffed1002f48232 R12: ffff8880104d7000 [ 117.045863] R13: ffff888017a411e8 R14: ffff88800f59bb00 R15: 0000000000000000 [ 117.046529] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 117.047379] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.047877] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 117.048499] PKRU: 55555554 [ 117.048832] Call Trace: [ 117.049146] [ 117.049347] iommufd_access_destroy_object+0x65/0x170 [ 117.049800] iommufd_object_destroy_user+0x18e/0x220 [ 117.050250] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.050948] iommufd_access_destroy+0x43/0x70 [ 117.051347] iommufd_test_staccess_release+0x8d/0xd0 [ 117.051795] __fput+0x26d/0xa40 [ 117.052098] ____fput+0x1e/0x30 [ 117.052393] task_work_run+0x1a4/0x2d0 [ 117.052772] ? __pfx_task_work_run+0x10/0x10 [ 117.053307] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.053739] ? switch_task_namespaces+0xa9/0xe0 [ 117.054152] do_exit+0xb17/0x2ef0 [ 117.054472] ? lock_acquire+0x427/0x4c0 [ 117.054974] ? __pfx_lock_release+0x10/0x10 [ 117.055370] ? __kasan_check_write+0x18/0x20 [ 117.055756] ? do_raw_spin_lock+0x132/0x2a0 [ 117.056132] ? __pfx_do_exit+0x10/0x10 [ 117.056480] ? debug_smp_processor_id+0x20/0x30 [ 117.056960] ? rcu_is_watching+0x19/0xb0 [ 117.057404] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.057808] ? trace_hardirqs_on+0x26/0x120 [ 117.058190] do_group_exit+0xe0/0x2b0 [ 117.058603] __x64_sys_exit_group+0x47/0x50 [ 117.059063] do_syscall_64+0x3b/0x90 [ 117.059419] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.059882] RIP: 0033:0x7f4b87518a4d [ 117.060208] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.060798] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.061539] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.062153] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.062947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.063572] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.064190] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.064824] [ 117.065028] irq event stamp: 0 [ 117.065296] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.065834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.066580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.067307] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.067857] ---[ end trace 0000000000000000 ]--- [ 117.068677] ------------[ cut here ]------------ [ 117.069202] WARNING: CPU: 0 PID: 1060 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.070068] Modules linked in: [ 117.070387] CPU: 0 PID: 1060 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.071285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.072235] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.072748] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.074398] RSP: 0018:ffff888012ee7b78 EFLAGS: 00010246 [ 117.075056] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.075671] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 117.076271] RBP: ffff888012ee7b98 R08: ffffed1002f4823e R09: ffffed1002f4823e [ 117.076871] R10: ffff888017a411ef R11: ffffed1002f4823d R12: ffff888017a41290 [ 117.077635] R13: ffff888017a410a8 R14: ffffffffffffffff R15: ffff888012ee7c60 [ 117.078233] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 117.079004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.079620] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 117.080220] PKRU: 55555554 [ 117.080458] Call Trace: [ 117.080674] [ 117.080902] iommufd_ioas_destroy+0x53/0x70 [ 117.081392] iommufd_fops_release+0x1f7/0x370 [ 117.081780] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.082209] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.082715] ? write_comp_data+0x2f/0x90 [ 117.083175] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.083606] __fput+0x26d/0xa40 [ 117.083904] ____fput+0x1e/0x30 [ 117.084193] task_work_run+0x1a4/0x2d0 [ 117.084533] ? __pfx_task_work_run+0x10/0x10 [ 117.085158] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.085576] ? switch_task_namespaces+0xa9/0xe0 [ 117.085990] do_exit+0xb17/0x2ef0 [ 117.086291] ? lock_acquire+0x427/0x4c0 [ 117.086749] ? __pfx_lock_release+0x10/0x10 [ 117.087208] ? __kasan_check_write+0x18/0x20 [ 117.087588] ? do_raw_spin_lock+0x132/0x2a0 [ 117.087956] ? __pfx_do_exit+0x10/0x10 [ 117.088297] ? debug_smp_processor_id+0x20/0x30 [ 117.088715] ? rcu_is_watching+0x19/0xb0 [ 117.089204] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.089596] ? trace_hardirqs_on+0x26/0x120 [ 117.089968] do_group_exit+0xe0/0x2b0 [ 117.090295] __x64_sys_exit_group+0x47/0x50 [ 117.090836] do_syscall_64+0x3b/0x90 [ 117.091176] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.091614] RIP: 0033:0x7f4b87518a4d [ 117.091931] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.092443] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.093272] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.093870] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.094493] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.095257] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.095863] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.096505] [ 117.096792] irq event stamp: 0 [ 117.097217] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.097762] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.098472] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.099389] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.099928] ---[ end trace 0000000000000000 ]--- [ 117.103954] ------------[ cut here ]------------ [ 117.104505] WARNING: CPU: 0 PID: 1061 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.105369] Modules linked in: [ 117.105691] CPU: 0 PID: 1061 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.106499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.107525] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.107944] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.109465] RSP: 0018:ffff888023e9fbb8 EFLAGS: 00010246 [ 117.109917] RAX: 0000000000000000 RBX: ffff8880161070a8 RCX: 0000000000000000 [ 117.110539] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 117.111148] RBP: ffff888023e9fbd0 R08: ffffed1002c20e33 R09: ffffed1002c20e33 [ 117.111745] R10: ffff888016107193 R11: ffffed1002c20e32 R12: ffff888012e90800 [ 117.112345] R13: ffff8880161071e8 R14: ffffffff8352e670 R15: ffff888023e9fe68 [ 117.112941] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 117.113615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.114110] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ef0 [ 117.114747] PKRU: 55555554 [ 117.114995] Call Trace: [ 117.115231] [ 117.115428] __iommufd_access_detach+0x1c2/0x2b0 [ 117.115861] iommufd_access_change_pt+0x149/0x270 [ 117.116300] iommufd_access_replace+0xb4/0x120 [ 117.116868] iommufd_test+0x3e5/0x37e0 [ 117.117266] ? lock_release+0x532/0x770 [ 117.117617] ? __might_fault+0x102/0x1b0 [ 117.117970] ? lock_acquire+0x427/0x4c0 [ 117.118318] ? __pfx_iommufd_test+0x10/0x10 [ 117.118709] ? __pfx_lock_release+0x10/0x10 [ 117.119087] ? __pfx_lock_acquire+0x10/0x10 [ 117.119480] ? write_comp_data+0x2f/0x90 [ 117.119832] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.120249] ? write_comp_data+0x2f/0x90 [ 117.120604] iommufd_fops_ioctl+0x37d/0x510 [ 117.120974] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.121390] ? write_comp_data+0x2f/0x90 [ 117.121741] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.122155] __x64_sys_ioctl+0x1a3/0x230 [ 117.122534] do_syscall_64+0x3b/0x90 [ 117.122862] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.123322] RIP: 0033:0x7f4b8743ee5d [ 117.123638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.125157] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.125799] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.126401] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.127027] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.127642] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.128247] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.128857] [ 117.129058] irq event stamp: 0 [ 117.129325] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.129857] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.130588] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.131310] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.131841] ---[ end trace 0000000000000000 ]--- [ 117.135065] ------------[ cut here ]------------ [ 117.135496] WARNING: CPU: 0 PID: 1061 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.136342] Modules linked in: [ 117.136690] CPU: 0 PID: 1061 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.137527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.138650] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.139071] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.140778] RSP: 0018:ffff888023e9fbd0 EFLAGS: 00010246 [ 117.141226] RAX: 0000000000000000 RBX: ffff8880161070a8 RCX: 0000000000000000 [ 117.141840] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 117.142572] RBP: ffff888023e9fbe8 R08: ffffed1002c20e33 R09: ffffed1002c20e33 [ 117.143181] R10: ffff888016107193 R11: ffffed1002c20e32 R12: ffff88802188ec00 [ 117.143871] R13: ffff8880161071e8 R14: ffff8880209a4b00 R15: 0000000000000000 [ 117.144551] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 117.145235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.145894] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 117.146500] PKRU: 55555554 [ 117.146763] Call Trace: [ 117.146982] [ 117.147182] iommufd_access_destroy_object+0x65/0x170 [ 117.147793] iommufd_object_destroy_user+0x18e/0x220 [ 117.148236] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.148738] iommufd_access_destroy+0x43/0x70 [ 117.149244] iommufd_test_staccess_release+0x8d/0xd0 [ 117.149777] __fput+0x26d/0xa40 [ 117.150078] ____fput+0x1e/0x30 [ 117.150367] task_work_run+0x1a4/0x2d0 [ 117.150718] ? __pfx_task_work_run+0x10/0x10 [ 117.151255] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.151677] ? switch_task_namespaces+0xa9/0xe0 [ 117.152085] do_exit+0xb17/0x2ef0 [ 117.152390] ? lock_acquire+0x427/0x4c0 [ 117.152775] ? __pfx_lock_release+0x10/0x10 [ 117.153250] ? __kasan_check_write+0x18/0x20 [ 117.153631] ? do_raw_spin_lock+0x132/0x2a0 [ 117.154003] ? __pfx_do_exit+0x10/0x10 [ 117.154346] ? debug_smp_processor_id+0x20/0x30 [ 117.154899] ? rcu_is_watching+0x19/0xb0 [ 117.155261] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.155652] ? trace_hardirqs_on+0x26/0x120 [ 117.156030] do_group_exit+0xe0/0x2b0 [ 117.156435] __x64_sys_exit_group+0x47/0x50 [ 117.156891] do_syscall_64+0x3b/0x90 [ 117.157222] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.157673] RIP: 0033:0x7f4b87518a4d [ 117.158028] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.158695] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.159363] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.160055] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.160740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.161349] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.162119] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.162743] [ 117.162945] irq event stamp: 0 [ 117.163235] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.163930] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.164640] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.165375] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.166026] ---[ end trace 0000000000000000 ]--- [ 117.168683] ------------[ cut here ]------------ [ 117.169198] WARNING: CPU: 0 PID: 1061 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.170125] Modules linked in: [ 117.170405] CPU: 0 PID: 1061 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.171354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.172324] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.172765] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.174297] RSP: 0018:ffff888023e9fb78 EFLAGS: 00010246 [ 117.174763] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.175374] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 117.175971] RBP: ffff888023e9fb98 R08: ffffed1002c20e3e R09: ffffed1002c20e3e [ 117.176569] R10: ffff8880161071ef R11: ffffed1002c20e3d R12: ffff888016107290 [ 117.177169] R13: ffff8880161070a8 R14: ffffffffffffffff R15: ffff888023e9fc60 [ 117.177767] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 117.178454] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.178962] CR2: 00007f82e2b91018 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 117.179586] PKRU: 55555554 [ 117.179829] Call Trace: [ 117.180047] [ 117.180238] iommufd_ioas_destroy+0x53/0x70 [ 117.180611] iommufd_fops_release+0x1f7/0x370 [ 117.181069] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.181493] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.181915] ? write_comp_data+0x2f/0x90 [ 117.182266] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.182714] __fput+0x26d/0xa40 [ 117.183013] ____fput+0x1e/0x30 [ 117.183315] task_work_run+0x1a4/0x2d0 [ 117.183655] ? __pfx_task_work_run+0x10/0x10 [ 117.184035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.184454] ? switch_task_namespaces+0xa9/0xe0 [ 117.184865] do_exit+0xb17/0x2ef0 [ 117.185159] ? lock_acquire+0x427/0x4c0 [ 117.185502] ? __pfx_lock_release+0x10/0x10 [ 117.185871] ? __kasan_check_write+0x18/0x20 [ 117.186249] ? do_raw_spin_lock+0x132/0x2a0 [ 117.186638] ? __pfx_do_exit+0x10/0x10 [ 117.186982] ? debug_smp_processor_id+0x20/0x30 [ 117.187399] ? rcu_is_watching+0x19/0xb0 [ 117.187746] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.188133] ? trace_hardirqs_on+0x26/0x120 [ 117.188502] do_group_exit+0xe0/0x2b0 [ 117.188824] __x64_sys_exit_group+0x47/0x50 [ 117.189185] do_syscall_64+0x3b/0x90 [ 117.189508] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.189951] RIP: 0033:0x7f4b87518a4d [ 117.190271] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.190814] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.191470] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.192068] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.192671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.193268] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.193841] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.194423] [ 117.194635] irq event stamp: 0 [ 117.194894] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.195418] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.196091] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.196763] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.197273] ---[ end trace 0000000000000000 ]--- [ 117.201517] ------------[ cut here ]------------ [ 117.201968] WARNING: CPU: 1 PID: 1062 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.203086] Modules linked in: [ 117.203379] CPU: 1 PID: 1062 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.204139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.205247] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.205667] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.207342] RSP: 0018:ffff888010207bb8 EFLAGS: 00010246 [ 117.207784] RAX: 0000000000000000 RBX: ffff888011cb48a8 RCX: 0000000000000000 [ 117.208487] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 117.209072] RBP: ffff888010207bd0 R08: ffffed1002396933 R09: ffffed1002396933 [ 117.209678] R10: ffff888011cb4993 R11: ffffed1002396932 R12: ffff88800a727000 [ 117.210357] R13: ffff888011cb49e8 R14: ffffffff8352e670 R15: ffff888010207e68 [ 117.210963] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.211664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.212216] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 117.212807] PKRU: 55555554 [ 117.213046] Call Trace: [ 117.213265] [ 117.213482] __iommufd_access_detach+0x1c2/0x2b0 [ 117.213960] iommufd_access_change_pt+0x149/0x270 [ 117.214375] iommufd_access_replace+0xb4/0x120 [ 117.214789] iommufd_test+0x3e5/0x37e0 [ 117.215138] ? lock_release+0x532/0x770 [ 117.215501] ? __might_fault+0x102/0x1b0 [ 117.215935] ? lock_acquire+0x427/0x4c0 [ 117.216278] ? __pfx_iommufd_test+0x10/0x10 [ 117.216637] ? __pfx_lock_release+0x10/0x10 [ 117.217008] ? __pfx_lock_acquire+0x10/0x10 [ 117.217448] ? write_comp_data+0x2f/0x90 [ 117.217845] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.218259] ? write_comp_data+0x2f/0x90 [ 117.218638] iommufd_fops_ioctl+0x37d/0x510 [ 117.219007] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.219496] ? write_comp_data+0x2f/0x90 [ 117.219896] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.220292] __x64_sys_ioctl+0x1a3/0x230 [ 117.220648] do_syscall_64+0x3b/0x90 [ 117.220970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.221526] RIP: 0033:0x7f4b8743ee5d [ 117.221836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.223477] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.224107] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.224695] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.225401] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.225991] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.226613] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.227345] [ 117.227542] irq event stamp: 0 [ 117.227806] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.228330] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.229131] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.229817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.230338] ---[ end trace 0000000000000000 ]--- [ 117.233652] ------------[ cut here ]------------ [ 117.234074] WARNING: CPU: 1 PID: 1062 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.235058] Modules linked in: [ 117.235334] CPU: 1 PID: 1062 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.236047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.237077] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.237487] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.239104] RSP: 0018:ffff888010207bd0 EFLAGS: 00010246 [ 117.239550] RAX: 0000000000000000 RBX: ffff888011cb48a8 RCX: 0000000000000000 [ 117.240128] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 117.240821] RBP: ffff888010207be8 R08: ffffed1002396933 R09: ffffed1002396933 [ 117.241401] R10: ffff888011cb4993 R11: ffffed1002396932 R12: ffff88802190c800 [ 117.241987] R13: ffff888011cb49e8 R14: ffff888020a7a500 R15: 0000000000000000 [ 117.242696] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.243382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.243880] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.244564] PKRU: 55555554 [ 117.244877] Call Trace: [ 117.245100] [ 117.245295] iommufd_access_destroy_object+0x65/0x170 [ 117.245747] iommufd_object_destroy_user+0x18e/0x220 [ 117.246191] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.246818] iommufd_access_destroy+0x43/0x70 [ 117.247221] iommufd_test_staccess_release+0x8d/0xd0 [ 117.247670] __fput+0x26d/0xa40 [ 117.247971] ____fput+0x1e/0x30 [ 117.248340] task_work_run+0x1a4/0x2d0 [ 117.248744] ? __pfx_task_work_run+0x10/0x10 [ 117.249139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.249571] ? switch_task_namespaces+0xa9/0xe0 [ 117.249986] do_exit+0xb17/0x2ef0 [ 117.250415] ? lock_acquire+0x427/0x4c0 [ 117.250801] ? __pfx_lock_release+0x10/0x10 [ 117.251206] ? __kasan_check_write+0x18/0x20 [ 117.251601] ? do_raw_spin_lock+0x132/0x2a0 [ 117.252001] ? __pfx_do_exit+0x10/0x10 [ 117.252448] ? debug_smp_processor_id+0x20/0x30 [ 117.252861] ? rcu_is_watching+0x19/0xb0 [ 117.253219] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.253623] ? trace_hardirqs_on+0x26/0x120 [ 117.254088] do_group_exit+0xe0/0x2b0 [ 117.254455] __x64_sys_exit_group+0x47/0x50 [ 117.254855] do_syscall_64+0x3b/0x90 [ 117.255199] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.255672] RIP: 0033:0x7f4b87518a4d [ 117.256134] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.256672] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.257334] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.258107] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.258766] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.259401] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.260023] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.260653] [ 117.260860] irq event stamp: 0 [ 117.261138] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.261686] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.262407] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.263190] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.263744] ---[ end trace 0000000000000000 ]--- [ 117.264500] ------------[ cut here ]------------ [ 117.264914] WARNING: CPU: 1 PID: 1062 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.265802] Modules linked in: [ 117.266129] CPU: 1 PID: 1062 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.266934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.267926] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.268377] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.269937] RSP: 0018:ffff888010207b78 EFLAGS: 00010246 [ 117.270402] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.271045] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 117.271679] RBP: ffff888010207b98 R08: ffffed100239693e R09: ffffed100239693e [ 117.272295] R10: ffff888011cb49ef R11: ffffed100239693d R12: ffff888011cb4a90 [ 117.272909] R13: ffff888011cb48a8 R14: ffffffffffffffff R15: ffff888010207c60 [ 117.273521] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.274209] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.274731] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.275372] PKRU: 55555554 [ 117.275625] Call Trace: [ 117.275850] [ 117.276046] iommufd_ioas_destroy+0x53/0x70 [ 117.276433] iommufd_fops_release+0x1f7/0x370 [ 117.276829] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.277270] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.277701] ? write_comp_data+0x2f/0x90 [ 117.278067] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.278499] __fput+0x26d/0xa40 [ 117.278834] ____fput+0x1e/0x30 [ 117.279146] task_work_run+0x1a4/0x2d0 [ 117.279496] ? __pfx_task_work_run+0x10/0x10 [ 117.279885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.280312] ? switch_task_namespaces+0xa9/0xe0 [ 117.280725] do_exit+0xb17/0x2ef0 [ 117.281029] ? lock_acquire+0x427/0x4c0 [ 117.281385] ? __pfx_lock_release+0x10/0x10 [ 117.281767] ? __kasan_check_write+0x18/0x20 [ 117.282152] ? do_raw_spin_lock+0x132/0x2a0 [ 117.282554] ? __pfx_do_exit+0x10/0x10 [ 117.282905] ? debug_smp_processor_id+0x20/0x30 [ 117.283327] ? rcu_is_watching+0x19/0xb0 [ 117.283689] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.284090] ? trace_hardirqs_on+0x26/0x120 [ 117.284498] do_group_exit+0xe0/0x2b0 [ 117.284836] __x64_sys_exit_group+0x47/0x50 [ 117.285207] do_syscall_64+0x3b/0x90 [ 117.285541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.286000] RIP: 0033:0x7f4b87518a4d [ 117.286324] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.286880] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.287549] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.288163] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.288774] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.289389] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.289998] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.290657] [ 117.290863] irq event stamp: 0 [ 117.291151] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.291701] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.292425] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.293141] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.293683] ---[ end trace 0000000000000000 ]--- [ 117.298074] ------------[ cut here ]------------ [ 117.298486] WARNING: CPU: 1 PID: 1063 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.299462] Modules linked in: [ 117.299725] CPU: 1 PID: 1063 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.300435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.301347] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.301750] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.303257] RSP: 0018:ffff888015c37bb8 EFLAGS: 00010246 [ 117.303695] RAX: 0000000000000000 RBX: ffff8880163858a8 RCX: 0000000000000000 [ 117.304275] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 117.304851] RBP: ffff888015c37bd0 R08: ffffed1002c70b33 R09: ffffed1002c70b33 [ 117.305429] R10: ffff888016385993 R11: ffffed1002c70b32 R12: ffff888015808c00 [ 117.306006] R13: ffff8880163859e8 R14: ffffffff8352e670 R15: ffff888015c37e68 [ 117.306600] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.307322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.307800] CR2: 0000000020000140 CR3: 0000000016496000 CR4: 0000000000750ee0 [ 117.308386] PKRU: 55555554 [ 117.308619] Call Trace: [ 117.308832] [ 117.309021] __iommufd_access_detach+0x1c2/0x2b0 [ 117.309432] iommufd_access_change_pt+0x149/0x270 [ 117.309840] iommufd_access_replace+0xb4/0x120 [ 117.310228] iommufd_test+0x3e5/0x37e0 [ 117.310581] ? lock_release+0x532/0x770 [ 117.310926] ? __might_fault+0x102/0x1b0 [ 117.311282] ? lock_acquire+0x427/0x4c0 [ 117.311624] ? __pfx_iommufd_test+0x10/0x10 [ 117.311980] ? __pfx_lock_release+0x10/0x10 [ 117.312344] ? __pfx_lock_acquire+0x10/0x10 [ 117.312712] ? write_comp_data+0x2f/0x90 [ 117.313061] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.313469] ? write_comp_data+0x2f/0x90 [ 117.313813] iommufd_fops_ioctl+0x37d/0x510 [ 117.314176] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.314606] ? write_comp_data+0x2f/0x90 [ 117.314962] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.315383] __x64_sys_ioctl+0x1a3/0x230 [ 117.315734] do_syscall_64+0x3b/0x90 [ 117.316056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.316493] RIP: 0033:0x7f4b8743ee5d [ 117.316801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.318294] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.318953] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.319550] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.320133] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.320718] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.321302] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.321899] [ 117.322096] irq event stamp: 0 [ 117.322361] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.322900] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.323604] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.324290] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.324807] ---[ end trace 0000000000000000 ]--- [ 117.327817] ------------[ cut here ]------------ [ 117.328230] WARNING: CPU: 1 PID: 1063 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.329072] Modules linked in: [ 117.329340] CPU: 1 PID: 1063 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.330059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.331001] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.331428] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.333312] RSP: 0018:ffff888015c37bd0 EFLAGS: 00010246 [ 117.333755] RAX: 0000000000000000 RBX: ffff8880163858a8 RCX: 0000000000000000 [ 117.334359] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 117.335083] RBP: ffff888015c37be8 R08: ffffed1002c70b33 R09: ffffed1002c70b33 [ 117.335690] R10: ffff888016385993 R11: ffffed1002c70b32 R12: ffff88800a725400 [ 117.336276] R13: ffff8880163859e8 R14: ffff888017062800 R15: 0000000000000000 [ 117.336977] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.337640] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.338117] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.338852] PKRU: 55555554 [ 117.339089] Call Trace: [ 117.339323] [ 117.339513] iommufd_access_destroy_object+0x65/0x170 [ 117.339947] iommufd_object_destroy_user+0x18e/0x220 [ 117.340376] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.340981] iommufd_access_destroy+0x43/0x70 [ 117.341368] iommufd_test_staccess_release+0x8d/0xd0 [ 117.341798] __fput+0x26d/0xa40 [ 117.342095] ____fput+0x1e/0x30 [ 117.342382] task_work_run+0x1a4/0x2d0 [ 117.342786] ? __pfx_task_work_run+0x10/0x10 [ 117.343225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.343642] ? switch_task_namespaces+0xa9/0xe0 [ 117.344049] do_exit+0xb17/0x2ef0 [ 117.344342] ? lock_acquire+0x427/0x4c0 [ 117.344684] ? __pfx_lock_release+0x10/0x10 [ 117.345121] ? __kasan_check_write+0x18/0x20 [ 117.345542] ? do_raw_spin_lock+0x132/0x2a0 [ 117.345910] ? __pfx_do_exit+0x10/0x10 [ 117.346245] ? debug_smp_processor_id+0x20/0x30 [ 117.346663] ? rcu_is_watching+0x19/0xb0 [ 117.347009] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.347523] ? trace_hardirqs_on+0x26/0x120 [ 117.347894] do_group_exit+0xe0/0x2b0 [ 117.348229] __x64_sys_exit_group+0x47/0x50 [ 117.348586] do_syscall_64+0x3b/0x90 [ 117.348908] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.349459] RIP: 0033:0x7f4b87518a4d [ 117.349767] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.350273] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.350924] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.351613] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.352196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.352777] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.353444] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.354091] [ 117.354287] irq event stamp: 0 [ 117.354586] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.355105] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.355921] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.356608] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.357129] ---[ end trace 0000000000000000 ]--- [ 117.357964] ------------[ cut here ]------------ [ 117.358358] WARNING: CPU: 1 PID: 1063 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.359275] Modules linked in: [ 117.359593] CPU: 1 PID: 1063 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.360316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.361353] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.361779] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.363438] RSP: 0018:ffff888015c37b78 EFLAGS: 00010246 [ 117.363883] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.364465] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 117.365162] RBP: ffff888015c37b98 R08: ffffed1002c70b3e R09: ffffed1002c70b3e [ 117.365746] R10: ffff8880163859ef R11: ffffed1002c70b3d R12: ffff888016385a90 [ 117.366330] R13: ffff8880163858a8 R14: ffffffffffffffff R15: ffff888015c37c60 [ 117.367038] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.367713] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.368188] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.368773] PKRU: 55555554 [ 117.369010] Call Trace: [ 117.369287] [ 117.369510] iommufd_ioas_destroy+0x53/0x70 [ 117.369876] iommufd_fops_release+0x1f7/0x370 [ 117.370256] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.370702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.371203] ? write_comp_data+0x2f/0x90 [ 117.371562] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.371978] __fput+0x26d/0xa40 [ 117.372269] ____fput+0x1e/0x30 [ 117.372557] task_work_run+0x1a4/0x2d0 [ 117.372995] ? __pfx_task_work_run+0x10/0x10 [ 117.373367] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.373781] ? switch_task_namespaces+0xa9/0xe0 [ 117.374182] do_exit+0xb17/0x2ef0 [ 117.374472] ? lock_acquire+0x427/0x4c0 [ 117.374933] ? __pfx_lock_release+0x10/0x10 [ 117.375318] ? __kasan_check_write+0x18/0x20 [ 117.375693] ? do_raw_spin_lock+0x132/0x2a0 [ 117.376054] ? __pfx_do_exit+0x10/0x10 [ 117.376413] ? debug_smp_processor_id+0x20/0x30 [ 117.376903] ? rcu_is_watching+0x19/0xb0 [ 117.377262] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.377655] ? trace_hardirqs_on+0x26/0x120 [ 117.378061] do_group_exit+0xe0/0x2b0 [ 117.378434] __x64_sys_exit_group+0x47/0x50 [ 117.378920] do_syscall_64+0x3b/0x90 [ 117.379272] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.379726] RIP: 0033:0x7f4b87518a4d [ 117.380049] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.380573] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.381230] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.381844] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.382458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.383101] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.383726] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.384356] [ 117.384562] irq event stamp: 0 [ 117.384835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.385380] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.386117] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.386859] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.387420] ---[ end trace 0000000000000000 ]--- [ 117.392106] ------------[ cut here ]------------ [ 117.392563] WARNING: CPU: 1 PID: 1064 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.393446] Modules linked in: [ 117.393725] CPU: 1 PID: 1064 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.394470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.395485] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.395915] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.397483] RSP: 0018:ffff88802089fbb8 EFLAGS: 00010246 [ 117.397940] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 117.398571] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 117.399193] RBP: ffff88802089fbd0 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 117.399806] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff888016466400 [ 117.400418] R13: ffff8880171ba9e8 R14: ffffffff8352e670 R15: ffff88802089fe68 [ 117.401032] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.401726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.402231] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 117.402887] PKRU: 55555554 [ 117.403152] Call Trace: [ 117.403376] [ 117.403575] __iommufd_access_detach+0x1c2/0x2b0 [ 117.404002] iommufd_access_change_pt+0x149/0x270 [ 117.404434] iommufd_access_replace+0xb4/0x120 [ 117.404843] iommufd_test+0x3e5/0x37e0 [ 117.405186] ? lock_release+0x532/0x770 [ 117.405536] ? __might_fault+0x102/0x1b0 [ 117.405895] ? lock_acquire+0x427/0x4c0 [ 117.406245] ? __pfx_iommufd_test+0x10/0x10 [ 117.406620] ? __pfx_lock_release+0x10/0x10 [ 117.406987] ? __pfx_lock_acquire+0x10/0x10 [ 117.407365] ? write_comp_data+0x2f/0x90 [ 117.407710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.408123] ? write_comp_data+0x2f/0x90 [ 117.408470] iommufd_fops_ioctl+0x37d/0x510 [ 117.408828] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.409231] ? write_comp_data+0x2f/0x90 [ 117.409576] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.409979] __x64_sys_ioctl+0x1a3/0x230 [ 117.410327] do_syscall_64+0x3b/0x90 [ 117.410669] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.411117] RIP: 0033:0x7f4b8743ee5d [ 117.411422] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.412909] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.413528] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.414118] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.414725] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.415317] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.415897] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.416487] [ 117.416679] irq event stamp: 0 [ 117.416941] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.417452] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.418132] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.418833] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.419357] ---[ end trace 0000000000000000 ]--- [ 117.422178] ------------[ cut here ]------------ [ 117.422623] WARNING: CPU: 1 PID: 1064 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.423463] Modules linked in: [ 117.423725] CPU: 1 PID: 1064 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.424453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.425365] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.425782] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.427283] RSP: 0018:ffff88802089fbd0 EFLAGS: 00010246 [ 117.427717] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 117.428296] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 117.428877] RBP: ffff88802089fbe8 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 117.429454] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff88801580a400 [ 117.430031] R13: ffff8880171ba9e8 R14: ffff888014b9b200 R15: 0000000000000000 [ 117.430626] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.431298] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.431772] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.432356] PKRU: 55555554 [ 117.432590] Call Trace: [ 117.432800] [ 117.432986] iommufd_access_destroy_object+0x65/0x170 [ 117.433412] iommufd_object_destroy_user+0x18e/0x220 [ 117.433834] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.434316] iommufd_access_destroy+0x43/0x70 [ 117.434716] iommufd_test_staccess_release+0x8d/0xd0 [ 117.435149] __fput+0x26d/0xa40 [ 117.435435] ____fput+0x1e/0x30 [ 117.435715] task_work_run+0x1a4/0x2d0 [ 117.436047] ? __pfx_task_work_run+0x10/0x10 [ 117.436416] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.436824] ? switch_task_namespaces+0xa9/0xe0 [ 117.437221] do_exit+0xb17/0x2ef0 [ 117.437509] ? lock_acquire+0x427/0x4c0 [ 117.437846] ? __pfx_lock_release+0x10/0x10 [ 117.438213] ? __kasan_check_write+0x18/0x20 [ 117.438602] ? do_raw_spin_lock+0x132/0x2a0 [ 117.438961] ? __pfx_do_exit+0x10/0x10 [ 117.439299] ? debug_smp_processor_id+0x20/0x30 [ 117.439693] ? rcu_is_watching+0x19/0xb0 [ 117.440028] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.440404] ? trace_hardirqs_on+0x26/0x120 [ 117.440772] do_group_exit+0xe0/0x2b0 [ 117.441087] __x64_sys_exit_group+0x47/0x50 [ 117.441443] do_syscall_64+0x3b/0x90 [ 117.441754] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.442186] RIP: 0033:0x7f4b87518a4d [ 117.442496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.443045] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.443676] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.444256] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.444841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.445425] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.446013] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.446641] [ 117.446841] irq event stamp: 0 [ 117.447107] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.447649] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.448346] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.449037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.449559] ---[ end trace 0000000000000000 ]--- [ 117.450275] ------------[ cut here ]------------ [ 117.450695] WARNING: CPU: 1 PID: 1064 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.451551] Modules linked in: [ 117.451819] CPU: 1 PID: 1064 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.452534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.453453] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.453881] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.455398] RSP: 0018:ffff88802089fb78 EFLAGS: 00010246 [ 117.455840] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.456426] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 117.457007] RBP: ffff88802089fb98 R08: ffffed1002e3753e R09: ffffed1002e3753e [ 117.457589] R10: ffff8880171ba9ef R11: ffffed1002e3753d R12: ffff8880171baa90 [ 117.458171] R13: ffff8880171ba8a8 R14: ffffffffffffffff R15: ffff88802089fc60 [ 117.458775] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.459440] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.459921] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.460508] PKRU: 55555554 [ 117.460744] Call Trace: [ 117.460970] [ 117.461161] iommufd_ioas_destroy+0x53/0x70 [ 117.461527] iommufd_fops_release+0x1f7/0x370 [ 117.461908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.462336] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.462777] ? write_comp_data+0x2f/0x90 [ 117.463141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.463563] __fput+0x26d/0xa40 [ 117.463852] ____fput+0x1e/0x30 [ 117.464139] task_work_run+0x1a4/0x2d0 [ 117.464478] ? __pfx_task_work_run+0x10/0x10 [ 117.464850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.465262] ? switch_task_namespaces+0xa9/0xe0 [ 117.465667] do_exit+0xb17/0x2ef0 [ 117.465957] ? lock_acquire+0x427/0x4c0 [ 117.466307] ? __pfx_lock_release+0x10/0x10 [ 117.466698] ? __kasan_check_write+0x18/0x20 [ 117.467074] ? do_raw_spin_lock+0x132/0x2a0 [ 117.467456] ? __pfx_do_exit+0x10/0x10 [ 117.467788] ? debug_smp_processor_id+0x20/0x30 [ 117.468178] ? rcu_is_watching+0x19/0xb0 [ 117.468517] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.468898] ? trace_hardirqs_on+0x26/0x120 [ 117.469270] do_group_exit+0xe0/0x2b0 [ 117.469590] __x64_sys_exit_group+0x47/0x50 [ 117.469947] do_syscall_64+0x3b/0x90 [ 117.470264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.470730] RIP: 0033:0x7f4b87518a4d [ 117.471050] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.471567] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.472194] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.472780] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.473368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.473961] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.474578] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.475186] [ 117.475387] irq event stamp: 0 [ 117.475649] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.476190] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.476881] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.477571] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.478094] ---[ end trace 0000000000000000 ]--- [ 117.484671] ------------[ cut here ]------------ [ 117.485256] WARNING: CPU: 1 PID: 1065 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.486402] Modules linked in: [ 117.486827] CPU: 1 PID: 1065 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.487838] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.489121] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.489701] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.491839] RSP: 0018:ffff888023cdfbb8 EFLAGS: 00010246 [ 117.492486] RAX: 0000000000000000 RBX: ffff8880173a90a8 RCX: 0000000000000000 [ 117.493332] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 117.494178] RBP: ffff888023cdfbd0 R08: ffffed1002e75233 R09: ffffed1002e75233 [ 117.495057] R10: ffff8880173a9193 R11: ffffed1002e75232 R12: ffff888012e95400 [ 117.495928] R13: ffff8880173a91e8 R14: ffffffff8352e670 R15: ffff888023cdfe68 [ 117.496780] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.497734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.498437] CR2: 0000000020000140 CR3: 00000000182ec000 CR4: 0000000000750ee0 [ 117.499357] PKRU: 55555554 [ 117.499712] Call Trace: [ 117.500027] [ 117.500308] __iommufd_access_detach+0x1c2/0x2b0 [ 117.500902] iommufd_access_change_pt+0x149/0x270 [ 117.501509] iommufd_access_replace+0xb4/0x120 [ 117.502080] iommufd_test+0x3e5/0x37e0 [ 117.502590] ? lock_release+0x532/0x770 [ 117.503094] ? __might_fault+0x102/0x1b0 [ 117.503613] ? lock_acquire+0x427/0x4c0 [ 117.504108] ? __pfx_iommufd_test+0x10/0x10 [ 117.504630] ? __pfx_lock_release+0x10/0x10 [ 117.505162] ? __pfx_lock_acquire+0x10/0x10 [ 117.505700] ? write_comp_data+0x2f/0x90 [ 117.506208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.506843] ? write_comp_data+0x2f/0x90 [ 117.507365] iommufd_fops_ioctl+0x37d/0x510 [ 117.507895] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.508491] ? write_comp_data+0x2f/0x90 [ 117.508996] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.509586] __x64_sys_ioctl+0x1a3/0x230 [ 117.510094] do_syscall_64+0x3b/0x90 [ 117.510595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.511248] RIP: 0033:0x7f4b8743ee5d [ 117.511700] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.513877] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.514853] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.515744] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.516611] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.517473] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.518343] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.519293] [ 117.519595] irq event stamp: 0 [ 117.519990] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.520760] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.521775] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.522826] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.523618] ---[ end trace 0000000000000000 ]--- [ 117.528368] ------------[ cut here ]------------ [ 117.529006] WARNING: CPU: 1 PID: 1065 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.530280] Modules linked in: [ 117.530743] CPU: 1 PID: 1065 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.531861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.533266] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.533896] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.536248] RSP: 0018:ffff888023cdfbd0 EFLAGS: 00010246 [ 117.536933] RAX: 0000000000000000 RBX: ffff8880173a90a8 RCX: 0000000000000000 [ 117.537835] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 117.538769] RBP: ffff888023cdfbe8 R08: ffffed1002e75233 R09: ffffed1002e75233 [ 117.539689] R10: ffff8880173a9193 R11: ffffed1002e75232 R12: ffff888016464800 [ 117.540586] R13: ffff8880173a91e8 R14: ffff88800af2be00 R15: 0000000000000000 [ 117.541476] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.542487] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.543304] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.544235] PKRU: 55555554 [ 117.544609] Call Trace: [ 117.544950] [ 117.545259] iommufd_access_destroy_object+0x65/0x170 [ 117.545948] iommufd_object_destroy_user+0x18e/0x220 [ 117.546667] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.547470] iommufd_access_destroy+0x43/0x70 [ 117.548086] iommufd_test_staccess_release+0x8d/0xd0 [ 117.548773] __fput+0x26d/0xa40 [ 117.549235] ____fput+0x1e/0x30 [ 117.549696] task_work_run+0x1a4/0x2d0 [ 117.550235] ? __pfx_task_work_run+0x10/0x10 [ 117.550876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.551550] ? switch_task_namespaces+0xa9/0xe0 [ 117.552195] do_exit+0xb17/0x2ef0 [ 117.552658] ? lock_acquire+0x427/0x4c0 [ 117.553178] ? __pfx_lock_release+0x10/0x10 [ 117.553767] ? __kasan_check_write+0x18/0x20 [ 117.554359] ? do_raw_spin_lock+0x132/0x2a0 [ 117.554978] ? __pfx_do_exit+0x10/0x10 [ 117.555540] ? debug_smp_processor_id+0x20/0x30 [ 117.556162] ? rcu_is_watching+0x19/0xb0 [ 117.556705] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.557315] ? trace_hardirqs_on+0x26/0x120 [ 117.557898] do_group_exit+0xe0/0x2b0 [ 117.558407] __x64_sys_exit_group+0x47/0x50 [ 117.559019] do_syscall_64+0x3b/0x90 [ 117.559542] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.560241] RIP: 0033:0x7f4b87518a4d [ 117.560741] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.561552] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.562596] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.563559] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.564495] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.565427] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.566359] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.567357] [ 117.567674] irq event stamp: 0 [ 117.568097] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.568920] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.570009] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.571144] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.571986] ---[ end trace 0000000000000000 ]--- [ 117.573304] ------------[ cut here ]------------ [ 117.573932] WARNING: CPU: 1 PID: 1065 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.575337] Modules linked in: [ 117.575773] CPU: 1 PID: 1065 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.576913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.578377] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.579093] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.581486] RSP: 0018:ffff888023cdfb78 EFLAGS: 00010246 [ 117.582192] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.583209] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 117.584146] RBP: ffff888023cdfb98 R08: ffffed1002e7523e R09: ffffed1002e7523e [ 117.585077] R10: ffff8880173a91ef R11: ffffed1002e7523d R12: ffff8880173a9290 [ 117.586009] R13: ffff8880173a90a8 R14: ffffffffffffffff R15: ffff888023cdfc60 [ 117.586978] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.588080] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.588850] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.589809] PKRU: 55555554 [ 117.590194] Call Trace: [ 117.590850] [ 117.591305] iommufd_ioas_destroy+0x53/0x70 [ 117.591910] iommufd_fops_release+0x1f7/0x370 [ 117.592533] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.593222] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.593908] ? write_comp_data+0x2f/0x90 [ 117.594794] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.595492] __fput+0x26d/0xa40 [ 117.595959] ____fput+0x1e/0x30 [ 117.596428] task_work_run+0x1a4/0x2d0 [ 117.596957] ? __pfx_task_work_run+0x10/0x10 [ 117.597769] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.598437] ? switch_task_namespaces+0xa9/0xe0 [ 117.599150] do_exit+0xb17/0x2ef0 [ 117.599632] ? lock_acquire+0x427/0x4c0 [ 117.600349] ? __pfx_lock_release+0x10/0x10 [ 117.600933] ? __kasan_check_write+0x18/0x20 [ 117.601523] ? do_raw_spin_lock+0x132/0x2a0 [ 117.602142] ? __pfx_do_exit+0x10/0x10 [ 117.602831] ? debug_smp_processor_id+0x20/0x30 [ 117.603482] ? rcu_is_watching+0x19/0xb0 [ 117.604023] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.604674] ? trace_hardirqs_on+0x26/0x120 [ 117.605355] do_group_exit+0xe0/0x2b0 [ 117.605866] __x64_sys_exit_group+0x47/0x50 [ 117.606436] do_syscall_64+0x3b/0x90 [ 117.607056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.607967] RIP: 0033:0x7f4b87518a4d [ 117.608509] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.609337] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.610648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.611667] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.612793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.613742] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.614935] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.615937] [ 117.616279] irq event stamp: 0 [ 117.616709] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.617797] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.618990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.620373] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.621229] ---[ end trace 0000000000000000 ]--- [ 117.629223] ------------[ cut here ]------------ [ 117.629919] WARNING: CPU: 1 PID: 1066 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.631595] Modules linked in: [ 117.632066] CPU: 1 PID: 1066 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.633448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.635158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.636058] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.638768] RSP: 0018:ffff888015c37bb8 EFLAGS: 00010246 [ 117.639548] RAX: 0000000000000000 RBX: ffff8880137550a8 RCX: 0000000000000000 [ 117.640720] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 117.641677] RBP: ffff888015c37bd0 R08: ffffed10026eaa33 R09: ffffed10026eaa33 [ 117.642924] R10: ffff888013755193 R11: ffffed10026eaa32 R12: ffff88801435dc00 [ 117.643928] R13: ffff8880137551e8 R14: ffffffff8352e670 R15: ffff888015c37e68 [ 117.645003] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.646207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.647045] CR2: 00007f4b877410e8 CR3: 00000000182ec000 CR4: 0000000000750ee0 [ 117.648173] PKRU: 55555554 [ 117.648580] Call Trace: [ 117.648946] [ 117.649266] __iommufd_access_detach+0x1c2/0x2b0 [ 117.650168] iommufd_access_change_pt+0x149/0x270 [ 117.650938] iommufd_access_replace+0xb4/0x120 [ 117.651636] iommufd_test+0x3e5/0x37e0 [ 117.652302] ? lock_release+0x532/0x770 [ 117.653010] ? __might_fault+0x102/0x1b0 [ 117.653583] ? lock_acquire+0x427/0x4c0 [ 117.654149] ? __pfx_iommufd_test+0x10/0x10 [ 117.655011] ? __pfx_lock_release+0x10/0x10 [ 117.655655] ? __pfx_lock_acquire+0x10/0x10 [ 117.656264] ? write_comp_data+0x2f/0x90 [ 117.656897] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.657701] ? write_comp_data+0x2f/0x90 [ 117.658284] iommufd_fops_ioctl+0x37d/0x510 [ 117.658962] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.659818] ? write_comp_data+0x2f/0x90 [ 117.660403] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.661078] __x64_sys_ioctl+0x1a3/0x230 [ 117.661743] do_syscall_64+0x3b/0x90 [ 117.662361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.663169] RIP: 0033:0x7f4b8743ee5d [ 117.663696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.666414] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.667642] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.668710] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.669758] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.670809] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.671910] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.672890] [ 117.673321] irq event stamp: 0 [ 117.673872] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.674790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.676191] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.677305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.678378] ---[ end trace 0000000000000000 ]--- [ 117.684197] ------------[ cut here ]------------ [ 117.685006] WARNING: CPU: 1 PID: 1066 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.686491] Modules linked in: [ 117.687073] CPU: 1 PID: 1066 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.688503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.690223] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.690982] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.693665] RSP: 0018:ffff888015c37bd0 EFLAGS: 00010246 [ 117.694397] RAX: 0000000000000000 RBX: ffff8880137550a8 RCX: 0000000000000000 [ 117.695672] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 117.696633] RBP: ffff888015c37be8 R08: ffffed10026eaa33 R09: ffffed10026eaa33 [ 117.697827] R10: ffff888013755193 R11: ffffed10026eaa32 R12: ffff888012e94800 [ 117.698848] R13: ffff8880137551e8 R14: ffff8880209a6c00 R15: 0000000000000000 [ 117.699840] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.700920] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.701701] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 117.702724] PKRU: 55555554 [ 117.703168] Call Trace: [ 117.703529] [ 117.703847] iommufd_access_destroy_object+0x65/0x170 [ 117.704561] iommufd_object_destroy_user+0x18e/0x220 [ 117.705270] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.706075] iommufd_access_destroy+0x43/0x70 [ 117.706792] iommufd_test_staccess_release+0x8d/0xd0 [ 117.707547] __fput+0x26d/0xa40 [ 117.708041] ____fput+0x1e/0x30 [ 117.708526] task_work_run+0x1a4/0x2d0 [ 117.709086] ? __pfx_task_work_run+0x10/0x10 [ 117.709709] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.710396] ? switch_task_namespaces+0xa9/0xe0 [ 117.711150] do_exit+0xb17/0x2ef0 [ 117.711657] ? lock_acquire+0x427/0x4c0 [ 117.712225] ? __pfx_lock_release+0x10/0x10 [ 117.712825] ? __kasan_check_write+0x18/0x20 [ 117.713450] ? do_raw_spin_lock+0x132/0x2a0 [ 117.714057] ? __pfx_do_exit+0x10/0x10 [ 117.714682] ? debug_smp_processor_id+0x20/0x30 [ 117.715355] ? rcu_is_watching+0x19/0xb0 [ 117.715922] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.716551] ? trace_hardirqs_on+0x26/0x120 [ 117.717151] do_group_exit+0xe0/0x2b0 [ 117.717688] __x64_sys_exit_group+0x47/0x50 [ 117.718300] do_syscall_64+0x3b/0x90 [ 117.718901] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.719648] RIP: 0033:0x7f4b87518a4d [ 117.720164] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.720992] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.722012] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.723035] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.724034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.724989] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.725951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.726992] [ 117.727358] irq event stamp: 0 [ 117.727782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.728606] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.729696] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.730833] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.731667] ---[ end trace 0000000000000000 ]--- [ 117.732982] ------------[ cut here ]------------ [ 117.733605] WARNING: CPU: 1 PID: 1066 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.735002] Modules linked in: [ 117.735451] CPU: 1 PID: 1066 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.736594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.738058] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.738777] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.741159] RSP: 0018:ffff888015c37b78 EFLAGS: 00010246 [ 117.741857] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.742837] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 117.743787] RBP: ffff888015c37b98 R08: ffffed10026eaa3e R09: ffffed10026eaa3e [ 117.744719] R10: ffff8880137551ef R11: ffffed10026eaa3d R12: ffff888013755290 [ 117.745646] R13: ffff8880137550a8 R14: ffffffffffffffff R15: ffff888015c37c60 [ 117.746617] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.747681] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.748440] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 117.749368] PKRU: 55555554 [ 117.749742] Call Trace: [ 117.750082] [ 117.750388] iommufd_ioas_destroy+0x53/0x70 [ 117.751010] iommufd_fops_release+0x1f7/0x370 [ 117.751633] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.752295] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.752950] ? write_comp_data+0x2f/0x90 [ 117.753503] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.754167] __fput+0x26d/0xa40 [ 117.754667] ____fput+0x1e/0x30 [ 117.755144] task_work_run+0x1a4/0x2d0 [ 117.755685] ? __pfx_task_work_run+0x10/0x10 [ 117.756278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.756936] ? switch_task_namespaces+0xa9/0xe0 [ 117.757570] do_exit+0xb17/0x2ef0 [ 117.758034] ? lock_acquire+0x427/0x4c0 [ 117.758610] ? __pfx_lock_release+0x10/0x10 [ 117.759298] ? __kasan_check_write+0x18/0x20 [ 117.759891] ? do_raw_spin_lock+0x132/0x2a0 [ 117.760462] ? __pfx_do_exit+0x10/0x10 [ 117.760989] ? debug_smp_processor_id+0x20/0x30 [ 117.761610] ? rcu_is_watching+0x19/0xb0 [ 117.762149] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.762798] ? trace_hardirqs_on+0x26/0x120 [ 117.763400] do_group_exit+0xe0/0x2b0 [ 117.763906] __x64_sys_exit_group+0x47/0x50 [ 117.764473] do_syscall_64+0x3b/0x90 [ 117.764978] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.765673] RIP: 0033:0x7f4b87518a4d [ 117.766164] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.767004] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.767999] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.768825] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.769662] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.770582] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.771444] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.772309] [ 117.772597] irq event stamp: 0 [ 117.772969] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.773699] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.774726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.775733] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.776465] ---[ end trace 0000000000000000 ]--- [ 117.782034] ------------[ cut here ]------------ [ 117.782941] WARNING: CPU: 1 PID: 1067 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.784315] Modules linked in: [ 117.784716] CPU: 1 PID: 1067 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.785735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.787135] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.787757] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.789896] RSP: 0018:ffff888016f5fbb8 EFLAGS: 00010246 [ 117.790587] RAX: 0000000000000000 RBX: ffff88801732b0a8 RCX: 0000000000000000 [ 117.791462] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 117.792311] RBP: ffff888016f5fbd0 R08: ffffed1002e65633 R09: ffffed1002e65633 [ 117.793163] R10: ffff88801732b193 R11: ffffed1002e65632 R12: ffff888013c06c00 [ 117.794016] R13: ffff88801732b1e8 R14: ffffffff8352e670 R15: ffff888016f5fe68 [ 117.794915] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.795839] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.796499] CR2: 0000000020000140 CR3: 00000000182ea000 CR4: 0000000000750ee0 [ 117.797308] PKRU: 55555554 [ 117.797640] Call Trace: [ 117.797940] [ 117.798207] __iommufd_access_detach+0x1c2/0x2b0 [ 117.798842] iommufd_access_change_pt+0x149/0x270 [ 117.799733] iommufd_access_replace+0xb4/0x120 [ 117.800275] iommufd_test+0x3e5/0x37e0 [ 117.800719] ? lock_release+0x532/0x770 [ 117.801183] ? __might_fault+0x102/0x1b0 [ 117.801654] ? lock_acquire+0x427/0x4c0 [ 117.802116] ? __pfx_iommufd_test+0x10/0x10 [ 117.802659] ? __pfx_lock_release+0x10/0x10 [ 117.803180] ? __pfx_lock_acquire+0x10/0x10 [ 117.803688] ? write_comp_data+0x2f/0x90 [ 117.804164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.804722] ? write_comp_data+0x2f/0x90 [ 117.805197] iommufd_fops_ioctl+0x37d/0x510 [ 117.805692] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.806251] ? write_comp_data+0x2f/0x90 [ 117.806757] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.807326] __x64_sys_ioctl+0x1a3/0x230 [ 117.807803] do_syscall_64+0x3b/0x90 [ 117.808244] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.808840] RIP: 0033:0x7f4b8743ee5d [ 117.809263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.811294] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.812135] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.812914] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.813696] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.814476] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.815382] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.815954] [ 117.816139] irq event stamp: 0 [ 117.816385] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.816872] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.817515] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.818157] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.818657] ---[ end trace 0000000000000000 ]--- [ 117.821399] ------------[ cut here ]------------ [ 117.821786] WARNING: CPU: 1 PID: 1067 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.822599] Modules linked in: [ 117.822851] CPU: 1 PID: 1067 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.823535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.824406] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.824792] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.826195] RSP: 0018:ffff888016f5fbd0 EFLAGS: 00010246 [ 117.826628] RAX: 0000000000000000 RBX: ffff88801732b0a8 RCX: 0000000000000000 [ 117.827190] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 117.827739] RBP: ffff888016f5fbe8 R08: ffffed1002e65633 R09: ffffed1002e65633 [ 117.828290] R10: ffff88801732b193 R11: ffffed1002e65632 R12: ffff88801435cc00 [ 117.828839] R13: ffff88801732b1e8 R14: ffff88800b1f8a00 R15: 0000000000000000 [ 117.829387] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.830011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.830466] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.831030] PKRU: 55555554 [ 117.831260] Call Trace: [ 117.831465] [ 117.831642] iommufd_access_destroy_object+0x65/0x170 [ 117.832046] iommufd_object_destroy_user+0x18e/0x220 [ 117.832445] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.832901] iommufd_access_destroy+0x43/0x70 [ 117.833261] iommufd_test_staccess_release+0x8d/0xd0 [ 117.833662] __fput+0x26d/0xa40 [ 117.833932] ____fput+0x1e/0x30 [ 117.834201] task_work_run+0x1a4/0x2d0 [ 117.834530] ? __pfx_task_work_run+0x10/0x10 [ 117.834881] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.835274] ? switch_task_namespaces+0xa9/0xe0 [ 117.835653] do_exit+0xb17/0x2ef0 [ 117.835927] ? lock_acquire+0x427/0x4c0 [ 117.836248] ? __pfx_lock_release+0x10/0x10 [ 117.836590] ? __kasan_check_write+0x18/0x20 [ 117.836938] ? do_raw_spin_lock+0x132/0x2a0 [ 117.837279] ? __pfx_do_exit+0x10/0x10 [ 117.837590] ? debug_smp_processor_id+0x20/0x30 [ 117.837955] ? rcu_is_watching+0x19/0xb0 [ 117.838273] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.838655] ? trace_hardirqs_on+0x26/0x120 [ 117.838999] do_group_exit+0xe0/0x2b0 [ 117.839303] __x64_sys_exit_group+0x47/0x50 [ 117.839632] do_syscall_64+0x3b/0x90 [ 117.839924] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.840326] RIP: 0033:0x7f4b87518a4d [ 117.840614] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.841083] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.841659] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.842194] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.842751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.843300] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.843837] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.844382] [ 117.844563] irq event stamp: 0 [ 117.844804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.845282] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.845919] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.846572] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.847051] ---[ end trace 0000000000000000 ]--- [ 117.847735] ------------[ cut here ]------------ [ 117.848094] WARNING: CPU: 1 PID: 1067 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.849276] Modules linked in: [ 117.849528] CPU: 1 PID: 1067 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.850196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.851078] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.851499] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.852886] RSP: 0018:ffff888016f5fb78 EFLAGS: 00010246 [ 117.853293] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.853836] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 117.854380] RBP: ffff888016f5fb98 R08: ffffed1002e6563e R09: ffffed1002e6563e [ 117.854943] R10: ffff88801732b1ef R11: ffffed1002e6563d R12: ffff88801732b290 [ 117.855505] R13: ffff88801732b0a8 R14: ffffffffffffffff R15: ffff888016f5fc60 [ 117.856051] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.856661] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.857105] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.857644] PKRU: 55555554 [ 117.857862] Call Trace: [ 117.858058] [ 117.858234] iommufd_ioas_destroy+0x53/0x70 [ 117.858591] iommufd_fops_release+0x1f7/0x370 [ 117.858943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.859349] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.859750] ? write_comp_data+0x2f/0x90 [ 117.860072] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.860457] __fput+0x26d/0xa40 [ 117.860722] ____fput+0x1e/0x30 [ 117.860985] task_work_run+0x1a4/0x2d0 [ 117.861291] ? __pfx_task_work_run+0x10/0x10 [ 117.861633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.862007] ? switch_task_namespaces+0xa9/0xe0 [ 117.862370] do_exit+0xb17/0x2ef0 [ 117.862661] ? lock_acquire+0x427/0x4c0 [ 117.862977] ? __pfx_lock_release+0x10/0x10 [ 117.863329] ? __kasan_check_write+0x18/0x20 [ 117.863674] ? do_raw_spin_lock+0x132/0x2a0 [ 117.864004] ? __pfx_do_exit+0x10/0x10 [ 117.864309] ? debug_smp_processor_id+0x20/0x30 [ 117.864669] ? rcu_is_watching+0x19/0xb0 [ 117.864981] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.865336] ? trace_hardirqs_on+0x26/0x120 [ 117.865673] do_group_exit+0xe0/0x2b0 [ 117.865965] __x64_sys_exit_group+0x47/0x50 [ 117.866293] do_syscall_64+0x3b/0x90 [ 117.866607] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.867007] RIP: 0033:0x7f4b87518a4d [ 117.867300] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.867766] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.868338] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.868871] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.869404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.869936] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.870468] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.871026] [ 117.871218] irq event stamp: 0 [ 117.871460] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.871932] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.872554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.873171] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.873635] ---[ end trace 0000000000000000 ]--- [ 117.877883] ------------[ cut here ]------------ [ 117.878261] WARNING: CPU: 1 PID: 1068 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.879068] Modules linked in: [ 117.879320] CPU: 1 PID: 1068 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.879967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.880791] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.881150] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.882463] RSP: 0018:ffff88801367fbb8 EFLAGS: 00010246 [ 117.883036] RAX: 0000000000000000 RBX: ffff8880158340a8 RCX: 0000000000000000 [ 117.883560] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 117.884075] RBP: ffff88801367fbd0 R08: ffffed1002b06833 R09: ffffed1002b06833 [ 117.884590] R10: ffff888015834193 R11: ffffed1002b06832 R12: ffff88801416a800 [ 117.885104] R13: ffff8880158341e8 R14: ffffffff8352e670 R15: ffff88801367fe68 [ 117.885617] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.886199] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.886634] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 117.887183] PKRU: 55555554 [ 117.887390] Call Trace: [ 117.887579] [ 117.887744] __iommufd_access_detach+0x1c2/0x2b0 [ 117.888104] iommufd_access_change_pt+0x149/0x270 [ 117.888467] iommufd_access_replace+0xb4/0x120 [ 117.888817] iommufd_test+0x3e5/0x37e0 [ 117.889104] ? lock_release+0x532/0x770 [ 117.889404] ? __might_fault+0x102/0x1b0 [ 117.889708] ? lock_acquire+0x427/0x4c0 [ 117.890007] ? __pfx_iommufd_test+0x10/0x10 [ 117.890322] ? __pfx_lock_release+0x10/0x10 [ 117.890662] ? __pfx_lock_acquire+0x10/0x10 [ 117.890991] ? write_comp_data+0x2f/0x90 [ 117.891306] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.891666] ? write_comp_data+0x2f/0x90 [ 117.891973] iommufd_fops_ioctl+0x37d/0x510 [ 117.892293] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.892655] ? write_comp_data+0x2f/0x90 [ 117.892962] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.893320] __x64_sys_ioctl+0x1a3/0x230 [ 117.893629] do_syscall_64+0x3b/0x90 [ 117.893912] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.894302] RIP: 0033:0x7f4b8743ee5d [ 117.894590] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.895918] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.896466] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.896983] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.897506] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.898012] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.898533] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.899051] [ 117.899223] irq event stamp: 0 [ 117.899450] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.899897] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.900495] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.901086] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.901534] ---[ end trace 0000000000000000 ]--- [ 117.904130] ------------[ cut here ]------------ [ 117.904493] WARNING: CPU: 1 PID: 1068 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.905201] Modules linked in: [ 117.905426] CPU: 1 PID: 1068 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.906036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.906841] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.907198] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.908468] RSP: 0018:ffff88801367fbd0 EFLAGS: 00010246 [ 117.908837] RAX: 0000000000000000 RBX: ffff8880158340a8 RCX: 0000000000000000 [ 117.909334] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 117.909833] RBP: ffff88801367fbe8 R08: ffffed1002b06833 R09: ffffed1002b06833 [ 117.910329] R10: ffff888015834193 R11: ffffed1002b06832 R12: ffff888013c06000 [ 117.910847] R13: ffff8880158341e8 R14: ffff88800fd0a300 R15: 0000000000000000 [ 117.911354] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.911915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.912323] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.912823] PKRU: 55555554 [ 117.913023] Call Trace: [ 117.913203] [ 117.913363] iommufd_access_destroy_object+0x65/0x170 [ 117.913730] iommufd_object_destroy_user+0x18e/0x220 [ 117.914093] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.914521] iommufd_access_destroy+0x43/0x70 [ 117.914849] iommufd_test_staccess_release+0x8d/0xd0 [ 117.915220] __fput+0x26d/0xa40 [ 117.915466] ____fput+0x1e/0x30 [ 117.915709] task_work_run+0x1a4/0x2d0 [ 117.915993] ? __pfx_task_work_run+0x10/0x10 [ 117.916310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.916659] ? switch_task_namespaces+0xa9/0xe0 [ 117.916999] do_exit+0xb17/0x2ef0 [ 117.917251] ? lock_acquire+0x427/0x4c0 [ 117.917540] ? __pfx_lock_release+0x10/0x10 [ 117.917855] ? __kasan_check_write+0x18/0x20 [ 117.918174] ? do_raw_spin_lock+0x132/0x2a0 [ 117.918481] ? __pfx_do_exit+0x10/0x10 [ 117.918784] ? debug_smp_processor_id+0x20/0x30 [ 117.919128] ? rcu_is_watching+0x19/0xb0 [ 117.919418] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.919743] ? trace_hardirqs_on+0x26/0x120 [ 117.920053] do_group_exit+0xe0/0x2b0 [ 117.920326] __x64_sys_exit_group+0x47/0x50 [ 117.920630] do_syscall_64+0x3b/0x90 [ 117.920902] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.921273] RIP: 0033:0x7f4b87518a4d [ 117.921536] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.921967] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.922495] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.923026] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.923533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.924028] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.924532] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.925041] [ 117.925209] irq event stamp: 0 [ 117.925432] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.925875] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.926459] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.927062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.927512] ---[ end trace 0000000000000000 ]--- [ 117.928140] ------------[ cut here ]------------ [ 117.928470] WARNING: CPU: 1 PID: 1068 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 117.929185] Modules linked in: [ 117.929415] CPU: 1 PID: 1068 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.930027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.930838] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 117.931209] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 117.932482] RSP: 0018:ffff88801367fb78 EFLAGS: 00010246 [ 117.932856] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 117.933353] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 117.933855] RBP: ffff88801367fb98 R08: ffffed1002b0683e R09: ffffed1002b0683e [ 117.934352] R10: ffff8880158341ef R11: ffffed1002b0683d R12: ffff888015834290 [ 117.934867] R13: ffff8880158340a8 R14: ffffffffffffffff R15: ffff88801367fc60 [ 117.935388] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.935949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.936357] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.936857] PKRU: 55555554 [ 117.937060] Call Trace: [ 117.937240] [ 117.937398] iommufd_ioas_destroy+0x53/0x70 [ 117.937706] iommufd_fops_release+0x1f7/0x370 [ 117.938026] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.938377] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.938735] ? write_comp_data+0x2f/0x90 [ 117.939028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 117.939384] __fput+0x26d/0xa40 [ 117.939630] ____fput+0x1e/0x30 [ 117.939871] task_work_run+0x1a4/0x2d0 [ 117.940151] ? __pfx_task_work_run+0x10/0x10 [ 117.940463] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.940808] ? switch_task_namespaces+0xa9/0xe0 [ 117.941141] do_exit+0xb17/0x2ef0 [ 117.941384] ? lock_acquire+0x427/0x4c0 [ 117.941671] ? __pfx_lock_release+0x10/0x10 [ 117.941979] ? __kasan_check_write+0x18/0x20 [ 117.942289] ? do_raw_spin_lock+0x132/0x2a0 [ 117.942609] ? __pfx_do_exit+0x10/0x10 [ 117.942892] ? debug_smp_processor_id+0x20/0x30 [ 117.943224] ? rcu_is_watching+0x19/0xb0 [ 117.943502] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.943811] ? trace_hardirqs_on+0x26/0x120 [ 117.944106] do_group_exit+0xe0/0x2b0 [ 117.944362] __x64_sys_exit_group+0x47/0x50 [ 117.944651] do_syscall_64+0x3b/0x90 [ 117.944909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.945263] RIP: 0033:0x7f4b87518a4d [ 117.945512] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.945921] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.946424] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.946919] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.947411] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.947883] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.948356] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.948841] [ 117.949000] irq event stamp: 0 [ 117.949215] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.949638] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.950195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.950766] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.951195] ---[ end trace 0000000000000000 ]--- [ 117.955121] ------------[ cut here ]------------ [ 117.955470] WARNING: CPU: 1 PID: 1069 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.956159] Modules linked in: [ 117.956375] CPU: 1 PID: 1069 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.956959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.957708] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.958041] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.959322] RSP: 0018:ffff88801403fbb8 EFLAGS: 00010246 [ 117.959680] RAX: 0000000000000000 RBX: ffff888011e790a8 RCX: 0000000000000000 [ 117.960157] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 117.960634] RBP: ffff88801403fbd0 R08: ffffed10023cf233 R09: ffffed10023cf233 [ 117.961113] R10: ffff888011e79193 R11: ffffed10023cf232 R12: ffff888020b31800 [ 117.961592] R13: ffff888011e791e8 R14: ffffffff8352e670 R15: ffff88801403fe68 [ 117.962069] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.962629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.963024] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ee0 [ 117.963518] PKRU: 55555554 [ 117.963712] Call Trace: [ 117.963885] [ 117.964038] __iommufd_access_detach+0x1c2/0x2b0 [ 117.964374] iommufd_access_change_pt+0x149/0x270 [ 117.964709] iommufd_access_replace+0xb4/0x120 [ 117.965031] iommufd_test+0x3e5/0x37e0 [ 117.965296] ? lock_release+0x532/0x770 [ 117.965575] ? __might_fault+0x102/0x1b0 [ 117.965859] ? lock_acquire+0x427/0x4c0 [ 117.966140] ? __pfx_iommufd_test+0x10/0x10 [ 117.966433] ? __pfx_lock_release+0x10/0x10 [ 117.966748] ? __pfx_lock_acquire+0x10/0x10 [ 117.967052] ? write_comp_data+0x2f/0x90 [ 117.967352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.967692] ? write_comp_data+0x2f/0x90 [ 117.967979] iommufd_fops_ioctl+0x37d/0x510 [ 117.968278] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.968612] ? write_comp_data+0x2f/0x90 [ 117.968897] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 117.969227] __x64_sys_ioctl+0x1a3/0x230 [ 117.969511] do_syscall_64+0x3b/0x90 [ 117.969773] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.970130] RIP: 0033:0x7f4b8743ee5d [ 117.970382] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 117.971627] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 117.972146] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 117.972625] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 117.973101] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 117.973581] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 117.974056] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 117.974556] [ 117.974718] irq event stamp: 0 [ 117.974933] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 117.975358] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 117.975922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 117.976488] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 117.976913] ---[ end trace 0000000000000000 ]--- [ 117.979394] ------------[ cut here ]------------ [ 117.979723] WARNING: CPU: 1 PID: 1069 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 117.980402] Modules linked in: [ 117.980618] CPU: 1 PID: 1069 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 117.981204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 117.981949] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 117.982280] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 117.983549] RSP: 0018:ffff88801403fbd0 EFLAGS: 00010246 [ 117.983910] RAX: 0000000000000000 RBX: ffff888011e790a8 RCX: 0000000000000000 [ 117.984385] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 117.984857] RBP: ffff88801403fbe8 R08: ffffed10023cf233 R09: ffffed10023cf233 [ 117.985340] R10: ffff888011e79193 R11: ffffed10023cf232 R12: ffff88801416bc00 [ 117.985812] R13: ffff888011e791e8 R14: ffff8880218ebe00 R15: 0000000000000000 [ 117.986291] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 117.986842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 117.987243] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 117.987722] PKRU: 55555554 [ 117.987914] Call Trace: [ 117.988086] [ 117.988238] iommufd_access_destroy_object+0x65/0x170 [ 117.988588] iommufd_object_destroy_user+0x18e/0x220 [ 117.988932] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 117.989325] iommufd_access_destroy+0x43/0x70 [ 117.989635] iommufd_test_staccess_release+0x8d/0xd0 [ 117.989984] __fput+0x26d/0xa40 [ 117.990219] ____fput+0x1e/0x30 [ 117.990449] task_work_run+0x1a4/0x2d0 [ 117.990733] ? __pfx_task_work_run+0x10/0x10 [ 117.991034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 117.991379] ? switch_task_namespaces+0xa9/0xe0 [ 117.991705] do_exit+0xb17/0x2ef0 [ 117.991940] ? lock_acquire+0x427/0x4c0 [ 117.992215] ? __pfx_lock_release+0x10/0x10 [ 117.992510] ? __kasan_check_write+0x18/0x20 [ 117.992808] ? do_raw_spin_lock+0x132/0x2a0 [ 117.993099] ? __pfx_do_exit+0x10/0x10 [ 117.993367] ? debug_smp_processor_id+0x20/0x30 [ 117.993681] ? rcu_is_watching+0x19/0xb0 [ 117.993956] ? _raw_spin_unlock_irq+0x2b/0x60 [ 117.994266] ? trace_hardirqs_on+0x26/0x120 [ 117.994586] do_group_exit+0xe0/0x2b0 [ 117.994857] __x64_sys_exit_group+0x47/0x50 [ 117.995177] do_syscall_64+0x3b/0x90 [ 117.995448] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 117.995818] RIP: 0033:0x7f4b87518a4d [ 117.996081] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 117.996514] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 117.997050] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 117.997547] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 117.998043] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 117.998553] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 117.999048] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 117.999556] [ 117.999721] irq event stamp: 0 [ 117.999942] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.000386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.000971] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.001553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.001994] ---[ end trace 0000000000000000 ]--- [ 118.002654] ------------[ cut here ]------------ [ 118.002986] WARNING: CPU: 1 PID: 1069 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.003706] Modules linked in: [ 118.003933] CPU: 1 PID: 1069 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.004544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.005328] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.005690] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.006991] RSP: 0018:ffff88801403fb78 EFLAGS: 00010246 [ 118.007093] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 118.007384] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.007392] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 118.007399] RBP: ffff88801403fb98 R08: ffffed10023cf23e R09: ffffed10023cf23e [ 118.008842] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 118.009310] R10: ffff888011e791ef R11: ffffed10023cf23d R12: ffff888011e79290 [ 118.011755] R13: ffff888011e790a8 R14: ffffffffffffffff R15: ffff88801403fc60 [ 118.012244] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.012795] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.013196] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.013688] PKRU: 55555554 [ 118.013884] Call Trace: [ 118.014064] [ 118.014223] iommufd_ioas_destroy+0x53/0x70 [ 118.014544] iommufd_fops_release+0x1f7/0x370 [ 118.014864] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.015220] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.015568] ? write_comp_data+0x2f/0x90 [ 118.015861] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.016224] __fput+0x26d/0xa40 [ 118.016471] ____fput+0x1e/0x30 [ 118.016710] task_work_run+0x1a4/0x2d0 [ 118.016989] ? __pfx_task_work_run+0x10/0x10 [ 118.017302] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.017648] ? switch_task_namespaces+0xa9/0xe0 [ 118.017983] do_exit+0xb17/0x2ef0 [ 118.018225] ? lock_acquire+0x427/0x4c0 [ 118.018535] ? __pfx_lock_release+0x10/0x10 [ 118.018842] ? __kasan_check_write+0x18/0x20 [ 118.019162] ? do_raw_spin_lock+0x132/0x2a0 [ 118.019463] ? __pfx_do_exit+0x10/0x10 [ 118.019743] ? debug_smp_processor_id+0x20/0x30 [ 118.020070] ? rcu_is_watching+0x19/0xb0 [ 118.020355] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.020674] ? trace_hardirqs_on+0x26/0x120 [ 118.020980] do_group_exit+0xe0/0x2b0 [ 118.021247] __x64_sys_exit_group+0x47/0x50 [ 118.021547] do_syscall_64+0x3b/0x90 [ 118.021814] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.022179] RIP: 0033:0x7f4b87518a4d [ 118.022441] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.022880] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.023417] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.023909] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.024402] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.024892] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.025386] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.025884] [ 118.026045] irq event stamp: 0 [ 118.026268] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.026723] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.027315] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.027897] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.028332] ---[ end trace 0000000000000000 ]--- [ 118.031706] ------------[ cut here ]------------ [ 118.032058] WARNING: CPU: 1 PID: 1071 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.032764] Modules linked in: [ 118.032988] CPU: 1 PID: 1071 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.033587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.034358] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.034741] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.036050] RSP: 0018:ffff888016dcfbb8 EFLAGS: 00010246 [ 118.036422] RAX: 0000000000000000 RBX: ffff8880135e18a8 RCX: 0000000000000000 [ 118.036916] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 118.037408] RBP: ffff888016dcfbd0 R08: ffffed10026bc333 R09: ffffed10026bc333 [ 118.037905] R10: ffff8880135e1993 R11: ffffed10026bc332 R12: ffff8880139fa400 [ 118.038404] R13: ffff8880135e19e8 R14: ffffffff8352e670 R15: ffff888016dcfe68 [ 118.038938] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.039521] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.039937] CR2: 00007f4b877410e8 CR3: 0000000020eb0000 CR4: 0000000000750ee0 [ 118.040451] PKRU: 55555554 [ 118.040657] Call Trace: [ 118.040841] [ 118.041005] __iommufd_access_detach+0x1c2/0x2b0 [ 118.041363] iommufd_access_change_pt+0x149/0x270 [ 118.041722] iommufd_access_replace+0xb4/0x120 [ 118.042059] iommufd_test+0x3e5/0x37e0 [ 118.042342] ? lock_release+0x532/0x770 [ 118.042657] ? __might_fault+0x102/0x1b0 [ 118.042959] ? lock_acquire+0x427/0x4c0 [ 118.043262] ? __pfx_iommufd_test+0x10/0x10 [ 118.043574] ? __pfx_lock_release+0x10/0x10 [ 118.043892] ? __pfx_lock_acquire+0x10/0x10 [ 118.044210] ? write_comp_data+0x2f/0x90 [ 118.044512] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.044866] ? write_comp_data+0x2f/0x90 [ 118.045167] iommufd_fops_ioctl+0x37d/0x510 [ 118.045479] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.045832] ? write_comp_data+0x2f/0x90 [ 118.046131] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.046479] __x64_sys_ioctl+0x1a3/0x230 [ 118.046796] do_syscall_64+0x3b/0x90 [ 118.047074] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.047463] RIP: 0033:0x7f4b8743ee5d [ 118.047732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.049027] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.049571] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.050078] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.050600] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.051104] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.051620] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.052136] [ 118.052304] irq event stamp: 0 [ 118.052532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.052983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.053578] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.054191] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.054660] ---[ end trace 0000000000000000 ]--- [ 118.057427] ------------[ cut here ]------------ [ 118.057802] WARNING: CPU: 1 PID: 1071 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.058555] Modules linked in: [ 118.058786] CPU: 1 PID: 1071 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.059422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.060224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.060582] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.061887] RSP: 0018:ffff888016dcfbd0 EFLAGS: 00010246 [ 118.062273] RAX: 0000000000000000 RBX: ffff8880135e18a8 RCX: 0000000000000000 [ 118.062803] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 118.063339] RBP: ffff888016dcfbe8 R08: ffffed10026bc333 R09: ffffed10026bc333 [ 118.063847] R10: ffff8880135e1993 R11: ffffed10026bc332 R12: ffff888020b31000 [ 118.064354] R13: ffff8880135e19e8 R14: ffff888013596b00 R15: 0000000000000000 [ 118.064880] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.065464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.065893] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.066413] PKRU: 55555554 [ 118.066648] Call Trace: [ 118.066889] [ 118.067120] iommufd_access_destroy_object+0x65/0x170 [ 118.067508] iommufd_object_destroy_user+0x18e/0x220 [ 118.067886] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.068324] iommufd_access_destroy+0x43/0x70 [ 118.068669] iommufd_test_staccess_release+0x8d/0xd0 [ 118.069051] __fput+0x26d/0xa40 [ 118.069316] ____fput+0x1e/0x30 [ 118.069567] task_work_run+0x1a4/0x2d0 [ 118.069860] ? __pfx_task_work_run+0x10/0x10 [ 118.070192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.070598] ? switch_task_namespaces+0xa9/0xe0 [ 118.071067] do_exit+0xb17/0x2ef0 [ 118.071349] ? lock_acquire+0x427/0x4c0 [ 118.071657] ? __pfx_lock_release+0x10/0x10 [ 118.071980] ? __kasan_check_write+0x18/0x20 [ 118.072313] ? do_raw_spin_lock+0x132/0x2a0 [ 118.072641] ? __pfx_do_exit+0x10/0x10 [ 118.072935] ? debug_smp_processor_id+0x20/0x30 [ 118.073281] ? rcu_is_watching+0x19/0xb0 [ 118.073589] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.073927] ? trace_hardirqs_on+0x26/0x120 [ 118.074250] do_group_exit+0xe0/0x2b0 [ 118.074566] __x64_sys_exit_group+0x47/0x50 [ 118.074985] do_syscall_64+0x3b/0x90 [ 118.075326] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.075719] RIP: 0033:0x7f4b87518a4d [ 118.075995] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.076456] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.077013] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.077547] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.078068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.078625] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.079246] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.079784] [ 118.079958] irq event stamp: 0 [ 118.080188] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.080659] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.081272] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.081889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.082350] ---[ end trace 0000000000000000 ]--- [ 118.083205] ------------[ cut here ]------------ [ 118.083564] WARNING: CPU: 1 PID: 1071 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.084306] Modules linked in: [ 118.084541] CPU: 1 PID: 1071 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.085172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.085988] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.086363] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.087718] RSP: 0018:ffff888016dcfb78 EFLAGS: 00010246 [ 118.088134] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.088649] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 118.089174] RBP: ffff888016dcfb98 R08: ffffed10026bc33e R09: ffffed10026bc33e [ 118.089701] R10: ffff8880135e19ef R11: ffffed10026bc33d R12: ffff8880135e1a90 [ 118.090225] R13: ffff8880135e18a8 R14: ffffffffffffffff R15: ffff888016dcfc60 [ 118.090777] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.091393] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.091829] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.092386] PKRU: 55555554 [ 118.092603] Call Trace: [ 118.092795] [ 118.092965] iommufd_ioas_destroy+0x53/0x70 [ 118.093293] iommufd_fops_release+0x1f7/0x370 [ 118.093632] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.094008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.094379] ? write_comp_data+0x2f/0x90 [ 118.094713] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.095091] __fput+0x26d/0xa40 [ 118.095363] ____fput+0x1e/0x30 [ 118.095619] task_work_run+0x1a4/0x2d0 [ 118.095919] ? __pfx_task_work_run+0x10/0x10 [ 118.096254] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.096622] ? switch_task_namespaces+0xa9/0xe0 [ 118.096978] do_exit+0xb17/0x2ef0 [ 118.097237] ? lock_acquire+0x427/0x4c0 [ 118.097542] ? __pfx_lock_release+0x10/0x10 [ 118.097872] ? __kasan_check_write+0x18/0x20 [ 118.098204] ? do_raw_spin_lock+0x132/0x2a0 [ 118.098547] ? __pfx_do_exit+0x10/0x10 [ 118.098849] ? debug_smp_processor_id+0x20/0x30 [ 118.099217] ? rcu_is_watching+0x19/0xb0 [ 118.099522] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.099867] ? trace_hardirqs_on+0x26/0x120 [ 118.100197] do_group_exit+0xe0/0x2b0 [ 118.100485] __x64_sys_exit_group+0x47/0x50 [ 118.100808] do_syscall_64+0x3b/0x90 [ 118.101095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.101489] RIP: 0033:0x7f4b87518a4d [ 118.101765] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.102220] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.102801] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.103337] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.103867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.104397] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.104924] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.105462] [ 118.105637] irq event stamp: 0 [ 118.105874] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.106342] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.106990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.107624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.108091] ---[ end trace 0000000000000000 ]--- [ 118.112585] ------------[ cut here ]------------ [ 118.112988] WARNING: CPU: 1 PID: 1072 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.113741] Modules linked in: [ 118.113982] CPU: 1 PID: 1072 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.114663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.115512] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.115883] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.117237] RSP: 0018:ffff88802452fbb8 EFLAGS: 00010246 [ 118.117637] RAX: 0000000000000000 RBX: ffff8880218fb8a8 RCX: 0000000000000000 [ 118.118168] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 118.118712] RBP: ffff88802452fbd0 R08: ffffed100431f733 R09: ffffed100431f733 [ 118.119254] R10: ffff8880218fb993 R11: ffffed100431f732 R12: ffff888018308400 [ 118.119787] R13: ffff8880218fb9e8 R14: ffffffff8352e670 R15: ffff88802452fe68 [ 118.120316] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.120946] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.121384] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 118.121924] PKRU: 55555554 [ 118.122139] Call Trace: [ 118.122333] [ 118.122525] __iommufd_access_detach+0x1c2/0x2b0 [ 118.122899] iommufd_access_change_pt+0x149/0x270 [ 118.123291] iommufd_access_replace+0xb4/0x120 [ 118.123652] iommufd_test+0x3e5/0x37e0 [ 118.123952] ? lock_release+0x532/0x770 [ 118.124265] ? __might_fault+0x102/0x1b0 [ 118.124580] ? lock_acquire+0x427/0x4c0 [ 118.124895] ? __pfx_iommufd_test+0x10/0x10 [ 118.125226] ? __pfx_lock_release+0x10/0x10 [ 118.125564] ? __pfx_lock_acquire+0x10/0x10 [ 118.125906] ? write_comp_data+0x2f/0x90 [ 118.126227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.126622] ? write_comp_data+0x2f/0x90 [ 118.126943] iommufd_fops_ioctl+0x37d/0x510 [ 118.127287] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.127668] ? write_comp_data+0x2f/0x90 [ 118.127989] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.128360] __x64_sys_ioctl+0x1a3/0x230 [ 118.128685] do_syscall_64+0x3b/0x90 [ 118.128984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.129397] RIP: 0033:0x7f4b8743ee5d [ 118.129684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.131101] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.131700] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.132245] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.132790] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.133328] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.133883] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.134438] [ 118.134634] irq event stamp: 0 [ 118.134878] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.135384] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.136022] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.136657] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.137135] ---[ end trace 0000000000000000 ]--- [ 118.139870] ------------[ cut here ]------------ [ 118.140259] WARNING: CPU: 1 PID: 1072 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.141033] Modules linked in: [ 118.141284] CPU: 1 PID: 1072 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.141952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.142819] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.143200] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.144552] RSP: 0018:ffff88802452fbd0 EFLAGS: 00010246 [ 118.144962] RAX: 0000000000000000 RBX: ffff8880218fb8a8 RCX: 0000000000000000 [ 118.145504] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 118.146039] RBP: ffff88802452fbe8 R08: ffffed100431f733 R09: ffffed100431f733 [ 118.146611] R10: ffff8880218fb993 R11: ffffed100431f732 R12: ffff8880139f8800 [ 118.147172] R13: ffff8880218fb9e8 R14: ffff88800fd62900 R15: 0000000000000000 [ 118.147712] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.148319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.148763] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.149307] PKRU: 55555554 [ 118.149521] Call Trace: [ 118.149713] [ 118.149884] iommufd_access_destroy_object+0x65/0x170 [ 118.150280] iommufd_object_destroy_user+0x18e/0x220 [ 118.150697] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.151150] iommufd_access_destroy+0x43/0x70 [ 118.151502] iommufd_test_staccess_release+0x8d/0xd0 [ 118.151898] __fput+0x26d/0xa40 [ 118.152166] ____fput+0x1e/0x30 [ 118.152426] task_work_run+0x1a4/0x2d0 [ 118.152734] ? __pfx_task_work_run+0x10/0x10 [ 118.153075] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.153449] ? switch_task_namespaces+0xa9/0xe0 [ 118.153814] do_exit+0xb17/0x2ef0 [ 118.154079] ? lock_acquire+0x427/0x4c0 [ 118.154390] ? __pfx_lock_release+0x10/0x10 [ 118.154751] ? __kasan_check_write+0x18/0x20 [ 118.155090] ? do_raw_spin_lock+0x132/0x2a0 [ 118.155429] ? __pfx_do_exit+0x10/0x10 [ 118.155741] ? debug_smp_processor_id+0x20/0x30 [ 118.156106] ? rcu_is_watching+0x19/0xb0 [ 118.156424] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.156771] ? trace_hardirqs_on+0x26/0x120 [ 118.157105] do_group_exit+0xe0/0x2b0 [ 118.157399] __x64_sys_exit_group+0x47/0x50 [ 118.157727] do_syscall_64+0x3b/0x90 [ 118.158024] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.158430] RIP: 0033:0x7f4b87518a4d [ 118.158745] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.159236] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.159813] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.160353] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.160899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.161447] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.161986] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.162561] [ 118.162745] irq event stamp: 0 [ 118.162988] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.163487] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.164130] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.164778] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.165262] ---[ end trace 0000000000000000 ]--- [ 118.165947] ------------[ cut here ]------------ [ 118.166322] WARNING: CPU: 1 PID: 1072 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.167145] Modules linked in: [ 118.167394] CPU: 1 PID: 1072 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.168059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.168906] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.169297] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.170877] RSP: 0018:ffff88802452fb78 EFLAGS: 00010246 [ 118.171306] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.171851] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 118.172403] RBP: ffff88802452fb98 R08: ffffed100431f73e R09: ffffed100431f73e [ 118.172950] R10: ffff8880218fb9ef R11: ffffed100431f73d R12: ffff8880218fba90 [ 118.173498] R13: ffff8880218fb8a8 R14: ffffffffffffffff R15: ffff88802452fc60 [ 118.174034] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.174664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.175113] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.175662] PKRU: 55555554 [ 118.175879] Call Trace: [ 118.176074] [ 118.176248] iommufd_ioas_destroy+0x53/0x70 [ 118.176581] iommufd_fops_release+0x1f7/0x370 [ 118.176928] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.177309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.177689] ? write_comp_data+0x2f/0x90 [ 118.178010] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.178395] __fput+0x26d/0xa40 [ 118.178678] ____fput+0x1e/0x30 [ 118.178941] task_work_run+0x1a4/0x2d0 [ 118.179255] ? __pfx_task_work_run+0x10/0x10 [ 118.179595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.179991] ? switch_task_namespaces+0xa9/0xe0 [ 118.180354] do_exit+0xb17/0x2ef0 [ 118.180621] ? lock_acquire+0x427/0x4c0 [ 118.180940] ? __pfx_lock_release+0x10/0x10 [ 118.181280] ? __kasan_check_write+0x18/0x20 [ 118.181619] ? do_raw_spin_lock+0x132/0x2a0 [ 118.181946] ? __pfx_do_exit+0x10/0x10 [ 118.182248] ? debug_smp_processor_id+0x20/0x30 [ 118.182622] ? rcu_is_watching+0x19/0xb0 [ 118.182939] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.183310] ? trace_hardirqs_on+0x26/0x120 [ 118.183653] do_group_exit+0xe0/0x2b0 [ 118.183947] __x64_sys_exit_group+0x47/0x50 [ 118.184273] do_syscall_64+0x3b/0x90 [ 118.184566] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.184972] RIP: 0033:0x7f4b87518a4d [ 118.185257] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.185721] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.186296] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.186858] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.187401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.187934] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.188468] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.189021] [ 118.189202] irq event stamp: 0 [ 118.189441] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.189916] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.190566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.191219] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.191696] ---[ end trace 0000000000000000 ]--- [ 118.195925] ------------[ cut here ]------------ [ 118.196337] WARNING: CPU: 1 PID: 1073 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.197098] Modules linked in: [ 118.197343] CPU: 1 PID: 1073 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.197995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.198859] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.199250] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.200602] RSP: 0018:ffff888011f57bb8 EFLAGS: 00010246 [ 118.201001] RAX: 0000000000000000 RBX: ffff888010ede8a8 RCX: 0000000000000000 [ 118.201535] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 118.202077] RBP: ffff888011f57bd0 R08: ffffed10021dbd33 R09: ffffed10021dbd33 [ 118.202629] R10: ffff888010ede993 R11: ffffed10021dbd32 R12: ffff88800f71f800 [ 118.203172] R13: ffff888010ede9e8 R14: ffffffff8352e670 R15: ffff888011f57e68 [ 118.203704] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.204305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.204739] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 118.205276] PKRU: 55555554 [ 118.205492] Call Trace: [ 118.205685] [ 118.205855] __iommufd_access_detach+0x1c2/0x2b0 [ 118.206224] iommufd_access_change_pt+0x149/0x270 [ 118.206616] iommufd_access_replace+0xb4/0x120 [ 118.206977] iommufd_test+0x3e5/0x37e0 [ 118.207339] ? lock_release+0x532/0x770 [ 118.207660] ? __might_fault+0x102/0x1b0 [ 118.207979] ? lock_acquire+0x427/0x4c0 [ 118.208293] ? __pfx_iommufd_test+0x10/0x10 [ 118.208616] ? __pfx_lock_release+0x10/0x10 [ 118.208972] ? __pfx_lock_acquire+0x10/0x10 [ 118.209306] ? write_comp_data+0x2f/0x90 [ 118.209620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.209992] ? write_comp_data+0x2f/0x90 [ 118.210306] iommufd_fops_ioctl+0x37d/0x510 [ 118.210668] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.211041] ? write_comp_data+0x2f/0x90 [ 118.211364] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.211736] __x64_sys_ioctl+0x1a3/0x230 [ 118.212056] do_syscall_64+0x3b/0x90 [ 118.212350] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.212753] RIP: 0033:0x7f4b8743ee5d [ 118.213039] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.214412] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.215008] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.215562] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.216103] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.216644] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.217187] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.217734] [ 118.217914] irq event stamp: 0 [ 118.218158] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.218659] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.219310] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.219942] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.220412] ---[ end trace 0000000000000000 ]--- [ 118.223208] ------------[ cut here ]------------ [ 118.223610] WARNING: CPU: 1 PID: 1073 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.224377] Modules linked in: [ 118.224620] CPU: 1 PID: 1073 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.225283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.226126] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.226502] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.227917] RSP: 0018:ffff888011f57bd0 EFLAGS: 00010246 [ 118.228318] RAX: 0000000000000000 RBX: ffff888010ede8a8 RCX: 0000000000000000 [ 118.228865] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 118.229410] RBP: ffff888011f57be8 R08: ffffed10021dbd33 R09: ffffed10021dbd33 [ 118.229956] R10: ffff888010ede993 R11: ffffed10021dbd32 R12: ffff888018308000 [ 118.230501] R13: ffff888010ede9e8 R14: ffff88802093b800 R15: 0000000000000000 [ 118.231067] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.231689] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.232131] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.232670] PKRU: 55555554 [ 118.232882] Call Trace: [ 118.233075] [ 118.233255] iommufd_access_destroy_object+0x65/0x170 [ 118.233645] iommufd_object_destroy_user+0x18e/0x220 [ 118.234029] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.234475] iommufd_access_destroy+0x43/0x70 [ 118.234881] iommufd_test_staccess_release+0x8d/0xd0 [ 118.235297] __fput+0x26d/0xa40 [ 118.235564] ____fput+0x1e/0x30 [ 118.235824] task_work_run+0x1a4/0x2d0 [ 118.236125] ? __pfx_task_work_run+0x10/0x10 [ 118.236467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.236845] ? switch_task_namespaces+0xa9/0xe0 [ 118.237218] do_exit+0xb17/0x2ef0 [ 118.237488] ? lock_acquire+0x427/0x4c0 [ 118.237801] ? __pfx_lock_release+0x10/0x10 [ 118.238144] ? __kasan_check_write+0x18/0x20 [ 118.238484] ? do_raw_spin_lock+0x132/0x2a0 [ 118.238839] ? __pfx_do_exit+0x10/0x10 [ 118.239162] ? debug_smp_processor_id+0x20/0x30 [ 118.239513] ? rcu_is_watching+0x19/0xb0 [ 118.239826] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.240176] ? trace_hardirqs_on+0x26/0x120 [ 118.240518] do_group_exit+0xe0/0x2b0 [ 118.240813] __x64_sys_exit_group+0x47/0x50 [ 118.241149] do_syscall_64+0x3b/0x90 [ 118.241446] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.241854] RIP: 0033:0x7f4b87518a4d [ 118.242139] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.242630] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.243215] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.243753] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.244293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.244825] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.245354] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.245903] [ 118.246086] irq event stamp: 0 [ 118.246328] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.246828] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.247492] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.248127] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.248605] ---[ end trace 0000000000000000 ]--- [ 118.249294] ------------[ cut here ]------------ [ 118.249654] WARNING: CPU: 1 PID: 1073 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.250427] Modules linked in: [ 118.250697] CPU: 1 PID: 1073 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.251367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.252224] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.252622] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.254022] RSP: 0018:ffff888011f57b78 EFLAGS: 00010246 [ 118.254429] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.254994] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 118.255545] RBP: ffff888011f57b98 R08: ffffed10021dbd3e R09: ffffed10021dbd3e [ 118.256085] R10: ffff888010ede9ef R11: ffffed10021dbd3d R12: ffff888010edea90 [ 118.256617] R13: ffff888010ede8a8 R14: ffffffffffffffff R15: ffff888011f57c60 [ 118.257152] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.257757] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.258196] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.258758] PKRU: 55555554 [ 118.258977] Call Trace: [ 118.259194] [ 118.259373] iommufd_ioas_destroy+0x53/0x70 [ 118.259711] iommufd_fops_release+0x1f7/0x370 [ 118.260060] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.260443] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.260824] ? write_comp_data+0x2f/0x90 [ 118.261144] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.261525] __fput+0x26d/0xa40 [ 118.261795] ____fput+0x1e/0x30 [ 118.262062] task_work_run+0x1a4/0x2d0 [ 118.262367] ? __pfx_task_work_run+0x10/0x10 [ 118.262730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.263115] ? switch_task_namespaces+0xa9/0xe0 [ 118.263482] do_exit+0xb17/0x2ef0 [ 118.263749] ? lock_acquire+0x427/0x4c0 [ 118.264062] ? __pfx_lock_release+0x10/0x10 [ 118.264401] ? __kasan_check_write+0x18/0x20 [ 118.264739] ? do_raw_spin_lock+0x132/0x2a0 [ 118.265069] ? __pfx_do_exit+0x10/0x10 [ 118.265378] ? debug_smp_processor_id+0x20/0x30 [ 118.265736] ? rcu_is_watching+0x19/0xb0 [ 118.266049] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.266399] ? trace_hardirqs_on+0x26/0x120 [ 118.266749] do_group_exit+0xe0/0x2b0 [ 118.267068] __x64_sys_exit_group+0x47/0x50 [ 118.267403] do_syscall_64+0x3b/0x90 [ 118.267698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.268101] RIP: 0033:0x7f4b87518a4d [ 118.268386] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.268851] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.269445] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.269983] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.270553] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.271092] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.271677] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.272231] [ 118.272411] irq event stamp: 0 [ 118.272652] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.273126] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.273763] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.274401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.274906] ---[ end trace 0000000000000000 ]--- [ 118.279004] ------------[ cut here ]------------ [ 118.279416] WARNING: CPU: 1 PID: 1074 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.280192] Modules linked in: [ 118.280437] CPU: 1 PID: 1074 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.281095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.281941] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.282316] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.283837] RSP: 0018:ffff888013e17bb8 EFLAGS: 00010246 [ 118.284244] RAX: 0000000000000000 RBX: ffff888015e438a8 RCX: 0000000000000000 [ 118.284779] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 118.285317] RBP: ffff888013e17bd0 R08: ffffed1002bc8733 R09: ffffed1002bc8733 [ 118.285851] R10: ffff888015e43993 R11: ffffed1002bc8732 R12: ffff888014449c00 [ 118.286384] R13: ffff888015e439e8 R14: ffffffff8352e670 R15: ffff888013e17e68 [ 118.286934] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.287555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.287991] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 118.288529] PKRU: 55555554 [ 118.288744] Call Trace: [ 118.288939] [ 118.289111] __iommufd_access_detach+0x1c2/0x2b0 [ 118.289480] iommufd_access_change_pt+0x149/0x270 [ 118.289861] iommufd_access_replace+0xb4/0x120 [ 118.290220] iommufd_test+0x3e5/0x37e0 [ 118.290536] ? lock_release+0x532/0x770 [ 118.290851] ? __might_fault+0x102/0x1b0 [ 118.291181] ? lock_acquire+0x427/0x4c0 [ 118.291494] ? __pfx_iommufd_test+0x10/0x10 [ 118.291822] ? __pfx_lock_release+0x10/0x10 [ 118.292157] ? __pfx_lock_acquire+0x10/0x10 [ 118.292499] ? write_comp_data+0x2f/0x90 [ 118.292816] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.293191] ? write_comp_data+0x2f/0x90 [ 118.293510] iommufd_fops_ioctl+0x37d/0x510 [ 118.293842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.294226] ? write_comp_data+0x2f/0x90 [ 118.294561] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.294934] __x64_sys_ioctl+0x1a3/0x230 [ 118.295263] do_syscall_64+0x3b/0x90 [ 118.295557] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.295955] RIP: 0033:0x7f4b8743ee5d [ 118.296236] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.297616] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.298189] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.298743] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.299289] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.299830] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.300367] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.300912] [ 118.301091] irq event stamp: 0 [ 118.301331] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.301803] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.302433] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.303086] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.303573] ---[ end trace 0000000000000000 ]--- [ 118.306301] ------------[ cut here ]------------ [ 118.306721] WARNING: CPU: 1 PID: 1074 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.307500] Modules linked in: [ 118.307745] CPU: 1 PID: 1074 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.308403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.309250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.309627] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.311108] RSP: 0018:ffff888013e17bd0 EFLAGS: 00010246 [ 118.311521] RAX: 0000000000000000 RBX: ffff888015e438a8 RCX: 0000000000000000 [ 118.312056] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 118.312594] RBP: ffff888013e17be8 R08: ffffed1002bc8733 R09: ffffed1002bc8733 [ 118.313130] R10: ffff888015e43993 R11: ffffed1002bc8732 R12: ffff88800f71e800 [ 118.313668] R13: ffff888015e439e8 R14: ffff88802094ed00 R15: 0000000000000000 [ 118.314206] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.314827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.315286] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.315823] PKRU: 55555554 [ 118.316040] Call Trace: [ 118.316235] [ 118.316408] iommufd_access_destroy_object+0x65/0x170 [ 118.316805] iommufd_object_destroy_user+0x18e/0x220 [ 118.317201] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.317656] iommufd_access_destroy+0x43/0x70 [ 118.318011] iommufd_test_staccess_release+0x8d/0xd0 [ 118.318408] __fput+0x26d/0xa40 [ 118.318694] ____fput+0x1e/0x30 [ 118.318958] task_work_run+0x1a4/0x2d0 [ 118.319280] ? __pfx_task_work_run+0x10/0x10 [ 118.319624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.320003] ? switch_task_namespaces+0xa9/0xe0 [ 118.320368] do_exit+0xb17/0x2ef0 [ 118.320636] ? lock_acquire+0x427/0x4c0 [ 118.320955] ? __pfx_lock_release+0x10/0x10 [ 118.321294] ? __kasan_check_write+0x18/0x20 [ 118.321639] ? do_raw_spin_lock+0x132/0x2a0 [ 118.321971] ? __pfx_do_exit+0x10/0x10 [ 118.322276] ? debug_smp_processor_id+0x20/0x30 [ 118.322655] ? rcu_is_watching+0x19/0xb0 [ 118.322974] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.323341] ? trace_hardirqs_on+0x26/0x120 [ 118.323680] do_group_exit+0xe0/0x2b0 [ 118.323974] __x64_sys_exit_group+0x47/0x50 [ 118.324303] do_syscall_64+0x3b/0x90 [ 118.324595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.325001] RIP: 0033:0x7f4b87518a4d [ 118.325295] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.325767] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.326346] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.326913] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.327465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.328008] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.328551] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.329099] [ 118.329280] irq event stamp: 0 [ 118.329519] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.329997] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.330658] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.331368] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.331852] ---[ end trace 0000000000000000 ]--- [ 118.332538] ------------[ cut here ]------------ [ 118.332903] WARNING: CPU: 1 PID: 1074 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.333681] Modules linked in: [ 118.333930] CPU: 1 PID: 1074 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.334627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.335505] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.335911] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.337300] RSP: 0018:ffff888013e17b78 EFLAGS: 00010246 [ 118.337706] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.338244] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 118.338805] RBP: ffff888013e17b98 R08: ffffed1002bc873e R09: ffffed1002bc873e [ 118.339536] R10: ffff888015e439ef R11: ffffed1002bc873d R12: ffff888015e43a90 [ 118.340324] R13: ffff888015e438a8 R14: ffffffffffffffff R15: ffff888013e17c60 [ 118.341118] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.342007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.342717] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.343541] PKRU: 55555554 [ 118.343865] Call Trace: [ 118.344156] [ 118.344417] iommufd_ioas_destroy+0x53/0x70 [ 118.344922] iommufd_fops_release+0x1f7/0x370 [ 118.345445] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.346013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.346624] ? write_comp_data+0x2f/0x90 [ 118.347131] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.347714] __fput+0x26d/0xa40 [ 118.348115] ____fput+0x1e/0x30 [ 118.348561] task_work_run+0x1a4/0x2d0 [ 118.349021] ? __pfx_task_work_run+0x10/0x10 [ 118.349531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.350102] ? switch_task_namespaces+0xa9/0xe0 [ 118.350703] do_exit+0xb17/0x2ef0 [ 118.351136] ? lock_acquire+0x427/0x4c0 [ 118.351615] ? __pfx_lock_release+0x10/0x10 [ 118.352121] ? __kasan_check_write+0x18/0x20 [ 118.352630] ? do_raw_spin_lock+0x132/0x2a0 [ 118.353130] ? __pfx_do_exit+0x10/0x10 [ 118.353595] ? debug_smp_processor_id+0x20/0x30 [ 118.354129] ? rcu_is_watching+0x19/0xb0 [ 118.354634] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.355264] ? trace_hardirqs_on+0x26/0x120 [ 118.355611] do_group_exit+0xe0/0x2b0 [ 118.355907] __x64_sys_exit_group+0x47/0x50 [ 118.356247] do_syscall_64+0x3b/0x90 [ 118.356546] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.356953] RIP: 0033:0x7f4b87518a4d [ 118.357242] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.357713] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.358301] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.358887] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.359446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.359991] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.360531] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.361084] [ 118.361264] irq event stamp: 0 [ 118.361508] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.361991] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.362648] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.363320] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.363824] ---[ end trace 0000000000000000 ]--- [ 118.368879] ------------[ cut here ]------------ [ 118.369297] WARNING: CPU: 1 PID: 1075 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.370120] Modules linked in: [ 118.370383] CPU: 1 PID: 1075 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.371331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.372258] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.372673] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.374183] RSP: 0018:ffff888012e4fbb8 EFLAGS: 00010246 [ 118.374659] RAX: 0000000000000000 RBX: ffff8880167778a8 RCX: 0000000000000000 [ 118.375265] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 118.375848] RBP: ffff888012e4fbd0 R08: ffffed1002ceef33 R09: ffffed1002ceef33 [ 118.376435] R10: ffff888016777993 R11: ffffed1002ceef32 R12: ffff88801436f400 [ 118.377018] R13: ffff8880167779e8 R14: ffffffff8352e670 R15: ffff888012e4fe68 [ 118.377603] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.378262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.378775] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 118.379370] PKRU: 55555554 [ 118.379604] Call Trace: [ 118.379816] [ 118.380001] __iommufd_access_detach+0x1c2/0x2b0 [ 118.380412] iommufd_access_change_pt+0x149/0x270 [ 118.380813] iommufd_access_replace+0xb4/0x120 [ 118.381203] iommufd_test+0x3e5/0x37e0 [ 118.381533] ? lock_release+0x532/0x770 [ 118.381892] ? __might_fault+0x102/0x1b0 [ 118.382248] ? lock_acquire+0x427/0x4c0 [ 118.382634] ? __pfx_iommufd_test+0x10/0x10 [ 118.383004] ? __pfx_lock_release+0x10/0x10 [ 118.383395] ? __pfx_lock_acquire+0x10/0x10 [ 118.383789] ? write_comp_data+0x2f/0x90 [ 118.384157] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.384587] ? write_comp_data+0x2f/0x90 [ 118.384963] iommufd_fops_ioctl+0x37d/0x510 [ 118.385354] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.385789] ? write_comp_data+0x2f/0x90 [ 118.386160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.386632] __x64_sys_ioctl+0x1a3/0x230 [ 118.386999] do_syscall_64+0x3b/0x90 [ 118.387343] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.387808] RIP: 0033:0x7f4b8743ee5d [ 118.388134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.389723] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.390394] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.391073] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.391721] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.392362] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.392983] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.393609] [ 118.393814] irq event stamp: 0 [ 118.394087] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.394679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.395410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.396133] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.396677] ---[ end trace 0000000000000000 ]--- [ 118.399739] ------------[ cut here ]------------ [ 118.400188] WARNING: CPU: 1 PID: 1075 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.401068] Modules linked in: [ 118.401351] CPU: 1 PID: 1075 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.402106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.403145] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.403601] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.405262] RSP: 0018:ffff888012e4fbd0 EFLAGS: 00010246 [ 118.405762] RAX: 0000000000000000 RBX: ffff8880167778a8 RCX: 0000000000000000 [ 118.406422] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 118.407128] RBP: ffff888012e4fbe8 R08: ffffed1002ceef33 R09: ffffed1002ceef33 [ 118.407803] R10: ffff888016777993 R11: ffffed1002ceef32 R12: ffff888014448c00 [ 118.408461] R13: ffff8880167779e8 R14: ffff88800af28600 R15: 0000000000000000 [ 118.409126] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.409860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.410390] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.411091] PKRU: 55555554 [ 118.411398] Call Trace: [ 118.411640] [ 118.411855] iommufd_access_destroy_object+0x65/0x170 [ 118.412348] iommufd_object_destroy_user+0x18e/0x220 [ 118.412816] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.413351] iommufd_access_destroy+0x43/0x70 [ 118.413786] iommufd_test_staccess_release+0x8d/0xd0 [ 118.414266] __fput+0x26d/0xa40 [ 118.414626] ____fput+0x1e/0x30 [ 118.414940] task_work_run+0x1a4/0x2d0 [ 118.415319] ? __pfx_task_work_run+0x10/0x10 [ 118.415730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.416180] ? switch_task_namespaces+0xa9/0xe0 [ 118.416631] do_exit+0xb17/0x2ef0 [ 118.416960] ? lock_acquire+0x427/0x4c0 [ 118.417344] ? __pfx_lock_release+0x10/0x10 [ 118.417753] ? __kasan_check_write+0x18/0x20 [ 118.418173] ? do_raw_spin_lock+0x132/0x2a0 [ 118.418641] ? __pfx_do_exit+0x10/0x10 [ 118.419037] ? debug_smp_processor_id+0x20/0x30 [ 118.419500] ? rcu_is_watching+0x19/0xb0 [ 118.419899] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.420352] ? trace_hardirqs_on+0x26/0x120 [ 118.420784] do_group_exit+0xe0/0x2b0 [ 118.421158] __x64_sys_exit_group+0x47/0x50 [ 118.421576] do_syscall_64+0x3b/0x90 [ 118.421948] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.422463] RIP: 0033:0x7f4b87518a4d [ 118.422872] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.423487] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.424218] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.424896] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.425576] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.426252] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.426964] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.427667] [ 118.427897] irq event stamp: 0 [ 118.428201] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.428804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.429660] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.430452] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.431098] ---[ end trace 0000000000000000 ]--- [ 118.431948] ------------[ cut here ]------------ [ 118.432398] WARNING: CPU: 1 PID: 1075 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.433369] Modules linked in: [ 118.433675] CPU: 1 PID: 1075 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.434497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.435645] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.436179] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.438052] RSP: 0018:ffff888012e4fb78 EFLAGS: 00010246 [ 118.438649] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.439397] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 118.440123] RBP: ffff888012e4fb98 R08: ffffed1002ceef3e R09: ffffed1002ceef3e [ 118.440851] R10: ffff8880167779ef R11: ffffed1002ceef3d R12: ffff888016777a90 [ 118.441578] R13: ffff8880167778a8 R14: ffffffffffffffff R15: ffff888012e4fc60 [ 118.442302] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.443178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.443773] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.444503] PKRU: 55555554 [ 118.444792] Call Trace: [ 118.445056] [ 118.445289] iommufd_ioas_destroy+0x53/0x70 [ 118.445739] iommufd_fops_release+0x1f7/0x370 [ 118.446205] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.446757] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.447275] ? write_comp_data+0x2f/0x90 [ 118.447714] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.448232] __fput+0x26d/0xa40 [ 118.448582] ____fput+0x1e/0x30 [ 118.448925] task_work_run+0x1a4/0x2d0 [ 118.449327] ? __pfx_task_work_run+0x10/0x10 [ 118.449783] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.450286] ? switch_task_namespaces+0xa9/0xe0 [ 118.450827] do_exit+0xb17/0x2ef0 [ 118.451208] ? lock_acquire+0x427/0x4c0 [ 118.451625] ? __pfx_lock_release+0x10/0x10 [ 118.452076] ? __kasan_check_write+0x18/0x20 [ 118.452523] ? do_raw_spin_lock+0x132/0x2a0 [ 118.452959] ? __pfx_do_exit+0x10/0x10 [ 118.453358] ? debug_smp_processor_id+0x20/0x30 [ 118.453831] ? rcu_is_watching+0x19/0xb0 [ 118.454244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.454750] ? trace_hardirqs_on+0x26/0x120 [ 118.455210] do_group_exit+0xe0/0x2b0 [ 118.455607] __x64_sys_exit_group+0x47/0x50 [ 118.456044] do_syscall_64+0x3b/0x90 [ 118.456438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.456980] RIP: 0033:0x7f4b87518a4d [ 118.457364] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.457994] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.458810] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.459552] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.460281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.461094] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.461815] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.462603] [ 118.462856] irq event stamp: 0 [ 118.463193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.463840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.464702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.465546] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.466193] ---[ end trace 0000000000000000 ]--- [ 118.471813] ------------[ cut here ]------------ [ 118.472365] WARNING: CPU: 1 PID: 1076 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.473405] Modules linked in: [ 118.473735] CPU: 1 PID: 1076 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.474727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.475924] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.476438] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.478327] RSP: 0018:ffff88801872fbb8 EFLAGS: 00010246 [ 118.478930] RAX: 0000000000000000 RBX: ffff888015d480a8 RCX: 0000000000000000 [ 118.479709] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 118.480450] RBP: ffff88801872fbd0 R08: ffffed1002ba9033 R09: ffffed1002ba9033 [ 118.481199] R10: ffff888015d48193 R11: ffffed1002ba9032 R12: ffff88801858a400 [ 118.481928] R13: ffff888015d481e8 R14: ffffffff8352e670 R15: ffff88801872fe68 [ 118.482709] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.483577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.484204] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 118.484966] PKRU: 55555554 [ 118.485269] Call Trace: [ 118.485539] [ 118.485779] __iommufd_access_detach+0x1c2/0x2b0 [ 118.486304] iommufd_access_change_pt+0x149/0x270 [ 118.486868] iommufd_access_replace+0xb4/0x120 [ 118.487391] iommufd_test+0x3e5/0x37e0 [ 118.487804] ? lock_release+0x532/0x770 [ 118.488237] ? __might_fault+0x102/0x1b0 [ 118.488676] ? lock_acquire+0x427/0x4c0 [ 118.489110] ? __pfx_iommufd_test+0x10/0x10 [ 118.489568] ? __pfx_lock_release+0x10/0x10 [ 118.490035] ? __pfx_lock_acquire+0x10/0x10 [ 118.490554] ? write_comp_data+0x2f/0x90 [ 118.490998] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.491541] ? write_comp_data+0x2f/0x90 [ 118.491977] iommufd_fops_ioctl+0x37d/0x510 [ 118.492435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.493038] ? write_comp_data+0x2f/0x90 [ 118.493479] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.493991] __x64_sys_ioctl+0x1a3/0x230 [ 118.494435] do_syscall_64+0x3b/0x90 [ 118.494881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.495447] RIP: 0033:0x7f4b8743ee5d [ 118.495844] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.497752] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.498599] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.499364] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.500099] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.500845] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.501589] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.502349] [ 118.502645] irq event stamp: 0 [ 118.502986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.503671] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.504553] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.505437] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.506104] ---[ end trace 0000000000000000 ]--- [ 118.509396] ------------[ cut here ]------------ [ 118.509934] WARNING: CPU: 1 PID: 1076 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.511076] Modules linked in: [ 118.511454] CPU: 1 PID: 1076 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.512521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.513691] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.514220] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.516181] RSP: 0018:ffff88801872fbd0 EFLAGS: 00010246 [ 118.516758] RAX: 0000000000000000 RBX: ffff888015d480a8 RCX: 0000000000000000 [ 118.517507] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 118.518253] RBP: ffff88801872fbe8 R08: ffffed1002ba9033 R09: ffffed1002ba9033 [ 118.519038] R10: ffff888015d48193 R11: ffffed1002ba9032 R12: ffff88801436d800 [ 118.519804] R13: ffff888015d481e8 R14: ffff888010c75000 R15: 0000000000000000 [ 118.520555] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.521401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.522005] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.522790] PKRU: 55555554 [ 118.523095] Call Trace: [ 118.523374] [ 118.523618] iommufd_access_destroy_object+0x65/0x170 [ 118.524166] iommufd_object_destroy_user+0x18e/0x220 [ 118.524709] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.525381] iommufd_access_destroy+0x43/0x70 [ 118.525863] iommufd_test_staccess_release+0x8d/0xd0 [ 118.526406] __fput+0x26d/0xa40 [ 118.526821] ____fput+0x1e/0x30 [ 118.527199] task_work_run+0x1a4/0x2d0 [ 118.527621] ? __pfx_task_work_run+0x10/0x10 [ 118.528096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.528616] ? switch_task_namespaces+0xa9/0xe0 [ 118.529125] do_exit+0xb17/0x2ef0 [ 118.529497] ? lock_acquire+0x427/0x4c0 [ 118.529932] ? __pfx_lock_release+0x10/0x10 [ 118.530393] ? __kasan_check_write+0x18/0x20 [ 118.530911] ? do_raw_spin_lock+0x132/0x2a0 [ 118.531397] ? __pfx_do_exit+0x10/0x10 [ 118.531824] ? debug_smp_processor_id+0x20/0x30 [ 118.532324] ? rcu_is_watching+0x19/0xb0 [ 118.532745] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.533239] ? trace_hardirqs_on+0x26/0x120 [ 118.533705] do_group_exit+0xe0/0x2b0 [ 118.534109] __x64_sys_exit_group+0x47/0x50 [ 118.534605] do_syscall_64+0x3b/0x90 [ 118.535019] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.535597] RIP: 0033:0x7f4b87518a4d [ 118.535990] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.536638] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.537422] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.538165] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.538942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.539688] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.540427] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.541172] [ 118.541420] irq event stamp: 0 [ 118.541747] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.542402] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.543350] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.544214] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.544868] ---[ end trace 0000000000000000 ]--- [ 118.545752] ------------[ cut here ]------------ [ 118.546247] WARNING: CPU: 1 PID: 1076 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.547358] Modules linked in: [ 118.547701] CPU: 1 PID: 1076 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.548611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.549786] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.550325] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.552271] RSP: 0018:ffff88801872fb78 EFLAGS: 00010246 [ 118.552836] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.553577] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 118.554316] RBP: ffff88801872fb98 R08: ffffed1002ba903e R09: ffffed1002ba903e [ 118.555106] R10: ffff888015d481ef R11: ffffed1002ba903d R12: ffff888015d48290 [ 118.555865] R13: ffff888015d480a8 R14: ffffffffffffffff R15: ffff88801872fc60 [ 118.556621] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.557527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.558146] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.558951] PKRU: 55555554 [ 118.559271] Call Trace: [ 118.559542] [ 118.559786] iommufd_ioas_destroy+0x53/0x70 [ 118.560251] iommufd_fops_release+0x1f7/0x370 [ 118.560729] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.561268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.561787] ? write_comp_data+0x2f/0x90 [ 118.562223] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.562796] __fput+0x26d/0xa40 [ 118.563177] ____fput+0x1e/0x30 [ 118.563535] task_work_run+0x1a4/0x2d0 [ 118.563947] ? __pfx_task_work_run+0x10/0x10 [ 118.564411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.564926] ? switch_task_namespaces+0xa9/0xe0 [ 118.565426] do_exit+0xb17/0x2ef0 [ 118.565791] ? lock_acquire+0x427/0x4c0 [ 118.566215] ? __pfx_lock_release+0x10/0x10 [ 118.566708] ? __kasan_check_write+0x18/0x20 [ 118.567193] ? do_raw_spin_lock+0x132/0x2a0 [ 118.567646] ? __pfx_do_exit+0x10/0x10 [ 118.568066] ? debug_smp_processor_id+0x20/0x30 [ 118.568560] ? rcu_is_watching+0x19/0xb0 [ 118.568984] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.569461] ? trace_hardirqs_on+0x26/0x120 [ 118.569915] do_group_exit+0xe0/0x2b0 [ 118.570312] __x64_sys_exit_group+0x47/0x50 [ 118.570832] do_syscall_64+0x3b/0x90 [ 118.571250] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.571798] RIP: 0033:0x7f4b87518a4d [ 118.572184] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.572823] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.573615] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.574350] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.575167] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.575923] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.576660] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.577401] [ 118.577643] irq event stamp: 0 [ 118.577969] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.578653] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.579532] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.580377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.581017] ---[ end trace 0000000000000000 ]--- [ 118.586009] ------------[ cut here ]------------ [ 118.586745] WARNING: CPU: 1 PID: 1077 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.587791] Modules linked in: [ 118.588116] CPU: 1 PID: 1077 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.589038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.590070] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.590552] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.592235] RSP: 0018:ffff88800b9f7bb8 EFLAGS: 00010246 [ 118.592724] RAX: 0000000000000000 RBX: ffff888017a960a8 RCX: 0000000000000000 [ 118.593378] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 118.594026] RBP: ffff88800b9f7bd0 R08: ffffed1002f52c33 R09: ffffed1002f52c33 [ 118.594710] R10: ffff888017a96193 R11: ffffed1002f52c32 R12: ffff8880181f7800 [ 118.595370] R13: ffff888017a961e8 R14: ffffffff8352e670 R15: ffff88800b9f7e68 [ 118.596022] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.596760] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.597294] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 118.597948] PKRU: 55555554 [ 118.598217] Call Trace: [ 118.598454] [ 118.598687] __iommufd_access_detach+0x1c2/0x2b0 [ 118.599151] iommufd_access_change_pt+0x149/0x270 [ 118.599586] iommufd_access_replace+0xb4/0x120 [ 118.600019] iommufd_test+0x3e5/0x37e0 [ 118.600375] ? lock_release+0x532/0x770 [ 118.600748] ? __might_fault+0x102/0x1b0 [ 118.601123] ? lock_acquire+0x427/0x4c0 [ 118.601497] ? __pfx_iommufd_test+0x10/0x10 [ 118.601889] ? __pfx_lock_release+0x10/0x10 [ 118.602290] ? __pfx_lock_acquire+0x10/0x10 [ 118.602712] ? write_comp_data+0x2f/0x90 [ 118.603093] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.603551] ? write_comp_data+0x2f/0x90 [ 118.603934] iommufd_fops_ioctl+0x37d/0x510 [ 118.604331] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.604779] ? write_comp_data+0x2f/0x90 [ 118.605157] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.605600] __x64_sys_ioctl+0x1a3/0x230 [ 118.605980] do_syscall_64+0x3b/0x90 [ 118.606329] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.606833] RIP: 0033:0x7f4b8743ee5d [ 118.607200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.608853] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.609545] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.610204] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.610872] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.611506] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.612120] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.612736] [ 118.612938] irq event stamp: 0 [ 118.613212] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.613754] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.614473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.615225] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.615743] ---[ end trace 0000000000000000 ]--- [ 118.619196] ------------[ cut here ]------------ [ 118.619692] WARNING: CPU: 0 PID: 1077 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.620596] Modules linked in: [ 118.620878] CPU: 0 PID: 1077 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.621637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.622830] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.623298] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.624949] RSP: 0018:ffff88800b9f7bd0 EFLAGS: 00010246 [ 118.625437] RAX: 0000000000000000 RBX: ffff888017a960a8 RCX: 0000000000000000 [ 118.626077] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 118.626749] RBP: ffff88800b9f7be8 R08: ffffed1002f52c33 R09: ffffed1002f52c33 [ 118.627402] R10: ffff888017a96193 R11: ffffed1002f52c32 R12: ffff888018588800 [ 118.628043] R13: ffff888017a961e8 R14: ffff888013fbe200 R15: 0000000000000000 [ 118.628686] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.629413] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.629928] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 118.630595] PKRU: 55555554 [ 118.630854] Call Trace: [ 118.631083] [ 118.631303] iommufd_access_destroy_object+0x65/0x170 [ 118.631773] iommufd_object_destroy_user+0x18e/0x220 [ 118.632232] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.632760] iommufd_access_destroy+0x43/0x70 [ 118.633172] iommufd_test_staccess_release+0x8d/0xd0 [ 118.633644] __fput+0x26d/0xa40 [ 118.633958] ____fput+0x1e/0x30 [ 118.634268] task_work_run+0x1a4/0x2d0 [ 118.634655] ? __pfx_task_work_run+0x10/0x10 [ 118.635061] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.635536] ? switch_task_namespaces+0xa9/0xe0 [ 118.635972] do_exit+0xb17/0x2ef0 [ 118.636289] ? lock_acquire+0x427/0x4c0 [ 118.636660] ? __pfx_lock_release+0x10/0x10 [ 118.637053] ? __kasan_check_write+0x18/0x20 [ 118.637451] ? do_raw_spin_lock+0x132/0x2a0 [ 118.637838] ? __pfx_do_exit+0x10/0x10 [ 118.638194] ? debug_smp_processor_id+0x20/0x30 [ 118.638634] ? rcu_is_watching+0x19/0xb0 [ 118.639008] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.639431] ? trace_hardirqs_on+0x26/0x120 [ 118.639799] do_group_exit+0xe0/0x2b0 [ 118.640131] __x64_sys_exit_group+0x47/0x50 [ 118.640495] do_syscall_64+0x3b/0x90 [ 118.640814] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.641267] RIP: 0033:0x7f4b87518a4d [ 118.641576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.642089] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.642732] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.643330] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.643908] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.644494] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.645087] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.645692] [ 118.645893] irq event stamp: 0 [ 118.646150] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.646684] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.647410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.648111] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.648626] ---[ end trace 0000000000000000 ]--- [ 118.649376] ------------[ cut here ]------------ [ 118.649776] WARNING: CPU: 0 PID: 1077 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.650653] Modules linked in: [ 118.650927] CPU: 0 PID: 1077 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.651677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.652618] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.653059] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.654635] RSP: 0018:ffff88800b9f7b78 EFLAGS: 00010246 [ 118.655096] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.655720] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 118.656315] RBP: ffff88800b9f7b98 R08: ffffed1002f52c3e R09: ffffed1002f52c3e [ 118.656925] R10: ffff888017a961ef R11: ffffed1002f52c3d R12: ffff888017a96290 [ 118.657524] R13: ffff888017a960a8 R14: ffffffffffffffff R15: ffff88800b9f7c60 [ 118.658106] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.658804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.659282] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 118.659884] PKRU: 55555554 [ 118.660109] Call Trace: [ 118.660328] [ 118.660519] iommufd_ioas_destroy+0x53/0x70 [ 118.660899] iommufd_fops_release+0x1f7/0x370 [ 118.661283] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.661709] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.662122] ? write_comp_data+0x2f/0x90 [ 118.662471] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.662914] __fput+0x26d/0xa40 [ 118.663228] ____fput+0x1e/0x30 [ 118.663516] task_work_run+0x1a4/0x2d0 [ 118.663861] ? __pfx_task_work_run+0x10/0x10 [ 118.664237] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.664644] ? switch_task_namespaces+0xa9/0xe0 [ 118.665051] do_exit+0xb17/0x2ef0 [ 118.665345] ? lock_acquire+0x427/0x4c0 [ 118.665686] ? __pfx_lock_release+0x10/0x10 [ 118.666060] ? __kasan_check_write+0x18/0x20 [ 118.666429] ? do_raw_spin_lock+0x132/0x2a0 [ 118.666810] ? __pfx_do_exit+0x10/0x10 [ 118.667178] ? debug_smp_processor_id+0x20/0x30 [ 118.667570] ? rcu_is_watching+0x19/0xb0 [ 118.667916] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.668298] ? trace_hardirqs_on+0x26/0x120 [ 118.668663] do_group_exit+0xe0/0x2b0 [ 118.668978] __x64_sys_exit_group+0x47/0x50 [ 118.669333] do_syscall_64+0x3b/0x90 [ 118.669646] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.670079] RIP: 0033:0x7f4b87518a4d [ 118.670382] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.670898] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.671535] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.672110] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.672694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.673267] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.673866] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.674455] [ 118.674665] irq event stamp: 0 [ 118.674938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.675456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.676141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.676838] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.677374] ---[ end trace 0000000000000000 ]--- [ 118.681913] ------------[ cut here ]------------ [ 118.682323] WARNING: CPU: 1 PID: 1078 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.683157] Modules linked in: [ 118.683409] CPU: 1 PID: 1078 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.684083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.685018] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.685401] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.686828] RSP: 0018:ffff888010ddfbb8 EFLAGS: 00010246 [ 118.687249] RAX: 0000000000000000 RBX: ffff888016ff80a8 RCX: 0000000000000000 [ 118.687794] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 118.688345] RBP: ffff888010ddfbd0 R08: ffffed1002dff033 R09: ffffed1002dff033 [ 118.688900] R10: ffff888016ff8193 R11: ffffed1002dff032 R12: ffff888013a5a400 [ 118.689449] R13: ffff888016ff81e8 R14: ffffffff8352e670 R15: ffff888010ddfe68 [ 118.689999] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.690642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.691093] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 118.691657] PKRU: 55555554 [ 118.691880] Call Trace: [ 118.692078] [ 118.692255] __iommufd_access_detach+0x1c2/0x2b0 [ 118.692638] iommufd_access_change_pt+0x149/0x270 [ 118.693021] iommufd_access_replace+0xb4/0x120 [ 118.693389] iommufd_test+0x3e5/0x37e0 [ 118.693692] ? lock_release+0x532/0x770 [ 118.694011] ? __might_fault+0x102/0x1b0 [ 118.694333] ? lock_acquire+0x427/0x4c0 [ 118.694670] ? __pfx_iommufd_test+0x10/0x10 [ 118.695010] ? __pfx_lock_release+0x10/0x10 [ 118.695359] ? __pfx_lock_acquire+0x10/0x10 [ 118.695707] ? write_comp_data+0x2f/0x90 [ 118.696036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.696420] ? write_comp_data+0x2f/0x90 [ 118.696744] iommufd_fops_ioctl+0x37d/0x510 [ 118.697084] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.697468] ? write_comp_data+0x2f/0x90 [ 118.697796] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.698171] __x64_sys_ioctl+0x1a3/0x230 [ 118.698499] do_syscall_64+0x3b/0x90 [ 118.698826] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.699256] RIP: 0033:0x7f4b8743ee5d [ 118.699550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.700955] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.701550] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.702098] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.702669] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.703227] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.703776] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.704341] [ 118.704525] irq event stamp: 0 [ 118.704772] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.705267] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.705914] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.706578] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.707071] ---[ end trace 0000000000000000 ]--- [ 118.709760] ------------[ cut here ]------------ [ 118.710156] WARNING: CPU: 1 PID: 1078 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.710968] Modules linked in: [ 118.711229] CPU: 1 PID: 1078 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.711903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.712774] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.713164] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.714585] RSP: 0018:ffff888010ddfbd0 EFLAGS: 00010246 [ 118.715001] RAX: 0000000000000000 RBX: ffff888016ff80a8 RCX: 0000000000000000 [ 118.715562] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 118.716110] RBP: ffff888010ddfbe8 R08: ffffed1002dff033 R09: ffffed1002dff033 [ 118.716660] R10: ffff888016ff8193 R11: ffffed1002dff032 R12: ffff8880181f6800 [ 118.717267] R13: ffff888016ff81e8 R14: ffff888013996900 R15: 0000000000000000 [ 118.717814] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.718457] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.718919] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.719468] PKRU: 55555554 [ 118.719684] Call Trace: [ 118.719879] [ 118.720052] iommufd_access_destroy_object+0x65/0x170 [ 118.720450] iommufd_object_destroy_user+0x18e/0x220 [ 118.720843] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.721291] iommufd_access_destroy+0x43/0x70 [ 118.721643] iommufd_test_staccess_release+0x8d/0xd0 [ 118.722036] __fput+0x26d/0xa40 [ 118.722299] ____fput+0x1e/0x30 [ 118.722579] task_work_run+0x1a4/0x2d0 [ 118.722885] ? __pfx_task_work_run+0x10/0x10 [ 118.723236] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.723620] ? switch_task_namespaces+0xa9/0xe0 [ 118.723986] do_exit+0xb17/0x2ef0 [ 118.724253] ? lock_acquire+0x427/0x4c0 [ 118.724562] ? __pfx_lock_release+0x10/0x10 [ 118.724895] ? __kasan_check_write+0x18/0x20 [ 118.725232] ? do_raw_spin_lock+0x132/0x2a0 [ 118.725558] ? __pfx_do_exit+0x10/0x10 [ 118.725859] ? debug_smp_processor_id+0x20/0x30 [ 118.726216] ? rcu_is_watching+0x19/0xb0 [ 118.726546] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.726896] ? trace_hardirqs_on+0x26/0x120 [ 118.727236] do_group_exit+0xe0/0x2b0 [ 118.727529] __x64_sys_exit_group+0x47/0x50 [ 118.727856] do_syscall_64+0x3b/0x90 [ 118.728146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.728543] RIP: 0033:0x7f4b87518a4d [ 118.728825] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.729286] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.729860] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.730396] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.730951] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.731512] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.732049] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.732598] [ 118.732776] irq event stamp: 0 [ 118.733015] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.733491] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.734118] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.734773] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.735263] ---[ end trace 0000000000000000 ]--- [ 118.735935] ------------[ cut here ]------------ [ 118.736294] WARNING: CPU: 1 PID: 1078 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.737064] Modules linked in: [ 118.737309] CPU: 1 PID: 1078 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.737964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.738832] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.739236] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.740606] RSP: 0018:ffff888010ddfb78 EFLAGS: 00010246 [ 118.741009] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.741544] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 118.742080] RBP: ffff888010ddfb98 R08: ffffed1002dff03e R09: ffffed1002dff03e [ 118.742638] R10: ffff888016ff81ef R11: ffffed1002dff03d R12: ffff888016ff8290 [ 118.743182] R13: ffff888016ff80a8 R14: ffffffffffffffff R15: ffff888010ddfc60 [ 118.743720] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 118.744325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.744760] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 118.745296] PKRU: 55555554 [ 118.745514] Call Trace: [ 118.745710] [ 118.745884] iommufd_ioas_destroy+0x53/0x70 [ 118.746220] iommufd_fops_release+0x1f7/0x370 [ 118.746583] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.746966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.747351] ? write_comp_data+0x2f/0x90 [ 118.747669] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.748049] __fput+0x26d/0xa40 [ 118.748313] ____fput+0x1e/0x30 [ 118.748573] task_work_run+0x1a4/0x2d0 [ 118.748878] ? __pfx_task_work_run+0x10/0x10 [ 118.749268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.749642] ? switch_task_namespaces+0xa9/0xe0 [ 118.750007] do_exit+0xb17/0x2ef0 [ 118.750270] ? lock_acquire+0x427/0x4c0 [ 118.750599] ? __pfx_lock_release+0x10/0x10 [ 118.750936] ? __kasan_check_write+0x18/0x20 [ 118.751282] ? do_raw_spin_lock+0x132/0x2a0 [ 118.751614] ? __pfx_do_exit+0x10/0x10 [ 118.751918] ? debug_smp_processor_id+0x20/0x30 [ 118.752273] ? rcu_is_watching+0x19/0xb0 [ 118.752580] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.752928] ? trace_hardirqs_on+0x26/0x120 [ 118.753263] do_group_exit+0xe0/0x2b0 [ 118.753554] __x64_sys_exit_group+0x47/0x50 [ 118.753880] do_syscall_64+0x3b/0x90 [ 118.754170] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.754587] RIP: 0033:0x7f4b87518a4d [ 118.754869] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.755337] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.755911] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.756444] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.756980] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.757513] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.758050] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.758610] [ 118.758789] irq event stamp: 0 [ 118.759030] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.759514] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.760141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.760767] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.761242] ---[ end trace 0000000000000000 ]--- [ 118.765394] ------------[ cut here ]------------ [ 118.765783] WARNING: CPU: 0 PID: 1079 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.766627] Modules linked in: [ 118.766875] CPU: 0 PID: 1079 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.767551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.768398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.768837] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.770433] RSP: 0018:ffff88801806fbb8 EFLAGS: 00010246 [ 118.770940] RAX: 0000000000000000 RBX: ffff888020da50a8 RCX: 0000000000000000 [ 118.771568] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 118.772187] RBP: ffff88801806fbd0 R08: ffffed10041b4a33 R09: ffffed10041b4a33 [ 118.772806] R10: ffff888020da5193 R11: ffffed10041b4a32 R12: ffff88802190ec00 [ 118.773426] R13: ffff888020da51e8 R14: ffffffff8352e670 R15: ffff88801806fe68 [ 118.774044] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.774758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.775256] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ef0 [ 118.775797] PKRU: 55555554 [ 118.776013] Call Trace: [ 118.776206] [ 118.776378] __iommufd_access_detach+0x1c2/0x2b0 [ 118.776752] iommufd_access_change_pt+0x149/0x270 [ 118.777129] iommufd_access_replace+0xb4/0x120 [ 118.777490] iommufd_test+0x3e5/0x37e0 [ 118.777786] ? lock_release+0x532/0x770 [ 118.778098] ? __might_fault+0x102/0x1b0 [ 118.778417] ? lock_acquire+0x427/0x4c0 [ 118.778745] ? __pfx_iommufd_test+0x10/0x10 [ 118.779073] ? __pfx_lock_release+0x10/0x10 [ 118.779465] ? __pfx_lock_acquire+0x10/0x10 [ 118.779804] ? write_comp_data+0x2f/0x90 [ 118.780123] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.780499] ? write_comp_data+0x2f/0x90 [ 118.780817] iommufd_fops_ioctl+0x37d/0x510 [ 118.781153] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.781528] ? write_comp_data+0x2f/0x90 [ 118.781851] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.782222] __x64_sys_ioctl+0x1a3/0x230 [ 118.782559] do_syscall_64+0x3b/0x90 [ 118.782859] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.783267] RIP: 0033:0x7f4b8743ee5d [ 118.783550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.784959] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.785533] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.786074] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.786628] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.787189] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.787725] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.788261] [ 118.788436] irq event stamp: 0 [ 118.788674] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.789142] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.789763] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.790383] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.790862] ---[ end trace 0000000000000000 ]--- [ 118.793690] ------------[ cut here ]------------ [ 118.794074] WARNING: CPU: 0 PID: 1079 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.794863] Modules linked in: [ 118.795104] CPU: 0 PID: 1079 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.795775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.796609] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.796980] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.798334] RSP: 0018:ffff88801806fbd0 EFLAGS: 00010246 [ 118.798741] RAX: 0000000000000000 RBX: ffff888020da50a8 RCX: 0000000000000000 [ 118.799310] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 118.799848] RBP: ffff88801806fbe8 R08: ffffed10041b4a33 R09: ffffed10041b4a33 [ 118.800379] R10: ffff888020da5193 R11: ffffed10041b4a32 R12: ffff888012e91000 [ 118.800905] R13: ffff888020da51e8 R14: ffff8880123ec600 R15: 0000000000000000 [ 118.801431] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.802023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.802452] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 118.803005] PKRU: 55555554 [ 118.803224] Call Trace: [ 118.803415] [ 118.803585] iommufd_access_destroy_object+0x65/0x170 [ 118.803972] iommufd_object_destroy_user+0x18e/0x220 [ 118.804360] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.804800] iommufd_access_destroy+0x43/0x70 [ 118.805148] iommufd_test_staccess_release+0x8d/0xd0 [ 118.805537] __fput+0x26d/0xa40 [ 118.805800] ____fput+0x1e/0x30 [ 118.806060] task_work_run+0x1a4/0x2d0 [ 118.806363] ? __pfx_task_work_run+0x10/0x10 [ 118.806716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.807092] ? switch_task_namespaces+0xa9/0xe0 [ 118.807468] do_exit+0xb17/0x2ef0 [ 118.807731] ? lock_acquire+0x427/0x4c0 [ 118.808037] ? __pfx_lock_release+0x10/0x10 [ 118.808365] ? __kasan_check_write+0x18/0x20 [ 118.808703] ? do_raw_spin_lock+0x132/0x2a0 [ 118.809027] ? __pfx_do_exit+0x10/0x10 [ 118.809329] ? debug_smp_processor_id+0x20/0x30 [ 118.809681] ? rcu_is_watching+0x19/0xb0 [ 118.809988] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.810331] ? trace_hardirqs_on+0x26/0x120 [ 118.810678] do_group_exit+0xe0/0x2b0 [ 118.810976] __x64_sys_exit_group+0x47/0x50 [ 118.811312] do_syscall_64+0x3b/0x90 [ 118.811606] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.812007] RIP: 0033:0x7f4b87518a4d [ 118.812289] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.812751] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.813322] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.813854] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.814387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.814941] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.815503] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.816047] [ 118.816224] irq event stamp: 0 [ 118.816461] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.816932] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.817559] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.818181] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.818671] ---[ end trace 0000000000000000 ]--- [ 118.819359] ------------[ cut here ]------------ [ 118.819713] WARNING: CPU: 0 PID: 1079 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.820472] Modules linked in: [ 118.820714] CPU: 0 PID: 1079 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.821367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.822202] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.822611] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.824002] RSP: 0018:ffff88801806fb78 EFLAGS: 00010246 [ 118.824401] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.824929] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 118.825462] RBP: ffff88801806fb98 R08: ffffed10041b4a3e R09: ffffed10041b4a3e [ 118.825996] R10: ffff888020da51ef R11: ffffed10041b4a3d R12: ffff888020da5290 [ 118.826545] R13: ffff888020da50a8 R14: ffffffffffffffff R15: ffff88801806fc60 [ 118.827078] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.827692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.828123] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 118.828654] PKRU: 55555554 [ 118.828868] Call Trace: [ 118.829060] [ 118.829230] iommufd_ioas_destroy+0x53/0x70 [ 118.829562] iommufd_fops_release+0x1f7/0x370 [ 118.829906] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.830283] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.830668] ? write_comp_data+0x2f/0x90 [ 118.830984] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.831377] __fput+0x26d/0xa40 [ 118.831643] ____fput+0x1e/0x30 [ 118.831903] task_work_run+0x1a4/0x2d0 [ 118.832205] ? __pfx_task_work_run+0x10/0x10 [ 118.832545] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.832916] ? switch_task_namespaces+0xa9/0xe0 [ 118.833277] do_exit+0xb17/0x2ef0 [ 118.833542] ? lock_acquire+0x427/0x4c0 [ 118.833853] ? __pfx_lock_release+0x10/0x10 [ 118.834184] ? __kasan_check_write+0x18/0x20 [ 118.834537] ? do_raw_spin_lock+0x132/0x2a0 [ 118.834864] ? __pfx_do_exit+0x10/0x10 [ 118.835175] ? debug_smp_processor_id+0x20/0x30 [ 118.835526] ? rcu_is_watching+0x19/0xb0 [ 118.835836] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.836183] ? trace_hardirqs_on+0x26/0x120 [ 118.836515] do_group_exit+0xe0/0x2b0 [ 118.836801] __x64_sys_exit_group+0x47/0x50 [ 118.837125] do_syscall_64+0x3b/0x90 [ 118.837411] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.837803] RIP: 0033:0x7f4b87518a4d [ 118.838085] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.838562] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.839141] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.839671] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.840199] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.840726] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.841251] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.841784] [ 118.841960] irq event stamp: 0 [ 118.842196] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.842679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.843306] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.843922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.844394] ---[ end trace 0000000000000000 ]--- [ 118.848043] ------------[ cut here ]------------ [ 118.848421] WARNING: CPU: 0 PID: 1080 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.849193] Modules linked in: [ 118.849436] CPU: 0 PID: 1080 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.850087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.851100] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.851490] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.852833] RSP: 0018:ffff88800fe37bb8 EFLAGS: 00010246 [ 118.853225] RAX: 0000000000000000 RBX: ffff888023eb98a8 RCX: 0000000000000000 [ 118.853749] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 118.854273] RBP: ffff88800fe37bd0 R08: ffffed10047d7333 R09: ffffed10047d7333 [ 118.854827] R10: ffff888023eb9993 R11: ffffed10047d7332 R12: ffff888020ecf800 [ 118.855363] R13: ffff888023eb99e8 R14: ffffffff8352e670 R15: ffff88800fe37e68 [ 118.855893] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.856489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.856920] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ef0 [ 118.857453] PKRU: 55555554 [ 118.857665] Call Trace: [ 118.857857] [ 118.858027] __iommufd_access_detach+0x1c2/0x2b0 [ 118.858393] iommufd_access_change_pt+0x149/0x270 [ 118.858781] iommufd_access_replace+0xb4/0x120 [ 118.859153] iommufd_test+0x3e5/0x37e0 [ 118.859448] ? lock_release+0x532/0x770 [ 118.859755] ? __might_fault+0x102/0x1b0 [ 118.860069] ? lock_acquire+0x427/0x4c0 [ 118.860382] ? __pfx_iommufd_test+0x10/0x10 [ 118.860706] ? __pfx_lock_release+0x10/0x10 [ 118.861038] ? __pfx_lock_acquire+0x10/0x10 [ 118.861371] ? write_comp_data+0x2f/0x90 [ 118.861686] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.862065] ? write_comp_data+0x2f/0x90 [ 118.862386] iommufd_fops_ioctl+0x37d/0x510 [ 118.862734] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.863121] ? write_comp_data+0x2f/0x90 [ 118.863438] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.863805] __x64_sys_ioctl+0x1a3/0x230 [ 118.864119] do_syscall_64+0x3b/0x90 [ 118.864409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.864810] RIP: 0033:0x7f4b8743ee5d [ 118.865093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.866443] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.867035] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.867583] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.868116] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.868648] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.869187] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.869733] [ 118.869909] irq event stamp: 0 [ 118.870148] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.870639] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.871277] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.871897] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.872369] ---[ end trace 0000000000000000 ]--- [ 118.875022] ------------[ cut here ]------------ [ 118.875400] WARNING: CPU: 0 PID: 1080 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.876154] Modules linked in: [ 118.876398] CPU: 0 PID: 1080 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.877049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.877897] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.878271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.879658] RSP: 0018:ffff88800fe37bd0 EFLAGS: 00010246 [ 118.880221] RAX: 0000000000000000 RBX: ffff888023eb98a8 RCX: 0000000000000000 [ 118.880760] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 118.881294] RBP: ffff88800fe37be8 R08: ffffed10047d7333 R09: ffffed10047d7333 [ 118.881824] R10: ffff888023eb9993 R11: ffffed10047d7332 R12: ffff88802190e000 [ 118.882349] R13: ffff888023eb99e8 R14: ffff88800fcebf00 R15: 0000000000000000 [ 118.882896] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.883513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.883945] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 118.884476] PKRU: 55555554 [ 118.884688] Call Trace: [ 118.884883] [ 118.885054] iommufd_access_destroy_object+0x65/0x170 [ 118.885446] iommufd_object_destroy_user+0x18e/0x220 [ 118.885829] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.886270] iommufd_access_destroy+0x43/0x70 [ 118.886630] iommufd_test_staccess_release+0x8d/0xd0 [ 118.887025] __fput+0x26d/0xa40 [ 118.887296] ____fput+0x1e/0x30 [ 118.887551] task_work_run+0x1a4/0x2d0 [ 118.887850] ? __pfx_task_work_run+0x10/0x10 [ 118.888188] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.888559] ? switch_task_namespaces+0xa9/0xe0 [ 118.888917] do_exit+0xb17/0x2ef0 [ 118.889179] ? lock_acquire+0x427/0x4c0 [ 118.889484] ? __pfx_lock_release+0x10/0x10 [ 118.889811] ? __kasan_check_write+0x18/0x20 [ 118.890145] ? do_raw_spin_lock+0x132/0x2a0 [ 118.890472] ? __pfx_do_exit+0x10/0x10 [ 118.890792] ? debug_smp_processor_id+0x20/0x30 [ 118.891155] ? rcu_is_watching+0x19/0xb0 [ 118.891461] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.891809] ? trace_hardirqs_on+0x26/0x120 [ 118.892139] do_group_exit+0xe0/0x2b0 [ 118.892428] __x64_sys_exit_group+0x47/0x50 [ 118.892751] do_syscall_64+0x3b/0x90 [ 118.893040] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.893439] RIP: 0033:0x7f4b87518a4d [ 118.893719] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.894185] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.894766] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.895323] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.895851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.896381] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.896909] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.897451] [ 118.897630] irq event stamp: 0 [ 118.897867] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.898338] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.898978] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.899612] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.900084] ---[ end trace 0000000000000000 ]--- [ 118.900744] ------------[ cut here ]------------ [ 118.901096] WARNING: CPU: 0 PID: 1080 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.901859] Modules linked in: [ 118.902099] CPU: 0 PID: 1080 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.902762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.903609] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.903995] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.905342] RSP: 0018:ffff88800fe37b78 EFLAGS: 00010246 [ 118.905739] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.906272] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 118.906823] RBP: ffff88800fe37b98 R08: ffffed10047d733e R09: ffffed10047d733e [ 118.907363] R10: ffff888023eb99ef R11: ffffed10047d733d R12: ffff888023eb9a90 [ 118.907895] R13: ffff888023eb98a8 R14: ffffffffffffffff R15: ffff88800fe37c60 [ 118.908429] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.909034] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.909468] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 118.909999] PKRU: 55555554 [ 118.910212] Call Trace: [ 118.910405] [ 118.910593] iommufd_ioas_destroy+0x53/0x70 [ 118.910926] iommufd_fops_release+0x1f7/0x370 [ 118.911282] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.911663] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.912040] ? write_comp_data+0x2f/0x90 [ 118.912356] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.912732] __fput+0x26d/0xa40 [ 118.912994] ____fput+0x1e/0x30 [ 118.913251] task_work_run+0x1a4/0x2d0 [ 118.913551] ? __pfx_task_work_run+0x10/0x10 [ 118.913886] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.914259] ? switch_task_namespaces+0xa9/0xe0 [ 118.914636] do_exit+0xb17/0x2ef0 [ 118.914901] ? lock_acquire+0x427/0x4c0 [ 118.915218] ? __pfx_lock_release+0x10/0x10 [ 118.915550] ? __kasan_check_write+0x18/0x20 [ 118.915886] ? do_raw_spin_lock+0x132/0x2a0 [ 118.916213] ? __pfx_do_exit+0x10/0x10 [ 118.916516] ? debug_smp_processor_id+0x20/0x30 [ 118.916870] ? rcu_is_watching+0x19/0xb0 [ 118.917179] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.917528] ? trace_hardirqs_on+0x26/0x120 [ 118.917859] do_group_exit+0xe0/0x2b0 [ 118.918149] __x64_sys_exit_group+0x47/0x50 [ 118.918470] do_syscall_64+0x3b/0x90 [ 118.918774] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.919186] RIP: 0033:0x7f4b87518a4d [ 118.919469] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.919926] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.920492] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.921025] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.921556] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.922088] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.922633] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.923195] [ 118.923370] irq event stamp: 0 [ 118.923609] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.924082] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.924710] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.925343] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.925813] ---[ end trace 0000000000000000 ]--- [ 118.929571] ------------[ cut here ]------------ [ 118.929952] WARNING: CPU: 0 PID: 1081 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.930779] Modules linked in: [ 118.931020] CPU: 0 PID: 1081 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.931678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.932514] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.932887] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.934259] RSP: 0018:ffff88801862fbb8 EFLAGS: 00010246 [ 118.934714] RAX: 0000000000000000 RBX: ffff888010cd78a8 RCX: 0000000000000000 [ 118.935251] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 118.935779] RBP: ffff88801862fbd0 R08: ffffed100219af33 R09: ffffed100219af33 [ 118.936307] R10: ffff888010cd7993 R11: ffffed100219af32 R12: ffff888012eadc00 [ 118.936850] R13: ffff888010cd79e8 R14: ffffffff8352e670 R15: ffff88801862fe68 [ 118.937382] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.937979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.938410] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 118.938956] PKRU: 55555554 [ 118.939192] Call Trace: [ 118.939388] [ 118.939560] __iommufd_access_detach+0x1c2/0x2b0 [ 118.939928] iommufd_access_change_pt+0x149/0x270 [ 118.940300] iommufd_access_replace+0xb4/0x120 [ 118.940653] iommufd_test+0x3e5/0x37e0 [ 118.940946] ? lock_release+0x532/0x770 [ 118.941256] ? __might_fault+0x102/0x1b0 [ 118.941566] ? lock_acquire+0x427/0x4c0 [ 118.941876] ? __pfx_iommufd_test+0x10/0x10 [ 118.942197] ? __pfx_lock_release+0x10/0x10 [ 118.942549] ? __pfx_lock_acquire+0x10/0x10 [ 118.942881] ? write_comp_data+0x2f/0x90 [ 118.943202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.943573] ? write_comp_data+0x2f/0x90 [ 118.943888] iommufd_fops_ioctl+0x37d/0x510 [ 118.944222] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.944593] ? write_comp_data+0x2f/0x90 [ 118.944910] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 118.945283] __x64_sys_ioctl+0x1a3/0x230 [ 118.945598] do_syscall_64+0x3b/0x90 [ 118.945887] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.946279] RIP: 0033:0x7f4b8743ee5d [ 118.946576] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 118.947960] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 118.948540] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 118.949081] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 118.949624] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 118.950170] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 118.950729] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 118.951287] [ 118.951465] irq event stamp: 0 [ 118.951706] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.952185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.952832] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.953465] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.953941] ---[ end trace 0000000000000000 ]--- [ 118.956779] ------------[ cut here ]------------ [ 118.957167] WARNING: CPU: 0 PID: 1081 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 118.957938] Modules linked in: [ 118.958188] CPU: 0 PID: 1081 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.958883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.959744] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 118.960127] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 118.961508] RSP: 0018:ffff88801862fbd0 EFLAGS: 00010246 [ 118.961922] RAX: 0000000000000000 RBX: ffff888010cd78a8 RCX: 0000000000000000 [ 118.962467] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 118.963030] RBP: ffff88801862fbe8 R08: ffffed100219af33 R09: ffffed100219af33 [ 118.963580] R10: ffff888010cd7993 R11: ffffed100219af32 R12: ffff888020ece800 [ 118.964128] R13: ffff888010cd79e8 R14: ffff888012de0400 R15: 0000000000000000 [ 118.964668] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.965283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.965728] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 118.966271] PKRU: 55555554 [ 118.966489] Call Trace: [ 118.966700] [ 118.966876] iommufd_access_destroy_object+0x65/0x170 [ 118.967292] iommufd_object_destroy_user+0x18e/0x220 [ 118.967689] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 118.968144] iommufd_access_destroy+0x43/0x70 [ 118.968499] iommufd_test_staccess_release+0x8d/0xd0 [ 118.968896] __fput+0x26d/0xa40 [ 118.969165] ____fput+0x1e/0x30 [ 118.969428] task_work_run+0x1a4/0x2d0 [ 118.969737] ? __pfx_task_work_run+0x10/0x10 [ 118.970079] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.970457] ? switch_task_namespaces+0xa9/0xe0 [ 118.970848] do_exit+0xb17/0x2ef0 [ 118.971123] ? lock_acquire+0x427/0x4c0 [ 118.971441] ? __pfx_lock_release+0x10/0x10 [ 118.971778] ? __kasan_check_write+0x18/0x20 [ 118.972120] ? do_raw_spin_lock+0x132/0x2a0 [ 118.972455] ? __pfx_do_exit+0x10/0x10 [ 118.972765] ? debug_smp_processor_id+0x20/0x30 [ 118.973127] ? rcu_is_watching+0x19/0xb0 [ 118.973444] ? _raw_spin_unlock_irq+0x2b/0x60 [ 118.973799] ? trace_hardirqs_on+0x26/0x120 [ 118.974139] do_group_exit+0xe0/0x2b0 [ 118.974433] __x64_sys_exit_group+0x47/0x50 [ 118.974787] do_syscall_64+0x3b/0x90 [ 118.975084] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 118.975503] RIP: 0033:0x7f4b87518a4d [ 118.975791] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 118.976259] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 118.976835] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 118.977381] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 118.977924] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 118.978463] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 118.979024] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 118.979586] [ 118.979768] irq event stamp: 0 [ 118.980008] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 118.980490] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 118.981136] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 118.981769] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 118.982247] ---[ end trace 0000000000000000 ]--- [ 118.982944] ------------[ cut here ]------------ [ 118.983317] WARNING: CPU: 0 PID: 1081 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 118.984095] Modules linked in: [ 118.984349] CPU: 0 PID: 1081 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 118.985013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 118.985868] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 118.986268] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 118.987687] RSP: 0018:ffff88801862fb78 EFLAGS: 00010246 [ 118.988101] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 118.988637] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 118.989177] RBP: ffff88801862fb98 R08: ffffed100219af3e R09: ffffed100219af3e [ 118.989725] R10: ffff888010cd79ef R11: ffffed100219af3d R12: ffff888010cd7a90 [ 118.990271] R13: ffff888010cd78a8 R14: ffffffffffffffff R15: ffff88801862fc60 [ 118.990829] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 118.991450] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 118.991891] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 118.992432] PKRU: 55555554 [ 118.992649] Call Trace: [ 118.992845] [ 118.993018] iommufd_ioas_destroy+0x53/0x70 [ 118.993356] iommufd_fops_release+0x1f7/0x370 [ 118.993703] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.994087] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.994463] ? write_comp_data+0x2f/0x90 [ 118.994798] ? __pfx_iommufd_fops_release+0x10/0x10 [ 118.995192] __fput+0x26d/0xa40 [ 118.995461] ____fput+0x1e/0x30 [ 118.995723] task_work_run+0x1a4/0x2d0 [ 118.996028] ? __pfx_task_work_run+0x10/0x10 [ 118.996370] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 118.996747] ? switch_task_namespaces+0xa9/0xe0 [ 118.997111] do_exit+0xb17/0x2ef0 [ 118.997376] ? lock_acquire+0x427/0x4c0 [ 118.997689] ? __pfx_lock_release+0x10/0x10 [ 118.998029] ? __kasan_check_write+0x18/0x20 [ 118.998368] ? do_raw_spin_lock+0x132/0x2a0 [ 118.998714] ? __pfx_do_exit+0x10/0x10 [ 118.999023] ? debug_smp_processor_id+0x20/0x30 [ 118.999401] ? rcu_is_watching+0x19/0xb0 [ 118.999717] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.000070] ? trace_hardirqs_on+0x26/0x120 [ 119.000408] do_group_exit+0xe0/0x2b0 [ 119.000706] __x64_sys_exit_group+0x47/0x50 [ 119.001036] do_syscall_64+0x3b/0x90 [ 119.001330] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.001735] RIP: 0033:0x7f4b87518a4d [ 119.002021] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.002487] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.003092] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.003647] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.004186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.004723] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.005270] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.005825] [ 119.006005] irq event stamp: 0 [ 119.006253] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.006746] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.007403] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.008044] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.008528] ---[ end trace 0000000000000000 ]--- [ 119.013021] ------------[ cut here ]------------ [ 119.013413] WARNING: CPU: 0 PID: 1082 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.014180] Modules linked in: [ 119.014428] CPU: 0 PID: 1082 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.015137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.015995] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.016376] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.017751] RSP: 0018:ffff888018a97bb8 EFLAGS: 00010246 [ 119.018154] RAX: 0000000000000000 RBX: ffff8880219a20a8 RCX: 0000000000000000 [ 119.018710] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 119.019265] RBP: ffff888018a97bd0 R08: ffffed1004334433 R09: ffffed1004334433 [ 119.019806] R10: ffff8880219a2193 R11: ffffed1004334432 R12: ffff888021bb7c00 [ 119.020344] R13: ffff8880219a21e8 R14: ffffffff8352e670 R15: ffff888018a97e68 [ 119.020882] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.021488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.021933] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 119.022473] PKRU: 55555554 [ 119.022710] Call Trace: [ 119.022910] [ 119.023086] __iommufd_access_detach+0x1c2/0x2b0 [ 119.023476] iommufd_access_change_pt+0x149/0x270 [ 119.023857] iommufd_access_replace+0xb4/0x120 [ 119.024217] iommufd_test+0x3e5/0x37e0 [ 119.024517] ? lock_release+0x532/0x770 [ 119.024834] ? __might_fault+0x102/0x1b0 [ 119.025156] ? lock_acquire+0x427/0x4c0 [ 119.025470] ? __pfx_iommufd_test+0x10/0x10 [ 119.025798] ? __pfx_lock_release+0x10/0x10 [ 119.026134] ? __pfx_lock_acquire+0x10/0x10 [ 119.026472] ? write_comp_data+0x2f/0x90 [ 119.026806] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.027195] ? write_comp_data+0x2f/0x90 [ 119.027523] iommufd_fops_ioctl+0x37d/0x510 [ 119.027857] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.028234] ? write_comp_data+0x2f/0x90 [ 119.028554] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.028927] __x64_sys_ioctl+0x1a3/0x230 [ 119.029248] do_syscall_64+0x3b/0x90 [ 119.029544] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.029946] RIP: 0033:0x7f4b8743ee5d [ 119.030234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.031634] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.032225] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.032766] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.033306] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.033844] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.034384] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.034951] [ 119.035134] irq event stamp: 0 [ 119.035378] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.035857] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.036493] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.037127] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.037603] ---[ end trace 0000000000000000 ]--- [ 119.040319] ------------[ cut here ]------------ [ 119.040705] WARNING: CPU: 0 PID: 1082 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.041479] Modules linked in: [ 119.041724] CPU: 0 PID: 1082 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.042387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.043451] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.043835] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.045220] RSP: 0018:ffff888018a97bd0 EFLAGS: 00010246 [ 119.045628] RAX: 0000000000000000 RBX: ffff8880219a20a8 RCX: 0000000000000000 [ 119.046171] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 119.046725] RBP: ffff888018a97be8 R08: ffffed1004334433 R09: ffffed1004334433 [ 119.047289] R10: ffff8880219a2193 R11: ffffed1004334432 R12: ffff888012eacc00 [ 119.047831] R13: ffff8880219a21e8 R14: ffff888020a7d300 R15: 0000000000000000 [ 119.048373] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.048983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.049428] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.049969] PKRU: 55555554 [ 119.050187] Call Trace: [ 119.050384] [ 119.050575] iommufd_access_destroy_object+0x65/0x170 [ 119.050980] iommufd_object_destroy_user+0x18e/0x220 [ 119.051382] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.051842] iommufd_access_destroy+0x43/0x70 [ 119.052199] iommufd_test_staccess_release+0x8d/0xd0 [ 119.052597] __fput+0x26d/0xa40 [ 119.052864] ____fput+0x1e/0x30 [ 119.053128] task_work_run+0x1a4/0x2d0 [ 119.053438] ? __pfx_task_work_run+0x10/0x10 [ 119.053782] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.054164] ? switch_task_namespaces+0xa9/0xe0 [ 119.054553] do_exit+0xb17/0x2ef0 [ 119.054825] ? lock_acquire+0x427/0x4c0 [ 119.055155] ? __pfx_lock_release+0x10/0x10 [ 119.055494] ? __kasan_check_write+0x18/0x20 [ 119.055837] ? do_raw_spin_lock+0x132/0x2a0 [ 119.056172] ? __pfx_do_exit+0x10/0x10 [ 119.056484] ? debug_smp_processor_id+0x20/0x30 [ 119.056848] ? rcu_is_watching+0x19/0xb0 [ 119.057163] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.057517] ? trace_hardirqs_on+0x26/0x120 [ 119.057858] do_group_exit+0xe0/0x2b0 [ 119.058153] __x64_sys_exit_group+0x47/0x50 [ 119.058482] do_syscall_64+0x3b/0x90 [ 119.058805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.059220] RIP: 0033:0x7f4b87518a4d [ 119.059504] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.059968] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.060551] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.061098] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.061638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.062177] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.062736] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.063297] [ 119.063480] irq event stamp: 0 [ 119.063721] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.064202] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.064843] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.065475] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.065955] ---[ end trace 0000000000000000 ]--- [ 119.066653] ------------[ cut here ]------------ [ 119.067014] WARNING: CPU: 0 PID: 1082 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.067801] Modules linked in: [ 119.068052] CPU: 0 PID: 1082 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.068723] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.069577] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.069971] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.071387] RSP: 0018:ffff888018a97b78 EFLAGS: 00010246 [ 119.071794] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.072331] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 119.072873] RBP: ffff888018a97b98 R08: ffffed100433443e R09: ffffed100433443e [ 119.073416] R10: ffff8880219a21ef R11: ffffed100433443d R12: ffff8880219a2290 [ 119.073956] R13: ffff8880219a20a8 R14: ffffffffffffffff R15: ffff888018a97c60 [ 119.074502] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.075163] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.075604] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.076157] PKRU: 55555554 [ 119.076372] Call Trace: [ 119.076569] [ 119.076743] iommufd_ioas_destroy+0x53/0x70 [ 119.077091] iommufd_fops_release+0x1f7/0x370 [ 119.077442] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.077825] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.078210] ? write_comp_data+0x2f/0x90 [ 119.078565] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.079073] __fput+0x26d/0xa40 [ 119.079375] ____fput+0x1e/0x30 [ 119.079638] task_work_run+0x1a4/0x2d0 [ 119.079943] ? __pfx_task_work_run+0x10/0x10 [ 119.080296] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.080672] ? switch_task_namespaces+0xa9/0xe0 [ 119.081038] do_exit+0xb17/0x2ef0 [ 119.081311] ? lock_acquire+0x427/0x4c0 [ 119.081622] ? __pfx_lock_release+0x10/0x10 [ 119.081956] ? __kasan_check_write+0x18/0x20 [ 119.082299] ? do_raw_spin_lock+0x132/0x2a0 [ 119.082663] ? __pfx_do_exit+0x10/0x10 [ 119.083066] ? debug_smp_processor_id+0x20/0x30 [ 119.083494] ? rcu_is_watching+0x19/0xb0 [ 119.083807] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.084156] ? trace_hardirqs_on+0x26/0x120 [ 119.084499] do_group_exit+0xe0/0x2b0 [ 119.084791] __x64_sys_exit_group+0x47/0x50 [ 119.085116] do_syscall_64+0x3b/0x90 [ 119.085408] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.085814] RIP: 0033:0x7f4b87518a4d [ 119.086098] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.086588] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.087300] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.087845] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.088391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.088927] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.089472] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.090017] [ 119.090195] irq event stamp: 0 [ 119.090441] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.090944] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.091908] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.092824] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.093509] ---[ end trace 0000000000000000 ]--- [ 119.097949] ------------[ cut here ]------------ [ 119.098330] WARNING: CPU: 1 PID: 1083 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.099247] Modules linked in: [ 119.099494] CPU: 1 PID: 1083 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.100152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.100988] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.101368] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.102743] RSP: 0018:ffff88801862fbb8 EFLAGS: 00010246 [ 119.103163] RAX: 0000000000000000 RBX: ffff888020b7f8a8 RCX: 0000000000000000 [ 119.103701] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 119.104243] RBP: ffff88801862fbd0 R08: ffffed100416ff33 R09: ffffed100416ff33 [ 119.104777] R10: ffff888020b7f993 R11: ffffed100416ff32 R12: ffff888016c9cc00 [ 119.105315] R13: ffff888020b7f9e8 R14: ffffffff8352e670 R15: ffff88801862fe68 [ 119.105851] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.106456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.106915] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 119.107453] PKRU: 55555554 [ 119.107669] Call Trace: [ 119.107862] [ 119.108033] __iommufd_access_detach+0x1c2/0x2b0 [ 119.108402] iommufd_access_change_pt+0x149/0x270 [ 119.108773] iommufd_access_replace+0xb4/0x120 [ 119.109128] iommufd_test+0x3e5/0x37e0 [ 119.109427] ? lock_release+0x532/0x770 [ 119.109739] ? __might_fault+0x102/0x1b0 [ 119.110054] ? lock_acquire+0x427/0x4c0 [ 119.110362] ? __pfx_iommufd_test+0x10/0x10 [ 119.110705] ? __pfx_lock_release+0x10/0x10 [ 119.111039] ? __pfx_lock_acquire+0x10/0x10 [ 119.111387] ? write_comp_data+0x2f/0x90 [ 119.111708] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.112082] ? write_comp_data+0x2f/0x90 [ 119.112400] iommufd_fops_ioctl+0x37d/0x510 [ 119.112730] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.113102] ? write_comp_data+0x2f/0x90 [ 119.113417] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.113782] __x64_sys_ioctl+0x1a3/0x230 [ 119.114099] do_syscall_64+0x3b/0x90 [ 119.114389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.114808] RIP: 0033:0x7f4b8743ee5d [ 119.115092] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.116464] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.117035] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.117571] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.118105] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.118669] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.119207] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.119750] [ 119.119930] irq event stamp: 0 [ 119.120167] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.120639] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.121266] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.121895] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.122372] ---[ end trace 0000000000000000 ]--- [ 119.125110] ------------[ cut here ]------------ [ 119.125496] WARNING: CPU: 1 PID: 1083 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.126258] Modules linked in: [ 119.126500] CPU: 1 PID: 1083 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.127214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.128052] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.128428] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.129789] RSP: 0018:ffff88801862fbd0 EFLAGS: 00010246 [ 119.130190] RAX: 0000000000000000 RBX: ffff888020b7f8a8 RCX: 0000000000000000 [ 119.130759] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 119.131399] RBP: ffff88801862fbe8 R08: ffffed100416ff33 R09: ffffed100416ff33 [ 119.131934] R10: ffff888020b7f993 R11: ffffed100416ff32 R12: ffff888013a58800 [ 119.132472] R13: ffff888020b7f9e8 R14: ffff888020a42200 R15: 0000000000000000 [ 119.133006] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.133615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.134050] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 119.134614] PKRU: 55555554 [ 119.134898] Call Trace: [ 119.135122] [ 119.135295] iommufd_access_destroy_object+0x65/0x170 [ 119.135699] iommufd_object_destroy_user+0x18e/0x220 [ 119.136087] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.136530] iommufd_access_destroy+0x43/0x70 [ 119.136888] iommufd_test_staccess_release+0x8d/0xd0 [ 119.137280] __fput+0x26d/0xa40 [ 119.137544] ____fput+0x1e/0x30 [ 119.137813] task_work_run+0x1a4/0x2d0 [ 119.138119] ? __pfx_task_work_run+0x10/0x10 [ 119.138458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.138870] ? switch_task_namespaces+0xa9/0xe0 [ 119.139368] do_exit+0xb17/0x2ef0 [ 119.139645] ? lock_acquire+0x427/0x4c0 [ 119.139964] ? __pfx_lock_release+0x10/0x10 [ 119.140296] ? __kasan_check_write+0x18/0x20 [ 119.140633] ? do_raw_spin_lock+0x132/0x2a0 [ 119.140972] ? __pfx_do_exit+0x10/0x10 [ 119.141278] ? debug_smp_processor_id+0x20/0x30 [ 119.141637] ? rcu_is_watching+0x19/0xb0 [ 119.141950] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.142310] ? trace_hardirqs_on+0x26/0x120 [ 119.142673] do_group_exit+0xe0/0x2b0 [ 119.143055] __x64_sys_exit_group+0x47/0x50 [ 119.143442] do_syscall_64+0x3b/0x90 [ 119.143736] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.144134] RIP: 0033:0x7f4b87518a4d [ 119.144430] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.144894] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.145478] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.146016] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.146596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.147238] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.147787] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.148330] [ 119.148511] irq event stamp: 0 [ 119.148761] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.149239] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.149875] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.150500] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.151100] ---[ end trace 0000000000000000 ]--- [ 119.151792] ------------[ cut here ]------------ [ 119.152158] WARNING: CPU: 1 PID: 1083 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.152921] Modules linked in: [ 119.153176] CPU: 1 PID: 1083 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.153830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.154710] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.155196] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.156577] RSP: 0018:ffff88801862fb78 EFLAGS: 00010246 [ 119.156980] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.157524] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 119.158059] RBP: ffff88801862fb98 R08: ffffed100416ff3e R09: ffffed100416ff3e [ 119.158626] R10: ffff888020b7f9ef R11: ffffed100416ff3d R12: ffff888020b7fa90 [ 119.159247] R13: ffff888020b7f8a8 R14: ffffffffffffffff R15: ffff88801862fc60 [ 119.159789] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.160394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.160838] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 119.161371] PKRU: 55555554 [ 119.161586] Call Trace: [ 119.161787] [ 119.161958] iommufd_ioas_destroy+0x53/0x70 [ 119.162292] iommufd_fops_release+0x1f7/0x370 [ 119.162669] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.163174] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.163557] ? write_comp_data+0x2f/0x90 [ 119.163875] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.164270] __fput+0x26d/0xa40 [ 119.164539] ____fput+0x1e/0x30 [ 119.164799] task_work_run+0x1a4/0x2d0 [ 119.165103] ? __pfx_task_work_run+0x10/0x10 [ 119.165451] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.165826] ? switch_task_namespaces+0xa9/0xe0 [ 119.166191] do_exit+0xb17/0x2ef0 [ 119.166464] ? lock_acquire+0x427/0x4c0 [ 119.166807] ? __pfx_lock_release+0x10/0x10 [ 119.167253] ? __kasan_check_write+0x18/0x20 [ 119.167643] ? do_raw_spin_lock+0x132/0x2a0 [ 119.167975] ? __pfx_do_exit+0x10/0x10 [ 119.168282] ? debug_smp_processor_id+0x20/0x30 [ 119.168651] ? rcu_is_watching+0x19/0xb0 [ 119.168964] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.169313] ? trace_hardirqs_on+0x26/0x120 [ 119.169654] do_group_exit+0xe0/0x2b0 [ 119.169944] __x64_sys_exit_group+0x47/0x50 [ 119.170269] do_syscall_64+0x3b/0x90 [ 119.170602] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.171124] RIP: 0033:0x7f4b87518a4d [ 119.171414] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.171878] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.172461] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.172995] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.173542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.174088] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.174674] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.175338] [ 119.175529] irq event stamp: 0 [ 119.175774] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.176257] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.176910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.177565] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.178049] ---[ end trace 0000000000000000 ]--- [ 119.181859] ------------[ cut here ]------------ [ 119.182266] WARNING: CPU: 0 PID: 1084 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.183344] Modules linked in: [ 119.183608] CPU: 0 PID: 1084 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.184287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.185149] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.185536] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.187516] RSP: 0018:ffff88800fb07bb8 EFLAGS: 00010246 [ 119.188165] RAX: 0000000000000000 RBX: ffff888017b9b0a8 RCX: 0000000000000000 [ 119.188959] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 119.189756] RBP: ffff88800fb07bd0 R08: ffffed1002f73633 R09: ffffed1002f73633 [ 119.190601] R10: ffff888017b9b193 R11: ffffed1002f73632 R12: ffff888013e55800 [ 119.191429] R13: ffff888017b9b1e8 R14: ffffffff8352e670 R15: ffff88800fb07e68 [ 119.192220] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.193111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.193756] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 119.194595] PKRU: 55555554 [ 119.194932] Call Trace: [ 119.195301] [ 119.195481] __iommufd_access_detach+0x1c2/0x2b0 [ 119.195862] iommufd_access_change_pt+0x149/0x270 [ 119.196251] iommufd_access_replace+0xb4/0x120 [ 119.196611] iommufd_test+0x3e5/0x37e0 [ 119.196911] ? lock_release+0x532/0x770 [ 119.197235] ? __might_fault+0x102/0x1b0 [ 119.197554] ? lock_acquire+0x427/0x4c0 [ 119.197868] ? __pfx_iommufd_test+0x10/0x10 [ 119.198206] ? __pfx_lock_release+0x10/0x10 [ 119.198573] ? __pfx_lock_acquire+0x10/0x10 [ 119.199015] ? write_comp_data+0x2f/0x90 [ 119.199401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.199788] ? write_comp_data+0x2f/0x90 [ 119.200114] iommufd_fops_ioctl+0x37d/0x510 [ 119.200466] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.200856] ? write_comp_data+0x2f/0x90 [ 119.201188] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.201585] __x64_sys_ioctl+0x1a3/0x230 [ 119.201917] do_syscall_64+0x3b/0x90 [ 119.202222] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.202681] RIP: 0033:0x7f4b8743ee5d [ 119.203074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.204531] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.205130] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.205685] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.206237] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.206828] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.207539] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.208246] [ 119.208477] irq event stamp: 0 [ 119.208786] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.209410] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.210233] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.211090] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.211645] ---[ end trace 0000000000000000 ]--- [ 119.214474] ------------[ cut here ]------------ [ 119.214960] WARNING: CPU: 0 PID: 1084 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.215826] Modules linked in: [ 119.216090] CPU: 0 PID: 1084 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.216780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.217681] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.218091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.219598] RSP: 0018:ffff88800fb07bd0 EFLAGS: 00010246 [ 119.220103] RAX: 0000000000000000 RBX: ffff888017b9b0a8 RCX: 0000000000000000 [ 119.220680] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 119.221267] RBP: ffff88800fb07be8 R08: ffffed1002f73633 R09: ffffed1002f73633 [ 119.221833] R10: ffff888017b9b193 R11: ffffed1002f73632 R12: ffff888016633800 [ 119.222404] R13: ffff888017b9b1e8 R14: ffff888020def200 R15: 0000000000000000 [ 119.223013] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.223707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.224179] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.224754] PKRU: 55555554 [ 119.224983] Call Trace: [ 119.225186] [ 119.225368] iommufd_access_destroy_object+0x65/0x170 [ 119.225789] iommufd_object_destroy_user+0x18e/0x220 [ 119.226212] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.226723] iommufd_access_destroy+0x43/0x70 [ 119.227105] iommufd_test_staccess_release+0x8d/0xd0 [ 119.227542] __fput+0x26d/0xa40 [ 119.227828] ____fput+0x1e/0x30 [ 119.228102] task_work_run+0x1a4/0x2d0 [ 119.228423] ? __pfx_task_work_run+0x10/0x10 [ 119.228787] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.229234] ? switch_task_namespaces+0xa9/0xe0 [ 119.229624] do_exit+0xb17/0x2ef0 [ 119.229910] ? lock_acquire+0x427/0x4c0 [ 119.230247] ? __pfx_lock_release+0x10/0x10 [ 119.230636] ? __kasan_check_write+0x18/0x20 [ 119.230996] ? do_raw_spin_lock+0x132/0x2a0 [ 119.231361] ? __pfx_do_exit+0x10/0x10 [ 119.231688] ? debug_smp_processor_id+0x20/0x30 [ 119.232073] ? rcu_is_watching+0x19/0xb0 [ 119.232401] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.232771] ? trace_hardirqs_on+0x26/0x120 [ 119.233127] do_group_exit+0xe0/0x2b0 [ 119.233439] __x64_sys_exit_group+0x47/0x50 [ 119.233782] do_syscall_64+0x3b/0x90 [ 119.234091] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.234567] RIP: 0033:0x7f4b87518a4d [ 119.234884] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.235387] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.235996] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.236566] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.237138] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.237716] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.238307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.238954] [ 119.239175] irq event stamp: 0 [ 119.239444] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.239982] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.240690] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.241393] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.241920] ---[ end trace 0000000000000000 ]--- [ 119.242709] ------------[ cut here ]------------ [ 119.243126] WARNING: CPU: 0 PID: 1084 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.243993] Modules linked in: [ 119.244271] CPU: 0 PID: 1084 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.245014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.245959] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.246405] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.247990] RSP: 0018:ffff88800fb07b78 EFLAGS: 00010246 [ 119.248446] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.249047] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 119.249651] RBP: ffff88800fb07b98 R08: ffffed1002f7363e R09: ffffed1002f7363e [ 119.250248] R10: ffff888017b9b1ef R11: ffffed1002f7363d R12: ffff888017b9b290 [ 119.250866] R13: ffff888017b9b0a8 R14: ffffffffffffffff R15: ffff88800fb07c60 [ 119.251473] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.252147] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.252629] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.253227] PKRU: 55555554 [ 119.253467] Call Trace: [ 119.253685] [ 119.253876] iommufd_ioas_destroy+0x53/0x70 [ 119.254253] iommufd_fops_release+0x1f7/0x370 [ 119.254655] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.255083] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.255516] ? write_comp_data+0x2f/0x90 [ 119.255882] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.256305] __fput+0x26d/0xa40 [ 119.256604] ____fput+0x1e/0x30 [ 119.256896] task_work_run+0x1a4/0x2d0 [ 119.257236] ? __pfx_task_work_run+0x10/0x10 [ 119.257624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.258044] ? switch_task_namespaces+0xa9/0xe0 [ 119.258459] do_exit+0xb17/0x2ef0 [ 119.258791] ? lock_acquire+0x427/0x4c0 [ 119.259161] ? __pfx_lock_release+0x10/0x10 [ 119.259546] ? __kasan_check_write+0x18/0x20 [ 119.259927] ? do_raw_spin_lock+0x132/0x2a0 [ 119.260303] ? __pfx_do_exit+0x10/0x10 [ 119.260649] ? debug_smp_processor_id+0x20/0x30 [ 119.261103] ? rcu_is_watching+0x19/0xb0 [ 119.261452] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.261842] ? trace_hardirqs_on+0x26/0x120 [ 119.262214] do_group_exit+0xe0/0x2b0 [ 119.262568] __x64_sys_exit_group+0x47/0x50 [ 119.262937] do_syscall_64+0x3b/0x90 [ 119.263273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.263721] RIP: 0033:0x7f4b87518a4d [ 119.264038] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.264557] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.265198] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.265795] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.266389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.267011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.267623] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.268230] [ 119.268427] irq event stamp: 0 [ 119.268695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.269230] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.269946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.270678] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.271216] ---[ end trace 0000000000000000 ]--- [ 119.276136] ------------[ cut here ]------------ [ 119.276629] WARNING: CPU: 0 PID: 1085 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.277536] Modules linked in: [ 119.277823] CPU: 0 PID: 1085 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.278821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.279850] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.280310] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.281945] RSP: 0018:ffff888016ec7bb8 EFLAGS: 00010246 [ 119.282428] RAX: 0000000000000000 RBX: ffff888011d568a8 RCX: 0000000000000000 [ 119.283093] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 119.283750] RBP: ffff888016ec7bd0 R08: ffffed10023aad33 R09: ffffed10023aad33 [ 119.284393] R10: ffff888011d56993 R11: ffffed10023aad32 R12: ffff888021bc4800 [ 119.285046] R13: ffff888011d569e8 R14: ffffffff8352e670 R15: ffff888016ec7e68 [ 119.285692] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.286426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.286995] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ef0 [ 119.287662] PKRU: 55555554 [ 119.287919] Call Trace: [ 119.288152] [ 119.288359] __iommufd_access_detach+0x1c2/0x2b0 [ 119.288820] iommufd_access_change_pt+0x149/0x270 [ 119.289274] iommufd_access_replace+0xb4/0x120 [ 119.289703] iommufd_test+0x3e5/0x37e0 [ 119.290057] ? lock_release+0x532/0x770 [ 119.290431] ? __might_fault+0x102/0x1b0 [ 119.290838] ? lock_acquire+0x427/0x4c0 [ 119.291232] ? __pfx_iommufd_test+0x10/0x10 [ 119.291633] ? __pfx_lock_release+0x10/0x10 [ 119.292043] ? __pfx_lock_acquire+0x10/0x10 [ 119.292449] ? write_comp_data+0x2f/0x90 [ 119.292832] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.293326] ? write_comp_data+0x2f/0x90 [ 119.293704] iommufd_fops_ioctl+0x37d/0x510 [ 119.294100] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.294591] ? write_comp_data+0x2f/0x90 [ 119.294994] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.295463] __x64_sys_ioctl+0x1a3/0x230 [ 119.295854] do_syscall_64+0x3b/0x90 [ 119.296211] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.296700] RIP: 0033:0x7f4b8743ee5d [ 119.297047] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.298767] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.299499] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.300157] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.300819] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.301473] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.302117] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.302807] [ 119.303027] irq event stamp: 0 [ 119.303332] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.303914] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.304688] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.305451] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.306035] ---[ end trace 0000000000000000 ]--- [ 119.309193] ------------[ cut here ]------------ [ 119.309690] WARNING: CPU: 0 PID: 1085 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.310730] Modules linked in: [ 119.311036] CPU: 0 PID: 1085 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.311875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.312933] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.313413] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.315153] RSP: 0018:ffff888016ec7bd0 EFLAGS: 00010246 [ 119.315665] RAX: 0000000000000000 RBX: ffff888011d568a8 RCX: 0000000000000000 [ 119.316343] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 119.317008] RBP: ffff888016ec7be8 R08: ffffed10023aad33 R09: ffffed10023aad33 [ 119.317711] R10: ffff888011d56993 R11: ffffed10023aad32 R12: ffff888013e55000 [ 119.318433] R13: ffff888011d569e8 R14: ffff888013fca800 R15: 0000000000000000 [ 119.319197] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.320028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.320614] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.321333] PKRU: 55555554 [ 119.321630] Call Trace: [ 119.321900] [ 119.322145] iommufd_access_destroy_object+0x65/0x170 [ 119.322731] iommufd_object_destroy_user+0x18e/0x220 [ 119.323268] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.323871] iommufd_access_destroy+0x43/0x70 [ 119.324338] iommufd_test_staccess_release+0x8d/0xd0 [ 119.324862] __fput+0x26d/0xa40 [ 119.325261] ____fput+0x1e/0x30 [ 119.325604] task_work_run+0x1a4/0x2d0 [ 119.326008] ? __pfx_task_work_run+0x10/0x10 [ 119.326465] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.327043] ? switch_task_namespaces+0xa9/0xe0 [ 119.327752] do_exit+0xb17/0x2ef0 [ 119.328106] ? lock_acquire+0x427/0x4c0 [ 119.328522] ? __pfx_lock_release+0x10/0x10 [ 119.328967] ? __kasan_check_write+0x18/0x20 [ 119.329417] ? do_raw_spin_lock+0x132/0x2a0 [ 119.329857] ? __pfx_do_exit+0x10/0x10 [ 119.330258] ? debug_smp_processor_id+0x20/0x30 [ 119.330779] ? rcu_is_watching+0x19/0xb0 [ 119.331220] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.331686] ? trace_hardirqs_on+0x26/0x120 [ 119.332126] do_group_exit+0xe0/0x2b0 [ 119.332511] __x64_sys_exit_group+0x47/0x50 [ 119.332947] do_syscall_64+0x3b/0x90 [ 119.333346] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.333883] RIP: 0033:0x7f4b87518a4d [ 119.334266] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.334936] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.335726] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.336439] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.337158] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.337875] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.338644] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.339391] [ 119.339628] irq event stamp: 0 [ 119.339948] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.340585] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.341421] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.342265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.342942] ---[ end trace 0000000000000000 ]--- [ 119.343841] ------------[ cut here ]------------ [ 119.344327] WARNING: CPU: 0 PID: 1085 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.345363] Modules linked in: [ 119.345693] CPU: 0 PID: 1085 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.346622] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.347954] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.348482] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.350302] RSP: 0018:ffff888016ec7b78 EFLAGS: 00010246 [ 119.350912] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.351655] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 119.352360] RBP: ffff888016ec7b98 R08: ffffed10023aad3e R09: ffffed10023aad3e [ 119.353066] R10: ffff888011d569ef R11: ffffed10023aad3d R12: ffff888011d56a90 [ 119.353772] R13: ffff888011d568a8 R14: ffffffffffffffff R15: ffff888016ec7c60 [ 119.354482] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.355338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.355990] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.356764] PKRU: 55555554 [ 119.357108] Call Trace: [ 119.357392] [ 119.357645] iommufd_ioas_destroy+0x53/0x70 [ 119.358121] iommufd_fops_release+0x1f7/0x370 [ 119.358651] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.359221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.359764] ? write_comp_data+0x2f/0x90 [ 119.360220] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.360770] __fput+0x26d/0xa40 [ 119.361150] ____fput+0x1e/0x30 [ 119.361519] task_work_run+0x1a4/0x2d0 [ 119.361960] ? __pfx_task_work_run+0x10/0x10 [ 119.362458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.363045] ? switch_task_namespaces+0xa9/0xe0 [ 119.363603] do_exit+0xb17/0x2ef0 [ 119.363989] ? lock_acquire+0x427/0x4c0 [ 119.364432] ? __pfx_lock_release+0x10/0x10 [ 119.364908] ? __kasan_check_write+0x18/0x20 [ 119.365401] ? do_raw_spin_lock+0x132/0x2a0 [ 119.365884] ? __pfx_do_exit+0x10/0x10 [ 119.366319] ? debug_smp_processor_id+0x20/0x30 [ 119.366878] ? rcu_is_watching+0x19/0xb0 [ 119.367340] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.367846] ? trace_hardirqs_on+0x26/0x120 [ 119.368342] do_group_exit+0xe0/0x2b0 [ 119.368779] __x64_sys_exit_group+0x47/0x50 [ 119.369256] do_syscall_64+0x3b/0x90 [ 119.369675] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.370258] RIP: 0033:0x7f4b87518a4d [ 119.370722] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.371427] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.372263] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.373040] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.373816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.374640] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.375433] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.376223] [ 119.376476] irq event stamp: 0 [ 119.376826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.377518] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.378429] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.379406] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.380099] ---[ end trace 0000000000000000 ]--- [ 119.385577] ------------[ cut here ]------------ [ 119.386181] WARNING: CPU: 0 PID: 1086 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.387375] Modules linked in: [ 119.387748] CPU: 0 PID: 1086 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.388710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.389968] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.390569] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.392612] RSP: 0018:ffff8880245efbb8 EFLAGS: 00010246 [ 119.393204] RAX: 0000000000000000 RBX: ffff888012b2d0a8 RCX: 0000000000000000 [ 119.393991] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 119.394822] RBP: ffff8880245efbd0 R08: ffffed1002565a33 R09: ffffed1002565a33 [ 119.395629] R10: ffff888012b2d193 R11: ffffed1002565a32 R12: ffff88801456b800 [ 119.396418] R13: ffff888012b2d1e8 R14: ffffffff8352e670 R15: ffff8880245efe68 [ 119.397204] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.398085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.398753] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ef0 [ 119.399560] PKRU: 55555554 [ 119.399870] Call Trace: [ 119.400150] [ 119.400399] __iommufd_access_detach+0x1c2/0x2b0 [ 119.400939] iommufd_access_change_pt+0x149/0x270 [ 119.401484] iommufd_access_replace+0xb4/0x120 [ 119.402010] iommufd_test+0x3e5/0x37e0 [ 119.402442] ? lock_release+0x532/0x770 [ 119.402928] ? __might_fault+0x102/0x1b0 [ 119.403404] ? lock_acquire+0x427/0x4c0 [ 119.403851] ? __pfx_iommufd_test+0x10/0x10 [ 119.404328] ? __pfx_lock_release+0x10/0x10 [ 119.404817] ? __pfx_lock_acquire+0x10/0x10 [ 119.405309] ? write_comp_data+0x2f/0x90 [ 119.405765] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.406296] ? write_comp_data+0x2f/0x90 [ 119.406795] iommufd_fops_ioctl+0x37d/0x510 [ 119.407297] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.407844] ? write_comp_data+0x2f/0x90 [ 119.408308] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.408865] __x64_sys_ioctl+0x1a3/0x230 [ 119.409335] do_syscall_64+0x3b/0x90 [ 119.409767] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.410363] RIP: 0033:0x7f4b8743ee5d [ 119.410835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.412901] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.413751] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.414594] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.415414] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.416214] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.417018] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.417824] [ 119.418097] irq event stamp: 0 [ 119.418456] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.419255] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.420218] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.421205] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.421912] ---[ end trace 0000000000000000 ]--- [ 119.425348] ------------[ cut here ]------------ [ 119.425926] WARNING: CPU: 0 PID: 1086 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.427361] Modules linked in: [ 119.427730] CPU: 0 PID: 1086 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.428705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.429955] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.430569] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.432633] RSP: 0018:ffff8880245efbd0 EFLAGS: 00010246 [ 119.433236] RAX: 0000000000000000 RBX: ffff888012b2d0a8 RCX: 0000000000000000 [ 119.434039] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 119.434895] RBP: ffff8880245efbe8 R08: ffffed1002565a33 R09: ffffed1002565a33 [ 119.435715] R10: ffff888012b2d193 R11: ffffed1002565a32 R12: ffff888021bc6c00 [ 119.436512] R13: ffff888012b2d1e8 R14: ffff8880149b6200 R15: 0000000000000000 [ 119.437315] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.438229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.438939] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.439787] PKRU: 55555554 [ 119.440112] Call Trace: [ 119.440400] [ 119.440656] iommufd_access_destroy_object+0x65/0x170 [ 119.441251] iommufd_object_destroy_user+0x18e/0x220 [ 119.441826] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.442492] iommufd_access_destroy+0x43/0x70 [ 119.443065] iommufd_test_staccess_release+0x8d/0xd0 [ 119.443660] __fput+0x26d/0xa40 [ 119.444053] ____fput+0x1e/0x30 [ 119.444439] task_work_run+0x1a4/0x2d0 [ 119.444890] ? __pfx_task_work_run+0x10/0x10 [ 119.445388] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.445936] ? switch_task_namespaces+0xa9/0xe0 [ 119.446466] do_exit+0xb17/0x2ef0 [ 119.446897] ? lock_acquire+0x427/0x4c0 [ 119.447377] ? __pfx_lock_release+0x10/0x10 [ 119.447873] ? __kasan_check_write+0x18/0x20 [ 119.448376] ? do_raw_spin_lock+0x132/0x2a0 [ 119.448857] ? __pfx_do_exit+0x10/0x10 [ 119.449296] ? debug_smp_processor_id+0x20/0x30 [ 119.449811] ? rcu_is_watching+0x19/0xb0 [ 119.450261] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.450802] ? trace_hardirqs_on+0x26/0x120 [ 119.451303] do_group_exit+0xe0/0x2b0 [ 119.451731] __x64_sys_exit_group+0x47/0x50 [ 119.452209] do_syscall_64+0x3b/0x90 [ 119.452636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.453263] RIP: 0033:0x7f4b87518a4d [ 119.453681] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.454367] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.455267] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.456069] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.456859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.457647] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.458424] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.459270] [ 119.459535] irq event stamp: 0 [ 119.459887] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.460580] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.461503] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.462415] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.463167] ---[ end trace 0000000000000000 ]--- [ 119.464103] ------------[ cut here ]------------ [ 119.464630] WARNING: CPU: 0 PID: 1086 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.465757] Modules linked in: [ 119.466114] CPU: 0 PID: 1086 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.467134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.468384] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.468950] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.470986] RSP: 0018:ffff8880245efb78 EFLAGS: 00010246 [ 119.471598] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.472383] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 119.473165] RBP: ffff8880245efb98 R08: ffffed1002565a3e R09: ffffed1002565a3e [ 119.473925] R10: ffff888012b2d1ef R11: ffffed1002565a3d R12: ffff888012b2d290 [ 119.474722] R13: ffff888012b2d0a8 R14: ffffffffffffffff R15: ffff8880245efc60 [ 119.475506] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.476370] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.476989] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.477756] PKRU: 55555554 [ 119.478058] Call Trace: [ 119.478336] [ 119.478635] iommufd_ioas_destroy+0x53/0x70 [ 119.479127] iommufd_fops_release+0x1f7/0x370 [ 119.479626] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.480164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.480699] ? write_comp_data+0x2f/0x90 [ 119.481126] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.481640] __fput+0x26d/0xa40 [ 119.481992] ____fput+0x1e/0x30 [ 119.482342] task_work_run+0x1a4/0x2d0 [ 119.482780] ? __pfx_task_work_run+0x10/0x10 [ 119.483254] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.483762] ? switch_task_namespaces+0xa9/0xe0 [ 119.484253] do_exit+0xb17/0x2ef0 [ 119.484614] ? lock_acquire+0x427/0x4c0 [ 119.485075] ? __pfx_lock_release+0x10/0x10 [ 119.485527] ? __kasan_check_write+0x18/0x20 [ 119.485990] ? do_raw_spin_lock+0x132/0x2a0 [ 119.486434] ? __pfx_do_exit+0x10/0x10 [ 119.486868] ? debug_smp_processor_id+0x20/0x30 [ 119.487361] ? rcu_is_watching+0x19/0xb0 [ 119.487772] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.488230] ? trace_hardirqs_on+0x26/0x120 [ 119.488667] do_group_exit+0xe0/0x2b0 [ 119.489056] __x64_sys_exit_group+0x47/0x50 [ 119.489496] do_syscall_64+0x3b/0x90 [ 119.489887] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.490423] RIP: 0033:0x7f4b87518a4d [ 119.490828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.491477] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.492251] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.492980] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.493711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.494436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.495210] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.495930] [ 119.496160] irq event stamp: 0 [ 119.496471] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.497089] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.497910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.498747] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.499574] ---[ end trace 0000000000000000 ]--- [ 119.506028] ------------[ cut here ]------------ [ 119.506657] WARNING: CPU: 0 PID: 1087 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.507873] Modules linked in: [ 119.508260] CPU: 0 PID: 1087 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.509285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.510632] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.511399] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.512961] RSP: 0018:ffff88800f0d7bb8 EFLAGS: 00010246 [ 119.513420] RAX: 0000000000000000 RBX: ffff8880167330a8 RCX: 0000000000000000 [ 119.514026] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 119.514684] RBP: ffff88800f0d7bd0 R08: ffffed1002ce6633 R09: ffffed1002ce6633 [ 119.515305] R10: ffff888016733193 R11: ffffed1002ce6632 R12: ffff8880142b3c00 [ 119.515912] R13: ffff8880167331e8 R14: ffffffff8352e670 R15: ffff88800f0d7e68 [ 119.516517] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.517196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.517690] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ef0 [ 119.518297] PKRU: 55555554 [ 119.518555] Call Trace: [ 119.518778] [ 119.518974] __iommufd_access_detach+0x1c2/0x2b0 [ 119.519404] iommufd_access_change_pt+0x149/0x270 [ 119.519834] iommufd_access_replace+0xb4/0x120 [ 119.520240] iommufd_test+0x3e5/0x37e0 [ 119.520576] ? lock_release+0x532/0x770 [ 119.520929] ? __might_fault+0x102/0x1b0 [ 119.521288] ? lock_acquire+0x427/0x4c0 [ 119.521640] ? __pfx_iommufd_test+0x10/0x10 [ 119.522008] ? __pfx_lock_release+0x10/0x10 [ 119.522385] ? __pfx_lock_acquire+0x10/0x10 [ 119.522776] ? write_comp_data+0x2f/0x90 [ 119.523146] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.523571] ? write_comp_data+0x2f/0x90 [ 119.523932] iommufd_fops_ioctl+0x37d/0x510 [ 119.524313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.524736] ? write_comp_data+0x2f/0x90 [ 119.525092] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.525508] __x64_sys_ioctl+0x1a3/0x230 [ 119.525862] do_syscall_64+0x3b/0x90 [ 119.526188] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.526651] RIP: 0033:0x7f4b8743ee5d [ 119.526973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.528491] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.529108] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.529686] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.530263] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.530861] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.531448] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.532034] [ 119.532225] irq event stamp: 0 [ 119.532483] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.532999] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.533676] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.534352] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.534890] ---[ end trace 0000000000000000 ]--- [ 119.537718] ------------[ cut here ]------------ [ 119.538132] WARNING: CPU: 0 PID: 1087 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.538993] Modules linked in: [ 119.539270] CPU: 0 PID: 1087 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.540232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.541162] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.541570] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.543088] RSP: 0018:ffff88800f0d7bd0 EFLAGS: 00010246 [ 119.543542] RAX: 0000000000000000 RBX: ffff8880167330a8 RCX: 0000000000000000 [ 119.544123] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 119.544705] RBP: ffff88800f0d7be8 R08: ffffed1002ce6633 R09: ffffed1002ce6633 [ 119.545289] R10: ffff888016733193 R11: ffffed1002ce6632 R12: ffff88801456a800 [ 119.545871] R13: ffff8880167331e8 R14: ffff888020939e00 R15: 0000000000000000 [ 119.546451] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.547126] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.547602] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.548190] PKRU: 55555554 [ 119.548422] Call Trace: [ 119.548637] [ 119.548823] iommufd_access_destroy_object+0x65/0x170 [ 119.549248] iommufd_object_destroy_user+0x18e/0x220 [ 119.549672] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.550158] iommufd_access_destroy+0x43/0x70 [ 119.550555] iommufd_test_staccess_release+0x8d/0xd0 [ 119.550980] __fput+0x26d/0xa40 [ 119.551278] ____fput+0x1e/0x30 [ 119.551564] task_work_run+0x1a4/0x2d0 [ 119.551893] ? __pfx_task_work_run+0x10/0x10 [ 119.552263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.552671] ? switch_task_namespaces+0xa9/0xe0 [ 119.553064] do_exit+0xb17/0x2ef0 [ 119.553351] ? lock_acquire+0x427/0x4c0 [ 119.553689] ? __pfx_lock_release+0x10/0x10 [ 119.554051] ? __kasan_check_write+0x18/0x20 [ 119.554417] ? do_raw_spin_lock+0x132/0x2a0 [ 119.554793] ? __pfx_do_exit+0x10/0x10 [ 119.555131] ? debug_smp_processor_id+0x20/0x30 [ 119.555517] ? rcu_is_watching+0x19/0xb0 [ 119.555855] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.556232] ? trace_hardirqs_on+0x26/0x120 [ 119.556591] do_group_exit+0xe0/0x2b0 [ 119.556909] __x64_sys_exit_group+0x47/0x50 [ 119.557260] do_syscall_64+0x3b/0x90 [ 119.557573] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.558005] RIP: 0033:0x7f4b87518a4d [ 119.558310] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.558824] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.559452] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.560039] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.560619] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.561197] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.561778] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.562362] [ 119.562575] irq event stamp: 0 [ 119.562840] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.563369] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.564056] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.564740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.565255] ---[ end trace 0000000000000000 ]--- [ 119.566565] ------------[ cut here ]------------ [ 119.566969] WARNING: CPU: 0 PID: 1087 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.567823] Modules linked in: [ 119.568089] CPU: 0 PID: 1087 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.568807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.569725] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.570146] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.571855] RSP: 0018:ffff88800f0d7b78 EFLAGS: 00010246 [ 119.572299] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.572879] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 119.573461] RBP: ffff88800f0d7b98 R08: ffffed1002ce663e R09: ffffed1002ce663e [ 119.574042] R10: ffff8880167331ef R11: ffffed1002ce663d R12: ffff888016733290 [ 119.574686] R13: ffff8880167330a8 R14: ffffffffffffffff R15: ffff88800f0d7c60 [ 119.575296] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.575958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.576440] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 119.577026] PKRU: 55555554 [ 119.577260] Call Trace: [ 119.577472] [ 119.577660] iommufd_ioas_destroy+0x53/0x70 [ 119.578022] iommufd_fops_release+0x1f7/0x370 [ 119.578395] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.578833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.579250] ? write_comp_data+0x2f/0x90 [ 119.579594] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.580009] __fput+0x26d/0xa40 [ 119.580296] ____fput+0x1e/0x30 [ 119.580574] task_work_run+0x1a4/0x2d0 [ 119.580896] ? __pfx_task_work_run+0x10/0x10 [ 119.581243] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.581634] ? switch_task_namespaces+0xa9/0xe0 [ 119.582013] do_exit+0xb17/0x2ef0 [ 119.582291] ? lock_acquire+0x427/0x4c0 [ 119.582636] ? __pfx_lock_release+0x10/0x10 [ 119.582991] ? __kasan_check_write+0x18/0x20 [ 119.583363] ? do_raw_spin_lock+0x132/0x2a0 [ 119.583716] ? __pfx_do_exit+0x10/0x10 [ 119.584041] ? debug_smp_processor_id+0x20/0x30 [ 119.584422] ? rcu_is_watching+0x19/0xb0 [ 119.584757] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.585131] ? trace_hardirqs_on+0x26/0x120 [ 119.585488] do_group_exit+0xe0/0x2b0 [ 119.585802] __x64_sys_exit_group+0x47/0x50 [ 119.586151] do_syscall_64+0x3b/0x90 [ 119.586461] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.586902] RIP: 0033:0x7f4b87518a4d [ 119.587230] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.587728] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.588338] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.588907] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.589479] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.590043] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.590624] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.591217] [ 119.591406] irq event stamp: 0 [ 119.591662] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.592167] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.592834] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.593500] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.594002] ---[ end trace 0000000000000000 ]--- [ 119.598636] ------------[ cut here ]------------ [ 119.599048] WARNING: CPU: 0 PID: 1088 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.599851] Modules linked in: [ 119.600101] CPU: 0 PID: 1088 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.600773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.601636] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.602019] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.603444] RSP: 0018:ffff888010f2fbb8 EFLAGS: 00010246 [ 119.603855] RAX: 0000000000000000 RBX: ffff88800bdc50a8 RCX: 0000000000000000 [ 119.604399] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 119.604944] RBP: ffff888010f2fbd0 R08: ffffed10017b8a33 R09: ffffed10017b8a33 [ 119.605488] R10: ffff88800bdc5193 R11: ffffed10017b8a32 R12: ffff88801892f400 [ 119.606035] R13: ffff88800bdc51e8 R14: ffffffff8352e670 R15: ffff888010f2fe68 [ 119.606599] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 119.607233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.607684] CR2: 0000000020000140 CR3: 0000000020eb0000 CR4: 0000000000750ef0 [ 119.608500] PKRU: 55555554 [ 119.608729] Call Trace: [ 119.608931] [ 119.609109] __iommufd_access_detach+0x1c2/0x2b0 [ 119.609498] iommufd_access_change_pt+0x149/0x270 [ 119.609887] iommufd_access_replace+0xb4/0x120 [ 119.610261] iommufd_test+0x3e5/0x37e0 [ 119.610603] ? lock_release+0x532/0x770 [ 119.610932] ? __might_fault+0x102/0x1b0 [ 119.611275] ? lock_acquire+0x427/0x4c0 [ 119.611598] ? __pfx_iommufd_test+0x10/0x10 [ 119.611937] ? __pfx_lock_release+0x10/0x10 [ 119.612289] ? __pfx_lock_acquire+0x10/0x10 [ 119.612642] ? write_comp_data+0x2f/0x90 [ 119.612975] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.613364] ? write_comp_data+0x2f/0x90 [ 119.613695] iommufd_fops_ioctl+0x37d/0x510 [ 119.614038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.614427] ? write_comp_data+0x2f/0x90 [ 119.614777] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.615171] __x64_sys_ioctl+0x1a3/0x230 [ 119.615504] do_syscall_64+0x3b/0x90 [ 119.615805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.616214] RIP: 0033:0x7f4b8743ee5d [ 119.616509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.617911] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.618527] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.619087] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.619644] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.620190] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.620744] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.621305] [ 119.621488] irq event stamp: 0 [ 119.621734] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.622223] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.622888] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.623558] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.624047] ---[ end trace 0000000000000000 ]--- [ 119.636720] ------------[ cut here ]------------ [ 119.637194] WARNING: CPU: 1 PID: 1088 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.638098] Modules linked in: [ 119.638460] CPU: 1 PID: 1088 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.639266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.640358] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.640797] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.642500] RSP: 0018:ffff888010f2fbd0 EFLAGS: 00010246 [ 119.642985] RAX: 0000000000000000 RBX: ffff88800bdc50a8 RCX: 0000000000000000 [ 119.643646] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 119.644342] RBP: ffff888010f2fbe8 R08: ffffed10017b8a33 R09: ffffed10017b8a33 [ 119.644971] R10: ffff88800bdc5193 R11: ffffed10017b8a32 R12: ffff8880142b1400 [ 119.645688] R13: ffff88800bdc51e8 R14: ffff888018b93d00 R15: 0000000000000000 [ 119.646311] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.647032] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.647645] CR2: 00007f82e2f3f000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 119.648267] PKRU: 55555554 [ 119.648521] Call Trace: [ 119.648751] [ 119.648991] iommufd_access_destroy_object+0x65/0x170 [ 119.649509] iommufd_object_destroy_user+0x18e/0x220 [ 119.649966] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.650489] iommufd_access_destroy+0x43/0x70 [ 119.651037] iommufd_test_staccess_release+0x8d/0xd0 [ 119.651541] __fput+0x26d/0xa40 [ 119.651862] ____fput+0x1e/0x30 [ 119.652172] task_work_run+0x1a4/0x2d0 [ 119.652534] ? __pfx_task_work_run+0x10/0x10 [ 119.653052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.653488] ? switch_task_namespaces+0xa9/0xe0 [ 119.653915] do_exit+0xb17/0x2ef0 [ 119.654229] ? lock_acquire+0x427/0x4c0 [ 119.654671] ? __pfx_lock_release+0x10/0x10 [ 119.655119] ? __kasan_check_write+0x18/0x20 [ 119.655521] ? do_raw_spin_lock+0x132/0x2a0 [ 119.655910] ? __pfx_do_exit+0x10/0x10 [ 119.656282] ? debug_smp_processor_id+0x20/0x30 [ 119.656839] ? rcu_is_watching+0x19/0xb0 [ 119.657215] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.657633] ? trace_hardirqs_on+0x26/0x120 [ 119.658026] do_group_exit+0xe0/0x2b0 [ 119.658435] __x64_sys_exit_group+0x47/0x50 [ 119.658864] do_syscall_64+0x3b/0x90 [ 119.659227] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.659699] RIP: 0033:0x7f4b87518a4d [ 119.660033] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.660704] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.661379] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.662040] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.662770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.663412] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.664160] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.664802] [ 119.665011] irq event stamp: 0 [ 119.665293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.665949] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.666713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.667496] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.668133] ---[ end trace 0000000000000000 ]--- [ 119.670578] ------------[ cut here ]------------ [ 119.671029] WARNING: CPU: 1 PID: 1088 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.672097] Modules linked in: [ 119.672383] CPU: 1 PID: 1088 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.673157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.674276] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.674773] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.676532] RSP: 0018:ffff888010f2fb78 EFLAGS: 00010246 [ 119.677032] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.677773] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 119.678407] RBP: ffff888010f2fb98 R08: ffffed10017b8a3e R09: ffffed10017b8a3e [ 119.679102] R10: ffff88800bdc51ef R11: ffffed10017b8a3d R12: ffff88800bdc5290 [ 119.679816] R13: ffff88800bdc50a8 R14: ffffffffffffffff R15: ffff888010f2fc60 [ 119.680447] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.681230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.681813] CR2: 00007f82e2f42000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 119.682460] PKRU: 55555554 [ 119.682744] Call Trace: [ 119.683034] [ 119.683333] iommufd_ioas_destroy+0x53/0x70 [ 119.683737] iommufd_fops_release+0x1f7/0x370 [ 119.684154] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.684614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.685154] ? write_comp_data+0x2f/0x90 [ 119.685591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.686062] __fput+0x26d/0xa40 [ 119.686391] ____fput+0x1e/0x30 [ 119.686735] task_work_run+0x1a4/0x2d0 [ 119.687192] ? __pfx_task_work_run+0x10/0x10 [ 119.687649] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.688111] ? switch_task_namespaces+0xa9/0xe0 [ 119.688568] do_exit+0xb17/0x2ef0 [ 119.688896] ? lock_acquire+0x427/0x4c0 [ 119.689421] ? __pfx_lock_release+0x10/0x10 [ 119.689830] ? __kasan_check_write+0x18/0x20 [ 119.690244] ? do_raw_spin_lock+0x132/0x2a0 [ 119.690666] ? __pfx_do_exit+0x10/0x10 [ 119.691124] ? debug_smp_processor_id+0x20/0x30 [ 119.691614] ? rcu_is_watching+0x19/0xb0 [ 119.692006] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.692435] ? trace_hardirqs_on+0x26/0x120 [ 119.692853] do_group_exit+0xe0/0x2b0 [ 119.693293] __x64_sys_exit_group+0x47/0x50 [ 119.693759] do_syscall_64+0x3b/0x90 [ 119.694128] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.694650] RIP: 0033:0x7f4b87518a4d [ 119.695008] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.695746] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.696461] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.697147] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.697925] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.698605] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.699288] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.700096] [ 119.700313] irq event stamp: 0 [ 119.700611] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.701198] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.702096] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.702895] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.703567] ---[ end trace 0000000000000000 ]--- [ 119.709864] ------------[ cut here ]------------ [ 119.710412] WARNING: CPU: 1 PID: 1089 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.711431] Modules linked in: [ 119.711732] CPU: 1 PID: 1089 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.712680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.713718] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.714320] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.716033] RSP: 0018:ffff888020e57bb8 EFLAGS: 00010246 [ 119.716670] RAX: 0000000000000000 RBX: ffff88800b9f80a8 RCX: 0000000000000000 [ 119.717330] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 119.718024] RBP: ffff888020e57bd0 R08: ffffed100173f033 R09: ffffed100173f033 [ 119.718815] R10: ffff88800b9f8193 R11: ffffed100173f032 R12: ffff888013b22400 [ 119.719509] R13: ffff88800b9f81e8 R14: ffffffff8352e670 R15: ffff888020e57e68 [ 119.720281] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.721149] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.721712] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 119.722478] PKRU: 55555554 [ 119.722836] Call Trace: [ 119.723082] [ 119.723315] __iommufd_access_detach+0x1c2/0x2b0 [ 119.723797] iommufd_access_change_pt+0x149/0x270 [ 119.724278] iommufd_access_replace+0xb4/0x120 [ 119.724897] iommufd_test+0x3e5/0x37e0 [ 119.725279] ? lock_release+0x532/0x770 [ 119.725684] ? __might_fault+0x102/0x1b0 [ 119.726091] ? lock_acquire+0x427/0x4c0 [ 119.726488] ? __pfx_iommufd_test+0x10/0x10 [ 119.727086] ? __pfx_lock_release+0x10/0x10 [ 119.727539] ? __pfx_lock_acquire+0x10/0x10 [ 119.727968] ? write_comp_data+0x2f/0x90 [ 119.728379] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.728930] ? write_comp_data+0x2f/0x90 [ 119.729337] iommufd_fops_ioctl+0x37d/0x510 [ 119.729766] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.730244] ? write_comp_data+0x2f/0x90 [ 119.730679] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.731167] __x64_sys_ioctl+0x1a3/0x230 [ 119.731577] do_syscall_64+0x3b/0x90 [ 119.731950] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.732453] RIP: 0033:0x7f4b8743ee5d [ 119.732811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.734635] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.735390] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.736078] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.736767] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.737452] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.738137] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.738855] [ 119.739084] irq event stamp: 0 [ 119.739402] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.740010] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.740817] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.741618] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.742224] ---[ end trace 0000000000000000 ]--- [ 119.745362] ------------[ cut here ]------------ [ 119.745855] WARNING: CPU: 1 PID: 1089 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.746899] Modules linked in: [ 119.747226] CPU: 1 PID: 1089 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.748066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.749140] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.749617] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.751417] RSP: 0018:ffff888020e57bd0 EFLAGS: 00010246 [ 119.751937] RAX: 0000000000000000 RBX: ffff88800b9f80a8 RCX: 0000000000000000 [ 119.752620] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 119.753302] RBP: ffff888020e57be8 R08: ffffed100173f033 R09: ffffed100173f033 [ 119.753990] R10: ffff88800b9f8193 R11: ffffed100173f032 R12: ffff888016c9e400 [ 119.754709] R13: ffff88800b9f81e8 R14: ffff888014b9b800 R15: 0000000000000000 [ 119.755431] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.756205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.756762] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 119.757450] PKRU: 55555554 [ 119.757722] Call Trace: [ 119.757971] [ 119.758191] iommufd_access_destroy_object+0x65/0x170 [ 119.758725] iommufd_object_destroy_user+0x18e/0x220 [ 119.759233] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.759801] iommufd_access_destroy+0x43/0x70 [ 119.760244] iommufd_test_staccess_release+0x8d/0xd0 [ 119.760757] __fput+0x26d/0xa40 [ 119.761094] ____fput+0x1e/0x30 [ 119.761422] task_work_run+0x1a4/0x2d0 [ 119.761806] ? __pfx_task_work_run+0x10/0x10 [ 119.762238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.762742] ? switch_task_namespaces+0xa9/0xe0 [ 119.763221] do_exit+0xb17/0x2ef0 [ 119.763563] ? lock_acquire+0x427/0x4c0 [ 119.763955] ? __pfx_lock_release+0x10/0x10 [ 119.764378] ? __kasan_check_write+0x18/0x20 [ 119.764806] ? do_raw_spin_lock+0x132/0x2a0 [ 119.765225] ? __pfx_do_exit+0x10/0x10 [ 119.765611] ? debug_smp_processor_id+0x20/0x30 [ 119.766062] ? rcu_is_watching+0x19/0xb0 [ 119.766456] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.766932] ? trace_hardirqs_on+0x26/0x120 [ 119.767370] do_group_exit+0xe0/0x2b0 [ 119.767744] __x64_sys_exit_group+0x47/0x50 [ 119.768159] do_syscall_64+0x3b/0x90 [ 119.768518] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.769012] RIP: 0033:0x7f4b87518a4d [ 119.769360] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.769932] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.770664] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.771340] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.772005] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.772669] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.773333] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.774000] [ 119.774219] irq event stamp: 0 [ 119.774542] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.775135] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.775939] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.776711] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.777295] ---[ end trace 0000000000000000 ]--- [ 119.778081] ------------[ cut here ]------------ [ 119.778556] WARNING: CPU: 1 PID: 1089 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.779514] Modules linked in: [ 119.779817] CPU: 1 PID: 1089 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.780628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.781674] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.782155] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.783898] RSP: 0018:ffff888020e57b78 EFLAGS: 00010246 [ 119.784407] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.785063] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 119.785726] RBP: ffff888020e57b98 R08: ffffed100173f03e R09: ffffed100173f03e [ 119.786385] R10: ffff88800b9f81ef R11: ffffed100173f03d R12: ffff88800b9f8290 [ 119.787069] R13: ffff88800b9f80a8 R14: ffffffffffffffff R15: ffff888020e57c60 [ 119.787747] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.788504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.789047] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 119.789705] PKRU: 55555554 [ 119.789970] Call Trace: [ 119.790208] [ 119.790423] iommufd_ioas_destroy+0x53/0x70 [ 119.790866] iommufd_fops_release+0x1f7/0x370 [ 119.791310] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.791782] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.792221] ? write_comp_data+0x2f/0x90 [ 119.792591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.793036] __fput+0x26d/0xa40 [ 119.793345] ____fput+0x1e/0x30 [ 119.793647] task_work_run+0x1a4/0x2d0 [ 119.794001] ? __pfx_task_work_run+0x10/0x10 [ 119.794395] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.794854] ? switch_task_namespaces+0xa9/0xe0 [ 119.795292] do_exit+0xb17/0x2ef0 [ 119.795608] ? lock_acquire+0x427/0x4c0 [ 119.795972] ? __pfx_lock_release+0x10/0x10 [ 119.796360] ? __kasan_check_write+0x18/0x20 [ 119.796761] ? do_raw_spin_lock+0x132/0x2a0 [ 119.797149] ? __pfx_do_exit+0x10/0x10 [ 119.797504] ? debug_smp_processor_id+0x20/0x30 [ 119.797922] ? rcu_is_watching+0x19/0xb0 [ 119.798287] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.798723] ? trace_hardirqs_on+0x26/0x120 [ 119.799130] do_group_exit+0xe0/0x2b0 [ 119.799475] __x64_sys_exit_group+0x47/0x50 [ 119.799855] do_syscall_64+0x3b/0x90 [ 119.800198] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.800663] RIP: 0033:0x7f4b87518a4d [ 119.800995] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.801546] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.802214] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.802869] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.803516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.804150] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.804780] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.805424] [ 119.805631] irq event stamp: 0 [ 119.805913] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.806470] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.807237] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.807975] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.808534] ---[ end trace 0000000000000000 ]--- [ 119.813206] ------------[ cut here ]------------ [ 119.813658] WARNING: CPU: 1 PID: 1090 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.814579] Modules linked in: [ 119.814912] CPU: 1 PID: 1090 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.815879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.816872] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.817317] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.818984] RSP: 0018:ffff888015a9fbb8 EFLAGS: 00010246 [ 119.819470] RAX: 0000000000000000 RBX: ffff8880165300a8 RCX: 0000000000000000 [ 119.820099] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 119.820730] RBP: ffff888015a9fbd0 R08: ffffed1002ca6033 R09: ffffed1002ca6033 [ 119.821357] R10: ffff888016530193 R11: ffffed1002ca6032 R12: ffff888013b16c00 [ 119.821979] R13: ffff8880165301e8 R14: ffffffff8352e670 R15: ffff888015a9fe68 [ 119.822640] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.823366] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.823879] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ee0 [ 119.824513] PKRU: 55555554 [ 119.824762] Call Trace: [ 119.824987] [ 119.825188] __iommufd_access_detach+0x1c2/0x2b0 [ 119.825619] iommufd_access_change_pt+0x149/0x270 [ 119.826053] iommufd_access_replace+0xb4/0x120 [ 119.826469] iommufd_test+0x3e5/0x37e0 [ 119.826857] ? lock_release+0x532/0x770 [ 119.827244] ? __might_fault+0x102/0x1b0 [ 119.827618] ? lock_acquire+0x427/0x4c0 [ 119.827982] ? __pfx_iommufd_test+0x10/0x10 [ 119.828367] ? __pfx_lock_release+0x10/0x10 [ 119.828759] ? __pfx_lock_acquire+0x10/0x10 [ 119.829156] ? write_comp_data+0x2f/0x90 [ 119.829527] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.829961] ? write_comp_data+0x2f/0x90 [ 119.830329] iommufd_fops_ioctl+0x37d/0x510 [ 119.830746] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.831198] ? write_comp_data+0x2f/0x90 [ 119.831574] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.832012] __x64_sys_ioctl+0x1a3/0x230 [ 119.832390] do_syscall_64+0x3b/0x90 [ 119.832732] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.833200] RIP: 0033:0x7f4b8743ee5d [ 119.833536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.835187] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.835867] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.836500] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.837121] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.837738] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.838350] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.838994] [ 119.839227] irq event stamp: 0 [ 119.839506] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.840050] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.840778] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.841497] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.842042] ---[ end trace 0000000000000000 ]--- [ 119.844845] ------------[ cut here ]------------ [ 119.845308] WARNING: CPU: 1 PID: 1090 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.846174] Modules linked in: [ 119.846446] CPU: 1 PID: 1090 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.847244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.848201] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.848624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.850173] RSP: 0018:ffff888015a9fbd0 EFLAGS: 00010246 [ 119.850637] RAX: 0000000000000000 RBX: ffff8880165300a8 RCX: 0000000000000000 [ 119.851246] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 119.851847] RBP: ffff888015a9fbe8 R08: ffffed1002ca6033 R09: ffffed1002ca6033 [ 119.852451] R10: ffff888016530193 R11: ffffed1002ca6032 R12: ffff888013b20800 [ 119.853053] R13: ffff8880165301e8 R14: ffff888012ce6900 R15: 0000000000000000 [ 119.853653] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.854328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.854844] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 119.855462] PKRU: 55555554 [ 119.855701] Call Trace: [ 119.855923] [ 119.856120] iommufd_access_destroy_object+0x65/0x170 [ 119.856565] iommufd_object_destroy_user+0x18e/0x220 [ 119.857006] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.857506] iommufd_access_destroy+0x43/0x70 [ 119.857906] iommufd_test_staccess_release+0x8d/0xd0 [ 119.858353] __fput+0x26d/0xa40 [ 119.858672] ____fput+0x1e/0x30 [ 119.858965] task_work_run+0x1a4/0x2d0 [ 119.859312] ? __pfx_task_work_run+0x10/0x10 [ 119.859693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.860109] ? switch_task_namespaces+0xa9/0xe0 [ 119.860514] do_exit+0xb17/0x2ef0 [ 119.860809] ? lock_acquire+0x427/0x4c0 [ 119.861154] ? __pfx_lock_release+0x10/0x10 [ 119.861524] ? __kasan_check_write+0x18/0x20 [ 119.861901] ? do_raw_spin_lock+0x132/0x2a0 [ 119.862270] ? __pfx_do_exit+0x10/0x10 [ 119.862631] ? debug_smp_processor_id+0x20/0x30 [ 119.863035] ? rcu_is_watching+0x19/0xb0 [ 119.863394] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.863787] ? trace_hardirqs_on+0x26/0x120 [ 119.864162] do_group_exit+0xe0/0x2b0 [ 119.864489] __x64_sys_exit_group+0x47/0x50 [ 119.864853] do_syscall_64+0x3b/0x90 [ 119.865181] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.865626] RIP: 0033:0x7f4b87518a4d [ 119.865943] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.866469] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.867134] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.867750] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.868353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.868952] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.869555] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.870163] [ 119.870363] irq event stamp: 0 [ 119.870651] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.871195] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.871899] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.872604] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.873137] ---[ end trace 0000000000000000 ]--- [ 119.873863] ------------[ cut here ]------------ [ 119.874266] WARNING: CPU: 1 PID: 1090 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.875153] Modules linked in: [ 119.875427] CPU: 1 PID: 1090 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.876169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.877130] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.877567] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.879131] RSP: 0018:ffff888015a9fb78 EFLAGS: 00010246 [ 119.879599] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.880216] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 119.880831] RBP: ffff888015a9fb98 R08: ffffed1002ca603e R09: ffffed1002ca603e [ 119.881434] R10: ffff8880165301ef R11: ffffed1002ca603d R12: ffff888016530290 [ 119.882035] R13: ffff8880165300a8 R14: ffffffffffffffff R15: ffff888015a9fc60 [ 119.882668] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.883369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.883861] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 119.884462] PKRU: 55555554 [ 119.884701] Call Trace: [ 119.884919] [ 119.885114] iommufd_ioas_destroy+0x53/0x70 [ 119.885492] iommufd_fops_release+0x1f7/0x370 [ 119.885893] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.886332] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.886785] ? write_comp_data+0x2f/0x90 [ 119.887158] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.887591] __fput+0x26d/0xa40 [ 119.887887] ____fput+0x1e/0x30 [ 119.888177] task_work_run+0x1a4/0x2d0 [ 119.888514] ? __pfx_task_work_run+0x10/0x10 [ 119.888894] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.889312] ? switch_task_namespaces+0xa9/0xe0 [ 119.889721] do_exit+0xb17/0x2ef0 [ 119.890022] ? lock_acquire+0x427/0x4c0 [ 119.890372] ? __pfx_lock_release+0x10/0x10 [ 119.890769] ? __kasan_check_write+0x18/0x20 [ 119.891157] ? do_raw_spin_lock+0x132/0x2a0 [ 119.891526] ? __pfx_do_exit+0x10/0x10 [ 119.891866] ? debug_smp_processor_id+0x20/0x30 [ 119.892269] ? rcu_is_watching+0x19/0xb0 [ 119.892615] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.893003] ? trace_hardirqs_on+0x26/0x120 [ 119.893377] do_group_exit+0xe0/0x2b0 [ 119.893706] __x64_sys_exit_group+0x47/0x50 [ 119.894079] do_syscall_64+0x3b/0x90 [ 119.894412] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.894887] RIP: 0033:0x7f4b87518a4d [ 119.895220] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.895745] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.896385] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.896986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.897586] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.898191] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.898823] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.899473] [ 119.899674] irq event stamp: 0 [ 119.899939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.900465] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.901165] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.901858] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.902385] ---[ end trace 0000000000000000 ]--- [ 119.906779] ------------[ cut here ]------------ [ 119.907220] WARNING: CPU: 1 PID: 1091 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.908077] Modules linked in: [ 119.908343] CPU: 1 PID: 1091 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.909069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.910022] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.910446] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.912003] RSP: 0018:ffff888017abfbb8 EFLAGS: 00010246 [ 119.912446] RAX: 0000000000000000 RBX: ffff8880189268a8 RCX: 0000000000000000 [ 119.913035] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 119.913622] RBP: ffff888017abfbd0 R08: ffffed1003124d33 R09: ffffed1003124d33 [ 119.914211] R10: ffff888018926993 R11: ffffed1003124d32 R12: ffff888014392400 [ 119.914819] R13: ffff8880189269e8 R14: ffffffff8352e670 R15: ffff888017abfe68 [ 119.915418] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.916091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.916587] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ee0 [ 119.917194] PKRU: 55555554 [ 119.917436] Call Trace: [ 119.917649] [ 119.917841] __iommufd_access_detach+0x1c2/0x2b0 [ 119.918253] iommufd_access_change_pt+0x149/0x270 [ 119.918684] iommufd_access_replace+0xb4/0x120 [ 119.919076] iommufd_test+0x3e5/0x37e0 [ 119.919408] ? lock_release+0x532/0x770 [ 119.919753] ? __might_fault+0x102/0x1b0 [ 119.920097] ? lock_acquire+0x427/0x4c0 [ 119.920444] ? __pfx_iommufd_test+0x10/0x10 [ 119.920806] ? __pfx_lock_release+0x10/0x10 [ 119.921174] ? __pfx_lock_acquire+0x10/0x10 [ 119.921545] ? write_comp_data+0x2f/0x90 [ 119.921893] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.922300] ? write_comp_data+0x2f/0x90 [ 119.922669] iommufd_fops_ioctl+0x37d/0x510 [ 119.923038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.923456] ? write_comp_data+0x2f/0x90 [ 119.923804] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 119.924209] __x64_sys_ioctl+0x1a3/0x230 [ 119.924563] do_syscall_64+0x3b/0x90 [ 119.924892] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.925341] RIP: 0033:0x7f4b8743ee5d [ 119.925654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 119.927198] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 119.927832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 119.928427] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 119.929018] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 119.929608] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 119.930197] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 119.930812] [ 119.931008] irq event stamp: 0 [ 119.931282] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.931805] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.932498] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.933188] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.933712] ---[ end trace 0000000000000000 ]--- [ 119.936409] ------------[ cut here ]------------ [ 119.936822] WARNING: CPU: 1 PID: 1091 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.937667] Modules linked in: [ 119.937934] CPU: 1 PID: 1091 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.938877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.939824] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 119.940243] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 119.941764] RSP: 0018:ffff888017abfbd0 EFLAGS: 00010246 [ 119.942206] RAX: 0000000000000000 RBX: ffff8880189268a8 RCX: 0000000000000000 [ 119.942812] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 119.943411] RBP: ffff888017abfbe8 R08: ffffed1003124d33 R09: ffffed1003124d33 [ 119.943997] R10: ffff888018926993 R11: ffffed1003124d32 R12: ffff888013b16800 [ 119.944583] R13: ffff8880189269e8 R14: ffff888010c75e00 R15: 0000000000000000 [ 119.945168] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.945831] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.946313] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 119.946918] PKRU: 55555554 [ 119.947162] Call Trace: [ 119.947376] [ 119.947565] iommufd_access_destroy_object+0x65/0x170 [ 119.947996] iommufd_object_destroy_user+0x18e/0x220 [ 119.948425] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 119.948912] iommufd_access_destroy+0x43/0x70 [ 119.949292] iommufd_test_staccess_release+0x8d/0xd0 [ 119.949722] __fput+0x26d/0xa40 [ 119.950010] ____fput+0x1e/0x30 [ 119.950293] task_work_run+0x1a4/0x2d0 [ 119.950640] ? __pfx_task_work_run+0x10/0x10 [ 119.951010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.951426] ? switch_task_namespaces+0xa9/0xe0 [ 119.951822] do_exit+0xb17/0x2ef0 [ 119.952109] ? lock_acquire+0x427/0x4c0 [ 119.952447] ? __pfx_lock_release+0x10/0x10 [ 119.952811] ? __kasan_check_write+0x18/0x20 [ 119.953180] ? do_raw_spin_lock+0x132/0x2a0 [ 119.953540] ? __pfx_do_exit+0x10/0x10 [ 119.953871] ? debug_smp_processor_id+0x20/0x30 [ 119.954259] ? rcu_is_watching+0x19/0xb0 [ 119.954614] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.954995] ? trace_hardirqs_on+0x26/0x120 [ 119.955363] do_group_exit+0xe0/0x2b0 [ 119.955679] __x64_sys_exit_group+0x47/0x50 [ 119.956035] do_syscall_64+0x3b/0x90 [ 119.956354] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.956789] RIP: 0033:0x7f4b87518a4d [ 119.957101] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.957603] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.958215] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.958822] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.959424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.960009] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.960595] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.961187] [ 119.961383] irq event stamp: 0 [ 119.961640] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.962147] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.962841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.963524] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.964036] ---[ end trace 0000000000000000 ]--- [ 119.964741] ------------[ cut here ]------------ [ 119.965131] WARNING: CPU: 1 PID: 1091 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 119.965978] Modules linked in: [ 119.966243] CPU: 1 PID: 1091 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.966983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 119.967921] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 119.968347] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 119.969849] RSP: 0018:ffff888017abfb78 EFLAGS: 00010246 [ 119.970287] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.970888] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 119.971489] RBP: ffff888017abfb98 R08: ffffed1003124d3e R09: ffffed1003124d3e [ 119.972072] R10: ffff8880189269ef R11: ffffed1003124d3d R12: ffff888018926a90 [ 119.972660] R13: ffff8880189268a8 R14: ffffffffffffffff R15: ffff888017abfc60 [ 119.973245] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 119.973905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.974381] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 119.974983] PKRU: 55555554 [ 119.975224] Call Trace: [ 119.975438] [ 119.975626] iommufd_ioas_destroy+0x53/0x70 [ 119.975989] iommufd_fops_release+0x1f7/0x370 [ 119.976368] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.976781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.977193] ? write_comp_data+0x2f/0x90 [ 119.977535] ? __pfx_iommufd_fops_release+0x10/0x10 [ 119.977950] __fput+0x26d/0xa40 [ 119.978241] ____fput+0x1e/0x30 [ 119.978539] task_work_run+0x1a4/0x2d0 [ 119.978873] ? __pfx_task_work_run+0x10/0x10 [ 119.979247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 119.979663] ? switch_task_namespaces+0xa9/0xe0 [ 119.980067] do_exit+0xb17/0x2ef0 [ 119.980357] ? lock_acquire+0x427/0x4c0 [ 119.980709] ? __pfx_lock_release+0x10/0x10 [ 119.981072] ? __kasan_check_write+0x18/0x20 [ 119.981443] ? do_raw_spin_lock+0x132/0x2a0 [ 119.981803] ? __pfx_do_exit+0x10/0x10 [ 119.982135] ? debug_smp_processor_id+0x20/0x30 [ 119.982545] ? rcu_is_watching+0x19/0xb0 [ 119.982885] ? _raw_spin_unlock_irq+0x2b/0x60 [ 119.983274] ? trace_hardirqs_on+0x26/0x120 [ 119.983640] do_group_exit+0xe0/0x2b0 [ 119.983955] __x64_sys_exit_group+0x47/0x50 [ 119.984305] do_syscall_64+0x3b/0x90 [ 119.984621] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 119.985051] RIP: 0033:0x7f4b87518a4d [ 119.985370] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 119.985878] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 119.986530] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 119.987132] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 119.987719] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 119.988305] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 119.988889] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 119.989483] [ 119.989674] irq event stamp: 0 [ 119.989936] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 119.990460] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 119.991178] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 119.991877] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 119.992402] ---[ end trace 0000000000000000 ]--- [ 119.996808] ------------[ cut here ]------------ [ 119.997225] WARNING: CPU: 1 PID: 1092 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 119.998068] Modules linked in: [ 119.998335] CPU: 1 PID: 1092 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 119.999105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.000053] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.000469] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.001973] RSP: 0018:ffff888016727bb8 EFLAGS: 00010246 [ 120.002413] RAX: 0000000000000000 RBX: ffff88801652e0a8 RCX: 0000000000000000 [ 120.003020] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 120.003617] RBP: ffff888016727bd0 R08: ffffed1002ca5c33 R09: ffffed1002ca5c33 [ 120.004203] R10: ffff88801652e193 R11: ffffed1002ca5c32 R12: ffff888015e56000 [ 120.004793] R13: ffff88801652e1e8 R14: ffffffff8352e670 R15: ffff888016727e68 [ 120.005381] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.006044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.006549] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ee0 [ 120.007149] PKRU: 55555554 [ 120.007384] Call Trace: [ 120.007596] [ 120.007787] __iommufd_access_detach+0x1c2/0x2b0 [ 120.008194] iommufd_access_change_pt+0x149/0x270 [ 120.008603] iommufd_access_replace+0xb4/0x120 [ 120.008995] iommufd_test+0x3e5/0x37e0 [ 120.009317] ? lock_release+0x532/0x770 [ 120.009657] ? __might_fault+0x102/0x1b0 [ 120.010003] ? lock_acquire+0x427/0x4c0 [ 120.010342] ? __pfx_iommufd_test+0x10/0x10 [ 120.010721] ? __pfx_lock_release+0x10/0x10 [ 120.011095] ? __pfx_lock_acquire+0x10/0x10 [ 120.011471] ? write_comp_data+0x2f/0x90 [ 120.011820] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.012225] ? write_comp_data+0x2f/0x90 [ 120.012572] iommufd_fops_ioctl+0x37d/0x510 [ 120.012935] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.013348] ? write_comp_data+0x2f/0x90 [ 120.013694] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.014100] __x64_sys_ioctl+0x1a3/0x230 [ 120.014446] do_syscall_64+0x3b/0x90 [ 120.014789] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.015245] RIP: 0033:0x7f4b8743ee5d [ 120.015549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.016888] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.017437] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.017946] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.018464] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.019003] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.019530] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.020058] [ 120.020227] irq event stamp: 0 [ 120.020456] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.020907] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.021510] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.022107] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.022584] ---[ end trace 0000000000000000 ]--- [ 120.025210] ------------[ cut here ]------------ [ 120.025579] WARNING: CPU: 1 PID: 1092 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.026307] Modules linked in: [ 120.026564] CPU: 1 PID: 1092 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.027200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.028004] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.028362] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.029665] RSP: 0018:ffff888016727bd0 EFLAGS: 00010246 [ 120.030052] RAX: 0000000000000000 RBX: ffff88801652e0a8 RCX: 0000000000000000 [ 120.030585] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 120.031097] RBP: ffff888016727be8 R08: ffffed1002ca5c33 R09: ffffed1002ca5c33 [ 120.031614] R10: ffff88801652e193 R11: ffffed1002ca5c32 R12: ffff888014390c00 [ 120.032126] R13: ffff88801652e1e8 R14: ffff8880149b6800 R15: 0000000000000000 [ 120.032640] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.033219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.033640] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 120.034154] PKRU: 55555554 [ 120.034364] Call Trace: [ 120.034581] [ 120.034745] iommufd_access_destroy_object+0x65/0x170 [ 120.035144] iommufd_object_destroy_user+0x18e/0x220 [ 120.035521] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.035945] iommufd_access_destroy+0x43/0x70 [ 120.036285] iommufd_test_staccess_release+0x8d/0xd0 [ 120.036662] __fput+0x26d/0xa40 [ 120.036916] ____fput+0x1e/0x30 [ 120.037164] task_work_run+0x1a4/0x2d0 [ 120.037457] ? __pfx_task_work_run+0x10/0x10 [ 120.037781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.038141] ? switch_task_namespaces+0xa9/0xe0 [ 120.038493] do_exit+0xb17/0x2ef0 [ 120.038773] ? lock_acquire+0x427/0x4c0 [ 120.039073] ? __pfx_lock_release+0x10/0x10 [ 120.039401] ? __kasan_check_write+0x18/0x20 [ 120.039724] ? do_raw_spin_lock+0x132/0x2a0 [ 120.040038] ? __pfx_do_exit+0x10/0x10 [ 120.040329] ? debug_smp_processor_id+0x20/0x30 [ 120.040669] ? rcu_is_watching+0x19/0xb0 [ 120.040965] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.041298] ? trace_hardirqs_on+0x26/0x120 [ 120.041616] do_group_exit+0xe0/0x2b0 [ 120.041894] __x64_sys_exit_group+0x47/0x50 [ 120.042207] do_syscall_64+0x3b/0x90 [ 120.042485] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.042889] RIP: 0033:0x7f4b87518a4d [ 120.043173] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.043616] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.044159] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.044672] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.045181] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.045692] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.046201] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.046735] [ 120.046906] irq event stamp: 0 [ 120.047141] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.047595] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.048196] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.048791] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.049240] ---[ end trace 0000000000000000 ]--- [ 120.049902] ------------[ cut here ]------------ [ 120.050241] WARNING: CPU: 1 PID: 1092 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.051000] Modules linked in: [ 120.051243] CPU: 1 PID: 1092 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.051869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.052672] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.053042] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.054343] RSP: 0018:ffff888016727b78 EFLAGS: 00010246 [ 120.054920] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.055443] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 120.055952] RBP: ffff888016727b98 R08: ffffed1002ca5c3e R09: ffffed1002ca5c3e [ 120.056463] R10: ffff88801652e1ef R11: ffffed1002ca5c3d R12: ffff88801652e290 [ 120.056972] R13: ffff88801652e0a8 R14: ffffffffffffffff R15: ffff888016727c60 [ 120.057482] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.058058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.058477] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 120.059007] PKRU: 55555554 [ 120.059220] Call Trace: [ 120.059411] [ 120.059575] iommufd_ioas_destroy+0x53/0x70 [ 120.059892] iommufd_fops_release+0x1f7/0x370 [ 120.060223] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.060586] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.060946] ? write_comp_data+0x2f/0x90 [ 120.061247] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.061607] __fput+0x26d/0xa40 [ 120.061859] ____fput+0x1e/0x30 [ 120.062108] task_work_run+0x1a4/0x2d0 [ 120.062395] ? __pfx_task_work_run+0x10/0x10 [ 120.062732] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.063090] ? switch_task_namespaces+0xa9/0xe0 [ 120.063445] do_exit+0xb17/0x2ef0 [ 120.063697] ? lock_acquire+0x427/0x4c0 [ 120.063993] ? __pfx_lock_release+0x10/0x10 [ 120.064316] ? __kasan_check_write+0x18/0x20 [ 120.064637] ? do_raw_spin_lock+0x132/0x2a0 [ 120.064948] ? __pfx_do_exit+0x10/0x10 [ 120.065235] ? debug_smp_processor_id+0x20/0x30 [ 120.065575] ? rcu_is_watching+0x19/0xb0 [ 120.065871] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.066206] ? trace_hardirqs_on+0x26/0x120 [ 120.066539] do_group_exit+0xe0/0x2b0 [ 120.066817] __x64_sys_exit_group+0x47/0x50 [ 120.067139] do_syscall_64+0x3b/0x90 [ 120.067420] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.067801] RIP: 0033:0x7f4b87518a4d [ 120.068068] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.068508] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.069053] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.069568] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.070079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.070613] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.071150] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.071672] [ 120.071843] irq event stamp: 0 [ 120.072074] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.072531] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.073150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.073797] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.074280] ---[ end trace 0000000000000000 ]--- [ 120.078485] ------------[ cut here ]------------ [ 120.079054] WARNING: CPU: 1 PID: 1093 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.079798] Modules linked in: [ 120.080029] CPU: 1 PID: 1093 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.080658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.081484] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.081845] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.083189] RSP: 0018:ffff88800af3fbb8 EFLAGS: 00010246 [ 120.083577] RAX: 0000000000000000 RBX: ffff88800bc4b8a8 RCX: 0000000000000000 [ 120.084090] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 120.084606] RBP: ffff88800af3fbd0 R08: ffffed1001789733 R09: ffffed1001789733 [ 120.085128] R10: ffff88800bc4b993 R11: ffffed1001789732 R12: ffff888017011000 [ 120.085651] R13: ffff88800bc4b9e8 R14: ffffffff8352e670 R15: ffff88800af3fe68 [ 120.086184] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.086794] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.087234] CR2: 0000000020000140 CR3: 0000000012f20000 CR4: 0000000000750ee0 [ 120.087758] PKRU: 55555554 [ 120.087967] Call Trace: [ 120.088159] [ 120.088331] __iommufd_access_detach+0x1c2/0x2b0 [ 120.088701] iommufd_access_change_pt+0x149/0x270 [ 120.089078] iommufd_access_replace+0xb4/0x120 [ 120.089431] iommufd_test+0x3e5/0x37e0 [ 120.089722] ? lock_release+0x532/0x770 [ 120.090033] ? __might_fault+0x102/0x1b0 [ 120.090343] ? lock_acquire+0x427/0x4c0 [ 120.090667] ? __pfx_iommufd_test+0x10/0x10 [ 120.090994] ? __pfx_lock_release+0x10/0x10 [ 120.091351] ? __pfx_lock_acquire+0x10/0x10 [ 120.091684] ? write_comp_data+0x2f/0x90 [ 120.091999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.092367] ? write_comp_data+0x2f/0x90 [ 120.092677] iommufd_fops_ioctl+0x37d/0x510 [ 120.093005] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.093370] ? write_comp_data+0x2f/0x90 [ 120.093680] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.094039] __x64_sys_ioctl+0x1a3/0x230 [ 120.094351] do_syscall_64+0x3b/0x90 [ 120.094659] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.095053] RIP: 0033:0x7f4b8743ee5d [ 120.095342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.096694] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.097278] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.097816] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.098361] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.098927] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.099493] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.100038] [ 120.100216] irq event stamp: 0 [ 120.100458] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.100943] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.101580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.102214] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.102712] ---[ end trace 0000000000000000 ]--- [ 120.105396] ------------[ cut here ]------------ [ 120.105800] WARNING: CPU: 1 PID: 1093 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.106598] Modules linked in: [ 120.106865] CPU: 1 PID: 1093 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.107559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.108426] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.108818] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.110198] RSP: 0018:ffff88800af3fbd0 EFLAGS: 00010246 [ 120.110632] RAX: 0000000000000000 RBX: ffff88800bc4b8a8 RCX: 0000000000000000 [ 120.111195] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 120.111742] RBP: ffff88800af3fbe8 R08: ffffed1001789733 R09: ffffed1001789733 [ 120.112292] R10: ffff88800bc4b993 R11: ffffed1001789732 R12: ffff888015e57800 [ 120.112838] R13: ffff88800bc4b9e8 R14: ffff8880135c1600 R15: 0000000000000000 [ 120.113385] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.114000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.114454] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 120.115020] PKRU: 55555554 [ 120.115259] Call Trace: [ 120.115469] [ 120.115654] iommufd_access_destroy_object+0x65/0x170 [ 120.116071] iommufd_object_destroy_user+0x18e/0x220 [ 120.116483] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.116959] iommufd_access_destroy+0x43/0x70 [ 120.117334] iommufd_test_staccess_release+0x8d/0xd0 [ 120.117852] __fput+0x26d/0xa40 [ 120.118212] ____fput+0x1e/0x30 [ 120.118541] task_work_run+0x1a4/0x2d0 [ 120.118868] ? __pfx_task_work_run+0x10/0x10 [ 120.119256] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.119656] ? switch_task_namespaces+0xa9/0xe0 [ 120.120040] do_exit+0xb17/0x2ef0 [ 120.120320] ? lock_acquire+0x427/0x4c0 [ 120.120652] ? __pfx_lock_release+0x10/0x10 [ 120.121006] ? __kasan_check_write+0x18/0x20 [ 120.121366] ? do_raw_spin_lock+0x132/0x2a0 [ 120.121711] ? __pfx_do_exit+0x10/0x10 [ 120.122039] ? debug_smp_processor_id+0x20/0x30 [ 120.122417] ? rcu_is_watching+0x19/0xb0 [ 120.122765] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.123148] ? trace_hardirqs_on+0x26/0x120 [ 120.123504] do_group_exit+0xe0/0x2b0 [ 120.123813] __x64_sys_exit_group+0x47/0x50 [ 120.124160] do_syscall_64+0x3b/0x90 [ 120.124473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.124896] RIP: 0033:0x7f4b87518a4d [ 120.125199] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.125696] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.126307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.126911] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.127506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.128098] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.128670] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.129255] [ 120.129451] irq event stamp: 0 [ 120.129705] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.130217] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.130929] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.131641] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.132150] ---[ end trace 0000000000000000 ]--- [ 120.132859] ------------[ cut here ]------------ [ 120.133236] WARNING: CPU: 1 PID: 1093 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.134079] Modules linked in: [ 120.134353] CPU: 1 PID: 1093 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.135120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.136066] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.136507] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.138029] RSP: 0018:ffff88800af3fb78 EFLAGS: 00010246 [ 120.138481] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.139094] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 120.139707] RBP: ffff88800af3fb98 R08: ffffed100178973e R09: ffffed100178973e [ 120.140315] R10: ffff88800bc4b9ef R11: ffffed100178973d R12: ffff88800bc4ba90 [ 120.140919] R13: ffff88800bc4b8a8 R14: ffffffffffffffff R15: ffff88800af3fc60 [ 120.141536] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.142226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.142776] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 120.143421] PKRU: 55555554 [ 120.143668] Call Trace: [ 120.143888] [ 120.144085] iommufd_ioas_destroy+0x53/0x70 [ 120.144472] iommufd_fops_release+0x1f7/0x370 [ 120.144867] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.145302] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.145732] ? write_comp_data+0x2f/0x90 [ 120.146095] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.146562] __fput+0x26d/0xa40 [ 120.146865] ____fput+0x1e/0x30 [ 120.147177] task_work_run+0x1a4/0x2d0 [ 120.147530] ? __pfx_task_work_run+0x10/0x10 [ 120.147915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.148342] ? switch_task_namespaces+0xa9/0xe0 [ 120.148751] do_exit+0xb17/0x2ef0 [ 120.149051] ? lock_acquire+0x427/0x4c0 [ 120.149404] ? __pfx_lock_release+0x10/0x10 [ 120.149784] ? __kasan_check_write+0x18/0x20 [ 120.150166] ? do_raw_spin_lock+0x132/0x2a0 [ 120.150567] ? __pfx_do_exit+0x10/0x10 [ 120.150913] ? debug_smp_processor_id+0x20/0x30 [ 120.151337] ? rcu_is_watching+0x19/0xb0 [ 120.151694] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.152096] ? trace_hardirqs_on+0x26/0x120 [ 120.152476] do_group_exit+0xe0/0x2b0 [ 120.152807] __x64_sys_exit_group+0x47/0x50 [ 120.153177] do_syscall_64+0x3b/0x90 [ 120.153511] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.153965] RIP: 0033:0x7f4b87518a4d [ 120.154291] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.154858] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.155525] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.156133] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.156749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.157367] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.157984] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.158641] [ 120.158855] irq event stamp: 0 [ 120.159155] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.159701] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.160425] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.161139] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.161673] ---[ end trace 0000000000000000 ]--- [ 120.167588] ------------[ cut here ]------------ [ 120.168179] WARNING: CPU: 0 PID: 1094 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.169302] Modules linked in: [ 120.169673] CPU: 0 PID: 1094 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.170702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.172036] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.172634] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.174823] RSP: 0018:ffff8880138dfbb8 EFLAGS: 00010246 [ 120.175482] RAX: 0000000000000000 RBX: ffff8880167368a8 RCX: 0000000000000000 [ 120.176328] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 120.177170] RBP: ffff8880138dfbd0 R08: ffffed1002ce6d33 R09: ffffed1002ce6d33 [ 120.178013] R10: ffff888016736993 R11: ffffed1002ce6d32 R12: ffff88801411d000 [ 120.178913] R13: ffff8880167369e8 R14: ffffffff8352e670 R15: ffff8880138dfe68 [ 120.179671] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.180424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.180955] CR2: 0000000020000140 CR3: 0000000012f20000 CR4: 0000000000750ef0 [ 120.181614] PKRU: 55555554 [ 120.181875] Call Trace: [ 120.182118] [ 120.182332] __iommufd_access_detach+0x1c2/0x2b0 [ 120.182820] iommufd_access_change_pt+0x149/0x270 [ 120.183297] iommufd_access_replace+0xb4/0x120 [ 120.183731] iommufd_test+0x3e5/0x37e0 [ 120.184090] ? lock_release+0x532/0x770 [ 120.184464] ? __might_fault+0x102/0x1b0 [ 120.184854] ? lock_acquire+0x427/0x4c0 [ 120.185235] ? __pfx_iommufd_test+0x10/0x10 [ 120.185629] ? __pfx_lock_release+0x10/0x10 [ 120.186036] ? __pfx_lock_acquire+0x10/0x10 [ 120.186444] ? write_comp_data+0x2f/0x90 [ 120.186852] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.187329] ? write_comp_data+0x2f/0x90 [ 120.187720] iommufd_fops_ioctl+0x37d/0x510 [ 120.188126] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.188585] ? write_comp_data+0x2f/0x90 [ 120.188968] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.189421] __x64_sys_ioctl+0x1a3/0x230 [ 120.189819] do_syscall_64+0x3b/0x90 [ 120.190189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.190709] RIP: 0033:0x7f4b8743ee5d [ 120.191065] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.192757] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.193454] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.194109] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.194800] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.195489] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.196237] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.196903] [ 120.197123] irq event stamp: 0 [ 120.197413] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.197993] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.198797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.199590] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.200179] ---[ end trace 0000000000000000 ]--- [ 120.203277] ------------[ cut here ]------------ [ 120.203774] WARNING: CPU: 0 PID: 1094 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.204730] Modules linked in: [ 120.205034] CPU: 0 PID: 1094 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.205851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.206944] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.207439] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.209139] RSP: 0018:ffff8880138dfbd0 EFLAGS: 00010246 [ 120.209657] RAX: 0000000000000000 RBX: ffff8880167368a8 RCX: 0000000000000000 [ 120.210341] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 120.211046] RBP: ffff8880138dfbe8 R08: ffffed1002ce6d33 R09: ffffed1002ce6d33 [ 120.211751] R10: ffff888016736993 R11: ffffed1002ce6d32 R12: ffff88801892d800 [ 120.212416] R13: ffff8880167369e8 R14: ffff8880122f5400 R15: 0000000000000000 [ 120.213094] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.213843] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.214386] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.215084] PKRU: 55555554 [ 120.215371] Call Trace: [ 120.215616] [ 120.215832] iommufd_access_destroy_object+0x65/0x170 [ 120.216327] iommufd_object_destroy_user+0x18e/0x220 [ 120.216817] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.217366] iommufd_access_destroy+0x43/0x70 [ 120.217796] iommufd_test_staccess_release+0x8d/0xd0 [ 120.218281] __fput+0x26d/0xa40 [ 120.218627] ____fput+0x1e/0x30 [ 120.218955] task_work_run+0x1a4/0x2d0 [ 120.219347] ? __pfx_task_work_run+0x10/0x10 [ 120.219767] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.220233] ? switch_task_namespaces+0xa9/0xe0 [ 120.220692] do_exit+0xb17/0x2ef0 [ 120.221026] ? lock_acquire+0x427/0x4c0 [ 120.221417] ? __pfx_lock_release+0x10/0x10 [ 120.221835] ? __kasan_check_write+0x18/0x20 [ 120.222255] ? do_raw_spin_lock+0x132/0x2a0 [ 120.222685] ? __pfx_do_exit+0x10/0x10 [ 120.223071] ? debug_smp_processor_id+0x20/0x30 [ 120.223536] ? rcu_is_watching+0x19/0xb0 [ 120.223926] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.224361] ? trace_hardirqs_on+0x26/0x120 [ 120.224777] do_group_exit+0xe0/0x2b0 [ 120.225139] __x64_sys_exit_group+0x47/0x50 [ 120.225554] do_syscall_64+0x3b/0x90 [ 120.225915] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.226424] RIP: 0033:0x7f4b87518a4d [ 120.226804] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.227410] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.228124] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.228799] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.229510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.230184] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.230881] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.231589] [ 120.231810] irq event stamp: 0 [ 120.232114] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.232708] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.233496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.234288] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.234908] ---[ end trace 0000000000000000 ]--- [ 120.235745] ------------[ cut here ]------------ [ 120.236190] WARNING: CPU: 0 PID: 1094 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.237161] Modules linked in: [ 120.237466] CPU: 0 PID: 1094 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.238284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.239386] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.239880] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.241597] RSP: 0018:ffff8880138dfb78 EFLAGS: 00010246 [ 120.242101] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.242794] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 120.243507] RBP: ffff8880138dfb98 R08: ffffed1002ce6d3e R09: ffffed1002ce6d3e [ 120.244180] R10: ffff8880167369ef R11: ffffed1002ce6d3d R12: ffff888016736a90 [ 120.244847] R13: ffff8880167368a8 R14: ffffffffffffffff R15: ffff8880138dfc60 [ 120.245514] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.246263] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.246823] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.247503] PKRU: 55555554 [ 120.247768] Call Trace: [ 120.248011] [ 120.248223] iommufd_ioas_destroy+0x53/0x70 [ 120.248636] iommufd_fops_release+0x1f7/0x370 [ 120.249063] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.249536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.250015] ? write_comp_data+0x2f/0x90 [ 120.250405] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.250907] __fput+0x26d/0xa40 [ 120.251255] ____fput+0x1e/0x30 [ 120.251584] task_work_run+0x1a4/0x2d0 [ 120.251958] ? __pfx_task_work_run+0x10/0x10 [ 120.252396] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.252874] ? switch_task_namespaces+0xa9/0xe0 [ 120.253324] do_exit+0xb17/0x2ef0 [ 120.253657] ? lock_acquire+0x427/0x4c0 [ 120.254048] ? __pfx_lock_release+0x10/0x10 [ 120.254469] ? __kasan_check_write+0x18/0x20 [ 120.254915] ? do_raw_spin_lock+0x132/0x2a0 [ 120.255337] ? __pfx_do_exit+0x10/0x10 [ 120.255721] ? debug_smp_processor_id+0x20/0x30 [ 120.256165] ? rcu_is_watching+0x19/0xb0 [ 120.256547] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.256978] ? trace_hardirqs_on+0x26/0x120 [ 120.257392] do_group_exit+0xe0/0x2b0 [ 120.257750] __x64_sys_exit_group+0x47/0x50 [ 120.258155] do_syscall_64+0x3b/0x90 [ 120.258534] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.259033] RIP: 0033:0x7f4b87518a4d [ 120.259396] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.259989] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.260705] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.261363] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.262025] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.262731] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.263414] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.264090] [ 120.264318] irq event stamp: 0 [ 120.264623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.265222] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.266006] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.266823] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.267435] ---[ end trace 0000000000000000 ]--- [ 120.272598] ------------[ cut here ]------------ [ 120.273102] WARNING: CPU: 0 PID: 1095 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.274042] Modules linked in: [ 120.274342] CPU: 0 PID: 1095 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.275453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.276502] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.276970] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.278702] RSP: 0018:ffff888023ec7bb8 EFLAGS: 00010246 [ 120.279227] RAX: 0000000000000000 RBX: ffff888015b718a8 RCX: 0000000000000000 [ 120.279896] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 120.280565] RBP: ffff888023ec7bd0 R08: ffffed1002b6e333 R09: ffffed1002b6e333 [ 120.281230] R10: ffff888015b71993 R11: ffffed1002b6e332 R12: ffff888010556c00 [ 120.281893] R13: ffff888015b719e8 R14: ffffffff8352e670 R15: ffff888023ec7e68 [ 120.282575] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.283343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.283886] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ef0 [ 120.284555] PKRU: 55555554 [ 120.284823] Call Trace: [ 120.285065] [ 120.285280] __iommufd_access_detach+0x1c2/0x2b0 [ 120.285741] iommufd_access_change_pt+0x149/0x270 [ 120.286202] iommufd_access_replace+0xb4/0x120 [ 120.286660] iommufd_test+0x3e5/0x37e0 [ 120.287028] ? lock_release+0x532/0x770 [ 120.287430] ? __might_fault+0x102/0x1b0 [ 120.287817] ? lock_acquire+0x427/0x4c0 [ 120.288205] ? __pfx_iommufd_test+0x10/0x10 [ 120.288612] ? __pfx_lock_release+0x10/0x10 [ 120.289024] ? __pfx_lock_acquire+0x10/0x10 [ 120.289442] ? write_comp_data+0x2f/0x90 [ 120.289838] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.290340] ? write_comp_data+0x2f/0x90 [ 120.290770] iommufd_fops_ioctl+0x37d/0x510 [ 120.291208] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.291682] ? write_comp_data+0x2f/0x90 [ 120.292078] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.292529] __x64_sys_ioctl+0x1a3/0x230 [ 120.292924] do_syscall_64+0x3b/0x90 [ 120.293281] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.293772] RIP: 0033:0x7f4b8743ee5d [ 120.294121] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.295842] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.296549] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.297210] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.297870] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.298544] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.299214] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.299885] [ 120.300106] irq event stamp: 0 [ 120.300403] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.300987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.301765] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.302579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.303188] ---[ end trace 0000000000000000 ]--- [ 120.306469] ------------[ cut here ]------------ [ 120.306989] WARNING: CPU: 0 PID: 1095 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.307954] Modules linked in: [ 120.308262] CPU: 0 PID: 1095 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.309082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.310135] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.310636] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.312351] RSP: 0018:ffff888023ec7bd0 EFLAGS: 00010246 [ 120.312856] RAX: 0000000000000000 RBX: ffff888015b718a8 RCX: 0000000000000000 [ 120.313525] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 120.314189] RBP: ffff888023ec7be8 R08: ffffed1002b6e333 R09: ffffed1002b6e333 [ 120.314902] R10: ffff888015b71993 R11: ffffed1002b6e332 R12: ffff88801411c400 [ 120.315796] R13: ffff888015b719e8 R14: ffff88800ef8a200 R15: 0000000000000000 [ 120.316483] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.317241] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.317788] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.318465] PKRU: 55555554 [ 120.318789] Call Trace: [ 120.319040] [ 120.319280] iommufd_access_destroy_object+0x65/0x170 [ 120.319783] iommufd_object_destroy_user+0x18e/0x220 [ 120.320273] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.320868] iommufd_access_destroy+0x43/0x70 [ 120.321311] iommufd_test_staccess_release+0x8d/0xd0 [ 120.321807] __fput+0x26d/0xa40 [ 120.322150] ____fput+0x1e/0x30 [ 120.322478] task_work_run+0x1a4/0x2d0 [ 120.322892] ? __pfx_task_work_run+0x10/0x10 [ 120.323336] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.323810] ? switch_task_namespaces+0xa9/0xe0 [ 120.324278] do_exit+0xb17/0x2ef0 [ 120.324611] ? lock_acquire+0x427/0x4c0 [ 120.325005] ? __pfx_lock_release+0x10/0x10 [ 120.325436] ? __kasan_check_write+0x18/0x20 [ 120.325868] ? do_raw_spin_lock+0x132/0x2a0 [ 120.326291] ? __pfx_do_exit+0x10/0x10 [ 120.326713] ? debug_smp_processor_id+0x20/0x30 [ 120.327180] ? rcu_is_watching+0x19/0xb0 [ 120.327579] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.328023] ? trace_hardirqs_on+0x26/0x120 [ 120.328455] do_group_exit+0xe0/0x2b0 [ 120.328828] __x64_sys_exit_group+0x47/0x50 [ 120.329242] do_syscall_64+0x3b/0x90 [ 120.329606] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.330111] RIP: 0033:0x7f4b87518a4d [ 120.330475] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.331098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.331833] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.332513] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.333186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.333869] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.334590] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.335310] [ 120.335535] irq event stamp: 0 [ 120.335835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.336437] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.337239] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.338041] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.338685] ---[ end trace 0000000000000000 ]--- [ 120.339547] ------------[ cut here ]------------ [ 120.340005] WARNING: CPU: 0 PID: 1095 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.340978] Modules linked in: [ 120.341289] CPU: 0 PID: 1095 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.342120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.343243] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.343748] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.345463] RSP: 0018:ffff888023ec7b78 EFLAGS: 00010246 [ 120.345961] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.346656] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 120.347349] RBP: ffff888023ec7b98 R08: ffffed1002b6e33e R09: ffffed1002b6e33e [ 120.348023] R10: ffff888015b719ef R11: ffffed1002b6e33d R12: ffff888015b71a90 [ 120.348709] R13: ffff888015b718a8 R14: ffffffffffffffff R15: ffff888023ec7c60 [ 120.349392] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.350150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.350724] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.351426] PKRU: 55555554 [ 120.351717] Call Trace: [ 120.351965] [ 120.352184] iommufd_ioas_destroy+0x53/0x70 [ 120.352603] iommufd_fops_release+0x1f7/0x370 [ 120.353040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.353518] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.353988] ? write_comp_data+0x2f/0x90 [ 120.354385] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.354910] __fput+0x26d/0xa40 [ 120.355253] ____fput+0x1e/0x30 [ 120.355577] task_work_run+0x1a4/0x2d0 [ 120.355970] ? __pfx_task_work_run+0x10/0x10 [ 120.356392] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.356859] ? switch_task_namespaces+0xa9/0xe0 [ 120.357321] do_exit+0xb17/0x2ef0 [ 120.357652] ? lock_acquire+0x427/0x4c0 [ 120.358047] ? __pfx_lock_release+0x10/0x10 [ 120.358469] ? __kasan_check_write+0x18/0x20 [ 120.358922] ? do_raw_spin_lock+0x132/0x2a0 [ 120.359352] ? __pfx_do_exit+0x10/0x10 [ 120.359739] ? debug_smp_processor_id+0x20/0x30 [ 120.360191] ? rcu_is_watching+0x19/0xb0 [ 120.360579] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.361015] ? trace_hardirqs_on+0x26/0x120 [ 120.361435] do_group_exit+0xe0/0x2b0 [ 120.361799] __x64_sys_exit_group+0x47/0x50 [ 120.362215] do_syscall_64+0x3b/0x90 [ 120.362616] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.363145] RIP: 0033:0x7f4b87518a4d [ 120.363506] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.364091] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.364821] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.365495] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.366173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.366884] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.367591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.368275] [ 120.368497] irq event stamp: 0 [ 120.368799] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.369404] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.370208] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.371039] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.371653] ---[ end trace 0000000000000000 ]--- [ 120.376743] ------------[ cut here ]------------ [ 120.377256] WARNING: CPU: 0 PID: 1096 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.378196] Modules linked in: [ 120.378498] CPU: 0 PID: 1096 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.379554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.380615] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.381088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.382809] RSP: 0018:ffff888017987bb8 EFLAGS: 00010246 [ 120.383352] RAX: 0000000000000000 RBX: ffff888015c008a8 RCX: 0000000000000000 [ 120.384164] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 120.384828] RBP: ffff888017987bd0 R08: ffffed1002b80133 R09: ffffed1002b80133 [ 120.385497] R10: ffff888015c00993 R11: ffffed1002b80132 R12: ffff888013e54800 [ 120.386160] R13: ffff888015c009e8 R14: ffffffff8352e670 R15: ffff888017987e68 [ 120.386848] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.387625] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.388182] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ef0 [ 120.388868] PKRU: 55555554 [ 120.389140] Call Trace: [ 120.389381] [ 120.389594] __iommufd_access_detach+0x1c2/0x2b0 [ 120.390060] iommufd_access_change_pt+0x149/0x270 [ 120.390550] iommufd_access_replace+0xb4/0x120 [ 120.390994] iommufd_test+0x3e5/0x37e0 [ 120.391381] ? lock_release+0x532/0x770 [ 120.391775] ? __might_fault+0x102/0x1b0 [ 120.392165] ? lock_acquire+0x427/0x4c0 [ 120.392551] ? __pfx_iommufd_test+0x10/0x10 [ 120.392962] ? __pfx_lock_release+0x10/0x10 [ 120.393373] ? __pfx_lock_acquire+0x10/0x10 [ 120.393789] ? write_comp_data+0x2f/0x90 [ 120.394183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.394692] ? write_comp_data+0x2f/0x90 [ 120.395094] iommufd_fops_ioctl+0x37d/0x510 [ 120.395527] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.396001] ? write_comp_data+0x2f/0x90 [ 120.396398] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.396858] __x64_sys_ioctl+0x1a3/0x230 [ 120.397259] do_syscall_64+0x3b/0x90 [ 120.397631] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.398138] RIP: 0033:0x7f4b8743ee5d [ 120.398492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.400258] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.400983] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.401652] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.402317] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.403010] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.403693] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.404383] [ 120.404602] irq event stamp: 0 [ 120.404897] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.405483] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.406264] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.407068] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.407680] ---[ end trace 0000000000000000 ]--- [ 120.410833] ------------[ cut here ]------------ [ 120.411324] WARNING: CPU: 0 PID: 1096 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.412271] Modules linked in: [ 120.412575] CPU: 0 PID: 1096 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.413385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.414427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.414922] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.416676] RSP: 0018:ffff888017987bd0 EFLAGS: 00010246 [ 120.417174] RAX: 0000000000000000 RBX: ffff888015c008a8 RCX: 0000000000000000 [ 120.417836] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 120.418527] RBP: ffff888017987be8 R08: ffffed1002b80133 R09: ffffed1002b80133 [ 120.419216] R10: ffff888015c00993 R11: ffffed1002b80132 R12: ffff888010556000 [ 120.419892] R13: ffff888015c009e8 R14: ffff8880149b9700 R15: 0000000000000000 [ 120.420559] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.421315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.421850] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.422533] PKRU: 55555554 [ 120.422808] Call Trace: [ 120.423052] [ 120.423282] iommufd_access_destroy_object+0x65/0x170 [ 120.423783] iommufd_object_destroy_user+0x18e/0x220 [ 120.424272] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.424826] iommufd_access_destroy+0x43/0x70 [ 120.425258] iommufd_test_staccess_release+0x8d/0xd0 [ 120.425744] __fput+0x26d/0xa40 [ 120.426073] ____fput+0x1e/0x30 [ 120.426400] task_work_run+0x1a4/0x2d0 [ 120.426796] ? __pfx_task_work_run+0x10/0x10 [ 120.427221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.427684] ? switch_task_namespaces+0xa9/0xe0 [ 120.428124] do_exit+0xb17/0x2ef0 [ 120.428444] ? lock_acquire+0x427/0x4c0 [ 120.428819] ? __pfx_lock_release+0x10/0x10 [ 120.429223] ? __kasan_check_write+0x18/0x20 [ 120.429630] ? do_raw_spin_lock+0x132/0x2a0 [ 120.430026] ? __pfx_do_exit+0x10/0x10 [ 120.430388] ? debug_smp_processor_id+0x20/0x30 [ 120.430845] ? rcu_is_watching+0x19/0xb0 [ 120.431248] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.431676] ? trace_hardirqs_on+0x26/0x120 [ 120.432079] do_group_exit+0xe0/0x2b0 [ 120.432428] __x64_sys_exit_group+0x47/0x50 [ 120.432831] do_syscall_64+0x3b/0x90 [ 120.433186] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.433674] RIP: 0033:0x7f4b87518a4d [ 120.434018] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.434603] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.435312] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.435963] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.436615] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.437271] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.437925] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.438606] [ 120.438824] irq event stamp: 0 [ 120.439127] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.439708] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.440476] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.441202] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.441752] ---[ end trace 0000000000000000 ]--- [ 120.442532] ------------[ cut here ]------------ [ 120.442945] WARNING: CPU: 0 PID: 1096 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.443863] Modules linked in: [ 120.444144] CPU: 0 PID: 1096 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.444902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.445873] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.446321] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.447943] RSP: 0018:ffff888017987b78 EFLAGS: 00010246 [ 120.448415] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.449028] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 120.449663] RBP: ffff888017987b98 R08: ffffed1002b8013e R09: ffffed1002b8013e [ 120.450277] R10: ffff888015c009ef R11: ffffed1002b8013d R12: ffff888015c00a90 [ 120.450917] R13: ffff888015c008a8 R14: ffffffffffffffff R15: ffff888017987c60 [ 120.451549] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.452244] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.452744] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.453362] PKRU: 55555554 [ 120.453610] Call Trace: [ 120.453832] [ 120.454029] iommufd_ioas_destroy+0x53/0x70 [ 120.454410] iommufd_fops_release+0x1f7/0x370 [ 120.454830] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.455278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.455712] ? write_comp_data+0x2f/0x90 [ 120.456078] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.456514] __fput+0x26d/0xa40 [ 120.456817] ____fput+0x1e/0x30 [ 120.457116] task_work_run+0x1a4/0x2d0 [ 120.457463] ? __pfx_task_work_run+0x10/0x10 [ 120.457856] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.458285] ? switch_task_namespaces+0xa9/0xe0 [ 120.458728] do_exit+0xb17/0x2ef0 [ 120.459039] ? lock_acquire+0x427/0x4c0 [ 120.459417] ? __pfx_lock_release+0x10/0x10 [ 120.459803] ? __kasan_check_write+0x18/0x20 [ 120.460196] ? do_raw_spin_lock+0x132/0x2a0 [ 120.460581] ? __pfx_do_exit+0x10/0x10 [ 120.460934] ? debug_smp_processor_id+0x20/0x30 [ 120.461347] ? rcu_is_watching+0x19/0xb0 [ 120.461705] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.462105] ? trace_hardirqs_on+0x26/0x120 [ 120.462487] do_group_exit+0xe0/0x2b0 [ 120.462851] __x64_sys_exit_group+0x47/0x50 [ 120.463251] do_syscall_64+0x3b/0x90 [ 120.463585] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.464046] RIP: 0033:0x7f4b87518a4d [ 120.464377] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.464910] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.465572] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.466189] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.466829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.467458] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.468075] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.468699] [ 120.468904] irq event stamp: 0 [ 120.469180] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.469727] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.470450] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.471212] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.471762] ---[ end trace 0000000000000000 ]--- [ 120.476315] ------------[ cut here ]------------ [ 120.476756] WARNING: CPU: 0 PID: 1097 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.477594] Modules linked in: [ 120.477860] CPU: 0 PID: 1097 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.478637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.479577] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.479988] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.481489] RSP: 0018:ffff88801783fbb8 EFLAGS: 00010246 [ 120.481934] RAX: 0000000000000000 RBX: ffff8880143728a8 RCX: 0000000000000000 [ 120.482567] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 120.483164] RBP: ffff88801783fbd0 R08: ffffed100286e533 R09: ffffed100286e533 [ 120.483752] R10: ffff888014372993 R11: ffffed100286e532 R12: ffff88800fd3f400 [ 120.484340] R13: ffff8880143729e8 R14: ffffffff8352e670 R15: ffff88801783fe68 [ 120.484922] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.485581] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.486057] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ef0 [ 120.486664] PKRU: 55555554 [ 120.486901] Call Trace: [ 120.487122] [ 120.487312] __iommufd_access_detach+0x1c2/0x2b0 [ 120.487727] iommufd_access_change_pt+0x149/0x270 [ 120.488137] iommufd_access_replace+0xb4/0x120 [ 120.488529] iommufd_test+0x3e5/0x37e0 [ 120.488861] ? lock_release+0x532/0x770 [ 120.489202] ? __might_fault+0x102/0x1b0 [ 120.489547] ? lock_acquire+0x427/0x4c0 [ 120.489888] ? __pfx_iommufd_test+0x10/0x10 [ 120.490245] ? __pfx_lock_release+0x10/0x10 [ 120.490629] ? __pfx_lock_acquire+0x10/0x10 [ 120.491000] ? write_comp_data+0x2f/0x90 [ 120.491358] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.491768] ? write_comp_data+0x2f/0x90 [ 120.492116] iommufd_fops_ioctl+0x37d/0x510 [ 120.492480] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.492887] ? write_comp_data+0x2f/0x90 [ 120.493232] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.493637] __x64_sys_ioctl+0x1a3/0x230 [ 120.494001] do_syscall_64+0x3b/0x90 [ 120.494321] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.494775] RIP: 0033:0x7f4b8743ee5d [ 120.495091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.496612] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.497239] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.497823] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.498405] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.499006] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.499600] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.500191] [ 120.500386] irq event stamp: 0 [ 120.500647] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.501162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.501851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.502552] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.503078] ---[ end trace 0000000000000000 ]--- [ 120.505921] ------------[ cut here ]------------ [ 120.506351] WARNING: CPU: 0 PID: 1097 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.507235] Modules linked in: [ 120.507507] CPU: 0 PID: 1097 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.508227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.509152] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.509568] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.511298] RSP: 0018:ffff88801783fbd0 EFLAGS: 00010246 [ 120.511749] RAX: 0000000000000000 RBX: ffff8880143728a8 RCX: 0000000000000000 [ 120.512337] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 120.512932] RBP: ffff88801783fbe8 R08: ffffed100286e533 R09: ffffed100286e533 [ 120.513519] R10: ffff888014372993 R11: ffffed100286e532 R12: ffff888013e56c00 [ 120.514132] R13: ffff8880143729e8 R14: ffff88800fceb600 R15: 0000000000000000 [ 120.514743] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.515420] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.515900] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.516491] PKRU: 55555554 [ 120.516725] Call Trace: [ 120.516938] [ 120.517125] iommufd_access_destroy_object+0x65/0x170 [ 120.517562] iommufd_object_destroy_user+0x18e/0x220 [ 120.517992] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.518480] iommufd_access_destroy+0x43/0x70 [ 120.518881] iommufd_test_staccess_release+0x8d/0xd0 [ 120.519320] __fput+0x26d/0xa40 [ 120.519609] ____fput+0x1e/0x30 [ 120.519890] task_work_run+0x1a4/0x2d0 [ 120.520224] ? __pfx_task_work_run+0x10/0x10 [ 120.520595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.521007] ? switch_task_namespaces+0xa9/0xe0 [ 120.521409] do_exit+0xb17/0x2ef0 [ 120.521702] ? lock_acquire+0x427/0x4c0 [ 120.522045] ? __pfx_lock_release+0x10/0x10 [ 120.522411] ? __kasan_check_write+0x18/0x20 [ 120.522801] ? do_raw_spin_lock+0x132/0x2a0 [ 120.523172] ? __pfx_do_exit+0x10/0x10 [ 120.523511] ? debug_smp_processor_id+0x20/0x30 [ 120.523904] ? rcu_is_watching+0x19/0xb0 [ 120.524246] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.524626] ? trace_hardirqs_on+0x26/0x120 [ 120.524993] do_group_exit+0xe0/0x2b0 [ 120.525309] __x64_sys_exit_group+0x47/0x50 [ 120.525667] do_syscall_64+0x3b/0x90 [ 120.525990] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.526430] RIP: 0033:0x7f4b87518a4d [ 120.526757] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.527287] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.527915] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.528503] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.529090] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.529679] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.530268] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.530881] [ 120.531078] irq event stamp: 0 [ 120.531352] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.531873] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.532569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.533262] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.533782] ---[ end trace 0000000000000000 ]--- [ 120.534535] ------------[ cut here ]------------ [ 120.534930] WARNING: CPU: 0 PID: 1097 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.535786] Modules linked in: [ 120.536053] CPU: 0 PID: 1097 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.536776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.537704] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.538133] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.539662] RSP: 0018:ffff88801783fb78 EFLAGS: 00010246 [ 120.540107] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.540695] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 120.541288] RBP: ffff88801783fb98 R08: ffffed100286e53e R09: ffffed100286e53e [ 120.541871] R10: ffff8880143729ef R11: ffffed100286e53d R12: ffff888014372a90 [ 120.542460] R13: ffff8880143728a8 R14: ffffffffffffffff R15: ffff88801783fc60 [ 120.543064] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.543722] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.544185] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.544754] PKRU: 55555554 [ 120.544980] Call Trace: [ 120.545186] [ 120.545386] iommufd_ioas_destroy+0x53/0x70 [ 120.545744] iommufd_fops_release+0x1f7/0x370 [ 120.546111] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.546528] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.546932] ? write_comp_data+0x2f/0x90 [ 120.547276] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.547688] __fput+0x26d/0xa40 [ 120.547974] ____fput+0x1e/0x30 [ 120.548250] task_work_run+0x1a4/0x2d0 [ 120.548573] ? __pfx_task_work_run+0x10/0x10 [ 120.548934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.549332] ? switch_task_namespaces+0xa9/0xe0 [ 120.549721] do_exit+0xb17/0x2ef0 [ 120.550008] ? lock_acquire+0x427/0x4c0 [ 120.550343] ? __pfx_lock_release+0x10/0x10 [ 120.550721] ? __kasan_check_write+0x18/0x20 [ 120.551084] ? do_raw_spin_lock+0x132/0x2a0 [ 120.551447] ? __pfx_do_exit+0x10/0x10 [ 120.551773] ? debug_smp_processor_id+0x20/0x30 [ 120.552152] ? rcu_is_watching+0x19/0xb0 [ 120.552484] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.552854] ? trace_hardirqs_on+0x26/0x120 [ 120.553209] do_group_exit+0xe0/0x2b0 [ 120.553520] __x64_sys_exit_group+0x47/0x50 [ 120.553869] do_syscall_64+0x3b/0x90 [ 120.554181] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.554625] RIP: 0033:0x7f4b87518a4d [ 120.554927] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.555434] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.556041] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.556619] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.557190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.557760] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.558331] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.558926] [ 120.559139] irq event stamp: 0 [ 120.559395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.559902] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.560576] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.561248] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.561752] ---[ end trace 0000000000000000 ]--- [ 120.565933] ------------[ cut here ]------------ [ 120.566356] WARNING: CPU: 1 PID: 1098 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.567234] Modules linked in: [ 120.567486] CPU: 1 PID: 1098 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.568163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.569032] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.569419] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.570840] RSP: 0018:ffff888017987bb8 EFLAGS: 00010246 [ 120.571271] RAX: 0000000000000000 RBX: ffff888020b040a8 RCX: 0000000000000000 [ 120.571822] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 120.572381] RBP: ffff888017987bd0 R08: ffffed1004160833 R09: ffffed1004160833 [ 120.572933] R10: ffff888020b04193 R11: ffffed1004160832 R12: ffff888013cbcc00 [ 120.573482] R13: ffff888020b041e8 R14: ffffffff8352e670 R15: ffff888017987e68 [ 120.574034] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.574689] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.575151] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ee0 [ 120.575704] PKRU: 55555554 [ 120.575923] Call Trace: [ 120.576123] [ 120.576301] __iommufd_access_detach+0x1c2/0x2b0 [ 120.576686] iommufd_access_change_pt+0x149/0x270 [ 120.577075] iommufd_access_replace+0xb4/0x120 [ 120.577443] iommufd_test+0x3e5/0x37e0 [ 120.577747] ? lock_release+0x532/0x770 [ 120.578067] ? __might_fault+0x102/0x1b0 [ 120.578390] ? lock_acquire+0x427/0x4c0 [ 120.578727] ? __pfx_iommufd_test+0x10/0x10 [ 120.579065] ? __pfx_lock_release+0x10/0x10 [ 120.579425] ? __pfx_lock_acquire+0x10/0x10 [ 120.579770] ? write_comp_data+0x2f/0x90 [ 120.580101] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.580488] ? write_comp_data+0x2f/0x90 [ 120.580816] iommufd_fops_ioctl+0x37d/0x510 [ 120.581159] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.581545] ? write_comp_data+0x2f/0x90 [ 120.581874] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.582256] __x64_sys_ioctl+0x1a3/0x230 [ 120.582603] do_syscall_64+0x3b/0x90 [ 120.582909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.583336] RIP: 0033:0x7f4b8743ee5d [ 120.583631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.585044] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.585642] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.586193] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.586765] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.587336] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.587892] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.588453] [ 120.588638] irq event stamp: 0 [ 120.588887] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.589383] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.590037] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.590705] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.591217] ---[ end trace 0000000000000000 ]--- [ 120.593948] ------------[ cut here ]------------ [ 120.594346] WARNING: CPU: 1 PID: 1098 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.595170] Modules linked in: [ 120.595426] CPU: 1 PID: 1098 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.596101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.596986] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.597376] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.598811] RSP: 0018:ffff888017987bd0 EFLAGS: 00010246 [ 120.599247] RAX: 0000000000000000 RBX: ffff888020b040a8 RCX: 0000000000000000 [ 120.599801] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 120.600358] RBP: ffff888017987be8 R08: ffffed1004160833 R09: ffffed1004160833 [ 120.600910] R10: ffff888020b04193 R11: ffffed1004160832 R12: ffff888017010400 [ 120.601460] R13: ffff888020b041e8 R14: ffff888020f66200 R15: 0000000000000000 [ 120.602007] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.602649] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.603101] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 120.603665] PKRU: 55555554 [ 120.603888] Call Trace: [ 120.604090] [ 120.604274] iommufd_access_destroy_object+0x65/0x170 [ 120.604684] iommufd_object_destroy_user+0x18e/0x220 [ 120.605091] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.605563] iommufd_access_destroy+0x43/0x70 [ 120.605928] iommufd_test_staccess_release+0x8d/0xd0 [ 120.606335] __fput+0x26d/0xa40 [ 120.606634] ____fput+0x1e/0x30 [ 120.606905] task_work_run+0x1a4/0x2d0 [ 120.607237] ? __pfx_task_work_run+0x10/0x10 [ 120.607588] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.607976] ? switch_task_namespaces+0xa9/0xe0 [ 120.608352] do_exit+0xb17/0x2ef0 [ 120.608622] ? lock_acquire+0x427/0x4c0 [ 120.608945] ? __pfx_lock_release+0x10/0x10 [ 120.609291] ? __kasan_check_write+0x18/0x20 [ 120.609637] ? do_raw_spin_lock+0x132/0x2a0 [ 120.609984] ? __pfx_do_exit+0x10/0x10 [ 120.610302] ? debug_smp_processor_id+0x20/0x30 [ 120.610696] ? rcu_is_watching+0x19/0xb0 [ 120.611021] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.611398] ? trace_hardirqs_on+0x26/0x120 [ 120.611747] do_group_exit+0xe0/0x2b0 [ 120.612061] __x64_sys_exit_group+0x47/0x50 [ 120.612400] do_syscall_64+0x3b/0x90 [ 120.612701] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.613115] RIP: 0033:0x7f4b87518a4d [ 120.613411] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.613889] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.614482] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.615068] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.615640] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.616196] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.616753] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.617311] [ 120.617494] irq event stamp: 0 [ 120.617745] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.618242] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.618925] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.619591] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.620084] ---[ end trace 0000000000000000 ]--- [ 120.620787] ------------[ cut here ]------------ [ 120.621160] WARNING: CPU: 1 PID: 1098 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.621957] Modules linked in: [ 120.622210] CPU: 1 PID: 1098 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.622925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.623809] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.624215] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.625629] RSP: 0018:ffff888017987b78 EFLAGS: 00010246 [ 120.626045] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.626618] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 120.627181] RBP: ffff888017987b98 R08: ffffed100416083e R09: ffffed100416083e [ 120.627736] R10: ffff888020b041ef R11: ffffed100416083d R12: ffff888020b04290 [ 120.628290] R13: ffff888020b040a8 R14: ffffffffffffffff R15: ffff888017987c60 [ 120.628843] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.629463] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.629916] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 120.630472] PKRU: 55555554 [ 120.630720] Call Trace: [ 120.630853] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 120.630926] [ 120.630934] iommufd_ioas_destroy+0x53/0x70 [ 120.632649] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 120.632789] iommufd_fops_release+0x1f7/0x370 [ 120.634569] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.634963] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.635369] ? write_comp_data+0x2f/0x90 [ 120.635700] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.636095] __fput+0x26d/0xa40 [ 120.636370] ____fput+0x1e/0x30 [ 120.636642] task_work_run+0x1a4/0x2d0 [ 120.636954] ? __pfx_task_work_run+0x10/0x10 [ 120.637303] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.637690] ? switch_task_namespaces+0xa9/0xe0 [ 120.638064] do_exit+0xb17/0x2ef0 [ 120.638341] ? lock_acquire+0x427/0x4c0 [ 120.638693] ? __pfx_lock_release+0x10/0x10 [ 120.639045] ? __kasan_check_write+0x18/0x20 [ 120.639408] ? do_raw_spin_lock+0x132/0x2a0 [ 120.639750] ? __pfx_do_exit+0x10/0x10 [ 120.640064] ? debug_smp_processor_id+0x20/0x30 [ 120.640443] ? rcu_is_watching+0x19/0xb0 [ 120.640778] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.641145] ? trace_hardirqs_on+0x26/0x120 [ 120.641488] do_group_exit+0xe0/0x2b0 [ 120.641790] __x64_sys_exit_group+0x47/0x50 [ 120.642126] do_syscall_64+0x3b/0x90 [ 120.642431] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.642862] RIP: 0033:0x7f4b87518a4d [ 120.643162] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.643645] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.644232] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.644789] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.645336] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.645884] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.646437] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.647024] [ 120.647218] irq event stamp: 0 [ 120.647465] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.647954] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.648601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.649249] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.649738] ---[ end trace 0000000000000000 ]--- [ 120.653659] ------------[ cut here ]------------ [ 120.654063] WARNING: CPU: 1 PID: 1100 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.654909] Modules linked in: [ 120.655177] CPU: 1 PID: 1100 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.655853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.656724] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.657121] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.658619] RSP: 0018:ffff888012927bb8 EFLAGS: 00010246 [ 120.659052] RAX: 0000000000000000 RBX: ffff8880149e98a8 RCX: 0000000000000000 [ 120.659643] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 120.660219] RBP: ffff888012927bd0 R08: ffffed100293d333 R09: ffffed100293d333 [ 120.660788] R10: ffff8880149e9993 R11: ffffed100293d332 R12: ffff888013bcb800 [ 120.661359] R13: ffff8880149e99e8 R14: ffffffff8352e670 R15: ffff888012927e68 [ 120.661923] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.662578] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.663041] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ee0 [ 120.663637] PKRU: 55555554 [ 120.663873] Call Trace: [ 120.664086] [ 120.664274] __iommufd_access_detach+0x1c2/0x2b0 [ 120.664680] iommufd_access_change_pt+0x149/0x270 [ 120.665077] iommufd_access_replace+0xb4/0x120 [ 120.665461] iommufd_test+0x3e5/0x37e0 [ 120.665781] ? lock_release+0x532/0x770 [ 120.666122] ? __might_fault+0x102/0x1b0 [ 120.666461] ? lock_acquire+0x427/0x4c0 [ 120.666807] ? __pfx_iommufd_test+0x10/0x10 [ 120.667168] ? __pfx_lock_release+0x10/0x10 [ 120.667526] ? __pfx_lock_acquire+0x10/0x10 [ 120.667891] ? write_comp_data+0x2f/0x90 [ 120.668233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.668634] ? write_comp_data+0x2f/0x90 [ 120.668972] iommufd_fops_ioctl+0x37d/0x510 [ 120.669329] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.669728] ? write_comp_data+0x2f/0x90 [ 120.670068] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.670464] __x64_sys_ioctl+0x1a3/0x230 [ 120.670819] do_syscall_64+0x3b/0x90 [ 120.671148] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.671580] RIP: 0033:0x7f4b8743ee5d [ 120.671881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.673358] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.673967] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.674566] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.675153] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.675723] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.676297] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.676876] [ 120.677068] irq event stamp: 0 [ 120.677325] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.677834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.678541] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.679229] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.679732] ---[ end trace 0000000000000000 ]--- [ 120.683365] ------------[ cut here ]------------ [ 120.683826] WARNING: CPU: 0 PID: 1100 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.684690] Modules linked in: [ 120.684956] CPU: 0 PID: 1100 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.685718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.686853] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.687280] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.688853] RSP: 0018:ffff888012927bd0 EFLAGS: 00010246 [ 120.689297] RAX: 0000000000000000 RBX: ffff8880149e98a8 RCX: 0000000000000000 [ 120.689910] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 120.690499] RBP: ffff888012927be8 R08: ffffed100293d333 R09: ffffed100293d333 [ 120.691147] R10: ffff8880149e9993 R11: ffffed100293d332 R12: ffff888013cbe400 [ 120.691729] R13: ffff8880149e99e8 R14: ffff888012a0b700 R15: 0000000000000000 [ 120.692341] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.693017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.693504] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.694101] PKRU: 55555554 [ 120.694348] Call Trace: [ 120.694581] [ 120.694770] iommufd_access_destroy_object+0x65/0x170 [ 120.695228] iommufd_object_destroy_user+0x18e/0x220 [ 120.695661] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.696141] iommufd_access_destroy+0x43/0x70 [ 120.696554] iommufd_test_staccess_release+0x8d/0xd0 [ 120.696979] __fput+0x26d/0xa40 [ 120.697271] ____fput+0x1e/0x30 [ 120.697574] task_work_run+0x1a4/0x2d0 [ 120.697903] ? __pfx_task_work_run+0x10/0x10 [ 120.698268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.698722] ? switch_task_namespaces+0xa9/0xe0 [ 120.699135] do_exit+0xb17/0x2ef0 [ 120.699424] ? lock_acquire+0x427/0x4c0 [ 120.699798] ? __pfx_lock_release+0x10/0x10 [ 120.700160] ? __kasan_check_write+0x18/0x20 [ 120.700530] ? do_raw_spin_lock+0x132/0x2a0 [ 120.700938] ? __pfx_do_exit+0x10/0x10 [ 120.701267] ? debug_smp_processor_id+0x20/0x30 [ 120.701669] ? rcu_is_watching+0x19/0xb0 [ 120.702031] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.702410] ? trace_hardirqs_on+0x26/0x120 [ 120.702811] do_group_exit+0xe0/0x2b0 [ 120.703169] __x64_sys_exit_group+0x47/0x50 [ 120.703524] do_syscall_64+0x3b/0x90 [ 120.703853] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.704297] RIP: 0033:0x7f4b87518a4d [ 120.704606] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.705145] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.705765] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.706404] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.707002] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.707621] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.708228] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.708824] [ 120.709017] irq event stamp: 0 [ 120.709295] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.709822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.710545] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.711232] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.711761] ---[ end trace 0000000000000000 ]--- [ 120.712528] ------------[ cut here ]------------ [ 120.712917] WARNING: CPU: 0 PID: 1100 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.713756] Modules linked in: [ 120.714020] CPU: 0 PID: 1100 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.714760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.715677] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.716115] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.717604] RSP: 0018:ffff888012927b78 EFLAGS: 00010246 [ 120.718061] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.718654] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 120.719281] RBP: ffff888012927b98 R08: ffffed100293d33e R09: ffffed100293d33e [ 120.719858] R10: ffff8880149e99ef R11: ffffed100293d33d R12: ffff8880149e9a90 [ 120.720456] R13: ffff8880149e98a8 R14: ffffffffffffffff R15: ffff888012927c60 [ 120.721029] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.721699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.722169] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.722792] PKRU: 55555554 [ 120.723024] Call Trace: [ 120.723237] [ 120.723449] iommufd_ioas_destroy+0x53/0x70 [ 120.723809] iommufd_fops_release+0x1f7/0x370 [ 120.724183] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.724625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.725031] ? write_comp_data+0x2f/0x90 [ 120.725373] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.725811] __fput+0x26d/0xa40 [ 120.726097] ____fput+0x1e/0x30 [ 120.726377] task_work_run+0x1a4/0x2d0 [ 120.726748] ? __pfx_task_work_run+0x10/0x10 [ 120.727125] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.727527] ? switch_task_namespaces+0xa9/0xe0 [ 120.727946] do_exit+0xb17/0x2ef0 [ 120.728233] ? lock_acquire+0x427/0x4c0 [ 120.728568] ? __pfx_lock_release+0x10/0x10 [ 120.728952] ? __kasan_check_write+0x18/0x20 [ 120.729315] ? do_raw_spin_lock+0x132/0x2a0 [ 120.729671] ? __pfx_do_exit+0x10/0x10 [ 120.730024] ? debug_smp_processor_id+0x20/0x30 [ 120.730411] ? rcu_is_watching+0x19/0xb0 [ 120.730767] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.731178] ? trace_hardirqs_on+0x26/0x120 [ 120.731530] do_group_exit+0xe0/0x2b0 [ 120.731839] __x64_sys_exit_group+0x47/0x50 [ 120.732203] do_syscall_64+0x3b/0x90 [ 120.732510] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.732927] RIP: 0033:0x7f4b87518a4d [ 120.733251] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.733742] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.734370] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.734960] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.735554] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.736116] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.736681] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.737281] [ 120.737471] irq event stamp: 0 [ 120.737728] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.738233] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.738923] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.739595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.740094] ---[ end trace 0000000000000000 ]--- [ 120.744295] ------------[ cut here ]------------ [ 120.744719] WARNING: CPU: 0 PID: 1101 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.745533] Modules linked in: [ 120.745791] CPU: 0 PID: 1101 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.746489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.747419] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.747821] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.749290] RSP: 0018:ffff88801617fbb8 EFLAGS: 00010246 [ 120.749728] RAX: 0000000000000000 RBX: ffff8880183e00a8 RCX: 0000000000000000 [ 120.750305] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 120.750901] RBP: ffff88801617fbd0 R08: ffffed100307c033 R09: ffffed100307c033 [ 120.751499] R10: ffff8880183e0193 R11: ffffed100307c032 R12: ffff888013a58000 [ 120.752075] R13: ffff8880183e01e8 R14: ffffffff8352e670 R15: ffff88801617fe68 [ 120.752655] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.753302] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.753773] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ef0 [ 120.754359] PKRU: 55555554 [ 120.754613] Call Trace: [ 120.754825] [ 120.755013] __iommufd_access_detach+0x1c2/0x2b0 [ 120.755425] iommufd_access_change_pt+0x149/0x270 [ 120.755826] iommufd_access_replace+0xb4/0x120 [ 120.756223] iommufd_test+0x3e5/0x37e0 [ 120.756540] ? lock_release+0x532/0x770 [ 120.756868] ? __might_fault+0x102/0x1b0 [ 120.757208] ? lock_acquire+0x427/0x4c0 [ 120.757541] ? __pfx_iommufd_test+0x10/0x10 [ 120.757889] ? __pfx_lock_release+0x10/0x10 [ 120.758245] ? __pfx_lock_acquire+0x10/0x10 [ 120.758631] ? write_comp_data+0x2f/0x90 [ 120.758972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.759383] ? write_comp_data+0x2f/0x90 [ 120.759725] iommufd_fops_ioctl+0x37d/0x510 [ 120.760080] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.760479] ? write_comp_data+0x2f/0x90 [ 120.760823] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.761223] __x64_sys_ioctl+0x1a3/0x230 [ 120.761566] do_syscall_64+0x3b/0x90 [ 120.761881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.762310] RIP: 0033:0x7f4b8743ee5d [ 120.762650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.764129] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.764738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.765313] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.765880] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.766451] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.767044] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.767689] [ 120.767879] irq event stamp: 0 [ 120.768132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.768637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.769305] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.769970] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.770475] ---[ end trace 0000000000000000 ]--- [ 120.773300] ------------[ cut here ]------------ [ 120.773707] WARNING: CPU: 0 PID: 1101 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.774542] Modules linked in: [ 120.774803] CPU: 0 PID: 1101 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.775513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.776413] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.776810] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.778257] RSP: 0018:ffff88801617fbd0 EFLAGS: 00010246 [ 120.778695] RAX: 0000000000000000 RBX: ffff8880183e00a8 RCX: 0000000000000000 [ 120.779277] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 120.779845] RBP: ffff88801617fbe8 R08: ffffed100307c033 R09: ffffed100307c033 [ 120.780410] R10: ffff8880183e0193 R11: ffffed100307c032 R12: ffff88800fd3d800 [ 120.780977] R13: ffff8880183e01e8 R14: ffff88800b8cf600 R15: 0000000000000000 [ 120.781545] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.782185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.782663] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.783255] PKRU: 55555554 [ 120.783484] Call Trace: [ 120.783691] [ 120.783875] iommufd_access_destroy_object+0x65/0x170 [ 120.784292] iommufd_object_destroy_user+0x18e/0x220 [ 120.784704] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.785177] iommufd_access_destroy+0x43/0x70 [ 120.785546] iommufd_test_staccess_release+0x8d/0xd0 [ 120.785962] __fput+0x26d/0xa40 [ 120.786242] ____fput+0x1e/0x30 [ 120.786533] task_work_run+0x1a4/0x2d0 [ 120.786854] ? __pfx_task_work_run+0x10/0x10 [ 120.787225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.787626] ? switch_task_namespaces+0xa9/0xe0 [ 120.788010] do_exit+0xb17/0x2ef0 [ 120.788291] ? lock_acquire+0x427/0x4c0 [ 120.788620] ? __pfx_lock_release+0x10/0x10 [ 120.788972] ? __kasan_check_write+0x18/0x20 [ 120.789334] ? do_raw_spin_lock+0x132/0x2a0 [ 120.789682] ? __pfx_do_exit+0x10/0x10 [ 120.790002] ? debug_smp_processor_id+0x20/0x30 [ 120.790390] ? rcu_is_watching+0x19/0xb0 [ 120.790744] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.791125] ? trace_hardirqs_on+0x26/0x120 [ 120.791493] do_group_exit+0xe0/0x2b0 [ 120.791804] __x64_sys_exit_group+0x47/0x50 [ 120.792149] do_syscall_64+0x3b/0x90 [ 120.792457] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.792883] RIP: 0033:0x7f4b87518a4d [ 120.793182] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.793674] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.794278] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.794858] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.795435] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.796001] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.796569] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.797146] [ 120.797338] irq event stamp: 0 [ 120.797593] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.798094] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.798777] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.799450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.799953] ---[ end trace 0000000000000000 ]--- [ 120.800686] ------------[ cut here ]------------ [ 120.801067] WARNING: CPU: 0 PID: 1101 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.801878] Modules linked in: [ 120.802133] CPU: 0 PID: 1101 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.802842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.803730] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.804132] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.805558] RSP: 0018:ffff88801617fb78 EFLAGS: 00010246 [ 120.805975] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.806543] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 120.807107] RBP: ffff88801617fb98 R08: ffffed100307c03e R09: ffffed100307c03e [ 120.807668] R10: ffff8880183e01ef R11: ffffed100307c03d R12: ffff8880183e0290 [ 120.808226] R13: ffff8880183e00a8 R14: ffffffffffffffff R15: ffff88801617fc60 [ 120.808791] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.809417] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.809869] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.810427] PKRU: 55555554 [ 120.810669] Call Trace: [ 120.810873] [ 120.811054] iommufd_ioas_destroy+0x53/0x70 [ 120.811412] iommufd_fops_release+0x1f7/0x370 [ 120.811774] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.812164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.812550] ? write_comp_data+0x2f/0x90 [ 120.812880] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.813272] __fput+0x26d/0xa40 [ 120.813543] ____fput+0x1e/0x30 [ 120.813809] task_work_run+0x1a4/0x2d0 [ 120.814120] ? __pfx_task_work_run+0x10/0x10 [ 120.814467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.814906] ? switch_task_namespaces+0xa9/0xe0 [ 120.815294] do_exit+0xb17/0x2ef0 [ 120.815569] ? lock_acquire+0x427/0x4c0 [ 120.815888] ? __pfx_lock_release+0x10/0x10 [ 120.816229] ? __kasan_check_write+0x18/0x20 [ 120.816575] ? do_raw_spin_lock+0x132/0x2a0 [ 120.816912] ? __pfx_do_exit+0x10/0x10 [ 120.817226] ? debug_smp_processor_id+0x20/0x30 [ 120.817591] ? rcu_is_watching+0x19/0xb0 [ 120.817913] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.818269] ? trace_hardirqs_on+0x26/0x120 [ 120.818629] do_group_exit+0xe0/0x2b0 [ 120.818935] __x64_sys_exit_group+0x47/0x50 [ 120.819282] do_syscall_64+0x3b/0x90 [ 120.819584] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.819994] RIP: 0033:0x7f4b87518a4d [ 120.820287] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.820764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.821352] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.821899] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.822446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.823020] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.823583] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.824140] [ 120.824322] irq event stamp: 0 [ 120.824566] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.825058] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.825712] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.826366] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.826871] ---[ end trace 0000000000000000 ]--- [ 120.831698] ------------[ cut here ]------------ [ 120.832090] WARNING: CPU: 0 PID: 1102 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.832859] Modules linked in: [ 120.833131] CPU: 0 PID: 1102 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.833788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.834734] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.835128] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.836493] RSP: 0018:ffff88800fc9fbb8 EFLAGS: 00010246 [ 120.836892] RAX: 0000000000000000 RBX: ffff888023ff30a8 RCX: 0000000000000000 [ 120.837428] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 120.837962] RBP: ffff88800fc9fbd0 R08: ffffed10047fe633 R09: ffffed10047fe633 [ 120.838493] R10: ffff888023ff3193 R11: ffffed10047fe632 R12: ffff888010c00c00 [ 120.839050] R13: ffff888023ff31e8 R14: ffffffff8352e670 R15: ffff88800fc9fe68 [ 120.839596] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.840207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.840645] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ef0 [ 120.841182] PKRU: 55555554 [ 120.841396] Call Trace: [ 120.841591] [ 120.841763] __iommufd_access_detach+0x1c2/0x2b0 [ 120.842134] iommufd_access_change_pt+0x149/0x270 [ 120.842519] iommufd_access_replace+0xb4/0x120 [ 120.842878] iommufd_test+0x3e5/0x37e0 [ 120.843184] ? lock_release+0x532/0x770 [ 120.843500] ? __might_fault+0x102/0x1b0 [ 120.843816] ? lock_acquire+0x427/0x4c0 [ 120.844131] ? __pfx_iommufd_test+0x10/0x10 [ 120.844459] ? __pfx_lock_release+0x10/0x10 [ 120.844794] ? __pfx_lock_acquire+0x10/0x10 [ 120.845133] ? write_comp_data+0x2f/0x90 [ 120.845454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.845833] ? write_comp_data+0x2f/0x90 [ 120.846151] iommufd_fops_ioctl+0x37d/0x510 [ 120.846487] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.846884] ? write_comp_data+0x2f/0x90 [ 120.847223] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.847593] __x64_sys_ioctl+0x1a3/0x230 [ 120.847914] do_syscall_64+0x3b/0x90 [ 120.848209] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.848600] RIP: 0033:0x7f4b8743ee5d [ 120.848876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.850219] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.850796] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.851335] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.851863] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.852395] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.852924] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.853466] [ 120.853640] irq event stamp: 0 [ 120.853876] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.854351] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.854993] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.855632] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.856102] ---[ end trace 0000000000000000 ]--- [ 120.858769] ------------[ cut here ]------------ [ 120.859163] WARNING: CPU: 0 PID: 1102 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.859914] Modules linked in: [ 120.860157] CPU: 0 PID: 1102 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.860810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.861647] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.862019] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.863397] RSP: 0018:ffff88800fc9fbd0 EFLAGS: 00010246 [ 120.863804] RAX: 0000000000000000 RBX: ffff888023ff30a8 RCX: 0000000000000000 [ 120.864337] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 120.864867] RBP: ffff88800fc9fbe8 R08: ffffed10047fe633 R09: ffffed10047fe633 [ 120.865680] R10: ffff888023ff3193 R11: ffffed10047fe632 R12: ffff888013a5b000 [ 120.866213] R13: ffff888023ff31e8 R14: ffff888020917e00 R15: 0000000000000000 [ 120.866765] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.867382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.867819] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.868353] PKRU: 55555554 [ 120.868566] Call Trace: [ 120.868760] [ 120.868931] iommufd_access_destroy_object+0x65/0x170 [ 120.869322] iommufd_object_destroy_user+0x18e/0x220 [ 120.869708] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.870146] iommufd_access_destroy+0x43/0x70 [ 120.870491] iommufd_test_staccess_release+0x8d/0xd0 [ 120.870902] __fput+0x26d/0xa40 [ 120.871176] ____fput+0x1e/0x30 [ 120.871435] task_work_run+0x1a4/0x2d0 [ 120.871735] ? __pfx_task_work_run+0x10/0x10 [ 120.872070] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.872443] ? switch_task_namespaces+0xa9/0xe0 [ 120.872802] do_exit+0xb17/0x2ef0 [ 120.873065] ? lock_acquire+0x427/0x4c0 [ 120.873375] ? __pfx_lock_release+0x10/0x10 [ 120.873711] ? __kasan_check_write+0x18/0x20 [ 120.874048] ? do_raw_spin_lock+0x132/0x2a0 [ 120.874379] ? __pfx_do_exit+0x10/0x10 [ 120.874708] ? debug_smp_processor_id+0x20/0x30 [ 120.875064] ? rcu_is_watching+0x19/0xb0 [ 120.875388] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.875737] ? trace_hardirqs_on+0x26/0x120 [ 120.876066] do_group_exit+0xe0/0x2b0 [ 120.876358] __x64_sys_exit_group+0x47/0x50 [ 120.876684] do_syscall_64+0x3b/0x90 [ 120.876974] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.877373] RIP: 0033:0x7f4b87518a4d [ 120.877655] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.878116] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.878701] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.879253] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.879781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.880313] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.880841] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.881377] [ 120.881555] irq event stamp: 0 [ 120.881789] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.882259] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.882906] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.883535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.884003] ---[ end trace 0000000000000000 ]--- [ 120.884669] ------------[ cut here ]------------ [ 120.885017] WARNING: CPU: 0 PID: 1102 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.885769] Modules linked in: [ 120.886009] CPU: 0 PID: 1102 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.886671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.887518] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.887902] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.889253] RSP: 0018:ffff88800fc9fb78 EFLAGS: 00010246 [ 120.889649] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.890171] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 120.890716] RBP: ffff88800fc9fb98 R08: ffffed10047fe63e R09: ffffed10047fe63e [ 120.891256] R10: ffff888023ff31ef R11: ffffed10047fe63d R12: ffff888023ff3290 [ 120.891784] R13: ffff888023ff30a8 R14: ffffffffffffffff R15: ffff88800fc9fc60 [ 120.892311] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.892908] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.893337] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.893867] PKRU: 55555554 [ 120.894077] Call Trace: [ 120.894270] [ 120.894442] iommufd_ioas_destroy+0x53/0x70 [ 120.894802] iommufd_fops_release+0x1f7/0x370 [ 120.895155] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.895536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.895907] ? write_comp_data+0x2f/0x90 [ 120.896226] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.896603] __fput+0x26d/0xa40 [ 120.896866] ____fput+0x1e/0x30 [ 120.897119] task_work_run+0x1a4/0x2d0 [ 120.897437] ? __pfx_task_work_run+0x10/0x10 [ 120.897770] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.898137] ? switch_task_namespaces+0xa9/0xe0 [ 120.898496] do_exit+0xb17/0x2ef0 [ 120.898785] ? lock_acquire+0x427/0x4c0 [ 120.899091] ? __pfx_lock_release+0x10/0x10 [ 120.899435] ? __kasan_check_write+0x18/0x20 [ 120.899771] ? do_raw_spin_lock+0x132/0x2a0 [ 120.900094] ? __pfx_do_exit+0x10/0x10 [ 120.900396] ? debug_smp_processor_id+0x20/0x30 [ 120.900747] ? rcu_is_watching+0x19/0xb0 [ 120.901056] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.901400] ? trace_hardirqs_on+0x26/0x120 [ 120.901730] do_group_exit+0xe0/0x2b0 [ 120.902018] __x64_sys_exit_group+0x47/0x50 [ 120.902344] do_syscall_64+0x3b/0x90 [ 120.902652] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.903048] RIP: 0033:0x7f4b87518a4d [ 120.903346] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.903803] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.904369] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.904897] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.905424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.905948] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.906473] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.907025] [ 120.907216] irq event stamp: 0 [ 120.907457] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.907924] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.908544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.909166] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.909635] ---[ end trace 0000000000000000 ]--- [ 120.914196] ------------[ cut here ]------------ [ 120.914621] WARNING: CPU: 0 PID: 1103 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.915390] Modules linked in: [ 120.915629] CPU: 0 PID: 1103 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.916272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.917097] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.917471] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.919009] RSP: 0018:ffff888012d8fbb8 EFLAGS: 00010246 [ 120.919419] RAX: 0000000000000000 RBX: ffff8880159f10a8 RCX: 0000000000000000 [ 120.919945] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 120.920470] RBP: ffff888012d8fbd0 R08: ffffed1002b3e233 R09: ffffed1002b3e233 [ 120.920992] R10: ffff8880159f1193 R11: ffffed1002b3e232 R12: ffff888013e77400 [ 120.921529] R13: ffff8880159f11e8 R14: ffffffff8352e670 R15: ffff888012d8fe68 [ 120.922049] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.922662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.923094] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 120.923630] PKRU: 55555554 [ 120.923842] Call Trace: [ 120.924036] [ 120.924207] __iommufd_access_detach+0x1c2/0x2b0 [ 120.924572] iommufd_access_change_pt+0x149/0x270 [ 120.924939] iommufd_access_replace+0xb4/0x120 [ 120.925293] iommufd_test+0x3e5/0x37e0 [ 120.925590] ? lock_release+0x532/0x770 [ 120.925897] ? __might_fault+0x102/0x1b0 [ 120.926205] ? lock_acquire+0x427/0x4c0 [ 120.926527] ? __pfx_iommufd_test+0x10/0x10 [ 120.926849] ? __pfx_lock_release+0x10/0x10 [ 120.927206] ? __pfx_lock_acquire+0x10/0x10 [ 120.927539] ? write_comp_data+0x2f/0x90 [ 120.927853] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.928245] ? write_comp_data+0x2f/0x90 [ 120.928560] iommufd_fops_ioctl+0x37d/0x510 [ 120.928890] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.929261] ? write_comp_data+0x2f/0x90 [ 120.929603] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 120.930122] __x64_sys_ioctl+0x1a3/0x230 [ 120.930444] do_syscall_64+0x3b/0x90 [ 120.930761] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.931174] RIP: 0033:0x7f4b8743ee5d [ 120.931460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 120.932798] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 120.933363] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 120.933891] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 120.934414] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 120.935161] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 120.935693] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 120.936225] [ 120.936398] irq event stamp: 0 [ 120.936632] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.937098] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.937716] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.938329] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.938809] ---[ end trace 0000000000000000 ]--- [ 120.941473] ------------[ cut here ]------------ [ 120.941856] WARNING: CPU: 0 PID: 1103 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 120.942641] Modules linked in: [ 120.942888] CPU: 0 PID: 1103 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.943559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.944396] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 120.944770] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 120.946129] RSP: 0018:ffff888012d8fbd0 EFLAGS: 00010246 [ 120.946609] RAX: 0000000000000000 RBX: ffff8880159f10a8 RCX: 0000000000000000 [ 120.947163] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 120.947703] RBP: ffff888012d8fbe8 R08: ffffed1002b3e233 R09: ffffed1002b3e233 [ 120.948252] R10: ffff8880159f1193 R11: ffffed1002b3e232 R12: ffff888010c02400 [ 120.948796] R13: ffff8880159f11e8 R14: ffff8880142ec100 R15: 0000000000000000 [ 120.949341] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 120.949957] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.950400] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 120.950964] PKRU: 55555554 [ 120.951196] Call Trace: [ 120.951393] [ 120.951571] iommufd_access_destroy_object+0x65/0x170 [ 120.951970] iommufd_object_destroy_user+0x18e/0x220 [ 120.952362] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 120.952809] iommufd_access_destroy+0x43/0x70 [ 120.953164] iommufd_test_staccess_release+0x8d/0xd0 [ 120.953568] __fput+0x26d/0xa40 [ 120.953844] ____fput+0x1e/0x30 [ 120.954113] task_work_run+0x1a4/0x2d0 [ 120.954430] ? __pfx_task_work_run+0x10/0x10 [ 120.954801] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.955198] ? switch_task_namespaces+0xa9/0xe0 [ 120.955577] do_exit+0xb17/0x2ef0 [ 120.955852] ? lock_acquire+0x427/0x4c0 [ 120.956177] ? __pfx_lock_release+0x10/0x10 [ 120.956526] ? __kasan_check_write+0x18/0x20 [ 120.956876] ? do_raw_spin_lock+0x132/0x2a0 [ 120.957210] ? __pfx_do_exit+0x10/0x10 [ 120.957524] ? debug_smp_processor_id+0x20/0x30 [ 120.957891] ? rcu_is_watching+0x19/0xb0 [ 120.958211] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.958599] ? trace_hardirqs_on+0x26/0x120 [ 120.958948] do_group_exit+0xe0/0x2b0 [ 120.959262] __x64_sys_exit_group+0x47/0x50 [ 120.959603] do_syscall_64+0x3b/0x90 [ 120.959906] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.960317] RIP: 0033:0x7f4b87518a4d [ 120.960608] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.961092] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.961681] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.962241] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 120.962823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 120.963390] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 120.963946] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 120.964513] [ 120.964699] irq event stamp: 0 [ 120.964947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 120.965446] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 120.966110] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 120.966781] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 120.967290] ---[ end trace 0000000000000000 ]--- [ 120.968391] ------------[ cut here ]------------ [ 120.968992] WARNING: CPU: 1 PID: 1103 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 120.970139] Modules linked in: [ 120.970993] CPU: 1 PID: 1103 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 120.972043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 120.973624] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 120.974245] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 120.976782] RSP: 0018:ffff888012d8fb78 EFLAGS: 00010246 [ 120.977491] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 120.978330] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 120.979356] RBP: ffff888012d8fb98 R08: ffffed1002b3e23e R09: ffffed1002b3e23e [ 120.980086] R10: ffff8880159f11ef R11: ffffed1002b3e23d R12: ffff8880159f1290 [ 120.980783] R13: ffff8880159f10a8 R14: ffffffffffffffff R15: ffff888012d8fc60 [ 120.981474] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 120.982203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.982874] CR2: 00007f82e2aa1028 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 120.983538] PKRU: 55555554 [ 120.983800] Call Trace: [ 120.984036] [ 120.984245] iommufd_ioas_destroy+0x53/0x70 [ 120.984845] iommufd_fops_release+0x1f7/0x370 [ 120.985342] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.985877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.986478] ? write_comp_data+0x2f/0x90 [ 120.987026] ? __pfx_iommufd_fops_release+0x10/0x10 [ 120.987578] __fput+0x26d/0xa40 [ 120.987954] ____fput+0x1e/0x30 [ 120.988274] task_work_run+0x1a4/0x2d0 [ 120.988819] ? __pfx_task_work_run+0x10/0x10 [ 120.989213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 120.989678] ? switch_task_namespaces+0xa9/0xe0 [ 120.990199] do_exit+0xb17/0x2ef0 [ 120.990774] ? lock_acquire+0x427/0x4c0 [ 120.991243] ? __pfx_lock_release+0x10/0x10 [ 120.991728] ? __kasan_check_write+0x18/0x20 [ 120.992217] ? do_raw_spin_lock+0x132/0x2a0 [ 120.992862] ? __pfx_do_exit+0x10/0x10 [ 120.993331] ? debug_smp_processor_id+0x20/0x30 [ 120.993858] ? rcu_is_watching+0x19/0xb0 [ 120.994328] ? _raw_spin_unlock_irq+0x2b/0x60 [ 120.995005] ? trace_hardirqs_on+0x26/0x120 [ 120.995475] do_group_exit+0xe0/0x2b0 [ 120.995890] __x64_sys_exit_group+0x47/0x50 [ 120.996326] do_syscall_64+0x3b/0x90 [ 120.996766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 120.997310] RIP: 0033:0x7f4b87518a4d [ 120.997633] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 120.998169] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 120.999042] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 120.999765] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.000572] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.001549] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.002311] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.003167] [ 121.003433] irq event stamp: 0 [ 121.003774] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.004590] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.005504] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.006419] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.007286] ---[ end trace 0000000000000000 ]--- [ 121.014146] ------------[ cut here ]------------ [ 121.014771] WARNING: CPU: 1 PID: 1104 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.016021] Modules linked in: [ 121.016488] CPU: 1 PID: 1104 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.017492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.018906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.019517] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.021834] RSP: 0018:ffff888016157bb8 EFLAGS: 00010246 [ 121.022459] RAX: 0000000000000000 RBX: ffff8880159368a8 RCX: 0000000000000000 [ 121.023383] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 121.024194] RBP: ffff888016157bd0 R08: ffffed1002b26d33 R09: ffffed1002b26d33 [ 121.025007] R10: ffff888015936993 R11: ffffed1002b26d32 R12: ffff88801785b000 [ 121.025994] R13: ffff8880159369e8 R14: ffffffff8352e670 R15: ffff888016157e68 [ 121.026889] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.027838] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.028659] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 121.029476] PKRU: 55555554 [ 121.029815] Call Trace: [ 121.030144] [ 121.030471] __iommufd_access_detach+0x1c2/0x2b0 [ 121.031154] iommufd_access_change_pt+0x149/0x270 [ 121.031737] iommufd_access_replace+0xb4/0x120 [ 121.032249] iommufd_test+0x3e5/0x37e0 [ 121.032814] ? lock_release+0x532/0x770 [ 121.033362] ? __might_fault+0x102/0x1b0 [ 121.033839] ? lock_acquire+0x427/0x4c0 [ 121.034326] ? __pfx_iommufd_test+0x10/0x10 [ 121.034936] ? __pfx_lock_release+0x10/0x10 [ 121.035589] ? __pfx_lock_acquire+0x10/0x10 [ 121.036108] ? write_comp_data+0x2f/0x90 [ 121.036569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.037140] ? write_comp_data+0x2f/0x90 [ 121.037714] iommufd_fops_ioctl+0x37d/0x510 [ 121.038322] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.038919] ? write_comp_data+0x2f/0x90 [ 121.039607] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.040255] __x64_sys_ioctl+0x1a3/0x230 [ 121.040647] do_syscall_64+0x3b/0x90 [ 121.041006] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.041501] RIP: 0033:0x7f4b8743ee5d [ 121.041870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.043798] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.044679] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.045363] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.046041] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.046925] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.047621] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.048329] [ 121.048595] irq event stamp: 0 [ 121.049022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.049627] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.050425] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.051497] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.052123] ---[ end trace 0000000000000000 ]--- [ 121.056572] ------------[ cut here ]------------ [ 121.057121] WARNING: CPU: 1 PID: 1104 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.058344] Modules linked in: [ 121.058740] CPU: 1 PID: 1104 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.059649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.060993] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.061507] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.063589] RSP: 0018:ffff888016157bd0 EFLAGS: 00010246 [ 121.064144] RAX: 0000000000000000 RBX: ffff8880159368a8 RCX: 0000000000000000 [ 121.064873] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 121.065778] RBP: ffff888016157be8 R08: ffffed1002b26d33 R09: ffffed1002b26d33 [ 121.066561] R10: ffff888015936993 R11: ffffed1002b26d32 R12: ffff888013bcbc00 [ 121.067309] R13: ffff8880159369e8 R14: ffff88801381c100 R15: 0000000000000000 [ 121.068191] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.069011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.069619] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 121.070410] PKRU: 55555554 [ 121.070825] Call Trace: [ 121.071092] [ 121.071367] iommufd_access_destroy_object+0x65/0x170 [ 121.071901] iommufd_object_destroy_user+0x18e/0x220 [ 121.072425] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 121.073164] iommufd_access_destroy+0x43/0x70 [ 121.073643] iommufd_test_staccess_release+0x8d/0xd0 [ 121.074176] __fput+0x26d/0xa40 [ 121.074569] ____fput+0x1e/0x30 [ 121.074925] task_work_run+0x1a4/0x2d0 [ 121.075465] ? __pfx_task_work_run+0x10/0x10 [ 121.075985] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.076508] ? switch_task_namespaces+0xa9/0xe0 [ 121.077005] do_exit+0xb17/0x2ef0 [ 121.077372] ? lock_acquire+0x427/0x4c0 [ 121.077971] ? __pfx_lock_release+0x10/0x10 [ 121.078438] ? __kasan_check_write+0x18/0x20 [ 121.078950] ? do_raw_spin_lock+0x132/0x2a0 [ 121.079420] ? __pfx_do_exit+0x10/0x10 [ 121.079836] ? debug_smp_processor_id+0x20/0x30 [ 121.080395] ? rcu_is_watching+0x19/0xb0 [ 121.080904] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.081368] ? trace_hardirqs_on+0x26/0x120 [ 121.081823] do_group_exit+0xe0/0x2b0 [ 121.082222] __x64_sys_exit_group+0x47/0x50 [ 121.082730] do_syscall_64+0x3b/0x90 [ 121.083253] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.083805] RIP: 0033:0x7f4b87518a4d [ 121.084206] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.084855] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.085885] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.086659] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.087423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.088370] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.089121] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.089880] [ 121.090166] irq event stamp: 0 [ 121.090649] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.091328] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.092204] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.093257] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.093920] ---[ end trace 0000000000000000 ]--- [ 121.096874] ------------[ cut here ]------------ [ 121.097404] WARNING: CPU: 1 PID: 1104 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 121.098773] Modules linked in: [ 121.099149] CPU: 1 PID: 1104 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.100052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.101430] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 121.101971] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 121.104087] RSP: 0018:ffff888016157b78 EFLAGS: 00010246 [ 121.104653] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.105404] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 121.106338] RBP: ffff888016157b98 R08: ffffed1002b26d3e R09: ffffed1002b26d3e [ 121.107140] R10: ffff8880159369ef R11: ffffed1002b26d3d R12: ffff888015936a90 [ 121.107890] R13: ffff8880159368a8 R14: ffffffffffffffff R15: ffff888016157c60 [ 121.108823] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.109670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.110276] CR2: 00007f82e2aac000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 121.111247] PKRU: 55555554 [ 121.111548] Call Trace: [ 121.111821] [ 121.112060] iommufd_ioas_destroy+0x53/0x70 [ 121.112522] iommufd_fops_release+0x1f7/0x370 [ 121.113001] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.113705] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.114233] ? write_comp_data+0x2f/0x90 [ 121.114702] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.115251] __fput+0x26d/0xa40 [ 121.115663] ____fput+0x1e/0x30 [ 121.116116] task_work_run+0x1a4/0x2d0 [ 121.116532] ? __pfx_task_work_run+0x10/0x10 [ 121.117057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.117578] ? switch_task_namespaces+0xa9/0xe0 [ 121.118245] do_exit+0xb17/0x2ef0 [ 121.118648] ? lock_acquire+0x427/0x4c0 [ 121.119079] ? __pfx_lock_release+0x10/0x10 [ 121.119550] ? __kasan_check_write+0x18/0x20 [ 121.120020] ? do_raw_spin_lock+0x132/0x2a0 [ 121.120657] ? __pfx_do_exit+0x10/0x10 [ 121.121084] ? debug_smp_processor_id+0x20/0x30 [ 121.121590] ? rcu_is_watching+0x19/0xb0 [ 121.122028] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.122537] ? trace_hardirqs_on+0x26/0x120 [ 121.123178] do_group_exit+0xe0/0x2b0 [ 121.123586] __x64_sys_exit_group+0x47/0x50 [ 121.124034] do_syscall_64+0x3b/0x90 [ 121.124429] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.124983] RIP: 0033:0x7f4b87518a4d [ 121.125383] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.126027] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.126942] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.127796] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.128559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.129306] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.130254] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.131058] [ 121.131330] irq event stamp: 0 [ 121.131665] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.132364] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.133385] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.134269] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.135067] ---[ end trace 0000000000000000 ]--- [ 121.141625] ------------[ cut here ]------------ [ 121.142170] WARNING: CPU: 1 PID: 1105 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.143638] Modules linked in: [ 121.143988] CPU: 1 PID: 1105 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.144896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.146262] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.146823] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.148884] RSP: 0018:ffff88801612fbb8 EFLAGS: 00010246 [ 121.149477] RAX: 0000000000000000 RBX: ffff8880171bd8a8 RCX: 0000000000000000 [ 121.150214] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 121.151042] RBP: ffff88801612fbd0 R08: ffffed1002e37b33 R09: ffffed1002e37b33 [ 121.151896] R10: ffff8880171bd993 R11: ffffed1002e37b32 R12: ffff888010827400 [ 121.152641] R13: ffff8880171bd9e8 R14: ffffffff8352e670 R15: ffff88801612fe68 [ 121.153417] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.154392] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.155038] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 121.155797] PKRU: 55555554 [ 121.156099] Call Trace: [ 121.156513] [ 121.156755] __iommufd_access_detach+0x1c2/0x2b0 [ 121.157265] iommufd_access_change_pt+0x149/0x270 [ 121.157788] iommufd_access_replace+0xb4/0x120 [ 121.158292] iommufd_test+0x3e5/0x37e0 [ 121.158868] ? lock_release+0x532/0x770 [ 121.159327] ? __might_fault+0x102/0x1b0 [ 121.159768] ? lock_acquire+0x427/0x4c0 [ 121.160203] ? __pfx_iommufd_test+0x10/0x10 [ 121.160661] ? __pfx_lock_release+0x10/0x10 [ 121.161119] ? __pfx_lock_acquire+0x10/0x10 [ 121.161681] ? write_comp_data+0x2f/0x90 [ 121.162162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.162721] ? write_comp_data+0x2f/0x90 [ 121.163174] iommufd_fops_ioctl+0x37d/0x510 [ 121.163644] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.164171] ? write_comp_data+0x2f/0x90 [ 121.164807] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.165318] __x64_sys_ioctl+0x1a3/0x230 [ 121.165750] do_syscall_64+0x3b/0x90 [ 121.166149] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.166781] RIP: 0033:0x7f4b8743ee5d [ 121.167279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.169180] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.170182] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.170977] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.171762] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.172716] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.173465] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.174245] [ 121.174500] irq event stamp: 0 [ 121.174881] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.175746] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.176633] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.177557] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.178340] ---[ end trace 0000000000000000 ]--- [ 121.181775] ------------[ cut here ]------------ [ 121.182319] WARNING: CPU: 1 PID: 1105 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.183641] Modules linked in: [ 121.183996] CPU: 1 PID: 1105 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.184932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.186320] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.186898] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.189058] RSP: 0018:ffff88801612fbd0 EFLAGS: 00010246 [ 121.189633] RAX: 0000000000000000 RBX: ffff8880171bd8a8 RCX: 0000000000000000 [ 121.190391] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 121.191383] RBP: ffff88801612fbe8 R08: ffffed1002e37b33 R09: ffffed1002e37b33 [ 121.192150] R10: ffff8880171bd993 R11: ffffed1002e37b32 R12: ffff888017859c00 [ 121.192912] R13: ffff8880171bd9e8 R14: ffff8880181bd900 R15: 0000000000000000 [ 121.193695] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.194743] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.195387] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 121.196147] PKRU: 55555554 [ 121.196463] Call Trace: [ 121.196831] [ 121.197161] iommufd_access_destroy_object+0x65/0x170 [ 121.197720] iommufd_object_destroy_user+0x18e/0x220 [ 121.198273] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 121.198938] iommufd_access_destroy+0x43/0x70 [ 121.199496] iommufd_test_staccess_release+0x8d/0xd0 [ 121.200183] __fput+0x26d/0xa40 [ 121.200558] ____fput+0x1e/0x30 [ 121.200926] task_work_run+0x1a4/0x2d0 [ 121.201356] ? __pfx_task_work_run+0x10/0x10 [ 121.201834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.202570] ? switch_task_namespaces+0xa9/0xe0 [ 121.203089] do_exit+0xb17/0x2ef0 [ 121.203475] ? lock_acquire+0x427/0x4c0 [ 121.203917] ? __pfx_lock_release+0x10/0x10 [ 121.204386] ? __kasan_check_write+0x18/0x20 [ 121.204891] ? do_raw_spin_lock+0x132/0x2a0 [ 121.205492] ? __pfx_do_exit+0x10/0x10 [ 121.205916] ? debug_smp_processor_id+0x20/0x30 [ 121.206418] ? rcu_is_watching+0x19/0xb0 [ 121.206907] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.207426] ? trace_hardirqs_on+0x26/0x120 [ 121.207988] do_group_exit+0xe0/0x2b0 [ 121.208467] __x64_sys_exit_group+0x47/0x50 [ 121.208931] do_syscall_64+0x3b/0x90 [ 121.209338] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.209897] RIP: 0033:0x7f4b87518a4d [ 121.210355] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.211168] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.211983] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.212736] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.213713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.214463] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.215277] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.216097] [ 121.216466] irq event stamp: 0 [ 121.216805] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.217475] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.218368] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.219474] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.220157] ---[ end trace 0000000000000000 ]--- [ 121.221074] ------------[ cut here ]------------ [ 121.221761] WARNING: CPU: 1 PID: 1105 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 121.222904] Modules linked in: [ 121.223269] CPU: 1 PID: 1105 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.224243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.225569] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 121.226154] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 121.228385] RSP: 0018:ffff88801612fb78 EFLAGS: 00010246 [ 121.228975] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.229911] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 121.230690] RBP: ffff88801612fb98 R08: ffffed1002e37b3e R09: ffffed1002e37b3e [ 121.231491] R10: ffff8880171bd9ef R11: ffffed1002e37b3d R12: ffff8880171bda90 [ 121.232423] R13: ffff8880171bd8a8 R14: ffffffffffffffff R15: ffff88801612fc60 [ 121.233182] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.234036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.234800] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 121.235621] PKRU: 55555554 [ 121.235934] Call Trace: [ 121.236218] [ 121.236461] iommufd_ioas_destroy+0x53/0x70 [ 121.236933] iommufd_fops_release+0x1f7/0x370 [ 121.237587] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.238129] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.238679] ? write_comp_data+0x2f/0x90 [ 121.239133] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.239767] __fput+0x26d/0xa40 [ 121.240197] ____fput+0x1e/0x30 [ 121.240559] task_work_run+0x1a4/0x2d0 [ 121.240986] ? __pfx_task_work_run+0x10/0x10 [ 121.241464] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.242051] ? switch_task_namespaces+0xa9/0xe0 [ 121.242661] do_exit+0xb17/0x2ef0 [ 121.243043] ? lock_acquire+0x427/0x4c0 [ 121.243477] ? __pfx_lock_release+0x10/0x10 [ 121.243946] ? __kasan_check_write+0x18/0x20 [ 121.244504] ? do_raw_spin_lock+0x132/0x2a0 [ 121.245097] ? __pfx_do_exit+0x10/0x10 [ 121.245542] ? debug_smp_processor_id+0x20/0x30 [ 121.246064] ? rcu_is_watching+0x19/0xb0 [ 121.246533] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.247039] ? trace_hardirqs_on+0x26/0x120 [ 121.247684] do_group_exit+0xe0/0x2b0 [ 121.248098] __x64_sys_exit_group+0x47/0x50 [ 121.248557] do_syscall_64+0x3b/0x90 [ 121.248970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.249541] RIP: 0033:0x7f4b87518a4d [ 121.250123] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.250817] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.251642] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.252516] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.253346] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.254105] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.255046] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.255829] [ 121.256085] irq event stamp: 0 [ 121.256425] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.257159] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.258156] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.259079] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.259897] ---[ end trace 0000000000000000 ]--- [ 121.267587] ------------[ cut here ]------------ [ 121.268238] WARNING: CPU: 1 PID: 1106 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.269390] Modules linked in: [ 121.269728] CPU: 1 PID: 1106 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.270780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.272066] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.272604] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.274723] RSP: 0018:ffff8880145cfbb8 EFLAGS: 00010246 [ 121.275331] RAX: 0000000000000000 RBX: ffff88800a7858a8 RCX: 0000000000000000 [ 121.276267] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 121.277073] RBP: ffff8880145cfbd0 R08: ffffed10014f0b33 R09: ffffed10014f0b33 [ 121.277832] R10: ffff88800a785993 R11: ffffed10014f0b32 R12: ffff888010e03000 [ 121.278795] R13: ffff88800a7859e8 R14: ffffffff8352e670 R15: ffff8880145cfe68 [ 121.279566] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.280414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.281199] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 121.281959] PKRU: 55555554 [ 121.282270] Call Trace: [ 121.282577] [ 121.282827] __iommufd_access_detach+0x1c2/0x2b0 [ 121.283553] iommufd_access_change_pt+0x149/0x270 [ 121.284090] iommufd_access_replace+0xb4/0x120 [ 121.284602] iommufd_test+0x3e5/0x37e0 [ 121.285025] ? lock_release+0x532/0x770 [ 121.285494] ? __might_fault+0x102/0x1b0 [ 121.286066] ? lock_acquire+0x427/0x4c0 [ 121.286539] ? __pfx_iommufd_test+0x10/0x10 [ 121.287004] ? __pfx_lock_release+0x10/0x10 [ 121.287504] ? __pfx_lock_acquire+0x10/0x10 [ 121.288013] ? write_comp_data+0x2f/0x90 [ 121.288599] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.289131] ? write_comp_data+0x2f/0x90 [ 121.289579] iommufd_fops_ioctl+0x37d/0x510 [ 121.290048] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.290613] ? write_comp_data+0x2f/0x90 [ 121.291200] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.291733] __x64_sys_ioctl+0x1a3/0x230 [ 121.292191] do_syscall_64+0x3b/0x90 [ 121.292607] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.293294] RIP: 0033:0x7f4b8743ee5d [ 121.293771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.295865] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.296769] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.297538] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.298404] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.299283] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.300040] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.300931] [ 121.301252] irq event stamp: 0 [ 121.301591] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.302268] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.303250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.304216] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.304903] ---[ end trace 0000000000000000 ]--- [ 121.310474] ------------[ cut here ]------------ [ 121.311318] WARNING: CPU: 1 PID: 1106 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.312502] Modules linked in: [ 121.312958] CPU: 1 PID: 1106 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.313919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.315245] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.315843] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.317939] RSP: 0018:ffff8880145cfbd0 EFLAGS: 00010246 [ 121.318534] RAX: 0000000000000000 RBX: ffff88800a7858a8 RCX: 0000000000000000 [ 121.319299] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 121.320104] RBP: ffff8880145cfbe8 R08: ffffed10014f0b33 R09: ffffed10014f0b33 [ 121.320981] R10: ffff88800a785993 R11: ffffed10014f0b32 R12: ffff888010825400 [ 121.321738] R13: ffff88800a7859e8 R14: ffff88801381cf00 R15: 0000000000000000 [ 121.322541] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.323597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.324218] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 121.324984] PKRU: 55555554 [ 121.325343] Call Trace: [ 121.325742] [ 121.325988] iommufd_access_destroy_object+0x65/0x170 [ 121.326572] iommufd_object_destroy_user+0x18e/0x220 [ 121.327146] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 121.327845] iommufd_access_destroy+0x43/0x70 [ 121.328410] iommufd_test_staccess_release+0x8d/0xd0 [ 121.328965] __fput+0x26d/0xa40 [ 121.329333] ____fput+0x1e/0x30 [ 121.329696] task_work_run+0x1a4/0x2d0 [ 121.330167] ? __pfx_task_work_run+0x10/0x10 [ 121.330762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.331297] ? switch_task_namespaces+0xa9/0xe0 [ 121.331809] do_exit+0xb17/0x2ef0 [ 121.332187] ? lock_acquire+0x427/0x4c0 [ 121.332682] ? __pfx_lock_release+0x10/0x10 [ 121.333220] ? __kasan_check_write+0x18/0x20 [ 121.333699] ? do_raw_spin_lock+0x132/0x2a0 [ 121.334160] ? __pfx_do_exit+0x10/0x10 [ 121.334608] ? debug_smp_processor_id+0x20/0x30 [ 121.335213] ? rcu_is_watching+0x19/0xb0 [ 121.335708] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.336197] ? trace_hardirqs_on+0x26/0x120 [ 121.336668] do_group_exit+0xe0/0x2b0 [ 121.337076] __x64_sys_exit_group+0x47/0x50 [ 121.337582] do_syscall_64+0x3b/0x90 [ 121.338098] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.338674] RIP: 0033:0x7f4b87518a4d [ 121.339074] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.339737] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.340714] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.341517] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.342267] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.343248] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.344001] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.344757] [ 121.345104] irq event stamp: 0 [ 121.345484] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.346139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.347030] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.348081] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.348732] ---[ end trace 0000000000000000 ]--- [ 121.351645] ------------[ cut here ]------------ [ 121.352386] WARNING: CPU: 1 PID: 1106 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 121.353443] Modules linked in: [ 121.353776] CPU: 1 PID: 1106 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.354924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.356095] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 121.356629] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 121.358702] RSP: 0018:ffff8880145cfb78 EFLAGS: 00010246 [ 121.359303] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.360229] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 121.360965] RBP: ffff8880145cfb98 R08: ffffed10014f0b3e R09: ffffed10014f0b3e [ 121.361703] R10: ffff88800a7859ef R11: ffffed10014f0b3d R12: ffff88800a785a90 [ 121.362658] R13: ffff88800a7858a8 R14: ffffffffffffffff R15: ffff8880145cfc60 [ 121.363403] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.364245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.365012] CR2: 00007f82e2ad3000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 121.365753] PKRU: 55555554 [ 121.366054] Call Trace: [ 121.366323] [ 121.366586] iommufd_ioas_destroy+0x53/0x70 [ 121.367242] iommufd_fops_release+0x1f7/0x370 [ 121.367728] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.368256] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.368773] ? write_comp_data+0x2f/0x90 [ 121.369324] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.369880] __fput+0x26d/0xa40 [ 121.370243] ____fput+0x1e/0x30 [ 121.370633] task_work_run+0x1a4/0x2d0 [ 121.371049] ? __pfx_task_work_run+0x10/0x10 [ 121.371607] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.372204] ? switch_task_namespaces+0xa9/0xe0 [ 121.372704] do_exit+0xb17/0x2ef0 [ 121.373121] ? lock_acquire+0x427/0x4c0 [ 121.373549] ? __pfx_lock_release+0x10/0x10 [ 121.374177] ? __kasan_check_write+0x18/0x20 [ 121.374681] ? do_raw_spin_lock+0x132/0x2a0 [ 121.375143] ? __pfx_do_exit+0x10/0x10 [ 121.375575] ? debug_smp_processor_id+0x20/0x30 [ 121.376068] ? rcu_is_watching+0x19/0xb0 [ 121.376681] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.377170] ? trace_hardirqs_on+0x26/0x120 [ 121.377629] do_group_exit+0xe0/0x2b0 [ 121.378026] __x64_sys_exit_group+0x47/0x50 [ 121.378498] do_syscall_64+0x3b/0x90 [ 121.379031] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.379599] RIP: 0033:0x7f4b87518a4d [ 121.379997] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.380629] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.381611] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.382349] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.383126] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.384053] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.384797] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.385550] [ 121.385865] irq event stamp: 0 [ 121.386284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.386963] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.387836] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.388854] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.389498] ---[ end trace 0000000000000000 ]--- [ 121.396633] ------------[ cut here ]------------ [ 121.397153] WARNING: CPU: 1 PID: 1107 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.398377] Modules linked in: [ 121.398778] CPU: 1 PID: 1107 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.399684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.401002] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.401511] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.403561] RSP: 0018:ffff8880245c7bb8 EFLAGS: 00010246 [ 121.404106] RAX: 0000000000000000 RBX: ffff88801609f0a8 RCX: 0000000000000000 [ 121.404875] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 121.405738] RBP: ffff8880245c7bd0 R08: ffffed1002c13e33 R09: ffffed1002c13e33 [ 121.406458] R10: ffff88801609f193 R11: ffffed1002c13e32 R12: ffff88800ae92000 [ 121.407240] R13: ffff88801609f1e8 R14: ffffffff8352e670 R15: ffff8880245c7e68 [ 121.408076] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.408902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.409542] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 121.410380] PKRU: 55555554 [ 121.410671] Call Trace: [ 121.410913] [ 121.411136] __iommufd_access_detach+0x1c2/0x2b0 [ 121.411602] iommufd_access_change_pt+0x149/0x270 [ 121.412215] iommufd_access_replace+0xb4/0x120 [ 121.412662] iommufd_test+0x3e5/0x37e0 [ 121.413033] ? lock_release+0x532/0x770 [ 121.413421] ? __might_fault+0x102/0x1b0 [ 121.413817] ? lock_acquire+0x427/0x4c0 [ 121.414324] ? __pfx_iommufd_test+0x10/0x10 [ 121.414753] ? __pfx_lock_release+0x10/0x10 [ 121.415176] ? __pfx_lock_acquire+0x10/0x10 [ 121.415600] ? write_comp_data+0x2f/0x90 [ 121.416033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.416580] ? write_comp_data+0x2f/0x90 [ 121.416976] iommufd_fops_ioctl+0x37d/0x510 [ 121.417399] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.417865] ? write_comp_data+0x2f/0x90 [ 121.418386] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.418870] __x64_sys_ioctl+0x1a3/0x230 [ 121.419280] do_syscall_64+0x3b/0x90 [ 121.419646] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.420139] RIP: 0033:0x7f4b8743ee5d [ 121.420639] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.422372] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.423244] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.423916] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.424632] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.425376] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.426042] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.426778] [ 121.427058] irq event stamp: 0 [ 121.427371] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.427961] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.428787] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.429649] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.430239] ---[ end trace 0000000000000000 ]--- [ 121.435059] ------------[ cut here ]------------ [ 121.435561] WARNING: CPU: 1 PID: 1107 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.436479] Modules linked in: [ 121.436771] CPU: 1 PID: 1107 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.437753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.438843] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.439440] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.441081] RSP: 0018:ffff8880245c7bd0 EFLAGS: 00010246 [ 121.441703] RAX: 0000000000000000 RBX: ffff88801609f0a8 RCX: 0000000000000000 [ 121.442345] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 121.443010] RBP: ffff8880245c7be8 R08: ffffed1002c13e33 R09: ffffed1002c13e33 [ 121.443798] R10: ffff88801609f193 R11: ffffed1002c13e32 R12: ffff888010e01c00 [ 121.444453] R13: ffff88801609f1e8 R14: ffff88800b95fa00 R15: 0000000000000000 [ 121.445103] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.445975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.446529] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 121.447197] PKRU: 55555554 [ 121.447456] Call Trace: [ 121.447699] [ 121.447906] iommufd_access_destroy_object+0x65/0x170 [ 121.448452] iommufd_object_destroy_user+0x18e/0x220 [ 121.448983] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 121.449519] iommufd_access_destroy+0x43/0x70 [ 121.449938] iommufd_test_staccess_release+0x8d/0xd0 [ 121.450441] __fput+0x26d/0xa40 [ 121.450901] ____fput+0x1e/0x30 [ 121.451222] task_work_run+0x1a4/0x2d0 [ 121.451587] ? __pfx_task_work_run+0x10/0x10 [ 121.452000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.452456] ? switch_task_namespaces+0xa9/0xe0 [ 121.452963] do_exit+0xb17/0x2ef0 [ 121.453345] ? lock_acquire+0x427/0x4c0 [ 121.453720] ? __pfx_lock_release+0x10/0x10 [ 121.454122] ? __kasan_check_write+0x18/0x20 [ 121.454557] ? do_raw_spin_lock+0x132/0x2a0 [ 121.454949] ? __pfx_do_exit+0x10/0x10 [ 121.455340] ? debug_smp_processor_id+0x20/0x30 [ 121.455895] ? rcu_is_watching+0x19/0xb0 [ 121.456277] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.456699] ? trace_hardirqs_on+0x26/0x120 [ 121.457099] do_group_exit+0xe0/0x2b0 [ 121.457475] __x64_sys_exit_group+0x47/0x50 [ 121.457975] do_syscall_64+0x3b/0x90 [ 121.458324] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.458890] RIP: 0033:0x7f4b87518a4d [ 121.459238] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.459799] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.460630] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.461276] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.461920] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.462742] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.463401] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.464075] [ 121.464293] irq event stamp: 0 [ 121.464609] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.465307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.466065] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.466958] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.467591] ---[ end trace 0000000000000000 ]--- [ 121.468474] ------------[ cut here ]------------ [ 121.468906] WARNING: CPU: 1 PID: 1107 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 121.470033] Modules linked in: [ 121.470335] CPU: 1 PID: 1107 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.471355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.472525] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 121.472999] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 121.474795] RSP: 0018:ffff8880245c7b78 EFLAGS: 00010246 [ 121.475308] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.475953] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 121.476736] RBP: ffff8880245c7b98 R08: ffffed1002c13e3e R09: ffffed1002c13e3e [ 121.477376] R10: ffff88801609f1ef R11: ffffed1002c13e3d R12: ffff88801609f290 [ 121.478023] R13: ffff88801609f0a8 R14: ffffffffffffffff R15: ffff8880245c7c60 [ 121.478828] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.479555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.480092] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 121.480764] PKRU: 55555554 [ 121.481124] Call Trace: [ 121.481357] [ 121.481563] iommufd_ioas_destroy+0x53/0x70 [ 121.481963] iommufd_fops_release+0x1f7/0x370 [ 121.482384] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.482908] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.483452] ? write_comp_data+0x2f/0x90 [ 121.483839] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.484300] __fput+0x26d/0xa40 [ 121.484622] ____fput+0x1e/0x30 [ 121.484927] task_work_run+0x1a4/0x2d0 [ 121.485298] ? __pfx_task_work_run+0x10/0x10 [ 121.485832] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.486284] ? switch_task_namespaces+0xa9/0xe0 [ 121.486753] do_exit+0xb17/0x2ef0 [ 121.487075] ? lock_acquire+0x427/0x4c0 [ 121.487459] ? __pfx_lock_release+0x10/0x10 [ 121.487882] ? __kasan_check_write+0x18/0x20 [ 121.488402] ? do_raw_spin_lock+0x132/0x2a0 [ 121.488799] ? __pfx_do_exit+0x10/0x10 [ 121.489163] ? debug_smp_processor_id+0x20/0x30 [ 121.489598] ? rcu_is_watching+0x19/0xb0 [ 121.489997] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.490559] ? trace_hardirqs_on+0x26/0x120 [ 121.490966] do_group_exit+0xe0/0x2b0 [ 121.491329] __x64_sys_exit_group+0x47/0x50 [ 121.491731] do_syscall_64+0x3b/0x90 [ 121.492086] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.492625] RIP: 0033:0x7f4b87518a4d [ 121.493052] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.493620] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.494312] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.495134] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.495789] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.496433] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.497120] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.497872] [ 121.498091] irq event stamp: 0 [ 121.498377] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.498980] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.499898] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.500655] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.501270] ---[ end trace 0000000000000000 ]--- [ 121.506425] ------------[ cut here ]------------ [ 121.506940] WARNING: CPU: 1 PID: 1108 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.508024] Modules linked in: [ 121.508332] CPU: 1 PID: 1108 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.509115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.510257] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.510763] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.512546] RSP: 0018:ffff8880145cfbb8 EFLAGS: 00010246 [ 121.513083] RAX: 0000000000000000 RBX: ffff88801047d8a8 RCX: 0000000000000000 [ 121.513720] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 121.514389] RBP: ffff8880145cfbd0 R08: ffffed100208fb33 R09: ffffed100208fb33 [ 121.515178] R10: ffff88801047d993 R11: ffffed100208fb32 R12: ffff88801226fc00 [ 121.515822] R13: ffff88801047d9e8 R14: ffffffff8352e670 R15: ffff8880145cfe68 [ 121.516460] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.517324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.517842] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 121.518482] PKRU: 55555554 [ 121.518843] Call Trace: [ 121.519149] [ 121.519374] __iommufd_access_detach+0x1c2/0x2b0 [ 121.519821] iommufd_access_change_pt+0x149/0x270 [ 121.520265] iommufd_access_replace+0xb4/0x120 [ 121.520685] iommufd_test+0x3e5/0x37e0 [ 121.521035] ? lock_release+0x532/0x770 [ 121.521502] ? __might_fault+0x102/0x1b0 [ 121.521904] ? lock_acquire+0x427/0x4c0 [ 121.522282] ? __pfx_iommufd_test+0x10/0x10 [ 121.522698] ? __pfx_lock_release+0x10/0x10 [ 121.523095] ? __pfx_lock_acquire+0x10/0x10 [ 121.523520] ? write_comp_data+0x2f/0x90 [ 121.524001] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.524442] ? write_comp_data+0x2f/0x90 [ 121.524822] iommufd_fops_ioctl+0x37d/0x510 [ 121.525214] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.525740] ? write_comp_data+0x2f/0x90 [ 121.526162] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.526625] __x64_sys_ioctl+0x1a3/0x230 [ 121.527007] do_syscall_64+0x3b/0x90 [ 121.527362] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.527837] RIP: 0033:0x7f4b8743ee5d [ 121.528282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.529955] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.530784] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.531428] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.532066] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.532789] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.533442] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.534083] [ 121.534355] irq event stamp: 0 [ 121.534650] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.535202] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.535918] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.536759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.537299] ---[ end trace 0000000000000000 ]--- [ 121.540362] ------------[ cut here ]------------ [ 121.540858] WARNING: CPU: 1 PID: 1108 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.541731] Modules linked in: [ 121.542009] CPU: 1 PID: 1108 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.542931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.543908] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.544460] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.546024] RSP: 0018:ffff8880145cfbd0 EFLAGS: 00010246 [ 121.546640] RAX: 0000000000000000 RBX: ffff88801047d8a8 RCX: 0000000000000000 [ 121.547263] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 121.547872] RBP: ffff8880145cfbe8 R08: ffffed100208fb33 R09: ffffed100208fb33 [ 121.548609] R10: ffff88801047d993 R11: ffffed100208fb32 R12: ffff88800ae90400 [ 121.549216] R13: ffff88801047d9e8 R14: ffff888012bf7c00 R15: 0000000000000000 [ 121.549826] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.550656] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.551178] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.551789] PKRU: 55555554 [ 121.552039] Call Trace: [ 121.552375] [ 121.552575] iommufd_access_destroy_object+0x65/0x170 [ 121.553024] iommufd_object_destroy_user+0x18e/0x220 [ 121.553465] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 121.554000] iommufd_access_destroy+0x43/0x70 [ 121.554472] iommufd_test_staccess_release+0x8d/0xd0 [ 121.554941] __fput+0x26d/0xa40 [ 121.555256] ____fput+0x1e/0x30 [ 121.555555] task_work_run+0x1a4/0x2d0 [ 121.555905] ? __pfx_task_work_run+0x10/0x10 [ 121.556398] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.556830] ? switch_task_namespaces+0xa9/0xe0 [ 121.557243] do_exit+0xb17/0x2ef0 [ 121.557546] ? lock_acquire+0x427/0x4c0 [ 121.557935] ? __pfx_lock_release+0x10/0x10 [ 121.558393] ? __kasan_check_write+0x18/0x20 [ 121.558798] ? do_raw_spin_lock+0x132/0x2a0 [ 121.559182] ? __pfx_do_exit+0x10/0x10 [ 121.559533] ? debug_smp_processor_id+0x20/0x30 [ 121.559989] ? rcu_is_watching+0x19/0xb0 [ 121.560394] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.560794] ? trace_hardirqs_on+0x26/0x120 [ 121.561179] do_group_exit+0xe0/0x2b0 [ 121.561513] __x64_sys_exit_group+0x47/0x50 [ 121.561934] do_syscall_64+0x3b/0x90 [ 121.562317] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.562792] RIP: 0033:0x7f4b87518a4d [ 121.563124] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.563652] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.564429] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.565085] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.565714] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.566416] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.567048] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.567708] [ 121.567981] irq event stamp: 0 [ 121.568253] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.568795] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.569549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.570353] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.570923] ---[ end trace 0000000000000000 ]--- [ 121.573480] ------------[ cut here ]------------ [ 121.573990] WARNING: CPU: 1 PID: 1108 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 121.574933] Modules linked in: [ 121.575227] CPU: 1 PID: 1108 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.576105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.577066] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 121.577551] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 121.579238] RSP: 0018:ffff8880145cfb78 EFLAGS: 00010246 [ 121.579833] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.580440] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 121.581049] RBP: ffff8880145cfb98 R08: ffffed100208fb3e R09: ffffed100208fb3e [ 121.581786] R10: ffff88801047d9ef R11: ffffed100208fb3d R12: ffff88801047da90 [ 121.582411] R13: ffff88801047d8a8 R14: ffffffffffffffff R15: ffff8880145cfc60 [ 121.583042] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.583889] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.584393] CR2: 00007f82e2ae7000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.585005] PKRU: 55555554 [ 121.585253] Call Trace: [ 121.585546] [ 121.585789] iommufd_ioas_destroy+0x53/0x70 [ 121.586175] iommufd_fops_release+0x1f7/0x370 [ 121.586599] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.587039] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.587594] ? write_comp_data+0x2f/0x90 [ 121.587964] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.588408] __fput+0x26d/0xa40 [ 121.588710] ____fput+0x1e/0x30 [ 121.589008] task_work_run+0x1a4/0x2d0 [ 121.589392] ? __pfx_task_work_run+0x10/0x10 [ 121.589844] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.590282] ? switch_task_namespaces+0xa9/0xe0 [ 121.590723] do_exit+0xb17/0x2ef0 [ 121.591029] ? lock_acquire+0x427/0x4c0 [ 121.591472] ? __pfx_lock_release+0x10/0x10 [ 121.591902] ? __kasan_check_write+0x18/0x20 [ 121.592294] ? do_raw_spin_lock+0x132/0x2a0 [ 121.592672] ? __pfx_do_exit+0x10/0x10 [ 121.593025] ? debug_smp_processor_id+0x20/0x30 [ 121.593506] ? rcu_is_watching+0x19/0xb0 [ 121.593892] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.594290] ? trace_hardirqs_on+0x26/0x120 [ 121.594691] do_group_exit+0xe0/0x2b0 [ 121.595031] __x64_sys_exit_group+0x47/0x50 [ 121.595503] do_syscall_64+0x3b/0x90 [ 121.595870] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.596332] RIP: 0033:0x7f4b87518a4d [ 121.596655] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.597286] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.597989] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.598633] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.599323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.599987] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.600602] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.601294] [ 121.601560] irq event stamp: 0 [ 121.601855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.602427] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.603236] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.603992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.604561] ---[ end trace 0000000000000000 ]--- [ 121.609453] ------------[ cut here ]------------ [ 121.609928] WARNING: CPU: 1 PID: 1109 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.610918] Modules linked in: [ 121.611244] CPU: 1 PID: 1109 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.612182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.613192] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.613787] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.615593] RSP: 0018:ffff8880245c7bb8 EFLAGS: 00010246 [ 121.616137] RAX: 0000000000000000 RBX: ffff88801781b8a8 RCX: 0000000000000000 [ 121.616781] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 121.617430] RBP: ffff8880245c7bd0 R08: ffffed1002f03733 R09: ffffed1002f03733 [ 121.618234] R10: ffff88801781b993 R11: ffffed1002f03732 R12: ffff888013d7b000 [ 121.618910] R13: ffff88801781b9e8 R14: ffffffff8352e670 R15: ffff8880245c7e68 [ 121.619569] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.620384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.620971] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 121.621616] PKRU: 55555554 [ 121.621879] Call Trace: [ 121.622113] [ 121.622358] __iommufd_access_detach+0x1c2/0x2b0 [ 121.622931] iommufd_access_change_pt+0x149/0x270 [ 121.623398] iommufd_access_replace+0xb4/0x120 [ 121.623825] iommufd_test+0x3e5/0x37e0 [ 121.624182] ? lock_release+0x532/0x770 [ 121.624556] ? __might_fault+0x102/0x1b0 [ 121.625078] ? lock_acquire+0x427/0x4c0 [ 121.625452] ? __pfx_iommufd_test+0x10/0x10 [ 121.625844] ? __pfx_lock_release+0x10/0x10 [ 121.626242] ? __pfx_lock_acquire+0x10/0x10 [ 121.626684] ? write_comp_data+0x2f/0x90 [ 121.627227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.627675] ? write_comp_data+0x2f/0x90 [ 121.628054] iommufd_fops_ioctl+0x37d/0x510 [ 121.628460] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.628905] ? write_comp_data+0x2f/0x90 [ 121.629426] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.629917] __x64_sys_ioctl+0x1a3/0x230 [ 121.630298] do_syscall_64+0x3b/0x90 [ 121.630676] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.631163] RIP: 0033:0x7f4b8743ee5d [ 121.631500] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.633285] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.634111] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.634785] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.635438] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.636172] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.636867] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.637521] [ 121.637734] irq event stamp: 0 [ 121.638109] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.638757] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.639531] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.640318] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.640999] ---[ end trace 0000000000000000 ]--- [ 121.644342] ------------[ cut here ]------------ [ 121.644876] WARNING: CPU: 1 PID: 1109 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.645861] Modules linked in: [ 121.646157] CPU: 1 PID: 1109 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.647069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.648119] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.648572] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.650354] RSP: 0018:ffff8880245c7bd0 EFLAGS: 00010246 [ 121.650872] RAX: 0000000000000000 RBX: ffff88801781b8a8 RCX: 0000000000000000 [ 121.651657] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 121.652306] RBP: ffff8880245c7be8 R08: ffffed1002f03733 R09: ffffed1002f03733 [ 121.652959] R10: ffff88801781b993 R11: ffffed1002f03732 R12: ffff88801226f800 [ 121.653752] R13: ffff88801781b9e8 R14: ffff88800fa31b00 R15: 0000000000000000 [ 121.654427] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.655222] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.655771] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.656574] PKRU: 55555554 [ 121.656839] Call Trace: [ 121.657083] [ 121.657299] iommufd_access_destroy_object+0x65/0x170 [ 121.657789] iommufd_object_destroy_user+0x18e/0x220 [ 121.658407] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 121.658984] iommufd_access_destroy+0x43/0x70 [ 121.659424] iommufd_test_staccess_release+0x8d/0xd0 [ 121.659914] __fput+0x26d/0xa40 [ 121.660243] ____fput+0x1e/0x30 [ 121.660680] task_work_run+0x1a4/0x2d0 [ 121.661104] ? __pfx_task_work_run+0x10/0x10 [ 121.661528] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.661992] ? switch_task_namespaces+0xa9/0xe0 [ 121.662490] do_exit+0xb17/0x2ef0 [ 121.662925] ? lock_acquire+0x427/0x4c0 [ 121.663332] ? __pfx_lock_release+0x10/0x10 [ 121.663746] ? __kasan_check_write+0x18/0x20 [ 121.664168] ? do_raw_spin_lock+0x132/0x2a0 [ 121.664575] ? __pfx_do_exit+0x10/0x10 [ 121.665057] ? debug_smp_processor_id+0x20/0x30 [ 121.665564] ? rcu_is_watching+0x19/0xb0 [ 121.665956] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.666387] ? trace_hardirqs_on+0x26/0x120 [ 121.666837] do_group_exit+0xe0/0x2b0 [ 121.667216] __x64_sys_exit_group+0x47/0x50 [ 121.667765] do_syscall_64+0x3b/0x90 [ 121.668125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.668620] RIP: 0033:0x7f4b87518a4d [ 121.668970] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.669592] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.670360] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.671055] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.671734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.672543] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.673202] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.673874] [ 121.674142] irq event stamp: 0 [ 121.674541] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.675150] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.675949] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.676903] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.677508] ---[ end trace 0000000000000000 ]--- [ 121.678358] ------------[ cut here ]------------ [ 121.679010] WARNING: CPU: 1 PID: 1109 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 121.680013] Modules linked in: [ 121.680320] CPU: 1 PID: 1109 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.681203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.682312] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 121.682830] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 121.684699] RSP: 0018:ffff8880245c7b78 EFLAGS: 00010246 [ 121.685207] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.686004] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 121.686696] RBP: ffff8880245c7b98 R08: ffffed1002f0373e R09: ffffed1002f0373e [ 121.687383] R10: ffff88801781b9ef R11: ffffed1002f0373d R12: ffff88801781ba90 [ 121.688059] R13: ffff88801781b8a8 R14: ffffffffffffffff R15: ffff8880245c7c60 [ 121.688863] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.689612] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.690160] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.690981] PKRU: 55555554 [ 121.691260] Call Trace: [ 121.691499] [ 121.691715] iommufd_ioas_destroy+0x53/0x70 [ 121.692127] iommufd_fops_release+0x1f7/0x370 [ 121.692572] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.693206] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.693689] ? write_comp_data+0x2f/0x90 [ 121.694085] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.694593] __fput+0x26d/0xa40 [ 121.695054] ____fput+0x1e/0x30 [ 121.695393] task_work_run+0x1a4/0x2d0 [ 121.695774] ? __pfx_task_work_run+0x10/0x10 [ 121.696197] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.696666] ? switch_task_namespaces+0xa9/0xe0 [ 121.697117] do_exit+0xb17/0x2ef0 [ 121.697490] ? lock_acquire+0x427/0x4c0 [ 121.697961] ? __pfx_lock_release+0x10/0x10 [ 121.698377] ? __kasan_check_write+0x18/0x20 [ 121.698847] ? do_raw_spin_lock+0x132/0x2a0 [ 121.699267] ? __pfx_do_exit+0x10/0x10 [ 121.699642] ? debug_smp_processor_id+0x20/0x30 [ 121.700178] ? rcu_is_watching+0x19/0xb0 [ 121.700626] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.701062] ? trace_hardirqs_on+0x26/0x120 [ 121.701479] do_group_exit+0xe0/0x2b0 [ 121.701851] __x64_sys_exit_group+0x47/0x50 [ 121.702353] do_syscall_64+0x3b/0x90 [ 121.702801] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.703312] RIP: 0033:0x7f4b87518a4d [ 121.703666] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.704242] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.705098] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.705765] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.706442] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.707294] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.707968] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.708658] [ 121.708879] irq event stamp: 0 [ 121.709221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.709907] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.710719] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.711563] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.712262] ---[ end trace 0000000000000000 ]--- [ 121.717304] ------------[ cut here ]------------ [ 121.717855] WARNING: CPU: 1 PID: 1110 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.718964] Modules linked in: [ 121.719282] CPU: 1 PID: 1110 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.720096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.721279] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.721747] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.723618] RSP: 0018:ffff8880145cfbb8 EFLAGS: 00010246 [ 121.724119] RAX: 0000000000000000 RBX: ffff88801587c0a8 RCX: 0000000000000000 [ 121.724837] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 121.725617] RBP: ffff8880145cfbd0 R08: ffffed1002b0f833 R09: ffffed1002b0f833 [ 121.726287] R10: ffff88801587c193 R11: ffffed1002b0f832 R12: ffff88800a726000 [ 121.727059] R13: ffff88801587c1e8 R14: ffffffff8352e670 R15: ffff8880145cfe68 [ 121.727799] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.728542] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.729088] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 121.729893] PKRU: 55555554 [ 121.730159] Call Trace: [ 121.730400] [ 121.730648] __iommufd_access_detach+0x1c2/0x2b0 [ 121.731119] iommufd_access_change_pt+0x149/0x270 [ 121.731588] iommufd_access_replace+0xb4/0x120 [ 121.732171] iommufd_test+0x3e5/0x37e0 [ 121.732545] ? lock_release+0x532/0x770 [ 121.732937] ? __might_fault+0x102/0x1b0 [ 121.733325] ? lock_acquire+0x427/0x4c0 [ 121.733731] ? __pfx_iommufd_test+0x10/0x10 [ 121.734248] ? __pfx_lock_release+0x10/0x10 [ 121.734698] ? __pfx_lock_acquire+0x10/0x10 [ 121.735125] ? write_comp_data+0x2f/0x90 [ 121.735525] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.735993] ? write_comp_data+0x2f/0x90 [ 121.736477] iommufd_fops_ioctl+0x37d/0x510 [ 121.736937] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.737402] ? write_comp_data+0x2f/0x90 [ 121.737797] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.738276] __x64_sys_ioctl+0x1a3/0x230 [ 121.738809] do_syscall_64+0x3b/0x90 [ 121.739191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.739685] RIP: 0033:0x7f4b8743ee5d [ 121.740036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.741888] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.742631] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.743435] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.744097] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.744758] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.745567] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.746239] [ 121.746461] irq event stamp: 0 [ 121.746781] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.747390] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.748340] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.749120] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.749710] ---[ end trace 0000000000000000 ]--- [ 121.753156] ------------[ cut here ]------------ [ 121.753621] WARNING: CPU: 1 PID: 1110 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.754665] Modules linked in: [ 121.755020] CPU: 1 PID: 1110 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.755817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.756876] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.757443] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.759301] RSP: 0018:ffff8880145cfbd0 EFLAGS: 00010246 [ 121.759801] RAX: 0000000000000000 RBX: ffff88801587c0a8 RCX: 0000000000000000 [ 121.760445] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 121.761139] RBP: ffff8880145cfbe8 R08: ffffed1002b0f833 R09: ffffed1002b0f833 [ 121.761874] R10: ffff88801587c193 R11: ffffed1002b0f832 R12: ffff888013d79c00 [ 121.762550] R13: ffff88801587c1e8 R14: ffff88800ef8aa00 R15: 0000000000000000 [ 121.763214] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.764091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.764617] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.765266] PKRU: 55555554 [ 121.765567] Call Trace: [ 121.765881] [ 121.766092] iommufd_access_destroy_object+0x65/0x170 [ 121.766599] iommufd_object_destroy_user+0x18e/0x220 [ 121.767069] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 121.767622] iommufd_access_destroy+0x43/0x70 [ 121.768146] iommufd_test_staccess_release+0x8d/0xd0 [ 121.768678] __fput+0x26d/0xa40 [ 121.768996] ____fput+0x1e/0x30 [ 121.769315] task_work_run+0x1a4/0x2d0 [ 121.769687] ? __pfx_task_work_run+0x10/0x10 [ 121.770173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.770710] ? switch_task_namespaces+0xa9/0xe0 [ 121.771162] do_exit+0xb17/0x2ef0 [ 121.771481] ? lock_acquire+0x427/0x4c0 [ 121.771857] ? __pfx_lock_release+0x10/0x10 [ 121.772258] ? __kasan_check_write+0x18/0x20 [ 121.772813] ? do_raw_spin_lock+0x132/0x2a0 [ 121.773217] ? __pfx_do_exit+0x10/0x10 [ 121.773585] ? debug_smp_processor_id+0x20/0x30 [ 121.774014] ? rcu_is_watching+0x19/0xb0 [ 121.774389] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.774978] ? trace_hardirqs_on+0x26/0x120 [ 121.775419] do_group_exit+0xe0/0x2b0 [ 121.775769] __x64_sys_exit_group+0x47/0x50 [ 121.776161] do_syscall_64+0x3b/0x90 [ 121.776518] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.777032] RIP: 0033:0x7f4b87518a4d [ 121.777480] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.778032] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.778749] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.779429] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.780174] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.780817] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.781501] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.782248] [ 121.782465] irq event stamp: 0 [ 121.782783] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.783366] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.784247] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.785001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.785577] ---[ end trace 0000000000000000 ]--- [ 121.786495] ------------[ cut here ]------------ [ 121.786974] WARNING: CPU: 1 PID: 1110 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 121.787940] Modules linked in: [ 121.788258] CPU: 1 PID: 1110 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.789205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.790226] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 121.790852] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 121.792503] RSP: 0018:ffff8880145cfb78 EFLAGS: 00010246 [ 121.793136] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.793777] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 121.794416] RBP: ffff8880145cfb98 R08: ffffed1002b0f83e R09: ffffed1002b0f83e [ 121.795225] R10: ffff88801587c1ef R11: ffffed1002b0f83d R12: ffff88801587c290 [ 121.795873] R13: ffff88801587c0a8 R14: ffffffffffffffff R15: ffff8880145cfc60 [ 121.796513] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.797328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.797911] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.798580] PKRU: 55555554 [ 121.798838] Call Trace: [ 121.799070] [ 121.799282] iommufd_ioas_destroy+0x53/0x70 [ 121.799826] iommufd_fops_release+0x1f7/0x370 [ 121.800243] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.800706] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.801156] ? write_comp_data+0x2f/0x90 [ 121.801619] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.802129] __fput+0x26d/0xa40 [ 121.802446] ____fput+0x1e/0x30 [ 121.802785] task_work_run+0x1a4/0x2d0 [ 121.803167] ? __pfx_task_work_run+0x10/0x10 [ 121.803576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.804096] ? switch_task_namespaces+0xa9/0xe0 [ 121.804585] do_exit+0xb17/0x2ef0 [ 121.804901] ? lock_acquire+0x427/0x4c0 [ 121.805276] ? __pfx_lock_release+0x10/0x10 [ 121.805677] ? __kasan_check_write+0x18/0x20 [ 121.806151] ? do_raw_spin_lock+0x132/0x2a0 [ 121.806629] ? __pfx_do_exit+0x10/0x10 [ 121.806999] ? debug_smp_processor_id+0x20/0x30 [ 121.807451] ? rcu_is_watching+0x19/0xb0 [ 121.807825] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.808248] ? trace_hardirqs_on+0x26/0x120 [ 121.808739] do_group_exit+0xe0/0x2b0 [ 121.809153] __x64_sys_exit_group+0x47/0x50 [ 121.809549] do_syscall_64+0x3b/0x90 [ 121.809902] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.810382] RIP: 0033:0x7f4b87518a4d [ 121.810868] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.811441] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.812136] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.812807] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.813635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.814293] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.814982] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.815735] [ 121.816014] irq event stamp: 0 [ 121.816303] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.816884] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.817693] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.818593] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.819195] ---[ end trace 0000000000000000 ]--- [ 121.824159] ------------[ cut here ]------------ [ 121.824720] WARNING: CPU: 1 PID: 1111 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.825662] Modules linked in: [ 121.825966] CPU: 1 PID: 1111 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.827024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.828100] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.828577] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.830431] RSP: 0018:ffff8880245c7bb8 EFLAGS: 00010246 [ 121.831073] RAX: 0000000000000000 RBX: ffff888011c270a8 RCX: 0000000000000000 [ 121.831858] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 121.832660] RBP: ffff8880245c7bd0 R08: ffffed1002384e33 R09: ffffed1002384e33 [ 121.833322] R10: ffff888011c27193 R11: ffffed1002384e32 R12: ffff888012e90800 [ 121.834015] R13: ffff888011c271e8 R14: ffffffff8352e670 R15: ffff8880245c7e68 [ 121.834823] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.835601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.836152] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 121.836979] PKRU: 55555554 [ 121.837250] Call Trace: [ 121.837494] [ 121.837711] __iommufd_access_detach+0x1c2/0x2b0 [ 121.838181] iommufd_access_change_pt+0x149/0x270 [ 121.838762] iommufd_access_replace+0xb4/0x120 [ 121.839283] iommufd_test+0x3e5/0x37e0 [ 121.839662] ? lock_release+0x532/0x770 [ 121.840052] ? __might_fault+0x102/0x1b0 [ 121.840447] ? lock_acquire+0x427/0x4c0 [ 121.840842] ? __pfx_iommufd_test+0x10/0x10 [ 121.841380] ? __pfx_lock_release+0x10/0x10 [ 121.841829] ? __pfx_lock_acquire+0x10/0x10 [ 121.842292] ? write_comp_data+0x2f/0x90 [ 121.842763] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.843290] ? write_comp_data+0x2f/0x90 [ 121.843774] iommufd_fops_ioctl+0x37d/0x510 [ 121.844345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.844852] ? write_comp_data+0x2f/0x90 [ 121.845288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.845790] __x64_sys_ioctl+0x1a3/0x230 [ 121.846374] do_syscall_64+0x3b/0x90 [ 121.846808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.847369] RIP: 0033:0x7f4b8743ee5d [ 121.847759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.849822] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.850654] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.851478] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.852306] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.853089] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.853991] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.854774] [ 121.855023] irq event stamp: 0 [ 121.855369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.856023] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.857069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.857932] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.858715] ---[ end trace 0000000000000000 ]--- [ 121.862324] ------------[ cut here ]------------ [ 121.862896] WARNING: CPU: 1 PID: 1111 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.863992] Modules linked in: [ 121.864477] CPU: 1 PID: 1111 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.865369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.866733] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.867267] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.869313] RSP: 0018:ffff8880245c7bd0 EFLAGS: 00010246 [ 121.869869] RAX: 0000000000000000 RBX: ffff888011c270a8 RCX: 0000000000000000 [ 121.870639] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 121.871444] RBP: ffff8880245c7be8 R08: ffffed1002384e33 R09: ffffed1002384e33 [ 121.872334] R10: ffff888011c27193 R11: ffffed1002384e32 R12: ffff88800a724000 [ 121.873065] R13: ffff888011c271e8 R14: ffff888020a42500 R15: 0000000000000000 [ 121.873853] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.874843] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.875487] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.876238] PKRU: 55555554 [ 121.876597] Call Trace: [ 121.876982] [ 121.877221] iommufd_access_destroy_object+0x65/0x170 [ 121.877775] iommufd_object_destroy_user+0x18e/0x220 [ 121.878308] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 121.879026] iommufd_access_destroy+0x43/0x70 [ 121.879598] iommufd_test_staccess_release+0x8d/0xd0 [ 121.880147] __fput+0x26d/0xa40 [ 121.880514] ____fput+0x1e/0x30 [ 121.880882] task_work_run+0x1a4/0x2d0 [ 121.881306] ? __pfx_task_work_run+0x10/0x10 [ 121.881856] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.882455] ? switch_task_namespaces+0xa9/0xe0 [ 121.882998] do_exit+0xb17/0x2ef0 [ 121.883388] ? lock_acquire+0x427/0x4c0 [ 121.883826] ? __pfx_lock_release+0x10/0x10 [ 121.884292] ? __kasan_check_write+0x18/0x20 [ 121.885046] ? do_raw_spin_lock+0x132/0x2a0 [ 121.885522] ? __pfx_do_exit+0x10/0x10 [ 121.885952] ? debug_smp_processor_id+0x20/0x30 [ 121.886440] ? rcu_is_watching+0x19/0xb0 [ 121.886901] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.887587] ? trace_hardirqs_on+0x26/0x120 [ 121.888052] do_group_exit+0xe0/0x2b0 [ 121.888455] __x64_sys_exit_group+0x47/0x50 [ 121.888914] do_syscall_64+0x3b/0x90 [ 121.889316] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.889928] RIP: 0033:0x7f4b87518a4d [ 121.890440] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.891109] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.891927] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.892802] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.893661] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.894402] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.895384] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.896151] [ 121.896395] irq event stamp: 0 [ 121.896730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.897397] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.898482] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.899400] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.900054] ---[ end trace 0000000000000000 ]--- [ 121.901191] ------------[ cut here ]------------ [ 121.901703] WARNING: CPU: 1 PID: 1111 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 121.902996] Modules linked in: [ 121.903385] CPU: 1 PID: 1111 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.904302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.905528] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 121.906193] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 121.908346] RSP: 0018:ffff8880245c7b78 EFLAGS: 00010246 [ 121.908918] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 121.909651] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 121.910391] RBP: ffff8880245c7b98 R08: ffffed1002384e3e R09: ffffed1002384e3e [ 121.911370] R10: ffff888011c271ef R11: ffffed1002384e3d R12: ffff888011c27290 [ 121.912113] R13: ffff888011c270a8 R14: ffffffffffffffff R15: ffff8880245c7c60 [ 121.912867] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.913914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.914552] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.915316] PKRU: 55555554 [ 121.915617] Call Trace: [ 121.915932] [ 121.916312] iommufd_ioas_destroy+0x53/0x70 [ 121.916778] iommufd_fops_release+0x1f7/0x370 [ 121.917313] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.917845] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.918563] ? write_comp_data+0x2f/0x90 [ 121.919017] ? __pfx_iommufd_fops_release+0x10/0x10 [ 121.919580] __fput+0x26d/0xa40 [ 121.919958] ____fput+0x1e/0x30 [ 121.920319] task_work_run+0x1a4/0x2d0 [ 121.920741] ? __pfx_task_work_run+0x10/0x10 [ 121.921410] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.921938] ? switch_task_namespaces+0xa9/0xe0 [ 121.922446] do_exit+0xb17/0x2ef0 [ 121.922863] ? lock_acquire+0x427/0x4c0 [ 121.923318] ? __pfx_lock_release+0x10/0x10 [ 121.923780] ? __kasan_check_write+0x18/0x20 [ 121.924371] ? do_raw_spin_lock+0x132/0x2a0 [ 121.924921] ? __pfx_do_exit+0x10/0x10 [ 121.925342] ? debug_smp_processor_id+0x20/0x30 [ 121.925840] ? rcu_is_watching+0x19/0xb0 [ 121.926282] ? _raw_spin_unlock_irq+0x2b/0x60 [ 121.926986] ? trace_hardirqs_on+0x26/0x120 [ 121.927470] do_group_exit+0xe0/0x2b0 [ 121.927879] __x64_sys_exit_group+0x47/0x50 [ 121.928328] do_syscall_64+0x3b/0x90 [ 121.928731] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.929277] RIP: 0033:0x7f4b87518a4d [ 121.929876] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 121.930551] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 121.931344] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 121.932119] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 121.933027] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 121.933782] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 121.934621] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 121.935506] [ 121.935751] irq event stamp: 0 [ 121.936081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.936744] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.937841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.938771] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.939451] ---[ end trace 0000000000000000 ]--- [ 121.944838] ------------[ cut here ]------------ [ 121.945393] WARNING: CPU: 1 PID: 1112 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.946435] Modules linked in: [ 121.947053] CPU: 1 PID: 1112 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.947998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.949224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.949943] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.951927] RSP: 0018:ffff8880145cfbb8 EFLAGS: 00010246 [ 121.952602] RAX: 0000000000000000 RBX: ffff88800cb960a8 RCX: 0000000000000000 [ 121.953337] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 121.954074] RBP: ffff8880145cfbd0 R08: ffffed1001972c33 R09: ffffed1001972c33 [ 121.955036] R10: ffff88800cb96193 R11: ffffed1001972c32 R12: ffff8880129c6400 [ 121.955808] R13: ffff88800cb961e8 R14: ffffffff8352e670 R15: ffff8880145cfe68 [ 121.956563] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.957598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.958210] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 121.959000] PKRU: 55555554 [ 121.959328] Call Trace: [ 121.959601] [ 121.959838] __iommufd_access_detach+0x1c2/0x2b0 [ 121.960531] iommufd_access_change_pt+0x149/0x270 [ 121.961048] iommufd_access_replace+0xb4/0x120 [ 121.961537] iommufd_test+0x3e5/0x37e0 [ 121.961949] ? lock_release+0x532/0x770 [ 121.962483] ? __might_fault+0x102/0x1b0 [ 121.962988] ? lock_acquire+0x427/0x4c0 [ 121.963432] ? __pfx_iommufd_test+0x10/0x10 [ 121.963886] ? __pfx_lock_release+0x10/0x10 [ 121.964352] ? __pfx_lock_acquire+0x10/0x10 [ 121.964826] ? write_comp_data+0x2f/0x90 [ 121.965477] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 121.966000] ? write_comp_data+0x2f/0x90 [ 121.966442] iommufd_fops_ioctl+0x37d/0x510 [ 121.966948] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.967491] ? write_comp_data+0x2f/0x90 [ 121.968006] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 121.968590] __x64_sys_ioctl+0x1a3/0x230 [ 121.969035] do_syscall_64+0x3b/0x90 [ 121.969446] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 121.970001] RIP: 0033:0x7f4b8743ee5d [ 121.970553] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 121.972476] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 121.973471] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 121.974220] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 121.975010] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 121.975886] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 121.976709] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 121.977461] [ 121.977707] irq event stamp: 0 [ 121.978085] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 121.978885] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 121.979778] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 121.980693] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 121.981504] ---[ end trace 0000000000000000 ]--- [ 121.985069] ------------[ cut here ]------------ [ 121.985621] WARNING: CPU: 1 PID: 1112 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 121.986962] Modules linked in: [ 121.987323] CPU: 1 PID: 1112 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 121.988317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 121.989724] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 121.990244] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 121.992433] RSP: 0018:ffff8880145cfbd0 EFLAGS: 00010246 [ 121.993001] RAX: 0000000000000000 RBX: ffff88800cb960a8 RCX: 0000000000000000 [ 121.993990] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 121.994759] RBP: ffff8880145cfbe8 R08: ffffed1001972c33 R09: ffffed1001972c33 [ 121.995511] R10: ffff88800cb96193 R11: ffffed1001972c32 R12: ffff888012e91800 [ 121.996317] R13: ffff88800cb961e8 R14: ffff888012ce7800 R15: 0000000000000000 [ 121.997226] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 121.998071] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.998850] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 121.999746] PKRU: 55555554 [ 122.000049] Call Trace: [ 122.000317] [ 122.000557] iommufd_access_destroy_object+0x65/0x170 [ 122.001101] iommufd_object_destroy_user+0x18e/0x220 [ 122.001861] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.002465] iommufd_access_destroy+0x43/0x70 [ 122.002980] iommufd_test_staccess_release+0x8d/0xd0 [ 122.003541] __fput+0x26d/0xa40 [ 122.003915] ____fput+0x1e/0x30 [ 122.004346] task_work_run+0x1a4/0x2d0 [ 122.004881] ? __pfx_task_work_run+0x10/0x10 [ 122.005350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.005868] ? switch_task_namespaces+0xa9/0xe0 [ 122.006371] do_exit+0xb17/0x2ef0 [ 122.006964] ? lock_acquire+0x427/0x4c0 [ 122.007412] ? __pfx_lock_release+0x10/0x10 [ 122.007881] ? __kasan_check_write+0x18/0x20 [ 122.008352] ? do_raw_spin_lock+0x132/0x2a0 [ 122.008813] ? __pfx_do_exit+0x10/0x10 [ 122.009258] ? debug_smp_processor_id+0x20/0x30 [ 122.009949] ? rcu_is_watching+0x19/0xb0 [ 122.010381] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.010901] ? trace_hardirqs_on+0x26/0x120 [ 122.011374] do_group_exit+0xe0/0x2b0 [ 122.011779] __x64_sys_exit_group+0x47/0x50 [ 122.012342] do_syscall_64+0x3b/0x90 [ 122.012828] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.013416] RIP: 0033:0x7f4b87518a4d [ 122.013806] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.014484] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.015430] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.016172] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.016916] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.017894] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.018669] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.019448] [ 122.019693] irq event stamp: 0 [ 122.020217] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.020881] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.021747] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.022856] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.023536] ---[ end trace 0000000000000000 ]--- [ 122.024610] ------------[ cut here ]------------ [ 122.025353] WARNING: CPU: 1 PID: 1112 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.026415] Modules linked in: [ 122.026791] CPU: 1 PID: 1112 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.027817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.029074] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.029620] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.031786] RSP: 0018:ffff8880145cfb78 EFLAGS: 00010246 [ 122.032357] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.033334] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 122.034070] RBP: ffff8880145cfb98 R08: ffffed1001972c3e R09: ffffed1001972c3e [ 122.034843] R10: ffff88800cb961ef R11: ffffed1001972c3d R12: ffff88800cb96290 [ 122.035796] R13: ffff88800cb960a8 R14: ffffffffffffffff R15: ffff8880145cfc60 [ 122.036556] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.037387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.038168] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 122.038936] PKRU: 55555554 [ 122.039255] Call Trace: [ 122.039523] [ 122.039759] iommufd_ioas_destroy+0x53/0x70 [ 122.040267] iommufd_fops_release+0x1f7/0x370 [ 122.040916] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.041443] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.041959] ? write_comp_data+0x2f/0x90 [ 122.042397] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.043163] __fput+0x26d/0xa40 [ 122.043533] ____fput+0x1e/0x30 [ 122.043887] task_work_run+0x1a4/0x2d0 [ 122.044297] ? __pfx_task_work_run+0x10/0x10 [ 122.044759] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.045344] ? switch_task_namespaces+0xa9/0xe0 [ 122.046019] do_exit+0xb17/0x2ef0 [ 122.046383] ? lock_acquire+0x427/0x4c0 [ 122.046846] ? __pfx_lock_release+0x10/0x10 [ 122.047320] ? __kasan_check_write+0x18/0x20 [ 122.047794] ? do_raw_spin_lock+0x132/0x2a0 [ 122.048373] ? __pfx_do_exit+0x10/0x10 [ 122.048898] ? debug_smp_processor_id+0x20/0x30 [ 122.049393] ? rcu_is_watching+0x19/0xb0 [ 122.049832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.050325] ? trace_hardirqs_on+0x26/0x120 [ 122.051033] do_group_exit+0xe0/0x2b0 [ 122.051462] __x64_sys_exit_group+0x47/0x50 [ 122.051916] do_syscall_64+0x3b/0x90 [ 122.052316] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.052884] RIP: 0033:0x7f4b87518a4d [ 122.053334] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.054133] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.054966] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.055721] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.056692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.057428] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.058167] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.059191] [ 122.059440] irq event stamp: 0 [ 122.059773] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.060435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.061431] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.062390] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.063138] ---[ end trace 0000000000000000 ]--- [ 122.068687] ------------[ cut here ]------------ [ 122.069265] WARNING: CPU: 1 PID: 1113 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.070310] Modules linked in: [ 122.070699] CPU: 1 PID: 1113 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.071858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.073027] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.073549] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.075694] RSP: 0018:ffff8880245c7bb8 EFLAGS: 00010246 [ 122.076268] RAX: 0000000000000000 RBX: ffff888023e610a8 RCX: 0000000000000000 [ 122.077288] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 122.078019] RBP: ffff8880245c7bd0 R08: ffffed10047cc233 R09: ffffed10047cc233 [ 122.078784] R10: ffff888023e61193 R11: ffffed10047cc232 R12: ffff888020ec2800 [ 122.079749] R13: ffff888023e611e8 R14: ffffffff8352e670 R15: ffff8880245c7e68 [ 122.080491] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.081322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.082124] CR2: 00007f4b877410e8 CR3: 000000001416e000 CR4: 0000000000750ee0 [ 122.082901] PKRU: 55555554 [ 122.083213] Call Trace: [ 122.083479] [ 122.083711] __iommufd_access_detach+0x1c2/0x2b0 [ 122.084249] iommufd_access_change_pt+0x149/0x270 [ 122.084943] iommufd_access_replace+0xb4/0x120 [ 122.085433] iommufd_test+0x3e5/0x37e0 [ 122.085843] ? lock_release+0x532/0x770 [ 122.086273] ? __might_fault+0x102/0x1b0 [ 122.086785] ? lock_acquire+0x427/0x4c0 [ 122.087315] ? __pfx_iommufd_test+0x10/0x10 [ 122.087780] ? __pfx_lock_release+0x10/0x10 [ 122.088246] ? __pfx_lock_acquire+0x10/0x10 [ 122.088718] ? write_comp_data+0x2f/0x90 [ 122.089152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.089807] ? write_comp_data+0x2f/0x90 [ 122.090350] iommufd_fops_ioctl+0x37d/0x510 [ 122.090843] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.091377] ? write_comp_data+0x2f/0x90 [ 122.091823] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.092336] __x64_sys_ioctl+0x1a3/0x230 [ 122.092987] do_syscall_64+0x3b/0x90 [ 122.093392] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.093941] RIP: 0033:0x7f4b8743ee5d [ 122.094337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.096540] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.097359] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.098292] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.099062] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.099819] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.100617] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.101483] [ 122.101731] irq event stamp: 0 [ 122.102065] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.102761] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.103879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.104748] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.105406] ---[ end trace 0000000000000000 ]--- [ 122.108934] ------------[ cut here ]------------ [ 122.109481] WARNING: CPU: 1 PID: 1113 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.110623] Modules linked in: [ 122.111028] CPU: 1 PID: 1113 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.112088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.113287] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.113948] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.116051] RSP: 0018:ffff8880245c7bd0 EFLAGS: 00010246 [ 122.116618] RAX: 0000000000000000 RBX: ffff888023e610a8 RCX: 0000000000000000 [ 122.117365] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 122.118100] RBP: ffff8880245c7be8 R08: ffffed10047cc233 R09: ffffed10047cc233 [ 122.119067] R10: ffff888023e61193 R11: ffffed10047cc232 R12: ffff8880129c5400 [ 122.119817] R13: ffff888023e611e8 R14: ffff888011f0ba00 R15: 0000000000000000 [ 122.120554] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.121588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.122193] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.122961] PKRU: 55555554 [ 122.123266] Call Trace: [ 122.123536] [ 122.123778] iommufd_access_destroy_object+0x65/0x170 [ 122.124494] iommufd_object_destroy_user+0x18e/0x220 [ 122.125032] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.125642] iommufd_access_destroy+0x43/0x70 [ 122.126129] iommufd_test_staccess_release+0x8d/0xd0 [ 122.126996] __fput+0x26d/0xa40 [ 122.127389] ____fput+0x1e/0x30 [ 122.127746] task_work_run+0x1a4/0x2d0 [ 122.128162] ? __pfx_task_work_run+0x10/0x10 [ 122.128653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.129320] ? switch_task_namespaces+0xa9/0xe0 [ 122.129827] do_exit+0xb17/0x2ef0 [ 122.130196] ? lock_acquire+0x427/0x4c0 [ 122.130659] ? __pfx_lock_release+0x10/0x10 [ 122.131180] ? __kasan_check_write+0x18/0x20 [ 122.131784] ? do_raw_spin_lock+0x132/0x2a0 [ 122.132242] ? __pfx_do_exit+0x10/0x10 [ 122.132659] ? debug_smp_processor_id+0x20/0x30 [ 122.133148] ? rcu_is_watching+0x19/0xb0 [ 122.133651] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.134226] ? trace_hardirqs_on+0x26/0x120 [ 122.134721] do_group_exit+0xe0/0x2b0 [ 122.135132] __x64_sys_exit_group+0x47/0x50 [ 122.135588] do_syscall_64+0x3b/0x90 [ 122.136054] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.136724] RIP: 0033:0x7f4b87518a4d [ 122.137115] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.137756] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.138756] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.139497] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.140227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.141206] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.141951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.142726] [ 122.142971] irq event stamp: 0 [ 122.143508] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.144177] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.145041] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.146125] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.146832] ---[ end trace 0000000000000000 ]--- [ 122.149168] ------------[ cut here ]------------ [ 122.149694] WARNING: CPU: 1 PID: 1113 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.151039] Modules linked in: [ 122.151394] CPU: 1 PID: 1113 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.152301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.153713] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.154255] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.156421] RSP: 0018:ffff8880245c7b78 EFLAGS: 00010246 [ 122.156982] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.157833] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 122.158690] RBP: ffff8880245c7b98 R08: ffffed10047cc23e R09: ffffed10047cc23e [ 122.159440] R10: ffff888023e611ef R11: ffffed10047cc23d R12: ffff888023e61290 [ 122.160280] R13: ffff888023e610a8 R14: ffffffffffffffff R15: ffff8880245c7c60 [ 122.161120] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.161973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.162713] CR2: 00007f82e2b1a000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 122.163562] PKRU: 55555554 [ 122.163859] Call Trace: [ 122.164134] [ 122.164374] iommufd_ioas_destroy+0x53/0x70 [ 122.164886] iommufd_fops_release+0x1f7/0x370 [ 122.165496] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.166025] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.166577] ? write_comp_data+0x2f/0x90 [ 122.167014] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.167768] __fput+0x26d/0xa40 [ 122.168131] ____fput+0x1e/0x30 [ 122.168488] task_work_run+0x1a4/0x2d0 [ 122.168908] ? __pfx_task_work_run+0x10/0x10 [ 122.169376] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.170130] ? switch_task_namespaces+0xa9/0xe0 [ 122.170656] do_exit+0xb17/0x2ef0 [ 122.171023] ? lock_acquire+0x427/0x4c0 [ 122.171469] ? __pfx_lock_release+0x10/0x10 [ 122.171926] ? __kasan_check_write+0x18/0x20 [ 122.172626] ? do_raw_spin_lock+0x132/0x2a0 [ 122.173135] ? __pfx_do_exit+0x10/0x10 [ 122.173558] ? debug_smp_processor_id+0x20/0x30 [ 122.174052] ? rcu_is_watching+0x19/0xb0 [ 122.174489] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.175209] ? trace_hardirqs_on+0x26/0x120 [ 122.175682] do_group_exit+0xe0/0x2b0 [ 122.176088] __x64_sys_exit_group+0x47/0x50 [ 122.176541] do_syscall_64+0x3b/0x90 [ 122.176992] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.177698] RIP: 0033:0x7f4b87518a4d [ 122.178094] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.178757] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.179777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.180515] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.181253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.182215] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.182976] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.183737] [ 122.184010] irq event stamp: 0 [ 122.184516] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.185171] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.186037] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.187138] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.187796] ---[ end trace 0000000000000000 ]--- [ 122.195062] ------------[ cut here ]------------ [ 122.195625] WARNING: CPU: 1 PID: 1114 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.196917] Modules linked in: [ 122.197247] CPU: 1 PID: 1114 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.198136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.199603] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.200122] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.202169] RSP: 0018:ffff88802089fbb8 EFLAGS: 00010246 [ 122.202738] RAX: 0000000000000000 RBX: ffff888011e7c8a8 RCX: 0000000000000000 [ 122.203681] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 122.204415] RBP: ffff88802089fbd0 R08: ffffed10023cf933 R09: ffffed10023cf933 [ 122.205204] R10: ffff888011e7c993 R11: ffffed10023cf932 R12: ffff888013cc7800 [ 122.206125] R13: ffff888011e7c9e8 R14: ffffffff8352e670 R15: ffff88802089fe68 [ 122.206904] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.207744] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.208481] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ee0 [ 122.209302] PKRU: 55555554 [ 122.209605] Call Trace: [ 122.209877] [ 122.210113] __iommufd_access_detach+0x1c2/0x2b0 [ 122.210694] iommufd_access_change_pt+0x149/0x270 [ 122.211310] iommufd_access_replace+0xb4/0x120 [ 122.211795] iommufd_test+0x3e5/0x37e0 [ 122.212201] ? lock_release+0x532/0x770 [ 122.212627] ? __might_fault+0x102/0x1b0 [ 122.213211] ? lock_acquire+0x427/0x4c0 [ 122.213640] ? __pfx_iommufd_test+0x10/0x10 [ 122.214076] ? __pfx_lock_release+0x10/0x10 [ 122.214546] ? __pfx_lock_acquire+0x10/0x10 [ 122.215002] ? write_comp_data+0x2f/0x90 [ 122.215553] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.216131] ? write_comp_data+0x2f/0x90 [ 122.216558] iommufd_fops_ioctl+0x37d/0x510 [ 122.217006] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.217557] ? write_comp_data+0x2f/0x90 [ 122.218125] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.218646] __x64_sys_ioctl+0x1a3/0x230 [ 122.219080] do_syscall_64+0x3b/0x90 [ 122.219487] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.220219] RIP: 0033:0x7f4b8743ee5d [ 122.220619] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.222717] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.223514] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.224240] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.225170] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.225876] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.226611] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.227548] [ 122.227786] irq event stamp: 0 [ 122.228103] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.228733] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.229564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.230386] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.231128] ---[ end trace 0000000000000000 ]--- [ 122.234617] ------------[ cut here ]------------ [ 122.235134] WARNING: CPU: 1 PID: 1114 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.236357] Modules linked in: [ 122.236675] CPU: 1 PID: 1114 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.237585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.238929] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.239448] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.241473] RSP: 0018:ffff88802089fbd0 EFLAGS: 00010246 [ 122.241998] RAX: 0000000000000000 RBX: ffff888011e7c8a8 RCX: 0000000000000000 [ 122.242746] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 122.243641] RBP: ffff88802089fbe8 R08: ffffed10023cf933 R09: ffffed10023cf933 [ 122.244345] R10: ffff888011e7c993 R11: ffffed10023cf932 R12: ffff888020ec3c00 [ 122.245058] R13: ffff888011e7c9e8 R14: ffff88800f0e4600 R15: 0000000000000000 [ 122.245975] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.246815] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.247414] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.248134] PKRU: 55555554 [ 122.248588] Call Trace: [ 122.248851] [ 122.249078] iommufd_access_destroy_object+0x65/0x170 [ 122.249602] iommufd_object_destroy_user+0x18e/0x220 [ 122.250117] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.250930] iommufd_access_destroy+0x43/0x70 [ 122.251407] iommufd_test_staccess_release+0x8d/0xd0 [ 122.251923] __fput+0x26d/0xa40 [ 122.252267] ____fput+0x1e/0x30 [ 122.252581] task_work_run+0x1a4/0x2d0 [ 122.252947] ? __pfx_task_work_run+0x10/0x10 [ 122.253534] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.253998] ? switch_task_namespaces+0xa9/0xe0 [ 122.254452] do_exit+0xb17/0x2ef0 [ 122.254801] ? lock_acquire+0x427/0x4c0 [ 122.255212] ? __pfx_lock_release+0x10/0x10 [ 122.255621] ? __kasan_check_write+0x18/0x20 [ 122.256206] ? do_raw_spin_lock+0x132/0x2a0 [ 122.256614] ? __pfx_do_exit+0x10/0x10 [ 122.256992] ? debug_smp_processor_id+0x20/0x30 [ 122.257434] ? rcu_is_watching+0x19/0xb0 [ 122.257817] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.258393] ? trace_hardirqs_on+0x26/0x120 [ 122.258842] do_group_exit+0xe0/0x2b0 [ 122.259218] __x64_sys_exit_group+0x47/0x50 [ 122.259625] do_syscall_64+0x3b/0x90 [ 122.259985] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.260543] RIP: 0033:0x7f4b87518a4d [ 122.260968] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.261531] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.262232] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.263084] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.263762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.264422] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.265150] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.265904] [ 122.266129] irq event stamp: 0 [ 122.266433] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.267055] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.268010] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.268783] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.269417] ---[ end trace 0000000000000000 ]--- [ 122.270317] ------------[ cut here ]------------ [ 122.270782] WARNING: CPU: 1 PID: 1114 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.271737] Modules linked in: [ 122.272042] CPU: 1 PID: 1114 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.273020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.274059] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.274671] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.276406] RSP: 0018:ffff88802089fb78 EFLAGS: 00010246 [ 122.277004] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.277742] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 122.278408] RBP: ffff88802089fb98 R08: ffffed10023cf93e R09: ffffed10023cf93e [ 122.279211] R10: ffff888011e7c9ef R11: ffffed10023cf93d R12: ffff888011e7ca90 [ 122.279963] R13: ffff888011e7c8a8 R14: ffffffffffffffff R15: ffff88802089fc60 [ 122.280634] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.281389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.282104] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.282806] PKRU: 55555554 [ 122.283079] Call Trace: [ 122.283326] [ 122.283538] iommufd_ioas_destroy+0x53/0x70 [ 122.283974] iommufd_fops_release+0x1f7/0x370 [ 122.284537] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.285012] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.285491] ? write_comp_data+0x2f/0x90 [ 122.285886] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.286565] __fput+0x26d/0xa40 [ 122.286895] ____fput+0x1e/0x30 [ 122.287239] task_work_run+0x1a4/0x2d0 [ 122.287617] ? __pfx_task_work_run+0x10/0x10 [ 122.288040] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.288510] ? switch_task_namespaces+0xa9/0xe0 [ 122.289059] do_exit+0xb17/0x2ef0 [ 122.289465] ? lock_acquire+0x427/0x4c0 [ 122.289843] ? __pfx_lock_release+0x10/0x10 [ 122.290246] ? __kasan_check_write+0x18/0x20 [ 122.290709] ? do_raw_spin_lock+0x132/0x2a0 [ 122.291129] ? __pfx_do_exit+0x10/0x10 [ 122.291684] ? debug_smp_processor_id+0x20/0x30 [ 122.292132] ? rcu_is_watching+0x19/0xb0 [ 122.292518] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.292948] ? trace_hardirqs_on+0x26/0x120 [ 122.293360] do_group_exit+0xe0/0x2b0 [ 122.293756] __x64_sys_exit_group+0x47/0x50 [ 122.294307] do_syscall_64+0x3b/0x90 [ 122.294697] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.295212] RIP: 0033:0x7f4b87518a4d [ 122.295560] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.296127] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.297028] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.297685] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.298342] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.299240] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.299915] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.300592] [ 122.300814] irq event stamp: 0 [ 122.301240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.301946] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.302752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.303557] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.304322] ---[ end trace 0000000000000000 ]--- [ 122.309678] ------------[ cut here ]------------ [ 122.310158] WARNING: CPU: 1 PID: 1115 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.311370] Modules linked in: [ 122.311676] CPU: 1 PID: 1115 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.312492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.313731] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.314196] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.316108] RSP: 0018:ffff8880209bfbb8 EFLAGS: 00010246 [ 122.316605] RAX: 0000000000000000 RBX: ffff888017a440a8 RCX: 0000000000000000 [ 122.317266] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 122.318132] RBP: ffff8880209bfbd0 R08: ffffed1002f48833 R09: ffffed1002f48833 [ 122.318824] R10: ffff888017a44193 R11: ffffed1002f48832 R12: ffff888014391400 [ 122.319556] R13: ffff888017a441e8 R14: ffffffff8352e670 R15: ffff8880209bfe68 [ 122.320382] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.321148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.321734] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ee0 [ 122.322571] PKRU: 55555554 [ 122.322844] Call Trace: [ 122.323085] [ 122.323309] __iommufd_access_detach+0x1c2/0x2b0 [ 122.323766] iommufd_access_change_pt+0x149/0x270 [ 122.324413] iommufd_access_replace+0xb4/0x120 [ 122.324856] iommufd_test+0x3e5/0x37e0 [ 122.325223] ? lock_release+0x532/0x770 [ 122.325614] ? __might_fault+0x102/0x1b0 [ 122.326032] ? lock_acquire+0x427/0x4c0 [ 122.326595] ? __pfx_iommufd_test+0x10/0x10 [ 122.327000] ? __pfx_lock_release+0x10/0x10 [ 122.327431] ? __pfx_lock_acquire+0x10/0x10 [ 122.327859] ? write_comp_data+0x2f/0x90 [ 122.328295] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.328878] ? write_comp_data+0x2f/0x90 [ 122.329280] iommufd_fops_ioctl+0x37d/0x510 [ 122.329702] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.330166] ? write_comp_data+0x2f/0x90 [ 122.330771] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.331243] __x64_sys_ioctl+0x1a3/0x230 [ 122.331635] do_syscall_64+0x3b/0x90 [ 122.331991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.332498] RIP: 0033:0x7f4b8743ee5d [ 122.333044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.334875] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.335716] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.336390] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.337223] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.337895] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.338587] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.339431] [ 122.339651] irq event stamp: 0 [ 122.339938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.340513] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.341427] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.342180] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.342772] ---[ end trace 0000000000000000 ]--- [ 122.347513] ------------[ cut here ]------------ [ 122.348002] WARNING: CPU: 1 PID: 1115 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.348909] Modules linked in: [ 122.349222] CPU: 1 PID: 1115 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.350141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.351244] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.351893] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.353625] RSP: 0018:ffff8880209bfbd0 EFLAGS: 00010246 [ 122.354171] RAX: 0000000000000000 RBX: ffff888017a440a8 RCX: 0000000000000000 [ 122.354832] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 122.355505] RBP: ffff8880209bfbe8 R08: ffffed1002f48833 R09: ffffed1002f48833 [ 122.356283] R10: ffff888017a44193 R11: ffffed1002f48832 R12: ffff888013cc6800 [ 122.356927] R13: ffff888017a441e8 R14: ffff88802094e200 R15: 0000000000000000 [ 122.357592] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.358452] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.358997] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 122.359658] PKRU: 55555554 [ 122.360011] Call Trace: [ 122.360327] [ 122.360534] iommufd_access_destroy_object+0x65/0x170 [ 122.361010] iommufd_object_destroy_user+0x18e/0x220 [ 122.361488] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.362209] iommufd_access_destroy+0x43/0x70 [ 122.362647] iommufd_test_staccess_release+0x8d/0xd0 [ 122.363118] __fput+0x26d/0xa40 [ 122.363434] ____fput+0x1e/0x30 [ 122.363738] task_work_run+0x1a4/0x2d0 [ 122.364278] ? __pfx_task_work_run+0x10/0x10 [ 122.364692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.365193] ? switch_task_namespaces+0xa9/0xe0 [ 122.365637] do_exit+0xb17/0x2ef0 [ 122.365984] ? lock_acquire+0x427/0x4c0 [ 122.366492] ? __pfx_lock_release+0x10/0x10 [ 122.366922] ? __kasan_check_write+0x18/0x20 [ 122.367345] ? do_raw_spin_lock+0x132/0x2a0 [ 122.367767] ? __pfx_do_exit+0x10/0x10 [ 122.368201] ? debug_smp_processor_id+0x20/0x30 [ 122.368724] ? rcu_is_watching+0x19/0xb0 [ 122.369104] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.369524] ? trace_hardirqs_on+0x26/0x120 [ 122.369927] do_group_exit+0xe0/0x2b0 [ 122.370428] __x64_sys_exit_group+0x47/0x50 [ 122.370848] do_syscall_64+0x3b/0x90 [ 122.371215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.371691] RIP: 0033:0x7f4b87518a4d [ 122.372033] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.372592] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.373296] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.374094] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.374772] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.375433] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.376105] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.376879] [ 122.377094] irq event stamp: 0 [ 122.377380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.377949] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.378886] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.379656] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.380227] ---[ end trace 0000000000000000 ]--- [ 122.381200] ------------[ cut here ]------------ [ 122.381637] WARNING: CPU: 1 PID: 1115 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.382704] Modules linked in: [ 122.382991] CPU: 1 PID: 1115 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.383760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.384728] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.385324] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.386970] RSP: 0018:ffff8880209bfb78 EFLAGS: 00010246 [ 122.387465] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.388068] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 122.388672] RBP: ffff8880209bfb98 R08: ffffed1002f4883e R09: ffffed1002f4883e [ 122.389408] R10: ffff888017a441ef R11: ffffed1002f4883d R12: ffff888017a44290 [ 122.390013] R13: ffff888017a440a8 R14: ffffffffffffffff R15: ffff8880209bfc60 [ 122.390648] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.391429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.391990] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 122.392599] PKRU: 55555554 [ 122.392842] Call Trace: [ 122.393063] [ 122.393337] iommufd_ioas_destroy+0x53/0x70 [ 122.393771] iommufd_fops_release+0x1f7/0x370 [ 122.394170] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.394641] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.395070] ? write_comp_data+0x2f/0x90 [ 122.395474] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.395993] __fput+0x26d/0xa40 [ 122.396293] ____fput+0x1e/0x30 [ 122.396595] task_work_run+0x1a4/0x2d0 [ 122.396974] ? __pfx_task_work_run+0x10/0x10 [ 122.397373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.397935] ? switch_task_namespaces+0xa9/0xe0 [ 122.398352] do_exit+0xb17/0x2ef0 [ 122.398675] ? lock_acquire+0x427/0x4c0 [ 122.399030] ? __pfx_lock_release+0x10/0x10 [ 122.399437] ? __kasan_check_write+0x18/0x20 [ 122.399820] ? do_raw_spin_lock+0x132/0x2a0 [ 122.400332] ? __pfx_do_exit+0x10/0x10 [ 122.400676] ? debug_smp_processor_id+0x20/0x30 [ 122.401083] ? rcu_is_watching+0x19/0xb0 [ 122.401433] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.401830] ? trace_hardirqs_on+0x26/0x120 [ 122.402347] do_group_exit+0xe0/0x2b0 [ 122.402704] __x64_sys_exit_group+0x47/0x50 [ 122.403077] do_syscall_64+0x3b/0x90 [ 122.403415] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.403869] RIP: 0033:0x7f4b87518a4d [ 122.404193] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.404858] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.405506] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.406114] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.406872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.407494] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.408097] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.408859] [ 122.409062] irq event stamp: 0 [ 122.409335] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.409876] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.410678] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.411472] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.412014] ---[ end trace 0000000000000000 ]--- [ 122.416542] ------------[ cut here ]------------ [ 122.416984] WARNING: CPU: 1 PID: 1116 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.418000] Modules linked in: [ 122.418277] CPU: 1 PID: 1116 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.419053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.420161] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.420591] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.422276] RSP: 0018:ffff888015d6fbb8 EFLAGS: 00010246 [ 122.422765] RAX: 0000000000000000 RBX: ffff88801781d8a8 RCX: 0000000000000000 [ 122.423388] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 122.424070] RBP: ffff888015d6fbd0 R08: ffffed1002f03b33 R09: ffffed1002f03b33 [ 122.424750] R10: ffff88801781d993 R11: ffffed1002f03b32 R12: ffff88800b9b6c00 [ 122.425368] R13: ffff88801781d9e8 R14: ffffffff8352e670 R15: ffff888015d6fe68 [ 122.426027] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.426840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.427349] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 122.427963] PKRU: 55555554 [ 122.428245] Call Trace: [ 122.428573] [ 122.428767] __iommufd_access_detach+0x1c2/0x2b0 [ 122.429236] iommufd_access_change_pt+0x149/0x270 [ 122.429658] iommufd_access_replace+0xb4/0x120 [ 122.430089] iommufd_test+0x3e5/0x37e0 [ 122.430573] ? lock_release+0x532/0x770 [ 122.430937] ? __might_fault+0x102/0x1b0 [ 122.431307] ? lock_acquire+0x427/0x4c0 [ 122.431661] ? __pfx_iommufd_test+0x10/0x10 [ 122.432028] ? __pfx_lock_release+0x10/0x10 [ 122.432430] ? __pfx_lock_acquire+0x10/0x10 [ 122.432928] ? write_comp_data+0x2f/0x90 [ 122.433291] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.433717] ? write_comp_data+0x2f/0x90 [ 122.434078] iommufd_fops_ioctl+0x37d/0x510 [ 122.434548] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.435071] ? write_comp_data+0x2f/0x90 [ 122.435446] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.435867] __x64_sys_ioctl+0x1a3/0x230 [ 122.436232] do_syscall_64+0x3b/0x90 [ 122.436561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.437172] RIP: 0033:0x7f4b8743ee5d [ 122.437498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.439245] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.439900] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.440511] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.441181] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.441884] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.442494] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.443151] [ 122.443424] irq event stamp: 0 [ 122.443778] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.444327] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.445051] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.445916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.446460] ---[ end trace 0000000000000000 ]--- [ 122.449389] ------------[ cut here ]------------ [ 122.449929] WARNING: CPU: 1 PID: 1116 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.450855] Modules linked in: [ 122.451147] CPU: 1 PID: 1116 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.451970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.453018] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.453450] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.455192] RSP: 0018:ffff888015d6fbd0 EFLAGS: 00010246 [ 122.455647] RAX: 0000000000000000 RBX: ffff88801781d8a8 RCX: 0000000000000000 [ 122.456413] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 122.457018] RBP: ffff888015d6fbe8 R08: ffffed1002f03b33 R09: ffffed1002f03b33 [ 122.457629] R10: ffff88801781d993 R11: ffffed1002f03b32 R12: ffff888014392800 [ 122.458392] R13: ffff88801781d9e8 R14: ffff88800ca5a400 R15: 0000000000000000 [ 122.459022] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.459717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.460247] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.461024] PKRU: 55555554 [ 122.461268] Call Trace: [ 122.461489] [ 122.461682] iommufd_access_destroy_object+0x65/0x170 [ 122.462156] iommufd_object_destroy_user+0x18e/0x220 [ 122.462719] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.463236] iommufd_access_destroy+0x43/0x70 [ 122.463634] iommufd_test_staccess_release+0x8d/0xd0 [ 122.464080] __fput+0x26d/0xa40 [ 122.464398] ____fput+0x1e/0x30 [ 122.464815] task_work_run+0x1a4/0x2d0 [ 122.465159] ? __pfx_task_work_run+0x10/0x10 [ 122.465546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.465971] ? switch_task_namespaces+0xa9/0xe0 [ 122.466445] do_exit+0xb17/0x2ef0 [ 122.466837] ? lock_acquire+0x427/0x4c0 [ 122.467207] ? __pfx_lock_release+0x10/0x10 [ 122.467596] ? __kasan_check_write+0x18/0x20 [ 122.467980] ? do_raw_spin_lock+0x132/0x2a0 [ 122.468353] ? __pfx_do_exit+0x10/0x10 [ 122.468756] ? debug_smp_processor_id+0x20/0x30 [ 122.469238] ? rcu_is_watching+0x19/0xb0 [ 122.469602] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.469998] ? trace_hardirqs_on+0x26/0x120 [ 122.470379] do_group_exit+0xe0/0x2b0 [ 122.470803] __x64_sys_exit_group+0x47/0x50 [ 122.471243] do_syscall_64+0x3b/0x90 [ 122.471573] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.472031] RIP: 0033:0x7f4b87518a4d [ 122.472350] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.472871] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.473678] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.474286] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.474948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.475676] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.476287] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.476908] [ 122.477110] irq event stamp: 0 [ 122.477532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.478072] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.478818] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.479641] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.480237] ---[ end trace 0000000000000000 ]--- [ 122.481012] ------------[ cut here ]------------ [ 122.481458] WARNING: CPU: 1 PID: 1116 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.482406] Modules linked in: [ 122.482717] CPU: 1 PID: 1116 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.483466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.484585] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.485034] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.486771] RSP: 0018:ffff888015d6fb78 EFLAGS: 00010246 [ 122.487253] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.487860] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 122.488625] RBP: ffff888015d6fb98 R08: ffffed1002f03b3e R09: ffffed1002f03b3e [ 122.489235] R10: ffff88801781d9ef R11: ffffed1002f03b3d R12: ffff88801781da90 [ 122.489845] R13: ffff88801781d8a8 R14: ffffffffffffffff R15: ffff888015d6fc60 [ 122.490618] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.491316] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.491811] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.492548] PKRU: 55555554 [ 122.492790] Call Trace: [ 122.493059] [ 122.493256] iommufd_ioas_destroy+0x53/0x70 [ 122.493630] iommufd_fops_release+0x1f7/0x370 [ 122.494015] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.494604] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.495027] ? write_comp_data+0x2f/0x90 [ 122.495399] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.495827] __fput+0x26d/0xa40 [ 122.496120] ____fput+0x1e/0x30 [ 122.496409] task_work_run+0x1a4/0x2d0 [ 122.496837] ? __pfx_task_work_run+0x10/0x10 [ 122.497262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.497681] ? switch_task_namespaces+0xa9/0xe0 [ 122.498085] do_exit+0xb17/0x2ef0 [ 122.498383] ? lock_acquire+0x427/0x4c0 [ 122.498908] ? __pfx_lock_release+0x10/0x10 [ 122.499298] ? __kasan_check_write+0x18/0x20 [ 122.499678] ? do_raw_spin_lock+0x132/0x2a0 [ 122.500046] ? __pfx_do_exit+0x10/0x10 [ 122.500384] ? debug_smp_processor_id+0x20/0x30 [ 122.500784] ? rcu_is_watching+0x19/0xb0 [ 122.501280] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.501668] ? trace_hardirqs_on+0x26/0x120 [ 122.502038] do_group_exit+0xe0/0x2b0 [ 122.502365] __x64_sys_exit_group+0x47/0x50 [ 122.502752] do_syscall_64+0x3b/0x90 [ 122.503214] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.503657] RIP: 0033:0x7f4b87518a4d [ 122.503971] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.504485] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.505190] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.505872] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.506468] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.507151] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.507835] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.508441] [ 122.508638] irq event stamp: 0 [ 122.508905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.509521] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.510280] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.511007] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.511642] ---[ end trace 0000000000000000 ]--- [ 122.517038] ------------[ cut here ]------------ [ 122.517486] WARNING: CPU: 1 PID: 1117 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.518409] Modules linked in: [ 122.518820] CPU: 1 PID: 1117 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.519562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.520580] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.521049] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.522742] RSP: 0018:ffff88801828fbb8 EFLAGS: 00010246 [ 122.523207] RAX: 0000000000000000 RBX: ffff8880208f38a8 RCX: 0000000000000000 [ 122.523804] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 122.524399] RBP: ffff88801828fbd0 R08: ffffed100411e733 R09: ffffed100411e733 [ 122.525194] R10: ffff8880208f3993 R11: ffffed100411e732 R12: ffff888014581800 [ 122.525792] R13: ffff8880208f39e8 R14: ffffffff8352e670 R15: ffff88801828fe68 [ 122.526408] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.527236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.527727] CR2: 0000000020000140 CR3: 0000000013daa000 CR4: 0000000000750ee0 [ 122.528334] PKRU: 55555554 [ 122.528576] Call Trace: [ 122.528868] [ 122.529143] __iommufd_access_detach+0x1c2/0x2b0 [ 122.529560] iommufd_access_change_pt+0x149/0x270 [ 122.529976] iommufd_access_replace+0xb4/0x120 [ 122.530378] iommufd_test+0x3e5/0x37e0 [ 122.530774] ? lock_release+0x532/0x770 [ 122.531208] ? __might_fault+0x102/0x1b0 [ 122.531559] ? lock_acquire+0x427/0x4c0 [ 122.531907] ? __pfx_iommufd_test+0x10/0x10 [ 122.532271] ? __pfx_lock_release+0x10/0x10 [ 122.532643] ? __pfx_lock_acquire+0x10/0x10 [ 122.533101] ? write_comp_data+0x2f/0x90 [ 122.533536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.533957] ? write_comp_data+0x2f/0x90 [ 122.534314] iommufd_fops_ioctl+0x37d/0x510 [ 122.534710] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.535141] ? write_comp_data+0x2f/0x90 [ 122.535573] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.536065] __x64_sys_ioctl+0x1a3/0x230 [ 122.536420] do_syscall_64+0x3b/0x90 [ 122.536750] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.537204] RIP: 0033:0x7f4b8743ee5d [ 122.537663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.539230] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.540025] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.540626] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.541222] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.541905] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.542596] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.543223] [ 122.543422] irq event stamp: 0 [ 122.543690] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.544377] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.545079] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.545817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.546457] ---[ end trace 0000000000000000 ]--- [ 122.549316] ------------[ cut here ]------------ [ 122.549745] WARNING: CPU: 1 PID: 1117 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.550802] Modules linked in: [ 122.551074] CPU: 1 PID: 1117 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.551819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.552919] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.553336] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.555074] RSP: 0018:ffff88801828fbd0 EFLAGS: 00010246 [ 122.555539] RAX: 0000000000000000 RBX: ffff8880208f38a8 RCX: 0000000000000000 [ 122.556132] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 122.556903] RBP: ffff88801828fbe8 R08: ffffed100411e733 R09: ffffed100411e733 [ 122.557550] R10: ffff8880208f3993 R11: ffffed100411e732 R12: ffff88800b9b7000 [ 122.558146] R13: ffff8880208f39e8 R14: ffff888013cede00 R15: 0000000000000000 [ 122.558921] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.559597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.560083] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.560818] PKRU: 55555554 [ 122.561066] Call Trace: [ 122.561282] [ 122.561471] iommufd_access_destroy_object+0x65/0x170 [ 122.561912] iommufd_object_destroy_user+0x18e/0x220 [ 122.562347] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.562996] iommufd_access_destroy+0x43/0x70 [ 122.563397] iommufd_test_staccess_release+0x8d/0xd0 [ 122.563817] __fput+0x26d/0xa40 [ 122.564106] ____fput+0x1e/0x30 [ 122.564387] task_work_run+0x1a4/0x2d0 [ 122.564747] ? __pfx_task_work_run+0x10/0x10 [ 122.565189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.565593] ? switch_task_namespaces+0xa9/0xe0 [ 122.565982] do_exit+0xb17/0x2ef0 [ 122.566273] ? lock_acquire+0x427/0x4c0 [ 122.566677] ? __pfx_lock_release+0x10/0x10 [ 122.567108] ? __kasan_check_write+0x18/0x20 [ 122.567480] ? do_raw_spin_lock+0x132/0x2a0 [ 122.567842] ? __pfx_do_exit+0x10/0x10 [ 122.568172] ? debug_smp_processor_id+0x20/0x30 [ 122.568560] ? rcu_is_watching+0x19/0xb0 [ 122.568941] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.569391] ? trace_hardirqs_on+0x26/0x120 [ 122.569755] do_group_exit+0xe0/0x2b0 [ 122.570070] __x64_sys_exit_group+0x47/0x50 [ 122.570418] do_syscall_64+0x3b/0x90 [ 122.570757] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.571196] RIP: 0033:0x7f4b87518a4d [ 122.571630] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.572132] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.572743] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.573386] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.574014] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.574617] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.575210] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.575942] [ 122.576136] irq event stamp: 0 [ 122.576393] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.576902] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.577745] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.578423] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.578966] ---[ end trace 0000000000000000 ]--- [ 122.579728] ------------[ cut here ]------------ [ 122.580125] WARNING: CPU: 1 PID: 1117 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.580978] Modules linked in: [ 122.581281] CPU: 1 PID: 1117 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.582078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.583083] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.583565] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.585211] RSP: 0018:ffff88801828fb78 EFLAGS: 00010246 [ 122.585773] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.586376] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 122.587014] RBP: ffff88801828fb98 R08: ffffed100411e73e R09: ffffed100411e73e [ 122.587636] R10: ffff8880208f39ef R11: ffffed100411e73d R12: ffff8880208f3a90 [ 122.588364] R13: ffff8880208f38a8 R14: ffffffffffffffff R15: ffff88801828fc60 [ 122.589006] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.589718] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.590314] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.590939] PKRU: 55555554 [ 122.591184] Call Trace: [ 122.591398] [ 122.591591] iommufd_ioas_destroy+0x53/0x70 [ 122.592042] iommufd_fops_release+0x1f7/0x370 [ 122.592478] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.592901] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.593320] ? write_comp_data+0x2f/0x90 [ 122.593696] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.594260] __fput+0x26d/0xa40 [ 122.594589] ____fput+0x1e/0x30 [ 122.594879] task_work_run+0x1a4/0x2d0 [ 122.595225] ? __pfx_task_work_run+0x10/0x10 [ 122.595602] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.596022] ? switch_task_namespaces+0xa9/0xe0 [ 122.596583] do_exit+0xb17/0x2ef0 [ 122.596879] ? lock_acquire+0x427/0x4c0 [ 122.597231] ? __pfx_lock_release+0x10/0x10 [ 122.597606] ? __kasan_check_write+0x18/0x20 [ 122.597984] ? do_raw_spin_lock+0x132/0x2a0 [ 122.598491] ? __pfx_do_exit+0x10/0x10 [ 122.598863] ? debug_smp_processor_id+0x20/0x30 [ 122.599276] ? rcu_is_watching+0x19/0xb0 [ 122.599624] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.600011] ? trace_hardirqs_on+0x26/0x120 [ 122.600384] do_group_exit+0xe0/0x2b0 [ 122.600836] __x64_sys_exit_group+0x47/0x50 [ 122.601204] do_syscall_64+0x3b/0x90 [ 122.601529] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.601973] RIP: 0033:0x7f4b87518a4d [ 122.602292] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.603033] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.603690] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.604292] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.604972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.605640] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.606239] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.606953] [ 122.607226] irq event stamp: 0 [ 122.607494] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.608025] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.608728] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.609593] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.610120] ---[ end trace 0000000000000000 ]--- [ 122.614689] ------------[ cut here ]------------ [ 122.615153] WARNING: CPU: 1 PID: 1118 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.616067] Modules linked in: [ 122.616422] CPU: 1 PID: 1118 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.617146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.618168] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.618692] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.620300] RSP: 0018:ffff888015a37bb8 EFLAGS: 00010246 [ 122.620814] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 122.621456] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 122.622079] RBP: ffff888015a37bd0 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 122.622817] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff888014391400 [ 122.623421] R13: ffff88801609d1e8 R14: ffffffff8352e670 R15: ffff888015a37e68 [ 122.624017] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.624846] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.625329] CR2: 0000000020000140 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 122.625921] PKRU: 55555554 [ 122.626178] Call Trace: [ 122.626439] [ 122.626717] __iommufd_access_detach+0x1c2/0x2b0 [ 122.627146] iommufd_access_change_pt+0x149/0x270 [ 122.627567] iommufd_access_replace+0xb4/0x120 [ 122.627973] iommufd_test+0x3e5/0x37e0 [ 122.628309] ? lock_release+0x532/0x770 [ 122.628730] ? __might_fault+0x102/0x1b0 [ 122.629142] ? lock_acquire+0x427/0x4c0 [ 122.629492] ? __pfx_iommufd_test+0x10/0x10 [ 122.629854] ? __pfx_lock_release+0x10/0x10 [ 122.630224] ? __pfx_lock_acquire+0x10/0x10 [ 122.630697] ? write_comp_data+0x2f/0x90 [ 122.631079] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.631508] ? write_comp_data+0x2f/0x90 [ 122.631868] iommufd_fops_ioctl+0x37d/0x510 [ 122.632240] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.632692] ? write_comp_data+0x2f/0x90 [ 122.633146] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.633562] __x64_sys_ioctl+0x1a3/0x230 [ 122.633924] do_syscall_64+0x3b/0x90 [ 122.634252] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.634819] RIP: 0033:0x7f4b8743ee5d [ 122.635197] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.636795] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.637519] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.638144] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.638883] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.639578] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.640180] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.640869] [ 122.641144] irq event stamp: 0 [ 122.641411] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.641940] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.642741] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.643529] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.644061] ---[ end trace 0000000000000000 ]--- [ 122.647700] ------------[ cut here ]------------ [ 122.648178] WARNING: CPU: 1 PID: 1118 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.649111] Modules linked in: [ 122.649378] CPU: 1 PID: 1118 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.650178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.651236] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.651658] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.653376] RSP: 0018:ffff888015a37bd0 EFLAGS: 00010246 [ 122.653831] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 122.654577] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 122.655185] RBP: ffff888015a37be8 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 122.655780] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff888014583400 [ 122.656529] R13: ffff88801609d1e8 R14: ffff888020939b00 R15: 0000000000000000 [ 122.657127] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.657805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.658420] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 122.659035] PKRU: 55555554 [ 122.659285] Call Trace: [ 122.659503] [ 122.659695] iommufd_access_destroy_object+0x65/0x170 [ 122.660279] iommufd_object_destroy_user+0x18e/0x220 [ 122.660712] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.661204] iommufd_access_destroy+0x43/0x70 [ 122.661594] iommufd_test_staccess_release+0x8d/0xd0 [ 122.662179] __fput+0x26d/0xa40 [ 122.662475] ____fput+0x1e/0x30 [ 122.662793] task_work_run+0x1a4/0x2d0 [ 122.663142] ? __pfx_task_work_run+0x10/0x10 [ 122.663521] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.664084] ? switch_task_namespaces+0xa9/0xe0 [ 122.664492] do_exit+0xb17/0x2ef0 [ 122.664788] ? lock_acquire+0x427/0x4c0 [ 122.665135] ? __pfx_lock_release+0x10/0x10 [ 122.665525] ? __kasan_check_write+0x18/0x20 [ 122.666011] ? do_raw_spin_lock+0x132/0x2a0 [ 122.666379] ? __pfx_do_exit+0x10/0x10 [ 122.666734] ? debug_smp_processor_id+0x20/0x30 [ 122.667134] ? rcu_is_watching+0x19/0xb0 [ 122.667513] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.668012] ? trace_hardirqs_on+0x26/0x120 [ 122.668386] do_group_exit+0xe0/0x2b0 [ 122.668715] __x64_sys_exit_group+0x47/0x50 [ 122.669086] do_syscall_64+0x3b/0x90 [ 122.669471] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.669962] RIP: 0033:0x7f4b87518a4d [ 122.670275] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.670806] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.671546] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.672181] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.672774] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.673486] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.674078] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.674699] [ 122.674900] irq event stamp: 0 [ 122.675244] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.675840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.676550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.677370] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.677906] ---[ end trace 0000000000000000 ]--- [ 122.680343] ------------[ cut here ]------------ [ 122.680761] WARNING: CPU: 1 PID: 1118 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.681745] Modules linked in: [ 122.682017] CPU: 1 PID: 1118 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.682822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.683980] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.684418] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.685981] RSP: 0018:ffff888015a37b78 EFLAGS: 00010246 [ 122.686432] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.687237] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 122.687847] RBP: ffff888015a37b98 R08: ffffed1002c13a3e R09: ffffed1002c13a3e [ 122.688446] R10: ffff88801609d1ef R11: ffffed1002c13a3d R12: ffff88801609d290 [ 122.689134] R13: ffff88801609d0a8 R14: ffffffffffffffff R15: ffff888015a37c60 [ 122.689779] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.690458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.691016] CR2: 00007f82e2b64000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 122.691691] PKRU: 55555554 [ 122.691931] Call Trace: [ 122.692149] [ 122.692343] iommufd_ioas_destroy+0x53/0x70 [ 122.692722] iommufd_fops_release+0x1f7/0x370 [ 122.693271] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.693704] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.694131] ? write_comp_data+0x2f/0x90 [ 122.694489] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.695013] __fput+0x26d/0xa40 [ 122.695391] ____fput+0x1e/0x30 [ 122.695696] task_work_run+0x1a4/0x2d0 [ 122.696041] ? __pfx_task_work_run+0x10/0x10 [ 122.696428] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.696881] ? switch_task_namespaces+0xa9/0xe0 [ 122.697380] do_exit+0xb17/0x2ef0 [ 122.697681] ? lock_acquire+0x427/0x4c0 [ 122.698034] ? __pfx_lock_release+0x10/0x10 [ 122.698415] ? __kasan_check_write+0x18/0x20 [ 122.698855] ? do_raw_spin_lock+0x132/0x2a0 [ 122.699360] ? __pfx_do_exit+0x10/0x10 [ 122.699703] ? debug_smp_processor_id+0x20/0x30 [ 122.700091] ? rcu_is_watching+0x19/0xb0 [ 122.700428] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.700853] ? trace_hardirqs_on+0x26/0x120 [ 122.701281] do_group_exit+0xe0/0x2b0 [ 122.701599] __x64_sys_exit_group+0x47/0x50 [ 122.701957] do_syscall_64+0x3b/0x90 [ 122.702280] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.702770] RIP: 0033:0x7f4b87518a4d [ 122.703167] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.703668] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.704293] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.704998] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.705573] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.706151] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.706880] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.707487] [ 122.707684] irq event stamp: 0 [ 122.707948] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.708481] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.709260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.709944] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.710563] ---[ end trace 0000000000000000 ]--- [ 122.716338] ------------[ cut here ]------------ [ 122.716849] WARNING: CPU: 1 PID: 1119 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.717760] Modules linked in: [ 122.718057] CPU: 1 PID: 1119 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.718976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.719965] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.720542] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.722152] RSP: 0018:ffff88801828fbb8 EFLAGS: 00010246 [ 122.722737] RAX: 0000000000000000 RBX: ffff888016fe38a8 RCX: 0000000000000000 [ 122.723363] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 122.723988] RBP: ffff88801828fbd0 R08: ffffed1002dfc733 R09: ffffed1002dfc733 [ 122.724732] R10: ffff888016fe3993 R11: ffffed1002dfc732 R12: ffff88800ae90000 [ 122.725354] R13: ffff888016fe39e8 R14: ffffffff8352e670 R15: ffff88801828fe68 [ 122.725987] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.726816] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.727343] CR2: 00007f4b877410e8 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 122.727964] PKRU: 55555554 [ 122.728296] Call Trace: [ 122.728585] [ 122.728787] __iommufd_access_detach+0x1c2/0x2b0 [ 122.729217] iommufd_access_change_pt+0x149/0x270 [ 122.729653] iommufd_access_replace+0xb4/0x120 [ 122.730101] iommufd_test+0x3e5/0x37e0 [ 122.730572] ? lock_release+0x532/0x770 [ 122.730938] ? __might_fault+0x102/0x1b0 [ 122.731316] ? lock_acquire+0x427/0x4c0 [ 122.731677] ? __pfx_iommufd_test+0x10/0x10 [ 122.732087] ? __pfx_lock_release+0x10/0x10 [ 122.732565] ? __pfx_lock_acquire+0x10/0x10 [ 122.732957] ? write_comp_data+0x2f/0x90 [ 122.733330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.733759] ? write_comp_data+0x2f/0x90 [ 122.734185] iommufd_fops_ioctl+0x37d/0x510 [ 122.734662] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.735153] ? write_comp_data+0x2f/0x90 [ 122.735543] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.735995] __x64_sys_ioctl+0x1a3/0x230 [ 122.736533] do_syscall_64+0x3b/0x90 [ 122.736902] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.737393] RIP: 0033:0x7f4b8743ee5d [ 122.737747] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.739618] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.740322] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.741155] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.741803] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.742471] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.743321] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.743986] [ 122.744210] irq event stamp: 0 [ 122.744505] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.745263] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.746036] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.746849] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.747583] ---[ end trace 0000000000000000 ]--- [ 122.752665] ------------[ cut here ]------------ [ 122.753252] WARNING: CPU: 1 PID: 1119 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.754286] Modules linked in: [ 122.754664] CPU: 1 PID: 1119 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.755560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.756735] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.757211] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.759156] RSP: 0018:ffff88801828fbd0 EFLAGS: 00010246 [ 122.759677] RAX: 0000000000000000 RBX: ffff888016fe38a8 RCX: 0000000000000000 [ 122.760554] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 122.761221] RBP: ffff88801828fbe8 R08: ffffed1002dfc733 R09: ffffed1002dfc733 [ 122.761897] R10: ffff888016fe3993 R11: ffffed1002dfc732 R12: ffff88800fcb2800 [ 122.762774] R13: ffff888016fe39e8 R14: ffff888012a0bb00 R15: 0000000000000000 [ 122.763484] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.764256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.764991] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 122.765678] PKRU: 55555554 [ 122.765953] Call Trace: [ 122.766197] [ 122.766418] iommufd_access_destroy_object+0x65/0x170 [ 122.767048] iommufd_object_destroy_user+0x18e/0x220 [ 122.767671] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.768295] iommufd_access_destroy+0x43/0x70 [ 122.768785] iommufd_test_staccess_release+0x8d/0xd0 [ 122.769437] __fput+0x26d/0xa40 [ 122.769932] ____fput+0x1e/0x30 [ 122.770282] task_work_run+0x1a4/0x2d0 [ 122.770726] ? __pfx_task_work_run+0x10/0x10 [ 122.771200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.771838] ? switch_task_namespaces+0xa9/0xe0 [ 122.772463] do_exit+0xb17/0x2ef0 [ 122.772833] ? lock_acquire+0x427/0x4c0 [ 122.773252] ? __pfx_lock_release+0x10/0x10 [ 122.773703] ? __kasan_check_write+0x18/0x20 [ 122.774277] ? do_raw_spin_lock+0x132/0x2a0 [ 122.774874] ? __pfx_do_exit+0x10/0x10 [ 122.775310] ? debug_smp_processor_id+0x20/0x30 [ 122.775809] ? rcu_is_watching+0x19/0xb0 [ 122.776258] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.776936] ? trace_hardirqs_on+0x26/0x120 [ 122.777401] do_group_exit+0xe0/0x2b0 [ 122.777804] __x64_sys_exit_group+0x47/0x50 [ 122.778254] do_syscall_64+0x3b/0x90 [ 122.778684] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.779479] RIP: 0033:0x7f4b87518a4d [ 122.779865] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.780510] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.781422] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.782279] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.783048] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.783867] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.784727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.785477] [ 122.785724] irq event stamp: 0 [ 122.786048] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.786738] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.787612] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.788702] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.789361] ---[ end trace 0000000000000000 ]--- [ 122.790390] ------------[ cut here ]------------ [ 122.790990] WARNING: CPU: 1 PID: 1119 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.792231] Modules linked in: [ 122.792567] CPU: 1 PID: 1119 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.793478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.794805] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.795367] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.797423] RSP: 0018:ffff88801828fb78 EFLAGS: 00010246 [ 122.797984] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.798919] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 122.799663] RBP: ffff88801828fb98 R08: ffffed1002dfc73e R09: ffffed1002dfc73e [ 122.800375] R10: ffff888016fe39ef R11: ffffed1002dfc73d R12: ffff888016fe3a90 [ 122.801250] R13: ffff888016fe38a8 R14: ffffffffffffffff R15: ffff88801828fc60 [ 122.801965] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.802810] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.803411] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 122.804299] PKRU: 55555554 [ 122.804587] Call Trace: [ 122.804846] [ 122.805091] iommufd_ioas_destroy+0x53/0x70 [ 122.805541] iommufd_fops_release+0x1f7/0x370 [ 122.806084] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.806708] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.807246] ? write_comp_data+0x2f/0x90 [ 122.807677] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.808182] __fput+0x26d/0xa40 [ 122.808561] ____fput+0x1e/0x30 [ 122.809041] task_work_run+0x1a4/0x2d0 [ 122.809463] ? __pfx_task_work_run+0x10/0x10 [ 122.809929] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.810432] ? switch_task_namespaces+0xa9/0xe0 [ 122.810987] do_exit+0xb17/0x2ef0 [ 122.811470] ? lock_acquire+0x427/0x4c0 [ 122.811886] ? __pfx_lock_release+0x10/0x10 [ 122.812331] ? __kasan_check_write+0x18/0x20 [ 122.812780] ? do_raw_spin_lock+0x132/0x2a0 [ 122.813267] ? __pfx_do_exit+0x10/0x10 [ 122.813727] ? debug_smp_processor_id+0x20/0x30 [ 122.814329] ? rcu_is_watching+0x19/0xb0 [ 122.814792] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.815293] ? trace_hardirqs_on+0x26/0x120 [ 122.815740] do_group_exit+0xe0/0x2b0 [ 122.816133] __x64_sys_exit_group+0x47/0x50 [ 122.816653] do_syscall_64+0x3b/0x90 [ 122.817125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.817663] RIP: 0033:0x7f4b87518a4d [ 122.818050] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.818723] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.819637] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.820339] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.821039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.821899] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.822658] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.823411] [ 122.823651] irq event stamp: 0 [ 122.823976] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.824791] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.825633] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.826617] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.827335] ---[ end trace 0000000000000000 ]--- [ 122.832480] ------------[ cut here ]------------ [ 122.833018] WARNING: CPU: 1 PID: 1120 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.834222] Modules linked in: [ 122.834645] CPU: 1 PID: 1120 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.835543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.836859] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.837373] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.839442] RSP: 0018:ffff888015a37bb8 EFLAGS: 00010246 [ 122.839992] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 122.840722] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 122.841564] RBP: ffff888015a37bd0 R08: ffffed100173f833 R09: ffffed100173f833 [ 122.842351] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff88801226ec00 [ 122.843124] R13: ffff88800b9fc1e8 R14: ffffffff8352e670 R15: ffff888015a37e68 [ 122.843846] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.844815] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.845450] CR2: 00007f4b877410e8 CR3: 00000000148bc000 CR4: 0000000000750ee0 [ 122.846208] PKRU: 55555554 [ 122.846651] Call Trace: [ 122.846916] [ 122.847161] __iommufd_access_detach+0x1c2/0x2b0 [ 122.847812] iommufd_access_change_pt+0x149/0x270 [ 122.848360] iommufd_access_replace+0xb4/0x120 [ 122.848855] iommufd_test+0x3e5/0x37e0 [ 122.849267] ? lock_release+0x532/0x770 [ 122.849703] ? __might_fault+0x102/0x1b0 [ 122.850129] ? lock_acquire+0x427/0x4c0 [ 122.850599] ? __pfx_iommufd_test+0x10/0x10 [ 122.851045] ? __pfx_lock_release+0x10/0x10 [ 122.851536] ? __pfx_lock_acquire+0x10/0x10 [ 122.851999] ? write_comp_data+0x2f/0x90 [ 122.852439] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.852943] ? write_comp_data+0x2f/0x90 [ 122.853369] iommufd_fops_ioctl+0x37d/0x510 [ 122.853817] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.854319] ? write_comp_data+0x2f/0x90 [ 122.854789] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.855319] __x64_sys_ioctl+0x1a3/0x230 [ 122.855746] do_syscall_64+0x3b/0x90 [ 122.856134] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.856672] RIP: 0033:0x7f4b8743ee5d [ 122.857056] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.858928] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.859738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.860457] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.861176] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.861897] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.862638] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.863391] [ 122.863636] irq event stamp: 0 [ 122.863960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.864621] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.865464] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.866301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.866973] ---[ end trace 0000000000000000 ]--- [ 122.870243] ------------[ cut here ]------------ [ 122.870809] WARNING: CPU: 1 PID: 1120 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.871838] Modules linked in: [ 122.872165] CPU: 1 PID: 1120 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.873053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.874182] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.874805] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.876669] RSP: 0018:ffff888015a37bd0 EFLAGS: 00010246 [ 122.877267] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 122.877982] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 122.878747] RBP: ffff888015a37be8 R08: ffffed100173f833 R09: ffffed100173f833 [ 122.879478] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff88800ae92800 [ 122.880200] R13: ffff88800b9fc1e8 R14: ffff888014aa0600 R15: 0000000000000000 [ 122.880923] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.881740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.882339] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.883129] PKRU: 55555554 [ 122.883432] Call Trace: [ 122.883694] [ 122.883924] iommufd_access_destroy_object+0x65/0x170 [ 122.884458] iommufd_object_destroy_user+0x18e/0x220 [ 122.884984] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.885592] iommufd_access_destroy+0x43/0x70 [ 122.886074] iommufd_test_staccess_release+0x8d/0xd0 [ 122.886657] __fput+0x26d/0xa40 [ 122.887023] ____fput+0x1e/0x30 [ 122.887394] task_work_run+0x1a4/0x2d0 [ 122.887820] ? __pfx_task_work_run+0x10/0x10 [ 122.888282] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.888790] ? switch_task_namespaces+0xa9/0xe0 [ 122.889299] do_exit+0xb17/0x2ef0 [ 122.889665] ? lock_acquire+0x427/0x4c0 [ 122.890075] ? __pfx_lock_release+0x10/0x10 [ 122.890561] ? __kasan_check_write+0x18/0x20 [ 122.891016] ? do_raw_spin_lock+0x132/0x2a0 [ 122.891486] ? __pfx_do_exit+0x10/0x10 [ 122.891892] ? debug_smp_processor_id+0x20/0x30 [ 122.892365] ? rcu_is_watching+0x19/0xb0 [ 122.892779] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.893237] ? trace_hardirqs_on+0x26/0x120 [ 122.893693] do_group_exit+0xe0/0x2b0 [ 122.894085] __x64_sys_exit_group+0x47/0x50 [ 122.894568] do_syscall_64+0x3b/0x90 [ 122.894955] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.895507] RIP: 0033:0x7f4b87518a4d [ 122.895890] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.896515] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.897285] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.898006] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.898757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.899503] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.900227] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.900952] [ 122.901193] irq event stamp: 0 [ 122.901515] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.902146] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.903039] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.903885] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.904517] ---[ end trace 0000000000000000 ]--- [ 122.905387] ------------[ cut here ]------------ [ 122.905874] WARNING: CPU: 1 PID: 1120 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 122.906930] Modules linked in: [ 122.907265] CPU: 1 PID: 1120 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.908139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.909334] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 122.909860] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 122.911743] RSP: 0018:ffff888015a37b78 EFLAGS: 00010246 [ 122.912280] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.912981] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 122.913628] RBP: ffff888015a37b98 R08: ffffed100173f83e R09: ffffed100173f83e [ 122.914276] R10: ffff88800b9fc1ef R11: ffffed100173f83d R12: ffff88800b9fc290 [ 122.914948] R13: ffff88800b9fc0a8 R14: ffffffffffffffff R15: ffff888015a37c60 [ 122.915618] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.916369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.916902] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.917558] PKRU: 55555554 [ 122.917818] Call Trace: [ 122.918054] [ 122.918271] iommufd_ioas_destroy+0x53/0x70 [ 122.918706] iommufd_fops_release+0x1f7/0x370 [ 122.919136] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.919617] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.920089] ? write_comp_data+0x2f/0x90 [ 122.920484] ? __pfx_iommufd_fops_release+0x10/0x10 [ 122.920959] __fput+0x26d/0xa40 [ 122.921288] ____fput+0x1e/0x30 [ 122.921606] task_work_run+0x1a4/0x2d0 [ 122.921991] ? __pfx_task_work_run+0x10/0x10 [ 122.922407] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.922905] ? switch_task_namespaces+0xa9/0xe0 [ 122.923380] do_exit+0xb17/0x2ef0 [ 122.923713] ? lock_acquire+0x427/0x4c0 [ 122.924093] ? __pfx_lock_release+0x10/0x10 [ 122.924502] ? __kasan_check_write+0x18/0x20 [ 122.924918] ? do_raw_spin_lock+0x132/0x2a0 [ 122.925323] ? __pfx_do_exit+0x10/0x10 [ 122.925698] ? debug_smp_processor_id+0x20/0x30 [ 122.926151] ? rcu_is_watching+0x19/0xb0 [ 122.926607] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.927040] ? trace_hardirqs_on+0x26/0x120 [ 122.927463] do_group_exit+0xe0/0x2b0 [ 122.927826] __x64_sys_exit_group+0x47/0x50 [ 122.928241] do_syscall_64+0x3b/0x90 [ 122.928603] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.929090] RIP: 0033:0x7f4b87518a4d [ 122.929454] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.930026] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 122.930781] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 122.931456] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 122.932115] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 122.932771] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 122.933434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 122.934104] [ 122.934322] irq event stamp: 0 [ 122.934666] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.935293] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.936079] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.936863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.937462] ---[ end trace 0000000000000000 ]--- [ 122.942198] ------------[ cut here ]------------ [ 122.942744] WARNING: CPU: 1 PID: 1121 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.943708] Modules linked in: [ 122.944020] CPU: 1 PID: 1121 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.944831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.945892] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.946363] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.948358] RSP: 0018:ffff88800e8efbb8 EFLAGS: 00010246 [ 122.948889] RAX: 0000000000000000 RBX: ffff8880182888a8 RCX: 0000000000000000 [ 122.949568] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 122.950246] RBP: ffff88800e8efbd0 R08: ffffed1003051133 R09: ffffed1003051133 [ 122.950936] R10: ffff888018288993 R11: ffffed1003051132 R12: ffff88800a724c00 [ 122.951637] R13: ffff8880182889e8 R14: ffffffff8352e670 R15: ffff88800e8efe68 [ 122.952321] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.953096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.953643] CR2: 0000000020000140 CR3: 0000000013e00000 CR4: 0000000000750ee0 [ 122.954311] PKRU: 55555554 [ 122.954627] Call Trace: [ 122.954880] [ 122.955098] __iommufd_access_detach+0x1c2/0x2b0 [ 122.955601] iommufd_access_change_pt+0x149/0x270 [ 122.956085] iommufd_access_replace+0xb4/0x120 [ 122.956539] iommufd_test+0x3e5/0x37e0 [ 122.956920] ? lock_release+0x532/0x770 [ 122.957317] ? __might_fault+0x102/0x1b0 [ 122.957712] ? lock_acquire+0x427/0x4c0 [ 122.958098] ? __pfx_iommufd_test+0x10/0x10 [ 122.958547] ? __pfx_lock_release+0x10/0x10 [ 122.958973] ? __pfx_lock_acquire+0x10/0x10 [ 122.959408] ? write_comp_data+0x2f/0x90 [ 122.959812] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.960277] ? write_comp_data+0x2f/0x90 [ 122.960664] iommufd_fops_ioctl+0x37d/0x510 [ 122.961066] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.961527] ? write_comp_data+0x2f/0x90 [ 122.961927] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 122.962395] __x64_sys_ioctl+0x1a3/0x230 [ 122.962830] do_syscall_64+0x3b/0x90 [ 122.963208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.963713] RIP: 0033:0x7f4b8743ee5d [ 122.964071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 122.965790] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 122.966563] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 122.967249] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 122.967909] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 122.968571] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 122.969235] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 122.969924] [ 122.970151] irq event stamp: 0 [ 122.970450] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 122.971080] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 122.971898] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 122.972682] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 122.973321] ---[ end trace 0000000000000000 ]--- [ 122.976430] ------------[ cut here ]------------ [ 122.976908] WARNING: CPU: 1 PID: 1121 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 122.977834] Modules linked in: [ 122.978129] CPU: 1 PID: 1121 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 122.978974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 122.980025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 122.980550] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 122.982204] RSP: 0018:ffff88800e8efbd0 EFLAGS: 00010246 [ 122.982720] RAX: 0000000000000000 RBX: ffff8880182888a8 RCX: 0000000000000000 [ 122.983392] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 122.984040] RBP: ffff88800e8efbe8 R08: ffffed1003051133 R09: ffffed1003051133 [ 122.984693] R10: ffff888018288993 R11: ffffed1003051132 R12: ffff88801226cc00 [ 122.985358] R13: ffff8880182889e8 R14: ffff88801706dd00 R15: 0000000000000000 [ 122.986010] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 122.986772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.987323] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 122.987971] PKRU: 55555554 [ 122.988230] Call Trace: [ 122.988468] [ 122.988673] iommufd_access_destroy_object+0x65/0x170 [ 122.989145] iommufd_object_destroy_user+0x18e/0x220 [ 122.989613] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 122.990145] iommufd_access_destroy+0x43/0x70 [ 122.990579] iommufd_test_staccess_release+0x8d/0xd0 [ 122.991049] __fput+0x26d/0xa40 [ 122.991376] ____fput+0x1e/0x30 [ 122.991681] task_work_run+0x1a4/0x2d0 [ 122.992044] ? __pfx_task_work_run+0x10/0x10 [ 122.992447] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 122.992891] ? switch_task_namespaces+0xa9/0xe0 [ 122.993327] do_exit+0xb17/0x2ef0 [ 122.993641] ? lock_acquire+0x427/0x4c0 [ 122.994007] ? __pfx_lock_release+0x10/0x10 [ 122.994402] ? __kasan_check_write+0x18/0x20 [ 122.994830] ? do_raw_spin_lock+0x132/0x2a0 [ 122.995231] ? __pfx_do_exit+0x10/0x10 [ 122.995594] ? debug_smp_processor_id+0x20/0x30 [ 122.996020] ? rcu_is_watching+0x19/0xb0 [ 122.996387] ? _raw_spin_unlock_irq+0x2b/0x60 [ 122.996799] ? trace_hardirqs_on+0x26/0x120 [ 122.997192] do_group_exit+0xe0/0x2b0 [ 122.997536] __x64_sys_exit_group+0x47/0x50 [ 122.997923] do_syscall_64+0x3b/0x90 [ 122.998269] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 122.998777] RIP: 0033:0x7f4b87518a4d [ 122.999123] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 122.999681] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.000361] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.000994] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.001627] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.002262] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.002916] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.003586] [ 123.003800] irq event stamp: 0 [ 123.004084] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.004650] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.005455] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.006186] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.006749] ---[ end trace 0000000000000000 ]--- [ 123.007515] ------------[ cut here ]------------ [ 123.007915] WARNING: CPU: 1 PID: 1121 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.008788] Modules linked in: [ 123.009062] CPU: 1 PID: 1121 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.009797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.010780] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.011224] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.012755] RSP: 0018:ffff88800e8efb78 EFLAGS: 00010246 [ 123.013206] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.013802] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 123.014396] RBP: ffff88800e8efb98 R08: ffffed100305113e R09: ffffed100305113e [ 123.015016] R10: ffff8880182889ef R11: ffffed100305113d R12: ffff888018288a90 [ 123.015625] R13: ffff8880182888a8 R14: ffffffffffffffff R15: ffff88800e8efc60 [ 123.016222] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.016897] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.017384] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.017982] PKRU: 55555554 [ 123.018220] Call Trace: [ 123.018436] [ 123.018652] iommufd_ioas_destroy+0x53/0x70 [ 123.019025] iommufd_fops_release+0x1f7/0x370 [ 123.019428] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.019853] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.020276] ? write_comp_data+0x2f/0x90 [ 123.020628] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.021052] __fput+0x26d/0xa40 [ 123.021349] ____fput+0x1e/0x30 [ 123.021637] task_work_run+0x1a4/0x2d0 [ 123.021975] ? __pfx_task_work_run+0x10/0x10 [ 123.022353] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.022805] ? switch_task_namespaces+0xa9/0xe0 [ 123.023214] do_exit+0xb17/0x2ef0 [ 123.023505] ? lock_acquire+0x427/0x4c0 [ 123.023845] ? __pfx_lock_release+0x10/0x10 [ 123.024209] ? __kasan_check_write+0x18/0x20 [ 123.024577] ? do_raw_spin_lock+0x132/0x2a0 [ 123.024936] ? __pfx_do_exit+0x10/0x10 [ 123.025267] ? debug_smp_processor_id+0x20/0x30 [ 123.025658] ? rcu_is_watching+0x19/0xb0 [ 123.025995] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.026377] ? trace_hardirqs_on+0x26/0x120 [ 123.026777] do_group_exit+0xe0/0x2b0 [ 123.027098] __x64_sys_exit_group+0x47/0x50 [ 123.027467] do_syscall_64+0x3b/0x90 [ 123.027789] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.028227] RIP: 0033:0x7f4b87518a4d [ 123.028534] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.029042] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.029668] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.030263] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.030871] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.031478] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.032068] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.032661] [ 123.032855] irq event stamp: 0 [ 123.033115] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.033630] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.034312] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.035009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.035534] ---[ end trace 0000000000000000 ]--- [ 123.040561] ------------[ cut here ]------------ [ 123.040993] WARNING: CPU: 1 PID: 1122 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.041816] Modules linked in: [ 123.042078] CPU: 1 PID: 1122 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.042849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.043769] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.044166] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.045611] RSP: 0018:ffff88800bce7bb8 EFLAGS: 00010246 [ 123.046032] RAX: 0000000000000000 RBX: ffff8880179478a8 RCX: 0000000000000000 [ 123.046614] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 123.047190] RBP: ffff88800bce7bd0 R08: ffffed1002f28f33 R09: ffffed1002f28f33 [ 123.047756] R10: ffff888017947993 R11: ffffed1002f28f32 R12: ffff888020d33400 [ 123.048321] R13: ffff8880179479e8 R14: ffffffff8352e670 R15: ffff88800bce7e68 [ 123.048898] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.049534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.049993] CR2: 0000000020000140 CR3: 0000000014502000 CR4: 0000000000750ee0 [ 123.050582] PKRU: 55555554 [ 123.050808] Call Trace: [ 123.051013] [ 123.051201] __iommufd_access_detach+0x1c2/0x2b0 [ 123.051590] iommufd_access_change_pt+0x149/0x270 [ 123.051984] iommufd_access_replace+0xb4/0x120 [ 123.052359] iommufd_test+0x3e5/0x37e0 [ 123.052671] ? lock_release+0x532/0x770 [ 123.052998] ? __might_fault+0x102/0x1b0 [ 123.053330] ? lock_acquire+0x427/0x4c0 [ 123.053657] ? __pfx_iommufd_test+0x10/0x10 [ 123.054000] ? __pfx_lock_release+0x10/0x10 [ 123.054350] ? __pfx_lock_acquire+0x10/0x10 [ 123.054716] ? write_comp_data+0x2f/0x90 [ 123.055051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.055450] ? write_comp_data+0x2f/0x90 [ 123.055785] iommufd_fops_ioctl+0x37d/0x510 [ 123.056134] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.056527] ? write_comp_data+0x2f/0x90 [ 123.056861] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.057251] __x64_sys_ioctl+0x1a3/0x230 [ 123.057584] do_syscall_64+0x3b/0x90 [ 123.057885] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.058300] RIP: 0033:0x7f4b8743ee5d [ 123.058605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.060042] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.060637] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.061191] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.061731] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.062296] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.062875] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.063459] [ 123.063646] irq event stamp: 0 [ 123.063898] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.064398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.065060] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.065723] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.066224] ---[ end trace 0000000000000000 ]--- [ 123.068834] ------------[ cut here ]------------ [ 123.069270] WARNING: CPU: 1 PID: 1122 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.070073] Modules linked in: [ 123.070331] CPU: 1 PID: 1122 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.071054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.071904] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.072281] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.073644] RSP: 0018:ffff88800bce7bd0 EFLAGS: 00010246 [ 123.074040] RAX: 0000000000000000 RBX: ffff8880179478a8 RCX: 0000000000000000 [ 123.074764] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 123.075306] RBP: ffff88800bce7be8 R08: ffffed1002f28f33 R09: ffffed1002f28f33 [ 123.075838] R10: ffff888017947993 R11: ffffed1002f28f32 R12: ffff88800a727400 [ 123.076373] R13: ffff8880179479e8 R14: ffff888012bf9600 R15: 0000000000000000 [ 123.076906] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.077510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.077943] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.078478] PKRU: 55555554 [ 123.078702] Call Trace: [ 123.078895] [ 123.079066] iommufd_access_destroy_object+0x65/0x170 [ 123.079462] iommufd_object_destroy_user+0x18e/0x220 [ 123.079848] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.080290] iommufd_access_destroy+0x43/0x70 [ 123.080640] iommufd_test_staccess_release+0x8d/0xd0 [ 123.081029] __fput+0x26d/0xa40 [ 123.081293] ____fput+0x1e/0x30 [ 123.081550] task_work_run+0x1a4/0x2d0 [ 123.081850] ? __pfx_task_work_run+0x10/0x10 [ 123.082187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.082570] ? switch_task_namespaces+0xa9/0xe0 [ 123.082932] do_exit+0xb17/0x2ef0 [ 123.083206] ? lock_acquire+0x427/0x4c0 [ 123.083504] ? __pfx_lock_release+0x10/0x10 [ 123.083825] ? __kasan_check_write+0x18/0x20 [ 123.084150] ? do_raw_spin_lock+0x132/0x2a0 [ 123.084470] ? __pfx_do_exit+0x10/0x10 [ 123.084768] ? debug_smp_processor_id+0x20/0x30 [ 123.085115] ? rcu_is_watching+0x19/0xb0 [ 123.085421] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.085763] ? trace_hardirqs_on+0x26/0x120 [ 123.086089] do_group_exit+0xe0/0x2b0 [ 123.086372] __x64_sys_exit_group+0x47/0x50 [ 123.086710] do_syscall_64+0x3b/0x90 [ 123.086991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.087382] RIP: 0033:0x7f4b87518a4d [ 123.087654] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.088109] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.088669] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.089193] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.089716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.090242] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.090780] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.091325] [ 123.091498] irq event stamp: 0 [ 123.091732] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.092198] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.092806] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.093411] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.093870] ---[ end trace 0000000000000000 ]--- [ 123.094492] ------------[ cut here ]------------ [ 123.094847] WARNING: CPU: 1 PID: 1122 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.095600] Modules linked in: [ 123.095837] CPU: 1 PID: 1122 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.096482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.097312] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.097691] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.099049] RSP: 0018:ffff88800bce7b78 EFLAGS: 00010246 [ 123.099456] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.099969] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 123.100480] RBP: ffff88800bce7b98 R08: ffffed1002f28f3e R09: ffffed1002f28f3e [ 123.101015] R10: ffff8880179479ef R11: ffffed1002f28f3d R12: ffff888017947a90 [ 123.101535] R13: ffff8880179478a8 R14: ffffffffffffffff R15: ffff88800bce7c60 [ 123.102054] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.102649] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.103070] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.103597] PKRU: 55555554 [ 123.103802] Call Trace: [ 123.103988] [ 123.104153] iommufd_ioas_destroy+0x53/0x70 [ 123.104471] iommufd_fops_release+0x1f7/0x370 [ 123.104803] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.105169] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.105529] ? write_comp_data+0x2f/0x90 [ 123.105833] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.106198] __fput+0x26d/0xa40 [ 123.106450] ____fput+0x1e/0x30 [ 123.106709] task_work_run+0x1a4/0x2d0 [ 123.107002] ? __pfx_task_work_run+0x10/0x10 [ 123.107335] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.107696] ? switch_task_namespaces+0xa9/0xe0 [ 123.108045] do_exit+0xb17/0x2ef0 [ 123.108301] ? lock_acquire+0x427/0x4c0 [ 123.108599] ? __pfx_lock_release+0x10/0x10 [ 123.108921] ? __kasan_check_write+0x18/0x20 [ 123.109247] ? do_raw_spin_lock+0x132/0x2a0 [ 123.109563] ? __pfx_do_exit+0x10/0x10 [ 123.109854] ? debug_smp_processor_id+0x20/0x30 [ 123.110198] ? rcu_is_watching+0x19/0xb0 [ 123.110497] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.110849] ? trace_hardirqs_on+0x26/0x120 [ 123.111178] do_group_exit+0xe0/0x2b0 [ 123.111457] __x64_sys_exit_group+0x47/0x50 [ 123.111771] do_syscall_64+0x3b/0x90 [ 123.112053] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.112435] RIP: 0033:0x7f4b87518a4d [ 123.112705] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.113153] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.113703] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.114221] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.114748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.115275] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.115787] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.116303] [ 123.116470] irq event stamp: 0 [ 123.116696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.117144] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.117740] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.118333] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.118793] ---[ end trace 0000000000000000 ]--- [ 123.122340] ------------[ cut here ]------------ [ 123.122854] WARNING: CPU: 1 PID: 1123 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.123603] Modules linked in: [ 123.123833] CPU: 1 PID: 1123 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.124459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.125262] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.125616] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.126924] RSP: 0018:ffff8880171d7bb8 EFLAGS: 00010246 [ 123.127310] RAX: 0000000000000000 RBX: ffff88801403c8a8 RCX: 0000000000000000 [ 123.127819] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 123.128326] RBP: ffff8880171d7bd0 R08: ffffed1002807933 R09: ffffed1002807933 [ 123.128834] R10: ffff88801403c993 R11: ffffed1002807932 R12: ffff888013a80c00 [ 123.129342] R13: ffff88801403c9e8 R14: ffffffff8352e670 R15: ffff8880171d7e68 [ 123.129850] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.130423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.130852] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 123.131368] PKRU: 55555554 [ 123.131572] Call Trace: [ 123.131756] [ 123.131919] __iommufd_access_detach+0x1c2/0x2b0 [ 123.132279] iommufd_access_change_pt+0x149/0x270 [ 123.132633] iommufd_access_replace+0xb4/0x120 [ 123.133005] iommufd_test+0x3e5/0x37e0 [ 123.133285] ? lock_release+0x532/0x770 [ 123.133579] ? __might_fault+0x102/0x1b0 [ 123.133876] ? lock_acquire+0x427/0x4c0 [ 123.134173] ? __pfx_iommufd_test+0x10/0x10 [ 123.134481] ? __pfx_lock_release+0x10/0x10 [ 123.134803] ? __pfx_lock_acquire+0x10/0x10 [ 123.135123] ? write_comp_data+0x2f/0x90 [ 123.135424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.135771] ? write_comp_data+0x2f/0x90 [ 123.136066] iommufd_fops_ioctl+0x37d/0x510 [ 123.136374] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.136722] ? write_comp_data+0x2f/0x90 [ 123.137016] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.137358] __x64_sys_ioctl+0x1a3/0x230 [ 123.137654] do_syscall_64+0x3b/0x90 [ 123.137924] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.138294] RIP: 0033:0x7f4b8743ee5d [ 123.138571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.139863] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.140396] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.140898] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.141398] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.141897] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.142398] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.142917] [ 123.143083] irq event stamp: 0 [ 123.143314] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.143757] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.144340] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.144925] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.145365] ---[ end trace 0000000000000000 ]--- [ 123.147675] ------------[ cut here ]------------ [ 123.148020] WARNING: CPU: 1 PID: 1123 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.148731] Modules linked in: [ 123.148956] CPU: 1 PID: 1123 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.149570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.150358] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.150726] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.152015] RSP: 0018:ffff8880171d7bd0 EFLAGS: 00010246 [ 123.152389] RAX: 0000000000000000 RBX: ffff88801403c8a8 RCX: 0000000000000000 [ 123.152889] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 123.153391] RBP: ffff8880171d7be8 R08: ffffed1002807933 R09: ffffed1002807933 [ 123.153891] R10: ffff88801403c993 R11: ffffed1002807932 R12: ffff888020d31800 [ 123.154395] R13: ffff88801403c9e8 R14: ffff888014915700 R15: 0000000000000000 [ 123.154909] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.155486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.155895] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.156396] PKRU: 55555554 [ 123.156593] Call Trace: [ 123.156771] [ 123.156929] iommufd_access_destroy_object+0x65/0x170 [ 123.157289] iommufd_object_destroy_user+0x18e/0x220 [ 123.157645] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.158052] iommufd_access_destroy+0x43/0x70 [ 123.158370] iommufd_test_staccess_release+0x8d/0xd0 [ 123.158742] __fput+0x26d/0xa40 [ 123.158983] ____fput+0x1e/0x30 [ 123.159227] task_work_run+0x1a4/0x2d0 [ 123.159505] ? __pfx_task_work_run+0x10/0x10 [ 123.159816] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.160158] ? switch_task_namespaces+0xa9/0xe0 [ 123.160489] do_exit+0xb17/0x2ef0 [ 123.160731] ? lock_acquire+0x427/0x4c0 [ 123.161018] ? __pfx_lock_release+0x10/0x10 [ 123.161325] ? __kasan_check_write+0x18/0x20 [ 123.161634] ? do_raw_spin_lock+0x132/0x2a0 [ 123.161935] ? __pfx_do_exit+0x10/0x10 [ 123.162213] ? debug_smp_processor_id+0x20/0x30 [ 123.162553] ? rcu_is_watching+0x19/0xb0 [ 123.162839] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.163170] ? trace_hardirqs_on+0x26/0x120 [ 123.163476] do_group_exit+0xe0/0x2b0 [ 123.163742] __x64_sys_exit_group+0x47/0x50 [ 123.164042] do_syscall_64+0x3b/0x90 [ 123.164310] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.164674] RIP: 0033:0x7f4b87518a4d [ 123.164937] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.165379] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.165904] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.166396] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.166901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.167402] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.167896] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.168394] [ 123.168556] irq event stamp: 0 [ 123.168776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.169210] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.169788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.170366] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.170814] ---[ end trace 0000000000000000 ]--- [ 123.171395] ------------[ cut here ]------------ [ 123.171720] WARNING: CPU: 1 PID: 1123 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.172423] Modules linked in: [ 123.172645] CPU: 1 PID: 1123 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.173251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.174029] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.174383] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.175666] RSP: 0018:ffff8880171d7b78 EFLAGS: 00010246 [ 123.176035] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.176528] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 123.177019] RBP: ffff8880171d7b98 R08: ffffed100280793e R09: ffffed100280793e [ 123.177511] R10: ffff88801403c9ef R11: ffffed100280793d R12: ffff88801403ca90 [ 123.178004] R13: ffff88801403c8a8 R14: ffffffffffffffff R15: ffff8880171d7c60 [ 123.178496] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.179066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.179479] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.179972] PKRU: 55555554 [ 123.180168] Call Trace: [ 123.180346] [ 123.180503] iommufd_ioas_destroy+0x53/0x70 [ 123.180805] iommufd_fops_release+0x1f7/0x370 [ 123.181125] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.181474] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.181817] ? write_comp_data+0x2f/0x90 [ 123.182108] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.182457] __fput+0x26d/0xa40 [ 123.182709] ____fput+0x1e/0x30 [ 123.182948] task_work_run+0x1a4/0x2d0 [ 123.183235] ? __pfx_task_work_run+0x10/0x10 [ 123.183546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.183890] ? switch_task_namespaces+0xa9/0xe0 [ 123.184223] do_exit+0xb17/0x2ef0 [ 123.184466] ? lock_acquire+0x427/0x4c0 [ 123.184750] ? __pfx_lock_release+0x10/0x10 [ 123.185056] ? __kasan_check_write+0x18/0x20 [ 123.185365] ? do_raw_spin_lock+0x132/0x2a0 [ 123.185666] ? __pfx_do_exit+0x10/0x10 [ 123.185943] ? debug_smp_processor_id+0x20/0x30 [ 123.186269] ? rcu_is_watching+0x19/0xb0 [ 123.186563] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.186884] ? trace_hardirqs_on+0x26/0x120 [ 123.187194] do_group_exit+0xe0/0x2b0 [ 123.187460] __x64_sys_exit_group+0x47/0x50 [ 123.187760] do_syscall_64+0x3b/0x90 [ 123.188026] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.188390] RIP: 0033:0x7f4b87518a4d [ 123.188648] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.189076] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.189600] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.190094] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.190598] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.191095] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.191592] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.192090] [ 123.192252] irq event stamp: 0 [ 123.192471] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.192905] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.193480] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.194055] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.194490] ---[ end trace 0000000000000000 ]--- [ 123.197958] ------------[ cut here ]------------ [ 123.198311] WARNING: CPU: 1 PID: 1124 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.199042] Modules linked in: [ 123.199286] CPU: 1 PID: 1124 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.199886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.200536] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.200825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.201882] RSP: 0018:ffff8880171cfbb8 EFLAGS: 00010246 [ 123.202190] RAX: 0000000000000000 RBX: ffff8880161098a8 RCX: 0000000000000000 [ 123.202613] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 123.203027] RBP: ffff8880171cfbd0 R08: ffffed1002c21333 R09: ffffed1002c21333 [ 123.203446] R10: ffff888016109993 R11: ffffed1002c21332 R12: ffff88801813a000 [ 123.203859] R13: ffff8880161099e8 R14: ffffffff8352e670 R15: ffff8880171cfe68 [ 123.204273] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.204740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.205077] CR2: 0000000020000140 CR3: 0000000012260000 CR4: 0000000000750ee0 [ 123.205492] PKRU: 55555554 [ 123.205657] Call Trace: [ 123.205808] [ 123.205941] __iommufd_access_detach+0x1c2/0x2b0 [ 123.206227] iommufd_access_change_pt+0x149/0x270 [ 123.206531] iommufd_access_replace+0xb4/0x120 [ 123.206808] iommufd_test+0x3e5/0x37e0 [ 123.207037] ? lock_release+0x532/0x770 [ 123.207281] ? __might_fault+0x102/0x1b0 [ 123.207524] ? lock_acquire+0x427/0x4c0 [ 123.207766] ? __pfx_iommufd_test+0x10/0x10 [ 123.208019] ? __pfx_lock_release+0x10/0x10 [ 123.208278] ? __pfx_lock_acquire+0x10/0x10 [ 123.208540] ? write_comp_data+0x2f/0x90 [ 123.208786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.209076] ? write_comp_data+0x2f/0x90 [ 123.209325] iommufd_fops_ioctl+0x37d/0x510 [ 123.209582] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.209872] ? write_comp_data+0x2f/0x90 [ 123.210118] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.210407] __x64_sys_ioctl+0x1a3/0x230 [ 123.210662] do_syscall_64+0x3b/0x90 [ 123.210888] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.211207] RIP: 0033:0x7f4b8743ee5d [ 123.211425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.212480] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.212919] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.213333] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.213745] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.214156] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.214577] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.214996] [ 123.215139] irq event stamp: 0 [ 123.215325] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.215691] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.216176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.216661] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.217027] ---[ end trace 0000000000000000 ]--- [ 123.219159] ------------[ cut here ]------------ [ 123.219439] WARNING: CPU: 1 PID: 1124 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.220025] Modules linked in: [ 123.220212] CPU: 1 PID: 1124 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.220720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.221370] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.221658] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.222717] RSP: 0018:ffff8880171cfbd0 EFLAGS: 00010246 [ 123.223024] RAX: 0000000000000000 RBX: ffff8880161098a8 RCX: 0000000000000000 [ 123.223440] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 123.223850] RBP: ffff8880171cfbe8 R08: ffffed1002c21333 R09: ffffed1002c21333 [ 123.224261] R10: ffff888016109993 R11: ffffed1002c21332 R12: ffff888013a82400 [ 123.224673] R13: ffff8880161099e8 R14: ffff88800fd91d00 R15: 0000000000000000 [ 123.225084] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.225551] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.225887] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.226299] PKRU: 55555554 [ 123.226464] Call Trace: [ 123.226623] [ 123.226756] iommufd_access_destroy_object+0x65/0x170 [ 123.227058] iommufd_object_destroy_user+0x18e/0x220 [ 123.227362] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.227705] iommufd_access_destroy+0x43/0x70 [ 123.227974] iommufd_test_staccess_release+0x8d/0xd0 [ 123.228278] __fput+0x26d/0xa40 [ 123.228484] ____fput+0x1e/0x30 [ 123.228684] task_work_run+0x1a4/0x2d0 [ 123.228918] ? __pfx_task_work_run+0x10/0x10 [ 123.229200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.229488] ? switch_task_namespaces+0xa9/0xe0 [ 123.229768] do_exit+0xb17/0x2ef0 [ 123.229971] ? lock_acquire+0x427/0x4c0 [ 123.230210] ? __pfx_lock_release+0x10/0x10 [ 123.230467] ? __kasan_check_write+0x18/0x20 [ 123.230735] ? do_raw_spin_lock+0x132/0x2a0 [ 123.230989] ? __pfx_do_exit+0x10/0x10 [ 123.231229] ? debug_smp_processor_id+0x20/0x30 [ 123.231503] ? rcu_is_watching+0x19/0xb0 [ 123.231741] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.232010] ? trace_hardirqs_on+0x26/0x120 [ 123.232266] do_group_exit+0xe0/0x2b0 [ 123.232490] __x64_sys_exit_group+0x47/0x50 [ 123.232749] do_syscall_64+0x3b/0x90 [ 123.232977] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.233283] RIP: 0033:0x7f4b87518a4d [ 123.233500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.233856] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.234295] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.234720] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.235139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.235551] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.235962] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.236380] [ 123.236516] irq event stamp: 0 [ 123.236700] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.237063] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.237544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.238025] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.238388] ---[ end trace 0000000000000000 ]--- [ 123.238898] ------------[ cut here ]------------ [ 123.239176] WARNING: CPU: 1 PID: 1124 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.239762] Modules linked in: [ 123.239948] CPU: 1 PID: 1124 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.240452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.241099] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.241399] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.242451] RSP: 0018:ffff8880171cfb78 EFLAGS: 00010246 [ 123.242768] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.243190] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 123.243601] RBP: ffff8880171cfb98 R08: ffffed1002c2133e R09: ffffed1002c2133e [ 123.244012] R10: ffff8880161099ef R11: ffffed1002c2133d R12: ffff888016109a90 [ 123.244424] R13: ffff8880161098a8 R14: ffffffffffffffff R15: ffff8880171cfc60 [ 123.244835] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.245299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.245636] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.246047] PKRU: 55555554 [ 123.246211] Call Trace: [ 123.246362] [ 123.246495] iommufd_ioas_destroy+0x53/0x70 [ 123.246759] iommufd_fops_release+0x1f7/0x370 [ 123.247025] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.247324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.247613] ? write_comp_data+0x2f/0x90 [ 123.247857] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.248149] __fput+0x26d/0xa40 [ 123.248353] ____fput+0x1e/0x30 [ 123.248555] task_work_run+0x1a4/0x2d0 [ 123.248788] ? __pfx_task_work_run+0x10/0x10 [ 123.249052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.249339] ? switch_task_namespaces+0xa9/0xe0 [ 123.249619] do_exit+0xb17/0x2ef0 [ 123.249821] ? lock_acquire+0x427/0x4c0 [ 123.250061] ? __pfx_lock_release+0x10/0x10 [ 123.250318] ? __kasan_check_write+0x18/0x20 [ 123.250586] ? do_raw_spin_lock+0x132/0x2a0 [ 123.250839] ? __pfx_do_exit+0x10/0x10 [ 123.251073] ? debug_smp_processor_id+0x20/0x30 [ 123.251356] ? rcu_is_watching+0x19/0xb0 [ 123.251594] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.251862] ? trace_hardirqs_on+0x26/0x120 [ 123.252118] do_group_exit+0xe0/0x2b0 [ 123.252343] __x64_sys_exit_group+0x47/0x50 [ 123.252594] do_syscall_64+0x3b/0x90 [ 123.252818] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.253124] RIP: 0033:0x7f4b87518a4d [ 123.253339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.253694] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.254133] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.254552] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.254963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.255379] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.255789] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.256204] [ 123.256340] irq event stamp: 0 [ 123.256523] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.256886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.257366] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.257866] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.258254] ---[ end trace 0000000000000000 ]--- [ 123.261722] ------------[ cut here ]------------ [ 123.262005] WARNING: CPU: 1 PID: 1125 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.262611] Modules linked in: [ 123.262797] CPU: 1 PID: 1125 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.263308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.263954] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.264244] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.265288] RSP: 0018:ffff888018bffbb8 EFLAGS: 00010246 [ 123.265595] RAX: 0000000000000000 RBX: ffff8880145a88a8 RCX: 0000000000000000 [ 123.266004] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 123.266414] RBP: ffff888018bffbd0 R08: ffffed10028b5133 R09: ffffed10028b5133 [ 123.266864] R10: ffff8880145a8993 R11: ffffed10028b5132 R12: ffff888013cd7000 [ 123.267283] R13: ffff8880145a89e8 R14: ffffffff8352e670 R15: ffff888018bffe68 [ 123.267694] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.268156] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.268493] CR2: 0000000020000140 CR3: 0000000010b2e000 CR4: 0000000000750ee0 [ 123.268904] PKRU: 55555554 [ 123.269067] Call Trace: [ 123.269216] [ 123.269348] __iommufd_access_detach+0x1c2/0x2b0 [ 123.269631] iommufd_access_change_pt+0x149/0x270 [ 123.269918] iommufd_access_replace+0xb4/0x120 [ 123.270194] iommufd_test+0x3e5/0x37e0 [ 123.270420] ? lock_release+0x532/0x770 [ 123.270667] ? __might_fault+0x102/0x1b0 [ 123.270909] ? lock_acquire+0x427/0x4c0 [ 123.271157] ? __pfx_iommufd_test+0x10/0x10 [ 123.271410] ? __pfx_lock_release+0x10/0x10 [ 123.271666] ? __pfx_lock_acquire+0x10/0x10 [ 123.271924] ? write_comp_data+0x2f/0x90 [ 123.272167] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.272454] ? write_comp_data+0x2f/0x90 [ 123.272699] iommufd_fops_ioctl+0x37d/0x510 [ 123.272953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.273243] ? write_comp_data+0x2f/0x90 [ 123.273486] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.273769] __x64_sys_ioctl+0x1a3/0x230 [ 123.274013] do_syscall_64+0x3b/0x90 [ 123.274236] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.274553] RIP: 0033:0x7f4b8743ee5d [ 123.274768] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.275817] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.276253] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.276660] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.277067] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.277474] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.277881] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.278295] [ 123.278429] irq event stamp: 0 [ 123.278619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.278981] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.279468] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.279946] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.280309] ---[ end trace 0000000000000000 ]--- [ 123.282415] ------------[ cut here ]------------ [ 123.282700] WARNING: CPU: 1 PID: 1125 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.283289] Modules linked in: [ 123.283473] CPU: 1 PID: 1125 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.283974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.284619] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.284905] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.285947] RSP: 0018:ffff888018bffbd0 EFLAGS: 00010246 [ 123.286252] RAX: 0000000000000000 RBX: ffff8880145a88a8 RCX: 0000000000000000 [ 123.286671] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 123.287079] RBP: ffff888018bffbe8 R08: ffffed10028b5133 R09: ffffed10028b5133 [ 123.287494] R10: ffff8880145a8993 R11: ffffed10028b5132 R12: ffff88801813b800 [ 123.287902] R13: ffff8880145a89e8 R14: ffff888020e8bd00 R15: 0000000000000000 [ 123.288311] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.288772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.289105] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.289516] PKRU: 55555554 [ 123.289679] Call Trace: [ 123.289827] [ 123.289959] iommufd_access_destroy_object+0x65/0x170 [ 123.290259] iommufd_object_destroy_user+0x18e/0x220 [ 123.290566] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.290907] iommufd_access_destroy+0x43/0x70 [ 123.291182] iommufd_test_staccess_release+0x8d/0xd0 [ 123.291486] __fput+0x26d/0xa40 [ 123.291689] ____fput+0x1e/0x30 [ 123.291888] task_work_run+0x1a4/0x2d0 [ 123.292120] ? __pfx_task_work_run+0x10/0x10 [ 123.292380] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.292666] ? switch_task_namespaces+0xa9/0xe0 [ 123.292967] do_exit+0xb17/0x2ef0 [ 123.293169] ? lock_acquire+0x427/0x4c0 [ 123.293407] ? __pfx_lock_release+0x10/0x10 [ 123.293663] ? __kasan_check_write+0x18/0x20 [ 123.293920] ? do_raw_spin_lock+0x132/0x2a0 [ 123.294172] ? __pfx_do_exit+0x10/0x10 [ 123.294404] ? debug_smp_processor_id+0x20/0x30 [ 123.294684] ? rcu_is_watching+0x19/0xb0 [ 123.294922] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.295189] ? trace_hardirqs_on+0x26/0x120 [ 123.295436] do_group_exit+0xe0/0x2b0 [ 123.295661] __x64_sys_exit_group+0x47/0x50 [ 123.295912] do_syscall_64+0x3b/0x90 [ 123.296137] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.296443] RIP: 0033:0x7f4b87518a4d [ 123.296659] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.297015] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.297452] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.297863] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.298274] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.298691] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.299099] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.299519] [ 123.299655] irq event stamp: 0 [ 123.299838] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.300201] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.300681] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.301162] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.301527] ---[ end trace 0000000000000000 ]--- [ 123.302029] ------------[ cut here ]------------ [ 123.302297] WARNING: CPU: 1 PID: 1125 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.302895] Modules linked in: [ 123.303081] CPU: 1 PID: 1125 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.303594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.304239] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.304536] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.305582] RSP: 0018:ffff888018bffb78 EFLAGS: 00010246 [ 123.305888] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.306297] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 123.306715] RBP: ffff888018bffb98 R08: ffffed10028b513e R09: ffffed10028b513e [ 123.307130] R10: ffff8880145a89ef R11: ffffed10028b513d R12: ffff8880145a8a90 [ 123.307539] R13: ffff8880145a88a8 R14: ffffffffffffffff R15: ffff888018bffc60 [ 123.307947] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.308407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.308740] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.309149] PKRU: 55555554 [ 123.309312] Call Trace: [ 123.309460] [ 123.309591] iommufd_ioas_destroy+0x53/0x70 [ 123.309845] iommufd_fops_release+0x1f7/0x370 [ 123.310113] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.310407] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.310702] ? write_comp_data+0x2f/0x90 [ 123.310946] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.311244] __fput+0x26d/0xa40 [ 123.311447] ____fput+0x1e/0x30 [ 123.311650] task_work_run+0x1a4/0x2d0 [ 123.311882] ? __pfx_task_work_run+0x10/0x10 [ 123.312143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.312431] ? switch_task_namespaces+0xa9/0xe0 [ 123.312710] do_exit+0xb17/0x2ef0 [ 123.312913] ? lock_acquire+0x427/0x4c0 [ 123.313154] ? __pfx_lock_release+0x10/0x10 [ 123.313411] ? __kasan_check_write+0x18/0x20 [ 123.313670] ? do_raw_spin_lock+0x132/0x2a0 [ 123.313923] ? __pfx_do_exit+0x10/0x10 [ 123.314156] ? debug_smp_processor_id+0x20/0x30 [ 123.314429] ? rcu_is_watching+0x19/0xb0 [ 123.314675] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.314944] ? trace_hardirqs_on+0x26/0x120 [ 123.315204] do_group_exit+0xe0/0x2b0 [ 123.315428] __x64_sys_exit_group+0x47/0x50 [ 123.315679] do_syscall_64+0x3b/0x90 [ 123.315902] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.316207] RIP: 0033:0x7f4b87518a4d [ 123.316422] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.316777] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.317213] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.317623] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.318033] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.318442] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.318859] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.319280] [ 123.319415] irq event stamp: 0 [ 123.319598] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.319958] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.320437] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.320915] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.321276] ---[ end trace 0000000000000000 ]--- [ 123.324523] ------------[ cut here ]------------ [ 123.324802] WARNING: CPU: 1 PID: 1126 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.325406] Modules linked in: [ 123.325591] CPU: 1 PID: 1126 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.326092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.326941] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.327234] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.328274] RSP: 0018:ffff8880121ffbb8 EFLAGS: 00010246 [ 123.328580] RAX: 0000000000000000 RBX: ffff8880158d60a8 RCX: 0000000000000000 [ 123.328987] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 123.329396] RBP: ffff8880121ffbd0 R08: ffffed1002b1ac33 R09: ffffed1002b1ac33 [ 123.329803] R10: ffff8880158d6193 R11: ffffed1002b1ac32 R12: ffff888020d70000 [ 123.330210] R13: ffff8880158d61e8 R14: ffffffff8352e670 R15: ffff8880121ffe68 [ 123.330631] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.331091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.331429] CR2: 0000000020000140 CR3: 0000000014082000 CR4: 0000000000750ee0 [ 123.331840] PKRU: 55555554 [ 123.332003] Call Trace: [ 123.332151] [ 123.332282] __iommufd_access_detach+0x1c2/0x2b0 [ 123.332563] iommufd_access_change_pt+0x149/0x270 [ 123.332849] iommufd_access_replace+0xb4/0x120 [ 123.333121] iommufd_test+0x3e5/0x37e0 [ 123.333354] ? lock_release+0x532/0x770 [ 123.333595] ? __might_fault+0x102/0x1b0 [ 123.333835] ? lock_acquire+0x427/0x4c0 [ 123.334072] ? __pfx_iommufd_test+0x10/0x10 [ 123.334321] ? __pfx_lock_release+0x10/0x10 [ 123.334585] ? __pfx_lock_acquire+0x10/0x10 [ 123.334843] ? write_comp_data+0x2f/0x90 [ 123.335086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.335378] ? write_comp_data+0x2f/0x90 [ 123.335622] iommufd_fops_ioctl+0x37d/0x510 [ 123.335875] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.336164] ? write_comp_data+0x2f/0x90 [ 123.336407] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.336689] __x64_sys_ioctl+0x1a3/0x230 [ 123.336932] do_syscall_64+0x3b/0x90 [ 123.337154] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.337459] RIP: 0033:0x7f4b8743ee5d [ 123.337673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.338726] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.339166] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.339572] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.339978] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.340387] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.340793] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.341207] [ 123.341342] irq event stamp: 0 [ 123.341524] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.341886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.342365] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.342850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.343219] ---[ end trace 0000000000000000 ]--- [ 123.345276] ------------[ cut here ]------------ [ 123.345544] WARNING: CPU: 1 PID: 1126 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.346077] Modules linked in: [ 123.346246] CPU: 1 PID: 1126 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.346881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.347571] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.347857] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.348894] RSP: 0018:ffff8880121ffbd0 EFLAGS: 00010246 [ 123.349197] RAX: 0000000000000000 RBX: ffff8880158d60a8 RCX: 0000000000000000 [ 123.349604] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 123.350003] RBP: ffff8880121ffbe8 R08: ffffed1002b1ac33 R09: ffffed1002b1ac33 [ 123.350375] R10: ffff8880158d6193 R11: ffffed1002b1ac32 R12: ffff888013cd5c00 [ 123.350758] R13: ffff8880158d61e8 R14: ffff888012faad00 R15: 0000000000000000 [ 123.351158] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.351591] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.351925] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.352335] PKRU: 55555554 [ 123.352497] Call Trace: [ 123.352644] [ 123.352775] iommufd_access_destroy_object+0x65/0x170 [ 123.353073] iommufd_object_destroy_user+0x18e/0x220 [ 123.353369] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.353710] iommufd_access_destroy+0x43/0x70 [ 123.353976] iommufd_test_staccess_release+0x8d/0xd0 [ 123.354274] __fput+0x26d/0xa40 [ 123.354475] ____fput+0x1e/0x30 [ 123.354681] task_work_run+0x1a4/0x2d0 [ 123.354912] ? __pfx_task_work_run+0x10/0x10 [ 123.355173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.355458] ? switch_task_namespaces+0xa9/0xe0 [ 123.355734] do_exit+0xb17/0x2ef0 [ 123.355934] ? lock_acquire+0x427/0x4c0 [ 123.356170] ? __pfx_lock_release+0x10/0x10 [ 123.356424] ? __kasan_check_write+0x18/0x20 [ 123.356681] ? do_raw_spin_lock+0x132/0x2a0 [ 123.356935] ? __pfx_do_exit+0x10/0x10 [ 123.357182] ? debug_smp_processor_id+0x20/0x30 [ 123.357450] ? rcu_is_watching+0x19/0xb0 [ 123.357685] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.357948] ? trace_hardirqs_on+0x26/0x120 [ 123.358200] do_group_exit+0xe0/0x2b0 [ 123.358421] __x64_sys_exit_group+0x47/0x50 [ 123.358678] do_syscall_64+0x3b/0x90 [ 123.358899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.359209] RIP: 0033:0x7f4b87518a4d [ 123.359425] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.359776] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.360208] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.360612] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.361018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.361423] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.361830] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.362241] [ 123.362375] irq event stamp: 0 [ 123.362565] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.362924] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.363404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.363881] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.364241] ---[ end trace 0000000000000000 ]--- [ 123.364740] ------------[ cut here ]------------ [ 123.365006] WARNING: CPU: 1 PID: 1126 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.365586] Modules linked in: [ 123.365769] CPU: 1 PID: 1126 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.366268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.366916] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.367214] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.368248] RSP: 0018:ffff8880121ffb78 EFLAGS: 00010246 [ 123.368554] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.368958] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 123.369366] RBP: ffff8880121ffb98 R08: ffffed1002b1ac3e R09: ffffed1002b1ac3e [ 123.369770] R10: ffff8880158d61ef R11: ffffed1002b1ac3d R12: ffff8880158d6290 [ 123.370173] R13: ffff8880158d60a8 R14: ffffffffffffffff R15: ffff8880121ffc60 [ 123.370586] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.371042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.371384] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.371789] PKRU: 55555554 [ 123.371953] Call Trace: [ 123.372100] [ 123.372231] iommufd_ioas_destroy+0x53/0x70 [ 123.372481] iommufd_fops_release+0x1f7/0x370 [ 123.372745] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.373034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.373318] ? write_comp_data+0x2f/0x90 [ 123.373559] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.373848] __fput+0x26d/0xa40 [ 123.374049] ____fput+0x1e/0x30 [ 123.374247] task_work_run+0x1a4/0x2d0 [ 123.374477] ? __pfx_task_work_run+0x10/0x10 [ 123.374743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.375029] ? switch_task_namespaces+0xa9/0xe0 [ 123.375312] do_exit+0xb17/0x2ef0 [ 123.375516] ? lock_acquire+0x427/0x4c0 [ 123.375752] ? __pfx_lock_release+0x10/0x10 [ 123.376006] ? __kasan_check_write+0x18/0x20 [ 123.376261] ? do_raw_spin_lock+0x132/0x2a0 [ 123.376513] ? __pfx_do_exit+0x10/0x10 [ 123.376745] ? debug_smp_processor_id+0x20/0x30 [ 123.377014] ? rcu_is_watching+0x19/0xb0 [ 123.377249] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.377514] ? trace_hardirqs_on+0x26/0x120 [ 123.377766] do_group_exit+0xe0/0x2b0 [ 123.377988] __x64_sys_exit_group+0x47/0x50 [ 123.378235] do_syscall_64+0x3b/0x90 [ 123.378457] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.378767] RIP: 0033:0x7f4b87518a4d [ 123.378980] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.379336] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.379770] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.380176] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.380580] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.380984] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.381390] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.381800] [ 123.381935] irq event stamp: 0 [ 123.382117] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.382476] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.382959] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.383442] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.383801] ---[ end trace 0000000000000000 ]--- [ 123.387208] ------------[ cut here ]------------ [ 123.387481] WARNING: CPU: 1 PID: 1127 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.388060] Modules linked in: [ 123.388244] CPU: 1 PID: 1127 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.388743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.389406] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.389689] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.390736] RSP: 0018:ffff888014be7bb8 EFLAGS: 00010246 [ 123.391039] RAX: 0000000000000000 RBX: ffff8880149630a8 RCX: 0000000000000000 [ 123.391450] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 123.391854] RBP: ffff888014be7bd0 R08: ffffed100292c633 R09: ffffed100292c633 [ 123.392261] R10: ffff888014963193 R11: ffffed100292c632 R12: ffff8880189cbc00 [ 123.392665] R13: ffff8880149631e8 R14: ffffffff8352e670 R15: ffff888014be7e68 [ 123.393070] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.393528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.393859] CR2: 0000000020000140 CR3: 0000000015bd8000 CR4: 0000000000750ee0 [ 123.394266] PKRU: 55555554 [ 123.394428] Call Trace: [ 123.394585] [ 123.394716] __iommufd_access_detach+0x1c2/0x2b0 [ 123.394997] iommufd_access_change_pt+0x149/0x270 [ 123.395290] iommufd_access_replace+0xb4/0x120 [ 123.395562] iommufd_test+0x3e5/0x37e0 [ 123.395786] ? lock_release+0x532/0x770 [ 123.396021] ? __might_fault+0x102/0x1b0 [ 123.396259] ? lock_acquire+0x427/0x4c0 [ 123.396496] ? __pfx_iommufd_test+0x10/0x10 [ 123.396742] ? __pfx_lock_release+0x10/0x10 [ 123.396995] ? __pfx_lock_acquire+0x10/0x10 [ 123.397250] ? write_comp_data+0x2f/0x90 [ 123.397490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.397773] ? write_comp_data+0x2f/0x90 [ 123.398014] iommufd_fops_ioctl+0x37d/0x510 [ 123.398265] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.398559] ? write_comp_data+0x2f/0x90 [ 123.398802] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.399082] __x64_sys_ioctl+0x1a3/0x230 [ 123.399328] do_syscall_64+0x3b/0x90 [ 123.399549] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.399850] RIP: 0033:0x7f4b8743ee5d [ 123.400063] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.401099] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.401528] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.401931] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.402337] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.402748] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.403160] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.403571] [ 123.403704] irq event stamp: 0 [ 123.403885] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.404243] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.404718] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.405192] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.405550] ---[ end trace 0000000000000000 ]--- [ 123.407668] ------------[ cut here ]------------ [ 123.407933] WARNING: CPU: 1 PID: 1127 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.408507] Modules linked in: [ 123.408690] CPU: 1 PID: 1127 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.409187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.409825] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.410109] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.411311] RSP: 0018:ffff888014be7bd0 EFLAGS: 00010246 [ 123.411614] RAX: 0000000000000000 RBX: ffff8880149630a8 RCX: 0000000000000000 [ 123.412018] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 123.412428] RBP: ffff888014be7be8 R08: ffffed100292c633 R09: ffffed100292c633 [ 123.412832] R10: ffff888014963193 R11: ffffed100292c632 R12: ffff888020d73000 [ 123.413238] R13: ffff8880149631e8 R14: ffff888010aa9400 R15: 0000000000000000 [ 123.413641] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.414095] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.414425] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.414841] PKRU: 55555554 [ 123.415002] Call Trace: [ 123.415153] [ 123.415283] iommufd_access_destroy_object+0x65/0x170 [ 123.415580] iommufd_object_destroy_user+0x18e/0x220 [ 123.415875] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.416211] iommufd_access_destroy+0x43/0x70 [ 123.416475] iommufd_test_staccess_release+0x8d/0xd0 [ 123.416771] __fput+0x26d/0xa40 [ 123.416971] ____fput+0x1e/0x30 [ 123.417167] task_work_run+0x1a4/0x2d0 [ 123.417396] ? __pfx_task_work_run+0x10/0x10 [ 123.417653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.417935] ? switch_task_namespaces+0xa9/0xe0 [ 123.418209] do_exit+0xb17/0x2ef0 [ 123.418409] ? lock_acquire+0x427/0x4c0 [ 123.418651] ? __pfx_lock_release+0x10/0x10 [ 123.418903] ? __kasan_check_write+0x18/0x20 [ 123.419163] ? do_raw_spin_lock+0x132/0x2a0 [ 123.419412] ? __pfx_do_exit+0x10/0x10 [ 123.419643] ? debug_smp_processor_id+0x20/0x30 [ 123.419911] ? rcu_is_watching+0x19/0xb0 [ 123.420145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.420408] ? trace_hardirqs_on+0x26/0x120 [ 123.420660] do_group_exit+0xe0/0x2b0 [ 123.420880] __x64_sys_exit_group+0x47/0x50 [ 123.421149] do_syscall_64+0x3b/0x90 [ 123.421369] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.421670] RIP: 0033:0x7f4b87518a4d [ 123.421882] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.422234] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.422672] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.423077] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.423484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.423886] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.424289] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.424698] [ 123.424832] irq event stamp: 0 [ 123.425013] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.425370] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.425842] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.426315] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.426681] ---[ end trace 0000000000000000 ]--- [ 123.427181] ------------[ cut here ]------------ [ 123.427446] WARNING: CPU: 1 PID: 1127 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.428021] Modules linked in: [ 123.428203] CPU: 1 PID: 1127 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.428699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.429334] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.429626] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.430660] RSP: 0018:ffff888014be7b78 EFLAGS: 00010246 [ 123.430961] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.431369] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 123.431770] RBP: ffff888014be7b98 R08: ffffed100292c63e R09: ffffed100292c63e [ 123.432172] R10: ffff8880149631ef R11: ffffed100292c63d R12: ffff888014963290 [ 123.432577] R13: ffff8880149630a8 R14: ffffffffffffffff R15: ffff888014be7c60 [ 123.432980] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.433445] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.433774] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.434179] PKRU: 55555554 [ 123.434340] Call Trace: [ 123.434485] [ 123.434623] iommufd_ioas_destroy+0x53/0x70 [ 123.434872] iommufd_fops_release+0x1f7/0x370 [ 123.435143] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.435430] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.435713] ? write_comp_data+0x2f/0x90 [ 123.435952] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.436239] __fput+0x26d/0xa40 [ 123.436439] ____fput+0x1e/0x30 [ 123.436635] task_work_run+0x1a4/0x2d0 [ 123.436863] ? __pfx_task_work_run+0x10/0x10 [ 123.437119] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.437402] ? switch_task_namespaces+0xa9/0xe0 [ 123.437677] do_exit+0xb17/0x2ef0 [ 123.437876] ? lock_acquire+0x427/0x4c0 [ 123.438111] ? __pfx_lock_release+0x10/0x10 [ 123.438363] ? __kasan_check_write+0x18/0x20 [ 123.438627] ? do_raw_spin_lock+0x132/0x2a0 [ 123.438875] ? __pfx_do_exit+0x10/0x10 [ 123.438994] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 123.439104] ? debug_smp_processor_id+0x20/0x30 [ 123.440291] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 123.440529] ? rcu_is_watching+0x19/0xb0 [ 123.441561] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.441822] ? trace_hardirqs_on+0x26/0x120 [ 123.442073] do_group_exit+0xe0/0x2b0 [ 123.442295] __x64_sys_exit_group+0x47/0x50 [ 123.442548] do_syscall_64+0x3b/0x90 [ 123.442768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.443068] RIP: 0033:0x7f4b87518a4d [ 123.443285] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.443632] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.444059] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.444459] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.444860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.445260] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.445662] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.446069] [ 123.446202] irq event stamp: 0 [ 123.446381] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.446749] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.447226] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.447699] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.448055] ---[ end trace 0000000000000000 ]--- [ 123.452859] ------------[ cut here ]------------ [ 123.453150] WARNING: CPU: 1 PID: 1129 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.453722] Modules linked in: [ 123.453904] CPU: 1 PID: 1129 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.454397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.455063] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.455353] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.456375] RSP: 0018:ffff8880208afbb8 EFLAGS: 00010246 [ 123.456675] RAX: 0000000000000000 RBX: ffff88801409b0a8 RCX: 0000000000000000 [ 123.457075] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 123.457475] RBP: ffff8880208afbd0 R08: ffffed1002813633 R09: ffffed1002813633 [ 123.457876] R10: ffff88801409b193 R11: ffffed1002813632 R12: ffff888021816400 [ 123.458277] R13: ffff88801409b1e8 R14: ffffffff8352e670 R15: ffff8880208afe68 [ 123.458686] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.459145] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.459473] CR2: 0000000020000140 CR3: 000000001340a000 CR4: 0000000000750ee0 [ 123.459876] PKRU: 55555554 [ 123.460037] Call Trace: [ 123.460183] [ 123.460313] __iommufd_access_detach+0x1c2/0x2b0 [ 123.460592] iommufd_access_change_pt+0x149/0x270 [ 123.460876] iommufd_access_replace+0xb4/0x120 [ 123.461146] iommufd_test+0x3e5/0x37e0 [ 123.461369] ? lock_release+0x532/0x770 [ 123.461604] ? __might_fault+0x102/0x1b0 [ 123.461842] ? lock_acquire+0x427/0x4c0 [ 123.462078] ? __pfx_iommufd_test+0x10/0x10 [ 123.462324] ? __pfx_lock_release+0x10/0x10 [ 123.462586] ? __pfx_lock_acquire+0x10/0x10 [ 123.462840] ? write_comp_data+0x2f/0x90 [ 123.463080] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.463368] ? write_comp_data+0x2f/0x90 [ 123.463609] iommufd_fops_ioctl+0x37d/0x510 [ 123.463858] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.464140] ? write_comp_data+0x2f/0x90 [ 123.464381] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.464658] __x64_sys_ioctl+0x1a3/0x230 [ 123.464897] do_syscall_64+0x3b/0x90 [ 123.465117] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.465417] RIP: 0033:0x7f4b8743ee5d [ 123.465628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.466663] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.467090] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.467500] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.467901] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.468303] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.468703] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.469113] [ 123.469246] irq event stamp: 0 [ 123.469426] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.469780] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.470251] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.470729] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.471086] ---[ end trace 0000000000000000 ]--- [ 123.473259] ------------[ cut here ]------------ [ 123.473531] WARNING: CPU: 1 PID: 1129 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.474105] Modules linked in: [ 123.474288] CPU: 1 PID: 1129 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.474800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.475443] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.475727] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.476758] RSP: 0018:ffff8880208afbd0 EFLAGS: 00010246 [ 123.477060] RAX: 0000000000000000 RBX: ffff88801409b0a8 RCX: 0000000000000000 [ 123.477463] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 123.477865] RBP: ffff8880208afbe8 R08: ffffed1002813633 R09: ffffed1002813633 [ 123.478269] R10: ffff88801409b193 R11: ffffed1002813632 R12: ffff88801815b000 [ 123.478684] R13: ffff88801409b1e8 R14: ffff8880143c9a00 R15: 0000000000000000 [ 123.479088] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.479549] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.479878] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.480282] PKRU: 55555554 [ 123.480444] Call Trace: [ 123.480590] [ 123.480720] iommufd_access_destroy_object+0x65/0x170 [ 123.481017] iommufd_object_destroy_user+0x18e/0x220 [ 123.481312] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.481649] iommufd_access_destroy+0x43/0x70 [ 123.481914] iommufd_test_staccess_release+0x8d/0xd0 [ 123.482212] __fput+0x26d/0xa40 [ 123.482412] ____fput+0x1e/0x30 [ 123.482620] task_work_run+0x1a4/0x2d0 [ 123.482852] ? __pfx_task_work_run+0x10/0x10 [ 123.483113] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.483399] ? switch_task_namespaces+0xa9/0xe0 [ 123.483676] do_exit+0xb17/0x2ef0 [ 123.483875] ? lock_acquire+0x427/0x4c0 [ 123.484111] ? __pfx_lock_release+0x10/0x10 [ 123.484366] ? __kasan_check_write+0x18/0x20 [ 123.484621] ? do_raw_spin_lock+0x132/0x2a0 [ 123.484871] ? __pfx_do_exit+0x10/0x10 [ 123.485126] ? debug_smp_processor_id+0x20/0x30 [ 123.485396] ? rcu_is_watching+0x19/0xb0 [ 123.485631] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.485895] ? trace_hardirqs_on+0x26/0x120 [ 123.486149] do_group_exit+0xe0/0x2b0 [ 123.486370] __x64_sys_exit_group+0x47/0x50 [ 123.486626] do_syscall_64+0x3b/0x90 [ 123.486847] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.487155] RIP: 0033:0x7f4b87518a4d [ 123.487368] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.487720] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.488149] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.488553] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.488956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.489359] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.489762] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.490171] [ 123.490304] irq event stamp: 0 [ 123.490485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.490850] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.491331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.491805] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.492163] ---[ end trace 0000000000000000 ]--- [ 123.492666] ------------[ cut here ]------------ [ 123.492933] WARNING: CPU: 1 PID: 1129 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.493510] Modules linked in: [ 123.493693] CPU: 1 PID: 1129 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.494190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.494836] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.495134] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.496166] RSP: 0018:ffff8880208afb78 EFLAGS: 00010246 [ 123.496470] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.496872] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 123.497275] RBP: ffff8880208afb98 R08: ffffed100281363e R09: ffffed100281363e [ 123.497681] R10: ffff88801409b1ef R11: ffffed100281363d R12: ffff88801409b290 [ 123.498086] R13: ffff88801409b0a8 R14: ffffffffffffffff R15: ffff8880208afc60 [ 123.498490] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.498952] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.499289] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.499694] PKRU: 55555554 [ 123.499857] Call Trace: [ 123.500003] [ 123.500134] iommufd_ioas_destroy+0x53/0x70 [ 123.500384] iommufd_fops_release+0x1f7/0x370 [ 123.500646] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.500934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.501220] ? write_comp_data+0x2f/0x90 [ 123.501461] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.501748] __fput+0x26d/0xa40 [ 123.501948] ____fput+0x1e/0x30 [ 123.502146] task_work_run+0x1a4/0x2d0 [ 123.502377] ? __pfx_task_work_run+0x10/0x10 [ 123.502645] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.502930] ? switch_task_namespaces+0xa9/0xe0 [ 123.503210] do_exit+0xb17/0x2ef0 [ 123.503410] ? lock_acquire+0x427/0x4c0 [ 123.503646] ? __pfx_lock_release+0x10/0x10 [ 123.503899] ? __kasan_check_write+0x18/0x20 [ 123.504154] ? do_raw_spin_lock+0x132/0x2a0 [ 123.504403] ? __pfx_do_exit+0x10/0x10 [ 123.504634] ? debug_smp_processor_id+0x20/0x30 [ 123.504902] ? rcu_is_watching+0x19/0xb0 [ 123.505136] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.505400] ? trace_hardirqs_on+0x26/0x120 [ 123.505652] do_group_exit+0xe0/0x2b0 [ 123.505872] __x64_sys_exit_group+0x47/0x50 [ 123.506119] do_syscall_64+0x3b/0x90 [ 123.506339] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.506649] RIP: 0033:0x7f4b87518a4d [ 123.506863] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.507216] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.507643] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.508044] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.508446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.508845] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.509245] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.509650] [ 123.509783] irq event stamp: 0 [ 123.509962] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.510317] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.510793] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.511273] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.511627] ---[ end trace 0000000000000000 ]--- [ 123.515447] ------------[ cut here ]------------ [ 123.515746] WARNING: CPU: 1 PID: 1130 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.516346] Modules linked in: [ 123.516557] CPU: 1 PID: 1130 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.517149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.517786] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.518068] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.519181] RSP: 0018:ffff8880244ffbb8 EFLAGS: 00010246 [ 123.519535] RAX: 0000000000000000 RBX: ffff8880245e60a8 RCX: 0000000000000000 [ 123.520024] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 123.520478] RBP: ffff8880244ffbd0 R08: ffffed10048bcc33 R09: ffffed10048bcc33 [ 123.520880] R10: ffff8880245e6193 R11: ffffed10048bcc32 R12: ffff888013d4f000 [ 123.521276] R13: ffff8880245e61e8 R14: ffffffff8352e670 R15: ffff8880244ffe68 [ 123.521676] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.522128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.522456] CR2: 0000000020000140 CR3: 00000000187c4000 CR4: 0000000000750ee0 [ 123.522871] PKRU: 55555554 [ 123.523033] Call Trace: [ 123.523183] [ 123.523314] __iommufd_access_detach+0x1c2/0x2b0 [ 123.523599] iommufd_access_change_pt+0x149/0x270 [ 123.523883] iommufd_access_replace+0xb4/0x120 [ 123.524154] iommufd_test+0x3e5/0x37e0 [ 123.524377] ? lock_release+0x532/0x770 [ 123.524616] ? __might_fault+0x102/0x1b0 [ 123.524853] ? lock_acquire+0x427/0x4c0 [ 123.525088] ? __pfx_iommufd_test+0x10/0x10 [ 123.525334] ? __pfx_lock_release+0x10/0x10 [ 123.525586] ? __pfx_lock_acquire+0x10/0x10 [ 123.525840] ? write_comp_data+0x2f/0x90 [ 123.526088] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.526373] ? write_comp_data+0x2f/0x90 [ 123.526622] iommufd_fops_ioctl+0x37d/0x510 [ 123.526874] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.527162] ? write_comp_data+0x2f/0x90 [ 123.527405] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.527684] __x64_sys_ioctl+0x1a3/0x230 [ 123.527926] do_syscall_64+0x3b/0x90 [ 123.528147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.528450] RIP: 0033:0x7f4b8743ee5d [ 123.528663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.529693] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.530123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.530537] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.530940] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.531352] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.531759] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.532168] [ 123.532303] irq event stamp: 0 [ 123.532483] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.532843] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.533320] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.533795] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.534152] ---[ end trace 0000000000000000 ]--- [ 123.536394] ------------[ cut here ]------------ [ 123.536697] WARNING: CPU: 1 PID: 1130 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.537285] Modules linked in: [ 123.537476] CPU: 1 PID: 1130 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.537976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.538776] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.539062] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.540198] RSP: 0018:ffff8880244ffbd0 EFLAGS: 00010246 [ 123.540500] RAX: 0000000000000000 RBX: ffff8880245e60a8 RCX: 0000000000000000 [ 123.540906] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 123.541308] RBP: ffff8880244ffbe8 R08: ffffed10048bcc33 R09: ffffed10048bcc33 [ 123.541711] R10: ffff8880245e6193 R11: ffffed10048bcc32 R12: ffff888021814800 [ 123.542113] R13: ffff8880245e61e8 R14: ffff88802187bc00 R15: 0000000000000000 [ 123.542527] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.542986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.543323] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.543734] PKRU: 55555554 [ 123.543896] Call Trace: [ 123.544042] [ 123.544172] iommufd_access_destroy_object+0x65/0x170 [ 123.544470] iommufd_object_destroy_user+0x18e/0x220 [ 123.544766] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.545104] iommufd_access_destroy+0x43/0x70 [ 123.545368] iommufd_test_staccess_release+0x8d/0xd0 [ 123.545665] __fput+0x26d/0xa40 [ 123.545867] ____fput+0x1e/0x30 [ 123.546065] task_work_run+0x1a4/0x2d0 [ 123.546296] ? __pfx_task_work_run+0x10/0x10 [ 123.546563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.546850] ? switch_task_namespaces+0xa9/0xe0 [ 123.547130] do_exit+0xb17/0x2ef0 [ 123.547335] ? lock_acquire+0x427/0x4c0 [ 123.547570] ? __pfx_lock_release+0x10/0x10 [ 123.547827] ? __kasan_check_write+0x18/0x20 [ 123.548084] ? do_raw_spin_lock+0x132/0x2a0 [ 123.548335] ? __pfx_do_exit+0x10/0x10 [ 123.548566] ? debug_smp_processor_id+0x20/0x30 [ 123.548836] ? rcu_is_watching+0x19/0xb0 [ 123.549091] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.549355] ? trace_hardirqs_on+0x26/0x120 [ 123.549609] do_group_exit+0xe0/0x2b0 [ 123.549831] __x64_sys_exit_group+0x47/0x50 [ 123.550078] do_syscall_64+0x3b/0x90 [ 123.550299] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.550612] RIP: 0033:0x7f4b87518a4d [ 123.550828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.551184] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.551667] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.552118] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.552552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.552961] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.553370] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.553783] [ 123.553921] irq event stamp: 0 [ 123.554103] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.554467] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.554958] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.555478] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.555915] ---[ end trace 0000000000000000 ]--- [ 123.556510] ------------[ cut here ]------------ [ 123.556798] WARNING: CPU: 1 PID: 1130 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.557381] Modules linked in: [ 123.557564] CPU: 1 PID: 1130 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.558062] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.558717] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.559019] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.560067] RSP: 0018:ffff8880244ffb78 EFLAGS: 00010246 [ 123.560372] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.560808] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 123.561243] RBP: ffff8880244ffb98 R08: ffffed10048bcc3e R09: ffffed10048bcc3e [ 123.561685] R10: ffff8880245e61ef R11: ffffed10048bcc3d R12: ffff8880245e6290 [ 123.562094] R13: ffff8880245e60a8 R14: ffffffffffffffff R15: ffff8880244ffc60 [ 123.562501] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.562992] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.563356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.563893] PKRU: 55555554 [ 123.564104] Call Trace: [ 123.564285] [ 123.564434] iommufd_ioas_destroy+0x53/0x70 [ 123.564736] iommufd_fops_release+0x1f7/0x370 [ 123.565016] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.565337] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.565629] ? write_comp_data+0x2f/0x90 [ 123.565873] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.566163] __fput+0x26d/0xa40 [ 123.566364] ____fput+0x1e/0x30 [ 123.566576] task_work_run+0x1a4/0x2d0 [ 123.566809] ? __pfx_task_work_run+0x10/0x10 [ 123.567068] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.567361] ? switch_task_namespaces+0xa9/0xe0 [ 123.567656] do_exit+0xb17/0x2ef0 [ 123.567857] ? lock_acquire+0x427/0x4c0 [ 123.568093] ? __pfx_lock_release+0x10/0x10 [ 123.568350] ? __kasan_check_write+0x18/0x20 [ 123.568611] ? do_raw_spin_lock+0x132/0x2a0 [ 123.568861] ? __pfx_do_exit+0x10/0x10 [ 123.569092] ? debug_smp_processor_id+0x20/0x30 [ 123.569362] ? rcu_is_watching+0x19/0xb0 [ 123.569597] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.569861] ? trace_hardirqs_on+0x26/0x120 [ 123.570114] do_group_exit+0xe0/0x2b0 [ 123.570336] __x64_sys_exit_group+0x47/0x50 [ 123.570593] do_syscall_64+0x3b/0x90 [ 123.570815] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.571121] RIP: 0033:0x7f4b87518a4d [ 123.571339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.571723] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.572197] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.572626] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.573033] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.573440] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.573845] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.574256] [ 123.574390] irq event stamp: 0 [ 123.574580] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.574939] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.575427] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.575907] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.576265] ---[ end trace 0000000000000000 ]--- [ 123.579591] ------------[ cut here ]------------ [ 123.579882] WARNING: CPU: 1 PID: 1131 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.580459] Modules linked in: [ 123.580644] CPU: 1 PID: 1131 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.581179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.581817] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.582103] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.583156] RSP: 0018:ffff8880187a7bb8 EFLAGS: 00010246 [ 123.583463] RAX: 0000000000000000 RBX: ffff8880219af8a8 RCX: 0000000000000000 [ 123.583868] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 123.584272] RBP: ffff8880187a7bd0 R08: ffffed1004335f33 R09: ffffed1004335f33 [ 123.584678] R10: ffff8880219af993 R11: ffffed1004335f32 R12: ffff88800fa3e800 [ 123.585082] R13: ffff8880219af9e8 R14: ffffffff8352e670 R15: ffff8880187a7e68 [ 123.585487] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.585943] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.586273] CR2: 0000000020000140 CR3: 0000000012f20000 CR4: 0000000000750ee0 [ 123.586686] PKRU: 55555554 [ 123.586848] Call Trace: [ 123.586996] [ 123.587128] __iommufd_access_detach+0x1c2/0x2b0 [ 123.587410] iommufd_access_change_pt+0x149/0x270 [ 123.587696] iommufd_access_replace+0xb4/0x120 [ 123.587969] iommufd_test+0x3e5/0x37e0 [ 123.588194] ? lock_release+0x532/0x770 [ 123.588432] ? __might_fault+0x102/0x1b0 [ 123.588672] ? lock_acquire+0x427/0x4c0 [ 123.588909] ? __pfx_iommufd_test+0x10/0x10 [ 123.589157] ? __pfx_lock_release+0x10/0x10 [ 123.589411] ? __pfx_lock_acquire+0x10/0x10 [ 123.589667] ? write_comp_data+0x2f/0x90 [ 123.589909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.590193] ? write_comp_data+0x2f/0x90 [ 123.590435] iommufd_fops_ioctl+0x37d/0x510 [ 123.590694] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.590981] ? write_comp_data+0x2f/0x90 [ 123.591226] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.591507] __x64_sys_ioctl+0x1a3/0x230 [ 123.591750] do_syscall_64+0x3b/0x90 [ 123.591972] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.592276] RIP: 0033:0x7f4b8743ee5d [ 123.592489] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.593529] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.593961] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.594366] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.594779] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.595192] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.595600] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.596012] [ 123.596147] irq event stamp: 0 [ 123.596329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.596692] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.597175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.597654] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.598013] ---[ end trace 0000000000000000 ]--- [ 123.600185] ------------[ cut here ]------------ [ 123.600464] WARNING: CPU: 1 PID: 1131 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.601045] Modules linked in: [ 123.601229] CPU: 1 PID: 1131 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.601730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.602373] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.602673] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.603745] RSP: 0018:ffff8880187a7bd0 EFLAGS: 00010246 [ 123.604116] RAX: 0000000000000000 RBX: ffff8880219af8a8 RCX: 0000000000000000 [ 123.604602] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 123.605057] RBP: ffff8880187a7be8 R08: ffffed1004335f33 R09: ffffed1004335f33 [ 123.605475] R10: ffff8880219af993 R11: ffffed1004335f32 R12: ffff888013d4dc00 [ 123.605883] R13: ffff8880219af9e8 R14: ffff888020924200 R15: 0000000000000000 [ 123.606294] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.606812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.607198] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.607687] PKRU: 55555554 [ 123.607856] Call Trace: [ 123.608003] [ 123.608135] iommufd_access_destroy_object+0x65/0x170 [ 123.608438] iommufd_object_destroy_user+0x18e/0x220 [ 123.608736] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.609077] iommufd_access_destroy+0x43/0x70 [ 123.609345] iommufd_test_staccess_release+0x8d/0xd0 [ 123.609647] __fput+0x26d/0xa40 [ 123.609850] ____fput+0x1e/0x30 [ 123.610048] task_work_run+0x1a4/0x2d0 [ 123.610280] ? __pfx_task_work_run+0x10/0x10 [ 123.610552] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.610840] ? switch_task_namespaces+0xa9/0xe0 [ 123.611125] do_exit+0xb17/0x2ef0 [ 123.611329] ? lock_acquire+0x427/0x4c0 [ 123.611567] ? __pfx_lock_release+0x10/0x10 [ 123.611824] ? __kasan_check_write+0x18/0x20 [ 123.612083] ? do_raw_spin_lock+0x132/0x2a0 [ 123.612334] ? __pfx_do_exit+0x10/0x10 [ 123.612566] ? debug_smp_processor_id+0x20/0x30 [ 123.612839] ? rcu_is_watching+0x19/0xb0 [ 123.613119] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.613385] ? trace_hardirqs_on+0x26/0x120 [ 123.613646] do_group_exit+0xe0/0x2b0 [ 123.613871] __x64_sys_exit_group+0x47/0x50 [ 123.614123] do_syscall_64+0x3b/0x90 [ 123.614349] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.614683] RIP: 0033:0x7f4b87518a4d [ 123.614904] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.615272] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.615712] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.616122] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.616533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.616945] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.617355] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.617771] [ 123.617908] irq event stamp: 0 [ 123.618093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.618457] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.618959] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.619445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.619808] ---[ end trace 0000000000000000 ]--- [ 123.620335] ------------[ cut here ]------------ [ 123.620607] WARNING: CPU: 1 PID: 1131 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.621192] Modules linked in: [ 123.621381] CPU: 1 PID: 1131 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.621885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.622546] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.622845] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.623901] RSP: 0018:ffff8880187a7b78 EFLAGS: 00010246 [ 123.624209] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.624616] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 123.625025] RBP: ffff8880187a7b98 R08: ffffed1004335f3e R09: ffffed1004335f3e [ 123.625433] R10: ffff8880219af9ef R11: ffffed1004335f3d R12: ffff8880219afa90 [ 123.625841] R13: ffff8880219af8a8 R14: ffffffffffffffff R15: ffff8880187a7c60 [ 123.626254] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.626726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.627063] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.627489] PKRU: 55555554 [ 123.627653] Call Trace: [ 123.627801] [ 123.627933] iommufd_ioas_destroy+0x53/0x70 [ 123.628187] iommufd_fops_release+0x1f7/0x370 [ 123.628453] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.628744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.629031] ? write_comp_data+0x2f/0x90 [ 123.629274] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.629565] __fput+0x26d/0xa40 [ 123.629768] ____fput+0x1e/0x30 [ 123.629967] task_work_run+0x1a4/0x2d0 [ 123.630200] ? __pfx_task_work_run+0x10/0x10 [ 123.630460] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.630759] ? switch_task_namespaces+0xa9/0xe0 [ 123.631040] do_exit+0xb17/0x2ef0 [ 123.631250] ? lock_acquire+0x427/0x4c0 [ 123.631492] ? __pfx_lock_release+0x10/0x10 [ 123.631751] ? __kasan_check_write+0x18/0x20 [ 123.632011] ? do_raw_spin_lock+0x132/0x2a0 [ 123.632265] ? __pfx_do_exit+0x10/0x10 [ 123.632499] ? debug_smp_processor_id+0x20/0x30 [ 123.632774] ? rcu_is_watching+0x19/0xb0 [ 123.633012] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.633281] ? trace_hardirqs_on+0x26/0x120 [ 123.633548] do_group_exit+0xe0/0x2b0 [ 123.633781] __x64_sys_exit_group+0x47/0x50 [ 123.634036] do_syscall_64+0x3b/0x90 [ 123.634265] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.634590] RIP: 0033:0x7f4b87518a4d [ 123.634809] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.635168] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.635607] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.636016] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.636425] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.636841] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.637259] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.637684] [ 123.637821] irq event stamp: 0 [ 123.638005] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.638369] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.638870] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.639361] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.639726] ---[ end trace 0000000000000000 ]--- [ 123.643422] ------------[ cut here ]------------ [ 123.643718] WARNING: CPU: 1 PID: 1132 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.644300] Modules linked in: [ 123.644485] CPU: 1 PID: 1132 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.645021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.645661] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.645946] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.647157] RSP: 0018:ffff888023fc7bb8 EFLAGS: 00010246 [ 123.647464] RAX: 0000000000000000 RBX: ffff88800ef078a8 RCX: 0000000000000000 [ 123.647871] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 123.648279] RBP: ffff888023fc7bd0 R08: ffffed1001de0f33 R09: ffffed1001de0f33 [ 123.648688] R10: ffff88800ef07993 R11: ffffed1001de0f32 R12: ffff88800fa10c00 [ 123.649095] R13: ffff88800ef079e8 R14: ffffffff8352e670 R15: ffff888023fc7e68 [ 123.649502] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.649962] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.650295] CR2: 0000000020000140 CR3: 0000000013e2a000 CR4: 0000000000750ee0 [ 123.650713] PKRU: 55555554 [ 123.650881] Call Trace: [ 123.651030] [ 123.651166] __iommufd_access_detach+0x1c2/0x2b0 [ 123.651451] iommufd_access_change_pt+0x149/0x270 [ 123.651739] iommufd_access_replace+0xb4/0x120 [ 123.652012] iommufd_test+0x3e5/0x37e0 [ 123.652237] ? lock_release+0x532/0x770 [ 123.652475] ? __might_fault+0x102/0x1b0 [ 123.652717] ? lock_acquire+0x427/0x4c0 [ 123.652955] ? __pfx_iommufd_test+0x10/0x10 [ 123.653203] ? __pfx_lock_release+0x10/0x10 [ 123.653464] ? __pfx_lock_acquire+0x10/0x10 [ 123.653723] ? write_comp_data+0x2f/0x90 [ 123.653967] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.654253] ? write_comp_data+0x2f/0x90 [ 123.654497] iommufd_fops_ioctl+0x37d/0x510 [ 123.654767] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.655055] ? write_comp_data+0x2f/0x90 [ 123.655304] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.655587] __x64_sys_ioctl+0x1a3/0x230 [ 123.655832] do_syscall_64+0x3b/0x90 [ 123.656057] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.656363] RIP: 0033:0x7f4b8743ee5d [ 123.656579] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.657623] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.658061] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.658470] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.658893] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.659315] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.659725] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.660140] [ 123.660277] irq event stamp: 0 [ 123.660460] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.660824] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.661306] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.661787] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.662149] ---[ end trace 0000000000000000 ]--- [ 123.664348] ------------[ cut here ]------------ [ 123.664634] WARNING: CPU: 1 PID: 1132 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.665218] Modules linked in: [ 123.665404] CPU: 1 PID: 1132 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.665905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.666718] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.667009] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.668061] RSP: 0018:ffff888023fc7bd0 EFLAGS: 00010246 [ 123.668368] RAX: 0000000000000000 RBX: ffff88800ef078a8 RCX: 0000000000000000 [ 123.668777] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 123.669188] RBP: ffff888023fc7be8 R08: ffffed1001de0f33 R09: ffffed1001de0f33 [ 123.669596] R10: ffff88800ef07993 R11: ffffed1001de0f32 R12: ffff88800fa3fc00 [ 123.670008] R13: ffff88800ef079e8 R14: ffff88800b8e3b00 R15: 0000000000000000 [ 123.670418] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.670895] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.671235] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.671647] PKRU: 55555554 [ 123.671811] Call Trace: [ 123.671961] [ 123.672093] iommufd_access_destroy_object+0x65/0x170 [ 123.672397] iommufd_object_destroy_user+0x18e/0x220 [ 123.672697] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.673041] iommufd_access_destroy+0x43/0x70 [ 123.673310] iommufd_test_staccess_release+0x8d/0xd0 [ 123.673617] __fput+0x26d/0xa40 [ 123.673821] ____fput+0x1e/0x30 [ 123.674021] task_work_run+0x1a4/0x2d0 [ 123.674255] ? __pfx_task_work_run+0x10/0x10 [ 123.674531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.674823] ? switch_task_namespaces+0xa9/0xe0 [ 123.675105] do_exit+0xb17/0x2ef0 [ 123.675313] ? lock_acquire+0x427/0x4c0 [ 123.675557] ? __pfx_lock_release+0x10/0x10 [ 123.675815] ? __kasan_check_write+0x18/0x20 [ 123.676075] ? do_raw_spin_lock+0x132/0x2a0 [ 123.676327] ? __pfx_do_exit+0x10/0x10 [ 123.676561] ? debug_smp_processor_id+0x20/0x30 [ 123.676836] ? rcu_is_watching+0x19/0xb0 [ 123.677108] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.677377] ? trace_hardirqs_on+0x26/0x120 [ 123.677634] do_group_exit+0xe0/0x2b0 [ 123.677858] __x64_sys_exit_group+0x47/0x50 [ 123.678109] do_syscall_64+0x3b/0x90 [ 123.678333] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.678650] RIP: 0033:0x7f4b87518a4d [ 123.678869] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.679230] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.679669] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.680078] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.680491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.680901] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.681314] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.681733] [ 123.681869] irq event stamp: 0 [ 123.682052] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.682415] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.682908] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.683397] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.683763] ---[ end trace 0000000000000000 ]--- [ 123.684287] ------------[ cut here ]------------ [ 123.684560] WARNING: CPU: 1 PID: 1132 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.685147] Modules linked in: [ 123.685334] CPU: 1 PID: 1132 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.685838] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.686485] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.686808] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.687874] RSP: 0018:ffff888023fc7b78 EFLAGS: 00010246 [ 123.688183] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.688595] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 123.689007] RBP: ffff888023fc7b98 R08: ffffed1001de0f3e R09: ffffed1001de0f3e [ 123.689417] R10: ffff88800ef079ef R11: ffffed1001de0f3d R12: ffff88800ef07a90 [ 123.689829] R13: ffff88800ef078a8 R14: ffffffffffffffff R15: ffff888023fc7c60 [ 123.690242] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.690723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.691064] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.691486] PKRU: 55555554 [ 123.691660] Call Trace: [ 123.691818] [ 123.691971] iommufd_ioas_destroy+0x53/0x70 [ 123.692263] iommufd_fops_release+0x1f7/0x370 [ 123.692591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.692933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.693230] ? write_comp_data+0x2f/0x90 [ 123.693483] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.693790] __fput+0x26d/0xa40 [ 123.694001] ____fput+0x1e/0x30 [ 123.694205] task_work_run+0x1a4/0x2d0 [ 123.694441] ? __pfx_task_work_run+0x10/0x10 [ 123.694720] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.695012] ? switch_task_namespaces+0xa9/0xe0 [ 123.695314] do_exit+0xb17/0x2ef0 [ 123.695530] ? lock_acquire+0x427/0x4c0 [ 123.695772] ? __pfx_lock_release+0x10/0x10 [ 123.696033] ? __kasan_check_write+0x18/0x20 [ 123.696300] ? do_raw_spin_lock+0x132/0x2a0 [ 123.696563] ? __pfx_do_exit+0x10/0x10 [ 123.696805] ? debug_smp_processor_id+0x20/0x30 [ 123.697085] ? rcu_is_watching+0x19/0xb0 [ 123.697328] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.697601] ? trace_hardirqs_on+0x26/0x120 [ 123.697863] do_group_exit+0xe0/0x2b0 [ 123.698091] __x64_sys_exit_group+0x47/0x50 [ 123.698345] do_syscall_64+0x3b/0x90 [ 123.698591] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.698904] RIP: 0033:0x7f4b87518a4d [ 123.699131] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.699498] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.699945] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.700361] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.700781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.701198] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.701613] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.702041] [ 123.702181] irq event stamp: 0 [ 123.702371] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.702760] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.703268] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.703761] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.704128] ---[ end trace 0000000000000000 ]--- [ 123.708083] ------------[ cut here ]------------ [ 123.708393] WARNING: CPU: 1 PID: 1133 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.709031] Modules linked in: [ 123.709220] CPU: 1 PID: 1133 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.709728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.710381] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.710696] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.711773] RSP: 0018:ffff888012a87bb8 EFLAGS: 00010246 [ 123.712085] RAX: 0000000000000000 RBX: ffff888017b260a8 RCX: 0000000000000000 [ 123.712498] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 123.712912] RBP: ffff888012a87bd0 R08: ffffed1002f64c33 R09: ffffed1002f64c33 [ 123.713329] R10: ffff888017b26193 R11: ffffed1002f64c32 R12: ffff88800ae90800 [ 123.713748] R13: ffff888017b261e8 R14: ffffffff8352e670 R15: ffff888012a87e68 [ 123.714164] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.714648] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.714989] CR2: 0000000020000140 CR3: 000000001898a000 CR4: 0000000000750ee0 [ 123.715414] PKRU: 55555554 [ 123.715580] Call Trace: [ 123.715731] [ 123.715865] __iommufd_access_detach+0x1c2/0x2b0 [ 123.716154] iommufd_access_change_pt+0x149/0x270 [ 123.716446] iommufd_access_replace+0xb4/0x120 [ 123.716724] iommufd_test+0x3e5/0x37e0 [ 123.716955] ? lock_release+0x532/0x770 [ 123.717198] ? __might_fault+0x102/0x1b0 [ 123.717442] ? lock_acquire+0x427/0x4c0 [ 123.717686] ? __pfx_iommufd_test+0x10/0x10 [ 123.717939] ? __pfx_lock_release+0x10/0x10 [ 123.718201] ? __pfx_lock_acquire+0x10/0x10 [ 123.718462] ? write_comp_data+0x2f/0x90 [ 123.718727] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.719020] ? write_comp_data+0x2f/0x90 [ 123.719279] iommufd_fops_ioctl+0x37d/0x510 [ 123.719558] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.719872] ? write_comp_data+0x2f/0x90 [ 123.720132] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.720423] __x64_sys_ioctl+0x1a3/0x230 [ 123.720673] do_syscall_64+0x3b/0x90 [ 123.720902] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.721214] RIP: 0033:0x7f4b8743ee5d [ 123.721435] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.722496] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.722966] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.723401] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.723821] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.724240] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.724659] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.725096] [ 123.725244] irq event stamp: 0 [ 123.725442] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.725820] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.726315] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.726824] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.727204] ---[ end trace 0000000000000000 ]--- [ 123.729674] ------------[ cut here ]------------ [ 123.730025] WARNING: CPU: 1 PID: 1133 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.730884] Modules linked in: [ 123.731142] CPU: 1 PID: 1133 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.731811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.732681] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.733079] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.734463] RSP: 0018:ffff888012a87bd0 EFLAGS: 00010246 [ 123.734880] RAX: 0000000000000000 RBX: ffff888017b260a8 RCX: 0000000000000000 [ 123.735417] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 123.735951] RBP: ffff888012a87be8 R08: ffffed1002f64c33 R09: ffffed1002f64c33 [ 123.736475] R10: ffff888017b26193 R11: ffffed1002f64c32 R12: ffff88800fa12400 [ 123.736949] R13: ffff888017b261e8 R14: ffff888010fd7800 R15: 0000000000000000 [ 123.737376] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.737853] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.738201] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.738645] PKRU: 55555554 [ 123.738823] Call Trace: [ 123.738978] [ 123.739121] iommufd_access_destroy_object+0x65/0x170 [ 123.739437] iommufd_object_destroy_user+0x18e/0x220 [ 123.739747] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.740103] iommufd_access_destroy+0x43/0x70 [ 123.740386] iommufd_test_staccess_release+0x8d/0xd0 [ 123.740702] __fput+0x26d/0xa40 [ 123.740915] ____fput+0x1e/0x30 [ 123.741154] task_work_run+0x1a4/0x2d0 [ 123.741400] ? __pfx_task_work_run+0x10/0x10 [ 123.741675] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.741978] ? switch_task_namespaces+0xa9/0xe0 [ 123.742275] do_exit+0xb17/0x2ef0 [ 123.742490] ? lock_acquire+0x427/0x4c0 [ 123.742771] ? __pfx_lock_release+0x10/0x10 [ 123.743043] ? __kasan_check_write+0x18/0x20 [ 123.743326] ? do_raw_spin_lock+0x132/0x2a0 [ 123.743591] ? __pfx_do_exit+0x10/0x10 [ 123.743837] ? debug_smp_processor_id+0x20/0x30 [ 123.744123] ? rcu_is_watching+0x19/0xb0 [ 123.744377] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.744657] ? trace_hardirqs_on+0x26/0x120 [ 123.744925] do_group_exit+0xe0/0x2b0 [ 123.745160] __x64_sys_exit_group+0x47/0x50 [ 123.745421] do_syscall_64+0x3b/0x90 [ 123.745654] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.745972] RIP: 0033:0x7f4b87518a4d [ 123.746198] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.746588] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.747053] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.747489] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.747916] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.748343] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.748770] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.749206] [ 123.749349] irq event stamp: 0 [ 123.749539] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.749920] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.750422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.750944] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.751341] ---[ end trace 0000000000000000 ]--- [ 123.751900] ------------[ cut here ]------------ [ 123.752193] WARNING: CPU: 1 PID: 1133 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.752820] Modules linked in: [ 123.753022] CPU: 1 PID: 1133 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.753564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.754254] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.754590] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.755729] RSP: 0018:ffff888012a87b78 EFLAGS: 00010246 [ 123.756062] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.756502] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 123.756939] RBP: ffff888012a87b98 R08: ffffed1002f64c3e R09: ffffed1002f64c3e [ 123.757378] R10: ffff888017b261ef R11: ffffed1002f64c3d R12: ffff888017b26290 [ 123.757821] R13: ffff888017b260a8 R14: ffffffffffffffff R15: ffff888012a87c60 [ 123.758263] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.758774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.759143] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.759589] PKRU: 55555554 [ 123.759767] Call Trace: [ 123.759937] [ 123.760085] iommufd_ioas_destroy+0x53/0x70 [ 123.760366] iommufd_fops_release+0x1f7/0x370 [ 123.760658] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.760984] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.761301] ? write_comp_data+0x2f/0x90 [ 123.761568] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.761886] __fput+0x26d/0xa40 [ 123.762111] ____fput+0x1e/0x30 [ 123.762330] task_work_run+0x1a4/0x2d0 [ 123.762604] ? __pfx_task_work_run+0x10/0x10 [ 123.762890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.763211] ? switch_task_namespaces+0xa9/0xe0 [ 123.763519] do_exit+0xb17/0x2ef0 [ 123.763741] ? lock_acquire+0x427/0x4c0 [ 123.764001] ? __pfx_lock_release+0x10/0x10 [ 123.764281] ? __kasan_check_write+0x18/0x20 [ 123.764567] ? do_raw_spin_lock+0x132/0x2a0 [ 123.764845] ? __pfx_do_exit+0x10/0x10 [ 123.765103] ? debug_smp_processor_id+0x20/0x30 [ 123.765402] ? rcu_is_watching+0x19/0xb0 [ 123.765662] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.765953] ? trace_hardirqs_on+0x26/0x120 [ 123.766234] do_group_exit+0xe0/0x2b0 [ 123.766480] __x64_sys_exit_group+0x47/0x50 [ 123.766768] do_syscall_64+0x3b/0x90 [ 123.767020] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.767371] RIP: 0033:0x7f4b87518a4d [ 123.767614] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.768006] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.768490] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.768945] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.769402] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.769861] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.770326] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.770822] [ 123.770981] irq event stamp: 0 [ 123.771222] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.771637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.772195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.772759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.773212] ---[ end trace 0000000000000000 ]--- [ 123.777247] ------------[ cut here ]------------ [ 123.777589] WARNING: CPU: 1 PID: 1134 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.778259] Modules linked in: [ 123.778472] CPU: 1 PID: 1134 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.779257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.780007] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.780347] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.781562] RSP: 0018:ffff888020c9fbb8 EFLAGS: 00010246 [ 123.781925] RAX: 0000000000000000 RBX: ffff8880183f60a8 RCX: 0000000000000000 [ 123.782408] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 123.782911] RBP: ffff888020c9fbd0 R08: ffffed100307ec33 R09: ffffed100307ec33 [ 123.783404] R10: ffff8880183f6193 R11: ffffed100307ec32 R12: ffff88800f537000 [ 123.783891] R13: ffff8880183f61e8 R14: ffffffff8352e670 R15: ffff888020c9fe68 [ 123.784379] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.784928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.785328] CR2: 0000000020000140 CR3: 000000001476c000 CR4: 0000000000750ee0 [ 123.785816] PKRU: 55555554 [ 123.786013] Call Trace: [ 123.786189] [ 123.786348] __iommufd_access_detach+0x1c2/0x2b0 [ 123.786707] iommufd_access_change_pt+0x149/0x270 [ 123.787051] iommufd_access_replace+0xb4/0x120 [ 123.787390] iommufd_test+0x3e5/0x37e0 [ 123.787663] ? lock_release+0x532/0x770 [ 123.787945] ? __might_fault+0x102/0x1b0 [ 123.788233] ? lock_acquire+0x427/0x4c0 [ 123.788517] ? __pfx_iommufd_test+0x10/0x10 [ 123.788815] ? __pfx_lock_release+0x10/0x10 [ 123.789120] ? __pfx_lock_acquire+0x10/0x10 [ 123.789428] ? write_comp_data+0x2f/0x90 [ 123.789719] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.790070] ? write_comp_data+0x2f/0x90 [ 123.790371] iommufd_fops_ioctl+0x37d/0x510 [ 123.790706] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.791063] ? write_comp_data+0x2f/0x90 [ 123.791373] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.791723] __x64_sys_ioctl+0x1a3/0x230 [ 123.792027] do_syscall_64+0x3b/0x90 [ 123.792307] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.792683] RIP: 0033:0x7f4b8743ee5d [ 123.792953] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.794239] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.794804] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.795320] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.795822] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.796320] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.796824] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.797340] [ 123.797510] irq event stamp: 0 [ 123.797733] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.798176] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.798785] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.799391] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.799836] ---[ end trace 0000000000000000 ]--- [ 123.802423] ------------[ cut here ]------------ [ 123.802810] WARNING: CPU: 1 PID: 1134 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.803546] Modules linked in: [ 123.803778] CPU: 1 PID: 1134 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.804401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.805255] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.805624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.806966] RSP: 0018:ffff888020c9fbd0 EFLAGS: 00010246 [ 123.807368] RAX: 0000000000000000 RBX: ffff8880183f60a8 RCX: 0000000000000000 [ 123.807884] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 123.808400] RBP: ffff888020c9fbe8 R08: ffffed100307ec33 R09: ffffed100307ec33 [ 123.808910] R10: ffff8880183f6193 R11: ffffed100307ec32 R12: ffff88800ae93400 [ 123.809428] R13: ffff8880183f61e8 R14: ffff8880143f8d00 R15: 0000000000000000 [ 123.809941] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.810550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.810981] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.811515] PKRU: 55555554 [ 123.811724] Call Trace: [ 123.811914] [ 123.812082] iommufd_access_destroy_object+0x65/0x170 [ 123.812464] iommufd_object_destroy_user+0x18e/0x220 [ 123.812832] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.813259] iommufd_access_destroy+0x43/0x70 [ 123.813593] iommufd_test_staccess_release+0x8d/0xd0 [ 123.813967] __fput+0x26d/0xa40 [ 123.814219] ____fput+0x1e/0x30 [ 123.814465] task_work_run+0x1a4/0x2d0 [ 123.814776] ? __pfx_task_work_run+0x10/0x10 [ 123.815103] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.815473] ? switch_task_namespaces+0xa9/0xe0 [ 123.815821] do_exit+0xb17/0x2ef0 [ 123.816073] ? lock_acquire+0x427/0x4c0 [ 123.816375] ? __pfx_lock_release+0x10/0x10 [ 123.816694] ? __kasan_check_write+0x18/0x20 [ 123.817016] ? do_raw_spin_lock+0x132/0x2a0 [ 123.817338] ? __pfx_do_exit+0x10/0x10 [ 123.817633] ? debug_smp_processor_id+0x20/0x30 [ 123.817979] ? rcu_is_watching+0x19/0xb0 [ 123.818283] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.818646] ? trace_hardirqs_on+0x26/0x120 [ 123.818974] do_group_exit+0xe0/0x2b0 [ 123.819273] __x64_sys_exit_group+0x47/0x50 [ 123.819592] do_syscall_64+0x3b/0x90 [ 123.819874] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.820265] RIP: 0033:0x7f4b87518a4d [ 123.820540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.820989] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.821547] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.822064] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.822600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.823128] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.823652] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.824179] [ 123.824353] irq event stamp: 0 [ 123.824586] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.825047] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.825658] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.826263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.826742] ---[ end trace 0000000000000000 ]--- [ 123.827402] ------------[ cut here ]------------ [ 123.827752] WARNING: CPU: 1 PID: 1134 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.828495] Modules linked in: [ 123.828737] CPU: 1 PID: 1134 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.829378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.830196] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.830605] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.831942] RSP: 0018:ffff888020c9fb78 EFLAGS: 00010246 [ 123.832334] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.832856] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 123.833374] RBP: ffff888020c9fb98 R08: ffffed100307ec3e R09: ffffed100307ec3e [ 123.833890] R10: ffff8880183f61ef R11: ffffed100307ec3d R12: ffff8880183f6290 [ 123.834405] R13: ffff8880183f60a8 R14: ffffffffffffffff R15: ffff888020c9fc60 [ 123.834940] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.835543] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.835972] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.836493] PKRU: 55555554 [ 123.836700] Call Trace: [ 123.836893] [ 123.837100] iommufd_ioas_destroy+0x53/0x70 [ 123.837433] iommufd_fops_release+0x1f7/0x370 [ 123.837770] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.838139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.838538] ? write_comp_data+0x2f/0x90 [ 123.838851] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.839235] __fput+0x26d/0xa40 [ 123.839496] ____fput+0x1e/0x30 [ 123.839749] task_work_run+0x1a4/0x2d0 [ 123.840045] ? __pfx_task_work_run+0x10/0x10 [ 123.840376] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.840741] ? switch_task_namespaces+0xa9/0xe0 [ 123.841096] do_exit+0xb17/0x2ef0 [ 123.841355] ? lock_acquire+0x427/0x4c0 [ 123.841660] ? __pfx_lock_release+0x10/0x10 [ 123.841986] ? __kasan_check_write+0x18/0x20 [ 123.842321] ? do_raw_spin_lock+0x132/0x2a0 [ 123.842664] ? __pfx_do_exit+0x10/0x10 [ 123.842964] ? debug_smp_processor_id+0x20/0x30 [ 123.843339] ? rcu_is_watching+0x19/0xb0 [ 123.843651] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.843995] ? trace_hardirqs_on+0x26/0x120 [ 123.844323] do_group_exit+0xe0/0x2b0 [ 123.844612] __x64_sys_exit_group+0x47/0x50 [ 123.844936] do_syscall_64+0x3b/0x90 [ 123.845223] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.845619] RIP: 0033:0x7f4b87518a4d [ 123.845898] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.846352] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.847046] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.847695] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.848224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.848748] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.849271] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.849804] [ 123.849977] irq event stamp: 0 [ 123.850211] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.850705] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.851349] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.851965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.852432] ---[ end trace 0000000000000000 ]--- [ 123.856746] ------------[ cut here ]------------ [ 123.857112] WARNING: CPU: 1 PID: 1135 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.857865] Modules linked in: [ 123.858104] CPU: 1 PID: 1135 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.858946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.859791] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.860162] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.861507] RSP: 0018:ffff8880172cfbb8 EFLAGS: 00010246 [ 123.861902] RAX: 0000000000000000 RBX: ffff888015b208a8 RCX: 0000000000000000 [ 123.862427] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 123.862972] RBP: ffff8880172cfbd0 R08: ffffed1002b64133 R09: ffffed1002b64133 [ 123.863519] R10: ffff888015b20993 R11: ffffed1002b64132 R12: ffff8880209ff800 [ 123.864044] R13: ffff888015b209e8 R14: ffffffff8352e670 R15: ffff8880172cfe68 [ 123.864571] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.865167] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.865596] CR2: 0000000020000140 CR3: 0000000013dfc000 CR4: 0000000000750ee0 [ 123.866122] PKRU: 55555554 [ 123.866332] Call Trace: [ 123.866539] [ 123.866711] __iommufd_access_detach+0x1c2/0x2b0 [ 123.867077] iommufd_access_change_pt+0x149/0x270 [ 123.867460] iommufd_access_replace+0xb4/0x120 [ 123.867815] iommufd_test+0x3e5/0x37e0 [ 123.868110] ? lock_release+0x532/0x770 [ 123.868434] ? __might_fault+0x102/0x1b0 [ 123.868745] ? lock_acquire+0x427/0x4c0 [ 123.869100] ? __pfx_iommufd_test+0x10/0x10 [ 123.869424] ? __pfx_lock_release+0x10/0x10 [ 123.869754] ? __pfx_lock_acquire+0x10/0x10 [ 123.870085] ? write_comp_data+0x2f/0x90 [ 123.870397] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.870785] ? write_comp_data+0x2f/0x90 [ 123.871103] iommufd_fops_ioctl+0x37d/0x510 [ 123.871442] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.871812] ? write_comp_data+0x2f/0x90 [ 123.872126] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.872491] __x64_sys_ioctl+0x1a3/0x230 [ 123.872805] do_syscall_64+0x3b/0x90 [ 123.873095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.873491] RIP: 0033:0x7f4b8743ee5d [ 123.873770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.875151] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.875719] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.876244] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.876772] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.877300] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.877826] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.878366] [ 123.878560] irq event stamp: 0 [ 123.878797] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.879283] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.879905] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.880527] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.880993] ---[ end trace 0000000000000000 ]--- [ 123.883669] ------------[ cut here ]------------ [ 123.884021] WARNING: CPU: 1 PID: 1135 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.884760] Modules linked in: [ 123.884994] CPU: 1 PID: 1135 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.885626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.886437] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.886817] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.888151] RSP: 0018:ffff8880172cfbd0 EFLAGS: 00010246 [ 123.888535] RAX: 0000000000000000 RBX: ffff888015b208a8 RCX: 0000000000000000 [ 123.889049] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 123.889565] RBP: ffff8880172cfbe8 R08: ffffed1002b64133 R09: ffffed1002b64133 [ 123.890086] R10: ffff888015b20993 R11: ffffed1002b64132 R12: ffff88800f535c00 [ 123.890621] R13: ffff888015b209e8 R14: ffff88800fa2d200 R15: 0000000000000000 [ 123.891149] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.891735] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.892156] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.892672] PKRU: 55555554 [ 123.892879] Call Trace: [ 123.893067] [ 123.893232] iommufd_access_destroy_object+0x65/0x170 [ 123.893618] iommufd_object_destroy_user+0x18e/0x220 [ 123.893997] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.894431] iommufd_access_destroy+0x43/0x70 [ 123.894788] iommufd_test_staccess_release+0x8d/0xd0 [ 123.895179] __fput+0x26d/0xa40 [ 123.895438] ____fput+0x1e/0x30 [ 123.895689] task_work_run+0x1a4/0x2d0 [ 123.895983] ? __pfx_task_work_run+0x10/0x10 [ 123.896310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.896672] ? switch_task_namespaces+0xa9/0xe0 [ 123.897025] do_exit+0xb17/0x2ef0 [ 123.897282] ? lock_acquire+0x427/0x4c0 [ 123.897583] ? __pfx_lock_release+0x10/0x10 [ 123.897905] ? __kasan_check_write+0x18/0x20 [ 123.898230] ? do_raw_spin_lock+0x132/0x2a0 [ 123.898573] ? __pfx_do_exit+0x10/0x10 [ 123.898869] ? debug_smp_processor_id+0x20/0x30 [ 123.899230] ? rcu_is_watching+0x19/0xb0 [ 123.899533] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.899869] ? trace_hardirqs_on+0x26/0x120 [ 123.900192] do_group_exit+0xe0/0x2b0 [ 123.900474] __x64_sys_exit_group+0x47/0x50 [ 123.900791] do_syscall_64+0x3b/0x90 [ 123.901123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.901511] RIP: 0033:0x7f4b87518a4d [ 123.901785] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.902231] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.902801] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.903329] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.903847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.904363] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.904881] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.905409] [ 123.905582] irq event stamp: 0 [ 123.905813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.906270] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.906881] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.907494] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.907943] ---[ end trace 0000000000000000 ]--- [ 123.908584] ------------[ cut here ]------------ [ 123.908924] WARNING: CPU: 1 PID: 1135 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.909654] Modules linked in: [ 123.909884] CPU: 1 PID: 1135 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.910528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.911337] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.911706] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.913002] RSP: 0018:ffff8880172cfb78 EFLAGS: 00010246 [ 123.913387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.913894] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 123.914399] RBP: ffff8880172cfb98 R08: ffffed1002b6413e R09: ffffed1002b6413e [ 123.914926] R10: ffff888015b209ef R11: ffffed1002b6413d R12: ffff888015b20a90 [ 123.915451] R13: ffff888015b208a8 R14: ffffffffffffffff R15: ffff8880172cfc60 [ 123.915958] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.916531] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.916942] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.917450] PKRU: 55555554 [ 123.917653] Call Trace: [ 123.917836] [ 123.917998] iommufd_ioas_destroy+0x53/0x70 [ 123.918315] iommufd_fops_release+0x1f7/0x370 [ 123.918667] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.919042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.919418] ? write_comp_data+0x2f/0x90 [ 123.919742] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.920104] __fput+0x26d/0xa40 [ 123.920358] ____fput+0x1e/0x30 [ 123.920610] task_work_run+0x1a4/0x2d0 [ 123.920903] ? __pfx_task_work_run+0x10/0x10 [ 123.921228] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.921586] ? switch_task_namespaces+0xa9/0xe0 [ 123.921930] do_exit+0xb17/0x2ef0 [ 123.922180] ? lock_acquire+0x427/0x4c0 [ 123.922474] ? __pfx_lock_release+0x10/0x10 [ 123.922811] ? __kasan_check_write+0x18/0x20 [ 123.923157] ? do_raw_spin_lock+0x132/0x2a0 [ 123.923471] ? __pfx_do_exit+0x10/0x10 [ 123.923761] ? debug_smp_processor_id+0x20/0x30 [ 123.924098] ? rcu_is_watching+0x19/0xb0 [ 123.924393] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.924722] ? trace_hardirqs_on+0x26/0x120 [ 123.925038] do_group_exit+0xe0/0x2b0 [ 123.925313] __x64_sys_exit_group+0x47/0x50 [ 123.925627] do_syscall_64+0x3b/0x90 [ 123.925903] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.926282] RIP: 0033:0x7f4b87518a4d [ 123.926562] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.927000] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.927544] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.928048] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.928554] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.929058] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.929562] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.930071] [ 123.930239] irq event stamp: 0 [ 123.930465] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.930934] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.931554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.932151] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.932600] ---[ end trace 0000000000000000 ]--- [ 123.936869] ------------[ cut here ]------------ [ 123.937228] WARNING: CPU: 1 PID: 1136 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.937952] Modules linked in: [ 123.938181] CPU: 1 PID: 1136 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.939008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.939821] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.940177] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.941469] RSP: 0018:ffff888012917bb8 EFLAGS: 00010246 [ 123.941846] RAX: 0000000000000000 RBX: ffff888010f4a0a8 RCX: 0000000000000000 [ 123.942357] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 123.942880] RBP: ffff888012917bd0 R08: ffffed10021e9433 R09: ffffed10021e9433 [ 123.943397] R10: ffff888010f4a193 R11: ffffed10021e9432 R12: ffff8880141c4000 [ 123.943900] R13: ffff888010f4a1e8 R14: ffffffff8352e670 R15: ffff888012917e68 [ 123.944405] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.944974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.945386] CR2: 0000000020000140 CR3: 00000000140f0000 CR4: 0000000000750ee0 [ 123.945890] PKRU: 55555554 [ 123.946092] Call Trace: [ 123.946279] [ 123.946440] __iommufd_access_detach+0x1c2/0x2b0 [ 123.946809] iommufd_access_change_pt+0x149/0x270 [ 123.947183] iommufd_access_replace+0xb4/0x120 [ 123.947521] iommufd_test+0x3e5/0x37e0 [ 123.947800] ? lock_release+0x532/0x770 [ 123.948095] ? __might_fault+0x102/0x1b0 [ 123.948395] ? lock_acquire+0x427/0x4c0 [ 123.948690] ? __pfx_iommufd_test+0x10/0x10 [ 123.948998] ? __pfx_lock_release+0x10/0x10 [ 123.949317] ? __pfx_lock_acquire+0x10/0x10 [ 123.949641] ? write_comp_data+0x2f/0x90 [ 123.949945] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.950299] ? write_comp_data+0x2f/0x90 [ 123.950618] iommufd_fops_ioctl+0x37d/0x510 [ 123.950935] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.951299] ? write_comp_data+0x2f/0x90 [ 123.951602] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 123.951950] __x64_sys_ioctl+0x1a3/0x230 [ 123.952251] do_syscall_64+0x3b/0x90 [ 123.952529] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.952910] RIP: 0033:0x7f4b8743ee5d [ 123.953185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 123.954475] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 123.955032] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 123.955551] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 123.956055] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 123.956567] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 123.957074] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 123.957589] [ 123.957758] irq event stamp: 0 [ 123.957984] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.958440] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.959061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.959667] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.960115] ---[ end trace 0000000000000000 ]--- [ 123.962693] ------------[ cut here ]------------ [ 123.963046] WARNING: CPU: 1 PID: 1136 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 123.963781] Modules linked in: [ 123.964015] CPU: 1 PID: 1136 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.964637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.965484] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 123.965840] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 123.967158] RSP: 0018:ffff888012917bd0 EFLAGS: 00010246 [ 123.967540] RAX: 0000000000000000 RBX: ffff888010f4a0a8 RCX: 0000000000000000 [ 123.968046] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 123.968553] RBP: ffff888012917be8 R08: ffffed10021e9433 R09: ffffed10021e9433 [ 123.969059] R10: ffff888010f4a193 R11: ffffed10021e9432 R12: ffff888014762800 [ 123.969565] R13: ffff888010f4a1e8 R14: ffff888014229300 R15: 0000000000000000 [ 123.970069] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.970657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.971070] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.971588] PKRU: 55555554 [ 123.971798] Call Trace: [ 123.971984] [ 123.972148] iommufd_access_destroy_object+0x65/0x170 [ 123.972522] iommufd_object_destroy_user+0x18e/0x220 [ 123.972895] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 123.973318] iommufd_access_destroy+0x43/0x70 [ 123.973651] iommufd_test_staccess_release+0x8d/0xd0 [ 123.974025] __fput+0x26d/0xa40 [ 123.974280] ____fput+0x1e/0x30 [ 123.974547] task_work_run+0x1a4/0x2d0 [ 123.974843] ? __pfx_task_work_run+0x10/0x10 [ 123.975175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.975535] ? switch_task_namespaces+0xa9/0xe0 [ 123.975882] do_exit+0xb17/0x2ef0 [ 123.976137] ? lock_acquire+0x427/0x4c0 [ 123.976435] ? __pfx_lock_release+0x10/0x10 [ 123.976754] ? __kasan_check_write+0x18/0x20 [ 123.977077] ? do_raw_spin_lock+0x132/0x2a0 [ 123.977392] ? __pfx_do_exit+0x10/0x10 [ 123.977685] ? debug_smp_processor_id+0x20/0x30 [ 123.978024] ? rcu_is_watching+0x19/0xb0 [ 123.978328] ? _raw_spin_unlock_irq+0x2b/0x60 [ 123.978679] ? trace_hardirqs_on+0x26/0x120 [ 123.978999] do_group_exit+0xe0/0x2b0 [ 123.979298] __x64_sys_exit_group+0x47/0x50 [ 123.979610] do_syscall_64+0x3b/0x90 [ 123.979888] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 123.980268] RIP: 0033:0x7f4b87518a4d [ 123.980539] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 123.980981] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 123.981524] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 123.982036] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 123.982567] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 123.983080] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 123.983597] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 123.984116] [ 123.984287] irq event stamp: 0 [ 123.984517] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 123.984973] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 123.985576] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 123.986181] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 123.986665] ---[ end trace 0000000000000000 ]--- [ 123.987332] ------------[ cut here ]------------ [ 123.987678] WARNING: CPU: 1 PID: 1136 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 123.988409] Modules linked in: [ 123.988641] CPU: 1 PID: 1136 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 123.989266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 123.990076] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 123.990450] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 123.991804] RSP: 0018:ffff888012917b78 EFLAGS: 00010246 [ 123.992193] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.992703] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 123.993209] RBP: ffff888012917b98 R08: ffffed10021e943e R09: ffffed10021e943e [ 123.993720] R10: ffff888010f4a1ef R11: ffffed10021e943d R12: ffff888010f4a290 [ 123.994228] R13: ffff888010f4a0a8 R14: ffffffffffffffff R15: ffff888012917c60 [ 123.994756] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 123.995341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.995759] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 123.996271] PKRU: 55555554 [ 123.996474] Call Trace: [ 123.996659] [ 123.996823] iommufd_ioas_destroy+0x53/0x70 [ 123.997184] iommufd_fops_release+0x1f7/0x370 [ 123.997519] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.997882] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 123.998240] ? write_comp_data+0x2f/0x90 [ 123.998564] ? __pfx_iommufd_fops_release+0x10/0x10 [ 123.998936] __fput+0x26d/0xa40 [ 123.999201] ____fput+0x1e/0x30 [ 123.999449] task_work_run+0x1a4/0x2d0 [ 123.999738] ? __pfx_task_work_run+0x10/0x10 [ 124.000063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.000419] ? switch_task_namespaces+0xa9/0xe0 [ 124.000767] do_exit+0xb17/0x2ef0 [ 124.001020] ? lock_acquire+0x427/0x4c0 [ 124.001316] ? __pfx_lock_release+0x10/0x10 [ 124.001636] ? __kasan_check_write+0x18/0x20 [ 124.001961] ? do_raw_spin_lock+0x132/0x2a0 [ 124.002279] ? __pfx_do_exit+0x10/0x10 [ 124.002592] ? debug_smp_processor_id+0x20/0x30 [ 124.002936] ? rcu_is_watching+0x19/0xb0 [ 124.003243] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.003582] ? trace_hardirqs_on+0x26/0x120 [ 124.003902] do_group_exit+0xe0/0x2b0 [ 124.004181] __x64_sys_exit_group+0x47/0x50 [ 124.004493] do_syscall_64+0x3b/0x90 [ 124.004773] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.005155] RIP: 0033:0x7f4b87518a4d [ 124.005423] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.005863] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.006410] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.006943] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.007463] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.007976] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.008491] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.009007] [ 124.009176] irq event stamp: 0 [ 124.009404] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.009865] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.010466] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.011088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.011557] ---[ end trace 0000000000000000 ]--- [ 124.015930] ------------[ cut here ]------------ [ 124.016321] WARNING: CPU: 1 PID: 1137 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.017055] Modules linked in: [ 124.017289] CPU: 1 PID: 1137 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.017921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.018764] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.019139] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.020456] RSP: 0018:ffff888016f1fbb8 EFLAGS: 00010246 [ 124.020843] RAX: 0000000000000000 RBX: ffff8880100f50a8 RCX: 0000000000000000 [ 124.021360] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 124.021874] RBP: ffff888016f1fbd0 R08: ffffed100201ea33 R09: ffffed100201ea33 [ 124.022389] R10: ffff8880100f5193 R11: ffffed100201ea32 R12: ffff88800f0dac00 [ 124.022924] R13: ffff8880100f51e8 R14: ffffffff8352e670 R15: ffff888016f1fe68 [ 124.023447] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.024026] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.024446] CR2: 0000000020000140 CR3: 0000000016e46000 CR4: 0000000000750ee0 [ 124.024966] PKRU: 55555554 [ 124.025172] Call Trace: [ 124.025360] [ 124.025526] __iommufd_access_detach+0x1c2/0x2b0 [ 124.025883] iommufd_access_change_pt+0x149/0x270 [ 124.026246] iommufd_access_replace+0xb4/0x120 [ 124.026607] iommufd_test+0x3e5/0x37e0 [ 124.026893] ? lock_release+0x532/0x770 [ 124.027254] ? __might_fault+0x102/0x1b0 [ 124.027556] ? lock_acquire+0x427/0x4c0 [ 124.027855] ? __pfx_iommufd_test+0x10/0x10 [ 124.028167] ? __pfx_lock_release+0x10/0x10 [ 124.028489] ? __pfx_lock_acquire+0x10/0x10 [ 124.028850] ? write_comp_data+0x2f/0x90 [ 124.029181] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.029535] ? write_comp_data+0x2f/0x90 [ 124.029840] iommufd_fops_ioctl+0x37d/0x510 [ 124.030155] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.030533] ? write_comp_data+0x2f/0x90 [ 124.030834] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.031193] __x64_sys_ioctl+0x1a3/0x230 [ 124.031495] do_syscall_64+0x3b/0x90 [ 124.031775] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.032153] RIP: 0033:0x7f4b8743ee5d [ 124.032430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.033723] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.034267] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.034803] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.035331] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.035838] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.036345] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.036861] [ 124.037028] irq event stamp: 0 [ 124.037258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.037709] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.038307] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.038922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.039391] ---[ end trace 0000000000000000 ]--- [ 124.041949] ------------[ cut here ]------------ [ 124.042300] WARNING: CPU: 1 PID: 1137 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.043062] Modules linked in: [ 124.043308] CPU: 1 PID: 1137 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.043932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.044738] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.045095] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.046389] RSP: 0018:ffff888016f1fbd0 EFLAGS: 00010246 [ 124.046793] RAX: 0000000000000000 RBX: ffff8880100f50a8 RCX: 0000000000000000 [ 124.047315] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 124.047831] RBP: ffff888016f1fbe8 R08: ffffed100201ea33 R09: ffffed100201ea33 [ 124.048341] R10: ffff8880100f5193 R11: ffffed100201ea32 R12: ffff8880141c7000 [ 124.048850] R13: ffff8880100f51e8 R14: ffff8880149baf00 R15: 0000000000000000 [ 124.049361] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.049934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.050351] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.050881] PKRU: 55555554 [ 124.051088] Call Trace: [ 124.051288] [ 124.051452] iommufd_access_destroy_object+0x65/0x170 [ 124.051831] iommufd_object_destroy_user+0x18e/0x220 [ 124.052201] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.052629] iommufd_access_destroy+0x43/0x70 [ 124.052963] iommufd_test_staccess_release+0x8d/0xd0 [ 124.053336] __fput+0x26d/0xa40 [ 124.053589] ____fput+0x1e/0x30 [ 124.053836] task_work_run+0x1a4/0x2d0 [ 124.054125] ? __pfx_task_work_run+0x10/0x10 [ 124.054450] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.054829] ? switch_task_namespaces+0xa9/0xe0 [ 124.055184] do_exit+0xb17/0x2ef0 [ 124.055437] ? lock_acquire+0x427/0x4c0 [ 124.055734] ? __pfx_lock_release+0x10/0x10 [ 124.056051] ? __kasan_check_write+0x18/0x20 [ 124.056375] ? do_raw_spin_lock+0x132/0x2a0 [ 124.056687] ? __pfx_do_exit+0x10/0x10 [ 124.056979] ? debug_smp_processor_id+0x20/0x30 [ 124.057320] ? rcu_is_watching+0x19/0xb0 [ 124.057615] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.057947] ? trace_hardirqs_on+0x26/0x120 [ 124.058264] do_group_exit+0xe0/0x2b0 [ 124.058567] __x64_sys_exit_group+0x47/0x50 [ 124.058887] do_syscall_64+0x3b/0x90 [ 124.059180] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.059564] RIP: 0033:0x7f4b87518a4d [ 124.059834] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.060278] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.060825] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.061381] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.061888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.062396] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.062923] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.063450] [ 124.063622] irq event stamp: 0 [ 124.063855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.064310] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.064910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.065510] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.065962] ---[ end trace 0000000000000000 ]--- [ 124.066631] ------------[ cut here ]------------ [ 124.066973] WARNING: CPU: 1 PID: 1137 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.067713] Modules linked in: [ 124.067950] CPU: 1 PID: 1137 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.068577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.069381] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.069751] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.071079] RSP: 0018:ffff888016f1fb78 EFLAGS: 00010246 [ 124.071474] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.071984] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 124.072492] RBP: ffff888016f1fb98 R08: ffffed100201ea3e R09: ffffed100201ea3e [ 124.073000] R10: ffff8880100f51ef R11: ffffed100201ea3d R12: ffff8880100f5290 [ 124.073515] R13: ffff8880100f50a8 R14: ffffffffffffffff R15: ffff888016f1fc60 [ 124.074023] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.074615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.075036] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.075567] PKRU: 55555554 [ 124.075770] Call Trace: [ 124.075955] [ 124.076118] iommufd_ioas_destroy+0x53/0x70 [ 124.076435] iommufd_fops_release+0x1f7/0x370 [ 124.076764] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.077132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.077490] ? write_comp_data+0x2f/0x90 [ 124.077792] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.078157] __fput+0x26d/0xa40 [ 124.078408] ____fput+0x1e/0x30 [ 124.078680] task_work_run+0x1a4/0x2d0 [ 124.078971] ? __pfx_task_work_run+0x10/0x10 [ 124.079306] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.079663] ? switch_task_namespaces+0xa9/0xe0 [ 124.080007] do_exit+0xb17/0x2ef0 [ 124.080265] ? lock_acquire+0x427/0x4c0 [ 124.080563] ? __pfx_lock_release+0x10/0x10 [ 124.080884] ? __kasan_check_write+0x18/0x20 [ 124.081208] ? do_raw_spin_lock+0x132/0x2a0 [ 124.081525] ? __pfx_do_exit+0x10/0x10 [ 124.081814] ? debug_smp_processor_id+0x20/0x30 [ 124.082150] ? rcu_is_watching+0x19/0xb0 [ 124.082444] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.082798] ? trace_hardirqs_on+0x26/0x120 [ 124.083122] do_group_exit+0xe0/0x2b0 [ 124.083403] __x64_sys_exit_group+0x47/0x50 [ 124.083714] do_syscall_64+0x3b/0x90 [ 124.083992] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.084371] RIP: 0033:0x7f4b87518a4d [ 124.084638] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.085079] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.085621] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.086133] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.086662] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.087222] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.087731] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.088257] [ 124.088425] irq event stamp: 0 [ 124.088651] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.089099] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.089692] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.090277] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.090743] ---[ end trace 0000000000000000 ]--- [ 124.094339] ------------[ cut here ]------------ [ 124.094960] WARNING: CPU: 1 PID: 1138 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.095689] Modules linked in: [ 124.095917] CPU: 1 PID: 1138 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.096530] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.097314] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.097662] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.098949] RSP: 0018:ffff888013bf7bb8 EFLAGS: 00010246 [ 124.099335] RAX: 0000000000000000 RBX: ffff888015cd60a8 RCX: 0000000000000000 [ 124.099830] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 124.100329] RBP: ffff888013bf7bd0 R08: ffffed1002b9ac33 R09: ffffed1002b9ac33 [ 124.100828] R10: ffff888015cd6193 R11: ffffed1002b9ac32 R12: ffff888018a3ec00 [ 124.101327] R13: ffff888015cd61e8 R14: ffffffff8352e670 R15: ffff888013bf7e68 [ 124.101825] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.102394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.102821] CR2: 0000000020000140 CR3: 0000000012bae000 CR4: 0000000000750ee0 [ 124.103340] PKRU: 55555554 [ 124.103542] Call Trace: [ 124.103723] [ 124.103883] __iommufd_access_detach+0x1c2/0x2b0 [ 124.104232] iommufd_access_change_pt+0x149/0x270 [ 124.104581] iommufd_access_replace+0xb4/0x120 [ 124.104913] iommufd_test+0x3e5/0x37e0 [ 124.105188] ? lock_release+0x532/0x770 [ 124.105477] ? __might_fault+0x102/0x1b0 [ 124.105769] ? lock_acquire+0x427/0x4c0 [ 124.106058] ? __pfx_iommufd_test+0x10/0x10 [ 124.106363] ? __pfx_lock_release+0x10/0x10 [ 124.106690] ? __pfx_lock_acquire+0x10/0x10 [ 124.107005] ? write_comp_data+0x2f/0x90 [ 124.107312] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.107661] ? write_comp_data+0x2f/0x90 [ 124.107960] iommufd_fops_ioctl+0x37d/0x510 [ 124.108268] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.108617] ? write_comp_data+0x2f/0x90 [ 124.108913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.109256] __x64_sys_ioctl+0x1a3/0x230 [ 124.109553] do_syscall_64+0x3b/0x90 [ 124.109825] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.110196] RIP: 0033:0x7f4b8743ee5d [ 124.110466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.111766] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.112305] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.112811] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.113309] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.113812] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.114308] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.114831] [ 124.114996] irq event stamp: 0 [ 124.115228] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.115669] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.116255] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.116838] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.117282] ---[ end trace 0000000000000000 ]--- [ 124.119909] ------------[ cut here ]------------ [ 124.120269] WARNING: CPU: 1 PID: 1138 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.120980] Modules linked in: [ 124.121205] CPU: 1 PID: 1138 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.121817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.122632] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.122983] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.124286] RSP: 0018:ffff888013bf7bd0 EFLAGS: 00010246 [ 124.124660] RAX: 0000000000000000 RBX: ffff888015cd60a8 RCX: 0000000000000000 [ 124.125190] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 124.125685] RBP: ffff888013bf7be8 R08: ffffed1002b9ac33 R09: ffffed1002b9ac33 [ 124.126180] R10: ffff888015cd6193 R11: ffffed1002b9ac32 R12: ffff88800f0da000 [ 124.126695] R13: ffff888015cd61e8 R14: ffff888020f60700 R15: 0000000000000000 [ 124.127200] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.127766] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.128174] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.128676] PKRU: 55555554 [ 124.128878] Call Trace: [ 124.129062] [ 124.129222] iommufd_access_destroy_object+0x65/0x170 [ 124.129592] iommufd_object_destroy_user+0x18e/0x220 [ 124.129956] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.130374] iommufd_access_destroy+0x43/0x70 [ 124.130721] iommufd_test_staccess_release+0x8d/0xd0 [ 124.131105] __fput+0x26d/0xa40 [ 124.131370] ____fput+0x1e/0x30 [ 124.131612] task_work_run+0x1a4/0x2d0 [ 124.131896] ? __pfx_task_work_run+0x10/0x10 [ 124.132214] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.132566] ? switch_task_namespaces+0xa9/0xe0 [ 124.132904] do_exit+0xb17/0x2ef0 [ 124.133164] ? lock_acquire+0x427/0x4c0 [ 124.133454] ? __pfx_lock_release+0x10/0x10 [ 124.133764] ? __kasan_check_write+0x18/0x20 [ 124.134076] ? do_raw_spin_lock+0x132/0x2a0 [ 124.134390] ? __pfx_do_exit+0x10/0x10 [ 124.134694] ? debug_smp_processor_id+0x20/0x30 [ 124.135028] ? rcu_is_watching+0x19/0xb0 [ 124.135334] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.135666] ? trace_hardirqs_on+0x26/0x120 [ 124.135975] do_group_exit+0xe0/0x2b0 [ 124.136253] __x64_sys_exit_group+0x47/0x50 [ 124.136560] do_syscall_64+0x3b/0x90 [ 124.136834] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.137207] RIP: 0033:0x7f4b87518a4d [ 124.137472] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.137903] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.138440] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.138975] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.139498] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.139998] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.140504] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.141014] [ 124.141187] irq event stamp: 0 [ 124.141411] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.141853] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.142440] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.143047] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.143504] ---[ end trace 0000000000000000 ]--- [ 124.144141] ------------[ cut here ]------------ [ 124.144477] WARNING: CPU: 1 PID: 1138 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.145194] Modules linked in: [ 124.145420] CPU: 1 PID: 1138 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.146032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.146841] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.147216] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.148514] RSP: 0018:ffff888013bf7b78 EFLAGS: 00010246 [ 124.148888] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.149395] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 124.149904] RBP: ffff888013bf7b98 R08: ffffed1002b9ac3e R09: ffffed1002b9ac3e [ 124.150418] R10: ffff888015cd61ef R11: ffffed1002b9ac3d R12: ffff888015cd6290 [ 124.150951] R13: ffff888015cd60a8 R14: ffffffffffffffff R15: ffff888013bf7c60 [ 124.151471] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.152044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.152461] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.152971] PKRU: 55555554 [ 124.153175] Call Trace: [ 124.153363] [ 124.153523] iommufd_ioas_destroy+0x53/0x70 [ 124.153889] iommufd_fops_release+0x1f7/0x370 [ 124.154216] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.154592] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.154946] ? write_comp_data+0x2f/0x90 [ 124.155262] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.155622] __fput+0x26d/0xa40 [ 124.155874] ____fput+0x1e/0x30 [ 124.156120] task_work_run+0x1a4/0x2d0 [ 124.156409] ? __pfx_task_work_run+0x10/0x10 [ 124.156735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.157114] ? switch_task_namespaces+0xa9/0xe0 [ 124.157461] do_exit+0xb17/0x2ef0 [ 124.157716] ? lock_acquire+0x427/0x4c0 [ 124.158010] ? __pfx_lock_release+0x10/0x10 [ 124.158328] ? __kasan_check_write+0x18/0x20 [ 124.158680] ? do_raw_spin_lock+0x132/0x2a0 [ 124.158999] ? __pfx_do_exit+0x10/0x10 [ 124.159303] ? debug_smp_processor_id+0x20/0x30 [ 124.159650] ? rcu_is_watching+0x19/0xb0 [ 124.159948] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.160278] ? trace_hardirqs_on+0x26/0x120 [ 124.160596] do_group_exit+0xe0/0x2b0 [ 124.160876] __x64_sys_exit_group+0x47/0x50 [ 124.161186] do_syscall_64+0x3b/0x90 [ 124.161464] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.161841] RIP: 0033:0x7f4b87518a4d [ 124.162109] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.162571] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.163127] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.163640] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.164152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.164662] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.165169] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.165687] [ 124.165855] irq event stamp: 0 [ 124.166081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.166556] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.167185] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.167787] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.168240] ---[ end trace 0000000000000000 ]--- [ 124.172690] ------------[ cut here ]------------ [ 124.173052] WARNING: CPU: 1 PID: 1139 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.173777] Modules linked in: [ 124.174008] CPU: 1 PID: 1139 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.174700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.175521] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.175881] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.177170] RSP: 0018:ffff888016c27bb8 EFLAGS: 00010246 [ 124.177550] RAX: 0000000000000000 RBX: ffff888020b218a8 RCX: 0000000000000000 [ 124.178055] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 124.178579] RBP: ffff888016c27bd0 R08: ffffed1004164333 R09: ffffed1004164333 [ 124.179089] R10: ffff888020b21993 R11: ffffed1004164332 R12: ffff88801883cc00 [ 124.179605] R13: ffff888020b219e8 R14: ffffffff8352e670 R15: ffff888016c27e68 [ 124.180115] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.180693] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.181110] CR2: 0000000020000140 CR3: 00000000145f8000 CR4: 0000000000750ee0 [ 124.181619] PKRU: 55555554 [ 124.181822] Call Trace: [ 124.182007] [ 124.182173] __iommufd_access_detach+0x1c2/0x2b0 [ 124.182547] iommufd_access_change_pt+0x149/0x270 [ 124.182903] iommufd_access_replace+0xb4/0x120 [ 124.183250] iommufd_test+0x3e5/0x37e0 [ 124.183533] ? lock_release+0x532/0x770 [ 124.183832] ? __might_fault+0x102/0x1b0 [ 124.184136] ? lock_acquire+0x427/0x4c0 [ 124.184432] ? __pfx_iommufd_test+0x10/0x10 [ 124.184742] ? __pfx_lock_release+0x10/0x10 [ 124.185062] ? __pfx_lock_acquire+0x10/0x10 [ 124.185384] ? write_comp_data+0x2f/0x90 [ 124.185686] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.186044] ? write_comp_data+0x2f/0x90 [ 124.186344] iommufd_fops_ioctl+0x37d/0x510 [ 124.186677] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.187036] ? write_comp_data+0x2f/0x90 [ 124.187350] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.187702] __x64_sys_ioctl+0x1a3/0x230 [ 124.188005] do_syscall_64+0x3b/0x90 [ 124.188284] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.188662] RIP: 0033:0x7f4b8743ee5d [ 124.188965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.190297] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.190859] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.191376] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.191883] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.192400] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.192910] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.193425] [ 124.193595] irq event stamp: 0 [ 124.193825] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.194278] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.194897] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.195498] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.195948] ---[ end trace 0000000000000000 ]--- [ 124.198634] ------------[ cut here ]------------ [ 124.199002] WARNING: CPU: 1 PID: 1139 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.199738] Modules linked in: [ 124.199968] CPU: 1 PID: 1139 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.200589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.201389] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.201747] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.203068] RSP: 0018:ffff888016c27bd0 EFLAGS: 00010246 [ 124.203475] RAX: 0000000000000000 RBX: ffff888020b218a8 RCX: 0000000000000000 [ 124.203983] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 124.204494] RBP: ffff888016c27be8 R08: ffffed1004164333 R09: ffffed1004164333 [ 124.205004] R10: ffff888020b21993 R11: ffffed1004164332 R12: ffff888018a3e000 [ 124.205517] R13: ffff888020b219e8 R14: ffff8880123af500 R15: 0000000000000000 [ 124.206025] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.206624] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.207041] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.207559] PKRU: 55555554 [ 124.207764] Call Trace: [ 124.207948] [ 124.208115] iommufd_access_destroy_object+0x65/0x170 [ 124.208501] iommufd_object_destroy_user+0x18e/0x220 [ 124.208873] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.209297] iommufd_access_destroy+0x43/0x70 [ 124.209632] iommufd_test_staccess_release+0x8d/0xd0 [ 124.210009] __fput+0x26d/0xa40 [ 124.210261] ____fput+0x1e/0x30 [ 124.210535] task_work_run+0x1a4/0x2d0 [ 124.210829] ? __pfx_task_work_run+0x10/0x10 [ 124.211167] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.211531] ? switch_task_namespaces+0xa9/0xe0 [ 124.211881] do_exit+0xb17/0x2ef0 [ 124.212135] ? lock_acquire+0x427/0x4c0 [ 124.212431] ? __pfx_lock_release+0x10/0x10 [ 124.212748] ? __kasan_check_write+0x18/0x20 [ 124.213071] ? do_raw_spin_lock+0x132/0x2a0 [ 124.213385] ? __pfx_do_exit+0x10/0x10 [ 124.213674] ? debug_smp_processor_id+0x20/0x30 [ 124.214012] ? rcu_is_watching+0x19/0xb0 [ 124.214308] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.214658] ? trace_hardirqs_on+0x26/0x120 [ 124.214978] do_group_exit+0xe0/0x2b0 [ 124.215267] __x64_sys_exit_group+0x47/0x50 [ 124.215579] do_syscall_64+0x3b/0x90 [ 124.215860] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.216243] RIP: 0033:0x7f4b87518a4d [ 124.216516] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.216957] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.217498] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.218008] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.218542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.219055] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.219575] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.220098] [ 124.220270] irq event stamp: 0 [ 124.220502] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.220991] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.221588] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.222187] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.222663] ---[ end trace 0000000000000000 ]--- [ 124.223315] ------------[ cut here ]------------ [ 124.223656] WARNING: CPU: 1 PID: 1139 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.224384] Modules linked in: [ 124.224618] CPU: 1 PID: 1139 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.225242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.226049] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.226425] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.227792] RSP: 0018:ffff888016c27b78 EFLAGS: 00010246 [ 124.228191] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.228709] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 124.229228] RBP: ffff888016c27b98 R08: ffffed100416433e R09: ffffed100416433e [ 124.229752] R10: ffff888020b219ef R11: ffffed100416433d R12: ffff888020b21a90 [ 124.230269] R13: ffff888020b218a8 R14: ffffffffffffffff R15: ffff888016c27c60 [ 124.230807] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.231401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.231827] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.232343] PKRU: 55555554 [ 124.232554] Call Trace: [ 124.232745] [ 124.232913] iommufd_ioas_destroy+0x53/0x70 [ 124.233239] iommufd_fops_release+0x1f7/0x370 [ 124.233576] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.233943] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.234305] ? write_comp_data+0x2f/0x90 [ 124.234631] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.235010] __fput+0x26d/0xa40 [ 124.235283] ____fput+0x1e/0x30 [ 124.235534] task_work_run+0x1a4/0x2d0 [ 124.235832] ? __pfx_task_work_run+0x10/0x10 [ 124.236164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.236529] ? switch_task_namespaces+0xa9/0xe0 [ 124.236881] do_exit+0xb17/0x2ef0 [ 124.237140] ? lock_acquire+0x427/0x4c0 [ 124.237441] ? __pfx_lock_release+0x10/0x10 [ 124.237766] ? __kasan_check_write+0x18/0x20 [ 124.238092] ? do_raw_spin_lock+0x132/0x2a0 [ 124.238415] ? __pfx_do_exit+0x10/0x10 [ 124.238735] ? debug_smp_processor_id+0x20/0x30 [ 124.239086] ? rcu_is_watching+0x19/0xb0 [ 124.239397] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.239739] ? trace_hardirqs_on+0x26/0x120 [ 124.240064] do_group_exit+0xe0/0x2b0 [ 124.240351] __x64_sys_exit_group+0x47/0x50 [ 124.240670] do_syscall_64+0x3b/0x90 [ 124.240994] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.241384] RIP: 0033:0x7f4b87518a4d [ 124.241655] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.242100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.242670] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.243196] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.243715] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.244236] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.244762] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.245292] [ 124.245470] irq event stamp: 0 [ 124.245703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.246164] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.246792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.247408] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.247870] ---[ end trace 0000000000000000 ]--- [ 124.252353] ------------[ cut here ]------------ [ 124.252740] WARNING: CPU: 1 PID: 1140 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.253528] Modules linked in: [ 124.253762] CPU: 1 PID: 1140 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.254405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.255414] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.255777] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.257075] RSP: 0018:ffff88800fa97bb8 EFLAGS: 00010246 [ 124.257458] RAX: 0000000000000000 RBX: ffff8880102a78a8 RCX: 0000000000000000 [ 124.257965] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 124.258472] RBP: ffff88800fa97bd0 R08: ffffed1002054f33 R09: ffffed1002054f33 [ 124.259006] R10: ffff8880102a7993 R11: ffffed1002054f32 R12: ffff888012e2a800 [ 124.259536] R13: ffff8880102a79e8 R14: ffffffff8352e670 R15: ffff88800fa97e68 [ 124.260049] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.260622] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.261036] CR2: 0000000020000140 CR3: 0000000021918000 CR4: 0000000000750ee0 [ 124.261546] PKRU: 55555554 [ 124.261752] Call Trace: [ 124.261936] [ 124.262099] __iommufd_access_detach+0x1c2/0x2b0 [ 124.262454] iommufd_access_change_pt+0x149/0x270 [ 124.262834] iommufd_access_replace+0xb4/0x120 [ 124.263187] iommufd_test+0x3e5/0x37e0 [ 124.263472] ? lock_release+0x532/0x770 [ 124.263768] ? __might_fault+0x102/0x1b0 [ 124.264068] ? lock_acquire+0x427/0x4c0 [ 124.264370] ? __pfx_iommufd_test+0x10/0x10 [ 124.264685] ? __pfx_lock_release+0x10/0x10 [ 124.265005] ? __pfx_lock_acquire+0x10/0x10 [ 124.265326] ? write_comp_data+0x2f/0x90 [ 124.265629] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.265985] ? write_comp_data+0x2f/0x90 [ 124.266288] iommufd_fops_ioctl+0x37d/0x510 [ 124.266626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.266990] ? write_comp_data+0x2f/0x90 [ 124.267302] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.267658] __x64_sys_ioctl+0x1a3/0x230 [ 124.267967] do_syscall_64+0x3b/0x90 [ 124.268245] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.268628] RIP: 0033:0x7f4b8743ee5d [ 124.268901] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.270224] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.270793] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.271312] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.271821] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.272333] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.272847] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.273365] [ 124.273534] irq event stamp: 0 [ 124.273762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.274213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.274833] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.275440] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.275894] ---[ end trace 0000000000000000 ]--- [ 124.278451] ------------[ cut here ]------------ [ 124.278825] WARNING: CPU: 1 PID: 1140 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.279567] Modules linked in: [ 124.279800] CPU: 1 PID: 1140 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.280424] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.281221] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.281580] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.282899] RSP: 0018:ffff88800fa97bd0 EFLAGS: 00010246 [ 124.283291] RAX: 0000000000000000 RBX: ffff8880102a78a8 RCX: 0000000000000000 [ 124.283807] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 124.284319] RBP: ffff88800fa97be8 R08: ffffed1002054f33 R09: ffffed1002054f33 [ 124.284826] R10: ffff8880102a7993 R11: ffffed1002054f32 R12: ffff88801883e400 [ 124.285392] R13: ffff8880102a79e8 R14: ffff888016e15f00 R15: 0000000000000000 [ 124.285913] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.286500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.286950] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.287477] PKRU: 55555554 [ 124.287686] Call Trace: [ 124.287874] [ 124.288043] iommufd_access_destroy_object+0x65/0x170 [ 124.288432] iommufd_object_destroy_user+0x18e/0x220 [ 124.288810] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.289240] iommufd_access_destroy+0x43/0x70 [ 124.289579] iommufd_test_staccess_release+0x8d/0xd0 [ 124.289963] __fput+0x26d/0xa40 [ 124.290224] ____fput+0x1e/0x30 [ 124.290476] task_work_run+0x1a4/0x2d0 [ 124.290794] ? __pfx_task_work_run+0x10/0x10 [ 124.291135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.291501] ? switch_task_namespaces+0xa9/0xe0 [ 124.291852] do_exit+0xb17/0x2ef0 [ 124.292133] ? lock_acquire+0x427/0x4c0 [ 124.292434] ? __pfx_lock_release+0x10/0x10 [ 124.292758] ? __kasan_check_write+0x18/0x20 [ 124.293089] ? do_raw_spin_lock+0x132/0x2a0 [ 124.293430] ? __pfx_do_exit+0x10/0x10 [ 124.293728] ? debug_smp_processor_id+0x20/0x30 [ 124.294076] ? rcu_is_watching+0x19/0xb0 [ 124.294378] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.294739] ? trace_hardirqs_on+0x26/0x120 [ 124.295067] do_group_exit+0xe0/0x2b0 [ 124.295357] __x64_sys_exit_group+0x47/0x50 [ 124.295676] do_syscall_64+0x3b/0x90 [ 124.295960] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.296348] RIP: 0033:0x7f4b87518a4d [ 124.296622] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.297070] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.297627] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.298145] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.298684] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.299225] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.299746] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.300277] [ 124.300452] irq event stamp: 0 [ 124.300688] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.301150] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.301765] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.302374] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.302855] ---[ end trace 0000000000000000 ]--- [ 124.303524] ------------[ cut here ]------------ [ 124.303874] WARNING: CPU: 1 PID: 1140 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.304619] Modules linked in: [ 124.304852] CPU: 1 PID: 1140 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.305487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.306349] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.306773] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.308113] RSP: 0018:ffff88800fa97b78 EFLAGS: 00010246 [ 124.308504] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.309023] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 124.309546] RBP: ffff88800fa97b98 R08: ffffed1002054f3e R09: ffffed1002054f3e [ 124.310068] R10: ffff8880102a79ef R11: ffffed1002054f3d R12: ffff8880102a7a90 [ 124.310604] R13: ffff8880102a78a8 R14: ffffffffffffffff R15: ffff88800fa97c60 [ 124.311131] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.311719] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.312143] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.312663] PKRU: 55555554 [ 124.312869] Call Trace: [ 124.313056] [ 124.313223] iommufd_ioas_destroy+0x53/0x70 [ 124.313544] iommufd_fops_release+0x1f7/0x370 [ 124.313878] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.314250] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.314626] ? write_comp_data+0x2f/0x90 [ 124.314932] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.315310] __fput+0x26d/0xa40 [ 124.315562] ____fput+0x1e/0x30 [ 124.315815] task_work_run+0x1a4/0x2d0 [ 124.316105] ? __pfx_task_work_run+0x10/0x10 [ 124.316427] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.316782] ? switch_task_namespaces+0xa9/0xe0 [ 124.317161] do_exit+0xb17/0x2ef0 [ 124.317416] ? lock_acquire+0x427/0x4c0 [ 124.317717] ? __pfx_lock_release+0x10/0x10 [ 124.318035] ? __kasan_check_write+0x18/0x20 [ 124.318356] ? do_raw_spin_lock+0x132/0x2a0 [ 124.318692] ? __pfx_do_exit+0x10/0x10 [ 124.318982] ? debug_smp_processor_id+0x20/0x30 [ 124.319335] ? rcu_is_watching+0x19/0xb0 [ 124.319631] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.319964] ? trace_hardirqs_on+0x26/0x120 [ 124.320283] do_group_exit+0xe0/0x2b0 [ 124.320558] __x64_sys_exit_group+0x47/0x50 [ 124.320869] do_syscall_64+0x3b/0x90 [ 124.321145] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.321521] RIP: 0033:0x7f4b87518a4d [ 124.321788] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.322231] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.322786] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.323301] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.323810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.324317] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.324825] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.325339] [ 124.325507] irq event stamp: 0 [ 124.325735] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.326184] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.326797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.327406] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.327860] ---[ end trace 0000000000000000 ]--- [ 124.331770] ------------[ cut here ]------------ [ 124.332145] WARNING: CPU: 1 PID: 1141 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.332877] Modules linked in: [ 124.333110] CPU: 1 PID: 1141 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.333737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.334743] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.335104] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.336423] RSP: 0018:ffff888012c17bb8 EFLAGS: 00010246 [ 124.336807] RAX: 0000000000000000 RBX: ffff8880167c68a8 RCX: 0000000000000000 [ 124.337323] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 124.337838] RBP: ffff888012c17bd0 R08: ffffed1002cf8d33 R09: ffffed1002cf8d33 [ 124.338357] R10: ffff8880167c6993 R11: ffffed1002cf8d32 R12: ffff8880145ea000 [ 124.338890] R13: ffff8880167c69e8 R14: ffffffff8352e670 R15: ffff888012c17e68 [ 124.339415] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.339995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.340415] CR2: 0000000020000140 CR3: 000000001402e000 CR4: 0000000000750ee0 [ 124.340933] PKRU: 55555554 [ 124.341140] Call Trace: [ 124.341327] [ 124.341493] __iommufd_access_detach+0x1c2/0x2b0 [ 124.341852] iommufd_access_change_pt+0x149/0x270 [ 124.342215] iommufd_access_replace+0xb4/0x120 [ 124.342580] iommufd_test+0x3e5/0x37e0 [ 124.342869] ? lock_release+0x532/0x770 [ 124.343183] ? __might_fault+0x102/0x1b0 [ 124.343484] ? lock_acquire+0x427/0x4c0 [ 124.343784] ? __pfx_iommufd_test+0x10/0x10 [ 124.344098] ? __pfx_lock_release+0x10/0x10 [ 124.344420] ? __pfx_lock_acquire+0x10/0x10 [ 124.344743] ? write_comp_data+0x2f/0x90 [ 124.345051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.345411] ? write_comp_data+0x2f/0x90 [ 124.345715] iommufd_fops_ioctl+0x37d/0x510 [ 124.346033] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.346390] ? write_comp_data+0x2f/0x90 [ 124.346716] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.347119] __x64_sys_ioctl+0x1a3/0x230 [ 124.347442] do_syscall_64+0x3b/0x90 [ 124.347722] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.348103] RIP: 0033:0x7f4b8743ee5d [ 124.348375] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.349725] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.350271] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.350806] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.351337] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.351848] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.352357] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.352877] [ 124.353049] irq event stamp: 0 [ 124.353280] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.353736] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.354335] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.354952] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.355418] ---[ end trace 0000000000000000 ]--- [ 124.357972] ------------[ cut here ]------------ [ 124.358327] WARNING: CPU: 1 PID: 1141 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.359084] Modules linked in: [ 124.359332] CPU: 1 PID: 1141 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.359969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.360774] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.361136] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.362438] RSP: 0018:ffff888012c17bd0 EFLAGS: 00010246 [ 124.362843] RAX: 0000000000000000 RBX: ffff8880167c68a8 RCX: 0000000000000000 [ 124.363372] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 124.363883] RBP: ffff888012c17be8 R08: ffffed1002cf8d33 R09: ffffed1002cf8d33 [ 124.364400] R10: ffff8880167c6993 R11: ffffed1002cf8d32 R12: ffff888012e2bc00 [ 124.364917] R13: ffff8880167c69e8 R14: ffff888012ce0600 R15: 0000000000000000 [ 124.365426] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.366001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.366417] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.366946] PKRU: 55555554 [ 124.367163] Call Trace: [ 124.367350] [ 124.367515] iommufd_access_destroy_object+0x65/0x170 [ 124.367894] iommufd_object_destroy_user+0x18e/0x220 [ 124.368267] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.368694] iommufd_access_destroy+0x43/0x70 [ 124.369028] iommufd_test_staccess_release+0x8d/0xd0 [ 124.369405] __fput+0x26d/0xa40 [ 124.369659] ____fput+0x1e/0x30 [ 124.369907] task_work_run+0x1a4/0x2d0 [ 124.370197] ? __pfx_task_work_run+0x10/0x10 [ 124.370541] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.370901] ? switch_task_namespaces+0xa9/0xe0 [ 124.371257] do_exit+0xb17/0x2ef0 [ 124.371511] ? lock_acquire+0x427/0x4c0 [ 124.371808] ? __pfx_lock_release+0x10/0x10 [ 124.372125] ? __kasan_check_write+0x18/0x20 [ 124.372448] ? do_raw_spin_lock+0x132/0x2a0 [ 124.372760] ? __pfx_do_exit+0x10/0x10 [ 124.373050] ? debug_smp_processor_id+0x20/0x30 [ 124.373391] ? rcu_is_watching+0x19/0xb0 [ 124.373685] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.374019] ? trace_hardirqs_on+0x26/0x120 [ 124.374337] do_group_exit+0xe0/0x2b0 [ 124.374635] __x64_sys_exit_group+0x47/0x50 [ 124.374950] do_syscall_64+0x3b/0x90 [ 124.375240] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.375623] RIP: 0033:0x7f4b87518a4d [ 124.375894] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.376333] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.376876] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.377384] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.377896] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.378408] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.378945] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.379484] [ 124.379655] irq event stamp: 0 [ 124.379882] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.380335] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.380971] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.381587] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.382039] ---[ end trace 0000000000000000 ]--- [ 124.382712] ------------[ cut here ]------------ [ 124.383056] WARNING: CPU: 1 PID: 1141 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.383795] Modules linked in: [ 124.384027] CPU: 1 PID: 1141 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.384661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.385463] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.385832] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.387173] RSP: 0018:ffff888012c17b78 EFLAGS: 00010246 [ 124.387559] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.388066] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 124.388575] RBP: ffff888012c17b98 R08: ffffed1002cf8d3e R09: ffffed1002cf8d3e [ 124.389082] R10: ffff8880167c69ef R11: ffffed1002cf8d3d R12: ffff8880167c6a90 [ 124.389592] R13: ffff8880167c68a8 R14: ffffffffffffffff R15: ffff888012c17c60 [ 124.390101] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.390696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.391117] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.391631] PKRU: 55555554 [ 124.391837] Call Trace: [ 124.392021] [ 124.392187] iommufd_ioas_destroy+0x53/0x70 [ 124.392503] iommufd_fops_release+0x1f7/0x370 [ 124.392832] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.393194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.393553] ? write_comp_data+0x2f/0x90 [ 124.393855] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.394217] __fput+0x26d/0xa40 [ 124.394471] ____fput+0x1e/0x30 [ 124.394737] task_work_run+0x1a4/0x2d0 [ 124.395029] ? __pfx_task_work_run+0x10/0x10 [ 124.395369] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.395726] ? switch_task_namespaces+0xa9/0xe0 [ 124.396073] do_exit+0xb17/0x2ef0 [ 124.396325] ? lock_acquire+0x427/0x4c0 [ 124.396624] ? __pfx_lock_release+0x10/0x10 [ 124.396942] ? __kasan_check_write+0x18/0x20 [ 124.397266] ? do_raw_spin_lock+0x132/0x2a0 [ 124.397579] ? __pfx_do_exit+0x10/0x10 [ 124.397869] ? debug_smp_processor_id+0x20/0x30 [ 124.398208] ? rcu_is_watching+0x19/0xb0 [ 124.398534] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.398869] ? trace_hardirqs_on+0x26/0x120 [ 124.399204] do_group_exit+0xe0/0x2b0 [ 124.399483] __x64_sys_exit_group+0x47/0x50 [ 124.399798] do_syscall_64+0x3b/0x90 [ 124.400074] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.400457] RIP: 0033:0x7f4b87518a4d [ 124.400727] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.401168] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.401716] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.402226] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.402760] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.403279] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.403793] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.404310] [ 124.404485] irq event stamp: 0 [ 124.404713] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.405161] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.405762] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.406364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.406840] ---[ end trace 0000000000000000 ]--- [ 124.410817] ------------[ cut here ]------------ [ 124.411215] WARNING: CPU: 1 PID: 1142 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.411966] Modules linked in: [ 124.412203] CPU: 1 PID: 1142 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.412851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.413723] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.414088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.415629] RSP: 0018:ffff88801899fbb8 EFLAGS: 00010246 [ 124.416026] RAX: 0000000000000000 RBX: ffff888020fad0a8 RCX: 0000000000000000 [ 124.416545] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 124.417067] RBP: ffff88801899fbd0 R08: ffffed10041f5a33 R09: ffffed10041f5a33 [ 124.417592] R10: ffff888020fad193 R11: ffffed10041f5a32 R12: ffff88801490a000 [ 124.418109] R13: ffff888020fad1e8 R14: ffffffff8352e670 R15: ffff88801899fe68 [ 124.418645] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.419249] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.419676] CR2: 0000000020000140 CR3: 00000000218b8000 CR4: 0000000000750ee0 [ 124.420204] PKRU: 55555554 [ 124.420417] Call Trace: [ 124.420608] [ 124.420774] __iommufd_access_detach+0x1c2/0x2b0 [ 124.421134] iommufd_access_change_pt+0x149/0x270 [ 124.421500] iommufd_access_replace+0xb4/0x120 [ 124.421851] iommufd_test+0x3e5/0x37e0 [ 124.422139] ? lock_release+0x532/0x770 [ 124.422441] ? __might_fault+0x102/0x1b0 [ 124.422770] ? lock_acquire+0x427/0x4c0 [ 124.423076] ? __pfx_iommufd_test+0x10/0x10 [ 124.423399] ? __pfx_lock_release+0x10/0x10 [ 124.423727] ? __pfx_lock_acquire+0x10/0x10 [ 124.424057] ? write_comp_data+0x2f/0x90 [ 124.424364] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.424732] ? write_comp_data+0x2f/0x90 [ 124.425044] iommufd_fops_ioctl+0x37d/0x510 [ 124.425365] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.425730] ? write_comp_data+0x2f/0x90 [ 124.426044] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.426404] __x64_sys_ioctl+0x1a3/0x230 [ 124.426737] do_syscall_64+0x3b/0x90 [ 124.427028] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.427434] RIP: 0033:0x7f4b8743ee5d [ 124.427711] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.429037] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.429599] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.430124] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.430669] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.431201] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.431729] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.432258] [ 124.432435] irq event stamp: 0 [ 124.432668] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.433134] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.433746] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.434356] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.434836] ---[ end trace 0000000000000000 ]--- [ 124.437421] ------------[ cut here ]------------ [ 124.437800] WARNING: CPU: 1 PID: 1142 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.438573] Modules linked in: [ 124.438813] CPU: 1 PID: 1142 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.439466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.440287] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.440651] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.441981] RSP: 0018:ffff88801899fbd0 EFLAGS: 00010246 [ 124.442374] RAX: 0000000000000000 RBX: ffff888020fad0a8 RCX: 0000000000000000 [ 124.442914] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 124.443447] RBP: ffff88801899fbe8 R08: ffffed10041f5a33 R09: ffffed10041f5a33 [ 124.443968] R10: ffff888020fad193 R11: ffffed10041f5a32 R12: ffff8880145eb800 [ 124.444498] R13: ffff888020fad1e8 R14: ffff88802181a900 R15: 0000000000000000 [ 124.445056] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.445644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.446068] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.446607] PKRU: 55555554 [ 124.446817] Call Trace: [ 124.447007] [ 124.447183] iommufd_access_destroy_object+0x65/0x170 [ 124.447568] iommufd_object_destroy_user+0x18e/0x220 [ 124.447947] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.448379] iommufd_access_destroy+0x43/0x70 [ 124.448718] iommufd_test_staccess_release+0x8d/0xd0 [ 124.449099] __fput+0x26d/0xa40 [ 124.449355] ____fput+0x1e/0x30 [ 124.449606] task_work_run+0x1a4/0x2d0 [ 124.449901] ? __pfx_task_work_run+0x10/0x10 [ 124.450235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.450619] ? switch_task_namespaces+0xa9/0xe0 [ 124.450977] do_exit+0xb17/0x2ef0 [ 124.451246] ? lock_acquire+0x427/0x4c0 [ 124.451553] ? __pfx_lock_release+0x10/0x10 [ 124.451883] ? __kasan_check_write+0x18/0x20 [ 124.452213] ? do_raw_spin_lock+0x132/0x2a0 [ 124.452536] ? __pfx_do_exit+0x10/0x10 [ 124.452832] ? debug_smp_processor_id+0x20/0x30 [ 124.453180] ? rcu_is_watching+0x19/0xb0 [ 124.453485] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.453828] ? trace_hardirqs_on+0x26/0x120 [ 124.454152] do_group_exit+0xe0/0x2b0 [ 124.454435] __x64_sys_exit_group+0x47/0x50 [ 124.454772] do_syscall_64+0x3b/0x90 [ 124.455059] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.455459] RIP: 0033:0x7f4b87518a4d [ 124.455743] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.456198] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.456758] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.457282] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.457801] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.458331] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.458886] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.459458] [ 124.459635] irq event stamp: 0 [ 124.459869] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.460331] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.460958] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.461570] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.462030] ---[ end trace 0000000000000000 ]--- [ 124.462698] ------------[ cut here ]------------ [ 124.463045] WARNING: CPU: 1 PID: 1142 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.463806] Modules linked in: [ 124.464041] CPU: 1 PID: 1142 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.464685] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.465507] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.465884] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.467260] RSP: 0018:ffff88801899fb78 EFLAGS: 00010246 [ 124.467662] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.468199] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 124.468731] RBP: ffff88801899fb98 R08: ffffed10041f5a3e R09: ffffed10041f5a3e [ 124.469262] R10: ffff888020fad1ef R11: ffffed10041f5a3d R12: ffff888020fad290 [ 124.469791] R13: ffff888020fad0a8 R14: ffffffffffffffff R15: ffff88801899fc60 [ 124.470324] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.470944] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.471413] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.471949] PKRU: 55555554 [ 124.472166] Call Trace: [ 124.472364] [ 124.472538] iommufd_ioas_destroy+0x53/0x70 [ 124.472872] iommufd_fops_release+0x1f7/0x370 [ 124.473219] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.473600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.473981] ? write_comp_data+0x2f/0x90 [ 124.474300] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.474708] __fput+0x26d/0xa40 [ 124.474976] ____fput+0x1e/0x30 [ 124.475245] task_work_run+0x1a4/0x2d0 [ 124.475546] ? __pfx_task_work_run+0x10/0x10 [ 124.475883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.476251] ? switch_task_namespaces+0xa9/0xe0 [ 124.476617] do_exit+0xb17/0x2ef0 [ 124.476887] ? lock_acquire+0x427/0x4c0 [ 124.477236] ? __pfx_lock_release+0x10/0x10 [ 124.477574] ? __kasan_check_write+0x18/0x20 [ 124.477917] ? do_raw_spin_lock+0x132/0x2a0 [ 124.478248] ? __pfx_do_exit+0x10/0x10 [ 124.478576] ? debug_smp_processor_id+0x20/0x30 [ 124.478940] ? rcu_is_watching+0x19/0xb0 [ 124.479270] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.479628] ? trace_hardirqs_on+0x26/0x120 [ 124.479964] do_group_exit+0xe0/0x2b0 [ 124.480259] __x64_sys_exit_group+0x47/0x50 [ 124.480592] do_syscall_64+0x3b/0x90 [ 124.480891] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.481300] RIP: 0033:0x7f4b87518a4d [ 124.481587] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.482059] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.482660] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.483218] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.483768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.484323] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.484874] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.485429] [ 124.485611] irq event stamp: 0 [ 124.485856] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.486339] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.487017] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.487679] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.488165] ---[ end trace 0000000000000000 ]--- [ 124.492249] ------------[ cut here ]------------ [ 124.492652] WARNING: CPU: 1 PID: 1143 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.493428] Modules linked in: [ 124.493675] CPU: 1 PID: 1143 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.494344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.495273] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.495671] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.497113] RSP: 0018:ffff888013ccfbb8 EFLAGS: 00010246 [ 124.497542] RAX: 0000000000000000 RBX: ffff8880188e58a8 RCX: 0000000000000000 [ 124.498115] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 124.498729] RBP: ffff888013ccfbd0 R08: ffffed100311cb33 R09: ffffed100311cb33 [ 124.499337] R10: ffff8880188e5993 R11: ffffed100311cb32 R12: ffff888012a2a400 [ 124.499908] R13: ffff8880188e59e8 R14: ffffffff8352e670 R15: ffff888013ccfe68 [ 124.500487] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.501135] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.501605] CR2: 0000000020000140 CR3: 000000001898c000 CR4: 0000000000750ee0 [ 124.502176] PKRU: 55555554 [ 124.502408] Call Trace: [ 124.502648] [ 124.502838] __iommufd_access_detach+0x1c2/0x2b0 [ 124.503253] iommufd_access_change_pt+0x149/0x270 [ 124.503656] iommufd_access_replace+0xb4/0x120 [ 124.504036] iommufd_test+0x3e5/0x37e0 [ 124.504357] ? lock_release+0x532/0x770 [ 124.504689] ? __might_fault+0x102/0x1b0 [ 124.505028] ? lock_acquire+0x427/0x4c0 [ 124.505371] ? __pfx_iommufd_test+0x10/0x10 [ 124.505721] ? __pfx_lock_release+0x10/0x10 [ 124.506093] ? __pfx_lock_acquire+0x10/0x10 [ 124.506461] ? write_comp_data+0x2f/0x90 [ 124.506831] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.507247] ? write_comp_data+0x2f/0x90 [ 124.507588] iommufd_fops_ioctl+0x37d/0x510 [ 124.507948] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.508351] ? write_comp_data+0x2f/0x90 [ 124.508690] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.509135] __x64_sys_ioctl+0x1a3/0x230 [ 124.509477] do_syscall_64+0x3b/0x90 [ 124.509794] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.510222] RIP: 0033:0x7f4b8743ee5d [ 124.510559] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.512037] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.512656] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.513231] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.513800] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.514370] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.514974] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.515575] [ 124.515771] irq event stamp: 0 [ 124.516033] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.516542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.517215] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.517888] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.518403] ---[ end trace 0000000000000000 ]--- [ 124.521222] ------------[ cut here ]------------ [ 124.521639] WARNING: CPU: 1 PID: 1143 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.522463] Modules linked in: [ 124.522796] CPU: 1 PID: 1143 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.523559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.524498] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.524915] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.526423] RSP: 0018:ffff888013ccfbd0 EFLAGS: 00010246 [ 124.527172] RAX: 0000000000000000 RBX: ffff8880188e58a8 RCX: 0000000000000000 [ 124.527774] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 124.528363] RBP: ffff888013ccfbe8 R08: ffffed100311cb33 R09: ffffed100311cb33 [ 124.528958] R10: ffff8880188e5993 R11: ffffed100311cb32 R12: ffff88801490b800 [ 124.529551] R13: ffff8880188e59e8 R14: ffff8880178e6700 R15: 0000000000000000 [ 124.530138] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.530827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.531325] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.531922] PKRU: 55555554 [ 124.532172] Call Trace: [ 124.532389] [ 124.532581] iommufd_access_destroy_object+0x65/0x170 [ 124.533019] iommufd_object_destroy_user+0x18e/0x220 [ 124.533454] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.533943] iommufd_access_destroy+0x43/0x70 [ 124.534329] iommufd_test_staccess_release+0x8d/0xd0 [ 124.534784] __fput+0x26d/0xa40 [ 124.535081] ____fput+0x1e/0x30 [ 124.535382] task_work_run+0x1a4/0x2d0 [ 124.535718] ? __pfx_task_work_run+0x10/0x10 [ 124.536093] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.536509] ? switch_task_namespaces+0xa9/0xe0 [ 124.536910] do_exit+0xb17/0x2ef0 [ 124.537205] ? lock_acquire+0x427/0x4c0 [ 124.537553] ? __pfx_lock_release+0x10/0x10 [ 124.537922] ? __kasan_check_write+0x18/0x20 [ 124.538300] ? do_raw_spin_lock+0x132/0x2a0 [ 124.538689] ? __pfx_do_exit+0x10/0x10 [ 124.539034] ? debug_smp_processor_id+0x20/0x30 [ 124.539447] ? rcu_is_watching+0x19/0xb0 [ 124.539793] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.540182] ? trace_hardirqs_on+0x26/0x120 [ 124.540549] do_group_exit+0xe0/0x2b0 [ 124.540877] __x64_sys_exit_group+0x47/0x50 [ 124.541290] do_syscall_64+0x3b/0x90 [ 124.541611] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.542049] RIP: 0033:0x7f4b87518a4d [ 124.542367] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.542911] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.543560] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.544151] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.544749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.545341] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.545938] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.546563] [ 124.546763] irq event stamp: 0 [ 124.547030] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.547571] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.548283] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.548995] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.549524] ---[ end trace 0000000000000000 ]--- [ 124.550348] ------------[ cut here ]------------ [ 124.550920] WARNING: CPU: 1 PID: 1143 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.551806] Modules linked in: [ 124.552088] CPU: 1 PID: 1143 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.552821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.553761] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.554198] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.555767] RSP: 0018:ffff888013ccfb78 EFLAGS: 00010246 [ 124.556232] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.556843] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 124.557440] RBP: ffff888013ccfb98 R08: ffffed100311cb3e R09: ffffed100311cb3e [ 124.558039] R10: ffff8880188e59ef R11: ffffed100311cb3d R12: ffff8880188e5a90 [ 124.558673] R13: ffff8880188e58a8 R14: ffffffffffffffff R15: ffff888013ccfc60 [ 124.559293] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.559970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.560464] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.561071] PKRU: 55555554 [ 124.561313] Call Trace: [ 124.561527] [ 124.561722] iommufd_ioas_destroy+0x53/0x70 [ 124.562095] iommufd_fops_release+0x1f7/0x370 [ 124.562485] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.562942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.563374] ? write_comp_data+0x2f/0x90 [ 124.563726] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.564157] __fput+0x26d/0xa40 [ 124.564459] ____fput+0x1e/0x30 [ 124.564748] task_work_run+0x1a4/0x2d0 [ 124.565085] ? __pfx_task_work_run+0x10/0x10 [ 124.565462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.565886] ? switch_task_namespaces+0xa9/0xe0 [ 124.566292] do_exit+0xb17/0x2ef0 [ 124.566622] ? lock_acquire+0x427/0x4c0 [ 124.566980] ? __pfx_lock_release+0x10/0x10 [ 124.567361] ? __kasan_check_write+0x18/0x20 [ 124.567742] ? do_raw_spin_lock+0x132/0x2a0 [ 124.568108] ? __pfx_do_exit+0x10/0x10 [ 124.568449] ? debug_smp_processor_id+0x20/0x30 [ 124.568853] ? rcu_is_watching+0x19/0xb0 [ 124.569209] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.569602] ? trace_hardirqs_on+0x26/0x120 [ 124.569977] do_group_exit+0xe0/0x2b0 [ 124.570302] __x64_sys_exit_group+0x47/0x50 [ 124.570691] do_syscall_64+0x3b/0x90 [ 124.571023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.571483] RIP: 0033:0x7f4b87518a4d [ 124.571796] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.572313] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.573006] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.573611] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.574211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.574840] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.575474] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.576087] [ 124.576283] irq event stamp: 0 [ 124.576548] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.577077] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.577789] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.578539] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.579089] ---[ end trace 0000000000000000 ]--- [ 124.583902] ------------[ cut here ]------------ [ 124.584366] WARNING: CPU: 1 PID: 1144 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.585234] Modules linked in: [ 124.585511] CPU: 1 PID: 1144 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.586251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.587286] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.587731] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.589280] RSP: 0018:ffff8880245f7bb8 EFLAGS: 00010246 [ 124.589731] RAX: 0000000000000000 RBX: ffff888020ce08a8 RCX: 0000000000000000 [ 124.590341] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 124.590979] RBP: ffff8880245f7bd0 R08: ffffed100419c133 R09: ffffed100419c133 [ 124.591607] R10: ffff888020ce0993 R11: ffffed100419c132 R12: ffff8880121dfc00 [ 124.592218] R13: ffff888020ce09e8 R14: ffffffff8352e670 R15: ffff8880245f7e68 [ 124.592832] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.593518] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.594013] CR2: 0000000020000140 CR3: 0000000020d44000 CR4: 0000000000750ee0 [ 124.594656] PKRU: 55555554 [ 124.594902] Call Trace: [ 124.595132] [ 124.595334] __iommufd_access_detach+0x1c2/0x2b0 [ 124.595766] iommufd_access_change_pt+0x149/0x270 [ 124.596189] iommufd_access_replace+0xb4/0x120 [ 124.596593] iommufd_test+0x3e5/0x37e0 [ 124.596928] ? lock_release+0x532/0x770 [ 124.597283] ? __might_fault+0x102/0x1b0 [ 124.597643] ? lock_acquire+0x427/0x4c0 [ 124.597997] ? __pfx_iommufd_test+0x10/0x10 [ 124.598372] ? __pfx_lock_release+0x10/0x10 [ 124.598781] ? __pfx_lock_acquire+0x10/0x10 [ 124.599184] ? write_comp_data+0x2f/0x90 [ 124.599546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.599972] ? write_comp_data+0x2f/0x90 [ 124.600334] iommufd_fops_ioctl+0x37d/0x510 [ 124.600715] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.601147] ? write_comp_data+0x2f/0x90 [ 124.601516] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.601956] __x64_sys_ioctl+0x1a3/0x230 [ 124.602327] do_syscall_64+0x3b/0x90 [ 124.602694] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.603164] RIP: 0033:0x7f4b8743ee5d [ 124.603491] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.605094] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.605749] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.606359] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.607001] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.607627] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.608239] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.608855] [ 124.609061] irq event stamp: 0 [ 124.609339] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.609884] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.610635] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.611377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.611924] ---[ end trace 0000000000000000 ]--- [ 124.614826] ------------[ cut here ]------------ [ 124.615278] WARNING: CPU: 1 PID: 1144 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.616140] Modules linked in: [ 124.616413] CPU: 1 PID: 1144 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.617176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.618134] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.618602] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.620187] RSP: 0018:ffff8880245f7bd0 EFLAGS: 00010246 [ 124.620641] RAX: 0000000000000000 RBX: ffff888020ce08a8 RCX: 0000000000000000 [ 124.621243] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 124.621845] RBP: ffff8880245f7be8 R08: ffffed100419c133 R09: ffffed100419c133 [ 124.622449] R10: ffff888020ce0993 R11: ffffed100419c132 R12: ffff888012a28800 [ 124.623076] R13: ffff888020ce09e8 R14: ffff8880104d9700 R15: 0000000000000000 [ 124.623689] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.624372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.624867] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.625478] PKRU: 55555554 [ 124.625721] Call Trace: [ 124.625939] [ 124.626136] iommufd_access_destroy_object+0x65/0x170 [ 124.626604] iommufd_object_destroy_user+0x18e/0x220 [ 124.627045] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.627553] iommufd_access_destroy+0x43/0x70 [ 124.627945] iommufd_test_staccess_release+0x8d/0xd0 [ 124.628388] __fput+0x26d/0xa40 [ 124.628685] ____fput+0x1e/0x30 [ 124.628974] task_work_run+0x1a4/0x2d0 [ 124.629317] ? __pfx_task_work_run+0x10/0x10 [ 124.629716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.630146] ? switch_task_namespaces+0xa9/0xe0 [ 124.630587] do_exit+0xb17/0x2ef0 [ 124.630896] ? lock_acquire+0x427/0x4c0 [ 124.631273] ? __pfx_lock_release+0x10/0x10 [ 124.631656] ? __kasan_check_write+0x18/0x20 [ 124.632038] ? do_raw_spin_lock+0x132/0x2a0 [ 124.632410] ? __pfx_do_exit+0x10/0x10 [ 124.632754] ? debug_smp_processor_id+0x20/0x30 [ 124.633160] ? rcu_is_watching+0x19/0xb0 [ 124.633512] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.633906] ? trace_hardirqs_on+0x26/0x120 [ 124.634284] do_group_exit+0xe0/0x2b0 [ 124.634644] __x64_sys_exit_group+0x47/0x50 [ 124.635015] do_syscall_64+0x3b/0x90 [ 124.635354] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.635802] RIP: 0033:0x7f4b87518a4d [ 124.636118] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.636642] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.637339] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.637944] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.638567] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.639189] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.639793] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.640414] [ 124.640618] irq event stamp: 0 [ 124.640890] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.641434] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.642160] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.642922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.643493] ---[ end trace 0000000000000000 ]--- [ 124.644232] ------------[ cut here ]------------ [ 124.644635] WARNING: CPU: 1 PID: 1144 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.645512] Modules linked in: [ 124.645788] CPU: 1 PID: 1144 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.646566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.647551] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.647992] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.649529] RSP: 0018:ffff8880245f7b78 EFLAGS: 00010246 [ 124.649986] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.650612] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 124.651245] RBP: ffff8880245f7b98 R08: ffffed100419c13e R09: ffffed100419c13e [ 124.651857] R10: ffff888020ce09ef R11: ffffed100419c13d R12: ffff888020ce0a90 [ 124.652467] R13: ffff888020ce08a8 R14: ffffffffffffffff R15: ffff8880245f7c60 [ 124.653073] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.653768] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.654264] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 124.654901] PKRU: 55555554 [ 124.655165] Call Trace: [ 124.655387] [ 124.655581] iommufd_ioas_destroy+0x53/0x70 [ 124.655960] iommufd_fops_release+0x1f7/0x370 [ 124.656354] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.656790] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.657213] ? write_comp_data+0x2f/0x90 [ 124.657568] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.658000] __fput+0x26d/0xa40 [ 124.658297] ____fput+0x1e/0x30 [ 124.658609] task_work_run+0x1a4/0x2d0 [ 124.658953] ? __pfx_task_work_run+0x10/0x10 [ 124.659346] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.659779] ? switch_task_namespaces+0xa9/0xe0 [ 124.660193] do_exit+0xb17/0x2ef0 [ 124.660493] ? lock_acquire+0x427/0x4c0 [ 124.660844] ? __pfx_lock_release+0x10/0x10 [ 124.661223] ? __kasan_check_write+0x18/0x20 [ 124.661621] ? do_raw_spin_lock+0x132/0x2a0 [ 124.661994] ? __pfx_do_exit+0x10/0x10 [ 124.662336] ? debug_smp_processor_id+0x20/0x30 [ 124.662756] ? rcu_is_watching+0x19/0xb0 [ 124.663109] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.663513] ? trace_hardirqs_on+0x26/0x120 [ 124.663887] do_group_exit+0xe0/0x2b0 [ 124.664213] __x64_sys_exit_group+0x47/0x50 [ 124.664579] do_syscall_64+0x3b/0x90 [ 124.664907] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.665376] RIP: 0033:0x7f4b87518a4d [ 124.665697] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.666224] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.666890] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.667497] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.668098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.668710] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.669369] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.669993] [ 124.670196] irq event stamp: 0 [ 124.670469] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.671029] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.671771] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.672493] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.673037] ---[ end trace 0000000000000000 ]--- [ 124.677745] ------------[ cut here ]------------ [ 124.678222] WARNING: CPU: 1 PID: 1145 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.679188] Modules linked in: [ 124.679467] CPU: 1 PID: 1145 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.680210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.681166] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.681592] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.683192] RSP: 0018:ffff88800f657bb8 EFLAGS: 00010246 [ 124.683654] RAX: 0000000000000000 RBX: ffff8880188030a8 RCX: 0000000000000000 [ 124.684261] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 124.684871] RBP: ffff88800f657bd0 R08: ffffed1003100633 R09: ffffed1003100633 [ 124.685482] R10: ffff888018803193 R11: ffffed1003100632 R12: ffff8880218ef000 [ 124.686093] R13: ffff8880188031e8 R14: ffffffff8352e670 R15: ffff88800f657e68 [ 124.686725] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 124.687431] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.687923] CR2: 0000000020000140 CR3: 0000000013e70000 CR4: 0000000000750ee0 [ 124.688535] PKRU: 55555554 [ 124.688780] Call Trace: [ 124.689000] [ 124.689195] __iommufd_access_detach+0x1c2/0x2b0 [ 124.689620] iommufd_access_change_pt+0x149/0x270 [ 124.690047] iommufd_access_replace+0xb4/0x120 [ 124.690455] iommufd_test+0x3e5/0x37e0 [ 124.690809] ? lock_release+0x532/0x770 [ 124.691181] ? __might_fault+0x102/0x1b0 [ 124.691542] ? lock_acquire+0x427/0x4c0 [ 124.691900] ? __pfx_iommufd_test+0x10/0x10 [ 124.692272] ? __pfx_lock_release+0x10/0x10 [ 124.692645] ? __pfx_lock_acquire+0x10/0x10 [ 124.693021] ? write_comp_data+0x2f/0x90 [ 124.693381] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.693801] ? write_comp_data+0x2f/0x90 [ 124.694165] iommufd_fops_ioctl+0x37d/0x510 [ 124.694559] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.694983] ? write_comp_data+0x2f/0x90 [ 124.695358] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.695773] __x64_sys_ioctl+0x1a3/0x230 [ 124.696131] do_syscall_64+0x3b/0x90 [ 124.696467] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.696914] RIP: 0033:0x7f4b8743ee5d [ 124.697234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.698804] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.699464] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.700071] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.700673] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.701331] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.701931] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.702561] [ 124.702763] irq event stamp: 0 [ 124.703033] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.703588] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.704309] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.705021] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.705558] ---[ end trace 0000000000000000 ]--- [ 124.708938] ------------[ cut here ]------------ [ 124.709412] WARNING: CPU: 0 PID: 1145 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.710277] Modules linked in: [ 124.710679] CPU: 0 PID: 1145 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.711433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.712337] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.712737] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.714194] RSP: 0018:ffff88800f657bd0 EFLAGS: 00010246 [ 124.714652] RAX: 0000000000000000 RBX: ffff8880188030a8 RCX: 0000000000000000 [ 124.715237] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 124.715811] RBP: ffff88800f657be8 R08: ffffed1003100633 R09: ffffed1003100633 [ 124.716381] R10: ffff888018803193 R11: ffffed1003100632 R12: ffff8880121dd400 [ 124.716953] R13: ffff8880188031e8 R14: ffff88802085ec00 R15: 0000000000000000 [ 124.717523] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.718169] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.718647] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 124.719231] PKRU: 55555554 [ 124.719458] Call Trace: [ 124.719664] [ 124.719847] iommufd_access_destroy_object+0x65/0x170 [ 124.720268] iommufd_object_destroy_user+0x18e/0x220 [ 124.720684] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.721156] iommufd_access_destroy+0x43/0x70 [ 124.721528] iommufd_test_staccess_release+0x8d/0xd0 [ 124.721946] __fput+0x26d/0xa40 [ 124.722227] ____fput+0x1e/0x30 [ 124.722517] task_work_run+0x1a4/0x2d0 [ 124.722844] ? __pfx_task_work_run+0x10/0x10 [ 124.723215] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.723617] ? switch_task_namespaces+0xa9/0xe0 [ 124.724005] do_exit+0xb17/0x2ef0 [ 124.724286] ? lock_acquire+0x427/0x4c0 [ 124.724615] ? __pfx_lock_release+0x10/0x10 [ 124.724971] ? __kasan_check_write+0x18/0x20 [ 124.725331] ? do_raw_spin_lock+0x132/0x2a0 [ 124.725679] ? __pfx_do_exit+0x10/0x10 [ 124.726003] ? debug_smp_processor_id+0x20/0x30 [ 124.726370] ? rcu_is_watching+0x19/0xb0 [ 124.726701] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.727065] ? trace_hardirqs_on+0x26/0x120 [ 124.727415] do_group_exit+0xe0/0x2b0 [ 124.727714] __x64_sys_exit_group+0x47/0x50 [ 124.728053] do_syscall_64+0x3b/0x90 [ 124.728354] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.728757] RIP: 0033:0x7f4b87518a4d [ 124.729043] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.729520] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.730098] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.730653] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.731207] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.731751] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.732297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.732848] [ 124.733028] irq event stamp: 0 [ 124.733271] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.733755] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.734396] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.735050] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.735532] ---[ end trace 0000000000000000 ]--- [ 124.736189] ------------[ cut here ]------------ [ 124.736541] WARNING: CPU: 0 PID: 1145 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.737301] Modules linked in: [ 124.737541] CPU: 0 PID: 1145 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.738194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.739064] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.739449] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.740761] RSP: 0018:ffff88800f657b78 EFLAGS: 00010246 [ 124.741145] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.741656] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 124.742166] RBP: ffff88800f657b98 R08: ffffed100310063e R09: ffffed100310063e [ 124.742832] R10: ffff8880188031ef R11: ffffed100310063d R12: ffff888018803290 [ 124.743348] R13: ffff8880188030a8 R14: ffffffffffffffff R15: ffff88800f657c60 [ 124.743852] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.744419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.744829] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 124.745332] PKRU: 55555554 [ 124.745534] Call Trace: [ 124.745715] [ 124.745877] iommufd_ioas_destroy+0x53/0x70 [ 124.746187] iommufd_fops_release+0x1f7/0x370 [ 124.746523] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.746883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.747244] ? write_comp_data+0x2f/0x90 [ 124.747540] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.747896] __fput+0x26d/0xa40 [ 124.748145] ____fput+0x1e/0x30 [ 124.748387] task_work_run+0x1a4/0x2d0 [ 124.748670] ? __pfx_task_work_run+0x10/0x10 [ 124.748986] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.749336] ? switch_task_namespaces+0xa9/0xe0 [ 124.749675] do_exit+0xb17/0x2ef0 [ 124.749921] ? lock_acquire+0x427/0x4c0 [ 124.750212] ? __pfx_lock_release+0x10/0x10 [ 124.750534] ? __kasan_check_write+0x18/0x20 [ 124.750851] ? do_raw_spin_lock+0x132/0x2a0 [ 124.751177] ? __pfx_do_exit+0x10/0x10 [ 124.751462] ? debug_smp_processor_id+0x20/0x30 [ 124.751791] ? rcu_is_watching+0x19/0xb0 [ 124.752074] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.752392] ? trace_hardirqs_on+0x26/0x120 [ 124.752698] do_group_exit+0xe0/0x2b0 [ 124.752964] __x64_sys_exit_group+0x47/0x50 [ 124.753262] do_syscall_64+0x3b/0x90 [ 124.753527] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.753886] RIP: 0033:0x7f4b87518a4d [ 124.754140] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.754576] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.755091] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.755582] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.756065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.756546] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.757027] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.757515] [ 124.757674] irq event stamp: 0 [ 124.757890] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.758315] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.758888] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.759459] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.759885] ---[ end trace 0000000000000000 ]--- [ 124.763675] ------------[ cut here ]------------ [ 124.764026] WARNING: CPU: 0 PID: 1146 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.764712] Modules linked in: [ 124.764928] CPU: 0 PID: 1146 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.765513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.766264] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.766612] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.767817] RSP: 0018:ffff88800fbe7bb8 EFLAGS: 00010246 [ 124.768168] RAX: 0000000000000000 RBX: ffff88800fb368a8 RCX: 0000000000000000 [ 124.768634] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 124.769101] RBP: ffff88800fbe7bd0 R08: ffffed1001f66d33 R09: ffffed1001f66d33 [ 124.769572] R10: ffff88800fb36993 R11: ffffed1001f66d32 R12: ffff888021924400 [ 124.770038] R13: ffff88800fb369e8 R14: ffffffff8352e670 R15: ffff88800fbe7e68 [ 124.770523] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.771052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.771439] CR2: 0000000020000140 CR3: 0000000013ee8000 CR4: 0000000000750ef0 [ 124.771908] PKRU: 55555554 [ 124.772095] Call Trace: [ 124.772264] [ 124.772414] __iommufd_access_detach+0x1c2/0x2b0 [ 124.772737] iommufd_access_change_pt+0x149/0x270 [ 124.773065] iommufd_access_replace+0xb4/0x120 [ 124.773377] iommufd_test+0x3e5/0x37e0 [ 124.773635] ? lock_release+0x532/0x770 [ 124.773906] ? __might_fault+0x102/0x1b0 [ 124.774182] ? lock_acquire+0x427/0x4c0 [ 124.774454] ? __pfx_iommufd_test+0x10/0x10 [ 124.774746] ? __pfx_lock_release+0x10/0x10 [ 124.775040] ? __pfx_lock_acquire+0x10/0x10 [ 124.775340] ? write_comp_data+0x2f/0x90 [ 124.775618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.775944] ? write_comp_data+0x2f/0x90 [ 124.776222] iommufd_fops_ioctl+0x37d/0x510 [ 124.776509] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.776832] ? write_comp_data+0x2f/0x90 [ 124.777106] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.777425] __x64_sys_ioctl+0x1a3/0x230 [ 124.777700] do_syscall_64+0x3b/0x90 [ 124.777953] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.778296] RIP: 0033:0x7f4b8743ee5d [ 124.778547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.779744] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.780235] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.780694] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.781146] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.781598] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.782050] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.782520] [ 124.782669] irq event stamp: 0 [ 124.782872] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.783277] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.783808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.784340] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.784743] ---[ end trace 0000000000000000 ]--- [ 124.787012] ------------[ cut here ]------------ [ 124.787321] WARNING: CPU: 0 PID: 1146 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.787958] Modules linked in: [ 124.788164] CPU: 0 PID: 1146 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.788714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.789423] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.789738] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.790895] RSP: 0018:ffff88800fbe7bd0 EFLAGS: 00010246 [ 124.791235] RAX: 0000000000000000 RBX: ffff88800fb368a8 RCX: 0000000000000000 [ 124.791684] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 124.792132] RBP: ffff88800fbe7be8 R08: ffffed1001f66d33 R09: ffffed1001f66d33 [ 124.792580] R10: ffff88800fb36993 R11: ffffed1001f66d32 R12: ffff888013e77000 [ 124.793028] R13: ffff88800fb369e8 R14: ffff888013435900 R15: 0000000000000000 [ 124.793477] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.793982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.794351] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 124.794809] PKRU: 55555554 [ 124.794990] Call Trace: [ 124.795155] [ 124.795299] iommufd_access_destroy_object+0x65/0x170 [ 124.795627] iommufd_object_destroy_user+0x18e/0x220 [ 124.795954] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.796327] iommufd_access_destroy+0x43/0x70 [ 124.796621] iommufd_test_staccess_release+0x8d/0xd0 [ 124.796951] __fput+0x26d/0xa40 [ 124.797172] ____fput+0x1e/0x30 [ 124.797390] task_work_run+0x1a4/0x2d0 [ 124.797645] ? __pfx_task_work_run+0x10/0x10 [ 124.797931] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.798246] ? switch_task_namespaces+0xa9/0xe0 [ 124.798562] do_exit+0xb17/0x2ef0 [ 124.798784] ? lock_acquire+0x427/0x4c0 [ 124.799045] ? __pfx_lock_release+0x10/0x10 [ 124.799330] ? __kasan_check_write+0x18/0x20 [ 124.799612] ? do_raw_spin_lock+0x132/0x2a0 [ 124.799884] ? __pfx_do_exit+0x10/0x10 [ 124.800135] ? debug_smp_processor_id+0x20/0x30 [ 124.800432] ? rcu_is_watching+0x19/0xb0 [ 124.800688] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.800976] ? trace_hardirqs_on+0x26/0x120 [ 124.801251] do_group_exit+0xe0/0x2b0 [ 124.801491] __x64_sys_exit_group+0x47/0x50 [ 124.801761] do_syscall_64+0x3b/0x90 [ 124.802001] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.802332] RIP: 0033:0x7f4b87518a4d [ 124.802572] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.802955] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.803429] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.803873] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.804309] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.804746] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.805183] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.805627] [ 124.805770] irq event stamp: 0 [ 124.805965] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.806353] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.806876] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.807397] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.807782] ---[ end trace 0000000000000000 ]--- [ 124.808315] ------------[ cut here ]------------ [ 124.808602] WARNING: CPU: 0 PID: 1146 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.809226] Modules linked in: [ 124.809423] CPU: 0 PID: 1146 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.809958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.810657] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.810974] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.812101] RSP: 0018:ffff88800fbe7b78 EFLAGS: 00010246 [ 124.812430] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.812866] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 124.813302] RBP: ffff88800fbe7b98 R08: ffffed1001f66d3e R09: ffffed1001f66d3e [ 124.813739] R10: ffff88800fb369ef R11: ffffed1001f66d3d R12: ffff88800fb36a90 [ 124.814176] R13: ffff88800fb368a8 R14: ffffffffffffffff R15: ffff88800fbe7c60 [ 124.814626] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.815123] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.815480] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 124.815919] PKRU: 55555554 [ 124.816093] Call Trace: [ 124.816251] [ 124.816392] iommufd_ioas_destroy+0x53/0x70 [ 124.816662] iommufd_fops_release+0x1f7/0x370 [ 124.816945] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.817257] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.817563] ? write_comp_data+0x2f/0x90 [ 124.817822] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.818135] __fput+0x26d/0xa40 [ 124.818350] ____fput+0x1e/0x30 [ 124.818571] task_work_run+0x1a4/0x2d0 [ 124.818818] ? __pfx_task_work_run+0x10/0x10 [ 124.819095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.819406] ? switch_task_namespaces+0xa9/0xe0 [ 124.819711] do_exit+0xb17/0x2ef0 [ 124.819928] ? lock_acquire+0x427/0x4c0 [ 124.820181] ? __pfx_lock_release+0x10/0x10 [ 124.820454] ? __kasan_check_write+0x18/0x20 [ 124.820732] ? do_raw_spin_lock+0x132/0x2a0 [ 124.820998] ? __pfx_do_exit+0x10/0x10 [ 124.821244] ? debug_smp_processor_id+0x20/0x30 [ 124.821533] ? rcu_is_watching+0x19/0xb0 [ 124.821783] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.822065] ? trace_hardirqs_on+0x26/0x120 [ 124.822334] do_group_exit+0xe0/0x2b0 [ 124.822579] __x64_sys_exit_group+0x47/0x50 [ 124.822840] do_syscall_64+0x3b/0x90 [ 124.823072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.823390] RIP: 0033:0x7f4b87518a4d [ 124.823613] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.823981] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.824436] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.824860] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.825284] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.825708] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.826132] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.826570] [ 124.826710] irq event stamp: 0 [ 124.826901] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.827284] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.827783] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.828281] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.828657] ---[ end trace 0000000000000000 ]--- [ 124.831946] ------------[ cut here ]------------ [ 124.832252] WARNING: CPU: 0 PID: 1147 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.832863] Modules linked in: [ 124.833058] CPU: 0 PID: 1147 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.833587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.834266] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.834588] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.835686] RSP: 0018:ffff8880245f7bb8 EFLAGS: 00010246 [ 124.836003] RAX: 0000000000000000 RBX: ffff888011c9a0a8 RCX: 0000000000000000 [ 124.836427] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 124.836850] RBP: ffff8880245f7bd0 R08: ffffed1002393433 R09: ffffed1002393433 [ 124.837277] R10: ffff888011c9a193 R11: ffffed1002393432 R12: ffff888013d79800 [ 124.837701] R13: ffff888011c9a1e8 R14: ffffffff8352e670 R15: ffff8880245f7e68 [ 124.838125] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.838616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.838964] CR2: 0000000020000140 CR3: 00000000139c0000 CR4: 0000000000750ef0 [ 124.839396] PKRU: 55555554 [ 124.839565] Call Trace: [ 124.839718] [ 124.839855] __iommufd_access_detach+0x1c2/0x2b0 [ 124.840148] iommufd_access_change_pt+0x149/0x270 [ 124.840446] iommufd_access_replace+0xb4/0x120 [ 124.840727] iommufd_test+0x3e5/0x37e0 [ 124.840959] ? lock_release+0x532/0x770 [ 124.841204] ? __might_fault+0x102/0x1b0 [ 124.841451] ? lock_acquire+0x427/0x4c0 [ 124.841697] ? __pfx_iommufd_test+0x10/0x10 [ 124.841953] ? __pfx_lock_release+0x10/0x10 [ 124.842216] ? __pfx_lock_acquire+0x10/0x10 [ 124.842482] ? write_comp_data+0x2f/0x90 [ 124.842742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.843038] ? write_comp_data+0x2f/0x90 [ 124.843294] iommufd_fops_ioctl+0x37d/0x510 [ 124.843556] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.843852] ? write_comp_data+0x2f/0x90 [ 124.844103] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.844394] __x64_sys_ioctl+0x1a3/0x230 [ 124.844645] do_syscall_64+0x3b/0x90 [ 124.844875] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.845189] RIP: 0033:0x7f4b8743ee5d [ 124.845410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.846487] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.847066] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.847502] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.847923] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.848344] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.848763] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.849189] [ 124.849329] irq event stamp: 0 [ 124.849517] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.849890] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.850386] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.850891] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.851270] ---[ end trace 0000000000000000 ]--- [ 124.853374] ------------[ cut here ]------------ [ 124.853656] WARNING: CPU: 0 PID: 1147 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.854243] Modules linked in: [ 124.854430] CPU: 0 PID: 1147 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.854961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.855638] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.855934] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.857009] RSP: 0018:ffff8880245f7bd0 EFLAGS: 00010246 [ 124.857318] RAX: 0000000000000000 RBX: ffff888011c9a0a8 RCX: 0000000000000000 [ 124.857731] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 124.858150] RBP: ffff8880245f7be8 R08: ffffed1002393433 R09: ffffed1002393433 [ 124.858743] R10: ffff888011c9a193 R11: ffffed1002393432 R12: ffff888021924000 [ 124.859170] R13: ffff888011c9a1e8 R14: ffff88801202d700 R15: 0000000000000000 [ 124.859590] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.860065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.860409] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 124.860825] PKRU: 55555554 [ 124.860992] Call Trace: [ 124.861145] [ 124.861279] iommufd_access_destroy_object+0x65/0x170 [ 124.861585] iommufd_object_destroy_user+0x18e/0x220 [ 124.861885] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.862246] iommufd_access_destroy+0x43/0x70 [ 124.862529] iommufd_test_staccess_release+0x8d/0xd0 [ 124.862838] __fput+0x26d/0xa40 [ 124.863045] ____fput+0x1e/0x30 [ 124.863252] task_work_run+0x1a4/0x2d0 [ 124.863490] ? __pfx_task_work_run+0x10/0x10 [ 124.863755] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.864048] ? switch_task_namespaces+0xa9/0xe0 [ 124.864333] do_exit+0xb17/0x2ef0 [ 124.864539] ? lock_acquire+0x427/0x4c0 [ 124.864781] ? __pfx_lock_release+0x10/0x10 [ 124.865043] ? __kasan_check_write+0x18/0x20 [ 124.865304] ? do_raw_spin_lock+0x132/0x2a0 [ 124.865557] ? __pfx_do_exit+0x10/0x10 [ 124.865791] ? debug_smp_processor_id+0x20/0x30 [ 124.866064] ? rcu_is_watching+0x19/0xb0 [ 124.866306] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.866587] ? trace_hardirqs_on+0x26/0x120 [ 124.866848] do_group_exit+0xe0/0x2b0 [ 124.867076] __x64_sys_exit_group+0x47/0x50 [ 124.867341] do_syscall_64+0x3b/0x90 [ 124.867569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.867881] RIP: 0033:0x7f4b87518a4d [ 124.868101] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.868463] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.868909] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.869329] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.869746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.870164] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.870592] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.871017] [ 124.871164] irq event stamp: 0 [ 124.871351] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.871722] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.872212] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.872702] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.873072] ---[ end trace 0000000000000000 ]--- [ 124.873584] ------------[ cut here ]------------ [ 124.873858] WARNING: CPU: 0 PID: 1147 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.874455] Modules linked in: [ 124.874652] CPU: 0 PID: 1147 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.875171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.875829] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.876130] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.877195] RSP: 0018:ffff8880245f7b78 EFLAGS: 00010246 [ 124.877507] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.877923] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 124.878340] RBP: ffff8880245f7b98 R08: ffffed100239343e R09: ffffed100239343e [ 124.878766] R10: ffff888011c9a1ef R11: ffffed100239343d R12: ffff888011c9a290 [ 124.879190] R13: ffff888011c9a0a8 R14: ffffffffffffffff R15: ffff8880245f7c60 [ 124.879607] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.880078] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.880421] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 124.880839] PKRU: 55555554 [ 124.881006] Call Trace: [ 124.881157] [ 124.881292] iommufd_ioas_destroy+0x53/0x70 [ 124.881550] iommufd_fops_release+0x1f7/0x370 [ 124.881821] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.882122] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.882416] ? write_comp_data+0x2f/0x90 [ 124.882671] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.882969] __fput+0x26d/0xa40 [ 124.883178] ____fput+0x1e/0x30 [ 124.883381] task_work_run+0x1a4/0x2d0 [ 124.883619] ? __pfx_task_work_run+0x10/0x10 [ 124.883884] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.884176] ? switch_task_namespaces+0xa9/0xe0 [ 124.884461] do_exit+0xb17/0x2ef0 [ 124.884668] ? lock_acquire+0x427/0x4c0 [ 124.884910] ? __pfx_lock_release+0x10/0x10 [ 124.885171] ? __kasan_check_write+0x18/0x20 [ 124.885434] ? do_raw_spin_lock+0x132/0x2a0 [ 124.885691] ? __pfx_do_exit+0x10/0x10 [ 124.885929] ? debug_smp_processor_id+0x20/0x30 [ 124.886206] ? rcu_is_watching+0x19/0xb0 [ 124.886447] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.886726] ? trace_hardirqs_on+0x26/0x120 [ 124.886986] do_group_exit+0xe0/0x2b0 [ 124.887217] __x64_sys_exit_group+0x47/0x50 [ 124.887473] do_syscall_64+0x3b/0x90 [ 124.887701] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.888012] RIP: 0033:0x7f4b87518a4d [ 124.888231] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.888594] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.889038] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.889456] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.889874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.890291] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.890717] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.891142] [ 124.891281] irq event stamp: 0 [ 124.891468] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.891838] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.892328] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.892818] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.893187] ---[ end trace 0000000000000000 ]--- [ 124.897587] ------------[ cut here ]------------ [ 124.897885] WARNING: CPU: 0 PID: 1148 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.898486] Modules linked in: [ 124.898811] CPU: 0 PID: 1148 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.899341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.900007] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.900304] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.901382] RSP: 0018:ffff888021b67bb8 EFLAGS: 00010246 [ 124.901697] RAX: 0000000000000000 RBX: ffff888020d8b8a8 RCX: 0000000000000000 [ 124.902120] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 124.902572] RBP: ffff888021b67bd0 R08: ffffed10041b1733 R09: ffffed10041b1733 [ 124.902994] R10: ffff888020d8b993 R11: ffffed10041b1732 R12: ffff8880218be400 [ 124.903421] R13: ffff888020d8b9e8 R14: ffffffff8352e670 R15: ffff888021b67e68 [ 124.903844] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.904320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.904665] CR2: 0000000020000140 CR3: 000000001416e000 CR4: 0000000000750ef0 [ 124.905087] PKRU: 55555554 [ 124.905256] Call Trace: [ 124.905409] [ 124.905545] __iommufd_access_detach+0x1c2/0x2b0 [ 124.905836] iommufd_access_change_pt+0x149/0x270 [ 124.906132] iommufd_access_replace+0xb4/0x120 [ 124.906415] iommufd_test+0x3e5/0x37e0 [ 124.906656] ? lock_release+0x532/0x770 [ 124.906902] ? __might_fault+0x102/0x1b0 [ 124.907153] ? lock_acquire+0x427/0x4c0 [ 124.907400] ? __pfx_iommufd_test+0x10/0x10 [ 124.907658] ? __pfx_lock_release+0x10/0x10 [ 124.907922] ? __pfx_lock_acquire+0x10/0x10 [ 124.908189] ? write_comp_data+0x2f/0x90 [ 124.908439] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.908735] ? write_comp_data+0x2f/0x90 [ 124.908987] iommufd_fops_ioctl+0x37d/0x510 [ 124.909251] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.909547] ? write_comp_data+0x2f/0x90 [ 124.909800] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.910091] __x64_sys_ioctl+0x1a3/0x230 [ 124.910345] do_syscall_64+0x3b/0x90 [ 124.910583] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.910898] RIP: 0033:0x7f4b8743ee5d [ 124.911121] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.912201] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.912654] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.913076] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.913500] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.913922] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.914344] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.914779] [ 124.914919] irq event stamp: 0 [ 124.915108] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.915484] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.915980] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.916474] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.916848] ---[ end trace 0000000000000000 ]--- [ 124.918964] ------------[ cut here ]------------ [ 124.919251] WARNING: CPU: 0 PID: 1148 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.919860] Modules linked in: [ 124.920050] CPU: 0 PID: 1148 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.920566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.921228] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.921521] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.922597] RSP: 0018:ffff888021b67bd0 EFLAGS: 00010246 [ 124.922909] RAX: 0000000000000000 RBX: ffff888020d8b8a8 RCX: 0000000000000000 [ 124.923329] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 124.923749] RBP: ffff888021b67be8 R08: ffffed10041b1733 R09: ffffed10041b1733 [ 124.924169] R10: ffff888020d8b993 R11: ffffed10041b1732 R12: ffff888013d79000 [ 124.924587] R13: ffff888020d8b9e8 R14: ffff888020985f00 R15: 0000000000000000 [ 124.925007] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.925481] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.925822] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 124.926244] PKRU: 55555554 [ 124.926411] Call Trace: [ 124.926570] [ 124.926705] iommufd_access_destroy_object+0x65/0x170 [ 124.927012] iommufd_object_destroy_user+0x18e/0x220 [ 124.927322] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.927670] iommufd_access_destroy+0x43/0x70 [ 124.927944] iommufd_test_staccess_release+0x8d/0xd0 [ 124.928255] __fput+0x26d/0xa40 [ 124.928462] ____fput+0x1e/0x30 [ 124.928665] task_work_run+0x1a4/0x2d0 [ 124.928903] ? __pfx_task_work_run+0x10/0x10 [ 124.929169] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.929463] ? switch_task_namespaces+0xa9/0xe0 [ 124.929747] do_exit+0xb17/0x2ef0 [ 124.929953] ? lock_acquire+0x427/0x4c0 [ 124.930196] ? __pfx_lock_release+0x10/0x10 [ 124.930457] ? __kasan_check_write+0x18/0x20 [ 124.930727] ? do_raw_spin_lock+0x132/0x2a0 [ 124.930985] ? __pfx_do_exit+0x10/0x10 [ 124.931220] ? debug_smp_processor_id+0x20/0x30 [ 124.931496] ? rcu_is_watching+0x19/0xb0 [ 124.931738] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.932009] ? trace_hardirqs_on+0x26/0x120 [ 124.932268] do_group_exit+0xe0/0x2b0 [ 124.932494] __x64_sys_exit_group+0x47/0x50 [ 124.932748] do_syscall_64+0x3b/0x90 [ 124.932974] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.933284] RIP: 0033:0x7f4b87518a4d [ 124.933502] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.933862] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.934309] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.934731] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.935155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.935573] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.935990] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.936412] [ 124.936550] irq event stamp: 0 [ 124.936736] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.937107] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.937596] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.938084] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.938455] ---[ end trace 0000000000000000 ]--- [ 124.938965] ------------[ cut here ]------------ [ 124.939241] WARNING: CPU: 0 PID: 1148 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 124.939836] Modules linked in: [ 124.940024] CPU: 0 PID: 1148 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.940535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.941192] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 124.941495] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 124.942568] RSP: 0018:ffff888021b67b78 EFLAGS: 00010246 [ 124.942879] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.943298] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 124.943714] RBP: ffff888021b67b98 R08: ffffed10041b173e R09: ffffed10041b173e [ 124.944131] R10: ffff888020d8b9ef R11: ffffed10041b173d R12: ffff888020d8ba90 [ 124.944549] R13: ffff888020d8b8a8 R14: ffffffffffffffff R15: ffff888021b67c60 [ 124.944966] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.945438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.945777] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 124.946195] PKRU: 55555554 [ 124.946361] Call Trace: [ 124.946522] [ 124.946656] iommufd_ioas_destroy+0x53/0x70 [ 124.946913] iommufd_fops_release+0x1f7/0x370 [ 124.947186] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.947486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.947778] ? write_comp_data+0x2f/0x90 [ 124.948025] ? __pfx_iommufd_fops_release+0x10/0x10 [ 124.948323] __fput+0x26d/0xa40 [ 124.948528] ____fput+0x1e/0x30 [ 124.948731] task_work_run+0x1a4/0x2d0 [ 124.948967] ? __pfx_task_work_run+0x10/0x10 [ 124.949232] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.949524] ? switch_task_namespaces+0xa9/0xe0 [ 124.949807] do_exit+0xb17/0x2ef0 [ 124.950012] ? lock_acquire+0x427/0x4c0 [ 124.950254] ? __pfx_lock_release+0x10/0x10 [ 124.950523] ? __kasan_check_write+0x18/0x20 [ 124.950786] ? do_raw_spin_lock+0x132/0x2a0 [ 124.951042] ? __pfx_do_exit+0x10/0x10 [ 124.951281] ? debug_smp_processor_id+0x20/0x30 [ 124.951558] ? rcu_is_watching+0x19/0xb0 [ 124.951799] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.952071] ? trace_hardirqs_on+0x26/0x120 [ 124.952331] do_group_exit+0xe0/0x2b0 [ 124.952558] __x64_sys_exit_group+0x47/0x50 [ 124.952812] do_syscall_64+0x3b/0x90 [ 124.953039] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.953351] RIP: 0033:0x7f4b87518a4d [ 124.953570] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.953930] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.954374] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.954801] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.955221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.955637] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 124.956053] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 124.956479] [ 124.956616] irq event stamp: 0 [ 124.956802] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.957172] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.957661] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.958148] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.958524] ---[ end trace 0000000000000000 ]--- [ 124.961854] ------------[ cut here ]------------ [ 124.962151] WARNING: CPU: 0 PID: 1149 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.962779] Modules linked in: [ 124.962972] CPU: 0 PID: 1149 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.963497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.964158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.964453] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.965526] RSP: 0018:ffff888015a67bb8 EFLAGS: 00010246 [ 124.965838] RAX: 0000000000000000 RBX: ffff88800fbef0a8 RCX: 0000000000000000 [ 124.966259] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 124.966693] RBP: ffff888015a67bd0 R08: ffffed1001f7de33 R09: ffffed1001f7de33 [ 124.967116] R10: ffff88800fbef193 R11: ffffed1001f7de32 R12: ffff888021bb5800 [ 124.967536] R13: ffff88800fbef1e8 R14: ffffffff8352e670 R15: ffff888015a67e68 [ 124.967956] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.968433] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.968776] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 124.969197] PKRU: 55555554 [ 124.969367] Call Trace: [ 124.969519] [ 124.969655] __iommufd_access_detach+0x1c2/0x2b0 [ 124.969945] iommufd_access_change_pt+0x149/0x270 [ 124.970240] iommufd_access_replace+0xb4/0x120 [ 124.970531] iommufd_test+0x3e5/0x37e0 [ 124.970764] ? lock_release+0x532/0x770 [ 124.971008] ? __might_fault+0x102/0x1b0 [ 124.971258] ? lock_acquire+0x427/0x4c0 [ 124.971502] ? __pfx_iommufd_test+0x10/0x10 [ 124.971759] ? __pfx_lock_release+0x10/0x10 [ 124.972022] ? __pfx_lock_acquire+0x10/0x10 [ 124.972289] ? write_comp_data+0x2f/0x90 [ 124.972538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.972831] ? write_comp_data+0x2f/0x90 [ 124.973081] iommufd_fops_ioctl+0x37d/0x510 [ 124.973344] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.973637] ? write_comp_data+0x2f/0x90 [ 124.973887] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 124.974177] __x64_sys_ioctl+0x1a3/0x230 [ 124.974426] do_syscall_64+0x3b/0x90 [ 124.974662] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.974975] RIP: 0033:0x7f4b8743ee5d [ 124.975198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 124.976273] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 124.976721] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 124.977141] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 124.977561] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 124.977981] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 124.978401] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 124.978835] [ 124.978974] irq event stamp: 0 [ 124.979165] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 124.979537] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 124.980030] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 124.980522] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 124.980893] ---[ end trace 0000000000000000 ]--- [ 124.983002] ------------[ cut here ]------------ [ 124.983290] WARNING: CPU: 0 PID: 1149 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 124.983886] Modules linked in: [ 124.984075] CPU: 0 PID: 1149 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 124.984593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 124.985253] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 124.985547] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 124.986625] RSP: 0018:ffff888015a67bd0 EFLAGS: 00010246 [ 124.986938] RAX: 0000000000000000 RBX: ffff88800fbef0a8 RCX: 0000000000000000 [ 124.987364] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 124.987784] RBP: ffff888015a67be8 R08: ffffed1001f7de33 R09: ffffed1001f7de33 [ 124.988206] R10: ffff88800fbef193 R11: ffffed1001f7de32 R12: ffff8880218bc800 [ 124.988626] R13: ffff88800fbef1e8 R14: ffff88801218c400 R15: 0000000000000000 [ 124.989061] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 124.989536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.989880] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 124.990302] PKRU: 55555554 [ 124.990470] Call Trace: [ 124.990629] [ 124.990764] iommufd_access_destroy_object+0x65/0x170 [ 124.991071] iommufd_object_destroy_user+0x18e/0x220 [ 124.991383] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 124.991732] iommufd_access_destroy+0x43/0x70 [ 124.992007] iommufd_test_staccess_release+0x8d/0xd0 [ 124.992317] __fput+0x26d/0xa40 [ 124.992524] ____fput+0x1e/0x30 [ 124.992729] task_work_run+0x1a4/0x2d0 [ 124.992967] ? __pfx_task_work_run+0x10/0x10 [ 124.993234] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 124.993529] ? switch_task_namespaces+0xa9/0xe0 [ 124.993815] do_exit+0xb17/0x2ef0 [ 124.994022] ? lock_acquire+0x427/0x4c0 [ 124.994266] ? __pfx_lock_release+0x10/0x10 [ 124.994539] ? __kasan_check_write+0x18/0x20 [ 124.994805] ? do_raw_spin_lock+0x132/0x2a0 [ 124.995064] ? __pfx_do_exit+0x10/0x10 [ 124.995313] ? debug_smp_processor_id+0x20/0x30 [ 124.995592] ? rcu_is_watching+0x19/0xb0 [ 124.995836] ? _raw_spin_unlock_irq+0x2b/0x60 [ 124.996109] ? trace_hardirqs_on+0x26/0x120 [ 124.996371] do_group_exit+0xe0/0x2b0 [ 124.996599] __x64_sys_exit_group+0x47/0x50 [ 124.996855] do_syscall_64+0x3b/0x90 [ 124.997084] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 124.997400] RIP: 0033:0x7f4b87518a4d [ 124.997621] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 124.997985] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 124.998432] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 124.998863] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 124.999287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 124.999711] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.000131] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.000557] [ 125.000696] irq event stamp: 0 [ 125.000885] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.001258] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.001750] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.002243] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.002620] ---[ end trace 0000000000000000 ]--- [ 125.003130] ------------[ cut here ]------------ [ 125.003407] WARNING: CPU: 0 PID: 1149 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.004007] Modules linked in: [ 125.004197] CPU: 0 PID: 1149 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.004713] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.005377] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.005679] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.006758] RSP: 0018:ffff888015a67b78 EFLAGS: 00010246 [ 125.007072] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.007494] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 125.007914] RBP: ffff888015a67b98 R08: ffffed1001f7de3e R09: ffffed1001f7de3e [ 125.008334] R10: ffff88800fbef1ef R11: ffffed1001f7de3d R12: ffff88800fbef290 [ 125.008754] R13: ffff88800fbef0a8 R14: ffffffffffffffff R15: ffff888015a67c60 [ 125.009174] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.009648] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.009991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 125.010412] PKRU: 55555554 [ 125.010590] Call Trace: [ 125.010742] [ 125.010878] iommufd_ioas_destroy+0x53/0x70 [ 125.011140] iommufd_fops_release+0x1f7/0x370 [ 125.011412] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.011711] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.012005] ? write_comp_data+0x2f/0x90 [ 125.012254] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.012553] __fput+0x26d/0xa40 [ 125.012760] ____fput+0x1e/0x30 [ 125.012963] task_work_run+0x1a4/0x2d0 [ 125.013201] ? __pfx_task_work_run+0x10/0x10 [ 125.013468] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.013763] ? switch_task_namespaces+0xa9/0xe0 [ 125.014049] do_exit+0xb17/0x2ef0 [ 125.014256] ? lock_acquire+0x427/0x4c0 [ 125.014501] ? __pfx_lock_release+0x10/0x10 [ 125.014777] ? __kasan_check_write+0x18/0x20 [ 125.015043] ? do_raw_spin_lock+0x132/0x2a0 [ 125.015304] ? __pfx_do_exit+0x10/0x10 [ 125.015544] ? debug_smp_processor_id+0x20/0x30 [ 125.015823] ? rcu_is_watching+0x19/0xb0 [ 125.016066] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.016340] ? trace_hardirqs_on+0x26/0x120 [ 125.016601] do_group_exit+0xe0/0x2b0 [ 125.016829] __x64_sys_exit_group+0x47/0x50 [ 125.017085] do_syscall_64+0x3b/0x90 [ 125.017312] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.017625] RIP: 0033:0x7f4b87518a4d [ 125.017846] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.018209] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.018665] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.019084] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.019507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.019936] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.020354] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.020776] [ 125.020913] irq event stamp: 0 [ 125.021113] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.021481] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.021969] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.022457] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.022832] ---[ end trace 0000000000000000 ]--- [ 125.025747] ------------[ cut here ]------------ [ 125.026054] WARNING: CPU: 1 PID: 1150 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.026693] Modules linked in: [ 125.026926] CPU: 1 PID: 1150 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.027449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.028112] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.028407] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.029480] RSP: 0018:ffff88800fe57bb8 EFLAGS: 00010246 [ 125.029794] RAX: 0000000000000000 RBX: ffff8880101f18a8 RCX: 0000000000000000 [ 125.030214] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 125.030644] RBP: ffff88800fe57bd0 R08: ffffed100203e333 R09: ffffed100203e333 [ 125.031064] R10: ffff8880101f1993 R11: ffffed100203e332 R12: ffff888013728c00 [ 125.031492] R13: ffff8880101f19e8 R14: ffffffff8352e670 R15: ffff88800fe57e68 [ 125.031913] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.032389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.032732] CR2: 0000000020000140 CR3: 000000000f56e000 CR4: 0000000000750ee0 [ 125.033154] PKRU: 55555554 [ 125.033322] Call Trace: [ 125.033475] [ 125.033610] __iommufd_access_detach+0x1c2/0x2b0 [ 125.033901] iommufd_access_change_pt+0x149/0x270 [ 125.034197] iommufd_access_replace+0xb4/0x120 [ 125.034478] iommufd_test+0x3e5/0x37e0 [ 125.034719] ? lock_release+0x532/0x770 [ 125.034964] ? __might_fault+0x102/0x1b0 [ 125.035215] ? lock_acquire+0x427/0x4c0 [ 125.035460] ? __pfx_iommufd_test+0x10/0x10 [ 125.035716] ? __pfx_lock_release+0x10/0x10 [ 125.035979] ? __pfx_lock_acquire+0x10/0x10 [ 125.036244] ? write_comp_data+0x2f/0x90 [ 125.036496] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.036790] ? write_comp_data+0x2f/0x90 [ 125.037041] iommufd_fops_ioctl+0x37d/0x510 [ 125.037304] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.037599] ? write_comp_data+0x2f/0x90 [ 125.037849] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.038139] __x64_sys_ioctl+0x1a3/0x230 [ 125.038392] do_syscall_64+0x3b/0x90 [ 125.038631] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.038946] RIP: 0033:0x7f4b8743ee5d [ 125.039173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.040246] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.040694] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.041114] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.041534] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.041954] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.042374] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.042808] [ 125.042947] irq event stamp: 0 [ 125.043137] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.043509] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.044002] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.044495] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.044866] ---[ end trace 0000000000000000 ]--- [ 125.047152] ------------[ cut here ]------------ [ 125.047436] WARNING: CPU: 1 PID: 1150 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.048033] Modules linked in: [ 125.048224] CPU: 1 PID: 1150 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.048741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.049404] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.049699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.050784] RSP: 0018:ffff88800fe57bd0 EFLAGS: 00010246 [ 125.051099] RAX: 0000000000000000 RBX: ffff8880101f18a8 RCX: 0000000000000000 [ 125.051524] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 125.051944] RBP: ffff88800fe57be8 R08: ffffed100203e333 R09: ffffed100203e333 [ 125.052364] R10: ffff8880101f1993 R11: ffffed100203e332 R12: ffff8880218edc00 [ 125.052785] R13: ffff8880101f19e8 R14: ffff88802090b500 R15: 0000000000000000 [ 125.053233] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.053707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.054051] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.054474] PKRU: 55555554 [ 125.054650] Call Trace: [ 125.054803] [ 125.054938] iommufd_access_destroy_object+0x65/0x170 [ 125.055252] iommufd_object_destroy_user+0x18e/0x220 [ 125.055558] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.055906] iommufd_access_destroy+0x43/0x70 [ 125.056181] iommufd_test_staccess_release+0x8d/0xd0 [ 125.056490] __fput+0x26d/0xa40 [ 125.056698] ____fput+0x1e/0x30 [ 125.056903] task_work_run+0x1a4/0x2d0 [ 125.057142] ? __pfx_task_work_run+0x10/0x10 [ 125.057409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.057704] ? switch_task_namespaces+0xa9/0xe0 [ 125.057990] do_exit+0xb17/0x2ef0 [ 125.058198] ? lock_acquire+0x427/0x4c0 [ 125.058442] ? __pfx_lock_release+0x10/0x10 [ 125.058720] ? __kasan_check_write+0x18/0x20 [ 125.058987] ? do_raw_spin_lock+0x132/0x2a0 [ 125.059249] ? __pfx_do_exit+0x10/0x10 [ 125.059489] ? debug_smp_processor_id+0x20/0x30 [ 125.059768] ? rcu_is_watching+0x19/0xb0 [ 125.060010] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.060284] ? trace_hardirqs_on+0x26/0x120 [ 125.060545] do_group_exit+0xe0/0x2b0 [ 125.060774] __x64_sys_exit_group+0x47/0x50 [ 125.061030] do_syscall_64+0x3b/0x90 [ 125.061259] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.061572] RIP: 0033:0x7f4b87518a4d [ 125.061793] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.062157] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.062612] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.063033] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.063457] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.063877] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.064297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.064724] [ 125.064862] irq event stamp: 0 [ 125.065050] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.065423] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.065916] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.066409] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.066790] ---[ end trace 0000000000000000 ]--- [ 125.067319] ------------[ cut here ]------------ [ 125.067595] WARNING: CPU: 1 PID: 1150 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.068195] Modules linked in: [ 125.068385] CPU: 1 PID: 1150 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.068903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.069566] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.069869] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.070965] RSP: 0018:ffff88800fe57b78 EFLAGS: 00010246 [ 125.071283] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.071702] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 125.072122] RBP: ffff88800fe57b98 R08: ffffed100203e33e R09: ffffed100203e33e [ 125.072542] R10: ffff8880101f19ef R11: ffffed100203e33d R12: ffff8880101f1a90 [ 125.072962] R13: ffff8880101f18a8 R14: ffffffffffffffff R15: ffff88800fe57c60 [ 125.073385] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.073859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.074205] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.074654] PKRU: 55555554 [ 125.074823] Call Trace: [ 125.074975] [ 125.075114] iommufd_ioas_destroy+0x53/0x70 [ 125.075374] iommufd_fops_release+0x1f7/0x370 [ 125.075647] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.075947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.076242] ? write_comp_data+0x2f/0x90 [ 125.076493] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.076792] __fput+0x26d/0xa40 [ 125.076999] ____fput+0x1e/0x30 [ 125.077204] task_work_run+0x1a4/0x2d0 [ 125.077442] ? __pfx_task_work_run+0x10/0x10 [ 125.077709] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.078004] ? switch_task_namespaces+0xa9/0xe0 [ 125.078290] do_exit+0xb17/0x2ef0 [ 125.078498] ? lock_acquire+0x427/0x4c0 [ 125.078753] ? __pfx_lock_release+0x10/0x10 [ 125.079016] ? __kasan_check_write+0x18/0x20 [ 125.079283] ? do_raw_spin_lock+0x132/0x2a0 [ 125.079542] ? __pfx_do_exit+0x10/0x10 [ 125.079782] ? debug_smp_processor_id+0x20/0x30 [ 125.080061] ? rcu_is_watching+0x19/0xb0 [ 125.080304] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.080578] ? trace_hardirqs_on+0x26/0x120 [ 125.080841] do_group_exit+0xe0/0x2b0 [ 125.081069] __x64_sys_exit_group+0x47/0x50 [ 125.081326] do_syscall_64+0x3b/0x90 [ 125.081555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.081868] RIP: 0033:0x7f4b87518a4d [ 125.082088] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.082451] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.082910] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.083333] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.083754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.084174] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.084594] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.085034] [ 125.085173] irq event stamp: 0 [ 125.085361] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.085732] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.086224] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.086727] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.087098] ---[ end trace 0000000000000000 ]--- [ 125.090550] ------------[ cut here ]------------ [ 125.090847] WARNING: CPU: 1 PID: 1151 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.091455] Modules linked in: [ 125.091645] CPU: 1 PID: 1151 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.092163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.092827] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.093123] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.094197] RSP: 0018:ffff888015a67bb8 EFLAGS: 00010246 [ 125.094523] RAX: 0000000000000000 RBX: ffff888017ab98a8 RCX: 0000000000000000 [ 125.094943] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 125.095369] RBP: ffff888015a67bd0 R08: ffffed1002f57333 R09: ffffed1002f57333 [ 125.095789] R10: ffff888017ab9993 R11: ffffed1002f57332 R12: ffff88800f545400 [ 125.096209] R13: ffff888017ab99e8 R14: ffffffff8352e670 R15: ffff888015a67e68 [ 125.096630] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.097103] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.097444] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 125.097866] PKRU: 55555554 [ 125.098033] Call Trace: [ 125.098186] [ 125.098321] __iommufd_access_detach+0x1c2/0x2b0 [ 125.098623] iommufd_access_change_pt+0x149/0x270 [ 125.098919] iommufd_access_replace+0xb4/0x120 [ 125.099204] iommufd_test+0x3e5/0x37e0 [ 125.099439] ? lock_release+0x532/0x770 [ 125.099684] ? __might_fault+0x102/0x1b0 [ 125.099931] ? lock_acquire+0x427/0x4c0 [ 125.100177] ? __pfx_iommufd_test+0x10/0x10 [ 125.100433] ? __pfx_lock_release+0x10/0x10 [ 125.100697] ? __pfx_lock_acquire+0x10/0x10 [ 125.100962] ? write_comp_data+0x2f/0x90 [ 125.101213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.101507] ? write_comp_data+0x2f/0x90 [ 125.101758] iommufd_fops_ioctl+0x37d/0x510 [ 125.102019] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.102315] ? write_comp_data+0x2f/0x90 [ 125.102574] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.102865] __x64_sys_ioctl+0x1a3/0x230 [ 125.103123] do_syscall_64+0x3b/0x90 [ 125.103353] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.103666] RIP: 0033:0x7f4b8743ee5d [ 125.103887] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.104959] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.105407] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.105827] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.106248] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.106675] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.107096] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.107523] [ 125.107662] irq event stamp: 0 [ 125.107850] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.108224] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.108718] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.109213] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.109583] ---[ end trace 0000000000000000 ]--- [ 125.111708] ------------[ cut here ]------------ [ 125.111991] WARNING: CPU: 1 PID: 1151 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.112587] Modules linked in: [ 125.112778] CPU: 1 PID: 1151 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.113294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.113957] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.114251] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.115337] RSP: 0018:ffff888015a67bd0 EFLAGS: 00010246 [ 125.115651] RAX: 0000000000000000 RBX: ffff888017ab98a8 RCX: 0000000000000000 [ 125.116071] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 125.116491] RBP: ffff888015a67be8 R08: ffffed1002f57333 R09: ffffed1002f57333 [ 125.116912] R10: ffff888017ab9993 R11: ffffed1002f57332 R12: ffff88801372a400 [ 125.117362] R13: ffff888017ab99e8 R14: ffff888021839e00 R15: 0000000000000000 [ 125.117781] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.118254] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.118606] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.119028] PKRU: 55555554 [ 125.119198] Call Trace: [ 125.119351] [ 125.119486] iommufd_access_destroy_object+0x65/0x170 [ 125.119795] iommufd_object_destroy_user+0x18e/0x220 [ 125.120102] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.120461] iommufd_access_destroy+0x43/0x70 [ 125.120735] iommufd_test_staccess_release+0x8d/0xd0 [ 125.121043] __fput+0x26d/0xa40 [ 125.121249] ____fput+0x1e/0x30 [ 125.121452] task_work_run+0x1a4/0x2d0 [ 125.121689] ? __pfx_task_work_run+0x10/0x10 [ 125.121956] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.122249] ? switch_task_namespaces+0xa9/0xe0 [ 125.122545] do_exit+0xb17/0x2ef0 [ 125.122752] ? lock_acquire+0x427/0x4c0 [ 125.122994] ? __pfx_lock_release+0x10/0x10 [ 125.123258] ? __kasan_check_write+0x18/0x20 [ 125.123521] ? do_raw_spin_lock+0x132/0x2a0 [ 125.123778] ? __pfx_do_exit+0x10/0x10 [ 125.124015] ? debug_smp_processor_id+0x20/0x30 [ 125.124292] ? rcu_is_watching+0x19/0xb0 [ 125.124533] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.124804] ? trace_hardirqs_on+0x26/0x120 [ 125.125064] do_group_exit+0xe0/0x2b0 [ 125.125292] __x64_sys_exit_group+0x47/0x50 [ 125.125546] do_syscall_64+0x3b/0x90 [ 125.125774] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.126084] RIP: 0033:0x7f4b87518a4d [ 125.126304] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.126673] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.127125] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.127542] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.127959] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.128376] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.128792] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.129216] [ 125.129353] irq event stamp: 0 [ 125.129540] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.129909] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.130398] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.130895] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.131270] ---[ end trace 0000000000000000 ]--- [ 125.131778] ------------[ cut here ]------------ [ 125.132053] WARNING: CPU: 1 PID: 1151 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.132650] Modules linked in: [ 125.132838] CPU: 1 PID: 1151 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.133351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.134009] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.134311] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.135388] RSP: 0018:ffff888015a67b78 EFLAGS: 00010246 [ 125.135699] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.136115] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 125.136532] RBP: ffff888015a67b98 R08: ffffed1002f5733e R09: ffffed1002f5733e [ 125.136949] R10: ffff888017ab99ef R11: ffffed1002f5733d R12: ffff888017ab9a90 [ 125.137365] R13: ffff888017ab98a8 R14: ffffffffffffffff R15: ffff888015a67c60 [ 125.137782] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.138252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.138601] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.139020] PKRU: 55555554 [ 125.139192] Call Trace: [ 125.139343] [ 125.139478] iommufd_ioas_destroy+0x53/0x70 [ 125.139736] iommufd_fops_release+0x1f7/0x370 [ 125.140007] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.140304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.140597] ? write_comp_data+0x2f/0x90 [ 125.140846] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.141143] __fput+0x26d/0xa40 [ 125.141349] ____fput+0x1e/0x30 [ 125.141554] task_work_run+0x1a4/0x2d0 [ 125.141790] ? __pfx_task_work_run+0x10/0x10 [ 125.142055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.142351] ? switch_task_namespaces+0xa9/0xe0 [ 125.142643] do_exit+0xb17/0x2ef0 [ 125.142850] ? lock_acquire+0x427/0x4c0 [ 125.143093] ? __pfx_lock_release+0x10/0x10 [ 125.143357] ? __kasan_check_write+0x18/0x20 [ 125.143621] ? do_raw_spin_lock+0x132/0x2a0 [ 125.143878] ? __pfx_do_exit+0x10/0x10 [ 125.144115] ? debug_smp_processor_id+0x20/0x30 [ 125.144391] ? rcu_is_watching+0x19/0xb0 [ 125.144632] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.144904] ? trace_hardirqs_on+0x26/0x120 [ 125.145163] do_group_exit+0xe0/0x2b0 [ 125.145390] __x64_sys_exit_group+0x47/0x50 [ 125.145644] do_syscall_64+0x3b/0x90 [ 125.145871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.146182] RIP: 0033:0x7f4b87518a4d [ 125.146401] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.146774] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.147221] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.147637] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.148052] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.148468] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.148884] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.149333] [ 125.149471] irq event stamp: 0 [ 125.149658] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.150027] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.150526] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.151016] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.151420] ---[ end trace 0000000000000000 ]--- [ 125.154438] ------------[ cut here ]------------ [ 125.154759] WARNING: CPU: 1 PID: 1152 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.155367] Modules linked in: [ 125.155558] CPU: 1 PID: 1152 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.156078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.156739] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.157033] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.158103] RSP: 0018:ffff88800f0d7bb8 EFLAGS: 00010246 [ 125.158417] RAX: 0000000000000000 RBX: ffff8880219438a8 RCX: 0000000000000000 [ 125.158848] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 125.159273] RBP: ffff88800f0d7bd0 R08: ffffed1004328733 R09: ffffed1004328733 [ 125.159693] R10: ffff888021943993 R11: ffffed1004328732 R12: ffff888013830c00 [ 125.160113] R13: ffff8880219439e8 R14: ffffffff8352e670 R15: ffff88800f0d7e68 [ 125.160534] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.161006] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.161348] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 125.161769] PKRU: 55555554 [ 125.161936] Call Trace: [ 125.162088] [ 125.162223] __iommufd_access_detach+0x1c2/0x2b0 [ 125.162521] iommufd_access_change_pt+0x149/0x270 [ 125.162817] iommufd_access_replace+0xb4/0x120 [ 125.163098] iommufd_test+0x3e5/0x37e0 [ 125.163335] ? lock_release+0x532/0x770 [ 125.163580] ? __might_fault+0x102/0x1b0 [ 125.163827] ? lock_acquire+0x427/0x4c0 [ 125.164073] ? __pfx_iommufd_test+0x10/0x10 [ 125.164332] ? __pfx_lock_release+0x10/0x10 [ 125.164595] ? __pfx_lock_acquire+0x10/0x10 [ 125.164861] ? write_comp_data+0x2f/0x90 [ 125.165110] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.165405] ? write_comp_data+0x2f/0x90 [ 125.165655] iommufd_fops_ioctl+0x37d/0x510 [ 125.165916] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.166211] ? write_comp_data+0x2f/0x90 [ 125.166462] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.166760] __x64_sys_ioctl+0x1a3/0x230 [ 125.167010] do_syscall_64+0x3b/0x90 [ 125.167246] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.167560] RIP: 0033:0x7f4b8743ee5d [ 125.167781] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.168856] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.169304] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.169725] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.170146] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.170574] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.170995] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.171426] [ 125.171565] irq event stamp: 0 [ 125.171754] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.172128] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.172621] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.173112] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.173483] ---[ end trace 0000000000000000 ]--- [ 125.175601] ------------[ cut here ]------------ [ 125.175883] WARNING: CPU: 1 PID: 1152 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.176480] Modules linked in: [ 125.176670] CPU: 1 PID: 1152 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.177186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.177848] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.178142] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.179230] RSP: 0018:ffff88800f0d7bd0 EFLAGS: 00010246 [ 125.179544] RAX: 0000000000000000 RBX: ffff8880219438a8 RCX: 0000000000000000 [ 125.179964] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 125.180387] RBP: ffff88800f0d7be8 R08: ffffed1004328733 R09: ffffed1004328733 [ 125.180807] R10: ffff888021943993 R11: ffffed1004328732 R12: ffff88800f547400 [ 125.181258] R13: ffff8880219439e8 R14: ffff88801202ba00 R15: 0000000000000000 [ 125.181677] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.182150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.182495] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.182925] PKRU: 55555554 [ 125.183093] Call Trace: [ 125.183250] [ 125.183385] iommufd_access_destroy_object+0x65/0x170 [ 125.183694] iommufd_object_destroy_user+0x18e/0x220 [ 125.184000] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.184349] iommufd_access_destroy+0x43/0x70 [ 125.184623] iommufd_test_staccess_release+0x8d/0xd0 [ 125.184932] __fput+0x26d/0xa40 [ 125.185142] ____fput+0x1e/0x30 [ 125.185347] task_work_run+0x1a4/0x2d0 [ 125.185585] ? __pfx_task_work_run+0x10/0x10 [ 125.185852] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.186147] ? switch_task_namespaces+0xa9/0xe0 [ 125.186432] do_exit+0xb17/0x2ef0 [ 125.186650] ? lock_acquire+0x427/0x4c0 [ 125.186893] ? __pfx_lock_release+0x10/0x10 [ 125.187157] ? __kasan_check_write+0x18/0x20 [ 125.187421] ? do_raw_spin_lock+0x132/0x2a0 [ 125.187677] ? __pfx_do_exit+0x10/0x10 [ 125.187915] ? debug_smp_processor_id+0x20/0x30 [ 125.188193] ? rcu_is_watching+0x19/0xb0 [ 125.188434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.188706] ? trace_hardirqs_on+0x26/0x120 [ 125.188966] do_group_exit+0xe0/0x2b0 [ 125.189196] __x64_sys_exit_group+0x47/0x50 [ 125.189451] do_syscall_64+0x3b/0x90 [ 125.189679] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.189990] RIP: 0033:0x7f4b87518a4d [ 125.190212] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.190582] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.191025] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.191445] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.191862] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.192279] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.192696] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.193121] [ 125.193259] irq event stamp: 0 [ 125.193446] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.193815] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.194304] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.194803] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.195185] ---[ end trace 0000000000000000 ]--- [ 125.195695] ------------[ cut here ]------------ [ 125.195969] WARNING: CPU: 1 PID: 1152 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.196563] Modules linked in: [ 125.196752] CPU: 1 PID: 1152 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.197264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.197924] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.198226] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.199305] RSP: 0018:ffff88800f0d7b78 EFLAGS: 00010246 [ 125.199618] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.200034] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 125.200454] RBP: ffff88800f0d7b98 R08: ffffed100432873e R09: ffffed100432873e [ 125.200872] R10: ffff8880219439ef R11: ffffed100432873d R12: ffff888021943a90 [ 125.201289] R13: ffff8880219438a8 R14: ffffffffffffffff R15: ffff88800f0d7c60 [ 125.201707] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.202178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.202530] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.202950] PKRU: 55555554 [ 125.203118] Call Trace: [ 125.203272] [ 125.203407] iommufd_ioas_destroy+0x53/0x70 [ 125.203665] iommufd_fops_release+0x1f7/0x370 [ 125.203936] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.204235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.204528] ? write_comp_data+0x2f/0x90 [ 125.204777] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.205074] __fput+0x26d/0xa40 [ 125.205281] ____fput+0x1e/0x30 [ 125.205483] task_work_run+0x1a4/0x2d0 [ 125.205720] ? __pfx_task_work_run+0x10/0x10 [ 125.205986] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.206279] ? switch_task_namespaces+0xa9/0xe0 [ 125.206574] do_exit+0xb17/0x2ef0 [ 125.206782] ? lock_acquire+0x427/0x4c0 [ 125.207024] ? __pfx_lock_release+0x10/0x10 [ 125.207289] ? __kasan_check_write+0x18/0x20 [ 125.207553] ? do_raw_spin_lock+0x132/0x2a0 [ 125.207810] ? __pfx_do_exit+0x10/0x10 [ 125.208048] ? debug_smp_processor_id+0x20/0x30 [ 125.208325] ? rcu_is_watching+0x19/0xb0 [ 125.208567] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.208839] ? trace_hardirqs_on+0x26/0x120 [ 125.209099] do_group_exit+0xe0/0x2b0 [ 125.209326] __x64_sys_exit_group+0x47/0x50 [ 125.209581] do_syscall_64+0x3b/0x90 [ 125.209809] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.210120] RIP: 0033:0x7f4b87518a4d [ 125.210339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.210709] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.211158] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.211575] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.211991] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.212410] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.212827] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.213280] [ 125.213417] irq event stamp: 0 [ 125.213604] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.213975] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.214465] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.214965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.215337] ---[ end trace 0000000000000000 ]--- [ 125.219156] ------------[ cut here ]------------ [ 125.219451] WARNING: CPU: 1 PID: 1153 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.220047] Modules linked in: [ 125.220240] CPU: 1 PID: 1153 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.220761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.221416] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.221709] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.222937] RSP: 0018:ffff8880159d7bb8 EFLAGS: 00010246 [ 125.223255] RAX: 0000000000000000 RBX: ffff888023c450a8 RCX: 0000000000000000 [ 125.223671] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 125.224086] RBP: ffff8880159d7bd0 R08: ffffed1004788a33 R09: ffffed1004788a33 [ 125.224503] R10: ffff888023c45193 R11: ffffed1004788a32 R12: ffff88800f60b000 [ 125.224918] R13: ffff888023c451e8 R14: ffffffff8352e670 R15: ffff8880159d7e68 [ 125.225334] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.225803] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.226142] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 125.226570] PKRU: 55555554 [ 125.226737] Call Trace: [ 125.226888] [ 125.227022] __iommufd_access_detach+0x1c2/0x2b0 [ 125.227313] iommufd_access_change_pt+0x149/0x270 [ 125.227610] iommufd_access_replace+0xb4/0x120 [ 125.227886] iommufd_test+0x3e5/0x37e0 [ 125.228114] ? lock_release+0x532/0x770 [ 125.228354] ? __might_fault+0x102/0x1b0 [ 125.228598] ? lock_acquire+0x427/0x4c0 [ 125.228838] ? __pfx_iommufd_test+0x10/0x10 [ 125.229090] ? __pfx_lock_release+0x10/0x10 [ 125.229349] ? __pfx_lock_acquire+0x10/0x10 [ 125.229609] ? write_comp_data+0x2f/0x90 [ 125.229854] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.230142] ? write_comp_data+0x2f/0x90 [ 125.230388] iommufd_fops_ioctl+0x37d/0x510 [ 125.230652] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.230943] ? write_comp_data+0x2f/0x90 [ 125.231195] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.231480] __x64_sys_ioctl+0x1a3/0x230 [ 125.231726] do_syscall_64+0x3b/0x90 [ 125.231951] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.232258] RIP: 0033:0x7f4b8743ee5d [ 125.232475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.233529] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.233968] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.234382] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.234801] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.235217] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.235632] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.236051] [ 125.236188] irq event stamp: 0 [ 125.236374] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.236739] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.237226] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.237711] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.238076] ---[ end trace 0000000000000000 ]--- [ 125.240195] ------------[ cut here ]------------ [ 125.240472] WARNING: CPU: 1 PID: 1153 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.241059] Modules linked in: [ 125.241246] CPU: 1 PID: 1153 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.241757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.242409] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.242722] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.243935] RSP: 0018:ffff8880159d7bd0 EFLAGS: 00010246 [ 125.244271] RAX: 0000000000000000 RBX: ffff888023c450a8 RCX: 0000000000000000 [ 125.244723] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 125.245168] RBP: ffff8880159d7be8 R08: ffffed1004788a33 R09: ffffed1004788a33 [ 125.245585] R10: ffff888023c45193 R11: ffffed1004788a32 R12: ffff888013832400 [ 125.246000] R13: ffff888023c451e8 R14: ffff8880123b0100 R15: 0000000000000000 [ 125.246417] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.246902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.247252] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.247700] PKRU: 55555554 [ 125.247868] Call Trace: [ 125.248023] [ 125.248159] iommufd_access_destroy_object+0x65/0x170 [ 125.248470] iommufd_object_destroy_user+0x18e/0x220 [ 125.248775] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.249121] iommufd_access_destroy+0x43/0x70 [ 125.249397] iommufd_test_staccess_release+0x8d/0xd0 [ 125.249708] __fput+0x26d/0xa40 [ 125.249923] ____fput+0x1e/0x30 [ 125.250128] task_work_run+0x1a4/0x2d0 [ 125.250369] ? __pfx_task_work_run+0x10/0x10 [ 125.250653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.250949] ? switch_task_namespaces+0xa9/0xe0 [ 125.251254] do_exit+0xb17/0x2ef0 [ 125.251464] ? lock_acquire+0x427/0x4c0 [ 125.251709] ? __pfx_lock_release+0x10/0x10 [ 125.251973] ? __kasan_check_write+0x18/0x20 [ 125.252264] ? do_raw_spin_lock+0x132/0x2a0 [ 125.252524] ? __pfx_do_exit+0x10/0x10 [ 125.252764] ? debug_smp_processor_id+0x20/0x30 [ 125.253044] ? rcu_is_watching+0x19/0xb0 [ 125.253289] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.253563] ? trace_hardirqs_on+0x26/0x120 [ 125.253824] do_group_exit+0xe0/0x2b0 [ 125.254053] __x64_sys_exit_group+0x47/0x50 [ 125.254309] do_syscall_64+0x3b/0x90 [ 125.254551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.254873] RIP: 0033:0x7f4b87518a4d [ 125.255103] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.255526] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.256052] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.256535] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.257035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.257462] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.257882] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.258310] [ 125.258453] irq event stamp: 0 [ 125.258657] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.259032] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.259538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.260041] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.260416] ---[ end trace 0000000000000000 ]--- [ 125.260962] ------------[ cut here ]------------ [ 125.261240] WARNING: CPU: 1 PID: 1153 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.261847] Modules linked in: [ 125.262040] CPU: 1 PID: 1153 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.262575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.263262] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.263580] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.264675] RSP: 0018:ffff8880159d7b78 EFLAGS: 00010246 [ 125.264998] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.265429] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 125.265851] RBP: ffff8880159d7b98 R08: ffffed1004788a3e R09: ffffed1004788a3e [ 125.266274] R10: ffff888023c451ef R11: ffffed1004788a3d R12: ffff888023c45290 [ 125.266721] R13: ffff888023c450a8 R14: ffffffffffffffff R15: ffff8880159d7c60 [ 125.267165] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.267652] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.267998] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.268424] PKRU: 55555554 [ 125.268598] Call Trace: [ 125.268751] [ 125.268887] iommufd_ioas_destroy+0x53/0x70 [ 125.269151] iommufd_fops_release+0x1f7/0x370 [ 125.269431] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.269752] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.270055] ? write_comp_data+0x2f/0x90 [ 125.270323] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.270706] __fput+0x26d/0xa40 [ 125.270968] ____fput+0x1e/0x30 [ 125.271245] task_work_run+0x1a4/0x2d0 [ 125.271548] ? __pfx_task_work_run+0x10/0x10 [ 125.271859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.272208] ? switch_task_namespaces+0xa9/0xe0 [ 125.272564] do_exit+0xb17/0x2ef0 [ 125.272830] ? lock_acquire+0x427/0x4c0 [ 125.273131] ? __pfx_lock_release+0x10/0x10 [ 125.273426] ? __kasan_check_write+0x18/0x20 [ 125.273733] ? do_raw_spin_lock+0x132/0x2a0 [ 125.274008] ? __pfx_do_exit+0x10/0x10 [ 125.274251] ? debug_smp_processor_id+0x20/0x30 [ 125.274553] ? rcu_is_watching+0x19/0xb0 [ 125.274884] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.275312] ? trace_hardirqs_on+0x26/0x120 [ 125.275661] do_group_exit+0xe0/0x2b0 [ 125.275934] __x64_sys_exit_group+0x47/0x50 [ 125.276237] do_syscall_64+0x3b/0x90 [ 125.276472] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.276791] RIP: 0033:0x7f4b87518a4d [ 125.277050] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.277420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.277876] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.278306] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.278757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.279198] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.279631] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.280065] [ 125.280208] irq event stamp: 0 [ 125.280400] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.280780] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.281286] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.281789] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.282166] ---[ end trace 0000000000000000 ]--- [ 125.286003] ------------[ cut here ]------------ [ 125.286309] WARNING: CPU: 1 PID: 1154 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.286946] Modules linked in: [ 125.287151] CPU: 1 PID: 1154 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.287672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.288342] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.288641] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.289726] RSP: 0018:ffff888015e67bb8 EFLAGS: 00010246 [ 125.290051] RAX: 0000000000000000 RBX: ffff8880136f80a8 RCX: 0000000000000000 [ 125.290479] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 125.291070] RBP: ffff888015e67bd0 R08: ffffed10026df033 R09: ffffed10026df033 [ 125.291520] R10: ffff8880136f8193 R11: ffffed10026df032 R12: ffff88800ef9cc00 [ 125.291951] R13: ffff8880136f81e8 R14: ffffffff8352e670 R15: ffff888015e67e68 [ 125.292382] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.292863] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.293214] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 125.293640] PKRU: 55555554 [ 125.293812] Call Trace: [ 125.293968] [ 125.294106] __iommufd_access_detach+0x1c2/0x2b0 [ 125.294409] iommufd_access_change_pt+0x149/0x270 [ 125.294729] iommufd_access_replace+0xb4/0x120 [ 125.295018] iommufd_test+0x3e5/0x37e0 [ 125.295264] ? lock_release+0x532/0x770 [ 125.295514] ? __might_fault+0x102/0x1b0 [ 125.295770] ? lock_acquire+0x427/0x4c0 [ 125.296022] ? __pfx_iommufd_test+0x10/0x10 [ 125.296288] ? __pfx_lock_release+0x10/0x10 [ 125.296559] ? __pfx_lock_acquire+0x10/0x10 [ 125.296830] ? write_comp_data+0x2f/0x90 [ 125.297087] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.297385] ? write_comp_data+0x2f/0x90 [ 125.297640] iommufd_fops_ioctl+0x37d/0x510 [ 125.297906] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.298211] ? write_comp_data+0x2f/0x90 [ 125.298466] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.298777] __x64_sys_ioctl+0x1a3/0x230 [ 125.299036] do_syscall_64+0x3b/0x90 [ 125.299281] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.299603] RIP: 0033:0x7f4b8743ee5d [ 125.299830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.300920] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.301380] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.301812] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.302243] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.302687] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.303122] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.303564] [ 125.303710] irq event stamp: 0 [ 125.303902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.304286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.304795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.305302] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.305685] ---[ end trace 0000000000000000 ]--- [ 125.308601] ------------[ cut here ]------------ [ 125.308977] WARNING: CPU: 1 PID: 1154 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.309593] Modules linked in: [ 125.309789] CPU: 1 PID: 1154 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.310321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.311016] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.311333] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.312432] RSP: 0018:ffff888015e67bd0 EFLAGS: 00010246 [ 125.312757] RAX: 0000000000000000 RBX: ffff8880136f80a8 RCX: 0000000000000000 [ 125.313187] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 125.313616] RBP: ffff888015e67be8 R08: ffffed10026df033 R09: ffffed10026df033 [ 125.314049] R10: ffff8880136f8193 R11: ffffed10026df032 R12: ffff88800f609c00 [ 125.314480] R13: ffff8880136f81e8 R14: ffff888011f19800 R15: 0000000000000000 [ 125.314928] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.315429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.315782] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.316215] PKRU: 55555554 [ 125.316398] Call Trace: [ 125.316556] [ 125.316697] iommufd_access_destroy_object+0x65/0x170 [ 125.317019] iommufd_object_destroy_user+0x18e/0x220 [ 125.317337] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.317702] iommufd_access_destroy+0x43/0x70 [ 125.317989] iommufd_test_staccess_release+0x8d/0xd0 [ 125.318312] __fput+0x26d/0xa40 [ 125.318556] ____fput+0x1e/0x30 [ 125.318777] task_work_run+0x1a4/0x2d0 [ 125.319049] ? __pfx_task_work_run+0x10/0x10 [ 125.319399] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.319794] ? switch_task_namespaces+0xa9/0xe0 [ 125.320147] do_exit+0xb17/0x2ef0 [ 125.320392] ? lock_acquire+0x427/0x4c0 [ 125.320683] ? __pfx_lock_release+0x10/0x10 [ 125.321005] ? __kasan_check_write+0x18/0x20 [ 125.321342] ? do_raw_spin_lock+0x132/0x2a0 [ 125.321638] ? __pfx_do_exit+0x10/0x10 [ 125.321910] ? debug_smp_processor_id+0x20/0x30 [ 125.322221] ? rcu_is_watching+0x19/0xb0 [ 125.322482] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.322807] ? trace_hardirqs_on+0x26/0x120 [ 125.323106] do_group_exit+0xe0/0x2b0 [ 125.323381] __x64_sys_exit_group+0x47/0x50 [ 125.323663] do_syscall_64+0x3b/0x90 [ 125.323910] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.324247] RIP: 0033:0x7f4b87518a4d [ 125.324500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.324903] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.325394] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.325868] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.326333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.326842] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.327339] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.327821] [ 125.327977] irq event stamp: 0 [ 125.328218] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.328729] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.329414] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.330072] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.330532] ---[ end trace 0000000000000000 ]--- [ 125.331165] ------------[ cut here ]------------ [ 125.331544] WARNING: CPU: 1 PID: 1154 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.332331] Modules linked in: [ 125.332578] CPU: 1 PID: 1154 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.333234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.334045] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.334392] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.335831] RSP: 0018:ffff888015e67b78 EFLAGS: 00010246 [ 125.336211] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.336667] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 125.337124] RBP: ffff888015e67b98 R08: ffffed10026df03e R09: ffffed10026df03e [ 125.337582] R10: ffff8880136f81ef R11: ffffed10026df03d R12: ffff8880136f8290 [ 125.338040] R13: ffff8880136f80a8 R14: ffffffffffffffff R15: ffff888015e67c60 [ 125.338501] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.339033] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.339430] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.339906] PKRU: 55555554 [ 125.340099] Call Trace: [ 125.340273] [ 125.340427] iommufd_ioas_destroy+0x53/0x70 [ 125.340722] iommufd_fops_release+0x1f7/0x370 [ 125.341064] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.341403] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.341742] ? write_comp_data+0x2f/0x90 [ 125.342025] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.342363] __fput+0x26d/0xa40 [ 125.342618] ____fput+0x1e/0x30 [ 125.342853] task_work_run+0x1a4/0x2d0 [ 125.343134] ? __pfx_task_work_run+0x10/0x10 [ 125.343442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.343776] ? switch_task_namespaces+0xa9/0xe0 [ 125.344100] do_exit+0xb17/0x2ef0 [ 125.344338] ? lock_acquire+0x427/0x4c0 [ 125.344614] ? __pfx_lock_release+0x10/0x10 [ 125.344912] ? __kasan_check_write+0x18/0x20 [ 125.345214] ? do_raw_spin_lock+0x132/0x2a0 [ 125.345508] ? __pfx_do_exit+0x10/0x10 [ 125.345782] ? debug_smp_processor_id+0x20/0x30 [ 125.346103] ? rcu_is_watching+0x19/0xb0 [ 125.346387] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.346731] ? trace_hardirqs_on+0x26/0x120 [ 125.347071] do_group_exit+0xe0/0x2b0 [ 125.347413] __x64_sys_exit_group+0x47/0x50 [ 125.347774] do_syscall_64+0x3b/0x90 [ 125.348087] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.348514] RIP: 0033:0x7f4b87518a4d [ 125.348787] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.349211] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.349731] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.350217] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.350727] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.351232] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.351733] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.352227] [ 125.352390] irq event stamp: 0 [ 125.352612] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.353047] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.353630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.354210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.354682] ---[ end trace 0000000000000000 ]--- [ 125.358875] ------------[ cut here ]------------ [ 125.359244] WARNING: CPU: 1 PID: 1155 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.359965] Modules linked in: [ 125.360196] CPU: 1 PID: 1155 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.360813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.361607] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.361964] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.363473] RSP: 0018:ffff888014777bb8 EFLAGS: 00010246 [ 125.363859] RAX: 0000000000000000 RBX: ffff8880209bd0a8 RCX: 0000000000000000 [ 125.364370] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 125.364882] RBP: ffff888014777bd0 R08: ffffed1004137a33 R09: ffffed1004137a33 [ 125.365404] R10: ffff8880209bd193 R11: ffffed1004137a32 R12: ffff888013c94c00 [ 125.365921] R13: ffff8880209bd1e8 R14: ffffffff8352e670 R15: ffff888014777e68 [ 125.366437] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.367047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.367482] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 125.367998] PKRU: 55555554 [ 125.368203] Call Trace: [ 125.368392] [ 125.368560] __iommufd_access_detach+0x1c2/0x2b0 [ 125.368931] iommufd_access_change_pt+0x149/0x270 [ 125.369297] iommufd_access_replace+0xb4/0x120 [ 125.369645] iommufd_test+0x3e5/0x37e0 [ 125.369934] ? lock_release+0x532/0x770 [ 125.370239] ? __might_fault+0x102/0x1b0 [ 125.370572] ? lock_acquire+0x427/0x4c0 [ 125.370876] ? __pfx_iommufd_test+0x10/0x10 [ 125.371198] ? __pfx_lock_release+0x10/0x10 [ 125.371525] ? __pfx_lock_acquire+0x10/0x10 [ 125.371855] ? write_comp_data+0x2f/0x90 [ 125.372168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.372540] ? write_comp_data+0x2f/0x90 [ 125.372855] iommufd_fops_ioctl+0x37d/0x510 [ 125.373238] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.373607] ? write_comp_data+0x2f/0x90 [ 125.373927] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.374296] __x64_sys_ioctl+0x1a3/0x230 [ 125.374647] do_syscall_64+0x3b/0x90 [ 125.374947] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.375355] RIP: 0033:0x7f4b8743ee5d [ 125.375636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.376980] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.377550] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.378076] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.378642] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.379199] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.379732] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.380288] [ 125.380473] irq event stamp: 0 [ 125.380718] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.381200] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.381838] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.382482] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.383005] ---[ end trace 0000000000000000 ]--- [ 125.385702] ------------[ cut here ]------------ [ 125.386100] WARNING: CPU: 1 PID: 1155 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.386921] Modules linked in: [ 125.387191] CPU: 1 PID: 1155 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.387871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.388745] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.389135] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.390571] RSP: 0018:ffff888014777bd0 EFLAGS: 00010246 [ 125.390993] RAX: 0000000000000000 RBX: ffff8880209bd0a8 RCX: 0000000000000000 [ 125.391563] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 125.392114] RBP: ffff888014777be8 R08: ffffed1004137a33 R09: ffffed1004137a33 [ 125.392663] R10: ffff8880209bd193 R11: ffffed1004137a32 R12: ffff88800ef9e400 [ 125.393212] R13: ffff8880209bd1e8 R14: ffff888011f03600 R15: 0000000000000000 [ 125.393780] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.394427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.394930] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.395530] PKRU: 55555554 [ 125.395762] Call Trace: [ 125.395970] [ 125.396155] iommufd_access_destroy_object+0x65/0x170 [ 125.396576] iommufd_object_destroy_user+0x18e/0x220 [ 125.396997] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.397481] iommufd_access_destroy+0x43/0x70 [ 125.397863] iommufd_test_staccess_release+0x8d/0xd0 [ 125.398287] __fput+0x26d/0xa40 [ 125.398604] ____fput+0x1e/0x30 [ 125.398888] task_work_run+0x1a4/0x2d0 [ 125.399227] ? __pfx_task_work_run+0x10/0x10 [ 125.399592] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.400002] ? switch_task_namespaces+0xa9/0xe0 [ 125.400394] do_exit+0xb17/0x2ef0 [ 125.400681] ? lock_acquire+0x427/0x4c0 [ 125.401014] ? __pfx_lock_release+0x10/0x10 [ 125.401378] ? __kasan_check_write+0x18/0x20 [ 125.401748] ? do_raw_spin_lock+0x132/0x2a0 [ 125.402111] ? __pfx_do_exit+0x10/0x10 [ 125.402449] ? debug_smp_processor_id+0x20/0x30 [ 125.402867] ? rcu_is_watching+0x19/0xb0 [ 125.403214] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.403594] ? trace_hardirqs_on+0x26/0x120 [ 125.403959] do_group_exit+0xe0/0x2b0 [ 125.404275] __x64_sys_exit_group+0x47/0x50 [ 125.404633] do_syscall_64+0x3b/0x90 [ 125.405008] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.405438] RIP: 0033:0x7f4b87518a4d [ 125.405746] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.406243] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.406889] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.407478] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.408055] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.408628] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.409218] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.409830] [ 125.410030] irq event stamp: 0 [ 125.410298] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.410851] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.411577] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.412296] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.412831] ---[ end trace 0000000000000000 ]--- [ 125.413559] ------------[ cut here ]------------ [ 125.413954] WARNING: CPU: 1 PID: 1155 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.414857] Modules linked in: [ 125.415153] CPU: 1 PID: 1155 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.415909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.416880] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.417331] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.418924] RSP: 0018:ffff888014777b78 EFLAGS: 00010246 [ 125.419396] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.420000] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 125.420615] RBP: ffff888014777b98 R08: ffffed1004137a3e R09: ffffed1004137a3e [ 125.421232] R10: ffff8880209bd1ef R11: ffffed1004137a3d R12: ffff8880209bd290 [ 125.421843] R13: ffff8880209bd0a8 R14: ffffffffffffffff R15: ffff888014777c60 [ 125.422451] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.423196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.423697] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.424312] PKRU: 55555554 [ 125.424556] Call Trace: [ 125.424779] [ 125.424976] iommufd_ioas_destroy+0x53/0x70 [ 125.425360] iommufd_fops_release+0x1f7/0x370 [ 125.425753] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.426189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.426656] ? write_comp_data+0x2f/0x90 [ 125.427019] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.427465] __fput+0x26d/0xa40 [ 125.427769] ____fput+0x1e/0x30 [ 125.428063] task_work_run+0x1a4/0x2d0 [ 125.428404] ? __pfx_task_work_run+0x10/0x10 [ 125.428788] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.429212] ? switch_task_namespaces+0xa9/0xe0 [ 125.429631] do_exit+0xb17/0x2ef0 [ 125.429939] ? lock_acquire+0x427/0x4c0 [ 125.430291] ? __pfx_lock_release+0x10/0x10 [ 125.430687] ? __kasan_check_write+0x18/0x20 [ 125.431080] ? do_raw_spin_lock+0x132/0x2a0 [ 125.431472] ? __pfx_do_exit+0x10/0x10 [ 125.431821] ? debug_smp_processor_id+0x20/0x30 [ 125.432230] ? rcu_is_watching+0x19/0xb0 [ 125.432593] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.432999] ? trace_hardirqs_on+0x26/0x120 [ 125.433380] do_group_exit+0xe0/0x2b0 [ 125.433715] __x64_sys_exit_group+0x47/0x50 [ 125.434093] do_syscall_64+0x3b/0x90 [ 125.434424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.434902] RIP: 0033:0x7f4b87518a4d [ 125.435246] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.435787] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.436448] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.437115] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.437729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.438346] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.438991] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.439629] [ 125.439834] irq event stamp: 0 [ 125.440108] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.440648] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.441364] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.442081] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.442651] ---[ end trace 0000000000000000 ]--- [ 125.447478] ------------[ cut here ]------------ [ 125.447919] WARNING: CPU: 1 PID: 1156 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.448793] Modules linked in: [ 125.449071] CPU: 1 PID: 1156 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.449823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.451012] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.451477] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.453048] RSP: 0018:ffff888017b3fbb8 EFLAGS: 00010246 [ 125.453508] RAX: 0000000000000000 RBX: ffff888015d6b8a8 RCX: 0000000000000000 [ 125.454123] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 125.454763] RBP: ffff888017b3fbd0 R08: ffffed1002bad733 R09: ffffed1002bad733 [ 125.455390] R10: ffff888015d6b993 R11: ffffed1002bad732 R12: ffff88800f99a400 [ 125.456012] R13: ffff888015d6b9e8 R14: ffffffff8352e670 R15: ffff888017b3fe68 [ 125.456632] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.457328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.457829] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ee0 [ 125.458448] PKRU: 55555554 [ 125.458715] Call Trace: [ 125.458941] [ 125.459148] __iommufd_access_detach+0x1c2/0x2b0 [ 125.459578] iommufd_access_change_pt+0x149/0x270 [ 125.460006] iommufd_access_replace+0xb4/0x120 [ 125.460412] iommufd_test+0x3e5/0x37e0 [ 125.460750] ? lock_release+0x532/0x770 [ 125.461109] ? __might_fault+0x102/0x1b0 [ 125.461471] ? lock_acquire+0x427/0x4c0 [ 125.461831] ? __pfx_iommufd_test+0x10/0x10 [ 125.462208] ? __pfx_lock_release+0x10/0x10 [ 125.462614] ? __pfx_lock_acquire+0x10/0x10 [ 125.463014] ? write_comp_data+0x2f/0x90 [ 125.463379] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.463810] ? write_comp_data+0x2f/0x90 [ 125.464175] iommufd_fops_ioctl+0x37d/0x510 [ 125.464555] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.464982] ? write_comp_data+0x2f/0x90 [ 125.465345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.465772] __x64_sys_ioctl+0x1a3/0x230 [ 125.466139] do_syscall_64+0x3b/0x90 [ 125.466475] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.466961] RIP: 0033:0x7f4b8743ee5d [ 125.467303] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.468878] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.469613] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.470235] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.470881] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.471528] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.472146] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.472774] [ 125.472978] irq event stamp: 0 [ 125.473254] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.473814] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.474564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.475299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.475846] ---[ end trace 0000000000000000 ]--- [ 125.478746] ------------[ cut here ]------------ [ 125.479207] WARNING: CPU: 1 PID: 1156 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.480091] Modules linked in: [ 125.480372] CPU: 1 PID: 1156 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.481132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.482107] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.482562] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.484163] RSP: 0018:ffff888017b3fbd0 EFLAGS: 00010246 [ 125.484627] RAX: 0000000000000000 RBX: ffff888015d6b8a8 RCX: 0000000000000000 [ 125.485238] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 125.485854] RBP: ffff888017b3fbe8 R08: ffffed1002bad733 R09: ffffed1002bad733 [ 125.486469] R10: ffff888015d6b993 R11: ffffed1002bad732 R12: ffff888013fc6400 [ 125.487099] R13: ffff888015d6b9e8 R14: ffff8880143ce700 R15: 0000000000000000 [ 125.487724] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.488418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.488920] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.489536] PKRU: 55555554 [ 125.489783] Call Trace: [ 125.490005] [ 125.490200] iommufd_access_destroy_object+0x65/0x170 [ 125.490675] iommufd_object_destroy_user+0x18e/0x220 [ 125.491141] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.491653] iommufd_access_destroy+0x43/0x70 [ 125.492055] iommufd_test_staccess_release+0x8d/0xd0 [ 125.492510] __fput+0x26d/0xa40 [ 125.492816] ____fput+0x1e/0x30 [ 125.493115] task_work_run+0x1a4/0x2d0 [ 125.493469] ? __pfx_task_work_run+0x10/0x10 [ 125.493859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.494286] ? switch_task_namespaces+0xa9/0xe0 [ 125.494723] do_exit+0xb17/0x2ef0 [ 125.495030] ? lock_acquire+0x427/0x4c0 [ 125.495392] ? __pfx_lock_release+0x10/0x10 [ 125.495777] ? __kasan_check_write+0x18/0x20 [ 125.496165] ? do_raw_spin_lock+0x132/0x2a0 [ 125.496542] ? __pfx_do_exit+0x10/0x10 [ 125.496895] ? debug_smp_processor_id+0x20/0x30 [ 125.497304] ? rcu_is_watching+0x19/0xb0 [ 125.497658] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.498056] ? trace_hardirqs_on+0x26/0x120 [ 125.498437] do_group_exit+0xe0/0x2b0 [ 125.498793] __x64_sys_exit_group+0x47/0x50 [ 125.499181] do_syscall_64+0x3b/0x90 [ 125.499515] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.499974] RIP: 0033:0x7f4b87518a4d [ 125.500300] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.500836] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.501575] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.502189] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.502827] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.503450] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.504071] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.504691] [ 125.504897] irq event stamp: 0 [ 125.505171] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.505717] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.506445] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.507206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.507754] ---[ end trace 0000000000000000 ]--- [ 125.508503] ------------[ cut here ]------------ [ 125.508916] WARNING: CPU: 1 PID: 1156 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.509800] Modules linked in: [ 125.510079] CPU: 1 PID: 1156 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.510857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.511847] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.512295] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.513898] RSP: 0018:ffff888017b3fb78 EFLAGS: 00010246 [ 125.514369] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.515008] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 125.515646] RBP: ffff888017b3fb98 R08: ffffed1002bad73e R09: ffffed1002bad73e [ 125.516266] R10: ffff888015d6b9ef R11: ffffed1002bad73d R12: ffff888015d6ba90 [ 125.516886] R13: ffff888015d6b8a8 R14: ffffffffffffffff R15: ffff888017b3fc60 [ 125.517511] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.518210] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.518735] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.519371] PKRU: 55555554 [ 125.519696] Call Trace: [ 125.519919] [ 125.520116] iommufd_ioas_destroy+0x53/0x70 [ 125.520506] iommufd_fops_release+0x1f7/0x370 [ 125.520913] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.521350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.521779] ? write_comp_data+0x2f/0x90 [ 125.522139] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.522591] __fput+0x26d/0xa40 [ 125.522895] ____fput+0x1e/0x30 [ 125.523197] task_work_run+0x1a4/0x2d0 [ 125.523543] ? __pfx_task_work_run+0x10/0x10 [ 125.523932] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.524354] ? switch_task_namespaces+0xa9/0xe0 [ 125.524770] do_exit+0xb17/0x2ef0 [ 125.525074] ? lock_acquire+0x427/0x4c0 [ 125.525427] ? __pfx_lock_release+0x10/0x10 [ 125.525804] ? __kasan_check_write+0x18/0x20 [ 125.526192] ? do_raw_spin_lock+0x132/0x2a0 [ 125.526592] ? __pfx_do_exit+0x10/0x10 [ 125.526942] ? debug_smp_processor_id+0x20/0x30 [ 125.527356] ? rcu_is_watching+0x19/0xb0 [ 125.527709] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.528102] ? trace_hardirqs_on+0x26/0x120 [ 125.528480] do_group_exit+0xe0/0x2b0 [ 125.528809] __x64_sys_exit_group+0x47/0x50 [ 125.529179] do_syscall_64+0x3b/0x90 [ 125.529509] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.529962] RIP: 0033:0x7f4b87518a4d [ 125.530285] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.530833] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.531211] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 125.531497] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.533293] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 125.533863] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.535718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.536333] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.536942] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.537561] [ 125.537763] irq event stamp: 0 [ 125.538034] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.538592] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.539321] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.540039] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.540593] ---[ end trace 0000000000000000 ]--- [ 125.545202] ------------[ cut here ]------------ [ 125.545650] WARNING: CPU: 0 PID: 1158 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.546587] Modules linked in: [ 125.546866] CPU: 0 PID: 1158 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.547635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.548604] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.549036] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.550616] RSP: 0018:ffff888015e67bb8 EFLAGS: 00010246 [ 125.551078] RAX: 0000000000000000 RBX: ffff888012dd08a8 RCX: 0000000000000000 [ 125.551698] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 125.552308] RBP: ffff888015e67bd0 R08: ffffed10025ba133 R09: ffffed10025ba133 [ 125.552922] R10: ffff888012dd0993 R11: ffffed10025ba132 R12: ffff8880182e1c00 [ 125.553539] R13: ffff888012dd09e8 R14: ffffffff8352e670 R15: ffff888015e67e68 [ 125.554149] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.554857] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.555369] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ef0 [ 125.555984] PKRU: 55555554 [ 125.556230] Call Trace: [ 125.556453] [ 125.556654] __iommufd_access_detach+0x1c2/0x2b0 [ 125.557087] iommufd_access_change_pt+0x149/0x270 [ 125.557520] iommufd_access_replace+0xb4/0x120 [ 125.557927] iommufd_test+0x3e5/0x37e0 [ 125.558267] ? lock_release+0x532/0x770 [ 125.558640] ? __might_fault+0x102/0x1b0 [ 125.559002] ? lock_acquire+0x427/0x4c0 [ 125.559370] ? __pfx_iommufd_test+0x10/0x10 [ 125.559754] ? __pfx_lock_release+0x10/0x10 [ 125.560151] ? __pfx_lock_acquire+0x10/0x10 [ 125.560553] ? write_comp_data+0x2f/0x90 [ 125.560923] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.561361] ? write_comp_data+0x2f/0x90 [ 125.561724] iommufd_fops_ioctl+0x37d/0x510 [ 125.562108] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.562569] ? write_comp_data+0x2f/0x90 [ 125.562936] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.563378] __x64_sys_ioctl+0x1a3/0x230 [ 125.563740] do_syscall_64+0x3b/0x90 [ 125.564073] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.564563] RIP: 0033:0x7f4b8743ee5d [ 125.564915] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.566622] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.567336] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.567991] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.568645] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.569291] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.569946] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.570646] [ 125.570865] irq event stamp: 0 [ 125.571176] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.571759] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.572522] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.573295] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.573877] ---[ end trace 0000000000000000 ]--- [ 125.577400] ------------[ cut here ]------------ [ 125.577885] WARNING: CPU: 0 PID: 1158 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.578852] Modules linked in: [ 125.579186] CPU: 0 PID: 1158 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.579996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.581025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.581486] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.583224] RSP: 0018:ffff888015e67bd0 EFLAGS: 00010246 [ 125.583726] RAX: 0000000000000000 RBX: ffff888012dd08a8 RCX: 0000000000000000 [ 125.584398] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 125.585071] RBP: ffff888015e67be8 R08: ffffed10025ba133 R09: ffffed10025ba133 [ 125.585733] R10: ffff888012dd0993 R11: ffffed10025ba132 R12: ffff888021bb5000 [ 125.586400] R13: ffff888012dd09e8 R14: ffff888013a63600 R15: 0000000000000000 [ 125.587091] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.587865] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.588410] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 125.589077] PKRU: 55555554 [ 125.589344] Call Trace: [ 125.589584] [ 125.589794] iommufd_access_destroy_object+0x65/0x170 [ 125.590284] iommufd_object_destroy_user+0x18e/0x220 [ 125.590794] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.591355] iommufd_access_destroy+0x43/0x70 [ 125.591790] iommufd_test_staccess_release+0x8d/0xd0 [ 125.592275] __fput+0x26d/0xa40 [ 125.592609] ____fput+0x1e/0x30 [ 125.592930] task_work_run+0x1a4/0x2d0 [ 125.593304] ? __pfx_task_work_run+0x10/0x10 [ 125.593727] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.594194] ? switch_task_namespaces+0xa9/0xe0 [ 125.594678] do_exit+0xb17/0x2ef0 [ 125.595013] ? lock_acquire+0x427/0x4c0 [ 125.595425] ? __pfx_lock_release+0x10/0x10 [ 125.595845] ? __kasan_check_write+0x18/0x20 [ 125.596265] ? do_raw_spin_lock+0x132/0x2a0 [ 125.596669] ? __pfx_do_exit+0x10/0x10 [ 125.597046] ? debug_smp_processor_id+0x20/0x30 [ 125.597485] ? rcu_is_watching+0x19/0xb0 [ 125.597863] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.598303] ? trace_hardirqs_on+0x26/0x120 [ 125.598752] do_group_exit+0xe0/0x2b0 [ 125.599121] __x64_sys_exit_group+0x47/0x50 [ 125.599532] do_syscall_64+0x3b/0x90 [ 125.599890] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.600384] RIP: 0033:0x7f4b87518a4d [ 125.600742] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.601319] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.602022] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.602722] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.603420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.604091] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.604754] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.605425] [ 125.605650] irq event stamp: 0 [ 125.605944] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.606560] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.607351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.608131] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.608722] ---[ end trace 0000000000000000 ]--- [ 125.609535] ------------[ cut here ]------------ [ 125.609986] WARNING: CPU: 0 PID: 1158 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.610984] Modules linked in: [ 125.611298] CPU: 0 PID: 1158 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.612113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.613176] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.613656] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.615393] RSP: 0018:ffff888015e67b78 EFLAGS: 00010246 [ 125.615898] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.616567] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 125.617240] RBP: ffff888015e67b98 R08: ffffed10025ba13e R09: ffffed10025ba13e [ 125.617907] R10: ffff888012dd09ef R11: ffffed10025ba13d R12: ffff888012dd0a90 [ 125.618590] R13: ffff888012dd08a8 R14: ffffffffffffffff R15: ffff888015e67c60 [ 125.619264] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.620017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.620566] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 125.621237] PKRU: 55555554 [ 125.621505] Call Trace: [ 125.621753] [ 125.621968] iommufd_ioas_destroy+0x53/0x70 [ 125.622380] iommufd_fops_release+0x1f7/0x370 [ 125.622823] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.623301] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.623762] ? write_comp_data+0x2f/0x90 [ 125.624152] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.624622] __fput+0x26d/0xa40 [ 125.624950] ____fput+0x1e/0x30 [ 125.625269] task_work_run+0x1a4/0x2d0 [ 125.625640] ? __pfx_task_work_run+0x10/0x10 [ 125.626053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.626527] ? switch_task_namespaces+0xa9/0xe0 [ 125.626978] do_exit+0xb17/0x2ef0 [ 125.627314] ? lock_acquire+0x427/0x4c0 [ 125.627699] ? __pfx_lock_release+0x10/0x10 [ 125.628115] ? __kasan_check_write+0x18/0x20 [ 125.628538] ? do_raw_spin_lock+0x132/0x2a0 [ 125.628952] ? __pfx_do_exit+0x10/0x10 [ 125.629322] ? debug_smp_processor_id+0x20/0x30 [ 125.629752] ? rcu_is_watching+0x19/0xb0 [ 125.630120] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.630558] ? trace_hardirqs_on+0x26/0x120 [ 125.630963] do_group_exit+0xe0/0x2b0 [ 125.631336] __x64_sys_exit_group+0x47/0x50 [ 125.631731] do_syscall_64+0x3b/0x90 [ 125.632077] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.632562] RIP: 0033:0x7f4b87518a4d [ 125.632900] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.633456] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.634141] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.634803] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.635460] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.636105] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.636747] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.637398] [ 125.637609] irq event stamp: 0 [ 125.637894] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.638468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.639261] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.640020] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.640555] ---[ end trace 0000000000000000 ]--- [ 125.645252] ------------[ cut here ]------------ [ 125.645712] WARNING: CPU: 0 PID: 1159 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.646620] Modules linked in: [ 125.646897] CPU: 0 PID: 1159 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.647662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.648623] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.649051] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.650630] RSP: 0018:ffff8880245b7bb8 EFLAGS: 00010246 [ 125.651092] RAX: 0000000000000000 RBX: ffff888015c488a8 RCX: 0000000000000000 [ 125.651713] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 125.652321] RBP: ffff8880245b7bd0 R08: ffffed1002b89133 R09: ffffed1002b89133 [ 125.652932] R10: ffff888015c48993 R11: ffffed1002b89132 R12: ffff888012e47c00 [ 125.653540] R13: ffff888015c489e8 R14: ffffffff8352e670 R15: ffff8880245b7e68 [ 125.654150] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.654861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.655376] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 125.655990] PKRU: 55555554 [ 125.656232] Call Trace: [ 125.656453] [ 125.656649] __iommufd_access_detach+0x1c2/0x2b0 [ 125.657072] iommufd_access_change_pt+0x149/0x270 [ 125.657497] iommufd_access_replace+0xb4/0x120 [ 125.657901] iommufd_test+0x3e5/0x37e0 [ 125.658239] ? lock_release+0x532/0x770 [ 125.658616] ? __might_fault+0x102/0x1b0 [ 125.658974] ? lock_acquire+0x427/0x4c0 [ 125.659339] ? __pfx_iommufd_test+0x10/0x10 [ 125.659710] ? __pfx_lock_release+0x10/0x10 [ 125.660091] ? __pfx_lock_acquire+0x10/0x10 [ 125.660474] ? write_comp_data+0x2f/0x90 [ 125.660834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.661259] ? write_comp_data+0x2f/0x90 [ 125.661618] iommufd_fops_ioctl+0x37d/0x510 [ 125.661994] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.662417] ? write_comp_data+0x2f/0x90 [ 125.662797] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.663228] __x64_sys_ioctl+0x1a3/0x230 [ 125.663598] do_syscall_64+0x3b/0x90 [ 125.663939] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.664398] RIP: 0033:0x7f4b8743ee5d [ 125.664722] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.666283] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.666969] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.667611] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.668222] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.668838] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.669448] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.670068] [ 125.670269] irq event stamp: 0 [ 125.670561] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.671119] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.671845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.672567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.673119] ---[ end trace 0000000000000000 ]--- [ 125.676071] ------------[ cut here ]------------ [ 125.676507] WARNING: CPU: 0 PID: 1159 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.677387] Modules linked in: [ 125.677669] CPU: 0 PID: 1159 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.678425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.679418] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.679851] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.681408] RSP: 0018:ffff8880245b7bd0 EFLAGS: 00010246 [ 125.681862] RAX: 0000000000000000 RBX: ffff888015c488a8 RCX: 0000000000000000 [ 125.682467] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 125.683090] RBP: ffff8880245b7be8 R08: ffffed1002b89133 R09: ffffed1002b89133 [ 125.683710] R10: ffff888015c48993 R11: ffffed1002b89132 R12: ffff888013a5b400 [ 125.684313] R13: ffff888015c489e8 R14: ffff88800b874a00 R15: 0000000000000000 [ 125.684912] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.685580] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.686048] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 125.686636] PKRU: 55555554 [ 125.686868] Call Trace: [ 125.687074] [ 125.687271] iommufd_access_destroy_object+0x65/0x170 [ 125.687692] iommufd_object_destroy_user+0x18e/0x220 [ 125.688109] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.688588] iommufd_access_destroy+0x43/0x70 [ 125.688966] iommufd_test_staccess_release+0x8d/0xd0 [ 125.689386] __fput+0x26d/0xa40 [ 125.689666] ____fput+0x1e/0x30 [ 125.689941] task_work_run+0x1a4/0x2d0 [ 125.690265] ? __pfx_task_work_run+0x10/0x10 [ 125.690643] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.691050] ? switch_task_namespaces+0xa9/0xe0 [ 125.691450] do_exit+0xb17/0x2ef0 [ 125.691732] ? lock_acquire+0x427/0x4c0 [ 125.692062] ? __pfx_lock_release+0x10/0x10 [ 125.692428] ? __kasan_check_write+0x18/0x20 [ 125.692795] ? do_raw_spin_lock+0x132/0x2a0 [ 125.693145] ? __pfx_do_exit+0x10/0x10 [ 125.693471] ? debug_smp_processor_id+0x20/0x30 [ 125.693853] ? rcu_is_watching+0x19/0xb0 [ 125.694187] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.694586] ? trace_hardirqs_on+0x26/0x120 [ 125.694942] do_group_exit+0xe0/0x2b0 [ 125.695265] __x64_sys_exit_group+0x47/0x50 [ 125.695615] do_syscall_64+0x3b/0x90 [ 125.695926] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.696354] RIP: 0033:0x7f4b87518a4d [ 125.696652] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.697145] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.697750] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.698323] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.698933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.699755] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.700580] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.701403] [ 125.701681] irq event stamp: 0 [ 125.702045] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.702830] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.703809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.704759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.705474] ---[ end trace 0000000000000000 ]--- [ 125.706706] ------------[ cut here ]------------ [ 125.707280] WARNING: CPU: 0 PID: 1159 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.708100] Modules linked in: [ 125.708351] CPU: 0 PID: 1159 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.709034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.709908] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.710309] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.711950] RSP: 0018:ffff8880245b7b78 EFLAGS: 00010246 [ 125.712377] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.712934] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 125.713489] RBP: ffff8880245b7b98 R08: ffffed1002b8913e R09: ffffed1002b8913e [ 125.714045] R10: ffff888015c489ef R11: ffffed1002b8913d R12: ffff888015c48a90 [ 125.714620] R13: ffff888015c488a8 R14: ffffffffffffffff R15: ffff8880245b7c60 [ 125.715188] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.715817] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.716271] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 125.716831] PKRU: 55555554 [ 125.717054] Call Trace: [ 125.717256] [ 125.717438] iommufd_ioas_destroy+0x53/0x70 [ 125.717783] iommufd_fops_release+0x1f7/0x370 [ 125.718143] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.718556] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.718951] ? write_comp_data+0x2f/0x90 [ 125.719293] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.719690] __fput+0x26d/0xa40 [ 125.719964] ____fput+0x1e/0x30 [ 125.720234] task_work_run+0x1a4/0x2d0 [ 125.720551] ? __pfx_task_work_run+0x10/0x10 [ 125.720904] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.721292] ? switch_task_namespaces+0xa9/0xe0 [ 125.721677] do_exit+0xb17/0x2ef0 [ 125.721951] ? lock_acquire+0x427/0x4c0 [ 125.722271] ? __pfx_lock_release+0x10/0x10 [ 125.722635] ? __kasan_check_write+0x18/0x20 [ 125.722987] ? do_raw_spin_lock+0x132/0x2a0 [ 125.723336] ? __pfx_do_exit+0x10/0x10 [ 125.723652] ? debug_smp_processor_id+0x20/0x30 [ 125.724017] ? rcu_is_watching+0x19/0xb0 [ 125.724338] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.724697] ? trace_hardirqs_on+0x26/0x120 [ 125.725043] do_group_exit+0xe0/0x2b0 [ 125.725343] __x64_sys_exit_group+0x47/0x50 [ 125.725687] do_syscall_64+0x3b/0x90 [ 125.725990] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.726403] RIP: 0033:0x7f4b87518a4d [ 125.726713] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.727201] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.727793] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.728345] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.728899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.729448] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.729997] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.730576] [ 125.730761] irq event stamp: 0 [ 125.731009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.731511] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.732164] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.732810] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.733302] ---[ end trace 0000000000000000 ]--- [ 125.737652] ------------[ cut here ]------------ [ 125.738045] WARNING: CPU: 0 PID: 1160 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.739031] Modules linked in: [ 125.739295] CPU: 0 PID: 1160 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.739970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.740838] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.741225] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.742647] RSP: 0018:ffff888017b3fbb8 EFLAGS: 00010246 [ 125.743060] RAX: 0000000000000000 RBX: ffff8880160758a8 RCX: 0000000000000000 [ 125.743625] RDX: 0000000000000000 RSI: ffff888014aeca00 RDI: 0000000000000002 [ 125.744177] RBP: ffff888017b3fbd0 R08: ffffed1002c0eb33 R09: ffffed1002c0eb33 [ 125.744726] R10: ffff888016075993 R11: ffffed1002c0eb32 R12: ffff8880138be000 [ 125.745283] R13: ffff8880160759e8 R14: ffffffff8352e670 R15: ffff888017b3fe68 [ 125.745835] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.746460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.746926] CR2: 0000000020000140 CR3: 0000000020fee000 CR4: 0000000000750ef0 [ 125.747493] PKRU: 55555554 [ 125.747716] Call Trace: [ 125.747916] [ 125.748093] __iommufd_access_detach+0x1c2/0x2b0 [ 125.748477] iommufd_access_change_pt+0x149/0x270 [ 125.748867] iommufd_access_replace+0xb4/0x120 [ 125.749235] iommufd_test+0x3e5/0x37e0 [ 125.749540] ? lock_release+0x532/0x770 [ 125.749864] ? __might_fault+0x102/0x1b0 [ 125.750187] ? lock_acquire+0x427/0x4c0 [ 125.750530] ? __pfx_iommufd_test+0x10/0x10 [ 125.750868] ? __pfx_lock_release+0x10/0x10 [ 125.751218] ? __pfx_lock_acquire+0x10/0x10 [ 125.751564] ? write_comp_data+0x2f/0x90 [ 125.751890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.752273] ? write_comp_data+0x2f/0x90 [ 125.752597] iommufd_fops_ioctl+0x37d/0x510 [ 125.752940] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.753328] ? write_comp_data+0x2f/0x90 [ 125.753654] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.754032] __x64_sys_ioctl+0x1a3/0x230 [ 125.754359] do_syscall_64+0x3b/0x90 [ 125.754682] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.755094] RIP: 0033:0x7f4b8743ee5d [ 125.755396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.756805] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.757396] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.757947] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.758501] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.759081] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.759638] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.760198] [ 125.760384] irq event stamp: 0 [ 125.760629] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.761119] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.761781] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.762424] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.762952] ---[ end trace 0000000000000000 ]--- [ 125.765698] ------------[ cut here ]------------ [ 125.766088] WARNING: CPU: 0 PID: 1160 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.766901] Modules linked in: [ 125.767164] CPU: 0 PID: 1160 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.767840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.768711] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.769103] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.770531] RSP: 0018:ffff888017b3fbd0 EFLAGS: 00010246 [ 125.770946] RAX: 0000000000000000 RBX: ffff8880160758a8 RCX: 0000000000000000 [ 125.771513] RDX: 0000000000000000 RSI: ffff888014aeca00 RDI: 0000000000000002 [ 125.772067] RBP: ffff888017b3fbe8 R08: ffffed1002c0eb33 R09: ffffed1002c0eb33 [ 125.772623] R10: ffff888016075993 R11: ffffed1002c0eb32 R12: ffff888012e45400 [ 125.773177] R13: ffff8880160759e8 R14: ffff888012090200 R15: 0000000000000000 [ 125.773727] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.774478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.774993] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 125.775572] PKRU: 55555554 [ 125.775793] Call Trace: [ 125.775992] [ 125.776170] iommufd_access_destroy_object+0x65/0x170 [ 125.776578] iommufd_object_destroy_user+0x18e/0x220 [ 125.776978] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.777436] iommufd_access_destroy+0x43/0x70 [ 125.777794] iommufd_test_staccess_release+0x8d/0xd0 [ 125.778198] __fput+0x26d/0xa40 [ 125.778472] ____fput+0x1e/0x30 [ 125.778752] task_work_run+0x1a4/0x2d0 [ 125.779068] ? __pfx_task_work_run+0x10/0x10 [ 125.779428] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.779812] ? switch_task_namespaces+0xa9/0xe0 [ 125.780185] do_exit+0xb17/0x2ef0 [ 125.780455] ? lock_acquire+0x427/0x4c0 [ 125.780775] ? __pfx_lock_release+0x10/0x10 [ 125.781114] ? __kasan_check_write+0x18/0x20 [ 125.781460] ? do_raw_spin_lock+0x132/0x2a0 [ 125.781797] ? __pfx_do_exit+0x10/0x10 [ 125.782110] ? debug_smp_processor_id+0x20/0x30 [ 125.782475] ? rcu_is_watching+0x19/0xb0 [ 125.782807] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.783178] ? trace_hardirqs_on+0x26/0x120 [ 125.783524] do_group_exit+0xe0/0x2b0 [ 125.783824] __x64_sys_exit_group+0x47/0x50 [ 125.784158] do_syscall_64+0x3b/0x90 [ 125.784459] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.784867] RIP: 0033:0x7f4b87518a4d [ 125.785157] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.785632] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.786214] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.786781] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.787341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.787886] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.788438] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.788986] [ 125.789167] irq event stamp: 0 [ 125.789412] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.789898] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.790564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.791217] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.791702] ---[ end trace 0000000000000000 ]--- [ 125.792391] ------------[ cut here ]------------ [ 125.792756] WARNING: CPU: 0 PID: 1160 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.793546] Modules linked in: [ 125.793798] CPU: 0 PID: 1160 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.794474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.795370] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.795776] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.797178] RSP: 0018:ffff888017b3fb78 EFLAGS: 00010246 [ 125.797599] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.798146] RDX: 0000000000000000 RSI: ffff888014aeca00 RDI: 0000000000000002 [ 125.798714] RBP: ffff888017b3fb98 R08: ffffed1002c0eb3e R09: ffffed1002c0eb3e [ 125.799281] R10: ffff8880160759ef R11: ffffed1002c0eb3d R12: ffff888016075a90 [ 125.799827] R13: ffff8880160758a8 R14: ffffffffffffffff R15: ffff888017b3fc60 [ 125.800364] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 125.800970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.801405] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 125.801942] PKRU: 55555554 [ 125.802156] Call Trace: [ 125.802351] [ 125.802550] iommufd_ioas_destroy+0x53/0x70 [ 125.802888] iommufd_fops_release+0x1f7/0x370 [ 125.803249] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.803634] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.804013] ? write_comp_data+0x2f/0x90 [ 125.804332] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.804712] __fput+0x26d/0xa40 [ 125.804976] ____fput+0x1e/0x30 [ 125.805235] task_work_run+0x1a4/0x2d0 [ 125.805539] ? __pfx_task_work_run+0x10/0x10 [ 125.805878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.806252] ? switch_task_namespaces+0xa9/0xe0 [ 125.806641] do_exit+0xb17/0x2ef0 [ 125.806910] ? lock_acquire+0x427/0x4c0 [ 125.807229] ? __pfx_lock_release+0x10/0x10 [ 125.807565] ? __kasan_check_write+0x18/0x20 [ 125.807904] ? do_raw_spin_lock+0x132/0x2a0 [ 125.808233] ? __pfx_do_exit+0x10/0x10 [ 125.808537] ? debug_smp_processor_id+0x20/0x30 [ 125.808893] ? rcu_is_watching+0x19/0xb0 [ 125.809201] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.809548] ? trace_hardirqs_on+0x26/0x120 [ 125.809888] do_group_exit+0xe0/0x2b0 [ 125.810184] __x64_sys_exit_group+0x47/0x50 [ 125.810528] do_syscall_64+0x3b/0x90 [ 125.810822] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.811231] RIP: 0033:0x7f4b87518a4d [ 125.811517] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.811985] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.812562] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.813099] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.813639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.814175] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.814728] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.815286] [ 125.815468] irq event stamp: 0 [ 125.815709] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.816184] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.816817] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.817447] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.817919] ---[ end trace 0000000000000000 ]--- [ 125.823350] ------------[ cut here ]------------ [ 125.823843] WARNING: CPU: 1 PID: 1161 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.824829] Modules linked in: [ 125.825151] CPU: 1 PID: 1161 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.825991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.827092] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.827601] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.829379] RSP: 0018:ffff8880136efbb8 EFLAGS: 00010246 [ 125.829923] RAX: 0000000000000000 RBX: ffff888023f0a0a8 RCX: 0000000000000000 [ 125.830642] RDX: 0000000000000000 RSI: ffff8880142d2500 RDI: 0000000000000002 [ 125.831347] RBP: ffff8880136efbd0 R08: ffffed10047e1433 R09: ffffed10047e1433 [ 125.832045] R10: ffff888023f0a193 R11: ffffed10047e1432 R12: ffff88800f4c2000 [ 125.832793] R13: ffff888023f0a1e8 R14: ffffffff8352e670 R15: ffff8880136efe68 [ 125.833484] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.834268] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.834881] CR2: 0000000020000140 CR3: 0000000020fee000 CR4: 0000000000750ee0 [ 125.835593] PKRU: 55555554 [ 125.835873] Call Trace: [ 125.836131] [ 125.836355] __iommufd_access_detach+0x1c2/0x2b0 [ 125.836831] iommufd_access_change_pt+0x149/0x270 [ 125.837333] iommufd_access_replace+0xb4/0x120 [ 125.837797] iommufd_test+0x3e5/0x37e0 [ 125.838173] ? lock_release+0x532/0x770 [ 125.838606] ? __might_fault+0x102/0x1b0 [ 125.839012] ? lock_acquire+0x427/0x4c0 [ 125.839449] ? __pfx_iommufd_test+0x10/0x10 [ 125.839870] ? __pfx_lock_release+0x10/0x10 [ 125.840304] ? __pfx_lock_acquire+0x10/0x10 [ 125.840728] ? write_comp_data+0x2f/0x90 [ 125.841133] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.841612] ? write_comp_data+0x2f/0x90 [ 125.842022] iommufd_fops_ioctl+0x37d/0x510 [ 125.842443] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.842969] ? write_comp_data+0x2f/0x90 [ 125.843404] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.843886] __x64_sys_ioctl+0x1a3/0x230 [ 125.844309] do_syscall_64+0x3b/0x90 [ 125.844677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.845178] RIP: 0033:0x7f4b8743ee5d [ 125.845536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.847435] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.848266] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.849035] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.849798] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.850566] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.851319] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.852081] [ 125.852340] irq event stamp: 0 [ 125.852688] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.853362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.854260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.855231] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.855911] ---[ end trace 0000000000000000 ]--- [ 125.860265] ------------[ cut here ]------------ [ 125.860793] WARNING: CPU: 1 PID: 1161 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.861877] Modules linked in: [ 125.862230] CPU: 1 PID: 1161 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.863214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.864416] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.864954] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.866918] RSP: 0018:ffff8880136efbd0 EFLAGS: 00010246 [ 125.867448] RAX: 0000000000000000 RBX: ffff888023f0a0a8 RCX: 0000000000000000 [ 125.867985] RDX: 0000000000000000 RSI: ffff8880142d2500 RDI: 0000000000000002 [ 125.868507] RBP: ffff8880136efbe8 R08: ffffed10047e1433 R09: ffffed10047e1433 [ 125.869023] R10: ffff888023f0a193 R11: ffffed10047e1432 R12: ffff88800f998800 [ 125.869540] R13: ffff888023f0a1e8 R14: ffff88800fa0bf00 R15: 0000000000000000 [ 125.870055] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.870664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.871086] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.871611] PKRU: 55555554 [ 125.871818] Call Trace: [ 125.872006] [ 125.872172] iommufd_access_destroy_object+0x65/0x170 [ 125.872557] iommufd_object_destroy_user+0x18e/0x220 [ 125.872934] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.873365] iommufd_access_destroy+0x43/0x70 [ 125.873704] iommufd_test_staccess_release+0x8d/0xd0 [ 125.874083] __fput+0x26d/0xa40 [ 125.874339] ____fput+0x1e/0x30 [ 125.874613] task_work_run+0x1a4/0x2d0 [ 125.874909] ? __pfx_task_work_run+0x10/0x10 [ 125.875242] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.875608] ? switch_task_namespaces+0xa9/0xe0 [ 125.875959] do_exit+0xb17/0x2ef0 [ 125.876216] ? lock_acquire+0x427/0x4c0 [ 125.876519] ? __pfx_lock_release+0x10/0x10 [ 125.876844] ? __kasan_check_write+0x18/0x20 [ 125.877172] ? do_raw_spin_lock+0x132/0x2a0 [ 125.877493] ? __pfx_do_exit+0x10/0x10 [ 125.877788] ? debug_smp_processor_id+0x20/0x30 [ 125.878134] ? rcu_is_watching+0x19/0xb0 [ 125.878436] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.878788] ? trace_hardirqs_on+0x26/0x120 [ 125.879122] do_group_exit+0xe0/0x2b0 [ 125.879407] __x64_sys_exit_group+0x47/0x50 [ 125.879725] do_syscall_64+0x3b/0x90 [ 125.880010] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.880397] RIP: 0033:0x7f4b87518a4d [ 125.880675] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.881125] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.881681] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.882210] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.882756] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.883283] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.883803] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.884332] [ 125.884503] irq event stamp: 0 [ 125.884734] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.885196] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.885828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.886441] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.886920] ---[ end trace 0000000000000000 ]--- [ 125.887598] ------------[ cut here ]------------ [ 125.887943] WARNING: CPU: 1 PID: 1161 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.888685] Modules linked in: [ 125.888923] CPU: 1 PID: 1161 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.889573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.890400] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.890799] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.892129] RSP: 0018:ffff8880136efb78 EFLAGS: 00010246 [ 125.892517] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.893036] RDX: 0000000000000000 RSI: ffff8880142d2500 RDI: 0000000000000002 [ 125.893554] RBP: ffff8880136efb98 R08: ffffed10047e143e R09: ffffed10047e143e [ 125.894080] R10: ffff888023f0a1ef R11: ffffed10047e143d R12: ffff888023f0a290 [ 125.894629] R13: ffff888023f0a0a8 R14: ffffffffffffffff R15: ffff8880136efc60 [ 125.895154] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.895742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.896167] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.896686] PKRU: 55555554 [ 125.896895] Call Trace: [ 125.897083] [ 125.897252] iommufd_ioas_destroy+0x53/0x70 [ 125.897578] iommufd_fops_release+0x1f7/0x370 [ 125.897918] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.898289] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.898677] ? write_comp_data+0x2f/0x90 [ 125.898988] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.899368] __fput+0x26d/0xa40 [ 125.899629] ____fput+0x1e/0x30 [ 125.899881] task_work_run+0x1a4/0x2d0 [ 125.900174] ? __pfx_task_work_run+0x10/0x10 [ 125.900502] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.900864] ? switch_task_namespaces+0xa9/0xe0 [ 125.901218] do_exit+0xb17/0x2ef0 [ 125.901477] ? lock_acquire+0x427/0x4c0 [ 125.901779] ? __pfx_lock_release+0x10/0x10 [ 125.902103] ? __kasan_check_write+0x18/0x20 [ 125.902431] ? do_raw_spin_lock+0x132/0x2a0 [ 125.902776] ? __pfx_do_exit+0x10/0x10 [ 125.903072] ? debug_smp_processor_id+0x20/0x30 [ 125.903427] ? rcu_is_watching+0x19/0xb0 [ 125.903730] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.904069] ? trace_hardirqs_on+0x26/0x120 [ 125.904397] do_group_exit+0xe0/0x2b0 [ 125.904679] __x64_sys_exit_group+0x47/0x50 [ 125.904995] do_syscall_64+0x3b/0x90 [ 125.905277] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.905666] RIP: 0033:0x7f4b87518a4d [ 125.905942] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.906394] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.906973] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.907503] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.908026] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.908544] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.909065] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.909591] [ 125.909765] irq event stamp: 0 [ 125.909996] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.910455] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.911083] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.911701] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.912159] ---[ end trace 0000000000000000 ]--- [ 125.916364] ------------[ cut here ]------------ [ 125.916744] WARNING: CPU: 1 PID: 1162 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.917481] Modules linked in: [ 125.917716] CPU: 1 PID: 1162 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.918351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.919200] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.919565] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.920884] RSP: 0018:ffff8880173afbb8 EFLAGS: 00010246 [ 125.921268] RAX: 0000000000000000 RBX: ffff88801496d0a8 RCX: 0000000000000000 [ 125.921786] RDX: 0000000000000000 RSI: ffff8880142d4a00 RDI: 0000000000000002 [ 125.922302] RBP: ffff8880173afbd0 R08: ffffed100292da33 R09: ffffed100292da33 [ 125.922833] R10: ffff88801496d193 R11: ffffed100292da32 R12: ffff88800f180800 [ 125.923351] R13: ffff88801496d1e8 R14: ffffffff8352e670 R15: ffff8880173afe68 [ 125.923860] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.924435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.924850] CR2: 0000000020000140 CR3: 0000000020fcc000 CR4: 0000000000750ee0 [ 125.925363] PKRU: 55555554 [ 125.925568] Call Trace: [ 125.925752] [ 125.925916] __iommufd_access_detach+0x1c2/0x2b0 [ 125.926270] iommufd_access_change_pt+0x149/0x270 [ 125.926645] iommufd_access_replace+0xb4/0x120 [ 125.926987] iommufd_test+0x3e5/0x37e0 [ 125.927276] ? lock_release+0x532/0x770 [ 125.927576] ? __might_fault+0x102/0x1b0 [ 125.927877] ? lock_acquire+0x427/0x4c0 [ 125.928175] ? __pfx_iommufd_test+0x10/0x10 [ 125.928487] ? __pfx_lock_release+0x10/0x10 [ 125.928807] ? __pfx_lock_acquire+0x10/0x10 [ 125.929128] ? write_comp_data+0x2f/0x90 [ 125.929435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.929791] ? write_comp_data+0x2f/0x90 [ 125.930097] iommufd_fops_ioctl+0x37d/0x510 [ 125.930413] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.930786] ? write_comp_data+0x2f/0x90 [ 125.931092] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 125.931452] __x64_sys_ioctl+0x1a3/0x230 [ 125.931757] do_syscall_64+0x3b/0x90 [ 125.932037] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.932420] RIP: 0033:0x7f4b8743ee5d [ 125.932693] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 125.934001] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 125.934570] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 125.935083] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 125.935605] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 125.936119] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 125.936631] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 125.937161] [ 125.937331] irq event stamp: 0 [ 125.937559] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.938014] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.938635] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.939242] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.939699] ---[ end trace 0000000000000000 ]--- [ 125.942326] ------------[ cut here ]------------ [ 125.942708] WARNING: CPU: 1 PID: 1162 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.943447] Modules linked in: [ 125.943682] CPU: 1 PID: 1162 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.944310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.945119] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.945479] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.946803] RSP: 0018:ffff8880173afbd0 EFLAGS: 00010246 [ 125.947193] RAX: 0000000000000000 RBX: ffff88801496d0a8 RCX: 0000000000000000 [ 125.947705] RDX: 0000000000000000 RSI: ffff8880142d4a00 RDI: 0000000000000002 [ 125.948215] RBP: ffff8880173afbe8 R08: ffffed100292da33 R09: ffffed100292da33 [ 125.948727] R10: ffff88801496d193 R11: ffffed100292da32 R12: ffff88800f4c3800 [ 125.949237] R13: ffff88801496d1e8 R14: ffff88800f953300 R15: 0000000000000000 [ 125.949751] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.950329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.950763] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.951283] PKRU: 55555554 [ 125.951491] Call Trace: [ 125.951677] [ 125.951842] iommufd_access_destroy_object+0x65/0x170 [ 125.952219] iommufd_object_destroy_user+0x18e/0x220 [ 125.952595] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 125.953020] iommufd_access_destroy+0x43/0x70 [ 125.953357] iommufd_test_staccess_release+0x8d/0xd0 [ 125.953733] __fput+0x26d/0xa40 [ 125.953987] ____fput+0x1e/0x30 [ 125.954235] task_work_run+0x1a4/0x2d0 [ 125.954549] ? __pfx_task_work_run+0x10/0x10 [ 125.954877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.955245] ? switch_task_namespaces+0xa9/0xe0 [ 125.955597] do_exit+0xb17/0x2ef0 [ 125.955851] ? lock_acquire+0x427/0x4c0 [ 125.956150] ? __pfx_lock_release+0x10/0x10 [ 125.956475] ? __kasan_check_write+0x18/0x20 [ 125.956798] ? do_raw_spin_lock+0x132/0x2a0 [ 125.957111] ? __pfx_do_exit+0x10/0x10 [ 125.957402] ? debug_smp_processor_id+0x20/0x30 [ 125.957744] ? rcu_is_watching+0x19/0xb0 [ 125.958041] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.958375] ? trace_hardirqs_on+0x26/0x120 [ 125.958716] do_group_exit+0xe0/0x2b0 [ 125.958998] __x64_sys_exit_group+0x47/0x50 [ 125.959314] do_syscall_64+0x3b/0x90 [ 125.959589] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.959973] RIP: 0033:0x7f4b87518a4d [ 125.960245] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.960688] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.961236] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.961752] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.962265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.962794] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.963334] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.963857] [ 125.964029] irq event stamp: 0 [ 125.964258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.964718] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.965325] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.965928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.966384] ---[ end trace 0000000000000000 ]--- [ 125.967051] ------------[ cut here ]------------ [ 125.967402] WARNING: CPU: 1 PID: 1162 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 125.968141] Modules linked in: [ 125.968376] CPU: 1 PID: 1162 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.969012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.969826] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 125.970197] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 125.971544] RSP: 0018:ffff8880173afb78 EFLAGS: 00010246 [ 125.971944] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.972464] RDX: 0000000000000000 RSI: ffff8880142d4a00 RDI: 0000000000000002 [ 125.972979] RBP: ffff8880173afb98 R08: ffffed100292da3e R09: ffffed100292da3e [ 125.973500] R10: ffff88801496d1ef R11: ffffed100292da3d R12: ffff88801496d290 [ 125.974018] R13: ffff88801496d0a8 R14: ffffffffffffffff R15: ffff8880173afc60 [ 125.974551] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 125.975140] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.975565] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 125.976084] PKRU: 55555554 [ 125.976292] Call Trace: [ 125.976482] [ 125.976648] iommufd_ioas_destroy+0x53/0x70 [ 125.976968] iommufd_fops_release+0x1f7/0x370 [ 125.977303] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.977669] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.978029] ? write_comp_data+0x2f/0x90 [ 125.978337] ? __pfx_iommufd_fops_release+0x10/0x10 [ 125.978722] __fput+0x26d/0xa40 [ 125.978979] ____fput+0x1e/0x30 [ 125.979235] task_work_run+0x1a4/0x2d0 [ 125.979529] ? __pfx_task_work_run+0x10/0x10 [ 125.979859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 125.980218] ? switch_task_namespaces+0xa9/0xe0 [ 125.980566] do_exit+0xb17/0x2ef0 [ 125.980822] ? lock_acquire+0x427/0x4c0 [ 125.981125] ? __pfx_lock_release+0x10/0x10 [ 125.981447] ? __kasan_check_write+0x18/0x20 [ 125.981772] ? do_raw_spin_lock+0x132/0x2a0 [ 125.982087] ? __pfx_do_exit+0x10/0x10 [ 125.982378] ? debug_smp_processor_id+0x20/0x30 [ 125.982737] ? rcu_is_watching+0x19/0xb0 [ 125.983040] ? _raw_spin_unlock_irq+0x2b/0x60 [ 125.983389] ? trace_hardirqs_on+0x26/0x120 [ 125.983714] do_group_exit+0xe0/0x2b0 [ 125.983994] __x64_sys_exit_group+0x47/0x50 [ 125.984308] do_syscall_64+0x3b/0x90 [ 125.984589] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 125.984974] RIP: 0033:0x7f4b87518a4d [ 125.985246] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 125.985690] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 125.986241] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 125.986783] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 125.987311] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 125.987832] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 125.988349] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 125.988875] [ 125.989047] irq event stamp: 0 [ 125.989277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 125.989733] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 125.990340] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 125.990967] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 125.991438] ---[ end trace 0000000000000000 ]--- [ 125.995031] ------------[ cut here ]------------ [ 125.995427] WARNING: CPU: 1 PID: 1163 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 125.996169] Modules linked in: [ 125.996405] CPU: 1 PID: 1163 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 125.997043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 125.997859] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 125.998223] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 125.999794] RSP: 0018:ffff88801828fbb8 EFLAGS: 00010246 [ 126.000186] RAX: 0000000000000000 RBX: ffff8880173060a8 RCX: 0000000000000000 [ 126.000707] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 126.001225] RBP: ffff88801828fbd0 R08: ffffed1002e60c33 R09: ffffed1002e60c33 [ 126.001744] R10: ffff888017306193 R11: ffffed1002e60c32 R12: ffff888014390400 [ 126.002263] R13: ffff8880173061e8 R14: ffffffff8352e670 R15: ffff88801828fe68 [ 126.002797] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.003394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.003828] CR2: 0000000020000140 CR3: 000000000f516000 CR4: 0000000000750ee0 [ 126.004355] PKRU: 55555554 [ 126.004568] Call Trace: [ 126.004758] [ 126.004928] __iommufd_access_detach+0x1c2/0x2b0 [ 126.005292] iommufd_access_change_pt+0x149/0x270 [ 126.005661] iommufd_access_replace+0xb4/0x120 [ 126.006012] iommufd_test+0x3e5/0x37e0 [ 126.006302] ? lock_release+0x532/0x770 [ 126.006631] ? __might_fault+0x102/0x1b0 [ 126.006943] ? lock_acquire+0x427/0x4c0 [ 126.007259] ? __pfx_iommufd_test+0x10/0x10 [ 126.007579] ? __pfx_lock_release+0x10/0x10 [ 126.007904] ? __pfx_lock_acquire+0x10/0x10 [ 126.008232] ? write_comp_data+0x2f/0x90 [ 126.008545] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.008911] ? write_comp_data+0x2f/0x90 [ 126.009222] iommufd_fops_ioctl+0x37d/0x510 [ 126.009544] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.009911] ? write_comp_data+0x2f/0x90 [ 126.010225] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.010599] __x64_sys_ioctl+0x1a3/0x230 [ 126.010915] do_syscall_64+0x3b/0x90 [ 126.011215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.011605] RIP: 0033:0x7f4b8743ee5d [ 126.011883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.013222] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.013781] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.014302] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.014848] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.015384] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.015911] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.016444] [ 126.016619] irq event stamp: 0 [ 126.016855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.017317] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.017934] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.018572] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.019040] ---[ end trace 0000000000000000 ]--- [ 126.021933] ------------[ cut here ]------------ [ 126.022317] WARNING: CPU: 0 PID: 1163 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.023131] Modules linked in: [ 126.023370] CPU: 0 PID: 1163 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.024009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.024828] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.025194] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.026542] RSP: 0018:ffff88801828fbd0 EFLAGS: 00010246 [ 126.026931] RAX: 0000000000000000 RBX: ffff8880173060a8 RCX: 0000000000000000 [ 126.027470] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 126.027991] RBP: ffff88801828fbe8 R08: ffffed1002e60c33 R09: ffffed1002e60c33 [ 126.028510] R10: ffff888017306193 R11: ffffed1002e60c32 R12: ffff88800f182c00 [ 126.029029] R13: ffff8880173061e8 R14: ffff88802087f900 R15: 0000000000000000 [ 126.029546] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.030124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.030564] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 126.031088] PKRU: 55555554 [ 126.031302] Call Trace: [ 126.031491] [ 126.031655] iommufd_access_destroy_object+0x65/0x170 [ 126.032031] iommufd_object_destroy_user+0x18e/0x220 [ 126.032404] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.032832] iommufd_access_destroy+0x43/0x70 [ 126.033166] iommufd_test_staccess_release+0x8d/0xd0 [ 126.033540] __fput+0x26d/0xa40 [ 126.033794] ____fput+0x1e/0x30 [ 126.034041] task_work_run+0x1a4/0x2d0 [ 126.034340] ? __pfx_task_work_run+0x10/0x10 [ 126.034683] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.035050] ? switch_task_namespaces+0xa9/0xe0 [ 126.035414] do_exit+0xb17/0x2ef0 [ 126.035671] ? lock_acquire+0x427/0x4c0 [ 126.035969] ? __pfx_lock_release+0x10/0x10 [ 126.036287] ? __kasan_check_write+0x18/0x20 [ 126.036611] ? do_raw_spin_lock+0x132/0x2a0 [ 126.036925] ? __pfx_do_exit+0x10/0x10 [ 126.037216] ? debug_smp_processor_id+0x20/0x30 [ 126.037561] ? rcu_is_watching+0x19/0xb0 [ 126.037857] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.038189] ? trace_hardirqs_on+0x26/0x120 [ 126.038525] do_group_exit+0xe0/0x2b0 [ 126.038802] __x64_sys_exit_group+0x47/0x50 [ 126.039122] do_syscall_64+0x3b/0x90 [ 126.039404] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.039787] RIP: 0033:0x7f4b87518a4d [ 126.040059] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.040504] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.041049] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.041561] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.042071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.042597] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.043117] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.043639] [ 126.043809] irq event stamp: 0 [ 126.044037] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.044574] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.045190] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.045793] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.046244] ---[ end trace 0000000000000000 ]--- [ 126.047272] ------------[ cut here ]------------ [ 126.047620] WARNING: CPU: 0 PID: 1163 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.048350] Modules linked in: [ 126.048584] CPU: 0 PID: 1163 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.049211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.050022] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.050394] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.051734] RSP: 0018:ffff88801828fb78 EFLAGS: 00010246 [ 126.052122] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.052632] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 126.053143] RBP: ffff88801828fb98 R08: ffffed1002e60c3e R09: ffffed1002e60c3e [ 126.053653] R10: ffff8880173061ef R11: ffffed1002e60c3d R12: ffff888017306290 [ 126.054163] R13: ffff8880173060a8 R14: ffffffffffffffff R15: ffff88801828fc60 [ 126.054689] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.055283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.055705] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 126.056210] PKRU: 55555554 [ 126.056415] Call Trace: [ 126.056601] [ 126.056764] iommufd_ioas_destroy+0x53/0x70 [ 126.057077] iommufd_fops_release+0x1f7/0x370 [ 126.057403] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.057761] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.058115] ? write_comp_data+0x2f/0x90 [ 126.058414] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.058786] __fput+0x26d/0xa40 [ 126.059037] ____fput+0x1e/0x30 [ 126.059284] task_work_run+0x1a4/0x2d0 [ 126.059563] ? __pfx_task_work_run+0x10/0x10 [ 126.059877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.060223] ? switch_task_namespaces+0xa9/0xe0 [ 126.060565] do_exit+0xb17/0x2ef0 [ 126.060813] ? lock_acquire+0x427/0x4c0 [ 126.061106] ? __pfx_lock_release+0x10/0x10 [ 126.061419] ? __kasan_check_write+0x18/0x20 [ 126.061737] ? do_raw_spin_lock+0x132/0x2a0 [ 126.062050] ? __pfx_do_exit+0x10/0x10 [ 126.062333] ? debug_smp_processor_id+0x20/0x30 [ 126.062678] ? rcu_is_watching+0x19/0xb0 [ 126.062973] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.063319] ? trace_hardirqs_on+0x26/0x120 [ 126.063629] do_group_exit+0xe0/0x2b0 [ 126.063901] __x64_sys_exit_group+0x47/0x50 [ 126.064204] do_syscall_64+0x3b/0x90 [ 126.064476] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.064854] RIP: 0033:0x7f4b87518a4d [ 126.065121] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.065558] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.066097] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.066618] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.067127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.067625] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.068130] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.068642] [ 126.068809] irq event stamp: 0 [ 126.069036] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.069484] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.070077] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.070677] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.071132] ---[ end trace 0000000000000000 ]--- [ 126.074653] ------------[ cut here ]------------ [ 126.075003] WARNING: CPU: 0 PID: 1164 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.075730] Modules linked in: [ 126.075959] CPU: 0 PID: 1164 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.076577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.077419] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.077772] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.079086] RSP: 0018:ffff8880173afbb8 EFLAGS: 00010246 [ 126.079470] RAX: 0000000000000000 RBX: ffff888015c368a8 RCX: 0000000000000000 [ 126.079972] RDX: 0000000000000000 RSI: ffff888014ae8000 RDI: 0000000000000002 [ 126.080473] RBP: ffff8880173afbd0 R08: ffffed1002b86d33 R09: ffffed1002b86d33 [ 126.080975] R10: ffff888015c36993 R11: ffffed1002b86d32 R12: ffff888012e97c00 [ 126.081477] R13: ffff888015c369e8 R14: ffffffff8352e670 R15: ffff8880173afe68 [ 126.081981] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.082564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.082976] CR2: 0000000020000140 CR3: 0000000020fcc000 CR4: 0000000000750ef0 [ 126.083490] PKRU: 55555554 [ 126.083691] Call Trace: [ 126.083872] [ 126.084036] __iommufd_access_detach+0x1c2/0x2b0 [ 126.084387] iommufd_access_change_pt+0x149/0x270 [ 126.084743] iommufd_access_replace+0xb4/0x120 [ 126.085083] iommufd_test+0x3e5/0x37e0 [ 126.085367] ? lock_release+0x532/0x770 [ 126.085662] ? __might_fault+0x102/0x1b0 [ 126.085961] ? lock_acquire+0x427/0x4c0 [ 126.086254] ? __pfx_iommufd_test+0x10/0x10 [ 126.086577] ? __pfx_lock_release+0x10/0x10 [ 126.086895] ? __pfx_lock_acquire+0x10/0x10 [ 126.087218] ? write_comp_data+0x2f/0x90 [ 126.087519] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.087872] ? write_comp_data+0x2f/0x90 [ 126.088171] iommufd_fops_ioctl+0x37d/0x510 [ 126.088486] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.088839] ? write_comp_data+0x2f/0x90 [ 126.089139] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.089486] __x64_sys_ioctl+0x1a3/0x230 [ 126.089788] do_syscall_64+0x3b/0x90 [ 126.090066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.090443] RIP: 0033:0x7f4b8743ee5d [ 126.090726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.092036] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.092578] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.093082] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.093587] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.094091] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.094610] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.095139] [ 126.095308] irq event stamp: 0 [ 126.095536] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.095986] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.096581] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.097169] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.097615] ---[ end trace 0000000000000000 ]--- [ 126.100222] ------------[ cut here ]------------ [ 126.100583] WARNING: CPU: 0 PID: 1164 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.101301] Modules linked in: [ 126.101530] CPU: 0 PID: 1164 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.102149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.102998] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.103365] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.104658] RSP: 0018:ffff8880173afbd0 EFLAGS: 00010246 [ 126.105039] RAX: 0000000000000000 RBX: ffff888015c368a8 RCX: 0000000000000000 [ 126.105541] RDX: 0000000000000000 RSI: ffff888014ae8000 RDI: 0000000000000002 [ 126.106042] RBP: ffff8880173afbe8 R08: ffffed1002b86d33 R09: ffffed1002b86d33 [ 126.106574] R10: ffff888015c36993 R11: ffffed1002b86d32 R12: ffff8880138bf800 [ 126.107082] R13: ffff888015c369e8 R14: ffff888016e16800 R15: 0000000000000000 [ 126.107593] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.108162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.108579] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 126.109140] PKRU: 55555554 [ 126.109342] Call Trace: [ 126.109525] [ 126.109687] iommufd_access_destroy_object+0x65/0x170 [ 126.110064] iommufd_object_destroy_user+0x18e/0x220 [ 126.110435] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.110870] iommufd_access_destroy+0x43/0x70 [ 126.111211] iommufd_test_staccess_release+0x8d/0xd0 [ 126.111582] __fput+0x26d/0xa40 [ 126.111831] ____fput+0x1e/0x30 [ 126.112075] task_work_run+0x1a4/0x2d0 [ 126.112362] ? __pfx_task_work_run+0x10/0x10 [ 126.112679] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.113034] ? switch_task_namespaces+0xa9/0xe0 [ 126.113375] do_exit+0xb17/0x2ef0 [ 126.113625] ? lock_acquire+0x427/0x4c0 [ 126.113918] ? __pfx_lock_release+0x10/0x10 [ 126.114233] ? __kasan_check_write+0x18/0x20 [ 126.114578] ? do_raw_spin_lock+0x132/0x2a0 [ 126.114892] ? __pfx_do_exit+0x10/0x10 [ 126.115186] ? debug_smp_processor_id+0x20/0x30 [ 126.115523] ? rcu_is_watching+0x19/0xb0 [ 126.115818] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.116147] ? trace_hardirqs_on+0x26/0x120 [ 126.116461] do_group_exit+0xe0/0x2b0 [ 126.116736] __x64_sys_exit_group+0x47/0x50 [ 126.117049] do_syscall_64+0x3b/0x90 [ 126.117327] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.117713] RIP: 0033:0x7f4b87518a4d [ 126.117987] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.118430] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.118990] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.119511] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.120029] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.120539] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.121049] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.121571] [ 126.121741] irq event stamp: 0 [ 126.121969] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.122429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.123048] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.123660] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.124118] ---[ end trace 0000000000000000 ]--- [ 126.124771] ------------[ cut here ]------------ [ 126.125114] WARNING: CPU: 0 PID: 1164 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.125859] Modules linked in: [ 126.126096] CPU: 0 PID: 1164 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.126757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.127595] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.127971] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.129284] RSP: 0018:ffff8880173afb78 EFLAGS: 00010246 [ 126.129674] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.130185] RDX: 0000000000000000 RSI: ffff888014ae8000 RDI: 0000000000000002 [ 126.130719] RBP: ffff8880173afb98 R08: ffffed1002b86d3e R09: ffffed1002b86d3e [ 126.131240] R10: ffff888015c369ef R11: ffffed1002b86d3d R12: ffff888015c36a90 [ 126.131754] R13: ffff888015c368a8 R14: ffffffffffffffff R15: ffff8880173afc60 [ 126.132266] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.132848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.133270] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 126.133783] PKRU: 55555554 [ 126.133991] Call Trace: [ 126.134177] [ 126.134342] iommufd_ioas_destroy+0x53/0x70 [ 126.134675] iommufd_fops_release+0x1f7/0x370 [ 126.135014] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.135386] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.135747] ? write_comp_data+0x2f/0x90 [ 126.136048] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.136420] __fput+0x26d/0xa40 [ 126.136672] ____fput+0x1e/0x30 [ 126.136919] task_work_run+0x1a4/0x2d0 [ 126.137208] ? __pfx_task_work_run+0x10/0x10 [ 126.137533] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.137892] ? switch_task_namespaces+0xa9/0xe0 [ 126.138240] do_exit+0xb17/0x2ef0 [ 126.138495] ? lock_acquire+0x427/0x4c0 [ 126.138808] ? __pfx_lock_release+0x10/0x10 [ 126.139133] ? __kasan_check_write+0x18/0x20 [ 126.139460] ? do_raw_spin_lock+0x132/0x2a0 [ 126.139776] ? __pfx_do_exit+0x10/0x10 [ 126.140069] ? debug_smp_processor_id+0x20/0x30 [ 126.140410] ? rcu_is_watching+0x19/0xb0 [ 126.140709] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.141099] ? trace_hardirqs_on+0x26/0x120 [ 126.141421] do_group_exit+0xe0/0x2b0 [ 126.141699] __x64_sys_exit_group+0x47/0x50 [ 126.142010] do_syscall_64+0x3b/0x90 [ 126.142290] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.142698] RIP: 0033:0x7f4b87518a4d [ 126.142976] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.143429] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.143978] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.144494] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.145007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.145520] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.146033] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.146571] [ 126.146743] irq event stamp: 0 [ 126.146977] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.147443] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.148049] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.148652] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.149107] ---[ end trace 0000000000000000 ]--- [ 126.153073] ------------[ cut here ]------------ [ 126.153451] WARNING: CPU: 1 PID: 1165 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.154179] Modules linked in: [ 126.154411] CPU: 1 PID: 1165 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.155173] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.155987] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.156348] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.157661] RSP: 0018:ffff88801353fbb8 EFLAGS: 00010246 [ 126.158044] RAX: 0000000000000000 RBX: ffff8880136ec8a8 RCX: 0000000000000000 [ 126.158587] RDX: 0000000000000000 RSI: ffff888014aea500 RDI: 0000000000000002 [ 126.159101] RBP: ffff88801353fbd0 R08: ffffed10026dd933 R09: ffffed10026dd933 [ 126.159626] R10: ffff8880136ec993 R11: ffffed10026dd932 R12: ffff88800f221800 [ 126.160138] R13: ffff8880136ec9e8 R14: ffffffff8352e670 R15: ffff88801353fe68 [ 126.160651] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.161231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.161651] CR2: 0000000020000140 CR3: 0000000020fce000 CR4: 0000000000750ee0 [ 126.162170] PKRU: 55555554 [ 126.162377] Call Trace: [ 126.162603] [ 126.162774] __iommufd_access_detach+0x1c2/0x2b0 [ 126.163144] iommufd_access_change_pt+0x149/0x270 [ 126.163506] iommufd_access_replace+0xb4/0x120 [ 126.163850] iommufd_test+0x3e5/0x37e0 [ 126.164134] ? lock_release+0x532/0x770 [ 126.164439] ? __might_fault+0x102/0x1b0 [ 126.164748] ? lock_acquire+0x427/0x4c0 [ 126.165050] ? __pfx_iommufd_test+0x10/0x10 [ 126.165367] ? __pfx_lock_release+0x10/0x10 [ 126.165690] ? __pfx_lock_acquire+0x10/0x10 [ 126.166018] ? write_comp_data+0x2f/0x90 [ 126.166325] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.166705] ? write_comp_data+0x2f/0x90 [ 126.167018] iommufd_fops_ioctl+0x37d/0x510 [ 126.167352] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.167718] ? write_comp_data+0x2f/0x90 [ 126.168029] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.168396] __x64_sys_ioctl+0x1a3/0x230 [ 126.168712] do_syscall_64+0x3b/0x90 [ 126.169001] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.169399] RIP: 0033:0x7f4b8743ee5d [ 126.169674] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.171024] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.171594] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.172120] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.172643] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.173166] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.173701] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.174233] [ 126.174408] irq event stamp: 0 [ 126.174661] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.175145] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.175764] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.176378] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.176842] ---[ end trace 0000000000000000 ]--- [ 126.179617] ------------[ cut here ]------------ [ 126.179988] WARNING: CPU: 1 PID: 1165 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.180730] Modules linked in: [ 126.180967] CPU: 1 PID: 1165 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.181610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.182434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.182819] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.184166] RSP: 0018:ffff88801353fbd0 EFLAGS: 00010246 [ 126.184557] RAX: 0000000000000000 RBX: ffff8880136ec8a8 RCX: 0000000000000000 [ 126.185079] RDX: 0000000000000000 RSI: ffff888014aea500 RDI: 0000000000000002 [ 126.185602] RBP: ffff88801353fbe8 R08: ffffed10026dd933 R09: ffffed10026dd933 [ 126.186123] R10: ffff8880136ec993 R11: ffffed10026dd932 R12: ffff888014391000 [ 126.186661] R13: ffff8880136ec9e8 R14: ffff888014aa0500 R15: 0000000000000000 [ 126.187193] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.187783] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.188211] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.188734] PKRU: 55555554 [ 126.188942] Call Trace: [ 126.189131] [ 126.189303] iommufd_access_destroy_object+0x65/0x170 [ 126.189687] iommufd_object_destroy_user+0x18e/0x220 [ 126.190067] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.190522] iommufd_access_destroy+0x43/0x70 [ 126.190868] iommufd_test_staccess_release+0x8d/0xd0 [ 126.191264] __fput+0x26d/0xa40 [ 126.191528] ____fput+0x1e/0x30 [ 126.191781] task_work_run+0x1a4/0x2d0 [ 126.192078] ? __pfx_task_work_run+0x10/0x10 [ 126.192413] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.192784] ? switch_task_namespaces+0xa9/0xe0 [ 126.193139] do_exit+0xb17/0x2ef0 [ 126.193400] ? lock_acquire+0x427/0x4c0 [ 126.193704] ? __pfx_lock_release+0x10/0x10 [ 126.194033] ? __kasan_check_write+0x18/0x20 [ 126.194362] ? do_raw_spin_lock+0x132/0x2a0 [ 126.194705] ? __pfx_do_exit+0x10/0x10 [ 126.195007] ? debug_smp_processor_id+0x20/0x30 [ 126.195364] ? rcu_is_watching+0x19/0xb0 [ 126.195667] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.196007] ? trace_hardirqs_on+0x26/0x120 [ 126.196331] do_group_exit+0xe0/0x2b0 [ 126.196613] __x64_sys_exit_group+0x47/0x50 [ 126.196932] do_syscall_64+0x3b/0x90 [ 126.197218] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.197609] RIP: 0033:0x7f4b87518a4d [ 126.197885] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.198338] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.198915] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.199451] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.199979] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.200502] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.201028] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.201558] [ 126.201730] irq event stamp: 0 [ 126.201964] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.202432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.203077] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.203710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.204172] ---[ end trace 0000000000000000 ]--- [ 126.204832] ------------[ cut here ]------------ [ 126.205181] WARNING: CPU: 1 PID: 1165 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.205930] Modules linked in: [ 126.206169] CPU: 1 PID: 1165 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.206830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.207664] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.208042] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.209387] RSP: 0018:ffff88801353fb78 EFLAGS: 00010246 [ 126.209779] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.210305] RDX: 0000000000000000 RSI: ffff888014aea500 RDI: 0000000000000002 [ 126.210847] RBP: ffff88801353fb98 R08: ffffed10026dd93e R09: ffffed10026dd93e [ 126.211389] R10: ffff8880136ec9ef R11: ffffed10026dd93d R12: ffff8880136eca90 [ 126.211914] R13: ffff8880136ec8a8 R14: ffffffffffffffff R15: ffff88801353fc60 [ 126.212444] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.213046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.213491] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.214030] PKRU: 55555554 [ 126.214248] Call Trace: [ 126.214441] [ 126.214638] iommufd_ioas_destroy+0x53/0x70 [ 126.214980] iommufd_fops_release+0x1f7/0x370 [ 126.215331] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.215712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.216083] ? write_comp_data+0x2f/0x90 [ 126.216397] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.216772] __fput+0x26d/0xa40 [ 126.217034] ____fput+0x1e/0x30 [ 126.217291] task_work_run+0x1a4/0x2d0 [ 126.217589] ? __pfx_task_work_run+0x10/0x10 [ 126.217924] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.218294] ? switch_task_namespaces+0xa9/0xe0 [ 126.218678] do_exit+0xb17/0x2ef0 [ 126.218942] ? lock_acquire+0x427/0x4c0 [ 126.219258] ? __pfx_lock_release+0x10/0x10 [ 126.219596] ? __kasan_check_write+0x18/0x20 [ 126.219934] ? do_raw_spin_lock+0x132/0x2a0 [ 126.220264] ? __pfx_do_exit+0x10/0x10 [ 126.220567] ? debug_smp_processor_id+0x20/0x30 [ 126.220927] ? rcu_is_watching+0x19/0xb0 [ 126.221244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.221596] ? trace_hardirqs_on+0x26/0x120 [ 126.221933] do_group_exit+0xe0/0x2b0 [ 126.222226] __x64_sys_exit_group+0x47/0x50 [ 126.222576] do_syscall_64+0x3b/0x90 [ 126.222873] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.223285] RIP: 0033:0x7f4b87518a4d [ 126.223570] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.224037] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.224620] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.225170] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.225719] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.226264] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.226839] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.227406] [ 126.227589] irq event stamp: 0 [ 126.227835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.228326] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.229001] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.229672] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.230176] ---[ end trace 0000000000000000 ]--- [ 126.235731] ------------[ cut here ]------------ [ 126.236298] WARNING: CPU: 0 PID: 1166 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.237428] Modules linked in: [ 126.237800] CPU: 0 PID: 1166 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.238973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.240150] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.240555] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.241982] RSP: 0018:ffff888013497bb8 EFLAGS: 00010246 [ 126.242399] RAX: 0000000000000000 RBX: ffff888023c840a8 RCX: 0000000000000000 [ 126.242993] RDX: 0000000000000000 RSI: ffff88801889a500 RDI: 0000000000000002 [ 126.243597] RBP: ffff888013497bd0 R08: ffffed1004790833 R09: ffffed1004790833 [ 126.244173] R10: ffff888023c84193 R11: ffffed1004790832 R12: ffff88800a727c00 [ 126.244764] R13: ffff888023c841e8 R14: ffffffff8352e670 R15: ffff888013497e68 [ 126.245359] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.246034] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.246546] CR2: 0000000020000140 CR3: 0000000020fce000 CR4: 0000000000750ef0 [ 126.247151] PKRU: 55555554 [ 126.247391] Call Trace: [ 126.247605] [ 126.247797] __iommufd_access_detach+0x1c2/0x2b0 [ 126.248211] iommufd_access_change_pt+0x149/0x270 [ 126.248627] iommufd_access_replace+0xb4/0x120 [ 126.249021] iommufd_test+0x3e5/0x37e0 [ 126.249347] ? lock_release+0x532/0x770 [ 126.249689] ? __might_fault+0x102/0x1b0 [ 126.250038] ? lock_acquire+0x427/0x4c0 [ 126.250382] ? __pfx_iommufd_test+0x10/0x10 [ 126.250780] ? __pfx_lock_release+0x10/0x10 [ 126.251166] ? __pfx_lock_acquire+0x10/0x10 [ 126.251541] ? write_comp_data+0x2f/0x90 [ 126.251894] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.252310] ? write_comp_data+0x2f/0x90 [ 126.252661] iommufd_fops_ioctl+0x37d/0x510 [ 126.253031] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.253441] ? write_comp_data+0x2f/0x90 [ 126.253790] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.254199] __x64_sys_ioctl+0x1a3/0x230 [ 126.254582] do_syscall_64+0x3b/0x90 [ 126.254917] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.255377] RIP: 0033:0x7f4b8743ee5d [ 126.255691] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.257209] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.257845] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.258458] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.259105] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.259735] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.260348] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.260978] [ 126.261185] irq event stamp: 0 [ 126.261469] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.262042] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.262823] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.263582] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.264142] ---[ end trace 0000000000000000 ]--- [ 126.267166] ------------[ cut here ]------------ [ 126.267608] WARNING: CPU: 0 PID: 1166 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.268500] Modules linked in: [ 126.268788] CPU: 0 PID: 1166 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.269559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.270584] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.271028] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.272664] RSP: 0018:ffff888013497bd0 EFLAGS: 00010246 [ 126.273139] RAX: 0000000000000000 RBX: ffff888023c840a8 RCX: 0000000000000000 [ 126.273779] RDX: 0000000000000000 RSI: ffff88801889a500 RDI: 0000000000000002 [ 126.274426] RBP: ffff888013497be8 R08: ffffed1004790833 R09: ffffed1004790833 [ 126.275128] R10: ffff888023c84193 R11: ffffed1004790832 R12: ffff888012e94c00 [ 126.275775] R13: ffff888023c841e8 R14: ffff88801706dc00 R15: 0000000000000000 [ 126.276408] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.277129] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.277672] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 126.278335] PKRU: 55555554 [ 126.278630] Call Trace: [ 126.278877] [ 126.279105] iommufd_access_destroy_object+0x65/0x170 [ 126.279642] iommufd_object_destroy_user+0x18e/0x220 [ 126.280150] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.280728] iommufd_access_destroy+0x43/0x70 [ 126.281167] iommufd_test_staccess_release+0x8d/0xd0 [ 126.281655] __fput+0x26d/0xa40 [ 126.281985] ____fput+0x1e/0x30 [ 126.282404] task_work_run+0x1a4/0x2d0 [ 126.282837] ? __pfx_task_work_run+0x10/0x10 [ 126.283272] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.283743] ? switch_task_namespaces+0xa9/0xe0 [ 126.284211] do_exit+0xb17/0x2ef0 [ 126.284555] ? lock_acquire+0x427/0x4c0 [ 126.284954] ? __pfx_lock_release+0x10/0x10 [ 126.285396] ? __kasan_check_write+0x18/0x20 [ 126.285825] ? do_raw_spin_lock+0x132/0x2a0 [ 126.286229] ? __pfx_do_exit+0x10/0x10 [ 126.286655] ? debug_smp_processor_id+0x20/0x30 [ 126.287092] ? rcu_is_watching+0x19/0xb0 [ 126.287503] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.287931] ? trace_hardirqs_on+0x26/0x120 [ 126.288343] do_group_exit+0xe0/0x2b0 [ 126.288720] __x64_sys_exit_group+0x47/0x50 [ 126.289142] do_syscall_64+0x3b/0x90 [ 126.289528] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.290048] RIP: 0033:0x7f4b87518a4d [ 126.290405] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.291020] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.291753] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.292430] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.293103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.293773] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.294453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.295211] [ 126.295450] irq event stamp: 0 [ 126.295772] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.296393] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.297201] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.298005] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.298664] ---[ end trace 0000000000000000 ]--- [ 126.299523] ------------[ cut here ]------------ [ 126.299999] WARNING: CPU: 0 PID: 1166 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.300989] Modules linked in: [ 126.301300] CPU: 0 PID: 1166 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.302137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.303280] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.303797] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.305511] RSP: 0018:ffff888013497b78 EFLAGS: 00010246 [ 126.306013] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.306697] RDX: 0000000000000000 RSI: ffff88801889a500 RDI: 0000000000000002 [ 126.307375] RBP: ffff888013497b98 R08: ffffed100479083e R09: ffffed100479083e [ 126.308039] R10: ffff888023c841ef R11: ffffed100479083d R12: ffff888023c84290 [ 126.308704] R13: ffff888023c840a8 R14: ffffffffffffffff R15: ffff888013497c60 [ 126.309380] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.310128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.310689] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 126.311393] PKRU: 55555554 [ 126.311659] Call Trace: [ 126.311900] [ 126.312112] iommufd_ioas_destroy+0x53/0x70 [ 126.312524] iommufd_fops_release+0x1f7/0x370 [ 126.312955] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.313423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.313885] ? write_comp_data+0x2f/0x90 [ 126.314275] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.314768] __fput+0x26d/0xa40 [ 126.315099] ____fput+0x1e/0x30 [ 126.315433] task_work_run+0x1a4/0x2d0 [ 126.315812] ? __pfx_task_work_run+0x10/0x10 [ 126.316231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.316696] ? switch_task_namespaces+0xa9/0xe0 [ 126.317143] do_exit+0xb17/0x2ef0 [ 126.317471] ? lock_acquire+0x427/0x4c0 [ 126.317849] ? __pfx_lock_release+0x10/0x10 [ 126.318257] ? __kasan_check_write+0x18/0x20 [ 126.318694] ? do_raw_spin_lock+0x132/0x2a0 [ 126.319107] ? __pfx_do_exit+0x10/0x10 [ 126.319514] ? debug_smp_processor_id+0x20/0x30 [ 126.319955] ? rcu_is_watching+0x19/0xb0 [ 126.320340] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.320777] ? trace_hardirqs_on+0x26/0x120 [ 126.321195] do_group_exit+0xe0/0x2b0 [ 126.321556] __x64_sys_exit_group+0x47/0x50 [ 126.321952] do_syscall_64+0x3b/0x90 [ 126.322303] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.322830] RIP: 0033:0x7f4b87518a4d [ 126.323191] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.323765] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.324477] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.325148] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.325809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.326471] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.327177] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.327858] [ 126.328077] irq event stamp: 0 [ 126.328376] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.328969] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.329751] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.330580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.331187] ---[ end trace 0000000000000000 ]--- [ 126.336744] ------------[ cut here ]------------ [ 126.337243] WARNING: CPU: 0 PID: 1167 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.338216] Modules linked in: [ 126.338566] CPU: 0 PID: 1167 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.339420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.340503] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.340987] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.342763] RSP: 0018:ffff88801468fbb8 EFLAGS: 00010246 [ 126.343309] RAX: 0000000000000000 RBX: ffff888015d308a8 RCX: 0000000000000000 [ 126.343989] RDX: 0000000000000000 RSI: ffff88801889ca00 RDI: 0000000000000002 [ 126.344674] RBP: ffff88801468fbd0 R08: ffffed1002ba6133 R09: ffffed1002ba6133 [ 126.345347] R10: ffff888015d30993 R11: ffffed1002ba6132 R12: ffff888014111800 [ 126.346031] R13: ffff888015d309e8 R14: ffffffff8352e670 R15: ffff88801468fe68 [ 126.346747] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.347536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.348092] CR2: 0000000020000140 CR3: 0000000020fb6000 CR4: 0000000000750ef0 [ 126.348780] PKRU: 55555554 [ 126.349051] Call Trace: [ 126.349297] [ 126.349515] __iommufd_access_detach+0x1c2/0x2b0 [ 126.349985] iommufd_access_change_pt+0x149/0x270 [ 126.350461] iommufd_access_replace+0xb4/0x120 [ 126.350946] iommufd_test+0x3e5/0x37e0 [ 126.351390] ? lock_release+0x532/0x770 [ 126.351786] ? __might_fault+0x102/0x1b0 [ 126.352188] ? lock_acquire+0x427/0x4c0 [ 126.352582] ? __pfx_iommufd_test+0x10/0x10 [ 126.352997] ? __pfx_lock_release+0x10/0x10 [ 126.353427] ? __pfx_lock_acquire+0x10/0x10 [ 126.353854] ? write_comp_data+0x2f/0x90 [ 126.354252] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.354759] ? write_comp_data+0x2f/0x90 [ 126.355204] iommufd_fops_ioctl+0x37d/0x510 [ 126.355633] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.356107] ? write_comp_data+0x2f/0x90 [ 126.356507] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.356975] __x64_sys_ioctl+0x1a3/0x230 [ 126.357375] do_syscall_64+0x3b/0x90 [ 126.357743] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.358245] RIP: 0033:0x7f4b8743ee5d [ 126.358626] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.360538] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.361253] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.361920] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.362635] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.363334] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.363999] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.364680] [ 126.364899] irq event stamp: 0 [ 126.365199] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.365804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.366619] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.367413] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.368008] ---[ end trace 0000000000000000 ]--- [ 126.371173] ------------[ cut here ]------------ [ 126.371629] WARNING: CPU: 0 PID: 1167 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.372572] Modules linked in: [ 126.372879] CPU: 0 PID: 1167 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.373700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.374781] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.375259] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.376969] RSP: 0018:ffff88801468fbd0 EFLAGS: 00010246 [ 126.377469] RAX: 0000000000000000 RBX: ffff888015d308a8 RCX: 0000000000000000 [ 126.378128] RDX: 0000000000000000 RSI: ffff88801889ca00 RDI: 0000000000000002 [ 126.378807] RBP: ffff88801468fbe8 R08: ffffed1002ba6133 R09: ffffed1002ba6133 [ 126.379492] R10: ffff888015d30993 R11: ffffed1002ba6132 R12: ffff88800a726800 [ 126.380167] R13: ffff888015d309e8 R14: ffff888018bac600 R15: 0000000000000000 [ 126.380830] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.381571] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.382105] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 126.382785] PKRU: 55555554 [ 126.383056] Call Trace: [ 126.383319] [ 126.383535] iommufd_access_destroy_object+0x65/0x170 [ 126.384030] iommufd_object_destroy_user+0x18e/0x220 [ 126.384520] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.385083] iommufd_access_destroy+0x43/0x70 [ 126.385518] iommufd_test_staccess_release+0x8d/0xd0 [ 126.385997] __fput+0x26d/0xa40 [ 126.386322] ____fput+0x1e/0x30 [ 126.386661] task_work_run+0x1a4/0x2d0 [ 126.387045] ? __pfx_task_work_run+0x10/0x10 [ 126.387481] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.387947] ? switch_task_namespaces+0xa9/0xe0 [ 126.388395] do_exit+0xb17/0x2ef0 [ 126.388721] ? lock_acquire+0x427/0x4c0 [ 126.389108] ? __pfx_lock_release+0x10/0x10 [ 126.389523] ? __kasan_check_write+0x18/0x20 [ 126.389940] ? do_raw_spin_lock+0x132/0x2a0 [ 126.390347] ? __pfx_do_exit+0x10/0x10 [ 126.390744] ? debug_smp_processor_id+0x20/0x30 [ 126.391196] ? rcu_is_watching+0x19/0xb0 [ 126.391581] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.392009] ? trace_hardirqs_on+0x26/0x120 [ 126.392415] do_group_exit+0xe0/0x2b0 [ 126.392773] __x64_sys_exit_group+0x47/0x50 [ 126.393173] do_syscall_64+0x3b/0x90 [ 126.393536] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.394035] RIP: 0033:0x7f4b87518a4d [ 126.394388] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.394985] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.395734] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.396395] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.397049] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.397708] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.398362] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.399051] [ 126.399293] irq event stamp: 0 [ 126.399588] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.400171] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.400953] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.401733] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.402315] ---[ end trace 0000000000000000 ]--- [ 126.403193] ------------[ cut here ]------------ [ 126.403663] WARNING: CPU: 0 PID: 1167 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.404620] Modules linked in: [ 126.404924] CPU: 0 PID: 1167 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.405741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.406856] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.407374] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.409104] RSP: 0018:ffff88801468fb78 EFLAGS: 00010246 [ 126.409609] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.410259] RDX: 0000000000000000 RSI: ffff88801889ca00 RDI: 0000000000000002 [ 126.411320] RBP: ffff88801468fb98 R08: ffffed1002ba613e R09: ffffed1002ba613e [ 126.411988] R10: ffff888015d309ef R11: ffffed1002ba613d R12: ffff888015d30a90 [ 126.412638] R13: ffff888015d308a8 R14: ffffffffffffffff R15: ffff88801468fc60 [ 126.413282] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 126.414013] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.414572] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 126.415254] PKRU: 55555554 [ 126.415513] Call Trace: [ 126.415746] [ 126.415955] iommufd_ioas_destroy+0x53/0x70 [ 126.416350] iommufd_fops_release+0x1f7/0x370 [ 126.416746] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.417186] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.417619] ? write_comp_data+0x2f/0x90 [ 126.417985] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.418427] __fput+0x26d/0xa40 [ 126.418758] ____fput+0x1e/0x30 [ 126.419057] task_work_run+0x1a4/0x2d0 [ 126.419420] ? __pfx_task_work_run+0x10/0x10 [ 126.419816] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.420246] ? switch_task_namespaces+0xa9/0xe0 [ 126.420662] do_exit+0xb17/0x2ef0 [ 126.420965] ? lock_acquire+0x427/0x4c0 [ 126.421324] ? __pfx_lock_release+0x10/0x10 [ 126.421706] ? __kasan_check_write+0x18/0x20 [ 126.422093] ? do_raw_spin_lock+0x132/0x2a0 [ 126.422473] ? __pfx_do_exit+0x10/0x10 [ 126.422848] ? debug_smp_processor_id+0x20/0x30 [ 126.423272] ? rcu_is_watching+0x19/0xb0 [ 126.423634] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.424040] ? trace_hardirqs_on+0x26/0x120 [ 126.424426] do_group_exit+0xe0/0x2b0 [ 126.424759] __x64_sys_exit_group+0x47/0x50 [ 126.425132] do_syscall_64+0x3b/0x90 [ 126.425468] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.425925] RIP: 0033:0x7f4b87518a4d [ 126.426252] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.426810] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.427487] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.428104] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.428717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.429327] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.429937] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.430573] [ 126.430773] irq event stamp: 0 [ 126.431046] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.431589] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.432291] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.432992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.433510] ---[ end trace 0000000000000000 ]--- [ 126.439617] ------------[ cut here ]------------ [ 126.440180] WARNING: CPU: 1 PID: 1168 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.441302] Modules linked in: [ 126.441662] CPU: 1 PID: 1168 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.442656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.443795] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.444185] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.445558] RSP: 0018:ffff888013497bb8 EFLAGS: 00010246 [ 126.445958] RAX: 0000000000000000 RBX: ffff888014a918a8 RCX: 0000000000000000 [ 126.446493] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 126.447059] RBP: ffff888013497bd0 R08: ffffed1002952333 R09: ffffed1002952333 [ 126.447610] R10: ffff888014a91993 R11: ffffed1002952332 R12: ffff888020fd8000 [ 126.448145] R13: ffff888014a919e8 R14: ffffffff8352e670 R15: ffff888013497e68 [ 126.448668] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.449257] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.449685] CR2: 0000000020000140 CR3: 0000000020fb6000 CR4: 0000000000750ee0 [ 126.450210] PKRU: 55555554 [ 126.450418] Call Trace: [ 126.450619] [ 126.450788] __iommufd_access_detach+0x1c2/0x2b0 [ 126.451157] iommufd_access_change_pt+0x149/0x270 [ 126.451525] iommufd_access_replace+0xb4/0x120 [ 126.451874] iommufd_test+0x3e5/0x37e0 [ 126.452162] ? lock_release+0x532/0x770 [ 126.452461] ? __might_fault+0x102/0x1b0 [ 126.452764] ? lock_acquire+0x427/0x4c0 [ 126.453062] ? __pfx_iommufd_test+0x10/0x10 [ 126.453374] ? __pfx_lock_release+0x10/0x10 [ 126.453694] ? __pfx_lock_acquire+0x10/0x10 [ 126.454017] ? write_comp_data+0x2f/0x90 [ 126.454320] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.454695] ? write_comp_data+0x2f/0x90 [ 126.455002] iommufd_fops_ioctl+0x37d/0x510 [ 126.455323] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.455683] ? write_comp_data+0x2f/0x90 [ 126.455987] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.456339] __x64_sys_ioctl+0x1a3/0x230 [ 126.456638] do_syscall_64+0x3b/0x90 [ 126.456914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.457290] RIP: 0033:0x7f4b8743ee5d [ 126.457555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.458852] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.459400] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.459905] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.460409] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.460912] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.461448] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.462001] [ 126.462167] irq event stamp: 0 [ 126.462392] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.462848] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.463443] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.464034] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.464483] ---[ end trace 0000000000000000 ]--- [ 126.466934] ------------[ cut here ]------------ [ 126.467264] WARNING: CPU: 1 PID: 1168 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.467954] Modules linked in: [ 126.468174] CPU: 1 PID: 1168 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.468771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.469540] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.469880] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.471146] RSP: 0018:ffff888013497bd0 EFLAGS: 00010246 [ 126.471510] RAX: 0000000000000000 RBX: ffff888014a918a8 RCX: 0000000000000000 [ 126.471997] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 126.472485] RBP: ffff888013497be8 R08: ffffed1002952333 R09: ffffed1002952333 [ 126.472972] R10: ffff888014a91993 R11: ffffed1002952332 R12: ffff88800f221000 [ 126.473460] R13: ffff888014a919e8 R14: ffff8880178e1300 R15: 0000000000000000 [ 126.473946] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.474496] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.474907] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.475401] PKRU: 55555554 [ 126.475594] Call Trace: [ 126.475770] [ 126.475925] iommufd_access_destroy_object+0x65/0x170 [ 126.476270] iommufd_object_destroy_user+0x18e/0x220 [ 126.476618] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.477013] iommufd_access_destroy+0x43/0x70 [ 126.477326] iommufd_test_staccess_release+0x8d/0xd0 [ 126.477678] __fput+0x26d/0xa40 [ 126.477914] ____fput+0x1e/0x30 [ 126.478146] task_work_run+0x1a4/0x2d0 [ 126.478417] ? __pfx_task_work_run+0x10/0x10 [ 126.478725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.479056] ? switch_task_namespaces+0xa9/0xe0 [ 126.479387] do_exit+0xb17/0x2ef0 [ 126.479622] ? lock_acquire+0x427/0x4c0 [ 126.479896] ? __pfx_lock_release+0x10/0x10 [ 126.480189] ? __kasan_check_write+0x18/0x20 [ 126.480486] ? do_raw_spin_lock+0x132/0x2a0 [ 126.480776] ? __pfx_do_exit+0x10/0x10 [ 126.481044] ? debug_smp_processor_id+0x20/0x30 [ 126.481360] ? rcu_is_watching+0x19/0xb0 [ 126.481638] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.481950] ? trace_hardirqs_on+0x26/0x120 [ 126.482250] do_group_exit+0xe0/0x2b0 [ 126.482519] __x64_sys_exit_group+0x47/0x50 [ 126.482807] do_syscall_64+0x3b/0x90 [ 126.483063] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.483418] RIP: 0033:0x7f4b87518a4d [ 126.483664] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.484072] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.484573] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.485043] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.485518] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.485997] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.486471] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.486953] [ 126.487107] irq event stamp: 0 [ 126.487318] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.487730] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.488276] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.488821] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.489232] ---[ end trace 0000000000000000 ]--- [ 126.489789] ------------[ cut here ]------------ [ 126.490094] WARNING: CPU: 1 PID: 1168 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.490773] Modules linked in: [ 126.490988] CPU: 1 PID: 1168 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.491568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.492295] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.492625] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.493821] RSP: 0018:ffff888013497b78 EFLAGS: 00010246 [ 126.494161] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.494626] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 126.495083] RBP: ffff888013497b98 R08: ffffed100295233e R09: ffffed100295233e [ 126.495542] R10: ffff888014a919ef R11: ffffed100295233d R12: ffff888014a91a90 [ 126.495998] R13: ffff888014a918a8 R14: ffffffffffffffff R15: ffff888013497c60 [ 126.496459] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.496982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.497357] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.497811] PKRU: 55555554 [ 126.497991] Call Trace: [ 126.498155] [ 126.498305] iommufd_ioas_destroy+0x53/0x70 [ 126.498600] iommufd_fops_release+0x1f7/0x370 [ 126.498898] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.499231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.499552] ? write_comp_data+0x2f/0x90 [ 126.499820] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.500141] __fput+0x26d/0xa40 [ 126.500366] ____fput+0x1e/0x30 [ 126.500585] task_work_run+0x1a4/0x2d0 [ 126.500840] ? __pfx_task_work_run+0x10/0x10 [ 126.501127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.501442] ? switch_task_namespaces+0xa9/0xe0 [ 126.501749] do_exit+0xb17/0x2ef0 [ 126.501971] ? lock_acquire+0x427/0x4c0 [ 126.502235] ? __pfx_lock_release+0x10/0x10 [ 126.502527] ? __kasan_check_write+0x18/0x20 [ 126.502812] ? do_raw_spin_lock+0x132/0x2a0 [ 126.503090] ? __pfx_do_exit+0x10/0x10 [ 126.503352] ? debug_smp_processor_id+0x20/0x30 [ 126.503651] ? rcu_is_watching+0x19/0xb0 [ 126.503912] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.504211] ? trace_hardirqs_on+0x26/0x120 [ 126.504496] do_group_exit+0xe0/0x2b0 [ 126.504746] __x64_sys_exit_group+0x47/0x50 [ 126.505026] do_syscall_64+0x3b/0x90 [ 126.505275] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.505617] RIP: 0033:0x7f4b87518a4d [ 126.505854] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.506241] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.506721] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.507169] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.507612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.508058] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.508496] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.508940] [ 126.509085] irq event stamp: 0 [ 126.509281] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.509669] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.510183] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.510708] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.511096] ---[ end trace 0000000000000000 ]--- [ 126.514736] ------------[ cut here ]------------ [ 126.515051] WARNING: CPU: 1 PID: 1169 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.515690] Modules linked in: [ 126.515892] CPU: 1 PID: 1169 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.516437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.517138] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.517449] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.518697] RSP: 0018:ffff88801468fbb8 EFLAGS: 00010246 [ 126.519029] RAX: 0000000000000000 RBX: ffff888011c460a8 RCX: 0000000000000000 [ 126.519480] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 126.519919] RBP: ffff88801468fbd0 R08: ffffed1002388c33 R09: ffffed1002388c33 [ 126.520364] R10: ffff888011c46193 R11: ffffed1002388c32 R12: ffff888013cd6000 [ 126.520802] R13: ffff888011c461e8 R14: ffffffff8352e670 R15: ffff88801468fe68 [ 126.521250] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.521745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.522103] CR2: 0000000020000140 CR3: 0000000020fcc000 CR4: 0000000000750ee0 [ 126.522553] PKRU: 55555554 [ 126.522728] Call Trace: [ 126.522886] [ 126.523028] __iommufd_access_detach+0x1c2/0x2b0 [ 126.523340] iommufd_access_change_pt+0x149/0x270 [ 126.523649] iommufd_access_replace+0xb4/0x120 [ 126.523939] iommufd_test+0x3e5/0x37e0 [ 126.524180] ? lock_release+0x532/0x770 [ 126.524434] ? __might_fault+0x102/0x1b0 [ 126.524689] ? lock_acquire+0x427/0x4c0 [ 126.524972] ? __pfx_iommufd_test+0x10/0x10 [ 126.525239] ? __pfx_lock_release+0x10/0x10 [ 126.525512] ? __pfx_lock_acquire+0x10/0x10 [ 126.525781] ? write_comp_data+0x2f/0x90 [ 126.526035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.526334] ? write_comp_data+0x2f/0x90 [ 126.526598] iommufd_fops_ioctl+0x37d/0x510 [ 126.526863] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.527169] ? write_comp_data+0x2f/0x90 [ 126.527423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.527718] __x64_sys_ioctl+0x1a3/0x230 [ 126.527973] do_syscall_64+0x3b/0x90 [ 126.528205] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.528523] RIP: 0033:0x7f4b8743ee5d [ 126.528748] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.529838] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.530293] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.530728] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.531162] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.531588] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.532014] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.532446] [ 126.532587] irq event stamp: 0 [ 126.532778] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.533161] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.533663] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.534164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.534549] ---[ end trace 0000000000000000 ]--- [ 126.536692] ------------[ cut here ]------------ [ 126.536980] WARNING: CPU: 1 PID: 1169 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.537589] Modules linked in: [ 126.537782] CPU: 1 PID: 1169 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.538308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.538996] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.539298] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.540377] RSP: 0018:ffff88801468fbd0 EFLAGS: 00010246 [ 126.540692] RAX: 0000000000000000 RBX: ffff888011c460a8 RCX: 0000000000000000 [ 126.541114] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 126.541536] RBP: ffff88801468fbe8 R08: ffffed1002388c33 R09: ffffed1002388c33 [ 126.541958] R10: ffff888011c46193 R11: ffffed1002388c32 R12: ffff888020fdb000 [ 126.542380] R13: ffff888011c461e8 R14: ffff888010aa9800 R15: 0000000000000000 [ 126.542815] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.543296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.543638] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.544058] PKRU: 55555554 [ 126.544226] Call Trace: [ 126.544377] [ 126.544512] iommufd_access_destroy_object+0x65/0x170 [ 126.544819] iommufd_object_destroy_user+0x18e/0x220 [ 126.545125] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.545474] iommufd_access_destroy+0x43/0x70 [ 126.545748] iommufd_test_staccess_release+0x8d/0xd0 [ 126.546057] __fput+0x26d/0xa40 [ 126.546265] ____fput+0x1e/0x30 [ 126.546469] task_work_run+0x1a4/0x2d0 [ 126.546715] ? __pfx_task_work_run+0x10/0x10 [ 126.546982] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.547282] ? switch_task_namespaces+0xa9/0xe0 [ 126.547569] do_exit+0xb17/0x2ef0 [ 126.547781] ? lock_acquire+0x427/0x4c0 [ 126.548029] ? __pfx_lock_release+0x10/0x10 [ 126.548296] ? __kasan_check_write+0x18/0x20 [ 126.548565] ? do_raw_spin_lock+0x132/0x2a0 [ 126.548828] ? __pfx_do_exit+0x10/0x10 [ 126.549071] ? debug_smp_processor_id+0x20/0x30 [ 126.549355] ? rcu_is_watching+0x19/0xb0 [ 126.549602] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.549880] ? trace_hardirqs_on+0x26/0x120 [ 126.550147] do_group_exit+0xe0/0x2b0 [ 126.550379] __x64_sys_exit_group+0x47/0x50 [ 126.550648] do_syscall_64+0x3b/0x90 [ 126.550881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.551202] RIP: 0033:0x7f4b87518a4d [ 126.551426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.551794] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.552247] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.552670] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.553088] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.553506] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.553924] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.554348] [ 126.554487] irq event stamp: 0 [ 126.554684] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.555056] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.555550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.556040] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.556412] ---[ end trace 0000000000000000 ]--- [ 126.556952] ------------[ cut here ]------------ [ 126.557227] WARNING: CPU: 1 PID: 1169 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.557825] Modules linked in: [ 126.558015] CPU: 1 PID: 1169 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.558542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.559209] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.559512] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.560581] RSP: 0018:ffff88801468fb78 EFLAGS: 00010246 [ 126.560894] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.561312] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 126.561733] RBP: ffff88801468fb98 R08: ffffed1002388c3e R09: ffffed1002388c3e [ 126.562149] R10: ffff888011c461ef R11: ffffed1002388c3d R12: ffff888011c46290 [ 126.562574] R13: ffff888011c460a8 R14: ffffffffffffffff R15: ffff88801468fc60 [ 126.562991] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.563486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.563825] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.564242] PKRU: 55555554 [ 126.564409] Call Trace: [ 126.564561] [ 126.564695] iommufd_ioas_destroy+0x53/0x70 [ 126.564953] iommufd_fops_release+0x1f7/0x370 [ 126.565223] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.565521] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.565814] ? write_comp_data+0x2f/0x90 [ 126.566061] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.566358] __fput+0x26d/0xa40 [ 126.566572] ____fput+0x1e/0x30 [ 126.566775] task_work_run+0x1a4/0x2d0 [ 126.567011] ? __pfx_task_work_run+0x10/0x10 [ 126.567278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.567570] ? switch_task_namespaces+0xa9/0xe0 [ 126.567853] do_exit+0xb17/0x2ef0 [ 126.568059] ? lock_acquire+0x427/0x4c0 [ 126.568303] ? __pfx_lock_release+0x10/0x10 [ 126.568563] ? __kasan_check_write+0x18/0x20 [ 126.568825] ? do_raw_spin_lock+0x132/0x2a0 [ 126.569081] ? __pfx_do_exit+0x10/0x10 [ 126.569318] ? debug_smp_processor_id+0x20/0x30 [ 126.569593] ? rcu_is_watching+0x19/0xb0 [ 126.569833] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.570104] ? trace_hardirqs_on+0x26/0x120 [ 126.570363] do_group_exit+0xe0/0x2b0 [ 126.570598] __x64_sys_exit_group+0x47/0x50 [ 126.570852] do_syscall_64+0x3b/0x90 [ 126.571080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.571392] RIP: 0033:0x7f4b87518a4d [ 126.571611] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.571971] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.572414] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.572830] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.573246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.573661] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.574077] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.574501] [ 126.574656] irq event stamp: 0 [ 126.574843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.575221] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.575709] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.576197] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.576565] ---[ end trace 0000000000000000 ]--- [ 126.579646] ------------[ cut here ]------------ [ 126.579944] WARNING: CPU: 1 PID: 1170 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.580543] Modules linked in: [ 126.580734] CPU: 1 PID: 1170 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.581250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.581910] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.582205] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.583351] RSP: 0018:ffff88800e8efbb8 EFLAGS: 00010246 [ 126.583668] RAX: 0000000000000000 RBX: ffff888021bea0a8 RCX: 0000000000000000 [ 126.584087] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 126.584506] RBP: ffff88800e8efbd0 R08: ffffed100437d433 R09: ffffed100437d433 [ 126.584925] R10: ffff888021bea193 R11: ffffed100437d432 R12: ffff888013ad5000 [ 126.585345] R13: ffff888021bea1e8 R14: ffffffff8352e670 R15: ffff88800e8efe68 [ 126.585765] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.586243] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.586596] CR2: 0000000020000140 CR3: 000000000f516000 CR4: 0000000000750ee0 [ 126.587015] PKRU: 55555554 [ 126.587188] Call Trace: [ 126.587342] [ 126.587475] __iommufd_access_detach+0x1c2/0x2b0 [ 126.587763] iommufd_access_change_pt+0x149/0x270 [ 126.588055] iommufd_access_replace+0xb4/0x120 [ 126.588334] iommufd_test+0x3e5/0x37e0 [ 126.588564] ? lock_release+0x532/0x770 [ 126.588802] ? __might_fault+0x102/0x1b0 [ 126.589075] ? lock_acquire+0x427/0x4c0 [ 126.589315] ? __pfx_iommufd_test+0x10/0x10 [ 126.589566] ? __pfx_lock_release+0x10/0x10 [ 126.589826] ? __pfx_lock_acquire+0x10/0x10 [ 126.590087] ? write_comp_data+0x2f/0x90 [ 126.590335] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.590636] ? write_comp_data+0x2f/0x90 [ 126.590886] iommufd_fops_ioctl+0x37d/0x510 [ 126.591152] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.591443] ? write_comp_data+0x2f/0x90 [ 126.591690] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.591977] __x64_sys_ioctl+0x1a3/0x230 [ 126.592224] do_syscall_64+0x3b/0x90 [ 126.592451] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.592760] RIP: 0033:0x7f4b8743ee5d [ 126.592978] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.594046] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.594494] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.594925] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.595353] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.595771] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.596190] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.596613] [ 126.596751] irq event stamp: 0 [ 126.596938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.597307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.597797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.598287] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.598664] ---[ end trace 0000000000000000 ]--- [ 126.600778] ------------[ cut here ]------------ [ 126.601060] WARNING: CPU: 1 PID: 1170 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.601653] Modules linked in: [ 126.601843] CPU: 1 PID: 1170 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.602358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.603032] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.603334] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.604403] RSP: 0018:ffff88800e8efbd0 EFLAGS: 00010246 [ 126.604714] RAX: 0000000000000000 RBX: ffff888021bea0a8 RCX: 0000000000000000 [ 126.605131] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 126.605550] RBP: ffff88800e8efbe8 R08: ffffed100437d433 R09: ffffed100437d433 [ 126.605967] R10: ffff888021bea193 R11: ffffed100437d432 R12: ffff888013cd7800 [ 126.606385] R13: ffff888021bea1e8 R14: ffff888021859d00 R15: 0000000000000000 [ 126.606810] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.607291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.607633] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.608054] PKRU: 55555554 [ 126.608221] Call Trace: [ 126.608372] [ 126.608507] iommufd_access_destroy_object+0x65/0x170 [ 126.608813] iommufd_object_destroy_user+0x18e/0x220 [ 126.609118] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.609466] iommufd_access_destroy+0x43/0x70 [ 126.609740] iommufd_test_staccess_release+0x8d/0xd0 [ 126.610048] __fput+0x26d/0xa40 [ 126.610255] ____fput+0x1e/0x30 [ 126.610461] task_work_run+0x1a4/0x2d0 [ 126.610706] ? __pfx_task_work_run+0x10/0x10 [ 126.610972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.611270] ? switch_task_namespaces+0xa9/0xe0 [ 126.611558] do_exit+0xb17/0x2ef0 [ 126.611765] ? lock_acquire+0x427/0x4c0 [ 126.612008] ? __pfx_lock_release+0x10/0x10 [ 126.612269] ? __kasan_check_write+0x18/0x20 [ 126.612533] ? do_raw_spin_lock+0x132/0x2a0 [ 126.612791] ? __pfx_do_exit+0x10/0x10 [ 126.613029] ? debug_smp_processor_id+0x20/0x30 [ 126.613307] ? rcu_is_watching+0x19/0xb0 [ 126.613549] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.613822] ? trace_hardirqs_on+0x26/0x120 [ 126.614082] do_group_exit+0xe0/0x2b0 [ 126.614310] __x64_sys_exit_group+0x47/0x50 [ 126.614573] do_syscall_64+0x3b/0x90 [ 126.614802] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.615117] RIP: 0033:0x7f4b87518a4d [ 126.615337] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.615699] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.616145] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.616564] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.616981] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.617399] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.617816] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.618240] [ 126.618379] irq event stamp: 0 [ 126.618574] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.618945] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.619442] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.619935] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.620305] ---[ end trace 0000000000000000 ]--- [ 126.620811] ------------[ cut here ]------------ [ 126.621113] WARNING: CPU: 1 PID: 1170 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.621724] Modules linked in: [ 126.621913] CPU: 1 PID: 1170 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.622428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.623097] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.623407] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.624479] RSP: 0018:ffff88800e8efb78 EFLAGS: 00010246 [ 126.624791] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.625209] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 126.625627] RBP: ffff88800e8efb98 R08: ffffed100437d43e R09: ffffed100437d43e [ 126.626045] R10: ffff888021bea1ef R11: ffffed100437d43d R12: ffff888021bea290 [ 126.626466] R13: ffff888021bea0a8 R14: ffffffffffffffff R15: ffff88800e8efc60 [ 126.626893] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.627373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.627715] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.628135] PKRU: 55555554 [ 126.628303] Call Trace: [ 126.628454] [ 126.628590] iommufd_ioas_destroy+0x53/0x70 [ 126.628848] iommufd_fops_release+0x1f7/0x370 [ 126.629120] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.629419] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.629712] ? write_comp_data+0x2f/0x90 [ 126.629962] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.630260] __fput+0x26d/0xa40 [ 126.630466] ____fput+0x1e/0x30 [ 126.630679] task_work_run+0x1a4/0x2d0 [ 126.630917] ? __pfx_task_work_run+0x10/0x10 [ 126.631188] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.631482] ? switch_task_namespaces+0xa9/0xe0 [ 126.631767] do_exit+0xb17/0x2ef0 [ 126.631974] ? lock_acquire+0x427/0x4c0 [ 126.632218] ? __pfx_lock_release+0x10/0x10 [ 126.632480] ? __kasan_check_write+0x18/0x20 [ 126.632744] ? do_raw_spin_lock+0x132/0x2a0 [ 126.633002] ? __pfx_do_exit+0x10/0x10 [ 126.633240] ? debug_smp_processor_id+0x20/0x30 [ 126.633521] ? rcu_is_watching+0x19/0xb0 [ 126.633763] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.634036] ? trace_hardirqs_on+0x26/0x120 [ 126.634297] do_group_exit+0xe0/0x2b0 [ 126.634539] __x64_sys_exit_group+0x47/0x50 [ 126.634796] do_syscall_64+0x3b/0x90 [ 126.635024] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.635340] RIP: 0033:0x7f4b87518a4d [ 126.635560] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.635922] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.636367] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.636786] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.637204] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.637624] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.638042] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.638469] [ 126.638616] irq event stamp: 0 [ 126.638804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.639181] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.639671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.640161] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.640532] ---[ end trace 0000000000000000 ]--- [ 126.644211] ------------[ cut here ]------------ [ 126.644507] WARNING: CPU: 1 PID: 1171 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.645108] Modules linked in: [ 126.645299] CPU: 1 PID: 1171 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.645820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.646485] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.646933] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.648020] RSP: 0018:ffff88800e93fbb8 EFLAGS: 00010246 [ 126.648335] RAX: 0000000000000000 RBX: ffff8880179a80a8 RCX: 0000000000000000 [ 126.648757] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 126.649178] RBP: ffff88800e93fbd0 R08: ffffed1002f35033 R09: ffffed1002f35033 [ 126.649599] R10: ffff8880179a8193 R11: ffffed1002f35032 R12: ffff88800f4d3800 [ 126.650020] R13: ffff8880179a81e8 R14: ffffffff8352e670 R15: ffff88800e93fe68 [ 126.650442] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.650929] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.651278] CR2: 0000000020000140 CR3: 0000000020e96000 CR4: 0000000000750ee0 [ 126.651699] PKRU: 55555554 [ 126.651867] Call Trace: [ 126.652018] [ 126.652153] __iommufd_access_detach+0x1c2/0x2b0 [ 126.652443] iommufd_access_change_pt+0x149/0x270 [ 126.652740] iommufd_access_replace+0xb4/0x120 [ 126.653050] iommufd_test+0x3e5/0x37e0 [ 126.653282] ? lock_release+0x532/0x770 [ 126.653525] ? __might_fault+0x102/0x1b0 [ 126.653772] ? lock_acquire+0x427/0x4c0 [ 126.654017] ? __pfx_iommufd_test+0x10/0x10 [ 126.654273] ? __pfx_lock_release+0x10/0x10 [ 126.654546] ? __pfx_lock_acquire+0x10/0x10 [ 126.654811] ? write_comp_data+0x2f/0x90 [ 126.655059] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.655360] ? write_comp_data+0x2f/0x90 [ 126.655610] iommufd_fops_ioctl+0x37d/0x510 [ 126.655869] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.656162] ? write_comp_data+0x2f/0x90 [ 126.656411] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.656700] __x64_sys_ioctl+0x1a3/0x230 [ 126.656948] do_syscall_64+0x3b/0x90 [ 126.657176] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.657489] RIP: 0033:0x7f4b8743ee5d [ 126.657709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.658786] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.659243] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.659662] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.660081] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.660499] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.660917] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.661340] [ 126.661477] irq event stamp: 0 [ 126.661664] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.662033] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.662534] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.663026] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.663403] ---[ end trace 0000000000000000 ]--- [ 126.665543] ------------[ cut here ]------------ [ 126.665823] WARNING: CPU: 1 PID: 1171 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.666421] Modules linked in: [ 126.666624] CPU: 1 PID: 1171 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.667149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.667813] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.668113] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.669215] RSP: 0018:ffff88800e93fbd0 EFLAGS: 00010246 [ 126.669547] RAX: 0000000000000000 RBX: ffff8880179a80a8 RCX: 0000000000000000 [ 126.669978] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 126.670410] RBP: ffff88800e93fbe8 R08: ffffed1002f35033 R09: ffffed1002f35033 [ 126.670878] R10: ffff8880179a8193 R11: ffffed1002f35032 R12: ffff888013ad4400 [ 126.671410] R13: ffff8880179a81e8 R14: ffff888013997200 R15: 0000000000000000 [ 126.671915] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.672404] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.672770] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.673195] PKRU: 55555554 [ 126.673361] Call Trace: [ 126.673511] [ 126.673644] iommufd_access_destroy_object+0x65/0x170 [ 126.673951] iommufd_object_destroy_user+0x18e/0x220 [ 126.674253] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.674611] iommufd_access_destroy+0x43/0x70 [ 126.674884] iommufd_test_staccess_release+0x8d/0xd0 [ 126.675198] __fput+0x26d/0xa40 [ 126.675404] ____fput+0x1e/0x30 [ 126.675606] task_work_run+0x1a4/0x2d0 [ 126.675841] ? __pfx_task_work_run+0x10/0x10 [ 126.676107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.676398] ? switch_task_namespaces+0xa9/0xe0 [ 126.676683] do_exit+0xb17/0x2ef0 [ 126.676888] ? lock_acquire+0x427/0x4c0 [ 126.677129] ? __pfx_lock_release+0x10/0x10 [ 126.677387] ? __kasan_check_write+0x18/0x20 [ 126.677648] ? do_raw_spin_lock+0x132/0x2a0 [ 126.677903] ? __pfx_do_exit+0x10/0x10 [ 126.678139] ? debug_smp_processor_id+0x20/0x30 [ 126.678415] ? rcu_is_watching+0x19/0xb0 [ 126.678664] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.678936] ? trace_hardirqs_on+0x26/0x120 [ 126.679198] do_group_exit+0xe0/0x2b0 [ 126.679424] __x64_sys_exit_group+0x47/0x50 [ 126.679677] do_syscall_64+0x3b/0x90 [ 126.679903] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.680212] RIP: 0033:0x7f4b87518a4d [ 126.680431] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.680788] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.681228] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.681641] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.682054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.682468] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.682895] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.683322] [ 126.683463] irq event stamp: 0 [ 126.683649] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.684015] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.684501] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.685039] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.685405] ---[ end trace 0000000000000000 ]--- [ 126.685943] ------------[ cut here ]------------ [ 126.686218] WARNING: CPU: 1 PID: 1171 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.686820] Modules linked in: [ 126.687010] CPU: 1 PID: 1171 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.687524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.688179] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.688481] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.689537] RSP: 0018:ffff88800e93fb78 EFLAGS: 00010246 [ 126.689844] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.690256] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 126.690677] RBP: ffff88800e93fb98 R08: ffffed1002f3503e R09: ffffed1002f3503e [ 126.691092] R10: ffff8880179a81ef R11: ffffed1002f3503d R12: ffff8880179a8290 [ 126.691510] R13: ffff8880179a80a8 R14: ffffffffffffffff R15: ffff88800e93fc60 [ 126.691924] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.692390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.692727] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.693141] PKRU: 55555554 [ 126.693307] Call Trace: [ 126.693457] [ 126.693592] iommufd_ioas_destroy+0x53/0x70 [ 126.693850] iommufd_fops_release+0x1f7/0x370 [ 126.694122] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.694421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.694729] ? write_comp_data+0x2f/0x90 [ 126.694981] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.695284] __fput+0x26d/0xa40 [ 126.695491] ____fput+0x1e/0x30 [ 126.695696] task_work_run+0x1a4/0x2d0 [ 126.695934] ? __pfx_task_work_run+0x10/0x10 [ 126.696200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.696494] ? switch_task_namespaces+0xa9/0xe0 [ 126.696780] do_exit+0xb17/0x2ef0 [ 126.696987] ? lock_acquire+0x427/0x4c0 [ 126.697231] ? __pfx_lock_release+0x10/0x10 [ 126.697493] ? __kasan_check_write+0x18/0x20 [ 126.697757] ? do_raw_spin_lock+0x132/0x2a0 [ 126.698015] ? __pfx_do_exit+0x10/0x10 [ 126.698254] ? debug_smp_processor_id+0x20/0x30 [ 126.698541] ? rcu_is_watching+0x19/0xb0 [ 126.698785] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.699058] ? trace_hardirqs_on+0x26/0x120 [ 126.699325] do_group_exit+0xe0/0x2b0 [ 126.699553] __x64_sys_exit_group+0x47/0x50 [ 126.699808] do_syscall_64+0x3b/0x90 [ 126.700036] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.700347] RIP: 0033:0x7f4b87518a4d [ 126.700569] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.700931] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.701379] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.701797] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.702214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.702641] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.703061] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.703491] [ 126.703630] irq event stamp: 0 [ 126.703818] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.704188] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.704679] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.705171] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.705542] ---[ end trace 0000000000000000 ]--- [ 126.708878] ------------[ cut here ]------------ [ 126.709176] WARNING: CPU: 1 PID: 1172 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.709774] Modules linked in: [ 126.709965] CPU: 1 PID: 1172 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.710484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.711320] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.711616] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.712687] RSP: 0018:ffff888014be7bb8 EFLAGS: 00010246 [ 126.713000] RAX: 0000000000000000 RBX: ffff888020a340a8 RCX: 0000000000000000 [ 126.713417] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 126.713835] RBP: ffff888014be7bd0 R08: ffffed1004146833 R09: ffffed1004146833 [ 126.714253] R10: ffff888020a34193 R11: ffffed1004146832 R12: ffff88800f136c00 [ 126.714681] R13: ffff888020a341e8 R14: ffffffff8352e670 R15: ffff888014be7e68 [ 126.715101] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.715579] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.715921] CR2: 0000000020000140 CR3: 0000000012ca6000 CR4: 0000000000750ee0 [ 126.716342] PKRU: 55555554 [ 126.716509] Call Trace: [ 126.716661] [ 126.716796] __iommufd_access_detach+0x1c2/0x2b0 [ 126.717116] iommufd_access_change_pt+0x149/0x270 [ 126.717411] iommufd_access_replace+0xb4/0x120 [ 126.717691] iommufd_test+0x3e5/0x37e0 [ 126.717923] ? lock_release+0x532/0x770 [ 126.718167] ? __might_fault+0x102/0x1b0 [ 126.718414] ? lock_acquire+0x427/0x4c0 [ 126.718666] ? __pfx_iommufd_test+0x10/0x10 [ 126.718922] ? __pfx_lock_release+0x10/0x10 [ 126.719190] ? __pfx_lock_acquire+0x10/0x10 [ 126.719456] ? write_comp_data+0x2f/0x90 [ 126.719705] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.719999] ? write_comp_data+0x2f/0x90 [ 126.720249] iommufd_fops_ioctl+0x37d/0x510 [ 126.720510] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.720804] ? write_comp_data+0x2f/0x90 [ 126.721054] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.721346] __x64_sys_ioctl+0x1a3/0x230 [ 126.721596] do_syscall_64+0x3b/0x90 [ 126.721825] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.722148] RIP: 0033:0x7f4b8743ee5d [ 126.722369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.723448] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.723890] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.724303] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.724716] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.725129] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.725545] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.725963] [ 126.726100] irq event stamp: 0 [ 126.726284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.726660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.727150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.727634] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.728000] ---[ end trace 0000000000000000 ]--- [ 126.730127] ------------[ cut here ]------------ [ 126.730403] WARNING: CPU: 1 PID: 1172 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.731003] Modules linked in: [ 126.731198] CPU: 1 PID: 1172 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.731707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.732360] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.732650] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.733709] RSP: 0018:ffff888014be7bd0 EFLAGS: 00010246 [ 126.734018] RAX: 0000000000000000 RBX: ffff888020a340a8 RCX: 0000000000000000 [ 126.734434] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 126.734860] RBP: ffff888014be7be8 R08: ffffed1004146833 R09: ffffed1004146833 [ 126.735277] R10: ffff888020a34193 R11: ffffed1004146832 R12: ffff88800f4d2800 [ 126.735695] R13: ffff888020a341e8 R14: ffff88800fd13a00 R15: 0000000000000000 [ 126.736108] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.736576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.736913] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.737327] PKRU: 55555554 [ 126.737492] Call Trace: [ 126.737642] [ 126.737775] iommufd_access_destroy_object+0x65/0x170 [ 126.738082] iommufd_object_destroy_user+0x18e/0x220 [ 126.738384] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.738736] iommufd_access_destroy+0x43/0x70 [ 126.739008] iommufd_test_staccess_release+0x8d/0xd0 [ 126.739317] __fput+0x26d/0xa40 [ 126.739524] ____fput+0x1e/0x30 [ 126.739725] task_work_run+0x1a4/0x2d0 [ 126.739961] ? __pfx_task_work_run+0x10/0x10 [ 126.740225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.740516] ? switch_task_namespaces+0xa9/0xe0 [ 126.740798] do_exit+0xb17/0x2ef0 [ 126.741003] ? lock_acquire+0x427/0x4c0 [ 126.741244] ? __pfx_lock_release+0x10/0x10 [ 126.741504] ? __kasan_check_write+0x18/0x20 [ 126.741765] ? do_raw_spin_lock+0x132/0x2a0 [ 126.742020] ? __pfx_do_exit+0x10/0x10 [ 126.742256] ? debug_smp_processor_id+0x20/0x30 [ 126.742540] ? rcu_is_watching+0x19/0xb0 [ 126.742781] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.743051] ? trace_hardirqs_on+0x26/0x120 [ 126.743312] do_group_exit+0xe0/0x2b0 [ 126.743538] __x64_sys_exit_group+0x47/0x50 [ 126.743791] do_syscall_64+0x3b/0x90 [ 126.744017] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.744328] RIP: 0033:0x7f4b87518a4d [ 126.744545] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.744904] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.745345] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.745757] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.746169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.746591] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.747004] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.747427] [ 126.747564] irq event stamp: 0 [ 126.747749] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.748115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.748601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.749115] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.749482] ---[ end trace 0000000000000000 ]--- [ 126.749988] ------------[ cut here ]------------ [ 126.750259] WARNING: CPU: 1 PID: 1172 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.750858] Modules linked in: [ 126.751045] CPU: 1 PID: 1172 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.751556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.752206] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.752504] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.753561] RSP: 0018:ffff888014be7b78 EFLAGS: 00010246 [ 126.753869] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.754282] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 126.754710] RBP: ffff888014be7b98 R08: ffffed100414683e R09: ffffed100414683e [ 126.755126] R10: ffff888020a341ef R11: ffffed100414683d R12: ffff888020a34290 [ 126.755541] R13: ffff888020a340a8 R14: ffffffffffffffff R15: ffff888014be7c60 [ 126.755953] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.756419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.756755] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.757170] PKRU: 55555554 [ 126.757336] Call Trace: [ 126.757485] [ 126.757618] iommufd_ioas_destroy+0x53/0x70 [ 126.757873] iommufd_fops_release+0x1f7/0x370 [ 126.758141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.758436] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.758734] ? write_comp_data+0x2f/0x90 [ 126.758981] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.759278] __fput+0x26d/0xa40 [ 126.759482] ____fput+0x1e/0x30 [ 126.759684] task_work_run+0x1a4/0x2d0 [ 126.759918] ? __pfx_task_work_run+0x10/0x10 [ 126.760180] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.760470] ? switch_task_namespaces+0xa9/0xe0 [ 126.760752] do_exit+0xb17/0x2ef0 [ 126.760956] ? lock_acquire+0x427/0x4c0 [ 126.761196] ? __pfx_lock_release+0x10/0x10 [ 126.761457] ? __kasan_check_write+0x18/0x20 [ 126.761719] ? do_raw_spin_lock+0x132/0x2a0 [ 126.761974] ? __pfx_do_exit+0x10/0x10 [ 126.762210] ? debug_smp_processor_id+0x20/0x30 [ 126.762484] ? rcu_is_watching+0x19/0xb0 [ 126.762732] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.763002] ? trace_hardirqs_on+0x26/0x120 [ 126.763267] do_group_exit+0xe0/0x2b0 [ 126.763493] __x64_sys_exit_group+0x47/0x50 [ 126.763748] do_syscall_64+0x3b/0x90 [ 126.763974] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.764282] RIP: 0033:0x7f4b87518a4d [ 126.764499] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.764855] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.765294] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.765705] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.766117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.766538] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.766951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.767373] [ 126.767509] irq event stamp: 0 [ 126.767694] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.768060] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.768546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.769037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.769409] ---[ end trace 0000000000000000 ]--- [ 126.773263] ------------[ cut here ]------------ [ 126.773567] WARNING: CPU: 1 PID: 1173 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.774169] Modules linked in: [ 126.774359] CPU: 1 PID: 1173 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.775094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.775767] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.776063] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.777141] RSP: 0018:ffff88800ee87bb8 EFLAGS: 00010246 [ 126.777458] RAX: 0000000000000000 RBX: ffff8880147728a8 RCX: 0000000000000000 [ 126.777878] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 126.778298] RBP: ffff88800ee87bd0 R08: ffffed10028ee533 R09: ffffed10028ee533 [ 126.778734] R10: ffff888014772993 R11: ffffed10028ee532 R12: ffff88801493e000 [ 126.779165] R13: ffff8880147729e8 R14: ffffffff8352e670 R15: ffff88800ee87e68 [ 126.779585] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.780058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.780399] CR2: 0000000020000140 CR3: 00000000148a4000 CR4: 0000000000750ee0 [ 126.780821] PKRU: 55555554 [ 126.781018] Call Trace: [ 126.781170] [ 126.781304] __iommufd_access_detach+0x1c2/0x2b0 [ 126.781597] iommufd_access_change_pt+0x149/0x270 [ 126.781891] iommufd_access_replace+0xb4/0x120 [ 126.782171] iommufd_test+0x3e5/0x37e0 [ 126.782406] ? lock_release+0x532/0x770 [ 126.782658] ? __might_fault+0x102/0x1b0 [ 126.782905] ? lock_acquire+0x427/0x4c0 [ 126.783153] ? __pfx_iommufd_test+0x10/0x10 [ 126.783408] ? __pfx_lock_release+0x10/0x10 [ 126.783670] ? __pfx_lock_acquire+0x10/0x10 [ 126.783935] ? write_comp_data+0x2f/0x90 [ 126.784184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.784477] ? write_comp_data+0x2f/0x90 [ 126.784726] iommufd_fops_ioctl+0x37d/0x510 [ 126.784986] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.785280] ? write_comp_data+0x2f/0x90 [ 126.785532] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.785821] __x64_sys_ioctl+0x1a3/0x230 [ 126.786071] do_syscall_64+0x3b/0x90 [ 126.786300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.786622] RIP: 0033:0x7f4b8743ee5d [ 126.786842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.787916] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.788361] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.788780] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.789199] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.789617] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.790036] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.790463] [ 126.790611] irq event stamp: 0 [ 126.790799] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.791175] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.791666] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.792156] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.792526] ---[ end trace 0000000000000000 ]--- [ 126.794714] ------------[ cut here ]------------ [ 126.794997] WARNING: CPU: 1 PID: 1173 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.795601] Modules linked in: [ 126.795791] CPU: 1 PID: 1173 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.796306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.796967] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.797260] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.798333] RSP: 0018:ffff88800ee87bd0 EFLAGS: 00010246 [ 126.798659] RAX: 0000000000000000 RBX: ffff8880147728a8 RCX: 0000000000000000 [ 126.799079] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 126.799506] RBP: ffff88800ee87be8 R08: ffffed10028ee533 R09: ffffed10028ee533 [ 126.799924] R10: ffff888014772993 R11: ffffed10028ee532 R12: ffff88800f136000 [ 126.800346] R13: ffff8880147729e8 R14: ffff88802187b500 R15: 0000000000000000 [ 126.800764] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.801238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.801580] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.801999] PKRU: 55555554 [ 126.802166] Call Trace: [ 126.802318] [ 126.802453] iommufd_access_destroy_object+0x65/0x170 [ 126.802771] iommufd_object_destroy_user+0x18e/0x220 [ 126.803077] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.803434] iommufd_access_destroy+0x43/0x70 [ 126.803708] iommufd_test_staccess_release+0x8d/0xd0 [ 126.804015] __fput+0x26d/0xa40 [ 126.804222] ____fput+0x1e/0x30 [ 126.804425] task_work_run+0x1a4/0x2d0 [ 126.804666] ? __pfx_task_work_run+0x10/0x10 [ 126.804932] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.805226] ? switch_task_namespaces+0xa9/0xe0 [ 126.805511] do_exit+0xb17/0x2ef0 [ 126.805718] ? lock_acquire+0x427/0x4c0 [ 126.805962] ? __pfx_lock_release+0x10/0x10 [ 126.806224] ? __kasan_check_write+0x18/0x20 [ 126.806488] ? do_raw_spin_lock+0x132/0x2a0 [ 126.806753] ? __pfx_do_exit+0x10/0x10 [ 126.806992] ? debug_smp_processor_id+0x20/0x30 [ 126.807278] ? rcu_is_watching+0x19/0xb0 [ 126.807522] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.807795] ? trace_hardirqs_on+0x26/0x120 [ 126.808056] do_group_exit+0xe0/0x2b0 [ 126.808284] __x64_sys_exit_group+0x47/0x50 [ 126.808541] do_syscall_64+0x3b/0x90 [ 126.808769] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.809081] RIP: 0033:0x7f4b87518a4d [ 126.809301] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.809664] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.810110] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.810537] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.810955] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.811378] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.811797] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.812221] [ 126.812360] irq event stamp: 0 [ 126.812547] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.812916] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.813437] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.813928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.814297] ---[ end trace 0000000000000000 ]--- [ 126.814814] ------------[ cut here ]------------ [ 126.815090] WARNING: CPU: 1 PID: 1173 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.815695] Modules linked in: [ 126.815884] CPU: 1 PID: 1173 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.816398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.817057] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.817366] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.818438] RSP: 0018:ffff88800ee87b78 EFLAGS: 00010246 [ 126.818759] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.819183] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 126.819601] RBP: ffff88800ee87b98 R08: ffffed10028ee53e R09: ffffed10028ee53e [ 126.820017] R10: ffff8880147729ef R11: ffffed10028ee53d R12: ffff888014772a90 [ 126.820437] R13: ffff8880147728a8 R14: ffffffffffffffff R15: ffff88800ee87c60 [ 126.820853] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.821325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.821666] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.822084] PKRU: 55555554 [ 126.822250] Call Trace: [ 126.822402] [ 126.822555] iommufd_ioas_destroy+0x53/0x70 [ 126.822816] iommufd_fops_release+0x1f7/0x370 [ 126.823088] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.823390] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.823685] ? write_comp_data+0x2f/0x90 [ 126.823934] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.824232] __fput+0x26d/0xa40 [ 126.824438] ____fput+0x1e/0x30 [ 126.824642] task_work_run+0x1a4/0x2d0 [ 126.824879] ? __pfx_task_work_run+0x10/0x10 [ 126.825145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.825437] ? switch_task_namespaces+0xa9/0xe0 [ 126.825721] do_exit+0xb17/0x2ef0 [ 126.825927] ? lock_acquire+0x427/0x4c0 [ 126.826171] ? __pfx_lock_release+0x10/0x10 [ 126.826432] ? __kasan_check_write+0x18/0x20 [ 126.826705] ? do_raw_spin_lock+0x132/0x2a0 [ 126.826962] ? __pfx_do_exit+0x10/0x10 [ 126.827207] ? debug_smp_processor_id+0x20/0x30 [ 126.827485] ? rcu_is_watching+0x19/0xb0 [ 126.827727] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.828000] ? trace_hardirqs_on+0x26/0x120 [ 126.828261] do_group_exit+0xe0/0x2b0 [ 126.828489] __x64_sys_exit_group+0x47/0x50 [ 126.828744] do_syscall_64+0x3b/0x90 [ 126.828971] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.829282] RIP: 0033:0x7f4b87518a4d [ 126.829501] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.829863] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.830307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.830736] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.831167] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.831585] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.832003] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.832429] [ 126.832567] irq event stamp: 0 [ 126.832753] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.833125] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.833616] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.834106] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.834478] ---[ end trace 0000000000000000 ]--- [ 126.838073] ------------[ cut here ]------------ [ 126.838369] WARNING: CPU: 1 PID: 1174 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.838991] Modules linked in: [ 126.839193] CPU: 1 PID: 1174 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.839710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.840374] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.840667] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.841740] RSP: 0018:ffff888017157bb8 EFLAGS: 00010246 [ 126.842052] RAX: 0000000000000000 RBX: ffff888016f6f8a8 RCX: 0000000000000000 [ 126.842470] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 126.842897] RBP: ffff888017157bd0 R08: ffffed1002dedf33 R09: ffffed1002dedf33 [ 126.843320] R10: ffff888016f6f993 R11: ffffed1002dedf32 R12: ffff888020a6b000 [ 126.843733] R13: ffff888016f6f9e8 R14: ffffffff8352e670 R15: ffff888017157e68 [ 126.844146] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.844612] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.844979] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 126.845392] PKRU: 55555554 [ 126.845557] Call Trace: [ 126.845707] [ 126.845840] __iommufd_access_detach+0x1c2/0x2b0 [ 126.846126] iommufd_access_change_pt+0x149/0x270 [ 126.846416] iommufd_access_replace+0xb4/0x120 [ 126.846703] iommufd_test+0x3e5/0x37e0 [ 126.846933] ? lock_release+0x532/0x770 [ 126.847180] ? __might_fault+0x102/0x1b0 [ 126.847424] ? lock_acquire+0x427/0x4c0 [ 126.847665] ? __pfx_iommufd_test+0x10/0x10 [ 126.847916] ? __pfx_lock_release+0x10/0x10 [ 126.848175] ? __pfx_lock_acquire+0x10/0x10 [ 126.848438] ? write_comp_data+0x2f/0x90 [ 126.848683] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.848972] ? write_comp_data+0x2f/0x90 [ 126.849218] iommufd_fops_ioctl+0x37d/0x510 [ 126.849474] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.849764] ? write_comp_data+0x2f/0x90 [ 126.850010] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.850295] __x64_sys_ioctl+0x1a3/0x230 [ 126.850552] do_syscall_64+0x3b/0x90 [ 126.850778] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.851086] RIP: 0033:0x7f4b8743ee5d [ 126.851308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.852363] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.852802] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.853214] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.853660] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.854073] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.854485] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.854915] [ 126.855053] irq event stamp: 0 [ 126.855240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.855605] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.856088] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.856571] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.856934] ---[ end trace 0000000000000000 ]--- [ 126.859046] ------------[ cut here ]------------ [ 126.859337] WARNING: CPU: 1 PID: 1174 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.859922] Modules linked in: [ 126.860110] CPU: 1 PID: 1174 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.860617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.861269] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.861559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.862625] RSP: 0018:ffff888017157bd0 EFLAGS: 00010246 [ 126.862934] RAX: 0000000000000000 RBX: ffff888016f6f8a8 RCX: 0000000000000000 [ 126.863352] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 126.863765] RBP: ffff888017157be8 R08: ffffed1002dedf33 R09: ffffed1002dedf33 [ 126.864177] R10: ffff888016f6f993 R11: ffffed1002dedf32 R12: ffff88801493f800 [ 126.864591] R13: ffff888016f6f9e8 R14: ffff888020a3c900 R15: 0000000000000000 [ 126.865003] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.865468] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.865804] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.866219] PKRU: 55555554 [ 126.866385] Call Trace: [ 126.866543] [ 126.866677] iommufd_access_destroy_object+0x65/0x170 [ 126.866981] iommufd_object_destroy_user+0x18e/0x220 [ 126.867286] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.867630] iommufd_access_destroy+0x43/0x70 [ 126.867901] iommufd_test_staccess_release+0x8d/0xd0 [ 126.868204] __fput+0x26d/0xa40 [ 126.868408] ____fput+0x1e/0x30 [ 126.868610] task_work_run+0x1a4/0x2d0 [ 126.868844] ? __pfx_task_work_run+0x10/0x10 [ 126.869106] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.869396] ? switch_task_namespaces+0xa9/0xe0 [ 126.869677] do_exit+0xb17/0x2ef0 [ 126.869880] ? lock_acquire+0x427/0x4c0 [ 126.870120] ? __pfx_lock_release+0x10/0x10 [ 126.870378] ? __kasan_check_write+0x18/0x20 [ 126.870649] ? do_raw_spin_lock+0x132/0x2a0 [ 126.870903] ? __pfx_do_exit+0x10/0x10 [ 126.871142] ? debug_smp_processor_id+0x20/0x30 [ 126.871416] ? rcu_is_watching+0x19/0xb0 [ 126.871656] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.871926] ? trace_hardirqs_on+0x26/0x120 [ 126.872187] do_group_exit+0xe0/0x2b0 [ 126.872412] __x64_sys_exit_group+0x47/0x50 [ 126.872664] do_syscall_64+0x3b/0x90 [ 126.872889] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.873197] RIP: 0033:0x7f4b87518a4d [ 126.873414] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.873770] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.874208] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.874630] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.875043] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.875460] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.875872] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.876291] [ 126.876427] irq event stamp: 0 [ 126.876613] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.877005] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.877489] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.877973] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.878337] ---[ end trace 0000000000000000 ]--- [ 126.878847] ------------[ cut here ]------------ [ 126.879123] WARNING: CPU: 1 PID: 1174 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.879711] Modules linked in: [ 126.879897] CPU: 1 PID: 1174 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.880404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.881055] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.881353] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.882407] RSP: 0018:ffff888017157b78 EFLAGS: 00010246 [ 126.882729] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.883148] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 126.883560] RBP: ffff888017157b98 R08: ffffed1002dedf3e R09: ffffed1002dedf3e [ 126.883973] R10: ffff888016f6f9ef R11: ffffed1002dedf3d R12: ffff888016f6fa90 [ 126.884385] R13: ffff888016f6f8a8 R14: ffffffffffffffff R15: ffff888017157c60 [ 126.884797] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.885261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.885601] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.886013] PKRU: 55555554 [ 126.886178] Call Trace: [ 126.886330] [ 126.886464] iommufd_ioas_destroy+0x53/0x70 [ 126.886728] iommufd_fops_release+0x1f7/0x370 [ 126.886997] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.887299] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.887589] ? write_comp_data+0x2f/0x90 [ 126.887836] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.888131] __fput+0x26d/0xa40 [ 126.888335] ____fput+0x1e/0x30 [ 126.888536] task_work_run+0x1a4/0x2d0 [ 126.888771] ? __pfx_task_work_run+0x10/0x10 [ 126.889033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.889322] ? switch_task_namespaces+0xa9/0xe0 [ 126.889603] do_exit+0xb17/0x2ef0 [ 126.889807] ? lock_acquire+0x427/0x4c0 [ 126.890046] ? __pfx_lock_release+0x10/0x10 [ 126.890304] ? __kasan_check_write+0x18/0x20 [ 126.890577] ? do_raw_spin_lock+0x132/0x2a0 [ 126.890833] ? __pfx_do_exit+0x10/0x10 [ 126.891069] ? debug_smp_processor_id+0x20/0x30 [ 126.891345] ? rcu_is_watching+0x19/0xb0 [ 126.891588] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.891857] ? trace_hardirqs_on+0x26/0x120 [ 126.892115] do_group_exit+0xe0/0x2b0 [ 126.892342] __x64_sys_exit_group+0x47/0x50 [ 126.892595] do_syscall_64+0x3b/0x90 [ 126.892820] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.893128] RIP: 0033:0x7f4b87518a4d [ 126.893345] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.893704] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.894144] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.894568] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.894981] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.895398] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.895811] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.896231] [ 126.896367] irq event stamp: 0 [ 126.896552] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.896915] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.897399] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.897884] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.898249] ---[ end trace 0000000000000000 ]--- [ 126.901837] ------------[ cut here ]------------ [ 126.902130] WARNING: CPU: 1 PID: 1175 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.902748] Modules linked in: [ 126.902939] CPU: 1 PID: 1175 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.903470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.904126] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.904421] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.905480] RSP: 0018:ffff88800f47fbb8 EFLAGS: 00010246 [ 126.905791] RAX: 0000000000000000 RBX: ffff888023eae8a8 RCX: 0000000000000000 [ 126.906206] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 126.906752] RBP: ffff88800f47fbd0 R08: ffffed10047d5d33 R09: ffffed10047d5d33 [ 126.907174] R10: ffff888023eae993 R11: ffffed10047d5d32 R12: ffff88800fe44000 [ 126.907590] R13: ffff888023eae9e8 R14: ffffffff8352e670 R15: ffff88800f47fe68 [ 126.908007] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.908479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.908818] CR2: 0000000020000140 CR3: 0000000020f36000 CR4: 0000000000750ee0 [ 126.909266] PKRU: 55555554 [ 126.909432] Call Trace: [ 126.909583] [ 126.909717] __iommufd_access_detach+0x1c2/0x2b0 [ 126.910004] iommufd_access_change_pt+0x149/0x270 [ 126.910296] iommufd_access_replace+0xb4/0x120 [ 126.910585] iommufd_test+0x3e5/0x37e0 [ 126.910816] ? lock_release+0x532/0x770 [ 126.911059] ? __might_fault+0x102/0x1b0 [ 126.911309] ? lock_acquire+0x427/0x4c0 [ 126.911552] ? __pfx_iommufd_test+0x10/0x10 [ 126.911804] ? __pfx_lock_release+0x10/0x10 [ 126.912064] ? __pfx_lock_acquire+0x10/0x10 [ 126.912328] ? write_comp_data+0x2f/0x90 [ 126.912577] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.912869] ? write_comp_data+0x2f/0x90 [ 126.913117] iommufd_fops_ioctl+0x37d/0x510 [ 126.913375] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.913667] ? write_comp_data+0x2f/0x90 [ 126.913915] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.914202] __x64_sys_ioctl+0x1a3/0x230 [ 126.914452] do_syscall_64+0x3b/0x90 [ 126.914688] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.914998] RIP: 0033:0x7f4b8743ee5d [ 126.915223] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.916287] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.916732] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.917148] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.917563] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.917978] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.918393] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.918823] [ 126.918960] irq event stamp: 0 [ 126.919149] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.919519] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.920005] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.920491] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.920858] ---[ end trace 0000000000000000 ]--- [ 126.922993] ------------[ cut here ]------------ [ 126.923281] WARNING: CPU: 1 PID: 1175 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.923868] Modules linked in: [ 126.924057] CPU: 1 PID: 1175 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.924563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.925209] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.925497] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.926724] RSP: 0018:ffff88800f47fbd0 EFLAGS: 00010246 [ 126.927031] RAX: 0000000000000000 RBX: ffff888023eae8a8 RCX: 0000000000000000 [ 126.927447] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 126.927857] RBP: ffff88800f47fbe8 R08: ffffed10047d5d33 R09: ffffed10047d5d33 [ 126.928268] R10: ffff888023eae993 R11: ffffed10047d5d32 R12: ffff888020a69c00 [ 126.928685] R13: ffff888023eae9e8 R14: ffff888013d63d00 R15: 0000000000000000 [ 126.929097] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.929563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.929900] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.930313] PKRU: 55555554 [ 126.930478] Call Trace: [ 126.930636] [ 126.930769] iommufd_access_destroy_object+0x65/0x170 [ 126.931073] iommufd_object_destroy_user+0x18e/0x220 [ 126.931375] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.931718] iommufd_access_destroy+0x43/0x70 [ 126.931988] iommufd_test_staccess_release+0x8d/0xd0 [ 126.932292] __fput+0x26d/0xa40 [ 126.932498] ____fput+0x1e/0x30 [ 126.932699] task_work_run+0x1a4/0x2d0 [ 126.932933] ? __pfx_task_work_run+0x10/0x10 [ 126.933198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.933487] ? switch_task_namespaces+0xa9/0xe0 [ 126.933769] do_exit+0xb17/0x2ef0 [ 126.933973] ? lock_acquire+0x427/0x4c0 [ 126.934216] ? __pfx_lock_release+0x10/0x10 [ 126.934473] ? __kasan_check_write+0x18/0x20 [ 126.934744] ? do_raw_spin_lock+0x132/0x2a0 [ 126.934999] ? __pfx_do_exit+0x10/0x10 [ 126.935237] ? debug_smp_processor_id+0x20/0x30 [ 126.935511] ? rcu_is_watching+0x19/0xb0 [ 126.935750] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.936019] ? trace_hardirqs_on+0x26/0x120 [ 126.936277] do_group_exit+0xe0/0x2b0 [ 126.936501] __x64_sys_exit_group+0x47/0x50 [ 126.936753] do_syscall_64+0x3b/0x90 [ 126.936978] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.937284] RIP: 0033:0x7f4b87518a4d [ 126.937500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.937855] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.938292] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.938711] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.939128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.939539] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.939950] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.940369] [ 126.940508] irq event stamp: 0 [ 126.940692] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.941083] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.941566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.942048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.942412] ---[ end trace 0000000000000000 ]--- [ 126.942923] ------------[ cut here ]------------ [ 126.943202] WARNING: CPU: 1 PID: 1175 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 126.943790] Modules linked in: [ 126.943976] CPU: 1 PID: 1175 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.944485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.945133] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 126.945430] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 126.946480] RSP: 0018:ffff88800f47fb78 EFLAGS: 00010246 [ 126.946794] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.947208] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 126.947619] RBP: ffff88800f47fb98 R08: ffffed10047d5d3e R09: ffffed10047d5d3e [ 126.948030] R10: ffff888023eae9ef R11: ffffed10047d5d3d R12: ffff888023eaea90 [ 126.948442] R13: ffff888023eae8a8 R14: ffffffffffffffff R15: ffff88800f47fc60 [ 126.948853] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.949317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.949654] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.950067] PKRU: 55555554 [ 126.950231] Call Trace: [ 126.950380] [ 126.950526] iommufd_ioas_destroy+0x53/0x70 [ 126.950782] iommufd_fops_release+0x1f7/0x370 [ 126.951050] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.951347] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.951638] ? write_comp_data+0x2f/0x90 [ 126.951883] ? __pfx_iommufd_fops_release+0x10/0x10 [ 126.952178] __fput+0x26d/0xa40 [ 126.952382] ____fput+0x1e/0x30 [ 126.952582] task_work_run+0x1a4/0x2d0 [ 126.952816] ? __pfx_task_work_run+0x10/0x10 [ 126.953078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.953367] ? switch_task_namespaces+0xa9/0xe0 [ 126.953647] do_exit+0xb17/0x2ef0 [ 126.953851] ? lock_acquire+0x427/0x4c0 [ 126.954090] ? __pfx_lock_release+0x10/0x10 [ 126.954350] ? __kasan_check_write+0x18/0x20 [ 126.954617] ? do_raw_spin_lock+0x132/0x2a0 [ 126.954872] ? __pfx_do_exit+0x10/0x10 [ 126.955108] ? debug_smp_processor_id+0x20/0x30 [ 126.955384] ? rcu_is_watching+0x19/0xb0 [ 126.955623] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.955891] ? trace_hardirqs_on+0x26/0x120 [ 126.956148] do_group_exit+0xe0/0x2b0 [ 126.956375] __x64_sys_exit_group+0x47/0x50 [ 126.956626] do_syscall_64+0x3b/0x90 [ 126.956849] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.957157] RIP: 0033:0x7f4b87518a4d [ 126.957373] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 126.957730] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 126.958168] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 126.958591] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 126.959003] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 126.959420] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 126.959831] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 126.960249] [ 126.960385] irq event stamp: 0 [ 126.960569] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.960933] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.961415] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.961898] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.962260] ---[ end trace 0000000000000000 ]--- [ 126.965846] ------------[ cut here ]------------ [ 126.966138] WARNING: CPU: 1 PID: 1176 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.966755] Modules linked in: [ 126.966944] CPU: 1 PID: 1176 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.967458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.968108] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.968397] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.969447] RSP: 0018:ffff8880219b7bb8 EFLAGS: 00010246 [ 126.969754] RAX: 0000000000000000 RBX: ffff88801057f0a8 RCX: 0000000000000000 [ 126.970166] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 126.970663] RBP: ffff8880219b7bd0 R08: ffffed10020afe33 R09: ffffed10020afe33 [ 126.971077] R10: ffff88801057f193 R11: ffffed10020afe32 R12: ffff88800f256800 [ 126.971496] R13: ffff88801057f1e8 R14: ffffffff8352e670 R15: ffff8880219b7e68 [ 126.971909] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.972374] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.972711] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ee0 [ 126.973153] PKRU: 55555554 [ 126.973318] Call Trace: [ 126.973470] [ 126.973603] __iommufd_access_detach+0x1c2/0x2b0 [ 126.973887] iommufd_access_change_pt+0x149/0x270 [ 126.974178] iommufd_access_replace+0xb4/0x120 [ 126.974455] iommufd_test+0x3e5/0x37e0 [ 126.974693] ? lock_release+0x532/0x770 [ 126.974933] ? __might_fault+0x102/0x1b0 [ 126.975179] ? lock_acquire+0x427/0x4c0 [ 126.975421] ? __pfx_iommufd_test+0x10/0x10 [ 126.975672] ? __pfx_lock_release+0x10/0x10 [ 126.975931] ? __pfx_lock_acquire+0x10/0x10 [ 126.976192] ? write_comp_data+0x2f/0x90 [ 126.976438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.976728] ? write_comp_data+0x2f/0x90 [ 126.976974] iommufd_fops_ioctl+0x37d/0x510 [ 126.977229] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.977521] ? write_comp_data+0x2f/0x90 [ 126.977767] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 126.978052] __x64_sys_ioctl+0x1a3/0x230 [ 126.978300] do_syscall_64+0x3b/0x90 [ 126.978536] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 126.978843] RIP: 0033:0x7f4b8743ee5d [ 126.979060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 126.980118] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 126.980560] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 126.980973] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 126.981387] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 126.981799] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 126.982211] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 126.982641] [ 126.982778] irq event stamp: 0 [ 126.982964] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 126.983333] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 126.983816] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 126.984300] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 126.984664] ---[ end trace 0000000000000000 ]--- [ 126.986790] ------------[ cut here ]------------ [ 126.987066] WARNING: CPU: 1 PID: 1176 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 126.987657] Modules linked in: [ 126.987843] CPU: 1 PID: 1176 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 126.988349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 126.988996] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 126.989284] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 126.990333] RSP: 0018:ffff8880219b7bd0 EFLAGS: 00010246 [ 126.990715] RAX: 0000000000000000 RBX: ffff88801057f0a8 RCX: 0000000000000000 [ 126.991129] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 126.991541] RBP: ffff8880219b7be8 R08: ffffed10020afe33 R09: ffffed10020afe33 [ 126.991951] R10: ffff88801057f193 R11: ffffed10020afe32 R12: ffff88800fe47000 [ 126.992365] R13: ffff88801057f1e8 R14: ffff888018bbb300 R15: 0000000000000000 [ 126.992775] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 126.993236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.993575] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 126.993985] PKRU: 55555554 [ 126.994149] Call Trace: [ 126.994298] [ 126.994430] iommufd_access_destroy_object+0x65/0x170 [ 126.994741] iommufd_object_destroy_user+0x18e/0x220 [ 126.995041] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 126.995385] iommufd_access_destroy+0x43/0x70 [ 126.995654] iommufd_test_staccess_release+0x8d/0xd0 [ 126.995957] __fput+0x26d/0xa40 [ 126.996160] ____fput+0x1e/0x30 [ 126.996361] task_work_run+0x1a4/0x2d0 [ 126.996595] ? __pfx_task_work_run+0x10/0x10 [ 126.996856] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 126.997145] ? switch_task_namespaces+0xa9/0xe0 [ 126.997424] do_exit+0xb17/0x2ef0 [ 126.997626] ? lock_acquire+0x427/0x4c0 [ 126.997865] ? __pfx_lock_release+0x10/0x10 [ 126.998122] ? __kasan_check_write+0x18/0x20 [ 126.998381] ? do_raw_spin_lock+0x132/0x2a0 [ 126.998642] ? __pfx_do_exit+0x10/0x10 [ 126.998878] ? debug_smp_processor_id+0x20/0x30 [ 126.999157] ? rcu_is_watching+0x19/0xb0 [ 126.999396] ? _raw_spin_unlock_irq+0x2b/0x60 [ 126.999664] ? trace_hardirqs_on+0x26/0x120 [ 126.999921] do_group_exit+0xe0/0x2b0 [ 127.000146] __x64_sys_exit_group+0x47/0x50 [ 127.000398] do_syscall_64+0x3b/0x90 [ 127.000622] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.000929] RIP: 0033:0x7f4b87518a4d [ 127.001145] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.001501] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.001939] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.002350] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.002769] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.003184] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.003594] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.004010] [ 127.004146] irq event stamp: 0 [ 127.004330] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.004695] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.005205] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.005691] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.006053] ---[ end trace 0000000000000000 ]--- [ 127.006568] ------------[ cut here ]------------ [ 127.006837] WARNING: CPU: 1 PID: 1176 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.007431] Modules linked in: [ 127.007618] CPU: 1 PID: 1176 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.008122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.008772] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.009068] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.010117] RSP: 0018:ffff8880219b7b78 EFLAGS: 00010246 [ 127.010425] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.010849] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 127.011264] RBP: ffff8880219b7b98 R08: ffffed10020afe3e R09: ffffed10020afe3e [ 127.011677] R10: ffff88801057f1ef R11: ffffed10020afe3d R12: ffff88801057f290 [ 127.012088] R13: ffff88801057f0a8 R14: ffffffffffffffff R15: ffff8880219b7c60 [ 127.012501] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.012965] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.013303] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.013714] PKRU: 55555554 [ 127.013879] Call Trace: [ 127.014028] [ 127.014161] iommufd_ioas_destroy+0x53/0x70 [ 127.014417] iommufd_fops_release+0x1f7/0x370 [ 127.014696] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.014990] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.015280] ? write_comp_data+0x2f/0x90 [ 127.015523] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.015815] __fput+0x26d/0xa40 [ 127.016018] ____fput+0x1e/0x30 [ 127.016217] task_work_run+0x1a4/0x2d0 [ 127.016453] ? __pfx_task_work_run+0x10/0x10 [ 127.016712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.016999] ? switch_task_namespaces+0xa9/0xe0 [ 127.017278] do_exit+0xb17/0x2ef0 [ 127.017481] ? lock_acquire+0x427/0x4c0 [ 127.017718] ? __pfx_lock_release+0x10/0x10 [ 127.017974] ? __kasan_check_write+0x18/0x20 [ 127.018233] ? do_raw_spin_lock+0x132/0x2a0 [ 127.018486] ? __pfx_do_exit+0x10/0x10 [ 127.018732] ? debug_smp_processor_id+0x20/0x30 [ 127.019003] ? rcu_is_watching+0x19/0xb0 [ 127.019243] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.019511] ? trace_hardirqs_on+0x26/0x120 [ 127.019766] do_group_exit+0xe0/0x2b0 [ 127.019989] __x64_sys_exit_group+0x47/0x50 [ 127.020239] do_syscall_64+0x3b/0x90 [ 127.020463] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.020768] RIP: 0033:0x7f4b87518a4d [ 127.020983] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.021336] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.021773] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.022180] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.022607] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.023018] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.023430] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.023843] [ 127.023980] irq event stamp: 0 [ 127.024161] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.024520] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.024995] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.025471] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.025830] ---[ end trace 0000000000000000 ]--- [ 127.029113] ------------[ cut here ]------------ [ 127.029398] WARNING: CPU: 1 PID: 1177 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.029978] Modules linked in: [ 127.030162] CPU: 1 PID: 1177 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.030772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.031423] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.031709] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.032749] RSP: 0018:ffff8880166afbb8 EFLAGS: 00010246 [ 127.033052] RAX: 0000000000000000 RBX: ffff888017b218a8 RCX: 0000000000000000 [ 127.033460] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 127.033866] RBP: ffff8880166afbd0 R08: ffffed1002f64333 R09: ffffed1002f64333 [ 127.034274] R10: ffff888017b21993 R11: ffffed1002f64332 R12: ffff888013df3000 [ 127.034712] R13: ffff888017b219e8 R14: ffffffff8352e670 R15: ffff8880166afe68 [ 127.035127] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.035598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.035930] CR2: 0000000020000140 CR3: 0000000020f46000 CR4: 0000000000750ee0 [ 127.036339] PKRU: 55555554 [ 127.036502] Call Trace: [ 127.036649] [ 127.036781] __iommufd_access_detach+0x1c2/0x2b0 [ 127.037091] iommufd_access_change_pt+0x149/0x270 [ 127.037378] iommufd_access_replace+0xb4/0x120 [ 127.037651] iommufd_test+0x3e5/0x37e0 [ 127.037878] ? lock_release+0x532/0x770 [ 127.038115] ? __might_fault+0x102/0x1b0 [ 127.038358] ? lock_acquire+0x427/0x4c0 [ 127.038606] ? __pfx_iommufd_test+0x10/0x10 [ 127.038856] ? __pfx_lock_release+0x10/0x10 [ 127.039114] ? __pfx_lock_acquire+0x10/0x10 [ 127.039371] ? write_comp_data+0x2f/0x90 [ 127.039615] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.039899] ? write_comp_data+0x2f/0x90 [ 127.040142] iommufd_fops_ioctl+0x37d/0x510 [ 127.040394] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.040680] ? write_comp_data+0x2f/0x90 [ 127.040924] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.041204] __x64_sys_ioctl+0x1a3/0x230 [ 127.041446] do_syscall_64+0x3b/0x90 [ 127.041668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.041972] RIP: 0033:0x7f4b8743ee5d [ 127.042185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.043233] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.043666] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.044074] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.044480] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.044886] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.045292] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.045704] [ 127.045839] irq event stamp: 0 [ 127.046021] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.046381] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.046867] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.047346] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.047704] ---[ end trace 0000000000000000 ]--- [ 127.049841] ------------[ cut here ]------------ [ 127.050114] WARNING: CPU: 1 PID: 1177 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.050711] Modules linked in: [ 127.050895] CPU: 1 PID: 1177 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.051402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.052042] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.052328] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.053363] RSP: 0018:ffff8880166afbd0 EFLAGS: 00010246 [ 127.053667] RAX: 0000000000000000 RBX: ffff888017b218a8 RCX: 0000000000000000 [ 127.054073] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 127.054481] RBP: ffff8880166afbe8 R08: ffffed1002f64333 R09: ffffed1002f64333 [ 127.054897] R10: ffff888017b21993 R11: ffffed1002f64332 R12: ffff88800f257c00 [ 127.055307] R13: ffff888017b219e8 R14: ffff888012fbcd00 R15: 0000000000000000 [ 127.055714] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.056171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.056504] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.056911] PKRU: 55555554 [ 127.057073] Call Trace: [ 127.057220] [ 127.057353] iommufd_access_destroy_object+0x65/0x170 [ 127.057652] iommufd_object_destroy_user+0x18e/0x220 [ 127.057949] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.058286] iommufd_access_destroy+0x43/0x70 [ 127.058563] iommufd_test_staccess_release+0x8d/0xd0 [ 127.058864] __fput+0x26d/0xa40 [ 127.059065] ____fput+0x1e/0x30 [ 127.059269] task_work_run+0x1a4/0x2d0 [ 127.059500] ? __pfx_task_work_run+0x10/0x10 [ 127.059759] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.060045] ? switch_task_namespaces+0xa9/0xe0 [ 127.060322] do_exit+0xb17/0x2ef0 [ 127.060523] ? lock_acquire+0x427/0x4c0 [ 127.060759] ? __pfx_lock_release+0x10/0x10 [ 127.061014] ? __kasan_check_write+0x18/0x20 [ 127.061315] ? do_raw_spin_lock+0x132/0x2a0 [ 127.061565] ? __pfx_do_exit+0x10/0x10 [ 127.061797] ? debug_smp_processor_id+0x20/0x30 [ 127.062066] ? rcu_is_watching+0x19/0xb0 [ 127.062303] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.062577] ? trace_hardirqs_on+0x26/0x120 [ 127.062831] do_group_exit+0xe0/0x2b0 [ 127.063052] __x64_sys_exit_group+0x47/0x50 [ 127.063306] do_syscall_64+0x3b/0x90 [ 127.063527] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.063829] RIP: 0033:0x7f4b87518a4d [ 127.064043] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.064394] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.064826] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.065231] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.065637] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.066041] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.066447] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.066869] [ 127.067004] irq event stamp: 0 [ 127.067193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.067553] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.068028] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.068504] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.068863] ---[ end trace 0000000000000000 ]--- [ 127.069371] ------------[ cut here ]------------ [ 127.069638] WARNING: CPU: 1 PID: 1177 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.070218] Modules linked in: [ 127.070401] CPU: 1 PID: 1177 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.070909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.071554] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.071848] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.072881] RSP: 0018:ffff8880166afb78 EFLAGS: 00010246 [ 127.073183] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.073586] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 127.073992] RBP: ffff8880166afb98 R08: ffffed1002f6433e R09: ffffed1002f6433e [ 127.074400] R10: ffff888017b219ef R11: ffffed1002f6433d R12: ffff888017b21a90 [ 127.074814] R13: ffff888017b218a8 R14: ffffffffffffffff R15: ffff8880166afc60 [ 127.075227] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.075693] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.076027] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.076437] PKRU: 55555554 [ 127.076600] Call Trace: [ 127.076749] [ 127.076881] iommufd_ioas_destroy+0x53/0x70 [ 127.077135] iommufd_fops_release+0x1f7/0x370 [ 127.077402] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.077694] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.077983] ? write_comp_data+0x2f/0x90 [ 127.078227] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.078529] __fput+0x26d/0xa40 [ 127.078733] ____fput+0x1e/0x30 [ 127.078931] task_work_run+0x1a4/0x2d0 [ 127.079167] ? __pfx_task_work_run+0x10/0x10 [ 127.079426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.079711] ? switch_task_namespaces+0xa9/0xe0 [ 127.079988] do_exit+0xb17/0x2ef0 [ 127.080189] ? lock_acquire+0x427/0x4c0 [ 127.080425] ? __pfx_lock_release+0x10/0x10 [ 127.080680] ? __kasan_check_write+0x18/0x20 [ 127.080936] ? do_raw_spin_lock+0x132/0x2a0 [ 127.081187] ? __pfx_do_exit+0x10/0x10 [ 127.081419] ? debug_smp_processor_id+0x20/0x30 [ 127.081689] ? rcu_is_watching+0x19/0xb0 [ 127.081924] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.082189] ? trace_hardirqs_on+0x26/0x120 [ 127.082442] do_group_exit+0xe0/0x2b0 [ 127.082672] __x64_sys_exit_group+0x47/0x50 [ 127.082920] do_syscall_64+0x3b/0x90 [ 127.083145] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.083448] RIP: 0033:0x7f4b87518a4d [ 127.083661] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.084011] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.084443] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.084849] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.085255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.085660] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.086065] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.086476] [ 127.086622] irq event stamp: 0 [ 127.086804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.087164] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.087641] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.088116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.088473] ---[ end trace 0000000000000000 ]--- [ 127.091867] ------------[ cut here ]------------ [ 127.092147] WARNING: CPU: 1 PID: 1178 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.092723] Modules linked in: [ 127.092908] CPU: 1 PID: 1178 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.093408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.094050] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.094337] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.095535] RSP: 0018:ffff888023fc7bb8 EFLAGS: 00010246 [ 127.095844] RAX: 0000000000000000 RBX: ffff888017be38a8 RCX: 0000000000000000 [ 127.096252] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 127.096658] RBP: ffff888023fc7bd0 R08: ffffed1002f7c733 R09: ffffed1002f7c733 [ 127.097064] R10: ffff888017be3993 R11: ffffed1002f7c732 R12: ffff888013b67800 [ 127.097471] R13: ffff888017be39e8 R14: ffffffff8352e670 R15: ffff888023fc7e68 [ 127.097878] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.098338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.098683] CR2: 0000000020000140 CR3: 0000000020f48000 CR4: 0000000000750ee0 [ 127.099091] PKRU: 55555554 [ 127.099258] Call Trace: [ 127.099406] [ 127.099537] __iommufd_access_detach+0x1c2/0x2b0 [ 127.099823] iommufd_access_change_pt+0x149/0x270 [ 127.100112] iommufd_access_replace+0xb4/0x120 [ 127.100385] iommufd_test+0x3e5/0x37e0 [ 127.100611] ? lock_release+0x532/0x770 [ 127.100849] ? __might_fault+0x102/0x1b0 [ 127.101124] ? lock_acquire+0x427/0x4c0 [ 127.101361] ? __pfx_iommufd_test+0x10/0x10 [ 127.101610] ? __pfx_lock_release+0x10/0x10 [ 127.101865] ? __pfx_lock_acquire+0x10/0x10 [ 127.102123] ? write_comp_data+0x2f/0x90 [ 127.102366] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.102664] ? write_comp_data+0x2f/0x90 [ 127.102909] iommufd_fops_ioctl+0x37d/0x510 [ 127.103170] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.103470] ? write_comp_data+0x2f/0x90 [ 127.103744] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.104048] __x64_sys_ioctl+0x1a3/0x230 [ 127.104314] do_syscall_64+0x3b/0x90 [ 127.104551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.104859] RIP: 0033:0x7f4b8743ee5d [ 127.105077] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.106136] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.106587] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.106997] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.107410] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.107821] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.108231] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.108646] [ 127.108783] irq event stamp: 0 [ 127.108966] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.109331] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.109816] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.110298] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.110678] ---[ end trace 0000000000000000 ]--- [ 127.112923] ------------[ cut here ]------------ [ 127.113209] WARNING: CPU: 1 PID: 1178 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.113794] Modules linked in: [ 127.113981] CPU: 1 PID: 1178 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.114493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.115169] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.115464] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.116515] RSP: 0018:ffff888023fc7bd0 EFLAGS: 00010246 [ 127.116826] RAX: 0000000000000000 RBX: ffff888017be38a8 RCX: 0000000000000000 [ 127.117235] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 127.117643] RBP: ffff888023fc7be8 R08: ffffed1002f7c733 R09: ffffed1002f7c733 [ 127.118058] R10: ffff888017be3993 R11: ffffed1002f7c732 R12: ffff888013df1c00 [ 127.118478] R13: ffff888017be39e8 R14: ffff888013a60c00 R15: 0000000000000000 [ 127.118920] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.119489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.119887] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.120313] PKRU: 55555554 [ 127.120479] Call Trace: [ 127.120631] [ 127.120764] iommufd_access_destroy_object+0x65/0x170 [ 127.121069] iommufd_object_destroy_user+0x18e/0x220 [ 127.121370] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.121719] iommufd_access_destroy+0x43/0x70 [ 127.121988] iommufd_test_staccess_release+0x8d/0xd0 [ 127.122292] __fput+0x26d/0xa40 [ 127.122498] ____fput+0x1e/0x30 [ 127.122719] task_work_run+0x1a4/0x2d0 [ 127.122954] ? __pfx_task_work_run+0x10/0x10 [ 127.123222] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.123516] ? switch_task_namespaces+0xa9/0xe0 [ 127.123799] do_exit+0xb17/0x2ef0 [ 127.124005] ? lock_acquire+0x427/0x4c0 [ 127.124246] ? __pfx_lock_release+0x10/0x10 [ 127.124505] ? __kasan_check_write+0x18/0x20 [ 127.124781] ? do_raw_spin_lock+0x132/0x2a0 [ 127.125038] ? __pfx_do_exit+0x10/0x10 [ 127.125276] ? debug_smp_processor_id+0x20/0x30 [ 127.125555] ? rcu_is_watching+0x19/0xb0 [ 127.125797] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.126068] ? trace_hardirqs_on+0x26/0x120 [ 127.126329] do_group_exit+0xe0/0x2b0 [ 127.126569] __x64_sys_exit_group+0x47/0x50 [ 127.126826] do_syscall_64+0x3b/0x90 [ 127.127056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.127378] RIP: 0033:0x7f4b87518a4d [ 127.127604] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.127968] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.128421] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.128841] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.129263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.129692] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.130112] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.130556] [ 127.130697] irq event stamp: 0 [ 127.130886] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.131270] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.131782] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.132283] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.132659] ---[ end trace 0000000000000000 ]--- [ 127.133257] ------------[ cut here ]------------ [ 127.133544] WARNING: CPU: 1 PID: 1178 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.134168] Modules linked in: [ 127.134364] CPU: 1 PID: 1178 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.134899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.135583] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.135894] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.136974] RSP: 0018:ffff888023fc7b78 EFLAGS: 00010246 [ 127.137295] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.137724] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 127.138161] RBP: ffff888023fc7b98 R08: ffffed1002f7c73e R09: ffffed1002f7c73e [ 127.138596] R10: ffff888017be39ef R11: ffffed1002f7c73d R12: ffff888017be3a90 [ 127.139021] R13: ffff888017be38a8 R14: ffffffffffffffff R15: ffff888023fc7c60 [ 127.139453] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.139926] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.140271] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.140691] PKRU: 55555554 [ 127.140859] Call Trace: [ 127.141011] [ 127.141148] iommufd_ioas_destroy+0x53/0x70 [ 127.141415] iommufd_fops_release+0x1f7/0x370 [ 127.141689] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.141988] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.142285] ? write_comp_data+0x2f/0x90 [ 127.142550] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.142867] __fput+0x26d/0xa40 [ 127.143147] ____fput+0x1e/0x30 [ 127.143419] task_work_run+0x1a4/0x2d0 [ 127.143728] ? __pfx_task_work_run+0x10/0x10 [ 127.144073] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.144383] ? switch_task_namespaces+0xa9/0xe0 [ 127.144676] do_exit+0xb17/0x2ef0 [ 127.144889] ? lock_acquire+0x427/0x4c0 [ 127.145180] ? __pfx_lock_release+0x10/0x10 [ 127.145497] ? __kasan_check_write+0x18/0x20 [ 127.145832] ? do_raw_spin_lock+0x132/0x2a0 [ 127.146156] ? __pfx_do_exit+0x10/0x10 [ 127.146442] ? debug_smp_processor_id+0x20/0x30 [ 127.146769] ? rcu_is_watching+0x19/0xb0 [ 127.147030] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.147324] ? trace_hardirqs_on+0x26/0x120 [ 127.147638] do_group_exit+0xe0/0x2b0 [ 127.147910] __x64_sys_exit_group+0x47/0x50 [ 127.148197] do_syscall_64+0x3b/0x90 [ 127.148450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.148796] RIP: 0033:0x7f4b87518a4d [ 127.149020] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.149386] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.149844] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.150264] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.150701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.151131] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.151552] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.151978] [ 127.152117] irq event stamp: 0 [ 127.152305] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.152678] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.153177] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.153673] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.154047] ---[ end trace 0000000000000000 ]--- [ 127.157229] ------------[ cut here ]------------ [ 127.157539] WARNING: CPU: 1 PID: 1179 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.158139] Modules linked in: [ 127.158330] CPU: 1 PID: 1179 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.158899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.159569] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.159864] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.160935] RSP: 0018:ffff888017237bb8 EFLAGS: 00010246 [ 127.161249] RAX: 0000000000000000 RBX: ffff888012a808a8 RCX: 0000000000000000 [ 127.161668] RDX: 0000000000000000 RSI: ffff888018898000 RDI: 0000000000000002 [ 127.162088] RBP: ffff888017237bd0 R08: ffffed1002550133 R09: ffffed1002550133 [ 127.162559] R10: ffff888012a80993 R11: ffffed1002550132 R12: ffff888013786000 [ 127.162980] R13: ffff888012a809e8 R14: ffffffff8352e670 R15: ffff888017237e68 [ 127.163405] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.163880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.164223] CR2: 0000000020000140 CR3: 0000000020f48000 CR4: 0000000000750ee0 [ 127.164642] PKRU: 55555554 [ 127.164814] Call Trace: [ 127.165025] [ 127.165163] __iommufd_access_detach+0x1c2/0x2b0 [ 127.165461] iommufd_access_change_pt+0x149/0x270 [ 127.165761] iommufd_access_replace+0xb4/0x120 [ 127.166047] iommufd_test+0x3e5/0x37e0 [ 127.166281] ? lock_release+0x532/0x770 [ 127.166547] ? __might_fault+0x102/0x1b0 [ 127.166798] ? lock_acquire+0x427/0x4c0 [ 127.167045] ? __pfx_iommufd_test+0x10/0x10 [ 127.167308] ? __pfx_lock_release+0x10/0x10 [ 127.167575] ? __pfx_lock_acquire+0x10/0x10 [ 127.167844] ? write_comp_data+0x2f/0x90 [ 127.168097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.168395] ? write_comp_data+0x2f/0x90 [ 127.168648] iommufd_fops_ioctl+0x37d/0x510 [ 127.168913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.169210] ? write_comp_data+0x2f/0x90 [ 127.169464] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.169760] __x64_sys_ioctl+0x1a3/0x230 [ 127.170020] do_syscall_64+0x3b/0x90 [ 127.170255] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.170597] RIP: 0033:0x7f4b8743ee5d [ 127.170824] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.171920] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.172377] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.172807] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.173234] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.173663] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.174087] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.174534] [ 127.174677] irq event stamp: 0 [ 127.174869] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.175250] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.175753] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.176251] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.176625] ---[ end trace 0000000000000000 ]--- [ 127.179238] ------------[ cut here ]------------ [ 127.179566] WARNING: CPU: 0 PID: 1179 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.180178] Modules linked in: [ 127.180369] CPU: 0 PID: 1179 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.180998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.181855] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.182151] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.183583] RSP: 0018:ffff888017237bd0 EFLAGS: 00010246 [ 127.183932] RAX: 0000000000000000 RBX: ffff888012a808a8 RCX: 0000000000000000 [ 127.184357] RDX: 0000000000000000 RSI: ffff888018898000 RDI: 0000000000000002 [ 127.184806] RBP: ffff888017237be8 R08: ffffed1002550133 R09: ffffed1002550133 [ 127.185299] R10: ffff888012a80993 R11: ffffed1002550132 R12: ffff888013b66800 [ 127.185870] R13: ffff888012a809e8 R14: ffff888010918d00 R15: 0000000000000000 [ 127.186445] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 127.187026] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.187377] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 127.187814] PKRU: 55555554 [ 127.187986] Call Trace: [ 127.188146] [ 127.188282] iommufd_access_destroy_object+0x65/0x170 [ 127.188590] iommufd_object_destroy_user+0x18e/0x220 [ 127.188976] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.189445] iommufd_access_destroy+0x43/0x70 [ 127.189811] iommufd_test_staccess_release+0x8d/0xd0 [ 127.190242] __fput+0x26d/0xa40 [ 127.190551] ____fput+0x1e/0x30 [ 127.190833] task_work_run+0x1a4/0x2d0 [ 127.191167] ? __pfx_task_work_run+0x10/0x10 [ 127.191532] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.191936] ? switch_task_namespaces+0xa9/0xe0 [ 127.192328] do_exit+0xb17/0x2ef0 [ 127.192606] ? lock_acquire+0x427/0x4c0 [ 127.192940] ? __pfx_lock_release+0x10/0x10 [ 127.193299] ? __kasan_check_write+0x18/0x20 [ 127.193665] ? do_raw_spin_lock+0x132/0x2a0 [ 127.194016] ? __pfx_do_exit+0x10/0x10 [ 127.194347] ? debug_smp_processor_id+0x20/0x30 [ 127.194776] ? rcu_is_watching+0x19/0xb0 [ 127.195132] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.195514] ? trace_hardirqs_on+0x26/0x120 [ 127.195872] do_group_exit+0xe0/0x2b0 [ 127.196187] __x64_sys_exit_group+0x47/0x50 [ 127.196554] do_syscall_64+0x3b/0x90 [ 127.196867] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.197307] RIP: 0033:0x7f4b87518a4d [ 127.197613] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.198126] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.198773] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.199382] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.199967] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.200553] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.201144] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.201733] [ 127.201930] irq event stamp: 0 [ 127.202193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.202731] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.203665] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.204458] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.205056] ---[ end trace 0000000000000000 ]--- [ 127.206007] ------------[ cut here ]------------ [ 127.206452] WARNING: CPU: 0 PID: 1179 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.207457] Modules linked in: [ 127.207773] CPU: 0 PID: 1179 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.208598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.209667] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.210159] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.211900] RSP: 0018:ffff888017237b78 EFLAGS: 00010246 [ 127.212413] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.213089] RDX: 0000000000000000 RSI: ffff888018898000 RDI: 0000000000000002 [ 127.213768] RBP: ffff888017237b98 R08: ffffed100255013e R09: ffffed100255013e [ 127.214442] R10: ffff888012a809ef R11: ffffed100255013d R12: ffff888012a80a90 [ 127.215147] R13: ffff888012a808a8 R14: ffffffffffffffff R15: ffff888017237c60 [ 127.215836] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 127.216601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.217158] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 127.217840] PKRU: 55555554 [ 127.218115] Call Trace: [ 127.218364] [ 127.218609] iommufd_ioas_destroy+0x53/0x70 [ 127.219034] iommufd_fops_release+0x1f7/0x370 [ 127.219483] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.219968] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.220448] ? write_comp_data+0x2f/0x90 [ 127.220853] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.221338] __fput+0x26d/0xa40 [ 127.221680] ____fput+0x1e/0x30 [ 127.222012] task_work_run+0x1a4/0x2d0 [ 127.222401] ? __pfx_task_work_run+0x10/0x10 [ 127.222855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.223344] ? switch_task_namespaces+0xa9/0xe0 [ 127.223809] do_exit+0xb17/0x2ef0 [ 127.224148] ? lock_acquire+0x427/0x4c0 [ 127.224545] ? __pfx_lock_release+0x10/0x10 [ 127.224971] ? __kasan_check_write+0x18/0x20 [ 127.225401] ? do_raw_spin_lock+0x132/0x2a0 [ 127.225819] ? __pfx_do_exit+0x10/0x10 [ 127.226206] ? debug_smp_processor_id+0x20/0x30 [ 127.226678] ? rcu_is_watching+0x19/0xb0 [ 127.227075] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.227525] ? trace_hardirqs_on+0x26/0x120 [ 127.227950] do_group_exit+0xe0/0x2b0 [ 127.228322] __x64_sys_exit_group+0x47/0x50 [ 127.228737] do_syscall_64+0x3b/0x90 [ 127.229110] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.229615] RIP: 0033:0x7f4b87518a4d [ 127.229974] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.230578] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.231302] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.231980] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.232658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.233332] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.234007] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.234712] [ 127.234944] irq event stamp: 0 [ 127.235259] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.235672] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.236204] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.236733] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.237131] ---[ end trace 0000000000000000 ]--- [ 127.240257] ------------[ cut here ]------------ [ 127.240568] WARNING: CPU: 0 PID: 1180 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.241210] Modules linked in: [ 127.241415] CPU: 0 PID: 1180 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.241968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.242693] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.243012] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.244164] RSP: 0018:ffff888013ab7bb8 EFLAGS: 00010246 [ 127.244499] RAX: 0000000000000000 RBX: ffff8880135778a8 RCX: 0000000000000000 [ 127.244937] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 127.245375] RBP: ffff888013ab7bd0 R08: ffffed10026aef33 R09: ffffed10026aef33 [ 127.245812] R10: ffff888013577993 R11: ffffed10026aef32 R12: ffff888010572c00 [ 127.246249] R13: ffff8880135779e8 R14: ffffffff8352e670 R15: ffff888013ab7e68 [ 127.246698] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 127.247194] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.247556] CR2: 0000000020000140 CR3: 0000000020f46000 CR4: 0000000000750ef0 [ 127.247996] PKRU: 55555554 [ 127.248171] Call Trace: [ 127.248328] [ 127.248469] __iommufd_access_detach+0x1c2/0x2b0 [ 127.248772] iommufd_access_change_pt+0x149/0x270 [ 127.249079] iommufd_access_replace+0xb4/0x120 [ 127.249372] iommufd_test+0x3e5/0x37e0 [ 127.249614] ? lock_release+0x532/0x770 [ 127.249869] ? __might_fault+0x102/0x1b0 [ 127.250128] ? lock_acquire+0x427/0x4c0 [ 127.250386] ? __pfx_iommufd_test+0x10/0x10 [ 127.250664] ? __pfx_lock_release+0x10/0x10 [ 127.250939] ? __pfx_lock_acquire+0x10/0x10 [ 127.251221] ? write_comp_data+0x2f/0x90 [ 127.251482] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.251789] ? write_comp_data+0x2f/0x90 [ 127.252050] iommufd_fops_ioctl+0x37d/0x510 [ 127.252322] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.252629] ? write_comp_data+0x2f/0x90 [ 127.252890] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.253193] __x64_sys_ioctl+0x1a3/0x230 [ 127.253455] do_syscall_64+0x3b/0x90 [ 127.253696] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.254024] RIP: 0033:0x7f4b8743ee5d [ 127.254255] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.255394] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.255864] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.256301] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.256738] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.257175] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.257614] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.258057] [ 127.258202] irq event stamp: 0 [ 127.258398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.258796] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.259311] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.259819] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.260205] ---[ end trace 0000000000000000 ]--- [ 127.262469] ------------[ cut here ]------------ [ 127.262777] WARNING: CPU: 0 PID: 1180 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.263404] Modules linked in: [ 127.263601] CPU: 0 PID: 1180 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.264139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.264830] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.265135] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.266253] RSP: 0018:ffff888013ab7bd0 EFLAGS: 00010246 [ 127.266591] RAX: 0000000000000000 RBX: ffff8880135778a8 RCX: 0000000000000000 [ 127.267020] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 127.267450] RBP: ffff888013ab7be8 R08: ffffed10026aef33 R09: ffffed10026aef33 [ 127.267881] R10: ffff888013577993 R11: ffffed10026aef32 R12: ffff888014111000 [ 127.268316] R13: ffff8880135779e8 R14: ffff88800f53f400 R15: 0000000000000000 [ 127.268749] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 127.269240] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.269591] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 127.270019] PKRU: 55555554 [ 127.270190] Call Trace: [ 127.270347] [ 127.270485] iommufd_access_destroy_object+0x65/0x170 [ 127.270808] iommufd_object_destroy_user+0x18e/0x220 [ 127.271123] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.271475] iommufd_access_destroy+0x43/0x70 [ 127.271754] iommufd_test_staccess_release+0x8d/0xd0 [ 127.272070] __fput+0x26d/0xa40 [ 127.272284] ____fput+0x1e/0x30 [ 127.272493] task_work_run+0x1a4/0x2d0 [ 127.272737] ? __pfx_task_work_run+0x10/0x10 [ 127.273010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.273311] ? switch_task_namespaces+0xa9/0xe0 [ 127.273603] do_exit+0xb17/0x2ef0 [ 127.273815] ? lock_acquire+0x427/0x4c0 [ 127.274064] ? __pfx_lock_release+0x10/0x10 [ 127.274332] ? __kasan_check_write+0x18/0x20 [ 127.274611] ? do_raw_spin_lock+0x132/0x2a0 [ 127.274877] ? __pfx_do_exit+0x10/0x10 [ 127.275124] ? debug_smp_processor_id+0x20/0x30 [ 127.275413] ? rcu_is_watching+0x19/0xb0 [ 127.275663] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.275944] ? trace_hardirqs_on+0x26/0x120 [ 127.276213] do_group_exit+0xe0/0x2b0 [ 127.276449] __x64_sys_exit_group+0x47/0x50 [ 127.276710] do_syscall_64+0x3b/0x90 [ 127.276940] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.277257] RIP: 0033:0x7f4b87518a4d [ 127.277480] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.277852] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.278310] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.278746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.279175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.279598] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.280020] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.280448] [ 127.280587] irq event stamp: 0 [ 127.280776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.281147] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.281641] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.282134] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.282516] ---[ end trace 0000000000000000 ]--- [ 127.283032] ------------[ cut here ]------------ [ 127.283313] WARNING: CPU: 0 PID: 1180 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.283923] Modules linked in: [ 127.284116] CPU: 0 PID: 1180 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.284641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.285315] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.285623] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.286723] RSP: 0018:ffff888013ab7b78 EFLAGS: 00010246 [ 127.287044] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.287474] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 127.287901] RBP: ffff888013ab7b98 R08: ffffed10026aef3e R09: ffffed10026aef3e [ 127.288329] R10: ffff8880135779ef R11: ffffed10026aef3d R12: ffff888013577a90 [ 127.288755] R13: ffff8880135778a8 R14: ffffffffffffffff R15: ffff888013ab7c60 [ 127.289183] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 127.289664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.290013] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 127.290443] PKRU: 55555554 [ 127.290620] Call Trace: [ 127.290774] [ 127.290911] iommufd_ioas_destroy+0x53/0x70 [ 127.291177] iommufd_fops_release+0x1f7/0x370 [ 127.291452] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.291754] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.292052] ? write_comp_data+0x2f/0x90 [ 127.292305] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.292608] __fput+0x26d/0xa40 [ 127.292817] ____fput+0x1e/0x30 [ 127.293052] task_work_run+0x1a4/0x2d0 [ 127.293293] ? __pfx_task_work_run+0x10/0x10 [ 127.293562] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.293860] ? switch_task_namespaces+0xa9/0xe0 [ 127.294148] do_exit+0xb17/0x2ef0 [ 127.294358] ? lock_acquire+0x427/0x4c0 [ 127.294612] ? __pfx_lock_release+0x10/0x10 [ 127.294878] ? __kasan_check_write+0x18/0x20 [ 127.295149] ? do_raw_spin_lock+0x132/0x2a0 [ 127.295410] ? __pfx_do_exit+0x10/0x10 [ 127.295651] ? debug_smp_processor_id+0x20/0x30 [ 127.295933] ? rcu_is_watching+0x19/0xb0 [ 127.296178] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.296455] ? trace_hardirqs_on+0x26/0x120 [ 127.296719] do_group_exit+0xe0/0x2b0 [ 127.296950] __x64_sys_exit_group+0x47/0x50 [ 127.297209] do_syscall_64+0x3b/0x90 [ 127.297440] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.297756] RIP: 0033:0x7f4b87518a4d [ 127.297978] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.298345] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.298804] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.299235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.299657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.300078] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.300498] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.300925] [ 127.301065] irq event stamp: 0 [ 127.301253] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.301625] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.302119] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.302620] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.302994] ---[ end trace 0000000000000000 ]--- [ 127.306830] ------------[ cut here ]------------ [ 127.307139] WARNING: CPU: 0 PID: 1181 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.307737] Modules linked in: [ 127.307927] CPU: 0 PID: 1181 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.308442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.309115] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.309409] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.310478] RSP: 0018:ffff8880121cfbb8 EFLAGS: 00010246 [ 127.310868] RAX: 0000000000000000 RBX: ffff888015d078a8 RCX: 0000000000000000 [ 127.311304] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 127.311726] RBP: ffff8880121cfbd0 R08: ffffed1002ba0f33 R09: ffffed1002ba0f33 [ 127.312144] R10: ffff888015d07993 R11: ffffed1002ba0f32 R12: ffff888018a69000 [ 127.312564] R13: ffff888015d079e8 R14: ffffffff8352e670 R15: ffff8880121cfe68 [ 127.312983] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 127.313456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.313798] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ef0 [ 127.314217] PKRU: 55555554 [ 127.314386] Call Trace: [ 127.314551] [ 127.314687] __iommufd_access_detach+0x1c2/0x2b0 [ 127.314978] iommufd_access_change_pt+0x149/0x270 [ 127.315277] iommufd_access_replace+0xb4/0x120 [ 127.315559] iommufd_test+0x3e5/0x37e0 [ 127.315792] ? lock_release+0x532/0x770 [ 127.316036] ? __might_fault+0x102/0x1b0 [ 127.316282] ? lock_acquire+0x427/0x4c0 [ 127.316526] ? __pfx_iommufd_test+0x10/0x10 [ 127.316782] ? __pfx_lock_release+0x10/0x10 [ 127.317045] ? __pfx_lock_acquire+0x10/0x10 [ 127.317309] ? write_comp_data+0x2f/0x90 [ 127.317558] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.317851] ? write_comp_data+0x2f/0x90 [ 127.318102] iommufd_fops_ioctl+0x37d/0x510 [ 127.318362] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.318664] ? write_comp_data+0x2f/0x90 [ 127.318913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.319210] __x64_sys_ioctl+0x1a3/0x230 [ 127.319461] do_syscall_64+0x3b/0x90 [ 127.319690] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.320002] RIP: 0033:0x7f4b8743ee5d [ 127.320222] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.321288] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.321733] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.322151] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.322578] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.322998] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.323640] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.324284] [ 127.324497] irq event stamp: 0 [ 127.324782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.325340] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.326076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.326838] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.327408] ---[ end trace 0000000000000000 ]--- [ 127.330750] ------------[ cut here ]------------ [ 127.331173] WARNING: CPU: 0 PID: 1181 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.332042] Modules linked in: [ 127.332325] CPU: 0 PID: 1181 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.333074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.334030] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.334459] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.336027] RSP: 0018:ffff8880121cfbd0 EFLAGS: 00010246 [ 127.336487] RAX: 0000000000000000 RBX: ffff888015d078a8 RCX: 0000000000000000 [ 127.337093] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 127.337698] RBP: ffff8880121cfbe8 R08: ffffed1002ba0f33 R09: ffffed1002ba0f33 [ 127.338304] R10: ffff888015d07993 R11: ffffed1002ba0f32 R12: ffff888010572000 [ 127.338925] R13: ffff888015d079e8 R14: ffff888020f60100 R15: 0000000000000000 [ 127.339539] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 127.340224] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.340724] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 127.341333] PKRU: 55555554 [ 127.341580] Call Trace: [ 127.341805] [ 127.342005] iommufd_access_destroy_object+0x65/0x170 [ 127.342455] iommufd_object_destroy_user+0x18e/0x220 [ 127.342909] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.343384] iommufd_access_destroy+0x43/0x70 [ 127.343652] iommufd_test_staccess_release+0x8d/0xd0 [ 127.343941] __fput+0x26d/0xa40 [ 127.344139] ____fput+0x1e/0x30 [ 127.344356] task_work_run+0x1a4/0x2d0 [ 127.344592] ? __pfx_task_work_run+0x10/0x10 [ 127.344858] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.345148] ? switch_task_namespaces+0xa9/0xe0 [ 127.345441] do_exit+0xb17/0x2ef0 [ 127.345632] ? lock_acquire+0x427/0x4c0 [ 127.345857] ? __pfx_lock_release+0x10/0x10 [ 127.346098] ? __kasan_check_write+0x18/0x20 [ 127.346342] ? do_raw_spin_lock+0x132/0x2a0 [ 127.346624] ? __pfx_do_exit+0x10/0x10 [ 127.346862] ? debug_smp_processor_id+0x20/0x30 [ 127.347145] ? rcu_is_watching+0x19/0xb0 [ 127.347388] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.347677] ? trace_hardirqs_on+0x26/0x120 [ 127.347919] do_group_exit+0xe0/0x2b0 [ 127.348130] __x64_sys_exit_group+0x47/0x50 [ 127.348368] do_syscall_64+0x3b/0x90 [ 127.348589] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.348891] RIP: 0033:0x7f4b87518a4d [ 127.349095] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.349430] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.349856] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.350272] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.350712] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.351133] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.351553] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.351983] [ 127.352121] irq event stamp: 0 [ 127.352307] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.352682] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.353180] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.353651] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.354005] ---[ end trace 0000000000000000 ]--- [ 127.354490] ------------[ cut here ]------------ [ 127.354783] WARNING: CPU: 0 PID: 1181 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.355380] Modules linked in: [ 127.355576] CPU: 0 PID: 1181 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.356113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.356733] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.357037] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.358109] RSP: 0018:ffff8880121cfb78 EFLAGS: 00010246 [ 127.358430] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.358862] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 127.359313] RBP: ffff8880121cfb98 R08: ffffed1002ba0f3e R09: ffffed1002ba0f3e [ 127.359739] R10: ffff888015d079ef R11: ffffed1002ba0f3d R12: ffff888015d07a90 [ 127.360149] R13: ffff888015d078a8 R14: ffffffffffffffff R15: ffff8880121cfc60 [ 127.360583] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 127.361061] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.361436] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 127.361853] PKRU: 55555554 [ 127.362018] Call Trace: [ 127.362192] [ 127.362343] iommufd_ioas_destroy+0x53/0x70 [ 127.362633] iommufd_fops_release+0x1f7/0x370 [ 127.362903] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.363223] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.363545] ? write_comp_data+0x2f/0x90 [ 127.363791] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.364086] __fput+0x26d/0xa40 [ 127.364308] ____fput+0x1e/0x30 [ 127.364554] task_work_run+0x1a4/0x2d0 [ 127.364796] ? __pfx_task_work_run+0x10/0x10 [ 127.365037] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.365313] ? switch_task_namespaces+0xa9/0xe0 [ 127.365625] do_exit+0xb17/0x2ef0 [ 127.365823] ? lock_acquire+0x427/0x4c0 [ 127.366063] ? __pfx_lock_release+0x10/0x10 [ 127.366326] ? __kasan_check_write+0x18/0x20 [ 127.366654] ? do_raw_spin_lock+0x132/0x2a0 [ 127.366922] ? __pfx_do_exit+0x10/0x10 [ 127.367162] ? debug_smp_processor_id+0x20/0x30 [ 127.367447] ? rcu_is_watching+0x19/0xb0 [ 127.367739] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.368010] ? trace_hardirqs_on+0x26/0x120 [ 127.368266] do_group_exit+0xe0/0x2b0 [ 127.368498] __x64_sys_exit_group+0x47/0x50 [ 127.368793] do_syscall_64+0x3b/0x90 [ 127.369019] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.369320] RIP: 0033:0x7f4b87518a4d [ 127.369521] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.369894] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.370300] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.370744] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.371199] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.371608] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.372036] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.372421] [ 127.372546] irq event stamp: 0 [ 127.372731] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.373120] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.373566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.374070] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.374453] ---[ end trace 0000000000000000 ]--- [ 127.377478] ------------[ cut here ]------------ [ 127.377762] WARNING: CPU: 1 PID: 1182 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.378360] Modules linked in: [ 127.378566] CPU: 1 PID: 1182 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.379072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.379736] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.380026] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.381081] RSP: 0018:ffff888017237bb8 EFLAGS: 00010246 [ 127.381388] RAX: 0000000000000000 RBX: ffff888016f1b8a8 RCX: 0000000000000000 [ 127.381808] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 127.382217] RBP: ffff888017237bd0 R08: ffffed1002de3733 R09: ffffed1002de3733 [ 127.382670] R10: ffff888016f1b993 R11: ffffed1002de3732 R12: ffff88801853b000 [ 127.383083] R13: ffff888016f1b9e8 R14: ffffffff8352e670 R15: ffff888017237e68 [ 127.383499] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.383970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.384304] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ee0 [ 127.384724] PKRU: 55555554 [ 127.384887] Call Trace: [ 127.385035] [ 127.385167] __iommufd_access_detach+0x1c2/0x2b0 [ 127.385448] iommufd_access_change_pt+0x149/0x270 [ 127.385817] iommufd_access_replace+0xb4/0x120 [ 127.386145] iommufd_test+0x3e5/0x37e0 [ 127.386401] ? lock_release+0x532/0x770 [ 127.386658] ? __might_fault+0x102/0x1b0 [ 127.386914] ? lock_acquire+0x427/0x4c0 [ 127.387161] ? __pfx_iommufd_test+0x10/0x10 [ 127.387418] ? __pfx_lock_release+0x10/0x10 [ 127.387681] ? __pfx_lock_acquire+0x10/0x10 [ 127.387953] ? write_comp_data+0x2f/0x90 [ 127.388205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.388499] ? write_comp_data+0x2f/0x90 [ 127.388774] iommufd_fops_ioctl+0x37d/0x510 [ 127.389076] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.389367] ? write_comp_data+0x2f/0x90 [ 127.389613] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.389899] __x64_sys_ioctl+0x1a3/0x230 [ 127.390171] do_syscall_64+0x3b/0x90 [ 127.390407] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.390760] RIP: 0033:0x7f4b8743ee5d [ 127.390978] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.392097] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.392549] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.392964] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.393448] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.393862] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.394274] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.394711] [ 127.394848] irq event stamp: 0 [ 127.395032] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.395435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.395960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.396448] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.396817] ---[ end trace 0000000000000000 ]--- [ 127.399216] ------------[ cut here ]------------ [ 127.399504] WARNING: CPU: 1 PID: 1182 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.400099] Modules linked in: [ 127.400286] CPU: 1 PID: 1182 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.400868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.401517] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.401827] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.403146] RSP: 0018:ffff888017237bd0 EFLAGS: 00010246 [ 127.403468] RAX: 0000000000000000 RBX: ffff888016f1b8a8 RCX: 0000000000000000 [ 127.403935] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 127.404358] RBP: ffff888017237be8 R08: ffffed1002de3733 R09: ffffed1002de3733 [ 127.404772] R10: ffff888016f1b993 R11: ffffed1002de3732 R12: ffff888013787800 [ 127.405234] R13: ffff888016f1b9e8 R14: ffff8880138ab300 R15: 0000000000000000 [ 127.405648] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.406121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.406491] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.406931] PKRU: 55555554 [ 127.407097] Call Trace: [ 127.407261] [ 127.407394] iommufd_access_destroy_object+0x65/0x170 [ 127.407701] iommufd_object_destroy_user+0x18e/0x220 [ 127.408002] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.408381] iommufd_access_destroy+0x43/0x70 [ 127.408689] iommufd_test_staccess_release+0x8d/0xd0 [ 127.408994] __fput+0x26d/0xa40 [ 127.409201] ____fput+0x1e/0x30 [ 127.409412] task_work_run+0x1a4/0x2d0 [ 127.409648] ? __pfx_task_work_run+0x10/0x10 [ 127.409936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.410268] ? switch_task_namespaces+0xa9/0xe0 [ 127.410571] do_exit+0xb17/0x2ef0 [ 127.410777] ? lock_acquire+0x427/0x4c0 [ 127.411019] ? __pfx_lock_release+0x10/0x10 [ 127.411283] ? __kasan_check_write+0x18/0x20 [ 127.411555] ? do_raw_spin_lock+0x132/0x2a0 [ 127.411839] ? __pfx_do_exit+0x10/0x10 [ 127.412116] ? debug_smp_processor_id+0x20/0x30 [ 127.412395] ? rcu_is_watching+0x19/0xb0 [ 127.412644] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.412915] ? trace_hardirqs_on+0x26/0x120 [ 127.413187] do_group_exit+0xe0/0x2b0 [ 127.413434] __x64_sys_exit_group+0x47/0x50 [ 127.413695] do_syscall_64+0x3b/0x90 [ 127.413921] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.414228] RIP: 0033:0x7f4b87518a4d [ 127.414454] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.414860] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.415308] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.415729] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.416143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.416591] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.417028] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.417451] [ 127.417588] irq event stamp: 0 [ 127.417773] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.418189] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.418691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.419191] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.419559] ---[ end trace 0000000000000000 ]--- [ 127.420223] ------------[ cut here ]------------ [ 127.420498] WARNING: CPU: 1 PID: 1182 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.421101] Modules linked in: [ 127.421315] CPU: 1 PID: 1182 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.421839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.422498] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.422815] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.423925] RSP: 0018:ffff888017237b78 EFLAGS: 00010246 [ 127.424245] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.424716] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 127.425127] RBP: ffff888017237b98 R08: ffffed1002de373e R09: ffffed1002de373e [ 127.425549] R10: ffff888016f1b9ef R11: ffffed1002de373d R12: ffff888016f1ba90 [ 127.426026] R13: ffff888016f1b8a8 R14: ffffffffffffffff R15: ffff888017237c60 [ 127.426451] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.427069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.427412] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.427884] PKRU: 55555554 [ 127.428049] Call Trace: [ 127.428201] [ 127.428335] iommufd_ioas_destroy+0x53/0x70 [ 127.428602] iommufd_fops_release+0x1f7/0x370 [ 127.428870] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.429203] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.429493] ? write_comp_data+0x2f/0x90 [ 127.429750] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.430046] __fput+0x26d/0xa40 [ 127.430251] ____fput+0x1e/0x30 [ 127.430477] task_work_run+0x1a4/0x2d0 [ 127.430750] ? __pfx_task_work_run+0x10/0x10 [ 127.431013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.431315] ? switch_task_namespaces+0xa9/0xe0 [ 127.431596] do_exit+0xb17/0x2ef0 [ 127.431816] ? lock_acquire+0x427/0x4c0 [ 127.432059] ? __pfx_lock_release+0x10/0x10 [ 127.432344] ? __kasan_check_write+0x18/0x20 [ 127.432652] ? do_raw_spin_lock+0x132/0x2a0 [ 127.432917] ? __pfx_do_exit+0x10/0x10 [ 127.433154] ? debug_smp_processor_id+0x20/0x30 [ 127.433431] ? rcu_is_watching+0x19/0xb0 [ 127.433698] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.434022] ? trace_hardirqs_on+0x26/0x120 [ 127.434281] do_group_exit+0xe0/0x2b0 [ 127.434527] __x64_sys_exit_group+0x47/0x50 [ 127.434779] do_syscall_64+0x3b/0x90 [ 127.435014] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.435360] RIP: 0033:0x7f4b87518a4d [ 127.435597] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.435956] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.436406] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.436844] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.437283] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.437700] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.438114] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.438599] [ 127.438737] irq event stamp: 0 [ 127.438923] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.439307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.439795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.440361] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.440726] ---[ end trace 0000000000000000 ]--- [ 127.444073] ------------[ cut here ]------------ [ 127.444377] WARNING: CPU: 1 PID: 1183 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.445005] Modules linked in: [ 127.445194] CPU: 1 PID: 1183 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.445709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.446412] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.446721] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.447850] RSP: 0018:ffff88800fb2fbb8 EFLAGS: 00010246 [ 127.448162] RAX: 0000000000000000 RBX: ffff888012b050a8 RCX: 0000000000000000 [ 127.448573] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 127.449016] RBP: ffff88800fb2fbd0 R08: ffffed1002560a33 R09: ffffed1002560a33 [ 127.449447] R10: ffff888012b05193 R11: ffffed1002560a32 R12: ffff888013b15000 [ 127.449861] R13: ffff888012b051e8 R14: ffffffff8352e670 R15: ffff88800fb2fe68 [ 127.450310] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.450804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.451157] CR2: 0000000020000140 CR3: 0000000020eb6000 CR4: 0000000000750ee0 [ 127.451573] PKRU: 55555554 [ 127.451748] Call Trace: [ 127.451916] [ 127.452094] __iommufd_access_detach+0x1c2/0x2b0 [ 127.452394] iommufd_access_change_pt+0x149/0x270 [ 127.452685] iommufd_access_replace+0xb4/0x120 [ 127.452963] iommufd_test+0x3e5/0x37e0 [ 127.453202] ? lock_release+0x532/0x770 [ 127.453471] ? __might_fault+0x102/0x1b0 [ 127.453763] ? lock_acquire+0x427/0x4c0 [ 127.454007] ? __pfx_iommufd_test+0x10/0x10 [ 127.454268] ? __pfx_lock_release+0x10/0x10 [ 127.454548] ? __pfx_lock_acquire+0x10/0x10 [ 127.454811] ? write_comp_data+0x2f/0x90 [ 127.455073] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.455426] ? write_comp_data+0x2f/0x90 [ 127.455675] iommufd_fops_ioctl+0x37d/0x510 [ 127.455934] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.456225] ? write_comp_data+0x2f/0x90 [ 127.456495] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.456833] __x64_sys_ioctl+0x1a3/0x230 [ 127.457081] do_syscall_64+0x3b/0x90 [ 127.457309] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.457632] RIP: 0033:0x7f4b8743ee5d [ 127.457852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.459012] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.459460] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.459914] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.460374] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.460804] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.461248] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.461718] [ 127.461865] irq event stamp: 0 [ 127.462052] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.462433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.462990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.463490] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.463859] ---[ end trace 0000000000000000 ]--- [ 127.466080] ------------[ cut here ]------------ [ 127.466364] WARNING: CPU: 1 PID: 1183 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.467004] Modules linked in: [ 127.467252] CPU: 1 PID: 1183 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.467763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.468427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.468742] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.469886] RSP: 0018:ffff88800fb2fbd0 EFLAGS: 00010246 [ 127.470241] RAX: 0000000000000000 RBX: ffff888012b050a8 RCX: 0000000000000000 [ 127.470682] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 127.471099] RBP: ffff88800fb2fbe8 R08: ffffed1002560a33 R09: ffffed1002560a33 [ 127.471542] R10: ffff888012b05193 R11: ffffed1002560a32 R12: ffff888018539c00 [ 127.472016] R13: ffff888012b051e8 R14: ffff88800fcc1c00 R15: 0000000000000000 [ 127.472435] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.472932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.473318] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.473745] PKRU: 55555554 [ 127.473913] Call Trace: [ 127.474064] [ 127.474198] iommufd_access_destroy_object+0x65/0x170 [ 127.474564] iommufd_object_destroy_user+0x18e/0x220 [ 127.474923] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.475273] iommufd_access_destroy+0x43/0x70 [ 127.475546] iommufd_test_staccess_release+0x8d/0xd0 [ 127.475862] __fput+0x26d/0xa40 [ 127.476085] ____fput+0x1e/0x30 [ 127.476288] task_work_run+0x1a4/0x2d0 [ 127.476555] ? __pfx_task_work_run+0x10/0x10 [ 127.476830] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.477123] ? switch_task_namespaces+0xa9/0xe0 [ 127.477432] do_exit+0xb17/0x2ef0 [ 127.477639] ? lock_acquire+0x427/0x4c0 [ 127.477915] ? __pfx_lock_release+0x10/0x10 [ 127.478176] ? __kasan_check_write+0x18/0x20 [ 127.478439] ? do_raw_spin_lock+0x132/0x2a0 [ 127.478721] ? __pfx_do_exit+0x10/0x10 [ 127.479015] ? debug_smp_processor_id+0x20/0x30 [ 127.479300] ? rcu_is_watching+0x19/0xb0 [ 127.479543] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.479815] ? trace_hardirqs_on+0x26/0x120 [ 127.480086] do_group_exit+0xe0/0x2b0 [ 127.480314] __x64_sys_exit_group+0x47/0x50 [ 127.480602] do_syscall_64+0x3b/0x90 [ 127.480881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.481203] RIP: 0033:0x7f4b87518a4d [ 127.481424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.481788] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.482317] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.482748] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.483181] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.483629] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.484094] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.484528] [ 127.484669] irq event stamp: 0 [ 127.484857] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.485260] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.485783] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.486279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.486740] ---[ end trace 0000000000000000 ]--- [ 127.487281] ------------[ cut here ]------------ [ 127.487571] WARNING: CPU: 1 PID: 1183 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.488196] Modules linked in: [ 127.488434] CPU: 1 PID: 1183 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.488957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.489657] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.490007] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.491179] RSP: 0018:ffff88800fb2fb78 EFLAGS: 00010246 [ 127.491496] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.491922] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 127.492353] RBP: ffff88800fb2fb98 R08: ffffed1002560a3e R09: ffffed1002560a3e [ 127.492844] R10: ffff888012b051ef R11: ffffed1002560a3d R12: ffff888012b05290 [ 127.493261] R13: ffff888012b050a8 R14: ffffffffffffffff R15: ffff88800fb2fc60 [ 127.493679] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.494233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.494593] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.495022] PKRU: 55555554 [ 127.495203] Call Trace: [ 127.495381] [ 127.495524] iommufd_ioas_destroy+0x53/0x70 [ 127.495826] iommufd_fops_release+0x1f7/0x370 [ 127.496106] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.496407] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.496714] ? write_comp_data+0x2f/0x90 [ 127.497009] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.497319] __fput+0x26d/0xa40 [ 127.497528] ____fput+0x1e/0x30 [ 127.497732] task_work_run+0x1a4/0x2d0 [ 127.497969] ? __pfx_task_work_run+0x10/0x10 [ 127.498266] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.498625] ? switch_task_namespaces+0xa9/0xe0 [ 127.498910] do_exit+0xb17/0x2ef0 [ 127.499124] ? lock_acquire+0x427/0x4c0 [ 127.499378] ? __pfx_lock_release+0x10/0x10 [ 127.499639] ? __kasan_check_write+0x18/0x20 [ 127.499936] ? do_raw_spin_lock+0x132/0x2a0 [ 127.500250] ? __pfx_do_exit+0x10/0x10 [ 127.500492] ? debug_smp_processor_id+0x20/0x30 [ 127.500770] ? rcu_is_watching+0x19/0xb0 [ 127.501013] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.501321] ? trace_hardirqs_on+0x26/0x120 [ 127.501638] do_group_exit+0xe0/0x2b0 [ 127.501867] __x64_sys_exit_group+0x47/0x50 [ 127.502124] do_syscall_64+0x3b/0x90 [ 127.502355] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.502722] RIP: 0033:0x7f4b87518a4d [ 127.502993] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.503365] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.503826] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.504258] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.504736] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.505157] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.505590] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.506089] [ 127.506230] irq event stamp: 0 [ 127.506419] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.506814] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.507349] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.507898] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.508273] ---[ end trace 0000000000000000 ]--- [ 127.511180] ------------[ cut here ]------------ [ 127.511558] WARNING: CPU: 1 PID: 1184 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.512172] Modules linked in: [ 127.512363] CPU: 1 PID: 1184 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.512934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.513606] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.513901] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.515073] RSP: 0018:ffff888014aefbb8 EFLAGS: 00010246 [ 127.515409] RAX: 0000000000000000 RBX: ffff88801609c8a8 RCX: 0000000000000000 [ 127.515862] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 127.516306] RBP: ffff888014aefbd0 R08: ffffed1002c13933 R09: ffffed1002c13933 [ 127.516734] R10: ffff88801609c993 R11: ffffed1002c13932 R12: ffff888010c0b400 [ 127.517161] R13: ffff88801609c9e8 R14: ffffffff8352e670 R15: ffff888014aefe68 [ 127.517631] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.518104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.518450] CR2: 00007f4b877410e8 CR3: 0000000020eb6000 CR4: 0000000000750ee0 [ 127.518947] PKRU: 55555554 [ 127.519120] Call Trace: [ 127.519273] [ 127.519410] __iommufd_access_detach+0x1c2/0x2b0 [ 127.519714] iommufd_access_change_pt+0x149/0x270 [ 127.520012] iommufd_access_replace+0xb4/0x120 [ 127.520330] iommufd_test+0x3e5/0x37e0 [ 127.520602] ? lock_release+0x532/0x770 [ 127.520856] ? __might_fault+0x102/0x1b0 [ 127.521105] ? lock_acquire+0x427/0x4c0 [ 127.521358] ? __pfx_iommufd_test+0x10/0x10 [ 127.521649] ? __pfx_lock_release+0x10/0x10 [ 127.521971] ? __pfx_lock_acquire+0x10/0x10 [ 127.522241] ? write_comp_data+0x2f/0x90 [ 127.522495] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.522825] ? write_comp_data+0x2f/0x90 [ 127.523079] iommufd_fops_ioctl+0x37d/0x510 [ 127.523386] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.523732] ? write_comp_data+0x2f/0x90 [ 127.523998] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.524293] __x64_sys_ioctl+0x1a3/0x230 [ 127.524547] do_syscall_64+0x3b/0x90 [ 127.524813] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.525189] RIP: 0033:0x7f4b8743ee5d [ 127.525416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.526603] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.527070] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.527525] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.527982] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.528462] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.528886] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.529358] [ 127.529539] irq event stamp: 0 [ 127.529731] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.530111] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.530673] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.531230] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.531622] ---[ end trace 0000000000000000 ]--- [ 127.533962] ------------[ cut here ]------------ [ 127.534273] WARNING: CPU: 1 PID: 1184 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.534967] Modules linked in: [ 127.535216] CPU: 1 PID: 1184 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.535819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.536542] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.536916] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.538077] RSP: 0018:ffff888014aefbd0 EFLAGS: 00010246 [ 127.538456] RAX: 0000000000000000 RBX: ffff88801609c8a8 RCX: 0000000000000000 [ 127.538926] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 127.539386] RBP: ffff888014aefbe8 R08: ffffed1002c13933 R09: ffffed1002c13933 [ 127.539857] R10: ffff88801609c993 R11: ffffed1002c13932 R12: ffff888013b17000 [ 127.540349] R13: ffff88801609c9e8 R14: ffff888013c90900 R15: 0000000000000000 [ 127.540794] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.541372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.541739] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 127.542202] PKRU: 55555554 [ 127.542386] Call Trace: [ 127.542610] [ 127.542799] iommufd_access_destroy_object+0x65/0x170 [ 127.543150] iommufd_object_destroy_user+0x18e/0x220 [ 127.543484] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.543861] iommufd_access_destroy+0x43/0x70 [ 127.544159] iommufd_test_staccess_release+0x8d/0xd0 [ 127.544538] __fput+0x26d/0xa40 [ 127.544812] ____fput+0x1e/0x30 [ 127.545036] task_work_run+0x1a4/0x2d0 [ 127.545305] ? __pfx_task_work_run+0x10/0x10 [ 127.545597] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.545953] ? switch_task_namespaces+0xa9/0xe0 [ 127.546312] do_exit+0xb17/0x2ef0 [ 127.546564] ? lock_acquire+0x427/0x4c0 [ 127.546829] ? __pfx_lock_release+0x10/0x10 [ 127.547117] ? __kasan_check_write+0x18/0x20 [ 127.547415] ? do_raw_spin_lock+0x132/0x2a0 [ 127.547746] ? __pfx_do_exit+0x10/0x10 [ 127.548060] ? debug_smp_processor_id+0x20/0x30 [ 127.548367] ? rcu_is_watching+0x19/0xb0 [ 127.548644] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.548945] ? trace_hardirqs_on+0x26/0x120 [ 127.549270] do_group_exit+0xe0/0x2b0 [ 127.549572] __x64_sys_exit_group+0x47/0x50 [ 127.549860] do_syscall_64+0x3b/0x90 [ 127.550109] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.550450] RIP: 0033:0x7f4b87518a4d [ 127.550751] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.551216] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.551718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.552193] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.552708] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.553228] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.553695] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.554210] [ 127.554391] irq event stamp: 0 [ 127.554623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.555051] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.555618] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.556271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.556688] ---[ end trace 0000000000000000 ]--- [ 127.557433] ------------[ cut here ]------------ [ 127.557782] WARNING: CPU: 1 PID: 1184 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.558477] Modules linked in: [ 127.558718] CPU: 1 PID: 1184 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.559319] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.560132] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.560483] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.561788] RSP: 0018:ffff888014aefb78 EFLAGS: 00010246 [ 127.562152] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.562705] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 127.563199] RBP: ffff888014aefb98 R08: ffffed1002c1393e R09: ffffed1002c1393e [ 127.563694] R10: ffff88801609c9ef R11: ffffed1002c1393d R12: ffff88801609ca90 [ 127.564181] R13: ffff88801609c8a8 R14: ffffffffffffffff R15: ffff888014aefc60 [ 127.564762] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.565312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.565717] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 127.566288] PKRU: 55555554 [ 127.566487] Call Trace: [ 127.566684] [ 127.566856] iommufd_ioas_destroy+0x53/0x70 [ 127.567170] iommufd_fops_release+0x1f7/0x370 [ 127.567486] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.567886] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.568264] ? write_comp_data+0x2f/0x90 [ 127.568555] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.568898] __fput+0x26d/0xa40 [ 127.569148] ____fput+0x1e/0x30 [ 127.569418] task_work_run+0x1a4/0x2d0 [ 127.569704] ? __pfx_task_work_run+0x10/0x10 [ 127.570021] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.570372] ? switch_task_namespaces+0xa9/0xe0 [ 127.570723] do_exit+0xb17/0x2ef0 [ 127.571033] ? lock_acquire+0x427/0x4c0 [ 127.571332] ? __pfx_lock_release+0x10/0x10 [ 127.571642] ? __kasan_check_write+0x18/0x20 [ 127.571951] ? do_raw_spin_lock+0x132/0x2a0 [ 127.572274] ? __pfx_do_exit+0x10/0x10 [ 127.572559] ? debug_smp_processor_id+0x20/0x30 [ 127.572942] ? rcu_is_watching+0x19/0xb0 [ 127.573285] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.573616] ? trace_hardirqs_on+0x26/0x120 [ 127.573930] do_group_exit+0xe0/0x2b0 [ 127.574202] __x64_sys_exit_group+0x47/0x50 [ 127.574585] do_syscall_64+0x3b/0x90 [ 127.574901] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.575283] RIP: 0033:0x7f4b87518a4d [ 127.575557] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.575992] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.576625] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.577129] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.577640] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.578221] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.578753] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.579269] [ 127.579438] irq event stamp: 0 [ 127.579662] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.580204] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.580800] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.581411] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.581931] ---[ end trace 0000000000000000 ]--- [ 127.586174] ------------[ cut here ]------------ [ 127.586649] WARNING: CPU: 1 PID: 1185 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.587409] Modules linked in: [ 127.587641] CPU: 1 PID: 1185 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.588350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.589179] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.589567] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.590990] RSP: 0018:ffff888017237bb8 EFLAGS: 00010246 [ 127.591443] RAX: 0000000000000000 RBX: ffff888015d2e8a8 RCX: 0000000000000000 [ 127.592008] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 127.592531] RBP: ffff888017237bd0 R08: ffffed1002ba5d33 R09: ffffed1002ba5d33 [ 127.593108] R10: ffff888015d2e993 R11: ffffed1002ba5d32 R12: ffff888012e92400 [ 127.593664] R13: ffff888015d2e9e8 R14: ffffffff8352e670 R15: ffff888017237e68 [ 127.594193] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.594878] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.595323] CR2: 00007f4b877410e8 CR3: 0000000020eb6000 CR4: 0000000000750ee0 [ 127.595847] PKRU: 55555554 [ 127.596070] Call Trace: [ 127.596284] [ 127.596501] __iommufd_access_detach+0x1c2/0x2b0 [ 127.596864] iommufd_access_change_pt+0x149/0x270 [ 127.597241] iommufd_access_replace+0xb4/0x120 [ 127.597589] iommufd_test+0x3e5/0x37e0 [ 127.597930] ? lock_release+0x532/0x770 [ 127.598283] ? __might_fault+0x102/0x1b0 [ 127.598607] ? lock_acquire+0x427/0x4c0 [ 127.598911] ? __pfx_iommufd_test+0x10/0x10 [ 127.599257] ? __pfx_lock_release+0x10/0x10 [ 127.599656] ? __pfx_lock_acquire+0x10/0x10 [ 127.600032] ? write_comp_data+0x2f/0x90 [ 127.600357] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.600730] ? write_comp_data+0x2f/0x90 [ 127.601045] iommufd_fops_ioctl+0x37d/0x510 [ 127.601470] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.601843] ? write_comp_data+0x2f/0x90 [ 127.602157] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.602550] __x64_sys_ioctl+0x1a3/0x230 [ 127.602884] do_syscall_64+0x3b/0x90 [ 127.603251] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.603667] RIP: 0033:0x7f4b8743ee5d [ 127.603950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.605436] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.606024] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.606672] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.607225] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.607756] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.608395] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.608943] [ 127.609138] irq event stamp: 0 [ 127.609381] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.609920] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.610606] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.611268] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.611849] ---[ end trace 0000000000000000 ]--- [ 127.616255] ------------[ cut here ]------------ [ 127.616722] WARNING: CPU: 1 PID: 1185 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.617526] Modules linked in: [ 127.617777] CPU: 1 PID: 1185 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.618591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.619493] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.619885] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.621435] RSP: 0018:ffff888017237bd0 EFLAGS: 00010246 [ 127.621845] RAX: 0000000000000000 RBX: ffff888015d2e8a8 RCX: 0000000000000000 [ 127.622483] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 127.623062] RBP: ffff888017237be8 R08: ffffed1002ba5d33 R09: ffffed1002ba5d33 [ 127.623644] R10: ffff888015d2e993 R11: ffffed1002ba5d32 R12: ffff888010c0a800 [ 127.624213] R13: ffff888015d2e9e8 R14: ffff8880138ab900 R15: 0000000000000000 [ 127.624864] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.625501] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.625977] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.626633] PKRU: 55555554 [ 127.626860] Call Trace: [ 127.627063] [ 127.627255] iommufd_access_destroy_object+0x65/0x170 [ 127.627677] iommufd_object_destroy_user+0x18e/0x220 [ 127.628148] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.628667] iommufd_access_destroy+0x43/0x70 [ 127.629045] iommufd_test_staccess_release+0x8d/0xd0 [ 127.629456] __fput+0x26d/0xa40 [ 127.629754] ____fput+0x1e/0x30 [ 127.630088] task_work_run+0x1a4/0x2d0 [ 127.630405] ? __pfx_task_work_run+0x10/0x10 [ 127.630781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.631220] ? switch_task_namespaces+0xa9/0xe0 [ 127.631601] do_exit+0xb17/0x2ef0 [ 127.631910] ? lock_acquire+0x427/0x4c0 [ 127.632299] ? __pfx_lock_release+0x10/0x10 [ 127.632649] ? __kasan_check_write+0x18/0x20 [ 127.633004] ? do_raw_spin_lock+0x132/0x2a0 [ 127.633362] ? __pfx_do_exit+0x10/0x10 [ 127.633726] ? debug_smp_processor_id+0x20/0x30 [ 127.634153] ? rcu_is_watching+0x19/0xb0 [ 127.634478] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.634870] ? trace_hardirqs_on+0x26/0x120 [ 127.635243] do_group_exit+0xe0/0x2b0 [ 127.635551] __x64_sys_exit_group+0x47/0x50 [ 127.635956] do_syscall_64+0x3b/0x90 [ 127.636316] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.636734] RIP: 0033:0x7f4b87518a4d [ 127.637027] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.637549] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.638206] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.638800] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.639369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.640049] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.640606] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.641200] [ 127.641393] irq event stamp: 0 [ 127.641729] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.642265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.642984] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.643698] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.644296] ---[ end trace 0000000000000000 ]--- [ 127.645061] ------------[ cut here ]------------ [ 127.645452] WARNING: CPU: 1 PID: 1185 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.646424] Modules linked in: [ 127.646766] CPU: 1 PID: 1185 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.647511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.648551] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.648967] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.650625] RSP: 0018:ffff888017237b78 EFLAGS: 00010246 [ 127.651062] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.651678] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 127.652334] RBP: ffff888017237b98 R08: ffffed1002ba5d3e R09: ffffed1002ba5d3e [ 127.652918] R10: ffff888015d2e9ef R11: ffffed1002ba5d3d R12: ffff888015d2ea90 [ 127.653521] R13: ffff888015d2e8a8 R14: ffffffffffffffff R15: ffff888017237c60 [ 127.654168] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.654853] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.655336] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.656038] PKRU: 55555554 [ 127.656270] Call Trace: [ 127.656481] [ 127.656670] iommufd_ioas_destroy+0x53/0x70 [ 127.657040] iommufd_fops_release+0x1f7/0x370 [ 127.657415] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.657824] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.658239] ? write_comp_data+0x2f/0x90 [ 127.658614] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.659021] __fput+0x26d/0xa40 [ 127.659327] ____fput+0x1e/0x30 [ 127.659607] task_work_run+0x1a4/0x2d0 [ 127.659965] ? __pfx_task_work_run+0x10/0x10 [ 127.660414] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.660814] ? switch_task_namespaces+0xa9/0xe0 [ 127.661205] do_exit+0xb17/0x2ef0 [ 127.661502] ? lock_acquire+0x427/0x4c0 [ 127.661907] ? __pfx_lock_release+0x10/0x10 [ 127.662311] ? __kasan_check_write+0x18/0x20 [ 127.662712] ? do_raw_spin_lock+0x132/0x2a0 [ 127.663063] ? __pfx_do_exit+0x10/0x10 [ 127.663399] ? debug_smp_processor_id+0x20/0x30 [ 127.663799] ? rcu_is_watching+0x19/0xb0 [ 127.664204] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.664635] ? trace_hardirqs_on+0x26/0x120 [ 127.664991] do_group_exit+0xe0/0x2b0 [ 127.665301] __x64_sys_exit_group+0x47/0x50 [ 127.665667] do_syscall_64+0x3b/0x90 [ 127.666054] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.666550] RIP: 0033:0x7f4b87518a4d [ 127.666869] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.667371] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.668012] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.668674] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.669262] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.669857] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.670577] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.671192] [ 127.671386] irq event stamp: 0 [ 127.671640] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.672226] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.672939] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.673623] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.674258] ---[ end trace 0000000000000000 ]--- [ 127.679599] ------------[ cut here ]------------ [ 127.680056] WARNING: CPU: 1 PID: 1186 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.680977] Modules linked in: [ 127.681235] CPU: 1 PID: 1186 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.681972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.682999] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.683258] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 127.683428] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.685078] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 127.686528] RSP: 0018:ffff88800e947bb8 EFLAGS: 00010246 [ 127.686540] RAX: 0000000000000000 RBX: ffff888017a410a8 RCX: 0000000000000000 [ 127.686548] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 127.689241] RBP: ffff88800e947bd0 R08: ffffed1002f48233 R09: ffffed1002f48233 [ 127.689823] R10: ffff888017a41193 R11: ffffed1002f48232 R12: ffff88801890f400 [ 127.690391] R13: ffff888017a411e8 R14: ffffffff8352e670 R15: ffff88800e947e68 [ 127.690984] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.691636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.692132] CR2: 0000000020000140 CR3: 0000000020fce000 CR4: 0000000000750ee0 [ 127.692860] PKRU: 55555554 [ 127.693091] Call Trace: [ 127.693295] [ 127.693478] __iommufd_access_detach+0x1c2/0x2b0 [ 127.693873] iommufd_access_change_pt+0x149/0x270 [ 127.694284] iommufd_access_replace+0xb4/0x120 [ 127.694680] iommufd_test+0x3e5/0x37e0 [ 127.695010] ? lock_release+0x532/0x770 [ 127.695350] ? __might_fault+0x102/0x1b0 [ 127.695686] ? lock_acquire+0x427/0x4c0 [ 127.696016] ? __pfx_iommufd_test+0x10/0x10 [ 127.696375] ? __pfx_lock_release+0x10/0x10 [ 127.696731] ? __pfx_lock_acquire+0x10/0x10 [ 127.697087] ? write_comp_data+0x2f/0x90 [ 127.697437] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.697832] ? write_comp_data+0x2f/0x90 [ 127.698170] iommufd_fops_ioctl+0x37d/0x510 [ 127.698557] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.698955] ? write_comp_data+0x2f/0x90 [ 127.699314] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.699795] __x64_sys_ioctl+0x1a3/0x230 [ 127.700160] do_syscall_64+0x3b/0x90 [ 127.700488] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.700915] RIP: 0033:0x7f4b8743ee5d [ 127.701221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.702837] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.703599] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.704189] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.704775] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.705345] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.706052] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.706665] [ 127.706860] irq event stamp: 0 [ 127.707152] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.707679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.708449] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.709134] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.709681] ---[ end trace 0000000000000000 ]--- [ 127.712661] ------------[ cut here ]------------ [ 127.713138] WARNING: CPU: 1 PID: 1186 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.713962] Modules linked in: [ 127.714222] CPU: 1 PID: 1186 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.715006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.715934] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.716337] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.717878] RSP: 0018:ffff88800e947bd0 EFLAGS: 00010246 [ 127.718364] RAX: 0000000000000000 RBX: ffff888017a410a8 RCX: 0000000000000000 [ 127.718978] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 127.719559] RBP: ffff88800e947be8 R08: ffffed1002f48233 R09: ffffed1002f48233 [ 127.720144] R10: ffff888017a41193 R11: ffffed1002f48232 R12: ffff888012e92c00 [ 127.720723] R13: ffff888017a411e8 R14: ffff88800fa20900 R15: 0000000000000000 [ 127.721316] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.722074] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.722578] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.723176] PKRU: 55555554 [ 127.723431] Call Trace: [ 127.723650] [ 127.723842] iommufd_access_destroy_object+0x65/0x170 [ 127.724324] iommufd_object_destroy_user+0x18e/0x220 [ 127.724825] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.725319] iommufd_access_destroy+0x43/0x70 [ 127.725719] iommufd_test_staccess_release+0x8d/0xd0 [ 127.726154] __fput+0x26d/0xa40 [ 127.726449] ____fput+0x1e/0x30 [ 127.726775] task_work_run+0x1a4/0x2d0 [ 127.727126] ? __pfx_task_work_run+0x10/0x10 [ 127.727507] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.727940] ? switch_task_namespaces+0xa9/0xe0 [ 127.728347] do_exit+0xb17/0x2ef0 [ 127.728660] ? lock_acquire+0x427/0x4c0 [ 127.729112] ? __pfx_lock_release+0x10/0x10 [ 127.729484] ? __kasan_check_write+0x18/0x20 [ 127.729872] ? do_raw_spin_lock+0x132/0x2a0 [ 127.730238] ? __pfx_do_exit+0x10/0x10 [ 127.730614] ? debug_smp_processor_id+0x20/0x30 [ 127.731026] ? rcu_is_watching+0x19/0xb0 [ 127.731388] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.731784] ? trace_hardirqs_on+0x26/0x120 [ 127.732177] do_group_exit+0xe0/0x2b0 [ 127.732514] __x64_sys_exit_group+0x47/0x50 [ 127.732892] do_syscall_64+0x3b/0x90 [ 127.733241] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.733696] RIP: 0033:0x7f4b87518a4d [ 127.734018] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.734718] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.735398] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.736002] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.736616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.737219] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.737847] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.738468] [ 127.738711] irq event stamp: 0 [ 127.738986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.739542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.740275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.741249] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.741921] ---[ end trace 0000000000000000 ]--- [ 127.742739] ------------[ cut here ]------------ [ 127.743247] WARNING: CPU: 1 PID: 1186 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.744142] Modules linked in: [ 127.744421] CPU: 1 PID: 1186 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.745182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.746157] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.746644] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.748388] RSP: 0018:ffff88800e947b78 EFLAGS: 00010246 [ 127.748848] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.749479] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 127.750092] RBP: ffff88800e947b98 R08: ffffed1002f4823e R09: ffffed1002f4823e [ 127.750734] R10: ffff888017a411ef R11: ffffed1002f4823d R12: ffff888017a41290 [ 127.751355] R13: ffff888017a410a8 R14: ffffffffffffffff R15: ffff88800e947c60 [ 127.751974] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.752800] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.753299] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.753919] PKRU: 55555554 [ 127.754165] Call Trace: [ 127.754418] [ 127.754682] iommufd_ioas_destroy+0x53/0x70 [ 127.755096] iommufd_fops_release+0x1f7/0x370 [ 127.755504] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.755939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.756375] ? write_comp_data+0x2f/0x90 [ 127.756731] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.757175] __fput+0x26d/0xa40 [ 127.757472] ____fput+0x1e/0x30 [ 127.757763] task_work_run+0x1a4/0x2d0 [ 127.758109] ? __pfx_task_work_run+0x10/0x10 [ 127.758546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.758980] ? switch_task_namespaces+0xa9/0xe0 [ 127.759430] do_exit+0xb17/0x2ef0 [ 127.759734] ? lock_acquire+0x427/0x4c0 [ 127.760086] ? __pfx_lock_release+0x10/0x10 [ 127.760528] ? __kasan_check_write+0x18/0x20 [ 127.760986] ? do_raw_spin_lock+0x132/0x2a0 [ 127.761358] ? __pfx_do_exit+0x10/0x10 [ 127.761717] ? debug_smp_processor_id+0x20/0x30 [ 127.762118] ? rcu_is_watching+0x19/0xb0 [ 127.762474] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.762911] ? trace_hardirqs_on+0x26/0x120 [ 127.763311] do_group_exit+0xe0/0x2b0 [ 127.763657] __x64_sys_exit_group+0x47/0x50 [ 127.764028] do_syscall_64+0x3b/0x90 [ 127.764436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.764964] RIP: 0033:0x7f4b87518a4d [ 127.765287] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.765831] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.766637] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.767270] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.767876] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.768516] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.769232] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.769846] [ 127.770048] irq event stamp: 0 [ 127.770332] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.771014] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.771763] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.772484] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.773153] ---[ end trace 0000000000000000 ]--- [ 127.777503] ------------[ cut here ]------------ [ 127.777957] WARNING: CPU: 1 PID: 1188 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.778870] Modules linked in: [ 127.779282] CPU: 1 PID: 1188 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.780039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.781089] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.781541] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.783283] RSP: 0018:ffff888016557bb8 EFLAGS: 00010246 [ 127.783748] RAX: 0000000000000000 RBX: ffff8880139a00a8 RCX: 0000000000000000 [ 127.784375] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 127.785125] RBP: ffff888016557bd0 R08: ffffed1002734033 R09: ffffed1002734033 [ 127.785747] R10: ffff8880139a0193 R11: ffffed1002734032 R12: ffff88801226d000 [ 127.786355] R13: ffff8880139a01e8 R14: ffffffff8352e670 R15: ffff888016557e68 [ 127.787147] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.787853] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.788351] CR2: 0000000020000140 CR3: 0000000020eca000 CR4: 0000000000750ee0 [ 127.789129] PKRU: 55555554 [ 127.789380] Call Trace: [ 127.789608] [ 127.789824] __iommufd_access_detach+0x1c2/0x2b0 [ 127.790260] iommufd_access_change_pt+0x149/0x270 [ 127.790758] iommufd_access_replace+0xb4/0x120 [ 127.791245] iommufd_test+0x3e5/0x37e0 [ 127.791589] ? lock_release+0x532/0x770 [ 127.791953] ? __might_fault+0x102/0x1b0 [ 127.792313] ? lock_acquire+0x427/0x4c0 [ 127.792743] ? __pfx_iommufd_test+0x10/0x10 [ 127.793181] ? __pfx_lock_release+0x10/0x10 [ 127.793574] ? __pfx_lock_acquire+0x10/0x10 [ 127.793954] ? write_comp_data+0x2f/0x90 [ 127.794330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.794895] ? write_comp_data+0x2f/0x90 [ 127.795345] iommufd_fops_ioctl+0x37d/0x510 [ 127.795729] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.796156] ? write_comp_data+0x2f/0x90 [ 127.796620] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.797123] __x64_sys_ioctl+0x1a3/0x230 [ 127.797506] do_syscall_64+0x3b/0x90 [ 127.797859] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.798338] RIP: 0033:0x7f4b8743ee5d [ 127.798882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.800607] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.801400] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.802059] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.802924] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.803593] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.804234] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.805136] [ 127.805356] irq event stamp: 0 [ 127.805649] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.806229] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.807123] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.807923] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.808509] ---[ end trace 0000000000000000 ]--- [ 127.813193] ------------[ cut here ]------------ [ 127.813682] WARNING: CPU: 1 PID: 1188 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.814640] Modules linked in: [ 127.814973] CPU: 1 PID: 1188 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.815887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.816925] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.817521] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.819345] RSP: 0018:ffff888016557bd0 EFLAGS: 00010246 [ 127.819839] RAX: 0000000000000000 RBX: ffff8880139a00a8 RCX: 0000000000000000 [ 127.820503] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 127.821198] RBP: ffff888016557be8 R08: ffffed1002734033 R09: ffffed1002734033 [ 127.821978] R10: ffff8880139a0193 R11: ffffed1002734032 R12: ffff88801890d000 [ 127.822649] R13: ffff8880139a01e8 R14: ffff88800f124d00 R15: 0000000000000000 [ 127.823301] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.824197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.824724] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.825386] PKRU: 55555554 [ 127.825649] Call Trace: [ 127.825985] [ 127.826273] iommufd_access_destroy_object+0x65/0x170 [ 127.826787] iommufd_object_destroy_user+0x18e/0x220 [ 127.827296] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.827891] iommufd_access_destroy+0x43/0x70 [ 127.828404] iommufd_test_staccess_release+0x8d/0xd0 [ 127.828975] __fput+0x26d/0xa40 [ 127.829294] ____fput+0x1e/0x30 [ 127.829602] task_work_run+0x1a4/0x2d0 [ 127.829966] ? __pfx_task_work_run+0x10/0x10 [ 127.830413] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.831018] ? switch_task_namespaces+0xa9/0xe0 [ 127.831474] do_exit+0xb17/0x2ef0 [ 127.831795] ? lock_acquire+0x427/0x4c0 [ 127.832171] ? __pfx_lock_release+0x10/0x10 [ 127.832580] ? __kasan_check_write+0x18/0x20 [ 127.833081] ? do_raw_spin_lock+0x132/0x2a0 [ 127.833581] ? __pfx_do_exit+0x10/0x10 [ 127.833946] ? debug_smp_processor_id+0x20/0x30 [ 127.834377] ? rcu_is_watching+0x19/0xb0 [ 127.834783] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.835216] ? trace_hardirqs_on+0x26/0x120 [ 127.835715] do_group_exit+0xe0/0x2b0 [ 127.836156] __x64_sys_exit_group+0x47/0x50 [ 127.836546] do_syscall_64+0x3b/0x90 [ 127.836895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.837372] RIP: 0033:0x7f4b87518a4d [ 127.837787] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.838439] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.839163] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.839809] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.840641] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.841279] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.841927] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.842781] [ 127.842998] irq event stamp: 0 [ 127.843295] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.843869] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.844787] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.845554] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.846126] ---[ end trace 0000000000000000 ]--- [ 127.847056] ------------[ cut here ]------------ [ 127.847594] WARNING: CPU: 1 PID: 1188 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.848644] Modules linked in: [ 127.848952] CPU: 1 PID: 1188 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.849743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.850853] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.851357] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.853027] RSP: 0018:ffff888016557b78 EFLAGS: 00010246 [ 127.853515] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.854156] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 127.854859] RBP: ffff888016557b98 R08: ffffed100273403e R09: ffffed100273403e [ 127.855536] R10: ffff8880139a01ef R11: ffffed100273403d R12: ffff8880139a0290 [ 127.856195] R13: ffff8880139a00a8 R14: ffffffffffffffff R15: ffff888016557c60 [ 127.856862] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.857618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.858158] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.858841] PKRU: 55555554 [ 127.859105] Call Trace: [ 127.859349] [ 127.859556] iommufd_ioas_destroy+0x53/0x70 [ 127.859958] iommufd_fops_release+0x1f7/0x370 [ 127.860378] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.860851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.861315] ? write_comp_data+0x2f/0x90 [ 127.861695] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.862155] __fput+0x26d/0xa40 [ 127.862474] ____fput+0x1e/0x30 [ 127.862814] task_work_run+0x1a4/0x2d0 [ 127.863206] ? __pfx_task_work_run+0x10/0x10 [ 127.863623] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.864084] ? switch_task_namespaces+0xa9/0xe0 [ 127.864526] do_exit+0xb17/0x2ef0 [ 127.864852] ? lock_acquire+0x427/0x4c0 [ 127.865239] ? __pfx_lock_release+0x10/0x10 [ 127.865650] ? __kasan_check_write+0x18/0x20 [ 127.866070] ? do_raw_spin_lock+0x132/0x2a0 [ 127.866485] ? __pfx_do_exit+0x10/0x10 [ 127.866906] ? debug_smp_processor_id+0x20/0x30 [ 127.867357] ? rcu_is_watching+0x19/0xb0 [ 127.867738] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.868166] ? trace_hardirqs_on+0x26/0x120 [ 127.868575] do_group_exit+0xe0/0x2b0 [ 127.868936] __x64_sys_exit_group+0x47/0x50 [ 127.869341] do_syscall_64+0x3b/0x90 [ 127.869698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.870194] RIP: 0033:0x7f4b87518a4d [ 127.870573] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.871160] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.871864] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.872527] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.873188] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.873838] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.874486] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.875184] [ 127.875404] irq event stamp: 0 [ 127.875694] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.876270] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.877036] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.877796] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.878378] ---[ end trace 0000000000000000 ]--- [ 127.882800] ------------[ cut here ]------------ [ 127.883282] WARNING: CPU: 1 PID: 1189 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.884152] Modules linked in: [ 127.884428] CPU: 1 PID: 1189 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.885174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.886133] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.886582] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.888156] RSP: 0018:ffff8880245f7bb8 EFLAGS: 00010246 [ 127.888613] RAX: 0000000000000000 RBX: ffff8880136698a8 RCX: 0000000000000000 [ 127.889221] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 127.889827] RBP: ffff8880245f7bd0 R08: ffffed10026cd333 R09: ffffed10026cd333 [ 127.890437] R10: ffff888013669993 R11: ffffed10026cd332 R12: ffff8880139e1000 [ 127.891076] R13: ffff8880136699e8 R14: ffffffff8352e670 R15: ffff8880245f7e68 [ 127.891701] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.892401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.892899] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 127.893514] PKRU: 55555554 [ 127.893760] Call Trace: [ 127.893983] [ 127.894179] __iommufd_access_detach+0x1c2/0x2b0 [ 127.894621] iommufd_access_change_pt+0x149/0x270 [ 127.895052] iommufd_access_replace+0xb4/0x120 [ 127.895470] iommufd_test+0x3e5/0x37e0 [ 127.895810] ? lock_release+0x532/0x770 [ 127.896166] ? __might_fault+0x102/0x1b0 [ 127.896529] ? lock_acquire+0x427/0x4c0 [ 127.896885] ? __pfx_iommufd_test+0x10/0x10 [ 127.897257] ? __pfx_lock_release+0x10/0x10 [ 127.897640] ? __pfx_lock_acquire+0x10/0x10 [ 127.898026] ? write_comp_data+0x2f/0x90 [ 127.898388] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.898834] ? write_comp_data+0x2f/0x90 [ 127.899210] iommufd_fops_ioctl+0x37d/0x510 [ 127.899584] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.900016] ? write_comp_data+0x2f/0x90 [ 127.900379] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.900799] __x64_sys_ioctl+0x1a3/0x230 [ 127.901164] do_syscall_64+0x3b/0x90 [ 127.901497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.901955] RIP: 0033:0x7f4b8743ee5d [ 127.902278] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.903874] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.904527] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.905112] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.905679] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.906241] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.906831] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.907424] [ 127.907610] irq event stamp: 0 [ 127.907866] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.908366] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.909032] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.909710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.910221] ---[ end trace 0000000000000000 ]--- [ 127.913044] ------------[ cut here ]------------ [ 127.913451] WARNING: CPU: 1 PID: 1189 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.914261] Modules linked in: [ 127.914548] CPU: 1 PID: 1189 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.915276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.916167] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.916569] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.918024] RSP: 0018:ffff8880245f7bd0 EFLAGS: 00010246 [ 127.918450] RAX: 0000000000000000 RBX: ffff8880136698a8 RCX: 0000000000000000 [ 127.919031] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 127.919608] RBP: ffff8880245f7be8 R08: ffffed10026cd333 R09: ffffed10026cd333 [ 127.920180] R10: ffff888013669993 R11: ffffed10026cd332 R12: ffff88801226d400 [ 127.920753] R13: ffff8880136699e8 R14: ffff888014060200 R15: 0000000000000000 [ 127.921324] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.921971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.922445] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.923041] PKRU: 55555554 [ 127.923294] Call Trace: [ 127.923504] [ 127.923692] iommufd_access_destroy_object+0x65/0x170 [ 127.924117] iommufd_object_destroy_user+0x18e/0x220 [ 127.924537] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 127.925014] iommufd_access_destroy+0x43/0x70 [ 127.925389] iommufd_test_staccess_release+0x8d/0xd0 [ 127.925811] __fput+0x26d/0xa40 [ 127.926095] ____fput+0x1e/0x30 [ 127.926375] task_work_run+0x1a4/0x2d0 [ 127.926718] ? __pfx_task_work_run+0x10/0x10 [ 127.927086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.927499] ? switch_task_namespaces+0xa9/0xe0 [ 127.927888] do_exit+0xb17/0x2ef0 [ 127.928171] ? lock_acquire+0x427/0x4c0 [ 127.928506] ? __pfx_lock_release+0x10/0x10 [ 127.928864] ? __kasan_check_write+0x18/0x20 [ 127.929228] ? do_raw_spin_lock+0x132/0x2a0 [ 127.929576] ? __pfx_do_exit+0x10/0x10 [ 127.929902] ? debug_smp_processor_id+0x20/0x30 [ 127.930290] ? rcu_is_watching+0x19/0xb0 [ 127.930646] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.931030] ? trace_hardirqs_on+0x26/0x120 [ 127.931407] do_group_exit+0xe0/0x2b0 [ 127.931733] __x64_sys_exit_group+0x47/0x50 [ 127.932085] do_syscall_64+0x3b/0x90 [ 127.932402] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.932832] RIP: 0033:0x7f4b87518a4d [ 127.933136] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.933636] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.934251] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.934848] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.935441] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.936028] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.936618] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.937218] [ 127.937413] irq event stamp: 0 [ 127.937668] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.938176] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.938887] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.939588] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.940103] ---[ end trace 0000000000000000 ]--- [ 127.940807] ------------[ cut here ]------------ [ 127.941193] WARNING: CPU: 1 PID: 1189 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 127.942019] Modules linked in: [ 127.942281] CPU: 1 PID: 1189 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.943021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.943966] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 127.944391] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 127.945856] RSP: 0018:ffff8880245f7b78 EFLAGS: 00010246 [ 127.946287] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 127.946883] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 127.947484] RBP: ffff8880245f7b98 R08: ffffed10026cd33e R09: ffffed10026cd33e [ 127.948054] R10: ffff8880136699ef R11: ffffed10026cd33d R12: ffff888013669a90 [ 127.948635] R13: ffff8880136698a8 R14: ffffffffffffffff R15: ffff8880245f7c60 [ 127.949213] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.949871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.950347] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 127.950953] PKRU: 55555554 [ 127.951202] Call Trace: [ 127.951411] [ 127.951594] iommufd_ioas_destroy+0x53/0x70 [ 127.951953] iommufd_fops_release+0x1f7/0x370 [ 127.952328] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.952743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.953166] ? write_comp_data+0x2f/0x90 [ 127.953509] ? __pfx_iommufd_fops_release+0x10/0x10 [ 127.953921] __fput+0x26d/0xa40 [ 127.954206] ____fput+0x1e/0x30 [ 127.954486] task_work_run+0x1a4/0x2d0 [ 127.954841] ? __pfx_task_work_run+0x10/0x10 [ 127.955218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.955626] ? switch_task_namespaces+0xa9/0xe0 [ 127.956018] do_exit+0xb17/0x2ef0 [ 127.956303] ? lock_acquire+0x427/0x4c0 [ 127.956640] ? __pfx_lock_release+0x10/0x10 [ 127.957006] ? __kasan_check_write+0x18/0x20 [ 127.957375] ? do_raw_spin_lock+0x132/0x2a0 [ 127.957738] ? __pfx_do_exit+0x10/0x10 [ 127.958069] ? debug_smp_processor_id+0x20/0x30 [ 127.958451] ? rcu_is_watching+0x19/0xb0 [ 127.958804] ? _raw_spin_unlock_irq+0x2b/0x60 [ 127.959198] ? trace_hardirqs_on+0x26/0x120 [ 127.959557] do_group_exit+0xe0/0x2b0 [ 127.959874] __x64_sys_exit_group+0x47/0x50 [ 127.960231] do_syscall_64+0x3b/0x90 [ 127.960554] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.960990] RIP: 0033:0x7f4b87518a4d [ 127.961300] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 127.961801] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 127.962428] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 127.963036] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 127.963644] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 127.964226] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 127.964811] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 127.965409] [ 127.965609] irq event stamp: 0 [ 127.965879] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.966417] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 127.967171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 127.967892] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 127.968430] ---[ end trace 0000000000000000 ]--- [ 127.972394] ------------[ cut here ]------------ [ 127.972856] WARNING: CPU: 1 PID: 1190 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 127.973742] Modules linked in: [ 127.974023] CPU: 1 PID: 1190 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 127.974824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 127.975828] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 127.976265] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 127.977842] RSP: 0018:ffff888020ea7bb8 EFLAGS: 00010246 [ 127.978307] RAX: 0000000000000000 RBX: ffff888013aad0a8 RCX: 0000000000000000 [ 127.978958] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 127.979598] RBP: ffff888020ea7bd0 R08: ffffed1002755a33 R09: ffffed1002755a33 [ 127.980220] R10: ffff888013aad193 R11: ffffed1002755a32 R12: ffff88801351c800 [ 127.980844] R13: ffff888013aad1e8 R14: ffffffff8352e670 R15: ffff888020ea7e68 [ 127.981469] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 127.982171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 127.982705] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 127.983357] PKRU: 55555554 [ 127.983607] Call Trace: [ 127.983831] [ 127.984032] __iommufd_access_detach+0x1c2/0x2b0 [ 127.984467] iommufd_access_change_pt+0x149/0x270 [ 127.984896] iommufd_access_replace+0xb4/0x120 [ 127.985308] iommufd_test+0x3e5/0x37e0 [ 127.985681] ? lock_release+0x532/0x770 [ 127.986043] ? __might_fault+0x102/0x1b0 [ 127.986404] ? lock_acquire+0x427/0x4c0 [ 127.986789] ? __pfx_iommufd_test+0x10/0x10 [ 127.987180] ? __pfx_lock_release+0x10/0x10 [ 127.987569] ? __pfx_lock_acquire+0x10/0x10 [ 127.987959] ? write_comp_data+0x2f/0x90 [ 127.988328] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 127.988760] ? write_comp_data+0x2f/0x90 [ 127.989136] iommufd_fops_ioctl+0x37d/0x510 [ 127.989552] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.990009] ? write_comp_data+0x2f/0x90 [ 127.990401] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 127.990885] __x64_sys_ioctl+0x1a3/0x230 [ 127.991286] do_syscall_64+0x3b/0x90 [ 127.991648] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 127.992141] RIP: 0033:0x7f4b8743ee5d [ 127.992488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 127.994164] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 127.994898] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 127.995588] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 127.996246] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 127.996907] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 127.997586] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 127.998260] [ 127.998485] irq event stamp: 0 [ 127.998820] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 127.999422] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.000203] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.000975] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.001561] ---[ end trace 0000000000000000 ]--- [ 128.004589] ------------[ cut here ]------------ [ 128.005056] WARNING: CPU: 1 PID: 1190 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.005981] Modules linked in: [ 128.006277] CPU: 1 PID: 1190 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.007357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.008387] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.008853] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.010545] RSP: 0018:ffff888020ea7bd0 EFLAGS: 00010246 [ 128.011043] RAX: 0000000000000000 RBX: ffff888013aad0a8 RCX: 0000000000000000 [ 128.011707] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 128.012364] RBP: ffff888020ea7be8 R08: ffffed1002755a33 R09: ffffed1002755a33 [ 128.013014] R10: ffff888013aad193 R11: ffffed1002755a32 R12: ffff8880139e0400 [ 128.013662] R13: ffff888013aad1e8 R14: ffff888010918a00 R15: 0000000000000000 [ 128.014304] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.015076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.015632] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.016296] PKRU: 55555554 [ 128.016561] Call Trace: [ 128.016795] [ 128.017002] iommufd_access_destroy_object+0x65/0x170 [ 128.017484] iommufd_object_destroy_user+0x18e/0x220 [ 128.017963] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.018548] iommufd_access_destroy+0x43/0x70 [ 128.018982] iommufd_test_staccess_release+0x8d/0xd0 [ 128.019480] __fput+0x26d/0xa40 [ 128.019808] ____fput+0x1e/0x30 [ 128.020126] task_work_run+0x1a4/0x2d0 [ 128.020496] ? __pfx_task_work_run+0x10/0x10 [ 128.020913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.021378] ? switch_task_namespaces+0xa9/0xe0 [ 128.021832] do_exit+0xb17/0x2ef0 [ 128.022163] ? lock_acquire+0x427/0x4c0 [ 128.022581] ? __pfx_lock_release+0x10/0x10 [ 128.022999] ? __kasan_check_write+0x18/0x20 [ 128.023429] ? do_raw_spin_lock+0x132/0x2a0 [ 128.023834] ? __pfx_do_exit+0x10/0x10 [ 128.024207] ? debug_smp_processor_id+0x20/0x30 [ 128.024661] ? rcu_is_watching+0x19/0xb0 [ 128.025061] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.025501] ? trace_hardirqs_on+0x26/0x120 [ 128.025915] do_group_exit+0xe0/0x2b0 [ 128.026275] __x64_sys_exit_group+0x47/0x50 [ 128.026708] do_syscall_64+0x3b/0x90 [ 128.027069] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.027878] RIP: 0033:0x7f4b87518a4d [ 128.028363] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.029121] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.030058] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.031017] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.031931] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.032822] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.033709] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.034693] [ 128.035006] irq event stamp: 0 [ 128.035419] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.036213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.037260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.038291] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.039142] ---[ end trace 0000000000000000 ]--- [ 128.040474] ------------[ cut here ]------------ [ 128.041079] WARNING: CPU: 1 PID: 1190 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.042371] Modules linked in: [ 128.042865] CPU: 1 PID: 1190 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.043916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.044972] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.045452] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.047228] RSP: 0018:ffff888020ea7b78 EFLAGS: 00010246 [ 128.047726] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.048389] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 128.049052] RBP: ffff888020ea7b98 R08: ffffed1002755a3e R09: ffffed1002755a3e [ 128.049716] R10: ffff888013aad1ef R11: ffffed1002755a3d R12: ffff888013aad290 [ 128.050387] R13: ffff888013aad0a8 R14: ffffffffffffffff R15: ffff888020ea7c60 [ 128.051079] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.051840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.052382] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.053149] PKRU: 55555554 [ 128.053412] Call Trace: [ 128.053646] [ 128.053854] iommufd_ioas_destroy+0x53/0x70 [ 128.054254] iommufd_fops_release+0x1f7/0x370 [ 128.054696] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.055177] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.055631] ? write_comp_data+0x2f/0x90 [ 128.056014] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.056476] __fput+0x26d/0xa40 [ 128.056802] ____fput+0x1e/0x30 [ 128.057118] task_work_run+0x1a4/0x2d0 [ 128.057481] ? __pfx_task_work_run+0x10/0x10 [ 128.057889] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.058343] ? switch_task_namespaces+0xa9/0xe0 [ 128.058826] do_exit+0xb17/0x2ef0 [ 128.059165] ? lock_acquire+0x427/0x4c0 [ 128.059546] ? __pfx_lock_release+0x10/0x10 [ 128.059943] ? __kasan_check_write+0x18/0x20 [ 128.060350] ? do_raw_spin_lock+0x132/0x2a0 [ 128.060745] ? __pfx_do_exit+0x10/0x10 [ 128.061164] ? debug_smp_processor_id+0x20/0x30 [ 128.061599] ? rcu_is_watching+0x19/0xb0 [ 128.061974] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.062392] ? trace_hardirqs_on+0x26/0x120 [ 128.062828] do_group_exit+0xe0/0x2b0 [ 128.063194] __x64_sys_exit_group+0x47/0x50 [ 128.063601] do_syscall_64+0x3b/0x90 [ 128.063949] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.064430] RIP: 0033:0x7f4b87518a4d [ 128.064768] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.065331] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.066026] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.066706] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.067384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.068033] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.068681] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.069340] [ 128.069554] irq event stamp: 0 [ 128.069842] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.070423] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.071231] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.071998] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.072571] ---[ end trace 0000000000000000 ]--- [ 128.077154] ------------[ cut here ]------------ [ 128.077632] WARNING: CPU: 1 PID: 1191 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.078751] Modules linked in: [ 128.079047] CPU: 1 PID: 1191 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.079862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.080894] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.081353] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.083037] RSP: 0018:ffff888013f17bb8 EFLAGS: 00010246 [ 128.083651] RAX: 0000000000000000 RBX: ffff888015c8c0a8 RCX: 0000000000000000 [ 128.084294] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 128.084946] RBP: ffff888013f17bd0 R08: ffffed1002b91833 R09: ffffed1002b91833 [ 128.085589] R10: ffff888015c8c193 R11: ffffed1002b91832 R12: ffff88800f74e000 [ 128.086240] R13: ffff888015c8c1e8 R14: ffffffff8352e670 R15: ffff888013f17e68 [ 128.086909] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.087651] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.088175] CR2: 0000000020000140 CR3: 0000000020f36000 CR4: 0000000000750ee0 [ 128.088823] PKRU: 55555554 [ 128.089081] Call Trace: [ 128.089317] [ 128.089522] __iommufd_access_detach+0x1c2/0x2b0 [ 128.089969] iommufd_access_change_pt+0x149/0x270 [ 128.090419] iommufd_access_replace+0xb4/0x120 [ 128.090872] iommufd_test+0x3e5/0x37e0 [ 128.091241] ? lock_release+0x532/0x770 [ 128.091622] ? __might_fault+0x102/0x1b0 [ 128.092002] ? lock_acquire+0x427/0x4c0 [ 128.092377] ? __pfx_iommufd_test+0x10/0x10 [ 128.092774] ? __pfx_lock_release+0x10/0x10 [ 128.093229] ? __pfx_lock_acquire+0x10/0x10 [ 128.093634] ? write_comp_data+0x2f/0x90 [ 128.094015] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.094461] ? write_comp_data+0x2f/0x90 [ 128.094875] iommufd_fops_ioctl+0x37d/0x510 [ 128.095286] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.095736] ? write_comp_data+0x2f/0x90 [ 128.096123] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.096568] __x64_sys_ioctl+0x1a3/0x230 [ 128.096953] do_syscall_64+0x3b/0x90 [ 128.097309] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.097794] RIP: 0033:0x7f4b8743ee5d [ 128.098149] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.099852] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.100554] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.101200] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.101854] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.102531] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.103199] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.103858] [ 128.104073] irq event stamp: 0 [ 128.104361] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.104933] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.105702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.106464] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.107058] ---[ end trace 0000000000000000 ]--- [ 128.109966] ------------[ cut here ]------------ [ 128.110419] WARNING: CPU: 1 PID: 1191 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.111385] Modules linked in: [ 128.111684] CPU: 1 PID: 1191 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.112475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.113499] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.113958] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.115664] RSP: 0018:ffff888013f17bd0 EFLAGS: 00010246 [ 128.116154] RAX: 0000000000000000 RBX: ffff888015c8c0a8 RCX: 0000000000000000 [ 128.116803] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 128.117450] RBP: ffff888013f17be8 R08: ffffed1002b91833 R09: ffffed1002b91833 [ 128.118097] R10: ffff888015c8c193 R11: ffffed1002b91832 R12: ffff88801351ec00 [ 128.118782] R13: ffff888015c8c1e8 R14: ffff88801371cb00 R15: 0000000000000000 [ 128.119473] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.120232] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.120765] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.121418] PKRU: 55555554 [ 128.121678] Call Trace: [ 128.121914] [ 128.122122] iommufd_access_destroy_object+0x65/0x170 [ 128.122717] iommufd_object_destroy_user+0x18e/0x220 [ 128.123207] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.123749] iommufd_access_destroy+0x43/0x70 [ 128.124173] iommufd_test_staccess_release+0x8d/0xd0 [ 128.124655] __fput+0x26d/0xa40 [ 128.125015] ____fput+0x1e/0x30 [ 128.125339] task_work_run+0x1a4/0x2d0 [ 128.125722] ? __pfx_task_work_run+0x10/0x10 [ 128.126148] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.126646] ? switch_task_namespaces+0xa9/0xe0 [ 128.127123] do_exit+0xb17/0x2ef0 [ 128.127460] ? lock_acquire+0x427/0x4c0 [ 128.127844] ? __pfx_lock_release+0x10/0x10 [ 128.128261] ? __kasan_check_write+0x18/0x20 [ 128.128683] ? do_raw_spin_lock+0x132/0x2a0 [ 128.129091] ? __pfx_do_exit+0x10/0x10 [ 128.129476] ? debug_smp_processor_id+0x20/0x30 [ 128.129929] ? rcu_is_watching+0x19/0xb0 [ 128.130318] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.130782] ? trace_hardirqs_on+0x26/0x120 [ 128.131213] do_group_exit+0xe0/0x2b0 [ 128.131581] __x64_sys_exit_group+0x47/0x50 [ 128.131991] do_syscall_64+0x3b/0x90 [ 128.132359] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.132864] RIP: 0033:0x7f4b87518a4d [ 128.133220] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.133805] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.134544] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.135249] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.135921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.136592] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.137261] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.137946] [ 128.138171] irq event stamp: 0 [ 128.138468] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.139096] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.139906] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.140698] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.141293] ---[ end trace 0000000000000000 ]--- [ 128.142106] ------------[ cut here ]------------ [ 128.142580] WARNING: CPU: 1 PID: 1191 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.143557] Modules linked in: [ 128.143865] CPU: 1 PID: 1191 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.144694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.145755] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.146235] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.147990] RSP: 0018:ffff888013f17b78 EFLAGS: 00010246 [ 128.148505] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.149190] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 128.149914] RBP: ffff888013f17b98 R08: ffffed1002b9183e R09: ffffed1002b9183e [ 128.150677] R10: ffff888015c8c1ef R11: ffffed1002b9183d R12: ffff888015c8c290 [ 128.151429] R13: ffff888015c8c0a8 R14: ffffffffffffffff R15: ffff888013f17c60 [ 128.152171] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.152987] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.153581] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.154303] PKRU: 55555554 [ 128.154626] Call Trace: [ 128.154892] [ 128.155136] iommufd_ioas_destroy+0x53/0x70 [ 128.155611] iommufd_fops_release+0x1f7/0x370 [ 128.156075] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.156580] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.157141] ? write_comp_data+0x2f/0x90 [ 128.157567] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.158084] __fput+0x26d/0xa40 [ 128.158450] ____fput+0x1e/0x30 [ 128.158836] task_work_run+0x1a4/0x2d0 [ 128.159275] ? __pfx_task_work_run+0x10/0x10 [ 128.159730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.160227] ? switch_task_namespaces+0xa9/0xe0 [ 128.160715] do_exit+0xb17/0x2ef0 [ 128.161071] ? lock_acquire+0x427/0x4c0 [ 128.161484] ? __pfx_lock_release+0x10/0x10 [ 128.161933] ? __kasan_check_write+0x18/0x20 [ 128.162386] ? do_raw_spin_lock+0x132/0x2a0 [ 128.162859] ? __pfx_do_exit+0x10/0x10 [ 128.163284] ? debug_smp_processor_id+0x20/0x30 [ 128.163770] ? rcu_is_watching+0x19/0xb0 [ 128.164189] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.164661] ? trace_hardirqs_on+0x26/0x120 [ 128.165110] do_group_exit+0xe0/0x2b0 [ 128.165508] __x64_sys_exit_group+0x47/0x50 [ 128.165952] do_syscall_64+0x3b/0x90 [ 128.166350] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.166923] RIP: 0033:0x7f4b87518a4d [ 128.167338] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.167976] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.168755] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.169481] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.170197] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.170949] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.171707] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.172445] [ 128.172687] irq event stamp: 0 [ 128.173010] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.173657] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.174544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.175419] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.176067] ---[ end trace 0000000000000000 ]--- [ 128.181092] ------------[ cut here ]------------ [ 128.181642] WARNING: CPU: 1 PID: 1192 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.182761] Modules linked in: [ 128.183098] CPU: 1 PID: 1192 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.183970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.185041] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.185522] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.187289] RSP: 0018:ffff8880161c7bb8 EFLAGS: 00010246 [ 128.187807] RAX: 0000000000000000 RBX: ffff888020b8d0a8 RCX: 0000000000000000 [ 128.188485] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 128.189237] RBP: ffff8880161c7bd0 R08: ffffed1004171a33 R09: ffffed1004171a33 [ 128.189913] R10: ffff888020b8d193 R11: ffffed1004171a32 R12: ffff888013e1d400 [ 128.190619] R13: ffff888020b8d1e8 R14: ffffffff8352e670 R15: ffff8880161c7e68 [ 128.191306] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.192070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.192626] CR2: 0000000020000140 CR3: 000000000f516000 CR4: 0000000000750ee0 [ 128.193303] PKRU: 55555554 [ 128.193578] Call Trace: [ 128.193823] [ 128.194040] __iommufd_access_detach+0x1c2/0x2b0 [ 128.194541] iommufd_access_change_pt+0x149/0x270 [ 128.195017] iommufd_access_replace+0xb4/0x120 [ 128.195487] iommufd_test+0x3e5/0x37e0 [ 128.195862] ? lock_release+0x532/0x770 [ 128.196256] ? __might_fault+0x102/0x1b0 [ 128.196655] ? lock_acquire+0x427/0x4c0 [ 128.197047] ? __pfx_iommufd_test+0x10/0x10 [ 128.197459] ? __pfx_lock_release+0x10/0x10 [ 128.197881] ? __pfx_lock_acquire+0x10/0x10 [ 128.198306] ? write_comp_data+0x2f/0x90 [ 128.198746] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.199241] ? write_comp_data+0x2f/0x90 [ 128.199644] iommufd_fops_ioctl+0x37d/0x510 [ 128.200061] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.200538] ? write_comp_data+0x2f/0x90 [ 128.200939] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.201401] __x64_sys_ioctl+0x1a3/0x230 [ 128.201793] do_syscall_64+0x3b/0x90 [ 128.202155] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.202687] RIP: 0033:0x7f4b8743ee5d [ 128.203050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.204801] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.205519] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.206191] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.206895] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.207584] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.208250] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.208922] [ 128.209150] irq event stamp: 0 [ 128.209449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.210039] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.210832] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.211605] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.212185] ---[ end trace 0000000000000000 ]--- [ 128.215175] ------------[ cut here ]------------ [ 128.215626] WARNING: CPU: 1 PID: 1192 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.216553] Modules linked in: [ 128.216850] CPU: 1 PID: 1192 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.217648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.218910] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.219381] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.221050] RSP: 0018:ffff8880161c7bd0 EFLAGS: 00010246 [ 128.221511] RAX: 0000000000000000 RBX: ffff888020b8d0a8 RCX: 0000000000000000 [ 128.222120] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 128.222752] RBP: ffff8880161c7be8 R08: ffffed1004171a33 R09: ffffed1004171a33 [ 128.223380] R10: ffff888020b8d193 R11: ffffed1004171a32 R12: ffff88800f74f800 [ 128.223997] R13: ffff888020b8d1e8 R14: ffff8880143c9e00 R15: 0000000000000000 [ 128.224612] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.225304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.225805] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.226420] PKRU: 55555554 [ 128.226693] Call Trace: [ 128.226918] [ 128.227125] iommufd_access_destroy_object+0x65/0x170 [ 128.227581] iommufd_object_destroy_user+0x18e/0x220 [ 128.228026] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.228531] iommufd_access_destroy+0x43/0x70 [ 128.228926] iommufd_test_staccess_release+0x8d/0xd0 [ 128.229371] __fput+0x26d/0xa40 [ 128.229671] ____fput+0x1e/0x30 [ 128.229963] task_work_run+0x1a4/0x2d0 [ 128.230313] ? __pfx_task_work_run+0x10/0x10 [ 128.230722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.231163] ? switch_task_namespaces+0xa9/0xe0 [ 128.231583] do_exit+0xb17/0x2ef0 [ 128.231890] ? lock_acquire+0x427/0x4c0 [ 128.232247] ? __pfx_lock_release+0x10/0x10 [ 128.232638] ? __kasan_check_write+0x18/0x20 [ 128.233026] ? do_raw_spin_lock+0x132/0x2a0 [ 128.233403] ? __pfx_do_exit+0x10/0x10 [ 128.233755] ? debug_smp_processor_id+0x20/0x30 [ 128.234164] ? rcu_is_watching+0x19/0xb0 [ 128.234544] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.234952] ? trace_hardirqs_on+0x26/0x120 [ 128.235360] do_group_exit+0xe0/0x2b0 [ 128.235703] __x64_sys_exit_group+0x47/0x50 [ 128.236080] do_syscall_64+0x3b/0x90 [ 128.236411] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.236865] RIP: 0033:0x7f4b87518a4d [ 128.237191] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.237725] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.238381] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.239025] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.239654] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.240269] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.240885] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.241515] [ 128.241718] irq event stamp: 0 [ 128.241992] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.242557] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.243293] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.244016] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.244563] ---[ end trace 0000000000000000 ]--- [ 128.245300] ------------[ cut here ]------------ [ 128.245701] WARNING: CPU: 1 PID: 1192 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.246597] Modules linked in: [ 128.246880] CPU: 1 PID: 1192 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.247610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.248527] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.248946] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.250430] RSP: 0018:ffff8880161c7b78 EFLAGS: 00010246 [ 128.250889] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.251480] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 128.252059] RBP: ffff8880161c7b98 R08: ffffed1004171a3e R09: ffffed1004171a3e [ 128.252638] R10: ffff888020b8d1ef R11: ffffed1004171a3d R12: ffff888020b8d290 [ 128.253271] R13: ffff888020b8d0a8 R14: ffffffffffffffff R15: ffff8880161c7c60 [ 128.253849] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.254498] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.254997] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.255589] PKRU: 55555554 [ 128.255819] Call Trace: [ 128.256027] [ 128.256211] iommufd_ioas_destroy+0x53/0x70 [ 128.256572] iommufd_fops_release+0x1f7/0x370 [ 128.256947] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.257356] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.257762] ? write_comp_data+0x2f/0x90 [ 128.258101] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.258540] __fput+0x26d/0xa40 [ 128.258828] ____fput+0x1e/0x30 [ 128.259117] task_work_run+0x1a4/0x2d0 [ 128.259445] ? __pfx_task_work_run+0x10/0x10 [ 128.259811] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.260214] ? switch_task_namespaces+0xa9/0xe0 [ 128.260606] do_exit+0xb17/0x2ef0 [ 128.260891] ? lock_acquire+0x427/0x4c0 [ 128.261225] ? __pfx_lock_release+0x10/0x10 [ 128.261585] ? __kasan_check_write+0x18/0x20 [ 128.261949] ? do_raw_spin_lock+0x132/0x2a0 [ 128.262308] ? __pfx_do_exit+0x10/0x10 [ 128.262666] ? debug_smp_processor_id+0x20/0x30 [ 128.263057] ? rcu_is_watching+0x19/0xb0 [ 128.263405] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.263781] ? trace_hardirqs_on+0x26/0x120 [ 128.264140] do_group_exit+0xe0/0x2b0 [ 128.264456] __x64_sys_exit_group+0x47/0x50 [ 128.264807] do_syscall_64+0x3b/0x90 [ 128.265121] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.265555] RIP: 0033:0x7f4b87518a4d [ 128.265859] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.266359] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.267000] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.267609] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.268194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.268776] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.269360] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.269945] [ 128.270139] irq event stamp: 0 [ 128.270400] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.270939] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.271634] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.272311] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.272824] ---[ end trace 0000000000000000 ]--- [ 128.276583] ------------[ cut here ]------------ [ 128.277000] WARNING: CPU: 1 PID: 1193 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.277821] Modules linked in: [ 128.278082] CPU: 1 PID: 1193 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.278927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.279851] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.280254] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.281721] RSP: 0018:ffff8880183efbb8 EFLAGS: 00010246 [ 128.282150] RAX: 0000000000000000 RBX: ffff8880189218a8 RCX: 0000000000000000 [ 128.282747] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 128.283333] RBP: ffff8880183efbd0 R08: ffffed1003124333 R09: ffffed1003124333 [ 128.283911] R10: ffff888018921993 R11: ffffed1003124332 R12: ffff888012b45c00 [ 128.284489] R13: ffff8880189219e8 R14: ffffffff8352e670 R15: ffff8880183efe68 [ 128.285121] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.285768] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.286236] CR2: 0000000020000140 CR3: 0000000020fee000 CR4: 0000000000750ee0 [ 128.286856] PKRU: 55555554 [ 128.287089] Call Trace: [ 128.287333] [ 128.287519] __iommufd_access_detach+0x1c2/0x2b0 [ 128.287918] iommufd_access_change_pt+0x149/0x270 [ 128.288323] iommufd_access_replace+0xb4/0x120 [ 128.288704] iommufd_test+0x3e5/0x37e0 [ 128.289019] ? lock_release+0x532/0x770 [ 128.289354] ? __might_fault+0x102/0x1b0 [ 128.289695] ? lock_acquire+0x427/0x4c0 [ 128.290032] ? __pfx_iommufd_test+0x10/0x10 [ 128.290383] ? __pfx_lock_release+0x10/0x10 [ 128.290771] ? __pfx_lock_acquire+0x10/0x10 [ 128.291143] ? write_comp_data+0x2f/0x90 [ 128.291490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.291894] ? write_comp_data+0x2f/0x90 [ 128.292241] iommufd_fops_ioctl+0x37d/0x510 [ 128.292614] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.293023] ? write_comp_data+0x2f/0x90 [ 128.293368] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.293765] __x64_sys_ioctl+0x1a3/0x230 [ 128.294111] do_syscall_64+0x3b/0x90 [ 128.294425] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.294876] RIP: 0033:0x7f4b8743ee5d [ 128.295192] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.296676] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.297296] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.297878] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.298460] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.299068] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.299671] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.300255] [ 128.300447] irq event stamp: 0 [ 128.300703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.301214] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.301890] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.302586] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.303097] ---[ end trace 0000000000000000 ]--- [ 128.305841] ------------[ cut here ]------------ [ 128.306243] WARNING: CPU: 1 PID: 1193 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.307064] Modules linked in: [ 128.307330] CPU: 1 PID: 1193 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.308016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.308897] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.309293] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.310741] RSP: 0018:ffff8880183efbd0 EFLAGS: 00010246 [ 128.311170] RAX: 0000000000000000 RBX: ffff8880189218a8 RCX: 0000000000000000 [ 128.311733] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 128.312296] RBP: ffff8880183efbe8 R08: ffffed1003124333 R09: ffffed1003124333 [ 128.312854] R10: ffff888018921993 R11: ffffed1003124332 R12: ffff888013e1f400 [ 128.313402] R13: ffff8880189219e8 R14: ffff888020a3dd00 R15: 0000000000000000 [ 128.313950] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.314589] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.315038] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.315608] PKRU: 55555554 [ 128.315829] Call Trace: [ 128.316028] [ 128.316204] iommufd_access_destroy_object+0x65/0x170 [ 128.316606] iommufd_object_destroy_user+0x18e/0x220 [ 128.317057] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.317512] iommufd_access_destroy+0x43/0x70 [ 128.317867] iommufd_test_staccess_release+0x8d/0xd0 [ 128.318265] __fput+0x26d/0xa40 [ 128.318561] ____fput+0x1e/0x30 [ 128.318825] task_work_run+0x1a4/0x2d0 [ 128.319151] ? __pfx_task_work_run+0x10/0x10 [ 128.319500] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.319880] ? switch_task_namespaces+0xa9/0xe0 [ 128.320256] do_exit+0xb17/0x2ef0 [ 128.320531] ? lock_acquire+0x427/0x4c0 [ 128.320845] ? __pfx_lock_release+0x10/0x10 [ 128.321183] ? __kasan_check_write+0x18/0x20 [ 128.321526] ? do_raw_spin_lock+0x132/0x2a0 [ 128.321864] ? __pfx_do_exit+0x10/0x10 [ 128.322173] ? debug_smp_processor_id+0x20/0x30 [ 128.322559] ? rcu_is_watching+0x19/0xb0 [ 128.322877] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.323243] ? trace_hardirqs_on+0x26/0x120 [ 128.323583] do_group_exit+0xe0/0x2b0 [ 128.323879] __x64_sys_exit_group+0x47/0x50 [ 128.324208] do_syscall_64+0x3b/0x90 [ 128.324503] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.324907] RIP: 0033:0x7f4b87518a4d [ 128.325192] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.325665] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.326242] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.326802] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.327351] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.327894] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.328435] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.328985] [ 128.329165] irq event stamp: 0 [ 128.329407] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.329884] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.330540] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.331196] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.331681] ---[ end trace 0000000000000000 ]--- [ 128.332361] ------------[ cut here ]------------ [ 128.332725] WARNING: CPU: 1 PID: 1193 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.333506] Modules linked in: [ 128.333753] CPU: 1 PID: 1193 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.334416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.335313] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.335715] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.337108] RSP: 0018:ffff8880183efb78 EFLAGS: 00010246 [ 128.337516] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.338057] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 128.338621] RBP: ffff8880183efb98 R08: ffffed100312433e R09: ffffed100312433e [ 128.339171] R10: ffff8880189219ef R11: ffffed100312433d R12: ffff888018921a90 [ 128.339716] R13: ffff8880189218a8 R14: ffffffffffffffff R15: ffff8880183efc60 [ 128.340258] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.340873] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.341321] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.341863] PKRU: 55555554 [ 128.342079] Call Trace: [ 128.342276] [ 128.342453] iommufd_ioas_destroy+0x53/0x70 [ 128.342818] iommufd_fops_release+0x1f7/0x370 [ 128.343181] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.343568] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.343955] ? write_comp_data+0x2f/0x90 [ 128.344276] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.344663] __fput+0x26d/0xa40 [ 128.344932] ____fput+0x1e/0x30 [ 128.345195] task_work_run+0x1a4/0x2d0 [ 128.345504] ? __pfx_task_work_run+0x10/0x10 [ 128.345848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.346229] ? switch_task_namespaces+0xa9/0xe0 [ 128.346619] do_exit+0xb17/0x2ef0 [ 128.346889] ? lock_acquire+0x427/0x4c0 [ 128.347211] ? __pfx_lock_release+0x10/0x10 [ 128.347549] ? __kasan_check_write+0x18/0x20 [ 128.347886] ? do_raw_spin_lock+0x132/0x2a0 [ 128.348213] ? __pfx_do_exit+0x10/0x10 [ 128.348514] ? debug_smp_processor_id+0x20/0x30 [ 128.348868] ? rcu_is_watching+0x19/0xb0 [ 128.349225] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.349568] ? trace_hardirqs_on+0x26/0x120 [ 128.349899] do_group_exit+0xe0/0x2b0 [ 128.350187] __x64_sys_exit_group+0x47/0x50 [ 128.350530] do_syscall_64+0x3b/0x90 [ 128.350819] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.351222] RIP: 0033:0x7f4b87518a4d [ 128.351501] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.351966] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.352532] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.353061] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.353588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.354117] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.354661] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.355206] [ 128.355383] irq event stamp: 0 [ 128.355623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.356095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.356722] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.357343] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.357812] ---[ end trace 0000000000000000 ]--- [ 128.363083] ------------[ cut here ]------------ [ 128.363584] WARNING: CPU: 0 PID: 1194 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.364574] Modules linked in: [ 128.364905] CPU: 0 PID: 1194 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.365744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.367235] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.367730] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.369453] RSP: 0018:ffff8880218afbb8 EFLAGS: 00010246 [ 128.369967] RAX: 0000000000000000 RBX: ffff88800fe518a8 RCX: 0000000000000000 [ 128.370667] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 128.371355] RBP: ffff8880218afbd0 R08: ffffed1001fca333 R09: ffffed1001fca333 [ 128.372052] R10: ffff88800fe51993 R11: ffffed1001fca332 R12: ffff888018539800 [ 128.372725] R13: ffff88800fe519e8 R14: ffffffff8352e670 R15: ffff8880218afe68 [ 128.373411] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.374152] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.374722] CR2: 0000000020000140 CR3: 0000000020fee000 CR4: 0000000000750ef0 [ 128.375417] PKRU: 55555554 [ 128.375703] Call Trace: [ 128.375946] [ 128.376169] __iommufd_access_detach+0x1c2/0x2b0 [ 128.376647] iommufd_access_change_pt+0x149/0x270 [ 128.377134] iommufd_access_replace+0xb4/0x120 [ 128.377591] iommufd_test+0x3e5/0x37e0 [ 128.377964] ? lock_release+0x532/0x770 [ 128.378348] ? __might_fault+0x102/0x1b0 [ 128.378774] ? lock_acquire+0x427/0x4c0 [ 128.379213] ? __pfx_iommufd_test+0x10/0x10 [ 128.379544] ? __pfx_lock_release+0x10/0x10 [ 128.379869] ? __pfx_lock_acquire+0x10/0x10 [ 128.380198] ? write_comp_data+0x2f/0x90 [ 128.380504] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.380873] ? write_comp_data+0x2f/0x90 [ 128.381180] iommufd_fops_ioctl+0x37d/0x510 [ 128.381508] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.381869] ? write_comp_data+0x2f/0x90 [ 128.382177] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.382560] __x64_sys_ioctl+0x1a3/0x230 [ 128.382872] do_syscall_64+0x3b/0x90 [ 128.383168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.383553] RIP: 0033:0x7f4b8743ee5d [ 128.383835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.385173] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.385735] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.386255] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.386783] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.387314] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.387834] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.388357] [ 128.388535] irq event stamp: 0 [ 128.388765] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.389228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.389831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.390424] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.390903] ---[ end trace 0000000000000000 ]--- [ 128.393616] ------------[ cut here ]------------ [ 128.393984] WARNING: CPU: 0 PID: 1194 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.395216] Modules linked in: [ 128.395458] CPU: 0 PID: 1194 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.396092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.396903] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.397264] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.398581] RSP: 0018:ffff8880218afbd0 EFLAGS: 00010246 [ 128.398972] RAX: 0000000000000000 RBX: ffff88800fe518a8 RCX: 0000000000000000 [ 128.399501] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 128.400007] RBP: ffff8880218afbe8 R08: ffffed1001fca333 R09: ffffed1001fca333 [ 128.400519] R10: ffff88800fe51993 R11: ffffed1001fca332 R12: ffff888018a6b000 [ 128.401042] R13: ffff88800fe519e8 R14: ffff888020de9c00 R15: 0000000000000000 [ 128.401568] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.402141] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.402580] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.403102] PKRU: 55555554 [ 128.403326] Call Trace: [ 128.403518] [ 128.403688] iommufd_access_destroy_object+0x65/0x170 [ 128.404072] iommufd_object_destroy_user+0x18e/0x220 [ 128.404458] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.404894] iommufd_access_destroy+0x43/0x70 [ 128.405236] iommufd_test_staccess_release+0x8d/0xd0 [ 128.405625] __fput+0x26d/0xa40 [ 128.405878] ____fput+0x1e/0x30 [ 128.406127] task_work_run+0x1a4/0x2d0 [ 128.406420] ? __pfx_task_work_run+0x10/0x10 [ 128.406763] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.407142] ? switch_task_namespaces+0xa9/0xe0 [ 128.407496] do_exit+0xb17/0x2ef0 [ 128.407753] ? lock_acquire+0x427/0x4c0 [ 128.408065] ? __pfx_lock_release+0x10/0x10 [ 128.408394] ? __kasan_check_write+0x18/0x20 [ 128.408729] ? do_raw_spin_lock+0x132/0x2a0 [ 128.409049] ? __pfx_do_exit+0x10/0x10 [ 128.409350] ? debug_smp_processor_id+0x20/0x30 [ 128.409703] ? rcu_is_watching+0x19/0xb0 [ 128.410011] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.410352] ? trace_hardirqs_on+0x26/0x120 [ 128.410700] do_group_exit+0xe0/0x2b0 [ 128.410986] __x64_sys_exit_group+0x47/0x50 [ 128.411322] do_syscall_64+0x3b/0x90 [ 128.411605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.411990] RIP: 0033:0x7f4b87518a4d [ 128.412262] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.412707] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.413256] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.413771] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.414287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.414829] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.415350] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.415874] [ 128.416046] irq event stamp: 0 [ 128.416275] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.416734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.417346] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.417944] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.418403] ---[ end trace 0000000000000000 ]--- [ 128.419099] ------------[ cut here ]------------ [ 128.419455] WARNING: CPU: 0 PID: 1194 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.420198] Modules linked in: [ 128.420441] CPU: 0 PID: 1194 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.421085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.421903] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.422287] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.423657] RSP: 0018:ffff8880218afb78 EFLAGS: 00010246 [ 128.424056] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.424575] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 128.425095] RBP: ffff8880218afb98 R08: ffffed1001fca33e R09: ffffed1001fca33e [ 128.425613] R10: ffff88800fe519ef R11: ffffed1001fca33d R12: ffff88800fe51a90 [ 128.426131] R13: ffff88800fe518a8 R14: ffffffffffffffff R15: ffff8880218afc60 [ 128.426844] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.427455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.427878] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.428401] PKRU: 55555554 [ 128.428608] Call Trace: [ 128.428794] [ 128.428963] iommufd_ioas_destroy+0x53/0x70 [ 128.429288] iommufd_fops_release+0x1f7/0x370 [ 128.429624] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.429996] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.430363] ? write_comp_data+0x2f/0x90 [ 128.430689] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.431081] __fput+0x26d/0xa40 [ 128.431357] ____fput+0x1e/0x30 [ 128.431610] task_work_run+0x1a4/0x2d0 [ 128.431902] ? __pfx_task_work_run+0x10/0x10 [ 128.432231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.432591] ? switch_task_namespaces+0xa9/0xe0 [ 128.432942] do_exit+0xb17/0x2ef0 [ 128.433197] ? lock_acquire+0x427/0x4c0 [ 128.433499] ? __pfx_lock_release+0x10/0x10 [ 128.433826] ? __kasan_check_write+0x18/0x20 [ 128.434158] ? do_raw_spin_lock+0x132/0x2a0 [ 128.434481] ? __pfx_do_exit+0x10/0x10 [ 128.434802] ? debug_smp_processor_id+0x20/0x30 [ 128.435170] ? rcu_is_watching+0x19/0xb0 [ 128.435474] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.435814] ? trace_hardirqs_on+0x26/0x120 [ 128.436139] do_group_exit+0xe0/0x2b0 [ 128.436426] __x64_sys_exit_group+0x47/0x50 [ 128.436747] do_syscall_64+0x3b/0x90 [ 128.437028] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.437421] RIP: 0033:0x7f4b87518a4d [ 128.437697] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.438144] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.438723] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.439263] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.439793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.440321] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.440854] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.441397] [ 128.441577] irq event stamp: 0 [ 128.441813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.442283] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.442924] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.443551] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.444024] ---[ end trace 0000000000000000 ]--- [ 128.447909] ------------[ cut here ]------------ [ 128.448290] WARNING: CPU: 0 PID: 1195 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.449043] Modules linked in: [ 128.449280] CPU: 0 PID: 1195 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.449927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.450792] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.451178] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.452532] RSP: 0018:ffff888013aa7bb8 EFLAGS: 00010246 [ 128.452924] RAX: 0000000000000000 RBX: ffff888011f540a8 RCX: 0000000000000000 [ 128.453449] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 128.453973] RBP: ffff888013aa7bd0 R08: ffffed10023ea833 R09: ffffed10023ea833 [ 128.454496] R10: ffff888011f54193 R11: ffffed10023ea832 R12: ffff888013787400 [ 128.455039] R13: ffff888011f541e8 R14: ffffffff8352e670 R15: ffff888013aa7e68 [ 128.455573] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.456168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.456601] CR2: 0000000020000140 CR3: 000000000f516000 CR4: 0000000000750ef0 [ 128.457130] PKRU: 55555554 [ 128.457357] Call Trace: [ 128.457548] [ 128.457721] __iommufd_access_detach+0x1c2/0x2b0 [ 128.458087] iommufd_access_change_pt+0x149/0x270 [ 128.458460] iommufd_access_replace+0xb4/0x120 [ 128.458830] iommufd_test+0x3e5/0x37e0 [ 128.459134] ? lock_release+0x532/0x770 [ 128.459447] ? __might_fault+0x102/0x1b0 [ 128.459763] ? lock_acquire+0x427/0x4c0 [ 128.460069] ? __pfx_iommufd_test+0x10/0x10 [ 128.460397] ? __pfx_lock_release+0x10/0x10 [ 128.460732] ? __pfx_lock_acquire+0x10/0x10 [ 128.461065] ? write_comp_data+0x2f/0x90 [ 128.461381] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.461755] ? write_comp_data+0x2f/0x90 [ 128.462070] iommufd_fops_ioctl+0x37d/0x510 [ 128.462392] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.462781] ? write_comp_data+0x2f/0x90 [ 128.463097] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.463474] __x64_sys_ioctl+0x1a3/0x230 [ 128.463793] do_syscall_64+0x3b/0x90 [ 128.464086] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.464486] RIP: 0033:0x7f4b8743ee5d [ 128.464769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.466119] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.466705] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.467252] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.467815] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.468413] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.468947] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.469487] [ 128.469666] irq event stamp: 0 [ 128.469904] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.470379] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.471030] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.471665] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.472133] ---[ end trace 0000000000000000 ]--- [ 128.474824] ------------[ cut here ]------------ [ 128.475222] WARNING: CPU: 0 PID: 1195 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.475975] Modules linked in: [ 128.476217] CPU: 0 PID: 1195 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.476875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.477720] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.478094] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.479469] RSP: 0018:ffff888013aa7bd0 EFLAGS: 00010246 [ 128.479869] RAX: 0000000000000000 RBX: ffff888011f540a8 RCX: 0000000000000000 [ 128.480401] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 128.480926] RBP: ffff888013aa7be8 R08: ffffed10023ea833 R09: ffffed10023ea833 [ 128.481453] R10: ffff888011f54193 R11: ffffed10023ea832 R12: ffff888018539000 [ 128.481986] R13: ffff888011f541e8 R14: ffff888012fd5c00 R15: 0000000000000000 [ 128.482539] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.483141] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.483580] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.484123] PKRU: 55555554 [ 128.484337] Call Trace: [ 128.484527] [ 128.484696] iommufd_access_destroy_object+0x65/0x170 [ 128.485090] iommufd_object_destroy_user+0x18e/0x220 [ 128.485480] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.485928] iommufd_access_destroy+0x43/0x70 [ 128.486274] iommufd_test_staccess_release+0x8d/0xd0 [ 128.486690] __fput+0x26d/0xa40 [ 128.486958] ____fput+0x1e/0x30 [ 128.487234] task_work_run+0x1a4/0x2d0 [ 128.487533] ? __pfx_task_work_run+0x10/0x10 [ 128.487875] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.488250] ? switch_task_namespaces+0xa9/0xe0 [ 128.488611] do_exit+0xb17/0x2ef0 [ 128.488871] ? lock_acquire+0x427/0x4c0 [ 128.489182] ? __pfx_lock_release+0x10/0x10 [ 128.489518] ? __kasan_check_write+0x18/0x20 [ 128.489860] ? do_raw_spin_lock+0x132/0x2a0 [ 128.490188] ? __pfx_do_exit+0x10/0x10 [ 128.490488] ? debug_smp_processor_id+0x20/0x30 [ 128.490868] ? rcu_is_watching+0x19/0xb0 [ 128.491181] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.491529] ? trace_hardirqs_on+0x26/0x120 [ 128.491862] do_group_exit+0xe0/0x2b0 [ 128.492148] __x64_sys_exit_group+0x47/0x50 [ 128.492467] do_syscall_64+0x3b/0x90 [ 128.492764] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.493164] RIP: 0033:0x7f4b87518a4d [ 128.493443] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.493912] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.494476] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.495028] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.495574] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.496100] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.496623] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.497153] [ 128.497327] irq event stamp: 0 [ 128.497561] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.498028] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.498667] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.499293] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.499763] ---[ end trace 0000000000000000 ]--- [ 128.500446] ------------[ cut here ]------------ [ 128.500802] WARNING: CPU: 0 PID: 1195 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.501568] Modules linked in: [ 128.501807] CPU: 0 PID: 1195 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.502460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.503343] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.503747] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.505128] RSP: 0018:ffff888013aa7b78 EFLAGS: 00010246 [ 128.505529] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.506067] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 128.506649] RBP: ffff888013aa7b98 R08: ffffed10023ea83e R09: ffffed10023ea83e [ 128.507215] R10: ffff888011f541ef R11: ffffed10023ea83d R12: ffff888011f54290 [ 128.507763] R13: ffff888011f540a8 R14: ffffffffffffffff R15: ffff888013aa7c60 [ 128.508310] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.508920] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.509364] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.509907] PKRU: 55555554 [ 128.510127] Call Trace: [ 128.510320] [ 128.510495] iommufd_ioas_destroy+0x53/0x70 [ 128.510859] iommufd_fops_release+0x1f7/0x370 [ 128.511218] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.511604] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.511984] ? write_comp_data+0x2f/0x90 [ 128.512304] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.512692] __fput+0x26d/0xa40 [ 128.512961] ____fput+0x1e/0x30 [ 128.513222] task_work_run+0x1a4/0x2d0 [ 128.513529] ? __pfx_task_work_run+0x10/0x10 [ 128.513876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.514254] ? switch_task_namespaces+0xa9/0xe0 [ 128.514640] do_exit+0xb17/0x2ef0 [ 128.514913] ? lock_acquire+0x427/0x4c0 [ 128.515232] ? __pfx_lock_release+0x10/0x10 [ 128.515573] ? __kasan_check_write+0x18/0x20 [ 128.515917] ? do_raw_spin_lock+0x132/0x2a0 [ 128.516252] ? __pfx_do_exit+0x10/0x10 [ 128.516559] ? debug_smp_processor_id+0x20/0x30 [ 128.516918] ? rcu_is_watching+0x19/0xb0 [ 128.517234] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.517587] ? trace_hardirqs_on+0x26/0x120 [ 128.517928] do_group_exit+0xe0/0x2b0 [ 128.518226] __x64_sys_exit_group+0x47/0x50 [ 128.518575] do_syscall_64+0x3b/0x90 [ 128.518877] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.519288] RIP: 0033:0x7f4b87518a4d [ 128.519577] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.520042] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.520622] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.521161] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.521707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.522248] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.522811] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.523390] [ 128.523569] irq event stamp: 0 [ 128.523811] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.524289] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.524935] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.525567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.526047] ---[ end trace 0000000000000000 ]--- [ 128.530374] ------------[ cut here ]------------ [ 128.530964] WARNING: CPU: 0 PID: 1196 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.531751] Modules linked in: [ 128.531990] CPU: 0 PID: 1196 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.532647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.533508] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.533886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.535296] RSP: 0018:ffff88801735fbb8 EFLAGS: 00010246 [ 128.535706] RAX: 0000000000000000 RBX: ffff88800b8148a8 RCX: 0000000000000000 [ 128.536250] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 128.536792] RBP: ffff88801735fbd0 R08: ffffed1001702933 R09: ffffed1001702933 [ 128.537334] R10: ffff88800b814993 R11: ffffed1001702932 R12: ffff88801422fc00 [ 128.537875] R13: ffff88800b8149e8 R14: ffffffff8352e670 R15: ffff88801735fe68 [ 128.538418] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.539050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.539504] CR2: 0000000020000140 CR3: 0000000020fbc000 CR4: 0000000000750ef0 [ 128.540048] PKRU: 55555554 [ 128.540292] Call Trace: [ 128.540493] [ 128.540665] __iommufd_access_detach+0x1c2/0x2b0 [ 128.541045] iommufd_access_change_pt+0x149/0x270 [ 128.541417] iommufd_access_replace+0xb4/0x120 [ 128.541779] iommufd_test+0x3e5/0x37e0 [ 128.542085] ? lock_release+0x532/0x770 [ 128.542403] ? __might_fault+0x102/0x1b0 [ 128.542747] ? lock_acquire+0x427/0x4c0 [ 128.543064] ? __pfx_iommufd_test+0x10/0x10 [ 128.543407] ? __pfx_lock_release+0x10/0x10 [ 128.543746] ? __pfx_lock_acquire+0x10/0x10 [ 128.544085] ? write_comp_data+0x2f/0x90 [ 128.544402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.544796] ? write_comp_data+0x2f/0x90 [ 128.545126] iommufd_fops_ioctl+0x37d/0x510 [ 128.545468] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.545856] ? write_comp_data+0x2f/0x90 [ 128.546191] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.546590] __x64_sys_ioctl+0x1a3/0x230 [ 128.546922] do_syscall_64+0x3b/0x90 [ 128.547228] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.547641] RIP: 0033:0x7f4b8743ee5d [ 128.547932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.549348] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.549942] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.550494] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.551076] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.551637] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.552184] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.552749] [ 128.552930] irq event stamp: 0 [ 128.553178] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.553668] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.554330] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.555008] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.555517] ---[ end trace 0000000000000000 ]--- [ 128.558291] ------------[ cut here ]------------ [ 128.558722] WARNING: CPU: 0 PID: 1196 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.559522] Modules linked in: [ 128.559773] CPU: 0 PID: 1196 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.560456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.561327] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.561713] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.563139] RSP: 0018:ffff88801735fbd0 EFLAGS: 00010246 [ 128.563559] RAX: 0000000000000000 RBX: ffff88800b8148a8 RCX: 0000000000000000 [ 128.564114] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 128.564668] RBP: ffff88801735fbe8 R08: ffffed1001702933 R09: ffffed1001702933 [ 128.565223] R10: ffff88800b814993 R11: ffffed1001702932 R12: ffff888013785800 [ 128.565770] R13: ffff88800b8149e8 R14: ffff888021859500 R15: 0000000000000000 [ 128.566322] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.566971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.567444] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.568004] PKRU: 55555554 [ 128.568228] Call Trace: [ 128.568433] [ 128.568614] iommufd_access_destroy_object+0x65/0x170 [ 128.569023] iommufd_object_destroy_user+0x18e/0x220 [ 128.569426] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.569883] iommufd_access_destroy+0x43/0x70 [ 128.570244] iommufd_test_staccess_release+0x8d/0xd0 [ 128.570676] __fput+0x26d/0xa40 [ 128.570954] ____fput+0x1e/0x30 [ 128.571237] task_work_run+0x1a4/0x2d0 [ 128.571560] ? __pfx_task_work_run+0x10/0x10 [ 128.571913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.572296] ? switch_task_namespaces+0xa9/0xe0 [ 128.572676] do_exit+0xb17/0x2ef0 [ 128.572964] ? lock_acquire+0x427/0x4c0 [ 128.573287] ? __pfx_lock_release+0x10/0x10 [ 128.573632] ? __kasan_check_write+0x18/0x20 [ 128.573984] ? do_raw_spin_lock+0x132/0x2a0 [ 128.574327] ? __pfx_do_exit+0x10/0x10 [ 128.574665] ? debug_smp_processor_id+0x20/0x30 [ 128.575040] ? rcu_is_watching+0x19/0xb0 [ 128.575376] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.575739] ? trace_hardirqs_on+0x26/0x120 [ 128.576111] do_group_exit+0xe0/0x2b0 [ 128.576413] __x64_sys_exit_group+0x47/0x50 [ 128.576758] do_syscall_64+0x3b/0x90 [ 128.577066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.577475] RIP: 0033:0x7f4b87518a4d [ 128.577766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.578241] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.578860] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.579430] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.579986] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.580538] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.581092] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.581649] [ 128.581837] irq event stamp: 0 [ 128.582081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.582601] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.583269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.583909] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.584397] ---[ end trace 0000000000000000 ]--- [ 128.585104] ------------[ cut here ]------------ [ 128.585479] WARNING: CPU: 0 PID: 1196 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.586263] Modules linked in: [ 128.586536] CPU: 0 PID: 1196 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.587227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.588091] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.588497] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.589904] RSP: 0018:ffff88801735fb78 EFLAGS: 00010246 [ 128.590318] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.590904] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 128.591468] RBP: ffff88801735fb98 R08: ffffed100170293e R09: ffffed100170293e [ 128.592016] R10: ffff88800b8149ef R11: ffffed100170293d R12: ffff88800b814a90 [ 128.592570] R13: ffff88800b8148a8 R14: ffffffffffffffff R15: ffff88801735fc60 [ 128.593131] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.593753] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.594205] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.594782] PKRU: 55555554 [ 128.595004] Call Trace: [ 128.595224] [ 128.595400] iommufd_ioas_destroy+0x53/0x70 [ 128.595747] iommufd_fops_release+0x1f7/0x370 [ 128.596107] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.596501] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.596889] ? write_comp_data+0x2f/0x90 [ 128.597215] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.597602] __fput+0x26d/0xa40 [ 128.597872] ____fput+0x1e/0x30 [ 128.598137] task_work_run+0x1a4/0x2d0 [ 128.598455] ? __pfx_task_work_run+0x10/0x10 [ 128.598825] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.599222] ? switch_task_namespaces+0xa9/0xe0 [ 128.599595] do_exit+0xb17/0x2ef0 [ 128.599867] ? lock_acquire+0x427/0x4c0 [ 128.600185] ? __pfx_lock_release+0x10/0x10 [ 128.600527] ? __kasan_check_write+0x18/0x20 [ 128.600872] ? do_raw_spin_lock+0x132/0x2a0 [ 128.601211] ? __pfx_do_exit+0x10/0x10 [ 128.601521] ? debug_smp_processor_id+0x20/0x30 [ 128.601885] ? rcu_is_watching+0x19/0xb0 [ 128.602201] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.602576] ? trace_hardirqs_on+0x26/0x120 [ 128.602917] do_group_exit+0xe0/0x2b0 [ 128.603220] __x64_sys_exit_group+0x47/0x50 [ 128.603556] do_syscall_64+0x3b/0x90 [ 128.603854] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.604264] RIP: 0033:0x7f4b87518a4d [ 128.604561] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.605033] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.605616] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.606163] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.606734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.607293] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.607840] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.608397] [ 128.608580] irq event stamp: 0 [ 128.608826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.609316] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.609973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.610640] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.611149] ---[ end trace 0000000000000000 ]--- [ 128.616014] ------------[ cut here ]------------ [ 128.616413] WARNING: CPU: 0 PID: 1197 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.617182] Modules linked in: [ 128.617425] CPU: 0 PID: 1197 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.618103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.619004] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.619405] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.620820] RSP: 0018:ffff88801480fbb8 EFLAGS: 00010246 [ 128.621241] RAX: 0000000000000000 RBX: ffff8880219420a8 RCX: 0000000000000000 [ 128.621789] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 128.622341] RBP: ffff88801480fbd0 R08: ffffed1004328433 R09: ffffed1004328433 [ 128.622910] R10: ffff888021942193 R11: ffffed1004328432 R12: ffff888017b2a800 [ 128.623496] R13: ffff8880219421e8 R14: ffffffff8352e670 R15: ffff88801480fe68 [ 128.624045] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.624675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.625132] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 128.625692] PKRU: 55555554 [ 128.625915] Call Trace: [ 128.626116] [ 128.626297] __iommufd_access_detach+0x1c2/0x2b0 [ 128.626700] iommufd_access_change_pt+0x149/0x270 [ 128.627106] iommufd_access_replace+0xb4/0x120 [ 128.627488] iommufd_test+0x3e5/0x37e0 [ 128.627794] ? lock_release+0x532/0x770 [ 128.628119] ? __might_fault+0x102/0x1b0 [ 128.628448] ? lock_acquire+0x427/0x4c0 [ 128.628773] ? __pfx_iommufd_test+0x10/0x10 [ 128.629110] ? __pfx_lock_release+0x10/0x10 [ 128.629454] ? __pfx_lock_acquire+0x10/0x10 [ 128.629804] ? write_comp_data+0x2f/0x90 [ 128.630133] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.630542] ? write_comp_data+0x2f/0x90 [ 128.630876] iommufd_fops_ioctl+0x37d/0x510 [ 128.631228] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.631619] ? write_comp_data+0x2f/0x90 [ 128.631943] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.632329] __x64_sys_ioctl+0x1a3/0x230 [ 128.632660] do_syscall_64+0x3b/0x90 [ 128.632963] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.633379] RIP: 0033:0x7f4b8743ee5d [ 128.633670] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.635132] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.635724] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.636280] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.636835] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.637389] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.637940] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.638498] [ 128.638700] irq event stamp: 0 [ 128.638952] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.639454] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.640107] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.640752] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.641238] ---[ end trace 0000000000000000 ]--- [ 128.644030] ------------[ cut here ]------------ [ 128.644434] WARNING: CPU: 0 PID: 1197 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.645219] Modules linked in: [ 128.645474] CPU: 0 PID: 1197 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.646159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.647049] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.647445] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.648853] RSP: 0018:ffff88801480fbd0 EFLAGS: 00010246 [ 128.649265] RAX: 0000000000000000 RBX: ffff8880219420a8 RCX: 0000000000000000 [ 128.649814] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 128.650369] RBP: ffff88801480fbe8 R08: ffffed1004328433 R09: ffffed1004328433 [ 128.650943] R10: ffff888021942193 R11: ffffed1004328432 R12: ffff88801422e000 [ 128.651536] R13: ffff8880219421e8 R14: ffff88802181a500 R15: 0000000000000000 [ 128.652092] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.652716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.653168] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.653719] PKRU: 55555554 [ 128.653945] Call Trace: [ 128.654141] [ 128.654322] iommufd_access_destroy_object+0x65/0x170 [ 128.654738] iommufd_object_destroy_user+0x18e/0x220 [ 128.655149] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.655608] iommufd_access_destroy+0x43/0x70 [ 128.655967] iommufd_test_staccess_release+0x8d/0xd0 [ 128.656371] __fput+0x26d/0xa40 [ 128.656645] ____fput+0x1e/0x30 [ 128.656913] task_work_run+0x1a4/0x2d0 [ 128.657224] ? __pfx_task_work_run+0x10/0x10 [ 128.657576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.657962] ? switch_task_namespaces+0xa9/0xe0 [ 128.658334] do_exit+0xb17/0x2ef0 [ 128.658626] ? lock_acquire+0x427/0x4c0 [ 128.658951] ? __pfx_lock_release+0x10/0x10 [ 128.659308] ? __kasan_check_write+0x18/0x20 [ 128.659657] ? do_raw_spin_lock+0x132/0x2a0 [ 128.659996] ? __pfx_do_exit+0x10/0x10 [ 128.660309] ? debug_smp_processor_id+0x20/0x30 [ 128.660682] ? rcu_is_watching+0x19/0xb0 [ 128.661000] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.661363] ? trace_hardirqs_on+0x26/0x120 [ 128.661706] do_group_exit+0xe0/0x2b0 [ 128.662006] __x64_sys_exit_group+0x47/0x50 [ 128.662347] do_syscall_64+0x3b/0x90 [ 128.662665] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.663076] RIP: 0033:0x7f4b87518a4d [ 128.663381] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.663864] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.664460] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.665011] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.665558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.666111] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.666683] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.667261] [ 128.667453] irq event stamp: 0 [ 128.667702] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.668194] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.668842] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.669500] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.670002] ---[ end trace 0000000000000000 ]--- [ 128.670731] ------------[ cut here ]------------ [ 128.671104] WARNING: CPU: 0 PID: 1197 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.671913] Modules linked in: [ 128.672163] CPU: 0 PID: 1197 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.672835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.673700] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.674098] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.675535] RSP: 0018:ffff88801480fb78 EFLAGS: 00010246 [ 128.675947] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.676499] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 128.677050] RBP: ffff88801480fb98 R08: ffffed100432843e R09: ffffed100432843e [ 128.677603] R10: ffff8880219421ef R11: ffffed100432843d R12: ffff888021942290 [ 128.678152] R13: ffff8880219420a8 R14: ffffffffffffffff R15: ffff88801480fc60 [ 128.678725] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.679353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.679804] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.680361] PKRU: 55555554 [ 128.680587] Call Trace: [ 128.680783] [ 128.680963] iommufd_ioas_destroy+0x53/0x70 [ 128.681307] iommufd_fops_release+0x1f7/0x370 [ 128.681666] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.682062] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.682452] ? write_comp_data+0x2f/0x90 [ 128.682797] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.683195] __fput+0x26d/0xa40 [ 128.683473] ____fput+0x1e/0x30 [ 128.683745] task_work_run+0x1a4/0x2d0 [ 128.684061] ? __pfx_task_work_run+0x10/0x10 [ 128.684410] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.684794] ? switch_task_namespaces+0xa9/0xe0 [ 128.685166] do_exit+0xb17/0x2ef0 [ 128.685438] ? lock_acquire+0x427/0x4c0 [ 128.685756] ? __pfx_lock_release+0x10/0x10 [ 128.686099] ? __kasan_check_write+0x18/0x20 [ 128.686447] ? do_raw_spin_lock+0x132/0x2a0 [ 128.686828] ? __pfx_do_exit+0x10/0x10 [ 128.687151] ? debug_smp_processor_id+0x20/0x30 [ 128.687519] ? rcu_is_watching+0x19/0xb0 [ 128.687839] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.688196] ? trace_hardirqs_on+0x26/0x120 [ 128.688545] do_group_exit+0xe0/0x2b0 [ 128.688850] __x64_sys_exit_group+0x47/0x50 [ 128.689188] do_syscall_64+0x3b/0x90 [ 128.689484] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.689893] RIP: 0033:0x7f4b87518a4d [ 128.690186] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.690678] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.691271] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.691824] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.692379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.692926] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.693476] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.694036] [ 128.694221] irq event stamp: 0 [ 128.694466] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.694975] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.695637] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.696291] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.696782] ---[ end trace 0000000000000000 ]--- [ 128.701343] ------------[ cut here ]------------ [ 128.701739] WARNING: CPU: 0 PID: 1198 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.702766] Modules linked in: [ 128.703020] CPU: 0 PID: 1198 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.703712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.704590] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.704978] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.706393] RSP: 0018:ffff888017367bb8 EFLAGS: 00010246 [ 128.706826] RAX: 0000000000000000 RBX: ffff888015a6f8a8 RCX: 0000000000000000 [ 128.707385] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 128.707939] RBP: ffff888017367bd0 R08: ffffed1002b4df33 R09: ffffed1002b4df33 [ 128.708496] R10: ffff888015a6f993 R11: ffffed1002b4df32 R12: ffff888010573c00 [ 128.709051] R13: ffff888015a6f9e8 R14: ffffffff8352e670 R15: ffff888017367e68 [ 128.709608] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.710234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.710700] CR2: 0000000020000140 CR3: 0000000020fc8000 CR4: 0000000000750ef0 [ 128.711262] PKRU: 55555554 [ 128.711479] Call Trace: [ 128.711681] [ 128.711860] __iommufd_access_detach+0x1c2/0x2b0 [ 128.712240] iommufd_access_change_pt+0x149/0x270 [ 128.712629] iommufd_access_replace+0xb4/0x120 [ 128.712994] iommufd_test+0x3e5/0x37e0 [ 128.713299] ? lock_release+0x532/0x770 [ 128.713623] ? __might_fault+0x102/0x1b0 [ 128.713951] ? lock_acquire+0x427/0x4c0 [ 128.714271] ? __pfx_iommufd_test+0x10/0x10 [ 128.714619] ? __pfx_lock_release+0x10/0x10 [ 128.714965] ? __pfx_lock_acquire+0x10/0x10 [ 128.715319] ? write_comp_data+0x2f/0x90 [ 128.715649] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.716036] ? write_comp_data+0x2f/0x90 [ 128.716361] iommufd_fops_ioctl+0x37d/0x510 [ 128.716702] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.717086] ? write_comp_data+0x2f/0x90 [ 128.717413] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.717797] __x64_sys_ioctl+0x1a3/0x230 [ 128.718125] do_syscall_64+0x3b/0x90 [ 128.718427] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.718855] RIP: 0033:0x7f4b8743ee5d [ 128.719161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.720598] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.721190] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.721741] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.722322] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.722903] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.723465] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.724028] [ 128.724224] irq event stamp: 0 [ 128.724472] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.724960] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.725622] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.726270] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.726775] ---[ end trace 0000000000000000 ]--- [ 128.729499] ------------[ cut here ]------------ [ 128.729888] WARNING: CPU: 0 PID: 1198 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.730698] Modules linked in: [ 128.730949] CPU: 0 PID: 1198 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.731641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.732517] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.732909] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.734315] RSP: 0018:ffff888017367bd0 EFLAGS: 00010246 [ 128.734748] RAX: 0000000000000000 RBX: ffff888015a6f8a8 RCX: 0000000000000000 [ 128.735303] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 128.735853] RBP: ffff888017367be8 R08: ffffed1002b4df33 R09: ffffed1002b4df33 [ 128.736408] R10: ffff888015a6f993 R11: ffffed1002b4df32 R12: ffff888017b2bc00 [ 128.736959] R13: ffff888015a6f9e8 R14: ffff88802087f100 R15: 0000000000000000 [ 128.737514] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.738134] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.738617] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.739185] PKRU: 55555554 [ 128.739412] Call Trace: [ 128.739616] [ 128.739792] iommufd_access_destroy_object+0x65/0x170 [ 128.740201] iommufd_object_destroy_user+0x18e/0x220 [ 128.740605] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.741063] iommufd_access_destroy+0x43/0x70 [ 128.741417] iommufd_test_staccess_release+0x8d/0xd0 [ 128.741813] __fput+0x26d/0xa40 [ 128.742085] ____fput+0x1e/0x30 [ 128.742355] task_work_run+0x1a4/0x2d0 [ 128.742691] ? __pfx_task_work_run+0x10/0x10 [ 128.743046] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.743446] ? switch_task_namespaces+0xa9/0xe0 [ 128.743826] do_exit+0xb17/0x2ef0 [ 128.744098] ? lock_acquire+0x427/0x4c0 [ 128.744421] ? __pfx_lock_release+0x10/0x10 [ 128.744765] ? __kasan_check_write+0x18/0x20 [ 128.745118] ? do_raw_spin_lock+0x132/0x2a0 [ 128.745461] ? __pfx_do_exit+0x10/0x10 [ 128.745781] ? debug_smp_processor_id+0x20/0x30 [ 128.746149] ? rcu_is_watching+0x19/0xb0 [ 128.746465] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.746854] ? trace_hardirqs_on+0x26/0x120 [ 128.747207] do_group_exit+0xe0/0x2b0 [ 128.747518] __x64_sys_exit_group+0x47/0x50 [ 128.747852] do_syscall_64+0x3b/0x90 [ 128.748155] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.748567] RIP: 0033:0x7f4b87518a4d [ 128.748859] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.749333] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.749920] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.750481] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.751054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.751609] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.752154] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.752713] [ 128.752896] irq event stamp: 0 [ 128.753147] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.753637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.754298] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.754968] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.755460] ---[ end trace 0000000000000000 ]--- [ 128.756161] ------------[ cut here ]------------ [ 128.756528] WARNING: CPU: 0 PID: 1198 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.757322] Modules linked in: [ 128.757576] CPU: 0 PID: 1198 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.758277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.759194] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.759597] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.761011] RSP: 0018:ffff888017367b78 EFLAGS: 00010246 [ 128.761430] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.761979] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 128.762549] RBP: ffff888017367b98 R08: ffffed1002b4df3e R09: ffffed1002b4df3e [ 128.763101] R10: ffff888015a6f9ef R11: ffffed1002b4df3d R12: ffff888015a6fa90 [ 128.763678] R13: ffff888015a6f8a8 R14: ffffffffffffffff R15: ffff888017367c60 [ 128.764228] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.764851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.765312] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.765856] PKRU: 55555554 [ 128.766079] Call Trace: [ 128.766278] [ 128.766453] iommufd_ioas_destroy+0x53/0x70 [ 128.766828] iommufd_fops_release+0x1f7/0x370 [ 128.767194] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.767595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.767983] ? write_comp_data+0x2f/0x90 [ 128.768304] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.768698] __fput+0x26d/0xa40 [ 128.768966] ____fput+0x1e/0x30 [ 128.769235] task_work_run+0x1a4/0x2d0 [ 128.769547] ? __pfx_task_work_run+0x10/0x10 [ 128.769899] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.770297] ? switch_task_namespaces+0xa9/0xe0 [ 128.770693] do_exit+0xb17/0x2ef0 [ 128.770967] ? lock_acquire+0x427/0x4c0 [ 128.771297] ? __pfx_lock_release+0x10/0x10 [ 128.771647] ? __kasan_check_write+0x18/0x20 [ 128.771997] ? do_raw_spin_lock+0x132/0x2a0 [ 128.772343] ? __pfx_do_exit+0x10/0x10 [ 128.772661] ? debug_smp_processor_id+0x20/0x30 [ 128.773025] ? rcu_is_watching+0x19/0xb0 [ 128.773345] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.773707] ? trace_hardirqs_on+0x26/0x120 [ 128.774054] do_group_exit+0xe0/0x2b0 [ 128.774357] __x64_sys_exit_group+0x47/0x50 [ 128.774715] do_syscall_64+0x3b/0x90 [ 128.775017] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.775442] RIP: 0033:0x7f4b87518a4d [ 128.775732] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.776206] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.776793] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.777349] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.777905] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.778454] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.779030] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.779603] [ 128.779788] irq event stamp: 0 [ 128.780037] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.780530] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.781181] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.781834] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.782321] ---[ end trace 0000000000000000 ]--- [ 128.787813] ------------[ cut here ]------------ [ 128.788378] WARNING: CPU: 1 PID: 1199 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.789485] Modules linked in: [ 128.789845] CPU: 1 PID: 1199 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.791233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.792472] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.793023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.795032] RSP: 0018:ffff88801735fbb8 EFLAGS: 00010246 [ 128.795631] RAX: 0000000000000000 RBX: ffff888014b7d8a8 RCX: 0000000000000000 [ 128.796396] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 128.797168] RBP: ffff88801735fbd0 R08: ffffed100296fb33 R09: ffffed100296fb33 [ 128.797940] R10: ffff888014b7d993 R11: ffffed100296fb32 R12: ffff88800f269800 [ 128.798739] R13: ffff888014b7d9e8 R14: ffffffff8352e670 R15: ffff88801735fe68 [ 128.799508] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.800121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.800553] CR2: 0000000020000140 CR3: 0000000020fc8000 CR4: 0000000000750ee0 [ 128.801095] PKRU: 55555554 [ 128.801308] Call Trace: [ 128.801501] [ 128.801673] __iommufd_access_detach+0x1c2/0x2b0 [ 128.802052] iommufd_access_change_pt+0x149/0x270 [ 128.802427] iommufd_access_replace+0xb4/0x120 [ 128.802824] iommufd_test+0x3e5/0x37e0 [ 128.803218] ? lock_release+0x532/0x770 [ 128.803565] ? __might_fault+0x102/0x1b0 [ 128.803883] ? lock_acquire+0x427/0x4c0 [ 128.804192] ? __pfx_iommufd_test+0x10/0x10 [ 128.804528] ? __pfx_lock_release+0x10/0x10 [ 128.804866] ? __pfx_lock_acquire+0x10/0x10 [ 128.805201] ? write_comp_data+0x2f/0x90 [ 128.805526] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.805897] ? write_comp_data+0x2f/0x90 [ 128.806215] iommufd_fops_ioctl+0x37d/0x510 [ 128.806575] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.807052] ? write_comp_data+0x2f/0x90 [ 128.807383] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.807768] __x64_sys_ioctl+0x1a3/0x230 [ 128.808084] do_syscall_64+0x3b/0x90 [ 128.808378] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.808787] RIP: 0033:0x7f4b8743ee5d [ 128.809071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.810444] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.811049] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.811690] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.812236] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.812774] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.813318] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.813864] [ 128.814044] irq event stamp: 0 [ 128.814293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.814798] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.815537] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.816166] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.816655] ---[ end trace 0000000000000000 ]--- [ 128.819865] ------------[ cut here ]------------ [ 128.820259] WARNING: CPU: 0 PID: 1199 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.821046] Modules linked in: [ 128.821294] CPU: 0 PID: 1199 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.821965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.822922] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.823395] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.824768] RSP: 0018:ffff88801735fbd0 EFLAGS: 00010246 [ 128.825176] RAX: 0000000000000000 RBX: ffff888014b7d8a8 RCX: 0000000000000000 [ 128.825722] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 128.826254] RBP: ffff88801735fbe8 R08: ffffed100296fb33 R09: ffffed100296fb33 [ 128.826934] R10: ffff888014b7d993 R11: ffffed100296fb32 R12: ffff888012b44c00 [ 128.827540] R13: ffff888014b7d9e8 R14: ffff888020e7a700 R15: 0000000000000000 [ 128.828095] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.828715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.829157] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.829699] PKRU: 55555554 [ 128.829928] Call Trace: [ 128.830127] [ 128.830302] iommufd_access_destroy_object+0x65/0x170 [ 128.830737] iommufd_object_destroy_user+0x18e/0x220 [ 128.831238] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.831693] iommufd_access_destroy+0x43/0x70 [ 128.832055] iommufd_test_staccess_release+0x8d/0xd0 [ 128.832456] __fput+0x26d/0xa40 [ 128.832727] ____fput+0x1e/0x30 [ 128.832992] task_work_run+0x1a4/0x2d0 [ 128.833306] ? __pfx_task_work_run+0x10/0x10 [ 128.833654] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.834041] ? switch_task_namespaces+0xa9/0xe0 [ 128.834417] do_exit+0xb17/0x2ef0 [ 128.834720] ? lock_acquire+0x427/0x4c0 [ 128.835046] ? __pfx_lock_release+0x10/0x10 [ 128.835418] ? __kasan_check_write+0x18/0x20 [ 128.835794] ? do_raw_spin_lock+0x132/0x2a0 [ 128.836134] ? __pfx_do_exit+0x10/0x10 [ 128.836449] ? debug_smp_processor_id+0x20/0x30 [ 128.836822] ? rcu_is_watching+0x19/0xb0 [ 128.837144] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.837513] ? trace_hardirqs_on+0x26/0x120 [ 128.837862] do_group_exit+0xe0/0x2b0 [ 128.838165] __x64_sys_exit_group+0x47/0x50 [ 128.838549] do_syscall_64+0x3b/0x90 [ 128.838856] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.839294] RIP: 0033:0x7f4b87518a4d [ 128.839585] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.840070] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.840665] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.841217] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.841781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.842335] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.842929] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.843510] [ 128.843700] irq event stamp: 0 [ 128.843947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.844441] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.845098] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.845751] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.846261] ---[ end trace 0000000000000000 ]--- [ 128.846991] ------------[ cut here ]------------ [ 128.847378] WARNING: CPU: 0 PID: 1199 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.848187] Modules linked in: [ 128.848451] CPU: 0 PID: 1199 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.849135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.850011] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.850421] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.851869] RSP: 0018:ffff88801735fb78 EFLAGS: 00010246 [ 128.852291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.852852] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 128.853412] RBP: ffff88801735fb98 R08: ffffed100296fb3e R09: ffffed100296fb3e [ 128.853971] R10: ffff888014b7d9ef R11: ffffed100296fb3d R12: ffff888014b7da90 [ 128.854563] R13: ffff888014b7d8a8 R14: ffffffffffffffff R15: ffff88801735fc60 [ 128.855147] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 128.855804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.856287] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 128.856893] PKRU: 55555554 [ 128.857131] Call Trace: [ 128.857352] [ 128.857543] iommufd_ioas_destroy+0x53/0x70 [ 128.857905] iommufd_fops_release+0x1f7/0x370 [ 128.858285] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.858730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.859153] ? write_comp_data+0x2f/0x90 [ 128.859496] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.859915] __fput+0x26d/0xa40 [ 128.860205] ____fput+0x1e/0x30 [ 128.860489] task_work_run+0x1a4/0x2d0 [ 128.860828] ? __pfx_task_work_run+0x10/0x10 [ 128.861204] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.861614] ? switch_task_namespaces+0xa9/0xe0 [ 128.862010] do_exit+0xb17/0x2ef0 [ 128.862299] ? lock_acquire+0x427/0x4c0 [ 128.862654] ? __pfx_lock_release+0x10/0x10 [ 128.863023] ? __kasan_check_write+0x18/0x20 [ 128.863405] ? do_raw_spin_lock+0x132/0x2a0 [ 128.863771] ? __pfx_do_exit+0x10/0x10 [ 128.864110] ? debug_smp_processor_id+0x20/0x30 [ 128.864505] ? rcu_is_watching+0x19/0xb0 [ 128.864847] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.865228] ? trace_hardirqs_on+0x26/0x120 [ 128.865596] do_group_exit+0xe0/0x2b0 [ 128.865918] __x64_sys_exit_group+0x47/0x50 [ 128.866281] do_syscall_64+0x3b/0x90 [ 128.866639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.867094] RIP: 0033:0x7f4b87518a4d [ 128.867430] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.867945] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.868577] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.869163] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.869755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.870349] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.870967] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.871581] [ 128.871776] irq event stamp: 0 [ 128.872040] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.872567] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.873264] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.873963] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.874490] ---[ end trace 0000000000000000 ]--- [ 128.880503] ------------[ cut here ]------------ [ 128.881097] WARNING: CPU: 1 PID: 1200 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.882267] Modules linked in: [ 128.882741] CPU: 1 PID: 1200 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.883767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.885064] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.885638] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.887763] RSP: 0018:ffff888017367bb8 EFLAGS: 00010246 [ 128.888404] RAX: 0000000000000000 RBX: ffff888020aca8a8 RCX: 0000000000000000 [ 128.889236] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 128.890057] RBP: ffff888017367bd0 R08: ffffed1004159533 R09: ffffed1004159533 [ 128.890900] R10: ffff888020aca993 R11: ffffed1004159532 R12: ffff888012b53c00 [ 128.891729] R13: ffff888020aca9e8 R14: ffffffff8352e670 R15: ffff888017367e68 [ 128.892546] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.893488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.894176] CR2: 0000000020000140 CR3: 0000000020fc8000 CR4: 0000000000750ee0 [ 128.895059] PKRU: 55555554 [ 128.895424] Call Trace: [ 128.895734] [ 128.896010] __iommufd_access_detach+0x1c2/0x2b0 [ 128.896599] iommufd_access_change_pt+0x149/0x270 [ 128.897194] iommufd_access_replace+0xb4/0x120 [ 128.897763] iommufd_test+0x3e5/0x37e0 [ 128.898234] ? lock_release+0x532/0x770 [ 128.898770] ? __might_fault+0x102/0x1b0 [ 128.899287] ? lock_acquire+0x427/0x4c0 [ 128.899777] ? __pfx_iommufd_test+0x10/0x10 [ 128.900290] ? __pfx_lock_release+0x10/0x10 [ 128.900821] ? __pfx_lock_acquire+0x10/0x10 [ 128.901355] ? write_comp_data+0x2f/0x90 [ 128.901854] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.902440] ? write_comp_data+0x2f/0x90 [ 128.902988] iommufd_fops_ioctl+0x37d/0x510 [ 128.903548] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.904145] ? write_comp_data+0x2f/0x90 [ 128.904661] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 128.905268] __x64_sys_ioctl+0x1a3/0x230 [ 128.905799] do_syscall_64+0x3b/0x90 [ 128.906274] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.906962] RIP: 0033:0x7f4b8743ee5d [ 128.907454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 128.909601] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 128.910566] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 128.911441] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 128.912278] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 128.913121] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 128.913971] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 128.914882] [ 128.915209] irq event stamp: 0 [ 128.915592] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.916334] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.917319] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.918306] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.919107] ---[ end trace 0000000000000000 ]--- [ 128.923871] ------------[ cut here ]------------ [ 128.924471] WARNING: CPU: 1 PID: 1200 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.925673] Modules linked in: [ 128.926077] CPU: 1 PID: 1200 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.927236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.928576] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 128.929186] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 128.931399] RSP: 0018:ffff888017367bd0 EFLAGS: 00010246 [ 128.932052] RAX: 0000000000000000 RBX: ffff888020aca8a8 RCX: 0000000000000000 [ 128.932906] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 128.933764] RBP: ffff888017367be8 R08: ffffed1004159533 R09: ffffed1004159533 [ 128.934677] R10: ffff888020aca993 R11: ffffed1004159532 R12: ffff88800f269000 [ 128.935555] R13: ffff888020aca9e8 R14: ffff888014229700 R15: 0000000000000000 [ 128.936412] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.937368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.938061] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.938955] PKRU: 55555554 [ 128.939382] Call Trace: [ 128.939633] [ 128.939847] iommufd_access_destroy_object+0x65/0x170 [ 128.940340] iommufd_object_destroy_user+0x18e/0x220 [ 128.940823] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 128.941375] iommufd_access_destroy+0x43/0x70 [ 128.941806] iommufd_test_staccess_release+0x8d/0xd0 [ 128.942293] __fput+0x26d/0xa40 [ 128.942665] ____fput+0x1e/0x30 [ 128.942991] task_work_run+0x1a4/0x2d0 [ 128.943379] ? __pfx_task_work_run+0x10/0x10 [ 128.943807] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.944283] ? switch_task_namespaces+0xa9/0xe0 [ 128.944745] do_exit+0xb17/0x2ef0 [ 128.945078] ? lock_acquire+0x427/0x4c0 [ 128.945467] ? __pfx_lock_release+0x10/0x10 [ 128.945885] ? __kasan_check_write+0x18/0x20 [ 128.946311] ? do_raw_spin_lock+0x132/0x2a0 [ 128.946753] ? __pfx_do_exit+0x10/0x10 [ 128.947151] ? debug_smp_processor_id+0x20/0x30 [ 128.947606] ? rcu_is_watching+0x19/0xb0 [ 128.947997] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.948436] ? trace_hardirqs_on+0x26/0x120 [ 128.948860] do_group_exit+0xe0/0x2b0 [ 128.949231] __x64_sys_exit_group+0x47/0x50 [ 128.949644] do_syscall_64+0x3b/0x90 [ 128.950013] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.950555] RIP: 0033:0x7f4b87518a4d [ 128.950921] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.951520] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.952248] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.952930] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.953614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.954290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.955004] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.955709] [ 128.955935] irq event stamp: 0 [ 128.956236] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.956837] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.957637] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.958428] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.959054] ---[ end trace 0000000000000000 ]--- [ 128.959872] ------------[ cut here ]------------ [ 128.960327] WARNING: CPU: 1 PID: 1200 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 128.961303] Modules linked in: [ 128.961610] CPU: 1 PID: 1200 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.962442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 128.963563] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 128.964070] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 128.965810] RSP: 0018:ffff888017367b78 EFLAGS: 00010246 [ 128.966319] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.967022] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 128.967715] RBP: ffff888017367b98 R08: ffffed100415953e R09: ffffed100415953e [ 128.968393] R10: ffff888020aca9ef R11: ffffed100415953d R12: ffff888020acaa90 [ 128.969072] R13: ffff888020aca8a8 R14: ffffffffffffffff R15: ffff888017367c60 [ 128.969755] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 128.970553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.971120] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 128.971799] PKRU: 55555554 [ 128.972071] Call Trace: [ 128.972315] [ 128.972533] iommufd_ioas_destroy+0x53/0x70 [ 128.972955] iommufd_fops_release+0x1f7/0x370 [ 128.973399] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.973881] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.974358] ? write_comp_data+0x2f/0x90 [ 128.974786] ? __pfx_iommufd_fops_release+0x10/0x10 [ 128.975290] __fput+0x26d/0xa40 [ 128.975626] ____fput+0x1e/0x30 [ 128.975955] task_work_run+0x1a4/0x2d0 [ 128.976338] ? __pfx_task_work_run+0x10/0x10 [ 128.976771] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 128.977251] ? switch_task_namespaces+0xa9/0xe0 [ 128.977724] do_exit+0xb17/0x2ef0 [ 128.978062] ? lock_acquire+0x427/0x4c0 [ 128.978456] ? __pfx_lock_release+0x10/0x10 [ 128.978905] ? __kasan_check_write+0x18/0x20 [ 128.979350] ? do_raw_spin_lock+0x132/0x2a0 [ 128.979767] ? __pfx_do_exit+0x10/0x10 [ 128.980145] ? debug_smp_processor_id+0x20/0x30 [ 128.980599] ? rcu_is_watching+0x19/0xb0 [ 128.980996] ? _raw_spin_unlock_irq+0x2b/0x60 [ 128.981439] ? trace_hardirqs_on+0x26/0x120 [ 128.981865] do_group_exit+0xe0/0x2b0 [ 128.982238] __x64_sys_exit_group+0x47/0x50 [ 128.982684] do_syscall_64+0x3b/0x90 [ 128.983060] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 128.983577] RIP: 0033:0x7f4b87518a4d [ 128.983940] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 128.984534] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 128.985262] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 128.985941] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 128.986650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 128.987354] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 128.988041] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 128.988729] [ 128.988955] irq event stamp: 0 [ 128.989261] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 128.989861] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 128.990680] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 128.991484] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 128.992085] ---[ end trace 0000000000000000 ]--- [ 128.996771] ------------[ cut here ]------------ [ 128.997274] WARNING: CPU: 1 PID: 1201 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 128.998236] Modules linked in: [ 128.998792] CPU: 1 PID: 1201 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 128.999635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.000703] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.001177] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.002934] RSP: 0018:ffff88801735fbb8 EFLAGS: 00010246 [ 129.003457] RAX: 0000000000000000 RBX: ffff8880160748a8 RCX: 0000000000000000 [ 129.004137] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 129.004814] RBP: ffff88801735fbd0 R08: ffffed1002c0e933 R09: ffffed1002c0e933 [ 129.005512] R10: ffff888016074993 R11: ffffed1002c0e932 R12: ffff88800fbdbc00 [ 129.006207] R13: ffff8880160749e8 R14: ffffffff8352e670 R15: ffff88801735fe68 [ 129.006932] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.007739] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.008310] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 129.009018] PKRU: 55555554 [ 129.009299] Call Trace: [ 129.009550] [ 129.009774] __iommufd_access_detach+0x1c2/0x2b0 [ 129.010253] iommufd_access_change_pt+0x149/0x270 [ 129.010761] iommufd_access_replace+0xb4/0x120 [ 129.011241] iommufd_test+0x3e5/0x37e0 [ 129.011626] ? lock_release+0x532/0x770 [ 129.012028] ? __might_fault+0x102/0x1b0 [ 129.012438] ? lock_acquire+0x427/0x4c0 [ 129.012841] ? __pfx_iommufd_test+0x10/0x10 [ 129.013268] ? __pfx_lock_release+0x10/0x10 [ 129.013700] ? __pfx_lock_acquire+0x10/0x10 [ 129.014134] ? write_comp_data+0x2f/0x90 [ 129.014570] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.015058] ? write_comp_data+0x2f/0x90 [ 129.015478] iommufd_fops_ioctl+0x37d/0x510 [ 129.015915] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.016406] ? write_comp_data+0x2f/0x90 [ 129.016815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.017291] __x64_sys_ioctl+0x1a3/0x230 [ 129.017706] do_syscall_64+0x3b/0x90 [ 129.018082] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.018651] RIP: 0033:0x7f4b8743ee5d [ 129.019024] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.020839] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.021589] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.022289] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.023012] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.023728] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.024425] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.025129] [ 129.025362] irq event stamp: 0 [ 129.025672] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.026292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.027141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.027977] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.028605] ---[ end trace 0000000000000000 ]--- [ 129.031817] ------------[ cut here ]------------ [ 129.032328] WARNING: CPU: 1 PID: 1201 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.033321] Modules linked in: [ 129.033637] CPU: 1 PID: 1201 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.034495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.035906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.036527] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.038768] RSP: 0018:ffff88801735fbd0 EFLAGS: 00010246 [ 129.039431] RAX: 0000000000000000 RBX: ffff8880160748a8 RCX: 0000000000000000 [ 129.040288] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 129.041144] RBP: ffff88801735fbe8 R08: ffffed1002c0e933 R09: ffffed1002c0e933 [ 129.041998] R10: ffff888016074993 R11: ffffed1002c0e932 R12: ffff888012b51400 [ 129.042885] R13: ffff8880160749e8 R14: ffff88800fa77b00 R15: 0000000000000000 [ 129.043765] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.044738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.045443] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.046313] PKRU: 55555554 [ 129.046698] Call Trace: [ 129.047017] [ 129.047319] iommufd_access_destroy_object+0x65/0x170 [ 129.047959] iommufd_object_destroy_user+0x18e/0x220 [ 129.048588] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.049302] iommufd_access_destroy+0x43/0x70 [ 129.049865] iommufd_test_staccess_release+0x8d/0xd0 [ 129.050496] __fput+0x26d/0xa40 [ 129.050966] ____fput+0x1e/0x30 [ 129.051397] task_work_run+0x1a4/0x2d0 [ 129.051887] ? __pfx_task_work_run+0x10/0x10 [ 129.052435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.053039] ? switch_task_namespaces+0xa9/0xe0 [ 129.053629] do_exit+0xb17/0x2ef0 [ 129.054058] ? lock_acquire+0x427/0x4c0 [ 129.054609] ? __pfx_lock_release+0x10/0x10 [ 129.055166] ? __kasan_check_write+0x18/0x20 [ 129.055717] ? do_raw_spin_lock+0x132/0x2a0 [ 129.056246] ? __pfx_do_exit+0x10/0x10 [ 129.056738] ? debug_smp_processor_id+0x20/0x30 [ 129.057312] ? rcu_is_watching+0x19/0xb0 [ 129.057813] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.058376] ? trace_hardirqs_on+0x26/0x120 [ 129.058970] do_group_exit+0xe0/0x2b0 [ 129.059459] __x64_sys_exit_group+0x47/0x50 [ 129.059987] do_syscall_64+0x3b/0x90 [ 129.060456] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.061097] RIP: 0033:0x7f4b87518a4d [ 129.061555] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.062301] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.063265] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.064128] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.064985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.065841] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.066729] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.067616] [ 129.067905] irq event stamp: 0 [ 129.068293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.069052] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.070055] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.071083] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.071860] ---[ end trace 0000000000000000 ]--- [ 129.073142] ------------[ cut here ]------------ [ 129.073716] WARNING: CPU: 1 PID: 1201 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.074993] Modules linked in: [ 129.075415] CPU: 1 PID: 1201 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.076466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.077810] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.078433] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.080659] RSP: 0018:ffff88801735fb78 EFLAGS: 00010246 [ 129.081310] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.082165] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 129.083050] RBP: ffff88801735fb98 R08: ffffed1002c0e93e R09: ffffed1002c0e93e [ 129.083918] R10: ffff8880160749ef R11: ffffed1002c0e93d R12: ffff888016074a90 [ 129.084773] R13: ffff8880160748a8 R14: ffffffffffffffff R15: ffff88801735fc60 [ 129.085633] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.086635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.087351] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.088214] PKRU: 55555554 [ 129.088560] Call Trace: [ 129.088875] [ 129.089157] iommufd_ioas_destroy+0x53/0x70 [ 129.089692] iommufd_fops_release+0x1f7/0x370 [ 129.090248] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.090890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.091514] ? write_comp_data+0x2f/0x90 [ 129.092024] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.092636] __fput+0x26d/0xa40 [ 129.093066] ____fput+0x1e/0x30 [ 129.093485] task_work_run+0x1a4/0x2d0 [ 129.093976] ? __pfx_task_work_run+0x10/0x10 [ 129.094553] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.095173] ? switch_task_namespaces+0xa9/0xe0 [ 129.095763] do_exit+0xb17/0x2ef0 [ 129.096193] ? lock_acquire+0x427/0x4c0 [ 129.096694] ? __pfx_lock_release+0x10/0x10 [ 129.097231] ? __kasan_check_write+0x18/0x20 [ 129.097783] ? do_raw_spin_lock+0x132/0x2a0 [ 129.098314] ? __pfx_do_exit+0x10/0x10 [ 129.098836] ? debug_smp_processor_id+0x20/0x30 [ 129.099439] ? rcu_is_watching+0x19/0xb0 [ 129.099938] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.100503] ? trace_hardirqs_on+0x26/0x120 [ 129.101045] do_group_exit+0xe0/0x2b0 [ 129.101519] __x64_sys_exit_group+0x47/0x50 [ 129.102046] do_syscall_64+0x3b/0x90 [ 129.102550] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.103215] RIP: 0033:0x7f4b87518a4d [ 129.103671] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.104415] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.105330] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.106185] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.107070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.107947] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.108805] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.109672] [ 129.109961] irq event stamp: 0 [ 129.110346] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.111145] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.112155] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.113157] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.113916] ---[ end trace 0000000000000000 ]--- [ 129.120768] ------------[ cut here ]------------ [ 129.121378] WARNING: CPU: 1 PID: 1202 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.122630] Modules linked in: [ 129.123028] CPU: 1 PID: 1202 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.124094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.125440] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.126042] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.128248] RSP: 0018:ffff888012a8fbb8 EFLAGS: 00010246 [ 129.128897] RAX: 0000000000000000 RBX: ffff8880172968a8 RCX: 0000000000000000 [ 129.129753] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 129.130634] RBP: ffff888012a8fbd0 R08: ffffed1002e52d33 R09: ffffed1002e52d33 [ 129.131516] R10: ffff888017296993 R11: ffffed1002e52d32 R12: ffff888010b75400 [ 129.132373] R13: ffff8880172969e8 R14: ffffffff8352e670 R15: ffff888012a8fe68 [ 129.133231] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.134195] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.134919] CR2: 0000000020000140 CR3: 0000000020fbc000 CR4: 0000000000750ee0 [ 129.135794] PKRU: 55555554 [ 129.136141] Call Trace: [ 129.136456] [ 129.136736] __iommufd_access_detach+0x1c2/0x2b0 [ 129.137333] iommufd_access_change_pt+0x149/0x270 [ 129.137936] iommufd_access_replace+0xb4/0x120 [ 129.138534] iommufd_test+0x3e5/0x37e0 [ 129.139016] ? lock_release+0x532/0x770 [ 129.139531] ? __might_fault+0x102/0x1b0 [ 129.140040] ? lock_acquire+0x427/0x4c0 [ 129.140541] ? __pfx_iommufd_test+0x10/0x10 [ 129.141064] ? __pfx_lock_release+0x10/0x10 [ 129.141601] ? __pfx_lock_acquire+0x10/0x10 [ 129.142140] ? write_comp_data+0x2f/0x90 [ 129.142680] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.143304] ? write_comp_data+0x2f/0x90 [ 129.143818] iommufd_fops_ioctl+0x37d/0x510 [ 129.144350] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.144952] ? write_comp_data+0x2f/0x90 [ 129.145463] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.146055] __x64_sys_ioctl+0x1a3/0x230 [ 129.146593] do_syscall_64+0x3b/0x90 [ 129.147069] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.147722] RIP: 0033:0x7f4b8743ee5d [ 129.148179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.150357] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.151304] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.152162] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.153017] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.153870] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.154751] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.155634] [ 129.155923] irq event stamp: 0 [ 129.156310] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.157068] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.158070] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.159095] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.159896] ---[ end trace 0000000000000000 ]--- [ 129.163017] ------------[ cut here ]------------ [ 129.163527] WARNING: CPU: 1 PID: 1202 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.164523] Modules linked in: [ 129.164839] CPU: 1 PID: 1202 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.165692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.166824] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.167327] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.169123] RSP: 0018:ffff888012a8fbd0 EFLAGS: 00010246 [ 129.169646] RAX: 0000000000000000 RBX: ffff8880172968a8 RCX: 0000000000000000 [ 129.170348] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 129.171077] RBP: ffff888012a8fbe8 R08: ffffed1002e52d33 R09: ffffed1002e52d33 [ 129.171789] R10: ffff888017296993 R11: ffffed1002e52d32 R12: ffff88800fbd9400 [ 129.172493] R13: ffff8880172969e8 R14: ffff888016e16c00 R15: 0000000000000000 [ 129.173194] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.173981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.174601] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.175331] PKRU: 55555554 [ 129.175615] Call Trace: [ 129.175868] [ 129.176094] iommufd_access_destroy_object+0x65/0x170 [ 129.176624] iommufd_object_destroy_user+0x18e/0x220 [ 129.177142] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.177728] iommufd_access_destroy+0x43/0x70 [ 129.178181] iommufd_test_staccess_release+0x8d/0xd0 [ 129.178731] __fput+0x26d/0xa40 [ 129.179081] ____fput+0x1e/0x30 [ 129.179431] task_work_run+0x1a4/0x2d0 [ 129.179827] ? __pfx_task_work_run+0x10/0x10 [ 129.180267] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.180757] ? switch_task_namespaces+0xa9/0xe0 [ 129.181237] do_exit+0xb17/0x2ef0 [ 129.181584] ? lock_acquire+0x427/0x4c0 [ 129.181986] ? __pfx_lock_release+0x10/0x10 [ 129.182427] ? __kasan_check_write+0x18/0x20 [ 129.182912] ? do_raw_spin_lock+0x132/0x2a0 [ 129.183359] ? __pfx_do_exit+0x10/0x10 [ 129.183759] ? debug_smp_processor_id+0x20/0x30 [ 129.184239] ? rcu_is_watching+0x19/0xb0 [ 129.184652] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.185121] ? trace_hardirqs_on+0x26/0x120 [ 129.185558] do_group_exit+0xe0/0x2b0 [ 129.185943] __x64_sys_exit_group+0x47/0x50 [ 129.186369] do_syscall_64+0x3b/0x90 [ 129.186804] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.187348] RIP: 0033:0x7f4b87518a4d [ 129.187722] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.188332] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.189088] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.189792] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.190491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.191245] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.191951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.192660] [ 129.192891] irq event stamp: 0 [ 129.193205] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.193822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.194678] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.195514] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.196137] ---[ end trace 0000000000000000 ]--- [ 129.196977] ------------[ cut here ]------------ [ 129.197444] WARNING: CPU: 1 PID: 1202 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.198443] Modules linked in: [ 129.198803] CPU: 1 PID: 1202 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.199678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.200781] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.201289] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.203131] RSP: 0018:ffff888012a8fb78 EFLAGS: 00010246 [ 129.203665] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.204365] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 129.205065] RBP: ffff888012a8fb98 R08: ffffed1002e52d3e R09: ffffed1002e52d3e [ 129.205769] R10: ffff8880172969ef R11: ffffed1002e52d3d R12: ffff888017296a90 [ 129.206468] R13: ffff8880172968a8 R14: ffffffffffffffff R15: ffff888012a8fc60 [ 129.207202] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.207995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.208567] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.209269] PKRU: 55555554 [ 129.209545] Call Trace: [ 129.209799] [ 129.210022] iommufd_ioas_destroy+0x53/0x70 [ 129.210460] iommufd_fops_release+0x1f7/0x370 [ 129.210943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.211455] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.211944] ? write_comp_data+0x2f/0x90 [ 129.212342] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.212829] __fput+0x26d/0xa40 [ 129.213162] ____fput+0x1e/0x30 [ 129.213490] task_work_run+0x1a4/0x2d0 [ 129.213873] ? __pfx_task_work_run+0x10/0x10 [ 129.214304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.214818] ? switch_task_namespaces+0xa9/0xe0 [ 129.215289] do_exit+0xb17/0x2ef0 [ 129.215626] ? lock_acquire+0x427/0x4c0 [ 129.216015] ? __pfx_lock_release+0x10/0x10 [ 129.216437] ? __kasan_check_write+0x18/0x20 [ 129.216863] ? do_raw_spin_lock+0x132/0x2a0 [ 129.217276] ? __pfx_do_exit+0x10/0x10 [ 129.217659] ? debug_smp_processor_id+0x20/0x30 [ 129.218109] ? rcu_is_watching+0x19/0xb0 [ 129.218501] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.218977] ? trace_hardirqs_on+0x26/0x120 [ 129.219407] do_group_exit+0xe0/0x2b0 [ 129.219774] __x64_sys_exit_group+0x47/0x50 [ 129.220184] do_syscall_64+0x3b/0x90 [ 129.220555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.221059] RIP: 0033:0x7f4b87518a4d [ 129.221412] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.221997] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.222755] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.223436] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.224111] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.224783] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.225456] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.226136] [ 129.226356] irq event stamp: 0 [ 129.226680] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.227286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.228072] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.228866] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.229462] ---[ end trace 0000000000000000 ]--- [ 129.234118] ------------[ cut here ]------------ [ 129.234668] WARNING: CPU: 1 PID: 1203 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.235606] Modules linked in: [ 129.235899] CPU: 1 PID: 1203 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.236687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.237700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.238148] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.239842] RSP: 0018:ffff888017307bb8 EFLAGS: 00010246 [ 129.240326] RAX: 0000000000000000 RBX: ffff8880245c28a8 RCX: 0000000000000000 [ 129.240969] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 129.241609] RBP: ffff888017307bd0 R08: ffffed10048b8533 R09: ffffed10048b8533 [ 129.242248] R10: ffff8880245c2993 R11: ffffed10048b8532 R12: ffff888010c6cc00 [ 129.242911] R13: ffff8880245c29e8 R14: ffffffff8352e670 R15: ffff888017307e68 [ 129.243566] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.244291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.244812] CR2: 0000000020000140 CR3: 000000000f516000 CR4: 0000000000750ee0 [ 129.245462] PKRU: 55555554 [ 129.245717] Call Trace: [ 129.245947] [ 129.246151] __iommufd_access_detach+0x1c2/0x2b0 [ 129.246622] iommufd_access_change_pt+0x149/0x270 [ 129.247068] iommufd_access_replace+0xb4/0x120 [ 129.247513] iommufd_test+0x3e5/0x37e0 [ 129.247866] ? lock_release+0x532/0x770 [ 129.248236] ? __might_fault+0x102/0x1b0 [ 129.248616] ? lock_acquire+0x427/0x4c0 [ 129.248991] ? __pfx_iommufd_test+0x10/0x10 [ 129.249384] ? __pfx_lock_release+0x10/0x10 [ 129.249785] ? __pfx_lock_acquire+0x10/0x10 [ 129.250184] ? write_comp_data+0x2f/0x90 [ 129.250593] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.251040] ? write_comp_data+0x2f/0x90 [ 129.251426] iommufd_fops_ioctl+0x37d/0x510 [ 129.251833] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.252277] ? write_comp_data+0x2f/0x90 [ 129.252657] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.253103] __x64_sys_ioctl+0x1a3/0x230 [ 129.253480] do_syscall_64+0x3b/0x90 [ 129.253830] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.254309] RIP: 0033:0x7f4b8743ee5d [ 129.254688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.256344] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.257033] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.257678] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.258320] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.258988] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.259640] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.260296] [ 129.260509] irq event stamp: 0 [ 129.260798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.261367] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.262121] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.262896] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.263475] ---[ end trace 0000000000000000 ]--- [ 129.266291] ------------[ cut here ]------------ [ 129.266783] WARNING: CPU: 1 PID: 1203 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.267708] Modules linked in: [ 129.268001] CPU: 1 PID: 1203 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.268792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.269807] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.270253] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.271918] RSP: 0018:ffff888017307bd0 EFLAGS: 00010246 [ 129.272401] RAX: 0000000000000000 RBX: ffff8880245c28a8 RCX: 0000000000000000 [ 129.273043] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 129.273685] RBP: ffff888017307be8 R08: ffffed10048b8533 R09: ffffed10048b8533 [ 129.274323] R10: ffff8880245c2993 R11: ffffed10048b8532 R12: ffff888010b77400 [ 129.274982] R13: ffff8880245c29e8 R14: ffff8880123ecd00 R15: 0000000000000000 [ 129.275627] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.276335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.276850] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.277479] PKRU: 55555554 [ 129.277728] Call Trace: [ 129.277955] [ 129.278157] iommufd_access_destroy_object+0x65/0x170 [ 129.278639] iommufd_object_destroy_user+0x18e/0x220 [ 129.279101] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.279647] iommufd_access_destroy+0x43/0x70 [ 129.280054] iommufd_test_staccess_release+0x8d/0xd0 [ 129.280520] __fput+0x26d/0xa40 [ 129.280832] ____fput+0x1e/0x30 [ 129.281133] task_work_run+0x1a4/0x2d0 [ 129.281490] ? __pfx_task_work_run+0x10/0x10 [ 129.281886] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.282313] ? switch_task_namespaces+0xa9/0xe0 [ 129.282748] do_exit+0xb17/0x2ef0 [ 129.283053] ? lock_acquire+0x427/0x4c0 [ 129.283423] ? __pfx_lock_release+0x10/0x10 [ 129.283813] ? __kasan_check_write+0x18/0x20 [ 129.284205] ? do_raw_spin_lock+0x132/0x2a0 [ 129.284584] ? __pfx_do_exit+0x10/0x10 [ 129.284931] ? debug_smp_processor_id+0x20/0x30 [ 129.285339] ? rcu_is_watching+0x19/0xb0 [ 129.285692] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.286089] ? trace_hardirqs_on+0x26/0x120 [ 129.286468] do_group_exit+0xe0/0x2b0 [ 129.286818] __x64_sys_exit_group+0x47/0x50 [ 129.287201] do_syscall_64+0x3b/0x90 [ 129.287538] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.287996] RIP: 0033:0x7f4b87518a4d [ 129.288323] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.288857] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.289513] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.290127] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.290761] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.291391] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.292017] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.292644] [ 129.292848] irq event stamp: 0 [ 129.293124] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.293669] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.294396] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.295155] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.295707] ---[ end trace 0000000000000000 ]--- [ 129.296442] ------------[ cut here ]------------ [ 129.296851] WARNING: CPU: 1 PID: 1203 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.297736] Modules linked in: [ 129.298014] CPU: 1 PID: 1203 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.298789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.299772] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.300224] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.301802] RSP: 0018:ffff888017307b78 EFLAGS: 00010246 [ 129.302259] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.302892] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 129.303517] RBP: ffff888017307b98 R08: ffffed10048b853e R09: ffffed10048b853e [ 129.304133] R10: ffff8880245c29ef R11: ffffed10048b853d R12: ffff8880245c2a90 [ 129.304752] R13: ffff8880245c28a8 R14: ffffffffffffffff R15: ffff888017307c60 [ 129.305365] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.306058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.306588] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.307251] PKRU: 55555554 [ 129.307480] Call Trace: [ 129.307678] [ 129.307852] iommufd_ioas_destroy+0x53/0x70 [ 129.308184] iommufd_fops_release+0x1f7/0x370 [ 129.308532] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.308912] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.309285] ? write_comp_data+0x2f/0x90 [ 129.309601] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.309979] __fput+0x26d/0xa40 [ 129.310244] ____fput+0x1e/0x30 [ 129.310532] task_work_run+0x1a4/0x2d0 [ 129.310838] ? __pfx_task_work_run+0x10/0x10 [ 129.311186] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.311560] ? switch_task_namespaces+0xa9/0xe0 [ 129.311923] do_exit+0xb17/0x2ef0 [ 129.312188] ? lock_acquire+0x427/0x4c0 [ 129.312498] ? __pfx_lock_release+0x10/0x10 [ 129.312830] ? __kasan_check_write+0x18/0x20 [ 129.313165] ? do_raw_spin_lock+0x132/0x2a0 [ 129.313490] ? __pfx_do_exit+0x10/0x10 [ 129.313791] ? debug_smp_processor_id+0x20/0x30 [ 129.314144] ? rcu_is_watching+0x19/0xb0 [ 129.314452] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.314818] ? trace_hardirqs_on+0x26/0x120 [ 129.315161] do_group_exit+0xe0/0x2b0 [ 129.315454] __x64_sys_exit_group+0x47/0x50 [ 129.315780] do_syscall_64+0x3b/0x90 [ 129.316070] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.316471] RIP: 0033:0x7f4b87518a4d [ 129.316752] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.317212] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.317780] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.318316] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.318875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.319419] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.319946] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.320480] [ 129.320652] irq event stamp: 0 [ 129.320885] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.321347] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.321965] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.322596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.323065] ---[ end trace 0000000000000000 ]--- [ 129.326784] ------------[ cut here ]------------ [ 129.327165] WARNING: CPU: 1 PID: 1204 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.327902] Modules linked in: [ 129.328140] CPU: 1 PID: 1204 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.328777] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.329596] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.329962] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.331317] RSP: 0018:ffff8880142d7bb8 EFLAGS: 00010246 [ 129.331702] RAX: 0000000000000000 RBX: ffff8880166128a8 RCX: 0000000000000000 [ 129.332220] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 129.332738] RBP: ffff8880142d7bd0 R08: ffffed1002cc2533 R09: ffffed1002cc2533 [ 129.333256] R10: ffff888016612993 R11: ffffed1002cc2532 R12: ffff8880142a4c00 [ 129.333775] R13: ffff8880166129e8 R14: ffffffff8352e670 R15: ffff8880142d7e68 [ 129.334295] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.334892] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.335324] CR2: 0000000020000140 CR3: 0000000020fee000 CR4: 0000000000750ee0 [ 129.335845] PKRU: 55555554 [ 129.336053] Call Trace: [ 129.336243] [ 129.336408] __iommufd_access_detach+0x1c2/0x2b0 [ 129.336768] iommufd_access_change_pt+0x149/0x270 [ 129.337131] iommufd_access_replace+0xb4/0x120 [ 129.337478] iommufd_test+0x3e5/0x37e0 [ 129.337765] ? lock_release+0x532/0x770 [ 129.338066] ? __might_fault+0x102/0x1b0 [ 129.338371] ? lock_acquire+0x427/0x4c0 [ 129.338689] ? __pfx_iommufd_test+0x10/0x10 [ 129.339007] ? __pfx_lock_release+0x10/0x10 [ 129.339342] ? __pfx_lock_acquire+0x10/0x10 [ 129.339673] ? write_comp_data+0x2f/0x90 [ 129.339982] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.340343] ? write_comp_data+0x2f/0x90 [ 129.340658] iommufd_fops_ioctl+0x37d/0x510 [ 129.340983] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.341349] ? write_comp_data+0x2f/0x90 [ 129.341661] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.342020] __x64_sys_ioctl+0x1a3/0x230 [ 129.342333] do_syscall_64+0x3b/0x90 [ 129.342639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.343029] RIP: 0033:0x7f4b8743ee5d [ 129.343311] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.344639] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.345198] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.345718] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.346239] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.346779] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.347307] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.347840] [ 129.348015] irq event stamp: 0 [ 129.348250] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.348712] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.349326] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.349940] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.350399] ---[ end trace 0000000000000000 ]--- [ 129.352991] ------------[ cut here ]------------ [ 129.353351] WARNING: CPU: 1 PID: 1204 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.354094] Modules linked in: [ 129.354332] CPU: 1 PID: 1204 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.354998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.355831] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.356198] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.357532] RSP: 0018:ffff8880142d7bd0 EFLAGS: 00010246 [ 129.357927] RAX: 0000000000000000 RBX: ffff8880166128a8 RCX: 0000000000000000 [ 129.358451] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 129.358993] RBP: ffff8880142d7be8 R08: ffffed1002cc2533 R09: ffffed1002cc2533 [ 129.359525] R10: ffff888016612993 R11: ffffed1002cc2532 R12: ffff888010c6e400 [ 129.360047] R13: ffff8880166129e8 R14: ffff8880103e0b00 R15: 0000000000000000 [ 129.360576] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.361165] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.361595] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.362122] PKRU: 55555554 [ 129.362333] Call Trace: [ 129.362545] [ 129.362716] iommufd_access_destroy_object+0x65/0x170 [ 129.363103] iommufd_object_destroy_user+0x18e/0x220 [ 129.363496] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.363938] iommufd_access_destroy+0x43/0x70 [ 129.364284] iommufd_test_staccess_release+0x8d/0xd0 [ 129.364668] __fput+0x26d/0xa40 [ 129.364927] ____fput+0x1e/0x30 [ 129.365183] task_work_run+0x1a4/0x2d0 [ 129.365483] ? __pfx_task_work_run+0x10/0x10 [ 129.365818] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.366192] ? switch_task_namespaces+0xa9/0xe0 [ 129.366570] do_exit+0xb17/0x2ef0 [ 129.366833] ? lock_acquire+0x427/0x4c0 [ 129.367146] ? __pfx_lock_release+0x10/0x10 [ 129.367472] ? __kasan_check_write+0x18/0x20 [ 129.367803] ? do_raw_spin_lock+0x132/0x2a0 [ 129.368124] ? __pfx_do_exit+0x10/0x10 [ 129.368421] ? debug_smp_processor_id+0x20/0x30 [ 129.368769] ? rcu_is_watching+0x19/0xb0 [ 129.369072] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.369413] ? trace_hardirqs_on+0x26/0x120 [ 129.369740] do_group_exit+0xe0/0x2b0 [ 129.370022] __x64_sys_exit_group+0x47/0x50 [ 129.370341] do_syscall_64+0x3b/0x90 [ 129.370650] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.371042] RIP: 0033:0x7f4b87518a4d [ 129.371329] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.371783] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.372340] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.372865] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.373392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.373911] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.374431] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.374983] [ 129.375166] irq event stamp: 0 [ 129.375400] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.375866] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.376480] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.377092] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.377552] ---[ end trace 0000000000000000 ]--- [ 129.378202] ------------[ cut here ]------------ [ 129.378569] WARNING: CPU: 1 PID: 1204 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.379329] Modules linked in: [ 129.379567] CPU: 1 PID: 1204 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.380211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.381036] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.381423] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.382779] RSP: 0018:ffff8880142d7b78 EFLAGS: 00010246 [ 129.383181] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.383702] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 129.384223] RBP: ffff8880142d7b98 R08: ffffed1002cc253e R09: ffffed1002cc253e [ 129.384750] R10: ffff8880166129ef R11: ffffed1002cc253d R12: ffff888016612a90 [ 129.385269] R13: ffff8880166128a8 R14: ffffffffffffffff R15: ffff8880142d7c60 [ 129.385793] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.386385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.386840] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.387373] PKRU: 55555554 [ 129.387583] Call Trace: [ 129.387775] [ 129.387942] iommufd_ioas_destroy+0x53/0x70 [ 129.388267] iommufd_fops_release+0x1f7/0x370 [ 129.388604] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.388974] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.389340] ? write_comp_data+0x2f/0x90 [ 129.389647] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.390021] __fput+0x26d/0xa40 [ 129.390284] ____fput+0x1e/0x30 [ 129.390558] task_work_run+0x1a4/0x2d0 [ 129.390856] ? __pfx_task_work_run+0x10/0x10 [ 129.391193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.391558] ? switch_task_namespaces+0xa9/0xe0 [ 129.391912] do_exit+0xb17/0x2ef0 [ 129.392169] ? lock_acquire+0x427/0x4c0 [ 129.392469] ? __pfx_lock_release+0x10/0x10 [ 129.392792] ? __kasan_check_write+0x18/0x20 [ 129.393123] ? do_raw_spin_lock+0x132/0x2a0 [ 129.393450] ? __pfx_do_exit+0x10/0x10 [ 129.393739] ? debug_smp_processor_id+0x20/0x30 [ 129.394077] ? rcu_is_watching+0x19/0xb0 [ 129.394371] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.394723] ? trace_hardirqs_on+0x26/0x120 [ 129.395047] do_group_exit+0xe0/0x2b0 [ 129.395337] __x64_sys_exit_group+0x47/0x50 [ 129.395654] do_syscall_64+0x3b/0x90 [ 129.395934] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.396317] RIP: 0033:0x7f4b87518a4d [ 129.396591] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.397038] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.397586] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.398101] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.398631] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.399153] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.399669] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.400194] [ 129.400365] irq event stamp: 0 [ 129.400595] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.401048] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.401652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.402251] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.402728] ---[ end trace 0000000000000000 ]--- [ 129.406418] ------------[ cut here ]------------ [ 129.406849] WARNING: CPU: 1 PID: 1205 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.407602] Modules linked in: [ 129.407838] CPU: 1 PID: 1205 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.408475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.409290] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.409654] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.410989] RSP: 0018:ffff88800f22fbb8 EFLAGS: 00010246 [ 129.411385] RAX: 0000000000000000 RBX: ffff888021b548a8 RCX: 0000000000000000 [ 129.411901] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 129.412417] RBP: ffff88800f22fbd0 R08: ffffed100436a933 R09: ffffed100436a933 [ 129.412935] R10: ffff888021b54993 R11: ffffed100436a932 R12: ffff888014612c00 [ 129.413454] R13: ffff888021b549e8 R14: ffffffff8352e670 R15: ffff88800f22fe68 [ 129.413969] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.414574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.415001] CR2: 0000000020000140 CR3: 0000000020fd2000 CR4: 0000000000750ee0 [ 129.415530] PKRU: 55555554 [ 129.415737] Call Trace: [ 129.415926] [ 129.416093] __iommufd_access_detach+0x1c2/0x2b0 [ 129.416455] iommufd_access_change_pt+0x149/0x270 [ 129.416817] iommufd_access_replace+0xb4/0x120 [ 129.417162] iommufd_test+0x3e5/0x37e0 [ 129.417448] ? lock_release+0x532/0x770 [ 129.417750] ? __might_fault+0x102/0x1b0 [ 129.418057] ? lock_acquire+0x427/0x4c0 [ 129.418358] ? __pfx_iommufd_test+0x10/0x10 [ 129.418691] ? __pfx_lock_release+0x10/0x10 [ 129.419015] ? __pfx_lock_acquire+0x10/0x10 [ 129.419349] ? write_comp_data+0x2f/0x90 [ 129.419660] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.420021] ? write_comp_data+0x2f/0x90 [ 129.420329] iommufd_fops_ioctl+0x37d/0x510 [ 129.420654] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.421017] ? write_comp_data+0x2f/0x90 [ 129.421323] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.421679] __x64_sys_ioctl+0x1a3/0x230 [ 129.421988] do_syscall_64+0x3b/0x90 [ 129.422271] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.422673] RIP: 0033:0x7f4b8743ee5d [ 129.422947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.424282] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.424863] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.425380] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.425898] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.426412] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.426946] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.427479] [ 129.427649] irq event stamp: 0 [ 129.427880] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.428362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.428970] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.429579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.430040] ---[ end trace 0000000000000000 ]--- [ 129.432670] ------------[ cut here ]------------ [ 129.433033] WARNING: CPU: 1 PID: 1205 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.433786] Modules linked in: [ 129.434021] CPU: 1 PID: 1205 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.434858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.435688] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.436051] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.437377] RSP: 0018:ffff88800f22fbd0 EFLAGS: 00010246 [ 129.437770] RAX: 0000000000000000 RBX: ffff888021b548a8 RCX: 0000000000000000 [ 129.438288] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 129.438825] RBP: ffff88800f22fbe8 R08: ffffed100436a933 R09: ffffed100436a933 [ 129.439354] R10: ffff888021b54993 R11: ffffed100436a932 R12: ffff8880142a6400 [ 129.439874] R13: ffff888021b549e8 R14: ffff888012cdca00 R15: 0000000000000000 [ 129.440395] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.440977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.441400] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.441919] PKRU: 55555554 [ 129.442129] Call Trace: [ 129.442317] [ 129.442487] iommufd_access_destroy_object+0x65/0x170 [ 129.442887] iommufd_object_destroy_user+0x18e/0x220 [ 129.443268] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.443698] iommufd_access_destroy+0x43/0x70 [ 129.444035] iommufd_test_staccess_release+0x8d/0xd0 [ 129.444413] __fput+0x26d/0xa40 [ 129.444667] ____fput+0x1e/0x30 [ 129.444917] task_work_run+0x1a4/0x2d0 [ 129.445211] ? __pfx_task_work_run+0x10/0x10 [ 129.445540] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.445905] ? switch_task_namespaces+0xa9/0xe0 [ 129.446260] do_exit+0xb17/0x2ef0 [ 129.446536] ? lock_acquire+0x427/0x4c0 [ 129.446838] ? __pfx_lock_release+0x10/0x10 [ 129.447168] ? __kasan_check_write+0x18/0x20 [ 129.447495] ? do_raw_spin_lock+0x132/0x2a0 [ 129.447814] ? __pfx_do_exit+0x10/0x10 [ 129.448108] ? debug_smp_processor_id+0x20/0x30 [ 129.448452] ? rcu_is_watching+0x19/0xb0 [ 129.448753] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.449090] ? trace_hardirqs_on+0x26/0x120 [ 129.449426] do_group_exit+0xe0/0x2b0 [ 129.449708] __x64_sys_exit_group+0x47/0x50 [ 129.450023] do_syscall_64+0x3b/0x90 [ 129.450307] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.450711] RIP: 0033:0x7f4b87518a4d [ 129.450986] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.451445] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.452004] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.452522] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.453044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.453564] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.454085] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.454633] [ 129.454808] irq event stamp: 0 [ 129.455041] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.455514] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.456125] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.456735] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.457191] ---[ end trace 0000000000000000 ]--- [ 129.457848] ------------[ cut here ]------------ [ 129.458192] WARNING: CPU: 1 PID: 1205 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.458953] Modules linked in: [ 129.459196] CPU: 1 PID: 1205 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.459834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.460649] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.461026] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.462344] RSP: 0018:ffff88800f22fb78 EFLAGS: 00010246 [ 129.462750] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.463276] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 129.463790] RBP: ffff88800f22fb98 R08: ffffed100436a93e R09: ffffed100436a93e [ 129.464303] R10: ffff888021b549ef R11: ffffed100436a93d R12: ffff888021b54a90 [ 129.464819] R13: ffff888021b548a8 R14: ffffffffffffffff R15: ffff88800f22fc60 [ 129.465337] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 129.465918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.466338] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 129.466872] PKRU: 55555554 [ 129.467083] Call Trace: [ 129.467280] [ 129.467447] iommufd_ioas_destroy+0x53/0x70 [ 129.467770] iommufd_fops_release+0x1f7/0x370 [ 129.468103] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.468473] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.468838] ? write_comp_data+0x2f/0x90 [ 129.469146] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.469512] __fput+0x26d/0xa40 [ 129.469766] ____fput+0x1e/0x30 [ 129.470017] task_work_run+0x1a4/0x2d0 [ 129.470308] ? __pfx_task_work_run+0x10/0x10 [ 129.470648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.471011] ? switch_task_namespaces+0xa9/0xe0 [ 129.471370] do_exit+0xb17/0x2ef0 [ 129.471628] ? lock_acquire+0x427/0x4c0 [ 129.471930] ? __pfx_lock_release+0x10/0x10 [ 129.472252] ? __kasan_check_write+0x18/0x20 [ 129.472578] ? do_raw_spin_lock+0x132/0x2a0 [ 129.472895] ? __pfx_do_exit+0x10/0x10 [ 129.473189] ? debug_smp_processor_id+0x20/0x30 [ 129.473532] ? rcu_is_watching+0x19/0xb0 [ 129.473833] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.474169] ? trace_hardirqs_on+0x26/0x120 [ 129.474492] do_group_exit+0xe0/0x2b0 [ 129.474798] __x64_sys_exit_group+0x47/0x50 [ 129.475122] do_syscall_64+0x3b/0x90 [ 129.475412] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.475800] RIP: 0033:0x7f4b87518a4d [ 129.476073] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.476520] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.477069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.477583] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.478099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.478631] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.479155] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.479680] [ 129.479850] irq event stamp: 0 [ 129.480079] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.480539] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.481148] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.481755] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.482212] ---[ end trace 0000000000000000 ]--- [ 129.485749] ------------[ cut here ]------------ [ 129.486199] WARNING: CPU: 0 PID: 1206 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.487135] Modules linked in: [ 129.487409] CPU: 0 PID: 1206 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.488132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.489064] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.489477] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.491001] RSP: 0018:ffff888017307bb8 EFLAGS: 00010246 [ 129.491448] RAX: 0000000000000000 RBX: ffff88800b7130a8 RCX: 0000000000000000 [ 129.492036] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 129.492621] RBP: ffff888017307bd0 R08: ffffed10016e2633 R09: ffffed10016e2633 [ 129.493206] R10: ffff88800b713193 R11: ffffed10016e2632 R12: ffff888014112000 [ 129.493790] R13: ffff88800b7131e8 R14: ffffffff8352e670 R15: ffff888017307e68 [ 129.494377] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.495046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.495525] CR2: 0000000020000140 CR3: 0000000020fd2000 CR4: 0000000000750ef0 [ 129.496105] PKRU: 55555554 [ 129.496338] Call Trace: [ 129.496547] [ 129.496732] __iommufd_access_detach+0x1c2/0x2b0 [ 129.497123] iommufd_access_change_pt+0x149/0x270 [ 129.497514] iommufd_access_replace+0xb4/0x120 [ 129.497885] iommufd_test+0x3e5/0x37e0 [ 129.498195] ? lock_release+0x532/0x770 [ 129.498540] ? __might_fault+0x102/0x1b0 [ 129.498875] ? lock_acquire+0x427/0x4c0 [ 129.499209] ? __pfx_iommufd_test+0x10/0x10 [ 129.499556] ? __pfx_lock_release+0x10/0x10 [ 129.499911] ? __pfx_lock_acquire+0x10/0x10 [ 129.500267] ? write_comp_data+0x2f/0x90 [ 129.500606] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.501001] ? write_comp_data+0x2f/0x90 [ 129.501335] iommufd_fops_ioctl+0x37d/0x510 [ 129.501687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.502084] ? write_comp_data+0x2f/0x90 [ 129.502417] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.502819] __x64_sys_ioctl+0x1a3/0x230 [ 129.503160] do_syscall_64+0x3b/0x90 [ 129.503469] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.503893] RIP: 0033:0x7f4b8743ee5d [ 129.504193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.505642] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.506240] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.506815] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.507395] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.507958] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.508515] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.509079] [ 129.509262] irq event stamp: 0 [ 129.509510] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.510003] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.510676] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.511365] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.511816] ---[ end trace 0000000000000000 ]--- [ 129.514404] ------------[ cut here ]------------ [ 129.515098] WARNING: CPU: 0 PID: 1206 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.515824] Modules linked in: [ 129.516050] CPU: 0 PID: 1206 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.516663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.517444] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.517790] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.519076] RSP: 0018:ffff888017307bd0 EFLAGS: 00010246 [ 129.519528] RAX: 0000000000000000 RBX: ffff88800b7130a8 RCX: 0000000000000000 [ 129.520022] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 129.520522] RBP: ffff888017307be8 R08: ffffed10016e2633 R09: ffffed10016e2633 [ 129.521015] R10: ffff88800b713193 R11: ffffed10016e2632 R12: ffff888010571400 [ 129.521507] R13: ffff88800b7131e8 R14: ffff88801706de00 R15: 0000000000000000 [ 129.522009] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.522591] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.523067] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 129.523576] PKRU: 55555554 [ 129.523774] Call Trace: [ 129.523960] [ 129.524119] iommufd_access_destroy_object+0x65/0x170 [ 129.524483] iommufd_object_destroy_user+0x18e/0x220 [ 129.524842] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.525259] iommufd_access_destroy+0x43/0x70 [ 129.525585] iommufd_test_staccess_release+0x8d/0xd0 [ 129.525946] __fput+0x26d/0xa40 [ 129.526197] ____fput+0x1e/0x30 [ 129.526439] task_work_run+0x1a4/0x2d0 [ 129.526742] ? __pfx_task_work_run+0x10/0x10 [ 129.527163] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.527541] ? switch_task_namespaces+0xa9/0xe0 [ 129.527881] do_exit+0xb17/0x2ef0 [ 129.528124] ? lock_acquire+0x427/0x4c0 [ 129.528418] ? __pfx_lock_release+0x10/0x10 [ 129.528724] ? __kasan_check_write+0x18/0x20 [ 129.529033] ? do_raw_spin_lock+0x132/0x2a0 [ 129.529334] ? __pfx_do_exit+0x10/0x10 [ 129.529627] ? debug_smp_processor_id+0x20/0x30 [ 129.529957] ? rcu_is_watching+0x19/0xb0 [ 129.530244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.530603] ? trace_hardirqs_on+0x26/0x120 [ 129.531011] do_group_exit+0xe0/0x2b0 [ 129.531295] __x64_sys_exit_group+0x47/0x50 [ 129.531607] do_syscall_64+0x3b/0x90 [ 129.531877] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.532246] RIP: 0033:0x7f4b87518a4d [ 129.532509] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.532942] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.533470] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.533972] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.534466] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.534988] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.535608] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.536122] [ 129.536287] irq event stamp: 0 [ 129.536507] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.536951] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.537532] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.538114] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.538573] ---[ end trace 0000000000000000 ]--- [ 129.539347] ------------[ cut here ]------------ [ 129.539684] WARNING: CPU: 0 PID: 1206 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.540401] Modules linked in: [ 129.540629] CPU: 0 PID: 1206 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.541244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.542019] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.542383] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.543692] RSP: 0018:ffff888017307b78 EFLAGS: 00010246 [ 129.544171] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.544684] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 129.545183] RBP: ffff888017307b98 R08: ffffed10016e263e R09: ffffed10016e263e [ 129.545690] R10: ffff88800b7131ef R11: ffffed10016e263d R12: ffff88800b713290 [ 129.546187] R13: ffff88800b7130a8 R14: ffffffffffffffff R15: ffff888017307c60 [ 129.547009] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.547583] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.547999] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 129.548500] PKRU: 55555554 [ 129.548700] Call Trace: [ 129.548887] [ 129.549046] iommufd_ioas_destroy+0x53/0x70 [ 129.549356] iommufd_fops_release+0x1f7/0x370 [ 129.549678] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.550042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.550394] ? write_comp_data+0x2f/0x90 [ 129.550717] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.551186] __fput+0x26d/0xa40 [ 129.551448] ____fput+0x1e/0x30 [ 129.551691] task_work_run+0x1a4/0x2d0 [ 129.551974] ? __pfx_task_work_run+0x10/0x10 [ 129.552301] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.552649] ? switch_task_namespaces+0xa9/0xe0 [ 129.552989] do_exit+0xb17/0x2ef0 [ 129.553236] ? lock_acquire+0x427/0x4c0 [ 129.553534] ? __pfx_lock_release+0x10/0x10 [ 129.553843] ? __kasan_check_write+0x18/0x20 [ 129.554155] ? do_raw_spin_lock+0x132/0x2a0 [ 129.554465] ? __pfx_do_exit+0x10/0x10 [ 129.554769] ? debug_smp_processor_id+0x20/0x30 [ 129.555204] ? rcu_is_watching+0x19/0xb0 [ 129.555540] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.555869] ? trace_hardirqs_on+0x26/0x120 [ 129.556179] do_group_exit+0xe0/0x2b0 [ 129.556452] __x64_sys_exit_group+0x47/0x50 [ 129.556766] do_syscall_64+0x3b/0x90 [ 129.557038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.557409] RIP: 0033:0x7f4b87518a4d [ 129.557679] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.558108] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.558667] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.559349] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.559929] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.560497] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.561066] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.561644] [ 129.561832] irq event stamp: 0 [ 129.562088] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.562619] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.563306] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.563975] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.564482] ---[ end trace 0000000000000000 ]--- [ 129.568146] ------------[ cut here ]------------ [ 129.568551] WARNING: CPU: 0 PID: 1207 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.569370] Modules linked in: [ 129.569626] CPU: 0 PID: 1207 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.570327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.571269] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.571667] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.573121] RSP: 0018:ffff8880158d7bb8 EFLAGS: 00010246 [ 129.573547] RAX: 0000000000000000 RBX: ffff888011e080a8 RCX: 0000000000000000 [ 129.574120] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 129.574707] RBP: ffff8880158d7bd0 R08: ffffed10023c1033 R09: ffffed10023c1033 [ 129.575290] R10: ffff888011e08193 R11: ffffed10023c1032 R12: ffff88800f9f4c00 [ 129.575860] R13: ffff888011e081e8 R14: ffffffff8352e670 R15: ffff8880158d7e68 [ 129.576432] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.577079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.577552] CR2: 0000000020000140 CR3: 0000000020fee000 CR4: 0000000000750ef0 [ 129.578128] PKRU: 55555554 [ 129.578357] Call Trace: [ 129.578593] [ 129.578781] __iommufd_access_detach+0x1c2/0x2b0 [ 129.579187] iommufd_access_change_pt+0x149/0x270 [ 129.579586] iommufd_access_replace+0xb4/0x120 [ 129.579965] iommufd_test+0x3e5/0x37e0 [ 129.580281] ? lock_release+0x532/0x770 [ 129.580613] ? __might_fault+0x102/0x1b0 [ 129.580945] ? lock_acquire+0x427/0x4c0 [ 129.581275] ? __pfx_iommufd_test+0x10/0x10 [ 129.581624] ? __pfx_lock_release+0x10/0x10 [ 129.581983] ? __pfx_lock_acquire+0x10/0x10 [ 129.582346] ? write_comp_data+0x2f/0x90 [ 129.582703] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.583103] ? write_comp_data+0x2f/0x90 [ 129.583449] iommufd_fops_ioctl+0x37d/0x510 [ 129.583803] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.584193] ? write_comp_data+0x2f/0x90 [ 129.584531] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.584929] __x64_sys_ioctl+0x1a3/0x230 [ 129.585286] do_syscall_64+0x3b/0x90 [ 129.585604] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.586033] RIP: 0033:0x7f4b8743ee5d [ 129.586333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.587823] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.588449] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.589037] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.589617] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.590193] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.590786] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.591380] [ 129.591571] irq event stamp: 0 [ 129.591832] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.592348] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.593033] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.593715] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.594234] ---[ end trace 0000000000000000 ]--- [ 129.596825] ------------[ cut here ]------------ [ 129.597228] WARNING: CPU: 0 PID: 1207 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.598051] Modules linked in: [ 129.598303] CPU: 0 PID: 1207 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.599023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.599926] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.600325] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.601776] RSP: 0018:ffff8880158d7bd0 EFLAGS: 00010246 [ 129.602199] RAX: 0000000000000000 RBX: ffff888011e080a8 RCX: 0000000000000000 [ 129.602780] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 129.603396] RBP: ffff8880158d7be8 R08: ffffed10023c1033 R09: ffffed10023c1033 [ 129.603906] R10: ffff888011e08193 R11: ffffed10023c1032 R12: ffff888014113800 [ 129.604418] R13: ffff888011e081e8 R14: ffff888013d1d100 R15: 0000000000000000 [ 129.604923] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.605496] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.605908] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 129.606417] PKRU: 55555554 [ 129.606642] Call Trace: [ 129.606831] [ 129.606999] iommufd_access_destroy_object+0x65/0x170 [ 129.607394] iommufd_object_destroy_user+0x18e/0x220 [ 129.607772] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.608203] iommufd_access_destroy+0x43/0x70 [ 129.608542] iommufd_test_staccess_release+0x8d/0xd0 [ 129.608923] __fput+0x26d/0xa40 [ 129.609180] ____fput+0x1e/0x30 [ 129.609435] task_work_run+0x1a4/0x2d0 [ 129.609732] ? __pfx_task_work_run+0x10/0x10 [ 129.610061] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.610431] ? switch_task_namespaces+0xa9/0xe0 [ 129.610802] do_exit+0xb17/0x2ef0 [ 129.611065] ? lock_acquire+0x427/0x4c0 [ 129.611378] ? __pfx_lock_release+0x10/0x10 [ 129.611706] ? __kasan_check_write+0x18/0x20 [ 129.612036] ? do_raw_spin_lock+0x132/0x2a0 [ 129.612357] ? __pfx_do_exit+0x10/0x10 [ 129.612654] ? debug_smp_processor_id+0x20/0x30 [ 129.613005] ? rcu_is_watching+0x19/0xb0 [ 129.613310] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.613648] ? trace_hardirqs_on+0x26/0x120 [ 129.613975] do_group_exit+0xe0/0x2b0 [ 129.614477] __x64_sys_exit_group+0x47/0x50 [ 129.614834] do_syscall_64+0x3b/0x90 [ 129.615128] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.615516] RIP: 0033:0x7f4b87518a4d [ 129.615789] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.616237] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.616788] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.617303] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.617816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.618330] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.618864] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.619397] [ 129.619569] irq event stamp: 0 [ 129.619798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.620254] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.620859] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.621462] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.621920] ---[ end trace 0000000000000000 ]--- [ 129.622933] ------------[ cut here ]------------ [ 129.623305] WARNING: CPU: 0 PID: 1207 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.624123] Modules linked in: [ 129.624365] CPU: 0 PID: 1207 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.625017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.625855] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.626240] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.627658] RSP: 0018:ffff8880158d7b78 EFLAGS: 00010246 [ 129.628061] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.628590] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 129.629124] RBP: ffff8880158d7b98 R08: ffffed10023c103e R09: ffffed10023c103e [ 129.629653] R10: ffff888011e081ef R11: ffffed10023c103d R12: ffff888011e08290 [ 129.630183] R13: ffff888011e080a8 R14: ffffffffffffffff R15: ffff8880158d7c60 [ 129.630732] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.631339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.631771] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 129.632304] PKRU: 55555554 [ 129.632518] Call Trace: [ 129.632711] [ 129.632880] iommufd_ioas_destroy+0x53/0x70 [ 129.633213] iommufd_fops_release+0x1f7/0x370 [ 129.633554] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.633933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.634308] ? write_comp_data+0x2f/0x90 [ 129.634640] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.635017] __fput+0x26d/0xa40 [ 129.635292] ____fput+0x1e/0x30 [ 129.635549] task_work_run+0x1a4/0x2d0 [ 129.635848] ? __pfx_task_work_run+0x10/0x10 [ 129.636186] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.636559] ? switch_task_namespaces+0xa9/0xe0 [ 129.636920] do_exit+0xb17/0x2ef0 [ 129.637184] ? lock_acquire+0x427/0x4c0 [ 129.637500] ? __pfx_lock_release+0x10/0x10 [ 129.637832] ? __kasan_check_write+0x18/0x20 [ 129.638169] ? do_raw_spin_lock+0x132/0x2a0 [ 129.638496] ? __pfx_do_exit+0x10/0x10 [ 129.638823] ? debug_smp_processor_id+0x20/0x30 [ 129.639184] ? rcu_is_watching+0x19/0xb0 [ 129.639495] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.639842] ? trace_hardirqs_on+0x26/0x120 [ 129.640173] do_group_exit+0xe0/0x2b0 [ 129.640462] __x64_sys_exit_group+0x47/0x50 [ 129.640785] do_syscall_64+0x3b/0x90 [ 129.641073] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.641467] RIP: 0033:0x7f4b87518a4d [ 129.641746] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.642204] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.642789] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.643333] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.643875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.644417] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.644962] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.645515] [ 129.645697] irq event stamp: 0 [ 129.645939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.646416] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.647070] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.647713] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.648190] ---[ end trace 0000000000000000 ]--- [ 129.653043] ------------[ cut here ]------------ [ 129.653401] WARNING: CPU: 0 PID: 1208 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.654135] Modules linked in: [ 129.654463] CPU: 0 PID: 1208 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.655264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.656143] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.656519] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.657871] RSP: 0018:ffff888017307bb8 EFLAGS: 00010246 [ 129.658271] RAX: 0000000000000000 RBX: ffff888018b350a8 RCX: 0000000000000000 [ 129.658815] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 129.659350] RBP: ffff888017307bd0 R08: ffffed1003166a33 R09: ffffed1003166a33 [ 129.659886] R10: ffff888018b35193 R11: ffffed1003166a32 R12: ffff888013e27000 [ 129.660418] R13: ffff888018b351e8 R14: ffffffff8352e670 R15: ffff888017307e68 [ 129.660950] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.661554] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.661996] CR2: 00007f4b877410e8 CR3: 0000000020fee000 CR4: 0000000000750ef0 [ 129.662561] PKRU: 55555554 [ 129.662785] Call Trace: [ 129.662983] [ 129.663165] __iommufd_access_detach+0x1c2/0x2b0 [ 129.663546] iommufd_access_change_pt+0x149/0x270 [ 129.663930] iommufd_access_replace+0xb4/0x120 [ 129.664295] iommufd_test+0x3e5/0x37e0 [ 129.664602] ? lock_release+0x532/0x770 [ 129.664922] ? __might_fault+0x102/0x1b0 [ 129.665249] ? lock_acquire+0x427/0x4c0 [ 129.665571] ? __pfx_iommufd_test+0x10/0x10 [ 129.665905] ? __pfx_lock_release+0x10/0x10 [ 129.666246] ? __pfx_lock_acquire+0x10/0x10 [ 129.666611] ? write_comp_data+0x2f/0x90 [ 129.666939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.667328] ? write_comp_data+0x2f/0x90 [ 129.667652] iommufd_fops_ioctl+0x37d/0x510 [ 129.667988] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.668372] ? write_comp_data+0x2f/0x90 [ 129.668697] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.669070] __x64_sys_ioctl+0x1a3/0x230 [ 129.669393] do_syscall_64+0x3b/0x90 [ 129.669689] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.670095] RIP: 0033:0x7f4b8743ee5d [ 129.670382] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.671796] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.672387] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.672934] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.673484] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.674028] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.674589] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.675158] [ 129.675340] irq event stamp: 0 [ 129.675587] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.676068] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.676717] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.677352] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.677835] ---[ end trace 0000000000000000 ]--- [ 129.680892] ------------[ cut here ]------------ [ 129.681271] WARNING: CPU: 0 PID: 1208 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.682044] Modules linked in: [ 129.682290] CPU: 0 PID: 1208 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.683196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.684069] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.684457] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.686015] RSP: 0018:ffff888017307bd0 EFLAGS: 00010246 [ 129.686431] RAX: 0000000000000000 RBX: ffff888018b350a8 RCX: 0000000000000000 [ 129.686997] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 129.687554] RBP: ffff888017307be8 R08: ffffed1003166a33 R09: ffffed1003166a33 [ 129.688288] R10: ffff888018b35193 R11: ffffed1003166a32 R12: ffff88800f9f6400 [ 129.688862] R13: ffff888018b351e8 R14: ffff8880122f5400 R15: 0000000000000000 [ 129.689409] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.690023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.690464] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 129.691196] PKRU: 55555554 [ 129.691421] Call Trace: [ 129.691620] [ 129.691799] iommufd_access_destroy_object+0x65/0x170 [ 129.692211] iommufd_object_destroy_user+0x18e/0x220 [ 129.692614] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.693073] iommufd_access_destroy+0x43/0x70 [ 129.693437] iommufd_test_staccess_release+0x8d/0xd0 [ 129.693844] __fput+0x26d/0xa40 [ 129.694136] ____fput+0x1e/0x30 [ 129.694554] task_work_run+0x1a4/0x2d0 [ 129.694873] ? __pfx_task_work_run+0x10/0x10 [ 129.695233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.695622] ? switch_task_namespaces+0xa9/0xe0 [ 129.696000] do_exit+0xb17/0x2ef0 [ 129.696284] ? lock_acquire+0x427/0x4c0 [ 129.696620] ? __pfx_lock_release+0x10/0x10 [ 129.696979] ? __kasan_check_write+0x18/0x20 [ 129.697343] ? do_raw_spin_lock+0x132/0x2a0 [ 129.697762] ? __pfx_do_exit+0x10/0x10 [ 129.698183] ? debug_smp_processor_id+0x20/0x30 [ 129.698585] ? rcu_is_watching+0x19/0xb0 [ 129.698918] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.699299] ? trace_hardirqs_on+0x26/0x120 [ 129.699657] do_group_exit+0xe0/0x2b0 [ 129.699969] __x64_sys_exit_group+0x47/0x50 [ 129.700316] do_syscall_64+0x3b/0x90 [ 129.700625] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.701050] RIP: 0033:0x7f4b87518a4d [ 129.701435] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.702025] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.702675] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.703269] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.703856] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.704440] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.705246] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.705836] [ 129.706032] irq event stamp: 0 [ 129.706293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.706834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.707531] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.708224] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.708826] ---[ end trace 0000000000000000 ]--- [ 129.709663] ------------[ cut here ]------------ [ 129.710056] WARNING: CPU: 0 PID: 1208 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.710924] Modules linked in: [ 129.711210] CPU: 0 PID: 1208 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.711931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.713082] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.713508] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.715012] RSP: 0018:ffff888017307b78 EFLAGS: 00010246 [ 129.715467] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.716242] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 129.716848] RBP: ffff888017307b98 R08: ffffed1003166a3e R09: ffffed1003166a3e [ 129.717458] R10: ffff888018b351ef R11: ffffed1003166a3d R12: ffff888018b35290 [ 129.718068] R13: ffff888018b350a8 R14: ffffffffffffffff R15: ffff888017307c60 [ 129.718710] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.719442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.720198] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 129.720827] PKRU: 55555554 [ 129.721082] Call Trace: [ 129.721311] [ 129.721515] iommufd_ioas_destroy+0x53/0x70 [ 129.721902] iommufd_fops_release+0x1f7/0x370 [ 129.722303] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.722778] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.723230] ? write_comp_data+0x2f/0x90 [ 129.723598] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.724256] __fput+0x26d/0xa40 [ 129.724565] ____fput+0x1e/0x30 [ 129.724866] task_work_run+0x1a4/0x2d0 [ 129.725223] ? __pfx_task_work_run+0x10/0x10 [ 129.725622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.726061] ? switch_task_namespaces+0xa9/0xe0 [ 129.726488] do_exit+0xb17/0x2ef0 [ 129.726826] ? lock_acquire+0x427/0x4c0 [ 129.727193] ? __pfx_lock_release+0x10/0x10 [ 129.727582] ? __kasan_check_write+0x18/0x20 [ 129.727972] ? do_raw_spin_lock+0x132/0x2a0 [ 129.728352] ? __pfx_do_exit+0x10/0x10 [ 129.728787] ? debug_smp_processor_id+0x20/0x30 [ 129.729199] ? rcu_is_watching+0x19/0xb0 [ 129.729555] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.729956] ? trace_hardirqs_on+0x26/0x120 [ 129.730352] do_group_exit+0xe0/0x2b0 [ 129.730759] __x64_sys_exit_group+0x47/0x50 [ 129.731274] do_syscall_64+0x3b/0x90 [ 129.731658] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.732322] RIP: 0033:0x7f4b87518a4d [ 129.732801] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.733515] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.734215] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.734925] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.735607] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.736260] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.736912] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.737749] [ 129.738026] irq event stamp: 0 [ 129.738466] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.739078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.739870] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.740649] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.741235] ---[ end trace 0000000000000000 ]--- [ 129.745481] ------------[ cut here ]------------ [ 129.745956] WARNING: CPU: 0 PID: 1209 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.746979] Modules linked in: [ 129.747445] CPU: 0 PID: 1209 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.748263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.749567] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.750044] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.751972] RSP: 0018:ffff8880158d7bb8 EFLAGS: 00010246 [ 129.752475] RAX: 0000000000000000 RBX: ffff8880164288a8 RCX: 0000000000000000 [ 129.753135] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 129.753876] RBP: ffff8880158d7bd0 R08: ffffed1002c85133 R09: ffffed1002c85133 [ 129.754706] R10: ffff888016428993 R11: ffffed1002c85132 R12: ffff888013a09400 [ 129.755446] R13: ffff8880164289e8 R14: ffffffff8352e670 R15: ffff8880158d7e68 [ 129.756409] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.757229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.757829] CR2: 00007f4b877410e8 CR3: 0000000020fee000 CR4: 0000000000750ef0 [ 129.758834] PKRU: 55555554 [ 129.759143] Call Trace: [ 129.759406] [ 129.759639] __iommufd_access_detach+0x1c2/0x2b0 [ 129.760139] iommufd_access_change_pt+0x149/0x270 [ 129.760698] iommufd_access_replace+0xb4/0x120 [ 129.761351] iommufd_test+0x3e5/0x37e0 [ 129.761755] ? lock_release+0x532/0x770 [ 129.762185] ? __might_fault+0x102/0x1b0 [ 129.762665] ? lock_acquire+0x427/0x4c0 [ 129.763086] ? __pfx_iommufd_test+0x10/0x10 [ 129.763803] ? __pfx_lock_release+0x10/0x10 [ 129.764246] ? __pfx_lock_acquire+0x10/0x10 [ 129.764695] ? write_comp_data+0x2f/0x90 [ 129.765121] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.765722] ? write_comp_data+0x2f/0x90 [ 129.766277] iommufd_fops_ioctl+0x37d/0x510 [ 129.766754] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.767283] ? write_comp_data+0x2f/0x90 [ 129.767719] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.768471] __x64_sys_ioctl+0x1a3/0x230 [ 129.768902] do_syscall_64+0x3b/0x90 [ 129.769296] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.769833] RIP: 0033:0x7f4b8743ee5d [ 129.770289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.772333] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.773359] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.774095] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.774862] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.775668] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.776572] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.777320] [ 129.777564] irq event stamp: 0 [ 129.777991] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.778802] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.779684] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.780607] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.781477] ---[ end trace 0000000000000000 ]--- [ 129.785000] ------------[ cut here ]------------ [ 129.785637] WARNING: CPU: 0 PID: 1209 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.786901] Modules linked in: [ 129.787258] CPU: 0 PID: 1209 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.788158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.789309] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.789823] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.791737] RSP: 0018:ffff8880158d7bd0 EFLAGS: 00010246 [ 129.792292] RAX: 0000000000000000 RBX: ffff8880164288a8 RCX: 0000000000000000 [ 129.793021] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 129.793749] RBP: ffff8880158d7be8 R08: ffffed1002c85133 R09: ffffed1002c85133 [ 129.794502] R10: ffff888016428993 R11: ffffed1002c85132 R12: ffff888013e25c00 [ 129.795290] R13: ffff8880164289e8 R14: ffff8880218d4c00 R15: 0000000000000000 [ 129.796026] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.796848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.797441] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 129.798175] PKRU: 55555554 [ 129.798473] Call Trace: [ 129.798772] [ 129.799011] iommufd_access_destroy_object+0x65/0x170 [ 129.799567] iommufd_object_destroy_user+0x18e/0x220 [ 129.800097] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.800696] iommufd_access_destroy+0x43/0x70 [ 129.801174] iommufd_test_staccess_release+0x8d/0xd0 [ 129.801706] __fput+0x26d/0xa40 [ 129.802061] ____fput+0x1e/0x30 [ 129.802411] task_work_run+0x1a4/0x2d0 [ 129.802853] ? __pfx_task_work_run+0x10/0x10 [ 129.803330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.803854] ? switch_task_namespaces+0xa9/0xe0 [ 129.804347] do_exit+0xb17/0x2ef0 [ 129.804715] ? lock_acquire+0x427/0x4c0 [ 129.805139] ? __pfx_lock_release+0x10/0x10 [ 129.805594] ? __kasan_check_write+0x18/0x20 [ 129.806058] ? do_raw_spin_lock+0x132/0x2a0 [ 129.806539] ? __pfx_do_exit+0x10/0x10 [ 129.806960] ? debug_smp_processor_id+0x20/0x30 [ 129.807455] ? rcu_is_watching+0x19/0xb0 [ 129.807882] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.808363] ? trace_hardirqs_on+0x26/0x120 [ 129.808814] do_group_exit+0xe0/0x2b0 [ 129.809212] __x64_sys_exit_group+0x47/0x50 [ 129.809653] do_syscall_64+0x3b/0x90 [ 129.810046] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.810624] RIP: 0033:0x7f4b87518a4d [ 129.811024] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.811669] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.812455] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.813203] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.813941] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.814720] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.815483] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.816222] [ 129.816468] irq event stamp: 0 [ 129.816793] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.817435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.818297] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.819186] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.819838] ---[ end trace 0000000000000000 ]--- [ 129.820913] ------------[ cut here ]------------ [ 129.821697] WARNING: CPU: 0 PID: 1209 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.822837] Modules linked in: [ 129.823193] CPU: 0 PID: 1209 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.824093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.825533] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.826077] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.828252] RSP: 0018:ffff8880158d7b78 EFLAGS: 00010246 [ 129.828807] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.829640] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 129.830577] RBP: ffff8880158d7b98 R08: ffffed1002c8513e R09: ffffed1002c8513e [ 129.831345] R10: ffff8880164289ef R11: ffffed1002c8513d R12: ffff888016428a90 [ 129.832084] R13: ffff8880164288a8 R14: ffffffffffffffff R15: ffff8880158d7c60 [ 129.833088] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.833921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.834599] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 129.835519] PKRU: 55555554 [ 129.835818] Call Trace: [ 129.836079] [ 129.836314] iommufd_ioas_destroy+0x53/0x70 [ 129.836772] iommufd_fops_release+0x1f7/0x370 [ 129.837498] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.838033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.838574] ? write_comp_data+0x2f/0x90 [ 129.839007] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.839542] __fput+0x26d/0xa40 [ 129.839951] ____fput+0x1e/0x30 [ 129.840510] task_work_run+0x1a4/0x2d0 [ 129.840929] ? __pfx_task_work_run+0x10/0x10 [ 129.841399] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.841913] ? switch_task_namespaces+0xa9/0xe0 [ 129.842697] do_exit+0xb17/0x2ef0 [ 129.843069] ? lock_acquire+0x427/0x4c0 [ 129.843505] ? __pfx_lock_release+0x10/0x10 [ 129.843959] ? __kasan_check_write+0x18/0x20 [ 129.844415] ? do_raw_spin_lock+0x132/0x2a0 [ 129.844948] ? __pfx_do_exit+0x10/0x10 [ 129.845509] ? debug_smp_processor_id+0x20/0x30 [ 129.845997] ? rcu_is_watching+0x19/0xb0 [ 129.846429] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.846945] ? trace_hardirqs_on+0x26/0x120 [ 129.847427] do_group_exit+0xe0/0x2b0 [ 129.847872] __x64_sys_exit_group+0x47/0x50 [ 129.848552] do_syscall_64+0x3b/0x90 [ 129.848946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.849487] RIP: 0033:0x7f4b87518a4d [ 129.849875] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.850817] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.851636] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.852380] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.853504] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.854246] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.855058] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.855932] [ 129.856350] irq event stamp: 0 [ 129.856671] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.857317] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.858260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.859326] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.859966] ---[ end trace 0000000000000000 ]--- [ 129.864697] ------------[ cut here ]------------ [ 129.865487] WARNING: CPU: 0 PID: 1210 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.866585] Modules linked in: [ 129.866916] CPU: 0 PID: 1210 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.868065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.869214] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.869725] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.871640] RSP: 0018:ffff888017307bb8 EFLAGS: 00010246 [ 129.872198] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 129.872931] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 129.873657] RBP: ffff888017307bd0 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 129.874387] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff888010e00400 [ 129.875169] R13: ffff8880171ba9e8 R14: ffffffff8352e670 R15: ffff888017307e68 [ 129.875914] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.876730] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.877321] CR2: 0000000020000140 CR3: 0000000020fee000 CR4: 0000000000750ef0 [ 129.878049] PKRU: 55555554 [ 129.878342] Call Trace: [ 129.878627] [ 129.878863] __iommufd_access_detach+0x1c2/0x2b0 [ 129.879371] iommufd_access_change_pt+0x149/0x270 [ 129.879877] iommufd_access_replace+0xb4/0x120 [ 129.880364] iommufd_test+0x3e5/0x37e0 [ 129.880775] ? lock_release+0x532/0x770 [ 129.881196] ? __might_fault+0x102/0x1b0 [ 129.881625] ? lock_acquire+0x427/0x4c0 [ 129.882044] ? __pfx_iommufd_test+0x10/0x10 [ 129.882489] ? __pfx_lock_release+0x10/0x10 [ 129.882986] ? __pfx_lock_acquire+0x10/0x10 [ 129.883458] ? write_comp_data+0x2f/0x90 [ 129.883890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.884403] ? write_comp_data+0x2f/0x90 [ 129.884840] iommufd_fops_ioctl+0x37d/0x510 [ 129.885298] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.885804] ? write_comp_data+0x2f/0x90 [ 129.886242] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 129.886771] __x64_sys_ioctl+0x1a3/0x230 [ 129.887227] do_syscall_64+0x3b/0x90 [ 129.887628] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.888166] RIP: 0033:0x7f4b8743ee5d [ 129.888552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 129.890409] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 129.891232] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 129.891966] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 129.892698] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 129.893434] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 129.894166] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 129.894931] [ 129.895191] irq event stamp: 0 [ 129.895518] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.896166] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.897034] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.897889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.898553] ---[ end trace 0000000000000000 ]--- [ 129.902788] ------------[ cut here ]------------ [ 129.903326] WARNING: CPU: 0 PID: 1210 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.904407] Modules linked in: [ 129.904953] CPU: 0 PID: 1210 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.905852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.907283] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.907795] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.909904] RSP: 0018:ffff888017307bd0 EFLAGS: 00010246 [ 129.910456] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 129.911229] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 129.912074] RBP: ffff888017307be8 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 129.912941] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff888010c0a800 [ 129.913672] R13: ffff8880171ba9e8 R14: ffff8880179cf700 R15: 0000000000000000 [ 129.914654] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.915498] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.916094] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 129.917077] PKRU: 55555554 [ 129.917372] Call Trace: [ 129.917643] [ 129.917878] iommufd_access_destroy_object+0x65/0x170 [ 129.918419] iommufd_object_destroy_user+0x18e/0x220 [ 129.919104] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 129.919863] iommufd_access_destroy+0x43/0x70 [ 129.920341] iommufd_test_staccess_release+0x8d/0xd0 [ 129.920880] __fput+0x26d/0xa40 [ 129.921236] ____fput+0x1e/0x30 [ 129.921699] task_work_run+0x1a4/0x2d0 [ 129.922268] ? __pfx_task_work_run+0x10/0x10 [ 129.922776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.923323] ? switch_task_namespaces+0xa9/0xe0 [ 129.923831] do_exit+0xb17/0x2ef0 [ 129.924259] ? lock_acquire+0x427/0x4c0 [ 129.924847] ? __pfx_lock_release+0x10/0x10 [ 129.925307] ? __kasan_check_write+0x18/0x20 [ 129.925767] ? do_raw_spin_lock+0x132/0x2a0 [ 129.926264] ? __pfx_do_exit+0x10/0x10 [ 129.926871] ? debug_smp_processor_id+0x20/0x30 [ 129.927375] ? rcu_is_watching+0x19/0xb0 [ 129.927801] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.928279] ? trace_hardirqs_on+0x26/0x120 [ 129.928748] do_group_exit+0xe0/0x2b0 [ 129.929416] __x64_sys_exit_group+0x47/0x50 [ 129.929870] do_syscall_64+0x3b/0x90 [ 129.930276] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.930838] RIP: 0033:0x7f4b87518a4d [ 129.931249] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.932146] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.932931] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.933669] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.934668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.935417] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.936150] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.937214] [ 129.937462] irq event stamp: 0 [ 129.937792] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.938449] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.939571] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.940435] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.941085] ---[ end trace 0000000000000000 ]--- [ 129.942228] ------------[ cut here ]------------ [ 129.942748] WARNING: CPU: 0 PID: 1210 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 129.943918] Modules linked in: [ 129.944409] CPU: 0 PID: 1210 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.945316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.946730] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 129.947281] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 129.949385] RSP: 0018:ffff888017307b78 EFLAGS: 00010246 [ 129.949937] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 129.950708] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 129.951718] RBP: ffff888017307b98 R08: ffffed1002e3753e R09: ffffed1002e3753e [ 129.952458] R10: ffff8880171ba9ef R11: ffffed1002e3753d R12: ffff8880171baa90 [ 129.953192] R13: ffff8880171ba8a8 R14: ffffffffffffffff R15: ffff888017307c60 [ 129.954178] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 129.955051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 129.955678] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 129.956654] PKRU: 55555554 [ 129.956953] Call Trace: [ 129.957221] [ 129.957454] iommufd_ioas_destroy+0x53/0x70 [ 129.957910] iommufd_fops_release+0x1f7/0x370 [ 129.958444] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.959196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.959723] ? write_comp_data+0x2f/0x90 [ 129.960154] ? __pfx_iommufd_fops_release+0x10/0x10 [ 129.960672] __fput+0x26d/0xa40 [ 129.961098] ____fput+0x1e/0x30 [ 129.961593] task_work_run+0x1a4/0x2d0 [ 129.962003] ? __pfx_task_work_run+0x10/0x10 [ 129.962464] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 129.963010] ? switch_task_namespaces+0xa9/0xe0 [ 129.963533] do_exit+0xb17/0x2ef0 [ 129.964111] ? lock_acquire+0x427/0x4c0 [ 129.964531] ? __pfx_lock_release+0x10/0x10 [ 129.964986] ? __kasan_check_write+0x18/0x20 [ 129.965451] ? do_raw_spin_lock+0x132/0x2a0 [ 129.965978] ? __pfx_do_exit+0x10/0x10 [ 129.966575] ? debug_smp_processor_id+0x20/0x30 [ 129.967067] ? rcu_is_watching+0x19/0xb0 [ 129.967501] ? _raw_spin_unlock_irq+0x2b/0x60 [ 129.967988] ? trace_hardirqs_on+0x26/0x120 [ 129.968480] do_group_exit+0xe0/0x2b0 [ 129.969105] __x64_sys_exit_group+0x47/0x50 [ 129.969558] do_syscall_64+0x3b/0x90 [ 129.969959] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 129.970581] RIP: 0033:0x7f4b87518a4d [ 129.971104] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 129.971747] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 129.972526] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 129.973370] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 129.974249] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 129.975011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 129.975840] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 129.976727] [ 129.976975] irq event stamp: 0 [ 129.977305] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 129.978013] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 129.979040] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 129.979916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 129.980613] ---[ end trace 0000000000000000 ]--- [ 129.985583] ------------[ cut here ]------------ [ 129.986208] WARNING: CPU: 0 PID: 1211 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 129.987868] Modules linked in: [ 129.988295] CPU: 0 PID: 1211 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 129.989757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 129.991457] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 129.992392] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 129.995326] RSP: 0018:ffff888021a1fbb8 EFLAGS: 00010246 [ 129.996050] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 129.997365] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 129.998309] RBP: ffff888021a1fbd0 R08: ffffed1001702333 R09: ffffed1001702333 [ 129.999583] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff888012e93800 [ 130.000527] R13: ffff88800b8119e8 R14: ffffffff8352e670 R15: ffff888021a1fe68 [ 130.001568] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.002860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.003644] CR2: 0000000020000140 CR3: 000000000f516000 CR4: 0000000000750ef0 [ 130.004845] PKRU: 55555554 [ 130.005231] Call Trace: [ 130.005572] [ 130.005878] __iommufd_access_detach+0x1c2/0x2b0 [ 130.006839] iommufd_access_change_pt+0x149/0x270 [ 130.007530] iommufd_access_replace+0xb4/0x120 [ 130.008156] iommufd_test+0x3e5/0x37e0 [ 130.008720] ? lock_release+0x532/0x770 [ 130.009470] ? __might_fault+0x102/0x1b0 [ 130.010024] ? lock_acquire+0x427/0x4c0 [ 130.010614] ? __pfx_iommufd_test+0x10/0x10 [ 130.011221] ? __pfx_lock_release+0x10/0x10 [ 130.012015] ? __pfx_lock_acquire+0x10/0x10 [ 130.012605] ? write_comp_data+0x2f/0x90 [ 130.013162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.014062] ? write_comp_data+0x2f/0x90 [ 130.014676] iommufd_fops_ioctl+0x37d/0x510 [ 130.015289] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.015994] ? write_comp_data+0x2f/0x90 [ 130.016731] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.017379] __x64_sys_ioctl+0x1a3/0x230 [ 130.017943] do_syscall_64+0x3b/0x90 [ 130.018761] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.019489] RIP: 0033:0x7f4b8743ee5d [ 130.019988] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.022694] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.023990] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.024927] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.026124] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.027142] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.028125] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.029302] [ 130.029626] irq event stamp: 0 [ 130.030048] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.031206] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.032342] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.033745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.034651] ---[ end trace 0000000000000000 ]--- [ 130.040439] ------------[ cut here ]------------ [ 130.041105] WARNING: CPU: 0 PID: 1211 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.042899] Modules linked in: [ 130.043370] CPU: 0 PID: 1211 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.044542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.046038] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.046763] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.049203] RSP: 0018:ffff888021a1fbd0 EFLAGS: 00010246 [ 130.049925] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 130.050931] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 130.051903] RBP: ffff888021a1fbe8 R08: ffffed1001702333 R09: ffffed1001702333 [ 130.052857] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff888010e00800 [ 130.053810] R13: ffff88800b8119e8 R14: ffff88800fd0e700 R15: 0000000000000000 [ 130.054807] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.055901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.056681] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.057638] PKRU: 55555554 [ 130.058014] Call Trace: [ 130.058353] [ 130.058701] iommufd_access_destroy_object+0x65/0x170 [ 130.059415] iommufd_object_destroy_user+0x18e/0x220 [ 130.060093] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.060864] iommufd_access_destroy+0x43/0x70 [ 130.061469] iommufd_test_staccess_release+0x8d/0xd0 [ 130.062149] __fput+0x26d/0xa40 [ 130.062671] ____fput+0x1e/0x30 [ 130.063229] task_work_run+0x1a4/0x2d0 [ 130.063677] ? __pfx_task_work_run+0x10/0x10 [ 130.064145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.064653] ? switch_task_namespaces+0xa9/0xe0 [ 130.065141] do_exit+0xb17/0x2ef0 [ 130.065498] ? lock_acquire+0x427/0x4c0 [ 130.065917] ? __pfx_lock_release+0x10/0x10 [ 130.066365] ? __kasan_check_write+0x18/0x20 [ 130.066856] ? do_raw_spin_lock+0x132/0x2a0 [ 130.067323] ? __pfx_do_exit+0x10/0x10 [ 130.067733] ? debug_smp_processor_id+0x20/0x30 [ 130.068215] ? rcu_is_watching+0x19/0xb0 [ 130.068632] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.069106] ? trace_hardirqs_on+0x26/0x120 [ 130.069555] do_group_exit+0xe0/0x2b0 [ 130.069949] __x64_sys_exit_group+0x47/0x50 [ 130.070396] do_syscall_64+0x3b/0x90 [ 130.070808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.071353] RIP: 0033:0x7f4b87518a4d [ 130.071734] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.072359] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.073129] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.073845] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.074590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.075325] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.076064] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.076805] [ 130.077129] irq event stamp: 0 [ 130.077453] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.078115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.079004] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.079866] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.080510] ---[ end trace 0000000000000000 ]--- [ 130.081644] ------------[ cut here ]------------ [ 130.082712] WARNING: CPU: 0 PID: 1211 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.083824] Modules linked in: [ 130.084156] CPU: 0 PID: 1211 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.085064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.086799] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.087367] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.089268] RSP: 0018:ffff888021a1fb78 EFLAGS: 00010246 [ 130.089987] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.090750] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 130.091495] RBP: ffff888021a1fb98 R08: ffffed100170233e R09: ffffed100170233e [ 130.092166] R10: ffff88800b8119ef R11: ffffed100170233d R12: ffff88800b811a90 [ 130.093030] R13: ffff88800b8118a8 R14: ffffffffffffffff R15: ffff888021a1fc60 [ 130.093705] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.094477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.095097] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.095921] PKRU: 55555554 [ 130.096195] Call Trace: [ 130.096441] [ 130.096662] iommufd_ioas_destroy+0x53/0x70 [ 130.097085] iommufd_fops_release+0x1f7/0x370 [ 130.097527] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.098055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.098706] ? write_comp_data+0x2f/0x90 [ 130.099122] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.099607] __fput+0x26d/0xa40 [ 130.099940] ____fput+0x1e/0x30 [ 130.100268] task_work_run+0x1a4/0x2d0 [ 130.100652] ? __pfx_task_work_run+0x10/0x10 [ 130.101189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.101821] ? switch_task_namespaces+0xa9/0xe0 [ 130.102284] do_exit+0xb17/0x2ef0 [ 130.102641] ? lock_acquire+0x427/0x4c0 [ 130.103031] ? __pfx_lock_release+0x10/0x10 [ 130.103455] ? __kasan_check_write+0x18/0x20 [ 130.103881] ? do_raw_spin_lock+0x132/0x2a0 [ 130.104397] ? __pfx_do_exit+0x10/0x10 [ 130.104876] ? debug_smp_processor_id+0x20/0x30 [ 130.105333] ? rcu_is_watching+0x19/0xb0 [ 130.105728] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.106171] ? trace_hardirqs_on+0x26/0x120 [ 130.106629] do_group_exit+0xe0/0x2b0 [ 130.106996] __x64_sys_exit_group+0x47/0x50 [ 130.107502] do_syscall_64+0x3b/0x90 [ 130.107964] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.108477] RIP: 0033:0x7f4b87518a4d [ 130.108838] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.109510] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.110456] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.111171] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.111854] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.112532] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.113322] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.114115] [ 130.114341] irq event stamp: 0 [ 130.114663] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.115275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.116069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.117064] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.117662] ---[ end trace 0000000000000000 ]--- [ 130.122197] ------------[ cut here ]------------ [ 130.122782] WARNING: CPU: 0 PID: 1212 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.123771] Modules linked in: [ 130.124204] CPU: 0 PID: 1212 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.125147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.126196] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.126798] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.128633] RSP: 0018:ffff88802466fbb8 EFLAGS: 00010246 [ 130.129153] RAX: 0000000000000000 RBX: ffff8880173068a8 RCX: 0000000000000000 [ 130.130377] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 130.131519] RBP: ffff88802466fbd0 R08: ffffed1002e60d33 R09: ffffed1002e60d33 [ 130.132613] R10: ffff888017306993 R11: ffffed1002e60d32 R12: ffff888012e94800 [ 130.133294] R13: ffff8880173069e8 R14: ffffffff8352e670 R15: ffff88802466fe68 [ 130.133965] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.135001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.135566] CR2: 0000000020000140 CR3: 0000000020fbc000 CR4: 0000000000750ef0 [ 130.136226] PKRU: 55555554 [ 130.136490] Call Trace: [ 130.136730] [ 130.136968] __iommufd_access_detach+0x1c2/0x2b0 [ 130.137606] iommufd_access_change_pt+0x149/0x270 [ 130.138065] iommufd_access_replace+0xb4/0x120 [ 130.138523] iommufd_test+0x3e5/0x37e0 [ 130.138893] ? lock_release+0x532/0x770 [ 130.139287] ? __might_fault+0x102/0x1b0 [ 130.139679] ? lock_acquire+0x427/0x4c0 [ 130.140064] ? __pfx_iommufd_test+0x10/0x10 [ 130.140465] ? __pfx_lock_release+0x10/0x10 [ 130.140927] ? __pfx_lock_acquire+0x10/0x10 [ 130.141481] ? write_comp_data+0x2f/0x90 [ 130.141876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.142341] ? write_comp_data+0x2f/0x90 [ 130.142766] iommufd_fops_ioctl+0x37d/0x510 [ 130.143199] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.143665] ? write_comp_data+0x2f/0x90 [ 130.144163] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.144712] __x64_sys_ioctl+0x1a3/0x230 [ 130.145106] do_syscall_64+0x3b/0x90 [ 130.145475] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.145975] RIP: 0033:0x7f4b8743ee5d [ 130.146328] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.148174] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.148908] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.149578] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.150244] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.150932] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.151613] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.152286] [ 130.152506] irq event stamp: 0 [ 130.152801] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.153385] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.154189] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.155265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.155851] ---[ end trace 0000000000000000 ]--- [ 130.158947] ------------[ cut here ]------------ [ 130.159547] WARNING: CPU: 0 PID: 1212 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.160484] Modules linked in: [ 130.160781] CPU: 0 PID: 1212 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.161582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.162704] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.163300] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.164977] RSP: 0018:ffff88802466fbd0 EFLAGS: 00010246 [ 130.165468] RAX: 0000000000000000 RBX: ffff8880173068a8 RCX: 0000000000000000 [ 130.166125] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 130.166809] RBP: ffff88802466fbe8 R08: ffffed1002e60d33 R09: ffffed1002e60d33 [ 130.167474] R10: ffff888017306993 R11: ffffed1002e60d32 R12: ffff888012e92000 [ 130.168129] R13: ffff8880173069e8 R14: ffff88801706dd00 R15: 0000000000000000 [ 130.168782] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.169522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.170056] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.170733] PKRU: 55555554 [ 130.171001] Call Trace: [ 130.171253] [ 130.171469] iommufd_access_destroy_object+0x65/0x170 [ 130.171955] iommufd_object_destroy_user+0x18e/0x220 [ 130.172432] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.172973] iommufd_access_destroy+0x43/0x70 [ 130.173398] iommufd_test_staccess_release+0x8d/0xd0 [ 130.173886] __fput+0x26d/0xa40 [ 130.174209] ____fput+0x1e/0x30 [ 130.174554] task_work_run+0x1a4/0x2d0 [ 130.174929] ? __pfx_task_work_run+0x10/0x10 [ 130.175352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.175815] ? switch_task_namespaces+0xa9/0xe0 [ 130.176264] do_exit+0xb17/0x2ef0 [ 130.176597] ? lock_acquire+0x427/0x4c0 [ 130.176976] ? __pfx_lock_release+0x10/0x10 [ 130.177379] ? __kasan_check_write+0x18/0x20 [ 130.177786] ? do_raw_spin_lock+0x132/0x2a0 [ 130.178184] ? __pfx_do_exit+0x10/0x10 [ 130.178578] ? debug_smp_processor_id+0x20/0x30 [ 130.179001] ? rcu_is_watching+0x19/0xb0 [ 130.179372] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.179775] ? trace_hardirqs_on+0x26/0x120 [ 130.180157] do_group_exit+0xe0/0x2b0 [ 130.180494] __x64_sys_exit_group+0x47/0x50 [ 130.180866] do_syscall_64+0x3b/0x90 [ 130.181200] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.181657] RIP: 0033:0x7f4b87518a4d [ 130.181980] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.182535] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.183205] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.183829] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.184446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.185073] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.185696] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.186326] [ 130.186557] irq event stamp: 0 [ 130.186839] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.187399] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.188130] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.188853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.189400] ---[ end trace 0000000000000000 ]--- [ 130.190291] ------------[ cut here ]------------ [ 130.190752] WARNING: CPU: 0 PID: 1212 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.191655] Modules linked in: [ 130.191937] CPU: 0 PID: 1212 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.192697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.193704] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.194372] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.195991] RSP: 0018:ffff88802466fb78 EFLAGS: 00010246 [ 130.196457] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.197075] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 130.197879] RBP: ffff88802466fb98 R08: ffffed1002e60d3e R09: ffffed1002e60d3e [ 130.198522] R10: ffff8880173069ef R11: ffffed1002e60d3d R12: ffff888017306a90 [ 130.199164] R13: ffff8880173068a8 R14: ffffffffffffffff R15: ffff88802466fc60 [ 130.199783] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.200481] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.200983] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.201602] PKRU: 55555554 [ 130.201849] Call Trace: [ 130.202073] [ 130.202273] iommufd_ioas_destroy+0x53/0x70 [ 130.202685] iommufd_fops_release+0x1f7/0x370 [ 130.203087] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.203538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.203976] ? write_comp_data+0x2f/0x90 [ 130.204341] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.204782] __fput+0x26d/0xa40 [ 130.205089] ____fput+0x1e/0x30 [ 130.205389] task_work_run+0x1a4/0x2d0 [ 130.205743] ? __pfx_task_work_run+0x10/0x10 [ 130.206171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.206808] ? switch_task_namespaces+0xa9/0xe0 [ 130.207238] do_exit+0xb17/0x2ef0 [ 130.207547] ? lock_acquire+0x427/0x4c0 [ 130.207905] ? __pfx_lock_release+0x10/0x10 [ 130.208288] ? __kasan_check_write+0x18/0x20 [ 130.208681] ? do_raw_spin_lock+0x132/0x2a0 [ 130.209061] ? __pfx_do_exit+0x10/0x10 [ 130.209413] ? debug_smp_processor_id+0x20/0x30 [ 130.209831] ? rcu_is_watching+0x19/0xb0 [ 130.210192] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.210617] ? trace_hardirqs_on+0x26/0x120 [ 130.211004] do_group_exit+0xe0/0x2b0 [ 130.211349] __x64_sys_exit_group+0x47/0x50 [ 130.211728] do_syscall_64+0x3b/0x90 [ 130.212066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.212526] RIP: 0033:0x7f4b87518a4d [ 130.212850] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.213382] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.214043] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.214679] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.215312] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.215935] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.216561] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.217189] [ 130.217396] irq event stamp: 0 [ 130.217680] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.218229] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.218978] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.219718] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.220273] ---[ end trace 0000000000000000 ]--- [ 130.224878] ------------[ cut here ]------------ [ 130.225486] WARNING: CPU: 0 PID: 1213 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.226369] Modules linked in: [ 130.226722] CPU: 0 PID: 1213 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.227514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.228610] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.229127] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.230740] RSP: 0018:ffff888021a1fbb8 EFLAGS: 00010246 [ 130.231215] RAX: 0000000000000000 RBX: ffff8880140cb0a8 RCX: 0000000000000000 [ 130.231834] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 130.232449] RBP: ffff888021a1fbd0 R08: ffffed1002819633 R09: ffffed1002819633 [ 130.233066] R10: ffff8880140cb193 R11: ffffed1002819632 R12: ffff88800fe47000 [ 130.233684] R13: ffff8880140cb1e8 R14: ffffffff8352e670 R15: ffff888021a1fe68 [ 130.234308] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.235031] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.235558] CR2: 00007f4b877410e8 CR3: 0000000020fbc000 CR4: 0000000000750ef0 [ 130.236185] PKRU: 55555554 [ 130.236435] Call Trace: [ 130.236661] [ 130.236860] __iommufd_access_detach+0x1c2/0x2b0 [ 130.237290] iommufd_access_change_pt+0x149/0x270 [ 130.237726] iommufd_access_replace+0xb4/0x120 [ 130.238144] iommufd_test+0x3e5/0x37e0 [ 130.238491] ? lock_release+0x532/0x770 [ 130.238879] ? __might_fault+0x102/0x1b0 [ 130.239255] ? lock_acquire+0x427/0x4c0 [ 130.239619] ? __pfx_iommufd_test+0x10/0x10 [ 130.239995] ? __pfx_lock_release+0x10/0x10 [ 130.240382] ? __pfx_lock_acquire+0x10/0x10 [ 130.240772] ? write_comp_data+0x2f/0x90 [ 130.241140] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.241571] ? write_comp_data+0x2f/0x90 [ 130.241944] iommufd_fops_ioctl+0x37d/0x510 [ 130.242328] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.242782] ? write_comp_data+0x2f/0x90 [ 130.243160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.243590] __x64_sys_ioctl+0x1a3/0x230 [ 130.243961] do_syscall_64+0x3b/0x90 [ 130.244300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.244760] RIP: 0033:0x7f4b8743ee5d [ 130.245087] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.246705] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.247391] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.248016] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.248635] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.249251] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.249871] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.250498] [ 130.250734] irq event stamp: 0 [ 130.251013] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.251579] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.252310] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.253036] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.253582] ---[ end trace 0000000000000000 ]--- [ 130.256907] ------------[ cut here ]------------ [ 130.257343] WARNING: CPU: 0 PID: 1213 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.258245] Modules linked in: [ 130.258657] CPU: 0 PID: 1213 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.259538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.260513] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.260948] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.262759] RSP: 0018:ffff888021a1fbd0 EFLAGS: 00010246 [ 130.263244] RAX: 0000000000000000 RBX: ffff8880140cb0a8 RCX: 0000000000000000 [ 130.263867] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 130.264483] RBP: ffff888021a1fbe8 R08: ffffed1002819633 R09: ffffed1002819633 [ 130.265104] R10: ffff8880140cb193 R11: ffffed1002819632 R12: ffff888012e97800 [ 130.265919] R13: ffff8880140cb1e8 R14: ffff8880218d4600 R15: 0000000000000000 [ 130.266560] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.267271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.267782] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.268404] PKRU: 55555554 [ 130.268656] Call Trace: [ 130.268881] [ 130.269121] iommufd_access_destroy_object+0x65/0x170 [ 130.269742] iommufd_object_destroy_user+0x18e/0x220 [ 130.270198] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.270738] iommufd_access_destroy+0x43/0x70 [ 130.271153] iommufd_test_staccess_release+0x8d/0xd0 [ 130.271611] __fput+0x26d/0xa40 [ 130.271917] ____fput+0x1e/0x30 [ 130.272216] task_work_run+0x1a4/0x2d0 [ 130.272567] ? __pfx_task_work_run+0x10/0x10 [ 130.272983] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.273578] ? switch_task_namespaces+0xa9/0xe0 [ 130.273998] do_exit+0xb17/0x2ef0 [ 130.274303] ? lock_acquire+0x427/0x4c0 [ 130.274685] ? __pfx_lock_release+0x10/0x10 [ 130.275077] ? __kasan_check_write+0x18/0x20 [ 130.275488] ? do_raw_spin_lock+0x132/0x2a0 [ 130.275869] ? __pfx_do_exit+0x10/0x10 [ 130.276224] ? debug_smp_processor_id+0x20/0x30 [ 130.276645] ? rcu_is_watching+0x19/0xb0 [ 130.277096] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.277578] ? trace_hardirqs_on+0x26/0x120 [ 130.277965] do_group_exit+0xe0/0x2b0 [ 130.278299] __x64_sys_exit_group+0x47/0x50 [ 130.278696] do_syscall_64+0x3b/0x90 [ 130.279034] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.279524] RIP: 0033:0x7f4b87518a4d [ 130.279852] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.280388] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.281246] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.281866] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.282481] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.283128] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.283768] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.284550] [ 130.284877] irq event stamp: 0 [ 130.285154] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.285702] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.286428] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.287386] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.287938] ---[ end trace 0000000000000000 ]--- [ 130.288701] ------------[ cut here ]------------ [ 130.289115] WARNING: CPU: 0 PID: 1213 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.290217] Modules linked in: [ 130.290531] CPU: 0 PID: 1213 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.291315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.292297] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.292829] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.294538] RSP: 0018:ffff888021a1fb78 EFLAGS: 00010246 [ 130.294998] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.295785] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 130.296369] RBP: ffff888021a1fb98 R08: ffffed100281963e R09: ffffed100281963e [ 130.296951] R10: ffff8880140cb1ef R11: ffffed100281963d R12: ffff8880140cb290 [ 130.297536] R13: ffff8880140cb0a8 R14: ffffffffffffffff R15: ffff888021a1fc60 [ 130.298295] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.298971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.299463] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.300050] PKRU: 55555554 [ 130.300283] Call Trace: [ 130.300542] [ 130.300750] iommufd_ioas_destroy+0x53/0x70 [ 130.301203] iommufd_fops_release+0x1f7/0x370 [ 130.301588] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.302003] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.302415] ? write_comp_data+0x2f/0x90 [ 130.302792] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.303357] __fput+0x26d/0xa40 [ 130.303645] ____fput+0x1e/0x30 [ 130.303928] task_work_run+0x1a4/0x2d0 [ 130.304261] ? __pfx_task_work_run+0x10/0x10 [ 130.304630] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.305039] ? switch_task_namespaces+0xa9/0xe0 [ 130.305438] do_exit+0xb17/0x2ef0 [ 130.305807] ? lock_acquire+0x427/0x4c0 [ 130.306265] ? __pfx_lock_release+0x10/0x10 [ 130.306650] ? __kasan_check_write+0x18/0x20 [ 130.307022] ? do_raw_spin_lock+0x132/0x2a0 [ 130.307393] ? __pfx_do_exit+0x10/0x10 [ 130.307726] ? debug_smp_processor_id+0x20/0x30 [ 130.308116] ? rcu_is_watching+0x19/0xb0 [ 130.308487] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.309006] ? trace_hardirqs_on+0x26/0x120 [ 130.309376] do_group_exit+0xe0/0x2b0 [ 130.309699] __x64_sys_exit_group+0x47/0x50 [ 130.310058] do_syscall_64+0x3b/0x90 [ 130.310378] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.310888] RIP: 0033:0x7f4b87518a4d [ 130.311314] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.311819] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.312445] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.313032] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.313643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.314390] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.315002] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.315616] [ 130.315815] irq event stamp: 0 [ 130.316080] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.316791] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.317479] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.318164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.318775] ---[ end trace 0000000000000000 ]--- [ 130.324005] ------------[ cut here ]------------ [ 130.324500] WARNING: CPU: 0 PID: 1214 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.325426] Modules linked in: [ 130.325690] CPU: 0 PID: 1214 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.326408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.327507] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.327921] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.329413] RSP: 0018:ffff88802466fbb8 EFLAGS: 00010246 [ 130.329849] RAX: 0000000000000000 RBX: ffff888013b828a8 RCX: 0000000000000000 [ 130.330433] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 130.331035] RBP: ffff88802466fbd0 R08: ffffed1002770533 R09: ffffed1002770533 [ 130.331662] R10: ffff888013b82993 R11: ffffed1002770532 R12: ffff888013b14c00 [ 130.332245] R13: ffff888013b829e8 R14: ffffffff8352e670 R15: ffff88802466fe68 [ 130.332832] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.333511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.333989] CR2: 00007f4b877410e8 CR3: 0000000020fbc000 CR4: 0000000000750ef0 [ 130.334595] PKRU: 55555554 [ 130.334837] Call Trace: [ 130.335050] [ 130.335247] __iommufd_access_detach+0x1c2/0x2b0 [ 130.335658] iommufd_access_change_pt+0x149/0x270 [ 130.336065] iommufd_access_replace+0xb4/0x120 [ 130.336456] iommufd_test+0x3e5/0x37e0 [ 130.336781] ? lock_release+0x532/0x770 [ 130.337123] ? __might_fault+0x102/0x1b0 [ 130.337467] ? lock_acquire+0x427/0x4c0 [ 130.337804] ? __pfx_iommufd_test+0x10/0x10 [ 130.338160] ? __pfx_lock_release+0x10/0x10 [ 130.338541] ? __pfx_lock_acquire+0x10/0x10 [ 130.338909] ? write_comp_data+0x2f/0x90 [ 130.339263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.339675] ? write_comp_data+0x2f/0x90 [ 130.340022] iommufd_fops_ioctl+0x37d/0x510 [ 130.340383] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.340791] ? write_comp_data+0x2f/0x90 [ 130.341139] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.341539] __x64_sys_ioctl+0x1a3/0x230 [ 130.341888] do_syscall_64+0x3b/0x90 [ 130.342208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.342663] RIP: 0033:0x7f4b8743ee5d [ 130.342976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.344491] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.345124] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.345713] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.346303] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.346910] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.347512] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.348113] [ 130.348312] irq event stamp: 0 [ 130.348594] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.349115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.349805] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.350495] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.351041] ---[ end trace 0000000000000000 ]--- [ 130.354075] ------------[ cut here ]------------ [ 130.354484] WARNING: CPU: 0 PID: 1214 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.355366] Modules linked in: [ 130.355633] CPU: 0 PID: 1214 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.356434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.357498] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.357917] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.359875] RSP: 0018:ffff88802466fbd0 EFLAGS: 00010246 [ 130.360321] RAX: 0000000000000000 RBX: ffff888013b828a8 RCX: 0000000000000000 [ 130.360907] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 130.361492] RBP: ffff88802466fbe8 R08: ffffed1002770533 R09: ffffed1002770533 [ 130.362271] R10: ffff888013b82993 R11: ffffed1002770532 R12: ffff88800fe45c00 [ 130.362878] R13: ffff888013b829e8 R14: ffff88800f078500 R15: 0000000000000000 [ 130.363494] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.364161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.364638] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.365419] PKRU: 55555554 [ 130.365654] Call Trace: [ 130.365864] [ 130.366052] iommufd_access_destroy_object+0x65/0x170 [ 130.366484] iommufd_object_destroy_user+0x18e/0x220 [ 130.366934] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.367435] iommufd_access_destroy+0x43/0x70 [ 130.367853] iommufd_test_staccess_release+0x8d/0xd0 [ 130.368440] __fput+0x26d/0xa40 [ 130.368735] ____fput+0x1e/0x30 [ 130.369019] task_work_run+0x1a4/0x2d0 [ 130.369351] ? __pfx_task_work_run+0x10/0x10 [ 130.369723] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.370136] ? switch_task_namespaces+0xa9/0xe0 [ 130.370558] do_exit+0xb17/0x2ef0 [ 130.370850] ? lock_acquire+0x427/0x4c0 [ 130.371200] ? __pfx_lock_release+0x10/0x10 [ 130.371565] ? __kasan_check_write+0x18/0x20 [ 130.372105] ? do_raw_spin_lock+0x132/0x2a0 [ 130.372471] ? __pfx_do_exit+0x10/0x10 [ 130.372807] ? debug_smp_processor_id+0x20/0x30 [ 130.373196] ? rcu_is_watching+0x19/0xb0 [ 130.373540] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.373921] ? trace_hardirqs_on+0x26/0x120 [ 130.374287] do_group_exit+0xe0/0x2b0 [ 130.374650] __x64_sys_exit_group+0x47/0x50 [ 130.375150] do_syscall_64+0x3b/0x90 [ 130.375473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.375910] RIP: 0033:0x7f4b87518a4d [ 130.376220] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.376729] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.377356] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.377948] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.378737] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.379332] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.379917] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.380511] [ 130.380706] irq event stamp: 0 [ 130.380968] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.381496] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.382346] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.383061] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.383592] ---[ end trace 0000000000000000 ]--- [ 130.384310] ------------[ cut here ]------------ [ 130.384702] WARNING: CPU: 0 PID: 1214 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.385720] Modules linked in: [ 130.385994] CPU: 0 PID: 1214 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.386741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.387674] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.388105] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.389770] RSP: 0018:ffff88802466fb78 EFLAGS: 00010246 [ 130.390213] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.390817] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 130.391415] RBP: ffff88802466fb98 R08: ffffed100277053e R09: ffffed100277053e [ 130.392000] R10: ffff888013b829ef R11: ffffed100277053d R12: ffff888013b82a90 [ 130.392750] R13: ffff888013b828a8 R14: ffffffffffffffff R15: ffff88802466fc60 [ 130.393342] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.394003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.394482] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.395093] PKRU: 55555554 [ 130.395403] Call Trace: [ 130.395698] [ 130.395886] iommufd_ioas_destroy+0x53/0x70 [ 130.396252] iommufd_fops_release+0x1f7/0x370 [ 130.396634] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.397053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.397466] ? write_comp_data+0x2f/0x90 [ 130.397812] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.398232] __fput+0x26d/0xa40 [ 130.398551] ____fput+0x1e/0x30 [ 130.398835] task_work_run+0x1a4/0x2d0 [ 130.399181] ? __pfx_task_work_run+0x10/0x10 [ 130.399734] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.400147] ? switch_task_namespaces+0xa9/0xe0 [ 130.400543] do_exit+0xb17/0x2ef0 [ 130.400833] ? lock_acquire+0x427/0x4c0 [ 130.401171] ? __pfx_lock_release+0x10/0x10 [ 130.401536] ? __kasan_check_write+0x18/0x20 [ 130.401906] ? do_raw_spin_lock+0x132/0x2a0 [ 130.402287] ? __pfx_do_exit+0x10/0x10 [ 130.402767] ? debug_smp_processor_id+0x20/0x30 [ 130.403164] ? rcu_is_watching+0x19/0xb0 [ 130.403506] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.403888] ? trace_hardirqs_on+0x26/0x120 [ 130.404253] do_group_exit+0xe0/0x2b0 [ 130.404574] __x64_sys_exit_group+0x47/0x50 [ 130.404936] do_syscall_64+0x3b/0x90 [ 130.405257] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.405694] RIP: 0033:0x7f4b87518a4d [ 130.406174] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.406702] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.407339] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.407927] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.408516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.409107] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.409880] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.410478] [ 130.410709] irq event stamp: 0 [ 130.410976] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.411504] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.412200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.412896] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.413597] ---[ end trace 0000000000000000 ]--- [ 130.418433] ------------[ cut here ]------------ [ 130.418921] WARNING: CPU: 0 PID: 1215 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.419920] Modules linked in: [ 130.420186] CPU: 0 PID: 1215 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.420906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.421831] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.422247] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.423786] RSP: 0018:ffff888021a1fbb8 EFLAGS: 00010246 [ 130.424229] RAX: 0000000000000000 RBX: ffff88801723a8a8 RCX: 0000000000000000 [ 130.424817] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 130.425400] RBP: ffff888021a1fbd0 R08: ffffed1002e47533 R09: ffffed1002e47533 [ 130.425983] R10: ffff88801723a993 R11: ffffed1002e47532 R12: ffff888010c08800 [ 130.426589] R13: ffff88801723a9e8 R14: ffffffff8352e670 R15: ffff888021a1fe68 [ 130.427193] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.427856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.428338] CR2: 00007f4b877410e8 CR3: 0000000020fbc000 CR4: 0000000000750ef0 [ 130.428929] PKRU: 55555554 [ 130.429164] Call Trace: [ 130.429376] [ 130.429566] __iommufd_access_detach+0x1c2/0x2b0 [ 130.429974] iommufd_access_change_pt+0x149/0x270 [ 130.430385] iommufd_access_replace+0xb4/0x120 [ 130.430798] iommufd_test+0x3e5/0x37e0 [ 130.431133] ? lock_release+0x532/0x770 [ 130.431476] ? __might_fault+0x102/0x1b0 [ 130.431824] ? lock_acquire+0x427/0x4c0 [ 130.432164] ? __pfx_iommufd_test+0x10/0x10 [ 130.432519] ? __pfx_lock_release+0x10/0x10 [ 130.432886] ? __pfx_lock_acquire+0x10/0x10 [ 130.433254] ? write_comp_data+0x2f/0x90 [ 130.433604] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.434013] ? write_comp_data+0x2f/0x90 [ 130.434358] iommufd_fops_ioctl+0x37d/0x510 [ 130.434736] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.435162] ? write_comp_data+0x2f/0x90 [ 130.435518] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.435922] __x64_sys_ioctl+0x1a3/0x230 [ 130.436273] do_syscall_64+0x3b/0x90 [ 130.436604] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.437042] RIP: 0033:0x7f4b8743ee5d [ 130.437354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.438875] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.439205] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 130.439514] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.439525] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.439534] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.441896] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 130.442412] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.445555] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.446148] [ 130.446344] irq event stamp: 0 [ 130.446620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.447169] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.447859] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.448542] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.449060] ---[ end trace 0000000000000000 ]--- [ 130.452273] ------------[ cut here ]------------ [ 130.452684] WARNING: CPU: 0 PID: 1215 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.453548] Modules linked in: [ 130.453959] CPU: 0 PID: 1215 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.454726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.455665] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.456077] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.457573] RSP: 0018:ffff888021a1fbd0 EFLAGS: 00010246 [ 130.458015] RAX: 0000000000000000 RBX: ffff88801723a8a8 RCX: 0000000000000000 [ 130.458627] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 130.459366] RBP: ffff888021a1fbe8 R08: ffffed1002e47533 R09: ffffed1002e47533 [ 130.459957] R10: ffff88801723a993 R11: ffffed1002e47532 R12: ffff888013b15c00 [ 130.460542] R13: ffff88801723a9e8 R14: ffff88800fceed00 R15: 0000000000000000 [ 130.461126] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.461785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.462264] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.462870] PKRU: 55555554 [ 130.463108] Call Trace: [ 130.463332] [ 130.463520] iommufd_access_destroy_object+0x65/0x170 [ 130.463957] iommufd_object_destroy_user+0x18e/0x220 [ 130.464392] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.464879] iommufd_access_destroy+0x43/0x70 [ 130.465261] iommufd_test_staccess_release+0x8d/0xd0 [ 130.465696] __fput+0x26d/0xa40 [ 130.465984] ____fput+0x1e/0x30 [ 130.466272] task_work_run+0x1a4/0x2d0 [ 130.466624] ? __pfx_task_work_run+0x10/0x10 [ 130.466997] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.467418] ? switch_task_namespaces+0xa9/0xe0 [ 130.467819] do_exit+0xb17/0x2ef0 [ 130.468108] ? lock_acquire+0x427/0x4c0 [ 130.468450] ? __pfx_lock_release+0x10/0x10 [ 130.468816] ? __kasan_check_write+0x18/0x20 [ 130.469191] ? do_raw_spin_lock+0x132/0x2a0 [ 130.469550] ? __pfx_do_exit+0x10/0x10 [ 130.469883] ? debug_smp_processor_id+0x20/0x30 [ 130.470274] ? rcu_is_watching+0x19/0xb0 [ 130.470630] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.471012] ? trace_hardirqs_on+0x26/0x120 [ 130.471387] do_group_exit+0xe0/0x2b0 [ 130.471708] __x64_sys_exit_group+0x47/0x50 [ 130.472067] do_syscall_64+0x3b/0x90 [ 130.472389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.472830] RIP: 0033:0x7f4b87518a4d [ 130.473142] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.473648] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.474271] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.474880] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.475475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.476064] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.476652] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.477248] [ 130.477445] irq event stamp: 0 [ 130.477717] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.478258] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.479012] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.479740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.480286] ---[ end trace 0000000000000000 ]--- [ 130.481229] ------------[ cut here ]------------ [ 130.481648] WARNING: CPU: 0 PID: 1215 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.482558] Modules linked in: [ 130.482838] CPU: 0 PID: 1215 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.483615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.484604] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.485060] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.486899] RSP: 0018:ffff888021a1fb78 EFLAGS: 00010246 [ 130.487387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.488000] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 130.488612] RBP: ffff888021a1fb98 R08: ffffed1002e4753e R09: ffffed1002e4753e [ 130.489228] R10: ffff88801723a9ef R11: ffffed1002e4753d R12: ffff88801723aa90 [ 130.489848] R13: ffff88801723a8a8 R14: ffffffffffffffff R15: ffff888021a1fc60 [ 130.490656] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.491371] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.491880] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.492508] PKRU: 55555554 [ 130.492755] Call Trace: [ 130.492980] [ 130.493180] iommufd_ioas_destroy+0x53/0x70 [ 130.493569] iommufd_fops_release+0x1f7/0x370 [ 130.493972] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.494416] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.494875] ? write_comp_data+0x2f/0x90 [ 130.495255] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.495701] __fput+0x26d/0xa40 [ 130.496008] ____fput+0x1e/0x30 [ 130.496310] task_work_run+0x1a4/0x2d0 [ 130.496665] ? __pfx_task_work_run+0x10/0x10 [ 130.497058] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.497492] ? switch_task_namespaces+0xa9/0xe0 [ 130.497915] do_exit+0xb17/0x2ef0 [ 130.498223] ? lock_acquire+0x427/0x4c0 [ 130.498621] ? __pfx_lock_release+0x10/0x10 [ 130.499010] ? __kasan_check_write+0x18/0x20 [ 130.499416] ? do_raw_spin_lock+0x132/0x2a0 [ 130.499801] ? __pfx_do_exit+0x10/0x10 [ 130.500151] ? debug_smp_processor_id+0x20/0x30 [ 130.500565] ? rcu_is_watching+0x19/0xb0 [ 130.500924] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.501328] ? trace_hardirqs_on+0x26/0x120 [ 130.501716] do_group_exit+0xe0/0x2b0 [ 130.502054] __x64_sys_exit_group+0x47/0x50 [ 130.502431] do_syscall_64+0x3b/0x90 [ 130.502807] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.503282] RIP: 0033:0x7f4b87518a4d [ 130.503612] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.504151] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.504819] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.505442] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.506063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.506721] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.507352] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.507989] [ 130.508196] irq event stamp: 0 [ 130.508473] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.509026] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.509757] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.510489] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.511067] ---[ end trace 0000000000000000 ]--- [ 130.522582] ------------[ cut here ]------------ [ 130.523017] WARNING: CPU: 0 PID: 1217 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.524090] Modules linked in: [ 130.524376] CPU: 0 PID: 1217 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.525135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.526209] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.526797] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.528404] RSP: 0018:ffff888020b8fbb8 EFLAGS: 00010246 [ 130.528868] RAX: 0000000000000000 RBX: ffff88802466b0a8 RCX: 0000000000000000 [ 130.529489] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 130.530109] RBP: ffff888020b8fbd0 R08: ffffed10048cd633 R09: ffffed10048cd633 [ 130.530749] R10: ffff88802466b193 R11: ffffed10048cd632 R12: ffff888020a69000 [ 130.531378] R13: ffff88802466b1e8 R14: ffffffff8352e670 R15: ffff888020b8fe68 [ 130.532002] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.532703] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.533209] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 130.533836] PKRU: 55555554 [ 130.534084] Call Trace: [ 130.534308] [ 130.534527] __iommufd_access_detach+0x1c2/0x2b0 [ 130.534961] iommufd_access_change_pt+0x149/0x270 [ 130.535406] iommufd_access_replace+0xb4/0x120 [ 130.535822] iommufd_test+0x3e5/0x37e0 [ 130.536167] ? lock_release+0x532/0x770 [ 130.536531] ? __might_fault+0x102/0x1b0 [ 130.536894] ? lock_acquire+0x427/0x4c0 [ 130.537268] ? __pfx_iommufd_test+0x10/0x10 [ 130.537653] ? __pfx_lock_release+0x10/0x10 [ 130.538040] ? __pfx_lock_acquire+0x10/0x10 [ 130.538432] ? write_comp_data+0x2f/0x90 [ 130.538837] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.539291] ? write_comp_data+0x2f/0x90 [ 130.539674] iommufd_fops_ioctl+0x37d/0x510 [ 130.540081] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.540517] ? write_comp_data+0x2f/0x90 [ 130.540886] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.541327] __x64_sys_ioctl+0x1a3/0x230 [ 130.541697] do_syscall_64+0x3b/0x90 [ 130.542111] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.542715] RIP: 0033:0x7f4b8743ee5d [ 130.543042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.544626] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.545292] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.545909] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.546543] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.547167] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.547779] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.548405] [ 130.548608] irq event stamp: 0 [ 130.548884] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.549432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.550156] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.550898] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.551465] ---[ end trace 0000000000000000 ]--- [ 130.554695] ------------[ cut here ]------------ [ 130.555133] WARNING: CPU: 0 PID: 1217 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.556007] Modules linked in: [ 130.556286] CPU: 0 PID: 1217 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.557131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.558213] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.558678] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.560452] RSP: 0018:ffff888020b8fbd0 EFLAGS: 00010246 [ 130.560918] RAX: 0000000000000000 RBX: ffff88802466b0a8 RCX: 0000000000000000 [ 130.561535] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 130.562150] RBP: ffff888020b8fbe8 R08: ffffed10048cd633 R09: ffffed10048cd633 [ 130.562965] R10: ffff88802466b193 R11: ffffed10048cd632 R12: ffff888010c09c00 [ 130.563600] R13: ffff88802466b1e8 R14: ffff8880122e4600 R15: 0000000000000000 [ 130.564211] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.564919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.565429] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.566256] PKRU: 55555554 [ 130.566535] Call Trace: [ 130.566764] [ 130.566962] iommufd_access_destroy_object+0x65/0x170 [ 130.567446] iommufd_object_destroy_user+0x18e/0x220 [ 130.567900] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.568418] iommufd_access_destroy+0x43/0x70 [ 130.569047] iommufd_test_staccess_release+0x8d/0xd0 [ 130.569504] __fput+0x26d/0xa40 [ 130.569810] ____fput+0x1e/0x30 [ 130.570106] task_work_run+0x1a4/0x2d0 [ 130.570461] ? __pfx_task_work_run+0x10/0x10 [ 130.570883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.571333] ? switch_task_namespaces+0xa9/0xe0 [ 130.571835] do_exit+0xb17/0x2ef0 [ 130.572273] ? lock_acquire+0x427/0x4c0 [ 130.572632] ? __pfx_lock_release+0x10/0x10 [ 130.573017] ? __kasan_check_write+0x18/0x20 [ 130.573424] ? do_raw_spin_lock+0x132/0x2a0 [ 130.573832] ? __pfx_do_exit+0x10/0x10 [ 130.574319] ? debug_smp_processor_id+0x20/0x30 [ 130.574962] ? rcu_is_watching+0x19/0xb0 [ 130.575373] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.575800] ? trace_hardirqs_on+0x26/0x120 [ 130.576205] do_group_exit+0xe0/0x2b0 [ 130.576562] __x64_sys_exit_group+0x47/0x50 [ 130.576966] do_syscall_64+0x3b/0x90 [ 130.577368] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.578022] RIP: 0033:0x7f4b87518a4d [ 130.578373] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.578960] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.579683] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.580369] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.581241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.581896] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.582578] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.583275] [ 130.583502] irq event stamp: 0 [ 130.583903] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.584657] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.585451] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.586237] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.586864] ---[ end trace 0000000000000000 ]--- [ 130.587690] ------------[ cut here ]------------ [ 130.588140] WARNING: CPU: 0 PID: 1217 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.589426] Modules linked in: [ 130.589894] CPU: 0 PID: 1217 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.590748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.591827] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.592326] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.594462] RSP: 0018:ffff888020b8fb78 EFLAGS: 00010246 [ 130.595047] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.595793] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 130.596527] RBP: ffff888020b8fb98 R08: ffffed10048cd63e R09: ffffed10048cd63e [ 130.597258] R10: ffff88802466b1ef R11: ffffed10048cd63d R12: ffff88802466b290 [ 130.598026] R13: ffff88802466b0a8 R14: ffffffffffffffff R15: ffff888020b8fc60 [ 130.599104] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.599948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.600552] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.601290] PKRU: 55555554 [ 130.601585] Call Trace: [ 130.601844] [ 130.602080] iommufd_ioas_destroy+0x53/0x70 [ 130.602613] iommufd_fops_release+0x1f7/0x370 [ 130.603248] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.603995] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.604508] ? write_comp_data+0x2f/0x90 [ 130.604935] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.605450] __fput+0x26d/0xa40 [ 130.605809] ____fput+0x1e/0x30 [ 130.606160] task_work_run+0x1a4/0x2d0 [ 130.606601] ? __pfx_task_work_run+0x10/0x10 [ 130.607063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.607594] ? switch_task_namespaces+0xa9/0xe0 [ 130.608155] do_exit+0xb17/0x2ef0 [ 130.608671] ? lock_acquire+0x427/0x4c0 [ 130.609282] ? __pfx_lock_release+0x10/0x10 [ 130.609753] ? __kasan_check_write+0x18/0x20 [ 130.610219] ? do_raw_spin_lock+0x132/0x2a0 [ 130.610708] ? __pfx_do_exit+0x10/0x10 [ 130.611133] ? debug_smp_processor_id+0x20/0x30 [ 130.611622] ? rcu_is_watching+0x19/0xb0 [ 130.612045] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.612515] ? trace_hardirqs_on+0x26/0x120 [ 130.613001] do_group_exit+0xe0/0x2b0 [ 130.613518] __x64_sys_exit_group+0x47/0x50 [ 130.614112] do_syscall_64+0x3b/0x90 [ 130.614718] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.615276] RIP: 0033:0x7f4b87518a4d [ 130.615663] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.616296] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.617068] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.617794] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.618708] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.620108] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.621108] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.622108] [ 130.622447] irq event stamp: 0 [ 130.623018] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.624280] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.625397] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.626586] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.627999] ---[ end trace 0000000000000000 ]--- [ 130.637477] ------------[ cut here ]------------ [ 130.638171] WARNING: CPU: 0 PID: 1218 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.640069] Modules linked in: [ 130.640521] CPU: 0 PID: 1218 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.641670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.643265] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.643945] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.646274] RSP: 0018:ffff88800ef07bb8 EFLAGS: 00010246 [ 130.647044] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 130.648016] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 130.648948] RBP: ffff88800ef07bd0 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 130.649880] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff88800a727000 [ 130.650857] R13: ffff8880178189e8 R14: ffffffff8352e670 R15: ffff88800ef07e68 [ 130.651826] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.652865] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.653624] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 130.654608] PKRU: 55555554 [ 130.655005] Call Trace: [ 130.655376] [ 130.655686] __iommufd_access_detach+0x1c2/0x2b0 [ 130.656337] iommufd_access_change_pt+0x149/0x270 [ 130.657002] iommufd_access_replace+0xb4/0x120 [ 130.657626] iommufd_test+0x3e5/0x37e0 [ 130.658146] ? lock_release+0x532/0x770 [ 130.658787] ? __might_fault+0x102/0x1b0 [ 130.659387] ? lock_acquire+0x427/0x4c0 [ 130.659951] ? __pfx_iommufd_test+0x10/0x10 [ 130.660551] ? __pfx_lock_release+0x10/0x10 [ 130.661157] ? __pfx_lock_acquire+0x10/0x10 [ 130.661755] ? write_comp_data+0x2f/0x90 [ 130.662314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.663033] ? write_comp_data+0x2f/0x90 [ 130.663632] iommufd_fops_ioctl+0x37d/0x510 [ 130.664234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.664911] ? write_comp_data+0x2f/0x90 [ 130.665491] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.666153] __x64_sys_ioctl+0x1a3/0x230 [ 130.666799] do_syscall_64+0x3b/0x90 [ 130.667478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.668051] RIP: 0033:0x7f4b8743ee5d [ 130.668449] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.670389] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.671279] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.672053] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.672829] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.673591] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.674361] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.675187] [ 130.675450] irq event stamp: 0 [ 130.675795] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.676478] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.677373] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.678240] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.678940] ---[ end trace 0000000000000000 ]--- [ 130.682761] ------------[ cut here ]------------ [ 130.683348] WARNING: CPU: 0 PID: 1218 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.684447] Modules linked in: [ 130.684925] CPU: 0 PID: 1218 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.686053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.687368] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.687941] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.690694] RSP: 0018:ffff88800ef07bd0 EFLAGS: 00010246 [ 130.691476] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 130.692444] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 130.693410] RBP: ffff88800ef07be8 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 130.694454] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff888020a68400 [ 130.695996] R13: ffff8880178189e8 R14: ffff888012de4b00 R15: 0000000000000000 [ 130.696971] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.698052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.699254] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.700225] PKRU: 55555554 [ 130.700608] Call Trace: [ 130.700957] [ 130.701273] iommufd_access_destroy_object+0x65/0x170 [ 130.701982] iommufd_object_destroy_user+0x18e/0x220 [ 130.702759] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.703605] iommufd_access_destroy+0x43/0x70 [ 130.704239] iommufd_test_staccess_release+0x8d/0xd0 [ 130.704939] __fput+0x26d/0xa40 [ 130.705416] ____fput+0x1e/0x30 [ 130.705893] task_work_run+0x1a4/0x2d0 [ 130.706450] ? __pfx_task_work_run+0x10/0x10 [ 130.707278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.708123] ? switch_task_namespaces+0xa9/0xe0 [ 130.708786] do_exit+0xb17/0x2ef0 [ 130.709269] ? lock_acquire+0x427/0x4c0 [ 130.709827] ? __pfx_lock_release+0x10/0x10 [ 130.710415] ? __kasan_check_write+0x18/0x20 [ 130.711098] ? do_raw_spin_lock+0x132/0x2a0 [ 130.711874] ? __pfx_do_exit+0x10/0x10 [ 130.712295] ? debug_smp_processor_id+0x20/0x30 [ 130.712789] ? rcu_is_watching+0x19/0xb0 [ 130.713217] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.713699] ? trace_hardirqs_on+0x26/0x120 [ 130.714161] do_group_exit+0xe0/0x2b0 [ 130.714626] __x64_sys_exit_group+0x47/0x50 [ 130.715085] do_syscall_64+0x3b/0x90 [ 130.715518] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.716223] RIP: 0033:0x7f4b87518a4d [ 130.716770] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.717426] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.718231] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.719015] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.719849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.720869] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.721614] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.722365] [ 130.722647] irq event stamp: 0 [ 130.722978] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.723660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.724652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.725671] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.726332] ---[ end trace 0000000000000000 ]--- [ 130.727259] ------------[ cut here ]------------ [ 130.727769] WARNING: CPU: 0 PID: 1218 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.729093] Modules linked in: [ 130.729441] CPU: 0 PID: 1218 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.730368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.731657] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.732226] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.734427] RSP: 0018:ffff88800ef07b78 EFLAGS: 00010246 [ 130.735029] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.735798] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 130.736547] RBP: ffff88800ef07b98 R08: ffffed1002f0313e R09: ffffed1002f0313e [ 130.737288] R10: ffff8880178189ef R11: ffffed1002f0313d R12: ffff888017818a90 [ 130.738039] R13: ffff8880178188a8 R14: ffffffffffffffff R15: ffff88800ef07c60 [ 130.739127] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 130.739984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.740588] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 130.741335] PKRU: 55555554 [ 130.741639] Call Trace: [ 130.741914] [ 130.742159] iommufd_ioas_destroy+0x53/0x70 [ 130.742680] iommufd_fops_release+0x1f7/0x370 [ 130.743189] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.743734] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.744258] ? write_comp_data+0x2f/0x90 [ 130.744725] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.745272] __fput+0x26d/0xa40 [ 130.745648] ____fput+0x1e/0x30 [ 130.746015] task_work_run+0x1a4/0x2d0 [ 130.746435] ? __pfx_task_work_run+0x10/0x10 [ 130.746949] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.747489] ? switch_task_namespaces+0xa9/0xe0 [ 130.748008] do_exit+0xb17/0x2ef0 [ 130.748381] ? lock_acquire+0x427/0x4c0 [ 130.748811] ? __pfx_lock_release+0x10/0x10 [ 130.749272] ? __kasan_check_write+0x18/0x20 [ 130.749741] ? do_raw_spin_lock+0x132/0x2a0 [ 130.750205] ? __pfx_do_exit+0x10/0x10 [ 130.750676] ? debug_smp_processor_id+0x20/0x30 [ 130.751199] ? rcu_is_watching+0x19/0xb0 [ 130.751635] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.752119] ? trace_hardirqs_on+0x26/0x120 [ 130.752586] do_group_exit+0xe0/0x2b0 [ 130.752996] __x64_sys_exit_group+0x47/0x50 [ 130.753448] do_syscall_64+0x3b/0x90 [ 130.753851] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.754400] RIP: 0033:0x7f4b87518a4d [ 130.754825] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.755492] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.756303] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.757066] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.757828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.758623] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.759417] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.760187] [ 130.760441] irq event stamp: 0 [ 130.760777] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.761433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.762298] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.763229] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.763911] ---[ end trace 0000000000000000 ]--- [ 130.772382] ------------[ cut here ]------------ [ 130.773100] WARNING: CPU: 1 PID: 1219 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.774750] Modules linked in: [ 130.775221] CPU: 1 PID: 1219 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.776377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.778089] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.778806] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.781455] RSP: 0018:ffff888016dbfbb8 EFLAGS: 00010246 [ 130.782171] RAX: 0000000000000000 RBX: ffff88801826d8a8 RCX: 0000000000000000 [ 130.783182] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 130.784375] RBP: ffff888016dbfbd0 R08: ffffed100304db33 R09: ffffed100304db33 [ 130.785315] R10: ffff88801826d993 R11: ffffed100304db32 R12: ffff888014583800 [ 130.786256] R13: ffff88801826d9e8 R14: ffffffff8352e670 R15: ffff888016dbfe68 [ 130.787506] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 130.788573] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.789342] CR2: 00007f4b877410e8 CR3: 0000000020fc8000 CR4: 0000000000750ee0 [ 130.790583] PKRU: 55555554 [ 130.790972] Call Trace: [ 130.791339] [ 130.791650] __iommufd_access_detach+0x1c2/0x2b0 [ 130.792315] iommufd_access_change_pt+0x149/0x270 [ 130.793219] iommufd_access_replace+0xb4/0x120 [ 130.793846] iommufd_test+0x3e5/0x37e0 [ 130.794372] ? lock_release+0x532/0x770 [ 130.794967] ? __might_fault+0x102/0x1b0 [ 130.795582] ? lock_acquire+0x427/0x4c0 [ 130.796293] ? __pfx_iommufd_test+0x10/0x10 [ 130.796874] ? __pfx_lock_release+0x10/0x10 [ 130.797465] ? __pfx_lock_acquire+0x10/0x10 [ 130.798057] ? write_comp_data+0x2f/0x90 [ 130.798954] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.799653] ? write_comp_data+0x2f/0x90 [ 130.800214] iommufd_fops_ioctl+0x37d/0x510 [ 130.800802] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.801457] ? write_comp_data+0x2f/0x90 [ 130.802019] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.802742] __x64_sys_ioctl+0x1a3/0x230 [ 130.803539] do_syscall_64+0x3b/0x90 [ 130.804062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.804768] RIP: 0033:0x7f4b8743ee5d [ 130.805270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.808001] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.809022] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.810174] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.811165] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.812129] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.813289] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.814242] [ 130.814608] irq event stamp: 0 [ 130.815040] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.816124] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.817227] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.818318] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.819443] ---[ end trace 0000000000000000 ]--- [ 130.826155] ------------[ cut here ]------------ [ 130.826882] WARNING: CPU: 1 PID: 1219 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.828254] Modules linked in: [ 130.828816] CPU: 1 PID: 1219 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.830088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.831706] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.832503] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.835206] RSP: 0018:ffff888016dbfbd0 EFLAGS: 00010246 [ 130.835921] RAX: 0000000000000000 RBX: ffff88801826d8a8 RCX: 0000000000000000 [ 130.836874] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 130.838017] RBP: ffff888016dbfbe8 R08: ffffed100304db33 R09: ffffed100304db33 [ 130.838973] R10: ffff88801826d993 R11: ffffed100304db32 R12: ffff888014611000 [ 130.839969] R13: ffff88801826d9e8 R14: ffff888012bf9700 R15: 0000000000000000 [ 130.841008] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 130.842039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.842934] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 130.843961] PKRU: 55555554 [ 130.844333] Call Trace: [ 130.844665] [ 130.844965] iommufd_access_destroy_object+0x65/0x170 [ 130.845755] iommufd_object_destroy_user+0x18e/0x220 [ 130.846575] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.847417] iommufd_access_destroy+0x43/0x70 [ 130.847878] iommufd_test_staccess_release+0x8d/0xd0 [ 130.848363] __fput+0x26d/0xa40 [ 130.848693] ____fput+0x1e/0x30 [ 130.849052] task_work_run+0x1a4/0x2d0 [ 130.849552] ? __pfx_task_work_run+0x10/0x10 [ 130.849972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.850436] ? switch_task_namespaces+0xa9/0xe0 [ 130.850941] do_exit+0xb17/0x2ef0 [ 130.851286] ? lock_acquire+0x427/0x4c0 [ 130.851670] ? __pfx_lock_release+0x10/0x10 [ 130.852086] ? __kasan_check_write+0x18/0x20 [ 130.852507] ? do_raw_spin_lock+0x132/0x2a0 [ 130.852981] ? __pfx_do_exit+0x10/0x10 [ 130.853534] ? debug_smp_processor_id+0x20/0x30 [ 130.853981] ? rcu_is_watching+0x19/0xb0 [ 130.854366] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.854815] ? trace_hardirqs_on+0x26/0x120 [ 130.855241] do_group_exit+0xe0/0x2b0 [ 130.855606] __x64_sys_exit_group+0x47/0x50 [ 130.856014] do_syscall_64+0x3b/0x90 [ 130.856378] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.856968] RIP: 0033:0x7f4b87518a4d [ 130.857472] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.858066] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.858816] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.859509] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.860179] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.860868] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.861733] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.862421] [ 130.862674] irq event stamp: 0 [ 130.862971] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.863571] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.864365] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.865428] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.866031] ---[ end trace 0000000000000000 ]--- [ 130.868820] ------------[ cut here ]------------ [ 130.869294] WARNING: CPU: 1 PID: 1219 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.870254] Modules linked in: [ 130.870604] CPU: 1 PID: 1219 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.871623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.872676] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.873166] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.875050] RSP: 0018:ffff888016dbfb78 EFLAGS: 00010246 [ 130.875566] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.876236] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 130.877087] RBP: ffff888016dbfb98 R08: ffffed100304db3e R09: ffffed100304db3e [ 130.877762] R10: ffff88801826d9ef R11: ffffed100304db3d R12: ffff88801826da90 [ 130.878437] R13: ffff88801826d8a8 R14: ffffffffffffffff R15: ffff888016dbfc60 [ 130.879138] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 130.880098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.880647] CR2: 00007f82e2a9c000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 130.881331] PKRU: 55555554 [ 130.881601] Call Trace: [ 130.881844] [ 130.882062] iommufd_ioas_destroy+0x53/0x70 [ 130.882581] iommufd_fops_release+0x1f7/0x370 [ 130.883103] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.883602] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.884079] ? write_comp_data+0x2f/0x90 [ 130.884488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.884971] __fput+0x26d/0xa40 [ 130.885332] ____fput+0x1e/0x30 [ 130.885770] task_work_run+0x1a4/0x2d0 [ 130.886155] ? __pfx_task_work_run+0x10/0x10 [ 130.886600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.887066] ? switch_task_namespaces+0xa9/0xe0 [ 130.887549] do_exit+0xb17/0x2ef0 [ 130.887890] ? lock_acquire+0x427/0x4c0 [ 130.888423] ? __pfx_lock_release+0x10/0x10 [ 130.888850] ? __kasan_check_write+0x18/0x20 [ 130.889279] ? do_raw_spin_lock+0x132/0x2a0 [ 130.889693] ? __pfx_do_exit+0x10/0x10 [ 130.890074] ? debug_smp_processor_id+0x20/0x30 [ 130.890544] ? rcu_is_watching+0x19/0xb0 [ 130.890996] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.891509] ? trace_hardirqs_on+0x26/0x120 [ 130.891938] do_group_exit+0xe0/0x2b0 [ 130.892315] __x64_sys_exit_group+0x47/0x50 [ 130.892726] do_syscall_64+0x3b/0x90 [ 130.893095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.893599] RIP: 0033:0x7f4b87518a4d [ 130.894056] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.894731] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.895470] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.896142] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.896968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.897647] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.898328] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.899031] [ 130.899275] irq event stamp: 0 [ 130.899669] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.900339] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.901121] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.901911] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.902740] ---[ end trace 0000000000000000 ]--- [ 130.908663] ------------[ cut here ]------------ [ 130.909162] WARNING: CPU: 1 PID: 1220 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.910317] Modules linked in: [ 130.910703] CPU: 1 PID: 1220 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.911535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.912590] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.913270] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.914986] RSP: 0018:ffff888016cf7bb8 EFLAGS: 00010246 [ 130.915506] RAX: 0000000000000000 RBX: ffff88800cb978a8 RCX: 0000000000000000 [ 130.916375] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 130.917059] RBP: ffff888016cf7bd0 R08: ffffed1001972f33 R09: ffffed1001972f33 [ 130.917720] R10: ffff88800cb97993 R11: ffffed1001972f32 R12: ffff888010825c00 [ 130.918419] R13: ffff88800cb979e8 R14: ffffffff8352e670 R15: ffff888016cf7e68 [ 130.919230] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 130.919978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.920520] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 130.921295] PKRU: 55555554 [ 130.921638] Call Trace: [ 130.921878] [ 130.922094] __iommufd_access_detach+0x1c2/0x2b0 [ 130.922576] iommufd_access_change_pt+0x149/0x270 [ 130.923038] iommufd_access_replace+0xb4/0x120 [ 130.923493] iommufd_test+0x3e5/0x37e0 [ 130.923888] ? lock_release+0x532/0x770 [ 130.924388] ? __might_fault+0x102/0x1b0 [ 130.924782] ? lock_acquire+0x427/0x4c0 [ 130.925176] ? __pfx_iommufd_test+0x10/0x10 [ 130.925582] ? __pfx_lock_release+0x10/0x10 [ 130.925999] ? __pfx_lock_acquire+0x10/0x10 [ 130.926428] ? write_comp_data+0x2f/0x90 [ 130.926952] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.927504] ? write_comp_data+0x2f/0x90 [ 130.927899] iommufd_fops_ioctl+0x37d/0x510 [ 130.928308] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.928773] ? write_comp_data+0x2f/0x90 [ 130.929173] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.929737] __x64_sys_ioctl+0x1a3/0x230 [ 130.930208] do_syscall_64+0x3b/0x90 [ 130.930591] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.931084] RIP: 0033:0x7f4b8743ee5d [ 130.931454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 130.933267] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 130.934123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 130.934816] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.935500] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 130.936161] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 130.936900] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 130.937689] [ 130.937910] irq event stamp: 0 [ 130.938199] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.938800] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.939584] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.940428] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.941229] ---[ end trace 0000000000000000 ]--- [ 130.946218] ------------[ cut here ]------------ [ 130.946793] WARNING: CPU: 1 PID: 1220 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 130.947754] Modules linked in: [ 130.948051] CPU: 1 PID: 1220 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.949116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.950151] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 130.950638] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 130.952510] RSP: 0018:ffff888016cf7bd0 EFLAGS: 00010246 [ 130.953005] RAX: 0000000000000000 RBX: ffff88800cb978a8 RCX: 0000000000000000 [ 130.953657] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 130.954309] RBP: ffff888016cf7be8 R08: ffffed1001972f33 R09: ffffed1001972f33 [ 130.954980] R10: ffff88800cb97993 R11: ffffed1001972f32 R12: ffff888014582800 [ 130.955760] R13: ffff88800cb979e8 R14: ffff888013c90a00 R15: 0000000000000000 [ 130.956623] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 130.957369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.957912] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 130.958596] PKRU: 55555554 [ 130.958863] Call Trace: [ 130.959105] [ 130.959391] iommufd_access_destroy_object+0x65/0x170 [ 130.960088] iommufd_object_destroy_user+0x18e/0x220 [ 130.960567] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 130.961112] iommufd_access_destroy+0x43/0x70 [ 130.961551] iommufd_test_staccess_release+0x8d/0xd0 [ 130.962039] __fput+0x26d/0xa40 [ 130.962372] ____fput+0x1e/0x30 [ 130.962717] task_work_run+0x1a4/0x2d0 [ 130.963149] ? __pfx_task_work_run+0x10/0x10 [ 130.963742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.964203] ? switch_task_namespaces+0xa9/0xe0 [ 130.964651] do_exit+0xb17/0x2ef0 [ 130.964977] ? lock_acquire+0x427/0x4c0 [ 130.965362] ? __pfx_lock_release+0x10/0x10 [ 130.965763] ? __kasan_check_write+0x18/0x20 [ 130.966157] ? do_raw_spin_lock+0x132/0x2a0 [ 130.966564] ? __pfx_do_exit+0x10/0x10 [ 130.966977] ? debug_smp_processor_id+0x20/0x30 [ 130.967532] ? rcu_is_watching+0x19/0xb0 [ 130.967898] ? _raw_spin_unlock_irq+0x2b/0x60 [ 130.968304] ? trace_hardirqs_on+0x26/0x120 [ 130.968691] do_group_exit+0xe0/0x2b0 [ 130.969031] __x64_sys_exit_group+0x47/0x50 [ 130.969419] do_syscall_64+0x3b/0x90 [ 130.969767] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 130.970235] RIP: 0033:0x7f4b87518a4d [ 130.970681] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 130.971328] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 130.972000] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 130.972625] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 130.973253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 130.973903] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 130.974704] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 130.975353] [ 130.975564] irq event stamp: 0 [ 130.975839] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 130.976397] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 130.977171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 130.978036] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 130.978617] ---[ end trace 0000000000000000 ]--- [ 130.981179] ------------[ cut here ]------------ [ 130.981626] WARNING: CPU: 1 PID: 1220 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 130.982551] Modules linked in: [ 130.982976] CPU: 1 PID: 1220 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 130.983750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 130.984728] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 130.985178] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 130.986929] RSP: 0018:ffff888016cf7b78 EFLAGS: 00010246 [ 130.987408] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 130.988035] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 130.988810] RBP: ffff888016cf7b98 R08: ffffed1001972f3e R09: ffffed1001972f3e [ 130.989433] R10: ffff88800cb979ef R11: ffffed1001972f3d R12: ffff88800cb97a90 [ 130.990050] R13: ffff88800cb978a8 R14: ffffffffffffffff R15: ffff888016cf7c60 [ 130.990728] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 130.991535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 130.992043] CR2: 00007f82e2aa6028 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 130.992664] PKRU: 55555554 [ 130.992915] Call Trace: [ 130.993142] [ 130.993429] iommufd_ioas_destroy+0x53/0x70 [ 130.993889] iommufd_fops_release+0x1f7/0x370 [ 130.994288] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.994750] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.995203] ? write_comp_data+0x2f/0x90 [ 130.995578] ? __pfx_iommufd_fops_release+0x10/0x10 [ 130.996115] __fput+0x26d/0xa40 [ 130.996493] ____fput+0x1e/0x30 [ 130.996796] task_work_run+0x1a4/0x2d0 [ 130.997152] ? __pfx_task_work_run+0x10/0x10 [ 130.997547] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 130.997983] ? switch_task_namespaces+0xa9/0xe0 [ 130.998406] do_exit+0xb17/0x2ef0 [ 130.998826] ? lock_acquire+0x427/0x4c0 [ 130.999222] ? __pfx_lock_release+0x10/0x10 [ 130.999611] ? __kasan_check_write+0x18/0x20 [ 131.000007] ? do_raw_spin_lock+0x132/0x2a0 [ 131.000390] ? __pfx_do_exit+0x10/0x10 [ 131.000744] ? debug_smp_processor_id+0x20/0x30 [ 131.001160] ? rcu_is_watching+0x19/0xb0 [ 131.001607] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.002063] ? trace_hardirqs_on+0x26/0x120 [ 131.002457] do_group_exit+0xe0/0x2b0 [ 131.002821] __x64_sys_exit_group+0x47/0x50 [ 131.003221] do_syscall_64+0x3b/0x90 [ 131.003563] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.004036] RIP: 0033:0x7f4b87518a4d [ 131.004380] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.004929] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.005611] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.006405] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.007057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.007691] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.008311] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.008944] [ 131.009207] irq event stamp: 0 [ 131.009573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.010130] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.010894] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.011634] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.012218] ---[ end trace 0000000000000000 ]--- [ 131.017910] ------------[ cut here ]------------ [ 131.018363] WARNING: CPU: 1 PID: 1221 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.019407] Modules linked in: [ 131.019769] CPU: 1 PID: 1221 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.020532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.021515] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.022045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.023765] RSP: 0018:ffff88801824fbb8 EFLAGS: 00010246 [ 131.024229] RAX: 0000000000000000 RBX: ffff888011d9f8a8 RCX: 0000000000000000 [ 131.024845] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 131.025658] RBP: ffff88801824fbd0 R08: ffffed10023b3f33 R09: ffffed10023b3f33 [ 131.026283] R10: ffff888011d9f993 R11: ffffed10023b3f32 R12: ffff88801890e800 [ 131.026929] R13: ffff888011d9f9e8 R14: ffffffff8352e670 R15: ffff88801824fe68 [ 131.027571] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.028365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.028975] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 131.029605] PKRU: 55555554 [ 131.029858] Call Trace: [ 131.030084] [ 131.030283] __iommufd_access_detach+0x1c2/0x2b0 [ 131.030740] iommufd_access_change_pt+0x149/0x270 [ 131.031187] iommufd_access_replace+0xb4/0x120 [ 131.031697] iommufd_test+0x3e5/0x37e0 [ 131.032093] ? lock_release+0x532/0x770 [ 131.032460] ? __might_fault+0x102/0x1b0 [ 131.032829] ? lock_acquire+0x427/0x4c0 [ 131.033192] ? __pfx_iommufd_test+0x10/0x10 [ 131.033578] ? __pfx_lock_release+0x10/0x10 [ 131.033987] ? __pfx_lock_acquire+0x10/0x10 [ 131.034538] ? write_comp_data+0x2f/0x90 [ 131.034913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.035366] ? write_comp_data+0x2f/0x90 [ 131.035735] iommufd_fops_ioctl+0x37d/0x510 [ 131.036125] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.036568] ? write_comp_data+0x2f/0x90 [ 131.036943] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.037467] __x64_sys_ioctl+0x1a3/0x230 [ 131.037925] do_syscall_64+0x3b/0x90 [ 131.038268] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.038764] RIP: 0033:0x7f4b8743ee5d [ 131.039099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.040797] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.041557] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.042179] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.042833] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.043495] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.044251] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.044886] [ 131.045094] irq event stamp: 0 [ 131.045372] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.045929] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.046855] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.047597] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.048153] ---[ end trace 0000000000000000 ]--- [ 131.051454] ------------[ cut here ]------------ [ 131.051998] WARNING: CPU: 1 PID: 1221 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.052935] Modules linked in: [ 131.053215] CPU: 1 PID: 1221 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.053975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.055263] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.055732] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.057427] RSP: 0018:ffff88801824fbd0 EFLAGS: 00010246 [ 131.058029] RAX: 0000000000000000 RBX: ffff888011d9f8a8 RCX: 0000000000000000 [ 131.058813] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 131.059480] RBP: ffff88801824fbe8 R08: ffffed10023b3f33 R09: ffffed10023b3f33 [ 131.060134] R10: ffff888011d9f993 R11: ffffed10023b3f32 R12: ffff888010824c00 [ 131.060848] R13: ffff888011d9f9e8 R14: ffff88800fd0e000 R15: 0000000000000000 [ 131.061638] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.062372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.062930] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 131.063598] PKRU: 55555554 [ 131.063932] Call Trace: [ 131.064200] [ 131.064519] iommufd_access_destroy_object+0x65/0x170 [ 131.065009] iommufd_object_destroy_user+0x18e/0x220 [ 131.065488] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.066033] iommufd_access_destroy+0x43/0x70 [ 131.066501] iommufd_test_staccess_release+0x8d/0xd0 [ 131.067108] __fput+0x26d/0xa40 [ 131.067446] ____fput+0x1e/0x30 [ 131.067763] task_work_run+0x1a4/0x2d0 [ 131.068136] ? __pfx_task_work_run+0x10/0x10 [ 131.068555] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.069020] ? switch_task_namespaces+0xa9/0xe0 [ 131.069471] do_exit+0xb17/0x2ef0 [ 131.069905] ? lock_acquire+0x427/0x4c0 [ 131.070386] ? __pfx_lock_release+0x10/0x10 [ 131.070833] ? __kasan_check_write+0x18/0x20 [ 131.071264] ? do_raw_spin_lock+0x132/0x2a0 [ 131.071669] ? __pfx_do_exit+0x10/0x10 [ 131.072047] ? debug_smp_processor_id+0x20/0x30 [ 131.072489] ? rcu_is_watching+0x19/0xb0 [ 131.072891] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.073466] ? trace_hardirqs_on+0x26/0x120 [ 131.073879] do_group_exit+0xe0/0x2b0 [ 131.074232] __x64_sys_exit_group+0x47/0x50 [ 131.074661] do_syscall_64+0x3b/0x90 [ 131.075018] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.075525] RIP: 0033:0x7f4b87518a4d [ 131.075878] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.076551] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.077344] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.078004] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.078694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.079368] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.080221] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.080888] [ 131.081108] irq event stamp: 0 [ 131.081402] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.081988] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.083013] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.083817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.084402] ---[ end trace 0000000000000000 ]--- [ 131.085226] ------------[ cut here ]------------ [ 131.085866] WARNING: CPU: 1 PID: 1221 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.086948] Modules linked in: [ 131.087271] CPU: 1 PID: 1221 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.088085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.089311] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.089800] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.091546] RSP: 0018:ffff88801824fb78 EFLAGS: 00010246 [ 131.092049] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.092810] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 131.093652] RBP: ffff88801824fb98 R08: ffffed10023b3f3e R09: ffffed10023b3f3e [ 131.094307] R10: ffff888011d9f9ef R11: ffffed10023b3f3d R12: ffff888011d9fa90 [ 131.094989] R13: ffff888011d9f8a8 R14: ffffffffffffffff R15: ffff88801824fc60 [ 131.095664] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.096412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.097027] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 131.097879] PKRU: 55555554 [ 131.098145] Call Trace: [ 131.098387] [ 131.098631] iommufd_ioas_destroy+0x53/0x70 [ 131.099044] iommufd_fops_release+0x1f7/0x370 [ 131.099479] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.099946] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.100407] ? write_comp_data+0x2f/0x90 [ 131.100797] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.101294] __fput+0x26d/0xa40 [ 131.101774] ____fput+0x1e/0x30 [ 131.102103] task_work_run+0x1a4/0x2d0 [ 131.102477] ? __pfx_task_work_run+0x10/0x10 [ 131.102929] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.103400] ? switch_task_namespaces+0xa9/0xe0 [ 131.103849] do_exit+0xb17/0x2ef0 [ 131.104176] ? lock_acquire+0x427/0x4c0 [ 131.104556] ? __pfx_lock_release+0x10/0x10 [ 131.104969] ? __kasan_check_write+0x18/0x20 [ 131.105394] ? do_raw_spin_lock+0x132/0x2a0 [ 131.105883] ? __pfx_do_exit+0x10/0x10 [ 131.106425] ? debug_smp_processor_id+0x20/0x30 [ 131.106907] ? rcu_is_watching+0x19/0xb0 [ 131.107299] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.107731] ? trace_hardirqs_on+0x26/0x120 [ 131.108140] do_group_exit+0xe0/0x2b0 [ 131.108496] __x64_sys_exit_group+0x47/0x50 [ 131.108897] do_syscall_64+0x3b/0x90 [ 131.109247] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.109735] RIP: 0033:0x7f4b87518a4d [ 131.110084] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.110843] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.111724] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.112377] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.113033] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.113691] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.114357] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.115062] [ 131.115370] irq event stamp: 0 [ 131.115761] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.116458] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.117241] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.118023] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.118641] ---[ end trace 0000000000000000 ]--- [ 131.126012] ------------[ cut here ]------------ [ 131.126711] WARNING: CPU: 1 PID: 1222 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.127673] Modules linked in: [ 131.127972] CPU: 1 PID: 1222 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.128778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.130001] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.130672] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.132359] RSP: 0018:ffff888016cf7bb8 EFLAGS: 00010246 [ 131.132858] RAX: 0000000000000000 RBX: ffff8880178190a8 RCX: 0000000000000000 [ 131.133521] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 131.134469] RBP: ffff888016cf7bd0 R08: ffffed1002f03233 R09: ffffed1002f03233 [ 131.135180] R10: ffff888017819193 R11: ffffed1002f03232 R12: ffff88800b9b5c00 [ 131.135843] R13: ffff8880178191e8 R14: ffffffff8352e670 R15: ffff888016cf7e68 [ 131.136504] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.137249] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.137975] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 131.138793] PKRU: 55555554 [ 131.139059] Call Trace: [ 131.139310] [ 131.139524] __iommufd_access_detach+0x1c2/0x2b0 [ 131.139996] iommufd_access_change_pt+0x149/0x270 [ 131.140459] iommufd_access_replace+0xb4/0x120 [ 131.140899] iommufd_test+0x3e5/0x37e0 [ 131.141271] ? lock_release+0x532/0x770 [ 131.141776] ? __might_fault+0x102/0x1b0 [ 131.142308] ? lock_acquire+0x427/0x4c0 [ 131.142718] ? __pfx_iommufd_test+0x10/0x10 [ 131.143122] ? __pfx_lock_release+0x10/0x10 [ 131.143538] ? __pfx_lock_acquire+0x10/0x10 [ 131.143957] ? write_comp_data+0x2f/0x90 [ 131.144353] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.144815] ? write_comp_data+0x2f/0x90 [ 131.145312] iommufd_fops_ioctl+0x37d/0x510 [ 131.145849] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.146311] ? write_comp_data+0x2f/0x90 [ 131.146725] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.147199] __x64_sys_ioctl+0x1a3/0x230 [ 131.147596] do_syscall_64+0x3b/0x90 [ 131.148004] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.148625] RIP: 0033:0x7f4b8743ee5d [ 131.148977] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.150759] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.151576] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.152236] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.152896] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.153561] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.154220] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.154925] [ 131.155162] irq event stamp: 0 [ 131.155455] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.156210] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.156990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.157764] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.158376] ---[ end trace 0000000000000000 ]--- [ 131.161709] ------------[ cut here ]------------ [ 131.162189] WARNING: CPU: 1 PID: 1222 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.163201] Modules linked in: [ 131.163504] CPU: 1 PID: 1222 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.164520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.165559] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.166022] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.167939] RSP: 0018:ffff888016cf7bd0 EFLAGS: 00010246 [ 131.168442] RAX: 0000000000000000 RBX: ffff8880178190a8 RCX: 0000000000000000 [ 131.169099] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 131.169756] RBP: ffff888016cf7be8 R08: ffffed1002f03233 R09: ffffed1002f03233 [ 131.170422] R10: ffff888017819193 R11: ffffed1002f03232 R12: ffff88801890d400 [ 131.171367] R13: ffff8880178191e8 R14: ffff88802181ac00 R15: 0000000000000000 [ 131.172180] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.172925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.173459] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 131.174116] PKRU: 55555554 [ 131.174388] Call Trace: [ 131.174660] [ 131.174875] iommufd_access_destroy_object+0x65/0x170 [ 131.175385] iommufd_object_destroy_user+0x18e/0x220 [ 131.175950] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.176722] iommufd_access_destroy+0x43/0x70 [ 131.177155] iommufd_test_staccess_release+0x8d/0xd0 [ 131.177633] __fput+0x26d/0xa40 [ 131.177955] ____fput+0x1e/0x30 [ 131.178272] task_work_run+0x1a4/0x2d0 [ 131.178677] ? __pfx_task_work_run+0x10/0x10 [ 131.179096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.179576] ? switch_task_namespaces+0xa9/0xe0 [ 131.180028] do_exit+0xb17/0x2ef0 [ 131.180405] ? lock_acquire+0x427/0x4c0 [ 131.180977] ? __pfx_lock_release+0x10/0x10 [ 131.181390] ? __kasan_check_write+0x18/0x20 [ 131.181805] ? do_raw_spin_lock+0x132/0x2a0 [ 131.182208] ? __pfx_do_exit+0x10/0x10 [ 131.182619] ? debug_smp_processor_id+0x20/0x30 [ 131.183062] ? rcu_is_watching+0x19/0xb0 [ 131.183457] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.183886] ? trace_hardirqs_on+0x26/0x120 [ 131.184301] do_group_exit+0xe0/0x2b0 [ 131.184702] __x64_sys_exit_group+0x47/0x50 [ 131.185229] do_syscall_64+0x3b/0x90 [ 131.185736] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.186226] RIP: 0033:0x7f4b87518a4d [ 131.186606] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.187199] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.187911] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.188573] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.189230] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.189991] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.190868] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.191550] [ 131.191765] irq event stamp: 0 [ 131.192054] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.192633] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.193409] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.194286] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.195156] ---[ end trace 0000000000000000 ]--- [ 131.196018] ------------[ cut here ]------------ [ 131.196461] WARNING: CPU: 1 PID: 1222 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.197420] Modules linked in: [ 131.197723] CPU: 1 PID: 1222 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.198623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.199797] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.200392] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.202076] RSP: 0018:ffff888016cf7b78 EFLAGS: 00010246 [ 131.202603] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.203274] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 131.204145] RBP: ffff888016cf7b98 R08: ffffed1002f0323e R09: ffffed1002f0323e [ 131.204951] R10: ffff8880178191ef R11: ffffed1002f0323d R12: ffff888017819290 [ 131.205614] R13: ffff8880178190a8 R14: ffffffffffffffff R15: ffff888016cf7c60 [ 131.206270] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.207048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.207608] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 131.208387] PKRU: 55555554 [ 131.208729] Call Trace: [ 131.208967] [ 131.209179] iommufd_ioas_destroy+0x53/0x70 [ 131.209590] iommufd_fops_release+0x1f7/0x370 [ 131.210015] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.210486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.210989] ? write_comp_data+0x2f/0x90 [ 131.211391] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.211862] __fput+0x26d/0xa40 [ 131.212205] ____fput+0x1e/0x30 [ 131.212618] task_work_run+0x1a4/0x2d0 [ 131.213122] ? __pfx_task_work_run+0x10/0x10 [ 131.213543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.214003] ? switch_task_namespaces+0xa9/0xe0 [ 131.214446] do_exit+0xb17/0x2ef0 [ 131.214802] ? lock_acquire+0x427/0x4c0 [ 131.215203] ? __pfx_lock_release+0x10/0x10 [ 131.215612] ? __kasan_check_write+0x18/0x20 [ 131.216031] ? do_raw_spin_lock+0x132/0x2a0 [ 131.216544] ? __pfx_do_exit+0x10/0x10 [ 131.217022] ? debug_smp_processor_id+0x20/0x30 [ 131.217456] ? rcu_is_watching+0x19/0xb0 [ 131.217836] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.218261] ? trace_hardirqs_on+0x26/0x120 [ 131.218693] do_group_exit+0xe0/0x2b0 [ 131.219053] __x64_sys_exit_group+0x47/0x50 [ 131.219469] do_syscall_64+0x3b/0x90 [ 131.219863] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.220492] RIP: 0033:0x7f4b87518a4d [ 131.220967] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.221543] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.222247] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.222930] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.223604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.224486] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.225231] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.225900] [ 131.226125] irq event stamp: 0 [ 131.226419] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.227019] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.227916] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.228888] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.229478] ---[ end trace 0000000000000000 ]--- [ 131.235740] ------------[ cut here ]------------ [ 131.236246] WARNING: CPU: 1 PID: 1223 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.237178] Modules linked in: [ 131.237475] CPU: 1 PID: 1223 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.238277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.239737] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.240200] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.241878] RSP: 0018:ffff88801824fbb8 EFLAGS: 00010246 [ 131.242371] RAX: 0000000000000000 RBX: ffff888015f308a8 RCX: 0000000000000000 [ 131.243336] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 131.243996] RBP: ffff88801824fbd0 R08: ffffed1002be6133 R09: ffffed1002be6133 [ 131.244648] R10: ffff888015f30993 R11: ffffed1002be6132 R12: ffff88801422d400 [ 131.245306] R13: ffff888015f309e8 R14: ffffffff8352e670 R15: ffff88801824fe68 [ 131.245966] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.246978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.247532] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 131.248200] PKRU: 55555554 [ 131.248464] Call Trace: [ 131.248701] [ 131.248909] __iommufd_access_detach+0x1c2/0x2b0 [ 131.249368] iommufd_access_change_pt+0x149/0x270 [ 131.249883] iommufd_access_replace+0xb4/0x120 [ 131.250476] iommufd_test+0x3e5/0x37e0 [ 131.250878] ? lock_release+0x532/0x770 [ 131.251271] ? __might_fault+0x102/0x1b0 [ 131.251660] ? lock_acquire+0x427/0x4c0 [ 131.252046] ? __pfx_iommufd_test+0x10/0x10 [ 131.252446] ? __pfx_lock_release+0x10/0x10 [ 131.252856] ? __pfx_lock_acquire+0x10/0x10 [ 131.253285] ? write_comp_data+0x2f/0x90 [ 131.253791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.254408] ? write_comp_data+0x2f/0x90 [ 131.254831] iommufd_fops_ioctl+0x37d/0x510 [ 131.255247] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.255705] ? write_comp_data+0x2f/0x90 [ 131.256088] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.256541] __x64_sys_ioctl+0x1a3/0x230 [ 131.256934] do_syscall_64+0x3b/0x90 [ 131.257333] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.258008] RIP: 0033:0x7f4b8743ee5d [ 131.258359] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.260090] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.260834] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.261649] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.262307] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.262985] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.263763] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.264528] [ 131.264750] irq event stamp: 0 [ 131.265043] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.265627] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.266532] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.267377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.267960] ---[ end trace 0000000000000000 ]--- [ 131.271129] ------------[ cut here ]------------ [ 131.271608] WARNING: CPU: 1 PID: 1223 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.272552] Modules linked in: [ 131.272856] CPU: 1 PID: 1223 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.273858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.274964] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.275440] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.277304] RSP: 0018:ffff88801824fbd0 EFLAGS: 00010246 [ 131.277801] RAX: 0000000000000000 RBX: ffff888015f308a8 RCX: 0000000000000000 [ 131.278461] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 131.279171] RBP: ffff88801824fbe8 R08: ffffed1002be6133 R09: ffffed1002be6133 [ 131.280012] R10: ffff888015f30993 R11: ffffed1002be6132 R12: ffff88800b9b4400 [ 131.280674] R13: ffff888015f309e8 R14: ffff888013c90700 R15: 0000000000000000 [ 131.281325] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.282063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.282792] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 131.283460] PKRU: 55555554 [ 131.283722] Call Trace: [ 131.283960] [ 131.284168] iommufd_access_destroy_object+0x65/0x170 [ 131.284652] iommufd_object_destroy_user+0x18e/0x220 [ 131.285152] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.285842] iommufd_access_destroy+0x43/0x70 [ 131.286266] iommufd_test_staccess_release+0x8d/0xd0 [ 131.286765] __fput+0x26d/0xa40 [ 131.287086] ____fput+0x1e/0x30 [ 131.287415] task_work_run+0x1a4/0x2d0 [ 131.287789] ? __pfx_task_work_run+0x10/0x10 [ 131.288202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.288838] ? switch_task_namespaces+0xa9/0xe0 [ 131.289279] do_exit+0xb17/0x2ef0 [ 131.289601] ? lock_acquire+0x427/0x4c0 [ 131.289977] ? __pfx_lock_release+0x10/0x10 [ 131.290387] ? __kasan_check_write+0x18/0x20 [ 131.290820] ? do_raw_spin_lock+0x132/0x2a0 [ 131.291233] ? __pfx_do_exit+0x10/0x10 [ 131.291615] ? debug_smp_processor_id+0x20/0x30 [ 131.292125] ? rcu_is_watching+0x19/0xb0 [ 131.292611] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.293160] ? trace_hardirqs_on+0x26/0x120 [ 131.293569] do_group_exit+0xe0/0x2b0 [ 131.293921] __x64_sys_exit_group+0x47/0x50 [ 131.294323] do_syscall_64+0x3b/0x90 [ 131.294708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.295214] RIP: 0033:0x7f4b87518a4d [ 131.295563] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.296126] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.296888] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.297805] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.298458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.299142] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.299801] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.300466] [ 131.300684] irq event stamp: 0 [ 131.300976] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.301742] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.302538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.303316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.303896] ---[ end trace 0000000000000000 ]--- [ 131.304876] ------------[ cut here ]------------ [ 131.305409] WARNING: CPU: 1 PID: 1223 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.306531] Modules linked in: [ 131.306830] CPU: 1 PID: 1223 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.307650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.308679] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.309151] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.311206] RSP: 0018:ffff88801824fb78 EFLAGS: 00010246 [ 131.311705] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.312354] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 131.313002] RBP: ffff88801824fb98 R08: ffffed1002be613e R09: ffffed1002be613e [ 131.313658] R10: ffff888015f309ef R11: ffffed1002be613d R12: ffff888015f30a90 [ 131.314584] R13: ffff888015f308a8 R14: ffffffffffffffff R15: ffff88801824fc60 [ 131.315250] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.315993] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.316528] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 131.317185] PKRU: 55555554 [ 131.317449] Call Trace: [ 131.317689] [ 131.317969] iommufd_ioas_destroy+0x53/0x70 [ 131.318501] iommufd_fops_release+0x1f7/0x370 [ 131.319096] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.319568] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.320028] ? write_comp_data+0x2f/0x90 [ 131.320414] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.320873] __fput+0x26d/0xa40 [ 131.321194] ____fput+0x1e/0x30 [ 131.321509] task_work_run+0x1a4/0x2d0 [ 131.321877] ? __pfx_task_work_run+0x10/0x10 [ 131.322294] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.322825] ? switch_task_namespaces+0xa9/0xe0 [ 131.323446] do_exit+0xb17/0x2ef0 [ 131.323767] ? lock_acquire+0x427/0x4c0 [ 131.324145] ? __pfx_lock_release+0x10/0x10 [ 131.324549] ? __kasan_check_write+0x18/0x20 [ 131.324964] ? do_raw_spin_lock+0x132/0x2a0 [ 131.325366] ? __pfx_do_exit+0x10/0x10 [ 131.325739] ? debug_smp_processor_id+0x20/0x30 [ 131.326172] ? rcu_is_watching+0x19/0xb0 [ 131.326580] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.326982] ? trace_hardirqs_on+0x26/0x120 [ 131.327399] do_group_exit+0xe0/0x2b0 [ 131.327841] __x64_sys_exit_group+0x47/0x50 [ 131.328308] do_syscall_64+0x3b/0x90 [ 131.328641] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.329100] RIP: 0033:0x7f4b87518a4d [ 131.329427] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.329963] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.330648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.331281] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.332082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.332698] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.333316] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.333951] [ 131.334159] irq event stamp: 0 [ 131.334438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.335100] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.335919] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.336650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.337197] ---[ end trace 0000000000000000 ]--- [ 131.341940] ------------[ cut here ]------------ [ 131.342550] WARNING: CPU: 1 PID: 1224 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.343449] Modules linked in: [ 131.343729] CPU: 1 PID: 1224 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.344491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.345636] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.346072] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.347765] RSP: 0018:ffff888016cf7bb8 EFLAGS: 00010246 [ 131.348293] RAX: 0000000000000000 RBX: ffff888010b9a8a8 RCX: 0000000000000000 [ 131.348906] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 131.349522] RBP: ffff888016cf7bd0 R08: ffffed1002173533 R09: ffffed1002173533 [ 131.350138] R10: ffff888010b9a993 R11: ffffed1002173532 R12: ffff88801890e400 [ 131.350827] R13: ffff888010b9a9e8 R14: ffffffff8352e670 R15: ffff888016cf7e68 [ 131.351524] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.352223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.352724] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 131.353348] PKRU: 55555554 [ 131.353685] Call Trace: [ 131.353983] [ 131.354185] __iommufd_access_detach+0x1c2/0x2b0 [ 131.354645] iommufd_access_change_pt+0x149/0x270 [ 131.355082] iommufd_access_replace+0xb4/0x120 [ 131.355496] iommufd_test+0x3e5/0x37e0 [ 131.355840] ? lock_release+0x532/0x770 [ 131.356202] ? __might_fault+0x102/0x1b0 [ 131.356721] ? lock_acquire+0x427/0x4c0 [ 131.357089] ? __pfx_iommufd_test+0x10/0x10 [ 131.357473] ? __pfx_lock_release+0x10/0x10 [ 131.357871] ? __pfx_lock_acquire+0x10/0x10 [ 131.358262] ? write_comp_data+0x2f/0x90 [ 131.358779] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.359226] ? write_comp_data+0x2f/0x90 [ 131.359599] iommufd_fops_ioctl+0x37d/0x510 [ 131.359983] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.360415] ? write_comp_data+0x2f/0x90 [ 131.360802] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.361354] __x64_sys_ioctl+0x1a3/0x230 [ 131.361731] do_syscall_64+0x3b/0x90 [ 131.362077] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.362565] RIP: 0033:0x7f4b8743ee5d [ 131.362926] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.364631] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.365455] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.366069] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.366716] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.367493] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.368120] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.368754] [ 131.368991] irq event stamp: 0 [ 131.369366] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.369916] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.370669] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.371563] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.372114] ---[ end trace 0000000000000000 ]--- [ 131.375929] ------------[ cut here ]------------ [ 131.376406] WARNING: CPU: 1 PID: 1224 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.377505] Modules linked in: [ 131.377811] CPU: 1 PID: 1224 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.378678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.379888] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.380350] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.382195] RSP: 0018:ffff888016cf7bd0 EFLAGS: 00010246 [ 131.382705] RAX: 0000000000000000 RBX: ffff888010b9a8a8 RCX: 0000000000000000 [ 131.383368] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 131.384181] RBP: ffff888016cf7be8 R08: ffffed1002173533 R09: ffffed1002173533 [ 131.384837] R10: ffff888010b9a993 R11: ffffed1002173532 R12: ffff88801422d800 [ 131.385502] R13: ffff888010b9a9e8 R14: ffff88800b591600 R15: 0000000000000000 [ 131.386318] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.387073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.387620] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 131.388449] PKRU: 55555554 [ 131.388712] Call Trace: [ 131.388952] [ 131.389162] iommufd_access_destroy_object+0x65/0x170 [ 131.389647] iommufd_object_destroy_user+0x18e/0x220 [ 131.390258] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.390816] iommufd_access_destroy+0x43/0x70 [ 131.391248] iommufd_test_staccess_release+0x8d/0xd0 [ 131.391723] __fput+0x26d/0xa40 [ 131.392044] ____fput+0x1e/0x30 [ 131.392486] task_work_run+0x1a4/0x2d0 [ 131.392858] ? __pfx_task_work_run+0x10/0x10 [ 131.393277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.393735] ? switch_task_namespaces+0xa9/0xe0 [ 131.394212] do_exit+0xb17/0x2ef0 [ 131.394686] ? lock_acquire+0x427/0x4c0 [ 131.395065] ? __pfx_lock_release+0x10/0x10 [ 131.395487] ? __kasan_check_write+0x18/0x20 [ 131.395902] ? do_raw_spin_lock+0x132/0x2a0 [ 131.396304] ? __pfx_do_exit+0x10/0x10 [ 131.396775] ? debug_smp_processor_id+0x20/0x30 [ 131.397264] ? rcu_is_watching+0x19/0xb0 [ 131.397652] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.398081] ? trace_hardirqs_on+0x26/0x120 [ 131.398489] do_group_exit+0xe0/0x2b0 [ 131.398953] __x64_sys_exit_group+0x47/0x50 [ 131.399392] do_syscall_64+0x3b/0x90 [ 131.399744] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.400223] RIP: 0033:0x7f4b87518a4d [ 131.400567] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.401299] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.402008] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.402682] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.403521] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.404181] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.404836] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.405665] [ 131.405886] irq event stamp: 0 [ 131.406178] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.406775] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.407709] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.408482] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.409062] ---[ end trace 0000000000000000 ]--- [ 131.411800] ------------[ cut here ]------------ [ 131.412269] WARNING: CPU: 1 PID: 1224 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.413207] Modules linked in: [ 131.413649] CPU: 1 PID: 1224 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.414453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.415601] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.416138] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.417935] RSP: 0018:ffff888016cf7b78 EFLAGS: 00010246 [ 131.418430] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.419135] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 131.419904] RBP: ffff888016cf7b98 R08: ffffed100217353e R09: ffffed100217353e [ 131.420625] R10: ffff888010b9a9ef R11: ffffed100217353d R12: ffff888010b9aa90 [ 131.421284] R13: ffff888010b9a8a8 R14: ffffffffffffffff R15: ffff888016cf7c60 [ 131.422046] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.422888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.423435] CR2: 00007f82e2ae1030 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 131.424187] PKRU: 55555554 [ 131.424519] Call Trace: [ 131.424760] [ 131.424972] iommufd_ioas_destroy+0x53/0x70 [ 131.425386] iommufd_fops_release+0x1f7/0x370 [ 131.425808] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.426413] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.426900] ? write_comp_data+0x2f/0x90 [ 131.427299] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.427766] __fput+0x26d/0xa40 [ 131.428090] ____fput+0x1e/0x30 [ 131.428509] task_work_run+0x1a4/0x2d0 [ 131.428940] ? __pfx_task_work_run+0x10/0x10 [ 131.429357] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.429817] ? switch_task_namespaces+0xa9/0xe0 [ 131.430265] do_exit+0xb17/0x2ef0 [ 131.430706] ? lock_acquire+0x427/0x4c0 [ 131.431107] ? __pfx_lock_release+0x10/0x10 [ 131.431531] ? __kasan_check_write+0x18/0x20 [ 131.431945] ? do_raw_spin_lock+0x132/0x2a0 [ 131.432354] ? __pfx_do_exit+0x10/0x10 [ 131.432801] ? debug_smp_processor_id+0x20/0x30 [ 131.433309] ? rcu_is_watching+0x19/0xb0 [ 131.433698] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.434120] ? trace_hardirqs_on+0x26/0x120 [ 131.434549] do_group_exit+0xe0/0x2b0 [ 131.435044] __x64_sys_exit_group+0x47/0x50 [ 131.435460] do_syscall_64+0x3b/0x90 [ 131.435825] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.436321] RIP: 0033:0x7f4b87518a4d [ 131.436670] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.437291] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.438085] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.438779] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.439473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.440236] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.440972] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.441650] [ 131.441880] irq event stamp: 0 [ 131.442178] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.442821] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.443750] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.444542] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.445139] ---[ end trace 0000000000000000 ]--- [ 131.451405] ------------[ cut here ]------------ [ 131.452019] WARNING: CPU: 1 PID: 1225 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.453046] Modules linked in: [ 131.453358] CPU: 1 PID: 1225 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.454187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.455542] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.456019] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.457891] RSP: 0018:ffff888014407bb8 EFLAGS: 00010246 [ 131.458399] RAX: 0000000000000000 RBX: ffff888016f680a8 RCX: 0000000000000000 [ 131.459093] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 131.459788] RBP: ffff888014407bd0 R08: ffffed1002ded033 R09: ffffed1002ded033 [ 131.460655] R10: ffff888016f68193 R11: ffffed1002ded032 R12: ffff888014140800 [ 131.461340] R13: ffff888016f681e8 R14: ffffffff8352e670 R15: ffff888014407e68 [ 131.462020] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.462812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.463583] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 131.464273] PKRU: 55555554 [ 131.464545] Call Trace: [ 131.464787] [ 131.465005] __iommufd_access_detach+0x1c2/0x2b0 [ 131.465484] iommufd_access_change_pt+0x149/0x270 [ 131.466063] iommufd_access_replace+0xb4/0x120 [ 131.466633] iommufd_test+0x3e5/0x37e0 [ 131.467014] ? lock_release+0x532/0x770 [ 131.467429] ? __might_fault+0x102/0x1b0 [ 131.467837] ? lock_acquire+0x427/0x4c0 [ 131.468229] ? __pfx_iommufd_test+0x10/0x10 [ 131.468637] ? __pfx_lock_release+0x10/0x10 [ 131.469058] ? __pfx_lock_acquire+0x10/0x10 [ 131.469522] ? write_comp_data+0x2f/0x90 [ 131.470066] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.470578] ? write_comp_data+0x2f/0x90 [ 131.470978] iommufd_fops_ioctl+0x37d/0x510 [ 131.471407] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.471885] ? write_comp_data+0x2f/0x90 [ 131.472315] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.472838] __x64_sys_ioctl+0x1a3/0x230 [ 131.473293] do_syscall_64+0x3b/0x90 [ 131.473805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.474631] RIP: 0033:0x7f4b8743ee5d [ 131.475028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.476923] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.477724] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.478614] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.479647] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.480393] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.481131] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.481873] [ 131.482116] irq event stamp: 0 [ 131.482437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.483106] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.483985] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.484840] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.485488] ---[ end trace 0000000000000000 ]--- [ 131.489010] ------------[ cut here ]------------ [ 131.489557] WARNING: CPU: 1 PID: 1225 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.490678] Modules linked in: [ 131.491012] CPU: 1 PID: 1225 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.491925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.493405] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.494104] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.496016] RSP: 0018:ffff888014407bd0 EFLAGS: 00010246 [ 131.496569] RAX: 0000000000000000 RBX: ffff888016f680a8 RCX: 0000000000000000 [ 131.497301] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 131.498094] RBP: ffff888014407be8 R08: ffffed1002ded033 R09: ffffed1002ded033 [ 131.499184] R10: ffff888016f68193 R11: ffffed1002ded032 R12: ffff88801890f400 [ 131.499928] R13: ffff888016f681e8 R14: ffff8880179cf000 R15: 0000000000000000 [ 131.500658] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.501484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.502090] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 131.502879] PKRU: 55555554 [ 131.503203] Call Trace: [ 131.503470] [ 131.503704] iommufd_access_destroy_object+0x65/0x170 [ 131.504404] iommufd_object_destroy_user+0x18e/0x220 [ 131.505161] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.505778] iommufd_access_destroy+0x43/0x70 [ 131.506257] iommufd_test_staccess_release+0x8d/0xd0 [ 131.506829] __fput+0x26d/0xa40 [ 131.507209] ____fput+0x1e/0x30 [ 131.507571] task_work_run+0x1a4/0x2d0 [ 131.507995] ? __pfx_task_work_run+0x10/0x10 [ 131.508471] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.508996] ? switch_task_namespaces+0xa9/0xe0 [ 131.509493] do_exit+0xb17/0x2ef0 [ 131.509859] ? lock_acquire+0x427/0x4c0 [ 131.510344] ? __pfx_lock_release+0x10/0x10 [ 131.511049] ? __kasan_check_write+0x18/0x20 [ 131.511531] ? do_raw_spin_lock+0x132/0x2a0 [ 131.511985] ? __pfx_do_exit+0x10/0x10 [ 131.512408] ? debug_smp_processor_id+0x20/0x30 [ 131.512907] ? rcu_is_watching+0x19/0xb0 [ 131.513338] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.513810] ? trace_hardirqs_on+0x26/0x120 [ 131.514269] do_group_exit+0xe0/0x2b0 [ 131.514710] __x64_sys_exit_group+0x47/0x50 [ 131.515183] do_syscall_64+0x3b/0x90 [ 131.515583] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.516182] RIP: 0033:0x7f4b87518a4d [ 131.516699] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.517483] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.518287] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.519075] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.519822] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.520554] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.521296] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.522252] [ 131.522653] irq event stamp: 0 [ 131.522985] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.523653] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.524507] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.525357] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.526005] ---[ end trace 0000000000000000 ]--- [ 131.527028] ------------[ cut here ]------------ [ 131.527547] WARNING: CPU: 1 PID: 1225 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.528620] Modules linked in: [ 131.528953] CPU: 1 PID: 1225 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.529863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.531137] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.531868] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.534046] RSP: 0018:ffff888014407b78 EFLAGS: 00010246 [ 131.534638] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.535383] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 131.536120] RBP: ffff888014407b98 R08: ffffed1002ded03e R09: ffffed1002ded03e [ 131.536856] R10: ffff888016f681ef R11: ffffed1002ded03d R12: ffff888016f68290 [ 131.537629] R13: ffff888016f680a8 R14: ffffffffffffffff R15: ffff888014407c60 [ 131.538695] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.539712] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.540313] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 131.541052] PKRU: 55555554 [ 131.541353] Call Trace: [ 131.541617] [ 131.541853] iommufd_ioas_destroy+0x53/0x70 [ 131.542318] iommufd_fops_release+0x1f7/0x370 [ 131.542834] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.543363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.543871] ? write_comp_data+0x2f/0x90 [ 131.544303] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.544994] __fput+0x26d/0xa40 [ 131.545465] ____fput+0x1e/0x30 [ 131.545824] task_work_run+0x1a4/0x2d0 [ 131.546239] ? __pfx_task_work_run+0x10/0x10 [ 131.546741] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.547260] ? switch_task_namespaces+0xa9/0xe0 [ 131.547758] do_exit+0xb17/0x2ef0 [ 131.548122] ? lock_acquire+0x427/0x4c0 [ 131.548556] ? __pfx_lock_release+0x10/0x10 [ 131.549018] ? __kasan_check_write+0x18/0x20 [ 131.549483] ? do_raw_spin_lock+0x132/0x2a0 [ 131.549981] ? __pfx_do_exit+0x10/0x10 [ 131.550571] ? debug_smp_processor_id+0x20/0x30 [ 131.551298] ? rcu_is_watching+0x19/0xb0 [ 131.551732] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.552204] ? trace_hardirqs_on+0x26/0x120 [ 131.552662] do_group_exit+0xe0/0x2b0 [ 131.553066] __x64_sys_exit_group+0x47/0x50 [ 131.553512] do_syscall_64+0x3b/0x90 [ 131.553908] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.554461] RIP: 0033:0x7f4b87518a4d [ 131.554889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.555540] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.556328] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.557224] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.558227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.559015] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.559800] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.560566] [ 131.560813] irq event stamp: 0 [ 131.561149] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.561818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.562902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.564112] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.564778] ---[ end trace 0000000000000000 ]--- [ 131.570343] ------------[ cut here ]------------ [ 131.570979] WARNING: CPU: 1 PID: 1226 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.572090] Modules linked in: [ 131.572432] CPU: 1 PID: 1226 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.573653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.575084] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.575621] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.577561] RSP: 0018:ffff888016cf7bb8 EFLAGS: 00010246 [ 131.578225] RAX: 0000000000000000 RBX: ffff888010b7b0a8 RCX: 0000000000000000 [ 131.579269] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 131.580017] RBP: ffff888016cf7bd0 R08: ffffed100216f633 R09: ffffed100216f633 [ 131.580777] R10: ffff888010b7b193 R11: ffffed100216f632 R12: ffff88800b9b6c00 [ 131.581535] R13: ffff888010b7b1e8 R14: ffffffff8352e670 R15: ffff888016cf7e68 [ 131.582309] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.583253] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.584059] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 131.585066] PKRU: 55555554 [ 131.585381] Call Trace: [ 131.585655] [ 131.585896] __iommufd_access_detach+0x1c2/0x2b0 [ 131.586427] iommufd_access_change_pt+0x149/0x270 [ 131.586980] iommufd_access_replace+0xb4/0x120 [ 131.587492] iommufd_test+0x3e5/0x37e0 [ 131.587912] ? lock_release+0x532/0x770 [ 131.588352] ? __might_fault+0x102/0x1b0 [ 131.588900] ? lock_acquire+0x427/0x4c0 [ 131.589503] ? __pfx_iommufd_test+0x10/0x10 [ 131.590120] ? __pfx_lock_release+0x10/0x10 [ 131.590620] ? __pfx_lock_acquire+0x10/0x10 [ 131.591089] ? write_comp_data+0x2f/0x90 [ 131.591555] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.592087] ? write_comp_data+0x2f/0x90 [ 131.592536] iommufd_fops_ioctl+0x37d/0x510 [ 131.593013] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.593547] ? write_comp_data+0x2f/0x90 [ 131.593995] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.594656] __x64_sys_ioctl+0x1a3/0x230 [ 131.595298] do_syscall_64+0x3b/0x90 [ 131.595728] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.596299] RIP: 0033:0x7f4b8743ee5d [ 131.596709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.598686] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.599564] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.600578] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.601546] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.602309] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.603088] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.603867] [ 131.604123] irq event stamp: 0 [ 131.604460] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.605170] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.606397] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.607317] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.607998] ---[ end trace 0000000000000000 ]--- [ 131.613172] ------------[ cut here ]------------ [ 131.613729] WARNING: CPU: 1 PID: 1226 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.615068] Modules linked in: [ 131.615554] CPU: 1 PID: 1226 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.616467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.617663] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.618204] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.620512] RSP: 0018:ffff888016cf7bd0 EFLAGS: 00010246 [ 131.621278] RAX: 0000000000000000 RBX: ffff888010b7b0a8 RCX: 0000000000000000 [ 131.622039] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 131.622812] RBP: ffff888016cf7be8 R08: ffffed100216f633 R09: ffffed100216f633 [ 131.623590] R10: ffff888010b7b193 R11: ffffed100216f632 R12: ffff888014142c00 [ 131.624339] R13: ffff888010b7b1e8 R14: ffff888012de2400 R15: 0000000000000000 [ 131.625114] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.626256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.627107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 131.627898] PKRU: 55555554 [ 131.628205] Call Trace: [ 131.628479] [ 131.628727] iommufd_access_destroy_object+0x65/0x170 [ 131.629291] iommufd_object_destroy_user+0x18e/0x220 [ 131.629840] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.630491] iommufd_access_destroy+0x43/0x70 [ 131.631213] iommufd_test_staccess_release+0x8d/0xd0 [ 131.631982] __fput+0x26d/0xa40 [ 131.632356] ____fput+0x1e/0x30 [ 131.632722] task_work_run+0x1a4/0x2d0 [ 131.633153] ? __pfx_task_work_run+0x10/0x10 [ 131.633636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.634169] ? switch_task_namespaces+0xa9/0xe0 [ 131.634713] do_exit+0xb17/0x2ef0 [ 131.635090] ? lock_acquire+0x427/0x4c0 [ 131.635575] ? __pfx_lock_release+0x10/0x10 [ 131.636204] ? __kasan_check_write+0x18/0x20 [ 131.636854] ? do_raw_spin_lock+0x132/0x2a0 [ 131.637318] ? __pfx_do_exit+0x10/0x10 [ 131.637748] ? debug_smp_processor_id+0x20/0x30 [ 131.638263] ? rcu_is_watching+0x19/0xb0 [ 131.638732] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.639235] ? trace_hardirqs_on+0x26/0x120 [ 131.639707] do_group_exit+0xe0/0x2b0 [ 131.640125] __x64_sys_exit_group+0x47/0x50 [ 131.640669] do_syscall_64+0x3b/0x90 [ 131.641199] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.641957] RIP: 0033:0x7f4b87518a4d [ 131.642367] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.643051] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.643889] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.644648] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.645485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.646535] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.647598] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.648369] [ 131.648619] irq event stamp: 0 [ 131.648953] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.649616] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.650492] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.651579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.652507] ---[ end trace 0000000000000000 ]--- [ 131.655444] ------------[ cut here ]------------ [ 131.655986] WARNING: CPU: 1 PID: 1226 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.657342] Modules linked in: [ 131.657813] CPU: 1 PID: 1226 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.658834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.660046] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.660601] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.662874] RSP: 0018:ffff888016cf7b78 EFLAGS: 00010246 [ 131.663664] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.664407] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 131.665153] RBP: ffff888016cf7b98 R08: ffffed100216f63e R09: ffffed100216f63e [ 131.665902] R10: ffff888010b7b1ef R11: ffffed100216f63d R12: ffff888010b7b290 [ 131.666682] R13: ffff888010b7b0a8 R14: ffffffffffffffff R15: ffff888016cf7c60 [ 131.667645] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.668727] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.669333] CR2: 00007f82e2af5000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 131.670096] PKRU: 55555554 [ 131.670411] Call Trace: [ 131.670719] [ 131.670963] iommufd_ioas_destroy+0x53/0x70 [ 131.671452] iommufd_fops_release+0x1f7/0x370 [ 131.671974] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.672689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.673426] ? write_comp_data+0x2f/0x90 [ 131.673880] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.674426] __fput+0x26d/0xa40 [ 131.674832] ____fput+0x1e/0x30 [ 131.675218] task_work_run+0x1a4/0x2d0 [ 131.675649] ? __pfx_task_work_run+0x10/0x10 [ 131.676119] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.676659] ? switch_task_namespaces+0xa9/0xe0 [ 131.677340] do_exit+0xb17/0x2ef0 [ 131.677839] ? lock_acquire+0x427/0x4c0 [ 131.678283] ? __pfx_lock_release+0x10/0x10 [ 131.678791] ? __kasan_check_write+0x18/0x20 [ 131.679290] ? do_raw_spin_lock+0x132/0x2a0 [ 131.679754] ? __pfx_do_exit+0x10/0x10 [ 131.680189] ? debug_smp_processor_id+0x20/0x30 [ 131.680690] ? rcu_is_watching+0x19/0xb0 [ 131.681165] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.681832] ? trace_hardirqs_on+0x26/0x120 [ 131.682488] do_group_exit+0xe0/0x2b0 [ 131.682934] __x64_sys_exit_group+0x47/0x50 [ 131.683413] do_syscall_64+0x3b/0x90 [ 131.683832] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.684400] RIP: 0033:0x7f4b87518a4d [ 131.684800] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.685451] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.686325] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.687452] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.688219] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.688964] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.689714] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.690490] [ 131.690775] irq event stamp: 0 [ 131.691220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.692152] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.693055] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.693947] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.694648] ---[ end trace 0000000000000000 ]--- [ 131.701787] ------------[ cut here ]------------ [ 131.702341] WARNING: CPU: 1 PID: 1227 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.703501] Modules linked in: [ 131.703839] CPU: 1 PID: 1227 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.704747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.706234] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.706982] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.708912] RSP: 0018:ffff888023dd7bb8 EFLAGS: 00010246 [ 131.709480] RAX: 0000000000000000 RBX: ffff888016c218a8 RCX: 0000000000000000 [ 131.710292] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 131.711370] RBP: ffff888023dd7bd0 R08: ffffed1002d84333 R09: ffffed1002d84333 [ 131.712131] R10: ffff888016c21993 R11: ffffed1002d84332 R12: ffff88801422e000 [ 131.712893] R13: ffff888016c219e8 R14: ffffffff8352e670 R15: ffff888023dd7e68 [ 131.713651] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.714597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.715459] CR2: 0000000020000140 CR3: 0000000020fbc000 CR4: 0000000000750ee0 [ 131.716404] PKRU: 55555554 [ 131.716710] Call Trace: [ 131.716981] [ 131.717221] __iommufd_access_detach+0x1c2/0x2b0 [ 131.717741] iommufd_access_change_pt+0x149/0x270 [ 131.718271] iommufd_access_replace+0xb4/0x120 [ 131.718799] iommufd_test+0x3e5/0x37e0 [ 131.719225] ? lock_release+0x532/0x770 [ 131.719665] ? __might_fault+0x102/0x1b0 [ 131.720178] ? lock_acquire+0x427/0x4c0 [ 131.720742] ? __pfx_iommufd_test+0x10/0x10 [ 131.721398] ? __pfx_lock_release+0x10/0x10 [ 131.721865] ? __pfx_lock_acquire+0x10/0x10 [ 131.722334] ? write_comp_data+0x2f/0x90 [ 131.722805] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.723342] ? write_comp_data+0x2f/0x90 [ 131.723791] iommufd_fops_ioctl+0x37d/0x510 [ 131.724274] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.724817] ? write_comp_data+0x2f/0x90 [ 131.725289] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.725976] __x64_sys_ioctl+0x1a3/0x230 [ 131.726614] do_syscall_64+0x3b/0x90 [ 131.727034] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.727606] RIP: 0033:0x7f4b8743ee5d [ 131.728018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.729933] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.730898] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.731944] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.732718] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.733486] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.734247] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.735047] [ 131.735312] irq event stamp: 0 [ 131.735683] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.736574] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.737661] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.738576] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.739263] ---[ end trace 0000000000000000 ]--- [ 131.744728] ------------[ cut here ]------------ [ 131.745460] WARNING: CPU: 1 PID: 1227 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.746826] Modules linked in: [ 131.747171] CPU: 1 PID: 1227 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.748075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.749220] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.749734] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.752160] RSP: 0018:ffff888023dd7bd0 EFLAGS: 00010246 [ 131.752710] RAX: 0000000000000000 RBX: ffff888016c218a8 RCX: 0000000000000000 [ 131.753438] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 131.754166] RBP: ffff888023dd7be8 R08: ffffed1002d84333 R09: ffffed1002d84333 [ 131.754930] R10: ffff888016c21993 R11: ffffed1002d84332 R12: ffff88800b9b7000 [ 131.755944] R13: ffff888016c219e8 R14: ffff888012de4100 R15: 0000000000000000 [ 131.756890] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.757715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.758312] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 131.759128] PKRU: 55555554 [ 131.759427] Call Trace: [ 131.759689] [ 131.759921] iommufd_access_destroy_object+0x65/0x170 [ 131.760459] iommufd_object_destroy_user+0x18e/0x220 [ 131.760990] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.761599] iommufd_access_destroy+0x43/0x70 [ 131.762075] iommufd_test_staccess_release+0x8d/0xd0 [ 131.762785] __fput+0x26d/0xa40 [ 131.763276] ____fput+0x1e/0x30 [ 131.763628] task_work_run+0x1a4/0x2d0 [ 131.764038] ? __pfx_task_work_run+0x10/0x10 [ 131.764498] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.765005] ? switch_task_namespaces+0xa9/0xe0 [ 131.765497] do_exit+0xb17/0x2ef0 [ 131.765853] ? lock_acquire+0x427/0x4c0 [ 131.766269] ? __pfx_lock_release+0x10/0x10 [ 131.766770] ? __kasan_check_write+0x18/0x20 [ 131.767364] ? do_raw_spin_lock+0x132/0x2a0 [ 131.767782] ? __pfx_do_exit+0x10/0x10 [ 131.768164] ? debug_smp_processor_id+0x20/0x30 [ 131.768613] ? rcu_is_watching+0x19/0xb0 [ 131.769010] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.769447] ? trace_hardirqs_on+0x26/0x120 [ 131.769865] do_group_exit+0xe0/0x2b0 [ 131.770236] __x64_sys_exit_group+0x47/0x50 [ 131.770722] do_syscall_64+0x3b/0x90 [ 131.771248] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.771758] RIP: 0033:0x7f4b87518a4d [ 131.772114] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.772697] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.773419] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.774096] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.774945] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.775712] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.776384] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.777065] [ 131.777294] irq event stamp: 0 [ 131.777596] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.778227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.779235] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.780031] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.780637] ---[ end trace 0000000000000000 ]--- [ 131.782955] ------------[ cut here ]------------ [ 131.783454] WARNING: CPU: 1 PID: 1227 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.784418] Modules linked in: [ 131.784724] CPU: 1 PID: 1227 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.785548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.786984] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.787487] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.789221] RSP: 0018:ffff888023dd7b78 EFLAGS: 00010246 [ 131.789738] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.790409] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 131.791378] RBP: ffff888023dd7b98 R08: ffffed1002d8433e R09: ffffed1002d8433e [ 131.792058] R10: ffff888016c219ef R11: ffffed1002d8433d R12: ffff888016c21a90 [ 131.792729] R13: ffff888016c218a8 R14: ffffffffffffffff R15: ffff888023dd7c60 [ 131.793404] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.794163] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.794859] CR2: 00007f82e2aff010 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 131.795689] PKRU: 55555554 [ 131.795961] Call Trace: [ 131.796202] [ 131.796418] iommufd_ioas_destroy+0x53/0x70 [ 131.796834] iommufd_fops_release+0x1f7/0x370 [ 131.797276] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.797757] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.798225] ? write_comp_data+0x2f/0x90 [ 131.798697] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.799358] __fput+0x26d/0xa40 [ 131.799694] ____fput+0x1e/0x30 [ 131.800020] task_work_run+0x1a4/0x2d0 [ 131.800399] ? __pfx_task_work_run+0x10/0x10 [ 131.800819] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.801285] ? switch_task_namespaces+0xa9/0xe0 [ 131.801736] do_exit+0xb17/0x2ef0 [ 131.802067] ? lock_acquire+0x427/0x4c0 [ 131.802500] ? __pfx_lock_release+0x10/0x10 [ 131.803074] ? __kasan_check_write+0x18/0x20 [ 131.803546] ? do_raw_spin_lock+0x132/0x2a0 [ 131.803957] ? __pfx_do_exit+0x10/0x10 [ 131.804338] ? debug_smp_processor_id+0x20/0x30 [ 131.804783] ? rcu_is_watching+0x19/0xb0 [ 131.805173] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.805606] ? trace_hardirqs_on+0x26/0x120 [ 131.806028] do_group_exit+0xe0/0x2b0 [ 131.806474] __x64_sys_exit_group+0x47/0x50 [ 131.807043] do_syscall_64+0x3b/0x90 [ 131.807417] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.807915] RIP: 0033:0x7f4b87518a4d [ 131.808268] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.808849] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.809562] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.810396] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.811082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.811753] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.812397] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.813068] [ 131.813291] irq event stamp: 0 [ 131.813679] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.814355] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.815155] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.815923] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.816503] ---[ end trace 0000000000000000 ]--- [ 131.823406] ------------[ cut here ]------------ [ 131.823865] WARNING: CPU: 1 PID: 1228 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.824744] Modules linked in: [ 131.825100] CPU: 1 PID: 1228 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.825931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.826925] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.827373] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.829106] RSP: 0018:ffff888016157bb8 EFLAGS: 00010246 [ 131.829563] RAX: 0000000000000000 RBX: ffff888015d2c8a8 RCX: 0000000000000000 [ 131.830172] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 131.830802] RBP: ffff888016157bd0 R08: ffffed1002ba5933 R09: ffffed1002ba5933 [ 131.831430] R10: ffff888015d2c993 R11: ffffed1002ba5932 R12: ffff888013b17400 [ 131.832218] R13: ffff888015d2c9e8 R14: ffffffff8352e670 R15: ffff888016157e68 [ 131.832839] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.833543] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.834039] CR2: 0000000020000140 CR3: 0000000020f34000 CR4: 0000000000750ee0 [ 131.834673] PKRU: 55555554 [ 131.834923] Call Trace: [ 131.835194] [ 131.835441] __iommufd_access_detach+0x1c2/0x2b0 [ 131.835950] iommufd_access_change_pt+0x149/0x270 [ 131.836389] iommufd_access_replace+0xb4/0x120 [ 131.836811] iommufd_test+0x3e5/0x37e0 [ 131.837158] ? lock_release+0x532/0x770 [ 131.837523] ? __might_fault+0x102/0x1b0 [ 131.837890] ? lock_acquire+0x427/0x4c0 [ 131.838274] ? __pfx_iommufd_test+0x10/0x10 [ 131.838748] ? __pfx_lock_release+0x10/0x10 [ 131.839223] ? __pfx_lock_acquire+0x10/0x10 [ 131.839616] ? write_comp_data+0x2f/0x90 [ 131.839985] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.840420] ? write_comp_data+0x2f/0x90 [ 131.840793] iommufd_fops_ioctl+0x37d/0x510 [ 131.841179] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.841614] ? write_comp_data+0x2f/0x90 [ 131.842014] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.842589] __x64_sys_ioctl+0x1a3/0x230 [ 131.842967] do_syscall_64+0x3b/0x90 [ 131.843314] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.843778] RIP: 0033:0x7f4b8743ee5d [ 131.844107] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.845852] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.846554] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.847189] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.847819] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.848450] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.849270] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.849906] [ 131.850119] irq event stamp: 0 [ 131.850402] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.850981] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.851740] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.852636] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.853185] ---[ end trace 0000000000000000 ]--- [ 131.857752] ------------[ cut here ]------------ [ 131.858212] WARNING: CPU: 1 PID: 1228 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.859356] Modules linked in: [ 131.859642] CPU: 1 PID: 1228 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.860402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.861373] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.861833] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.863546] RSP: 0018:ffff888016157bd0 EFLAGS: 00010246 [ 131.864017] RAX: 0000000000000000 RBX: ffff888015d2c8a8 RCX: 0000000000000000 [ 131.864638] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 131.865341] RBP: ffff888016157be8 R08: ffffed1002ba5933 R09: ffffed1002ba5933 [ 131.866044] R10: ffff888015d2c993 R11: ffffed1002ba5932 R12: ffff88801422f800 [ 131.866686] R13: ffff888015d2c9e8 R14: ffff88800fa6ba00 R15: 0000000000000000 [ 131.867320] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.868029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.868553] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 131.869281] PKRU: 55555554 [ 131.869530] Call Trace: [ 131.869756] [ 131.869956] iommufd_access_destroy_object+0x65/0x170 [ 131.870418] iommufd_object_destroy_user+0x18e/0x220 [ 131.870893] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.871421] iommufd_access_destroy+0x43/0x70 [ 131.871843] iommufd_test_staccess_release+0x8d/0xd0 [ 131.872443] __fput+0x26d/0xa40 [ 131.872764] ____fput+0x1e/0x30 [ 131.873070] task_work_run+0x1a4/0x2d0 [ 131.873426] ? __pfx_task_work_run+0x10/0x10 [ 131.873822] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.874256] ? switch_task_namespaces+0xa9/0xe0 [ 131.874702] do_exit+0xb17/0x2ef0 [ 131.875017] ? lock_acquire+0x427/0x4c0 [ 131.875451] ? __pfx_lock_release+0x10/0x10 [ 131.875922] ? __kasan_check_write+0x18/0x20 [ 131.876315] ? do_raw_spin_lock+0x132/0x2a0 [ 131.876696] ? __pfx_do_exit+0x10/0x10 [ 131.877050] ? debug_smp_processor_id+0x20/0x30 [ 131.877468] ? rcu_is_watching+0x19/0xb0 [ 131.877831] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.878241] ? trace_hardirqs_on+0x26/0x120 [ 131.878723] do_group_exit+0xe0/0x2b0 [ 131.879169] __x64_sys_exit_group+0x47/0x50 [ 131.879556] do_syscall_64+0x3b/0x90 [ 131.879893] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.880361] RIP: 0033:0x7f4b87518a4d [ 131.880690] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.881227] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.881997] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.882725] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.883362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.883986] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.884612] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.885268] [ 131.885538] irq event stamp: 0 [ 131.885896] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.886450] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.887214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.887951] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.888528] ---[ end trace 0000000000000000 ]--- [ 131.891325] ------------[ cut here ]------------ [ 131.891768] WARNING: CPU: 1 PID: 1228 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.892832] Modules linked in: [ 131.893118] CPU: 1 PID: 1228 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.893881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.894933] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.895396] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.897149] RSP: 0018:ffff888016157b78 EFLAGS: 00010246 [ 131.897621] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.898237] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 131.898961] RBP: ffff888016157b98 R08: ffffed1002ba593e R09: ffffed1002ba593e [ 131.899679] R10: ffff888015d2c9ef R11: ffffed1002ba593d R12: ffff888015d2ca90 [ 131.900303] R13: ffff888015d2c8a8 R14: ffffffffffffffff R15: ffff888016157c60 [ 131.900924] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.901642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.902205] CR2: 00007f82e2b09000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 131.902966] PKRU: 55555554 [ 131.903237] Call Trace: [ 131.903463] [ 131.903664] iommufd_ioas_destroy+0x53/0x70 [ 131.904054] iommufd_fops_release+0x1f7/0x370 [ 131.904465] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.904912] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.905352] ? write_comp_data+0x2f/0x90 [ 131.905809] ? __pfx_iommufd_fops_release+0x10/0x10 [ 131.906333] __fput+0x26d/0xa40 [ 131.906673] ____fput+0x1e/0x30 [ 131.906972] task_work_run+0x1a4/0x2d0 [ 131.907335] ? __pfx_task_work_run+0x10/0x10 [ 131.907731] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.908168] ? switch_task_namespaces+0xa9/0xe0 [ 131.908598] do_exit+0xb17/0x2ef0 [ 131.908989] ? lock_acquire+0x427/0x4c0 [ 131.909434] ? __pfx_lock_release+0x10/0x10 [ 131.909821] ? __kasan_check_write+0x18/0x20 [ 131.910214] ? do_raw_spin_lock+0x132/0x2a0 [ 131.910617] ? __pfx_do_exit+0x10/0x10 [ 131.911025] ? debug_smp_processor_id+0x20/0x30 [ 131.911616] ? rcu_is_watching+0x19/0xb0 [ 131.911979] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.912385] ? trace_hardirqs_on+0x26/0x120 [ 131.912778] do_group_exit+0xe0/0x2b0 [ 131.913148] __x64_sys_exit_group+0x47/0x50 [ 131.913673] do_syscall_64+0x3b/0x90 [ 131.914011] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.914474] RIP: 0033:0x7f4b87518a4d [ 131.914825] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.915375] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.916041] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.916779] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.917502] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.918124] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.918780] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.919436] [ 131.919654] irq event stamp: 0 [ 131.920026] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.920648] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.921391] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.922120] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.922697] ---[ end trace 0000000000000000 ]--- [ 131.927977] ------------[ cut here ]------------ [ 131.928440] WARNING: CPU: 1 PID: 1229 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.929427] Modules linked in: [ 131.929783] CPU: 1 PID: 1229 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.930730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.931724] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.932159] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.933917] RSP: 0018:ffff8880100f7bb8 EFLAGS: 00010246 [ 131.934388] RAX: 0000000000000000 RBX: ffff888023dd20a8 RCX: 0000000000000000 [ 131.935050] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 131.935690] RBP: ffff8880100f7bd0 R08: ffffed10047ba433 R09: ffffed10047ba433 [ 131.936312] R10: ffff888023dd2193 R11: ffffed10047ba432 R12: ffff888010824400 [ 131.937094] R13: ffff888023dd21e8 R14: ffffffff8352e670 R15: ffff8880100f7e68 [ 131.937718] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.938419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.938950] CR2: 0000000020000140 CR3: 0000000020fd2000 CR4: 0000000000750ee0 [ 131.939586] PKRU: 55555554 [ 131.939926] Call Trace: [ 131.940215] [ 131.940417] __iommufd_access_detach+0x1c2/0x2b0 [ 131.940853] iommufd_access_change_pt+0x149/0x270 [ 131.941285] iommufd_access_replace+0xb4/0x120 [ 131.941700] iommufd_test+0x3e5/0x37e0 [ 131.942056] ? lock_release+0x532/0x770 [ 131.942455] ? __might_fault+0x102/0x1b0 [ 131.942923] ? lock_acquire+0x427/0x4c0 [ 131.943298] ? __pfx_iommufd_test+0x10/0x10 [ 131.943679] ? __pfx_lock_release+0x10/0x10 [ 131.944071] ? __pfx_lock_acquire+0x10/0x10 [ 131.944464] ? write_comp_data+0x2f/0x90 [ 131.944836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.945270] ? write_comp_data+0x2f/0x90 [ 131.945727] iommufd_fops_ioctl+0x37d/0x510 [ 131.946184] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.946650] ? write_comp_data+0x2f/0x90 [ 131.947022] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 131.947463] __x64_sys_ioctl+0x1a3/0x230 [ 131.947835] do_syscall_64+0x3b/0x90 [ 131.948174] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.948700] RIP: 0033:0x7f4b8743ee5d [ 131.949121] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 131.950746] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 131.951429] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 131.952232] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 131.952859] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 131.953482] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 131.954106] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 131.954919] [ 131.955143] irq event stamp: 0 [ 131.955428] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.955985] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.956723] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.957461] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.958181] ---[ end trace 0000000000000000 ]--- [ 131.961148] ------------[ cut here ]------------ [ 131.961599] WARNING: CPU: 1 PID: 1229 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 131.962606] Modules linked in: [ 131.962960] CPU: 1 PID: 1229 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.963741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.964721] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 131.965158] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 131.966942] RSP: 0018:ffff8880100f7bd0 EFLAGS: 00010246 [ 131.967425] RAX: 0000000000000000 RBX: ffff888023dd20a8 RCX: 0000000000000000 [ 131.968047] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 131.968755] RBP: ffff8880100f7be8 R08: ffffed10047ba433 R09: ffffed10047ba433 [ 131.969484] R10: ffff888023dd2193 R11: ffffed10047ba432 R12: ffff888013b15000 [ 131.970109] R13: ffff888023dd21e8 R14: ffff888011f19500 R15: 0000000000000000 [ 131.970750] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 131.971488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 131.972130] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 131.972751] PKRU: 55555554 [ 131.973002] Call Trace: [ 131.973233] [ 131.973436] iommufd_access_destroy_object+0x65/0x170 [ 131.973891] iommufd_object_destroy_user+0x18e/0x220 [ 131.974429] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 131.975058] iommufd_access_destroy+0x43/0x70 [ 131.975477] iommufd_test_staccess_release+0x8d/0xd0 [ 131.975936] __fput+0x26d/0xa40 [ 131.976267] ____fput+0x1e/0x30 [ 131.976566] task_work_run+0x1a4/0x2d0 [ 131.976920] ? __pfx_task_work_run+0x10/0x10 [ 131.977319] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 131.977933] ? switch_task_namespaces+0xa9/0xe0 [ 131.978361] do_exit+0xb17/0x2ef0 [ 131.978706] ? lock_acquire+0x427/0x4c0 [ 131.979071] ? __pfx_lock_release+0x10/0x10 [ 131.979473] ? __kasan_check_write+0x18/0x20 [ 131.979867] ? do_raw_spin_lock+0x132/0x2a0 [ 131.980250] ? __pfx_do_exit+0x10/0x10 [ 131.980643] ? debug_smp_processor_id+0x20/0x30 [ 131.981163] ? rcu_is_watching+0x19/0xb0 [ 131.981528] ? _raw_spin_unlock_irq+0x2b/0x60 [ 131.981932] ? trace_hardirqs_on+0x26/0x120 [ 131.982330] do_group_exit+0xe0/0x2b0 [ 131.982702] __x64_sys_exit_group+0x47/0x50 [ 131.983082] do_syscall_64+0x3b/0x90 [ 131.983430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 131.983962] RIP: 0033:0x7f4b87518a4d [ 131.984376] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 131.984919] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 131.985602] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 131.986228] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 131.987054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 131.987688] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 131.988307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 131.988947] [ 131.989157] irq event stamp: 0 [ 131.989438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 131.989988] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 131.990841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 131.991661] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 131.992212] ---[ end trace 0000000000000000 ]--- [ 131.992972] ------------[ cut here ]------------ [ 131.993389] WARNING: CPU: 1 PID: 1229 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 131.994289] Modules linked in: [ 131.994680] CPU: 1 PID: 1229 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 131.995469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 131.996447] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 131.996904] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 131.998669] RSP: 0018:ffff8880100f7b78 EFLAGS: 00010246 [ 131.999149] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 131.999769] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 132.000385] RBP: ffff8880100f7b98 R08: ffffed10047ba43e R09: ffffed10047ba43e [ 132.001005] R10: ffff888023dd21ef R11: ffffed10047ba43d R12: ffff888023dd2290 [ 132.001627] R13: ffff888023dd20a8 R14: ffffffffffffffff R15: ffff8880100f7c60 [ 132.002400] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.003131] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.003645] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 132.004269] PKRU: 55555554 [ 132.004522] Call Trace: [ 132.004748] [ 132.004946] iommufd_ioas_destroy+0x53/0x70 [ 132.005329] iommufd_fops_release+0x1f7/0x370 [ 132.005729] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.006314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.006772] ? write_comp_data+0x2f/0x90 [ 132.007147] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.007595] __fput+0x26d/0xa40 [ 132.007903] ____fput+0x1e/0x30 [ 132.008204] task_work_run+0x1a4/0x2d0 [ 132.008558] ? __pfx_task_work_run+0x10/0x10 [ 132.008953] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.009392] ? switch_task_namespaces+0xa9/0xe0 [ 132.009858] do_exit+0xb17/0x2ef0 [ 132.010281] ? lock_acquire+0x427/0x4c0 [ 132.010678] ? __pfx_lock_release+0x10/0x10 [ 132.011069] ? __kasan_check_write+0x18/0x20 [ 132.011469] ? do_raw_spin_lock+0x132/0x2a0 [ 132.011851] ? __pfx_do_exit+0x10/0x10 [ 132.012203] ? debug_smp_processor_id+0x20/0x30 [ 132.012620] ? rcu_is_watching+0x19/0xb0 [ 132.012982] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.013386] ? trace_hardirqs_on+0x26/0x120 [ 132.013783] do_group_exit+0xe0/0x2b0 [ 132.014224] __x64_sys_exit_group+0x47/0x50 [ 132.014690] do_syscall_64+0x3b/0x90 [ 132.015033] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.015509] RIP: 0033:0x7f4b87518a4d [ 132.015840] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.016375] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.017037] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.017658] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.018432] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.019084] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.019720] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.020352] [ 132.020558] irq event stamp: 0 [ 132.020834] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.021390] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.022313] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.023076] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.023636] ---[ end trace 0000000000000000 ]--- [ 132.028303] ------------[ cut here ]------------ [ 132.028761] WARNING: CPU: 1 PID: 1230 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.029649] Modules linked in: [ 132.029955] CPU: 1 PID: 1230 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.030908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.031912] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.032351] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.033946] RSP: 0018:ffff888011c5fbb8 EFLAGS: 00010246 [ 132.034643] RAX: 0000000000000000 RBX: ffff8880171bc0a8 RCX: 0000000000000000 [ 132.035277] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 132.035899] RBP: ffff888011c5fbd0 R08: ffffed1002e37833 R09: ffffed1002e37833 [ 132.036519] R10: ffff8880171bc193 R11: ffffed1002e37832 R12: ffff88801341e400 [ 132.037144] R13: ffff8880171bc1e8 R14: ffffffff8352e670 R15: ffff888011c5fe68 [ 132.037770] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.038707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.039230] CR2: 0000000020000140 CR3: 0000000020c0e000 CR4: 0000000000750ee0 [ 132.039851] PKRU: 55555554 [ 132.040103] Call Trace: [ 132.040331] [ 132.040533] __iommufd_access_detach+0x1c2/0x2b0 [ 132.040968] iommufd_access_change_pt+0x149/0x270 [ 132.041451] iommufd_access_replace+0xb4/0x120 [ 132.042001] iommufd_test+0x3e5/0x37e0 [ 132.042351] ? lock_release+0x532/0x770 [ 132.042737] ? __might_fault+0x102/0x1b0 [ 132.043105] ? lock_acquire+0x427/0x4c0 [ 132.043479] ? __pfx_iommufd_test+0x10/0x10 [ 132.043859] ? __pfx_lock_release+0x10/0x10 [ 132.044252] ? __pfx_lock_acquire+0x10/0x10 [ 132.044666] ? write_comp_data+0x2f/0x90 [ 132.045185] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.045629] ? write_comp_data+0x2f/0x90 [ 132.046005] iommufd_fops_ioctl+0x37d/0x510 [ 132.046394] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.046853] ? write_comp_data+0x2f/0x90 [ 132.047231] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.047665] __x64_sys_ioctl+0x1a3/0x230 [ 132.048085] do_syscall_64+0x3b/0x90 [ 132.048497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.048962] RIP: 0033:0x7f4b8743ee5d [ 132.049300] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 132.050922] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 132.051689] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 132.052374] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 132.052998] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 132.053621] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 132.054246] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 132.054971] [ 132.055277] irq event stamp: 0 [ 132.055557] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.056108] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.056841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.057574] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.058159] ---[ end trace 0000000000000000 ]--- [ 132.062689] ------------[ cut here ]------------ [ 132.063168] WARNING: CPU: 1 PID: 1230 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.064050] Modules linked in: [ 132.064332] CPU: 1 PID: 1230 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.065228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.066220] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.066757] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.068346] RSP: 0018:ffff888011c5fbd0 EFLAGS: 00010246 [ 132.068819] RAX: 0000000000000000 RBX: ffff8880171bc0a8 RCX: 0000000000000000 [ 132.069626] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 132.070250] RBP: ffff888011c5fbe8 R08: ffffed1002e37833 R09: ffffed1002e37833 [ 132.070900] R10: ffff8880171bc193 R11: ffffed1002e37832 R12: ffff888010824000 [ 132.071535] R13: ffff8880171bc1e8 R14: ffff888020eded00 R15: 0000000000000000 [ 132.072156] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.072854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.073364] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 132.074158] PKRU: 55555554 [ 132.074414] Call Trace: [ 132.074674] [ 132.074880] iommufd_access_destroy_object+0x65/0x170 [ 132.075359] iommufd_object_destroy_user+0x18e/0x220 [ 132.075812] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 132.076324] iommufd_access_destroy+0x43/0x70 [ 132.076728] iommufd_test_staccess_release+0x8d/0xd0 [ 132.077181] __fput+0x26d/0xa40 [ 132.077490] ____fput+0x1e/0x30 [ 132.077892] task_work_run+0x1a4/0x2d0 [ 132.078313] ? __pfx_task_work_run+0x10/0x10 [ 132.078743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.079186] ? switch_task_namespaces+0xa9/0xe0 [ 132.079608] do_exit+0xb17/0x2ef0 [ 132.079917] ? lock_acquire+0x427/0x4c0 [ 132.080275] ? __pfx_lock_release+0x10/0x10 [ 132.080658] ? __kasan_check_write+0x18/0x20 [ 132.081044] ? do_raw_spin_lock+0x132/0x2a0 [ 132.081427] ? __pfx_do_exit+0x10/0x10 [ 132.081867] ? debug_smp_processor_id+0x20/0x30 [ 132.082326] ? rcu_is_watching+0x19/0xb0 [ 132.082711] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.083121] ? trace_hardirqs_on+0x26/0x120 [ 132.083510] do_group_exit+0xe0/0x2b0 [ 132.083848] __x64_sys_exit_group+0x47/0x50 [ 132.084231] do_syscall_64+0x3b/0x90 [ 132.084569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.085034] RIP: 0033:0x7f4b87518a4d [ 132.085369] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.085956] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.086793] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.087425] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.088053] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.088674] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.089297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.089951] [ 132.090218] irq event stamp: 0 [ 132.090592] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.091154] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.091892] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.092624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.093178] ---[ end trace 0000000000000000 ]--- [ 132.094228] ------------[ cut here ]------------ [ 132.094684] WARNING: CPU: 1 PID: 1230 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 132.095594] Modules linked in: [ 132.095879] CPU: 1 PID: 1230 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.096643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.097626] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 132.098247] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 132.099883] RSP: 0018:ffff888011c5fb78 EFLAGS: 00010246 [ 132.100359] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.100979] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 132.101601] RBP: ffff888011c5fb98 R08: ffffed1002e3783e R09: ffffed1002e3783e [ 132.102402] R10: ffff8880171bc1ef R11: ffffed1002e3783d R12: ffff8880171bc290 [ 132.103046] R13: ffff8880171bc0a8 R14: ffffffffffffffff R15: ffff888011c5fc60 [ 132.103687] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.104389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.104901] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 132.105524] PKRU: 55555554 [ 132.105861] Call Trace: [ 132.106179] [ 132.106384] iommufd_ioas_destroy+0x53/0x70 [ 132.106799] iommufd_fops_release+0x1f7/0x370 [ 132.107210] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.107653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.108086] ? write_comp_data+0x2f/0x90 [ 132.108453] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.108892] __fput+0x26d/0xa40 [ 132.109198] ____fput+0x1e/0x30 [ 132.109501] task_work_run+0x1a4/0x2d0 [ 132.109954] ? __pfx_task_work_run+0x10/0x10 [ 132.110402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.110861] ? switch_task_namespaces+0xa9/0xe0 [ 132.111289] do_exit+0xb17/0x2ef0 [ 132.111600] ? lock_acquire+0x427/0x4c0 [ 132.111959] ? __pfx_lock_release+0x10/0x10 [ 132.112347] ? __kasan_check_write+0x18/0x20 [ 132.112740] ? do_raw_spin_lock+0x132/0x2a0 [ 132.113123] ? __pfx_do_exit+0x10/0x10 [ 132.113480] ? debug_smp_processor_id+0x20/0x30 [ 132.113950] ? rcu_is_watching+0x19/0xb0 [ 132.114395] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.114825] ? trace_hardirqs_on+0x26/0x120 [ 132.115229] do_group_exit+0xe0/0x2b0 [ 132.115565] __x64_sys_exit_group+0x47/0x50 [ 132.115943] do_syscall_64+0x3b/0x90 [ 132.116281] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.116745] RIP: 0033:0x7f4b87518a4d [ 132.117075] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.117614] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.118437] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.119082] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.119713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.120333] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.120953] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.121585] [ 132.121795] irq event stamp: 0 [ 132.122135] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.122807] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.123550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.124278] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.124829] ---[ end trace 0000000000000000 ]--- [ 132.128865] ------------[ cut here ]------------ [ 132.129466] WARNING: CPU: 1 PID: 1231 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.130345] Modules linked in: [ 132.130656] CPU: 1 PID: 1231 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.131431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.132404] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.132931] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.134589] RSP: 0018:ffff8880100f7bb8 EFLAGS: 00010246 [ 132.135053] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 132.135678] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 132.136322] RBP: ffff8880100f7bd0 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 132.137049] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff88801226e400 [ 132.137670] R13: ffff88801587c9e8 R14: ffffffff8352e670 R15: ffff8880100f7e68 [ 132.138291] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.139036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.139556] CR2: 00007f4b877410e8 CR3: 0000000020c0e000 CR4: 0000000000750ee0 [ 132.140282] PKRU: 55555554 [ 132.140591] Call Trace: [ 132.140831] [ 132.141031] __iommufd_access_detach+0x1c2/0x2b0 [ 132.141461] iommufd_access_change_pt+0x149/0x270 [ 132.141895] iommufd_access_replace+0xb4/0x120 [ 132.142303] iommufd_test+0x3e5/0x37e0 [ 132.142674] ? lock_release+0x532/0x770 [ 132.143035] ? __might_fault+0x102/0x1b0 [ 132.143416] ? lock_acquire+0x427/0x4c0 [ 132.143781] ? __pfx_iommufd_test+0x10/0x10 [ 132.144248] ? __pfx_lock_release+0x10/0x10 [ 132.144685] ? __pfx_lock_acquire+0x10/0x10 [ 132.145077] ? write_comp_data+0x2f/0x90 [ 132.145444] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.145872] ? write_comp_data+0x2f/0x90 [ 132.146241] iommufd_fops_ioctl+0x37d/0x510 [ 132.146655] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.147088] ? write_comp_data+0x2f/0x90 [ 132.147467] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.147983] __x64_sys_ioctl+0x1a3/0x230 [ 132.148401] do_syscall_64+0x3b/0x90 [ 132.148742] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.149206] RIP: 0033:0x7f4b8743ee5d [ 132.149537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 132.151300] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 132.151971] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 132.152590] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 132.153213] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 132.153829] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 132.154452] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 132.155297] [ 132.155509] irq event stamp: 0 [ 132.155785] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.156335] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.157071] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.157798] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.158369] ---[ end trace 0000000000000000 ]--- [ 132.161613] ------------[ cut here ]------------ [ 132.162116] WARNING: CPU: 1 PID: 1231 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.163166] Modules linked in: [ 132.163455] CPU: 1 PID: 1231 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.164213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.165195] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.165634] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.167410] RSP: 0018:ffff8880100f7bd0 EFLAGS: 00010246 [ 132.167879] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 132.168498] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 132.169118] RBP: ffff8880100f7be8 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 132.169877] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff88801341cc00 [ 132.170495] R13: ffff88801587c9e8 R14: ffff888020e95500 R15: 0000000000000000 [ 132.171156] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.171863] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.172374] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 132.173036] PKRU: 55555554 [ 132.173322] Call Trace: [ 132.173599] [ 132.173799] iommufd_access_destroy_object+0x65/0x170 [ 132.174262] iommufd_object_destroy_user+0x18e/0x220 [ 132.174737] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 132.175265] iommufd_access_destroy+0x43/0x70 [ 132.175675] iommufd_test_staccess_release+0x8d/0xd0 [ 132.176130] __fput+0x26d/0xa40 [ 132.176438] ____fput+0x1e/0x30 [ 132.176740] task_work_run+0x1a4/0x2d0 [ 132.177171] ? __pfx_task_work_run+0x10/0x10 [ 132.177606] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.178039] ? switch_task_namespaces+0xa9/0xe0 [ 132.178454] do_exit+0xb17/0x2ef0 [ 132.178784] ? lock_acquire+0x427/0x4c0 [ 132.179157] ? __pfx_lock_release+0x10/0x10 [ 132.179548] ? __kasan_check_write+0x18/0x20 [ 132.179940] ? do_raw_spin_lock+0x132/0x2a0 [ 132.180317] ? __pfx_do_exit+0x10/0x10 [ 132.180679] ? debug_smp_processor_id+0x20/0x30 [ 132.181195] ? rcu_is_watching+0x19/0xb0 [ 132.181554] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.181950] ? trace_hardirqs_on+0x26/0x120 [ 132.182326] do_group_exit+0xe0/0x2b0 [ 132.182678] __x64_sys_exit_group+0x47/0x50 [ 132.183035] do_syscall_64+0x3b/0x90 [ 132.183361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.183800] RIP: 0033:0x7f4b87518a4d [ 132.184116] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.184735] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.185371] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.185957] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.186581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.187182] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.187783] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.188526] [ 132.188744] irq event stamp: 0 [ 132.189006] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.189533] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.190221] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.191028] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.191658] ---[ end trace 0000000000000000 ]--- [ 132.192437] ------------[ cut here ]------------ [ 132.192835] WARNING: CPU: 1 PID: 1231 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 132.193691] Modules linked in: [ 132.193962] CPU: 1 PID: 1231 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.194868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.195811] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 132.196241] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 132.197740] RSP: 0018:ffff8880100f7b78 EFLAGS: 00010246 [ 132.198259] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.198923] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 132.199520] RBP: ffff8880100f7b98 R08: ffffed1002b0f93e R09: ffffed1002b0f93e [ 132.200110] R10: ffff88801587c9ef R11: ffffed1002b0f93d R12: ffff88801587ca90 [ 132.200698] R13: ffff88801587c8a8 R14: ffffffffffffffff R15: ffff8880100f7c60 [ 132.201291] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.202077] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.202588] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 132.203188] PKRU: 55555554 [ 132.203425] Call Trace: [ 132.203638] [ 132.203831] iommufd_ioas_destroy+0x53/0x70 [ 132.204197] iommufd_fops_release+0x1f7/0x370 [ 132.204575] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.204995] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.205531] ? write_comp_data+0x2f/0x90 [ 132.205889] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.206311] __fput+0x26d/0xa40 [ 132.206629] ____fput+0x1e/0x30 [ 132.206915] task_work_run+0x1a4/0x2d0 [ 132.207263] ? __pfx_task_work_run+0x10/0x10 [ 132.207638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.208048] ? switch_task_namespaces+0xa9/0xe0 [ 132.208450] do_exit+0xb17/0x2ef0 [ 132.208742] ? lock_acquire+0x427/0x4c0 [ 132.209153] ? __pfx_lock_release+0x10/0x10 [ 132.209575] ? __kasan_check_write+0x18/0x20 [ 132.209948] ? do_raw_spin_lock+0x132/0x2a0 [ 132.210310] ? __pfx_do_exit+0x10/0x10 [ 132.210676] ? debug_smp_processor_id+0x20/0x30 [ 132.211069] ? rcu_is_watching+0x19/0xb0 [ 132.211427] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.211814] ? trace_hardirqs_on+0x26/0x120 [ 132.212185] do_group_exit+0xe0/0x2b0 [ 132.212507] __x64_sys_exit_group+0x47/0x50 [ 132.212973] do_syscall_64+0x3b/0x90 [ 132.213291] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.213733] RIP: 0033:0x7f4b87518a4d [ 132.214042] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.214581] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.215222] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.215809] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.216528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.217119] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.217705] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.218297] [ 132.218491] irq event stamp: 0 [ 132.218782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.219372] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.220141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.220830] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.221367] ---[ end trace 0000000000000000 ]--- [ 132.226651] ------------[ cut here ]------------ [ 132.227161] WARNING: CPU: 1 PID: 1232 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.228104] Modules linked in: [ 132.228369] CPU: 1 PID: 1232 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.229086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.230032] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.230569] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.232069] RSP: 0018:ffff888011c5fbb8 EFLAGS: 00010246 [ 132.232505] RAX: 0000000000000000 RBX: ffff88800fb730a8 RCX: 0000000000000000 [ 132.233128] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 132.233797] RBP: ffff888011c5fbd0 R08: ffffed1001f6e633 R09: ffffed1001f6e633 [ 132.234379] R10: ffff88800fb73193 R11: ffffed1001f6e632 R12: ffff888014113c00 [ 132.234977] R13: ffff88800fb731e8 R14: ffffffff8352e670 R15: ffff888011c5fe68 [ 132.235574] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.236298] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.236834] CR2: 00007f4b877410e8 CR3: 0000000020c0e000 CR4: 0000000000750ee0 [ 132.237421] PKRU: 55555554 [ 132.237656] Call Trace: [ 132.237868] [ 132.238057] __iommufd_access_detach+0x1c2/0x2b0 [ 132.238464] iommufd_access_change_pt+0x149/0x270 [ 132.238890] iommufd_access_replace+0xb4/0x120 [ 132.239374] iommufd_test+0x3e5/0x37e0 [ 132.239746] ? lock_release+0x532/0x770 [ 132.240086] ? __might_fault+0x102/0x1b0 [ 132.240428] ? lock_acquire+0x427/0x4c0 [ 132.240767] ? __pfx_iommufd_test+0x10/0x10 [ 132.241123] ? __pfx_lock_release+0x10/0x10 [ 132.241488] ? __pfx_lock_acquire+0x10/0x10 [ 132.241854] ? write_comp_data+0x2f/0x90 [ 132.242272] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.242756] ? write_comp_data+0x2f/0x90 [ 132.243104] iommufd_fops_ioctl+0x37d/0x510 [ 132.243479] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.243889] ? write_comp_data+0x2f/0x90 [ 132.244233] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.244637] __x64_sys_ioctl+0x1a3/0x230 [ 132.245021] do_syscall_64+0x3b/0x90 [ 132.245431] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.245869] RIP: 0033:0x7f4b8743ee5d [ 132.246177] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 132.247693] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 132.248475] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 132.249060] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 132.249644] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 132.250231] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 132.250840] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 132.251532] [ 132.251762] irq event stamp: 0 [ 132.252023] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.252540] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.253236] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.253928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.254593] ---[ end trace 0000000000000000 ]--- [ 132.259092] ------------[ cut here ]------------ [ 132.259546] WARNING: CPU: 1 PID: 1232 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.260538] Modules linked in: [ 132.260806] CPU: 1 PID: 1232 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.261526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.262590] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.263004] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.264623] RSP: 0018:ffff888011c5fbd0 EFLAGS: 00010246 [ 132.265062] RAX: 0000000000000000 RBX: ffff88800fb730a8 RCX: 0000000000000000 [ 132.265744] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 132.266329] RBP: ffff888011c5fbe8 R08: ffffed1001f6e633 R09: ffffed1001f6e633 [ 132.266929] R10: ffff88800fb73193 R11: ffffed1001f6e632 R12: ffff88801226ec00 [ 132.267651] R13: ffff88800fb731e8 R14: ffff8880218d4300 R15: 0000000000000000 [ 132.268243] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.268910] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.269511] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 132.270098] PKRU: 55555554 [ 132.270334] Call Trace: [ 132.270563] [ 132.270753] iommufd_access_destroy_object+0x65/0x170 [ 132.271307] iommufd_object_destroy_user+0x18e/0x220 [ 132.271738] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 132.272224] iommufd_access_destroy+0x43/0x70 [ 132.272626] iommufd_test_staccess_release+0x8d/0xd0 [ 132.273141] __fput+0x26d/0xa40 [ 132.273435] ____fput+0x1e/0x30 [ 132.273721] task_work_run+0x1a4/0x2d0 [ 132.274055] ? __pfx_task_work_run+0x10/0x10 [ 132.274459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.274943] ? switch_task_namespaces+0xa9/0xe0 [ 132.275347] do_exit+0xb17/0x2ef0 [ 132.275640] ? lock_acquire+0x427/0x4c0 [ 132.275982] ? __pfx_lock_release+0x10/0x10 [ 132.276448] ? __kasan_check_write+0x18/0x20 [ 132.276823] ? do_raw_spin_lock+0x132/0x2a0 [ 132.277186] ? __pfx_do_exit+0x10/0x10 [ 132.277523] ? debug_smp_processor_id+0x20/0x30 [ 132.277928] ? rcu_is_watching+0x19/0xb0 [ 132.278363] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.278766] ? trace_hardirqs_on+0x26/0x120 [ 132.279141] do_group_exit+0xe0/0x2b0 [ 132.279466] __x64_sys_exit_group+0x47/0x50 [ 132.279885] do_syscall_64+0x3b/0x90 [ 132.280254] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.280694] RIP: 0033:0x7f4b87518a4d [ 132.281006] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.281543] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.282249] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.282854] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.283517] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.284168] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.284752] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.285410] [ 132.285631] irq event stamp: 0 [ 132.285890] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.286408] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.287212] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.287944] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.288461] ---[ end trace 0000000000000000 ]--- [ 132.290955] ------------[ cut here ]------------ [ 132.291384] WARNING: CPU: 1 PID: 1232 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 132.292271] Modules linked in: [ 132.292607] CPU: 1 PID: 1232 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.293324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.294364] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 132.294845] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 132.296451] RSP: 0018:ffff888011c5fb78 EFLAGS: 00010246 [ 132.296895] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.297481] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 132.298169] RBP: ffff888011c5fb98 R08: ffffed1001f6e63e R09: ffffed1001f6e63e [ 132.298774] R10: ffff88800fb731ef R11: ffffed1001f6e63d R12: ffff88800fb73290 [ 132.299383] R13: ffff88800fb730a8 R14: ffffffffffffffff R15: ffff888011c5fc60 [ 132.300072] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.300739] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.301245] CR2: 00007f82e2b32000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 132.301924] PKRU: 55555554 [ 132.302167] Call Trace: [ 132.302381] [ 132.302591] iommufd_ioas_destroy+0x53/0x70 [ 132.302956] iommufd_fops_release+0x1f7/0x370 [ 132.303458] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.303880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.304301] ? write_comp_data+0x2f/0x90 [ 132.304656] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.305209] __fput+0x26d/0xa40 [ 132.305505] ____fput+0x1e/0x30 [ 132.305790] task_work_run+0x1a4/0x2d0 [ 132.306124] ? __pfx_task_work_run+0x10/0x10 [ 132.306506] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.307057] ? switch_task_namespaces+0xa9/0xe0 [ 132.307471] do_exit+0xb17/0x2ef0 [ 132.307765] ? lock_acquire+0x427/0x4c0 [ 132.308106] ? __pfx_lock_release+0x10/0x10 [ 132.308477] ? __kasan_check_write+0x18/0x20 [ 132.308850] ? do_raw_spin_lock+0x132/0x2a0 [ 132.309211] ? __pfx_do_exit+0x10/0x10 [ 132.309571] ? debug_smp_processor_id+0x20/0x30 [ 132.310050] ? rcu_is_watching+0x19/0xb0 [ 132.310393] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.310802] ? trace_hardirqs_on+0x26/0x120 [ 132.311182] do_group_exit+0xe0/0x2b0 [ 132.311504] __x64_sys_exit_group+0x47/0x50 [ 132.311929] do_syscall_64+0x3b/0x90 [ 132.312281] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.312720] RIP: 0033:0x7f4b87518a4d [ 132.313027] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.313597] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.314285] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.314918] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.315548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.316293] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.316901] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.317527] [ 132.317796] irq event stamp: 0 [ 132.318128] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.318690] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.319425] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.320285] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.320826] ---[ end trace 0000000000000000 ]--- [ 132.325748] ------------[ cut here ]------------ [ 132.326192] WARNING: CPU: 1 PID: 1233 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.327145] Modules linked in: [ 132.327450] CPU: 1 PID: 1233 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.328293] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.329271] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.329795] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.331514] RSP: 0018:ffff8880100f7bb8 EFLAGS: 00010246 [ 132.331975] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 132.332585] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 132.333233] RBP: ffff8880100f7bd0 R08: ffffed100173f333 R09: ffffed100173f333 [ 132.333920] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff88801422c800 [ 132.334553] R13: ffff88800b9f99e8 R14: ffffffff8352e670 R15: ffff8880100f7e68 [ 132.335214] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.336003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.336498] CR2: 00007f4b877410e8 CR3: 0000000020c0e000 CR4: 0000000000750ee0 [ 132.337169] PKRU: 55555554 [ 132.337467] Call Trace: [ 132.337698] [ 132.337897] __iommufd_access_detach+0x1c2/0x2b0 [ 132.338327] iommufd_access_change_pt+0x149/0x270 [ 132.338779] iommufd_access_replace+0xb4/0x120 [ 132.339220] iommufd_test+0x3e5/0x37e0 [ 132.339676] ? lock_release+0x532/0x770 [ 132.340033] ? __might_fault+0x102/0x1b0 [ 132.340394] ? lock_acquire+0x427/0x4c0 [ 132.340753] ? __pfx_iommufd_test+0x10/0x10 [ 132.341169] ? __pfx_lock_release+0x10/0x10 [ 132.341637] ? __pfx_lock_acquire+0x10/0x10 [ 132.342033] ? write_comp_data+0x2f/0x90 [ 132.342420] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.342892] ? write_comp_data+0x2f/0x90 [ 132.343282] iommufd_fops_ioctl+0x37d/0x510 [ 132.343730] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.344235] ? write_comp_data+0x2f/0x90 [ 132.344610] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.345038] __x64_sys_ioctl+0x1a3/0x230 [ 132.345423] do_syscall_64+0x3b/0x90 [ 132.345864] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.346336] RIP: 0033:0x7f4b8743ee5d [ 132.346696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 132.348457] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 132.349131] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 132.349800] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 132.350549] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 132.351183] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 132.351808] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 132.352559] [ 132.352770] irq event stamp: 0 [ 132.353050] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.353611] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.354483] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.355264] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.355825] ---[ end trace 0000000000000000 ]--- [ 132.358981] ------------[ cut here ]------------ [ 132.359445] WARNING: CPU: 1 PID: 1233 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.360498] Modules linked in: [ 132.360789] CPU: 1 PID: 1233 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.361557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.362746] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.363204] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.364972] RSP: 0018:ffff8880100f7bd0 EFLAGS: 00010246 [ 132.365446] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 132.366073] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 132.366851] RBP: ffff8880100f7be8 R08: ffffed100173f333 R09: ffffed100173f333 [ 132.367495] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff888014111400 [ 132.368121] R13: ffff88800b9f99e8 R14: ffff888013d36d00 R15: 0000000000000000 [ 132.368909] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.369618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.370133] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 132.370956] PKRU: 55555554 [ 132.371225] Call Trace: [ 132.371456] [ 132.371658] iommufd_access_destroy_object+0x65/0x170 [ 132.372123] iommufd_object_destroy_user+0x18e/0x220 [ 132.372583] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 132.373223] iommufd_access_destroy+0x43/0x70 [ 132.373638] iommufd_test_staccess_release+0x8d/0xd0 [ 132.374101] __fput+0x26d/0xa40 [ 132.374413] ____fput+0x1e/0x30 [ 132.374819] task_work_run+0x1a4/0x2d0 [ 132.375268] ? __pfx_task_work_run+0x10/0x10 [ 132.375670] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.376107] ? switch_task_namespaces+0xa9/0xe0 [ 132.376533] do_exit+0xb17/0x2ef0 [ 132.376844] ? lock_acquire+0x427/0x4c0 [ 132.377353] ? __pfx_lock_release+0x10/0x10 [ 132.377768] ? __kasan_check_write+0x18/0x20 [ 132.378190] ? do_raw_spin_lock+0x132/0x2a0 [ 132.378633] ? __pfx_do_exit+0x10/0x10 [ 132.379011] ? debug_smp_processor_id+0x20/0x30 [ 132.379529] ? rcu_is_watching+0x19/0xb0 [ 132.380014] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.380448] ? trace_hardirqs_on+0x26/0x120 [ 132.380862] do_group_exit+0xe0/0x2b0 [ 132.381227] __x64_sys_exit_group+0x47/0x50 [ 132.381714] do_syscall_64+0x3b/0x90 [ 132.382123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.382666] RIP: 0033:0x7f4b87518a4d [ 132.383022] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.383621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.384530] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.385197] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.385874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.386750] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.387434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.388110] [ 132.388347] irq event stamp: 0 [ 132.388819] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.389426] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.390244] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.391250] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.391855] ---[ end trace 0000000000000000 ]--- [ 132.392698] ------------[ cut here ]------------ [ 132.393250] WARNING: CPU: 1 PID: 1233 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 132.394292] Modules linked in: [ 132.394648] CPU: 1 PID: 1233 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.395679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.396778] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 132.397283] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 132.399282] RSP: 0018:ffff8880100f7b78 EFLAGS: 00010246 [ 132.399815] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.400681] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 132.401371] RBP: ffff8880100f7b98 R08: ffffed100173f33e R09: ffffed100173f33e [ 132.402041] R10: ffff88800b9f99ef R11: ffffed100173f33d R12: ffff88800b9f9a90 [ 132.402912] R13: ffff88800b9f98a8 R14: ffffffffffffffff R15: ffff8880100f7c60 [ 132.403600] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.404368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.405110] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 132.405804] PKRU: 55555554 [ 132.406104] Call Trace: [ 132.406374] [ 132.406646] iommufd_ioas_destroy+0x53/0x70 [ 132.407330] iommufd_fops_release+0x1f7/0x370 [ 132.407806] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.408325] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.408839] ? write_comp_data+0x2f/0x90 [ 132.409329] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.410003] __fput+0x26d/0xa40 [ 132.410363] ____fput+0x1e/0x30 [ 132.410756] task_work_run+0x1a4/0x2d0 [ 132.411191] ? __pfx_task_work_run+0x10/0x10 [ 132.411657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.412370] ? switch_task_namespaces+0xa9/0xe0 [ 132.412867] do_exit+0xb17/0x2ef0 [ 132.413237] ? lock_acquire+0x427/0x4c0 [ 132.413655] ? __pfx_lock_release+0x10/0x10 [ 132.414143] ? __kasan_check_write+0x18/0x20 [ 132.414798] ? do_raw_spin_lock+0x132/0x2a0 [ 132.415267] ? __pfx_do_exit+0x10/0x10 [ 132.415683] ? debug_smp_processor_id+0x20/0x30 [ 132.416168] ? rcu_is_watching+0x19/0xb0 [ 132.416601] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.417294] ? trace_hardirqs_on+0x26/0x120 [ 132.417749] do_group_exit+0xe0/0x2b0 [ 132.418148] __x64_sys_exit_group+0x47/0x50 [ 132.418627] do_syscall_64+0x3b/0x90 [ 132.419028] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.419794] RIP: 0033:0x7f4b87518a4d [ 132.420189] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.420829] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.421697] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.422644] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.423406] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.424172] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.425073] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.425827] [ 132.426081] irq event stamp: 0 [ 132.426463] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.427321] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.428207] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.429127] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.429924] ---[ end trace 0000000000000000 ]--- [ 132.435284] ------------[ cut here ]------------ [ 132.435871] WARNING: CPU: 1 PID: 1234 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.437326] Modules linked in: [ 132.437746] CPU: 1 PID: 1234 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.439208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.440767] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.441504] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.444136] RSP: 0018:ffff888011c5fbb8 EFLAGS: 00010246 [ 132.444811] RAX: 0000000000000000 RBX: ffff888010b7f8a8 RCX: 0000000000000000 [ 132.445969] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 132.446908] RBP: ffff888011c5fbd0 R08: ffffed100216ff33 R09: ffffed100216ff33 [ 132.447965] R10: ffff888010b7f993 R11: ffffed100216ff32 R12: ffff888010e02800 [ 132.448839] R13: ffff888010b7f9e8 R14: ffffffff8352e670 R15: ffff888011c5fe68 [ 132.449582] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.450666] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.451281] CR2: 00007f4b877410e8 CR3: 0000000020c0e000 CR4: 0000000000750ee0 [ 132.452000] PKRU: 55555554 [ 132.452352] Call Trace: [ 132.452737] [ 132.452971] __iommufd_access_detach+0x1c2/0x2b0 [ 132.453470] iommufd_access_change_pt+0x149/0x270 [ 132.453964] iommufd_access_replace+0xb4/0x120 [ 132.454480] iommufd_test+0x3e5/0x37e0 [ 132.455033] ? lock_release+0x532/0x770 [ 132.455462] ? __might_fault+0x102/0x1b0 [ 132.455869] ? lock_acquire+0x427/0x4c0 [ 132.456275] ? __pfx_iommufd_test+0x10/0x10 [ 132.456708] ? __pfx_lock_release+0x10/0x10 [ 132.457150] ? __pfx_lock_acquire+0x10/0x10 [ 132.457641] ? write_comp_data+0x2f/0x90 [ 132.458200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.458732] ? write_comp_data+0x2f/0x90 [ 132.459179] iommufd_fops_ioctl+0x37d/0x510 [ 132.459623] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.460164] ? write_comp_data+0x2f/0x90 [ 132.460725] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.461215] __x64_sys_ioctl+0x1a3/0x230 [ 132.461635] do_syscall_64+0x3b/0x90 [ 132.462018] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.462692] RIP: 0033:0x7f4b8743ee5d [ 132.463131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 132.464981] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 132.465925] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 132.466688] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 132.467508] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 132.468366] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 132.469088] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 132.470022] [ 132.470265] irq event stamp: 0 [ 132.470627] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.471297] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.472207] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.473155] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.473807] ---[ end trace 0000000000000000 ]--- [ 132.477192] ------------[ cut here ]------------ [ 132.477740] WARNING: CPU: 1 PID: 1234 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.478875] Modules linked in: [ 132.479342] CPU: 1 PID: 1234 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.480264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.481521] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.482169] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.484295] RSP: 0018:ffff888011c5fbd0 EFLAGS: 00010246 [ 132.484845] RAX: 0000000000000000 RBX: ffff888010b7f8a8 RCX: 0000000000000000 [ 132.485557] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 132.486462] RBP: ffff888011c5fbe8 R08: ffffed100216ff33 R09: ffffed100216ff33 [ 132.487234] R10: ffff888010b7f993 R11: ffffed100216ff32 R12: ffff88801422e800 [ 132.487972] R13: ffff888010b7f9e8 R14: ffff888012bf9a00 R15: 0000000000000000 [ 132.488756] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.489750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.490338] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 132.491206] PKRU: 55555554 [ 132.491624] Call Trace: [ 132.491889] [ 132.492118] iommufd_access_destroy_object+0x65/0x170 [ 132.492635] iommufd_object_destroy_user+0x18e/0x220 [ 132.493172] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 132.493903] iommufd_access_destroy+0x43/0x70 [ 132.494493] iommufd_test_staccess_release+0x8d/0xd0 [ 132.495082] __fput+0x26d/0xa40 [ 132.495460] ____fput+0x1e/0x30 [ 132.495814] task_work_run+0x1a4/0x2d0 [ 132.496238] ? __pfx_task_work_run+0x10/0x10 [ 132.496903] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.497432] ? switch_task_namespaces+0xa9/0xe0 [ 132.497932] do_exit+0xb17/0x2ef0 [ 132.498301] ? lock_acquire+0x427/0x4c0 [ 132.498829] ? __pfx_lock_release+0x10/0x10 [ 132.499452] ? __kasan_check_write+0x18/0x20 [ 132.499924] ? do_raw_spin_lock+0x132/0x2a0 [ 132.500379] ? __pfx_do_exit+0x10/0x10 [ 132.500800] ? debug_smp_processor_id+0x20/0x30 [ 132.501296] ? rcu_is_watching+0x19/0xb0 [ 132.501845] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.502435] ? trace_hardirqs_on+0x26/0x120 [ 132.502962] do_group_exit+0xe0/0x2b0 [ 132.503391] __x64_sys_exit_group+0x47/0x50 [ 132.503846] do_syscall_64+0x3b/0x90 [ 132.504251] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.505010] RIP: 0033:0x7f4b87518a4d [ 132.505395] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.506039] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.506905] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.508042] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.508985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.510121] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.511289] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.512255] [ 132.512794] irq event stamp: 0 [ 132.513362] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.514201] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.515585] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.516696] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.517532] ---[ end trace 0000000000000000 ]--- [ 132.519334] ------------[ cut here ]------------ [ 132.519996] WARNING: CPU: 1 PID: 1234 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 132.521528] Modules linked in: [ 132.521962] CPU: 1 PID: 1234 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.523204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.524944] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 132.525656] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 132.528484] RSP: 0018:ffff888011c5fb78 EFLAGS: 00010246 [ 132.529521] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.530460] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 132.531475] RBP: ffff888011c5fb98 R08: ffffed100216ff3e R09: ffffed100216ff3e [ 132.532699] R10: ffff888010b7f9ef R11: ffffed100216ff3d R12: ffff888010b7fa90 [ 132.533641] R13: ffff888010b7f8a8 R14: ffffffffffffffff R15: ffff888011c5fc60 [ 132.534809] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.535894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.536665] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 132.537799] PKRU: 55555554 [ 132.538180] Call Trace: [ 132.538580] [ 132.538897] iommufd_ioas_destroy+0x53/0x70 [ 132.539510] iommufd_fops_release+0x1f7/0x370 [ 132.540161] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.540966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.541626] ? write_comp_data+0x2f/0x90 [ 132.542185] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.543096] __fput+0x26d/0xa40 [ 132.543605] ____fput+0x1e/0x30 [ 132.544070] task_work_run+0x1a4/0x2d0 [ 132.544607] ? __pfx_task_work_run+0x10/0x10 [ 132.545204] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.546071] ? switch_task_namespaces+0xa9/0xe0 [ 132.546794] do_exit+0xb17/0x2ef0 [ 132.547290] ? lock_acquire+0x427/0x4c0 [ 132.547842] ? __pfx_lock_release+0x10/0x10 [ 132.548640] ? __kasan_check_write+0x18/0x20 [ 132.549238] ? do_raw_spin_lock+0x132/0x2a0 [ 132.549816] ? __pfx_do_exit+0x10/0x10 [ 132.550349] ? debug_smp_processor_id+0x20/0x30 [ 132.551152] ? rcu_is_watching+0x19/0xb0 [ 132.551707] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.552318] ? trace_hardirqs_on+0x26/0x120 [ 132.552906] do_group_exit+0xe0/0x2b0 [ 132.553506] __x64_sys_exit_group+0x47/0x50 [ 132.554160] do_syscall_64+0x3b/0x90 [ 132.554708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.555418] RIP: 0033:0x7f4b87518a4d [ 132.556041] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.556961] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.557989] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.559216] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.560186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.561200] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.562280] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.563312] [ 132.563670] irq event stamp: 0 [ 132.564241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.565092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.566243] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.567533] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.568390] ---[ end trace 0000000000000000 ]--- [ 132.578449] ------------[ cut here ]------------ [ 132.579227] WARNING: CPU: 1 PID: 1235 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.580780] Modules linked in: [ 132.581224] CPU: 1 PID: 1235 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.582453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.584160] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.584848] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.587536] RSP: 0018:ffff8880180dfbb8 EFLAGS: 00010246 [ 132.588427] RAX: 0000000000000000 RBX: ffff8880104620a8 RCX: 0000000000000000 [ 132.589390] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 132.590430] RBP: ffff8880180dfbd0 R08: ffffed100208c433 R09: ffffed100208c433 [ 132.591526] R10: ffff888010462193 R11: ffffed100208c432 R12: ffff88801226f400 [ 132.592493] R13: ffff8880104621e8 R14: ffffffff8352e670 R15: ffff8880180dfe68 [ 132.593641] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.594750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.595606] CR2: 0000000020000140 CR3: 000000000f516000 CR4: 0000000000750ee0 [ 132.596688] PKRU: 55555554 [ 132.597084] Call Trace: [ 132.597440] [ 132.597762] __iommufd_access_detach+0x1c2/0x2b0 [ 132.598658] iommufd_access_change_pt+0x149/0x270 [ 132.599357] iommufd_access_replace+0xb4/0x120 [ 132.600000] iommufd_test+0x3e5/0x37e0 [ 132.600569] ? lock_release+0x532/0x770 [ 132.601258] ? __might_fault+0x102/0x1b0 [ 132.601828] ? lock_acquire+0x427/0x4c0 [ 132.602386] ? __pfx_iommufd_test+0x10/0x10 [ 132.603014] ? __pfx_lock_release+0x10/0x10 [ 132.603827] ? __pfx_lock_acquire+0x10/0x10 [ 132.604434] ? write_comp_data+0x2f/0x90 [ 132.605008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.605713] ? write_comp_data+0x2f/0x90 [ 132.606412] iommufd_fops_ioctl+0x37d/0x510 [ 132.607054] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.607773] ? write_comp_data+0x2f/0x90 [ 132.608383] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.609194] __x64_sys_ioctl+0x1a3/0x230 [ 132.609773] do_syscall_64+0x3b/0x90 [ 132.610299] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.611187] RIP: 0033:0x7f4b8743ee5d [ 132.611710] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 132.614336] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 132.615413] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 132.616575] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 132.617534] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 132.618562] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 132.619660] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 132.620639] [ 132.620996] irq event stamp: 0 [ 132.621577] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.622428] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.623654] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.624871] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.625723] ---[ end trace 0000000000000000 ]--- [ 132.635016] ------------[ cut here ]------------ [ 132.635751] WARNING: CPU: 1 PID: 1235 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.637335] Modules linked in: [ 132.637781] CPU: 1 PID: 1235 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.639256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.640783] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.641638] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.644349] RSP: 0018:ffff8880180dfbd0 EFLAGS: 00010246 [ 132.645082] RAX: 0000000000000000 RBX: ffff8880104620a8 RCX: 0000000000000000 [ 132.646041] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 132.647238] RBP: ffff8880180dfbe8 R08: ffffed100208c433 R09: ffffed100208c433 [ 132.648202] R10: ffff888010462193 R11: ffffed100208c432 R12: ffff888010e00000 [ 132.649282] R13: ffff8880104621e8 R14: ffff888012de2f00 R15: 0000000000000000 [ 132.650343] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.651496] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.652464] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 132.653428] PKRU: 55555554 [ 132.653815] Call Trace: [ 132.654168] [ 132.654617] iommufd_access_destroy_object+0x65/0x170 [ 132.655380] iommufd_object_destroy_user+0x18e/0x220 [ 132.656083] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 132.656924] iommufd_access_destroy+0x43/0x70 [ 132.657652] iommufd_test_staccess_release+0x8d/0xd0 [ 132.658357] __fput+0x26d/0xa40 [ 132.658876] ____fput+0x1e/0x30 [ 132.659397] task_work_run+0x1a4/0x2d0 [ 132.660084] ? __pfx_task_work_run+0x10/0x10 [ 132.660695] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.661376] ? switch_task_namespaces+0xa9/0xe0 [ 132.662142] do_exit+0xb17/0x2ef0 [ 132.662740] ? lock_acquire+0x427/0x4c0 [ 132.663314] ? __pfx_lock_release+0x10/0x10 [ 132.663914] ? __kasan_check_write+0x18/0x20 [ 132.664581] ? do_raw_spin_lock+0x132/0x2a0 [ 132.665287] ? __pfx_do_exit+0x10/0x10 [ 132.665838] ? debug_smp_processor_id+0x20/0x30 [ 132.666483] ? rcu_is_watching+0x19/0xb0 [ 132.667145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.667881] ? trace_hardirqs_on+0x26/0x120 [ 132.668485] do_group_exit+0xe0/0x2b0 [ 132.669011] __x64_sys_exit_group+0x47/0x50 [ 132.669647] do_syscall_64+0x3b/0x90 [ 132.670278] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.671035] RIP: 0033:0x7f4b87518a4d [ 132.671563] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.672583] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.673607] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.674615] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.675745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.676710] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.677848] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.678862] [ 132.679197] irq event stamp: 0 [ 132.679631] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.680685] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.681806] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.683173] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.684029] ---[ end trace 0000000000000000 ]--- [ 132.689253] ------------[ cut here ]------------ [ 132.690040] WARNING: CPU: 1 PID: 1235 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 132.691670] Modules linked in: [ 132.692127] CPU: 1 PID: 1235 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.693477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.695034] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 132.695922] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 132.698576] RSP: 0018:ffff8880180dfb78 EFLAGS: 00010246 [ 132.699318] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.700324] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 132.701401] RBP: ffff8880180dfb98 R08: ffffed100208c43e R09: ffffed100208c43e [ 132.702367] R10: ffff8880104621ef R11: ffffed100208c43d R12: ffff888010462290 [ 132.703567] R13: ffff8880104620a8 R14: ffffffffffffffff R15: ffff8880180dfc60 [ 132.704536] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.705807] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.706627] CR2: 00007f82e2b87000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 132.707610] PKRU: 55555554 [ 132.708186] Call Trace: [ 132.708542] [ 132.708859] iommufd_ioas_destroy+0x53/0x70 [ 132.709466] iommufd_fops_release+0x1f7/0x370 [ 132.710092] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.711011] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.711713] ? write_comp_data+0x2f/0x90 [ 132.712289] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.713020] __fput+0x26d/0xa40 [ 132.713617] ____fput+0x1e/0x30 [ 132.714088] task_work_run+0x1a4/0x2d0 [ 132.714678] ? __pfx_task_work_run+0x10/0x10 [ 132.715311] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.716168] ? switch_task_namespaces+0xa9/0xe0 [ 132.716828] do_exit+0xb17/0x2ef0 [ 132.717310] ? lock_acquire+0x427/0x4c0 [ 132.717875] ? __pfx_lock_release+0x10/0x10 [ 132.718704] ? __kasan_check_write+0x18/0x20 [ 132.719331] ? do_raw_spin_lock+0x132/0x2a0 [ 132.719924] ? __pfx_do_exit+0x10/0x10 [ 132.720471] ? debug_smp_processor_id+0x20/0x30 [ 132.721304] ? rcu_is_watching+0x19/0xb0 [ 132.721864] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.722493] ? trace_hardirqs_on+0x26/0x120 [ 132.723180] do_group_exit+0xe0/0x2b0 [ 132.723830] __x64_sys_exit_group+0x47/0x50 [ 132.724424] do_syscall_64+0x3b/0x90 [ 132.724953] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.725726] RIP: 0033:0x7f4b87518a4d [ 132.726328] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.727219] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.728298] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.729365] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.730327] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.731585] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.732529] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.733559] [ 132.733975] irq event stamp: 0 [ 132.734411] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.735328] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.736646] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.737770] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.738878] ---[ end trace 0000000000000000 ]--- [ 132.750398] ------------[ cut here ]------------ [ 132.751044] WARNING: CPU: 0 PID: 1236 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.752179] Modules linked in: [ 132.752525] CPU: 0 PID: 1236 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.753453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.755224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.755794] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.757768] RSP: 0018:ffff888018667bb8 EFLAGS: 00010246 [ 132.758340] RAX: 0000000000000000 RBX: ffff8880184550a8 RCX: 0000000000000000 [ 132.759165] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 132.760024] RBP: ffff888018667bd0 R08: ffffed100308aa33 R09: ffffed100308aa33 [ 132.761130] R10: ffff888018455193 R11: ffffed100308aa32 R12: ffff888014763000 [ 132.761908] R13: ffff8880184551e8 R14: ffffffff8352e670 R15: ffff888018667e68 [ 132.762716] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 132.763602] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.764231] CR2: 00007f4b877410e8 CR3: 0000000020fee000 CR4: 0000000000750ef0 [ 132.765186] PKRU: 55555554 [ 132.765591] Call Trace: [ 132.766056] [ 132.766297] __iommufd_access_detach+0x1c2/0x2b0 [ 132.766864] iommufd_access_change_pt+0x149/0x270 [ 132.767412] iommufd_access_replace+0xb4/0x120 [ 132.767920] iommufd_test+0x3e5/0x37e0 [ 132.768344] ? lock_release+0x532/0x770 [ 132.768799] ? __might_fault+0x102/0x1b0 [ 132.769260] ? lock_acquire+0x427/0x4c0 [ 132.769784] ? __pfx_iommufd_test+0x10/0x10 [ 132.770403] ? __pfx_lock_release+0x10/0x10 [ 132.771084] ? __pfx_lock_acquire+0x10/0x10 [ 132.771598] ? write_comp_data+0x2f/0x90 [ 132.772051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.772585] ? write_comp_data+0x2f/0x90 [ 132.773041] iommufd_fops_ioctl+0x37d/0x510 [ 132.773530] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.774082] ? write_comp_data+0x2f/0x90 [ 132.774599] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.775155] __x64_sys_ioctl+0x1a3/0x230 [ 132.775622] do_syscall_64+0x3b/0x90 [ 132.776032] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.776606] RIP: 0033:0x7f4b8743ee5d [ 132.777015] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 132.779062] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 132.779921] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 132.780699] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 132.781484] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 132.782256] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 132.783087] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 132.783900] [ 132.784169] irq event stamp: 0 [ 132.784504] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.785194] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.786105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.787066] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.787792] ---[ end trace 0000000000000000 ]--- [ 132.791605] ------------[ cut here ]------------ [ 132.792159] WARNING: CPU: 0 PID: 1236 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.793427] Modules linked in: [ 132.793981] CPU: 0 PID: 1236 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.794973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.796198] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.796736] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.799260] RSP: 0018:ffff888018667bd0 EFLAGS: 00010246 [ 132.799847] RAX: 0000000000000000 RBX: ffff8880184550a8 RCX: 0000000000000000 [ 132.800604] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 132.801369] RBP: ffff888018667be8 R08: ffffed100308aa33 R09: ffffed100308aa33 [ 132.802120] R10: ffff888018455193 R11: ffffed100308aa32 R12: ffff88800a726800 [ 132.802985] R13: ffff8880184551e8 R14: ffff88800f5cb900 R15: 0000000000000000 [ 132.803922] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 132.804784] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.805409] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 132.806175] PKRU: 55555554 [ 132.806477] Call Trace: [ 132.806804] [ 132.807055] iommufd_access_destroy_object+0x65/0x170 [ 132.807642] iommufd_object_destroy_user+0x18e/0x220 [ 132.808311] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 132.809171] iommufd_access_destroy+0x43/0x70 [ 132.809681] iommufd_test_staccess_release+0x8d/0xd0 [ 132.810237] __fput+0x26d/0xa40 [ 132.810657] ____fput+0x1e/0x30 [ 132.811029] task_work_run+0x1a4/0x2d0 [ 132.811497] ? __pfx_task_work_run+0x10/0x10 [ 132.811994] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.812542] ? switch_task_namespaces+0xa9/0xe0 [ 132.813215] do_exit+0xb17/0x2ef0 [ 132.813794] ? lock_acquire+0x427/0x4c0 [ 132.814256] ? __pfx_lock_release+0x10/0x10 [ 132.814785] ? __kasan_check_write+0x18/0x20 [ 132.815290] ? do_raw_spin_lock+0x132/0x2a0 [ 132.815768] ? __pfx_do_exit+0x10/0x10 [ 132.816197] ? debug_smp_processor_id+0x20/0x30 [ 132.816710] ? rcu_is_watching+0x19/0xb0 [ 132.817150] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.817722] ? trace_hardirqs_on+0x26/0x120 [ 132.818341] do_group_exit+0xe0/0x2b0 [ 132.818956] __x64_sys_exit_group+0x47/0x50 [ 132.819451] do_syscall_64+0x3b/0x90 [ 132.819867] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.820442] RIP: 0033:0x7f4b87518a4d [ 132.820853] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.821514] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.822432] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.823536] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.824320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.825089] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.825865] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.826692] [ 132.826959] irq event stamp: 0 [ 132.827329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.828019] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.828918] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.829817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.830669] ---[ end trace 0000000000000000 ]--- [ 132.831821] ------------[ cut here ]------------ [ 132.832345] WARNING: CPU: 0 PID: 1236 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 132.833437] Modules linked in: [ 132.833781] CPU: 0 PID: 1236 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.834914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.836316] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 132.836891] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 132.839174] RSP: 0018:ffff888018667b78 EFLAGS: 00010246 [ 132.839754] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.840507] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 132.841262] RBP: ffff888018667b98 R08: ffffed100308aa3e R09: ffffed100308aa3e [ 132.842019] R10: ffff8880184551ef R11: ffffed100308aa3d R12: ffff888018455290 [ 132.842800] R13: ffff8880184550a8 R14: ffffffffffffffff R15: ffff888018667c60 [ 132.843576] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 132.844437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.845065] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 132.845831] PKRU: 55555554 [ 132.846138] Call Trace: [ 132.846414] [ 132.846693] iommufd_ioas_destroy+0x53/0x70 [ 132.847193] iommufd_fops_release+0x1f7/0x370 [ 132.847694] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.848239] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.848778] ? write_comp_data+0x2f/0x90 [ 132.849240] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.849778] __fput+0x26d/0xa40 [ 132.850148] ____fput+0x1e/0x30 [ 132.850542] task_work_run+0x1a4/0x2d0 [ 132.850976] ? __pfx_task_work_run+0x10/0x10 [ 132.851472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.852008] ? switch_task_namespaces+0xa9/0xe0 [ 132.852536] do_exit+0xb17/0x2ef0 [ 132.852914] ? lock_acquire+0x427/0x4c0 [ 132.853352] ? __pfx_lock_release+0x10/0x10 [ 132.853819] ? __kasan_check_write+0x18/0x20 [ 132.854300] ? do_raw_spin_lock+0x132/0x2a0 [ 132.854799] ? __pfx_do_exit+0x10/0x10 [ 132.855256] ? debug_smp_processor_id+0x20/0x30 [ 132.855763] ? rcu_is_watching+0x19/0xb0 [ 132.856202] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.856703] ? trace_hardirqs_on+0x26/0x120 [ 132.857178] do_group_exit+0xe0/0x2b0 [ 132.857592] __x64_sys_exit_group+0x47/0x50 [ 132.858049] do_syscall_64+0x3b/0x90 [ 132.858457] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.859053] RIP: 0033:0x7f4b87518a4d [ 132.859471] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.860132] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.860949] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.861704] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.862453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.863260] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.864019] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.864792] [ 132.865039] irq event stamp: 0 [ 132.865369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.866032] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.866934] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.867836] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.868504] ---[ end trace 0000000000000000 ]--- [ 132.874030] ------------[ cut here ]------------ [ 132.874659] WARNING: CPU: 1 PID: 1237 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.876131] Modules linked in: [ 132.876483] CPU: 1 PID: 1237 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.877670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.878952] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.879513] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.881663] RSP: 0018:ffff888012b07bb8 EFLAGS: 00010246 [ 132.882238] RAX: 0000000000000000 RBX: ffff888015d2e8a8 RCX: 0000000000000000 [ 132.883257] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 132.884029] RBP: ffff888012b07bd0 R08: ffffed1002ba5d33 R09: ffffed1002ba5d33 [ 132.884786] R10: ffff888015d2e993 R11: ffffed1002ba5d32 R12: ffff888010c0bc00 [ 132.885540] R13: ffff888015d2e9e8 R14: ffffffff8352e670 R15: ffff888012b07e68 [ 132.886431] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.887444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.888075] CR2: 00007f4b877410e8 CR3: 000000000f516000 CR4: 0000000000750ee0 [ 132.888842] PKRU: 55555554 [ 132.889150] Call Trace: [ 132.889425] [ 132.889674] __iommufd_access_detach+0x1c2/0x2b0 [ 132.890195] iommufd_access_change_pt+0x149/0x270 [ 132.890758] iommufd_access_replace+0xb4/0x120 [ 132.891273] iommufd_test+0x3e5/0x37e0 [ 132.891692] ? lock_release+0x532/0x770 [ 132.892132] ? __might_fault+0x102/0x1b0 [ 132.892575] ? lock_acquire+0x427/0x4c0 [ 132.893020] ? __pfx_iommufd_test+0x10/0x10 [ 132.893485] ? __pfx_lock_release+0x10/0x10 [ 132.893967] ? __pfx_lock_acquire+0x10/0x10 [ 132.894450] ? write_comp_data+0x2f/0x90 [ 132.894948] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.895487] ? write_comp_data+0x2f/0x90 [ 132.895933] iommufd_fops_ioctl+0x37d/0x510 [ 132.896395] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.896922] ? write_comp_data+0x2f/0x90 [ 132.897370] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 132.897892] __x64_sys_ioctl+0x1a3/0x230 [ 132.898344] do_syscall_64+0x3b/0x90 [ 132.898792] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.899362] RIP: 0033:0x7f4b8743ee5d [ 132.899764] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 132.901713] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 132.902553] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 132.903321] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 132.904053] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 132.904787] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 132.905528] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 132.906269] [ 132.906549] irq event stamp: 0 [ 132.906878] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.907536] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.908399] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.909259] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.909908] ---[ end trace 0000000000000000 ]--- [ 132.913139] ------------[ cut here ]------------ [ 132.913663] WARNING: CPU: 1 PID: 1237 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 132.914791] Modules linked in: [ 132.915145] CPU: 1 PID: 1237 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.916038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.917200] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 132.917733] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 132.919810] RSP: 0018:ffff888012b07bd0 EFLAGS: 00010246 [ 132.920500] RAX: 0000000000000000 RBX: ffff888015d2e8a8 RCX: 0000000000000000 [ 132.921237] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 132.921976] RBP: ffff888012b07be8 R08: ffffed1002ba5d33 R09: ffffed1002ba5d33 [ 132.922738] R10: ffff888015d2e993 R11: ffffed1002ba5d32 R12: ffff88801226fc00 [ 132.923752] R13: ffff888015d2e9e8 R14: ffff8880218ca100 R15: 0000000000000000 [ 132.924493] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.925326] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.925933] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 132.926843] PKRU: 55555554 [ 132.927250] Call Trace: [ 132.927522] [ 132.927769] iommufd_access_destroy_object+0x65/0x170 [ 132.928316] iommufd_object_destroy_user+0x18e/0x220 [ 132.928850] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 132.929460] iommufd_access_destroy+0x43/0x70 [ 132.929944] iommufd_test_staccess_release+0x8d/0xd0 [ 132.930752] __fput+0x26d/0xa40 [ 132.931142] ____fput+0x1e/0x30 [ 132.931501] task_work_run+0x1a4/0x2d0 [ 132.931918] ? __pfx_task_work_run+0x10/0x10 [ 132.932378] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.932895] ? switch_task_namespaces+0xa9/0xe0 [ 132.933394] do_exit+0xb17/0x2ef0 [ 132.933761] ? lock_acquire+0x427/0x4c0 [ 132.934428] ? __pfx_lock_release+0x10/0x10 [ 132.934918] ? __kasan_check_write+0x18/0x20 [ 132.935406] ? do_raw_spin_lock+0x132/0x2a0 [ 132.935868] ? __pfx_do_exit+0x10/0x10 [ 132.936294] ? debug_smp_processor_id+0x20/0x30 [ 132.936856] ? rcu_is_watching+0x19/0xb0 [ 132.937436] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.937917] ? trace_hardirqs_on+0x26/0x120 [ 132.938377] do_group_exit+0xe0/0x2b0 [ 132.938815] __x64_sys_exit_group+0x47/0x50 [ 132.939370] do_syscall_64+0x3b/0x90 [ 132.939901] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.940443] RIP: 0033:0x7f4b87518a4d [ 132.940830] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.941476] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.942532] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.943282] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.944023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.945008] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.945753] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.946506] [ 132.946899] irq event stamp: 0 [ 132.947385] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 132.948042] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 132.948913] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 132.950024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 132.950710] ---[ end trace 0000000000000000 ]--- [ 132.953816] ------------[ cut here ]------------ [ 132.954830] WARNING: CPU: 1 PID: 1237 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 132.956209] Modules linked in: [ 132.956642] CPU: 1 PID: 1237 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 132.958174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 132.959844] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 132.960788] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 132.963472] RSP: 0018:ffff888012b07b78 EFLAGS: 00010246 [ 132.964189] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 132.965242] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 132.966287] RBP: ffff888012b07b98 R08: ffffed1002ba5d3e R09: ffffed1002ba5d3e [ 132.967305] R10: ffff888015d2e9ef R11: ffffed1002ba5d3d R12: ffff888015d2ea90 [ 132.968459] R13: ffff888015d2e8a8 R14: ffffffffffffffff R15: ffff888012b07c60 [ 132.969396] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 132.970622] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.971523] CR2: 00007f82e2b9d000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 132.972460] PKRU: 55555554 [ 132.972839] Call Trace: [ 132.973240] [ 132.973682] iommufd_ioas_destroy+0x53/0x70 [ 132.974275] iommufd_fops_release+0x1f7/0x370 [ 132.974947] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.975633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.976411] ? write_comp_data+0x2f/0x90 [ 132.977092] ? __pfx_iommufd_fops_release+0x10/0x10 [ 132.977758] __fput+0x26d/0xa40 [ 132.978227] ____fput+0x1e/0x30 [ 132.978824] task_work_run+0x1a4/0x2d0 [ 132.979525] ? __pfx_task_work_run+0x10/0x10 [ 132.980127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 132.980783] ? switch_task_namespaces+0xa9/0xe0 [ 132.981465] do_exit+0xb17/0x2ef0 [ 132.982097] ? lock_acquire+0x427/0x4c0 [ 132.982699] ? __pfx_lock_release+0x10/0x10 [ 132.983303] ? __kasan_check_write+0x18/0x20 [ 132.983916] ? do_raw_spin_lock+0x132/0x2a0 [ 132.984619] ? __pfx_do_exit+0x10/0x10 [ 132.985267] ? debug_smp_processor_id+0x20/0x30 [ 132.985909] ? rcu_is_watching+0x19/0xb0 [ 132.986469] ? _raw_spin_unlock_irq+0x2b/0x60 [ 132.987226] ? trace_hardirqs_on+0x26/0x120 [ 132.987955] do_group_exit+0xe0/0x2b0 [ 132.988487] __x64_sys_exit_group+0x47/0x50 [ 132.989094] do_syscall_64+0x3b/0x90 [ 132.989757] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 132.990666] RIP: 0033:0x7f4b87518a4d [ 132.991206] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 132.992039] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 132.993295] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 132.994261] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 132.995424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 132.996502] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 132.997473] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 132.998725] [ 132.999056] irq event stamp: 0 [ 132.999501] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.000355] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.001703] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.002898] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.003810] ---[ end trace 0000000000000000 ]--- [ 133.013097] ------------[ cut here ]------------ [ 133.014032] WARNING: CPU: 1 PID: 1238 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.015491] Modules linked in: [ 133.015942] CPU: 1 PID: 1238 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.017354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.018974] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.019795] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.022472] RSP: 0018:ffff888011cb7bb8 EFLAGS: 00010246 [ 133.023282] RAX: 0000000000000000 RBX: ffff888023f0d0a8 RCX: 0000000000000000 [ 133.024252] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 133.025420] RBP: ffff888011cb7bd0 R08: ffffed10047e1a33 R09: ffffed10047e1a33 [ 133.026387] R10: ffff888023f0d193 R11: ffffed10047e1a32 R12: ffff888013b17000 [ 133.027668] R13: ffff888023f0d1e8 R14: ffffffff8352e670 R15: ffff888011cb7e68 [ 133.028644] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.029757] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.030778] CR2: 00007f4b877410e8 CR3: 000000000f516000 CR4: 0000000000750ee0 [ 133.031761] PKRU: 55555554 [ 133.032151] Call Trace: [ 133.032546] [ 133.033010] __iommufd_access_detach+0x1c2/0x2b0 [ 133.033689] iommufd_access_change_pt+0x149/0x270 [ 133.034365] iommufd_access_replace+0xb4/0x120 [ 133.035232] iommufd_test+0x3e5/0x37e0 [ 133.035786] ? lock_release+0x532/0x770 [ 133.036353] ? __might_fault+0x102/0x1b0 [ 133.036922] ? lock_acquire+0x427/0x4c0 [ 133.037487] ? __pfx_iommufd_test+0x10/0x10 [ 133.038262] ? __pfx_lock_release+0x10/0x10 [ 133.038929] ? __pfx_lock_acquire+0x10/0x10 [ 133.039559] ? write_comp_data+0x2f/0x90 [ 133.040143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.041037] ? write_comp_data+0x2f/0x90 [ 133.041611] iommufd_fops_ioctl+0x37d/0x510 [ 133.042215] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.042995] ? write_comp_data+0x2f/0x90 [ 133.043733] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.044403] __x64_sys_ioctl+0x1a3/0x230 [ 133.044982] do_syscall_64+0x3b/0x90 [ 133.045510] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.046445] RIP: 0033:0x7f4b8743ee5d [ 133.047022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 133.049721] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 133.050858] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 133.052068] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 133.053034] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 133.054207] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 133.055242] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 133.056235] [ 133.056565] irq event stamp: 0 [ 133.057214] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.058070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.059347] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.060608] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.061462] ---[ end trace 0000000000000000 ]--- [ 133.067334] ------------[ cut here ]------------ [ 133.068012] WARNING: CPU: 1 PID: 1238 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.069648] Modules linked in: [ 133.070090] CPU: 1 PID: 1238 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.071448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.073136] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.073863] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.076727] RSP: 0018:ffff888011cb7bd0 EFLAGS: 00010246 [ 133.077456] RAX: 0000000000000000 RBX: ffff888023f0d0a8 RCX: 0000000000000000 [ 133.078415] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 133.079617] RBP: ffff888011cb7be8 R08: ffffed10047e1a33 R09: ffffed10047e1a33 [ 133.080599] R10: ffff888023f0d193 R11: ffffed10047e1a32 R12: ffff888010c09800 [ 133.081797] R13: ffff888023f0d1e8 R14: ffff888013d36400 R15: 0000000000000000 [ 133.082819] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.084157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.084954] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 133.085984] PKRU: 55555554 [ 133.086568] Call Trace: [ 133.086930] [ 133.087265] iommufd_access_destroy_object+0x65/0x170 [ 133.087992] iommufd_object_destroy_user+0x18e/0x220 [ 133.088941] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 133.089743] iommufd_access_destroy+0x43/0x70 [ 133.090366] iommufd_test_staccess_release+0x8d/0xd0 [ 133.091338] __fput+0x26d/0xa40 [ 133.091822] ____fput+0x1e/0x30 [ 133.092285] task_work_run+0x1a4/0x2d0 [ 133.092824] ? __pfx_task_work_run+0x10/0x10 [ 133.093658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.094336] ? switch_task_namespaces+0xa9/0xe0 [ 133.095052] do_exit+0xb17/0x2ef0 [ 133.095600] ? lock_acquire+0x427/0x4c0 [ 133.096283] ? __pfx_lock_release+0x10/0x10 [ 133.096876] ? __kasan_check_write+0x18/0x20 [ 133.097480] ? do_raw_spin_lock+0x132/0x2a0 [ 133.098266] ? __pfx_do_exit+0x10/0x10 [ 133.098856] ? debug_smp_processor_id+0x20/0x30 [ 133.099502] ? rcu_is_watching+0x19/0xb0 [ 133.100054] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.100907] ? trace_hardirqs_on+0x26/0x120 [ 133.101501] do_group_exit+0xe0/0x2b0 [ 133.102020] __x64_sys_exit_group+0x47/0x50 [ 133.102648] do_syscall_64+0x3b/0x90 [ 133.103410] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.104115] RIP: 0033:0x7f4b87518a4d [ 133.104615] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.105651] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.106703] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.107698] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.108817] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.109762] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.110952] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.111927] [ 133.112259] irq event stamp: 0 [ 133.112785] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.113731] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.114880] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.116220] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.117067] ---[ end trace 0000000000000000 ]--- [ 133.122869] ------------[ cut here ]------------ [ 133.123638] WARNING: CPU: 1 PID: 1238 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 133.125234] Modules linked in: [ 133.125687] CPU: 1 PID: 1238 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.127008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.128672] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 133.129579] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 133.132281] RSP: 0018:ffff888011cb7b78 EFLAGS: 00010246 [ 133.133004] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 133.134066] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 133.135216] RBP: ffff888011cb7b98 R08: ffffed10047e1a3e R09: ffffed10047e1a3e [ 133.136178] R10: ffff888023f0d1ef R11: ffffed10047e1a3d R12: ffff888023f0d290 [ 133.137294] R13: ffff888023f0d0a8 R14: ffffffffffffffff R15: ffff888011cb7c60 [ 133.138254] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.139628] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.140422] CR2: 00007f82e2ba7000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 133.141635] PKRU: 55555554 [ 133.142029] Call Trace: [ 133.142384] [ 133.142777] iommufd_ioas_destroy+0x53/0x70 [ 133.143422] iommufd_fops_release+0x1f7/0x370 [ 133.144058] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.144961] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.145657] ? write_comp_data+0x2f/0x90 [ 133.146249] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.147265] __fput+0x26d/0xa40 [ 133.147758] ____fput+0x1e/0x30 [ 133.148238] task_work_run+0x1a4/0x2d0 [ 133.148787] ? __pfx_task_work_run+0x10/0x10 [ 133.149639] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.150324] ? switch_task_namespaces+0xa9/0xe0 [ 133.151055] do_exit+0xb17/0x2ef0 [ 133.151591] ? lock_acquire+0x427/0x4c0 [ 133.152373] ? __pfx_lock_release+0x10/0x10 [ 133.152980] ? __kasan_check_write+0x18/0x20 [ 133.153600] ? do_raw_spin_lock+0x132/0x2a0 [ 133.154323] ? __pfx_do_exit+0x10/0x10 [ 133.155060] ? debug_smp_processor_id+0x20/0x30 [ 133.155732] ? rcu_is_watching+0x19/0xb0 [ 133.156308] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.157065] ? trace_hardirqs_on+0x26/0x120 [ 133.157710] do_group_exit+0xe0/0x2b0 [ 133.158239] __x64_sys_exit_group+0x47/0x50 [ 133.158888] do_syscall_64+0x3b/0x90 [ 133.159569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.160266] RIP: 0033:0x7f4b87518a4d [ 133.160765] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.161691] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.162856] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.163830] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.164972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.165907] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.167140] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.168130] [ 133.168461] irq event stamp: 0 [ 133.168947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.169895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.171100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.172301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.173133] ---[ end trace 0000000000000000 ]--- [ 133.180304] ------------[ cut here ]------------ [ 133.180798] WARNING: CPU: 1 PID: 1239 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.181848] Modules linked in: [ 133.182228] CPU: 1 PID: 1239 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.183088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.184251] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.184772] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.186703] RSP: 0018:ffff888012b07bb8 EFLAGS: 00010246 [ 133.187222] RAX: 0000000000000000 RBX: ffff8880147000a8 RCX: 0000000000000000 [ 133.187901] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 133.188716] RBP: ffff888012b07bd0 R08: ffffed10028e0033 R09: ffffed10028e0033 [ 133.189395] R10: ffff888014700193 R11: ffffed10028e0032 R12: ffff88801890fc00 [ 133.190065] R13: ffff8880147001e8 R14: ffffffff8352e670 R15: ffff888012b07e68 [ 133.190926] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.191709] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.192266] CR2: 00007f4b877410e8 CR3: 000000000f516000 CR4: 0000000000750ee0 [ 133.192983] PKRU: 55555554 [ 133.193383] Call Trace: [ 133.193630] [ 133.193848] __iommufd_access_detach+0x1c2/0x2b0 [ 133.194317] iommufd_access_change_pt+0x149/0x270 [ 133.194825] iommufd_access_replace+0xb4/0x120 [ 133.195291] iommufd_test+0x3e5/0x37e0 [ 133.195771] ? lock_release+0x532/0x770 [ 133.196243] ? __might_fault+0x102/0x1b0 [ 133.196639] ? lock_acquire+0x427/0x4c0 [ 133.197026] ? __pfx_iommufd_test+0x10/0x10 [ 133.197433] ? __pfx_lock_release+0x10/0x10 [ 133.198009] ? __pfx_lock_acquire+0x10/0x10 [ 133.198439] ? write_comp_data+0x2f/0x90 [ 133.198874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.199354] ? write_comp_data+0x2f/0x90 [ 133.199755] iommufd_fops_ioctl+0x37d/0x510 [ 133.200253] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.200800] ? write_comp_data+0x2f/0x90 [ 133.201204] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.201666] __x64_sys_ioctl+0x1a3/0x230 [ 133.202071] do_syscall_64+0x3b/0x90 [ 133.202655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.203173] RIP: 0033:0x7f4b8743ee5d [ 133.203530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 133.205419] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 133.206144] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 133.206895] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 133.207658] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 133.208320] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 133.208979] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 133.209823] [ 133.210046] irq event stamp: 0 [ 133.210341] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.210953] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.211837] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.212672] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.213261] ---[ end trace 0000000000000000 ]--- [ 133.216701] ------------[ cut here ]------------ [ 133.217190] WARNING: CPU: 1 PID: 1239 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.218302] Modules linked in: [ 133.218641] CPU: 1 PID: 1239 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.219468] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.220699] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.221165] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.223067] RSP: 0018:ffff888012b07bd0 EFLAGS: 00010246 [ 133.223581] RAX: 0000000000000000 RBX: ffff8880147000a8 RCX: 0000000000000000 [ 133.224249] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 133.225096] RBP: ffff888012b07be8 R08: ffffed10028e0033 R09: ffffed10028e0033 [ 133.225758] R10: ffff888014700193 R11: ffffed10028e0032 R12: ffff888013b14000 [ 133.226418] R13: ffff8880147001e8 R14: ffff888012fbc400 R15: 0000000000000000 [ 133.227282] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.228039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.228584] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 133.229377] PKRU: 55555554 [ 133.229717] Call Trace: [ 133.229958] [ 133.230169] iommufd_access_destroy_object+0x65/0x170 [ 133.230698] iommufd_object_destroy_user+0x18e/0x220 [ 133.231198] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 133.231917] iommufd_access_destroy+0x43/0x70 [ 133.232352] iommufd_test_staccess_release+0x8d/0xd0 [ 133.232836] __fput+0x26d/0xa40 [ 133.233167] ____fput+0x1e/0x30 [ 133.233487] task_work_run+0x1a4/0x2d0 [ 133.234001] ? __pfx_task_work_run+0x10/0x10 [ 133.234416] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.234906] ? switch_task_namespaces+0xa9/0xe0 [ 133.235368] do_exit+0xb17/0x2ef0 [ 133.235700] ? lock_acquire+0x427/0x4c0 [ 133.236177] ? __pfx_lock_release+0x10/0x10 [ 133.236680] ? __kasan_check_write+0x18/0x20 [ 133.237097] ? do_raw_spin_lock+0x132/0x2a0 [ 133.237498] ? __pfx_do_exit+0x10/0x10 [ 133.237868] ? debug_smp_processor_id+0x20/0x30 [ 133.238469] ? rcu_is_watching+0x19/0xb0 [ 133.238879] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.239322] ? trace_hardirqs_on+0x26/0x120 [ 133.239734] do_group_exit+0xe0/0x2b0 [ 133.240093] __x64_sys_exit_group+0x47/0x50 [ 133.240591] do_syscall_64+0x3b/0x90 [ 133.241033] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.241524] RIP: 0033:0x7f4b87518a4d [ 133.241879] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.242532] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.243345] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.244007] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.244670] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.245469] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.246135] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.246918] [ 133.247237] irq event stamp: 0 [ 133.247534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.248129] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.248907] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.249858] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.250443] ---[ end trace 0000000000000000 ]--- [ 133.251333] ------------[ cut here ]------------ [ 133.251938] WARNING: CPU: 1 PID: 1239 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 133.252903] Modules linked in: [ 133.253205] CPU: 1 PID: 1239 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.254192] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.255332] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 133.255820] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 133.257692] RSP: 0018:ffff888012b07b78 EFLAGS: 00010246 [ 133.258194] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 133.259053] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 133.259734] RBP: ffff888012b07b98 R08: ffffed10028e003e R09: ffffed10028e003e [ 133.260402] R10: ffff8880147001ef R11: ffffed10028e003d R12: ffff888014700290 [ 133.261250] R13: ffff8880147000a8 R14: ffffffffffffffff R15: ffff888012b07c60 [ 133.261914] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.262701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.263387] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 133.264061] PKRU: 55555554 [ 133.264330] Call Trace: [ 133.264569] [ 133.264782] iommufd_ioas_destroy+0x53/0x70 [ 133.265296] iommufd_fops_release+0x1f7/0x370 [ 133.265789] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.266263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.266764] ? write_comp_data+0x2f/0x90 [ 133.267171] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.267740] __fput+0x26d/0xa40 [ 133.268149] ____fput+0x1e/0x30 [ 133.268472] task_work_run+0x1a4/0x2d0 [ 133.268850] ? __pfx_task_work_run+0x10/0x10 [ 133.269269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.269824] ? switch_task_namespaces+0xa9/0xe0 [ 133.270304] do_exit+0xb17/0x2ef0 [ 133.270657] ? lock_acquire+0x427/0x4c0 [ 133.271042] ? __pfx_lock_release+0x10/0x10 [ 133.271474] ? __kasan_check_write+0x18/0x20 [ 133.271895] ? do_raw_spin_lock+0x132/0x2a0 [ 133.272432] ? __pfx_do_exit+0x10/0x10 [ 133.272808] ? debug_smp_processor_id+0x20/0x30 [ 133.273246] ? rcu_is_watching+0x19/0xb0 [ 133.273627] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.274175] ? trace_hardirqs_on+0x26/0x120 [ 133.274620] do_group_exit+0xe0/0x2b0 [ 133.274987] __x64_sys_exit_group+0x47/0x50 [ 133.275401] do_syscall_64+0x3b/0x90 [ 133.275762] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.276274] RIP: 0033:0x7f4b87518a4d [ 133.276765] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.277345] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.278052] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.278906] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.279591] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.280255] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.281018] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.281754] [ 133.281972] irq event stamp: 0 [ 133.282266] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.282934] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.283808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.284593] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.285205] ---[ end trace 0000000000000000 ]--- [ 133.290149] ------------[ cut here ]------------ [ 133.290771] WARNING: CPU: 1 PID: 1240 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.291736] Modules linked in: [ 133.292038] CPU: 1 PID: 1240 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.293028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.294072] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.294655] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.296460] RSP: 0018:ffff8880167c7bb8 EFLAGS: 00010246 [ 133.297133] RAX: 0000000000000000 RBX: ffff888020c9b0a8 RCX: 0000000000000000 [ 133.297797] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 133.298462] RBP: ffff8880167c7bd0 R08: ffffed1004193633 R09: ffffed1004193633 [ 133.299336] R10: ffff888020c9b193 R11: ffffed1004193632 R12: ffff888013b20c00 [ 133.300009] R13: ffff888020c9b1e8 R14: ffffffff8352e670 R15: ffff8880167c7e68 [ 133.300672] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.301602] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.302148] CR2: 0000000020000140 CR3: 0000000020fee000 CR4: 0000000000750ee0 [ 133.302841] PKRU: 55555554 [ 133.303172] Call Trace: [ 133.303526] [ 133.303745] __iommufd_access_detach+0x1c2/0x2b0 [ 133.304206] iommufd_access_change_pt+0x149/0x270 [ 133.304667] iommufd_access_replace+0xb4/0x120 [ 133.305109] iommufd_test+0x3e5/0x37e0 [ 133.305640] ? lock_release+0x532/0x770 [ 133.306023] ? __might_fault+0x102/0x1b0 [ 133.306419] ? lock_acquire+0x427/0x4c0 [ 133.306836] ? __pfx_iommufd_test+0x10/0x10 [ 133.307255] ? __pfx_lock_release+0x10/0x10 [ 133.307838] ? __pfx_lock_acquire+0x10/0x10 [ 133.308260] ? write_comp_data+0x2f/0x90 [ 133.308656] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.309130] ? write_comp_data+0x2f/0x90 [ 133.309566] iommufd_fops_ioctl+0x37d/0x510 [ 133.310092] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.310580] ? write_comp_data+0x2f/0x90 [ 133.310975] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.311443] __x64_sys_ioctl+0x1a3/0x230 [ 133.311838] do_syscall_64+0x3b/0x90 [ 133.312198] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.312701] RIP: 0033:0x7f4b8743ee5d [ 133.313150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 133.314978] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 133.315849] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 133.316509] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 133.317170] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 133.318008] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 133.318694] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 133.319380] [ 133.319602] irq event stamp: 0 [ 133.319963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.320648] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.321422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.322233] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.322883] ---[ end trace 0000000000000000 ]--- [ 133.325882] ------------[ cut here ]------------ [ 133.326409] WARNING: CPU: 1 PID: 1240 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.327412] Modules linked in: [ 133.327698] CPU: 1 PID: 1240 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.328501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.329595] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.330040] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.331831] RSP: 0018:ffff8880167c7bd0 EFLAGS: 00010246 [ 133.332301] RAX: 0000000000000000 RBX: ffff888020c9b0a8 RCX: 0000000000000000 [ 133.333005] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 133.333691] RBP: ffff8880167c7be8 R08: ffffed1004193633 R09: ffffed1004193633 [ 133.334314] R10: ffff888020c9b193 R11: ffffed1004193632 R12: ffff88801890e000 [ 133.335056] R13: ffff888020c9b1e8 R14: ffff888020982700 R15: 0000000000000000 [ 133.335745] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.336453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.336964] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 133.337736] PKRU: 55555554 [ 133.337986] Call Trace: [ 133.338213] [ 133.338416] iommufd_access_destroy_object+0x65/0x170 [ 133.338901] iommufd_object_destroy_user+0x18e/0x220 [ 133.339372] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 133.340053] iommufd_access_destroy+0x43/0x70 [ 133.340464] iommufd_test_staccess_release+0x8d/0xd0 [ 133.340923] __fput+0x26d/0xa40 [ 133.341238] ____fput+0x1e/0x30 [ 133.341549] task_work_run+0x1a4/0x2d0 [ 133.342024] ? __pfx_task_work_run+0x10/0x10 [ 133.342429] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.342897] ? switch_task_namespaces+0xa9/0xe0 [ 133.343334] do_exit+0xb17/0x2ef0 [ 133.343644] ? lock_acquire+0x427/0x4c0 [ 133.344061] ? __pfx_lock_release+0x10/0x10 [ 133.344511] ? __kasan_check_write+0x18/0x20 [ 133.344909] ? do_raw_spin_lock+0x132/0x2a0 [ 133.345294] ? __pfx_do_exit+0x10/0x10 [ 133.345650] ? debug_smp_processor_id+0x20/0x30 [ 133.346151] ? rcu_is_watching+0x19/0xb0 [ 133.346610] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.347019] ? trace_hardirqs_on+0x26/0x120 [ 133.347417] do_group_exit+0xe0/0x2b0 [ 133.347760] __x64_sys_exit_group+0x47/0x50 [ 133.348141] do_syscall_64+0x3b/0x90 [ 133.348571] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.349055] RIP: 0033:0x7f4b87518a4d [ 133.349381] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.349924] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.350754] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.351395] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.352023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.352657] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.353436] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.354068] [ 133.354279] irq event stamp: 0 [ 133.354585] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.355239] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.356057] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.356796] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.357506] ---[ end trace 0000000000000000 ]--- [ 133.358301] ------------[ cut here ]------------ [ 133.358758] WARNING: CPU: 1 PID: 1240 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 133.359818] Modules linked in: [ 133.360107] CPU: 1 PID: 1240 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.360878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.362019] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 133.362484] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 133.364280] RSP: 0018:ffff8880167c7b78 EFLAGS: 00010246 [ 133.364754] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 133.365381] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 133.366160] RBP: ffff8880167c7b98 R08: ffffed100419363e R09: ffffed100419363e [ 133.366809] R10: ffff888020c9b1ef R11: ffffed100419363d R12: ffff888020c9b290 [ 133.367444] R13: ffff888020c9b0a8 R14: ffffffffffffffff R15: ffff8880167c7c60 [ 133.368140] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.368916] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.369430] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 133.370101] PKRU: 55555554 [ 133.370443] Call Trace: [ 133.370700] [ 133.370905] iommufd_ioas_destroy+0x53/0x70 [ 133.371331] iommufd_fops_release+0x1f7/0x370 [ 133.371737] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.372184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.372765] ? write_comp_data+0x2f/0x90 [ 133.373138] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.373585] __fput+0x26d/0xa40 [ 133.373896] ____fput+0x1e/0x30 [ 133.374199] task_work_run+0x1a4/0x2d0 [ 133.374667] ? __pfx_task_work_run+0x10/0x10 [ 133.375077] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.375526] ? switch_task_namespaces+0xa9/0xe0 [ 133.375956] do_exit+0xb17/0x2ef0 [ 133.376270] ? lock_acquire+0x427/0x4c0 [ 133.376627] ? __pfx_lock_release+0x10/0x10 [ 133.377148] ? __kasan_check_write+0x18/0x20 [ 133.377537] ? do_raw_spin_lock+0x132/0x2a0 [ 133.377914] ? __pfx_do_exit+0x10/0x10 [ 133.378263] ? debug_smp_processor_id+0x20/0x30 [ 133.378713] ? rcu_is_watching+0x19/0xb0 [ 133.379182] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.379590] ? trace_hardirqs_on+0x26/0x120 [ 133.379979] do_group_exit+0xe0/0x2b0 [ 133.380315] __x64_sys_exit_group+0x47/0x50 [ 133.380691] do_syscall_64+0x3b/0x90 [ 133.381048] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.381636] RIP: 0033:0x7f4b87518a4d [ 133.381964] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.382500] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.383228] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.384005] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.384625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.385261] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.386025] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.386684] [ 133.386892] irq event stamp: 0 [ 133.387181] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.387740] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.388639] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.389369] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.389972] ---[ end trace 0000000000000000 ]--- [ 133.394925] ------------[ cut here ]------------ [ 133.395410] WARNING: CPU: 1 PID: 1241 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.396392] Modules linked in: [ 133.396676] CPU: 1 PID: 1241 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.397549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.398692] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.399134] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.400901] RSP: 0018:ffff8880178cfbb8 EFLAGS: 00010246 [ 133.401367] RAX: 0000000000000000 RBX: ffff88801724d0a8 RCX: 0000000000000000 [ 133.402068] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 133.402809] RBP: ffff8880178cfbd0 R08: ffffed1002e49a33 R09: ffffed1002e49a33 [ 133.403445] R10: ffff88801724d193 R11: ffffed1002e49a32 R12: ffff88800fcb1800 [ 133.404062] R13: ffff88801724d1e8 R14: ffffffff8352e670 R15: ffff8880178cfe68 [ 133.404848] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.405551] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.406061] CR2: 0000000020000140 CR3: 0000000020fec000 CR4: 0000000000750ee0 [ 133.406873] PKRU: 55555554 [ 133.407135] Call Trace: [ 133.407358] [ 133.407558] __iommufd_access_detach+0x1c2/0x2b0 [ 133.407989] iommufd_access_change_pt+0x149/0x270 [ 133.408445] iommufd_access_replace+0xb4/0x120 [ 133.408979] iommufd_test+0x3e5/0x37e0 [ 133.409326] ? lock_release+0x532/0x770 [ 133.409686] ? __might_fault+0x102/0x1b0 [ 133.410046] ? lock_acquire+0x427/0x4c0 [ 133.410405] ? __pfx_iommufd_test+0x10/0x10 [ 133.410945] ? __pfx_lock_release+0x10/0x10 [ 133.411356] ? __pfx_lock_acquire+0x10/0x10 [ 133.411759] ? write_comp_data+0x2f/0x90 [ 133.412127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.412562] ? write_comp_data+0x2f/0x90 [ 133.412976] iommufd_fops_ioctl+0x37d/0x510 [ 133.413470] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.413907] ? write_comp_data+0x2f/0x90 [ 133.414283] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.414744] __x64_sys_ioctl+0x1a3/0x230 [ 133.415119] do_syscall_64+0x3b/0x90 [ 133.415545] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.416099] RIP: 0033:0x7f4b8743ee5d [ 133.416430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 133.418187] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 133.418887] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 133.419526] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 133.420322] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 133.420941] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 133.421561] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 133.422355] [ 133.422587] irq event stamp: 0 [ 133.422865] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.423431] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.424224] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.425040] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.425592] ---[ end trace 0000000000000000 ]--- [ 133.428582] ------------[ cut here ]------------ [ 133.429084] WARNING: CPU: 1 PID: 1241 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.429965] Modules linked in: [ 133.430249] CPU: 1 PID: 1241 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.431195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.432179] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.432618] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.434341] RSP: 0018:ffff8880178cfbd0 EFLAGS: 00010246 [ 133.434962] RAX: 0000000000000000 RBX: ffff88801724d0a8 RCX: 0000000000000000 [ 133.435599] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 133.436224] RBP: ffff8880178cfbe8 R08: ffffed1002e49a33 R09: ffffed1002e49a33 [ 133.436861] R10: ffff88801724d193 R11: ffffed1002e49a32 R12: ffff888013b22400 [ 133.437601] R13: ffff88801724d1e8 R14: ffff88800b874100 R15: 0000000000000000 [ 133.438225] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.438995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.439597] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 133.440226] PKRU: 55555554 [ 133.440477] Call Trace: [ 133.440701] [ 133.440906] iommufd_access_destroy_object+0x65/0x170 [ 133.441464] iommufd_object_destroy_user+0x18e/0x220 [ 133.441973] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 133.442490] iommufd_access_destroy+0x43/0x70 [ 133.442933] iommufd_test_staccess_release+0x8d/0xd0 [ 133.443407] __fput+0x26d/0xa40 [ 133.443801] ____fput+0x1e/0x30 [ 133.444165] task_work_run+0x1a4/0x2d0 [ 133.444516] ? __pfx_task_work_run+0x10/0x10 [ 133.444910] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.445343] ? switch_task_namespaces+0xa9/0xe0 [ 133.445839] do_exit+0xb17/0x2ef0 [ 133.446181] ? lock_acquire+0x427/0x4c0 [ 133.446576] ? __pfx_lock_release+0x10/0x10 [ 133.446966] ? __kasan_check_write+0x18/0x20 [ 133.447368] ? do_raw_spin_lock+0x132/0x2a0 [ 133.447748] ? __pfx_do_exit+0x10/0x10 [ 133.448188] ? debug_smp_processor_id+0x20/0x30 [ 133.448662] ? rcu_is_watching+0x19/0xb0 [ 133.449027] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.449435] ? trace_hardirqs_on+0x26/0x120 [ 133.449835] do_group_exit+0xe0/0x2b0 [ 133.450300] __x64_sys_exit_group+0x47/0x50 [ 133.450802] do_syscall_64+0x3b/0x90 [ 133.451166] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.451661] RIP: 0033:0x7f4b87518a4d [ 133.452006] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.452585] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.453480] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.454138] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.454823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.455688] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.456352] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.457024] [ 133.457246] irq event stamp: 0 [ 133.457635] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.458287] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.459097] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.459921] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.460601] ---[ end trace 0000000000000000 ]--- [ 133.461412] ------------[ cut here ]------------ [ 133.461875] WARNING: CPU: 1 PID: 1241 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 133.462999] Modules linked in: [ 133.463315] CPU: 1 PID: 1241 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.464119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.465329] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 133.465811] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 133.467715] RSP: 0018:ffff8880178cfb78 EFLAGS: 00010246 [ 133.468213] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 133.468872] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 133.469708] RBP: ffff8880178cfb98 R08: ffffed1002e49a3e R09: ffffed1002e49a3e [ 133.470362] R10: ffff88801724d1ef R11: ffffed1002e49a3d R12: ffff88801724d290 [ 133.471054] R13: ffff88801724d0a8 R14: ffffffffffffffff R15: ffff8880178cfc60 [ 133.471822] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.472636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.473176] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 133.473938] PKRU: 55555554 [ 133.474273] Call Trace: [ 133.474547] [ 133.474759] iommufd_ioas_destroy+0x53/0x70 [ 133.475187] iommufd_fops_release+0x1f7/0x370 [ 133.475610] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.476075] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.476680] ? write_comp_data+0x2f/0x90 [ 133.477066] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.477534] __fput+0x26d/0xa40 [ 133.477852] ____fput+0x1e/0x30 [ 133.478177] task_work_run+0x1a4/0x2d0 [ 133.478741] ? __pfx_task_work_run+0x10/0x10 [ 133.479166] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.479623] ? switch_task_namespaces+0xa9/0xe0 [ 133.480066] do_exit+0xb17/0x2ef0 [ 133.480385] ? lock_acquire+0x427/0x4c0 [ 133.480789] ? __pfx_lock_release+0x10/0x10 [ 133.481317] ? __kasan_check_write+0x18/0x20 [ 133.481734] ? do_raw_spin_lock+0x132/0x2a0 [ 133.482144] ? __pfx_do_exit+0x10/0x10 [ 133.482556] ? debug_smp_processor_id+0x20/0x30 [ 133.483000] ? rcu_is_watching+0x19/0xb0 [ 133.483492] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.483996] ? trace_hardirqs_on+0x26/0x120 [ 133.484403] do_group_exit+0xe0/0x2b0 [ 133.484764] __x64_sys_exit_group+0x47/0x50 [ 133.485165] do_syscall_64+0x3b/0x90 [ 133.485633] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.486190] RIP: 0033:0x7f4b87518a4d [ 133.486566] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.487135] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.487888] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.488662] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.489320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.490044] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.490813] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.491492] [ 133.491711] irq event stamp: 0 [ 133.492004] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.492718] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.493504] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.494271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.495050] ---[ end trace 0000000000000000 ]--- [ 133.500830] ------------[ cut here ]------------ [ 133.501319] WARNING: CPU: 1 PID: 1242 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.502450] Modules linked in: [ 133.502794] CPU: 1 PID: 1242 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.503608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.504815] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.505280] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.507206] RSP: 0018:ffff888018ac7bb8 EFLAGS: 00010246 [ 133.507716] RAX: 0000000000000000 RBX: ffff888016ec78a8 RCX: 0000000000000000 [ 133.508373] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 133.509124] RBP: ffff888018ac7bd0 R08: ffffed1002dd8f33 R09: ffffed1002dd8f33 [ 133.509878] R10: ffff888016ec7993 R11: ffffed1002dd8f32 R12: ffff88800f796400 [ 133.510572] R13: ffff888016ec79e8 R14: ffffffff8352e670 R15: ffff888018ac7e68 [ 133.511246] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.512184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.512740] CR2: 0000000020000140 CR3: 0000000012c04000 CR4: 0000000000750ee0 [ 133.513425] PKRU: 55555554 [ 133.513780] Call Trace: [ 133.514126] [ 133.514348] __iommufd_access_detach+0x1c2/0x2b0 [ 133.514845] iommufd_access_change_pt+0x149/0x270 [ 133.515331] iommufd_access_replace+0xb4/0x120 [ 133.515779] iommufd_test+0x3e5/0x37e0 [ 133.516176] ? lock_release+0x532/0x770 [ 133.516711] ? __might_fault+0x102/0x1b0 [ 133.517104] ? lock_acquire+0x427/0x4c0 [ 133.517500] ? __pfx_iommufd_test+0x10/0x10 [ 133.517911] ? __pfx_lock_release+0x10/0x10 [ 133.518374] ? __pfx_lock_acquire+0x10/0x10 [ 133.518940] ? write_comp_data+0x2f/0x90 [ 133.519363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.519832] ? write_comp_data+0x2f/0x90 [ 133.520232] iommufd_fops_ioctl+0x37d/0x510 [ 133.520666] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.521291] ? write_comp_data+0x2f/0x90 [ 133.521819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.522334] __x64_sys_ioctl+0x1a3/0x230 [ 133.522808] do_syscall_64+0x3b/0x90 [ 133.523218] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.523769] RIP: 0033:0x7f4b8743ee5d [ 133.524274] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 133.526230] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 133.527278] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 133.528011] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 133.528742] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 133.529704] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 133.530444] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 133.531247] [ 133.531500] irq event stamp: 0 [ 133.531945] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.532699] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.533553] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.534675] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.535339] ---[ end trace 0000000000000000 ]--- [ 133.538638] ------------[ cut here ]------------ [ 133.539252] WARNING: CPU: 1 PID: 1242 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.540387] Modules linked in: [ 133.540719] CPU: 1 PID: 1242 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.541665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.543039] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.543575] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.545643] RSP: 0018:ffff888018ac7bd0 EFLAGS: 00010246 [ 133.546200] RAX: 0000000000000000 RBX: ffff888016ec78a8 RCX: 0000000000000000 [ 133.547086] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 133.547919] RBP: ffff888018ac7be8 R08: ffffed1002dd8f33 R09: ffffed1002dd8f33 [ 133.548668] R10: ffff888016ec7993 R11: ffffed1002dd8f32 R12: ffff88800fcb0800 [ 133.549446] R13: ffff888016ec79e8 R14: ffff888020a38b00 R15: 0000000000000000 [ 133.550389] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.551314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.551950] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 133.552938] PKRU: 55555554 [ 133.553248] Call Trace: [ 133.553526] [ 133.553765] iommufd_access_destroy_object+0x65/0x170 [ 133.554317] iommufd_object_destroy_user+0x18e/0x220 [ 133.555035] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 133.555796] iommufd_access_destroy+0x43/0x70 [ 133.556288] iommufd_test_staccess_release+0x8d/0xd0 [ 133.556842] __fput+0x26d/0xa40 [ 133.557214] ____fput+0x1e/0x30 [ 133.557591] task_work_run+0x1a4/0x2d0 [ 133.558252] ? __pfx_task_work_run+0x10/0x10 [ 133.558769] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.559307] ? switch_task_namespaces+0xa9/0xe0 [ 133.559813] do_exit+0xb17/0x2ef0 [ 133.560190] ? lock_acquire+0x427/0x4c0 [ 133.560725] ? __pfx_lock_release+0x10/0x10 [ 133.561316] ? __kasan_check_write+0x18/0x20 [ 133.561792] ? do_raw_spin_lock+0x132/0x2a0 [ 133.562246] ? __pfx_do_exit+0x10/0x10 [ 133.562708] ? debug_smp_processor_id+0x20/0x30 [ 133.563239] ? rcu_is_watching+0x19/0xb0 [ 133.563864] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.564351] ? trace_hardirqs_on+0x26/0x120 [ 133.564828] do_group_exit+0xe0/0x2b0 [ 133.565250] __x64_sys_exit_group+0x47/0x50 [ 133.565712] do_syscall_64+0x3b/0x90 [ 133.566159] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.566924] RIP: 0033:0x7f4b87518a4d [ 133.567351] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.568003] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.568807] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.569807] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.570616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.571412] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.572300] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.573162] [ 133.573412] irq event stamp: 0 [ 133.573747] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.574435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.575573] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.576460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.577119] ---[ end trace 0000000000000000 ]--- [ 133.578257] ------------[ cut here ]------------ [ 133.578808] WARNING: CPU: 1 PID: 1242 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 133.579904] Modules linked in: [ 133.580305] CPU: 1 PID: 1242 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.581404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.582635] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 133.583321] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 133.585380] RSP: 0018:ffff888018ac7b78 EFLAGS: 00010246 [ 133.586189] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 133.586989] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 133.587767] RBP: ffff888018ac7b98 R08: ffffed1002dd8f3e R09: ffffed1002dd8f3e [ 133.588594] R10: ffff888016ec79ef R11: ffffed1002dd8f3d R12: ffff888016ec7a90 [ 133.589474] R13: ffff888016ec78a8 R14: ffffffffffffffff R15: ffff888018ac7c60 [ 133.590236] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.591280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.592002] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 133.592765] PKRU: 55555554 [ 133.593062] Call Trace: [ 133.593334] [ 133.593575] iommufd_ioas_destroy+0x53/0x70 [ 133.594236] iommufd_fops_release+0x1f7/0x370 [ 133.594756] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.595300] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.595823] ? write_comp_data+0x2f/0x90 [ 133.596268] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.597014] __fput+0x26d/0xa40 [ 133.597395] ____fput+0x1e/0x30 [ 133.597753] task_work_run+0x1a4/0x2d0 [ 133.598175] ? __pfx_task_work_run+0x10/0x10 [ 133.598675] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.599213] ? switch_task_namespaces+0xa9/0xe0 [ 133.599950] do_exit+0xb17/0x2ef0 [ 133.600324] ? lock_acquire+0x427/0x4c0 [ 133.600756] ? __pfx_lock_release+0x10/0x10 [ 133.601213] ? __kasan_check_write+0x18/0x20 [ 133.601681] ? do_raw_spin_lock+0x132/0x2a0 [ 133.602379] ? __pfx_do_exit+0x10/0x10 [ 133.602839] ? debug_smp_processor_id+0x20/0x30 [ 133.603365] ? rcu_is_watching+0x19/0xb0 [ 133.603801] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.604289] ? trace_hardirqs_on+0x26/0x120 [ 133.604796] do_group_exit+0xe0/0x2b0 [ 133.605368] __x64_sys_exit_group+0x47/0x50 [ 133.605818] do_syscall_64+0x3b/0x90 [ 133.606215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.606812] RIP: 0033:0x7f4b87518a4d [ 133.607232] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.608103] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.608903] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.609665] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.610684] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.611457] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.612201] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.613024] [ 133.613330] irq event stamp: 0 [ 133.613756] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.614429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.615378] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.616445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.617128] ---[ end trace 0000000000000000 ]--- [ 133.621984] ------------[ cut here ]------------ [ 133.622628] WARNING: CPU: 1 PID: 1243 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.623969] Modules linked in: [ 133.624326] CPU: 1 PID: 1243 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.625268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.626791] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.627354] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.629558] RSP: 0018:ffff8880178cfbb8 EFLAGS: 00010246 [ 133.630146] RAX: 0000000000000000 RBX: ffff888020b080a8 RCX: 0000000000000000 [ 133.630947] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 133.631801] RBP: ffff8880178cfbd0 R08: ffffed1004161033 R09: ffffed1004161033 [ 133.632731] R10: ffff888020b08193 R11: ffffed1004161032 R12: ffff88801226e800 [ 133.633498] R13: ffff888020b081e8 R14: ffffffff8352e670 R15: ffff8880178cfe68 [ 133.634369] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.635419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.636050] CR2: 0000000020000140 CR3: 0000000012c04000 CR4: 0000000000750ee0 [ 133.636826] PKRU: 55555554 [ 133.637227] Call Trace: [ 133.637656] [ 133.637904] __iommufd_access_detach+0x1c2/0x2b0 [ 133.638437] iommufd_access_change_pt+0x149/0x270 [ 133.639011] iommufd_access_replace+0xb4/0x120 [ 133.639540] iommufd_test+0x3e5/0x37e0 [ 133.640005] ? lock_release+0x532/0x770 [ 133.640615] ? __might_fault+0x102/0x1b0 [ 133.641067] ? lock_acquire+0x427/0x4c0 [ 133.641511] ? __pfx_iommufd_test+0x10/0x10 [ 133.641975] ? __pfx_lock_release+0x10/0x10 [ 133.642626] ? __pfx_lock_acquire+0x10/0x10 [ 133.643241] ? write_comp_data+0x2f/0x90 [ 133.643699] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.644236] ? write_comp_data+0x2f/0x90 [ 133.644686] iommufd_fops_ioctl+0x37d/0x510 [ 133.645159] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.645908] ? write_comp_data+0x2f/0x90 [ 133.646364] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.646940] __x64_sys_ioctl+0x1a3/0x230 [ 133.647409] do_syscall_64+0x3b/0x90 [ 133.647825] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.648536] RIP: 0033:0x7f4b8743ee5d [ 133.649026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 133.651263] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 133.652091] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 133.652871] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 133.653781] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 133.654687] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 133.655458] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 133.656247] [ 133.656611] irq event stamp: 0 [ 133.657062] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.657743] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.658679] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.659798] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.660479] ---[ end trace 0000000000000000 ]--- [ 133.664112] ------------[ cut here ]------------ [ 133.664898] WARNING: CPU: 1 PID: 1243 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.665984] Modules linked in: [ 133.666331] CPU: 1 PID: 1243 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.667584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.668826] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.669371] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.671625] RSP: 0018:ffff8880178cfbd0 EFLAGS: 00010246 [ 133.672215] RAX: 0000000000000000 RBX: ffff888020b080a8 RCX: 0000000000000000 [ 133.673206] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 133.673971] RBP: ffff8880178cfbe8 R08: ffffed1004161033 R09: ffffed1004161033 [ 133.674772] R10: ffff888020b08193 R11: ffffed1004161032 R12: ffff88800f794800 [ 133.675697] R13: ffff888020b081e8 R14: ffff888012de2d00 R15: 0000000000000000 [ 133.676578] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.677453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.678213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 133.679151] PKRU: 55555554 [ 133.679474] Call Trace: [ 133.679754] [ 133.679998] iommufd_access_destroy_object+0x65/0x170 [ 133.680561] iommufd_object_destroy_user+0x18e/0x220 [ 133.681343] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 133.681984] iommufd_access_destroy+0x43/0x70 [ 133.682493] iommufd_test_staccess_release+0x8d/0xd0 [ 133.683091] __fput+0x26d/0xa40 [ 133.683476] ____fput+0x1e/0x30 [ 133.683972] task_work_run+0x1a4/0x2d0 [ 133.684506] ? __pfx_task_work_run+0x10/0x10 [ 133.684987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.685528] ? switch_task_namespaces+0xa9/0xe0 [ 133.686061] do_exit+0xb17/0x2ef0 [ 133.686617] ? lock_acquire+0x427/0x4c0 [ 133.687155] ? __pfx_lock_release+0x10/0x10 [ 133.687637] ? __kasan_check_write+0x18/0x20 [ 133.688123] ? do_raw_spin_lock+0x132/0x2a0 [ 133.688594] ? __pfx_do_exit+0x10/0x10 [ 133.689033] ? debug_smp_processor_id+0x20/0x30 [ 133.689671] ? rcu_is_watching+0x19/0xb0 [ 133.690237] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.690776] ? trace_hardirqs_on+0x26/0x120 [ 133.691264] do_group_exit+0xe0/0x2b0 [ 133.691686] __x64_sys_exit_group+0x47/0x50 [ 133.692199] do_syscall_64+0x3b/0x90 [ 133.692787] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.693367] RIP: 0033:0x7f4b87518a4d [ 133.693779] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.694450] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.695559] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.696334] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.697093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.697983] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.698905] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.699693] [ 133.699948] irq event stamp: 0 [ 133.700294] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.701226] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.702133] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.703072] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.704005] ---[ end trace 0000000000000000 ]--- [ 133.704940] ------------[ cut here ]------------ [ 133.705446] WARNING: CPU: 1 PID: 1243 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 133.706875] Modules linked in: [ 133.707241] CPU: 1 PID: 1243 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.708186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.709635] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 133.710197] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 133.712406] RSP: 0018:ffff8880178cfb78 EFLAGS: 00010246 [ 133.712992] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 133.713753] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 133.714767] RBP: ffff8880178cfb98 R08: ffffed100416103e R09: ffffed100416103e [ 133.715552] R10: ffff888020b081ef R11: ffffed100416103d R12: ffff888020b08290 [ 133.716317] R13: ffff888020b080a8 R14: ffffffffffffffff R15: ffff8880178cfc60 [ 133.717152] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.718172] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.718830] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 133.719607] PKRU: 55555554 [ 133.719955] Call Trace: [ 133.720390] [ 133.720628] iommufd_ioas_destroy+0x53/0x70 [ 133.721090] iommufd_fops_release+0x1f7/0x370 [ 133.721566] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.722090] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.722857] ? write_comp_data+0x2f/0x90 [ 133.723320] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.723856] __fput+0x26d/0xa40 [ 133.724219] ____fput+0x1e/0x30 [ 133.724576] task_work_run+0x1a4/0x2d0 [ 133.724996] ? __pfx_task_work_run+0x10/0x10 [ 133.725695] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.726209] ? switch_task_namespaces+0xa9/0xe0 [ 133.726738] do_exit+0xb17/0x2ef0 [ 133.727103] ? lock_acquire+0x427/0x4c0 [ 133.727548] ? __pfx_lock_release+0x10/0x10 [ 133.728083] ? __kasan_check_write+0x18/0x20 [ 133.728683] ? do_raw_spin_lock+0x132/0x2a0 [ 133.729142] ? __pfx_do_exit+0x10/0x10 [ 133.729565] ? debug_smp_processor_id+0x20/0x30 [ 133.730055] ? rcu_is_watching+0x19/0xb0 [ 133.730631] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.731220] ? trace_hardirqs_on+0x26/0x120 [ 133.731675] do_group_exit+0xe0/0x2b0 [ 133.732069] __x64_sys_exit_group+0x47/0x50 [ 133.732514] do_syscall_64+0x3b/0x90 [ 133.732912] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.733599] RIP: 0033:0x7f4b87518a4d [ 133.734093] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.734764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.735572] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.736434] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.737289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.738035] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.739056] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.739836] [ 133.740088] irq event stamp: 0 [ 133.740428] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.741105] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.742200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.743126] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.743812] ---[ end trace 0000000000000000 ]--- [ 133.748489] ------------[ cut here ]------------ [ 133.749102] WARNING: CPU: 1 PID: 1244 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.750298] Modules linked in: [ 133.750696] CPU: 1 PID: 1244 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.751652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.753083] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.753602] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.755832] RSP: 0018:ffff888018ac7bb8 EFLAGS: 00010246 [ 133.756404] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 133.757186] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 133.758125] RBP: ffff888018ac7bd0 R08: ffffed1001702333 R09: ffffed1001702333 [ 133.758907] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff88800fcb2c00 [ 133.759662] R13: ffff88800b8119e8 R14: ffffffff8352e670 R15: ffff888018ac7e68 [ 133.760633] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.761485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.762098] CR2: 00007f4b877410e8 CR3: 0000000012c04000 CR4: 0000000000750ee0 [ 133.763107] PKRU: 55555554 [ 133.763430] Call Trace: [ 133.763706] [ 133.763946] __iommufd_access_detach+0x1c2/0x2b0 [ 133.764470] iommufd_access_change_pt+0x149/0x270 [ 133.765026] iommufd_access_replace+0xb4/0x120 [ 133.765705] iommufd_test+0x3e5/0x37e0 [ 133.766129] ? lock_release+0x532/0x770 [ 133.766603] ? __might_fault+0x102/0x1b0 [ 133.767045] ? lock_acquire+0x427/0x4c0 [ 133.767487] ? __pfx_iommufd_test+0x10/0x10 [ 133.768051] ? __pfx_lock_release+0x10/0x10 [ 133.768635] ? __pfx_lock_acquire+0x10/0x10 [ 133.769104] ? write_comp_data+0x2f/0x90 [ 133.769549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.770082] ? write_comp_data+0x2f/0x90 [ 133.770789] iommufd_fops_ioctl+0x37d/0x510 [ 133.771280] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.771806] ? write_comp_data+0x2f/0x90 [ 133.772244] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.772767] __x64_sys_ioctl+0x1a3/0x230 [ 133.773311] do_syscall_64+0x3b/0x90 [ 133.773838] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.774406] RIP: 0033:0x7f4b8743ee5d [ 133.774846] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 133.777019] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 133.777838] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 133.778763] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 133.779616] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 133.780367] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 133.781136] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 133.782090] [ 133.782341] irq event stamp: 0 [ 133.782715] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.783399] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.784534] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.785441] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.786133] ---[ end trace 0000000000000000 ]--- [ 133.789922] ------------[ cut here ]------------ [ 133.790480] WARNING: CPU: 1 PID: 1244 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.791660] Modules linked in: [ 133.792182] CPU: 1 PID: 1244 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.793114] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.794567] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.795107] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.797272] RSP: 0018:ffff888018ac7bd0 EFLAGS: 00010246 [ 133.797835] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 133.798630] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 133.799400] RBP: ffff888018ac7be8 R08: ffffed1001702333 R09: ffffed1001702333 [ 133.800359] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff88801226e400 [ 133.801095] R13: ffff88800b8119e8 R14: ffff888013c59e00 R15: 0000000000000000 [ 133.801909] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.802914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.803109] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 133.803542] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 133.805708] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 133.806412] PKRU: 55555554 [ 133.808266] Call Trace: [ 133.808539] [ 133.808782] iommufd_access_destroy_object+0x65/0x170 [ 133.809343] iommufd_object_destroy_user+0x18e/0x220 [ 133.809903] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 133.810548] iommufd_access_destroy+0x43/0x70 [ 133.811025] iommufd_test_staccess_release+0x8d/0xd0 [ 133.811593] __fput+0x26d/0xa40 [ 133.811958] ____fput+0x1e/0x30 [ 133.812320] task_work_run+0x1a4/0x2d0 [ 133.812751] ? __pfx_task_work_run+0x10/0x10 [ 133.813226] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.813761] ? switch_task_namespaces+0xa9/0xe0 [ 133.814279] do_exit+0xb17/0x2ef0 [ 133.814677] ? lock_acquire+0x427/0x4c0 [ 133.815128] ? __pfx_lock_release+0x10/0x10 [ 133.815598] ? __kasan_check_write+0x18/0x20 [ 133.816134] ? do_raw_spin_lock+0x132/0x2a0 [ 133.816771] ? __pfx_do_exit+0x10/0x10 [ 133.817205] ? debug_smp_processor_id+0x20/0x30 [ 133.817706] ? rcu_is_watching+0x19/0xb0 [ 133.818145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.818780] ? trace_hardirqs_on+0x26/0x120 [ 133.819404] do_group_exit+0xe0/0x2b0 [ 133.819828] __x64_sys_exit_group+0x47/0x50 [ 133.820294] do_syscall_64+0x3b/0x90 [ 133.820706] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.821384] RIP: 0033:0x7f4b87518a4d [ 133.821903] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.822583] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.823380] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.824111] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.824876] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.825638] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.826382] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.827194] [ 133.827475] irq event stamp: 0 [ 133.827994] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.828678] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.829569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.830745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.831433] ---[ end trace 0000000000000000 ]--- [ 133.842971] ------------[ cut here ]------------ [ 133.843539] WARNING: CPU: 1 PID: 1244 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 133.844731] Modules linked in: [ 133.845191] CPU: 1 PID: 1244 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.846108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.847586] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 133.848139] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 133.850319] RSP: 0018:ffff888018ac7b78 EFLAGS: 00010246 [ 133.850931] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 133.851709] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 133.852593] RBP: ffff888018ac7b98 R08: ffffed100170233e R09: ffffed100170233e [ 133.853469] R10: ffff88800b8119ef R11: ffffed100170233d R12: ffff88800b811a90 [ 133.854210] R13: ffff88800b8118a8 R14: ffffffffffffffff R15: ffff888018ac7c60 [ 133.855135] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.856110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.856714] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 133.857536] PKRU: 55555554 [ 133.857966] Call Trace: [ 133.858240] [ 133.858476] iommufd_ioas_destroy+0x53/0x70 [ 133.858977] iommufd_fops_release+0x1f7/0x370 [ 133.859478] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.860007] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.860525] ? write_comp_data+0x2f/0x90 [ 133.860969] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.861501] __fput+0x26d/0xa40 [ 133.861866] ____fput+0x1e/0x30 [ 133.862216] task_work_run+0x1a4/0x2d0 [ 133.862658] ? __pfx_task_work_run+0x10/0x10 [ 133.863136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.863659] ? switch_task_namespaces+0xa9/0xe0 [ 133.864152] do_exit+0xb17/0x2ef0 [ 133.864634] ? lock_acquire+0x427/0x4c0 [ 133.865198] ? __pfx_lock_release+0x10/0x10 [ 133.865663] ? __kasan_check_write+0x18/0x20 [ 133.866133] ? do_raw_spin_lock+0x132/0x2a0 [ 133.866630] ? __pfx_do_exit+0x10/0x10 [ 133.867049] ? debug_smp_processor_id+0x20/0x30 [ 133.867761] ? rcu_is_watching+0x19/0xb0 [ 133.868191] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.868671] ? trace_hardirqs_on+0x26/0x120 [ 133.869127] do_group_exit+0xe0/0x2b0 [ 133.869525] __x64_sys_exit_group+0x47/0x50 [ 133.869968] do_syscall_64+0x3b/0x90 [ 133.870367] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.870946] RIP: 0033:0x7f4b87518a4d [ 133.871351] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.871991] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.872791] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.873771] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.874561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.875322] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.876067] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.876934] [ 133.877318] irq event stamp: 0 [ 133.877645] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.878303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.879213] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.880077] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.880734] ---[ end trace 0000000000000000 ]--- [ 133.886208] ------------[ cut here ]------------ [ 133.886794] WARNING: CPU: 1 PID: 1246 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.887836] Modules linked in: [ 133.888287] CPU: 1 PID: 1246 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.889285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.890667] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.891185] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.893176] RSP: 0018:ffff8880178cfbb8 EFLAGS: 00010246 [ 133.893816] RAX: 0000000000000000 RBX: ffff88802456e8a8 RCX: 0000000000000000 [ 133.894565] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 133.895301] RBP: ffff8880178cfbd0 R08: ffffed10048add33 R09: ffffed10048add33 [ 133.896285] R10: ffff88802456e993 R11: ffffed10048add32 R12: ffff888013dbbc00 [ 133.897012] R13: ffff88802456e9e8 R14: ffffffff8352e670 R15: ffff8880178cfe68 [ 133.897782] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.898781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.899388] CR2: 0000000020000140 CR3: 0000000012c04000 CR4: 0000000000750ee0 [ 133.900127] PKRU: 55555554 [ 133.900537] Call Trace: [ 133.900896] [ 133.901129] __iommufd_access_detach+0x1c2/0x2b0 [ 133.901635] iommufd_access_change_pt+0x149/0x270 [ 133.902141] iommufd_access_replace+0xb4/0x120 [ 133.902724] iommufd_test+0x3e5/0x37e0 [ 133.903273] ? lock_release+0x532/0x770 [ 133.903701] ? __might_fault+0x102/0x1b0 [ 133.904130] ? lock_acquire+0x427/0x4c0 [ 133.904550] ? __pfx_iommufd_test+0x10/0x10 [ 133.904986] ? __pfx_lock_release+0x10/0x10 [ 133.905534] ? __pfx_lock_acquire+0x10/0x10 [ 133.906112] ? write_comp_data+0x2f/0x90 [ 133.906563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.907062] ? write_comp_data+0x2f/0x90 [ 133.907505] iommufd_fops_ioctl+0x37d/0x510 [ 133.908002] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.908654] ? write_comp_data+0x2f/0x90 [ 133.909073] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 133.909563] __x64_sys_ioctl+0x1a3/0x230 [ 133.909996] do_syscall_64+0x3b/0x90 [ 133.910448] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.911218] RIP: 0033:0x7f4b8743ee5d [ 133.911605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 133.913652] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 133.914436] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 133.915203] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 133.916088] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 133.916822] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 133.917558] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 133.918565] [ 133.918806] irq event stamp: 0 [ 133.919141] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.919790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.920781] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.921714] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.922361] ---[ end trace 0000000000000000 ]--- [ 133.925815] ------------[ cut here ]------------ [ 133.926346] WARNING: CPU: 1 PID: 1246 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 133.927796] Modules linked in: [ 133.928127] CPU: 1 PID: 1246 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.929243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.930382] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 133.930951] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 133.933021] RSP: 0018:ffff8880178cfbd0 EFLAGS: 00010246 [ 133.933680] RAX: 0000000000000000 RBX: ffff88802456e8a8 RCX: 0000000000000000 [ 133.934568] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 133.935304] RBP: ffff8880178cfbe8 R08: ffffed10048add33 R09: ffffed10048add33 [ 133.936089] R10: ffff88802456e993 R11: ffffed10048add32 R12: ffff88800fcb1400 [ 133.937010] R13: ffff88802456e9e8 R14: ffff88800fd31200 R15: 0000000000000000 [ 133.937734] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.938699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.939446] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 133.940178] PKRU: 55555554 [ 133.940466] Call Trace: [ 133.940731] [ 133.941021] iommufd_access_destroy_object+0x65/0x170 [ 133.941732] iommufd_object_destroy_user+0x18e/0x220 [ 133.942259] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 133.942900] iommufd_access_destroy+0x43/0x70 [ 133.943401] iommufd_test_staccess_release+0x8d/0xd0 [ 133.944164] __fput+0x26d/0xa40 [ 133.944522] ____fput+0x1e/0x30 [ 133.944871] task_work_run+0x1a4/0x2d0 [ 133.945279] ? __pfx_task_work_run+0x10/0x10 [ 133.945733] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.946481] ? switch_task_namespaces+0xa9/0xe0 [ 133.947005] do_exit+0xb17/0x2ef0 [ 133.947376] ? lock_acquire+0x427/0x4c0 [ 133.947803] ? __pfx_lock_release+0x10/0x10 [ 133.948250] ? __kasan_check_write+0x18/0x20 [ 133.948778] ? do_raw_spin_lock+0x132/0x2a0 [ 133.949386] ? __pfx_do_exit+0x10/0x10 [ 133.949792] ? debug_smp_processor_id+0x20/0x30 [ 133.950277] ? rcu_is_watching+0x19/0xb0 [ 133.950729] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.951203] ? trace_hardirqs_on+0x26/0x120 [ 133.951752] do_group_exit+0xe0/0x2b0 [ 133.952117] __x64_sys_exit_group+0x47/0x50 [ 133.952520] do_syscall_64+0x3b/0x90 [ 133.952880] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.953404] RIP: 0033:0x7f4b87518a4d [ 133.953885] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.954463] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.955208] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.955944] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.956757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.957417] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.958182] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.958970] [ 133.959205] irq event stamp: 0 [ 133.959505] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.960099] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.961075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.961856] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.962458] ---[ end trace 0000000000000000 ]--- [ 133.963590] ------------[ cut here ]------------ [ 133.964058] WARNING: CPU: 1 PID: 1246 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 133.965103] Modules linked in: [ 133.965542] CPU: 1 PID: 1246 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 133.966358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 133.967518] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 133.968095] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 133.969871] RSP: 0018:ffff8880178cfb78 EFLAGS: 00010246 [ 133.970472] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 133.971194] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 133.971863] RBP: ffff8880178cfb98 R08: ffffed10048add3e R09: ffffed10048add3e [ 133.972706] R10: ffff88802456e9ef R11: ffffed10048add3d R12: ffff88802456ea90 [ 133.973370] R13: ffff88802456e8a8 R14: ffffffffffffffff R15: ffff8880178cfc60 [ 133.974042] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 133.975003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 133.975558] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 133.976227] PKRU: 55555554 [ 133.976503] Call Trace: [ 133.976812] [ 133.977113] iommufd_ioas_destroy+0x53/0x70 [ 133.977528] iommufd_fops_release+0x1f7/0x370 [ 133.977955] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.978435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.979065] ? write_comp_data+0x2f/0x90 [ 133.979560] ? __pfx_iommufd_fops_release+0x10/0x10 [ 133.980034] __fput+0x26d/0xa40 [ 133.980359] ____fput+0x1e/0x30 [ 133.980681] task_work_run+0x1a4/0x2d0 [ 133.981069] ? __pfx_task_work_run+0x10/0x10 [ 133.981529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 133.982119] ? switch_task_namespaces+0xa9/0xe0 [ 133.982604] do_exit+0xb17/0x2ef0 [ 133.982942] ? lock_acquire+0x427/0x4c0 [ 133.983352] ? __pfx_lock_release+0x10/0x10 [ 133.983769] ? __kasan_check_write+0x18/0x20 [ 133.984294] ? do_raw_spin_lock+0x132/0x2a0 [ 133.984808] ? __pfx_do_exit+0x10/0x10 [ 133.985185] ? debug_smp_processor_id+0x20/0x30 [ 133.985627] ? rcu_is_watching+0x19/0xb0 [ 133.986012] ? _raw_spin_unlock_irq+0x2b/0x60 [ 133.986649] ? trace_hardirqs_on+0x26/0x120 [ 133.987067] do_group_exit+0xe0/0x2b0 [ 133.987443] __x64_sys_exit_group+0x47/0x50 [ 133.987853] do_syscall_64+0x3b/0x90 [ 133.988215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 133.988757] RIP: 0033:0x7f4b87518a4d [ 133.989227] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 133.989818] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 133.990571] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 133.991305] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 133.992124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 133.992789] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 133.993543] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 133.994309] [ 133.994562] irq event stamp: 0 [ 133.994864] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 133.995467] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 133.996426] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 133.997205] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 133.997821] ---[ end trace 0000000000000000 ]--- [ 134.003187] ------------[ cut here ]------------ [ 134.003693] WARNING: CPU: 1 PID: 1247 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.004844] Modules linked in: [ 134.005147] CPU: 1 PID: 1247 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.005965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.007261] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.007733] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.009641] RSP: 0018:ffff888016ebfbb8 EFLAGS: 00010246 [ 134.010150] RAX: 0000000000000000 RBX: ffff888010b9c0a8 RCX: 0000000000000000 [ 134.010888] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 134.011702] RBP: ffff888016ebfbd0 R08: ffffed1002173833 R09: ffffed1002173833 [ 134.012371] R10: ffff888010b9c193 R11: ffffed1002173832 R12: ffff88801341dc00 [ 134.013130] R13: ffff888010b9c1e8 R14: ffffffff8352e670 R15: ffff888016ebfe68 [ 134.013915] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.014686] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.015329] CR2: 00007f4b877410e8 CR3: 0000000012c04000 CR4: 0000000000750ee0 [ 134.016123] PKRU: 55555554 [ 134.016398] Call Trace: [ 134.016644] [ 134.016860] __iommufd_access_detach+0x1c2/0x2b0 [ 134.017359] iommufd_access_change_pt+0x149/0x270 [ 134.017927] iommufd_access_replace+0xb4/0x120 [ 134.018376] iommufd_test+0x3e5/0x37e0 [ 134.018779] ? lock_release+0x532/0x770 [ 134.019185] ? __might_fault+0x102/0x1b0 [ 134.019646] ? lock_acquire+0x427/0x4c0 [ 134.020135] ? __pfx_iommufd_test+0x10/0x10 [ 134.020544] ? __pfx_lock_release+0x10/0x10 [ 134.020962] ? __pfx_lock_acquire+0x10/0x10 [ 134.021386] ? write_comp_data+0x2f/0x90 [ 134.021871] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.022434] ? write_comp_data+0x2f/0x90 [ 134.022857] iommufd_fops_ioctl+0x37d/0x510 [ 134.023279] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.023768] ? write_comp_data+0x2f/0x90 [ 134.024321] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.024786] __x64_sys_ioctl+0x1a3/0x230 [ 134.025190] do_syscall_64+0x3b/0x90 [ 134.025559] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.026138] RIP: 0033:0x7f4b8743ee5d [ 134.026629] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.028432] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.029232] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.029900] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.030787] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.031466] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.032130] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.032988] [ 134.033214] irq event stamp: 0 [ 134.033515] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.034102] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.035080] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.035877] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.036494] ---[ end trace 0000000000000000 ]--- [ 134.041583] ------------[ cut here ]------------ [ 134.042083] WARNING: CPU: 1 PID: 1247 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.043281] Modules linked in: [ 134.043589] CPU: 1 PID: 1247 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.044404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.045648] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.046117] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.048024] RSP: 0018:ffff888016ebfbd0 EFLAGS: 00010246 [ 134.048529] RAX: 0000000000000000 RBX: ffff888010b9c0a8 RCX: 0000000000000000 [ 134.049236] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 134.050018] RBP: ffff888016ebfbe8 R08: ffffed1002173833 R09: ffffed1002173833 [ 134.050706] R10: ffff888010b9c193 R11: ffffed1002173832 R12: ffff888013db9400 [ 134.051473] R13: ffff888010b9c1e8 R14: ffff888013884d00 R15: 0000000000000000 [ 134.052240] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.053007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.053647] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.054410] PKRU: 55555554 [ 134.054704] Call Trace: [ 134.054948] [ 134.055180] iommufd_access_destroy_object+0x65/0x170 [ 134.055777] iommufd_object_destroy_user+0x18e/0x220 [ 134.056360] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 134.056934] iommufd_access_destroy+0x43/0x70 [ 134.057372] iommufd_test_staccess_release+0x8d/0xd0 [ 134.057956] __fput+0x26d/0xa40 [ 134.058373] ____fput+0x1e/0x30 [ 134.058721] task_work_run+0x1a4/0x2d0 [ 134.059100] ? __pfx_task_work_run+0x10/0x10 [ 134.059531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.060070] ? switch_task_namespaces+0xa9/0xe0 [ 134.060606] do_exit+0xb17/0x2ef0 [ 134.060937] ? lock_acquire+0x427/0x4c0 [ 134.061328] ? __pfx_lock_release+0x10/0x10 [ 134.061749] ? __kasan_check_write+0x18/0x20 [ 134.062262] ? do_raw_spin_lock+0x132/0x2a0 [ 134.062772] ? __pfx_do_exit+0x10/0x10 [ 134.063169] ? debug_smp_processor_id+0x20/0x30 [ 134.063621] ? rcu_is_watching+0x19/0xb0 [ 134.064012] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.064615] ? trace_hardirqs_on+0x26/0x120 [ 134.065033] do_group_exit+0xe0/0x2b0 [ 134.065400] __x64_sys_exit_group+0x47/0x50 [ 134.065801] do_syscall_64+0x3b/0x90 [ 134.066161] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.066843] RIP: 0033:0x7f4b87518a4d [ 134.067209] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.067795] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.068507] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.069177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.069837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.070731] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.071412] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.072086] [ 134.072311] irq event stamp: 0 [ 134.072703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.073382] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.074165] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.075142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.075739] ---[ end trace 0000000000000000 ]--- [ 134.076658] ------------[ cut here ]------------ [ 134.077184] WARNING: CPU: 1 PID: 1247 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 134.078239] Modules linked in: [ 134.078604] CPU: 1 PID: 1247 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.079441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.080674] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 134.081157] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 134.083075] RSP: 0018:ffff888016ebfb78 EFLAGS: 00010246 [ 134.083594] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.084452] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 134.085124] RBP: ffff888016ebfb98 R08: ffffed100217383e R09: ffffed100217383e [ 134.085791] R10: ffff888010b9c1ef R11: ffffed100217383d R12: ffff888010b9c290 [ 134.086645] R13: ffff888010b9c0a8 R14: ffffffffffffffff R15: ffff888016ebfc60 [ 134.087323] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.088079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.088727] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.089483] PKRU: 55555554 [ 134.089754] Call Trace: [ 134.089994] [ 134.090207] iommufd_ioas_destroy+0x53/0x70 [ 134.090705] iommufd_fops_release+0x1f7/0x370 [ 134.091238] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.091716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.092184] ? write_comp_data+0x2f/0x90 [ 134.092584] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.093077] __fput+0x26d/0xa40 [ 134.093539] ____fput+0x1e/0x30 [ 134.093865] task_work_run+0x1a4/0x2d0 [ 134.094241] ? __pfx_task_work_run+0x10/0x10 [ 134.094689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.095167] ? switch_task_namespaces+0xa9/0xe0 [ 134.095676] do_exit+0xb17/0x2ef0 [ 134.096092] ? lock_acquire+0x427/0x4c0 [ 134.096475] ? __pfx_lock_release+0x10/0x10 [ 134.096885] ? __kasan_check_write+0x18/0x20 [ 134.097301] ? do_raw_spin_lock+0x132/0x2a0 [ 134.097802] ? __pfx_do_exit+0x10/0x10 [ 134.098251] ? debug_smp_processor_id+0x20/0x30 [ 134.098724] ? rcu_is_watching+0x19/0xb0 [ 134.099115] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.099550] ? trace_hardirqs_on+0x26/0x120 [ 134.099991] do_group_exit+0xe0/0x2b0 [ 134.100486] __x64_sys_exit_group+0x47/0x50 [ 134.100892] do_syscall_64+0x3b/0x90 [ 134.101255] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.101752] RIP: 0033:0x7f4b87518a4d [ 134.102162] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.102867] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.103601] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.104267] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.105124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.105796] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.106469] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.107389] [ 134.107615] irq event stamp: 0 [ 134.107913] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.108502] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.109393] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.110254] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.110875] ---[ end trace 0000000000000000 ]--- [ 134.116139] ------------[ cut here ]------------ [ 134.116640] WARNING: CPU: 1 PID: 1248 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.117581] Modules linked in: [ 134.117981] CPU: 1 PID: 1248 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.118921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.119978] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.120615] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.122360] RSP: 0018:ffff8880178cfbb8 EFLAGS: 00010246 [ 134.122975] RAX: 0000000000000000 RBX: ffff88801346e0a8 RCX: 0000000000000000 [ 134.123666] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 134.124333] RBP: ffff8880178cfbd0 R08: ffffed100268dc33 R09: ffffed100268dc33 [ 134.125182] R10: ffff88801346e193 R11: ffffed100268dc32 R12: ffff8880142a5400 [ 134.125846] R13: ffff88801346e1e8 R14: ffffffff8352e670 R15: ffff8880178cfe68 [ 134.126534] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.127483] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.128029] CR2: 00007f4b877410e8 CR3: 0000000012c04000 CR4: 0000000000750ee0 [ 134.128701] PKRU: 55555554 [ 134.128967] Call Trace: [ 134.129279] [ 134.129592] __iommufd_access_detach+0x1c2/0x2b0 [ 134.130059] iommufd_access_change_pt+0x149/0x270 [ 134.130551] iommufd_access_replace+0xb4/0x120 [ 134.130993] iommufd_test+0x3e5/0x37e0 [ 134.131379] ? lock_release+0x532/0x770 [ 134.131863] ? __might_fault+0x102/0x1b0 [ 134.132332] ? lock_acquire+0x427/0x4c0 [ 134.132721] ? __pfx_iommufd_test+0x10/0x10 [ 134.133129] ? __pfx_lock_release+0x10/0x10 [ 134.133550] ? __pfx_lock_acquire+0x10/0x10 [ 134.134058] ? write_comp_data+0x2f/0x90 [ 134.134536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.135006] ? write_comp_data+0x2f/0x90 [ 134.135405] iommufd_fops_ioctl+0x37d/0x510 [ 134.135815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.136324] ? write_comp_data+0x2f/0x90 [ 134.136808] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.137260] __x64_sys_ioctl+0x1a3/0x230 [ 134.137651] do_syscall_64+0x3b/0x90 [ 134.138011] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.138679] RIP: 0033:0x7f4b8743ee5d [ 134.139028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.140841] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.141647] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.142317] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.143183] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.143856] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.144527] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.145302] [ 134.145606] irq event stamp: 0 [ 134.145897] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.146499] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.147337] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.148311] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.148920] ---[ end trace 0000000000000000 ]--- [ 134.152138] ------------[ cut here ]------------ [ 134.152622] WARNING: CPU: 1 PID: 1248 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.153580] Modules linked in: [ 134.153942] CPU: 1 PID: 1248 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.154879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.155938] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.156508] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.158285] RSP: 0018:ffff8880178cfbd0 EFLAGS: 00010246 [ 134.158984] RAX: 0000000000000000 RBX: ffff88801346e0a8 RCX: 0000000000000000 [ 134.159663] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 134.160339] RBP: ffff8880178cfbe8 R08: ffffed100268dc33 R09: ffffed100268dc33 [ 134.161088] R10: ffff88801346e193 R11: ffffed100268dc32 R12: ffff88801341e000 [ 134.161847] R13: ffff88801346e1e8 R14: ffff8880218d4b00 R15: 0000000000000000 [ 134.162539] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.163293] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.163996] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 134.164668] PKRU: 55555554 [ 134.164932] Call Trace: [ 134.165169] [ 134.165381] iommufd_access_destroy_object+0x65/0x170 [ 134.166040] iommufd_object_destroy_user+0x18e/0x220 [ 134.166543] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 134.167095] iommufd_access_destroy+0x43/0x70 [ 134.167541] iommufd_test_staccess_release+0x8d/0xd0 [ 134.168028] __fput+0x26d/0xa40 [ 134.168408] ____fput+0x1e/0x30 [ 134.168824] task_work_run+0x1a4/0x2d0 [ 134.169204] ? __pfx_task_work_run+0x10/0x10 [ 134.169625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.170094] ? switch_task_namespaces+0xa9/0xe0 [ 134.170675] do_exit+0xb17/0x2ef0 [ 134.171093] ? lock_acquire+0x427/0x4c0 [ 134.171489] ? __pfx_lock_release+0x10/0x10 [ 134.171901] ? __kasan_check_write+0x18/0x20 [ 134.172320] ? do_raw_spin_lock+0x132/0x2a0 [ 134.172726] ? __pfx_do_exit+0x10/0x10 [ 134.173142] ? debug_smp_processor_id+0x20/0x30 [ 134.173717] ? rcu_is_watching+0x19/0xb0 [ 134.174104] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.174580] ? trace_hardirqs_on+0x26/0x120 [ 134.175003] do_group_exit+0xe0/0x2b0 [ 134.175378] __x64_sys_exit_group+0x47/0x50 [ 134.175877] do_syscall_64+0x3b/0x90 [ 134.176339] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.176839] RIP: 0033:0x7f4b87518a4d [ 134.177188] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.177822] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.178666] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.179359] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.180026] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.180877] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.181548] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.182231] [ 134.182471] irq event stamp: 0 [ 134.182934] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.183546] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.184332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.185178] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.185870] ---[ end trace 0000000000000000 ]--- [ 134.186720] ------------[ cut here ]------------ [ 134.187178] WARNING: CPU: 1 PID: 1248 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 134.188333] Modules linked in: [ 134.188637] CPU: 1 PID: 1248 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.189454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.190846] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 134.191341] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 134.193223] RSP: 0018:ffff8880178cfb78 EFLAGS: 00010246 [ 134.193733] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.194419] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 134.195280] RBP: ffff8880178cfb98 R08: ffffed100268dc3e R09: ffffed100268dc3e [ 134.195950] R10: ffff88801346e1ef R11: ffffed100268dc3d R12: ffff88801346e290 [ 134.196611] R13: ffff88801346e0a8 R14: ffffffffffffffff R15: ffff8880178cfc60 [ 134.197410] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.198160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.198725] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 134.199399] PKRU: 55555554 [ 134.199766] Call Trace: [ 134.200111] [ 134.200323] iommufd_ioas_destroy+0x53/0x70 [ 134.200733] iommufd_fops_release+0x1f7/0x370 [ 134.201159] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.201676] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.202280] ? write_comp_data+0x2f/0x90 [ 134.202698] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.203177] __fput+0x26d/0xa40 [ 134.203511] ____fput+0x1e/0x30 [ 134.203833] task_work_run+0x1a4/0x2d0 [ 134.204289] ? __pfx_task_work_run+0x10/0x10 [ 134.204822] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.205285] ? switch_task_namespaces+0xa9/0xe0 [ 134.205733] do_exit+0xb17/0x2ef0 [ 134.206064] ? lock_acquire+0x427/0x4c0 [ 134.206653] ? __pfx_lock_release+0x10/0x10 [ 134.207068] ? __kasan_check_write+0x18/0x20 [ 134.207513] ? do_raw_spin_lock+0x132/0x2a0 [ 134.207933] ? __pfx_do_exit+0x10/0x10 [ 134.208312] ? debug_smp_processor_id+0x20/0x30 [ 134.208798] ? rcu_is_watching+0x19/0xb0 [ 134.209329] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.209764] ? trace_hardirqs_on+0x26/0x120 [ 134.210176] do_group_exit+0xe0/0x2b0 [ 134.210559] __x64_sys_exit_group+0x47/0x50 [ 134.210964] do_syscall_64+0x3b/0x90 [ 134.211364] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.212001] RIP: 0033:0x7f4b87518a4d [ 134.212348] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.212922] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.213733] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.214465] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.215160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.215821] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.216658] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.217318] [ 134.217535] irq event stamp: 0 [ 134.217824] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.218616] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.219399] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.220164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.220939] ---[ end trace 0000000000000000 ]--- [ 134.225443] ------------[ cut here ]------------ [ 134.225926] WARNING: CPU: 1 PID: 1249 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.226928] Modules linked in: [ 134.227301] CPU: 1 PID: 1249 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.228217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.229254] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.229889] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.231641] RSP: 0018:ffff88801725fbb8 EFLAGS: 00010246 [ 134.232220] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 134.232885] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 134.233595] RBP: ffff88801725fbd0 R08: ffffed100208c133 R09: ffffed100208c133 [ 134.234368] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff888014393c00 [ 134.235060] R13: ffff8880104609e8 R14: ffffffff8352e670 R15: ffff88801725fe68 [ 134.235790] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.236650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.237190] CR2: 0000000020000140 CR3: 0000000020fe2000 CR4: 0000000000750ee0 [ 134.237916] PKRU: 55555554 [ 134.238264] Call Trace: [ 134.238506] [ 134.238741] __iommufd_access_detach+0x1c2/0x2b0 [ 134.239224] iommufd_access_change_pt+0x149/0x270 [ 134.239688] iommufd_access_replace+0xb4/0x120 [ 134.240225] iommufd_test+0x3e5/0x37e0 [ 134.240629] ? lock_release+0x532/0x770 [ 134.241010] ? __might_fault+0x102/0x1b0 [ 134.241402] ? lock_acquire+0x427/0x4c0 [ 134.241790] ? __pfx_iommufd_test+0x10/0x10 [ 134.242293] ? __pfx_lock_release+0x10/0x10 [ 134.242781] ? __pfx_lock_acquire+0x10/0x10 [ 134.243203] ? write_comp_data+0x2f/0x90 [ 134.243595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.244060] ? write_comp_data+0x2f/0x90 [ 134.244611] iommufd_fops_ioctl+0x37d/0x510 [ 134.245022] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.245484] ? write_comp_data+0x2f/0x90 [ 134.245869] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.246317] __x64_sys_ioctl+0x1a3/0x230 [ 134.246878] do_syscall_64+0x3b/0x90 [ 134.247240] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.247729] RIP: 0033:0x7f4b8743ee5d [ 134.248076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.249897] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.250642] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.251484] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.252136] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.252824] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.253618] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.254281] [ 134.254500] irq event stamp: 0 [ 134.254859] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.255593] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.256364] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.257293] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.257877] ---[ end trace 0000000000000000 ]--- [ 134.262701] ------------[ cut here ]------------ [ 134.263207] WARNING: CPU: 1 PID: 1249 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.264318] Modules linked in: [ 134.264620] CPU: 1 PID: 1249 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.265470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.266684] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.267160] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.269028] RSP: 0018:ffff88801725fbd0 EFLAGS: 00010246 [ 134.269546] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 134.270323] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 134.270992] RBP: ffff88801725fbe8 R08: ffffed100208c133 R09: ffffed100208c133 [ 134.271701] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff8880142a7400 [ 134.272484] R13: ffff8880104609e8 R14: ffff888020e95000 R15: 0000000000000000 [ 134.273140] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.273979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.274613] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 134.275276] PKRU: 55555554 [ 134.275539] Call Trace: [ 134.275781] [ 134.276095] iommufd_access_destroy_object+0x65/0x170 [ 134.276704] iommufd_object_destroy_user+0x18e/0x220 [ 134.277182] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 134.277724] iommufd_access_destroy+0x43/0x70 [ 134.278251] iommufd_test_staccess_release+0x8d/0xd0 [ 134.278817] __fput+0x26d/0xa40 [ 134.279151] ____fput+0x1e/0x30 [ 134.279468] task_work_run+0x1a4/0x2d0 [ 134.279842] ? __pfx_task_work_run+0x10/0x10 [ 134.280360] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.280931] ? switch_task_namespaces+0xa9/0xe0 [ 134.281378] do_exit+0xb17/0x2ef0 [ 134.281702] ? lock_acquire+0x427/0x4c0 [ 134.282082] ? __pfx_lock_release+0x10/0x10 [ 134.282726] ? __kasan_check_write+0x18/0x20 [ 134.283149] ? do_raw_spin_lock+0x132/0x2a0 [ 134.283557] ? __pfx_do_exit+0x10/0x10 [ 134.283928] ? debug_smp_processor_id+0x20/0x30 [ 134.284368] ? rcu_is_watching+0x19/0xb0 [ 134.284924] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.285355] ? trace_hardirqs_on+0x26/0x120 [ 134.285766] do_group_exit+0xe0/0x2b0 [ 134.286121] __x64_sys_exit_group+0x47/0x50 [ 134.286565] do_syscall_64+0x3b/0x90 [ 134.287059] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.287552] RIP: 0033:0x7f4b87518a4d [ 134.287900] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.288473] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.289383] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.290041] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.290741] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.291561] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.292227] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.292958] [ 134.293277] irq event stamp: 0 [ 134.293573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.294171] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.295003] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.295892] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.296474] ---[ end trace 0000000000000000 ]--- [ 134.299067] ------------[ cut here ]------------ [ 134.299650] WARNING: CPU: 1 PID: 1249 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 134.300583] Modules linked in: [ 134.300919] CPU: 1 PID: 1249 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.301874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.302937] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 134.303600] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 134.305362] RSP: 0018:ffff88801725fb78 EFLAGS: 00010246 [ 134.305972] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.306635] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 134.307340] RBP: ffff88801725fb98 R08: ffffed100208c13e R09: ffffed100208c13e [ 134.308123] R10: ffff8880104609ef R11: ffffed100208c13d R12: ffff888010460a90 [ 134.308777] R13: ffff8880104608a8 R14: ffffffffffffffff R15: ffff88801725fc60 [ 134.309495] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.310334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.310893] CR2: 00007f82e2ea4000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 134.311629] PKRU: 55555554 [ 134.311997] Call Trace: [ 134.312239] [ 134.312451] iommufd_ioas_destroy+0x53/0x70 [ 134.312861] iommufd_fops_release+0x1f7/0x370 [ 134.313283] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.313849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.314402] ? write_comp_data+0x2f/0x90 [ 134.314809] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.315285] __fput+0x26d/0xa40 [ 134.315610] ____fput+0x1e/0x30 [ 134.316030] task_work_run+0x1a4/0x2d0 [ 134.316491] ? __pfx_task_work_run+0x10/0x10 [ 134.316909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.317369] ? switch_task_namespaces+0xa9/0xe0 [ 134.317820] do_exit+0xb17/0x2ef0 [ 134.318246] ? lock_acquire+0x427/0x4c0 [ 134.318705] ? __pfx_lock_release+0x10/0x10 [ 134.319126] ? __kasan_check_write+0x18/0x20 [ 134.319545] ? do_raw_spin_lock+0x132/0x2a0 [ 134.319958] ? __pfx_do_exit+0x10/0x10 [ 134.320499] ? debug_smp_processor_id+0x20/0x30 [ 134.320946] ? rcu_is_watching+0x19/0xb0 [ 134.321340] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.321772] ? trace_hardirqs_on+0x26/0x120 [ 134.322236] do_group_exit+0xe0/0x2b0 [ 134.322756] __x64_sys_exit_group+0x47/0x50 [ 134.323190] do_syscall_64+0x3b/0x90 [ 134.323549] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.324037] RIP: 0033:0x7f4b87518a4d [ 134.324483] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.325135] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.325846] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.326619] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.327383] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.328044] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.328721] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.329517] [ 134.329734] irq event stamp: 0 [ 134.330022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.330618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.331406] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.332181] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.332864] ---[ end trace 0000000000000000 ]--- [ 134.337885] ------------[ cut here ]------------ [ 134.338375] WARNING: CPU: 1 PID: 1250 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.339405] Modules linked in: [ 134.339844] CPU: 1 PID: 1250 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.340647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.341777] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.342309] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.344189] RSP: 0018:ffff88800fc8fbb8 EFLAGS: 00010246 [ 134.344687] RAX: 0000000000000000 RBX: ffff888011d9b0a8 RCX: 0000000000000000 [ 134.345347] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 134.346189] RBP: ffff88800fc8fbd0 R08: ffffed10023b3633 R09: ffffed10023b3633 [ 134.346858] R10: ffff888011d9b193 R11: ffffed10023b3632 R12: ffff888013642000 [ 134.347528] R13: ffff888011d9b1e8 R14: ffffffff8352e670 R15: ffff88800fc8fe68 [ 134.348362] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.349108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.349657] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 134.350542] PKRU: 55555554 [ 134.350815] Call Trace: [ 134.351058] [ 134.351280] __iommufd_access_detach+0x1c2/0x2b0 [ 134.351739] iommufd_access_change_pt+0x149/0x270 [ 134.352199] iommufd_access_replace+0xb4/0x120 [ 134.352818] iommufd_test+0x3e5/0x37e0 [ 134.353193] ? lock_release+0x532/0x770 [ 134.353576] ? __might_fault+0x102/0x1b0 [ 134.353964] ? lock_acquire+0x427/0x4c0 [ 134.354375] ? __pfx_iommufd_test+0x10/0x10 [ 134.355007] ? __pfx_lock_release+0x10/0x10 [ 134.355458] ? __pfx_lock_acquire+0x10/0x10 [ 134.355897] ? write_comp_data+0x2f/0x90 [ 134.356309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.356845] ? write_comp_data+0x2f/0x90 [ 134.357349] iommufd_fops_ioctl+0x37d/0x510 [ 134.357773] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.358242] ? write_comp_data+0x2f/0x90 [ 134.358673] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.359143] __x64_sys_ioctl+0x1a3/0x230 [ 134.359548] do_syscall_64+0x3b/0x90 [ 134.359920] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.360591] RIP: 0033:0x7f4b8743ee5d [ 134.360952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.362896] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.363639] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.364311] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.365112] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.366045] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.366818] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.367589] [ 134.367960] irq event stamp: 0 [ 134.368395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.369044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.369902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.371023] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.371701] ---[ end trace 0000000000000000 ]--- [ 134.375184] ------------[ cut here ]------------ [ 134.375839] WARNING: CPU: 1 PID: 1250 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.376955] Modules linked in: [ 134.377288] CPU: 1 PID: 1250 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.378245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.379660] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.380186] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.382293] RSP: 0018:ffff88800fc8fbd0 EFLAGS: 00010246 [ 134.382887] RAX: 0000000000000000 RBX: ffff888011d9b0a8 RCX: 0000000000000000 [ 134.383674] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 134.384568] RBP: ffff88800fc8fbe8 R08: ffffed10023b3633 R09: ffffed10023b3633 [ 134.385302] R10: ffff888011d9b193 R11: ffffed10023b3632 R12: ffff888014392c00 [ 134.386032] R13: ffff888011d9b1e8 R14: ffff88800b874400 R15: 0000000000000000 [ 134.387029] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.387870] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.388473] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 134.389286] PKRU: 55555554 [ 134.389753] Call Trace: [ 134.390022] [ 134.390258] iommufd_access_destroy_object+0x65/0x170 [ 134.390855] iommufd_object_destroy_user+0x18e/0x220 [ 134.391429] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 134.392051] iommufd_access_destroy+0x43/0x70 [ 134.392762] iommufd_test_staccess_release+0x8d/0xd0 [ 134.393321] __fput+0x26d/0xa40 [ 134.393703] ____fput+0x1e/0x30 [ 134.394067] task_work_run+0x1a4/0x2d0 [ 134.394496] ? __pfx_task_work_run+0x10/0x10 [ 134.395016] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.395816] ? switch_task_namespaces+0xa9/0xe0 [ 134.396326] do_exit+0xb17/0x2ef0 [ 134.396702] ? lock_acquire+0x427/0x4c0 [ 134.397135] ? __pfx_lock_release+0x10/0x10 [ 134.397609] ? __kasan_check_write+0x18/0x20 [ 134.398310] ? do_raw_spin_lock+0x132/0x2a0 [ 134.398821] ? __pfx_do_exit+0x10/0x10 [ 134.399264] ? debug_smp_processor_id+0x20/0x30 [ 134.399768] ? rcu_is_watching+0x19/0xb0 [ 134.400207] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.400768] ? trace_hardirqs_on+0x26/0x120 [ 134.401387] do_group_exit+0xe0/0x2b0 [ 134.401798] __x64_sys_exit_group+0x47/0x50 [ 134.402249] do_syscall_64+0x3b/0x90 [ 134.402690] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.403261] RIP: 0033:0x7f4b87518a4d [ 134.403711] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.404503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.405314] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.406134] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.407067] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.407826] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.408566] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.409594] [ 134.409846] irq event stamp: 0 [ 134.410176] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.410875] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.411816] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.412922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.413593] ---[ end trace 0000000000000000 ]--- [ 134.414479] ------------[ cut here ]------------ [ 134.415169] WARNING: CPU: 1 PID: 1250 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 134.416268] Modules linked in: [ 134.416615] CPU: 1 PID: 1250 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.417776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.419001] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 134.419567] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 134.421735] RSP: 0018:ffff88800fc8fb78 EFLAGS: 00010246 [ 134.422310] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.423321] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 134.424067] RBP: ffff88800fc8fb98 R08: ffffed10023b363e R09: ffffed10023b363e [ 134.424821] R10: ffff888011d9b1ef R11: ffffed10023b363d R12: ffff888011d9b290 [ 134.425671] R13: ffff888011d9b0a8 R14: ffffffffffffffff R15: ffff88800fc8fc60 [ 134.426572] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.427433] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.428059] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 134.429055] PKRU: 55555554 [ 134.429361] Call Trace: [ 134.429638] [ 134.429880] iommufd_ioas_destroy+0x53/0x70 [ 134.430342] iommufd_fops_release+0x1f7/0x370 [ 134.430954] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.431622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.432153] ? write_comp_data+0x2f/0x90 [ 134.432587] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.433109] __fput+0x26d/0xa40 [ 134.433480] ____fput+0x1e/0x30 [ 134.433971] task_work_run+0x1a4/0x2d0 [ 134.434550] ? __pfx_task_work_run+0x10/0x10 [ 134.435043] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.435582] ? switch_task_namespaces+0xa9/0xe0 [ 134.436084] do_exit+0xb17/0x2ef0 [ 134.436464] ? lock_acquire+0x427/0x4c0 [ 134.437114] ? __pfx_lock_release+0x10/0x10 [ 134.437587] ? __kasan_check_write+0x18/0x20 [ 134.438066] ? do_raw_spin_lock+0x132/0x2a0 [ 134.438568] ? __pfx_do_exit+0x10/0x10 [ 134.439011] ? debug_smp_processor_id+0x20/0x30 [ 134.439605] ? rcu_is_watching+0x19/0xb0 [ 134.440176] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.440662] ? trace_hardirqs_on+0x26/0x120 [ 134.441132] do_group_exit+0xe0/0x2b0 [ 134.441546] __x64_sys_exit_group+0x47/0x50 [ 134.442110] do_syscall_64+0x3b/0x90 [ 134.442675] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.443250] RIP: 0033:0x7f4b87518a4d [ 134.443654] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.444319] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.445366] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.446119] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.446907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.447765] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.448651] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.449417] [ 134.449671] irq event stamp: 0 [ 134.450061] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.450948] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.451847] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.452726] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.453657] ---[ end trace 0000000000000000 ]--- [ 134.458953] ------------[ cut here ]------------ [ 134.459552] WARNING: CPU: 1 PID: 1251 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.460857] Modules linked in: [ 134.461201] CPU: 1 PID: 1251 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.462107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.463578] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.464123] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.466280] RSP: 0018:ffff88801725fbb8 EFLAGS: 00010246 [ 134.466893] RAX: 0000000000000000 RBX: ffff88802456a0a8 RCX: 0000000000000000 [ 134.468260] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 134.469204] RBP: ffff88801725fbd0 R08: ffffed10048ad433 R09: ffffed10048ad433 [ 134.470243] R10: ffff88802456a193 R11: ffffed10048ad432 R12: ffff888010c0b400 [ 134.471382] R13: ffff88802456a1e8 R14: ffffffff8352e670 R15: ffff88801725fe68 [ 134.472336] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.473618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.474386] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 134.475603] PKRU: 55555554 [ 134.475988] Call Trace: [ 134.476335] [ 134.476646] __iommufd_access_detach+0x1c2/0x2b0 [ 134.477331] iommufd_access_change_pt+0x149/0x270 [ 134.478142] iommufd_access_replace+0xb4/0x120 [ 134.478797] iommufd_test+0x3e5/0x37e0 [ 134.479360] ? lock_release+0x532/0x770 [ 134.480109] ? __might_fault+0x102/0x1b0 [ 134.480666] ? lock_acquire+0x427/0x4c0 [ 134.481215] ? __pfx_iommufd_test+0x10/0x10 [ 134.481787] ? __pfx_lock_release+0x10/0x10 [ 134.482615] ? __pfx_lock_acquire+0x10/0x10 [ 134.483233] ? write_comp_data+0x2f/0x90 [ 134.483791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.484444] ? write_comp_data+0x2f/0x90 [ 134.485225] iommufd_fops_ioctl+0x37d/0x510 [ 134.485808] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.486461] ? write_comp_data+0x2f/0x90 [ 134.487102] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.487887] __x64_sys_ioctl+0x1a3/0x230 [ 134.488446] do_syscall_64+0x3b/0x90 [ 134.488959] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.489893] RIP: 0033:0x7f4b8743ee5d [ 134.490399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.493135] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.494145] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.495430] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.496402] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.497578] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.498574] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.499607] [ 134.500081] irq event stamp: 0 [ 134.500516] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.501372] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.502744] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.503888] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.504855] ---[ end trace 0000000000000000 ]--- [ 134.513785] ------------[ cut here ]------------ [ 134.514666] WARNING: CPU: 1 PID: 1251 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.516170] Modules linked in: [ 134.516614] CPU: 1 PID: 1251 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.518078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.519863] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.520600] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.523291] RSP: 0018:ffff88801725fbd0 EFLAGS: 00010246 [ 134.524016] RAX: 0000000000000000 RBX: ffff88802456a0a8 RCX: 0000000000000000 [ 134.525183] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 134.526135] RBP: ffff88801725fbe8 R08: ffffed10048ad433 R09: ffffed10048ad433 [ 134.527146] R10: ffff88802456a193 R11: ffffed10048ad432 R12: ffff888013643800 [ 134.528282] R13: ffff88802456a1e8 R14: ffff888011f19100 R15: 0000000000000000 [ 134.529241] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.530555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.531362] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.532415] PKRU: 55555554 [ 134.532919] Call Trace: [ 134.533271] [ 134.533586] iommufd_access_destroy_object+0x65/0x170 [ 134.534294] iommufd_object_destroy_user+0x18e/0x220 [ 134.535152] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 134.535998] iommufd_access_destroy+0x43/0x70 [ 134.536624] iommufd_test_staccess_release+0x8d/0xd0 [ 134.537378] __fput+0x26d/0xa40 [ 134.537971] ____fput+0x1e/0x30 [ 134.538442] task_work_run+0x1a4/0x2d0 [ 134.539023] ? __pfx_task_work_run+0x10/0x10 [ 134.539651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.540538] ? switch_task_namespaces+0xa9/0xe0 [ 134.541193] do_exit+0xb17/0x2ef0 [ 134.541672] ? lock_acquire+0x427/0x4c0 [ 134.542231] ? __pfx_lock_release+0x10/0x10 [ 134.542877] ? __kasan_check_write+0x18/0x20 [ 134.543514] ? do_raw_spin_lock+0x132/0x2a0 [ 134.544325] ? __pfx_do_exit+0x10/0x10 [ 134.544875] ? debug_smp_processor_id+0x20/0x30 [ 134.545513] ? rcu_is_watching+0x19/0xb0 [ 134.546072] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.546963] ? trace_hardirqs_on+0x26/0x120 [ 134.547576] do_group_exit+0xe0/0x2b0 [ 134.548101] __x64_sys_exit_group+0x47/0x50 [ 134.548688] do_syscall_64+0x3b/0x90 [ 134.549264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.550088] RIP: 0033:0x7f4b87518a4d [ 134.550653] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.551504] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.552753] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.553710] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.554790] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.555873] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.556832] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.558039] [ 134.558366] irq event stamp: 0 [ 134.558851] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.559718] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.561070] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.562186] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.563322] ---[ end trace 0000000000000000 ]--- [ 134.565050] ------------[ cut here ]------------ [ 134.565861] WARNING: CPU: 1 PID: 1251 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 134.567483] Modules linked in: [ 134.567935] CPU: 1 PID: 1251 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.569341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.570894] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 134.571664] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 134.574330] RSP: 0018:ffff88801725fb78 EFLAGS: 00010246 [ 134.575236] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.576207] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 134.577275] RBP: ffff88801725fb98 R08: ffffed10048ad43e R09: ffffed10048ad43e [ 134.578351] R10: ffff88802456a1ef R11: ffffed10048ad43d R12: ffff88802456a290 [ 134.579367] R13: ffff88802456a0a8 R14: ffffffffffffffff R15: ffff88801725fc60 [ 134.580538] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.581618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.582500] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.583639] PKRU: 55555554 [ 134.584029] Call Trace: [ 134.584382] [ 134.584698] iommufd_ioas_destroy+0x53/0x70 [ 134.585408] iommufd_fops_release+0x1f7/0x370 [ 134.586154] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.586890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.587590] ? write_comp_data+0x2f/0x90 [ 134.588198] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.589008] __fput+0x26d/0xa40 [ 134.589486] ____fput+0x1e/0x30 [ 134.589958] task_work_run+0x1a4/0x2d0 [ 134.590611] ? __pfx_task_work_run+0x10/0x10 [ 134.591431] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.592109] ? switch_task_namespaces+0xa9/0xe0 [ 134.592761] do_exit+0xb17/0x2ef0 [ 134.593240] ? lock_acquire+0x427/0x4c0 [ 134.594017] ? __pfx_lock_release+0x10/0x10 [ 134.594689] ? __kasan_check_write+0x18/0x20 [ 134.595332] ? do_raw_spin_lock+0x132/0x2a0 [ 134.595924] ? __pfx_do_exit+0x10/0x10 [ 134.596575] ? debug_smp_processor_id+0x20/0x30 [ 134.597304] ? rcu_is_watching+0x19/0xb0 [ 134.597864] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.598492] ? trace_hardirqs_on+0x26/0x120 [ 134.599262] do_group_exit+0xe0/0x2b0 [ 134.599871] __x64_sys_exit_group+0x47/0x50 [ 134.600458] do_syscall_64+0x3b/0x90 [ 134.600981] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.601813] RIP: 0033:0x7f4b87518a4d [ 134.602437] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.603337] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.604368] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.605540] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.606472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.607731] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.608705] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.609689] [ 134.610080] irq event stamp: 0 [ 134.610658] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.611536] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.612715] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.613945] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.614849] ---[ end trace 0000000000000000 ]--- [ 134.623323] ------------[ cut here ]------------ [ 134.624047] WARNING: CPU: 1 PID: 1252 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.625747] Modules linked in: [ 134.626192] CPU: 1 PID: 1252 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.627477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.629263] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.629950] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.632667] RSP: 0018:ffff88800fc8fbb8 EFLAGS: 00010246 [ 134.633489] RAX: 0000000000000000 RBX: ffff8880180db8a8 RCX: 0000000000000000 [ 134.634634] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 134.635623] RBP: ffff88800fc8fbd0 R08: ffffed100301b733 R09: ffffed100301b733 [ 134.636805] R10: ffff8880180db993 R11: ffffed100301b732 R12: ffff888013b14000 [ 134.637778] R13: ffff8880180db9e8 R14: ffffffff8352e670 R15: ffff88800fc8fe68 [ 134.638895] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.640090] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.640887] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 134.642066] PKRU: 55555554 [ 134.642461] Call Trace: [ 134.642863] [ 134.643205] __iommufd_access_detach+0x1c2/0x2b0 [ 134.643882] iommufd_access_change_pt+0x149/0x270 [ 134.644668] iommufd_access_replace+0xb4/0x120 [ 134.645444] iommufd_test+0x3e5/0x37e0 [ 134.645986] ? lock_release+0x532/0x770 [ 134.646600] ? __might_fault+0x102/0x1b0 [ 134.647198] ? lock_acquire+0x427/0x4c0 [ 134.647978] ? __pfx_iommufd_test+0x10/0x10 [ 134.648569] ? __pfx_lock_release+0x10/0x10 [ 134.649174] ? __pfx_lock_acquire+0x10/0x10 [ 134.649783] ? write_comp_data+0x2f/0x90 [ 134.650574] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.651272] ? write_comp_data+0x2f/0x90 [ 134.651846] iommufd_fops_ioctl+0x37d/0x510 [ 134.652446] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.653331] ? write_comp_data+0x2f/0x90 [ 134.653904] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.654614] __x64_sys_ioctl+0x1a3/0x230 [ 134.655218] do_syscall_64+0x3b/0x90 [ 134.655844] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.656677] RIP: 0033:0x7f4b8743ee5d [ 134.657190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.659896] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.660966] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.662079] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.663082] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.664244] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.665208] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.666206] [ 134.666733] irq event stamp: 0 [ 134.667197] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.668052] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.669307] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.670488] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.671400] ---[ end trace 0000000000000000 ]--- [ 134.676976] ------------[ cut here ]------------ [ 134.677663] WARNING: CPU: 1 PID: 1252 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.679169] Modules linked in: [ 134.679713] CPU: 1 PID: 1252 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.680901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.682679] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.683388] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.686027] RSP: 0018:ffff88800fc8fbd0 EFLAGS: 00010246 [ 134.686807] RAX: 0000000000000000 RBX: ffff8880180db8a8 RCX: 0000000000000000 [ 134.688001] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 134.688962] RBP: ffff88800fc8fbe8 R08: ffffed100301b733 R09: ffffed100301b733 [ 134.690182] R10: ffff8880180db993 R11: ffffed100301b732 R12: ffff888010c0a800 [ 134.691214] R13: ffff8880180db9e8 R14: ffff888013807300 R15: 0000000000000000 [ 134.692181] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.693465] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.694245] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.695446] PKRU: 55555554 [ 134.695839] Call Trace: [ 134.696192] [ 134.696508] iommufd_access_destroy_object+0x65/0x170 [ 134.697223] iommufd_object_destroy_user+0x18e/0x220 [ 134.698110] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 134.698945] iommufd_access_destroy+0x43/0x70 [ 134.699638] iommufd_test_staccess_release+0x8d/0xd0 [ 134.700221] __fput+0x26d/0xa40 [ 134.700733] ____fput+0x1e/0x30 [ 134.701271] task_work_run+0x1a4/0x2d0 [ 134.701714] ? __pfx_task_work_run+0x10/0x10 [ 134.702193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.702796] ? switch_task_namespaces+0xa9/0xe0 [ 134.703486] do_exit+0xb17/0x2ef0 [ 134.703866] ? lock_acquire+0x427/0x4c0 [ 134.704312] ? __pfx_lock_release+0x10/0x10 [ 134.704792] ? __kasan_check_write+0x18/0x20 [ 134.705280] ? do_raw_spin_lock+0x132/0x2a0 [ 134.705886] ? __pfx_do_exit+0x10/0x10 [ 134.706391] ? debug_smp_processor_id+0x20/0x30 [ 134.706942] ? rcu_is_watching+0x19/0xb0 [ 134.707402] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.707903] ? trace_hardirqs_on+0x26/0x120 [ 134.708385] do_group_exit+0xe0/0x2b0 [ 134.709029] __x64_sys_exit_group+0x47/0x50 [ 134.709502] do_syscall_64+0x3b/0x90 [ 134.709929] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.710500] RIP: 0033:0x7f4b87518a4d [ 134.710934] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.711821] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.712618] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.713379] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.714330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.715102] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.715857] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.716804] [ 134.717076] irq event stamp: 0 [ 134.717409] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.718070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.719174] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.720049] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.720703] ---[ end trace 0000000000000000 ]--- [ 134.721667] ------------[ cut here ]------------ [ 134.722163] WARNING: CPU: 1 PID: 1252 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 134.723289] Modules linked in: [ 134.723632] CPU: 1 PID: 1252 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.724789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.725954] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 134.726640] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 134.728604] RSP: 0018:ffff88800fc8fb78 EFLAGS: 00010246 [ 134.729373] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.730128] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 134.730904] RBP: ffff88800fc8fb98 R08: ffffed100301b73e R09: ffffed100301b73e [ 134.731702] R10: ffff8880180db9ef R11: ffffed100301b73d R12: ffff8880180dba90 [ 134.732517] R13: ffff8880180db8a8 R14: ffffffffffffffff R15: ffff88800fc8fc60 [ 134.733240] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.734256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.734878] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.735613] PKRU: 55555554 [ 134.735903] Call Trace: [ 134.736165] [ 134.736423] iommufd_ioas_destroy+0x53/0x70 [ 134.737031] iommufd_fops_release+0x1f7/0x370 [ 134.737498] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.738008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.738563] ? write_comp_data+0x2f/0x90 [ 134.738993] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.739692] __fput+0x26d/0xa40 [ 134.740049] ____fput+0x1e/0x30 [ 134.740393] task_work_run+0x1a4/0x2d0 [ 134.740791] ? __pfx_task_work_run+0x10/0x10 [ 134.741238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.741945] ? switch_task_namespaces+0xa9/0xe0 [ 134.742426] do_exit+0xb17/0x2ef0 [ 134.742863] ? lock_acquire+0x427/0x4c0 [ 134.743288] ? __pfx_lock_release+0x10/0x10 [ 134.743739] ? __kasan_check_write+0x18/0x20 [ 134.744308] ? do_raw_spin_lock+0x132/0x2a0 [ 134.744850] ? __pfx_do_exit+0x10/0x10 [ 134.745249] ? debug_smp_processor_id+0x20/0x30 [ 134.745712] ? rcu_is_watching+0x19/0xb0 [ 134.746103] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.746811] ? trace_hardirqs_on+0x26/0x120 [ 134.747275] do_group_exit+0xe0/0x2b0 [ 134.747668] __x64_sys_exit_group+0x47/0x50 [ 134.748105] do_syscall_64+0x3b/0x90 [ 134.748522] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.749215] RIP: 0033:0x7f4b87518a4d [ 134.749595] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.750208] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.751153] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.751857] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.752564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.753409] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.754071] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.754760] [ 134.755002] irq event stamp: 0 [ 134.755438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.756026] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.756813] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.757756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.758349] ---[ end trace 0000000000000000 ]--- [ 134.764783] ------------[ cut here ]------------ [ 134.765309] WARNING: CPU: 1 PID: 1253 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.766335] Modules linked in: [ 134.766695] CPU: 1 PID: 1253 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.767626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.768702] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.769166] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.771057] RSP: 0018:ffff888016ebfbb8 EFLAGS: 00010246 [ 134.771564] RAX: 0000000000000000 RBX: ffff88800bc4e8a8 RCX: 0000000000000000 [ 134.772318] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 134.773028] RBP: ffff888016ebfbd0 R08: ffffed1001789d33 R09: ffffed1001789d33 [ 134.773688] R10: ffff88800bc4e993 R11: ffffed1001789d32 R12: ffff88800ae90800 [ 134.774451] R13: ffff88800bc4e9e8 R14: ffffffff8352e670 R15: ffff888016ebfe68 [ 134.775213] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.775962] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.776500] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 134.777312] PKRU: 55555554 [ 134.777578] Call Trace: [ 134.777816] [ 134.778027] __iommufd_access_detach+0x1c2/0x2b0 [ 134.778494] iommufd_access_change_pt+0x149/0x270 [ 134.778987] iommufd_access_replace+0xb4/0x120 [ 134.779606] iommufd_test+0x3e5/0x37e0 [ 134.779972] ? lock_release+0x532/0x770 [ 134.780357] ? __might_fault+0x102/0x1b0 [ 134.780746] ? lock_acquire+0x427/0x4c0 [ 134.781132] ? __pfx_iommufd_test+0x10/0x10 [ 134.781707] ? __pfx_lock_release+0x10/0x10 [ 134.782114] ? __pfx_lock_acquire+0x10/0x10 [ 134.782544] ? write_comp_data+0x2f/0x90 [ 134.782926] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.783394] ? write_comp_data+0x2f/0x90 [ 134.783837] iommufd_fops_ioctl+0x37d/0x510 [ 134.784314] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.784772] ? write_comp_data+0x2f/0x90 [ 134.785164] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.785610] __x64_sys_ioctl+0x1a3/0x230 [ 134.786148] do_syscall_64+0x3b/0x90 [ 134.786535] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.787020] RIP: 0033:0x7f4b8743ee5d [ 134.787381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.789220] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.789917] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.790759] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.791419] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.792068] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.792757] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.793537] [ 134.793751] irq event stamp: 0 [ 134.794041] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.794653] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.795543] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.796338] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.796918] ---[ end trace 0000000000000000 ]--- [ 134.800238] ------------[ cut here ]------------ [ 134.800716] WARNING: CPU: 1 PID: 1253 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.801747] Modules linked in: [ 134.802138] CPU: 1 PID: 1253 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.803001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.804047] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.804699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.806433] RSP: 0018:ffff888016ebfbd0 EFLAGS: 00010246 [ 134.807029] RAX: 0000000000000000 RBX: ffff88800bc4e8a8 RCX: 0000000000000000 [ 134.807697] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 134.808348] RBP: ffff888016ebfbe8 R08: ffffed1001789d33 R09: ffffed1001789d33 [ 134.809163] R10: ffff88800bc4e993 R11: ffffed1001789d32 R12: ffff888013b17c00 [ 134.809810] R13: ffff88800bc4e9e8 R14: ffff888020f65800 R15: 0000000000000000 [ 134.810456] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.811384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.811926] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.812577] PKRU: 55555554 [ 134.812840] Call Trace: [ 134.813076] [ 134.813315] iommufd_access_destroy_object+0x65/0x170 [ 134.813904] iommufd_object_destroy_user+0x18e/0x220 [ 134.814370] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 134.814929] iommufd_access_destroy+0x43/0x70 [ 134.815362] iommufd_test_staccess_release+0x8d/0xd0 [ 134.815936] __fput+0x26d/0xa40 [ 134.816325] ____fput+0x1e/0x30 [ 134.816636] task_work_run+0x1a4/0x2d0 [ 134.817001] ? __pfx_task_work_run+0x10/0x10 [ 134.817406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.817945] ? switch_task_namespaces+0xa9/0xe0 [ 134.818463] do_exit+0xb17/0x2ef0 [ 134.818818] ? lock_acquire+0x427/0x4c0 [ 134.819209] ? __pfx_lock_release+0x10/0x10 [ 134.819617] ? __kasan_check_write+0x18/0x20 [ 134.820027] ? do_raw_spin_lock+0x132/0x2a0 [ 134.820522] ? __pfx_do_exit+0x10/0x10 [ 134.820964] ? debug_smp_processor_id+0x20/0x30 [ 134.821389] ? rcu_is_watching+0x19/0xb0 [ 134.821763] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.822187] ? trace_hardirqs_on+0x26/0x120 [ 134.822712] do_group_exit+0xe0/0x2b0 [ 134.823148] __x64_sys_exit_group+0x47/0x50 [ 134.823550] do_syscall_64+0x3b/0x90 [ 134.823899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.824363] RIP: 0033:0x7f4b87518a4d [ 134.824690] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.825369] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.826026] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.826661] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.827323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.828016] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.828630] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.829299] [ 134.829572] irq event stamp: 0 [ 134.829845] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.830393] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.831176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.831985] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.832526] ---[ end trace 0000000000000000 ]--- [ 134.833343] ------------[ cut here ]------------ [ 134.833896] WARNING: CPU: 1 PID: 1253 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 134.834837] Modules linked in: [ 134.835123] CPU: 1 PID: 1253 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.836022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.836993] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 134.837440] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 134.839185] RSP: 0018:ffff888016ebfb78 EFLAGS: 00010246 [ 134.839649] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.840427] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 134.841044] RBP: ffff888016ebfb98 R08: ffffed1001789d3e R09: ffffed1001789d3e [ 134.841658] R10: ffff88800bc4e9ef R11: ffffed1001789d3d R12: ffff88800bc4ea90 [ 134.842433] R13: ffff88800bc4e8a8 R14: ffffffffffffffff R15: ffff888016ebfc60 [ 134.843066] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.843772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.844328] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.845027] PKRU: 55555554 [ 134.845275] Call Trace: [ 134.845496] [ 134.845695] iommufd_ioas_destroy+0x53/0x70 [ 134.846079] iommufd_fops_release+0x1f7/0x370 [ 134.846636] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.847075] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.847518] ? write_comp_data+0x2f/0x90 [ 134.847885] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.848324] __fput+0x26d/0xa40 [ 134.848716] ____fput+0x1e/0x30 [ 134.849074] task_work_run+0x1a4/0x2d0 [ 134.849429] ? __pfx_task_work_run+0x10/0x10 [ 134.849820] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.850250] ? switch_task_namespaces+0xa9/0xe0 [ 134.850812] do_exit+0xb17/0x2ef0 [ 134.851124] ? lock_acquire+0x427/0x4c0 [ 134.851479] ? __pfx_lock_release+0x10/0x10 [ 134.851866] ? __kasan_check_write+0x18/0x20 [ 134.852257] ? do_raw_spin_lock+0x132/0x2a0 [ 134.852639] ? __pfx_do_exit+0x10/0x10 [ 134.853080] ? debug_smp_processor_id+0x20/0x30 [ 134.853558] ? rcu_is_watching+0x19/0xb0 [ 134.853918] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.854317] ? trace_hardirqs_on+0x26/0x120 [ 134.854723] do_group_exit+0xe0/0x2b0 [ 134.855062] __x64_sys_exit_group+0x47/0x50 [ 134.855599] do_syscall_64+0x3b/0x90 [ 134.855935] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.856397] RIP: 0033:0x7f4b87518a4d [ 134.856724] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.857295] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.858040] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.858703] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.859334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.860103] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.860723] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.861356] [ 134.861614] irq event stamp: 0 [ 134.862013] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.862600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.863359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.864183] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.864807] ---[ end trace 0000000000000000 ]--- [ 134.869728] ------------[ cut here ]------------ [ 134.870287] WARNING: CPU: 1 PID: 1254 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.871335] Modules linked in: [ 134.871626] CPU: 1 PID: 1254 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.872433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.873512] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.873954] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.875710] RSP: 0018:ffff88800fc8fbb8 EFLAGS: 00010246 [ 134.876179] RAX: 0000000000000000 RBX: ffff8880165330a8 RCX: 0000000000000000 [ 134.876942] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 134.877566] RBP: ffff88800fc8fbd0 R08: ffffed1002ca6633 R09: ffffed1002ca6633 [ 134.878183] R10: ffff888016533193 R11: ffffed1002ca6632 R12: ffff8880129c6800 [ 134.878979] R13: ffff8880165331e8 R14: ffffffff8352e670 R15: ffff88800fc8fe68 [ 134.879611] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.880320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.880877] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 134.881571] PKRU: 55555554 [ 134.881824] Call Trace: [ 134.882051] [ 134.882252] __iommufd_access_detach+0x1c2/0x2b0 [ 134.882733] iommufd_access_change_pt+0x149/0x270 [ 134.883282] iommufd_access_replace+0xb4/0x120 [ 134.883700] iommufd_test+0x3e5/0x37e0 [ 134.884042] ? lock_release+0x532/0x770 [ 134.884409] ? __might_fault+0x102/0x1b0 [ 134.884777] ? lock_acquire+0x427/0x4c0 [ 134.885200] ? __pfx_iommufd_test+0x10/0x10 [ 134.885646] ? __pfx_lock_release+0x10/0x10 [ 134.886036] ? __pfx_lock_acquire+0x10/0x10 [ 134.886429] ? write_comp_data+0x2f/0x90 [ 134.886825] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.887263] ? write_comp_data+0x2f/0x90 [ 134.887772] iommufd_fops_ioctl+0x37d/0x510 [ 134.888159] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.888591] ? write_comp_data+0x2f/0x90 [ 134.888956] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.889426] __x64_sys_ioctl+0x1a3/0x230 [ 134.889868] do_syscall_64+0x3b/0x90 [ 134.890210] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.890700] RIP: 0033:0x7f4b8743ee5d [ 134.891032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.892766] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.893429] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.894191] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.894834] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.895470] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.896173] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.896865] [ 134.897072] irq event stamp: 0 [ 134.897348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.897924] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.898763] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.899501] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.900049] ---[ end trace 0000000000000000 ]--- [ 134.903401] ------------[ cut here ]------------ [ 134.903848] WARNING: CPU: 1 PID: 1254 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.904825] Modules linked in: [ 134.905165] CPU: 1 PID: 1254 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.905919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.907049] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.907489] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.909149] RSP: 0018:ffff88800fc8fbd0 EFLAGS: 00010246 [ 134.909669] RAX: 0000000000000000 RBX: ffff8880165330a8 RCX: 0000000000000000 [ 134.910282] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 134.910947] RBP: ffff88800fc8fbe8 R08: ffffed1002ca6633 R09: ffffed1002ca6633 [ 134.911682] R10: ffff888016533193 R11: ffffed1002ca6632 R12: ffff88800ae92800 [ 134.912298] R13: ffff8880165331e8 R14: ffff88800f19e900 R15: 0000000000000000 [ 134.912914] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.913738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.914239] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.914881] PKRU: 55555554 [ 134.915140] Call Trace: [ 134.915386] [ 134.915636] iommufd_access_destroy_object+0x65/0x170 [ 134.916105] iommufd_object_destroy_user+0x18e/0x220 [ 134.916551] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 134.917060] iommufd_access_destroy+0x43/0x70 [ 134.917542] iommufd_test_staccess_release+0x8d/0xd0 [ 134.918042] __fput+0x26d/0xa40 [ 134.918347] ____fput+0x1e/0x30 [ 134.918675] task_work_run+0x1a4/0x2d0 [ 134.919029] ? __pfx_task_work_run+0x10/0x10 [ 134.919428] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.919943] ? switch_task_namespaces+0xa9/0xe0 [ 134.920425] do_exit+0xb17/0x2ef0 [ 134.920730] ? lock_acquire+0x427/0x4c0 [ 134.921089] ? __pfx_lock_release+0x10/0x10 [ 134.921485] ? __kasan_check_write+0x18/0x20 [ 134.921970] ? do_raw_spin_lock+0x132/0x2a0 [ 134.922418] ? __pfx_do_exit+0x10/0x10 [ 134.922792] ? debug_smp_processor_id+0x20/0x30 [ 134.923206] ? rcu_is_watching+0x19/0xb0 [ 134.923567] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.923971] ? trace_hardirqs_on+0x26/0x120 [ 134.924406] do_group_exit+0xe0/0x2b0 [ 134.924804] __x64_sys_exit_group+0x47/0x50 [ 134.925182] do_syscall_64+0x3b/0x90 [ 134.925521] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.925983] RIP: 0033:0x7f4b87518a4d [ 134.926397] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.927021] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.927696] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.928318] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.929036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.929700] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.930323] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.931043] [ 134.931320] irq event stamp: 0 [ 134.931598] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.932150] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.932887] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.933767] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.934319] ---[ end trace 0000000000000000 ]--- [ 134.935103] ------------[ cut here ]------------ [ 134.935530] WARNING: CPU: 1 PID: 1254 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 134.936561] Modules linked in: [ 134.936842] CPU: 1 PID: 1254 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.937602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.938769] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 134.939237] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 134.940976] RSP: 0018:ffff88800fc8fb78 EFLAGS: 00010246 [ 134.941451] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 134.942067] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 134.942855] RBP: ffff88800fc8fb98 R08: ffffed1002ca663e R09: ffffed1002ca663e [ 134.943493] R10: ffff8880165331ef R11: ffffed1002ca663d R12: ffff888016533290 [ 134.944108] R13: ffff8880165330a8 R14: ffffffffffffffff R15: ffff88800fc8fc60 [ 134.944820] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.945586] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.946091] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 134.946768] PKRU: 55555554 [ 134.947086] Call Trace: [ 134.947314] [ 134.947518] iommufd_ioas_destroy+0x53/0x70 [ 134.947904] iommufd_fops_release+0x1f7/0x370 [ 134.948306] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.948747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.949262] ? write_comp_data+0x2f/0x90 [ 134.949660] ? __pfx_iommufd_fops_release+0x10/0x10 [ 134.950101] __fput+0x26d/0xa40 [ 134.950408] ____fput+0x1e/0x30 [ 134.950732] task_work_run+0x1a4/0x2d0 [ 134.951083] ? __pfx_task_work_run+0x10/0x10 [ 134.951563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.952044] ? switch_task_namespaces+0xa9/0xe0 [ 134.952462] do_exit+0xb17/0x2ef0 [ 134.952769] ? lock_acquire+0x427/0x4c0 [ 134.953127] ? __pfx_lock_release+0x10/0x10 [ 134.953592] ? __kasan_check_write+0x18/0x20 [ 134.954026] ? do_raw_spin_lock+0x132/0x2a0 [ 134.954412] ? __pfx_do_exit+0x10/0x10 [ 134.954791] ? debug_smp_processor_id+0x20/0x30 [ 134.955215] ? rcu_is_watching+0x19/0xb0 [ 134.955575] ? _raw_spin_unlock_irq+0x2b/0x60 [ 134.956058] ? trace_hardirqs_on+0x26/0x120 [ 134.956488] do_group_exit+0xe0/0x2b0 [ 134.956821] __x64_sys_exit_group+0x47/0x50 [ 134.957199] do_syscall_64+0x3b/0x90 [ 134.957534] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.958081] RIP: 0033:0x7f4b87518a4d [ 134.958466] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 134.959032] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 134.959698] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 134.960335] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 134.961063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 134.961681] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 134.962297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 134.963085] [ 134.963304] irq event stamp: 0 [ 134.963578] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.964121] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.964938] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.965727] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 134.966270] ---[ end trace 0000000000000000 ]--- [ 134.970331] ------------[ cut here ]------------ [ 134.970830] WARNING: CPU: 1 PID: 1255 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 134.971806] Modules linked in: [ 134.972148] CPU: 1 PID: 1255 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 134.972908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 134.973957] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 134.974456] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 134.976211] RSP: 0018:ffff88800bcdfbb8 EFLAGS: 00010246 [ 134.976681] RAX: 0000000000000000 RBX: ffff888016eba0a8 RCX: 0000000000000000 [ 134.977300] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 134.977920] RBP: ffff88800bcdfbd0 R08: ffffed1002dd7433 R09: ffffed1002dd7433 [ 134.978703] R10: ffff888016eba193 R11: ffffed1002dd7432 R12: ffff88800f0e0c00 [ 134.979340] R13: ffff888016eba1e8 R14: ffffffff8352e670 R15: ffff88800bcdfe68 [ 134.979958] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 134.980790] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.981295] CR2: 0000000020000140 CR3: 0000000020fde000 CR4: 0000000000750ee0 [ 134.981916] PKRU: 55555554 [ 134.982165] Call Trace: [ 134.982441] [ 134.982748] __iommufd_access_detach+0x1c2/0x2b0 [ 134.983194] iommufd_access_change_pt+0x149/0x270 [ 134.983628] iommufd_access_replace+0xb4/0x120 [ 134.984047] iommufd_test+0x3e5/0x37e0 [ 134.984389] ? lock_release+0x532/0x770 [ 134.984787] ? __might_fault+0x102/0x1b0 [ 134.985237] ? lock_acquire+0x427/0x4c0 [ 134.985599] ? __pfx_iommufd_test+0x10/0x10 [ 134.985976] ? __pfx_lock_release+0x10/0x10 [ 134.986360] ? __pfx_lock_acquire+0x10/0x10 [ 134.986822] ? write_comp_data+0x2f/0x90 [ 134.987249] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 134.987681] ? write_comp_data+0x2f/0x90 [ 134.988047] iommufd_fops_ioctl+0x37d/0x510 [ 134.988433] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.988865] ? write_comp_data+0x2f/0x90 [ 134.989352] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 134.989771] __x64_sys_ioctl+0x1a3/0x230 [ 134.990139] do_syscall_64+0x3b/0x90 [ 134.990478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 134.990965] RIP: 0033:0x7f4b8743ee5d [ 134.991295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 134.993025] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 134.993781] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 134.994437] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 134.995083] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 134.995720] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 134.996465] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 134.997092] [ 134.997303] irq event stamp: 0 [ 134.997581] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 134.998219] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 134.999008] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 134.999756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.000330] ---[ end trace 0000000000000000 ]--- [ 135.003599] ------------[ cut here ]------------ [ 135.004045] WARNING: CPU: 1 PID: 1255 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.005064] Modules linked in: [ 135.005350] CPU: 1 PID: 1255 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.006101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.007256] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.007698] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.009410] RSP: 0018:ffff88800bcdfbd0 EFLAGS: 00010246 [ 135.009871] RAX: 0000000000000000 RBX: ffff888016eba0a8 RCX: 0000000000000000 [ 135.010483] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 135.011259] RBP: ffff88800bcdfbe8 R08: ffffed1002dd7433 R09: ffffed1002dd7433 [ 135.011881] R10: ffff888016eba193 R11: ffffed1002dd7432 R12: ffff8880129c7800 [ 135.012499] R13: ffff888016eba1e8 R14: ffff888013d44500 R15: 0000000000000000 [ 135.013151] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.013928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.014435] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 135.015104] PKRU: 55555554 [ 135.015440] Call Trace: [ 135.015667] [ 135.015865] iommufd_access_destroy_object+0x65/0x170 [ 135.016323] iommufd_object_destroy_user+0x18e/0x220 [ 135.016772] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 135.017308] iommufd_access_destroy+0x43/0x70 [ 135.017789] iommufd_test_staccess_release+0x8d/0xd0 [ 135.018241] __fput+0x26d/0xa40 [ 135.018567] ____fput+0x1e/0x30 [ 135.018865] task_work_run+0x1a4/0x2d0 [ 135.019223] ? __pfx_task_work_run+0x10/0x10 [ 135.019647] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.020150] ? switch_task_namespaces+0xa9/0xe0 [ 135.020564] do_exit+0xb17/0x2ef0 [ 135.020867] ? lock_acquire+0x427/0x4c0 [ 135.021224] ? __pfx_lock_release+0x10/0x10 [ 135.021678] ? __kasan_check_write+0x18/0x20 [ 135.022115] ? do_raw_spin_lock+0x132/0x2a0 [ 135.022493] ? __pfx_do_exit+0x10/0x10 [ 135.022862] ? debug_smp_processor_id+0x20/0x30 [ 135.023285] ? rcu_is_watching+0x19/0xb0 [ 135.023641] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.024042] ? trace_hardirqs_on+0x26/0x120 [ 135.024432] do_group_exit+0xe0/0x2b0 [ 135.024819] __x64_sys_exit_group+0x47/0x50 [ 135.025268] do_syscall_64+0x3b/0x90 [ 135.025600] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.026056] RIP: 0033:0x7f4b87518a4d [ 135.026387] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.026977] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.027717] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.028332] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.028940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.029639] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.030305] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.030946] [ 135.031160] irq event stamp: 0 [ 135.031436] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.032112] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.032844] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.033571] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.034247] ---[ end trace 0000000000000000 ]--- [ 135.035048] ------------[ cut here ]------------ [ 135.035466] WARNING: CPU: 1 PID: 1255 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 135.036485] Modules linked in: [ 135.036767] CPU: 1 PID: 1255 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.037532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.038696] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 135.039155] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 135.040829] RSP: 0018:ffff88800bcdfb78 EFLAGS: 00010246 [ 135.041347] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 135.041961] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 135.042617] RBP: ffff88800bcdfb98 R08: ffffed1002dd743e R09: ffffed1002dd743e [ 135.043368] R10: ffff888016eba1ef R11: ffffed1002dd743d R12: ffff888016eba290 [ 135.043984] R13: ffff888016eba0a8 R14: ffffffffffffffff R15: ffff88800bcdfc60 [ 135.044599] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.045434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.045935] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 135.046598] PKRU: 55555554 [ 135.046849] Call Trace: [ 135.047073] [ 135.047293] iommufd_ioas_destroy+0x53/0x70 [ 135.047780] iommufd_fops_release+0x1f7/0x370 [ 135.048181] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.048620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.049051] ? write_comp_data+0x2f/0x90 [ 135.049499] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.049981] __fput+0x26d/0xa40 [ 135.050284] ____fput+0x1e/0x30 [ 135.050602] task_work_run+0x1a4/0x2d0 [ 135.050949] ? __pfx_task_work_run+0x10/0x10 [ 135.051352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.051825] ? switch_task_namespaces+0xa9/0xe0 [ 135.052314] do_exit+0xb17/0x2ef0 [ 135.052617] ? lock_acquire+0x427/0x4c0 [ 135.052973] ? __pfx_lock_release+0x10/0x10 [ 135.053381] ? __kasan_check_write+0x18/0x20 [ 135.053806] ? do_raw_spin_lock+0x132/0x2a0 [ 135.054269] ? __pfx_do_exit+0x10/0x10 [ 135.054650] ? debug_smp_processor_id+0x20/0x30 [ 135.055079] ? rcu_is_watching+0x19/0xb0 [ 135.055447] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.055852] ? trace_hardirqs_on+0x26/0x120 [ 135.056318] do_group_exit+0xe0/0x2b0 [ 135.056717] __x64_sys_exit_group+0x47/0x50 [ 135.057095] do_syscall_64+0x3b/0x90 [ 135.057429] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.057885] RIP: 0033:0x7f4b87518a4d [ 135.058293] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.058899] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.059570] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.060186] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.060934] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.061552] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.062170] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.062955] [ 135.063174] irq event stamp: 0 [ 135.063451] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.064003] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.064743] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.065605] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.066160] ---[ end trace 0000000000000000 ]--- [ 135.070052] ------------[ cut here ]------------ [ 135.070611] WARNING: CPU: 1 PID: 1256 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.071660] Modules linked in: [ 135.071945] CPU: 1 PID: 1256 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.072693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.073794] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.074232] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.076000] RSP: 0018:ffff88800fc8fbb8 EFLAGS: 00010246 [ 135.076477] RAX: 0000000000000000 RBX: ffff888010b9e0a8 RCX: 0000000000000000 [ 135.077097] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 135.077863] RBP: ffff88800fc8fbd0 R08: ffffed1002173c33 R09: ffffed1002173c33 [ 135.078490] R10: ffff888010b9e193 R11: ffffed1002173c32 R12: ffff88800fcb1000 [ 135.079146] R13: ffff888010b9e1e8 R14: ffffffff8352e670 R15: ffff88800fc8fe68 [ 135.079865] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.080623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.081131] CR2: 00007f4b877410e8 CR3: 0000000020fde000 CR4: 0000000000750ee0 [ 135.081802] PKRU: 55555554 [ 135.082119] Call Trace: [ 135.082346] [ 135.082570] __iommufd_access_detach+0x1c2/0x2b0 [ 135.083007] iommufd_access_change_pt+0x149/0x270 [ 135.083453] iommufd_access_replace+0xb4/0x120 [ 135.083872] iommufd_test+0x3e5/0x37e0 [ 135.084304] ? lock_release+0x532/0x770 [ 135.084675] ? __might_fault+0x102/0x1b0 [ 135.085047] ? lock_acquire+0x427/0x4c0 [ 135.085409] ? __pfx_iommufd_test+0x10/0x10 [ 135.085793] ? __pfx_lock_release+0x10/0x10 [ 135.086304] ? __pfx_lock_acquire+0x10/0x10 [ 135.086728] ? write_comp_data+0x2f/0x90 [ 135.087098] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.087544] ? write_comp_data+0x2f/0x90 [ 135.087912] iommufd_fops_ioctl+0x37d/0x510 [ 135.088342] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.088843] ? write_comp_data+0x2f/0x90 [ 135.089211] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.089644] __x64_sys_ioctl+0x1a3/0x230 [ 135.090022] do_syscall_64+0x3b/0x90 [ 135.090435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.090977] RIP: 0033:0x7f4b8743ee5d [ 135.091323] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 135.093062] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 135.093730] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 135.094354] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 135.095131] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 135.095759] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 135.096382] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 135.097142] [ 135.097349] irq event stamp: 0 [ 135.097636] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.098192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.098956] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.099829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.100388] ---[ end trace 0000000000000000 ]--- [ 135.103632] ------------[ cut here ]------------ [ 135.104201] WARNING: CPU: 1 PID: 1256 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.105091] Modules linked in: [ 135.105370] CPU: 1 PID: 1256 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.106260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.107279] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.107716] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.109450] RSP: 0018:ffff88800fc8fbd0 EFLAGS: 00010246 [ 135.109912] RAX: 0000000000000000 RBX: ffff888010b9e0a8 RCX: 0000000000000000 [ 135.110684] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 135.111331] RBP: ffff88800fc8fbe8 R08: ffffed1002173c33 R09: ffffed1002173c33 [ 135.111955] R10: ffff888010b9e193 R11: ffffed1002173c32 R12: ffff88800f0e2400 [ 135.112716] R13: ffff888010b9e1e8 R14: ffff8880218ca000 R15: 0000000000000000 [ 135.113336] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.114033] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.114705] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.115349] PKRU: 55555554 [ 135.115605] Call Trace: [ 135.115832] [ 135.116035] iommufd_access_destroy_object+0x65/0x170 [ 135.116495] iommufd_object_destroy_user+0x18e/0x220 [ 135.117115] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 135.117633] iommufd_access_destroy+0x43/0x70 [ 135.118055] iommufd_test_staccess_release+0x8d/0xd0 [ 135.118542] __fput+0x26d/0xa40 [ 135.118847] ____fput+0x1e/0x30 [ 135.119251] task_work_run+0x1a4/0x2d0 [ 135.119702] ? __pfx_task_work_run+0x10/0x10 [ 135.120099] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.120537] ? switch_task_namespaces+0xa9/0xe0 [ 135.120966] do_exit+0xb17/0x2ef0 [ 135.121362] ? lock_acquire+0x427/0x4c0 [ 135.121818] ? __pfx_lock_release+0x10/0x10 [ 135.122207] ? __kasan_check_write+0x18/0x20 [ 135.122626] ? do_raw_spin_lock+0x132/0x2a0 [ 135.123011] ? __pfx_do_exit+0x10/0x10 [ 135.123375] ? debug_smp_processor_id+0x20/0x30 [ 135.123880] ? rcu_is_watching+0x19/0xb0 [ 135.124309] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.124716] ? trace_hardirqs_on+0x26/0x120 [ 135.125104] do_group_exit+0xe0/0x2b0 [ 135.125445] __x64_sys_exit_group+0x47/0x50 [ 135.125987] do_syscall_64+0x3b/0x90 [ 135.126330] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.126822] RIP: 0033:0x7f4b87518a4d [ 135.127174] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.127713] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.128558] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.129192] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.129831] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.130621] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.131248] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.131873] [ 135.132082] irq event stamp: 0 [ 135.132453] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.133059] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.133793] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.134681] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.135251] ---[ end trace 0000000000000000 ]--- [ 135.136038] ------------[ cut here ]------------ [ 135.136455] WARNING: CPU: 1 PID: 1256 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 135.137513] Modules linked in: [ 135.137802] CPU: 1 PID: 1256 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.138600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.139739] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 135.140198] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 135.141928] RSP: 0018:ffff88800fc8fb78 EFLAGS: 00010246 [ 135.142396] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 135.143049] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 135.143788] RBP: ffff88800fc8fb98 R08: ffffed1002173c3e R09: ffffed1002173c3e [ 135.144412] R10: ffff888010b9e1ef R11: ffffed1002173c3d R12: ffff888010b9e290 [ 135.145036] R13: ffff888010b9e0a8 R14: ffffffffffffffff R15: ffff88800fc8fc60 [ 135.145808] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.146532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.147035] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.147760] PKRU: 55555554 [ 135.148065] Call Trace: [ 135.148293] [ 135.148492] iommufd_ioas_destroy+0x53/0x70 [ 135.148878] iommufd_fops_release+0x1f7/0x370 [ 135.149276] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.149836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.150284] ? write_comp_data+0x2f/0x90 [ 135.150688] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.151144] __fput+0x26d/0xa40 [ 135.151457] ____fput+0x1e/0x30 [ 135.151773] task_work_run+0x1a4/0x2d0 [ 135.152229] ? __pfx_task_work_run+0x10/0x10 [ 135.152623] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.153064] ? switch_task_namespaces+0xa9/0xe0 [ 135.153496] do_exit+0xb17/0x2ef0 [ 135.153885] ? lock_acquire+0x427/0x4c0 [ 135.154300] ? __pfx_lock_release+0x10/0x10 [ 135.154718] ? __kasan_check_write+0x18/0x20 [ 135.155121] ? do_raw_spin_lock+0x132/0x2a0 [ 135.155513] ? __pfx_do_exit+0x10/0x10 [ 135.155870] ? debug_smp_processor_id+0x20/0x30 [ 135.156387] ? rcu_is_watching+0x19/0xb0 [ 135.156795] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.157201] ? trace_hardirqs_on+0x26/0x120 [ 135.157587] do_group_exit+0xe0/0x2b0 [ 135.157925] __x64_sys_exit_group+0x47/0x50 [ 135.158386] do_syscall_64+0x3b/0x90 [ 135.158828] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.159305] RIP: 0033:0x7f4b87518a4d [ 135.159636] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.160172] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.160956] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.161588] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.162239] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.163088] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.163773] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.164447] [ 135.164665] irq event stamp: 0 [ 135.164960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.165668] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.166454] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.167306] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.167961] ---[ end trace 0000000000000000 ]--- [ 135.172901] ------------[ cut here ]------------ [ 135.173383] WARNING: CPU: 1 PID: 1257 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.174466] Modules linked in: [ 135.174849] CPU: 1 PID: 1257 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.175659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.176851] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.177305] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.179150] RSP: 0018:ffff88800bcdfbb8 EFLAGS: 00010246 [ 135.179642] RAX: 0000000000000000 RBX: ffff8880245788a8 RCX: 0000000000000000 [ 135.180291] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 135.181041] RBP: ffff88800bcdfbd0 R08: ffffed10048af133 R09: ffffed10048af133 [ 135.181748] R10: ffff888024578993 R11: ffffed10048af132 R12: ffff888013b15800 [ 135.182402] R13: ffff8880245789e8 R14: ffffffff8352e670 R15: ffff88800bcdfe68 [ 135.183193] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.184002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.184533] CR2: 00007f4b877410e8 CR3: 0000000020fde000 CR4: 0000000000750ee0 [ 135.185199] PKRU: 55555554 [ 135.185563] Call Trace: [ 135.185858] [ 135.186067] __iommufd_access_detach+0x1c2/0x2b0 [ 135.186543] iommufd_access_change_pt+0x149/0x270 [ 135.187001] iommufd_access_replace+0xb4/0x120 [ 135.187438] iommufd_test+0x3e5/0x37e0 [ 135.187867] ? lock_release+0x532/0x770 [ 135.188334] ? __might_fault+0x102/0x1b0 [ 135.188727] ? lock_acquire+0x427/0x4c0 [ 135.189103] ? __pfx_iommufd_test+0x10/0x10 [ 135.189502] ? __pfx_lock_release+0x10/0x10 [ 135.190007] ? __pfx_lock_acquire+0x10/0x10 [ 135.190482] ? write_comp_data+0x2f/0x90 [ 135.190909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.191376] ? write_comp_data+0x2f/0x90 [ 135.191760] iommufd_fops_ioctl+0x37d/0x510 [ 135.192163] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.192772] ? write_comp_data+0x2f/0x90 [ 135.193158] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.193616] __x64_sys_ioctl+0x1a3/0x230 [ 135.194004] do_syscall_64+0x3b/0x90 [ 135.194357] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.195011] RIP: 0033:0x7f4b8743ee5d [ 135.195376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 135.197140] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 135.197915] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 135.198605] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 135.199300] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 135.200103] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 135.200754] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 135.201473] [ 135.201762] irq event stamp: 0 [ 135.202061] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.202666] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.203435] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.204364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.204942] ---[ end trace 0000000000000000 ]--- [ 135.208238] ------------[ cut here ]------------ [ 135.208862] WARNING: CPU: 1 PID: 1257 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.209790] Modules linked in: [ 135.210086] CPU: 1 PID: 1257 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.211137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.212171] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.212676] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.214498] RSP: 0018:ffff88800bcdfbd0 EFLAGS: 00010246 [ 135.215217] RAX: 0000000000000000 RBX: ffff8880245788a8 RCX: 0000000000000000 [ 135.215880] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 135.216531] RBP: ffff88800bcdfbe8 R08: ffffed10048af133 R09: ffffed10048af133 [ 135.217282] R10: ffff888024578993 R11: ffffed10048af132 R12: ffff88800fcb0000 [ 135.218034] R13: ffff8880245789e8 R14: ffff888010ab0e00 R15: 0000000000000000 [ 135.218725] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.219574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.220210] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.220868] PKRU: 55555554 [ 135.221131] Call Trace: [ 135.221376] [ 135.221648] iommufd_access_destroy_object+0x65/0x170 [ 135.222229] iommufd_object_destroy_user+0x18e/0x220 [ 135.222733] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 135.223288] iommufd_access_destroy+0x43/0x70 [ 135.223715] iommufd_test_staccess_release+0x8d/0xd0 [ 135.224301] __fput+0x26d/0xa40 [ 135.224700] ____fput+0x1e/0x30 [ 135.225023] task_work_run+0x1a4/0x2d0 [ 135.225399] ? __pfx_task_work_run+0x10/0x10 [ 135.225818] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.226375] ? switch_task_namespaces+0xa9/0xe0 [ 135.226912] do_exit+0xb17/0x2ef0 [ 135.227247] ? lock_acquire+0x427/0x4c0 [ 135.227627] ? __pfx_lock_release+0x10/0x10 [ 135.228031] ? __kasan_check_write+0x18/0x20 [ 135.228444] ? do_raw_spin_lock+0x132/0x2a0 [ 135.228989] ? __pfx_do_exit+0x10/0x10 [ 135.229374] ? debug_smp_processor_id+0x20/0x30 [ 135.229819] ? rcu_is_watching+0x19/0xb0 [ 135.230204] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.230677] ? trace_hardirqs_on+0x26/0x120 [ 135.231250] do_group_exit+0xe0/0x2b0 [ 135.231615] __x64_sys_exit_group+0x47/0x50 [ 135.232023] do_syscall_64+0x3b/0x90 [ 135.232387] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.232882] RIP: 0033:0x7f4b87518a4d [ 135.233236] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.233971] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.234713] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.235393] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.236180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.236940] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.237618] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.238417] [ 135.238681] irq event stamp: 0 [ 135.238986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.239597] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.240388] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.241339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.241938] ---[ end trace 0000000000000000 ]--- [ 135.242822] ------------[ cut here ]------------ [ 135.243388] WARNING: CPU: 1 PID: 1257 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 135.244432] Modules linked in: [ 135.244743] CPU: 1 PID: 1257 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.245704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.246809] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 135.247316] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 135.249393] RSP: 0018:ffff88800bcdfb78 EFLAGS: 00010246 [ 135.249951] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 135.250951] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 135.251701] RBP: ffff88800bcdfb98 R08: ffffed10048af13e R09: ffffed10048af13e [ 135.252430] R10: ffff8880245789ef R11: ffffed10048af13d R12: ffff888024578a90 [ 135.253333] R13: ffff8880245788a8 R14: ffffffffffffffff R15: ffff88800bcdfc60 [ 135.254066] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.254927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.255552] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.256485] PKRU: 55555554 [ 135.256777] Call Trace: [ 135.257041] [ 135.257277] iommufd_ioas_destroy+0x53/0x70 [ 135.257736] iommufd_fops_release+0x1f7/0x370 [ 135.258369] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.258939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.259490] ? write_comp_data+0x2f/0x90 [ 135.259925] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.260446] __fput+0x26d/0xa40 [ 135.260887] ____fput+0x1e/0x30 [ 135.261331] task_work_run+0x1a4/0x2d0 [ 135.261745] ? __pfx_task_work_run+0x10/0x10 [ 135.262204] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.262752] ? switch_task_namespaces+0xa9/0xe0 [ 135.263268] do_exit+0xb17/0x2ef0 [ 135.263736] ? lock_acquire+0x427/0x4c0 [ 135.264232] ? __pfx_lock_release+0x10/0x10 [ 135.264695] ? __kasan_check_write+0x18/0x20 [ 135.265160] ? do_raw_spin_lock+0x132/0x2a0 [ 135.265611] ? __pfx_do_exit+0x10/0x10 [ 135.266137] ? debug_smp_processor_id+0x20/0x30 [ 135.266697] ? rcu_is_watching+0x19/0xb0 [ 135.267140] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.267618] ? trace_hardirqs_on+0x26/0x120 [ 135.268076] do_group_exit+0xe0/0x2b0 [ 135.268492] __x64_sys_exit_group+0x47/0x50 [ 135.269111] do_syscall_64+0x3b/0x90 [ 135.269514] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.270061] RIP: 0033:0x7f4b87518a4d [ 135.270456] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.271246] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.272102] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.272841] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.273589] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.274576] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.275350] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.276132] [ 135.276389] irq event stamp: 0 [ 135.276837] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.277640] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.278580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.279600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.280341] ---[ end trace 0000000000000000 ]--- [ 135.285719] ------------[ cut here ]------------ [ 135.286304] WARNING: CPU: 1 PID: 1258 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.287662] Modules linked in: [ 135.288013] CPU: 1 PID: 1258 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.288937] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.290111] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.290687] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.292909] RSP: 0018:ffff88800fc8fbb8 EFLAGS: 00010246 [ 135.293477] RAX: 0000000000000000 RBX: ffff888014be20a8 RCX: 0000000000000000 [ 135.294284] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 135.295226] RBP: ffff88800fc8fbd0 R08: ffffed100297c433 R09: ffffed100297c433 [ 135.295970] R10: ffff888014be2193 R11: ffffed100297c432 R12: ffff888010f20400 [ 135.296722] R13: ffff888014be21e8 R14: ffffffff8352e670 R15: ffff88800fc8fe68 [ 135.297686] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.298560] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.299174] CR2: 0000000020000140 CR3: 0000000020fde000 CR4: 0000000000750ee0 [ 135.300145] PKRU: 55555554 [ 135.300443] Call Trace: [ 135.300713] [ 135.300949] __iommufd_access_detach+0x1c2/0x2b0 [ 135.301452] iommufd_access_change_pt+0x149/0x270 [ 135.302053] iommufd_access_replace+0xb4/0x120 [ 135.302905] iommufd_test+0x3e5/0x37e0 [ 135.303363] ? lock_release+0x532/0x770 [ 135.303794] ? __might_fault+0x102/0x1b0 [ 135.304235] ? lock_acquire+0x427/0x4c0 [ 135.304668] ? __pfx_iommufd_test+0x10/0x10 [ 135.305381] ? __pfx_lock_release+0x10/0x10 [ 135.305849] ? __pfx_lock_acquire+0x10/0x10 [ 135.306300] ? write_comp_data+0x2f/0x90 [ 135.306778] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.307301] ? write_comp_data+0x2f/0x90 [ 135.307739] iommufd_fops_ioctl+0x37d/0x510 [ 135.308421] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.308935] ? write_comp_data+0x2f/0x90 [ 135.309367] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.309876] __x64_sys_ioctl+0x1a3/0x230 [ 135.310443] do_syscall_64+0x3b/0x90 [ 135.310936] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.311501] RIP: 0033:0x7f4b8743ee5d [ 135.311896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 135.314049] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 135.314893] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 135.315709] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 135.316602] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 135.317350] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 135.318161] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 135.319109] [ 135.319383] irq event stamp: 0 [ 135.319716] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.320380] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.321256] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.322106] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.322922] ---[ end trace 0000000000000000 ]--- [ 135.326663] ------------[ cut here ]------------ [ 135.327246] WARNING: CPU: 1 PID: 1258 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.328305] Modules linked in: [ 135.328681] CPU: 1 PID: 1258 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.329952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.331204] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.331733] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.333641] RSP: 0018:ffff88800fc8fbd0 EFLAGS: 00010246 [ 135.334321] RAX: 0000000000000000 RBX: ffff888014be20a8 RCX: 0000000000000000 [ 135.335507] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 135.336472] RBP: ffff88800fc8fbe8 R08: ffffed100297c433 R09: ffffed100297c433 [ 135.337431] R10: ffff888014be2193 R11: ffffed100297c432 R12: ffff888013b14c00 [ 135.338396] R13: ffff888014be21e8 R14: ffff888012cef000 R15: 0000000000000000 [ 135.339738] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.340836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.341630] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.342812] PKRU: 55555554 [ 135.343218] Call Trace: [ 135.343565] [ 135.343874] iommufd_access_destroy_object+0x65/0x170 [ 135.344639] iommufd_object_destroy_user+0x18e/0x220 [ 135.345431] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 135.346217] iommufd_access_destroy+0x43/0x70 [ 135.346947] iommufd_test_staccess_release+0x8d/0xd0 [ 135.347761] __fput+0x26d/0xa40 [ 135.348238] ____fput+0x1e/0x30 [ 135.348703] task_work_run+0x1a4/0x2d0 [ 135.349247] ? __pfx_task_work_run+0x10/0x10 [ 135.350043] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.350771] ? switch_task_namespaces+0xa9/0xe0 [ 135.351463] do_exit+0xb17/0x2ef0 [ 135.351949] ? lock_acquire+0x427/0x4c0 [ 135.352640] ? __pfx_lock_release+0x10/0x10 [ 135.353229] ? __kasan_check_write+0x18/0x20 [ 135.353825] ? do_raw_spin_lock+0x132/0x2a0 [ 135.354497] ? __pfx_do_exit+0x10/0x10 [ 135.355142] ? debug_smp_processor_id+0x20/0x30 [ 135.355806] ? rcu_is_watching+0x19/0xb0 [ 135.356375] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.357108] ? trace_hardirqs_on+0x26/0x120 [ 135.357841] do_group_exit+0xe0/0x2b0 [ 135.358379] __x64_sys_exit_group+0x47/0x50 [ 135.359064] do_syscall_64+0x3b/0x90 [ 135.359641] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.360499] RIP: 0033:0x7f4b87518a4d [ 135.361002] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.361816] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.363062] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.363994] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.364844] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.365690] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.366426] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.367457] [ 135.367709] irq event stamp: 0 [ 135.368043] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.368697] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.369634] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.370656] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.371330] ---[ end trace 0000000000000000 ]--- [ 135.372257] ------------[ cut here ]------------ [ 135.372870] WARNING: CPU: 1 PID: 1258 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 135.373948] Modules linked in: [ 135.374334] CPU: 1 PID: 1258 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.375474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.376647] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 135.377306] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 135.379309] RSP: 0018:ffff88800fc8fb78 EFLAGS: 00010246 [ 135.380281] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 135.381226] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 135.382590] RBP: ffff88800fc8fb98 R08: ffffed100297c43e R09: ffffed100297c43e [ 135.383576] R10: ffff888014be21ef R11: ffffed100297c43d R12: ffff888014be2290 [ 135.384639] R13: ffff888014be20a8 R14: ffffffffffffffff R15: ffff88800fc8fc60 [ 135.385667] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.386885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.387763] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.388732] PKRU: 55555554 [ 135.389133] Call Trace: [ 135.389630] [ 135.389948] iommufd_ioas_destroy+0x53/0x70 [ 135.390616] iommufd_fops_release+0x1f7/0x370 [ 135.391288] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.392091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.392799] ? write_comp_data+0x2f/0x90 [ 135.393385] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.394110] __fput+0x26d/0xa40 [ 135.394773] ____fput+0x1e/0x30 [ 135.395274] task_work_run+0x1a4/0x2d0 [ 135.395817] ? __pfx_task_work_run+0x10/0x10 [ 135.396431] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.397312] ? switch_task_namespaces+0xa9/0xe0 [ 135.397969] do_exit+0xb17/0x2ef0 [ 135.398450] ? lock_acquire+0x427/0x4c0 [ 135.399107] ? __pfx_lock_release+0x10/0x10 [ 135.399841] ? __kasan_check_write+0x18/0x20 [ 135.400459] ? do_raw_spin_lock+0x132/0x2a0 [ 135.401057] ? __pfx_do_exit+0x10/0x10 [ 135.401652] ? debug_smp_processor_id+0x20/0x30 [ 135.402410] ? rcu_is_watching+0x19/0xb0 [ 135.403035] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.403697] ? trace_hardirqs_on+0x26/0x120 [ 135.404367] do_group_exit+0xe0/0x2b0 [ 135.405002] __x64_sys_exit_group+0x47/0x50 [ 135.405623] do_syscall_64+0x3b/0x90 [ 135.406036] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.406695] RIP: 0033:0x7f4b87518a4d [ 135.407341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.407989] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.408773] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.409879] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.410706] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.411489] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.412451] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.413206] [ 135.413455] irq event stamp: 0 [ 135.413783] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.414587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.415509] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.416399] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.417202] ---[ end trace 0000000000000000 ]--- [ 135.422875] ------------[ cut here ]------------ [ 135.423471] WARNING: CPU: 1 PID: 1259 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.424733] Modules linked in: [ 135.425080] CPU: 1 PID: 1259 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.425991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.427448] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.427989] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.430079] RSP: 0018:ffff88800bcdfbb8 EFLAGS: 00010246 [ 135.430682] RAX: 0000000000000000 RBX: ffff88800ed960a8 RCX: 0000000000000000 [ 135.431448] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 135.432399] RBP: ffff88800bcdfbd0 R08: ffffed1001db2c33 R09: ffffed1001db2c33 [ 135.433147] R10: ffff88800ed96193 R11: ffffed1001db2c32 R12: ffff888012e95400 [ 135.433900] R13: ffff88800ed961e8 R14: ffffffff8352e670 R15: ffff88800bcdfe68 [ 135.435038] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.435919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.436535] CR2: 00007f4b877410e8 CR3: 0000000020fde000 CR4: 0000000000750ee0 [ 135.437525] PKRU: 55555554 [ 135.437831] Call Trace: [ 135.438107] [ 135.438353] __iommufd_access_detach+0x1c2/0x2b0 [ 135.438916] iommufd_access_change_pt+0x149/0x270 [ 135.439462] iommufd_access_replace+0xb4/0x120 [ 135.440156] iommufd_test+0x3e5/0x37e0 [ 135.440581] ? lock_release+0x532/0x770 [ 135.441023] ? __might_fault+0x102/0x1b0 [ 135.441462] ? lock_acquire+0x427/0x4c0 [ 135.441896] ? __pfx_iommufd_test+0x10/0x10 [ 135.442627] ? __pfx_lock_release+0x10/0x10 [ 135.443101] ? __pfx_lock_acquire+0x10/0x10 [ 135.443588] ? write_comp_data+0x2f/0x90 [ 135.444030] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.444555] ? write_comp_data+0x2f/0x90 [ 135.445115] iommufd_fops_ioctl+0x37d/0x510 [ 135.445681] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.446200] ? write_comp_data+0x2f/0x90 [ 135.446695] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.447238] __x64_sys_ioctl+0x1a3/0x230 [ 135.447755] do_syscall_64+0x3b/0x90 [ 135.448288] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.448853] RIP: 0033:0x7f4b8743ee5d [ 135.449259] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 135.451460] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 135.452270] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 135.453241] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 135.453993] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 135.454773] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 135.455644] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 135.456524] [ 135.456777] irq event stamp: 0 [ 135.457114] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.457863] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.458906] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.459804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.460526] ---[ end trace 0000000000000000 ]--- [ 135.464313] ------------[ cut here ]------------ [ 135.464878] WARNING: CPU: 1 PID: 1259 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.466168] Modules linked in: [ 135.466551] CPU: 1 PID: 1259 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.467499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.468906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.469432] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.471610] RSP: 0018:ffff88800bcdfbd0 EFLAGS: 00010246 [ 135.472182] RAX: 0000000000000000 RBX: ffff88800ed960a8 RCX: 0000000000000000 [ 135.473038] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 135.473892] RBP: ffff88800bcdfbe8 R08: ffffed1001db2c33 R09: ffffed1001db2c33 [ 135.474669] R10: ffff88800ed96193 R11: ffffed1001db2c32 R12: ffff888010f20000 [ 135.475529] R13: ffff88800ed961e8 R14: ffff888013d36300 R15: 0000000000000000 [ 135.476407] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.477256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.477971] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.478866] PKRU: 55555554 [ 135.479183] Call Trace: [ 135.479459] [ 135.479702] iommufd_access_destroy_object+0x65/0x170 [ 135.480259] iommufd_object_destroy_user+0x18e/0x220 [ 135.481020] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 135.481653] iommufd_access_destroy+0x43/0x70 [ 135.482152] iommufd_test_staccess_release+0x8d/0xd0 [ 135.482750] __fput+0x26d/0xa40 [ 135.483326] ____fput+0x1e/0x30 [ 135.483694] task_work_run+0x1a4/0x2d0 [ 135.484128] ? __pfx_task_work_run+0x10/0x10 [ 135.484605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.485128] ? switch_task_namespaces+0xa9/0xe0 [ 135.485691] do_exit+0xb17/0x2ef0 [ 135.486472] ? lock_acquire+0x427/0x4c0 [ 135.487178] ? __pfx_lock_release+0x10/0x10 [ 135.487787] ? __kasan_check_write+0x18/0x20 [ 135.488410] ? do_raw_spin_lock+0x132/0x2a0 [ 135.489254] ? __pfx_do_exit+0x10/0x10 [ 135.489820] ? debug_smp_processor_id+0x20/0x30 [ 135.490468] ? rcu_is_watching+0x19/0xb0 [ 135.491497] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.492155] ? trace_hardirqs_on+0x26/0x120 [ 135.492770] do_group_exit+0xe0/0x2b0 [ 135.493316] __x64_sys_exit_group+0x47/0x50 [ 135.494109] do_syscall_64+0x3b/0x90 [ 135.494717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.495488] RIP: 0033:0x7f4b87518a4d [ 135.495896] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.496944] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.497980] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.499272] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.500260] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.501574] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.502636] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.503727] [ 135.504247] irq event stamp: 0 [ 135.504689] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.505558] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.507020] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.508208] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.509386] ---[ end trace 0000000000000000 ]--- [ 135.511075] ------------[ cut here ]------------ [ 135.512052] WARNING: CPU: 1 PID: 1259 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 135.513492] Modules linked in: [ 135.514013] CPU: 1 PID: 1259 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.515513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.517302] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 135.518022] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 135.520788] RSP: 0018:ffff88800bcdfb78 EFLAGS: 00010246 [ 135.521601] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 135.522770] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 135.523811] RBP: ffff88800bcdfb98 R08: ffffed1001db2c3e R09: ffffed1001db2c3e [ 135.525132] R10: ffff88800ed961ef R11: ffffed1001db2c3d R12: ffff88800ed96290 [ 135.526117] R13: ffff88800ed960a8 R14: ffffffffffffffff R15: ffff88800bcdfc60 [ 135.527396] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.528515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.529521] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.530501] PKRU: 55555554 [ 135.530987] Call Trace: [ 135.531378] [ 135.531803] iommufd_ioas_destroy+0x53/0x70 [ 135.532521] iommufd_fops_release+0x1f7/0x370 [ 135.533166] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.533931] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.534811] ? write_comp_data+0x2f/0x90 [ 135.535434] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.536126] __fput+0x26d/0xa40 [ 135.536646] ____fput+0x1e/0x30 [ 135.537241] task_work_run+0x1a4/0x2d0 [ 135.537810] ? __pfx_task_work_run+0x10/0x10 [ 135.538442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.539345] ? switch_task_namespaces+0xa9/0xe0 [ 135.540040] do_exit+0xb17/0x2ef0 [ 135.540529] ? lock_acquire+0x427/0x4c0 [ 135.541101] ? __pfx_lock_release+0x10/0x10 [ 135.541824] ? __kasan_check_write+0x18/0x20 [ 135.542591] ? do_raw_spin_lock+0x132/0x2a0 [ 135.543257] ? __pfx_do_exit+0x10/0x10 [ 135.543820] ? debug_smp_processor_id+0x20/0x30 [ 135.544663] ? rcu_is_watching+0x19/0xb0 [ 135.545252] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.545903] ? trace_hardirqs_on+0x26/0x120 [ 135.546662] do_group_exit+0xe0/0x2b0 [ 135.547506] __x64_sys_exit_group+0x47/0x50 [ 135.547976] do_syscall_64+0x3b/0x90 [ 135.548375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.548922] RIP: 0033:0x7f4b87518a4d [ 135.549515] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.550284] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.551152] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.551982] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.553101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.553833] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.554611] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.555369] [ 135.555609] irq event stamp: 0 [ 135.555932] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.556582] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.557963] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.558878] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.559552] ---[ end trace 0000000000000000 ]--- [ 135.564372] ------------[ cut here ]------------ [ 135.564921] WARNING: CPU: 1 PID: 1260 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.565966] Modules linked in: [ 135.566299] CPU: 1 PID: 1260 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.567261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.568486] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.569253] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.571189] RSP: 0018:ffff8880219e7bb8 EFLAGS: 00010246 [ 135.571737] RAX: 0000000000000000 RBX: ffff88800b8100a8 RCX: 0000000000000000 [ 135.572462] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 135.573245] RBP: ffff8880219e7bd0 R08: ffffed1001702033 R09: ffffed1001702033 [ 135.574229] R10: ffff88800b810193 R11: ffffed1001702032 R12: ffff888013b23000 [ 135.574984] R13: ffff88800b8101e8 R14: ffffffff8352e670 R15: ffff8880219e7e68 [ 135.575734] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.576568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.577162] CR2: 0000000020000140 CR3: 000000001297a000 CR4: 0000000000750ee0 [ 135.577894] PKRU: 55555554 [ 135.578222] Call Trace: [ 135.578604] [ 135.578999] __iommufd_access_detach+0x1c2/0x2b0 [ 135.579528] iommufd_access_change_pt+0x149/0x270 [ 135.580042] iommufd_access_replace+0xb4/0x120 [ 135.580527] iommufd_test+0x3e5/0x37e0 [ 135.581020] ? lock_release+0x532/0x770 [ 135.581456] ? __might_fault+0x102/0x1b0 [ 135.581891] ? lock_acquire+0x427/0x4c0 [ 135.582313] ? __pfx_iommufd_test+0x10/0x10 [ 135.582796] ? __pfx_lock_release+0x10/0x10 [ 135.583266] ? __pfx_lock_acquire+0x10/0x10 [ 135.583728] ? write_comp_data+0x2f/0x90 [ 135.584165] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.584877] ? write_comp_data+0x2f/0x90 [ 135.585495] iommufd_fops_ioctl+0x37d/0x510 [ 135.585965] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.586481] ? write_comp_data+0x2f/0x90 [ 135.586950] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.587476] __x64_sys_ioctl+0x1a3/0x230 [ 135.587914] do_syscall_64+0x3b/0x90 [ 135.588318] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.588873] RIP: 0033:0x7f4b8743ee5d [ 135.589264] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 135.591525] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 135.592321] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 135.593066] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 135.593810] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 135.594588] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 135.595360] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 135.596345] [ 135.596686] irq event stamp: 0 [ 135.597021] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.597687] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.598583] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.599459] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.600110] ---[ end trace 0000000000000000 ]--- [ 135.603518] ------------[ cut here ]------------ [ 135.604064] WARNING: CPU: 1 PID: 1260 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.605135] Modules linked in: [ 135.605555] CPU: 1 PID: 1260 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.606696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.607895] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.608431] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.610755] RSP: 0018:ffff8880219e7bd0 EFLAGS: 00010246 [ 135.611349] RAX: 0000000000000000 RBX: ffff88800b8100a8 RCX: 0000000000000000 [ 135.612112] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 135.613007] RBP: ffff8880219e7be8 R08: ffffed1001702033 R09: ffffed1001702033 [ 135.613785] R10: ffff88800b810193 R11: ffffed1001702032 R12: ffff888012e94800 [ 135.614617] R13: ffff88800b8101e8 R14: ffff88800f5cbd00 R15: 0000000000000000 [ 135.615685] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.616548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.617172] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 135.617926] PKRU: 55555554 [ 135.618229] Call Trace: [ 135.618557] [ 135.618806] iommufd_access_destroy_object+0x65/0x170 [ 135.619382] iommufd_object_destroy_user+0x18e/0x220 [ 135.619941] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 135.620827] iommufd_access_destroy+0x43/0x70 [ 135.621330] iommufd_test_staccess_release+0x8d/0xd0 [ 135.621894] __fput+0x26d/0xa40 [ 135.622273] ____fput+0x1e/0x30 [ 135.622707] task_work_run+0x1a4/0x2d0 [ 135.623162] ? __pfx_task_work_run+0x10/0x10 [ 135.623651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.624187] ? switch_task_namespaces+0xa9/0xe0 [ 135.624705] do_exit+0xb17/0x2ef0 [ 135.625177] ? lock_acquire+0x427/0x4c0 [ 135.625798] ? __pfx_lock_release+0x10/0x10 [ 135.626272] ? __kasan_check_write+0x18/0x20 [ 135.626794] ? do_raw_spin_lock+0x132/0x2a0 [ 135.627292] ? __pfx_do_exit+0x10/0x10 [ 135.627720] ? debug_smp_processor_id+0x20/0x30 [ 135.628216] ? rcu_is_watching+0x19/0xb0 [ 135.628657] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.629147] ? trace_hardirqs_on+0x26/0x120 [ 135.629615] do_group_exit+0xe0/0x2b0 [ 135.630192] __x64_sys_exit_group+0x47/0x50 [ 135.630863] do_syscall_64+0x3b/0x90 [ 135.631282] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.631842] RIP: 0033:0x7f4b87518a4d [ 135.632243] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.632896] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.633703] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.634465] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.635553] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.636323] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.637082] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.637848] [ 135.638099] irq event stamp: 0 [ 135.638433] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.639137] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.640032] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.641202] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.641869] ---[ end trace 0000000000000000 ]--- [ 135.643018] ------------[ cut here ]------------ [ 135.643558] WARNING: CPU: 1 PID: 1260 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 135.644660] Modules linked in: [ 135.645118] CPU: 1 PID: 1260 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.646321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.647613] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 135.648179] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 135.650274] RSP: 0018:ffff8880219e7b78 EFLAGS: 00010246 [ 135.651044] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 135.651825] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 135.652592] RBP: ffff8880219e7b98 R08: ffffed100170203e R09: ffffed100170203e [ 135.653354] R10: ffff88800b8101ef R11: ffffed100170203d R12: ffff88800b810290 [ 135.654119] R13: ffff88800b8100a8 R14: ffffffffffffffff R15: ffff8880219e7c60 [ 135.655173] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.656204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.656826] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 135.657586] PKRU: 55555554 [ 135.657890] Call Trace: [ 135.658163] [ 135.658407] iommufd_ioas_destroy+0x53/0x70 [ 135.658914] iommufd_fops_release+0x1f7/0x370 [ 135.659433] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.659976] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.660632] ? write_comp_data+0x2f/0x90 [ 135.661270] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.661812] __fput+0x26d/0xa40 [ 135.662189] ____fput+0x1e/0x30 [ 135.662605] task_work_run+0x1a4/0x2d0 [ 135.663037] ? __pfx_task_work_run+0x10/0x10 [ 135.663529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.664060] ? switch_task_namespaces+0xa9/0xe0 [ 135.664575] do_exit+0xb17/0x2ef0 [ 135.664962] ? lock_acquire+0x427/0x4c0 [ 135.665567] ? __pfx_lock_release+0x10/0x10 [ 135.666208] ? __kasan_check_write+0x18/0x20 [ 135.666757] ? do_raw_spin_lock+0x132/0x2a0 [ 135.667245] ? __pfx_do_exit+0x10/0x10 [ 135.667670] ? debug_smp_processor_id+0x20/0x30 [ 135.668167] ? rcu_is_watching+0x19/0xb0 [ 135.668605] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.669090] ? trace_hardirqs_on+0x26/0x120 [ 135.669556] do_group_exit+0xe0/0x2b0 [ 135.670047] __x64_sys_exit_group+0x47/0x50 [ 135.670733] do_syscall_64+0x3b/0x90 [ 135.671164] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.671721] RIP: 0033:0x7f4b87518a4d [ 135.672114] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.672761] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.673577] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.674356] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.675433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.676207] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.677040] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.677821] [ 135.678074] irq event stamp: 0 [ 135.678413] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.679150] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.680151] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.681273] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.681941] ---[ end trace 0000000000000000 ]--- [ 135.689415] ------------[ cut here ]------------ [ 135.690059] WARNING: CPU: 1 PID: 1261 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.691254] Modules linked in: [ 135.691609] CPU: 1 PID: 1261 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.692542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.693822] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.694635] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.696594] RSP: 0018:ffff888013637bb8 EFLAGS: 00010246 [ 135.697166] RAX: 0000000000000000 RBX: ffff8880181d68a8 RCX: 0000000000000000 [ 135.697931] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 135.698979] RBP: ffff888013637bd0 R08: ffffed100303ad33 R09: ffffed100303ad33 [ 135.699757] R10: ffff8880181d6993 R11: ffffed100303ad32 R12: ffff88800f4a8c00 [ 135.700522] R13: ffff8880181d69e8 R14: ffffffff8352e670 R15: ffff888013637e68 [ 135.701282] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.702177] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.703067] CR2: 0000000020000140 CR3: 0000000018300000 CR4: 0000000000750ee0 [ 135.703965] PKRU: 55555554 [ 135.704284] Call Trace: [ 135.704570] [ 135.704821] __iommufd_access_detach+0x1c2/0x2b0 [ 135.705357] iommufd_access_change_pt+0x149/0x270 [ 135.705888] iommufd_access_replace+0xb4/0x120 [ 135.706410] iommufd_test+0x3e5/0x37e0 [ 135.706915] ? lock_release+0x532/0x770 [ 135.707392] ? __might_fault+0x102/0x1b0 [ 135.707851] ? lock_acquire+0x427/0x4c0 [ 135.708498] ? __pfx_iommufd_test+0x10/0x10 [ 135.709197] ? __pfx_lock_release+0x10/0x10 [ 135.709681] ? __pfx_lock_acquire+0x10/0x10 [ 135.710160] ? write_comp_data+0x2f/0x90 [ 135.710688] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.711241] ? write_comp_data+0x2f/0x90 [ 135.711701] iommufd_fops_ioctl+0x37d/0x510 [ 135.712173] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.712704] ? write_comp_data+0x2f/0x90 [ 135.713187] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.713926] __x64_sys_ioctl+0x1a3/0x230 [ 135.714377] do_syscall_64+0x3b/0x90 [ 135.714830] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.715421] RIP: 0033:0x7f4b8743ee5d [ 135.715828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 135.717838] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 135.718917] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 135.719700] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 135.720494] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 135.721277] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 135.722054] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 135.723148] [ 135.723417] irq event stamp: 0 [ 135.723771] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.724451] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.725335] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.726222] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.726960] ---[ end trace 0000000000000000 ]--- [ 135.730632] ------------[ cut here ]------------ [ 135.731206] WARNING: CPU: 1 PID: 1261 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.732416] Modules linked in: [ 135.732926] CPU: 1 PID: 1261 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.733854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.735099] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.735655] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.737909] RSP: 0018:ffff888013637bd0 EFLAGS: 00010246 [ 135.738482] RAX: 0000000000000000 RBX: ffff8880181d68a8 RCX: 0000000000000000 [ 135.739280] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 135.740029] RBP: ffff888013637be8 R08: ffffed100303ad33 R09: ffffed100303ad33 [ 135.740776] R10: ffff8880181d6993 R11: ffffed100303ad32 R12: ffff888010bc1000 [ 135.741752] R13: ffff8880181d69e8 R14: ffff88800f8ad800 R15: 0000000000000000 [ 135.742722] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.743580] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.744196] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 135.744971] PKRU: 55555554 [ 135.745288] Call Trace: [ 135.745567] [ 135.745818] iommufd_access_destroy_object+0x65/0x170 [ 135.746420] iommufd_object_destroy_user+0x18e/0x220 [ 135.747216] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 135.747964] iommufd_access_destroy+0x43/0x70 [ 135.748457] iommufd_test_staccess_release+0x8d/0xd0 [ 135.749012] __fput+0x26d/0xa40 [ 135.749377] ____fput+0x1e/0x30 [ 135.749738] task_work_run+0x1a4/0x2d0 [ 135.750161] ? __pfx_task_work_run+0x10/0x10 [ 135.750663] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.751217] ? switch_task_namespaces+0xa9/0xe0 [ 135.751742] do_exit+0xb17/0x2ef0 [ 135.752118] ? lock_acquire+0x427/0x4c0 [ 135.752723] ? __pfx_lock_release+0x10/0x10 [ 135.753352] ? __kasan_check_write+0x18/0x20 [ 135.753832] ? do_raw_spin_lock+0x132/0x2a0 [ 135.754295] ? __pfx_do_exit+0x10/0x10 [ 135.754770] ? debug_smp_processor_id+0x20/0x30 [ 135.755309] ? rcu_is_watching+0x19/0xb0 [ 135.755749] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.756234] ? trace_hardirqs_on+0x26/0x120 [ 135.756708] do_group_exit+0xe0/0x2b0 [ 135.757171] __x64_sys_exit_group+0x47/0x50 [ 135.757860] do_syscall_64+0x3b/0x90 [ 135.758276] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.758877] RIP: 0033:0x7f4b87518a4d [ 135.759294] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.759961] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.760776] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.761538] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.762497] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.763478] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.764244] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.765029] [ 135.765282] irq event stamp: 0 [ 135.765620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.766301] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.767449] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.768525] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.769201] ---[ end trace 0000000000000000 ]--- [ 135.770150] ------------[ cut here ]------------ [ 135.770736] WARNING: CPU: 1 PID: 1261 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 135.771848] Modules linked in: [ 135.772235] CPU: 1 PID: 1261 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.773460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.774749] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 135.775332] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 135.777510] RSP: 0018:ffff888013637b78 EFLAGS: 00010246 [ 135.778209] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 135.779014] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 135.779793] RBP: ffff888013637b98 R08: ffffed100303ad3e R09: ffffed100303ad3e [ 135.780564] R10: ffff8880181d69ef R11: ffffed100303ad3d R12: ffff8880181d6a90 [ 135.781339] R13: ffff8880181d68a8 R14: ffffffffffffffff R15: ffff888013637c60 [ 135.782282] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.783366] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.784004] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 135.784768] PKRU: 55555554 [ 135.785074] Call Trace: [ 135.785352] [ 135.785600] iommufd_ioas_destroy+0x53/0x70 [ 135.786078] iommufd_fops_release+0x1f7/0x370 [ 135.786662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.787450] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.788000] ? write_comp_data+0x2f/0x90 [ 135.788457] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.789015] __fput+0x26d/0xa40 [ 135.789393] ____fput+0x1e/0x30 [ 135.789770] task_work_run+0x1a4/0x2d0 [ 135.790210] ? __pfx_task_work_run+0x10/0x10 [ 135.790744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.791293] ? switch_task_namespaces+0xa9/0xe0 [ 135.791820] do_exit+0xb17/0x2ef0 [ 135.792357] ? lock_acquire+0x427/0x4c0 [ 135.792993] ? __pfx_lock_release+0x10/0x10 [ 135.793474] ? __kasan_check_write+0x18/0x20 [ 135.793953] ? do_raw_spin_lock+0x132/0x2a0 [ 135.794423] ? __pfx_do_exit+0x10/0x10 [ 135.794913] ? debug_smp_processor_id+0x20/0x30 [ 135.795448] ? rcu_is_watching+0x19/0xb0 [ 135.795896] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.796401] ? trace_hardirqs_on+0x26/0x120 [ 135.796949] do_group_exit+0xe0/0x2b0 [ 135.797569] __x64_sys_exit_group+0x47/0x50 [ 135.798059] do_syscall_64+0x3b/0x90 [ 135.798480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.799103] RIP: 0033:0x7f4b87518a4d [ 135.799522] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.800182] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.800998] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.801980] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.802930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.803706] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.804484] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.805321] [ 135.805571] irq event stamp: 0 [ 135.805910] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.806764] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.807805] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.808702] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.809381] ---[ end trace 0000000000000000 ]--- [ 135.814882] ------------[ cut here ]------------ [ 135.815531] WARNING: CPU: 1 PID: 1262 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.816912] Modules linked in: [ 135.817258] CPU: 1 PID: 1262 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.818194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.819534] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.820084] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.822414] RSP: 0018:ffff8880219e7bb8 EFLAGS: 00010246 [ 135.823032] RAX: 0000000000000000 RBX: ffff88800f22f8a8 RCX: 0000000000000000 [ 135.823811] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 135.824583] RBP: ffff8880219e7bd0 R08: ffffed1001e45f33 R09: ffffed1001e45f33 [ 135.825614] R10: ffff88800f22f993 R11: ffffed1001e45f32 R12: ffff888013b16c00 [ 135.826397] R13: ffff88800f22f9e8 R14: ffffffff8352e670 R15: ffff8880219e7e68 [ 135.827223] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.828089] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.828712] CR2: 00007f4b877410e8 CR3: 0000000018300000 CR4: 0000000000750ee0 [ 135.829580] PKRU: 55555554 [ 135.830036] Call Trace: [ 135.830320] [ 135.830617] __iommufd_access_detach+0x1c2/0x2b0 [ 135.831167] iommufd_access_change_pt+0x149/0x270 [ 135.831694] iommufd_access_replace+0xb4/0x120 [ 135.832202] iommufd_test+0x3e5/0x37e0 [ 135.832634] ? lock_release+0x532/0x770 [ 135.833074] ? __might_fault+0x102/0x1b0 [ 135.833526] ? lock_acquire+0x427/0x4c0 [ 135.834109] ? __pfx_iommufd_test+0x10/0x10 [ 135.834839] ? __pfx_lock_release+0x10/0x10 [ 135.835342] ? __pfx_lock_acquire+0x10/0x10 [ 135.835824] ? write_comp_data+0x2f/0x90 [ 135.836271] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.836804] ? write_comp_data+0x2f/0x90 [ 135.837330] iommufd_fops_ioctl+0x37d/0x510 [ 135.837802] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.838331] ? write_comp_data+0x2f/0x90 [ 135.839002] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.839739] __x64_sys_ioctl+0x1a3/0x230 [ 135.840191] do_syscall_64+0x3b/0x90 [ 135.840598] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.841151] RIP: 0033:0x7f4b8743ee5d [ 135.841549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 135.843693] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 135.844661] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 135.845417] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 135.846172] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 135.846978] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 135.847758] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 135.848950] [ 135.849284] irq event stamp: 0 [ 135.849713] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.850623] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.851767] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.853116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.853952] ---[ end trace 0000000000000000 ]--- [ 135.857839] ------------[ cut here ]------------ [ 135.858443] WARNING: CPU: 1 PID: 1262 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.860075] Modules linked in: [ 135.860434] CPU: 1 PID: 1262 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.861727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.862950] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.863509] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.865636] RSP: 0018:ffff8880219e7bd0 EFLAGS: 00010246 [ 135.866265] RAX: 0000000000000000 RBX: ffff88800f22f8a8 RCX: 0000000000000000 [ 135.867217] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 135.867982] RBP: ffff8880219e7be8 R08: ffffed1001e45f33 R09: ffffed1001e45f33 [ 135.868737] R10: ffff88800f22f993 R11: ffffed1001e45f32 R12: ffff88800f4aa400 [ 135.869790] R13: ffff88800f22f9e8 R14: ffff888013d44f00 R15: 0000000000000000 [ 135.870590] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.871467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.872315] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.873074] PKRU: 55555554 [ 135.873383] Call Trace: [ 135.873657] [ 135.873904] iommufd_access_destroy_object+0x65/0x170 [ 135.874730] iommufd_object_destroy_user+0x18e/0x220 [ 135.875296] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 135.875919] iommufd_access_destroy+0x43/0x70 [ 135.876408] iommufd_test_staccess_release+0x8d/0xd0 [ 135.877040] __fput+0x26d/0xa40 [ 135.877531] ____fput+0x1e/0x30 [ 135.877887] task_work_run+0x1a4/0x2d0 [ 135.878312] ? __pfx_task_work_run+0x10/0x10 [ 135.878824] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.879384] ? switch_task_namespaces+0xa9/0xe0 [ 135.880021] do_exit+0xb17/0x2ef0 [ 135.880468] ? lock_acquire+0x427/0x4c0 [ 135.880902] ? __pfx_lock_release+0x10/0x10 [ 135.881372] ? __kasan_check_write+0x18/0x20 [ 135.881853] ? do_raw_spin_lock+0x132/0x2a0 [ 135.882542] ? __pfx_do_exit+0x10/0x10 [ 135.882982] ? debug_smp_processor_id+0x20/0x30 [ 135.883497] ? rcu_is_watching+0x19/0xb0 [ 135.883936] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.884428] ? trace_hardirqs_on+0x26/0x120 [ 135.885027] do_group_exit+0xe0/0x2b0 [ 135.885504] __x64_sys_exit_group+0x47/0x50 [ 135.885974] do_syscall_64+0x3b/0x90 [ 135.886390] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.886989] RIP: 0033:0x7f4b87518a4d [ 135.887618] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.888282] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.889098] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.889838] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.890864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.891642] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.892399] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.893381] [ 135.893634] irq event stamp: 0 [ 135.893970] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.894676] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.895710] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.896698] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.897376] ---[ end trace 0000000000000000 ]--- [ 135.898489] ------------[ cut here ]------------ [ 135.899078] WARNING: CPU: 1 PID: 1262 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 135.900222] Modules linked in: [ 135.900636] CPU: 1 PID: 1262 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.901792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.903095] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 135.903766] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 135.905798] RSP: 0018:ffff8880219e7b78 EFLAGS: 00010246 [ 135.906540] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 135.907321] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 135.908093] RBP: ffff8880219e7b98 R08: ffffed1001e45f3e R09: ffffed1001e45f3e [ 135.909113] R10: ffff88800f22f9ef R11: ffffed1001e45f3d R12: ffff88800f22fa90 [ 135.909907] R13: ffff88800f22f8a8 R14: ffffffffffffffff R15: ffff8880219e7c60 [ 135.910730] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.911858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.912505] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 135.913280] PKRU: 55555554 [ 135.913588] Call Trace: [ 135.913983] [ 135.914357] iommufd_ioas_destroy+0x53/0x70 [ 135.914948] iommufd_fops_release+0x1f7/0x370 [ 135.915456] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.916016] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.916768] ? write_comp_data+0x2f/0x90 [ 135.917225] ? __pfx_iommufd_fops_release+0x10/0x10 [ 135.917777] __fput+0x26d/0xa40 [ 135.918155] ____fput+0x1e/0x30 [ 135.918555] task_work_run+0x1a4/0x2d0 [ 135.919140] ? __pfx_task_work_run+0x10/0x10 [ 135.919712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.920253] ? switch_task_namespaces+0xa9/0xe0 [ 135.920787] do_exit+0xb17/0x2ef0 [ 135.921184] ? lock_acquire+0x427/0x4c0 [ 135.921849] ? __pfx_lock_release+0x10/0x10 [ 135.922332] ? __kasan_check_write+0x18/0x20 [ 135.922848] ? do_raw_spin_lock+0x132/0x2a0 [ 135.923334] ? __pfx_do_exit+0x10/0x10 [ 135.923810] ? debug_smp_processor_id+0x20/0x30 [ 135.924501] ? rcu_is_watching+0x19/0xb0 [ 135.924961] ? _raw_spin_unlock_irq+0x2b/0x60 [ 135.925461] ? trace_hardirqs_on+0x26/0x120 [ 135.925938] do_group_exit+0xe0/0x2b0 [ 135.926592] __x64_sys_exit_group+0x47/0x50 [ 135.927078] do_syscall_64+0x3b/0x90 [ 135.927520] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.928102] RIP: 0033:0x7f4b87518a4d [ 135.928556] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 135.929386] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 135.930222] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 135.931083] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 135.931962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 135.932758] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 135.933822] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 135.934641] [ 135.934898] irq event stamp: 0 [ 135.935255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.936078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.937108] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.938027] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.938995] ---[ end trace 0000000000000000 ]--- [ 135.946587] ------------[ cut here ]------------ [ 135.947192] WARNING: CPU: 1 PID: 1263 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.948287] Modules linked in: [ 135.949117] CPU: 1 PID: 1263 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.950054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.951567] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.952115] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.954325] RSP: 0018:ffff888013637bb8 EFLAGS: 00010246 [ 135.954951] RAX: 0000000000000000 RBX: ffff8880185190a8 RCX: 0000000000000000 [ 135.955735] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 135.956763] RBP: ffff888013637bd0 R08: ffffed10030a3233 R09: ffffed10030a3233 [ 135.957538] R10: ffff888018519193 R11: ffffed10030a3232 R12: ffff888012e91800 [ 135.958339] R13: ffff8880185191e8 R14: ffffffff8352e670 R15: ffff888013637e68 [ 135.959331] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 135.960200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 135.960878] CR2: 0000000020000140 CR3: 0000000018300000 CR4: 0000000000750ee0 [ 135.961838] PKRU: 55555554 [ 135.962166] Call Trace: [ 135.962445] [ 135.962729] __iommufd_access_detach+0x1c2/0x2b0 [ 135.963307] iommufd_access_change_pt+0x149/0x270 [ 135.964009] iommufd_access_replace+0xb4/0x120 [ 135.964518] iommufd_test+0x3e5/0x37e0 [ 135.965024] ? lock_release+0x532/0x770 [ 135.965478] ? __might_fault+0x102/0x1b0 [ 135.966127] ? lock_acquire+0x427/0x4c0 [ 135.966614] ? __pfx_iommufd_test+0x10/0x10 [ 135.967088] ? __pfx_lock_release+0x10/0x10 [ 135.967578] ? __pfx_lock_acquire+0x10/0x10 [ 135.968118] ? write_comp_data+0x2f/0x90 [ 135.968720] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 135.969350] ? write_comp_data+0x2f/0x90 [ 135.969817] iommufd_fops_ioctl+0x37d/0x510 [ 135.970312] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.971102] ? write_comp_data+0x2f/0x90 [ 135.971580] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 135.972119] __x64_sys_ioctl+0x1a3/0x230 [ 135.972579] do_syscall_64+0x3b/0x90 [ 135.973064] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 135.973769] RIP: 0033:0x7f4b8743ee5d [ 135.974177] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 135.976409] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 135.977246] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 135.978025] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 135.979028] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 135.979837] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 135.980687] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 135.981631] [ 135.981891] irq event stamp: 0 [ 135.982231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 135.982950] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 135.984115] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 135.985027] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 135.985836] ---[ end trace 0000000000000000 ]--- [ 135.991539] ------------[ cut here ]------------ [ 135.992132] WARNING: CPU: 1 PID: 1263 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 135.993469] Modules linked in: [ 135.993830] CPU: 1 PID: 1263 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 135.994863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 135.996342] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 135.996902] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 135.999266] RSP: 0018:ffff888013637bd0 EFLAGS: 00010246 [ 135.999855] RAX: 0000000000000000 RBX: ffff8880185190a8 RCX: 0000000000000000 [ 136.000850] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 136.001662] RBP: ffff888013637be8 R08: ffffed10030a3233 R09: ffffed10030a3233 [ 136.002441] R10: ffff888018519193 R11: ffffed10030a3232 R12: ffff888013b16800 [ 136.003275] R13: ffff8880185191e8 R14: ffff888020ed4700 R15: 0000000000000000 [ 136.004061] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.005262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.005919] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 136.006727] PKRU: 55555554 [ 136.007039] Call Trace: [ 136.007333] [ 136.007587] iommufd_access_destroy_object+0x65/0x170 [ 136.008157] iommufd_object_destroy_user+0x18e/0x220 [ 136.008971] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.009736] iommufd_access_destroy+0x43/0x70 [ 136.010251] iommufd_test_staccess_release+0x8d/0xd0 [ 136.010865] __fput+0x26d/0xa40 [ 136.011260] ____fput+0x1e/0x30 [ 136.011633] task_work_run+0x1a4/0x2d0 [ 136.012089] ? __pfx_task_work_run+0x10/0x10 [ 136.012582] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.013130] ? switch_task_namespaces+0xa9/0xe0 [ 136.013670] do_exit+0xb17/0x2ef0 [ 136.014056] ? lock_acquire+0x427/0x4c0 [ 136.014599] ? __pfx_lock_release+0x10/0x10 [ 136.015336] ? __kasan_check_write+0x18/0x20 [ 136.015827] ? do_raw_spin_lock+0x132/0x2a0 [ 136.016304] ? __pfx_do_exit+0x10/0x10 [ 136.016743] ? debug_smp_processor_id+0x20/0x30 [ 136.017258] ? rcu_is_watching+0x19/0xb0 [ 136.017707] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.018208] ? trace_hardirqs_on+0x26/0x120 [ 136.018755] do_group_exit+0xe0/0x2b0 [ 136.019216] __x64_sys_exit_group+0x47/0x50 [ 136.019711] do_syscall_64+0x3b/0x90 [ 136.020224] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.021042] RIP: 0033:0x7f4b87518a4d [ 136.021454] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.022122] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.023010] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.023814] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.024594] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.025700] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.026486] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.027330] [ 136.027596] irq event stamp: 0 [ 136.027948] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.028651] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.029823] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.030952] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.031662] ---[ end trace 0000000000000000 ]--- [ 136.032728] ------------[ cut here ]------------ [ 136.033265] WARNING: CPU: 1 PID: 1263 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.034450] Modules linked in: [ 136.034971] CPU: 1 PID: 1263 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.035995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.037234] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.037806] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.040390] RSP: 0018:ffff888013637b78 EFLAGS: 00010246 [ 136.040988] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.041753] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 136.042564] RBP: ffff888013637b98 R08: ffffed10030a323e R09: ffffed10030a323e [ 136.043356] R10: ffff8880185191ef R11: ffffed10030a323d R12: ffff888018519290 [ 136.044156] R13: ffff8880185190a8 R14: ffffffffffffffff R15: ffff888013637c60 [ 136.045187] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.046061] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.046778] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 136.047593] PKRU: 55555554 [ 136.047906] Call Trace: [ 136.048192] [ 136.048446] iommufd_ioas_destroy+0x53/0x70 [ 136.049067] iommufd_fops_release+0x1f7/0x370 [ 136.049775] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.050330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.050937] ? write_comp_data+0x2f/0x90 [ 136.051425] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.051994] __fput+0x26d/0xa40 [ 136.052375] ____fput+0x1e/0x30 [ 136.052747] task_work_run+0x1a4/0x2d0 [ 136.053200] ? __pfx_task_work_run+0x10/0x10 [ 136.053773] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.054568] ? switch_task_namespaces+0xa9/0xe0 [ 136.055097] do_exit+0xb17/0x2ef0 [ 136.055489] ? lock_acquire+0x427/0x4c0 [ 136.055930] ? __pfx_lock_release+0x10/0x10 [ 136.056415] ? __kasan_check_write+0x18/0x20 [ 136.056904] ? do_raw_spin_lock+0x132/0x2a0 [ 136.057377] ? __pfx_do_exit+0x10/0x10 [ 136.057813] ? debug_smp_processor_id+0x20/0x30 [ 136.058419] ? rcu_is_watching+0x19/0xb0 [ 136.059109] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.059629] ? trace_hardirqs_on+0x26/0x120 [ 136.060118] do_group_exit+0xe0/0x2b0 [ 136.060543] __x64_sys_exit_group+0x47/0x50 [ 136.061073] do_syscall_64+0x3b/0x90 [ 136.061494] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.062065] RIP: 0033:0x7f4b87518a4d [ 136.062476] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.063303] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.064271] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.065052] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.065844] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.066656] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.067438] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.068306] [ 136.068621] irq event stamp: 0 [ 136.069130] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.069812] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.070758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.071686] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.072373] ---[ end trace 0000000000000000 ]--- [ 136.078018] ------------[ cut here ]------------ [ 136.078672] WARNING: CPU: 1 PID: 1264 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.079781] Modules linked in: [ 136.080123] CPU: 1 PID: 1264 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.081141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.082471] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.083060] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.084982] RSP: 0018:ffff8880219e7bb8 EFLAGS: 00010246 [ 136.085640] RAX: 0000000000000000 RBX: ffff888011c5e0a8 RCX: 0000000000000000 [ 136.086621] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 136.087373] RBP: ffff8880219e7bd0 R08: ffffed100238bc33 R09: ffffed100238bc33 [ 136.088109] R10: ffff888011c5e193 R11: ffffed100238bc32 R12: ffff888014583c00 [ 136.088847] R13: ffff888011c5e1e8 R14: ffffffff8352e670 R15: ffff8880219e7e68 [ 136.089625] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.090772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.091386] CR2: 00007f4b877410e8 CR3: 0000000018300000 CR4: 0000000000750ee0 [ 136.092142] PKRU: 55555554 [ 136.092443] Call Trace: [ 136.092713] [ 136.093036] __iommufd_access_detach+0x1c2/0x2b0 [ 136.093554] iommufd_access_change_pt+0x149/0x270 [ 136.094170] iommufd_access_replace+0xb4/0x120 [ 136.094890] iommufd_test+0x3e5/0x37e0 [ 136.095330] ? lock_release+0x532/0x770 [ 136.095770] ? __might_fault+0x102/0x1b0 [ 136.096202] ? lock_acquire+0x427/0x4c0 [ 136.096626] ? __pfx_iommufd_test+0x10/0x10 [ 136.097079] ? __pfx_lock_release+0x10/0x10 [ 136.097546] ? __pfx_lock_acquire+0x10/0x10 [ 136.098017] ? write_comp_data+0x2f/0x90 [ 136.098468] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.099190] ? write_comp_data+0x2f/0x90 [ 136.099853] iommufd_fops_ioctl+0x37d/0x510 [ 136.100327] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.100858] ? write_comp_data+0x2f/0x90 [ 136.101316] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.101842] __x64_sys_ioctl+0x1a3/0x230 [ 136.102291] do_syscall_64+0x3b/0x90 [ 136.102745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.103335] RIP: 0033:0x7f4b8743ee5d [ 136.103744] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.106002] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.106871] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.107650] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.108413] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.109232] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.110278] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.111101] [ 136.111384] irq event stamp: 0 [ 136.111722] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.112403] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.113297] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.114235] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.115247] ---[ end trace 0000000000000000 ]--- [ 136.118932] ------------[ cut here ]------------ [ 136.119519] WARNING: CPU: 1 PID: 1264 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.120831] Modules linked in: [ 136.121176] CPU: 1 PID: 1264 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.122108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.123403] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.123955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.126271] RSP: 0018:ffff8880219e7bd0 EFLAGS: 00010246 [ 136.126883] RAX: 0000000000000000 RBX: ffff888011c5e0a8 RCX: 0000000000000000 [ 136.127664] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 136.128427] RBP: ffff8880219e7be8 R08: ffffed100238bc33 R09: ffffed100238bc33 [ 136.129257] R10: ffff888011c5e193 R11: ffffed100238bc32 R12: ffff888012e93000 [ 136.130286] R13: ffff888011c5e1e8 R14: ffff888015acb100 R15: 0000000000000000 [ 136.131089] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.131960] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.132591] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.133361] PKRU: 55555554 [ 136.133674] Call Trace: [ 136.134028] [ 136.134367] iommufd_access_destroy_object+0x65/0x170 [ 136.135089] iommufd_object_destroy_user+0x18e/0x220 [ 136.135666] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.136290] iommufd_access_destroy+0x43/0x70 [ 136.136789] iommufd_test_staccess_release+0x8d/0xd0 [ 136.137344] __fput+0x26d/0xa40 [ 136.137718] ____fput+0x1e/0x30 [ 136.138084] task_work_run+0x1a4/0x2d0 [ 136.138599] ? __pfx_task_work_run+0x10/0x10 [ 136.139089] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.139701] ? switch_task_namespaces+0xa9/0xe0 [ 136.140459] do_exit+0xb17/0x2ef0 [ 136.140837] ? lock_acquire+0x427/0x4c0 [ 136.141278] ? __pfx_lock_release+0x10/0x10 [ 136.141755] ? __kasan_check_write+0x18/0x20 [ 136.142239] ? do_raw_spin_lock+0x132/0x2a0 [ 136.142755] ? __pfx_do_exit+0x10/0x10 [ 136.143220] ? debug_smp_processor_id+0x20/0x30 [ 136.143732] ? rcu_is_watching+0x19/0xb0 [ 136.144179] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.144750] ? trace_hardirqs_on+0x26/0x120 [ 136.145458] do_group_exit+0xe0/0x2b0 [ 136.145889] __x64_sys_exit_group+0x47/0x50 [ 136.146361] do_syscall_64+0x3b/0x90 [ 136.146817] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.147398] RIP: 0033:0x7f4b87518a4d [ 136.147806] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.148471] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.149301] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.150376] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.151197] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.151974] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.152745] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.153537] [ 136.153796] irq event stamp: 0 [ 136.154204] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.155190] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.156100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.157051] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.157728] ---[ end trace 0000000000000000 ]--- [ 136.158703] ------------[ cut here ]------------ [ 136.159242] WARNING: CPU: 1 PID: 1264 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.160655] Modules linked in: [ 136.161001] CPU: 1 PID: 1264 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.161930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.163162] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.163725] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.166009] RSP: 0018:ffff8880219e7b78 EFLAGS: 00010246 [ 136.166640] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.167413] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 136.168180] RBP: ffff8880219e7b98 R08: ffffed100238bc3e R09: ffffed100238bc3e [ 136.169115] R10: ffff888011c5e1ef R11: ffffed100238bc3d R12: ffff888011c5e290 [ 136.170045] R13: ffff888011c5e0a8 R14: ffffffffffffffff R15: ffff8880219e7c60 [ 136.170865] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.171742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.172367] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.173137] PKRU: 55555554 [ 136.173489] Call Trace: [ 136.173856] [ 136.174191] iommufd_ioas_destroy+0x53/0x70 [ 136.174877] iommufd_fops_release+0x1f7/0x370 [ 136.175402] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.175946] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.176475] ? write_comp_data+0x2f/0x90 [ 136.176919] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.177460] __fput+0x26d/0xa40 [ 136.177836] ____fput+0x1e/0x30 [ 136.178205] task_work_run+0x1a4/0x2d0 [ 136.178774] ? __pfx_task_work_run+0x10/0x10 [ 136.179485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.180021] ? switch_task_namespaces+0xa9/0xe0 [ 136.180538] do_exit+0xb17/0x2ef0 [ 136.180917] ? lock_acquire+0x427/0x4c0 [ 136.181360] ? __pfx_lock_release+0x10/0x10 [ 136.181835] ? __kasan_check_write+0x18/0x20 [ 136.182316] ? do_raw_spin_lock+0x132/0x2a0 [ 136.182828] ? __pfx_do_exit+0x10/0x10 [ 136.183279] ? debug_smp_processor_id+0x20/0x30 [ 136.183791] ? rcu_is_watching+0x19/0xb0 [ 136.184304] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.185003] ? trace_hardirqs_on+0x26/0x120 [ 136.185486] do_group_exit+0xe0/0x2b0 [ 136.185897] __x64_sys_exit_group+0x47/0x50 [ 136.186363] do_syscall_64+0x3b/0x90 [ 136.186823] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.187407] RIP: 0033:0x7f4b87518a4d [ 136.187812] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.188469] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.189554] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.190319] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.191136] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.191908] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.192674] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.193535] [ 136.193913] irq event stamp: 0 [ 136.194414] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.195173] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.196067] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.196954] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.197635] ---[ end trace 0000000000000000 ]--- [ 136.202277] ------------[ cut here ]------------ [ 136.203042] WARNING: CPU: 1 PID: 1265 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.204142] Modules linked in: [ 136.204484] CPU: 1 PID: 1265 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.205417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.206967] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.207543] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.209494] RSP: 0018:ffff888013637bb8 EFLAGS: 00010246 [ 136.210073] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 136.210966] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 136.211912] RBP: ffff888013637bd0 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 136.212674] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff888010bb6400 [ 136.213431] R13: ffff888011f621e8 R14: ffffffff8352e670 R15: ffff888013637e68 [ 136.214187] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.215160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.215985] CR2: 00007f4b877410e8 CR3: 0000000018300000 CR4: 0000000000750ee0 [ 136.216749] PKRU: 55555554 [ 136.217052] Call Trace: [ 136.217324] [ 136.217567] __iommufd_access_detach+0x1c2/0x2b0 [ 136.218094] iommufd_access_change_pt+0x149/0x270 [ 136.218673] iommufd_access_replace+0xb4/0x120 [ 136.219191] iommufd_test+0x3e5/0x37e0 [ 136.219614] ? lock_release+0x532/0x770 [ 136.220128] ? __might_fault+0x102/0x1b0 [ 136.220755] ? lock_acquire+0x427/0x4c0 [ 136.221281] ? __pfx_iommufd_test+0x10/0x10 [ 136.221749] ? __pfx_lock_release+0x10/0x10 [ 136.222233] ? __pfx_lock_acquire+0x10/0x10 [ 136.222763] ? write_comp_data+0x2f/0x90 [ 136.223230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.223759] ? write_comp_data+0x2f/0x90 [ 136.224214] iommufd_fops_ioctl+0x37d/0x510 [ 136.224809] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.225546] ? write_comp_data+0x2f/0x90 [ 136.225995] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.226569] __x64_sys_ioctl+0x1a3/0x230 [ 136.227024] do_syscall_64+0x3b/0x90 [ 136.227452] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.228022] RIP: 0033:0x7f4b8743ee5d [ 136.228423] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.230764] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.231614] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.232375] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.233131] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.233977] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.234989] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.235779] [ 136.236028] irq event stamp: 0 [ 136.236371] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.237048] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.237954] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.239234] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.239917] ---[ end trace 0000000000000000 ]--- [ 136.243642] ------------[ cut here ]------------ [ 136.244209] WARNING: CPU: 1 PID: 1265 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.245282] Modules linked in: [ 136.245624] CPU: 1 PID: 1265 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.246665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.248055] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.248598] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.250591] RSP: 0018:ffff888013637bd0 EFLAGS: 00010246 [ 136.251273] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 136.252299] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 136.253146] RBP: ffff888013637be8 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 136.253902] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff888014581800 [ 136.254707] R13: ffff888011f621e8 R14: ffff888020f60e00 R15: 0000000000000000 [ 136.255476] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.256440] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.257307] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 136.258065] PKRU: 55555554 [ 136.258371] Call Trace: [ 136.258709] [ 136.258960] iommufd_access_destroy_object+0x65/0x170 [ 136.259543] iommufd_object_destroy_user+0x18e/0x220 [ 136.260100] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.260736] iommufd_access_destroy+0x43/0x70 [ 136.261350] iommufd_test_staccess_release+0x8d/0xd0 [ 136.262034] __fput+0x26d/0xa40 [ 136.262412] ____fput+0x1e/0x30 [ 136.262831] task_work_run+0x1a4/0x2d0 [ 136.263285] ? __pfx_task_work_run+0x10/0x10 [ 136.263769] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.264299] ? switch_task_namespaces+0xa9/0xe0 [ 136.264811] do_exit+0xb17/0x2ef0 [ 136.265191] ? lock_acquire+0x427/0x4c0 [ 136.265713] ? __pfx_lock_release+0x10/0x10 [ 136.266402] ? __kasan_check_write+0x18/0x20 [ 136.266934] ? do_raw_spin_lock+0x132/0x2a0 [ 136.267442] ? __pfx_do_exit+0x10/0x10 [ 136.267881] ? debug_smp_processor_id+0x20/0x30 [ 136.268390] ? rcu_is_watching+0x19/0xb0 [ 136.268841] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.269337] ? trace_hardirqs_on+0x26/0x120 [ 136.269811] do_group_exit+0xe0/0x2b0 [ 136.270285] __x64_sys_exit_group+0x47/0x50 [ 136.271015] do_syscall_64+0x3b/0x90 [ 136.271449] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.272018] RIP: 0033:0x7f4b87518a4d [ 136.272423] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.273088] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.273900] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.274715] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.275826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.276592] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.277355] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.278135] [ 136.278390] irq event stamp: 0 [ 136.278780] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.279478] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.280672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.281569] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.282246] ---[ end trace 0000000000000000 ]--- [ 136.283302] ------------[ cut here ]------------ [ 136.283830] WARNING: CPU: 1 PID: 1265 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.285341] Modules linked in: [ 136.285688] CPU: 1 PID: 1265 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.286737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.287960] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.288522] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.290903] RSP: 0018:ffff888013637b78 EFLAGS: 00010246 [ 136.291512] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.292268] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 136.293028] RBP: ffff888013637b98 R08: ffffed10023ec43e R09: ffffed10023ec43e [ 136.293796] R10: ffff888011f621ef R11: ffffed10023ec43d R12: ffff888011f62290 [ 136.294849] R13: ffff888011f620a8 R14: ffffffffffffffff R15: ffff888013637c60 [ 136.295626] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.296485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.297107] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 136.297873] PKRU: 55555554 [ 136.298182] Call Trace: [ 136.298601] [ 136.298971] iommufd_ioas_destroy+0x53/0x70 [ 136.299482] iommufd_fops_release+0x1f7/0x370 [ 136.299978] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.300530] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.301068] ? write_comp_data+0x2f/0x90 [ 136.301522] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.302067] __fput+0x26d/0xa40 [ 136.302443] ____fput+0x1e/0x30 [ 136.302938] task_work_run+0x1a4/0x2d0 [ 136.303521] ? __pfx_task_work_run+0x10/0x10 [ 136.304004] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.304535] ? switch_task_namespaces+0xa9/0xe0 [ 136.305054] do_exit+0xb17/0x2ef0 [ 136.305435] ? lock_acquire+0x427/0x4c0 [ 136.305883] ? __pfx_lock_release+0x10/0x10 [ 136.306363] ? __kasan_check_write+0x18/0x20 [ 136.306908] ? do_raw_spin_lock+0x132/0x2a0 [ 136.307395] ? __pfx_do_exit+0x10/0x10 [ 136.307883] ? debug_smp_processor_id+0x20/0x30 [ 136.308617] ? rcu_is_watching+0x19/0xb0 [ 136.309064] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.309557] ? trace_hardirqs_on+0x26/0x120 [ 136.310029] do_group_exit+0xe0/0x2b0 [ 136.310446] __x64_sys_exit_group+0x47/0x50 [ 136.310954] do_syscall_64+0x3b/0x90 [ 136.311386] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.311961] RIP: 0033:0x7f4b87518a4d [ 136.312452] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.313403] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.314213] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.315022] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.315818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.316578] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.317595] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.318603] [ 136.318864] irq event stamp: 0 [ 136.319220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.319908] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.320799] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.321724] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.322701] ---[ end trace 0000000000000000 ]--- [ 136.328491] ------------[ cut here ]------------ [ 136.329059] WARNING: CPU: 1 PID: 1266 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.330314] Modules linked in: [ 136.330880] CPU: 1 PID: 1266 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.331853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.333058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.333595] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.336025] RSP: 0018:ffff8880219e7bb8 EFLAGS: 00010246 [ 136.336741] RAX: 0000000000000000 RBX: ffff888023e9c0a8 RCX: 0000000000000000 [ 136.337491] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 136.338239] RBP: ffff8880219e7bd0 R08: ffffed10047d3833 R09: ffffed10047d3833 [ 136.339012] R10: ffff888023e9c193 R11: ffffed10047d3832 R12: ffff888010825400 [ 136.339781] R13: ffff888023e9c1e8 R14: ffffffff8352e670 R15: ffff8880219e7e68 [ 136.340592] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.341721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.342338] CR2: 00007f4b877410e8 CR3: 0000000018300000 CR4: 0000000000750ee0 [ 136.343146] PKRU: 55555554 [ 136.343452] Call Trace: [ 136.343726] [ 136.343967] __iommufd_access_detach+0x1c2/0x2b0 [ 136.344490] iommufd_access_change_pt+0x149/0x270 [ 136.345015] iommufd_access_replace+0xb4/0x120 [ 136.345729] iommufd_test+0x3e5/0x37e0 [ 136.346140] ? lock_release+0x532/0x770 [ 136.346601] ? __might_fault+0x102/0x1b0 [ 136.347044] ? lock_acquire+0x427/0x4c0 [ 136.347496] ? __pfx_iommufd_test+0x10/0x10 [ 136.347951] ? __pfx_lock_release+0x10/0x10 [ 136.348414] ? __pfx_lock_acquire+0x10/0x10 [ 136.348877] ? write_comp_data+0x2f/0x90 [ 136.349399] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.350053] ? write_comp_data+0x2f/0x90 [ 136.350723] iommufd_fops_ioctl+0x37d/0x510 [ 136.351204] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.351724] ? write_comp_data+0x2f/0x90 [ 136.352159] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.352670] __x64_sys_ioctl+0x1a3/0x230 [ 136.353119] do_syscall_64+0x3b/0x90 [ 136.353532] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.354080] RIP: 0033:0x7f4b8743ee5d [ 136.354566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.356670] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.357464] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.358201] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.359018] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.360016] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.360756] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.361507] [ 136.361752] irq event stamp: 0 [ 136.362083] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.362782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.363686] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.364756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.365599] ---[ end trace 0000000000000000 ]--- [ 136.368942] ------------[ cut here ]------------ [ 136.369477] WARNING: CPU: 1 PID: 1266 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.371286] Modules linked in: [ 136.371633] CPU: 1 PID: 1266 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.372538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.373694] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.374212] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.376798] RSP: 0018:ffff8880219e7bd0 EFLAGS: 00010246 [ 136.377358] RAX: 0000000000000000 RBX: ffff888023e9c0a8 RCX: 0000000000000000 [ 136.378089] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 136.378845] RBP: ffff8880219e7be8 R08: ffffed10047d3833 R09: ffffed10047d3833 [ 136.379616] R10: ffff888023e9c193 R11: ffffed10047d3832 R12: ffff888010bb4800 [ 136.380352] R13: ffff888023e9c1e8 R14: ffff888013428700 R15: 0000000000000000 [ 136.381361] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.382188] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.382822] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.383569] PKRU: 55555554 [ 136.383861] Call Trace: [ 136.384127] [ 136.384365] iommufd_access_destroy_object+0x65/0x170 [ 136.384910] iommufd_object_destroy_user+0x18e/0x220 [ 136.385554] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.386335] iommufd_access_destroy+0x43/0x70 [ 136.386977] iommufd_test_staccess_release+0x8d/0xd0 [ 136.387526] __fput+0x26d/0xa40 [ 136.387889] ____fput+0x1e/0x30 [ 136.388244] task_work_run+0x1a4/0x2d0 [ 136.388662] ? __pfx_task_work_run+0x10/0x10 [ 136.389127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.389643] ? switch_task_namespaces+0xa9/0xe0 [ 136.390137] do_exit+0xb17/0x2ef0 [ 136.390501] ? lock_acquire+0x427/0x4c0 [ 136.390960] ? __pfx_lock_release+0x10/0x10 [ 136.391440] ? __kasan_check_write+0x18/0x20 [ 136.391941] ? do_raw_spin_lock+0x132/0x2a0 [ 136.392617] ? __pfx_do_exit+0x10/0x10 [ 136.393033] ? debug_smp_processor_id+0x20/0x30 [ 136.393530] ? rcu_is_watching+0x19/0xb0 [ 136.393967] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.394452] ? trace_hardirqs_on+0x26/0x120 [ 136.394942] do_group_exit+0xe0/0x2b0 [ 136.395348] __x64_sys_exit_group+0x47/0x50 [ 136.395802] do_syscall_64+0x3b/0x90 [ 136.396195] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.396740] RIP: 0033:0x7f4b87518a4d [ 136.397193] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.398087] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.398944] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.399686] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.400409] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.401132] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.401862] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.402849] [ 136.403213] irq event stamp: 0 [ 136.403562] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.404216] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.405075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.406034] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.406853] ---[ end trace 0000000000000000 ]--- [ 136.407858] ------------[ cut here ]------------ [ 136.408346] WARNING: CPU: 1 PID: 1266 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.409613] Modules linked in: [ 136.409946] CPU: 1 PID: 1266 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.410903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.412308] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.412843] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.414972] RSP: 0018:ffff8880219e7b78 EFLAGS: 00010246 [ 136.415551] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.416278] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 136.417220] RBP: ffff8880219e7b98 R08: ffffed10047d383e R09: ffffed10047d383e [ 136.417956] R10: ffff888023e9c1ef R11: ffffed10047d383d R12: ffff888023e9c290 [ 136.418736] R13: ffff888023e9c0a8 R14: ffffffffffffffff R15: ffff8880219e7c60 [ 136.419557] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.420531] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.421123] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.422038] PKRU: 55555554 [ 136.422338] Call Trace: [ 136.422645] [ 136.422891] iommufd_ioas_destroy+0x53/0x70 [ 136.423370] iommufd_fops_release+0x1f7/0x370 [ 136.423841] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.424358] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.425114] ? write_comp_data+0x2f/0x90 [ 136.425559] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.426096] __fput+0x26d/0xa40 [ 136.426460] ____fput+0x1e/0x30 [ 136.426854] task_work_run+0x1a4/0x2d0 [ 136.427474] ? __pfx_task_work_run+0x10/0x10 [ 136.427938] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.428451] ? switch_task_namespaces+0xa9/0xe0 [ 136.428947] do_exit+0xb17/0x2ef0 [ 136.429314] ? lock_acquire+0x427/0x4c0 [ 136.429779] ? __pfx_lock_release+0x10/0x10 [ 136.430392] ? __kasan_check_write+0x18/0x20 [ 136.430882] ? do_raw_spin_lock+0x132/0x2a0 [ 136.431352] ? __pfx_do_exit+0x10/0x10 [ 136.431767] ? debug_smp_processor_id+0x20/0x30 [ 136.432259] ? rcu_is_watching+0x19/0xb0 [ 136.432809] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.433364] ? trace_hardirqs_on+0x26/0x120 [ 136.433822] do_group_exit+0xe0/0x2b0 [ 136.434223] __x64_sys_exit_group+0x47/0x50 [ 136.434708] do_syscall_64+0x3b/0x90 [ 136.435107] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.435886] RIP: 0033:0x7f4b87518a4d [ 136.436269] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.436904] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.437810] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.438673] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.439423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.440153] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.441138] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.441882] [ 136.442124] irq event stamp: 0 [ 136.442451] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.443384] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.444258] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.445120] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.445890] ---[ end trace 0000000000000000 ]--- [ 136.452494] ------------[ cut here ]------------ [ 136.453041] WARNING: CPU: 1 PID: 1267 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.454330] Modules linked in: [ 136.454729] CPU: 1 PID: 1267 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.455631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.456980] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.457494] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.459617] RSP: 0018:ffff888014b67bb8 EFLAGS: 00010246 [ 136.460180] RAX: 0000000000000000 RBX: ffff888020e3f8a8 RCX: 0000000000000000 [ 136.460915] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 136.461892] RBP: ffff888014b67bd0 R08: ffffed10041c7f33 R09: ffffed10041c7f33 [ 136.462659] R10: ffff888020e3f993 R11: ffffed10041c7f32 R12: ffff88801341f800 [ 136.463403] R13: ffff888020e3f9e8 R14: ffffffff8352e670 R15: ffff888014b67e68 [ 136.464380] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.465207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.465801] CR2: 0000000020000140 CR3: 000000001830c000 CR4: 0000000000750ee0 [ 136.466774] PKRU: 55555554 [ 136.467084] Call Trace: [ 136.467362] [ 136.467599] __iommufd_access_detach+0x1c2/0x2b0 [ 136.468105] iommufd_access_change_pt+0x149/0x270 [ 136.468612] iommufd_access_replace+0xb4/0x120 [ 136.469214] iommufd_test+0x3e5/0x37e0 [ 136.469699] ? lock_release+0x532/0x770 [ 136.470124] ? __might_fault+0x102/0x1b0 [ 136.470589] ? lock_acquire+0x427/0x4c0 [ 136.471012] ? __pfx_iommufd_test+0x10/0x10 [ 136.471468] ? __pfx_lock_release+0x10/0x10 [ 136.472139] ? __pfx_lock_acquire+0x10/0x10 [ 136.472601] ? write_comp_data+0x2f/0x90 [ 136.473036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.473553] ? write_comp_data+0x2f/0x90 [ 136.474055] iommufd_fops_ioctl+0x37d/0x510 [ 136.474649] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.475164] ? write_comp_data+0x2f/0x90 [ 136.475599] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.476120] __x64_sys_ioctl+0x1a3/0x230 [ 136.476570] do_syscall_64+0x3b/0x90 [ 136.477167] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.477721] RIP: 0033:0x7f4b8743ee5d [ 136.478116] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.480299] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.481103] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.481896] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.482817] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.483568] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.484309] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.485297] [ 136.485544] irq event stamp: 0 [ 136.485874] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.486557] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.487538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.488513] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.489173] ---[ end trace 0000000000000000 ]--- [ 136.492537] ------------[ cut here ]------------ [ 136.493222] WARNING: CPU: 1 PID: 1267 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.494275] Modules linked in: [ 136.494685] CPU: 1 PID: 1267 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.495828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.497006] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.497536] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.499726] RSP: 0018:ffff888014b67bd0 EFLAGS: 00010246 [ 136.500293] RAX: 0000000000000000 RBX: ffff888020e3f8a8 RCX: 0000000000000000 [ 136.501228] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 136.501966] RBP: ffff888014b67be8 R08: ffffed10041c7f33 R09: ffffed10041c7f33 [ 136.502762] R10: ffff888020e3f993 R11: ffffed10041c7f32 R12: ffff888010826c00 [ 136.503643] R13: ffff888020e3f9e8 R14: ffff888013807e00 R15: 0000000000000000 [ 136.504376] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.505196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.506055] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.506821] PKRU: 55555554 [ 136.507133] Call Trace: [ 136.507401] [ 136.507637] iommufd_access_destroy_object+0x65/0x170 [ 136.508304] iommufd_object_destroy_user+0x18e/0x220 [ 136.508951] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.509556] iommufd_access_destroy+0x43/0x70 [ 136.510031] iommufd_test_staccess_release+0x8d/0xd0 [ 136.510653] __fput+0x26d/0xa40 [ 136.511137] ____fput+0x1e/0x30 [ 136.511483] task_work_run+0x1a4/0x2d0 [ 136.511893] ? __pfx_task_work_run+0x10/0x10 [ 136.512354] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.512858] ? switch_task_namespaces+0xa9/0xe0 [ 136.513492] do_exit+0xb17/0x2ef0 [ 136.513948] ? lock_acquire+0x427/0x4c0 [ 136.514370] ? __pfx_lock_release+0x10/0x10 [ 136.514849] ? __kasan_check_write+0x18/0x20 [ 136.515319] ? do_raw_spin_lock+0x132/0x2a0 [ 136.515773] ? __pfx_do_exit+0x10/0x10 [ 136.516307] ? debug_smp_processor_id+0x20/0x30 [ 136.516880] ? rcu_is_watching+0x19/0xb0 [ 136.517304] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.517772] ? trace_hardirqs_on+0x26/0x120 [ 136.518265] do_group_exit+0xe0/0x2b0 [ 136.518859] __x64_sys_exit_group+0x47/0x50 [ 136.519318] do_syscall_64+0x3b/0x90 [ 136.519708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.520240] RIP: 0033:0x7f4b87518a4d [ 136.520596] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.521368] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.522085] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.522777] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.523528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.524298] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.524969] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.525711] [ 136.526025] irq event stamp: 0 [ 136.526321] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.526942] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.527749] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.528724] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.529318] ---[ end trace 0000000000000000 ]--- [ 136.530152] ------------[ cut here ]------------ [ 136.530819] WARNING: CPU: 1 PID: 1267 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.531797] Modules linked in: [ 136.532099] CPU: 1 PID: 1267 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.533012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.534160] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.534680] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.536595] RSP: 0018:ffff888014b67b78 EFLAGS: 00010246 [ 136.537096] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.537934] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 136.538629] RBP: ffff888014b67b98 R08: ffffed10041c7f3e R09: ffffed10041c7f3e [ 136.539307] R10: ffff888020e3f9ef R11: ffffed10041c7f3d R12: ffff888020e3fa90 [ 136.540064] R13: ffff888020e3f8a8 R14: ffffffffffffffff R15: ffff888014b67c60 [ 136.540809] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.541562] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.542273] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.542953] PKRU: 55555554 [ 136.543223] Call Trace: [ 136.543461] [ 136.543671] iommufd_ioas_destroy+0x53/0x70 [ 136.544082] iommufd_fops_release+0x1f7/0x370 [ 136.544683] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.545151] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.545612] ? write_comp_data+0x2f/0x90 [ 136.545996] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.546545] __fput+0x26d/0xa40 [ 136.546956] ____fput+0x1e/0x30 [ 136.547283] task_work_run+0x1a4/0x2d0 [ 136.547653] ? __pfx_task_work_run+0x10/0x10 [ 136.548070] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.548523] ? switch_task_namespaces+0xa9/0xe0 [ 136.548985] do_exit+0xb17/0x2ef0 [ 136.549381] ? lock_acquire+0x427/0x4c0 [ 136.549740] ? __pfx_lock_release+0x10/0x10 [ 136.550127] ? __kasan_check_write+0x18/0x20 [ 136.550552] ? do_raw_spin_lock+0x132/0x2a0 [ 136.550937] ? __pfx_do_exit+0x10/0x10 [ 136.551345] ? debug_smp_processor_id+0x20/0x30 [ 136.551845] ? rcu_is_watching+0x19/0xb0 [ 136.552208] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.552614] ? trace_hardirqs_on+0x26/0x120 [ 136.553003] do_group_exit+0xe0/0x2b0 [ 136.553398] __x64_sys_exit_group+0x47/0x50 [ 136.553861] do_syscall_64+0x3b/0x90 [ 136.554201] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.554688] RIP: 0033:0x7f4b87518a4d [ 136.555019] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.555573] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.556392] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.557011] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.557650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.558379] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.559021] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.559660] [ 136.559864] irq event stamp: 0 [ 136.560256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.560808] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.561542] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.562409] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.562985] ---[ end trace 0000000000000000 ]--- [ 136.567078] ------------[ cut here ]------------ [ 136.567560] WARNING: CPU: 1 PID: 1268 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.568593] Modules linked in: [ 136.568873] CPU: 1 PID: 1268 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.569626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.570774] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.571224] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.572962] RSP: 0018:ffff8880219e7bb8 EFLAGS: 00010246 [ 136.573432] RAX: 0000000000000000 RBX: ffff8880165550a8 RCX: 0000000000000000 [ 136.574124] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 136.574843] RBP: ffff8880219e7bd0 R08: ffffed1002caaa33 R09: ffffed1002caaa33 [ 136.575480] R10: ffff888016555193 R11: ffffed1002caaa32 R12: ffff88801226e000 [ 136.576099] R13: ffff8880165551e8 R14: ffffffff8352e670 R15: ffff8880219e7e68 [ 136.576871] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.577565] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.578097] CR2: 00007f4b877410e8 CR3: 000000001830c000 CR4: 0000000000750ee0 [ 136.578853] PKRU: 55555554 [ 136.579107] Call Trace: [ 136.579338] [ 136.579537] __iommufd_access_detach+0x1c2/0x2b0 [ 136.579967] iommufd_access_change_pt+0x149/0x270 [ 136.580477] iommufd_access_replace+0xb4/0x120 [ 136.580959] iommufd_test+0x3e5/0x37e0 [ 136.581300] ? lock_release+0x532/0x770 [ 136.581663] ? __might_fault+0x102/0x1b0 [ 136.582028] ? lock_acquire+0x427/0x4c0 [ 136.582467] ? __pfx_iommufd_test+0x10/0x10 [ 136.582902] ? __pfx_lock_release+0x10/0x10 [ 136.583305] ? __pfx_lock_acquire+0x10/0x10 [ 136.583697] ? write_comp_data+0x2f/0x90 [ 136.584065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.584495] ? write_comp_data+0x2f/0x90 [ 136.584984] iommufd_fops_ioctl+0x37d/0x510 [ 136.585368] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.585798] ? write_comp_data+0x2f/0x90 [ 136.586165] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.586693] __x64_sys_ioctl+0x1a3/0x230 [ 136.587093] do_syscall_64+0x3b/0x90 [ 136.587438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.587902] RIP: 0033:0x7f4b8743ee5d [ 136.588228] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.589973] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.590662] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.591418] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.592038] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.592657] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.593439] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.594068] [ 136.594273] irq event stamp: 0 [ 136.594582] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.595177] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.596024] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.596752] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.597416] ---[ end trace 0000000000000000 ]--- [ 136.600528] ------------[ cut here ]------------ [ 136.600976] WARNING: CPU: 1 PID: 1268 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.602013] Modules linked in: [ 136.602294] CPU: 1 PID: 1268 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.603124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.604259] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.604697] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.606412] RSP: 0018:ffff8880219e7bd0 EFLAGS: 00010246 [ 136.606903] RAX: 0000000000000000 RBX: ffff8880165550a8 RCX: 0000000000000000 [ 136.607536] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 136.608302] RBP: ffff8880219e7be8 R08: ffffed1002caaa33 R09: ffffed1002caaa33 [ 136.608920] R10: ffff888016555193 R11: ffffed1002caaa32 R12: ffff88801341e800 [ 136.609538] R13: ffff8880165551e8 R14: ffff8880209b3300 R15: 0000000000000000 [ 136.610295] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.611028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.611550] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 136.612245] PKRU: 55555554 [ 136.612554] Call Trace: [ 136.612778] [ 136.612978] iommufd_access_destroy_object+0x65/0x170 [ 136.613438] iommufd_object_destroy_user+0x18e/0x220 [ 136.613893] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.614550] iommufd_access_destroy+0x43/0x70 [ 136.614958] iommufd_test_staccess_release+0x8d/0xd0 [ 136.615426] __fput+0x26d/0xa40 [ 136.615731] ____fput+0x1e/0x30 [ 136.616033] task_work_run+0x1a4/0x2d0 [ 136.616534] ? __pfx_task_work_run+0x10/0x10 [ 136.616926] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.617359] ? switch_task_namespaces+0xa9/0xe0 [ 136.617782] do_exit+0xb17/0x2ef0 [ 136.618126] ? lock_acquire+0x427/0x4c0 [ 136.618617] ? __pfx_lock_release+0x10/0x10 [ 136.619008] ? __kasan_check_write+0x18/0x20 [ 136.619418] ? do_raw_spin_lock+0x132/0x2a0 [ 136.619801] ? __pfx_do_exit+0x10/0x10 [ 136.620150] ? debug_smp_processor_id+0x20/0x30 [ 136.620644] ? rcu_is_watching+0x19/0xb0 [ 136.621087] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.621492] ? trace_hardirqs_on+0x26/0x120 [ 136.621877] do_group_exit+0xe0/0x2b0 [ 136.622214] __x64_sys_exit_group+0x47/0x50 [ 136.622698] do_syscall_64+0x3b/0x90 [ 136.623072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.623543] RIP: 0033:0x7f4b87518a4d [ 136.623873] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.624409] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.625237] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.625854] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.626474] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.627291] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.627911] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.628540] [ 136.628748] irq event stamp: 0 [ 136.629078] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.629717] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.630445] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.631350] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.631909] ---[ end trace 0000000000000000 ]--- [ 136.632770] ------------[ cut here ]------------ [ 136.633192] WARNING: CPU: 1 PID: 1268 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.634244] Modules linked in: [ 136.634555] CPU: 1 PID: 1268 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.635328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.636459] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.636901] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.638635] RSP: 0018:ffff8880219e7b78 EFLAGS: 00010246 [ 136.639100] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.639723] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 136.640487] RBP: ffff8880219e7b98 R08: ffffed1002caaa3e R09: ffffed1002caaa3e [ 136.641096] R10: ffff8880165551ef R11: ffffed1002caaa3d R12: ffff888016555290 [ 136.641738] R13: ffff8880165550a8 R14: ffffffffffffffff R15: ffff8880219e7c60 [ 136.642440] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.643166] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.643669] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 136.644428] PKRU: 55555554 [ 136.644673] Call Trace: [ 136.644894] [ 136.645090] iommufd_ioas_destroy+0x53/0x70 [ 136.645472] iommufd_fops_release+0x1f7/0x370 [ 136.645902] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.646409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.646897] ? write_comp_data+0x2f/0x90 [ 136.647278] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.647721] __fput+0x26d/0xa40 [ 136.648022] ____fput+0x1e/0x30 [ 136.648314] task_work_run+0x1a4/0x2d0 [ 136.648653] ? __pfx_task_work_run+0x10/0x10 [ 136.649035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.649461] ? switch_task_namespaces+0xa9/0xe0 [ 136.649870] do_exit+0xb17/0x2ef0 [ 136.650167] ? lock_acquire+0x427/0x4c0 [ 136.650546] ? __pfx_lock_release+0x10/0x10 [ 136.650923] ? __kasan_check_write+0x18/0x20 [ 136.651314] ? do_raw_spin_lock+0x132/0x2a0 [ 136.651687] ? __pfx_do_exit+0x10/0x10 [ 136.652031] ? debug_smp_processor_id+0x20/0x30 [ 136.652432] ? rcu_is_watching+0x19/0xb0 [ 136.652783] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.653175] ? trace_hardirqs_on+0x26/0x120 [ 136.653549] do_group_exit+0xe0/0x2b0 [ 136.653879] __x64_sys_exit_group+0x47/0x50 [ 136.654247] do_syscall_64+0x3b/0x90 [ 136.654596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.655047] RIP: 0033:0x7f4b87518a4d [ 136.655365] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.655861] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.656470] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.657037] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.657610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.658198] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.658799] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.659386] [ 136.659579] irq event stamp: 0 [ 136.659836] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.660347] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.661018] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.661685] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.662189] ---[ end trace 0000000000000000 ]--- [ 136.666071] ------------[ cut here ]------------ [ 136.666492] WARNING: CPU: 1 PID: 1269 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.667366] Modules linked in: [ 136.667627] CPU: 1 PID: 1269 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.668329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.669225] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.669627] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.671136] RSP: 0018:ffff88802445fbb8 EFLAGS: 00010246 [ 136.671568] RAX: 0000000000000000 RBX: ffff88800b8168a8 RCX: 0000000000000000 [ 136.672136] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 136.672701] RBP: ffff88802445fbd0 R08: ffffed1001702d33 R09: ffffed1001702d33 [ 136.673277] R10: ffff88800b816993 R11: ffffed1001702d32 R12: ffff888010bb5c00 [ 136.673845] R13: ffff88800b8169e8 R14: ffffffff8352e670 R15: ffff88802445fe68 [ 136.674421] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.675082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.675556] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 136.676133] PKRU: 55555554 [ 136.676366] Call Trace: [ 136.676572] [ 136.676754] __iommufd_access_detach+0x1c2/0x2b0 [ 136.677149] iommufd_access_change_pt+0x149/0x270 [ 136.677551] iommufd_access_replace+0xb4/0x120 [ 136.677934] iommufd_test+0x3e5/0x37e0 [ 136.678248] ? lock_release+0x532/0x770 [ 136.678603] ? __might_fault+0x102/0x1b0 [ 136.678942] ? lock_acquire+0x427/0x4c0 [ 136.679284] ? __pfx_iommufd_test+0x10/0x10 [ 136.679641] ? __pfx_lock_release+0x10/0x10 [ 136.679994] ? __pfx_lock_acquire+0x10/0x10 [ 136.680352] ? write_comp_data+0x2f/0x90 [ 136.680689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.681089] ? write_comp_data+0x2f/0x90 [ 136.681425] iommufd_fops_ioctl+0x37d/0x510 [ 136.681777] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.682178] ? write_comp_data+0x2f/0x90 [ 136.682534] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.682930] __x64_sys_ioctl+0x1a3/0x230 [ 136.683281] do_syscall_64+0x3b/0x90 [ 136.683595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.684024] RIP: 0033:0x7f4b8743ee5d [ 136.684329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.685825] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.686437] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.687038] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.687623] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.688205] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.688778] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.689363] [ 136.689554] irq event stamp: 0 [ 136.689809] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.690316] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.691015] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.691702] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.692211] ---[ end trace 0000000000000000 ]--- [ 136.694972] ------------[ cut here ]------------ [ 136.695377] WARNING: CPU: 1 PID: 1269 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.696172] Modules linked in: [ 136.696429] CPU: 1 PID: 1269 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.697118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.698009] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.698405] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.699863] RSP: 0018:ffff88802445fbd0 EFLAGS: 00010246 [ 136.700278] RAX: 0000000000000000 RBX: ffff88800b8168a8 RCX: 0000000000000000 [ 136.700833] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 136.701388] RBP: ffff88802445fbe8 R08: ffffed1001702d33 R09: ffffed1001702d33 [ 136.701938] R10: ffff88800b816993 R11: ffffed1001702d32 R12: ffff88801226d800 [ 136.702489] R13: ffff88800b8169e8 R14: ffff8880218d4000 R15: 0000000000000000 [ 136.703065] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.703702] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.704153] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.704710] PKRU: 55555554 [ 136.704934] Call Trace: [ 136.705134] [ 136.705314] iommufd_access_destroy_object+0x65/0x170 [ 136.705721] iommufd_object_destroy_user+0x18e/0x220 [ 136.706122] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.706604] iommufd_access_destroy+0x43/0x70 [ 136.706965] iommufd_test_staccess_release+0x8d/0xd0 [ 136.707381] __fput+0x26d/0xa40 [ 136.707657] ____fput+0x1e/0x30 [ 136.707925] task_work_run+0x1a4/0x2d0 [ 136.708242] ? __pfx_task_work_run+0x10/0x10 [ 136.708597] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.708988] ? switch_task_namespaces+0xa9/0xe0 [ 136.709365] do_exit+0xb17/0x2ef0 [ 136.709645] ? lock_acquire+0x427/0x4c0 [ 136.709965] ? __pfx_lock_release+0x10/0x10 [ 136.710310] ? __kasan_check_write+0x18/0x20 [ 136.710675] ? do_raw_spin_lock+0x132/0x2a0 [ 136.711016] ? __pfx_do_exit+0x10/0x10 [ 136.711333] ? debug_smp_processor_id+0x20/0x30 [ 136.711708] ? rcu_is_watching+0x19/0xb0 [ 136.712033] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.712397] ? trace_hardirqs_on+0x26/0x120 [ 136.712746] do_group_exit+0xe0/0x2b0 [ 136.713051] __x64_sys_exit_group+0x47/0x50 [ 136.713393] do_syscall_64+0x3b/0x90 [ 136.713693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.714105] RIP: 0033:0x7f4b87518a4d [ 136.714399] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.714895] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.715495] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.716060] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.716621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.717179] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.717741] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.718302] [ 136.718490] irq event stamp: 0 [ 136.718755] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.719254] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.719897] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.720543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.721032] ---[ end trace 0000000000000000 ]--- [ 136.721712] ------------[ cut here ]------------ [ 136.722077] WARNING: CPU: 1 PID: 1269 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.722895] Modules linked in: [ 136.723160] CPU: 1 PID: 1269 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.723832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.724700] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.725098] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.726485] RSP: 0018:ffff88802445fb78 EFLAGS: 00010246 [ 136.726911] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.727465] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 136.728013] RBP: ffff88802445fb98 R08: ffffed1001702d3e R09: ffffed1001702d3e [ 136.728561] R10: ffff88800b8169ef R11: ffffed1001702d3d R12: ffff88800b816a90 [ 136.729105] R13: ffff88800b8168a8 R14: ffffffffffffffff R15: ffff88802445fc60 [ 136.729656] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.730278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.730747] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.731303] PKRU: 55555554 [ 136.731522] Call Trace: [ 136.731719] [ 136.731895] iommufd_ioas_destroy+0x53/0x70 [ 136.732234] iommufd_fops_release+0x1f7/0x370 [ 136.732593] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.732989] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.733378] ? write_comp_data+0x2f/0x90 [ 136.733702] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.734094] __fput+0x26d/0xa40 [ 136.734367] ____fput+0x1e/0x30 [ 136.734665] task_work_run+0x1a4/0x2d0 [ 136.734986] ? __pfx_task_work_run+0x10/0x10 [ 136.735341] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.735726] ? switch_task_namespaces+0xa9/0xe0 [ 136.736101] do_exit+0xb17/0x2ef0 [ 136.736376] ? lock_acquire+0x427/0x4c0 [ 136.736694] ? __pfx_lock_release+0x10/0x10 [ 136.737036] ? __kasan_check_write+0x18/0x20 [ 136.737384] ? do_raw_spin_lock+0x132/0x2a0 [ 136.737731] ? __pfx_do_exit+0x10/0x10 [ 136.738047] ? debug_smp_processor_id+0x20/0x30 [ 136.738413] ? rcu_is_watching+0x19/0xb0 [ 136.738756] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.739125] ? trace_hardirqs_on+0x26/0x120 [ 136.739468] do_group_exit+0xe0/0x2b0 [ 136.739768] __x64_sys_exit_group+0x47/0x50 [ 136.740103] do_syscall_64+0x3b/0x90 [ 136.740402] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.740810] RIP: 0033:0x7f4b87518a4d [ 136.741098] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.741571] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.742156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.742726] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.743278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.743824] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.744370] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.744925] [ 136.745106] irq event stamp: 0 [ 136.745350] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.745835] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.746478] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.747153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.747633] ---[ end trace 0000000000000000 ]--- [ 136.752598] ------------[ cut here ]------------ [ 136.753005] WARNING: CPU: 1 PID: 1270 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.753784] Modules linked in: [ 136.754033] CPU: 1 PID: 1270 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.754739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.755620] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.756007] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.757407] RSP: 0018:ffff88800f83fbb8 EFLAGS: 00010246 [ 136.757820] RAX: 0000000000000000 RBX: ffff8880161250a8 RCX: 0000000000000000 [ 136.758371] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 136.758940] RBP: ffff88800f83fbd0 R08: ffffed1002c24a33 R09: ffffed1002c24a33 [ 136.759506] R10: ffff888016125193 R11: ffffed1002c24a32 R12: ffff88800fbdb000 [ 136.760057] R13: ffff8880161251e8 R14: ffffffff8352e670 R15: ffff88800f83fe68 [ 136.760607] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.761224] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.761676] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 136.762226] PKRU: 55555554 [ 136.762449] Call Trace: [ 136.762670] [ 136.762849] __iommufd_access_detach+0x1c2/0x2b0 [ 136.763244] iommufd_access_change_pt+0x149/0x270 [ 136.763631] iommufd_access_replace+0xb4/0x120 [ 136.763995] iommufd_test+0x3e5/0x37e0 [ 136.764301] ? lock_release+0x532/0x770 [ 136.764620] ? __might_fault+0x102/0x1b0 [ 136.764942] ? lock_acquire+0x427/0x4c0 [ 136.765263] ? __pfx_iommufd_test+0x10/0x10 [ 136.765599] ? __pfx_lock_release+0x10/0x10 [ 136.765942] ? __pfx_lock_acquire+0x10/0x10 [ 136.766290] ? write_comp_data+0x2f/0x90 [ 136.766642] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.767027] ? write_comp_data+0x2f/0x90 [ 136.767366] iommufd_fops_ioctl+0x37d/0x510 [ 136.767707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.768105] ? write_comp_data+0x2f/0x90 [ 136.768446] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.768843] __x64_sys_ioctl+0x1a3/0x230 [ 136.769186] do_syscall_64+0x3b/0x90 [ 136.769500] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.769929] RIP: 0033:0x7f4b8743ee5d [ 136.770242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.771764] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.772392] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.772973] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.773553] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.774143] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.774756] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.775358] [ 136.775554] irq event stamp: 0 [ 136.775811] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.776328] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.777008] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.777684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.778205] ---[ end trace 0000000000000000 ]--- [ 136.781007] ------------[ cut here ]------------ [ 136.781422] WARNING: CPU: 1 PID: 1270 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.782241] Modules linked in: [ 136.782537] CPU: 1 PID: 1270 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.783262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.784183] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.784597] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.786074] RSP: 0018:ffff88800f83fbd0 EFLAGS: 00010246 [ 136.786538] RAX: 0000000000000000 RBX: ffff8880161250a8 RCX: 0000000000000000 [ 136.787128] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 136.787706] RBP: ffff88800f83fbe8 R08: ffffed1002c24a33 R09: ffffed1002c24a33 [ 136.788289] R10: ffff888016125193 R11: ffffed1002c24a32 R12: ffff888010bb4c00 [ 136.788871] R13: ffff8880161251e8 R14: ffff88800fa77d00 R15: 0000000000000000 [ 136.789450] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.790107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.790609] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.791200] PKRU: 55555554 [ 136.791437] Call Trace: [ 136.791648] [ 136.791832] iommufd_access_destroy_object+0x65/0x170 [ 136.792263] iommufd_object_destroy_user+0x18e/0x220 [ 136.792685] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.793170] iommufd_access_destroy+0x43/0x70 [ 136.793548] iommufd_test_staccess_release+0x8d/0xd0 [ 136.793973] __fput+0x26d/0xa40 [ 136.794259] ____fput+0x1e/0x30 [ 136.794573] task_work_run+0x1a4/0x2d0 [ 136.794906] ? __pfx_task_work_run+0x10/0x10 [ 136.795289] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.795714] ? switch_task_namespaces+0xa9/0xe0 [ 136.796125] do_exit+0xb17/0x2ef0 [ 136.796425] ? lock_acquire+0x427/0x4c0 [ 136.796782] ? __pfx_lock_release+0x10/0x10 [ 136.797166] ? __kasan_check_write+0x18/0x20 [ 136.797555] ? do_raw_spin_lock+0x132/0x2a0 [ 136.797932] ? __pfx_do_exit+0x10/0x10 [ 136.798275] ? debug_smp_processor_id+0x20/0x30 [ 136.798699] ? rcu_is_watching+0x19/0xb0 [ 136.799058] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.799472] ? trace_hardirqs_on+0x26/0x120 [ 136.799855] do_group_exit+0xe0/0x2b0 [ 136.800188] __x64_sys_exit_group+0x47/0x50 [ 136.800559] do_syscall_64+0x3b/0x90 [ 136.800902] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.801358] RIP: 0033:0x7f4b87518a4d [ 136.801683] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.802209] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.802902] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.803536] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.804161] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.804791] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.805415] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.806040] [ 136.806244] irq event stamp: 0 [ 136.806554] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.807105] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.807854] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.808583] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.809138] ---[ end trace 0000000000000000 ]--- [ 136.809906] ------------[ cut here ]------------ [ 136.810330] WARNING: CPU: 1 PID: 1270 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.811281] Modules linked in: [ 136.811576] CPU: 1 PID: 1270 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.812344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.813326] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.813780] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.815393] RSP: 0018:ffff88800f83fb78 EFLAGS: 00010246 [ 136.815871] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.816483] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 136.817100] RBP: ffff88800f83fb98 R08: ffffed1002c24a3e R09: ffffed1002c24a3e [ 136.817718] R10: ffff8880161251ef R11: ffffed1002c24a3d R12: ffff888016125290 [ 136.818335] R13: ffff8880161250a8 R14: ffffffffffffffff R15: ffff88800f83fc60 [ 136.818977] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.819678] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.820183] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.820802] PKRU: 55555554 [ 136.821050] Call Trace: [ 136.821274] [ 136.821474] iommufd_ioas_destroy+0x53/0x70 [ 136.821860] iommufd_fops_release+0x1f7/0x370 [ 136.822259] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.822725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.823168] ? write_comp_data+0x2f/0x90 [ 136.823533] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.823977] __fput+0x26d/0xa40 [ 136.824281] ____fput+0x1e/0x30 [ 136.824582] task_work_run+0x1a4/0x2d0 [ 136.824932] ? __pfx_task_work_run+0x10/0x10 [ 136.825324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.825753] ? switch_task_namespaces+0xa9/0xe0 [ 136.826171] do_exit+0xb17/0x2ef0 [ 136.826480] ? lock_acquire+0x427/0x4c0 [ 136.826865] ? __pfx_lock_release+0x10/0x10 [ 136.827265] ? __kasan_check_write+0x18/0x20 [ 136.827659] ? do_raw_spin_lock+0x132/0x2a0 [ 136.828036] ? __pfx_do_exit+0x10/0x10 [ 136.828385] ? debug_smp_processor_id+0x20/0x30 [ 136.828798] ? rcu_is_watching+0x19/0xb0 [ 136.829166] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.829574] ? trace_hardirqs_on+0x26/0x120 [ 136.829964] do_group_exit+0xe0/0x2b0 [ 136.830305] __x64_sys_exit_group+0x47/0x50 [ 136.830707] do_syscall_64+0x3b/0x90 [ 136.831043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.831514] RIP: 0033:0x7f4b87518a4d [ 136.831846] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.832381] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.833044] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.833669] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.834297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.834944] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.835584] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.836202] [ 136.836401] irq event stamp: 0 [ 136.836674] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.837220] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.837941] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.838684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.839238] ---[ end trace 0000000000000000 ]--- [ 136.844106] ------------[ cut here ]------------ [ 136.844578] WARNING: CPU: 1 PID: 1271 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.845460] Modules linked in: [ 136.845739] CPU: 1 PID: 1271 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.846746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.847742] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.848182] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.849760] RSP: 0018:ffff888016fefbb8 EFLAGS: 00010246 [ 136.850229] RAX: 0000000000000000 RBX: ffff8880219570a8 RCX: 0000000000000000 [ 136.850872] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 136.851505] RBP: ffff888016fefbd0 R08: ffffed100432ae33 R09: ffffed100432ae33 [ 136.852127] R10: ffff888021957193 R11: ffffed100432ae32 R12: ffff8880167aec00 [ 136.852789] R13: ffff8880219571e8 R14: ffffffff8352e670 R15: ffff888016fefe68 [ 136.853442] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.854188] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.854769] CR2: 0000000020000140 CR3: 0000000014b0c000 CR4: 0000000000750ee0 [ 136.855446] PKRU: 55555554 [ 136.855712] Call Trace: [ 136.855950] [ 136.856165] __iommufd_access_detach+0x1c2/0x2b0 [ 136.856626] iommufd_access_change_pt+0x149/0x270 [ 136.857096] iommufd_access_replace+0xb4/0x120 [ 136.857533] iommufd_test+0x3e5/0x37e0 [ 136.857897] ? lock_release+0x532/0x770 [ 136.858278] ? __might_fault+0x102/0x1b0 [ 136.858689] ? lock_acquire+0x427/0x4c0 [ 136.859070] ? __pfx_iommufd_test+0x10/0x10 [ 136.859493] ? __pfx_lock_release+0x10/0x10 [ 136.859904] ? __pfx_lock_acquire+0x10/0x10 [ 136.860315] ? write_comp_data+0x2f/0x90 [ 136.860712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.861172] ? write_comp_data+0x2f/0x90 [ 136.861558] iommufd_fops_ioctl+0x37d/0x510 [ 136.861964] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.862429] ? write_comp_data+0x2f/0x90 [ 136.862849] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.863326] __x64_sys_ioctl+0x1a3/0x230 [ 136.863727] do_syscall_64+0x3b/0x90 [ 136.864099] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.864601] RIP: 0033:0x7f4b8743ee5d [ 136.864957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.866706] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.867437] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.868098] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.868758] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.869425] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.870087] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.870802] [ 136.871028] irq event stamp: 0 [ 136.871337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.871928] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.872710] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.873484] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.874078] ---[ end trace 0000000000000000 ]--- [ 136.877130] ------------[ cut here ]------------ [ 136.877605] WARNING: CPU: 1 PID: 1271 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.878604] Modules linked in: [ 136.878909] CPU: 1 PID: 1271 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.879752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.880820] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.881299] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.883077] RSP: 0018:ffff888016fefbd0 EFLAGS: 00010246 [ 136.883601] RAX: 0000000000000000 RBX: ffff8880219570a8 RCX: 0000000000000000 [ 136.884273] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 136.884944] RBP: ffff888016fefbe8 R08: ffffed100432ae33 R09: ffffed100432ae33 [ 136.885622] R10: ffff888021957193 R11: ffffed100432ae32 R12: ffff88800fbd9c00 [ 136.886298] R13: ffff8880219571e8 R14: ffff888020de8400 R15: 0000000000000000 [ 136.887003] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.887782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.888347] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.889025] PKRU: 55555554 [ 136.889301] Call Trace: [ 136.889549] [ 136.889769] iommufd_access_destroy_object+0x65/0x170 [ 136.890274] iommufd_object_destroy_user+0x18e/0x220 [ 136.891069] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 136.891628] iommufd_access_destroy+0x43/0x70 [ 136.892059] iommufd_test_staccess_release+0x8d/0xd0 [ 136.892547] __fput+0x26d/0xa40 [ 136.892874] ____fput+0x1e/0x30 [ 136.893199] task_work_run+0x1a4/0x2d0 [ 136.893576] ? __pfx_task_work_run+0x10/0x10 [ 136.894000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.894576] ? switch_task_namespaces+0xa9/0xe0 [ 136.895303] do_exit+0xb17/0x2ef0 [ 136.895677] ? lock_acquire+0x427/0x4c0 [ 136.896100] ? __pfx_lock_release+0x10/0x10 [ 136.896548] ? __kasan_check_write+0x18/0x20 [ 136.897014] ? do_raw_spin_lock+0x132/0x2a0 [ 136.897467] ? __pfx_do_exit+0x10/0x10 [ 136.897878] ? debug_smp_processor_id+0x20/0x30 [ 136.898368] ? rcu_is_watching+0x19/0xb0 [ 136.898850] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.899340] ? trace_hardirqs_on+0x26/0x120 [ 136.899796] do_group_exit+0xe0/0x2b0 [ 136.900201] __x64_sys_exit_group+0x47/0x50 [ 136.900698] do_syscall_64+0x3b/0x90 [ 136.901319] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.901867] RIP: 0033:0x7f4b87518a4d [ 136.902255] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.902931] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.903722] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.904452] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.905187] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.906265] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.907059] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.907825] [ 136.908073] irq event stamp: 0 [ 136.908401] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.909052] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.909935] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.911175] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.911840] ---[ end trace 0000000000000000 ]--- [ 136.912728] ------------[ cut here ]------------ [ 136.913218] WARNING: CPU: 1 PID: 1271 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 136.914270] Modules linked in: [ 136.914650] CPU: 1 PID: 1271 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.915683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.917139] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 136.917683] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 136.919655] RSP: 0018:ffff888016fefb78 EFLAGS: 00010246 [ 136.920229] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.921283] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 136.922035] RBP: ffff888016fefb98 R08: ffffed100432ae3e R09: ffffed100432ae3e [ 136.922813] R10: ffff8880219571ef R11: ffffed100432ae3d R12: ffff888021957290 [ 136.923571] R13: ffff8880219570a8 R14: ffffffffffffffff R15: ffff888016fefc60 [ 136.924319] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.925245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.926107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 136.926899] PKRU: 55555554 [ 136.927210] Call Trace: [ 136.927478] [ 136.927718] iommufd_ioas_destroy+0x53/0x70 [ 136.928184] iommufd_fops_release+0x1f7/0x370 [ 136.928662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.929199] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.929761] ? write_comp_data+0x2f/0x90 [ 136.930336] ? __pfx_iommufd_fops_release+0x10/0x10 [ 136.931062] __fput+0x26d/0xa40 [ 136.931436] ____fput+0x1e/0x30 [ 136.931793] task_work_run+0x1a4/0x2d0 [ 136.932212] ? __pfx_task_work_run+0x10/0x10 [ 136.932685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.933206] ? switch_task_namespaces+0xa9/0xe0 [ 136.933705] do_exit+0xb17/0x2ef0 [ 136.934071] ? lock_acquire+0x427/0x4c0 [ 136.934503] ? __pfx_lock_release+0x10/0x10 [ 136.934994] ? __kasan_check_write+0x18/0x20 [ 136.935533] ? do_raw_spin_lock+0x132/0x2a0 [ 136.936191] ? __pfx_do_exit+0x10/0x10 [ 136.936611] ? debug_smp_processor_id+0x20/0x30 [ 136.937100] ? rcu_is_watching+0x19/0xb0 [ 136.937528] ? _raw_spin_unlock_irq+0x2b/0x60 [ 136.938007] ? trace_hardirqs_on+0x26/0x120 [ 136.938469] do_group_exit+0xe0/0x2b0 [ 136.938909] __x64_sys_exit_group+0x47/0x50 [ 136.939374] do_syscall_64+0x3b/0x90 [ 136.939779] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.940409] RIP: 0033:0x7f4b87518a4d [ 136.940979] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 136.941614] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 136.942395] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 136.943168] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 136.943910] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 136.944720] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 136.945760] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 136.946535] [ 136.946783] irq event stamp: 0 [ 136.947125] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.947775] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.948640] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.949618] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.950566] ---[ end trace 0000000000000000 ]--- [ 136.955759] ------------[ cut here ]------------ [ 136.956397] WARNING: CPU: 1 PID: 1272 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.957426] Modules linked in: [ 136.957730] CPU: 1 PID: 1272 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.958818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 136.959886] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 136.960360] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 136.962254] RSP: 0018:ffff88801285fbb8 EFLAGS: 00010246 [ 136.962789] RAX: 0000000000000000 RBX: ffff888021af48a8 RCX: 0000000000000000 [ 136.963488] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 136.964302] RBP: ffff88801285fbd0 R08: ffffed100435e933 R09: ffffed100435e933 [ 136.964971] R10: ffff888021af4993 R11: ffffed100435e932 R12: ffff8880129b7800 [ 136.965688] R13: ffff888021af49e8 R14: ffffffff8352e670 R15: ffff88801285fe68 [ 136.966481] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 136.967267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.967813] CR2: 0000000020000140 CR3: 0000000018302000 CR4: 0000000000750ee0 [ 136.968674] PKRU: 55555554 [ 136.968942] Call Trace: [ 136.969183] [ 136.969399] __iommufd_access_detach+0x1c2/0x2b0 [ 136.969862] iommufd_access_change_pt+0x149/0x270 [ 136.970329] iommufd_access_replace+0xb4/0x120 [ 136.970968] iommufd_test+0x3e5/0x37e0 [ 136.971345] ? lock_release+0x532/0x770 [ 136.971734] ? __might_fault+0x102/0x1b0 [ 136.972125] ? lock_acquire+0x427/0x4c0 [ 136.972515] ? __pfx_iommufd_test+0x10/0x10 [ 136.972926] ? __pfx_lock_release+0x10/0x10 [ 136.973433] ? __pfx_lock_acquire+0x10/0x10 [ 136.973938] ? write_comp_data+0x2f/0x90 [ 136.974337] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 136.974838] ? write_comp_data+0x2f/0x90 [ 136.975249] iommufd_fops_ioctl+0x37d/0x510 [ 136.975665] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.976304] ? write_comp_data+0x2f/0x90 [ 136.976699] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 136.977150] __x64_sys_ioctl+0x1a3/0x230 [ 136.977545] do_syscall_64+0x3b/0x90 [ 136.977909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 136.978610] RIP: 0033:0x7f4b8743ee5d [ 136.978957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 136.980750] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 136.981553] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 136.982209] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 136.982981] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 136.983958] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 136.984838] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 136.985841] [ 136.986134] irq event stamp: 0 [ 136.986600] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 136.987394] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 136.988613] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 136.989622] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.990566] ---[ end trace 0000000000000000 ]--- [ 136.995568] ------------[ cut here ]------------ [ 136.996162] WARNING: CPU: 1 PID: 1272 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 136.997484] Modules linked in: [ 136.997868] CPU: 1 PID: 1272 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 136.999123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.000209] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.000652] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.002713] RSP: 0018:ffff88801285fbd0 EFLAGS: 00010246 [ 137.003251] RAX: 0000000000000000 RBX: ffff888021af48a8 RCX: 0000000000000000 [ 137.003999] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 137.004606] RBP: ffff88801285fbe8 R08: ffffed100435e933 R09: ffffed100435e933 [ 137.005274] R10: ffff888021af4993 R11: ffffed100435e932 R12: ffff8880167ae000 [ 137.005970] R13: ffff888021af49e8 R14: ffff888013555b00 R15: 0000000000000000 [ 137.006606] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.007308] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.007940] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.008556] PKRU: 55555554 [ 137.008800] Call Trace: [ 137.009021] [ 137.009220] iommufd_access_destroy_object+0x65/0x170 [ 137.009755] iommufd_object_destroy_user+0x18e/0x220 [ 137.010268] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.010812] iommufd_access_destroy+0x43/0x70 [ 137.011232] iommufd_test_staccess_release+0x8d/0xd0 [ 137.011694] __fput+0x26d/0xa40 [ 137.012013] ____fput+0x1e/0x30 [ 137.012390] task_work_run+0x1a4/0x2d0 [ 137.012800] ? __pfx_task_work_run+0x10/0x10 [ 137.013190] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.013621] ? switch_task_namespaces+0xa9/0xe0 [ 137.014043] do_exit+0xb17/0x2ef0 [ 137.014414] ? lock_acquire+0x427/0x4c0 [ 137.014873] ? __pfx_lock_release+0x10/0x10 [ 137.015271] ? __kasan_check_write+0x18/0x20 [ 137.015659] ? do_raw_spin_lock+0x132/0x2a0 [ 137.016035] ? __pfx_do_exit+0x10/0x10 [ 137.016386] ? debug_smp_processor_id+0x20/0x30 [ 137.016840] ? rcu_is_watching+0x19/0xb0 [ 137.017273] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.017670] ? trace_hardirqs_on+0x26/0x120 [ 137.018054] do_group_exit+0xe0/0x2b0 [ 137.018396] __x64_sys_exit_group+0x47/0x50 [ 137.018817] do_syscall_64+0x3b/0x90 [ 137.019283] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.019748] RIP: 0033:0x7f4b87518a4d [ 137.020079] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.020618] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.021329] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.022046] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.022702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.023336] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.024120] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.024748] [ 137.024957] irq event stamp: 0 [ 137.025239] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.025818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.026656] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.027396] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.027947] ---[ end trace 0000000000000000 ]--- [ 137.028881] ------------[ cut here ]------------ [ 137.029295] WARNING: CPU: 1 PID: 1272 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.030220] Modules linked in: [ 137.030632] CPU: 1 PID: 1272 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.031413] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.032405] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.032860] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.034637] RSP: 0018:ffff88801285fb78 EFLAGS: 00010246 [ 137.035105] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.035882] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 137.036509] RBP: ffff88801285fb98 R08: ffffed100435e93e R09: ffffed100435e93e [ 137.037130] R10: ffff888021af49ef R11: ffffed100435e93d R12: ffff888021af4a90 [ 137.037825] R13: ffff888021af48a8 R14: ffffffffffffffff R15: ffff88801285fc60 [ 137.038539] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.039252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.039757] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.040534] PKRU: 55555554 [ 137.040784] Call Trace: [ 137.041009] [ 137.041209] iommufd_ioas_destroy+0x53/0x70 [ 137.041603] iommufd_fops_release+0x1f7/0x370 [ 137.042004] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.042596] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.043037] ? write_comp_data+0x2f/0x90 [ 137.043423] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.043868] __fput+0x26d/0xa40 [ 137.044173] ____fput+0x1e/0x30 [ 137.044479] task_work_run+0x1a4/0x2d0 [ 137.044921] ? __pfx_task_work_run+0x10/0x10 [ 137.045383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.045815] ? switch_task_namespaces+0xa9/0xe0 [ 137.046236] do_exit+0xb17/0x2ef0 [ 137.046577] ? lock_acquire+0x427/0x4c0 [ 137.046938] ? __pfx_lock_release+0x10/0x10 [ 137.047423] ? __kasan_check_write+0x18/0x20 [ 137.047855] ? do_raw_spin_lock+0x132/0x2a0 [ 137.048238] ? __pfx_do_exit+0x10/0x10 [ 137.048590] ? debug_smp_processor_id+0x20/0x30 [ 137.049001] ? rcu_is_watching+0x19/0xb0 [ 137.049439] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.049904] ? trace_hardirqs_on+0x26/0x120 [ 137.050286] do_group_exit+0xe0/0x2b0 [ 137.050659] __x64_sys_exit_group+0x47/0x50 [ 137.051033] do_syscall_64+0x3b/0x90 [ 137.051384] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.051890] RIP: 0033:0x7f4b87518a4d [ 137.052314] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.052847] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.053511] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.054162] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.054907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.055540] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.056159] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.056961] [ 137.057168] irq event stamp: 0 [ 137.057446] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.057998] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.058797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.059624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.060177] ---[ end trace 0000000000000000 ]--- [ 137.064215] ------------[ cut here ]------------ [ 137.064677] WARNING: CPU: 1 PID: 1273 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.065715] Modules linked in: [ 137.065995] CPU: 1 PID: 1273 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.066779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.067856] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.068367] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.070071] RSP: 0018:ffff888016fefbb8 EFLAGS: 00010246 [ 137.070569] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 137.071201] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 137.071813] RBP: ffff888016fefbd0 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 137.072572] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff88801341fc00 [ 137.073187] R13: ffff88801587c9e8 R14: ffffffff8352e670 R15: ffff888016fefe68 [ 137.073808] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.074669] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.075193] CR2: 00007f4b877410e8 CR3: 0000000018302000 CR4: 0000000000750ee0 [ 137.075819] PKRU: 55555554 [ 137.076067] Call Trace: [ 137.076293] [ 137.076535] __iommufd_access_detach+0x1c2/0x2b0 [ 137.077077] iommufd_access_change_pt+0x149/0x270 [ 137.077512] iommufd_access_replace+0xb4/0x120 [ 137.077922] iommufd_test+0x3e5/0x37e0 [ 137.078263] ? lock_release+0x532/0x770 [ 137.078668] ? __might_fault+0x102/0x1b0 [ 137.079129] ? lock_acquire+0x427/0x4c0 [ 137.079489] ? __pfx_iommufd_test+0x10/0x10 [ 137.079864] ? __pfx_lock_release+0x10/0x10 [ 137.080247] ? __pfx_lock_acquire+0x10/0x10 [ 137.080636] ? write_comp_data+0x2f/0x90 [ 137.081010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.081575] ? write_comp_data+0x2f/0x90 [ 137.081945] iommufd_fops_ioctl+0x37d/0x510 [ 137.082336] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.082793] ? write_comp_data+0x2f/0x90 [ 137.083166] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.083629] __x64_sys_ioctl+0x1a3/0x230 [ 137.084096] do_syscall_64+0x3b/0x90 [ 137.084436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.084897] RIP: 0033:0x7f4b8743ee5d [ 137.085227] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.086989] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.087681] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.088461] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.089079] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.089698] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.090454] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.091123] [ 137.091338] irq event stamp: 0 [ 137.091620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.092169] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.093053] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.093780] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.094330] ---[ end trace 0000000000000000 ]--- [ 137.097405] ------------[ cut here ]------------ [ 137.097848] WARNING: CPU: 1 PID: 1273 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.098796] Modules linked in: [ 137.099085] CPU: 1 PID: 1273 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.100035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.101014] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.101483] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.103195] RSP: 0018:ffff888016fefbd0 EFLAGS: 00010246 [ 137.103661] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 137.104427] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 137.105048] RBP: ffff888016fefbe8 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 137.105667] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff8880129b6800 [ 137.106428] R13: ffff88801587c9e8 R14: ffff888012bf9900 R15: 0000000000000000 [ 137.107075] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.107807] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.108388] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.109162] PKRU: 55555554 [ 137.109423] Call Trace: [ 137.109665] [ 137.109887] iommufd_access_destroy_object+0x65/0x170 [ 137.110367] iommufd_object_destroy_user+0x18e/0x220 [ 137.110912] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.111483] iommufd_access_destroy+0x43/0x70 [ 137.111900] iommufd_test_staccess_release+0x8d/0xd0 [ 137.112366] __fput+0x26d/0xa40 [ 137.112681] ____fput+0x1e/0x30 [ 137.112999] task_work_run+0x1a4/0x2d0 [ 137.113366] ? __pfx_task_work_run+0x10/0x10 [ 137.113773] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.114217] ? switch_task_namespaces+0xa9/0xe0 [ 137.114679] do_exit+0xb17/0x2ef0 [ 137.114999] ? lock_acquire+0x427/0x4c0 [ 137.115384] ? __pfx_lock_release+0x10/0x10 [ 137.115790] ? __kasan_check_write+0x18/0x20 [ 137.116200] ? do_raw_spin_lock+0x132/0x2a0 [ 137.116604] ? __pfx_do_exit+0x10/0x10 [ 137.116971] ? debug_smp_processor_id+0x20/0x30 [ 137.117409] ? rcu_is_watching+0x19/0xb0 [ 137.117786] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.118206] ? trace_hardirqs_on+0x26/0x120 [ 137.118627] do_group_exit+0xe0/0x2b0 [ 137.118982] __x64_sys_exit_group+0x47/0x50 [ 137.119386] do_syscall_64+0x3b/0x90 [ 137.119739] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.120224] RIP: 0033:0x7f4b87518a4d [ 137.120570] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.121149] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.121842] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.122495] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.123201] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.123840] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.124485] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.125142] [ 137.125362] irq event stamp: 0 [ 137.125652] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.126230] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.127020] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.127797] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.128378] ---[ end trace 0000000000000000 ]--- [ 137.129222] ------------[ cut here ]------------ [ 137.129658] WARNING: CPU: 1 PID: 1273 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.130746] Modules linked in: [ 137.131031] CPU: 1 PID: 1273 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.131804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.132794] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.133243] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.134837] RSP: 0018:ffff888016fefb78 EFLAGS: 00010246 [ 137.135305] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.135912] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 137.136521] RBP: ffff888016fefb98 R08: ffffed1002b0f93e R09: ffffed1002b0f93e [ 137.137129] R10: ffff88801587c9ef R11: ffffed1002b0f93d R12: ffff88801587ca90 [ 137.137739] R13: ffff88801587c8a8 R14: ffffffffffffffff R15: ffff888016fefc60 [ 137.138345] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.139069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.139584] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.140205] PKRU: 55555554 [ 137.140450] Call Trace: [ 137.140667] [ 137.140864] iommufd_ioas_destroy+0x53/0x70 [ 137.141250] iommufd_fops_release+0x1f7/0x370 [ 137.141643] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.142074] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.142534] ? write_comp_data+0x2f/0x90 [ 137.142847] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 137.142906] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.144759] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 137.145141] __fput+0x26d/0xa40 [ 137.146709] ____fput+0x1e/0x30 [ 137.147011] task_work_run+0x1a4/0x2d0 [ 137.147366] ? __pfx_task_work_run+0x10/0x10 [ 137.147759] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.148191] ? switch_task_namespaces+0xa9/0xe0 [ 137.148609] do_exit+0xb17/0x2ef0 [ 137.148914] ? lock_acquire+0x427/0x4c0 [ 137.149272] ? __pfx_lock_release+0x10/0x10 [ 137.149654] ? __kasan_check_write+0x18/0x20 [ 137.150042] ? do_raw_spin_lock+0x132/0x2a0 [ 137.150420] ? __pfx_do_exit+0x10/0x10 [ 137.150792] ? debug_smp_processor_id+0x20/0x30 [ 137.151220] ? rcu_is_watching+0x19/0xb0 [ 137.151583] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.151987] ? trace_hardirqs_on+0x26/0x120 [ 137.152363] do_group_exit+0xe0/0x2b0 [ 137.152696] __x64_sys_exit_group+0x47/0x50 [ 137.153073] do_syscall_64+0x3b/0x90 [ 137.153404] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.153869] RIP: 0033:0x7f4b87518a4d [ 137.154196] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.154746] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.155418] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.156039] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.156656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.157275] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.157890] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.158536] [ 137.158742] irq event stamp: 0 [ 137.159011] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.159569] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.160307] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.161019] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.161560] ---[ end trace 0000000000000000 ]--- [ 137.165342] ------------[ cut here ]------------ [ 137.165794] WARNING: CPU: 1 PID: 1275 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.166701] Modules linked in: [ 137.166977] CPU: 1 PID: 1275 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.167730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.168677] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.169096] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.170664] RSP: 0018:ffff88801285fbb8 EFLAGS: 00010246 [ 137.171121] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 137.171723] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 137.172325] RBP: ffff88801285fbd0 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 137.172938] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff88801890e000 [ 137.173556] R13: ffff8880178189e8 R14: ffffffff8352e670 R15: ffff88801285fe68 [ 137.174187] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.174917] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.175503] CR2: 0000000020000140 CR3: 0000000018302000 CR4: 0000000000750ee0 [ 137.176303] PKRU: 55555554 [ 137.176556] Call Trace: [ 137.176776] [ 137.176972] __iommufd_access_detach+0x1c2/0x2b0 [ 137.177391] iommufd_access_change_pt+0x149/0x270 [ 137.177818] iommufd_access_replace+0xb4/0x120 [ 137.178257] iommufd_test+0x3e5/0x37e0 [ 137.178735] ? lock_release+0x532/0x770 [ 137.179097] ? __might_fault+0x102/0x1b0 [ 137.179480] ? lock_acquire+0x427/0x4c0 [ 137.179841] ? __pfx_iommufd_test+0x10/0x10 [ 137.180219] ? __pfx_lock_release+0x10/0x10 [ 137.180604] ? __pfx_lock_acquire+0x10/0x10 [ 137.180993] ? write_comp_data+0x2f/0x90 [ 137.181356] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.181790] ? write_comp_data+0x2f/0x90 [ 137.182155] iommufd_fops_ioctl+0x37d/0x510 [ 137.182567] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.183000] ? write_comp_data+0x2f/0x90 [ 137.183386] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.183820] __x64_sys_ioctl+0x1a3/0x230 [ 137.184193] do_syscall_64+0x3b/0x90 [ 137.184535] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.185196] RIP: 0033:0x7f4b8743ee5d [ 137.185525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.187299] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.187963] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.188577] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.189187] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.189800] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.190411] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.191044] [ 137.191258] irq event stamp: 0 [ 137.191531] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.192080] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.192980] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.193700] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.194248] ---[ end trace 0000000000000000 ]--- [ 137.197378] ------------[ cut here ]------------ [ 137.197825] WARNING: CPU: 1 PID: 1275 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.198761] Modules linked in: [ 137.199041] CPU: 1 PID: 1275 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.199962] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.200910] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.201356] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.203063] RSP: 0018:ffff88801285fbd0 EFLAGS: 00010246 [ 137.203528] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 137.204291] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 137.204910] RBP: ffff88801285fbe8 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 137.205528] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff88801341dc00 [ 137.206283] R13: ffff8880178189e8 R14: ffff888021839100 R15: 0000000000000000 [ 137.206917] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.207632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.208192] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 137.208909] PKRU: 55555554 [ 137.209157] Call Trace: [ 137.209385] [ 137.209591] iommufd_access_destroy_object+0x65/0x170 [ 137.210048] iommufd_object_destroy_user+0x18e/0x220 [ 137.210636] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.211152] iommufd_access_destroy+0x43/0x70 [ 137.211548] iommufd_test_staccess_release+0x8d/0xd0 [ 137.211993] __fput+0x26d/0xa40 [ 137.212295] ____fput+0x1e/0x30 [ 137.212634] task_work_run+0x1a4/0x2d0 [ 137.213069] ? __pfx_task_work_run+0x10/0x10 [ 137.213460] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.213893] ? switch_task_namespaces+0xa9/0xe0 [ 137.214309] do_exit+0xb17/0x2ef0 [ 137.214732] ? lock_acquire+0x427/0x4c0 [ 137.215105] ? __pfx_lock_release+0x10/0x10 [ 137.215504] ? __kasan_check_write+0x18/0x20 [ 137.215899] ? do_raw_spin_lock+0x132/0x2a0 [ 137.216288] ? __pfx_do_exit+0x10/0x10 [ 137.216636] ? debug_smp_processor_id+0x20/0x30 [ 137.217130] ? rcu_is_watching+0x19/0xb0 [ 137.217551] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.217954] ? trace_hardirqs_on+0x26/0x120 [ 137.218341] do_group_exit+0xe0/0x2b0 [ 137.218710] __x64_sys_exit_group+0x47/0x50 [ 137.219094] do_syscall_64+0x3b/0x90 [ 137.219488] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.220034] RIP: 0033:0x7f4b87518a4d [ 137.220366] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.220899] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.221640] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.222315] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.222960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.223590] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.224362] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.224988] [ 137.225196] irq event stamp: 0 [ 137.225480] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.226115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.226930] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.227677] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.228227] ---[ end trace 0000000000000000 ]--- [ 137.229186] ------------[ cut here ]------------ [ 137.229612] WARNING: CPU: 1 PID: 1275 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.230585] Modules linked in: [ 137.230933] CPU: 1 PID: 1275 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.231716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.232692] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.233137] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.234917] RSP: 0018:ffff88801285fb78 EFLAGS: 00010246 [ 137.235391] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.236101] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 137.236783] RBP: ffff88801285fb98 R08: ffffed1002f0313e R09: ffffed1002f0313e [ 137.237421] R10: ffff8880178189ef R11: ffffed1002f0313d R12: ffff888017818a90 [ 137.238034] R13: ffff8880178188a8 R14: ffffffffffffffff R15: ffff88801285fc60 [ 137.238674] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.239390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.239892] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 137.240504] PKRU: 55555554 [ 137.240746] Call Trace: [ 137.240970] [ 137.241163] iommufd_ioas_destroy+0x53/0x70 [ 137.241539] iommufd_fops_release+0x1f7/0x370 [ 137.241929] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.242359] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.242807] ? write_comp_data+0x2f/0x90 [ 137.243184] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.243625] __fput+0x26d/0xa40 [ 137.243922] ____fput+0x1e/0x30 [ 137.244217] task_work_run+0x1a4/0x2d0 [ 137.244562] ? __pfx_task_work_run+0x10/0x10 [ 137.244954] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.245386] ? switch_task_namespaces+0xa9/0xe0 [ 137.245795] do_exit+0xb17/0x2ef0 [ 137.246093] ? lock_acquire+0x427/0x4c0 [ 137.246451] ? __pfx_lock_release+0x10/0x10 [ 137.246852] ? __kasan_check_write+0x18/0x20 [ 137.247247] ? do_raw_spin_lock+0x132/0x2a0 [ 137.247619] ? __pfx_do_exit+0x10/0x10 [ 137.247961] ? debug_smp_processor_id+0x20/0x30 [ 137.248359] ? rcu_is_watching+0x19/0xb0 [ 137.248707] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.249101] ? trace_hardirqs_on+0x26/0x120 [ 137.249483] do_group_exit+0xe0/0x2b0 [ 137.249820] __x64_sys_exit_group+0x47/0x50 [ 137.250197] do_syscall_64+0x3b/0x90 [ 137.250548] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.251000] RIP: 0033:0x7f4b87518a4d [ 137.251333] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.251853] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.252504] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.253121] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.253735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.254337] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.254972] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.255600] [ 137.255800] irq event stamp: 0 [ 137.256067] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.256606] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.257327] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.258034] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.258601] ---[ end trace 0000000000000000 ]--- [ 137.263040] ------------[ cut here ]------------ [ 137.263517] WARNING: CPU: 1 PID: 1276 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.264397] Modules linked in: [ 137.264675] CPU: 1 PID: 1276 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.265428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.266398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.266868] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.268484] RSP: 0018:ffff888013637bb8 EFLAGS: 00010246 [ 137.268939] RAX: 0000000000000000 RBX: ffff888020c1b8a8 RCX: 0000000000000000 [ 137.269544] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 137.270144] RBP: ffff888013637bd0 R08: ffffed1004183733 R09: ffffed1004183733 [ 137.270768] R10: ffff888020c1b993 R11: ffffed1004183732 R12: ffff8880129c6400 [ 137.271385] R13: ffff888020c1b9e8 R14: ffffffff8352e670 R15: ffff888013637e68 [ 137.272005] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.272690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.273159] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ee0 [ 137.273728] PKRU: 55555554 [ 137.273957] Call Trace: [ 137.274162] [ 137.274344] __iommufd_access_detach+0x1c2/0x2b0 [ 137.274760] iommufd_access_change_pt+0x149/0x270 [ 137.275167] iommufd_access_replace+0xb4/0x120 [ 137.275547] iommufd_test+0x3e5/0x37e0 [ 137.275861] ? lock_release+0x532/0x770 [ 137.276193] ? __might_fault+0x102/0x1b0 [ 137.276527] ? lock_acquire+0x427/0x4c0 [ 137.276861] ? __pfx_iommufd_test+0x10/0x10 [ 137.277209] ? __pfx_lock_release+0x10/0x10 [ 137.277570] ? __pfx_lock_acquire+0x10/0x10 [ 137.277926] ? write_comp_data+0x2f/0x90 [ 137.278264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.278683] ? write_comp_data+0x2f/0x90 [ 137.279028] iommufd_fops_ioctl+0x37d/0x510 [ 137.279397] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.279804] ? write_comp_data+0x2f/0x90 [ 137.280144] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.280538] __x64_sys_ioctl+0x1a3/0x230 [ 137.280885] do_syscall_64+0x3b/0x90 [ 137.281197] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.281627] RIP: 0033:0x7f4b8743ee5d [ 137.281927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.283411] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.284030] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.284601] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.285177] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.285749] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.286324] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.286941] [ 137.287151] irq event stamp: 0 [ 137.287409] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.287918] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.288593] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.289262] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.289771] ---[ end trace 0000000000000000 ]--- [ 137.292562] ------------[ cut here ]------------ [ 137.292978] WARNING: CPU: 1 PID: 1276 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.293796] Modules linked in: [ 137.294052] CPU: 1 PID: 1276 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.294779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.295693] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.296093] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.297550] RSP: 0018:ffff888013637bd0 EFLAGS: 00010246 [ 137.297977] RAX: 0000000000000000 RBX: ffff888020c1b8a8 RCX: 0000000000000000 [ 137.298560] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 137.299140] RBP: ffff888013637be8 R08: ffffed1004183733 R09: ffffed1004183733 [ 137.299712] R10: ffff888020c1b993 R11: ffffed1004183732 R12: ffff88801890e800 [ 137.300290] R13: ffff888020c1b9e8 R14: ffff88800fa29400 R15: 0000000000000000 [ 137.300860] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.301510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.301974] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.302575] PKRU: 55555554 [ 137.302806] Call Trace: [ 137.303026] [ 137.303217] iommufd_access_destroy_object+0x65/0x170 [ 137.303641] iommufd_object_destroy_user+0x18e/0x220 [ 137.304059] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.304530] iommufd_access_destroy+0x43/0x70 [ 137.304900] iommufd_test_staccess_release+0x8d/0xd0 [ 137.305318] __fput+0x26d/0xa40 [ 137.305602] ____fput+0x1e/0x30 [ 137.305876] task_work_run+0x1a4/0x2d0 [ 137.306197] ? __pfx_task_work_run+0x10/0x10 [ 137.306582] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.306989] ? switch_task_namespaces+0xa9/0xe0 [ 137.307386] do_exit+0xb17/0x2ef0 [ 137.307665] ? lock_acquire+0x427/0x4c0 [ 137.307995] ? __pfx_lock_release+0x10/0x10 [ 137.308348] ? __kasan_check_write+0x18/0x20 [ 137.308702] ? do_raw_spin_lock+0x132/0x2a0 [ 137.309050] ? __pfx_do_exit+0x10/0x10 [ 137.309371] ? debug_smp_processor_id+0x20/0x30 [ 137.309746] ? rcu_is_watching+0x19/0xb0 [ 137.310071] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.310442] ? trace_hardirqs_on+0x26/0x120 [ 137.310812] do_group_exit+0xe0/0x2b0 [ 137.311127] __x64_sys_exit_group+0x47/0x50 [ 137.311475] do_syscall_64+0x3b/0x90 [ 137.311781] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.312199] RIP: 0033:0x7f4b87518a4d [ 137.312495] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.312983] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.313581] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.314143] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.314723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.315279] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.315825] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.316373] [ 137.316554] irq event stamp: 0 [ 137.316797] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.317279] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.317918] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.318575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.319056] ---[ end trace 0000000000000000 ]--- [ 137.319764] ------------[ cut here ]------------ [ 137.320134] WARNING: CPU: 1 PID: 1276 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.320920] Modules linked in: [ 137.321167] CPU: 1 PID: 1276 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.321833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.322714] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.323124] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.324530] RSP: 0018:ffff888013637b78 EFLAGS: 00010246 [ 137.324944] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.325489] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 137.326032] RBP: ffff888013637b98 R08: ffffed100418373e R09: ffffed100418373e [ 137.326597] R10: ffff888020c1b9ef R11: ffffed100418373d R12: ffff888020c1ba90 [ 137.327154] R13: ffff888020c1b8a8 R14: ffffffffffffffff R15: ffff888013637c60 [ 137.327698] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.328312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.328756] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.329301] PKRU: 55555554 [ 137.329519] Call Trace: [ 137.329719] [ 137.329894] iommufd_ioas_destroy+0x53/0x70 [ 137.330234] iommufd_fops_release+0x1f7/0x370 [ 137.330604] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.330988] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.331382] ? write_comp_data+0x2f/0x90 [ 137.331703] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.332090] __fput+0x26d/0xa40 [ 137.332361] ____fput+0x1e/0x30 [ 137.332626] task_work_run+0x1a4/0x2d0 [ 137.332933] ? __pfx_task_work_run+0x10/0x10 [ 137.333277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.333649] ? switch_task_namespaces+0xa9/0xe0 [ 137.334010] do_exit+0xb17/0x2ef0 [ 137.334278] ? lock_acquire+0x427/0x4c0 [ 137.334610] ? __pfx_lock_release+0x10/0x10 [ 137.334946] ? __kasan_check_write+0x18/0x20 [ 137.335292] ? do_raw_spin_lock+0x132/0x2a0 [ 137.335621] ? __pfx_do_exit+0x10/0x10 [ 137.335929] ? debug_smp_processor_id+0x20/0x30 [ 137.336293] ? rcu_is_watching+0x19/0xb0 [ 137.336610] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.336960] ? trace_hardirqs_on+0x26/0x120 [ 137.337292] do_group_exit+0xe0/0x2b0 [ 137.337584] __x64_sys_exit_group+0x47/0x50 [ 137.337910] do_syscall_64+0x3b/0x90 [ 137.338202] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.338619] RIP: 0033:0x7f4b87518a4d [ 137.338901] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.339412] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.339983] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.340516] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.341053] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.341597] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.342137] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.342704] [ 137.342884] irq event stamp: 0 [ 137.343132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.343610] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.344249] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.344899] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.345379] ---[ end trace 0000000000000000 ]--- [ 137.349686] ------------[ cut here ]------------ [ 137.350093] WARNING: CPU: 0 PID: 1277 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.350991] Modules linked in: [ 137.351261] CPU: 0 PID: 1277 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.351912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.352758] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.353131] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.354526] RSP: 0018:ffff8880185efbb8 EFLAGS: 00010246 [ 137.354923] RAX: 0000000000000000 RBX: ffff888012b2e0a8 RCX: 0000000000000000 [ 137.355473] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 137.356000] RBP: ffff8880185efbd0 R08: ffffed1002565c33 R09: ffffed1002565c33 [ 137.356545] R10: ffff888012b2e193 R11: ffffed1002565c32 R12: ffff88800fbdbc00 [ 137.357072] R13: ffff888012b2e1e8 R14: ffffffff8352e670 R15: ffff8880185efe68 [ 137.357611] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.358206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.358661] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ef0 [ 137.359201] PKRU: 55555554 [ 137.359415] Call Trace: [ 137.359607] [ 137.359789] __iommufd_access_detach+0x1c2/0x2b0 [ 137.360156] iommufd_access_change_pt+0x149/0x270 [ 137.360527] iommufd_access_replace+0xb4/0x120 [ 137.360892] iommufd_test+0x3e5/0x37e0 [ 137.361184] ? lock_release+0x532/0x770 [ 137.361491] ? __might_fault+0x102/0x1b0 [ 137.361800] ? lock_acquire+0x427/0x4c0 [ 137.362110] ? __pfx_iommufd_test+0x10/0x10 [ 137.362426] ? __pfx_lock_release+0x10/0x10 [ 137.362766] ? __pfx_lock_acquire+0x10/0x10 [ 137.363104] ? write_comp_data+0x2f/0x90 [ 137.363426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.363793] ? write_comp_data+0x2f/0x90 [ 137.364116] iommufd_fops_ioctl+0x37d/0x510 [ 137.364443] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.364811] ? write_comp_data+0x2f/0x90 [ 137.365139] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.365504] __x64_sys_ioctl+0x1a3/0x230 [ 137.365818] do_syscall_64+0x3b/0x90 [ 137.366110] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.366526] RIP: 0033:0x7f4b8743ee5d [ 137.366810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.368176] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.368752] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.369278] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.369819] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.370348] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.370908] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.371458] [ 137.371646] irq event stamp: 0 [ 137.371885] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.372352] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.372993] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.373614] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.374091] ---[ end trace 0000000000000000 ]--- [ 137.376763] ------------[ cut here ]------------ [ 137.377159] WARNING: CPU: 0 PID: 1277 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.377908] Modules linked in: [ 137.378160] CPU: 0 PID: 1277 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.378829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.379681] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.380050] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.381413] RSP: 0018:ffff8880185efbd0 EFLAGS: 00010246 [ 137.381804] RAX: 0000000000000000 RBX: ffff888012b2e0a8 RCX: 0000000000000000 [ 137.382327] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 137.382882] RBP: ffff8880185efbe8 R08: ffffed1002565c33 R09: ffffed1002565c33 [ 137.383420] R10: ffff888012b2e193 R11: ffffed1002565c32 R12: ffff888014763000 [ 137.383956] R13: ffff888012b2e1e8 R14: ffff888013d1d500 R15: 0000000000000000 [ 137.384483] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.385084] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.385511] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 137.386050] PKRU: 55555554 [ 137.386261] Call Trace: [ 137.386453] [ 137.386640] iommufd_access_destroy_object+0x65/0x170 [ 137.387039] iommufd_object_destroy_user+0x18e/0x220 [ 137.387432] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.387881] iommufd_access_destroy+0x43/0x70 [ 137.388225] iommufd_test_staccess_release+0x8d/0xd0 [ 137.388610] __fput+0x26d/0xa40 [ 137.388882] ____fput+0x1e/0x30 [ 137.389134] task_work_run+0x1a4/0x2d0 [ 137.389432] ? __pfx_task_work_run+0x10/0x10 [ 137.389766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.390145] ? switch_task_namespaces+0xa9/0xe0 [ 137.390501] do_exit+0xb17/0x2ef0 [ 137.390779] ? lock_acquire+0x427/0x4c0 [ 137.391096] ? __pfx_lock_release+0x10/0x10 [ 137.391431] ? __kasan_check_write+0x18/0x20 [ 137.391763] ? do_raw_spin_lock+0x132/0x2a0 [ 137.392097] ? __pfx_do_exit+0x10/0x10 [ 137.392400] ? debug_smp_processor_id+0x20/0x30 [ 137.392748] ? rcu_is_watching+0x19/0xb0 [ 137.393053] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.393406] ? trace_hardirqs_on+0x26/0x120 [ 137.393738] do_group_exit+0xe0/0x2b0 [ 137.394024] __x64_sys_exit_group+0x47/0x50 [ 137.394355] do_syscall_64+0x3b/0x90 [ 137.394656] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.395048] RIP: 0033:0x7f4b87518a4d [ 137.395347] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.395804] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.396371] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.396904] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.397429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.397972] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.398494] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.399061] [ 137.399244] irq event stamp: 0 [ 137.399479] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.399953] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.400571] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.401198] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.401663] ---[ end trace 0000000000000000 ]--- [ 137.402349] ------------[ cut here ]------------ [ 137.402746] WARNING: CPU: 0 PID: 1277 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.403639] Modules linked in: [ 137.404021] CPU: 0 PID: 1277 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.404668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.405522] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.405922] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.407452] RSP: 0018:ffff8880185efb78 EFLAGS: 00010246 [ 137.407849] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.408384] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 137.408910] RBP: ffff8880185efb98 R08: ffffed1002565c3e R09: ffffed1002565c3e [ 137.409448] R10: ffff888012b2e1ef R11: ffffed1002565c3d R12: ffff888012b2e290 [ 137.409976] R13: ffff888012b2e0a8 R14: ffffffffffffffff R15: ffff8880185efc60 [ 137.410535] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.411139] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.411580] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 137.412107] PKRU: 55555554 [ 137.412318] Call Trace: [ 137.412509] [ 137.412689] iommufd_ioas_destroy+0x53/0x70 [ 137.413015] iommufd_fops_release+0x1f7/0x370 [ 137.413355] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.413743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.414114] ? write_comp_data+0x2f/0x90 [ 137.414430] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.414833] __fput+0x26d/0xa40 [ 137.415095] ____fput+0x1e/0x30 [ 137.415355] task_work_run+0x1a4/0x2d0 [ 137.415656] ? __pfx_task_work_run+0x10/0x10 [ 137.416007] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.416374] ? switch_task_namespaces+0xa9/0xe0 [ 137.416734] do_exit+0xb17/0x2ef0 [ 137.417008] ? lock_acquire+0x427/0x4c0 [ 137.417312] ? __pfx_lock_release+0x10/0x10 [ 137.417639] ? __kasan_check_write+0x18/0x20 [ 137.417982] ? do_raw_spin_lock+0x132/0x2a0 [ 137.418305] ? __pfx_do_exit+0x10/0x10 [ 137.418619] ? debug_smp_processor_id+0x20/0x30 [ 137.418974] ? rcu_is_watching+0x19/0xb0 [ 137.419298] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.419644] ? trace_hardirqs_on+0x26/0x120 [ 137.419970] do_group_exit+0xe0/0x2b0 [ 137.420267] __x64_sys_exit_group+0x47/0x50 [ 137.420589] do_syscall_64+0x3b/0x90 [ 137.420873] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.421276] RIP: 0033:0x7f4b87518a4d [ 137.421553] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.422011] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.422597] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.423129] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.423668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.424198] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.424739] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.425274] [ 137.425457] irq event stamp: 0 [ 137.425694] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.426159] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.426805] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.427425] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.427901] ---[ end trace 0000000000000000 ]--- [ 137.431787] ------------[ cut here ]------------ [ 137.432307] WARNING: CPU: 0 PID: 1278 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.433074] Modules linked in: [ 137.433325] CPU: 0 PID: 1278 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.433971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.435020] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.435417] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.436773] RSP: 0018:ffff888020bdfbb8 EFLAGS: 00010246 [ 137.437169] RAX: 0000000000000000 RBX: ffff888015d6c0a8 RCX: 0000000000000000 [ 137.437705] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 137.438236] RBP: ffff888020bdfbd0 R08: ffffed1002bad833 R09: ffffed1002bad833 [ 137.438802] R10: ffff888015d6c193 R11: ffffed1002bad832 R12: ffff888010bb4800 [ 137.439341] R13: ffff888015d6c1e8 R14: ffffffff8352e670 R15: ffff888020bdfe68 [ 137.439883] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.440476] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.440932] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ef0 [ 137.441465] PKRU: 55555554 [ 137.441686] Call Trace: [ 137.441892] [ 137.442063] __iommufd_access_detach+0x1c2/0x2b0 [ 137.442430] iommufd_access_change_pt+0x149/0x270 [ 137.442823] iommufd_access_replace+0xb4/0x120 [ 137.443198] iommufd_test+0x3e5/0x37e0 [ 137.443493] ? lock_release+0x532/0x770 [ 137.443801] ? __might_fault+0x102/0x1b0 [ 137.444125] ? lock_acquire+0x427/0x4c0 [ 137.444433] ? __pfx_iommufd_test+0x10/0x10 [ 137.444755] ? __pfx_lock_release+0x10/0x10 [ 137.445096] ? __pfx_lock_acquire+0x10/0x10 [ 137.445434] ? write_comp_data+0x2f/0x90 [ 137.445751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.446141] ? write_comp_data+0x2f/0x90 [ 137.446462] iommufd_fops_ioctl+0x37d/0x510 [ 137.446817] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.447218] ? write_comp_data+0x2f/0x90 [ 137.447541] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.447915] __x64_sys_ioctl+0x1a3/0x230 [ 137.448235] do_syscall_64+0x3b/0x90 [ 137.448541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.448944] RIP: 0033:0x7f4b8743ee5d [ 137.449226] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.450641] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.451228] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.451776] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.452328] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.452887] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.453424] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.453988] [ 137.454169] irq event stamp: 0 [ 137.454410] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.454920] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.455563] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.456206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.456683] ---[ end trace 0000000000000000 ]--- [ 137.459869] ------------[ cut here ]------------ [ 137.460254] WARNING: CPU: 0 PID: 1278 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.461148] Modules linked in: [ 137.461412] CPU: 0 PID: 1278 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.462072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.463072] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.463475] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.464986] RSP: 0018:ffff888020bdfbd0 EFLAGS: 00010246 [ 137.465389] RAX: 0000000000000000 RBX: ffff888015d6c0a8 RCX: 0000000000000000 [ 137.466000] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 137.466609] RBP: ffff888020bdfbe8 R08: ffffed1002bad833 R09: ffffed1002bad833 [ 137.467161] R10: ffff888015d6c193 R11: ffffed1002bad832 R12: ffff88800fbd9400 [ 137.467698] R13: ffff888015d6c1e8 R14: ffff888012b36700 R15: 0000000000000000 [ 137.468424] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.469046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.469507] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 137.470219] PKRU: 55555554 [ 137.470449] Call Trace: [ 137.470668] [ 137.470847] iommufd_access_destroy_object+0x65/0x170 [ 137.471283] iommufd_object_destroy_user+0x18e/0x220 [ 137.471729] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.472305] iommufd_access_destroy+0x43/0x70 [ 137.472667] iommufd_test_staccess_release+0x8d/0xd0 [ 137.473071] __fput+0x26d/0xa40 [ 137.473399] ____fput+0x1e/0x30 [ 137.473766] task_work_run+0x1a4/0x2d0 [ 137.474083] ? __pfx_task_work_run+0x10/0x10 [ 137.474445] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.474854] ? switch_task_namespaces+0xa9/0xe0 [ 137.475248] do_exit+0xb17/0x2ef0 [ 137.475590] ? lock_acquire+0x427/0x4c0 [ 137.476051] ? __pfx_lock_release+0x10/0x10 [ 137.476415] ? __kasan_check_write+0x18/0x20 [ 137.476766] ? do_raw_spin_lock+0x132/0x2a0 [ 137.477110] ? __pfx_do_exit+0x10/0x10 [ 137.477525] ? debug_smp_processor_id+0x20/0x30 [ 137.478014] ? rcu_is_watching+0x19/0xb0 [ 137.478349] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.478749] ? trace_hardirqs_on+0x26/0x120 [ 137.479119] do_group_exit+0xe0/0x2b0 [ 137.479469] __x64_sys_exit_group+0x47/0x50 [ 137.479969] do_syscall_64+0x3b/0x90 [ 137.480274] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.480698] RIP: 0033:0x7f4b87518a4d [ 137.481001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.481708] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.482313] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.482901] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.483613] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.484186] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.484744] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.485533] [ 137.485718] irq event stamp: 0 [ 137.485968] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.486476] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.487277] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.488047] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.488553] ---[ end trace 0000000000000000 ]--- [ 137.489466] ------------[ cut here ]------------ [ 137.489845] WARNING: CPU: 0 PID: 1278 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.490789] Modules linked in: [ 137.491179] CPU: 0 PID: 1278 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.491880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.492862] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.493361] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.495004] RSP: 0018:ffff888020bdfb78 EFLAGS: 00010246 [ 137.495451] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.496019] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 137.496669] RBP: ffff888020bdfb98 R08: ffffed1002bad83e R09: ffffed1002bad83e [ 137.497391] R10: ffff888015d6c1ef R11: ffffed1002bad83d R12: ffff888015d6c290 [ 137.497959] R13: ffff888015d6c0a8 R14: ffffffffffffffff R15: ffff888020bdfc60 [ 137.498742] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.499396] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.499850] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 137.500509] PKRU: 55555554 [ 137.500850] Call Trace: [ 137.501050] [ 137.501242] iommufd_ioas_destroy+0x53/0x70 [ 137.501594] iommufd_fops_release+0x1f7/0x370 [ 137.501955] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.502560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.502954] ? write_comp_data+0x2f/0x90 [ 137.503294] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.503712] __fput+0x26d/0xa40 [ 137.503988] ____fput+0x1e/0x30 [ 137.504277] task_work_run+0x1a4/0x2d0 [ 137.504784] ? __pfx_task_work_run+0x10/0x10 [ 137.505140] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.505542] ? switch_task_namespaces+0xa9/0xe0 [ 137.505948] do_exit+0xb17/0x2ef0 [ 137.506390] ? lock_acquire+0x427/0x4c0 [ 137.506740] ? __pfx_lock_release+0x10/0x10 [ 137.507086] ? __kasan_check_write+0x18/0x20 [ 137.507447] ? do_raw_spin_lock+0x132/0x2a0 [ 137.507803] ? __pfx_do_exit+0x10/0x10 [ 137.508166] ? debug_smp_processor_id+0x20/0x30 [ 137.508676] ? rcu_is_watching+0x19/0xb0 [ 137.509013] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.509375] ? trace_hardirqs_on+0x26/0x120 [ 137.509723] do_group_exit+0xe0/0x2b0 [ 137.510176] __x64_sys_exit_group+0x47/0x50 [ 137.510537] do_syscall_64+0x3b/0x90 [ 137.510843] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.511278] RIP: 0033:0x7f4b87518a4d [ 137.511575] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.512235] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.512835] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.513408] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.514150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.514729] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.515312] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.515932] [ 137.516235] irq event stamp: 0 [ 137.516499] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.516991] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.517761] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.518479] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.518991] ---[ end trace 0000000000000000 ]--- [ 137.522895] ------------[ cut here ]------------ [ 137.523399] WARNING: CPU: 0 PID: 1279 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.524208] Modules linked in: [ 137.524467] CPU: 0 PID: 1279 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.525348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.526255] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.526782] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.528210] RSP: 0018:ffff8880185efbb8 EFLAGS: 00010246 [ 137.528631] RAX: 0000000000000000 RBX: ffff88800fbc00a8 RCX: 0000000000000000 [ 137.529178] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 137.529741] RBP: ffff8880185efbd0 R08: ffffed1001f78033 R09: ffffed1001f78033 [ 137.530288] R10: ffff88800fbc0193 R11: ffffed1001f78032 R12: ffff8880167afc00 [ 137.530870] R13: ffff88800fbc01e8 R14: ffffffff8352e670 R15: ffff8880185efe68 [ 137.531436] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.532067] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.532518] CR2: 00007f4b877410e8 CR3: 0000000021922000 CR4: 0000000000750ef0 [ 137.533087] PKRU: 55555554 [ 137.533311] Call Trace: [ 137.533512] [ 137.533702] __iommufd_access_detach+0x1c2/0x2b0 [ 137.534084] iommufd_access_change_pt+0x149/0x270 [ 137.534468] iommufd_access_replace+0xb4/0x120 [ 137.534859] iommufd_test+0x3e5/0x37e0 [ 137.535175] ? lock_release+0x532/0x770 [ 137.535497] ? __might_fault+0x102/0x1b0 [ 137.535830] ? lock_acquire+0x427/0x4c0 [ 137.536155] ? __pfx_iommufd_test+0x10/0x10 [ 137.536494] ? __pfx_lock_release+0x10/0x10 [ 137.536837] ? __pfx_lock_acquire+0x10/0x10 [ 137.537197] ? write_comp_data+0x2f/0x90 [ 137.537525] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.537910] ? write_comp_data+0x2f/0x90 [ 137.538251] iommufd_fops_ioctl+0x37d/0x510 [ 137.538611] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.539001] ? write_comp_data+0x2f/0x90 [ 137.539345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.539724] __x64_sys_ioctl+0x1a3/0x230 [ 137.540053] do_syscall_64+0x3b/0x90 [ 137.540369] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.540779] RIP: 0033:0x7f4b8743ee5d [ 137.541069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.542526] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.543136] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.543708] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.544260] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.544824] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.545377] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.545954] [ 137.546141] irq event stamp: 0 [ 137.546387] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.546909] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.547578] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.548248] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.548740] ---[ end trace 0000000000000000 ]--- [ 137.551721] ------------[ cut here ]------------ [ 137.552207] WARNING: CPU: 0 PID: 1279 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.552997] Modules linked in: [ 137.553270] CPU: 0 PID: 1279 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.554150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.555292] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.555743] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.557350] RSP: 0018:ffff8880185efbd0 EFLAGS: 00010246 [ 137.557952] RAX: 0000000000000000 RBX: ffff88800fbc00a8 RCX: 0000000000000000 [ 137.558530] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 137.559098] RBP: ffff8880185efbe8 R08: ffffed1001f78033 R09: ffffed1001f78033 [ 137.559762] R10: ffff88800fbc0193 R11: ffffed1001f78032 R12: ffff88800f822800 [ 137.560421] R13: ffff88800fbc01e8 R14: ffff8880181b8c00 R15: 0000000000000000 [ 137.561002] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.561805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.562275] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 137.562849] PKRU: 55555554 [ 137.563086] Call Trace: [ 137.563330] [ 137.563579] iommufd_access_destroy_object+0x65/0x170 [ 137.564082] iommufd_object_destroy_user+0x18e/0x220 [ 137.564503] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.564963] iommufd_access_destroy+0x43/0x70 [ 137.565434] iommufd_test_staccess_release+0x8d/0xd0 [ 137.565918] __fput+0x26d/0xa40 [ 137.566194] ____fput+0x1e/0x30 [ 137.566474] task_work_run+0x1a4/0x2d0 [ 137.566809] ? __pfx_task_work_run+0x10/0x10 [ 137.567181] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.567767] ? switch_task_namespaces+0xa9/0xe0 [ 137.568158] do_exit+0xb17/0x2ef0 [ 137.568439] ? lock_acquire+0x427/0x4c0 [ 137.568782] ? __pfx_lock_release+0x10/0x10 [ 137.569163] ? __kasan_check_write+0x18/0x20 [ 137.569675] ? do_raw_spin_lock+0x132/0x2a0 [ 137.570030] ? __pfx_do_exit+0x10/0x10 [ 137.570356] ? debug_smp_processor_id+0x20/0x30 [ 137.570782] ? rcu_is_watching+0x19/0xb0 [ 137.571134] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.571625] ? trace_hardirqs_on+0x26/0x120 [ 137.572096] do_group_exit+0xe0/0x2b0 [ 137.572415] __x64_sys_exit_group+0x47/0x50 [ 137.572775] do_syscall_64+0x3b/0x90 [ 137.573109] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.573741] RIP: 0033:0x7f4b87518a4d [ 137.574060] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.574601] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.575267] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.576050] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.576650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.577234] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.578027] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.578660] [ 137.578859] irq event stamp: 0 [ 137.579123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.579733] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.580526] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.581220] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.581915] ---[ end trace 0000000000000000 ]--- [ 137.582673] ------------[ cut here ]------------ [ 137.583073] WARNING: CPU: 0 PID: 1279 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.584110] Modules linked in: [ 137.584378] CPU: 0 PID: 1279 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.585102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.586182] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.586696] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.588375] RSP: 0018:ffff8880185efb78 EFLAGS: 00010246 [ 137.588813] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.589553] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 137.590130] RBP: ffff8880185efb98 R08: ffffed1001f7803e R09: ffffed1001f7803e [ 137.590751] R10: ffff88800fbc01ef R11: ffffed1001f7803d R12: ffff88800fbc0290 [ 137.591514] R13: ffff88800fbc00a8 R14: ffffffffffffffff R15: ffff8880185efc60 [ 137.592098] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.592765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.593401] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 137.593994] PKRU: 55555554 [ 137.594226] Call Trace: [ 137.594436] [ 137.594669] iommufd_ioas_destroy+0x53/0x70 [ 137.595156] iommufd_fops_release+0x1f7/0x370 [ 137.595537] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.595964] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.596372] ? write_comp_data+0x2f/0x90 [ 137.596749] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.597275] __fput+0x26d/0xa40 [ 137.597562] ____fput+0x1e/0x30 [ 137.597840] task_work_run+0x1a4/0x2d0 [ 137.598179] ? __pfx_task_work_run+0x10/0x10 [ 137.598716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.599145] ? switch_task_namespaces+0xa9/0xe0 [ 137.599544] do_exit+0xb17/0x2ef0 [ 137.599829] ? lock_acquire+0x427/0x4c0 [ 137.600176] ? __pfx_lock_release+0x10/0x10 [ 137.600609] ? __kasan_check_write+0x18/0x20 [ 137.601068] ? do_raw_spin_lock+0x132/0x2a0 [ 137.601439] ? __pfx_do_exit+0x10/0x10 [ 137.601770] ? debug_smp_processor_id+0x20/0x30 [ 137.602152] ? rcu_is_watching+0x19/0xb0 [ 137.602648] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.603034] ? trace_hardirqs_on+0x26/0x120 [ 137.603416] do_group_exit+0xe0/0x2b0 [ 137.603736] __x64_sys_exit_group+0x47/0x50 [ 137.604087] do_syscall_64+0x3b/0x90 [ 137.604466] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.604987] RIP: 0033:0x7f4b87518a4d [ 137.605294] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.605807] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.606615] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.607208] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.607805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.608556] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.609153] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.609746] [ 137.609951] irq event stamp: 0 [ 137.610210] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.610750] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.611457] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.612148] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.612656] ---[ end trace 0000000000000000 ]--- [ 137.617365] ------------[ cut here ]------------ [ 137.617805] WARNING: CPU: 0 PID: 1280 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.618800] Modules linked in: [ 137.619068] CPU: 0 PID: 1280 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.619830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.620749] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.621171] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.622765] RSP: 0018:ffff888011cffbb8 EFLAGS: 00010246 [ 137.623222] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 137.623813] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 137.624397] RBP: ffff888011cffbd0 R08: ffffed100173f333 R09: ffffed100173f333 [ 137.625010] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff888013b16000 [ 137.625592] R13: ffff88800b9f99e8 R14: ffffffff8352e670 R15: ffff888011cffe68 [ 137.626251] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.627151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.627780] CR2: 0000000020000140 CR3: 0000000018302000 CR4: 0000000000750ef0 [ 137.628540] PKRU: 55555554 [ 137.628858] Call Trace: [ 137.629139] [ 137.629389] __iommufd_access_detach+0x1c2/0x2b0 [ 137.629916] iommufd_access_change_pt+0x149/0x270 [ 137.630445] iommufd_access_replace+0xb4/0x120 [ 137.631001] iommufd_test+0x3e5/0x37e0 [ 137.631451] ? lock_release+0x532/0x770 [ 137.631898] ? __might_fault+0x102/0x1b0 [ 137.632361] ? lock_acquire+0x427/0x4c0 [ 137.632803] ? __pfx_iommufd_test+0x10/0x10 [ 137.633286] ? __pfx_lock_release+0x10/0x10 [ 137.633781] ? __pfx_lock_acquire+0x10/0x10 [ 137.634259] ? write_comp_data+0x2f/0x90 [ 137.634751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.635331] ? write_comp_data+0x2f/0x90 [ 137.635786] iommufd_fops_ioctl+0x37d/0x510 [ 137.636267] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.636806] ? write_comp_data+0x2f/0x90 [ 137.637262] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.637794] __x64_sys_ioctl+0x1a3/0x230 [ 137.638251] do_syscall_64+0x3b/0x90 [ 137.638716] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.639399] RIP: 0033:0x7f4b8743ee5d [ 137.639840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.641864] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.642788] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.643617] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.644422] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.645232] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.646043] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.646907] [ 137.647209] irq event stamp: 0 [ 137.647575] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.648292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.649242] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.650191] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.650948] ---[ end trace 0000000000000000 ]--- [ 137.655755] ------------[ cut here ]------------ [ 137.656751] WARNING: CPU: 0 PID: 1280 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.658028] Modules linked in: [ 137.658747] CPU: 0 PID: 1280 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.659830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.661399] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.662030] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.664466] RSP: 0018:ffff888011cffbd0 EFLAGS: 00010246 [ 137.665356] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 137.666234] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 137.667392] RBP: ffff888011cffbe8 R08: ffffed100173f333 R09: ffffed100173f333 [ 137.668266] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff8880167ad400 [ 137.669132] R13: ffff88800b9f99e8 R14: ffff88800b1d8700 R15: 0000000000000000 [ 137.669999] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 137.671026] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.671762] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 137.672626] PKRU: 55555554 [ 137.672984] Call Trace: [ 137.673309] [ 137.673604] iommufd_access_destroy_object+0x65/0x170 [ 137.674256] iommufd_object_destroy_user+0x18e/0x220 [ 137.674947] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.675705] iommufd_access_destroy+0x43/0x70 [ 137.676294] iommufd_test_staccess_release+0x8d/0xd0 [ 137.676947] __fput+0x26d/0xa40 [ 137.677393] ____fput+0x1e/0x30 [ 137.677823] task_work_run+0x1a4/0x2d0 [ 137.678333] ? __pfx_task_work_run+0x10/0x10 [ 137.678947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.679602] ? switch_task_namespaces+0xa9/0xe0 [ 137.680213] do_exit+0xb17/0x2ef0 [ 137.680658] ? lock_acquire+0x427/0x4c0 [ 137.681176] ? __pfx_lock_release+0x10/0x10 [ 137.681768] ? __kasan_check_write+0x18/0x20 [ 137.682331] ? do_raw_spin_lock+0x132/0x2a0 [ 137.682927] ? __pfx_do_exit+0x10/0x10 [ 137.683470] ? debug_smp_processor_id+0x20/0x30 [ 137.683896] ? rcu_is_watching+0x19/0xb0 [ 137.684255] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.684652] ? trace_hardirqs_on+0x26/0x120 [ 137.685032] do_group_exit+0xe0/0x2b0 [ 137.685363] __x64_sys_exit_group+0x47/0x50 [ 137.685741] do_syscall_64+0x3b/0x90 [ 137.686074] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.686569] RIP: 0033:0x7f4b87518a4d [ 137.686896] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.687451] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.688111] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.688730] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.689345] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.689972] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.690605] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.691246] [ 137.691452] irq event stamp: 0 [ 137.691726] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.692273] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.693046] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.693756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.694296] ---[ end trace 0000000000000000 ]--- [ 137.695154] ------------[ cut here ]------------ [ 137.695624] WARNING: CPU: 1 PID: 1280 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.696502] Modules linked in: [ 137.696780] CPU: 1 PID: 1280 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.697533] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.698499] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.698993] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.700596] RSP: 0018:ffff888011cffb78 EFLAGS: 00010246 [ 137.701062] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.701680] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 137.702301] RBP: ffff888011cffb98 R08: ffffed100173f33e R09: ffffed100173f33e [ 137.703006] R10: ffff88800b9f99ef R11: ffffed100173f33d R12: ffff88800b9f9a90 [ 137.703662] R13: ffff88800b9f98a8 R14: ffffffffffffffff R15: ffff888011cffc60 [ 137.704290] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.704990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.705496] CR2: 00007f82e2ab5000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 137.706118] PKRU: 55555554 [ 137.706370] Call Trace: [ 137.706631] [ 137.706838] iommufd_ioas_destroy+0x53/0x70 [ 137.707244] iommufd_fops_release+0x1f7/0x370 [ 137.707647] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.708089] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.708530] ? write_comp_data+0x2f/0x90 [ 137.708905] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.709353] __fput+0x26d/0xa40 [ 137.709661] ____fput+0x1e/0x30 [ 137.709959] task_work_run+0x1a4/0x2d0 [ 137.710301] ? __pfx_task_work_run+0x10/0x10 [ 137.710735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.711194] ? switch_task_namespaces+0xa9/0xe0 [ 137.711637] do_exit+0xb17/0x2ef0 [ 137.711961] ? lock_acquire+0x427/0x4c0 [ 137.712339] ? __pfx_lock_release+0x10/0x10 [ 137.712742] ? __kasan_check_write+0x18/0x20 [ 137.713144] ? do_raw_spin_lock+0x132/0x2a0 [ 137.713550] ? __pfx_do_exit+0x10/0x10 [ 137.713934] ? debug_smp_processor_id+0x20/0x30 [ 137.714374] ? rcu_is_watching+0x19/0xb0 [ 137.714803] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.715271] ? trace_hardirqs_on+0x26/0x120 [ 137.715672] do_group_exit+0xe0/0x2b0 [ 137.716023] __x64_sys_exit_group+0x47/0x50 [ 137.716412] do_syscall_64+0x3b/0x90 [ 137.716758] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.717234] RIP: 0033:0x7f4b87518a4d [ 137.717562] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.718097] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.718805] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.719478] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.720147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.720813] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.721484] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.722149] [ 137.722369] irq event stamp: 0 [ 137.722694] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.723309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.724083] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.724853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.725447] ---[ end trace 0000000000000000 ]--- [ 137.730042] ------------[ cut here ]------------ [ 137.730838] WARNING: CPU: 1 PID: 1281 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.731834] Modules linked in: [ 137.732141] CPU: 1 PID: 1281 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.732958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.734042] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.734574] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.736296] RSP: 0018:ffff888014be7bb8 EFLAGS: 00010246 [ 137.736800] RAX: 0000000000000000 RBX: ffff8880165360a8 RCX: 0000000000000000 [ 137.737459] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 137.738125] RBP: ffff888014be7bd0 R08: ffffed1002ca6c33 R09: ffffed1002ca6c33 [ 137.738815] R10: ffff888016536193 R11: ffffed1002ca6c32 R12: ffff888013b20800 [ 137.739503] R13: ffff8880165361e8 R14: ffffffff8352e670 R15: ffff888014be7e68 [ 137.740173] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.740923] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.741489] CR2: 0000000020000140 CR3: 0000000014b0c000 CR4: 0000000000750ee0 [ 137.742164] PKRU: 55555554 [ 137.742433] Call Trace: [ 137.742705] [ 137.742924] __iommufd_access_detach+0x1c2/0x2b0 [ 137.743421] iommufd_access_change_pt+0x149/0x270 [ 137.743884] iommufd_access_replace+0xb4/0x120 [ 137.744326] iommufd_test+0x3e5/0x37e0 [ 137.744700] ? lock_release+0x532/0x770 [ 137.745083] ? __might_fault+0x102/0x1b0 [ 137.745470] ? lock_acquire+0x427/0x4c0 [ 137.745849] ? __pfx_iommufd_test+0x10/0x10 [ 137.746248] ? __pfx_lock_release+0x10/0x10 [ 137.746685] ? __pfx_lock_acquire+0x10/0x10 [ 137.747103] ? write_comp_data+0x2f/0x90 [ 137.747511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.747973] ? write_comp_data+0x2f/0x90 [ 137.748365] iommufd_fops_ioctl+0x37d/0x510 [ 137.748779] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.749240] ? write_comp_data+0x2f/0x90 [ 137.749639] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.750092] __x64_sys_ioctl+0x1a3/0x230 [ 137.750485] do_syscall_64+0x3b/0x90 [ 137.750881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.751388] RIP: 0033:0x7f4b8743ee5d [ 137.751737] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.753433] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.754145] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.754857] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.755540] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.756197] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.756862] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.757538] [ 137.757763] irq event stamp: 0 [ 137.758066] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.758699] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.759510] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.760297] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.760896] ---[ end trace 0000000000000000 ]--- [ 137.764231] ------------[ cut here ]------------ [ 137.764719] WARNING: CPU: 1 PID: 1281 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.765665] Modules linked in: [ 137.765962] CPU: 1 PID: 1281 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.766818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.767892] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.768361] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.770081] RSP: 0018:ffff888014be7bd0 EFLAGS: 00010246 [ 137.770614] RAX: 0000000000000000 RBX: ffff8880165360a8 RCX: 0000000000000000 [ 137.771293] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 137.771964] RBP: ffff888014be7be8 R08: ffffed1002ca6c33 R09: ffffed1002ca6c33 [ 137.772630] R10: ffff888016536193 R11: ffffed1002ca6c32 R12: ffff8880129c7800 [ 137.773294] R13: ffff8880165361e8 R14: ffff888013d44a00 R15: 0000000000000000 [ 137.773963] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.774760] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.775328] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.775995] PKRU: 55555554 [ 137.776261] Call Trace: [ 137.776501] [ 137.776722] iommufd_access_destroy_object+0x65/0x170 [ 137.777213] iommufd_object_destroy_user+0x18e/0x220 [ 137.777693] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.778244] iommufd_access_destroy+0x43/0x70 [ 137.778698] iommufd_test_staccess_release+0x8d/0xd0 [ 137.779198] __fput+0x26d/0xa40 [ 137.779532] ____fput+0x1e/0x30 [ 137.779850] task_work_run+0x1a4/0x2d0 [ 137.780224] ? __pfx_task_work_run+0x10/0x10 [ 137.780648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.781110] ? switch_task_namespaces+0xa9/0xe0 [ 137.781557] do_exit+0xb17/0x2ef0 [ 137.781884] ? lock_acquire+0x427/0x4c0 [ 137.782268] ? __pfx_lock_release+0x10/0x10 [ 137.782709] ? __kasan_check_write+0x18/0x20 [ 137.783165] ? do_raw_spin_lock+0x132/0x2a0 [ 137.783576] ? __pfx_do_exit+0x10/0x10 [ 137.783953] ? debug_smp_processor_id+0x20/0x30 [ 137.784402] ? rcu_is_watching+0x19/0xb0 [ 137.784788] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.785225] ? trace_hardirqs_on+0x26/0x120 [ 137.785644] do_group_exit+0xe0/0x2b0 [ 137.786007] __x64_sys_exit_group+0x47/0x50 [ 137.786402] do_syscall_64+0x3b/0x90 [ 137.786806] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.787330] RIP: 0033:0x7f4b87518a4d [ 137.787689] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.788269] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.788998] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.789678] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.790342] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.791053] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.791738] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.792410] [ 137.792632] irq event stamp: 0 [ 137.792932] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.793522] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.794306] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.795130] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.795733] ---[ end trace 0000000000000000 ]--- [ 137.796559] ------------[ cut here ]------------ [ 137.796999] WARNING: CPU: 1 PID: 1281 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.797963] Modules linked in: [ 137.798270] CPU: 1 PID: 1281 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.799131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.800195] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.800687] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.802380] RSP: 0018:ffff888014be7b78 EFLAGS: 00010246 [ 137.802911] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.803613] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 137.804277] RBP: ffff888014be7b98 R08: ffffed1002ca6c3e R09: ffffed1002ca6c3e [ 137.804941] R10: ffff8880165361ef R11: ffffed1002ca6c3d R12: ffff888016536290 [ 137.805610] R13: ffff8880165360a8 R14: ffffffffffffffff R15: ffff888014be7c60 [ 137.806275] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.807057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.807610] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.808277] PKRU: 55555554 [ 137.808553] Call Trace: [ 137.808797] [ 137.809016] iommufd_ioas_destroy+0x53/0x70 [ 137.809427] iommufd_fops_release+0x1f7/0x370 [ 137.809850] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.810326] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.810819] ? write_comp_data+0x2f/0x90 [ 137.811233] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.811707] __fput+0x26d/0xa40 [ 137.812032] ____fput+0x1e/0x30 [ 137.812351] task_work_run+0x1a4/0x2d0 [ 137.812728] ? __pfx_task_work_run+0x10/0x10 [ 137.813154] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.813620] ? switch_task_namespaces+0xa9/0xe0 [ 137.814082] do_exit+0xb17/0x2ef0 [ 137.814417] ? lock_acquire+0x427/0x4c0 [ 137.814830] ? __pfx_lock_release+0x10/0x10 [ 137.815263] ? __kasan_check_write+0x18/0x20 [ 137.815691] ? do_raw_spin_lock+0x132/0x2a0 [ 137.816102] ? __pfx_do_exit+0x10/0x10 [ 137.816480] ? debug_smp_processor_id+0x20/0x30 [ 137.816929] ? rcu_is_watching+0x19/0xb0 [ 137.817310] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.817744] ? trace_hardirqs_on+0x26/0x120 [ 137.818157] do_group_exit+0xe0/0x2b0 [ 137.818553] __x64_sys_exit_group+0x47/0x50 [ 137.818969] do_syscall_64+0x3b/0x90 [ 137.819349] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.819847] RIP: 0033:0x7f4b87518a4d [ 137.820198] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.820783] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.821509] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.822177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.822872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.823543] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.824210] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.824877] [ 137.825096] irq event stamp: 0 [ 137.825398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.825986] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.826809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.827599] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.828202] ---[ end trace 0000000000000000 ]--- [ 137.833620] ------------[ cut here ]------------ [ 137.834129] WARNING: CPU: 1 PID: 1282 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.835160] Modules linked in: [ 137.835467] CPU: 1 PID: 1282 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.836277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.837321] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.837784] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.839577] RSP: 0018:ffff888016dffbb8 EFLAGS: 00010246 [ 137.840077] RAX: 0000000000000000 RBX: ffff8880164558a8 RCX: 0000000000000000 [ 137.840734] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 137.841396] RBP: ffff888016dffbd0 R08: ffffed1002c8ab33 R09: ffffed1002c8ab33 [ 137.842056] R10: ffff888016455993 R11: ffffed1002c8ab32 R12: ffff888010bc1c00 [ 137.842741] R13: ffff8880164559e8 R14: ffffffff8352e670 R15: ffff888016dffe68 [ 137.843426] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.844178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.844727] CR2: 0000000020000140 CR3: 0000000018302000 CR4: 0000000000750ee0 [ 137.845395] PKRU: 55555554 [ 137.845666] Call Trace: [ 137.845908] [ 137.846121] __iommufd_access_detach+0x1c2/0x2b0 [ 137.846626] iommufd_access_change_pt+0x149/0x270 [ 137.847088] iommufd_access_replace+0xb4/0x120 [ 137.847542] iommufd_test+0x3e5/0x37e0 [ 137.847902] ? lock_release+0x532/0x770 [ 137.848279] ? __might_fault+0x102/0x1b0 [ 137.848661] ? lock_acquire+0x427/0x4c0 [ 137.849035] ? __pfx_iommufd_test+0x10/0x10 [ 137.849433] ? __pfx_lock_release+0x10/0x10 [ 137.849847] ? __pfx_lock_acquire+0x10/0x10 [ 137.850259] ? write_comp_data+0x2f/0x90 [ 137.850666] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.851132] ? write_comp_data+0x2f/0x90 [ 137.851519] iommufd_fops_ioctl+0x37d/0x510 [ 137.851936] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.852399] ? write_comp_data+0x2f/0x90 [ 137.852792] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.853260] __x64_sys_ioctl+0x1a3/0x230 [ 137.853656] do_syscall_64+0x3b/0x90 [ 137.854017] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.854556] RIP: 0033:0x7f4b8743ee5d [ 137.854903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.856581] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.857300] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.857956] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.858638] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.859314] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.859973] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.860636] [ 137.860852] irq event stamp: 0 [ 137.861145] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.861725] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.862497] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.863306] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.863890] ---[ end trace 0000000000000000 ]--- [ 137.867080] ------------[ cut here ]------------ [ 137.867581] WARNING: CPU: 1 PID: 1282 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.868520] Modules linked in: [ 137.868818] CPU: 1 PID: 1282 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.869625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.870734] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.871203] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.872863] RSP: 0018:ffff888016dffbd0 EFLAGS: 00010246 [ 137.873345] RAX: 0000000000000000 RBX: ffff8880164558a8 RCX: 0000000000000000 [ 137.874001] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 137.874677] RBP: ffff888016dffbe8 R08: ffffed1002c8ab33 R09: ffffed1002c8ab33 [ 137.875360] R10: ffff888016455993 R11: ffffed1002c8ab32 R12: ffff888013b21000 [ 137.876023] R13: ffff8880164559e8 R14: ffff88800f401100 R15: 0000000000000000 [ 137.876684] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.877428] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.877949] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.878616] PKRU: 55555554 [ 137.878876] Call Trace: [ 137.879122] [ 137.879331] iommufd_access_destroy_object+0x65/0x170 [ 137.879809] iommufd_object_destroy_user+0x18e/0x220 [ 137.880277] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.880814] iommufd_access_destroy+0x43/0x70 [ 137.881231] iommufd_test_staccess_release+0x8d/0xd0 [ 137.881702] __fput+0x26d/0xa40 [ 137.882023] ____fput+0x1e/0x30 [ 137.882334] task_work_run+0x1a4/0x2d0 [ 137.882716] ? __pfx_task_work_run+0x10/0x10 [ 137.883128] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.883572] ? switch_task_namespaces+0xa9/0xe0 [ 137.883999] do_exit+0xb17/0x2ef0 [ 137.884305] ? lock_acquire+0x427/0x4c0 [ 137.884653] ? __pfx_lock_release+0x10/0x10 [ 137.885031] ? __kasan_check_write+0x18/0x20 [ 137.885420] ? do_raw_spin_lock+0x132/0x2a0 [ 137.885791] ? __pfx_do_exit+0x10/0x10 [ 137.886132] ? debug_smp_processor_id+0x20/0x30 [ 137.886552] ? rcu_is_watching+0x19/0xb0 [ 137.886903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.887305] ? trace_hardirqs_on+0x26/0x120 [ 137.887684] do_group_exit+0xe0/0x2b0 [ 137.888011] __x64_sys_exit_group+0x47/0x50 [ 137.888376] do_syscall_64+0x3b/0x90 [ 137.888707] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.889154] RIP: 0033:0x7f4b87518a4d [ 137.889481] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.890011] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.890692] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.891316] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.891932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.892551] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.893165] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.893793] [ 137.893994] irq event stamp: 0 [ 137.894267] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.894834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.895564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.896283] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.896822] ---[ end trace 0000000000000000 ]--- [ 137.897740] ------------[ cut here ]------------ [ 137.898151] WARNING: CPU: 1 PID: 1282 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.899103] Modules linked in: [ 137.899403] CPU: 1 PID: 1282 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.900148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.901099] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.901548] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.903137] RSP: 0018:ffff888016dffb78 EFLAGS: 00010246 [ 137.903604] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.904229] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 137.904846] RBP: ffff888016dffb98 R08: ffffed1002c8ab3e R09: ffffed1002c8ab3e [ 137.905442] R10: ffff8880164559ef R11: ffffed1002c8ab3d R12: ffff888016455a90 [ 137.906036] R13: ffff8880164558a8 R14: ffffffffffffffff R15: ffff888016dffc60 [ 137.906657] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.907341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.907814] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.908392] PKRU: 55555554 [ 137.908624] Call Trace: [ 137.908834] [ 137.909018] iommufd_ioas_destroy+0x53/0x70 [ 137.909378] iommufd_fops_release+0x1f7/0x370 [ 137.909744] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.910152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.910579] ? write_comp_data+0x2f/0x90 [ 137.910924] ? __pfx_iommufd_fops_release+0x10/0x10 [ 137.911353] __fput+0x26d/0xa40 [ 137.911642] ____fput+0x1e/0x30 [ 137.911917] task_work_run+0x1a4/0x2d0 [ 137.912246] ? __pfx_task_work_run+0x10/0x10 [ 137.912619] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.913021] ? switch_task_namespaces+0xa9/0xe0 [ 137.913414] do_exit+0xb17/0x2ef0 [ 137.913699] ? lock_acquire+0x427/0x4c0 [ 137.914033] ? __pfx_lock_release+0x10/0x10 [ 137.914499] ? __kasan_check_write+0x18/0x20 [ 137.915002] ? do_raw_spin_lock+0x132/0x2a0 [ 137.915414] ? __pfx_do_exit+0x10/0x10 [ 137.915747] ? debug_smp_processor_id+0x20/0x30 [ 137.916127] ? rcu_is_watching+0x19/0xb0 [ 137.916463] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.916837] ? trace_hardirqs_on+0x26/0x120 [ 137.917193] do_group_exit+0xe0/0x2b0 [ 137.917505] __x64_sys_exit_group+0x47/0x50 [ 137.917858] do_syscall_64+0x3b/0x90 [ 137.918176] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.918638] RIP: 0033:0x7f4b87518a4d [ 137.918943] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.919460] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.920069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.920650] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.921231] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.921801] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.922367] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.922987] [ 137.923185] irq event stamp: 0 [ 137.923446] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.923953] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.924630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.925296] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.925796] ---[ end trace 0000000000000000 ]--- [ 137.930001] ------------[ cut here ]------------ [ 137.930428] WARNING: CPU: 1 PID: 1283 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.931334] Modules linked in: [ 137.931599] CPU: 1 PID: 1283 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.932295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.933192] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.933595] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.935103] RSP: 0018:ffff8880188bfbb8 EFLAGS: 00010246 [ 137.935546] RAX: 0000000000000000 RBX: ffff8880246678a8 RCX: 0000000000000000 [ 137.936109] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 137.936676] RBP: ffff8880188bfbd0 R08: ffffed10048ccf33 R09: ffffed10048ccf33 [ 137.937242] R10: ffff888024667993 R11: ffffed10048ccf32 R12: ffff888012b47400 [ 137.937807] R13: ffff8880246679e8 R14: ffffffff8352e670 R15: ffff8880188bfe68 [ 137.938373] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.939039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.939515] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ee0 [ 137.940089] PKRU: 55555554 [ 137.940318] Call Trace: [ 137.940522] [ 137.940702] __iommufd_access_detach+0x1c2/0x2b0 [ 137.941102] iommufd_access_change_pt+0x149/0x270 [ 137.941503] iommufd_access_replace+0xb4/0x120 [ 137.941880] iommufd_test+0x3e5/0x37e0 [ 137.942196] ? lock_release+0x532/0x770 [ 137.942547] ? __might_fault+0x102/0x1b0 [ 137.942884] ? lock_acquire+0x427/0x4c0 [ 137.943246] ? __pfx_iommufd_test+0x10/0x10 [ 137.943595] ? __pfx_lock_release+0x10/0x10 [ 137.943951] ? __pfx_lock_acquire+0x10/0x10 [ 137.944306] ? write_comp_data+0x2f/0x90 [ 137.944648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.945044] ? write_comp_data+0x2f/0x90 [ 137.945378] iommufd_fops_ioctl+0x37d/0x510 [ 137.945729] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.946122] ? write_comp_data+0x2f/0x90 [ 137.946456] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 137.946868] __x64_sys_ioctl+0x1a3/0x230 [ 137.947222] do_syscall_64+0x3b/0x90 [ 137.947537] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.947961] RIP: 0033:0x7f4b8743ee5d [ 137.948260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 137.949723] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 137.950338] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 137.951023] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 137.951797] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 137.952368] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 137.952931] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 137.953506] [ 137.953692] irq event stamp: 0 [ 137.953943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.954446] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.955151] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.955897] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.956495] ---[ end trace 0000000000000000 ]--- [ 137.959445] ------------[ cut here ]------------ [ 137.959838] WARNING: CPU: 1 PID: 1283 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 137.960667] Modules linked in: [ 137.961037] CPU: 1 PID: 1283 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.961740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.962706] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 137.963157] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 137.964694] RSP: 0018:ffff8880188bfbd0 EFLAGS: 00010246 [ 137.965188] RAX: 0000000000000000 RBX: ffff8880246678a8 RCX: 0000000000000000 [ 137.965758] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 137.966328] RBP: ffff8880188bfbe8 R08: ffffed10048ccf33 R09: ffffed10048ccf33 [ 137.967045] R10: ffff888024667993 R11: ffffed10048ccf32 R12: ffff888010bc0c00 [ 137.967637] R13: ffff8880246679e8 R14: ffff888013555a00 R15: 0000000000000000 [ 137.968215] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.968994] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.969468] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.970039] PKRU: 55555554 [ 137.970273] Call Trace: [ 137.970496] [ 137.970784] iommufd_access_destroy_object+0x65/0x170 [ 137.971220] iommufd_object_destroy_user+0x18e/0x220 [ 137.971637] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 137.972109] iommufd_access_destroy+0x43/0x70 [ 137.972526] iommufd_test_staccess_release+0x8d/0xd0 [ 137.973000] __fput+0x26d/0xa40 [ 137.973287] ____fput+0x1e/0x30 [ 137.973564] task_work_run+0x1a4/0x2d0 [ 137.973891] ? __pfx_task_work_run+0x10/0x10 [ 137.974252] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 137.974797] ? switch_task_namespaces+0xa9/0xe0 [ 137.975198] do_exit+0xb17/0x2ef0 [ 137.975486] ? lock_acquire+0x427/0x4c0 [ 137.975820] ? __pfx_lock_release+0x10/0x10 [ 137.976178] ? __kasan_check_write+0x18/0x20 [ 137.976662] ? do_raw_spin_lock+0x132/0x2a0 [ 137.977015] ? __pfx_do_exit+0x10/0x10 [ 137.977339] ? debug_smp_processor_id+0x20/0x30 [ 137.977720] ? rcu_is_watching+0x19/0xb0 [ 137.978055] ? _raw_spin_unlock_irq+0x2b/0x60 [ 137.978547] ? trace_hardirqs_on+0x26/0x120 [ 137.978909] do_group_exit+0xe0/0x2b0 [ 137.979232] __x64_sys_exit_group+0x47/0x50 [ 137.979584] do_syscall_64+0x3b/0x90 [ 137.979898] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 137.980399] RIP: 0033:0x7f4b87518a4d [ 137.980753] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 137.981258] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 137.981869] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 137.982583] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 137.983169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 137.983738] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 137.984311] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 137.984889] [ 137.985079] irq event stamp: 0 [ 137.985334] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 137.985985] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 137.986691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 137.987379] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 137.987972] ---[ end trace 0000000000000000 ]--- [ 137.988769] ------------[ cut here ]------------ [ 137.989152] WARNING: CPU: 1 PID: 1283 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 137.990075] Modules linked in: [ 137.990348] CPU: 1 PID: 1283 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 137.991202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 137.992140] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 137.992675] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 137.994177] RSP: 0018:ffff8880188bfb78 EFLAGS: 00010246 [ 137.994694] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 137.995287] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 137.995861] RBP: ffff8880188bfb98 R08: ffffed10048ccf3e R09: ffffed10048ccf3e [ 137.996563] R10: ffff8880246679ef R11: ffffed10048ccf3d R12: ffff888024667a90 [ 137.997132] R13: ffff8880246678a8 R14: ffffffffffffffff R15: ffff8880188bfc60 [ 137.997703] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 137.998468] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.998958] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 137.999544] PKRU: 55555554 [ 137.999772] Call Trace: [ 137.999980] [ 138.000163] iommufd_ioas_destroy+0x53/0x70 [ 138.000592] iommufd_fops_release+0x1f7/0x370 [ 138.000989] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.001397] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.001797] ? write_comp_data+0x2f/0x90 [ 138.002133] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.002677] __fput+0x26d/0xa40 [ 138.002967] ____fput+0x1e/0x30 [ 138.003254] task_work_run+0x1a4/0x2d0 [ 138.003584] ? __pfx_task_work_run+0x10/0x10 [ 138.003952] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.004356] ? switch_task_namespaces+0xa9/0xe0 [ 138.004818] do_exit+0xb17/0x2ef0 [ 138.005163] ? lock_acquire+0x427/0x4c0 [ 138.005497] ? __pfx_lock_release+0x10/0x10 [ 138.005853] ? __kasan_check_write+0x18/0x20 [ 138.006218] ? do_raw_spin_lock+0x132/0x2a0 [ 138.006598] ? __pfx_do_exit+0x10/0x10 [ 138.007029] ? debug_smp_processor_id+0x20/0x30 [ 138.007419] ? rcu_is_watching+0x19/0xb0 [ 138.007756] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.008134] ? trace_hardirqs_on+0x26/0x120 [ 138.008496] do_group_exit+0xe0/0x2b0 [ 138.008813] __x64_sys_exit_group+0x47/0x50 [ 138.009270] do_syscall_64+0x3b/0x90 [ 138.009586] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.010012] RIP: 0033:0x7f4b87518a4d [ 138.010318] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.010837] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.011563] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.012148] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.012717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.013363] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.014001] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.014641] [ 138.014842] irq event stamp: 0 [ 138.015128] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.015753] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.016492] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.017207] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.017886] ---[ end trace 0000000000000000 ]--- [ 138.022540] ------------[ cut here ]------------ [ 138.023078] WARNING: CPU: 0 PID: 1284 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.023968] Modules linked in: [ 138.024268] CPU: 0 PID: 1284 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.025165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.026218] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.027023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.028775] RSP: 0018:ffff888016dffbb8 EFLAGS: 00010246 [ 138.029249] RAX: 0000000000000000 RBX: ffff88800cb900a8 RCX: 0000000000000000 [ 138.029858] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 138.030485] RBP: ffff888016dffbd0 R08: ffffed1001972033 R09: ffffed1001972033 [ 138.031145] R10: ffff88800cb90193 R11: ffffed1001972032 R12: ffff88800ae90800 [ 138.031761] R13: ffff88800cb901e8 R14: ffffffff8352e670 R15: ffff888016dffe68 [ 138.032387] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 138.033085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.033596] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ef0 [ 138.034216] PKRU: 55555554 [ 138.034481] Call Trace: [ 138.034730] [ 138.034934] __iommufd_access_detach+0x1c2/0x2b0 [ 138.035393] iommufd_access_change_pt+0x149/0x270 [ 138.035829] iommufd_access_replace+0xb4/0x120 [ 138.036236] iommufd_test+0x3e5/0x37e0 [ 138.036587] ? lock_release+0x532/0x770 [ 138.036941] ? __might_fault+0x102/0x1b0 [ 138.037302] ? lock_acquire+0x427/0x4c0 [ 138.037673] ? __pfx_iommufd_test+0x10/0x10 [ 138.038047] ? __pfx_lock_release+0x10/0x10 [ 138.038428] ? __pfx_lock_acquire+0x10/0x10 [ 138.038848] ? write_comp_data+0x2f/0x90 [ 138.039221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.039654] ? write_comp_data+0x2f/0x90 [ 138.040033] iommufd_fops_ioctl+0x37d/0x510 [ 138.040419] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.040858] ? write_comp_data+0x2f/0x90 [ 138.041222] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.041644] __x64_sys_ioctl+0x1a3/0x230 [ 138.042023] do_syscall_64+0x3b/0x90 [ 138.042359] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.042835] RIP: 0033:0x7f4b8743ee5d [ 138.043186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.044765] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.045444] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.046067] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.046718] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.047358] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.047978] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.048614] [ 138.048818] irq event stamp: 0 [ 138.049092] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.049650] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.050369] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.051129] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.051692] ---[ end trace 0000000000000000 ]--- [ 138.055331] ------------[ cut here ]------------ [ 138.055760] WARNING: CPU: 0 PID: 1284 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.056738] Modules linked in: [ 138.057164] CPU: 0 PID: 1284 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.057929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.059142] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.059599] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.061417] RSP: 0018:ffff888016dffbd0 EFLAGS: 00010246 [ 138.061892] RAX: 0000000000000000 RBX: ffff88800cb900a8 RCX: 0000000000000000 [ 138.062540] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 138.063402] RBP: ffff888016dffbe8 R08: ffffed1001972033 R09: ffffed1001972033 [ 138.064033] R10: ffff88800cb90193 R11: ffffed1001972032 R12: ffff888013b15400 [ 138.064647] R13: ffff88800cb901e8 R14: ffff888011f19d00 R15: 0000000000000000 [ 138.065525] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 138.066229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.066844] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 138.067616] PKRU: 55555554 [ 138.067870] Call Trace: [ 138.068094] [ 138.068292] iommufd_access_destroy_object+0x65/0x170 [ 138.068748] iommufd_object_destroy_user+0x18e/0x220 [ 138.069284] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.069912] iommufd_access_destroy+0x43/0x70 [ 138.070319] iommufd_test_staccess_release+0x8d/0xd0 [ 138.070791] __fput+0x26d/0xa40 [ 138.071178] ____fput+0x1e/0x30 [ 138.071598] task_work_run+0x1a4/0x2d0 [ 138.071947] ? __pfx_task_work_run+0x10/0x10 [ 138.072338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.072771] ? switch_task_namespaces+0xa9/0xe0 [ 138.073244] do_exit+0xb17/0x2ef0 [ 138.073688] ? lock_acquire+0x427/0x4c0 [ 138.074048] ? __pfx_lock_release+0x10/0x10 [ 138.074433] ? __kasan_check_write+0x18/0x20 [ 138.074843] ? do_raw_spin_lock+0x132/0x2a0 [ 138.075243] ? __pfx_do_exit+0x10/0x10 [ 138.075684] ? debug_smp_processor_id+0x20/0x30 [ 138.076228] ? rcu_is_watching+0x19/0xb0 [ 138.076586] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.076996] ? trace_hardirqs_on+0x26/0x120 [ 138.077458] do_group_exit+0xe0/0x2b0 [ 138.077926] __x64_sys_exit_group+0x47/0x50 [ 138.078305] do_syscall_64+0x3b/0x90 [ 138.078661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.079127] RIP: 0033:0x7f4b87518a4d [ 138.079458] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.080207] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.080870] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.081540] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.082297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.082962] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.083609] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.084451] [ 138.084667] irq event stamp: 0 [ 138.084963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.085516] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.086476] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.087262] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.087861] ---[ end trace 0000000000000000 ]--- [ 138.089207] ------------[ cut here ]------------ [ 138.089641] WARNING: CPU: 0 PID: 1284 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.090766] Modules linked in: [ 138.091049] CPU: 0 PID: 1284 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.091833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.092827] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.093275] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.094895] RSP: 0018:ffff888016dffb78 EFLAGS: 00010246 [ 138.095369] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.095994] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 138.096611] RBP: ffff888016dffb98 R08: ffffed100197203e R09: ffffed100197203e [ 138.097237] R10: ffff88800cb901ef R11: ffffed100197203d R12: ffff88800cb90290 [ 138.097862] R13: ffff88800cb900a8 R14: ffffffffffffffff R15: ffff888016dffc60 [ 138.098475] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 138.099215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.099726] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 138.100366] PKRU: 55555554 [ 138.100611] Call Trace: [ 138.100831] [ 138.101032] iommufd_ioas_destroy+0x53/0x70 [ 138.101427] iommufd_fops_release+0x1f7/0x370 [ 138.101840] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.102297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.102748] ? write_comp_data+0x2f/0x90 [ 138.103128] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.103587] __fput+0x26d/0xa40 [ 138.103892] ____fput+0x1e/0x30 [ 138.104204] task_work_run+0x1a4/0x2d0 [ 138.104566] ? __pfx_task_work_run+0x10/0x10 [ 138.104955] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.105388] ? switch_task_namespaces+0xa9/0xe0 [ 138.105820] do_exit+0xb17/0x2ef0 [ 138.106123] ? lock_acquire+0x427/0x4c0 [ 138.106488] ? __pfx_lock_release+0x10/0x10 [ 138.106906] ? __kasan_check_write+0x18/0x20 [ 138.107305] ? do_raw_spin_lock+0x132/0x2a0 [ 138.107696] ? __pfx_do_exit+0x10/0x10 [ 138.108050] ? debug_smp_processor_id+0x20/0x30 [ 138.108460] ? rcu_is_watching+0x19/0xb0 [ 138.108847] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.109255] ? trace_hardirqs_on+0x26/0x120 [ 138.109641] do_group_exit+0xe0/0x2b0 [ 138.109985] __x64_sys_exit_group+0x47/0x50 [ 138.110366] do_syscall_64+0x3b/0x90 [ 138.110720] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.111210] RIP: 0033:0x7f4b87518a4d [ 138.111537] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.112083] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.112739] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.113361] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.113943] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.114559] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.115158] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.115758] [ 138.115949] irq event stamp: 0 [ 138.116208] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.116734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.117428] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.118107] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.118652] ---[ end trace 0000000000000000 ]--- [ 138.123565] ------------[ cut here ]------------ [ 138.124019] WARNING: CPU: 1 PID: 1285 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.124862] Modules linked in: [ 138.125203] CPU: 1 PID: 1285 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.125980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.126995] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.127428] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.129074] RSP: 0018:ffff888018697bb8 EFLAGS: 00010246 [ 138.129554] RAX: 0000000000000000 RBX: ffff888017a910a8 RCX: 0000000000000000 [ 138.130216] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 138.130823] RBP: ffff888018697bd0 R08: ffffed1002f52233 R09: ffffed1002f52233 [ 138.131440] R10: ffff888017a91193 R11: ffffed1002f52232 R12: ffff888010c0a800 [ 138.132153] R13: ffff888017a911e8 R14: ffffffff8352e670 R15: ffff888018697e68 [ 138.132757] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.133447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.134052] CR2: 00007f4b877410e8 CR3: 0000000018302000 CR4: 0000000000750ee0 [ 138.134675] PKRU: 55555554 [ 138.134913] Call Trace: [ 138.135136] [ 138.135322] __iommufd_access_detach+0x1c2/0x2b0 [ 138.135735] iommufd_access_change_pt+0x149/0x270 [ 138.136216] iommufd_access_replace+0xb4/0x120 [ 138.136645] iommufd_test+0x3e5/0x37e0 [ 138.136964] ? lock_release+0x532/0x770 [ 138.137296] ? __might_fault+0x102/0x1b0 [ 138.137652] ? lock_acquire+0x427/0x4c0 [ 138.138097] ? __pfx_iommufd_test+0x10/0x10 [ 138.138451] ? __pfx_lock_release+0x10/0x10 [ 138.138850] ? __pfx_lock_acquire+0x10/0x10 [ 138.139224] ? write_comp_data+0x2f/0x90 [ 138.139564] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.139976] ? write_comp_data+0x2f/0x90 [ 138.140396] iommufd_fops_ioctl+0x37d/0x510 [ 138.140814] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.141228] ? write_comp_data+0x2f/0x90 [ 138.141566] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.141969] __x64_sys_ioctl+0x1a3/0x230 [ 138.142430] do_syscall_64+0x3b/0x90 [ 138.142775] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.143233] RIP: 0033:0x7f4b8743ee5d [ 138.143549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.145178] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.145787] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.146399] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.147101] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.147716] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.148308] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.149044] [ 138.149238] irq event stamp: 0 [ 138.149511] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.150027] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.150872] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.151569] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.152095] ---[ end trace 0000000000000000 ]--- [ 138.155230] ------------[ cut here ]------------ [ 138.155648] WARNING: CPU: 1 PID: 1285 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.156486] Modules linked in: [ 138.156826] CPU: 1 PID: 1285 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.157607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.158550] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.159060] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.160574] RSP: 0018:ffff888018697bd0 EFLAGS: 00010246 [ 138.161026] RAX: 0000000000000000 RBX: ffff888017a910a8 RCX: 0000000000000000 [ 138.161708] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 138.162277] RBP: ffff888018697be8 R08: ffffed1002f52233 R09: ffffed1002f52233 [ 138.162896] R10: ffff888017a91193 R11: ffffed1002f52232 R12: ffff888012b45800 [ 138.163624] R13: ffff888017a911e8 R14: ffff888021839700 R15: 0000000000000000 [ 138.164208] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.164873] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.165424] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.166056] PKRU: 55555554 [ 138.166286] Call Trace: [ 138.166496] [ 138.166713] iommufd_access_destroy_object+0x65/0x170 [ 138.167168] iommufd_object_destroy_user+0x18e/0x220 [ 138.167615] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.168191] iommufd_access_destroy+0x43/0x70 [ 138.168575] iommufd_test_staccess_release+0x8d/0xd0 [ 138.169015] __fput+0x26d/0xa40 [ 138.169318] ____fput+0x1e/0x30 [ 138.169640] task_work_run+0x1a4/0x2d0 [ 138.170099] ? __pfx_task_work_run+0x10/0x10 [ 138.170488] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.170932] ? switch_task_namespaces+0xa9/0xe0 [ 138.171366] do_exit+0xb17/0x2ef0 [ 138.171663] ? lock_acquire+0x427/0x4c0 [ 138.172047] ? __pfx_lock_release+0x10/0x10 [ 138.172527] ? __kasan_check_write+0x18/0x20 [ 138.172903] ? do_raw_spin_lock+0x132/0x2a0 [ 138.173277] ? __pfx_do_exit+0x10/0x10 [ 138.173637] ? debug_smp_processor_id+0x20/0x30 [ 138.174074] ? rcu_is_watching+0x19/0xb0 [ 138.174563] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.174956] ? trace_hardirqs_on+0x26/0x120 [ 138.175349] do_group_exit+0xe0/0x2b0 [ 138.175689] __x64_sys_exit_group+0x47/0x50 [ 138.176055] do_syscall_64+0x3b/0x90 [ 138.176424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.176962] RIP: 0033:0x7f4b87518a4d [ 138.177279] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.177806] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.178569] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.179263] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.179883] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.180484] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.181270] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.181901] [ 138.182122] irq event stamp: 0 [ 138.182401] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.183003] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.183843] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.184582] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.185138] ---[ end trace 0000000000000000 ]--- [ 138.185997] ------------[ cut here ]------------ [ 138.186435] WARNING: CPU: 1 PID: 1285 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.187364] Modules linked in: [ 138.187666] CPU: 1 PID: 1285 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.188577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.189551] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.190033] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.191788] RSP: 0018:ffff888018697b78 EFLAGS: 00010246 [ 138.192247] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.193027] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 138.193644] RBP: ffff888018697b98 R08: ffffed1002f5223e R09: ffffed1002f5223e [ 138.194262] R10: ffff888017a911ef R11: ffffed1002f5223d R12: ffff888017a91290 [ 138.195059] R13: ffff888017a910a8 R14: ffffffffffffffff R15: ffff888018697c60 [ 138.195699] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.196412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.196978] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.197704] PKRU: 55555554 [ 138.197952] Call Trace: [ 138.198175] [ 138.198385] iommufd_ioas_destroy+0x53/0x70 [ 138.198803] iommufd_fops_release+0x1f7/0x370 [ 138.199223] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.199816] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.200266] ? write_comp_data+0x2f/0x90 [ 138.200642] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.201074] __fput+0x26d/0xa40 [ 138.201376] ____fput+0x1e/0x30 [ 138.201681] task_work_run+0x1a4/0x2d0 [ 138.202023] ? __pfx_task_work_run+0x10/0x10 [ 138.202408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.202874] ? switch_task_namespaces+0xa9/0xe0 [ 138.203312] do_exit+0xb17/0x2ef0 [ 138.203617] ? lock_acquire+0x427/0x4c0 [ 138.203978] ? __pfx_lock_release+0x10/0x10 [ 138.204356] ? __kasan_check_write+0x18/0x20 [ 138.204746] ? do_raw_spin_lock+0x132/0x2a0 [ 138.205133] ? __pfx_do_exit+0x10/0x10 [ 138.205483] ? debug_smp_processor_id+0x20/0x30 [ 138.205908] ? rcu_is_watching+0x19/0xb0 [ 138.206262] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.206687] ? trace_hardirqs_on+0x26/0x120 [ 138.207089] do_group_exit+0xe0/0x2b0 [ 138.207437] __x64_sys_exit_group+0x47/0x50 [ 138.207805] do_syscall_64+0x3b/0x90 [ 138.208146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.208602] RIP: 0033:0x7f4b87518a4d [ 138.208922] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.209474] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.210130] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.210783] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.211413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.212019] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.212645] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.213258] [ 138.213466] irq event stamp: 0 [ 138.213742] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.214278] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.215027] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.215783] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.216344] ---[ end trace 0000000000000000 ]--- [ 138.220645] ------------[ cut here ]------------ [ 138.221104] WARNING: CPU: 1 PID: 1286 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.221992] Modules linked in: [ 138.222270] CPU: 1 PID: 1286 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.223068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.224053] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.224489] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.226044] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 138.226500] RAX: 0000000000000000 RBX: ffff888015d2a0a8 RCX: 0000000000000000 [ 138.227148] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 138.227760] RBP: ffff8880135e7bd0 R08: ffffed1002ba5433 R09: ffffed1002ba5433 [ 138.228356] R10: ffff888015d2a193 R11: ffffed1002ba5432 R12: ffff888010827400 [ 138.228985] R13: ffff888015d2a1e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 138.229597] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.230288] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.230799] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ee0 [ 138.231427] PKRU: 55555554 [ 138.231670] Call Trace: [ 138.231887] [ 138.232093] __iommufd_access_detach+0x1c2/0x2b0 [ 138.232510] iommufd_access_change_pt+0x149/0x270 [ 138.232912] iommufd_access_replace+0xb4/0x120 [ 138.233304] iommufd_test+0x3e5/0x37e0 [ 138.233622] ? lock_release+0x532/0x770 [ 138.233959] ? __might_fault+0x102/0x1b0 [ 138.234308] ? lock_acquire+0x427/0x4c0 [ 138.234661] ? __pfx_iommufd_test+0x10/0x10 [ 138.235019] ? __pfx_lock_release+0x10/0x10 [ 138.235412] ? __pfx_lock_acquire+0x10/0x10 [ 138.235775] ? write_comp_data+0x2f/0x90 [ 138.236127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.236554] ? write_comp_data+0x2f/0x90 [ 138.236891] iommufd_fops_ioctl+0x37d/0x510 [ 138.237256] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.237666] ? write_comp_data+0x2f/0x90 [ 138.238002] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.238399] __x64_sys_ioctl+0x1a3/0x230 [ 138.238775] do_syscall_64+0x3b/0x90 [ 138.239088] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.239540] RIP: 0033:0x7f4b8743ee5d [ 138.239853] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.241346] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.241978] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.242582] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.243186] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.243765] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.244341] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.244934] [ 138.245139] irq event stamp: 0 [ 138.245394] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.245918] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.246632] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.247385] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.247901] ---[ end trace 0000000000000000 ]--- [ 138.250698] ------------[ cut here ]------------ [ 138.251119] WARNING: CPU: 1 PID: 1286 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.251935] Modules linked in: [ 138.252193] CPU: 1 PID: 1286 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.252893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.253794] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.254192] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.255687] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 138.256116] RAX: 0000000000000000 RBX: ffff888015d2a0a8 RCX: 0000000000000000 [ 138.256684] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 138.257251] RBP: ffff8880135e7be8 R08: ffffed1002ba5433 R09: ffffed1002ba5433 [ 138.257818] R10: ffff888015d2a193 R11: ffffed1002ba5432 R12: ffff888010c0b000 [ 138.258387] R13: ffff888015d2a1e8 R14: ffff888012bf9300 R15: 0000000000000000 [ 138.258972] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.259632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.260101] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.260668] PKRU: 55555554 [ 138.260895] Call Trace: [ 138.261100] [ 138.261284] iommufd_access_destroy_object+0x65/0x170 [ 138.261703] iommufd_object_destroy_user+0x18e/0x220 [ 138.262116] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.262611] iommufd_access_destroy+0x43/0x70 [ 138.262984] iommufd_test_staccess_release+0x8d/0xd0 [ 138.263412] __fput+0x26d/0xa40 [ 138.263694] ____fput+0x1e/0x30 [ 138.263959] task_work_run+0x1a4/0x2d0 [ 138.264273] ? __pfx_task_work_run+0x10/0x10 [ 138.264624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.265011] ? switch_task_namespaces+0xa9/0xe0 [ 138.265383] do_exit+0xb17/0x2ef0 [ 138.265654] ? lock_acquire+0x427/0x4c0 [ 138.265972] ? __pfx_lock_release+0x10/0x10 [ 138.266314] ? __kasan_check_write+0x18/0x20 [ 138.266678] ? do_raw_spin_lock+0x132/0x2a0 [ 138.267020] ? __pfx_do_exit+0x10/0x10 [ 138.267344] ? debug_smp_processor_id+0x20/0x30 [ 138.267713] ? rcu_is_watching+0x19/0xb0 [ 138.268028] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.268381] ? trace_hardirqs_on+0x26/0x120 [ 138.268718] do_group_exit+0xe0/0x2b0 [ 138.269085] __x64_sys_exit_group+0x47/0x50 [ 138.269414] do_syscall_64+0x3b/0x90 [ 138.269709] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.270123] RIP: 0033:0x7f4b87518a4d [ 138.270409] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.270914] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.271502] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.272045] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.272587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.273130] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.273672] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.274219] [ 138.274397] irq event stamp: 0 [ 138.274655] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.275146] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.275782] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.276418] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.276899] ---[ end trace 0000000000000000 ]--- [ 138.277575] ------------[ cut here ]------------ [ 138.277935] WARNING: CPU: 1 PID: 1286 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.278734] Modules linked in: [ 138.278985] CPU: 1 PID: 1286 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.279665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.280521] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.280915] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.282304] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 138.282723] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.283271] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 138.283803] RBP: ffff8880135e7b98 R08: ffffed1002ba543e R09: ffffed1002ba543e [ 138.284330] R10: ffff888015d2a1ef R11: ffffed1002ba543d R12: ffff888015d2a290 [ 138.284856] R13: ffff888015d2a0a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 138.285383] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.285981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.286412] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.286962] PKRU: 55555554 [ 138.287186] Call Trace: [ 138.287379] [ 138.287551] iommufd_ioas_destroy+0x53/0x70 [ 138.287881] iommufd_fops_release+0x1f7/0x370 [ 138.288223] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.288598] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.288970] ? write_comp_data+0x2f/0x90 [ 138.289283] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.289658] __fput+0x26d/0xa40 [ 138.289919] ____fput+0x1e/0x30 [ 138.290178] task_work_run+0x1a4/0x2d0 [ 138.290477] ? __pfx_task_work_run+0x10/0x10 [ 138.290835] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.291211] ? switch_task_namespaces+0xa9/0xe0 [ 138.291565] do_exit+0xb17/0x2ef0 [ 138.291826] ? lock_acquire+0x427/0x4c0 [ 138.292134] ? __pfx_lock_release+0x10/0x10 [ 138.292462] ? __kasan_check_write+0x18/0x20 [ 138.292789] ? do_raw_spin_lock+0x132/0x2a0 [ 138.293115] ? __pfx_do_exit+0x10/0x10 [ 138.293413] ? debug_smp_processor_id+0x20/0x30 [ 138.293764] ? rcu_is_watching+0x19/0xb0 [ 138.294068] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.294411] ? trace_hardirqs_on+0x26/0x120 [ 138.294757] do_group_exit+0xe0/0x2b0 [ 138.295044] __x64_sys_exit_group+0x47/0x50 [ 138.295374] do_syscall_64+0x3b/0x90 [ 138.295667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.296061] RIP: 0033:0x7f4b87518a4d [ 138.296337] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.296791] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.297352] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.297879] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.298403] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.298937] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.299498] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.300042] [ 138.300215] irq event stamp: 0 [ 138.300448] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.300909] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.301605] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.302212] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.302690] ---[ end trace 0000000000000000 ]--- [ 138.306589] ------------[ cut here ]------------ [ 138.306974] WARNING: CPU: 1 PID: 1287 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.307731] Modules linked in: [ 138.307968] CPU: 1 PID: 1287 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.308598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.309412] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.309770] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.311282] RSP: 0018:ffff888021b6fbb8 EFLAGS: 00010246 [ 138.311667] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 138.312178] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 138.312688] RBP: ffff888021b6fbd0 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 138.313200] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff88801422ec00 [ 138.313710] R13: ffff888017a471e8 R14: ffffffff8352e670 R15: ffff888021b6fe68 [ 138.314220] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.314808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.315246] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 138.315759] PKRU: 55555554 [ 138.315960] Call Trace: [ 138.316142] [ 138.316303] __iommufd_access_detach+0x1c2/0x2b0 [ 138.316654] iommufd_access_change_pt+0x149/0x270 [ 138.317005] iommufd_access_replace+0xb4/0x120 [ 138.317339] iommufd_test+0x3e5/0x37e0 [ 138.317623] ? lock_release+0x532/0x770 [ 138.317920] ? __might_fault+0x102/0x1b0 [ 138.318221] ? lock_acquire+0x427/0x4c0 [ 138.318537] ? __pfx_iommufd_test+0x10/0x10 [ 138.318852] ? __pfx_lock_release+0x10/0x10 [ 138.319179] ? __pfx_lock_acquire+0x10/0x10 [ 138.319498] ? write_comp_data+0x2f/0x90 [ 138.319798] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.320149] ? write_comp_data+0x2f/0x90 [ 138.320448] iommufd_fops_ioctl+0x37d/0x510 [ 138.320761] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.321116] ? write_comp_data+0x2f/0x90 [ 138.321420] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.321768] __x64_sys_ioctl+0x1a3/0x230 [ 138.322069] do_syscall_64+0x3b/0x90 [ 138.322344] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.322733] RIP: 0033:0x7f4b8743ee5d [ 138.323000] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.324289] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.324832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.325337] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.325842] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.326354] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.326870] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.327387] [ 138.327555] irq event stamp: 0 [ 138.327782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.328227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.328820] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.329408] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.329853] ---[ end trace 0000000000000000 ]--- [ 138.332441] ------------[ cut here ]------------ [ 138.332783] WARNING: CPU: 1 PID: 1287 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.333561] Modules linked in: [ 138.333785] CPU: 1 PID: 1287 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.334393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.335388] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.335742] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.337015] RSP: 0018:ffff888021b6fbd0 EFLAGS: 00010246 [ 138.337393] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 138.337886] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 138.338377] RBP: ffff888021b6fbe8 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 138.338891] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff888010825400 [ 138.339405] R13: ffff888017a471e8 R14: ffff888016e15f00 R15: 0000000000000000 [ 138.339912] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.340479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.340884] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.341384] PKRU: 55555554 [ 138.341585] Call Trace: [ 138.341763] [ 138.341921] iommufd_access_destroy_object+0x65/0x170 [ 138.342280] iommufd_object_destroy_user+0x18e/0x220 [ 138.342654] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.343075] iommufd_access_destroy+0x43/0x70 [ 138.343401] iommufd_test_staccess_release+0x8d/0xd0 [ 138.343759] __fput+0x26d/0xa40 [ 138.344000] ____fput+0x1e/0x30 [ 138.344236] task_work_run+0x1a4/0x2d0 [ 138.344512] ? __pfx_task_work_run+0x10/0x10 [ 138.344821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.345162] ? switch_task_namespaces+0xa9/0xe0 [ 138.345494] do_exit+0xb17/0x2ef0 [ 138.345739] ? lock_acquire+0x427/0x4c0 [ 138.346026] ? __pfx_lock_release+0x10/0x10 [ 138.346336] ? __kasan_check_write+0x18/0x20 [ 138.346658] ? do_raw_spin_lock+0x132/0x2a0 [ 138.346957] ? __pfx_do_exit+0x10/0x10 [ 138.347252] ? debug_smp_processor_id+0x20/0x30 [ 138.347580] ? rcu_is_watching+0x19/0xb0 [ 138.347864] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.348184] ? trace_hardirqs_on+0x26/0x120 [ 138.348490] do_group_exit+0xe0/0x2b0 [ 138.348756] __x64_sys_exit_group+0x47/0x50 [ 138.349053] do_syscall_64+0x3b/0x90 [ 138.349320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.349685] RIP: 0033:0x7f4b87518a4d [ 138.349945] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.350375] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.350923] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.351418] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.351913] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.352413] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.352918] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.353431] [ 138.353597] irq event stamp: 0 [ 138.353819] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.354253] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.354868] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.355466] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.355912] ---[ end trace 0000000000000000 ]--- [ 138.356561] ------------[ cut here ]------------ [ 138.356890] WARNING: CPU: 1 PID: 1287 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.357604] Modules linked in: [ 138.357831] CPU: 1 PID: 1287 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.358447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.359273] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.359642] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.360915] RSP: 0018:ffff888021b6fb78 EFLAGS: 00010246 [ 138.361291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.361783] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 138.362270] RBP: ffff888021b6fb98 R08: ffffed1002f48e3e R09: ffffed1002f48e3e [ 138.362804] R10: ffff888017a471ef R11: ffffed1002f48e3d R12: ffff888017a47290 [ 138.363309] R13: ffff888017a470a8 R14: ffffffffffffffff R15: ffff888021b6fc60 [ 138.363804] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.364372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.364785] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.365343] PKRU: 55555554 [ 138.365546] Call Trace: [ 138.365731] [ 138.365895] iommufd_ioas_destroy+0x53/0x70 [ 138.366210] iommufd_fops_release+0x1f7/0x370 [ 138.366555] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.366914] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.367280] ? write_comp_data+0x2f/0x90 [ 138.367583] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.367944] __fput+0x26d/0xa40 [ 138.368192] ____fput+0x1e/0x30 [ 138.368435] task_work_run+0x1a4/0x2d0 [ 138.368745] ? __pfx_task_work_run+0x10/0x10 [ 138.369063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.369415] ? switch_task_namespaces+0xa9/0xe0 [ 138.369756] do_exit+0xb17/0x2ef0 [ 138.370004] ? lock_acquire+0x427/0x4c0 [ 138.370297] ? __pfx_lock_release+0x10/0x10 [ 138.370628] ? __kasan_check_write+0x18/0x20 [ 138.370947] ? do_raw_spin_lock+0x132/0x2a0 [ 138.371266] ? __pfx_do_exit+0x10/0x10 [ 138.371554] ? debug_smp_processor_id+0x20/0x30 [ 138.371892] ? rcu_is_watching+0x19/0xb0 [ 138.372185] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.372512] ? trace_hardirqs_on+0x26/0x120 [ 138.372827] do_group_exit+0xe0/0x2b0 [ 138.373101] __x64_sys_exit_group+0x47/0x50 [ 138.373409] do_syscall_64+0x3b/0x90 [ 138.373683] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.374057] RIP: 0033:0x7f4b87518a4d [ 138.374321] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.374772] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.375320] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.375826] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.376330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.376832] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.377336] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.377847] [ 138.378014] irq event stamp: 0 [ 138.378239] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.378704] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.379314] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.379908] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.380358] ---[ end trace 0000000000000000 ]--- [ 138.384961] ------------[ cut here ]------------ [ 138.385331] WARNING: CPU: 1 PID: 1288 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.386050] Modules linked in: [ 138.386278] CPU: 1 PID: 1288 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.386933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.387739] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.388091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.389372] RSP: 0018:ffff888020b0fbb8 EFLAGS: 00010246 [ 138.389749] RAX: 0000000000000000 RBX: ffff888023e6d0a8 RCX: 0000000000000000 [ 138.390249] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 138.390767] RBP: ffff888020b0fbd0 R08: ffffed10047cda33 R09: ffffed10047cda33 [ 138.391281] R10: ffff888023e6d193 R11: ffffed10047cda32 R12: ffff8880167ac800 [ 138.391785] R13: ffff888023e6d1e8 R14: ffffffff8352e670 R15: ffff888020b0fe68 [ 138.392289] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.392857] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.393264] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 138.393771] PKRU: 55555554 [ 138.393972] Call Trace: [ 138.394153] [ 138.394314] __iommufd_access_detach+0x1c2/0x2b0 [ 138.394680] iommufd_access_change_pt+0x149/0x270 [ 138.395033] iommufd_access_replace+0xb4/0x120 [ 138.395379] iommufd_test+0x3e5/0x37e0 [ 138.395658] ? lock_release+0x532/0x770 [ 138.395953] ? __might_fault+0x102/0x1b0 [ 138.396250] ? lock_acquire+0x427/0x4c0 [ 138.396544] ? __pfx_iommufd_test+0x10/0x10 [ 138.396851] ? __pfx_lock_release+0x10/0x10 [ 138.397238] ? __pfx_lock_acquire+0x10/0x10 [ 138.397555] ? write_comp_data+0x2f/0x90 [ 138.397855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.398207] ? write_comp_data+0x2f/0x90 [ 138.398522] iommufd_fops_ioctl+0x37d/0x510 [ 138.398836] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.399195] ? write_comp_data+0x2f/0x90 [ 138.399494] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.399841] __x64_sys_ioctl+0x1a3/0x230 [ 138.400141] do_syscall_64+0x3b/0x90 [ 138.400418] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.400793] RIP: 0033:0x7f4b8743ee5d [ 138.401058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.402347] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.402897] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.403408] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.403910] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.404411] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.404916] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.405430] [ 138.405600] irq event stamp: 0 [ 138.405826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.406272] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.406880] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.407486] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.407934] ---[ end trace 0000000000000000 ]--- [ 138.410535] ------------[ cut here ]------------ [ 138.410879] WARNING: CPU: 1 PID: 1288 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.411617] Modules linked in: [ 138.411848] CPU: 1 PID: 1288 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.412471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.413268] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.413625] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.414930] RSP: 0018:ffff888020b0fbd0 EFLAGS: 00010246 [ 138.415316] RAX: 0000000000000000 RBX: ffff888023e6d0a8 RCX: 0000000000000000 [ 138.415822] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 138.416324] RBP: ffff888020b0fbe8 R08: ffffed10047cda33 R09: ffffed10047cda33 [ 138.416829] R10: ffff888023e6d193 R11: ffffed10047cda32 R12: ffff88801422d400 [ 138.417331] R13: ffff888023e6d1e8 R14: ffff88800f084f00 R15: 0000000000000000 [ 138.417835] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.418406] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.418831] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.419349] PKRU: 55555554 [ 138.419551] Call Trace: [ 138.419735] [ 138.419896] iommufd_access_destroy_object+0x65/0x170 [ 138.420267] iommufd_object_destroy_user+0x18e/0x220 [ 138.420634] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.421052] iommufd_access_destroy+0x43/0x70 [ 138.421381] iommufd_test_staccess_release+0x8d/0xd0 [ 138.421749] __fput+0x26d/0xa40 [ 138.422057] ____fput+0x1e/0x30 [ 138.422304] task_work_run+0x1a4/0x2d0 [ 138.422606] ? __pfx_task_work_run+0x10/0x10 [ 138.422928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.423288] ? switch_task_namespaces+0xa9/0xe0 [ 138.423632] do_exit+0xb17/0x2ef0 [ 138.423884] ? lock_acquire+0x427/0x4c0 [ 138.424176] ? __pfx_lock_release+0x10/0x10 [ 138.424493] ? __kasan_check_write+0x18/0x20 [ 138.424891] ? do_raw_spin_lock+0x132/0x2a0 [ 138.425267] ? __pfx_do_exit+0x10/0x10 [ 138.425559] ? debug_smp_processor_id+0x20/0x30 [ 138.425897] ? rcu_is_watching+0x19/0xb0 [ 138.426192] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.426535] ? trace_hardirqs_on+0x26/0x120 [ 138.426848] do_group_exit+0xe0/0x2b0 [ 138.427133] __x64_sys_exit_group+0x47/0x50 [ 138.427444] do_syscall_64+0x3b/0x90 [ 138.427781] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.428230] RIP: 0033:0x7f4b87518a4d [ 138.428500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.428970] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.429517] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.430027] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.430569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.431168] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.431676] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.432187] [ 138.432356] irq event stamp: 0 [ 138.432581] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.433028] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.433626] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.434218] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.434749] ---[ end trace 0000000000000000 ]--- [ 138.435467] ------------[ cut here ]------------ [ 138.435806] WARNING: CPU: 1 PID: 1288 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.436540] Modules linked in: [ 138.436775] CPU: 1 PID: 1288 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.437407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.438355] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.438764] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.440092] RSP: 0018:ffff888020b0fb78 EFLAGS: 00010246 [ 138.440483] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.441001] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 138.441584] RBP: ffff888020b0fb98 R08: ffffed10047cda3e R09: ffffed10047cda3e [ 138.442168] R10: ffff888023e6d1ef R11: ffffed10047cda3d R12: ffff888023e6d290 [ 138.442709] R13: ffff888023e6d0a8 R14: ffffffffffffffff R15: ffff888020b0fc60 [ 138.443230] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.443818] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.444240] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.444817] PKRU: 55555554 [ 138.445083] Call Trace: [ 138.445277] [ 138.445444] iommufd_ioas_destroy+0x53/0x70 [ 138.445766] iommufd_fops_release+0x1f7/0x370 [ 138.446102] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.446470] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.446861] ? write_comp_data+0x2f/0x90 [ 138.447178] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.447550] __fput+0x26d/0xa40 [ 138.447805] ____fput+0x1e/0x30 [ 138.448054] task_work_run+0x1a4/0x2d0 [ 138.448391] ? __pfx_task_work_run+0x10/0x10 [ 138.448784] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.449147] ? switch_task_namespaces+0xa9/0xe0 [ 138.449498] do_exit+0xb17/0x2ef0 [ 138.449752] ? lock_acquire+0x427/0x4c0 [ 138.450056] ? __pfx_lock_release+0x10/0x10 [ 138.450378] ? __kasan_check_write+0x18/0x20 [ 138.450734] ? do_raw_spin_lock+0x132/0x2a0 [ 138.451053] ? __pfx_do_exit+0x10/0x10 [ 138.451372] ? debug_smp_processor_id+0x20/0x30 [ 138.451718] ? rcu_is_watching+0x19/0xb0 [ 138.452075] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.452537] ? trace_hardirqs_on+0x26/0x120 [ 138.452859] do_group_exit+0xe0/0x2b0 [ 138.453139] __x64_sys_exit_group+0x47/0x50 [ 138.453456] do_syscall_64+0x3b/0x90 [ 138.453736] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.454119] RIP: 0033:0x7f4b87518a4d [ 138.454389] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.454886] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.455517] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.456034] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.456550] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.457065] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.457579] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.458101] [ 138.458296] irq event stamp: 0 [ 138.458579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.459153] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.459756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.460356] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.460809] ---[ end trace 0000000000000000 ]--- [ 138.465396] ------------[ cut here ]------------ [ 138.465946] WARNING: CPU: 1 PID: 1289 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.466763] Modules linked in: [ 138.467000] CPU: 1 PID: 1289 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.467641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.468561] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.469256] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.470621] RSP: 0018:ffff888024627bb8 EFLAGS: 00010246 [ 138.471013] RAX: 0000000000000000 RBX: ffff88800b6ae0a8 RCX: 0000000000000000 [ 138.471594] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 138.472473] RBP: ffff888024627bd0 R08: ffffed10016d5c33 R09: ffffed10016d5c33 [ 138.473224] R10: ffff88800b6ae193 R11: ffffed10016d5c32 R12: ffff888014427c00 [ 138.474092] R13: ffff88800b6ae1e8 R14: ffffffff8352e670 R15: ffff888024627e68 [ 138.474881] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.475858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.476475] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 138.477337] PKRU: 55555554 [ 138.477645] Call Trace: [ 138.477924] [ 138.478174] __iommufd_access_detach+0x1c2/0x2b0 [ 138.478774] iommufd_access_change_pt+0x149/0x270 [ 138.479321] iommufd_access_replace+0xb4/0x120 [ 138.479848] iommufd_test+0x3e5/0x37e0 [ 138.480325] ? lock_release+0x532/0x770 [ 138.480847] ? __might_fault+0x102/0x1b0 [ 138.481313] ? lock_acquire+0x427/0x4c0 [ 138.481772] ? __pfx_iommufd_test+0x10/0x10 [ 138.482354] ? __pfx_lock_release+0x10/0x10 [ 138.482875] ? __pfx_lock_acquire+0x10/0x10 [ 138.483396] ? write_comp_data+0x2f/0x90 [ 138.483865] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.484453] ? write_comp_data+0x2f/0x90 [ 138.484995] iommufd_fops_ioctl+0x37d/0x510 [ 138.485489] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.486061] ? write_comp_data+0x2f/0x90 [ 138.486626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.487211] __x64_sys_ioctl+0x1a3/0x230 [ 138.487620] do_syscall_64+0x3b/0x90 [ 138.488004] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.488581] RIP: 0033:0x7f4b8743ee5d [ 138.488951] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.490902] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.491697] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.492501] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.493220] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.494044] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.494799] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.495609] [ 138.495907] irq event stamp: 0 [ 138.496212] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.496813] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.497752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.498629] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.499310] ---[ end trace 0000000000000000 ]--- [ 138.503739] ------------[ cut here ]------------ [ 138.504229] WARNING: CPU: 1 PID: 1289 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.505325] Modules linked in: [ 138.505628] CPU: 1 PID: 1289 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.506620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.507704] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.508220] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.510213] RSP: 0018:ffff888024627bd0 EFLAGS: 00010246 [ 138.510791] RAX: 0000000000000000 RBX: ffff88800b6ae0a8 RCX: 0000000000000000 [ 138.511514] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 138.512068] RBP: ffff888024627be8 R08: ffffed10016d5c33 R09: ffffed10016d5c33 [ 138.512681] R10: ffff88800b6ae193 R11: ffffed10016d5c32 R12: ffff8880167aec00 [ 138.513220] R13: ffff88800b6ae1e8 R14: ffff888012fbc300 R15: 0000000000000000 [ 138.513821] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.514552] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.515009] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.515594] PKRU: 55555554 [ 138.515865] Call Trace: [ 138.516178] [ 138.516371] iommufd_access_destroy_object+0x65/0x170 [ 138.516794] iommufd_object_destroy_user+0x18e/0x220 [ 138.517209] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.517706] iommufd_access_destroy+0x43/0x70 [ 138.518183] iommufd_test_staccess_release+0x8d/0xd0 [ 138.518628] __fput+0x26d/0xa40 [ 138.518915] ____fput+0x1e/0x30 [ 138.519204] task_work_run+0x1a4/0x2d0 [ 138.519526] ? __pfx_task_work_run+0x10/0x10 [ 138.519885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.520423] ? switch_task_namespaces+0xa9/0xe0 [ 138.520805] do_exit+0xb17/0x2ef0 [ 138.521083] ? lock_acquire+0x427/0x4c0 [ 138.521409] ? __pfx_lock_release+0x10/0x10 [ 138.521777] ? __kasan_check_write+0x18/0x20 [ 138.522213] ? do_raw_spin_lock+0x132/0x2a0 [ 138.522585] ? __pfx_do_exit+0x10/0x10 [ 138.522909] ? debug_smp_processor_id+0x20/0x30 [ 138.523301] ? rcu_is_watching+0x19/0xb0 [ 138.523632] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.524046] ? trace_hardirqs_on+0x26/0x120 [ 138.524493] do_group_exit+0xe0/0x2b0 [ 138.524817] __x64_sys_exit_group+0x47/0x50 [ 138.525177] do_syscall_64+0x3b/0x90 [ 138.525496] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.525953] RIP: 0033:0x7f4b87518a4d [ 138.526341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.526879] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.527523] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.528118] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.528832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.529432] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.530026] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.530757] [ 138.530955] irq event stamp: 0 [ 138.531240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.531764] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.532532] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.533299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.533831] ---[ end trace 0000000000000000 ]--- [ 138.534638] ------------[ cut here ]------------ [ 138.535040] WARNING: CPU: 1 PID: 1289 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.535898] Modules linked in: [ 138.536173] CPU: 1 PID: 1289 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.537007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.538000] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.538456] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.540217] RSP: 0018:ffff888024627b78 EFLAGS: 00010246 [ 138.540687] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.541444] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 138.542067] RBP: ffff888024627b98 R08: ffffed10016d5c3e R09: ffffed10016d5c3e [ 138.542710] R10: ffff88800b6ae1ef R11: ffffed10016d5c3d R12: ffff88800b6ae290 [ 138.543435] R13: ffff88800b6ae0a8 R14: ffffffffffffffff R15: ffff888024627c60 [ 138.544089] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.544793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.545382] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.546056] PKRU: 55555554 [ 138.546305] Call Trace: [ 138.546567] [ 138.546775] iommufd_ioas_destroy+0x53/0x70 [ 138.547180] iommufd_fops_release+0x1f7/0x370 [ 138.547668] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.548183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.548628] ? write_comp_data+0x2f/0x90 [ 138.549006] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.549472] __fput+0x26d/0xa40 [ 138.549872] ____fput+0x1e/0x30 [ 138.550188] task_work_run+0x1a4/0x2d0 [ 138.550593] ? __pfx_task_work_run+0x10/0x10 [ 138.551016] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.551492] ? switch_task_namespaces+0xa9/0xe0 [ 138.551993] do_exit+0xb17/0x2ef0 [ 138.552392] ? lock_acquire+0x427/0x4c0 [ 138.552785] ? __pfx_lock_release+0x10/0x10 [ 138.553205] ? __kasan_check_write+0x18/0x20 [ 138.553623] ? do_raw_spin_lock+0x132/0x2a0 [ 138.554028] ? __pfx_do_exit+0x10/0x10 [ 138.554574] ? debug_smp_processor_id+0x20/0x30 [ 138.555021] ? rcu_is_watching+0x19/0xb0 [ 138.555423] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.555861] ? trace_hardirqs_on+0x26/0x120 [ 138.556278] do_group_exit+0xe0/0x2b0 [ 138.556647] __x64_sys_exit_group+0x47/0x50 [ 138.557236] do_syscall_64+0x3b/0x90 [ 138.557608] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.558104] RIP: 0033:0x7f4b87518a4d [ 138.558467] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.559130] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.560002] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.560689] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.561366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.562225] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.562953] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.563662] [ 138.563892] irq event stamp: 0 [ 138.564198] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.565041] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.565905] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.566893] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.567630] ---[ end trace 0000000000000000 ]--- [ 138.572225] ------------[ cut here ]------------ [ 138.572874] WARNING: CPU: 1 PID: 1290 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.573904] Modules linked in: [ 138.574253] CPU: 1 PID: 1290 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.575367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.576532] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.577237] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.579221] RSP: 0018:ffff888020b0fbb8 EFLAGS: 00010246 [ 138.579850] RAX: 0000000000000000 RBX: ffff88800cb910a8 RCX: 0000000000000000 [ 138.580564] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 138.581292] RBP: ffff888020b0fbd0 R08: ffffed1001972233 R09: ffffed1001972233 [ 138.582225] R10: ffff88800cb91193 R11: ffffed1001972232 R12: ffff888010c0b800 [ 138.582978] R13: ffff88800cb911e8 R14: ffffffff8352e670 R15: ffff888020b0fe68 [ 138.583725] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.584748] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.585350] CR2: 00007f4b877410e8 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 138.586078] PKRU: 55555554 [ 138.586469] Call Trace: [ 138.586832] [ 138.587066] __iommufd_access_detach+0x1c2/0x2b0 [ 138.587594] iommufd_access_change_pt+0x149/0x270 [ 138.588114] iommufd_access_replace+0xb4/0x120 [ 138.588620] iommufd_test+0x3e5/0x37e0 [ 138.589154] ? lock_release+0x532/0x770 [ 138.589687] ? __might_fault+0x102/0x1b0 [ 138.590147] ? lock_acquire+0x427/0x4c0 [ 138.590635] ? __pfx_iommufd_test+0x10/0x10 [ 138.591120] ? __pfx_lock_release+0x10/0x10 [ 138.591595] ? __pfx_lock_acquire+0x10/0x10 [ 138.592198] ? write_comp_data+0x2f/0x90 [ 138.592703] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.593238] ? write_comp_data+0x2f/0x90 [ 138.593701] iommufd_fops_ioctl+0x37d/0x510 [ 138.594203] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.594961] ? write_comp_data+0x2f/0x90 [ 138.595436] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.595959] __x64_sys_ioctl+0x1a3/0x230 [ 138.596410] do_syscall_64+0x3b/0x90 [ 138.596844] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.597596] RIP: 0033:0x7f4b8743ee5d [ 138.598012] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.600278] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.601105] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.601886] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.602841] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.603620] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.604389] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.605372] [ 138.605629] irq event stamp: 0 [ 138.605962] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.606677] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.607697] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.608711] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.609372] ---[ end trace 0000000000000000 ]--- [ 138.613015] ------------[ cut here ]------------ [ 138.613579] WARNING: CPU: 1 PID: 1290 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.614678] Modules linked in: [ 138.615017] CPU: 1 PID: 1290 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.615951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.617137] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.617671] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.619662] RSP: 0018:ffff888020b0fbd0 EFLAGS: 00010246 [ 138.620254] RAX: 0000000000000000 RBX: ffff88800cb910a8 RCX: 0000000000000000 [ 138.621024] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 138.621785] RBP: ffff888020b0fbe8 R08: ffffed1001972233 R09: ffffed1001972233 [ 138.622588] R10: ffff88800cb91193 R11: ffffed1001972232 R12: ffff888014425400 [ 138.623369] R13: ffff88800cb911e8 R14: ffff888011f19e00 R15: 0000000000000000 [ 138.624124] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.624986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.625616] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 138.626360] PKRU: 55555554 [ 138.626691] Call Trace: [ 138.626961] [ 138.627216] iommufd_access_destroy_object+0x65/0x170 [ 138.627776] iommufd_object_destroy_user+0x18e/0x220 [ 138.628326] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.628967] iommufd_access_destroy+0x43/0x70 [ 138.629469] iommufd_test_staccess_release+0x8d/0xd0 [ 138.630037] __fput+0x26d/0xa40 [ 138.630429] ____fput+0x1e/0x30 [ 138.630864] task_work_run+0x1a4/0x2d0 [ 138.631334] ? __pfx_task_work_run+0x10/0x10 [ 138.631834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.632373] ? switch_task_namespaces+0xa9/0xe0 [ 138.632903] do_exit+0xb17/0x2ef0 [ 138.633296] ? lock_acquire+0x427/0x4c0 [ 138.633760] ? __pfx_lock_release+0x10/0x10 [ 138.634250] ? __kasan_check_write+0x18/0x20 [ 138.634786] ? do_raw_spin_lock+0x132/0x2a0 [ 138.635291] ? __pfx_do_exit+0x10/0x10 [ 138.635735] ? debug_smp_processor_id+0x20/0x30 [ 138.636261] ? rcu_is_watching+0x19/0xb0 [ 138.636727] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.637247] ? trace_hardirqs_on+0x26/0x120 [ 138.637749] do_group_exit+0xe0/0x2b0 [ 138.638170] __x64_sys_exit_group+0x47/0x50 [ 138.638685] do_syscall_64+0x3b/0x90 [ 138.639110] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.639705] RIP: 0033:0x7f4b87518a4d [ 138.640111] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.640779] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.641610] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.642375] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.643216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.643996] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.644779] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.645564] [ 138.645817] irq event stamp: 0 [ 138.646155] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.646893] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.647835] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.648731] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.649417] ---[ end trace 0000000000000000 ]--- [ 138.650356] ------------[ cut here ]------------ [ 138.650928] WARNING: CPU: 1 PID: 1290 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.652033] Modules linked in: [ 138.652387] CPU: 1 PID: 1290 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.653315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.654557] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.655131] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.657076] RSP: 0018:ffff888020b0fb78 EFLAGS: 00010246 [ 138.657655] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.658413] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 138.659219] RBP: ffff888020b0fb98 R08: ffffed100197223e R09: ffffed100197223e [ 138.659989] R10: ffff88800cb911ef R11: ffffed100197223d R12: ffff88800cb91290 [ 138.660744] R13: ffff88800cb910a8 R14: ffffffffffffffff R15: ffff888020b0fc60 [ 138.661497] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.662356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.663012] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 138.663788] PKRU: 55555554 [ 138.664092] Call Trace: [ 138.664369] [ 138.664619] iommufd_ioas_destroy+0x53/0x70 [ 138.665096] iommufd_fops_release+0x1f7/0x370 [ 138.665590] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.666147] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.666723] ? write_comp_data+0x2f/0x90 [ 138.667200] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.667741] __fput+0x26d/0xa40 [ 138.668109] ____fput+0x1e/0x30 [ 138.668469] task_work_run+0x1a4/0x2d0 [ 138.668896] ? __pfx_task_work_run+0x10/0x10 [ 138.669371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.669900] ? switch_task_namespaces+0xa9/0xe0 [ 138.670414] do_exit+0xb17/0x2ef0 [ 138.670823] ? lock_acquire+0x427/0x4c0 [ 138.671282] ? __pfx_lock_release+0x10/0x10 [ 138.671755] ? __kasan_check_write+0x18/0x20 [ 138.672234] ? do_raw_spin_lock+0x132/0x2a0 [ 138.672700] ? __pfx_do_exit+0x10/0x10 [ 138.673138] ? debug_smp_processor_id+0x20/0x30 [ 138.673648] ? rcu_is_watching+0x19/0xb0 [ 138.674086] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.674615] ? trace_hardirqs_on+0x26/0x120 [ 138.675097] do_group_exit+0xe0/0x2b0 [ 138.675529] __x64_sys_exit_group+0x47/0x50 [ 138.676002] do_syscall_64+0x3b/0x90 [ 138.676422] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.676985] RIP: 0033:0x7f4b87518a4d [ 138.677388] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.678045] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.678893] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.679674] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.680430] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.681189] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.681945] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.682747] [ 138.683001] irq event stamp: 0 [ 138.683356] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.684028] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.684917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.685807] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.686485] ---[ end trace 0000000000000000 ]--- [ 138.691894] ------------[ cut here ]------------ [ 138.692552] WARNING: CPU: 1 PID: 1291 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.693970] Modules linked in: [ 138.694312] CPU: 1 PID: 1291 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.695373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.696574] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.697118] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.699553] RSP: 0018:ffff888015ee7bb8 EFLAGS: 00010246 [ 138.700141] RAX: 0000000000000000 RBX: ffff88801587f8a8 RCX: 0000000000000000 [ 138.700900] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 138.701670] RBP: ffff888015ee7bd0 R08: ffffed1002b0ff33 R09: ffffed1002b0ff33 [ 138.702543] R10: ffff88801587f993 R11: ffffed1002b0ff32 R12: ffff888014582400 [ 138.703691] R13: ffff88801587f9e8 R14: ffffffff8352e670 R15: ffff888015ee7e68 [ 138.704466] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.705324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.705945] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 138.706750] PKRU: 55555554 [ 138.707059] Call Trace: [ 138.707460] [ 138.707852] __iommufd_access_detach+0x1c2/0x2b0 [ 138.708404] iommufd_access_change_pt+0x149/0x270 [ 138.708946] iommufd_access_replace+0xb4/0x120 [ 138.709462] iommufd_test+0x3e5/0x37e0 [ 138.709884] ? lock_release+0x532/0x770 [ 138.710330] ? __might_fault+0x102/0x1b0 [ 138.710831] ? lock_acquire+0x427/0x4c0 [ 138.711293] ? __pfx_iommufd_test+0x10/0x10 [ 138.711935] ? __pfx_lock_release+0x10/0x10 [ 138.712566] ? __pfx_lock_acquire+0x10/0x10 [ 138.713051] ? write_comp_data+0x2f/0x90 [ 138.713507] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.714042] ? write_comp_data+0x2f/0x90 [ 138.714491] iommufd_fops_ioctl+0x37d/0x510 [ 138.715002] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.715556] ? write_comp_data+0x2f/0x90 [ 138.716018] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.716549] __x64_sys_ioctl+0x1a3/0x230 [ 138.717009] do_syscall_64+0x3b/0x90 [ 138.717433] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.718008] RIP: 0033:0x7f4b8743ee5d [ 138.718429] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.720871] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.721713] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.722468] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.723277] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.724036] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.724939] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.725870] [ 138.726124] irq event stamp: 0 [ 138.726460] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.727180] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.728069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.728958] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.729807] ---[ end trace 0000000000000000 ]--- [ 138.733441] ------------[ cut here ]------------ [ 138.734096] WARNING: CPU: 1 PID: 1291 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.735474] Modules linked in: [ 138.735822] CPU: 1 PID: 1291 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.736730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.737908] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.738439] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.740818] RSP: 0018:ffff888015ee7bd0 EFLAGS: 00010246 [ 138.741382] RAX: 0000000000000000 RBX: ffff88801587f8a8 RCX: 0000000000000000 [ 138.742136] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 138.742927] RBP: ffff888015ee7be8 R08: ffffed1002b0ff33 R09: ffffed1002b0ff33 [ 138.743701] R10: ffff88801587f993 R11: ffffed1002b0ff32 R12: ffff888010c08400 [ 138.744457] R13: ffff88801587f9e8 R14: ffff88800f5b5d00 R15: 0000000000000000 [ 138.745395] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.746356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.747021] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 138.747803] PKRU: 55555554 [ 138.748112] Call Trace: [ 138.748386] [ 138.748631] iommufd_access_destroy_object+0x65/0x170 [ 138.749186] iommufd_object_destroy_user+0x18e/0x220 [ 138.749739] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.750704] iommufd_access_destroy+0x43/0x70 [ 138.751373] iommufd_test_staccess_release+0x8d/0xd0 [ 138.751934] __fput+0x26d/0xa40 [ 138.752305] ____fput+0x1e/0x30 [ 138.752668] task_work_run+0x1a4/0x2d0 [ 138.753100] ? __pfx_task_work_run+0x10/0x10 [ 138.753576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.754101] ? switch_task_namespaces+0xa9/0xe0 [ 138.754767] do_exit+0xb17/0x2ef0 [ 138.755329] ? lock_acquire+0x427/0x4c0 [ 138.755768] ? __pfx_lock_release+0x10/0x10 [ 138.756228] ? __kasan_check_write+0x18/0x20 [ 138.756706] ? do_raw_spin_lock+0x132/0x2a0 [ 138.757165] ? __pfx_do_exit+0x10/0x10 [ 138.757584] ? debug_smp_processor_id+0x20/0x30 [ 138.758091] ? rcu_is_watching+0x19/0xb0 [ 138.758601] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.759307] ? trace_hardirqs_on+0x26/0x120 [ 138.759878] do_group_exit+0xe0/0x2b0 [ 138.760289] __x64_sys_exit_group+0x47/0x50 [ 138.760762] do_syscall_64+0x3b/0x90 [ 138.761175] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.761736] RIP: 0033:0x7f4b87518a4d [ 138.762132] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.762826] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.763837] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.764811] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.765552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.766279] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.767043] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.767810] [ 138.768131] irq event stamp: 0 [ 138.768568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.769435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.770323] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.771233] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.771904] ---[ end trace 0000000000000000 ]--- [ 138.774370] ------------[ cut here ]------------ [ 138.774950] WARNING: CPU: 1 PID: 1291 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.776058] Modules linked in: [ 138.776506] CPU: 1 PID: 1291 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.777764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.779005] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.779579] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.781647] RSP: 0018:ffff888015ee7b78 EFLAGS: 00010246 [ 138.782373] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.783357] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 138.784102] RBP: ffff888015ee7b98 R08: ffffed1002b0ff3e R09: ffffed1002b0ff3e [ 138.784841] R10: ffff88801587f9ef R11: ffffed1002b0ff3d R12: ffff88801587fa90 [ 138.785574] R13: ffff88801587f8a8 R14: ffffffffffffffff R15: ffff888015ee7c60 [ 138.786437] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.787650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.788263] CR2: 00007f82e2b37010 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 138.789007] PKRU: 55555554 [ 138.789308] Call Trace: [ 138.789578] [ 138.789817] iommufd_ioas_destroy+0x53/0x70 [ 138.790278] iommufd_fops_release+0x1f7/0x370 [ 138.790831] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.791588] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.792119] ? write_comp_data+0x2f/0x90 [ 138.792554] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.793087] __fput+0x26d/0xa40 [ 138.793455] ____fput+0x1e/0x30 [ 138.793810] task_work_run+0x1a4/0x2d0 [ 138.794226] ? __pfx_task_work_run+0x10/0x10 [ 138.794781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.795561] ? switch_task_namespaces+0xa9/0xe0 [ 138.796077] do_exit+0xb17/0x2ef0 [ 138.796447] ? lock_acquire+0x427/0x4c0 [ 138.796878] ? __pfx_lock_release+0x10/0x10 [ 138.797336] ? __kasan_check_write+0x18/0x20 [ 138.797796] ? do_raw_spin_lock+0x132/0x2a0 [ 138.798244] ? __pfx_do_exit+0x10/0x10 [ 138.798699] ? debug_smp_processor_id+0x20/0x30 [ 138.799200] ? rcu_is_watching+0x19/0xb0 [ 138.799625] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.800104] ? trace_hardirqs_on+0x26/0x120 [ 138.800568] do_group_exit+0xe0/0x2b0 [ 138.800966] __x64_sys_exit_group+0x47/0x50 [ 138.801510] do_syscall_64+0x3b/0x90 [ 138.802066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.802847] RIP: 0033:0x7f4b87518a4d [ 138.803255] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.803892] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.804680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.805423] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.806155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.806949] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.807760] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.808802] [ 138.809057] irq event stamp: 0 [ 138.809392] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.810057] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.810969] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.811849] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.812505] ---[ end trace 0000000000000000 ]--- [ 138.820447] ------------[ cut here ]------------ [ 138.821116] WARNING: CPU: 0 PID: 1292 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.822862] Modules linked in: [ 138.823359] CPU: 0 PID: 1292 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.824509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.825987] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.826752] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.829184] RSP: 0018:ffff888020b0fbb8 EFLAGS: 00010246 [ 138.829914] RAX: 0000000000000000 RBX: ffff888015d4d0a8 RCX: 0000000000000000 [ 138.830932] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 138.831942] RBP: ffff888020b0fbd0 R08: ffffed1002ba9a33 R09: ffffed1002ba9a33 [ 138.832900] R10: ffff888015d4d193 R11: ffffed1002ba9a32 R12: ffff8880129c5800 [ 138.833846] R13: ffff888015d4d1e8 R14: ffffffff8352e670 R15: ffff888020b0fe68 [ 138.834835] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 138.835942] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.836733] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 138.837695] PKRU: 55555554 [ 138.838090] Call Trace: [ 138.838441] [ 138.838812] __iommufd_access_detach+0x1c2/0x2b0 [ 138.839525] iommufd_access_change_pt+0x149/0x270 [ 138.840202] iommufd_access_replace+0xb4/0x120 [ 138.840830] iommufd_test+0x3e5/0x37e0 [ 138.841363] ? lock_release+0x532/0x770 [ 138.841929] ? __might_fault+0x102/0x1b0 [ 138.842499] ? lock_acquire+0x427/0x4c0 [ 138.843247] ? __pfx_iommufd_test+0x10/0x10 [ 138.843769] ? __pfx_lock_release+0x10/0x10 [ 138.844246] ? __pfx_lock_acquire+0x10/0x10 [ 138.844724] ? write_comp_data+0x2f/0x90 [ 138.845240] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.845766] ? write_comp_data+0x2f/0x90 [ 138.846217] iommufd_fops_ioctl+0x37d/0x510 [ 138.846745] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.847309] ? write_comp_data+0x2f/0x90 [ 138.847767] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.848303] __x64_sys_ioctl+0x1a3/0x230 [ 138.848769] do_syscall_64+0x3b/0x90 [ 138.849186] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.849762] RIP: 0033:0x7f4b8743ee5d [ 138.850174] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.852215] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.853053] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.853808] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.854592] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.855393] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.856176] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.856963] [ 138.857221] irq event stamp: 0 [ 138.857562] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.858251] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.859216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.860138] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.860823] ---[ end trace 0000000000000000 ]--- [ 138.864160] ------------[ cut here ]------------ [ 138.864720] WARNING: CPU: 0 PID: 1292 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.865806] Modules linked in: [ 138.866149] CPU: 0 PID: 1292 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.867411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.868639] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.869181] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.871169] RSP: 0018:ffff888020b0fbd0 EFLAGS: 00010246 [ 138.871770] RAX: 0000000000000000 RBX: ffff888015d4d0a8 RCX: 0000000000000000 [ 138.872534] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 138.873302] RBP: ffff888020b0fbe8 R08: ffffed1002ba9a33 R09: ffffed1002ba9a33 [ 138.874076] R10: ffff888015d4d193 R11: ffffed1002ba9a32 R12: ffff88800ae92800 [ 138.874882] R13: ffff888015d4d1e8 R14: ffff888013d1d300 R15: 0000000000000000 [ 138.875679] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 138.876550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.877258] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 138.878030] PKRU: 55555554 [ 138.878339] Call Trace: [ 138.878653] [ 138.878906] iommufd_access_destroy_object+0x65/0x170 [ 138.879493] iommufd_object_destroy_user+0x18e/0x220 [ 138.880046] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.880684] iommufd_access_destroy+0x43/0x70 [ 138.881182] iommufd_test_staccess_release+0x8d/0xd0 [ 138.881739] __fput+0x26d/0xa40 [ 138.882113] ____fput+0x1e/0x30 [ 138.882479] task_work_run+0x1a4/0x2d0 [ 138.882947] ? __pfx_task_work_run+0x10/0x10 [ 138.883457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.883995] ? switch_task_namespaces+0xa9/0xe0 [ 138.884522] do_exit+0xb17/0x2ef0 [ 138.884903] ? lock_acquire+0x427/0x4c0 [ 138.885350] ? __pfx_lock_release+0x10/0x10 [ 138.885831] ? __kasan_check_write+0x18/0x20 [ 138.886321] ? do_raw_spin_lock+0x132/0x2a0 [ 138.886826] ? __pfx_do_exit+0x10/0x10 [ 138.887283] ? debug_smp_processor_id+0x20/0x30 [ 138.887803] ? rcu_is_watching+0x19/0xb0 [ 138.888253] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.888750] ? trace_hardirqs_on+0x26/0x120 [ 138.889231] do_group_exit+0xe0/0x2b0 [ 138.889644] __x64_sys_exit_group+0x47/0x50 [ 138.890114] do_syscall_64+0x3b/0x90 [ 138.890557] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.891158] RIP: 0033:0x7f4b87518a4d [ 138.891568] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.892230] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.893057] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.893830] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.894646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.895437] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.896222] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.897004] [ 138.897256] irq event stamp: 0 [ 138.897594] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.898282] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.899366] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.900275] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.900963] ---[ end trace 0000000000000000 ]--- [ 138.901941] ------------[ cut here ]------------ [ 138.902465] WARNING: CPU: 0 PID: 1292 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 138.903680] Modules linked in: [ 138.904040] CPU: 0 PID: 1292 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.904998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.906204] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 138.906784] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 138.908763] RSP: 0018:ffff888020b0fb78 EFLAGS: 00010246 [ 138.909432] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 138.910195] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 138.910997] RBP: ffff888020b0fb98 R08: ffffed1002ba9a3e R09: ffffed1002ba9a3e [ 138.911784] R10: ffff888015d4d1ef R11: ffffed1002ba9a3d R12: ffff888015d4d290 [ 138.912560] R13: ffff888015d4d0a8 R14: ffffffffffffffff R15: ffff888020b0fc60 [ 138.913332] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 138.914200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.914851] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 138.915638] PKRU: 55555554 [ 138.915948] Call Trace: [ 138.916229] [ 138.916473] iommufd_ioas_destroy+0x53/0x70 [ 138.916948] iommufd_fops_release+0x1f7/0x370 [ 138.917442] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.917993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.918564] ? write_comp_data+0x2f/0x90 [ 138.919016] ? __pfx_iommufd_fops_release+0x10/0x10 [ 138.919571] __fput+0x26d/0xa40 [ 138.919942] ____fput+0x1e/0x30 [ 138.920302] task_work_run+0x1a4/0x2d0 [ 138.920732] ? __pfx_task_work_run+0x10/0x10 [ 138.921210] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.921740] ? switch_task_namespaces+0xa9/0xe0 [ 138.922249] do_exit+0xb17/0x2ef0 [ 138.922648] ? lock_acquire+0x427/0x4c0 [ 138.923094] ? __pfx_lock_release+0x10/0x10 [ 138.923602] ? __kasan_check_write+0x18/0x20 [ 138.924083] ? do_raw_spin_lock+0x132/0x2a0 [ 138.924549] ? __pfx_do_exit+0x10/0x10 [ 138.924986] ? debug_smp_processor_id+0x20/0x30 [ 138.925502] ? rcu_is_watching+0x19/0xb0 [ 138.925944] ? _raw_spin_unlock_irq+0x2b/0x60 [ 138.926446] ? trace_hardirqs_on+0x26/0x120 [ 138.926951] do_group_exit+0xe0/0x2b0 [ 138.927410] __x64_sys_exit_group+0x47/0x50 [ 138.927880] do_syscall_64+0x3b/0x90 [ 138.928292] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.928862] RIP: 0033:0x7f4b87518a4d [ 138.929265] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 138.929932] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 138.930786] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 138.931603] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 138.932378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 138.933140] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 138.933902] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 138.934701] [ 138.934961] irq event stamp: 0 [ 138.935316] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.935993] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.936890] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.937770] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.938439] ---[ end trace 0000000000000000 ]--- [ 138.943179] ------------[ cut here ]------------ [ 138.943790] WARNING: CPU: 1 PID: 1293 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.944727] Modules linked in: [ 138.945029] CPU: 1 PID: 1293 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.945935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.947155] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.947621] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.949478] RSP: 0018:ffff888024667bb8 EFLAGS: 00010246 [ 138.949975] RAX: 0000000000000000 RBX: ffff8880120b00a8 RCX: 0000000000000000 [ 138.950659] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 138.951330] RBP: ffff888024667bd0 R08: ffffed1002416033 R09: ffffed1002416033 [ 138.952180] R10: ffff8880120b0193 R11: ffffed1002416032 R12: ffff8880184ec400 [ 138.952841] R13: ffff8880120b01e8 R14: ffffffff8352e670 R15: ffff888024667e68 [ 138.953497] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.954296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.954956] CR2: 00007f4b877410e8 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 138.955641] PKRU: 55555554 [ 138.955907] Call Trace: [ 138.956146] [ 138.956363] __iommufd_access_detach+0x1c2/0x2b0 [ 138.956828] iommufd_access_change_pt+0x149/0x270 [ 138.957374] iommufd_access_replace+0xb4/0x120 [ 138.957915] iommufd_test+0x3e5/0x37e0 [ 138.958285] ? lock_release+0x532/0x770 [ 138.958692] ? __might_fault+0x102/0x1b0 [ 138.959086] ? lock_acquire+0x427/0x4c0 [ 138.959493] ? __pfx_iommufd_test+0x10/0x10 [ 138.959972] ? __pfx_lock_release+0x10/0x10 [ 138.960494] ? __pfx_lock_acquire+0x10/0x10 [ 138.960912] ? write_comp_data+0x2f/0x90 [ 138.961307] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 138.961768] ? write_comp_data+0x2f/0x90 [ 138.962163] iommufd_fops_ioctl+0x37d/0x510 [ 138.962694] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.963268] ? write_comp_data+0x2f/0x90 [ 138.963696] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 138.964188] __x64_sys_ioctl+0x1a3/0x230 [ 138.964611] do_syscall_64+0x3b/0x90 [ 138.965001] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 138.965728] RIP: 0033:0x7f4b8743ee5d [ 138.966116] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 138.968010] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 138.969010] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 138.969738] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 138.970490] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 138.971319] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 138.972211] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 138.972953] [ 138.973200] irq event stamp: 0 [ 138.973520] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 138.974169] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 138.975244] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 138.976091] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 138.976734] ---[ end trace 0000000000000000 ]--- [ 138.982221] ------------[ cut here ]------------ [ 138.982832] WARNING: CPU: 1 PID: 1293 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 138.983937] Modules linked in: [ 138.984422] CPU: 1 PID: 1293 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 138.985321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 138.986500] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 138.987128] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 138.989120] RSP: 0018:ffff888024667bd0 EFLAGS: 00010246 [ 138.989686] RAX: 0000000000000000 RBX: ffff8880120b00a8 RCX: 0000000000000000 [ 138.990573] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 138.991464] RBP: ffff888024667be8 R08: ffffed1002416033 R09: ffffed1002416033 [ 138.992204] R10: ffff8880120b0193 R11: ffffed1002416032 R12: ffff888014580800 [ 138.992940] R13: ffff8880120b01e8 R14: ffff888013447500 R15: 0000000000000000 [ 138.993674] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 138.994767] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.995595] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 138.996351] PKRU: 55555554 [ 138.996652] Call Trace: [ 138.996916] [ 138.997151] iommufd_access_destroy_object+0x65/0x170 [ 138.997697] iommufd_object_destroy_user+0x18e/0x220 [ 138.998235] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 138.998965] iommufd_access_destroy+0x43/0x70 [ 138.999675] iommufd_test_staccess_release+0x8d/0xd0 [ 139.000221] __fput+0x26d/0xa40 [ 139.000588] ____fput+0x1e/0x30 [ 139.000953] task_work_run+0x1a4/0x2d0 [ 139.001372] ? __pfx_task_work_run+0x10/0x10 [ 139.001837] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.002349] ? switch_task_namespaces+0xa9/0xe0 [ 139.002878] do_exit+0xb17/0x2ef0 [ 139.003378] ? lock_acquire+0x427/0x4c0 [ 139.004002] ? __pfx_lock_release+0x10/0x10 [ 139.004469] ? __kasan_check_write+0x18/0x20 [ 139.004936] ? do_raw_spin_lock+0x132/0x2a0 [ 139.005394] ? __pfx_do_exit+0x10/0x10 [ 139.005818] ? debug_smp_processor_id+0x20/0x30 [ 139.006310] ? rcu_is_watching+0x19/0xb0 [ 139.006782] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.007290] ? trace_hardirqs_on+0x26/0x120 [ 139.007913] do_group_exit+0xe0/0x2b0 [ 139.008512] __x64_sys_exit_group+0x47/0x50 [ 139.008974] do_syscall_64+0x3b/0x90 [ 139.009382] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.009934] RIP: 0033:0x7f4b87518a4d [ 139.010333] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.011007] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.011815] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.012557] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.013303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.014058] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.014847] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.015827] [ 139.016191] irq event stamp: 0 [ 139.016553] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.017216] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.018090] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.019009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.019707] ---[ end trace 0000000000000000 ]--- [ 139.020767] ------------[ cut here ]------------ [ 139.021297] WARNING: CPU: 1 PID: 1293 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.022839] Modules linked in: [ 139.023199] CPU: 1 PID: 1293 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.024108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.025276] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.025814] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.028196] RSP: 0018:ffff888024667b78 EFLAGS: 00010246 [ 139.028760] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.029508] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 139.030252] RBP: ffff888024667b98 R08: ffffed100241603e R09: ffffed100241603e [ 139.031041] R10: ffff8880120b01ef R11: ffffed100241603d R12: ffff8880120b0290 [ 139.031809] R13: ffff8880120b00a8 R14: ffffffffffffffff R15: ffff888024667c60 [ 139.032690] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.033871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.034471] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 139.035272] PKRU: 55555554 [ 139.035573] Call Trace: [ 139.035842] [ 139.036079] iommufd_ioas_destroy+0x53/0x70 [ 139.036548] iommufd_fops_release+0x1f7/0x370 [ 139.037040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.037573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.038138] ? write_comp_data+0x2f/0x90 [ 139.038759] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.039504] __fput+0x26d/0xa40 [ 139.039878] ____fput+0x1e/0x30 [ 139.040243] task_work_run+0x1a4/0x2d0 [ 139.040659] ? __pfx_task_work_run+0x10/0x10 [ 139.041133] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.041659] ? switch_task_namespaces+0xa9/0xe0 [ 139.042165] do_exit+0xb17/0x2ef0 [ 139.042589] ? lock_acquire+0x427/0x4c0 [ 139.043024] ? __pfx_lock_release+0x10/0x10 [ 139.043507] ? __kasan_check_write+0x18/0x20 [ 139.043977] ? do_raw_spin_lock+0x132/0x2a0 [ 139.044458] ? __pfx_do_exit+0x10/0x10 [ 139.045010] ? debug_smp_processor_id+0x20/0x30 [ 139.045727] ? rcu_is_watching+0x19/0xb0 [ 139.046169] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.046702] ? trace_hardirqs_on+0x26/0x120 [ 139.047182] do_group_exit+0xe0/0x2b0 [ 139.047601] __x64_sys_exit_group+0x47/0x50 [ 139.048053] do_syscall_64+0x3b/0x90 [ 139.048461] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.049024] RIP: 0033:0x7f4b87518a4d [ 139.049417] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.050156] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.051366] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.052129] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.052862] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.053598] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.054333] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.055143] [ 139.055465] irq event stamp: 0 [ 139.055942] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.056746] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.057625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.058501] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.059237] ---[ end trace 0000000000000000 ]--- [ 139.064585] ------------[ cut here ]------------ [ 139.065310] WARNING: CPU: 1 PID: 1294 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.066753] Modules linked in: [ 139.067091] CPU: 1 PID: 1294 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.068009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.069170] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.069689] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.072232] RSP: 0018:ffff888016447bb8 EFLAGS: 00010246 [ 139.072794] RAX: 0000000000000000 RBX: ffff8880145df8a8 RCX: 0000000000000000 [ 139.073530] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 139.074269] RBP: ffff888016447bd0 R08: ffffed10028bbf33 R09: ffffed10028bbf33 [ 139.075032] R10: ffff8880145df993 R11: ffffed10028bbf32 R12: ffff888014426800 [ 139.075782] R13: ffff8880145df9e8 R14: ffffffff8352e670 R15: ffff888016447e68 [ 139.076572] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.077750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.078403] CR2: 00007f4b877410e8 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 139.079202] PKRU: 55555554 [ 139.079502] Call Trace: [ 139.079768] [ 139.080001] __iommufd_access_detach+0x1c2/0x2b0 [ 139.080513] iommufd_access_change_pt+0x149/0x270 [ 139.081028] iommufd_access_replace+0xb4/0x120 [ 139.081525] iommufd_test+0x3e5/0x37e0 [ 139.081975] ? lock_release+0x532/0x770 [ 139.082564] ? __might_fault+0x102/0x1b0 [ 139.083208] ? lock_acquire+0x427/0x4c0 [ 139.083642] ? __pfx_iommufd_test+0x10/0x10 [ 139.084084] ? __pfx_lock_release+0x10/0x10 [ 139.084544] ? __pfx_lock_acquire+0x10/0x10 [ 139.085010] ? write_comp_data+0x2f/0x90 [ 139.085442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.085956] ? write_comp_data+0x2f/0x90 [ 139.086389] iommufd_fops_ioctl+0x37d/0x510 [ 139.086899] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.087429] ? write_comp_data+0x2f/0x90 [ 139.087870] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.088474] __x64_sys_ioctl+0x1a3/0x230 [ 139.089118] do_syscall_64+0x3b/0x90 [ 139.089540] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.090089] RIP: 0033:0x7f4b8743ee5d [ 139.090477] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.092375] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.093425] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.094369] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.095153] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.095899] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.096640] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.097397] [ 139.097643] irq event stamp: 0 [ 139.097969] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.098886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.099917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.100790] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.101452] ---[ end trace 0000000000000000 ]--- [ 139.105216] ------------[ cut here ]------------ [ 139.105766] WARNING: CPU: 1 PID: 1294 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.106860] Modules linked in: [ 139.107229] CPU: 1 PID: 1294 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.108128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.109297] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.109815] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.111766] RSP: 0018:ffff888016447bd0 EFLAGS: 00010246 [ 139.112332] RAX: 0000000000000000 RBX: ffff8880145df8a8 RCX: 0000000000000000 [ 139.113074] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 139.113823] RBP: ffff888016447be8 R08: ffffed10028bbf33 R09: ffffed10028bbf33 [ 139.114605] R10: ffff8880145df993 R11: ffffed10028bbf32 R12: ffff8880184ec000 [ 139.115366] R13: ffff8880145df9e8 R14: ffff8880209a4e00 R15: 0000000000000000 [ 139.116098] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.116926] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.117522] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 139.118256] PKRU: 55555554 [ 139.118591] Call Trace: [ 139.118863] [ 139.119107] iommufd_access_destroy_object+0x65/0x170 [ 139.119675] iommufd_object_destroy_user+0x18e/0x220 [ 139.120214] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.120826] iommufd_access_destroy+0x43/0x70 [ 139.121303] iommufd_test_staccess_release+0x8d/0xd0 [ 139.121847] __fput+0x26d/0xa40 [ 139.122214] ____fput+0x1e/0x30 [ 139.122615] task_work_run+0x1a4/0x2d0 [ 139.123040] ? __pfx_task_work_run+0x10/0x10 [ 139.123534] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.124057] ? switch_task_namespaces+0xa9/0xe0 [ 139.124575] do_exit+0xb17/0x2ef0 [ 139.124939] ? lock_acquire+0x427/0x4c0 [ 139.125358] ? __pfx_lock_release+0x10/0x10 [ 139.125828] ? __kasan_check_write+0x18/0x20 [ 139.126299] ? do_raw_spin_lock+0x132/0x2a0 [ 139.126781] ? __pfx_do_exit+0x10/0x10 [ 139.127209] ? debug_smp_processor_id+0x20/0x30 [ 139.127709] ? rcu_is_watching+0x19/0xb0 [ 139.128135] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.128611] ? trace_hardirqs_on+0x26/0x120 [ 139.129068] do_group_exit+0xe0/0x2b0 [ 139.129472] __x64_sys_exit_group+0x47/0x50 [ 139.129929] do_syscall_64+0x3b/0x90 [ 139.130337] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.130927] RIP: 0033:0x7f4b87518a4d [ 139.131343] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.131992] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.132786] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.133514] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.134248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.135020] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.135784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.136542] [ 139.136795] irq event stamp: 0 [ 139.137129] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.137791] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.138699] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.139600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.140249] ---[ end trace 0000000000000000 ]--- [ 139.141146] ------------[ cut here ]------------ [ 139.141621] WARNING: CPU: 1 PID: 1294 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.142741] Modules linked in: [ 139.143086] CPU: 1 PID: 1294 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.144012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.145168] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.145698] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.147649] RSP: 0018:ffff888016447b78 EFLAGS: 00010246 [ 139.148200] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.148934] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 139.149678] RBP: ffff888016447b98 R08: ffffed10028bbf3e R09: ffffed10028bbf3e [ 139.150418] R10: ffff8880145df9ef R11: ffffed10028bbf3d R12: ffff8880145dfa90 [ 139.151202] R13: ffff8880145df8a8 R14: ffffffffffffffff R15: ffff888016447c60 [ 139.151949] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.152777] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.153381] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 139.154108] PKRU: 55555554 [ 139.154391] Call Trace: [ 139.154678] [ 139.154908] iommufd_ioas_destroy+0x53/0x70 [ 139.155370] iommufd_fops_release+0x1f7/0x370 [ 139.155832] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.156338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.156835] ? write_comp_data+0x2f/0x90 [ 139.157252] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.157754] __fput+0x26d/0xa40 [ 139.158101] ____fput+0x1e/0x30 [ 139.158439] task_work_run+0x1a4/0x2d0 [ 139.158883] ? __pfx_task_work_run+0x10/0x10 [ 139.159350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.159847] ? switch_task_namespaces+0xa9/0xe0 [ 139.160331] do_exit+0xb17/0x2ef0 [ 139.160682] ? lock_acquire+0x427/0x4c0 [ 139.161094] ? __pfx_lock_release+0x10/0x10 [ 139.161532] ? __kasan_check_write+0x18/0x20 [ 139.161977] ? do_raw_spin_lock+0x132/0x2a0 [ 139.162413] ? __pfx_do_exit+0x10/0x10 [ 139.162840] ? debug_smp_processor_id+0x20/0x30 [ 139.163328] ? rcu_is_watching+0x19/0xb0 [ 139.163743] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.164204] ? trace_hardirqs_on+0x26/0x120 [ 139.164642] do_group_exit+0xe0/0x2b0 [ 139.165022] __x64_sys_exit_group+0x47/0x50 [ 139.165455] do_syscall_64+0x3b/0x90 [ 139.165835] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.166363] RIP: 0033:0x7f4b87518a4d [ 139.166766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.167410] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.168174] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.168917] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.169626] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.170336] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.171075] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.171811] [ 139.172045] irq event stamp: 0 [ 139.172361] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.172987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.173823] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.174675] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.175319] ---[ end trace 0000000000000000 ]--- [ 139.179965] ------------[ cut here ]------------ [ 139.180449] WARNING: CPU: 1 PID: 1295 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.181382] Modules linked in: [ 139.181677] CPU: 1 PID: 1295 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.182477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.183764] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.184235] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.185912] RSP: 0018:ffff888016e4fbb8 EFLAGS: 00010246 [ 139.186404] RAX: 0000000000000000 RBX: ffff88800e9cd0a8 RCX: 0000000000000000 [ 139.187082] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 139.187752] RBP: ffff888016e4fbd0 R08: ffffed1001d39a33 R09: ffffed1001d39a33 [ 139.188407] R10: ffff88800e9cd193 R11: ffffed1001d39a32 R12: ffff888013784400 [ 139.189062] R13: ffff88800e9cd1e8 R14: ffffffff8352e670 R15: ffff888016e4fe68 [ 139.189716] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.190460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.191014] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 139.191690] PKRU: 55555554 [ 139.191954] Call Trace: [ 139.192192] [ 139.192405] __iommufd_access_detach+0x1c2/0x2b0 [ 139.192858] iommufd_access_change_pt+0x149/0x270 [ 139.193322] iommufd_access_replace+0xb4/0x120 [ 139.193760] iommufd_test+0x3e5/0x37e0 [ 139.194126] ? lock_release+0x532/0x770 [ 139.194531] ? __might_fault+0x102/0x1b0 [ 139.194915] ? lock_acquire+0x427/0x4c0 [ 139.195307] ? __pfx_iommufd_test+0x10/0x10 [ 139.195710] ? __pfx_lock_release+0x10/0x10 [ 139.196119] ? __pfx_lock_acquire+0x10/0x10 [ 139.196529] ? write_comp_data+0x2f/0x90 [ 139.196919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.197378] ? write_comp_data+0x2f/0x90 [ 139.197771] iommufd_fops_ioctl+0x37d/0x510 [ 139.198184] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.198673] ? write_comp_data+0x2f/0x90 [ 139.199065] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.199530] __x64_sys_ioctl+0x1a3/0x230 [ 139.199919] do_syscall_64+0x3b/0x90 [ 139.200282] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.200773] RIP: 0033:0x7f4b8743ee5d [ 139.201117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.202825] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.203547] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.204206] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.204863] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.205519] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.206175] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.206871] [ 139.207098] irq event stamp: 0 [ 139.207406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.207993] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.208767] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.209536] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.210117] ---[ end trace 0000000000000000 ]--- [ 139.213235] ------------[ cut here ]------------ [ 139.213708] WARNING: CPU: 1 PID: 1295 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.214685] Modules linked in: [ 139.214988] CPU: 1 PID: 1295 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.215809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.216849] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.217319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.219048] RSP: 0018:ffff888016e4fbd0 EFLAGS: 00010246 [ 139.219556] RAX: 0000000000000000 RBX: ffff88800e9cd0a8 RCX: 0000000000000000 [ 139.220208] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 139.220855] RBP: ffff888016e4fbe8 R08: ffffed1001d39a33 R09: ffffed1001d39a33 [ 139.221506] R10: ffff88800e9cd193 R11: ffffed1001d39a32 R12: ffff888014427c00 [ 139.222156] R13: ffff88800e9cd1e8 R14: ffff888013797b00 R15: 0000000000000000 [ 139.222833] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.223578] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.224103] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 139.224752] PKRU: 55555554 [ 139.225013] Call Trace: [ 139.225248] [ 139.225454] iommufd_access_destroy_object+0x65/0x170 [ 139.225933] iommufd_object_destroy_user+0x18e/0x220 [ 139.226404] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.226968] iommufd_access_destroy+0x43/0x70 [ 139.227406] iommufd_test_staccess_release+0x8d/0xd0 [ 139.227885] __fput+0x26d/0xa40 [ 139.228206] ____fput+0x1e/0x30 [ 139.228521] task_work_run+0x1a4/0x2d0 [ 139.228893] ? __pfx_task_work_run+0x10/0x10 [ 139.229307] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.230116] ? switch_task_namespaces+0xa9/0xe0 [ 139.230846] do_exit+0xb17/0x2ef0 [ 139.231205] ? lock_acquire+0x427/0x4c0 [ 139.231581] ? __pfx_lock_release+0x10/0x10 [ 139.231984] ? __kasan_check_write+0x18/0x20 [ 139.232404] ? do_raw_spin_lock+0x132/0x2a0 [ 139.232800] ? __pfx_do_exit+0x10/0x10 [ 139.233166] ? debug_smp_processor_id+0x20/0x30 [ 139.233665] ? rcu_is_watching+0x19/0xb0 [ 139.234446] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.234925] ? trace_hardirqs_on+0x26/0x120 [ 139.235362] do_group_exit+0xe0/0x2b0 [ 139.235717] __x64_sys_exit_group+0x47/0x50 [ 139.236113] do_syscall_64+0x3b/0x90 [ 139.236468] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.236951] RIP: 0033:0x7f4b87518a4d [ 139.237296] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.237862] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.238743] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.239527] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.240190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.240845] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.241497] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.242162] [ 139.242384] irq event stamp: 0 [ 139.242739] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.243548] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.244325] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.245085] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.245655] ---[ end trace 0000000000000000 ]--- [ 139.246440] ------------[ cut here ]------------ [ 139.246909] WARNING: CPU: 1 PID: 1295 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.248128] Modules linked in: [ 139.248421] CPU: 1 PID: 1295 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.249213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.250233] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.250728] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.252679] RSP: 0018:ffff888016e4fb78 EFLAGS: 00010246 [ 139.253271] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.253914] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 139.254583] RBP: ffff888016e4fb98 R08: ffffed1001d39a3e R09: ffffed1001d39a3e [ 139.255243] R10: ffff88800e9cd1ef R11: ffffed1001d39a3d R12: ffff88800e9cd290 [ 139.255887] R13: ffff88800e9cd0a8 R14: ffffffffffffffff R15: ffff888016e4fc60 [ 139.256598] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.257530] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.258063] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 139.258738] PKRU: 55555554 [ 139.258998] Call Trace: [ 139.259243] [ 139.259456] iommufd_ioas_destroy+0x53/0x70 [ 139.259859] iommufd_fops_release+0x1f7/0x370 [ 139.260276] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.260738] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.261327] ? write_comp_data+0x2f/0x90 [ 139.261857] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.262317] __fput+0x26d/0xa40 [ 139.262660] ____fput+0x1e/0x30 [ 139.262970] task_work_run+0x1a4/0x2d0 [ 139.263357] ? __pfx_task_work_run+0x10/0x10 [ 139.263766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.264216] ? switch_task_namespaces+0xa9/0xe0 [ 139.264652] do_exit+0xb17/0x2ef0 [ 139.264973] ? lock_acquire+0x427/0x4c0 [ 139.265348] ? __pfx_lock_release+0x10/0x10 [ 139.265874] ? __kasan_check_write+0x18/0x20 [ 139.266439] ? do_raw_spin_lock+0x132/0x2a0 [ 139.266870] ? __pfx_do_exit+0x10/0x10 [ 139.267259] ? debug_smp_processor_id+0x20/0x30 [ 139.267692] ? rcu_is_watching+0x19/0xb0 [ 139.268065] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.268484] ? trace_hardirqs_on+0x26/0x120 [ 139.268864] do_group_exit+0xe0/0x2b0 [ 139.269193] __x64_sys_exit_group+0x47/0x50 [ 139.269564] do_syscall_64+0x3b/0x90 [ 139.269899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.270398] RIP: 0033:0x7f4b87518a4d [ 139.270860] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.271396] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.272049] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.272657] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.273264] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.273870] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.274531] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.275288] [ 139.275493] irq event stamp: 0 [ 139.275766] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.276306] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.277019] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.277733] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.278409] ---[ end trace 0000000000000000 ]--- [ 139.288469] ------------[ cut here ]------------ [ 139.289066] WARNING: CPU: 0 PID: 1296 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.290397] Modules linked in: [ 139.290831] CPU: 0 PID: 1296 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.291961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.292873] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.293272] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.294917] RSP: 0018:ffff8880245a7bb8 EFLAGS: 00010246 [ 139.295364] RAX: 0000000000000000 RBX: ffff8880135ef8a8 RCX: 0000000000000000 [ 139.295941] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 139.296518] RBP: ffff8880245a7bd0 R08: ffffed10026bdf33 R09: ffffed10026bdf33 [ 139.297093] R10: ffff8880135ef993 R11: ffffed10026bdf32 R12: ffff888014761000 [ 139.297669] R13: ffff8880135ef9e8 R14: ffffffff8352e670 R15: ffff8880245a7e68 [ 139.298244] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.298910] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.299411] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 139.299990] PKRU: 55555554 [ 139.300220] Call Trace: [ 139.300432] [ 139.300620] __iommufd_access_detach+0x1c2/0x2b0 [ 139.301024] iommufd_access_change_pt+0x149/0x270 [ 139.301446] iommufd_access_replace+0xb4/0x120 [ 139.301829] iommufd_test+0x3e5/0x37e0 [ 139.302154] ? lock_release+0x532/0x770 [ 139.302487] ? __might_fault+0x102/0x1b0 [ 139.302846] ? lock_acquire+0x427/0x4c0 [ 139.303194] ? __pfx_iommufd_test+0x10/0x10 [ 139.303547] ? __pfx_lock_release+0x10/0x10 [ 139.303905] ? __pfx_lock_acquire+0x10/0x10 [ 139.304269] ? write_comp_data+0x2f/0x90 [ 139.304615] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.305018] ? write_comp_data+0x2f/0x90 [ 139.305359] iommufd_fops_ioctl+0x37d/0x510 [ 139.305720] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.306120] ? write_comp_data+0x2f/0x90 [ 139.306463] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.306874] __x64_sys_ioctl+0x1a3/0x230 [ 139.307229] do_syscall_64+0x3b/0x90 [ 139.307546] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.307981] RIP: 0033:0x7f4b8743ee5d [ 139.308284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.309757] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.310370] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.310962] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.311549] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.312124] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.312708] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.313295] [ 139.313486] irq event stamp: 0 [ 139.313741] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.314253] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.314949] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.315639] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.316147] ---[ end trace 0000000000000000 ]--- [ 139.319273] ------------[ cut here ]------------ [ 139.319672] WARNING: CPU: 0 PID: 1296 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.320489] Modules linked in: [ 139.320776] CPU: 0 PID: 1296 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.321662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.322668] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.323262] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.324739] RSP: 0018:ffff8880245a7bd0 EFLAGS: 00010246 [ 139.325172] RAX: 0000000000000000 RBX: ffff8880135ef8a8 RCX: 0000000000000000 [ 139.325751] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 139.326327] RBP: ffff8880245a7be8 R08: ffffed10026bdf33 R09: ffffed10026bdf33 [ 139.326931] R10: ffff8880135ef993 R11: ffffed10026bdf32 R12: ffff8880129c7c00 [ 139.327532] R13: ffff8880135ef9e8 R14: ffff88800f084700 R15: 0000000000000000 [ 139.328111] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.328759] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.329234] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.329815] PKRU: 55555554 [ 139.330047] Call Trace: [ 139.330256] [ 139.330443] iommufd_access_destroy_object+0x65/0x170 [ 139.330894] iommufd_object_destroy_user+0x18e/0x220 [ 139.331336] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.331821] iommufd_access_destroy+0x43/0x70 [ 139.332206] iommufd_test_staccess_release+0x8d/0xd0 [ 139.332634] __fput+0x26d/0xa40 [ 139.332916] ____fput+0x1e/0x30 [ 139.333190] task_work_run+0x1a4/0x2d0 [ 139.333511] ? __pfx_task_work_run+0x10/0x10 [ 139.333866] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.334258] ? switch_task_namespaces+0xa9/0xe0 [ 139.334657] do_exit+0xb17/0x2ef0 [ 139.334939] ? lock_acquire+0x427/0x4c0 [ 139.335279] ? __pfx_lock_release+0x10/0x10 [ 139.335629] ? __kasan_check_write+0x18/0x20 [ 139.335985] ? do_raw_spin_lock+0x132/0x2a0 [ 139.336328] ? __pfx_do_exit+0x10/0x10 [ 139.336645] ? debug_smp_processor_id+0x20/0x30 [ 139.337021] ? rcu_is_watching+0x19/0xb0 [ 139.337354] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.337718] ? trace_hardirqs_on+0x26/0x120 [ 139.338066] do_group_exit+0xe0/0x2b0 [ 139.338373] __x64_sys_exit_group+0x47/0x50 [ 139.338729] do_syscall_64+0x3b/0x90 [ 139.339031] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.339453] RIP: 0033:0x7f4b87518a4d [ 139.339742] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.340218] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.340808] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.341362] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.341921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.342475] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.343044] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.343616] [ 139.343802] irq event stamp: 0 [ 139.344048] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.344537] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.345190] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.345837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.346327] ---[ end trace 0000000000000000 ]--- [ 139.347398] ------------[ cut here ]------------ [ 139.348042] WARNING: CPU: 0 PID: 1296 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.348841] Modules linked in: [ 139.349090] CPU: 0 PID: 1296 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.350173] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.351159] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.351978] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.353476] RSP: 0018:ffff8880245a7b78 EFLAGS: 00010246 [ 139.354006] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.354583] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 139.355157] RBP: ffff8880245a7b98 R08: ffffed10026bdf3e R09: ffffed10026bdf3e [ 139.355877] R10: ffff8880135ef9ef R11: ffffed10026bdf3d R12: ffff8880135efa90 [ 139.356428] R13: ffff8880135ef8a8 R14: ffffffffffffffff R15: ffff8880245a7c60 [ 139.356982] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.357772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.358225] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.358797] PKRU: 55555554 [ 139.359021] Call Trace: [ 139.359227] [ 139.359456] iommufd_ioas_destroy+0x53/0x70 [ 139.359896] iommufd_fops_release+0x1f7/0x370 [ 139.360255] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.360647] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.361034] ? write_comp_data+0x2f/0x90 [ 139.361517] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.361909] __fput+0x26d/0xa40 [ 139.362180] ____fput+0x1e/0x30 [ 139.362445] task_work_run+0x1a4/0x2d0 [ 139.362774] ? __pfx_task_work_run+0x10/0x10 [ 139.363135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.363583] ? switch_task_namespaces+0xa9/0xe0 [ 139.364058] do_exit+0xb17/0x2ef0 [ 139.364335] ? lock_acquire+0x427/0x4c0 [ 139.364651] ? __pfx_lock_release+0x10/0x10 [ 139.364992] ? __kasan_check_write+0x18/0x20 [ 139.365411] ? do_raw_spin_lock+0x132/0x2a0 [ 139.365837] ? __pfx_do_exit+0x10/0x10 [ 139.366148] ? debug_smp_processor_id+0x20/0x30 [ 139.366529] ? rcu_is_watching+0x19/0xb0 [ 139.366849] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.367216] ? trace_hardirqs_on+0x26/0x120 [ 139.367703] do_group_exit+0xe0/0x2b0 [ 139.368003] __x64_sys_exit_group+0x47/0x50 [ 139.368343] do_syscall_64+0x3b/0x90 [ 139.368642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.369083] RIP: 0033:0x7f4b87518a4d [ 139.369486] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.369960] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.370563] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.371155] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.371831] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.372384] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.372988] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.373648] [ 139.373834] irq event stamp: 0 [ 139.374079] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.374585] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.375400] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.376045] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.376529] ---[ end trace 0000000000000000 ]--- [ 139.380388] ------------[ cut here ]------------ [ 139.380874] WARNING: CPU: 0 PID: 1297 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.381669] Modules linked in: [ 139.381948] CPU: 0 PID: 1297 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.382759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.383642] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.384028] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.385433] RSP: 0018:ffff8880158bfbb8 EFLAGS: 00010246 [ 139.385848] RAX: 0000000000000000 RBX: ffff888011d9b0a8 RCX: 0000000000000000 [ 139.386394] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 139.386971] RBP: ffff8880158bfbd0 R08: ffffed10023b3633 R09: ffffed10023b3633 [ 139.387532] R10: ffff888011d9b193 R11: ffffed10023b3632 R12: ffff888013b14c00 [ 139.388080] R13: ffff888011d9b1e8 R14: ffffffff8352e670 R15: ffff8880158bfe68 [ 139.388630] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.389248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.389700] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 139.390249] PKRU: 55555554 [ 139.390473] Call Trace: [ 139.390688] [ 139.390868] __iommufd_access_detach+0x1c2/0x2b0 [ 139.391264] iommufd_access_change_pt+0x149/0x270 [ 139.391650] iommufd_access_replace+0xb4/0x120 [ 139.392016] iommufd_test+0x3e5/0x37e0 [ 139.392320] ? lock_release+0x532/0x770 [ 139.392641] ? __might_fault+0x102/0x1b0 [ 139.392963] ? lock_acquire+0x427/0x4c0 [ 139.393283] ? __pfx_iommufd_test+0x10/0x10 [ 139.393616] ? __pfx_lock_release+0x10/0x10 [ 139.393957] ? __pfx_lock_acquire+0x10/0x10 [ 139.394301] ? write_comp_data+0x2f/0x90 [ 139.394644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.395028] ? write_comp_data+0x2f/0x90 [ 139.395366] iommufd_fops_ioctl+0x37d/0x510 [ 139.395705] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.396085] ? write_comp_data+0x2f/0x90 [ 139.396418] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.396798] __x64_sys_ioctl+0x1a3/0x230 [ 139.397124] do_syscall_64+0x3b/0x90 [ 139.397423] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.397832] RIP: 0033:0x7f4b8743ee5d [ 139.398119] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.399552] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.400276] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.400832] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.401393] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.401939] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.402495] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.403144] [ 139.403342] irq event stamp: 0 [ 139.403588] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.404074] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.404728] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.405371] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.405863] ---[ end trace 0000000000000000 ]--- [ 139.409030] ------------[ cut here ]------------ [ 139.409621] WARNING: CPU: 0 PID: 1297 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.410538] Modules linked in: [ 139.410857] CPU: 0 PID: 1297 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.411764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.412794] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.413337] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.415105] RSP: 0018:ffff8880158bfbd0 EFLAGS: 00010246 [ 139.415589] RAX: 0000000000000000 RBX: ffff888011d9b0a8 RCX: 0000000000000000 [ 139.416258] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 139.416987] RBP: ffff8880158bfbe8 R08: ffffed10023b3633 R09: ffffed10023b3633 [ 139.417611] R10: ffff888011d9b193 R11: ffffed10023b3632 R12: ffff888014760400 [ 139.418392] R13: ffff888011d9b1e8 R14: ffff8880143be100 R15: 0000000000000000 [ 139.419027] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.419790] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.420420] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.421112] PKRU: 55555554 [ 139.421414] Call Trace: [ 139.421638] [ 139.421959] iommufd_access_destroy_object+0x65/0x170 [ 139.422420] iommufd_object_destroy_user+0x18e/0x220 [ 139.422887] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.423590] iommufd_access_destroy+0x43/0x70 [ 139.423997] iommufd_test_staccess_release+0x8d/0xd0 [ 139.424453] __fput+0x26d/0xa40 [ 139.424757] ____fput+0x1e/0x30 [ 139.425050] task_work_run+0x1a4/0x2d0 [ 139.425397] ? __pfx_task_work_run+0x10/0x10 [ 139.425786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.426217] ? switch_task_namespaces+0xa9/0xe0 [ 139.426649] do_exit+0xb17/0x2ef0 [ 139.426952] ? lock_acquire+0x427/0x4c0 [ 139.427315] ? __pfx_lock_release+0x10/0x10 [ 139.427701] ? __kasan_check_write+0x18/0x20 [ 139.428087] ? do_raw_spin_lock+0x132/0x2a0 [ 139.428464] ? __pfx_do_exit+0x10/0x10 [ 139.428813] ? debug_smp_processor_id+0x20/0x30 [ 139.429222] ? rcu_is_watching+0x19/0xb0 [ 139.429579] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.429983] ? trace_hardirqs_on+0x26/0x120 [ 139.430375] do_group_exit+0xe0/0x2b0 [ 139.430747] __x64_sys_exit_group+0x47/0x50 [ 139.431140] do_syscall_64+0x3b/0x90 [ 139.431477] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.431939] RIP: 0033:0x7f4b87518a4d [ 139.432267] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.432802] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.433459] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.434074] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.434715] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.435359] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.435972] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.436592] [ 139.436795] irq event stamp: 0 [ 139.437070] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.437615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.438334] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.439077] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.439636] ---[ end trace 0000000000000000 ]--- [ 139.440368] ------------[ cut here ]------------ [ 139.440794] WARNING: CPU: 0 PID: 1297 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.441677] Modules linked in: [ 139.441956] CPU: 0 PID: 1297 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.442749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.443740] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.444189] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.445765] RSP: 0018:ffff8880158bfb78 EFLAGS: 00010246 [ 139.446224] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.446856] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 139.447485] RBP: ffff8880158bfb98 R08: ffffed10023b363e R09: ffffed10023b363e [ 139.448101] R10: ffff888011d9b1ef R11: ffffed10023b363d R12: ffff888011d9b290 [ 139.448713] R13: ffff888011d9b0a8 R14: ffffffffffffffff R15: ffff8880158bfc60 [ 139.449329] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.450026] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.450547] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.451179] PKRU: 55555554 [ 139.451426] Call Trace: [ 139.451649] [ 139.451848] iommufd_ioas_destroy+0x53/0x70 [ 139.452227] iommufd_fops_release+0x1f7/0x370 [ 139.452625] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.453135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.453569] ? write_comp_data+0x2f/0x90 [ 139.453931] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.454365] __fput+0x26d/0xa40 [ 139.454687] ____fput+0x1e/0x30 [ 139.454985] task_work_run+0x1a4/0x2d0 [ 139.455342] ? __pfx_task_work_run+0x10/0x10 [ 139.455729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.456155] ? switch_task_namespaces+0xa9/0xe0 [ 139.456596] do_exit+0xb17/0x2ef0 [ 139.456899] ? lock_acquire+0x427/0x4c0 [ 139.457255] ? __pfx_lock_release+0x10/0x10 [ 139.457637] ? __kasan_check_write+0x18/0x20 [ 139.458025] ? do_raw_spin_lock+0x132/0x2a0 [ 139.458403] ? __pfx_do_exit+0x10/0x10 [ 139.458774] ? debug_smp_processor_id+0x20/0x30 [ 139.459197] ? rcu_is_watching+0x19/0xb0 [ 139.459557] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.459957] ? trace_hardirqs_on+0x26/0x120 [ 139.460338] do_group_exit+0xe0/0x2b0 [ 139.460673] __x64_sys_exit_group+0x47/0x50 [ 139.461046] do_syscall_64+0x3b/0x90 [ 139.461379] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.461849] RIP: 0033:0x7f4b87518a4d [ 139.462175] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.462734] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.463407] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.464028] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.464651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.465267] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.465883] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.466527] [ 139.466735] irq event stamp: 0 [ 139.467014] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.467583] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.468302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.469020] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.469566] ---[ end trace 0000000000000000 ]--- [ 139.473229] ------------[ cut here ]------------ [ 139.473634] WARNING: CPU: 1 PID: 1298 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.474413] Modules linked in: [ 139.474904] CPU: 1 PID: 1298 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.475574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.476420] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.476795] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.478161] RSP: 0018:ffff888011c17bb8 EFLAGS: 00010246 [ 139.478580] RAX: 0000000000000000 RBX: ffff888016e9f8a8 RCX: 0000000000000000 [ 139.479122] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 139.479657] RBP: ffff888011c17bd0 R08: ffffed1002dd3f33 R09: ffffed1002dd3f33 [ 139.480193] R10: ffff888016e9f993 R11: ffffed1002dd3f32 R12: ffff88801226d800 [ 139.480732] R13: ffff888016e9f9e8 R14: ffffffff8352e670 R15: ffff888011c17e68 [ 139.481271] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.481878] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.482318] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 139.482876] PKRU: 55555554 [ 139.483094] Call Trace: [ 139.483295] [ 139.483467] __iommufd_access_detach+0x1c2/0x2b0 [ 139.483840] iommufd_access_change_pt+0x149/0x270 [ 139.484217] iommufd_access_replace+0xb4/0x120 [ 139.484576] iommufd_test+0x3e5/0x37e0 [ 139.484875] ? lock_release+0x532/0x770 [ 139.485186] ? __might_fault+0x102/0x1b0 [ 139.485502] ? lock_acquire+0x427/0x4c0 [ 139.485815] ? __pfx_iommufd_test+0x10/0x10 [ 139.486140] ? __pfx_lock_release+0x10/0x10 [ 139.486474] ? __pfx_lock_acquire+0x10/0x10 [ 139.486833] ? write_comp_data+0x2f/0x90 [ 139.487164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.487544] ? write_comp_data+0x2f/0x90 [ 139.487867] iommufd_fops_ioctl+0x37d/0x510 [ 139.488212] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.488595] ? write_comp_data+0x2f/0x90 [ 139.489113] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.489664] __x64_sys_ioctl+0x1a3/0x230 [ 139.489991] do_syscall_64+0x3b/0x90 [ 139.490286] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.490723] RIP: 0033:0x7f4b8743ee5d [ 139.491011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.492520] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.493091] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.493624] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.494158] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.494840] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.495388] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.495931] [ 139.496114] irq event stamp: 0 [ 139.496354] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.496834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.497591] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.498220] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.498716] ---[ end trace 0000000000000000 ]--- [ 139.501485] ------------[ cut here ]------------ [ 139.501866] WARNING: CPU: 1 PID: 1298 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.502747] Modules linked in: [ 139.502992] CPU: 1 PID: 1298 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.503714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.504600] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.504985] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.506458] RSP: 0018:ffff888011c17bd0 EFLAGS: 00010246 [ 139.506888] RAX: 0000000000000000 RBX: ffff888016e9f8a8 RCX: 0000000000000000 [ 139.507437] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 139.507977] RBP: ffff888011c17be8 R08: ffffed1002dd3f33 R09: ffffed1002dd3f33 [ 139.508514] R10: ffff888016e9f993 R11: ffffed1002dd3f32 R12: ffff888013784000 [ 139.509165] R13: ffff888016e9f9e8 R14: ffff888021839e00 R15: 0000000000000000 [ 139.509705] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.510310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.510770] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 139.511320] PKRU: 55555554 [ 139.511538] Call Trace: [ 139.511759] [ 139.511961] iommufd_access_destroy_object+0x65/0x170 [ 139.512403] iommufd_object_destroy_user+0x18e/0x220 [ 139.512795] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.513239] iommufd_access_destroy+0x43/0x70 [ 139.513601] iommufd_test_staccess_release+0x8d/0xd0 [ 139.514017] __fput+0x26d/0xa40 [ 139.514331] ____fput+0x1e/0x30 [ 139.514654] task_work_run+0x1a4/0x2d0 [ 139.514967] ? __pfx_task_work_run+0x10/0x10 [ 139.515323] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.515707] ? switch_task_namespaces+0xa9/0xe0 [ 139.516082] do_exit+0xb17/0x2ef0 [ 139.516357] ? lock_acquire+0x427/0x4c0 [ 139.516686] ? __pfx_lock_release+0x10/0x10 [ 139.517198] ? __kasan_check_write+0x18/0x20 [ 139.517605] ? do_raw_spin_lock+0x132/0x2a0 [ 139.517947] ? __pfx_do_exit+0x10/0x10 [ 139.518261] ? debug_smp_processor_id+0x20/0x30 [ 139.518649] ? rcu_is_watching+0x19/0xb0 [ 139.518969] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.519341] ? trace_hardirqs_on+0x26/0x120 [ 139.519689] do_group_exit+0xe0/0x2b0 [ 139.520030] __x64_sys_exit_group+0x47/0x50 [ 139.520478] do_syscall_64+0x3b/0x90 [ 139.520784] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.521195] RIP: 0033:0x7f4b87518a4d [ 139.521485] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.521961] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.522727] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.523306] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.523861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.524411] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.524967] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.525668] [ 139.525852] irq event stamp: 0 [ 139.526101] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.526618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.527272] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.527918] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.528415] ---[ end trace 0000000000000000 ]--- [ 139.529273] ------------[ cut here ]------------ [ 139.529643] WARNING: CPU: 1 PID: 1298 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.530440] Modules linked in: [ 139.530724] CPU: 1 PID: 1298 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.531415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.532403] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.532873] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.534279] RSP: 0018:ffff888011c17b78 EFLAGS: 00010246 [ 139.534724] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.535286] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 139.535955] RBP: ffff888011c17b98 R08: ffffed1002dd3f3e R09: ffffed1002dd3f3e [ 139.536551] R10: ffff888016e9f9ef R11: ffffed1002dd3f3d R12: ffff888016e9fa90 [ 139.537104] R13: ffff888016e9f8a8 R14: ffffffffffffffff R15: ffff888011c17c60 [ 139.537656] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.538279] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.538784] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 139.539454] PKRU: 55555554 [ 139.539678] Call Trace: [ 139.539881] [ 139.540063] iommufd_ioas_destroy+0x53/0x70 [ 139.540410] iommufd_fops_release+0x1f7/0x370 [ 139.540768] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.541158] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.541545] ? write_comp_data+0x2f/0x90 [ 139.542017] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.542414] __fput+0x26d/0xa40 [ 139.542713] ____fput+0x1e/0x30 [ 139.542982] task_work_run+0x1a4/0x2d0 [ 139.543306] ? __pfx_task_work_run+0x10/0x10 [ 139.543656] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.544042] ? switch_task_namespaces+0xa9/0xe0 [ 139.544417] do_exit+0xb17/0x2ef0 [ 139.544783] ? lock_acquire+0x427/0x4c0 [ 139.545147] ? __pfx_lock_release+0x10/0x10 [ 139.545494] ? __kasan_check_write+0x18/0x20 [ 139.545842] ? do_raw_spin_lock+0x132/0x2a0 [ 139.546180] ? __pfx_do_exit+0x10/0x10 [ 139.546491] ? debug_smp_processor_id+0x20/0x30 [ 139.546884] ? rcu_is_watching+0x19/0xb0 [ 139.547215] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.547666] ? trace_hardirqs_on+0x26/0x120 [ 139.548062] do_group_exit+0xe0/0x2b0 [ 139.548370] __x64_sys_exit_group+0x47/0x50 [ 139.548721] do_syscall_64+0x3b/0x90 [ 139.549032] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.549461] RIP: 0033:0x7f4b87518a4d [ 139.549771] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.550447] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.551123] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.551710] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.552293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.552876] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.553638] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.554223] [ 139.554415] irq event stamp: 0 [ 139.554696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.555214] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.555908] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.556738] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.557250] ---[ end trace 0000000000000000 ]--- [ 139.561937] ------------[ cut here ]------------ [ 139.562661] WARNING: CPU: 1 PID: 1299 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.563514] Modules linked in: [ 139.563775] CPU: 1 PID: 1299 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.564480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.565605] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.566018] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.567564] RSP: 0018:ffff888020adfbb8 EFLAGS: 00010246 [ 139.567998] RAX: 0000000000000000 RBX: ffff888015d2c8a8 RCX: 0000000000000000 [ 139.568575] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 139.569151] RBP: ffff888020adfbd0 R08: ffffed1002ba5933 R09: ffffed1002ba5933 [ 139.569729] R10: ffff888015d2c993 R11: ffffed1002ba5932 R12: ffff8880134f9c00 [ 139.570308] R13: ffff888015d2c9e8 R14: ffffffff8352e670 R15: ffff888020adfe68 [ 139.570900] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.571570] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.572043] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 139.572625] PKRU: 55555554 [ 139.572857] Call Trace: [ 139.573065] [ 139.573250] __iommufd_access_detach+0x1c2/0x2b0 [ 139.573647] iommufd_access_change_pt+0x149/0x270 [ 139.574050] iommufd_access_replace+0xb4/0x120 [ 139.574435] iommufd_test+0x3e5/0x37e0 [ 139.574778] ? lock_release+0x532/0x770 [ 139.575129] ? __might_fault+0x102/0x1b0 [ 139.575474] ? lock_acquire+0x427/0x4c0 [ 139.575808] ? __pfx_iommufd_test+0x10/0x10 [ 139.576160] ? __pfx_lock_release+0x10/0x10 [ 139.576525] ? __pfx_lock_acquire+0x10/0x10 [ 139.576886] ? write_comp_data+0x2f/0x90 [ 139.577227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.577629] ? write_comp_data+0x2f/0x90 [ 139.577973] iommufd_fops_ioctl+0x37d/0x510 [ 139.578332] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.578760] ? write_comp_data+0x2f/0x90 [ 139.579104] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.579512] __x64_sys_ioctl+0x1a3/0x230 [ 139.579855] do_syscall_64+0x3b/0x90 [ 139.580169] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.580602] RIP: 0033:0x7f4b8743ee5d [ 139.580908] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.582376] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.583028] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.583620] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.584199] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.584774] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.585352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.585941] [ 139.586133] irq event stamp: 0 [ 139.586389] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.586923] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.587618] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.588301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.588817] ---[ end trace 0000000000000000 ]--- [ 139.591717] ------------[ cut here ]------------ [ 139.592134] WARNING: CPU: 1 PID: 1299 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.592956] Modules linked in: [ 139.593218] CPU: 1 PID: 1299 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.593924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.594894] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.595313] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.596784] RSP: 0018:ffff888020adfbd0 EFLAGS: 00010246 [ 139.597216] RAX: 0000000000000000 RBX: ffff888015d2c8a8 RCX: 0000000000000000 [ 139.597794] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 139.598368] RBP: ffff888020adfbe8 R08: ffffed1002ba5933 R09: ffffed1002ba5933 [ 139.598963] R10: ffff888015d2c993 R11: ffffed1002ba5932 R12: ffff88801226c400 [ 139.599554] R13: ffff888015d2c9e8 R14: ffff888013f45300 R15: 0000000000000000 [ 139.600130] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.600783] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.601269] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 139.601855] PKRU: 55555554 [ 139.602090] Call Trace: [ 139.602315] [ 139.602532] iommufd_access_destroy_object+0x65/0x170 [ 139.602965] iommufd_object_destroy_user+0x18e/0x220 [ 139.603394] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.603875] iommufd_access_destroy+0x43/0x70 [ 139.604254] iommufd_test_staccess_release+0x8d/0xd0 [ 139.604682] __fput+0x26d/0xa40 [ 139.604972] ____fput+0x1e/0x30 [ 139.605256] task_work_run+0x1a4/0x2d0 [ 139.605586] ? __pfx_task_work_run+0x10/0x10 [ 139.605950] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.606363] ? switch_task_namespaces+0xa9/0xe0 [ 139.606794] do_exit+0xb17/0x2ef0 [ 139.607087] ? lock_acquire+0x427/0x4c0 [ 139.607447] ? __pfx_lock_release+0x10/0x10 [ 139.607817] ? __kasan_check_write+0x18/0x20 [ 139.608196] ? do_raw_spin_lock+0x132/0x2a0 [ 139.608565] ? __pfx_do_exit+0x10/0x10 [ 139.608900] ? debug_smp_processor_id+0x20/0x30 [ 139.609288] ? rcu_is_watching+0x19/0xb0 [ 139.609630] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.610020] ? trace_hardirqs_on+0x26/0x120 [ 139.610389] do_group_exit+0xe0/0x2b0 [ 139.610750] __x64_sys_exit_group+0x47/0x50 [ 139.611124] do_syscall_64+0x3b/0x90 [ 139.611447] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.611886] RIP: 0033:0x7f4b87518a4d [ 139.612198] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.612701] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.613333] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.613913] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.614496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.615108] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.615704] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.616298] [ 139.616491] irq event stamp: 0 [ 139.616753] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.617270] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.617956] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.618667] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.619200] ---[ end trace 0000000000000000 ]--- [ 139.619925] ------------[ cut here ]------------ [ 139.620318] WARNING: CPU: 1 PID: 1299 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.621158] Modules linked in: [ 139.621420] CPU: 1 PID: 1299 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.622134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.623079] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.623521] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.625005] RSP: 0018:ffff888020adfb78 EFLAGS: 00010246 [ 139.625445] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.626026] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 139.626632] RBP: ffff888020adfb98 R08: ffffed1002ba593e R09: ffffed1002ba593e [ 139.627245] R10: ffff888015d2c9ef R11: ffffed1002ba593d R12: ffff888015d2ca90 [ 139.627825] R13: ffff888015d2c8a8 R14: ffffffffffffffff R15: ffff888020adfc60 [ 139.628409] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 139.629097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.629614] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 139.630225] PKRU: 55555554 [ 139.630468] Call Trace: [ 139.630718] [ 139.630918] iommufd_ioas_destroy+0x53/0x70 [ 139.631317] iommufd_fops_release+0x1f7/0x370 [ 139.631718] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.632154] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.632583] ? write_comp_data+0x2f/0x90 [ 139.632941] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.633369] __fput+0x26d/0xa40 [ 139.633663] ____fput+0x1e/0x30 [ 139.633950] task_work_run+0x1a4/0x2d0 [ 139.634289] ? __pfx_task_work_run+0x10/0x10 [ 139.634703] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.635145] ? switch_task_namespaces+0xa9/0xe0 [ 139.635565] do_exit+0xb17/0x2ef0 [ 139.635875] ? lock_acquire+0x427/0x4c0 [ 139.636237] ? __pfx_lock_release+0x10/0x10 [ 139.636623] ? __kasan_check_write+0x18/0x20 [ 139.637018] ? do_raw_spin_lock+0x132/0x2a0 [ 139.637399] ? __pfx_do_exit+0x10/0x10 [ 139.637755] ? debug_smp_processor_id+0x20/0x30 [ 139.638169] ? rcu_is_watching+0x19/0xb0 [ 139.638566] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.638972] ? trace_hardirqs_on+0x26/0x120 [ 139.639378] do_group_exit+0xe0/0x2b0 [ 139.639719] __x64_sys_exit_group+0x47/0x50 [ 139.640098] do_syscall_64+0x3b/0x90 [ 139.640442] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.640904] RIP: 0033:0x7f4b87518a4d [ 139.641232] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.641769] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.642431] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.643083] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.643714] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.644329] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.644946] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.645573] [ 139.645779] irq event stamp: 0 [ 139.646051] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.646620] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.647357] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.648080] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.648627] ---[ end trace 0000000000000000 ]--- [ 139.653440] ------------[ cut here ]------------ [ 139.653959] WARNING: CPU: 0 PID: 1300 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.655079] Modules linked in: [ 139.655405] CPU: 0 PID: 1300 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.656236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.657295] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.657763] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.659520] RSP: 0018:ffff88800ff2fbb8 EFLAGS: 00010246 [ 139.660032] RAX: 0000000000000000 RBX: ffff8880244d68a8 RCX: 0000000000000000 [ 139.660703] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 139.661373] RBP: ffff88800ff2fbd0 R08: ffffed100489ad33 R09: ffffed100489ad33 [ 139.662050] R10: ffff8880244d6993 R11: ffffed100489ad32 R12: ffff88800fcb1800 [ 139.662748] R13: ffff8880244d69e8 R14: ffffffff8352e670 R15: ffff88800ff2fe68 [ 139.663438] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.664199] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.664749] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 139.665433] PKRU: 55555554 [ 139.665704] Call Trace: [ 139.665950] [ 139.666169] __iommufd_access_detach+0x1c2/0x2b0 [ 139.666657] iommufd_access_change_pt+0x149/0x270 [ 139.667141] iommufd_access_replace+0xb4/0x120 [ 139.667585] iommufd_test+0x3e5/0x37e0 [ 139.667954] ? lock_release+0x532/0x770 [ 139.668347] ? __might_fault+0x102/0x1b0 [ 139.668744] ? lock_acquire+0x427/0x4c0 [ 139.669137] ? __pfx_iommufd_test+0x10/0x10 [ 139.669552] ? __pfx_lock_release+0x10/0x10 [ 139.669978] ? __pfx_lock_acquire+0x10/0x10 [ 139.670406] ? write_comp_data+0x2f/0x90 [ 139.670826] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.671316] ? write_comp_data+0x2f/0x90 [ 139.671720] iommufd_fops_ioctl+0x37d/0x510 [ 139.672139] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.672607] ? write_comp_data+0x2f/0x90 [ 139.673005] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.673469] __x64_sys_ioctl+0x1a3/0x230 [ 139.673864] do_syscall_64+0x3b/0x90 [ 139.674231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.674759] RIP: 0033:0x7f4b8743ee5d [ 139.675137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.676876] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.677667] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.678348] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.679044] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.679736] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.680419] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.681108] [ 139.681333] irq event stamp: 0 [ 139.681638] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.682232] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.683051] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.683865] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.684468] ---[ end trace 0000000000000000 ]--- [ 139.687401] ------------[ cut here ]------------ [ 139.687900] WARNING: CPU: 0 PID: 1300 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.688858] Modules linked in: [ 139.689160] CPU: 0 PID: 1300 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.689984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.691083] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.691589] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.693355] RSP: 0018:ffff88800ff2fbd0 EFLAGS: 00010246 [ 139.693881] RAX: 0000000000000000 RBX: ffff8880244d68a8 RCX: 0000000000000000 [ 139.694639] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 139.695361] RBP: ffff88800ff2fbe8 R08: ffffed100489ad33 R09: ffffed100489ad33 [ 139.696067] R10: ffff8880244d6993 R11: ffffed100489ad32 R12: ffff888013b15c00 [ 139.696771] R13: ffff8880244d69e8 R14: ffff8880143f2100 R15: 0000000000000000 [ 139.697471] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.698260] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.698856] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.699575] PKRU: 55555554 [ 139.699856] Call Trace: [ 139.700108] [ 139.700328] iommufd_access_destroy_object+0x65/0x170 [ 139.700843] iommufd_object_destroy_user+0x18e/0x220 [ 139.701353] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.701924] iommufd_access_destroy+0x43/0x70 [ 139.702374] iommufd_test_staccess_release+0x8d/0xd0 [ 139.702918] __fput+0x26d/0xa40 [ 139.703276] ____fput+0x1e/0x30 [ 139.703614] task_work_run+0x1a4/0x2d0 [ 139.704008] ? __pfx_task_work_run+0x10/0x10 [ 139.704449] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.704934] ? switch_task_namespaces+0xa9/0xe0 [ 139.705406] do_exit+0xb17/0x2ef0 [ 139.705756] ? lock_acquire+0x427/0x4c0 [ 139.706165] ? __pfx_lock_release+0x10/0x10 [ 139.706632] ? __kasan_check_write+0x18/0x20 [ 139.707087] ? do_raw_spin_lock+0x132/0x2a0 [ 139.707531] ? __pfx_do_exit+0x10/0x10 [ 139.707925] ? debug_smp_processor_id+0x20/0x30 [ 139.708394] ? rcu_is_watching+0x19/0xb0 [ 139.708801] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.709330] ? trace_hardirqs_on+0x26/0x120 [ 139.709765] do_group_exit+0xe0/0x2b0 [ 139.710148] __x64_sys_exit_group+0x47/0x50 [ 139.710611] do_syscall_64+0x3b/0x90 [ 139.711005] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.711544] RIP: 0033:0x7f4b87518a4d [ 139.711914] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.712518] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.713265] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.713963] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.714689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.715406] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.716106] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.716808] [ 139.717037] irq event stamp: 0 [ 139.717346] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.717968] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.718811] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.719655] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.720280] ---[ end trace 0000000000000000 ]--- [ 139.721100] ------------[ cut here ]------------ [ 139.721568] WARNING: CPU: 0 PID: 1300 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.722611] Modules linked in: [ 139.722935] CPU: 0 PID: 1300 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.723818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.724926] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.725441] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.727292] RSP: 0018:ffff88800ff2fb78 EFLAGS: 00010246 [ 139.727836] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.728531] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 139.729231] RBP: ffff88800ff2fb98 R08: ffffed100489ad3e R09: ffffed100489ad3e [ 139.729933] R10: ffff8880244d69ef R11: ffffed100489ad3d R12: ffff8880244d6a90 [ 139.730665] R13: ffff8880244d68a8 R14: ffffffffffffffff R15: ffff88800ff2fc60 [ 139.731398] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.732194] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.732766] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.733472] PKRU: 55555554 [ 139.733755] Call Trace: [ 139.734011] [ 139.734239] iommufd_ioas_destroy+0x53/0x70 [ 139.734695] iommufd_fops_release+0x1f7/0x370 [ 139.735167] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.735664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.736157] ? write_comp_data+0x2f/0x90 [ 139.736583] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.737096] __fput+0x26d/0xa40 [ 139.737452] ____fput+0x1e/0x30 [ 139.737790] task_work_run+0x1a4/0x2d0 [ 139.738186] ? __pfx_task_work_run+0x10/0x10 [ 139.738666] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.739172] ? switch_task_namespaces+0xa9/0xe0 [ 139.739650] do_exit+0xb17/0x2ef0 [ 139.740000] ? lock_acquire+0x427/0x4c0 [ 139.740405] ? __pfx_lock_release+0x10/0x10 [ 139.740842] ? __kasan_check_write+0x18/0x20 [ 139.741361] ? do_raw_spin_lock+0x132/0x2a0 [ 139.741798] ? __pfx_do_exit+0x10/0x10 [ 139.742194] ? debug_smp_processor_id+0x20/0x30 [ 139.742698] ? rcu_is_watching+0x19/0xb0 [ 139.743128] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.743595] ? trace_hardirqs_on+0x26/0x120 [ 139.744038] do_group_exit+0xe0/0x2b0 [ 139.744420] __x64_sys_exit_group+0x47/0x50 [ 139.744847] do_syscall_64+0x3b/0x90 [ 139.745230] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.745752] RIP: 0033:0x7f4b87518a4d [ 139.746129] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.746789] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.747565] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.748272] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.748977] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.749694] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.750401] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.751162] [ 139.751401] irq event stamp: 0 [ 139.751724] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.752620] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.753458] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.754369] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.755212] ---[ end trace 0000000000000000 ]--- [ 139.759500] ------------[ cut here ]------------ [ 139.760006] WARNING: CPU: 0 PID: 1301 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.761085] Modules linked in: [ 139.761561] CPU: 0 PID: 1301 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.762431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.763826] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.764333] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.766179] RSP: 0018:ffff888013aa7bb8 EFLAGS: 00010246 [ 139.766765] RAX: 0000000000000000 RBX: ffff888015d808a8 RCX: 0000000000000000 [ 139.767521] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 139.768251] RBP: ffff888013aa7bd0 R08: ffffed1002bb0133 R09: ffffed1002bb0133 [ 139.768979] R10: ffff888015d80993 R11: ffffed1002bb0132 R12: ffff888014761800 [ 139.769710] R13: ffff888015d809e8 R14: ffffffff8352e670 R15: ffff888013aa7e68 [ 139.770435] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.771301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.771899] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 139.772630] PKRU: 55555554 [ 139.773002] Call Trace: [ 139.773266] [ 139.773495] __iommufd_access_detach+0x1c2/0x2b0 [ 139.774000] iommufd_access_change_pt+0x149/0x270 [ 139.774531] iommufd_access_replace+0xb4/0x120 [ 139.775015] iommufd_test+0x3e5/0x37e0 [ 139.775436] ? lock_release+0x532/0x770 [ 139.775854] ? __might_fault+0x102/0x1b0 [ 139.776278] ? lock_acquire+0x427/0x4c0 [ 139.776698] ? __pfx_iommufd_test+0x10/0x10 [ 139.777144] ? __pfx_lock_release+0x10/0x10 [ 139.777604] ? __pfx_lock_acquire+0x10/0x10 [ 139.778053] ? write_comp_data+0x2f/0x90 [ 139.778483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.779023] ? write_comp_data+0x2f/0x90 [ 139.779474] iommufd_fops_ioctl+0x37d/0x510 [ 139.779930] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.780442] ? write_comp_data+0x2f/0x90 [ 139.780873] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.781377] __x64_sys_ioctl+0x1a3/0x230 [ 139.781812] do_syscall_64+0x3b/0x90 [ 139.782205] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.782760] RIP: 0033:0x7f4b8743ee5d [ 139.783149] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.785004] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.785781] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.786541] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.787301] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.788032] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.788764] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.789513] [ 139.789760] irq event stamp: 0 [ 139.790084] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.790768] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.791630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.792470] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.793106] ---[ end trace 0000000000000000 ]--- [ 139.796799] ------------[ cut here ]------------ [ 139.797501] WARNING: CPU: 0 PID: 1301 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.798597] Modules linked in: [ 139.798936] CPU: 0 PID: 1301 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.800226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.801385] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.801922] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.804011] RSP: 0018:ffff888013aa7bd0 EFLAGS: 00010246 [ 139.804648] RAX: 0000000000000000 RBX: ffff888015d808a8 RCX: 0000000000000000 [ 139.805593] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 139.806337] RBP: ffff888013aa7be8 R08: ffffed1002bb0133 R09: ffffed1002bb0133 [ 139.807314] R10: ffff888015d80993 R11: ffffed1002bb0132 R12: ffff88800fcb2800 [ 139.808062] R13: ffff888015d809e8 R14: ffff888013f6bb00 R15: 0000000000000000 [ 139.808809] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.809861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.810461] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.811262] PKRU: 55555554 [ 139.811707] Call Trace: [ 139.811980] [ 139.812215] iommufd_access_destroy_object+0x65/0x170 [ 139.812757] iommufd_object_destroy_user+0x18e/0x220 [ 139.813290] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.814108] iommufd_access_destroy+0x43/0x70 [ 139.814621] iommufd_test_staccess_release+0x8d/0xd0 [ 139.815174] __fput+0x26d/0xa40 [ 139.815536] ____fput+0x1e/0x30 [ 139.815963] task_work_run+0x1a4/0x2d0 [ 139.816530] ? __pfx_task_work_run+0x10/0x10 [ 139.817001] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.817511] ? switch_task_namespaces+0xa9/0xe0 [ 139.818081] do_exit+0xb17/0x2ef0 [ 139.818587] ? lock_acquire+0x427/0x4c0 [ 139.819014] ? __pfx_lock_release+0x10/0x10 [ 139.819493] ? __kasan_check_write+0x18/0x20 [ 139.819991] ? do_raw_spin_lock+0x132/0x2a0 [ 139.820466] ? __pfx_do_exit+0x10/0x10 [ 139.820908] ? debug_smp_processor_id+0x20/0x30 [ 139.821424] ? rcu_is_watching+0x19/0xb0 [ 139.821866] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.822369] ? trace_hardirqs_on+0x26/0x120 [ 139.822877] do_group_exit+0xe0/0x2b0 [ 139.823315] __x64_sys_exit_group+0x47/0x50 [ 139.823784] do_syscall_64+0x3b/0x90 [ 139.824204] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.824778] RIP: 0033:0x7f4b87518a4d [ 139.825183] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.825841] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.826692] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.827472] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.828243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.829004] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.829767] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.830558] [ 139.830812] irq event stamp: 0 [ 139.831170] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.831851] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.832752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.833647] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.834318] ---[ end trace 0000000000000000 ]--- [ 139.835322] ------------[ cut here ]------------ [ 139.836182] WARNING: CPU: 0 PID: 1301 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.837313] Modules linked in: [ 139.837653] CPU: 0 PID: 1301 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.838773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.840192] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.840862] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.843200] RSP: 0018:ffff888013aa7b78 EFLAGS: 00010246 [ 139.843884] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.844774] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 139.845661] RBP: ffff888013aa7b98 R08: ffffed1002bb013e R09: ffffed1002bb013e [ 139.846587] R10: ffff888015d809ef R11: ffffed1002bb013d R12: ffff888015d80a90 [ 139.847490] R13: ffff888015d808a8 R14: ffffffffffffffff R15: ffff888013aa7c60 [ 139.848158] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.848916] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.849449] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.850116] PKRU: 55555554 [ 139.850379] Call Trace: [ 139.850661] [ 139.850925] iommufd_ioas_destroy+0x53/0x70 [ 139.851391] iommufd_fops_release+0x1f7/0x370 [ 139.851832] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.852299] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.852761] ? write_comp_data+0x2f/0x90 [ 139.853158] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.853625] __fput+0x26d/0xa40 [ 139.853956] ____fput+0x1e/0x30 [ 139.854272] task_work_run+0x1a4/0x2d0 [ 139.854678] ? __pfx_task_work_run+0x10/0x10 [ 139.855421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.856065] ? switch_task_namespaces+0xa9/0xe0 [ 139.856702] do_exit+0xb17/0x2ef0 [ 139.857186] ? lock_acquire+0x427/0x4c0 [ 139.857729] ? __pfx_lock_release+0x10/0x10 [ 139.858304] ? __kasan_check_write+0x18/0x20 [ 139.858960] ? do_raw_spin_lock+0x132/0x2a0 [ 139.859564] ? __pfx_do_exit+0x10/0x10 [ 139.860094] ? debug_smp_processor_id+0x20/0x30 [ 139.860701] ? rcu_is_watching+0x19/0xb0 [ 139.861238] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.861843] ? trace_hardirqs_on+0x26/0x120 [ 139.862420] do_group_exit+0xe0/0x2b0 [ 139.862973] __x64_sys_exit_group+0x47/0x50 [ 139.863555] do_syscall_64+0x3b/0x90 [ 139.863955] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.864493] RIP: 0033:0x7f4b87518a4d [ 139.864873] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.865492] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.866235] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.866962] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.867673] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.868366] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.869143] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.869848] [ 139.870075] irq event stamp: 0 [ 139.870386] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.871023] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.871906] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.872719] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.873336] ---[ end trace 0000000000000000 ]--- [ 139.878367] ------------[ cut here ]------------ [ 139.878911] WARNING: CPU: 0 PID: 1302 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.879889] Modules linked in: [ 139.880286] CPU: 0 PID: 1302 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.881169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.882230] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.882733] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.884507] RSP: 0018:ffff88800ff2fbb8 EFLAGS: 00010246 [ 139.885015] RAX: 0000000000000000 RBX: ffff888012a7d0a8 RCX: 0000000000000000 [ 139.885684] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 139.886360] RBP: ffff88800ff2fbd0 R08: ffffed100254fa33 R09: ffffed100254fa33 [ 139.887053] R10: ffff888012a7d193 R11: ffffed100254fa32 R12: ffff8880184ed800 [ 139.887747] R13: ffff888012a7d1e8 R14: ffffffff8352e670 R15: ffff88800ff2fe68 [ 139.888417] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.889177] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.889726] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 139.890405] PKRU: 55555554 [ 139.890695] Call Trace: [ 139.890943] [ 139.891167] __iommufd_access_detach+0x1c2/0x2b0 [ 139.891642] iommufd_access_change_pt+0x149/0x270 [ 139.892106] iommufd_access_replace+0xb4/0x120 [ 139.892549] iommufd_test+0x3e5/0x37e0 [ 139.892924] ? lock_release+0x532/0x770 [ 139.893313] ? __might_fault+0x102/0x1b0 [ 139.893707] ? lock_acquire+0x427/0x4c0 [ 139.894097] ? __pfx_iommufd_test+0x10/0x10 [ 139.894532] ? __pfx_lock_release+0x10/0x10 [ 139.894958] ? __pfx_lock_acquire+0x10/0x10 [ 139.895393] ? write_comp_data+0x2f/0x90 [ 139.895797] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.896268] ? write_comp_data+0x2f/0x90 [ 139.896664] iommufd_fops_ioctl+0x37d/0x510 [ 139.897077] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.897550] ? write_comp_data+0x2f/0x90 [ 139.897956] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 139.898419] __x64_sys_ioctl+0x1a3/0x230 [ 139.898840] do_syscall_64+0x3b/0x90 [ 139.899217] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.899721] RIP: 0033:0x7f4b8743ee5d [ 139.900079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 139.901882] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 139.902632] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 139.903329] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 139.904008] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 139.904684] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 139.905357] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 139.906036] [ 139.906259] irq event stamp: 0 [ 139.906583] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.907195] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.907985] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.908770] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.909373] ---[ end trace 0000000000000000 ]--- [ 139.912675] ------------[ cut here ]------------ [ 139.913145] WARNING: CPU: 0 PID: 1302 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 139.914146] Modules linked in: [ 139.914635] CPU: 0 PID: 1302 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.915498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.916572] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 139.917053] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 139.919030] RSP: 0018:ffff88800ff2fbd0 EFLAGS: 00010246 [ 139.919568] RAX: 0000000000000000 RBX: ffff888012a7d0a8 RCX: 0000000000000000 [ 139.920249] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 139.921020] RBP: ffff88800ff2fbe8 R08: ffffed100254fa33 R09: ffffed100254fa33 [ 139.921801] R10: ffff888012a7d193 R11: ffffed100254fa32 R12: ffff888014761000 [ 139.922488] R13: ffff888012a7d1e8 R14: ffff888012fb5800 R15: 0000000000000000 [ 139.923220] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.923985] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.924734] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.925417] PKRU: 55555554 [ 139.925690] Call Trace: [ 139.925935] [ 139.926151] iommufd_access_destroy_object+0x65/0x170 [ 139.926684] iommufd_object_destroy_user+0x18e/0x220 [ 139.927194] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 139.927796] iommufd_access_destroy+0x43/0x70 [ 139.928381] iommufd_test_staccess_release+0x8d/0xd0 [ 139.928883] __fput+0x26d/0xa40 [ 139.929219] ____fput+0x1e/0x30 [ 139.929544] task_work_run+0x1a4/0x2d0 [ 139.929927] ? __pfx_task_work_run+0x10/0x10 [ 139.930374] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.930988] ? switch_task_namespaces+0xa9/0xe0 [ 139.931586] do_exit+0xb17/0x2ef0 [ 139.931937] ? lock_acquire+0x427/0x4c0 [ 139.932346] ? __pfx_lock_release+0x10/0x10 [ 139.932783] ? __kasan_check_write+0x18/0x20 [ 139.933306] ? do_raw_spin_lock+0x132/0x2a0 [ 139.933743] ? __pfx_do_exit+0x10/0x10 [ 139.934141] ? debug_smp_processor_id+0x20/0x30 [ 139.934850] ? rcu_is_watching+0x19/0xb0 [ 139.935468] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.936052] ? trace_hardirqs_on+0x26/0x120 [ 139.936605] do_group_exit+0xe0/0x2b0 [ 139.937104] __x64_sys_exit_group+0x47/0x50 [ 139.937654] do_syscall_64+0x3b/0x90 [ 139.938674] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.939376] RIP: 0033:0x7f4b87518a4d [ 139.939852] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.940622] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.941702] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.942824] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.943746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.944641] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.945785] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.946746] [ 139.947067] irq event stamp: 0 [ 139.947497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.948280] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.949629] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.950746] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 139.951573] ---[ end trace 0000000000000000 ]--- [ 139.953094] ------------[ cut here ]------------ [ 139.953736] WARNING: CPU: 0 PID: 1302 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 139.955103] Modules linked in: [ 139.955848] CPU: 0 PID: 1302 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 139.956969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 139.958399] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 139.959421] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 139.961716] RSP: 0018:ffff88800ff2fb78 EFLAGS: 00010246 [ 139.962721] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.963638] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 139.964367] RBP: ffff88800ff2fb98 R08: ffffed100254fa3e R09: ffffed100254fa3e [ 139.965572] R10: ffff888012a7d1ef R11: ffffed100254fa3d R12: ffff888012a7d290 [ 139.966476] R13: ffff888012a7d0a8 R14: ffffffffffffffff R15: ffff88800ff2fc60 [ 139.967643] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 139.968656] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.969383] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 139.970281] PKRU: 55555554 [ 139.970669] Call Trace: [ 139.971004] [ 139.971314] iommufd_ioas_destroy+0x53/0x70 [ 139.971880] iommufd_fops_release+0x1f7/0x370 [ 139.972462] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.973096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.973724] ? write_comp_data+0x2f/0x90 [ 139.974257] ? __pfx_iommufd_fops_release+0x10/0x10 [ 139.974931] __fput+0x26d/0xa40 [ 139.975396] ____fput+0x1e/0x30 [ 139.975833] task_work_run+0x1a4/0x2d0 [ 139.976346] ? __pfx_task_work_run+0x10/0x10 [ 139.976917] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 139.977544] ? switch_task_namespaces+0xa9/0xe0 [ 139.978153] do_exit+0xb17/0x2ef0 [ 139.978631] ? lock_acquire+0x427/0x4c0 [ 139.979173] ? __pfx_lock_release+0x10/0x10 [ 139.979735] ? __kasan_check_write+0x18/0x20 [ 139.980305] ? do_raw_spin_lock+0x132/0x2a0 [ 139.980856] ? __pfx_do_exit+0x10/0x10 [ 139.981366] ? debug_smp_processor_id+0x20/0x30 [ 139.981962] ? rcu_is_watching+0x19/0xb0 [ 139.982479] ? _raw_spin_unlock_irq+0x2b/0x60 [ 139.983102] ? trace_hardirqs_on+0x26/0x120 [ 139.983682] do_group_exit+0xe0/0x2b0 [ 139.984172] __x64_sys_exit_group+0x47/0x50 [ 139.984717] do_syscall_64+0x3b/0x90 [ 139.985203] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 139.985865] RIP: 0033:0x7f4b87518a4d [ 139.986340] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 139.987156] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 139.988108] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 139.988995] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 139.989882] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 139.990797] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 139.990902] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 139.991709] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 139.993660] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 139.994570] [ 139.996203] irq event stamp: 0 [ 139.996612] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 139.997406] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 139.998451] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 139.999540] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.000331] ---[ end trace 0000000000000000 ]--- [ 140.006866] ------------[ cut here ]------------ [ 140.007396] WARNING: CPU: 1 PID: 1304 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.008336] Modules linked in: [ 140.008635] CPU: 1 PID: 1304 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.009442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.010484] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.010993] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.012693] RSP: 0018:ffff888018097bb8 EFLAGS: 00010246 [ 140.013188] RAX: 0000000000000000 RBX: ffff888011f628a8 RCX: 0000000000000000 [ 140.013844] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 140.014526] RBP: ffff888018097bd0 R08: ffffed10023ec533 R09: ffffed10023ec533 [ 140.015200] R10: ffff888011f62993 R11: ffffed10023ec532 R12: ffff888012b44c00 [ 140.015862] R13: ffff888011f629e8 R14: ffffffff8352e670 R15: ffff888018097e68 [ 140.016522] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.017271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.017813] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 140.018484] PKRU: 55555554 [ 140.018796] Call Trace: [ 140.019041] [ 140.019265] __iommufd_access_detach+0x1c2/0x2b0 [ 140.019726] iommufd_access_change_pt+0x149/0x270 [ 140.020188] iommufd_access_replace+0xb4/0x120 [ 140.020628] iommufd_test+0x3e5/0x37e0 [ 140.020993] ? lock_release+0x532/0x770 [ 140.021373] ? __might_fault+0x102/0x1b0 [ 140.021760] ? lock_acquire+0x427/0x4c0 [ 140.022144] ? __pfx_iommufd_test+0x10/0x10 [ 140.022590] ? __pfx_lock_release+0x10/0x10 [ 140.023037] ? __pfx_lock_acquire+0x10/0x10 [ 140.023499] ? write_comp_data+0x2f/0x90 [ 140.023921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.024422] ? write_comp_data+0x2f/0x90 [ 140.024843] iommufd_fops_ioctl+0x37d/0x510 [ 140.025288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.025800] ? write_comp_data+0x2f/0x90 [ 140.026227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.026762] __x64_sys_ioctl+0x1a3/0x230 [ 140.027215] do_syscall_64+0x3b/0x90 [ 140.027612] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.028144] RIP: 0033:0x7f4b8743ee5d [ 140.028524] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.030347] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.031179] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.031905] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.032627] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.033347] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.034068] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.034875] [ 140.035135] irq event stamp: 0 [ 140.035462] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.036097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.036943] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.037790] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.038425] ---[ end trace 0000000000000000 ]--- [ 140.057695] ------------[ cut here ]------------ [ 140.058254] WARNING: CPU: 1 PID: 1304 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.059511] Modules linked in: [ 140.060273] CPU: 1 PID: 1304 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.061160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.062305] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.062927] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.064906] RSP: 0018:ffff888018097bd0 EFLAGS: 00010246 [ 140.065690] RAX: 0000000000000000 RBX: ffff888011f628a8 RCX: 0000000000000000 [ 140.066417] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 140.067185] RBP: ffff888018097be8 R08: ffffed10023ec533 R09: ffffed10023ec533 [ 140.067923] R10: ffff888011f62993 R11: ffffed10023ec532 R12: ffff8880134f8c00 [ 140.068651] R13: ffff888011f629e8 R14: ffff888020982300 R15: 0000000000000000 [ 140.069378] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.070207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.071050] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 140.072013] PKRU: 55555554 [ 140.072307] Call Trace: [ 140.072572] [ 140.072803] iommufd_access_destroy_object+0x65/0x170 [ 140.073339] iommufd_object_destroy_user+0x18e/0x220 [ 140.073862] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.074460] iommufd_access_destroy+0x43/0x70 [ 140.074965] iommufd_test_staccess_release+0x8d/0xd0 [ 140.075516] __fput+0x26d/0xa40 [ 140.075877] ____fput+0x1e/0x30 [ 140.076227] task_work_run+0x1a4/0x2d0 [ 140.076712] ? __pfx_task_work_run+0x10/0x10 [ 140.077324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.078017] ? switch_task_namespaces+0xa9/0xe0 [ 140.078562] do_exit+0xb17/0x2ef0 [ 140.078923] ? lock_acquire+0x427/0x4c0 [ 140.079355] ? __pfx_lock_release+0x10/0x10 [ 140.079810] ? __kasan_check_write+0x18/0x20 [ 140.080265] ? do_raw_spin_lock+0x132/0x2a0 [ 140.080708] ? __pfx_do_exit+0x10/0x10 [ 140.081116] ? debug_smp_processor_id+0x20/0x30 [ 140.081600] ? rcu_is_watching+0x19/0xb0 [ 140.082025] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.082668] ? trace_hardirqs_on+0x26/0x120 [ 140.083234] do_group_exit+0xe0/0x2b0 [ 140.083633] __x64_sys_exit_group+0x47/0x50 [ 140.084073] do_syscall_64+0x3b/0x90 [ 140.084466] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.085004] RIP: 0033:0x7f4b87518a4d [ 140.085385] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.086007] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.086832] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.087577] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.088602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.089343] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.090069] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.090837] [ 140.091081] irq event stamp: 0 [ 140.091417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.092066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.093114] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.094102] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.094780] ---[ end trace 0000000000000000 ]--- [ 140.095688] ------------[ cut here ]------------ [ 140.096170] WARNING: CPU: 1 PID: 1304 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.097207] Modules linked in: [ 140.097660] CPU: 1 PID: 1304 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.098928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.100100] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.100629] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.102540] RSP: 0018:ffff888018097b78 EFLAGS: 00010246 [ 140.103266] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.104218] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 140.104943] RBP: ffff888018097b98 R08: ffffed10023ec53e R09: ffffed10023ec53e [ 140.105668] R10: ffff888011f629ef R11: ffffed10023ec53d R12: ffff888011f62a90 [ 140.106387] R13: ffff888011f628a8 R14: ffffffffffffffff R15: ffff888018097c60 [ 140.107210] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.108029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.108648] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 140.109648] PKRU: 55555554 [ 140.109950] Call Trace: [ 140.110212] [ 140.110444] iommufd_ioas_destroy+0x53/0x70 [ 140.110922] iommufd_fops_release+0x1f7/0x370 [ 140.111398] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.111915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.112419] ? write_comp_data+0x2f/0x90 [ 140.112855] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.113370] __fput+0x26d/0xa40 [ 140.113830] ____fput+0x1e/0x30 [ 140.114349] task_work_run+0x1a4/0x2d0 [ 140.114835] ? __pfx_task_work_run+0x10/0x10 [ 140.115308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.115818] ? switch_task_namespaces+0xa9/0xe0 [ 140.116305] do_exit+0xb17/0x2ef0 [ 140.116662] ? lock_acquire+0x427/0x4c0 [ 140.117080] ? __pfx_lock_release+0x10/0x10 [ 140.117524] ? __kasan_check_write+0x18/0x20 [ 140.117982] ? do_raw_spin_lock+0x132/0x2a0 [ 140.118494] ? __pfx_do_exit+0x10/0x10 [ 140.119084] ? debug_smp_processor_id+0x20/0x30 [ 140.119730] ? rcu_is_watching+0x19/0xb0 [ 140.120152] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.120624] ? trace_hardirqs_on+0x26/0x120 [ 140.121076] do_group_exit+0xe0/0x2b0 [ 140.121469] __x64_sys_exit_group+0x47/0x50 [ 140.121893] do_syscall_64+0x3b/0x90 [ 140.122253] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.122775] RIP: 0033:0x7f4b87518a4d [ 140.123139] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.123713] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.124532] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.125284] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.125953] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.126654] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.127332] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.128006] [ 140.128262] irq event stamp: 0 [ 140.128675] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.129287] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.130073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.130879] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.131476] ---[ end trace 0000000000000000 ]--- [ 140.136851] ------------[ cut here ]------------ [ 140.137338] WARNING: CPU: 1 PID: 1305 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.138282] Modules linked in: [ 140.138647] CPU: 1 PID: 1305 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.139484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.140752] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.141225] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.142966] RSP: 0018:ffff8880172c7bb8 EFLAGS: 00010246 [ 140.143483] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 140.144202] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 140.144986] RBP: ffff8880172c7bd0 R08: ffffed100208c133 R09: ffffed100208c133 [ 140.145650] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff888014581800 [ 140.146310] R13: ffff8880104609e8 R14: ffffffff8352e670 R15: ffff8880172c7e68 [ 140.146984] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.147745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.148281] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 140.148941] PKRU: 55555554 [ 140.149205] Call Trace: [ 140.149441] [ 140.149650] __iommufd_access_detach+0x1c2/0x2b0 [ 140.150107] iommufd_access_change_pt+0x149/0x270 [ 140.150590] iommufd_access_replace+0xb4/0x120 [ 140.151027] iommufd_test+0x3e5/0x37e0 [ 140.151401] ? lock_release+0x532/0x770 [ 140.151784] ? __might_fault+0x102/0x1b0 [ 140.152170] ? lock_acquire+0x427/0x4c0 [ 140.152555] ? __pfx_iommufd_test+0x10/0x10 [ 140.152955] ? __pfx_lock_release+0x10/0x10 [ 140.153364] ? __pfx_lock_acquire+0x10/0x10 [ 140.153774] ? write_comp_data+0x2f/0x90 [ 140.154164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.154654] ? write_comp_data+0x2f/0x90 [ 140.155045] iommufd_fops_ioctl+0x37d/0x510 [ 140.155468] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.155931] ? write_comp_data+0x2f/0x90 [ 140.156322] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.156776] __x64_sys_ioctl+0x1a3/0x230 [ 140.157174] do_syscall_64+0x3b/0x90 [ 140.157533] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.158021] RIP: 0033:0x7f4b8743ee5d [ 140.158366] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.160124] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.160844] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.161500] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.162157] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.162835] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.163506] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.164180] [ 140.164504] irq event stamp: 0 [ 140.164895] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.165489] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.166269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.167080] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.167680] ---[ end trace 0000000000000000 ]--- [ 140.170785] ------------[ cut here ]------------ [ 140.171273] WARNING: CPU: 1 PID: 1305 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.172209] Modules linked in: [ 140.172589] CPU: 1 PID: 1305 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.173507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.174581] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.175042] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.176925] RSP: 0018:ffff8880172c7bd0 EFLAGS: 00010246 [ 140.177427] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 140.178082] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 140.178774] RBP: ffff8880172c7be8 R08: ffffed100208c133 R09: ffffed100208c133 [ 140.179444] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff888012b46400 [ 140.180101] R13: ffff8880104609e8 R14: ffff888011f19600 R15: 0000000000000000 [ 140.180957] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.181698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.182231] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.182918] PKRU: 55555554 [ 140.183199] Call Trace: [ 140.183440] [ 140.183652] iommufd_access_destroy_object+0x65/0x170 [ 140.184142] iommufd_object_destroy_user+0x18e/0x220 [ 140.184795] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.185342] iommufd_access_destroy+0x43/0x70 [ 140.185767] iommufd_test_staccess_release+0x8d/0xd0 [ 140.186247] __fput+0x26d/0xa40 [ 140.186599] ____fput+0x1e/0x30 [ 140.186917] task_work_run+0x1a4/0x2d0 [ 140.187301] ? __pfx_task_work_run+0x10/0x10 [ 140.187717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.188178] ? switch_task_namespaces+0xa9/0xe0 [ 140.188709] do_exit+0xb17/0x2ef0 [ 140.189123] ? lock_acquire+0x427/0x4c0 [ 140.189508] ? __pfx_lock_release+0x10/0x10 [ 140.189918] ? __kasan_check_write+0x18/0x20 [ 140.190333] ? do_raw_spin_lock+0x132/0x2a0 [ 140.190767] ? __pfx_do_exit+0x10/0x10 [ 140.191150] ? debug_smp_processor_id+0x20/0x30 [ 140.191589] ? rcu_is_watching+0x19/0xb0 [ 140.191970] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.192396] ? trace_hardirqs_on+0x26/0x120 [ 140.192864] do_group_exit+0xe0/0x2b0 [ 140.193354] __x64_sys_exit_group+0x47/0x50 [ 140.193756] do_syscall_64+0x3b/0x90 [ 140.194112] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.194625] RIP: 0033:0x7f4b87518a4d [ 140.194974] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.195555] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.196256] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.196964] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.197771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.198431] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.199099] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.199748] [ 140.199954] irq event stamp: 0 [ 140.200231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.200783] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.201668] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.202394] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.202969] ---[ end trace 0000000000000000 ]--- [ 140.203769] ------------[ cut here ]------------ [ 140.204185] WARNING: CPU: 1 PID: 1305 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.205216] Modules linked in: [ 140.205498] CPU: 1 PID: 1305 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.206260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.207336] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.207793] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.209471] RSP: 0018:ffff8880172c7b78 EFLAGS: 00010246 [ 140.209967] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.210610] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 140.211239] RBP: ffff8880172c7b98 R08: ffffed100208c13e R09: ffffed100208c13e [ 140.211859] R10: ffff8880104609ef R11: ffffed100208c13d R12: ffff888010460a90 [ 140.212478] R13: ffff8880104608a8 R14: ffffffffffffffff R15: ffff8880172c7c60 [ 140.213241] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.213945] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.214454] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.215101] PKRU: 55555554 [ 140.215369] Call Trace: [ 140.215596] [ 140.215796] iommufd_ioas_destroy+0x53/0x70 [ 140.216189] iommufd_fops_release+0x1f7/0x370 [ 140.216593] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.217035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.217577] ? write_comp_data+0x2f/0x90 [ 140.218002] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.218445] __fput+0x26d/0xa40 [ 140.218779] ____fput+0x1e/0x30 [ 140.219081] task_work_run+0x1a4/0x2d0 [ 140.219449] ? __pfx_task_work_run+0x10/0x10 [ 140.219846] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.220283] ? switch_task_namespaces+0xa9/0xe0 [ 140.220710] do_exit+0xb17/0x2ef0 [ 140.221015] ? lock_acquire+0x427/0x4c0 [ 140.221473] ? __pfx_lock_release+0x10/0x10 [ 140.221897] ? __kasan_check_write+0x18/0x20 [ 140.222287] ? do_raw_spin_lock+0x132/0x2a0 [ 140.222698] ? __pfx_do_exit+0x10/0x10 [ 140.223052] ? debug_smp_processor_id+0x20/0x30 [ 140.223472] ? rcu_is_watching+0x19/0xb0 [ 140.223828] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.224225] ? trace_hardirqs_on+0x26/0x120 [ 140.224607] do_group_exit+0xe0/0x2b0 [ 140.224940] __x64_sys_exit_group+0x47/0x50 [ 140.225398] do_syscall_64+0x3b/0x90 [ 140.225793] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.226242] RIP: 0033:0x7f4b87518a4d [ 140.226587] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.227120] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.227783] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.228396] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.229006] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.229766] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.230377] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.231019] [ 140.231232] irq event stamp: 0 [ 140.231503] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.232045] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.232765] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.233622] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.234163] ---[ end trace 0000000000000000 ]--- [ 140.240827] ------------[ cut here ]------------ [ 140.241347] WARNING: CPU: 1 PID: 1306 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.242221] Modules linked in: [ 140.242500] CPU: 1 PID: 1306 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.243311] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.244281] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.244829] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.246403] RSP: 0018:ffff8880244cfbb8 EFLAGS: 00010246 [ 140.246886] RAX: 0000000000000000 RBX: ffff888011c550a8 RCX: 0000000000000000 [ 140.247519] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 140.248168] RBP: ffff8880244cfbd0 R08: ffffed100238aa33 R09: ffffed100238aa33 [ 140.248922] R10: ffff888011c55193 R11: ffffed100238aa32 R12: ffff8880129c6c00 [ 140.249531] R13: ffff888011c551e8 R14: ffffffff8352e670 R15: ffff8880244cfe68 [ 140.250138] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.250852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.251361] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ee0 [ 140.251999] PKRU: 55555554 [ 140.252300] Call Trace: [ 140.252567] [ 140.252764] __iommufd_access_detach+0x1c2/0x2b0 [ 140.253182] iommufd_access_change_pt+0x149/0x270 [ 140.253609] iommufd_access_replace+0xb4/0x120 [ 140.254016] iommufd_test+0x3e5/0x37e0 [ 140.254355] ? lock_release+0x532/0x770 [ 140.254737] ? __might_fault+0x102/0x1b0 [ 140.255101] ? lock_acquire+0x427/0x4c0 [ 140.255471] ? __pfx_iommufd_test+0x10/0x10 [ 140.255880] ? __pfx_lock_release+0x10/0x10 [ 140.256360] ? __pfx_lock_acquire+0x10/0x10 [ 140.256744] ? write_comp_data+0x2f/0x90 [ 140.257104] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.257529] ? write_comp_data+0x2f/0x90 [ 140.257894] iommufd_fops_ioctl+0x37d/0x510 [ 140.258274] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.258740] ? write_comp_data+0x2f/0x90 [ 140.259108] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.259554] __x64_sys_ioctl+0x1a3/0x230 [ 140.259926] do_syscall_64+0x3b/0x90 [ 140.260376] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.260861] RIP: 0033:0x7f4b8743ee5d [ 140.261184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.262720] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.263360] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.264098] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.264681] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.265262] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.265839] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.266425] [ 140.266644] irq event stamp: 0 [ 140.266904] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.267447] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.268263] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.268947] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.269467] ---[ end trace 0000000000000000 ]--- [ 140.272398] ------------[ cut here ]------------ [ 140.272817] WARNING: CPU: 1 PID: 1306 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.273641] Modules linked in: [ 140.273903] CPU: 1 PID: 1306 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.274669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.275603] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.276158] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.277629] RSP: 0018:ffff8880244cfbd0 EFLAGS: 00010246 [ 140.278065] RAX: 0000000000000000 RBX: ffff888011c550a8 RCX: 0000000000000000 [ 140.278794] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 140.279386] RBP: ffff8880244cfbe8 R08: ffffed100238aa33 R09: ffffed100238aa33 [ 140.279966] R10: ffff888011c55193 R11: ffffed100238aa32 R12: ffff888014583400 [ 140.280543] R13: ffff888011c551e8 R14: ffff888014588800 R15: 0000000000000000 [ 140.281116] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.281824] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.282399] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.283004] PKRU: 55555554 [ 140.283247] Call Trace: [ 140.283460] [ 140.283648] iommufd_access_destroy_object+0x65/0x170 [ 140.284078] iommufd_object_destroy_user+0x18e/0x220 [ 140.284502] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.284981] iommufd_access_destroy+0x43/0x70 [ 140.285363] iommufd_test_staccess_release+0x8d/0xd0 [ 140.285895] __fput+0x26d/0xa40 [ 140.286184] ____fput+0x1e/0x30 [ 140.286465] task_work_run+0x1a4/0x2d0 [ 140.286820] ? __pfx_task_work_run+0x10/0x10 [ 140.287196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.287604] ? switch_task_namespaces+0xa9/0xe0 [ 140.288001] do_exit+0xb17/0x2ef0 [ 140.288290] ? lock_acquire+0x427/0x4c0 [ 140.288633] ? __pfx_lock_release+0x10/0x10 [ 140.288998] ? __kasan_check_write+0x18/0x20 [ 140.289365] ? do_raw_spin_lock+0x132/0x2a0 [ 140.289796] ? __pfx_do_exit+0x10/0x10 [ 140.290162] ? debug_smp_processor_id+0x20/0x30 [ 140.290576] ? rcu_is_watching+0x19/0xb0 [ 140.290915] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.291300] ? trace_hardirqs_on+0x26/0x120 [ 140.291662] do_group_exit+0xe0/0x2b0 [ 140.291983] __x64_sys_exit_group+0x47/0x50 [ 140.292338] do_syscall_64+0x3b/0x90 [ 140.292659] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.293095] RIP: 0033:0x7f4b87518a4d [ 140.293451] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.294033] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.294711] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.295297] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.295877] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.296457] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.297075] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.297784] [ 140.297979] irq event stamp: 0 [ 140.298238] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.298785] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.299482] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.300157] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.300667] ---[ end trace 0000000000000000 ]--- [ 140.301406] ------------[ cut here ]------------ [ 140.301812] WARNING: CPU: 1 PID: 1306 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.302679] Modules linked in: [ 140.302946] CPU: 1 PID: 1306 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.303673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.304586] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.305147] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.306811] RSP: 0018:ffff8880244cfb78 EFLAGS: 00010246 [ 140.307263] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.307837] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 140.308451] RBP: ffff8880244cfb98 R08: ffffed100238aa3e R09: ffffed100238aa3e [ 140.309129] R10: ffff888011c551ef R11: ffffed100238aa3d R12: ffff888011c55290 [ 140.309710] R13: ffff888011c550a8 R14: ffffffffffffffff R15: ffff8880244cfc60 [ 140.310291] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.310973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.311461] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.312056] PKRU: 55555554 [ 140.312389] Call Trace: [ 140.312658] [ 140.312858] iommufd_ioas_destroy+0x53/0x70 [ 140.313236] iommufd_fops_release+0x1f7/0x370 [ 140.313624] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.314052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.314474] ? write_comp_data+0x2f/0x90 [ 140.314856] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.315295] __fput+0x26d/0xa40 [ 140.315593] ____fput+0x1e/0x30 [ 140.315884] task_work_run+0x1a4/0x2d0 [ 140.316299] ? __pfx_task_work_run+0x10/0x10 [ 140.316741] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.317155] ? switch_task_namespaces+0xa9/0xe0 [ 140.317562] do_exit+0xb17/0x2ef0 [ 140.317861] ? lock_acquire+0x427/0x4c0 [ 140.318208] ? __pfx_lock_release+0x10/0x10 [ 140.318599] ? __kasan_check_write+0x18/0x20 [ 140.318982] ? do_raw_spin_lock+0x132/0x2a0 [ 140.319360] ? __pfx_do_exit+0x10/0x10 [ 140.319704] ? debug_smp_processor_id+0x20/0x30 [ 140.320155] ? rcu_is_watching+0x19/0xb0 [ 140.320586] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.320985] ? trace_hardirqs_on+0x26/0x120 [ 140.321361] do_group_exit+0xe0/0x2b0 [ 140.321690] __x64_sys_exit_group+0x47/0x50 [ 140.322056] do_syscall_64+0x3b/0x90 [ 140.322384] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.322874] RIP: 0033:0x7f4b87518a4d [ 140.323207] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.323729] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.324523] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.325130] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.325734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.326335] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.326964] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.327594] [ 140.327894] irq event stamp: 0 [ 140.328237] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.328769] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.329483] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.330188] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.330747] ---[ end trace 0000000000000000 ]--- [ 140.335330] ------------[ cut here ]------------ [ 140.335872] WARNING: CPU: 1 PID: 1307 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.336797] Modules linked in: [ 140.337067] CPU: 1 PID: 1307 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.337802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.338806] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.339244] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.340947] RSP: 0018:ffff8880143b7bb8 EFLAGS: 00010246 [ 140.341397] RAX: 0000000000000000 RBX: ffff8880146a70a8 RCX: 0000000000000000 [ 140.341996] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 140.342658] RBP: ffff8880143b7bd0 R08: ffffed10028d4e33 R09: ffffed10028d4e33 [ 140.343372] R10: ffff8880146a7193 R11: ffffed10028d4e32 R12: ffff888010826000 [ 140.343977] R13: ffff8880146a71e8 R14: ffffffff8352e670 R15: ffff8880143b7e68 [ 140.344578] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.345282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.345779] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 140.346443] PKRU: 55555554 [ 140.346820] Call Trace: [ 140.347048] [ 140.347259] __iommufd_access_detach+0x1c2/0x2b0 [ 140.347691] iommufd_access_change_pt+0x149/0x270 [ 140.348124] iommufd_access_replace+0xb4/0x120 [ 140.348532] iommufd_test+0x3e5/0x37e0 [ 140.348871] ? lock_release+0x532/0x770 [ 140.349223] ? __might_fault+0x102/0x1b0 [ 140.349583] ? lock_acquire+0x427/0x4c0 [ 140.349939] ? __pfx_iommufd_test+0x10/0x10 [ 140.350400] ? __pfx_lock_release+0x10/0x10 [ 140.350880] ? __pfx_lock_acquire+0x10/0x10 [ 140.351284] ? write_comp_data+0x2f/0x90 [ 140.351654] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.352088] ? write_comp_data+0x2f/0x90 [ 140.352451] iommufd_fops_ioctl+0x37d/0x510 [ 140.352836] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.353262] ? write_comp_data+0x2f/0x90 [ 140.353623] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.354063] __x64_sys_ioctl+0x1a3/0x230 [ 140.354564] do_syscall_64+0x3b/0x90 [ 140.354896] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.355357] RIP: 0033:0x7f4b8743ee5d [ 140.355680] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.357240] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.357914] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.358674] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.359310] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.359920] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.360535] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.361157] [ 140.361362] irq event stamp: 0 [ 140.361637] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.362372] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.363128] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.363857] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.364404] ---[ end trace 0000000000000000 ]--- [ 140.367377] ------------[ cut here ]------------ [ 140.367813] WARNING: CPU: 1 PID: 1307 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.368682] Modules linked in: [ 140.368960] CPU: 1 PID: 1307 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.369865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.370873] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.371319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.372886] RSP: 0018:ffff8880143b7bd0 EFLAGS: 00010246 [ 140.373444] RAX: 0000000000000000 RBX: ffff8880146a70a8 RCX: 0000000000000000 [ 140.374121] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 140.374753] RBP: ffff8880143b7be8 R08: ffffed10028d4e33 R09: ffffed10028d4e33 [ 140.375376] R10: ffff8880146a7193 R11: ffffed10028d4e32 R12: ffff8880129c7000 [ 140.375989] R13: ffff8880146a71e8 R14: ffff888012cefb00 R15: 0000000000000000 [ 140.376601] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.377464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.377965] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.378604] PKRU: 55555554 [ 140.378856] Call Trace: [ 140.379077] [ 140.379284] iommufd_access_destroy_object+0x65/0x170 [ 140.379739] iommufd_object_destroy_user+0x18e/0x220 [ 140.380183] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.380697] iommufd_access_destroy+0x43/0x70 [ 140.381206] iommufd_test_staccess_release+0x8d/0xd0 [ 140.381724] __fput+0x26d/0xa40 [ 140.382028] ____fput+0x1e/0x30 [ 140.382325] task_work_run+0x1a4/0x2d0 [ 140.382718] ? __pfx_task_work_run+0x10/0x10 [ 140.383108] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.383550] ? switch_task_namespaces+0xa9/0xe0 [ 140.383966] do_exit+0xb17/0x2ef0 [ 140.384270] ? lock_acquire+0x427/0x4c0 [ 140.384630] ? __pfx_lock_release+0x10/0x10 [ 140.385008] ? __kasan_check_write+0x18/0x20 [ 140.385535] ? do_raw_spin_lock+0x132/0x2a0 [ 140.385917] ? __pfx_do_exit+0x10/0x10 [ 140.386266] ? debug_smp_processor_id+0x20/0x30 [ 140.386698] ? rcu_is_watching+0x19/0xb0 [ 140.387056] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.387466] ? trace_hardirqs_on+0x26/0x120 [ 140.387850] do_group_exit+0xe0/0x2b0 [ 140.388182] __x64_sys_exit_group+0x47/0x50 [ 140.388558] do_syscall_64+0x3b/0x90 [ 140.388894] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.389463] RIP: 0033:0x7f4b87518a4d [ 140.389850] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.390379] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.391060] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.391683] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.392293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.392906] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.393677] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.394303] [ 140.394533] irq event stamp: 0 [ 140.394806] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.395359] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.396081] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.396804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.397519] ---[ end trace 0000000000000000 ]--- [ 140.398272] ------------[ cut here ]------------ [ 140.398711] WARNING: CPU: 1 PID: 1307 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.399606] Modules linked in: [ 140.399886] CPU: 1 PID: 1307 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.400643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.401761] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.402209] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.403813] RSP: 0018:ffff8880143b7b78 EFLAGS: 00010246 [ 140.404283] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.405050] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 140.405665] RBP: ffff8880143b7b98 R08: ffffed10028d4e3e R09: ffffed10028d4e3e [ 140.406278] R10: ffff8880146a71ef R11: ffffed10028d4e3d R12: ffff8880146a7290 [ 140.406913] R13: ffff8880146a70a8 R14: ffffffffffffffff R15: ffff8880143b7c60 [ 140.407538] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.408282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.408882] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.409498] PKRU: 55555554 [ 140.409744] Call Trace: [ 140.409969] [ 140.410171] iommufd_ioas_destroy+0x53/0x70 [ 140.410584] iommufd_fops_release+0x1f7/0x370 [ 140.410985] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.411433] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.411867] ? write_comp_data+0x2f/0x90 [ 140.412310] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.412809] __fput+0x26d/0xa40 [ 140.413110] ____fput+0x1e/0x30 [ 140.413406] task_work_run+0x1a4/0x2d0 [ 140.413753] ? __pfx_task_work_run+0x10/0x10 [ 140.414139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.414589] ? switch_task_namespaces+0xa9/0xe0 [ 140.415013] do_exit+0xb17/0x2ef0 [ 140.415331] ? lock_acquire+0x427/0x4c0 [ 140.415689] ? __pfx_lock_release+0x10/0x10 [ 140.416070] ? __kasan_check_write+0x18/0x20 [ 140.416595] ? do_raw_spin_lock+0x132/0x2a0 [ 140.416982] ? __pfx_do_exit+0x10/0x10 [ 140.417329] ? debug_smp_processor_id+0x20/0x30 [ 140.417735] ? rcu_is_watching+0x19/0xb0 [ 140.418090] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.418491] ? trace_hardirqs_on+0x26/0x120 [ 140.418905] do_group_exit+0xe0/0x2b0 [ 140.419253] __x64_sys_exit_group+0x47/0x50 [ 140.419627] do_syscall_64+0x3b/0x90 [ 140.419961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.420539] RIP: 0033:0x7f4b87518a4d [ 140.420930] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.421463] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.422117] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.422761] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.423387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.424004] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.424788] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.425415] [ 140.425619] irq event stamp: 0 [ 140.425892] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.426433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.427190] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.427943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.428606] ---[ end trace 0000000000000000 ]--- [ 140.434156] ------------[ cut here ]------------ [ 140.434646] WARNING: CPU: 1 PID: 1308 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.435488] Modules linked in: [ 140.435998] CPU: 1 PID: 1308 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.436885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.437805] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.438213] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.439759] RSP: 0018:ffff888020b37bb8 EFLAGS: 00010246 [ 140.440198] RAX: 0000000000000000 RBX: ffff888021aef8a8 RCX: 0000000000000000 [ 140.440783] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 140.441365] RBP: ffff888020b37bd0 R08: ffffed100435df33 R09: ffffed100435df33 [ 140.441948] R10: ffff888021aef993 R11: ffffed100435df32 R12: ffff88800a724000 [ 140.442546] R13: ffff888021aef9e8 R14: ffffffff8352e670 R15: ffff888020b37e68 [ 140.443139] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.443810] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.444290] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 140.444877] PKRU: 55555554 [ 140.445106] Call Trace: [ 140.445317] [ 140.445506] __iommufd_access_detach+0x1c2/0x2b0 [ 140.445908] iommufd_access_change_pt+0x149/0x270 [ 140.446314] iommufd_access_replace+0xb4/0x120 [ 140.446726] iommufd_test+0x3e5/0x37e0 [ 140.447050] ? lock_release+0x532/0x770 [ 140.447397] ? __might_fault+0x102/0x1b0 [ 140.447742] ? lock_acquire+0x427/0x4c0 [ 140.448080] ? __pfx_iommufd_test+0x10/0x10 [ 140.448433] ? __pfx_lock_release+0x10/0x10 [ 140.448797] ? __pfx_lock_acquire+0x10/0x10 [ 140.449165] ? write_comp_data+0x2f/0x90 [ 140.449511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.449916] ? write_comp_data+0x2f/0x90 [ 140.450262] iommufd_fops_ioctl+0x37d/0x510 [ 140.450646] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.451057] ? write_comp_data+0x2f/0x90 [ 140.451409] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.451810] __x64_sys_ioctl+0x1a3/0x230 [ 140.452156] do_syscall_64+0x3b/0x90 [ 140.452472] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.452906] RIP: 0033:0x7f4b8743ee5d [ 140.453215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.454722] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.455351] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.455933] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.456511] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.457091] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.457669] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.458257] [ 140.458448] irq event stamp: 0 [ 140.458727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.459249] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.459938] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.460623] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.461138] ---[ end trace 0000000000000000 ]--- [ 140.464043] ------------[ cut here ]------------ [ 140.464456] WARNING: CPU: 1 PID: 1308 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.465281] Modules linked in: [ 140.465546] CPU: 1 PID: 1308 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.466259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.467407] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.467821] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.469315] RSP: 0018:ffff888020b37bd0 EFLAGS: 00010246 [ 140.469748] RAX: 0000000000000000 RBX: ffff888021aef8a8 RCX: 0000000000000000 [ 140.470331] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 140.470930] RBP: ffff888020b37be8 R08: ffffed100435df33 R09: ffffed100435df33 [ 140.471523] R10: ffff888021aef993 R11: ffffed100435df32 R12: ffff888010827400 [ 140.472104] R13: ffff888021aef9e8 R14: ffff888012b9b200 R15: 0000000000000000 [ 140.472687] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.473343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.473818] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.474403] PKRU: 55555554 [ 140.474650] Call Trace: [ 140.474861] [ 140.475048] iommufd_access_destroy_object+0x65/0x170 [ 140.475485] iommufd_object_destroy_user+0x18e/0x220 [ 140.475907] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.476391] iommufd_access_destroy+0x43/0x70 [ 140.476773] iommufd_test_staccess_release+0x8d/0xd0 [ 140.477200] __fput+0x26d/0xa40 [ 140.477490] ____fput+0x1e/0x30 [ 140.477772] task_work_run+0x1a4/0x2d0 [ 140.478102] ? __pfx_task_work_run+0x10/0x10 [ 140.478471] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.478900] ? switch_task_namespaces+0xa9/0xe0 [ 140.479303] do_exit+0xb17/0x2ef0 [ 140.479593] ? lock_acquire+0x427/0x4c0 [ 140.479932] ? __pfx_lock_release+0x10/0x10 [ 140.480293] ? __kasan_check_write+0x18/0x20 [ 140.480658] ? do_raw_spin_lock+0x132/0x2a0 [ 140.481015] ? __pfx_do_exit+0x10/0x10 [ 140.481345] ? debug_smp_processor_id+0x20/0x30 [ 140.481736] ? rcu_is_watching+0x19/0xb0 [ 140.482076] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.482458] ? trace_hardirqs_on+0x26/0x120 [ 140.482839] do_group_exit+0xe0/0x2b0 [ 140.483167] __x64_sys_exit_group+0x47/0x50 [ 140.483525] do_syscall_64+0x3b/0x90 [ 140.483840] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.484273] RIP: 0033:0x7f4b87518a4d [ 140.484581] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.485084] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.485701] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.486282] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.486881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.487470] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.488053] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.488646] [ 140.488835] irq event stamp: 0 [ 140.489087] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.489586] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.490250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.490936] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.491450] ---[ end trace 0000000000000000 ]--- [ 140.492162] ------------[ cut here ]------------ [ 140.492534] WARNING: CPU: 1 PID: 1308 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.493339] Modules linked in: [ 140.493595] CPU: 1 PID: 1308 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.494289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.495221] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.495633] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.497077] RSP: 0018:ffff888020b37b78 EFLAGS: 00010246 [ 140.497500] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.498061] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 140.498643] RBP: ffff888020b37b98 R08: ffffed100435df3e R09: ffffed100435df3e [ 140.499219] R10: ffff888021aef9ef R11: ffffed100435df3d R12: ffff888021aefa90 [ 140.499788] R13: ffff888021aef8a8 R14: ffffffffffffffff R15: ffff888020b37c60 [ 140.500353] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.500995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.501502] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.502212] PKRU: 55555554 [ 140.502441] Call Trace: [ 140.502667] [ 140.502852] iommufd_ioas_destroy+0x53/0x70 [ 140.503216] iommufd_fops_release+0x1f7/0x370 [ 140.503591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.504003] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.504411] ? write_comp_data+0x2f/0x90 [ 140.504777] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.505297] __fput+0x26d/0xa40 [ 140.505579] ____fput+0x1e/0x30 [ 140.505872] task_work_run+0x1a4/0x2d0 [ 140.506197] ? __pfx_task_work_run+0x10/0x10 [ 140.506584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.506994] ? switch_task_namespaces+0xa9/0xe0 [ 140.507409] do_exit+0xb17/0x2ef0 [ 140.507700] ? lock_acquire+0x427/0x4c0 [ 140.508036] ? __pfx_lock_release+0x10/0x10 [ 140.508399] ? __kasan_check_write+0x18/0x20 [ 140.508769] ? do_raw_spin_lock+0x132/0x2a0 [ 140.509159] ? __pfx_do_exit+0x10/0x10 [ 140.509575] ? debug_smp_processor_id+0x20/0x30 [ 140.509956] ? rcu_is_watching+0x19/0xb0 [ 140.510288] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.510704] ? trace_hardirqs_on+0x26/0x120 [ 140.511065] do_group_exit+0xe0/0x2b0 [ 140.511392] __x64_sys_exit_group+0x47/0x50 [ 140.511742] do_syscall_64+0x3b/0x90 [ 140.512053] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.512480] RIP: 0033:0x7f4b87518a4d [ 140.512782] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.513354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.514024] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.514625] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.515206] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.515777] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.516347] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.517014] [ 140.517270] irq event stamp: 0 [ 140.517526] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.518034] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.518741] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.519428] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.519956] ---[ end trace 0000000000000000 ]--- [ 140.526031] ------------[ cut here ]------------ [ 140.526692] WARNING: CPU: 0 PID: 1309 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.528045] Modules linked in: [ 140.528426] CPU: 0 PID: 1309 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.529426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.530755] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.531398] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.532952] RSP: 0018:ffff8880143b7bb8 EFLAGS: 00010246 [ 140.533385] RAX: 0000000000000000 RBX: ffff888021a780a8 RCX: 0000000000000000 [ 140.533967] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 140.534576] RBP: ffff8880143b7bd0 R08: ffffed100434f033 R09: ffffed100434f033 [ 140.535280] R10: ffff888021a78193 R11: ffffed100434f032 R12: ffff888018a3c800 [ 140.535860] R13: ffff888021a781e8 R14: ffffffff8352e670 R15: ffff8880143b7e68 [ 140.536447] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.537098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.537577] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 140.538156] PKRU: 55555554 [ 140.538394] Call Trace: [ 140.538638] [ 140.538874] __iommufd_access_detach+0x1c2/0x2b0 [ 140.539342] iommufd_access_change_pt+0x149/0x270 [ 140.539765] iommufd_access_replace+0xb4/0x120 [ 140.540154] iommufd_test+0x3e5/0x37e0 [ 140.540484] ? lock_release+0x532/0x770 [ 140.540833] ? __might_fault+0x102/0x1b0 [ 140.541188] ? lock_acquire+0x427/0x4c0 [ 140.541554] ? __pfx_iommufd_test+0x10/0x10 [ 140.541938] ? __pfx_lock_release+0x10/0x10 [ 140.542317] ? __pfx_lock_acquire+0x10/0x10 [ 140.542740] ? write_comp_data+0x2f/0x90 [ 140.543208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.543666] ? write_comp_data+0x2f/0x90 [ 140.544036] iommufd_fops_ioctl+0x37d/0x510 [ 140.544412] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.544848] ? write_comp_data+0x2f/0x90 [ 140.545214] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.545637] __x64_sys_ioctl+0x1a3/0x230 [ 140.546010] do_syscall_64+0x3b/0x90 [ 140.546343] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.546845] RIP: 0033:0x7f4b8743ee5d [ 140.547277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.548873] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.549520] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.550130] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.550772] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.551439] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.552059] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.552677] [ 140.552891] irq event stamp: 0 [ 140.553159] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.553696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.554419] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.555176] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.555804] ---[ end trace 0000000000000000 ]--- [ 140.561080] ------------[ cut here ]------------ [ 140.561746] WARNING: CPU: 0 PID: 1309 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.563209] Modules linked in: [ 140.563622] CPU: 0 PID: 1309 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.564907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.566478] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.567169] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.569542] RSP: 0018:ffff8880143b7bd0 EFLAGS: 00010246 [ 140.570210] RAX: 0000000000000000 RBX: ffff888021a780a8 RCX: 0000000000000000 [ 140.571276] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 140.572129] RBP: ffff8880143b7be8 R08: ffffed100434f033 R09: ffffed100434f033 [ 140.573191] R10: ffff888021a78193 R11: ffffed100434f032 R12: ffff888013b15c00 [ 140.574038] R13: ffff888021a781e8 R14: ffff888020e11500 R15: 0000000000000000 [ 140.575137] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.576093] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.576847] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 140.577827] PKRU: 55555554 [ 140.578176] Call Trace: [ 140.578488] [ 140.578955] iommufd_access_destroy_object+0x65/0x170 [ 140.579604] iommufd_object_destroy_user+0x18e/0x220 [ 140.580238] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.580997] iommufd_access_destroy+0x43/0x70 [ 140.581711] iommufd_test_staccess_release+0x8d/0xd0 [ 140.582357] __fput+0x26d/0xa40 [ 140.582843] ____fput+0x1e/0x30 [ 140.583332] task_work_run+0x1a4/0x2d0 [ 140.583979] ? __pfx_task_work_run+0x10/0x10 [ 140.584538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.585174] ? switch_task_namespaces+0xa9/0xe0 [ 140.585936] do_exit+0xb17/0x2ef0 [ 140.586377] ? lock_acquire+0x427/0x4c0 [ 140.586926] ? __pfx_lock_release+0x10/0x10 [ 140.587553] ? __kasan_check_write+0x18/0x20 [ 140.588266] ? do_raw_spin_lock+0x132/0x2a0 [ 140.588831] ? __pfx_do_exit+0x10/0x10 [ 140.589342] ? debug_smp_processor_id+0x20/0x30 [ 140.590155] ? rcu_is_watching+0x19/0xb0 [ 140.590728] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.591335] ? trace_hardirqs_on+0x26/0x120 [ 140.591900] do_group_exit+0xe0/0x2b0 [ 140.592618] __x64_sys_exit_group+0x47/0x50 [ 140.593175] do_syscall_64+0x3b/0x90 [ 140.593669] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.594336] RIP: 0033:0x7f4b87518a4d [ 140.594853] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.595648] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.596641] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.597569] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.598493] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.599500] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.600427] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.601367] [ 140.601680] irq event stamp: 0 [ 140.602096] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.602952] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.604049] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.605132] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.605942] ---[ end trace 0000000000000000 ]--- [ 140.607298] ------------[ cut here ]------------ [ 140.607925] WARNING: CPU: 0 PID: 1309 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.609241] Modules linked in: [ 140.609670] CPU: 0 PID: 1309 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.610847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.612324] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.613000] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.615434] RSP: 0018:ffff8880143b7b78 EFLAGS: 00010246 [ 140.616145] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.617078] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 140.618005] RBP: ffff8880143b7b98 R08: ffffed100434f03e R09: ffffed100434f03e [ 140.618978] R10: ffff888021a781ef R11: ffffed100434f03d R12: ffff888021a78290 [ 140.619931] R13: ffff888021a780a8 R14: ffffffffffffffff R15: ffff8880143b7c60 [ 140.620862] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.621901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.622699] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 140.623650] PKRU: 55555554 [ 140.624024] Call Trace: [ 140.624366] [ 140.624675] iommufd_ioas_destroy+0x53/0x70 [ 140.625257] iommufd_fops_release+0x1f7/0x370 [ 140.625860] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.626563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.627243] ? write_comp_data+0x2f/0x90 [ 140.627798] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.628456] __fput+0x26d/0xa40 [ 140.628916] ____fput+0x1e/0x30 [ 140.629366] task_work_run+0x1a4/0x2d0 [ 140.629899] ? __pfx_task_work_run+0x10/0x10 [ 140.630489] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.631206] ? switch_task_namespaces+0xa9/0xe0 [ 140.631837] do_exit+0xb17/0x2ef0 [ 140.632300] ? lock_acquire+0x427/0x4c0 [ 140.632839] ? __pfx_lock_release+0x10/0x10 [ 140.633417] ? __kasan_check_write+0x18/0x20 [ 140.634004] ? do_raw_spin_lock+0x132/0x2a0 [ 140.634632] ? __pfx_do_exit+0x10/0x10 [ 140.635188] ? debug_smp_processor_id+0x20/0x30 [ 140.635809] ? rcu_is_watching+0x19/0xb0 [ 140.636349] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.636956] ? trace_hardirqs_on+0x26/0x120 [ 140.637535] do_group_exit+0xe0/0x2b0 [ 140.638045] __x64_sys_exit_group+0x47/0x50 [ 140.638657] do_syscall_64+0x3b/0x90 [ 140.639194] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.639888] RIP: 0033:0x7f4b87518a4d [ 140.640384] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.641188] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.642182] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.643140] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.644085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.645011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.645937] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.646912] [ 140.647249] irq event stamp: 0 [ 140.647669] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.648493] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.649576] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.650689] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.651529] ---[ end trace 0000000000000000 ]--- [ 140.658866] ------------[ cut here ]------------ [ 140.659561] WARNING: CPU: 0 PID: 1310 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.660892] Modules linked in: [ 140.661319] CPU: 0 PID: 1310 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.662452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.663998] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.664669] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.667058] RSP: 0018:ffff8880245ffbb8 EFLAGS: 00010246 [ 140.667767] RAX: 0000000000000000 RBX: ffff888011f640a8 RCX: 0000000000000000 [ 140.668688] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 140.669611] RBP: ffff8880245ffbd0 R08: ffffed10023ec833 R09: ffffed10023ec833 [ 140.670568] R10: ffff888011f64193 R11: ffffed10023ec832 R12: ffff88800ae90000 [ 140.671515] R13: ffff888011f641e8 R14: ffffffff8352e670 R15: ffff8880245ffe68 [ 140.672440] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.673483] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.674242] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 140.675242] PKRU: 55555554 [ 140.675627] Call Trace: [ 140.675971] [ 140.676277] __iommufd_access_detach+0x1c2/0x2b0 [ 140.676927] iommufd_access_change_pt+0x149/0x270 [ 140.677578] iommufd_access_replace+0xb4/0x120 [ 140.678196] iommufd_test+0x3e5/0x37e0 [ 140.678747] ? lock_release+0x532/0x770 [ 140.679307] ? __might_fault+0x102/0x1b0 [ 140.679858] ? lock_acquire+0x427/0x4c0 [ 140.680401] ? __pfx_iommufd_test+0x10/0x10 [ 140.680972] ? __pfx_lock_release+0x10/0x10 [ 140.681553] ? __pfx_lock_acquire+0x10/0x10 [ 140.682137] ? write_comp_data+0x2f/0x90 [ 140.682732] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.683403] ? write_comp_data+0x2f/0x90 [ 140.683958] iommufd_fops_ioctl+0x37d/0x510 [ 140.684534] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.685185] ? write_comp_data+0x2f/0x90 [ 140.685734] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.686380] __x64_sys_ioctl+0x1a3/0x230 [ 140.686973] do_syscall_64+0x3b/0x90 [ 140.687511] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.688210] RIP: 0033:0x7f4b8743ee5d [ 140.688706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.691105] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.692126] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.693052] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.693975] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.694935] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.695871] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.696814] [ 140.697126] irq event stamp: 0 [ 140.697542] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.698362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.699496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.700582] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.701402] ---[ end trace 0000000000000000 ]--- [ 140.706253] ------------[ cut here ]------------ [ 140.706946] WARNING: CPU: 0 PID: 1310 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.708274] Modules linked in: [ 140.708699] CPU: 0 PID: 1310 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.709828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.711333] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.711987] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.714333] RSP: 0018:ffff8880245ffbd0 EFLAGS: 00010246 [ 140.715062] RAX: 0000000000000000 RBX: ffff888011f640a8 RCX: 0000000000000000 [ 140.715922] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 140.716604] RBP: ffff8880245ffbe8 R08: ffffed10023ec833 R09: ffffed10023ec833 [ 140.717270] R10: ffff888011f64193 R11: ffffed10023ec832 R12: ffff888018a3ec00 [ 140.717940] R13: ffff888011f641e8 R14: ffff88800f503600 R15: 0000000000000000 [ 140.718644] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.719409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.719936] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 140.720595] PKRU: 55555554 [ 140.720856] Call Trace: [ 140.721094] [ 140.721307] iommufd_access_destroy_object+0x65/0x170 [ 140.721793] iommufd_object_destroy_user+0x18e/0x220 [ 140.722270] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.722832] iommufd_access_destroy+0x43/0x70 [ 140.723269] iommufd_test_staccess_release+0x8d/0xd0 [ 140.723752] __fput+0x26d/0xa40 [ 140.724082] ____fput+0x1e/0x30 [ 140.724397] task_work_run+0x1a4/0x2d0 [ 140.724776] ? __pfx_task_work_run+0x10/0x10 [ 140.725191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.725653] ? switch_task_namespaces+0xa9/0xe0 [ 140.726096] do_exit+0xb17/0x2ef0 [ 140.726423] ? lock_acquire+0x427/0x4c0 [ 140.726823] ? __pfx_lock_release+0x10/0x10 [ 140.727252] ? __kasan_check_write+0x18/0x20 [ 140.727670] ? do_raw_spin_lock+0x132/0x2a0 [ 140.728076] ? __pfx_do_exit+0x10/0x10 [ 140.728449] ? debug_smp_processor_id+0x20/0x30 [ 140.728887] ? rcu_is_watching+0x19/0xb0 [ 140.729271] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.729698] ? trace_hardirqs_on+0x26/0x120 [ 140.730109] do_group_exit+0xe0/0x2b0 [ 140.730464] __x64_sys_exit_group+0x47/0x50 [ 140.730884] do_syscall_64+0x3b/0x90 [ 140.731255] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.731748] RIP: 0033:0x7f4b87518a4d [ 140.732098] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.732668] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.733420] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.734077] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.734768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.735436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.736073] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.736734] [ 140.736946] irq event stamp: 0 [ 140.737228] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.737789] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.738558] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.739316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.739880] ---[ end trace 0000000000000000 ]--- [ 140.740632] ------------[ cut here ]------------ [ 140.741037] WARNING: CPU: 0 PID: 1310 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.741904] Modules linked in: [ 140.742184] CPU: 0 PID: 1310 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.742966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.743929] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.744372] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.745970] RSP: 0018:ffff8880245ffb78 EFLAGS: 00010246 [ 140.746424] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.747045] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 140.747670] RBP: ffff8880245ffb98 R08: ffffed10023ec83e R09: ffffed10023ec83e [ 140.748268] R10: ffff888011f641ef R11: ffffed10023ec83d R12: ffff888011f64290 [ 140.748872] R13: ffff888011f640a8 R14: ffffffffffffffff R15: ffff8880245ffc60 [ 140.749471] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.750152] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.750662] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 140.751304] PKRU: 55555554 [ 140.751548] Call Trace: [ 140.751768] [ 140.751963] iommufd_ioas_destroy+0x53/0x70 [ 140.752337] iommufd_fops_release+0x1f7/0x370 [ 140.752726] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.753159] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.753586] ? write_comp_data+0x2f/0x90 [ 140.753943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.754367] __fput+0x26d/0xa40 [ 140.754679] ____fput+0x1e/0x30 [ 140.754973] task_work_run+0x1a4/0x2d0 [ 140.755317] ? __pfx_task_work_run+0x10/0x10 [ 140.755686] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.756083] ? switch_task_namespaces+0xa9/0xe0 [ 140.756468] do_exit+0xb17/0x2ef0 [ 140.756749] ? lock_acquire+0x427/0x4c0 [ 140.757082] ? __pfx_lock_release+0x10/0x10 [ 140.757434] ? __kasan_check_write+0x18/0x20 [ 140.757792] ? do_raw_spin_lock+0x132/0x2a0 [ 140.758146] ? __pfx_do_exit+0x10/0x10 [ 140.758471] ? debug_smp_processor_id+0x20/0x30 [ 140.758869] ? rcu_is_watching+0x19/0xb0 [ 140.759215] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.759592] ? trace_hardirqs_on+0x26/0x120 [ 140.759962] do_group_exit+0xe0/0x2b0 [ 140.760531] __x64_sys_exit_group+0x47/0x50 [ 140.761074] do_syscall_64+0x3b/0x90 [ 140.761396] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.761824] RIP: 0033:0x7f4b87518a4d [ 140.762175] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.762798] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.763426] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.764049] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.764723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.765339] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.765980] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.766647] [ 140.766839] irq event stamp: 0 [ 140.767093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.767609] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.768284] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.768948] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.769452] ---[ end trace 0000000000000000 ]--- [ 140.773551] ------------[ cut here ]------------ [ 140.774221] WARNING: CPU: 1 PID: 1311 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.775147] Modules linked in: [ 140.775495] CPU: 1 PID: 1311 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.776285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.777222] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.777692] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.779295] RSP: 0018:ffff888021af7bb8 EFLAGS: 00010246 [ 140.779757] RAX: 0000000000000000 RBX: ffff888010b9d8a8 RCX: 0000000000000000 [ 140.780455] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 140.781041] RBP: ffff888021af7bd0 R08: ffffed1002173b33 R09: ffffed1002173b33 [ 140.781681] R10: ffff888010b9d993 R11: ffffed1002173b32 R12: ffff88800fcb1800 [ 140.782330] R13: ffff888010b9d9e8 R14: ffffffff8352e670 R15: ffff888021af7e68 [ 140.782941] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.783633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.784217] CR2: 00007f4b877410e8 CR3: 000000001444c000 CR4: 0000000000750ee0 [ 140.784808] PKRU: 55555554 [ 140.785043] Call Trace: [ 140.785259] [ 140.785477] __iommufd_access_detach+0x1c2/0x2b0 [ 140.785951] iommufd_access_change_pt+0x149/0x270 [ 140.786361] iommufd_access_replace+0xb4/0x120 [ 140.786778] iommufd_test+0x3e5/0x37e0 [ 140.787107] ? lock_release+0x532/0x770 [ 140.787494] ? __might_fault+0x102/0x1b0 [ 140.787916] ? lock_acquire+0x427/0x4c0 [ 140.788259] ? __pfx_iommufd_test+0x10/0x10 [ 140.788623] ? __pfx_lock_release+0x10/0x10 [ 140.788992] ? __pfx_lock_acquire+0x10/0x10 [ 140.789426] ? write_comp_data+0x2f/0x90 [ 140.789835] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.790245] ? write_comp_data+0x2f/0x90 [ 140.790615] iommufd_fops_ioctl+0x37d/0x510 [ 140.790985] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.791437] ? write_comp_data+0x2f/0x90 [ 140.791871] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.792280] __x64_sys_ioctl+0x1a3/0x230 [ 140.792629] do_syscall_64+0x3b/0x90 [ 140.792950] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.793503] RIP: 0033:0x7f4b8743ee5d [ 140.793817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.795492] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.796133] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.796717] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.797438] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.798024] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.798629] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.799305] [ 140.799569] irq event stamp: 0 [ 140.799835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.800356] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.801124] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.801882] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.802405] ---[ end trace 0000000000000000 ]--- [ 140.805539] ------------[ cut here ]------------ [ 140.805959] WARNING: CPU: 1 PID: 1311 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.807055] Modules linked in: [ 140.807429] CPU: 1 PID: 1311 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.808150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.809213] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.809634] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.811298] RSP: 0018:ffff888021af7bd0 EFLAGS: 00010246 [ 140.811744] RAX: 0000000000000000 RBX: ffff888010b9d8a8 RCX: 0000000000000000 [ 140.812338] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 140.812990] RBP: ffff888021af7be8 R08: ffffed1002173b33 R09: ffffed1002173b33 [ 140.813639] R10: ffff888010b9d993 R11: ffffed1002173b32 R12: ffff88800a726400 [ 140.814232] R13: ffff888010b9d9e8 R14: ffff88802085c200 R15: 0000000000000000 [ 140.814890] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 140.815620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.816094] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 140.816684] PKRU: 55555554 [ 140.816924] Call Trace: [ 140.817201] [ 140.817439] iommufd_access_destroy_object+0x65/0x170 [ 140.817867] iommufd_object_destroy_user+0x18e/0x220 [ 140.818286] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.818788] iommufd_access_destroy+0x43/0x70 [ 140.819267] iommufd_test_staccess_release+0x8d/0xd0 [ 140.819700] __fput+0x26d/0xa40 [ 140.819992] ____fput+0x1e/0x30 [ 140.820277] task_work_run+0x1a4/0x2d0 [ 140.820610] ? __pfx_task_work_run+0x10/0x10 [ 140.821015] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.821486] ? switch_task_namespaces+0xa9/0xe0 [ 140.821885] do_exit+0xb17/0x2ef0 [ 140.822179] ? lock_acquire+0x427/0x4c0 [ 140.822538] ? __pfx_lock_release+0x10/0x10 [ 140.822903] ? __kasan_check_write+0x18/0x20 [ 140.823346] ? do_raw_spin_lock+0x132/0x2a0 [ 140.823754] ? __pfx_do_exit+0x10/0x10 [ 140.824086] ? debug_smp_processor_id+0x20/0x30 [ 140.824475] ? rcu_is_watching+0x19/0xb0 [ 140.824817] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.825315] ? trace_hardirqs_on+0x26/0x120 [ 140.825681] do_group_exit+0xe0/0x2b0 [ 140.826001] __x64_sys_exit_group+0x47/0x50 [ 140.826363] do_syscall_64+0x3b/0x90 [ 140.826708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.827168] RIP: 0033:0x7f4b87518a4d [ 140.827580] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.828084] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.828711] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.829358] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.829994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.830607] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.831231] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.831983] [ 140.832183] irq event stamp: 0 [ 140.832451] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.832987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.833700] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.834416] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.834981] ---[ end trace 0000000000000000 ]--- [ 140.835874] ------------[ cut here ]------------ [ 140.836298] WARNING: CPU: 0 PID: 1311 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.837160] Modules linked in: [ 140.837433] CPU: 0 PID: 1311 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.838157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.839175] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.839609] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.841124] RSP: 0018:ffff888021af7b78 EFLAGS: 00010246 [ 140.841570] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.842162] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 140.842770] RBP: ffff888021af7b98 R08: ffffed1002173b3e R09: ffffed1002173b3e [ 140.843386] R10: ffff888010b9d9ef R11: ffffed1002173b3d R12: ffff888010b9da90 [ 140.843988] R13: ffff888010b9d8a8 R14: ffffffffffffffff R15: ffff888021af7c60 [ 140.844582] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.845248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.845731] CR2: 00007f82e2eb8000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 140.846328] PKRU: 55555554 [ 140.846584] Call Trace: [ 140.846805] [ 140.846996] iommufd_ioas_destroy+0x53/0x70 [ 140.847388] iommufd_fops_release+0x1f7/0x370 [ 140.847776] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.848200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.848617] ? write_comp_data+0x2f/0x90 [ 140.848966] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.849389] __fput+0x26d/0xa40 [ 140.849682] ____fput+0x1e/0x30 [ 140.849970] task_work_run+0x1a4/0x2d0 [ 140.850306] ? __pfx_task_work_run+0x10/0x10 [ 140.850702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.851141] ? switch_task_namespaces+0xa9/0xe0 [ 140.851551] do_exit+0xb17/0x2ef0 [ 140.851847] ? lock_acquire+0x427/0x4c0 [ 140.852195] ? __pfx_lock_release+0x10/0x10 [ 140.852570] ? __kasan_check_write+0x18/0x20 [ 140.852944] ? do_raw_spin_lock+0x132/0x2a0 [ 140.853310] ? __pfx_do_exit+0x10/0x10 [ 140.853646] ? debug_smp_processor_id+0x20/0x30 [ 140.854038] ? rcu_is_watching+0x19/0xb0 [ 140.854380] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.854783] ? trace_hardirqs_on+0x26/0x120 [ 140.855167] do_group_exit+0xe0/0x2b0 [ 140.855492] __x64_sys_exit_group+0x47/0x50 [ 140.855853] do_syscall_64+0x3b/0x90 [ 140.856174] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.856617] RIP: 0033:0x7f4b87518a4d [ 140.856929] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.857443] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.858078] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.858686] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.859295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.859896] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.860490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.861139] [ 140.861335] irq event stamp: 0 [ 140.861600] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.862124] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.862836] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.863542] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.864047] ---[ end trace 0000000000000000 ]--- [ 140.868631] ------------[ cut here ]------------ [ 140.869052] WARNING: CPU: 0 PID: 1312 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.869861] Modules linked in: [ 140.870118] CPU: 0 PID: 1312 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.870852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.871761] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.872162] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.873612] RSP: 0018:ffff888013577bb8 EFLAGS: 00010246 [ 140.874038] RAX: 0000000000000000 RBX: ffff88800cb910a8 RCX: 0000000000000000 [ 140.874623] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 140.875202] RBP: ffff888013577bd0 R08: ffffed1001972233 R09: ffffed1001972233 [ 140.875774] R10: ffff88800cb91193 R11: ffffed1001972232 R12: ffff88801422e400 [ 140.876342] R13: ffff88800cb911e8 R14: ffffffff8352e670 R15: ffff888013577e68 [ 140.876910] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.877554] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.878018] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ef0 [ 140.878607] PKRU: 55555554 [ 140.878844] Call Trace: [ 140.879055] [ 140.879260] __iommufd_access_detach+0x1c2/0x2b0 [ 140.879660] iommufd_access_change_pt+0x149/0x270 [ 140.880062] iommufd_access_replace+0xb4/0x120 [ 140.880443] iommufd_test+0x3e5/0x37e0 [ 140.880760] ? lock_release+0x532/0x770 [ 140.881090] ? __might_fault+0x102/0x1b0 [ 140.881425] ? lock_acquire+0x427/0x4c0 [ 140.881751] ? __pfx_iommufd_test+0x10/0x10 [ 140.882096] ? __pfx_lock_release+0x10/0x10 [ 140.882448] ? __pfx_lock_acquire+0x10/0x10 [ 140.882819] ? write_comp_data+0x2f/0x90 [ 140.883175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.883576] ? write_comp_data+0x2f/0x90 [ 140.883914] iommufd_fops_ioctl+0x37d/0x510 [ 140.884267] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.884670] ? write_comp_data+0x2f/0x90 [ 140.885010] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.885404] __x64_sys_ioctl+0x1a3/0x230 [ 140.885742] do_syscall_64+0x3b/0x90 [ 140.886053] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.886479] RIP: 0033:0x7f4b8743ee5d [ 140.886816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.888291] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.888901] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.889468] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.890044] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.890629] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.891207] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.891783] [ 140.891969] irq event stamp: 0 [ 140.892227] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.892718] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.893417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.894061] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.894567] ---[ end trace 0000000000000000 ]--- [ 140.897301] ------------[ cut here ]------------ [ 140.897702] WARNING: CPU: 0 PID: 1312 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.898471] Modules linked in: [ 140.898740] CPU: 0 PID: 1312 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.899421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.900276] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.900660] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.902047] RSP: 0018:ffff888013577bd0 EFLAGS: 00010246 [ 140.902457] RAX: 0000000000000000 RBX: ffff88800cb910a8 RCX: 0000000000000000 [ 140.903016] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 140.903568] RBP: ffff888013577be8 R08: ffffed1001972233 R09: ffffed1001972233 [ 140.904110] R10: ffff88800cb91193 R11: ffffed1001972232 R12: ffff88800ae90400 [ 140.904653] R13: ffff88800cb911e8 R14: ffff8880143f2400 R15: 0000000000000000 [ 140.905194] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.905807] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.906249] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 140.906807] PKRU: 55555554 [ 140.907027] Call Trace: [ 140.907230] [ 140.907405] iommufd_access_destroy_object+0x65/0x170 [ 140.907813] iommufd_object_destroy_user+0x18e/0x220 [ 140.908210] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.908661] iommufd_access_destroy+0x43/0x70 [ 140.909015] iommufd_test_staccess_release+0x8d/0xd0 [ 140.909413] __fput+0x26d/0xa40 [ 140.909686] ____fput+0x1e/0x30 [ 140.909950] task_work_run+0x1a4/0x2d0 [ 140.910258] ? __pfx_task_work_run+0x10/0x10 [ 140.910624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.911010] ? switch_task_namespaces+0xa9/0xe0 [ 140.911398] do_exit+0xb17/0x2ef0 [ 140.911668] ? lock_acquire+0x427/0x4c0 [ 140.911986] ? __pfx_lock_release+0x10/0x10 [ 140.912326] ? __kasan_check_write+0x18/0x20 [ 140.912668] ? do_raw_spin_lock+0x132/0x2a0 [ 140.913000] ? __pfx_do_exit+0x10/0x10 [ 140.913308] ? debug_smp_processor_id+0x20/0x30 [ 140.913670] ? rcu_is_watching+0x19/0xb0 [ 140.913986] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.914342] ? trace_hardirqs_on+0x26/0x120 [ 140.914698] do_group_exit+0xe0/0x2b0 [ 140.915001] __x64_sys_exit_group+0x47/0x50 [ 140.915342] do_syscall_64+0x3b/0x90 [ 140.915640] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.916045] RIP: 0033:0x7f4b87518a4d [ 140.916330] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.916797] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.917377] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.917921] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.918464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.919022] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.919576] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.920127] [ 140.920311] irq event stamp: 0 [ 140.920552] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.921033] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.921673] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.922310] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.922812] ---[ end trace 0000000000000000 ]--- [ 140.923502] ------------[ cut here ]------------ [ 140.923865] WARNING: CPU: 0 PID: 1312 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 140.924644] Modules linked in: [ 140.924896] CPU: 0 PID: 1312 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.925613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.926469] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 140.926884] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 140.928306] RSP: 0018:ffff888013577b78 EFLAGS: 00010246 [ 140.928716] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 140.929257] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 140.929801] RBP: ffff888013577b98 R08: ffffed100197223e R09: ffffed100197223e [ 140.930344] R10: ffff88800cb911ef R11: ffffed100197223d R12: ffff88800cb91290 [ 140.930907] R13: ffff88800cb910a8 R14: ffffffffffffffff R15: ffff888013577c60 [ 140.931456] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.932065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.932511] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 140.933051] PKRU: 55555554 [ 140.933268] Call Trace: [ 140.933466] [ 140.933644] iommufd_ioas_destroy+0x53/0x70 [ 140.933981] iommufd_fops_release+0x1f7/0x370 [ 140.934332] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.934729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.935121] ? write_comp_data+0x2f/0x90 [ 140.935446] ? __pfx_iommufd_fops_release+0x10/0x10 [ 140.935833] __fput+0x26d/0xa40 [ 140.936099] ____fput+0x1e/0x30 [ 140.936360] task_work_run+0x1a4/0x2d0 [ 140.936666] ? __pfx_task_work_run+0x10/0x10 [ 140.937009] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.937385] ? switch_task_namespaces+0xa9/0xe0 [ 140.937751] do_exit+0xb17/0x2ef0 [ 140.938016] ? lock_acquire+0x427/0x4c0 [ 140.938330] ? __pfx_lock_release+0x10/0x10 [ 140.938682] ? __kasan_check_write+0x18/0x20 [ 140.939023] ? do_raw_spin_lock+0x132/0x2a0 [ 140.939372] ? __pfx_do_exit+0x10/0x10 [ 140.939681] ? debug_smp_processor_id+0x20/0x30 [ 140.940042] ? rcu_is_watching+0x19/0xb0 [ 140.940356] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.940708] ? trace_hardirqs_on+0x26/0x120 [ 140.941049] do_group_exit+0xe0/0x2b0 [ 140.941342] __x64_sys_exit_group+0x47/0x50 [ 140.941677] do_syscall_64+0x3b/0x90 [ 140.941963] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.942354] RIP: 0033:0x7f4b87518a4d [ 140.942649] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.943117] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.943681] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.944209] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 140.944735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 140.945260] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 140.945786] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 140.946318] [ 140.946492] irq event stamp: 0 [ 140.946744] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.947221] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.947844] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.948464] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.948932] ---[ end trace 0000000000000000 ]--- [ 140.952905] ------------[ cut here ]------------ [ 140.953285] WARNING: CPU: 0 PID: 1313 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.954038] Modules linked in: [ 140.954278] CPU: 0 PID: 1313 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.954981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.955837] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.956213] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.957616] RSP: 0018:ffff888011d77bb8 EFLAGS: 00010246 [ 140.958013] RAX: 0000000000000000 RBX: ffff8880187938a8 RCX: 0000000000000000 [ 140.958564] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 140.959095] RBP: ffff888011d77bd0 R08: ffffed10030f2733 R09: ffffed10030f2733 [ 140.959637] R10: ffff888018793993 R11: ffffed10030f2732 R12: ffff888014427000 [ 140.960171] R13: ffff8880187939e8 R14: ffffffff8352e670 R15: ffff888011d77e68 [ 140.960707] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.961305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.961736] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 140.962265] PKRU: 55555554 [ 140.962478] Call Trace: [ 140.962685] [ 140.962858] __iommufd_access_detach+0x1c2/0x2b0 [ 140.963237] iommufd_access_change_pt+0x149/0x270 [ 140.963612] iommufd_access_replace+0xb4/0x120 [ 140.963965] iommufd_test+0x3e5/0x37e0 [ 140.964260] ? lock_release+0x532/0x770 [ 140.964572] ? __might_fault+0x102/0x1b0 [ 140.964887] ? lock_acquire+0x427/0x4c0 [ 140.965197] ? __pfx_iommufd_test+0x10/0x10 [ 140.965520] ? __pfx_lock_release+0x10/0x10 [ 140.965854] ? __pfx_lock_acquire+0x10/0x10 [ 140.966188] ? write_comp_data+0x2f/0x90 [ 140.966501] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.966897] ? write_comp_data+0x2f/0x90 [ 140.967225] iommufd_fops_ioctl+0x37d/0x510 [ 140.967561] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.967934] ? write_comp_data+0x2f/0x90 [ 140.968253] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 140.968620] __x64_sys_ioctl+0x1a3/0x230 [ 140.968937] do_syscall_64+0x3b/0x90 [ 140.969226] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.969624] RIP: 0033:0x7f4b8743ee5d [ 140.969905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 140.971279] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 140.971849] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 140.972378] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 140.972918] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 140.973448] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 140.973974] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 140.974544] [ 140.974721] irq event stamp: 0 [ 140.974959] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 140.975455] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 140.976079] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 140.976705] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 140.977176] ---[ end trace 0000000000000000 ]--- [ 140.979853] ------------[ cut here ]------------ [ 140.980222] WARNING: CPU: 0 PID: 1313 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 140.980962] Modules linked in: [ 140.981198] CPU: 0 PID: 1313 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 140.981835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 140.982688] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 140.983055] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 140.984394] RSP: 0018:ffff888011d77bd0 EFLAGS: 00010246 [ 140.984784] RAX: 0000000000000000 RBX: ffff8880187938a8 RCX: 0000000000000000 [ 140.985303] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 140.985821] RBP: ffff888011d77be8 R08: ffffed10030f2733 R09: ffffed10030f2733 [ 140.986341] R10: ffff888018793993 R11: ffffed10030f2732 R12: ffff88801422c800 [ 140.986875] R13: ffff8880187939e8 R14: ffff88800f5b5e00 R15: 0000000000000000 [ 140.987408] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 140.987997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.988422] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 140.988977] PKRU: 55555554 [ 140.989199] Call Trace: [ 140.989390] [ 140.989558] iommufd_access_destroy_object+0x65/0x170 [ 140.989944] iommufd_object_destroy_user+0x18e/0x220 [ 140.990323] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 140.990767] iommufd_access_destroy+0x43/0x70 [ 140.991119] iommufd_test_staccess_release+0x8d/0xd0 [ 140.991509] __fput+0x26d/0xa40 [ 140.991771] ____fput+0x1e/0x30 [ 140.992028] task_work_run+0x1a4/0x2d0 [ 140.992330] ? __pfx_task_work_run+0x10/0x10 [ 140.992662] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 140.993029] ? switch_task_namespaces+0xa9/0xe0 [ 140.993388] do_exit+0xb17/0x2ef0 [ 140.993645] ? lock_acquire+0x427/0x4c0 [ 140.993948] ? __pfx_lock_release+0x10/0x10 [ 140.994274] ? __kasan_check_write+0x18/0x20 [ 140.994631] ? do_raw_spin_lock+0x132/0x2a0 [ 140.994958] ? __pfx_do_exit+0x10/0x10 [ 140.995264] ? debug_smp_processor_id+0x20/0x30 [ 140.995613] ? rcu_is_watching+0x19/0xb0 [ 140.995915] ? _raw_spin_unlock_irq+0x2b/0x60 [ 140.996254] ? trace_hardirqs_on+0x26/0x120 [ 140.996581] do_group_exit+0xe0/0x2b0 [ 140.996865] __x64_sys_exit_group+0x47/0x50 [ 140.997186] do_syscall_64+0x3b/0x90 [ 140.997471] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 140.997862] RIP: 0033:0x7f4b87518a4d [ 140.998138] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 140.998609] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 140.999177] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 140.999699] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.000221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.000741] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.001262] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.001793] [ 141.001967] irq event stamp: 0 [ 141.002200] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.002681] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.003306] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.003916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.004379] ---[ end trace 0000000000000000 ]--- [ 141.005044] ------------[ cut here ]------------ [ 141.005395] WARNING: CPU: 0 PID: 1313 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.006157] Modules linked in: [ 141.006397] CPU: 0 PID: 1313 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.007071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.007910] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.008289] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.009618] RSP: 0018:ffff888011d77b78 EFLAGS: 00010246 [ 141.010009] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.010751] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 141.011288] RBP: ffff888011d77b98 R08: ffffed10030f273e R09: ffffed10030f273e [ 141.011807] R10: ffff8880187939ef R11: ffffed10030f273d R12: ffff888018793a90 [ 141.012328] R13: ffff8880187938a8 R14: ffffffffffffffff R15: ffff888011d77c60 [ 141.012845] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.013430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.013855] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 141.014376] PKRU: 55555554 [ 141.014602] Call Trace: [ 141.014791] [ 141.014958] iommufd_ioas_destroy+0x53/0x70 [ 141.015289] iommufd_fops_release+0x1f7/0x370 [ 141.015632] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.016001] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.016366] ? write_comp_data+0x2f/0x90 [ 141.016674] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.017043] __fput+0x26d/0xa40 [ 141.017300] ____fput+0x1e/0x30 [ 141.017551] task_work_run+0x1a4/0x2d0 [ 141.017846] ? __pfx_task_work_run+0x10/0x10 [ 141.018176] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.018561] ? switch_task_namespaces+0xa9/0xe0 [ 141.018914] do_exit+0xb17/0x2ef0 [ 141.019184] ? lock_acquire+0x427/0x4c0 [ 141.019490] ? __pfx_lock_release+0x10/0x10 [ 141.019823] ? __kasan_check_write+0x18/0x20 [ 141.020387] ? do_raw_spin_lock+0x132/0x2a0 [ 141.020851] ? __pfx_do_exit+0x10/0x10 [ 141.021199] ? debug_smp_processor_id+0x20/0x30 [ 141.021541] ? rcu_is_watching+0x19/0xb0 [ 141.021865] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.022285] ? trace_hardirqs_on+0x26/0x120 [ 141.022635] do_group_exit+0xe0/0x2b0 [ 141.022916] __x64_sys_exit_group+0x47/0x50 [ 141.023247] do_syscall_64+0x3b/0x90 [ 141.023532] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.023948] RIP: 0033:0x7f4b87518a4d [ 141.024305] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.024755] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.025307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.025954] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.026470] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.027001] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.027552] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.028173] [ 141.028344] irq event stamp: 0 [ 141.028577] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.029047] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.029752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.030362] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.030896] ---[ end trace 0000000000000000 ]--- [ 141.035661] ------------[ cut here ]------------ [ 141.036168] WARNING: CPU: 0 PID: 1314 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.036930] Modules linked in: [ 141.037169] CPU: 0 PID: 1314 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.037952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.038859] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.039246] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.040712] RSP: 0018:ffff888013577bb8 EFLAGS: 00010246 [ 141.041109] RAX: 0000000000000000 RBX: ffff8880158ba8a8 RCX: 0000000000000000 [ 141.041647] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 141.042187] RBP: ffff888013577bd0 R08: ffffed1002b17533 R09: ffffed1002b17533 [ 141.042747] R10: ffff8880158ba993 R11: ffffed1002b17532 R12: ffff8880167af000 [ 141.043298] R13: ffff8880158ba9e8 R14: ffffffff8352e670 R15: ffff888013577e68 [ 141.043841] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.044451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.044891] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 141.045433] PKRU: 55555554 [ 141.045648] Call Trace: [ 141.045844] [ 141.046018] __iommufd_access_detach+0x1c2/0x2b0 [ 141.046393] iommufd_access_change_pt+0x149/0x270 [ 141.046786] iommufd_access_replace+0xb4/0x120 [ 141.047154] iommufd_test+0x3e5/0x37e0 [ 141.047453] ? lock_release+0x532/0x770 [ 141.047767] ? __might_fault+0x102/0x1b0 [ 141.048083] ? lock_acquire+0x427/0x4c0 [ 141.048399] ? __pfx_iommufd_test+0x10/0x10 [ 141.048730] ? __pfx_lock_release+0x10/0x10 [ 141.049066] ? __pfx_lock_acquire+0x10/0x10 [ 141.049405] ? write_comp_data+0x2f/0x90 [ 141.049725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.050100] ? write_comp_data+0x2f/0x90 [ 141.050422] iommufd_fops_ioctl+0x37d/0x510 [ 141.050771] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.051157] ? write_comp_data+0x2f/0x90 [ 141.051478] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.051848] __x64_sys_ioctl+0x1a3/0x230 [ 141.052172] do_syscall_64+0x3b/0x90 [ 141.052469] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.052876] RIP: 0033:0x7f4b8743ee5d [ 141.053213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.054607] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.055194] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.055733] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.056275] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.056818] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.057361] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.057917] [ 141.058100] irq event stamp: 0 [ 141.058340] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.058836] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.059479] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.060122] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.060603] ---[ end trace 0000000000000000 ]--- [ 141.063692] ------------[ cut here ]------------ [ 141.064068] WARNING: CPU: 0 PID: 1314 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.064841] Modules linked in: [ 141.065088] CPU: 0 PID: 1314 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.065916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.066791] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.067183] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.068719] RSP: 0018:ffff888013577bd0 EFLAGS: 00010246 [ 141.069191] RAX: 0000000000000000 RBX: ffff8880158ba8a8 RCX: 0000000000000000 [ 141.069813] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 141.070359] RBP: ffff888013577be8 R08: ffffed1002b17533 R09: ffffed1002b17533 [ 141.070983] R10: ffff8880158ba993 R11: ffffed1002b17532 R12: ffff888017b29c00 [ 141.071631] R13: ffff8880158ba9e8 R14: ffff888018bbe200 R15: 0000000000000000 [ 141.072183] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.072860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.073385] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 141.073930] PKRU: 55555554 [ 141.074151] Call Trace: [ 141.074348] [ 141.074591] iommufd_access_destroy_object+0x65/0x170 [ 141.075077] iommufd_object_destroy_user+0x18e/0x220 [ 141.075482] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.075934] iommufd_access_destroy+0x43/0x70 [ 141.076292] iommufd_test_staccess_release+0x8d/0xd0 [ 141.076752] __fput+0x26d/0xa40 [ 141.077105] ____fput+0x1e/0x30 [ 141.077369] task_work_run+0x1a4/0x2d0 [ 141.077681] ? __pfx_task_work_run+0x10/0x10 [ 141.078028] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.078478] ? switch_task_namespaces+0xa9/0xe0 [ 141.078950] do_exit+0xb17/0x2ef0 [ 141.079226] ? lock_acquire+0x427/0x4c0 [ 141.079547] ? __pfx_lock_release+0x10/0x10 [ 141.079895] ? __kasan_check_write+0x18/0x20 [ 141.080304] ? do_raw_spin_lock+0x132/0x2a0 [ 141.080717] ? __pfx_do_exit+0x10/0x10 [ 141.081025] ? debug_smp_processor_id+0x20/0x30 [ 141.081387] ? rcu_is_watching+0x19/0xb0 [ 141.081716] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.082171] ? trace_hardirqs_on+0x26/0x120 [ 141.082528] do_group_exit+0xe0/0x2b0 [ 141.082827] __x64_sys_exit_group+0x47/0x50 [ 141.083167] do_syscall_64+0x3b/0x90 [ 141.083491] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.083993] RIP: 0033:0x7f4b87518a4d [ 141.084288] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.084763] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.085530] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.086083] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.086643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.087336] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.087885] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.088443] [ 141.088646] irq event stamp: 0 [ 141.089007] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.089501] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.090164] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.091016] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.091541] ---[ end trace 0000000000000000 ]--- [ 141.093440] ------------[ cut here ]------------ [ 141.093837] WARNING: CPU: 0 PID: 1314 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.094893] Modules linked in: [ 141.095170] CPU: 0 PID: 1314 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.095878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.096780] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.097195] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.098660] RSP: 0018:ffff888013577b78 EFLAGS: 00010246 [ 141.099096] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.099680] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 141.100278] RBP: ffff888013577b98 R08: ffffed1002b1753e R09: ffffed1002b1753e [ 141.100849] R10: ffff8880158ba9ef R11: ffffed1002b1753d R12: ffff8880158baa90 [ 141.101413] R13: ffff8880158ba8a8 R14: ffffffffffffffff R15: ffff888013577c60 [ 141.101978] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.102637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.103105] CR2: 00007f82e2ef9000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 141.103704] PKRU: 55555554 [ 141.103929] Call Trace: [ 141.104133] [ 141.104318] iommufd_ioas_destroy+0x53/0x70 [ 141.104672] iommufd_fops_release+0x1f7/0x370 [ 141.105040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.105450] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.105851] ? write_comp_data+0x2f/0x90 [ 141.106191] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.106607] __fput+0x26d/0xa40 [ 141.106891] ____fput+0x1e/0x30 [ 141.107171] task_work_run+0x1a4/0x2d0 [ 141.107498] ? __pfx_task_work_run+0x10/0x10 [ 141.107859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.108254] ? switch_task_namespaces+0xa9/0xe0 [ 141.108637] do_exit+0xb17/0x2ef0 [ 141.108919] ? lock_acquire+0x427/0x4c0 [ 141.109251] ? __pfx_lock_release+0x10/0x10 [ 141.109603] ? __kasan_check_write+0x18/0x20 [ 141.109963] ? do_raw_spin_lock+0x132/0x2a0 [ 141.110312] ? __pfx_do_exit+0x10/0x10 [ 141.110650] ? debug_smp_processor_id+0x20/0x30 [ 141.111034] ? rcu_is_watching+0x19/0xb0 [ 141.111375] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.111745] ? trace_hardirqs_on+0x26/0x120 [ 141.112105] do_group_exit+0xe0/0x2b0 [ 141.112420] __x64_sys_exit_group+0x47/0x50 [ 141.112771] do_syscall_64+0x3b/0x90 [ 141.113079] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.113507] RIP: 0033:0x7f4b87518a4d [ 141.113810] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.114304] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.114933] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.115521] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.116101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.116669] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.117290] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.117872] [ 141.118061] irq event stamp: 0 [ 141.118319] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.118843] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.119526] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.120196] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.120704] ---[ end trace 0000000000000000 ]--- [ 141.124898] ------------[ cut here ]------------ [ 141.125528] WARNING: CPU: 1 PID: 1315 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.126339] Modules linked in: [ 141.126659] CPU: 1 PID: 1315 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.127439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.128329] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.128769] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.130275] RSP: 0018:ffff88800b9f7bb8 EFLAGS: 00010246 [ 141.130834] RAX: 0000000000000000 RBX: ffff8880141948a8 RCX: 0000000000000000 [ 141.131415] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 141.131984] RBP: ffff88800b9f7bd0 R08: ffffed1002832933 R09: ffffed1002832933 [ 141.132554] R10: ffff888014194993 R11: ffffed1002832932 R12: ffff888013786800 [ 141.133222] R13: ffff8880141949e8 R14: ffffffff8352e670 R15: ffff88800b9f7e68 [ 141.133786] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.134424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.135020] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 141.135611] PKRU: 55555554 [ 141.135839] Call Trace: [ 141.136043] [ 141.136225] __iommufd_access_detach+0x1c2/0x2b0 [ 141.136640] iommufd_access_change_pt+0x149/0x270 [ 141.137098] iommufd_access_replace+0xb4/0x120 [ 141.137478] iommufd_test+0x3e5/0x37e0 [ 141.137794] ? lock_release+0x532/0x770 [ 141.138125] ? __might_fault+0x102/0x1b0 [ 141.138545] ? lock_acquire+0x427/0x4c0 [ 141.138919] ? __pfx_iommufd_test+0x10/0x10 [ 141.139276] ? __pfx_lock_release+0x10/0x10 [ 141.139633] ? __pfx_lock_acquire+0x10/0x10 [ 141.139988] ? write_comp_data+0x2f/0x90 [ 141.140325] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.140787] ? write_comp_data+0x2f/0x90 [ 141.141169] iommufd_fops_ioctl+0x37d/0x510 [ 141.141522] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.141918] ? write_comp_data+0x2f/0x90 [ 141.142253] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.142787] __x64_sys_ioctl+0x1a3/0x230 [ 141.143148] do_syscall_64+0x3b/0x90 [ 141.143470] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.143905] RIP: 0033:0x7f4b8743ee5d [ 141.144215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.145820] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.146497] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.147187] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.147773] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.148371] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.149075] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.149675] [ 141.149872] irq event stamp: 0 [ 141.150130] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.150772] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.151485] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.152165] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.152753] ---[ end trace 0000000000000000 ]--- [ 141.155830] ------------[ cut here ]------------ [ 141.156257] WARNING: CPU: 1 PID: 1315 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.157207] Modules linked in: [ 141.157474] CPU: 1 PID: 1315 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.158204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.159450] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.159865] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.161490] RSP: 0018:ffff88800b9f7bd0 EFLAGS: 00010246 [ 141.161926] RAX: 0000000000000000 RBX: ffff8880141948a8 RCX: 0000000000000000 [ 141.162661] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 141.163257] RBP: ffff88800b9f7be8 R08: ffffed1002832933 R09: ffffed1002832933 [ 141.163839] R10: ffff888014194993 R11: ffffed1002832932 R12: ffff88800fcb2800 [ 141.164418] R13: ffff8880141949e8 R14: ffff888012cef200 R15: 0000000000000000 [ 141.165111] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.165765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.166247] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.166959] PKRU: 55555554 [ 141.167202] Call Trace: [ 141.167414] [ 141.167601] iommufd_access_destroy_object+0x65/0x170 [ 141.168029] iommufd_object_destroy_user+0x18e/0x220 [ 141.168456] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.169011] iommufd_access_destroy+0x43/0x70 [ 141.169405] iommufd_test_staccess_release+0x8d/0xd0 [ 141.169831] __fput+0x26d/0xa40 [ 141.170118] ____fput+0x1e/0x30 [ 141.170404] task_work_run+0x1a4/0x2d0 [ 141.170857] ? __pfx_task_work_run+0x10/0x10 [ 141.171235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.171646] ? switch_task_namespaces+0xa9/0xe0 [ 141.172041] do_exit+0xb17/0x2ef0 [ 141.172334] ? lock_acquire+0x427/0x4c0 [ 141.172674] ? __pfx_lock_release+0x10/0x10 [ 141.173132] ? __kasan_check_write+0x18/0x20 [ 141.173502] ? do_raw_spin_lock+0x132/0x2a0 [ 141.173863] ? __pfx_do_exit+0x10/0x10 [ 141.174196] ? debug_smp_processor_id+0x20/0x30 [ 141.174609] ? rcu_is_watching+0x19/0xb0 [ 141.174961] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.175449] ? trace_hardirqs_on+0x26/0x120 [ 141.175816] do_group_exit+0xe0/0x2b0 [ 141.176135] __x64_sys_exit_group+0x47/0x50 [ 141.176494] do_syscall_64+0x3b/0x90 [ 141.176840] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.177351] RIP: 0033:0x7f4b87518a4d [ 141.177660] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.178161] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.178876] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.179532] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.180115] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.180697] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.181399] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.181987] [ 141.182185] irq event stamp: 0 [ 141.182446] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.183065] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.183815] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.184498] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.185077] ---[ end trace 0000000000000000 ]--- [ 141.185854] ------------[ cut here ]------------ [ 141.186243] WARNING: CPU: 1 PID: 1315 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.187216] Modules linked in: [ 141.187484] CPU: 1 PID: 1315 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.188199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.189219] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.189713] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.191455] RSP: 0018:ffff88800b9f7b78 EFLAGS: 00010246 [ 141.191920] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.192527] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 141.193190] RBP: ffff88800b9f7b98 R08: ffffed100283293e R09: ffffed100283293e [ 141.193848] R10: ffff8880141949ef R11: ffffed100283293d R12: ffff888014194a90 [ 141.194462] R13: ffff8880141948a8 R14: ffffffffffffffff R15: ffff88800b9f7c60 [ 141.195188] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.195953] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.196458] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.197097] PKRU: 55555554 [ 141.197399] Call Trace: [ 141.197692] [ 141.197897] iommufd_ioas_destroy+0x53/0x70 [ 141.198291] iommufd_fops_release+0x1f7/0x370 [ 141.198735] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.199197] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.199641] ? write_comp_data+0x2f/0x90 [ 141.200128] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.200574] __fput+0x26d/0xa40 [ 141.200884] ____fput+0x1e/0x30 [ 141.201191] task_work_run+0x1a4/0x2d0 [ 141.201545] ? __pfx_task_work_run+0x10/0x10 [ 141.202018] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.202473] ? switch_task_namespaces+0xa9/0xe0 [ 141.202931] do_exit+0xb17/0x2ef0 [ 141.203263] ? lock_acquire+0x427/0x4c0 [ 141.203627] ? __pfx_lock_release+0x10/0x10 [ 141.204015] ? __kasan_check_write+0x18/0x20 [ 141.204531] ? do_raw_spin_lock+0x132/0x2a0 [ 141.204914] ? __pfx_do_exit+0x10/0x10 [ 141.205263] ? debug_smp_processor_id+0x20/0x30 [ 141.205681] ? rcu_is_watching+0x19/0xb0 [ 141.206041] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.206439] ? trace_hardirqs_on+0x26/0x120 [ 141.206845] do_group_exit+0xe0/0x2b0 [ 141.207191] __x64_sys_exit_group+0x47/0x50 [ 141.207568] do_syscall_64+0x3b/0x90 [ 141.207903] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.208366] RIP: 0033:0x7f4b87518a4d [ 141.208690] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.209221] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.209874] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.210487] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.211130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.211740] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.212361] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.212985] [ 141.213191] irq event stamp: 0 [ 141.213463] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.214004] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.214760] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.215494] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.216039] ---[ end trace 0000000000000000 ]--- [ 141.219987] ------------[ cut here ]------------ [ 141.220440] WARNING: CPU: 1 PID: 1316 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.221314] Modules linked in: [ 141.221590] CPU: 1 PID: 1316 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.222338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.223475] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.223910] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.225409] RSP: 0018:ffff888023ddfbb8 EFLAGS: 00010246 [ 141.225847] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 141.226423] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 141.227021] RBP: ffff888023ddfbd0 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 141.227611] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff88801341c800 [ 141.228192] R13: ffff88801781f9e8 R14: ffffffff8352e670 R15: ffff888023ddfe68 [ 141.228785] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.229441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.229916] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 141.230496] PKRU: 55555554 [ 141.230756] Call Trace: [ 141.230967] [ 141.231163] __iommufd_access_detach+0x1c2/0x2b0 [ 141.231570] iommufd_access_change_pt+0x149/0x270 [ 141.231976] iommufd_access_replace+0xb4/0x120 [ 141.232360] iommufd_test+0x3e5/0x37e0 [ 141.232681] ? lock_release+0x532/0x770 [ 141.233020] ? __might_fault+0x102/0x1b0 [ 141.233361] ? lock_acquire+0x427/0x4c0 [ 141.233698] ? __pfx_iommufd_test+0x10/0x10 [ 141.234050] ? __pfx_lock_release+0x10/0x10 [ 141.234410] ? __pfx_lock_acquire+0x10/0x10 [ 141.234801] ? write_comp_data+0x2f/0x90 [ 141.235166] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.235573] ? write_comp_data+0x2f/0x90 [ 141.235926] iommufd_fops_ioctl+0x37d/0x510 [ 141.236289] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.236693] ? write_comp_data+0x2f/0x90 [ 141.237041] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.237442] __x64_sys_ioctl+0x1a3/0x230 [ 141.237790] do_syscall_64+0x3b/0x90 [ 141.238107] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.238570] RIP: 0033:0x7f4b8743ee5d [ 141.238879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.240371] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.240992] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.241576] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.242155] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.242758] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.243360] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.243959] [ 141.244150] irq event stamp: 0 [ 141.244416] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.244931] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.245614] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.246286] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.246803] ---[ end trace 0000000000000000 ]--- [ 141.249593] ------------[ cut here ]------------ [ 141.249992] WARNING: CPU: 1 PID: 1316 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.250822] Modules linked in: [ 141.251080] CPU: 1 PID: 1316 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.251768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.252636] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.253025] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.254430] RSP: 0018:ffff888023ddfbd0 EFLAGS: 00010246 [ 141.254863] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 141.255422] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 141.255971] RBP: ffff888023ddfbe8 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 141.256521] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff888013787c00 [ 141.257080] R13: ffff88801781f9e8 R14: ffff888020e11d00 R15: 0000000000000000 [ 141.257632] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.258252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.258721] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.259285] PKRU: 55555554 [ 141.259507] Call Trace: [ 141.259710] [ 141.259891] iommufd_access_destroy_object+0x65/0x170 [ 141.260310] iommufd_object_destroy_user+0x18e/0x220 [ 141.260717] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.261175] iommufd_access_destroy+0x43/0x70 [ 141.261538] iommufd_test_staccess_release+0x8d/0xd0 [ 141.261943] __fput+0x26d/0xa40 [ 141.262217] ____fput+0x1e/0x30 [ 141.262484] task_work_run+0x1a4/0x2d0 [ 141.262825] ? __pfx_task_work_run+0x10/0x10 [ 141.263183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.263570] ? switch_task_namespaces+0xa9/0xe0 [ 141.263945] do_exit+0xb17/0x2ef0 [ 141.264220] ? lock_acquire+0x427/0x4c0 [ 141.264543] ? __pfx_lock_release+0x10/0x10 [ 141.264889] ? __kasan_check_write+0x18/0x20 [ 141.265240] ? do_raw_spin_lock+0x132/0x2a0 [ 141.265579] ? __pfx_do_exit+0x10/0x10 [ 141.265894] ? debug_smp_processor_id+0x20/0x30 [ 141.266261] ? rcu_is_watching+0x19/0xb0 [ 141.266600] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.266962] ? trace_hardirqs_on+0x26/0x120 [ 141.267322] do_group_exit+0xe0/0x2b0 [ 141.267626] __x64_sys_exit_group+0x47/0x50 [ 141.267966] do_syscall_64+0x3b/0x90 [ 141.268272] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.268683] RIP: 0033:0x7f4b87518a4d [ 141.268974] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.269453] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.270040] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.270606] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.271152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.271694] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.272234] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.272781] [ 141.272960] irq event stamp: 0 [ 141.273202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.273679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.274311] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.274960] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.275447] ---[ end trace 0000000000000000 ]--- [ 141.276126] ------------[ cut here ]------------ [ 141.276554] WARNING: CPU: 1 PID: 1316 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.277331] Modules linked in: [ 141.277581] CPU: 1 PID: 1316 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.278322] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.279210] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.279612] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.281099] RSP: 0018:ffff888023ddfb78 EFLAGS: 00010246 [ 141.281505] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.282067] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 141.282716] RBP: ffff888023ddfb98 R08: ffffed1002f03f3e R09: ffffed1002f03f3e [ 141.283270] R10: ffff88801781f9ef R11: ffffed1002f03f3d R12: ffff88801781fa90 [ 141.283810] R13: ffff88801781f8a8 R14: ffffffffffffffff R15: ffff888023ddfc60 [ 141.284475] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.285087] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.285528] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.286123] PKRU: 55555554 [ 141.286407] Call Trace: [ 141.286623] [ 141.286799] iommufd_ioas_destroy+0x53/0x70 [ 141.287149] iommufd_fops_release+0x1f7/0x370 [ 141.287504] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.287888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.288333] ? write_comp_data+0x2f/0x90 [ 141.288696] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.289080] __fput+0x26d/0xa40 [ 141.289347] ____fput+0x1e/0x30 [ 141.289612] task_work_run+0x1a4/0x2d0 [ 141.289973] ? __pfx_task_work_run+0x10/0x10 [ 141.290377] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.290771] ? switch_task_namespaces+0xa9/0xe0 [ 141.291144] do_exit+0xb17/0x2ef0 [ 141.291416] ? lock_acquire+0x427/0x4c0 [ 141.291739] ? __pfx_lock_release+0x10/0x10 [ 141.292131] ? __kasan_check_write+0x18/0x20 [ 141.292542] ? do_raw_spin_lock+0x132/0x2a0 [ 141.292876] ? __pfx_do_exit+0x10/0x10 [ 141.293181] ? debug_smp_processor_id+0x20/0x30 [ 141.293540] ? rcu_is_watching+0x19/0xb0 [ 141.293891] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.294308] ? trace_hardirqs_on+0x26/0x120 [ 141.294663] do_group_exit+0xe0/0x2b0 [ 141.294962] __x64_sys_exit_group+0x47/0x50 [ 141.295294] do_syscall_64+0x3b/0x90 [ 141.295608] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.296073] RIP: 0033:0x7f4b87518a4d [ 141.296424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.296894] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.297474] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.298069] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.298697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.299251] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.299792] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.300456] [ 141.300637] irq event stamp: 0 [ 141.300879] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.301360] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.302088] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.302747] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.303240] ---[ end trace 0000000000000000 ]--- [ 141.307176] ------------[ cut here ]------------ [ 141.307575] WARNING: CPU: 1 PID: 1317 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.308461] Modules linked in: [ 141.308704] CPU: 1 PID: 1317 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.309368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.310336] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.310746] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.312147] RSP: 0018:ffff888014077bb8 EFLAGS: 00010246 [ 141.312616] RAX: 0000000000000000 RBX: ffff88800f3748a8 RCX: 0000000000000000 [ 141.313202] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 141.313744] RBP: ffff888014077bd0 R08: ffffed1001e6e933 R09: ffffed1001e6e933 [ 141.314315] R10: ffff88800f374993 R11: ffffed1001e6e932 R12: ffff88800a724000 [ 141.314943] R13: ffff88800f3749e8 R14: ffffffff8352e670 R15: ffff888014077e68 [ 141.315514] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.316142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.316707] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ee0 [ 141.317277] PKRU: 55555554 [ 141.317505] Call Trace: [ 141.317707] [ 141.317890] __iommufd_access_detach+0x1c2/0x2b0 [ 141.318321] iommufd_access_change_pt+0x149/0x270 [ 141.318788] iommufd_access_replace+0xb4/0x120 [ 141.319168] iommufd_test+0x3e5/0x37e0 [ 141.319481] ? lock_release+0x532/0x770 [ 141.319807] ? __might_fault+0x102/0x1b0 [ 141.320134] ? lock_acquire+0x427/0x4c0 [ 141.320522] ? __pfx_iommufd_test+0x10/0x10 [ 141.320905] ? __pfx_lock_release+0x10/0x10 [ 141.321258] ? __pfx_lock_acquire+0x10/0x10 [ 141.321606] ? write_comp_data+0x2f/0x90 [ 141.321934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.322324] ? write_comp_data+0x2f/0x90 [ 141.322675] iommufd_fops_ioctl+0x37d/0x510 [ 141.323022] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.323424] ? write_comp_data+0x2f/0x90 [ 141.323751] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.324133] __x64_sys_ioctl+0x1a3/0x230 [ 141.324464] do_syscall_64+0x3b/0x90 [ 141.324768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.325182] RIP: 0033:0x7f4b8743ee5d [ 141.325476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.326908] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.327513] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.328068] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.328626] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.329175] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.329730] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.330288] [ 141.330471] irq event stamp: 0 [ 141.330739] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.331243] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.331899] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.332543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.333032] ---[ end trace 0000000000000000 ]--- [ 141.335811] ------------[ cut here ]------------ [ 141.336209] WARNING: CPU: 1 PID: 1317 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.336996] Modules linked in: [ 141.337247] CPU: 1 PID: 1317 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.337921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.338810] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.339209] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.340620] RSP: 0018:ffff888014077bd0 EFLAGS: 00010246 [ 141.341041] RAX: 0000000000000000 RBX: ffff88800f3748a8 RCX: 0000000000000000 [ 141.341591] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 141.342140] RBP: ffff888014077be8 R08: ffffed1001e6e933 R09: ffffed1001e6e933 [ 141.342718] R10: ffff88800f374993 R11: ffffed1001e6e932 R12: ffff88801341d400 [ 141.343282] R13: ffff88800f3749e8 R14: ffff888012018300 R15: 0000000000000000 [ 141.343835] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.344466] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.344914] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.345465] PKRU: 55555554 [ 141.345687] Call Trace: [ 141.345888] [ 141.346066] iommufd_access_destroy_object+0x65/0x170 [ 141.346471] iommufd_object_destroy_user+0x18e/0x220 [ 141.346893] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.347365] iommufd_access_destroy+0x43/0x70 [ 141.347726] iommufd_test_staccess_release+0x8d/0xd0 [ 141.348134] __fput+0x26d/0xa40 [ 141.348407] ____fput+0x1e/0x30 [ 141.348675] task_work_run+0x1a4/0x2d0 [ 141.348989] ? __pfx_task_work_run+0x10/0x10 [ 141.349339] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.349726] ? switch_task_namespaces+0xa9/0xe0 [ 141.350101] do_exit+0xb17/0x2ef0 [ 141.350372] ? lock_acquire+0x427/0x4c0 [ 141.350710] ? __pfx_lock_release+0x10/0x10 [ 141.351059] ? __kasan_check_write+0x18/0x20 [ 141.351419] ? do_raw_spin_lock+0x132/0x2a0 [ 141.351759] ? __pfx_do_exit+0x10/0x10 [ 141.352075] ? debug_smp_processor_id+0x20/0x30 [ 141.352445] ? rcu_is_watching+0x19/0xb0 [ 141.352765] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.353130] ? trace_hardirqs_on+0x26/0x120 [ 141.353476] do_group_exit+0xe0/0x2b0 [ 141.353779] __x64_sys_exit_group+0x47/0x50 [ 141.354119] do_syscall_64+0x3b/0x90 [ 141.354419] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.354849] RIP: 0033:0x7f4b87518a4d [ 141.355152] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.355636] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.356233] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.356782] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.357329] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.357882] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.358433] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.359026] [ 141.359219] irq event stamp: 0 [ 141.359468] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.359959] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.360614] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.361273] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.361765] ---[ end trace 0000000000000000 ]--- [ 141.362459] ------------[ cut here ]------------ [ 141.362855] WARNING: CPU: 1 PID: 1317 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.363658] Modules linked in: [ 141.363912] CPU: 1 PID: 1317 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.364599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.365486] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.365916] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.367371] RSP: 0018:ffff888014077b78 EFLAGS: 00010246 [ 141.367795] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.368353] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 141.368906] RBP: ffff888014077b98 R08: ffffed1001e6e93e R09: ffffed1001e6e93e [ 141.369461] R10: ffff88800f3749ef R11: ffffed1001e6e93d R12: ffff88800f374a90 [ 141.370014] R13: ffff88800f3748a8 R14: ffffffffffffffff R15: ffff888014077c60 [ 141.370586] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.371238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.371696] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.372251] PKRU: 55555554 [ 141.372476] Call Trace: [ 141.372675] [ 141.372853] iommufd_ioas_destroy+0x53/0x70 [ 141.373202] iommufd_fops_release+0x1f7/0x370 [ 141.373563] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.373961] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.374352] ? write_comp_data+0x2f/0x90 [ 141.374702] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.375103] __fput+0x26d/0xa40 [ 141.375391] ____fput+0x1e/0x30 [ 141.375660] task_work_run+0x1a4/0x2d0 [ 141.375975] ? __pfx_task_work_run+0x10/0x10 [ 141.376328] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.376717] ? switch_task_namespaces+0xa9/0xe0 [ 141.377098] do_exit+0xb17/0x2ef0 [ 141.377378] ? lock_acquire+0x427/0x4c0 [ 141.377701] ? __pfx_lock_release+0x10/0x10 [ 141.378046] ? __kasan_check_write+0x18/0x20 [ 141.378398] ? do_raw_spin_lock+0x132/0x2a0 [ 141.378768] ? __pfx_do_exit+0x10/0x10 [ 141.379093] ? debug_smp_processor_id+0x20/0x30 [ 141.379476] ? rcu_is_watching+0x19/0xb0 [ 141.379800] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.380164] ? trace_hardirqs_on+0x26/0x120 [ 141.380518] do_group_exit+0xe0/0x2b0 [ 141.380826] __x64_sys_exit_group+0x47/0x50 [ 141.381170] do_syscall_64+0x3b/0x90 [ 141.381476] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.381892] RIP: 0033:0x7f4b87518a4d [ 141.382188] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.382698] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.383308] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.383863] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.384419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.384973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.385529] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.386093] [ 141.386285] irq event stamp: 0 [ 141.386564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.387066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.387735] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.388388] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.388890] ---[ end trace 0000000000000000 ]--- [ 141.393300] ------------[ cut here ]------------ [ 141.393744] WARNING: CPU: 0 PID: 1318 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.394812] Modules linked in: [ 141.395080] CPU: 0 PID: 1318 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.395797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.396706] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.397105] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.398609] RSP: 0018:ffff88801675fbb8 EFLAGS: 00010246 [ 141.399051] RAX: 0000000000000000 RBX: ffff888016dfa8a8 RCX: 0000000000000000 [ 141.399637] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 141.400217] RBP: ffff88801675fbd0 R08: ffffed1002dbf533 R09: ffffed1002dbf533 [ 141.400797] R10: ffff888016dfa993 R11: ffffed1002dbf532 R12: ffff88801890e800 [ 141.401368] R13: ffff888016dfa9e8 R14: ffffffff8352e670 R15: ffff88801675fe68 [ 141.401951] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.402636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.403115] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 141.403702] PKRU: 55555554 [ 141.403936] Call Trace: [ 141.404149] [ 141.404332] __iommufd_access_detach+0x1c2/0x2b0 [ 141.404732] iommufd_access_change_pt+0x149/0x270 [ 141.405184] iommufd_access_replace+0xb4/0x120 [ 141.405564] iommufd_test+0x3e5/0x37e0 [ 141.405883] ? lock_release+0x532/0x770 [ 141.406219] ? __might_fault+0x102/0x1b0 [ 141.406588] ? lock_acquire+0x427/0x4c0 [ 141.406928] ? __pfx_iommufd_test+0x10/0x10 [ 141.407296] ? __pfx_lock_release+0x10/0x10 [ 141.407654] ? __pfx_lock_acquire+0x10/0x10 [ 141.408022] ? write_comp_data+0x2f/0x90 [ 141.408368] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.408785] ? write_comp_data+0x2f/0x90 [ 141.409131] iommufd_fops_ioctl+0x37d/0x510 [ 141.409520] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.409922] ? write_comp_data+0x2f/0x90 [ 141.410266] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.410744] __x64_sys_ioctl+0x1a3/0x230 [ 141.411183] do_syscall_64+0x3b/0x90 [ 141.411506] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.411938] RIP: 0033:0x7f4b8743ee5d [ 141.412242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.413726] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.414342] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.414953] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.415556] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.416138] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.416714] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.417297] [ 141.417488] irq event stamp: 0 [ 141.417747] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.418266] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.418969] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.419661] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.420168] ---[ end trace 0000000000000000 ]--- [ 141.423192] ------------[ cut here ]------------ [ 141.423611] WARNING: CPU: 0 PID: 1318 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.424434] Modules linked in: [ 141.424691] CPU: 0 PID: 1318 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.425388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.426297] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.426974] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.428458] RSP: 0018:ffff88801675fbd0 EFLAGS: 00010246 [ 141.428887] RAX: 0000000000000000 RBX: ffff888016dfa8a8 RCX: 0000000000000000 [ 141.429462] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 141.430033] RBP: ffff88801675fbe8 R08: ffffed1002dbf533 R09: ffffed1002dbf533 [ 141.430636] R10: ffff888016dfa993 R11: ffffed1002dbf532 R12: ffff8880167af000 [ 141.431232] R13: ffff888016dfa9e8 R14: ffff88800f211c00 R15: 0000000000000000 [ 141.431807] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.432460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.432926] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 141.433534] PKRU: 55555554 [ 141.433776] Call Trace: [ 141.433995] [ 141.434191] iommufd_access_destroy_object+0x65/0x170 [ 141.434672] iommufd_object_destroy_user+0x18e/0x220 [ 141.435134] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.435628] iommufd_access_destroy+0x43/0x70 [ 141.436021] iommufd_test_staccess_release+0x8d/0xd0 [ 141.436480] __fput+0x26d/0xa40 [ 141.436792] ____fput+0x1e/0x30 [ 141.437138] task_work_run+0x1a4/0x2d0 [ 141.437480] ? __pfx_task_work_run+0x10/0x10 [ 141.437859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.438288] ? switch_task_namespaces+0xa9/0xe0 [ 141.438739] do_exit+0xb17/0x2ef0 [ 141.439046] ? lock_acquire+0x427/0x4c0 [ 141.439424] ? __pfx_lock_release+0x10/0x10 [ 141.439815] ? __kasan_check_write+0x18/0x20 [ 141.440207] ? do_raw_spin_lock+0x132/0x2a0 [ 141.440581] ? __pfx_do_exit+0x10/0x10 [ 141.440929] ? debug_smp_processor_id+0x20/0x30 [ 141.441353] ? rcu_is_watching+0x19/0xb0 [ 141.441711] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.442123] ? trace_hardirqs_on+0x26/0x120 [ 141.442549] do_group_exit+0xe0/0x2b0 [ 141.442888] __x64_sys_exit_group+0x47/0x50 [ 141.443282] do_syscall_64+0x3b/0x90 [ 141.443620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.444080] RIP: 0033:0x7f4b87518a4d [ 141.444405] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.444940] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.445597] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.446207] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.446865] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.447503] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.448112] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.448736] [ 141.448943] irq event stamp: 0 [ 141.449217] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.449765] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.450495] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.451263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.451805] ---[ end trace 0000000000000000 ]--- [ 141.452728] ------------[ cut here ]------------ [ 141.453147] WARNING: CPU: 0 PID: 1318 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.454032] Modules linked in: [ 141.454313] CPU: 0 PID: 1318 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.455280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.456244] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.456691] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.458257] RSP: 0018:ffff88801675fb78 EFLAGS: 00010246 [ 141.458743] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.459364] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 141.459987] RBP: ffff88801675fb98 R08: ffffed1002dbf53e R09: ffffed1002dbf53e [ 141.460596] R10: ffff888016dfa9ef R11: ffffed1002dbf53d R12: ffff888016dfaa90 [ 141.461210] R13: ffff888016dfa8a8 R14: ffffffffffffffff R15: ffff88801675fc60 [ 141.461818] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.462548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.463071] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 141.463707] PKRU: 55555554 [ 141.463956] Call Trace: [ 141.464187] [ 141.464392] iommufd_ioas_destroy+0x53/0x70 [ 141.464802] iommufd_fops_release+0x1f7/0x370 [ 141.465215] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.465670] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.466131] ? write_comp_data+0x2f/0x90 [ 141.466541] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.467008] __fput+0x26d/0xa40 [ 141.467337] ____fput+0x1e/0x30 [ 141.467656] task_work_run+0x1a4/0x2d0 [ 141.468025] ? __pfx_task_work_run+0x10/0x10 [ 141.468435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.468895] ? switch_task_namespaces+0xa9/0xe0 [ 141.469385] do_exit+0xb17/0x2ef0 [ 141.469716] ? lock_acquire+0x427/0x4c0 [ 141.470087] ? __pfx_lock_release+0x10/0x10 [ 141.470489] ? __kasan_check_write+0x18/0x20 [ 141.470938] ? do_raw_spin_lock+0x132/0x2a0 [ 141.471357] ? __pfx_do_exit+0x10/0x10 [ 141.471733] ? debug_smp_processor_id+0x20/0x30 [ 141.472168] ? rcu_is_watching+0x19/0xb0 [ 141.472545] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.472962] ? trace_hardirqs_on+0x26/0x120 [ 141.473362] do_group_exit+0xe0/0x2b0 [ 141.473721] __x64_sys_exit_group+0x47/0x50 [ 141.474123] do_syscall_64+0x3b/0x90 [ 141.474474] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.474996] RIP: 0033:0x7f4b87518a4d [ 141.475358] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.475920] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.476606] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.477266] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.477923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.478616] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.479272] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.479929] [ 141.480141] irq event stamp: 0 [ 141.480430] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.481014] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.481770] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.482537] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.483119] ---[ end trace 0000000000000000 ]--- [ 141.487466] ------------[ cut here ]------------ [ 141.487970] WARNING: CPU: 0 PID: 1319 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.488889] Modules linked in: [ 141.489180] CPU: 0 PID: 1319 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.489977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.491058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.491543] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.493185] RSP: 0018:ffff88800fe37bb8 EFLAGS: 00010246 [ 141.493673] RAX: 0000000000000000 RBX: ffff8880186888a8 RCX: 0000000000000000 [ 141.494325] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 141.494996] RBP: ffff88800fe37bd0 R08: ffffed10030d1133 R09: ffffed10030d1133 [ 141.495636] R10: ffff888018688993 R11: ffffed10030d1132 R12: ffff888010e02800 [ 141.496257] R13: ffff8880186889e8 R14: ffffffff8352e670 R15: ffff88800fe37e68 [ 141.496867] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.497567] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.498067] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ef0 [ 141.498714] PKRU: 55555554 [ 141.498965] Call Trace: [ 141.499211] [ 141.499405] __iommufd_access_detach+0x1c2/0x2b0 [ 141.499826] iommufd_access_change_pt+0x149/0x270 [ 141.500267] iommufd_access_replace+0xb4/0x120 [ 141.500674] iommufd_test+0x3e5/0x37e0 [ 141.501053] ? lock_release+0x532/0x770 [ 141.501404] ? __might_fault+0x102/0x1b0 [ 141.501760] ? lock_acquire+0x427/0x4c0 [ 141.502124] ? __pfx_iommufd_test+0x10/0x10 [ 141.502490] ? __pfx_lock_release+0x10/0x10 [ 141.502908] ? __pfx_lock_acquire+0x10/0x10 [ 141.503299] ? write_comp_data+0x2f/0x90 [ 141.503656] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.504079] ? write_comp_data+0x2f/0x90 [ 141.504452] iommufd_fops_ioctl+0x37d/0x510 [ 141.504831] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.505263] ? write_comp_data+0x2f/0x90 [ 141.505623] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.506038] __x64_sys_ioctl+0x1a3/0x230 [ 141.506398] do_syscall_64+0x3b/0x90 [ 141.506752] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.507229] RIP: 0033:0x7f4b8743ee5d [ 141.507551] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.509108] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.509769] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.510388] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.511041] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.511667] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.512273] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.512914] [ 141.513119] irq event stamp: 0 [ 141.513391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.513945] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.514682] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.515416] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.515961] ---[ end trace 0000000000000000 ]--- [ 141.518887] ------------[ cut here ]------------ [ 141.519359] WARNING: CPU: 0 PID: 1319 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.520231] Modules linked in: [ 141.520505] CPU: 0 PID: 1319 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.521250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.522203] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.522658] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.524247] RSP: 0018:ffff88800fe37bd0 EFLAGS: 00010246 [ 141.524707] RAX: 0000000000000000 RBX: ffff8880186888a8 RCX: 0000000000000000 [ 141.525331] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 141.525938] RBP: ffff88800fe37be8 R08: ffffed10030d1133 R09: ffffed10030d1133 [ 141.526576] R10: ffff888018688993 R11: ffffed10030d1132 R12: ffff88801890e400 [ 141.527206] R13: ffff8880186889e8 R14: ffff88800f5b5000 R15: 0000000000000000 [ 141.527817] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.528509] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.529008] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 141.529627] PKRU: 55555554 [ 141.529873] Call Trace: [ 141.530096] [ 141.530291] iommufd_access_destroy_object+0x65/0x170 [ 141.530768] iommufd_object_destroy_user+0x18e/0x220 [ 141.531248] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.531759] iommufd_access_destroy+0x43/0x70 [ 141.532155] iommufd_test_staccess_release+0x8d/0xd0 [ 141.532609] __fput+0x26d/0xa40 [ 141.532911] ____fput+0x1e/0x30 [ 141.533256] task_work_run+0x1a4/0x2d0 [ 141.533602] ? __pfx_task_work_run+0x10/0x10 [ 141.533987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.534421] ? switch_task_namespaces+0xa9/0xe0 [ 141.534876] do_exit+0xb17/0x2ef0 [ 141.535195] ? lock_acquire+0x427/0x4c0 [ 141.535639] ? __pfx_lock_release+0x10/0x10 [ 141.536386] ? __kasan_check_write+0x18/0x20 [ 141.536777] ? do_raw_spin_lock+0x132/0x2a0 [ 141.537145] ? __pfx_do_exit+0x10/0x10 [ 141.537587] ? debug_smp_processor_id+0x20/0x30 [ 141.538108] ? rcu_is_watching+0x19/0xb0 [ 141.538472] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.538901] ? trace_hardirqs_on+0x26/0x120 [ 141.539293] do_group_exit+0xe0/0x2b0 [ 141.539625] __x64_sys_exit_group+0x47/0x50 [ 141.540049] do_syscall_64+0x3b/0x90 [ 141.540493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.541040] RIP: 0033:0x7f4b87518a4d [ 141.541362] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.541892] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.542753] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.543385] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.544007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.544805] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.545419] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.546050] [ 141.546283] irq event stamp: 0 [ 141.546700] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.547270] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.547986] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.548889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.549444] ---[ end trace 0000000000000000 ]--- [ 141.550203] ------------[ cut here ]------------ [ 141.550809] WARNING: CPU: 0 PID: 1319 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.551714] Modules linked in: [ 141.551993] CPU: 0 PID: 1319 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.552830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.553912] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.554394] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.556210] RSP: 0018:ffff88800fe37b78 EFLAGS: 00010246 [ 141.556677] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.557455] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 141.558073] RBP: ffff88800fe37b98 R08: ffffed10030d113e R09: ffffed10030d113e [ 141.558790] R10: ffff8880186889ef R11: ffffed10030d113d R12: ffff888018688a90 [ 141.559457] R13: ffff8880186888a8 R14: ffffffffffffffff R15: ffff88800fe37c60 [ 141.560078] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.560805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.561430] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 141.562042] PKRU: 55555554 [ 141.562286] Call Trace: [ 141.562545] [ 141.562863] iommufd_ioas_destroy+0x53/0x70 [ 141.563263] iommufd_fops_release+0x1f7/0x370 [ 141.563662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.564097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.564528] ? write_comp_data+0x2f/0x90 [ 141.565086] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.565531] __fput+0x26d/0xa40 [ 141.565833] ____fput+0x1e/0x30 [ 141.566128] task_work_run+0x1a4/0x2d0 [ 141.566484] ? __pfx_task_work_run+0x10/0x10 [ 141.567076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.567522] ? switch_task_namespaces+0xa9/0xe0 [ 141.567934] do_exit+0xb17/0x2ef0 [ 141.568241] ? lock_acquire+0x427/0x4c0 [ 141.568673] ? __pfx_lock_release+0x10/0x10 [ 141.569142] ? __kasan_check_write+0x18/0x20 [ 141.569541] ? do_raw_spin_lock+0x132/0x2a0 [ 141.569913] ? __pfx_do_exit+0x10/0x10 [ 141.570260] ? debug_smp_processor_id+0x20/0x30 [ 141.570868] ? rcu_is_watching+0x19/0xb0 [ 141.571251] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.571649] ? trace_hardirqs_on+0x26/0x120 [ 141.572028] do_group_exit+0xe0/0x2b0 [ 141.572373] __x64_sys_exit_group+0x47/0x50 [ 141.572746] do_syscall_64+0x3b/0x90 [ 141.573085] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.573538] RIP: 0033:0x7f4b87518a4d [ 141.573854] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.574385] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.575058] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.575686] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.576299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.576917] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.577524] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.578138] [ 141.578338] irq event stamp: 0 [ 141.578640] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.579192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.579917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.580637] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.581188] ---[ end trace 0000000000000000 ]--- [ 141.585727] ------------[ cut here ]------------ [ 141.586482] WARNING: CPU: 1 PID: 1320 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.587458] Modules linked in: [ 141.587741] CPU: 1 PID: 1320 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.588694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.589679] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.590118] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.591937] RSP: 0018:ffff8880100efbb8 EFLAGS: 00010246 [ 141.592416] RAX: 0000000000000000 RBX: ffff888015ddc8a8 RCX: 0000000000000000 [ 141.593201] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 141.593828] RBP: ffff8880100efbd0 R08: ffffed1002bbb933 R09: ffffed1002bbb933 [ 141.594460] R10: ffff888015ddc993 R11: ffffed1002bbb932 R12: ffff888018a3c400 [ 141.595212] R13: ffff888015ddc9e8 R14: ffffffff8352e670 R15: ffff8880100efe68 [ 141.595887] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.596594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.597126] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 141.597882] PKRU: 55555554 [ 141.598136] Call Trace: [ 141.598367] [ 141.598594] __iommufd_access_detach+0x1c2/0x2b0 [ 141.599029] iommufd_access_change_pt+0x149/0x270 [ 141.599501] iommufd_access_replace+0xb4/0x120 [ 141.600034] iommufd_test+0x3e5/0x37e0 [ 141.600380] ? lock_release+0x532/0x770 [ 141.600748] ? __might_fault+0x102/0x1b0 [ 141.601127] ? lock_acquire+0x427/0x4c0 [ 141.601540] ? __pfx_iommufd_test+0x10/0x10 [ 141.602021] ? __pfx_lock_release+0x10/0x10 [ 141.602420] ? __pfx_lock_acquire+0x10/0x10 [ 141.602846] ? write_comp_data+0x2f/0x90 [ 141.603235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.603676] ? write_comp_data+0x2f/0x90 [ 141.604201] iommufd_fops_ioctl+0x37d/0x510 [ 141.604593] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.605033] ? write_comp_data+0x2f/0x90 [ 141.605427] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.605955] __x64_sys_ioctl+0x1a3/0x230 [ 141.606424] do_syscall_64+0x3b/0x90 [ 141.606818] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.607324] RIP: 0033:0x7f4b8743ee5d [ 141.607678] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.609566] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.610285] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.611190] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.611858] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.612519] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.613338] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.614023] [ 141.614245] irq event stamp: 0 [ 141.614567] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.615165] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.616141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.616917] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.617597] ---[ end trace 0000000000000000 ]--- [ 141.621071] ------------[ cut here ]------------ [ 141.621548] WARNING: CPU: 1 PID: 1320 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.622711] Modules linked in: [ 141.623011] CPU: 1 PID: 1320 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.623834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.625058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.625519] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.627415] RSP: 0018:ffff8880100efbd0 EFLAGS: 00010246 [ 141.627910] RAX: 0000000000000000 RBX: ffff888015ddc8a8 RCX: 0000000000000000 [ 141.628570] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 141.629400] RBP: ffff8880100efbe8 R08: ffffed1002bbb933 R09: ffffed1002bbb933 [ 141.630059] R10: ffff888015ddc993 R11: ffffed1002bbb932 R12: ffff88800a726400 [ 141.630746] R13: ffff888015ddc9e8 R14: ffff888012cef800 R15: 0000000000000000 [ 141.631583] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.632328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.632865] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.633702] PKRU: 55555554 [ 141.633968] Call Trace: [ 141.634211] [ 141.634422] iommufd_access_destroy_object+0x65/0x170 [ 141.634932] iommufd_object_destroy_user+0x18e/0x220 [ 141.635423] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.636149] iommufd_access_destroy+0x43/0x70 [ 141.636577] iommufd_test_staccess_release+0x8d/0xd0 [ 141.637058] __fput+0x26d/0xa40 [ 141.637381] ____fput+0x1e/0x30 [ 141.637722] task_work_run+0x1a4/0x2d0 [ 141.638237] ? __pfx_task_work_run+0x10/0x10 [ 141.638682] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.639158] ? switch_task_namespaces+0xa9/0xe0 [ 141.639609] do_exit+0xb17/0x2ef0 [ 141.639938] ? lock_acquire+0x427/0x4c0 [ 141.640421] ? __pfx_lock_release+0x10/0x10 [ 141.640948] ? __kasan_check_write+0x18/0x20 [ 141.641378] ? do_raw_spin_lock+0x132/0x2a0 [ 141.641778] ? __pfx_do_exit+0x10/0x10 [ 141.642150] ? debug_smp_processor_id+0x20/0x30 [ 141.642617] ? rcu_is_watching+0x19/0xb0 [ 141.642999] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.643432] ? trace_hardirqs_on+0x26/0x120 [ 141.643839] do_group_exit+0xe0/0x2b0 [ 141.644194] __x64_sys_exit_group+0x47/0x50 [ 141.644592] do_syscall_64+0x3b/0x90 [ 141.645082] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.645658] RIP: 0033:0x7f4b87518a4d [ 141.645998] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.646590] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.647300] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.647943] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.648588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.649440] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.650220] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.650902] [ 141.651108] irq event stamp: 0 [ 141.651401] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.651948] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.652675] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.653415] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.654096] ---[ end trace 0000000000000000 ]--- [ 141.654877] ------------[ cut here ]------------ [ 141.655298] WARNING: CPU: 1 PID: 1320 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.656172] Modules linked in: [ 141.656454] CPU: 1 PID: 1320 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.657212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.658335] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.658812] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.660391] RSP: 0018:ffff8880100efb78 EFLAGS: 00010246 [ 141.660849] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.661572] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 141.662256] RBP: ffff8880100efb98 R08: ffffed1002bbb93e R09: ffffed1002bbb93e [ 141.662887] R10: ffff888015ddc9ef R11: ffffed1002bbb93d R12: ffff888015ddca90 [ 141.663511] R13: ffff888015ddc8a8 R14: ffffffffffffffff R15: ffff8880100efc60 [ 141.664121] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.664813] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.665425] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.666102] PKRU: 55555554 [ 141.666349] Call Trace: [ 141.666595] [ 141.666797] iommufd_ioas_destroy+0x53/0x70 [ 141.667192] iommufd_fops_release+0x1f7/0x370 [ 141.667589] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.668021] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.668450] ? write_comp_data+0x2f/0x90 [ 141.668813] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.669355] __fput+0x26d/0xa40 [ 141.669727] ____fput+0x1e/0x30 [ 141.670023] task_work_run+0x1a4/0x2d0 [ 141.670369] ? __pfx_task_work_run+0x10/0x10 [ 141.670780] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.671219] ? switch_task_namespaces+0xa9/0xe0 [ 141.671647] do_exit+0xb17/0x2ef0 [ 141.671951] ? lock_acquire+0x427/0x4c0 [ 141.672311] ? __pfx_lock_release+0x10/0x10 [ 141.672852] ? __kasan_check_write+0x18/0x20 [ 141.673247] ? do_raw_spin_lock+0x132/0x2a0 [ 141.673631] ? __pfx_do_exit+0x10/0x10 [ 141.673980] ? debug_smp_processor_id+0x20/0x30 [ 141.674389] ? rcu_is_watching+0x19/0xb0 [ 141.674870] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.675347] ? trace_hardirqs_on+0x26/0x120 [ 141.675738] do_group_exit+0xe0/0x2b0 [ 141.676081] __x64_sys_exit_group+0x47/0x50 [ 141.676460] do_syscall_64+0x3b/0x90 [ 141.676844] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.677372] RIP: 0033:0x7f4b87518a4d [ 141.677697] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.678229] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.678984] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.679679] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.680300] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.681061] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.681784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.682415] [ 141.682641] irq event stamp: 0 [ 141.683026] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.683668] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.684404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.685336] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.685895] ---[ end trace 0000000000000000 ]--- [ 141.690850] ------------[ cut here ]------------ [ 141.691369] WARNING: CPU: 1 PID: 1321 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.692384] Modules linked in: [ 141.692665] CPU: 1 PID: 1321 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.693472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.694614] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.695052] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.696847] RSP: 0018:ffff8880245ffbb8 EFLAGS: 00010246 [ 141.697343] RAX: 0000000000000000 RBX: ffff888015a9a0a8 RCX: 0000000000000000 [ 141.698098] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 141.698737] RBP: ffff8880245ffbd0 R08: ffffed1002b53433 R09: ffffed1002b53433 [ 141.699384] R10: ffff888015a9a193 R11: ffffed1002b53432 R12: ffff88800ae90000 [ 141.700116] R13: ffff888015a9a1e8 R14: ffffffff8352e670 R15: ffff8880245ffe68 [ 141.700743] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.701518] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.702120] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ee0 [ 141.702779] PKRU: 55555554 [ 141.703030] Call Trace: [ 141.703269] [ 141.703467] __iommufd_access_detach+0x1c2/0x2b0 [ 141.703914] iommufd_access_change_pt+0x149/0x270 [ 141.704351] iommufd_access_replace+0xb4/0x120 [ 141.704757] iommufd_test+0x3e5/0x37e0 [ 141.705097] ? lock_release+0x532/0x770 [ 141.705456] ? __might_fault+0x102/0x1b0 [ 141.705818] ? lock_acquire+0x427/0x4c0 [ 141.706177] ? __pfx_iommufd_test+0x10/0x10 [ 141.706580] ? __pfx_lock_release+0x10/0x10 [ 141.706974] ? __pfx_lock_acquire+0x10/0x10 [ 141.707374] ? write_comp_data+0x2f/0x90 [ 141.707744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.708172] ? write_comp_data+0x2f/0x90 [ 141.708532] iommufd_fops_ioctl+0x37d/0x510 [ 141.708911] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.709338] ? write_comp_data+0x2f/0x90 [ 141.709702] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.710132] __x64_sys_ioctl+0x1a3/0x230 [ 141.710530] do_syscall_64+0x3b/0x90 [ 141.710868] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.711344] RIP: 0033:0x7f4b8743ee5d [ 141.711667] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.713271] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.713932] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.714570] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.715196] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.715813] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.716433] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.717057] [ 141.717258] irq event stamp: 0 [ 141.717529] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.718070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.718814] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.719547] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.720094] ---[ end trace 0000000000000000 ]--- [ 141.723103] ------------[ cut here ]------------ [ 141.723561] WARNING: CPU: 1 PID: 1321 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.724435] Modules linked in: [ 141.724714] CPU: 1 PID: 1321 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.725467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.726418] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.727079] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.728579] RSP: 0018:ffff8880245ffbd0 EFLAGS: 00010246 [ 141.729015] RAX: 0000000000000000 RBX: ffff888015a9a0a8 RCX: 0000000000000000 [ 141.729600] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 141.730183] RBP: ffff8880245ffbe8 R08: ffffed1002b53433 R09: ffffed1002b53433 [ 141.730785] R10: ffff888015a9a193 R11: ffffed1002b53432 R12: ffff888018a3c000 [ 141.731379] R13: ffff888015a9a1e8 R14: ffff88801206bc00 R15: 0000000000000000 [ 141.731961] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.732620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.733097] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.733680] PKRU: 55555554 [ 141.733914] Call Trace: [ 141.734127] [ 141.734314] iommufd_access_destroy_object+0x65/0x170 [ 141.734769] iommufd_object_destroy_user+0x18e/0x220 [ 141.735208] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.735691] iommufd_access_destroy+0x43/0x70 [ 141.736071] iommufd_test_staccess_release+0x8d/0xd0 [ 141.736504] __fput+0x26d/0xa40 [ 141.736797] ____fput+0x1e/0x30 [ 141.737083] task_work_run+0x1a4/0x2d0 [ 141.737411] ? __pfx_task_work_run+0x10/0x10 [ 141.737778] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.738187] ? switch_task_namespaces+0xa9/0xe0 [ 141.738647] do_exit+0xb17/0x2ef0 [ 141.738944] ? lock_acquire+0x427/0x4c0 [ 141.739302] ? __pfx_lock_release+0x10/0x10 [ 141.739669] ? __kasan_check_write+0x18/0x20 [ 141.740040] ? do_raw_spin_lock+0x132/0x2a0 [ 141.740402] ? __pfx_do_exit+0x10/0x10 [ 141.740734] ? debug_smp_processor_id+0x20/0x30 [ 141.741122] ? rcu_is_watching+0x19/0xb0 [ 141.741461] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.741840] ? trace_hardirqs_on+0x26/0x120 [ 141.742202] do_group_exit+0xe0/0x2b0 [ 141.742547] __x64_sys_exit_group+0x47/0x50 [ 141.742904] do_syscall_64+0x3b/0x90 [ 141.743234] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.743673] RIP: 0033:0x7f4b87518a4d [ 141.743978] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.744479] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.745096] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.745673] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.746255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.746862] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.747457] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.748050] [ 141.748244] irq event stamp: 0 [ 141.748504] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.749018] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.749702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.750382] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.750916] ---[ end trace 0000000000000000 ]--- [ 141.751652] ------------[ cut here ]------------ [ 141.752038] WARNING: CPU: 1 PID: 1321 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.752868] Modules linked in: [ 141.753130] CPU: 1 PID: 1321 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.753836] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.754778] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.755213] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.756701] RSP: 0018:ffff8880245ffb78 EFLAGS: 00010246 [ 141.757143] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.757726] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 141.758303] RBP: ffff8880245ffb98 R08: ffffed1002b5343e R09: ffffed1002b5343e [ 141.758903] R10: ffff888015a9a1ef R11: ffffed1002b5343d R12: ffff888015a9a290 [ 141.759495] R13: ffff888015a9a0a8 R14: ffffffffffffffff R15: ffff8880245ffc60 [ 141.760075] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.760725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.761194] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.761771] PKRU: 55555554 [ 141.762003] Call Trace: [ 141.762212] [ 141.762396] iommufd_ioas_destroy+0x53/0x70 [ 141.762782] iommufd_fops_release+0x1f7/0x370 [ 141.763169] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.763583] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.763991] ? write_comp_data+0x2f/0x90 [ 141.764336] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.764750] __fput+0x26d/0xa40 [ 141.765037] ____fput+0x1e/0x30 [ 141.765318] task_work_run+0x1a4/0x2d0 [ 141.765645] ? __pfx_task_work_run+0x10/0x10 [ 141.766016] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.766420] ? switch_task_namespaces+0xa9/0xe0 [ 141.766834] do_exit+0xb17/0x2ef0 [ 141.767135] ? lock_acquire+0x427/0x4c0 [ 141.767473] ? __pfx_lock_release+0x10/0x10 [ 141.767834] ? __kasan_check_write+0x18/0x20 [ 141.768199] ? do_raw_spin_lock+0x132/0x2a0 [ 141.768555] ? __pfx_do_exit+0x10/0x10 [ 141.768885] ? debug_smp_processor_id+0x20/0x30 [ 141.769274] ? rcu_is_watching+0x19/0xb0 [ 141.769611] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.769993] ? trace_hardirqs_on+0x26/0x120 [ 141.770357] do_group_exit+0xe0/0x2b0 [ 141.770699] __x64_sys_exit_group+0x47/0x50 [ 141.771057] do_syscall_64+0x3b/0x90 [ 141.771389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.771833] RIP: 0033:0x7f4b87518a4d [ 141.772142] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.772642] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.773261] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.773840] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.774414] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.775016] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.775609] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.776206] [ 141.776400] irq event stamp: 0 [ 141.776673] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.777196] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.777879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.778571] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.779077] ---[ end trace 0000000000000000 ]--- [ 141.783558] ------------[ cut here ]------------ [ 141.783971] WARNING: CPU: 1 PID: 1322 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.784779] Modules linked in: [ 141.785035] CPU: 1 PID: 1322 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.785725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.786835] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.787249] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.788688] RSP: 0018:ffff888016f8fbb8 EFLAGS: 00010246 [ 141.789115] RAX: 0000000000000000 RBX: ffff888011c520a8 RCX: 0000000000000000 [ 141.789680] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 141.790240] RBP: ffff888016f8fbd0 R08: ffffed100238a433 R09: ffffed100238a433 [ 141.790828] R10: ffff888011c52193 R11: ffffed100238a432 R12: ffff888010826c00 [ 141.791403] R13: ffff888011c521e8 R14: ffffffff8352e670 R15: ffff888016f8fe68 [ 141.791970] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.792594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.793045] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 141.793603] PKRU: 55555554 [ 141.793888] Call Trace: [ 141.794155] [ 141.794426] __iommufd_access_detach+0x1c2/0x2b0 [ 141.794842] iommufd_access_change_pt+0x149/0x270 [ 141.795244] iommufd_access_replace+0xb4/0x120 [ 141.795615] iommufd_test+0x3e5/0x37e0 [ 141.795925] ? lock_release+0x532/0x770 [ 141.796251] ? __might_fault+0x102/0x1b0 [ 141.796581] ? lock_acquire+0x427/0x4c0 [ 141.796905] ? __pfx_iommufd_test+0x10/0x10 [ 141.797307] ? __pfx_lock_release+0x10/0x10 [ 141.797685] ? __pfx_lock_acquire+0x10/0x10 [ 141.798034] ? write_comp_data+0x2f/0x90 [ 141.798370] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.798782] ? write_comp_data+0x2f/0x90 [ 141.799118] iommufd_fops_ioctl+0x37d/0x510 [ 141.799465] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.799852] ? write_comp_data+0x2f/0x90 [ 141.800182] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.800568] __x64_sys_ioctl+0x1a3/0x230 [ 141.800896] do_syscall_64+0x3b/0x90 [ 141.801200] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.801698] RIP: 0033:0x7f4b8743ee5d [ 141.802044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.803510] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.804111] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.804673] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.805303] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.805912] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.806468] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.807054] [ 141.807260] irq event stamp: 0 [ 141.807508] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.807999] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.808727] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.809430] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.809920] ---[ end trace 0000000000000000 ]--- [ 141.812704] ------------[ cut here ]------------ [ 141.813099] WARNING: CPU: 1 PID: 1322 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.813886] Modules linked in: [ 141.814138] CPU: 1 PID: 1322 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.814850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.815867] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.816262] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.817807] RSP: 0018:ffff888016f8fbd0 EFLAGS: 00010246 [ 141.818230] RAX: 0000000000000000 RBX: ffff888011c520a8 RCX: 0000000000000000 [ 141.818812] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 141.819381] RBP: ffff888016f8fbe8 R08: ffffed100238a433 R09: ffffed100238a433 [ 141.820054] R10: ffff888011c52193 R11: ffffed100238a432 R12: ffff888012b46400 [ 141.820613] R13: ffff888011c521e8 R14: ffff8880104c0500 R15: 0000000000000000 [ 141.821171] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.821907] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.822360] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.822967] PKRU: 55555554 [ 141.823202] Call Trace: [ 141.823428] [ 141.823664] iommufd_access_destroy_object+0x65/0x170 [ 141.824078] iommufd_object_destroy_user+0x18e/0x220 [ 141.824481] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.824941] iommufd_access_destroy+0x43/0x70 [ 141.825416] iommufd_test_staccess_release+0x8d/0xd0 [ 141.825824] __fput+0x26d/0xa40 [ 141.826104] ____fput+0x1e/0x30 [ 141.826373] task_work_run+0x1a4/0x2d0 [ 141.826722] ? __pfx_task_work_run+0x10/0x10 [ 141.827182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.827578] ? switch_task_namespaces+0xa9/0xe0 [ 141.827963] do_exit+0xb17/0x2ef0 [ 141.828237] ? lock_acquire+0x427/0x4c0 [ 141.828562] ? __pfx_lock_release+0x10/0x10 [ 141.828917] ? __kasan_check_write+0x18/0x20 [ 141.829361] ? do_raw_spin_lock+0x132/0x2a0 [ 141.829708] ? __pfx_do_exit+0x10/0x10 [ 141.830024] ? debug_smp_processor_id+0x20/0x30 [ 141.830398] ? rcu_is_watching+0x19/0xb0 [ 141.830786] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.831223] ? trace_hardirqs_on+0x26/0x120 [ 141.831588] do_group_exit+0xe0/0x2b0 [ 141.831910] __x64_sys_exit_group+0x47/0x50 [ 141.832262] do_syscall_64+0x3b/0x90 [ 141.832580] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.833081] RIP: 0033:0x7f4b87518a4d [ 141.833446] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.833952] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.834602] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.835333] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.835928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.836509] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.837210] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.837805] [ 141.838000] irq event stamp: 0 [ 141.838260] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.838882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.839591] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.840280] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.840835] ---[ end trace 0000000000000000 ]--- [ 141.841693] ------------[ cut here ]------------ [ 141.842086] WARNING: CPU: 1 PID: 1322 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.843082] Modules linked in: [ 141.843361] CPU: 1 PID: 1322 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.844080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.845133] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.845563] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.847256] RSP: 0018:ffff888016f8fb78 EFLAGS: 00010246 [ 141.847697] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.848280] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 141.848863] RBP: ffff888016f8fb98 R08: ffffed100238a43e R09: ffffed100238a43e [ 141.849554] R10: ffff888011c521ef R11: ffffed100238a43d R12: ffff888011c52290 [ 141.850140] R13: ffff888011c520a8 R14: ffffffffffffffff R15: ffff888016f8fc60 [ 141.850776] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.851514] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.851990] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 141.852570] PKRU: 55555554 [ 141.852851] Call Trace: [ 141.853134] [ 141.853323] iommufd_ioas_destroy+0x53/0x70 [ 141.853689] iommufd_fops_release+0x1f7/0x370 [ 141.854072] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.854490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.854948] ? write_comp_data+0x2f/0x90 [ 141.855410] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.855828] __fput+0x26d/0xa40 [ 141.856125] ____fput+0x1e/0x30 [ 141.856414] task_work_run+0x1a4/0x2d0 [ 141.856748] ? __pfx_task_work_run+0x10/0x10 [ 141.857227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.857642] ? switch_task_namespaces+0xa9/0xe0 [ 141.858043] do_exit+0xb17/0x2ef0 [ 141.858334] ? lock_acquire+0x427/0x4c0 [ 141.858728] ? __pfx_lock_release+0x10/0x10 [ 141.859157] ? __kasan_check_write+0x18/0x20 [ 141.859528] ? do_raw_spin_lock+0x132/0x2a0 [ 141.859892] ? __pfx_do_exit+0x10/0x10 [ 141.860226] ? debug_smp_processor_id+0x20/0x30 [ 141.860616] ? rcu_is_watching+0x19/0xb0 [ 141.861006] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.861443] ? trace_hardirqs_on+0x26/0x120 [ 141.861811] do_group_exit+0xe0/0x2b0 [ 141.862127] __x64_sys_exit_group+0x47/0x50 [ 141.862485] do_syscall_64+0x3b/0x90 [ 141.862830] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.863440] RIP: 0033:0x7f4b87518a4d [ 141.863766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.864289] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.865018] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.865686] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.866307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.867028] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.867697] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.868322] [ 141.868525] irq event stamp: 0 [ 141.868796] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.869463] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.870189] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.870936] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.871500] ---[ end trace 0000000000000000 ]--- [ 141.876138] ------------[ cut here ]------------ [ 141.876592] WARNING: CPU: 1 PID: 1323 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.877465] Modules linked in: [ 141.877744] CPU: 1 PID: 1323 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.878493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.879521] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.879953] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.881524] RSP: 0018:ffff88800ffb7bb8 EFLAGS: 00010246 [ 141.881991] RAX: 0000000000000000 RBX: ffff888011c530a8 RCX: 0000000000000000 [ 141.882628] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 141.883263] RBP: ffff88800ffb7bd0 R08: ffffed100238a633 R09: ffffed100238a633 [ 141.883876] R10: ffff888011c53193 R11: ffffed100238a632 R12: ffff888017b2a400 [ 141.884487] R13: ffff888011c531e8 R14: ffffffff8352e670 R15: ffff88800ffb7e68 [ 141.885101] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.885792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.886293] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 141.886934] PKRU: 55555554 [ 141.887200] Call Trace: [ 141.887425] [ 141.887622] __iommufd_access_detach+0x1c2/0x2b0 [ 141.888047] iommufd_access_change_pt+0x149/0x270 [ 141.888482] iommufd_access_replace+0xb4/0x120 [ 141.888898] iommufd_test+0x3e5/0x37e0 [ 141.889243] ? lock_release+0x532/0x770 [ 141.889604] ? __might_fault+0x102/0x1b0 [ 141.889970] ? lock_acquire+0x427/0x4c0 [ 141.890334] ? __pfx_iommufd_test+0x10/0x10 [ 141.890738] ? __pfx_lock_release+0x10/0x10 [ 141.891136] ? __pfx_lock_acquire+0x10/0x10 [ 141.891533] ? write_comp_data+0x2f/0x90 [ 141.891897] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.892322] ? write_comp_data+0x2f/0x90 [ 141.892688] iommufd_fops_ioctl+0x37d/0x510 [ 141.893068] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.893500] ? write_comp_data+0x2f/0x90 [ 141.893866] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.894291] __x64_sys_ioctl+0x1a3/0x230 [ 141.894683] do_syscall_64+0x3b/0x90 [ 141.895026] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.895495] RIP: 0033:0x7f4b8743ee5d [ 141.895823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.897404] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.898066] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.898706] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.899337] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.899953] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.900578] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.901190] [ 141.901395] irq event stamp: 0 [ 141.901667] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.902205] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.902932] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.903625] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.904141] ---[ end trace 0000000000000000 ]--- [ 141.907010] ------------[ cut here ]------------ [ 141.907442] WARNING: CPU: 1 PID: 1323 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.908279] Modules linked in: [ 141.908544] CPU: 1 PID: 1323 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.909256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.910166] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.910600] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.912108] RSP: 0018:ffff88800ffb7bd0 EFLAGS: 00010246 [ 141.912545] RAX: 0000000000000000 RBX: ffff888011c530a8 RCX: 0000000000000000 [ 141.913124] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 141.913707] RBP: ffff88800ffb7be8 R08: ffffed100238a633 R09: ffffed100238a633 [ 141.914293] R10: ffff888011c53193 R11: ffffed100238a632 R12: ffff888010827000 [ 141.914897] R13: ffff888011c531e8 R14: ffff888016e15700 R15: 0000000000000000 [ 141.915496] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.916149] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.916626] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.917225] PKRU: 55555554 [ 141.917458] Call Trace: [ 141.917669] [ 141.917856] iommufd_access_destroy_object+0x65/0x170 [ 141.918284] iommufd_object_destroy_user+0x18e/0x220 [ 141.918732] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 141.919240] iommufd_access_destroy+0x43/0x70 [ 141.919623] iommufd_test_staccess_release+0x8d/0xd0 [ 141.920049] __fput+0x26d/0xa40 [ 141.920335] ____fput+0x1e/0x30 [ 141.920619] task_work_run+0x1a4/0x2d0 [ 141.920948] ? __pfx_task_work_run+0x10/0x10 [ 141.921315] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.921722] ? switch_task_namespaces+0xa9/0xe0 [ 141.922114] do_exit+0xb17/0x2ef0 [ 141.922398] ? lock_acquire+0x427/0x4c0 [ 141.922755] ? __pfx_lock_release+0x10/0x10 [ 141.923135] ? __kasan_check_write+0x18/0x20 [ 141.923511] ? do_raw_spin_lock+0x132/0x2a0 [ 141.923868] ? __pfx_do_exit+0x10/0x10 [ 141.924197] ? debug_smp_processor_id+0x20/0x30 [ 141.924583] ? rcu_is_watching+0x19/0xb0 [ 141.924923] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.925297] ? trace_hardirqs_on+0x26/0x120 [ 141.925654] do_group_exit+0xe0/0x2b0 [ 141.925974] __x64_sys_exit_group+0x47/0x50 [ 141.926329] do_syscall_64+0x3b/0x90 [ 141.926667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.927102] RIP: 0033:0x7f4b87518a4d [ 141.927419] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.927920] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.928538] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.929128] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.929705] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.930283] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.930895] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.931495] [ 141.931686] irq event stamp: 0 [ 141.931947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.932459] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.933140] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.933817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.934329] ---[ end trace 0000000000000000 ]--- [ 141.935064] ------------[ cut here ]------------ [ 141.935460] WARNING: CPU: 1 PID: 1323 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 141.936289] Modules linked in: [ 141.936552] CPU: 1 PID: 1323 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.937265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.938179] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 141.938630] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 141.940122] RSP: 0018:ffff88800ffb7b78 EFLAGS: 00010246 [ 141.940563] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 141.941143] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 141.941732] RBP: ffff88800ffb7b98 R08: ffffed100238a63e R09: ffffed100238a63e [ 141.942314] R10: ffff888011c531ef R11: ffffed100238a63d R12: ffff888011c53290 [ 141.942922] R13: ffff888011c530a8 R14: ffffffffffffffff R15: ffff88800ffb7c60 [ 141.943519] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 141.944180] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.944661] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 141.945244] PKRU: 55555554 [ 141.945480] Call Trace: [ 141.945691] [ 141.945878] iommufd_ioas_destroy+0x53/0x70 [ 141.946236] iommufd_fops_release+0x1f7/0x370 [ 141.946633] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.947047] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.947442] ? write_comp_data+0x2f/0x90 [ 141.947779] ? __pfx_iommufd_fops_release+0x10/0x10 [ 141.948190] __fput+0x26d/0xa40 [ 141.948472] ____fput+0x1e/0x30 [ 141.948751] task_work_run+0x1a4/0x2d0 [ 141.949077] ? __pfx_task_work_run+0x10/0x10 [ 141.949440] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.949839] ? switch_task_namespaces+0xa9/0xe0 [ 141.950224] do_exit+0xb17/0x2ef0 [ 141.950530] ? lock_acquire+0x427/0x4c0 [ 141.950862] ? __pfx_lock_release+0x10/0x10 [ 141.951231] ? __kasan_check_write+0x18/0x20 [ 141.951597] ? do_raw_spin_lock+0x132/0x2a0 [ 141.951950] ? __pfx_do_exit+0x10/0x10 [ 141.952275] ? debug_smp_processor_id+0x20/0x30 [ 141.952658] ? rcu_is_watching+0x19/0xb0 [ 141.952992] ? _raw_spin_unlock_irq+0x2b/0x60 [ 141.953363] ? trace_hardirqs_on+0x26/0x120 [ 141.953722] do_group_exit+0xe0/0x2b0 [ 141.954033] __x64_sys_exit_group+0x47/0x50 [ 141.954382] do_syscall_64+0x3b/0x90 [ 141.954715] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.955150] RIP: 0033:0x7f4b87518a4d [ 141.955453] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 141.955952] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 141.956562] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 141.957135] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 141.957706] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 141.958276] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 141.958885] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 141.959484] [ 141.959676] irq event stamp: 0 [ 141.959932] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.960443] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.961128] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.961802] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.962313] ---[ end trace 0000000000000000 ]--- [ 141.967652] ------------[ cut here ]------------ [ 141.968070] WARNING: CPU: 0 PID: 1324 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.968875] Modules linked in: [ 141.969131] CPU: 0 PID: 1324 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.969817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.970770] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.971178] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 141.972604] RSP: 0018:ffff8880100efbb8 EFLAGS: 00010246 [ 141.973016] RAX: 0000000000000000 RBX: ffff88801868d8a8 RCX: 0000000000000000 [ 141.973565] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 141.974113] RBP: ffff8880100efbd0 R08: ffffed10030d1b33 R09: ffffed10030d1b33 [ 141.974689] R10: ffff88801868d993 R11: ffffed10030d1b32 R12: ffff888012e96400 [ 141.975247] R13: ffff88801868d9e8 R14: ffffffff8352e670 R15: ffff8880100efe68 [ 141.975806] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 141.976428] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.976882] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 141.977439] PKRU: 55555554 [ 141.977659] Call Trace: [ 141.977858] [ 141.978036] __iommufd_access_detach+0x1c2/0x2b0 [ 141.978423] iommufd_access_change_pt+0x149/0x270 [ 141.978824] iommufd_access_replace+0xb4/0x120 [ 141.979204] iommufd_test+0x3e5/0x37e0 [ 141.979516] ? lock_release+0x532/0x770 [ 141.979836] ? __might_fault+0x102/0x1b0 [ 141.980160] ? lock_acquire+0x427/0x4c0 [ 141.980482] ? __pfx_iommufd_test+0x10/0x10 [ 141.980820] ? __pfx_lock_release+0x10/0x10 [ 141.981163] ? __pfx_lock_acquire+0x10/0x10 [ 141.981509] ? write_comp_data+0x2f/0x90 [ 141.981838] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 141.982221] ? write_comp_data+0x2f/0x90 [ 141.982562] iommufd_fops_ioctl+0x37d/0x510 [ 141.982909] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.983310] ? write_comp_data+0x2f/0x90 [ 141.983644] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.984026] __x64_sys_ioctl+0x1a3/0x230 [ 141.984358] do_syscall_64+0x3b/0x90 [ 141.984664] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 141.985075] RIP: 0033:0x7f4b8743ee5d [ 141.985368] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 141.986797] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 141.987405] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 141.987964] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.988531] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 141.989089] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 141.989642] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 141.990204] [ 141.990392] irq event stamp: 0 [ 141.990660] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 141.991165] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 141.991819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 141.992467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 141.992953] ---[ end trace 0000000000000000 ]--- [ 141.995696] ------------[ cut here ]------------ [ 141.996095] WARNING: CPU: 0 PID: 1324 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 141.996876] Modules linked in: [ 141.997128] CPU: 0 PID: 1324 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 141.997796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 141.998681] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 141.999069] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.000472] RSP: 0018:ffff8880100efbd0 EFLAGS: 00010246 [ 142.000881] RAX: 0000000000000000 RBX: ffff88801868d8a8 RCX: 0000000000000000 [ 142.001427] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 142.001970] RBP: ffff8880100efbe8 R08: ffffed10030d1b33 R09: ffffed10030d1b33 [ 142.002541] R10: ffff88801868d993 R11: ffffed10030d1b32 R12: ffff888010e00800 [ 142.003094] R13: ffff88801868d9e8 R14: ffff888013d36000 R15: 0000000000000000 [ 142.003649] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 142.004264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.004709] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 142.005259] PKRU: 55555554 [ 142.005479] Call Trace: [ 142.005679] [ 142.005857] iommufd_access_destroy_object+0x65/0x170 [ 142.006260] iommufd_object_destroy_user+0x18e/0x220 [ 142.006671] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.007138] iommufd_access_destroy+0x43/0x70 [ 142.007497] iommufd_test_staccess_release+0x8d/0xd0 [ 142.007899] __fput+0x26d/0xa40 [ 142.008170] ____fput+0x1e/0x30 [ 142.008435] task_work_run+0x1a4/0x2d0 [ 142.008745] ? __pfx_task_work_run+0x10/0x10 [ 142.009095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.009479] ? switch_task_namespaces+0xa9/0xe0 [ 142.009852] do_exit+0xb17/0x2ef0 [ 142.010125] ? lock_acquire+0x427/0x4c0 [ 142.010467] ? __pfx_lock_release+0x10/0x10 [ 142.010826] ? __kasan_check_write+0x18/0x20 [ 142.011180] ? do_raw_spin_lock+0x132/0x2a0 [ 142.011518] ? __pfx_do_exit+0x10/0x10 [ 142.011831] ? debug_smp_processor_id+0x20/0x30 [ 142.012196] ? rcu_is_watching+0x19/0xb0 [ 142.012513] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.012869] ? trace_hardirqs_on+0x26/0x120 [ 142.013211] do_group_exit+0xe0/0x2b0 [ 142.013509] __x64_sys_exit_group+0x47/0x50 [ 142.013844] do_syscall_64+0x3b/0x90 [ 142.014138] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.014563] RIP: 0033:0x7f4b87518a4d [ 142.014855] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.015339] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.015924] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.016473] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.017018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.017564] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.018116] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.018715] [ 142.018900] irq event stamp: 0 [ 142.019180] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.019665] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.020308] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.020949] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.021436] ---[ end trace 0000000000000000 ]--- [ 142.022474] ------------[ cut here ]------------ [ 142.022885] WARNING: CPU: 0 PID: 1324 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.023674] Modules linked in: [ 142.023923] CPU: 0 PID: 1324 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.024594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.025454] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.025853] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.027500] RSP: 0018:ffff8880100efb78 EFLAGS: 00010246 [ 142.027914] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.028463] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 142.029006] RBP: ffff8880100efb98 R08: ffffed10030d1b3e R09: ffffed10030d1b3e [ 142.029550] R10: ffff88801868d9ef R11: ffffed10030d1b3d R12: ffff88801868da90 [ 142.030097] R13: ffff88801868d8a8 R14: ffffffffffffffff R15: ffff8880100efc60 [ 142.030661] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 142.031291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.031738] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 142.032284] PKRU: 55555554 [ 142.032505] Call Trace: [ 142.032703] [ 142.032878] iommufd_ioas_destroy+0x53/0x70 [ 142.033217] iommufd_fops_release+0x1f7/0x370 [ 142.033568] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.033954] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.034336] ? write_comp_data+0x2f/0x90 [ 142.034676] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.035067] __fput+0x26d/0xa40 [ 142.035346] ____fput+0x1e/0x30 [ 142.035611] task_work_run+0x1a4/0x2d0 [ 142.035919] ? __pfx_task_work_run+0x10/0x10 [ 142.036261] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.036640] ? switch_task_namespaces+0xa9/0xe0 [ 142.037008] do_exit+0xb17/0x2ef0 [ 142.037278] ? lock_acquire+0x427/0x4c0 [ 142.037595] ? __pfx_lock_release+0x10/0x10 [ 142.037935] ? __kasan_check_write+0x18/0x20 [ 142.038281] ? do_raw_spin_lock+0x132/0x2a0 [ 142.038633] ? __pfx_do_exit+0x10/0x10 [ 142.038945] ? debug_smp_processor_id+0x20/0x30 [ 142.039317] ? rcu_is_watching+0x19/0xb0 [ 142.039633] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.039991] ? trace_hardirqs_on+0x26/0x120 [ 142.040331] do_group_exit+0xe0/0x2b0 [ 142.040629] __x64_sys_exit_group+0x47/0x50 [ 142.040969] do_syscall_64+0x3b/0x90 [ 142.041265] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.041670] RIP: 0033:0x7f4b87518a4d [ 142.041961] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.042436] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.043038] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.043599] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.044150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.044692] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.045239] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.045793] [ 142.045975] irq event stamp: 0 [ 142.046220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.046728] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.047383] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.048024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.048507] ---[ end trace 0000000000000000 ]--- [ 142.056395] ------------[ cut here ]------------ [ 142.056824] WARNING: CPU: 1 PID: 1325 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.057740] Modules linked in: [ 142.057992] CPU: 1 PID: 1325 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.058734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.059732] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.060131] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.061662] RSP: 0018:ffff888010fa7bb8 EFLAGS: 00010246 [ 142.062076] RAX: 0000000000000000 RBX: ffff888016d340a8 RCX: 0000000000000000 [ 142.062719] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 142.063333] RBP: ffff888010fa7bd0 R08: ffffed1002da6833 R09: ffffed1002da6833 [ 142.063899] R10: ffff888016d34193 R11: ffffed1002da6832 R12: ffff8880134f9800 [ 142.064492] R13: ffff888016d341e8 R14: ffffffff8352e670 R15: ffff888010fa7e68 [ 142.065120] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.065751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.066273] CR2: 00007f4b877410e8 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 142.066894] PKRU: 55555554 [ 142.067130] Call Trace: [ 142.067332] [ 142.067511] __iommufd_access_detach+0x1c2/0x2b0 [ 142.067924] iommufd_access_change_pt+0x149/0x270 [ 142.068381] iommufd_access_replace+0xb4/0x120 [ 142.068752] iommufd_test+0x3e5/0x37e0 [ 142.069060] ? lock_release+0x532/0x770 [ 142.069381] ? __might_fault+0x102/0x1b0 [ 142.069783] ? lock_acquire+0x427/0x4c0 [ 142.070153] ? __pfx_iommufd_test+0x10/0x10 [ 142.070493] ? __pfx_lock_release+0x10/0x10 [ 142.070858] ? __pfx_lock_acquire+0x10/0x10 [ 142.071223] ? write_comp_data+0x2f/0x90 [ 142.071614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.072043] ? write_comp_data+0x2f/0x90 [ 142.072372] iommufd_fops_ioctl+0x37d/0x510 [ 142.072715] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.073119] ? write_comp_data+0x2f/0x90 [ 142.073523] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.073903] __x64_sys_ioctl+0x1a3/0x230 [ 142.074235] do_syscall_64+0x3b/0x90 [ 142.074556] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.075023] RIP: 0033:0x7f4b8743ee5d [ 142.075378] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.076860] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.077481] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.078034] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.078709] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.079276] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.079829] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.080503] [ 142.080690] irq event stamp: 0 [ 142.080938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.081429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.082188] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.082873] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.083380] ---[ end trace 0000000000000000 ]--- [ 142.087788] ------------[ cut here ]------------ [ 142.088198] WARNING: CPU: 1 PID: 1325 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.089116] Modules linked in: [ 142.089381] CPU: 1 PID: 1325 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.090104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.091190] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.091606] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.093219] RSP: 0018:ffff888010fa7bd0 EFLAGS: 00010246 [ 142.093662] RAX: 0000000000000000 RBX: ffff888016d340a8 RCX: 0000000000000000 [ 142.094249] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 142.094968] RBP: ffff888010fa7be8 R08: ffffed1002da6833 R09: ffffed1002da6833 [ 142.095570] R10: ffff888016d34193 R11: ffffed1002da6832 R12: ffff888017b28800 [ 142.096171] R13: ffff888016d341e8 R14: ffff888014588f00 R15: 0000000000000000 [ 142.096863] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.097524] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.098025] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 142.098719] PKRU: 55555554 [ 142.098954] Call Trace: [ 142.099199] [ 142.099389] iommufd_access_destroy_object+0x65/0x170 [ 142.099823] iommufd_object_destroy_user+0x18e/0x220 [ 142.100366] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.100851] iommufd_access_destroy+0x43/0x70 [ 142.101242] iommufd_test_staccess_release+0x8d/0xd0 [ 142.101679] __fput+0x26d/0xa40 [ 142.102025] ____fput+0x1e/0x30 [ 142.102359] task_work_run+0x1a4/0x2d0 [ 142.102710] ? __pfx_task_work_run+0x10/0x10 [ 142.103084] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.103516] ? switch_task_namespaces+0xa9/0xe0 [ 142.104029] do_exit+0xb17/0x2ef0 [ 142.104340] ? lock_acquire+0x427/0x4c0 [ 142.104681] ? __pfx_lock_release+0x10/0x10 [ 142.105048] ? __kasan_check_write+0x18/0x20 [ 142.105445] ? do_raw_spin_lock+0x132/0x2a0 [ 142.105885] ? __pfx_do_exit+0x10/0x10 [ 142.106221] ? debug_smp_processor_id+0x20/0x30 [ 142.106641] ? rcu_is_watching+0x19/0xb0 [ 142.106999] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.107459] ? trace_hardirqs_on+0x26/0x120 [ 142.107892] do_group_exit+0xe0/0x2b0 [ 142.108216] __x64_sys_exit_group+0x47/0x50 [ 142.108575] do_syscall_64+0x3b/0x90 [ 142.108898] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.109412] RIP: 0033:0x7f4b87518a4d [ 142.109779] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.110292] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.110944] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.111668] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.112254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.112846] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.113533] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.114157] [ 142.114361] irq event stamp: 0 [ 142.114660] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.115343] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.116073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.116874] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.117501] ---[ end trace 0000000000000000 ]--- [ 142.120101] ------------[ cut here ]------------ [ 142.120557] WARNING: CPU: 1 PID: 1325 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.121544] Modules linked in: [ 142.121841] CPU: 1 PID: 1325 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.122741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.123811] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.124272] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.125999] RSP: 0018:ffff888010fa7b78 EFLAGS: 00010246 [ 142.126486] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.127260] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 142.127885] RBP: ffff888010fa7b98 R08: ffffed1002da683e R09: ffffed1002da683e [ 142.128540] R10: ffff888016d341ef R11: ffffed1002da683d R12: ffff888016d34290 [ 142.129282] R13: ffff888016d340a8 R14: ffffffffffffffff R15: ffff888010fa7c60 [ 142.129932] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.130739] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.131350] CR2: 00007f82e2fa1000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 142.131996] PKRU: 55555554 [ 142.132256] Call Trace: [ 142.132486] [ 142.132714] iommufd_ioas_destroy+0x53/0x70 [ 142.133189] iommufd_fops_release+0x1f7/0x370 [ 142.133591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.134036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.134475] ? write_comp_data+0x2f/0x90 [ 142.134938] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.135400] __fput+0x26d/0xa40 [ 142.135709] ____fput+0x1e/0x30 [ 142.136013] task_work_run+0x1a4/0x2d0 [ 142.136361] ? __pfx_task_work_run+0x10/0x10 [ 142.136751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.137186] ? switch_task_namespaces+0xa9/0xe0 [ 142.137606] do_exit+0xb17/0x2ef0 [ 142.137927] ? lock_acquire+0x427/0x4c0 [ 142.138282] ? __pfx_lock_release+0x10/0x10 [ 142.138692] ? __kasan_check_write+0x18/0x20 [ 142.139101] ? do_raw_spin_lock+0x132/0x2a0 [ 142.139490] ? __pfx_do_exit+0x10/0x10 [ 142.139838] ? debug_smp_processor_id+0x20/0x30 [ 142.140255] ? rcu_is_watching+0x19/0xb0 [ 142.140610] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.141009] ? trace_hardirqs_on+0x26/0x120 [ 142.141400] do_group_exit+0xe0/0x2b0 [ 142.141738] __x64_sys_exit_group+0x47/0x50 [ 142.142118] do_syscall_64+0x3b/0x90 [ 142.142459] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.142952] RIP: 0033:0x7f4b87518a4d [ 142.143287] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.143829] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.144497] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.145107] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.145731] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.146342] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.146981] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.147620] [ 142.147838] irq event stamp: 0 [ 142.148113] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.148655] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.149369] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.150075] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.150649] ---[ end trace 0000000000000000 ]--- [ 142.155056] ------------[ cut here ]------------ [ 142.155516] WARNING: CPU: 1 PID: 1326 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.156394] Modules linked in: [ 142.156679] CPU: 1 PID: 1326 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.157429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.158391] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.158958] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.160514] RSP: 0018:ffff88801840fbb8 EFLAGS: 00010246 [ 142.160954] RAX: 0000000000000000 RBX: ffff8880245880a8 RCX: 0000000000000000 [ 142.161531] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 142.162114] RBP: ffff88801840fbd0 R08: ffffed10048b1033 R09: ffffed10048b1033 [ 142.162711] R10: ffff888024588193 R11: ffffed10048b1032 R12: ffff888012e2b000 [ 142.163303] R13: ffff8880245881e8 R14: ffffffff8352e670 R15: ffff88801840fe68 [ 142.163892] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.164544] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.165023] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 142.165603] PKRU: 55555554 [ 142.165844] Call Trace: [ 142.166054] [ 142.166239] __iommufd_access_detach+0x1c2/0x2b0 [ 142.166662] iommufd_access_change_pt+0x149/0x270 [ 142.167072] iommufd_access_replace+0xb4/0x120 [ 142.167468] iommufd_test+0x3e5/0x37e0 [ 142.167781] ? lock_release+0x532/0x770 [ 142.168112] ? __might_fault+0x102/0x1b0 [ 142.168450] ? lock_acquire+0x427/0x4c0 [ 142.168790] ? __pfx_iommufd_test+0x10/0x10 [ 142.169156] ? __pfx_lock_release+0x10/0x10 [ 142.169520] ? __pfx_lock_acquire+0x10/0x10 [ 142.169881] ? write_comp_data+0x2f/0x90 [ 142.170239] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.170659] ? write_comp_data+0x2f/0x90 [ 142.171000] iommufd_fops_ioctl+0x37d/0x510 [ 142.171372] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.171779] ? write_comp_data+0x2f/0x90 [ 142.172120] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.172532] __x64_sys_ioctl+0x1a3/0x230 [ 142.172877] do_syscall_64+0x3b/0x90 [ 142.173193] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.173618] RIP: 0033:0x7f4b8743ee5d [ 142.173946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.175426] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.176050] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.176636] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.177218] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.177783] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.178343] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.178941] [ 142.179143] irq event stamp: 0 [ 142.179397] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.179905] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.180564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.181231] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.181711] ---[ end trace 0000000000000000 ]--- [ 142.184405] ------------[ cut here ]------------ [ 142.184795] WARNING: CPU: 1 PID: 1326 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.185576] Modules linked in: [ 142.185821] CPU: 1 PID: 1326 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.186493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.187391] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.187783] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.189183] RSP: 0018:ffff88801840fbd0 EFLAGS: 00010246 [ 142.189592] RAX: 0000000000000000 RBX: ffff8880245880a8 RCX: 0000000000000000 [ 142.190147] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 142.190711] RBP: ffff88801840fbe8 R08: ffffed10048b1033 R09: ffffed10048b1033 [ 142.191269] R10: ffff888024588193 R11: ffffed10048b1032 R12: ffff8880134f9000 [ 142.191818] R13: ffff8880245881e8 R14: ffff888012b9be00 R15: 0000000000000000 [ 142.192445] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.193219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.193717] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.194441] PKRU: 55555554 [ 142.194775] Call Trace: [ 142.195043] [ 142.195289] iommufd_access_destroy_object+0x65/0x170 [ 142.195813] iommufd_object_destroy_user+0x18e/0x220 [ 142.196321] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.196910] iommufd_access_destroy+0x43/0x70 [ 142.197382] iommufd_test_staccess_release+0x8d/0xd0 [ 142.197914] __fput+0x26d/0xa40 [ 142.198273] ____fput+0x1e/0x30 [ 142.198649] task_work_run+0x1a4/0x2d0 [ 142.199047] ? __pfx_task_work_run+0x10/0x10 [ 142.199502] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.199999] ? switch_task_namespaces+0xa9/0xe0 [ 142.200472] do_exit+0xb17/0x2ef0 [ 142.200818] ? lock_acquire+0x427/0x4c0 [ 142.201230] ? __pfx_lock_release+0x10/0x10 [ 142.201657] ? __kasan_check_write+0x18/0x20 [ 142.202098] ? do_raw_spin_lock+0x132/0x2a0 [ 142.202564] ? __pfx_do_exit+0x10/0x10 [ 142.202962] ? debug_smp_processor_id+0x20/0x30 [ 142.203445] ? rcu_is_watching+0x19/0xb0 [ 142.203853] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.204320] ? trace_hardirqs_on+0x26/0x120 [ 142.204760] do_group_exit+0xe0/0x2b0 [ 142.205147] __x64_sys_exit_group+0x47/0x50 [ 142.205578] do_syscall_64+0x3b/0x90 [ 142.205954] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.206483] RIP: 0033:0x7f4b87518a4d [ 142.206889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.207502] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.208267] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.208979] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.209685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.210377] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.211149] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.211856] [ 142.212089] irq event stamp: 0 [ 142.212409] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.213013] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.213827] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.214681] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.215316] ---[ end trace 0000000000000000 ]--- [ 142.216301] ------------[ cut here ]------------ [ 142.216772] WARNING: CPU: 1 PID: 1326 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.217764] Modules linked in: [ 142.218093] CPU: 1 PID: 1326 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.218976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.220102] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.220636] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.222391] RSP: 0018:ffff88801840fb78 EFLAGS: 00010246 [ 142.222951] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.223653] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 142.224361] RBP: ffff88801840fb98 R08: ffffed10048b103e R09: ffffed10048b103e [ 142.225060] R10: ffff8880245881ef R11: ffffed10048b103d R12: ffff888024588290 [ 142.225760] R13: ffff8880245880a8 R14: ffffffffffffffff R15: ffff88801840fc60 [ 142.226441] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.227268] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.227712] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.228245] PKRU: 55555554 [ 142.228463] Call Trace: [ 142.228654] [ 142.228824] iommufd_ioas_destroy+0x53/0x70 [ 142.229155] iommufd_fops_release+0x1f7/0x370 [ 142.229498] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.229875] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.230248] ? write_comp_data+0x2f/0x90 [ 142.230591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.230989] __fput+0x26d/0xa40 [ 142.231299] ____fput+0x1e/0x30 [ 142.231567] task_work_run+0x1a4/0x2d0 [ 142.231880] ? __pfx_task_work_run+0x10/0x10 [ 142.232225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.232608] ? switch_task_namespaces+0xa9/0xe0 [ 142.232982] do_exit+0xb17/0x2ef0 [ 142.233252] ? lock_acquire+0x427/0x4c0 [ 142.233570] ? __pfx_lock_release+0x10/0x10 [ 142.233910] ? __kasan_check_write+0x18/0x20 [ 142.234257] ? do_raw_spin_lock+0x132/0x2a0 [ 142.234618] ? __pfx_do_exit+0x10/0x10 [ 142.234932] ? debug_smp_processor_id+0x20/0x30 [ 142.235311] ? rcu_is_watching+0x19/0xb0 [ 142.235629] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.235984] ? trace_hardirqs_on+0x26/0x120 [ 142.236328] do_group_exit+0xe0/0x2b0 [ 142.236626] __x64_sys_exit_group+0x47/0x50 [ 142.236959] do_syscall_64+0x3b/0x90 [ 142.237256] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.237665] RIP: 0033:0x7f4b87518a4d [ 142.237955] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.238431] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.239039] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.239614] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.240162] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.240709] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.241261] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.241822] [ 142.242008] irq event stamp: 0 [ 142.242253] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.242766] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.243429] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.244069] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.244558] ---[ end trace 0000000000000000 ]--- [ 142.248796] ------------[ cut here ]------------ [ 142.249205] WARNING: CPU: 1 PID: 1327 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.249993] Modules linked in: [ 142.250246] CPU: 1 PID: 1327 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.250978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.251906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.252319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.253801] RSP: 0018:ffff888015a8fbb8 EFLAGS: 00010246 [ 142.254234] RAX: 0000000000000000 RBX: ffff888010f5c8a8 RCX: 0000000000000000 [ 142.254849] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 142.255449] RBP: ffff888015a8fbd0 R08: ffffed10021eb933 R09: ffffed10021eb933 [ 142.256035] R10: ffff888010f5c993 R11: ffffed10021eb932 R12: ffff888013b6bc00 [ 142.256622] R13: ffff888010f5c9e8 R14: ffffffff8352e670 R15: ffff888015a8fe68 [ 142.257205] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.257861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.258339] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 142.258953] PKRU: 55555554 [ 142.259206] Call Trace: [ 142.259417] [ 142.259603] __iommufd_access_detach+0x1c2/0x2b0 [ 142.260009] iommufd_access_change_pt+0x149/0x270 [ 142.260423] iommufd_access_replace+0xb4/0x120 [ 142.260820] iommufd_test+0x3e5/0x37e0 [ 142.261145] ? lock_release+0x532/0x770 [ 142.261487] ? __might_fault+0x102/0x1b0 [ 142.261834] ? lock_acquire+0x427/0x4c0 [ 142.262172] ? __pfx_iommufd_test+0x10/0x10 [ 142.262551] ? __pfx_lock_release+0x10/0x10 [ 142.262920] ? __pfx_lock_acquire+0x10/0x10 [ 142.263299] ? write_comp_data+0x2f/0x90 [ 142.263645] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.264048] ? write_comp_data+0x2f/0x90 [ 142.264395] iommufd_fops_ioctl+0x37d/0x510 [ 142.264760] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.265169] ? write_comp_data+0x2f/0x90 [ 142.265513] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.265920] __x64_sys_ioctl+0x1a3/0x230 [ 142.266280] do_syscall_64+0x3b/0x90 [ 142.266652] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.267097] RIP: 0033:0x7f4b8743ee5d [ 142.267426] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.268932] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.269572] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.270162] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.270781] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.271387] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.271982] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.272583] [ 142.272779] irq event stamp: 0 [ 142.273038] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.273568] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.274290] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.275024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.275586] ---[ end trace 0000000000000000 ]--- [ 142.278412] ------------[ cut here ]------------ [ 142.278871] WARNING: CPU: 1 PID: 1327 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.279746] Modules linked in: [ 142.280021] CPU: 1 PID: 1327 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.280758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.281702] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.282131] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.283708] RSP: 0018:ffff888015a8fbd0 EFLAGS: 00010246 [ 142.284178] RAX: 0000000000000000 RBX: ffff888010f5c8a8 RCX: 0000000000000000 [ 142.284785] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 142.285394] RBP: ffff888015a8fbe8 R08: ffffed10021eb933 R09: ffffed10021eb933 [ 142.286004] R10: ffff888010f5c993 R11: ffffed10021eb932 R12: ffff888018538c00 [ 142.286648] R13: ffff888010f5c9e8 R14: ffff888021887700 R15: 0000000000000000 [ 142.287302] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.287995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.288494] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.289123] PKRU: 55555554 [ 142.289384] Call Trace: [ 142.289609] [ 142.289807] iommufd_access_destroy_object+0x65/0x170 [ 142.290259] iommufd_object_destroy_user+0x18e/0x220 [ 142.290725] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.291249] iommufd_access_destroy+0x43/0x70 [ 142.291648] iommufd_test_staccess_release+0x8d/0xd0 [ 142.292094] __fput+0x26d/0xa40 [ 142.292393] ____fput+0x1e/0x30 [ 142.292693] task_work_run+0x1a4/0x2d0 [ 142.293039] ? __pfx_task_work_run+0x10/0x10 [ 142.293432] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.293868] ? switch_task_namespaces+0xa9/0xe0 [ 142.294288] do_exit+0xb17/0x2ef0 [ 142.294617] ? lock_acquire+0x427/0x4c0 [ 142.294984] ? __pfx_lock_release+0x10/0x10 [ 142.295394] ? __kasan_check_write+0x18/0x20 [ 142.295792] ? do_raw_spin_lock+0x132/0x2a0 [ 142.296194] ? __pfx_do_exit+0x10/0x10 [ 142.296548] ? debug_smp_processor_id+0x20/0x30 [ 142.296954] ? rcu_is_watching+0x19/0xb0 [ 142.297314] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.297713] ? trace_hardirqs_on+0x26/0x120 [ 142.298095] do_group_exit+0xe0/0x2b0 [ 142.298431] __x64_sys_exit_group+0x47/0x50 [ 142.298841] do_syscall_64+0x3b/0x90 [ 142.299191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.299660] RIP: 0033:0x7f4b87518a4d [ 142.299989] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.300524] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.301192] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.301810] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.302432] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.303074] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.303716] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.304343] [ 142.304548] irq event stamp: 0 [ 142.304823] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.305374] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.306109] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.306881] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.307455] ---[ end trace 0000000000000000 ]--- [ 142.308211] ------------[ cut here ]------------ [ 142.308622] WARNING: CPU: 1 PID: 1327 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.309527] Modules linked in: [ 142.309808] CPU: 1 PID: 1327 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.310608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.311615] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.312084] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.313727] RSP: 0018:ffff888015a8fb78 EFLAGS: 00010246 [ 142.314212] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.314888] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 142.315568] RBP: ffff888015a8fb98 R08: ffffed10021eb93e R09: ffffed10021eb93e [ 142.316230] R10: ffff888010f5c9ef R11: ffffed10021eb93d R12: ffff888010f5ca90 [ 142.316874] R13: ffff888010f5c8a8 R14: ffffffffffffffff R15: ffff888015a8fc60 [ 142.317523] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.318250] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.318807] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.319488] PKRU: 55555554 [ 142.319755] Call Trace: [ 142.319991] [ 142.320197] iommufd_ioas_destroy+0x53/0x70 [ 142.320598] iommufd_fops_release+0x1f7/0x370 [ 142.321022] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.321483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.321935] ? write_comp_data+0x2f/0x90 [ 142.322322] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.322807] __fput+0x26d/0xa40 [ 142.323137] ____fput+0x1e/0x30 [ 142.323451] task_work_run+0x1a4/0x2d0 [ 142.323813] ? __pfx_task_work_run+0x10/0x10 [ 142.324226] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.324684] ? switch_task_namespaces+0xa9/0xe0 [ 142.325126] do_exit+0xb17/0x2ef0 [ 142.325443] ? lock_acquire+0x427/0x4c0 [ 142.325815] ? __pfx_lock_release+0x10/0x10 [ 142.326212] ? __kasan_check_write+0x18/0x20 [ 142.326646] ? do_raw_spin_lock+0x132/0x2a0 [ 142.327055] ? __pfx_do_exit+0x10/0x10 [ 142.327439] ? debug_smp_processor_id+0x20/0x30 [ 142.327876] ? rcu_is_watching+0x19/0xb0 [ 142.328258] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.328676] ? trace_hardirqs_on+0x26/0x120 [ 142.329069] do_group_exit+0xe0/0x2b0 [ 142.329421] __x64_sys_exit_group+0x47/0x50 [ 142.329810] do_syscall_64+0x3b/0x90 [ 142.330158] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.330672] RIP: 0033:0x7f4b87518a4d [ 142.331025] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.331593] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.332299] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.332979] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.333642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.334298] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.334989] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.335675] [ 142.335892] irq event stamp: 0 [ 142.336183] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.336769] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.337660] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.338607] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.339214] ---[ end trace 0000000000000000 ]--- [ 142.349711] ------------[ cut here ]------------ [ 142.350208] WARNING: CPU: 1 PID: 1328 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.351257] Modules linked in: [ 142.351560] CPU: 1 PID: 1328 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.352372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.353653] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.354127] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.355859] RSP: 0018:ffff888014627bb8 EFLAGS: 00010246 [ 142.356363] RAX: 0000000000000000 RBX: ffff8880158328a8 RCX: 0000000000000000 [ 142.357254] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 142.357924] RBP: ffff888014627bd0 R08: ffffed1002b06533 R09: ffffed1002b06533 [ 142.358620] R10: ffff888015832993 R11: ffffed1002b06532 R12: ffff888015c72000 [ 142.359299] R13: ffff8880158329e8 R14: ffffffff8352e670 R15: ffff888014627e68 [ 142.359964] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.360716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.361260] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 142.362159] PKRU: 55555554 [ 142.362429] Call Trace: [ 142.362698] [ 142.362915] __iommufd_access_detach+0x1c2/0x2b0 [ 142.363394] iommufd_access_change_pt+0x149/0x270 [ 142.363858] iommufd_access_replace+0xb4/0x120 [ 142.364302] iommufd_test+0x3e5/0x37e0 [ 142.364674] ? lock_release+0x532/0x770 [ 142.365060] ? __might_fault+0x102/0x1b0 [ 142.365452] ? lock_acquire+0x427/0x4c0 [ 142.365837] ? __pfx_iommufd_test+0x10/0x10 [ 142.366243] ? __pfx_lock_release+0x10/0x10 [ 142.366797] ? __pfx_lock_acquire+0x10/0x10 [ 142.367378] ? write_comp_data+0x2f/0x90 [ 142.367778] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.368238] ? write_comp_data+0x2f/0x90 [ 142.368634] iommufd_fops_ioctl+0x37d/0x510 [ 142.369047] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.369510] ? write_comp_data+0x2f/0x90 [ 142.369908] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.370371] __x64_sys_ioctl+0x1a3/0x230 [ 142.370800] do_syscall_64+0x3b/0x90 [ 142.371175] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.371681] RIP: 0033:0x7f4b8743ee5d [ 142.372059] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.374488] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.375308] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.376021] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.376736] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.377449] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.378170] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.379140] [ 142.379547] irq event stamp: 0 [ 142.379900] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.380550] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.381394] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.382232] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.382901] ---[ end trace 0000000000000000 ]--- [ 142.386220] ------------[ cut here ]------------ [ 142.386836] WARNING: CPU: 1 PID: 1328 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.387881] Modules linked in: [ 142.388207] CPU: 1 PID: 1328 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.389078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.390458] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.391265] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.393108] RSP: 0018:ffff888014627bd0 EFLAGS: 00010246 [ 142.393641] RAX: 0000000000000000 RBX: ffff8880158328a8 RCX: 0000000000000000 [ 142.394351] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 142.395096] RBP: ffff888014627be8 R08: ffffed1002b06533 R09: ffffed1002b06533 [ 142.396051] R10: ffff888015832993 R11: ffffed1002b06532 R12: ffff888013b69400 [ 142.396958] R13: ffff8880158329e8 R14: ffff8880143be000 R15: 0000000000000000 [ 142.397684] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.398542] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.399139] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.399809] PKRU: 55555554 [ 142.400063] Call Trace: [ 142.400289] [ 142.400492] iommufd_access_destroy_object+0x65/0x170 [ 142.401024] iommufd_object_destroy_user+0x18e/0x220 [ 142.401613] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.402432] iommufd_access_destroy+0x43/0x70 [ 142.403142] iommufd_test_staccess_release+0x8d/0xd0 [ 142.403681] __fput+0x26d/0xa40 [ 142.404037] ____fput+0x1e/0x30 [ 142.404380] task_work_run+0x1a4/0x2d0 [ 142.404787] ? __pfx_task_work_run+0x10/0x10 [ 142.405247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.405751] ? switch_task_namespaces+0xa9/0xe0 [ 142.406241] do_exit+0xb17/0x2ef0 [ 142.406639] ? lock_acquire+0x427/0x4c0 [ 142.407060] ? __pfx_lock_release+0x10/0x10 [ 142.407525] ? __kasan_check_write+0x18/0x20 [ 142.407976] ? do_raw_spin_lock+0x132/0x2a0 [ 142.408419] ? __pfx_do_exit+0x10/0x10 [ 142.408908] ? debug_smp_processor_id+0x20/0x30 [ 142.409638] ? rcu_is_watching+0x19/0xb0 [ 142.410163] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.410670] ? trace_hardirqs_on+0x26/0x120 [ 142.411132] do_group_exit+0xe0/0x2b0 [ 142.411524] __x64_sys_exit_group+0x47/0x50 [ 142.411956] do_syscall_64+0x3b/0x90 [ 142.412343] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.412874] RIP: 0033:0x7f4b87518a4d [ 142.413251] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.413875] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.414807] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.415846] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.416614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.417363] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.418117] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.418911] [ 142.419175] irq event stamp: 0 [ 142.419497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.420139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.421196] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.422374] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.423053] ---[ end trace 0000000000000000 ]--- [ 142.423962] ------------[ cut here ]------------ [ 142.424442] WARNING: CPU: 1 PID: 1328 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.425468] Modules linked in: [ 142.425798] CPU: 1 PID: 1328 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.426906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.428230] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.428763] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.430644] RSP: 0018:ffff888014627b78 EFLAGS: 00010246 [ 142.431221] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.431984] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 142.433019] RBP: ffff888014627b98 R08: ffffed1002b0653e R09: ffffed1002b0653e [ 142.433748] R10: ffff8880158329ef R11: ffffed1002b0653d R12: ffff888015832a90 [ 142.434467] R13: ffff8880158328a8 R14: ffffffffffffffff R15: ffff888014627c60 [ 142.435245] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.436057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.436645] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.437409] PKRU: 55555554 [ 142.437794] Call Trace: [ 142.438205] [ 142.438540] iommufd_ioas_destroy+0x53/0x70 [ 142.438995] iommufd_fops_release+0x1f7/0x370 [ 142.439474] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.439988] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.440490] ? write_comp_data+0x2f/0x90 [ 142.440914] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.441420] __fput+0x26d/0xa40 [ 142.441774] ____fput+0x1e/0x30 [ 142.442118] task_work_run+0x1a4/0x2d0 [ 142.442650] ? __pfx_task_work_run+0x10/0x10 [ 142.443355] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.443859] ? switch_task_namespaces+0xa9/0xe0 [ 142.444346] do_exit+0xb17/0x2ef0 [ 142.444703] ? lock_acquire+0x427/0x4c0 [ 142.445121] ? __pfx_lock_release+0x10/0x10 [ 142.445564] ? __kasan_check_write+0x18/0x20 [ 142.446011] ? do_raw_spin_lock+0x132/0x2a0 [ 142.446443] ? __pfx_do_exit+0x10/0x10 [ 142.446879] ? debug_smp_processor_id+0x20/0x30 [ 142.447364] ? rcu_is_watching+0x19/0xb0 [ 142.447778] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.448286] ? trace_hardirqs_on+0x26/0x120 [ 142.448936] do_group_exit+0xe0/0x2b0 [ 142.449423] __x64_sys_exit_group+0x47/0x50 [ 142.449858] do_syscall_64+0x3b/0x90 [ 142.450245] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.450813] RIP: 0033:0x7f4b87518a4d [ 142.451203] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.451823] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.452589] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.453303] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.454307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.455161] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.455873] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.456593] [ 142.456827] irq event stamp: 0 [ 142.457141] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.457768] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.458721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.459889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.460523] ---[ end trace 0000000000000000 ]--- [ 142.466029] ------------[ cut here ]------------ [ 142.466643] WARNING: CPU: 1 PID: 1329 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.467679] Modules linked in: [ 142.468001] CPU: 1 PID: 1329 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.469079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.470643] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.471152] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.472875] RSP: 0018:ffff888015a8fbb8 EFLAGS: 00010246 [ 142.473367] RAX: 0000000000000000 RBX: ffff888010b7c8a8 RCX: 0000000000000000 [ 142.474021] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 142.474934] RBP: ffff888015a8fbd0 R08: ffffed100216f933 R09: ffffed100216f933 [ 142.475613] R10: ffff888010b7c993 R11: ffffed100216f932 R12: ffff88800fcb0800 [ 142.476274] R13: ffff888010b7c9e8 R14: ffffffff8352e670 R15: ffff888015a8fe68 [ 142.476934] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.477675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.478213] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 142.479051] PKRU: 55555554 [ 142.479368] Call Trace: [ 142.479609] [ 142.479819] __iommufd_access_detach+0x1c2/0x2b0 [ 142.480281] iommufd_access_change_pt+0x149/0x270 [ 142.480740] iommufd_access_replace+0xb4/0x120 [ 142.481175] iommufd_test+0x3e5/0x37e0 [ 142.481537] ? lock_release+0x532/0x770 [ 142.481917] ? __might_fault+0x102/0x1b0 [ 142.482302] ? lock_acquire+0x427/0x4c0 [ 142.482710] ? __pfx_iommufd_test+0x10/0x10 [ 142.483120] ? __pfx_lock_release+0x10/0x10 [ 142.483531] ? __pfx_lock_acquire+0x10/0x10 [ 142.484047] ? write_comp_data+0x2f/0x90 [ 142.484606] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.485072] ? write_comp_data+0x2f/0x90 [ 142.485465] iommufd_fops_ioctl+0x37d/0x510 [ 142.485875] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.486335] ? write_comp_data+0x2f/0x90 [ 142.486751] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.487222] __x64_sys_ioctl+0x1a3/0x230 [ 142.487615] do_syscall_64+0x3b/0x90 [ 142.487970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.488457] RIP: 0033:0x7f4b8743ee5d [ 142.488937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.490747] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.491452] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.492099] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.492808] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.493604] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.494251] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.494936] [ 142.495159] irq event stamp: 0 [ 142.495449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.496022] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.496784] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.497839] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.498420] ---[ end trace 0000000000000000 ]--- [ 142.501616] ------------[ cut here ]------------ [ 142.502055] WARNING: CPU: 1 PID: 1329 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.502958] Modules linked in: [ 142.503251] CPU: 1 PID: 1329 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.504002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.505061] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.505579] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.507181] RSP: 0018:ffff888015a8fbd0 EFLAGS: 00010246 [ 142.507645] RAX: 0000000000000000 RBX: ffff888010b7c8a8 RCX: 0000000000000000 [ 142.508258] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 142.509024] RBP: ffff888015a8fbe8 R08: ffffed100216f933 R09: ffffed100216f933 [ 142.509640] R10: ffff888010b7c993 R11: ffffed100216f932 R12: ffff888015c73800 [ 142.510253] R13: ffff888010b7c9e8 R14: ffff888013f45e00 R15: 0000000000000000 [ 142.510906] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.511609] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.512110] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 142.512844] PKRU: 55555554 [ 142.513105] Call Trace: [ 142.513329] [ 142.513523] iommufd_access_destroy_object+0x65/0x170 [ 142.513978] iommufd_object_destroy_user+0x18e/0x220 [ 142.514424] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.514959] iommufd_access_destroy+0x43/0x70 [ 142.515372] iommufd_test_staccess_release+0x8d/0xd0 [ 142.515825] __fput+0x26d/0xa40 [ 142.516131] ____fput+0x1e/0x30 [ 142.516430] task_work_run+0x1a4/0x2d0 [ 142.516792] ? __pfx_task_work_run+0x10/0x10 [ 142.517356] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.517788] ? switch_task_namespaces+0xa9/0xe0 [ 142.518200] do_exit+0xb17/0x2ef0 [ 142.518500] ? lock_acquire+0x427/0x4c0 [ 142.518882] ? __pfx_lock_release+0x10/0x10 [ 142.519276] ? __kasan_check_write+0x18/0x20 [ 142.519659] ? do_raw_spin_lock+0x132/0x2a0 [ 142.520036] ? __pfx_do_exit+0x10/0x10 [ 142.520383] ? debug_smp_processor_id+0x20/0x30 [ 142.520802] ? rcu_is_watching+0x19/0xb0 [ 142.521313] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.521711] ? trace_hardirqs_on+0x26/0x120 [ 142.522088] do_group_exit+0xe0/0x2b0 [ 142.522420] __x64_sys_exit_group+0x47/0x50 [ 142.522812] do_syscall_64+0x3b/0x90 [ 142.523156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.523615] RIP: 0033:0x7f4b87518a4d [ 142.523935] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.524465] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.525252] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.525869] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.526480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.527135] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.527764] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.528385] [ 142.528625] irq event stamp: 0 [ 142.529035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.529597] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.530319] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.531080] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.531643] ---[ end trace 0000000000000000 ]--- [ 142.532443] ------------[ cut here ]------------ [ 142.532955] WARNING: CPU: 1 PID: 1329 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.534008] Modules linked in: [ 142.534331] CPU: 1 PID: 1329 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.535153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.536135] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.536769] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.538292] RSP: 0018:ffff888015a8fb78 EFLAGS: 00010246 [ 142.538816] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.539403] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 142.540035] RBP: ffff888015a8fb98 R08: ffffed100216f93e R09: ffffed100216f93e [ 142.540785] R10: ffff888010b7c9ef R11: ffffed100216f93d R12: ffff888010b7ca90 [ 142.541376] R13: ffff888010b7c8a8 R14: ffffffffffffffff R15: ffff888015a8fc60 [ 142.541992] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.542674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.543202] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 142.543888] PKRU: 55555554 [ 142.544200] Call Trace: [ 142.544411] [ 142.544599] iommufd_ioas_destroy+0x53/0x70 [ 142.544983] iommufd_fops_release+0x1f7/0x370 [ 142.545378] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.545790] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.546229] ? write_comp_data+0x2f/0x90 [ 142.546604] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.547022] __fput+0x26d/0xa40 [ 142.547358] ____fput+0x1e/0x30 [ 142.547745] task_work_run+0x1a4/0x2d0 [ 142.548076] ? __pfx_task_work_run+0x10/0x10 [ 142.548483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.548888] ? switch_task_namespaces+0xa9/0xe0 [ 142.549310] do_exit+0xb17/0x2ef0 [ 142.549626] ? lock_acquire+0x427/0x4c0 [ 142.549963] ? __pfx_lock_release+0x10/0x10 [ 142.550394] ? __kasan_check_write+0x18/0x20 [ 142.550877] ? do_raw_spin_lock+0x132/0x2a0 [ 142.551247] ? __pfx_do_exit+0x10/0x10 [ 142.551613] ? debug_smp_processor_id+0x20/0x30 [ 142.552015] ? rcu_is_watching+0x19/0xb0 [ 142.552350] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.552772] ? trace_hardirqs_on+0x26/0x120 [ 142.553137] do_group_exit+0xe0/0x2b0 [ 142.553456] __x64_sys_exit_group+0x47/0x50 [ 142.553861] do_syscall_64+0x3b/0x90 [ 142.554402] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.554957] RIP: 0033:0x7f4b87518a4d [ 142.555302] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.555898] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.556699] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.557360] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.558232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.558875] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.559474] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.560066] [ 142.560259] irq event stamp: 0 [ 142.560519] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.561068] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.561910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.562614] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.563135] ---[ end trace 0000000000000000 ]--- [ 142.567837] ------------[ cut here ]------------ [ 142.568330] WARNING: CPU: 1 PID: 1330 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.569224] Modules linked in: [ 142.569490] CPU: 1 PID: 1330 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.570199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.571201] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.571615] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.573232] RSP: 0018:ffff888014627bb8 EFLAGS: 00010246 [ 142.573680] RAX: 0000000000000000 RBX: ffff88800b9f80a8 RCX: 0000000000000000 [ 142.574254] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 142.574890] RBP: ffff888014627bd0 R08: ffffed100173f033 R09: ffffed100173f033 [ 142.575578] R10: ffff88800b9f8193 R11: ffffed100173f032 R12: ffff88800a725c00 [ 142.576159] R13: ffff88800b9f81e8 R14: ffffffff8352e670 R15: ffff888014627e68 [ 142.576738] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.577394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.577875] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 142.578563] PKRU: 55555554 [ 142.578853] Call Trace: [ 142.579064] [ 142.579260] __iommufd_access_detach+0x1c2/0x2b0 [ 142.579669] iommufd_access_change_pt+0x149/0x270 [ 142.580076] iommufd_access_replace+0xb4/0x120 [ 142.580465] iommufd_test+0x3e5/0x37e0 [ 142.580785] ? lock_release+0x532/0x770 [ 142.581123] ? __might_fault+0x102/0x1b0 [ 142.581463] ? lock_acquire+0x427/0x4c0 [ 142.581802] ? __pfx_iommufd_test+0x10/0x10 [ 142.582265] ? __pfx_lock_release+0x10/0x10 [ 142.582664] ? __pfx_lock_acquire+0x10/0x10 [ 142.583038] ? write_comp_data+0x2f/0x90 [ 142.583394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.583801] ? write_comp_data+0x2f/0x90 [ 142.584144] iommufd_fops_ioctl+0x37d/0x510 [ 142.584508] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.584915] ? write_comp_data+0x2f/0x90 [ 142.585261] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.585750] __x64_sys_ioctl+0x1a3/0x230 [ 142.586154] do_syscall_64+0x3b/0x90 [ 142.586477] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.586942] RIP: 0033:0x7f4b8743ee5d [ 142.587268] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.588759] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.589459] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.590116] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.590734] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.591337] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.591937] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.592531] [ 142.592766] irq event stamp: 0 [ 142.593112] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.593625] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.594312] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.595022] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.595551] ---[ end trace 0000000000000000 ]--- [ 142.598630] ------------[ cut here ]------------ [ 142.599054] WARNING: CPU: 1 PID: 1330 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.599911] Modules linked in: [ 142.600213] CPU: 1 PID: 1330 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.601012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.601931] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.602343] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.604014] RSP: 0018:ffff888014627bd0 EFLAGS: 00010246 [ 142.604459] RAX: 0000000000000000 RBX: ffff88800b9f80a8 RCX: 0000000000000000 [ 142.605040] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 142.605618] RBP: ffff888014627be8 R08: ffffed100173f033 R09: ffffed100173f033 [ 142.606202] R10: ffff88800b9f8193 R11: ffffed100173f032 R12: ffff88800fcb1000 [ 142.606839] R13: ffff88800b9f81e8 R14: ffff8880178f2900 R15: 0000000000000000 [ 142.607497] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.608153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.608626] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 142.609207] PKRU: 55555554 [ 142.609442] Call Trace: [ 142.609655] [ 142.609843] iommufd_access_destroy_object+0x65/0x170 [ 142.610369] iommufd_object_destroy_user+0x18e/0x220 [ 142.610872] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.611369] iommufd_access_destroy+0x43/0x70 [ 142.611752] iommufd_test_staccess_release+0x8d/0xd0 [ 142.612178] __fput+0x26d/0xa40 [ 142.612466] ____fput+0x1e/0x30 [ 142.612748] task_work_run+0x1a4/0x2d0 [ 142.613077] ? __pfx_task_work_run+0x10/0x10 [ 142.613445] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.613895] ? switch_task_namespaces+0xa9/0xe0 [ 142.614385] do_exit+0xb17/0x2ef0 [ 142.614695] ? lock_acquire+0x427/0x4c0 [ 142.615033] ? __pfx_lock_release+0x10/0x10 [ 142.615403] ? __kasan_check_write+0x18/0x20 [ 142.615777] ? do_raw_spin_lock+0x132/0x2a0 [ 142.616137] ? __pfx_do_exit+0x10/0x10 [ 142.616470] ? debug_smp_processor_id+0x20/0x30 [ 142.616857] ? rcu_is_watching+0x19/0xb0 [ 142.617200] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.617675] ? trace_hardirqs_on+0x26/0x120 [ 142.618089] do_group_exit+0xe0/0x2b0 [ 142.618413] __x64_sys_exit_group+0x47/0x50 [ 142.618806] do_syscall_64+0x3b/0x90 [ 142.619136] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.619577] RIP: 0033:0x7f4b87518a4d [ 142.619887] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.620392] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.621011] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.621725] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.622323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.622940] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.623541] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.624134] [ 142.624327] irq event stamp: 0 [ 142.624588] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.625117] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.625902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.626614] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.627146] ---[ end trace 0000000000000000 ]--- [ 142.627898] ------------[ cut here ]------------ [ 142.628290] WARNING: CPU: 1 PID: 1330 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.629265] Modules linked in: [ 142.629544] CPU: 1 PID: 1330 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.630259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.631227] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.631663] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.633291] RSP: 0018:ffff888014627b78 EFLAGS: 00010246 [ 142.633730] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.634312] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 142.634933] RBP: ffff888014627b98 R08: ffffed100173f03e R09: ffffed100173f03e [ 142.635545] R10: ffff88800b9f81ef R11: ffffed100173f03d R12: ffff88800b9f8290 [ 142.636241] R13: ffff88800b9f80a8 R14: ffffffffffffffff R15: ffff888014627c60 [ 142.636830] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.637489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.637966] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 142.638587] PKRU: 55555554 [ 142.638826] Call Trace: [ 142.639038] [ 142.639235] iommufd_ioas_destroy+0x53/0x70 [ 142.639715] iommufd_fops_release+0x1f7/0x370 [ 142.640108] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.640530] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.640937] ? write_comp_data+0x2f/0x90 [ 142.641288] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.641709] __fput+0x26d/0xa40 [ 142.642003] ____fput+0x1e/0x30 [ 142.642294] task_work_run+0x1a4/0x2d0 [ 142.642779] ? __pfx_task_work_run+0x10/0x10 [ 142.643177] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.643588] ? switch_task_namespaces+0xa9/0xe0 [ 142.643988] do_exit+0xb17/0x2ef0 [ 142.644285] ? lock_acquire+0x427/0x4c0 [ 142.644635] ? __pfx_lock_release+0x10/0x10 [ 142.645002] ? __kasan_check_write+0x18/0x20 [ 142.645376] ? do_raw_spin_lock+0x132/0x2a0 [ 142.645737] ? __pfx_do_exit+0x10/0x10 [ 142.646070] ? debug_smp_processor_id+0x20/0x30 [ 142.646608] ? rcu_is_watching+0x19/0xb0 [ 142.646953] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.647345] ? trace_hardirqs_on+0x26/0x120 [ 142.647712] do_group_exit+0xe0/0x2b0 [ 142.648028] __x64_sys_exit_group+0x47/0x50 [ 142.648386] do_syscall_64+0x3b/0x90 [ 142.648705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.649140] RIP: 0033:0x7f4b87518a4d [ 142.649447] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.650037] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.650740] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.651340] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.651925] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.652512] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.653101] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.653822] [ 142.654020] irq event stamp: 0 [ 142.654285] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.654848] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.655563] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.656256] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.656779] ---[ end trace 0000000000000000 ]--- [ 142.661514] ------------[ cut here ]------------ [ 142.661940] WARNING: CPU: 1 PID: 1331 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.662860] Modules linked in: [ 142.663141] CPU: 1 PID: 1331 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.663886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.664895] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.665309] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.666807] RSP: 0018:ffff888015a8fbb8 EFLAGS: 00010246 [ 142.667371] RAX: 0000000000000000 RBX: ffff88801587e8a8 RCX: 0000000000000000 [ 142.667967] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 142.668550] RBP: ffff888015a8fbd0 R08: ffffed1002b0fd33 R09: ffffed1002b0fd33 [ 142.669129] R10: ffff88801587e993 R11: ffffed1002b0fd32 R12: ffff88801422d400 [ 142.669710] R13: ffff88801587e9e8 R14: ffffffff8352e670 R15: ffff888015a8fe68 [ 142.670326] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.671088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.671569] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 142.672152] PKRU: 55555554 [ 142.672391] Call Trace: [ 142.672606] [ 142.672792] __iommufd_access_detach+0x1c2/0x2b0 [ 142.673197] iommufd_access_change_pt+0x149/0x270 [ 142.673604] iommufd_access_replace+0xb4/0x120 [ 142.674112] iommufd_test+0x3e5/0x37e0 [ 142.674451] ? lock_release+0x532/0x770 [ 142.674817] ? __might_fault+0x102/0x1b0 [ 142.675173] ? lock_acquire+0x427/0x4c0 [ 142.675514] ? __pfx_iommufd_test+0x10/0x10 [ 142.675873] ? __pfx_lock_release+0x10/0x10 [ 142.676234] ? __pfx_lock_acquire+0x10/0x10 [ 142.676607] ? write_comp_data+0x2f/0x90 [ 142.676951] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.677357] ? write_comp_data+0x2f/0x90 [ 142.677811] iommufd_fops_ioctl+0x37d/0x510 [ 142.678178] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.678620] ? write_comp_data+0x2f/0x90 [ 142.678968] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.679382] __x64_sys_ioctl+0x1a3/0x230 [ 142.679730] do_syscall_64+0x3b/0x90 [ 142.680050] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.680485] RIP: 0033:0x7f4b8743ee5d [ 142.680795] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.682410] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.683071] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.683668] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.684250] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.684919] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.685558] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.686148] [ 142.686344] irq event stamp: 0 [ 142.686638] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.687170] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.687856] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.688692] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.689213] ---[ end trace 0000000000000000 ]--- [ 142.692322] ------------[ cut here ]------------ [ 142.692781] WARNING: CPU: 1 PID: 1331 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.693624] Modules linked in: [ 142.693893] CPU: 1 PID: 1331 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.694636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.695620] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.696080] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.697567] RSP: 0018:ffff888015a8fbd0 EFLAGS: 00010246 [ 142.698003] RAX: 0000000000000000 RBX: ffff88801587e8a8 RCX: 0000000000000000 [ 142.698696] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 142.699323] RBP: ffff888015a8fbe8 R08: ffffed1002b0fd33 R09: ffffed1002b0fd33 [ 142.699907] R10: ffff88801587e993 R11: ffffed1002b0fd32 R12: ffff88800a724c00 [ 142.700487] R13: ffff88801587e9e8 R14: ffff8880149bed00 R15: 0000000000000000 [ 142.701069] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.701725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.702339] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 142.702941] PKRU: 55555554 [ 142.703186] Call Trace: [ 142.703399] [ 142.703587] iommufd_access_destroy_object+0x65/0x170 [ 142.704015] iommufd_object_destroy_user+0x18e/0x220 [ 142.704438] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.704916] iommufd_access_destroy+0x43/0x70 [ 142.705302] iommufd_test_staccess_release+0x8d/0xd0 [ 142.705873] __fput+0x26d/0xa40 [ 142.706164] ____fput+0x1e/0x30 [ 142.706448] task_work_run+0x1a4/0x2d0 [ 142.706809] ? __pfx_task_work_run+0x10/0x10 [ 142.707194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.707604] ? switch_task_namespaces+0xa9/0xe0 [ 142.707998] do_exit+0xb17/0x2ef0 [ 142.708286] ? lock_acquire+0x427/0x4c0 [ 142.708625] ? __pfx_lock_release+0x10/0x10 [ 142.708992] ? __kasan_check_write+0x18/0x20 [ 142.709448] ? do_raw_spin_lock+0x132/0x2a0 [ 142.709858] ? __pfx_do_exit+0x10/0x10 [ 142.710189] ? debug_smp_processor_id+0x20/0x30 [ 142.710612] ? rcu_is_watching+0x19/0xb0 [ 142.710959] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.711349] ? trace_hardirqs_on+0x26/0x120 [ 142.711713] do_group_exit+0xe0/0x2b0 [ 142.712031] __x64_sys_exit_group+0x47/0x50 [ 142.712391] do_syscall_64+0x3b/0x90 [ 142.712709] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.713279] RIP: 0033:0x7f4b87518a4d [ 142.713591] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.714092] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.714757] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.715356] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.715939] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.716522] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.717237] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.717832] [ 142.718027] irq event stamp: 0 [ 142.718291] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.718844] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.719538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.720221] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.720864] ---[ end trace 0000000000000000 ]--- [ 142.721615] ------------[ cut here ]------------ [ 142.722007] WARNING: CPU: 1 PID: 1331 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.722890] Modules linked in: [ 142.723180] CPU: 1 PID: 1331 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.723954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.724972] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.725401] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.726943] RSP: 0018:ffff888015a8fb78 EFLAGS: 00010246 [ 142.727503] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.728090] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 142.728669] RBP: ffff888015a8fb98 R08: ffffed1002b0fd3e R09: ffffed1002b0fd3e [ 142.729249] R10: ffff88801587e9ef R11: ffffed1002b0fd3d R12: ffff88801587ea90 [ 142.729831] R13: ffff88801587e8a8 R14: ffffffffffffffff R15: ffff888015a8fc60 [ 142.730489] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.731214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.731691] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 142.732287] PKRU: 55555554 [ 142.732524] Call Trace: [ 142.732735] [ 142.732924] iommufd_ioas_destroy+0x53/0x70 [ 142.733288] iommufd_fops_release+0x1f7/0x370 [ 142.733680] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.734208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.734651] ? write_comp_data+0x2f/0x90 [ 142.734998] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.735427] __fput+0x26d/0xa40 [ 142.735715] ____fput+0x1e/0x30 [ 142.735996] task_work_run+0x1a4/0x2d0 [ 142.736333] ? __pfx_task_work_run+0x10/0x10 [ 142.736707] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.737116] ? switch_task_namespaces+0xa9/0xe0 [ 142.737562] do_exit+0xb17/0x2ef0 [ 142.737927] ? lock_acquire+0x427/0x4c0 [ 142.738266] ? __pfx_lock_release+0x10/0x10 [ 142.738655] ? __kasan_check_write+0x18/0x20 [ 142.739022] ? do_raw_spin_lock+0x132/0x2a0 [ 142.739385] ? __pfx_do_exit+0x10/0x10 [ 142.739720] ? debug_smp_processor_id+0x20/0x30 [ 142.740118] ? rcu_is_watching+0x19/0xb0 [ 142.740460] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.740843] ? trace_hardirqs_on+0x26/0x120 [ 142.741249] do_group_exit+0xe0/0x2b0 [ 142.741658] __x64_sys_exit_group+0x47/0x50 [ 142.742014] do_syscall_64+0x3b/0x90 [ 142.742330] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.742792] RIP: 0033:0x7f4b87518a4d [ 142.743099] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.743612] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.744236] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.744823] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.745544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.746121] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.746721] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.747320] [ 142.747514] irq event stamp: 0 [ 142.747775] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.748374] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.749105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.749792] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.750430] ---[ end trace 0000000000000000 ]--- [ 142.755196] ------------[ cut here ]------------ [ 142.755622] WARNING: CPU: 1 PID: 1332 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.756594] Modules linked in: [ 142.756856] CPU: 1 PID: 1332 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.757570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.758644] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.759056] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.760687] RSP: 0018:ffff888014627bb8 EFLAGS: 00010246 [ 142.761128] RAX: 0000000000000000 RBX: ffff8880134930a8 RCX: 0000000000000000 [ 142.761713] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 142.762412] RBP: ffff888014627bd0 R08: ffffed1002692633 R09: ffffed1002692633 [ 142.763032] R10: ffff888013493193 R11: ffffed1002692632 R12: ffff88800f74c000 [ 142.763634] R13: ffff8880134931e8 R14: ffffffff8352e670 R15: ffff888014627e68 [ 142.764351] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.765007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.765480] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 142.766183] PKRU: 55555554 [ 142.766418] Call Trace: [ 142.766651] [ 142.766732] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 142.766841] __iommufd_access_detach+0x1c2/0x2b0 [ 142.768515] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 142.768870] iommufd_access_change_pt+0x149/0x270 [ 142.770396] iommufd_access_replace+0xb4/0x120 [ 142.770802] iommufd_test+0x3e5/0x37e0 [ 142.771136] ? lock_release+0x532/0x770 [ 142.771475] ? __might_fault+0x102/0x1b0 [ 142.771817] ? lock_acquire+0x427/0x4c0 [ 142.772152] ? __pfx_iommufd_test+0x10/0x10 [ 142.772504] ? __pfx_lock_release+0x10/0x10 [ 142.772867] ? __pfx_lock_acquire+0x10/0x10 [ 142.773230] ? write_comp_data+0x2f/0x90 [ 142.773574] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.773977] ? write_comp_data+0x2f/0x90 [ 142.774322] iommufd_fops_ioctl+0x37d/0x510 [ 142.774714] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.775135] ? write_comp_data+0x2f/0x90 [ 142.775486] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.775894] __x64_sys_ioctl+0x1a3/0x230 [ 142.776242] do_syscall_64+0x3b/0x90 [ 142.776560] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.776995] RIP: 0033:0x7f4b8743ee5d [ 142.777303] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.778815] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.779456] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.780062] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.780671] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.781282] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.781891] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.782533] [ 142.782739] irq event stamp: 0 [ 142.783009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.783568] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.784289] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.785001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.785536] ---[ end trace 0000000000000000 ]--- [ 142.788822] ------------[ cut here ]------------ [ 142.789279] WARNING: CPU: 1 PID: 1332 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.790166] Modules linked in: [ 142.790448] CPU: 1 PID: 1332 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.791261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.792233] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.792666] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.794240] RSP: 0018:ffff888014627bd0 EFLAGS: 00010246 [ 142.794737] RAX: 0000000000000000 RBX: ffff8880134930a8 RCX: 0000000000000000 [ 142.795367] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 142.796005] RBP: ffff888014627be8 R08: ffffed1002692633 R09: ffffed1002692633 [ 142.796629] R10: ffff888013493193 R11: ffffed1002692632 R12: ffff88801422d800 [ 142.797243] R13: ffff8880134931e8 R14: ffff8880143beb00 R15: 0000000000000000 [ 142.797856] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.798574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.799082] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 142.799717] PKRU: 55555554 [ 142.799966] Call Trace: [ 142.800188] [ 142.800387] iommufd_access_destroy_object+0x65/0x170 [ 142.800843] iommufd_object_destroy_user+0x18e/0x220 [ 142.801287] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.801794] iommufd_access_destroy+0x43/0x70 [ 142.802204] iommufd_test_staccess_release+0x8d/0xd0 [ 142.802719] __fput+0x26d/0xa40 [ 142.803028] ____fput+0x1e/0x30 [ 142.803339] task_work_run+0x1a4/0x2d0 [ 142.803694] ? __pfx_task_work_run+0x10/0x10 [ 142.804087] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.804520] ? switch_task_namespaces+0xa9/0xe0 [ 142.804939] do_exit+0xb17/0x2ef0 [ 142.805244] ? lock_acquire+0x427/0x4c0 [ 142.805597] ? __pfx_lock_release+0x10/0x10 [ 142.805993] ? __kasan_check_write+0x18/0x20 [ 142.806381] ? do_raw_spin_lock+0x132/0x2a0 [ 142.806795] ? __pfx_do_exit+0x10/0x10 [ 142.807161] ? debug_smp_processor_id+0x20/0x30 [ 142.807580] ? rcu_is_watching+0x19/0xb0 [ 142.807949] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.808451] ? trace_hardirqs_on+0x26/0x120 [ 142.808937] do_group_exit+0xe0/0x2b0 [ 142.809293] __x64_sys_exit_group+0x47/0x50 [ 142.809667] do_syscall_64+0x3b/0x90 [ 142.810004] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.810534] RIP: 0033:0x7f4b87518a4d [ 142.810936] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.811485] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.812145] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.812761] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.813529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.814147] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.814784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.815506] [ 142.815761] irq event stamp: 0 [ 142.816034] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.816583] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.817328] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.818152] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.818725] ---[ end trace 0000000000000000 ]--- [ 142.819557] ------------[ cut here ]------------ [ 142.820119] WARNING: CPU: 1 PID: 1332 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.821008] Modules linked in: [ 142.821316] CPU: 1 PID: 1332 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.822236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.823272] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.823722] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.825432] RSP: 0018:ffff888014627b78 EFLAGS: 00010246 [ 142.825892] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.826548] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 142.827293] RBP: ffff888014627b98 R08: ffffed100269263e R09: ffffed100269263e [ 142.827918] R10: ffff8880134931ef R11: ffffed100269263d R12: ffff888013493290 [ 142.828536] R13: ffff8880134930a8 R14: ffffffffffffffff R15: ffff888014627c60 [ 142.829299] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.829996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.830537] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 142.831186] PKRU: 55555554 [ 142.831438] Call Trace: [ 142.831756] [ 142.832005] iommufd_ioas_destroy+0x53/0x70 [ 142.832390] iommufd_fops_release+0x1f7/0x370 [ 142.832798] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.833248] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.833769] ? write_comp_data+0x2f/0x90 [ 142.834188] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.834654] __fput+0x26d/0xa40 [ 142.834963] ____fput+0x1e/0x30 [ 142.835276] task_work_run+0x1a4/0x2d0 [ 142.835630] ? __pfx_task_work_run+0x10/0x10 [ 142.836061] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.836585] ? switch_task_namespaces+0xa9/0xe0 [ 142.837013] do_exit+0xb17/0x2ef0 [ 142.837323] ? lock_acquire+0x427/0x4c0 [ 142.837683] ? __pfx_lock_release+0x10/0x10 [ 142.838066] ? __kasan_check_write+0x18/0x20 [ 142.838485] ? do_raw_spin_lock+0x132/0x2a0 [ 142.838913] ? __pfx_do_exit+0x10/0x10 [ 142.839290] ? debug_smp_processor_id+0x20/0x30 [ 142.839728] ? rcu_is_watching+0x19/0xb0 [ 142.840102] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.840539] ? trace_hardirqs_on+0x26/0x120 [ 142.840942] do_group_exit+0xe0/0x2b0 [ 142.841292] __x64_sys_exit_group+0x47/0x50 [ 142.841688] do_syscall_64+0x3b/0x90 [ 142.842039] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.842550] RIP: 0033:0x7f4b87518a4d [ 142.842896] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.843468] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.844160] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.844821] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.845480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.846129] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.846804] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.847472] [ 142.847688] irq event stamp: 0 [ 142.847978] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.848559] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.849338] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.850098] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.850701] ---[ end trace 0000000000000000 ]--- [ 142.855937] ------------[ cut here ]------------ [ 142.856416] WARNING: CPU: 1 PID: 1334 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.857563] Modules linked in: [ 142.857859] CPU: 1 PID: 1334 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.858848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.859976] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.860507] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.862168] RSP: 0018:ffff8880134bfbb8 EFLAGS: 00010246 [ 142.862680] RAX: 0000000000000000 RBX: ffff88801840e8a8 RCX: 0000000000000000 [ 142.863336] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 142.863982] RBP: ffff8880134bfbd0 R08: ffffed1003081d33 R09: ffffed1003081d33 [ 142.864659] R10: ffff88801840e993 R11: ffffed1003081d32 R12: ffff888013b6b000 [ 142.865304] R13: ffff88801840e9e8 R14: ffffffff8352e670 R15: ffff8880134bfe68 [ 142.865954] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.866714] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.867262] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 142.867881] PKRU: 55555554 [ 142.868129] Call Trace: [ 142.868352] [ 142.868553] __iommufd_access_detach+0x1c2/0x2b0 [ 142.868982] iommufd_access_change_pt+0x149/0x270 [ 142.869427] iommufd_access_replace+0xb4/0x120 [ 142.869836] iommufd_test+0x3e5/0x37e0 [ 142.870173] ? lock_release+0x532/0x770 [ 142.870550] ? __might_fault+0x102/0x1b0 [ 142.870915] ? lock_acquire+0x427/0x4c0 [ 142.871277] ? __pfx_iommufd_test+0x10/0x10 [ 142.871651] ? __pfx_lock_release+0x10/0x10 [ 142.872034] ? __pfx_lock_acquire+0x10/0x10 [ 142.872422] ? write_comp_data+0x2f/0x90 [ 142.872788] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.873216] ? write_comp_data+0x2f/0x90 [ 142.873581] iommufd_fops_ioctl+0x37d/0x510 [ 142.873959] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.874383] ? write_comp_data+0x2f/0x90 [ 142.874770] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.875212] __x64_sys_ioctl+0x1a3/0x230 [ 142.875580] do_syscall_64+0x3b/0x90 [ 142.875919] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.876379] RIP: 0033:0x7f4b8743ee5d [ 142.876705] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.878283] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.878984] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.879619] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.880235] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.880857] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.881469] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.882091] [ 142.882299] irq event stamp: 0 [ 142.882599] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.883158] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.883886] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.884612] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.885159] ---[ end trace 0000000000000000 ]--- [ 142.888211] ------------[ cut here ]------------ [ 142.888655] WARNING: CPU: 1 PID: 1334 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.889533] Modules linked in: [ 142.889817] CPU: 1 PID: 1334 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.890609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.891598] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.892034] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.893604] RSP: 0018:ffff8880134bfbd0 EFLAGS: 00010246 [ 142.894072] RAX: 0000000000000000 RBX: ffff88801840e8a8 RCX: 0000000000000000 [ 142.894705] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 142.895330] RBP: ffff8880134bfbe8 R08: ffffed1003081d33 R09: ffffed1003081d33 [ 142.895939] R10: ffff88801840e993 R11: ffffed1003081d32 R12: ffff88800f74f000 [ 142.896545] R13: ffff88801840e9e8 R14: ffff888020985d00 R15: 0000000000000000 [ 142.897125] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.897779] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.898251] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.898865] PKRU: 55555554 [ 142.899100] Call Trace: [ 142.899321] [ 142.899510] iommufd_access_destroy_object+0x65/0x170 [ 142.899940] iommufd_object_destroy_user+0x18e/0x220 [ 142.900360] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.900839] iommufd_access_destroy+0x43/0x70 [ 142.901217] iommufd_test_staccess_release+0x8d/0xd0 [ 142.901644] __fput+0x26d/0xa40 [ 142.901929] ____fput+0x1e/0x30 [ 142.902210] task_work_run+0x1a4/0x2d0 [ 142.902560] ? __pfx_task_work_run+0x10/0x10 [ 142.902930] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.903346] ? switch_task_namespaces+0xa9/0xe0 [ 142.903738] do_exit+0xb17/0x2ef0 [ 142.904026] ? lock_acquire+0x427/0x4c0 [ 142.904365] ? __pfx_lock_release+0x10/0x10 [ 142.904726] ? __kasan_check_write+0x18/0x20 [ 142.905092] ? do_raw_spin_lock+0x132/0x2a0 [ 142.905453] ? __pfx_do_exit+0x10/0x10 [ 142.905783] ? debug_smp_processor_id+0x20/0x30 [ 142.906167] ? rcu_is_watching+0x19/0xb0 [ 142.906522] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.906906] ? trace_hardirqs_on+0x26/0x120 [ 142.907281] do_group_exit+0xe0/0x2b0 [ 142.907598] __x64_sys_exit_group+0x47/0x50 [ 142.907955] do_syscall_64+0x3b/0x90 [ 142.908270] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.908706] RIP: 0033:0x7f4b87518a4d [ 142.909020] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.909525] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.910146] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.910747] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.911336] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.911918] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.912502] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.913089] [ 142.913289] irq event stamp: 0 [ 142.913552] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.914065] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.914768] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.915461] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.915976] ---[ end trace 0000000000000000 ]--- [ 142.916694] ------------[ cut here ]------------ [ 142.917080] WARNING: CPU: 1 PID: 1334 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 142.917914] Modules linked in: [ 142.918179] CPU: 1 PID: 1334 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.918916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.919846] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 142.920269] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 142.921758] RSP: 0018:ffff8880134bfb78 EFLAGS: 00010246 [ 142.922197] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.922794] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 142.923387] RBP: ffff8880134bfb98 R08: ffffed1003081d3e R09: ffffed1003081d3e [ 142.923966] R10: ffff88801840e9ef R11: ffffed1003081d3d R12: ffff88801840ea90 [ 142.924569] R13: ffff88801840e8a8 R14: ffffffffffffffff R15: ffff8880134bfc60 [ 142.925164] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.925820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.926298] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.926911] PKRU: 55555554 [ 142.927155] Call Trace: [ 142.927373] [ 142.927563] iommufd_ioas_destroy+0x53/0x70 [ 142.927923] iommufd_fops_release+0x1f7/0x370 [ 142.928298] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.928712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.929128] ? write_comp_data+0x2f/0x90 [ 142.929474] ? __pfx_iommufd_fops_release+0x10/0x10 [ 142.929889] __fput+0x26d/0xa40 [ 142.930174] ____fput+0x1e/0x30 [ 142.930455] task_work_run+0x1a4/0x2d0 [ 142.930805] ? __pfx_task_work_run+0x10/0x10 [ 142.931188] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.931606] ? switch_task_namespaces+0xa9/0xe0 [ 142.932001] do_exit+0xb17/0x2ef0 [ 142.932291] ? lock_acquire+0x427/0x4c0 [ 142.932629] ? __pfx_lock_release+0x10/0x10 [ 142.932991] ? __kasan_check_write+0x18/0x20 [ 142.933355] ? do_raw_spin_lock+0x132/0x2a0 [ 142.933717] ? __pfx_do_exit+0x10/0x10 [ 142.934046] ? debug_smp_processor_id+0x20/0x30 [ 142.934429] ? rcu_is_watching+0x19/0xb0 [ 142.934788] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.935177] ? trace_hardirqs_on+0x26/0x120 [ 142.935541] do_group_exit+0xe0/0x2b0 [ 142.935857] __x64_sys_exit_group+0x47/0x50 [ 142.936211] do_syscall_64+0x3b/0x90 [ 142.936529] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.936966] RIP: 0033:0x7f4b87518a4d [ 142.937275] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.937776] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.938394] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.939002] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.939591] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.940171] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.940757] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.941328] [ 142.941513] irq event stamp: 0 [ 142.941769] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.942287] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.942971] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.943644] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.944145] ---[ end trace 0000000000000000 ]--- [ 142.948156] ------------[ cut here ]------------ [ 142.948571] WARNING: CPU: 1 PID: 1335 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.949370] Modules linked in: [ 142.949625] CPU: 1 PID: 1335 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.950312] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.951264] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.951656] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.953058] RSP: 0018:ffff8880244ffbb8 EFLAGS: 00010246 [ 142.953470] RAX: 0000000000000000 RBX: ffff88800e8e68a8 RCX: 0000000000000000 [ 142.954018] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 142.954587] RBP: ffff8880244ffbd0 R08: ffffed1001d1cd33 R09: ffffed1001d1cd33 [ 142.955148] R10: ffff88800e8e6993 R11: ffffed1001d1cd32 R12: ffff88801226c800 [ 142.955700] R13: ffff88800e8e69e8 R14: ffffffff8352e670 R15: ffff8880244ffe68 [ 142.956249] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.956871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.957319] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 142.957872] PKRU: 55555554 [ 142.958092] Call Trace: [ 142.958291] [ 142.958470] __iommufd_access_detach+0x1c2/0x2b0 [ 142.958869] iommufd_access_change_pt+0x149/0x270 [ 142.959274] iommufd_access_replace+0xb4/0x120 [ 142.959644] iommufd_test+0x3e5/0x37e0 [ 142.959949] ? lock_release+0x532/0x770 [ 142.960270] ? __might_fault+0x102/0x1b0 [ 142.960594] ? lock_acquire+0x427/0x4c0 [ 142.960916] ? __pfx_iommufd_test+0x10/0x10 [ 142.961252] ? __pfx_lock_release+0x10/0x10 [ 142.961599] ? __pfx_lock_acquire+0x10/0x10 [ 142.961944] ? write_comp_data+0x2f/0x90 [ 142.962271] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.962674] ? write_comp_data+0x2f/0x90 [ 142.963003] iommufd_fops_ioctl+0x37d/0x510 [ 142.963356] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.963743] ? write_comp_data+0x2f/0x90 [ 142.964074] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 142.964455] __x64_sys_ioctl+0x1a3/0x230 [ 142.964784] do_syscall_64+0x3b/0x90 [ 142.965085] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.965497] RIP: 0033:0x7f4b8743ee5d [ 142.965789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 142.967234] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 142.967830] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 142.968384] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 142.968938] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 142.969489] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 142.970041] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 142.970620] [ 142.970804] irq event stamp: 0 [ 142.971053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 142.971549] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 142.972200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 142.972851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.973359] ---[ end trace 0000000000000000 ]--- [ 142.976116] ------------[ cut here ]------------ [ 142.976511] WARNING: CPU: 1 PID: 1335 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 142.977298] Modules linked in: [ 142.977553] CPU: 1 PID: 1335 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 142.978230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 142.979143] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 142.979543] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 142.980955] RSP: 0018:ffff8880244ffbd0 EFLAGS: 00010246 [ 142.981369] RAX: 0000000000000000 RBX: ffff88800e8e68a8 RCX: 0000000000000000 [ 142.981922] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 142.982482] RBP: ffff8880244ffbe8 R08: ffffed1001d1cd33 R09: ffffed1001d1cd33 [ 142.983056] R10: ffff88800e8e6993 R11: ffffed1001d1cd32 R12: ffff888013b69c00 [ 142.983623] R13: ffff88800e8e69e8 R14: ffff8880178f2700 R15: 0000000000000000 [ 142.984176] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 142.984796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.985245] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 142.985797] PKRU: 55555554 [ 142.986018] Call Trace: [ 142.986218] [ 142.986396] iommufd_access_destroy_object+0x65/0x170 [ 142.986826] iommufd_object_destroy_user+0x18e/0x220 [ 142.987250] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 142.987714] iommufd_access_destroy+0x43/0x70 [ 142.988078] iommufd_test_staccess_release+0x8d/0xd0 [ 142.988482] __fput+0x26d/0xa40 [ 142.988754] ____fput+0x1e/0x30 [ 142.989021] task_work_run+0x1a4/0x2d0 [ 142.989331] ? __pfx_task_work_run+0x10/0x10 [ 142.989678] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 142.990070] ? switch_task_namespaces+0xa9/0xe0 [ 142.990443] do_exit+0xb17/0x2ef0 [ 142.990752] ? lock_acquire+0x427/0x4c0 [ 142.991077] ? __pfx_lock_release+0x10/0x10 [ 142.991438] ? __kasan_check_write+0x18/0x20 [ 142.991786] ? do_raw_spin_lock+0x132/0x2a0 [ 142.992124] ? __pfx_do_exit+0x10/0x10 [ 142.992441] ? debug_smp_processor_id+0x20/0x30 [ 142.992811] ? rcu_is_watching+0x19/0xb0 [ 142.993129] ? _raw_spin_unlock_irq+0x2b/0x60 [ 142.993487] ? trace_hardirqs_on+0x26/0x120 [ 142.993834] do_group_exit+0xe0/0x2b0 [ 142.994133] __x64_sys_exit_group+0x47/0x50 [ 142.994469] do_syscall_64+0x3b/0x90 [ 142.994788] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 142.995212] RIP: 0033:0x7f4b87518a4d [ 142.995509] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 142.995988] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 142.996581] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 142.997134] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 142.997685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 142.998233] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 142.998818] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 142.999389] [ 142.999573] irq event stamp: 0 [ 142.999825] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.000317] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.000967] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.001611] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.002096] ---[ end trace 0000000000000000 ]--- [ 143.002815] ------------[ cut here ]------------ [ 143.003196] WARNING: CPU: 1 PID: 1335 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.003985] Modules linked in: [ 143.004245] CPU: 1 PID: 1335 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.004925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.005796] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.006198] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.007838] RSP: 0018:ffff8880244ffb78 EFLAGS: 00010246 [ 143.008257] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.008812] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 143.009366] RBP: ffff8880244ffb98 R08: ffffed1001d1cd3e R09: ffffed1001d1cd3e [ 143.009917] R10: ffff88800e8e69ef R11: ffffed1001d1cd3d R12: ffff88800e8e6a90 [ 143.010470] R13: ffff88800e8e68a8 R14: ffffffffffffffff R15: ffff8880244ffc60 [ 143.011051] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.011692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.012140] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.012693] PKRU: 55555554 [ 143.012914] Call Trace: [ 143.013115] [ 143.013294] iommufd_ioas_destroy+0x53/0x70 [ 143.013640] iommufd_fops_release+0x1f7/0x370 [ 143.013997] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.014395] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.014801] ? write_comp_data+0x2f/0x90 [ 143.015150] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.015548] __fput+0x26d/0xa40 [ 143.015823] ____fput+0x1e/0x30 [ 143.016089] task_work_run+0x1a4/0x2d0 [ 143.016402] ? __pfx_task_work_run+0x10/0x10 [ 143.016756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.017143] ? switch_task_namespaces+0xa9/0xe0 [ 143.017518] do_exit+0xb17/0x2ef0 [ 143.017790] ? lock_acquire+0x427/0x4c0 [ 143.018109] ? __pfx_lock_release+0x10/0x10 [ 143.018452] ? __kasan_check_write+0x18/0x20 [ 143.018822] ? do_raw_spin_lock+0x132/0x2a0 [ 143.019193] ? __pfx_do_exit+0x10/0x10 [ 143.019514] ? debug_smp_processor_id+0x20/0x30 [ 143.019887] ? rcu_is_watching+0x19/0xb0 [ 143.020211] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.020582] ? trace_hardirqs_on+0x26/0x120 [ 143.021017] do_group_exit+0xe0/0x2b0 [ 143.021401] __x64_sys_exit_group+0x47/0x50 [ 143.021786] do_syscall_64+0x3b/0x90 [ 143.022093] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.022547] RIP: 0033:0x7f4b87518a4d [ 143.022860] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.023354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.023955] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.024511] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.025066] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.025630] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.026422] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.027008] [ 143.027263] irq event stamp: 0 [ 143.027620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.028113] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.028764] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.029489] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.030061] ---[ end trace 0000000000000000 ]--- [ 143.033934] ------------[ cut here ]------------ [ 143.034342] WARNING: CPU: 1 PID: 1336 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.035311] Modules linked in: [ 143.035564] CPU: 1 PID: 1336 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.036244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.037240] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.037633] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.039225] RSP: 0018:ffff8880134bfbb8 EFLAGS: 00010246 [ 143.039654] RAX: 0000000000000000 RBX: ffff888015c370a8 RCX: 0000000000000000 [ 143.040302] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 143.041004] RBP: ffff8880134bfbd0 R08: ffffed1002b86e33 R09: ffffed1002b86e33 [ 143.041588] R10: ffff888015c37193 R11: ffffed1002b86e32 R12: ffff88801351c800 [ 143.042334] R13: ffff888015c371e8 R14: ffffffff8352e670 R15: ffff8880134bfe68 [ 143.042940] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.043613] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.044166] CR2: 00007f4b877410e8 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 143.044837] PKRU: 55555554 [ 143.045070] Call Trace: [ 143.045281] [ 143.045468] __iommufd_access_detach+0x1c2/0x2b0 [ 143.046015] iommufd_access_change_pt+0x149/0x270 [ 143.046430] iommufd_access_replace+0xb4/0x120 [ 143.046903] iommufd_test+0x3e5/0x37e0 [ 143.047347] ? lock_release+0x532/0x770 [ 143.047812] ? __might_fault+0x102/0x1b0 [ 143.048247] ? lock_acquire+0x427/0x4c0 [ 143.048591] ? __pfx_iommufd_test+0x10/0x10 [ 143.049104] ? __pfx_lock_release+0x10/0x10 [ 143.049479] ? __pfx_lock_acquire+0x10/0x10 [ 143.049850] ? write_comp_data+0x2f/0x90 [ 143.050201] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.050654] ? write_comp_data+0x2f/0x90 [ 143.051107] iommufd_fops_ioctl+0x37d/0x510 [ 143.051488] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.051905] ? write_comp_data+0x2f/0x90 [ 143.052260] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.052739] __x64_sys_ioctl+0x1a3/0x230 [ 143.053149] do_syscall_64+0x3b/0x90 [ 143.053470] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.053909] RIP: 0033:0x7f4b8743ee5d [ 143.054222] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.055892] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.056671] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.057259] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.057842] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.058605] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.059222] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.059843] [ 143.060074] irq event stamp: 0 [ 143.060477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.061021] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.061751] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.062668] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.063240] ---[ end trace 0000000000000000 ]--- [ 143.068084] ------------[ cut here ]------------ [ 143.068643] WARNING: CPU: 1 PID: 1336 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.069525] Modules linked in: [ 143.069813] CPU: 1 PID: 1336 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.070806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.071815] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.072430] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.074044] RSP: 0018:ffff8880134bfbd0 EFLAGS: 00010246 [ 143.074680] RAX: 0000000000000000 RBX: ffff888015c370a8 RCX: 0000000000000000 [ 143.075321] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 143.075986] RBP: ffff8880134bfbe8 R08: ffffed1002b86e33 R09: ffffed1002b86e33 [ 143.076840] R10: ffff888015c37193 R11: ffffed1002b86e32 R12: ffff88801226f000 [ 143.077511] R13: ffff888015c371e8 R14: ffff888020980d00 R15: 0000000000000000 [ 143.078208] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.079151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.079704] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 143.080409] PKRU: 55555554 [ 143.080826] Call Trace: [ 143.081068] [ 143.081282] iommufd_access_destroy_object+0x65/0x170 [ 143.081772] iommufd_object_destroy_user+0x18e/0x220 [ 143.082251] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.083021] iommufd_access_destroy+0x43/0x70 [ 143.083474] iommufd_test_staccess_release+0x8d/0xd0 [ 143.083958] __fput+0x26d/0xa40 [ 143.084293] ____fput+0x1e/0x30 [ 143.084616] task_work_run+0x1a4/0x2d0 [ 143.085088] ? __pfx_task_work_run+0x10/0x10 [ 143.085587] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.086061] ? switch_task_namespaces+0xa9/0xe0 [ 143.086563] do_exit+0xb17/0x2ef0 [ 143.086919] ? lock_acquire+0x427/0x4c0 [ 143.087328] ? __pfx_lock_release+0x10/0x10 [ 143.087754] ? __kasan_check_write+0x18/0x20 [ 143.088206] ? do_raw_spin_lock+0x132/0x2a0 [ 143.088789] ? __pfx_do_exit+0x10/0x10 [ 143.089176] ? debug_smp_processor_id+0x20/0x30 [ 143.089625] ? rcu_is_watching+0x19/0xb0 [ 143.090029] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.090566] ? trace_hardirqs_on+0x26/0x120 [ 143.091097] do_group_exit+0xe0/0x2b0 [ 143.091481] __x64_sys_exit_group+0x47/0x50 [ 143.091892] do_syscall_64+0x3b/0x90 [ 143.092251] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.092755] RIP: 0033:0x7f4b87518a4d [ 143.093106] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.093889] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.094645] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.095326] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.096187] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.096858] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.097537] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.098418] [ 143.098679] irq event stamp: 0 [ 143.098981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.099598] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.100392] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.101517] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.102175] ---[ end trace 0000000000000000 ]--- [ 143.103461] ------------[ cut here ]------------ [ 143.104153] WARNING: CPU: 1 PID: 1336 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.105196] Modules linked in: [ 143.105528] CPU: 1 PID: 1336 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.106715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.107889] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.108431] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.110594] RSP: 0018:ffff8880134bfb78 EFLAGS: 00010246 [ 143.111156] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.112139] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 143.112874] RBP: ffff8880134bfb98 R08: ffffed1002b86e3e R09: ffffed1002b86e3e [ 143.113643] R10: ffff888015c371ef R11: ffffed1002b86e3d R12: ffff888015c37290 [ 143.114600] R13: ffff888015c370a8 R14: ffffffffffffffff R15: ffff8880134bfc60 [ 143.115357] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.116184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.117029] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 143.117768] PKRU: 55555554 [ 143.118074] Call Trace: [ 143.118347] [ 143.118653] iommufd_ioas_destroy+0x53/0x70 [ 143.119146] iommufd_fops_release+0x1f7/0x370 [ 143.119863] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.120383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.120901] ? write_comp_data+0x2f/0x90 [ 143.121328] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.121977] __fput+0x26d/0xa40 [ 143.122465] ____fput+0x1e/0x30 [ 143.122865] task_work_run+0x1a4/0x2d0 [ 143.123298] ? __pfx_task_work_run+0x10/0x10 [ 143.123758] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.124273] ? switch_task_namespaces+0xa9/0xe0 [ 143.124895] do_exit+0xb17/0x2ef0 [ 143.125387] ? lock_acquire+0x427/0x4c0 [ 143.125816] ? __pfx_lock_release+0x10/0x10 [ 143.126272] ? __kasan_check_write+0x18/0x20 [ 143.126790] ? do_raw_spin_lock+0x132/0x2a0 [ 143.127282] ? __pfx_do_exit+0x10/0x10 [ 143.127939] ? debug_smp_processor_id+0x20/0x30 [ 143.128434] ? rcu_is_watching+0x19/0xb0 [ 143.128857] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.129329] ? trace_hardirqs_on+0x26/0x120 [ 143.129837] do_group_exit+0xe0/0x2b0 [ 143.130433] __x64_sys_exit_group+0x47/0x50 [ 143.130984] do_syscall_64+0x3b/0x90 [ 143.131419] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.131980] RIP: 0033:0x7f4b87518a4d [ 143.132383] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.133296] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.134103] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.134889] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.135810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.136687] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.137444] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.138345] [ 143.138758] irq event stamp: 0 [ 143.139106] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.139790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.140690] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.141579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.142245] ---[ end trace 0000000000000000 ]--- [ 143.147273] ------------[ cut here ]------------ [ 143.147831] WARNING: CPU: 1 PID: 1337 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.148889] Modules linked in: [ 143.149224] CPU: 1 PID: 1337 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.150117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.151309] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.151827] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.153719] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 143.154282] RAX: 0000000000000000 RBX: ffff888023eb50a8 RCX: 0000000000000000 [ 143.155056] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 143.155821] RBP: ffff8880135e7bd0 R08: ffffed10047d6a33 R09: ffffed10047d6a33 [ 143.156563] R10: ffff888023eb5193 R11: ffffed10047d6a32 R12: ffff8880136d0c00 [ 143.157315] R13: ffff888023eb51e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 143.158072] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.159037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.159678] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 143.160441] PKRU: 55555554 [ 143.160744] Call Trace: [ 143.161016] [ 143.161256] __iommufd_access_detach+0x1c2/0x2b0 [ 143.161781] iommufd_access_change_pt+0x149/0x270 [ 143.162309] iommufd_access_replace+0xb4/0x120 [ 143.162840] iommufd_test+0x3e5/0x37e0 [ 143.163274] ? lock_release+0x532/0x770 [ 143.163705] ? __might_fault+0x102/0x1b0 [ 143.164134] ? lock_acquire+0x427/0x4c0 [ 143.164563] ? __pfx_iommufd_test+0x10/0x10 [ 143.165020] ? __pfx_lock_release+0x10/0x10 [ 143.165478] ? __pfx_lock_acquire+0x10/0x10 [ 143.165942] ? write_comp_data+0x2f/0x90 [ 143.166377] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.166931] ? write_comp_data+0x2f/0x90 [ 143.167392] iommufd_fops_ioctl+0x37d/0x510 [ 143.167868] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.168394] ? write_comp_data+0x2f/0x90 [ 143.168829] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.169348] __x64_sys_ioctl+0x1a3/0x230 [ 143.169800] do_syscall_64+0x3b/0x90 [ 143.170208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.170780] RIP: 0033:0x7f4b8743ee5d [ 143.171184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.173071] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.173861] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.174615] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.175366] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.176103] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.176821] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.177546] [ 143.177788] irq event stamp: 0 [ 143.178112] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.178790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.179706] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.180569] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.181220] ---[ end trace 0000000000000000 ]--- [ 143.184478] ------------[ cut here ]------------ [ 143.185002] WARNING: CPU: 1 PID: 1337 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.186035] Modules linked in: [ 143.186364] CPU: 1 PID: 1337 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.187326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.188515] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.189029] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.190938] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 143.191528] RAX: 0000000000000000 RBX: ffff888023eb50a8 RCX: 0000000000000000 [ 143.192272] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 143.193028] RBP: ffff8880135e7be8 R08: ffffed10047d6a33 R09: ffffed10047d6a33 [ 143.193757] R10: ffff888023eb5193 R11: ffffed10047d6a32 R12: ffff88801351ec00 [ 143.194479] R13: ffff888023eb51e8 R14: ffff888020e11500 R15: 0000000000000000 [ 143.195252] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.196077] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.196673] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.197400] PKRU: 55555554 [ 143.197697] Call Trace: [ 143.197960] [ 143.198195] iommufd_access_destroy_object+0x65/0x170 [ 143.198759] iommufd_object_destroy_user+0x18e/0x220 [ 143.199305] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.199907] iommufd_access_destroy+0x43/0x70 [ 143.200371] iommufd_test_staccess_release+0x8d/0xd0 [ 143.200901] __fput+0x26d/0xa40 [ 143.201251] ____fput+0x1e/0x30 [ 143.201592] task_work_run+0x1a4/0x2d0 [ 143.202001] ? __pfx_task_work_run+0x10/0x10 [ 143.202461] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.202994] ? switch_task_namespaces+0xa9/0xe0 [ 143.203502] do_exit+0xb17/0x2ef0 [ 143.203870] ? lock_acquire+0x427/0x4c0 [ 143.204293] ? __pfx_lock_release+0x10/0x10 [ 143.204738] ? __kasan_check_write+0x18/0x20 [ 143.205190] ? do_raw_spin_lock+0x132/0x2a0 [ 143.205628] ? __pfx_do_exit+0x10/0x10 [ 143.206032] ? debug_smp_processor_id+0x20/0x30 [ 143.206541] ? rcu_is_watching+0x19/0xb0 [ 143.206960] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.207423] ? trace_hardirqs_on+0x26/0x120 [ 143.207845] do_group_exit+0xe0/0x2b0 [ 143.208215] __x64_sys_exit_group+0x47/0x50 [ 143.208628] do_syscall_64+0x3b/0x90 [ 143.208994] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.209493] RIP: 0033:0x7f4b87518a4d [ 143.209848] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.210425] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.211184] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.211866] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.212535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.213202] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.213871] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.214584] [ 143.214818] irq event stamp: 0 [ 143.215141] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.215753] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.216562] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.217354] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.217943] ---[ end trace 0000000000000000 ]--- [ 143.218832] ------------[ cut here ]------------ [ 143.219309] WARNING: CPU: 1 PID: 1337 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.220284] Modules linked in: [ 143.220595] CPU: 1 PID: 1337 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.221428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.222478] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.223006] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.224746] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 143.225261] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.225928] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 143.226651] RBP: ffff8880135e7b98 R08: ffffed10047d6a3e R09: ffffed10047d6a3e [ 143.227352] R10: ffff888023eb51ef R11: ffffed10047d6a3d R12: ffff888023eb5290 [ 143.228020] R13: ffff888023eb50a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 143.228714] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.229471] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.230031] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.230747] PKRU: 55555554 [ 143.231023] Call Trace: [ 143.231288] [ 143.231504] iommufd_ioas_destroy+0x53/0x70 [ 143.231925] iommufd_fops_release+0x1f7/0x370 [ 143.232353] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.232837] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.233312] ? write_comp_data+0x2f/0x90 [ 143.233718] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.234202] __fput+0x26d/0xa40 [ 143.234573] ____fput+0x1e/0x30 [ 143.234915] task_work_run+0x1a4/0x2d0 [ 143.235325] ? __pfx_task_work_run+0x10/0x10 [ 143.235750] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.236222] ? switch_task_namespaces+0xa9/0xe0 [ 143.236699] do_exit+0xb17/0x2ef0 [ 143.237039] ? lock_acquire+0x427/0x4c0 [ 143.237426] ? __pfx_lock_release+0x10/0x10 [ 143.237849] ? __kasan_check_write+0x18/0x20 [ 143.238274] ? do_raw_spin_lock+0x132/0x2a0 [ 143.238716] ? __pfx_do_exit+0x10/0x10 [ 143.239095] ? debug_smp_processor_id+0x20/0x30 [ 143.239576] ? rcu_is_watching+0x19/0xb0 [ 143.239975] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.240422] ? trace_hardirqs_on+0x26/0x120 [ 143.240851] do_group_exit+0xe0/0x2b0 [ 143.241241] __x64_sys_exit_group+0x47/0x50 [ 143.241656] do_syscall_64+0x3b/0x90 [ 143.242033] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.242583] RIP: 0033:0x7f4b87518a4d [ 143.242951] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.243556] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.244283] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.244972] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.245645] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.246333] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.247034] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.247731] [ 143.247954] irq event stamp: 0 [ 143.248249] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.248855] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.249659] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.250442] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.251063] ---[ end trace 0000000000000000 ]--- [ 143.256458] ------------[ cut here ]------------ [ 143.256958] WARNING: CPU: 1 PID: 1338 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.257905] Modules linked in: [ 143.258212] CPU: 1 PID: 1338 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.259132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.260227] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.260701] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.262406] RSP: 0018:ffff888020cafbb8 EFLAGS: 00010246 [ 143.262951] RAX: 0000000000000000 RBX: ffff888023ead8a8 RCX: 0000000000000000 [ 143.263659] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 143.264351] RBP: ffff888020cafbd0 R08: ffffed10047d5b33 R09: ffffed10047d5b33 [ 143.265075] R10: ffff888023ead993 R11: ffffed10047d5b32 R12: ffff888021903c00 [ 143.265802] R13: ffff888023ead9e8 R14: ffffffff8352e670 R15: ffff888020cafe68 [ 143.266569] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.267421] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.268019] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 143.268744] PKRU: 55555554 [ 143.269034] Call Trace: [ 143.269298] [ 143.269531] __iommufd_access_detach+0x1c2/0x2b0 [ 143.270036] iommufd_access_change_pt+0x149/0x270 [ 143.270573] iommufd_access_replace+0xb4/0x120 [ 143.271076] iommufd_test+0x3e5/0x37e0 [ 143.271506] ? lock_release+0x532/0x770 [ 143.271945] ? __might_fault+0x102/0x1b0 [ 143.272378] ? lock_acquire+0x427/0x4c0 [ 143.272804] ? __pfx_iommufd_test+0x10/0x10 [ 143.273248] ? __pfx_lock_release+0x10/0x10 [ 143.273697] ? __pfx_lock_acquire+0x10/0x10 [ 143.274152] ? write_comp_data+0x2f/0x90 [ 143.274609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.275140] ? write_comp_data+0x2f/0x90 [ 143.275584] iommufd_fops_ioctl+0x37d/0x510 [ 143.276045] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.276562] ? write_comp_data+0x2f/0x90 [ 143.276999] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.277957] __x64_sys_ioctl+0x1a3/0x230 [ 143.278406] do_syscall_64+0x3b/0x90 [ 143.278874] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.279451] RIP: 0033:0x7f4b8743ee5d [ 143.279937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.282179] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.283273] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.284017] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.284751] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.285483] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.286461] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.287279] [ 143.287533] irq event stamp: 0 [ 143.287861] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.288559] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.289639] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.290542] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.291270] ---[ end trace 0000000000000000 ]--- [ 143.294752] ------------[ cut here ]------------ [ 143.295297] WARNING: CPU: 1 PID: 1338 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.296523] Modules linked in: [ 143.296857] CPU: 1 PID: 1338 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.297746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.299182] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.299704] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.301818] RSP: 0018:ffff888020cafbd0 EFLAGS: 00010246 [ 143.302376] RAX: 0000000000000000 RBX: ffff888023ead8a8 RCX: 0000000000000000 [ 143.303154] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 143.303904] RBP: ffff888020cafbe8 R08: ffffed10047d5b33 R09: ffffed10047d5b33 [ 143.304859] R10: ffff888023ead993 R11: ffffed10047d5b32 R12: ffff8880138b0000 [ 143.305595] R13: ffff888023ead9e8 R14: ffff88800faefc00 R15: 0000000000000000 [ 143.306329] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.307421] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.308021] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.308774] PKRU: 55555554 [ 143.309079] Call Trace: [ 143.309433] [ 143.309817] iommufd_access_destroy_object+0x65/0x170 [ 143.310374] iommufd_object_destroy_user+0x18e/0x220 [ 143.310963] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.311605] iommufd_access_destroy+0x43/0x70 [ 143.312095] iommufd_test_staccess_release+0x8d/0xd0 [ 143.312839] __fput+0x26d/0xa40 [ 143.313214] ____fput+0x1e/0x30 [ 143.313578] task_work_run+0x1a4/0x2d0 [ 143.313993] ? __pfx_task_work_run+0x10/0x10 [ 143.314466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.315274] ? switch_task_namespaces+0xa9/0xe0 [ 143.315791] do_exit+0xb17/0x2ef0 [ 143.316165] ? lock_acquire+0x427/0x4c0 [ 143.316607] ? __pfx_lock_release+0x10/0x10 [ 143.317082] ? __kasan_check_write+0x18/0x20 [ 143.317595] ? do_raw_spin_lock+0x132/0x2a0 [ 143.318247] ? __pfx_do_exit+0x10/0x10 [ 143.318708] ? debug_smp_processor_id+0x20/0x30 [ 143.319230] ? rcu_is_watching+0x19/0xb0 [ 143.319667] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.320145] ? trace_hardirqs_on+0x26/0x120 [ 143.320738] do_group_exit+0xe0/0x2b0 [ 143.321253] __x64_sys_exit_group+0x47/0x50 [ 143.321715] do_syscall_64+0x3b/0x90 [ 143.322119] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.322714] RIP: 0033:0x7f4b87518a4d [ 143.323127] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.324019] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.324816] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.325570] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.326552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.327300] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.328049] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.328993] [ 143.329246] irq event stamp: 0 [ 143.329576] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.330241] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.331284] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.332162] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.332814] ---[ end trace 0000000000000000 ]--- [ 143.333696] ------------[ cut here ]------------ [ 143.334283] WARNING: CPU: 1 PID: 1338 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.335395] Modules linked in: [ 143.335734] CPU: 1 PID: 1338 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.336852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.338024] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.338621] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.340766] RSP: 0018:ffff888020cafb78 EFLAGS: 00010246 [ 143.341352] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.342331] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 143.343126] RBP: ffff888020cafb98 R08: ffffed10047d5b3e R09: ffffed10047d5b3e [ 143.343878] R10: ffff888023ead9ef R11: ffffed10047d5b3d R12: ffff888023eada90 [ 143.344874] R13: ffff888023ead8a8 R14: ffffffffffffffff R15: ffff888020cafc60 [ 143.345628] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.346487] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.347162] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.348155] PKRU: 55555554 [ 143.348461] Call Trace: [ 143.348731] [ 143.348968] iommufd_ioas_destroy+0x53/0x70 [ 143.349437] iommufd_fops_release+0x1f7/0x370 [ 143.349920] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.350714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.351250] ? write_comp_data+0x2f/0x90 [ 143.351683] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.352207] __fput+0x26d/0xa40 [ 143.352569] ____fput+0x1e/0x30 [ 143.352967] task_work_run+0x1a4/0x2d0 [ 143.353561] ? __pfx_task_work_run+0x10/0x10 [ 143.354035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.354584] ? switch_task_namespaces+0xa9/0xe0 [ 143.355079] do_exit+0xb17/0x2ef0 [ 143.355456] ? lock_acquire+0x427/0x4c0 [ 143.355959] ? __pfx_lock_release+0x10/0x10 [ 143.356528] ? __kasan_check_write+0x18/0x20 [ 143.356985] ? do_raw_spin_lock+0x132/0x2a0 [ 143.357431] ? __pfx_do_exit+0x10/0x10 [ 143.357841] ? debug_smp_processor_id+0x20/0x30 [ 143.358557] ? rcu_is_watching+0x19/0xb0 [ 143.358989] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.359510] ? trace_hardirqs_on+0x26/0x120 [ 143.359965] do_group_exit+0xe0/0x2b0 [ 143.360357] __x64_sys_exit_group+0x47/0x50 [ 143.360803] do_syscall_64+0x3b/0x90 [ 143.361281] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.361938] RIP: 0033:0x7f4b87518a4d [ 143.362324] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.362990] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.363779] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.364715] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.365459] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.366186] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.367206] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.367943] [ 143.368183] irq event stamp: 0 [ 143.368508] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.369147] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.369991] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.370861] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.371514] ---[ end trace 0000000000000000 ]--- [ 143.376687] ------------[ cut here ]------------ [ 143.377223] WARNING: CPU: 1 PID: 1339 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.378238] Modules linked in: [ 143.378797] CPU: 1 PID: 1339 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.379710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.380858] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.381356] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.383093] RSP: 0018:ffff888014797bb8 EFLAGS: 00010246 [ 143.383610] RAX: 0000000000000000 RBX: ffff88801609a8a8 RCX: 0000000000000000 [ 143.384273] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 143.384944] RBP: ffff888014797bd0 R08: ffffed1002c13533 R09: ffffed1002c13533 [ 143.385615] R10: ffff88801609a993 R11: ffffed1002c13532 R12: ffff8880129c4000 [ 143.386278] R13: ffff88801609a9e8 R14: ffffffff8352e670 R15: ffff888014797e68 [ 143.386963] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.387724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.388270] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 143.388937] PKRU: 55555554 [ 143.389208] Call Trace: [ 143.389454] [ 143.389672] __iommufd_access_detach+0x1c2/0x2b0 [ 143.390138] iommufd_access_change_pt+0x149/0x270 [ 143.390635] iommufd_access_replace+0xb4/0x120 [ 143.391077] iommufd_test+0x3e5/0x37e0 [ 143.391473] ? lock_release+0x532/0x770 [ 143.391860] ? __might_fault+0x102/0x1b0 [ 143.392252] ? lock_acquire+0x427/0x4c0 [ 143.392646] ? __pfx_iommufd_test+0x10/0x10 [ 143.393054] ? __pfx_lock_release+0x10/0x10 [ 143.393469] ? __pfx_lock_acquire+0x10/0x10 [ 143.393887] ? write_comp_data+0x2f/0x90 [ 143.394275] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.394763] ? write_comp_data+0x2f/0x90 [ 143.395173] iommufd_fops_ioctl+0x37d/0x510 [ 143.395586] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.396053] ? write_comp_data+0x2f/0x90 [ 143.396445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.396897] __x64_sys_ioctl+0x1a3/0x230 [ 143.397288] do_syscall_64+0x3b/0x90 [ 143.397645] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.398137] RIP: 0033:0x7f4b8743ee5d [ 143.398487] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.400232] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.400943] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.401604] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.402258] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.402942] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.403622] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.404285] [ 143.404500] irq event stamp: 0 [ 143.404787] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.405367] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.406130] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.406917] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.407514] ---[ end trace 0000000000000000 ]--- [ 143.410567] ------------[ cut here ]------------ [ 143.411031] WARNING: CPU: 1 PID: 1339 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.411965] Modules linked in: [ 143.412259] CPU: 1 PID: 1339 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.413051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.414071] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.414559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.416134] RSP: 0018:ffff888014797bd0 EFLAGS: 00010246 [ 143.416591] RAX: 0000000000000000 RBX: ffff88801609a8a8 RCX: 0000000000000000 [ 143.417202] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 143.417815] RBP: ffff888014797be8 R08: ffffed1002c13533 R09: ffffed1002c13533 [ 143.418425] R10: ffff88801609a993 R11: ffffed1002c13532 R12: ffff888021901400 [ 143.419066] R13: ffff88801609a9e8 R14: ffff88800b591f00 R15: 0000000000000000 [ 143.419696] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.420389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.420889] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.421500] PKRU: 55555554 [ 143.421746] Call Trace: [ 143.421966] [ 143.422161] iommufd_access_destroy_object+0x65/0x170 [ 143.422637] iommufd_object_destroy_user+0x18e/0x220 [ 143.423085] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.423603] iommufd_access_destroy+0x43/0x70 [ 143.424005] iommufd_test_staccess_release+0x8d/0xd0 [ 143.424459] __fput+0x26d/0xa40 [ 143.424762] ____fput+0x1e/0x30 [ 143.425058] task_work_run+0x1a4/0x2d0 [ 143.425402] ? __pfx_task_work_run+0x10/0x10 [ 143.425788] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.426211] ? switch_task_namespaces+0xa9/0xe0 [ 143.426644] do_exit+0xb17/0x2ef0 [ 143.426948] ? lock_acquire+0x427/0x4c0 [ 143.427315] ? __pfx_lock_release+0x10/0x10 [ 143.427698] ? __kasan_check_write+0x18/0x20 [ 143.428087] ? do_raw_spin_lock+0x132/0x2a0 [ 143.428466] ? __pfx_do_exit+0x10/0x10 [ 143.428812] ? debug_smp_processor_id+0x20/0x30 [ 143.429220] ? rcu_is_watching+0x19/0xb0 [ 143.429577] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.429974] ? trace_hardirqs_on+0x26/0x120 [ 143.430353] do_group_exit+0xe0/0x2b0 [ 143.430710] __x64_sys_exit_group+0x47/0x50 [ 143.431085] do_syscall_64+0x3b/0x90 [ 143.431429] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.431890] RIP: 0033:0x7f4b87518a4d [ 143.432213] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.432743] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.433393] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.434003] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.434633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.435271] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.435880] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.436503] [ 143.436707] irq event stamp: 0 [ 143.436979] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.437519] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.438236] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.438972] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.439525] ---[ end trace 0000000000000000 ]--- [ 143.440278] ------------[ cut here ]------------ [ 143.440684] WARNING: CPU: 1 PID: 1339 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.441573] Modules linked in: [ 143.441854] CPU: 1 PID: 1339 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.442632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.443626] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.444069] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.445633] RSP: 0018:ffff888014797b78 EFLAGS: 00010246 [ 143.446093] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.446720] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 143.447343] RBP: ffff888014797b98 R08: ffffed1002c1353e R09: ffffed1002c1353e [ 143.447954] R10: ffff88801609a9ef R11: ffffed1002c1353d R12: ffff88801609aa90 [ 143.448564] R13: ffff88801609a8a8 R14: ffffffffffffffff R15: ffff888014797c60 [ 143.449173] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.449862] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.450363] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.450962] PKRU: 55555554 [ 143.451203] Call Trace: [ 143.451415] [ 143.451602] iommufd_ioas_destroy+0x53/0x70 [ 143.451962] iommufd_fops_release+0x1f7/0x370 [ 143.452336] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.452746] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.453147] ? write_comp_data+0x2f/0x90 [ 143.453491] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.453902] __fput+0x26d/0xa40 [ 143.454184] ____fput+0x1e/0x30 [ 143.454463] task_work_run+0x1a4/0x2d0 [ 143.454805] ? __pfx_task_work_run+0x10/0x10 [ 143.455182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.455589] ? switch_task_namespaces+0xa9/0xe0 [ 143.455981] do_exit+0xb17/0x2ef0 [ 143.456266] ? lock_acquire+0x427/0x4c0 [ 143.456606] ? __pfx_lock_release+0x10/0x10 [ 143.456964] ? __kasan_check_write+0x18/0x20 [ 143.457327] ? do_raw_spin_lock+0x132/0x2a0 [ 143.457680] ? __pfx_do_exit+0x10/0x10 [ 143.458008] ? debug_smp_processor_id+0x20/0x30 [ 143.458393] ? rcu_is_watching+0x19/0xb0 [ 143.458754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.459140] ? trace_hardirqs_on+0x26/0x120 [ 143.459502] do_group_exit+0xe0/0x2b0 [ 143.459818] __x64_sys_exit_group+0x47/0x50 [ 143.460172] do_syscall_64+0x3b/0x90 [ 143.460486] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.460913] RIP: 0033:0x7f4b87518a4d [ 143.461217] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.461718] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.462334] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.462930] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.463515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.464087] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.464662] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.465244] [ 143.465436] irq event stamp: 0 [ 143.465695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.466206] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.466898] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.467583] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.468092] ---[ end trace 0000000000000000 ]--- [ 143.472210] ------------[ cut here ]------------ [ 143.472624] WARNING: CPU: 1 PID: 1340 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.473443] Modules linked in: [ 143.473706] CPU: 1 PID: 1340 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.474411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.475511] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.475908] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.477331] RSP: 0018:ffff888024667bb8 EFLAGS: 00010246 [ 143.477748] RAX: 0000000000000000 RBX: ffff88800f3728a8 RCX: 0000000000000000 [ 143.478302] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 143.478878] RBP: ffff888024667bd0 R08: ffffed1001e6e533 R09: ffffed1001e6e533 [ 143.479449] R10: ffff88800f372993 R11: ffffed1001e6e532 R12: ffff888010e01000 [ 143.480010] R13: ffff88800f3729e8 R14: ffffffff8352e670 R15: ffff888024667e68 [ 143.480573] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.481206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.481660] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 143.482222] PKRU: 55555554 [ 143.482447] Call Trace: [ 143.482671] [ 143.482856] __iommufd_access_detach+0x1c2/0x2b0 [ 143.483258] iommufd_access_change_pt+0x149/0x270 [ 143.483652] iommufd_access_replace+0xb4/0x120 [ 143.484025] iommufd_test+0x3e5/0x37e0 [ 143.484333] ? lock_release+0x532/0x770 [ 143.484658] ? __might_fault+0x102/0x1b0 [ 143.484977] ? lock_acquire+0x427/0x4c0 [ 143.485295] ? __pfx_iommufd_test+0x10/0x10 [ 143.485630] ? __pfx_lock_release+0x10/0x10 [ 143.485973] ? __pfx_lock_acquire+0x10/0x10 [ 143.486317] ? write_comp_data+0x2f/0x90 [ 143.486656] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.487039] ? write_comp_data+0x2f/0x90 [ 143.487370] iommufd_fops_ioctl+0x37d/0x510 [ 143.487709] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.488091] ? write_comp_data+0x2f/0x90 [ 143.488416] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.488792] __x64_sys_ioctl+0x1a3/0x230 [ 143.489118] do_syscall_64+0x3b/0x90 [ 143.489420] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.489830] RIP: 0033:0x7f4b8743ee5d [ 143.490118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.491548] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.492142] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.492689] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.493236] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.493784] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.494332] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.494907] [ 143.495091] irq event stamp: 0 [ 143.495349] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.495833] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.496480] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.497118] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.497603] ---[ end trace 0000000000000000 ]--- [ 143.500404] ------------[ cut here ]------------ [ 143.500800] WARNING: CPU: 1 PID: 1340 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.501586] Modules linked in: [ 143.501835] CPU: 1 PID: 1340 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.502723] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.503598] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.503984] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.505382] RSP: 0018:ffff888024667bd0 EFLAGS: 00010246 [ 143.505795] RAX: 0000000000000000 RBX: ffff88800f3728a8 RCX: 0000000000000000 [ 143.506341] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 143.506906] RBP: ffff888024667be8 R08: ffffed1001e6e533 R09: ffffed1001e6e533 [ 143.507469] R10: ffff88800f372993 R11: ffffed1001e6e532 R12: ffff8880129c4400 [ 143.508020] R13: ffff88800f3729e8 R14: ffff888020982000 R15: 0000000000000000 [ 143.508576] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.509201] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.509657] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.510212] PKRU: 55555554 [ 143.510435] Call Trace: [ 143.510654] [ 143.510831] iommufd_access_destroy_object+0x65/0x170 [ 143.511249] iommufd_object_destroy_user+0x18e/0x220 [ 143.511653] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.512115] iommufd_access_destroy+0x43/0x70 [ 143.512481] iommufd_test_staccess_release+0x8d/0xd0 [ 143.512893] __fput+0x26d/0xa40 [ 143.513171] ____fput+0x1e/0x30 [ 143.513440] task_work_run+0x1a4/0x2d0 [ 143.513753] ? __pfx_task_work_run+0x10/0x10 [ 143.514101] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.514488] ? switch_task_namespaces+0xa9/0xe0 [ 143.514887] do_exit+0xb17/0x2ef0 [ 143.515169] ? lock_acquire+0x427/0x4c0 [ 143.515492] ? __pfx_lock_release+0x10/0x10 [ 143.515835] ? __kasan_check_write+0x18/0x20 [ 143.516182] ? do_raw_spin_lock+0x132/0x2a0 [ 143.516519] ? __pfx_do_exit+0x10/0x10 [ 143.516831] ? debug_smp_processor_id+0x20/0x30 [ 143.517225] ? rcu_is_watching+0x19/0xb0 [ 143.517548] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.517903] ? trace_hardirqs_on+0x26/0x120 [ 143.518245] do_group_exit+0xe0/0x2b0 [ 143.518575] __x64_sys_exit_group+0x47/0x50 [ 143.518915] do_syscall_64+0x3b/0x90 [ 143.519231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.519642] RIP: 0033:0x7f4b87518a4d [ 143.519933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.520407] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.520996] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.521541] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.522085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.522653] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.523212] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.523770] [ 143.523952] irq event stamp: 0 [ 143.524197] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.524684] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.525326] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.525967] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.526456] ---[ end trace 0000000000000000 ]--- [ 143.527165] ------------[ cut here ]------------ [ 143.527537] WARNING: CPU: 1 PID: 1340 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.528318] Modules linked in: [ 143.528567] CPU: 1 PID: 1340 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.529238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.530098] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.530494] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.531924] RSP: 0018:ffff888024667b78 EFLAGS: 00010246 [ 143.532334] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.532879] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 143.533425] RBP: ffff888024667b98 R08: ffffed1001e6e53e R09: ffffed1001e6e53e [ 143.533972] R10: ffff88800f3729ef R11: ffffed1001e6e53d R12: ffff88800f372a90 [ 143.534550] R13: ffff88800f3728a8 R14: ffffffffffffffff R15: ffff888024667c60 [ 143.535102] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.536147] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.536606] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.537159] PKRU: 55555554 [ 143.537379] Call Trace: [ 143.537583] [ 143.537794] iommufd_ioas_destroy+0x53/0x70 [ 143.538266] iommufd_fops_release+0x1f7/0x370 [ 143.538659] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.539053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.539459] ? write_comp_data+0x2f/0x90 [ 143.539939] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.540340] __fput+0x26d/0xa40 [ 143.540611] ____fput+0x1e/0x30 [ 143.540877] task_work_run+0x1a4/0x2d0 [ 143.541189] ? __pfx_task_work_run+0x10/0x10 [ 143.541609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.542058] ? switch_task_namespaces+0xa9/0xe0 [ 143.542432] do_exit+0xb17/0x2ef0 [ 143.542729] ? lock_acquire+0x427/0x4c0 [ 143.543046] ? __pfx_lock_release+0x10/0x10 [ 143.543397] ? __kasan_check_write+0x18/0x20 [ 143.543744] ? do_raw_spin_lock+0x132/0x2a0 [ 143.544155] ? __pfx_do_exit+0x10/0x10 [ 143.544503] ? debug_smp_processor_id+0x20/0x30 [ 143.544870] ? rcu_is_watching+0x19/0xb0 [ 143.545187] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.545547] ? trace_hardirqs_on+0x26/0x120 [ 143.545888] do_group_exit+0xe0/0x2b0 [ 143.546315] __x64_sys_exit_group+0x47/0x50 [ 143.546674] do_syscall_64+0x3b/0x90 [ 143.546974] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.547395] RIP: 0033:0x7f4b87518a4d [ 143.547685] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.548210] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.548864] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.549411] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.549989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.550670] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.551228] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.551785] [ 143.551969] irq event stamp: 0 [ 143.552284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.552839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.553492] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.554253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.554763] ---[ end trace 0000000000000000 ]--- [ 143.558557] ------------[ cut here ]------------ [ 143.559087] WARNING: CPU: 1 PID: 1341 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.559895] Modules linked in: [ 143.560145] CPU: 1 PID: 1341 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.560957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.561825] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.562214] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.563822] RSP: 0018:ffff888014797bb8 EFLAGS: 00010246 [ 143.564240] RAX: 0000000000000000 RBX: ffff888011e278a8 RCX: 0000000000000000 [ 143.564863] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 143.565476] RBP: ffff888014797bd0 R08: ffffed10023c4f33 R09: ffffed10023c4f33 [ 143.566027] R10: ffff888011e27993 R11: ffffed10023c4f32 R12: ffff888010c09800 [ 143.566668] R13: ffff888011e279e8 R14: ffffffff8352e670 R15: ffff888014797e68 [ 143.567299] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.567921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.568373] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 143.569062] PKRU: 55555554 [ 143.569285] Call Trace: [ 143.569487] [ 143.569663] __iommufd_access_detach+0x1c2/0x2b0 [ 143.570045] iommufd_access_change_pt+0x149/0x270 [ 143.570497] iommufd_access_replace+0xb4/0x120 [ 143.570950] iommufd_test+0x3e5/0x37e0 [ 143.571263] ? lock_release+0x532/0x770 [ 143.571589] ? __might_fault+0x102/0x1b0 [ 143.571923] ? lock_acquire+0x427/0x4c0 [ 143.572251] ? __pfx_iommufd_test+0x10/0x10 [ 143.572620] ? __pfx_lock_release+0x10/0x10 [ 143.573067] ? __pfx_lock_acquire+0x10/0x10 [ 143.573425] ? write_comp_data+0x2f/0x90 [ 143.573762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.574158] ? write_comp_data+0x2f/0x90 [ 143.574581] iommufd_fops_ioctl+0x37d/0x510 [ 143.574987] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.575408] ? write_comp_data+0x2f/0x90 [ 143.575755] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.576163] __x64_sys_ioctl+0x1a3/0x230 [ 143.576515] do_syscall_64+0x3b/0x90 [ 143.576903] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.577405] RIP: 0033:0x7f4b8743ee5d [ 143.577711] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.579375] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.580001] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.580583] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.581297] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.581882] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.582465] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.583234] [ 143.583430] irq event stamp: 0 [ 143.583690] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.584205] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.584909] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.585697] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.586212] ---[ end trace 0000000000000000 ]--- [ 143.589161] ------------[ cut here ]------------ [ 143.589571] WARNING: CPU: 1 PID: 1341 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.590399] Modules linked in: [ 143.590819] CPU: 1 PID: 1341 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.591544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.592481] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.592992] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.594650] RSP: 0018:ffff888014797bd0 EFLAGS: 00010246 [ 143.595097] RAX: 0000000000000000 RBX: ffff888011e278a8 RCX: 0000000000000000 [ 143.595685] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 143.596265] RBP: ffff888014797be8 R08: ffffed10023c4f33 R09: ffffed10023c4f33 [ 143.596978] R10: ffff888011e27993 R11: ffffed10023c4f32 R12: ffff888010e01400 [ 143.597559] R13: ffff888011e279e8 R14: ffff8880123ed700 R15: 0000000000000000 [ 143.598139] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.598945] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.599428] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 143.600013] PKRU: 55555554 [ 143.600248] Call Trace: [ 143.600466] [ 143.600681] iommufd_access_destroy_object+0x65/0x170 [ 143.601192] iommufd_object_destroy_user+0x18e/0x220 [ 143.601616] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.602101] iommufd_access_destroy+0x43/0x70 [ 143.602537] iommufd_test_staccess_release+0x8d/0xd0 [ 143.603019] __fput+0x26d/0xa40 [ 143.603322] ____fput+0x1e/0x30 [ 143.603606] task_work_run+0x1a4/0x2d0 [ 143.603937] ? __pfx_task_work_run+0x10/0x10 [ 143.604310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.604793] ? switch_task_namespaces+0xa9/0xe0 [ 143.605263] do_exit+0xb17/0x2ef0 [ 143.605554] ? lock_acquire+0x427/0x4c0 [ 143.605891] ? __pfx_lock_release+0x10/0x10 [ 143.606253] ? __kasan_check_write+0x18/0x20 [ 143.606722] ? do_raw_spin_lock+0x132/0x2a0 [ 143.607127] ? __pfx_do_exit+0x10/0x10 [ 143.607458] ? debug_smp_processor_id+0x20/0x30 [ 143.607848] ? rcu_is_watching+0x19/0xb0 [ 143.608186] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.608564] ? trace_hardirqs_on+0x26/0x120 [ 143.609000] do_group_exit+0xe0/0x2b0 [ 143.609364] __x64_sys_exit_group+0x47/0x50 [ 143.609719] do_syscall_64+0x3b/0x90 [ 143.610035] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.610466] RIP: 0033:0x7f4b87518a4d [ 143.610876] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.611451] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.612072] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.612659] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.613388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.613986] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.614591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.615206] [ 143.615500] irq event stamp: 0 [ 143.615762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.616274] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.616973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.617772] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.618289] ---[ end trace 0000000000000000 ]--- [ 143.619282] ------------[ cut here ]------------ [ 143.619744] WARNING: CPU: 1 PID: 1341 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.620611] Modules linked in: [ 143.620879] CPU: 1 PID: 1341 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.621724] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.622663] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.623091] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.624723] RSP: 0018:ffff888014797b78 EFLAGS: 00010246 [ 143.625159] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.625872] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 143.626450] RBP: ffff888014797b98 R08: ffffed10023c4f3e R09: ffffed10023c4f3e [ 143.627053] R10: ffff888011e279ef R11: ffffed10023c4f3d R12: ffff888011e27a90 [ 143.627733] R13: ffff888011e278a8 R14: ffffffffffffffff R15: ffff888014797c60 [ 143.628391] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.629050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.629598] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 143.630247] PKRU: 55555554 [ 143.630483] Call Trace: [ 143.630720] [ 143.630913] iommufd_ioas_destroy+0x53/0x70 [ 143.631298] iommufd_fops_release+0x1f7/0x370 [ 143.631709] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.632240] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.632649] ? write_comp_data+0x2f/0x90 [ 143.633000] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.633418] __fput+0x26d/0xa40 [ 143.633776] ____fput+0x1e/0x30 [ 143.634123] task_work_run+0x1a4/0x2d0 [ 143.634453] ? __pfx_task_work_run+0x10/0x10 [ 143.634849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.635271] ? switch_task_namespaces+0xa9/0xe0 [ 143.635666] do_exit+0xb17/0x2ef0 [ 143.635951] ? lock_acquire+0x427/0x4c0 [ 143.636285] ? __pfx_lock_release+0x10/0x10 [ 143.636652] ? __kasan_check_write+0x18/0x20 [ 143.637023] ? do_raw_spin_lock+0x132/0x2a0 [ 143.637380] ? __pfx_do_exit+0x10/0x10 [ 143.637708] ? debug_smp_processor_id+0x20/0x30 [ 143.638100] ? rcu_is_watching+0x19/0xb0 [ 143.638437] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.638838] ? trace_hardirqs_on+0x26/0x120 [ 143.639209] do_group_exit+0xe0/0x2b0 [ 143.639523] __x64_sys_exit_group+0x47/0x50 [ 143.639876] do_syscall_64+0x3b/0x90 [ 143.640193] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.640628] RIP: 0033:0x7f4b87518a4d [ 143.640934] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.641437] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.642064] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.642665] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.643254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.643835] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.644414] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.645005] [ 143.645199] irq event stamp: 0 [ 143.645459] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.645974] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.646674] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.647360] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.647873] ---[ end trace 0000000000000000 ]--- [ 143.652222] ------------[ cut here ]------------ [ 143.652649] WARNING: CPU: 1 PID: 1342 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.653471] Modules linked in: [ 143.653731] CPU: 1 PID: 1342 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.654438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.655383] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.655792] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.657304] RSP: 0018:ffff8880170ffbb8 EFLAGS: 00010246 [ 143.657737] RAX: 0000000000000000 RBX: ffff8880102950a8 RCX: 0000000000000000 [ 143.658312] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 143.658944] RBP: ffff8880170ffbd0 R08: ffffed1002052a33 R09: ffffed1002052a33 [ 143.659551] R10: ffff888010295193 R11: ffffed1002052a32 R12: ffff888014026000 [ 143.660130] R13: ffff8880102951e8 R14: ffffffff8352e670 R15: ffff8880170ffe68 [ 143.660708] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.661373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.661842] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 143.662423] PKRU: 55555554 [ 143.662674] Call Trace: [ 143.662886] [ 143.663071] __iommufd_access_detach+0x1c2/0x2b0 [ 143.663482] iommufd_access_change_pt+0x149/0x270 [ 143.663886] iommufd_access_replace+0xb4/0x120 [ 143.664271] iommufd_test+0x3e5/0x37e0 [ 143.664592] ? lock_release+0x532/0x770 [ 143.664926] ? __might_fault+0x102/0x1b0 [ 143.665265] ? lock_acquire+0x427/0x4c0 [ 143.665601] ? __pfx_iommufd_test+0x10/0x10 [ 143.665952] ? __pfx_lock_release+0x10/0x10 [ 143.666321] ? __pfx_lock_acquire+0x10/0x10 [ 143.666707] ? write_comp_data+0x2f/0x90 [ 143.667051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.667433] ? write_comp_data+0x2f/0x90 [ 143.667741] iommufd_fops_ioctl+0x37d/0x510 [ 143.668094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.668500] ? write_comp_data+0x2f/0x90 [ 143.668846] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.669252] __x64_sys_ioctl+0x1a3/0x230 [ 143.669598] do_syscall_64+0x3b/0x90 [ 143.669914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.670354] RIP: 0033:0x7f4b8743ee5d [ 143.670685] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.672202] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.672825] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.673402] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.673982] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.674582] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.675173] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.675758] [ 143.675950] irq event stamp: 0 [ 143.676209] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.676724] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.677401] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.678081] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.678621] ---[ end trace 0000000000000000 ]--- [ 143.681457] ------------[ cut here ]------------ [ 143.681871] WARNING: CPU: 1 PID: 1342 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.682731] Modules linked in: [ 143.682998] CPU: 1 PID: 1342 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.683725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.684639] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.685048] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.686550] RSP: 0018:ffff8880170ffbd0 EFLAGS: 00010246 [ 143.686992] RAX: 0000000000000000 RBX: ffff8880102950a8 RCX: 0000000000000000 [ 143.687590] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 143.688175] RBP: ffff8880170ffbe8 R08: ffffed1002052a33 R09: ffffed1002052a33 [ 143.688768] R10: ffff888010295193 R11: ffffed1002052a32 R12: ffff888010c09400 [ 143.689360] R13: ffff8880102951e8 R14: ffff888012b3f100 R15: 0000000000000000 [ 143.689942] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.690625] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.691099] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.691697] PKRU: 55555554 [ 143.691946] Call Trace: [ 143.692158] [ 143.692346] iommufd_access_destroy_object+0x65/0x170 [ 143.692775] iommufd_object_destroy_user+0x18e/0x220 [ 143.693198] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.693681] iommufd_access_destroy+0x43/0x70 [ 143.694059] iommufd_test_staccess_release+0x8d/0xd0 [ 143.694496] __fput+0x26d/0xa40 [ 143.694824] ____fput+0x1e/0x30 [ 143.695106] task_work_run+0x1a4/0x2d0 [ 143.695454] ? __pfx_task_work_run+0x10/0x10 [ 143.695822] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.696228] ? switch_task_namespaces+0xa9/0xe0 [ 143.696623] do_exit+0xb17/0x2ef0 [ 143.696917] ? lock_acquire+0x427/0x4c0 [ 143.697252] ? __pfx_lock_release+0x10/0x10 [ 143.697615] ? __kasan_check_write+0x18/0x20 [ 143.697982] ? do_raw_spin_lock+0x132/0x2a0 [ 143.698339] ? __pfx_do_exit+0x10/0x10 [ 143.698707] ? debug_smp_processor_id+0x20/0x30 [ 143.699097] ? rcu_is_watching+0x19/0xb0 [ 143.699444] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.699825] ? trace_hardirqs_on+0x26/0x120 [ 143.700193] do_group_exit+0xe0/0x2b0 [ 143.700510] __x64_sys_exit_group+0x47/0x50 [ 143.700869] do_syscall_64+0x3b/0x90 [ 143.701189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.701623] RIP: 0033:0x7f4b87518a4d [ 143.701934] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.702438] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.703087] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.703678] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.704260] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.704840] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.705435] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.706021] [ 143.706214] irq event stamp: 0 [ 143.706474] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.707015] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.707716] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.708416] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.708934] ---[ end trace 0000000000000000 ]--- [ 143.709654] ------------[ cut here ]------------ [ 143.710043] WARNING: CPU: 1 PID: 1342 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.710899] Modules linked in: [ 143.711177] CPU: 1 PID: 1342 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.711892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.712812] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.713240] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.714746] RSP: 0018:ffff8880170ffb78 EFLAGS: 00010246 [ 143.715191] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.715774] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 143.716355] RBP: ffff8880170ffb98 R08: ffffed1002052a3e R09: ffffed1002052a3e [ 143.716937] R10: ffff8880102951ef R11: ffffed1002052a3d R12: ffff888010295290 [ 143.717521] R13: ffff8880102950a8 R14: ffffffffffffffff R15: ffff8880170ffc60 [ 143.718109] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.718786] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.719272] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.719868] PKRU: 55555554 [ 143.720101] Call Trace: [ 143.720314] [ 143.720501] iommufd_ioas_destroy+0x53/0x70 [ 143.720862] iommufd_fops_release+0x1f7/0x370 [ 143.721237] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.721654] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.722063] ? write_comp_data+0x2f/0x90 [ 143.722409] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.722843] __fput+0x26d/0xa40 [ 143.723142] ____fput+0x1e/0x30 [ 143.723426] task_work_run+0x1a4/0x2d0 [ 143.723757] ? __pfx_task_work_run+0x10/0x10 [ 143.724126] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.724535] ? switch_task_namespaces+0xa9/0xe0 [ 143.724931] do_exit+0xb17/0x2ef0 [ 143.725222] ? lock_acquire+0x427/0x4c0 [ 143.725562] ? __pfx_lock_release+0x10/0x10 [ 143.725926] ? __kasan_check_write+0x18/0x20 [ 143.726303] ? do_raw_spin_lock+0x132/0x2a0 [ 143.726689] ? __pfx_do_exit+0x10/0x10 [ 143.727023] ? debug_smp_processor_id+0x20/0x30 [ 143.727418] ? rcu_is_watching+0x19/0xb0 [ 143.727759] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.728139] ? trace_hardirqs_on+0x26/0x120 [ 143.728502] do_group_exit+0xe0/0x2b0 [ 143.728822] __x64_sys_exit_group+0x47/0x50 [ 143.729184] do_syscall_64+0x3b/0x90 [ 143.729503] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.729937] RIP: 0033:0x7f4b87518a4d [ 143.730242] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.730776] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.731412] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.732007] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.732601] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.733187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.733772] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.734361] [ 143.734577] irq event stamp: 0 [ 143.734840] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.735366] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.736049] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.736720] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.737216] ---[ end trace 0000000000000000 ]--- [ 143.741030] ------------[ cut here ]------------ [ 143.741444] WARNING: CPU: 1 PID: 1343 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.742257] Modules linked in: [ 143.742550] CPU: 1 PID: 1343 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.743249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.744134] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.744529] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.745963] RSP: 0018:ffff888016dafbb8 EFLAGS: 00010246 [ 143.746387] RAX: 0000000000000000 RBX: ffff888011c518a8 RCX: 0000000000000000 [ 143.746967] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 143.747544] RBP: ffff888016dafbd0 R08: ffffed100238a333 R09: ffffed100238a333 [ 143.748114] R10: ffff888011c51993 R11: ffffed100238a332 R12: ffff88801420c400 [ 143.748676] R13: ffff888011c519e8 R14: ffffffff8352e670 R15: ffff888016dafe68 [ 143.749237] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.749868] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.750324] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 143.750895] PKRU: 55555554 [ 143.751127] Call Trace: [ 143.751330] [ 143.751510] __iommufd_access_detach+0x1c2/0x2b0 [ 143.751893] iommufd_access_change_pt+0x149/0x270 [ 143.752283] iommufd_access_replace+0xb4/0x120 [ 143.752655] iommufd_test+0x3e5/0x37e0 [ 143.752964] ? lock_release+0x532/0x770 [ 143.753288] ? __might_fault+0x102/0x1b0 [ 143.753614] ? lock_acquire+0x427/0x4c0 [ 143.753934] ? __pfx_iommufd_test+0x10/0x10 [ 143.754281] ? __pfx_lock_release+0x10/0x10 [ 143.754645] ? __pfx_lock_acquire+0x10/0x10 [ 143.754993] ? write_comp_data+0x2f/0x90 [ 143.755330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.755714] ? write_comp_data+0x2f/0x90 [ 143.756042] iommufd_fops_ioctl+0x37d/0x510 [ 143.756393] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.756781] ? write_comp_data+0x2f/0x90 [ 143.757108] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.757488] __x64_sys_ioctl+0x1a3/0x230 [ 143.757820] do_syscall_64+0x3b/0x90 [ 143.758123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.758564] RIP: 0033:0x7f4b8743ee5d [ 143.758860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.760314] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.760917] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.761476] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.762030] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.762608] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.763170] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.763734] [ 143.763917] irq event stamp: 0 [ 143.764164] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.764654] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.765302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.765950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.766439] ---[ end trace 0000000000000000 ]--- [ 143.769199] ------------[ cut here ]------------ [ 143.769596] WARNING: CPU: 1 PID: 1343 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.770389] Modules linked in: [ 143.770664] CPU: 1 PID: 1343 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.771354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.772233] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.772627] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.774045] RSP: 0018:ffff888016dafbd0 EFLAGS: 00010246 [ 143.774461] RAX: 0000000000000000 RBX: ffff888011c518a8 RCX: 0000000000000000 [ 143.775031] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 143.775600] RBP: ffff888016dafbe8 R08: ffffed100238a333 R09: ffffed100238a333 [ 143.776158] R10: ffff888011c51993 R11: ffffed100238a332 R12: ffff888014027800 [ 143.776717] R13: ffff888011c519e8 R14: ffff888011f19f00 R15: 0000000000000000 [ 143.777272] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.777902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.778356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.778936] PKRU: 55555554 [ 143.779169] Call Trace: [ 143.779372] [ 143.779553] iommufd_access_destroy_object+0x65/0x170 [ 143.779966] iommufd_object_destroy_user+0x18e/0x220 [ 143.780372] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.780834] iommufd_access_destroy+0x43/0x70 [ 143.781198] iommufd_test_staccess_release+0x8d/0xd0 [ 143.781605] __fput+0x26d/0xa40 [ 143.781878] ____fput+0x1e/0x30 [ 143.782146] task_work_run+0x1a4/0x2d0 [ 143.782465] ? __pfx_task_work_run+0x10/0x10 [ 143.782836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.783239] ? switch_task_namespaces+0xa9/0xe0 [ 143.783621] do_exit+0xb17/0x2ef0 [ 143.783900] ? lock_acquire+0x427/0x4c0 [ 143.784226] ? __pfx_lock_release+0x10/0x10 [ 143.784588] ? __kasan_check_write+0x18/0x20 [ 143.784939] ? do_raw_spin_lock+0x132/0x2a0 [ 143.785281] ? __pfx_do_exit+0x10/0x10 [ 143.785600] ? debug_smp_processor_id+0x20/0x30 [ 143.785971] ? rcu_is_watching+0x19/0xb0 [ 143.786293] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.786678] ? trace_hardirqs_on+0x26/0x120 [ 143.787032] do_group_exit+0xe0/0x2b0 [ 143.787349] __x64_sys_exit_group+0x47/0x50 [ 143.787694] do_syscall_64+0x3b/0x90 [ 143.787999] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.788418] RIP: 0033:0x7f4b87518a4d [ 143.788712] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.789194] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.789790] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.790345] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.790920] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.791494] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.792056] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.792629] [ 143.792814] irq event stamp: 0 [ 143.793063] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.793562] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.794220] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.794893] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.795408] ---[ end trace 0000000000000000 ]--- [ 143.796104] ------------[ cut here ]------------ [ 143.796553] WARNING: CPU: 1 PID: 1343 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.797436] Modules linked in: [ 143.797694] CPU: 1 PID: 1343 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.798418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.799412] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.799830] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.801385] RSP: 0018:ffff888016dafb78 EFLAGS: 00010246 [ 143.801816] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.802483] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 143.803077] RBP: ffff888016dafb98 R08: ffffed100238a33e R09: ffffed100238a33e [ 143.803649] R10: ffff888011c519ef R11: ffffed100238a33d R12: ffff888011c51a90 [ 143.804213] R13: ffff888011c518a8 R14: ffffffffffffffff R15: ffff888016dafc60 [ 143.804897] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 143.805536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.805992] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 143.806640] PKRU: 55555554 [ 143.806909] Call Trace: [ 143.807123] [ 143.807307] iommufd_ioas_destroy+0x53/0x70 [ 143.807660] iommufd_fops_release+0x1f7/0x370 [ 143.808023] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.808432] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.808909] ? write_comp_data+0x2f/0x90 [ 143.809244] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.809642] __fput+0x26d/0xa40 [ 143.809920] ____fput+0x1e/0x30 [ 143.810214] task_work_run+0x1a4/0x2d0 [ 143.810629] ? __pfx_task_work_run+0x10/0x10 [ 143.810985] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.811382] ? switch_task_namespaces+0xa9/0xe0 [ 143.811766] do_exit+0xb17/0x2ef0 [ 143.812044] ? lock_acquire+0x427/0x4c0 [ 143.812413] ? __pfx_lock_release+0x10/0x10 [ 143.812818] ? __kasan_check_write+0x18/0x20 [ 143.813173] ? do_raw_spin_lock+0x132/0x2a0 [ 143.813520] ? __pfx_do_exit+0x10/0x10 [ 143.813838] ? debug_smp_processor_id+0x20/0x30 [ 143.814268] ? rcu_is_watching+0x19/0xb0 [ 143.814639] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.815006] ? trace_hardirqs_on+0x26/0x120 [ 143.815363] do_group_exit+0xe0/0x2b0 [ 143.815668] __x64_sys_exit_group+0x47/0x50 [ 143.816011] do_syscall_64+0x3b/0x90 [ 143.816382] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.816836] RIP: 0033:0x7f4b87518a4d [ 143.817140] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.817639] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.818364] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.818994] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.819595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.820212] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.820875] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.821475] [ 143.821672] irq event stamp: 0 [ 143.821936] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.822593] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.823300] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.824000] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.824638] ---[ end trace 0000000000000000 ]--- [ 143.829411] ------------[ cut here ]------------ [ 143.829819] WARNING: CPU: 0 PID: 1344 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.830837] Modules linked in: [ 143.831102] CPU: 0 PID: 1344 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.831828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.832741] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.833150] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.834670] RSP: 0018:ffff88802448fbb8 EFLAGS: 00010246 [ 143.835121] RAX: 0000000000000000 RBX: ffff88800e8e18a8 RCX: 0000000000000000 [ 143.835702] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 143.836271] RBP: ffff88802448fbd0 R08: ffffed1001d1c333 R09: ffffed1001d1c333 [ 143.836848] R10: ffff88800e8e1993 R11: ffffed1001d1c332 R12: ffff88800f208400 [ 143.837489] R13: ffff88800e8e19e8 R14: ffffffff8352e670 R15: ffff88802448fe68 [ 143.838057] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 143.838714] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.839188] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 143.839759] PKRU: 55555554 [ 143.839987] Call Trace: [ 143.840194] [ 143.840377] __iommufd_access_detach+0x1c2/0x2b0 [ 143.840775] iommufd_access_change_pt+0x149/0x270 [ 143.841175] iommufd_access_replace+0xb4/0x120 [ 143.841554] iommufd_test+0x3e5/0x37e0 [ 143.841869] ? lock_release+0x532/0x770 [ 143.842202] ? __might_fault+0x102/0x1b0 [ 143.842559] ? lock_acquire+0x427/0x4c0 [ 143.842894] ? __pfx_iommufd_test+0x10/0x10 [ 143.843253] ? __pfx_lock_release+0x10/0x10 [ 143.843615] ? __pfx_lock_acquire+0x10/0x10 [ 143.843975] ? write_comp_data+0x2f/0x90 [ 143.844314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.844714] ? write_comp_data+0x2f/0x90 [ 143.845052] iommufd_fops_ioctl+0x37d/0x510 [ 143.845409] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.845809] ? write_comp_data+0x2f/0x90 [ 143.846155] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.846568] __x64_sys_ioctl+0x1a3/0x230 [ 143.846917] do_syscall_64+0x3b/0x90 [ 143.847243] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.847678] RIP: 0033:0x7f4b8743ee5d [ 143.847983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.849469] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.850084] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.850676] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.851260] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.851835] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.852410] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.852997] [ 143.853189] irq event stamp: 0 [ 143.853448] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.853956] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.854652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.855345] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.855865] ---[ end trace 0000000000000000 ]--- [ 143.859318] ------------[ cut here ]------------ [ 143.859714] WARNING: CPU: 0 PID: 1344 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.860550] Modules linked in: [ 143.860936] CPU: 0 PID: 1344 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.861642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.862754] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.863173] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.864639] RSP: 0018:ffff88802448fbd0 EFLAGS: 00010246 [ 143.865084] RAX: 0000000000000000 RBX: ffff88800e8e18a8 RCX: 0000000000000000 [ 143.865676] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 143.866274] RBP: ffff88802448fbe8 R08: ffffed1001d1c333 R09: ffffed1001d1c333 [ 143.866903] R10: ffff88800e8e1993 R11: ffffed1001d1c332 R12: ffff888012e94800 [ 143.867519] R13: ffff88800e8e19e8 R14: ffff888014588700 R15: 0000000000000000 [ 143.868123] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 143.868816] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.869384] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 143.869986] PKRU: 55555554 [ 143.870230] Call Trace: [ 143.870446] [ 143.870663] iommufd_access_destroy_object+0x65/0x170 [ 143.871109] iommufd_object_destroy_user+0x18e/0x220 [ 143.871554] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.872048] iommufd_access_destroy+0x43/0x70 [ 143.872435] iommufd_test_staccess_release+0x8d/0xd0 [ 143.872872] __fput+0x26d/0xa40 [ 143.873166] ____fput+0x1e/0x30 [ 143.873454] task_work_run+0x1a4/0x2d0 [ 143.873791] ? __pfx_task_work_run+0x10/0x10 [ 143.874225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.874664] ? switch_task_namespaces+0xa9/0xe0 [ 143.875073] do_exit+0xb17/0x2ef0 [ 143.875381] ? lock_acquire+0x427/0x4c0 [ 143.875731] ? __pfx_lock_release+0x10/0x10 [ 143.876103] ? __kasan_check_write+0x18/0x20 [ 143.876480] ? do_raw_spin_lock+0x132/0x2a0 [ 143.876849] ? __pfx_do_exit+0x10/0x10 [ 143.877187] ? debug_smp_processor_id+0x20/0x30 [ 143.877583] ? rcu_is_watching+0x19/0xb0 [ 143.877930] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.878317] ? trace_hardirqs_on+0x26/0x120 [ 143.878713] do_group_exit+0xe0/0x2b0 [ 143.879044] __x64_sys_exit_group+0x47/0x50 [ 143.879416] do_syscall_64+0x3b/0x90 [ 143.879738] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.880183] RIP: 0033:0x7f4b87518a4d [ 143.880497] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.881012] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.881661] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.882254] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.882874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.883483] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.884080] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.884697] [ 143.884900] irq event stamp: 0 [ 143.885165] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.885696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.886403] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.887149] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.887689] ---[ end trace 0000000000000000 ]--- [ 143.888996] ------------[ cut here ]------------ [ 143.889407] WARNING: CPU: 0 PID: 1344 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.890285] Modules linked in: [ 143.890761] CPU: 0 PID: 1344 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.891513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.892451] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.893077] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.894673] RSP: 0018:ffff88802448fb78 EFLAGS: 00010246 [ 143.895236] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.895837] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 143.896438] RBP: ffff88802448fb98 R08: ffffed1001d1c33e R09: ffffed1001d1c33e [ 143.897219] R10: ffff88800e8e19ef R11: ffffed1001d1c33d R12: ffff88800e8e1a90 [ 143.897823] R13: ffff88800e8e18a8 R14: ffffffffffffffff R15: ffff88802448fc60 [ 143.898428] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 143.899323] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.899827] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 143.900442] PKRU: 55555554 [ 143.900686] Call Trace: [ 143.901014] [ 143.901307] iommufd_ioas_destroy+0x53/0x70 [ 143.901688] iommufd_fops_release+0x1f7/0x370 [ 143.902084] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.902548] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.903177] ? write_comp_data+0x2f/0x90 [ 143.903548] ? __pfx_iommufd_fops_release+0x10/0x10 [ 143.903984] __fput+0x26d/0xa40 [ 143.904293] ____fput+0x1e/0x30 [ 143.904616] task_work_run+0x1a4/0x2d0 [ 143.905106] ? __pfx_task_work_run+0x10/0x10 [ 143.905494] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.905921] ? switch_task_namespaces+0xa9/0xe0 [ 143.906332] do_exit+0xb17/0x2ef0 [ 143.906730] ? lock_acquire+0x427/0x4c0 [ 143.907180] ? __pfx_lock_release+0x10/0x10 [ 143.907565] ? __kasan_check_write+0x18/0x20 [ 143.907951] ? do_raw_spin_lock+0x132/0x2a0 [ 143.908327] ? __pfx_do_exit+0x10/0x10 [ 143.908843] ? debug_smp_processor_id+0x20/0x30 [ 143.909252] ? rcu_is_watching+0x19/0xb0 [ 143.909606] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.910002] ? trace_hardirqs_on+0x26/0x120 [ 143.910418] do_group_exit+0xe0/0x2b0 [ 143.910880] __x64_sys_exit_group+0x47/0x50 [ 143.911261] do_syscall_64+0x3b/0x90 [ 143.911596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.912062] RIP: 0033:0x7f4b87518a4d [ 143.912469] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.913071] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.913720] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.914531] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.915153] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.915765] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.916523] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.917146] [ 143.917355] irq event stamp: 0 [ 143.917628] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.918185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.918923] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.919662] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.920212] ---[ end trace 0000000000000000 ]--- [ 143.924697] ------------[ cut here ]------------ [ 143.925118] WARNING: CPU: 0 PID: 1345 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.926170] Modules linked in: [ 143.926444] CPU: 0 PID: 1345 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.927222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.928315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.928749] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.930295] RSP: 0018:ffff8880183f7bb8 EFLAGS: 00010246 [ 143.930772] RAX: 0000000000000000 RBX: ffff8880245e80a8 RCX: 0000000000000000 [ 143.931390] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 143.931997] RBP: ffff8880183f7bd0 R08: ffffed10048bd033 R09: ffffed10048bd033 [ 143.932606] R10: ffff8880245e8193 R11: ffffed10048bd032 R12: ffff88800f1f0800 [ 143.933291] R13: ffff8880245e81e8 R14: ffffffff8352e670 R15: ffff8880183f7e68 [ 143.933900] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 143.934606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.935116] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 143.935736] PKRU: 55555554 [ 143.935985] Call Trace: [ 143.936205] [ 143.936400] __iommufd_access_detach+0x1c2/0x2b0 [ 143.936934] iommufd_access_change_pt+0x149/0x270 [ 143.937490] iommufd_access_replace+0xb4/0x120 [ 143.937897] iommufd_test+0x3e5/0x37e0 [ 143.938235] ? lock_release+0x532/0x770 [ 143.938668] ? __might_fault+0x102/0x1b0 [ 143.939129] ? lock_acquire+0x427/0x4c0 [ 143.939490] ? __pfx_iommufd_test+0x10/0x10 [ 143.939864] ? __pfx_lock_release+0x10/0x10 [ 143.940241] ? __pfx_lock_acquire+0x10/0x10 [ 143.940622] ? write_comp_data+0x2f/0x90 [ 143.940982] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.941406] ? write_comp_data+0x2f/0x90 [ 143.941766] iommufd_fops_ioctl+0x37d/0x510 [ 143.942139] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.942587] ? write_comp_data+0x2f/0x90 [ 143.942952] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 143.943388] __x64_sys_ioctl+0x1a3/0x230 [ 143.943756] do_syscall_64+0x3b/0x90 [ 143.944088] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.944547] RIP: 0033:0x7f4b8743ee5d [ 143.944968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 143.946687] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 143.947506] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 143.948115] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 143.948721] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 143.949330] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 143.949935] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 143.950571] [ 143.950774] irq event stamp: 0 [ 143.951043] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.951606] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.952323] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.953038] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.953574] ---[ end trace 0000000000000000 ]--- [ 143.956576] ------------[ cut here ]------------ [ 143.957143] WARNING: CPU: 0 PID: 1345 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 143.958015] Modules linked in: [ 143.958335] CPU: 0 PID: 1345 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.959294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.960257] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 143.960685] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 143.962236] RSP: 0018:ffff8880183f7bd0 EFLAGS: 00010246 [ 143.962715] RAX: 0000000000000000 RBX: ffff8880245e80a8 RCX: 0000000000000000 [ 143.963339] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 143.963952] RBP: ffff8880183f7be8 R08: ffffed10048bd033 R09: ffffed10048bd033 [ 143.964568] R10: ffff8880245e8193 R11: ffffed10048bd032 R12: ffff88800f208000 [ 143.965241] R13: ffff8880245e81e8 R14: ffff88800b591a00 R15: 0000000000000000 [ 143.965862] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 143.966588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.967098] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 143.967727] PKRU: 55555554 [ 143.967978] Call Trace: [ 143.968200] [ 143.968396] iommufd_access_destroy_object+0x65/0x170 [ 143.968850] iommufd_object_destroy_user+0x18e/0x220 [ 143.969294] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 143.969803] iommufd_access_destroy+0x43/0x70 [ 143.970209] iommufd_test_staccess_release+0x8d/0xd0 [ 143.970694] __fput+0x26d/0xa40 [ 143.971013] ____fput+0x1e/0x30 [ 143.971329] task_work_run+0x1a4/0x2d0 [ 143.971679] ? __pfx_task_work_run+0x10/0x10 [ 143.972068] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 143.972504] ? switch_task_namespaces+0xa9/0xe0 [ 143.972930] do_exit+0xb17/0x2ef0 [ 143.973236] ? lock_acquire+0x427/0x4c0 [ 143.973595] ? __pfx_lock_release+0x10/0x10 [ 143.973979] ? __kasan_check_write+0x18/0x20 [ 143.974361] ? do_raw_spin_lock+0x132/0x2a0 [ 143.974761] ? __pfx_do_exit+0x10/0x10 [ 143.975156] ? debug_smp_processor_id+0x20/0x30 [ 143.975593] ? rcu_is_watching+0x19/0xb0 [ 143.975974] ? _raw_spin_unlock_irq+0x2b/0x60 [ 143.976396] ? trace_hardirqs_on+0x26/0x120 [ 143.976802] do_group_exit+0xe0/0x2b0 [ 143.977156] __x64_sys_exit_group+0x47/0x50 [ 143.977549] do_syscall_64+0x3b/0x90 [ 143.977905] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 143.978387] RIP: 0033:0x7f4b87518a4d [ 143.978755] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 143.979339] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 143.980031] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 143.980677] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 143.981323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 143.981968] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 143.982642] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 143.983344] [ 143.983560] irq event stamp: 0 [ 143.983851] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 143.984426] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 143.985195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 143.985960] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 143.986565] ---[ end trace 0000000000000000 ]--- [ 143.987431] ------------[ cut here ]------------ [ 143.988110] WARNING: CPU: 0 PID: 1345 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 143.989058] Modules linked in: [ 143.989355] CPU: 0 PID: 1345 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 143.990154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 143.991277] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 143.991900] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 143.993596] RSP: 0018:ffff8880183f7b78 EFLAGS: 00010246 [ 143.994220] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 143.995060] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 143.995747] RBP: ffff8880183f7b98 R08: ffffed10048bd03e R09: ffffed10048bd03e [ 143.996421] R10: ffff8880245e81ef R11: ffffed10048bd03d R12: ffff8880245e8290 [ 143.997390] R13: ffff8880245e80a8 R14: ffffffffffffffff R15: ffff8880183f7c60 [ 143.998077] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 143.999100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.999669] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.000348] PKRU: 55555554 [ 144.000620] Call Trace: [ 144.000867] [ 144.001122] iommufd_ioas_destroy+0x53/0x70 [ 144.001705] iommufd_fops_release+0x1f7/0x370 [ 144.002144] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.002652] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.003139] ? write_comp_data+0x2f/0x90 [ 144.003564] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.004248] __fput+0x26d/0xa40 [ 144.004615] ____fput+0x1e/0x30 [ 144.004969] task_work_run+0x1a4/0x2d0 [ 144.005389] ? __pfx_task_work_run+0x10/0x10 [ 144.005970] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.006708] ? switch_task_namespaces+0xa9/0xe0 [ 144.007229] do_exit+0xb17/0x2ef0 [ 144.007594] ? lock_acquire+0x427/0x4c0 [ 144.008021] ? __pfx_lock_release+0x10/0x10 [ 144.008483] ? __kasan_check_write+0x18/0x20 [ 144.008946] ? do_raw_spin_lock+0x132/0x2a0 [ 144.009395] ? __pfx_do_exit+0x10/0x10 [ 144.009811] ? debug_smp_processor_id+0x20/0x30 [ 144.010298] ? rcu_is_watching+0x19/0xb0 [ 144.010753] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.011253] ? trace_hardirqs_on+0x26/0x120 [ 144.011714] do_group_exit+0xe0/0x2b0 [ 144.012111] __x64_sys_exit_group+0x47/0x50 [ 144.012565] do_syscall_64+0x3b/0x90 [ 144.012966] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.013511] RIP: 0033:0x7f4b87518a4d [ 144.013894] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.014546] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.015354] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.016087] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.016815] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.017545] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.018272] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.019037] [ 144.019294] irq event stamp: 0 [ 144.019620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.020269] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.021134] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.021980] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.022655] ---[ end trace 0000000000000000 ]--- [ 144.030190] ------------[ cut here ]------------ [ 144.030776] WARNING: CPU: 0 PID: 1346 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.031839] Modules linked in: [ 144.032325] CPU: 0 PID: 1346 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.033330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.034481] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.035041] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.036944] RSP: 0018:ffff88802448fbb8 EFLAGS: 00010246 [ 144.037510] RAX: 0000000000000000 RBX: ffff8880147000a8 RCX: 0000000000000000 [ 144.038240] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 144.039001] RBP: ffff88802448fbd0 R08: ffffed10028e0033 R09: ffffed10028e0033 [ 144.039748] R10: ffff888014700193 R11: ffffed10028e0032 R12: ffff888010e03800 [ 144.040474] R13: ffff8880147001e8 R14: ffffffff8352e670 R15: ffff88802448fe68 [ 144.041204] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.042018] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.042625] CR2: 00007f4b877410e8 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 144.043351] PKRU: 55555554 [ 144.043648] Call Trace: [ 144.043911] [ 144.044146] __iommufd_access_detach+0x1c2/0x2b0 [ 144.044657] iommufd_access_change_pt+0x149/0x270 [ 144.045166] iommufd_access_replace+0xb4/0x120 [ 144.045648] iommufd_test+0x3e5/0x37e0 [ 144.046052] ? lock_release+0x532/0x770 [ 144.046472] ? __might_fault+0x102/0x1b0 [ 144.046930] ? lock_acquire+0x427/0x4c0 [ 144.047378] ? __pfx_iommufd_test+0x10/0x10 [ 144.047828] ? __pfx_lock_release+0x10/0x10 [ 144.048282] ? __pfx_lock_acquire+0x10/0x10 [ 144.048742] ? write_comp_data+0x2f/0x90 [ 144.049179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.049684] ? write_comp_data+0x2f/0x90 [ 144.050118] iommufd_fops_ioctl+0x37d/0x510 [ 144.050592] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.051098] ? write_comp_data+0x2f/0x90 [ 144.051528] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.052018] __x64_sys_ioctl+0x1a3/0x230 [ 144.052447] do_syscall_64+0x3b/0x90 [ 144.052841] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.053379] RIP: 0033:0x7f4b8743ee5d [ 144.053769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.055662] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.056445] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.057173] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.057898] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.058647] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.059380] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.060122] [ 144.060364] irq event stamp: 0 [ 144.060687] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.061422] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.062267] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.063159] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.063827] ---[ end trace 0000000000000000 ]--- [ 144.067921] ------------[ cut here ]------------ [ 144.068791] WARNING: CPU: 0 PID: 1346 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.069815] Modules linked in: [ 144.070142] CPU: 0 PID: 1346 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.071352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.072506] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.073081] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.075200] RSP: 0018:ffff88802448fbd0 EFLAGS: 00010246 [ 144.075876] RAX: 0000000000000000 RBX: ffff8880147000a8 RCX: 0000000000000000 [ 144.076793] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 144.077526] RBP: ffff88802448fbe8 R08: ffffed10028e0033 R09: ffffed10028e0033 [ 144.078592] R10: ffff888014700193 R11: ffffed10028e0032 R12: ffff88800f1f2c00 [ 144.079348] R13: ffff8880147001e8 R14: ffff888020980600 R15: 0000000000000000 [ 144.080087] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.081198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.081788] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.082598] PKRU: 55555554 [ 144.083090] Call Trace: [ 144.083369] [ 144.083608] iommufd_access_destroy_object+0x65/0x170 [ 144.084155] iommufd_object_destroy_user+0x18e/0x220 [ 144.084693] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.085602] iommufd_access_destroy+0x43/0x70 [ 144.086097] iommufd_test_staccess_release+0x8d/0xd0 [ 144.086678] __fput+0x26d/0xa40 [ 144.087043] ____fput+0x1e/0x30 [ 144.087421] task_work_run+0x1a4/0x2d0 [ 144.087968] ? __pfx_task_work_run+0x10/0x10 [ 144.088625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.089149] ? switch_task_namespaces+0xa9/0xe0 [ 144.089650] do_exit+0xb17/0x2ef0 [ 144.090016] ? lock_acquire+0x427/0x4c0 [ 144.090754] ? __pfx_lock_release+0x10/0x10 [ 144.091232] ? __kasan_check_write+0x18/0x20 [ 144.091695] ? do_raw_spin_lock+0x132/0x2a0 [ 144.092146] ? __pfx_do_exit+0x10/0x10 [ 144.092565] ? debug_smp_processor_id+0x20/0x30 [ 144.093257] ? rcu_is_watching+0x19/0xb0 [ 144.093889] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.094372] ? trace_hardirqs_on+0x26/0x120 [ 144.094863] do_group_exit+0xe0/0x2b0 [ 144.095282] __x64_sys_exit_group+0x47/0x50 [ 144.095847] do_syscall_64+0x3b/0x90 [ 144.096483] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.097053] RIP: 0033:0x7f4b87518a4d [ 144.097441] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.098308] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.099120] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.099852] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.100732] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.101598] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.102334] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.103105] [ 144.103378] irq event stamp: 0 [ 144.103821] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.104591] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.105459] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.106562] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.107236] ---[ end trace 0000000000000000 ]--- [ 144.108740] ------------[ cut here ]------------ [ 144.109233] WARNING: CPU: 0 PID: 1346 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.110413] Modules linked in: [ 144.110916] CPU: 0 PID: 1346 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.111866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.113057] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.113608] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.115572] RSP: 0018:ffff88802448fb78 EFLAGS: 00010246 [ 144.116141] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.116884] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 144.117623] RBP: ffff88802448fb98 R08: ffffed10028e003e R09: ffffed10028e003e [ 144.118360] R10: ffff8880147001ef R11: ffffed10028e003d R12: ffff888014700290 [ 144.119136] R13: ffff8880147000a8 R14: ffffffffffffffff R15: ffff88802448fc60 [ 144.119893] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.120746] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.121356] CR2: 00007f82e2b17018 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 144.122099] PKRU: 55555554 [ 144.122400] Call Trace: [ 144.122699] [ 144.122943] iommufd_ioas_destroy+0x53/0x70 [ 144.123416] iommufd_fops_release+0x1f7/0x370 [ 144.123892] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.124422] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.125035] ? write_comp_data+0x2f/0x90 [ 144.125475] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.126008] __fput+0x26d/0xa40 [ 144.126377] ____fput+0x1e/0x30 [ 144.126761] task_work_run+0x1a4/0x2d0 [ 144.127193] ? __pfx_task_work_run+0x10/0x10 [ 144.127662] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.128172] ? switch_task_namespaces+0xa9/0xe0 [ 144.128672] do_exit+0xb17/0x2ef0 [ 144.129038] ? lock_acquire+0x427/0x4c0 [ 144.129465] ? __pfx_lock_release+0x10/0x10 [ 144.129929] ? __kasan_check_write+0x18/0x20 [ 144.130397] ? do_raw_spin_lock+0x132/0x2a0 [ 144.130874] ? __pfx_do_exit+0x10/0x10 [ 144.131302] ? debug_smp_processor_id+0x20/0x30 [ 144.131792] ? rcu_is_watching+0x19/0xb0 [ 144.132219] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.132707] ? trace_hardirqs_on+0x26/0x120 [ 144.133170] do_group_exit+0xe0/0x2b0 [ 144.133573] __x64_sys_exit_group+0x47/0x50 [ 144.134020] do_syscall_64+0x3b/0x90 [ 144.134422] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.134994] RIP: 0033:0x7f4b87518a4d [ 144.135398] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.136040] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.136834] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.137574] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.138317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.139082] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.139844] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.140612] [ 144.140866] irq event stamp: 0 [ 144.141203] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.141871] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.142778] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.143680] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.144353] ---[ end trace 0000000000000000 ]--- [ 144.149389] ------------[ cut here ]------------ [ 144.149895] WARNING: CPU: 0 PID: 1347 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.151131] Modules linked in: [ 144.151585] CPU: 0 PID: 1347 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.152614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.153991] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.154546] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.156551] RSP: 0018:ffff88802451fbb8 EFLAGS: 00010246 [ 144.157270] RAX: 0000000000000000 RBX: ffff888010b7d8a8 RCX: 0000000000000000 [ 144.157998] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 144.158985] RBP: ffff88802451fbd0 R08: ffffed100216fb33 R09: ffffed100216fb33 [ 144.159725] R10: ffff888010b7d993 R11: ffffed100216fb32 R12: ffff888013b16c00 [ 144.160452] R13: ffff888010b7d9e8 R14: ffffffff8352e670 R15: ffff88802451fe68 [ 144.161428] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.162256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.162885] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 144.163753] PKRU: 55555554 [ 144.164157] Call Trace: [ 144.164423] [ 144.164652] __iommufd_access_detach+0x1c2/0x2b0 [ 144.165154] iommufd_access_change_pt+0x149/0x270 [ 144.165747] iommufd_access_replace+0xb4/0x120 [ 144.166339] iommufd_test+0x3e5/0x37e0 [ 144.166777] ? lock_release+0x532/0x770 [ 144.167203] ? __might_fault+0x102/0x1b0 [ 144.167627] ? lock_acquire+0x427/0x4c0 [ 144.168044] ? __pfx_iommufd_test+0x10/0x10 [ 144.168715] ? __pfx_lock_release+0x10/0x10 [ 144.169178] ? __pfx_lock_acquire+0x10/0x10 [ 144.169639] ? write_comp_data+0x2f/0x90 [ 144.170063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.170703] ? write_comp_data+0x2f/0x90 [ 144.171235] iommufd_fops_ioctl+0x37d/0x510 [ 144.171682] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.172191] ? write_comp_data+0x2f/0x90 [ 144.172621] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.173240] __x64_sys_ioctl+0x1a3/0x230 [ 144.173802] do_syscall_64+0x3b/0x90 [ 144.174202] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.174775] RIP: 0033:0x7f4b8743ee5d [ 144.175193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.177285] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.178174] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.179023] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.179758] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.180591] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.181426] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.182159] [ 144.182404] irq event stamp: 0 [ 144.182983] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.183626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.184478] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.185627] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.186278] ---[ end trace 0000000000000000 ]--- [ 144.189533] ------------[ cut here ]------------ [ 144.190054] WARNING: CPU: 0 PID: 1347 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.191135] Modules linked in: [ 144.191468] CPU: 0 PID: 1347 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.192343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.193488] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.194004] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.195882] RSP: 0018:ffff88802451fbd0 EFLAGS: 00010246 [ 144.196428] RAX: 0000000000000000 RBX: ffff888010b7d8a8 RCX: 0000000000000000 [ 144.197148] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 144.197878] RBP: ffff88802451fbe8 R08: ffffed100216fb33 R09: ffffed100216fb33 [ 144.198635] R10: ffff888010b7d993 R11: ffffed100216fb32 R12: ffff888010e00400 [ 144.199378] R13: ffff888010b7d9e8 R14: ffff8880104c0f00 R15: 0000000000000000 [ 144.200110] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.200930] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.201524] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.202238] PKRU: 55555554 [ 144.202553] Call Trace: [ 144.202823] [ 144.203058] iommufd_access_destroy_object+0x65/0x170 [ 144.203638] iommufd_object_destroy_user+0x18e/0x220 [ 144.204171] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.204774] iommufd_access_destroy+0x43/0x70 [ 144.205243] iommufd_test_staccess_release+0x8d/0xd0 [ 144.205767] __fput+0x26d/0xa40 [ 144.206264] ____fput+0x1e/0x30 [ 144.206646] task_work_run+0x1a4/0x2d0 [ 144.207108] ? __pfx_task_work_run+0x10/0x10 [ 144.207581] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.208130] ? switch_task_namespaces+0xa9/0xe0 [ 144.208624] do_exit+0xb17/0x2ef0 [ 144.208986] ? lock_acquire+0x427/0x4c0 [ 144.209409] ? __pfx_lock_release+0x10/0x10 [ 144.209869] ? __kasan_check_write+0x18/0x20 [ 144.210332] ? do_raw_spin_lock+0x132/0x2a0 [ 144.210804] ? __pfx_do_exit+0x10/0x10 [ 144.211223] ? debug_smp_processor_id+0x20/0x30 [ 144.211699] ? rcu_is_watching+0x19/0xb0 [ 144.212117] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.212587] ? trace_hardirqs_on+0x26/0x120 [ 144.213042] do_group_exit+0xe0/0x2b0 [ 144.213446] __x64_sys_exit_group+0x47/0x50 [ 144.213900] do_syscall_64+0x3b/0x90 [ 144.214299] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.214874] RIP: 0033:0x7f4b87518a4d [ 144.215279] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.215907] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.216674] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.217405] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.218122] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.218872] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.219626] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.220364] [ 144.220604] irq event stamp: 0 [ 144.220983] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.221622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.222459] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.223337] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.223978] ---[ end trace 0000000000000000 ]--- [ 144.224832] ------------[ cut here ]------------ [ 144.225313] WARNING: CPU: 0 PID: 1347 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.226348] Modules linked in: [ 144.226710] CPU: 0 PID: 1347 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.227614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.228760] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.229291] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.231151] RSP: 0018:ffff88802451fb78 EFLAGS: 00010246 [ 144.231704] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.232425] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 144.233153] RBP: ffff88802451fb98 R08: ffffed100216fb3e R09: ffffed100216fb3e [ 144.233885] R10: ffff888010b7d9ef R11: ffffed100216fb3d R12: ffff888010b7da90 [ 144.234643] R13: ffff888010b7d8a8 R14: ffffffffffffffff R15: ffff88802451fc60 [ 144.235388] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.236204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.236802] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.237539] PKRU: 55555554 [ 144.237844] Call Trace: [ 144.238113] [ 144.238345] iommufd_ioas_destroy+0x53/0x70 [ 144.238840] iommufd_fops_release+0x1f7/0x370 [ 144.239329] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.239856] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.240369] ? write_comp_data+0x2f/0x90 [ 144.240800] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.241321] __fput+0x26d/0xa40 [ 144.241678] ____fput+0x1e/0x30 [ 144.242033] task_work_run+0x1a4/0x2d0 [ 144.242449] ? __pfx_task_work_run+0x10/0x10 [ 144.242946] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.243483] ? switch_task_namespaces+0xa9/0xe0 [ 144.243975] do_exit+0xb17/0x2ef0 [ 144.244334] ? lock_acquire+0x427/0x4c0 [ 144.244746] ? __pfx_lock_release+0x10/0x10 [ 144.245191] ? __kasan_check_write+0x18/0x20 [ 144.245647] ? do_raw_spin_lock+0x132/0x2a0 [ 144.246098] ? __pfx_do_exit+0x10/0x10 [ 144.246574] ? debug_smp_processor_id+0x20/0x30 [ 144.247077] ? rcu_is_watching+0x19/0xb0 [ 144.247510] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.247988] ? trace_hardirqs_on+0x26/0x120 [ 144.248443] do_group_exit+0xe0/0x2b0 [ 144.248833] __x64_sys_exit_group+0x47/0x50 [ 144.249279] do_syscall_64+0x3b/0x90 [ 144.249673] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.250209] RIP: 0033:0x7f4b87518a4d [ 144.250633] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.251299] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.252092] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.252817] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.253603] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.254344] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.255105] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.255862] [ 144.256108] irq event stamp: 0 [ 144.256430] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.257087] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.257953] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.258851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.259516] ---[ end trace 0000000000000000 ]--- [ 144.264688] ------------[ cut here ]------------ [ 144.265213] WARNING: CPU: 0 PID: 1348 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.266218] Modules linked in: [ 144.266563] CPU: 0 PID: 1348 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.267408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.268448] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.268918] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.270657] RSP: 0018:ffff88800ed7fbb8 EFLAGS: 00010246 [ 144.271173] RAX: 0000000000000000 RBX: ffff888020aca0a8 RCX: 0000000000000000 [ 144.271841] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 144.272503] RBP: ffff88800ed7fbd0 R08: ffffed1004159433 R09: ffffed1004159433 [ 144.273172] R10: ffff888020aca193 R11: ffffed1004159432 R12: ffff88801341d400 [ 144.273823] R13: ffff888020aca1e8 R14: ffffffff8352e670 R15: ffff88800ed7fe68 [ 144.274500] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.275308] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.275845] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 144.276512] PKRU: 55555554 [ 144.276792] Call Trace: [ 144.277035] [ 144.277252] __iommufd_access_detach+0x1c2/0x2b0 [ 144.277718] iommufd_access_change_pt+0x149/0x270 [ 144.278188] iommufd_access_replace+0xb4/0x120 [ 144.278667] iommufd_test+0x3e5/0x37e0 [ 144.279040] ? lock_release+0x532/0x770 [ 144.279449] ? __might_fault+0x102/0x1b0 [ 144.279851] ? lock_acquire+0x427/0x4c0 [ 144.280242] ? __pfx_iommufd_test+0x10/0x10 [ 144.280654] ? __pfx_lock_release+0x10/0x10 [ 144.281072] ? __pfx_lock_acquire+0x10/0x10 [ 144.281486] ? write_comp_data+0x2f/0x90 [ 144.281879] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.282348] ? write_comp_data+0x2f/0x90 [ 144.282775] iommufd_fops_ioctl+0x37d/0x510 [ 144.283195] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.283666] ? write_comp_data+0x2f/0x90 [ 144.284063] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.284518] __x64_sys_ioctl+0x1a3/0x230 [ 144.284909] do_syscall_64+0x3b/0x90 [ 144.285327] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.285815] RIP: 0033:0x7f4b8743ee5d [ 144.286159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.287868] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.288584] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.289240] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.289905] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.290602] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.291281] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.291956] [ 144.292178] irq event stamp: 0 [ 144.292475] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.293067] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.293853] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.294659] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.295259] ---[ end trace 0000000000000000 ]--- [ 144.298238] ------------[ cut here ]------------ [ 144.298735] WARNING: CPU: 0 PID: 1348 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.299667] Modules linked in: [ 144.299959] CPU: 0 PID: 1348 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.300749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.301761] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.302213] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.303901] RSP: 0018:ffff88800ed7fbd0 EFLAGS: 00010246 [ 144.304386] RAX: 0000000000000000 RBX: ffff888020aca0a8 RCX: 0000000000000000 [ 144.305029] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 144.305632] RBP: ffff88800ed7fbe8 R08: ffffed1004159433 R09: ffffed1004159433 [ 144.306237] R10: ffff888020aca193 R11: ffffed1004159432 R12: ffff888013b14000 [ 144.306859] R13: ffff888020aca1e8 R14: ffff8880123ed900 R15: 0000000000000000 [ 144.307474] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.308162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.308658] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.309270] PKRU: 55555554 [ 144.309515] Call Trace: [ 144.309734] [ 144.309929] iommufd_access_destroy_object+0x65/0x170 [ 144.310379] iommufd_object_destroy_user+0x18e/0x220 [ 144.310840] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.311360] iommufd_access_destroy+0x43/0x70 [ 144.311761] iommufd_test_staccess_release+0x8d/0xd0 [ 144.312210] __fput+0x26d/0xa40 [ 144.312511] ____fput+0x1e/0x30 [ 144.312810] task_work_run+0x1a4/0x2d0 [ 144.313157] ? __pfx_task_work_run+0x10/0x10 [ 144.313543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.313970] ? switch_task_namespaces+0xa9/0xe0 [ 144.314388] do_exit+0xb17/0x2ef0 [ 144.314795] ? lock_acquire+0x427/0x4c0 [ 144.315336] ? __pfx_lock_release+0x10/0x10 [ 144.315837] ? __kasan_check_write+0x18/0x20 [ 144.316227] ? do_raw_spin_lock+0x132/0x2a0 [ 144.316645] ? __pfx_do_exit+0x10/0x10 [ 144.317021] ? debug_smp_processor_id+0x20/0x30 [ 144.317630] ? rcu_is_watching+0x19/0xb0 [ 144.317985] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.318380] ? trace_hardirqs_on+0x26/0x120 [ 144.318784] do_group_exit+0xe0/0x2b0 [ 144.319130] __x64_sys_exit_group+0x47/0x50 [ 144.319510] do_syscall_64+0x3b/0x90 [ 144.319915] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.320465] RIP: 0033:0x7f4b87518a4d [ 144.320792] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.321325] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.322147] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.322786] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.323409] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.324099] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.324794] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.325423] [ 144.325627] irq event stamp: 0 [ 144.325900] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.326612] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.327339] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.328054] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.328597] ---[ end trace 0000000000000000 ]--- [ 144.329439] ------------[ cut here ]------------ [ 144.329921] WARNING: CPU: 0 PID: 1348 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.330831] Modules linked in: [ 144.331125] CPU: 0 PID: 1348 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.332095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.333063] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.333698] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.335536] RSP: 0018:ffff88800ed7fb78 EFLAGS: 00010246 [ 144.336072] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.336814] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 144.337429] RBP: ffff88800ed7fb98 R08: ffffed100415943e R09: ffffed100415943e [ 144.338205] R10: ffff888020aca1ef R11: ffffed100415943d R12: ffff888020aca290 [ 144.338836] R13: ffff888020aca0a8 R14: ffffffffffffffff R15: ffff88800ed7fc60 [ 144.339459] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.340342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.340843] CR2: 00007f4b875fca50 CR3: 000000001365e000 CR4: 0000000000750ef0 [ 144.341456] PKRU: 55555554 [ 144.341701] Call Trace: [ 144.341975] [ 144.342316] iommufd_ioas_destroy+0x53/0x70 [ 144.342718] iommufd_fops_release+0x1f7/0x370 [ 144.343117] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.343559] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.343990] ? write_comp_data+0x2f/0x90 [ 144.344552] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.344989] __fput+0x26d/0xa40 [ 144.345286] ____fput+0x1e/0x30 [ 144.345579] task_work_run+0x1a4/0x2d0 [ 144.345946] ? __pfx_task_work_run+0x10/0x10 [ 144.346481] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.346935] ? switch_task_namespaces+0xa9/0xe0 [ 144.347366] do_exit+0xb17/0x2ef0 [ 144.347669] ? lock_acquire+0x427/0x4c0 [ 144.348024] ? __pfx_lock_release+0x10/0x10 [ 144.348606] ? __kasan_check_write+0x18/0x20 [ 144.349076] ? do_raw_spin_lock+0x132/0x2a0 [ 144.349454] ? __pfx_do_exit+0x10/0x10 [ 144.349801] ? debug_smp_processor_id+0x20/0x30 [ 144.350388] ? rcu_is_watching+0x19/0xb0 [ 144.350765] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.351171] ? trace_hardirqs_on+0x26/0x120 [ 144.351554] do_group_exit+0xe0/0x2b0 [ 144.351889] __x64_sys_exit_group+0x47/0x50 [ 144.352266] do_syscall_64+0x3b/0x90 [ 144.352804] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.353264] RIP: 0033:0x7f4b87518a4d [ 144.353594] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.354124] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.354990] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.355625] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.356240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.357056] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.357668] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.358288] [ 144.358584] irq event stamp: 0 [ 144.358988] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.359587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.360355] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.361351] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.361934] ---[ end trace 0000000000000000 ]--- [ 144.366139] ------------[ cut here ]------------ [ 144.366728] WARNING: CPU: 0 PID: 1349 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.367707] Modules linked in: [ 144.368004] CPU: 0 PID: 1349 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.368797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.369827] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.370282] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.371971] RSP: 0018:ffff88802451fbb8 EFLAGS: 00010246 [ 144.372464] RAX: 0000000000000000 RBX: ffff888020f998a8 RCX: 0000000000000000 [ 144.373111] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 144.373750] RBP: ffff88802451fbd0 R08: ffffed10041f3333 R09: ffffed10041f3333 [ 144.374394] R10: ffff888020f99993 R11: ffffed10041f3332 R12: ffff888014242400 [ 144.375049] R13: ffff888020f999e8 R14: ffffffff8352e670 R15: ffff88802451fe68 [ 144.375703] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.376442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.376964] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 144.377605] PKRU: 55555554 [ 144.377864] Call Trace: [ 144.378094] [ 144.378298] __iommufd_access_detach+0x1c2/0x2b0 [ 144.378760] iommufd_access_change_pt+0x149/0x270 [ 144.379222] iommufd_access_replace+0xb4/0x120 [ 144.379649] iommufd_test+0x3e5/0x37e0 [ 144.380002] ? lock_release+0x532/0x770 [ 144.380372] ? __might_fault+0x102/0x1b0 [ 144.380749] ? lock_acquire+0x427/0x4c0 [ 144.381194] ? __pfx_iommufd_test+0x10/0x10 [ 144.381594] ? __pfx_lock_release+0x10/0x10 [ 144.381991] ? __pfx_lock_acquire+0x10/0x10 [ 144.382393] ? write_comp_data+0x2f/0x90 [ 144.382788] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.383262] ? write_comp_data+0x2f/0x90 [ 144.383646] iommufd_fops_ioctl+0x37d/0x510 [ 144.384044] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.384493] ? write_comp_data+0x2f/0x90 [ 144.384875] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.385315] __x64_sys_ioctl+0x1a3/0x230 [ 144.385694] do_syscall_64+0x3b/0x90 [ 144.386045] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.386551] RIP: 0033:0x7f4b8743ee5d [ 144.386890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.388558] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.389244] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.389892] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.390547] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.391197] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.391830] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.392466] [ 144.392672] irq event stamp: 0 [ 144.392953] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.393512] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.394260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.395017] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.395589] ---[ end trace 0000000000000000 ]--- [ 144.399082] ------------[ cut here ]------------ [ 144.399562] WARNING: CPU: 0 PID: 1349 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.400469] Modules linked in: [ 144.400843] CPU: 0 PID: 1349 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.401743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.402867] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.403421] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.405038] RSP: 0018:ffff88802451fbd0 EFLAGS: 00010246 [ 144.405513] RAX: 0000000000000000 RBX: ffff888020f998a8 RCX: 0000000000000000 [ 144.406148] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 144.406854] RBP: ffff88802451fbe8 R08: ffffed10041f3333 R09: ffffed10041f3333 [ 144.407567] R10: ffff888020f99993 R11: ffffed10041f3332 R12: ffff88801341c400 [ 144.408386] R13: ffff888020f999e8 R14: ffff88800ef92e00 R15: 0000000000000000 [ 144.409021] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.409936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.410454] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.411104] PKRU: 55555554 [ 144.411371] Call Trace: [ 144.411603] [ 144.411828] iommufd_access_destroy_object+0x65/0x170 [ 144.412453] iommufd_object_destroy_user+0x18e/0x220 [ 144.412913] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.413500] iommufd_access_destroy+0x43/0x70 [ 144.414007] iommufd_test_staccess_release+0x8d/0xd0 [ 144.414557] __fput+0x26d/0xa40 [ 144.414871] ____fput+0x1e/0x30 [ 144.415185] task_work_run+0x1a4/0x2d0 [ 144.415545] ? __pfx_task_work_run+0x10/0x10 [ 144.415945] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.416565] ? switch_task_namespaces+0xa9/0xe0 [ 144.416995] do_exit+0xb17/0x2ef0 [ 144.417306] ? lock_acquire+0x427/0x4c0 [ 144.417671] ? __pfx_lock_release+0x10/0x10 [ 144.418128] ? __kasan_check_write+0x18/0x20 [ 144.418663] ? do_raw_spin_lock+0x132/0x2a0 [ 144.419054] ? __pfx_do_exit+0x10/0x10 [ 144.419431] ? debug_smp_processor_id+0x20/0x30 [ 144.419853] ? rcu_is_watching+0x19/0xb0 [ 144.420220] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.420829] ? trace_hardirqs_on+0x26/0x120 [ 144.421225] do_group_exit+0xe0/0x2b0 [ 144.421571] __x64_sys_exit_group+0x47/0x50 [ 144.421958] do_syscall_64+0x3b/0x90 [ 144.422301] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.422930] RIP: 0033:0x7f4b87518a4d [ 144.423259] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.423781] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.424419] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.425016] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.425609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.426214] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.426841] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.427474] [ 144.427674] irq event stamp: 0 [ 144.427940] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.428469] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.429166] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.429860] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.430389] ---[ end trace 0000000000000000 ]--- [ 144.431197] ------------[ cut here ]------------ [ 144.431823] WARNING: CPU: 0 PID: 1349 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.432680] Modules linked in: [ 144.432953] CPU: 0 PID: 1349 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.433862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.434835] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.435286] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.437011] RSP: 0018:ffff88802451fb78 EFLAGS: 00010246 [ 144.437480] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.438228] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 144.439032] RBP: ffff88802451fb98 R08: ffffed10041f333e R09: ffffed10041f333e [ 144.439652] R10: ffff888020f999ef R11: ffffed10041f333d R12: ffff888020f99a90 [ 144.440259] R13: ffff888020f998a8 R14: ffffffffffffffff R15: ffff88802451fc60 [ 144.440866] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.441547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.442039] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.442661] PKRU: 55555554 [ 144.442906] Call Trace: [ 144.443133] [ 144.443328] iommufd_ioas_destroy+0x53/0x70 [ 144.443707] iommufd_fops_release+0x1f7/0x370 [ 144.444099] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.444531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.445029] ? write_comp_data+0x2f/0x90 [ 144.445391] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.445825] __fput+0x26d/0xa40 [ 144.446126] ____fput+0x1e/0x30 [ 144.446418] task_work_run+0x1a4/0x2d0 [ 144.446782] ? __pfx_task_work_run+0x10/0x10 [ 144.447176] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.447600] ? switch_task_namespaces+0xa9/0xe0 [ 144.448009] do_exit+0xb17/0x2ef0 [ 144.448309] ? lock_acquire+0x427/0x4c0 [ 144.448656] ? __pfx_lock_release+0x10/0x10 [ 144.449037] ? __kasan_check_write+0x18/0x20 [ 144.449420] ? do_raw_spin_lock+0x132/0x2a0 [ 144.449792] ? __pfx_do_exit+0x10/0x10 [ 144.450140] ? debug_smp_processor_id+0x20/0x30 [ 144.450560] ? rcu_is_watching+0x19/0xb0 [ 144.450913] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.451320] ? trace_hardirqs_on+0x26/0x120 [ 144.451698] do_group_exit+0xe0/0x2b0 [ 144.452025] __x64_sys_exit_group+0x47/0x50 [ 144.452395] do_syscall_64+0x3b/0x90 [ 144.452726] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.453175] RIP: 0033:0x7f4b87518a4d [ 144.453496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.454015] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.454667] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.455245] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.455814] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.456380] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.456947] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.457522] [ 144.457711] irq event stamp: 0 [ 144.457966] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.458473] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.459165] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.459839] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.460348] ---[ end trace 0000000000000000 ]--- [ 144.464818] ------------[ cut here ]------------ [ 144.465224] WARNING: CPU: 0 PID: 1350 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.466032] Modules linked in: [ 144.466289] CPU: 0 PID: 1350 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.467028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.467936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.468335] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.469787] RSP: 0018:ffff888018667bb8 EFLAGS: 00010246 [ 144.470218] RAX: 0000000000000000 RBX: ffff8880103678a8 RCX: 0000000000000000 [ 144.470800] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 144.471372] RBP: ffff888018667bd0 R08: ffffed100206cf33 R09: ffffed100206cf33 [ 144.471945] R10: ffff888010367993 R11: ffffed100206cf32 R12: ffff888018808400 [ 144.472518] R13: ffff8880103679e8 R14: ffffffff8352e670 R15: ffff888018667e68 [ 144.473086] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.473726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.474205] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 144.474802] PKRU: 55555554 [ 144.475037] Call Trace: [ 144.475258] [ 144.475445] __iommufd_access_detach+0x1c2/0x2b0 [ 144.475846] iommufd_access_change_pt+0x149/0x270 [ 144.476248] iommufd_access_replace+0xb4/0x120 [ 144.476635] iommufd_test+0x3e5/0x37e0 [ 144.477027] ? lock_release+0x532/0x770 [ 144.477362] ? __might_fault+0x102/0x1b0 [ 144.477704] ? lock_acquire+0x427/0x4c0 [ 144.478038] ? __pfx_iommufd_test+0x10/0x10 [ 144.478389] ? __pfx_lock_release+0x10/0x10 [ 144.478771] ? __pfx_lock_acquire+0x10/0x10 [ 144.479145] ? write_comp_data+0x2f/0x90 [ 144.479486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.479887] ? write_comp_data+0x2f/0x90 [ 144.480225] iommufd_fops_ioctl+0x37d/0x510 [ 144.480583] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.480985] ? write_comp_data+0x2f/0x90 [ 144.481324] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.481715] __x64_sys_ioctl+0x1a3/0x230 [ 144.482055] do_syscall_64+0x3b/0x90 [ 144.482365] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.482818] RIP: 0033:0x7f4b8743ee5d [ 144.483131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.484591] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.485204] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.485783] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.486355] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.486945] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.487523] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.488163] [ 144.488356] irq event stamp: 0 [ 144.488612] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.489120] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.489788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.490452] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.490974] ---[ end trace 0000000000000000 ]--- [ 144.493748] ------------[ cut here ]------------ [ 144.494182] WARNING: CPU: 0 PID: 1350 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.495016] Modules linked in: [ 144.495300] CPU: 0 PID: 1350 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.496001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.496911] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.497316] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.498796] RSP: 0018:ffff888018667bd0 EFLAGS: 00010246 [ 144.499230] RAX: 0000000000000000 RBX: ffff8880103678a8 RCX: 0000000000000000 [ 144.499809] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 144.500378] RBP: ffff888018667be8 R08: ffffed100206cf33 R09: ffffed100206cf33 [ 144.500948] R10: ffff888010367993 R11: ffffed100206cf32 R12: ffff888014240800 [ 144.501518] R13: ffff8880103679e8 R14: ffff88800fe8ba00 R15: 0000000000000000 [ 144.502087] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.502759] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.503235] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.503807] PKRU: 55555554 [ 144.504040] Call Trace: [ 144.504259] [ 144.504445] iommufd_access_destroy_object+0x65/0x170 [ 144.504873] iommufd_object_destroy_user+0x18e/0x220 [ 144.505293] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.505767] iommufd_access_destroy+0x43/0x70 [ 144.506141] iommufd_test_staccess_release+0x8d/0xd0 [ 144.506581] __fput+0x26d/0xa40 [ 144.506870] ____fput+0x1e/0x30 [ 144.507160] task_work_run+0x1a4/0x2d0 [ 144.507487] ? __pfx_task_work_run+0x10/0x10 [ 144.507849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.508245] ? switch_task_namespaces+0xa9/0xe0 [ 144.508637] do_exit+0xb17/0x2ef0 [ 144.508980] ? lock_acquire+0x427/0x4c0 [ 144.509312] ? __pfx_lock_release+0x10/0x10 [ 144.509671] ? __kasan_check_write+0x18/0x20 [ 144.510038] ? do_raw_spin_lock+0x132/0x2a0 [ 144.510389] ? __pfx_do_exit+0x10/0x10 [ 144.510731] ? debug_smp_processor_id+0x20/0x30 [ 144.511117] ? rcu_is_watching+0x19/0xb0 [ 144.511449] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.511823] ? trace_hardirqs_on+0x26/0x120 [ 144.512181] do_group_exit+0xe0/0x2b0 [ 144.512496] __x64_sys_exit_group+0x47/0x50 [ 144.512844] do_syscall_64+0x3b/0x90 [ 144.513153] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.513581] RIP: 0033:0x7f4b87518a4d [ 144.513883] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.514379] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.515018] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.515604] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.516178] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.516749] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.517317] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.517896] [ 144.518090] irq event stamp: 0 [ 144.518348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.518888] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.519591] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.520263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.520776] ---[ end trace 0000000000000000 ]--- [ 144.521508] ------------[ cut here ]------------ [ 144.521896] WARNING: CPU: 0 PID: 1350 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.522748] Modules linked in: [ 144.523011] CPU: 0 PID: 1350 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.523728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.524629] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.525052] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.526550] RSP: 0018:ffff888018667b78 EFLAGS: 00010246 [ 144.526986] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.527569] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 144.528140] RBP: ffff888018667b98 R08: ffffed100206cf3e R09: ffffed100206cf3e [ 144.528717] R10: ffff8880103679ef R11: ffffed100206cf3d R12: ffff888010367a90 [ 144.529287] R13: ffff8880103678a8 R14: ffffffffffffffff R15: ffff888018667c60 [ 144.529861] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.530534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.531006] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.531590] PKRU: 55555554 [ 144.531821] Call Trace: [ 144.532029] [ 144.532215] iommufd_ioas_destroy+0x53/0x70 [ 144.532571] iommufd_fops_release+0x1f7/0x370 [ 144.532943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.533352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.533755] ? write_comp_data+0x2f/0x90 [ 144.534096] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.534527] __fput+0x26d/0xa40 [ 144.534816] ____fput+0x1e/0x30 [ 144.535098] task_work_run+0x1a4/0x2d0 [ 144.535442] ? __pfx_task_work_run+0x10/0x10 [ 144.535805] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.536195] ? switch_task_namespaces+0xa9/0xe0 [ 144.536574] do_exit+0xb17/0x2ef0 [ 144.536847] ? lock_acquire+0x427/0x4c0 [ 144.537170] ? __pfx_lock_release+0x10/0x10 [ 144.537515] ? __kasan_check_write+0x18/0x20 [ 144.537861] ? do_raw_spin_lock+0x132/0x2a0 [ 144.538199] ? __pfx_do_exit+0x10/0x10 [ 144.538531] ? debug_smp_processor_id+0x20/0x30 [ 144.538904] ? rcu_is_watching+0x19/0xb0 [ 144.539240] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.539603] ? trace_hardirqs_on+0x26/0x120 [ 144.539950] do_group_exit+0xe0/0x2b0 [ 144.540248] __x64_sys_exit_group+0x47/0x50 [ 144.540590] do_syscall_64+0x3b/0x90 [ 144.540895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.541362] RIP: 0033:0x7f4b87518a4d [ 144.541667] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.542146] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.542768] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.543330] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.543891] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.544440] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.544993] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.545550] [ 144.545736] irq event stamp: 0 [ 144.545984] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.546473] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.547152] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.547809] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.548308] ---[ end trace 0000000000000000 ]--- [ 144.552164] ------------[ cut here ]------------ [ 144.552555] WARNING: CPU: 0 PID: 1351 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.553325] Modules linked in: [ 144.553573] CPU: 0 PID: 1351 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.554235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.555289] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.555674] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.557051] RSP: 0018:ffff888015b67bb8 EFLAGS: 00010246 [ 144.557455] RAX: 0000000000000000 RBX: ffff8880161de0a8 RCX: 0000000000000000 [ 144.557990] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 144.558541] RBP: ffff888015b67bd0 R08: ffffed1002c3bc33 R09: ffffed1002c3bc33 [ 144.559081] R10: ffff8880161de193 R11: ffffed1002c3bc32 R12: ffff888013b6b400 [ 144.559624] R13: ffff8880161de1e8 R14: ffffffff8352e670 R15: ffff888015b67e68 [ 144.560166] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.560778] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.561222] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 144.561765] PKRU: 55555554 [ 144.561987] Call Trace: [ 144.562183] [ 144.562357] __iommufd_access_detach+0x1c2/0x2b0 [ 144.562751] iommufd_access_change_pt+0x149/0x270 [ 144.563144] iommufd_access_replace+0xb4/0x120 [ 144.563507] iommufd_test+0x3e5/0x37e0 [ 144.563812] ? lock_release+0x532/0x770 [ 144.564130] ? __might_fault+0x102/0x1b0 [ 144.564448] ? lock_acquire+0x427/0x4c0 [ 144.564763] ? __pfx_iommufd_test+0x10/0x10 [ 144.565095] ? __pfx_lock_release+0x10/0x10 [ 144.565437] ? __pfx_lock_acquire+0x10/0x10 [ 144.565779] ? write_comp_data+0x2f/0x90 [ 144.566205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.566611] ? write_comp_data+0x2f/0x90 [ 144.566941] iommufd_fops_ioctl+0x37d/0x510 [ 144.567288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.567672] ? write_comp_data+0x2f/0x90 [ 144.567994] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.568367] __x64_sys_ioctl+0x1a3/0x230 [ 144.568692] do_syscall_64+0x3b/0x90 [ 144.568989] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.569397] RIP: 0033:0x7f4b8743ee5d [ 144.569687] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.571086] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.571676] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.572223] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.572866] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.573611] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.574167] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.574803] [ 144.575083] irq event stamp: 0 [ 144.575343] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.575827] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.576529] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.577247] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.577737] ---[ end trace 0000000000000000 ]--- [ 144.580481] ------------[ cut here ]------------ [ 144.580949] WARNING: CPU: 0 PID: 1351 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.581730] Modules linked in: [ 144.582002] CPU: 0 PID: 1351 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.582819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.583700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.584085] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.585646] RSP: 0018:ffff888015b67bd0 EFLAGS: 00010246 [ 144.586115] RAX: 0000000000000000 RBX: ffff8880161de0a8 RCX: 0000000000000000 [ 144.586759] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 144.587323] RBP: ffff888015b67be8 R08: ffffed1002c3bc33 R09: ffffed1002c3bc33 [ 144.587890] R10: ffff8880161de193 R11: ffffed1002c3bc32 R12: ffff888018808000 [ 144.588571] R13: ffff8880161de1e8 R14: ffff888012b9bb00 R15: 0000000000000000 [ 144.589125] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.589833] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.590415] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.591011] PKRU: 55555554 [ 144.591258] Call Trace: [ 144.591468] [ 144.591654] iommufd_access_destroy_object+0x65/0x170 [ 144.592152] iommufd_object_destroy_user+0x18e/0x220 [ 144.592683] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.593170] iommufd_access_destroy+0x43/0x70 [ 144.593546] iommufd_test_staccess_release+0x8d/0xd0 [ 144.594141] __fput+0x26d/0xa40 [ 144.594435] ____fput+0x1e/0x30 [ 144.594733] task_work_run+0x1a4/0x2d0 [ 144.595061] ? __pfx_task_work_run+0x10/0x10 [ 144.595435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.595843] ? switch_task_namespaces+0xa9/0xe0 [ 144.596399] do_exit+0xb17/0x2ef0 [ 144.596685] ? lock_acquire+0x427/0x4c0 [ 144.597024] ? __pfx_lock_release+0x10/0x10 [ 144.597384] ? __kasan_check_write+0x18/0x20 [ 144.597747] ? do_raw_spin_lock+0x132/0x2a0 [ 144.598258] ? __pfx_do_exit+0x10/0x10 [ 144.598606] ? debug_smp_processor_id+0x20/0x30 [ 144.598993] ? rcu_is_watching+0x19/0xb0 [ 144.599346] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.599721] ? trace_hardirqs_on+0x26/0x120 [ 144.600078] do_group_exit+0xe0/0x2b0 [ 144.600557] __x64_sys_exit_group+0x47/0x50 [ 144.600911] do_syscall_64+0x3b/0x90 [ 144.601224] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.601652] RIP: 0033:0x7f4b87518a4d [ 144.601972] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.602635] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.603257] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.603839] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.604489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.605215] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.605785] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.606536] [ 144.606731] irq event stamp: 0 [ 144.606990] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.607507] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.608213] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.608996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.609500] ---[ end trace 0000000000000000 ]--- [ 144.610267] ------------[ cut here ]------------ [ 144.610671] WARNING: CPU: 0 PID: 1351 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.611514] Modules linked in: [ 144.611777] CPU: 0 PID: 1351 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.612658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.613560] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.614046] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.615633] RSP: 0018:ffff888015b67b78 EFLAGS: 00010246 [ 144.616117] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.616848] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 144.617453] RBP: ffff888015b67b98 R08: ffffed1002c3bc3e R09: ffffed1002c3bc3e [ 144.618231] R10: ffff8880161de1ef R11: ffffed1002c3bc3d R12: ffff8880161de290 [ 144.618855] R13: ffff8880161de0a8 R14: ffffffffffffffff R15: ffff888015b67c60 [ 144.619476] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.620238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.620834] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.621434] PKRU: 55555554 [ 144.621673] Call Trace: [ 144.621902] [ 144.622241] iommufd_ioas_destroy+0x53/0x70 [ 144.622640] iommufd_fops_release+0x1f7/0x370 [ 144.623038] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.623492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.623920] ? write_comp_data+0x2f/0x90 [ 144.624364] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.624911] __fput+0x26d/0xa40 [ 144.625212] ____fput+0x1e/0x30 [ 144.625510] task_work_run+0x1a4/0x2d0 [ 144.625857] ? __pfx_task_work_run+0x10/0x10 [ 144.626418] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.626866] ? switch_task_namespaces+0xa9/0xe0 [ 144.627290] do_exit+0xb17/0x2ef0 [ 144.627592] ? lock_acquire+0x427/0x4c0 [ 144.627947] ? __pfx_lock_release+0x10/0x10 [ 144.628328] ? __kasan_check_write+0x18/0x20 [ 144.628880] ? do_raw_spin_lock+0x132/0x2a0 [ 144.629260] ? __pfx_do_exit+0x10/0x10 [ 144.629604] ? debug_smp_processor_id+0x20/0x30 [ 144.630007] ? rcu_is_watching+0x19/0xb0 [ 144.630397] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.630945] ? trace_hardirqs_on+0x26/0x120 [ 144.631348] do_group_exit+0xe0/0x2b0 [ 144.631682] __x64_sys_exit_group+0x47/0x50 [ 144.632058] do_syscall_64+0x3b/0x90 [ 144.632396] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.632926] RIP: 0033:0x7f4b87518a4d [ 144.633365] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.633897] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.634586] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.635400] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.636018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.636631] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.637453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.638074] [ 144.638279] irq event stamp: 0 [ 144.638571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.639119] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.640029] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.640752] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.641380] ---[ end trace 0000000000000000 ]--- [ 144.646556] ------------[ cut here ]------------ [ 144.646987] WARNING: CPU: 0 PID: 1352 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.648066] Modules linked in: [ 144.648342] CPU: 0 PID: 1352 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.649121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.650223] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.650704] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.652245] RSP: 0018:ffff888018667bb8 EFLAGS: 00010246 [ 144.652694] RAX: 0000000000000000 RBX: ffff888011ed20a8 RCX: 0000000000000000 [ 144.653285] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 144.653877] RBP: ffff888018667bd0 R08: ffffed10023da433 R09: ffffed10023da433 [ 144.654469] R10: ffff888011ed2193 R11: ffffed10023da432 R12: ffff8880129c5800 [ 144.655073] R13: ffff888011ed21e8 R14: ffffffff8352e670 R15: ffff888018667e68 [ 144.655691] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.656365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.656854] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 144.657453] PKRU: 55555554 [ 144.657690] Call Trace: [ 144.657903] [ 144.658092] __iommufd_access_detach+0x1c2/0x2b0 [ 144.658527] iommufd_access_change_pt+0x149/0x270 [ 144.658944] iommufd_access_replace+0xb4/0x120 [ 144.659349] iommufd_test+0x3e5/0x37e0 [ 144.659677] ? lock_release+0x532/0x770 [ 144.660022] ? __might_fault+0x102/0x1b0 [ 144.660370] ? lock_acquire+0x427/0x4c0 [ 144.660715] ? __pfx_iommufd_test+0x10/0x10 [ 144.661072] ? __pfx_lock_release+0x10/0x10 [ 144.661443] ? __pfx_lock_acquire+0x10/0x10 [ 144.661812] ? write_comp_data+0x2f/0x90 [ 144.662161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.662592] ? write_comp_data+0x2f/0x90 [ 144.662945] iommufd_fops_ioctl+0x37d/0x510 [ 144.663328] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.663751] ? write_comp_data+0x2f/0x90 [ 144.664109] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.664522] __x64_sys_ioctl+0x1a3/0x230 [ 144.664919] do_syscall_64+0x3b/0x90 [ 144.665395] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.665838] RIP: 0033:0x7f4b8743ee5d [ 144.666151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.667708] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.668348] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.669021] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.669614] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.670204] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.670810] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.671422] [ 144.671618] irq event stamp: 0 [ 144.671881] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.672408] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.673109] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.673806] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.674332] ---[ end trace 0000000000000000 ]--- [ 144.677539] ------------[ cut here ]------------ [ 144.677954] WARNING: CPU: 0 PID: 1352 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.678825] Modules linked in: [ 144.679122] CPU: 0 PID: 1352 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.680017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.680964] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.681542] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.683080] RSP: 0018:ffff888018667bd0 EFLAGS: 00010246 [ 144.683688] RAX: 0000000000000000 RBX: ffff888011ed20a8 RCX: 0000000000000000 [ 144.684282] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 144.684878] RBP: ffff888018667be8 R08: ffffed10023da433 R09: ffffed10023da433 [ 144.685648] R10: ffff888011ed2193 R11: ffffed10023da432 R12: ffff888013b69800 [ 144.686243] R13: ffff888011ed21e8 R14: ffff8880144e5300 R15: 0000000000000000 [ 144.686861] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.687563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.688050] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.688650] PKRU: 55555554 [ 144.688893] Call Trace: [ 144.689111] [ 144.689305] iommufd_access_destroy_object+0x65/0x170 [ 144.689749] iommufd_object_destroy_user+0x18e/0x220 [ 144.690184] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.690688] iommufd_access_destroy+0x43/0x70 [ 144.691072] iommufd_test_staccess_release+0x8d/0xd0 [ 144.691521] __fput+0x26d/0xa40 [ 144.691819] ____fput+0x1e/0x30 [ 144.692108] task_work_run+0x1a4/0x2d0 [ 144.692445] ? __pfx_task_work_run+0x10/0x10 [ 144.692806] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.693208] ? switch_task_namespaces+0xa9/0xe0 [ 144.693597] do_exit+0xb17/0x2ef0 [ 144.693879] ? lock_acquire+0x427/0x4c0 [ 144.694209] ? __pfx_lock_release+0x10/0x10 [ 144.694584] ? __kasan_check_write+0x18/0x20 [ 144.694948] ? do_raw_spin_lock+0x132/0x2a0 [ 144.695310] ? __pfx_do_exit+0x10/0x10 [ 144.695636] ? debug_smp_processor_id+0x20/0x30 [ 144.696016] ? rcu_is_watching+0x19/0xb0 [ 144.696346] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.696720] ? trace_hardirqs_on+0x26/0x120 [ 144.697076] do_group_exit+0xe0/0x2b0 [ 144.697386] __x64_sys_exit_group+0x47/0x50 [ 144.697734] do_syscall_64+0x3b/0x90 [ 144.698043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.698465] RIP: 0033:0x7f4b87518a4d [ 144.698787] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.699288] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.699902] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.700474] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.701103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.701670] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.702237] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.702830] [ 144.703022] irq event stamp: 0 [ 144.703289] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.703795] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.704463] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.705131] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.705635] ---[ end trace 0000000000000000 ]--- [ 144.706337] ------------[ cut here ]------------ [ 144.706744] WARNING: CPU: 0 PID: 1352 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.707574] Modules linked in: [ 144.707834] CPU: 0 PID: 1352 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.708534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.709453] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.709870] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.711352] RSP: 0018:ffff888018667b78 EFLAGS: 00010246 [ 144.711785] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.712356] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 144.712928] RBP: ffff888018667b98 R08: ffffed10023da43e R09: ffffed10023da43e [ 144.713504] R10: ffff888011ed21ef R11: ffffed10023da43d R12: ffff888011ed2290 [ 144.714077] R13: ffff888011ed20a8 R14: ffffffffffffffff R15: ffff888018667c60 [ 144.714673] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.715339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.715813] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.716393] PKRU: 55555554 [ 144.716628] Call Trace: [ 144.716833] [ 144.717021] iommufd_ioas_destroy+0x53/0x70 [ 144.717384] iommufd_fops_release+0x1f7/0x370 [ 144.717754] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.718143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.718582] ? write_comp_data+0x2f/0x90 [ 144.718927] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.719358] __fput+0x26d/0xa40 [ 144.719644] ____fput+0x1e/0x30 [ 144.719922] task_work_run+0x1a4/0x2d0 [ 144.720248] ? __pfx_task_work_run+0x10/0x10 [ 144.720611] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.721011] ? switch_task_namespaces+0xa9/0xe0 [ 144.721398] do_exit+0xb17/0x2ef0 [ 144.721680] ? lock_acquire+0x427/0x4c0 [ 144.722011] ? __pfx_lock_release+0x10/0x10 [ 144.722367] ? __kasan_check_write+0x18/0x20 [ 144.722745] ? do_raw_spin_lock+0x132/0x2a0 [ 144.723098] ? __pfx_do_exit+0x10/0x10 [ 144.723433] ? debug_smp_processor_id+0x20/0x30 [ 144.723814] ? rcu_is_watching+0x19/0xb0 [ 144.724145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.724517] ? trace_hardirqs_on+0x26/0x120 [ 144.724873] do_group_exit+0xe0/0x2b0 [ 144.725182] __x64_sys_exit_group+0x47/0x50 [ 144.725528] do_syscall_64+0x3b/0x90 [ 144.725838] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.726262] RIP: 0033:0x7f4b87518a4d [ 144.726582] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.727083] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.727706] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.728279] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.728847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.729421] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.729991] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.730589] [ 144.730844] irq event stamp: 0 [ 144.731099] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.731615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.732285] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.732983] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.733487] ---[ end trace 0000000000000000 ]--- [ 144.739886] ------------[ cut here ]------------ [ 144.740379] WARNING: CPU: 1 PID: 1353 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.741309] Modules linked in: [ 144.741601] CPU: 1 PID: 1353 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.742402] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.743511] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.743979] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.745666] RSP: 0018:ffff888017837bb8 EFLAGS: 00010246 [ 144.746157] RAX: 0000000000000000 RBX: ffff8880147010a8 RCX: 0000000000000000 [ 144.746836] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 144.747496] RBP: ffff888017837bd0 R08: ffffed10028e0233 R09: ffffed10028e0233 [ 144.748151] R10: ffff888014701193 R11: ffffed10028e0232 R12: ffff888012e93000 [ 144.748810] R13: ffff8880147011e8 R14: ffffffff8352e670 R15: ffff888017837e68 [ 144.749467] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 144.750206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.750760] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 144.751430] PKRU: 55555554 [ 144.751693] Call Trace: [ 144.751932] [ 144.752143] __iommufd_access_detach+0x1c2/0x2b0 [ 144.752593] iommufd_access_change_pt+0x149/0x270 [ 144.753047] iommufd_access_replace+0xb4/0x120 [ 144.753483] iommufd_test+0x3e5/0x37e0 [ 144.753845] ? lock_release+0x532/0x770 [ 144.754231] ? __might_fault+0x102/0x1b0 [ 144.754635] ? lock_acquire+0x427/0x4c0 [ 144.755019] ? __pfx_iommufd_test+0x10/0x10 [ 144.755430] ? __pfx_lock_release+0x10/0x10 [ 144.755835] ? __pfx_lock_acquire+0x10/0x10 [ 144.756241] ? write_comp_data+0x2f/0x90 [ 144.756627] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.757081] ? write_comp_data+0x2f/0x90 [ 144.757470] iommufd_fops_ioctl+0x37d/0x510 [ 144.757878] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.758337] ? write_comp_data+0x2f/0x90 [ 144.758751] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.759229] __x64_sys_ioctl+0x1a3/0x230 [ 144.759618] do_syscall_64+0x3b/0x90 [ 144.759964] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.760443] RIP: 0033:0x7f4b8743ee5d [ 144.760785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.762435] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.763165] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.763818] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.764462] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.765105] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.765751] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.766402] [ 144.766638] irq event stamp: 0 [ 144.766934] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.767518] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.768279] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.769037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.769604] ---[ end trace 0000000000000000 ]--- [ 144.772477] ------------[ cut here ]------------ [ 144.772934] WARNING: CPU: 1 PID: 1353 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.773828] Modules linked in: [ 144.774115] CPU: 1 PID: 1353 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.774934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.775934] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.776372] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.777981] RSP: 0018:ffff888017837bd0 EFLAGS: 00010246 [ 144.778448] RAX: 0000000000000000 RBX: ffff8880147010a8 RCX: 0000000000000000 [ 144.779094] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 144.779737] RBP: ffff888017837be8 R08: ffffed10028e0233 R09: ffffed10028e0233 [ 144.780367] R10: ffff888014701193 R11: ffffed10028e0232 R12: ffff88801420fc00 [ 144.780993] R13: ffff8880147011e8 R14: ffff888013be6b00 R15: 0000000000000000 [ 144.781620] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 144.782327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.782860] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 144.783502] PKRU: 55555554 [ 144.783752] Call Trace: [ 144.783979] [ 144.784181] iommufd_access_destroy_object+0x65/0x170 [ 144.784646] iommufd_object_destroy_user+0x18e/0x220 [ 144.785103] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.785623] iommufd_access_destroy+0x43/0x70 [ 144.786032] iommufd_test_staccess_release+0x8d/0xd0 [ 144.786493] __fput+0x26d/0xa40 [ 144.786833] ____fput+0x1e/0x30 [ 144.787146] task_work_run+0x1a4/0x2d0 [ 144.787509] ? __pfx_task_work_run+0x10/0x10 [ 144.787902] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.788346] ? switch_task_namespaces+0xa9/0xe0 [ 144.788768] do_exit+0xb17/0x2ef0 [ 144.789074] ? lock_acquire+0x427/0x4c0 [ 144.789438] ? __pfx_lock_release+0x10/0x10 [ 144.789827] ? __kasan_check_write+0x18/0x20 [ 144.790219] ? do_raw_spin_lock+0x132/0x2a0 [ 144.790621] ? __pfx_do_exit+0x10/0x10 [ 144.790978] ? debug_smp_processor_id+0x20/0x30 [ 144.791407] ? rcu_is_watching+0x19/0xb0 [ 144.791769] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.792180] ? trace_hardirqs_on+0x26/0x120 [ 144.792580] do_group_exit+0xe0/0x2b0 [ 144.792924] __x64_sys_exit_group+0x47/0x50 [ 144.793314] do_syscall_64+0x3b/0x90 [ 144.793656] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.794127] RIP: 0033:0x7f4b87518a4d [ 144.794462] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.795045] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.795737] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.796366] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.796994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.797621] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.798246] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.798906] [ 144.799125] irq event stamp: 0 [ 144.799412] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.799971] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.800718] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.801450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.802005] ---[ end trace 0000000000000000 ]--- [ 144.802785] ------------[ cut here ]------------ [ 144.803206] WARNING: CPU: 1 PID: 1353 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.804102] Modules linked in: [ 144.804384] CPU: 1 PID: 1353 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.805147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.806127] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.806637] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.808143] RSP: 0018:ffff888017837b78 EFLAGS: 00010246 [ 144.808550] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.809083] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 144.809615] RBP: ffff888017837b98 R08: ffffed10028e023e R09: ffffed10028e023e [ 144.810147] R10: ffff8880147011ef R11: ffffed10028e023d R12: ffff888014701290 [ 144.810714] R13: ffff8880147010a8 R14: ffffffffffffffff R15: ffff888017837c60 [ 144.811258] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 144.811863] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.812299] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 144.812836] PKRU: 55555554 [ 144.813051] Call Trace: [ 144.813245] [ 144.813417] iommufd_ioas_destroy+0x53/0x70 [ 144.813750] iommufd_fops_release+0x1f7/0x370 [ 144.814094] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.814473] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.814863] ? write_comp_data+0x2f/0x90 [ 144.815187] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.815568] __fput+0x26d/0xa40 [ 144.815841] ____fput+0x1e/0x30 [ 144.816099] task_work_run+0x1a4/0x2d0 [ 144.816401] ? __pfx_task_work_run+0x10/0x10 [ 144.816737] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.817109] ? switch_task_namespaces+0xa9/0xe0 [ 144.817470] do_exit+0xb17/0x2ef0 [ 144.817732] ? lock_acquire+0x427/0x4c0 [ 144.818039] ? __pfx_lock_release+0x10/0x10 [ 144.818371] ? __kasan_check_write+0x18/0x20 [ 144.818725] ? do_raw_spin_lock+0x132/0x2a0 [ 144.819053] ? __pfx_do_exit+0x10/0x10 [ 144.819362] ? debug_smp_processor_id+0x20/0x30 [ 144.819720] ? rcu_is_watching+0x19/0xb0 [ 144.820025] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.820374] ? trace_hardirqs_on+0x26/0x120 [ 144.820715] do_group_exit+0xe0/0x2b0 [ 144.821010] __x64_sys_exit_group+0x47/0x50 [ 144.821341] do_syscall_64+0x3b/0x90 [ 144.821639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.822044] RIP: 0033:0x7f4b87518a4d [ 144.822330] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.822819] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.823400] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.823936] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.824465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.825002] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.825537] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.826076] [ 144.826255] irq event stamp: 0 [ 144.826494] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.826997] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.827640] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.828267] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.828740] ---[ end trace 0000000000000000 ]--- [ 144.836517] ------------[ cut here ]------------ [ 144.837423] WARNING: CPU: 0 PID: 1354 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.838877] Modules linked in: [ 144.839273] CPU: 0 PID: 1354 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.840250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.841499] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.842073] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.844142] RSP: 0018:ffff888018667bb8 EFLAGS: 00010246 [ 144.844753] RAX: 0000000000000000 RBX: ffff8880172498a8 RCX: 0000000000000000 [ 144.845547] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 144.846346] RBP: ffff888018667bd0 R08: ffffed1002e49333 R09: ffffed1002e49333 [ 144.847213] R10: ffff888017249993 R11: ffffed1002e49332 R12: ffff888013e1dc00 [ 144.848015] R13: ffff8880172499e8 R14: ffffffff8352e670 R15: ffff888018667e68 [ 144.848813] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.849712] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.850365] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 144.851259] PKRU: 55555554 [ 144.851484] Call Trace: [ 144.851683] [ 144.851866] __iommufd_access_detach+0x1c2/0x2b0 [ 144.852267] iommufd_access_change_pt+0x149/0x270 [ 144.852668] iommufd_access_replace+0xb4/0x120 [ 144.853048] iommufd_test+0x3e5/0x37e0 [ 144.853371] ? lock_release+0x532/0x770 [ 144.853706] ? __might_fault+0x102/0x1b0 [ 144.854043] ? lock_acquire+0x427/0x4c0 [ 144.854378] ? __pfx_iommufd_test+0x10/0x10 [ 144.854747] ? __pfx_lock_release+0x10/0x10 [ 144.855109] ? __pfx_lock_acquire+0x10/0x10 [ 144.855485] ? write_comp_data+0x2f/0x90 [ 144.855821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.856215] ? write_comp_data+0x2f/0x90 [ 144.856548] iommufd_fops_ioctl+0x37d/0x510 [ 144.856897] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.857292] ? write_comp_data+0x2f/0x90 [ 144.857628] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.858020] __x64_sys_ioctl+0x1a3/0x230 [ 144.858360] do_syscall_64+0x3b/0x90 [ 144.858688] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.859125] RIP: 0033:0x7f4b8743ee5d [ 144.859428] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.860870] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.861552] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.862119] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.862715] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.863292] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.863858] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.864432] [ 144.864617] irq event stamp: 0 [ 144.864871] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.865371] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.866037] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.866725] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.867246] ---[ end trace 0000000000000000 ]--- [ 144.870480] ------------[ cut here ]------------ [ 144.870903] WARNING: CPU: 0 PID: 1354 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.871733] Modules linked in: [ 144.872065] CPU: 0 PID: 1354 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.872972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.873870] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.874418] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.875939] RSP: 0018:ffff888018667bd0 EFLAGS: 00010246 [ 144.876457] RAX: 0000000000000000 RBX: ffff8880172498a8 RCX: 0000000000000000 [ 144.877028] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 144.877595] RBP: ffff888018667be8 R08: ffffed1002e49333 R09: ffffed1002e49333 [ 144.878321] R10: ffff888017249993 R11: ffffed1002e49332 R12: ffff8880129c7c00 [ 144.878928] R13: ffff8880172499e8 R14: ffff888012860800 R15: 0000000000000000 [ 144.879533] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.880373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.880856] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.881455] PKRU: 55555554 [ 144.881694] Call Trace: [ 144.881991] [ 144.882263] iommufd_access_destroy_object+0x65/0x170 [ 144.882720] iommufd_object_destroy_user+0x18e/0x220 [ 144.883172] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.883671] iommufd_access_destroy+0x43/0x70 [ 144.884152] iommufd_test_staccess_release+0x8d/0xd0 [ 144.884703] __fput+0x26d/0xa40 [ 144.885013] ____fput+0x1e/0x30 [ 144.885312] task_work_run+0x1a4/0x2d0 [ 144.885664] ? __pfx_task_work_run+0x10/0x10 [ 144.886129] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.886645] ? switch_task_namespaces+0xa9/0xe0 [ 144.887067] do_exit+0xb17/0x2ef0 [ 144.887379] ? lock_acquire+0x427/0x4c0 [ 144.887735] ? __pfx_lock_release+0x10/0x10 [ 144.888118] ? __kasan_check_write+0x18/0x20 [ 144.888668] ? do_raw_spin_lock+0x132/0x2a0 [ 144.889046] ? __pfx_do_exit+0x10/0x10 [ 144.889393] ? debug_smp_processor_id+0x20/0x30 [ 144.889797] ? rcu_is_watching+0x19/0xb0 [ 144.890202] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.890714] ? trace_hardirqs_on+0x26/0x120 [ 144.891094] do_group_exit+0xe0/0x2b0 [ 144.891441] __x64_sys_exit_group+0x47/0x50 [ 144.891815] do_syscall_64+0x3b/0x90 [ 144.892146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.892774] RIP: 0033:0x7f4b87518a4d [ 144.893169] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.893694] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.894376] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.895141] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.895764] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.896384] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.897201] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.897838] [ 144.898045] irq event stamp: 0 [ 144.898321] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.899077] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.899826] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.900556] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.901387] ---[ end trace 0000000000000000 ]--- [ 144.902204] ------------[ cut here ]------------ [ 144.902672] WARNING: CPU: 0 PID: 1354 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 144.903849] Modules linked in: [ 144.904156] CPU: 0 PID: 1354 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.904977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.906255] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 144.906779] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 144.908736] RSP: 0018:ffff888018667b78 EFLAGS: 00010246 [ 144.909237] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 144.909977] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 144.910793] RBP: ffff888018667b98 R08: ffffed1002e4933e R09: ffffed1002e4933e [ 144.911491] R10: ffff8880172499ef R11: ffffed1002e4933d R12: ffff888017249a90 [ 144.912202] R13: ffff8880172498a8 R14: ffffffffffffffff R15: ffff888018667c60 [ 144.913054] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.913815] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.914448] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 144.915292] PKRU: 55555554 [ 144.915569] Call Trace: [ 144.915815] [ 144.916030] iommufd_ioas_destroy+0x53/0x70 [ 144.916455] iommufd_fops_release+0x1f7/0x370 [ 144.917103] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.917592] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.918071] ? write_comp_data+0x2f/0x90 [ 144.918477] ? __pfx_iommufd_fops_release+0x10/0x10 [ 144.919236] __fput+0x26d/0xa40 [ 144.919580] ____fput+0x1e/0x30 [ 144.919902] task_work_run+0x1a4/0x2d0 [ 144.920284] ? __pfx_task_work_run+0x10/0x10 [ 144.920756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.921369] ? switch_task_namespaces+0xa9/0xe0 [ 144.922069] do_exit+0xb17/0x2ef0 [ 144.922439] ? lock_acquire+0x427/0x4c0 [ 144.922888] ? __pfx_lock_release+0x10/0x10 [ 144.923354] ? __kasan_check_write+0x18/0x20 [ 144.923868] ? do_raw_spin_lock+0x132/0x2a0 [ 144.924507] ? __pfx_do_exit+0x10/0x10 [ 144.925001] ? debug_smp_processor_id+0x20/0x30 [ 144.925493] ? rcu_is_watching+0x19/0xb0 [ 144.925953] ? _raw_spin_unlock_irq+0x2b/0x60 [ 144.926677] ? trace_hardirqs_on+0x26/0x120 [ 144.927161] do_group_exit+0xe0/0x2b0 [ 144.927570] __x64_sys_exit_group+0x47/0x50 [ 144.928028] do_syscall_64+0x3b/0x90 [ 144.928433] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.929192] RIP: 0033:0x7f4b87518a4d [ 144.929585] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 144.930235] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 144.931319] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 144.932057] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 144.932794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 144.933669] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 144.934595] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 144.935371] [ 144.935622] irq event stamp: 0 [ 144.936004] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.936837] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.937713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.938851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.939546] ---[ end trace 0000000000000000 ]--- [ 144.943951] ------------[ cut here ]------------ [ 144.944655] WARNING: CPU: 1 PID: 1355 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.945696] Modules linked in: [ 144.946037] CPU: 1 PID: 1355 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.947279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.948456] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.948983] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.951129] RSP: 0018:ffff888021957bb8 EFLAGS: 00010246 [ 144.951705] RAX: 0000000000000000 RBX: ffff8880183f58a8 RCX: 0000000000000000 [ 144.952648] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 144.953393] RBP: ffff888021957bd0 R08: ffffed100307eb33 R09: ffffed100307eb33 [ 144.954138] R10: ffff8880183f5993 R11: ffffed100307eb32 R12: ffff88801341cc00 [ 144.955121] R13: ffff8880183f59e8 R14: ffffffff8352e670 R15: ffff888021957e68 [ 144.955890] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 144.956761] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.957582] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 144.958332] PKRU: 55555554 [ 144.958675] Call Trace: [ 144.958955] [ 144.959223] __iommufd_access_detach+0x1c2/0x2b0 [ 144.959751] iommufd_access_change_pt+0x149/0x270 [ 144.960483] iommufd_access_replace+0xb4/0x120 [ 144.960984] iommufd_test+0x3e5/0x37e0 [ 144.961396] ? lock_release+0x532/0x770 [ 144.961827] ? __might_fault+0x102/0x1b0 [ 144.962300] ? lock_acquire+0x427/0x4c0 [ 144.962932] ? __pfx_iommufd_test+0x10/0x10 [ 144.963408] ? __pfx_lock_release+0x10/0x10 [ 144.963880] ? __pfx_lock_acquire+0x10/0x10 [ 144.964358] ? write_comp_data+0x2f/0x90 [ 144.964777] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 144.965495] ? write_comp_data+0x2f/0x90 [ 144.965941] iommufd_fops_ioctl+0x37d/0x510 [ 144.966422] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.966978] ? write_comp_data+0x2f/0x90 [ 144.967435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 144.968031] __x64_sys_ioctl+0x1a3/0x230 [ 144.968579] do_syscall_64+0x3b/0x90 [ 144.968978] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 144.969528] RIP: 0033:0x7f4b8743ee5d [ 144.969936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 144.971893] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 144.972696] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 144.973442] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 144.974192] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 144.974977] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 144.975742] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 144.976500] [ 144.976749] irq event stamp: 0 [ 144.977084] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 144.977749] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 144.978670] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 144.979568] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 144.980241] ---[ end trace 0000000000000000 ]--- [ 144.983847] ------------[ cut here ]------------ [ 144.984422] WARNING: CPU: 0 PID: 1355 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 144.985491] Modules linked in: [ 144.985835] CPU: 0 PID: 1355 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 144.986769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 144.987970] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 144.988502] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 144.990475] RSP: 0018:ffff888021957bd0 EFLAGS: 00010246 [ 144.991076] RAX: 0000000000000000 RBX: ffff8880183f58a8 RCX: 0000000000000000 [ 144.991840] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 144.992584] RBP: ffff888021957be8 R08: ffffed100307eb33 R09: ffffed100307eb33 [ 144.993330] R10: ffff8880183f5993 R11: ffffed100307eb32 R12: ffff888012e93c00 [ 144.994071] R13: ffff8880183f59e8 R14: ffff888012ba4b00 R15: 0000000000000000 [ 144.994842] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 144.995703] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.996312] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 144.997058] PKRU: 55555554 [ 144.997360] Call Trace: [ 144.997627] [ 144.997866] iommufd_access_destroy_object+0x65/0x170 [ 144.998413] iommufd_object_destroy_user+0x18e/0x220 [ 144.998984] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 144.999619] iommufd_access_destroy+0x43/0x70 [ 145.000100] iommufd_test_staccess_release+0x8d/0xd0 [ 145.000641] __fput+0x26d/0xa40 [ 145.001006] ____fput+0x1e/0x30 [ 145.001360] task_work_run+0x1a4/0x2d0 [ 145.001781] ? __pfx_task_work_run+0x10/0x10 [ 145.002250] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.002794] ? switch_task_namespaces+0xa9/0xe0 [ 145.003333] do_exit+0xb17/0x2ef0 [ 145.003698] ? lock_acquire+0x427/0x4c0 [ 145.004122] ? __pfx_lock_release+0x10/0x10 [ 145.004578] ? __kasan_check_write+0x18/0x20 [ 145.005051] ? do_raw_spin_lock+0x132/0x2a0 [ 145.005508] ? __pfx_do_exit+0x10/0x10 [ 145.005925] ? debug_smp_processor_id+0x20/0x30 [ 145.006422] ? rcu_is_watching+0x19/0xb0 [ 145.006884] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.007382] ? trace_hardirqs_on+0x26/0x120 [ 145.007857] do_group_exit+0xe0/0x2b0 [ 145.008269] __x64_sys_exit_group+0x47/0x50 [ 145.008728] do_syscall_64+0x3b/0x90 [ 145.009132] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.009679] RIP: 0033:0x7f4b87518a4d [ 145.010073] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.010748] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.011565] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.012307] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.013056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.013809] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.014602] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.015380] [ 145.015628] irq event stamp: 0 [ 145.015962] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.016623] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.017490] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.018360] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.019056] ---[ end trace 0000000000000000 ]--- [ 145.020320] ------------[ cut here ]------------ [ 145.020832] WARNING: CPU: 0 PID: 1355 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.021976] Modules linked in: [ 145.022313] CPU: 0 PID: 1355 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.023320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.024504] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.025046] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.026991] RSP: 0018:ffff888021957b78 EFLAGS: 00010246 [ 145.027572] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.028333] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 145.029095] RBP: ffff888021957b98 R08: ffffed100307eb3e R09: ffffed100307eb3e [ 145.029849] R10: ffff8880183f59ef R11: ffffed100307eb3d R12: ffff8880183f5a90 [ 145.030626] R13: ffff8880183f58a8 R14: ffffffffffffffff R15: ffff888021957c60 [ 145.031403] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.032223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.032813] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 145.033554] PKRU: 55555554 [ 145.033854] Call Trace: [ 145.034119] [ 145.034355] iommufd_ioas_destroy+0x53/0x70 [ 145.034844] iommufd_fops_release+0x1f7/0x370 [ 145.035357] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.035876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.036384] ? write_comp_data+0x2f/0x90 [ 145.036814] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.037329] __fput+0x26d/0xa40 [ 145.037682] ____fput+0x1e/0x30 [ 145.038031] task_work_run+0x1a4/0x2d0 [ 145.038436] ? __pfx_task_work_run+0x10/0x10 [ 145.038925] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.039445] ? switch_task_namespaces+0xa9/0xe0 [ 145.039931] do_exit+0xb17/0x2ef0 [ 145.040290] ? lock_acquire+0x427/0x4c0 [ 145.040708] ? __pfx_lock_release+0x10/0x10 [ 145.041164] ? __kasan_check_write+0x18/0x20 [ 145.041629] ? do_raw_spin_lock+0x132/0x2a0 [ 145.042078] ? __pfx_do_exit+0x10/0x10 [ 145.042499] ? debug_smp_processor_id+0x20/0x30 [ 145.043013] ? rcu_is_watching+0x19/0xb0 [ 145.043452] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.043925] ? trace_hardirqs_on+0x26/0x120 [ 145.044370] do_group_exit+0xe0/0x2b0 [ 145.044764] __x64_sys_exit_group+0x47/0x50 [ 145.045205] do_syscall_64+0x3b/0x90 [ 145.045601] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.046147] RIP: 0033:0x7f4b87518a4d [ 145.046567] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.047208] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.047976] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.048702] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.049434] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.050151] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.050922] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.051702] [ 145.051943] irq event stamp: 0 [ 145.052266] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.052914] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.053851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.054725] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.055381] ---[ end trace 0000000000000000 ]--- [ 145.060018] ------------[ cut here ]------------ [ 145.060567] WARNING: CPU: 0 PID: 1356 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.061587] Modules linked in: [ 145.061911] CPU: 0 PID: 1356 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.062850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.064030] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.064547] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.066403] RSP: 0018:ffff888023d2fbb8 EFLAGS: 00010246 [ 145.066981] RAX: 0000000000000000 RBX: ffff888023dec8a8 RCX: 0000000000000000 [ 145.067730] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 145.068450] RBP: ffff888023d2fbd0 R08: ffffed10047bd933 R09: ffffed10047bd933 [ 145.069179] R10: ffff888023dec993 R11: ffffed10047bd932 R12: ffff888014240000 [ 145.069915] R13: ffff888023dec9e8 R14: ffffffff8352e670 R15: ffff888023d2fe68 [ 145.070687] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.071532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.072122] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 145.072849] PKRU: 55555554 [ 145.073144] Call Trace: [ 145.073414] [ 145.073652] __iommufd_access_detach+0x1c2/0x2b0 [ 145.074160] iommufd_access_change_pt+0x149/0x270 [ 145.074707] iommufd_access_replace+0xb4/0x120 [ 145.075216] iommufd_test+0x3e5/0x37e0 [ 145.075629] ? lock_release+0x532/0x770 [ 145.076050] ? __might_fault+0x102/0x1b0 [ 145.076479] ? lock_acquire+0x427/0x4c0 [ 145.076912] ? __pfx_iommufd_test+0x10/0x10 [ 145.077364] ? __pfx_lock_release+0x10/0x10 [ 145.077822] ? __pfx_lock_acquire+0x10/0x10 [ 145.078284] ? write_comp_data+0x2f/0x90 [ 145.078759] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.079283] ? write_comp_data+0x2f/0x90 [ 145.079720] iommufd_fops_ioctl+0x37d/0x510 [ 145.080175] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.080682] ? write_comp_data+0x2f/0x90 [ 145.081108] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.081610] __x64_sys_ioctl+0x1a3/0x230 [ 145.082045] do_syscall_64+0x3b/0x90 [ 145.082440] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.083020] RIP: 0033:0x7f4b8743ee5d [ 145.083414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.085403] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.086199] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.086967] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.087761] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.088500] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.089235] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.089995] [ 145.090249] irq event stamp: 0 [ 145.090615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.091286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.092169] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.093699] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.094368] ---[ end trace 0000000000000000 ]--- [ 145.097787] ------------[ cut here ]------------ [ 145.098300] WARNING: CPU: 0 PID: 1356 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.099462] Modules linked in: [ 145.099807] CPU: 0 PID: 1356 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.101014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.102195] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.102796] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.105032] RSP: 0018:ffff888023d2fbd0 EFLAGS: 00010246 [ 145.105602] RAX: 0000000000000000 RBX: ffff888023dec8a8 RCX: 0000000000000000 [ 145.106428] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 145.107339] RBP: ffff888023d2fbe8 R08: ffffed10047bd933 R09: ffffed10047bd933 [ 145.108087] R10: ffff888023dec993 R11: ffffed10047bd932 R12: ffff888013e1cc00 [ 145.108951] R13: ffff888023dec9e8 R14: ffff88800fd04c00 R15: 0000000000000000 [ 145.109881] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.110751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.111426] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.112423] PKRU: 55555554 [ 145.112713] Call Trace: [ 145.112976] [ 145.113209] iommufd_access_destroy_object+0x65/0x170 [ 145.113974] iommufd_object_destroy_user+0x18e/0x220 [ 145.114541] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.115184] iommufd_access_destroy+0x43/0x70 [ 145.115653] iommufd_test_staccess_release+0x8d/0xd0 [ 145.116267] __fput+0x26d/0xa40 [ 145.116800] ____fput+0x1e/0x30 [ 145.117250] task_work_run+0x1a4/0x2d0 [ 145.117676] ? __pfx_task_work_run+0x10/0x10 [ 145.118155] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.118960] ? switch_task_namespaces+0xa9/0xe0 [ 145.119488] do_exit+0xb17/0x2ef0 [ 145.119860] ? lock_acquire+0x427/0x4c0 [ 145.120291] ? __pfx_lock_release+0x10/0x10 [ 145.120770] ? __kasan_check_write+0x18/0x20 [ 145.121501] ? do_raw_spin_lock+0x132/0x2a0 [ 145.121975] ? __pfx_do_exit+0x10/0x10 [ 145.122405] ? debug_smp_processor_id+0x20/0x30 [ 145.122952] ? rcu_is_watching+0x19/0xb0 [ 145.123409] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.124138] ? trace_hardirqs_on+0x26/0x120 [ 145.124607] do_group_exit+0xe0/0x2b0 [ 145.125020] __x64_sys_exit_group+0x47/0x50 [ 145.125479] do_syscall_64+0x3b/0x90 [ 145.125963] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.126657] RIP: 0033:0x7f4b87518a4d [ 145.127065] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.127731] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.128625] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.129508] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.130263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.131387] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.132156] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.132927] [ 145.133182] irq event stamp: 0 [ 145.133822] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.134495] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.135453] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.136632] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.137320] ---[ end trace 0000000000000000 ]--- [ 145.138223] ------------[ cut here ]------------ [ 145.138924] WARNING: CPU: 0 PID: 1356 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.140051] Modules linked in: [ 145.140402] CPU: 0 PID: 1356 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.141638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.142880] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.143556] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.145715] RSP: 0018:ffff888023d2fb78 EFLAGS: 00010246 [ 145.146546] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.147320] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 145.148085] RBP: ffff888023d2fb98 R08: ffffed10047bd93e R09: ffffed10047bd93e [ 145.149209] R10: ffff888023dec9ef R11: ffffed10047bd93d R12: ffff888023deca90 [ 145.149979] R13: ffff888023dec8a8 R14: ffffffffffffffff R15: ffff888023d2fc60 [ 145.151002] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.151887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.152511] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.153328] PKRU: 55555554 [ 145.153837] Call Trace: [ 145.154116] [ 145.154358] iommufd_ioas_destroy+0x53/0x70 [ 145.154861] iommufd_fops_release+0x1f7/0x370 [ 145.155367] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.155965] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.156635] ? write_comp_data+0x2f/0x90 [ 145.157083] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.157627] __fput+0x26d/0xa40 [ 145.158028] ____fput+0x1e/0x30 [ 145.158574] task_work_run+0x1a4/0x2d0 [ 145.159008] ? __pfx_task_work_run+0x10/0x10 [ 145.159499] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.160032] ? switch_task_namespaces+0xa9/0xe0 [ 145.160610] do_exit+0xb17/0x2ef0 [ 145.161162] ? lock_acquire+0x427/0x4c0 [ 145.161607] ? __pfx_lock_release+0x10/0x10 [ 145.162072] ? __kasan_check_write+0x18/0x20 [ 145.162582] ? do_raw_spin_lock+0x132/0x2a0 [ 145.163056] ? __pfx_do_exit+0x10/0x10 [ 145.163628] ? debug_smp_processor_id+0x20/0x30 [ 145.164280] ? rcu_is_watching+0x19/0xb0 [ 145.164731] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.165225] ? trace_hardirqs_on+0x26/0x120 [ 145.165812] do_group_exit+0xe0/0x2b0 [ 145.166344] __x64_sys_exit_group+0x47/0x50 [ 145.166840] do_syscall_64+0x3b/0x90 [ 145.167268] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.167836] RIP: 0033:0x7f4b87518a4d [ 145.168271] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.169161] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.169982] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.170771] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.171558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.172321] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.173082] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.173861] [ 145.174111] irq event stamp: 0 [ 145.174450] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.175177] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.176077] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.176964] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.177638] ---[ end trace 0000000000000000 ]--- [ 145.183246] ------------[ cut here ]------------ [ 145.183816] WARNING: CPU: 0 PID: 1357 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.184894] Modules linked in: [ 145.185238] CPU: 0 PID: 1357 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.186172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.187475] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.188017] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.189979] RSP: 0018:ffff888020aefbb8 EFLAGS: 00010246 [ 145.190585] RAX: 0000000000000000 RBX: ffff888017a910a8 RCX: 0000000000000000 [ 145.191371] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 145.192149] RBP: ffff888020aefbd0 R08: ffffed1002f52233 R09: ffffed1002f52233 [ 145.192916] R10: ffff888017a91193 R11: ffffed1002f52232 R12: ffff888010e03400 [ 145.193678] R13: ffff888017a911e8 R14: ffffffff8352e670 R15: ffff888020aefe68 [ 145.194440] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.195365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.195994] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 145.196763] PKRU: 55555554 [ 145.197070] Call Trace: [ 145.197346] [ 145.197590] __iommufd_access_detach+0x1c2/0x2b0 [ 145.198123] iommufd_access_change_pt+0x149/0x270 [ 145.198671] iommufd_access_replace+0xb4/0x120 [ 145.199185] iommufd_test+0x3e5/0x37e0 [ 145.199610] ? lock_release+0x532/0x770 [ 145.200041] ? __might_fault+0x102/0x1b0 [ 145.200480] ? lock_acquire+0x427/0x4c0 [ 145.200912] ? __pfx_iommufd_test+0x10/0x10 [ 145.201378] ? __pfx_lock_release+0x10/0x10 [ 145.201853] ? __pfx_lock_acquire+0x10/0x10 [ 145.202322] ? write_comp_data+0x2f/0x90 [ 145.202804] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.203349] ? write_comp_data+0x2f/0x90 [ 145.203790] iommufd_fops_ioctl+0x37d/0x510 [ 145.204247] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.204774] ? write_comp_data+0x2f/0x90 [ 145.205216] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.205723] __x64_sys_ioctl+0x1a3/0x230 [ 145.206164] do_syscall_64+0x3b/0x90 [ 145.206599] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.207173] RIP: 0033:0x7f4b8743ee5d [ 145.207568] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.209478] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.210280] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.211051] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.211819] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.212573] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.213407] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.214161] [ 145.214407] irq event stamp: 0 [ 145.214763] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.215444] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.216326] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.217202] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.217868] ---[ end trace 0000000000000000 ]--- [ 145.221124] ------------[ cut here ]------------ [ 145.221658] WARNING: CPU: 0 PID: 1357 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.222752] Modules linked in: [ 145.223096] CPU: 0 PID: 1357 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.224035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.225157] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.225631] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.227427] RSP: 0018:ffff888020aefbd0 EFLAGS: 00010246 [ 145.227955] RAX: 0000000000000000 RBX: ffff888017a910a8 RCX: 0000000000000000 [ 145.228651] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 145.229343] RBP: ffff888020aefbe8 R08: ffffed1002f52233 R09: ffffed1002f52233 [ 145.230031] R10: ffff888017a91193 R11: ffffed1002f52232 R12: ffff888014243000 [ 145.230741] R13: ffff888017a911e8 R14: ffff888015bb6100 R15: 0000000000000000 [ 145.231452] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.232234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.232809] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.233502] PKRU: 55555554 [ 145.233780] Call Trace: [ 145.234029] [ 145.234255] iommufd_access_destroy_object+0x65/0x170 [ 145.234791] iommufd_object_destroy_user+0x18e/0x220 [ 145.235308] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.235886] iommufd_access_destroy+0x43/0x70 [ 145.236344] iommufd_test_staccess_release+0x8d/0xd0 [ 145.236849] __fput+0x26d/0xa40 [ 145.237189] ____fput+0x1e/0x30 [ 145.237519] task_work_run+0x1a4/0x2d0 [ 145.237911] ? __pfx_task_work_run+0x10/0x10 [ 145.238355] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.238878] ? switch_task_namespaces+0xa9/0xe0 [ 145.239368] do_exit+0xb17/0x2ef0 [ 145.239716] ? lock_acquire+0x427/0x4c0 [ 145.240119] ? __pfx_lock_release+0x10/0x10 [ 145.240549] ? __kasan_check_write+0x18/0x20 [ 145.240986] ? do_raw_spin_lock+0x132/0x2a0 [ 145.241409] ? __pfx_do_exit+0x10/0x10 [ 145.241799] ? debug_smp_processor_id+0x20/0x30 [ 145.242263] ? rcu_is_watching+0x19/0xb0 [ 145.242686] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.243151] ? trace_hardirqs_on+0x26/0x120 [ 145.243584] do_group_exit+0xe0/0x2b0 [ 145.243960] __x64_sys_exit_group+0x47/0x50 [ 145.244373] do_syscall_64+0x3b/0x90 [ 145.244744] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.245333] RIP: 0033:0x7f4b87518a4d [ 145.245699] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.246291] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.247039] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.247746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.248437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.249122] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.249806] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.250527] [ 145.250755] irq event stamp: 0 [ 145.251066] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.251685] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.252496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.253304] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.253907] ---[ end trace 0000000000000000 ]--- [ 145.254759] ------------[ cut here ]------------ [ 145.255222] WARNING: CPU: 0 PID: 1357 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.256194] Modules linked in: [ 145.256505] CPU: 0 PID: 1357 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.257343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.258410] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.258919] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.260678] RSP: 0018:ffff888020aefb78 EFLAGS: 00010246 [ 145.261199] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.261879] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 145.262586] RBP: ffff888020aefb98 R08: ffffed1002f5223e R09: ffffed1002f5223e [ 145.263275] R10: ffff888017a911ef R11: ffffed1002f5223d R12: ffff888017a91290 [ 145.263960] R13: ffff888017a910a8 R14: ffffffffffffffff R15: ffff888020aefc60 [ 145.264660] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.265430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.265975] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.266674] PKRU: 55555554 [ 145.266951] Call Trace: [ 145.267219] [ 145.267440] iommufd_ioas_destroy+0x53/0x70 [ 145.267872] iommufd_fops_release+0x1f7/0x370 [ 145.268315] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.268796] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.269269] ? write_comp_data+0x2f/0x90 [ 145.269667] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.270141] __fput+0x26d/0xa40 [ 145.270470] ____fput+0x1e/0x30 [ 145.270815] task_work_run+0x1a4/0x2d0 [ 145.271213] ? __pfx_task_work_run+0x10/0x10 [ 145.271646] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.272121] ? switch_task_namespaces+0xa9/0xe0 [ 145.272574] do_exit+0xb17/0x2ef0 [ 145.272904] ? lock_acquire+0x427/0x4c0 [ 145.273290] ? __pfx_lock_release+0x10/0x10 [ 145.273706] ? __kasan_check_write+0x18/0x20 [ 145.274125] ? do_raw_spin_lock+0x132/0x2a0 [ 145.274562] ? __pfx_do_exit+0x10/0x10 [ 145.274943] ? debug_smp_processor_id+0x20/0x30 [ 145.275397] ? rcu_is_watching+0x19/0xb0 [ 145.275781] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.276212] ? trace_hardirqs_on+0x26/0x120 [ 145.276630] do_group_exit+0xe0/0x2b0 [ 145.277052] __x64_sys_exit_group+0x47/0x50 [ 145.277463] do_syscall_64+0x3b/0x90 [ 145.277831] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.278338] RIP: 0033:0x7f4b87518a4d [ 145.278722] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.279336] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.280069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.280753] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.281429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.282098] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.282788] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.283480] [ 145.283704] irq event stamp: 0 [ 145.284005] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.284587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.285355] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.286116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.286717] ---[ end trace 0000000000000000 ]--- [ 145.290999] ------------[ cut here ]------------ [ 145.291474] WARNING: CPU: 0 PID: 1358 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.292349] Modules linked in: [ 145.292629] CPU: 0 PID: 1358 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.293378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.294366] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.294821] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.296409] RSP: 0018:ffff888011e0fbb8 EFLAGS: 00010246 [ 145.296858] RAX: 0000000000000000 RBX: ffff88801609f8a8 RCX: 0000000000000000 [ 145.297463] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 145.298065] RBP: ffff888011e0fbd0 R08: ffffed1002c13f33 R09: ffffed1002c13f33 [ 145.298700] R10: ffff88801609f993 R11: ffffed1002c13f32 R12: ffff888013b17000 [ 145.299313] R13: ffff88801609f9e8 R14: ffffffff8352e670 R15: ffff888011e0fe68 [ 145.299917] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.300596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.301088] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 145.301691] PKRU: 55555554 [ 145.301932] Call Trace: [ 145.302150] [ 145.302342] __iommufd_access_detach+0x1c2/0x2b0 [ 145.302771] iommufd_access_change_pt+0x149/0x270 [ 145.303202] iommufd_access_replace+0xb4/0x120 [ 145.303602] iommufd_test+0x3e5/0x37e0 [ 145.303936] ? lock_release+0x532/0x770 [ 145.304286] ? __might_fault+0x102/0x1b0 [ 145.304643] ? lock_acquire+0x427/0x4c0 [ 145.304992] ? __pfx_iommufd_test+0x10/0x10 [ 145.305359] ? __pfx_lock_release+0x10/0x10 [ 145.305735] ? __pfx_lock_acquire+0x10/0x10 [ 145.306110] ? write_comp_data+0x2f/0x90 [ 145.306467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.306899] ? write_comp_data+0x2f/0x90 [ 145.307976] iommufd_fops_ioctl+0x37d/0x510 [ 145.308509] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.309092] ? write_comp_data+0x2f/0x90 [ 145.309598] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.310180] __x64_sys_ioctl+0x1a3/0x230 [ 145.310742] do_syscall_64+0x3b/0x90 [ 145.311243] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.311868] RIP: 0033:0x7f4b8743ee5d [ 145.312295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.314340] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.315429] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.316046] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.316638] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.317230] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.317825] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.318427] [ 145.318639] irq event stamp: 0 [ 145.318905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.319451] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.320149] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.320843] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.321367] ---[ end trace 0000000000000000 ]--- [ 145.324152] ------------[ cut here ]------------ [ 145.324573] WARNING: CPU: 0 PID: 1358 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.325422] Modules linked in: [ 145.325692] CPU: 0 PID: 1358 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.326422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.327390] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.327806] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.329328] RSP: 0018:ffff888011e0fbd0 EFLAGS: 00010246 [ 145.329770] RAX: 0000000000000000 RBX: ffff88801609f8a8 RCX: 0000000000000000 [ 145.330364] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 145.330981] RBP: ffff888011e0fbe8 R08: ffffed1002c13f33 R09: ffffed1002c13f33 [ 145.331601] R10: ffff88801609f993 R11: ffffed1002c13f32 R12: ffff888010e03c00 [ 145.332200] R13: ffff88801609f9e8 R14: ffff888012b9b200 R15: 0000000000000000 [ 145.332797] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.333473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.333959] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.334578] PKRU: 55555554 [ 145.334820] Call Trace: [ 145.335036] [ 145.335238] iommufd_access_destroy_object+0x65/0x170 [ 145.335680] iommufd_object_destroy_user+0x18e/0x220 [ 145.336114] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.336611] iommufd_access_destroy+0x43/0x70 [ 145.337001] iommufd_test_staccess_release+0x8d/0xd0 [ 145.337444] __fput+0x26d/0xa40 [ 145.337737] ____fput+0x1e/0x30 [ 145.338030] task_work_run+0x1a4/0x2d0 [ 145.338371] ? __pfx_task_work_run+0x10/0x10 [ 145.338765] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.339197] ? switch_task_namespaces+0xa9/0xe0 [ 145.339607] do_exit+0xb17/0x2ef0 [ 145.339906] ? lock_acquire+0x427/0x4c0 [ 145.340252] ? __pfx_lock_release+0x10/0x10 [ 145.340623] ? __kasan_check_write+0x18/0x20 [ 145.341078] ? do_raw_spin_lock+0x132/0x2a0 [ 145.341450] ? __pfx_do_exit+0x10/0x10 [ 145.341784] ? debug_smp_processor_id+0x20/0x30 [ 145.342180] ? rcu_is_watching+0x19/0xb0 [ 145.342536] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.342918] ? trace_hardirqs_on+0x26/0x120 [ 145.343290] do_group_exit+0xe0/0x2b0 [ 145.343612] __x64_sys_exit_group+0x47/0x50 [ 145.343970] do_syscall_64+0x3b/0x90 [ 145.344288] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.344726] RIP: 0033:0x7f4b87518a4d [ 145.345034] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.345547] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.346173] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.346789] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.347393] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.347987] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.348701] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.349464] [ 145.349662] irq event stamp: 0 [ 145.349924] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.350495] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.351327] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.352012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.352714] ---[ end trace 0000000000000000 ]--- [ 145.353449] ------------[ cut here ]------------ [ 145.353841] WARNING: CPU: 0 PID: 1358 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.354884] Modules linked in: [ 145.355178] CPU: 0 PID: 1358 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.355909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.357032] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.357460] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.359399] RSP: 0018:ffff888011e0fb78 EFLAGS: 00010246 [ 145.359848] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.360523] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 145.361223] RBP: ffff888011e0fb98 R08: ffffed1002c13f3e R09: ffffed1002c13f3e [ 145.361808] R10: ffff88801609f9ef R11: ffffed1002c13f3d R12: ffff88801609fa90 [ 145.362604] R13: ffff88801609f8a8 R14: ffffffffffffffff R15: ffff888011e0fc60 [ 145.363209] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.363867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.364527] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.365114] PKRU: 55555554 [ 145.365346] Call Trace: [ 145.365561] [ 145.365752] iommufd_ioas_destroy+0x53/0x70 [ 145.366294] iommufd_fops_release+0x1f7/0x370 [ 145.366696] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.367118] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.367526] ? write_comp_data+0x2f/0x90 [ 145.367864] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.368348] __fput+0x26d/0xa40 [ 145.368734] ____fput+0x1e/0x30 [ 145.369011] task_work_run+0x1a4/0x2d0 [ 145.369339] ? __pfx_task_work_run+0x10/0x10 [ 145.369702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.370267] ? switch_task_namespaces+0xa9/0xe0 [ 145.370675] do_exit+0xb17/0x2ef0 [ 145.370962] ? lock_acquire+0x427/0x4c0 [ 145.371300] ? __pfx_lock_release+0x10/0x10 [ 145.371667] ? __kasan_check_write+0x18/0x20 [ 145.372194] ? do_raw_spin_lock+0x132/0x2a0 [ 145.372706] ? __pfx_do_exit+0x10/0x10 [ 145.373040] ? debug_smp_processor_id+0x20/0x30 [ 145.373428] ? rcu_is_watching+0x19/0xb0 [ 145.373805] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.374323] ? trace_hardirqs_on+0x26/0x120 [ 145.374719] do_group_exit+0xe0/0x2b0 [ 145.375036] __x64_sys_exit_group+0x47/0x50 [ 145.375403] do_syscall_64+0x3b/0x90 [ 145.375716] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.376238] RIP: 0033:0x7f4b87518a4d [ 145.376666] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.377169] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.377874] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.378601] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.379197] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.379814] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.380509] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.381104] [ 145.381298] irq event stamp: 0 [ 145.381643] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.382264] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.382978] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.383760] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.384381] ---[ end trace 0000000000000000 ]--- [ 145.388789] ------------[ cut here ]------------ [ 145.389204] WARNING: CPU: 0 PID: 1359 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.390245] Modules linked in: [ 145.390706] CPU: 0 PID: 1359 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.391454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.392602] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.393027] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.394764] RSP: 0018:ffff888013eefbb8 EFLAGS: 00010246 [ 145.395222] RAX: 0000000000000000 RBX: ffff8880165328a8 RCX: 0000000000000000 [ 145.396005] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 145.396605] RBP: ffff888013eefbd0 R08: ffffed1002ca6533 R09: ffffed1002ca6533 [ 145.397199] R10: ffff888016532993 R11: ffffed1002ca6532 R12: ffff88801853a800 [ 145.397985] R13: ffff8880165329e8 R14: ffffffff8352e670 R15: ffff888013eefe68 [ 145.398618] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.399301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.399984] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 145.400586] PKRU: 55555554 [ 145.400831] Call Trace: [ 145.401049] [ 145.401240] __iommufd_access_detach+0x1c2/0x2b0 [ 145.401863] iommufd_access_change_pt+0x149/0x270 [ 145.402283] iommufd_access_replace+0xb4/0x120 [ 145.402703] iommufd_test+0x3e5/0x37e0 [ 145.403052] ? lock_release+0x532/0x770 [ 145.403407] ? __might_fault+0x102/0x1b0 [ 145.403839] ? lock_acquire+0x427/0x4c0 [ 145.404289] ? __pfx_iommufd_test+0x10/0x10 [ 145.404649] ? __pfx_lock_release+0x10/0x10 [ 145.405016] ? __pfx_lock_acquire+0x10/0x10 [ 145.405426] ? write_comp_data+0x2f/0x90 [ 145.405897] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.406310] ? write_comp_data+0x2f/0x90 [ 145.406679] iommufd_fops_ioctl+0x37d/0x510 [ 145.407045] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.407482] ? write_comp_data+0x2f/0x90 [ 145.407982] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.408393] __x64_sys_ioctl+0x1a3/0x230 [ 145.408754] do_syscall_64+0x3b/0x90 [ 145.409083] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.409721] RIP: 0033:0x7f4b8743ee5d [ 145.410042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.411718] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.412298] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.412837] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.413524] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.414060] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.414617] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.415229] [ 145.415500] irq event stamp: 0 [ 145.415741] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.416217] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.416903] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.417625] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.418120] ---[ end trace 0000000000000000 ]--- [ 145.421058] ------------[ cut here ]------------ [ 145.421442] WARNING: CPU: 0 PID: 1359 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.422290] Modules linked in: [ 145.422646] CPU: 0 PID: 1359 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.423333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.424206] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.424596] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.426000] RSP: 0018:ffff888013eefbd0 EFLAGS: 00010246 [ 145.426413] RAX: 0000000000000000 RBX: ffff8880165328a8 RCX: 0000000000000000 [ 145.427006] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 145.427617] RBP: ffff888013eefbe8 R08: ffffed1002ca6533 R09: ffffed1002ca6533 [ 145.428210] R10: ffff888016532993 R11: ffffed1002ca6532 R12: ffff888013b17c00 [ 145.428799] R13: ffff8880165329e8 R14: ffff88800af2de00 R15: 0000000000000000 [ 145.429394] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.430062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.430575] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.431171] PKRU: 55555554 [ 145.431407] Call Trace: [ 145.431620] [ 145.431810] iommufd_access_destroy_object+0x65/0x170 [ 145.432243] iommufd_object_destroy_user+0x18e/0x220 [ 145.432669] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.433152] iommufd_access_destroy+0x43/0x70 [ 145.433529] iommufd_test_staccess_release+0x8d/0xd0 [ 145.433955] __fput+0x26d/0xa40 [ 145.434243] ____fput+0x1e/0x30 [ 145.434544] task_work_run+0x1a4/0x2d0 [ 145.434875] ? __pfx_task_work_run+0x10/0x10 [ 145.435258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.435675] ? switch_task_namespaces+0xa9/0xe0 [ 145.436072] do_exit+0xb17/0x2ef0 [ 145.436363] ? lock_acquire+0x427/0x4c0 [ 145.436702] ? __pfx_lock_release+0x10/0x10 [ 145.437071] ? __kasan_check_write+0x18/0x20 [ 145.437443] ? do_raw_spin_lock+0x132/0x2a0 [ 145.437801] ? __pfx_do_exit+0x10/0x10 [ 145.438132] ? debug_smp_processor_id+0x20/0x30 [ 145.438545] ? rcu_is_watching+0x19/0xb0 [ 145.438889] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.439285] ? trace_hardirqs_on+0x26/0x120 [ 145.439650] do_group_exit+0xe0/0x2b0 [ 145.439969] __x64_sys_exit_group+0x47/0x50 [ 145.440324] do_syscall_64+0x3b/0x90 [ 145.440639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.441074] RIP: 0033:0x7f4b87518a4d [ 145.441383] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.441890] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.442541] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.443136] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.443721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.444301] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.444898] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.445495] [ 145.445690] irq event stamp: 0 [ 145.445954] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.446468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.447191] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.447892] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.448413] ---[ end trace 0000000000000000 ]--- [ 145.449248] ------------[ cut here ]------------ [ 145.449799] WARNING: CPU: 0 PID: 1359 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.450677] Modules linked in: [ 145.450944] CPU: 0 PID: 1359 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.451729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.452675] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.453074] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.454809] RSP: 0018:ffff888013eefb78 EFLAGS: 00010246 [ 145.455239] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.455942] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 145.456489] RBP: ffff888013eefb98 R08: ffffed1002ca653e R09: ffffed1002ca653e [ 145.457034] R10: ffff8880165329ef R11: ffffed1002ca653d R12: ffff888016532a90 [ 145.457744] R13: ffff8880165328a8 R14: ffffffffffffffff R15: ffff888013eefc60 [ 145.458291] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.458937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.459537] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.460091] PKRU: 55555554 [ 145.460318] Call Trace: [ 145.460518] [ 145.460694] iommufd_ioas_destroy+0x53/0x70 [ 145.461088] iommufd_fops_release+0x1f7/0x370 [ 145.461536] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.461935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.462322] ? write_comp_data+0x2f/0x90 [ 145.462671] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.463213] __fput+0x26d/0xa40 [ 145.463491] ____fput+0x1e/0x30 [ 145.463759] task_work_run+0x1a4/0x2d0 [ 145.464072] ? __pfx_task_work_run+0x10/0x10 [ 145.464420] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.464938] ? switch_task_namespaces+0xa9/0xe0 [ 145.465316] do_exit+0xb17/0x2ef0 [ 145.465587] ? lock_acquire+0x427/0x4c0 [ 145.465909] ? __pfx_lock_release+0x10/0x10 [ 145.466316] ? __kasan_check_write+0x18/0x20 [ 145.466762] ? do_raw_spin_lock+0x132/0x2a0 [ 145.467100] ? __pfx_do_exit+0x10/0x10 [ 145.467419] ? debug_smp_processor_id+0x20/0x30 [ 145.467784] ? rcu_is_watching+0x19/0xb0 [ 145.468101] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.468465] ? trace_hardirqs_on+0x26/0x120 [ 145.468814] do_group_exit+0xe0/0x2b0 [ 145.469124] __x64_sys_exit_group+0x47/0x50 [ 145.469473] do_syscall_64+0x3b/0x90 [ 145.469783] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.470210] RIP: 0033:0x7f4b87518a4d [ 145.470535] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.471039] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.471662] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.472238] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.472816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.473408] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.474003] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.474626] [ 145.474828] irq event stamp: 0 [ 145.475098] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.475638] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.476344] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.477041] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.477577] ---[ end trace 0000000000000000 ]--- [ 145.481320] ------------[ cut here ]------------ [ 145.481767] WARNING: CPU: 1 PID: 1360 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.482785] Modules linked in: [ 145.483060] CPU: 1 PID: 1360 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.483810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.484756] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.485175] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.486730] RSP: 0018:ffff88801293fbb8 EFLAGS: 00010246 [ 145.487190] RAX: 0000000000000000 RBX: ffff88801865b0a8 RCX: 0000000000000000 [ 145.487792] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 145.488392] RBP: ffff88801293fbd0 R08: ffffed10030cb633 R09: ffffed10030cb633 [ 145.489000] R10: ffff88801865b193 R11: ffffed10030cb632 R12: ffff88801420ec00 [ 145.489606] R13: ffff88801865b1e8 R14: ffffffff8352e670 R15: ffff88801293fe68 [ 145.490208] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 145.490937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.491450] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 145.492067] PKRU: 55555554 [ 145.492309] Call Trace: [ 145.492529] [ 145.492726] __iommufd_access_detach+0x1c2/0x2b0 [ 145.493144] iommufd_access_change_pt+0x149/0x270 [ 145.493569] iommufd_access_replace+0xb4/0x120 [ 145.493971] iommufd_test+0x3e5/0x37e0 [ 145.494303] ? lock_release+0x532/0x770 [ 145.494680] ? __might_fault+0x102/0x1b0 [ 145.495041] ? lock_acquire+0x427/0x4c0 [ 145.495409] ? __pfx_iommufd_test+0x10/0x10 [ 145.495780] ? __pfx_lock_release+0x10/0x10 [ 145.496160] ? __pfx_lock_acquire+0x10/0x10 [ 145.496537] ? write_comp_data+0x2f/0x90 [ 145.496898] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.497322] ? write_comp_data+0x2f/0x90 [ 145.497681] iommufd_fops_ioctl+0x37d/0x510 [ 145.498055] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.498478] ? write_comp_data+0x2f/0x90 [ 145.498862] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.499294] __x64_sys_ioctl+0x1a3/0x230 [ 145.499650] do_syscall_64+0x3b/0x90 [ 145.499977] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.500427] RIP: 0033:0x7f4b8743ee5d [ 145.500745] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.502289] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.502971] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.503589] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.504189] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.504788] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.505390] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.505999] [ 145.506199] irq event stamp: 0 [ 145.506466] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.507019] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.507741] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.508449] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.508980] ---[ end trace 0000000000000000 ]--- [ 145.511876] ------------[ cut here ]------------ [ 145.512308] WARNING: CPU: 1 PID: 1360 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.513156] Modules linked in: [ 145.513425] CPU: 1 PID: 1360 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.514150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.515106] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.515535] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.517052] RSP: 0018:ffff88801293fbd0 EFLAGS: 00010246 [ 145.517500] RAX: 0000000000000000 RBX: ffff88801865b0a8 RCX: 0000000000000000 [ 145.518088] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 145.518696] RBP: ffff88801293fbe8 R08: ffffed10030cb633 R09: ffffed10030cb633 [ 145.519295] R10: ffff88801865b193 R11: ffffed10030cb632 R12: ffff88801341c800 [ 145.519885] R13: ffff88801865b1e8 R14: ffff8880123ed100 R15: 0000000000000000 [ 145.520478] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 145.521144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.521623] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 145.522213] PKRU: 55555554 [ 145.522450] Call Trace: [ 145.522689] [ 145.522881] iommufd_access_destroy_object+0x65/0x170 [ 145.523326] iommufd_object_destroy_user+0x18e/0x220 [ 145.523757] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.524249] iommufd_access_destroy+0x43/0x70 [ 145.524636] iommufd_test_staccess_release+0x8d/0xd0 [ 145.525068] __fput+0x26d/0xa40 [ 145.525357] ____fput+0x1e/0x30 [ 145.525644] task_work_run+0x1a4/0x2d0 [ 145.525976] ? __pfx_task_work_run+0x10/0x10 [ 145.526354] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.526791] ? switch_task_namespaces+0xa9/0xe0 [ 145.527208] do_exit+0xb17/0x2ef0 [ 145.527505] ? lock_acquire+0x427/0x4c0 [ 145.527851] ? __pfx_lock_release+0x10/0x10 [ 145.528219] ? __kasan_check_write+0x18/0x20 [ 145.528594] ? do_raw_spin_lock+0x132/0x2a0 [ 145.528963] ? __pfx_do_exit+0x10/0x10 [ 145.529298] ? debug_smp_processor_id+0x20/0x30 [ 145.529692] ? rcu_is_watching+0x19/0xb0 [ 145.530036] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.530417] ? trace_hardirqs_on+0x26/0x120 [ 145.530808] do_group_exit+0xe0/0x2b0 [ 145.531138] __x64_sys_exit_group+0x47/0x50 [ 145.531504] do_syscall_64+0x3b/0x90 [ 145.531825] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.532264] RIP: 0033:0x7f4b87518a4d [ 145.532573] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.533100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.533727] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.534315] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.534931] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.535540] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.536135] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.536734] [ 145.536931] irq event stamp: 0 [ 145.537196] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.537729] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.538426] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.539158] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.539693] ---[ end trace 0000000000000000 ]--- [ 145.540429] ------------[ cut here ]------------ [ 145.540823] WARNING: CPU: 1 PID: 1360 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.541669] Modules linked in: [ 145.541941] CPU: 1 PID: 1360 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.542698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.543637] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.544068] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.545588] RSP: 0018:ffff88801293fb78 EFLAGS: 00010246 [ 145.546039] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.546666] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 145.547271] RBP: ffff88801293fb98 R08: ffffed10030cb63e R09: ffffed10030cb63e [ 145.547863] R10: ffff88801865b1ef R11: ffffed10030cb63d R12: ffff88801865b290 [ 145.548454] R13: ffff88801865b0a8 R14: ffffffffffffffff R15: ffff88801293fc60 [ 145.549048] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 145.549725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.550209] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 145.550858] PKRU: 55555554 [ 145.551102] Call Trace: [ 145.551331] [ 145.551524] iommufd_ioas_destroy+0x53/0x70 [ 145.551895] iommufd_fops_release+0x1f7/0x370 [ 145.552276] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.552700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.553115] ? write_comp_data+0x2f/0x90 [ 145.553466] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.553886] __fput+0x26d/0xa40 [ 145.554175] ____fput+0x1e/0x30 [ 145.554468] task_work_run+0x1a4/0x2d0 [ 145.554836] ? __pfx_task_work_run+0x10/0x10 [ 145.555220] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.555638] ? switch_task_namespaces+0xa9/0xe0 [ 145.556046] do_exit+0xb17/0x2ef0 [ 145.556339] ? lock_acquire+0x427/0x4c0 [ 145.556683] ? __pfx_lock_release+0x10/0x10 [ 145.557051] ? __kasan_check_write+0x18/0x20 [ 145.557424] ? do_raw_spin_lock+0x132/0x2a0 [ 145.557786] ? __pfx_do_exit+0x10/0x10 [ 145.558123] ? debug_smp_processor_id+0x20/0x30 [ 145.558540] ? rcu_is_watching+0x19/0xb0 [ 145.558886] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.559281] ? trace_hardirqs_on+0x26/0x120 [ 145.559653] do_group_exit+0xe0/0x2b0 [ 145.559975] __x64_sys_exit_group+0x47/0x50 [ 145.560339] do_syscall_64+0x3b/0x90 [ 145.560661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.561101] RIP: 0033:0x7f4b87518a4d [ 145.561417] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.561928] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.562602] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.563208] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.563802] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.564395] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.564987] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.565589] [ 145.565787] irq event stamp: 0 [ 145.566050] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.566601] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.567306] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.567997] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.568523] ---[ end trace 0000000000000000 ]--- [ 145.572474] ------------[ cut here ]------------ [ 145.572943] WARNING: CPU: 1 PID: 1361 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.573796] Modules linked in: [ 145.574062] CPU: 1 PID: 1361 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.574856] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.575800] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.576212] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.577724] RSP: 0018:ffff888021957bb8 EFLAGS: 00010246 [ 145.578164] RAX: 0000000000000000 RBX: ffff8880141960a8 RCX: 0000000000000000 [ 145.578775] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 145.579376] RBP: ffff888021957bd0 R08: ffffed1002832c33 R09: ffffed1002832c33 [ 145.579957] R10: ffff888014196193 R11: ffffed1002832c32 R12: ffff88801880b000 [ 145.580490] R13: ffff8880141961e8 R14: ffffffff8352e670 R15: ffff888021957e68 [ 145.581026] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 145.581631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.582069] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 145.582626] PKRU: 55555554 [ 145.582843] Call Trace: [ 145.583037] [ 145.583218] __iommufd_access_detach+0x1c2/0x2b0 [ 145.583594] iommufd_access_change_pt+0x149/0x270 [ 145.583972] iommufd_access_replace+0xb4/0x120 [ 145.584332] iommufd_test+0x3e5/0x37e0 [ 145.584631] ? lock_release+0x532/0x770 [ 145.584945] ? __might_fault+0x102/0x1b0 [ 145.585260] ? lock_acquire+0x427/0x4c0 [ 145.585572] ? __pfx_iommufd_test+0x10/0x10 [ 145.585898] ? __pfx_lock_release+0x10/0x10 [ 145.586231] ? __pfx_lock_acquire+0x10/0x10 [ 145.586590] ? write_comp_data+0x2f/0x90 [ 145.586907] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.587285] ? write_comp_data+0x2f/0x90 [ 145.587602] iommufd_fops_ioctl+0x37d/0x510 [ 145.587935] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.588309] ? write_comp_data+0x2f/0x90 [ 145.588626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.588995] __x64_sys_ioctl+0x1a3/0x230 [ 145.589313] do_syscall_64+0x3b/0x90 [ 145.589612] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.590011] RIP: 0033:0x7f4b8743ee5d [ 145.590293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.591684] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.592040] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 145.592260] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.594407] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 145.594931] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.594941] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.594949] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.594957] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.598599] [ 145.598778] irq event stamp: 0 [ 145.599019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.599497] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.600132] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.600759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.601235] ---[ end trace 0000000000000000 ]--- [ 145.606799] ------------[ cut here ]------------ [ 145.607209] WARNING: CPU: 1 PID: 1361 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.607972] Modules linked in: [ 145.608214] CPU: 1 PID: 1361 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.608879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.609724] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.610097] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.611493] RSP: 0018:ffff888021957bd0 EFLAGS: 00010246 [ 145.611893] RAX: 0000000000000000 RBX: ffff8880141960a8 RCX: 0000000000000000 [ 145.612437] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 145.612971] RBP: ffff888021957be8 R08: ffffed1002832c33 R09: ffffed1002832c33 [ 145.613508] R10: ffff888014196193 R11: ffffed1002832c32 R12: ffff888021902400 [ 145.614044] R13: ffff8880141961e8 R14: ffff88800f401600 R15: 0000000000000000 [ 145.614606] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 145.615221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.615663] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 145.616203] PKRU: 55555554 [ 145.616416] Call Trace: [ 145.616611] [ 145.616782] iommufd_access_destroy_object+0x65/0x170 [ 145.617179] iommufd_object_destroy_user+0x18e/0x220 [ 145.617567] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.618011] iommufd_access_destroy+0x43/0x70 [ 145.618361] iommufd_test_staccess_release+0x8d/0xd0 [ 145.618777] __fput+0x26d/0xa40 [ 145.619048] ____fput+0x1e/0x30 [ 145.619318] task_work_run+0x1a4/0x2d0 [ 145.619624] ? __pfx_task_work_run+0x10/0x10 [ 145.619966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.620342] ? switch_task_namespaces+0xa9/0xe0 [ 145.620705] do_exit+0xb17/0x2ef0 [ 145.620969] ? lock_acquire+0x427/0x4c0 [ 145.621280] ? __pfx_lock_release+0x10/0x10 [ 145.621614] ? __kasan_check_write+0x18/0x20 [ 145.621953] ? do_raw_spin_lock+0x132/0x2a0 [ 145.622282] ? __pfx_do_exit+0x10/0x10 [ 145.622617] ? debug_smp_processor_id+0x20/0x30 [ 145.622977] ? rcu_is_watching+0x19/0xb0 [ 145.623294] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.623645] ? trace_hardirqs_on+0x26/0x120 [ 145.623978] do_group_exit+0xe0/0x2b0 [ 145.624271] __x64_sys_exit_group+0x47/0x50 [ 145.624598] do_syscall_64+0x3b/0x90 [ 145.624891] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.625287] RIP: 0033:0x7f4b87518a4d [ 145.625570] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.626037] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.626632] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.627183] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.627729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.628276] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.628823] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.629381] [ 145.629563] irq event stamp: 0 [ 145.629806] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.630290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.630958] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.631601] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.632081] ---[ end trace 0000000000000000 ]--- [ 145.643313] ------------[ cut here ]------------ [ 145.643743] WARNING: CPU: 0 PID: 1361 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.644724] Modules linked in: [ 145.644973] CPU: 0 PID: 1361 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.645656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.646669] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.647067] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.648471] RSP: 0018:ffff888021957b78 EFLAGS: 00010246 [ 145.648879] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.649420] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 145.649962] RBP: ffff888021957b98 R08: ffffed1002832c3e R09: ffffed1002832c3e [ 145.650527] R10: ffff8880141961ef R11: ffffed1002832c3d R12: ffff888014196290 [ 145.651069] R13: ffff8880141960a8 R14: ffffffffffffffff R15: ffff888021957c60 [ 145.651621] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.652238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.652681] CR2: 00007f82e2e75030 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 145.653225] PKRU: 55555554 [ 145.653444] Call Trace: [ 145.653640] [ 145.653816] iommufd_ioas_destroy+0x53/0x70 [ 145.654157] iommufd_fops_release+0x1f7/0x370 [ 145.654533] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.654922] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.655325] ? write_comp_data+0x2f/0x90 [ 145.655650] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.656036] __fput+0x26d/0xa40 [ 145.656304] ____fput+0x1e/0x30 [ 145.656568] task_work_run+0x1a4/0x2d0 [ 145.656875] ? __pfx_task_work_run+0x10/0x10 [ 145.657217] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.657600] ? switch_task_namespaces+0xa9/0xe0 [ 145.657969] do_exit+0xb17/0x2ef0 [ 145.658240] ? lock_acquire+0x427/0x4c0 [ 145.658576] ? __pfx_lock_release+0x10/0x10 [ 145.658922] ? __kasan_check_write+0x18/0x20 [ 145.659282] ? do_raw_spin_lock+0x132/0x2a0 [ 145.659619] ? __pfx_do_exit+0x10/0x10 [ 145.659928] ? debug_smp_processor_id+0x20/0x30 [ 145.660293] ? rcu_is_watching+0x19/0xb0 [ 145.660606] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.660961] ? trace_hardirqs_on+0x26/0x120 [ 145.661301] do_group_exit+0xe0/0x2b0 [ 145.661595] __x64_sys_exit_group+0x47/0x50 [ 145.661930] do_syscall_64+0x3b/0x90 [ 145.662231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.662655] RIP: 0033:0x7f4b87518a4d [ 145.662945] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.663429] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.664012] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.664560] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.665104] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.665646] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.666195] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.666761] [ 145.666944] irq event stamp: 0 [ 145.667197] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.667679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.668317] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.668954] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.669437] ---[ end trace 0000000000000000 ]--- [ 145.674030] ------------[ cut here ]------------ [ 145.674408] WARNING: CPU: 0 PID: 1363 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.675264] Modules linked in: [ 145.675917] CPU: 0 PID: 1363 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.676886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.678427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.679099] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.681452] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 145.682051] RAX: 0000000000000000 RBX: ffff888011ed50a8 RCX: 0000000000000000 [ 145.683149] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 145.683944] RBP: ffff8880135e7bd0 R08: ffffed10023daa33 R09: ffffed10023daa33 [ 145.684902] R10: ffff888011ed5193 R11: ffffed10023daa32 R12: ffff88801432ac00 [ 145.685695] R13: ffff888011ed51e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 145.686694] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.687675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.688163] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 145.689127] PKRU: 55555554 [ 145.689458] Call Trace: [ 145.689767] [ 145.690157] __iommufd_access_detach+0x1c2/0x2b0 [ 145.690754] iommufd_access_change_pt+0x149/0x270 [ 145.691330] iommufd_access_replace+0xb4/0x120 [ 145.692035] iommufd_test+0x3e5/0x37e0 [ 145.692481] ? lock_release+0x532/0x770 [ 145.692943] ? __might_fault+0x102/0x1b0 [ 145.693575] ? lock_acquire+0x427/0x4c0 [ 145.694045] ? __pfx_iommufd_test+0x10/0x10 [ 145.694566] ? __pfx_lock_release+0x10/0x10 [ 145.695067] ? __pfx_lock_acquire+0x10/0x10 [ 145.695752] ? write_comp_data+0x2f/0x90 [ 145.696233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.696789] ? write_comp_data+0x2f/0x90 [ 145.697429] iommufd_fops_ioctl+0x37d/0x510 [ 145.697932] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.698489] ? write_comp_data+0x2f/0x90 [ 145.699164] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.699722] __x64_sys_ioctl+0x1a3/0x230 [ 145.700198] do_syscall_64+0x3b/0x90 [ 145.700689] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.701369] RIP: 0033:0x7f4b8743ee5d [ 145.701791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.704019] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.705029] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.705824] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.706807] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.707615] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.708411] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.709213] [ 145.709482] irq event stamp: 0 [ 145.709839] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.710576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.711451] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.712103] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.712580] ---[ end trace 0000000000000000 ]--- [ 145.715592] ------------[ cut here ]------------ [ 145.715965] WARNING: CPU: 0 PID: 1363 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.716779] Modules linked in: [ 145.717298] CPU: 0 PID: 1363 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.717976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.719371] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.719939] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.722263] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 145.723217] RAX: 0000000000000000 RBX: ffff888011ed50a8 RCX: 0000000000000000 [ 145.724004] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 145.724965] RBP: ffff8880135e7be8 R08: ffffed10023daa33 R09: ffffed10023daa33 [ 145.725749] R10: ffff888011ed5193 R11: ffffed10023daa32 R12: ffff888018539400 [ 145.726737] R13: ffff888011ed51e8 R14: ffff88800ca5a500 R15: 0000000000000000 [ 145.727538] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.728591] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.729230] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.730173] PKRU: 55555554 [ 145.730494] Call Trace: [ 145.730822] [ 145.731079] iommufd_access_destroy_object+0x65/0x170 [ 145.731613] iommufd_object_destroy_user+0x18e/0x220 [ 145.732381] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.733056] iommufd_access_destroy+0x43/0x70 [ 145.733758] iommufd_test_staccess_release+0x8d/0xd0 [ 145.734345] __fput+0x26d/0xa40 [ 145.734802] ____fput+0x1e/0x30 [ 145.735217] task_work_run+0x1a4/0x2d0 [ 145.735856] ? __pfx_task_work_run+0x10/0x10 [ 145.736368] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.736927] ? switch_task_namespaces+0xa9/0xe0 [ 145.737645] do_exit+0xb17/0x2ef0 [ 145.738048] ? lock_acquire+0x427/0x4c0 [ 145.738547] ? __pfx_lock_release+0x10/0x10 [ 145.739049] ? __kasan_check_write+0x18/0x20 [ 145.739714] ? do_raw_spin_lock+0x132/0x2a0 [ 145.740213] ? __pfx_do_exit+0x10/0x10 [ 145.740690] ? debug_smp_processor_id+0x20/0x30 [ 145.741365] ? rcu_is_watching+0x19/0xb0 [ 145.741838] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.742378] ? trace_hardirqs_on+0x26/0x120 [ 145.743060] do_group_exit+0xe0/0x2b0 [ 145.743519] __x64_sys_exit_group+0x47/0x50 [ 145.744018] do_syscall_64+0x3b/0x90 [ 145.744460] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.745238] RIP: 0033:0x7f4b87518a4d [ 145.745667] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.746361] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.747413] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.747991] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.748586] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.749287] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.749858] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.750501] [ 145.750788] irq event stamp: 0 [ 145.751045] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.751577] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.752249] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.753096] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.753611] ---[ end trace 0000000000000000 ]--- [ 145.754332] ------------[ cut here ]------------ [ 145.754832] WARNING: CPU: 0 PID: 1363 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.755673] Modules linked in: [ 145.755935] CPU: 0 PID: 1363 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.756807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.757715] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.758163] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.759831] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 145.760269] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.760843] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 145.761420] RBP: ffff8880135e7b98 R08: ffffed10023daa3e R09: ffffed10023daa3e [ 145.761991] R10: ffff888011ed51ef R11: ffffed10023daa3d R12: ffff888011ed5290 [ 145.762600] R13: ffff888011ed50a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 145.763199] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.763859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.764330] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.764911] PKRU: 55555554 [ 145.765147] Call Trace: [ 145.765358] [ 145.765544] iommufd_ioas_destroy+0x53/0x70 [ 145.765907] iommufd_fops_release+0x1f7/0x370 [ 145.766288] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.766729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.767160] ? write_comp_data+0x2f/0x90 [ 145.767510] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.767920] __fput+0x26d/0xa40 [ 145.768207] ____fput+0x1e/0x30 [ 145.768489] task_work_run+0x1a4/0x2d0 [ 145.768819] ? __pfx_task_work_run+0x10/0x10 [ 145.769189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.769596] ? switch_task_namespaces+0xa9/0xe0 [ 145.769986] do_exit+0xb17/0x2ef0 [ 145.770271] ? lock_acquire+0x427/0x4c0 [ 145.770628] ? __pfx_lock_release+0x10/0x10 [ 145.770986] ? __kasan_check_write+0x18/0x20 [ 145.771409] ? do_raw_spin_lock+0x132/0x2a0 [ 145.771786] ? __pfx_do_exit+0x10/0x10 [ 145.772121] ? debug_smp_processor_id+0x20/0x30 [ 145.772506] ? rcu_is_watching+0x19/0xb0 [ 145.772844] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.773216] ? trace_hardirqs_on+0x26/0x120 [ 145.773575] do_group_exit+0xe0/0x2b0 [ 145.773888] __x64_sys_exit_group+0x47/0x50 [ 145.774243] do_syscall_64+0x3b/0x90 [ 145.774590] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.775039] RIP: 0033:0x7f4b87518a4d [ 145.775372] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.775895] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.776539] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.777145] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.777741] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.778337] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.778967] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.779601] [ 145.779805] irq event stamp: 0 [ 145.780078] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.780626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.781337] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.782047] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.782616] ---[ end trace 0000000000000000 ]--- [ 145.788397] ------------[ cut here ]------------ [ 145.789026] WARNING: CPU: 1 PID: 1364 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.790239] Modules linked in: [ 145.791160] CPU: 1 PID: 1364 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.792238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.793593] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.794215] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.796457] RSP: 0018:ffff888021957bb8 EFLAGS: 00010246 [ 145.797122] RAX: 0000000000000000 RBX: ffff888023de80a8 RCX: 0000000000000000 [ 145.797986] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 145.798902] RBP: ffff888021957bd0 R08: ffffed10047bd033 R09: ffffed10047bd033 [ 145.799793] R10: ffff888023de8193 R11: ffffed10047bd032 R12: ffff88800b9b7c00 [ 145.800651] R13: ffff888023de81e8 R14: ffffffff8352e670 R15: ffff888021957e68 [ 145.801504] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 145.802456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.803234] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 145.804107] PKRU: 55555554 [ 145.804463] Call Trace: [ 145.804782] [ 145.805070] __iommufd_access_detach+0x1c2/0x2b0 [ 145.805676] iommufd_access_change_pt+0x149/0x270 [ 145.806290] iommufd_access_replace+0xb4/0x120 [ 145.806925] iommufd_test+0x3e5/0x37e0 [ 145.807441] ? lock_release+0x532/0x770 [ 145.807946] ? __might_fault+0x102/0x1b0 [ 145.808454] ? lock_acquire+0x427/0x4c0 [ 145.808962] ? __pfx_iommufd_test+0x10/0x10 [ 145.809481] ? __pfx_lock_release+0x10/0x10 [ 145.810010] ? __pfx_lock_acquire+0x10/0x10 [ 145.810588] ? write_comp_data+0x2f/0x90 [ 145.811102] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.811732] ? write_comp_data+0x2f/0x90 [ 145.812262] iommufd_fops_ioctl+0x37d/0x510 [ 145.812807] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.813426] ? write_comp_data+0x2f/0x90 [ 145.813946] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.814601] __x64_sys_ioctl+0x1a3/0x230 [ 145.815144] do_syscall_64+0x3b/0x90 [ 145.815622] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.816266] RIP: 0033:0x7f4b8743ee5d [ 145.816733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.818941] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.819893] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.820757] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.821615] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.822472] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.823399] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.824279] [ 145.824579] irq event stamp: 0 [ 145.824966] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.825727] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.826783] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.827813] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.828576] ---[ end trace 0000000000000000 ]--- [ 145.832351] ------------[ cut here ]------------ [ 145.832821] WARNING: CPU: 0 PID: 1364 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.833735] Modules linked in: [ 145.834026] CPU: 0 PID: 1364 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.834997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.836027] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.836474] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.838121] RSP: 0018:ffff888021957bd0 EFLAGS: 00010246 [ 145.838662] RAX: 0000000000000000 RBX: ffff888023de80a8 RCX: 0000000000000000 [ 145.839328] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 145.839972] RBP: ffff888021957be8 R08: ffffed10047bd033 R09: ffffed10047bd033 [ 145.840613] R10: ffff888023de8193 R11: ffffed10047bd032 R12: ffff888018809c00 [ 145.841261] R13: ffff888023de81e8 R14: ffff888013edd800 R15: 0000000000000000 [ 145.841910] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.842662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.843203] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 145.843852] PKRU: 55555554 [ 145.844108] Call Trace: [ 145.844350] [ 145.844557] iommufd_access_destroy_object+0x65/0x170 [ 145.845031] iommufd_object_destroy_user+0x18e/0x220 [ 145.845507] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.846767] iommufd_access_destroy+0x43/0x70 [ 145.847234] iommufd_test_staccess_release+0x8d/0xd0 [ 145.847704] __fput+0x26d/0xa40 [ 145.848023] ____fput+0x1e/0x30 [ 145.848333] task_work_run+0x1a4/0x2d0 [ 145.848699] ? __pfx_task_work_run+0x10/0x10 [ 145.849103] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.849556] ? switch_task_namespaces+0xa9/0xe0 [ 145.850000] do_exit+0xb17/0x2ef0 [ 145.850434] ? lock_acquire+0x427/0x4c0 [ 145.851028] ? __pfx_lock_release+0x10/0x10 [ 145.851563] ? __kasan_check_write+0x18/0x20 [ 145.851967] ? do_raw_spin_lock+0x132/0x2a0 [ 145.852362] ? __pfx_do_exit+0x10/0x10 [ 145.852725] ? debug_smp_processor_id+0x20/0x30 [ 145.853154] ? rcu_is_watching+0x19/0xb0 [ 145.853528] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.853946] ? trace_hardirqs_on+0x26/0x120 [ 145.854348] do_group_exit+0xe0/0x2b0 [ 145.854731] __x64_sys_exit_group+0x47/0x50 [ 145.855146] do_syscall_64+0x3b/0x90 [ 145.855510] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.856016] RIP: 0033:0x7f4b87518a4d [ 145.856482] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.857248] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.858106] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.858821] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.859500] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.860160] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.860818] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.861543] [ 145.861824] irq event stamp: 0 [ 145.862302] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.862920] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.863709] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.864480] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.865069] ---[ end trace 0000000000000000 ]--- [ 145.865878] ------------[ cut here ]------------ [ 145.866438] WARNING: CPU: 0 PID: 1364 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.867644] Modules linked in: [ 145.867961] CPU: 0 PID: 1364 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.868826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.869951] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.870478] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.872916] RSP: 0018:ffff888021957b78 EFLAGS: 00010246 [ 145.873473] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.874182] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 145.874916] RBP: ffff888021957b98 R08: ffffed10047bd03e R09: ffffed10047bd03e [ 145.875665] R10: ffff888023de81ef R11: ffffed10047bd03d R12: ffff888023de8290 [ 145.876694] R13: ffff888023de80a8 R14: ffffffffffffffff R15: ffff888021957c60 [ 145.877415] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.878331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.879093] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 145.879840] PKRU: 55555554 [ 145.880128] Call Trace: [ 145.880437] [ 145.880869] iommufd_ioas_destroy+0x53/0x70 [ 145.881326] iommufd_fops_release+0x1f7/0x370 [ 145.881792] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.882302] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.883089] ? write_comp_data+0x2f/0x90 [ 145.883536] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.884048] __fput+0x26d/0xa40 [ 145.884409] ____fput+0x1e/0x30 [ 145.884785] task_work_run+0x1a4/0x2d0 [ 145.885408] ? __pfx_task_work_run+0x10/0x10 [ 145.885872] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.886376] ? switch_task_namespaces+0xa9/0xe0 [ 145.886894] do_exit+0xb17/0x2ef0 [ 145.887373] ? lock_acquire+0x427/0x4c0 [ 145.887917] ? __pfx_lock_release+0x10/0x10 [ 145.888372] ? __kasan_check_write+0x18/0x20 [ 145.888821] ? do_raw_spin_lock+0x132/0x2a0 [ 145.889331] ? __pfx_do_exit+0x10/0x10 [ 145.889869] ? debug_smp_processor_id+0x20/0x30 [ 145.890348] ? rcu_is_watching+0x19/0xb0 [ 145.890785] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.891296] ? trace_hardirqs_on+0x26/0x120 [ 145.891967] do_group_exit+0xe0/0x2b0 [ 145.892365] __x64_sys_exit_group+0x47/0x50 [ 145.892808] do_syscall_64+0x3b/0x90 [ 145.893202] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.893998] RIP: 0033:0x7f4b87518a4d [ 145.894389] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.895042] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.895937] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.896793] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.897523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.898502] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.899266] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.900006] [ 145.900251] irq event stamp: 0 [ 145.900579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.901223] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.902087] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.902968] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.903642] ---[ end trace 0000000000000000 ]--- [ 145.908713] ------------[ cut here ]------------ [ 145.909269] WARNING: CPU: 0 PID: 1365 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.910288] Modules linked in: [ 145.910724] CPU: 0 PID: 1365 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.911630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.912771] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.913277] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.915165] RSP: 0018:ffff888011ddfbb8 EFLAGS: 00010246 [ 145.915719] RAX: 0000000000000000 RBX: ffff88801781d0a8 RCX: 0000000000000000 [ 145.916444] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 145.917181] RBP: ffff888011ddfbd0 R08: ffffed1002f03a33 R09: ffffed1002f03a33 [ 145.917909] R10: ffff88801781d193 R11: ffffed1002f03a32 R12: ffff8880129c6000 [ 145.918661] R13: ffff88801781d1e8 R14: ffffffff8352e670 R15: ffff888011ddfe68 [ 145.919402] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.920233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.920829] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 145.921548] PKRU: 55555554 [ 145.921839] Call Trace: [ 145.922100] [ 145.922335] __iommufd_access_detach+0x1c2/0x2b0 [ 145.922884] iommufd_access_change_pt+0x149/0x270 [ 145.923405] iommufd_access_replace+0xb4/0x120 [ 145.923893] iommufd_test+0x3e5/0x37e0 [ 145.924294] ? lock_release+0x532/0x770 [ 145.924713] ? __might_fault+0x102/0x1b0 [ 145.925139] ? lock_acquire+0x427/0x4c0 [ 145.925574] ? __pfx_iommufd_test+0x10/0x10 [ 145.926030] ? __pfx_lock_release+0x10/0x10 [ 145.926491] ? __pfx_lock_acquire+0x10/0x10 [ 145.927009] ? write_comp_data+0x2f/0x90 [ 145.927468] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.927976] ? write_comp_data+0x2f/0x90 [ 145.928410] iommufd_fops_ioctl+0x37d/0x510 [ 145.928855] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.929359] ? write_comp_data+0x2f/0x90 [ 145.929794] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 145.930301] __x64_sys_ioctl+0x1a3/0x230 [ 145.930769] do_syscall_64+0x3b/0x90 [ 145.931178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.931714] RIP: 0033:0x7f4b8743ee5d [ 145.932089] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 145.933929] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 145.934745] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 145.935507] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 145.936236] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 145.936958] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 145.937676] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 145.938405] [ 145.938673] irq event stamp: 0 [ 145.938999] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.939659] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.940493] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.941315] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.941950] ---[ end trace 0000000000000000 ]--- [ 145.945225] ------------[ cut here ]------------ [ 145.945741] WARNING: CPU: 0 PID: 1365 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 145.946793] Modules linked in: [ 145.947128] CPU: 0 PID: 1365 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.947997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.949130] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 145.949623] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 145.951453] RSP: 0018:ffff888011ddfbd0 EFLAGS: 00010246 [ 145.951987] RAX: 0000000000000000 RBX: ffff88801781d0a8 RCX: 0000000000000000 [ 145.952675] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 145.953379] RBP: ffff888011ddfbe8 R08: ffffed1002f03a33 R09: ffffed1002f03a33 [ 145.954066] R10: ffff88801781d193 R11: ffffed1002f03a32 R12: ffff88801432a000 [ 145.954825] R13: ffff88801781d1e8 R14: ffff888012c6b000 R15: 0000000000000000 [ 145.955578] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.956401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.956995] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.957712] PKRU: 55555554 [ 145.958005] Call Trace: [ 145.958263] [ 145.958496] iommufd_access_destroy_object+0x65/0x170 [ 145.959063] iommufd_object_destroy_user+0x18e/0x220 [ 145.959610] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 145.960218] iommufd_access_destroy+0x43/0x70 [ 145.960677] iommufd_test_staccess_release+0x8d/0xd0 [ 145.961195] __fput+0x26d/0xa40 [ 145.961541] ____fput+0x1e/0x30 [ 145.961884] task_work_run+0x1a4/0x2d0 [ 145.962297] ? __pfx_task_work_run+0x10/0x10 [ 145.962788] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.963315] ? switch_task_namespaces+0xa9/0xe0 [ 145.963801] do_exit+0xb17/0x2ef0 [ 145.964157] ? lock_acquire+0x427/0x4c0 [ 145.964570] ? __pfx_lock_release+0x10/0x10 [ 145.965011] ? __kasan_check_write+0x18/0x20 [ 145.965468] ? do_raw_spin_lock+0x132/0x2a0 [ 145.965909] ? __pfx_do_exit+0x10/0x10 [ 145.966319] ? debug_smp_processor_id+0x20/0x30 [ 145.966831] ? rcu_is_watching+0x19/0xb0 [ 145.967286] ? _raw_spin_unlock_irq+0x2b/0x60 [ 145.967753] ? trace_hardirqs_on+0x26/0x120 [ 145.968188] do_group_exit+0xe0/0x2b0 [ 145.968577] __x64_sys_exit_group+0x47/0x50 [ 145.969024] do_syscall_64+0x3b/0x90 [ 145.969414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 145.969945] RIP: 0033:0x7f4b87518a4d [ 145.970328] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 145.970990] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 145.971768] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 145.972481] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 145.973192] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 145.973898] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 145.974646] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 145.975400] [ 145.975638] irq event stamp: 0 [ 145.975956] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 145.976591] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 145.977447] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 145.978285] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 145.978971] ---[ end trace 0000000000000000 ]--- [ 145.979880] ------------[ cut here ]------------ [ 145.980363] WARNING: CPU: 0 PID: 1365 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 145.981393] Modules linked in: [ 145.981715] CPU: 0 PID: 1365 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 145.982615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 145.983768] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 145.984293] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 145.986134] RSP: 0018:ffff888011ddfb78 EFLAGS: 00010246 [ 145.986730] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 145.987487] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 145.988210] RBP: ffff888011ddfb98 R08: ffffed1002f03a3e R09: ffffed1002f03a3e [ 145.988927] R10: ffff88801781d1ef R11: ffffed1002f03a3d R12: ffff88801781d290 [ 145.989638] R13: ffff88801781d0a8 R14: ffffffffffffffff R15: ffff888011ddfc60 [ 145.990370] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 145.991231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.991831] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 145.992544] PKRU: 55555554 [ 145.992829] Call Trace: [ 145.993090] [ 145.993318] iommufd_ioas_destroy+0x53/0x70 [ 145.993765] iommufd_fops_release+0x1f7/0x370 [ 145.994223] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.994753] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.995276] ? write_comp_data+0x2f/0x90 [ 145.995692] ? __pfx_iommufd_fops_release+0x10/0x10 [ 145.996194] __fput+0x26d/0xa40 [ 145.996541] ____fput+0x1e/0x30 [ 145.996885] task_work_run+0x1a4/0x2d0 [ 145.997285] ? __pfx_task_work_run+0x10/0x10 [ 145.997732] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 145.998233] ? switch_task_namespaces+0xa9/0xe0 [ 145.998749] do_exit+0xb17/0x2ef0 [ 145.999104] ? lock_acquire+0x427/0x4c0 [ 145.999555] ? __pfx_lock_release+0x10/0x10 [ 145.999995] ? __kasan_check_write+0x18/0x20 [ 146.000447] ? do_raw_spin_lock+0x132/0x2a0 [ 146.000884] ? __pfx_do_exit+0x10/0x10 [ 146.001286] ? debug_smp_processor_id+0x20/0x30 [ 146.001758] ? rcu_is_watching+0x19/0xb0 [ 146.002171] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.002662] ? trace_hardirqs_on+0x26/0x120 [ 146.003117] do_group_exit+0xe0/0x2b0 [ 146.003505] __x64_sys_exit_group+0x47/0x50 [ 146.003940] do_syscall_64+0x3b/0x90 [ 146.004331] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.004862] RIP: 0033:0x7f4b87518a4d [ 146.005233] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.005845] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.006636] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.007360] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.008070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.008772] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.009481] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.010202] [ 146.010440] irq event stamp: 0 [ 146.010788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.011435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.012269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.013103] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.013727] ---[ end trace 0000000000000000 ]--- [ 146.018332] ------------[ cut here ]------------ [ 146.019225] WARNING: CPU: 1 PID: 1366 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.020282] Modules linked in: [ 146.020614] CPU: 1 PID: 1366 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.021498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.022590] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.023062] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.024797] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 146.025305] RAX: 0000000000000000 RBX: ffff8880184ae8a8 RCX: 0000000000000000 [ 146.025978] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.026678] RBP: ffff8880135e7bd0 R08: ffffed1003095d33 R09: ffffed1003095d33 [ 146.027375] R10: ffff8880184ae993 R11: ffffed1003095d32 R12: ffff888010826400 [ 146.028064] R13: ffff8880184ae9e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 146.028752] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 146.029514] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.030069] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 146.030770] PKRU: 55555554 [ 146.031049] Call Trace: [ 146.031317] [ 146.031536] __iommufd_access_detach+0x1c2/0x2b0 [ 146.032011] iommufd_access_change_pt+0x149/0x270 [ 146.032484] iommufd_access_replace+0xb4/0x120 [ 146.032936] iommufd_test+0x3e5/0x37e0 [ 146.033310] ? lock_release+0x532/0x770 [ 146.033705] ? __might_fault+0x102/0x1b0 [ 146.034108] ? lock_acquire+0x427/0x4c0 [ 146.034535] ? __pfx_iommufd_test+0x10/0x10 [ 146.034951] ? __pfx_lock_release+0x10/0x10 [ 146.035389] ? __pfx_lock_acquire+0x10/0x10 [ 146.035818] ? write_comp_data+0x2f/0x90 [ 146.036222] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.036696] ? write_comp_data+0x2f/0x90 [ 146.037101] iommufd_fops_ioctl+0x37d/0x510 [ 146.037526] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.038005] ? write_comp_data+0x2f/0x90 [ 146.038412] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.038928] __x64_sys_ioctl+0x1a3/0x230 [ 146.039350] do_syscall_64+0x3b/0x90 [ 146.039723] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.040229] RIP: 0033:0x7f4b8743ee5d [ 146.040593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.042353] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.043139] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.043828] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.044514] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.045278] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.045950] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.046669] [ 146.046899] irq event stamp: 0 [ 146.047213] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.047813] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.048613] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.049405] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.050012] ---[ end trace 0000000000000000 ]--- [ 146.053315] ------------[ cut here ]------------ [ 146.053800] WARNING: CPU: 1 PID: 1366 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.054855] Modules linked in: [ 146.055180] CPU: 1 PID: 1366 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.056010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.057080] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.057552] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.059307] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 146.059819] RAX: 0000000000000000 RBX: ffff8880184ae8a8 RCX: 0000000000000000 [ 146.060498] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.061172] RBP: ffff8880135e7be8 R08: ffffed1003095d33 R09: ffffed1003095d33 [ 146.061862] R10: ffff8880184ae993 R11: ffffed1003095d32 R12: ffff88800b9b6800 [ 146.062555] R13: ffff8880184ae9e8 R14: ffff888013c59800 R15: 0000000000000000 [ 146.063255] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 146.064013] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.064559] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 146.065233] PKRU: 55555554 [ 146.065500] Call Trace: [ 146.065739] [ 146.065947] iommufd_access_destroy_object+0x65/0x170 [ 146.066426] iommufd_object_destroy_user+0x18e/0x220 [ 146.066921] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.067474] iommufd_access_destroy+0x43/0x70 [ 146.067905] iommufd_test_staccess_release+0x8d/0xd0 [ 146.068378] __fput+0x26d/0xa40 [ 146.068698] ____fput+0x1e/0x30 [ 146.069013] task_work_run+0x1a4/0x2d0 [ 146.069382] ? __pfx_task_work_run+0x10/0x10 [ 146.069792] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.070251] ? switch_task_namespaces+0xa9/0xe0 [ 146.070711] do_exit+0xb17/0x2ef0 [ 146.071037] ? lock_acquire+0x427/0x4c0 [ 146.071424] ? __pfx_lock_release+0x10/0x10 [ 146.071809] ? __kasan_check_write+0x18/0x20 [ 146.072194] ? do_raw_spin_lock+0x132/0x2a0 [ 146.072571] ? __pfx_do_exit+0x10/0x10 [ 146.072917] ? debug_smp_processor_id+0x20/0x30 [ 146.073332] ? rcu_is_watching+0x19/0xb0 [ 146.073695] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.074099] ? trace_hardirqs_on+0x26/0x120 [ 146.074480] do_group_exit+0xe0/0x2b0 [ 146.074838] __x64_sys_exit_group+0x47/0x50 [ 146.075223] do_syscall_64+0x3b/0x90 [ 146.075561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.076019] RIP: 0033:0x7f4b87518a4d [ 146.076341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.076873] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.077611] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.078226] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.078868] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.079513] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.080132] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.080758] [ 146.080961] irq event stamp: 0 [ 146.081235] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.081794] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.082552] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.083391] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.084248] ---[ end trace 0000000000000000 ]--- [ 146.085394] ------------[ cut here ]------------ [ 146.085983] WARNING: CPU: 0 PID: 1366 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.087298] Modules linked in: [ 146.087695] CPU: 0 PID: 1366 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.088730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.090053] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.090708] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.092436] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 146.092873] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.093449] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.094027] RBP: ffff8880135e7b98 R08: ffffed1003095d3e R09: ffffed1003095d3e [ 146.094633] R10: ffff8880184ae9ef R11: ffffed1003095d3d R12: ffff8880184aea90 [ 146.095242] R13: ffff8880184ae8a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 146.095827] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.096478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.096952] CR2: 00007f82e2ea7030 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 146.097541] PKRU: 55555554 [ 146.097776] Call Trace: [ 146.097986] [ 146.098174] iommufd_ioas_destroy+0x53/0x70 [ 146.098560] iommufd_fops_release+0x1f7/0x370 [ 146.098935] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.099356] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.099765] ? write_comp_data+0x2f/0x90 [ 146.100109] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.100529] __fput+0x26d/0xa40 [ 146.100882] ____fput+0x1e/0x30 [ 146.101335] task_work_run+0x1a4/0x2d0 [ 146.101669] ? __pfx_task_work_run+0x10/0x10 [ 146.102035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.102439] ? switch_task_namespaces+0xa9/0xe0 [ 146.102862] do_exit+0xb17/0x2ef0 [ 146.103162] ? lock_acquire+0x427/0x4c0 [ 146.103502] ? __pfx_lock_release+0x10/0x10 [ 146.103892] ? __kasan_check_write+0x18/0x20 [ 146.104383] ? do_raw_spin_lock+0x132/0x2a0 [ 146.104742] ? __pfx_do_exit+0x10/0x10 [ 146.105072] ? debug_smp_processor_id+0x20/0x30 [ 146.105459] ? rcu_is_watching+0x19/0xb0 [ 146.105791] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.106168] ? trace_hardirqs_on+0x26/0x120 [ 146.106558] do_group_exit+0xe0/0x2b0 [ 146.106873] __x64_sys_exit_group+0x47/0x50 [ 146.107231] do_syscall_64+0x3b/0x90 [ 146.107554] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.107984] RIP: 0033:0x7f4b87518a4d [ 146.108295] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.108797] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.109567] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.110257] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.110884] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.111470] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.112048] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.112634] [ 146.112827] irq event stamp: 0 [ 146.113085] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.113785] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.114463] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.115181] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.115693] ---[ end trace 0000000000000000 ]--- [ 146.119431] ------------[ cut here ]------------ [ 146.119837] WARNING: CPU: 0 PID: 1367 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.120833] Modules linked in: [ 146.121097] CPU: 0 PID: 1367 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.121807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.122753] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.123172] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.124839] RSP: 0018:ffff888011ddfbb8 EFLAGS: 00010246 [ 146.125278] RAX: 0000000000000000 RBX: ffff88800fb378a8 RCX: 0000000000000000 [ 146.126014] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 146.126618] RBP: ffff888011ddfbd0 R08: ffffed1001f66f33 R09: ffffed1001f66f33 [ 146.127217] R10: ffff88800fb37993 R11: ffffed1001f66f32 R12: ffff888020d1a400 [ 146.127951] R13: ffff88800fb379e8 R14: ffffffff8352e670 R15: ffff888011ddfe68 [ 146.128532] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.129184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.129808] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 146.130390] PKRU: 55555554 [ 146.130645] Call Trace: [ 146.130857] [ 146.131046] __iommufd_access_detach+0x1c2/0x2b0 [ 146.131456] iommufd_access_change_pt+0x149/0x270 [ 146.132026] iommufd_access_replace+0xb4/0x120 [ 146.132412] iommufd_test+0x3e5/0x37e0 [ 146.132735] ? lock_release+0x532/0x770 [ 146.133074] ? __might_fault+0x102/0x1b0 [ 146.133433] ? lock_acquire+0x427/0x4c0 [ 146.133886] ? __pfx_iommufd_test+0x10/0x10 [ 146.134247] ? __pfx_lock_release+0x10/0x10 [ 146.134638] ? __pfx_lock_acquire+0x10/0x10 [ 146.135006] ? write_comp_data+0x2f/0x90 [ 146.135365] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.135852] ? write_comp_data+0x2f/0x90 [ 146.136257] iommufd_fops_ioctl+0x37d/0x510 [ 146.136622] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.137032] ? write_comp_data+0x2f/0x90 [ 146.137393] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.137987] __x64_sys_ioctl+0x1a3/0x230 [ 146.138350] do_syscall_64+0x3b/0x90 [ 146.138727] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.139187] RIP: 0033:0x7f4b8743ee5d [ 146.139509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.141326] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.142169] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.142815] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.143453] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.144160] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.144887] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.145515] [ 146.145724] irq event stamp: 0 [ 146.146081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.146755] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.147498] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.148264] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.148947] ---[ end trace 0000000000000000 ]--- [ 146.152049] ------------[ cut here ]------------ [ 146.152651] WARNING: CPU: 0 PID: 1367 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.153545] Modules linked in: [ 146.153826] CPU: 0 PID: 1367 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.154850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.155834] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.156271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.157843] RSP: 0018:ffff888011ddfbd0 EFLAGS: 00010246 [ 146.158304] RAX: 0000000000000000 RBX: ffff88800fb378a8 RCX: 0000000000000000 [ 146.158945] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 146.159582] RBP: ffff888011ddfbe8 R08: ffffed1001f66f33 R09: ffffed1001f66f33 [ 146.160200] R10: ffff88800fb37993 R11: ffffed1001f66f32 R12: ffff8880129c4000 [ 146.160812] R13: ffff88800fb379e8 R14: ffff8880104c0500 R15: 0000000000000000 [ 146.161428] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.162144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.162676] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 146.163306] PKRU: 55555554 [ 146.163553] Call Trace: [ 146.163773] [ 146.163968] iommufd_access_destroy_object+0x65/0x170 [ 146.164419] iommufd_object_destroy_user+0x18e/0x220 [ 146.164860] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.165361] iommufd_access_destroy+0x43/0x70 [ 146.165757] iommufd_test_staccess_release+0x8d/0xd0 [ 146.166200] __fput+0x26d/0xa40 [ 146.166529] ____fput+0x1e/0x30 [ 146.166826] task_work_run+0x1a4/0x2d0 [ 146.167182] ? __pfx_task_work_run+0x10/0x10 [ 146.167569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.167991] ? switch_task_namespaces+0xa9/0xe0 [ 146.168402] do_exit+0xb17/0x2ef0 [ 146.168704] ? lock_acquire+0x427/0x4c0 [ 146.169056] ? __pfx_lock_release+0x10/0x10 [ 146.169434] ? __kasan_check_write+0x18/0x20 [ 146.169819] ? do_raw_spin_lock+0x132/0x2a0 [ 146.170192] ? __pfx_do_exit+0x10/0x10 [ 146.170558] ? debug_smp_processor_id+0x20/0x30 [ 146.170967] ? rcu_is_watching+0x19/0xb0 [ 146.171325] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.171724] ? trace_hardirqs_on+0x26/0x120 [ 146.172106] do_group_exit+0xe0/0x2b0 [ 146.172434] __x64_sys_exit_group+0x47/0x50 [ 146.172808] do_syscall_64+0x3b/0x90 [ 146.173204] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.173653] RIP: 0033:0x7f4b87518a4d [ 146.173971] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.174494] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.175173] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.175784] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.176395] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.177004] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.177623] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.178242] [ 146.178445] irq event stamp: 0 [ 146.178740] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.179298] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.180022] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.180740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.181287] ---[ end trace 0000000000000000 ]--- [ 146.182199] ------------[ cut here ]------------ [ 146.182841] WARNING: CPU: 0 PID: 1367 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.183733] Modules linked in: [ 146.184013] CPU: 0 PID: 1367 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.184767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.185730] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.186178] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.187997] RSP: 0018:ffff888011ddfb78 EFLAGS: 00010246 [ 146.188461] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.189072] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 146.189679] RBP: ffff888011ddfb98 R08: ffffed1001f66f3e R09: ffffed1001f66f3e [ 146.190312] R10: ffff88800fb379ef R11: ffffed1001f66f3d R12: ffff88800fb37a90 [ 146.191162] R13: ffff88800fb378a8 R14: ffffffffffffffff R15: ffff888011ddfc60 [ 146.191781] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.192472] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.192969] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 146.193584] PKRU: 55555554 [ 146.193850] Call Trace: [ 146.194132] [ 146.194448] iommufd_ioas_destroy+0x53/0x70 [ 146.194857] iommufd_fops_release+0x1f7/0x370 [ 146.195261] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.195700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.196125] ? write_comp_data+0x2f/0x90 [ 146.196482] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.196917] __fput+0x26d/0xa40 [ 146.197218] ____fput+0x1e/0x30 [ 146.197519] task_work_run+0x1a4/0x2d0 [ 146.197902] ? __pfx_task_work_run+0x10/0x10 [ 146.198459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.198925] ? switch_task_namespaces+0xa9/0xe0 [ 146.199354] do_exit+0xb17/0x2ef0 [ 146.199658] ? lock_acquire+0x427/0x4c0 [ 146.200010] ? __pfx_lock_release+0x10/0x10 [ 146.200388] ? __kasan_check_write+0x18/0x20 [ 146.200777] ? do_raw_spin_lock+0x132/0x2a0 [ 146.201152] ? __pfx_do_exit+0x10/0x10 [ 146.201514] ? debug_smp_processor_id+0x20/0x30 [ 146.201992] ? rcu_is_watching+0x19/0xb0 [ 146.202532] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.202936] ? trace_hardirqs_on+0x26/0x120 [ 146.203326] do_group_exit+0xe0/0x2b0 [ 146.203658] __x64_sys_exit_group+0x47/0x50 [ 146.204030] do_syscall_64+0x3b/0x90 [ 146.204358] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.204812] RIP: 0033:0x7f4b87518a4d [ 146.205199] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.205769] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.206604] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.207230] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.207844] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.208451] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.209065] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.209772] [ 146.210068] irq event stamp: 0 [ 146.210342] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.210907] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.211636] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.212349] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.212898] ---[ end trace 0000000000000000 ]--- [ 146.217175] ------------[ cut here ]------------ [ 146.217615] WARNING: CPU: 0 PID: 1368 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.218863] Modules linked in: [ 146.219152] CPU: 0 PID: 1368 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.219898] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.220855] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.221287] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.223067] RSP: 0018:ffff8880140d7bb8 EFLAGS: 00010246 [ 146.223550] RAX: 0000000000000000 RBX: ffff88801299e0a8 RCX: 0000000000000000 [ 146.224159] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 146.224772] RBP: ffff8880140d7bd0 R08: ffffed1002533c33 R09: ffffed1002533c33 [ 146.225568] R10: ffff88801299e193 R11: ffffed1002533c32 R12: ffff888018089800 [ 146.226179] R13: ffff88801299e1e8 R14: ffffffff8352e670 R15: ffff8880140d7e68 [ 146.226836] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.227537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.228037] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 146.228701] PKRU: 55555554 [ 146.229078] Call Trace: [ 146.229300] [ 146.229498] __iommufd_access_detach+0x1c2/0x2b0 [ 146.229918] iommufd_access_change_pt+0x149/0x270 [ 146.230344] iommufd_access_replace+0xb4/0x120 [ 146.230772] iommufd_test+0x3e5/0x37e0 [ 146.231109] ? lock_release+0x532/0x770 [ 146.231472] ? __might_fault+0x102/0x1b0 [ 146.231828] ? lock_acquire+0x427/0x4c0 [ 146.232181] ? __pfx_iommufd_test+0x10/0x10 [ 146.232551] ? __pfx_lock_release+0x10/0x10 [ 146.232938] ? __pfx_lock_acquire+0x10/0x10 [ 146.233323] ? write_comp_data+0x2f/0x90 [ 146.233693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.234118] ? write_comp_data+0x2f/0x90 [ 146.234531] iommufd_fops_ioctl+0x37d/0x510 [ 146.235110] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.235546] ? write_comp_data+0x2f/0x90 [ 146.235909] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.236327] __x64_sys_ioctl+0x1a3/0x230 [ 146.236685] do_syscall_64+0x3b/0x90 [ 146.237098] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.237549] RIP: 0033:0x7f4b8743ee5d [ 146.237871] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.239706] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.240364] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.241197] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.241807] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.242415] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.243044] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.243670] [ 146.243871] irq event stamp: 0 [ 146.244142] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.244681] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.245398] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.246108] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.246670] ---[ end trace 0000000000000000 ]--- [ 146.249801] ------------[ cut here ]------------ [ 146.250239] WARNING: CPU: 0 PID: 1368 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.251339] Modules linked in: [ 146.251620] CPU: 0 PID: 1368 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.252368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.253497] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.253930] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.255569] RSP: 0018:ffff8880140d7bd0 EFLAGS: 00010246 [ 146.256027] RAX: 0000000000000000 RBX: ffff88801299e0a8 RCX: 0000000000000000 [ 146.256724] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 146.257435] RBP: ffff8880140d7be8 R08: ffffed1002533c33 R09: ffffed1002533c33 [ 146.258048] R10: ffff88801299e193 R11: ffffed1002533c32 R12: ffff888020d18800 [ 146.258839] R13: ffff88801299e1e8 R14: ffff888014522d00 R15: 0000000000000000 [ 146.259464] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.260155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.260831] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.261446] PKRU: 55555554 [ 146.261693] Call Trace: [ 146.261916] [ 146.262113] iommufd_access_destroy_object+0x65/0x170 [ 146.262756] iommufd_object_destroy_user+0x18e/0x220 [ 146.263207] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.263716] iommufd_access_destroy+0x43/0x70 [ 146.264120] iommufd_test_staccess_release+0x8d/0xd0 [ 146.264741] __fput+0x26d/0xa40 [ 146.265049] ____fput+0x1e/0x30 [ 146.265344] task_work_run+0x1a4/0x2d0 [ 146.265694] ? __pfx_task_work_run+0x10/0x10 [ 146.266096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.266681] ? switch_task_namespaces+0xa9/0xe0 [ 146.267103] do_exit+0xb17/0x2ef0 [ 146.267420] ? lock_acquire+0x427/0x4c0 [ 146.267775] ? __pfx_lock_release+0x10/0x10 [ 146.268252] ? __kasan_check_write+0x18/0x20 [ 146.268728] ? do_raw_spin_lock+0x132/0x2a0 [ 146.269166] ? __pfx_do_exit+0x10/0x10 [ 146.269513] ? debug_smp_processor_id+0x20/0x30 [ 146.269936] ? rcu_is_watching+0x19/0xb0 [ 146.270425] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.270846] ? trace_hardirqs_on+0x26/0x120 [ 146.271240] do_group_exit+0xe0/0x2b0 [ 146.271575] __x64_sys_exit_group+0x47/0x50 [ 146.272004] do_syscall_64+0x3b/0x90 [ 146.272424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.272887] RIP: 0033:0x7f4b87518a4d [ 146.273210] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.273763] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.274565] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.275178] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.275870] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.276564] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.277173] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.277954] [ 146.278157] irq event stamp: 0 [ 146.278431] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.278987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.279880] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.280600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.281148] ---[ end trace 0000000000000000 ]--- [ 146.283996] ------------[ cut here ]------------ [ 146.284431] WARNING: CPU: 0 PID: 1368 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.285381] Modules linked in: [ 146.285749] CPU: 0 PID: 1368 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.286489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.287679] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.288120] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.289673] RSP: 0018:ffff8880140d7b78 EFLAGS: 00010246 [ 146.290131] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.290756] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 146.291374] RBP: ffff8880140d7b98 R08: ffffed1002533c3e R09: ffffed1002533c3e [ 146.291979] R10: ffff88801299e1ef R11: ffffed1002533c3d R12: ffff88801299e290 [ 146.292583] R13: ffff88801299e0a8 R14: ffffffffffffffff R15: ffff8880140d7c60 [ 146.293192] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.293878] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.294370] CR2: 00007f82e2ece000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 146.294996] PKRU: 55555554 [ 146.295250] Call Trace: [ 146.295470] [ 146.295665] iommufd_ioas_destroy+0x53/0x70 [ 146.296046] iommufd_fops_release+0x1f7/0x370 [ 146.296440] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.296873] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.297304] ? write_comp_data+0x2f/0x90 [ 146.297662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.298094] __fput+0x26d/0xa40 [ 146.298391] ____fput+0x1e/0x30 [ 146.298703] task_work_run+0x1a4/0x2d0 [ 146.299050] ? __pfx_task_work_run+0x10/0x10 [ 146.299442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.299859] ? switch_task_namespaces+0xa9/0xe0 [ 146.300262] do_exit+0xb17/0x2ef0 [ 146.300560] ? lock_acquire+0x427/0x4c0 [ 146.300894] ? __pfx_lock_release+0x10/0x10 [ 146.301326] ? __kasan_check_write+0x18/0x20 [ 146.301685] ? do_raw_spin_lock+0x132/0x2a0 [ 146.302035] ? __pfx_do_exit+0x10/0x10 [ 146.302357] ? debug_smp_processor_id+0x20/0x30 [ 146.302758] ? rcu_is_watching+0x19/0xb0 [ 146.303094] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.303478] ? trace_hardirqs_on+0x26/0x120 [ 146.303833] do_group_exit+0xe0/0x2b0 [ 146.304143] __x64_sys_exit_group+0x47/0x50 [ 146.304489] do_syscall_64+0x3b/0x90 [ 146.304801] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.305229] RIP: 0033:0x7f4b87518a4d [ 146.305529] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.306022] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.306649] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.307231] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.307802] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.308375] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.308945] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.309527] [ 146.309720] irq event stamp: 0 [ 146.309974] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.310479] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.311184] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.311854] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.312358] ---[ end trace 0000000000000000 ]--- [ 146.317716] ------------[ cut here ]------------ [ 146.318110] WARNING: CPU: 0 PID: 1369 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.318983] Modules linked in: [ 146.319297] CPU: 0 PID: 1369 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.320111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.321022] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.321431] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.322917] RSP: 0018:ffff888017a87bb8 EFLAGS: 00010246 [ 146.323362] RAX: 0000000000000000 RBX: ffff8880180a18a8 RCX: 0000000000000000 [ 146.323945] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 146.324520] RBP: ffff888017a87bd0 R08: ffffed1003014333 R09: ffffed1003014333 [ 146.325096] R10: ffff8880180a1993 R11: ffffed1003014332 R12: ffff88801341d000 [ 146.325670] R13: ffff8880180a19e8 R14: ffffffff8352e670 R15: ffff888017a87e68 [ 146.326240] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.326917] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.327396] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 146.327971] PKRU: 55555554 [ 146.328202] Call Trace: [ 146.328410] [ 146.328593] __iommufd_access_detach+0x1c2/0x2b0 [ 146.328995] iommufd_access_change_pt+0x149/0x270 [ 146.329394] iommufd_access_replace+0xb4/0x120 [ 146.329773] iommufd_test+0x3e5/0x37e0 [ 146.330089] ? lock_release+0x532/0x770 [ 146.330423] ? __might_fault+0x102/0x1b0 [ 146.330780] ? lock_acquire+0x427/0x4c0 [ 146.331117] ? __pfx_iommufd_test+0x10/0x10 [ 146.331474] ? __pfx_lock_release+0x10/0x10 [ 146.331834] ? __pfx_lock_acquire+0x10/0x10 [ 146.332195] ? write_comp_data+0x2f/0x90 [ 146.332536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.333012] ? write_comp_data+0x2f/0x90 [ 146.333351] iommufd_fops_ioctl+0x37d/0x510 [ 146.333702] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.334096] ? write_comp_data+0x2f/0x90 [ 146.334432] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.334845] __x64_sys_ioctl+0x1a3/0x230 [ 146.335194] do_syscall_64+0x3b/0x90 [ 146.335505] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.335929] RIP: 0033:0x7f4b8743ee5d [ 146.336234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.337685] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.338299] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.338895] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.339483] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.340056] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.340629] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.341208] [ 146.341397] irq event stamp: 0 [ 146.341651] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.342158] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.342860] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.343547] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.344054] ---[ end trace 0000000000000000 ]--- [ 146.347146] ------------[ cut here ]------------ [ 146.347552] WARNING: CPU: 0 PID: 1369 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.348365] Modules linked in: [ 146.348627] CPU: 0 PID: 1369 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.349489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.350390] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.350974] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.352447] RSP: 0018:ffff888017a87bd0 EFLAGS: 00010246 [ 146.353032] RAX: 0000000000000000 RBX: ffff8880180a18a8 RCX: 0000000000000000 [ 146.353609] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 146.354180] RBP: ffff888017a87be8 R08: ffffed1003014333 R09: ffffed1003014333 [ 146.354935] R10: ffff8880180a1993 R11: ffffed1003014332 R12: ffff888018089000 [ 146.355520] R13: ffff8880180a19e8 R14: ffff888012860400 R15: 0000000000000000 [ 146.356094] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.356818] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.357386] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.357972] PKRU: 55555554 [ 146.358203] Call Trace: [ 146.358445] [ 146.358762] iommufd_access_destroy_object+0x65/0x170 [ 146.359197] iommufd_object_destroy_user+0x18e/0x220 [ 146.359616] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.360095] iommufd_access_destroy+0x43/0x70 [ 146.360507] iommufd_test_staccess_release+0x8d/0xd0 [ 146.361039] __fput+0x26d/0xa40 [ 146.361328] ____fput+0x1e/0x30 [ 146.361606] task_work_run+0x1a4/0x2d0 [ 146.361931] ? __pfx_task_work_run+0x10/0x10 [ 146.362374] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.362885] ? switch_task_namespaces+0xa9/0xe0 [ 146.363304] do_exit+0xb17/0x2ef0 [ 146.363593] ? lock_acquire+0x427/0x4c0 [ 146.363927] ? __pfx_lock_release+0x10/0x10 [ 146.364281] ? __kasan_check_write+0x18/0x20 [ 146.364642] ? do_raw_spin_lock+0x132/0x2a0 [ 146.365238] ? __pfx_do_exit+0x10/0x10 [ 146.365571] ? debug_smp_processor_id+0x20/0x30 [ 146.365955] ? rcu_is_watching+0x19/0xb0 [ 146.366292] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.366709] ? trace_hardirqs_on+0x26/0x120 [ 146.367192] do_group_exit+0xe0/0x2b0 [ 146.367509] __x64_sys_exit_group+0x47/0x50 [ 146.367863] do_syscall_64+0x3b/0x90 [ 146.368178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.368605] RIP: 0033:0x7f4b87518a4d [ 146.368965] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.369562] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.370180] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.370866] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.371542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.372116] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.372849] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.373442] [ 146.373639] irq event stamp: 0 [ 146.373895] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.374483] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.375253] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.375934] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.376618] ---[ end trace 0000000000000000 ]--- [ 146.377967] ------------[ cut here ]------------ [ 146.378574] WARNING: CPU: 0 PID: 1369 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.379416] Modules linked in: [ 146.379680] CPU: 0 PID: 1369 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.380527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.381434] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.381856] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.383374] RSP: 0018:ffff888017a87b78 EFLAGS: 00010246 [ 146.383804] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.384374] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 146.384950] RBP: ffff888017a87b98 R08: ffffed100301433e R09: ffffed100301433e [ 146.385535] R10: ffff8880180a19ef R11: ffffed100301433d R12: ffff8880180a1a90 [ 146.386114] R13: ffff8880180a18a8 R14: ffffffffffffffff R15: ffff888017a87c60 [ 146.386706] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.387363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.387833] CR2: 00007f82e2ed8000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 146.388407] PKRU: 55555554 [ 146.388637] Call Trace: [ 146.388853] [ 146.389036] iommufd_ioas_destroy+0x53/0x70 [ 146.389396] iommufd_fops_release+0x1f7/0x370 [ 146.389765] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.390171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.390594] ? write_comp_data+0x2f/0x90 [ 146.390940] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.391356] __fput+0x26d/0xa40 [ 146.391638] ____fput+0x1e/0x30 [ 146.391913] task_work_run+0x1a4/0x2d0 [ 146.392240] ? __pfx_task_work_run+0x10/0x10 [ 146.392605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.393005] ? switch_task_namespaces+0xa9/0xe0 [ 146.393393] do_exit+0xb17/0x2ef0 [ 146.393677] ? lock_acquire+0x427/0x4c0 [ 146.394006] ? __pfx_lock_release+0x10/0x10 [ 146.394360] ? __kasan_check_write+0x18/0x20 [ 146.394741] ? do_raw_spin_lock+0x132/0x2a0 [ 146.395096] ? __pfx_do_exit+0x10/0x10 [ 146.395427] ? debug_smp_processor_id+0x20/0x30 [ 146.395810] ? rcu_is_watching+0x19/0xb0 [ 146.396145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.396516] ? trace_hardirqs_on+0x26/0x120 [ 146.396873] do_group_exit+0xe0/0x2b0 [ 146.397246] __x64_sys_exit_group+0x47/0x50 [ 146.397595] do_syscall_64+0x3b/0x90 [ 146.397906] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.398332] RIP: 0033:0x7f4b87518a4d [ 146.398654] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.399163] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.399773] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.400342] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.400912] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.401478] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.402044] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.402638] [ 146.402832] irq event stamp: 0 [ 146.403088] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.403608] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.404284] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.404965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.405477] ---[ end trace 0000000000000000 ]--- [ 146.410150] ------------[ cut here ]------------ [ 146.410578] WARNING: CPU: 0 PID: 1370 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.411409] Modules linked in: [ 146.411669] CPU: 0 PID: 1370 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.412545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.413446] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.413852] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.415404] RSP: 0018:ffff888013effbb8 EFLAGS: 00010246 [ 146.415845] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 146.416413] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.416981] RBP: ffff888013effbd0 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 146.417554] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff88800ae90400 [ 146.418121] R13: ffff888011f649e8 R14: ffffffff8352e670 R15: ffff888013effe68 [ 146.418710] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.419363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.419830] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 146.420492] PKRU: 55555554 [ 146.420819] Call Trace: [ 146.421028] [ 146.421215] __iommufd_access_detach+0x1c2/0x2b0 [ 146.421617] iommufd_access_change_pt+0x149/0x270 [ 146.422019] iommufd_access_replace+0xb4/0x120 [ 146.422410] iommufd_test+0x3e5/0x37e0 [ 146.422754] ? lock_release+0x532/0x770 [ 146.423086] ? __might_fault+0x102/0x1b0 [ 146.423433] ? lock_acquire+0x427/0x4c0 [ 146.423765] ? __pfx_iommufd_test+0x10/0x10 [ 146.424111] ? __pfx_lock_release+0x10/0x10 [ 146.424466] ? __pfx_lock_acquire+0x10/0x10 [ 146.424822] ? write_comp_data+0x2f/0x90 [ 146.425162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.425559] ? write_comp_data+0x2f/0x90 [ 146.425897] iommufd_fops_ioctl+0x37d/0x510 [ 146.426247] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.426660] ? write_comp_data+0x2f/0x90 [ 146.426999] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.427400] __x64_sys_ioctl+0x1a3/0x230 [ 146.427744] do_syscall_64+0x3b/0x90 [ 146.428058] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.428480] RIP: 0033:0x7f4b8743ee5d [ 146.428780] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.430299] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.430931] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.431512] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.432082] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.432652] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.433221] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.433809] [ 146.433998] irq event stamp: 0 [ 146.434253] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.434775] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.435459] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.436126] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.436629] ---[ end trace 0000000000000000 ]--- [ 146.439715] ------------[ cut here ]------------ [ 146.440203] WARNING: CPU: 0 PID: 1370 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.441030] Modules linked in: [ 146.441291] CPU: 0 PID: 1370 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.442153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.443080] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.443506] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.445135] RSP: 0018:ffff888013effbd0 EFLAGS: 00010246 [ 146.445567] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 146.446291] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.446887] RBP: ffff888013effbe8 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 146.447471] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff88801341ec00 [ 146.448208] R13: ffff888011f649e8 R14: ffff888012394200 R15: 0000000000000000 [ 146.448785] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.449436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.450074] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.450671] PKRU: 55555554 [ 146.450902] Call Trace: [ 146.451108] [ 146.451303] iommufd_access_destroy_object+0x65/0x170 [ 146.451723] iommufd_object_destroy_user+0x18e/0x220 [ 146.452295] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.452770] iommufd_access_destroy+0x43/0x70 [ 146.453145] iommufd_test_staccess_release+0x8d/0xd0 [ 146.453566] __fput+0x26d/0xa40 [ 146.453925] ____fput+0x1e/0x30 [ 146.454280] task_work_run+0x1a4/0x2d0 [ 146.454625] ? __pfx_task_work_run+0x10/0x10 [ 146.454988] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.455406] ? switch_task_namespaces+0xa9/0xe0 [ 146.455796] do_exit+0xb17/0x2ef0 [ 146.456110] ? lock_acquire+0x427/0x4c0 [ 146.456561] ? __pfx_lock_release+0x10/0x10 [ 146.456926] ? __kasan_check_write+0x18/0x20 [ 146.457287] ? do_raw_spin_lock+0x132/0x2a0 [ 146.457637] ? __pfx_do_exit+0x10/0x10 [ 146.458039] ? debug_smp_processor_id+0x20/0x30 [ 146.458527] ? rcu_is_watching+0x19/0xb0 [ 146.458865] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.459248] ? trace_hardirqs_on+0x26/0x120 [ 146.459605] do_group_exit+0xe0/0x2b0 [ 146.459917] __x64_sys_exit_group+0x47/0x50 [ 146.460319] do_syscall_64+0x3b/0x90 [ 146.460710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.461202] RIP: 0033:0x7f4b87518a4d [ 146.461508] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.462004] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.462800] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.463382] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.463956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.464600] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.465254] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.465844] [ 146.466036] irq event stamp: 0 [ 146.466329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.466968] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.467653] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.468328] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.469011] ---[ end trace 0000000000000000 ]--- [ 146.469709] ------------[ cut here ]------------ [ 146.470092] WARNING: CPU: 0 PID: 1370 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.471088] Modules linked in: [ 146.471369] CPU: 0 PID: 1370 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.472072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.473143] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.473564] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.475208] RSP: 0018:ffff888013effb78 EFLAGS: 00010246 [ 146.475648] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.476224] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.476867] RBP: ffff888013effb98 R08: ffffed10023ec93e R09: ffffed10023ec93e [ 146.477526] R10: ffff888011f649ef R11: ffffed10023ec93d R12: ffff888011f64a90 [ 146.478175] R13: ffff888011f648a8 R14: ffffffffffffffff R15: ffff888013effc60 [ 146.478769] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.479434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.479899] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.480474] PKRU: 55555554 [ 146.480704] Call Trace: [ 146.480914] [ 146.481099] iommufd_ioas_destroy+0x53/0x70 [ 146.481460] iommufd_fops_release+0x1f7/0x370 [ 146.481833] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.482242] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.482662] ? write_comp_data+0x2f/0x90 [ 146.483007] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.483431] __fput+0x26d/0xa40 [ 146.483713] ____fput+0x1e/0x30 [ 146.483989] task_work_run+0x1a4/0x2d0 [ 146.484313] ? __pfx_task_work_run+0x10/0x10 [ 146.484672] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.485071] ? switch_task_namespaces+0xa9/0xe0 [ 146.485456] do_exit+0xb17/0x2ef0 [ 146.485743] ? lock_acquire+0x427/0x4c0 [ 146.486074] ? __pfx_lock_release+0x10/0x10 [ 146.486431] ? __kasan_check_write+0x18/0x20 [ 146.486808] ? do_raw_spin_lock+0x132/0x2a0 [ 146.487172] ? __pfx_do_exit+0x10/0x10 [ 146.487494] ? debug_smp_processor_id+0x20/0x30 [ 146.487872] ? rcu_is_watching+0x19/0xb0 [ 146.488201] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.488572] ? trace_hardirqs_on+0x26/0x120 [ 146.488928] do_group_exit+0xe0/0x2b0 [ 146.489240] __x64_sys_exit_group+0x47/0x50 [ 146.489589] do_syscall_64+0x3b/0x90 [ 146.489897] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.490317] RIP: 0033:0x7f4b87518a4d [ 146.490634] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.491134] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.491741] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.492315] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.492887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.493522] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.494088] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.494688] [ 146.494877] irq event stamp: 0 [ 146.495140] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.495646] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.496319] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.496985] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.497490] ---[ end trace 0000000000000000 ]--- [ 146.501083] ------------[ cut here ]------------ [ 146.501488] WARNING: CPU: 0 PID: 1371 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.502299] Modules linked in: [ 146.502588] CPU: 0 PID: 1371 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.503292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.504186] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.504584] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.506034] RSP: 0018:ffff888011c9fbb8 EFLAGS: 00010246 [ 146.506460] RAX: 0000000000000000 RBX: ffff8880171bf8a8 RCX: 0000000000000000 [ 146.507043] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 146.507618] RBP: ffff888011c9fbd0 R08: ffffed1002e37f33 R09: ffffed1002e37f33 [ 146.508187] R10: ffff8880171bf993 R11: ffffed1002e37f32 R12: ffff888012e93c00 [ 146.508765] R13: ffff8880171bf9e8 R14: ffffffff8352e670 R15: ffff888011c9fe68 [ 146.509344] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.509984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.510450] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 146.511038] PKRU: 55555554 [ 146.511288] Call Trace: [ 146.511501] [ 146.511683] __iommufd_access_detach+0x1c2/0x2b0 [ 146.512075] iommufd_access_change_pt+0x149/0x270 [ 146.512478] iommufd_access_replace+0xb4/0x120 [ 146.512884] iommufd_test+0x3e5/0x37e0 [ 146.513201] ? lock_release+0x532/0x770 [ 146.513539] ? __might_fault+0x102/0x1b0 [ 146.513876] ? lock_acquire+0x427/0x4c0 [ 146.514207] ? __pfx_iommufd_test+0x10/0x10 [ 146.514568] ? __pfx_lock_release+0x10/0x10 [ 146.514923] ? __pfx_lock_acquire+0x10/0x10 [ 146.515287] ? write_comp_data+0x2f/0x90 [ 146.515615] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.515999] ? write_comp_data+0x2f/0x90 [ 146.516327] iommufd_fops_ioctl+0x37d/0x510 [ 146.516667] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.517050] ? write_comp_data+0x2f/0x90 [ 146.517380] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.517759] __x64_sys_ioctl+0x1a3/0x230 [ 146.518088] do_syscall_64+0x3b/0x90 [ 146.518388] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.518817] RIP: 0033:0x7f4b8743ee5d [ 146.519116] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.520531] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.521123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.521674] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.522224] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.522800] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.523362] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.523919] [ 146.524103] irq event stamp: 0 [ 146.524345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.524824] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.525532] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.526166] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.526668] ---[ end trace 0000000000000000 ]--- [ 146.529345] ------------[ cut here ]------------ [ 146.529735] WARNING: CPU: 0 PID: 1371 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.530530] Modules linked in: [ 146.530777] CPU: 0 PID: 1371 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.531455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.532307] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.532694] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.534083] RSP: 0018:ffff888011c9fbd0 EFLAGS: 00010246 [ 146.534490] RAX: 0000000000000000 RBX: ffff8880171bf8a8 RCX: 0000000000000000 [ 146.535048] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 146.535594] RBP: ffff888011c9fbe8 R08: ffffed1002e37f33 R09: ffffed1002e37f33 [ 146.536134] R10: ffff8880171bf993 R11: ffffed1002e37f32 R12: ffff88800ae90800 [ 146.536676] R13: ffff8880171bf9e8 R14: ffff88800fa7b000 R15: 0000000000000000 [ 146.537220] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.537832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.538272] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.538834] PKRU: 55555554 [ 146.539054] Call Trace: [ 146.539256] [ 146.539433] iommufd_access_destroy_object+0x65/0x170 [ 146.539831] iommufd_object_destroy_user+0x18e/0x220 [ 146.540226] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.540676] iommufd_access_destroy+0x43/0x70 [ 146.541031] iommufd_test_staccess_release+0x8d/0xd0 [ 146.541428] __fput+0x26d/0xa40 [ 146.541696] ____fput+0x1e/0x30 [ 146.541956] task_work_run+0x1a4/0x2d0 [ 146.542264] ? __pfx_task_work_run+0x10/0x10 [ 146.542625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.543008] ? switch_task_namespaces+0xa9/0xe0 [ 146.543393] do_exit+0xb17/0x2ef0 [ 146.543662] ? lock_acquire+0x427/0x4c0 [ 146.543975] ? __pfx_lock_release+0x10/0x10 [ 146.544313] ? __kasan_check_write+0x18/0x20 [ 146.544657] ? do_raw_spin_lock+0x132/0x2a0 [ 146.544989] ? __pfx_do_exit+0x10/0x10 [ 146.545295] ? debug_smp_processor_id+0x20/0x30 [ 146.545659] ? rcu_is_watching+0x19/0xb0 [ 146.545971] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.546325] ? trace_hardirqs_on+0x26/0x120 [ 146.546685] do_group_exit+0xe0/0x2b0 [ 146.546983] __x64_sys_exit_group+0x47/0x50 [ 146.547318] do_syscall_64+0x3b/0x90 [ 146.547617] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.548020] RIP: 0033:0x7f4b87518a4d [ 146.548304] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.548774] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.549351] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.549892] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.550436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.551010] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.551562] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.552111] [ 146.552290] irq event stamp: 0 [ 146.552531] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.553016] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.553661] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.554298] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.554814] ---[ end trace 0000000000000000 ]--- [ 146.555507] ------------[ cut here ]------------ [ 146.555868] WARNING: CPU: 0 PID: 1371 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.556664] Modules linked in: [ 146.556903] CPU: 0 PID: 1371 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.557603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.558432] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.558836] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.560199] RSP: 0018:ffff888011c9fb78 EFLAGS: 00010246 [ 146.560603] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.561133] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 146.561660] RBP: ffff888011c9fb98 R08: ffffed1002e37f3e R09: ffffed1002e37f3e [ 146.562192] R10: ffff8880171bf9ef R11: ffffed1002e37f3d R12: ffff8880171bfa90 [ 146.562740] R13: ffff8880171bf8a8 R14: ffffffffffffffff R15: ffff888011c9fc60 [ 146.563280] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.563875] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.564305] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.564836] PKRU: 55555554 [ 146.565048] Call Trace: [ 146.565243] [ 146.565414] iommufd_ioas_destroy+0x53/0x70 [ 146.565746] iommufd_fops_release+0x1f7/0x370 [ 146.566088] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.566466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.566857] ? write_comp_data+0x2f/0x90 [ 146.567186] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.567566] __fput+0x26d/0xa40 [ 146.567827] ____fput+0x1e/0x30 [ 146.568086] task_work_run+0x1a4/0x2d0 [ 146.568388] ? __pfx_task_work_run+0x10/0x10 [ 146.568730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.569103] ? switch_task_namespaces+0xa9/0xe0 [ 146.569464] do_exit+0xb17/0x2ef0 [ 146.569733] ? lock_acquire+0x427/0x4c0 [ 146.570042] ? __pfx_lock_release+0x10/0x10 [ 146.570389] ? __kasan_check_write+0x18/0x20 [ 146.570747] ? do_raw_spin_lock+0x132/0x2a0 [ 146.571082] ? __pfx_do_exit+0x10/0x10 [ 146.571395] ? debug_smp_processor_id+0x20/0x30 [ 146.571749] ? rcu_is_watching+0x19/0xb0 [ 146.572059] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.572404] ? trace_hardirqs_on+0x26/0x120 [ 146.572735] do_group_exit+0xe0/0x2b0 [ 146.573023] __x64_sys_exit_group+0x47/0x50 [ 146.573350] do_syscall_64+0x3b/0x90 [ 146.573636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.574032] RIP: 0033:0x7f4b87518a4d [ 146.574314] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.574798] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.575388] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.575921] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.576454] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.576992] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.577523] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.578059] [ 146.578238] irq event stamp: 0 [ 146.578474] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.578970] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.579606] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.580231] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.580697] ---[ end trace 0000000000000000 ]--- [ 146.584693] ------------[ cut here ]------------ [ 146.585071] WARNING: CPU: 0 PID: 1372 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.585822] Modules linked in: [ 146.586058] CPU: 0 PID: 1372 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.586900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.587733] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.588099] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.589481] RSP: 0018:ffff88800f8cfbb8 EFLAGS: 00010246 [ 146.589869] RAX: 0000000000000000 RBX: ffff88801596c0a8 RCX: 0000000000000000 [ 146.590387] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 146.590923] RBP: ffff88800f8cfbd0 R08: ffffed1002b2d833 R09: ffffed1002b2d833 [ 146.591452] R10: ffff88801596c193 R11: ffffed1002b2d832 R12: ffff8880184ef800 [ 146.591972] R13: ffff88801596c1e8 R14: ffffffff8352e670 R15: ffff88800f8cfe68 [ 146.592495] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.593079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.593503] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 146.594021] PKRU: 55555554 [ 146.594230] Call Trace: [ 146.594418] [ 146.594602] __iommufd_access_detach+0x1c2/0x2b0 [ 146.594969] iommufd_access_change_pt+0x149/0x270 [ 146.595340] iommufd_access_replace+0xb4/0x120 [ 146.595686] iommufd_test+0x3e5/0x37e0 [ 146.595972] ? lock_release+0x532/0x770 [ 146.596275] ? __might_fault+0x102/0x1b0 [ 146.596580] ? lock_acquire+0x427/0x4c0 [ 146.596883] ? __pfx_iommufd_test+0x10/0x10 [ 146.597206] ? __pfx_lock_release+0x10/0x10 [ 146.597530] ? __pfx_lock_acquire+0x10/0x10 [ 146.597855] ? write_comp_data+0x2f/0x90 [ 146.598162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.598542] ? write_comp_data+0x2f/0x90 [ 146.598852] iommufd_fops_ioctl+0x37d/0x510 [ 146.599186] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.599551] ? write_comp_data+0x2f/0x90 [ 146.599863] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.600224] __x64_sys_ioctl+0x1a3/0x230 [ 146.600535] do_syscall_64+0x3b/0x90 [ 146.600822] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.601211] RIP: 0033:0x7f4b8743ee5d [ 146.601485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.602835] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.603404] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.603927] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.604447] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.604964] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.605481] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.606010] [ 146.606182] irq event stamp: 0 [ 146.606419] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.606895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.607533] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.608147] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.608606] ---[ end trace 0000000000000000 ]--- [ 146.611236] ------------[ cut here ]------------ [ 146.611608] WARNING: CPU: 0 PID: 1372 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.612353] Modules linked in: [ 146.612596] CPU: 0 PID: 1372 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.613453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.614285] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.614688] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.616199] RSP: 0018:ffff88800f8cfbd0 EFLAGS: 00010246 [ 146.616598] RAX: 0000000000000000 RBX: ffff88801596c0a8 RCX: 0000000000000000 [ 146.617122] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 146.617709] RBP: ffff88800f8cfbe8 R08: ffffed1002b2d833 R09: ffffed1002b2d833 [ 146.618324] R10: ffff88801596c193 R11: ffffed1002b2d832 R12: ffff888012e90c00 [ 146.618871] R13: ffff88801596c1e8 R14: ffff888010939f00 R15: 0000000000000000 [ 146.619419] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.620013] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.620440] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.621200] PKRU: 55555554 [ 146.621413] Call Trace: [ 146.621602] [ 146.621769] iommufd_access_destroy_object+0x65/0x170 [ 146.622155] iommufd_object_destroy_user+0x18e/0x220 [ 146.622553] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.622987] iommufd_access_destroy+0x43/0x70 [ 146.623473] iommufd_test_staccess_release+0x8d/0xd0 [ 146.623862] __fput+0x26d/0xa40 [ 146.624121] ____fput+0x1e/0x30 [ 146.624374] task_work_run+0x1a4/0x2d0 [ 146.624675] ? __pfx_task_work_run+0x10/0x10 [ 146.625006] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.625400] ? switch_task_namespaces+0xa9/0xe0 [ 146.625855] do_exit+0xb17/0x2ef0 [ 146.626114] ? lock_acquire+0x427/0x4c0 [ 146.626424] ? __pfx_lock_release+0x10/0x10 [ 146.626777] ? __kasan_check_write+0x18/0x20 [ 146.627117] ? do_raw_spin_lock+0x132/0x2a0 [ 146.627449] ? __pfx_do_exit+0x10/0x10 [ 146.627750] ? debug_smp_processor_id+0x20/0x30 [ 146.628131] ? rcu_is_watching+0x19/0xb0 [ 146.628548] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.628895] ? trace_hardirqs_on+0x26/0x120 [ 146.629227] do_group_exit+0xe0/0x2b0 [ 146.629520] __x64_sys_exit_group+0x47/0x50 [ 146.629846] do_syscall_64+0x3b/0x90 [ 146.630137] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.630605] RIP: 0033:0x7f4b87518a4d [ 146.630980] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.631441] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.632009] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.632544] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.633210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.633744] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.634277] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.634841] [ 146.635021] irq event stamp: 0 [ 146.635266] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.635878] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.636502] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.637125] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.637596] ---[ end trace 0000000000000000 ]--- [ 146.638380] ------------[ cut here ]------------ [ 146.638759] WARNING: CPU: 0 PID: 1372 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.639547] Modules linked in: [ 146.639790] CPU: 0 PID: 1372 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.640440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.641458] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.641845] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.643220] RSP: 0018:ffff88800f8cfb78 EFLAGS: 00010246 [ 146.643622] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.644212] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 146.644826] RBP: ffff88800f8cfb98 R08: ffffed1002b2d83e R09: ffffed1002b2d83e [ 146.645357] R10: ffff88801596c1ef R11: ffffed1002b2d83d R12: ffff88801596c290 [ 146.645885] R13: ffff88801596c0a8 R14: ffffffffffffffff R15: ffff88800f8cfc60 [ 146.646414] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.647072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.647556] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.648080] PKRU: 55555554 [ 146.648295] Call Trace: [ 146.648489] [ 146.648661] iommufd_ioas_destroy+0x53/0x70 [ 146.649018] iommufd_fops_release+0x1f7/0x370 [ 146.649480] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.649862] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.650247] ? write_comp_data+0x2f/0x90 [ 146.650593] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.650983] __fput+0x26d/0xa40 [ 146.651324] ____fput+0x1e/0x30 [ 146.651695] task_work_run+0x1a4/0x2d0 [ 146.652007] ? __pfx_task_work_run+0x10/0x10 [ 146.652356] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.652750] ? switch_task_namespaces+0xa9/0xe0 [ 146.653324] do_exit+0xb17/0x2ef0 [ 146.653598] ? lock_acquire+0x427/0x4c0 [ 146.653917] ? __pfx_lock_release+0x10/0x10 [ 146.654257] ? __kasan_check_write+0x18/0x20 [ 146.654702] ? do_raw_spin_lock+0x132/0x2a0 [ 146.655145] ? __pfx_do_exit+0x10/0x10 [ 146.655460] ? debug_smp_processor_id+0x20/0x30 [ 146.655826] ? rcu_is_watching+0x19/0xb0 [ 146.656145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.656507] ? trace_hardirqs_on+0x26/0x120 [ 146.656909] do_group_exit+0xe0/0x2b0 [ 146.657337] __x64_sys_exit_group+0x47/0x50 [ 146.657680] do_syscall_64+0x3b/0x90 [ 146.657981] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.658390] RIP: 0033:0x7f4b87518a4d [ 146.658825] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.659308] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.659900] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.660451] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.661016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.661689] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.662240] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.662826] [ 146.663081] irq event stamp: 0 [ 146.663419] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.663914] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.664560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.665227] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.665813] ---[ end trace 0000000000000000 ]--- [ 146.670178] ------------[ cut here ]------------ [ 146.670780] WARNING: CPU: 0 PID: 1373 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.671610] Modules linked in: [ 146.671872] CPU: 0 PID: 1373 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.672581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.673484] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.673888] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.675393] RSP: 0018:ffff888013effbb8 EFLAGS: 00010246 [ 146.675833] RAX: 0000000000000000 RBX: ffff888010ba78a8 RCX: 0000000000000000 [ 146.676406] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 146.676975] RBP: ffff888013effbd0 R08: ffffed1002174f33 R09: ffffed1002174f33 [ 146.677540] R10: ffff888010ba7993 R11: ffffed1002174f32 R12: ffff888012b44c00 [ 146.678109] R13: ffff888010ba79e8 R14: ffffffff8352e670 R15: ffff888013effe68 [ 146.678696] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.679361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.679830] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 146.680405] PKRU: 55555554 [ 146.680637] Call Trace: [ 146.680847] [ 146.681035] __iommufd_access_detach+0x1c2/0x2b0 [ 146.681435] iommufd_access_change_pt+0x149/0x270 [ 146.681839] iommufd_access_replace+0xb4/0x120 [ 146.682223] iommufd_test+0x3e5/0x37e0 [ 146.682567] ? lock_release+0x532/0x770 [ 146.682912] ? __might_fault+0x102/0x1b0 [ 146.683261] ? lock_acquire+0x427/0x4c0 [ 146.683598] ? __pfx_iommufd_test+0x10/0x10 [ 146.683947] ? __pfx_lock_release+0x10/0x10 [ 146.684306] ? __pfx_lock_acquire+0x10/0x10 [ 146.684667] ? write_comp_data+0x2f/0x90 [ 146.685078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.685477] ? write_comp_data+0x2f/0x90 [ 146.685817] iommufd_fops_ioctl+0x37d/0x510 [ 146.686171] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.686597] ? write_comp_data+0x2f/0x90 [ 146.686939] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.687363] __x64_sys_ioctl+0x1a3/0x230 [ 146.687723] do_syscall_64+0x3b/0x90 [ 146.688056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.688512] RIP: 0033:0x7f4b8743ee5d [ 146.688838] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.690373] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.691041] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.691675] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.692293] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.692897] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.693497] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.694111] [ 146.694317] irq event stamp: 0 [ 146.694615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.695174] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.695901] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.696616] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.697148] ---[ end trace 0000000000000000 ]--- [ 146.700328] ------------[ cut here ]------------ [ 146.700784] WARNING: CPU: 0 PID: 1373 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.701773] Modules linked in: [ 146.702047] CPU: 0 PID: 1373 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.703015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.703986] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.704410] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.705934] RSP: 0018:ffff888013effbd0 EFLAGS: 00010246 [ 146.706388] RAX: 0000000000000000 RBX: ffff888010ba78a8 RCX: 0000000000000000 [ 146.707008] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 146.707619] RBP: ffff888013effbe8 R08: ffffed1002174f33 R09: ffffed1002174f33 [ 146.708222] R10: ffff888010ba7993 R11: ffffed1002174f32 R12: ffff8880184ee800 [ 146.708826] R13: ffff888010ba79e8 R14: ffff88800fe8b000 R15: 0000000000000000 [ 146.709427] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.710102] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.710623] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.711256] PKRU: 55555554 [ 146.711492] Call Trace: [ 146.711701] [ 146.711887] iommufd_access_destroy_object+0x65/0x170 [ 146.712318] iommufd_object_destroy_user+0x18e/0x220 [ 146.712742] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.713221] iommufd_access_destroy+0x43/0x70 [ 146.713600] iommufd_test_staccess_release+0x8d/0xd0 [ 146.714027] __fput+0x26d/0xa40 [ 146.714314] ____fput+0x1e/0x30 [ 146.714632] task_work_run+0x1a4/0x2d0 [ 146.714976] ? __pfx_task_work_run+0x10/0x10 [ 146.715374] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.715803] ? switch_task_namespaces+0xa9/0xe0 [ 146.716211] do_exit+0xb17/0x2ef0 [ 146.716507] ? lock_acquire+0x427/0x4c0 [ 146.716858] ? __pfx_lock_release+0x10/0x10 [ 146.717312] ? __kasan_check_write+0x18/0x20 [ 146.717690] ? do_raw_spin_lock+0x132/0x2a0 [ 146.718060] ? __pfx_do_exit+0x10/0x10 [ 146.718403] ? debug_smp_processor_id+0x20/0x30 [ 146.718830] ? rcu_is_watching+0x19/0xb0 [ 146.719181] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.719573] ? trace_hardirqs_on+0x26/0x120 [ 146.719945] do_group_exit+0xe0/0x2b0 [ 146.720269] __x64_sys_exit_group+0x47/0x50 [ 146.720635] do_syscall_64+0x3b/0x90 [ 146.720961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.721411] RIP: 0033:0x7f4b87518a4d [ 146.721724] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.722237] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.722907] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.723508] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.724105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.724702] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.725302] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.725913] [ 146.726115] irq event stamp: 0 [ 146.726384] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.726947] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.727673] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.728393] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.728940] ---[ end trace 0000000000000000 ]--- [ 146.729899] ------------[ cut here ]------------ [ 146.730463] WARNING: CPU: 0 PID: 1373 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.731391] Modules linked in: [ 146.731672] CPU: 0 PID: 1373 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.732416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.733371] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.733850] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.735657] RSP: 0018:ffff888013effb78 EFLAGS: 00010246 [ 146.736118] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.736723] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 146.737361] RBP: ffff888013effb98 R08: ffffed1002174f3e R09: ffffed1002174f3e [ 146.738164] R10: ffff888010ba79ef R11: ffffed1002174f3d R12: ffff888010ba7a90 [ 146.738807] R13: ffff888010ba78a8 R14: ffffffffffffffff R15: ffff888013effc60 [ 146.739441] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.740133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.740655] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.741407] PKRU: 55555554 [ 146.741804] Call Trace: [ 146.742031] [ 146.742231] iommufd_ioas_destroy+0x53/0x70 [ 146.742657] iommufd_fops_release+0x1f7/0x370 [ 146.743065] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.743526] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.743965] ? write_comp_data+0x2f/0x90 [ 146.744333] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.744772] __fput+0x26d/0xa40 [ 146.745101] ____fput+0x1e/0x30 [ 146.745625] task_work_run+0x1a4/0x2d0 [ 146.745983] ? __pfx_task_work_run+0x10/0x10 [ 146.746380] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.746845] ? switch_task_namespaces+0xa9/0xe0 [ 146.747277] do_exit+0xb17/0x2ef0 [ 146.747584] ? lock_acquire+0x427/0x4c0 [ 146.747938] ? __pfx_lock_release+0x10/0x10 [ 146.748322] ? __kasan_check_write+0x18/0x20 [ 146.748713] ? do_raw_spin_lock+0x132/0x2a0 [ 146.749198] ? __pfx_do_exit+0x10/0x10 [ 146.749733] ? debug_smp_processor_id+0x20/0x30 [ 146.750147] ? rcu_is_watching+0x19/0xb0 [ 146.750537] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.750945] ? trace_hardirqs_on+0x26/0x120 [ 146.751336] do_group_exit+0xe0/0x2b0 [ 146.751672] __x64_sys_exit_group+0x47/0x50 [ 146.752045] do_syscall_64+0x3b/0x90 [ 146.752379] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.752838] RIP: 0033:0x7f4b87518a4d [ 146.753250] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.753897] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.754607] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.755270] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.755917] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.756582] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.757546] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.758220] [ 146.758441] irq event stamp: 0 [ 146.758777] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.759372] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.760137] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.760945] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.761784] ---[ end trace 0000000000000000 ]--- [ 146.767678] ------------[ cut here ]------------ [ 146.768735] WARNING: CPU: 0 PID: 1374 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.769912] Modules linked in: [ 146.770295] CPU: 0 PID: 1374 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.771542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.773052] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.773659] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.775993] RSP: 0018:ffff888014887bb8 EFLAGS: 00010246 [ 146.776495] RAX: 0000000000000000 RBX: ffff8880135e78a8 RCX: 0000000000000000 [ 146.777199] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 146.777917] RBP: ffff888014887bd0 R08: ffffed10026bcf33 R09: ffffed10026bcf33 [ 146.778884] R10: ffff8880135e7993 R11: ffffed10026bcf32 R12: ffff888018908800 [ 146.779579] R13: ffff8880135e79e8 R14: ffffffff8352e670 R15: ffff888014887e68 [ 146.780251] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.781073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.781831] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 146.782538] PKRU: 55555554 [ 146.782807] Call Trace: [ 146.783045] [ 146.783356] __iommufd_access_detach+0x1c2/0x2b0 [ 146.783934] iommufd_access_change_pt+0x149/0x270 [ 146.784392] iommufd_access_replace+0xb4/0x120 [ 146.784889] iommufd_test+0x3e5/0x37e0 [ 146.785352] ? lock_release+0x532/0x770 [ 146.785801] ? __might_fault+0x102/0x1b0 [ 146.786234] ? lock_acquire+0x427/0x4c0 [ 146.786909] ? __pfx_iommufd_test+0x10/0x10 [ 146.787333] ? __pfx_lock_release+0x10/0x10 [ 146.787745] ? __pfx_lock_acquire+0x10/0x10 [ 146.788166] ? write_comp_data+0x2f/0x90 [ 146.788551] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.789042] ? write_comp_data+0x2f/0x90 [ 146.789436] iommufd_fops_ioctl+0x37d/0x510 [ 146.789842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.790351] ? write_comp_data+0x2f/0x90 [ 146.791080] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.791669] __x64_sys_ioctl+0x1a3/0x230 [ 146.792068] do_syscall_64+0x3b/0x90 [ 146.792436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.793012] RIP: 0033:0x7f4b8743ee5d [ 146.793423] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.795271] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.796051] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.796742] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.797404] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.798067] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.798759] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.799456] [ 146.799678] irq event stamp: 0 [ 146.800009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.800702] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.801550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.802323] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.802967] ---[ end trace 0000000000000000 ]--- [ 146.806263] ------------[ cut here ]------------ [ 146.806903] WARNING: CPU: 0 PID: 1374 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.807998] Modules linked in: [ 146.808296] CPU: 0 PID: 1374 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.809098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.810118] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.810710] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.812544] RSP: 0018:ffff888014887bd0 EFLAGS: 00010246 [ 146.813035] RAX: 0000000000000000 RBX: ffff8880135e78a8 RCX: 0000000000000000 [ 146.813687] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 146.814339] RBP: ffff888014887be8 R08: ffffed10026bcf33 R09: ffffed10026bcf33 [ 146.815294] R10: ffff8880135e7993 R11: ffffed10026bcf32 R12: ffff888012b46400 [ 146.815950] R13: ffff8880135e79e8 R14: ffff888010924800 R15: 0000000000000000 [ 146.816605] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.817385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.817922] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.818743] PKRU: 55555554 [ 146.819137] Call Trace: [ 146.819380] [ 146.819589] iommufd_access_destroy_object+0x65/0x170 [ 146.820084] iommufd_object_destroy_user+0x18e/0x220 [ 146.820557] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.821099] iommufd_access_destroy+0x43/0x70 [ 146.821523] iommufd_test_staccess_release+0x8d/0xd0 [ 146.822001] __fput+0x26d/0xa40 [ 146.822324] ____fput+0x1e/0x30 [ 146.822764] task_work_run+0x1a4/0x2d0 [ 146.823296] ? __pfx_task_work_run+0x10/0x10 [ 146.823712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.824169] ? switch_task_namespaces+0xa9/0xe0 [ 146.824611] do_exit+0xb17/0x2ef0 [ 146.824955] ? lock_acquire+0x427/0x4c0 [ 146.825338] ? __pfx_lock_release+0x10/0x10 [ 146.825750] ? __kasan_check_write+0x18/0x20 [ 146.826163] ? do_raw_spin_lock+0x132/0x2a0 [ 146.826606] ? __pfx_do_exit+0x10/0x10 [ 146.827093] ? debug_smp_processor_id+0x20/0x30 [ 146.827762] ? rcu_is_watching+0x19/0xb0 [ 146.828146] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.828574] ? trace_hardirqs_on+0x26/0x120 [ 146.828984] do_group_exit+0xe0/0x2b0 [ 146.829337] __x64_sys_exit_group+0x47/0x50 [ 146.829734] do_syscall_64+0x3b/0x90 [ 146.830100] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.830719] RIP: 0033:0x7f4b87518a4d [ 146.831149] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.831864] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.832566] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.833247] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.833904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.834790] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.835605] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.836276] [ 146.836495] irq event stamp: 0 [ 146.836788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.837375] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.838150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.839295] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.839886] ---[ end trace 0000000000000000 ]--- [ 146.841819] ------------[ cut here ]------------ [ 146.842370] WARNING: CPU: 0 PID: 1374 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.843513] Modules linked in: [ 146.843788] CPU: 0 PID: 1374 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.844582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.845598] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.846062] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.847747] RSP: 0018:ffff888014887b78 EFLAGS: 00010246 [ 146.848230] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.848902] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 146.849541] RBP: ffff888014887b98 R08: ffffed10026bcf3e R09: ffffed10026bcf3e [ 146.850173] R10: ffff8880135e79ef R11: ffffed10026bcf3d R12: ffff8880135e7a90 [ 146.850839] R13: ffff8880135e78a8 R14: ffffffffffffffff R15: ffff888014887c60 [ 146.851494] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.852212] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.852704] CR2: 00007f82e2f0a000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 146.853311] PKRU: 55555554 [ 146.853553] Call Trace: [ 146.853775] [ 146.853972] iommufd_ioas_destroy+0x53/0x70 [ 146.854354] iommufd_fops_release+0x1f7/0x370 [ 146.854769] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.855207] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.855630] ? write_comp_data+0x2f/0x90 [ 146.855987] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.856419] __fput+0x26d/0xa40 [ 146.856720] ____fput+0x1e/0x30 [ 146.857032] task_work_run+0x1a4/0x2d0 [ 146.857381] ? __pfx_task_work_run+0x10/0x10 [ 146.857764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.858183] ? switch_task_namespaces+0xa9/0xe0 [ 146.858620] do_exit+0xb17/0x2ef0 [ 146.858925] ? lock_acquire+0x427/0x4c0 [ 146.859288] ? __pfx_lock_release+0x10/0x10 [ 146.859668] ? __kasan_check_write+0x18/0x20 [ 146.860050] ? do_raw_spin_lock+0x132/0x2a0 [ 146.860422] ? __pfx_do_exit+0x10/0x10 [ 146.860773] ? debug_smp_processor_id+0x20/0x30 [ 146.861181] ? rcu_is_watching+0x19/0xb0 [ 146.861539] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.861927] ? trace_hardirqs_on+0x26/0x120 [ 146.862302] do_group_exit+0xe0/0x2b0 [ 146.862654] __x64_sys_exit_group+0x47/0x50 [ 146.863025] do_syscall_64+0x3b/0x90 [ 146.863368] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.863820] RIP: 0033:0x7f4b87518a4d [ 146.864142] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.864681] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.865350] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.865959] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.866594] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.867202] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.867810] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.868429] [ 146.868634] irq event stamp: 0 [ 146.868905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.869444] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.870161] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.870889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.871437] ---[ end trace 0000000000000000 ]--- [ 146.877993] ------------[ cut here ]------------ [ 146.878424] WARNING: CPU: 0 PID: 1375 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.879563] Modules linked in: [ 146.879844] CPU: 0 PID: 1375 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.880588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.881578] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.882010] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.883603] RSP: 0018:ffff8880187f7bb8 EFLAGS: 00010246 [ 146.884059] RAX: 0000000000000000 RBX: ffff8880120d58a8 RCX: 0000000000000000 [ 146.884652] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.885266] RBP: ffff8880187f7bd0 R08: ffffed100241ab33 R09: ffffed100241ab33 [ 146.885849] R10: ffff8880120d5993 R11: ffffed100241ab32 R12: ffff88801422c400 [ 146.886431] R13: ffff8880120d59e8 R14: ffffffff8352e670 R15: ffff8880187f7e68 [ 146.887041] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.887734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.888221] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ef0 [ 146.888844] PKRU: 55555554 [ 146.889080] Call Trace: [ 146.889291] [ 146.889480] __iommufd_access_detach+0x1c2/0x2b0 [ 146.889891] iommufd_access_change_pt+0x149/0x270 [ 146.890312] iommufd_access_replace+0xb4/0x120 [ 146.890733] iommufd_test+0x3e5/0x37e0 [ 146.891077] ? lock_release+0x532/0x770 [ 146.891434] ? __might_fault+0x102/0x1b0 [ 146.891785] ? lock_acquire+0x427/0x4c0 [ 146.892127] ? __pfx_iommufd_test+0x10/0x10 [ 146.892485] ? __pfx_lock_release+0x10/0x10 [ 146.892860] ? __pfx_lock_acquire+0x10/0x10 [ 146.893228] ? write_comp_data+0x2f/0x90 [ 146.893571] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.893978] ? write_comp_data+0x2f/0x90 [ 146.894322] iommufd_fops_ioctl+0x37d/0x510 [ 146.894702] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.895123] ? write_comp_data+0x2f/0x90 [ 146.895471] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 146.895876] __x64_sys_ioctl+0x1a3/0x230 [ 146.896222] do_syscall_64+0x3b/0x90 [ 146.896537] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.896992] RIP: 0033:0x7f4b8743ee5d [ 146.897304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 146.898846] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 146.899498] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 146.900081] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 146.900686] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 146.901328] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 146.901929] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 146.902566] [ 146.902762] irq event stamp: 0 [ 146.903024] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.903565] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.904250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.904951] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.905467] ---[ end trace 0000000000000000 ]--- [ 146.908494] ------------[ cut here ]------------ [ 146.909049] WARNING: CPU: 0 PID: 1375 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 146.909891] Modules linked in: [ 146.910156] CPU: 0 PID: 1375 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.911078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.912021] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 146.912437] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 146.914148] RSP: 0018:ffff8880187f7bd0 EFLAGS: 00010246 [ 146.914769] RAX: 0000000000000000 RBX: ffff8880120d58a8 RCX: 0000000000000000 [ 146.915369] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.915955] RBP: ffff8880187f7be8 R08: ffffed100241ab33 R09: ffffed100241ab33 [ 146.916628] R10: ffff8880120d5993 R11: ffffed100241ab32 R12: ffff88801890ac00 [ 146.917363] R13: ffff8880120d59e8 R14: ffff888012860e00 R15: 0000000000000000 [ 146.917980] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.919142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.919765] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 146.920544] PKRU: 55555554 [ 146.920938] Call Trace: [ 146.921353] [ 146.921605] iommufd_access_destroy_object+0x65/0x170 [ 146.922184] iommufd_object_destroy_user+0x18e/0x220 [ 146.922864] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 146.923640] iommufd_access_destroy+0x43/0x70 [ 146.924132] iommufd_test_staccess_release+0x8d/0xd0 [ 146.924679] __fput+0x26d/0xa40 [ 146.925272] ____fput+0x1e/0x30 [ 146.925651] task_work_run+0x1a4/0x2d0 [ 146.926075] ? __pfx_task_work_run+0x10/0x10 [ 146.926579] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.927165] ? switch_task_namespaces+0xa9/0xe0 [ 146.927795] do_exit+0xb17/0x2ef0 [ 146.928171] ? lock_acquire+0x427/0x4c0 [ 146.928588] ? __pfx_lock_release+0x10/0x10 [ 146.929121] ? __kasan_check_write+0x18/0x20 [ 146.929707] ? do_raw_spin_lock+0x132/0x2a0 [ 146.930162] ? __pfx_do_exit+0x10/0x10 [ 146.930632] ? debug_smp_processor_id+0x20/0x30 [ 146.931148] ? rcu_is_watching+0x19/0xb0 [ 146.931768] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.932271] ? trace_hardirqs_on+0x26/0x120 [ 146.932751] do_group_exit+0xe0/0x2b0 [ 146.933258] __x64_sys_exit_group+0x47/0x50 [ 146.933876] do_syscall_64+0x3b/0x90 [ 146.934312] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.934953] RIP: 0033:0x7f4b87518a4d [ 146.935585] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.936253] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.937070] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.938075] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.938907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.939915] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.940689] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.941565] [ 146.941958] irq event stamp: 0 [ 146.942314] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.943049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.944226] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.945142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.946064] ---[ end trace 0000000000000000 ]--- [ 146.948567] ------------[ cut here ]------------ [ 146.949165] WARNING: CPU: 0 PID: 1375 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 146.950674] Modules linked in: [ 146.951077] CPU: 0 PID: 1375 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 146.952133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 146.953452] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 146.954106] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 146.956394] RSP: 0018:ffff8880187f7b78 EFLAGS: 00010246 [ 146.957065] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.957933] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 146.958867] RBP: ffff8880187f7b98 R08: ffffed100241ab3e R09: ffffed100241ab3e [ 146.959772] R10: ffff8880120d59ef R11: ffffed100241ab3d R12: ffff8880120d5a90 [ 146.960642] R13: ffff8880120d58a8 R14: ffffffffffffffff R15: ffff8880187f7c60 [ 146.961509] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 146.962485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.963299] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 146.964173] PKRU: 55555554 [ 146.964535] Call Trace: [ 146.964858] [ 146.965150] iommufd_ioas_destroy+0x53/0x70 [ 146.965700] iommufd_fops_release+0x1f7/0x370 [ 146.966281] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.966968] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.967623] ? write_comp_data+0x2f/0x90 [ 146.968160] ? __pfx_iommufd_fops_release+0x10/0x10 [ 146.968794] __fput+0x26d/0xa40 [ 146.969240] ____fput+0x1e/0x30 [ 146.969678] task_work_run+0x1a4/0x2d0 [ 146.970174] ? __pfx_task_work_run+0x10/0x10 [ 146.970787] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 146.971433] ? switch_task_namespaces+0xa9/0xe0 [ 146.972037] do_exit+0xb17/0x2ef0 [ 146.972470] ? lock_acquire+0x427/0x4c0 [ 146.972979] ? __pfx_lock_release+0x10/0x10 [ 146.973522] ? __kasan_check_write+0x18/0x20 [ 146.974072] ? do_raw_spin_lock+0x132/0x2a0 [ 146.974671] ? __pfx_do_exit+0x10/0x10 [ 146.975219] ? debug_smp_processor_id+0x20/0x30 [ 146.975801] ? rcu_is_watching+0x19/0xb0 [ 146.976315] ? _raw_spin_unlock_irq+0x2b/0x60 [ 146.976899] ? trace_hardirqs_on+0x26/0x120 [ 146.977457] do_group_exit+0xe0/0x2b0 [ 146.977944] __x64_sys_exit_group+0x47/0x50 [ 146.978484] do_syscall_64+0x3b/0x90 [ 146.979037] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 146.979728] RIP: 0033:0x7f4b87518a4d [ 146.980210] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 146.980985] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 146.981937] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 146.982890] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 146.983806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 146.984697] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 146.985582] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 146.986483] [ 146.986846] irq event stamp: 0 [ 146.987283] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 146.988074] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 146.989122] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 146.990166] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 146.991017] ---[ end trace 0000000000000000 ]--- [ 146.998378] ------------[ cut here ]------------ [ 146.999575] WARNING: CPU: 0 PID: 1376 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.000824] Modules linked in: [ 147.001430] CPU: 0 PID: 1376 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.002575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.003991] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.004643] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.006935] RSP: 0018:ffff888015adfbb8 EFLAGS: 00010246 [ 147.007637] RAX: 0000000000000000 RBX: ffff888010b988a8 RCX: 0000000000000000 [ 147.008537] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 147.009439] RBP: ffff888015adfbd0 R08: ffffed1002173133 R09: ffffed1002173133 [ 147.010347] R10: ffff888010b98993 R11: ffffed1002173132 R12: ffff88800ae91800 [ 147.011336] R13: ffff888010b989e8 R14: ffffffff8352e670 R15: ffff888015adfe68 [ 147.012253] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.013273] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.014011] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 147.014963] PKRU: 55555554 [ 147.015373] Call Trace: [ 147.015709] [ 147.016007] __iommufd_access_detach+0x1c2/0x2b0 [ 147.016649] iommufd_access_change_pt+0x149/0x270 [ 147.017296] iommufd_access_replace+0xb4/0x120 [ 147.017907] iommufd_test+0x3e5/0x37e0 [ 147.018425] ? lock_release+0x532/0x770 [ 147.019042] ? __might_fault+0x102/0x1b0 [ 147.019632] ? lock_acquire+0x427/0x4c0 [ 147.020171] ? __pfx_iommufd_test+0x10/0x10 [ 147.020727] ? __pfx_lock_release+0x10/0x10 [ 147.021290] ? __pfx_lock_acquire+0x10/0x10 [ 147.021863] ? write_comp_data+0x2f/0x90 [ 147.022405] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.023094] ? write_comp_data+0x2f/0x90 [ 147.023677] iommufd_fops_ioctl+0x37d/0x510 [ 147.024244] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.024872] ? write_comp_data+0x2f/0x90 [ 147.025408] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.026028] __x64_sys_ioctl+0x1a3/0x230 [ 147.026620] do_syscall_64+0x3b/0x90 [ 147.027164] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.027831] RIP: 0033:0x7f4b8743ee5d [ 147.028319] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.030659] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.031656] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.032544] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.033423] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.034308] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.035284] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.036199] [ 147.036510] irq event stamp: 0 [ 147.036906] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.037688] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.038773] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.039843] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.040625] ---[ end trace 0000000000000000 ]--- [ 147.046182] ------------[ cut here ]------------ [ 147.046851] WARNING: CPU: 0 PID: 1376 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.048131] Modules linked in: [ 147.048551] CPU: 0 PID: 1376 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.049912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.051399] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.052056] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.054618] RSP: 0018:ffff888015adfbd0 EFLAGS: 00010246 [ 147.055354] RAX: 0000000000000000 RBX: ffff888010b988a8 RCX: 0000000000000000 [ 147.056245] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 147.057140] RBP: ffff888015adfbe8 R08: ffffed1002173133 R09: ffffed1002173133 [ 147.058300] R10: ffff888010b98993 R11: ffffed1002173132 R12: ffff88801422ec00 [ 147.059304] R13: ffff888010b989e8 R14: ffff8880218d4400 R15: 0000000000000000 [ 147.060202] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.061205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.062221] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.063190] PKRU: 55555554 [ 147.063583] Call Trace: [ 147.063927] [ 147.064231] iommufd_access_destroy_object+0x65/0x170 [ 147.064905] iommufd_object_destroy_user+0x18e/0x220 [ 147.065806] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.066622] iommufd_access_destroy+0x43/0x70 [ 147.067462] iommufd_test_staccess_release+0x8d/0xd0 [ 147.067993] __fput+0x26d/0xa40 [ 147.068322] ____fput+0x1e/0x30 [ 147.068644] task_work_run+0x1a4/0x2d0 [ 147.069022] ? __pfx_task_work_run+0x10/0x10 [ 147.069446] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.070435] ? switch_task_namespaces+0xa9/0xe0 [ 147.070953] do_exit+0xb17/0x2ef0 [ 147.071311] ? lock_acquire+0x427/0x4c0 [ 147.071703] ? __pfx_lock_release+0x10/0x10 [ 147.072122] ? __kasan_check_write+0x18/0x20 [ 147.072547] ? do_raw_spin_lock+0x132/0x2a0 [ 147.072963] ? __pfx_do_exit+0x10/0x10 [ 147.073348] ? debug_smp_processor_id+0x20/0x30 [ 147.073988] ? rcu_is_watching+0x19/0xb0 [ 147.074547] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.074981] ? trace_hardirqs_on+0x26/0x120 [ 147.075404] do_group_exit+0xe0/0x2b0 [ 147.075777] __x64_sys_exit_group+0x47/0x50 [ 147.076195] do_syscall_64+0x3b/0x90 [ 147.076563] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.077066] RIP: 0033:0x7f4b87518a4d [ 147.077425] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.078132] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.078970] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.079672] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.080358] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.081051] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.081742] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.082441] [ 147.082704] irq event stamp: 0 [ 147.083007] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.083622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.084422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.085222] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.085825] ---[ end trace 0000000000000000 ]--- [ 147.086855] ------------[ cut here ]------------ [ 147.087440] WARNING: CPU: 0 PID: 1376 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.088408] Modules linked in: [ 147.088725] CPU: 0 PID: 1376 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.089553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.090675] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.091180] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.093181] RSP: 0018:ffff888015adfb78 EFLAGS: 00010246 [ 147.093695] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.094366] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 147.095084] RBP: ffff888015adfb98 R08: ffffed100217313e R09: ffffed100217313e [ 147.095967] R10: ffff888010b989ef R11: ffffed100217313d R12: ffff888010b98a90 [ 147.096642] R13: ffff888010b988a8 R14: ffffffffffffffff R15: ffff888015adfc60 [ 147.097318] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.098092] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.098708] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.099425] PKRU: 55555554 [ 147.099733] Call Trace: [ 147.100177] [ 147.100400] iommufd_ioas_destroy+0x53/0x70 [ 147.100827] iommufd_fops_release+0x1f7/0x370 [ 147.101268] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.101752] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.102227] ? write_comp_data+0x2f/0x90 [ 147.102659] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.103149] __fput+0x26d/0xa40 [ 147.103484] ____fput+0x1e/0x30 [ 147.103821] task_work_run+0x1a4/0x2d0 [ 147.104315] ? __pfx_task_work_run+0x10/0x10 [ 147.104903] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.105382] ? switch_task_namespaces+0xa9/0xe0 [ 147.105848] do_exit+0xb17/0x2ef0 [ 147.106184] ? lock_acquire+0x427/0x4c0 [ 147.106602] ? __pfx_lock_release+0x10/0x10 [ 147.107026] ? __kasan_check_write+0x18/0x20 [ 147.107470] ? do_raw_spin_lock+0x132/0x2a0 [ 147.107970] ? __pfx_do_exit+0x10/0x10 [ 147.108547] ? debug_smp_processor_id+0x20/0x30 [ 147.109014] ? rcu_is_watching+0x19/0xb0 [ 147.109415] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.109866] ? trace_hardirqs_on+0x26/0x120 [ 147.110293] do_group_exit+0xe0/0x2b0 [ 147.110715] __x64_sys_exit_group+0x47/0x50 [ 147.111149] do_syscall_64+0x3b/0x90 [ 147.111524] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.112064] RIP: 0033:0x7f4b87518a4d [ 147.112637] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.113226] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.113964] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.114758] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.115529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.116376] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.117381] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.118140] [ 147.118392] irq event stamp: 0 [ 147.118765] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.119445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.120332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.121457] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.122331] ---[ end trace 0000000000000000 ]--- [ 147.132573] ------------[ cut here ]------------ [ 147.133272] WARNING: CPU: 1 PID: 1377 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.135110] Modules linked in: [ 147.135586] CPU: 1 PID: 1377 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.136736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.138164] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.138866] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.141249] RSP: 0018:ffff888021abfbb8 EFLAGS: 00010246 [ 147.141957] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 147.142941] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 147.143920] RBP: ffff888021abfbd0 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 147.144862] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff88801226fc00 [ 147.145803] R13: ffff8880171ba9e8 R14: ffffffff8352e670 R15: ffff888021abfe68 [ 147.146791] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 147.147900] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.148665] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 147.149608] PKRU: 55555554 [ 147.149989] Call Trace: [ 147.150336] [ 147.150688] __iommufd_access_detach+0x1c2/0x2b0 [ 147.151359] iommufd_access_change_pt+0x149/0x270 [ 147.152005] iommufd_access_replace+0xb4/0x120 [ 147.152612] iommufd_test+0x3e5/0x37e0 [ 147.153135] ? lock_release+0x532/0x770 [ 147.153683] ? __might_fault+0x102/0x1b0 [ 147.154236] ? lock_acquire+0x427/0x4c0 [ 147.154825] ? __pfx_iommufd_test+0x10/0x10 [ 147.155424] ? __pfx_lock_release+0x10/0x10 [ 147.155999] ? __pfx_lock_acquire+0x10/0x10 [ 147.156569] ? write_comp_data+0x2f/0x90 [ 147.157126] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.157782] ? write_comp_data+0x2f/0x90 [ 147.158340] iommufd_fops_ioctl+0x37d/0x510 [ 147.158967] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.159647] ? write_comp_data+0x2f/0x90 [ 147.160197] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.160826] __x64_sys_ioctl+0x1a3/0x230 [ 147.161373] do_syscall_64+0x3b/0x90 [ 147.161884] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.162597] RIP: 0033:0x7f4b8743ee5d [ 147.163101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.165494] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.166489] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.167501] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.168442] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.169382] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.170315] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.171330] [ 147.171673] irq event stamp: 0 [ 147.172110] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.172948] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.174021] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.175169] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.176022] ---[ end trace 0000000000000000 ]--- [ 147.180973] ------------[ cut here ]------------ [ 147.181637] WARNING: CPU: 1 PID: 1377 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.183006] Modules linked in: [ 147.183479] CPU: 1 PID: 1377 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.184630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.186090] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.186772] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.189084] RSP: 0018:ffff888021abfbd0 EFLAGS: 00010246 [ 147.189763] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 147.190698] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 147.191619] RBP: ffff888021abfbe8 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 147.192518] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff888010824800 [ 147.193411] R13: ffff8880171ba9e8 R14: ffff8880123edd00 R15: 0000000000000000 [ 147.194284] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 147.195313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.196032] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 147.196911] PKRU: 55555554 [ 147.197256] Call Trace: [ 147.197569] [ 147.197848] iommufd_access_destroy_object+0x65/0x170 [ 147.198476] iommufd_object_destroy_user+0x18e/0x220 [ 147.199154] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.199859] iommufd_access_destroy+0x43/0x70 [ 147.200416] iommufd_test_staccess_release+0x8d/0xd0 [ 147.201042] __fput+0x26d/0xa40 [ 147.201466] ____fput+0x1e/0x30 [ 147.201880] task_work_run+0x1a4/0x2d0 [ 147.202366] ? __pfx_task_work_run+0x10/0x10 [ 147.202942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.203563] ? switch_task_namespaces+0xa9/0xe0 [ 147.204142] do_exit+0xb17/0x2ef0 [ 147.204564] ? lock_acquire+0x427/0x4c0 [ 147.205057] ? __pfx_lock_release+0x10/0x10 [ 147.205585] ? __kasan_check_write+0x18/0x20 [ 147.206125] ? do_raw_spin_lock+0x132/0x2a0 [ 147.206681] ? __pfx_do_exit+0x10/0x10 [ 147.207182] ? debug_smp_processor_id+0x20/0x30 [ 147.207749] ? rcu_is_watching+0x19/0xb0 [ 147.208244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.208799] ? trace_hardirqs_on+0x26/0x120 [ 147.209332] do_group_exit+0xe0/0x2b0 [ 147.209796] __x64_sys_exit_group+0x47/0x50 [ 147.210313] do_syscall_64+0x3b/0x90 [ 147.210805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.211447] RIP: 0033:0x7f4b87518a4d [ 147.211899] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.212597] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.213449] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.214249] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.215083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.215898] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.216703] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.217517] [ 147.217788] irq event stamp: 0 [ 147.218150] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.218892] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.219839] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.220776] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.221488] ---[ end trace 0000000000000000 ]--- [ 147.222659] ------------[ cut here ]------------ [ 147.223207] WARNING: CPU: 1 PID: 1377 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.224347] Modules linked in: [ 147.224714] CPU: 1 PID: 1377 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.225692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.226984] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.227586] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.229618] RSP: 0018:ffff888021abfb78 EFLAGS: 00010246 [ 147.230218] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.231045] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 147.231853] RBP: ffff888021abfb98 R08: ffffed1002e3753e R09: ffffed1002e3753e [ 147.232644] R10: ffff8880171ba9ef R11: ffffed1002e3753d R12: ffff8880171baa90 [ 147.233433] R13: ffff8880171ba8a8 R14: ffffffffffffffff R15: ffff888021abfc60 [ 147.234222] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 147.235161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.235718] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 147.236285] PKRU: 55555554 [ 147.236506] Call Trace: [ 147.236703] [ 147.236880] iommufd_ioas_destroy+0x53/0x70 [ 147.237218] iommufd_fops_release+0x1f7/0x370 [ 147.237571] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.237964] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.238347] ? write_comp_data+0x2f/0x90 [ 147.238707] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.239100] __fput+0x26d/0xa40 [ 147.239382] ____fput+0x1e/0x30 [ 147.239646] task_work_run+0x1a4/0x2d0 [ 147.239956] ? __pfx_task_work_run+0x10/0x10 [ 147.240304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.240686] ? switch_task_namespaces+0xa9/0xe0 [ 147.241059] do_exit+0xb17/0x2ef0 [ 147.241331] ? lock_acquire+0x427/0x4c0 [ 147.241649] ? __pfx_lock_release+0x10/0x10 [ 147.241989] ? __kasan_check_write+0x18/0x20 [ 147.242334] ? do_raw_spin_lock+0x132/0x2a0 [ 147.242701] ? __pfx_do_exit+0x10/0x10 [ 147.243017] ? debug_smp_processor_id+0x20/0x30 [ 147.243403] ? rcu_is_watching+0x19/0xb0 [ 147.243723] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.244080] ? trace_hardirqs_on+0x26/0x120 [ 147.244427] do_group_exit+0xe0/0x2b0 [ 147.244725] __x64_sys_exit_group+0x47/0x50 [ 147.245062] do_syscall_64+0x3b/0x90 [ 147.245362] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.245770] RIP: 0033:0x7f4b87518a4d [ 147.246059] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.246553] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.247154] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.247708] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.248258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.248807] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.249353] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.249914] [ 147.250095] irq event stamp: 0 [ 147.250342] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.250847] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.251508] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.252156] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.252638] ---[ end trace 0000000000000000 ]--- [ 147.257328] ------------[ cut here ]------------ [ 147.257736] WARNING: CPU: 0 PID: 1378 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.258596] Modules linked in: [ 147.258845] CPU: 0 PID: 1378 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.259528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.260384] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.260766] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.262159] RSP: 0018:ffff888023c9fbb8 EFLAGS: 00010246 [ 147.262595] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 147.263162] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 147.263708] RBP: ffff888023c9fbd0 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 147.264255] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff888013b15400 [ 147.264798] R13: ffff88801587c9e8 R14: ffffffff8352e670 R15: ffff888023c9fe68 [ 147.265344] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.265956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.266402] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 147.266969] PKRU: 55555554 [ 147.267199] Call Trace: [ 147.267401] [ 147.267580] __iommufd_access_detach+0x1c2/0x2b0 [ 147.267962] iommufd_access_change_pt+0x149/0x270 [ 147.268343] iommufd_access_replace+0xb4/0x120 [ 147.268708] iommufd_test+0x3e5/0x37e0 [ 147.269011] ? lock_release+0x532/0x770 [ 147.269331] ? __might_fault+0x102/0x1b0 [ 147.269662] ? lock_acquire+0x427/0x4c0 [ 147.269980] ? __pfx_iommufd_test+0x10/0x10 [ 147.270311] ? __pfx_lock_release+0x10/0x10 [ 147.270670] ? __pfx_lock_acquire+0x10/0x10 [ 147.271020] ? write_comp_data+0x2f/0x90 [ 147.271354] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.271737] ? write_comp_data+0x2f/0x90 [ 147.272064] iommufd_fops_ioctl+0x37d/0x510 [ 147.272406] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.272788] ? write_comp_data+0x2f/0x90 [ 147.273113] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.273491] __x64_sys_ioctl+0x1a3/0x230 [ 147.273815] do_syscall_64+0x3b/0x90 [ 147.274114] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.274548] RIP: 0033:0x7f4b8743ee5d [ 147.274842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.276261] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.276852] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.277403] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.277948] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.278502] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.279078] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.279637] [ 147.279819] irq event stamp: 0 [ 147.280058] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.280553] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.281196] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.281834] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.282317] ---[ end trace 0000000000000000 ]--- [ 147.285069] ------------[ cut here ]------------ [ 147.285461] WARNING: CPU: 0 PID: 1378 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.286234] Modules linked in: [ 147.286481] CPU: 0 PID: 1378 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.287189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.288055] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.288448] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.289843] RSP: 0018:ffff888023c9fbd0 EFLAGS: 00010246 [ 147.290250] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 147.290812] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 147.291366] RBP: ffff888023c9fbe8 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 147.291913] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff88800ae90000 [ 147.292459] R13: ffff88801587c9e8 R14: ffff888012bfc800 R15: 0000000000000000 [ 147.293004] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.293619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.294061] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.294628] PKRU: 55555554 [ 147.294850] Call Trace: [ 147.295052] [ 147.295241] iommufd_access_destroy_object+0x65/0x170 [ 147.295640] iommufd_object_destroy_user+0x18e/0x220 [ 147.296032] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.296483] iommufd_access_destroy+0x43/0x70 [ 147.296834] iommufd_test_staccess_release+0x8d/0xd0 [ 147.297229] __fput+0x26d/0xa40 [ 147.297498] ____fput+0x1e/0x30 [ 147.297760] task_work_run+0x1a4/0x2d0 [ 147.298066] ? __pfx_task_work_run+0x10/0x10 [ 147.298409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.298804] ? switch_task_namespaces+0xa9/0xe0 [ 147.299182] do_exit+0xb17/0x2ef0 [ 147.299451] ? lock_acquire+0x427/0x4c0 [ 147.299766] ? __pfx_lock_release+0x10/0x10 [ 147.300102] ? __kasan_check_write+0x18/0x20 [ 147.300448] ? do_raw_spin_lock+0x132/0x2a0 [ 147.300782] ? __pfx_do_exit+0x10/0x10 [ 147.301088] ? debug_smp_processor_id+0x20/0x30 [ 147.301448] ? rcu_is_watching+0x19/0xb0 [ 147.301759] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.302111] ? trace_hardirqs_on+0x26/0x120 [ 147.302448] do_group_exit+0xe0/0x2b0 [ 147.302769] __x64_sys_exit_group+0x47/0x50 [ 147.303104] do_syscall_64+0x3b/0x90 [ 147.303406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.303809] RIP: 0033:0x7f4b87518a4d [ 147.304092] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.304559] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.305140] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.305679] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.306217] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.306772] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.307324] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.307873] [ 147.308051] irq event stamp: 0 [ 147.308293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.308771] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.309404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.310035] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.310539] ---[ end trace 0000000000000000 ]--- [ 147.311248] ------------[ cut here ]------------ [ 147.311607] WARNING: CPU: 0 PID: 1378 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.312373] Modules linked in: [ 147.312615] CPU: 0 PID: 1378 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.313263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.314096] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.314479] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.315854] RSP: 0018:ffff888023c9fb78 EFLAGS: 00010246 [ 147.316256] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.316792] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 147.317319] RBP: ffff888023c9fb98 R08: ffffed1002b0f93e R09: ffffed1002b0f93e [ 147.317843] R10: ffff88801587c9ef R11: ffffed1002b0f93d R12: ffff88801587ca90 [ 147.318368] R13: ffff88801587c8a8 R14: ffffffffffffffff R15: ffff888023c9fc60 [ 147.318912] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.319516] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.319945] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.320470] PKRU: 55555554 [ 147.320684] Call Trace: [ 147.320876] [ 147.321048] iommufd_ioas_destroy+0x53/0x70 [ 147.321382] iommufd_fops_release+0x1f7/0x370 [ 147.321725] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.322101] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.322469] ? write_comp_data+0x2f/0x90 [ 147.322796] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.323184] __fput+0x26d/0xa40 [ 147.323447] ____fput+0x1e/0x30 [ 147.323701] task_work_run+0x1a4/0x2d0 [ 147.324000] ? __pfx_task_work_run+0x10/0x10 [ 147.324334] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.324703] ? switch_task_namespaces+0xa9/0xe0 [ 147.325066] do_exit+0xb17/0x2ef0 [ 147.325330] ? lock_acquire+0x427/0x4c0 [ 147.325635] ? __pfx_lock_release+0x10/0x10 [ 147.325963] ? __kasan_check_write+0x18/0x20 [ 147.326298] ? do_raw_spin_lock+0x132/0x2a0 [ 147.326640] ? __pfx_do_exit+0x10/0x10 [ 147.326943] ? debug_smp_processor_id+0x20/0x30 [ 147.327319] ? rcu_is_watching+0x19/0xb0 [ 147.327626] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.327969] ? trace_hardirqs_on+0x26/0x120 [ 147.328299] do_group_exit+0xe0/0x2b0 [ 147.328589] __x64_sys_exit_group+0x47/0x50 [ 147.328911] do_syscall_64+0x3b/0x90 [ 147.329197] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.329590] RIP: 0033:0x7f4b87518a4d [ 147.329870] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.330324] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.330911] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.331454] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.331982] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.332512] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.333040] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.333579] [ 147.333756] irq event stamp: 0 [ 147.333992] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.334460] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.335104] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.335739] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.336208] ---[ end trace 0000000000000000 ]--- [ 147.340179] ------------[ cut here ]------------ [ 147.340556] WARNING: CPU: 0 PID: 1379 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.341291] Modules linked in: [ 147.341526] CPU: 0 PID: 1379 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.342160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.343021] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.343400] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.344719] RSP: 0018:ffff8880172c7bb8 EFLAGS: 00010246 [ 147.345104] RAX: 0000000000000000 RBX: ffff88800fbc68a8 RCX: 0000000000000000 [ 147.345628] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 147.346142] RBP: ffff8880172c7bd0 R08: ffffed1001f78d33 R09: ffffed1001f78d33 [ 147.346671] R10: ffff88800fbc6993 R11: ffffed1001f78d32 R12: ffff888012b47000 [ 147.347195] R13: ffff88800fbc69e8 R14: ffffffff8352e670 R15: ffff8880172c7e68 [ 147.347712] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.348295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.348718] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 147.349236] PKRU: 55555554 [ 147.349443] Call Trace: [ 147.349631] [ 147.349797] __iommufd_access_detach+0x1c2/0x2b0 [ 147.350156] iommufd_access_change_pt+0x149/0x270 [ 147.350539] iommufd_access_replace+0xb4/0x120 [ 147.350888] iommufd_test+0x3e5/0x37e0 [ 147.351186] ? lock_release+0x532/0x770 [ 147.351494] ? __might_fault+0x102/0x1b0 [ 147.351798] ? lock_acquire+0x427/0x4c0 [ 147.352099] ? __pfx_iommufd_test+0x10/0x10 [ 147.352413] ? __pfx_lock_release+0x10/0x10 [ 147.352736] ? __pfx_lock_acquire+0x10/0x10 [ 147.353061] ? write_comp_data+0x2f/0x90 [ 147.353369] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.353729] ? write_comp_data+0x2f/0x90 [ 147.354036] iommufd_fops_ioctl+0x37d/0x510 [ 147.354361] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.354736] ? write_comp_data+0x2f/0x90 [ 147.355044] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.355410] __x64_sys_ioctl+0x1a3/0x230 [ 147.355719] do_syscall_64+0x3b/0x90 [ 147.356002] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.356389] RIP: 0033:0x7f4b8743ee5d [ 147.356662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.357986] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.358561] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.359078] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.359603] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.360130] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.360649] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.361171] [ 147.361344] irq event stamp: 0 [ 147.361575] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.362037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.362666] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.363286] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.363745] ---[ end trace 0000000000000000 ]--- [ 147.366363] ------------[ cut here ]------------ [ 147.366747] WARNING: CPU: 0 PID: 1379 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.367493] Modules linked in: [ 147.367731] CPU: 0 PID: 1379 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.368365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.369193] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.369558] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.370905] RSP: 0018:ffff8880172c7bd0 EFLAGS: 00010246 [ 147.371300] RAX: 0000000000000000 RBX: ffff88800fbc68a8 RCX: 0000000000000000 [ 147.371817] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 147.372334] RBP: ffff8880172c7be8 R08: ffffed1001f78d33 R09: ffffed1001f78d33 [ 147.372851] R10: ffff88800fbc6993 R11: ffffed1001f78d32 R12: ffff888013b14800 [ 147.373368] R13: ffff88800fbc69e8 R14: ffff88800f211c00 R15: 0000000000000000 [ 147.373883] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.374472] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.374911] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.375446] PKRU: 55555554 [ 147.375655] Call Trace: [ 147.375843] [ 147.376010] iommufd_access_destroy_object+0x65/0x170 [ 147.376390] iommufd_object_destroy_user+0x18e/0x220 [ 147.376768] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.377198] iommufd_access_destroy+0x43/0x70 [ 147.377538] iommufd_test_staccess_release+0x8d/0xd0 [ 147.377918] __fput+0x26d/0xa40 [ 147.378173] ____fput+0x1e/0x30 [ 147.378423] task_work_run+0x1a4/0x2d0 [ 147.378733] ? __pfx_task_work_run+0x10/0x10 [ 147.379063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.379431] ? switch_task_namespaces+0xa9/0xe0 [ 147.379786] do_exit+0xb17/0x2ef0 [ 147.380043] ? lock_acquire+0x427/0x4c0 [ 147.380346] ? __pfx_lock_release+0x10/0x10 [ 147.380671] ? __kasan_check_write+0x18/0x20 [ 147.380998] ? do_raw_spin_lock+0x132/0x2a0 [ 147.381318] ? __pfx_do_exit+0x10/0x10 [ 147.381616] ? debug_smp_processor_id+0x20/0x30 [ 147.381959] ? rcu_is_watching+0x19/0xb0 [ 147.382259] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.382614] ? trace_hardirqs_on+0x26/0x120 [ 147.382938] do_group_exit+0xe0/0x2b0 [ 147.383225] __x64_sys_exit_group+0x47/0x50 [ 147.383545] do_syscall_64+0x3b/0x90 [ 147.383828] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.384214] RIP: 0033:0x7f4b87518a4d [ 147.384491] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.384938] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.385492] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.386008] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.386546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.387067] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.387591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.388114] [ 147.388287] irq event stamp: 0 [ 147.388518] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.388999] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.389607] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.390214] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.390690] ---[ end trace 0000000000000000 ]--- [ 147.391358] ------------[ cut here ]------------ [ 147.391711] WARNING: CPU: 0 PID: 1379 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.392457] Modules linked in: [ 147.392738] CPU: 0 PID: 1379 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.393540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.394385] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.394892] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.396243] RSP: 0018:ffff8880172c7b78 EFLAGS: 00010246 [ 147.396638] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.397154] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 147.397671] RBP: ffff8880172c7b98 R08: ffffed1001f78d3e R09: ffffed1001f78d3e [ 147.398188] R10: ffff88800fbc69ef R11: ffffed1001f78d3d R12: ffff88800fbc6a90 [ 147.398730] R13: ffff88800fbc68a8 R14: ffffffffffffffff R15: ffff8880172c7c60 [ 147.399257] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.399847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.400266] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.400785] PKRU: 55555554 [ 147.400994] Call Trace: [ 147.401180] [ 147.401346] iommufd_ioas_destroy+0x53/0x70 [ 147.401668] iommufd_fops_release+0x1f7/0x370 [ 147.402005] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.402372] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.402756] ? write_comp_data+0x2f/0x90 [ 147.403069] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.403445] __fput+0x26d/0xa40 [ 147.403702] ____fput+0x1e/0x30 [ 147.403955] task_work_run+0x1a4/0x2d0 [ 147.404250] ? __pfx_task_work_run+0x10/0x10 [ 147.404577] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.404936] ? switch_task_namespaces+0xa9/0xe0 [ 147.405288] do_exit+0xb17/0x2ef0 [ 147.405545] ? lock_acquire+0x427/0x4c0 [ 147.405850] ? __pfx_lock_release+0x10/0x10 [ 147.406175] ? __kasan_check_write+0x18/0x20 [ 147.406524] ? do_raw_spin_lock+0x132/0x2a0 [ 147.406847] ? __pfx_do_exit+0x10/0x10 [ 147.407154] ? debug_smp_processor_id+0x20/0x30 [ 147.407507] ? rcu_is_watching+0x19/0xb0 [ 147.407814] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.408153] ? trace_hardirqs_on+0x26/0x120 [ 147.408479] do_group_exit+0xe0/0x2b0 [ 147.408762] __x64_sys_exit_group+0x47/0x50 [ 147.409080] do_syscall_64+0x3b/0x90 [ 147.409364] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.409752] RIP: 0033:0x7f4b87518a4d [ 147.410026] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.410474] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.411048] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.411573] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.412092] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.412611] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.413134] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.413663] [ 147.413838] irq event stamp: 0 [ 147.414071] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.414554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.415176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.415784] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.416245] ---[ end trace 0000000000000000 ]--- [ 147.420311] ------------[ cut here ]------------ [ 147.420672] WARNING: CPU: 0 PID: 1380 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.421575] Modules linked in: [ 147.421812] CPU: 0 PID: 1380 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.422451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.423420] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.423790] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.425143] RSP: 0018:ffff888023c9fbb8 EFLAGS: 00010246 [ 147.425533] RAX: 0000000000000000 RBX: ffff888016e770a8 RCX: 0000000000000000 [ 147.426051] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 147.426591] RBP: ffff888023c9fbd0 R08: ffffed1002dcee33 R09: ffffed1002dcee33 [ 147.427120] R10: ffff888016e77193 R11: ffffed1002dcee32 R12: ffff8880167ac400 [ 147.427644] R13: ffff888016e771e8 R14: ffffffff8352e670 R15: ffff888023c9fe68 [ 147.428171] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.428756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.429181] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 147.429703] PKRU: 55555554 [ 147.429914] Call Trace: [ 147.430102] [ 147.430273] __iommufd_access_detach+0x1c2/0x2b0 [ 147.430653] iommufd_access_change_pt+0x149/0x270 [ 147.431020] iommufd_access_replace+0xb4/0x120 [ 147.431389] iommufd_test+0x3e5/0x37e0 [ 147.431679] ? lock_release+0x532/0x770 [ 147.431986] ? __might_fault+0x102/0x1b0 [ 147.432296] ? lock_acquire+0x427/0x4c0 [ 147.432602] ? __pfx_iommufd_test+0x10/0x10 [ 147.432917] ? __pfx_lock_release+0x10/0x10 [ 147.433242] ? __pfx_lock_acquire+0x10/0x10 [ 147.433572] ? write_comp_data+0x2f/0x90 [ 147.433885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.434256] ? write_comp_data+0x2f/0x90 [ 147.434593] iommufd_fops_ioctl+0x37d/0x510 [ 147.434925] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.435310] ? write_comp_data+0x2f/0x90 [ 147.435626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.435990] __x64_sys_ioctl+0x1a3/0x230 [ 147.436306] do_syscall_64+0x3b/0x90 [ 147.436599] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.436994] RIP: 0033:0x7f4b8743ee5d [ 147.437275] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.438647] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.439237] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.439768] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.440298] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.440826] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.441354] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.441892] [ 147.442069] irq event stamp: 0 [ 147.442308] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.442805] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.443449] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.444073] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.444548] ---[ end trace 0000000000000000 ]--- [ 147.447442] ------------[ cut here ]------------ [ 147.447810] WARNING: CPU: 0 PID: 1380 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.448577] Modules linked in: [ 147.448818] CPU: 0 PID: 1380 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.449643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.450494] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.450923] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.452436] RSP: 0018:ffff888023c9fbd0 EFLAGS: 00010246 [ 147.452909] RAX: 0000000000000000 RBX: ffff888016e770a8 RCX: 0000000000000000 [ 147.453518] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 147.454062] RBP: ffff888023c9fbe8 R08: ffffed1002dcee33 R09: ffffed1002dcee33 [ 147.454698] R10: ffff888016e77193 R11: ffffed1002dcee32 R12: ffff888012b45c00 [ 147.455341] R13: ffff888016e771e8 R14: ffff888010924500 R15: 0000000000000000 [ 147.455882] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.456522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.457081] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.457630] PKRU: 55555554 [ 147.457851] Call Trace: [ 147.458049] [ 147.458251] iommufd_access_destroy_object+0x65/0x170 [ 147.458786] iommufd_object_destroy_user+0x18e/0x220 [ 147.459202] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.459666] iommufd_access_destroy+0x43/0x70 [ 147.460029] iommufd_test_staccess_release+0x8d/0xd0 [ 147.460466] __fput+0x26d/0xa40 [ 147.460864] ____fput+0x1e/0x30 [ 147.461140] task_work_run+0x1a4/0x2d0 [ 147.461458] ? __pfx_task_work_run+0x10/0x10 [ 147.461809] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.462199] ? switch_task_namespaces+0xa9/0xe0 [ 147.462742] do_exit+0xb17/0x2ef0 [ 147.463020] ? lock_acquire+0x427/0x4c0 [ 147.463353] ? __pfx_lock_release+0x10/0x10 [ 147.463704] ? __kasan_check_write+0x18/0x20 [ 147.464057] ? do_raw_spin_lock+0x132/0x2a0 [ 147.464398] ? __pfx_do_exit+0x10/0x10 [ 147.464781] ? debug_smp_processor_id+0x20/0x30 [ 147.465247] ? rcu_is_watching+0x19/0xb0 [ 147.465579] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.465942] ? trace_hardirqs_on+0x26/0x120 [ 147.466301] do_group_exit+0xe0/0x2b0 [ 147.466790] __x64_sys_exit_group+0x47/0x50 [ 147.467145] do_syscall_64+0x3b/0x90 [ 147.467453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.467868] RIP: 0033:0x7f4b87518a4d [ 147.468160] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.468683] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.469375] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.469931] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.470575] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.471211] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.471768] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.472333] [ 147.472542] irq event stamp: 0 [ 147.472917] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.473412] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.474071] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.474918] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.475433] ---[ end trace 0000000000000000 ]--- [ 147.476150] ------------[ cut here ]------------ [ 147.476539] WARNING: CPU: 0 PID: 1380 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.477546] Modules linked in: [ 147.477812] CPU: 0 PID: 1380 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.478634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.479670] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.480098] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.481777] RSP: 0018:ffff888023c9fb78 EFLAGS: 00010246 [ 147.482222] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.483005] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 147.483606] RBP: ffff888023c9fb98 R08: ffffed1002dcee3e R09: ffffed1002dcee3e [ 147.484202] R10: ffff888016e771ef R11: ffffed1002dcee3d R12: ffff888016e77290 [ 147.484821] R13: ffff888016e770a8 R14: ffffffffffffffff R15: ffff888023c9fc60 [ 147.485528] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.486186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.486713] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.487423] PKRU: 55555554 [ 147.487659] Call Trace: [ 147.487872] [ 147.488062] iommufd_ioas_destroy+0x53/0x70 [ 147.488432] iommufd_fops_release+0x1f7/0x370 [ 147.488843] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.489389] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.489802] ? write_comp_data+0x2f/0x90 [ 147.490143] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.490622] __fput+0x26d/0xa40 [ 147.491003] ____fput+0x1e/0x30 [ 147.491294] task_work_run+0x1a4/0x2d0 [ 147.491625] ? __pfx_task_work_run+0x10/0x10 [ 147.491999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.492450] ? switch_task_namespaces+0xa9/0xe0 [ 147.492968] do_exit+0xb17/0x2ef0 [ 147.493267] ? lock_acquire+0x427/0x4c0 [ 147.493608] ? __pfx_lock_release+0x10/0x10 [ 147.493972] ? __kasan_check_write+0x18/0x20 [ 147.494422] ? do_raw_spin_lock+0x132/0x2a0 [ 147.494913] ? __pfx_do_exit+0x10/0x10 [ 147.495258] ? debug_smp_processor_id+0x20/0x30 [ 147.495655] ? rcu_is_watching+0x19/0xb0 [ 147.496000] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.496453] ? trace_hardirqs_on+0x26/0x120 [ 147.496927] do_group_exit+0xe0/0x2b0 [ 147.497250] __x64_sys_exit_group+0x47/0x50 [ 147.497615] do_syscall_64+0x3b/0x90 [ 147.497939] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.498564] RIP: 0033:0x7f4b87518a4d [ 147.498875] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.499384] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.500048] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.500774] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.501369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.502082] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.502828] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.503453] [ 147.503660] irq event stamp: 0 [ 147.504012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.504697] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.505438] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.506349] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.506910] ---[ end trace 0000000000000000 ]--- [ 147.513283] ------------[ cut here ]------------ [ 147.513726] WARNING: CPU: 0 PID: 1381 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.514758] Modules linked in: [ 147.515167] CPU: 0 PID: 1381 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.515927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.516904] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.517340] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.518935] RSP: 0018:ffff888017847bb8 EFLAGS: 00010246 [ 147.519407] RAX: 0000000000000000 RBX: ffff88800ed910a8 RCX: 0000000000000000 [ 147.520038] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 147.520656] RBP: ffff888017847bd0 R08: ffffed1001db2233 R09: ffffed1001db2233 [ 147.521271] R10: ffff88800ed91193 R11: ffffed1001db2232 R12: ffff88801890a000 [ 147.521882] R13: ffff88800ed911e8 R14: ffffffff8352e670 R15: ffff888017847e68 [ 147.522493] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.523230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.523732] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ef0 [ 147.524347] PKRU: 55555554 [ 147.524591] Call Trace: [ 147.524811] [ 147.525009] __iommufd_access_detach+0x1c2/0x2b0 [ 147.525443] iommufd_access_change_pt+0x149/0x270 [ 147.525881] iommufd_access_replace+0xb4/0x120 [ 147.526291] iommufd_test+0x3e5/0x37e0 [ 147.526670] ? lock_release+0x532/0x770 [ 147.527033] ? __might_fault+0x102/0x1b0 [ 147.527401] ? lock_acquire+0x427/0x4c0 [ 147.527765] ? __pfx_iommufd_test+0x10/0x10 [ 147.528149] ? __pfx_lock_release+0x10/0x10 [ 147.528540] ? __pfx_lock_acquire+0x10/0x10 [ 147.528924] ? write_comp_data+0x2f/0x90 [ 147.529288] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.529719] ? write_comp_data+0x2f/0x90 [ 147.530082] iommufd_fops_ioctl+0x37d/0x510 [ 147.530465] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.530924] ? write_comp_data+0x2f/0x90 [ 147.531300] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.531724] __x64_sys_ioctl+0x1a3/0x230 [ 147.532088] do_syscall_64+0x3b/0x90 [ 147.532426] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.532884] RIP: 0033:0x7f4b8743ee5d [ 147.533210] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.534806] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.535491] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.536110] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.536739] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.537353] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.537963] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.538613] [ 147.538822] irq event stamp: 0 [ 147.539098] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.539654] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.540383] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.541104] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.541648] ---[ end trace 0000000000000000 ]--- [ 147.545026] ------------[ cut here ]------------ [ 147.545672] WARNING: CPU: 0 PID: 1381 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.546584] Modules linked in: [ 147.546862] CPU: 0 PID: 1381 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.547817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.548790] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.549248] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.550997] RSP: 0018:ffff888017847bd0 EFLAGS: 00010246 [ 147.551477] RAX: 0000000000000000 RBX: ffff88800ed910a8 RCX: 0000000000000000 [ 147.552087] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 147.552698] RBP: ffff888017847be8 R08: ffffed1001db2233 R09: ffffed1001db2233 [ 147.553307] R10: ffff88800ed91193 R11: ffffed1001db2232 R12: ffff8880134fa400 [ 147.553918] R13: ffff88800ed911e8 R14: ffff88800f19ee00 R15: 0000000000000000 [ 147.554551] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.555281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.555783] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.556399] PKRU: 55555554 [ 147.556649] Call Trace: [ 147.556875] [ 147.557073] iommufd_access_destroy_object+0x65/0x170 [ 147.557529] iommufd_object_destroy_user+0x18e/0x220 [ 147.557982] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.558493] iommufd_access_destroy+0x43/0x70 [ 147.558933] iommufd_test_staccess_release+0x8d/0xd0 [ 147.559397] __fput+0x26d/0xa40 [ 147.559706] ____fput+0x1e/0x30 [ 147.560004] task_work_run+0x1a4/0x2d0 [ 147.560352] ? __pfx_task_work_run+0x10/0x10 [ 147.560740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.561168] ? switch_task_namespaces+0xa9/0xe0 [ 147.561585] do_exit+0xb17/0x2ef0 [ 147.561892] ? lock_acquire+0x427/0x4c0 [ 147.562254] ? __pfx_lock_release+0x10/0x10 [ 147.562671] ? __kasan_check_write+0x18/0x20 [ 147.563062] ? do_raw_spin_lock+0x132/0x2a0 [ 147.563450] ? __pfx_do_exit+0x10/0x10 [ 147.563795] ? debug_smp_processor_id+0x20/0x30 [ 147.564225] ? rcu_is_watching+0x19/0xb0 [ 147.564782] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.565179] ? trace_hardirqs_on+0x26/0x120 [ 147.565559] do_group_exit+0xe0/0x2b0 [ 147.565892] __x64_sys_exit_group+0x47/0x50 [ 147.566317] do_syscall_64+0x3b/0x90 [ 147.566819] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.567286] RIP: 0033:0x7f4b87518a4d [ 147.567608] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.568131] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.569013] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.569614] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.570217] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.571016] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.571644] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.572256] [ 147.572458] irq event stamp: 0 [ 147.572730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.573445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.574158] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.574978] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.575621] ---[ end trace 0000000000000000 ]--- [ 147.576359] ------------[ cut here ]------------ [ 147.576764] WARNING: CPU: 0 PID: 1381 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.577833] Modules linked in: [ 147.578107] CPU: 0 PID: 1381 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.578885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.580074] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.580518] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.582301] RSP: 0018:ffff888017847b78 EFLAGS: 00010246 [ 147.582787] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.583418] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 147.584202] RBP: ffff888017847b98 R08: ffffed1001db223e R09: ffffed1001db223e [ 147.584811] R10: ffff88800ed911ef R11: ffffed1001db223d R12: ffff88800ed91290 [ 147.585419] R13: ffff88800ed910a8 R14: ffffffffffffffff R15: ffff888017847c60 [ 147.586203] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.586916] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.587438] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.588146] PKRU: 55555554 [ 147.588522] Call Trace: [ 147.588743] [ 147.588936] iommufd_ioas_destroy+0x53/0x70 [ 147.589320] iommufd_fops_release+0x1f7/0x370 [ 147.589720] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.590244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.590827] ? write_comp_data+0x2f/0x90 [ 147.591207] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.591643] __fput+0x26d/0xa40 [ 147.591947] ____fput+0x1e/0x30 [ 147.592247] task_work_run+0x1a4/0x2d0 [ 147.592670] ? __pfx_task_work_run+0x10/0x10 [ 147.593191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.593618] ? switch_task_namespaces+0xa9/0xe0 [ 147.594031] do_exit+0xb17/0x2ef0 [ 147.594374] ? lock_acquire+0x427/0x4c0 [ 147.594883] ? __pfx_lock_release+0x10/0x10 [ 147.595272] ? __kasan_check_write+0x18/0x20 [ 147.595660] ? do_raw_spin_lock+0x132/0x2a0 [ 147.596037] ? __pfx_do_exit+0x10/0x10 [ 147.596383] ? debug_smp_processor_id+0x20/0x30 [ 147.596879] ? rcu_is_watching+0x19/0xb0 [ 147.597344] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.597743] ? trace_hardirqs_on+0x26/0x120 [ 147.598122] do_group_exit+0xe0/0x2b0 [ 147.598455] __x64_sys_exit_group+0x47/0x50 [ 147.599035] do_syscall_64+0x3b/0x90 [ 147.599380] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.599838] RIP: 0033:0x7f4b87518a4d [ 147.600162] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.600689] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.601346] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.601950] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.602587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.603217] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.603823] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.604439] [ 147.604639] irq event stamp: 0 [ 147.604911] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.605453] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.606163] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.606901] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.607453] ---[ end trace 0000000000000000 ]--- [ 147.613834] ------------[ cut here ]------------ [ 147.614280] WARNING: CPU: 0 PID: 1382 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.615372] Modules linked in: [ 147.615650] CPU: 0 PID: 1382 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.616394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.617351] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.617777] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.619381] RSP: 0018:ffff8880180a7bb8 EFLAGS: 00010246 [ 147.619839] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 147.620437] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 147.621040] RBP: ffff8880180a7bd0 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 147.621644] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff888010824c00 [ 147.622245] R13: ffff8880104669e8 R14: ffffffff8352e670 R15: ffff8880180a7e68 [ 147.622867] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.623564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.624064] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 147.624670] PKRU: 55555554 [ 147.624914] Call Trace: [ 147.625135] [ 147.625329] __iommufd_access_detach+0x1c2/0x2b0 [ 147.625751] iommufd_access_change_pt+0x149/0x270 [ 147.626173] iommufd_access_replace+0xb4/0x120 [ 147.626596] iommufd_test+0x3e5/0x37e0 [ 147.626940] ? lock_release+0x532/0x770 [ 147.627312] ? __might_fault+0x102/0x1b0 [ 147.627673] ? lock_acquire+0x427/0x4c0 [ 147.628022] ? __pfx_iommufd_test+0x10/0x10 [ 147.628391] ? __pfx_lock_release+0x10/0x10 [ 147.628772] ? __pfx_lock_acquire+0x10/0x10 [ 147.629153] ? write_comp_data+0x2f/0x90 [ 147.629511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.629931] ? write_comp_data+0x2f/0x90 [ 147.630290] iommufd_fops_ioctl+0x37d/0x510 [ 147.630693] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.631132] ? write_comp_data+0x2f/0x90 [ 147.631490] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.631904] __x64_sys_ioctl+0x1a3/0x230 [ 147.632265] do_syscall_64+0x3b/0x90 [ 147.632604] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.633055] RIP: 0033:0x7f4b8743ee5d [ 147.633377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.634951] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.635619] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.636223] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.636836] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.637442] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.638050] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.638688] [ 147.638893] irq event stamp: 0 [ 147.639177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.639716] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.640443] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.641155] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.641692] ---[ end trace 0000000000000000 ]--- [ 147.644903] ------------[ cut here ]------------ [ 147.645541] WARNING: CPU: 0 PID: 1382 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.646409] Modules linked in: [ 147.646721] CPU: 0 PID: 1382 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.647574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.648632] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.649062] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.650830] RSP: 0018:ffff8880180a7bd0 EFLAGS: 00010246 [ 147.651304] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 147.652087] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 147.652698] RBP: ffff8880180a7be8 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 147.653305] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff88801890b800 [ 147.654093] R13: ffff8880104669e8 R14: ffff88800b1d8d00 R15: 0000000000000000 [ 147.654725] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.655426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.656013] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.656735] PKRU: 55555554 [ 147.656982] Call Trace: [ 147.657200] [ 147.657395] iommufd_access_destroy_object+0x65/0x170 [ 147.657886] iommufd_object_destroy_user+0x18e/0x220 [ 147.658433] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.658960] iommufd_access_destroy+0x43/0x70 [ 147.659368] iommufd_test_staccess_release+0x8d/0xd0 [ 147.659817] __fput+0x26d/0xa40 [ 147.660168] ____fput+0x1e/0x30 [ 147.660574] task_work_run+0x1a4/0x2d0 [ 147.660922] ? __pfx_task_work_run+0x10/0x10 [ 147.661307] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.661750] ? switch_task_namespaces+0xa9/0xe0 [ 147.662344] do_exit+0xb17/0x2ef0 [ 147.662670] ? lock_acquire+0x427/0x4c0 [ 147.663029] ? __pfx_lock_release+0x10/0x10 [ 147.663418] ? __kasan_check_write+0x18/0x20 [ 147.663812] ? do_raw_spin_lock+0x132/0x2a0 [ 147.664192] ? __pfx_do_exit+0x10/0x10 [ 147.664635] ? debug_smp_processor_id+0x20/0x30 [ 147.665138] ? rcu_is_watching+0x19/0xb0 [ 147.665496] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.665901] ? trace_hardirqs_on+0x26/0x120 [ 147.666314] do_group_exit+0xe0/0x2b0 [ 147.666815] __x64_sys_exit_group+0x47/0x50 [ 147.667204] do_syscall_64+0x3b/0x90 [ 147.667541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.668004] RIP: 0033:0x7f4b87518a4d [ 147.668328] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.669063] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.669727] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.670351] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.671178] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.671803] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.672425] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.673118] [ 147.673428] irq event stamp: 0 [ 147.673706] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.674257] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.675045] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.675891] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.676446] ---[ end trace 0000000000000000 ]--- [ 147.677200] ------------[ cut here ]------------ [ 147.677737] WARNING: CPU: 0 PID: 1382 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.678661] Modules linked in: [ 147.678950] CPU: 0 PID: 1382 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.679901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.680877] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.681485] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.683179] RSP: 0018:ffff8880180a7b78 EFLAGS: 00010246 [ 147.683744] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.684368] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 147.685062] RBP: ffff8880180a7b98 R08: ffffed100208cd3e R09: ffffed100208cd3e [ 147.685768] R10: ffff8880104669ef R11: ffffed100208cd3d R12: ffff888010466a90 [ 147.686386] R13: ffff8880104668a8 R14: ffffffffffffffff R15: ffff8880180a7c60 [ 147.687072] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.687879] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.688390] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.689103] PKRU: 55555554 [ 147.689439] Call Trace: [ 147.689664] [ 147.689863] iommufd_ioas_destroy+0x53/0x70 [ 147.690249] iommufd_fops_release+0x1f7/0x370 [ 147.690673] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.691314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.691757] ? write_comp_data+0x2f/0x90 [ 147.692126] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.692569] __fput+0x26d/0xa40 [ 147.692968] ____fput+0x1e/0x30 [ 147.693377] task_work_run+0x1a4/0x2d0 [ 147.693740] ? __pfx_task_work_run+0x10/0x10 [ 147.694136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.694589] ? switch_task_namespaces+0xa9/0xe0 [ 147.695101] do_exit+0xb17/0x2ef0 [ 147.695532] ? lock_acquire+0x427/0x4c0 [ 147.695897] ? __pfx_lock_release+0x10/0x10 [ 147.696287] ? __kasan_check_write+0x18/0x20 [ 147.696677] ? do_raw_spin_lock+0x132/0x2a0 [ 147.697228] ? __pfx_do_exit+0x10/0x10 [ 147.697588] ? debug_smp_processor_id+0x20/0x30 [ 147.697998] ? rcu_is_watching+0x19/0xb0 [ 147.698367] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.698806] ? trace_hardirqs_on+0x26/0x120 [ 147.699405] do_group_exit+0xe0/0x2b0 [ 147.699752] __x64_sys_exit_group+0x47/0x50 [ 147.700132] do_syscall_64+0x3b/0x90 [ 147.700480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.700986] RIP: 0033:0x7f4b87518a4d [ 147.701426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.701964] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.702647] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.703470] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.704094] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.704716] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.705337] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.705963] [ 147.706168] irq event stamp: 0 [ 147.706443] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.707013] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.707753] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.708474] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.709017] ---[ end trace 0000000000000000 ]--- [ 147.713629] ------------[ cut here ]------------ [ 147.714076] WARNING: CPU: 0 PID: 1383 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.714995] Modules linked in: [ 147.715298] CPU: 0 PID: 1383 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.716058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.717029] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.717458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.719262] RSP: 0018:ffff888015ae7bb8 EFLAGS: 00010246 [ 147.719726] RAX: 0000000000000000 RBX: ffff88801781a8a8 RCX: 0000000000000000 [ 147.720336] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 147.720948] RBP: ffff888015ae7bd0 R08: ffffed1002f03533 R09: ffffed1002f03533 [ 147.721571] R10: ffff88801781a993 R11: ffffed1002f03532 R12: ffff888012e92400 [ 147.722185] R13: ffff88801781a9e8 R14: ffffffff8352e670 R15: ffff888015ae7e68 [ 147.722830] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.723545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.724047] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 147.724665] PKRU: 55555554 [ 147.724910] Call Trace: [ 147.725133] [ 147.725327] __iommufd_access_detach+0x1c2/0x2b0 [ 147.725750] iommufd_access_change_pt+0x149/0x270 [ 147.726188] iommufd_access_replace+0xb4/0x120 [ 147.726619] iommufd_test+0x3e5/0x37e0 [ 147.726961] ? lock_release+0x532/0x770 [ 147.727341] ? __might_fault+0x102/0x1b0 [ 147.727702] ? lock_acquire+0x427/0x4c0 [ 147.728068] ? __pfx_iommufd_test+0x10/0x10 [ 147.728445] ? __pfx_lock_release+0x10/0x10 [ 147.728831] ? __pfx_lock_acquire+0x10/0x10 [ 147.729220] ? write_comp_data+0x2f/0x90 [ 147.729586] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.730017] ? write_comp_data+0x2f/0x90 [ 147.730385] iommufd_fops_ioctl+0x37d/0x510 [ 147.730791] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.731236] ? write_comp_data+0x2f/0x90 [ 147.731601] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.732015] __x64_sys_ioctl+0x1a3/0x230 [ 147.732377] do_syscall_64+0x3b/0x90 [ 147.732705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.733154] RIP: 0033:0x7f4b8743ee5d [ 147.733461] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.734972] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.735610] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.736192] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.736770] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.737346] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.737925] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.738543] [ 147.738737] irq event stamp: 0 [ 147.738998] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.739526] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.740225] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.740930] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.741454] ---[ end trace 0000000000000000 ]--- [ 147.744369] ------------[ cut here ]------------ [ 147.744792] WARNING: CPU: 0 PID: 1383 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.745615] Modules linked in: [ 147.745877] CPU: 0 PID: 1383 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.746637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.747565] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.747970] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.749452] RSP: 0018:ffff888015ae7bd0 EFLAGS: 00010246 [ 147.749884] RAX: 0000000000000000 RBX: ffff88801781a8a8 RCX: 0000000000000000 [ 147.750465] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 147.751067] RBP: ffff888015ae7be8 R08: ffffed1002f03533 R09: ffffed1002f03533 [ 147.751658] R10: ffff88801781a993 R11: ffffed1002f03532 R12: ffff888010826400 [ 147.752236] R13: ffff88801781a9e8 R14: ffff888021858c00 R15: 0000000000000000 [ 147.752813] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.753465] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.753935] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.754549] PKRU: 55555554 [ 147.754782] Call Trace: [ 147.754993] [ 147.755187] iommufd_access_destroy_object+0x65/0x170 [ 147.755616] iommufd_object_destroy_user+0x18e/0x220 [ 147.756036] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.756517] iommufd_access_destroy+0x43/0x70 [ 147.756901] iommufd_test_staccess_release+0x8d/0xd0 [ 147.757323] __fput+0x26d/0xa40 [ 147.757612] ____fput+0x1e/0x30 [ 147.757890] task_work_run+0x1a4/0x2d0 [ 147.758219] ? __pfx_task_work_run+0x10/0x10 [ 147.758602] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.759010] ? switch_task_namespaces+0xa9/0xe0 [ 147.759421] do_exit+0xb17/0x2ef0 [ 147.759709] ? lock_acquire+0x427/0x4c0 [ 147.760045] ? __pfx_lock_release+0x10/0x10 [ 147.760406] ? __kasan_check_write+0x18/0x20 [ 147.760777] ? do_raw_spin_lock+0x132/0x2a0 [ 147.761136] ? __pfx_do_exit+0x10/0x10 [ 147.761466] ? debug_smp_processor_id+0x20/0x30 [ 147.761853] ? rcu_is_watching+0x19/0xb0 [ 147.762190] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.762590] ? trace_hardirqs_on+0x26/0x120 [ 147.762960] do_group_exit+0xe0/0x2b0 [ 147.763292] __x64_sys_exit_group+0x47/0x50 [ 147.763646] do_syscall_64+0x3b/0x90 [ 147.763966] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.764403] RIP: 0033:0x7f4b87518a4d [ 147.764711] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.765214] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.765830] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.766409] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.767017] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.767626] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.768214] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.768815] [ 147.769015] irq event stamp: 0 [ 147.769278] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.769798] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.770496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.771218] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.771737] ---[ end trace 0000000000000000 ]--- [ 147.772463] ------------[ cut here ]------------ [ 147.772853] WARNING: CPU: 0 PID: 1383 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.773700] Modules linked in: [ 147.773969] CPU: 0 PID: 1383 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.774728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.775692] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.776120] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.777609] RSP: 0018:ffff888015ae7b78 EFLAGS: 00010246 [ 147.778048] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.778653] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 147.779248] RBP: ffff888015ae7b98 R08: ffffed1002f0353e R09: ffffed1002f0353e [ 147.779832] R10: ffff88801781a9ef R11: ffffed1002f0353d R12: ffff88801781aa90 [ 147.780421] R13: ffff88801781a8a8 R14: ffffffffffffffff R15: ffff888015ae7c60 [ 147.781004] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.781662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.782133] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.782745] PKRU: 55555554 [ 147.782984] Call Trace: [ 147.783211] [ 147.783401] iommufd_ioas_destroy+0x53/0x70 [ 147.783769] iommufd_fops_release+0x1f7/0x370 [ 147.784145] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.784562] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.784971] ? write_comp_data+0x2f/0x90 [ 147.785319] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.785730] __fput+0x26d/0xa40 [ 147.786017] ____fput+0x1e/0x30 [ 147.786304] task_work_run+0x1a4/0x2d0 [ 147.786661] ? __pfx_task_work_run+0x10/0x10 [ 147.787037] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.787472] ? switch_task_namespaces+0xa9/0xe0 [ 147.787880] do_exit+0xb17/0x2ef0 [ 147.788172] ? lock_acquire+0x427/0x4c0 [ 147.788512] ? __pfx_lock_release+0x10/0x10 [ 147.788877] ? __kasan_check_write+0x18/0x20 [ 147.789245] ? do_raw_spin_lock+0x132/0x2a0 [ 147.789610] ? __pfx_do_exit+0x10/0x10 [ 147.789949] ? debug_smp_processor_id+0x20/0x30 [ 147.790345] ? rcu_is_watching+0x19/0xb0 [ 147.790706] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.791106] ? trace_hardirqs_on+0x26/0x120 [ 147.791485] do_group_exit+0xe0/0x2b0 [ 147.791805] __x64_sys_exit_group+0x47/0x50 [ 147.792159] do_syscall_64+0x3b/0x90 [ 147.792478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.792912] RIP: 0033:0x7f4b87518a4d [ 147.793221] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.793725] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.794344] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.794960] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.795558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.796141] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.796723] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.797311] [ 147.797503] irq event stamp: 0 [ 147.797763] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.798278] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.798990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.799679] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.800195] ---[ end trace 0000000000000000 ]--- [ 147.804186] ------------[ cut here ]------------ [ 147.804618] WARNING: CPU: 0 PID: 1384 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.805450] Modules linked in: [ 147.805713] CPU: 0 PID: 1384 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.806429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.807415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.807823] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.809312] RSP: 0018:ffff888023eafbb8 EFLAGS: 00010246 [ 147.809751] RAX: 0000000000000000 RBX: ffff888023c9c8a8 RCX: 0000000000000000 [ 147.810340] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 147.810945] RBP: ffff888023eafbd0 R08: ffffed1004793933 R09: ffffed1004793933 [ 147.811548] R10: ffff888023c9c993 R11: ffffed1004793932 R12: ffff888010c09000 [ 147.812137] R13: ffff888023c9c9e8 R14: ffffffff8352e670 R15: ffff888023eafe68 [ 147.812722] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.813380] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.813857] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ef0 [ 147.814443] PKRU: 55555554 [ 147.814702] Call Trace: [ 147.814915] [ 147.815103] __iommufd_access_detach+0x1c2/0x2b0 [ 147.815522] iommufd_access_change_pt+0x149/0x270 [ 147.815934] iommufd_access_replace+0xb4/0x120 [ 147.816325] iommufd_test+0x3e5/0x37e0 [ 147.816655] ? lock_release+0x532/0x770 [ 147.817009] ? __might_fault+0x102/0x1b0 [ 147.817362] ? lock_acquire+0x427/0x4c0 [ 147.817703] ? __pfx_iommufd_test+0x10/0x10 [ 147.818065] ? __pfx_lock_release+0x10/0x10 [ 147.818429] ? __pfx_lock_acquire+0x10/0x10 [ 147.818825] ? write_comp_data+0x2f/0x90 [ 147.819201] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.819616] ? write_comp_data+0x2f/0x90 [ 147.819960] iommufd_fops_ioctl+0x37d/0x510 [ 147.820318] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.820725] ? write_comp_data+0x2f/0x90 [ 147.821074] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.821484] __x64_sys_ioctl+0x1a3/0x230 [ 147.821834] do_syscall_64+0x3b/0x90 [ 147.822156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.822610] RIP: 0033:0x7f4b8743ee5d [ 147.822920] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.824430] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.825062] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.825654] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.826241] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.826854] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.827485] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.828103] [ 147.828307] irq event stamp: 0 [ 147.828579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.829127] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.829846] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.830582] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.831138] ---[ end trace 0000000000000000 ]--- [ 147.834004] ------------[ cut here ]------------ [ 147.834445] WARNING: CPU: 0 PID: 1384 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.835357] Modules linked in: [ 147.835641] CPU: 0 PID: 1384 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.836399] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.837362] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.837803] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.839426] RSP: 0018:ffff888023eafbd0 EFLAGS: 00010246 [ 147.839899] RAX: 0000000000000000 RBX: ffff888023c9c8a8 RCX: 0000000000000000 [ 147.840518] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 147.841134] RBP: ffff888023eafbe8 R08: ffffed1004793933 R09: ffffed1004793933 [ 147.841758] R10: ffff888023c9c993 R11: ffffed1004793932 R12: ffff888012e92c00 [ 147.842389] R13: ffff888023c9c9e8 R14: ffff888013a7ed00 R15: 0000000000000000 [ 147.843054] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.843771] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.844283] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.844906] PKRU: 55555554 [ 147.845160] Call Trace: [ 147.845390] [ 147.845593] iommufd_access_destroy_object+0x65/0x170 [ 147.846056] iommufd_object_destroy_user+0x18e/0x220 [ 147.846541] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.847059] iommufd_access_destroy+0x43/0x70 [ 147.847485] iommufd_test_staccess_release+0x8d/0xd0 [ 147.847939] __fput+0x26d/0xa40 [ 147.848246] ____fput+0x1e/0x30 [ 147.848549] task_work_run+0x1a4/0x2d0 [ 147.848902] ? __pfx_task_work_run+0x10/0x10 [ 147.849302] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.849740] ? switch_task_namespaces+0xa9/0xe0 [ 147.850164] do_exit+0xb17/0x2ef0 [ 147.850467] ? lock_acquire+0x427/0x4c0 [ 147.850877] ? __pfx_lock_release+0x10/0x10 [ 147.851290] ? __kasan_check_write+0x18/0x20 [ 147.851689] ? do_raw_spin_lock+0x132/0x2a0 [ 147.852071] ? __pfx_do_exit+0x10/0x10 [ 147.852422] ? debug_smp_processor_id+0x20/0x30 [ 147.852842] ? rcu_is_watching+0x19/0xb0 [ 147.853208] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.853614] ? trace_hardirqs_on+0x26/0x120 [ 147.854005] do_group_exit+0xe0/0x2b0 [ 147.854351] __x64_sys_exit_group+0x47/0x50 [ 147.854766] do_syscall_64+0x3b/0x90 [ 147.855118] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.855592] RIP: 0033:0x7f4b87518a4d [ 147.855925] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.856463] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.857126] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.857745] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.858366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.859027] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.859664] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.860295] [ 147.860502] irq event stamp: 0 [ 147.860778] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.861329] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.862050] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.862796] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.863365] ---[ end trace 0000000000000000 ]--- [ 147.864135] ------------[ cut here ]------------ [ 147.864551] WARNING: CPU: 0 PID: 1384 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.865441] Modules linked in: [ 147.865730] CPU: 0 PID: 1384 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.866539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.867531] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.867989] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.869578] RSP: 0018:ffff888023eafb78 EFLAGS: 00010246 [ 147.870059] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.870708] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 147.871349] RBP: ffff888023eafb98 R08: ffffed100479393e R09: ffffed100479393e [ 147.871976] R10: ffff888023c9c9ef R11: ffffed100479393d R12: ffff888023c9ca90 [ 147.872604] R13: ffff888023c9c8a8 R14: ffffffffffffffff R15: ffff888023eafc60 [ 147.873230] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.873937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.874449] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 147.875102] PKRU: 55555554 [ 147.875368] Call Trace: [ 147.875598] [ 147.875801] iommufd_ioas_destroy+0x53/0x70 [ 147.876188] iommufd_fops_release+0x1f7/0x370 [ 147.876592] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.877043] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.877484] ? write_comp_data+0x2f/0x90 [ 147.877856] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.878295] __fput+0x26d/0xa40 [ 147.878637] ____fput+0x1e/0x30 [ 147.878947] task_work_run+0x1a4/0x2d0 [ 147.879317] ? __pfx_task_work_run+0x10/0x10 [ 147.879718] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.880162] ? switch_task_namespaces+0xa9/0xe0 [ 147.880592] do_exit+0xb17/0x2ef0 [ 147.880905] ? lock_acquire+0x427/0x4c0 [ 147.881264] ? __pfx_lock_release+0x10/0x10 [ 147.881649] ? __kasan_check_write+0x18/0x20 [ 147.882038] ? do_raw_spin_lock+0x132/0x2a0 [ 147.882420] ? __pfx_do_exit+0x10/0x10 [ 147.882800] ? debug_smp_processor_id+0x20/0x30 [ 147.883224] ? rcu_is_watching+0x19/0xb0 [ 147.883588] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.883993] ? trace_hardirqs_on+0x26/0x120 [ 147.884384] do_group_exit+0xe0/0x2b0 [ 147.884727] __x64_sys_exit_group+0x47/0x50 [ 147.885108] do_syscall_64+0x3b/0x90 [ 147.885441] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.885904] RIP: 0033:0x7f4b87518a4d [ 147.886239] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.886835] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.887561] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.888226] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.888882] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.889540] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.890203] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.890921] [ 147.891153] irq event stamp: 0 [ 147.891452] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.892043] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.892831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.893609] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.894196] ---[ end trace 0000000000000000 ]--- [ 147.899261] ------------[ cut here ]------------ [ 147.899759] WARNING: CPU: 0 PID: 1385 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.900696] Modules linked in: [ 147.900996] CPU: 0 PID: 1385 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.901816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.903086] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.903573] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.905827] RSP: 0018:ffff888014be7bb8 EFLAGS: 00010246 [ 147.906332] RAX: 0000000000000000 RBX: ffff888016e340a8 RCX: 0000000000000000 [ 147.907277] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 147.907951] RBP: ffff888014be7bd0 R08: ffffed1002dc6833 R09: ffffed1002dc6833 [ 147.908621] R10: ffff888016e34193 R11: ffffed1002dc6832 R12: ffff888014763000 [ 147.909529] R13: ffff888016e341e8 R14: ffffffff8352e670 R15: ffff888014be7e68 [ 147.910195] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.910971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.911618] CR2: 0000000020000140 CR3: 0000000018302000 CR4: 0000000000750ef0 [ 147.912440] PKRU: 55555554 [ 147.912710] Call Trace: [ 147.912952] [ 147.913166] __iommufd_access_detach+0x1c2/0x2b0 [ 147.913658] iommufd_access_change_pt+0x149/0x270 [ 147.914329] iommufd_access_replace+0xb4/0x120 [ 147.914805] iommufd_test+0x3e5/0x37e0 [ 147.915199] ? lock_release+0x532/0x770 [ 147.915582] ? __might_fault+0x102/0x1b0 [ 147.915965] ? lock_acquire+0x427/0x4c0 [ 147.916440] ? __pfx_iommufd_test+0x10/0x10 [ 147.916993] ? __pfx_lock_release+0x10/0x10 [ 147.917410] ? __pfx_lock_acquire+0x10/0x10 [ 147.917822] ? write_comp_data+0x2f/0x90 [ 147.918236] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.918889] ? write_comp_data+0x2f/0x90 [ 147.919294] iommufd_fops_ioctl+0x37d/0x510 [ 147.919708] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.920172] ? write_comp_data+0x2f/0x90 [ 147.920562] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 147.921221] __x64_sys_ioctl+0x1a3/0x230 [ 147.921620] do_syscall_64+0x3b/0x90 [ 147.921980] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.922477] RIP: 0033:0x7f4b8743ee5d [ 147.922879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 147.924751] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 147.925654] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 147.926321] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 147.927029] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 147.927709] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 147.928375] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 147.929281] [ 147.929503] irq event stamp: 0 [ 147.929802] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.930401] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.931333] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.932192] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.932789] ---[ end trace 0000000000000000 ]--- [ 147.936847] ------------[ cut here ]------------ [ 147.937416] WARNING: CPU: 0 PID: 1385 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 147.938455] Modules linked in: [ 147.938837] CPU: 0 PID: 1385 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.939823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.940872] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 147.941345] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 147.943074] RSP: 0018:ffff888014be7bd0 EFLAGS: 00010246 [ 147.943584] RAX: 0000000000000000 RBX: ffff888016e340a8 RCX: 0000000000000000 [ 147.944248] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 147.944914] RBP: ffff888014be7be8 R08: ffffed1002dc6833 R09: ffffed1002dc6833 [ 147.945581] R10: ffff888016e34193 R11: ffffed1002dc6832 R12: ffff888010c0a400 [ 147.946247] R13: ffff888016e341e8 R14: ffff88800fd2d900 R15: 0000000000000000 [ 147.946939] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.947701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.948246] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 147.948920] PKRU: 55555554 [ 147.949185] Call Trace: [ 147.949427] [ 147.949639] iommufd_access_destroy_object+0x65/0x170 [ 147.950130] iommufd_object_destroy_user+0x18e/0x220 [ 147.950635] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 147.951197] iommufd_access_destroy+0x43/0x70 [ 147.951631] iommufd_test_staccess_release+0x8d/0xd0 [ 147.952117] __fput+0x26d/0xa40 [ 147.952444] ____fput+0x1e/0x30 [ 147.952764] task_work_run+0x1a4/0x2d0 [ 147.953143] ? __pfx_task_work_run+0x10/0x10 [ 147.953566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.954030] ? switch_task_namespaces+0xa9/0xe0 [ 147.954483] do_exit+0xb17/0x2ef0 [ 147.954840] ? lock_acquire+0x427/0x4c0 [ 147.955238] ? __pfx_lock_release+0x10/0x10 [ 147.955656] ? __kasan_check_write+0x18/0x20 [ 147.956076] ? do_raw_spin_lock+0x132/0x2a0 [ 147.956488] ? __pfx_do_exit+0x10/0x10 [ 147.956872] ? debug_smp_processor_id+0x20/0x30 [ 147.957322] ? rcu_is_watching+0x19/0xb0 [ 147.957712] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.958148] ? trace_hardirqs_on+0x26/0x120 [ 147.958599] do_group_exit+0xe0/0x2b0 [ 147.958970] __x64_sys_exit_group+0x47/0x50 [ 147.959382] do_syscall_64+0x3b/0x90 [ 147.959743] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.960247] RIP: 0033:0x7f4b87518a4d [ 147.960606] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.961182] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.961894] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.962594] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 147.963276] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 147.963944] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 147.964610] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 147.965286] [ 147.965509] irq event stamp: 0 [ 147.965804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 147.966398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 147.967230] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 147.968024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 147.968613] ---[ end trace 0000000000000000 ]--- [ 147.969619] ------------[ cut here ]------------ [ 147.970252] WARNING: CPU: 0 PID: 1385 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 147.971327] Modules linked in: [ 147.971643] CPU: 0 PID: 1385 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 147.972567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 147.973738] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 147.974225] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 147.976176] RSP: 0018:ffff888014be7b78 EFLAGS: 00010246 [ 147.976695] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 147.977568] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 147.978237] RBP: ffff888014be7b98 R08: ffffed1002dc683e R09: ffffed1002dc683e [ 147.978951] R10: ffff888016e341ef R11: ffffed1002dc683d R12: ffff888016e34290 [ 147.979722] R13: ffff888016e340a8 R14: ffffffffffffffff R15: ffff888014be7c60 [ 147.980531] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 147.981360] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.982203] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 147.982971] PKRU: 55555554 [ 147.983276] Call Trace: [ 147.983539] [ 147.983771] iommufd_ioas_destroy+0x53/0x70 [ 147.984259] iommufd_fops_release+0x1f7/0x370 [ 147.984928] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.985446] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.985963] ? write_comp_data+0x2f/0x90 [ 147.986394] ? __pfx_iommufd_fops_release+0x10/0x10 [ 147.987202] __fput+0x26d/0xa40 [ 147.987564] ____fput+0x1e/0x30 [ 147.987915] task_work_run+0x1a4/0x2d0 [ 147.988327] ? __pfx_task_work_run+0x10/0x10 [ 147.988784] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 147.989292] ? switch_task_namespaces+0xa9/0xe0 [ 147.990022] do_exit+0xb17/0x2ef0 [ 147.990388] ? lock_acquire+0x427/0x4c0 [ 147.990843] ? __pfx_lock_release+0x10/0x10 [ 147.991308] ? __kasan_check_write+0x18/0x20 [ 147.991768] ? do_raw_spin_lock+0x132/0x2a0 [ 147.992325] ? __pfx_do_exit+0x10/0x10 [ 147.992854] ? debug_smp_processor_id+0x20/0x30 [ 147.993342] ? rcu_is_watching+0x19/0xb0 [ 147.993758] ? _raw_spin_unlock_irq+0x2b/0x60 [ 147.994239] ? trace_hardirqs_on+0x26/0x120 [ 147.995007] do_group_exit+0xe0/0x2b0 [ 147.995431] __x64_sys_exit_group+0x47/0x50 [ 147.995873] do_syscall_64+0x3b/0x90 [ 147.996265] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 147.996802] RIP: 0033:0x7f4b87518a4d [ 147.997221] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 147.998097] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 147.998908] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 147.999645] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.000629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.001354] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.002129] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.003134] [ 148.003386] irq event stamp: 0 [ 148.003721] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.004358] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.005485] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.006347] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.007045] ---[ end trace 0000000000000000 ]--- [ 148.013977] ------------[ cut here ]------------ [ 148.014617] WARNING: CPU: 1 PID: 1386 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.015959] Modules linked in: [ 148.016298] CPU: 1 PID: 1386 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.017233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.018660] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.019210] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.021441] RSP: 0018:ffff88801085fbb8 EFLAGS: 00010246 [ 148.022004] RAX: 0000000000000000 RBX: ffff88801593c0a8 RCX: 0000000000000000 [ 148.022792] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 148.023558] RBP: ffff88801085fbd0 R08: ffffed1002b27833 R09: ffffed1002b27833 [ 148.024314] R10: ffff88801593c193 R11: ffffed1002b27832 R12: ffff888012b45000 [ 148.025078] R13: ffff88801593c1e8 R14: ffffffff8352e670 R15: ffff88801085fe68 [ 148.026027] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.027040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.027895] CR2: 00007f4b877410e8 CR3: 0000000014b0c000 CR4: 0000000000750ee0 [ 148.028656] PKRU: 55555554 [ 148.028949] Call Trace: [ 148.029222] [ 148.029462] __iommufd_access_detach+0x1c2/0x2b0 [ 148.029974] iommufd_access_change_pt+0x149/0x270 [ 148.030782] iommufd_access_replace+0xb4/0x120 [ 148.031299] iommufd_test+0x3e5/0x37e0 [ 148.031733] ? lock_release+0x532/0x770 [ 148.032170] ? __might_fault+0x102/0x1b0 [ 148.032597] ? lock_acquire+0x427/0x4c0 [ 148.033103] ? __pfx_iommufd_test+0x10/0x10 [ 148.033689] ? __pfx_lock_release+0x10/0x10 [ 148.034152] ? __pfx_lock_acquire+0x10/0x10 [ 148.034665] ? write_comp_data+0x2f/0x90 [ 148.035109] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.035655] ? write_comp_data+0x2f/0x90 [ 148.036223] iommufd_fops_ioctl+0x37d/0x510 [ 148.036777] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.037294] ? write_comp_data+0x2f/0x90 [ 148.037742] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.038268] __x64_sys_ioctl+0x1a3/0x230 [ 148.038960] do_syscall_64+0x3b/0x90 [ 148.039385] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.039937] RIP: 0033:0x7f4b8743ee5d [ 148.040326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.042466] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.043328] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.044152] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.045041] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.045787] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.046690] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.047600] [ 148.047849] irq event stamp: 0 [ 148.048179] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.048843] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.049957] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.050875] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.051554] ---[ end trace 0000000000000000 ]--- [ 148.055185] ------------[ cut here ]------------ [ 148.055722] WARNING: CPU: 1 PID: 1386 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.056767] Modules linked in: [ 148.057277] CPU: 1 PID: 1386 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.058180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.059529] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.060177] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.062181] RSP: 0018:ffff88801085fbd0 EFLAGS: 00010246 [ 148.062915] RAX: 0000000000000000 RBX: ffff88801593c0a8 RCX: 0000000000000000 [ 148.063693] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 148.064452] RBP: ffff88801085fbe8 R08: ffffed1002b27833 R09: ffffed1002b27833 [ 148.065407] R10: ffff88801593c193 R11: ffffed1002b27832 R12: ffff88801226f000 [ 148.066160] R13: ffff88801593c1e8 R14: ffff888010939300 R15: 0000000000000000 [ 148.066934] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.067932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.068664] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.069416] PKRU: 55555554 [ 148.069725] Call Trace: [ 148.069996] [ 148.070234] iommufd_access_destroy_object+0x65/0x170 [ 148.071031] iommufd_object_destroy_user+0x18e/0x220 [ 148.071609] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.072219] iommufd_access_destroy+0x43/0x70 [ 148.072720] iommufd_test_staccess_release+0x8d/0xd0 [ 148.073317] __fput+0x26d/0xa40 [ 148.073860] ____fput+0x1e/0x30 [ 148.074227] task_work_run+0x1a4/0x2d0 [ 148.074690] ? __pfx_task_work_run+0x10/0x10 [ 148.075171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.075694] ? switch_task_namespaces+0xa9/0xe0 [ 148.076257] do_exit+0xb17/0x2ef0 [ 148.076784] ? lock_acquire+0x427/0x4c0 [ 148.077207] ? __pfx_lock_release+0x10/0x10 [ 148.077669] ? __kasan_check_write+0x18/0x20 [ 148.078139] ? do_raw_spin_lock+0x132/0x2a0 [ 148.078701] ? __pfx_do_exit+0x10/0x10 [ 148.079274] ? debug_smp_processor_id+0x20/0x30 [ 148.079761] ? rcu_is_watching+0x19/0xb0 [ 148.080189] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.080662] ? trace_hardirqs_on+0x26/0x120 [ 148.081126] do_group_exit+0xe0/0x2b0 [ 148.081644] __x64_sys_exit_group+0x47/0x50 [ 148.082196] do_syscall_64+0x3b/0x90 [ 148.082633] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.083209] RIP: 0033:0x7f4b87518a4d [ 148.083598] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.084271] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.085249] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.085987] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.086829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.087713] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.088463] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.089211] [ 148.089506] irq event stamp: 0 [ 148.090004] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.090702] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.091610] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.092658] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.093334] ---[ end trace 0000000000000000 ]--- [ 148.094262] ------------[ cut here ]------------ [ 148.095296] WARNING: CPU: 1 PID: 1386 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.096379] Modules linked in: [ 148.096729] CPU: 1 PID: 1386 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.097891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.099262] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.099949] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.102058] RSP: 0018:ffff88801085fb78 EFLAGS: 00010246 [ 148.102669] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.103430] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 148.104360] RBP: ffff88801085fb98 R08: ffffed1002b2783e R09: ffffed1002b2783e [ 148.105099] R10: ffff88801593c1ef R11: ffffed1002b2783d R12: ffff88801593c290 [ 148.105835] R13: ffff88801593c0a8 R14: ffffffffffffffff R15: ffff88801085fc60 [ 148.106810] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.107672] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.108283] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.109204] PKRU: 55555554 [ 148.109526] Call Trace: [ 148.109797] [ 148.110032] iommufd_ioas_destroy+0x53/0x70 [ 148.110489] iommufd_fops_release+0x1f7/0x370 [ 148.110994] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.111603] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.112210] ? write_comp_data+0x2f/0x90 [ 148.112653] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.113171] __fput+0x26d/0xa40 [ 148.113542] ____fput+0x1e/0x30 [ 148.113968] task_work_run+0x1a4/0x2d0 [ 148.114455] ? __pfx_task_work_run+0x10/0x10 [ 148.114963] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.115488] ? switch_task_namespaces+0xa9/0xe0 [ 148.116003] do_exit+0xb17/0x2ef0 [ 148.116371] ? lock_acquire+0x427/0x4c0 [ 148.116975] ? __pfx_lock_release+0x10/0x10 [ 148.117437] ? __kasan_check_write+0x18/0x20 [ 148.117895] ? do_raw_spin_lock+0x132/0x2a0 [ 148.118342] ? __pfx_do_exit+0x10/0x10 [ 148.118788] ? debug_smp_processor_id+0x20/0x30 [ 148.119290] ? rcu_is_watching+0x19/0xb0 [ 148.119891] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.120383] ? trace_hardirqs_on+0x26/0x120 [ 148.120837] do_group_exit+0xe0/0x2b0 [ 148.121240] __x64_sys_exit_group+0x47/0x50 [ 148.121721] do_syscall_64+0x3b/0x90 [ 148.122262] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.122842] RIP: 0033:0x7f4b87518a4d [ 148.123254] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.123893] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.124859] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.125608] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.126356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.127134] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.127877] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.128618] [ 148.128859] irq event stamp: 0 [ 148.129182] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.129839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.130726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.131612] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.132257] ---[ end trace 0000000000000000 ]--- [ 148.137411] ------------[ cut here ]------------ [ 148.137962] WARNING: CPU: 1 PID: 1387 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.139065] Modules linked in: [ 148.139419] CPU: 1 PID: 1387 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.140318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.141462] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.141982] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.143886] RSP: 0018:ffff8880142e7bb8 EFLAGS: 00010246 [ 148.144440] RAX: 0000000000000000 RBX: ffff88800ed920a8 RCX: 0000000000000000 [ 148.145158] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 148.145893] RBP: ffff8880142e7bd0 R08: ffffed1001db2433 R09: ffffed1001db2433 [ 148.146639] R10: ffff88800ed92193 R11: ffffed1001db2432 R12: ffff888020d1ac00 [ 148.147374] R13: ffff88800ed921e8 R14: ffffffff8352e670 R15: ffff8880142e7e68 [ 148.148114] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.148951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.149539] CR2: 0000000020000140 CR3: 0000000018302000 CR4: 0000000000750ee0 [ 148.150261] PKRU: 55555554 [ 148.150569] Call Trace: [ 148.150845] [ 148.151077] __iommufd_access_detach+0x1c2/0x2b0 [ 148.151605] iommufd_access_change_pt+0x149/0x270 [ 148.152101] iommufd_access_replace+0xb4/0x120 [ 148.152593] iommufd_test+0x3e5/0x37e0 [ 148.152985] ? lock_release+0x532/0x770 [ 148.153411] ? __might_fault+0x102/0x1b0 [ 148.153813] ? lock_acquire+0x427/0x4c0 [ 148.154196] ? __pfx_iommufd_test+0x10/0x10 [ 148.154629] ? __pfx_lock_release+0x10/0x10 [ 148.155046] ? __pfx_lock_acquire+0x10/0x10 [ 148.155471] ? write_comp_data+0x2f/0x90 [ 148.155871] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.156324] ? write_comp_data+0x2f/0x90 [ 148.156716] iommufd_fops_ioctl+0x37d/0x510 [ 148.157136] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.157600] ? write_comp_data+0x2f/0x90 [ 148.157990] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.158450] __x64_sys_ioctl+0x1a3/0x230 [ 148.158857] do_syscall_64+0x3b/0x90 [ 148.159231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.159713] RIP: 0033:0x7f4b8743ee5d [ 148.160069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.161761] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.162463] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.163157] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.163836] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.164511] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.165380] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.166047] [ 148.166260] irq event stamp: 0 [ 148.166574] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.167154] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.168053] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.168804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.169381] ---[ end trace 0000000000000000 ]--- [ 148.172559] ------------[ cut here ]------------ [ 148.173032] WARNING: CPU: 1 PID: 1387 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.174055] Modules linked in: [ 148.174411] CPU: 1 PID: 1387 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.175273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.176328] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.176882] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.178670] RSP: 0018:ffff8880142e7bd0 EFLAGS: 00010246 [ 148.179222] RAX: 0000000000000000 RBX: ffff88800ed920a8 RCX: 0000000000000000 [ 148.179878] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 148.180526] RBP: ffff8880142e7be8 R08: ffffed1001db2433 R09: ffffed1001db2433 [ 148.181325] R10: ffff88800ed92193 R11: ffffed1001db2432 R12: ffff888012b44400 [ 148.181980] R13: ffff88800ed921e8 R14: ffff88802087fa00 R15: 0000000000000000 [ 148.182652] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.183412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.183936] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.184579] PKRU: 55555554 [ 148.184837] Call Trace: [ 148.185070] [ 148.185276] iommufd_access_destroy_object+0x65/0x170 [ 148.185758] iommufd_object_destroy_user+0x18e/0x220 [ 148.186232] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.186796] iommufd_access_destroy+0x43/0x70 [ 148.187228] iommufd_test_staccess_release+0x8d/0xd0 [ 148.187697] __fput+0x26d/0xa40 [ 148.188011] ____fput+0x1e/0x30 [ 148.188339] task_work_run+0x1a4/0x2d0 [ 148.188702] ? __pfx_task_work_run+0x10/0x10 [ 148.189116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.189569] ? switch_task_namespaces+0xa9/0xe0 [ 148.190000] do_exit+0xb17/0x2ef0 [ 148.190315] ? lock_acquire+0x427/0x4c0 [ 148.190718] ? __pfx_lock_release+0x10/0x10 [ 148.191139] ? __kasan_check_write+0x18/0x20 [ 148.191549] ? do_raw_spin_lock+0x132/0x2a0 [ 148.191942] ? __pfx_do_exit+0x10/0x10 [ 148.192306] ? debug_smp_processor_id+0x20/0x30 [ 148.192737] ? rcu_is_watching+0x19/0xb0 [ 148.193113] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.193535] ? trace_hardirqs_on+0x26/0x120 [ 148.193937] do_group_exit+0xe0/0x2b0 [ 148.194291] __x64_sys_exit_group+0x47/0x50 [ 148.194708] do_syscall_64+0x3b/0x90 [ 148.195060] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.195551] RIP: 0033:0x7f4b87518a4d [ 148.195890] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.196454] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.197147] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.197792] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.198414] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.199043] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.199670] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.200291] [ 148.200490] irq event stamp: 0 [ 148.200757] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.201289] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.202002] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.202739] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.203295] ---[ end trace 0000000000000000 ]--- [ 148.204051] ------------[ cut here ]------------ [ 148.204453] WARNING: CPU: 1 PID: 1387 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.205321] Modules linked in: [ 148.205603] CPU: 1 PID: 1387 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.206353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.207366] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.207818] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.209375] RSP: 0018:ffff8880142e7b78 EFLAGS: 00010246 [ 148.209836] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.210447] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 148.211079] RBP: ffff8880142e7b98 R08: ffffed1001db243e R09: ffffed1001db243e [ 148.211702] R10: ffff88800ed921ef R11: ffffed1001db243d R12: ffff88800ed92290 [ 148.212319] R13: ffff88800ed920a8 R14: ffffffffffffffff R15: ffff8880142e7c60 [ 148.212923] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.213606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.214096] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.214720] PKRU: 55555554 [ 148.214966] Call Trace: [ 148.215202] [ 148.215394] iommufd_ioas_destroy+0x53/0x70 [ 148.215772] iommufd_fops_release+0x1f7/0x370 [ 148.216156] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.216584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.217013] ? write_comp_data+0x2f/0x90 [ 148.217374] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.217798] __fput+0x26d/0xa40 [ 148.218091] ____fput+0x1e/0x30 [ 148.218379] task_work_run+0x1a4/0x2d0 [ 148.218746] ? __pfx_task_work_run+0x10/0x10 [ 148.219148] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.219575] ? switch_task_namespaces+0xa9/0xe0 [ 148.219986] do_exit+0xb17/0x2ef0 [ 148.220281] ? lock_acquire+0x427/0x4c0 [ 148.220631] ? __pfx_lock_release+0x10/0x10 [ 148.221020] ? __kasan_check_write+0x18/0x20 [ 148.221408] ? do_raw_spin_lock+0x132/0x2a0 [ 148.221786] ? __pfx_do_exit+0x10/0x10 [ 148.222130] ? debug_smp_processor_id+0x20/0x30 [ 148.222557] ? rcu_is_watching+0x19/0xb0 [ 148.222909] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.223305] ? trace_hardirqs_on+0x26/0x120 [ 148.223679] do_group_exit+0xe0/0x2b0 [ 148.224009] __x64_sys_exit_group+0x47/0x50 [ 148.224377] do_syscall_64+0x3b/0x90 [ 148.224708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.225165] RIP: 0033:0x7f4b87518a4d [ 148.225485] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.226002] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.226670] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.227291] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.227888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.228488] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.229087] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.229699] [ 148.229902] irq event stamp: 0 [ 148.230176] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.230738] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.231467] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.232164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.232690] ---[ end trace 0000000000000000 ]--- [ 148.237180] ------------[ cut here ]------------ [ 148.237623] WARNING: CPU: 0 PID: 1388 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.238459] Modules linked in: [ 148.238898] CPU: 0 PID: 1388 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.239631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.240551] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.240959] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.242447] RSP: 0018:ffff888011d77bb8 EFLAGS: 00010246 [ 148.242906] RAX: 0000000000000000 RBX: ffff88800f3748a8 RCX: 0000000000000000 [ 148.243498] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 148.244081] RBP: ffff888011d77bd0 R08: ffffed1001e6e933 R09: ffffed1001e6e933 [ 148.244664] R10: ffff88800f374993 R11: ffffed1001e6e932 R12: ffff888012e92000 [ 148.245251] R13: ffff88800f3749e8 R14: ffffffff8352e670 R15: ffff888011d77e68 [ 148.245839] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 148.246524] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.247018] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ef0 [ 148.247615] PKRU: 55555554 [ 148.247847] Call Trace: [ 148.248059] [ 148.248247] __iommufd_access_detach+0x1c2/0x2b0 [ 148.248653] iommufd_access_change_pt+0x149/0x270 [ 148.249060] iommufd_access_replace+0xb4/0x120 [ 148.249450] iommufd_test+0x3e5/0x37e0 [ 148.249773] ? lock_release+0x532/0x770 [ 148.250110] ? __might_fault+0x102/0x1b0 [ 148.250452] ? lock_acquire+0x427/0x4c0 [ 148.250811] ? __pfx_iommufd_test+0x10/0x10 [ 148.251181] ? __pfx_lock_release+0x10/0x10 [ 148.251549] ? __pfx_lock_acquire+0x10/0x10 [ 148.251918] ? write_comp_data+0x2f/0x90 [ 148.252265] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.252679] ? write_comp_data+0x2f/0x90 [ 148.253032] iommufd_fops_ioctl+0x37d/0x510 [ 148.253396] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.253804] ? write_comp_data+0x2f/0x90 [ 148.254152] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.254575] __x64_sys_ioctl+0x1a3/0x230 [ 148.254927] do_syscall_64+0x3b/0x90 [ 148.255253] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.255688] RIP: 0033:0x7f4b8743ee5d [ 148.255997] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.257498] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.258127] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.258750] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.259358] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.259948] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.260536] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.261131] [ 148.261328] irq event stamp: 0 [ 148.261589] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.262109] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.262815] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.263511] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.264030] ---[ end trace 0000000000000000 ]--- [ 148.266886] ------------[ cut here ]------------ [ 148.267313] WARNING: CPU: 0 PID: 1388 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.268139] Modules linked in: [ 148.268404] CPU: 0 PID: 1388 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.269115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.270025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.270433] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.271978] RSP: 0018:ffff888011d77bd0 EFLAGS: 00010246 [ 148.272419] RAX: 0000000000000000 RBX: ffff88800f3748a8 RCX: 0000000000000000 [ 148.273008] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 148.273598] RBP: ffff888011d77be8 R08: ffffed1001e6e933 R09: ffffed1001e6e933 [ 148.274183] R10: ffff88800f374993 R11: ffffed1001e6e932 R12: ffff888014761c00 [ 148.274780] R13: ffff88800f3749e8 R14: ffff8880143ce900 R15: 0000000000000000 [ 148.275370] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 148.276022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.276495] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 148.277076] PKRU: 55555554 [ 148.277307] Call Trace: [ 148.277519] [ 148.277703] iommufd_access_destroy_object+0x65/0x170 [ 148.278134] iommufd_object_destroy_user+0x18e/0x220 [ 148.278579] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.279063] iommufd_access_destroy+0x43/0x70 [ 148.279450] iommufd_test_staccess_release+0x8d/0xd0 [ 148.279875] __fput+0x26d/0xa40 [ 148.280160] ____fput+0x1e/0x30 [ 148.280444] task_work_run+0x1a4/0x2d0 [ 148.280773] ? __pfx_task_work_run+0x10/0x10 [ 148.281143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.281548] ? switch_task_namespaces+0xa9/0xe0 [ 148.281941] do_exit+0xb17/0x2ef0 [ 148.282227] ? lock_acquire+0x427/0x4c0 [ 148.282582] ? __pfx_lock_release+0x10/0x10 [ 148.282944] ? __kasan_check_write+0x18/0x20 [ 148.283322] ? do_raw_spin_lock+0x132/0x2a0 [ 148.283679] ? __pfx_do_exit+0x10/0x10 [ 148.284008] ? debug_smp_processor_id+0x20/0x30 [ 148.284395] ? rcu_is_watching+0x19/0xb0 [ 148.284732] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.285109] ? trace_hardirqs_on+0x26/0x120 [ 148.285473] do_group_exit+0xe0/0x2b0 [ 148.285789] __x64_sys_exit_group+0x47/0x50 [ 148.286143] do_syscall_64+0x3b/0x90 [ 148.286458] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.286915] RIP: 0033:0x7f4b87518a4d [ 148.287232] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.287727] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.288330] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.288891] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.289457] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.290016] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.290593] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.291171] [ 148.291357] irq event stamp: 0 [ 148.291610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.292108] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.292771] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.293433] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.293928] ---[ end trace 0000000000000000 ]--- [ 148.294670] ------------[ cut here ]------------ [ 148.295053] WARNING: CPU: 0 PID: 1388 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.295878] Modules linked in: [ 148.296138] CPU: 0 PID: 1388 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.296834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.297726] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.298138] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.299648] RSP: 0018:ffff888011d77b78 EFLAGS: 00010246 [ 148.300076] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.300637] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 148.301215] RBP: ffff888011d77b98 R08: ffffed1001e6e93e R09: ffffed1001e6e93e [ 148.301767] R10: ffff88800f3749ef R11: ffffed1001e6e93d R12: ffff88800f374a90 [ 148.302332] R13: ffff88800f3748a8 R14: ffffffffffffffff R15: ffff888011d77c60 [ 148.302927] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 148.303563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.304014] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 148.304564] PKRU: 55555554 [ 148.304786] Call Trace: [ 148.304986] [ 148.305164] iommufd_ioas_destroy+0x53/0x70 [ 148.305507] iommufd_fops_release+0x1f7/0x370 [ 148.305865] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.306256] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.306660] ? write_comp_data+0x2f/0x90 [ 148.306989] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.307386] __fput+0x26d/0xa40 [ 148.307657] ____fput+0x1e/0x30 [ 148.307924] task_work_run+0x1a4/0x2d0 [ 148.308247] ? __pfx_task_work_run+0x10/0x10 [ 148.308600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.308987] ? switch_task_namespaces+0xa9/0xe0 [ 148.309364] do_exit+0xb17/0x2ef0 [ 148.309637] ? lock_acquire+0x427/0x4c0 [ 148.309959] ? __pfx_lock_release+0x10/0x10 [ 148.310302] ? __kasan_check_write+0x18/0x20 [ 148.310672] ? do_raw_spin_lock+0x132/0x2a0 [ 148.311016] ? __pfx_do_exit+0x10/0x10 [ 148.311351] ? debug_smp_processor_id+0x20/0x30 [ 148.311724] ? rcu_is_watching+0x19/0xb0 [ 148.312046] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.312405] ? trace_hardirqs_on+0x26/0x120 [ 148.312748] do_group_exit+0xe0/0x2b0 [ 148.313047] __x64_sys_exit_group+0x47/0x50 [ 148.313385] do_syscall_64+0x3b/0x90 [ 148.313688] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.314100] RIP: 0033:0x7f4b87518a4d [ 148.314397] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.314902] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.315510] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.316072] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.316622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.317177] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.317727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.318288] [ 148.318474] irq event stamp: 0 [ 148.318746] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.319253] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.319915] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.320567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.321058] ---[ end trace 0000000000000000 ]--- [ 148.325657] ------------[ cut here ]------------ [ 148.326054] WARNING: CPU: 0 PID: 1389 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.327084] Modules linked in: [ 148.327352] CPU: 0 PID: 1389 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.328028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.328900] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.329291] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.330721] RSP: 0018:ffff8880142e7bb8 EFLAGS: 00010246 [ 148.331144] RAX: 0000000000000000 RBX: ffff888021b1a8a8 RCX: 0000000000000000 [ 148.331693] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 148.332240] RBP: ffff8880142e7bd0 R08: ffffed1004363533 R09: ffffed1004363533 [ 148.332791] R10: ffff888021b1a993 R11: ffffed1004363532 R12: ffff888014739c00 [ 148.333340] R13: ffff888021b1a9e8 R14: ffffffff8352e670 R15: ffff8880142e7e68 [ 148.333891] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 148.334536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.334992] CR2: 0000000020000140 CR3: 0000000018302000 CR4: 0000000000750ef0 [ 148.335553] PKRU: 55555554 [ 148.335775] Call Trace: [ 148.335975] [ 148.336154] __iommufd_access_detach+0x1c2/0x2b0 [ 148.336542] iommufd_access_change_pt+0x149/0x270 [ 148.336928] iommufd_access_replace+0xb4/0x120 [ 148.337297] iommufd_test+0x3e5/0x37e0 [ 148.337608] ? lock_release+0x532/0x770 [ 148.337930] ? __might_fault+0x102/0x1b0 [ 148.338258] ? lock_acquire+0x427/0x4c0 [ 148.338605] ? __pfx_iommufd_test+0x10/0x10 [ 148.338946] ? __pfx_lock_release+0x10/0x10 [ 148.339304] ? __pfx_lock_acquire+0x10/0x10 [ 148.339655] ? write_comp_data+0x2f/0x90 [ 148.339987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.340376] ? write_comp_data+0x2f/0x90 [ 148.340704] iommufd_fops_ioctl+0x37d/0x510 [ 148.341051] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.341437] ? write_comp_data+0x2f/0x90 [ 148.341769] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.342152] __x64_sys_ioctl+0x1a3/0x230 [ 148.342484] do_syscall_64+0x3b/0x90 [ 148.342819] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.343239] RIP: 0033:0x7f4b8743ee5d [ 148.343536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.344947] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.345544] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.346102] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.346679] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.347248] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.347804] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.348374] [ 148.348558] irq event stamp: 0 [ 148.348808] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.349297] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.349946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.350624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.351120] ---[ end trace 0000000000000000 ]--- [ 148.353949] ------------[ cut here ]------------ [ 148.354372] WARNING: CPU: 1 PID: 1389 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.355377] Modules linked in: [ 148.355627] CPU: 1 PID: 1389 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.356309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.357182] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.357566] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.358993] RSP: 0018:ffff8880142e7bd0 EFLAGS: 00010246 [ 148.359429] RAX: 0000000000000000 RBX: ffff888021b1a8a8 RCX: 0000000000000000 [ 148.359979] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 148.360537] RBP: ffff8880142e7be8 R08: ffffed1004363533 R09: ffffed1004363533 [ 148.361086] R10: ffff888021b1a993 R11: ffffed1004363532 R12: ffff888012e91c00 [ 148.361642] R13: ffff888021b1a9e8 R14: ffff888012de2f00 R15: 0000000000000000 [ 148.362193] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.362840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.363293] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.363852] PKRU: 55555554 [ 148.364072] Call Trace: [ 148.364272] [ 148.364448] iommufd_access_destroy_object+0x65/0x170 [ 148.364878] iommufd_object_destroy_user+0x18e/0x220 [ 148.365276] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.365739] iommufd_access_destroy+0x43/0x70 [ 148.366094] iommufd_test_staccess_release+0x8d/0xd0 [ 148.366495] __fput+0x26d/0xa40 [ 148.366803] ____fput+0x1e/0x30 [ 148.367072] task_work_run+0x1a4/0x2d0 [ 148.367401] ? __pfx_task_work_run+0x10/0x10 [ 148.367746] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.368139] ? switch_task_namespaces+0xa9/0xe0 [ 148.368513] do_exit+0xb17/0x2ef0 [ 148.368780] ? lock_acquire+0x427/0x4c0 [ 148.369106] ? __pfx_lock_release+0x10/0x10 [ 148.369447] ? __kasan_check_write+0x18/0x20 [ 148.369789] ? do_raw_spin_lock+0x132/0x2a0 [ 148.370133] ? __pfx_do_exit+0x10/0x10 [ 148.370443] ? debug_smp_processor_id+0x20/0x30 [ 148.370819] ? rcu_is_watching+0x19/0xb0 [ 148.371154] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.371509] ? trace_hardirqs_on+0x26/0x120 [ 148.371851] do_group_exit+0xe0/0x2b0 [ 148.372165] __x64_sys_exit_group+0x47/0x50 [ 148.372501] do_syscall_64+0x3b/0x90 [ 148.372800] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.373211] RIP: 0033:0x7f4b87518a4d [ 148.373510] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.373981] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.374609] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.375172] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.375733] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.376277] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.376838] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.377389] [ 148.377582] irq event stamp: 0 [ 148.377827] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.378312] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.378986] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.379642] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.380140] ---[ end trace 0000000000000000 ]--- [ 148.380865] ------------[ cut here ]------------ [ 148.381238] WARNING: CPU: 1 PID: 1389 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.382031] Modules linked in: [ 148.382279] CPU: 1 PID: 1389 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.382971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.383869] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.384275] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.385696] RSP: 0018:ffff8880142e7b78 EFLAGS: 00010246 [ 148.386115] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.386691] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 148.387250] RBP: ffff8880142e7b98 R08: ffffed100436353e R09: ffffed100436353e [ 148.387803] R10: ffff888021b1a9ef R11: ffffed100436353d R12: ffff888021b1aa90 [ 148.388365] R13: ffff888021b1a8a8 R14: ffffffffffffffff R15: ffff8880142e7c60 [ 148.388929] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.389568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.390012] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.390596] PKRU: 55555554 [ 148.390818] Call Trace: [ 148.391017] [ 148.391213] iommufd_ioas_destroy+0x53/0x70 [ 148.391546] iommufd_fops_release+0x1f7/0x370 [ 148.391901] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.392292] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.392674] ? write_comp_data+0x2f/0x90 [ 148.392996] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.393382] __fput+0x26d/0xa40 [ 148.393645] ____fput+0x1e/0x30 [ 148.393912] task_work_run+0x1a4/0x2d0 [ 148.394214] ? __pfx_task_work_run+0x10/0x10 [ 148.394584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.394977] ? switch_task_namespaces+0xa9/0xe0 [ 148.395349] do_exit+0xb17/0x2ef0 [ 148.395623] ? lock_acquire+0x427/0x4c0 [ 148.395939] ? __pfx_lock_release+0x10/0x10 [ 148.396271] ? __kasan_check_write+0x18/0x20 [ 148.396615] ? do_raw_spin_lock+0x132/0x2a0 [ 148.396949] ? __pfx_do_exit+0x10/0x10 [ 148.397262] ? debug_smp_processor_id+0x20/0x30 [ 148.397631] ? rcu_is_watching+0x19/0xb0 [ 148.397943] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.398298] ? trace_hardirqs_on+0x26/0x120 [ 148.398647] do_group_exit+0xe0/0x2b0 [ 148.398950] __x64_sys_exit_group+0x47/0x50 [ 148.399291] do_syscall_64+0x3b/0x90 [ 148.399583] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.399990] RIP: 0033:0x7f4b87518a4d [ 148.400283] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.400746] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.401339] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.401875] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.402425] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.402984] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.403554] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.404103] [ 148.404279] irq event stamp: 0 [ 148.404527] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.405000] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.405645] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.406277] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.406775] ---[ end trace 0000000000000000 ]--- [ 148.413043] ------------[ cut here ]------------ [ 148.413611] WARNING: CPU: 1 PID: 1390 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.414791] Modules linked in: [ 148.415195] CPU: 1 PID: 1390 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.415900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.416758] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.417138] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.418551] RSP: 0018:ffff888011d77bb8 EFLAGS: 00010246 [ 148.418959] RAX: 0000000000000000 RBX: ffff8880181d28a8 RCX: 0000000000000000 [ 148.419519] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 148.420063] RBP: ffff888011d77bd0 R08: ffffed100303a533 R09: ffffed100303a533 [ 148.420607] R10: ffff8880181d2993 R11: ffffed100303a532 R12: ffff888021901c00 [ 148.421154] R13: ffff8880181d29e8 R14: ffffffff8352e670 R15: ffff888011d77e68 [ 148.422147] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.422795] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.423255] CR2: 0000000020000140 CR3: 0000000021922000 CR4: 0000000000750ee0 [ 148.423794] PKRU: 55555554 [ 148.424009] Call Trace: [ 148.424203] [ 148.424376] __iommufd_access_detach+0x1c2/0x2b0 [ 148.424750] iommufd_access_change_pt+0x149/0x270 [ 148.425166] iommufd_access_replace+0xb4/0x120 [ 148.425593] iommufd_test+0x3e5/0x37e0 [ 148.425891] ? lock_release+0x532/0x770 [ 148.426203] ? __might_fault+0x102/0x1b0 [ 148.426545] ? lock_acquire+0x427/0x4c0 [ 148.426861] ? __pfx_iommufd_test+0x10/0x10 [ 148.427196] ? __pfx_lock_release+0x10/0x10 [ 148.427534] ? __pfx_lock_acquire+0x10/0x10 [ 148.427877] ? write_comp_data+0x2f/0x90 [ 148.428202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.428584] ? write_comp_data+0x2f/0x90 [ 148.428908] iommufd_fops_ioctl+0x37d/0x510 [ 148.429324] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.429730] ? write_comp_data+0x2f/0x90 [ 148.430052] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.430428] __x64_sys_ioctl+0x1a3/0x230 [ 148.430775] do_syscall_64+0x3b/0x90 [ 148.431072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.431484] RIP: 0033:0x7f4b8743ee5d [ 148.431775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.433257] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.433850] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.434390] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.434963] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.435516] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.436055] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.436694] [ 148.436884] irq event stamp: 0 [ 148.437125] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.437606] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.438240] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.438896] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.439384] ---[ end trace 0000000000000000 ]--- [ 148.442066] ------------[ cut here ]------------ [ 148.442447] WARNING: CPU: 1 PID: 1390 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.443371] Modules linked in: [ 148.443594] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 148.443619] CPU: 1 PID: 1390 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.445902] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 148.446525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.446535] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.449349] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.450780] RSP: 0018:ffff888011d77bd0 EFLAGS: 00010246 [ 148.451203] RAX: 0000000000000000 RBX: ffff8880181d28a8 RCX: 0000000000000000 [ 148.451757] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 148.452308] RBP: ffff888011d77be8 R08: ffffed100303a533 R09: ffffed100303a533 [ 148.452865] R10: ffff8880181d2993 R11: ffffed100303a532 R12: ffff888020d1a000 [ 148.453555] R13: ffff8880181d29e8 R14: ffff8880143f8100 R15: 0000000000000000 [ 148.454112] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.454753] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.455217] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.455776] PKRU: 55555554 [ 148.456000] Call Trace: [ 148.456202] [ 148.456381] iommufd_access_destroy_object+0x65/0x170 [ 148.456791] iommufd_object_destroy_user+0x18e/0x220 [ 148.457192] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.457652] iommufd_access_destroy+0x43/0x70 [ 148.458019] iommufd_test_staccess_release+0x8d/0xd0 [ 148.458429] __fput+0x26d/0xa40 [ 148.458721] ____fput+0x1e/0x30 [ 148.458994] task_work_run+0x1a4/0x2d0 [ 148.459326] ? __pfx_task_work_run+0x10/0x10 [ 148.459683] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.460072] ? switch_task_namespaces+0xa9/0xe0 [ 148.460448] do_exit+0xb17/0x2ef0 [ 148.460726] ? lock_acquire+0x427/0x4c0 [ 148.461051] ? __pfx_lock_release+0x10/0x10 [ 148.461516] ? __kasan_check_write+0x18/0x20 [ 148.461875] ? do_raw_spin_lock+0x132/0x2a0 [ 148.462222] ? __pfx_do_exit+0x10/0x10 [ 148.462557] ? debug_smp_processor_id+0x20/0x30 [ 148.462931] ? rcu_is_watching+0x19/0xb0 [ 148.463264] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.463626] ? trace_hardirqs_on+0x26/0x120 [ 148.463981] do_group_exit+0xe0/0x2b0 [ 148.464288] __x64_sys_exit_group+0x47/0x50 [ 148.464627] do_syscall_64+0x3b/0x90 [ 148.464929] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.465349] RIP: 0033:0x7f4b87518a4d [ 148.465640] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.466121] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.466774] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.467411] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.467967] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.468523] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.469078] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.469653] [ 148.469844] irq event stamp: 0 [ 148.470095] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.470624] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.471317] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.471998] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.472518] ---[ end trace 0000000000000000 ]--- [ 148.479148] ------------[ cut here ]------------ [ 148.479575] WARNING: CPU: 1 PID: 1390 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.480469] Modules linked in: [ 148.480768] CPU: 1 PID: 1390 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.481468] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.482373] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.482825] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.484298] RSP: 0018:ffff888011d77b78 EFLAGS: 00010246 [ 148.484727] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.485546] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 148.486146] RBP: ffff888011d77b98 R08: ffffed100303a53e R09: ffffed100303a53e [ 148.486768] R10: ffff8880181d29ef R11: ffffed100303a53d R12: ffff8880181d2a90 [ 148.487361] R13: ffff8880181d28a8 R14: ffffffffffffffff R15: ffff888011d77c60 [ 148.487950] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.488614] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.489249] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 148.489845] PKRU: 55555554 [ 148.490083] Call Trace: [ 148.490296] [ 148.490489] iommufd_ioas_destroy+0x53/0x70 [ 148.490885] iommufd_fops_release+0x1f7/0x370 [ 148.491271] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.491696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.492110] ? write_comp_data+0x2f/0x90 [ 148.492463] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.493024] __fput+0x26d/0xa40 [ 148.493317] ____fput+0x1e/0x30 [ 148.493603] task_work_run+0x1a4/0x2d0 [ 148.493941] ? __pfx_task_work_run+0x10/0x10 [ 148.494316] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.494776] ? switch_task_namespaces+0xa9/0xe0 [ 148.495191] do_exit+0xb17/0x2ef0 [ 148.495480] ? lock_acquire+0x427/0x4c0 [ 148.495819] ? __pfx_lock_release+0x10/0x10 [ 148.496186] ? __kasan_check_write+0x18/0x20 [ 148.496589] ? do_raw_spin_lock+0x132/0x2a0 [ 148.497062] ? __pfx_do_exit+0x10/0x10 [ 148.497404] ? debug_smp_processor_id+0x20/0x30 [ 148.497797] ? rcu_is_watching+0x19/0xb0 [ 148.498139] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.498548] ? trace_hardirqs_on+0x26/0x120 [ 148.498918] do_group_exit+0xe0/0x2b0 [ 148.499244] __x64_sys_exit_group+0x47/0x50 [ 148.499611] do_syscall_64+0x3b/0x90 [ 148.499935] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.500403] RIP: 0033:0x7f4b87518a4d [ 148.500812] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.501323] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.501955] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.502567] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.503173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.503770] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.504486] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.505097] [ 148.505293] irq event stamp: 0 [ 148.505557] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.506092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.506808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.507508] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.508033] ---[ end trace 0000000000000000 ]--- [ 148.517106] ------------[ cut here ]------------ [ 148.517540] WARNING: CPU: 1 PID: 1392 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.518383] Modules linked in: [ 148.518692] CPU: 1 PID: 1392 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.519419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.520329] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.520738] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.522216] RSP: 0018:ffff888020bb7bb8 EFLAGS: 00010246 [ 148.522723] RAX: 0000000000000000 RBX: ffff88800cb918a8 RCX: 0000000000000000 [ 148.523313] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 148.523899] RBP: ffff888020bb7bd0 R08: ffffed1001972333 R09: ffffed1001972333 [ 148.524483] R10: ffff88800cb91993 R11: ffffed1001972332 R12: ffff888010c09000 [ 148.525066] R13: ffff88800cb919e8 R14: ffffffff8352e670 R15: ffff888020bb7e68 [ 148.525650] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.526313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.526819] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 148.527419] PKRU: 55555554 [ 148.527655] Call Trace: [ 148.527868] [ 148.528053] __iommufd_access_detach+0x1c2/0x2b0 [ 148.528458] iommufd_access_change_pt+0x149/0x270 [ 148.528864] iommufd_access_replace+0xb4/0x120 [ 148.529247] iommufd_test+0x3e5/0x37e0 [ 148.529568] ? lock_release+0x532/0x770 [ 148.529906] ? __might_fault+0x102/0x1b0 [ 148.530258] ? lock_acquire+0x427/0x4c0 [ 148.530622] ? __pfx_iommufd_test+0x10/0x10 [ 148.530976] ? __pfx_lock_release+0x10/0x10 [ 148.531352] ? __pfx_lock_acquire+0x10/0x10 [ 148.531723] ? write_comp_data+0x2f/0x90 [ 148.532067] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.532472] ? write_comp_data+0x2f/0x90 [ 148.532824] iommufd_fops_ioctl+0x37d/0x510 [ 148.533188] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.533604] ? write_comp_data+0x2f/0x90 [ 148.533953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.534360] __x64_sys_ioctl+0x1a3/0x230 [ 148.534739] do_syscall_64+0x3b/0x90 [ 148.535062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.535505] RIP: 0033:0x7f4b8743ee5d [ 148.535815] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.537312] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.537936] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.538544] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.539135] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.539728] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.540313] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.540901] [ 148.541095] irq event stamp: 0 [ 148.541355] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.541886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.542789] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.543488] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.544007] ---[ end trace 0000000000000000 ]--- [ 148.546899] ------------[ cut here ]------------ [ 148.547344] WARNING: CPU: 1 PID: 1392 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.548203] Modules linked in: [ 148.548571] CPU: 1 PID: 1392 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.549414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.550372] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.551015] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.552599] RSP: 0018:ffff888020bb7bd0 EFLAGS: 00010246 [ 148.553151] RAX: 0000000000000000 RBX: ffff88800cb918a8 RCX: 0000000000000000 [ 148.553879] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 148.554495] RBP: ffff888020bb7be8 R08: ffffed1001972333 R09: ffffed1001972333 [ 148.555161] R10: ffff88800cb91993 R11: ffffed1001972332 R12: ffff888021900c00 [ 148.555960] R13: ffff88800cb919e8 R14: ffff888020a3f100 R15: 0000000000000000 [ 148.556583] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.557312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.557959] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.558598] PKRU: 55555554 [ 148.558846] Call Trace: [ 148.559067] [ 148.559271] iommufd_access_destroy_object+0x65/0x170 [ 148.559805] iommufd_object_destroy_user+0x18e/0x220 [ 148.560351] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.560875] iommufd_access_destroy+0x43/0x70 [ 148.561285] iommufd_test_staccess_release+0x8d/0xd0 [ 148.561801] __fput+0x26d/0xa40 [ 148.562196] ____fput+0x1e/0x30 [ 148.562500] task_work_run+0x1a4/0x2d0 [ 148.562878] ? __pfx_task_work_run+0x10/0x10 [ 148.563278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.563712] ? switch_task_namespaces+0xa9/0xe0 [ 148.564133] do_exit+0xb17/0x2ef0 [ 148.564557] ? lock_acquire+0x427/0x4c0 [ 148.564916] ? __pfx_lock_release+0x10/0x10 [ 148.565302] ? __kasan_check_write+0x18/0x20 [ 148.565696] ? do_raw_spin_lock+0x132/0x2a0 [ 148.566089] ? __pfx_do_exit+0x10/0x10 [ 148.566547] ? debug_smp_processor_id+0x20/0x30 [ 148.567029] ? rcu_is_watching+0x19/0xb0 [ 148.567398] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.567803] ? trace_hardirqs_on+0x26/0x120 [ 148.568189] do_group_exit+0xe0/0x2b0 [ 148.568527] __x64_sys_exit_group+0x47/0x50 [ 148.568998] do_syscall_64+0x3b/0x90 [ 148.569406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.569869] RIP: 0033:0x7f4b87518a4d [ 148.570196] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.570780] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.571561] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.572182] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.572804] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.573557] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.574195] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.574848] [ 148.575060] irq event stamp: 0 [ 148.575345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.576041] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.576770] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.577517] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.578189] ---[ end trace 0000000000000000 ]--- [ 148.578993] ------------[ cut here ]------------ [ 148.579421] WARNING: CPU: 1 PID: 1392 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.580476] Modules linked in: [ 148.580763] CPU: 1 PID: 1392 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.581524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.582847] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.583310] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.585027] RSP: 0018:ffff888020bb7b78 EFLAGS: 00010246 [ 148.585490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.586109] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 148.586885] RBP: ffff888020bb7b98 R08: ffffed100197233e R09: ffffed100197233e [ 148.587522] R10: ffff88800cb919ef R11: ffffed100197233d R12: ffff88800cb91a90 [ 148.588135] R13: ffff88800cb918a8 R14: ffffffffffffffff R15: ffff888020bb7c60 [ 148.588832] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.589610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.590113] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.590834] PKRU: 55555554 [ 148.591147] Call Trace: [ 148.591371] [ 148.591572] iommufd_ioas_destroy+0x53/0x70 [ 148.591956] iommufd_fops_release+0x1f7/0x370 [ 148.592355] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.592793] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.593371] ? write_comp_data+0x2f/0x90 [ 148.593736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.594181] __fput+0x26d/0xa40 [ 148.594488] ____fput+0x1e/0x30 [ 148.594816] task_work_run+0x1a4/0x2d0 [ 148.595183] ? __pfx_task_work_run+0x10/0x10 [ 148.595664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.596155] ? switch_task_namespaces+0xa9/0xe0 [ 148.596577] do_exit+0xb17/0x2ef0 [ 148.596887] ? lock_acquire+0x427/0x4c0 [ 148.597254] ? __pfx_lock_release+0x10/0x10 [ 148.597772] ? __kasan_check_write+0x18/0x20 [ 148.598172] ? do_raw_spin_lock+0x132/0x2a0 [ 148.598579] ? __pfx_do_exit+0x10/0x10 [ 148.598931] ? debug_smp_processor_id+0x20/0x30 [ 148.599348] ? rcu_is_watching+0x19/0xb0 [ 148.599750] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.600252] ? trace_hardirqs_on+0x26/0x120 [ 148.600643] do_group_exit+0xe0/0x2b0 [ 148.600985] __x64_sys_exit_group+0x47/0x50 [ 148.601367] do_syscall_64+0x3b/0x90 [ 148.601735] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.602292] RIP: 0033:0x7f4b87518a4d [ 148.602646] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.603201] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.603868] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.604643] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.605280] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.605901] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.606548] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.607186] [ 148.607390] irq event stamp: 0 [ 148.607667] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.608218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.608959] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.609700] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.610249] ---[ end trace 0000000000000000 ]--- [ 148.615093] ------------[ cut here ]------------ [ 148.615569] WARNING: CPU: 1 PID: 1393 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.616445] Modules linked in: [ 148.616722] CPU: 1 PID: 1393 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.617475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.618439] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.618898] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.620476] RSP: 0018:ffff88802452fbb8 EFLAGS: 00010246 [ 148.620933] RAX: 0000000000000000 RBX: ffff8880244fa0a8 RCX: 0000000000000000 [ 148.621543] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 148.622154] RBP: ffff88802452fbd0 R08: ffffed100489f433 R09: ffffed100489f433 [ 148.622789] R10: ffff8880244fa193 R11: ffffed100489f432 R12: ffff888013b15c00 [ 148.623423] R13: ffff8880244fa1e8 R14: ffffffff8352e670 R15: ffff88802452fe68 [ 148.624041] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.624740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.625246] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 148.625866] PKRU: 55555554 [ 148.626118] Call Trace: [ 148.626340] [ 148.626568] __iommufd_access_detach+0x1c2/0x2b0 [ 148.627003] iommufd_access_change_pt+0x149/0x270 [ 148.627446] iommufd_access_replace+0xb4/0x120 [ 148.627873] iommufd_test+0x3e5/0x37e0 [ 148.628285] ? lock_release+0x532/0x770 [ 148.629018] ? __might_fault+0x102/0x1b0 [ 148.629390] ? lock_acquire+0x427/0x4c0 [ 148.629749] ? __pfx_iommufd_test+0x10/0x10 [ 148.630125] ? __pfx_lock_release+0x10/0x10 [ 148.630659] ? __pfx_lock_acquire+0x10/0x10 [ 148.631080] ? write_comp_data+0x2f/0x90 [ 148.631462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.631902] ? write_comp_data+0x2f/0x90 [ 148.632270] iommufd_fops_ioctl+0x37d/0x510 [ 148.632664] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.633190] ? write_comp_data+0x2f/0x90 [ 148.633626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.634060] __x64_sys_ioctl+0x1a3/0x230 [ 148.634432] do_syscall_64+0x3b/0x90 [ 148.634801] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.635280] RIP: 0033:0x7f4b8743ee5d [ 148.635696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.637350] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.638176] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.638836] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.639494] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.640273] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.640910] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.641548] [ 148.641763] irq event stamp: 0 [ 148.642121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.642839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.643637] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.644481] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.645173] ---[ end trace 0000000000000000 ]--- [ 148.648279] ------------[ cut here ]------------ [ 148.648778] WARNING: CPU: 1 PID: 1393 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.649850] Modules linked in: [ 148.650156] CPU: 1 PID: 1393 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.651072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.652236] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.652713] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.654648] RSP: 0018:ffff88802452fbd0 EFLAGS: 00010246 [ 148.655184] RAX: 0000000000000000 RBX: ffff8880244fa0a8 RCX: 0000000000000000 [ 148.655899] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 148.656701] RBP: ffff88802452fbe8 R08: ffffed100489f433 R09: ffffed100489f433 [ 148.657383] R10: ffff8880244fa193 R11: ffffed100489f432 R12: ffff88801341ec00 [ 148.658103] R13: ffff8880244fa1e8 R14: ffff88800b874b00 R15: 0000000000000000 [ 148.658911] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.659690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.660252] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.661133] PKRU: 55555554 [ 148.661410] Call Trace: [ 148.661681] [ 148.661924] iommufd_access_destroy_object+0x65/0x170 [ 148.662475] iommufd_object_destroy_user+0x18e/0x220 [ 148.663058] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.663901] iommufd_access_destroy+0x43/0x70 [ 148.664385] iommufd_test_staccess_release+0x8d/0xd0 [ 148.664921] __fput+0x26d/0xa40 [ 148.665283] ____fput+0x1e/0x30 [ 148.665639] task_work_run+0x1a4/0x2d0 [ 148.666255] ? __pfx_task_work_run+0x10/0x10 [ 148.666754] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.667297] ? switch_task_namespaces+0xa9/0xe0 [ 148.667803] do_exit+0xb17/0x2ef0 [ 148.668184] ? lock_acquire+0x427/0x4c0 [ 148.668721] ? __pfx_lock_release+0x10/0x10 [ 148.669269] ? __kasan_check_write+0x18/0x20 [ 148.669737] ? do_raw_spin_lock+0x132/0x2a0 [ 148.670191] ? __pfx_do_exit+0x10/0x10 [ 148.670646] ? debug_smp_processor_id+0x20/0x30 [ 148.671151] ? rcu_is_watching+0x19/0xb0 [ 148.671778] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.672268] ? trace_hardirqs_on+0x26/0x120 [ 148.672736] do_group_exit+0xe0/0x2b0 [ 148.673141] __x64_sys_exit_group+0x47/0x50 [ 148.673636] do_syscall_64+0x3b/0x90 [ 148.674190] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.674775] RIP: 0033:0x7f4b87518a4d [ 148.675188] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.675844] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.676782] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.677595] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.678334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.679295] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.680051] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.680804] [ 148.681055] irq event stamp: 0 [ 148.681393] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.682256] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.683178] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.684056] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.684858] ---[ end trace 0000000000000000 ]--- [ 148.685821] ------------[ cut here ]------------ [ 148.686319] WARNING: CPU: 1 PID: 1393 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.687639] Modules linked in: [ 148.687989] CPU: 1 PID: 1393 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.688921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.690332] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.690918] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.693045] RSP: 0018:ffff88802452fb78 EFLAGS: 00010246 [ 148.693614] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.694401] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 148.695354] RBP: ffff88802452fb98 R08: ffffed100489f43e R09: ffffed100489f43e [ 148.696150] R10: ffff8880244fa1ef R11: ffffed100489f43d R12: ffff8880244fa290 [ 148.696907] R13: ffff8880244fa0a8 R14: ffffffffffffffff R15: ffff88802452fc60 [ 148.697687] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.698772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.699413] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.700178] PKRU: 55555554 [ 148.700490] Call Trace: [ 148.700891] [ 148.701204] iommufd_ioas_destroy+0x53/0x70 [ 148.701695] iommufd_fops_release+0x1f7/0x370 [ 148.702200] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.702804] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.703368] ? write_comp_data+0x2f/0x90 [ 148.704031] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.704579] __fput+0x26d/0xa40 [ 148.704959] ____fput+0x1e/0x30 [ 148.705333] task_work_run+0x1a4/0x2d0 [ 148.705766] ? __pfx_task_work_run+0x10/0x10 [ 148.706478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.707052] ? switch_task_namespaces+0xa9/0xe0 [ 148.707600] do_exit+0xb17/0x2ef0 [ 148.707982] ? lock_acquire+0x427/0x4c0 [ 148.708433] ? __pfx_lock_release+0x10/0x10 [ 148.709041] ? __kasan_check_write+0x18/0x20 [ 148.709663] ? do_raw_spin_lock+0x132/0x2a0 [ 148.710139] ? __pfx_do_exit+0x10/0x10 [ 148.710611] ? debug_smp_processor_id+0x20/0x30 [ 148.711138] ? rcu_is_watching+0x19/0xb0 [ 148.711586] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.712297] ? trace_hardirqs_on+0x26/0x120 [ 148.712779] do_group_exit+0xe0/0x2b0 [ 148.713191] __x64_sys_exit_group+0x47/0x50 [ 148.713651] do_syscall_64+0x3b/0x90 [ 148.714064] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.714853] RIP: 0033:0x7f4b87518a4d [ 148.715260] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.715919] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.716744] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.717741] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.718564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.719369] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.720330] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.721110] [ 148.721364] irq event stamp: 0 [ 148.721705] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.722435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.723490] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.724403] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.725108] ---[ end trace 0000000000000000 ]--- [ 148.730405] ------------[ cut here ]------------ [ 148.731033] WARNING: CPU: 1 PID: 1394 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.732163] Modules linked in: [ 148.732725] CPU: 1 PID: 1394 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.733688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.735107] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.735670] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.737843] RSP: 0018:ffff888020bb7bb8 EFLAGS: 00010246 [ 148.738430] RAX: 0000000000000000 RBX: ffff88800f8c80a8 RCX: 0000000000000000 [ 148.739248] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 148.740030] RBP: ffff888020bb7bd0 R08: ffffed1001f19033 R09: ffffed1001f19033 [ 148.741017] R10: ffff88800f8c8193 R11: ffffed1001f19032 R12: ffff888014583000 [ 148.741780] R13: ffff88800f8c81e8 R14: ffffffff8352e670 R15: ffff888020bb7e68 [ 148.742631] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.743601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.744223] CR2: 00007f4b877410e8 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 148.744996] PKRU: 55555554 [ 148.745419] Call Trace: [ 148.745768] [ 148.746019] __iommufd_access_detach+0x1c2/0x2b0 [ 148.746575] iommufd_access_change_pt+0x149/0x270 [ 148.747110] iommufd_access_replace+0xb4/0x120 [ 148.747638] iommufd_test+0x3e5/0x37e0 [ 148.748268] ? lock_release+0x532/0x770 [ 148.748728] ? __might_fault+0x102/0x1b0 [ 148.749188] ? lock_acquire+0x427/0x4c0 [ 148.749636] ? __pfx_iommufd_test+0x10/0x10 [ 148.750109] ? __pfx_lock_release+0x10/0x10 [ 148.750822] ? __pfx_lock_acquire+0x10/0x10 [ 148.751322] ? write_comp_data+0x2f/0x90 [ 148.751780] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.752327] ? write_comp_data+0x2f/0x90 [ 148.752785] iommufd_fops_ioctl+0x37d/0x510 [ 148.753438] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.753983] ? write_comp_data+0x2f/0x90 [ 148.754440] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.755018] __x64_sys_ioctl+0x1a3/0x230 [ 148.755487] do_syscall_64+0x3b/0x90 [ 148.755900] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.756465] RIP: 0033:0x7f4b8743ee5d [ 148.756876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.758909] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.759770] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.760560] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.761344] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.762133] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.762943] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.763741] [ 148.763998] irq event stamp: 0 [ 148.764339] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.765021] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.765923] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.766857] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.767561] ---[ end trace 0000000000000000 ]--- [ 148.771058] ------------[ cut here ]------------ [ 148.771634] WARNING: CPU: 1 PID: 1394 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.772725] Modules linked in: [ 148.773072] CPU: 1 PID: 1394 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.774028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.775575] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.776126] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.778108] RSP: 0018:ffff888020bb7bd0 EFLAGS: 00010246 [ 148.778721] RAX: 0000000000000000 RBX: ffff88800f8c80a8 RCX: 0000000000000000 [ 148.779536] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 148.780326] RBP: ffff888020bb7be8 R08: ffffed1001f19033 R09: ffffed1001f19033 [ 148.781117] R10: ffff88800f8c8193 R11: ffffed1001f19032 R12: ffff888013b16800 [ 148.781891] R13: ffff88800f8c81e8 R14: ffff88800f5da900 R15: 0000000000000000 [ 148.782712] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.783618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.784241] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.785008] PKRU: 55555554 [ 148.785312] Call Trace: [ 148.785592] [ 148.785841] iommufd_access_destroy_object+0x65/0x170 [ 148.786398] iommufd_object_destroy_user+0x18e/0x220 [ 148.786987] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.787621] iommufd_access_destroy+0x43/0x70 [ 148.788115] iommufd_test_staccess_release+0x8d/0xd0 [ 148.788665] __fput+0x26d/0xa40 [ 148.789034] ____fput+0x1e/0x30 [ 148.789400] task_work_run+0x1a4/0x2d0 [ 148.789824] ? __pfx_task_work_run+0x10/0x10 [ 148.790300] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.790862] ? switch_task_namespaces+0xa9/0xe0 [ 148.791391] do_exit+0xb17/0x2ef0 [ 148.791766] ? lock_acquire+0x427/0x4c0 [ 148.792198] ? __pfx_lock_release+0x10/0x10 [ 148.792677] ? __kasan_check_write+0x18/0x20 [ 148.793162] ? do_raw_spin_lock+0x132/0x2a0 [ 148.793621] ? __pfx_do_exit+0x10/0x10 [ 148.794056] ? debug_smp_processor_id+0x20/0x30 [ 148.794606] ? rcu_is_watching+0x19/0xb0 [ 148.795063] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.795556] ? trace_hardirqs_on+0x26/0x120 [ 148.796022] do_group_exit+0xe0/0x2b0 [ 148.796424] __x64_sys_exit_group+0x47/0x50 [ 148.796879] do_syscall_64+0x3b/0x90 [ 148.797287] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.797852] RIP: 0033:0x7f4b87518a4d [ 148.798255] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.798945] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.799769] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.800532] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.801291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.802050] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.802846] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.803623] [ 148.803878] irq event stamp: 0 [ 148.804220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.804902] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.805797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.806723] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.807419] ---[ end trace 0000000000000000 ]--- [ 148.808339] ------------[ cut here ]------------ [ 148.808847] WARNING: CPU: 1 PID: 1394 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.809936] Modules linked in: [ 148.810291] CPU: 1 PID: 1394 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.811285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.812493] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.813042] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.815027] RSP: 0018:ffff888020bb7b78 EFLAGS: 00010246 [ 148.815608] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.816363] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 148.817126] RBP: ffff888020bb7b98 R08: ffffed1001f1903e R09: ffffed1001f1903e [ 148.817877] R10: ffff88800f8c81ef R11: ffffed1001f1903d R12: ffff88800f8c8290 [ 148.818662] R13: ffff88800f8c80a8 R14: ffffffffffffffff R15: ffff888020bb7c60 [ 148.819445] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 148.820312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.820925] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 148.821668] PKRU: 55555554 [ 148.821978] Call Trace: [ 148.822257] [ 148.822529] iommufd_ioas_destroy+0x53/0x70 [ 148.822995] iommufd_fops_release+0x1f7/0x370 [ 148.823480] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.824007] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.824531] ? write_comp_data+0x2f/0x90 [ 148.824970] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.825497] __fput+0x26d/0xa40 [ 148.825881] ____fput+0x1e/0x30 [ 148.826253] task_work_run+0x1a4/0x2d0 [ 148.826709] ? __pfx_task_work_run+0x10/0x10 [ 148.827195] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.827729] ? switch_task_namespaces+0xa9/0xe0 [ 148.828243] do_exit+0xb17/0x2ef0 [ 148.828616] ? lock_acquire+0x427/0x4c0 [ 148.829053] ? __pfx_lock_release+0x10/0x10 [ 148.829523] ? __kasan_check_write+0x18/0x20 [ 148.829996] ? do_raw_spin_lock+0x132/0x2a0 [ 148.830465] ? __pfx_do_exit+0x10/0x10 [ 148.830925] ? debug_smp_processor_id+0x20/0x30 [ 148.831429] ? rcu_is_watching+0x19/0xb0 [ 148.831864] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.832357] ? trace_hardirqs_on+0x26/0x120 [ 148.832823] do_group_exit+0xe0/0x2b0 [ 148.833238] __x64_sys_exit_group+0x47/0x50 [ 148.833694] do_syscall_64+0x3b/0x90 [ 148.834096] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.834672] RIP: 0033:0x7f4b87518a4d [ 148.835069] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.835731] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.836538] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.837284] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.838045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.838817] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.839585] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.840353] [ 148.840615] irq event stamp: 0 [ 148.840954] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.841622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.842544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.843450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.844112] ---[ end trace 0000000000000000 ]--- [ 148.851768] ------------[ cut here ]------------ [ 148.852490] WARNING: CPU: 0 PID: 1395 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.853851] Modules linked in: [ 148.854303] CPU: 0 PID: 1395 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.855577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.857084] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.857769] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.860257] RSP: 0018:ffff88801679fbb8 EFLAGS: 00010246 [ 148.860997] RAX: 0000000000000000 RBX: ffff888015d280a8 RCX: 0000000000000000 [ 148.861955] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 148.862970] RBP: ffff88801679fbd0 R08: ffffed1002ba5033 R09: ffffed1002ba5033 [ 148.863964] R10: ffff888015d28193 R11: ffffed1002ba5032 R12: ffff888021902800 [ 148.864915] R13: ffff888015d281e8 R14: ffffffff8352e670 R15: ffff88801679fe68 [ 148.865867] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 148.867000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.867816] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ef0 [ 148.868783] PKRU: 55555554 [ 148.869184] Call Trace: [ 148.869542] [ 148.869862] __iommufd_access_detach+0x1c2/0x2b0 [ 148.870597] iommufd_access_change_pt+0x149/0x270 [ 148.871327] iommufd_access_replace+0xb4/0x120 [ 148.871978] iommufd_test+0x3e5/0x37e0 [ 148.872528] ? lock_release+0x532/0x770 [ 148.873101] ? __might_fault+0x102/0x1b0 [ 148.873688] ? lock_acquire+0x427/0x4c0 [ 148.874254] ? __pfx_iommufd_test+0x10/0x10 [ 148.874903] ? __pfx_lock_release+0x10/0x10 [ 148.875558] ? __pfx_lock_acquire+0x10/0x10 [ 148.876165] ? write_comp_data+0x2f/0x90 [ 148.876744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.877427] ? write_comp_data+0x2f/0x90 [ 148.878018] iommufd_fops_ioctl+0x37d/0x510 [ 148.878694] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.879417] ? write_comp_data+0x2f/0x90 [ 148.879998] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 148.880663] __x64_sys_ioctl+0x1a3/0x230 [ 148.881238] do_syscall_64+0x3b/0x90 [ 148.881762] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.882479] RIP: 0033:0x7f4b8743ee5d [ 148.883085] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 148.885505] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 148.886604] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 148.887611] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 148.888575] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 148.889538] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 148.890502] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 148.891576] [ 148.891917] irq event stamp: 0 [ 148.892344] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.893190] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.894314] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.895513] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.896378] ---[ end trace 0000000000000000 ]--- [ 148.900776] ------------[ cut here ]------------ [ 148.901347] WARNING: CPU: 0 PID: 1395 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.902437] Modules linked in: [ 148.902841] CPU: 0 PID: 1395 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.903810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.905025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.905560] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.907569] RSP: 0018:ffff88801679fbd0 EFLAGS: 00010246 [ 148.908158] RAX: 0000000000000000 RBX: ffff888015d280a8 RCX: 0000000000000000 [ 148.908912] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 148.909676] RBP: ffff88801679fbe8 R08: ffffed1002ba5033 R09: ffffed1002ba5033 [ 148.910440] R10: ffff888015d28193 R11: ffffed1002ba5032 R12: ffff888018ab9000 [ 148.911259] R13: ffff888015d281e8 R14: ffff888020f60c00 R15: 0000000000000000 [ 148.912036] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 148.912916] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.913547] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 148.914327] PKRU: 55555554 [ 148.914672] Call Trace: [ 148.914954] [ 148.915218] iommufd_access_destroy_object+0x65/0x170 [ 148.915778] iommufd_object_destroy_user+0x18e/0x220 [ 148.916333] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 148.916976] iommufd_access_destroy+0x43/0x70 [ 148.917479] iommufd_test_staccess_release+0x8d/0xd0 [ 148.918032] __fput+0x26d/0xa40 [ 148.918405] ____fput+0x1e/0x30 [ 148.918806] task_work_run+0x1a4/0x2d0 [ 148.919258] ? __pfx_task_work_run+0x10/0x10 [ 148.919748] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.920289] ? switch_task_namespaces+0xa9/0xe0 [ 148.920809] do_exit+0xb17/0x2ef0 [ 148.921189] ? lock_acquire+0x427/0x4c0 [ 148.921631] ? __pfx_lock_release+0x10/0x10 [ 148.922107] ? __kasan_check_write+0x18/0x20 [ 148.922619] ? do_raw_spin_lock+0x132/0x2a0 [ 148.923088] ? __pfx_do_exit+0x10/0x10 [ 148.923530] ? debug_smp_processor_id+0x20/0x30 [ 148.924052] ? rcu_is_watching+0x19/0xb0 [ 148.924499] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.925001] ? trace_hardirqs_on+0x26/0x120 [ 148.925483] do_group_exit+0xe0/0x2b0 [ 148.925903] __x64_sys_exit_group+0x47/0x50 [ 148.926371] do_syscall_64+0x3b/0x90 [ 148.926822] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.927413] RIP: 0033:0x7f4b87518a4d [ 148.927822] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.928497] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.929336] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.930100] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.930891] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.931670] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.932440] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.933207] [ 148.933465] irq event stamp: 0 [ 148.933808] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.934499] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.935449] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.936329] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.937014] ---[ end trace 0000000000000000 ]--- [ 148.937931] ------------[ cut here ]------------ [ 148.938443] WARNING: CPU: 0 PID: 1395 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 148.939611] Modules linked in: [ 148.939960] CPU: 0 PID: 1395 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.940895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.942113] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 148.942706] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 148.944704] RSP: 0018:ffff88801679fb78 EFLAGS: 00010246 [ 148.945286] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 148.946051] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 148.946855] RBP: ffff88801679fb98 R08: ffffed1002ba503e R09: ffffed1002ba503e [ 148.947636] R10: ffff888015d281ef R11: ffffed1002ba503d R12: ffff888015d28290 [ 148.948401] R13: ffff888015d280a8 R14: ffffffffffffffff R15: ffff88801679fc60 [ 148.949143] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 148.949980] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.950619] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 148.951381] PKRU: 55555554 [ 148.951677] Call Trace: [ 148.951942] [ 148.952176] iommufd_ioas_destroy+0x53/0x70 [ 148.952641] iommufd_fops_release+0x1f7/0x370 [ 148.953119] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.953647] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.954178] ? write_comp_data+0x2f/0x90 [ 148.954728] ? __pfx_iommufd_fops_release+0x10/0x10 [ 148.955585] __fput+0x26d/0xa40 [ 148.955951] ____fput+0x1e/0x30 [ 148.956309] task_work_run+0x1a4/0x2d0 [ 148.956733] ? __pfx_task_work_run+0x10/0x10 [ 148.957205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.957721] ? switch_task_namespaces+0xa9/0xe0 [ 148.958220] do_exit+0xb17/0x2ef0 [ 148.958732] ? lock_acquire+0x427/0x4c0 [ 148.959290] ? __pfx_lock_release+0x10/0x10 [ 148.959756] ? __kasan_check_write+0x18/0x20 [ 148.960220] ? do_raw_spin_lock+0x132/0x2a0 [ 148.960672] ? __pfx_do_exit+0x10/0x10 [ 148.961100] ? debug_smp_processor_id+0x20/0x30 [ 148.961585] ? rcu_is_watching+0x19/0xb0 [ 148.962009] ? _raw_spin_unlock_irq+0x2b/0x60 [ 148.962487] ? trace_hardirqs_on+0x26/0x120 [ 148.962982] do_group_exit+0xe0/0x2b0 [ 148.963404] __x64_sys_exit_group+0x47/0x50 [ 148.963868] do_syscall_64+0x3b/0x90 [ 148.964412] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 148.965074] RIP: 0033:0x7f4b87518a4d [ 148.965464] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 148.966103] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 148.967285] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 148.968037] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 148.968774] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 148.969518] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 148.970254] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 148.971062] [ 148.971439] irq event stamp: 0 [ 148.971745] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 148.972345] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 148.973143] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 148.973938] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 148.974570] ---[ end trace 0000000000000000 ]--- [ 148.979721] ------------[ cut here ]------------ [ 148.980539] WARNING: CPU: 0 PID: 1396 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 148.981506] Modules linked in: [ 148.981810] CPU: 0 PID: 1396 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 148.982690] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 148.984050] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 148.984666] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 148.986391] RSP: 0018:ffff88801035fbb8 EFLAGS: 00010246 [ 148.986932] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 148.987829] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 148.988505] RBP: ffff88801035fbd0 R08: ffffed1001702333 R09: ffffed1001702333 [ 148.989171] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff888013b23c00 [ 148.989839] R13: ffff88800b8119e8 R14: ffffffff8352e670 R15: ffff88801035fe68 [ 148.990547] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 148.991386] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.992110] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 148.992781] PKRU: 55555554 [ 148.993045] Call Trace: [ 148.993285] [ 148.993494] __iommufd_access_detach+0x1c2/0x2b0 [ 148.993957] iommufd_access_change_pt+0x149/0x270 [ 148.994472] iommufd_access_replace+0xb4/0x120 [ 148.995101] iommufd_test+0x3e5/0x37e0 [ 148.995489] ? lock_release+0x532/0x770 [ 148.995876] ? __might_fault+0x102/0x1b0 [ 148.996263] ? lock_acquire+0x427/0x4c0 [ 148.996649] ? __pfx_iommufd_test+0x10/0x10 [ 148.997053] ? __pfx_lock_release+0x10/0x10 [ 148.997464] ? __pfx_lock_acquire+0x10/0x10 [ 148.997880] ? write_comp_data+0x2f/0x90 [ 148.998308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 148.999006] ? write_comp_data+0x2f/0x90 [ 148.999411] iommufd_fops_ioctl+0x37d/0x510 [ 148.999815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.000251] ? write_comp_data+0x2f/0x90 [ 149.000623] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.001056] __x64_sys_ioctl+0x1a3/0x230 [ 149.001428] do_syscall_64+0x3b/0x90 [ 149.001840] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.002430] RIP: 0033:0x7f4b8743ee5d [ 149.002779] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.004389] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.005248] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.005878] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.006534] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.007170] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.007802] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.008627] [ 149.008839] irq event stamp: 0 [ 149.009121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.009684] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.010425] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.011197] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.011936] ---[ end trace 0000000000000000 ]--- [ 149.016013] ------------[ cut here ]------------ [ 149.016449] WARNING: CPU: 0 PID: 1396 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.017341] Modules linked in: [ 149.017709] CPU: 0 PID: 1396 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.018627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.019630] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.020070] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.021674] RSP: 0018:ffff88801035fbd0 EFLAGS: 00010246 [ 149.022144] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 149.022797] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 149.023432] RBP: ffff88801035fbe8 R08: ffffed1001702333 R09: ffffed1001702333 [ 149.024056] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff888021903c00 [ 149.024682] R13: ffff88800b8119e8 R14: ffff88800f211d00 R15: 0000000000000000 [ 149.025308] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.026016] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.026548] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 149.027192] PKRU: 55555554 [ 149.027442] Call Trace: [ 149.027669] [ 149.027870] iommufd_access_destroy_object+0x65/0x170 [ 149.028330] iommufd_object_destroy_user+0x18e/0x220 [ 149.028777] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.029275] iommufd_access_destroy+0x43/0x70 [ 149.029659] iommufd_test_staccess_release+0x8d/0xd0 [ 149.030091] __fput+0x26d/0xa40 [ 149.030382] ____fput+0x1e/0x30 [ 149.030688] task_work_run+0x1a4/0x2d0 [ 149.031026] ? __pfx_task_work_run+0x10/0x10 [ 149.031405] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.031819] ? switch_task_namespaces+0xa9/0xe0 [ 149.032220] do_exit+0xb17/0x2ef0 [ 149.032514] ? lock_acquire+0x427/0x4c0 [ 149.032858] ? __pfx_lock_release+0x10/0x10 [ 149.033227] ? __kasan_check_write+0x18/0x20 [ 149.033600] ? do_raw_spin_lock+0x132/0x2a0 [ 149.033968] ? __pfx_do_exit+0x10/0x10 [ 149.034304] ? debug_smp_processor_id+0x20/0x30 [ 149.034720] ? rcu_is_watching+0x19/0xb0 [ 149.035061] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.035455] ? trace_hardirqs_on+0x26/0x120 [ 149.035824] do_group_exit+0xe0/0x2b0 [ 149.036148] __x64_sys_exit_group+0x47/0x50 [ 149.036511] do_syscall_64+0x3b/0x90 [ 149.036831] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.037274] RIP: 0033:0x7f4b87518a4d [ 149.037588] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.038101] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.038755] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.039356] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.039946] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.040546] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.041143] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.041743] [ 149.041938] irq event stamp: 0 [ 149.042200] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.042749] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.043456] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.044148] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.044670] ---[ end trace 0000000000000000 ]--- [ 149.045886] ------------[ cut here ]------------ [ 149.046287] WARNING: CPU: 0 PID: 1396 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.047279] Modules linked in: [ 149.047554] CPU: 0 PID: 1396 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.048284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.049411] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.049849] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.051557] RSP: 0018:ffff88801035fb78 EFLAGS: 00010246 [ 149.052004] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.052596] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 149.053351] RBP: ffff88801035fb98 R08: ffffed100170233e R09: ffffed100170233e [ 149.053947] R10: ffff88800b8119ef R11: ffffed100170233d R12: ffff88800b811a90 [ 149.054597] R13: ffff88800b8118a8 R14: ffffffffffffffff R15: ffff88801035fc60 [ 149.055305] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.055981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.056465] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 149.057217] PKRU: 55555554 [ 149.057460] Call Trace: [ 149.057677] [ 149.057870] iommufd_ioas_destroy+0x53/0x70 [ 149.058240] iommufd_fops_release+0x1f7/0x370 [ 149.058738] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.059227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.059650] ? write_comp_data+0x2f/0x90 [ 149.060003] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.060504] __fput+0x26d/0xa40 [ 149.060888] ____fput+0x1e/0x30 [ 149.061178] task_work_run+0x1a4/0x2d0 [ 149.061516] ? __pfx_task_work_run+0x10/0x10 [ 149.061890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.062463] ? switch_task_namespaces+0xa9/0xe0 [ 149.062890] do_exit+0xb17/0x2ef0 [ 149.063191] ? lock_acquire+0x427/0x4c0 [ 149.063535] ? __pfx_lock_release+0x10/0x10 [ 149.063910] ? __kasan_check_write+0x18/0x20 [ 149.064462] ? do_raw_spin_lock+0x132/0x2a0 [ 149.064832] ? __pfx_do_exit+0x10/0x10 [ 149.065171] ? debug_smp_processor_id+0x20/0x30 [ 149.065565] ? rcu_is_watching+0x19/0xb0 [ 149.065986] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.066462] ? trace_hardirqs_on+0x26/0x120 [ 149.066856] do_group_exit+0xe0/0x2b0 [ 149.067189] __x64_sys_exit_group+0x47/0x50 [ 149.067551] do_syscall_64+0x3b/0x90 [ 149.068033] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.068476] RIP: 0033:0x7f4b87518a4d [ 149.068791] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.069306] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.070087] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.070699] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.071299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.071900] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.072527] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.073272] [ 149.073472] irq event stamp: 0 [ 149.073748] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.074347] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.075217] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.075945] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.076533] ---[ end trace 0000000000000000 ]--- [ 149.082000] ------------[ cut here ]------------ [ 149.082562] WARNING: CPU: 0 PID: 1397 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.083461] Modules linked in: [ 149.083821] CPU: 0 PID: 1397 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.084641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.085616] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.086045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.087665] RSP: 0018:ffff88801679fbb8 EFLAGS: 00010246 [ 149.088129] RAX: 0000000000000000 RBX: ffff888020b568a8 RCX: 0000000000000000 [ 149.088752] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 149.089367] RBP: ffff88801679fbd0 R08: ffffed100416ad33 R09: ffffed100416ad33 [ 149.089970] R10: ffff888020b56993 R11: ffffed100416ad32 R12: ffff8880129b7800 [ 149.090592] R13: ffff888020b569e8 R14: ffffffff8352e670 R15: ffff88801679fe68 [ 149.091217] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.091901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.092393] CR2: 00007f4b877410e8 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 149.093005] PKRU: 55555554 [ 149.093250] Call Trace: [ 149.093467] [ 149.093661] __iommufd_access_detach+0x1c2/0x2b0 [ 149.094087] iommufd_access_change_pt+0x149/0x270 [ 149.094532] iommufd_access_replace+0xb4/0x120 [ 149.094935] iommufd_test+0x3e5/0x37e0 [ 149.095281] ? lock_release+0x532/0x770 [ 149.095635] ? __might_fault+0x102/0x1b0 [ 149.095990] ? lock_acquire+0x427/0x4c0 [ 149.096340] ? __pfx_iommufd_test+0x10/0x10 [ 149.096710] ? __pfx_lock_release+0x10/0x10 [ 149.097088] ? __pfx_lock_acquire+0x10/0x10 [ 149.097471] ? write_comp_data+0x2f/0x90 [ 149.097830] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.098252] ? write_comp_data+0x2f/0x90 [ 149.098633] iommufd_fops_ioctl+0x37d/0x510 [ 149.099008] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.099443] ? write_comp_data+0x2f/0x90 [ 149.099809] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.100229] __x64_sys_ioctl+0x1a3/0x230 [ 149.100590] do_syscall_64+0x3b/0x90 [ 149.100917] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.101366] RIP: 0033:0x7f4b8743ee5d [ 149.101682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.103273] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.103940] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.104561] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.105165] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.105781] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.106384] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.107019] [ 149.107225] irq event stamp: 0 [ 149.107495] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.108033] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.108760] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.109479] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.110037] ---[ end trace 0000000000000000 ]--- [ 149.113216] ------------[ cut here ]------------ [ 149.113900] WARNING: CPU: 1 PID: 1397 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.114817] Modules linked in: [ 149.115098] CPU: 1 PID: 1397 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.116185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.117163] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.117738] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.119432] RSP: 0018:ffff88801679fbd0 EFLAGS: 00010246 [ 149.119953] RAX: 0000000000000000 RBX: ffff888020b568a8 RCX: 0000000000000000 [ 149.120561] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 149.121157] RBP: ffff88801679fbe8 R08: ffffed100416ad33 R09: ffffed100416ad33 [ 149.121889] R10: ffff888020b56993 R11: ffffed100416ad32 R12: ffff888013b22000 [ 149.122491] R13: ffff888020b569e8 R14: ffff888018bbeb00 R15: 0000000000000000 [ 149.123127] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.123902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.124459] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 149.125067] PKRU: 55555554 [ 149.125312] Call Trace: [ 149.125534] [ 149.125781] iommufd_access_destroy_object+0x65/0x170 [ 149.126306] iommufd_object_destroy_user+0x18e/0x220 [ 149.126767] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.127278] iommufd_access_destroy+0x43/0x70 [ 149.127683] iommufd_test_staccess_release+0x8d/0xd0 [ 149.128191] __fput+0x26d/0xa40 [ 149.128556] ____fput+0x1e/0x30 [ 149.128848] task_work_run+0x1a4/0x2d0 [ 149.129195] ? __pfx_task_work_run+0x10/0x10 [ 149.129591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.130070] ? switch_task_namespaces+0xa9/0xe0 [ 149.130602] do_exit+0xb17/0x2ef0 [ 149.130901] ? lock_acquire+0x427/0x4c0 [ 149.131264] ? __pfx_lock_release+0x10/0x10 [ 149.131641] ? __kasan_check_write+0x18/0x20 [ 149.132024] ? do_raw_spin_lock+0x132/0x2a0 [ 149.132485] ? __pfx_do_exit+0x10/0x10 [ 149.132850] ? debug_smp_processor_id+0x20/0x30 [ 149.133256] ? rcu_is_watching+0x19/0xb0 [ 149.133612] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.134007] ? trace_hardirqs_on+0x26/0x120 [ 149.134499] do_group_exit+0xe0/0x2b0 [ 149.134853] __x64_sys_exit_group+0x47/0x50 [ 149.135233] do_syscall_64+0x3b/0x90 [ 149.135565] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.136017] RIP: 0033:0x7f4b87518a4d [ 149.136344] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.137019] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.137669] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.138278] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.139057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.139678] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.140278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.141018] [ 149.141223] irq event stamp: 0 [ 149.141494] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.142050] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.142820] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.143636] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.144185] ---[ end trace 0000000000000000 ]--- [ 149.144973] ------------[ cut here ]------------ [ 149.145450] WARNING: CPU: 1 PID: 1397 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.146322] Modules linked in: [ 149.146632] CPU: 1 PID: 1397 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.147541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.148495] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.148972] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.150654] RSP: 0018:ffff88801679fb78 EFLAGS: 00010246 [ 149.151176] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.151853] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 149.152470] RBP: ffff88801679fb98 R08: ffffed100416ad3e R09: ffffed100416ad3e [ 149.153152] R10: ffff888020b569ef R11: ffffed100416ad3d R12: ffff888020b56a90 [ 149.153838] R13: ffff888020b568a8 R14: ffffffffffffffff R15: ffff88801679fc60 [ 149.154449] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.155305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.155806] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 149.156416] PKRU: 55555554 [ 149.156659] Call Trace: [ 149.156881] [ 149.157115] iommufd_ioas_destroy+0x53/0x70 [ 149.157575] iommufd_fops_release+0x1f7/0x370 [ 149.157973] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.158404] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.158905] ? write_comp_data+0x2f/0x90 [ 149.159279] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.159714] __fput+0x26d/0xa40 [ 149.160007] ____fput+0x1e/0x30 [ 149.160296] task_work_run+0x1a4/0x2d0 [ 149.160632] ? __pfx_task_work_run+0x10/0x10 [ 149.161008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.161429] ? switch_task_namespaces+0xa9/0xe0 [ 149.161839] do_exit+0xb17/0x2ef0 [ 149.162141] ? lock_acquire+0x427/0x4c0 [ 149.162491] ? __pfx_lock_release+0x10/0x10 [ 149.162889] ? __kasan_check_write+0x18/0x20 [ 149.163288] ? do_raw_spin_lock+0x132/0x2a0 [ 149.163664] ? __pfx_do_exit+0x10/0x10 [ 149.164008] ? debug_smp_processor_id+0x20/0x30 [ 149.164419] ? rcu_is_watching+0x19/0xb0 [ 149.164768] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.165159] ? trace_hardirqs_on+0x26/0x120 [ 149.165535] do_group_exit+0xe0/0x2b0 [ 149.165865] __x64_sys_exit_group+0x47/0x50 [ 149.166235] do_syscall_64+0x3b/0x90 [ 149.166582] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.167023] RIP: 0033:0x7f4b87518a4d [ 149.167348] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.167876] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.168515] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.169111] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.169706] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.170298] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.170919] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.171542] [ 149.171745] irq event stamp: 0 [ 149.172016] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.172551] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.173245] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.173943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.174471] ---[ end trace 0000000000000000 ]--- [ 149.179365] ------------[ cut here ]------------ [ 149.179809] WARNING: CPU: 1 PID: 1398 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.180664] Modules linked in: [ 149.180937] CPU: 1 PID: 1398 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.181675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.182640] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.183060] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.184602] RSP: 0018:ffff888015857bb8 EFLAGS: 00010246 [ 149.185057] RAX: 0000000000000000 RBX: ffff88800ed970a8 RCX: 0000000000000000 [ 149.185656] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 149.186251] RBP: ffff888015857bd0 R08: ffffed1001db2e33 R09: ffffed1001db2e33 [ 149.186874] R10: ffff88800ed97193 R11: ffffed1001db2e32 R12: ffff888013b14800 [ 149.187483] R13: ffff88800ed971e8 R14: ffffffff8352e670 R15: ffff888015857e68 [ 149.188078] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.188750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.189235] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 149.189836] PKRU: 55555554 [ 149.190073] Call Trace: [ 149.190287] [ 149.190477] __iommufd_access_detach+0x1c2/0x2b0 [ 149.190908] iommufd_access_change_pt+0x149/0x270 [ 149.191333] iommufd_access_replace+0xb4/0x120 [ 149.191729] iommufd_test+0x3e5/0x37e0 [ 149.192056] ? lock_release+0x532/0x770 [ 149.192400] ? __might_fault+0x102/0x1b0 [ 149.192748] ? lock_acquire+0x427/0x4c0 [ 149.193089] ? __pfx_iommufd_test+0x10/0x10 [ 149.193449] ? __pfx_lock_release+0x10/0x10 [ 149.193816] ? __pfx_lock_acquire+0x10/0x10 [ 149.194189] ? write_comp_data+0x2f/0x90 [ 149.194562] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.194980] ? write_comp_data+0x2f/0x90 [ 149.195346] iommufd_fops_ioctl+0x37d/0x510 [ 149.195727] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.196140] ? write_comp_data+0x2f/0x90 [ 149.196490] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.196911] __x64_sys_ioctl+0x1a3/0x230 [ 149.197269] do_syscall_64+0x3b/0x90 [ 149.197595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.198045] RIP: 0033:0x7f4b8743ee5d [ 149.198359] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.199920] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.200562] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.201163] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.201762] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.202355] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.202967] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.203580] [ 149.203780] irq event stamp: 0 [ 149.204046] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.204581] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.205281] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.205981] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.206530] ---[ end trace 0000000000000000 ]--- [ 149.209341] ------------[ cut here ]------------ [ 149.209766] WARNING: CPU: 1 PID: 1398 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.210645] Modules linked in: [ 149.210922] CPU: 1 PID: 1398 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.211692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.213061] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.213493] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.215245] RSP: 0018:ffff888015857bd0 EFLAGS: 00010246 [ 149.215665] RAX: 0000000000000000 RBX: ffff88800ed970a8 RCX: 0000000000000000 [ 149.216243] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 149.216891] RBP: ffff888015857be8 R08: ffffed1001db2e33 R09: ffffed1001db2e33 [ 149.217450] R10: ffff88800ed97193 R11: ffffed1001db2e32 R12: ffff888014580000 [ 149.218024] R13: ffff88800ed971e8 R14: ffff888012b3fb00 R15: 0000000000000000 [ 149.218679] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.219320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.219775] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.220446] PKRU: 55555554 [ 149.220671] Call Trace: [ 149.220874] [ 149.221054] iommufd_access_destroy_object+0x65/0x170 [ 149.221464] iommufd_object_destroy_user+0x18e/0x220 [ 149.221876] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.222434] iommufd_access_destroy+0x43/0x70 [ 149.222820] iommufd_test_staccess_release+0x8d/0xd0 [ 149.223252] __fput+0x26d/0xa40 [ 149.223530] ____fput+0x1e/0x30 [ 149.223813] task_work_run+0x1a4/0x2d0 [ 149.224157] ? __pfx_task_work_run+0x10/0x10 [ 149.224586] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.224985] ? switch_task_namespaces+0xa9/0xe0 [ 149.225364] do_exit+0xb17/0x2ef0 [ 149.225641] ? lock_acquire+0x427/0x4c0 [ 149.226034] ? __pfx_lock_release+0x10/0x10 [ 149.226434] ? __kasan_check_write+0x18/0x20 [ 149.226809] ? do_raw_spin_lock+0x132/0x2a0 [ 149.227173] ? __pfx_do_exit+0x10/0x10 [ 149.227495] ? debug_smp_processor_id+0x20/0x30 [ 149.227872] ? rcu_is_watching+0x19/0xb0 [ 149.228260] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.228682] ? trace_hardirqs_on+0x26/0x120 [ 149.229032] do_group_exit+0xe0/0x2b0 [ 149.229336] __x64_sys_exit_group+0x47/0x50 [ 149.229681] do_syscall_64+0x3b/0x90 [ 149.230016] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.230493] RIP: 0033:0x7f4b87518a4d [ 149.230816] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.231308] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.231915] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.232592] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.233152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.233720] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.234411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.235037] [ 149.235257] irq event stamp: 0 [ 149.235534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.236079] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.236946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.237657] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.238204] ---[ end trace 0000000000000000 ]--- [ 149.239131] ------------[ cut here ]------------ [ 149.239546] WARNING: CPU: 1 PID: 1398 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.240422] Modules linked in: [ 149.240782] CPU: 1 PID: 1398 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.241583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.242641] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.243160] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.244728] RSP: 0018:ffff888015857b78 EFLAGS: 00010246 [ 149.245316] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.245919] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 149.246542] RBP: ffff888015857b98 R08: ffffed1001db2e3e R09: ffffed1001db2e3e [ 149.247153] R10: ffff88800ed971ef R11: ffffed1001db2e3d R12: ffff88800ed97290 [ 149.247753] R13: ffff88800ed970a8 R14: ffffffffffffffff R15: ffff888015857c60 [ 149.248352] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.249037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.249533] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.250142] PKRU: 55555554 [ 149.250387] Call Trace: [ 149.250630] [ 149.250826] iommufd_ioas_destroy+0x53/0x70 [ 149.251209] iommufd_fops_release+0x1f7/0x370 [ 149.251603] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.252034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.252465] ? write_comp_data+0x2f/0x90 [ 149.252820] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.253242] __fput+0x26d/0xa40 [ 149.253535] ____fput+0x1e/0x30 [ 149.253829] task_work_run+0x1a4/0x2d0 [ 149.254175] ? __pfx_task_work_run+0x10/0x10 [ 149.254587] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.255014] ? switch_task_namespaces+0xa9/0xe0 [ 149.255441] do_exit+0xb17/0x2ef0 [ 149.255737] ? lock_acquire+0x427/0x4c0 [ 149.256088] ? __pfx_lock_release+0x10/0x10 [ 149.256457] ? __kasan_check_write+0x18/0x20 [ 149.256834] ? do_raw_spin_lock+0x132/0x2a0 [ 149.257201] ? __pfx_do_exit+0x10/0x10 [ 149.257547] ? debug_smp_processor_id+0x20/0x30 [ 149.257955] ? rcu_is_watching+0x19/0xb0 [ 149.258308] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.258724] ? trace_hardirqs_on+0x26/0x120 [ 149.259099] do_group_exit+0xe0/0x2b0 [ 149.259439] __x64_sys_exit_group+0x47/0x50 [ 149.259818] do_syscall_64+0x3b/0x90 [ 149.260147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.260598] RIP: 0033:0x7f4b87518a4d [ 149.260921] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.261446] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.262086] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.262714] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.263339] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.263938] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.264534] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.265141] [ 149.265344] irq event stamp: 0 [ 149.265612] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.266148] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.266877] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.267602] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.268147] ---[ end trace 0000000000000000 ]--- [ 149.272870] ------------[ cut here ]------------ [ 149.273315] WARNING: CPU: 1 PID: 1399 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.274178] Modules linked in: [ 149.274453] CPU: 1 PID: 1399 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.275251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.276212] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.276633] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.278164] RSP: 0018:ffff888023d6fbb8 EFLAGS: 00010246 [ 149.278627] RAX: 0000000000000000 RBX: ffff8880173000a8 RCX: 0000000000000000 [ 149.279239] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 149.279836] RBP: ffff888023d6fbd0 R08: ffffed1002e60033 R09: ffffed1002e60033 [ 149.280430] R10: ffff888017300193 R11: ffffed1002e60032 R12: ffff88801226ec00 [ 149.281031] R13: ffff8880173001e8 R14: ffffffff8352e670 R15: ffff888023d6fe68 [ 149.281623] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.282291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.282791] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 149.283413] PKRU: 55555554 [ 149.283658] Call Trace: [ 149.283881] [ 149.284076] __iommufd_access_detach+0x1c2/0x2b0 [ 149.284499] iommufd_access_change_pt+0x149/0x270 [ 149.284917] iommufd_access_replace+0xb4/0x120 [ 149.285311] iommufd_test+0x3e5/0x37e0 [ 149.285643] ? lock_release+0x532/0x770 [ 149.285991] ? __might_fault+0x102/0x1b0 [ 149.286342] ? lock_acquire+0x427/0x4c0 [ 149.286704] ? __pfx_iommufd_test+0x10/0x10 [ 149.287068] ? __pfx_lock_release+0x10/0x10 [ 149.287457] ? __pfx_lock_acquire+0x10/0x10 [ 149.287830] ? write_comp_data+0x2f/0x90 [ 149.288180] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.288606] ? write_comp_data+0x2f/0x90 [ 149.288962] iommufd_fops_ioctl+0x37d/0x510 [ 149.289333] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.289757] ? write_comp_data+0x2f/0x90 [ 149.290112] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.290550] __x64_sys_ioctl+0x1a3/0x230 [ 149.290918] do_syscall_64+0x3b/0x90 [ 149.291262] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.291712] RIP: 0033:0x7f4b8743ee5d [ 149.292028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.293553] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.294192] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.294810] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.295430] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.296042] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.296638] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.297241] [ 149.297439] irq event stamp: 0 [ 149.297705] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.298234] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.298954] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.299662] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.300191] ---[ end trace 0000000000000000 ]--- [ 149.302989] ------------[ cut here ]------------ [ 149.303424] WARNING: CPU: 1 PID: 1399 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.304275] Modules linked in: [ 149.304546] CPU: 1 PID: 1399 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.305274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.306209] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.306645] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.308197] RSP: 0018:ffff888023d6fbd0 EFLAGS: 00010246 [ 149.308649] RAX: 0000000000000000 RBX: ffff8880173000a8 RCX: 0000000000000000 [ 149.309250] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 149.309850] RBP: ffff888023d6fbe8 R08: ffffed1002e60033 R09: ffffed1002e60033 [ 149.310450] R10: ffff888017300193 R11: ffffed1002e60032 R12: ffff888013b14400 [ 149.311065] R13: ffff8880173001e8 R14: ffff8880218d4b00 R15: 0000000000000000 [ 149.311681] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.312365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.312851] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.313453] PKRU: 55555554 [ 149.313691] Call Trace: [ 149.313905] [ 149.314098] iommufd_access_destroy_object+0x65/0x170 [ 149.314564] iommufd_object_destroy_user+0x18e/0x220 [ 149.314999] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.315509] iommufd_access_destroy+0x43/0x70 [ 149.315900] iommufd_test_staccess_release+0x8d/0xd0 [ 149.316335] __fput+0x26d/0xa40 [ 149.316630] ____fput+0x1e/0x30 [ 149.316919] task_work_run+0x1a4/0x2d0 [ 149.317258] ? __pfx_task_work_run+0x10/0x10 [ 149.317638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.318052] ? switch_task_namespaces+0xa9/0xe0 [ 149.318454] do_exit+0xb17/0x2ef0 [ 149.318768] ? lock_acquire+0x427/0x4c0 [ 149.319122] ? __pfx_lock_release+0x10/0x10 [ 149.319497] ? __kasan_check_write+0x18/0x20 [ 149.319873] ? do_raw_spin_lock+0x132/0x2a0 [ 149.320239] ? __pfx_do_exit+0x10/0x10 [ 149.320583] ? debug_smp_processor_id+0x20/0x30 [ 149.320981] ? rcu_is_watching+0x19/0xb0 [ 149.321328] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.321720] ? trace_hardirqs_on+0x26/0x120 [ 149.322091] do_group_exit+0xe0/0x2b0 [ 149.322415] __x64_sys_exit_group+0x47/0x50 [ 149.322803] do_syscall_64+0x3b/0x90 [ 149.323140] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.323597] RIP: 0033:0x7f4b87518a4d [ 149.323912] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.324429] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.325068] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.325662] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.326262] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.326887] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.327514] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.328117] [ 149.328315] irq event stamp: 0 [ 149.328583] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.329112] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.329819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.330535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.331071] ---[ end trace 0000000000000000 ]--- [ 149.331828] ------------[ cut here ]------------ [ 149.332214] WARNING: CPU: 1 PID: 1399 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.333060] Modules linked in: [ 149.333331] CPU: 1 PID: 1399 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.334052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.335006] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.335453] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.336962] RSP: 0018:ffff888023d6fb78 EFLAGS: 00010246 [ 149.337401] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.337992] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 149.338602] RBP: ffff888023d6fb98 R08: ffffed1002e6003e R09: ffffed1002e6003e [ 149.339195] R10: ffff8880173001ef R11: ffffed1002e6003d R12: ffff888017300290 [ 149.339784] R13: ffff8880173000a8 R14: ffffffffffffffff R15: ffff888023d6fc60 [ 149.340371] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.341037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.341513] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.342097] PKRU: 55555554 [ 149.342326] Call Trace: [ 149.342554] [ 149.342745] iommufd_ioas_destroy+0x53/0x70 [ 149.343116] iommufd_fops_release+0x1f7/0x370 [ 149.343503] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.343920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.344329] ? write_comp_data+0x2f/0x90 [ 149.344673] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.345094] __fput+0x26d/0xa40 [ 149.345383] ____fput+0x1e/0x30 [ 149.345665] task_work_run+0x1a4/0x2d0 [ 149.345996] ? __pfx_task_work_run+0x10/0x10 [ 149.346366] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.346791] ? switch_task_namespaces+0xa9/0xe0 [ 149.347205] do_exit+0xb17/0x2ef0 [ 149.347497] ? lock_acquire+0x427/0x4c0 [ 149.347838] ? __pfx_lock_release+0x10/0x10 [ 149.348208] ? __kasan_check_write+0x18/0x20 [ 149.348583] ? do_raw_spin_lock+0x132/0x2a0 [ 149.348941] ? __pfx_do_exit+0x10/0x10 [ 149.349274] ? debug_smp_processor_id+0x20/0x30 [ 149.349665] ? rcu_is_watching+0x19/0xb0 [ 149.350006] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.350387] ? trace_hardirqs_on+0x26/0x120 [ 149.350773] do_group_exit+0xe0/0x2b0 [ 149.351091] __x64_sys_exit_group+0x47/0x50 [ 149.351461] do_syscall_64+0x3b/0x90 [ 149.351780] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.352221] RIP: 0033:0x7f4b87518a4d [ 149.352533] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.353046] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.353677] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.354265] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.354863] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.355462] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.356055] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.356654] [ 149.356851] irq event stamp: 0 [ 149.357112] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.357625] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.358315] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.359025] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.359565] ---[ end trace 0000000000000000 ]--- [ 149.364350] ------------[ cut here ]------------ [ 149.364803] WARNING: CPU: 1 PID: 1400 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.365635] Modules linked in: [ 149.365899] CPU: 1 PID: 1400 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.366829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.367767] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.368178] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.369669] RSP: 0018:ffff8880187a7bb8 EFLAGS: 00010246 [ 149.370102] RAX: 0000000000000000 RBX: ffff888018b5c8a8 RCX: 0000000000000000 [ 149.370705] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 149.371297] RBP: ffff8880187a7bd0 R08: ffffed100316b933 R09: ffffed100316b933 [ 149.371885] R10: ffff888018b5c993 R11: ffffed100316b932 R12: ffff888017b2b000 [ 149.372472] R13: ffff888018b5c9e8 R14: ffffffff8352e670 R15: ffff8880187a7e68 [ 149.373075] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.373738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.374219] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 149.374831] PKRU: 55555554 [ 149.375075] Call Trace: [ 149.375368] [ 149.375564] __iommufd_access_detach+0x1c2/0x2b0 [ 149.375973] iommufd_access_change_pt+0x149/0x270 [ 149.376384] iommufd_access_replace+0xb4/0x120 [ 149.376775] iommufd_test+0x3e5/0x37e0 [ 149.377101] ? lock_release+0x532/0x770 [ 149.377440] ? __might_fault+0x102/0x1b0 [ 149.377783] ? lock_acquire+0x427/0x4c0 [ 149.378125] ? __pfx_iommufd_test+0x10/0x10 [ 149.378483] ? __pfx_lock_release+0x10/0x10 [ 149.378881] ? __pfx_lock_acquire+0x10/0x10 [ 149.379268] ? write_comp_data+0x2f/0x90 [ 149.379622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.380036] ? write_comp_data+0x2f/0x90 [ 149.380390] iommufd_fops_ioctl+0x37d/0x510 [ 149.380757] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.381171] ? write_comp_data+0x2f/0x90 [ 149.381523] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.381930] __x64_sys_ioctl+0x1a3/0x230 [ 149.382280] do_syscall_64+0x3b/0x90 [ 149.382623] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.383068] RIP: 0033:0x7f4b8743ee5d [ 149.383390] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.384906] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.385534] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.386123] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.386739] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.387342] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.387934] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.388536] [ 149.388733] irq event stamp: 0 [ 149.388997] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.389520] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.390214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.390936] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.391475] ---[ end trace 0000000000000000 ]--- [ 149.394223] ------------[ cut here ]------------ [ 149.394674] WARNING: CPU: 1 PID: 1400 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.395529] Modules linked in: [ 149.395800] CPU: 1 PID: 1400 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.396523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.397453] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.397866] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.399399] RSP: 0018:ffff8880187a7bd0 EFLAGS: 00010246 [ 149.399842] RAX: 0000000000000000 RBX: ffff888018b5c8a8 RCX: 0000000000000000 [ 149.400438] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 149.401025] RBP: ffff8880187a7be8 R08: ffffed100316b933 R09: ffffed100316b933 [ 149.401613] R10: ffff888018b5c993 R11: ffffed100316b932 R12: ffff88801226cc00 [ 149.402198] R13: ffff888018b5c9e8 R14: ffff8880218ea700 R15: 0000000000000000 [ 149.402804] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.403480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.403961] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.404553] PKRU: 55555554 [ 149.404789] Call Trace: [ 149.405006] [ 149.405194] iommufd_access_destroy_object+0x65/0x170 [ 149.405633] iommufd_object_destroy_user+0x18e/0x220 [ 149.406066] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.406569] iommufd_access_destroy+0x43/0x70 [ 149.406959] iommufd_test_staccess_release+0x8d/0xd0 [ 149.407428] __fput+0x26d/0xa40 [ 149.407736] ____fput+0x1e/0x30 [ 149.408038] task_work_run+0x1a4/0x2d0 [ 149.408398] ? __pfx_task_work_run+0x10/0x10 [ 149.408795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.409236] ? switch_task_namespaces+0xa9/0xe0 [ 149.409660] do_exit+0xb17/0x2ef0 [ 149.409970] ? lock_acquire+0x427/0x4c0 [ 149.410339] ? __pfx_lock_release+0x10/0x10 [ 149.410752] ? __kasan_check_write+0x18/0x20 [ 149.411161] ? do_raw_spin_lock+0x132/0x2a0 [ 149.411550] ? __pfx_do_exit+0x10/0x10 [ 149.411912] ? debug_smp_processor_id+0x20/0x30 [ 149.412333] ? rcu_is_watching+0x19/0xb0 [ 149.412697] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.413102] ? trace_hardirqs_on+0x26/0x120 [ 149.413491] do_group_exit+0xe0/0x2b0 [ 149.413833] __x64_sys_exit_group+0x47/0x50 [ 149.414213] do_syscall_64+0x3b/0x90 [ 149.414574] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.415054] RIP: 0033:0x7f4b87518a4d [ 149.415397] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.415946] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.416614] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.417245] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.417872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.418529] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.419171] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.419811] [ 149.420020] irq event stamp: 0 [ 149.420302] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.420861] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.421602] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.422341] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.422918] ---[ end trace 0000000000000000 ]--- [ 149.423673] ------------[ cut here ]------------ [ 149.424097] WARNING: CPU: 1 PID: 1400 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.425013] Modules linked in: [ 149.425297] CPU: 1 PID: 1400 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.426071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.427092] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.427560] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.429187] RSP: 0018:ffff8880187a7b78 EFLAGS: 00010246 [ 149.429656] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.430278] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 149.430926] RBP: ffff8880187a7b98 R08: ffffed100316b93e R09: ffffed100316b93e [ 149.431551] R10: ffff888018b5c9ef R11: ffffed100316b93d R12: ffff888018b5ca90 [ 149.432141] R13: ffff888018b5c8a8 R14: ffffffffffffffff R15: ffff8880187a7c60 [ 149.432729] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.433395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.433878] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.434468] PKRU: 55555554 [ 149.434727] Call Trace: [ 149.434943] [ 149.435138] iommufd_ioas_destroy+0x53/0x70 [ 149.435504] iommufd_fops_release+0x1f7/0x370 [ 149.435888] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.436307] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.436718] ? write_comp_data+0x2f/0x90 [ 149.437067] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.437483] __fput+0x26d/0xa40 [ 149.437771] ____fput+0x1e/0x30 [ 149.438050] task_work_run+0x1a4/0x2d0 [ 149.438377] ? __pfx_task_work_run+0x10/0x10 [ 149.438761] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.439175] ? switch_task_namespaces+0xa9/0xe0 [ 149.439573] do_exit+0xb17/0x2ef0 [ 149.439862] ? lock_acquire+0x427/0x4c0 [ 149.440205] ? __pfx_lock_release+0x10/0x10 [ 149.440568] ? __kasan_check_write+0x18/0x20 [ 149.440940] ? do_raw_spin_lock+0x132/0x2a0 [ 149.441298] ? __pfx_do_exit+0x10/0x10 [ 149.441631] ? debug_smp_processor_id+0x20/0x30 [ 149.442021] ? rcu_is_watching+0x19/0xb0 [ 149.442360] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.442751] ? trace_hardirqs_on+0x26/0x120 [ 149.443124] do_group_exit+0xe0/0x2b0 [ 149.443446] __x64_sys_exit_group+0x47/0x50 [ 149.443797] do_syscall_64+0x3b/0x90 [ 149.444108] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.444539] RIP: 0033:0x7f4b87518a4d [ 149.444841] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.445340] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.445952] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.446543] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.447123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.447702] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.448279] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.448857] [ 149.449045] irq event stamp: 0 [ 149.449302] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.449820] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.450519] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.451221] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.451739] ---[ end trace 0000000000000000 ]--- [ 149.455377] ------------[ cut here ]------------ [ 149.455817] WARNING: CPU: 1 PID: 1401 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.456672] Modules linked in: [ 149.456943] CPU: 1 PID: 1401 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.457678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.458823] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.459261] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.460792] RSP: 0018:ffff888016c27bb8 EFLAGS: 00010246 [ 149.461233] RAX: 0000000000000000 RBX: ffff888016ec00a8 RCX: 0000000000000000 [ 149.461831] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 149.462426] RBP: ffff888016c27bd0 R08: ffffed1002dd8033 R09: ffffed1002dd8033 [ 149.463040] R10: ffff888016ec0193 R11: ffffed1002dd8032 R12: ffff88801380b000 [ 149.463646] R13: ffff888016ec01e8 R14: ffffffff8352e670 R15: ffff888016c27e68 [ 149.464245] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.464918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.465407] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ee0 [ 149.466009] PKRU: 55555554 [ 149.466247] Call Trace: [ 149.466465] [ 149.466672] __iommufd_access_detach+0x1c2/0x2b0 [ 149.467085] iommufd_access_change_pt+0x149/0x270 [ 149.467515] iommufd_access_replace+0xb4/0x120 [ 149.467912] iommufd_test+0x3e5/0x37e0 [ 149.468253] ? lock_release+0x532/0x770 [ 149.468709] ? __might_fault+0x102/0x1b0 [ 149.469160] ? lock_acquire+0x427/0x4c0 [ 149.469509] ? __pfx_iommufd_test+0x10/0x10 [ 149.469874] ? __pfx_lock_release+0x10/0x10 [ 149.470265] ? __pfx_lock_acquire+0x10/0x10 [ 149.470757] ? write_comp_data+0x2f/0x90 [ 149.471116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.471543] ? write_comp_data+0x2f/0x90 [ 149.471899] iommufd_fops_ioctl+0x37d/0x510 [ 149.472358] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.472828] ? write_comp_data+0x2f/0x90 [ 149.473179] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.473619] __x64_sys_ioctl+0x1a3/0x230 [ 149.473999] do_syscall_64+0x3b/0x90 [ 149.474389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.474857] RIP: 0033:0x7f4b8743ee5d [ 149.475190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.476862] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.477507] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.478149] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.478849] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.479462] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.480073] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.480865] [ 149.481067] irq event stamp: 0 [ 149.481337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.481891] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.482732] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.483455] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.484013] ---[ end trace 0000000000000000 ]--- [ 149.486830] ------------[ cut here ]------------ [ 149.487266] WARNING: CPU: 1 PID: 1401 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.488253] Modules linked in: [ 149.488525] CPU: 1 PID: 1401 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.489275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.490363] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.490813] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.492514] RSP: 0018:ffff888016c27bd0 EFLAGS: 00010246 [ 149.492963] RAX: 0000000000000000 RBX: ffff888016ec00a8 RCX: 0000000000000000 [ 149.493683] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 149.494293] RBP: ffff888016c27be8 R08: ffffed1002dd8033 R09: ffffed1002dd8033 [ 149.494931] R10: ffff888016ec0193 R11: ffffed1002dd8032 R12: ffff888017b29c00 [ 149.495593] R13: ffff888016ec01e8 R14: ffff888013a7e100 R15: 0000000000000000 [ 149.496252] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.496938] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.497500] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.498162] PKRU: 55555554 [ 149.498414] Call Trace: [ 149.498661] [ 149.498862] iommufd_access_destroy_object+0x65/0x170 [ 149.499330] iommufd_object_destroy_user+0x18e/0x220 [ 149.499958] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.500488] iommufd_access_destroy+0x43/0x70 [ 149.500899] iommufd_test_staccess_release+0x8d/0xd0 [ 149.501368] __fput+0x26d/0xa40 [ 149.501788] ____fput+0x1e/0x30 [ 149.502091] task_work_run+0x1a4/0x2d0 [ 149.502454] ? __pfx_task_work_run+0x10/0x10 [ 149.502880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.503346] ? switch_task_namespaces+0xa9/0xe0 [ 149.503852] do_exit+0xb17/0x2ef0 [ 149.504255] ? lock_acquire+0x427/0x4c0 [ 149.504627] ? __pfx_lock_release+0x10/0x10 [ 149.505022] ? __kasan_check_write+0x18/0x20 [ 149.505424] ? do_raw_spin_lock+0x132/0x2a0 [ 149.505880] ? __pfx_do_exit+0x10/0x10 [ 149.506330] ? debug_smp_processor_id+0x20/0x30 [ 149.506775] ? rcu_is_watching+0x19/0xb0 [ 149.507150] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.507564] ? trace_hardirqs_on+0x26/0x120 [ 149.508024] do_group_exit+0xe0/0x2b0 [ 149.508464] __x64_sys_exit_group+0x47/0x50 [ 149.508857] do_syscall_64+0x3b/0x90 [ 149.509202] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.509678] RIP: 0033:0x7f4b87518a4d [ 149.510090] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.510752] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.511443] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.512090] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.512821] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.513462] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.514167] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.514910] [ 149.515139] irq event stamp: 0 [ 149.515431] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.516001] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.516918] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.517663] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.518291] ---[ end trace 0000000000000000 ]--- [ 149.519192] ------------[ cut here ]------------ [ 149.519629] WARNING: CPU: 1 PID: 1401 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.520596] Modules linked in: [ 149.520974] CPU: 1 PID: 1401 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.521770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.522945] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.523442] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.525199] RSP: 0018:ffff888016c27b78 EFLAGS: 00010246 [ 149.525680] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.526316] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 149.527023] RBP: ffff888016c27b98 R08: ffffed1002dd803e R09: ffffed1002dd803e [ 149.527751] R10: ffff888016ec01ef R11: ffffed1002dd803d R12: ffff888016ec0290 [ 149.528405] R13: ffff888016ec00a8 R14: ffffffffffffffff R15: ffff888016c27c60 [ 149.529089] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.529933] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.530475] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.531198] PKRU: 55555554 [ 149.531529] Call Trace: [ 149.531767] [ 149.531975] iommufd_ioas_destroy+0x53/0x70 [ 149.532383] iommufd_fops_release+0x1f7/0x370 [ 149.532800] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.533269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.533854] ? write_comp_data+0x2f/0x90 [ 149.534244] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.534747] __fput+0x26d/0xa40 [ 149.535076] ____fput+0x1e/0x30 [ 149.535412] task_work_run+0x1a4/0x2d0 [ 149.535809] ? __pfx_task_work_run+0x10/0x10 [ 149.536342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.536800] ? switch_task_namespaces+0xa9/0xe0 [ 149.537246] do_exit+0xb17/0x2ef0 [ 149.537576] ? lock_acquire+0x427/0x4c0 [ 149.538021] ? __pfx_lock_release+0x10/0x10 [ 149.538574] ? __kasan_check_write+0x18/0x20 [ 149.539001] ? do_raw_spin_lock+0x132/0x2a0 [ 149.539425] ? __pfx_do_exit+0x10/0x10 [ 149.539806] ? debug_smp_processor_id+0x20/0x30 [ 149.540272] ? rcu_is_watching+0x19/0xb0 [ 149.540790] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.541222] ? trace_hardirqs_on+0x26/0x120 [ 149.541638] do_group_exit+0xe0/0x2b0 [ 149.541997] __x64_sys_exit_group+0x47/0x50 [ 149.542494] do_syscall_64+0x3b/0x90 [ 149.542984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.543499] RIP: 0033:0x7f4b87518a4d [ 149.543854] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.544440] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.545226] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.545984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.546667] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.547363] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.548158] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.548831] [ 149.549053] irq event stamp: 0 [ 149.549411] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.550131] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.550951] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.551735] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.552458] ---[ end trace 0000000000000000 ]--- [ 149.556755] ------------[ cut here ]------------ [ 149.557266] WARNING: CPU: 1 PID: 1402 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.558202] Modules linked in: [ 149.558630] CPU: 1 PID: 1402 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.559523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.560589] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.561101] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.562941] RSP: 0018:ffff88801822fbb8 EFLAGS: 00010246 [ 149.563501] RAX: 0000000000000000 RBX: ffff88800bc480a8 RCX: 0000000000000000 [ 149.564274] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 149.564956] RBP: ffff88801822fbd0 R08: ffffed1001789033 R09: ffffed1001789033 [ 149.565703] R10: ffff88800bc48193 R11: ffffed1001789032 R12: ffff888010c0a800 [ 149.566445] R13: ffff88800bc481e8 R14: ffffffff8352e670 R15: ffff88801822fe68 [ 149.567163] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.567962] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.568595] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 149.569259] PKRU: 55555554 [ 149.569531] Call Trace: [ 149.569774] [ 149.570034] __iommufd_access_detach+0x1c2/0x2b0 [ 149.570593] iommufd_access_change_pt+0x149/0x270 [ 149.571064] iommufd_access_replace+0xb4/0x120 [ 149.571520] iommufd_test+0x3e5/0x37e0 [ 149.571890] ? lock_release+0x532/0x770 [ 149.572274] ? __might_fault+0x102/0x1b0 [ 149.572798] ? lock_acquire+0x427/0x4c0 [ 149.573185] ? __pfx_iommufd_test+0x10/0x10 [ 149.573607] ? __pfx_lock_release+0x10/0x10 [ 149.574044] ? __pfx_lock_acquire+0x10/0x10 [ 149.574493] ? write_comp_data+0x2f/0x90 [ 149.575036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.575514] ? write_comp_data+0x2f/0x90 [ 149.575912] iommufd_fops_ioctl+0x37d/0x510 [ 149.576326] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.576811] ? write_comp_data+0x2f/0x90 [ 149.577310] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.577858] __x64_sys_ioctl+0x1a3/0x230 [ 149.578272] do_syscall_64+0x3b/0x90 [ 149.578685] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.579227] RIP: 0033:0x7f4b8743ee5d [ 149.579604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.581543] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.582435] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.583190] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.583897] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.584724] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.585447] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.586158] [ 149.586399] irq event stamp: 0 [ 149.586746] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.587452] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.588351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.589210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.590010] ---[ end trace 0000000000000000 ]--- [ 149.593500] ------------[ cut here ]------------ [ 149.594032] WARNING: CPU: 1 PID: 1402 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.595260] Modules linked in: [ 149.595592] CPU: 1 PID: 1402 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.596466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.597608] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.598232] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.600250] RSP: 0018:ffff88801822fbd0 EFLAGS: 00010246 [ 149.600807] RAX: 0000000000000000 RBX: ffff88800bc480a8 RCX: 0000000000000000 [ 149.601523] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 149.602240] RBP: ffff88801822fbe8 R08: ffffed1001789033 R09: ffffed1001789033 [ 149.603146] R10: ffff88800bc48193 R11: ffffed1001789032 R12: ffff888013809c00 [ 149.603921] R13: ffff88800bc481e8 R14: ffff8880122f5c00 R15: 0000000000000000 [ 149.604698] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.605743] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.606361] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.607164] PKRU: 55555554 [ 149.607481] Call Trace: [ 149.607762] [ 149.608102] iommufd_access_destroy_object+0x65/0x170 [ 149.608753] iommufd_object_destroy_user+0x18e/0x220 [ 149.609311] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.609951] iommufd_access_destroy+0x43/0x70 [ 149.610455] iommufd_test_staccess_release+0x8d/0xd0 [ 149.611050] __fput+0x26d/0xa40 [ 149.611437] ____fput+0x1e/0x30 [ 149.611810] task_work_run+0x1a4/0x2d0 [ 149.612235] ? __pfx_task_work_run+0x10/0x10 [ 149.612713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.613243] ? switch_task_namespaces+0xa9/0xe0 [ 149.613751] do_exit+0xb17/0x2ef0 [ 149.614117] ? lock_acquire+0x427/0x4c0 [ 149.614586] ? __pfx_lock_release+0x10/0x10 [ 149.615056] ? __kasan_check_write+0x18/0x20 [ 149.615547] ? do_raw_spin_lock+0x132/0x2a0 [ 149.616014] ? __pfx_do_exit+0x10/0x10 [ 149.616443] ? debug_smp_processor_id+0x20/0x30 [ 149.616952] ? rcu_is_watching+0x19/0xb0 [ 149.617390] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.617879] ? trace_hardirqs_on+0x26/0x120 [ 149.618355] do_group_exit+0xe0/0x2b0 [ 149.618807] __x64_sys_exit_group+0x47/0x50 [ 149.619286] do_syscall_64+0x3b/0x90 [ 149.619703] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.620269] RIP: 0033:0x7f4b87518a4d [ 149.620674] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.621329] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.622133] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.622912] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.623682] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.624436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.625185] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.625954] [ 149.626214] irq event stamp: 0 [ 149.626580] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.627424] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.628549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.629647] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.630480] ---[ end trace 0000000000000000 ]--- [ 149.631925] ------------[ cut here ]------------ [ 149.632532] WARNING: CPU: 1 PID: 1402 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.633885] Modules linked in: [ 149.634323] CPU: 1 PID: 1402 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.635557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.637039] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.637723] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.640154] RSP: 0018:ffff88801822fb78 EFLAGS: 00010246 [ 149.640861] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.641797] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 149.642750] RBP: ffff88801822fb98 R08: ffffed100178903e R09: ffffed100178903e [ 149.643674] R10: ffff88800bc481ef R11: ffffed100178903d R12: ffff88800bc48290 [ 149.644578] R13: ffff88800bc480a8 R14: ffffffffffffffff R15: ffff88801822fc60 [ 149.645477] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.646491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.647289] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.648194] PKRU: 55555554 [ 149.648557] Call Trace: [ 149.648887] [ 149.649187] iommufd_ioas_destroy+0x53/0x70 [ 149.649752] iommufd_fops_release+0x1f7/0x370 [ 149.650337] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.651015] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.651664] ? write_comp_data+0x2f/0x90 [ 149.652201] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.652840] __fput+0x26d/0xa40 [ 149.653288] ____fput+0x1e/0x30 [ 149.653729] task_work_run+0x1a4/0x2d0 [ 149.654242] ? __pfx_task_work_run+0x10/0x10 [ 149.654853] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.655510] ? switch_task_namespaces+0xa9/0xe0 [ 149.656131] do_exit+0xb17/0x2ef0 [ 149.656578] ? lock_acquire+0x427/0x4c0 [ 149.657102] ? __pfx_lock_release+0x10/0x10 [ 149.657665] ? __kasan_check_write+0x18/0x20 [ 149.658238] ? do_raw_spin_lock+0x132/0x2a0 [ 149.658844] ? __pfx_do_exit+0x10/0x10 [ 149.659390] ? debug_smp_processor_id+0x20/0x30 [ 149.659994] ? rcu_is_watching+0x19/0xb0 [ 149.660517] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.661109] ? trace_hardirqs_on+0x26/0x120 [ 149.661675] do_group_exit+0xe0/0x2b0 [ 149.662172] __x64_sys_exit_group+0x47/0x50 [ 149.662768] do_syscall_64+0x3b/0x90 [ 149.663280] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.663953] RIP: 0033:0x7f4b87518a4d [ 149.664431] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.665214] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.666169] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.667134] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.668044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.668941] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.669833] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.670778] [ 149.671085] irq event stamp: 0 [ 149.671502] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.672294] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.673334] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.674376] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.675236] ---[ end trace 0000000000000000 ]--- [ 149.682661] ------------[ cut here ]------------ [ 149.683324] WARNING: CPU: 1 PID: 1403 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.684600] Modules linked in: [ 149.685011] CPU: 1 PID: 1403 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.686108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.687583] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.688218] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.690496] RSP: 0018:ffff888011e3fbb8 EFLAGS: 00010246 [ 149.691225] RAX: 0000000000000000 RBX: ffff88800f6278a8 RCX: 0000000000000000 [ 149.692125] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 149.693020] RBP: ffff888011e3fbd0 R08: ffffed1001ec4f33 R09: ffffed1001ec4f33 [ 149.693917] R10: ffff88800f627993 R11: ffffed1001ec4f32 R12: ffff88800a726800 [ 149.694851] R13: ffff88800f6279e8 R14: ffffffff8352e670 R15: ffff888011e3fe68 [ 149.695772] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.696785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.697521] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 149.698422] PKRU: 55555554 [ 149.698820] Call Trace: [ 149.699163] [ 149.699461] __iommufd_access_detach+0x1c2/0x2b0 [ 149.700086] iommufd_access_change_pt+0x149/0x270 [ 149.700719] iommufd_access_replace+0xb4/0x120 [ 149.701319] iommufd_test+0x3e5/0x37e0 [ 149.701822] ? lock_release+0x532/0x770 [ 149.702346] ? __might_fault+0x102/0x1b0 [ 149.702911] ? lock_acquire+0x427/0x4c0 [ 149.703451] ? __pfx_iommufd_test+0x10/0x10 [ 149.704004] ? __pfx_lock_release+0x10/0x10 [ 149.704567] ? __pfx_lock_acquire+0x10/0x10 [ 149.705137] ? write_comp_data+0x2f/0x90 [ 149.705671] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.706302] ? write_comp_data+0x2f/0x90 [ 149.706868] iommufd_fops_ioctl+0x37d/0x510 [ 149.707442] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.708071] ? write_comp_data+0x2f/0x90 [ 149.708604] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.709222] __x64_sys_ioctl+0x1a3/0x230 [ 149.709756] do_syscall_64+0x3b/0x90 [ 149.710248] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.710947] RIP: 0033:0x7f4b8743ee5d [ 149.711438] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.713708] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.714698] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.715612] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.716506] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.717395] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.718287] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.719251] [ 149.719556] irq event stamp: 0 [ 149.719965] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.720758] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.721806] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.722890] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.723692] ---[ end trace 0000000000000000 ]--- [ 149.728556] ------------[ cut here ]------------ [ 149.729558] WARNING: CPU: 1 PID: 1403 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.730875] Modules linked in: [ 149.731302] CPU: 1 PID: 1403 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.732406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.734015] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.734727] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.737089] RSP: 0018:ffff888011e3fbd0 EFLAGS: 00010246 [ 149.737881] RAX: 0000000000000000 RBX: ffff88800f6278a8 RCX: 0000000000000000 [ 149.738828] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 149.739740] RBP: ffff888011e3fbe8 R08: ffffed1001ec4f33 R09: ffffed1001ec4f33 [ 149.740641] R10: ffff88800f627993 R11: ffffed1001ec4f32 R12: ffff888010c0b000 [ 149.741691] R13: ffff88800f6279e8 R14: ffff888018bbe500 R15: 0000000000000000 [ 149.742632] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.743685] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.744419] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.745500] PKRU: 55555554 [ 149.745861] Call Trace: [ 149.746192] [ 149.746488] iommufd_access_destroy_object+0x65/0x170 [ 149.747213] iommufd_object_destroy_user+0x18e/0x220 [ 149.747871] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.748618] iommufd_access_destroy+0x43/0x70 [ 149.749372] iommufd_test_staccess_release+0x8d/0xd0 [ 149.750033] __fput+0x26d/0xa40 [ 149.750487] ____fput+0x1e/0x30 [ 149.750984] task_work_run+0x1a4/0x2d0 [ 149.751519] ? __pfx_task_work_run+0x10/0x10 [ 149.752091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.752724] ? switch_task_namespaces+0xa9/0xe0 [ 149.753486] do_exit+0xb17/0x2ef0 [ 149.753937] ? lock_acquire+0x427/0x4c0 [ 149.754460] ? __pfx_lock_release+0x10/0x10 [ 149.755059] ? __kasan_check_write+0x18/0x20 [ 149.755644] ? do_raw_spin_lock+0x132/0x2a0 [ 149.756204] ? __pfx_do_exit+0x10/0x10 [ 149.756715] ? debug_smp_processor_id+0x20/0x30 [ 149.757475] ? rcu_is_watching+0x19/0xb0 [ 149.757998] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.758611] ? trace_hardirqs_on+0x26/0x120 [ 149.759281] do_group_exit+0xe0/0x2b0 [ 149.759676] __x64_sys_exit_group+0x47/0x50 [ 149.760081] do_syscall_64+0x3b/0x90 [ 149.760436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.760930] RIP: 0033:0x7f4b87518a4d [ 149.761404] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.762333] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.763104] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.763798] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.764455] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.765109] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.765763] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.766585] [ 149.766950] irq event stamp: 0 [ 149.767340] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.767922] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.768683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.769433] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.770005] ---[ end trace 0000000000000000 ]--- [ 149.770842] ------------[ cut here ]------------ [ 149.771292] WARNING: CPU: 1 PID: 1403 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.772483] Modules linked in: [ 149.772781] CPU: 1 PID: 1403 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.773574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.774845] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.775353] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.777213] RSP: 0018:ffff888011e3fb78 EFLAGS: 00010246 [ 149.777903] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.778584] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 149.779248] RBP: ffff888011e3fb98 R08: ffffed1001ec4f3e R09: ffffed1001ec4f3e [ 149.779897] R10: ffff88800f6279ef R11: ffffed1001ec4f3d R12: ffff88800f627a90 [ 149.780545] R13: ffff88800f6278a8 R14: ffffffffffffffff R15: ffff888011e3fc60 [ 149.781202] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 149.782144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.782668] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 149.783304] PKRU: 55555554 [ 149.783550] Call Trace: [ 149.783774] [ 149.783990] iommufd_ioas_destroy+0x53/0x70 [ 149.784381] iommufd_fops_release+0x1f7/0x370 [ 149.784787] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.785229] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.785742] ? write_comp_data+0x2f/0x90 [ 149.786210] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.786683] __fput+0x26d/0xa40 [ 149.786994] ____fput+0x1e/0x30 [ 149.787301] task_work_run+0x1a4/0x2d0 [ 149.787651] ? __pfx_task_work_run+0x10/0x10 [ 149.788044] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.788478] ? switch_task_namespaces+0xa9/0xe0 [ 149.788898] do_exit+0xb17/0x2ef0 [ 149.789211] ? lock_acquire+0x427/0x4c0 [ 149.789568] ? __pfx_lock_release+0x10/0x10 [ 149.789948] ? __kasan_check_write+0x18/0x20 [ 149.790497] ? do_raw_spin_lock+0x132/0x2a0 [ 149.790902] ? __pfx_do_exit+0x10/0x10 [ 149.791264] ? debug_smp_processor_id+0x20/0x30 [ 149.791676] ? rcu_is_watching+0x19/0xb0 [ 149.792031] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.792429] ? trace_hardirqs_on+0x26/0x120 [ 149.792814] do_group_exit+0xe0/0x2b0 [ 149.793152] __x64_sys_exit_group+0x47/0x50 [ 149.793531] do_syscall_64+0x3b/0x90 [ 149.793871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.794495] RIP: 0033:0x7f4b87518a4d [ 149.794853] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.795399] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.796062] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.796679] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.797298] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.797915] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.798767] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.799412] [ 149.799616] irq event stamp: 0 [ 149.799888] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.800433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.801161] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.801883] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.802620] ---[ end trace 0000000000000000 ]--- [ 149.807868] ------------[ cut here ]------------ [ 149.808321] WARNING: CPU: 0 PID: 1404 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.809405] Modules linked in: [ 149.809694] CPU: 0 PID: 1404 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.810666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.811666] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.812108] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.813695] RSP: 0018:ffff888020e3fbb8 EFLAGS: 00010246 [ 149.814160] RAX: 0000000000000000 RBX: ffff8880186960a8 RCX: 0000000000000000 [ 149.814801] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 149.815431] RBP: ffff888020e3fbd0 R08: ffffed10030d2c33 R09: ffffed10030d2c33 [ 149.816054] R10: ffff888018696193 R11: ffffed10030d2c32 R12: ffff888014582000 [ 149.816677] R13: ffff8880186961e8 R14: ffffffff8352e670 R15: ffff888020e3fe68 [ 149.817295] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.817989] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.818492] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 149.819147] PKRU: 55555554 [ 149.819393] Call Trace: [ 149.819616] [ 149.819812] __iommufd_access_detach+0x1c2/0x2b0 [ 149.820237] iommufd_access_change_pt+0x149/0x270 [ 149.820661] iommufd_access_replace+0xb4/0x120 [ 149.821140] iommufd_test+0x3e5/0x37e0 [ 149.821484] ? lock_release+0x532/0x770 [ 149.821835] ? __might_fault+0x102/0x1b0 [ 149.822205] ? lock_acquire+0x427/0x4c0 [ 149.822588] ? __pfx_iommufd_test+0x10/0x10 [ 149.822968] ? __pfx_lock_release+0x10/0x10 [ 149.823358] ? __pfx_lock_acquire+0x10/0x10 [ 149.823754] ? write_comp_data+0x2f/0x90 [ 149.824116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.824549] ? write_comp_data+0x2f/0x90 [ 149.824914] iommufd_fops_ioctl+0x37d/0x510 [ 149.825295] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.825723] ? write_comp_data+0x2f/0x90 [ 149.826083] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.826502] __x64_sys_ioctl+0x1a3/0x230 [ 149.826893] do_syscall_64+0x3b/0x90 [ 149.827243] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.827700] RIP: 0033:0x7f4b8743ee5d [ 149.828025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.829587] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.830247] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.830884] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.831512] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.832129] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.832740] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.833367] [ 149.833572] irq event stamp: 0 [ 149.833842] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.834382] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.835145] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.835862] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.836416] ---[ end trace 0000000000000000 ]--- [ 149.839953] ------------[ cut here ]------------ [ 149.840383] WARNING: CPU: 0 PID: 1404 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.841256] Modules linked in: [ 149.841618] CPU: 0 PID: 1404 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.842464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.843521] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.844070] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.845706] RSP: 0018:ffff888020e3fbd0 EFLAGS: 00010246 [ 149.846304] RAX: 0000000000000000 RBX: ffff8880186960a8 RCX: 0000000000000000 [ 149.846943] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 149.847569] RBP: ffff888020e3fbe8 R08: ffffed10030d2c33 R09: ffffed10030d2c33 [ 149.848377] R10: ffff888018696193 R11: ffffed10030d2c32 R12: ffff8880129b7800 [ 149.848991] R13: ffff8880186961e8 R14: ffff8880143ce600 R15: 0000000000000000 [ 149.849603] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.850485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.851012] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 149.851640] PKRU: 55555554 [ 149.851887] Call Trace: [ 149.852301] [ 149.852499] iommufd_access_destroy_object+0x65/0x170 [ 149.853022] iommufd_object_destroy_user+0x18e/0x220 [ 149.853473] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.854065] iommufd_access_destroy+0x43/0x70 [ 149.854603] iommufd_test_staccess_release+0x8d/0xd0 [ 149.855052] __fput+0x26d/0xa40 [ 149.855373] ____fput+0x1e/0x30 [ 149.855670] task_work_run+0x1a4/0x2d0 [ 149.856018] ? __pfx_task_work_run+0x10/0x10 [ 149.856602] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.857049] ? switch_task_namespaces+0xa9/0xe0 [ 149.857477] do_exit+0xb17/0x2ef0 [ 149.857783] ? lock_acquire+0x427/0x4c0 [ 149.858184] ? __pfx_lock_release+0x10/0x10 [ 149.858747] ? __kasan_check_write+0x18/0x20 [ 149.859159] ? do_raw_spin_lock+0x132/0x2a0 [ 149.859542] ? __pfx_do_exit+0x10/0x10 [ 149.859906] ? debug_smp_processor_id+0x20/0x30 [ 149.860322] ? rcu_is_watching+0x19/0xb0 [ 149.860739] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.861240] ? trace_hardirqs_on+0x26/0x120 [ 149.861620] do_group_exit+0xe0/0x2b0 [ 149.861954] __x64_sys_exit_group+0x47/0x50 [ 149.862327] do_syscall_64+0x3b/0x90 [ 149.862871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.863339] RIP: 0033:0x7f4b87518a4d [ 149.863665] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.864199] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.864908] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.865651] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.866265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.867081] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.867714] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.868335] [ 149.868541] irq event stamp: 0 [ 149.868820] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.869559] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.870283] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.871023] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.871577] ---[ end trace 0000000000000000 ]--- [ 149.872328] ------------[ cut here ]------------ [ 149.872738] WARNING: CPU: 0 PID: 1404 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.873610] Modules linked in: [ 149.873884] CPU: 0 PID: 1404 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.874672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.875645] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.876094] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.877656] RSP: 0018:ffff888020e3fb78 EFLAGS: 00010246 [ 149.878116] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.878749] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 149.879372] RBP: ffff888020e3fb98 R08: ffffed10030d2c3e R09: ffffed10030d2c3e [ 149.879994] R10: ffff8880186961ef R11: ffffed10030d2c3d R12: ffff888018696290 [ 149.880600] R13: ffff8880186960a8 R14: ffffffffffffffff R15: ffff888020e3fc60 [ 149.881209] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.881894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.882390] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 149.883026] PKRU: 55555554 [ 149.883290] Call Trace: [ 149.883511] [ 149.883709] iommufd_ioas_destroy+0x53/0x70 [ 149.884090] iommufd_fops_release+0x1f7/0x370 [ 149.884485] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.884916] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.885406] ? write_comp_data+0x2f/0x90 [ 149.885767] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.886199] __fput+0x26d/0xa40 [ 149.886498] ____fput+0x1e/0x30 [ 149.886826] task_work_run+0x1a4/0x2d0 [ 149.887185] ? __pfx_task_work_run+0x10/0x10 [ 149.887576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.888000] ? switch_task_namespaces+0xa9/0xe0 [ 149.888411] do_exit+0xb17/0x2ef0 [ 149.888712] ? lock_acquire+0x427/0x4c0 [ 149.889066] ? __pfx_lock_release+0x10/0x10 [ 149.889447] ? __kasan_check_write+0x18/0x20 [ 149.889834] ? do_raw_spin_lock+0x132/0x2a0 [ 149.890210] ? __pfx_do_exit+0x10/0x10 [ 149.890578] ? debug_smp_processor_id+0x20/0x30 [ 149.890985] ? rcu_is_watching+0x19/0xb0 [ 149.891341] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.891743] ? trace_hardirqs_on+0x26/0x120 [ 149.892120] do_group_exit+0xe0/0x2b0 [ 149.892453] __x64_sys_exit_group+0x47/0x50 [ 149.892820] do_syscall_64+0x3b/0x90 [ 149.893149] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.893600] RIP: 0033:0x7f4b87518a4d [ 149.893920] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.894442] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.895127] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.895749] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.896377] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.896993] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.897609] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.898219] [ 149.898419] irq event stamp: 0 [ 149.898712] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.899285] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.900006] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.900718] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.901253] ---[ end trace 0000000000000000 ]--- [ 149.906118] ------------[ cut here ]------------ [ 149.906593] WARNING: CPU: 0 PID: 1405 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.907471] Modules linked in: [ 149.907745] CPU: 0 PID: 1405 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.908481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.909433] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.909857] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.911643] RSP: 0018:ffff888023cafbb8 EFLAGS: 00010246 [ 149.912103] RAX: 0000000000000000 RBX: ffff8880162638a8 RCX: 0000000000000000 [ 149.912709] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 149.913310] RBP: ffff888023cafbd0 R08: ffffed1002c4c733 R09: ffffed1002c4c733 [ 149.913917] R10: ffff888016263993 R11: ffffed1002c4c732 R12: ffff888021903c00 [ 149.914640] R13: ffff8880162639e8 R14: ffffffff8352e670 R15: ffff888023cafe68 [ 149.915253] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.915934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.916422] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 149.917052] PKRU: 55555554 [ 149.917287] Call Trace: [ 149.917506] [ 149.917698] __iommufd_access_detach+0x1c2/0x2b0 [ 149.918108] iommufd_access_change_pt+0x149/0x270 [ 149.918530] iommufd_access_replace+0xb4/0x120 [ 149.918909] iommufd_test+0x3e5/0x37e0 [ 149.919231] ? lock_release+0x532/0x770 [ 149.919563] ? __might_fault+0x102/0x1b0 [ 149.919898] ? lock_acquire+0x427/0x4c0 [ 149.920226] ? __pfx_iommufd_test+0x10/0x10 [ 149.920572] ? __pfx_lock_release+0x10/0x10 [ 149.920924] ? __pfx_lock_acquire+0x10/0x10 [ 149.921279] ? write_comp_data+0x2f/0x90 [ 149.921616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.922013] ? write_comp_data+0x2f/0x90 [ 149.922352] iommufd_fops_ioctl+0x37d/0x510 [ 149.922724] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.923129] ? write_comp_data+0x2f/0x90 [ 149.923470] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 149.923866] __x64_sys_ioctl+0x1a3/0x230 [ 149.924204] do_syscall_64+0x3b/0x90 [ 149.924519] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.924947] RIP: 0033:0x7f4b8743ee5d [ 149.925249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 149.926716] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 149.927350] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 149.927922] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 149.928492] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 149.929065] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 149.929637] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 149.930220] [ 149.930409] irq event stamp: 0 [ 149.930712] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.931230] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.931906] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.932573] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.933079] ---[ end trace 0000000000000000 ]--- [ 149.935859] ------------[ cut here ]------------ [ 149.936275] WARNING: CPU: 0 PID: 1405 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.937088] Modules linked in: [ 149.937346] CPU: 0 PID: 1405 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.938045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.938964] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.939374] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 149.940832] RSP: 0018:ffff888023cafbd0 EFLAGS: 00010246 [ 149.941261] RAX: 0000000000000000 RBX: ffff8880162638a8 RCX: 0000000000000000 [ 149.941830] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 149.942397] RBP: ffff888023cafbe8 R08: ffffed1002c4c733 R09: ffffed1002c4c733 [ 149.942992] R10: ffff888016263993 R11: ffffed1002c4c732 R12: ffff888014583800 [ 149.943580] R13: ffff8880162639e8 R14: ffff8880218ea300 R15: 0000000000000000 [ 149.944150] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.944793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.945261] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 149.945832] PKRU: 55555554 [ 149.946061] Call Trace: [ 149.946268] [ 149.946450] iommufd_access_destroy_object+0x65/0x170 [ 149.946888] iommufd_object_destroy_user+0x18e/0x220 [ 149.947313] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 149.947788] iommufd_access_destroy+0x43/0x70 [ 149.948160] iommufd_test_staccess_release+0x8d/0xd0 [ 149.948576] __fput+0x26d/0xa40 [ 149.948856] ____fput+0x1e/0x30 [ 149.949192] task_work_run+0x1a4/0x2d0 [ 149.949520] ? __pfx_task_work_run+0x10/0x10 [ 149.949881] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.950281] ? switch_task_namespaces+0xa9/0xe0 [ 149.950689] do_exit+0xb17/0x2ef0 [ 149.950975] ? lock_acquire+0x427/0x4c0 [ 149.951314] ? __pfx_lock_release+0x10/0x10 [ 149.951715] ? __kasan_check_write+0x18/0x20 [ 149.952076] ? do_raw_spin_lock+0x132/0x2a0 [ 149.952426] ? __pfx_do_exit+0x10/0x10 [ 149.952753] ? debug_smp_processor_id+0x20/0x30 [ 149.953131] ? rcu_is_watching+0x19/0xb0 [ 149.953461] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.953835] ? trace_hardirqs_on+0x26/0x120 [ 149.954189] do_group_exit+0xe0/0x2b0 [ 149.954501] __x64_sys_exit_group+0x47/0x50 [ 149.954871] do_syscall_64+0x3b/0x90 [ 149.955192] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.955620] RIP: 0033:0x7f4b87518a4d [ 149.955922] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.956418] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.957023] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.957592] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.958160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.958751] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.959331] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.959912] [ 149.960099] irq event stamp: 0 [ 149.960353] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.960858] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.961524] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.962193] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.962712] ---[ end trace 0000000000000000 ]--- [ 149.963443] ------------[ cut here ]------------ [ 149.963827] WARNING: CPU: 0 PID: 1405 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 149.964649] Modules linked in: [ 149.964908] CPU: 0 PID: 1405 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.965605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.966531] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 149.966948] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 149.968419] RSP: 0018:ffff888023cafb78 EFLAGS: 00010246 [ 149.968847] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 149.969418] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 149.969993] RBP: ffff888023cafb98 R08: ffffed1002c4c73e R09: ffffed1002c4c73e [ 149.970585] R10: ffff8880162639ef R11: ffffed1002c4c73d R12: ffff888016263a90 [ 149.971164] R13: ffff8880162638a8 R14: ffffffffffffffff R15: ffff888023cafc60 [ 149.971731] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 149.972379] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.972846] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 149.973419] PKRU: 55555554 [ 149.973649] Call Trace: [ 149.973858] [ 149.974042] iommufd_ioas_destroy+0x53/0x70 [ 149.974395] iommufd_fops_release+0x1f7/0x370 [ 149.974787] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.975198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.975570] ? write_comp_data+0x2f/0x90 [ 149.975908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 149.976312] __fput+0x26d/0xa40 [ 149.976592] ____fput+0x1e/0x30 [ 149.976867] task_work_run+0x1a4/0x2d0 [ 149.977189] ? __pfx_task_work_run+0x10/0x10 [ 149.977549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 149.977947] ? switch_task_namespaces+0xa9/0xe0 [ 149.978332] do_exit+0xb17/0x2ef0 [ 149.978645] ? lock_acquire+0x427/0x4c0 [ 149.978979] ? __pfx_lock_release+0x10/0x10 [ 149.979346] ? __kasan_check_write+0x18/0x20 [ 149.979708] ? do_raw_spin_lock+0x132/0x2a0 [ 149.980054] ? __pfx_do_exit+0x10/0x10 [ 149.980376] ? debug_smp_processor_id+0x20/0x30 [ 149.980757] ? rcu_is_watching+0x19/0xb0 [ 149.981136] ? _raw_spin_unlock_irq+0x2b/0x60 [ 149.981509] ? trace_hardirqs_on+0x26/0x120 [ 149.981864] do_group_exit+0xe0/0x2b0 [ 149.982175] __x64_sys_exit_group+0x47/0x50 [ 149.982543] do_syscall_64+0x3b/0x90 [ 149.982854] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 149.983298] RIP: 0033:0x7f4b87518a4d [ 149.983601] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 149.984094] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 149.984704] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 149.985272] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 149.985841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 149.986408] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 149.987000] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 149.987596] [ 149.987795] irq event stamp: 0 [ 149.988055] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 149.988667] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 149.989479] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 149.990160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 149.990878] ---[ end trace 0000000000000000 ]--- [ 149.995356] ------------[ cut here ]------------ [ 149.995757] WARNING: CPU: 0 PID: 1406 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 149.996737] Modules linked in: [ 149.997003] CPU: 0 PID: 1406 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 149.997705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 149.998803] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 149.999225] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.000690] RSP: 0018:ffff888011ed7bb8 EFLAGS: 00010246 [ 150.001123] RAX: 0000000000000000 RBX: ffff888015c4a8a8 RCX: 0000000000000000 [ 150.001693] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 150.002263] RBP: ffff888011ed7bd0 R08: ffffed1002b89533 R09: ffffed1002b89533 [ 150.002861] R10: ffff888015c4a993 R11: ffffed1002b89532 R12: ffff888014738c00 [ 150.003439] R13: ffff888015c4a9e8 R14: ffffffff8352e670 R15: ffff888011ed7e68 [ 150.004010] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.004653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.005118] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 150.005689] PKRU: 55555554 [ 150.005916] Call Trace: [ 150.006121] [ 150.006303] __iommufd_access_detach+0x1c2/0x2b0 [ 150.006719] iommufd_access_change_pt+0x149/0x270 [ 150.007126] iommufd_access_replace+0xb4/0x120 [ 150.007517] iommufd_test+0x3e5/0x37e0 [ 150.007836] ? lock_release+0x532/0x770 [ 150.008167] ? __might_fault+0x102/0x1b0 [ 150.008506] ? lock_acquire+0x427/0x4c0 [ 150.008841] ? __pfx_iommufd_test+0x10/0x10 [ 150.009203] ? __pfx_lock_release+0x10/0x10 [ 150.009559] ? __pfx_lock_acquire+0x10/0x10 [ 150.009916] ? write_comp_data+0x2f/0x90 [ 150.010259] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.010685] ? write_comp_data+0x2f/0x90 [ 150.011027] iommufd_fops_ioctl+0x37d/0x510 [ 150.011394] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.011791] ? write_comp_data+0x2f/0x90 [ 150.012127] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.012518] __x64_sys_ioctl+0x1a3/0x230 [ 150.012856] do_syscall_64+0x3b/0x90 [ 150.013225] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.013658] RIP: 0033:0x7f4b8743ee5d [ 150.013959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.015446] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.016061] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.016631] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.017198] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.017770] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.018342] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.018952] [ 150.019149] irq event stamp: 0 [ 150.019405] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.019913] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.020588] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.021256] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.021760] ---[ end trace 0000000000000000 ]--- [ 150.024710] ------------[ cut here ]------------ [ 150.025323] WARNING: CPU: 0 PID: 1406 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.026139] Modules linked in: [ 150.026404] CPU: 0 PID: 1406 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.027372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.028444] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.028851] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.030484] RSP: 0018:ffff888011ed7bd0 EFLAGS: 00010246 [ 150.030938] RAX: 0000000000000000 RBX: ffff888015c4a8a8 RCX: 0000000000000000 [ 150.031680] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 150.032257] RBP: ffff888011ed7be8 R08: ffffed1002b89533 R09: ffffed1002b89533 [ 150.032828] R10: ffff888015c4a993 R11: ffffed1002b89532 R12: ffff888021901400 [ 150.033564] R13: ffff888015c4a9e8 R14: ffff8880103c9900 R15: 0000000000000000 [ 150.034135] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.034797] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.035321] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 150.035994] PKRU: 55555554 [ 150.036224] Call Trace: [ 150.036432] [ 150.036621] iommufd_access_destroy_object+0x65/0x170 [ 150.037077] iommufd_object_destroy_user+0x18e/0x220 [ 150.037580] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.038052] iommufd_access_destroy+0x43/0x70 [ 150.038427] iommufd_test_staccess_release+0x8d/0xd0 [ 150.038940] __fput+0x26d/0xa40 [ 150.039320] ____fput+0x1e/0x30 [ 150.039600] task_work_run+0x1a4/0x2d0 [ 150.039924] ? __pfx_task_work_run+0x10/0x10 [ 150.040287] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.040691] ? switch_task_namespaces+0xa9/0xe0 [ 150.041244] do_exit+0xb17/0x2ef0 [ 150.041530] ? lock_acquire+0x427/0x4c0 [ 150.041861] ? __pfx_lock_release+0x10/0x10 [ 150.042221] ? __kasan_check_write+0x18/0x20 [ 150.042604] ? do_raw_spin_lock+0x132/0x2a0 [ 150.043109] ? __pfx_do_exit+0x10/0x10 [ 150.043441] ? debug_smp_processor_id+0x20/0x30 [ 150.043826] ? rcu_is_watching+0x19/0xb0 [ 150.044161] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.044540] ? trace_hardirqs_on+0x26/0x120 [ 150.045009] do_group_exit+0xe0/0x2b0 [ 150.045420] __x64_sys_exit_group+0x47/0x50 [ 150.045775] do_syscall_64+0x3b/0x90 [ 150.046088] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.046546] RIP: 0033:0x7f4b87518a4d [ 150.046985] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.047492] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.048108] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.048682] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.049421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.049992] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.050645] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.051322] [ 150.051515] irq event stamp: 0 [ 150.051774] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.052282] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.053123] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.053799] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.054342] ---[ end trace 0000000000000000 ]--- [ 150.055579] ------------[ cut here ]------------ [ 150.055990] WARNING: CPU: 0 PID: 1406 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.057048] Modules linked in: [ 150.057325] CPU: 0 PID: 1406 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.058092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.059216] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.059666] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.061220] RSP: 0018:ffff888011ed7b78 EFLAGS: 00010246 [ 150.061675] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.062280] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 150.062911] RBP: ffff888011ed7b98 R08: ffffed1002b8953e R09: ffffed1002b8953e [ 150.063535] R10: ffff888015c4a9ef R11: ffffed1002b8953d R12: ffff888015c4aa90 [ 150.064140] R13: ffff888015c4a8a8 R14: ffffffffffffffff R15: ffff888011ed7c60 [ 150.064749] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.065438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.065931] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 150.066558] PKRU: 55555554 [ 150.066805] Call Trace: [ 150.067027] [ 150.067230] iommufd_ioas_destroy+0x53/0x70 [ 150.067605] iommufd_fops_release+0x1f7/0x370 [ 150.067995] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.068424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.068847] ? write_comp_data+0x2f/0x90 [ 150.069202] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.069629] __fput+0x26d/0xa40 [ 150.069924] ____fput+0x1e/0x30 [ 150.070218] task_work_run+0x1a4/0x2d0 [ 150.070586] ? __pfx_task_work_run+0x10/0x10 [ 150.070973] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.071406] ? switch_task_namespaces+0xa9/0xe0 [ 150.071815] do_exit+0xb17/0x2ef0 [ 150.072110] ? lock_acquire+0x427/0x4c0 [ 150.072458] ? __pfx_lock_release+0x10/0x10 [ 150.072836] ? __kasan_check_write+0x18/0x20 [ 150.073215] ? do_raw_spin_lock+0x132/0x2a0 [ 150.073582] ? __pfx_do_exit+0x10/0x10 [ 150.073924] ? debug_smp_processor_id+0x20/0x30 [ 150.074327] ? rcu_is_watching+0x19/0xb0 [ 150.074698] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.075092] ? trace_hardirqs_on+0x26/0x120 [ 150.075477] do_group_exit+0xe0/0x2b0 [ 150.075806] __x64_sys_exit_group+0x47/0x50 [ 150.076171] do_syscall_64+0x3b/0x90 [ 150.076501] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.077027] RIP: 0033:0x7f4b87518a4d [ 150.077345] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.077867] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.078535] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.079150] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.079754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.080357] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.080963] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.081577] [ 150.081779] irq event stamp: 0 [ 150.082047] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.082602] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.083326] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.084033] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.084577] ---[ end trace 0000000000000000 ]--- [ 150.089742] ------------[ cut here ]------------ [ 150.090267] WARNING: CPU: 1 PID: 1407 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.091290] Modules linked in: [ 150.091572] CPU: 1 PID: 1407 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.092370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.093426] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.093864] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.095614] RSP: 0018:ffff888011c9fbb8 EFLAGS: 00010246 [ 150.096079] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 150.096723] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 150.097448] RBP: ffff888011c9fbd0 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 150.098062] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff888012e94800 [ 150.098734] R13: ffff8880158789e8 R14: ffffffff8352e670 R15: ffff888011c9fe68 [ 150.099450] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.100145] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.100650] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ee0 [ 150.101403] PKRU: 55555554 [ 150.101651] Call Trace: [ 150.101873] [ 150.102072] __iommufd_access_detach+0x1c2/0x2b0 [ 150.102532] iommufd_access_change_pt+0x149/0x270 [ 150.102967] iommufd_access_replace+0xb4/0x120 [ 150.103541] iommufd_test+0x3e5/0x37e0 [ 150.103891] ? lock_release+0x532/0x770 [ 150.104255] ? __might_fault+0x102/0x1b0 [ 150.104623] ? lock_acquire+0x427/0x4c0 [ 150.104983] ? __pfx_iommufd_test+0x10/0x10 [ 150.105500] ? __pfx_lock_release+0x10/0x10 [ 150.105891] ? __pfx_lock_acquire+0x10/0x10 [ 150.106284] ? write_comp_data+0x2f/0x90 [ 150.106682] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.107119] ? write_comp_data+0x2f/0x90 [ 150.107536] iommufd_fops_ioctl+0x37d/0x510 [ 150.107995] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.108427] ? write_comp_data+0x2f/0x90 [ 150.108790] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.109214] __x64_sys_ioctl+0x1a3/0x230 [ 150.109667] do_syscall_64+0x3b/0x90 [ 150.110027] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.110497] RIP: 0033:0x7f4b8743ee5d [ 150.110852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.112611] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.113277] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.114039] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.114710] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.115515] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.116146] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.116869] [ 150.117137] irq event stamp: 0 [ 150.117415] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.117976] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.118804] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.119627] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.120180] ---[ end trace 0000000000000000 ]--- [ 150.123458] ------------[ cut here ]------------ [ 150.123912] WARNING: CPU: 1 PID: 1407 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.124799] Modules linked in: [ 150.125133] CPU: 1 PID: 1407 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.125959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.126963] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.127546] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.129119] RSP: 0018:ffff888011c9fbd0 EFLAGS: 00010246 [ 150.129736] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 150.130353] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 150.130990] RBP: ffff888011c9fbe8 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 150.131701] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff88800a725c00 [ 150.132394] R13: ffff8880158789e8 R14: ffff888015bbb200 R15: 0000000000000000 [ 150.133010] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.133862] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.134373] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.135033] PKRU: 55555554 [ 150.135300] Call Trace: [ 150.135526] [ 150.135725] iommufd_access_destroy_object+0x65/0x170 [ 150.136181] iommufd_object_destroy_user+0x18e/0x220 [ 150.136630] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.137141] iommufd_access_destroy+0x43/0x70 [ 150.137542] iommufd_test_staccess_release+0x8d/0xd0 [ 150.137989] __fput+0x26d/0xa40 [ 150.138292] ____fput+0x1e/0x30 [ 150.138606] task_work_run+0x1a4/0x2d0 [ 150.138952] ? __pfx_task_work_run+0x10/0x10 [ 150.139351] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.139781] ? switch_task_namespaces+0xa9/0xe0 [ 150.140198] do_exit+0xb17/0x2ef0 [ 150.140506] ? lock_acquire+0x427/0x4c0 [ 150.140860] ? __pfx_lock_release+0x10/0x10 [ 150.141251] ? __kasan_check_write+0x18/0x20 [ 150.141640] ? do_raw_spin_lock+0x132/0x2a0 [ 150.142024] ? __pfx_do_exit+0x10/0x10 [ 150.142383] ? debug_smp_processor_id+0x20/0x30 [ 150.142815] ? rcu_is_watching+0x19/0xb0 [ 150.143191] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.143592] ? trace_hardirqs_on+0x26/0x120 [ 150.143976] do_group_exit+0xe0/0x2b0 [ 150.144308] __x64_sys_exit_group+0x47/0x50 [ 150.144684] do_syscall_64+0x3b/0x90 [ 150.145021] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.145481] RIP: 0033:0x7f4b87518a4d [ 150.145809] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.146341] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.147026] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.147660] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.148281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.148896] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.149515] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.150143] [ 150.150351] irq event stamp: 0 [ 150.150648] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.151207] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.151929] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.152650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.153199] ---[ end trace 0000000000000000 ]--- [ 150.153959] ------------[ cut here ]------------ [ 150.154375] WARNING: CPU: 1 PID: 1407 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.155297] Modules linked in: [ 150.155582] CPU: 1 PID: 1407 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.156335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.157309] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.157759] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.159384] RSP: 0018:ffff888011c9fb78 EFLAGS: 00010246 [ 150.159853] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.160468] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 150.161080] RBP: ffff888011c9fb98 R08: ffffed1002b0f13e R09: ffffed1002b0f13e [ 150.161697] R10: ffff8880158789ef R11: ffffed1002b0f13d R12: ffff888015878a90 [ 150.162310] R13: ffff8880158788a8 R14: ffffffffffffffff R15: ffff888011c9fc60 [ 150.162946] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.163650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.164155] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.164774] PKRU: 55555554 [ 150.165018] Call Trace: [ 150.165242] [ 150.165443] iommufd_ioas_destroy+0x53/0x70 [ 150.165828] iommufd_fops_release+0x1f7/0x370 [ 150.166232] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.166688] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.167138] ? write_comp_data+0x2f/0x90 [ 150.167506] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.167943] __fput+0x26d/0xa40 [ 150.168250] ____fput+0x1e/0x30 [ 150.168546] task_work_run+0x1a4/0x2d0 [ 150.168892] ? __pfx_task_work_run+0x10/0x10 [ 150.169281] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.169711] ? switch_task_namespaces+0xa9/0xe0 [ 150.170123] do_exit+0xb17/0x2ef0 [ 150.170431] ? lock_acquire+0x427/0x4c0 [ 150.170808] ? __pfx_lock_release+0x10/0x10 [ 150.171203] ? __kasan_check_write+0x18/0x20 [ 150.171592] ? do_raw_spin_lock+0x132/0x2a0 [ 150.171971] ? __pfx_do_exit+0x10/0x10 [ 150.172324] ? debug_smp_processor_id+0x20/0x30 [ 150.172736] ? rcu_is_watching+0x19/0xb0 [ 150.173096] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.173503] ? trace_hardirqs_on+0x26/0x120 [ 150.173889] do_group_exit+0xe0/0x2b0 [ 150.174229] __x64_sys_exit_group+0x47/0x50 [ 150.174629] do_syscall_64+0x3b/0x90 [ 150.174972] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.175452] RIP: 0033:0x7f4b87518a4d [ 150.175777] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.176307] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.176973] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.177600] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.178215] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.178849] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.179453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.180043] [ 150.180235] irq event stamp: 0 [ 150.180493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.181006] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.181681] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.182369] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.182904] ---[ end trace 0000000000000000 ]--- [ 150.187202] ------------[ cut here ]------------ [ 150.187622] WARNING: CPU: 1 PID: 1408 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.188445] Modules linked in: [ 150.188706] CPU: 1 PID: 1408 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.189418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.190351] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.190797] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.192290] RSP: 0018:ffff888015937bb8 EFLAGS: 00010246 [ 150.192723] RAX: 0000000000000000 RBX: ffff88800b9fe8a8 RCX: 0000000000000000 [ 150.193315] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 150.193894] RBP: ffff888015937bd0 R08: ffffed100173fd33 R09: ffffed100173fd33 [ 150.194472] R10: ffff88800b9fe993 R11: ffffed100173fd32 R12: ffff888010c0bc00 [ 150.195066] R13: ffff88800b9fe9e8 R14: ffffffff8352e670 R15: ffff888015937e68 [ 150.195648] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.196303] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.196777] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 150.197363] PKRU: 55555554 [ 150.197597] Call Trace: [ 150.197807] [ 150.197992] __iommufd_access_detach+0x1c2/0x2b0 [ 150.198393] iommufd_access_change_pt+0x149/0x270 [ 150.198809] iommufd_access_replace+0xb4/0x120 [ 150.199203] iommufd_test+0x3e5/0x37e0 [ 150.199524] ? lock_release+0x532/0x770 [ 150.199863] ? __might_fault+0x102/0x1b0 [ 150.200203] ? lock_acquire+0x427/0x4c0 [ 150.200540] ? __pfx_iommufd_test+0x10/0x10 [ 150.200895] ? __pfx_lock_release+0x10/0x10 [ 150.201262] ? __pfx_lock_acquire+0x10/0x10 [ 150.201625] ? write_comp_data+0x2f/0x90 [ 150.201969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.202376] ? write_comp_data+0x2f/0x90 [ 150.202734] iommufd_fops_ioctl+0x37d/0x510 [ 150.203094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.203510] ? write_comp_data+0x2f/0x90 [ 150.203858] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.204262] __x64_sys_ioctl+0x1a3/0x230 [ 150.204608] do_syscall_64+0x3b/0x90 [ 150.204925] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.205358] RIP: 0033:0x7f4b8743ee5d [ 150.205665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.207180] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.207811] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.208392] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.208974] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.209551] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.210131] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.210752] [ 150.210947] irq event stamp: 0 [ 150.211222] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.211740] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.212423] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.213101] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.213620] ---[ end trace 0000000000000000 ]--- [ 150.217505] ------------[ cut here ]------------ [ 150.218093] WARNING: CPU: 1 PID: 1408 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.219630] Modules linked in: [ 150.219906] CPU: 1 PID: 1408 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.220618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.221530] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.221938] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.223454] RSP: 0018:ffff888015937bd0 EFLAGS: 00010246 [ 150.223889] RAX: 0000000000000000 RBX: ffff88800b9fe8a8 RCX: 0000000000000000 [ 150.224458] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 150.225016] RBP: ffff888015937be8 R08: ffffed100173fd33 R09: ffffed100173fd33 [ 150.225575] R10: ffff88800b9fe993 R11: ffffed100173fd32 R12: ffff888012e97800 [ 150.226133] R13: ffff88800b9fe9e8 R14: ffff8880122f5b00 R15: 0000000000000000 [ 150.226716] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.227357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.227822] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.228385] PKRU: 55555554 [ 150.228612] Call Trace: [ 150.228815] [ 150.228998] iommufd_access_destroy_object+0x65/0x170 [ 150.229419] iommufd_object_destroy_user+0x18e/0x220 [ 150.229833] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.230301] iommufd_access_destroy+0x43/0x70 [ 150.230681] iommufd_test_staccess_release+0x8d/0xd0 [ 150.231095] __fput+0x26d/0xa40 [ 150.231382] ____fput+0x1e/0x30 [ 150.231656] task_work_run+0x1a4/0x2d0 [ 150.231975] ? __pfx_task_work_run+0x10/0x10 [ 150.232333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.232729] ? switch_task_namespaces+0xa9/0xe0 [ 150.233110] do_exit+0xb17/0x2ef0 [ 150.233393] ? lock_acquire+0x427/0x4c0 [ 150.233721] ? __pfx_lock_release+0x10/0x10 [ 150.234072] ? __kasan_check_write+0x18/0x20 [ 150.234420] ? do_raw_spin_lock+0x132/0x2a0 [ 150.234777] ? __pfx_do_exit+0x10/0x10 [ 150.235096] ? debug_smp_processor_id+0x20/0x30 [ 150.235476] ? rcu_is_watching+0x19/0xb0 [ 150.235798] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.236159] ? trace_hardirqs_on+0x26/0x120 [ 150.236512] do_group_exit+0xe0/0x2b0 [ 150.236814] __x64_sys_exit_group+0x47/0x50 [ 150.237153] do_syscall_64+0x3b/0x90 [ 150.237456] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.237873] RIP: 0033:0x7f4b87518a4d [ 150.238167] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.238673] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.239280] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.239830] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.240391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.240943] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.241494] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.242052] [ 150.242236] irq event stamp: 0 [ 150.242486] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.243002] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.243676] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.244335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.245121] ---[ end trace 0000000000000000 ]--- [ 150.245828] ------------[ cut here ]------------ [ 150.246200] WARNING: CPU: 1 PID: 1408 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.247171] Modules linked in: [ 150.247429] CPU: 1 PID: 1408 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.248112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.249107] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.249516] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.251077] RSP: 0018:ffff888015937b78 EFLAGS: 00010246 [ 150.251507] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.252058] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 150.252682] RBP: ffff888015937b98 R08: ffffed100173fd3e R09: ffffed100173fd3e [ 150.253286] R10: ffff88800b9fe9ef R11: ffffed100173fd3d R12: ffff88800b9fea90 [ 150.253844] R13: ffff88800b9fe8a8 R14: ffffffffffffffff R15: ffff888015937c60 [ 150.254409] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.255186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.255645] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.256202] PKRU: 55555554 [ 150.256429] Call Trace: [ 150.256652] [ 150.256931] iommufd_ioas_destroy+0x53/0x70 [ 150.257279] iommufd_fops_release+0x1f7/0x370 [ 150.257640] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.258037] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.258455] ? write_comp_data+0x2f/0x90 [ 150.258883] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.259298] __fput+0x26d/0xa40 [ 150.259575] ____fput+0x1e/0x30 [ 150.259841] task_work_run+0x1a4/0x2d0 [ 150.260159] ? __pfx_task_work_run+0x10/0x10 [ 150.260547] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.261018] ? switch_task_namespaces+0xa9/0xe0 [ 150.261414] do_exit+0xb17/0x2ef0 [ 150.261699] ? lock_acquire+0x427/0x4c0 [ 150.262049] ? __pfx_lock_release+0x10/0x10 [ 150.262489] ? __kasan_check_write+0x18/0x20 [ 150.262907] ? do_raw_spin_lock+0x132/0x2a0 [ 150.263280] ? __pfx_do_exit+0x10/0x10 [ 150.263614] ? debug_smp_processor_id+0x20/0x30 [ 150.264017] ? rcu_is_watching+0x19/0xb0 [ 150.264363] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.264881] ? trace_hardirqs_on+0x26/0x120 [ 150.265256] do_group_exit+0xe0/0x2b0 [ 150.265580] __x64_sys_exit_group+0x47/0x50 [ 150.265938] do_syscall_64+0x3b/0x90 [ 150.266258] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.266846] RIP: 0033:0x7f4b87518a4d [ 150.267173] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.267679] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.268309] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.268942] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.269614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.270199] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.270805] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.271592] [ 150.271797] irq event stamp: 0 [ 150.272060] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.272582] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.273406] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.274088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.274629] ---[ end trace 0000000000000000 ]--- [ 150.278313] ------------[ cut here ]------------ [ 150.278852] WARNING: CPU: 1 PID: 1409 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.279720] Modules linked in: [ 150.279982] CPU: 1 PID: 1409 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.280767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.281748] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.282169] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.283848] RSP: 0018:ffff888011c9fbb8 EFLAGS: 00010246 [ 150.284291] RAX: 0000000000000000 RBX: ffff888015ccc0a8 RCX: 0000000000000000 [ 150.284990] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 150.285570] RBP: ffff888011c9fbd0 R08: ffffed1002b99833 R09: ffffed1002b99833 [ 150.286140] R10: ffff888015ccc193 R11: ffffed1002b99832 R12: ffff888014582800 [ 150.286879] R13: ffff888015ccc1e8 R14: ffffffff8352e670 R15: ffff888011c9fe68 [ 150.287479] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.288139] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.288663] CR2: 00007f4b877410e8 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 150.289329] PKRU: 55555554 [ 150.289562] Call Trace: [ 150.289772] [ 150.289957] __iommufd_access_detach+0x1c2/0x2b0 [ 150.290391] iommufd_access_change_pt+0x149/0x270 [ 150.290942] iommufd_access_replace+0xb4/0x120 [ 150.291356] iommufd_test+0x3e5/0x37e0 [ 150.291696] ? lock_release+0x532/0x770 [ 150.292055] ? __might_fault+0x102/0x1b0 [ 150.292417] ? lock_acquire+0x427/0x4c0 [ 150.292843] ? __pfx_iommufd_test+0x10/0x10 [ 150.293290] ? __pfx_lock_release+0x10/0x10 [ 150.293674] ? __pfx_lock_acquire+0x10/0x10 [ 150.294056] ? write_comp_data+0x2f/0x90 [ 150.294422] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.295011] ? write_comp_data+0x2f/0x90 [ 150.295383] iommufd_fops_ioctl+0x37d/0x510 [ 150.295760] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.296187] ? write_comp_data+0x2f/0x90 [ 150.296555] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.297044] __x64_sys_ioctl+0x1a3/0x230 [ 150.297473] do_syscall_64+0x3b/0x90 [ 150.297802] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.298250] RIP: 0033:0x7f4b8743ee5d [ 150.298593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.300353] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.301025] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.301764] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.302381] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.303028] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.303787] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.304415] [ 150.304616] irq event stamp: 0 [ 150.304890] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.305523] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.306314] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.307048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.307740] ---[ end trace 0000000000000000 ]--- [ 150.310800] ------------[ cut here ]------------ [ 150.311302] WARNING: CPU: 1 PID: 1409 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.312239] Modules linked in: [ 150.312523] CPU: 1 PID: 1409 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.313268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.314236] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.314728] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.316309] RSP: 0018:ffff888011c9fbd0 EFLAGS: 00010246 [ 150.316775] RAX: 0000000000000000 RBX: ffff888015ccc0a8 RCX: 0000000000000000 [ 150.317388] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 150.317991] RBP: ffff888011c9fbe8 R08: ffffed1002b99833 R09: ffffed1002b99833 [ 150.318625] R10: ffff888015ccc193 R11: ffffed1002b99832 R12: ffff888010c09800 [ 150.319267] R13: ffff888015ccc1e8 R14: ffff88802099c900 R15: 0000000000000000 [ 150.319884] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.320574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.321074] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 150.321693] PKRU: 55555554 [ 150.321940] Call Trace: [ 150.322163] [ 150.322359] iommufd_access_destroy_object+0x65/0x170 [ 150.322829] iommufd_object_destroy_user+0x18e/0x220 [ 150.323291] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.323798] iommufd_access_destroy+0x43/0x70 [ 150.324196] iommufd_test_staccess_release+0x8d/0xd0 [ 150.324646] __fput+0x26d/0xa40 [ 150.324947] ____fput+0x1e/0x30 [ 150.325244] task_work_run+0x1a4/0x2d0 [ 150.325589] ? __pfx_task_work_run+0x10/0x10 [ 150.325976] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.326407] ? switch_task_namespaces+0xa9/0xe0 [ 150.326837] do_exit+0xb17/0x2ef0 [ 150.327151] ? lock_acquire+0x427/0x4c0 [ 150.327505] ? __pfx_lock_release+0x10/0x10 [ 150.327885] ? __kasan_check_write+0x18/0x20 [ 150.328268] ? do_raw_spin_lock+0x132/0x2a0 [ 150.328643] ? __pfx_do_exit+0x10/0x10 [ 150.328999] ? debug_smp_processor_id+0x20/0x30 [ 150.329407] ? rcu_is_watching+0x19/0xb0 [ 150.329762] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.330169] ? trace_hardirqs_on+0x26/0x120 [ 150.330569] do_group_exit+0xe0/0x2b0 [ 150.330901] __x64_sys_exit_group+0x47/0x50 [ 150.331288] do_syscall_64+0x3b/0x90 [ 150.331624] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.332084] RIP: 0033:0x7f4b87518a4d [ 150.332414] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.332942] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.333601] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.334218] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.334851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.335473] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.336085] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.336705] [ 150.336898] irq event stamp: 0 [ 150.337151] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.337652] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.338320] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.339004] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.339532] ---[ end trace 0000000000000000 ]--- [ 150.340375] ------------[ cut here ]------------ [ 150.340796] WARNING: CPU: 0 PID: 1409 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.341630] Modules linked in: [ 150.341888] CPU: 0 PID: 1409 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.342646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.343556] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.343966] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.345417] RSP: 0018:ffff888011c9fb78 EFLAGS: 00010246 [ 150.345842] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.346407] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 150.347000] RBP: ffff888011c9fb98 R08: ffffed1002b9983e R09: ffffed1002b9983e [ 150.347573] R10: ffff888015ccc1ef R11: ffffed1002b9983d R12: ffff888015ccc290 [ 150.348142] R13: ffff888015ccc0a8 R14: ffffffffffffffff R15: ffff888011c9fc60 [ 150.348708] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.349347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.349809] CR2: 00007f82e2b7d0f0 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 150.350376] PKRU: 55555554 [ 150.350624] Call Trace: [ 150.350834] [ 150.351018] iommufd_ioas_destroy+0x53/0x70 [ 150.351374] iommufd_fops_release+0x1f7/0x370 [ 150.351744] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.352149] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.352550] ? write_comp_data+0x2f/0x90 [ 150.352885] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.353288] __fput+0x26d/0xa40 [ 150.353569] ____fput+0x1e/0x30 [ 150.353844] task_work_run+0x1a4/0x2d0 [ 150.354165] ? __pfx_task_work_run+0x10/0x10 [ 150.354544] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.354944] ? switch_task_namespaces+0xa9/0xe0 [ 150.355340] do_exit+0xb17/0x2ef0 [ 150.355624] ? lock_acquire+0x427/0x4c0 [ 150.355954] ? __pfx_lock_release+0x10/0x10 [ 150.356309] ? __kasan_check_write+0x18/0x20 [ 150.356669] ? do_raw_spin_lock+0x132/0x2a0 [ 150.357017] ? __pfx_do_exit+0x10/0x10 [ 150.357343] ? debug_smp_processor_id+0x20/0x30 [ 150.357726] ? rcu_is_watching+0x19/0xb0 [ 150.358059] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.358431] ? trace_hardirqs_on+0x26/0x120 [ 150.358809] do_group_exit+0xe0/0x2b0 [ 150.359138] __x64_sys_exit_group+0x47/0x50 [ 150.359495] do_syscall_64+0x3b/0x90 [ 150.359824] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.360250] RIP: 0033:0x7f4b87518a4d [ 150.360553] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.361046] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.361652] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.362217] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.362802] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.363385] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.363955] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.364542] [ 150.364734] irq event stamp: 0 [ 150.365061] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.365566] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.366240] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.366934] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.367430] ---[ end trace 0000000000000000 ]--- [ 150.372293] ------------[ cut here ]------------ [ 150.372735] WARNING: CPU: 0 PID: 1410 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.373555] Modules linked in: [ 150.373823] CPU: 0 PID: 1410 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.374564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.375511] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.375926] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.377427] RSP: 0018:ffff888015937bb8 EFLAGS: 00010246 [ 150.377870] RAX: 0000000000000000 RBX: ffff88800ee878a8 RCX: 0000000000000000 [ 150.378460] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 150.379069] RBP: ffff888015937bd0 R08: ffffed1001dd0f33 R09: ffffed1001dd0f33 [ 150.379680] R10: ffff88800ee87993 R11: ffffed1001dd0f32 R12: ffff88801226e400 [ 150.380262] R13: ffff88800ee879e8 R14: ffffffff8352e670 R15: ffff888015937e68 [ 150.380849] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.381505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.381976] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 150.382581] PKRU: 55555554 [ 150.382818] Call Trace: [ 150.383030] [ 150.383225] __iommufd_access_detach+0x1c2/0x2b0 [ 150.383630] iommufd_access_change_pt+0x149/0x270 [ 150.384036] iommufd_access_replace+0xb4/0x120 [ 150.384419] iommufd_test+0x3e5/0x37e0 [ 150.384743] ? lock_release+0x532/0x770 [ 150.385089] ? __might_fault+0x102/0x1b0 [ 150.385439] ? lock_acquire+0x427/0x4c0 [ 150.385777] ? __pfx_iommufd_test+0x10/0x10 [ 150.386136] ? __pfx_lock_release+0x10/0x10 [ 150.386531] ? __pfx_lock_acquire+0x10/0x10 [ 150.386901] ? write_comp_data+0x2f/0x90 [ 150.387252] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.387660] ? write_comp_data+0x2f/0x90 [ 150.388007] iommufd_fops_ioctl+0x37d/0x510 [ 150.388368] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.388779] ? write_comp_data+0x2f/0x90 [ 150.389124] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.389530] __x64_sys_ioctl+0x1a3/0x230 [ 150.389878] do_syscall_64+0x3b/0x90 [ 150.390199] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.390658] RIP: 0033:0x7f4b8743ee5d [ 150.390967] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.392473] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.393104] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.393690] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.394270] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.394889] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.395485] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.396088] [ 150.396285] irq event stamp: 0 [ 150.396552] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.397153] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.397852] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.398575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.399097] ---[ end trace 0000000000000000 ]--- [ 150.401911] ------------[ cut here ]------------ [ 150.402333] WARNING: CPU: 0 PID: 1410 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.403206] Modules linked in: [ 150.403476] CPU: 0 PID: 1410 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.404204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.405141] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.405565] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.407103] RSP: 0018:ffff888015937bd0 EFLAGS: 00010246 [ 150.407630] RAX: 0000000000000000 RBX: ffff88800ee878a8 RCX: 0000000000000000 [ 150.408218] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 150.408809] RBP: ffff888015937be8 R08: ffffed1001dd0f33 R09: ffffed1001dd0f33 [ 150.409399] R10: ffff88800ee87993 R11: ffffed1001dd0f32 R12: ffff888014739800 [ 150.409989] R13: ffff88800ee879e8 R14: ffff888013a1de00 R15: 0000000000000000 [ 150.410627] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.411343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.411843] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 150.412460] PKRU: 55555554 [ 150.412704] Call Trace: [ 150.412925] [ 150.413122] iommufd_access_destroy_object+0x65/0x170 [ 150.413574] iommufd_object_destroy_user+0x18e/0x220 [ 150.414017] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.414560] iommufd_access_destroy+0x43/0x70 [ 150.414967] iommufd_test_staccess_release+0x8d/0xd0 [ 150.415440] __fput+0x26d/0xa40 [ 150.415743] ____fput+0x1e/0x30 [ 150.416040] task_work_run+0x1a4/0x2d0 [ 150.416391] ? __pfx_task_work_run+0x10/0x10 [ 150.416792] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.417225] ? switch_task_namespaces+0xa9/0xe0 [ 150.417649] do_exit+0xb17/0x2ef0 [ 150.417954] ? lock_acquire+0x427/0x4c0 [ 150.418318] ? __pfx_lock_release+0x10/0x10 [ 150.418728] ? __kasan_check_write+0x18/0x20 [ 150.419129] ? do_raw_spin_lock+0x132/0x2a0 [ 150.419517] ? __pfx_do_exit+0x10/0x10 [ 150.419878] ? debug_smp_processor_id+0x20/0x30 [ 150.420295] ? rcu_is_watching+0x19/0xb0 [ 150.420663] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.421070] ? trace_hardirqs_on+0x26/0x120 [ 150.421471] do_group_exit+0xe0/0x2b0 [ 150.421816] __x64_sys_exit_group+0x47/0x50 [ 150.422203] do_syscall_64+0x3b/0x90 [ 150.422574] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.423037] RIP: 0033:0x7f4b87518a4d [ 150.423376] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.423923] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.424584] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.425205] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.425824] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.426441] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.427104] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.427755] [ 150.427967] irq event stamp: 0 [ 150.428267] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.428861] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.429714] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.430534] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.431151] ---[ end trace 0000000000000000 ]--- [ 150.431946] ------------[ cut here ]------------ [ 150.432395] WARNING: CPU: 0 PID: 1410 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.433373] Modules linked in: [ 150.433692] CPU: 0 PID: 1410 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.434552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.435627] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.436111] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.437812] RSP: 0018:ffff888015937b78 EFLAGS: 00010246 [ 150.438320] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.439011] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 150.439691] RBP: ffff888015937b98 R08: ffffed1001dd0f3e R09: ffffed1001dd0f3e [ 150.440357] R10: ffff88800ee879ef R11: ffffed1001dd0f3d R12: ffff88800ee87a90 [ 150.441015] R13: ffff88800ee878a8 R14: ffffffffffffffff R15: ffff888015937c60 [ 150.441690] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.442458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.443039] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 150.443750] PKRU: 55555554 [ 150.444027] Call Trace: [ 150.444280] [ 150.444502] iommufd_ioas_destroy+0x53/0x70 [ 150.444932] iommufd_fops_release+0x1f7/0x370 [ 150.445371] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.445858] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.446342] ? write_comp_data+0x2f/0x90 [ 150.446807] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.447309] __fput+0x26d/0xa40 [ 150.447656] ____fput+0x1e/0x30 [ 150.447993] task_work_run+0x1a4/0x2d0 [ 150.448387] ? __pfx_task_work_run+0x10/0x10 [ 150.448834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.449314] ? switch_task_namespaces+0xa9/0xe0 [ 150.449779] do_exit+0xb17/0x2ef0 [ 150.450118] ? lock_acquire+0x427/0x4c0 [ 150.450546] ? __pfx_lock_release+0x10/0x10 [ 150.450971] ? __kasan_check_write+0x18/0x20 [ 150.451418] ? do_raw_spin_lock+0x132/0x2a0 [ 150.451834] ? __pfx_do_exit+0x10/0x10 [ 150.452220] ? debug_smp_processor_id+0x20/0x30 [ 150.452670] ? rcu_is_watching+0x19/0xb0 [ 150.453066] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.453507] ? trace_hardirqs_on+0x26/0x120 [ 150.453934] do_group_exit+0xe0/0x2b0 [ 150.454307] __x64_sys_exit_group+0x47/0x50 [ 150.454757] do_syscall_64+0x3b/0x90 [ 150.455146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.455651] RIP: 0033:0x7f4b87518a4d [ 150.456012] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.456604] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.457333] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.458017] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.458729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.459439] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.460132] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.460828] [ 150.461113] irq event stamp: 0 [ 150.461423] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.462037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.462883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.463698] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.464304] ---[ end trace 0000000000000000 ]--- [ 150.469063] ------------[ cut here ]------------ [ 150.469631] WARNING: CPU: 0 PID: 1411 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.470744] Modules linked in: [ 150.471084] CPU: 0 PID: 1411 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.472019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.473196] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.473711] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.475653] RSP: 0018:ffff888020aefbb8 EFLAGS: 00010246 [ 150.476204] RAX: 0000000000000000 RBX: ffff888015aae8a8 RCX: 0000000000000000 [ 150.476929] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 150.477685] RBP: ffff888020aefbd0 R08: ffffed1002b55d33 R09: ffffed1002b55d33 [ 150.478441] R10: ffff888015aae993 R11: ffffed1002b55d32 R12: ffff888020d19800 [ 150.479227] R13: ffff888015aae9e8 R14: ffffffff8352e670 R15: ffff888020aefe68 [ 150.479983] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.480832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.481443] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ef0 [ 150.482189] PKRU: 55555554 [ 150.482489] Call Trace: [ 150.482787] [ 150.483022] __iommufd_access_detach+0x1c2/0x2b0 [ 150.483554] iommufd_access_change_pt+0x149/0x270 [ 150.484073] iommufd_access_replace+0xb4/0x120 [ 150.484561] iommufd_test+0x3e5/0x37e0 [ 150.484971] ? lock_release+0x532/0x770 [ 150.485397] ? __might_fault+0x102/0x1b0 [ 150.485831] ? lock_acquire+0x427/0x4c0 [ 150.486260] ? __pfx_iommufd_test+0x10/0x10 [ 150.486753] ? __pfx_lock_release+0x10/0x10 [ 150.487225] ? __pfx_lock_acquire+0x10/0x10 [ 150.487689] ? write_comp_data+0x2f/0x90 [ 150.488127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.488649] ? write_comp_data+0x2f/0x90 [ 150.489099] iommufd_fops_ioctl+0x37d/0x510 [ 150.489561] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.490093] ? write_comp_data+0x2f/0x90 [ 150.490571] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.491083] __x64_sys_ioctl+0x1a3/0x230 [ 150.491544] do_syscall_64+0x3b/0x90 [ 150.491955] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.492506] RIP: 0033:0x7f4b8743ee5d [ 150.492906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.494918] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.495730] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.496469] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.497206] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.497947] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.498731] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.499513] [ 150.499765] irq event stamp: 0 [ 150.500100] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.500759] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.501631] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.502577] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.503257] ---[ end trace 0000000000000000 ]--- [ 150.507092] ------------[ cut here ]------------ [ 150.507675] WARNING: CPU: 0 PID: 1411 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.508937] Modules linked in: [ 150.509499] CPU: 0 PID: 1411 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.510429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.511930] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.512475] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.514497] RSP: 0018:ffff888020aefbd0 EFLAGS: 00010246 [ 150.515355] RAX: 0000000000000000 RBX: ffff888015aae8a8 RCX: 0000000000000000 [ 150.516112] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 150.516858] RBP: ffff888020aefbe8 R08: ffffed1002b55d33 R09: ffffed1002b55d33 [ 150.517611] R10: ffff888015aae993 R11: ffffed1002b55d32 R12: ffff88801226ec00 [ 150.518364] R13: ffff888015aae9e8 R14: ffff88800af2d500 R15: 0000000000000000 [ 150.519291] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.520299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.520917] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 150.521664] PKRU: 55555554 [ 150.521962] Call Trace: [ 150.522231] [ 150.522467] iommufd_access_destroy_object+0x65/0x170 [ 150.523054] iommufd_object_destroy_user+0x18e/0x220 [ 150.523621] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.524282] iommufd_access_destroy+0x43/0x70 [ 150.525170] iommufd_test_staccess_release+0x8d/0xd0 [ 150.525709] __fput+0x26d/0xa40 [ 150.526082] ____fput+0x1e/0x30 [ 150.526451] task_work_run+0x1a4/0x2d0 [ 150.526926] ? __pfx_task_work_run+0x10/0x10 [ 150.527421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.527956] ? switch_task_namespaces+0xa9/0xe0 [ 150.528468] do_exit+0xb17/0x2ef0 [ 150.528848] ? lock_acquire+0x427/0x4c0 [ 150.529406] ? __pfx_lock_release+0x10/0x10 [ 150.530081] ? __kasan_check_write+0x18/0x20 [ 150.530609] ? do_raw_spin_lock+0x132/0x2a0 [ 150.531075] ? __pfx_do_exit+0x10/0x10 [ 150.531519] ? debug_smp_processor_id+0x20/0x30 [ 150.532028] ? rcu_is_watching+0x19/0xb0 [ 150.532473] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.532963] ? trace_hardirqs_on+0x26/0x120 [ 150.533451] do_group_exit+0xe0/0x2b0 [ 150.533868] __x64_sys_exit_group+0x47/0x50 [ 150.534334] do_syscall_64+0x3b/0x90 [ 150.534992] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.535756] RIP: 0033:0x7f4b87518a4d [ 150.536165] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.536824] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.537632] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.538377] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.539207] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.540155] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.541208] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.541971] [ 150.542220] irq event stamp: 0 [ 150.542583] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.543269] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.544194] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.545433] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.546103] ---[ end trace 0000000000000000 ]--- [ 150.547718] ------------[ cut here ]------------ [ 150.548247] WARNING: CPU: 0 PID: 1411 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.549609] Modules linked in: [ 150.550169] CPU: 0 PID: 1411 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.551150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.552314] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.552860] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.555431] RSP: 0018:ffff888020aefb78 EFLAGS: 00010246 [ 150.556013] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.556770] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 150.557601] RBP: ffff888020aefb98 R08: ffffed1002b55d3e R09: ffffed1002b55d3e [ 150.558352] R10: ffff888015aae9ef R11: ffffed1002b55d3d R12: ffff888015aaea90 [ 150.559153] R13: ffff888015aae8a8 R14: ffffffffffffffff R15: ffff888020aefc60 [ 150.559907] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.560749] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.561352] CR2: 00007f82e2b93010 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 150.562107] PKRU: 55555554 [ 150.562408] Call Trace: [ 150.562725] [ 150.562973] iommufd_ioas_destroy+0x53/0x70 [ 150.563454] iommufd_fops_release+0x1f7/0x370 [ 150.563932] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.564461] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.564984] ? write_comp_data+0x2f/0x90 [ 150.565421] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.565956] __fput+0x26d/0xa40 [ 150.566320] ____fput+0x1e/0x30 [ 150.566715] task_work_run+0x1a4/0x2d0 [ 150.567151] ? __pfx_task_work_run+0x10/0x10 [ 150.567620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.568145] ? switch_task_namespaces+0xa9/0xe0 [ 150.568651] do_exit+0xb17/0x2ef0 [ 150.569021] ? lock_acquire+0x427/0x4c0 [ 150.569452] ? __pfx_lock_release+0x10/0x10 [ 150.569905] ? __kasan_check_write+0x18/0x20 [ 150.570370] ? do_raw_spin_lock+0x132/0x2a0 [ 150.570857] ? __pfx_do_exit+0x10/0x10 [ 150.571305] ? debug_smp_processor_id+0x20/0x30 [ 150.571801] ? rcu_is_watching+0x19/0xb0 [ 150.572240] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.572722] ? trace_hardirqs_on+0x26/0x120 [ 150.573185] do_group_exit+0xe0/0x2b0 [ 150.573588] __x64_sys_exit_group+0x47/0x50 [ 150.574039] do_syscall_64+0x3b/0x90 [ 150.574448] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.575027] RIP: 0033:0x7f4b87518a4d [ 150.575429] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.576068] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.576861] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.577593] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.578338] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.579103] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.579857] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.580616] [ 150.580867] irq event stamp: 0 [ 150.581206] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.581884] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.582802] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.583686] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.584349] ---[ end trace 0000000000000000 ]--- [ 150.593525] ------------[ cut here ]------------ [ 150.594274] WARNING: CPU: 1 PID: 1412 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.596196] Modules linked in: [ 150.596662] CPU: 1 PID: 1412 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.597971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.599736] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.600488] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.603349] RSP: 0018:ffff888015d6fbb8 EFLAGS: 00010246 [ 150.604077] RAX: 0000000000000000 RBX: ffff888020c9e8a8 RCX: 0000000000000000 [ 150.605036] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 150.606172] RBP: ffff888015d6fbd0 R08: ffffed1004193d33 R09: ffffed1004193d33 [ 150.607228] R10: ffff888020c9e993 R11: ffffed1004193d32 R12: ffff8880134fa800 [ 150.608384] R13: ffff888020c9e9e8 R14: ffffffff8352e670 R15: ffff888015d6fe68 [ 150.609353] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.610711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.611532] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 150.612683] PKRU: 55555554 [ 150.613095] Call Trace: [ 150.613458] [ 150.613778] __iommufd_access_detach+0x1c2/0x2b0 [ 150.614459] iommufd_access_change_pt+0x149/0x270 [ 150.615352] iommufd_access_replace+0xb4/0x120 [ 150.616001] iommufd_test+0x3e5/0x37e0 [ 150.616550] ? lock_release+0x532/0x770 [ 150.617132] ? __might_fault+0x102/0x1b0 [ 150.617745] ? lock_acquire+0x427/0x4c0 [ 150.618431] ? __pfx_iommufd_test+0x10/0x10 [ 150.619088] ? __pfx_lock_release+0x10/0x10 [ 150.619717] ? __pfx_lock_acquire+0x10/0x10 [ 150.620316] ? write_comp_data+0x2f/0x90 [ 150.621090] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.621771] ? write_comp_data+0x2f/0x90 [ 150.622361] iommufd_fops_ioctl+0x37d/0x510 [ 150.623071] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.623896] ? write_comp_data+0x2f/0x90 [ 150.624496] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.625183] __x64_sys_ioctl+0x1a3/0x230 [ 150.625807] do_syscall_64+0x3b/0x90 [ 150.626471] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.627303] RIP: 0033:0x7f4b8743ee5d [ 150.627818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.630568] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.631894] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.632856] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.633881] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.635037] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.636055] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.637264] [ 150.637605] irq event stamp: 0 [ 150.638048] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.638980] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.640273] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.641420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.642479] ---[ end trace 0000000000000000 ]--- [ 150.647951] ------------[ cut here ]------------ [ 150.648657] WARNING: CPU: 1 PID: 1412 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.650229] Modules linked in: [ 150.650764] CPU: 1 PID: 1412 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.651988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.653749] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.654463] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.657196] RSP: 0018:ffff888015d6fbd0 EFLAGS: 00010246 [ 150.658084] RAX: 0000000000000000 RBX: ffff888020c9e8a8 RCX: 0000000000000000 [ 150.659172] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 150.660267] RBP: ffff888015d6fbe8 R08: ffffed1004193d33 R09: ffffed1004193d33 [ 150.661354] R10: ffff888020c9e993 R11: ffffed1004193d32 R12: ffff888014583c00 [ 150.662372] R13: ffff888020c9e9e8 R14: ffff8880143ce100 R15: 0000000000000000 [ 150.663516] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.664608] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.665632] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.666693] PKRU: 55555554 [ 150.667101] Call Trace: [ 150.667522] [ 150.667984] iommufd_access_destroy_object+0x65/0x170 [ 150.668700] iommufd_object_destroy_user+0x18e/0x220 [ 150.669407] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.670409] iommufd_access_destroy+0x43/0x70 [ 150.671173] iommufd_test_staccess_release+0x8d/0xd0 [ 150.671915] __fput+0x26d/0xa40 [ 150.672406] ____fput+0x1e/0x30 [ 150.673102] task_work_run+0x1a4/0x2d0 [ 150.673665] ? __pfx_task_work_run+0x10/0x10 [ 150.674274] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.675047] ? switch_task_namespaces+0xa9/0xe0 [ 150.675874] do_exit+0xb17/0x2ef0 [ 150.676356] ? lock_acquire+0x427/0x4c0 [ 150.676914] ? __pfx_lock_release+0x10/0x10 [ 150.677521] ? __kasan_check_write+0x18/0x20 [ 150.678345] ? do_raw_spin_lock+0x132/0x2a0 [ 150.679016] ? __pfx_do_exit+0x10/0x10 [ 150.679617] ? debug_smp_processor_id+0x20/0x30 [ 150.680269] ? rcu_is_watching+0x19/0xb0 [ 150.681048] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.681692] ? trace_hardirqs_on+0x26/0x120 [ 150.682313] do_group_exit+0xe0/0x2b0 [ 150.682939] __x64_sys_exit_group+0x47/0x50 [ 150.683751] do_syscall_64+0x3b/0x90 [ 150.684293] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.685010] RIP: 0033:0x7f4b87518a4d [ 150.685530] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.686643] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.687707] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.688919] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.689872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.690924] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.691988] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.692959] [ 150.693312] irq event stamp: 0 [ 150.693910] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.694816] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.695977] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.697313] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.698161] ---[ end trace 0000000000000000 ]--- [ 150.699731] ------------[ cut here ]------------ [ 150.700384] WARNING: CPU: 1 PID: 1412 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.701943] Modules linked in: [ 150.702395] CPU: 1 PID: 1412 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.703640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.705166] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.705885] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.708405] RSP: 0018:ffff888015d6fb78 EFLAGS: 00010246 [ 150.709165] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.710120] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 150.711151] RBP: ffff888015d6fb98 R08: ffffed1004193d3e R09: ffffed1004193d3e [ 150.712127] R10: ffff888020c9e9ef R11: ffffed1004193d3d R12: ffff888020c9ea90 [ 150.713090] R13: ffff888020c9e8a8 R14: ffffffffffffffff R15: ffff888015d6fc60 [ 150.714038] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.715179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.715982] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.716976] PKRU: 55555554 [ 150.717382] Call Trace: [ 150.717739] [ 150.718057] iommufd_ioas_destroy+0x53/0x70 [ 150.718722] iommufd_fops_release+0x1f7/0x370 [ 150.719379] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.720072] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.720757] ? write_comp_data+0x2f/0x90 [ 150.721343] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.722011] __fput+0x26d/0xa40 [ 150.722482] ____fput+0x1e/0x30 [ 150.723004] task_work_run+0x1a4/0x2d0 [ 150.723559] ? __pfx_task_work_run+0x10/0x10 [ 150.724161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.724825] ? switch_task_namespaces+0xa9/0xe0 [ 150.725491] do_exit+0xb17/0x2ef0 [ 150.725961] ? lock_acquire+0x427/0x4c0 [ 150.726565] ? __pfx_lock_release+0x10/0x10 [ 150.727168] ? __kasan_check_write+0x18/0x20 [ 150.727769] ? do_raw_spin_lock+0x132/0x2a0 [ 150.728349] ? __pfx_do_exit+0x10/0x10 [ 150.728887] ? debug_smp_processor_id+0x20/0x30 [ 150.729522] ? rcu_is_watching+0x19/0xb0 [ 150.730073] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.730756] ? trace_hardirqs_on+0x26/0x120 [ 150.731373] do_group_exit+0xe0/0x2b0 [ 150.731890] __x64_sys_exit_group+0x47/0x50 [ 150.732466] do_syscall_64+0x3b/0x90 [ 150.732997] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.733719] RIP: 0033:0x7f4b87518a4d [ 150.734234] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.735102] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.736168] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.737128] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.738072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.739063] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.740059] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.741038] [ 150.741355] irq event stamp: 0 [ 150.741777] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.742654] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.743789] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.744894] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.745728] ---[ end trace 0000000000000000 ]--- [ 150.751829] ------------[ cut here ]------------ [ 150.752347] WARNING: CPU: 1 PID: 1413 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.753308] Modules linked in: [ 150.753607] CPU: 1 PID: 1413 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.754435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.755553] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.756030] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.758034] RSP: 0018:ffff888018317bb8 EFLAGS: 00010246 [ 150.758573] RAX: 0000000000000000 RBX: ffff888011f610a8 RCX: 0000000000000000 [ 150.759265] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 150.760134] RBP: ffff888018317bd0 R08: ffffed10023ec233 R09: ffffed10023ec233 [ 150.760811] R10: ffff888011f61193 R11: ffffed10023ec232 R12: ffff88800a726800 [ 150.761482] R13: ffff888011f611e8 R14: ffffffff8352e670 R15: ffff888018317e68 [ 150.762336] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.763164] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.763720] CR2: 0000000020000140 CR3: 000000001444c000 CR4: 0000000000750ee0 [ 150.764573] PKRU: 55555554 [ 150.764854] Call Trace: [ 150.765102] [ 150.765322] __iommufd_access_detach+0x1c2/0x2b0 [ 150.765793] iommufd_access_change_pt+0x149/0x270 [ 150.766379] iommufd_access_replace+0xb4/0x120 [ 150.766927] iommufd_test+0x3e5/0x37e0 [ 150.767335] ? lock_release+0x532/0x770 [ 150.767722] ? __might_fault+0x102/0x1b0 [ 150.768114] ? lock_acquire+0x427/0x4c0 [ 150.768519] ? __pfx_iommufd_test+0x10/0x10 [ 150.769011] ? __pfx_lock_release+0x10/0x10 [ 150.769533] ? __pfx_lock_acquire+0x10/0x10 [ 150.769944] ? write_comp_data+0x2f/0x90 [ 150.770345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.770855] ? write_comp_data+0x2f/0x90 [ 150.771392] iommufd_fops_ioctl+0x37d/0x510 [ 150.771828] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.772288] ? write_comp_data+0x2f/0x90 [ 150.772716] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.773172] __x64_sys_ioctl+0x1a3/0x230 [ 150.773681] do_syscall_64+0x3b/0x90 [ 150.774124] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.774651] RIP: 0033:0x7f4b8743ee5d [ 150.775022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.776954] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.777668] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.778554] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.779269] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.779934] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.780800] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.781508] [ 150.781724] irq event stamp: 0 [ 150.782018] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.782662] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.783480] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.784247] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.784853] ---[ end trace 0000000000000000 ]--- [ 150.788017] ------------[ cut here ]------------ [ 150.788489] WARNING: CPU: 1 PID: 1413 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.789440] Modules linked in: [ 150.789734] CPU: 1 PID: 1413 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.790593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.791660] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.792145] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.793841] RSP: 0018:ffff888018317bd0 EFLAGS: 00010246 [ 150.794338] RAX: 0000000000000000 RBX: ffff888011f610a8 RCX: 0000000000000000 [ 150.794992] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 150.795643] RBP: ffff888018317be8 R08: ffffed10023ec233 R09: ffffed10023ec233 [ 150.796265] R10: ffff888011f61193 R11: ffffed10023ec232 R12: ffff8880134fbc00 [ 150.796902] R13: ffff888011f611e8 R14: ffff888014603200 R15: 0000000000000000 [ 150.797528] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.798230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.798762] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.799396] PKRU: 55555554 [ 150.799654] Call Trace: [ 150.799879] [ 150.800085] iommufd_access_destroy_object+0x65/0x170 [ 150.800538] iommufd_object_destroy_user+0x18e/0x220 [ 150.801006] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.801515] iommufd_access_destroy+0x43/0x70 [ 150.801925] iommufd_test_staccess_release+0x8d/0xd0 [ 150.802387] __fput+0x26d/0xa40 [ 150.802715] ____fput+0x1e/0x30 [ 150.803028] task_work_run+0x1a4/0x2d0 [ 150.803403] ? __pfx_task_work_run+0x10/0x10 [ 150.803794] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.804246] ? switch_task_namespaces+0xa9/0xe0 [ 150.804664] do_exit+0xb17/0x2ef0 [ 150.804977] ? lock_acquire+0x427/0x4c0 [ 150.805340] ? __pfx_lock_release+0x10/0x10 [ 150.805720] ? __kasan_check_write+0x18/0x20 [ 150.806123] ? do_raw_spin_lock+0x132/0x2a0 [ 150.806533] ? __pfx_do_exit+0x10/0x10 [ 150.806884] ? debug_smp_processor_id+0x20/0x30 [ 150.807314] ? rcu_is_watching+0x19/0xb0 [ 150.807684] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.808086] ? trace_hardirqs_on+0x26/0x120 [ 150.808478] do_group_exit+0xe0/0x2b0 [ 150.808834] __x64_sys_exit_group+0x47/0x50 [ 150.809215] do_syscall_64+0x3b/0x90 [ 150.809573] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.810039] RIP: 0033:0x7f4b87518a4d [ 150.810375] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.810945] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.811633] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.812257] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.812892] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.813504] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.814136] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.814787] [ 150.815004] irq event stamp: 0 [ 150.815293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.815852] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.816570] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.817261] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.817776] ---[ end trace 0000000000000000 ]--- [ 150.818544] ------------[ cut here ]------------ [ 150.818940] WARNING: CPU: 1 PID: 1413 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.819809] Modules linked in: [ 150.820074] CPU: 1 PID: 1413 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.820813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.821752] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.822178] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.823727] RSP: 0018:ffff888018317b78 EFLAGS: 00010246 [ 150.824175] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.824762] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 150.825347] RBP: ffff888018317b98 R08: ffffed10023ec23e R09: ffffed10023ec23e [ 150.825946] R10: ffff888011f611ef R11: ffffed10023ec23d R12: ffff888011f61290 [ 150.826543] R13: ffff888011f610a8 R14: ffffffffffffffff R15: ffff888018317c60 [ 150.827162] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.827829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.828295] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.828900] PKRU: 55555554 [ 150.829137] Call Trace: [ 150.829347] [ 150.829533] iommufd_ioas_destroy+0x53/0x70 [ 150.829904] iommufd_fops_release+0x1f7/0x370 [ 150.830295] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.830725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.831187] ? write_comp_data+0x2f/0x90 [ 150.831538] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.831947] __fput+0x26d/0xa40 [ 150.832262] ____fput+0x1e/0x30 [ 150.832544] task_work_run+0x1a4/0x2d0 [ 150.832873] ? __pfx_task_work_run+0x10/0x10 [ 150.833262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.833668] ? switch_task_namespaces+0xa9/0xe0 [ 150.834064] do_exit+0xb17/0x2ef0 [ 150.834381] ? lock_acquire+0x427/0x4c0 [ 150.834743] ? __pfx_lock_release+0x10/0x10 [ 150.835107] ? __kasan_check_write+0x18/0x20 [ 150.835519] ? do_raw_spin_lock+0x132/0x2a0 [ 150.835871] ? __pfx_do_exit+0x10/0x10 [ 150.836194] ? debug_smp_processor_id+0x20/0x30 [ 150.836607] ? rcu_is_watching+0x19/0xb0 [ 150.836945] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.837320] ? trace_hardirqs_on+0x26/0x120 [ 150.837716] do_group_exit+0xe0/0x2b0 [ 150.838032] __x64_sys_exit_group+0x47/0x50 [ 150.838388] do_syscall_64+0x3b/0x90 [ 150.838756] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.839203] RIP: 0033:0x7f4b87518a4d [ 150.839512] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.840039] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.840660] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.841266] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.841855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.842441] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.843049] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.843630] [ 150.843817] irq event stamp: 0 [ 150.844093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.844595] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.845288] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.845950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.846473] ---[ end trace 0000000000000000 ]--- [ 150.850421] ------------[ cut here ]------------ [ 150.850878] WARNING: CPU: 1 PID: 1414 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.851688] Modules linked in: [ 150.851952] CPU: 1 PID: 1414 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.852628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.853529] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.853939] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.855601] RSP: 0018:ffff8880149efbb8 EFLAGS: 00010246 [ 150.856045] RAX: 0000000000000000 RBX: ffff88800b9fb8a8 RCX: 0000000000000000 [ 150.856611] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 150.857184] RBP: ffff8880149efbd0 R08: ffffed100173f733 R09: ffffed100173f733 [ 150.857748] R10: ffff88800b9fb993 R11: ffffed100173f732 R12: ffff888010c08000 [ 150.858318] R13: ffff88800b9fb9e8 R14: ffffffff8352e670 R15: ffff8880149efe68 [ 150.858919] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.859586] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.860041] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 150.860608] PKRU: 55555554 [ 150.860842] Call Trace: [ 150.861041] [ 150.861219] __iommufd_access_detach+0x1c2/0x2b0 [ 150.861617] iommufd_access_change_pt+0x149/0x270 [ 150.862015] iommufd_access_replace+0xb4/0x120 [ 150.862389] iommufd_test+0x3e5/0x37e0 [ 150.862725] ? lock_release+0x532/0x770 [ 150.863062] ? __might_fault+0x102/0x1b0 [ 150.863405] ? lock_acquire+0x427/0x4c0 [ 150.863737] ? __pfx_iommufd_test+0x10/0x10 [ 150.864084] ? __pfx_lock_release+0x10/0x10 [ 150.864432] ? __pfx_lock_acquire+0x10/0x10 [ 150.864789] ? write_comp_data+0x2f/0x90 [ 150.865127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.865513] ? write_comp_data+0x2f/0x90 [ 150.865851] iommufd_fops_ioctl+0x37d/0x510 [ 150.866204] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.866614] ? write_comp_data+0x2f/0x90 [ 150.866957] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.867359] __x64_sys_ioctl+0x1a3/0x230 [ 150.867696] do_syscall_64+0x3b/0x90 [ 150.868008] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.868436] RIP: 0033:0x7f4b8743ee5d [ 150.868727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.870175] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.870800] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.871385] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.871946] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.872520] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.873083] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.873663] [ 150.873847] irq event stamp: 0 [ 150.874092] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.874615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.875286] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.875958] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.876463] ---[ end trace 0000000000000000 ]--- [ 150.879308] ------------[ cut here ]------------ [ 150.879721] WARNING: CPU: 1 PID: 1414 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.880518] Modules linked in: [ 150.880780] CPU: 1 PID: 1414 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.881469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.882358] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.882991] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.884462] RSP: 0018:ffff8880149efbd0 EFLAGS: 00010246 [ 150.884877] RAX: 0000000000000000 RBX: ffff88800b9fb8a8 RCX: 0000000000000000 [ 150.885448] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 150.885997] RBP: ffff8880149efbe8 R08: ffffed100173f733 R09: ffffed100173f733 [ 150.886587] R10: ffff88800b9fb993 R11: ffffed100173f732 R12: ffff88800a725c00 [ 150.887147] R13: ffff88800b9fb9e8 R14: ffff8880104c0700 R15: 0000000000000000 [ 150.887719] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.888353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.888816] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.889380] PKRU: 55555554 [ 150.889605] Call Trace: [ 150.889818] [ 150.889997] iommufd_access_destroy_object+0x65/0x170 [ 150.890415] iommufd_object_destroy_user+0x18e/0x220 [ 150.890844] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.891316] iommufd_access_destroy+0x43/0x70 [ 150.891687] iommufd_test_staccess_release+0x8d/0xd0 [ 150.892102] __fput+0x26d/0xa40 [ 150.892373] ____fput+0x1e/0x30 [ 150.892651] task_work_run+0x1a4/0x2d0 [ 150.892978] ? __pfx_task_work_run+0x10/0x10 [ 150.893330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.893727] ? switch_task_namespaces+0xa9/0xe0 [ 150.894114] do_exit+0xb17/0x2ef0 [ 150.894388] ? lock_acquire+0x427/0x4c0 [ 150.894739] ? __pfx_lock_release+0x10/0x10 [ 150.895095] ? __kasan_check_write+0x18/0x20 [ 150.895468] ? do_raw_spin_lock+0x132/0x2a0 [ 150.895818] ? __pfx_do_exit+0x10/0x10 [ 150.896149] ? debug_smp_processor_id+0x20/0x30 [ 150.896520] ? rcu_is_watching+0x19/0xb0 [ 150.896849] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.897224] ? trace_hardirqs_on+0x26/0x120 [ 150.897574] do_group_exit+0xe0/0x2b0 [ 150.897874] __x64_sys_exit_group+0x47/0x50 [ 150.898221] do_syscall_64+0x3b/0x90 [ 150.898549] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.898964] RIP: 0033:0x7f4b87518a4d [ 150.899278] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.899772] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.900369] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.900929] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.901492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.902053] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.902641] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.903212] [ 150.903404] irq event stamp: 0 [ 150.903657] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.904150] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.904827] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.905487] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.905971] ---[ end trace 0000000000000000 ]--- [ 150.906690] ------------[ cut here ]------------ [ 150.907066] WARNING: CPU: 1 PID: 1414 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.907853] Modules linked in: [ 150.908107] CPU: 1 PID: 1414 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.908791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.909647] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.910049] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.911592] RSP: 0018:ffff8880149efb78 EFLAGS: 00010246 [ 150.912007] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.912554] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 150.913103] RBP: ffff8880149efb98 R08: ffffed100173f73e R09: ffffed100173f73e [ 150.913650] R10: ffff88800b9fb9ef R11: ffffed100173f73d R12: ffff88800b9fba90 [ 150.914194] R13: ffff88800b9fb8a8 R14: ffffffffffffffff R15: ffff8880149efc60 [ 150.914756] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 150.915381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.915830] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 150.916382] PKRU: 55555554 [ 150.916610] Call Trace: [ 150.916806] [ 150.916979] iommufd_ioas_destroy+0x53/0x70 [ 150.917322] iommufd_fops_release+0x1f7/0x370 [ 150.917679] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.918064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.918450] ? write_comp_data+0x2f/0x90 [ 150.918794] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.919189] __fput+0x26d/0xa40 [ 150.919466] ____fput+0x1e/0x30 [ 150.919729] task_work_run+0x1a4/0x2d0 [ 150.920044] ? __pfx_task_work_run+0x10/0x10 [ 150.920385] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.920769] ? switch_task_namespaces+0xa9/0xe0 [ 150.921144] do_exit+0xb17/0x2ef0 [ 150.921413] ? lock_acquire+0x427/0x4c0 [ 150.921734] ? __pfx_lock_release+0x10/0x10 [ 150.922079] ? __kasan_check_write+0x18/0x20 [ 150.922417] ? do_raw_spin_lock+0x132/0x2a0 [ 150.922770] ? __pfx_do_exit+0x10/0x10 [ 150.923085] ? debug_smp_processor_id+0x20/0x30 [ 150.923455] ? rcu_is_watching+0x19/0xb0 [ 150.923779] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.924139] ? trace_hardirqs_on+0x26/0x120 [ 150.924473] do_group_exit+0xe0/0x2b0 [ 150.924765] __x64_sys_exit_group+0x47/0x50 [ 150.925106] do_syscall_64+0x3b/0x90 [ 150.925409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.925807] RIP: 0033:0x7f4b87518a4d [ 150.926099] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.926590] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.927192] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.927738] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.928284] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.928833] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.929382] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.929937] [ 150.930115] irq event stamp: 0 [ 150.930367] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.930870] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.931518] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.932153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.932637] ---[ end trace 0000000000000000 ]--- [ 150.937055] ------------[ cut here ]------------ [ 150.937453] WARNING: CPU: 0 PID: 1415 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.938214] Modules linked in: [ 150.938455] CPU: 0 PID: 1415 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.939244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.940084] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.940459] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.941876] RSP: 0018:ffff888020d6fbb8 EFLAGS: 00010246 [ 150.942271] RAX: 0000000000000000 RBX: ffff8880171ba0a8 RCX: 0000000000000000 [ 150.942967] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 150.943506] RBP: ffff888020d6fbd0 R08: ffffed1002e37433 R09: ffffed1002e37433 [ 150.944028] R10: ffff8880171ba193 R11: ffffed1002e37432 R12: ffff88801226c800 [ 150.944559] R13: ffff8880171ba1e8 R14: ffffffff8352e670 R15: ffff888020d6fe68 [ 150.945092] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.945688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.946116] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 150.946651] PKRU: 55555554 [ 150.946863] Call Trace: [ 150.947053] [ 150.947227] __iommufd_access_detach+0x1c2/0x2b0 [ 150.947593] iommufd_access_change_pt+0x149/0x270 [ 150.947960] iommufd_access_replace+0xb4/0x120 [ 150.948312] iommufd_test+0x3e5/0x37e0 [ 150.948604] ? lock_release+0x532/0x770 [ 150.948914] ? __might_fault+0x102/0x1b0 [ 150.949225] ? lock_acquire+0x427/0x4c0 [ 150.949529] ? __pfx_iommufd_test+0x10/0x10 [ 150.949846] ? __pfx_lock_release+0x10/0x10 [ 150.950173] ? __pfx_lock_acquire+0x10/0x10 [ 150.950525] ? write_comp_data+0x2f/0x90 [ 150.950840] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.951213] ? write_comp_data+0x2f/0x90 [ 150.951528] iommufd_fops_ioctl+0x37d/0x510 [ 150.951852] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.952216] ? write_comp_data+0x2f/0x90 [ 150.952526] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 150.952885] __x64_sys_ioctl+0x1a3/0x230 [ 150.953198] do_syscall_64+0x3b/0x90 [ 150.953486] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.953876] RIP: 0033:0x7f4b8743ee5d [ 150.954150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 150.955527] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 150.956092] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 150.956616] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 150.957130] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 150.957641] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 150.958152] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 150.958700] [ 150.958874] irq event stamp: 0 [ 150.959107] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.959572] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.960175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.960780] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.961236] ---[ end trace 0000000000000000 ]--- [ 150.963820] ------------[ cut here ]------------ [ 150.964170] WARNING: CPU: 0 PID: 1415 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 150.964901] Modules linked in: [ 150.965136] CPU: 0 PID: 1415 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.965767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.966601] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 150.967023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 150.968340] RSP: 0018:ffff888020d6fbd0 EFLAGS: 00010246 [ 150.968726] RAX: 0000000000000000 RBX: ffff8880171ba0a8 RCX: 0000000000000000 [ 150.969244] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 150.969762] RBP: ffff888020d6fbe8 R08: ffffed1002e37433 R09: ffffed1002e37433 [ 150.970277] R10: ffff8880171ba193 R11: ffffed1002e37432 R12: ffff888020d1bc00 [ 150.970813] R13: ffff8880171ba1e8 R14: ffff8880218ea400 R15: 0000000000000000 [ 150.971341] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.971927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.972346] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 150.972867] PKRU: 55555554 [ 150.973103] Call Trace: [ 150.973291] [ 150.973456] iommufd_access_destroy_object+0x65/0x170 [ 150.973835] iommufd_object_destroy_user+0x18e/0x220 [ 150.974211] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 150.974654] iommufd_access_destroy+0x43/0x70 [ 150.974991] iommufd_test_staccess_release+0x8d/0xd0 [ 150.975378] __fput+0x26d/0xa40 [ 150.975637] ____fput+0x1e/0x30 [ 150.975889] task_work_run+0x1a4/0x2d0 [ 150.976185] ? __pfx_task_work_run+0x10/0x10 [ 150.976517] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.976881] ? switch_task_namespaces+0xa9/0xe0 [ 150.977232] do_exit+0xb17/0x2ef0 [ 150.977490] ? lock_acquire+0x427/0x4c0 [ 150.977792] ? __pfx_lock_release+0x10/0x10 [ 150.978113] ? __kasan_check_write+0x18/0x20 [ 150.978442] ? do_raw_spin_lock+0x132/0x2a0 [ 150.978783] ? __pfx_do_exit+0x10/0x10 [ 150.979080] ? debug_smp_processor_id+0x20/0x30 [ 150.979439] ? rcu_is_watching+0x19/0xb0 [ 150.979745] ? _raw_spin_unlock_irq+0x2b/0x60 [ 150.980094] ? trace_hardirqs_on+0x26/0x120 [ 150.980426] do_group_exit+0xe0/0x2b0 [ 150.980713] __x64_sys_exit_group+0x47/0x50 [ 150.981039] do_syscall_64+0x3b/0x90 [ 150.981327] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 150.981716] RIP: 0033:0x7f4b87518a4d [ 150.981990] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 150.982451] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 150.983030] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 150.983569] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 150.984086] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 150.984606] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 150.985121] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 150.985647] [ 150.985820] irq event stamp: 0 [ 150.986053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 150.986533] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 150.987147] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 150.987753] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 150.988211] ---[ end trace 0000000000000000 ]--- [ 150.988882] ------------[ cut here ]------------ [ 150.989231] WARNING: CPU: 0 PID: 1415 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 150.989984] Modules linked in: [ 150.990229] CPU: 0 PID: 1415 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 150.990896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 150.991729] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 150.992104] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 150.993422] RSP: 0018:ffff888020d6fb78 EFLAGS: 00010246 [ 150.993807] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 150.994321] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 150.994854] RBP: ffff888020d6fb98 R08: ffffed1002e3743e R09: ffffed1002e3743e [ 150.995383] R10: ffff8880171ba1ef R11: ffffed1002e3743d R12: ffff8880171ba290 [ 150.995908] R13: ffff8880171ba0a8 R14: ffffffffffffffff R15: ffff888020d6fc60 [ 150.996427] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 150.997009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.997427] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 150.997945] PKRU: 55555554 [ 150.998152] Call Trace: [ 150.998338] [ 150.998534] iommufd_ioas_destroy+0x53/0x70 [ 150.998863] iommufd_fops_release+0x1f7/0x370 [ 150.999211] ? __pfx_iommufd_fops_release+0x10/0x10 [ 150.999589] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 150.999958] ? write_comp_data+0x2f/0x90 [ 151.000265] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.000638] __fput+0x26d/0xa40 [ 151.000894] ____fput+0x1e/0x30 [ 151.001143] task_work_run+0x1a4/0x2d0 [ 151.001436] ? __pfx_task_work_run+0x10/0x10 [ 151.001771] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.002140] ? switch_task_namespaces+0xa9/0xe0 [ 151.002495] do_exit+0xb17/0x2ef0 [ 151.002782] ? lock_acquire+0x427/0x4c0 [ 151.003090] ? __pfx_lock_release+0x10/0x10 [ 151.003427] ? __kasan_check_write+0x18/0x20 [ 151.003762] ? do_raw_spin_lock+0x132/0x2a0 [ 151.004086] ? __pfx_do_exit+0x10/0x10 [ 151.004387] ? debug_smp_processor_id+0x20/0x30 [ 151.004735] ? rcu_is_watching+0x19/0xb0 [ 151.005085] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.005424] ? trace_hardirqs_on+0x26/0x120 [ 151.005748] do_group_exit+0xe0/0x2b0 [ 151.006030] __x64_sys_exit_group+0x47/0x50 [ 151.006347] do_syscall_64+0x3b/0x90 [ 151.006661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.007055] RIP: 0033:0x7f4b87518a4d [ 151.007342] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.007798] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.008362] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.008880] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.009395] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.009924] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.010453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.011006] [ 151.011194] irq event stamp: 0 [ 151.011437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.011896] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.012503] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.013116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.013575] ---[ end trace 0000000000000000 ]--- [ 151.023073] ------------[ cut here ]------------ [ 151.023552] WARNING: CPU: 1 PID: 1416 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.024338] Modules linked in: [ 151.024578] CPU: 1 PID: 1416 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.025341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.026171] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.026611] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.028108] RSP: 0018:ffff8880149efbb8 EFLAGS: 00010246 [ 151.028574] RAX: 0000000000000000 RBX: ffff888011dd08a8 RCX: 0000000000000000 [ 151.029160] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 151.029716] RBP: ffff8880149efbd0 R08: ffffed10023ba133 R09: ffffed10023ba133 [ 151.030314] R10: ffff888011dd0993 R11: ffffed10023ba132 R12: ffff888018808000 [ 151.030944] R13: ffff888011dd09e8 R14: ffffffff8352e670 R15: ffff8880149efe68 [ 151.031486] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.032211] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.032650] CR2: 00007f4b877410e8 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 151.033215] PKRU: 55555554 [ 151.033430] Call Trace: [ 151.033636] [ 151.033848] __iommufd_access_detach+0x1c2/0x2b0 [ 151.034282] iommufd_access_change_pt+0x149/0x270 [ 151.034671] iommufd_access_replace+0xb4/0x120 [ 151.035049] iommufd_test+0x3e5/0x37e0 [ 151.035389] ? lock_release+0x532/0x770 [ 151.035784] ? __might_fault+0x102/0x1b0 [ 151.036129] ? lock_acquire+0x427/0x4c0 [ 151.036457] ? __pfx_iommufd_test+0x10/0x10 [ 151.036791] ? __pfx_lock_release+0x10/0x10 [ 151.037173] ? __pfx_lock_acquire+0x10/0x10 [ 151.037586] ? write_comp_data+0x2f/0x90 [ 151.037909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.038308] ? write_comp_data+0x2f/0x90 [ 151.038656] iommufd_fops_ioctl+0x37d/0x510 [ 151.039089] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.039520] ? write_comp_data+0x2f/0x90 [ 151.039847] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.040230] __x64_sys_ioctl+0x1a3/0x230 [ 151.040600] do_syscall_64+0x3b/0x90 [ 151.040960] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.041380] RIP: 0033:0x7f4b8743ee5d [ 151.041685] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.043230] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.043857] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.044541] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.045115] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.045688] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.046366] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.046987] [ 151.047193] irq event stamp: 0 [ 151.047445] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.048060] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.048726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.049468] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.050037] ---[ end trace 0000000000000000 ]--- [ 151.054604] ------------[ cut here ]------------ [ 151.055014] WARNING: CPU: 1 PID: 1416 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.055844] Modules linked in: [ 151.056163] CPU: 1 PID: 1416 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.056926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.057887] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.058337] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.059941] RSP: 0018:ffff8880149efbd0 EFLAGS: 00010246 [ 151.060359] RAX: 0000000000000000 RBX: ffff888011dd08a8 RCX: 0000000000000000 [ 151.060932] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 151.061617] RBP: ffff8880149efbe8 R08: ffffed10023ba133 R09: ffffed10023ba133 [ 151.062200] R10: ffff888011dd0993 R11: ffffed10023ba132 R12: ffff888010c0b400 [ 151.062774] R13: ffff888011dd09e8 R14: ffff8880143e0d00 R15: 0000000000000000 [ 151.063491] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.064142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.064605] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 151.065278] PKRU: 55555554 [ 151.065513] Call Trace: [ 151.065716] [ 151.065896] iommufd_access_destroy_object+0x65/0x170 [ 151.066326] iommufd_object_destroy_user+0x18e/0x220 [ 151.066878] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.067367] iommufd_access_destroy+0x43/0x70 [ 151.067744] iommufd_test_staccess_release+0x8d/0xd0 [ 151.068163] __fput+0x26d/0xa40 [ 151.068520] ____fput+0x1e/0x30 [ 151.068848] task_work_run+0x1a4/0x2d0 [ 151.069164] ? __pfx_task_work_run+0x10/0x10 [ 151.069538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.069938] ? switch_task_namespaces+0xa9/0xe0 [ 151.070381] do_exit+0xb17/0x2ef0 [ 151.070739] ? lock_acquire+0x427/0x4c0 [ 151.071064] ? __pfx_lock_release+0x10/0x10 [ 151.071437] ? __kasan_check_write+0x18/0x20 [ 151.071803] ? do_raw_spin_lock+0x132/0x2a0 [ 151.072215] ? __pfx_do_exit+0x10/0x10 [ 151.072605] ? debug_smp_processor_id+0x20/0x30 [ 151.072989] ? rcu_is_watching+0x19/0xb0 [ 151.073311] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.073690] ? trace_hardirqs_on+0x26/0x120 [ 151.074154] do_group_exit+0xe0/0x2b0 [ 151.074469] __x64_sys_exit_group+0x47/0x50 [ 151.074840] do_syscall_64+0x3b/0x90 [ 151.075174] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.075607] RIP: 0033:0x7f4b87518a4d [ 151.076003] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.076507] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.077117] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.077804] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.078387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.078968] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.079667] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.080256] [ 151.080471] irq event stamp: 0 [ 151.080729] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.081318] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.082071] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.082790] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.083442] ---[ end trace 0000000000000000 ]--- [ 151.086011] ------------[ cut here ]------------ [ 151.086426] WARNING: CPU: 1 PID: 1416 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.087503] Modules linked in: [ 151.087779] CPU: 1 PID: 1416 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.088519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.089605] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.090063] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.091766] RSP: 0018:ffff8880149efb78 EFLAGS: 00010246 [ 151.092229] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.092937] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 151.093548] RBP: ffff8880149efb98 R08: ffffed10023ba13e R09: ffffed10023ba13e [ 151.094139] R10: ffff888011dd09ef R11: ffffed10023ba13d R12: ffff888011dd0a90 [ 151.094877] R13: ffff888011dd08a8 R14: ffffffffffffffff R15: ffff8880149efc60 [ 151.095509] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.096198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.096798] CR2: 00007f82e2bc4000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 151.097407] PKRU: 55555554 [ 151.097665] Call Trace: [ 151.097880] [ 151.098102] iommufd_ioas_destroy+0x53/0x70 [ 151.098578] iommufd_fops_release+0x1f7/0x370 [ 151.098969] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.099403] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.099846] ? write_comp_data+0x2f/0x90 [ 151.100299] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.100744] __fput+0x26d/0xa40 [ 151.101049] ____fput+0x1e/0x30 [ 151.101334] task_work_run+0x1a4/0x2d0 [ 151.101673] ? __pfx_task_work_run+0x10/0x10 [ 151.102195] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.102633] ? switch_task_namespaces+0xa9/0xe0 [ 151.103055] do_exit+0xb17/0x2ef0 [ 151.103355] ? lock_acquire+0x427/0x4c0 [ 151.103726] ? __pfx_lock_release+0x10/0x10 [ 151.104198] ? __kasan_check_write+0x18/0x20 [ 151.104572] ? do_raw_spin_lock+0x132/0x2a0 [ 151.104928] ? __pfx_do_exit+0x10/0x10 [ 151.105299] ? debug_smp_processor_id+0x20/0x30 [ 151.105762] ? rcu_is_watching+0x19/0xb0 [ 151.106169] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.106596] ? trace_hardirqs_on+0x26/0x120 [ 151.106965] do_group_exit+0xe0/0x2b0 [ 151.107323] __x64_sys_exit_group+0x47/0x50 [ 151.107801] do_syscall_64+0x3b/0x90 [ 151.108116] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.108584] RIP: 0033:0x7f4b87518a4d [ 151.108901] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.109552] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.110196] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.110844] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.111566] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.112175] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.112799] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.113538] [ 151.113759] irq event stamp: 0 [ 151.114058] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.114626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.115465] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.116291] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.116838] ---[ end trace 0000000000000000 ]--- [ 151.126134] ------------[ cut here ]------------ [ 151.126791] WARNING: CPU: 1 PID: 1417 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.128313] Modules linked in: [ 151.128715] CPU: 1 PID: 1417 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.129963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.131421] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.132160] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.134322] RSP: 0018:ffff88800f52fbb8 EFLAGS: 00010246 [ 151.135079] RAX: 0000000000000000 RBX: ffff888010b990a8 RCX: 0000000000000000 [ 151.135959] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 151.136810] RBP: ffff88800f52fbd0 R08: ffffed1002173233 R09: ffffed1002173233 [ 151.137654] R10: ffff888010b99193 R11: ffffed1002173232 R12: ffff888017b2a400 [ 151.138500] R13: ffff888010b991e8 R14: ffffffff8352e670 R15: ffff88800f52fe68 [ 151.139407] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.140368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.141065] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 151.141922] PKRU: 55555554 [ 151.142269] Call Trace: [ 151.142623] [ 151.142911] __iommufd_access_detach+0x1c2/0x2b0 [ 151.143521] iommufd_access_change_pt+0x149/0x270 [ 151.144122] iommufd_access_replace+0xb4/0x120 [ 151.144696] iommufd_test+0x3e5/0x37e0 [ 151.145174] ? lock_release+0x532/0x770 [ 151.145670] ? __might_fault+0x102/0x1b0 [ 151.146174] ? lock_acquire+0x427/0x4c0 [ 151.146712] ? __pfx_iommufd_test+0x10/0x10 [ 151.147295] ? __pfx_lock_release+0x10/0x10 [ 151.147684] ? __pfx_lock_acquire+0x10/0x10 [ 151.148052] ? write_comp_data+0x2f/0x90 [ 151.148393] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.148794] ? write_comp_data+0x2f/0x90 [ 151.149135] iommufd_fops_ioctl+0x37d/0x510 [ 151.149493] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.149894] ? write_comp_data+0x2f/0x90 [ 151.150236] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.150663] __x64_sys_ioctl+0x1a3/0x230 [ 151.151012] do_syscall_64+0x3b/0x90 [ 151.151345] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.151786] RIP: 0033:0x7f4b8743ee5d [ 151.152090] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.153565] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.154180] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.154774] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.155359] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.155932] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.156505] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.157082] [ 151.157271] irq event stamp: 0 [ 151.157527] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.158034] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.158728] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.159419] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.159928] ---[ end trace 0000000000000000 ]--- [ 151.164795] ------------[ cut here ]------------ [ 151.165399] WARNING: CPU: 0 PID: 1417 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.166730] Modules linked in: [ 151.167125] CPU: 0 PID: 1417 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.168143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.169441] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.170024] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.171990] RSP: 0018:ffff88800f52fbd0 EFLAGS: 00010246 [ 151.172436] RAX: 0000000000000000 RBX: ffff888010b990a8 RCX: 0000000000000000 [ 151.173030] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 151.173599] RBP: ffff88800f52fbe8 R08: ffffed1002173233 R09: ffffed1002173233 [ 151.174206] R10: ffff888010b99193 R11: ffffed1002173232 R12: ffff88801880b000 [ 151.174811] R13: ffff888010b991e8 R14: ffff88800fd2d100 R15: 0000000000000000 [ 151.175420] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 151.176099] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.176567] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 151.177167] PKRU: 55555554 [ 151.177398] Call Trace: [ 151.177607] [ 151.177792] iommufd_access_destroy_object+0x65/0x170 [ 151.178237] iommufd_object_destroy_user+0x18e/0x220 [ 151.178676] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.179178] iommufd_access_destroy+0x43/0x70 [ 151.179566] iommufd_test_staccess_release+0x8d/0xd0 [ 151.179990] __fput+0x26d/0xa40 [ 151.180301] ____fput+0x1e/0x30 [ 151.180578] task_work_run+0x1a4/0x2d0 [ 151.180906] ? __pfx_task_work_run+0x10/0x10 [ 151.181277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.181692] ? switch_task_namespaces+0xa9/0xe0 [ 151.182082] do_exit+0xb17/0x2ef0 [ 151.182380] ? lock_acquire+0x427/0x4c0 [ 151.182749] ? __pfx_lock_release+0x10/0x10 [ 151.183122] ? __kasan_check_write+0x18/0x20 [ 151.183512] ? do_raw_spin_lock+0x132/0x2a0 [ 151.183866] ? __pfx_do_exit+0x10/0x10 [ 151.184192] ? debug_smp_processor_id+0x20/0x30 [ 151.184592] ? rcu_is_watching+0x19/0xb0 [ 151.184926] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.185300] ? trace_hardirqs_on+0x26/0x120 [ 151.185676] do_group_exit+0xe0/0x2b0 [ 151.185998] __x64_sys_exit_group+0x47/0x50 [ 151.186345] do_syscall_64+0x3b/0x90 [ 151.186689] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.187155] RIP: 0033:0x7f4b87518a4d [ 151.187460] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.187983] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.188591] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.189192] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.189768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.190360] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.190961] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.191585] [ 151.191773] irq event stamp: 0 [ 151.192019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.192541] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.193198] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.193863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.194371] ---[ end trace 0000000000000000 ]--- [ 151.195100] ------------[ cut here ]------------ [ 151.195495] WARNING: CPU: 0 PID: 1417 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.196294] Modules linked in: [ 151.196562] CPU: 0 PID: 1417 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.197246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.198135] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.198574] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.200032] RSP: 0018:ffff88800f52fb78 EFLAGS: 00010246 [ 151.200448] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.201019] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 151.201573] RBP: ffff88800f52fb98 R08: ffffed100217323e R09: ffffed100217323e [ 151.202143] R10: ffff888010b991ef R11: ffffed100217323d R12: ffff888010b99290 [ 151.202731] R13: ffff888010b990a8 R14: ffffffffffffffff R15: ffff88800f52fc60 [ 151.203326] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 151.203953] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.204419] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 151.204976] PKRU: 55555554 [ 151.205202] Call Trace: [ 151.205413] [ 151.205591] iommufd_ioas_destroy+0x53/0x70 [ 151.205937] iommufd_fops_release+0x1f7/0x370 [ 151.206303] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.206721] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.207105] ? write_comp_data+0x2f/0x90 [ 151.207453] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.207840] __fput+0x26d/0xa40 [ 151.208109] ____fput+0x1e/0x30 [ 151.208373] task_work_run+0x1a4/0x2d0 [ 151.208697] ? __pfx_task_work_run+0x10/0x10 [ 151.209049] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.209435] ? switch_task_namespaces+0xa9/0xe0 [ 151.209820] do_exit+0xb17/0x2ef0 [ 151.210091] ? lock_acquire+0x427/0x4c0 [ 151.210407] ? __pfx_lock_release+0x10/0x10 [ 151.210784] ? __kasan_check_write+0x18/0x20 [ 151.211154] ? do_raw_spin_lock+0x132/0x2a0 [ 151.211494] ? __pfx_do_exit+0x10/0x10 [ 151.211817] ? debug_smp_processor_id+0x20/0x30 [ 151.212177] ? rcu_is_watching+0x19/0xb0 [ 151.212511] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.212878] ? trace_hardirqs_on+0x26/0x120 [ 151.213217] do_group_exit+0xe0/0x2b0 [ 151.213531] __x64_sys_exit_group+0x47/0x50 [ 151.213868] do_syscall_64+0x3b/0x90 [ 151.214177] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.214625] RIP: 0033:0x7f4b87518a4d [ 151.214914] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.215440] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.216022] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.216611] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.217168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.217721] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.218285] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.218865] [ 151.219051] irq event stamp: 0 [ 151.219309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.219804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.220455] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.221097] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.221606] ---[ end trace 0000000000000000 ]--- [ 151.226149] ------------[ cut here ]------------ [ 151.226695] WARNING: CPU: 0 PID: 1418 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.227513] Modules linked in: [ 151.227763] CPU: 0 PID: 1418 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.228454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.229327] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.229712] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.231169] RSP: 0018:ffff8880149efbb8 EFLAGS: 00010246 [ 151.231600] RAX: 0000000000000000 RBX: ffff888010b7c8a8 RCX: 0000000000000000 [ 151.232146] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 151.232715] RBP: ffff8880149efbd0 R08: ffffed100216f933 R09: ffffed100216f933 [ 151.233264] R10: ffff888010b7c993 R11: ffffed100216f932 R12: ffff888010e01c00 [ 151.233821] R13: ffff888010b7c9e8 R14: ffffffff8352e670 R15: ffff8880149efe68 [ 151.234382] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 151.235041] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.235515] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 151.236087] PKRU: 55555554 [ 151.236305] Call Trace: [ 151.236502] [ 151.236678] __iommufd_access_detach+0x1c2/0x2b0 [ 151.237091] iommufd_access_change_pt+0x149/0x270 [ 151.237473] iommufd_access_replace+0xb4/0x120 [ 151.237839] iommufd_test+0x3e5/0x37e0 [ 151.238159] ? lock_release+0x532/0x770 [ 151.238478] ? __might_fault+0x102/0x1b0 [ 151.238831] ? lock_acquire+0x427/0x4c0 [ 151.239182] ? __pfx_iommufd_test+0x10/0x10 [ 151.239516] ? __pfx_lock_release+0x10/0x10 [ 151.239862] ? __pfx_lock_acquire+0x10/0x10 [ 151.240242] ? write_comp_data+0x2f/0x90 [ 151.240566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.240948] ? write_comp_data+0x2f/0x90 [ 151.241291] iommufd_fops_ioctl+0x37d/0x510 [ 151.241635] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.242015] ? write_comp_data+0x2f/0x90 [ 151.242361] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.242763] __x64_sys_ioctl+0x1a3/0x230 [ 151.243094] do_syscall_64+0x3b/0x90 [ 151.243431] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.243842] RIP: 0033:0x7f4b8743ee5d [ 151.244131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.245564] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.246154] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.246740] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.247299] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.247865] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.248410] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.248992] [ 151.249175] irq event stamp: 0 [ 151.249417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.249925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.250608] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.251362] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.251863] ---[ end trace 0000000000000000 ]--- [ 151.254639] ------------[ cut here ]------------ [ 151.255017] WARNING: CPU: 0 PID: 1418 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.255824] Modules linked in: [ 151.256083] CPU: 0 PID: 1418 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.256782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.257679] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.258082] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.259598] RSP: 0018:ffff8880149efbd0 EFLAGS: 00010246 [ 151.260030] RAX: 0000000000000000 RBX: ffff888010b7c8a8 RCX: 0000000000000000 [ 151.260587] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 151.261210] RBP: ffff8880149efbe8 R08: ffffed100216f933 R09: ffffed100216f933 [ 151.261778] R10: ffff888010b7c993 R11: ffffed100216f932 R12: ffff88801226ec00 [ 151.262350] R13: ffff888010b7c9e8 R14: ffff88800f5b5800 R15: 0000000000000000 [ 151.262941] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 151.263586] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.264046] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 151.264611] PKRU: 55555554 [ 151.264839] Call Trace: [ 151.265043] [ 151.265227] iommufd_access_destroy_object+0x65/0x170 [ 151.265639] iommufd_object_destroy_user+0x18e/0x220 [ 151.266045] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.266501] iommufd_access_destroy+0x43/0x70 [ 151.266886] iommufd_test_staccess_release+0x8d/0xd0 [ 151.267305] __fput+0x26d/0xa40 [ 151.267583] ____fput+0x1e/0x30 [ 151.267853] task_work_run+0x1a4/0x2d0 [ 151.268169] ? __pfx_task_work_run+0x10/0x10 [ 151.268523] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.268913] ? switch_task_namespaces+0xa9/0xe0 [ 151.269289] do_exit+0xb17/0x2ef0 [ 151.269571] ? lock_acquire+0x427/0x4c0 [ 151.269898] ? __pfx_lock_release+0x10/0x10 [ 151.270498] ? __kasan_check_write+0x18/0x20 [ 151.271216] ? do_raw_spin_lock+0x132/0x2a0 [ 151.271709] ? __pfx_do_exit+0x10/0x10 [ 151.272182] ? debug_smp_processor_id+0x20/0x30 [ 151.272734] ? rcu_is_watching+0x19/0xb0 [ 151.273216] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.273971] ? trace_hardirqs_on+0x26/0x120 [ 151.274501] do_group_exit+0xe0/0x2b0 [ 151.275020] __x64_sys_exit_group+0x47/0x50 [ 151.275557] do_syscall_64+0x3b/0x90 [ 151.276021] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.276645] RIP: 0033:0x7f4b87518a4d [ 151.277088] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.277836] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.278978] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.279823] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.280658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.281516] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.282577] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.283439] [ 151.283724] irq event stamp: 0 [ 151.284096] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.284853] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.285961] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.286971] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.287719] ---[ end trace 0000000000000000 ]--- [ 151.289069] ------------[ cut here ]------------ [ 151.289610] WARNING: CPU: 0 PID: 1418 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.290864] Modules linked in: [ 151.291257] CPU: 0 PID: 1418 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.292477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.293747] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.294336] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.296987] RSP: 0018:ffff8880149efb78 EFLAGS: 00010246 [ 151.297623] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.298447] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 151.299324] RBP: ffff8880149efb98 R08: ffffed100216f93e R09: ffffed100216f93e [ 151.300242] R10: ffff888010b7c9ef R11: ffffed100216f93d R12: ffff888010b7ca90 [ 151.301222] R13: ffff888010b7c8a8 R14: ffffffffffffffff R15: ffff8880149efc60 [ 151.302053] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 151.303025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.303753] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 151.304865] PKRU: 55555554 [ 151.305215] Call Trace: [ 151.305527] [ 151.305805] iommufd_ioas_destroy+0x53/0x70 [ 151.306599] iommufd_fops_release+0x1f7/0x370 [ 151.307180] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.307799] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.308435] ? write_comp_data+0x2f/0x90 [ 151.309133] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.309748] __fput+0x26d/0xa40 [ 151.310173] ____fput+0x1e/0x30 [ 151.310827] task_work_run+0x1a4/0x2d0 [ 151.311340] ? __pfx_task_work_run+0x10/0x10 [ 151.311884] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.312478] ? switch_task_namespaces+0xa9/0xe0 [ 151.313268] do_exit+0xb17/0x2ef0 [ 151.313703] ? lock_acquire+0x427/0x4c0 [ 151.314203] ? __pfx_lock_release+0x10/0x10 [ 151.314989] ? __kasan_check_write+0x18/0x20 [ 151.315552] ? do_raw_spin_lock+0x132/0x2a0 [ 151.316078] ? __pfx_do_exit+0x10/0x10 [ 151.316563] ? debug_smp_processor_id+0x20/0x30 [ 151.317216] ? rcu_is_watching+0x19/0xb0 [ 151.317852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.318426] ? trace_hardirqs_on+0x26/0x120 [ 151.319029] do_group_exit+0xe0/0x2b0 [ 151.319703] __x64_sys_exit_group+0x47/0x50 [ 151.320245] do_syscall_64+0x3b/0x90 [ 151.320721] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.321415] RIP: 0033:0x7f4b87518a4d [ 151.322028] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.322836] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.323870] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.324909] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.325811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.326919] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.327851] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.329038] [ 151.329355] irq event stamp: 0 [ 151.329759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.330908] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.332000] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.333358] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.334163] ---[ end trace 0000000000000000 ]--- [ 151.343238] ------------[ cut here ]------------ [ 151.344317] WARNING: CPU: 0 PID: 1419 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.345666] Modules linked in: [ 151.346465] CPU: 0 PID: 1419 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.347764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.349604] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.350281] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.353137] RSP: 0018:ffff888015e57bb8 EFLAGS: 00010246 [ 151.353869] RAX: 0000000000000000 RBX: ffff888017aad8a8 RCX: 0000000000000000 [ 151.354889] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 151.355861] RBP: ffff888015e57bd0 R08: ffffed1002f55b33 R09: ffffed1002f55b33 [ 151.356798] R10: ffff888017aad993 R11: ffffed1002f55b32 R12: ffff88801341d000 [ 151.358200] R13: ffff888017aad9e8 R14: ffffffff8352e670 R15: ffff888015e57e68 [ 151.359287] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 151.360439] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.361590] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 151.362615] PKRU: 55555554 [ 151.363005] Call Trace: [ 151.363555] [ 151.364141] __iommufd_access_detach+0x1c2/0x2b0 [ 151.364824] iommufd_access_change_pt+0x149/0x270 [ 151.365489] iommufd_access_replace+0xb4/0x120 [ 151.366502] iommufd_test+0x3e5/0x37e0 [ 151.367152] ? lock_release+0x532/0x770 [ 151.367735] ? __might_fault+0x102/0x1b0 [ 151.368311] ? lock_acquire+0x427/0x4c0 [ 151.369398] ? __pfx_iommufd_test+0x10/0x10 [ 151.370009] ? __pfx_lock_release+0x10/0x10 [ 151.370691] ? __pfx_lock_acquire+0x10/0x10 [ 151.371339] ? write_comp_data+0x2f/0x90 [ 151.371932] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.372615] ? write_comp_data+0x2f/0x90 [ 151.373190] iommufd_fops_ioctl+0x37d/0x510 [ 151.373797] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.374474] ? write_comp_data+0x2f/0x90 [ 151.375147] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.375824] __x64_sys_ioctl+0x1a3/0x230 [ 151.376404] do_syscall_64+0x3b/0x90 [ 151.376935] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.377652] RIP: 0033:0x7f4b8743ee5d [ 151.378167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.380642] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.381654] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.382638] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.383566] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.384474] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.385378] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.386299] [ 151.386676] irq event stamp: 0 [ 151.387095] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.387934] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.388995] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.390053] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.390907] ---[ end trace 0000000000000000 ]--- [ 151.395878] ------------[ cut here ]------------ [ 151.396492] WARNING: CPU: 0 PID: 1419 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.397728] Modules linked in: [ 151.398136] CPU: 0 PID: 1419 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.399387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.400742] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.401348] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.403557] RSP: 0018:ffff888015e57bd0 EFLAGS: 00010246 [ 151.404206] RAX: 0000000000000000 RBX: ffff888017aad8a8 RCX: 0000000000000000 [ 151.405063] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 151.405916] RBP: ffff888015e57be8 R08: ffffed1002f55b33 R09: ffffed1002f55b33 [ 151.406828] R10: ffff888017aad993 R11: ffffed1002f55b32 R12: ffff888010e00c00 [ 151.407703] R13: ffff888017aad9e8 R14: ffff888013c90700 R15: 0000000000000000 [ 151.408550] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 151.409499] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.410190] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 151.411093] PKRU: 55555554 [ 151.411382] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 151.411470] Call Trace: [ 151.413449] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 151.413729] [ 151.415408] iommufd_access_destroy_object+0x65/0x170 [ 151.416042] iommufd_object_destroy_user+0x18e/0x220 [ 151.416674] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.417389] iommufd_access_destroy+0x43/0x70 [ 151.417955] iommufd_test_staccess_release+0x8d/0xd0 [ 151.418623] __fput+0x26d/0xa40 [ 151.419065] ____fput+0x1e/0x30 [ 151.419506] task_work_run+0x1a4/0x2d0 [ 151.419991] ? __pfx_task_work_run+0x10/0x10 [ 151.420521] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.421095] ? switch_task_namespaces+0xa9/0xe0 [ 151.421677] do_exit+0xb17/0x2ef0 [ 151.422100] ? lock_acquire+0x427/0x4c0 [ 151.422631] ? __pfx_lock_release+0x10/0x10 [ 151.423179] ? __kasan_check_write+0x18/0x20 [ 151.423717] ? do_raw_spin_lock+0x132/0x2a0 [ 151.424235] ? __pfx_do_exit+0x10/0x10 [ 151.424715] ? debug_smp_processor_id+0x20/0x30 [ 151.425272] ? rcu_is_watching+0x19/0xb0 [ 151.425762] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.426310] ? trace_hardirqs_on+0x26/0x120 [ 151.426869] do_group_exit+0xe0/0x2b0 [ 151.427357] __x64_sys_exit_group+0x47/0x50 [ 151.427864] do_syscall_64+0x3b/0x90 [ 151.428318] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.428927] RIP: 0033:0x7f4b87518a4d [ 151.429362] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.430071] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.430982] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.431823] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.432635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.433464] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.434291] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.435200] [ 151.435490] irq event stamp: 0 [ 151.435865] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.436597] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.437569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.438583] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.439315] ---[ end trace 0000000000000000 ]--- [ 151.440985] ------------[ cut here ]------------ [ 151.441563] WARNING: CPU: 0 PID: 1419 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.442822] Modules linked in: [ 151.443240] CPU: 0 PID: 1419 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.444254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.445560] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.446201] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.448964] RSP: 0018:ffff888015e57b78 EFLAGS: 00010246 [ 151.449628] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.450879] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 151.451762] RBP: ffff888015e57b98 R08: ffffed1002f55b3e R09: ffffed1002f55b3e [ 151.452619] R10: ffff888017aad9ef R11: ffffed1002f55b3d R12: ffff888017aada90 [ 151.453471] R13: ffff888017aad8a8 R14: ffffffffffffffff R15: ffff888015e57c60 [ 151.454327] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 151.455369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.456083] CR2: 00007f4b875fca50 CR3: 0000000013cb8000 CR4: 0000000000750ef0 [ 151.456945] PKRU: 55555554 [ 151.457295] Call Trace: [ 151.457615] [ 151.457903] iommufd_ioas_destroy+0x53/0x70 [ 151.458452] iommufd_fops_release+0x1f7/0x370 [ 151.459067] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.459716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.460333] ? write_comp_data+0x2f/0x90 [ 151.460862] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.461488] __fput+0x26d/0xa40 [ 151.461928] ____fput+0x1e/0x30 [ 151.462353] task_work_run+0x1a4/0x2d0 [ 151.462893] ? __pfx_task_work_run+0x10/0x10 [ 151.463467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.464079] ? switch_task_namespaces+0xa9/0xe0 [ 151.464672] do_exit+0xb17/0x2ef0 [ 151.465105] ? lock_acquire+0x427/0x4c0 [ 151.465612] ? __pfx_lock_release+0x10/0x10 [ 151.466155] ? __kasan_check_write+0x18/0x20 [ 151.466763] ? do_raw_spin_lock+0x132/0x2a0 [ 151.467322] ? __pfx_do_exit+0x10/0x10 [ 151.467824] ? debug_smp_processor_id+0x20/0x30 [ 151.468410] ? rcu_is_watching+0x19/0xb0 [ 151.468920] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.469490] ? trace_hardirqs_on+0x26/0x120 [ 151.470030] do_group_exit+0xe0/0x2b0 [ 151.470504] __x64_sys_exit_group+0x47/0x50 [ 151.471080] do_syscall_64+0x3b/0x90 [ 151.471578] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.472225] RIP: 0033:0x7f4b87518a4d [ 151.472693] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.473437] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.474353] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.475296] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.476170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.477034] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.477893] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.478816] [ 151.479148] irq event stamp: 0 [ 151.479544] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.480309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.481335] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.482344] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.483213] ---[ end trace 0000000000000000 ]--- [ 151.487292] ------------[ cut here ]------------ [ 151.487759] WARNING: CPU: 1 PID: 1421 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.488877] Modules linked in: [ 151.489174] CPU: 1 PID: 1421 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.489968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.491258] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.491732] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.493570] RSP: 0018:ffff88800f7afbb8 EFLAGS: 00010246 [ 151.494073] RAX: 0000000000000000 RBX: ffff8880245a10a8 RCX: 0000000000000000 [ 151.494740] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 151.495561] RBP: ffff88800f7afbd0 R08: ffffed10048b4233 R09: ffffed10048b4233 [ 151.496233] R10: ffff8880245a1193 R11: ffffed10048b4232 R12: ffff88801853a400 [ 151.496888] R13: ffff8880245a11e8 R14: ffffffff8352e670 R15: ffff88800f7afe68 [ 151.497718] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.498459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.499020] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 151.499821] PKRU: 55555554 [ 151.500097] Call Trace: [ 151.500331] [ 151.500538] __iommufd_access_detach+0x1c2/0x2b0 [ 151.500988] iommufd_access_change_pt+0x149/0x270 [ 151.501448] iommufd_access_replace+0xb4/0x120 [ 151.502013] iommufd_test+0x3e5/0x37e0 [ 151.502370] ? lock_release+0x532/0x770 [ 151.502772] ? __might_fault+0x102/0x1b0 [ 151.503176] ? lock_acquire+0x427/0x4c0 [ 151.503556] ? __pfx_iommufd_test+0x10/0x10 [ 151.504080] ? __pfx_lock_release+0x10/0x10 [ 151.504501] ? __pfx_lock_acquire+0x10/0x10 [ 151.504908] ? write_comp_data+0x2f/0x90 [ 151.505288] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.505824] ? write_comp_data+0x2f/0x90 [ 151.506282] iommufd_fops_ioctl+0x37d/0x510 [ 151.506704] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.507158] ? write_comp_data+0x2f/0x90 [ 151.507544] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.508080] __x64_sys_ioctl+0x1a3/0x230 [ 151.508534] do_syscall_64+0x3b/0x90 [ 151.508893] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.509389] RIP: 0033:0x7f4b8743ee5d [ 151.509733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.511575] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.512267] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.512905] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.513655] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.514377] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.515074] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.515741] [ 151.515976] irq event stamp: 0 [ 151.516329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.517040] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.517815] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.518757] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.519352] ---[ end trace 0000000000000000 ]--- [ 151.522948] ------------[ cut here ]------------ [ 151.523434] WARNING: CPU: 1 PID: 1421 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.524347] Modules linked in: [ 151.524639] CPU: 1 PID: 1421 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.525586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.526635] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.527088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.528928] RSP: 0018:ffff88800f7afbd0 EFLAGS: 00010246 [ 151.529415] RAX: 0000000000000000 RBX: ffff8880245a10a8 RCX: 0000000000000000 [ 151.530053] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 151.530727] RBP: ffff88800f7afbe8 R08: ffffed10048b4233 R09: ffffed10048b4233 [ 151.531396] R10: ffff8880245a1193 R11: ffffed10048b4232 R12: ffff888017b28800 [ 151.532057] R13: ffff8880245a11e8 R14: ffff888013a7eb00 R15: 0000000000000000 [ 151.532699] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.533420] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.533937] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 151.534609] PKRU: 55555554 [ 151.534881] Call Trace: [ 151.535121] [ 151.535327] iommufd_access_destroy_object+0x65/0x170 [ 151.535802] iommufd_object_destroy_user+0x18e/0x220 [ 151.536266] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.536798] iommufd_access_destroy+0x43/0x70 [ 151.537214] iommufd_test_staccess_release+0x8d/0xd0 [ 151.537697] __fput+0x26d/0xa40 [ 151.538011] ____fput+0x1e/0x30 [ 151.538324] task_work_run+0x1a4/0x2d0 [ 151.538710] ? __pfx_task_work_run+0x10/0x10 [ 151.539137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.539581] ? switch_task_namespaces+0xa9/0xe0 [ 151.540015] do_exit+0xb17/0x2ef0 [ 151.540329] ? lock_acquire+0x427/0x4c0 [ 151.540677] ? __pfx_lock_release+0x10/0x10 [ 151.541065] ? __kasan_check_write+0x18/0x20 [ 151.541447] ? do_raw_spin_lock+0x132/0x2a0 [ 151.541818] ? __pfx_do_exit+0x10/0x10 [ 151.542170] ? debug_smp_processor_id+0x20/0x30 [ 151.542590] ? rcu_is_watching+0x19/0xb0 [ 151.542945] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.543360] ? trace_hardirqs_on+0x26/0x120 [ 151.543738] do_group_exit+0xe0/0x2b0 [ 151.544066] __x64_sys_exit_group+0x47/0x50 [ 151.544448] do_syscall_64+0x3b/0x90 [ 151.544777] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.545227] RIP: 0033:0x7f4b87518a4d [ 151.545548] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.546069] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.546745] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.547371] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.547984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.548590] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.549256] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.549874] [ 151.550075] irq event stamp: 0 [ 151.550342] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.550909] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.551633] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.552349] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.552890] ---[ end trace 0000000000000000 ]--- [ 151.553636] ------------[ cut here ]------------ [ 151.554053] WARNING: CPU: 1 PID: 1421 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.554956] Modules linked in: [ 151.555245] CPU: 1 PID: 1421 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.555993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.556957] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.557412] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.558977] RSP: 0018:ffff88800f7afb78 EFLAGS: 00010246 [ 151.559441] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.560049] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 151.560668] RBP: ffff88800f7afb98 R08: ffffed10048b423e R09: ffffed10048b423e [ 151.561277] R10: ffff8880245a11ef R11: ffffed10048b423d R12: ffff8880245a1290 [ 151.561897] R13: ffff8880245a10a8 R14: ffffffffffffffff R15: ffff88800f7afc60 [ 151.562527] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.563201] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.563679] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 151.564252] PKRU: 55555554 [ 151.564486] Call Trace: [ 151.564694] [ 151.564880] iommufd_ioas_destroy+0x53/0x70 [ 151.565239] iommufd_fops_release+0x1f7/0x370 [ 151.565613] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.566017] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.566426] ? write_comp_data+0x2f/0x90 [ 151.566794] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.567212] __fput+0x26d/0xa40 [ 151.567497] ____fput+0x1e/0x30 [ 151.567781] task_work_run+0x1a4/0x2d0 [ 151.568104] ? __pfx_task_work_run+0x10/0x10 [ 151.568483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.568884] ? switch_task_namespaces+0xa9/0xe0 [ 151.569284] do_exit+0xb17/0x2ef0 [ 151.569567] ? lock_acquire+0x427/0x4c0 [ 151.569901] ? __pfx_lock_release+0x10/0x10 [ 151.570268] ? __kasan_check_write+0x18/0x20 [ 151.570652] ? do_raw_spin_lock+0x132/0x2a0 [ 151.571020] ? __pfx_do_exit+0x10/0x10 [ 151.571362] ? debug_smp_processor_id+0x20/0x30 [ 151.571753] ? rcu_is_watching+0x19/0xb0 [ 151.572088] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.572464] ? trace_hardirqs_on+0x26/0x120 [ 151.572827] do_group_exit+0xe0/0x2b0 [ 151.573139] __x64_sys_exit_group+0x47/0x50 [ 151.573489] do_syscall_64+0x3b/0x90 [ 151.573799] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.574222] RIP: 0033:0x7f4b87518a4d [ 151.574547] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.575053] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.575675] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.576257] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.576888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.577473] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.578049] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.578666] [ 151.578861] irq event stamp: 0 [ 151.579139] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.579649] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.580338] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.581051] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.581558] ---[ end trace 0000000000000000 ]--- [ 151.585521] ------------[ cut here ]------------ [ 151.585937] WARNING: CPU: 1 PID: 1422 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.586975] Modules linked in: [ 151.587262] CPU: 1 PID: 1422 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.587960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.588868] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.589272] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.590773] RSP: 0018:ffff888017bc7bb8 EFLAGS: 00010246 [ 151.591228] RAX: 0000000000000000 RBX: ffff888010b9f0a8 RCX: 0000000000000000 [ 151.591799] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 151.592373] RBP: ffff888017bc7bd0 R08: ffffed1002173e33 R09: ffffed1002173e33 [ 151.592943] R10: ffff888010b9f193 R11: ffffed1002173e32 R12: ffff88800fcb0400 [ 151.593521] R13: ffff888010b9f1e8 R14: ffffffff8352e670 R15: ffff888017bc7e68 [ 151.594092] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.594769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.595261] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 151.595834] PKRU: 55555554 [ 151.596075] Call Trace: [ 151.596282] [ 151.596466] __iommufd_access_detach+0x1c2/0x2b0 [ 151.596862] iommufd_access_change_pt+0x149/0x270 [ 151.597262] iommufd_access_replace+0xb4/0x120 [ 151.597644] iommufd_test+0x3e5/0x37e0 [ 151.597965] ? lock_release+0x532/0x770 [ 151.598298] ? __might_fault+0x102/0x1b0 [ 151.598653] ? lock_acquire+0x427/0x4c0 [ 151.598988] ? __pfx_iommufd_test+0x10/0x10 [ 151.599346] ? __pfx_lock_release+0x10/0x10 [ 151.599715] ? __pfx_lock_acquire+0x10/0x10 [ 151.600074] ? write_comp_data+0x2f/0x90 [ 151.600412] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.600815] ? write_comp_data+0x2f/0x90 [ 151.601163] iommufd_fops_ioctl+0x37d/0x510 [ 151.601520] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.601922] ? write_comp_data+0x2f/0x90 [ 151.602259] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.602675] __x64_sys_ioctl+0x1a3/0x230 [ 151.603027] do_syscall_64+0x3b/0x90 [ 151.603351] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.603791] RIP: 0033:0x7f4b8743ee5d [ 151.604091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.605576] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.606196] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.606793] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.607382] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.607958] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.608540] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.609118] [ 151.609318] irq event stamp: 0 [ 151.609575] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.610090] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.610783] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.611474] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.611987] ---[ end trace 0000000000000000 ]--- [ 151.614811] ------------[ cut here ]------------ [ 151.615248] WARNING: CPU: 1 PID: 1422 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.616071] Modules linked in: [ 151.616339] CPU: 1 PID: 1422 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.617042] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.617946] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.618348] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.619844] RSP: 0018:ffff888017bc7bd0 EFLAGS: 00010246 [ 151.620276] RAX: 0000000000000000 RBX: ffff888010b9f0a8 RCX: 0000000000000000 [ 151.620858] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 151.621435] RBP: ffff888017bc7be8 R08: ffffed1002173e33 R09: ffffed1002173e33 [ 151.622008] R10: ffff888010b9f193 R11: ffffed1002173e32 R12: ffff888018538800 [ 151.622596] R13: ffff888010b9f1e8 R14: ffff888016e16f00 R15: 0000000000000000 [ 151.623189] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.623827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.624308] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 151.624887] PKRU: 55555554 [ 151.625119] Call Trace: [ 151.625328] [ 151.625514] iommufd_access_destroy_object+0x65/0x170 [ 151.625950] iommufd_object_destroy_user+0x18e/0x220 [ 151.626367] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.626860] iommufd_access_destroy+0x43/0x70 [ 151.627236] iommufd_test_staccess_release+0x8d/0xd0 [ 151.627660] __fput+0x26d/0xa40 [ 151.627938] ____fput+0x1e/0x30 [ 151.628205] task_work_run+0x1a4/0x2d0 [ 151.628519] ? __pfx_task_work_run+0x10/0x10 [ 151.628873] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.629273] ? switch_task_namespaces+0xa9/0xe0 [ 151.629650] do_exit+0xb17/0x2ef0 [ 151.629925] ? lock_acquire+0x427/0x4c0 [ 151.630254] ? __pfx_lock_release+0x10/0x10 [ 151.630618] ? __kasan_check_write+0x18/0x20 [ 151.630972] ? do_raw_spin_lock+0x132/0x2a0 [ 151.631335] ? __pfx_do_exit+0x10/0x10 [ 151.631659] ? debug_smp_processor_id+0x20/0x30 [ 151.632026] ? rcu_is_watching+0x19/0xb0 [ 151.632351] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.632717] ? trace_hardirqs_on+0x26/0x120 [ 151.633065] do_group_exit+0xe0/0x2b0 [ 151.633379] __x64_sys_exit_group+0x47/0x50 [ 151.633721] do_syscall_64+0x3b/0x90 [ 151.634024] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.634450] RIP: 0033:0x7f4b87518a4d [ 151.634766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.635270] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.635862] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.636418] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.636970] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.637527] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.638084] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.638676] [ 151.638860] irq event stamp: 0 [ 151.639107] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.639615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.640265] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.640912] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.641395] ---[ end trace 0000000000000000 ]--- [ 151.642077] ------------[ cut here ]------------ [ 151.642435] WARNING: CPU: 1 PID: 1422 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.643256] Modules linked in: [ 151.643517] CPU: 1 PID: 1422 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.644197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.645100] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.645498] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.646933] RSP: 0018:ffff888017bc7b78 EFLAGS: 00010246 [ 151.647356] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.647909] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 151.648458] RBP: ffff888017bc7b98 R08: ffffed1002173e3e R09: ffffed1002173e3e [ 151.649013] R10: ffff888010b9f1ef R11: ffffed1002173e3d R12: ffff888010b9f290 [ 151.649568] R13: ffff888010b9f0a8 R14: ffffffffffffffff R15: ffff888017bc7c60 [ 151.650117] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.650754] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.651218] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 151.651765] PKRU: 55555554 [ 151.651993] Call Trace: [ 151.652190] [ 151.652365] iommufd_ioas_destroy+0x53/0x70 [ 151.652705] iommufd_fops_release+0x1f7/0x370 [ 151.653062] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.653451] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.653842] ? write_comp_data+0x2f/0x90 [ 151.654163] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.654567] __fput+0x26d/0xa40 [ 151.654841] ____fput+0x1e/0x30 [ 151.655108] task_work_run+0x1a4/0x2d0 [ 151.655430] ? __pfx_task_work_run+0x10/0x10 [ 151.655781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.656172] ? switch_task_namespaces+0xa9/0xe0 [ 151.656541] do_exit+0xb17/0x2ef0 [ 151.656821] ? lock_acquire+0x427/0x4c0 [ 151.657138] ? __pfx_lock_release+0x10/0x10 [ 151.657478] ? __kasan_check_write+0x18/0x20 [ 151.657825] ? do_raw_spin_lock+0x132/0x2a0 [ 151.658157] ? __pfx_do_exit+0x10/0x10 [ 151.658475] ? debug_smp_processor_id+0x20/0x30 [ 151.658857] ? rcu_is_watching+0x19/0xb0 [ 151.659203] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.659573] ? trace_hardirqs_on+0x26/0x120 [ 151.659913] do_group_exit+0xe0/0x2b0 [ 151.660209] __x64_sys_exit_group+0x47/0x50 [ 151.660541] do_syscall_64+0x3b/0x90 [ 151.660845] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.661252] RIP: 0033:0x7f4b87518a4d [ 151.661541] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.662013] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.662621] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.663202] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.663756] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.664334] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.665013] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.665583] [ 151.665766] irq event stamp: 0 [ 151.666009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.666582] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.667290] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.667937] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.668516] ---[ end trace 0000000000000000 ]--- [ 151.672841] ------------[ cut here ]------------ [ 151.673252] WARNING: CPU: 1 PID: 1423 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.674109] Modules linked in: [ 151.674395] CPU: 1 PID: 1423 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.675108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.675984] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.676483] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.677986] RSP: 0018:ffff888020aefbb8 EFLAGS: 00010246 [ 151.678450] RAX: 0000000000000000 RBX: ffff8880178418a8 RCX: 0000000000000000 [ 151.679029] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 151.679591] RBP: ffff888020aefbd0 R08: ffffed1002f08333 R09: ffffed1002f08333 [ 151.680244] R10: ffff888017841993 R11: ffffed1002f08332 R12: ffff8880138a6800 [ 151.680796] R13: ffff8880178419e8 R14: ffffffff8352e670 R15: ffff888020aefe68 [ 151.681343] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.682070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.682553] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 151.683121] PKRU: 55555554 [ 151.683347] Call Trace: [ 151.683550] [ 151.683729] __iommufd_access_detach+0x1c2/0x2b0 [ 151.684219] iommufd_access_change_pt+0x149/0x270 [ 151.684607] iommufd_access_replace+0xb4/0x120 [ 151.684974] iommufd_test+0x3e5/0x37e0 [ 151.685282] ? lock_release+0x532/0x770 [ 151.685652] ? __might_fault+0x102/0x1b0 [ 151.686047] ? lock_acquire+0x427/0x4c0 [ 151.686384] ? __pfx_iommufd_test+0x10/0x10 [ 151.686772] ? __pfx_lock_release+0x10/0x10 [ 151.687150] ? __pfx_lock_acquire+0x10/0x10 [ 151.687518] ? write_comp_data+0x2f/0x90 [ 151.687926] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.688411] ? write_comp_data+0x2f/0x90 [ 151.688755] iommufd_fops_ioctl+0x37d/0x510 [ 151.689119] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.689522] ? write_comp_data+0x2f/0x90 [ 151.689933] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.690383] __x64_sys_ioctl+0x1a3/0x230 [ 151.690760] do_syscall_64+0x3b/0x90 [ 151.691079] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.691519] RIP: 0033:0x7f4b8743ee5d [ 151.691826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.693425] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.694126] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.694788] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.695393] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.695987] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.696691] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.697289] [ 151.697491] irq event stamp: 0 [ 151.697756] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.698386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.699105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.699804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.700388] ---[ end trace 0000000000000000 ]--- [ 151.703384] ------------[ cut here ]------------ [ 151.703808] WARNING: CPU: 1 PID: 1423 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.704766] Modules linked in: [ 151.705028] CPU: 1 PID: 1423 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.705743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.706845] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.707273] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.708884] RSP: 0018:ffff888020aefbd0 EFLAGS: 00010246 [ 151.709380] RAX: 0000000000000000 RBX: ffff8880178418a8 RCX: 0000000000000000 [ 151.709956] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 151.710682] RBP: ffff888020aefbe8 R08: ffffed1002f08333 R09: ffffed1002f08333 [ 151.711273] R10: ffff888017841993 R11: ffffed1002f08332 R12: ffff88800fcb2c00 [ 151.711860] R13: ffff8880178419e8 R14: ffff8880123ed600 R15: 0000000000000000 [ 151.712482] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.713204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.713676] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 151.714295] PKRU: 55555554 [ 151.714635] Call Trace: [ 151.714848] [ 151.715043] iommufd_access_destroy_object+0x65/0x170 [ 151.715480] iommufd_object_destroy_user+0x18e/0x220 [ 151.715904] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.716407] iommufd_access_destroy+0x43/0x70 [ 151.716880] iommufd_test_staccess_release+0x8d/0xd0 [ 151.717316] __fput+0x26d/0xa40 [ 151.717600] ____fput+0x1e/0x30 [ 151.717877] task_work_run+0x1a4/0x2d0 [ 151.718204] ? __pfx_task_work_run+0x10/0x10 [ 151.718713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.719141] ? switch_task_namespaces+0xa9/0xe0 [ 151.719532] do_exit+0xb17/0x2ef0 [ 151.719815] ? lock_acquire+0x427/0x4c0 [ 151.720153] ? __pfx_lock_release+0x10/0x10 [ 151.720541] ? __kasan_check_write+0x18/0x20 [ 151.720989] ? do_raw_spin_lock+0x132/0x2a0 [ 151.721354] ? __pfx_do_exit+0x10/0x10 [ 151.721685] ? debug_smp_processor_id+0x20/0x30 [ 151.722069] ? rcu_is_watching+0x19/0xb0 [ 151.722438] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.722908] ? trace_hardirqs_on+0x26/0x120 [ 151.723289] do_group_exit+0xe0/0x2b0 [ 151.723608] __x64_sys_exit_group+0x47/0x50 [ 151.723972] do_syscall_64+0x3b/0x90 [ 151.724285] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.724743] RIP: 0033:0x7f4b87518a4d [ 151.725131] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.725641] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.726260] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.726980] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.727586] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.728163] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.728747] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.729463] [ 151.729655] irq event stamp: 0 [ 151.729911] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.730421] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.731260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.731952] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.732476] ---[ end trace 0000000000000000 ]--- [ 151.733341] ------------[ cut here ]------------ [ 151.733798] WARNING: CPU: 1 PID: 1423 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.734713] Modules linked in: [ 151.734979] CPU: 1 PID: 1423 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.735840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.736757] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.737195] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.738843] RSP: 0018:ffff888020aefb78 EFLAGS: 00010246 [ 151.739311] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.740044] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 151.740651] RBP: ffff888020aefb98 R08: ffffed1002f0833e R09: ffffed1002f0833e [ 151.741311] R10: ffff8880178419ef R11: ffffed1002f0833d R12: ffff888017841a90 [ 151.742066] R13: ffff8880178418a8 R14: ffffffffffffffff R15: ffff888020aefc60 [ 151.742703] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.743404] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.743978] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 151.744629] PKRU: 55555554 [ 151.744868] Call Trace: [ 151.745085] [ 151.745279] iommufd_ioas_destroy+0x53/0x70 [ 151.745734] iommufd_fops_release+0x1f7/0x370 [ 151.746196] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.746646] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.747073] ? write_comp_data+0x2f/0x90 [ 151.747437] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.747890] __fput+0x26d/0xa40 [ 151.748293] ____fput+0x1e/0x30 [ 151.748585] task_work_run+0x1a4/0x2d0 [ 151.748931] ? __pfx_task_work_run+0x10/0x10 [ 151.749313] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.749745] ? switch_task_namespaces+0xa9/0xe0 [ 151.750152] do_exit+0xb17/0x2ef0 [ 151.750449] ? lock_acquire+0x427/0x4c0 [ 151.750830] ? __pfx_lock_release+0x10/0x10 [ 151.751233] ? __kasan_check_write+0x18/0x20 [ 151.751615] ? do_raw_spin_lock+0x132/0x2a0 [ 151.751992] ? __pfx_do_exit+0x10/0x10 [ 151.752330] ? debug_smp_processor_id+0x20/0x30 [ 151.752724] ? rcu_is_watching+0x19/0xb0 [ 151.753069] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.753466] ? trace_hardirqs_on+0x26/0x120 [ 151.753836] do_group_exit+0xe0/0x2b0 [ 151.754160] __x64_sys_exit_group+0x47/0x50 [ 151.754556] do_syscall_64+0x3b/0x90 [ 151.754883] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.755339] RIP: 0033:0x7f4b87518a4d [ 151.755663] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.756179] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.756837] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.757436] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.758042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.758660] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.759284] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.759896] [ 151.760104] irq event stamp: 0 [ 151.760369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.760900] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.761602] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.762301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.762868] ---[ end trace 0000000000000000 ]--- [ 151.767596] ------------[ cut here ]------------ [ 151.768022] WARNING: CPU: 1 PID: 1424 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.768873] Modules linked in: [ 151.769142] CPU: 1 PID: 1424 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.769874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.770849] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.771262] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.772738] RSP: 0018:ffff88801394fbb8 EFLAGS: 00010246 [ 151.773215] RAX: 0000000000000000 RBX: ffff88800b8110a8 RCX: 0000000000000000 [ 151.773789] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 151.774362] RBP: ffff88801394fbd0 R08: ffffed1001702233 R09: ffffed1001702233 [ 151.774960] R10: ffff88800b811193 R11: ffffed1001702232 R12: ffff888012e96c00 [ 151.775546] R13: ffff88800b8111e8 R14: ffffffff8352e670 R15: ffff88801394fe68 [ 151.776120] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.776769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.777238] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 151.777818] PKRU: 55555554 [ 151.778046] Call Trace: [ 151.778253] [ 151.778437] __iommufd_access_detach+0x1c2/0x2b0 [ 151.778859] iommufd_access_change_pt+0x149/0x270 [ 151.779275] iommufd_access_replace+0xb4/0x120 [ 151.779658] iommufd_test+0x3e5/0x37e0 [ 151.779978] ? lock_release+0x532/0x770 [ 151.780315] ? __might_fault+0x102/0x1b0 [ 151.780664] ? lock_acquire+0x427/0x4c0 [ 151.781000] ? __pfx_iommufd_test+0x10/0x10 [ 151.781350] ? __pfx_lock_release+0x10/0x10 [ 151.781707] ? __pfx_lock_acquire+0x10/0x10 [ 151.782072] ? write_comp_data+0x2f/0x90 [ 151.782409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.782824] ? write_comp_data+0x2f/0x90 [ 151.783175] iommufd_fops_ioctl+0x37d/0x510 [ 151.783527] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.783926] ? write_comp_data+0x2f/0x90 [ 151.784263] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.784661] __x64_sys_ioctl+0x1a3/0x230 [ 151.785011] do_syscall_64+0x3b/0x90 [ 151.785327] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.785764] RIP: 0033:0x7f4b8743ee5d [ 151.786066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.787575] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.788201] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.788781] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.789357] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.789942] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.790548] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.791141] [ 151.791327] irq event stamp: 0 [ 151.791576] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.792078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.792733] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.793389] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.793879] ---[ end trace 0000000000000000 ]--- [ 151.796680] ------------[ cut here ]------------ [ 151.797086] WARNING: CPU: 1 PID: 1424 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.797883] Modules linked in: [ 151.798143] CPU: 1 PID: 1424 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.798868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.799827] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.800219] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.801637] RSP: 0018:ffff88801394fbd0 EFLAGS: 00010246 [ 151.802046] RAX: 0000000000000000 RBX: ffff88800b8110a8 RCX: 0000000000000000 [ 151.802615] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 151.803231] RBP: ffff88801394fbe8 R08: ffffed1001702233 R09: ffffed1001702233 [ 151.803789] R10: ffff88800b811193 R11: ffffed1001702232 R12: ffff888010e00c00 [ 151.804342] R13: ffff88800b8111e8 R14: ffff88800fa5ed00 R15: 0000000000000000 [ 151.804896] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.805569] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.806024] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 151.806602] PKRU: 55555554 [ 151.806882] Call Trace: [ 151.807110] [ 151.807297] iommufd_access_destroy_object+0x65/0x170 [ 151.807701] iommufd_object_destroy_user+0x18e/0x220 [ 151.808106] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.808561] iommufd_access_destroy+0x43/0x70 [ 151.808917] iommufd_test_staccess_release+0x8d/0xd0 [ 151.809327] __fput+0x26d/0xa40 [ 151.809597] ____fput+0x1e/0x30 [ 151.809863] task_work_run+0x1a4/0x2d0 [ 151.810174] ? __pfx_task_work_run+0x10/0x10 [ 151.810551] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.811042] ? switch_task_namespaces+0xa9/0xe0 [ 151.811435] do_exit+0xb17/0x2ef0 [ 151.811711] ? lock_acquire+0x427/0x4c0 [ 151.812032] ? __pfx_lock_release+0x10/0x10 [ 151.812380] ? __kasan_check_write+0x18/0x20 [ 151.812729] ? do_raw_spin_lock+0x132/0x2a0 [ 151.813068] ? __pfx_do_exit+0x10/0x10 [ 151.813377] ? debug_smp_processor_id+0x20/0x30 [ 151.813748] ? rcu_is_watching+0x19/0xb0 [ 151.814064] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.814419] ? trace_hardirqs_on+0x26/0x120 [ 151.814793] do_group_exit+0xe0/0x2b0 [ 151.815190] __x64_sys_exit_group+0x47/0x50 [ 151.815567] do_syscall_64+0x3b/0x90 [ 151.815875] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.816283] RIP: 0033:0x7f4b87518a4d [ 151.816571] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.817052] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.817636] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.818188] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.818765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.819410] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.819962] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.820527] [ 151.820711] irq event stamp: 0 [ 151.820956] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.821449] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.822095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.822780] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.823371] ---[ end trace 0000000000000000 ]--- [ 151.824064] ------------[ cut here ]------------ [ 151.824433] WARNING: CPU: 1 PID: 1424 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.825226] Modules linked in: [ 151.825476] CPU: 1 PID: 1424 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.826153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.827044] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.827468] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.828865] RSP: 0018:ffff88801394fb78 EFLAGS: 00010246 [ 151.829271] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.829815] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 151.830364] RBP: ffff88801394fb98 R08: ffffed100170223e R09: ffffed100170223e [ 151.830929] R10: ffff88800b8111ef R11: ffffed100170223d R12: ffff88800b811290 [ 151.831486] R13: ffff88800b8110a8 R14: ffffffffffffffff R15: ffff88801394fc60 [ 151.832035] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.832650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.833090] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 151.833634] PKRU: 55555554 [ 151.833850] Call Trace: [ 151.834047] [ 151.834220] iommufd_ioas_destroy+0x53/0x70 [ 151.834573] iommufd_fops_release+0x1f7/0x370 [ 151.834926] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.835320] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.835705] ? write_comp_data+0x2f/0x90 [ 151.836029] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.836417] __fput+0x26d/0xa40 [ 151.836684] ____fput+0x1e/0x30 [ 151.836995] task_work_run+0x1a4/0x2d0 [ 151.837311] ? __pfx_task_work_run+0x10/0x10 [ 151.837660] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.838041] ? switch_task_namespaces+0xa9/0xe0 [ 151.838413] do_exit+0xb17/0x2ef0 [ 151.838699] ? lock_acquire+0x427/0x4c0 [ 151.839018] ? __pfx_lock_release+0x10/0x10 [ 151.839372] ? __kasan_check_write+0x18/0x20 [ 151.839720] ? do_raw_spin_lock+0x132/0x2a0 [ 151.840056] ? __pfx_do_exit+0x10/0x10 [ 151.840367] ? debug_smp_processor_id+0x20/0x30 [ 151.840734] ? rcu_is_watching+0x19/0xb0 [ 151.841050] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.841405] ? trace_hardirqs_on+0x26/0x120 [ 151.841749] do_group_exit+0xe0/0x2b0 [ 151.842048] __x64_sys_exit_group+0x47/0x50 [ 151.842383] do_syscall_64+0x3b/0x90 [ 151.842700] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.843109] RIP: 0033:0x7f4b87518a4d [ 151.843412] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.843883] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.844464] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.845010] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.845553] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.846098] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.846669] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.847236] [ 151.847420] irq event stamp: 0 [ 151.847664] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.848149] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.848795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.849436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.849918] ---[ end trace 0000000000000000 ]--- [ 151.854445] ------------[ cut here ]------------ [ 151.854883] WARNING: CPU: 1 PID: 1425 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.855673] Modules linked in: [ 151.855921] CPU: 1 PID: 1425 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.856592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.857451] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.857839] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.859446] RSP: 0018:ffff888020aefbb8 EFLAGS: 00010246 [ 151.859862] RAX: 0000000000000000 RBX: ffff8880165368a8 RCX: 0000000000000000 [ 151.860408] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 151.860954] RBP: ffff888020aefbd0 R08: ffffed1002ca6d33 R09: ffffed1002ca6d33 [ 151.861504] R10: ffff888016536993 R11: ffffed1002ca6d32 R12: ffff8880129ca800 [ 151.862048] R13: ffff8880165369e8 R14: ffffffff8352e670 R15: ffff888020aefe68 [ 151.862615] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.863241] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.863694] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 151.864244] PKRU: 55555554 [ 151.864466] Call Trace: [ 151.864666] [ 151.864842] __iommufd_access_detach+0x1c2/0x2b0 [ 151.865223] iommufd_access_change_pt+0x149/0x270 [ 151.865606] iommufd_access_replace+0xb4/0x120 [ 151.865972] iommufd_test+0x3e5/0x37e0 [ 151.866276] ? lock_release+0x532/0x770 [ 151.866614] ? __might_fault+0x102/0x1b0 [ 151.866938] ? lock_acquire+0x427/0x4c0 [ 151.867266] ? __pfx_iommufd_test+0x10/0x10 [ 151.867602] ? __pfx_lock_release+0x10/0x10 [ 151.867944] ? __pfx_lock_acquire+0x10/0x10 [ 151.868288] ? write_comp_data+0x2f/0x90 [ 151.868614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.869045] ? write_comp_data+0x2f/0x90 [ 151.869371] iommufd_fops_ioctl+0x37d/0x510 [ 151.869714] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.870099] ? write_comp_data+0x2f/0x90 [ 151.870424] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.870821] __x64_sys_ioctl+0x1a3/0x230 [ 151.871155] do_syscall_64+0x3b/0x90 [ 151.871454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.871865] RIP: 0033:0x7f4b8743ee5d [ 151.872155] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.873550] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.874142] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.874703] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.875261] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.875807] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.876352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.876906] [ 151.877088] irq event stamp: 0 [ 151.877335] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.877821] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.878472] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.879142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.879630] ---[ end trace 0000000000000000 ]--- [ 151.882314] ------------[ cut here ]------------ [ 151.882730] WARNING: CPU: 1 PID: 1425 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.883524] Modules linked in: [ 151.883772] CPU: 1 PID: 1425 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.884441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.885302] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.885686] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.887094] RSP: 0018:ffff888020aefbd0 EFLAGS: 00010246 [ 151.887527] RAX: 0000000000000000 RBX: ffff8880165368a8 RCX: 0000000000000000 [ 151.888079] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 151.888627] RBP: ffff888020aefbe8 R08: ffffed1002ca6d33 R09: ffffed1002ca6d33 [ 151.889174] R10: ffff888016536993 R11: ffffed1002ca6d32 R12: ffff888012e95400 [ 151.889722] R13: ffff8880165369e8 R14: ffff8880104c0f00 R15: 0000000000000000 [ 151.890272] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.890909] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.891372] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 151.891925] PKRU: 55555554 [ 151.892145] Call Trace: [ 151.892346] [ 151.892521] iommufd_access_destroy_object+0x65/0x170 [ 151.892928] iommufd_object_destroy_user+0x18e/0x220 [ 151.893325] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.893779] iommufd_access_destroy+0x43/0x70 [ 151.894137] iommufd_test_staccess_release+0x8d/0xd0 [ 151.894563] __fput+0x26d/0xa40 [ 151.894841] ____fput+0x1e/0x30 [ 151.895107] task_work_run+0x1a4/0x2d0 [ 151.895428] ? __pfx_task_work_run+0x10/0x10 [ 151.895775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.896158] ? switch_task_namespaces+0xa9/0xe0 [ 151.896533] do_exit+0xb17/0x2ef0 [ 151.896809] ? lock_acquire+0x427/0x4c0 [ 151.897127] ? __pfx_lock_release+0x10/0x10 [ 151.897465] ? __kasan_check_write+0x18/0x20 [ 151.897815] ? do_raw_spin_lock+0x132/0x2a0 [ 151.898157] ? __pfx_do_exit+0x10/0x10 [ 151.898474] ? debug_smp_processor_id+0x20/0x30 [ 151.898868] ? rcu_is_watching+0x19/0xb0 [ 151.899198] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.899562] ? trace_hardirqs_on+0x26/0x120 [ 151.899911] do_group_exit+0xe0/0x2b0 [ 151.900218] __x64_sys_exit_group+0x47/0x50 [ 151.900556] do_syscall_64+0x3b/0x90 [ 151.900860] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.901323] RIP: 0033:0x7f4b87518a4d [ 151.901618] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.902100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.902720] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.903284] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.903842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.904397] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.904950] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.905510] [ 151.905695] irq event stamp: 0 [ 151.905943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.906432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.907161] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.907818] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.908310] ---[ end trace 0000000000000000 ]--- [ 151.908998] ------------[ cut here ]------------ [ 151.909367] WARNING: CPU: 1 PID: 1425 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 151.910185] Modules linked in: [ 151.910446] CPU: 1 PID: 1425 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.911174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.912089] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 151.912509] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 151.913967] RSP: 0018:ffff888020aefb78 EFLAGS: 00010246 [ 151.914397] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 151.914989] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 151.915570] RBP: ffff888020aefb98 R08: ffffed1002ca6d3e R09: ffffed1002ca6d3e [ 151.916142] R10: ffff8880165369ef R11: ffffed1002ca6d3d R12: ffff888016536a90 [ 151.916712] R13: ffff8880165368a8 R14: ffffffffffffffff R15: ffff888020aefc60 [ 151.917280] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.917927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.918389] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 151.918974] PKRU: 55555554 [ 151.919222] Call Trace: [ 151.919433] [ 151.919623] iommufd_ioas_destroy+0x53/0x70 [ 151.919983] iommufd_fops_release+0x1f7/0x370 [ 151.920359] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.921013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.921477] ? write_comp_data+0x2f/0x90 [ 151.921815] ? __pfx_iommufd_fops_release+0x10/0x10 [ 151.922229] __fput+0x26d/0xa40 [ 151.922539] ____fput+0x1e/0x30 [ 151.922820] task_work_run+0x1a4/0x2d0 [ 151.923297] ? __pfx_task_work_run+0x10/0x10 [ 151.923669] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.924076] ? switch_task_namespaces+0xa9/0xe0 [ 151.924471] do_exit+0xb17/0x2ef0 [ 151.924762] ? lock_acquire+0x427/0x4c0 [ 151.925218] ? __pfx_lock_release+0x10/0x10 [ 151.925580] ? __kasan_check_write+0x18/0x20 [ 151.925948] ? do_raw_spin_lock+0x132/0x2a0 [ 151.926305] ? __pfx_do_exit+0x10/0x10 [ 151.926656] ? debug_smp_processor_id+0x20/0x30 [ 151.927046] ? rcu_is_watching+0x19/0xb0 [ 151.927388] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.927906] ? trace_hardirqs_on+0x26/0x120 [ 151.928273] do_group_exit+0xe0/0x2b0 [ 151.928591] __x64_sys_exit_group+0x47/0x50 [ 151.928948] do_syscall_64+0x3b/0x90 [ 151.929265] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.929769] RIP: 0033:0x7f4b87518a4d [ 151.930144] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.930675] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 151.931307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 151.931914] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 151.932598] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 151.933229] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 151.933818] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 151.934559] [ 151.934757] irq event stamp: 0 [ 151.935012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.935538] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.936251] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.937004] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.937518] ---[ end trace 0000000000000000 ]--- [ 151.941653] ------------[ cut here ]------------ [ 151.942084] WARNING: CPU: 1 PID: 1426 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.943090] Modules linked in: [ 151.943364] CPU: 1 PID: 1426 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.944070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.945112] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.945519] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.947132] RSP: 0018:ffff888013fbfbb8 EFLAGS: 00010246 [ 151.947568] RAX: 0000000000000000 RBX: ffff8880105050a8 RCX: 0000000000000000 [ 151.948141] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 151.948860] RBP: ffff888013fbfbd0 R08: ffffed10020a0a33 R09: ffffed10020a0a33 [ 151.949442] R10: ffff888010505193 R11: ffffed10020a0a32 R12: ffff888013a03c00 [ 151.950016] R13: ffff8880105051e8 R14: ffffffff8352e670 R15: ffff888013fbfe68 [ 151.950729] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.951407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.951880] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 151.952519] PKRU: 55555554 [ 151.952809] Call Trace: [ 151.953018] [ 151.953202] __iommufd_access_detach+0x1c2/0x2b0 [ 151.953618] iommufd_access_change_pt+0x149/0x270 [ 151.954021] iommufd_access_replace+0xb4/0x120 [ 151.954478] iommufd_test+0x3e5/0x37e0 [ 151.954902] ? lock_release+0x532/0x770 [ 151.955259] ? __might_fault+0x102/0x1b0 [ 151.955614] ? lock_acquire+0x427/0x4c0 [ 151.955962] ? __pfx_iommufd_test+0x10/0x10 [ 151.956330] ? __pfx_lock_release+0x10/0x10 [ 151.956852] ? __pfx_lock_acquire+0x10/0x10 [ 151.957246] ? write_comp_data+0x2f/0x90 [ 151.957605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.958026] ? write_comp_data+0x2f/0x90 [ 151.958428] iommufd_fops_ioctl+0x37d/0x510 [ 151.958901] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.959337] ? write_comp_data+0x2f/0x90 [ 151.959707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 151.960120] __x64_sys_ioctl+0x1a3/0x230 [ 151.960563] do_syscall_64+0x3b/0x90 [ 151.960970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.961418] RIP: 0033:0x7f4b8743ee5d [ 151.961740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 151.963472] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 151.964132] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 151.964895] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 151.965550] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 151.966170] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 151.967002] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 151.967634] [ 151.967864] irq event stamp: 0 [ 151.968137] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 151.968736] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 151.969549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 151.970260] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 151.970988] ---[ end trace 0000000000000000 ]--- [ 151.975558] ------------[ cut here ]------------ [ 151.976015] WARNING: CPU: 1 PID: 1426 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 151.977057] Modules linked in: [ 151.977337] CPU: 1 PID: 1426 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 151.978082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 151.979124] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 151.979699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 151.981356] RSP: 0018:ffff888013fbfbd0 EFLAGS: 00010246 [ 151.981901] RAX: 0000000000000000 RBX: ffff8880105050a8 RCX: 0000000000000000 [ 151.982531] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 151.983175] RBP: ffff888013fbfbe8 R08: ffffed10020a0a33 R09: ffffed10020a0a33 [ 151.983981] R10: ffff888010505193 R11: ffffed10020a0a32 R12: ffff8880129cbc00 [ 151.984594] R13: ffff8880105051e8 R14: ffff888020f60600 R15: 0000000000000000 [ 151.985212] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 151.986097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.986615] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 151.987233] PKRU: 55555554 [ 151.987507] Call Trace: [ 151.987869] [ 151.988071] iommufd_access_destroy_object+0x65/0x170 [ 151.988527] iommufd_object_destroy_user+0x18e/0x220 [ 151.988975] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 151.989481] iommufd_access_destroy+0x43/0x70 [ 151.990066] iommufd_test_staccess_release+0x8d/0xd0 [ 151.990536] __fput+0x26d/0xa40 [ 151.990842] ____fput+0x1e/0x30 [ 151.991146] task_work_run+0x1a4/0x2d0 [ 151.991497] ? __pfx_task_work_run+0x10/0x10 [ 151.991954] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 151.992491] ? switch_task_namespaces+0xa9/0xe0 [ 151.992909] do_exit+0xb17/0x2ef0 [ 151.993215] ? lock_acquire+0x427/0x4c0 [ 151.993568] ? __pfx_lock_release+0x10/0x10 [ 151.994031] ? __kasan_check_write+0x18/0x20 [ 151.994555] ? do_raw_spin_lock+0x132/0x2a0 [ 151.994943] ? __pfx_do_exit+0x10/0x10 [ 151.995301] ? debug_smp_processor_id+0x20/0x30 [ 151.995716] ? rcu_is_watching+0x19/0xb0 [ 151.996142] ? _raw_spin_unlock_irq+0x2b/0x60 [ 151.996641] ? trace_hardirqs_on+0x26/0x120 [ 151.997075] do_group_exit+0xe0/0x2b0 [ 151.997417] __x64_sys_exit_group+0x47/0x50 [ 151.997795] do_syscall_64+0x3b/0x90 [ 151.998151] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 151.998835] RIP: 0033:0x7f4b87518a4d [ 151.999204] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 151.999761] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.000548] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.001310] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.001960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.002674] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.003452] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.004109] [ 152.004325] irq event stamp: 0 [ 152.004642] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.005395] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.006154] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.006930] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.007520] ---[ end trace 0000000000000000 ]--- [ 152.008553] ------------[ cut here ]------------ [ 152.009102] WARNING: CPU: 1 PID: 1426 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.010145] Modules linked in: [ 152.010443] CPU: 1 PID: 1426 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.011372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.012634] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.013102] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.014993] RSP: 0018:ffff888013fbfb78 EFLAGS: 00010246 [ 152.015504] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.016145] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 152.016987] RBP: ffff888013fbfb98 R08: ffffed10020a0a3e R09: ffffed10020a0a3e [ 152.017631] R10: ffff8880105051ef R11: ffffed10020a0a3d R12: ffff888010505290 [ 152.018274] R13: ffff8880105050a8 R14: ffffffffffffffff R15: ffff888013fbfc60 [ 152.019110] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.019854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.020379] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 152.021033] PKRU: 55555554 [ 152.021375] Call Trace: [ 152.021696] [ 152.021903] iommufd_ioas_destroy+0x53/0x70 [ 152.022304] iommufd_fops_release+0x1f7/0x370 [ 152.022744] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.023218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.023681] ? write_comp_data+0x2f/0x90 [ 152.024241] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.024700] __fput+0x26d/0xa40 [ 152.025016] ____fput+0x1e/0x30 [ 152.025325] task_work_run+0x1a4/0x2d0 [ 152.025691] ? __pfx_task_work_run+0x10/0x10 [ 152.026275] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.026783] ? switch_task_namespaces+0xa9/0xe0 [ 152.027253] do_exit+0xb17/0x2ef0 [ 152.027589] ? lock_acquire+0x427/0x4c0 [ 152.027977] ? __pfx_lock_release+0x10/0x10 [ 152.028396] ? __kasan_check_write+0x18/0x20 [ 152.029037] ? do_raw_spin_lock+0x132/0x2a0 [ 152.029456] ? __pfx_do_exit+0x10/0x10 [ 152.029836] ? debug_smp_processor_id+0x20/0x30 [ 152.030281] ? rcu_is_watching+0x19/0xb0 [ 152.030690] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.031291] ? trace_hardirqs_on+0x26/0x120 [ 152.031709] do_group_exit+0xe0/0x2b0 [ 152.032073] __x64_sys_exit_group+0x47/0x50 [ 152.032489] do_syscall_64+0x3b/0x90 [ 152.032852] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.033372] RIP: 0033:0x7f4b87518a4d [ 152.033868] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.034443] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.035213] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.035884] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.036722] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.037388] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.038058] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.038940] [ 152.039176] irq event stamp: 0 [ 152.039476] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.040065] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.040944] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.041804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.042397] ---[ end trace 0000000000000000 ]--- [ 152.046729] ------------[ cut here ]------------ [ 152.047248] WARNING: CPU: 1 PID: 1427 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.048169] Modules linked in: [ 152.048468] CPU: 1 PID: 1427 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.049271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.050307] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.050796] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.052471] RSP: 0018:ffff8880185a7bb8 EFLAGS: 00010246 [ 152.052955] RAX: 0000000000000000 RBX: ffff8880149688a8 RCX: 0000000000000000 [ 152.053605] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 152.054273] RBP: ffff8880185a7bd0 R08: ffffed100292d133 R09: ffffed100292d133 [ 152.054953] R10: ffff888014968993 R11: ffffed100292d132 R12: ffff888017b2a800 [ 152.055615] R13: ffff8880149689e8 R14: ffffffff8352e670 R15: ffff8880185a7e68 [ 152.056261] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.056996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.057542] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 152.058209] PKRU: 55555554 [ 152.058470] Call Trace: [ 152.058727] [ 152.058943] __iommufd_access_detach+0x1c2/0x2b0 [ 152.059413] iommufd_access_change_pt+0x149/0x270 [ 152.059875] iommufd_access_replace+0xb4/0x120 [ 152.060316] iommufd_test+0x3e5/0x37e0 [ 152.060683] ? lock_release+0x532/0x770 [ 152.061102] ? __might_fault+0x102/0x1b0 [ 152.061474] ? lock_acquire+0x427/0x4c0 [ 152.061845] ? __pfx_iommufd_test+0x10/0x10 [ 152.062238] ? __pfx_lock_release+0x10/0x10 [ 152.062659] ? __pfx_lock_acquire+0x10/0x10 [ 152.063059] ? write_comp_data+0x2f/0x90 [ 152.063446] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.063889] ? write_comp_data+0x2f/0x90 [ 152.064265] iommufd_fops_ioctl+0x37d/0x510 [ 152.064662] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.065105] ? write_comp_data+0x2f/0x90 [ 152.065478] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.065915] __x64_sys_ioctl+0x1a3/0x230 [ 152.066291] do_syscall_64+0x3b/0x90 [ 152.066661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.067152] RIP: 0033:0x7f4b8743ee5d [ 152.067488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.069099] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.069750] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.070358] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.070985] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.071606] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.072210] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.072824] [ 152.073024] irq event stamp: 0 [ 152.073293] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.073829] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.074560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.075279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.075818] ---[ end trace 0000000000000000 ]--- [ 152.078736] ------------[ cut here ]------------ [ 152.079205] WARNING: CPU: 1 PID: 1427 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.080068] Modules linked in: [ 152.080346] CPU: 1 PID: 1427 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.081085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.082039] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.082472] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.084085] RSP: 0018:ffff8880185a7bd0 EFLAGS: 00010246 [ 152.084545] RAX: 0000000000000000 RBX: ffff8880149688a8 RCX: 0000000000000000 [ 152.085146] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 152.085749] RBP: ffff8880185a7be8 R08: ffffed100292d133 R09: ffffed100292d133 [ 152.086348] R10: ffff888014968993 R11: ffffed100292d132 R12: ffff888013a01400 [ 152.086971] R13: ffff8880149689e8 R14: ffff888020a9e000 R15: 0000000000000000 [ 152.087589] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.088272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.088768] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.089377] PKRU: 55555554 [ 152.089626] Call Trace: [ 152.089845] [ 152.090042] iommufd_access_destroy_object+0x65/0x170 [ 152.090488] iommufd_object_destroy_user+0x18e/0x220 [ 152.090956] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.091472] iommufd_access_destroy+0x43/0x70 [ 152.091866] iommufd_test_staccess_release+0x8d/0xd0 [ 152.092313] __fput+0x26d/0xa40 [ 152.092625] ____fput+0x1e/0x30 [ 152.092926] task_work_run+0x1a4/0x2d0 [ 152.093316] ? __pfx_task_work_run+0x10/0x10 [ 152.093704] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.094128] ? switch_task_namespaces+0xa9/0xe0 [ 152.094558] do_exit+0xb17/0x2ef0 [ 152.094864] ? lock_acquire+0x427/0x4c0 [ 152.095221] ? __pfx_lock_release+0x10/0x10 [ 152.095599] ? __kasan_check_write+0x18/0x20 [ 152.095978] ? do_raw_spin_lock+0x132/0x2a0 [ 152.096348] ? __pfx_do_exit+0x10/0x10 [ 152.096681] ? debug_smp_processor_id+0x20/0x30 [ 152.097074] ? rcu_is_watching+0x19/0xb0 [ 152.097416] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.097799] ? trace_hardirqs_on+0x26/0x120 [ 152.098167] do_group_exit+0xe0/0x2b0 [ 152.098484] __x64_sys_exit_group+0x47/0x50 [ 152.098848] do_syscall_64+0x3b/0x90 [ 152.099166] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.099592] RIP: 0033:0x7f4b87518a4d [ 152.099891] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.100386] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.100993] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.101565] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.102145] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.102727] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.103307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.103886] [ 152.104076] irq event stamp: 0 [ 152.104333] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.104840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.105516] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.106189] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.106710] ---[ end trace 0000000000000000 ]--- [ 152.107424] ------------[ cut here ]------------ [ 152.107805] WARNING: CPU: 1 PID: 1427 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.108626] Modules linked in: [ 152.108893] CPU: 1 PID: 1427 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.109601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.110544] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.110968] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.112452] RSP: 0018:ffff8880185a7b78 EFLAGS: 00010246 [ 152.112880] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.113451] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 152.114021] RBP: ffff8880185a7b98 R08: ffffed100292d13e R09: ffffed100292d13e [ 152.114610] R10: ffff8880149689ef R11: ffffed100292d13d R12: ffff888014968a90 [ 152.115198] R13: ffff8880149688a8 R14: ffffffffffffffff R15: ffff8880185a7c60 [ 152.115769] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.116410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.116875] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.117451] PKRU: 55555554 [ 152.117677] Call Trace: [ 152.117886] [ 152.118075] iommufd_ioas_destroy+0x53/0x70 [ 152.118436] iommufd_fops_release+0x1f7/0x370 [ 152.118825] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.119247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.119648] ? write_comp_data+0x2f/0x90 [ 152.119987] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.120392] __fput+0x26d/0xa40 [ 152.120674] ____fput+0x1e/0x30 [ 152.120951] task_work_run+0x1a4/0x2d0 [ 152.121275] ? __pfx_task_work_run+0x10/0x10 [ 152.121633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.122030] ? switch_task_namespaces+0xa9/0xe0 [ 152.122413] do_exit+0xb17/0x2ef0 [ 152.122710] ? lock_acquire+0x427/0x4c0 [ 152.123044] ? __pfx_lock_release+0x10/0x10 [ 152.123406] ? __kasan_check_write+0x18/0x20 [ 152.123766] ? do_raw_spin_lock+0x132/0x2a0 [ 152.124116] ? __pfx_do_exit+0x10/0x10 [ 152.124440] ? debug_smp_processor_id+0x20/0x30 [ 152.124820] ? rcu_is_watching+0x19/0xb0 [ 152.125186] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.125556] ? trace_hardirqs_on+0x26/0x120 [ 152.125908] do_group_exit+0xe0/0x2b0 [ 152.126223] __x64_sys_exit_group+0x47/0x50 [ 152.126590] do_syscall_64+0x3b/0x90 [ 152.126900] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.127337] RIP: 0033:0x7f4b87518a4d [ 152.127636] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.128129] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.128738] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.129311] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.129880] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.130451] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.131145] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.131855] [ 152.132044] irq event stamp: 0 [ 152.132297] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.132802] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.133473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.134141] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.134667] ---[ end trace 0000000000000000 ]--- [ 152.138744] ------------[ cut here ]------------ [ 152.139160] WARNING: CPU: 1 PID: 1428 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.139959] Modules linked in: [ 152.140211] CPU: 1 PID: 1428 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.140891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.141763] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.142153] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.143738] RSP: 0018:ffff888016067bb8 EFLAGS: 00010246 [ 152.144162] RAX: 0000000000000000 RBX: ffff888016ec40a8 RCX: 0000000000000000 [ 152.144718] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 152.145276] RBP: ffff888016067bd0 R08: ffffed1002dd8833 R09: ffffed1002dd8833 [ 152.145836] R10: ffff888016ec4193 R11: ffffed1002dd8832 R12: ffff88800fcb1400 [ 152.146397] R13: ffff888016ec41e8 R14: ffffffff8352e670 R15: ffff888016067e68 [ 152.147002] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.147675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.148145] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 152.148705] PKRU: 55555554 [ 152.148930] Call Trace: [ 152.149134] [ 152.149315] __iommufd_access_detach+0x1c2/0x2b0 [ 152.149704] iommufd_access_change_pt+0x149/0x270 [ 152.150096] iommufd_access_replace+0xb4/0x120 [ 152.150477] iommufd_test+0x3e5/0x37e0 [ 152.150808] ? lock_release+0x532/0x770 [ 152.151152] ? __might_fault+0x102/0x1b0 [ 152.151485] ? lock_acquire+0x427/0x4c0 [ 152.151808] ? __pfx_iommufd_test+0x10/0x10 [ 152.152148] ? __pfx_lock_release+0x10/0x10 [ 152.152501] ? __pfx_lock_acquire+0x10/0x10 [ 152.152851] ? write_comp_data+0x2f/0x90 [ 152.153180] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.153577] ? write_comp_data+0x2f/0x90 [ 152.153906] iommufd_fops_ioctl+0x37d/0x510 [ 152.154257] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.154665] ? write_comp_data+0x2f/0x90 [ 152.155010] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.155404] __x64_sys_ioctl+0x1a3/0x230 [ 152.155748] do_syscall_64+0x3b/0x90 [ 152.156054] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.156471] RIP: 0033:0x7f4b8743ee5d [ 152.156771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.158263] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.158891] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.159465] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.160022] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.160579] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.161148] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.161716] [ 152.161916] irq event stamp: 0 [ 152.162170] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.162695] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.163374] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.164031] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.164527] ---[ end trace 0000000000000000 ]--- [ 152.167339] ------------[ cut here ]------------ [ 152.167742] WARNING: CPU: 1 PID: 1428 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.168547] Modules linked in: [ 152.168800] CPU: 1 PID: 1428 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.169483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.170379] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.170796] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.172291] RSP: 0018:ffff888016067bd0 EFLAGS: 00010246 [ 152.172728] RAX: 0000000000000000 RBX: ffff888016ec40a8 RCX: 0000000000000000 [ 152.173306] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 152.173891] RBP: ffff888016067be8 R08: ffffed1002dd8833 R09: ffffed1002dd8833 [ 152.174471] R10: ffff888016ec4193 R11: ffffed1002dd8832 R12: ffff888017b2bc00 [ 152.175081] R13: ffff888016ec41e8 R14: ffff888016e16600 R15: 0000000000000000 [ 152.175691] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.176339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.176817] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.177394] PKRU: 55555554 [ 152.177626] Call Trace: [ 152.177842] [ 152.178026] iommufd_access_destroy_object+0x65/0x170 [ 152.178457] iommufd_object_destroy_user+0x18e/0x220 [ 152.178897] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.179401] iommufd_access_destroy+0x43/0x70 [ 152.179785] iommufd_test_staccess_release+0x8d/0xd0 [ 152.180220] __fput+0x26d/0xa40 [ 152.180511] ____fput+0x1e/0x30 [ 152.180925] task_work_run+0x1a4/0x2d0 [ 152.181270] ? __pfx_task_work_run+0x10/0x10 [ 152.181643] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.182067] ? switch_task_namespaces+0xa9/0xe0 [ 152.182478] do_exit+0xb17/0x2ef0 [ 152.182871] ? lock_acquire+0x427/0x4c0 [ 152.183298] ? __pfx_lock_release+0x10/0x10 [ 152.183662] ? __kasan_check_write+0x18/0x20 [ 152.184036] ? do_raw_spin_lock+0x132/0x2a0 [ 152.184407] ? __pfx_do_exit+0x10/0x10 [ 152.184785] ? debug_smp_processor_id+0x20/0x30 [ 152.185249] ? rcu_is_watching+0x19/0xb0 [ 152.185588] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.185964] ? trace_hardirqs_on+0x26/0x120 [ 152.186335] do_group_exit+0xe0/0x2b0 [ 152.186681] __x64_sys_exit_group+0x47/0x50 [ 152.187046] do_syscall_64+0x3b/0x90 [ 152.187453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.187946] RIP: 0033:0x7f4b87518a4d [ 152.188262] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.188769] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.189472] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.190201] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.190851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.191482] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.192194] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.192866] [ 152.193071] irq event stamp: 0 [ 152.193344] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.193919] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.194788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.195514] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.196067] ---[ end trace 0000000000000000 ]--- [ 152.196911] ------------[ cut here ]------------ [ 152.197324] WARNING: CPU: 1 PID: 1428 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.198213] Modules linked in: [ 152.198621] CPU: 1 PID: 1428 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.199444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.200429] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.200969] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.202655] RSP: 0018:ffff888016067b78 EFLAGS: 00010246 [ 152.203158] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.203926] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 152.204553] RBP: ffff888016067b98 R08: ffffed1002dd883e R09: ffffed1002dd883e [ 152.205176] R10: ffff888016ec41ef R11: ffffed1002dd883d R12: ffff888016ec4290 [ 152.205972] R13: ffff888016ec40a8 R14: ffffffffffffffff R15: ffff888016067c60 [ 152.206633] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.207349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.207983] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.208724] PKRU: 55555554 [ 152.208999] Call Trace: [ 152.209234] [ 152.209445] iommufd_ioas_destroy+0x53/0x70 [ 152.209858] iommufd_fops_release+0x1f7/0x370 [ 152.210452] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.210962] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.211435] ? write_comp_data+0x2f/0x90 [ 152.211819] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.212289] __fput+0x26d/0xa40 [ 152.212654] ____fput+0x1e/0x30 [ 152.213081] task_work_run+0x1a4/0x2d0 [ 152.213449] ? __pfx_task_work_run+0x10/0x10 [ 152.213859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.214324] ? switch_task_namespaces+0xa9/0xe0 [ 152.214867] do_exit+0xb17/0x2ef0 [ 152.215294] ? lock_acquire+0x427/0x4c0 [ 152.215677] ? __pfx_lock_release+0x10/0x10 [ 152.216098] ? __kasan_check_write+0x18/0x20 [ 152.216512] ? do_raw_spin_lock+0x132/0x2a0 [ 152.216924] ? __pfx_do_exit+0x10/0x10 [ 152.217307] ? debug_smp_processor_id+0x20/0x30 [ 152.217927] ? rcu_is_watching+0x19/0xb0 [ 152.218324] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.218777] ? trace_hardirqs_on+0x26/0x120 [ 152.219200] do_group_exit+0xe0/0x2b0 [ 152.219569] __x64_sys_exit_group+0x47/0x50 [ 152.220019] do_syscall_64+0x3b/0x90 [ 152.220496] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.221046] RIP: 0033:0x7f4b87518a4d [ 152.221407] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.221997] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.222924] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.223631] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.224295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.225061] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.225822] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.226554] [ 152.226784] irq event stamp: 0 [ 152.227098] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.227903] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.228706] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.229526] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.230390] ---[ end trace 0000000000000000 ]--- [ 152.236487] ------------[ cut here ]------------ [ 152.237034] WARNING: CPU: 1 PID: 1429 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.238254] Modules linked in: [ 152.238665] CPU: 1 PID: 1429 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.239584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.240973] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.241487] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.243664] RSP: 0018:ffff8880209bfbb8 EFLAGS: 00010246 [ 152.244228] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 152.244962] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 152.245924] RBP: ffff8880209bfbd0 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 152.246685] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff888012e90000 [ 152.247433] R13: ffff88800f3709e8 R14: ffffffff8352e670 R15: ffff8880209bfe68 [ 152.248209] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.249225] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.249830] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 152.250723] PKRU: 55555554 [ 152.251148] Call Trace: [ 152.251422] [ 152.251658] __iommufd_access_detach+0x1c2/0x2b0 [ 152.252162] iommufd_access_change_pt+0x149/0x270 [ 152.252680] iommufd_access_replace+0xb4/0x120 [ 152.253235] iommufd_test+0x3e5/0x37e0 [ 152.253859] ? lock_release+0x532/0x770 [ 152.254285] ? __might_fault+0x102/0x1b0 [ 152.254760] ? lock_acquire+0x427/0x4c0 [ 152.255195] ? __pfx_iommufd_test+0x10/0x10 [ 152.255652] ? __pfx_lock_release+0x10/0x10 [ 152.256147] ? __pfx_lock_acquire+0x10/0x10 [ 152.256743] ? write_comp_data+0x2f/0x90 [ 152.257182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.257709] ? write_comp_data+0x2f/0x90 [ 152.258148] iommufd_fops_ioctl+0x37d/0x510 [ 152.258746] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.259299] ? write_comp_data+0x2f/0x90 [ 152.259728] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.260231] __x64_sys_ioctl+0x1a3/0x230 [ 152.260676] do_syscall_64+0x3b/0x90 [ 152.261080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.261860] RIP: 0033:0x7f4b8743ee5d [ 152.262263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.264483] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.265313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.266050] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.266944] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.267992] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.268941] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.270131] [ 152.270437] irq event stamp: 0 [ 152.270927] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.271796] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.273137] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.274228] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.275234] ---[ end trace 0000000000000000 ]--- [ 152.280282] ------------[ cut here ]------------ [ 152.280965] WARNING: CPU: 1 PID: 1429 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.282296] Modules linked in: [ 152.282807] CPU: 1 PID: 1429 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.284010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.285519] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.286179] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.288633] RSP: 0018:ffff8880209bfbd0 EFLAGS: 00010246 [ 152.289329] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 152.290277] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 152.291288] RBP: ffff8880209bfbe8 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 152.292215] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff88800fcb3400 [ 152.293152] R13: ffff88800f3709e8 R14: ffff88800f503900 R15: 0000000000000000 [ 152.294114] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.295234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.296012] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.296946] PKRU: 55555554 [ 152.297326] Call Trace: [ 152.297660] [ 152.297960] iommufd_access_destroy_object+0x65/0x170 [ 152.298694] iommufd_object_destroy_user+0x18e/0x220 [ 152.299386] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.300002] iommufd_access_destroy+0x43/0x70 [ 152.300477] iommufd_test_staccess_release+0x8d/0xd0 [ 152.301015] __fput+0x26d/0xa40 [ 152.301373] ____fput+0x1e/0x30 [ 152.301723] task_work_run+0x1a4/0x2d0 [ 152.302134] ? __pfx_task_work_run+0x10/0x10 [ 152.302641] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.303185] ? switch_task_namespaces+0xa9/0xe0 [ 152.303685] do_exit+0xb17/0x2ef0 [ 152.304050] ? lock_acquire+0x427/0x4c0 [ 152.304479] ? __pfx_lock_release+0x10/0x10 [ 152.304935] ? __kasan_check_write+0x18/0x20 [ 152.305401] ? do_raw_spin_lock+0x132/0x2a0 [ 152.305852] ? __pfx_do_exit+0x10/0x10 [ 152.306270] ? debug_smp_processor_id+0x20/0x30 [ 152.306799] ? rcu_is_watching+0x19/0xb0 [ 152.307259] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.307735] ? trace_hardirqs_on+0x26/0x120 [ 152.308191] do_group_exit+0xe0/0x2b0 [ 152.308592] __x64_sys_exit_group+0x47/0x50 [ 152.309044] do_syscall_64+0x3b/0x90 [ 152.309442] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.309985] RIP: 0033:0x7f4b87518a4d [ 152.310372] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.311035] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.311846] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.312582] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.313321] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.314065] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.314833] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.315600] [ 152.315845] irq event stamp: 0 [ 152.316175] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.316830] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.317756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.318654] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.319337] ---[ end trace 0000000000000000 ]--- [ 152.320237] ------------[ cut here ]------------ [ 152.320731] WARNING: CPU: 1 PID: 1429 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.321793] Modules linked in: [ 152.322131] CPU: 1 PID: 1429 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.323092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.324279] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.324814] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.326729] RSP: 0018:ffff8880209bfb78 EFLAGS: 00010246 [ 152.327297] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.328018] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 152.328744] RBP: ffff8880209bfb98 R08: ffffed1001e6e13e R09: ffffed1001e6e13e [ 152.329472] R10: ffff88800f3709ef R11: ffffed1001e6e13d R12: ffff88800f370a90 [ 152.330202] R13: ffff88800f3708a8 R14: ffffffffffffffff R15: ffff8880209bfc60 [ 152.330941] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.331788] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.332382] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.333108] PKRU: 55555554 [ 152.333400] Call Trace: [ 152.333668] [ 152.333899] iommufd_ioas_destroy+0x53/0x70 [ 152.334352] iommufd_fops_release+0x1f7/0x370 [ 152.334852] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.335377] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.335892] ? write_comp_data+0x2f/0x90 [ 152.336315] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.336824] __fput+0x26d/0xa40 [ 152.337175] ____fput+0x1e/0x30 [ 152.337515] task_work_run+0x1a4/0x2d0 [ 152.337921] ? __pfx_task_work_run+0x10/0x10 [ 152.338373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.338895] ? switch_task_namespaces+0xa9/0xe0 [ 152.339390] do_exit+0xb17/0x2ef0 [ 152.339742] ? lock_acquire+0x427/0x4c0 [ 152.340165] ? __pfx_lock_release+0x10/0x10 [ 152.340620] ? __kasan_check_write+0x18/0x20 [ 152.341076] ? do_raw_spin_lock+0x132/0x2a0 [ 152.341516] ? __pfx_do_exit+0x10/0x10 [ 152.341920] ? debug_smp_processor_id+0x20/0x30 [ 152.342393] ? rcu_is_watching+0x19/0xb0 [ 152.342841] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.343338] ? trace_hardirqs_on+0x26/0x120 [ 152.343789] do_group_exit+0xe0/0x2b0 [ 152.344181] __x64_sys_exit_group+0x47/0x50 [ 152.344624] do_syscall_64+0x3b/0x90 [ 152.345018] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.345555] RIP: 0033:0x7f4b87518a4d [ 152.345939] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.346538] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.347258] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.347926] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.348596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.349319] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.349988] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.350692] [ 152.350919] irq event stamp: 0 [ 152.351234] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.351828] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.352618] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.353405] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.354004] ---[ end trace 0000000000000000 ]--- [ 152.358755] ------------[ cut here ]------------ [ 152.359272] WARNING: CPU: 1 PID: 1430 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.360215] Modules linked in: [ 152.360518] CPU: 1 PID: 1430 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.361335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.362383] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.363086] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.364818] RSP: 0018:ffff88800f0d7bb8 EFLAGS: 00010246 [ 152.365317] RAX: 0000000000000000 RBX: ffff888021af10a8 RCX: 0000000000000000 [ 152.365984] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 152.366666] RBP: ffff88800f0d7bd0 R08: ffffed100435e233 R09: ffffed100435e233 [ 152.367352] R10: ffff888021af1193 R11: ffffed100435e232 R12: ffff88801351fc00 [ 152.368025] R13: ffff888021af11e8 R14: ffffffff8352e670 R15: ffff88800f0d7e68 [ 152.368704] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.369466] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.370013] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 152.370709] PKRU: 55555554 [ 152.370986] Call Trace: [ 152.371249] [ 152.371464] __iommufd_access_detach+0x1c2/0x2b0 [ 152.371933] iommufd_access_change_pt+0x149/0x270 [ 152.372403] iommufd_access_replace+0xb4/0x120 [ 152.372849] iommufd_test+0x3e5/0x37e0 [ 152.373221] ? lock_release+0x532/0x770 [ 152.373609] ? __might_fault+0x102/0x1b0 [ 152.374004] ? lock_acquire+0x427/0x4c0 [ 152.374393] ? __pfx_iommufd_test+0x10/0x10 [ 152.374820] ? __pfx_lock_release+0x10/0x10 [ 152.375244] ? __pfx_lock_acquire+0x10/0x10 [ 152.375668] ? write_comp_data+0x2f/0x90 [ 152.376065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.376536] ? write_comp_data+0x2f/0x90 [ 152.376934] iommufd_fops_ioctl+0x37d/0x510 [ 152.377348] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.377812] ? write_comp_data+0x2f/0x90 [ 152.378211] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.378691] __x64_sys_ioctl+0x1a3/0x230 [ 152.379092] do_syscall_64+0x3b/0x90 [ 152.379469] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.379961] RIP: 0033:0x7f4b8743ee5d [ 152.380313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.382069] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.382806] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.383483] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.384152] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.384816] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.385482] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.386165] [ 152.386388] irq event stamp: 0 [ 152.386712] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.387326] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.388109] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.388890] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.389491] ---[ end trace 0000000000000000 ]--- [ 152.392652] ------------[ cut here ]------------ [ 152.393129] WARNING: CPU: 1 PID: 1430 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.394081] Modules linked in: [ 152.394391] CPU: 1 PID: 1430 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.395326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.396328] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.396819] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.398562] RSP: 0018:ffff88800f0d7bd0 EFLAGS: 00010246 [ 152.399074] RAX: 0000000000000000 RBX: ffff888021af10a8 RCX: 0000000000000000 [ 152.399766] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 152.400433] RBP: ffff88800f0d7be8 R08: ffffed100435e233 R09: ffffed100435e233 [ 152.401098] R10: ffff888021af1193 R11: ffffed100435e232 R12: ffff888012e93800 [ 152.401771] R13: ffff888021af11e8 R14: ffff88800f5b5500 R15: 0000000000000000 [ 152.402455] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.403269] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.403832] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.404511] PKRU: 55555554 [ 152.404786] Call Trace: [ 152.405031] [ 152.405260] iommufd_access_destroy_object+0x65/0x170 [ 152.405782] iommufd_object_destroy_user+0x18e/0x220 [ 152.406289] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.406915] iommufd_access_destroy+0x43/0x70 [ 152.407382] iommufd_test_staccess_release+0x8d/0xd0 [ 152.407878] __fput+0x26d/0xa40 [ 152.408220] ____fput+0x1e/0x30 [ 152.408546] task_work_run+0x1a4/0x2d0 [ 152.408926] ? __pfx_task_work_run+0x10/0x10 [ 152.409361] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.409827] ? switch_task_namespaces+0xa9/0xe0 [ 152.410283] do_exit+0xb17/0x2ef0 [ 152.410652] ? lock_acquire+0x427/0x4c0 [ 152.411045] ? __pfx_lock_release+0x10/0x10 [ 152.411488] ? __kasan_check_write+0x18/0x20 [ 152.411913] ? do_raw_spin_lock+0x132/0x2a0 [ 152.412328] ? __pfx_do_exit+0x10/0x10 [ 152.412714] ? debug_smp_processor_id+0x20/0x30 [ 152.413219] ? rcu_is_watching+0x19/0xb0 [ 152.413617] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.414063] ? trace_hardirqs_on+0x26/0x120 [ 152.414498] do_group_exit+0xe0/0x2b0 [ 152.414939] __x64_sys_exit_group+0x47/0x50 [ 152.415360] do_syscall_64+0x3b/0x90 [ 152.415731] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.416229] RIP: 0033:0x7f4b87518a4d [ 152.416589] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.417178] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.417928] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.418661] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.419351] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.420042] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.420730] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.421420] [ 152.421646] irq event stamp: 0 [ 152.421949] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.422621] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.423461] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.424267] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.424879] ---[ end trace 0000000000000000 ]--- [ 152.425719] ------------[ cut here ]------------ [ 152.426173] WARNING: CPU: 1 PID: 1430 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.427215] Modules linked in: [ 152.427539] CPU: 1 PID: 1430 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.428375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.429442] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.429935] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.431721] RSP: 0018:ffff88800f0d7b78 EFLAGS: 00010246 [ 152.432252] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.432935] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 152.433609] RBP: ffff88800f0d7b98 R08: ffffed100435e23e R09: ffffed100435e23e [ 152.434278] R10: ffff888021af11ef R11: ffffed100435e23d R12: ffff888021af1290 [ 152.434973] R13: ffff888021af10a8 R14: ffffffffffffffff R15: ffff88800f0d7c60 [ 152.435657] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.436423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.436972] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.437647] PKRU: 55555554 [ 152.437920] Call Trace: [ 152.438179] [ 152.438422] iommufd_ioas_destroy+0x53/0x70 [ 152.439037] iommufd_fops_release+0x1f7/0x370 [ 152.439881] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.440421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.440934] ? write_comp_data+0x2f/0x90 [ 152.441363] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.441884] __fput+0x26d/0xa40 [ 152.442250] ____fput+0x1e/0x30 [ 152.442656] task_work_run+0x1a4/0x2d0 [ 152.443088] ? __pfx_task_work_run+0x10/0x10 [ 152.443754] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.444778] ? switch_task_namespaces+0xa9/0xe0 [ 152.445327] do_exit+0xb17/0x2ef0 [ 152.445689] ? lock_acquire+0x427/0x4c0 [ 152.446104] ? __pfx_lock_release+0x10/0x10 [ 152.446621] ? __kasan_check_write+0x18/0x20 [ 152.447077] ? do_raw_spin_lock+0x132/0x2a0 [ 152.447550] ? __pfx_do_exit+0x10/0x10 [ 152.447968] ? debug_smp_processor_id+0x20/0x30 [ 152.448459] ? rcu_is_watching+0x19/0xb0 [ 152.448884] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.449371] ? trace_hardirqs_on+0x26/0x120 [ 152.449958] do_group_exit+0xe0/0x2b0 [ 152.450570] __x64_sys_exit_group+0x47/0x50 [ 152.451247] do_syscall_64+0x3b/0x90 [ 152.451658] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.452209] RIP: 0033:0x7f4b87518a4d [ 152.452595] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.453230] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.454005] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.454801] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.455558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.456427] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.457447] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.458194] [ 152.458441] irq event stamp: 0 [ 152.458810] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.459502] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.460365] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.461278] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.462134] ---[ end trace 0000000000000000 ]--- [ 152.468029] ------------[ cut here ]------------ [ 152.468754] WARNING: CPU: 1 PID: 1431 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.469813] Modules linked in: [ 152.470154] CPU: 1 PID: 1431 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.471195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.472419] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.473543] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.475556] RSP: 0018:ffff888017307bb8 EFLAGS: 00010246 [ 152.476125] RAX: 0000000000000000 RBX: ffff88801812a8a8 RCX: 0000000000000000 [ 152.476880] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 152.477885] RBP: ffff888017307bd0 R08: ffffed1003025533 R09: ffffed1003025533 [ 152.478885] R10: ffff88801812a993 R11: ffffed1003025532 R12: ffff8880138b3400 [ 152.479649] R13: ffff88801812a9e8 R14: ffffffff8352e670 R15: ffff888017307e68 [ 152.480405] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.481254] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.481869] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 152.482796] PKRU: 55555554 [ 152.483327] Call Trace: [ 152.483618] [ 152.483862] __iommufd_access_detach+0x1c2/0x2b0 [ 152.484380] iommufd_access_change_pt+0x149/0x270 [ 152.484903] iommufd_access_replace+0xb4/0x120 [ 152.485399] iommufd_test+0x3e5/0x37e0 [ 152.485811] ? lock_release+0x532/0x770 [ 152.486245] ? __might_fault+0x102/0x1b0 [ 152.486739] ? lock_acquire+0x427/0x4c0 [ 152.487189] ? __pfx_iommufd_test+0x10/0x10 [ 152.487654] ? __pfx_lock_release+0x10/0x10 [ 152.488152] ? __pfx_lock_acquire+0x10/0x10 [ 152.488751] ? write_comp_data+0x2f/0x90 [ 152.489357] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.489877] ? write_comp_data+0x2f/0x90 [ 152.490321] iommufd_fops_ioctl+0x37d/0x510 [ 152.490830] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.491390] ? write_comp_data+0x2f/0x90 [ 152.491832] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.492348] __x64_sys_ioctl+0x1a3/0x230 [ 152.492796] do_syscall_64+0x3b/0x90 [ 152.493208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.493943] RIP: 0033:0x7f4b8743ee5d [ 152.494576] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.496515] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.497320] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.498077] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.498867] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.499748] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.500764] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.501675] [ 152.501914] irq event stamp: 0 [ 152.502249] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.502970] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.503883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.504772] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.505556] ---[ end trace 0000000000000000 ]--- [ 152.509247] ------------[ cut here ]------------ [ 152.509793] WARNING: CPU: 1 PID: 1431 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.511403] Modules linked in: [ 152.511752] CPU: 1 PID: 1431 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.512671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.513842] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.514370] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.516701] RSP: 0018:ffff888017307bd0 EFLAGS: 00010246 [ 152.517299] RAX: 0000000000000000 RBX: ffff88801812a8a8 RCX: 0000000000000000 [ 152.518047] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 152.518820] RBP: ffff888017307be8 R08: ffffed1003025533 R09: ffffed1003025533 [ 152.519586] R10: ffff88801812a993 R11: ffffed1003025532 R12: ffff88801351d400 [ 152.520335] R13: ffff88801812a9e8 R14: ffff88801005e600 R15: 0000000000000000 [ 152.521173] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.522346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.523012] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.523803] PKRU: 55555554 [ 152.524120] Call Trace: [ 152.524400] [ 152.524645] iommufd_access_destroy_object+0x65/0x170 [ 152.525201] iommufd_object_destroy_user+0x18e/0x220 [ 152.525738] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.526451] iommufd_access_destroy+0x43/0x70 [ 152.527217] iommufd_test_staccess_release+0x8d/0xd0 [ 152.527770] __fput+0x26d/0xa40 [ 152.528139] ____fput+0x1e/0x30 [ 152.528553] task_work_run+0x1a4/0x2d0 [ 152.528978] ? __pfx_task_work_run+0x10/0x10 [ 152.529447] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.529971] ? switch_task_namespaces+0xa9/0xe0 [ 152.530473] do_exit+0xb17/0x2ef0 [ 152.530876] ? lock_acquire+0x427/0x4c0 [ 152.531330] ? __pfx_lock_release+0x10/0x10 [ 152.531847] ? __kasan_check_write+0x18/0x20 [ 152.532491] ? do_raw_spin_lock+0x132/0x2a0 [ 152.533140] ? __pfx_do_exit+0x10/0x10 [ 152.533566] ? debug_smp_processor_id+0x20/0x30 [ 152.534065] ? rcu_is_watching+0x19/0xb0 [ 152.534495] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.535030] ? trace_hardirqs_on+0x26/0x120 [ 152.535512] do_group_exit+0xe0/0x2b0 [ 152.535919] __x64_sys_exit_group+0x47/0x50 [ 152.536375] do_syscall_64+0x3b/0x90 [ 152.536783] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.537521] RIP: 0033:0x7f4b87518a4d [ 152.538110] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.538809] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.539630] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.540369] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.541170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.541921] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.543009] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.543943] [ 152.544194] irq event stamp: 0 [ 152.544527] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.545188] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.546062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.546973] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.547645] ---[ end trace 0000000000000000 ]--- [ 152.548781] ------------[ cut here ]------------ [ 152.549294] WARNING: CPU: 1 PID: 1431 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.550366] Modules linked in: [ 152.550747] CPU: 1 PID: 1431 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.551679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.553138] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.553686] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.555880] RSP: 0018:ffff888017307b78 EFLAGS: 00010246 [ 152.556449] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.557186] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 152.557999] RBP: ffff888017307b98 R08: ffffed100302553e R09: ffffed100302553e [ 152.558906] R10: ffff88801812a9ef R11: ffffed100302553d R12: ffff88801812aa90 [ 152.559683] R13: ffff88801812a8a8 R14: ffffffffffffffff R15: ffff888017307c60 [ 152.560434] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.561505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.562112] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 152.562910] PKRU: 55555554 [ 152.563234] Call Trace: [ 152.563564] [ 152.563962] iommufd_ioas_destroy+0x53/0x70 [ 152.564425] iommufd_fops_release+0x1f7/0x370 [ 152.564899] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.565438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.566138] ? write_comp_data+0x2f/0x90 [ 152.566617] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.567174] __fput+0x26d/0xa40 [ 152.567542] ____fput+0x1e/0x30 [ 152.567902] task_work_run+0x1a4/0x2d0 [ 152.568322] ? __pfx_task_work_run+0x10/0x10 [ 152.568928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.569534] ? switch_task_namespaces+0xa9/0xe0 [ 152.570046] do_exit+0xb17/0x2ef0 [ 152.570418] ? lock_acquire+0x427/0x4c0 [ 152.570903] ? __pfx_lock_release+0x10/0x10 [ 152.571385] ? __kasan_check_write+0x18/0x20 [ 152.572082] ? do_raw_spin_lock+0x132/0x2a0 [ 152.572543] ? __pfx_do_exit+0x10/0x10 [ 152.573040] ? debug_smp_processor_id+0x20/0x30 [ 152.573536] ? rcu_is_watching+0x19/0xb0 [ 152.574024] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.574673] ? trace_hardirqs_on+0x26/0x120 [ 152.575168] do_group_exit+0xe0/0x2b0 [ 152.575582] __x64_sys_exit_group+0x47/0x50 [ 152.576041] do_syscall_64+0x3b/0x90 [ 152.576448] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.577227] RIP: 0033:0x7f4b87518a4d [ 152.577632] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.578281] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.579143] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.580078] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.580831] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.581576] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.582603] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.583391] [ 152.583639] irq event stamp: 0 [ 152.583972] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.584691] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.585688] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.586590] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.587324] ---[ end trace 0000000000000000 ]--- [ 152.592823] ------------[ cut here ]------------ [ 152.593388] WARNING: CPU: 1 PID: 1432 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.594679] Modules linked in: [ 152.595055] CPU: 1 PID: 1432 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.595991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.597231] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.597917] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.600011] RSP: 0018:ffff88800f0d7bb8 EFLAGS: 00010246 [ 152.600614] RAX: 0000000000000000 RBX: ffff88801587e0a8 RCX: 0000000000000000 [ 152.601366] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 152.602113] RBP: ffff88800f0d7bd0 R08: ffffed1002b0fc33 R09: ffffed1002b0fc33 [ 152.603143] R10: ffff88801587e193 R11: ffffed1002b0fc32 R12: ffff88801341d000 [ 152.603900] R13: ffff88801587e1e8 R14: ffffffff8352e670 R15: ffff88800f0d7e68 [ 152.604649] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.605742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.606356] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 152.607152] PKRU: 55555554 [ 152.607465] Call Trace: [ 152.607737] [ 152.608095] __iommufd_access_detach+0x1c2/0x2b0 [ 152.608718] iommufd_access_change_pt+0x149/0x270 [ 152.609232] iommufd_access_replace+0xb4/0x120 [ 152.609722] iommufd_test+0x3e5/0x37e0 [ 152.610136] ? lock_release+0x532/0x770 [ 152.610793] ? __might_fault+0x102/0x1b0 [ 152.611253] ? lock_acquire+0x427/0x4c0 [ 152.611678] ? __pfx_iommufd_test+0x10/0x10 [ 152.612132] ? __pfx_lock_release+0x10/0x10 [ 152.612593] ? __pfx_lock_acquire+0x10/0x10 [ 152.613182] ? write_comp_data+0x2f/0x90 [ 152.613709] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.614225] ? write_comp_data+0x2f/0x90 [ 152.614695] iommufd_fops_ioctl+0x37d/0x510 [ 152.615166] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.615691] ? write_comp_data+0x2f/0x90 [ 152.616321] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.616836] __x64_sys_ioctl+0x1a3/0x230 [ 152.617278] do_syscall_64+0x3b/0x90 [ 152.617683] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.618344] RIP: 0033:0x7f4b8743ee5d [ 152.618871] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.620795] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.621795] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.622586] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.623347] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.624301] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.625053] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.625802] [ 152.626125] irq event stamp: 0 [ 152.626605] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.627272] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.628144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.629233] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.629895] ---[ end trace 0000000000000000 ]--- [ 152.633365] ------------[ cut here ]------------ [ 152.633906] WARNING: CPU: 0 PID: 1432 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.635048] Modules linked in: [ 152.635400] CPU: 0 PID: 1432 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.636294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.637434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.637937] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.639828] RSP: 0018:ffff88800f0d7bd0 EFLAGS: 00010246 [ 152.640376] RAX: 0000000000000000 RBX: ffff88801587e0a8 RCX: 0000000000000000 [ 152.641116] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 152.641842] RBP: ffff88800f0d7be8 R08: ffffed1002b0fc33 R09: ffffed1002b0fc33 [ 152.642594] R10: ffff88801587e193 R11: ffffed1002b0fc32 R12: ffff8880138b1800 [ 152.643341] R13: ffff88801587e1e8 R14: ffff888020ede800 R15: 0000000000000000 [ 152.644066] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 152.644888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.645480] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 152.646223] PKRU: 55555554 [ 152.646550] Call Trace: [ 152.646830] [ 152.647073] iommufd_access_destroy_object+0x65/0x170 [ 152.647621] iommufd_object_destroy_user+0x18e/0x220 [ 152.648146] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.648753] iommufd_access_destroy+0x43/0x70 [ 152.649221] iommufd_test_staccess_release+0x8d/0xd0 [ 152.649754] __fput+0x26d/0xa40 [ 152.650107] ____fput+0x1e/0x30 [ 152.650462] task_work_run+0x1a4/0x2d0 [ 152.650905] ? __pfx_task_work_run+0x10/0x10 [ 152.651381] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.651903] ? switch_task_namespaces+0xa9/0xe0 [ 152.652401] do_exit+0xb17/0x2ef0 [ 152.652772] ? lock_acquire+0x427/0x4c0 [ 152.653185] ? __pfx_lock_release+0x10/0x10 [ 152.653630] ? __kasan_check_write+0x18/0x20 [ 152.654086] ? do_raw_spin_lock+0x132/0x2a0 [ 152.654567] ? __pfx_do_exit+0x10/0x10 [ 152.654983] ? debug_smp_processor_id+0x20/0x30 [ 152.655504] ? rcu_is_watching+0x19/0xb0 [ 152.655930] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.656399] ? trace_hardirqs_on+0x26/0x120 [ 152.656854] do_group_exit+0xe0/0x2b0 [ 152.657255] __x64_sys_exit_group+0x47/0x50 [ 152.657693] do_syscall_64+0x3b/0x90 [ 152.658089] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.658655] RIP: 0033:0x7f4b87518a4d [ 152.659040] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.659686] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.660459] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.661181] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.661916] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.662659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.663401] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.664137] [ 152.664379] irq event stamp: 0 [ 152.664703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.665342] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.666188] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.667062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.667719] ---[ end trace 0000000000000000 ]--- [ 152.668837] ------------[ cut here ]------------ [ 152.669455] WARNING: CPU: 1 PID: 1432 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.670490] Modules linked in: [ 152.670879] CPU: 1 PID: 1432 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.671787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.672929] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.673464] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.675393] RSP: 0018:ffff88800f0d7b78 EFLAGS: 00010246 [ 152.675939] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.676663] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 152.677390] RBP: ffff88800f0d7b98 R08: ffffed1002b0fc3e R09: ffffed1002b0fc3e [ 152.678110] R10: ffff88801587e1ef R11: ffffed1002b0fc3d R12: ffff88801587e290 [ 152.678821] R13: ffff88801587e0a8 R14: ffffffffffffffff R15: ffff88800f0d7c60 [ 152.679504] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.680260] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.680805] CR2: 00007f82e2f07000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 152.681485] PKRU: 55555554 [ 152.681752] Call Trace: [ 152.681998] [ 152.682217] iommufd_ioas_destroy+0x53/0x70 [ 152.682659] iommufd_fops_release+0x1f7/0x370 [ 152.683091] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.683595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.684062] ? write_comp_data+0x2f/0x90 [ 152.684461] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.684936] __fput+0x26d/0xa40 [ 152.685270] ____fput+0x1e/0x30 [ 152.685594] task_work_run+0x1a4/0x2d0 [ 152.685974] ? __pfx_task_work_run+0x10/0x10 [ 152.686395] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.686893] ? switch_task_namespaces+0xa9/0xe0 [ 152.687357] do_exit+0xb17/0x2ef0 [ 152.687688] ? lock_acquire+0x427/0x4c0 [ 152.688080] ? __pfx_lock_release+0x10/0x10 [ 152.688496] ? __kasan_check_write+0x18/0x20 [ 152.688920] ? do_raw_spin_lock+0x132/0x2a0 [ 152.689334] ? __pfx_do_exit+0x10/0x10 [ 152.689713] ? debug_smp_processor_id+0x20/0x30 [ 152.690155] ? rcu_is_watching+0x19/0xb0 [ 152.690560] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.690993] ? trace_hardirqs_on+0x26/0x120 [ 152.691417] do_group_exit+0xe0/0x2b0 [ 152.691775] __x64_sys_exit_group+0x47/0x50 [ 152.692165] do_syscall_64+0x3b/0x90 [ 152.692515] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.692989] RIP: 0033:0x7f4b87518a4d [ 152.693326] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.693888] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.694593] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.695253] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.695909] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.697041] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.697664] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.698286] [ 152.698489] irq event stamp: 0 [ 152.698846] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.699495] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.700234] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.701018] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.701719] ---[ end trace 0000000000000000 ]--- [ 152.707029] ------------[ cut here ]------------ [ 152.707498] WARNING: CPU: 1 PID: 1433 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.708601] Modules linked in: [ 152.708887] CPU: 1 PID: 1433 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.709643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.710821] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.711272] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.713014] RSP: 0018:ffff888013537bb8 EFLAGS: 00010246 [ 152.713485] RAX: 0000000000000000 RBX: ffff888020e430a8 RCX: 0000000000000000 [ 152.714102] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 152.714897] RBP: ffff888013537bd0 R08: ffffed10041c8633 R09: ffffed10041c8633 [ 152.715553] R10: ffff888020e43193 R11: ffffed10041c8632 R12: ffff88800f74d800 [ 152.716175] R13: ffff888020e431e8 R14: ffffffff8352e670 R15: ffff888013537e68 [ 152.716945] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.717642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.718149] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 152.718943] PKRU: 55555554 [ 152.719200] Call Trace: [ 152.719426] [ 152.719625] __iommufd_access_detach+0x1c2/0x2b0 [ 152.720052] iommufd_access_change_pt+0x149/0x270 [ 152.720535] iommufd_access_replace+0xb4/0x120 [ 152.721017] iommufd_test+0x3e5/0x37e0 [ 152.721366] ? lock_release+0x532/0x770 [ 152.721721] ? __might_fault+0x102/0x1b0 [ 152.722086] ? lock_acquire+0x427/0x4c0 [ 152.722447] ? __pfx_iommufd_test+0x10/0x10 [ 152.722842] ? __pfx_lock_release+0x10/0x10 [ 152.723232] ? __pfx_lock_acquire+0x10/0x10 [ 152.723613] ? write_comp_data+0x2f/0x90 [ 152.723974] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.724397] ? write_comp_data+0x2f/0x90 [ 152.724757] iommufd_fops_ioctl+0x37d/0x510 [ 152.725131] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.725552] ? write_comp_data+0x2f/0x90 [ 152.725911] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.726335] __x64_sys_ioctl+0x1a3/0x230 [ 152.726713] do_syscall_64+0x3b/0x90 [ 152.727049] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.727513] RIP: 0033:0x7f4b8743ee5d [ 152.727836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.729397] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.730049] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.730676] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.731294] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.731902] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.732509] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.733181] [ 152.733383] irq event stamp: 0 [ 152.733655] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.734196] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.734946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.735677] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.736215] ---[ end trace 0000000000000000 ]--- [ 152.739148] ------------[ cut here ]------------ [ 152.739588] WARNING: CPU: 1 PID: 1433 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.740456] Modules linked in: [ 152.740733] CPU: 1 PID: 1433 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.741476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.742457] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.742951] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.744515] RSP: 0018:ffff888013537bd0 EFLAGS: 00010246 [ 152.744974] RAX: 0000000000000000 RBX: ffff888020e430a8 RCX: 0000000000000000 [ 152.745582] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 152.746188] RBP: ffff888013537be8 R08: ffffed10041c8633 R09: ffffed10041c8633 [ 152.746813] R10: ffff888020e43193 R11: ffffed10041c8632 R12: ffff888013a01400 [ 152.747428] R13: ffff888020e431e8 R14: ffff888020f60800 R15: 0000000000000000 [ 152.748038] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.748740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.749246] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.749861] PKRU: 55555554 [ 152.750108] Call Trace: [ 152.750328] [ 152.750545] iommufd_access_destroy_object+0x65/0x170 [ 152.750997] iommufd_object_destroy_user+0x18e/0x220 [ 152.751468] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.751975] iommufd_access_destroy+0x43/0x70 [ 152.752383] iommufd_test_staccess_release+0x8d/0xd0 [ 152.752832] __fput+0x26d/0xa40 [ 152.753131] ____fput+0x1e/0x30 [ 152.753425] task_work_run+0x1a4/0x2d0 [ 152.753773] ? __pfx_task_work_run+0x10/0x10 [ 152.754158] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.754611] ? switch_task_namespaces+0xa9/0xe0 [ 152.755030] do_exit+0xb17/0x2ef0 [ 152.755337] ? lock_acquire+0x427/0x4c0 [ 152.755690] ? __pfx_lock_release+0x10/0x10 [ 152.756073] ? __kasan_check_write+0x18/0x20 [ 152.756459] ? do_raw_spin_lock+0x132/0x2a0 [ 152.756840] ? __pfx_do_exit+0x10/0x10 [ 152.757187] ? debug_smp_processor_id+0x20/0x30 [ 152.757593] ? rcu_is_watching+0x19/0xb0 [ 152.757951] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.758352] ? trace_hardirqs_on+0x26/0x120 [ 152.758758] do_group_exit+0xe0/0x2b0 [ 152.759093] __x64_sys_exit_group+0x47/0x50 [ 152.759472] do_syscall_64+0x3b/0x90 [ 152.759792] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.760217] RIP: 0033:0x7f4b87518a4d [ 152.760518] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.761015] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.761622] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.762200] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.762786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.763374] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.763955] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.764537] [ 152.764727] irq event stamp: 0 [ 152.765035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.765540] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.766213] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.766901] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.767431] ---[ end trace 0000000000000000 ]--- [ 152.768135] ------------[ cut here ]------------ [ 152.768515] WARNING: CPU: 1 PID: 1433 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.769334] Modules linked in: [ 152.769595] CPU: 1 PID: 1433 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.770297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.771243] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.771673] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.773140] RSP: 0018:ffff888013537b78 EFLAGS: 00010246 [ 152.773572] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.774140] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 152.774776] RBP: ffff888013537b98 R08: ffffed10041c863e R09: ffffed10041c863e [ 152.775356] R10: ffff888020e431ef R11: ffffed10041c863d R12: ffff888020e43290 [ 152.775934] R13: ffff888020e430a8 R14: ffffffffffffffff R15: ffff888013537c60 [ 152.776511] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.777162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.777629] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.778207] PKRU: 55555554 [ 152.778436] Call Trace: [ 152.778664] [ 152.778854] iommufd_ioas_destroy+0x53/0x70 [ 152.779220] iommufd_fops_release+0x1f7/0x370 [ 152.779593] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.780004] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.780407] ? write_comp_data+0x2f/0x90 [ 152.780745] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.781152] __fput+0x26d/0xa40 [ 152.781438] ____fput+0x1e/0x30 [ 152.781712] task_work_run+0x1a4/0x2d0 [ 152.782036] ? __pfx_task_work_run+0x10/0x10 [ 152.782397] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.782813] ? switch_task_namespaces+0xa9/0xe0 [ 152.783221] do_exit+0xb17/0x2ef0 [ 152.783508] ? lock_acquire+0x427/0x4c0 [ 152.783846] ? __pfx_lock_release+0x10/0x10 [ 152.784204] ? __kasan_check_write+0x18/0x20 [ 152.784571] ? do_raw_spin_lock+0x132/0x2a0 [ 152.784932] ? __pfx_do_exit+0x10/0x10 [ 152.785256] ? debug_smp_processor_id+0x20/0x30 [ 152.785639] ? rcu_is_watching+0x19/0xb0 [ 152.785973] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.786347] ? trace_hardirqs_on+0x26/0x120 [ 152.786724] do_group_exit+0xe0/0x2b0 [ 152.787041] __x64_sys_exit_group+0x47/0x50 [ 152.787396] do_syscall_64+0x3b/0x90 [ 152.787707] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.788139] RIP: 0033:0x7f4b87518a4d [ 152.788458] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.788956] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.789570] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.790144] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.790732] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.791319] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.791893] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.792475] [ 152.792664] irq event stamp: 0 [ 152.792918] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.793429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.794103] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.794797] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.795317] ---[ end trace 0000000000000000 ]--- [ 152.799617] ------------[ cut here ]------------ [ 152.800027] WARNING: CPU: 1 PID: 1434 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.800843] Modules linked in: [ 152.801102] CPU: 1 PID: 1434 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.801803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.802730] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.803142] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.804612] RSP: 0018:ffff8880245c7bb8 EFLAGS: 00010246 [ 152.805041] RAX: 0000000000000000 RBX: ffff88800cb918a8 RCX: 0000000000000000 [ 152.805615] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 152.806185] RBP: ffff8880245c7bd0 R08: ffffed1001972333 R09: ffffed1001972333 [ 152.806757] R10: ffff88800cb91993 R11: ffffed1001972332 R12: ffff888014581800 [ 152.807324] R13: ffff88800cb919e8 R14: ffffffff8352e670 R15: ffff8880245c7e68 [ 152.807882] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.808513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.808969] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 152.809525] PKRU: 55555554 [ 152.809746] Call Trace: [ 152.809951] [ 152.810130] __iommufd_access_detach+0x1c2/0x2b0 [ 152.810527] iommufd_access_change_pt+0x149/0x270 [ 152.810917] iommufd_access_replace+0xb4/0x120 [ 152.811304] iommufd_test+0x3e5/0x37e0 [ 152.811611] ? lock_release+0x532/0x770 [ 152.811935] ? __might_fault+0x102/0x1b0 [ 152.812263] ? lock_acquire+0x427/0x4c0 [ 152.812586] ? __pfx_iommufd_test+0x10/0x10 [ 152.812924] ? __pfx_lock_release+0x10/0x10 [ 152.813269] ? __pfx_lock_acquire+0x10/0x10 [ 152.813611] ? write_comp_data+0x2f/0x90 [ 152.813931] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.814309] ? write_comp_data+0x2f/0x90 [ 152.814653] iommufd_fops_ioctl+0x37d/0x510 [ 152.814992] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.815381] ? write_comp_data+0x2f/0x90 [ 152.815705] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.816084] __x64_sys_ioctl+0x1a3/0x230 [ 152.816411] do_syscall_64+0x3b/0x90 [ 152.816715] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.817122] RIP: 0033:0x7f4b8743ee5d [ 152.817413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.818851] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.819448] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.819994] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.820540] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.821089] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.821642] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.822196] [ 152.822378] irq event stamp: 0 [ 152.822637] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.823133] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.823775] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.824420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.824903] ---[ end trace 0000000000000000 ]--- [ 152.827617] ------------[ cut here ]------------ [ 152.828012] WARNING: CPU: 1 PID: 1434 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.828801] Modules linked in: [ 152.829101] CPU: 1 PID: 1434 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.829774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.830683] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.831072] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.832478] RSP: 0018:ffff8880245c7bd0 EFLAGS: 00010246 [ 152.832895] RAX: 0000000000000000 RBX: ffff88800cb918a8 RCX: 0000000000000000 [ 152.833442] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 152.833988] RBP: ffff8880245c7be8 R08: ffffed1001972333 R09: ffffed1001972333 [ 152.834555] R10: ffff88800cb91993 R11: ffffed1001972332 R12: ffff88800f74d000 [ 152.835102] R13: ffff88800cb919e8 R14: ffff8880218d4500 R15: 0000000000000000 [ 152.835657] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.836274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.836721] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.837271] PKRU: 55555554 [ 152.837492] Call Trace: [ 152.837690] [ 152.837863] iommufd_access_destroy_object+0x65/0x170 [ 152.838265] iommufd_object_destroy_user+0x18e/0x220 [ 152.838686] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.839150] iommufd_access_destroy+0x43/0x70 [ 152.839505] iommufd_test_staccess_release+0x8d/0xd0 [ 152.839905] __fput+0x26d/0xa40 [ 152.840174] ____fput+0x1e/0x30 [ 152.840440] task_work_run+0x1a4/0x2d0 [ 152.840750] ? __pfx_task_work_run+0x10/0x10 [ 152.841097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.841482] ? switch_task_namespaces+0xa9/0xe0 [ 152.841854] do_exit+0xb17/0x2ef0 [ 152.842124] ? lock_acquire+0x427/0x4c0 [ 152.842441] ? __pfx_lock_release+0x10/0x10 [ 152.842804] ? __kasan_check_write+0x18/0x20 [ 152.843177] ? do_raw_spin_lock+0x132/0x2a0 [ 152.843522] ? __pfx_do_exit+0x10/0x10 [ 152.843839] ? debug_smp_processor_id+0x20/0x30 [ 152.844202] ? rcu_is_watching+0x19/0xb0 [ 152.844520] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.844874] ? trace_hardirqs_on+0x26/0x120 [ 152.845213] do_group_exit+0xe0/0x2b0 [ 152.845515] __x64_sys_exit_group+0x47/0x50 [ 152.845847] do_syscall_64+0x3b/0x90 [ 152.846144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.846565] RIP: 0033:0x7f4b87518a4d [ 152.846858] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.847340] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.847927] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.848473] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.849025] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.849577] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.850121] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.850691] [ 152.850875] irq event stamp: 0 [ 152.851135] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.851684] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.852343] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.852991] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.853477] ---[ end trace 0000000000000000 ]--- [ 152.854164] ------------[ cut here ]------------ [ 152.854548] WARNING: CPU: 1 PID: 1434 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.855347] Modules linked in: [ 152.855596] CPU: 1 PID: 1434 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.856265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.857132] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.857531] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.858940] RSP: 0018:ffff8880245c7b78 EFLAGS: 00010246 [ 152.859362] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.859911] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 152.860459] RBP: ffff8880245c7b98 R08: ffffed100197233e R09: ffffed100197233e [ 152.861039] R10: ffff88800cb919ef R11: ffffed100197233d R12: ffff88800cb91a90 [ 152.861584] R13: ffff88800cb918a8 R14: ffffffffffffffff R15: ffff8880245c7c60 [ 152.862136] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.862769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.863222] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.863772] PKRU: 55555554 [ 152.863992] Call Trace: [ 152.864191] [ 152.864368] iommufd_ioas_destroy+0x53/0x70 [ 152.864712] iommufd_fops_release+0x1f7/0x370 [ 152.865068] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.865459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.865842] ? write_comp_data+0x2f/0x90 [ 152.866170] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.866580] __fput+0x26d/0xa40 [ 152.866859] ____fput+0x1e/0x30 [ 152.867142] task_work_run+0x1a4/0x2d0 [ 152.867458] ? __pfx_task_work_run+0x10/0x10 [ 152.867804] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.868188] ? switch_task_namespaces+0xa9/0xe0 [ 152.868567] do_exit+0xb17/0x2ef0 [ 152.868842] ? lock_acquire+0x427/0x4c0 [ 152.869162] ? __pfx_lock_release+0x10/0x10 [ 152.869506] ? __kasan_check_write+0x18/0x20 [ 152.869865] ? do_raw_spin_lock+0x132/0x2a0 [ 152.870211] ? __pfx_do_exit+0x10/0x10 [ 152.870543] ? debug_smp_processor_id+0x20/0x30 [ 152.870917] ? rcu_is_watching+0x19/0xb0 [ 152.871244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.871604] ? trace_hardirqs_on+0x26/0x120 [ 152.871948] do_group_exit+0xe0/0x2b0 [ 152.872249] __x64_sys_exit_group+0x47/0x50 [ 152.872588] do_syscall_64+0x3b/0x90 [ 152.872887] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.873299] RIP: 0033:0x7f4b87518a4d [ 152.873590] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.874065] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.874671] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.875235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.875781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.876328] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.876878] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.877431] [ 152.877611] irq event stamp: 0 [ 152.877854] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.878348] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.879017] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.879671] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.880161] ---[ end trace 0000000000000000 ]--- [ 152.884363] ------------[ cut here ]------------ [ 152.884757] WARNING: CPU: 1 PID: 1435 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.885534] Modules linked in: [ 152.885779] CPU: 1 PID: 1435 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.886442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.887398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.887787] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.889179] RSP: 0018:ffff888010297bb8 EFLAGS: 00010246 [ 152.889586] RAX: 0000000000000000 RBX: ffff888020f220a8 RCX: 0000000000000000 [ 152.890131] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 152.890686] RBP: ffff888010297bd0 R08: ffffed10041e4433 R09: ffffed10041e4433 [ 152.891242] R10: ffff888020f22193 R11: ffffed10041e4432 R12: ffff88801883fc00 [ 152.891789] R13: ffff888020f221e8 R14: ffffffff8352e670 R15: ffff888010297e68 [ 152.892335] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.893001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.893453] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 152.894001] PKRU: 55555554 [ 152.894219] Call Trace: [ 152.894420] [ 152.894613] __iommufd_access_detach+0x1c2/0x2b0 [ 152.894995] iommufd_access_change_pt+0x149/0x270 [ 152.895371] iommufd_access_replace+0xb4/0x120 [ 152.895735] iommufd_test+0x3e5/0x37e0 [ 152.896036] ? lock_release+0x532/0x770 [ 152.896353] ? __might_fault+0x102/0x1b0 [ 152.896672] ? lock_acquire+0x427/0x4c0 [ 152.896988] ? __pfx_iommufd_test+0x10/0x10 [ 152.897315] ? __pfx_lock_release+0x10/0x10 [ 152.897648] ? __pfx_lock_acquire+0x10/0x10 [ 152.897980] ? write_comp_data+0x2f/0x90 [ 152.898294] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.898682] ? write_comp_data+0x2f/0x90 [ 152.899000] iommufd_fops_ioctl+0x37d/0x510 [ 152.899338] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.899709] ? write_comp_data+0x2f/0x90 [ 152.900024] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.900388] __x64_sys_ioctl+0x1a3/0x230 [ 152.900702] do_syscall_64+0x3b/0x90 [ 152.900991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.901390] RIP: 0033:0x7f4b8743ee5d [ 152.901670] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.903044] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.903630] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.904167] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.904699] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.905232] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.905763] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.906301] [ 152.906478] irq event stamp: 0 [ 152.906731] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.907214] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.907839] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.908465] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.908936] ---[ end trace 0000000000000000 ]--- [ 152.911616] ------------[ cut here ]------------ [ 152.911995] WARNING: CPU: 1 PID: 1435 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.912751] Modules linked in: [ 152.912993] CPU: 1 PID: 1435 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.913643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.914489] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.914885] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.916251] RSP: 0018:ffff888010297bd0 EFLAGS: 00010246 [ 152.916650] RAX: 0000000000000000 RBX: ffff888020f220a8 RCX: 0000000000000000 [ 152.917179] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 152.917707] RBP: ffff888010297be8 R08: ffffed10041e4433 R09: ffffed10041e4433 [ 152.918240] R10: ffff888020f22193 R11: ffffed10041e4432 R12: ffff888014583400 [ 152.918789] R13: ffff888020f221e8 R14: ffff888013555300 R15: 0000000000000000 [ 152.919327] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.919927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.920359] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.920893] PKRU: 55555554 [ 152.921106] Call Trace: [ 152.921298] [ 152.921470] iommufd_access_destroy_object+0x65/0x170 [ 152.921860] iommufd_object_destroy_user+0x18e/0x220 [ 152.922247] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 152.922704] iommufd_access_destroy+0x43/0x70 [ 152.923059] iommufd_test_staccess_release+0x8d/0xd0 [ 152.923460] __fput+0x26d/0xa40 [ 152.923726] ____fput+0x1e/0x30 [ 152.923984] task_work_run+0x1a4/0x2d0 [ 152.924286] ? __pfx_task_work_run+0x10/0x10 [ 152.924621] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.925043] ? switch_task_namespaces+0xa9/0xe0 [ 152.925407] do_exit+0xb17/0x2ef0 [ 152.925672] ? lock_acquire+0x427/0x4c0 [ 152.925984] ? __pfx_lock_release+0x10/0x10 [ 152.926316] ? __kasan_check_write+0x18/0x20 [ 152.926674] ? do_raw_spin_lock+0x132/0x2a0 [ 152.927004] ? __pfx_do_exit+0x10/0x10 [ 152.927312] ? debug_smp_processor_id+0x20/0x30 [ 152.927668] ? rcu_is_watching+0x19/0xb0 [ 152.927979] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.928326] ? trace_hardirqs_on+0x26/0x120 [ 152.928658] do_group_exit+0xe0/0x2b0 [ 152.928950] __x64_sys_exit_group+0x47/0x50 [ 152.929277] do_syscall_64+0x3b/0x90 [ 152.929568] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.929965] RIP: 0033:0x7f4b87518a4d [ 152.930244] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.930726] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.931310] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.931849] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.932389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.932921] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.933450] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.933988] [ 152.934164] irq event stamp: 0 [ 152.934402] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.934892] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.935526] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.936154] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.936623] ---[ end trace 0000000000000000 ]--- [ 152.937286] ------------[ cut here ]------------ [ 152.937638] WARNING: CPU: 1 PID: 1435 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 152.938410] Modules linked in: [ 152.938675] CPU: 1 PID: 1435 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.939368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.940206] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 152.940595] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 152.941946] RSP: 0018:ffff888010297b78 EFLAGS: 00010246 [ 152.942349] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 152.942908] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 152.943467] RBP: ffff888010297b98 R08: ffffed10041e443e R09: ffffed10041e443e [ 152.944000] R10: ffff888020f221ef R11: ffffed10041e443d R12: ffff888020f22290 [ 152.944532] R13: ffff888020f220a8 R14: ffffffffffffffff R15: ffff888010297c60 [ 152.945062] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.945672] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.946104] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 152.946651] PKRU: 55555554 [ 152.946878] Call Trace: [ 152.947070] [ 152.947249] iommufd_ioas_destroy+0x53/0x70 [ 152.947581] iommufd_fops_release+0x1f7/0x370 [ 152.947936] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.948313] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.948705] ? write_comp_data+0x2f/0x90 [ 152.949028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 152.949407] __fput+0x26d/0xa40 [ 152.949670] ____fput+0x1e/0x30 [ 152.949928] task_work_run+0x1a4/0x2d0 [ 152.950233] ? __pfx_task_work_run+0x10/0x10 [ 152.950588] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.950962] ? switch_task_namespaces+0xa9/0xe0 [ 152.951341] do_exit+0xb17/0x2ef0 [ 152.951614] ? lock_acquire+0x427/0x4c0 [ 152.951959] ? __pfx_lock_release+0x10/0x10 [ 152.952431] ? __kasan_check_write+0x18/0x20 [ 152.952776] ? do_raw_spin_lock+0x132/0x2a0 [ 152.953110] ? __pfx_do_exit+0x10/0x10 [ 152.953420] ? debug_smp_processor_id+0x20/0x30 [ 152.953778] ? rcu_is_watching+0x19/0xb0 [ 152.954199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 152.954574] ? trace_hardirqs_on+0x26/0x120 [ 152.954910] do_group_exit+0xe0/0x2b0 [ 152.955213] __x64_sys_exit_group+0x47/0x50 [ 152.955541] do_syscall_64+0x3b/0x90 [ 152.955900] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.956313] RIP: 0033:0x7f4b87518a4d [ 152.956602] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 152.957095] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 152.957772] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 152.958317] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 152.958875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 152.959422] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 152.959980] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 152.960607] [ 152.960784] irq event stamp: 0 [ 152.961022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.961511] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.962242] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.962887] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.963375] ---[ end trace 0000000000000000 ]--- [ 152.966927] ------------[ cut here ]------------ [ 152.967347] WARNING: CPU: 1 PID: 1436 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.968181] Modules linked in: [ 152.968424] CPU: 1 PID: 1436 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.969123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 152.970058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 152.970451] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 152.972037] RSP: 0018:ffff8880170ffbb8 EFLAGS: 00010246 [ 152.972460] RAX: 0000000000000000 RBX: ffff888011dda0a8 RCX: 0000000000000000 [ 152.973013] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 152.973680] RBP: ffff8880170ffbd0 R08: ffffed10023bb433 R09: ffffed10023bb433 [ 152.974229] R10: ffff888011dda193 R11: ffffed10023bb432 R12: ffff888013da4400 [ 152.974808] R13: ffff888011dda1e8 R14: ffffffff8352e670 R15: ffff8880170ffe68 [ 152.975443] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 152.976120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.976565] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 152.977168] PKRU: 55555554 [ 152.977449] Call Trace: [ 152.977653] [ 152.977831] __iommufd_access_detach+0x1c2/0x2b0 [ 152.978217] iommufd_access_change_pt+0x149/0x270 [ 152.978625] iommufd_access_replace+0xb4/0x120 [ 152.979004] iommufd_test+0x3e5/0x37e0 [ 152.979385] ? lock_release+0x532/0x770 [ 152.979762] ? __might_fault+0x102/0x1b0 [ 152.980093] ? lock_acquire+0x427/0x4c0 [ 152.980415] ? __pfx_iommufd_test+0x10/0x10 [ 152.980748] ? __pfx_lock_release+0x10/0x10 [ 152.981131] ? __pfx_lock_acquire+0x10/0x10 [ 152.981520] ? write_comp_data+0x2f/0x90 [ 152.981849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 152.982233] ? write_comp_data+0x2f/0x90 [ 152.982582] iommufd_fops_ioctl+0x37d/0x510 [ 152.982923] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.983368] ? write_comp_data+0x2f/0x90 [ 152.983739] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 152.984116] __x64_sys_ioctl+0x1a3/0x230 [ 152.984457] do_syscall_64+0x3b/0x90 [ 152.984761] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 152.985234] RIP: 0033:0x7f4b8743ee5d [ 152.985574] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 152.987083] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 152.987684] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 152.988233] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 152.988785] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 152.989485] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 152.990052] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 152.990661] [ 152.990929] irq event stamp: 0 [ 152.991258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 152.991773] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 152.992455] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 152.993222] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 152.993800] ---[ end trace 0000000000000000 ]--- [ 152.996992] ------------[ cut here ]------------ [ 152.997446] WARNING: CPU: 1 PID: 1436 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 152.998362] Modules linked in: [ 152.998653] CPU: 1 PID: 1436 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 152.999380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.000439] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.000853] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.002478] RSP: 0018:ffff8880170ffbd0 EFLAGS: 00010246 [ 153.002962] RAX: 0000000000000000 RBX: ffff888011dda0a8 RCX: 0000000000000000 [ 153.003593] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 153.004278] RBP: ffff8880170ffbe8 R08: ffffed10023bb433 R09: ffffed10023bb433 [ 153.004856] R10: ffff888011dda193 R11: ffffed10023bb432 R12: ffff88801883d400 [ 153.005450] R13: ffff888011dda1e8 R14: ffff8880123ed000 R15: 0000000000000000 [ 153.006196] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.006919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.007448] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 153.008199] PKRU: 55555554 [ 153.008442] Call Trace: [ 153.008664] [ 153.008867] iommufd_access_destroy_object+0x65/0x170 [ 153.009331] iommufd_object_destroy_user+0x18e/0x220 [ 153.009781] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.010443] iommufd_access_destroy+0x43/0x70 [ 153.010882] iommufd_test_staccess_release+0x8d/0xd0 [ 153.011348] __fput+0x26d/0xa40 [ 153.011652] ____fput+0x1e/0x30 [ 153.011949] task_work_run+0x1a4/0x2d0 [ 153.012339] ? __pfx_task_work_run+0x10/0x10 [ 153.012828] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.013265] ? switch_task_namespaces+0xa9/0xe0 [ 153.013695] do_exit+0xb17/0x2ef0 [ 153.014016] ? lock_acquire+0x427/0x4c0 [ 153.014454] ? __pfx_lock_release+0x10/0x10 [ 153.014934] ? __kasan_check_write+0x18/0x20 [ 153.015341] ? do_raw_spin_lock+0x132/0x2a0 [ 153.015725] ? __pfx_do_exit+0x10/0x10 [ 153.016075] ? debug_smp_processor_id+0x20/0x30 [ 153.016483] ? rcu_is_watching+0x19/0xb0 [ 153.016913] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.017382] ? trace_hardirqs_on+0x26/0x120 [ 153.017780] do_group_exit+0xe0/0x2b0 [ 153.018124] __x64_sys_exit_group+0x47/0x50 [ 153.018497] do_syscall_64+0x3b/0x90 [ 153.018865] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.019510] RIP: 0033:0x7f4b87518a4d [ 153.019907] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.020478] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.021234] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.021895] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.022570] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.023265] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.023916] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.024668] [ 153.024882] irq event stamp: 0 [ 153.025173] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.025746] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.026500] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.027447] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.028345] ---[ end trace 0000000000000000 ]--- [ 153.029766] ------------[ cut here ]------------ [ 153.030368] WARNING: CPU: 1 PID: 1436 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.032089] Modules linked in: [ 153.032392] CPU: 1 PID: 1436 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.033194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.034360] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.034855] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.036697] RSP: 0018:ffff8880170ffb78 EFLAGS: 00010246 [ 153.037203] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.037957] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 153.038690] RBP: ffff8880170ffb98 R08: ffffed10023bb43e R09: ffffed10023bb43e [ 153.039369] R10: ffff888011dda1ef R11: ffffed10023bb43d R12: ffff888011dda290 [ 153.040081] R13: ffff888011dda0a8 R14: ffffffffffffffff R15: ffff8880170ffc60 [ 153.040831] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.041595] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.042144] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 153.042977] PKRU: 55555554 [ 153.043266] Call Trace: [ 153.043512] [ 153.043732] iommufd_ioas_destroy+0x53/0x70 [ 153.044161] iommufd_fops_release+0x1f7/0x370 [ 153.044606] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.045211] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.045687] ? write_comp_data+0x2f/0x90 [ 153.046083] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.046582] __fput+0x26d/0xa40 [ 153.046976] ____fput+0x1e/0x30 [ 153.047387] task_work_run+0x1a4/0x2d0 [ 153.047778] ? __pfx_task_work_run+0x10/0x10 [ 153.048205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.048682] ? switch_task_namespaces+0xa9/0xe0 [ 153.049223] do_exit+0xb17/0x2ef0 [ 153.049615] ? lock_acquire+0x427/0x4c0 [ 153.050011] ? __pfx_lock_release+0x10/0x10 [ 153.050449] ? __kasan_check_write+0x18/0x20 [ 153.050935] ? do_raw_spin_lock+0x132/0x2a0 [ 153.051448] ? __pfx_do_exit+0x10/0x10 [ 153.051980] ? debug_smp_processor_id+0x20/0x30 [ 153.052473] ? rcu_is_watching+0x19/0xb0 [ 153.052903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.053395] ? trace_hardirqs_on+0x26/0x120 [ 153.053970] do_group_exit+0xe0/0x2b0 [ 153.054425] __x64_sys_exit_group+0x47/0x50 [ 153.054894] do_syscall_64+0x3b/0x90 [ 153.055308] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.055858] RIP: 0033:0x7f4b87518a4d [ 153.056331] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.057049] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.057834] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.058668] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.059482] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.060208] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.061047] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.061845] [ 153.062094] irq event stamp: 0 [ 153.062424] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.063127] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.064144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.065041] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.065822] ---[ end trace 0000000000000000 ]--- [ 153.074217] ------------[ cut here ]------------ [ 153.074990] WARNING: CPU: 1 PID: 1437 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.076505] Modules linked in: [ 153.076840] CPU: 1 PID: 1437 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.077720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.079230] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.079751] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.081755] RSP: 0018:ffff8880188b7bb8 EFLAGS: 00010246 [ 153.082303] RAX: 0000000000000000 RBX: ffff8880160670a8 RCX: 0000000000000000 [ 153.083078] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 153.083948] RBP: ffff8880188b7bd0 R08: ffffed1002c0ce33 R09: ffffed1002c0ce33 [ 153.084688] R10: ffff888016067193 R11: ffffed1002c0ce32 R12: ffff88801890d000 [ 153.085495] R13: ffff8880160671e8 R14: ffffffff8352e670 R15: ffff8880188b7e68 [ 153.086359] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.087236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.087950] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 153.088779] PKRU: 55555554 [ 153.089090] Call Trace: [ 153.089365] [ 153.089607] __iommufd_access_detach+0x1c2/0x2b0 [ 153.090162] iommufd_access_change_pt+0x149/0x270 [ 153.090845] iommufd_access_replace+0xb4/0x120 [ 153.091360] iommufd_test+0x3e5/0x37e0 [ 153.091784] ? lock_release+0x532/0x770 [ 153.092228] ? __might_fault+0x102/0x1b0 [ 153.092715] ? lock_acquire+0x427/0x4c0 [ 153.093240] ? __pfx_iommufd_test+0x10/0x10 [ 153.093703] ? __pfx_lock_release+0x10/0x10 [ 153.094174] ? __pfx_lock_acquire+0x10/0x10 [ 153.094672] ? write_comp_data+0x2f/0x90 [ 153.095242] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.095838] ? write_comp_data+0x2f/0x90 [ 153.096286] iommufd_fops_ioctl+0x37d/0x510 [ 153.096764] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.097307] ? write_comp_data+0x2f/0x90 [ 153.097960] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.098561] __x64_sys_ioctl+0x1a3/0x230 [ 153.099005] do_syscall_64+0x3b/0x90 [ 153.099437] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.100029] RIP: 0033:0x7f4b8743ee5d [ 153.100592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.102589] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.103484] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.104227] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.105069] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.105878] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.106656] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.107525] [ 153.107846] irq event stamp: 0 [ 153.108181] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.108844] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.109770] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.110765] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.111465] ---[ end trace 0000000000000000 ]--- [ 153.116780] ------------[ cut here ]------------ [ 153.117334] WARNING: CPU: 1 PID: 1437 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.118395] Modules linked in: [ 153.118779] CPU: 1 PID: 1437 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.119906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.121083] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.121735] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.123765] RSP: 0018:ffff8880188b7bd0 EFLAGS: 00010246 [ 153.124537] RAX: 0000000000000000 RBX: ffff8880160670a8 RCX: 0000000000000000 [ 153.125286] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 153.126041] RBP: ffff8880188b7be8 R08: ffffed1002c0ce33 R09: ffffed1002c0ce33 [ 153.126820] R10: ffff888016067193 R11: ffffed1002c0ce32 R12: ffff888013da4000 [ 153.127580] R13: ffff8880160671e8 R14: ffff888020980b00 R15: 0000000000000000 [ 153.128325] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.129171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.129771] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 153.130538] PKRU: 55555554 [ 153.130844] Call Trace: [ 153.131125] [ 153.131379] iommufd_access_destroy_object+0x65/0x170 [ 153.131938] iommufd_object_destroy_user+0x18e/0x220 [ 153.132508] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.133140] iommufd_access_destroy+0x43/0x70 [ 153.133629] iommufd_test_staccess_release+0x8d/0xd0 [ 153.134177] __fput+0x26d/0xa40 [ 153.134570] ____fput+0x1e/0x30 [ 153.134932] task_work_run+0x1a4/0x2d0 [ 153.135367] ? __pfx_task_work_run+0x10/0x10 [ 153.135844] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.136362] ? switch_task_namespaces+0xa9/0xe0 [ 153.136856] do_exit+0xb17/0x2ef0 [ 153.137215] ? lock_acquire+0x427/0x4c0 [ 153.137647] ? __pfx_lock_release+0x10/0x10 [ 153.138115] ? __kasan_check_write+0x18/0x20 [ 153.138614] ? do_raw_spin_lock+0x132/0x2a0 [ 153.139076] ? __pfx_do_exit+0x10/0x10 [ 153.139498] ? debug_smp_processor_id+0x20/0x30 [ 153.140003] ? rcu_is_watching+0x19/0xb0 [ 153.140436] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.140915] ? trace_hardirqs_on+0x26/0x120 [ 153.141380] do_group_exit+0xe0/0x2b0 [ 153.141778] __x64_sys_exit_group+0x47/0x50 [ 153.142227] do_syscall_64+0x3b/0x90 [ 153.142660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.143236] RIP: 0033:0x7f4b87518a4d [ 153.143629] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.144266] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.145061] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.145814] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.146581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.147352] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.148093] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.148842] [ 153.149095] irq event stamp: 0 [ 153.149429] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.150094] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.151005] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.151889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.152551] ---[ end trace 0000000000000000 ]--- [ 153.153443] ------------[ cut here ]------------ [ 153.153945] WARNING: CPU: 1 PID: 1437 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.155085] Modules linked in: [ 153.155451] CPU: 1 PID: 1437 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.156381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.157564] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.158112] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.160316] RSP: 0018:ffff8880188b7b78 EFLAGS: 00010246 [ 153.160886] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.161633] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 153.162384] RBP: ffff8880188b7b98 R08: ffffed1002c0ce3e R09: ffffed1002c0ce3e [ 153.163186] R10: ffff8880160671ef R11: ffffed1002c0ce3d R12: ffff888016067290 [ 153.163942] R13: ffff8880160670a8 R14: ffffffffffffffff R15: ffff8880188b7c60 [ 153.164677] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.165509] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.166116] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 153.166902] PKRU: 55555554 [ 153.167224] Call Trace: [ 153.167501] [ 153.167743] iommufd_ioas_destroy+0x53/0x70 [ 153.168212] iommufd_fops_release+0x1f7/0x370 [ 153.168694] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.169219] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.169740] ? write_comp_data+0x2f/0x90 [ 153.170180] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.170744] __fput+0x26d/0xa40 [ 153.171127] ____fput+0x1e/0x30 [ 153.171488] task_work_run+0x1a4/0x2d0 [ 153.171916] ? __pfx_task_work_run+0x10/0x10 [ 153.172384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.172896] ? switch_task_namespaces+0xa9/0xe0 [ 153.173405] do_exit+0xb17/0x2ef0 [ 153.173779] ? lock_acquire+0x427/0x4c0 [ 153.174205] ? __pfx_lock_release+0x10/0x10 [ 153.174696] ? __kasan_check_write+0x18/0x20 [ 153.175184] ? do_raw_spin_lock+0x132/0x2a0 [ 153.175648] ? __pfx_do_exit+0x10/0x10 [ 153.176081] ? debug_smp_processor_id+0x20/0x30 [ 153.176583] ? rcu_is_watching+0x19/0xb0 [ 153.177008] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.177490] ? trace_hardirqs_on+0x26/0x120 [ 153.177960] do_group_exit+0xe0/0x2b0 [ 153.178363] __x64_sys_exit_group+0x47/0x50 [ 153.178859] do_syscall_64+0x3b/0x90 [ 153.179284] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.179846] RIP: 0033:0x7f4b87518a4d [ 153.180243] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.180894] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.181680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.182425] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.183216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.183960] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.184703] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.185459] [ 153.185706] irq event stamp: 0 [ 153.186031] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.186720] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.187610] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.188485] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.189170] ---[ end trace 0000000000000000 ]--- [ 153.195888] ------------[ cut here ]------------ [ 153.196478] WARNING: CPU: 0 PID: 1438 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.197566] Modules linked in: [ 153.197908] CPU: 0 PID: 1438 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.199052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.200293] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.200838] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.202844] RSP: 0018:ffff8880170ffbb8 EFLAGS: 00010246 [ 153.203453] RAX: 0000000000000000 RBX: ffff888017a440a8 RCX: 0000000000000000 [ 153.204228] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 153.205002] RBP: ffff8880170ffbd0 R08: ffffed1002f48833 R09: ffffed1002f48833 [ 153.205774] R10: ffff888017a44193 R11: ffffed1002f48832 R12: ffff888010e00c00 [ 153.206582] R13: ffff888017a441e8 R14: ffffffff8352e670 R15: ffff8880170ffe68 [ 153.207371] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.208235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.208854] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 153.209622] PKRU: 55555554 [ 153.209928] Call Trace: [ 153.210210] [ 153.210461] __iommufd_access_detach+0x1c2/0x2b0 [ 153.211040] iommufd_access_change_pt+0x149/0x270 [ 153.211604] iommufd_access_replace+0xb4/0x120 [ 153.212138] iommufd_test+0x3e5/0x37e0 [ 153.212578] ? lock_release+0x532/0x770 [ 153.213071] ? __might_fault+0x102/0x1b0 [ 153.213870] ? lock_acquire+0x427/0x4c0 [ 153.214295] ? __pfx_iommufd_test+0x10/0x10 [ 153.214781] ? __pfx_lock_release+0x10/0x10 [ 153.215250] ? __pfx_lock_acquire+0x10/0x10 [ 153.215738] ? write_comp_data+0x2f/0x90 [ 153.216359] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.216863] ? write_comp_data+0x2f/0x90 [ 153.217287] iommufd_fops_ioctl+0x37d/0x510 [ 153.217735] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.218248] ? write_comp_data+0x2f/0x90 [ 153.218961] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.219472] __x64_sys_ioctl+0x1a3/0x230 [ 153.219904] do_syscall_64+0x3b/0x90 [ 153.220296] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.220832] RIP: 0033:0x7f4b8743ee5d [ 153.221341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.223404] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.224430] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.225159] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.225883] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.226903] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.227637] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.228371] [ 153.228660] irq event stamp: 0 [ 153.229165] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.229809] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.230703] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.231799] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.232449] ---[ end trace 0000000000000000 ]--- [ 153.235971] ------------[ cut here ]------------ [ 153.236468] WARNING: CPU: 0 PID: 1438 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.237501] Modules linked in: [ 153.238080] CPU: 0 PID: 1438 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.239036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.240202] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.240944] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.243068] RSP: 0018:ffff8880170ffbd0 EFLAGS: 00010246 [ 153.243635] RAX: 0000000000000000 RBX: ffff888017a440a8 RCX: 0000000000000000 [ 153.244362] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 153.245210] RBP: ffff8880170ffbe8 R08: ffffed1002f48833 R09: ffffed1002f48833 [ 153.246109] R10: ffff888017a44193 R11: ffffed1002f48832 R12: ffff888010824800 [ 153.246878] R13: ffff888017a441e8 R14: ffff888012de2d00 R15: 0000000000000000 [ 153.247688] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.248698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.249292] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 153.250256] PKRU: 55555554 [ 153.250606] Call Trace: [ 153.250873] [ 153.251109] iommufd_access_destroy_object+0x65/0x170 [ 153.251669] iommufd_object_destroy_user+0x18e/0x220 [ 153.252197] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.253074] iommufd_access_destroy+0x43/0x70 [ 153.253557] iommufd_test_staccess_release+0x8d/0xd0 [ 153.254090] __fput+0x26d/0xa40 [ 153.254458] ____fput+0x1e/0x30 [ 153.254903] task_work_run+0x1a4/0x2d0 [ 153.255463] ? __pfx_task_work_run+0x10/0x10 [ 153.255933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.256450] ? switch_task_namespaces+0xa9/0xe0 [ 153.256957] do_exit+0xb17/0x2ef0 [ 153.257322] ? lock_acquire+0x427/0x4c0 [ 153.257985] ? __pfx_lock_release+0x10/0x10 [ 153.258461] ? __kasan_check_write+0x18/0x20 [ 153.258957] ? do_raw_spin_lock+0x132/0x2a0 [ 153.259436] ? __pfx_do_exit+0x10/0x10 [ 153.259867] ? debug_smp_processor_id+0x20/0x30 [ 153.260481] ? rcu_is_watching+0x19/0xb0 [ 153.261008] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.261494] ? trace_hardirqs_on+0x26/0x120 [ 153.261951] do_group_exit+0xe0/0x2b0 [ 153.262383] __x64_sys_exit_group+0x47/0x50 [ 153.263045] do_syscall_64+0x3b/0x90 [ 153.263480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.264034] RIP: 0033:0x7f4b87518a4d [ 153.264426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.265071] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.265860] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.266638] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.267387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.268120] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.268852] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.269593] [ 153.269835] irq event stamp: 0 [ 153.270163] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.270858] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.271745] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.272602] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.273254] ---[ end trace 0000000000000000 ]--- [ 153.274343] ------------[ cut here ]------------ [ 153.274898] WARNING: CPU: 0 PID: 1438 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.275991] Modules linked in: [ 153.276336] CPU: 0 PID: 1438 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.277578] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.278827] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.279382] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.281411] RSP: 0018:ffff8880170ffb78 EFLAGS: 00010246 [ 153.282045] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.282810] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 153.283560] RBP: ffff8880170ffb98 R08: ffffed1002f4883e R09: ffffed1002f4883e [ 153.284301] R10: ffff888017a441ef R11: ffffed1002f4883d R12: ffff888017a44290 [ 153.285032] R13: ffff888017a440a8 R14: ffffffffffffffff R15: ffff8880170ffc60 [ 153.285765] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.286627] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.287250] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 153.288000] PKRU: 55555554 [ 153.288303] Call Trace: [ 153.288571] [ 153.288811] iommufd_ioas_destroy+0x53/0x70 [ 153.289269] iommufd_fops_release+0x1f7/0x370 [ 153.289745] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.290265] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.290829] ? write_comp_data+0x2f/0x90 [ 153.291294] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.291828] __fput+0x26d/0xa40 [ 153.292193] ____fput+0x1e/0x30 [ 153.292553] task_work_run+0x1a4/0x2d0 [ 153.292974] ? __pfx_task_work_run+0x10/0x10 [ 153.293441] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.293954] ? switch_task_namespaces+0xa9/0xe0 [ 153.294467] do_exit+0xb17/0x2ef0 [ 153.294877] ? lock_acquire+0x427/0x4c0 [ 153.295335] ? __pfx_lock_release+0x10/0x10 [ 153.295797] ? __kasan_check_write+0x18/0x20 [ 153.296265] ? do_raw_spin_lock+0x132/0x2a0 [ 153.296717] ? __pfx_do_exit+0x10/0x10 [ 153.297133] ? debug_smp_processor_id+0x20/0x30 [ 153.297621] ? rcu_is_watching+0x19/0xb0 [ 153.298049] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.298558] ? trace_hardirqs_on+0x26/0x120 [ 153.299026] do_group_exit+0xe0/0x2b0 [ 153.299442] __x64_sys_exit_group+0x47/0x50 [ 153.299903] do_syscall_64+0x3b/0x90 [ 153.300303] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.300856] RIP: 0033:0x7f4b87518a4d [ 153.301246] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.301885] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.302720] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.303478] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.304225] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.304964] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.305727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.306482] [ 153.306782] irq event stamp: 0 [ 153.307135] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.308220] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.309397] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.310644] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.311550] ---[ end trace 0000000000000000 ]--- [ 153.319578] ------------[ cut here ]------------ [ 153.320270] WARNING: CPU: 0 PID: 1439 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.321626] Modules linked in: [ 153.322074] CPU: 0 PID: 1439 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.323375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.324887] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.325581] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.328094] RSP: 0018:ffff88801029fbb8 EFLAGS: 00010246 [ 153.328838] RAX: 0000000000000000 RBX: ffff88801609b8a8 RCX: 0000000000000000 [ 153.329790] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 153.330806] RBP: ffff88801029fbd0 R08: ffffed1002c13733 R09: ffffed1002c13733 [ 153.331948] R10: ffff88801609b993 R11: ffffed1002c13732 R12: ffff88800a727c00 [ 153.332719] R13: ffff88801609b9e8 R14: ffffffff8352e670 R15: ffff88801029fe68 [ 153.333497] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.334356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.335032] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 153.335820] PKRU: 55555554 [ 153.336128] Call Trace: [ 153.336406] [ 153.336650] __iommufd_access_detach+0x1c2/0x2b0 [ 153.337174] iommufd_access_change_pt+0x149/0x270 [ 153.337698] iommufd_access_replace+0xb4/0x120 [ 153.338193] iommufd_test+0x3e5/0x37e0 [ 153.338654] ? lock_release+0x532/0x770 [ 153.339092] ? __might_fault+0x102/0x1b0 [ 153.339553] ? lock_acquire+0x427/0x4c0 [ 153.339994] ? __pfx_iommufd_test+0x10/0x10 [ 153.340464] ? __pfx_lock_release+0x10/0x10 [ 153.341020] ? __pfx_lock_acquire+0x10/0x10 [ 153.341494] ? write_comp_data+0x2f/0x90 [ 153.341939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.342466] ? write_comp_data+0x2f/0x90 [ 153.342954] iommufd_fops_ioctl+0x37d/0x510 [ 153.343433] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.343956] ? write_comp_data+0x2f/0x90 [ 153.344403] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.344921] __x64_sys_ioctl+0x1a3/0x230 [ 153.345374] do_syscall_64+0x3b/0x90 [ 153.345786] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.346350] RIP: 0033:0x7f4b8743ee5d [ 153.346798] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.348746] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.349542] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.350287] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.351076] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.351826] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.352569] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.353329] [ 153.353578] irq event stamp: 0 [ 153.353904] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.354608] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.355525] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.356401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.357060] ---[ end trace 0000000000000000 ]--- [ 153.360373] ------------[ cut here ]------------ [ 153.360909] WARNING: CPU: 0 PID: 1439 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.361960] Modules linked in: [ 153.362297] CPU: 0 PID: 1439 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.363253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.364427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.364947] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.366901] RSP: 0018:ffff88801029fbd0 EFLAGS: 00010246 [ 153.367471] RAX: 0000000000000000 RBX: ffff88801609b8a8 RCX: 0000000000000000 [ 153.368209] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 153.368925] RBP: ffff88801029fbe8 R08: ffffed1002c13733 R09: ffffed1002c13733 [ 153.369604] R10: ffff88801609b993 R11: ffffed1002c13732 R12: ffff888010e01800 [ 153.370287] R13: ffff88801609b9e8 R14: ffff88800fa2de00 R15: 0000000000000000 [ 153.371014] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.371804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.372359] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 153.373099] PKRU: 55555554 [ 153.373370] Call Trace: [ 153.373613] [ 153.373832] iommufd_access_destroy_object+0x65/0x170 [ 153.374333] iommufd_object_destroy_user+0x18e/0x220 [ 153.374856] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.375457] iommufd_access_destroy+0x43/0x70 [ 153.375900] iommufd_test_staccess_release+0x8d/0xd0 [ 153.376397] __fput+0x26d/0xa40 [ 153.376741] ____fput+0x1e/0x30 [ 153.377072] task_work_run+0x1a4/0x2d0 [ 153.377454] ? __pfx_task_work_run+0x10/0x10 [ 153.377884] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.378356] ? switch_task_namespaces+0xa9/0xe0 [ 153.378856] do_exit+0xb17/0x2ef0 [ 153.379203] ? lock_acquire+0x427/0x4c0 [ 153.379592] ? __pfx_lock_release+0x10/0x10 [ 153.380013] ? __kasan_check_write+0x18/0x20 [ 153.380437] ? do_raw_spin_lock+0x132/0x2a0 [ 153.380848] ? __pfx_do_exit+0x10/0x10 [ 153.381229] ? debug_smp_processor_id+0x20/0x30 [ 153.381679] ? rcu_is_watching+0x19/0xb0 [ 153.382071] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.382549] ? trace_hardirqs_on+0x26/0x120 [ 153.382969] do_group_exit+0xe0/0x2b0 [ 153.383348] __x64_sys_exit_group+0x47/0x50 [ 153.383766] do_syscall_64+0x3b/0x90 [ 153.384138] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.384643] RIP: 0033:0x7f4b87518a4d [ 153.384992] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.385558] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.386255] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.386940] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.387623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.388278] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.388934] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.389592] [ 153.389807] irq event stamp: 0 [ 153.390101] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.390704] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.391489] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.392269] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.392834] ---[ end trace 0000000000000000 ]--- [ 153.393602] ------------[ cut here ]------------ [ 153.394011] WARNING: CPU: 0 PID: 1439 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.394923] Modules linked in: [ 153.395219] CPU: 0 PID: 1439 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.395974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.396947] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.397395] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.398996] RSP: 0018:ffff88801029fb78 EFLAGS: 00010246 [ 153.399485] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.400095] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 153.400712] RBP: ffff88801029fb98 R08: ffffed1002c1373e R09: ffffed1002c1373e [ 153.401326] R10: ffff88801609b9ef R11: ffffed1002c1373d R12: ffff88801609ba90 [ 153.401943] R13: ffff88801609b8a8 R14: ffffffffffffffff R15: ffff88801029fc60 [ 153.402578] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.403288] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.403788] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 153.404412] PKRU: 55555554 [ 153.404657] Call Trace: [ 153.404881] [ 153.405133] iommufd_ioas_destroy+0x53/0x70 [ 153.405514] iommufd_fops_release+0x1f7/0x370 [ 153.405909] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.406348] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.406814] ? write_comp_data+0x2f/0x90 [ 153.407191] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.407631] __fput+0x26d/0xa40 [ 153.407933] ____fput+0x1e/0x30 [ 153.408227] task_work_run+0x1a4/0x2d0 [ 153.408576] ? __pfx_task_work_run+0x10/0x10 [ 153.408970] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.409399] ? switch_task_namespaces+0xa9/0xe0 [ 153.409816] do_exit+0xb17/0x2ef0 [ 153.410124] ? lock_acquire+0x427/0x4c0 [ 153.410482] ? __pfx_lock_release+0x10/0x10 [ 153.410896] ? __kasan_check_write+0x18/0x20 [ 153.411295] ? do_raw_spin_lock+0x132/0x2a0 [ 153.411671] ? __pfx_do_exit+0x10/0x10 [ 153.412018] ? debug_smp_processor_id+0x20/0x30 [ 153.412430] ? rcu_is_watching+0x19/0xb0 [ 153.412785] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.413184] ? trace_hardirqs_on+0x26/0x120 [ 153.413573] do_group_exit+0xe0/0x2b0 [ 153.413909] __x64_sys_exit_group+0x47/0x50 [ 153.414279] do_syscall_64+0x3b/0x90 [ 153.414642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.415098] RIP: 0033:0x7f4b87518a4d [ 153.415429] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.415963] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.416621] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.417235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.417847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.418460] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.419097] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.419743] [ 153.419949] irq event stamp: 0 [ 153.420225] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.420770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.421493] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.422214] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.422777] ---[ end trace 0000000000000000 ]--- [ 153.427001] ------------[ cut here ]------------ [ 153.427439] WARNING: CPU: 0 PID: 1440 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.428261] Modules linked in: [ 153.428523] CPU: 0 PID: 1440 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.429231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.430141] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.430601] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.432096] RSP: 0018:ffff88800f22fbb8 EFLAGS: 00010246 [ 153.432535] RAX: 0000000000000000 RBX: ffff8880173530a8 RCX: 0000000000000000 [ 153.433108] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 153.433684] RBP: ffff88800f22fbd0 R08: ffffed1002e6a633 R09: ffffed1002e6a633 [ 153.434348] R10: ffff888017353193 R11: ffffed1002e6a632 R12: ffff8880138b1400 [ 153.434951] R13: ffff8880173531e8 R14: ffffffff8352e670 R15: ffff88800f22fe68 [ 153.435545] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.436204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.436676] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 153.437288] PKRU: 55555554 [ 153.437523] Call Trace: [ 153.437745] [ 153.437935] __iommufd_access_detach+0x1c2/0x2b0 [ 153.438340] iommufd_access_change_pt+0x149/0x270 [ 153.438775] iommufd_access_replace+0xb4/0x120 [ 153.439174] iommufd_test+0x3e5/0x37e0 [ 153.439501] ? lock_release+0x532/0x770 [ 153.439841] ? __might_fault+0x102/0x1b0 [ 153.440183] ? lock_acquire+0x427/0x4c0 [ 153.440520] ? __pfx_iommufd_test+0x10/0x10 [ 153.440874] ? __pfx_lock_release+0x10/0x10 [ 153.441237] ? __pfx_lock_acquire+0x10/0x10 [ 153.441599] ? write_comp_data+0x2f/0x90 [ 153.441943] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.442354] ? write_comp_data+0x2f/0x90 [ 153.442720] iommufd_fops_ioctl+0x37d/0x510 [ 153.443083] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.443496] ? write_comp_data+0x2f/0x90 [ 153.443839] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.444244] __x64_sys_ioctl+0x1a3/0x230 [ 153.444592] do_syscall_64+0x3b/0x90 [ 153.444911] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.445342] RIP: 0033:0x7f4b8743ee5d [ 153.445655] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.447179] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.447807] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.448386] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.448969] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.449552] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.450129] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.450734] [ 153.450931] irq event stamp: 0 [ 153.451200] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.451712] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.452389] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.453063] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.453574] ---[ end trace 0000000000000000 ]--- [ 153.456388] ------------[ cut here ]------------ [ 153.456807] WARNING: CPU: 0 PID: 1440 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.457643] Modules linked in: [ 153.457909] CPU: 0 PID: 1440 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.458840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.459770] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.460177] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.461661] RSP: 0018:ffff88800f22fbd0 EFLAGS: 00010246 [ 153.462098] RAX: 0000000000000000 RBX: ffff8880173530a8 RCX: 0000000000000000 [ 153.462698] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 153.463293] RBP: ffff88800f22fbe8 R08: ffffed1002e6a633 R09: ffffed1002e6a633 [ 153.463871] R10: ffff888017353193 R11: ffffed1002e6a632 R12: ffff88800a726800 [ 153.464449] R13: ffff8880173531e8 R14: ffff88801005e600 R15: 0000000000000000 [ 153.465029] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.465682] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.466158] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 153.466756] PKRU: 55555554 [ 153.466991] Call Trace: [ 153.467216] [ 153.467403] iommufd_access_destroy_object+0x65/0x170 [ 153.467838] iommufd_object_destroy_user+0x18e/0x220 [ 153.468265] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.469039] iommufd_access_destroy+0x43/0x70 [ 153.469737] iommufd_test_staccess_release+0x8d/0xd0 [ 153.470336] __fput+0x26d/0xa40 [ 153.470860] ____fput+0x1e/0x30 [ 153.471433] task_work_run+0x1a4/0x2d0 [ 153.471904] ? __pfx_task_work_run+0x10/0x10 [ 153.472422] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.473181] ? switch_task_namespaces+0xa9/0xe0 [ 153.473741] do_exit+0xb17/0x2ef0 [ 153.474142] ? lock_acquire+0x427/0x4c0 [ 153.474696] ? __pfx_lock_release+0x10/0x10 [ 153.475307] ? __kasan_check_write+0x18/0x20 [ 153.475819] ? do_raw_spin_lock+0x132/0x2a0 [ 153.476316] ? __pfx_do_exit+0x10/0x10 [ 153.476806] ? debug_smp_processor_id+0x20/0x30 [ 153.477487] ? rcu_is_watching+0x19/0xb0 [ 153.477960] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.478547] ? trace_hardirqs_on+0x26/0x120 [ 153.479185] do_group_exit+0xe0/0x2b0 [ 153.479635] __x64_sys_exit_group+0x47/0x50 [ 153.480127] do_syscall_64+0x3b/0x90 [ 153.480568] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.481346] RIP: 0033:0x7f4b87518a4d [ 153.481783] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.482476] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.483552] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.484357] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.485342] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.486147] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.487186] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.488011] [ 153.488285] irq event stamp: 0 [ 153.488673] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.489516] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.490506] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.491654] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.492433] ---[ end trace 0000000000000000 ]--- [ 153.494237] ------------[ cut here ]------------ [ 153.494989] WARNING: CPU: 0 PID: 1440 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.496233] Modules linked in: [ 153.496749] CPU: 0 PID: 1440 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.497748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.499254] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.500038] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.502268] RSP: 0018:ffff88800f22fb78 EFLAGS: 00010246 [ 153.502913] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.503907] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 153.504718] RBP: ffff88800f22fb98 R08: ffffed1002e6a63e R09: ffffed1002e6a63e [ 153.505693] R10: ffff8880173531ef R11: ffffed1002e6a63d R12: ffff888017353290 [ 153.506539] R13: ffff8880173530a8 R14: ffffffffffffffff R15: ffff88800f22fc60 [ 153.507552] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.508444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.509091] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 153.509919] PKRU: 55555554 [ 153.510408] Call Trace: [ 153.510749] [ 153.511019] iommufd_ioas_destroy+0x53/0x70 [ 153.511600] iommufd_fops_release+0x1f7/0x370 [ 153.511986] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.512393] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.512796] ? write_comp_data+0x2f/0x90 [ 153.513523] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.514116] __fput+0x26d/0xa40 [ 153.514555] ____fput+0x1e/0x30 [ 153.514953] task_work_run+0x1a4/0x2d0 [ 153.515424] ? __pfx_task_work_run+0x10/0x10 [ 153.515954] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.516733] ? switch_task_namespaces+0xa9/0xe0 [ 153.517289] do_exit+0xb17/0x2ef0 [ 153.517691] ? lock_acquire+0x427/0x4c0 [ 153.518121] ? __pfx_lock_release+0x10/0x10 [ 153.518500] ? __kasan_check_write+0x18/0x20 [ 153.518912] ? do_raw_spin_lock+0x132/0x2a0 [ 153.519366] ? __pfx_do_exit+0x10/0x10 [ 153.519808] ? debug_smp_processor_id+0x20/0x30 [ 153.520191] ? rcu_is_watching+0x19/0xb0 [ 153.520577] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.520961] ? trace_hardirqs_on+0x26/0x120 [ 153.521325] do_group_exit+0xe0/0x2b0 [ 153.521676] __x64_sys_exit_group+0x47/0x50 [ 153.522078] do_syscall_64+0x3b/0x90 [ 153.522496] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.522984] RIP: 0033:0x7f4b87518a4d [ 153.523293] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.523835] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.524456] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.525149] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.525870] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.526458] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.527087] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.527697] [ 153.527970] irq event stamp: 0 [ 153.528360] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.528876] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.529590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.530469] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.531012] ---[ end trace 0000000000000000 ]--- [ 153.538234] ------------[ cut here ]------------ [ 153.538869] WARNING: CPU: 0 PID: 1441 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.539938] Modules linked in: [ 153.540221] CPU: 0 PID: 1441 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.540975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.542007] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.542436] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.544156] RSP: 0018:ffff8880137c7bb8 EFLAGS: 00010246 [ 153.544781] RAX: 0000000000000000 RBX: ffff888020ae98a8 RCX: 0000000000000000 [ 153.545381] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 153.545979] RBP: ffff8880137c7bd0 R08: ffffed100415d333 R09: ffffed100415d333 [ 153.546768] R10: ffff888020ae9993 R11: ffffed100415d332 R12: ffff888013b22400 [ 153.547379] R13: ffff888020ae99e8 R14: ffffffff8352e670 R15: ffff8880137c7e68 [ 153.548044] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.548835] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.549300] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 153.550054] PKRU: 55555554 [ 153.550284] Call Trace: [ 153.550500] [ 153.550723] __iommufd_access_detach+0x1c2/0x2b0 [ 153.551165] iommufd_access_change_pt+0x149/0x270 [ 153.551570] iommufd_access_replace+0xb4/0x120 [ 153.551985] iommufd_test+0x3e5/0x37e0 [ 153.552316] ? lock_release+0x532/0x770 [ 153.552652] ? __might_fault+0x102/0x1b0 [ 153.553007] ? lock_acquire+0x427/0x4c0 [ 153.553350] ? __pfx_iommufd_test+0x10/0x10 [ 153.553702] ? __pfx_lock_release+0x10/0x10 [ 153.554083] ? __pfx_lock_acquire+0x10/0x10 [ 153.554458] ? write_comp_data+0x2f/0x90 [ 153.554862] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.555314] ? write_comp_data+0x2f/0x90 [ 153.555653] iommufd_fops_ioctl+0x37d/0x510 [ 153.556026] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.556451] ? write_comp_data+0x2f/0x90 [ 153.556786] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.557206] __x64_sys_ioctl+0x1a3/0x230 [ 153.557563] do_syscall_64+0x3b/0x90 [ 153.557876] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.558333] RIP: 0033:0x7f4b8743ee5d [ 153.558668] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.560726] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.561594] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.562396] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.563291] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.564097] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.564900] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.565714] [ 153.565986] irq event stamp: 0 [ 153.566356] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.567144] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.568109] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.569050] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.569786] ---[ end trace 0000000000000000 ]--- [ 153.574334] ------------[ cut here ]------------ [ 153.574945] WARNING: CPU: 0 PID: 1441 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.575967] Modules linked in: [ 153.576235] CPU: 0 PID: 1441 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.576937] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.577837] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.578241] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.579748] RSP: 0018:ffff8880137c7bd0 EFLAGS: 00010246 [ 153.580179] RAX: 0000000000000000 RBX: ffff888020ae98a8 RCX: 0000000000000000 [ 153.580755] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 153.581330] RBP: ffff8880137c7be8 R08: ffffed100415d333 R09: ffffed100415d333 [ 153.581910] R10: ffff888020ae9993 R11: ffffed100415d332 R12: ffff8880138b3400 [ 153.582486] R13: ffff888020ae99e8 R14: ffff888013a7e200 R15: 0000000000000000 [ 153.583076] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.583739] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.584205] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 153.584783] PKRU: 55555554 [ 153.585016] Call Trace: [ 153.585225] [ 153.585410] iommufd_access_destroy_object+0x65/0x170 [ 153.585927] iommufd_object_destroy_user+0x18e/0x220 [ 153.586345] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.586842] iommufd_access_destroy+0x43/0x70 [ 153.587233] iommufd_test_staccess_release+0x8d/0xd0 [ 153.587664] __fput+0x26d/0xa40 [ 153.587948] ____fput+0x1e/0x30 [ 153.588228] task_work_run+0x1a4/0x2d0 [ 153.588561] ? __pfx_task_work_run+0x10/0x10 [ 153.588925] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.589330] ? switch_task_namespaces+0xa9/0xe0 [ 153.589718] do_exit+0xb17/0x2ef0 [ 153.590000] ? lock_acquire+0x427/0x4c0 [ 153.590334] ? __pfx_lock_release+0x10/0x10 [ 153.590718] ? __kasan_check_write+0x18/0x20 [ 153.591085] ? do_raw_spin_lock+0x132/0x2a0 [ 153.591446] ? __pfx_do_exit+0x10/0x10 [ 153.591777] ? debug_smp_processor_id+0x20/0x30 [ 153.592159] ? rcu_is_watching+0x19/0xb0 [ 153.592492] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.592866] ? trace_hardirqs_on+0x26/0x120 [ 153.593228] do_group_exit+0xe0/0x2b0 [ 153.593541] __x64_sys_exit_group+0x47/0x50 [ 153.593895] do_syscall_64+0x3b/0x90 [ 153.594210] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.594672] RIP: 0033:0x7f4b87518a4d [ 153.594980] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.595488] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.596105] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.596683] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.597297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.597873] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.598452] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.599060] [ 153.599260] irq event stamp: 0 [ 153.599519] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.600031] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.600712] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.601389] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.601898] ---[ end trace 0000000000000000 ]--- [ 153.602654] ------------[ cut here ]------------ [ 153.603044] WARNING: CPU: 0 PID: 1441 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.603908] Modules linked in: [ 153.604173] CPU: 0 PID: 1441 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.604884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.605798] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.606261] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.607941] RSP: 0018:ffff8880137c7b78 EFLAGS: 00010246 [ 153.608380] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.608953] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 153.609530] RBP: ffff8880137c7b98 R08: ffffed100415d33e R09: ffffed100415d33e [ 153.610110] R10: ffff888020ae99ef R11: ffffed100415d33d R12: ffff888020ae9a90 [ 153.610699] R13: ffff888020ae98a8 R14: ffffffffffffffff R15: ffff8880137c7c60 [ 153.611264] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 153.611895] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.612354] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 153.612915] PKRU: 55555554 [ 153.613138] Call Trace: [ 153.613341] [ 153.613520] iommufd_ioas_destroy+0x53/0x70 [ 153.613868] iommufd_fops_release+0x1f7/0x370 [ 153.614230] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.614648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.615042] ? write_comp_data+0x2f/0x90 [ 153.615386] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.615784] __fput+0x26d/0xa40 [ 153.616062] ____fput+0x1e/0x30 [ 153.616333] task_work_run+0x1a4/0x2d0 [ 153.616649] ? __pfx_task_work_run+0x10/0x10 [ 153.617002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.617393] ? switch_task_namespaces+0xa9/0xe0 [ 153.617779] do_exit+0xb17/0x2ef0 [ 153.618055] ? lock_acquire+0x427/0x4c0 [ 153.618379] ? __pfx_lock_release+0x10/0x10 [ 153.618746] ? __kasan_check_write+0x18/0x20 [ 153.619101] ? do_raw_spin_lock+0x132/0x2a0 [ 153.619458] ? __pfx_do_exit+0x10/0x10 [ 153.619775] ? debug_smp_processor_id+0x20/0x30 [ 153.620146] ? rcu_is_watching+0x19/0xb0 [ 153.620471] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.620837] ? trace_hardirqs_on+0x26/0x120 [ 153.621183] do_group_exit+0xe0/0x2b0 [ 153.621487] __x64_sys_exit_group+0x47/0x50 [ 153.621827] do_syscall_64+0x3b/0x90 [ 153.622131] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.622571] RIP: 0033:0x7f4b87518a4d [ 153.622870] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.623362] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.623961] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.624520] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.625082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.625642] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.626200] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.626788] [ 153.626973] irq event stamp: 0 [ 153.627231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.627725] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.628378] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.629082] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.629580] ---[ end trace 0000000000000000 ]--- [ 153.635375] ------------[ cut here ]------------ [ 153.635893] WARNING: CPU: 1 PID: 1442 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.636914] Modules linked in: [ 153.637237] CPU: 1 PID: 1442 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.638146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.639523] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.640095] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.642095] RSP: 0018:ffff88800f22fbb8 EFLAGS: 00010246 [ 153.642724] RAX: 0000000000000000 RBX: ffff8880245080a8 RCX: 0000000000000000 [ 153.643536] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 153.644328] RBP: ffff88800f22fbd0 R08: ffffed10048a1033 R09: ffffed10048a1033 [ 153.645116] R10: ffff888024508193 R11: ffffed10048a1032 R12: ffff888013da6800 [ 153.645906] R13: ffff8880245081e8 R14: ffffffff8352e670 R15: ffff88800f22fe68 [ 153.646727] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.647550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.648008] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 153.648564] PKRU: 55555554 [ 153.648786] Call Trace: [ 153.648986] [ 153.649166] __iommufd_access_detach+0x1c2/0x2b0 [ 153.649551] iommufd_access_change_pt+0x149/0x270 [ 153.649939] iommufd_access_replace+0xb4/0x120 [ 153.650310] iommufd_test+0x3e5/0x37e0 [ 153.650641] ? lock_release+0x532/0x770 [ 153.650961] ? __might_fault+0x102/0x1b0 [ 153.651281] ? lock_acquire+0x427/0x4c0 [ 153.651597] ? __pfx_iommufd_test+0x10/0x10 [ 153.651941] ? __pfx_lock_release+0x10/0x10 [ 153.652287] ? __pfx_lock_acquire+0x10/0x10 [ 153.652637] ? write_comp_data+0x2f/0x90 [ 153.652963] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.653351] ? write_comp_data+0x2f/0x90 [ 153.653676] iommufd_fops_ioctl+0x37d/0x510 [ 153.654013] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.654394] ? write_comp_data+0x2f/0x90 [ 153.654734] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.655122] __x64_sys_ioctl+0x1a3/0x230 [ 153.655451] do_syscall_64+0x3b/0x90 [ 153.655751] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.656169] RIP: 0033:0x7f4b8743ee5d [ 153.656460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.657861] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.658451] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.659019] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.659584] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.660141] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.660699] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.661341] [ 153.661526] irq event stamp: 0 [ 153.661770] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.662257] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.662919] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.663579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.664066] ---[ end trace 0000000000000000 ]--- [ 153.666792] ------------[ cut here ]------------ [ 153.667200] WARNING: CPU: 1 PID: 1442 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.667982] Modules linked in: [ 153.668233] CPU: 1 PID: 1442 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.668909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.669775] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.670161] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.671634] RSP: 0018:ffff88800f22fbd0 EFLAGS: 00010246 [ 153.672051] RAX: 0000000000000000 RBX: ffff8880245080a8 RCX: 0000000000000000 [ 153.672601] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 153.673149] RBP: ffff88800f22fbe8 R08: ffffed10048a1033 R09: ffffed10048a1033 [ 153.673701] R10: ffff888024508193 R11: ffffed10048a1032 R12: ffff88801890e400 [ 153.674259] R13: ffff8880245081e8 R14: ffff888015bb7000 R15: 0000000000000000 [ 153.674823] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.675467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.675919] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 153.676469] PKRU: 55555554 [ 153.676690] Call Trace: [ 153.676891] [ 153.677069] iommufd_access_destroy_object+0x65/0x170 [ 153.677474] iommufd_object_destroy_user+0x18e/0x220 [ 153.677876] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.678331] iommufd_access_destroy+0x43/0x70 [ 153.678708] iommufd_test_staccess_release+0x8d/0xd0 [ 153.679119] __fput+0x26d/0xa40 [ 153.679393] ____fput+0x1e/0x30 [ 153.679659] task_work_run+0x1a4/0x2d0 [ 153.679969] ? __pfx_task_work_run+0x10/0x10 [ 153.680319] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.680704] ? switch_task_namespaces+0xa9/0xe0 [ 153.681075] do_exit+0xb17/0x2ef0 [ 153.681347] ? lock_acquire+0x427/0x4c0 [ 153.681663] ? __pfx_lock_release+0x10/0x10 [ 153.682003] ? __kasan_check_write+0x18/0x20 [ 153.682345] ? do_raw_spin_lock+0x132/0x2a0 [ 153.682695] ? __pfx_do_exit+0x10/0x10 [ 153.683007] ? debug_smp_processor_id+0x20/0x30 [ 153.683382] ? rcu_is_watching+0x19/0xb0 [ 153.683702] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.684064] ? trace_hardirqs_on+0x26/0x120 [ 153.684405] do_group_exit+0xe0/0x2b0 [ 153.684704] __x64_sys_exit_group+0x47/0x50 [ 153.685040] do_syscall_64+0x3b/0x90 [ 153.685342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.685753] RIP: 0033:0x7f4b87518a4d [ 153.686046] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.686536] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.687134] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.687680] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.688231] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.688776] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.689311] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.689865] [ 153.690041] irq event stamp: 0 [ 153.690280] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.690772] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.691411] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.692039] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.692516] ---[ end trace 0000000000000000 ]--- [ 153.693413] ------------[ cut here ]------------ [ 153.693778] WARNING: CPU: 1 PID: 1442 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.694565] Modules linked in: [ 153.694812] CPU: 1 PID: 1442 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.695480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.696330] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.696726] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.698096] RSP: 0018:ffff88800f22fb78 EFLAGS: 00010246 [ 153.698497] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.699088] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 153.699636] RBP: ffff88800f22fb98 R08: ffffed10048a103e R09: ffffed10048a103e [ 153.700174] R10: ffff8880245081ef R11: ffffed10048a103d R12: ffff888024508290 [ 153.700715] R13: ffff8880245080a8 R14: ffffffffffffffff R15: ffff88800f22fc60 [ 153.701249] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.701859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.702297] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 153.702850] PKRU: 55555554 [ 153.703066] Call Trace: [ 153.703266] [ 153.703439] iommufd_ioas_destroy+0x53/0x70 [ 153.703772] iommufd_fops_release+0x1f7/0x370 [ 153.704124] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.704504] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.704882] ? write_comp_data+0x2f/0x90 [ 153.705200] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.705579] __fput+0x26d/0xa40 [ 153.705845] ____fput+0x1e/0x30 [ 153.706104] task_work_run+0x1a4/0x2d0 [ 153.706408] ? __pfx_task_work_run+0x10/0x10 [ 153.706764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.707146] ? switch_task_namespaces+0xa9/0xe0 [ 153.707513] do_exit+0xb17/0x2ef0 [ 153.707777] ? lock_acquire+0x427/0x4c0 [ 153.708085] ? __pfx_lock_release+0x10/0x10 [ 153.708421] ? __kasan_check_write+0x18/0x20 [ 153.708759] ? do_raw_spin_lock+0x132/0x2a0 [ 153.709088] ? __pfx_do_exit+0x10/0x10 [ 153.709390] ? debug_smp_processor_id+0x20/0x30 [ 153.709746] ? rcu_is_watching+0x19/0xb0 [ 153.710056] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.710412] ? trace_hardirqs_on+0x26/0x120 [ 153.710768] do_group_exit+0xe0/0x2b0 [ 153.711062] __x64_sys_exit_group+0x47/0x50 [ 153.711406] do_syscall_64+0x3b/0x90 [ 153.711704] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.712105] RIP: 0033:0x7f4b87518a4d [ 153.712386] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.712848] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.713418] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.713953] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.714487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.715046] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.715591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.716131] [ 153.716309] irq event stamp: 0 [ 153.716548] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.717021] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.717653] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.718284] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.718780] ---[ end trace 0000000000000000 ]--- [ 153.723261] ------------[ cut here ]------------ [ 153.723656] WARNING: CPU: 1 PID: 1443 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.724419] Modules linked in: [ 153.724661] CPU: 1 PID: 1443 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.725385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.726227] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.726641] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.728040] RSP: 0018:ffff888013577bb8 EFLAGS: 00010246 [ 153.728504] RAX: 0000000000000000 RBX: ffff888020aff8a8 RCX: 0000000000000000 [ 153.729285] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 153.729822] RBP: ffff888013577bd0 R08: ffffed100415ff33 R09: ffffed100415ff33 [ 153.730355] R10: ffff888020aff993 R11: ffffed100415ff32 R12: ffff88801883ec00 [ 153.731024] R13: ffff888020aff9e8 R14: ffffffff8352e670 R15: ffff888013577e68 [ 153.731578] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.732182] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.732734] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 153.733273] PKRU: 55555554 [ 153.733492] Call Trace: [ 153.733688] [ 153.733863] __iommufd_access_detach+0x1c2/0x2b0 [ 153.734302] iommufd_access_change_pt+0x149/0x270 [ 153.734746] iommufd_access_replace+0xb4/0x120 [ 153.735105] iommufd_test+0x3e5/0x37e0 [ 153.735409] ? lock_release+0x532/0x770 [ 153.735725] ? __might_fault+0x102/0x1b0 [ 153.736045] ? lock_acquire+0x427/0x4c0 [ 153.736361] ? __pfx_iommufd_test+0x10/0x10 [ 153.736746] ? __pfx_lock_release+0x10/0x10 [ 153.737139] ? __pfx_lock_acquire+0x10/0x10 [ 153.737479] ? write_comp_data+0x2f/0x90 [ 153.737801] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.738184] ? write_comp_data+0x2f/0x90 [ 153.738564] iommufd_fops_ioctl+0x37d/0x510 [ 153.738958] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.739357] ? write_comp_data+0x2f/0x90 [ 153.739678] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.740052] __x64_sys_ioctl+0x1a3/0x230 [ 153.740373] do_syscall_64+0x3b/0x90 [ 153.740671] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.741187] RIP: 0033:0x7f4b8743ee5d [ 153.741475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.742972] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.743595] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.744154] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.744711] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.745391] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.745944] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.746525] [ 153.746714] irq event stamp: 0 [ 153.746961] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.747580] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.748234] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.748878] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.749476] ---[ end trace 0000000000000000 ]--- [ 153.752232] ------------[ cut here ]------------ [ 153.752631] WARNING: CPU: 1 PID: 1443 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.753538] Modules linked in: [ 153.753788] CPU: 1 PID: 1443 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.754471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.755520] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.755911] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.757535] RSP: 0018:ffff888013577bd0 EFLAGS: 00010246 [ 153.757954] RAX: 0000000000000000 RBX: ffff888020aff8a8 RCX: 0000000000000000 [ 153.758525] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 153.759086] RBP: ffff888013577be8 R08: ffffed100415ff33 R09: ffffed100415ff33 [ 153.759743] R10: ffff888020aff993 R11: ffffed100415ff32 R12: ffff888013da7c00 [ 153.760291] R13: ffff888020aff9e8 R14: ffff888013797100 R15: 0000000000000000 [ 153.760844] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.761576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.762024] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 153.762603] PKRU: 55555554 [ 153.762826] Call Trace: [ 153.763036] [ 153.763274] iommufd_access_destroy_object+0x65/0x170 [ 153.763738] iommufd_object_destroy_user+0x18e/0x220 [ 153.764149] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.764618] iommufd_access_destroy+0x43/0x70 [ 153.765011] iommufd_test_staccess_release+0x8d/0xd0 [ 153.765498] __fput+0x26d/0xa40 [ 153.765775] ____fput+0x1e/0x30 [ 153.766046] task_work_run+0x1a4/0x2d0 [ 153.766379] ? __pfx_task_work_run+0x10/0x10 [ 153.766776] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.767204] ? switch_task_namespaces+0xa9/0xe0 [ 153.767739] do_exit+0xb17/0x2ef0 [ 153.768031] ? lock_acquire+0x427/0x4c0 [ 153.768370] ? __pfx_lock_release+0x10/0x10 [ 153.768735] ? __kasan_check_write+0x18/0x20 [ 153.769103] ? do_raw_spin_lock+0x132/0x2a0 [ 153.769576] ? __pfx_do_exit+0x10/0x10 [ 153.769910] ? debug_smp_processor_id+0x20/0x30 [ 153.770299] ? rcu_is_watching+0x19/0xb0 [ 153.770655] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.771037] ? trace_hardirqs_on+0x26/0x120 [ 153.771422] do_group_exit+0xe0/0x2b0 [ 153.771822] __x64_sys_exit_group+0x47/0x50 [ 153.772235] do_syscall_64+0x3b/0x90 [ 153.772553] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.772986] RIP: 0033:0x7f4b87518a4d [ 153.773298] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.773845] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.774553] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.775153] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.775735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.776454] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.777036] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.777637] [ 153.777833] irq event stamp: 0 [ 153.778157] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.778768] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.779465] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.780147] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.780808] ---[ end trace 0000000000000000 ]--- [ 153.781574] ------------[ cut here ]------------ [ 153.781961] WARNING: CPU: 1 PID: 1443 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.782959] Modules linked in: [ 153.783249] CPU: 1 PID: 1443 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.783961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.785017] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.785443] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.787108] RSP: 0018:ffff888013577b78 EFLAGS: 00010246 [ 153.787555] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.788137] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 153.788735] RBP: ffff888013577b98 R08: ffffed100415ff3e R09: ffffed100415ff3e [ 153.789474] R10: ffff888020aff9ef R11: ffffed100415ff3d R12: ffff888020affa90 [ 153.790069] R13: ffff888020aff8a8 R14: ffffffffffffffff R15: ffff888013577c60 [ 153.790697] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.791439] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.791914] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 153.792495] PKRU: 55555554 [ 153.792746] Call Trace: [ 153.793060] [ 153.793248] iommufd_ioas_destroy+0x53/0x70 [ 153.793612] iommufd_fops_release+0x1f7/0x370 [ 153.793987] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.794402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.794970] ? write_comp_data+0x2f/0x90 [ 153.795334] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.795751] __fput+0x26d/0xa40 [ 153.796041] ____fput+0x1e/0x30 [ 153.796325] task_work_run+0x1a4/0x2d0 [ 153.796663] ? __pfx_task_work_run+0x10/0x10 [ 153.797090] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.797609] ? switch_task_namespaces+0xa9/0xe0 [ 153.798030] do_exit+0xb17/0x2ef0 [ 153.798331] ? lock_acquire+0x427/0x4c0 [ 153.798706] ? __pfx_lock_release+0x10/0x10 [ 153.799086] ? __kasan_check_write+0x18/0x20 [ 153.799559] ? do_raw_spin_lock+0x132/0x2a0 [ 153.800002] ? __pfx_do_exit+0x10/0x10 [ 153.800351] ? debug_smp_processor_id+0x20/0x30 [ 153.800761] ? rcu_is_watching+0x19/0xb0 [ 153.801116] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.801591] ? trace_hardirqs_on+0x26/0x120 [ 153.802049] do_group_exit+0xe0/0x2b0 [ 153.802380] __x64_sys_exit_group+0x47/0x50 [ 153.802779] do_syscall_64+0x3b/0x90 [ 153.803139] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.803607] RIP: 0033:0x7f4b87518a4d [ 153.803971] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.804611] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.805268] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.805967] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.806689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.807326] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.807956] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.808756] [ 153.808965] irq event stamp: 0 [ 153.809244] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.809800] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.810721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.811460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.812011] ---[ end trace 0000000000000000 ]--- [ 153.816810] ------------[ cut here ]------------ [ 153.817346] WARNING: CPU: 1 PID: 1444 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.818221] Modules linked in: [ 153.818499] CPU: 1 PID: 1444 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.819470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.820457] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.820889] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.822704] RSP: 0018:ffff88800f22fbb8 EFLAGS: 00010246 [ 153.823183] RAX: 0000000000000000 RBX: ffff8880171ba0a8 RCX: 0000000000000000 [ 153.823953] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 153.824578] RBP: ffff88800f22fbd0 R08: ffffed1002e37433 R09: ffffed1002e37433 [ 153.825194] R10: ffff8880171ba193 R11: ffffed1002e37432 R12: ffff888014392400 [ 153.825961] R13: ffff8880171ba1e8 R14: ffffffff8352e670 R15: ffff88800f22fe68 [ 153.826613] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.827329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.827835] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 153.828621] PKRU: 55555554 [ 153.828874] Call Trace: [ 153.829102] [ 153.829307] __iommufd_access_detach+0x1c2/0x2b0 [ 153.829747] iommufd_access_change_pt+0x149/0x270 [ 153.830306] iommufd_access_replace+0xb4/0x120 [ 153.830750] iommufd_test+0x3e5/0x37e0 [ 153.831094] ? lock_release+0x532/0x770 [ 153.831471] ? __might_fault+0x102/0x1b0 [ 153.831833] ? lock_acquire+0x427/0x4c0 [ 153.832193] ? __pfx_iommufd_test+0x10/0x10 [ 153.832732] ? __pfx_lock_release+0x10/0x10 [ 153.833123] ? __pfx_lock_acquire+0x10/0x10 [ 153.833512] ? write_comp_data+0x2f/0x90 [ 153.833876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.834328] ? write_comp_data+0x2f/0x90 [ 153.834836] iommufd_fops_ioctl+0x37d/0x510 [ 153.835232] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.835669] ? write_comp_data+0x2f/0x90 [ 153.836038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.836462] __x64_sys_ioctl+0x1a3/0x230 [ 153.836914] do_syscall_64+0x3b/0x90 [ 153.837332] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.837794] RIP: 0033:0x7f4b8743ee5d [ 153.838126] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.839921] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.840593] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.841215] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.841996] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.842643] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.843285] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.844006] [ 153.844280] irq event stamp: 0 [ 153.844559] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.845106] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.845893] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.846719] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.847283] ---[ end trace 0000000000000000 ]--- [ 153.850403] ------------[ cut here ]------------ [ 153.850870] WARNING: CPU: 1 PID: 1444 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.851765] Modules linked in: [ 153.852043] CPU: 1 PID: 1444 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.852795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.853830] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.854263] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.855882] RSP: 0018:ffff88800f22fbd0 EFLAGS: 00010246 [ 153.856346] RAX: 0000000000000000 RBX: ffff8880171ba0a8 RCX: 0000000000000000 [ 153.856956] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 153.857563] RBP: ffff88800f22fbe8 R08: ffffed1002e37433 R09: ffffed1002e37433 [ 153.858166] R10: ffff8880171ba193 R11: ffffed1002e37432 R12: ffff88801883e000 [ 153.858799] R13: ffff8880171ba1e8 R14: ffff8880141d8c00 R15: 0000000000000000 [ 153.859445] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.860142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.860649] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 153.861274] PKRU: 55555554 [ 153.861523] Call Trace: [ 153.861742] [ 153.861939] iommufd_access_destroy_object+0x65/0x170 [ 153.862397] iommufd_object_destroy_user+0x18e/0x220 [ 153.862858] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.863369] iommufd_access_destroy+0x43/0x70 [ 153.863773] iommufd_test_staccess_release+0x8d/0xd0 [ 153.864220] __fput+0x26d/0xa40 [ 153.864524] ____fput+0x1e/0x30 [ 153.864822] task_work_run+0x1a4/0x2d0 [ 153.865179] ? __pfx_task_work_run+0x10/0x10 [ 153.865578] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.866028] ? switch_task_namespaces+0xa9/0xe0 [ 153.866452] do_exit+0xb17/0x2ef0 [ 153.866786] ? lock_acquire+0x427/0x4c0 [ 153.867154] ? __pfx_lock_release+0x10/0x10 [ 153.867539] ? __kasan_check_write+0x18/0x20 [ 153.867932] ? do_raw_spin_lock+0x132/0x2a0 [ 153.868313] ? __pfx_do_exit+0x10/0x10 [ 153.868662] ? debug_smp_processor_id+0x20/0x30 [ 153.869071] ? rcu_is_watching+0x19/0xb0 [ 153.869428] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.869826] ? trace_hardirqs_on+0x26/0x120 [ 153.870214] do_group_exit+0xe0/0x2b0 [ 153.870578] __x64_sys_exit_group+0x47/0x50 [ 153.870959] do_syscall_64+0x3b/0x90 [ 153.871311] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.871775] RIP: 0033:0x7f4b87518a4d [ 153.872110] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.872644] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.873301] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.873912] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.874559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.875188] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.875803] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.876427] [ 153.876633] irq event stamp: 0 [ 153.876908] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.877453] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.878175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.878911] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.879474] ---[ end trace 0000000000000000 ]--- [ 153.880235] ------------[ cut here ]------------ [ 153.880649] WARNING: CPU: 1 PID: 1444 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.881529] Modules linked in: [ 153.881814] CPU: 1 PID: 1444 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.882608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.883534] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.883931] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.885628] RSP: 0018:ffff88800f22fb78 EFLAGS: 00010246 [ 153.886124] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.886806] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 153.887478] RBP: ffff88800f22fb98 R08: ffffed1002e3743e R09: ffffed1002e3743e [ 153.888125] R10: ffff8880171ba1ef R11: ffffed1002e3743d R12: ffff8880171ba290 [ 153.888785] R13: ffff8880171ba0a8 R14: ffffffffffffffff R15: ffff88800f22fc60 [ 153.889450] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.890201] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.890762] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 153.891450] PKRU: 55555554 [ 153.891720] Call Trace: [ 153.891958] [ 153.892174] iommufd_ioas_destroy+0x53/0x70 [ 153.892584] iommufd_fops_release+0x1f7/0x370 [ 153.893022] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.893490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.893946] ? write_comp_data+0x2f/0x90 [ 153.894333] ? __pfx_iommufd_fops_release+0x10/0x10 [ 153.894819] __fput+0x26d/0xa40 [ 153.895154] ____fput+0x1e/0x30 [ 153.895473] task_work_run+0x1a4/0x2d0 [ 153.895845] ? __pfx_task_work_run+0x10/0x10 [ 153.896263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.896719] ? switch_task_namespaces+0xa9/0xe0 [ 153.897158] do_exit+0xb17/0x2ef0 [ 153.897481] ? lock_acquire+0x427/0x4c0 [ 153.897861] ? __pfx_lock_release+0x10/0x10 [ 153.898262] ? __kasan_check_write+0x18/0x20 [ 153.898703] ? do_raw_spin_lock+0x132/0x2a0 [ 153.899132] ? __pfx_do_exit+0x10/0x10 [ 153.899501] ? debug_smp_processor_id+0x20/0x30 [ 153.899930] ? rcu_is_watching+0x19/0xb0 [ 153.900307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.900730] ? trace_hardirqs_on+0x26/0x120 [ 153.901129] do_group_exit+0xe0/0x2b0 [ 153.901482] __x64_sys_exit_group+0x47/0x50 [ 153.901879] do_syscall_64+0x3b/0x90 [ 153.902229] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.902734] RIP: 0033:0x7f4b87518a4d [ 153.903082] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.903660] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.904349] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.904995] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.905664] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.906337] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.907041] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.907750] [ 153.907978] irq event stamp: 0 [ 153.908284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.908886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.909698] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.910493] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.911140] ---[ end trace 0000000000000000 ]--- [ 153.915963] ------------[ cut here ]------------ [ 153.916459] WARNING: CPU: 1 PID: 1445 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.917486] Modules linked in: [ 153.917791] CPU: 1 PID: 1445 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.918842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.919914] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.920389] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.922099] RSP: 0018:ffff88800f0c7bb8 EFLAGS: 00010246 [ 153.922639] RAX: 0000000000000000 RBX: ffff888015d2f0a8 RCX: 0000000000000000 [ 153.923326] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 153.924007] RBP: ffff88800f0c7bd0 R08: ffffed1002ba5e33 R09: ffffed1002ba5e33 [ 153.924673] R10: ffff888015d2f193 R11: ffffed1002ba5e32 R12: ffff888012e94000 [ 153.925343] R13: ffff888015d2f1e8 R14: ffffffff8352e670 R15: ffff88800f0c7e68 [ 153.926100] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.926897] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.927476] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 153.928143] PKRU: 55555554 [ 153.928410] Call Trace: [ 153.928658] [ 153.928873] __iommufd_access_detach+0x1c2/0x2b0 [ 153.929345] iommufd_access_change_pt+0x149/0x270 [ 153.929815] iommufd_access_replace+0xb4/0x120 [ 153.930257] iommufd_test+0x3e5/0x37e0 [ 153.930656] ? lock_release+0x532/0x770 [ 153.931052] ? __might_fault+0x102/0x1b0 [ 153.931475] ? lock_acquire+0x427/0x4c0 [ 153.931866] ? __pfx_iommufd_test+0x10/0x10 [ 153.932280] ? __pfx_lock_release+0x10/0x10 [ 153.932709] ? __pfx_lock_acquire+0x10/0x10 [ 153.933131] ? write_comp_data+0x2f/0x90 [ 153.933534] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.934002] ? write_comp_data+0x2f/0x90 [ 153.934399] iommufd_fops_ioctl+0x37d/0x510 [ 153.934861] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.935359] ? write_comp_data+0x2f/0x90 [ 153.935755] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 153.936222] __x64_sys_ioctl+0x1a3/0x230 [ 153.936618] do_syscall_64+0x3b/0x90 [ 153.936984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.937490] RIP: 0033:0x7f4b8743ee5d [ 153.937850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 153.939643] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 153.940386] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 153.941059] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 153.941733] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 153.942411] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 153.943130] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 153.943815] [ 153.944039] irq event stamp: 0 [ 153.944343] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.944941] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.945735] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.946566] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.947180] ---[ end trace 0000000000000000 ]--- [ 153.950297] ------------[ cut here ]------------ [ 153.950827] WARNING: CPU: 1 PID: 1445 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 153.951814] Modules linked in: [ 153.952131] CPU: 1 PID: 1445 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.952969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.954029] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 153.954547] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 153.956301] RSP: 0018:ffff88800f0c7bd0 EFLAGS: 00010246 [ 153.956824] RAX: 0000000000000000 RBX: ffff888015d2f0a8 RCX: 0000000000000000 [ 153.957501] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 153.958174] RBP: ffff88800f0c7be8 R08: ffffed1002ba5e33 R09: ffffed1002ba5e33 [ 153.958894] R10: ffff888015d2f193 R11: ffffed1002ba5e32 R12: ffff888014390c00 [ 153.959596] R13: ffff888015d2f1e8 R14: ffff88801005e100 R15: 0000000000000000 [ 153.960265] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.961046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.961645] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 153.962380] PKRU: 55555554 [ 153.962712] Call Trace: [ 153.962981] [ 153.963251] iommufd_access_destroy_object+0x65/0x170 [ 153.963792] iommufd_object_destroy_user+0x18e/0x220 [ 153.964326] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 153.964932] iommufd_access_destroy+0x43/0x70 [ 153.965414] iommufd_test_staccess_release+0x8d/0xd0 [ 153.965950] __fput+0x26d/0xa40 [ 153.966315] ____fput+0x1e/0x30 [ 153.966728] task_work_run+0x1a4/0x2d0 [ 153.967166] ? __pfx_task_work_run+0x10/0x10 [ 153.967627] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 153.968140] ? switch_task_namespaces+0xa9/0xe0 [ 153.968633] do_exit+0xb17/0x2ef0 [ 153.968995] ? lock_acquire+0x427/0x4c0 [ 153.969411] ? __pfx_lock_release+0x10/0x10 [ 153.969869] ? __kasan_check_write+0x18/0x20 [ 153.970334] ? do_raw_spin_lock+0x132/0x2a0 [ 153.970834] ? __pfx_do_exit+0x10/0x10 [ 153.971272] ? debug_smp_processor_id+0x20/0x30 [ 153.971779] ? rcu_is_watching+0x19/0xb0 [ 153.972214] ? _raw_spin_unlock_irq+0x2b/0x60 [ 153.972698] ? trace_hardirqs_on+0x26/0x120 [ 153.973156] do_group_exit+0xe0/0x2b0 [ 153.973566] __x64_sys_exit_group+0x47/0x50 [ 153.974012] do_syscall_64+0x3b/0x90 [ 153.974416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 153.975015] RIP: 0033:0x7f4b87518a4d [ 153.975440] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 153.976087] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.976888] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 153.977626] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 153.978363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 153.979147] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 153.979893] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 153.980647] [ 153.980891] irq event stamp: 0 [ 153.981281] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 153.981928] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 153.982827] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 153.983724] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 153.984389] ---[ end trace 0000000000000000 ]--- [ 153.985273] ------------[ cut here ]------------ [ 153.985771] WARNING: CPU: 1 PID: 1445 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 153.986890] Modules linked in: [ 153.987252] CPU: 1 PID: 1445 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 153.988159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 153.989326] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 153.989938] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 153.992371] RSP: 0018:ffff88800f0c7b78 EFLAGS: 00010246 [ 153.992934] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 153.993671] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 153.994402] RBP: ffff88800f0c7b98 R08: ffffed1002ba5e3e R09: ffffed1002ba5e3e [ 153.995190] R10: ffff888015d2f1ef R11: ffffed1002ba5e3d R12: ffff888015d2f290 [ 153.995933] R13: ffff888015d2f0a8 R14: ffffffffffffffff R15: ffff88800f0c7c60 [ 153.996918] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 153.998065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 153.998720] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 153.999483] PKRU: 55555554 [ 153.999776] Call Trace: [ 154.000040] [ 154.000277] iommufd_ioas_destroy+0x53/0x70 [ 154.000740] iommufd_fops_release+0x1f7/0x370 [ 154.001213] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.001792] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.002621] ? write_comp_data+0x2f/0x90 [ 154.003072] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.003614] __fput+0x26d/0xa40 [ 154.003983] ____fput+0x1e/0x30 [ 154.004341] task_work_run+0x1a4/0x2d0 [ 154.004760] ? __pfx_task_work_run+0x10/0x10 [ 154.005228] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.005745] ? switch_task_namespaces+0xa9/0xe0 [ 154.006259] do_exit+0xb17/0x2ef0 [ 154.006683] ? lock_acquire+0x427/0x4c0 [ 154.007264] ? __pfx_lock_release+0x10/0x10 [ 154.007952] ? __kasan_check_write+0x18/0x20 [ 154.008447] ? do_raw_spin_lock+0x132/0x2a0 [ 154.008907] ? __pfx_do_exit+0x10/0x10 [ 154.009328] ? debug_smp_processor_id+0x20/0x30 [ 154.009826] ? rcu_is_watching+0x19/0xb0 [ 154.010260] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.010795] ? trace_hardirqs_on+0x26/0x120 [ 154.011287] do_group_exit+0xe0/0x2b0 [ 154.011695] __x64_sys_exit_group+0x47/0x50 [ 154.012161] do_syscall_64+0x3b/0x90 [ 154.012572] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.013372] RIP: 0033:0x7f4b87518a4d [ 154.013972] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.014668] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.015494] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.016237] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.016982] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.017735] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.018732] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.019673] [ 154.019930] irq event stamp: 0 [ 154.020268] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.020935] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.021818] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.022744] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.023428] ---[ end trace 0000000000000000 ]--- [ 154.028188] ------------[ cut here ]------------ [ 154.029007] WARNING: CPU: 1 PID: 1446 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.030059] Modules linked in: [ 154.030401] CPU: 1 PID: 1446 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.031428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.032644] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.033179] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.035709] RSP: 0018:ffff888013577bb8 EFLAGS: 00010246 [ 154.036277] RAX: 0000000000000000 RBX: ffff888017bee0a8 RCX: 0000000000000000 [ 154.037029] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 154.037773] RBP: ffff888013577bd0 R08: ffffed1002f7dc33 R09: ffffed1002f7dc33 [ 154.038559] R10: ffff888017bee193 R11: ffffed1002f7dc32 R12: ffff8880139e2800 [ 154.039336] R13: ffff888017bee1e8 R14: ffffffff8352e670 R15: ffff888013577e68 [ 154.040329] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.041528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.042139] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 154.042928] PKRU: 55555554 [ 154.043249] Call Trace: [ 154.043523] [ 154.043771] __iommufd_access_detach+0x1c2/0x2b0 [ 154.044298] iommufd_access_change_pt+0x149/0x270 [ 154.044819] iommufd_access_replace+0xb4/0x120 [ 154.045461] iommufd_test+0x3e5/0x37e0 [ 154.046009] ? lock_release+0x532/0x770 [ 154.046660] ? __might_fault+0x102/0x1b0 [ 154.047106] ? lock_acquire+0x427/0x4c0 [ 154.047552] ? __pfx_iommufd_test+0x10/0x10 [ 154.048005] ? __pfx_lock_release+0x10/0x10 [ 154.048469] ? __pfx_lock_acquire+0x10/0x10 [ 154.048939] ? write_comp_data+0x2f/0x90 [ 154.049388] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.049912] ? write_comp_data+0x2f/0x90 [ 154.050369] iommufd_fops_ioctl+0x37d/0x510 [ 154.051012] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.051770] ? write_comp_data+0x2f/0x90 [ 154.052223] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.052740] __x64_sys_ioctl+0x1a3/0x230 [ 154.053177] do_syscall_64+0x3b/0x90 [ 154.053584] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.054131] RIP: 0033:0x7f4b8743ee5d [ 154.054569] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.056607] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.057780] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.058574] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.059352] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.060094] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.060846] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.061725] [ 154.062051] irq event stamp: 0 [ 154.062637] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.063314] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.064189] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.065062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.065731] ---[ end trace 0000000000000000 ]--- [ 154.069278] ------------[ cut here ]------------ [ 154.069854] WARNING: CPU: 1 PID: 1446 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.071328] Modules linked in: [ 154.071857] CPU: 1 PID: 1446 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.072782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.073956] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.074491] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.076807] RSP: 0018:ffff888013577bd0 EFLAGS: 00010246 [ 154.077566] RAX: 0000000000000000 RBX: ffff888017bee0a8 RCX: 0000000000000000 [ 154.078310] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 154.079105] RBP: ffff888013577be8 R08: ffffed1002f7dc33 R09: ffffed1002f7dc33 [ 154.079889] R10: ffff888017bee193 R11: ffffed1002f7dc32 R12: ffff888012e96800 [ 154.080717] R13: ffff888017bee1e8 R14: ffff888013447800 R15: 0000000000000000 [ 154.081783] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.082665] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.083285] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 154.084027] PKRU: 55555554 [ 154.084330] Call Trace: [ 154.084603] [ 154.084854] iommufd_access_destroy_object+0x65/0x170 [ 154.085585] iommufd_object_destroy_user+0x18e/0x220 [ 154.086288] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.086960] iommufd_access_destroy+0x43/0x70 [ 154.087476] iommufd_test_staccess_release+0x8d/0xd0 [ 154.088045] __fput+0x26d/0xa40 [ 154.088432] ____fput+0x1e/0x30 [ 154.088808] task_work_run+0x1a4/0x2d0 [ 154.089262] ? __pfx_task_work_run+0x10/0x10 [ 154.089877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.090633] ? switch_task_namespaces+0xa9/0xe0 [ 154.091202] do_exit+0xb17/0x2ef0 [ 154.091592] ? lock_acquire+0x427/0x4c0 [ 154.092052] ? __pfx_lock_release+0x10/0x10 [ 154.092532] ? __kasan_check_write+0x18/0x20 [ 154.093013] ? do_raw_spin_lock+0x132/0x2a0 [ 154.093497] ? __pfx_do_exit+0x10/0x10 [ 154.093988] ? debug_smp_processor_id+0x20/0x30 [ 154.094771] ? rcu_is_watching+0x19/0xb0 [ 154.095251] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.095758] ? trace_hardirqs_on+0x26/0x120 [ 154.096239] do_group_exit+0xe0/0x2b0 [ 154.096660] __x64_sys_exit_group+0x47/0x50 [ 154.097130] do_syscall_64+0x3b/0x90 [ 154.097551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.098204] RIP: 0033:0x7f4b87518a4d [ 154.098802] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.099687] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.100516] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.101304] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.102071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.102915] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.103942] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.104734] [ 154.104994] irq event stamp: 0 [ 154.105342] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.106036] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.107089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.108238] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.108991] ---[ end trace 0000000000000000 ]--- [ 154.112363] ------------[ cut here ]------------ [ 154.112907] WARNING: CPU: 1 PID: 1446 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.114019] Modules linked in: [ 154.114371] CPU: 1 PID: 1446 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.115504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.116898] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.117463] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.119464] RSP: 0018:ffff888013577b78 EFLAGS: 00010246 [ 154.120290] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.121051] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 154.121819] RBP: ffff888013577b98 R08: ffffed1002f7dc3e R09: ffffed1002f7dc3e [ 154.122613] R10: ffff888017bee1ef R11: ffffed1002f7dc3d R12: ffff888017bee290 [ 154.123439] R13: ffff888017bee0a8 R14: ffffffffffffffff R15: ffff888013577c60 [ 154.124462] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.125517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.126146] CR2: 00007f82e2fcd000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 154.126953] PKRU: 55555554 [ 154.127275] Call Trace: [ 154.127554] [ 154.127810] iommufd_ioas_destroy+0x53/0x70 [ 154.128363] iommufd_fops_release+0x1f7/0x370 [ 154.129023] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.129789] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.130342] ? write_comp_data+0x2f/0x90 [ 154.130843] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.131417] __fput+0x26d/0xa40 [ 154.131807] ____fput+0x1e/0x30 [ 154.132189] task_work_run+0x1a4/0x2d0 [ 154.132646] ? __pfx_task_work_run+0x10/0x10 [ 154.133230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.134019] ? switch_task_namespaces+0xa9/0xe0 [ 154.134587] do_exit+0xb17/0x2ef0 [ 154.134975] ? lock_acquire+0x427/0x4c0 [ 154.135436] ? __pfx_lock_release+0x10/0x10 [ 154.135911] ? __kasan_check_write+0x18/0x20 [ 154.136399] ? do_raw_spin_lock+0x132/0x2a0 [ 154.136876] ? __pfx_do_exit+0x10/0x10 [ 154.137362] ? debug_smp_processor_id+0x20/0x30 [ 154.138046] ? rcu_is_watching+0x19/0xb0 [ 154.138698] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.139219] ? trace_hardirqs_on+0x26/0x120 [ 154.139703] do_group_exit+0xe0/0x2b0 [ 154.140131] __x64_sys_exit_group+0x47/0x50 [ 154.140609] do_syscall_64+0x3b/0x90 [ 154.141106] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.141682] RIP: 0033:0x7f4b87518a4d [ 154.142210] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.143207] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.144016] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.144781] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.145551] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.146358] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.147470] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.148460] [ 154.148790] irq event stamp: 0 [ 154.149210] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.150076] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.151000] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.151903] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.152598] ---[ end trace 0000000000000000 ]--- [ 154.160533] ------------[ cut here ]------------ [ 154.161211] WARNING: CPU: 1 PID: 1447 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.162293] Modules linked in: [ 154.162677] CPU: 1 PID: 1447 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.163637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.165223] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.165767] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.167781] RSP: 0018:ffff8880189bfbb8 EFLAGS: 00010246 [ 154.168372] RAX: 0000000000000000 RBX: ffff888016fab0a8 RCX: 0000000000000000 [ 154.169373] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 154.170398] RBP: ffff8880189bfbd0 R08: ffffed1002df5633 R09: ffffed1002df5633 [ 154.171221] R10: ffff888016fab193 R11: ffffed1002df5632 R12: ffff888013b16800 [ 154.171979] R13: ffff888016fab1e8 R14: ffffffff8352e670 R15: ffff8880189bfe68 [ 154.172736] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.173811] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.174749] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 154.175530] PKRU: 55555554 [ 154.175839] Call Trace: [ 154.176114] [ 154.176360] __iommufd_access_detach+0x1c2/0x2b0 [ 154.176901] iommufd_access_change_pt+0x149/0x270 [ 154.177444] iommufd_access_replace+0xb4/0x120 [ 154.178037] iommufd_test+0x3e5/0x37e0 [ 154.178717] ? lock_release+0x532/0x770 [ 154.179185] ? __might_fault+0x102/0x1b0 [ 154.179633] ? lock_acquire+0x427/0x4c0 [ 154.180067] ? __pfx_iommufd_test+0x10/0x10 [ 154.180525] ? __pfx_lock_release+0x10/0x10 [ 154.181000] ? __pfx_lock_acquire+0x10/0x10 [ 154.181492] ? write_comp_data+0x2f/0x90 [ 154.182032] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.182848] ? write_comp_data+0x2f/0x90 [ 154.183333] iommufd_fops_ioctl+0x37d/0x510 [ 154.183821] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.184365] ? write_comp_data+0x2f/0x90 [ 154.184813] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.185338] __x64_sys_ioctl+0x1a3/0x230 [ 154.185812] do_syscall_64+0x3b/0x90 [ 154.186324] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.187161] RIP: 0033:0x7f4b8743ee5d [ 154.187577] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.189548] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.190492] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.191456] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.192226] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.192996] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.193767] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.194722] [ 154.195143] irq event stamp: 0 [ 154.195491] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.196164] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.197055] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.197965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.198846] ---[ end trace 0000000000000000 ]--- [ 154.204803] ------------[ cut here ]------------ [ 154.205463] WARNING: CPU: 1 PID: 1447 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.206648] Modules linked in: [ 154.207167] CPU: 1 PID: 1447 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.208108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.209302] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.209838] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.212222] RSP: 0018:ffff8880189bfbd0 EFLAGS: 00010246 [ 154.212800] RAX: 0000000000000000 RBX: ffff888016fab0a8 RCX: 0000000000000000 [ 154.213560] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 154.214316] RBP: ffff8880189bfbe8 R08: ffffed1002df5633 R09: ffffed1002df5633 [ 154.215240] R10: ffff888016fab193 R11: ffffed1002df5632 R12: ffff8880139e3c00 [ 154.216218] R13: ffff888016fab1e8 R14: ffff888020e13300 R15: 0000000000000000 [ 154.216980] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.217843] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.218467] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 154.219387] PKRU: 55555554 [ 154.219863] Call Trace: [ 154.220164] [ 154.220414] iommufd_access_destroy_object+0x65/0x170 [ 154.220986] iommufd_object_destroy_user+0x18e/0x220 [ 154.221543] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.222164] iommufd_access_destroy+0x43/0x70 [ 154.222682] iommufd_test_staccess_release+0x8d/0xd0 [ 154.223403] __fput+0x26d/0xa40 [ 154.223903] ____fput+0x1e/0x30 [ 154.224276] task_work_run+0x1a4/0x2d0 [ 154.224707] ? __pfx_task_work_run+0x10/0x10 [ 154.225182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.225710] ? switch_task_namespaces+0xa9/0xe0 [ 154.226214] do_exit+0xb17/0x2ef0 [ 154.226619] ? lock_acquire+0x427/0x4c0 [ 154.227068] ? __pfx_lock_release+0x10/0x10 [ 154.227710] ? __kasan_check_write+0x18/0x20 [ 154.228387] ? do_raw_spin_lock+0x132/0x2a0 [ 154.228862] ? __pfx_do_exit+0x10/0x10 [ 154.229295] ? debug_smp_processor_id+0x20/0x30 [ 154.229816] ? rcu_is_watching+0x19/0xb0 [ 154.230263] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.230831] ? trace_hardirqs_on+0x26/0x120 [ 154.231314] do_group_exit+0xe0/0x2b0 [ 154.231735] __x64_sys_exit_group+0x47/0x50 [ 154.232204] do_syscall_64+0x3b/0x90 [ 154.232622] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.233181] RIP: 0033:0x7f4b87518a4d [ 154.233588] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.234250] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.235142] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.235901] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.236658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.237476] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.238212] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.238983] [ 154.239240] irq event stamp: 0 [ 154.239574] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.240224] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.241092] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.241953] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.242639] ---[ end trace 0000000000000000 ]--- [ 154.243654] ------------[ cut here ]------------ [ 154.244150] WARNING: CPU: 1 PID: 1447 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.245201] Modules linked in: [ 154.245538] CPU: 1 PID: 1447 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.246441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.247823] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.248373] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.250278] RSP: 0018:ffff8880189bfb78 EFLAGS: 00010246 [ 154.250934] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.252037] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 154.252786] RBP: ffff8880189bfb98 R08: ffffed1002df563e R09: ffffed1002df563e [ 154.253530] R10: ffff888016fab1ef R11: ffffed1002df563d R12: ffff888016fab290 [ 154.254271] R13: ffff888016fab0a8 R14: ffffffffffffffff R15: ffff8880189bfc60 [ 154.255049] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.255909] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.256664] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 154.257709] PKRU: 55555554 [ 154.258014] Call Trace: [ 154.258278] [ 154.258570] iommufd_ioas_destroy+0x53/0x70 [ 154.259027] iommufd_fops_release+0x1f7/0x370 [ 154.259513] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.260034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.260551] ? write_comp_data+0x2f/0x90 [ 154.260988] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.261515] __fput+0x26d/0xa40 [ 154.261939] ____fput+0x1e/0x30 [ 154.262408] task_work_run+0x1a4/0x2d0 [ 154.262981] ? __pfx_task_work_run+0x10/0x10 [ 154.263470] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.263992] ? switch_task_namespaces+0xa9/0xe0 [ 154.264494] do_exit+0xb17/0x2ef0 [ 154.264860] ? lock_acquire+0x427/0x4c0 [ 154.265282] ? __pfx_lock_release+0x10/0x10 [ 154.265736] ? __kasan_check_write+0x18/0x20 [ 154.266197] ? do_raw_spin_lock+0x132/0x2a0 [ 154.266679] ? __pfx_do_exit+0x10/0x10 [ 154.267095] ? debug_smp_processor_id+0x20/0x30 [ 154.267598] ? rcu_is_watching+0x19/0xb0 [ 154.268159] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.268848] ? trace_hardirqs_on+0x26/0x120 [ 154.269369] do_group_exit+0xe0/0x2b0 [ 154.269765] __x64_sys_exit_group+0x47/0x50 [ 154.270202] do_syscall_64+0x3b/0x90 [ 154.270620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.271170] RIP: 0033:0x7f4b87518a4d [ 154.271550] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.272176] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.273000] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.274010] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.274761] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.275509] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.276233] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.276965] [ 154.277204] irq event stamp: 0 [ 154.277526] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.278303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.279529] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.280379] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.280976] ---[ end trace 0000000000000000 ]--- [ 154.285119] ------------[ cut here ]------------ [ 154.285634] WARNING: CPU: 1 PID: 1448 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.286662] Modules linked in: [ 154.287058] CPU: 1 PID: 1448 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.287980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.289026] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.289494] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.291466] RSP: 0018:ffff888013577bb8 EFLAGS: 00010246 [ 154.291969] RAX: 0000000000000000 RBX: ffff888012e498a8 RCX: 0000000000000000 [ 154.292631] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 154.293296] RBP: ffff888013577bd0 R08: ffffed10025c9333 R09: ffffed10025c9333 [ 154.293965] R10: ffff888012e49993 R11: ffffed10025c9332 R12: ffff8880140ef400 [ 154.294652] R13: ffff888012e499e8 R14: ffffffff8352e670 R15: ffff888013577e68 [ 154.295334] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.296362] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.296906] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 154.297572] PKRU: 55555554 [ 154.297855] Call Trace: [ 154.298096] [ 154.298314] __iommufd_access_detach+0x1c2/0x2b0 [ 154.298817] iommufd_access_change_pt+0x149/0x270 [ 154.299318] iommufd_access_replace+0xb4/0x120 [ 154.299768] iommufd_test+0x3e5/0x37e0 [ 154.300250] ? lock_release+0x532/0x770 [ 154.300718] ? __might_fault+0x102/0x1b0 [ 154.301192] ? lock_acquire+0x427/0x4c0 [ 154.301578] ? __pfx_iommufd_test+0x10/0x10 [ 154.301988] ? __pfx_lock_release+0x10/0x10 [ 154.302450] ? __pfx_lock_acquire+0x10/0x10 [ 154.303009] ? write_comp_data+0x2f/0x90 [ 154.303419] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.303884] ? write_comp_data+0x2f/0x90 [ 154.304281] iommufd_fops_ioctl+0x37d/0x510 [ 154.304689] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.305303] ? write_comp_data+0x2f/0x90 [ 154.305686] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.306137] __x64_sys_ioctl+0x1a3/0x230 [ 154.306545] do_syscall_64+0x3b/0x90 [ 154.306899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.307398] RIP: 0033:0x7f4b8743ee5d [ 154.307816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.309544] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.310420] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.311092] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.311759] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.312427] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.313228] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.313889] [ 154.314110] irq event stamp: 0 [ 154.314398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.314988] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.315774] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.316531] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.317101] ---[ end trace 0000000000000000 ]--- [ 154.320184] ------------[ cut here ]------------ [ 154.320644] WARNING: CPU: 1 PID: 1448 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.321548] Modules linked in: [ 154.321827] CPU: 1 PID: 1448 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.322596] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.323725] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.324157] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.325702] RSP: 0018:ffff888013577bd0 EFLAGS: 00010246 [ 154.326155] RAX: 0000000000000000 RBX: ffff888012e498a8 RCX: 0000000000000000 [ 154.326787] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 154.327410] RBP: ffff888013577be8 R08: ffffed10025c9333 R09: ffffed10025c9333 [ 154.328018] R10: ffff888012e49993 R11: ffffed10025c9332 R12: ffff888013b17800 [ 154.328628] R13: ffff888012e499e8 R14: ffff88800f401900 R15: 0000000000000000 [ 154.329238] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.329923] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.330428] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.331070] PKRU: 55555554 [ 154.331330] Call Trace: [ 154.331557] [ 154.331757] iommufd_access_destroy_object+0x65/0x170 [ 154.332203] iommufd_object_destroy_user+0x18e/0x220 [ 154.332642] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.333200] iommufd_access_destroy+0x43/0x70 [ 154.333603] iommufd_test_staccess_release+0x8d/0xd0 [ 154.334052] __fput+0x26d/0xa40 [ 154.334353] ____fput+0x1e/0x30 [ 154.334664] task_work_run+0x1a4/0x2d0 [ 154.335013] ? __pfx_task_work_run+0x10/0x10 [ 154.335423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.335849] ? switch_task_namespaces+0xa9/0xe0 [ 154.336261] do_exit+0xb17/0x2ef0 [ 154.336560] ? lock_acquire+0x427/0x4c0 [ 154.336912] ? __pfx_lock_release+0x10/0x10 [ 154.337290] ? __kasan_check_write+0x18/0x20 [ 154.337676] ? do_raw_spin_lock+0x132/0x2a0 [ 154.338048] ? __pfx_do_exit+0x10/0x10 [ 154.338392] ? debug_smp_processor_id+0x20/0x30 [ 154.338830] ? rcu_is_watching+0x19/0xb0 [ 154.339194] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.339591] ? trace_hardirqs_on+0x26/0x120 [ 154.339968] do_group_exit+0xe0/0x2b0 [ 154.340297] __x64_sys_exit_group+0x47/0x50 [ 154.340666] do_syscall_64+0x3b/0x90 [ 154.340997] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.341454] RIP: 0033:0x7f4b87518a4d [ 154.341780] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.342307] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.342987] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.343207] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 154.343611] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.346066] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 154.346661] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.346671] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.346680] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.346699] [ 154.350190] irq event stamp: 0 [ 154.350463] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.351013] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.351732] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.352438] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.352972] ---[ end trace 0000000000000000 ]--- [ 154.353715] ------------[ cut here ]------------ [ 154.354122] WARNING: CPU: 1 PID: 1448 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.355017] Modules linked in: [ 154.355310] CPU: 1 PID: 1448 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.356058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.357024] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.357469] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.359094] RSP: 0018:ffff888013577b78 EFLAGS: 00010246 [ 154.359559] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.360168] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 154.360777] RBP: ffff888013577b98 R08: ffffed10025c933e R09: ffffed10025c933e [ 154.361398] R10: ffff888012e499ef R11: ffffed10025c933d R12: ffff888012e49a90 [ 154.362005] R13: ffff888012e498a8 R14: ffffffffffffffff R15: ffff888013577c60 [ 154.362635] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.363333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.363831] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.364437] PKRU: 55555554 [ 154.364680] Call Trace: [ 154.364900] [ 154.365154] iommufd_ioas_destroy+0x53/0x70 [ 154.365529] iommufd_fops_release+0x1f7/0x370 [ 154.365920] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.366348] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.366790] ? write_comp_data+0x2f/0x90 [ 154.367160] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.367598] __fput+0x26d/0xa40 [ 154.367896] ____fput+0x1e/0x30 [ 154.368189] task_work_run+0x1a4/0x2d0 [ 154.368534] ? __pfx_task_work_run+0x10/0x10 [ 154.368918] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.369344] ? switch_task_namespaces+0xa9/0xe0 [ 154.369756] do_exit+0xb17/0x2ef0 [ 154.370058] ? lock_acquire+0x427/0x4c0 [ 154.370412] ? __pfx_lock_release+0x10/0x10 [ 154.370810] ? __kasan_check_write+0x18/0x20 [ 154.371207] ? do_raw_spin_lock+0x132/0x2a0 [ 154.371586] ? __pfx_do_exit+0x10/0x10 [ 154.371930] ? debug_smp_processor_id+0x20/0x30 [ 154.372335] ? rcu_is_watching+0x19/0xb0 [ 154.372688] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.373080] ? trace_hardirqs_on+0x26/0x120 [ 154.373462] do_group_exit+0xe0/0x2b0 [ 154.373793] __x64_sys_exit_group+0x47/0x50 [ 154.374162] do_syscall_64+0x3b/0x90 [ 154.374487] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.374959] RIP: 0033:0x7f4b87518a4d [ 154.375295] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.375832] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.376697] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.377312] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.377922] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.378549] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.379188] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.379971] [ 154.380173] irq event stamp: 0 [ 154.380445] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.380977] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.381688] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.382400] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.382954] ---[ end trace 0000000000000000 ]--- [ 154.390903] ------------[ cut here ]------------ [ 154.391372] WARNING: CPU: 1 PID: 1450 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.392394] Modules linked in: [ 154.392670] CPU: 1 PID: 1450 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.393411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.394536] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.394964] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.396521] RSP: 0018:ffff888016d0fbb8 EFLAGS: 00010246 [ 154.397039] RAX: 0000000000000000 RBX: ffff88801664a8a8 RCX: 0000000000000000 [ 154.397646] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 154.398330] RBP: ffff888016d0fbd0 R08: ffffed1002cc9533 R09: ffffed1002cc9533 [ 154.399022] R10: ffff88801664a993 R11: ffffed1002cc9532 R12: ffff888014583c00 [ 154.399640] R13: ffff88801664a9e8 R14: ffffffff8352e670 R15: ffff888016d0fe68 [ 154.400249] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.401089] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.401584] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 154.402195] PKRU: 55555554 [ 154.402441] Call Trace: [ 154.402711] [ 154.403010] __iommufd_access_detach+0x1c2/0x2b0 [ 154.403461] iommufd_access_change_pt+0x149/0x270 [ 154.403888] iommufd_access_replace+0xb4/0x120 [ 154.404294] iommufd_test+0x3e5/0x37e0 [ 154.404627] ? lock_release+0x532/0x770 [ 154.404979] ? __might_fault+0x102/0x1b0 [ 154.405471] ? lock_acquire+0x427/0x4c0 [ 154.405824] ? __pfx_iommufd_test+0x10/0x10 [ 154.406194] ? __pfx_lock_release+0x10/0x10 [ 154.406588] ? __pfx_lock_acquire+0x10/0x10 [ 154.406972] ? write_comp_data+0x2f/0x90 [ 154.407342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.407923] ? write_comp_data+0x2f/0x90 [ 154.408290] iommufd_fops_ioctl+0x37d/0x510 [ 154.408668] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.409091] ? write_comp_data+0x2f/0x90 [ 154.409452] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.409995] __x64_sys_ioctl+0x1a3/0x230 [ 154.410355] do_syscall_64+0x3b/0x90 [ 154.410699] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.411171] RIP: 0033:0x7f4b8743ee5d [ 154.411492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.413203] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.413925] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.414690] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.415311] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.415917] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.416667] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.417291] [ 154.417495] irq event stamp: 0 [ 154.417765] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.418303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.419189] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.419914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.420456] ---[ end trace 0000000000000000 ]--- [ 154.423404] ------------[ cut here ]------------ [ 154.423852] WARNING: CPU: 1 PID: 1450 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.424717] Modules linked in: [ 154.424992] CPU: 1 PID: 1450 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.425734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.426708] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.427160] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.428716] RSP: 0018:ffff888016d0fbd0 EFLAGS: 00010246 [ 154.429240] RAX: 0000000000000000 RBX: ffff88801664a8a8 RCX: 0000000000000000 [ 154.429842] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 154.430444] RBP: ffff888016d0fbe8 R08: ffffed1002cc9533 R09: ffffed1002cc9533 [ 154.431069] R10: ffff88801664a993 R11: ffffed1002cc9532 R12: ffff8880140ed800 [ 154.431681] R13: ffff88801664a9e8 R14: ffff88800f120a00 R15: 0000000000000000 [ 154.432285] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.432968] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.433461] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.434066] PKRU: 55555554 [ 154.434307] Call Trace: [ 154.434541] [ 154.434737] iommufd_access_destroy_object+0x65/0x170 [ 154.435192] iommufd_object_destroy_user+0x18e/0x220 [ 154.435633] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.436136] iommufd_access_destroy+0x43/0x70 [ 154.436528] iommufd_test_staccess_release+0x8d/0xd0 [ 154.436972] __fput+0x26d/0xa40 [ 154.437270] ____fput+0x1e/0x30 [ 154.437561] task_work_run+0x1a4/0x2d0 [ 154.437925] ? __pfx_task_work_run+0x10/0x10 [ 154.438312] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.438753] ? switch_task_namespaces+0xa9/0xe0 [ 154.439169] do_exit+0xb17/0x2ef0 [ 154.439473] ? lock_acquire+0x427/0x4c0 [ 154.439830] ? __pfx_lock_release+0x10/0x10 [ 154.440210] ? __kasan_check_write+0x18/0x20 [ 154.440598] ? do_raw_spin_lock+0x132/0x2a0 [ 154.440973] ? __pfx_do_exit+0x10/0x10 [ 154.441316] ? debug_smp_processor_id+0x20/0x30 [ 154.441716] ? rcu_is_watching+0x19/0xb0 [ 154.442067] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.442454] ? trace_hardirqs_on+0x26/0x120 [ 154.442841] do_group_exit+0xe0/0x2b0 [ 154.443183] __x64_sys_exit_group+0x47/0x50 [ 154.443533] do_syscall_64+0x3b/0x90 [ 154.443843] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.444269] RIP: 0033:0x7f4b87518a4d [ 154.444571] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.445067] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.445683] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.446255] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.446849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.447433] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.448005] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.448591] [ 154.448783] irq event stamp: 0 [ 154.449038] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.449552] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.450228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.450922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.451441] ---[ end trace 0000000000000000 ]--- [ 154.452156] ------------[ cut here ]------------ [ 154.452547] WARNING: CPU: 1 PID: 1450 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.453371] Modules linked in: [ 154.453630] CPU: 1 PID: 1450 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.454328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.455254] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.455673] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.457144] RSP: 0018:ffff888016d0fb78 EFLAGS: 00010246 [ 154.457580] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.458157] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 154.458750] RBP: ffff888016d0fb98 R08: ffffed1002cc953e R09: ffffed1002cc953e [ 154.459335] R10: ffff88801664a9ef R11: ffffed1002cc953d R12: ffff88801664aa90 [ 154.459907] R13: ffff88801664a8a8 R14: ffffffffffffffff R15: ffff888016d0fc60 [ 154.460490] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.461197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.461666] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.462240] PKRU: 55555554 [ 154.462470] Call Trace: [ 154.462696] [ 154.462884] iommufd_ioas_destroy+0x53/0x70 [ 154.463250] iommufd_fops_release+0x1f7/0x370 [ 154.463623] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.464031] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.464437] ? write_comp_data+0x2f/0x90 [ 154.464778] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.465186] __fput+0x26d/0xa40 [ 154.465478] ____fput+0x1e/0x30 [ 154.465754] task_work_run+0x1a4/0x2d0 [ 154.466078] ? __pfx_task_work_run+0x10/0x10 [ 154.466440] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.466864] ? switch_task_namespaces+0xa9/0xe0 [ 154.467266] do_exit+0xb17/0x2ef0 [ 154.467555] ? lock_acquire+0x427/0x4c0 [ 154.467888] ? __pfx_lock_release+0x10/0x10 [ 154.468244] ? __kasan_check_write+0x18/0x20 [ 154.468608] ? do_raw_spin_lock+0x132/0x2a0 [ 154.468959] ? __pfx_do_exit+0x10/0x10 [ 154.469286] ? debug_smp_processor_id+0x20/0x30 [ 154.469665] ? rcu_is_watching+0x19/0xb0 [ 154.469997] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.470366] ? trace_hardirqs_on+0x26/0x120 [ 154.470746] do_group_exit+0xe0/0x2b0 [ 154.471062] __x64_sys_exit_group+0x47/0x50 [ 154.471429] do_syscall_64+0x3b/0x90 [ 154.471740] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.472164] RIP: 0033:0x7f4b87518a4d [ 154.472469] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.472968] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.473587] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.474159] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.474750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.475351] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.475927] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.476514] [ 154.476708] irq event stamp: 0 [ 154.476963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.477476] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.478148] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.478837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.479355] ---[ end trace 0000000000000000 ]--- [ 154.483745] ------------[ cut here ]------------ [ 154.484167] WARNING: CPU: 1 PID: 1451 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.484978] Modules linked in: [ 154.485236] CPU: 1 PID: 1451 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.485945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.486972] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.487385] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.488845] RSP: 0018:ffff88802456fbb8 EFLAGS: 00010246 [ 154.489272] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 154.489843] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 154.490416] RBP: ffff88802456fbd0 R08: ffffed100173f833 R09: ffffed100173f833 [ 154.491003] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff888010826400 [ 154.491594] R13: ffff88800b9fc1e8 R14: ffffffff8352e670 R15: ffff88802456fe68 [ 154.492173] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.492824] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.493360] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 154.493931] PKRU: 55555554 [ 154.494158] Call Trace: [ 154.494367] [ 154.494568] __iommufd_access_detach+0x1c2/0x2b0 [ 154.494966] iommufd_access_change_pt+0x149/0x270 [ 154.495371] iommufd_access_replace+0xb4/0x120 [ 154.495757] iommufd_test+0x3e5/0x37e0 [ 154.496077] ? lock_release+0x532/0x770 [ 154.496401] ? __might_fault+0x102/0x1b0 [ 154.496728] ? lock_acquire+0x427/0x4c0 [ 154.497050] ? __pfx_iommufd_test+0x10/0x10 [ 154.497385] ? __pfx_lock_release+0x10/0x10 [ 154.497735] ? __pfx_lock_acquire+0x10/0x10 [ 154.498086] ? write_comp_data+0x2f/0x90 [ 154.498418] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.498826] ? write_comp_data+0x2f/0x90 [ 154.499166] iommufd_fops_ioctl+0x37d/0x510 [ 154.499514] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.499900] ? write_comp_data+0x2f/0x90 [ 154.500227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.500608] __x64_sys_ioctl+0x1a3/0x230 [ 154.500941] do_syscall_64+0x3b/0x90 [ 154.501242] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.501656] RIP: 0033:0x7f4b8743ee5d [ 154.501951] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.503392] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.503998] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.504557] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.505115] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.505669] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.506222] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.506808] [ 154.506995] irq event stamp: 0 [ 154.507263] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.507765] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.508445] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.509230] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.509727] ---[ end trace 0000000000000000 ]--- [ 154.512500] ------------[ cut here ]------------ [ 154.513008] WARNING: CPU: 1 PID: 1451 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.513802] Modules linked in: [ 154.514060] CPU: 1 PID: 1451 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.515000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.515897] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.516290] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.517823] RSP: 0018:ffff88802456fbd0 EFLAGS: 00010246 [ 154.518239] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 154.518819] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 154.519482] RBP: ffff88802456fbe8 R08: ffffed100173f833 R09: ffffed100173f833 [ 154.520046] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff888014581800 [ 154.520617] R13: ffff88800b9fc1e8 R14: ffff888020947f00 R15: 0000000000000000 [ 154.521366] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.522044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.522559] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.523188] PKRU: 55555554 [ 154.523491] Call Trace: [ 154.523793] [ 154.523987] iommufd_access_destroy_object+0x65/0x170 [ 154.524430] iommufd_object_destroy_user+0x18e/0x220 [ 154.524866] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.525505] iommufd_access_destroy+0x43/0x70 [ 154.525965] iommufd_test_staccess_release+0x8d/0xd0 [ 154.526404] __fput+0x26d/0xa40 [ 154.526725] ____fput+0x1e/0x30 [ 154.527017] task_work_run+0x1a4/0x2d0 [ 154.527358] ? __pfx_task_work_run+0x10/0x10 [ 154.527710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.528217] ? switch_task_namespaces+0xa9/0xe0 [ 154.528595] do_exit+0xb17/0x2ef0 [ 154.528871] ? lock_acquire+0x427/0x4c0 [ 154.529195] ? __pfx_lock_release+0x10/0x10 [ 154.529540] ? __kasan_check_write+0x18/0x20 [ 154.529941] ? do_raw_spin_lock+0x132/0x2a0 [ 154.530329] ? __pfx_do_exit+0x10/0x10 [ 154.530662] ? debug_smp_processor_id+0x20/0x30 [ 154.531040] ? rcu_is_watching+0x19/0xb0 [ 154.531377] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.531745] ? trace_hardirqs_on+0x26/0x120 [ 154.532137] do_group_exit+0xe0/0x2b0 [ 154.532502] __x64_sys_exit_group+0x47/0x50 [ 154.532841] do_syscall_64+0x3b/0x90 [ 154.533150] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.533563] RIP: 0033:0x7f4b87518a4d [ 154.533890] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.534445] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.535082] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.535673] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.536324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.536958] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.537543] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.538168] [ 154.538420] irq event stamp: 0 [ 154.538699] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.539225] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.539906] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.540705] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.541230] ---[ end trace 0000000000000000 ]--- [ 154.541937] ------------[ cut here ]------------ [ 154.542396] WARNING: CPU: 1 PID: 1451 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.543294] Modules linked in: [ 154.543562] CPU: 1 PID: 1451 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.544273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.545339] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.545781] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.547492] RSP: 0018:ffff88802456fb78 EFLAGS: 00010246 [ 154.547950] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.548554] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 154.549306] RBP: ffff88802456fb98 R08: ffffed100173f83e R09: ffffed100173f83e [ 154.549904] R10: ffff88800b9fc1ef R11: ffffed100173f83d R12: ffff88800b9fc290 [ 154.550499] R13: ffff88800b9fc0a8 R14: ffffffffffffffff R15: ffff88802456fc60 [ 154.551213] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.551958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.552448] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.553097] PKRU: 55555554 [ 154.553428] Call Trace: [ 154.553650] [ 154.553843] iommufd_ioas_destroy+0x53/0x70 [ 154.554216] iommufd_fops_release+0x1f7/0x370 [ 154.554628] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.555057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.555571] ? write_comp_data+0x2f/0x90 [ 154.556006] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.556437] __fput+0x26d/0xa40 [ 154.556734] ____fput+0x1e/0x30 [ 154.557083] task_work_run+0x1a4/0x2d0 [ 154.557507] ? __pfx_task_work_run+0x10/0x10 [ 154.557946] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.558368] ? switch_task_namespaces+0xa9/0xe0 [ 154.558795] do_exit+0xb17/0x2ef0 [ 154.559097] ? lock_acquire+0x427/0x4c0 [ 154.559457] ? __pfx_lock_release+0x10/0x10 [ 154.559906] ? __kasan_check_write+0x18/0x20 [ 154.560355] ? do_raw_spin_lock+0x132/0x2a0 [ 154.560726] ? __pfx_do_exit+0x10/0x10 [ 154.561067] ? debug_smp_processor_id+0x20/0x30 [ 154.561468] ? rcu_is_watching+0x19/0xb0 [ 154.561898] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.562359] ? trace_hardirqs_on+0x26/0x120 [ 154.562757] do_group_exit+0xe0/0x2b0 [ 154.563086] __x64_sys_exit_group+0x47/0x50 [ 154.563468] do_syscall_64+0x3b/0x90 [ 154.563793] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.564322] RIP: 0033:0x7f4b87518a4d [ 154.564714] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.565238] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.565886] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.566485] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.567128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.567726] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.568322] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.568923] [ 154.569121] irq event stamp: 0 [ 154.569385] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.569910] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.570627] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.571353] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.571889] ---[ end trace 0000000000000000 ]--- [ 154.576455] ------------[ cut here ]------------ [ 154.576893] WARNING: CPU: 1 PID: 1452 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.577739] Modules linked in: [ 154.578008] CPU: 1 PID: 1452 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.578786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.579737] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.580154] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.581673] RSP: 0018:ffff8880158bfbb8 EFLAGS: 00010246 [ 154.582118] RAX: 0000000000000000 RBX: ffff888016d0f8a8 RCX: 0000000000000000 [ 154.582723] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 154.583330] RBP: ffff8880158bfbd0 R08: ffffed1002da1f33 R09: ffffed1002da1f33 [ 154.583928] R10: ffff888016d0f993 R11: ffffed1002da1f32 R12: ffff88800fcb2000 [ 154.584528] R13: ffff888016d0f9e8 R14: ffffffff8352e670 R15: ffff8880158bfe68 [ 154.585124] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.585796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.586279] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 154.586891] PKRU: 55555554 [ 154.587144] Call Trace: [ 154.587364] [ 154.587556] __iommufd_access_detach+0x1c2/0x2b0 [ 154.587970] iommufd_access_change_pt+0x149/0x270 [ 154.588384] iommufd_access_replace+0xb4/0x120 [ 154.588781] iommufd_test+0x3e5/0x37e0 [ 154.589174] ? lock_release+0x532/0x770 [ 154.589519] ? __might_fault+0x102/0x1b0 [ 154.589867] ? lock_acquire+0x427/0x4c0 [ 154.590214] ? __pfx_iommufd_test+0x10/0x10 [ 154.590593] ? __pfx_lock_release+0x10/0x10 [ 154.590966] ? __pfx_lock_acquire+0x10/0x10 [ 154.591353] ? write_comp_data+0x2f/0x90 [ 154.591706] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.592123] ? write_comp_data+0x2f/0x90 [ 154.592478] iommufd_fops_ioctl+0x37d/0x510 [ 154.592847] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.593263] ? write_comp_data+0x2f/0x90 [ 154.593616] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.594028] __x64_sys_ioctl+0x1a3/0x230 [ 154.594383] do_syscall_64+0x3b/0x90 [ 154.594723] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.595174] RIP: 0033:0x7f4b8743ee5d [ 154.595500] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.597249] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.597898] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.598676] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.599289] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.599892] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.600490] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.601250] [ 154.601450] irq event stamp: 0 [ 154.601715] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.602247] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.603160] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.603870] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.604409] ---[ end trace 0000000000000000 ]--- [ 154.607255] ------------[ cut here ]------------ [ 154.607684] WARNING: CPU: 1 PID: 1452 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.608532] Modules linked in: [ 154.608803] CPU: 1 PID: 1452 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.609699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.610846] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.611282] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.612871] RSP: 0018:ffff8880158bfbd0 EFLAGS: 00010246 [ 154.613300] RAX: 0000000000000000 RBX: ffff888016d0f8a8 RCX: 0000000000000000 [ 154.613874] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 154.614440] RBP: ffff8880158bfbe8 R08: ffffed1002da1f33 R09: ffffed1002da1f33 [ 154.615030] R10: ffff888016d0f993 R11: ffffed1002da1f32 R12: ffff888012e96800 [ 154.615616] R13: ffff888016d0f9e8 R14: ffff888020a38300 R15: 0000000000000000 [ 154.616188] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.616830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.617293] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.617867] PKRU: 55555554 [ 154.618100] Call Trace: [ 154.618307] [ 154.618491] iommufd_access_destroy_object+0x65/0x170 [ 154.618929] iommufd_object_destroy_user+0x18e/0x220 [ 154.619347] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.619819] iommufd_access_destroy+0x43/0x70 [ 154.620193] iommufd_test_staccess_release+0x8d/0xd0 [ 154.620607] __fput+0x26d/0xa40 [ 154.620888] ____fput+0x1e/0x30 [ 154.621237] task_work_run+0x1a4/0x2d0 [ 154.621558] ? __pfx_task_work_run+0x10/0x10 [ 154.621917] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.622314] ? switch_task_namespaces+0xa9/0xe0 [ 154.622714] do_exit+0xb17/0x2ef0 [ 154.622996] ? lock_acquire+0x427/0x4c0 [ 154.623333] ? __pfx_lock_release+0x10/0x10 [ 154.623687] ? __kasan_check_write+0x18/0x20 [ 154.624044] ? do_raw_spin_lock+0x132/0x2a0 [ 154.624392] ? __pfx_do_exit+0x10/0x10 [ 154.624717] ? debug_smp_processor_id+0x20/0x30 [ 154.625096] ? rcu_is_watching+0x19/0xb0 [ 154.625425] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.625795] ? trace_hardirqs_on+0x26/0x120 [ 154.626149] do_group_exit+0xe0/0x2b0 [ 154.626460] __x64_sys_exit_group+0x47/0x50 [ 154.626833] do_syscall_64+0x3b/0x90 [ 154.627164] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.627611] RIP: 0033:0x7f4b87518a4d [ 154.627930] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.628446] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.629081] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.629673] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.630266] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.630874] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.631478] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.632081] [ 154.632276] irq event stamp: 0 [ 154.632542] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.633064] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.633761] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.634454] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.634998] ---[ end trace 0000000000000000 ]--- [ 154.635751] ------------[ cut here ]------------ [ 154.636147] WARNING: CPU: 1 PID: 1452 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.636994] Modules linked in: [ 154.637265] CPU: 1 PID: 1452 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.637993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.638957] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.639411] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.640939] RSP: 0018:ffff8880158bfb78 EFLAGS: 00010246 [ 154.641388] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.641979] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 154.642592] RBP: ffff8880158bfb98 R08: ffffed1002da1f3e R09: ffffed1002da1f3e [ 154.643198] R10: ffff888016d0f9ef R11: ffffed1002da1f3d R12: ffff888016d0fa90 [ 154.643794] R13: ffff888016d0f8a8 R14: ffffffffffffffff R15: ffff8880158bfc60 [ 154.644393] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.645062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.645545] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.646139] PKRU: 55555554 [ 154.646375] Call Trace: [ 154.646606] [ 154.646800] iommufd_ioas_destroy+0x53/0x70 [ 154.647181] iommufd_fops_release+0x1f7/0x370 [ 154.647566] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.647990] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.648405] ? write_comp_data+0x2f/0x90 [ 154.648757] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.649177] __fput+0x26d/0xa40 [ 154.649466] ____fput+0x1e/0x30 [ 154.649749] task_work_run+0x1a4/0x2d0 [ 154.650086] ? __pfx_task_work_run+0x10/0x10 [ 154.650461] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.650895] ? switch_task_namespaces+0xa9/0xe0 [ 154.651312] do_exit+0xb17/0x2ef0 [ 154.651606] ? lock_acquire+0x427/0x4c0 [ 154.651950] ? __pfx_lock_release+0x10/0x10 [ 154.652324] ? __kasan_check_write+0x18/0x20 [ 154.652700] ? do_raw_spin_lock+0x132/0x2a0 [ 154.653123] ? __pfx_do_exit+0x10/0x10 [ 154.653466] ? debug_smp_processor_id+0x20/0x30 [ 154.653861] ? rcu_is_watching+0x19/0xb0 [ 154.654203] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.654609] ? trace_hardirqs_on+0x26/0x120 [ 154.654979] do_group_exit+0xe0/0x2b0 [ 154.655305] __x64_sys_exit_group+0x47/0x50 [ 154.655673] do_syscall_64+0x3b/0x90 [ 154.655991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.656424] RIP: 0033:0x7f4b87518a4d [ 154.656730] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.657241] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.657863] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.658449] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.659049] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.659643] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.660229] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.660821] [ 154.661013] irq event stamp: 0 [ 154.661277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.661795] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.662481] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.663191] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.663705] ---[ end trace 0000000000000000 ]--- [ 154.668254] ------------[ cut here ]------------ [ 154.668667] WARNING: CPU: 1 PID: 1453 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.669497] Modules linked in: [ 154.669762] CPU: 1 PID: 1453 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.670478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.671527] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.671936] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.673440] RSP: 0018:ffff888012e4fbb8 EFLAGS: 00010246 [ 154.673878] RAX: 0000000000000000 RBX: ffff888010ffe0a8 RCX: 0000000000000000 [ 154.674457] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 154.675051] RBP: ffff888012e4fbd0 R08: ffffed10021ffc33 R09: ffffed10021ffc33 [ 154.675647] R10: ffff888010ffe193 R11: ffffed10021ffc32 R12: ffff888012e93c00 [ 154.676228] R13: ffff888010ffe1e8 R14: ffffffff8352e670 R15: ffff888012e4fe68 [ 154.676811] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.677470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.677945] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 154.678546] PKRU: 55555554 [ 154.678782] Call Trace: [ 154.678991] [ 154.679190] __iommufd_access_detach+0x1c2/0x2b0 [ 154.679589] iommufd_access_change_pt+0x149/0x270 [ 154.679996] iommufd_access_replace+0xb4/0x120 [ 154.680384] iommufd_test+0x3e5/0x37e0 [ 154.680705] ? lock_release+0x532/0x770 [ 154.681042] ? __might_fault+0x102/0x1b0 [ 154.681388] ? lock_acquire+0x427/0x4c0 [ 154.681730] ? __pfx_iommufd_test+0x10/0x10 [ 154.682085] ? __pfx_lock_release+0x10/0x10 [ 154.682449] ? __pfx_lock_acquire+0x10/0x10 [ 154.682833] ? write_comp_data+0x2f/0x90 [ 154.683188] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.683596] ? write_comp_data+0x2f/0x90 [ 154.683941] iommufd_fops_ioctl+0x37d/0x510 [ 154.684314] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.684724] ? write_comp_data+0x2f/0x90 [ 154.685147] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.685550] __x64_sys_ioctl+0x1a3/0x230 [ 154.685897] do_syscall_64+0x3b/0x90 [ 154.686221] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.686685] RIP: 0033:0x7f4b8743ee5d [ 154.686998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.688507] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.689136] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.689726] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.690312] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.690919] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.691515] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.692107] [ 154.692303] irq event stamp: 0 [ 154.692571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.693098] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.693796] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.694486] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.695024] ---[ end trace 0000000000000000 ]--- [ 154.697756] ------------[ cut here ]------------ [ 154.698179] WARNING: CPU: 1 PID: 1453 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.699047] Modules linked in: [ 154.699343] CPU: 1 PID: 1453 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.700067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.700997] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.701410] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.702924] RSP: 0018:ffff888012e4fbd0 EFLAGS: 00010246 [ 154.703375] RAX: 0000000000000000 RBX: ffff888010ffe0a8 RCX: 0000000000000000 [ 154.703965] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 154.704554] RBP: ffff888012e4fbe8 R08: ffffed10021ffc33 R09: ffffed10021ffc33 [ 154.705147] R10: ffff888010ffe193 R11: ffffed10021ffc32 R12: ffff88800fcb1400 [ 154.705739] R13: ffff888010ffe1e8 R14: ffff888020edb200 R15: 0000000000000000 [ 154.706329] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.707015] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.707510] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.708098] PKRU: 55555554 [ 154.708334] Call Trace: [ 154.708545] [ 154.708739] iommufd_access_destroy_object+0x65/0x170 [ 154.709172] iommufd_object_destroy_user+0x18e/0x220 [ 154.709601] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.710087] iommufd_access_destroy+0x43/0x70 [ 154.710474] iommufd_test_staccess_release+0x8d/0xd0 [ 154.710926] __fput+0x26d/0xa40 [ 154.711222] ____fput+0x1e/0x30 [ 154.711508] task_work_run+0x1a4/0x2d0 [ 154.711840] ? __pfx_task_work_run+0x10/0x10 [ 154.712212] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.712622] ? switch_task_namespaces+0xa9/0xe0 [ 154.713017] do_exit+0xb17/0x2ef0 [ 154.713310] ? lock_acquire+0x427/0x4c0 [ 154.713647] ? __pfx_lock_release+0x10/0x10 [ 154.714011] ? __kasan_check_write+0x18/0x20 [ 154.714383] ? do_raw_spin_lock+0x132/0x2a0 [ 154.714763] ? __pfx_do_exit+0x10/0x10 [ 154.715095] ? debug_smp_processor_id+0x20/0x30 [ 154.715499] ? rcu_is_watching+0x19/0xb0 [ 154.715837] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.716215] ? trace_hardirqs_on+0x26/0x120 [ 154.716581] do_group_exit+0xe0/0x2b0 [ 154.716900] __x64_sys_exit_group+0x47/0x50 [ 154.717318] do_syscall_64+0x3b/0x90 [ 154.717636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.718068] RIP: 0033:0x7f4b87518a4d [ 154.718378] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.718907] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.719546] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.720138] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.720730] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.721323] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.721915] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.722533] [ 154.722731] irq event stamp: 0 [ 154.722997] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.723527] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.724221] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.724922] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.725459] ---[ end trace 0000000000000000 ]--- [ 154.726196] ------------[ cut here ]------------ [ 154.726631] WARNING: CPU: 1 PID: 1453 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.727512] Modules linked in: [ 154.727789] CPU: 1 PID: 1453 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.728521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.729463] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.729903] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.731441] RSP: 0018:ffff888012e4fb78 EFLAGS: 00010246 [ 154.731859] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.732405] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 154.732955] RBP: ffff888012e4fb98 R08: ffffed10021ffc3e R09: ffffed10021ffc3e [ 154.733509] R10: ffff888010ffe1ef R11: ffffed10021ffc3d R12: ffff888010ffe290 [ 154.734058] R13: ffff888010ffe0a8 R14: ffffffffffffffff R15: ffff888012e4fc60 [ 154.734624] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.735251] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.735701] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.736255] PKRU: 55555554 [ 154.736478] Call Trace: [ 154.736682] [ 154.736865] iommufd_ioas_destroy+0x53/0x70 [ 154.737211] iommufd_fops_release+0x1f7/0x370 [ 154.737566] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.737957] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.738343] ? write_comp_data+0x2f/0x90 [ 154.738695] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.739090] __fput+0x26d/0xa40 [ 154.739380] ____fput+0x1e/0x30 [ 154.739649] task_work_run+0x1a4/0x2d0 [ 154.739958] ? __pfx_task_work_run+0x10/0x10 [ 154.740304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.740688] ? switch_task_namespaces+0xa9/0xe0 [ 154.741061] do_exit+0xb17/0x2ef0 [ 154.741334] ? lock_acquire+0x427/0x4c0 [ 154.741654] ? __pfx_lock_release+0x10/0x10 [ 154.741996] ? __kasan_check_write+0x18/0x20 [ 154.742343] ? do_raw_spin_lock+0x132/0x2a0 [ 154.742711] ? __pfx_do_exit+0x10/0x10 [ 154.743032] ? debug_smp_processor_id+0x20/0x30 [ 154.743413] ? rcu_is_watching+0x19/0xb0 [ 154.743735] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.744090] ? trace_hardirqs_on+0x26/0x120 [ 154.744434] do_group_exit+0xe0/0x2b0 [ 154.744731] __x64_sys_exit_group+0x47/0x50 [ 154.745067] do_syscall_64+0x3b/0x90 [ 154.745370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.745791] RIP: 0033:0x7f4b87518a4d [ 154.746106] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.746649] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.747301] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.747889] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.748486] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.749137] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.749731] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.750329] [ 154.750558] irq event stamp: 0 [ 154.750826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.751357] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.752056] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.752756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.753280] ---[ end trace 0000000000000000 ]--- [ 154.758419] ------------[ cut here ]------------ [ 154.759175] WARNING: CPU: 0 PID: 1454 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.760083] Modules linked in: [ 154.760367] CPU: 0 PID: 1454 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.761196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.762164] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.762637] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.764324] RSP: 0018:ffff88800b727bb8 EFLAGS: 00010246 [ 154.764791] RAX: 0000000000000000 RBX: ffff888010fd80a8 RCX: 0000000000000000 [ 154.765392] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 154.766007] RBP: ffff88800b727bd0 R08: ffffed10021fb033 R09: ffffed10021fb033 [ 154.766641] R10: ffff888010fd8193 R11: ffffed10021fb032 R12: ffff88801422c800 [ 154.767333] R13: ffff888010fd81e8 R14: ffffffff8352e670 R15: ffff88800b727e68 [ 154.767940] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 154.768643] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.769143] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 154.769762] PKRU: 55555554 [ 154.770010] Call Trace: [ 154.770226] [ 154.770429] __iommufd_access_detach+0x1c2/0x2b0 [ 154.770892] iommufd_access_change_pt+0x149/0x270 [ 154.771433] iommufd_access_replace+0xb4/0x120 [ 154.771845] iommufd_test+0x3e5/0x37e0 [ 154.772196] ? lock_release+0x532/0x770 [ 154.772570] ? __might_fault+0x102/0x1b0 [ 154.772932] ? lock_acquire+0x427/0x4c0 [ 154.773287] ? __pfx_iommufd_test+0x10/0x10 [ 154.773675] ? __pfx_lock_release+0x10/0x10 [ 154.774057] ? __pfx_lock_acquire+0x10/0x10 [ 154.774442] ? write_comp_data+0x2f/0x90 [ 154.774860] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.775407] ? write_comp_data+0x2f/0x90 [ 154.775794] iommufd_fops_ioctl+0x37d/0x510 [ 154.776176] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.776603] ? write_comp_data+0x2f/0x90 [ 154.776982] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.777402] __x64_sys_ioctl+0x1a3/0x230 [ 154.777763] do_syscall_64+0x3b/0x90 [ 154.778103] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.778592] RIP: 0033:0x7f4b8743ee5d [ 154.778997] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.780578] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.781204] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.781797] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.782393] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.783011] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.783682] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.784282] [ 154.784478] irq event stamp: 0 [ 154.784747] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.785254] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.785946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.786664] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.787294] ---[ end trace 0000000000000000 ]--- [ 154.790272] ------------[ cut here ]------------ [ 154.791055] WARNING: CPU: 1 PID: 1454 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.791913] Modules linked in: [ 154.792178] CPU: 1 PID: 1454 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.792916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.793853] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.794272] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.795904] RSP: 0018:ffff88800b727bd0 EFLAGS: 00010246 [ 154.796451] RAX: 0000000000000000 RBX: ffff888010fd80a8 RCX: 0000000000000000 [ 154.797040] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 154.797644] RBP: ffff88800b727be8 R08: ffffed10021fb033 R09: ffffed10021fb033 [ 154.798233] R10: ffff888010fd8193 R11: ffffed10021fb032 R12: ffff888013b22000 [ 154.798867] R13: ffff888010fd81e8 R14: ffff888013884900 R15: 0000000000000000 [ 154.799539] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.800219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.800708] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.801312] PKRU: 55555554 [ 154.801549] Call Trace: [ 154.801762] [ 154.801965] iommufd_access_destroy_object+0x65/0x170 [ 154.802405] iommufd_object_destroy_user+0x18e/0x220 [ 154.802864] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.803642] iommufd_access_destroy+0x43/0x70 [ 154.804182] iommufd_test_staccess_release+0x8d/0xd0 [ 154.804783] __fput+0x26d/0xa40 [ 154.805197] ____fput+0x1e/0x30 [ 154.805600] task_work_run+0x1a4/0x2d0 [ 154.806068] ? __pfx_task_work_run+0x10/0x10 [ 154.806646] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.807253] ? switch_task_namespaces+0xa9/0xe0 [ 154.807802] do_exit+0xb17/0x2ef0 [ 154.808207] ? lock_acquire+0x427/0x4c0 [ 154.808683] ? __pfx_lock_release+0x10/0x10 [ 154.809198] ? __kasan_check_write+0x18/0x20 [ 154.809722] ? do_raw_spin_lock+0x132/0x2a0 [ 154.810233] ? __pfx_do_exit+0x10/0x10 [ 154.810751] ? debug_smp_processor_id+0x20/0x30 [ 154.811333] ? rcu_is_watching+0x19/0xb0 [ 154.811821] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.812361] ? trace_hardirqs_on+0x26/0x120 [ 154.812875] do_group_exit+0xe0/0x2b0 [ 154.813326] __x64_sys_exit_group+0x47/0x50 [ 154.813827] do_syscall_64+0x3b/0x90 [ 154.814277] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.814932] RIP: 0033:0x7f4b87518a4d [ 154.815412] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.816130] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.817011] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.817848] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.818728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.819584] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.820413] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.821264] [ 154.821556] irq event stamp: 0 [ 154.821931] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.822717] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.823718] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.824698] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.825440] ---[ end trace 0000000000000000 ]--- [ 154.826990] ------------[ cut here ]------------ [ 154.827595] WARNING: CPU: 1 PID: 1454 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.828794] Modules linked in: [ 154.829191] CPU: 1 PID: 1454 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.830220] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.831604] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.832235] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.834353] RSP: 0018:ffff88800b727b78 EFLAGS: 00010246 [ 154.835030] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.835893] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 154.836755] RBP: ffff88800b727b98 R08: ffffed10021fb03e R09: ffffed10021fb03e [ 154.837621] R10: ffff888010fd81ef R11: ffffed10021fb03d R12: ffff888010fd8290 [ 154.838482] R13: ffff888010fd80a8 R14: ffffffffffffffff R15: ffff88800b727c60 [ 154.839401] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.840371] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.841078] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.841942] PKRU: 55555554 [ 154.842298] Call Trace: [ 154.842658] [ 154.842950] iommufd_ioas_destroy+0x53/0x70 [ 154.843516] iommufd_fops_release+0x1f7/0x370 [ 154.844077] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.844693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.845307] ? write_comp_data+0x2f/0x90 [ 154.845826] ? __pfx_iommufd_fops_release+0x10/0x10 [ 154.846445] __fput+0x26d/0xa40 [ 154.846926] ____fput+0x1e/0x30 [ 154.847386] task_work_run+0x1a4/0x2d0 [ 154.847886] ? __pfx_task_work_run+0x10/0x10 [ 154.848440] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.849048] ? switch_task_namespaces+0xa9/0xe0 [ 154.849637] do_exit+0xb17/0x2ef0 [ 154.850067] ? lock_acquire+0x427/0x4c0 [ 154.850617] ? __pfx_lock_release+0x10/0x10 [ 154.851192] ? __kasan_check_write+0x18/0x20 [ 154.851741] ? do_raw_spin_lock+0x132/0x2a0 [ 154.852275] ? __pfx_do_exit+0x10/0x10 [ 154.852825] ? debug_smp_processor_id+0x20/0x30 [ 154.853687] ? rcu_is_watching+0x19/0xb0 [ 154.854199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.854814] ? trace_hardirqs_on+0x26/0x120 [ 154.855429] do_group_exit+0xe0/0x2b0 [ 154.856150] __x64_sys_exit_group+0x47/0x50 [ 154.856686] do_syscall_64+0x3b/0x90 [ 154.857184] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.857849] RIP: 0033:0x7f4b87518a4d [ 154.858501] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.859360] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.860313] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.861213] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.862307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.863290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.864187] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.865290] [ 154.865609] irq event stamp: 0 [ 154.866023] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.866895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.868053] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.869229] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.870052] ---[ end trace 0000000000000000 ]--- [ 154.878629] ------------[ cut here ]------------ [ 154.879355] WARNING: CPU: 1 PID: 1455 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.881004] Modules linked in: [ 154.881467] CPU: 1 PID: 1455 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.882889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.884498] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.885208] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.888014] RSP: 0018:ffff888012e4fbb8 EFLAGS: 00010246 [ 154.888762] RAX: 0000000000000000 RBX: ffff888020fe00a8 RCX: 0000000000000000 [ 154.889772] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 154.890950] RBP: ffff888012e4fbd0 R08: ffffed10041fc033 R09: ffffed10041fc033 [ 154.891966] R10: ffff888020fe0193 R11: ffffed10041fc032 R12: ffff888012c04800 [ 154.892976] R13: ffff888020fe01e8 R14: ffffffff8352e670 R15: ffff888012e4fe68 [ 154.894116] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.895320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.896127] CR2: 00007f4b877410e8 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 154.897321] PKRU: 55555554 [ 154.897720] Call Trace: [ 154.898070] [ 154.898386] __iommufd_access_detach+0x1c2/0x2b0 [ 154.899178] iommufd_access_change_pt+0x149/0x270 [ 154.899951] iommufd_access_replace+0xb4/0x120 [ 154.900737] iommufd_test+0x3e5/0x37e0 [ 154.901295] ? lock_release+0x532/0x770 [ 154.901869] ? __might_fault+0x102/0x1b0 [ 154.902447] ? lock_acquire+0x427/0x4c0 [ 154.903183] ? __pfx_iommufd_test+0x10/0x10 [ 154.903916] ? __pfx_lock_release+0x10/0x10 [ 154.904529] ? __pfx_lock_acquire+0x10/0x10 [ 154.905136] ? write_comp_data+0x2f/0x90 [ 154.905705] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.906443] ? write_comp_data+0x2f/0x90 [ 154.907218] iommufd_fops_ioctl+0x37d/0x510 [ 154.907837] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.908526] ? write_comp_data+0x2f/0x90 [ 154.909115] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 154.909912] __x64_sys_ioctl+0x1a3/0x230 [ 154.910660] do_syscall_64+0x3b/0x90 [ 154.911240] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.911971] RIP: 0033:0x7f4b8743ee5d [ 154.912496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 154.915242] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 154.916282] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 154.917467] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 154.918429] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 154.919506] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 154.920701] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 154.921674] [ 154.922010] irq event stamp: 0 [ 154.922434] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.923484] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.924712] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.925853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.926998] ---[ end trace 0000000000000000 ]--- [ 154.932148] ------------[ cut here ]------------ [ 154.932920] WARNING: CPU: 1 PID: 1455 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 154.934288] Modules linked in: [ 154.934961] CPU: 1 PID: 1455 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.936301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.937835] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 154.938740] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 154.941290] RSP: 0018:ffff888012e4fbd0 EFLAGS: 00010246 [ 154.942172] RAX: 0000000000000000 RBX: ffff888020fe00a8 RCX: 0000000000000000 [ 154.943346] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 154.944316] RBP: ffff888012e4fbe8 R08: ffffed10041fc033 R09: ffffed10041fc033 [ 154.945283] R10: ffff888020fe0193 R11: ffffed10041fc032 R12: ffff88801890e400 [ 154.946474] R13: ffff888020fe01e8 R14: ffff8880137a7f00 R15: 0000000000000000 [ 154.947547] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.948633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.949678] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 154.950711] PKRU: 55555554 [ 154.951146] Call Trace: [ 154.951503] [ 154.951818] iommufd_access_destroy_object+0x65/0x170 [ 154.952594] iommufd_object_destroy_user+0x18e/0x220 [ 154.953432] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 154.954242] iommufd_access_destroy+0x43/0x70 [ 154.954948] iommufd_test_staccess_release+0x8d/0xd0 [ 154.955698] __fput+0x26d/0xa40 [ 154.956313] ____fput+0x1e/0x30 [ 154.956900] task_work_run+0x1a4/0x2d0 [ 154.957447] ? __pfx_task_work_run+0x10/0x10 [ 154.958060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 154.958814] ? switch_task_namespaces+0xa9/0xe0 [ 154.959556] do_exit+0xb17/0x2ef0 [ 154.960197] ? lock_acquire+0x427/0x4c0 [ 154.960757] ? __pfx_lock_release+0x10/0x10 [ 154.961366] ? __kasan_check_write+0x18/0x20 [ 154.961990] ? do_raw_spin_lock+0x132/0x2a0 [ 154.962793] ? __pfx_do_exit+0x10/0x10 [ 154.963487] ? debug_smp_processor_id+0x20/0x30 [ 154.964127] ? rcu_is_watching+0x19/0xb0 [ 154.964690] ? _raw_spin_unlock_irq+0x2b/0x60 [ 154.965335] ? trace_hardirqs_on+0x26/0x120 [ 154.966001] do_group_exit+0xe0/0x2b0 [ 154.966715] __x64_sys_exit_group+0x47/0x50 [ 154.967344] do_syscall_64+0x3b/0x90 [ 154.967872] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 154.968600] RIP: 0033:0x7f4b87518a4d [ 154.969126] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 154.969964] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 154.971306] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 154.972283] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 154.973246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 154.974207] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 154.975284] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 154.976473] [ 154.976821] irq event stamp: 0 [ 154.977271] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 154.978129] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 154.979350] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 154.980486] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 154.981556] ---[ end trace 0000000000000000 ]--- [ 154.982946] ------------[ cut here ]------------ [ 154.983625] WARNING: CPU: 1 PID: 1455 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 154.985028] Modules linked in: [ 154.985613] CPU: 1 PID: 1455 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 154.986840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 154.988389] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 154.989121] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 154.991898] RSP: 0018:ffff888012e4fb78 EFLAGS: 00010246 [ 154.992660] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 154.993630] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 154.994840] RBP: ffff888012e4fb98 R08: ffffed10041fc03e R09: ffffed10041fc03e [ 154.995829] R10: ffff888020fe01ef R11: ffffed10041fc03d R12: ffff888020fe0290 [ 154.996779] R13: ffff888020fe00a8 R14: ffffffffffffffff R15: ffff888012e4fc60 [ 154.997733] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 154.999072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 154.999891] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.000861] PKRU: 55555554 [ 155.001268] Call Trace: [ 155.001632] [ 155.001962] iommufd_ioas_destroy+0x53/0x70 [ 155.002722] iommufd_fops_release+0x1f7/0x370 [ 155.003492] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.004189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.004880] ? write_comp_data+0x2f/0x90 [ 155.005473] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.006187] __fput+0x26d/0xa40 [ 155.006742] ____fput+0x1e/0x30 [ 155.007264] task_work_run+0x1a4/0x2d0 [ 155.007785] ? __pfx_task_work_run+0x10/0x10 [ 155.008602] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.009309] ? switch_task_namespaces+0xa9/0xe0 [ 155.009988] do_exit+0xb17/0x2ef0 [ 155.010492] ? lock_acquire+0x427/0x4c0 [ 155.011181] ? __pfx_lock_release+0x10/0x10 [ 155.011780] ? __kasan_check_write+0x18/0x20 [ 155.012391] ? do_raw_spin_lock+0x132/0x2a0 [ 155.013089] ? __pfx_do_exit+0x10/0x10 [ 155.013675] ? debug_smp_processor_id+0x20/0x30 [ 155.014316] ? rcu_is_watching+0x19/0xb0 [ 155.014904] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.015561] ? trace_hardirqs_on+0x26/0x120 [ 155.016159] do_group_exit+0xe0/0x2b0 [ 155.016683] __x64_sys_exit_group+0x47/0x50 [ 155.017466] do_syscall_64+0x3b/0x90 [ 155.017999] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.018798] RIP: 0033:0x7f4b87518a4d [ 155.019344] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.020161] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.021171] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.022299] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.023341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.024297] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.025283] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.026427] [ 155.026802] irq event stamp: 0 [ 155.027258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.028095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.029201] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.030581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.031467] ---[ end trace 0000000000000000 ]--- [ 155.039407] ------------[ cut here ]------------ [ 155.039961] WARNING: CPU: 1 PID: 1456 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.041030] Modules linked in: [ 155.041367] CPU: 1 PID: 1456 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.042282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.044084] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.044625] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.046531] RSP: 0018:ffff88800b727bb8 EFLAGS: 00010246 [ 155.047099] RAX: 0000000000000000 RBX: ffff8880149490a8 RCX: 0000000000000000 [ 155.048027] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 155.049021] RBP: ffff88800b727bd0 R08: ffffed1002929233 R09: ffffed1002929233 [ 155.049771] R10: ffff888014949193 R11: ffffed1002929232 R12: ffff888010b0c800 [ 155.050548] R13: ffff8880149491e8 R14: ffffffff8352e670 R15: ffff88800b727e68 [ 155.051312] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.052167] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.053025] CR2: 00007f4b877410e8 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 155.053785] PKRU: 55555554 [ 155.054080] Call Trace: [ 155.054349] [ 155.054613] __iommufd_access_detach+0x1c2/0x2b0 [ 155.055137] iommufd_access_change_pt+0x149/0x270 [ 155.055667] iommufd_access_replace+0xb4/0x120 [ 155.056166] iommufd_test+0x3e5/0x37e0 [ 155.056580] ? lock_release+0x532/0x770 [ 155.057017] ? __might_fault+0x102/0x1b0 [ 155.057458] ? lock_acquire+0x427/0x4c0 [ 155.057883] ? __pfx_iommufd_test+0x10/0x10 [ 155.058363] ? __pfx_lock_release+0x10/0x10 [ 155.059034] ? __pfx_lock_acquire+0x10/0x10 [ 155.059643] ? write_comp_data+0x2f/0x90 [ 155.060086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.060595] ? write_comp_data+0x2f/0x90 [ 155.061039] iommufd_fops_ioctl+0x37d/0x510 [ 155.061495] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.062024] ? write_comp_data+0x2f/0x90 [ 155.062466] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.063001] __x64_sys_ioctl+0x1a3/0x230 [ 155.063448] do_syscall_64+0x3b/0x90 [ 155.063847] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.064508] RIP: 0033:0x7f4b8743ee5d [ 155.065065] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.067269] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.068050] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.068772] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.069502] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.070439] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.071502] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.072240] [ 155.072478] irq event stamp: 0 [ 155.072801] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.073441] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.074290] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.075176] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.076037] ---[ end trace 0000000000000000 ]--- [ 155.079799] ------------[ cut here ]------------ [ 155.080350] WARNING: CPU: 1 PID: 1456 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.081750] Modules linked in: [ 155.082223] CPU: 1 PID: 1456 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.083092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.084158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.084628] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.086591] RSP: 0018:ffff88800b727bd0 EFLAGS: 00010246 [ 155.087157] RAX: 0000000000000000 RBX: ffff8880149490a8 RCX: 0000000000000000 [ 155.087824] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 155.088490] RBP: ffff88800b727be8 R08: ffffed1002929233 R09: ffffed1002929233 [ 155.089154] R10: ffff888014949193 R11: ffffed1002929232 R12: ffff888012c06c00 [ 155.089831] R13: ffff8880149491e8 R14: ffff888020903100 R15: 0000000000000000 [ 155.090710] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.091485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.092035] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 155.092710] PKRU: 55555554 [ 155.092978] Call Trace: [ 155.093220] [ 155.093442] iommufd_access_destroy_object+0x65/0x170 [ 155.093947] iommufd_object_destroy_user+0x18e/0x220 [ 155.094653] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.095209] iommufd_access_destroy+0x43/0x70 [ 155.095645] iommufd_test_staccess_release+0x8d/0xd0 [ 155.096134] __fput+0x26d/0xa40 [ 155.096461] ____fput+0x1e/0x30 [ 155.096781] task_work_run+0x1a4/0x2d0 [ 155.097161] ? __pfx_task_work_run+0x10/0x10 [ 155.097583] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.098053] ? switch_task_namespaces+0xa9/0xe0 [ 155.098706] do_exit+0xb17/0x2ef0 [ 155.099042] ? lock_acquire+0x427/0x4c0 [ 155.099448] ? __pfx_lock_release+0x10/0x10 [ 155.099867] ? __kasan_check_write+0x18/0x20 [ 155.100291] ? do_raw_spin_lock+0x132/0x2a0 [ 155.100701] ? __pfx_do_exit+0x10/0x10 [ 155.101089] ? debug_smp_processor_id+0x20/0x30 [ 155.101529] ? rcu_is_watching+0x19/0xb0 [ 155.101913] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.102382] ? trace_hardirqs_on+0x26/0x120 [ 155.103015] do_group_exit+0xe0/0x2b0 [ 155.103389] __x64_sys_exit_group+0x47/0x50 [ 155.103792] do_syscall_64+0x3b/0x90 [ 155.104145] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.104633] RIP: 0033:0x7f4b87518a4d [ 155.104979] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.105544] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.106249] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.107140] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.107881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.108548] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.109207] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.109873] [ 155.110089] irq event stamp: 0 [ 155.110384] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.111044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.111961] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.112738] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.113328] ---[ end trace 0000000000000000 ]--- [ 155.114188] ------------[ cut here ]------------ [ 155.114713] WARNING: CPU: 1 PID: 1456 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.115749] Modules linked in: [ 155.116167] CPU: 1 PID: 1456 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.117140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.118166] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.118653] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.120348] RSP: 0018:ffff88800b727b78 EFLAGS: 00010246 [ 155.120853] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.121487] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 155.122113] RBP: ffff88800b727b98 R08: ffffed100292923e R09: ffffed100292923e [ 155.122768] R10: ffff8880149491ef R11: ffffed100292923d R12: ffff888014949290 [ 155.123410] R13: ffff8880149490a8 R14: ffffffffffffffff R15: ffff88800b727c60 [ 155.124172] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.124876] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.125385] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 155.126015] PKRU: 55555554 [ 155.126273] Call Trace: [ 155.126501] [ 155.126734] iommufd_ioas_destroy+0x53/0x70 [ 155.127136] iommufd_fops_release+0x1f7/0x370 [ 155.127594] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.128116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.128553] ? write_comp_data+0x2f/0x90 [ 155.128918] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.129359] __fput+0x26d/0xa40 [ 155.129667] ____fput+0x1e/0x30 [ 155.129966] task_work_run+0x1a4/0x2d0 [ 155.130322] ? __pfx_task_work_run+0x10/0x10 [ 155.130846] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.131292] ? switch_task_namespaces+0xa9/0xe0 [ 155.131715] do_exit+0xb17/0x2ef0 [ 155.132027] ? lock_acquire+0x427/0x4c0 [ 155.132391] ? __pfx_lock_release+0x10/0x10 [ 155.132785] ? __kasan_check_write+0x18/0x20 [ 155.133180] ? do_raw_spin_lock+0x132/0x2a0 [ 155.133564] ? __pfx_do_exit+0x10/0x10 [ 155.133919] ? debug_smp_processor_id+0x20/0x30 [ 155.134334] ? rcu_is_watching+0x19/0xb0 [ 155.134861] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.135280] ? trace_hardirqs_on+0x26/0x120 [ 155.135666] do_group_exit+0xe0/0x2b0 [ 155.136007] __x64_sys_exit_group+0x47/0x50 [ 155.136386] do_syscall_64+0x3b/0x90 [ 155.136719] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.137178] RIP: 0033:0x7f4b87518a4d [ 155.137505] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.138040] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.138857] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.139485] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.140101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.140731] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.141345] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.141973] [ 155.142215] irq event stamp: 0 [ 155.142623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.143181] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.143908] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.144637] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.145189] ---[ end trace 0000000000000000 ]--- [ 155.150129] ------------[ cut here ]------------ [ 155.150615] WARNING: CPU: 1 PID: 1457 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.151519] Modules linked in: [ 155.151798] CPU: 1 PID: 1457 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.152589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.153880] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.154319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.156007] RSP: 0018:ffff888012e4fbb8 EFLAGS: 00010246 [ 155.156522] RAX: 0000000000000000 RBX: ffff888017a458a8 RCX: 0000000000000000 [ 155.157140] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 155.157758] RBP: ffff888012e4fbd0 R08: ffffed1002f48b33 R09: ffffed1002f48b33 [ 155.158534] R10: ffff888017a45993 R11: ffffed1002f48b32 R12: ffff888010e03400 [ 155.159171] R13: ffff888017a459e8 R14: ffffffff8352e670 R15: ffff888012e4fe68 [ 155.159798] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.160504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.161012] CR2: 00007f4b877410e8 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 155.161639] PKRU: 55555554 [ 155.161888] Call Trace: [ 155.162114] [ 155.162316] __iommufd_access_detach+0x1c2/0x2b0 [ 155.162798] iommufd_access_change_pt+0x149/0x270 [ 155.163247] iommufd_access_replace+0xb4/0x120 [ 155.163662] iommufd_test+0x3e5/0x37e0 [ 155.164002] ? lock_release+0x532/0x770 [ 155.164360] ? __might_fault+0x102/0x1b0 [ 155.164722] ? lock_acquire+0x427/0x4c0 [ 155.165097] ? __pfx_iommufd_test+0x10/0x10 [ 155.165479] ? __pfx_lock_release+0x10/0x10 [ 155.165868] ? __pfx_lock_acquire+0x10/0x10 [ 155.166264] ? write_comp_data+0x2f/0x90 [ 155.166657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.167094] ? write_comp_data+0x2f/0x90 [ 155.167474] iommufd_fops_ioctl+0x37d/0x510 [ 155.167858] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.168291] ? write_comp_data+0x2f/0x90 [ 155.168657] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.169084] __x64_sys_ioctl+0x1a3/0x230 [ 155.169453] do_syscall_64+0x3b/0x90 [ 155.169793] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.170261] RIP: 0033:0x7f4b8743ee5d [ 155.170619] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.172247] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.172915] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.173536] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.174159] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.174823] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.175477] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.176112] [ 155.176323] irq event stamp: 0 [ 155.176604] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.177154] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.177889] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.178644] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.179209] ---[ end trace 0000000000000000 ]--- [ 155.182158] ------------[ cut here ]------------ [ 155.182646] WARNING: CPU: 1 PID: 1457 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.183542] Modules linked in: [ 155.183819] CPU: 1 PID: 1457 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.184562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.185478] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.185894] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.187471] RSP: 0018:ffff888012e4fbd0 EFLAGS: 00010246 [ 155.187919] RAX: 0000000000000000 RBX: ffff888017a458a8 RCX: 0000000000000000 [ 155.188513] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 155.189093] RBP: ffff888012e4fbe8 R08: ffffed1002f48b33 R09: ffffed1002f48b33 [ 155.189677] R10: ffff888017a45993 R11: ffffed1002f48b32 R12: ffff888010b0ec00 [ 155.190264] R13: ffff888017a459e8 R14: ffff88800f2e7400 R15: 0000000000000000 [ 155.190864] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.191536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.192014] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.192602] PKRU: 55555554 [ 155.192838] Call Trace: [ 155.193049] [ 155.193235] iommufd_access_destroy_object+0x65/0x170 [ 155.193669] iommufd_object_destroy_user+0x18e/0x220 [ 155.194094] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.194591] iommufd_access_destroy+0x43/0x70 [ 155.194977] iommufd_test_staccess_release+0x8d/0xd0 [ 155.195416] __fput+0x26d/0xa40 [ 155.195705] ____fput+0x1e/0x30 [ 155.195986] task_work_run+0x1a4/0x2d0 [ 155.196322] ? __pfx_task_work_run+0x10/0x10 [ 155.196692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.197102] ? switch_task_namespaces+0xa9/0xe0 [ 155.197504] do_exit+0xb17/0x2ef0 [ 155.197794] ? lock_acquire+0x427/0x4c0 [ 155.198136] ? __pfx_lock_release+0x10/0x10 [ 155.198503] ? __kasan_check_write+0x18/0x20 [ 155.198897] ? do_raw_spin_lock+0x132/0x2a0 [ 155.199265] ? __pfx_do_exit+0x10/0x10 [ 155.199596] ? debug_smp_processor_id+0x20/0x30 [ 155.199985] ? rcu_is_watching+0x19/0xb0 [ 155.200327] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.200707] ? trace_hardirqs_on+0x26/0x120 [ 155.201071] do_group_exit+0xe0/0x2b0 [ 155.201387] __x64_sys_exit_group+0x47/0x50 [ 155.201750] do_syscall_64+0x3b/0x90 [ 155.202073] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.202533] RIP: 0033:0x7f4b87518a4d [ 155.202848] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.203374] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.204010] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.204596] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.205186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.205779] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.206372] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.206995] [ 155.207205] irq event stamp: 0 [ 155.207471] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.207993] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.208709] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.209395] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.209918] ---[ end trace 0000000000000000 ]--- [ 155.210677] ------------[ cut here ]------------ [ 155.211070] WARNING: CPU: 1 PID: 1457 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.211920] Modules linked in: [ 155.212190] CPU: 1 PID: 1457 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.212912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.213840] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.214266] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.215956] RSP: 0018:ffff888012e4fb78 EFLAGS: 00010246 [ 155.216401] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.216995] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 155.217588] RBP: ffff888012e4fb98 R08: ffffed1002f48b3e R09: ffffed1002f48b3e [ 155.218173] R10: ffff888017a459ef R11: ffffed1002f48b3d R12: ffff888017a45a90 [ 155.218772] R13: ffff888017a458a8 R14: ffffffffffffffff R15: ffff888012e4fc60 [ 155.219374] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.220035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.220513] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.221109] PKRU: 55555554 [ 155.221344] Call Trace: [ 155.221557] [ 155.221746] iommufd_ioas_destroy+0x53/0x70 [ 155.222114] iommufd_fops_release+0x1f7/0x370 [ 155.222493] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.222934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.223350] ? write_comp_data+0x2f/0x90 [ 155.223698] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.224121] __fput+0x26d/0xa40 [ 155.224411] ____fput+0x1e/0x30 [ 155.224693] task_work_run+0x1a4/0x2d0 [ 155.225022] ? __pfx_task_work_run+0x10/0x10 [ 155.225392] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.225801] ? switch_task_namespaces+0xa9/0xe0 [ 155.226199] do_exit+0xb17/0x2ef0 [ 155.226492] ? lock_acquire+0x427/0x4c0 [ 155.226856] ? __pfx_lock_release+0x10/0x10 [ 155.227230] ? __kasan_check_write+0x18/0x20 [ 155.227602] ? do_raw_spin_lock+0x132/0x2a0 [ 155.227964] ? __pfx_do_exit+0x10/0x10 [ 155.228296] ? debug_smp_processor_id+0x20/0x30 [ 155.228685] ? rcu_is_watching+0x19/0xb0 [ 155.229041] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.229426] ? trace_hardirqs_on+0x26/0x120 [ 155.229791] do_group_exit+0xe0/0x2b0 [ 155.230109] __x64_sys_exit_group+0x47/0x50 [ 155.230468] do_syscall_64+0x3b/0x90 [ 155.230803] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.231248] RIP: 0033:0x7f4b87518a4d [ 155.231557] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.232064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.232693] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.233279] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.233864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.234446] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.235070] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.235681] [ 155.235873] irq event stamp: 0 [ 155.236135] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.236651] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.237344] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.238027] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.238552] ---[ end trace 0000000000000000 ]--- [ 155.242555] ------------[ cut here ]------------ [ 155.242958] WARNING: CPU: 1 PID: 1458 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.243771] Modules linked in: [ 155.244026] CPU: 1 PID: 1458 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.244728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.245614] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.246008] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.247471] RSP: 0018:ffff888014a6fbb8 EFLAGS: 00010246 [ 155.247890] RAX: 0000000000000000 RBX: ffff888010b7a8a8 RCX: 0000000000000000 [ 155.248443] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 155.249005] RBP: ffff888014a6fbd0 R08: ffffed100216f533 R09: ffffed100216f533 [ 155.249564] R10: ffff888010b7a993 R11: ffffed100216f532 R12: ffff88800fcb0000 [ 155.250117] R13: ffff888010b7a9e8 R14: ffffffff8352e670 R15: ffff888014a6fe68 [ 155.250688] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.251322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.251780] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 155.252333] PKRU: 55555554 [ 155.252554] Call Trace: [ 155.252754] [ 155.252931] __iommufd_access_detach+0x1c2/0x2b0 [ 155.253316] iommufd_access_change_pt+0x149/0x270 [ 155.253701] iommufd_access_replace+0xb4/0x120 [ 155.254072] iommufd_test+0x3e5/0x37e0 [ 155.254378] ? lock_release+0x532/0x770 [ 155.254723] ? __might_fault+0x102/0x1b0 [ 155.255055] ? lock_acquire+0x427/0x4c0 [ 155.255386] ? __pfx_iommufd_test+0x10/0x10 [ 155.255722] ? __pfx_lock_release+0x10/0x10 [ 155.256066] ? __pfx_lock_acquire+0x10/0x10 [ 155.256418] ? write_comp_data+0x2f/0x90 [ 155.256747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.257131] ? write_comp_data+0x2f/0x90 [ 155.257464] iommufd_fops_ioctl+0x37d/0x510 [ 155.257807] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.258193] ? write_comp_data+0x2f/0x90 [ 155.258539] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.258919] __x64_sys_ioctl+0x1a3/0x230 [ 155.259254] do_syscall_64+0x3b/0x90 [ 155.259560] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.259979] RIP: 0033:0x7f4b8743ee5d [ 155.260275] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.261695] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.262299] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.262872] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.263442] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.263993] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.264548] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.265108] [ 155.265294] irq event stamp: 0 [ 155.265542] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.266041] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.266708] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.267371] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.267870] ---[ end trace 0000000000000000 ]--- [ 155.270615] ------------[ cut here ]------------ [ 155.271010] WARNING: CPU: 1 PID: 1458 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.271814] Modules linked in: [ 155.272068] CPU: 1 PID: 1458 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.272744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.273632] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.274021] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.275460] RSP: 0018:ffff888014a6fbd0 EFLAGS: 00010246 [ 155.275880] RAX: 0000000000000000 RBX: ffff888010b7a8a8 RCX: 0000000000000000 [ 155.276435] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 155.276992] RBP: ffff888014a6fbe8 R08: ffffed100216f533 R09: ffffed100216f533 [ 155.277551] R10: ffff888010b7a993 R11: ffffed100216f532 R12: ffff888010e03c00 [ 155.278106] R13: ffff888010b7a9e8 R14: ffff888013a7e600 R15: 0000000000000000 [ 155.278687] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.279335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.279790] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.280354] PKRU: 55555554 [ 155.280578] Call Trace: [ 155.280779] [ 155.280958] iommufd_access_destroy_object+0x65/0x170 [ 155.281374] iommufd_object_destroy_user+0x18e/0x220 [ 155.281779] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.282243] iommufd_access_destroy+0x43/0x70 [ 155.282628] iommufd_test_staccess_release+0x8d/0xd0 [ 155.283043] __fput+0x26d/0xa40 [ 155.283331] ____fput+0x1e/0x30 [ 155.283603] task_work_run+0x1a4/0x2d0 [ 155.283919] ? __pfx_task_work_run+0x10/0x10 [ 155.284274] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.284664] ? switch_task_namespaces+0xa9/0xe0 [ 155.285039] do_exit+0xb17/0x2ef0 [ 155.285315] ? lock_acquire+0x427/0x4c0 [ 155.285639] ? __pfx_lock_release+0x10/0x10 [ 155.285987] ? __kasan_check_write+0x18/0x20 [ 155.286339] ? do_raw_spin_lock+0x132/0x2a0 [ 155.286696] ? __pfx_do_exit+0x10/0x10 [ 155.287017] ? debug_smp_processor_id+0x20/0x30 [ 155.287398] ? rcu_is_watching+0x19/0xb0 [ 155.287724] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.288089] ? trace_hardirqs_on+0x26/0x120 [ 155.288435] do_group_exit+0xe0/0x2b0 [ 155.288737] __x64_sys_exit_group+0x47/0x50 [ 155.289076] do_syscall_64+0x3b/0x90 [ 155.289375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.289788] RIP: 0033:0x7f4b87518a4d [ 155.290080] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.290578] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.291175] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.291735] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.292290] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.292844] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.293395] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.293954] [ 155.294138] irq event stamp: 0 [ 155.294387] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.294904] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.295566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.296216] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.296710] ---[ end trace 0000000000000000 ]--- [ 155.297398] ------------[ cut here ]------------ [ 155.297768] WARNING: CPU: 1 PID: 1458 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.298585] Modules linked in: [ 155.298840] CPU: 1 PID: 1458 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.299533] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.300410] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.300818] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.302242] RSP: 0018:ffff888014a6fb78 EFLAGS: 00010246 [ 155.302679] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.303249] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 155.303806] RBP: ffff888014a6fb98 R08: ffffed100216f53e R09: ffffed100216f53e [ 155.304364] R10: ffff888010b7a9ef R11: ffffed100216f53d R12: ffff888010b7aa90 [ 155.304918] R13: ffff888010b7a8a8 R14: ffffffffffffffff R15: ffff888014a6fc60 [ 155.305476] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.306100] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.306568] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.307135] PKRU: 55555554 [ 155.307358] Call Trace: [ 155.307560] [ 155.307738] iommufd_ioas_destroy+0x53/0x70 [ 155.308084] iommufd_fops_release+0x1f7/0x370 [ 155.308446] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.308842] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.309229] ? write_comp_data+0x2f/0x90 [ 155.309560] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.309953] __fput+0x26d/0xa40 [ 155.310228] ____fput+0x1e/0x30 [ 155.310499] task_work_run+0x1a4/0x2d0 [ 155.310835] ? __pfx_task_work_run+0x10/0x10 [ 155.311191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.311580] ? switch_task_namespaces+0xa9/0xe0 [ 155.311955] do_exit+0xb17/0x2ef0 [ 155.312229] ? lock_acquire+0x427/0x4c0 [ 155.312552] ? __pfx_lock_release+0x10/0x10 [ 155.312903] ? __kasan_check_write+0x18/0x20 [ 155.313255] ? do_raw_spin_lock+0x132/0x2a0 [ 155.313596] ? __pfx_do_exit+0x10/0x10 [ 155.313911] ? debug_smp_processor_id+0x20/0x30 [ 155.314281] ? rcu_is_watching+0x19/0xb0 [ 155.314622] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.314987] ? trace_hardirqs_on+0x26/0x120 [ 155.315348] do_group_exit+0xe0/0x2b0 [ 155.315651] __x64_sys_exit_group+0x47/0x50 [ 155.315990] do_syscall_64+0x3b/0x90 [ 155.316298] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.316722] RIP: 0033:0x7f4b87518a4d [ 155.317017] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.317502] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.318096] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.318691] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.319256] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.319814] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.320368] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.320931] [ 155.321115] irq event stamp: 0 [ 155.321366] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.321864] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.322538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.323203] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.323695] ---[ end trace 0000000000000000 ]--- [ 155.328336] ------------[ cut here ]------------ [ 155.328743] WARNING: CPU: 1 PID: 1459 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.329533] Modules linked in: [ 155.329786] CPU: 1 PID: 1459 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.330467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.331405] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.331804] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.333224] RSP: 0018:ffff8880146a7bb8 EFLAGS: 00010246 [ 155.333645] RAX: 0000000000000000 RBX: ffff88801781e8a8 RCX: 0000000000000000 [ 155.334200] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 155.334771] RBP: ffff8880146a7bd0 R08: ffffed1002f03d33 R09: ffffed1002f03d33 [ 155.335340] R10: ffff88801781e993 R11: ffffed1002f03d32 R12: ffff888012e91c00 [ 155.335907] R13: ffff88801781e9e8 R14: ffffffff8352e670 R15: ffff8880146a7e68 [ 155.336468] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.337098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.337554] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 155.338115] PKRU: 55555554 [ 155.338337] Call Trace: [ 155.338559] [ 155.338740] __iommufd_access_detach+0x1c2/0x2b0 [ 155.339139] iommufd_access_change_pt+0x149/0x270 [ 155.339541] iommufd_access_replace+0xb4/0x120 [ 155.339914] iommufd_test+0x3e5/0x37e0 [ 155.340222] ? lock_release+0x532/0x770 [ 155.340548] ? __might_fault+0x102/0x1b0 [ 155.340882] ? lock_acquire+0x427/0x4c0 [ 155.341210] ? __pfx_iommufd_test+0x10/0x10 [ 155.341548] ? __pfx_lock_release+0x10/0x10 [ 155.341899] ? __pfx_lock_acquire+0x10/0x10 [ 155.342251] ? write_comp_data+0x2f/0x90 [ 155.342609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.343006] ? write_comp_data+0x2f/0x90 [ 155.343346] iommufd_fops_ioctl+0x37d/0x510 [ 155.343695] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.344083] ? write_comp_data+0x2f/0x90 [ 155.344415] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.344801] __x64_sys_ioctl+0x1a3/0x230 [ 155.345131] do_syscall_64+0x3b/0x90 [ 155.345435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.345852] RIP: 0033:0x7f4b8743ee5d [ 155.346149] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.347607] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.348212] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.348777] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.349343] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.349905] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.350461] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.351051] [ 155.351244] irq event stamp: 0 [ 155.351496] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.351995] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.352657] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.353310] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.353806] ---[ end trace 0000000000000000 ]--- [ 155.356585] ------------[ cut here ]------------ [ 155.356984] WARNING: CPU: 1 PID: 1459 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.357780] Modules linked in: [ 155.358033] CPU: 1 PID: 1459 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.358748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.359640] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.360032] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.361455] RSP: 0018:ffff8880146a7bd0 EFLAGS: 00010246 [ 155.361870] RAX: 0000000000000000 RBX: ffff88801781e8a8 RCX: 0000000000000000 [ 155.362423] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 155.362994] RBP: ffff8880146a7be8 R08: ffffed1002f03d33 R09: ffffed1002f03d33 [ 155.363561] R10: ffff88801781e993 R11: ffffed1002f03d32 R12: ffff88800fcb2000 [ 155.364119] R13: ffff88801781e9e8 R14: ffff88800efd0700 R15: 0000000000000000 [ 155.364689] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.365318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.365774] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.366334] PKRU: 55555554 [ 155.366579] Call Trace: [ 155.366784] [ 155.366966] iommufd_access_destroy_object+0x65/0x170 [ 155.367402] iommufd_object_destroy_user+0x18e/0x220 [ 155.367818] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.368288] iommufd_access_destroy+0x43/0x70 [ 155.368666] iommufd_test_staccess_release+0x8d/0xd0 [ 155.369244] __fput+0x26d/0xa40 [ 155.369526] ____fput+0x1e/0x30 [ 155.369804] task_work_run+0x1a4/0x2d0 [ 155.370127] ? __pfx_task_work_run+0x10/0x10 [ 155.370489] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.370902] ? switch_task_namespaces+0xa9/0xe0 [ 155.371408] do_exit+0xb17/0x2ef0 [ 155.371696] ? lock_acquire+0x427/0x4c0 [ 155.372024] ? __pfx_lock_release+0x10/0x10 [ 155.372377] ? __kasan_check_write+0x18/0x20 [ 155.372737] ? do_raw_spin_lock+0x132/0x2a0 [ 155.373141] ? __pfx_do_exit+0x10/0x10 [ 155.373508] ? debug_smp_processor_id+0x20/0x30 [ 155.373881] ? rcu_is_watching+0x19/0xb0 [ 155.374206] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.374593] ? trace_hardirqs_on+0x26/0x120 [ 155.374945] do_group_exit+0xe0/0x2b0 [ 155.375263] __x64_sys_exit_group+0x47/0x50 [ 155.375608] do_syscall_64+0x3b/0x90 [ 155.376017] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.376437] RIP: 0033:0x7f4b87518a4d [ 155.376737] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.377220] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.377844] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.378496] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.379082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.379661] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.380288] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.380899] [ 155.381096] irq event stamp: 0 [ 155.381350] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.381853] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.382649] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.383325] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.383801] ---[ end trace 0000000000000000 ]--- [ 155.384493] ------------[ cut here ]------------ [ 155.384862] WARNING: CPU: 1 PID: 1459 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.385781] Modules linked in: [ 155.386039] CPU: 1 PID: 1459 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.386751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.387640] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.388049] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.389603] RSP: 0018:ffff8880146a7b78 EFLAGS: 00010246 [ 155.390020] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.390594] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 155.391157] RBP: ffff8880146a7b98 R08: ffffed1002f03d3e R09: ffffed1002f03d3e [ 155.391713] R10: ffff88801781e9ef R11: ffffed1002f03d3d R12: ffff88801781ea90 [ 155.392268] R13: ffff88801781e8a8 R14: ffffffffffffffff R15: ffff8880146a7c60 [ 155.392932] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.393562] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.394018] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.394596] PKRU: 55555554 [ 155.394820] Call Trace: [ 155.395022] [ 155.395209] iommufd_ioas_destroy+0x53/0x70 [ 155.395554] iommufd_fops_release+0x1f7/0x370 [ 155.395914] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.396406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.396793] ? write_comp_data+0x2f/0x90 [ 155.397118] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.397509] __fput+0x26d/0xa40 [ 155.397784] ____fput+0x1e/0x30 [ 155.398051] task_work_run+0x1a4/0x2d0 [ 155.398364] ? __pfx_task_work_run+0x10/0x10 [ 155.398729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.399124] ? switch_task_namespaces+0xa9/0xe0 [ 155.399500] do_exit+0xb17/0x2ef0 [ 155.399775] ? lock_acquire+0x427/0x4c0 [ 155.400204] ? __pfx_lock_release+0x10/0x10 [ 155.400552] ? __kasan_check_write+0x18/0x20 [ 155.400901] ? do_raw_spin_lock+0x132/0x2a0 [ 155.401238] ? __pfx_do_exit+0x10/0x10 [ 155.401553] ? debug_smp_processor_id+0x20/0x30 [ 155.401925] ? rcu_is_watching+0x19/0xb0 [ 155.402244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.402619] ? trace_hardirqs_on+0x26/0x120 [ 155.402965] do_group_exit+0xe0/0x2b0 [ 155.403273] __x64_sys_exit_group+0x47/0x50 [ 155.403644] do_syscall_64+0x3b/0x90 [ 155.404012] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.404423] RIP: 0033:0x7f4b87518a4d [ 155.404714] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.405190] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.405789] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.406348] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.407035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.407597] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.408152] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.408718] [ 155.408905] irq event stamp: 0 [ 155.409155] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.409657] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.410436] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.411122] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.411624] ---[ end trace 0000000000000000 ]--- [ 155.417147] ------------[ cut here ]------------ [ 155.417555] WARNING: CPU: 1 PID: 1460 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.418367] Modules linked in: [ 155.418690] CPU: 1 PID: 1460 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.419391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.420394] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.420794] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.422228] RSP: 0018:ffff888012e4fbb8 EFLAGS: 00010246 [ 155.422676] RAX: 0000000000000000 RBX: ffff888021b6e8a8 RCX: 0000000000000000 [ 155.423256] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 155.423924] RBP: ffff888012e4fbd0 R08: ffffed100436dd33 R09: ffffed100436dd33 [ 155.424490] R10: ffff888021b6e993 R11: ffffed100436dd32 R12: ffff88800f4fd800 [ 155.425053] R13: ffff888021b6e9e8 R14: ffffffff8352e670 R15: ffff888012e4fe68 [ 155.425618] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.426253] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.426844] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 155.427425] PKRU: 55555554 [ 155.427653] Call Trace: [ 155.427859] [ 155.428040] __iommufd_access_detach+0x1c2/0x2b0 [ 155.428434] iommufd_access_change_pt+0x149/0x270 [ 155.428827] iommufd_access_replace+0xb4/0x120 [ 155.429207] iommufd_test+0x3e5/0x37e0 [ 155.429521] ? lock_release+0x532/0x770 [ 155.429862] ? __might_fault+0x102/0x1b0 [ 155.430277] ? lock_acquire+0x427/0x4c0 [ 155.430627] ? __pfx_iommufd_test+0x10/0x10 [ 155.430971] ? __pfx_lock_release+0x10/0x10 [ 155.431331] ? __pfx_lock_acquire+0x10/0x10 [ 155.431688] ? write_comp_data+0x2f/0x90 [ 155.432021] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.432417] ? write_comp_data+0x2f/0x90 [ 155.432760] iommufd_fops_ioctl+0x37d/0x510 [ 155.433110] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.433509] ? write_comp_data+0x2f/0x90 [ 155.433944] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.434333] __x64_sys_ioctl+0x1a3/0x230 [ 155.434688] do_syscall_64+0x3b/0x90 [ 155.434998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.435422] RIP: 0033:0x7f4b8743ee5d [ 155.435723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.437161] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.437879] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.438448] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.439029] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.439603] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.440170] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.440749] [ 155.440941] irq event stamp: 0 [ 155.441285] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.441790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.442454] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.443137] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.443645] ---[ end trace 0000000000000000 ]--- [ 155.446721] ------------[ cut here ]------------ [ 155.447144] WARNING: CPU: 1 PID: 1460 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.447948] Modules linked in: [ 155.448205] CPU: 1 PID: 1460 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.449023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.449908] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.450310] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.451882] RSP: 0018:ffff888012e4fbd0 EFLAGS: 00010246 [ 155.452307] RAX: 0000000000000000 RBX: ffff888021b6e8a8 RCX: 0000000000000000 [ 155.452869] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 155.453437] RBP: ffff888012e4fbe8 R08: ffffed100436dd33 R09: ffffed100436dd33 [ 155.453998] R10: ffff888021b6e993 R11: ffffed100436dd32 R12: ffff888012e91000 [ 155.454585] R13: ffff888021b6e9e8 R14: ffff888013727500 R15: 0000000000000000 [ 155.455154] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.455894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.456354] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.456927] PKRU: 55555554 [ 155.457155] Call Trace: [ 155.457361] [ 155.457541] iommufd_access_destroy_object+0x65/0x170 [ 155.457961] iommufd_object_destroy_user+0x18e/0x220 [ 155.458442] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.458948] iommufd_access_destroy+0x43/0x70 [ 155.459331] iommufd_test_staccess_release+0x8d/0xd0 [ 155.459744] __fput+0x26d/0xa40 [ 155.460025] ____fput+0x1e/0x30 [ 155.460299] task_work_run+0x1a4/0x2d0 [ 155.460617] ? __pfx_task_work_run+0x10/0x10 [ 155.460971] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.461368] ? switch_task_namespaces+0xa9/0xe0 [ 155.461752] do_exit+0xb17/0x2ef0 [ 155.462107] ? lock_acquire+0x427/0x4c0 [ 155.462453] ? __pfx_lock_release+0x10/0x10 [ 155.462839] ? __kasan_check_write+0x18/0x20 [ 155.463203] ? do_raw_spin_lock+0x132/0x2a0 [ 155.463553] ? __pfx_do_exit+0x10/0x10 [ 155.463876] ? debug_smp_processor_id+0x20/0x30 [ 155.464257] ? rcu_is_watching+0x19/0xb0 [ 155.464585] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.464951] ? trace_hardirqs_on+0x26/0x120 [ 155.465307] do_group_exit+0xe0/0x2b0 [ 155.465668] __x64_sys_exit_group+0x47/0x50 [ 155.466051] do_syscall_64+0x3b/0x90 [ 155.466361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.466802] RIP: 0033:0x7f4b87518a4d [ 155.467102] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.467599] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.468203] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.468766] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.469357] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.470005] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.470594] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.471174] [ 155.471365] irq event stamp: 0 [ 155.471616] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.472115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.472788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.473552] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.474060] ---[ end trace 0000000000000000 ]--- [ 155.474903] ------------[ cut here ]------------ [ 155.475300] WARNING: CPU: 1 PID: 1460 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.476109] Modules linked in: [ 155.476369] CPU: 1 PID: 1460 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.477188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.478098] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.478552] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.480039] RSP: 0018:ffff888012e4fb78 EFLAGS: 00010246 [ 155.480550] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.481128] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 155.481722] RBP: ffff888012e4fb98 R08: ffffed100436dd3e R09: ffffed100436dd3e [ 155.482304] R10: ffff888021b6e9ef R11: ffffed100436dd3d R12: ffff888021b6ea90 [ 155.482911] R13: ffff888021b6e8a8 R14: ffffffffffffffff R15: ffff888012e4fc60 [ 155.483636] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.484297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.484777] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.485369] PKRU: 55555554 [ 155.485606] Call Trace: [ 155.485820] [ 155.486009] iommufd_ioas_destroy+0x53/0x70 [ 155.486378] iommufd_fops_release+0x1f7/0x370 [ 155.486890] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.487310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.487720] ? write_comp_data+0x2f/0x90 [ 155.488065] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.488490] __fput+0x26d/0xa40 [ 155.488778] ____fput+0x1e/0x30 [ 155.489060] task_work_run+0x1a4/0x2d0 [ 155.489390] ? __pfx_task_work_run+0x10/0x10 [ 155.489775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.490298] ? switch_task_namespaces+0xa9/0xe0 [ 155.490723] do_exit+0xb17/0x2ef0 [ 155.491011] ? lock_acquire+0x427/0x4c0 [ 155.491358] ? __pfx_lock_release+0x10/0x10 [ 155.491722] ? __kasan_check_write+0x18/0x20 [ 155.492094] ? do_raw_spin_lock+0x132/0x2a0 [ 155.492450] ? __pfx_do_exit+0x10/0x10 [ 155.492784] ? debug_smp_processor_id+0x20/0x30 [ 155.493175] ? rcu_is_watching+0x19/0xb0 [ 155.493511] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.493994] ? trace_hardirqs_on+0x26/0x120 [ 155.494359] do_group_exit+0xe0/0x2b0 [ 155.494694] __x64_sys_exit_group+0x47/0x50 [ 155.495047] do_syscall_64+0x3b/0x90 [ 155.495375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.495807] RIP: 0033:0x7f4b87518a4d [ 155.496118] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.496627] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.497254] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.497951] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.498569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.499164] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.499750] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.500347] [ 155.500538] irq event stamp: 0 [ 155.500799] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.501347] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.502117] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.502824] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.503354] ---[ end trace 0000000000000000 ]--- [ 155.507261] ------------[ cut here ]------------ [ 155.507686] WARNING: CPU: 1 PID: 1461 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.508525] Modules linked in: [ 155.508854] CPU: 1 PID: 1461 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.509628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.510602] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.511022] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.512617] RSP: 0018:ffff8880146a7bb8 EFLAGS: 00010246 [ 155.513060] RAX: 0000000000000000 RBX: ffff88801622a0a8 RCX: 0000000000000000 [ 155.513776] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 155.514366] RBP: ffff8880146a7bd0 R08: ffffed1002c45433 R09: ffffed1002c45433 [ 155.514991] R10: ffff88801622a193 R11: ffffed1002c45432 R12: ffff888010c57800 [ 155.515645] R13: ffff88801622a1e8 R14: ffffffff8352e670 R15: ffff8880146a7e68 [ 155.516301] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.516977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.517472] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 155.518149] PKRU: 55555554 [ 155.518385] Call Trace: [ 155.518620] [ 155.518812] __iommufd_access_detach+0x1c2/0x2b0 [ 155.519240] iommufd_access_change_pt+0x149/0x270 [ 155.519657] iommufd_access_replace+0xb4/0x120 [ 155.520170] iommufd_test+0x3e5/0x37e0 [ 155.520496] ? lock_release+0x532/0x770 [ 155.520843] ? __might_fault+0x102/0x1b0 [ 155.521189] ? lock_acquire+0x427/0x4c0 [ 155.521533] ? __pfx_iommufd_test+0x10/0x10 [ 155.521933] ? __pfx_lock_release+0x10/0x10 [ 155.522369] ? __pfx_lock_acquire+0x10/0x10 [ 155.522762] ? write_comp_data+0x2f/0x90 [ 155.523127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.523542] ? write_comp_data+0x2f/0x90 [ 155.523895] iommufd_fops_ioctl+0x37d/0x510 [ 155.524264] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.524783] ? write_comp_data+0x2f/0x90 [ 155.525140] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.525549] __x64_sys_ioctl+0x1a3/0x230 [ 155.525903] do_syscall_64+0x3b/0x90 [ 155.526222] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.526795] RIP: 0033:0x7f4b8743ee5d [ 155.527109] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.528626] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.529383] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.529971] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.530586] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.531259] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.531873] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.532471] [ 155.532670] irq event stamp: 0 [ 155.532933] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.533566] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.534266] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.534983] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.535538] ---[ end trace 0000000000000000 ]--- [ 155.538779] ------------[ cut here ]------------ [ 155.539243] WARNING: CPU: 1 PID: 1461 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.540124] Modules linked in: [ 155.540493] CPU: 1 PID: 1461 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.541299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.542261] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.542889] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.544486] RSP: 0018:ffff8880146a7bd0 EFLAGS: 00010246 [ 155.545081] RAX: 0000000000000000 RBX: ffff88801622a0a8 RCX: 0000000000000000 [ 155.545701] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 155.546330] RBP: ffff8880146a7be8 R08: ffffed1002c45433 R09: ffffed1002c45433 [ 155.547063] R10: ffff88801622a193 R11: ffffed1002c45432 R12: ffff88800f4fd000 [ 155.547755] R13: ffff88801622a1e8 R14: ffff88801092f800 R15: 0000000000000000 [ 155.548384] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.549091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.549748] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 155.550375] PKRU: 55555554 [ 155.550652] Call Trace: [ 155.550881] [ 155.551082] iommufd_access_destroy_object+0x65/0x170 [ 155.551556] iommufd_object_destroy_user+0x18e/0x220 [ 155.552153] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.552668] iommufd_access_destroy+0x43/0x70 [ 155.553074] iommufd_test_staccess_release+0x8d/0xd0 [ 155.553526] __fput+0x26d/0xa40 [ 155.553832] ____fput+0x1e/0x30 [ 155.554231] task_work_run+0x1a4/0x2d0 [ 155.554606] ? __pfx_task_work_run+0x10/0x10 [ 155.555005] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.555458] ? switch_task_namespaces+0xa9/0xe0 [ 155.555882] do_exit+0xb17/0x2ef0 [ 155.556192] ? lock_acquire+0x427/0x4c0 [ 155.556678] ? __pfx_lock_release+0x10/0x10 [ 155.557066] ? __kasan_check_write+0x18/0x20 [ 155.557460] ? do_raw_spin_lock+0x132/0x2a0 [ 155.557842] ? __pfx_do_exit+0x10/0x10 [ 155.558199] ? debug_smp_processor_id+0x20/0x30 [ 155.558771] ? rcu_is_watching+0x19/0xb0 [ 155.559143] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.559553] ? trace_hardirqs_on+0x26/0x120 [ 155.559957] do_group_exit+0xe0/0x2b0 [ 155.560306] __x64_sys_exit_group+0x47/0x50 [ 155.560692] do_syscall_64+0x3b/0x90 [ 155.561072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.561648] RIP: 0033:0x7f4b87518a4d [ 155.561987] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.562569] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.563255] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.564014] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.564640] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.565263] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.565964] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.566692] [ 155.566904] irq event stamp: 0 [ 155.567205] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.567771] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.568516] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.569251] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.569992] ---[ end trace 0000000000000000 ]--- [ 155.570980] ------------[ cut here ]------------ [ 155.571433] WARNING: CPU: 1 PID: 1461 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.572344] Modules linked in: [ 155.572634] CPU: 1 PID: 1461 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.573408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.574616] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.575084] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.576704] RSP: 0018:ffff8880146a7b78 EFLAGS: 00010246 [ 155.577179] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.577843] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 155.578629] RBP: ffff8880146a7b98 R08: ffffed1002c4543e R09: ffffed1002c4543e [ 155.579293] R10: ffff88801622a1ef R11: ffffed1002c4543d R12: ffff88801622a290 [ 155.579968] R13: ffff88801622a0a8 R14: ffffffffffffffff R15: ffff8880146a7c60 [ 155.580632] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.581382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.581951] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 155.582856] PKRU: 55555554 [ 155.583136] Call Trace: [ 155.583377] [ 155.583596] iommufd_ioas_destroy+0x53/0x70 [ 155.584016] iommufd_fops_release+0x1f7/0x370 [ 155.584447] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.584922] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.585388] ? write_comp_data+0x2f/0x90 [ 155.585776] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.586245] __fput+0x26d/0xa40 [ 155.586632] ____fput+0x1e/0x30 [ 155.587063] task_work_run+0x1a4/0x2d0 [ 155.587457] ? __pfx_task_work_run+0x10/0x10 [ 155.587883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.588348] ? switch_task_namespaces+0xa9/0xe0 [ 155.588800] do_exit+0xb17/0x2ef0 [ 155.589130] ? lock_acquire+0x427/0x4c0 [ 155.589517] ? __pfx_lock_release+0x10/0x10 [ 155.589922] ? __kasan_check_write+0x18/0x20 [ 155.590331] ? do_raw_spin_lock+0x132/0x2a0 [ 155.590767] ? __pfx_do_exit+0x10/0x10 [ 155.591282] ? debug_smp_processor_id+0x20/0x30 [ 155.591848] ? rcu_is_watching+0x19/0xb0 [ 155.592245] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.592675] ? trace_hardirqs_on+0x26/0x120 [ 155.593093] do_group_exit+0xe0/0x2b0 [ 155.593454] __x64_sys_exit_group+0x47/0x50 [ 155.593859] do_syscall_64+0x3b/0x90 [ 155.594216] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.594754] RIP: 0033:0x7f4b87518a4d [ 155.595126] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.595707] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.596542] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.597355] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.598028] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.598736] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.599428] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.600116] [ 155.600344] irq event stamp: 0 [ 155.600683] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.601434] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.602224] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.603048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.603659] ---[ end trace 0000000000000000 ]--- [ 155.607836] ------------[ cut here ]------------ [ 155.608339] WARNING: CPU: 1 PID: 1462 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.609521] Modules linked in: [ 155.609955] CPU: 1 PID: 1462 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.610819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.611884] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.612353] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.614266] RSP: 0018:ffff888012e4fbb8 EFLAGS: 00010246 [ 155.614797] RAX: 0000000000000000 RBX: ffff8880171bf8a8 RCX: 0000000000000000 [ 155.615482] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 155.616150] RBP: ffff888012e4fbd0 R08: ffffed1002e37f33 R09: ffffed1002e37f33 [ 155.616822] R10: ffff8880171bf993 R11: ffffed1002e37f32 R12: ffff888020fef800 [ 155.617496] R13: ffff8880171bf9e8 R14: ffffffff8352e670 R15: ffff888012e4fe68 [ 155.618318] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.619240] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.619797] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 155.620476] PKRU: 55555554 [ 155.620741] Call Trace: [ 155.620985] [ 155.621200] __iommufd_access_detach+0x1c2/0x2b0 [ 155.621663] iommufd_access_change_pt+0x149/0x270 [ 155.622130] iommufd_access_replace+0xb4/0x120 [ 155.622682] iommufd_test+0x3e5/0x37e0 [ 155.623124] ? lock_release+0x532/0x770 [ 155.623515] ? __might_fault+0x102/0x1b0 [ 155.623908] ? lock_acquire+0x427/0x4c0 [ 155.624302] ? __pfx_iommufd_test+0x10/0x10 [ 155.624713] ? __pfx_lock_release+0x10/0x10 [ 155.625128] ? __pfx_lock_acquire+0x10/0x10 [ 155.625547] ? write_comp_data+0x2f/0x90 [ 155.625948] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.626421] ? write_comp_data+0x2f/0x90 [ 155.626852] iommufd_fops_ioctl+0x37d/0x510 [ 155.627459] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.627936] ? write_comp_data+0x2f/0x90 [ 155.628332] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.628798] __x64_sys_ioctl+0x1a3/0x230 [ 155.629195] do_syscall_64+0x3b/0x90 [ 155.629556] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.630055] RIP: 0033:0x7f4b8743ee5d [ 155.630409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.632395] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.633123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.633790] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.634472] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.635176] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.635851] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.636721] [ 155.636946] irq event stamp: 0 [ 155.637245] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.637846] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.638672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.639486] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.640089] ---[ end trace 0000000000000000 ]--- [ 155.643522] ------------[ cut here ]------------ [ 155.644022] WARNING: CPU: 1 PID: 1462 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.645046] Modules linked in: [ 155.645503] CPU: 1 PID: 1462 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.646324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.647495] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.647987] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.650061] RSP: 0018:ffff888012e4fbd0 EFLAGS: 00010246 [ 155.650904] RAX: 0000000000000000 RBX: ffff8880171bf8a8 RCX: 0000000000000000 [ 155.651662] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 155.652399] RBP: ffff888012e4fbe8 R08: ffffed1002e37f33 R09: ffffed1002e37f33 [ 155.653131] R10: ffff8880171bf993 R11: ffffed1002e37f32 R12: ffff88801890e400 [ 155.653865] R13: ffff8880171bf9e8 R14: ffff88800f401700 R15: 0000000000000000 [ 155.654676] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.655815] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.656416] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 155.657160] PKRU: 55555554 [ 155.657452] Call Trace: [ 155.657716] [ 155.657948] iommufd_access_destroy_object+0x65/0x170 [ 155.658498] iommufd_object_destroy_user+0x18e/0x220 [ 155.659088] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.659703] iommufd_access_destroy+0x43/0x70 [ 155.660179] iommufd_test_staccess_release+0x8d/0xd0 [ 155.660809] __fput+0x26d/0xa40 [ 155.661305] ____fput+0x1e/0x30 [ 155.661809] task_work_run+0x1a4/0x2d0 [ 155.662234] ? __pfx_task_work_run+0x10/0x10 [ 155.662745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.663278] ? switch_task_namespaces+0xa9/0xe0 [ 155.663775] do_exit+0xb17/0x2ef0 [ 155.664138] ? lock_acquire+0x427/0x4c0 [ 155.664563] ? __pfx_lock_release+0x10/0x10 [ 155.665022] ? __kasan_check_write+0x18/0x20 [ 155.665490] ? do_raw_spin_lock+0x132/0x2a0 [ 155.665939] ? __pfx_do_exit+0x10/0x10 [ 155.666483] ? debug_smp_processor_id+0x20/0x30 [ 155.667209] ? rcu_is_watching+0x19/0xb0 [ 155.667642] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.668119] ? trace_hardirqs_on+0x26/0x120 [ 155.668588] do_group_exit+0xe0/0x2b0 [ 155.668986] __x64_sys_exit_group+0x47/0x50 [ 155.669432] do_syscall_64+0x3b/0x90 [ 155.669833] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.670401] RIP: 0033:0x7f4b87518a4d [ 155.670835] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.671486] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.672442] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.673360] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.674099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.674874] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.675630] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.676383] [ 155.676707] irq event stamp: 0 [ 155.677176] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.677837] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.678748] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.679639] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.680303] ---[ end trace 0000000000000000 ]--- [ 155.681532] ------------[ cut here ]------------ [ 155.682042] WARNING: CPU: 1 PID: 1462 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.683168] Modules linked in: [ 155.683511] CPU: 1 PID: 1462 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.684422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.685702] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.686496] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.688497] RSP: 0018:ffff888012e4fb78 EFLAGS: 00010246 [ 155.689074] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.689831] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 155.690773] RBP: ffff888012e4fb98 R08: ffffed1002e37f3e R09: ffffed1002e37f3e [ 155.691793] R10: ffff8880171bf9ef R11: ffffed1002e37f3d R12: ffff8880171bfa90 [ 155.692568] R13: ffff8880171bf8a8 R14: ffffffffffffffff R15: ffff888012e4fc60 [ 155.693332] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.694195] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.694872] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 155.695657] PKRU: 55555554 [ 155.696046] Call Trace: [ 155.696413] [ 155.696816] iommufd_ioas_destroy+0x53/0x70 [ 155.697278] iommufd_fops_release+0x1f7/0x370 [ 155.697765] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.698305] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.698885] ? write_comp_data+0x2f/0x90 [ 155.699369] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.699910] __fput+0x26d/0xa40 [ 155.700282] ____fput+0x1e/0x30 [ 155.700647] task_work_run+0x1a4/0x2d0 [ 155.701173] ? __pfx_task_work_run+0x10/0x10 [ 155.701861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.702393] ? switch_task_namespaces+0xa9/0xe0 [ 155.702956] do_exit+0xb17/0x2ef0 [ 155.703348] ? lock_acquire+0x427/0x4c0 [ 155.703794] ? __pfx_lock_release+0x10/0x10 [ 155.704268] ? __kasan_check_write+0x18/0x20 [ 155.704748] ? do_raw_spin_lock+0x132/0x2a0 [ 155.705216] ? __pfx_do_exit+0x10/0x10 [ 155.705640] ? debug_smp_processor_id+0x20/0x30 [ 155.706244] ? rcu_is_watching+0x19/0xb0 [ 155.706919] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.707434] ? trace_hardirqs_on+0x26/0x120 [ 155.707910] do_group_exit+0xe0/0x2b0 [ 155.708322] __x64_sys_exit_group+0x47/0x50 [ 155.708786] do_syscall_64+0x3b/0x90 [ 155.709203] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.709752] RIP: 0033:0x7f4b87518a4d [ 155.710146] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.710884] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.711936] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.712682] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.713440] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.714196] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.714992] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.715766] [ 155.716041] irq event stamp: 0 [ 155.716479] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.717426] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.718311] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.719251] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.719927] ---[ end trace 0000000000000000 ]--- [ 155.725487] ------------[ cut here ]------------ [ 155.726055] WARNING: CPU: 1 PID: 1463 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.727179] Modules linked in: [ 155.727533] CPU: 1 PID: 1463 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.728444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.729916] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.730684] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.732616] RSP: 0018:ffff8880146a7bb8 EFLAGS: 00010246 [ 155.733188] RAX: 0000000000000000 RBX: ffff88800b8140a8 RCX: 0000000000000000 [ 155.733931] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 155.734762] RBP: ffff8880146a7bd0 R08: ffffed1001702833 R09: ffffed1001702833 [ 155.735528] R10: ffff88800b814193 R11: ffffed1001702832 R12: ffff88800a725400 [ 155.736271] R13: ffff88800b8141e8 R14: ffffffff8352e670 R15: ffff8880146a7e68 [ 155.737019] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.737873] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.738477] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 155.739302] PKRU: 55555554 [ 155.739607] Call Trace: [ 155.739881] [ 155.740120] __iommufd_access_detach+0x1c2/0x2b0 [ 155.740635] iommufd_access_change_pt+0x149/0x270 [ 155.741153] iommufd_access_replace+0xb4/0x120 [ 155.741646] iommufd_test+0x3e5/0x37e0 [ 155.742055] ? lock_release+0x532/0x770 [ 155.742477] ? __might_fault+0x102/0x1b0 [ 155.742952] ? lock_acquire+0x427/0x4c0 [ 155.743390] ? __pfx_iommufd_test+0x10/0x10 [ 155.743857] ? __pfx_lock_release+0x10/0x10 [ 155.744335] ? __pfx_lock_acquire+0x10/0x10 [ 155.744808] ? write_comp_data+0x2f/0x90 [ 155.745243] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.745761] ? write_comp_data+0x2f/0x90 [ 155.746196] iommufd_fops_ioctl+0x37d/0x510 [ 155.746703] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.747244] ? write_comp_data+0x2f/0x90 [ 155.747691] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.748220] __x64_sys_ioctl+0x1a3/0x230 [ 155.748665] do_syscall_64+0x3b/0x90 [ 155.749072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.749631] RIP: 0033:0x7f4b8743ee5d [ 155.750039] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.751992] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.752786] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.753526] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.754271] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.755036] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.755815] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.756580] [ 155.756832] irq event stamp: 0 [ 155.757166] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.757832] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.758761] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.759656] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.760324] ---[ end trace 0000000000000000 ]--- [ 155.763744] ------------[ cut here ]------------ [ 155.764265] WARNING: CPU: 1 PID: 1463 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.765336] Modules linked in: [ 155.765674] CPU: 1 PID: 1463 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.766620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.767828] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.768368] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.770278] RSP: 0018:ffff8880146a7bd0 EFLAGS: 00010246 [ 155.770951] RAX: 0000000000000000 RBX: ffff88800b8140a8 RCX: 0000000000000000 [ 155.771721] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 155.772468] RBP: ffff8880146a7be8 R08: ffffed1001702833 R09: ffffed1001702833 [ 155.773228] R10: ffff88800b814193 R11: ffffed1001702832 R12: ffff888020fee800 [ 155.773985] R13: ffff88800b8141e8 R14: ffff888012b34f00 R15: 0000000000000000 [ 155.774771] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.775629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.776252] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.777016] PKRU: 55555554 [ 155.777321] Call Trace: [ 155.777592] [ 155.777829] iommufd_access_destroy_object+0x65/0x170 [ 155.778381] iommufd_object_destroy_user+0x18e/0x220 [ 155.778970] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.779561] iommufd_access_destroy+0x43/0x70 [ 155.779977] iommufd_test_staccess_release+0x8d/0xd0 [ 155.780536] __fput+0x26d/0xa40 [ 155.780916] ____fput+0x1e/0x30 [ 155.781284] task_work_run+0x1a4/0x2d0 [ 155.781714] ? __pfx_task_work_run+0x10/0x10 [ 155.782196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.782767] ? switch_task_namespaces+0xa9/0xe0 [ 155.783311] do_exit+0xb17/0x2ef0 [ 155.783689] ? lock_acquire+0x427/0x4c0 [ 155.784134] ? __pfx_lock_release+0x10/0x10 [ 155.784597] ? __kasan_check_write+0x18/0x20 [ 155.785067] ? do_raw_spin_lock+0x132/0x2a0 [ 155.785535] ? __pfx_do_exit+0x10/0x10 [ 155.785959] ? debug_smp_processor_id+0x20/0x30 [ 155.786464] ? rcu_is_watching+0x19/0xb0 [ 155.786950] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.787472] ? trace_hardirqs_on+0x26/0x120 [ 155.787954] do_group_exit+0xe0/0x2b0 [ 155.788368] __x64_sys_exit_group+0x47/0x50 [ 155.788827] do_syscall_64+0x3b/0x90 [ 155.789233] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.789791] RIP: 0033:0x7f4b87518a4d [ 155.790185] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.790864] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.791691] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.792444] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.793198] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.793956] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.794734] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.795517] [ 155.795764] irq event stamp: 0 [ 155.796092] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.796767] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.797654] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.798570] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.799254] ---[ end trace 0000000000000000 ]--- [ 155.800150] ------------[ cut here ]------------ [ 155.800647] WARNING: CPU: 1 PID: 1463 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.801708] Modules linked in: [ 155.802046] CPU: 1 PID: 1463 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.803003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.804199] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.804746] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.806718] RSP: 0018:ffff8880146a7b78 EFLAGS: 00010246 [ 155.807306] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.808056] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 155.808806] RBP: ffff8880146a7b98 R08: ffffed100170283e R09: ffffed100170283e [ 155.809546] R10: ffff88800b8141ef R11: ffffed100170283d R12: ffff88800b814290 [ 155.810298] R13: ffff88800b8140a8 R14: ffffffffffffffff R15: ffff8880146a7c60 [ 155.811078] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.811972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.812590] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.813352] PKRU: 55555554 [ 155.813649] Call Trace: [ 155.813921] [ 155.814166] iommufd_ioas_destroy+0x53/0x70 [ 155.814659] iommufd_fops_release+0x1f7/0x370 [ 155.815159] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.815698] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.816221] ? write_comp_data+0x2f/0x90 [ 155.816662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.817201] __fput+0x26d/0xa40 [ 155.817574] ____fput+0x1e/0x30 [ 155.817926] task_work_run+0x1a4/0x2d0 [ 155.818341] ? __pfx_task_work_run+0x10/0x10 [ 155.818847] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.819381] ? switch_task_namespaces+0xa9/0xe0 [ 155.819899] do_exit+0xb17/0x2ef0 [ 155.820276] ? lock_acquire+0x427/0x4c0 [ 155.820709] ? __pfx_lock_release+0x10/0x10 [ 155.821186] ? __kasan_check_write+0x18/0x20 [ 155.821656] ? do_raw_spin_lock+0x132/0x2a0 [ 155.822114] ? __pfx_do_exit+0x10/0x10 [ 155.822567] ? debug_smp_processor_id+0x20/0x30 [ 155.823071] ? rcu_is_watching+0x19/0xb0 [ 155.823523] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.824015] ? trace_hardirqs_on+0x26/0x120 [ 155.824488] do_group_exit+0xe0/0x2b0 [ 155.824904] __x64_sys_exit_group+0x47/0x50 [ 155.825373] do_syscall_64+0x3b/0x90 [ 155.825788] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.826356] RIP: 0033:0x7f4b87518a4d [ 155.826775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.827429] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.828228] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.828987] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.829734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.830482] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.831259] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.832009] [ 155.832254] irq event stamp: 0 [ 155.832588] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.833267] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.834134] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.835024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.835698] ---[ end trace 0000000000000000 ]--- [ 155.840953] ------------[ cut here ]------------ [ 155.841495] WARNING: CPU: 1 PID: 1464 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.842661] Modules linked in: [ 155.842994] CPU: 1 PID: 1464 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.843916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.845070] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.845581] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.847480] RSP: 0018:ffff888010507bb8 EFLAGS: 00010246 [ 155.848012] RAX: 0000000000000000 RBX: ffff888015bad8a8 RCX: 0000000000000000 [ 155.848731] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 155.849446] RBP: ffff888010507bd0 R08: ffffed1002b75b33 R09: ffffed1002b75b33 [ 155.850161] R10: ffff888015bad993 R11: ffffed1002b75b32 R12: ffff8880141e9c00 [ 155.850892] R13: ffff888015bad9e8 R14: ffffffff8352e670 R15: ffff888010507e68 [ 155.851627] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.852430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.852999] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 155.853700] PKRU: 55555554 [ 155.853980] Call Trace: [ 155.854232] [ 155.854455] __iommufd_access_detach+0x1c2/0x2b0 [ 155.854961] iommufd_access_change_pt+0x149/0x270 [ 155.855463] iommufd_access_replace+0xb4/0x120 [ 155.855929] iommufd_test+0x3e5/0x37e0 [ 155.856317] ? lock_release+0x532/0x770 [ 155.856719] ? __might_fault+0x102/0x1b0 [ 155.857127] ? lock_acquire+0x427/0x4c0 [ 155.857533] ? __pfx_iommufd_test+0x10/0x10 [ 155.857957] ? __pfx_lock_release+0x10/0x10 [ 155.858388] ? __pfx_lock_acquire+0x10/0x10 [ 155.858840] ? write_comp_data+0x2f/0x90 [ 155.859262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.859748] ? write_comp_data+0x2f/0x90 [ 155.860158] iommufd_fops_ioctl+0x37d/0x510 [ 155.860591] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.861080] ? write_comp_data+0x2f/0x90 [ 155.861493] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.861956] __x64_sys_ioctl+0x1a3/0x230 [ 155.862341] do_syscall_64+0x3b/0x90 [ 155.862738] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.863251] RIP: 0033:0x7f4b8743ee5d [ 155.863600] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.865264] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.865956] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.866628] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.867292] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.867940] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.868587] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.869248] [ 155.869469] irq event stamp: 0 [ 155.869762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.870337] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.871137] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.871907] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.872485] ---[ end trace 0000000000000000 ]--- [ 155.875580] ------------[ cut here ]------------ [ 155.876037] WARNING: CPU: 1 PID: 1464 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.876946] Modules linked in: [ 155.877236] CPU: 1 PID: 1464 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.878019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.879183] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.879611] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.881156] RSP: 0018:ffff888010507bd0 EFLAGS: 00010246 [ 155.881679] RAX: 0000000000000000 RBX: ffff888015bad8a8 RCX: 0000000000000000 [ 155.882416] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 155.883036] RBP: ffff888010507be8 R08: ffffed1002b75b33 R09: ffffed1002b75b33 [ 155.883649] R10: ffff888015bad993 R11: ffffed1002b75b32 R12: ffff88800a727c00 [ 155.884256] R13: ffff888015bad9e8 R14: ffff88800fa7e800 R15: 0000000000000000 [ 155.884861] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.885692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.886178] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.886792] PKRU: 55555554 [ 155.887037] Call Trace: [ 155.887267] [ 155.887463] iommufd_access_destroy_object+0x65/0x170 [ 155.887908] iommufd_object_destroy_user+0x18e/0x220 [ 155.888349] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.888972] iommufd_access_destroy+0x43/0x70 [ 155.889371] iommufd_test_staccess_release+0x8d/0xd0 [ 155.889815] __fput+0x26d/0xa40 [ 155.890115] ____fput+0x1e/0x30 [ 155.890409] task_work_run+0x1a4/0x2d0 [ 155.890781] ? __pfx_task_work_run+0x10/0x10 [ 155.891171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.891596] ? switch_task_namespaces+0xa9/0xe0 [ 155.892008] do_exit+0xb17/0x2ef0 [ 155.892309] ? lock_acquire+0x427/0x4c0 [ 155.892657] ? __pfx_lock_release+0x10/0x10 [ 155.893036] ? __kasan_check_write+0x18/0x20 [ 155.893546] ? do_raw_spin_lock+0x132/0x2a0 [ 155.893919] ? __pfx_do_exit+0x10/0x10 [ 155.894264] ? debug_smp_processor_id+0x20/0x30 [ 155.894683] ? rcu_is_watching+0x19/0xb0 [ 155.895036] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.895442] ? trace_hardirqs_on+0x26/0x120 [ 155.895818] do_group_exit+0xe0/0x2b0 [ 155.896144] __x64_sys_exit_group+0x47/0x50 [ 155.896512] do_syscall_64+0x3b/0x90 [ 155.896842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.897378] RIP: 0033:0x7f4b87518a4d [ 155.897749] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.898273] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.898936] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.899560] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.900168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.900781] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.901512] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.902130] [ 155.902335] irq event stamp: 0 [ 155.902633] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.903186] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.903902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.904616] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.905309] ---[ end trace 0000000000000000 ]--- [ 155.906068] ------------[ cut here ]------------ [ 155.906471] WARNING: CPU: 1 PID: 1464 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 155.907386] Modules linked in: [ 155.907666] CPU: 1 PID: 1464 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.908420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.909532] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 155.909974] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 155.911560] RSP: 0018:ffff888010507b78 EFLAGS: 00010246 [ 155.912020] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 155.912761] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 155.913371] RBP: ffff888010507b98 R08: ffffed1002b75b3e R09: ffffed1002b75b3e [ 155.913982] R10: ffff888015bad9ef R11: ffffed1002b75b3d R12: ffff888015bada90 [ 155.914614] R13: ffff888015bad8a8 R14: ffffffffffffffff R15: ffff888010507c60 [ 155.915232] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.915925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.916555] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 155.917166] PKRU: 55555554 [ 155.917417] Call Trace: [ 155.917636] [ 155.917835] iommufd_ioas_destroy+0x53/0x70 [ 155.918215] iommufd_fops_release+0x1f7/0x370 [ 155.918629] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.919061] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.919509] ? write_comp_data+0x2f/0x90 [ 155.919869] ? __pfx_iommufd_fops_release+0x10/0x10 [ 155.920429] __fput+0x26d/0xa40 [ 155.920734] ____fput+0x1e/0x30 [ 155.921027] task_work_run+0x1a4/0x2d0 [ 155.921372] ? __pfx_task_work_run+0x10/0x10 [ 155.921762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.922194] ? switch_task_namespaces+0xa9/0xe0 [ 155.922650] do_exit+0xb17/0x2ef0 [ 155.922956] ? lock_acquire+0x427/0x4c0 [ 155.923319] ? __pfx_lock_release+0x10/0x10 [ 155.923705] ? __kasan_check_write+0x18/0x20 [ 155.924191] ? do_raw_spin_lock+0x132/0x2a0 [ 155.924611] ? __pfx_do_exit+0x10/0x10 [ 155.924955] ? debug_smp_processor_id+0x20/0x30 [ 155.925356] ? rcu_is_watching+0x19/0xb0 [ 155.925702] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.926092] ? trace_hardirqs_on+0x26/0x120 [ 155.926468] do_group_exit+0xe0/0x2b0 [ 155.926821] __x64_sys_exit_group+0x47/0x50 [ 155.927209] do_syscall_64+0x3b/0x90 [ 155.927543] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.928064] RIP: 0033:0x7f4b87518a4d [ 155.928449] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.928976] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.929625] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.930233] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.930867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.931497] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.932235] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.932851] [ 155.933054] irq event stamp: 0 [ 155.933324] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.933865] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.934606] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.935340] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.936016] ---[ end trace 0000000000000000 ]--- [ 155.942104] ------------[ cut here ]------------ [ 155.942640] WARNING: CPU: 1 PID: 1465 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.943474] Modules linked in: [ 155.943730] CPU: 1 PID: 1465 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.944416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.945424] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.945825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.947312] RSP: 0018:ffff8880146a7bb8 EFLAGS: 00010246 [ 155.947849] RAX: 0000000000000000 RBX: ffff8880140b40a8 RCX: 0000000000000000 [ 155.948428] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 155.949002] RBP: ffff8880146a7bd0 R08: ffffed1002816833 R09: ffffed1002816833 [ 155.949574] R10: ffff8880140b4193 R11: ffffed1002816832 R12: ffff888010f04800 [ 155.950147] R13: ffff8880140b41e8 R14: ffffffff8352e670 R15: ffff8880146a7e68 [ 155.950749] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.951504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.951972] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 155.952543] PKRU: 55555554 [ 155.952772] Call Trace: [ 155.952980] [ 155.953164] __iommufd_access_detach+0x1c2/0x2b0 [ 155.953565] iommufd_access_change_pt+0x149/0x270 [ 155.954084] iommufd_access_replace+0xb4/0x120 [ 155.954473] iommufd_test+0x3e5/0x37e0 [ 155.954810] ? lock_release+0x532/0x770 [ 155.955154] ? __might_fault+0x102/0x1b0 [ 155.955493] ? lock_acquire+0x427/0x4c0 [ 155.955821] ? __pfx_iommufd_test+0x10/0x10 [ 155.956161] ? __pfx_lock_release+0x10/0x10 [ 155.956519] ? __pfx_lock_acquire+0x10/0x10 [ 155.956996] ? write_comp_data+0x2f/0x90 [ 155.957340] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.957739] ? write_comp_data+0x2f/0x90 [ 155.958081] iommufd_fops_ioctl+0x37d/0x510 [ 155.958435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.958863] ? write_comp_data+0x2f/0x90 [ 155.959212] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 155.959631] __x64_sys_ioctl+0x1a3/0x230 [ 155.960058] do_syscall_64+0x3b/0x90 [ 155.960370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.960796] RIP: 0033:0x7f4b8743ee5d [ 155.961099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 155.962604] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 155.963303] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 155.963876] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 155.964449] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 155.965025] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 155.965715] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 155.966305] [ 155.966499] irq event stamp: 0 [ 155.966778] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 155.967299] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 155.967983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 155.968785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 155.969296] ---[ end trace 0000000000000000 ]--- [ 155.973814] ------------[ cut here ]------------ [ 155.974270] WARNING: CPU: 1 PID: 1465 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 155.975249] Modules linked in: [ 155.975512] CPU: 1 PID: 1465 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 155.976216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 155.977117] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 155.977525] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 155.979124] RSP: 0018:ffff8880146a7bd0 EFLAGS: 00010246 [ 155.979567] RAX: 0000000000000000 RBX: ffff8880140b40a8 RCX: 0000000000000000 [ 155.980143] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 155.980820] RBP: ffff8880146a7be8 R08: ffffed1002816833 R09: ffffed1002816833 [ 155.981406] R10: ffff8880140b4193 R11: ffffed1002816832 R12: ffff8880141e8c00 [ 155.981976] R13: ffff8880140b41e8 R14: ffff888012186300 R15: 0000000000000000 [ 155.982566] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 155.983229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.983797] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 155.984384] PKRU: 55555554 [ 155.984615] Call Trace: [ 155.984825] [ 155.985011] iommufd_access_destroy_object+0x65/0x170 [ 155.985438] iommufd_object_destroy_user+0x18e/0x220 [ 155.985854] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 155.986330] iommufd_access_destroy+0x43/0x70 [ 155.986840] iommufd_test_staccess_release+0x8d/0xd0 [ 155.987274] __fput+0x26d/0xa40 [ 155.987560] ____fput+0x1e/0x30 [ 155.987837] task_work_run+0x1a4/0x2d0 [ 155.988167] ? __pfx_task_work_run+0x10/0x10 [ 155.988531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 155.988932] ? switch_task_namespaces+0xa9/0xe0 [ 155.989326] do_exit+0xb17/0x2ef0 [ 155.989712] ? lock_acquire+0x427/0x4c0 [ 155.990058] ? __pfx_lock_release+0x10/0x10 [ 155.990418] ? __kasan_check_write+0x18/0x20 [ 155.990801] ? do_raw_spin_lock+0x132/0x2a0 [ 155.991165] ? __pfx_do_exit+0x10/0x10 [ 155.991494] ? debug_smp_processor_id+0x20/0x30 [ 155.991873] ? rcu_is_watching+0x19/0xb0 [ 155.992209] ? _raw_spin_unlock_irq+0x2b/0x60 [ 155.992690] ? trace_hardirqs_on+0x26/0x120 [ 155.993052] do_group_exit+0xe0/0x2b0 [ 155.993366] __x64_sys_exit_group+0x47/0x50 [ 155.993714] do_syscall_64+0x3b/0x90 [ 155.994027] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 155.994454] RIP: 0033:0x7f4b87518a4d [ 155.994778] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 155.995300] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 155.996032] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 155.996604] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 155.997181] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 155.997761] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 155.998391] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 155.999043] [ 155.999243] irq event stamp: 0 [ 155.999496] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.000003] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.000677] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.001350] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.001860] ---[ end trace 0000000000000000 ]--- [ 156.002794] ------------[ cut here ]------------ [ 156.003197] WARNING: CPU: 1 PID: 1465 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.004027] Modules linked in: [ 156.004291] CPU: 1 PID: 1465 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.005146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.006051] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.006468] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.007976] RSP: 0018:ffff8880146a7b78 EFLAGS: 00010246 [ 156.008445] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.009100] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 156.009668] RBP: ffff8880146a7b98 R08: ffffed100281683e R09: ffffed100281683e [ 156.010235] R10: ffff8880140b41ef R11: ffffed100281683d R12: ffff8880140b4290 [ 156.010841] R13: ffff8880140b40a8 R14: ffffffffffffffff R15: ffff8880146a7c60 [ 156.011434] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 156.012196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.012664] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 156.013252] PKRU: 55555554 [ 156.013497] Call Trace: [ 156.013712] [ 156.013905] iommufd_ioas_destroy+0x53/0x70 [ 156.014279] iommufd_fops_release+0x1f7/0x370 [ 156.014698] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.015261] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.015686] ? write_comp_data+0x2f/0x90 [ 156.016041] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.016463] __fput+0x26d/0xa40 [ 156.016757] ____fput+0x1e/0x30 [ 156.017047] task_work_run+0x1a4/0x2d0 [ 156.017382] ? __pfx_task_work_run+0x10/0x10 [ 156.017762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.018182] ? switch_task_namespaces+0xa9/0xe0 [ 156.018656] do_exit+0xb17/0x2ef0 [ 156.019025] ? lock_acquire+0x427/0x4c0 [ 156.019380] ? __pfx_lock_release+0x10/0x10 [ 156.019748] ? __kasan_check_write+0x18/0x20 [ 156.020123] ? do_raw_spin_lock+0x132/0x2a0 [ 156.020496] ? __pfx_do_exit+0x10/0x10 [ 156.020835] ? debug_smp_processor_id+0x20/0x30 [ 156.021232] ? rcu_is_watching+0x19/0xb0 [ 156.021581] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.021975] ? trace_hardirqs_on+0x26/0x120 [ 156.022442] do_group_exit+0xe0/0x2b0 [ 156.022850] __x64_sys_exit_group+0x47/0x50 [ 156.023225] do_syscall_64+0x3b/0x90 [ 156.023548] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.023991] RIP: 0033:0x7f4b87518a4d [ 156.024302] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.024819] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.025457] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.026203] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.026877] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.027491] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.028103] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.028720] [ 156.028922] irq event stamp: 0 [ 156.029198] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.029871] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.030610] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.031349] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.031888] ---[ end trace 0000000000000000 ]--- [ 156.036834] ------------[ cut here ]------------ [ 156.037301] WARNING: CPU: 1 PID: 1466 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.038304] Modules linked in: [ 156.038642] CPU: 1 PID: 1466 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.039409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.040376] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.040807] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.042531] RSP: 0018:ffff888010507bb8 EFLAGS: 00010246 [ 156.042990] RAX: 0000000000000000 RBX: ffff88801781b8a8 RCX: 0000000000000000 [ 156.043605] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 156.044212] RBP: ffff888010507bd0 R08: ffffed1002f03733 R09: ffffed1002f03733 [ 156.044826] R10: ffff88801781b993 R11: ffffed1002f03732 R12: ffff88800ef56000 [ 156.045599] R13: ffff88801781b9e8 R14: ffffffff8352e670 R15: ffff888010507e68 [ 156.046200] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 156.046904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.047412] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 156.048031] PKRU: 55555554 [ 156.048279] Call Trace: [ 156.048500] [ 156.048724] __iommufd_access_detach+0x1c2/0x2b0 [ 156.049256] iommufd_access_change_pt+0x149/0x270 [ 156.049689] iommufd_access_replace+0xb4/0x120 [ 156.050102] iommufd_test+0x3e5/0x37e0 [ 156.050448] ? lock_release+0x532/0x770 [ 156.050834] ? __might_fault+0x102/0x1b0 [ 156.051214] ? lock_acquire+0x427/0x4c0 [ 156.051570] ? __pfx_iommufd_test+0x10/0x10 [ 156.051943] ? __pfx_lock_release+0x10/0x10 [ 156.052331] ? __pfx_lock_acquire+0x10/0x10 [ 156.052838] ? write_comp_data+0x2f/0x90 [ 156.053209] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.053641] ? write_comp_data+0x2f/0x90 [ 156.054005] iommufd_fops_ioctl+0x37d/0x510 [ 156.054387] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.054834] ? write_comp_data+0x2f/0x90 [ 156.055205] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.055628] __x64_sys_ioctl+0x1a3/0x230 [ 156.055991] do_syscall_64+0x3b/0x90 [ 156.056351] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.056919] RIP: 0033:0x7f4b8743ee5d [ 156.057239] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.058804] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.059460] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.060202] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.060817] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.061420] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.062033] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.062675] [ 156.062881] irq event stamp: 0 [ 156.063159] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.063837] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.064547] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.065252] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.065785] ---[ end trace 0000000000000000 ]--- [ 156.068849] ------------[ cut here ]------------ [ 156.069278] WARNING: CPU: 1 PID: 1466 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.070124] Modules linked in: [ 156.070499] CPU: 1 PID: 1466 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.071270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.072195] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.072606] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.074215] RSP: 0018:ffff888010507bd0 EFLAGS: 00010246 [ 156.074693] RAX: 0000000000000000 RBX: ffff88801781b8a8 RCX: 0000000000000000 [ 156.075291] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 156.075883] RBP: ffff888010507be8 R08: ffffed1002f03733 R09: ffffed1002f03733 [ 156.076473] R10: ffff88801781b993 R11: ffffed1002f03732 R12: ffff888010f06c00 [ 156.077175] R13: ffff88801781b9e8 R14: ffff888013797600 R15: 0000000000000000 [ 156.077764] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 156.078425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.078927] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 156.079538] PKRU: 55555554 [ 156.079774] Call Trace: [ 156.079986] [ 156.080174] iommufd_access_destroy_object+0x65/0x170 [ 156.080734] iommufd_object_destroy_user+0x18e/0x220 [ 156.081166] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.081651] iommufd_access_destroy+0x43/0x70 [ 156.082035] iommufd_test_staccess_release+0x8d/0xd0 [ 156.082469] __fput+0x26d/0xa40 [ 156.082789] ____fput+0x1e/0x30 [ 156.083073] task_work_run+0x1a4/0x2d0 [ 156.083413] ? __pfx_task_work_run+0x10/0x10 [ 156.083785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.084197] ? switch_task_namespaces+0xa9/0xe0 [ 156.084602] do_exit+0xb17/0x2ef0 [ 156.084895] ? lock_acquire+0x427/0x4c0 [ 156.085236] ? __pfx_lock_release+0x10/0x10 [ 156.085604] ? __kasan_check_write+0x18/0x20 [ 156.085973] ? do_raw_spin_lock+0x132/0x2a0 [ 156.086328] ? __pfx_do_exit+0x10/0x10 [ 156.086681] ? debug_smp_processor_id+0x20/0x30 [ 156.087075] ? rcu_is_watching+0x19/0xb0 [ 156.087428] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.087810] ? trace_hardirqs_on+0x26/0x120 [ 156.088173] do_group_exit+0xe0/0x2b0 [ 156.088492] __x64_sys_exit_group+0x47/0x50 [ 156.088849] do_syscall_64+0x3b/0x90 [ 156.089168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.089606] RIP: 0033:0x7f4b87518a4d [ 156.089918] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.090427] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.091080] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.091678] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.092264] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.092849] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.093434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.094027] [ 156.094223] irq event stamp: 0 [ 156.094486] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.095031] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.095729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.096425] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.096945] ---[ end trace 0000000000000000 ]--- [ 156.097684] ------------[ cut here ]------------ [ 156.098075] WARNING: CPU: 1 PID: 1466 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.098969] Modules linked in: [ 156.099249] CPU: 1 PID: 1466 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.099970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.100898] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.101328] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.102923] RSP: 0018:ffff888010507b78 EFLAGS: 00010246 [ 156.103377] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.103960] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 156.104548] RBP: ffff888010507b98 R08: ffffed1002f0373e R09: ffffed1002f0373e [ 156.105130] R10: ffff88801781b9ef R11: ffffed1002f0373d R12: ffff88801781ba90 [ 156.105717] R13: ffff88801781b8a8 R14: ffffffffffffffff R15: ffff888010507c60 [ 156.106300] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 156.106981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.107463] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 156.108047] PKRU: 55555554 [ 156.108281] Call Trace: [ 156.108496] [ 156.108684] iommufd_ioas_destroy+0x53/0x70 [ 156.109048] iommufd_fops_release+0x1f7/0x370 [ 156.109426] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.109842] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.110254] ? write_comp_data+0x2f/0x90 [ 156.110619] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.111038] __fput+0x26d/0xa40 [ 156.111335] ____fput+0x1e/0x30 [ 156.111624] task_work_run+0x1a4/0x2d0 [ 156.111959] ? __pfx_task_work_run+0x10/0x10 [ 156.112333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.112748] ? switch_task_namespaces+0xa9/0xe0 [ 156.113148] do_exit+0xb17/0x2ef0 [ 156.113436] ? lock_acquire+0x427/0x4c0 [ 156.113775] ? __pfx_lock_release+0x10/0x10 [ 156.114139] ? __kasan_check_write+0x18/0x20 [ 156.114529] ? do_raw_spin_lock+0x132/0x2a0 [ 156.114886] ? __pfx_do_exit+0x10/0x10 [ 156.115223] ? debug_smp_processor_id+0x20/0x30 [ 156.115612] ? rcu_is_watching+0x19/0xb0 [ 156.115955] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.116337] ? trace_hardirqs_on+0x26/0x120 [ 156.116701] do_group_exit+0xe0/0x2b0 [ 156.117014] __x64_sys_exit_group+0x47/0x50 [ 156.117366] do_syscall_64+0x3b/0x90 [ 156.117681] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.118115] RIP: 0033:0x7f4b87518a4d [ 156.118424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.118947] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.119588] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.120175] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.120762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.121349] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.121932] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.122546] [ 156.122742] irq event stamp: 0 [ 156.123001] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.123529] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.124216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.124900] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.125427] ---[ end trace 0000000000000000 ]--- [ 156.129300] ------------[ cut here ]------------ [ 156.129742] WARNING: CPU: 0 PID: 1467 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.130639] Modules linked in: [ 156.130902] CPU: 0 PID: 1467 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.131624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.132525] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.132927] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.134387] RSP: 0018:ffff888023f27bb8 EFLAGS: 00010246 [ 156.134832] RAX: 0000000000000000 RBX: ffff888010ffe0a8 RCX: 0000000000000000 [ 156.135415] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 156.135990] RBP: ffff888023f27bd0 R08: ffffed10021ffc33 R09: ffffed10021ffc33 [ 156.136566] R10: ffff888010ffe193 R11: ffffed10021ffc32 R12: ffff888013b22800 [ 156.137132] R13: ffff888010ffe1e8 R14: ffffffff8352e670 R15: ffff888023f27e68 [ 156.137692] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.138327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.138809] CR2: 00007f4b877410e8 CR3: 0000000020d7e000 CR4: 0000000000750ef0 [ 156.139404] PKRU: 55555554 [ 156.139642] Call Trace: [ 156.139849] [ 156.140034] __iommufd_access_detach+0x1c2/0x2b0 [ 156.140895] iommufd_access_change_pt+0x149/0x270 [ 156.141475] iommufd_access_replace+0xb4/0x120 [ 156.142013] iommufd_test+0x3e5/0x37e0 [ 156.142458] ? lock_release+0x532/0x770 [ 156.142985] ? __might_fault+0x102/0x1b0 [ 156.143476] ? lock_acquire+0x427/0x4c0 [ 156.143948] ? __pfx_iommufd_test+0x10/0x10 [ 156.144436] ? __pfx_lock_release+0x10/0x10 [ 156.144938] ? __pfx_lock_acquire+0x10/0x10 [ 156.145444] ? write_comp_data+0x2f/0x90 [ 156.145921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.146480] ? write_comp_data+0x2f/0x90 [ 156.147003] iommufd_fops_ioctl+0x37d/0x510 [ 156.147514] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.148076] ? write_comp_data+0x2f/0x90 [ 156.148551] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.149107] __x64_sys_ioctl+0x1a3/0x230 [ 156.149587] do_syscall_64+0x3b/0x90 [ 156.150025] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.150653] RIP: 0033:0x7f4b8743ee5d [ 156.151082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.153107] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.153958] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.154783] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.155591] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.156378] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.157167] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.157967] [ 156.158234] irq event stamp: 0 [ 156.158621] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.159333] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.160254] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.161169] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.161863] ---[ end trace 0000000000000000 ]--- [ 156.167660] ------------[ cut here ]------------ [ 156.168207] WARNING: CPU: 0 PID: 1467 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.169536] Modules linked in: [ 156.169910] CPU: 0 PID: 1467 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.171364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.172794] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.173367] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.175594] RSP: 0018:ffff888023f27bd0 EFLAGS: 00010246 [ 156.176369] RAX: 0000000000000000 RBX: ffff888010ffe0a8 RCX: 0000000000000000 [ 156.177161] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 156.178108] RBP: ffff888023f27be8 R08: ffffed10021ffc33 R09: ffffed10021ffc33 [ 156.178951] R10: ffff888010ffe193 R11: ffffed10021ffc32 R12: ffff88801422ec00 [ 156.179931] R13: ffff888010ffe1e8 R14: ffff88800f120400 R15: 0000000000000000 [ 156.180721] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.181771] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.182423] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.183528] PKRU: 55555554 [ 156.183762] Call Trace: [ 156.183964] [ 156.184143] iommufd_access_destroy_object+0x65/0x170 [ 156.184552] iommufd_object_destroy_user+0x18e/0x220 [ 156.185316] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.185990] iommufd_access_destroy+0x43/0x70 [ 156.186571] iommufd_test_staccess_release+0x8d/0xd0 [ 156.187365] __fput+0x26d/0xa40 [ 156.187774] ____fput+0x1e/0x30 [ 156.188163] task_work_run+0x1a4/0x2d0 [ 156.188855] ? __pfx_task_work_run+0x10/0x10 [ 156.189371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.189930] ? switch_task_namespaces+0xa9/0xe0 [ 156.190774] do_exit+0xb17/0x2ef0 [ 156.191197] ? lock_acquire+0x427/0x4c0 [ 156.191662] ? __pfx_lock_release+0x10/0x10 [ 156.192174] ? __kasan_check_write+0x18/0x20 [ 156.192901] ? do_raw_spin_lock+0x132/0x2a0 [ 156.193404] ? __pfx_do_exit+0x10/0x10 [ 156.193886] ? debug_smp_processor_id+0x20/0x30 [ 156.194602] ? rcu_is_watching+0x19/0xb0 [ 156.195081] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.195612] ? trace_hardirqs_on+0x26/0x120 [ 156.196268] do_group_exit+0xe0/0x2b0 [ 156.196707] __x64_sys_exit_group+0x47/0x50 [ 156.197190] do_syscall_64+0x3b/0x90 [ 156.197624] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.198223] RIP: 0033:0x7f4b87518a4d [ 156.198693] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.199402] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.200250] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.201044] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.201838] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.202665] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.203477] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.204281] [ 156.204551] irq event stamp: 0 [ 156.204911] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.205614] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.206578] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.207527] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.208232] ---[ end trace 0000000000000000 ]--- [ 156.209364] ------------[ cut here ]------------ [ 156.209900] WARNING: CPU: 0 PID: 1467 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.211068] Modules linked in: [ 156.211449] CPU: 0 PID: 1467 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.212425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.213667] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.214246] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.216302] RSP: 0018:ffff888023f27b78 EFLAGS: 00010246 [ 156.216906] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.217701] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 156.218491] RBP: ffff888023f27b98 R08: ffffed10021ffc3e R09: ffffed10021ffc3e [ 156.219326] R10: ffff888010ffe1ef R11: ffffed10021ffc3d R12: ffff888010ffe290 [ 156.220109] R13: ffff888010ffe0a8 R14: ffffffffffffffff R15: ffff888023f27c60 [ 156.220889] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.221769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.222408] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.223230] PKRU: 55555554 [ 156.223553] Call Trace: [ 156.223842] [ 156.224101] iommufd_ioas_destroy+0x53/0x70 [ 156.224592] iommufd_fops_release+0x1f7/0x370 [ 156.225104] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.225664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.226216] ? write_comp_data+0x2f/0x90 [ 156.226709] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.227281] __fput+0x26d/0xa40 [ 156.227675] ____fput+0x1e/0x30 [ 156.228059] task_work_run+0x1a4/0x2d0 [ 156.228508] ? __pfx_task_work_run+0x10/0x10 [ 156.229008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.229562] ? switch_task_namespaces+0xa9/0xe0 [ 156.230098] do_exit+0xb17/0x2ef0 [ 156.230492] ? lock_acquire+0x427/0x4c0 [ 156.230993] ? __pfx_lock_release+0x10/0x10 [ 156.231497] ? __kasan_check_write+0x18/0x20 [ 156.231996] ? do_raw_spin_lock+0x132/0x2a0 [ 156.232481] ? __pfx_do_exit+0x10/0x10 [ 156.232928] ? debug_smp_processor_id+0x20/0x30 [ 156.233453] ? rcu_is_watching+0x19/0xb0 [ 156.233908] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.234421] ? trace_hardirqs_on+0x26/0x120 [ 156.234942] do_group_exit+0xe0/0x2b0 [ 156.235389] __x64_sys_exit_group+0x47/0x50 [ 156.235871] do_syscall_64+0x3b/0x90 [ 156.236300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.236886] RIP: 0033:0x7f4b87518a4d [ 156.237300] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.237981] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.238853] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.239648] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.240422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.241194] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.241967] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.242779] [ 156.243045] irq event stamp: 0 [ 156.243405] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.244088] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.244993] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.245895] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.246607] ---[ end trace 0000000000000000 ]--- [ 156.252673] ------------[ cut here ]------------ [ 156.253208] WARNING: CPU: 0 PID: 1468 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.254286] Modules linked in: [ 156.254671] CPU: 0 PID: 1468 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.255611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.256793] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.257323] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.259299] RSP: 0018:ffff8880171c7bb8 EFLAGS: 00010246 [ 156.259707] RAX: 0000000000000000 RBX: ffff8880165368a8 RCX: 0000000000000000 [ 156.260233] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 156.260757] RBP: ffff8880171c7bd0 R08: ffffed1002ca6d33 R09: ffffed1002ca6d33 [ 156.261284] R10: ffff888016536993 R11: ffffed1002ca6d32 R12: ffff888010826000 [ 156.261798] R13: ffff8880165369e8 R14: ffffffff8352e670 R15: ffff8880171c7e68 [ 156.262312] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.262914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.263346] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 156.263877] PKRU: 55555554 [ 156.264084] Call Trace: [ 156.264273] [ 156.264439] __iommufd_access_detach+0x1c2/0x2b0 [ 156.264799] iommufd_access_change_pt+0x149/0x270 [ 156.265161] iommufd_access_replace+0xb4/0x120 [ 156.265505] iommufd_test+0x3e5/0x37e0 [ 156.265791] ? lock_release+0x532/0x770 [ 156.266093] ? __might_fault+0x102/0x1b0 [ 156.266396] ? lock_acquire+0x427/0x4c0 [ 156.266707] ? __pfx_iommufd_test+0x10/0x10 [ 156.267023] ? __pfx_lock_release+0x10/0x10 [ 156.267356] ? __pfx_lock_acquire+0x10/0x10 [ 156.267688] ? write_comp_data+0x2f/0x90 [ 156.267998] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.268359] ? write_comp_data+0x2f/0x90 [ 156.268665] iommufd_fops_ioctl+0x37d/0x510 [ 156.268983] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.269343] ? write_comp_data+0x2f/0x90 [ 156.269651] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.270009] __x64_sys_ioctl+0x1a3/0x230 [ 156.270318] do_syscall_64+0x3b/0x90 [ 156.270616] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.271001] RIP: 0033:0x7f4b8743ee5d [ 156.271280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.272576] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.273123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.273633] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.274141] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.274664] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.275185] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.275702] [ 156.275871] irq event stamp: 0 [ 156.276099] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.276550] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.277144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.277743] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.278190] ---[ end trace 0000000000000000 ]--- [ 156.280834] ------------[ cut here ]------------ [ 156.281200] WARNING: CPU: 0 PID: 1468 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.281929] Modules linked in: [ 156.282160] CPU: 0 PID: 1468 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.282804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.283612] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.283968] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.285261] RSP: 0018:ffff8880171c7bd0 EFLAGS: 00010246 [ 156.285642] RAX: 0000000000000000 RBX: ffff8880165368a8 RCX: 0000000000000000 [ 156.286149] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 156.286671] RBP: ffff8880171c7be8 R08: ffffed1002ca6d33 R09: ffffed1002ca6d33 [ 156.287188] R10: ffff888016536993 R11: ffffed1002ca6d32 R12: ffff888013b23000 [ 156.287693] R13: ffff8880165369e8 R14: ffff88800fde0d00 R15: 0000000000000000 [ 156.288198] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.288769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.289182] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.289692] PKRU: 55555554 [ 156.289896] Call Trace: [ 156.290081] [ 156.290241] iommufd_access_destroy_object+0x65/0x170 [ 156.290628] iommufd_object_destroy_user+0x18e/0x220 [ 156.290996] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.291425] iommufd_access_destroy+0x43/0x70 [ 156.291752] iommufd_test_staccess_release+0x8d/0xd0 [ 156.292119] __fput+0x26d/0xa40 [ 156.292370] ____fput+0x1e/0x30 [ 156.292614] task_work_run+0x1a4/0x2d0 [ 156.292902] ? __pfx_task_work_run+0x10/0x10 [ 156.293224] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.293581] ? switch_task_namespaces+0xa9/0xe0 [ 156.293923] do_exit+0xb17/0x2ef0 [ 156.294172] ? lock_acquire+0x427/0x4c0 [ 156.294468] ? __pfx_lock_release+0x10/0x10 [ 156.294804] ? __kasan_check_write+0x18/0x20 [ 156.295124] ? do_raw_spin_lock+0x132/0x2a0 [ 156.295435] ? __pfx_do_exit+0x10/0x10 [ 156.295720] ? debug_smp_processor_id+0x20/0x30 [ 156.296053] ? rcu_is_watching+0x19/0xb0 [ 156.296341] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.296667] ? trace_hardirqs_on+0x26/0x120 [ 156.296977] do_group_exit+0xe0/0x2b0 [ 156.297249] __x64_sys_exit_group+0x47/0x50 [ 156.297551] do_syscall_64+0x3b/0x90 [ 156.297822] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.298194] RIP: 0033:0x7f4b87518a4d [ 156.298459] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.298922] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.299482] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.299982] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.300484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.300997] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.301507] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.302021] [ 156.302188] irq event stamp: 0 [ 156.302417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.302897] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.303509] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.304104] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.304554] ---[ end trace 0000000000000000 ]--- [ 156.305203] ------------[ cut here ]------------ [ 156.305543] WARNING: CPU: 0 PID: 1468 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.306270] Modules linked in: [ 156.306499] CPU: 0 PID: 1468 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.307156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.307957] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.308325] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.309633] RSP: 0018:ffff8880171c7b78 EFLAGS: 00010246 [ 156.310020] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.310546] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 156.311056] RBP: ffff8880171c7b98 R08: ffffed1002ca6d3e R09: ffffed1002ca6d3e [ 156.311574] R10: ffff8880165369ef R11: ffffed1002ca6d3d R12: ffff888016536a90 [ 156.312082] R13: ffff8880165368a8 R14: ffffffffffffffff R15: ffff8880171c7c60 [ 156.312591] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.313163] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.313578] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.314088] PKRU: 55555554 [ 156.314292] Call Trace: [ 156.314479] [ 156.314660] iommufd_ioas_destroy+0x53/0x70 [ 156.314978] iommufd_fops_release+0x1f7/0x370 [ 156.315320] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.315685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.316044] ? write_comp_data+0x2f/0x90 [ 156.316345] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.316706] __fput+0x26d/0xa40 [ 156.316956] ____fput+0x1e/0x30 [ 156.317204] task_work_run+0x1a4/0x2d0 [ 156.317497] ? __pfx_task_work_run+0x10/0x10 [ 156.317821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.318181] ? switch_task_namespaces+0xa9/0xe0 [ 156.318546] do_exit+0xb17/0x2ef0 [ 156.318802] ? lock_acquire+0x427/0x4c0 [ 156.319098] ? __pfx_lock_release+0x10/0x10 [ 156.319424] ? __kasan_check_write+0x18/0x20 [ 156.319744] ? do_raw_spin_lock+0x132/0x2a0 [ 156.320059] ? __pfx_do_exit+0x10/0x10 [ 156.320348] ? debug_smp_processor_id+0x20/0x30 [ 156.320687] ? rcu_is_watching+0x19/0xb0 [ 156.320981] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.321311] ? trace_hardirqs_on+0x26/0x120 [ 156.321627] do_group_exit+0xe0/0x2b0 [ 156.321903] __x64_sys_exit_group+0x47/0x50 [ 156.322213] do_syscall_64+0x3b/0x90 [ 156.322490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.322891] RIP: 0033:0x7f4b87518a4d [ 156.323175] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.323618] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.324163] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.324681] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.325189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.325693] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.326199] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.326732] [ 156.326904] irq event stamp: 0 [ 156.327136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.327588] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.328191] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.328792] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.329247] ---[ end trace 0000000000000000 ]--- [ 156.332866] ------------[ cut here ]------------ [ 156.333230] WARNING: CPU: 0 PID: 1469 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.333962] Modules linked in: [ 156.334193] CPU: 0 PID: 1469 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.335022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.335839] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.336202] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.337510] RSP: 0018:ffff88801029fbb8 EFLAGS: 00010246 [ 156.337892] RAX: 0000000000000000 RBX: ffff8880121fd0a8 RCX: 0000000000000000 [ 156.338403] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 156.338933] RBP: ffff88801029fbd0 R08: ffffed100243fa33 R09: ffffed100243fa33 [ 156.339459] R10: ffff8880121fd193 R11: ffffed100243fa32 R12: ffff888013da4400 [ 156.339972] R13: ffff8880121fd1e8 R14: ffffffff8352e670 R15: ffff88801029fe68 [ 156.340479] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.341050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.341462] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 156.341970] PKRU: 55555554 [ 156.342175] Call Trace: [ 156.342359] [ 156.342542] __iommufd_access_detach+0x1c2/0x2b0 [ 156.342897] iommufd_access_change_pt+0x149/0x270 [ 156.343263] iommufd_access_replace+0xb4/0x120 [ 156.343605] iommufd_test+0x3e5/0x37e0 [ 156.343887] ? lock_release+0x532/0x770 [ 156.344183] ? __might_fault+0x102/0x1b0 [ 156.344488] ? lock_acquire+0x427/0x4c0 [ 156.344786] ? __pfx_iommufd_test+0x10/0x10 [ 156.345095] ? __pfx_lock_release+0x10/0x10 [ 156.345412] ? __pfx_lock_acquire+0x10/0x10 [ 156.345732] ? write_comp_data+0x2f/0x90 [ 156.346033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.346387] ? write_comp_data+0x2f/0x90 [ 156.346707] iommufd_fops_ioctl+0x37d/0x510 [ 156.347029] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.347395] ? write_comp_data+0x2f/0x90 [ 156.347696] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.348047] __x64_sys_ioctl+0x1a3/0x230 [ 156.348351] do_syscall_64+0x3b/0x90 [ 156.348633] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.349016] RIP: 0033:0x7f4b8743ee5d [ 156.349288] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.350603] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.351211] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.351742] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.352264] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.352790] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.353316] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.353850] [ 156.354025] irq event stamp: 0 [ 156.354260] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.354766] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.355396] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.356011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.356474] ---[ end trace 0000000000000000 ]--- [ 156.359178] ------------[ cut here ]------------ [ 156.359564] WARNING: CPU: 0 PID: 1469 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.360307] Modules linked in: [ 156.360545] CPU: 0 PID: 1469 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.361182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.362002] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.362372] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.363921] RSP: 0018:ffff88801029fbd0 EFLAGS: 00010246 [ 156.364312] RAX: 0000000000000000 RBX: ffff8880121fd0a8 RCX: 0000000000000000 [ 156.364829] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 156.365359] RBP: ffff88801029fbe8 R08: ffffed100243fa33 R09: ffffed100243fa33 [ 156.365879] R10: ffff8880121fd193 R11: ffffed100243fa32 R12: ffff888010827400 [ 156.366400] R13: ffff8880121fd1e8 R14: ffff88801092f200 R15: 0000000000000000 [ 156.366940] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.367549] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.367975] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.368496] PKRU: 55555554 [ 156.368705] Call Trace: [ 156.368895] [ 156.369064] iommufd_access_destroy_object+0x65/0x170 [ 156.369449] iommufd_object_destroy_user+0x18e/0x220 [ 156.369828] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.370260] iommufd_access_destroy+0x43/0x70 [ 156.370618] iommufd_test_staccess_release+0x8d/0xd0 [ 156.371003] __fput+0x26d/0xa40 [ 156.371274] ____fput+0x1e/0x30 [ 156.371526] task_work_run+0x1a4/0x2d0 [ 156.371824] ? __pfx_task_work_run+0x10/0x10 [ 156.372154] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.372519] ? switch_task_namespaces+0xa9/0xe0 [ 156.372872] do_exit+0xb17/0x2ef0 [ 156.373133] ? lock_acquire+0x427/0x4c0 [ 156.373439] ? __pfx_lock_release+0x10/0x10 [ 156.373767] ? __kasan_check_write+0x18/0x20 [ 156.374101] ? do_raw_spin_lock+0x132/0x2a0 [ 156.374423] ? __pfx_do_exit+0x10/0x10 [ 156.374735] ? debug_smp_processor_id+0x20/0x30 [ 156.375088] ? rcu_is_watching+0x19/0xb0 [ 156.375397] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.375743] ? trace_hardirqs_on+0x26/0x120 [ 156.376067] do_group_exit+0xe0/0x2b0 [ 156.376350] __x64_sys_exit_group+0x47/0x50 [ 156.376669] do_syscall_64+0x3b/0x90 [ 156.376953] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.377342] RIP: 0033:0x7f4b87518a4d [ 156.377617] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.378069] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.378643] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.379174] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.379701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.380223] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.380743] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.381277] [ 156.381450] irq event stamp: 0 [ 156.381682] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.382143] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.382777] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.383401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.383868] ---[ end trace 0000000000000000 ]--- [ 156.384522] ------------[ cut here ]------------ [ 156.384868] WARNING: CPU: 0 PID: 1469 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.385611] Modules linked in: [ 156.385850] CPU: 0 PID: 1469 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.386492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.387357] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.387737] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.389071] RSP: 0018:ffff88801029fb78 EFLAGS: 00010246 [ 156.389460] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.389977] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 156.390499] RBP: ffff88801029fb98 R08: ffffed100243fa3e R09: ffffed100243fa3e [ 156.391046] R10: ffff8880121fd1ef R11: ffffed100243fa3d R12: ffff8880121fd290 [ 156.391577] R13: ffff8880121fd0a8 R14: ffffffffffffffff R15: ffff88801029fc60 [ 156.392101] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.392699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.393123] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.393648] PKRU: 55555554 [ 156.393856] Call Trace: [ 156.394044] [ 156.394212] iommufd_ioas_destroy+0x53/0x70 [ 156.394556] iommufd_fops_release+0x1f7/0x370 [ 156.394896] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.395286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.395658] ? write_comp_data+0x2f/0x90 [ 156.395971] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.396416] __fput+0x26d/0xa40 [ 156.396964] ____fput+0x1e/0x30 [ 156.397224] task_work_run+0x1a4/0x2d0 [ 156.397526] ? __pfx_task_work_run+0x10/0x10 [ 156.397854] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.398342] ? switch_task_namespaces+0xa9/0xe0 [ 156.398724] do_exit+0xb17/0x2ef0 [ 156.398982] ? lock_acquire+0x427/0x4c0 [ 156.399297] ? __pfx_lock_release+0x10/0x10 [ 156.399623] ? __kasan_check_write+0x18/0x20 [ 156.400010] ? do_raw_spin_lock+0x132/0x2a0 [ 156.400394] ? __pfx_do_exit+0x10/0x10 [ 156.400691] ? debug_smp_processor_id+0x20/0x30 [ 156.401039] ? rcu_is_watching+0x19/0xb0 [ 156.401343] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.401806] ? trace_hardirqs_on+0x26/0x120 [ 156.402133] do_group_exit+0xe0/0x2b0 [ 156.402421] __x64_sys_exit_group+0x47/0x50 [ 156.402758] do_syscall_64+0x3b/0x90 [ 156.403042] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.403442] RIP: 0033:0x7f4b87518a4d [ 156.403719] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.404307] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.404864] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.405389] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.406054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.406606] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.407154] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.407839] [ 156.408018] irq event stamp: 0 [ 156.408254] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.408728] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.409501] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.410131] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.410624] ---[ end trace 0000000000000000 ]--- [ 156.414379] ------------[ cut here ]------------ [ 156.414786] WARNING: CPU: 0 PID: 1470 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.415578] Modules linked in: [ 156.415823] CPU: 0 PID: 1470 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.416624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.417473] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.417984] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.419458] RSP: 0018:ffff8880171c7bb8 EFLAGS: 00010246 [ 156.419976] RAX: 0000000000000000 RBX: ffff8880181ff8a8 RCX: 0000000000000000 [ 156.420532] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 156.421087] RBP: ffff8880171c7bd0 R08: ffffed100303ff33 R09: ffffed100303ff33 [ 156.421642] R10: ffff8880181ff993 R11: ffffed100303ff32 R12: ffff888010cf9800 [ 156.422191] R13: ffff8880181ff9e8 R14: ffffffff8352e670 R15: ffff8880171c7e68 [ 156.422766] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.423400] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.423851] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 156.424401] PKRU: 55555554 [ 156.424621] Call Trace: [ 156.424822] [ 156.425000] __iommufd_access_detach+0x1c2/0x2b0 [ 156.425388] iommufd_access_change_pt+0x149/0x270 [ 156.425774] iommufd_access_replace+0xb4/0x120 [ 156.426149] iommufd_test+0x3e5/0x37e0 [ 156.426461] ? lock_release+0x532/0x770 [ 156.426800] ? __might_fault+0x102/0x1b0 [ 156.427143] ? lock_acquire+0x427/0x4c0 [ 156.427474] ? __pfx_iommufd_test+0x10/0x10 [ 156.427846] ? __pfx_lock_release+0x10/0x10 [ 156.428202] ? __pfx_lock_acquire+0x10/0x10 [ 156.428555] ? write_comp_data+0x2f/0x90 [ 156.428888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.429274] ? write_comp_data+0x2f/0x90 [ 156.429601] iommufd_fops_ioctl+0x37d/0x510 [ 156.429944] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.430331] ? write_comp_data+0x2f/0x90 [ 156.430684] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.431065] __x64_sys_ioctl+0x1a3/0x230 [ 156.431401] do_syscall_64+0x3b/0x90 [ 156.431703] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.432113] RIP: 0033:0x7f4b8743ee5d [ 156.432405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.433833] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.434430] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.435005] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.435575] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.436134] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.436685] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.437240] [ 156.437424] irq event stamp: 0 [ 156.437672] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.438168] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.438855] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.439529] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.440025] ---[ end trace 0000000000000000 ]--- [ 156.443181] ------------[ cut here ]------------ [ 156.443565] WARNING: CPU: 0 PID: 1470 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.444371] Modules linked in: [ 156.444634] CPU: 0 PID: 1470 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.445526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.446439] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.447036] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.448541] RSP: 0018:ffff8880171c7bd0 EFLAGS: 00010246 [ 156.449057] RAX: 0000000000000000 RBX: ffff8880181ff8a8 RCX: 0000000000000000 [ 156.449750] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 156.450341] RBP: ffff8880171c7be8 R08: ffffed100303ff33 R09: ffffed100303ff33 [ 156.451104] R10: ffff8880181ff993 R11: ffffed100303ff32 R12: ffff888010b0fc00 [ 156.451701] R13: ffff8880181ff9e8 R14: ffff88801825ab00 R15: 0000000000000000 [ 156.452281] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.453033] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.453601] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.454188] PKRU: 55555554 [ 156.454428] Call Trace: [ 156.454665] [ 156.454996] iommufd_access_destroy_object+0x65/0x170 [ 156.455443] iommufd_object_destroy_user+0x18e/0x220 [ 156.455869] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.456351] iommufd_access_destroy+0x43/0x70 [ 156.456726] iommufd_test_staccess_release+0x8d/0xd0 [ 156.457329] __fput+0x26d/0xa40 [ 156.457620] ____fput+0x1e/0x30 [ 156.457907] task_work_run+0x1a4/0x2d0 [ 156.458243] ? __pfx_task_work_run+0x10/0x10 [ 156.458659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.459089] ? switch_task_namespaces+0xa9/0xe0 [ 156.459696] do_exit+0xb17/0x2ef0 [ 156.460005] ? lock_acquire+0x427/0x4c0 [ 156.460361] ? __pfx_lock_release+0x10/0x10 [ 156.460740] ? __kasan_check_write+0x18/0x20 [ 156.461143] ? do_raw_spin_lock+0x132/0x2a0 [ 156.461661] ? __pfx_do_exit+0x10/0x10 [ 156.462017] ? debug_smp_processor_id+0x20/0x30 [ 156.462435] ? rcu_is_watching+0x19/0xb0 [ 156.462832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.463256] ? trace_hardirqs_on+0x26/0x120 [ 156.463838] do_group_exit+0xe0/0x2b0 [ 156.464178] __x64_sys_exit_group+0x47/0x50 [ 156.464564] do_syscall_64+0x3b/0x90 [ 156.464905] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.465395] RIP: 0033:0x7f4b87518a4d [ 156.465879] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.466427] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.467131] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.467797] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.468575] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.469214] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.469872] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.470704] [ 156.470913] irq event stamp: 0 [ 156.471205] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.471755] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.472729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.473505] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.474092] ---[ end trace 0000000000000000 ]--- [ 156.475145] ------------[ cut here ]------------ [ 156.475584] WARNING: CPU: 0 PID: 1470 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.476524] Modules linked in: [ 156.476877] CPU: 0 PID: 1470 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.477834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.478978] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.479609] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.481315] RSP: 0018:ffff8880171c7b78 EFLAGS: 00010246 [ 156.482029] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.482756] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 156.483458] RBP: ffff8880171c7b98 R08: ffffed100303ff3e R09: ffffed100303ff3e [ 156.484364] R10: ffff8880181ff9ef R11: ffffed100303ff3d R12: ffff8880181ffa90 [ 156.485054] R13: ffff8880181ff8a8 R14: ffffffffffffffff R15: ffff8880171c7c60 [ 156.485796] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.486746] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.487331] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.488231] PKRU: 55555554 [ 156.488513] Call Trace: [ 156.488765] [ 156.488988] iommufd_ioas_destroy+0x53/0x70 [ 156.489421] iommufd_fops_release+0x1f7/0x370 [ 156.489861] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.490564] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.491054] ? write_comp_data+0x2f/0x90 [ 156.491474] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.491973] __fput+0x26d/0xa40 [ 156.492543] ____fput+0x1e/0x30 [ 156.492883] task_work_run+0x1a4/0x2d0 [ 156.493276] ? __pfx_task_work_run+0x10/0x10 [ 156.493710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.494209] ? switch_task_namespaces+0xa9/0xe0 [ 156.494878] do_exit+0xb17/0x2ef0 [ 156.495279] ? lock_acquire+0x427/0x4c0 [ 156.495720] ? __pfx_lock_release+0x10/0x10 [ 156.496190] ? __kasan_check_write+0x18/0x20 [ 156.496907] ? do_raw_spin_lock+0x132/0x2a0 [ 156.497364] ? __pfx_do_exit+0x10/0x10 [ 156.497792] ? debug_smp_processor_id+0x20/0x30 [ 156.498294] ? rcu_is_watching+0x19/0xb0 [ 156.498797] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.499442] ? trace_hardirqs_on+0x26/0x120 [ 156.499910] do_group_exit+0xe0/0x2b0 [ 156.500313] __x64_sys_exit_group+0x47/0x50 [ 156.500803] do_syscall_64+0x3b/0x90 [ 156.501403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.501955] RIP: 0033:0x7f4b87518a4d [ 156.502353] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.503074] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.504041] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.504781] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.505765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.506533] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.507279] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.508271] [ 156.508518] irq event stamp: 0 [ 156.508848] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.509504] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.510661] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.511553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.512461] ---[ end trace 0000000000000000 ]--- [ 156.520442] ------------[ cut here ]------------ [ 156.520963] WARNING: CPU: 0 PID: 1471 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.522247] Modules linked in: [ 156.522620] CPU: 0 PID: 1471 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.523535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.524971] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.525494] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.527675] RSP: 0018:ffff88801054fbb8 EFLAGS: 00010246 [ 156.528230] RAX: 0000000000000000 RBX: ffff8880186e90a8 RCX: 0000000000000000 [ 156.529097] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 156.529960] RBP: ffff88801054fbd0 R08: ffffed10030dd233 R09: ffffed10030dd233 [ 156.530734] R10: ffff8880186e9193 R11: ffffed10030dd232 R12: ffff88800ae90000 [ 156.531536] R13: ffff8880186e91e8 R14: ffffffff8352e670 R15: ffff88801054fe68 [ 156.532472] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.533306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.534035] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 156.534931] PKRU: 55555554 [ 156.535244] Call Trace: [ 156.535509] [ 156.535744] __iommufd_access_detach+0x1c2/0x2b0 [ 156.536251] iommufd_access_change_pt+0x149/0x270 [ 156.536766] iommufd_access_replace+0xb4/0x120 [ 156.537256] iommufd_test+0x3e5/0x37e0 [ 156.537659] ? lock_release+0x532/0x770 [ 156.538081] ? __might_fault+0x102/0x1b0 [ 156.538541] ? lock_acquire+0x427/0x4c0 [ 156.538964] ? __pfx_iommufd_test+0x10/0x10 [ 156.539432] ? __pfx_lock_release+0x10/0x10 [ 156.539895] ? __pfx_lock_acquire+0x10/0x10 [ 156.540363] ? write_comp_data+0x2f/0x90 [ 156.540795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.541303] ? write_comp_data+0x2f/0x90 [ 156.541736] iommufd_fops_ioctl+0x37d/0x510 [ 156.542187] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.542727] ? write_comp_data+0x2f/0x90 [ 156.543178] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.543685] __x64_sys_ioctl+0x1a3/0x230 [ 156.544124] do_syscall_64+0x3b/0x90 [ 156.544524] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.545072] RIP: 0033:0x7f4b8743ee5d [ 156.545474] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.547407] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.548220] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.548962] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.549728] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.550446] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.551235] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.551977] [ 156.552224] irq event stamp: 0 [ 156.552555] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.553200] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.554050] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.554931] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.555587] ---[ end trace 0000000000000000 ]--- [ 156.559135] ------------[ cut here ]------------ [ 156.559907] WARNING: CPU: 0 PID: 1471 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.560985] Modules linked in: [ 156.561368] CPU: 0 PID: 1471 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.562576] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.563785] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.564368] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.566406] RSP: 0018:ffff88801054fbd0 EFLAGS: 00010246 [ 156.567010] RAX: 0000000000000000 RBX: ffff8880186e90a8 RCX: 0000000000000000 [ 156.567765] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 156.568495] RBP: ffff88801054fbe8 R08: ffffed10030dd233 R09: ffffed10030dd233 [ 156.569232] R10: ffff8880186e9193 R11: ffffed10030dd232 R12: ffff888010cf9000 [ 156.569980] R13: ffff8880186e91e8 R14: ffff88800f8ad900 R15: 0000000000000000 [ 156.570781] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.571627] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.572230] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.572975] PKRU: 55555554 [ 156.573283] Call Trace: [ 156.573550] [ 156.573787] iommufd_access_destroy_object+0x65/0x170 [ 156.574335] iommufd_object_destroy_user+0x18e/0x220 [ 156.574917] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.575552] iommufd_access_destroy+0x43/0x70 [ 156.576040] iommufd_test_staccess_release+0x8d/0xd0 [ 156.576578] __fput+0x26d/0xa40 [ 156.576937] ____fput+0x1e/0x30 [ 156.577289] task_work_run+0x1a4/0x2d0 [ 156.577710] ? __pfx_task_work_run+0x10/0x10 [ 156.578176] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.578733] ? switch_task_namespaces+0xa9/0xe0 [ 156.579251] do_exit+0xb17/0x2ef0 [ 156.579622] ? lock_acquire+0x427/0x4c0 [ 156.580052] ? __pfx_lock_release+0x10/0x10 [ 156.580507] ? __kasan_check_write+0x18/0x20 [ 156.580976] ? do_raw_spin_lock+0x132/0x2a0 [ 156.581427] ? __pfx_do_exit+0x10/0x10 [ 156.581839] ? debug_smp_processor_id+0x20/0x30 [ 156.582334] ? rcu_is_watching+0x19/0xb0 [ 156.582801] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.583299] ? trace_hardirqs_on+0x26/0x120 [ 156.583765] do_group_exit+0xe0/0x2b0 [ 156.584165] __x64_sys_exit_group+0x47/0x50 [ 156.584613] do_syscall_64+0x3b/0x90 [ 156.585012] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.585562] RIP: 0033:0x7f4b87518a4d [ 156.585958] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.586625] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.587446] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.588185] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.588912] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.589652] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.590393] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.591194] [ 156.591445] irq event stamp: 0 [ 156.591782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.592439] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.593308] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.594180] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.594877] ---[ end trace 0000000000000000 ]--- [ 156.596333] ------------[ cut here ]------------ [ 156.596856] WARNING: CPU: 0 PID: 1471 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.597924] Modules linked in: [ 156.598394] CPU: 0 PID: 1471 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.599571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.600746] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.601553] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.603607] RSP: 0018:ffff88801054fb78 EFLAGS: 00010246 [ 156.604361] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.605098] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 156.605839] RBP: ffff88801054fb98 R08: ffffed10030dd23e R09: ffffed10030dd23e [ 156.606907] R10: ffff8880186e91ef R11: ffffed10030dd23d R12: ffff8880186e9290 [ 156.607677] R13: ffff8880186e90a8 R14: ffffffffffffffff R15: ffff88801054fc60 [ 156.608428] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.609547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.610157] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.611191] PKRU: 55555554 [ 156.611499] Call Trace: [ 156.611765] [ 156.612002] iommufd_ioas_destroy+0x53/0x70 [ 156.612468] iommufd_fops_release+0x1f7/0x370 [ 156.612942] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.613609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.614282] ? write_comp_data+0x2f/0x90 [ 156.614780] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.615344] __fput+0x26d/0xa40 [ 156.615714] ____fput+0x1e/0x30 [ 156.616130] task_work_run+0x1a4/0x2d0 [ 156.616731] ? __pfx_task_work_run+0x10/0x10 [ 156.617222] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.617740] ? switch_task_namespaces+0xa9/0xe0 [ 156.618312] do_exit+0xb17/0x2ef0 [ 156.618871] ? lock_acquire+0x427/0x4c0 [ 156.619333] ? __pfx_lock_release+0x10/0x10 [ 156.619797] ? __kasan_check_write+0x18/0x20 [ 156.620267] ? do_raw_spin_lock+0x132/0x2a0 [ 156.620739] ? __pfx_do_exit+0x10/0x10 [ 156.621426] ? debug_smp_processor_id+0x20/0x30 [ 156.621939] ? rcu_is_watching+0x19/0xb0 [ 156.622378] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.622911] ? trace_hardirqs_on+0x26/0x120 [ 156.623402] do_group_exit+0xe0/0x2b0 [ 156.624085] __x64_sys_exit_group+0x47/0x50 [ 156.624564] do_syscall_64+0x3b/0x90 [ 156.624983] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.625589] RIP: 0033:0x7f4b87518a4d [ 156.626285] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.626990] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.627839] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.628657] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.629620] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.630406] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.631476] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.632241] [ 156.632489] irq event stamp: 0 [ 156.632829] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.633496] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.634395] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.635332] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.636029] ---[ end trace 0000000000000000 ]--- [ 156.640925] ------------[ cut here ]------------ [ 156.641482] WARNING: CPU: 0 PID: 1472 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.642609] Modules linked in: [ 156.642948] CPU: 0 PID: 1472 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.643897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.645097] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.645639] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.647779] RSP: 0018:ffff88801795fbb8 EFLAGS: 00010246 [ 156.648368] RAX: 0000000000000000 RBX: ffff888010b7f8a8 RCX: 0000000000000000 [ 156.649118] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 156.649883] RBP: ffff88801795fbd0 R08: ffffed100216ff33 R09: ffffed100216ff33 [ 156.650667] R10: ffff888010b7f993 R11: ffffed100216ff32 R12: ffff888013b14000 [ 156.651448] R13: ffff888010b7f9e8 R14: ffffffff8352e670 R15: ffff88801795fe68 [ 156.652228] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.653088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.653719] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 156.654482] PKRU: 55555554 [ 156.654831] Call Trace: [ 156.655128] [ 156.655378] __iommufd_access_detach+0x1c2/0x2b0 [ 156.655921] iommufd_access_change_pt+0x149/0x270 [ 156.656906] iommufd_access_replace+0xb4/0x120 [ 156.657433] iommufd_test+0x3e5/0x37e0 [ 156.657841] ? lock_release+0x532/0x770 [ 156.658269] ? __might_fault+0x102/0x1b0 [ 156.658769] ? lock_acquire+0x427/0x4c0 [ 156.659481] ? __pfx_iommufd_test+0x10/0x10 [ 156.659938] ? __pfx_lock_release+0x10/0x10 [ 156.660402] ? __pfx_lock_acquire+0x10/0x10 [ 156.660874] ? write_comp_data+0x2f/0x90 [ 156.661314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.662086] ? write_comp_data+0x2f/0x90 [ 156.662581] iommufd_fops_ioctl+0x37d/0x510 [ 156.663044] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.663582] ? write_comp_data+0x2f/0x90 [ 156.664031] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.664803] __x64_sys_ioctl+0x1a3/0x230 [ 156.665254] do_syscall_64+0x3b/0x90 [ 156.665667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.666234] RIP: 0033:0x7f4b8743ee5d [ 156.666667] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.668600] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.669422] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.670187] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.670973] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.671764] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.672513] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.673289] [ 156.673545] irq event stamp: 0 [ 156.673883] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.674580] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.675523] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.676413] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.677073] ---[ end trace 0000000000000000 ]--- [ 156.680481] ------------[ cut here ]------------ [ 156.681020] WARNING: CPU: 0 PID: 1472 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.682092] Modules linked in: [ 156.682433] CPU: 0 PID: 1472 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.683425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.684614] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.685148] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.687089] RSP: 0018:ffff88801795fbd0 EFLAGS: 00010246 [ 156.687689] RAX: 0000000000000000 RBX: ffff888010b7f8a8 RCX: 0000000000000000 [ 156.688461] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 156.689220] RBP: ffff88801795fbe8 R08: ffffed100216ff33 R09: ffffed100216ff33 [ 156.689996] R10: ffff888010b7f993 R11: ffffed100216ff32 R12: ffff88800ae90400 [ 156.690777] R13: ffff888010b7f9e8 R14: ffff888020947000 R15: 0000000000000000 [ 156.691544] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.692391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.693003] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.693768] PKRU: 55555554 [ 156.694066] Call Trace: [ 156.694338] [ 156.694609] iommufd_access_destroy_object+0x65/0x170 [ 156.695195] iommufd_object_destroy_user+0x18e/0x220 [ 156.695738] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.696362] iommufd_access_destroy+0x43/0x70 [ 156.696869] iommufd_test_staccess_release+0x8d/0xd0 [ 156.697418] __fput+0x26d/0xa40 [ 156.697790] ____fput+0x1e/0x30 [ 156.698156] task_work_run+0x1a4/0x2d0 [ 156.698622] ? __pfx_task_work_run+0x10/0x10 [ 156.699111] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.699665] ? switch_task_namespaces+0xa9/0xe0 [ 156.700173] do_exit+0xb17/0x2ef0 [ 156.700555] ? lock_acquire+0x427/0x4c0 [ 156.700990] ? __pfx_lock_release+0x10/0x10 [ 156.701475] ? __kasan_check_write+0x18/0x20 [ 156.701947] ? do_raw_spin_lock+0x132/0x2a0 [ 156.702407] ? __pfx_do_exit+0x10/0x10 [ 156.702872] ? debug_smp_processor_id+0x20/0x30 [ 156.703407] ? rcu_is_watching+0x19/0xb0 [ 156.703846] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.704328] ? trace_hardirqs_on+0x26/0x120 [ 156.704789] do_group_exit+0xe0/0x2b0 [ 156.705205] __x64_sys_exit_group+0x47/0x50 [ 156.705655] do_syscall_64+0x3b/0x90 [ 156.706057] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.706643] RIP: 0033:0x7f4b87518a4d [ 156.707048] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.707717] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.708521] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.709261] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.709994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.710799] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.711585] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.712339] [ 156.712590] irq event stamp: 0 [ 156.712934] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.713591] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.714476] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.715460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.716120] ---[ end trace 0000000000000000 ]--- [ 156.717048] ------------[ cut here ]------------ [ 156.717552] WARNING: CPU: 0 PID: 1472 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.718675] Modules linked in: [ 156.719036] CPU: 0 PID: 1472 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.719960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.721140] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.721692] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.723651] RSP: 0018:ffff88801795fb78 EFLAGS: 00010246 [ 156.724217] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.724963] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 156.725720] RBP: ffff88801795fb98 R08: ffffed100216ff3e R09: ffffed100216ff3e [ 156.726473] R10: ffff888010b7f9ef R11: ffffed100216ff3d R12: ffff888010b7fa90 [ 156.727285] R13: ffff888010b7f8a8 R14: ffffffffffffffff R15: ffff88801795fc60 [ 156.728040] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.728894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.729501] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.730239] PKRU: 55555554 [ 156.730565] Call Trace: [ 156.730838] [ 156.731085] iommufd_ioas_destroy+0x53/0x70 [ 156.731570] iommufd_fops_release+0x1f7/0x370 [ 156.732035] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.732560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.733078] ? write_comp_data+0x2f/0x90 [ 156.733485] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.733972] __fput+0x26d/0xa40 [ 156.734315] ____fput+0x1e/0x30 [ 156.734679] task_work_run+0x1a4/0x2d0 [ 156.735073] ? __pfx_task_work_run+0x10/0x10 [ 156.735519] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.735999] ? switch_task_namespaces+0xa9/0xe0 [ 156.736460] do_exit+0xb17/0x2ef0 [ 156.736803] ? lock_acquire+0x427/0x4c0 [ 156.737197] ? __pfx_lock_release+0x10/0x10 [ 156.737635] ? __kasan_check_write+0x18/0x20 [ 156.738061] ? do_raw_spin_lock+0x132/0x2a0 [ 156.738485] ? __pfx_do_exit+0x10/0x10 [ 156.738923] ? debug_smp_processor_id+0x20/0x30 [ 156.739402] ? rcu_is_watching+0x19/0xb0 [ 156.739793] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.740235] ? trace_hardirqs_on+0x26/0x120 [ 156.740658] do_group_exit+0xe0/0x2b0 [ 156.741030] __x64_sys_exit_group+0x47/0x50 [ 156.741444] do_syscall_64+0x3b/0x90 [ 156.741813] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.742322] RIP: 0033:0x7f4b87518a4d [ 156.742718] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.743332] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.744062] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.744753] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.745423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.746108] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.746817] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.747538] [ 156.747763] irq event stamp: 0 [ 156.748064] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.748657] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.749460] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.750243] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.750882] ---[ end trace 0000000000000000 ]--- [ 156.756006] ------------[ cut here ]------------ [ 156.756496] WARNING: CPU: 0 PID: 1473 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.757457] Modules linked in: [ 156.757759] CPU: 0 PID: 1473 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.758669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.759770] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.760243] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.761981] RSP: 0018:ffff888016ff7bb8 EFLAGS: 00010246 [ 156.762543] RAX: 0000000000000000 RBX: ffff88801029b8a8 RCX: 0000000000000000 [ 156.763241] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 156.763925] RBP: ffff888016ff7bd0 R08: ffffed1002053733 R09: ffffed1002053733 [ 156.764597] R10: ffff88801029b993 R11: ffffed1002053732 R12: ffff888012c06c00 [ 156.765291] R13: ffff88801029b9e8 R14: ffffffff8352e670 R15: ffff888016ff7e68 [ 156.765970] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.766770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.767345] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 156.768046] PKRU: 55555554 [ 156.768319] Call Trace: [ 156.768574] [ 156.768793] __iommufd_access_detach+0x1c2/0x2b0 [ 156.769260] iommufd_access_change_pt+0x149/0x270 [ 156.769733] iommufd_access_replace+0xb4/0x120 [ 156.770197] iommufd_test+0x3e5/0x37e0 [ 156.770603] ? lock_release+0x532/0x770 [ 156.771003] ? __might_fault+0x102/0x1b0 [ 156.771427] ? lock_acquire+0x427/0x4c0 [ 156.771816] ? __pfx_iommufd_test+0x10/0x10 [ 156.772241] ? __pfx_lock_release+0x10/0x10 [ 156.772669] ? __pfx_lock_acquire+0x10/0x10 [ 156.773106] ? write_comp_data+0x2f/0x90 [ 156.773516] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.773997] ? write_comp_data+0x2f/0x90 [ 156.774402] iommufd_fops_ioctl+0x37d/0x510 [ 156.774862] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.775374] ? write_comp_data+0x2f/0x90 [ 156.775776] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.776246] __x64_sys_ioctl+0x1a3/0x230 [ 156.776649] do_syscall_64+0x3b/0x90 [ 156.777023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.777523] RIP: 0033:0x7f4b8743ee5d [ 156.777881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.779652] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.780393] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.781066] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.781753] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.782419] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.783130] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.783809] [ 156.784041] irq event stamp: 0 [ 156.784338] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.784947] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.785733] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.786567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.787218] ---[ end trace 0000000000000000 ]--- [ 156.790341] ------------[ cut here ]------------ [ 156.790867] WARNING: CPU: 0 PID: 1473 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.791852] Modules linked in: [ 156.792154] CPU: 0 PID: 1473 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.792983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.794055] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.794554] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.796321] RSP: 0018:ffff888016ff7bd0 EFLAGS: 00010246 [ 156.796841] RAX: 0000000000000000 RBX: ffff88801029b8a8 RCX: 0000000000000000 [ 156.797513] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 156.798186] RBP: ffff888016ff7be8 R08: ffffed1002053733 R09: ffffed1002053733 [ 156.798895] R10: ffff88801029b993 R11: ffffed1002053732 R12: ffff888013b17c00 [ 156.799596] R13: ffff88801029b9e8 R14: ffff888020edb000 R15: 0000000000000000 [ 156.800281] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.801051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.801609] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.802282] PKRU: 55555554 [ 156.802583] Call Trace: [ 156.802838] [ 156.803052] iommufd_access_destroy_object+0x65/0x170 [ 156.803557] iommufd_object_destroy_user+0x18e/0x220 [ 156.804052] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.804612] iommufd_access_destroy+0x43/0x70 [ 156.805045] iommufd_test_staccess_release+0x8d/0xd0 [ 156.805543] __fput+0x26d/0xa40 [ 156.805869] ____fput+0x1e/0x30 [ 156.806191] task_work_run+0x1a4/0x2d0 [ 156.806615] ? __pfx_task_work_run+0x10/0x10 [ 156.807039] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.807527] ? switch_task_namespaces+0xa9/0xe0 [ 156.807976] do_exit+0xb17/0x2ef0 [ 156.808312] ? lock_acquire+0x427/0x4c0 [ 156.808690] ? __pfx_lock_release+0x10/0x10 [ 156.809100] ? __kasan_check_write+0x18/0x20 [ 156.809531] ? do_raw_spin_lock+0x132/0x2a0 [ 156.809942] ? __pfx_do_exit+0x10/0x10 [ 156.810318] ? debug_smp_processor_id+0x20/0x30 [ 156.810803] ? rcu_is_watching+0x19/0xb0 [ 156.811212] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.811646] ? trace_hardirqs_on+0x26/0x120 [ 156.812053] do_group_exit+0xe0/0x2b0 [ 156.812409] __x64_sys_exit_group+0x47/0x50 [ 156.812808] do_syscall_64+0x3b/0x90 [ 156.813176] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.813666] RIP: 0033:0x7f4b87518a4d [ 156.814018] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.814645] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.815387] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.816017] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.816638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.817274] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.817910] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.818561] [ 156.818781] irq event stamp: 0 [ 156.819061] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.819626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.820382] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.821122] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.821679] ---[ end trace 0000000000000000 ]--- [ 156.822453] ------------[ cut here ]------------ [ 156.822891] WARNING: CPU: 0 PID: 1473 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.823804] Modules linked in: [ 156.824086] CPU: 0 PID: 1473 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.824855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.825850] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.826302] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.827951] RSP: 0018:ffff888016ff7b78 EFLAGS: 00010246 [ 156.828421] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.829051] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 156.829675] RBP: ffff888016ff7b98 R08: ffffed100205373e R09: ffffed100205373e [ 156.830280] R10: ffff88801029b9ef R11: ffffed100205373d R12: ffff88801029ba90 [ 156.830907] R13: ffff88801029b8a8 R14: ffffffffffffffff R15: ffff888016ff7c60 [ 156.831502] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.832155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.832623] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.833202] PKRU: 55555554 [ 156.833441] Call Trace: [ 156.833652] [ 156.833840] iommufd_ioas_destroy+0x53/0x70 [ 156.834202] iommufd_fops_release+0x1f7/0x370 [ 156.834612] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.835030] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.835456] ? write_comp_data+0x2f/0x90 [ 156.835801] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.836221] __fput+0x26d/0xa40 [ 156.836507] ____fput+0x1e/0x30 [ 156.836788] task_work_run+0x1a4/0x2d0 [ 156.837128] ? __pfx_task_work_run+0x10/0x10 [ 156.837499] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.837906] ? switch_task_namespaces+0xa9/0xe0 [ 156.838318] do_exit+0xb17/0x2ef0 [ 156.838631] ? lock_acquire+0x427/0x4c0 [ 156.838977] ? __pfx_lock_release+0x10/0x10 [ 156.839353] ? __kasan_check_write+0x18/0x20 [ 156.839730] ? do_raw_spin_lock+0x132/0x2a0 [ 156.840091] ? __pfx_do_exit+0x10/0x10 [ 156.840423] ? debug_smp_processor_id+0x20/0x30 [ 156.840813] ? rcu_is_watching+0x19/0xb0 [ 156.841151] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.841533] ? trace_hardirqs_on+0x26/0x120 [ 156.841898] do_group_exit+0xe0/0x2b0 [ 156.842220] __x64_sys_exit_group+0x47/0x50 [ 156.842593] do_syscall_64+0x3b/0x90 [ 156.842914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.843359] RIP: 0033:0x7f4b87518a4d [ 156.843666] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.844176] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.844809] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.845391] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.845974] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.846591] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.847183] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.847774] [ 156.847966] irq event stamp: 0 [ 156.848229] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.848758] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.849435] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.850126] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.850669] ---[ end trace 0000000000000000 ]--- [ 156.854600] ------------[ cut here ]------------ [ 156.855028] WARNING: CPU: 0 PID: 1474 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.855874] Modules linked in: [ 156.856134] CPU: 0 PID: 1474 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.856842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.857751] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.858157] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.859795] RSP: 0018:ffff888016d1fbb8 EFLAGS: 00010246 [ 156.860217] RAX: 0000000000000000 RBX: ffff8880187688a8 RCX: 0000000000000000 [ 156.860789] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 156.861365] RBP: ffff888016d1fbd0 R08: ffffed10030ed133 R09: ffffed10030ed133 [ 156.861931] R10: ffff888018768993 R11: ffffed10030ed132 R12: ffff8880140ef400 [ 156.862529] R13: ffff8880187689e8 R14: ffffffff8352e670 R15: ffff888016d1fe68 [ 156.863097] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.863764] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.864232] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 156.864798] PKRU: 55555554 [ 156.865022] Call Trace: [ 156.865224] [ 156.865403] __iommufd_access_detach+0x1c2/0x2b0 [ 156.865790] iommufd_access_change_pt+0x149/0x270 [ 156.866177] iommufd_access_replace+0xb4/0x120 [ 156.866586] iommufd_test+0x3e5/0x37e0 [ 156.866907] ? lock_release+0x532/0x770 [ 156.867241] ? __might_fault+0x102/0x1b0 [ 156.867568] ? lock_acquire+0x427/0x4c0 [ 156.867899] ? __pfx_iommufd_test+0x10/0x10 [ 156.868238] ? __pfx_lock_release+0x10/0x10 [ 156.868598] ? __pfx_lock_acquire+0x10/0x10 [ 156.868961] ? write_comp_data+0x2f/0x90 [ 156.869295] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.869682] ? write_comp_data+0x2f/0x90 [ 156.870006] iommufd_fops_ioctl+0x37d/0x510 [ 156.870349] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.870764] ? write_comp_data+0x2f/0x90 [ 156.871097] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.871490] __x64_sys_ioctl+0x1a3/0x230 [ 156.871821] do_syscall_64+0x3b/0x90 [ 156.872129] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.872545] RIP: 0033:0x7f4b8743ee5d [ 156.872839] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.874252] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.874874] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.875462] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.876017] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.876571] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.877133] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.877689] [ 156.877872] irq event stamp: 0 [ 156.878121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.878634] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.879313] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.879973] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.880466] ---[ end trace 0000000000000000 ]--- [ 156.883272] ------------[ cut here ]------------ [ 156.883671] WARNING: CPU: 0 PID: 1474 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.884471] Modules linked in: [ 156.884722] CPU: 0 PID: 1474 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.885406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.886288] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.886908] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.888363] RSP: 0018:ffff888016d1fbd0 EFLAGS: 00010246 [ 156.888778] RAX: 0000000000000000 RBX: ffff8880187688a8 RCX: 0000000000000000 [ 156.889346] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 156.889909] RBP: ffff888016d1fbe8 R08: ffffed10030ed133 R09: ffffed10030ed133 [ 156.890475] R10: ffff888018768993 R11: ffffed10030ed132 R12: ffff888012c06000 [ 156.891053] R13: ffff8880187689e8 R14: ffff888020a38c00 R15: 0000000000000000 [ 156.891630] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.892261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.892719] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.893293] PKRU: 55555554 [ 156.893515] Call Trace: [ 156.893717] [ 156.893897] iommufd_access_destroy_object+0x65/0x170 [ 156.894319] iommufd_object_destroy_user+0x18e/0x220 [ 156.894755] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.895231] iommufd_access_destroy+0x43/0x70 [ 156.895595] iommufd_test_staccess_release+0x8d/0xd0 [ 156.896015] __fput+0x26d/0xa40 [ 156.896289] ____fput+0x1e/0x30 [ 156.896564] task_work_run+0x1a4/0x2d0 [ 156.896883] ? __pfx_task_work_run+0x10/0x10 [ 156.897251] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.897642] ? switch_task_namespaces+0xa9/0xe0 [ 156.898030] do_exit+0xb17/0x2ef0 [ 156.898312] ? lock_acquire+0x427/0x4c0 [ 156.898671] ? __pfx_lock_release+0x10/0x10 [ 156.899022] ? __kasan_check_write+0x18/0x20 [ 156.899396] ? do_raw_spin_lock+0x132/0x2a0 [ 156.899740] ? __pfx_do_exit+0x10/0x10 [ 156.900068] ? debug_smp_processor_id+0x20/0x30 [ 156.900439] ? rcu_is_watching+0x19/0xb0 [ 156.900765] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.901127] ? trace_hardirqs_on+0x26/0x120 [ 156.901483] do_group_exit+0xe0/0x2b0 [ 156.901788] __x64_sys_exit_group+0x47/0x50 [ 156.902138] do_syscall_64+0x3b/0x90 [ 156.902441] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.902883] RIP: 0033:0x7f4b87518a4d [ 156.903186] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.903676] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.904275] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.904842] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.905398] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.905951] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.906542] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.907125] [ 156.907310] irq event stamp: 0 [ 156.907563] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.908056] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.908719] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.909369] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.909867] ---[ end trace 0000000000000000 ]--- [ 156.910603] ------------[ cut here ]------------ [ 156.910988] WARNING: CPU: 0 PID: 1474 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 156.911857] Modules linked in: [ 156.912271] CPU: 0 PID: 1474 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.912965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.914016] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 156.914435] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 156.916173] RSP: 0018:ffff888016d1fb78 EFLAGS: 00010246 [ 156.916612] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 156.917178] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 156.917894] RBP: ffff888016d1fb98 R08: ffffed10030ed13e R09: ffffed10030ed13e [ 156.918462] R10: ffff8880187689ef R11: ffffed10030ed13d R12: ffff888018768a90 [ 156.919055] R13: ffff8880187688a8 R14: ffffffffffffffff R15: ffff888016d1fc60 [ 156.919642] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.920444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.920903] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.921473] PKRU: 55555554 [ 156.921761] Call Trace: [ 156.922041] [ 156.922222] iommufd_ioas_destroy+0x53/0x70 [ 156.922596] iommufd_fops_release+0x1f7/0x370 [ 156.922957] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.923371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.923921] ? write_comp_data+0x2f/0x90 [ 156.924261] ? __pfx_iommufd_fops_release+0x10/0x10 [ 156.924657] __fput+0x26d/0xa40 [ 156.924933] ____fput+0x1e/0x30 [ 156.925210] task_work_run+0x1a4/0x2d0 [ 156.925671] ? __pfx_task_work_run+0x10/0x10 [ 156.926035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.926426] ? switch_task_namespaces+0xa9/0xe0 [ 156.926831] do_exit+0xb17/0x2ef0 [ 156.927122] ? lock_acquire+0x427/0x4c0 [ 156.927467] ? __pfx_lock_release+0x10/0x10 [ 156.927945] ? __kasan_check_write+0x18/0x20 [ 156.928301] ? do_raw_spin_lock+0x132/0x2a0 [ 156.928656] ? __pfx_do_exit+0x10/0x10 [ 156.928971] ? debug_smp_processor_id+0x20/0x30 [ 156.929484] ? rcu_is_watching+0x19/0xb0 [ 156.929808] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.930180] ? trace_hardirqs_on+0x26/0x120 [ 156.930550] do_group_exit+0xe0/0x2b0 [ 156.930860] __x64_sys_exit_group+0x47/0x50 [ 156.931213] do_syscall_64+0x3b/0x90 [ 156.931677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.932092] RIP: 0033:0x7f4b87518a4d [ 156.932394] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.932888] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.933623] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.934187] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.934807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.935468] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 156.936034] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 156.936599] [ 156.936847] irq event stamp: 0 [ 156.937181] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.937679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.938340] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.939194] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.939694] ---[ end trace 0000000000000000 ]--- [ 156.945008] ------------[ cut here ]------------ [ 156.945574] WARNING: CPU: 0 PID: 1475 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.946393] Modules linked in: [ 156.946719] CPU: 0 PID: 1475 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.947591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.948511] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.948915] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.950395] RSP: 0018:ffff888016ff7bb8 EFLAGS: 00010246 [ 156.950868] RAX: 0000000000000000 RBX: ffff888017a440a8 RCX: 0000000000000000 [ 156.951469] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 156.952050] RBP: ffff888016ff7bd0 R08: ffffed1002f48833 R09: ffffed1002f48833 [ 156.952651] R10: ffff888017a44193 R11: ffffed1002f48832 R12: ffff888014582000 [ 156.953242] R13: ffff888017a441e8 R14: ffffffff8352e670 R15: ffff888016ff7e68 [ 156.953832] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.954489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.954984] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 156.955590] PKRU: 55555554 [ 156.955830] Call Trace: [ 156.956036] [ 156.956219] __iommufd_access_detach+0x1c2/0x2b0 [ 156.956626] iommufd_access_change_pt+0x149/0x270 [ 156.957034] iommufd_access_replace+0xb4/0x120 [ 156.957414] iommufd_test+0x3e5/0x37e0 [ 156.957732] ? lock_release+0x532/0x770 [ 156.958062] ? __might_fault+0x102/0x1b0 [ 156.958398] ? lock_acquire+0x427/0x4c0 [ 156.958754] ? __pfx_iommufd_test+0x10/0x10 [ 156.959122] ? __pfx_lock_release+0x10/0x10 [ 156.959482] ? __pfx_lock_acquire+0x10/0x10 [ 156.959858] ? write_comp_data+0x2f/0x90 [ 156.960198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.960604] ? write_comp_data+0x2f/0x90 [ 156.960943] iommufd_fops_ioctl+0x37d/0x510 [ 156.961301] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.961700] ? write_comp_data+0x2f/0x90 [ 156.962051] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 156.962447] __x64_sys_ioctl+0x1a3/0x230 [ 156.962816] do_syscall_64+0x3b/0x90 [ 156.963161] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.963591] RIP: 0033:0x7f4b8743ee5d [ 156.963896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 156.965367] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 156.965978] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 156.966569] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 156.967161] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 156.967746] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 156.968316] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 156.968899] [ 156.969092] irq event stamp: 0 [ 156.969348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 156.969860] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 156.970554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 156.971228] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 156.971734] ---[ end trace 0000000000000000 ]--- [ 156.974920] ------------[ cut here ]------------ [ 156.975325] WARNING: CPU: 0 PID: 1475 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 156.976116] Modules linked in: [ 156.976379] CPU: 0 PID: 1475 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 156.977244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 156.978125] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 156.978611] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 156.980109] RSP: 0018:ffff888016ff7bd0 EFLAGS: 00010246 [ 156.980529] RAX: 0000000000000000 RBX: ffff888017a440a8 RCX: 0000000000000000 [ 156.981097] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 156.981823] RBP: ffff888016ff7be8 R08: ffffed1002f48833 R09: ffffed1002f48833 [ 156.982384] R10: ffff888017a44193 R11: ffffed1002f48832 R12: ffff8880140ed800 [ 156.982974] R13: ffff888017a441e8 R14: ffff888016e16300 R15: 0000000000000000 [ 156.983723] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 156.984354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 156.984811] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 156.985522] PKRU: 55555554 [ 156.985753] Call Trace: [ 156.985958] [ 156.986155] iommufd_access_destroy_object+0x65/0x170 [ 156.986598] iommufd_object_destroy_user+0x18e/0x220 [ 156.987081] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 156.987633] iommufd_access_destroy+0x43/0x70 [ 156.988009] iommufd_test_staccess_release+0x8d/0xd0 [ 156.988432] __fput+0x26d/0xa40 [ 156.988810] ____fput+0x1e/0x30 [ 156.989153] task_work_run+0x1a4/0x2d0 [ 156.989483] ? __pfx_task_work_run+0x10/0x10 [ 156.989849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 156.990253] ? switch_task_namespaces+0xa9/0xe0 [ 156.990669] do_exit+0xb17/0x2ef0 [ 156.990954] ? lock_acquire+0x427/0x4c0 [ 156.991304] ? __pfx_lock_release+0x10/0x10 [ 156.991826] ? __kasan_check_write+0x18/0x20 [ 156.992192] ? do_raw_spin_lock+0x132/0x2a0 [ 156.992545] ? __pfx_do_exit+0x10/0x10 [ 156.992869] ? debug_smp_processor_id+0x20/0x30 [ 156.993256] ? rcu_is_watching+0x19/0xb0 [ 156.993748] ? _raw_spin_unlock_irq+0x2b/0x60 [ 156.994124] ? trace_hardirqs_on+0x26/0x120 [ 156.994482] do_group_exit+0xe0/0x2b0 [ 156.994820] __x64_sys_exit_group+0x47/0x50 [ 156.995182] do_syscall_64+0x3b/0x90 [ 156.995509] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 156.996077] RIP: 0033:0x7f4b87518a4d [ 156.996380] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 156.996875] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 156.997565] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 156.998219] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 156.998816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 156.999400] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.000131] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.000736] [ 157.000931] irq event stamp: 0 [ 157.001190] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.001888] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.002596] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.003373] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.003985] ---[ end trace 0000000000000000 ]--- [ 157.005106] ------------[ cut here ]------------ [ 157.005607] WARNING: CPU: 0 PID: 1475 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.006466] Modules linked in: [ 157.006788] CPU: 0 PID: 1475 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.007668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.008634] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.009198] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.010847] RSP: 0018:ffff888016ff7b78 EFLAGS: 00010246 [ 157.011302] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.011891] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 157.012480] RBP: ffff888016ff7b98 R08: ffffed1002f4883e R09: ffffed1002f4883e [ 157.013065] R10: ffff888017a441ef R11: ffffed1002f4883d R12: ffff888017a44290 [ 157.013676] R13: ffff888017a440a8 R14: ffffffffffffffff R15: ffff888016ff7c60 [ 157.014277] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 157.014967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.015459] CR2: 00007f82e2bcb000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 157.016046] PKRU: 55555554 [ 157.016276] Call Trace: [ 157.016483] [ 157.016670] iommufd_ioas_destroy+0x53/0x70 [ 157.017037] iommufd_fops_release+0x1f7/0x370 [ 157.017416] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.017834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.018255] ? write_comp_data+0x2f/0x90 [ 157.018626] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.019052] __fput+0x26d/0xa40 [ 157.019360] ____fput+0x1e/0x30 [ 157.019635] task_work_run+0x1a4/0x2d0 [ 157.019971] ? __pfx_task_work_run+0x10/0x10 [ 157.020335] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.020745] ? switch_task_namespaces+0xa9/0xe0 [ 157.021134] do_exit+0xb17/0x2ef0 [ 157.021420] ? lock_acquire+0x427/0x4c0 [ 157.021768] ? __pfx_lock_release+0x10/0x10 [ 157.022135] ? __kasan_check_write+0x18/0x20 [ 157.022532] ? do_raw_spin_lock+0x132/0x2a0 [ 157.022902] ? __pfx_do_exit+0x10/0x10 [ 157.023259] ? debug_smp_processor_id+0x20/0x30 [ 157.023641] ? rcu_is_watching+0x19/0xb0 [ 157.023973] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.024348] ? trace_hardirqs_on+0x26/0x120 [ 157.024704] do_group_exit+0xe0/0x2b0 [ 157.025025] __x64_sys_exit_group+0x47/0x50 [ 157.025384] do_syscall_64+0x3b/0x90 [ 157.025698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.026127] RIP: 0033:0x7f4b87518a4d [ 157.026434] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.026962] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.027591] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.028174] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.028746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.029319] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.029897] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.030485] [ 157.030692] irq event stamp: 0 [ 157.030948] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.031462] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.032134] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.032812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.033316] ---[ end trace 0000000000000000 ]--- [ 157.037723] ------------[ cut here ]------------ [ 157.038295] WARNING: CPU: 1 PID: 1476 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.039202] Modules linked in: [ 157.039469] CPU: 1 PID: 1476 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.040327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.041247] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.041654] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.043295] RSP: 0018:ffff888020b57bb8 EFLAGS: 00010246 [ 157.043740] RAX: 0000000000000000 RBX: ffff888020e448a8 RCX: 0000000000000000 [ 157.044389] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 157.045017] RBP: ffff888020b57bd0 R08: ffffed10041c8933 R09: ffffed10041c8933 [ 157.045597] R10: ffff888020e44993 R11: ffffed10041c8932 R12: ffff888013b23000 [ 157.046256] R13: ffff888020e449e8 R14: ffffffff8352e670 R15: ffff888020b57e68 [ 157.046908] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.047581] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.048060] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 157.048770] PKRU: 55555554 [ 157.049004] Call Trace: [ 157.049214] [ 157.049402] __iommufd_access_detach+0x1c2/0x2b0 [ 157.049822] iommufd_access_change_pt+0x149/0x270 [ 157.050314] iommufd_access_replace+0xb4/0x120 [ 157.050789] iommufd_test+0x3e5/0x37e0 [ 157.051139] ? lock_release+0x532/0x770 [ 157.051493] ? __might_fault+0x102/0x1b0 [ 157.051849] ? lock_acquire+0x427/0x4c0 [ 157.052200] ? __pfx_iommufd_test+0x10/0x10 [ 157.052607] ? __pfx_lock_release+0x10/0x10 [ 157.053057] ? __pfx_lock_acquire+0x10/0x10 [ 157.053446] ? write_comp_data+0x2f/0x90 [ 157.053804] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.054242] ? write_comp_data+0x2f/0x90 [ 157.054732] iommufd_fops_ioctl+0x37d/0x510 [ 157.055126] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.055566] ? write_comp_data+0x2f/0x90 [ 157.055931] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.056356] __x64_sys_ioctl+0x1a3/0x230 [ 157.056725] do_syscall_64+0x3b/0x90 [ 157.057191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.057656] RIP: 0033:0x7f4b8743ee5d [ 157.057987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.059770] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.060448] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.061066] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.061728] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.062425] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.063059] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.063701] [ 157.063908] irq event stamp: 0 [ 157.064309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.064862] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.065595] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.066456] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.067031] ---[ end trace 0000000000000000 ]--- [ 157.070267] ------------[ cut here ]------------ [ 157.070852] WARNING: CPU: 1 PID: 1476 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.071749] Modules linked in: [ 157.072028] CPU: 1 PID: 1476 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.072784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.073886] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.074324] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.076076] RSP: 0018:ffff888020b57bd0 EFLAGS: 00010246 [ 157.076542] RAX: 0000000000000000 RBX: ffff888020e448a8 RCX: 0000000000000000 [ 157.077156] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 157.077900] RBP: ffff888020b57be8 R08: ffffed10041c8933 R09: ffffed10041c8933 [ 157.078540] R10: ffff888020e44993 R11: ffffed10041c8932 R12: ffff88800ef55000 [ 157.079170] R13: ffff888020e449e8 R14: ffff888020c48000 R15: 0000000000000000 [ 157.079827] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.080597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.081105] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.081748] PKRU: 55555554 [ 157.082099] Call Trace: [ 157.082325] [ 157.082546] iommufd_access_destroy_object+0x65/0x170 [ 157.083005] iommufd_object_destroy_user+0x18e/0x220 [ 157.083466] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.083979] iommufd_access_destroy+0x43/0x70 [ 157.084498] iommufd_test_staccess_release+0x8d/0xd0 [ 157.084952] __fput+0x26d/0xa40 [ 157.085255] ____fput+0x1e/0x30 [ 157.085556] task_work_run+0x1a4/0x2d0 [ 157.085906] ? __pfx_task_work_run+0x10/0x10 [ 157.086344] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.086848] ? switch_task_namespaces+0xa9/0xe0 [ 157.087292] do_exit+0xb17/0x2ef0 [ 157.087597] ? lock_acquire+0x427/0x4c0 [ 157.087954] ? __pfx_lock_release+0x10/0x10 [ 157.088340] ? __kasan_check_write+0x18/0x20 [ 157.088775] ? do_raw_spin_lock+0x132/0x2a0 [ 157.089313] ? __pfx_do_exit+0x10/0x10 [ 157.089668] ? debug_smp_processor_id+0x20/0x30 [ 157.090077] ? rcu_is_watching+0x19/0xb0 [ 157.090434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.090904] ? trace_hardirqs_on+0x26/0x120 [ 157.091389] do_group_exit+0xe0/0x2b0 [ 157.091731] __x64_sys_exit_group+0x47/0x50 [ 157.092113] do_syscall_64+0x3b/0x90 [ 157.092452] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.092910] RIP: 0033:0x7f4b87518a4d [ 157.093238] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.093960] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.094652] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.095295] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.095994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.096667] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.097291] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.097955] [ 157.098247] irq event stamp: 0 [ 157.098545] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.099094] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.099837] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.100692] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.101242] ---[ end trace 0000000000000000 ]--- [ 157.102002] ------------[ cut here ]------------ [ 157.102482] WARNING: CPU: 1 PID: 1476 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.103529] Modules linked in: [ 157.103827] CPU: 1 PID: 1476 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.104629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.105831] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.106306] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.108154] RSP: 0018:ffff888020b57b78 EFLAGS: 00010246 [ 157.108648] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.109307] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 157.110122] RBP: ffff888020b57b98 R08: ffffed10041c893e R09: ffffed10041c893e [ 157.110797] R10: ffff888020e449ef R11: ffffed10041c893d R12: ffff888020e44a90 [ 157.111470] R13: ffff888020e448a8 R14: ffffffffffffffff R15: ffff888020b57c60 [ 157.112145] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.113012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.113543] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.114194] PKRU: 55555554 [ 157.114595] Call Trace: [ 157.114870] [ 157.115081] iommufd_ioas_destroy+0x53/0x70 [ 157.115502] iommufd_fops_release+0x1f7/0x370 [ 157.115927] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.116393] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.116874] ? write_comp_data+0x2f/0x90 [ 157.117380] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.117845] __fput+0x26d/0xa40 [ 157.118166] ____fput+0x1e/0x30 [ 157.118481] task_work_run+0x1a4/0x2d0 [ 157.118888] ? __pfx_task_work_run+0x10/0x10 [ 157.119316] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.119929] ? switch_task_namespaces+0xa9/0xe0 [ 157.120373] do_exit+0xb17/0x2ef0 [ 157.120699] ? lock_acquire+0x427/0x4c0 [ 157.121076] ? __pfx_lock_release+0x10/0x10 [ 157.121487] ? __kasan_check_write+0x18/0x20 [ 157.122049] ? do_raw_spin_lock+0x132/0x2a0 [ 157.122457] ? __pfx_do_exit+0x10/0x10 [ 157.122871] ? debug_smp_processor_id+0x20/0x30 [ 157.123325] ? rcu_is_watching+0x19/0xb0 [ 157.123707] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.124130] ? trace_hardirqs_on+0x26/0x120 [ 157.124697] do_group_exit+0xe0/0x2b0 [ 157.125061] __x64_sys_exit_group+0x47/0x50 [ 157.125469] do_syscall_64+0x3b/0x90 [ 157.125831] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.126323] RIP: 0033:0x7f4b87518a4d [ 157.126717] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.127313] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.128030] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.128705] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.129375] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.130042] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.130723] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.131405] [ 157.131625] irq event stamp: 0 [ 157.131917] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.132506] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.133287] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.134056] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.134659] ---[ end trace 0000000000000000 ]--- [ 157.139186] ------------[ cut here ]------------ [ 157.139674] WARNING: CPU: 1 PID: 1477 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.140615] Modules linked in: [ 157.140917] CPU: 1 PID: 1477 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.141722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.142783] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.143254] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.144935] RSP: 0018:ffff888021aafbb8 EFLAGS: 00010246 [ 157.145428] RAX: 0000000000000000 RBX: ffff8880182968a8 RCX: 0000000000000000 [ 157.146076] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 157.146746] RBP: ffff888021aafbd0 R08: ffffed1003052d33 R09: ffffed1003052d33 [ 157.147407] R10: ffff888018296993 R11: ffffed1003052d32 R12: ffff888012e93000 [ 157.148066] R13: ffff8880182969e8 R14: ffffffff8352e670 R15: ffff888021aafe68 [ 157.148712] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.149444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.149974] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 157.150649] PKRU: 55555554 [ 157.150913] Call Trace: [ 157.151157] [ 157.151370] __iommufd_access_detach+0x1c2/0x2b0 [ 157.151820] iommufd_access_change_pt+0x149/0x270 [ 157.152277] iommufd_access_replace+0xb4/0x120 [ 157.152707] iommufd_test+0x3e5/0x37e0 [ 157.153062] ? lock_release+0x532/0x770 [ 157.153437] ? __might_fault+0x102/0x1b0 [ 157.153808] ? lock_acquire+0x427/0x4c0 [ 157.154166] ? __pfx_iommufd_test+0x10/0x10 [ 157.154566] ? __pfx_lock_release+0x10/0x10 [ 157.154952] ? __pfx_lock_acquire+0x10/0x10 [ 157.155352] ? write_comp_data+0x2f/0x90 [ 157.155714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.156144] ? write_comp_data+0x2f/0x90 [ 157.156511] iommufd_fops_ioctl+0x37d/0x510 [ 157.156892] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.157322] ? write_comp_data+0x2f/0x90 [ 157.157687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.158113] __x64_sys_ioctl+0x1a3/0x230 [ 157.158485] do_syscall_64+0x3b/0x90 [ 157.158854] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.159321] RIP: 0033:0x7f4b8743ee5d [ 157.159650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.161242] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.161901] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.162535] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.163158] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.163771] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.164389] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.165013] [ 157.165218] irq event stamp: 0 [ 157.165498] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.166047] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.166809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.167539] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.168085] ---[ end trace 0000000000000000 ]--- [ 157.171052] ------------[ cut here ]------------ [ 157.171514] WARNING: CPU: 1 PID: 1477 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.172591] Modules linked in: [ 157.172880] CPU: 1 PID: 1477 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.173644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.174786] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.175240] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.176958] RSP: 0018:ffff888021aafbd0 EFLAGS: 00010246 [ 157.177421] RAX: 0000000000000000 RBX: ffff8880182968a8 RCX: 0000000000000000 [ 157.178036] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 157.178767] RBP: ffff888021aafbe8 R08: ffffed1003052d33 R09: ffffed1003052d33 [ 157.179428] R10: ffff888018296993 R11: ffffed1003052d32 R12: ffff888013b21c00 [ 157.180047] R13: ffff8880182969e8 R14: ffff88800f8ad100 R15: 0000000000000000 [ 157.180670] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.181504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.182006] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.182648] PKRU: 55555554 [ 157.182904] Call Trace: [ 157.183147] [ 157.183433] iommufd_access_destroy_object+0x65/0x170 [ 157.183945] iommufd_object_destroy_user+0x18e/0x220 [ 157.184400] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.184913] iommufd_access_destroy+0x43/0x70 [ 157.185373] iommufd_test_staccess_release+0x8d/0xd0 [ 157.185902] __fput+0x26d/0xa40 [ 157.186213] ____fput+0x1e/0x30 [ 157.186554] task_work_run+0x1a4/0x2d0 [ 157.186910] ? __pfx_task_work_run+0x10/0x10 [ 157.187317] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.187770] ? switch_task_namespaces+0xa9/0xe0 [ 157.188296] do_exit+0xb17/0x2ef0 [ 157.188612] ? lock_acquire+0x427/0x4c0 [ 157.188970] ? __pfx_lock_release+0x10/0x10 [ 157.189359] ? __kasan_check_write+0x18/0x20 [ 157.189752] ? do_raw_spin_lock+0x132/0x2a0 [ 157.190282] ? __pfx_do_exit+0x10/0x10 [ 157.190668] ? debug_smp_processor_id+0x20/0x30 [ 157.191081] ? rcu_is_watching+0x19/0xb0 [ 157.191450] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.191851] ? trace_hardirqs_on+0x26/0x120 [ 157.192238] do_group_exit+0xe0/0x2b0 [ 157.192698] __x64_sys_exit_group+0x47/0x50 [ 157.193080] do_syscall_64+0x3b/0x90 [ 157.193417] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.193872] RIP: 0033:0x7f4b87518a4d [ 157.194197] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.194881] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.195564] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.196187] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.196826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.197552] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.198170] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.198817] [ 157.199029] irq event stamp: 0 [ 157.199401] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.200001] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.200752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.201483] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.202034] ---[ end trace 0000000000000000 ]--- [ 157.202818] ------------[ cut here ]------------ [ 157.203240] WARNING: CPU: 1 PID: 1477 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.204122] Modules linked in: [ 157.204403] CPU: 1 PID: 1477 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.205160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.206129] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.206596] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.208180] RSP: 0018:ffff888021aafb78 EFLAGS: 00010246 [ 157.208644] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.209267] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 157.209885] RBP: ffff888021aafb98 R08: ffffed1003052d3e R09: ffffed1003052d3e [ 157.210498] R10: ffff8880182969ef R11: ffffed1003052d3d R12: ffff888018296a90 [ 157.211156] R13: ffff8880182968a8 R14: ffffffffffffffff R15: ffff888021aafc60 [ 157.211775] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.212469] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.212981] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.213599] PKRU: 55555554 [ 157.213848] Call Trace: [ 157.214071] [ 157.214269] iommufd_ioas_destroy+0x53/0x70 [ 157.214679] iommufd_fops_release+0x1f7/0x370 [ 157.214999] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 157.215080] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.216922] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 157.217324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.218992] ? write_comp_data+0x2f/0x90 [ 157.219367] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.219810] __fput+0x26d/0xa40 [ 157.220112] ____fput+0x1e/0x30 [ 157.220410] task_work_run+0x1a4/0x2d0 [ 157.220757] ? __pfx_task_work_run+0x10/0x10 [ 157.221146] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.221574] ? switch_task_namespaces+0xa9/0xe0 [ 157.221992] do_exit+0xb17/0x2ef0 [ 157.222300] ? lock_acquire+0x427/0x4c0 [ 157.222668] ? __pfx_lock_release+0x10/0x10 [ 157.223050] ? __kasan_check_write+0x18/0x20 [ 157.223446] ? do_raw_spin_lock+0x132/0x2a0 [ 157.223828] ? __pfx_do_exit+0x10/0x10 [ 157.224181] ? debug_smp_processor_id+0x20/0x30 [ 157.224599] ? rcu_is_watching+0x19/0xb0 [ 157.224954] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.225353] ? trace_hardirqs_on+0x26/0x120 [ 157.225736] do_group_exit+0xe0/0x2b0 [ 157.226073] __x64_sys_exit_group+0x47/0x50 [ 157.226449] do_syscall_64+0x3b/0x90 [ 157.226804] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.227276] RIP: 0033:0x7f4b87518a4d [ 157.227608] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.228144] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.228802] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.229424] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.230047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.230681] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.231312] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.231942] [ 157.232147] irq event stamp: 0 [ 157.232428] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.232976] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.233711] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.234446] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.235010] ---[ end trace 0000000000000000 ]--- [ 157.239928] ------------[ cut here ]------------ [ 157.240387] WARNING: CPU: 1 PID: 1479 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.241270] Modules linked in: [ 157.241548] CPU: 1 PID: 1479 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.242295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.243354] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.243783] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.245348] RSP: 0018:ffff888015c7fbb8 EFLAGS: 00010246 [ 157.245812] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 157.246429] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 157.247061] RBP: ffff888015c7fbd0 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 157.247889] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff888012e94000 [ 157.248522] R13: ffff88801609b1e8 R14: ffffffff8352e670 R15: ffff888015c7fe68 [ 157.249141] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.249970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.250476] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 157.251111] PKRU: 55555554 [ 157.251378] Call Trace: [ 157.251601] [ 157.251801] __iommufd_access_detach+0x1c2/0x2b0 [ 157.252230] iommufd_access_change_pt+0x149/0x270 [ 157.252664] iommufd_access_replace+0xb4/0x120 [ 157.253078] iommufd_test+0x3e5/0x37e0 [ 157.253426] ? lock_release+0x532/0x770 [ 157.253785] ? __might_fault+0x102/0x1b0 [ 157.254144] ? lock_acquire+0x427/0x4c0 [ 157.254500] ? __pfx_iommufd_test+0x10/0x10 [ 157.254896] ? __pfx_lock_release+0x10/0x10 [ 157.255293] ? __pfx_lock_acquire+0x10/0x10 [ 157.255685] ? write_comp_data+0x2f/0x90 [ 157.256054] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.256634] ? write_comp_data+0x2f/0x90 [ 157.257009] iommufd_fops_ioctl+0x37d/0x510 [ 157.257394] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.257828] ? write_comp_data+0x2f/0x90 [ 157.258205] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.258784] __x64_sys_ioctl+0x1a3/0x230 [ 157.259168] do_syscall_64+0x3b/0x90 [ 157.259513] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.259987] RIP: 0033:0x7f4b8743ee5d [ 157.260315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.261895] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.262591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.263263] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.263985] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.264613] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.265322] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.266029] [ 157.266252] irq event stamp: 0 [ 157.266566] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.267159] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.268069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.268841] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.269420] ---[ end trace 0000000000000000 ]--- [ 157.272729] ------------[ cut here ]------------ [ 157.273208] WARNING: CPU: 1 PID: 1479 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.274131] Modules linked in: [ 157.274427] CPU: 1 PID: 1479 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.275268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.276295] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.276754] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.278418] RSP: 0018:ffff888015c7fbd0 EFLAGS: 00010246 [ 157.278921] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 157.279583] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 157.280230] RBP: ffff888015c7fbe8 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 157.280873] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff888012e93c00 [ 157.281518] R13: ffff88801609b1e8 R14: ffff88800fa7ee00 R15: 0000000000000000 [ 157.282168] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.282924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.283477] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.284146] PKRU: 55555554 [ 157.284411] Call Trace: [ 157.284649] [ 157.284859] iommufd_access_destroy_object+0x65/0x170 [ 157.285343] iommufd_object_destroy_user+0x18e/0x220 [ 157.285819] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.286363] iommufd_access_destroy+0x43/0x70 [ 157.286807] iommufd_test_staccess_release+0x8d/0xd0 [ 157.287291] __fput+0x26d/0xa40 [ 157.287607] ____fput+0x1e/0x30 [ 157.287925] task_work_run+0x1a4/0x2d0 [ 157.288292] ? __pfx_task_work_run+0x10/0x10 [ 157.288699] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.289149] ? switch_task_namespaces+0xa9/0xe0 [ 157.289596] do_exit+0xb17/0x2ef0 [ 157.289917] ? lock_acquire+0x427/0x4c0 [ 157.290295] ? __pfx_lock_release+0x10/0x10 [ 157.290716] ? __kasan_check_write+0x18/0x20 [ 157.291134] ? do_raw_spin_lock+0x132/0x2a0 [ 157.291541] ? __pfx_do_exit+0x10/0x10 [ 157.291912] ? debug_smp_processor_id+0x20/0x30 [ 157.292351] ? rcu_is_watching+0x19/0xb0 [ 157.292728] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.293156] ? trace_hardirqs_on+0x26/0x120 [ 157.293562] do_group_exit+0xe0/0x2b0 [ 157.293900] __x64_sys_exit_group+0x47/0x50 [ 157.294274] do_syscall_64+0x3b/0x90 [ 157.294627] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.295088] RIP: 0033:0x7f4b87518a4d [ 157.295425] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.295956] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.296616] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.297230] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.297842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.298455] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.299093] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.299755] [ 157.299960] irq event stamp: 0 [ 157.300241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.300789] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.301510] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.302226] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.302794] ---[ end trace 0000000000000000 ]--- [ 157.303563] ------------[ cut here ]------------ [ 157.303974] WARNING: CPU: 1 PID: 1479 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.304852] Modules linked in: [ 157.305130] CPU: 1 PID: 1479 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.305890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.306872] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.307331] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.308909] RSP: 0018:ffff888015c7fb78 EFLAGS: 00010246 [ 157.309382] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.309994] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 157.310620] RBP: ffff888015c7fb98 R08: ffffed1002c1363e R09: ffffed1002c1363e [ 157.311245] R10: ffff88801609b1ef R11: ffffed1002c1363d R12: ffff88801609b290 [ 157.311861] R13: ffff88801609b0a8 R14: ffffffffffffffff R15: ffff888015c7fc60 [ 157.312474] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.313172] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.313676] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.314301] PKRU: 55555554 [ 157.314566] Call Trace: [ 157.314795] [ 157.314994] iommufd_ioas_destroy+0x53/0x70 [ 157.315384] iommufd_fops_release+0x1f7/0x370 [ 157.315784] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.316222] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.316656] ? write_comp_data+0x2f/0x90 [ 157.317018] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.317454] __fput+0x26d/0xa40 [ 157.317754] ____fput+0x1e/0x30 [ 157.318047] task_work_run+0x1a4/0x2d0 [ 157.318395] ? __pfx_task_work_run+0x10/0x10 [ 157.318806] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.319241] ? switch_task_namespaces+0xa9/0xe0 [ 157.319653] do_exit+0xb17/0x2ef0 [ 157.319950] ? lock_acquire+0x427/0x4c0 [ 157.320300] ? __pfx_lock_release+0x10/0x10 [ 157.320676] ? __kasan_check_write+0x18/0x20 [ 157.321056] ? do_raw_spin_lock+0x132/0x2a0 [ 157.321425] ? __pfx_do_exit+0x10/0x10 [ 157.321762] ? debug_smp_processor_id+0x20/0x30 [ 157.322150] ? rcu_is_watching+0x19/0xb0 [ 157.322496] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.322903] ? trace_hardirqs_on+0x26/0x120 [ 157.323283] do_group_exit+0xe0/0x2b0 [ 157.323600] __x64_sys_exit_group+0x47/0x50 [ 157.323955] do_syscall_64+0x3b/0x90 [ 157.324272] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.324720] RIP: 0033:0x7f4b87518a4d [ 157.325029] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.325532] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.326164] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.326777] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.327370] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.327950] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.328528] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.329113] [ 157.329304] irq event stamp: 0 [ 157.329564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.330080] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.330779] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.331466] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.331980] ---[ end trace 0000000000000000 ]--- [ 157.335692] ------------[ cut here ]------------ [ 157.336102] WARNING: CPU: 1 PID: 1480 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.336924] Modules linked in: [ 157.337185] CPU: 1 PID: 1480 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.337901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.338839] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.339256] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.340733] RSP: 0018:ffff8880120e7bb8 EFLAGS: 00010246 [ 157.341170] RAX: 0000000000000000 RBX: ffff888010ffd8a8 RCX: 0000000000000000 [ 157.341744] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 157.342320] RBP: ffff8880120e7bd0 R08: ffffed10021ffb33 R09: ffffed10021ffb33 [ 157.342918] R10: ffff888010ffd993 R11: ffffed10021ffb32 R12: ffff88800a726400 [ 157.343509] R13: ffff888010ffd9e8 R14: ffffffff8352e670 R15: ffff8880120e7e68 [ 157.344101] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.344755] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.345227] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 157.345807] PKRU: 55555554 [ 157.346038] Call Trace: [ 157.346248] [ 157.346436] __iommufd_access_detach+0x1c2/0x2b0 [ 157.346860] iommufd_access_change_pt+0x149/0x270 [ 157.347278] iommufd_access_replace+0xb4/0x120 [ 157.347667] iommufd_test+0x3e5/0x37e0 [ 157.347989] ? lock_release+0x532/0x770 [ 157.348327] ? __might_fault+0x102/0x1b0 [ 157.348674] ? lock_acquire+0x427/0x4c0 [ 157.349013] ? __pfx_iommufd_test+0x10/0x10 [ 157.349371] ? __pfx_lock_release+0x10/0x10 [ 157.349742] ? __pfx_lock_acquire+0x10/0x10 [ 157.350108] ? write_comp_data+0x2f/0x90 [ 157.350457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.350887] ? write_comp_data+0x2f/0x90 [ 157.351249] iommufd_fops_ioctl+0x37d/0x510 [ 157.351620] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.352028] ? write_comp_data+0x2f/0x90 [ 157.352379] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.352785] __x64_sys_ioctl+0x1a3/0x230 [ 157.353136] do_syscall_64+0x3b/0x90 [ 157.353456] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.353901] RIP: 0033:0x7f4b8743ee5d [ 157.354213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.355751] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.356391] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.356986] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.357578] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.358175] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.358787] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.359392] [ 157.359588] irq event stamp: 0 [ 157.359849] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.360365] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.361055] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.361750] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.362278] ---[ end trace 0000000000000000 ]--- [ 157.365138] ------------[ cut here ]------------ [ 157.365560] WARNING: CPU: 1 PID: 1480 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.366391] Modules linked in: [ 157.366685] CPU: 1 PID: 1480 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.367414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.368344] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.368758] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.370249] RSP: 0018:ffff8880120e7bd0 EFLAGS: 00010246 [ 157.370717] RAX: 0000000000000000 RBX: ffff888010ffd8a8 RCX: 0000000000000000 [ 157.371315] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 157.371898] RBP: ffff8880120e7be8 R08: ffffed10021ffb33 R09: ffffed10021ffb33 [ 157.372491] R10: ffff888010ffd993 R11: ffffed10021ffb32 R12: ffff888014390c00 [ 157.373078] R13: ffff888010ffd9e8 R14: ffff888021887c00 R15: 0000000000000000 [ 157.373664] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.374325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.374831] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.375435] PKRU: 55555554 [ 157.375674] Call Trace: [ 157.375886] [ 157.376075] iommufd_access_destroy_object+0x65/0x170 [ 157.376517] iommufd_object_destroy_user+0x18e/0x220 [ 157.376945] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.377451] iommufd_access_destroy+0x43/0x70 [ 157.377848] iommufd_test_staccess_release+0x8d/0xd0 [ 157.378295] __fput+0x26d/0xa40 [ 157.378626] ____fput+0x1e/0x30 [ 157.378927] task_work_run+0x1a4/0x2d0 [ 157.379288] ? __pfx_task_work_run+0x10/0x10 [ 157.379679] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.380111] ? switch_task_namespaces+0xa9/0xe0 [ 157.380527] do_exit+0xb17/0x2ef0 [ 157.380826] ? lock_acquire+0x427/0x4c0 [ 157.381177] ? __pfx_lock_release+0x10/0x10 [ 157.381557] ? __kasan_check_write+0x18/0x20 [ 157.381948] ? do_raw_spin_lock+0x132/0x2a0 [ 157.382326] ? __pfx_do_exit+0x10/0x10 [ 157.382703] ? debug_smp_processor_id+0x20/0x30 [ 157.383128] ? rcu_is_watching+0x19/0xb0 [ 157.383496] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.383906] ? trace_hardirqs_on+0x26/0x120 [ 157.384300] do_group_exit+0xe0/0x2b0 [ 157.384641] __x64_sys_exit_group+0x47/0x50 [ 157.385028] do_syscall_64+0x3b/0x90 [ 157.385373] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.385850] RIP: 0033:0x7f4b87518a4d [ 157.386189] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.386764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.387443] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.388064] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.388686] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.389307] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.389938] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.390586] [ 157.390798] irq event stamp: 0 [ 157.391080] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.391640] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.392376] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.393104] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.393664] ---[ end trace 0000000000000000 ]--- [ 157.394430] ------------[ cut here ]------------ [ 157.394868] WARNING: CPU: 1 PID: 1480 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.395776] Modules linked in: [ 157.396069] CPU: 1 PID: 1480 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.396836] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.397823] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.398281] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.399898] RSP: 0018:ffff8880120e7b78 EFLAGS: 00010246 [ 157.400367] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.400983] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 157.401604] RBP: ffff8880120e7b98 R08: ffffed10021ffb3e R09: ffffed10021ffb3e [ 157.402223] R10: ffff888010ffd9ef R11: ffffed10021ffb3d R12: ffff888010ffda90 [ 157.402861] R13: ffff888010ffd8a8 R14: ffffffffffffffff R15: ffff8880120e7c60 [ 157.403501] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.404203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.404719] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.405348] PKRU: 55555554 [ 157.405600] Call Trace: [ 157.405827] [ 157.406029] iommufd_ioas_destroy+0x53/0x70 [ 157.406415] iommufd_fops_release+0x1f7/0x370 [ 157.406848] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.407304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.407742] ? write_comp_data+0x2f/0x90 [ 157.408108] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.408553] __fput+0x26d/0xa40 [ 157.408861] ____fput+0x1e/0x30 [ 157.409170] task_work_run+0x1a4/0x2d0 [ 157.409534] ? __pfx_task_work_run+0x10/0x10 [ 157.409934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.410377] ? switch_task_namespaces+0xa9/0xe0 [ 157.410844] do_exit+0xb17/0x2ef0 [ 157.411172] ? lock_acquire+0x427/0x4c0 [ 157.411534] ? __pfx_lock_release+0x10/0x10 [ 157.411919] ? __kasan_check_write+0x18/0x20 [ 157.412314] ? do_raw_spin_lock+0x132/0x2a0 [ 157.412704] ? __pfx_do_exit+0x10/0x10 [ 157.413062] ? debug_smp_processor_id+0x20/0x30 [ 157.413478] ? rcu_is_watching+0x19/0xb0 [ 157.413842] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.414243] ? trace_hardirqs_on+0x26/0x120 [ 157.414660] do_group_exit+0xe0/0x2b0 [ 157.415005] __x64_sys_exit_group+0x47/0x50 [ 157.415399] do_syscall_64+0x3b/0x90 [ 157.415738] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.416202] RIP: 0033:0x7f4b87518a4d [ 157.416530] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.417073] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.417734] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.418350] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.419002] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.419646] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.420272] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.420902] [ 157.421107] irq event stamp: 0 [ 157.421382] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.421936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.422693] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.423430] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.423980] ---[ end trace 0000000000000000 ]--- [ 157.428375] ------------[ cut here ]------------ [ 157.428851] WARNING: CPU: 1 PID: 1481 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.429780] Modules linked in: [ 157.430078] CPU: 1 PID: 1481 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.431294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.432339] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.432942] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.434656] RSP: 0018:ffff8880244a7bb8 EFLAGS: 00010246 [ 157.435166] RAX: 0000000000000000 RBX: ffff88800f7aa0a8 RCX: 0000000000000000 [ 157.435988] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 157.436655] RBP: ffff8880244a7bd0 R08: ffffed1001ef5433 R09: ffffed1001ef5433 [ 157.437329] R10: ffff88800f7aa193 R11: ffffed1001ef5432 R12: ffff888020fee800 [ 157.438160] R13: ffff88800f7aa1e8 R14: ffffffff8352e670 R15: ffff8880244a7e68 [ 157.438873] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.439654] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.440212] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 157.441039] PKRU: 55555554 [ 157.441320] Call Trace: [ 157.441568] [ 157.441791] __iommufd_access_detach+0x1c2/0x2b0 [ 157.442273] iommufd_access_change_pt+0x149/0x270 [ 157.442885] iommufd_access_replace+0xb4/0x120 [ 157.443348] iommufd_test+0x3e5/0x37e0 [ 157.443722] ? lock_release+0x532/0x770 [ 157.444109] ? __might_fault+0x102/0x1b0 [ 157.444504] ? lock_acquire+0x427/0x4c0 [ 157.444892] ? __pfx_iommufd_test+0x10/0x10 [ 157.445386] ? __pfx_lock_release+0x10/0x10 [ 157.445876] ? __pfx_lock_acquire+0x10/0x10 [ 157.446306] ? write_comp_data+0x2f/0x90 [ 157.446741] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.447236] ? write_comp_data+0x2f/0x90 [ 157.447639] iommufd_fops_ioctl+0x37d/0x510 [ 157.448138] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.448682] ? write_comp_data+0x2f/0x90 [ 157.449083] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.449551] __x64_sys_ioctl+0x1a3/0x230 [ 157.450002] do_syscall_64+0x3b/0x90 [ 157.450457] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.451177] RIP: 0033:0x7f4b8743ee5d [ 157.451578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.453573] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.454422] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.455211] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.455948] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.456887] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.457622] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.458381] [ 157.458719] irq event stamp: 0 [ 157.459153] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.459815] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.460673] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.461664] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.462396] ---[ end trace 0000000000000000 ]--- [ 157.465639] ------------[ cut here ]------------ [ 157.466161] WARNING: CPU: 1 PID: 1481 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.467428] Modules linked in: [ 157.467769] CPU: 1 PID: 1481 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.468653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.470023] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.470579] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.472653] RSP: 0018:ffff8880244a7bd0 EFLAGS: 00010246 [ 157.473203] RAX: 0000000000000000 RBX: ffff88800f7aa0a8 RCX: 0000000000000000 [ 157.473941] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 157.474758] RBP: ffff8880244a7be8 R08: ffffed1001ef5433 R09: ffffed1001ef5433 [ 157.475620] R10: ffff88800f7aa193 R11: ffffed1001ef5432 R12: ffff88800a724400 [ 157.476359] R13: ffff88800f7aa1e8 R14: ffff88801825a100 R15: 0000000000000000 [ 157.477105] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.478130] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.478768] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.479508] PKRU: 55555554 [ 157.479804] Call Trace: [ 157.480067] [ 157.480330] iommufd_access_destroy_object+0x65/0x170 [ 157.481027] iommufd_object_destroy_user+0x18e/0x220 [ 157.481560] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.482162] iommufd_access_destroy+0x43/0x70 [ 157.482686] iommufd_test_staccess_release+0x8d/0xd0 [ 157.483294] __fput+0x26d/0xa40 [ 157.483768] ____fput+0x1e/0x30 [ 157.484139] task_work_run+0x1a4/0x2d0 [ 157.484561] ? __pfx_task_work_run+0x10/0x10 [ 157.485041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.485578] ? switch_task_namespaces+0xa9/0xe0 [ 157.486282] do_exit+0xb17/0x2ef0 [ 157.486680] ? lock_acquire+0x427/0x4c0 [ 157.487121] ? __pfx_lock_release+0x10/0x10 [ 157.487597] ? __kasan_check_write+0x18/0x20 [ 157.488073] ? do_raw_spin_lock+0x132/0x2a0 [ 157.488537] ? __pfx_do_exit+0x10/0x10 [ 157.489095] ? debug_smp_processor_id+0x20/0x30 [ 157.489683] ? rcu_is_watching+0x19/0xb0 [ 157.490128] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.490648] ? trace_hardirqs_on+0x26/0x120 [ 157.491126] do_group_exit+0xe0/0x2b0 [ 157.491545] __x64_sys_exit_group+0x47/0x50 [ 157.492144] do_syscall_64+0x3b/0x90 [ 157.492639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.493201] RIP: 0033:0x7f4b87518a4d [ 157.493592] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.494230] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.495260] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.496017] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.496778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.497591] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.498461] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.499288] [ 157.499554] irq event stamp: 0 [ 157.499910] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.500781] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.501708] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.502646] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.503370] ---[ end trace 0000000000000000 ]--- [ 157.504445] ------------[ cut here ]------------ [ 157.504959] WARNING: CPU: 1 PID: 1481 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.506191] Modules linked in: [ 157.506576] CPU: 1 PID: 1481 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.507528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.508822] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.509453] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.511577] RSP: 0018:ffff8880244a7b78 EFLAGS: 00010246 [ 157.512153] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.512906] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 157.513653] RBP: ffff8880244a7b98 R08: ffffed1001ef543e R09: ffffed1001ef543e [ 157.514634] R10: ffff88800f7aa1ef R11: ffffed1001ef543d R12: ffff88800f7aa290 [ 157.515417] R13: ffff88800f7aa0a8 R14: ffffffffffffffff R15: ffff8880244a7c60 [ 157.516178] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.517213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.517823] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.518616] PKRU: 55555554 [ 157.518932] Call Trace: [ 157.519250] [ 157.519502] iommufd_ioas_destroy+0x53/0x70 [ 157.520185] iommufd_fops_release+0x1f7/0x370 [ 157.520679] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.521218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.521732] ? write_comp_data+0x2f/0x90 [ 157.522172] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.522915] __fput+0x26d/0xa40 [ 157.523305] ____fput+0x1e/0x30 [ 157.523665] task_work_run+0x1a4/0x2d0 [ 157.524085] ? __pfx_task_work_run+0x10/0x10 [ 157.524562] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.525097] ? switch_task_namespaces+0xa9/0xe0 [ 157.525796] do_exit+0xb17/0x2ef0 [ 157.526168] ? lock_acquire+0x427/0x4c0 [ 157.526633] ? __pfx_lock_release+0x10/0x10 [ 157.527104] ? __kasan_check_write+0x18/0x20 [ 157.527590] ? do_raw_spin_lock+0x132/0x2a0 [ 157.528053] ? __pfx_do_exit+0x10/0x10 [ 157.528588] ? debug_smp_processor_id+0x20/0x30 [ 157.529156] ? rcu_is_watching+0x19/0xb0 [ 157.529590] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.530079] ? trace_hardirqs_on+0x26/0x120 [ 157.530577] do_group_exit+0xe0/0x2b0 [ 157.530983] __x64_sys_exit_group+0x47/0x50 [ 157.531566] do_syscall_64+0x3b/0x90 [ 157.532050] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.532606] RIP: 0033:0x7f4b87518a4d [ 157.533006] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.533655] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.534693] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.535474] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.536227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.537108] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.537897] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.538681] [ 157.538934] irq event stamp: 0 [ 157.539274] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.540128] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.541016] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.541903] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.542807] ---[ end trace 0000000000000000 ]--- [ 157.547640] ------------[ cut here ]------------ [ 157.548246] WARNING: CPU: 1 PID: 1482 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.549385] Modules linked in: [ 157.549727] CPU: 1 PID: 1482 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.550807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.552074] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.552611] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.555002] RSP: 0018:ffff8880102afbb8 EFLAGS: 00010246 [ 157.555592] RAX: 0000000000000000 RBX: ffff888013efd0a8 RCX: 0000000000000000 [ 157.556348] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 157.557301] RBP: ffff8880102afbd0 R08: ffffed10027dfa33 R09: ffffed10027dfa33 [ 157.558056] R10: ffff888013efd193 R11: ffffed10027dfa32 R12: ffff888012d47400 [ 157.558841] R13: ffff888013efd1e8 R14: ffffffff8352e670 R15: ffff8880102afe68 [ 157.559646] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.560637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.561239] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 157.561991] PKRU: 55555554 [ 157.562401] Call Trace: [ 157.562775] [ 157.563019] __iommufd_access_detach+0x1c2/0x2b0 [ 157.563561] iommufd_access_change_pt+0x149/0x270 [ 157.564071] iommufd_access_replace+0xb4/0x120 [ 157.564564] iommufd_test+0x3e5/0x37e0 [ 157.565005] ? lock_release+0x532/0x770 [ 157.565569] ? __might_fault+0x102/0x1b0 [ 157.566008] ? lock_acquire+0x427/0x4c0 [ 157.566440] ? __pfx_iommufd_test+0x10/0x10 [ 157.566919] ? __pfx_lock_release+0x10/0x10 [ 157.567396] ? __pfx_lock_acquire+0x10/0x10 [ 157.567917] ? write_comp_data+0x2f/0x90 [ 157.568476] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.568997] ? write_comp_data+0x2f/0x90 [ 157.569435] iommufd_fops_ioctl+0x37d/0x510 [ 157.569893] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.570591] ? write_comp_data+0x2f/0x90 [ 157.571088] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.571614] __x64_sys_ioctl+0x1a3/0x230 [ 157.572062] do_syscall_64+0x3b/0x90 [ 157.572463] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.573008] RIP: 0033:0x7f4b8743ee5d [ 157.573572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.575530] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.576531] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.577266] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.578008] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.578969] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.579733] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.580483] [ 157.580732] irq event stamp: 0 [ 157.581094] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.581915] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.582818] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.583711] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.584379] ---[ end trace 0000000000000000 ]--- [ 157.587762] ------------[ cut here ]------------ [ 157.588292] WARNING: CPU: 1 PID: 1482 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.589352] Modules linked in: [ 157.589691] CPU: 1 PID: 1482 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.590633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.591824] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.592341] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.594241] RSP: 0018:ffff8880102afbd0 EFLAGS: 00010246 [ 157.594829] RAX: 0000000000000000 RBX: ffff888013efd0a8 RCX: 0000000000000000 [ 157.595587] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 157.596330] RBP: ffff8880102afbe8 R08: ffffed10027dfa33 R09: ffffed10027dfa33 [ 157.597080] R10: ffff888013efd193 R11: ffffed10027dfa32 R12: ffff888020fefc00 [ 157.597827] R13: ffff888013efd1e8 R14: ffff888020a38500 R15: 0000000000000000 [ 157.598626] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.599493] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.600099] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.600846] PKRU: 55555554 [ 157.601148] Call Trace: [ 157.601419] [ 157.601652] iommufd_access_destroy_object+0x65/0x170 [ 157.602193] iommufd_object_destroy_user+0x18e/0x220 [ 157.602758] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.603379] iommufd_access_destroy+0x43/0x70 [ 157.603863] iommufd_test_staccess_release+0x8d/0xd0 [ 157.604399] __fput+0x26d/0xa40 [ 157.604765] ____fput+0x1e/0x30 [ 157.605117] task_work_run+0x1a4/0x2d0 [ 157.605535] ? __pfx_task_work_run+0x10/0x10 [ 157.606000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.606544] ? switch_task_namespaces+0xa9/0xe0 [ 157.607050] do_exit+0xb17/0x2ef0 [ 157.607427] ? lock_acquire+0x427/0x4c0 [ 157.607858] ? __pfx_lock_release+0x10/0x10 [ 157.608319] ? __kasan_check_write+0x18/0x20 [ 157.608794] ? do_raw_spin_lock+0x132/0x2a0 [ 157.609259] ? __pfx_do_exit+0x10/0x10 [ 157.609678] ? debug_smp_processor_id+0x20/0x30 [ 157.610182] ? rcu_is_watching+0x19/0xb0 [ 157.610651] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.611156] ? trace_hardirqs_on+0x26/0x120 [ 157.611624] do_group_exit+0xe0/0x2b0 [ 157.612028] __x64_sys_exit_group+0x47/0x50 [ 157.612482] do_syscall_64+0x3b/0x90 [ 157.612879] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.613424] RIP: 0033:0x7f4b87518a4d [ 157.613814] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.614455] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.615284] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.616038] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.616780] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.617531] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.618285] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.619066] [ 157.619337] irq event stamp: 0 [ 157.619677] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.620344] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.621231] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.622110] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.622802] ---[ end trace 0000000000000000 ]--- [ 157.623717] ------------[ cut here ]------------ [ 157.624233] WARNING: CPU: 1 PID: 1482 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.625305] Modules linked in: [ 157.625645] CPU: 1 PID: 1482 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.626602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.627808] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.628354] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.630259] RSP: 0018:ffff8880102afb78 EFLAGS: 00010246 [ 157.630866] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.631630] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 157.632378] RBP: ffff8880102afb98 R08: ffffed10027dfa3e R09: ffffed10027dfa3e [ 157.633123] R10: ffff888013efd1ef R11: ffffed10027dfa3d R12: ffff888013efd290 [ 157.633873] R13: ffff888013efd0a8 R14: ffffffffffffffff R15: ffff8880102afc60 [ 157.634648] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.635507] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.636123] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.636901] PKRU: 55555554 [ 157.637205] Call Trace: [ 157.637475] [ 157.637709] iommufd_ioas_destroy+0x53/0x70 [ 157.638172] iommufd_fops_release+0x1f7/0x370 [ 157.638666] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.639202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.639733] ? write_comp_data+0x2f/0x90 [ 157.640180] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.640709] __fput+0x26d/0xa40 [ 157.641079] ____fput+0x1e/0x30 [ 157.641444] task_work_run+0x1a4/0x2d0 [ 157.641870] ? __pfx_task_work_run+0x10/0x10 [ 157.642358] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.642912] ? switch_task_namespaces+0xa9/0xe0 [ 157.643459] do_exit+0xb17/0x2ef0 [ 157.643837] ? lock_acquire+0x427/0x4c0 [ 157.644274] ? __pfx_lock_release+0x10/0x10 [ 157.644743] ? __kasan_check_write+0x18/0x20 [ 157.645220] ? do_raw_spin_lock+0x132/0x2a0 [ 157.645679] ? __pfx_do_exit+0x10/0x10 [ 157.646108] ? debug_smp_processor_id+0x20/0x30 [ 157.646642] ? rcu_is_watching+0x19/0xb0 [ 157.647077] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.647575] ? trace_hardirqs_on+0x26/0x120 [ 157.648041] do_group_exit+0xe0/0x2b0 [ 157.648447] __x64_sys_exit_group+0x47/0x50 [ 157.648898] do_syscall_64+0x3b/0x90 [ 157.649292] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.649844] RIP: 0033:0x7f4b87518a4d [ 157.650241] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.650908] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.651709] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.652453] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.653199] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.653948] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.654722] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.655503] [ 157.655747] irq event stamp: 0 [ 157.656073] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.656731] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.657595] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.658445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.659145] ---[ end trace 0000000000000000 ]--- [ 157.663492] ------------[ cut here ]------------ [ 157.664020] WARNING: CPU: 1 PID: 1483 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.665038] Modules linked in: [ 157.665365] CPU: 1 PID: 1483 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.666242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.667722] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.668240] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.670081] RSP: 0018:ffff888012c1fbb8 EFLAGS: 00010246 [ 157.670652] RAX: 0000000000000000 RBX: ffff88800cb928a8 RCX: 0000000000000000 [ 157.671393] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 157.672129] RBP: ffff888012c1fbd0 R08: ffffed1001972533 R09: ffffed1001972533 [ 157.672870] R10: ffff88800cb92993 R11: ffffed1001972532 R12: ffff88800ef56000 [ 157.673600] R13: ffff88800cb929e8 R14: ffffffff8352e670 R15: ffff888012c1fe68 [ 157.674324] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.675182] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.675774] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 157.676498] PKRU: 55555554 [ 157.676793] Call Trace: [ 157.677062] [ 157.677300] __iommufd_access_detach+0x1c2/0x2b0 [ 157.677799] iommufd_access_change_pt+0x149/0x270 [ 157.678298] iommufd_access_replace+0xb4/0x120 [ 157.678801] iommufd_test+0x3e5/0x37e0 [ 157.679219] ? lock_release+0x532/0x770 [ 157.679637] ? __might_fault+0x102/0x1b0 [ 157.680057] ? lock_acquire+0x427/0x4c0 [ 157.680469] ? __pfx_iommufd_test+0x10/0x10 [ 157.680908] ? __pfx_lock_release+0x10/0x10 [ 157.681375] ? __pfx_lock_acquire+0x10/0x10 [ 157.681822] ? write_comp_data+0x2f/0x90 [ 157.682229] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.682712] ? write_comp_data+0x2f/0x90 [ 157.683117] iommufd_fops_ioctl+0x37d/0x510 [ 157.683542] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.684006] ? write_comp_data+0x2f/0x90 [ 157.684396] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.684858] __x64_sys_ioctl+0x1a3/0x230 [ 157.685251] do_syscall_64+0x3b/0x90 [ 157.685611] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.686108] RIP: 0033:0x7f4b8743ee5d [ 157.686460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.688197] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.688924] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.689598] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.690275] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.690956] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.691628] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.692300] [ 157.692528] irq event stamp: 0 [ 157.692824] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.693420] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.694210] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.695013] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.695621] ---[ end trace 0000000000000000 ]--- [ 157.698894] ------------[ cut here ]------------ [ 157.699392] WARNING: CPU: 1 PID: 1483 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.700338] Modules linked in: [ 157.700642] CPU: 1 PID: 1483 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.701452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.702550] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.703026] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.704731] RSP: 0018:ffff888012c1fbd0 EFLAGS: 00010246 [ 157.705236] RAX: 0000000000000000 RBX: ffff88800cb928a8 RCX: 0000000000000000 [ 157.705902] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 157.706589] RBP: ffff888012c1fbe8 R08: ffffed1001972533 R09: ffffed1001972533 [ 157.707275] R10: ffff88800cb92993 R11: ffffed1001972532 R12: ffff888012d45800 [ 157.707938] R13: ffff88800cb929e8 R14: ffff88800f899800 R15: 0000000000000000 [ 157.708602] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.709354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.709897] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.710591] PKRU: 55555554 [ 157.710867] Call Trace: [ 157.711118] [ 157.711337] iommufd_access_destroy_object+0x65/0x170 [ 157.711832] iommufd_object_destroy_user+0x18e/0x220 [ 157.712318] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.712860] iommufd_access_destroy+0x43/0x70 [ 157.713288] iommufd_test_staccess_release+0x8d/0xd0 [ 157.713772] __fput+0x26d/0xa40 [ 157.714093] ____fput+0x1e/0x30 [ 157.714408] task_work_run+0x1a4/0x2d0 [ 157.714803] ? __pfx_task_work_run+0x10/0x10 [ 157.715232] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.715690] ? switch_task_namespaces+0xa9/0xe0 [ 157.716142] do_exit+0xb17/0x2ef0 [ 157.716463] ? lock_acquire+0x427/0x4c0 [ 157.716843] ? __pfx_lock_release+0x10/0x10 [ 157.717256] ? __kasan_check_write+0x18/0x20 [ 157.717667] ? do_raw_spin_lock+0x132/0x2a0 [ 157.718066] ? __pfx_do_exit+0x10/0x10 [ 157.718434] ? debug_smp_processor_id+0x20/0x30 [ 157.718905] ? rcu_is_watching+0x19/0xb0 [ 157.719301] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.719727] ? trace_hardirqs_on+0x26/0x120 [ 157.720133] do_group_exit+0xe0/0x2b0 [ 157.720491] __x64_sys_exit_group+0x47/0x50 [ 157.720890] do_syscall_64+0x3b/0x90 [ 157.721245] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.721732] RIP: 0033:0x7f4b87518a4d [ 157.722079] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.722662] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.723373] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.724035] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.724705] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.725600] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.726267] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.726947] [ 157.727226] irq event stamp: 0 [ 157.727634] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.728219] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.728989] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.729920] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.730503] ---[ end trace 0000000000000000 ]--- [ 157.731328] ------------[ cut here ]------------ [ 157.731765] WARNING: CPU: 1 PID: 1483 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.732884] Modules linked in: [ 157.733183] CPU: 1 PID: 1483 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.733990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.735223] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.735710] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.737534] RSP: 0018:ffff888012c1fb78 EFLAGS: 00010246 [ 157.738027] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.738711] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 157.739448] RBP: ffff888012c1fb98 R08: ffffed100197253e R09: ffffed100197253e [ 157.740451] R10: ffff88800cb929ef R11: ffffed100197253d R12: ffff88800cb92a90 [ 157.741332] R13: ffff88800cb928a8 R14: ffffffffffffffff R15: ffff888012c1fc60 [ 157.742226] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.742990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.743537] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.744358] PKRU: 55555554 [ 157.744621] Call Trace: [ 157.744856] [ 157.745064] iommufd_ioas_destroy+0x53/0x70 [ 157.745471] iommufd_fops_release+0x1f7/0x370 [ 157.745888] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.746538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.747001] ? write_comp_data+0x2f/0x90 [ 157.747392] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.747857] __fput+0x26d/0xa40 [ 157.748180] ____fput+0x1e/0x30 [ 157.748496] task_work_run+0x1a4/0x2d0 [ 157.749007] ? __pfx_task_work_run+0x10/0x10 [ 157.749421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.749877] ? switch_task_namespaces+0xa9/0xe0 [ 157.750328] do_exit+0xb17/0x2ef0 [ 157.750681] ? lock_acquire+0x427/0x4c0 [ 157.751058] ? __pfx_lock_release+0x10/0x10 [ 157.751615] ? __kasan_check_write+0x18/0x20 [ 157.752030] ? do_raw_spin_lock+0x132/0x2a0 [ 157.752428] ? __pfx_do_exit+0x10/0x10 [ 157.752797] ? debug_smp_processor_id+0x20/0x30 [ 157.753236] ? rcu_is_watching+0x19/0xb0 [ 157.753773] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.754201] ? trace_hardirqs_on+0x26/0x120 [ 157.754633] do_group_exit+0xe0/0x2b0 [ 157.754991] __x64_sys_exit_group+0x47/0x50 [ 157.755398] do_syscall_64+0x3b/0x90 [ 157.755757] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.756391] RIP: 0033:0x7f4b87518a4d [ 157.756744] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.757310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.758054] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.758812] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.759480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.760134] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.760951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.761610] [ 157.761829] irq event stamp: 0 [ 157.762119] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.762848] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.763631] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.764401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.765017] ---[ end trace 0000000000000000 ]--- [ 157.769996] ------------[ cut here ]------------ [ 157.770483] WARNING: CPU: 1 PID: 1484 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.771648] Modules linked in: [ 157.771956] CPU: 1 PID: 1484 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.772767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.773934] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.774397] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.776262] RSP: 0018:ffff8880102afbb8 EFLAGS: 00010246 [ 157.776764] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 157.777422] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 157.778232] RBP: ffff8880102afbd0 R08: ffffed100173f333 R09: ffffed100173f333 [ 157.778917] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff8880141ea400 [ 157.779591] R13: ffff88800b9f99e8 R14: ffffffff8352e670 R15: ffff8880102afe68 [ 157.780341] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.781151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.781694] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 157.782493] PKRU: 55555554 [ 157.782793] Call Trace: [ 157.783036] [ 157.783266] __iommufd_access_detach+0x1c2/0x2b0 [ 157.783727] iommufd_access_change_pt+0x149/0x270 [ 157.784186] iommufd_access_replace+0xb4/0x120 [ 157.784668] iommufd_test+0x3e5/0x37e0 [ 157.785128] ? lock_release+0x532/0x770 [ 157.785514] ? __might_fault+0x102/0x1b0 [ 157.785900] ? lock_acquire+0x427/0x4c0 [ 157.786283] ? __pfx_iommufd_test+0x10/0x10 [ 157.786732] ? __pfx_lock_release+0x10/0x10 [ 157.787241] ? __pfx_lock_acquire+0x10/0x10 [ 157.787653] ? write_comp_data+0x2f/0x90 [ 157.788044] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.788508] ? write_comp_data+0x2f/0x90 [ 157.788895] iommufd_fops_ioctl+0x37d/0x510 [ 157.789402] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.789934] ? write_comp_data+0x2f/0x90 [ 157.790323] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.790800] __x64_sys_ioctl+0x1a3/0x230 [ 157.791209] do_syscall_64+0x3b/0x90 [ 157.791564] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.792205] RIP: 0033:0x7f4b8743ee5d [ 157.792550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.794372] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.795099] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.795771] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.796589] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.797242] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.797893] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.798723] [ 157.798940] irq event stamp: 0 [ 157.799246] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.799831] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.800630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.801507] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.802086] ---[ end trace 0000000000000000 ]--- [ 157.805395] ------------[ cut here ]------------ [ 157.805868] WARNING: CPU: 1 PID: 1484 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.806872] Modules linked in: [ 157.807191] CPU: 1 PID: 1484 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.807991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.809024] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.809481] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.811201] RSP: 0018:ffff8880102afbd0 EFLAGS: 00010246 [ 157.811693] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 157.812338] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 157.812983] RBP: ffff8880102afbe8 R08: ffffed100173f333 R09: ffffed100173f333 [ 157.813628] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff88800ef57800 [ 157.814279] R13: ffff88800b9f99e8 R14: ffff88800af2fd00 R15: 0000000000000000 [ 157.814959] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.815712] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.816247] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 157.816901] PKRU: 55555554 [ 157.817162] Call Trace: [ 157.817403] [ 157.817615] iommufd_access_destroy_object+0x65/0x170 [ 157.818091] iommufd_object_destroy_user+0x18e/0x220 [ 157.818577] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.819119] iommufd_access_destroy+0x43/0x70 [ 157.819545] iommufd_test_staccess_release+0x8d/0xd0 [ 157.820032] __fput+0x26d/0xa40 [ 157.820351] ____fput+0x1e/0x30 [ 157.820664] task_work_run+0x1a4/0x2d0 [ 157.821032] ? __pfx_task_work_run+0x10/0x10 [ 157.821442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.821902] ? switch_task_namespaces+0xa9/0xe0 [ 157.822340] do_exit+0xb17/0x2ef0 [ 157.822688] ? lock_acquire+0x427/0x4c0 [ 157.823077] ? __pfx_lock_release+0x10/0x10 [ 157.823498] ? __kasan_check_write+0x18/0x20 [ 157.823916] ? do_raw_spin_lock+0x132/0x2a0 [ 157.824315] ? __pfx_do_exit+0x10/0x10 [ 157.824691] ? debug_smp_processor_id+0x20/0x30 [ 157.825125] ? rcu_is_watching+0x19/0xb0 [ 157.825505] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.825926] ? trace_hardirqs_on+0x26/0x120 [ 157.826328] do_group_exit+0xe0/0x2b0 [ 157.826703] __x64_sys_exit_group+0x47/0x50 [ 157.827102] do_syscall_64+0x3b/0x90 [ 157.827462] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.827942] RIP: 0033:0x7f4b87518a4d [ 157.828282] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.828841] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.829530] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.830176] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.830847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.831504] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.832159] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.832820] [ 157.833036] irq event stamp: 0 [ 157.833323] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.833901] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.834683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.835459] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.836007] ---[ end trace 0000000000000000 ]--- [ 157.836777] ------------[ cut here ]------------ [ 157.837189] WARNING: CPU: 1 PID: 1484 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.838072] Modules linked in: [ 157.838355] CPU: 1 PID: 1484 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.839150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.840128] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.840574] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.842144] RSP: 0018:ffff8880102afb78 EFLAGS: 00010246 [ 157.842622] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.843250] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 157.843865] RBP: ffff8880102afb98 R08: ffffed100173f33e R09: ffffed100173f33e [ 157.844482] R10: ffff88800b9f99ef R11: ffffed100173f33d R12: ffff88800b9f9a90 [ 157.845092] R13: ffff88800b9f98a8 R14: ffffffffffffffff R15: ffff8880102afc60 [ 157.845714] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.846409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.846934] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 157.847566] PKRU: 55555554 [ 157.847812] Call Trace: [ 157.848036] [ 157.848234] iommufd_ioas_destroy+0x53/0x70 [ 157.848616] iommufd_fops_release+0x1f7/0x370 [ 157.849012] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.849455] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.849888] ? write_comp_data+0x2f/0x90 [ 157.850256] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.850709] __fput+0x26d/0xa40 [ 157.851014] ____fput+0x1e/0x30 [ 157.851325] task_work_run+0x1a4/0x2d0 [ 157.851676] ? __pfx_task_work_run+0x10/0x10 [ 157.852066] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.852496] ? switch_task_namespaces+0xa9/0xe0 [ 157.852910] do_exit+0xb17/0x2ef0 [ 157.853215] ? lock_acquire+0x427/0x4c0 [ 157.853573] ? __pfx_lock_release+0x10/0x10 [ 157.853956] ? __kasan_check_write+0x18/0x20 [ 157.854347] ? do_raw_spin_lock+0x132/0x2a0 [ 157.854748] ? __pfx_do_exit+0x10/0x10 [ 157.855103] ? debug_smp_processor_id+0x20/0x30 [ 157.855518] ? rcu_is_watching+0x19/0xb0 [ 157.855876] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.856278] ? trace_hardirqs_on+0x26/0x120 [ 157.856660] do_group_exit+0xe0/0x2b0 [ 157.856994] __x64_sys_exit_group+0x47/0x50 [ 157.857371] do_syscall_64+0x3b/0x90 [ 157.857707] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.858164] RIP: 0033:0x7f4b87518a4d [ 157.858494] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.859056] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.859735] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.860353] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.860966] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.861592] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.862204] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.862856] [ 157.863064] irq event stamp: 0 [ 157.863348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.863895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.864626] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.865351] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.865903] ---[ end trace 0000000000000000 ]--- [ 157.871038] ------------[ cut here ]------------ [ 157.871509] WARNING: CPU: 1 PID: 1485 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.872398] Modules linked in: [ 157.872679] CPU: 1 PID: 1485 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.873433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.874403] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.874888] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.876479] RSP: 0018:ffff88801596fbb8 EFLAGS: 00010246 [ 157.876943] RAX: 0000000000000000 RBX: ffff888012c1a8a8 RCX: 0000000000000000 [ 157.877555] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 157.878167] RBP: ffff88801596fbd0 R08: ffffed1002583533 R09: ffffed1002583533 [ 157.878803] R10: ffff888012c1a993 R11: ffffed1002583532 R12: ffff888010c09400 [ 157.879431] R13: ffff888012c1a9e8 R14: ffffffff8352e670 R15: ffff88801596fe68 [ 157.880045] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.880726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.881218] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 157.881823] PKRU: 55555554 [ 157.882066] Call Trace: [ 157.882285] [ 157.882479] __iommufd_access_detach+0x1c2/0x2b0 [ 157.882928] iommufd_access_change_pt+0x149/0x270 [ 157.883365] iommufd_access_replace+0xb4/0x120 [ 157.883768] iommufd_test+0x3e5/0x37e0 [ 157.884107] ? lock_release+0x532/0x770 [ 157.884460] ? __might_fault+0x102/0x1b0 [ 157.884816] ? lock_acquire+0x427/0x4c0 [ 157.885170] ? __pfx_iommufd_test+0x10/0x10 [ 157.885537] ? __pfx_lock_release+0x10/0x10 [ 157.885915] ? __pfx_lock_acquire+0x10/0x10 [ 157.886297] ? write_comp_data+0x2f/0x90 [ 157.886669] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.887076] ? write_comp_data+0x2f/0x90 [ 157.887430] iommufd_fops_ioctl+0x37d/0x510 [ 157.887799] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.888205] ? write_comp_data+0x2f/0x90 [ 157.888553] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.888959] __x64_sys_ioctl+0x1a3/0x230 [ 157.889309] do_syscall_64+0x3b/0x90 [ 157.889626] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.890060] RIP: 0033:0x7f4b8743ee5d [ 157.890369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.891885] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.892513] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.893099] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.893679] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.894262] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.894864] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.895468] [ 157.895665] irq event stamp: 0 [ 157.895926] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.896439] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.897119] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.897799] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.898312] ---[ end trace 0000000000000000 ]--- [ 157.901176] ------------[ cut here ]------------ [ 157.901593] WARNING: CPU: 1 PID: 1485 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.902416] Modules linked in: [ 157.902726] CPU: 1 PID: 1485 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.903455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.904383] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.904800] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.906299] RSP: 0018:ffff88801596fbd0 EFLAGS: 00010246 [ 157.906763] RAX: 0000000000000000 RBX: ffff888012c1a8a8 RCX: 0000000000000000 [ 157.907349] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 157.907924] RBP: ffff88801596fbe8 R08: ffffed1002583533 R09: ffffed1002583533 [ 157.908508] R10: ffff888012c1a993 R11: ffffed1002583532 R12: ffff8880141e8800 [ 157.909089] R13: ffff888012c1a9e8 R14: ffff888010fd7000 R15: 0000000000000000 [ 157.909670] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.910322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.910815] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.911407] PKRU: 55555554 [ 157.911642] Call Trace: [ 157.911852] [ 157.912038] iommufd_access_destroy_object+0x65/0x170 [ 157.912472] iommufd_object_destroy_user+0x18e/0x220 [ 157.912897] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 157.913380] iommufd_access_destroy+0x43/0x70 [ 157.913757] iommufd_test_staccess_release+0x8d/0xd0 [ 157.914181] __fput+0x26d/0xa40 [ 157.914467] ____fput+0x1e/0x30 [ 157.914764] task_work_run+0x1a4/0x2d0 [ 157.915096] ? __pfx_task_work_run+0x10/0x10 [ 157.915473] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.915882] ? switch_task_namespaces+0xa9/0xe0 [ 157.916276] do_exit+0xb17/0x2ef0 [ 157.916561] ? lock_acquire+0x427/0x4c0 [ 157.916897] ? __pfx_lock_release+0x10/0x10 [ 157.917261] ? __kasan_check_write+0x18/0x20 [ 157.917635] ? do_raw_spin_lock+0x132/0x2a0 [ 157.917992] ? __pfx_do_exit+0x10/0x10 [ 157.918321] ? debug_smp_processor_id+0x20/0x30 [ 157.918733] ? rcu_is_watching+0x19/0xb0 [ 157.919072] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.919463] ? trace_hardirqs_on+0x26/0x120 [ 157.919826] do_group_exit+0xe0/0x2b0 [ 157.920143] __x64_sys_exit_group+0x47/0x50 [ 157.920508] do_syscall_64+0x3b/0x90 [ 157.920826] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.921258] RIP: 0033:0x7f4b87518a4d [ 157.921567] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.922067] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.922709] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.923307] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.923889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.924468] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.925048] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.925639] [ 157.925833] irq event stamp: 0 [ 157.926091] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.926632] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.927326] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.928010] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.928522] ---[ end trace 0000000000000000 ]--- [ 157.929247] ------------[ cut here ]------------ [ 157.929638] WARNING: CPU: 1 PID: 1485 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 157.930486] Modules linked in: [ 157.930772] CPU: 1 PID: 1485 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.931506] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.932432] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 157.932855] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 157.934361] RSP: 0018:ffff88801596fb78 EFLAGS: 00010246 [ 157.934819] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 157.935409] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 157.935989] RBP: ffff88801596fb98 R08: ffffed100258353e R09: ffffed100258353e [ 157.936572] R10: ffff888012c1a9ef R11: ffffed100258353d R12: ffff888012c1aa90 [ 157.937151] R13: ffff888012c1a8a8 R14: ffffffffffffffff R15: ffff88801596fc60 [ 157.937730] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.938384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.938880] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 157.939485] PKRU: 55555554 [ 157.939718] Call Trace: [ 157.939928] [ 157.940117] iommufd_ioas_destroy+0x53/0x70 [ 157.940478] iommufd_fops_release+0x1f7/0x370 [ 157.940853] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.941266] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.941677] ? write_comp_data+0x2f/0x90 [ 157.942019] ? __pfx_iommufd_fops_release+0x10/0x10 [ 157.942432] __fput+0x26d/0xa40 [ 157.942745] ____fput+0x1e/0x30 [ 157.943031] task_work_run+0x1a4/0x2d0 [ 157.943373] ? __pfx_task_work_run+0x10/0x10 [ 157.943740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.944147] ? switch_task_namespaces+0xa9/0xe0 [ 157.944546] do_exit+0xb17/0x2ef0 [ 157.944833] ? lock_acquire+0x427/0x4c0 [ 157.945167] ? __pfx_lock_release+0x10/0x10 [ 157.945526] ? __kasan_check_write+0x18/0x20 [ 157.945890] ? do_raw_spin_lock+0x132/0x2a0 [ 157.946243] ? __pfx_do_exit+0x10/0x10 [ 157.946592] ? debug_smp_processor_id+0x20/0x30 [ 157.946981] ? rcu_is_watching+0x19/0xb0 [ 157.947337] ? _raw_spin_unlock_irq+0x2b/0x60 [ 157.947715] ? trace_hardirqs_on+0x26/0x120 [ 157.948078] do_group_exit+0xe0/0x2b0 [ 157.948398] __x64_sys_exit_group+0x47/0x50 [ 157.948751] do_syscall_64+0x3b/0x90 [ 157.949071] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.949507] RIP: 0033:0x7f4b87518a4d [ 157.949813] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 157.950317] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 157.950964] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 157.951567] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 157.952158] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 157.952740] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 157.953321] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 157.953912] [ 157.954104] irq event stamp: 0 [ 157.954361] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.954898] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.955605] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.956284] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.956795] ---[ end trace 0000000000000000 ]--- [ 157.961124] ------------[ cut here ]------------ [ 157.961549] WARNING: CPU: 1 PID: 1486 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.962374] Modules linked in: [ 157.962824] CPU: 1 PID: 1486 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.963555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.964469] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.964875] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.966351] RSP: 0018:ffff8880245d7bb8 EFLAGS: 00010246 [ 157.966807] RAX: 0000000000000000 RBX: ffff8880182488a8 RCX: 0000000000000000 [ 157.967401] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 157.967984] RBP: ffff8880245d7bd0 R08: ffffed1003049133 R09: ffffed1003049133 [ 157.968562] R10: ffff888018248993 R11: ffffed1003049132 R12: ffff8880138af800 [ 157.969141] R13: ffff8880182489e8 R14: ffffffff8352e670 R15: ffff8880245d7e68 [ 157.969724] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 157.970380] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.970876] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 157.971479] PKRU: 55555554 [ 157.971715] Call Trace: [ 157.971923] [ 157.972109] __iommufd_access_detach+0x1c2/0x2b0 [ 157.972513] iommufd_access_change_pt+0x149/0x270 [ 157.972919] iommufd_access_replace+0xb4/0x120 [ 157.973308] iommufd_test+0x3e5/0x37e0 [ 157.973630] ? lock_release+0x532/0x770 [ 157.973966] ? __might_fault+0x102/0x1b0 [ 157.974308] ? lock_acquire+0x427/0x4c0 [ 157.974659] ? __pfx_iommufd_test+0x10/0x10 [ 157.975019] ? __pfx_lock_release+0x10/0x10 [ 157.975395] ? __pfx_lock_acquire+0x10/0x10 [ 157.975761] ? write_comp_data+0x2f/0x90 [ 157.976107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 157.976513] ? write_comp_data+0x2f/0x90 [ 157.976857] iommufd_fops_ioctl+0x37d/0x510 [ 157.977221] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.977626] ? write_comp_data+0x2f/0x90 [ 157.977969] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 157.978370] __x64_sys_ioctl+0x1a3/0x230 [ 157.978739] do_syscall_64+0x3b/0x90 [ 157.979058] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.979505] RIP: 0033:0x7f4b8743ee5d [ 157.979815] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 157.981311] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 157.981939] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 157.982549] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 157.983157] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 157.983749] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 157.984511] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 157.985115] [ 157.985313] irq event stamp: 0 [ 157.985573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 157.986113] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 157.986947] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 157.987640] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 157.988158] ---[ end trace 0000000000000000 ]--- [ 157.991125] ------------[ cut here ]------------ [ 157.991546] WARNING: CPU: 1 PID: 1486 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 157.992372] Modules linked in: [ 157.992715] CPU: 1 PID: 1486 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 157.993468] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 157.994403] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 157.994953] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 157.996455] RSP: 0018:ffff8880245d7bd0 EFLAGS: 00010246 [ 157.996972] RAX: 0000000000000000 RBX: ffff8880182488a8 RCX: 0000000000000000 [ 157.997602] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 157.998188] RBP: ffff8880245d7be8 R08: ffffed1003049133 R09: ffffed1003049133 [ 157.998830] R10: ffff888018248993 R11: ffffed1003049132 R12: ffff888010c08800 [ 157.999488] R13: ffff8880182489e8 R14: ffff888016e16600 R15: 0000000000000000 [ 158.000072] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.000735] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.001338] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.001923] PKRU: 55555554 [ 158.002156] Call Trace: [ 158.002366] [ 158.002583] iommufd_access_destroy_object+0x65/0x170 [ 158.003020] iommufd_object_destroy_user+0x18e/0x220 [ 158.003569] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.004052] iommufd_access_destroy+0x43/0x70 [ 158.004431] iommufd_test_staccess_release+0x8d/0xd0 [ 158.004861] __fput+0x26d/0xa40 [ 158.005210] ____fput+0x1e/0x30 [ 158.005541] task_work_run+0x1a4/0x2d0 [ 158.005874] ? __pfx_task_work_run+0x10/0x10 [ 158.006247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.006684] ? switch_task_namespaces+0xa9/0xe0 [ 158.007080] do_exit+0xb17/0x2ef0 [ 158.007408] ? lock_acquire+0x427/0x4c0 [ 158.007828] ? __pfx_lock_release+0x10/0x10 [ 158.008191] ? __kasan_check_write+0x18/0x20 [ 158.008558] ? do_raw_spin_lock+0x132/0x2a0 [ 158.008918] ? __pfx_do_exit+0x10/0x10 [ 158.009264] ? debug_smp_processor_id+0x20/0x30 [ 158.009738] ? rcu_is_watching+0x19/0xb0 [ 158.010078] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.010459] ? trace_hardirqs_on+0x26/0x120 [ 158.010843] do_group_exit+0xe0/0x2b0 [ 158.011172] __x64_sys_exit_group+0x47/0x50 [ 158.011530] do_syscall_64+0x3b/0x90 [ 158.011963] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.012399] RIP: 0033:0x7f4b87518a4d [ 158.012704] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.013211] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.013976] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.014602] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.015213] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.015819] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.016557] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.017166] [ 158.017370] irq event stamp: 0 [ 158.017640] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.018310] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.019054] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.019774] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.020401] ---[ end trace 0000000000000000 ]--- [ 158.021230] ------------[ cut here ]------------ [ 158.021639] WARNING: CPU: 1 PID: 1486 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.022731] Modules linked in: [ 158.023013] CPU: 1 PID: 1486 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.023932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.025008] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.025457] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.027192] RSP: 0018:ffff8880245d7b78 EFLAGS: 00010246 [ 158.027660] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.028263] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 158.029004] RBP: ffff8880245d7b98 R08: ffffed100304913e R09: ffffed100304913e [ 158.029605] R10: ffff8880182489ef R11: ffffed100304913d R12: ffff888018248a90 [ 158.030209] R13: ffff8880182488a8 R14: ffffffffffffffff R15: ffff8880245d7c60 [ 158.030882] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.031625] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.032120] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.032732] PKRU: 55555554 [ 158.033062] Call Trace: [ 158.033333] [ 158.033530] iommufd_ioas_destroy+0x53/0x70 [ 158.033911] iommufd_fops_release+0x1f7/0x370 [ 158.034305] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.034759] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.035338] ? write_comp_data+0x2f/0x90 [ 158.035698] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.036137] __fput+0x26d/0xa40 [ 158.036441] ____fput+0x1e/0x30 [ 158.036733] task_work_run+0x1a4/0x2d0 [ 158.037077] ? __pfx_task_work_run+0x10/0x10 [ 158.037599] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.038022] ? switch_task_namespaces+0xa9/0xe0 [ 158.038433] do_exit+0xb17/0x2ef0 [ 158.038761] ? lock_acquire+0x427/0x4c0 [ 158.039120] ? __pfx_lock_release+0x10/0x10 [ 158.039506] ? __kasan_check_write+0x18/0x20 [ 158.040016] ? do_raw_spin_lock+0x132/0x2a0 [ 158.040406] ? __pfx_do_exit+0x10/0x10 [ 158.040761] ? debug_smp_processor_id+0x20/0x30 [ 158.041174] ? rcu_is_watching+0x19/0xb0 [ 158.041549] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.042065] ? trace_hardirqs_on+0x26/0x120 [ 158.042455] do_group_exit+0xe0/0x2b0 [ 158.042819] __x64_sys_exit_group+0x47/0x50 [ 158.043221] do_syscall_64+0x3b/0x90 [ 158.043559] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.044046] RIP: 0033:0x7f4b87518a4d [ 158.044475] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.045016] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.045680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.046435] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.047092] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.047721] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.048339] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.049119] [ 158.049330] irq event stamp: 0 [ 158.049608] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.050161] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.051063] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.051814] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.052366] ---[ end trace 0000000000000000 ]--- [ 158.056616] ------------[ cut here ]------------ [ 158.057052] WARNING: CPU: 1 PID: 1487 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.058066] Modules linked in: [ 158.058347] CPU: 1 PID: 1487 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.059328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.060452] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.060881] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.062600] RSP: 0018:ffff8880121ffbb8 EFLAGS: 00010246 [ 158.063060] RAX: 0000000000000000 RBX: ffff888010dfe8a8 RCX: 0000000000000000 [ 158.063682] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 158.064330] RBP: ffff8880121ffbd0 R08: ffffed10021bfd33 R09: ffffed10021bfd33 [ 158.065044] R10: ffff888010dfe993 R11: ffffed10021bfd32 R12: ffff888010c54400 [ 158.065664] R13: ffff888010dfe9e8 R14: ffffffff8352e670 R15: ffff8880121ffe68 [ 158.066323] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.067137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.067655] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ee0 [ 158.068286] PKRU: 55555554 [ 158.068537] Call Trace: [ 158.068841] [ 158.069090] __iommufd_access_detach+0x1c2/0x2b0 [ 158.069526] iommufd_access_change_pt+0x149/0x270 [ 158.069958] iommufd_access_replace+0xb4/0x120 [ 158.070372] iommufd_test+0x3e5/0x37e0 [ 158.070794] ? lock_release+0x532/0x770 [ 158.071207] ? __might_fault+0x102/0x1b0 [ 158.071574] ? lock_acquire+0x427/0x4c0 [ 158.071931] ? __pfx_iommufd_test+0x10/0x10 [ 158.072309] ? __pfx_lock_release+0x10/0x10 [ 158.072691] ? __pfx_lock_acquire+0x10/0x10 [ 158.073099] ? write_comp_data+0x2f/0x90 [ 158.073559] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.073991] ? write_comp_data+0x2f/0x90 [ 158.074359] iommufd_fops_ioctl+0x37d/0x510 [ 158.074761] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.075202] ? write_comp_data+0x2f/0x90 [ 158.075605] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.076115] __x64_sys_ioctl+0x1a3/0x230 [ 158.076484] do_syscall_64+0x3b/0x90 [ 158.076824] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.077292] RIP: 0033:0x7f4b8743ee5d [ 158.077677] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.079364] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.080127] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.080796] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.081418] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.082099] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.082807] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.083447] [ 158.083652] irq event stamp: 0 [ 158.083927] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.084611] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.085341] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.086068] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.086767] ---[ end trace 0000000000000000 ]--- [ 158.089733] ------------[ cut here ]------------ [ 158.090180] WARNING: CPU: 1 PID: 1487 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.091313] Modules linked in: [ 158.091619] CPU: 1 PID: 1487 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.092417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.093605] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.094065] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.095910] RSP: 0018:ffff8880121ffbd0 EFLAGS: 00010246 [ 158.096408] RAX: 0000000000000000 RBX: ffff888010dfe8a8 RCX: 0000000000000000 [ 158.097057] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 158.097840] RBP: ffff8880121ffbe8 R08: ffffed10021bfd33 R09: ffffed10021bfd33 [ 158.098501] R10: ffff888010dfe993 R11: ffffed10021bfd32 R12: ffff8880138ae800 [ 158.099203] R13: ffff888010dfe9e8 R14: ffff88800faefc00 R15: 0000000000000000 [ 158.099896] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.100742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.101276] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.101928] PKRU: 55555554 [ 158.102187] Call Trace: [ 158.102426] [ 158.102662] iommufd_access_destroy_object+0x65/0x170 [ 158.103162] iommufd_object_destroy_user+0x18e/0x220 [ 158.103637] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.104172] iommufd_access_destroy+0x43/0x70 [ 158.104593] iommufd_test_staccess_release+0x8d/0xd0 [ 158.105071] __fput+0x26d/0xa40 [ 158.105390] ____fput+0x1e/0x30 [ 158.105699] task_work_run+0x1a4/0x2d0 [ 158.106063] ? __pfx_task_work_run+0x10/0x10 [ 158.106465] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.106945] ? switch_task_namespaces+0xa9/0xe0 [ 158.107400] do_exit+0xb17/0x2ef0 [ 158.107722] ? lock_acquire+0x427/0x4c0 [ 158.108100] ? __pfx_lock_release+0x10/0x10 [ 158.108505] ? __kasan_check_write+0x18/0x20 [ 158.108910] ? do_raw_spin_lock+0x132/0x2a0 [ 158.109308] ? __pfx_do_exit+0x10/0x10 [ 158.109676] ? debug_smp_processor_id+0x20/0x30 [ 158.110105] ? rcu_is_watching+0x19/0xb0 [ 158.110480] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.110917] ? trace_hardirqs_on+0x26/0x120 [ 158.111324] do_group_exit+0xe0/0x2b0 [ 158.111675] __x64_sys_exit_group+0x47/0x50 [ 158.112068] do_syscall_64+0x3b/0x90 [ 158.112424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.112909] RIP: 0033:0x7f4b87518a4d [ 158.113248] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.113805] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.114527] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.115183] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.115830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.116473] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.117129] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.117781] [ 158.117999] irq event stamp: 0 [ 158.118287] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.118878] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.119647] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.120402] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.120971] ---[ end trace 0000000000000000 ]--- [ 158.121758] ------------[ cut here ]------------ [ 158.122182] WARNING: CPU: 1 PID: 1487 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.123081] Modules linked in: [ 158.123371] CPU: 1 PID: 1487 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.124135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.125109] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.125573] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.127164] RSP: 0018:ffff8880121ffb78 EFLAGS: 00010246 [ 158.127631] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.128245] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 158.128859] RBP: ffff8880121ffb98 R08: ffffed10021bfd3e R09: ffffed10021bfd3e [ 158.129470] R10: ffff888010dfe9ef R11: ffffed10021bfd3d R12: ffff888010dfea90 [ 158.130084] R13: ffff888010dfe8a8 R14: ffffffffffffffff R15: ffff8880121ffc60 [ 158.130720] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.131430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.131934] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.132549] PKRU: 55555554 [ 158.132796] Call Trace: [ 158.133021] [ 158.133217] iommufd_ioas_destroy+0x53/0x70 [ 158.133604] iommufd_fops_release+0x1f7/0x370 [ 158.134002] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.134448] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.134897] ? write_comp_data+0x2f/0x90 [ 158.135274] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.135717] __fput+0x26d/0xa40 [ 158.136021] ____fput+0x1e/0x30 [ 158.136317] task_work_run+0x1a4/0x2d0 [ 158.136668] ? __pfx_task_work_run+0x10/0x10 [ 158.137057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.137489] ? switch_task_namespaces+0xa9/0xe0 [ 158.137910] do_exit+0xb17/0x2ef0 [ 158.138213] ? lock_acquire+0x427/0x4c0 [ 158.138598] ? __pfx_lock_release+0x10/0x10 [ 158.138984] ? __kasan_check_write+0x18/0x20 [ 158.139380] ? do_raw_spin_lock+0x132/0x2a0 [ 158.139762] ? __pfx_do_exit+0x10/0x10 [ 158.140114] ? debug_smp_processor_id+0x20/0x30 [ 158.140522] ? rcu_is_watching+0x19/0xb0 [ 158.140879] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.141281] ? trace_hardirqs_on+0x26/0x120 [ 158.141665] do_group_exit+0xe0/0x2b0 [ 158.142003] __x64_sys_exit_group+0x47/0x50 [ 158.142384] do_syscall_64+0x3b/0x90 [ 158.142736] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.143210] RIP: 0033:0x7f4b87518a4d [ 158.143539] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.144071] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.144733] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.145348] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.145963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.146591] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.147222] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.147844] [ 158.148049] irq event stamp: 0 [ 158.148328] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.148880] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.149615] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.150334] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.150899] ---[ end trace 0000000000000000 ]--- [ 158.154990] ------------[ cut here ]------------ [ 158.155454] WARNING: CPU: 1 PID: 1488 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.156330] Modules linked in: [ 158.156608] CPU: 1 PID: 1488 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.157360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.158327] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.158809] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.160393] RSP: 0018:ffff888016cffbb8 EFLAGS: 00010246 [ 158.160854] RAX: 0000000000000000 RBX: ffff888010f2f8a8 RCX: 0000000000000000 [ 158.161466] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 158.162082] RBP: ffff888016cffbd0 R08: ffffed10021e5f33 R09: ffffed10021e5f33 [ 158.162712] R10: ffff888010f2f993 R11: ffffed10021e5f32 R12: ffff888018026000 [ 158.163346] R13: ffff888010f2f9e8 R14: ffffffff8352e670 R15: ffff888016cffe68 [ 158.163964] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.164659] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.165161] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 158.165777] PKRU: 55555554 [ 158.166020] Call Trace: [ 158.166238] [ 158.166432] __iommufd_access_detach+0x1c2/0x2b0 [ 158.166875] iommufd_access_change_pt+0x149/0x270 [ 158.167312] iommufd_access_replace+0xb4/0x120 [ 158.167716] iommufd_test+0x3e5/0x37e0 [ 158.168050] ? lock_release+0x532/0x770 [ 158.168401] ? __might_fault+0x102/0x1b0 [ 158.168755] ? lock_acquire+0x427/0x4c0 [ 158.169101] ? __pfx_iommufd_test+0x10/0x10 [ 158.169465] ? __pfx_lock_release+0x10/0x10 [ 158.169838] ? __pfx_lock_acquire+0x10/0x10 [ 158.170215] ? write_comp_data+0x2f/0x90 [ 158.170594] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.171015] ? write_comp_data+0x2f/0x90 [ 158.171384] iommufd_fops_ioctl+0x37d/0x510 [ 158.171756] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.172176] ? write_comp_data+0x2f/0x90 [ 158.172534] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.172950] __x64_sys_ioctl+0x1a3/0x230 [ 158.173310] do_syscall_64+0x3b/0x90 [ 158.173639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.174088] RIP: 0033:0x7f4b8743ee5d [ 158.174410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.175979] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.176630] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.177239] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.177841] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.178440] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.179187] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.179970] [ 158.180174] irq event stamp: 0 [ 158.180452] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.180997] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.181703] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.182406] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.182966] ---[ end trace 0000000000000000 ]--- [ 158.185840] ------------[ cut here ]------------ [ 158.186275] WARNING: CPU: 1 PID: 1488 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.187187] Modules linked in: [ 158.187463] CPU: 1 PID: 1488 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.188203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.189155] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.189583] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.191187] RSP: 0018:ffff888016cffbd0 EFLAGS: 00010246 [ 158.191644] RAX: 0000000000000000 RBX: ffff888010f2f8a8 RCX: 0000000000000000 [ 158.192249] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 158.192862] RBP: ffff888016cffbe8 R08: ffffed10021e5f33 R09: ffffed10021e5f33 [ 158.193465] R10: ffff888010f2f993 R11: ffffed10021e5f32 R12: ffff888010c54000 [ 158.194065] R13: ffff888010f2f9e8 R14: ffff8880218d4b00 R15: 0000000000000000 [ 158.194682] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.195381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.195876] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.196494] PKRU: 55555554 [ 158.196742] Call Trace: [ 158.196962] [ 158.197155] iommufd_access_destroy_object+0x65/0x170 [ 158.197596] iommufd_object_destroy_user+0x18e/0x220 [ 158.198030] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.198547] iommufd_access_destroy+0x43/0x70 [ 158.198939] iommufd_test_staccess_release+0x8d/0xd0 [ 158.199389] __fput+0x26d/0xa40 [ 158.199686] ____fput+0x1e/0x30 [ 158.199979] task_work_run+0x1a4/0x2d0 [ 158.200323] ? __pfx_task_work_run+0x10/0x10 [ 158.200706] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.201127] ? switch_task_namespaces+0xa9/0xe0 [ 158.201532] do_exit+0xb17/0x2ef0 [ 158.201828] ? lock_acquire+0x427/0x4c0 [ 158.202177] ? __pfx_lock_release+0x10/0x10 [ 158.202573] ? __kasan_check_write+0x18/0x20 [ 158.202955] ? do_raw_spin_lock+0x132/0x2a0 [ 158.203347] ? __pfx_do_exit+0x10/0x10 [ 158.203689] ? debug_smp_processor_id+0x20/0x30 [ 158.204096] ? rcu_is_watching+0x19/0xb0 [ 158.204450] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.204845] ? trace_hardirqs_on+0x26/0x120 [ 158.205226] do_group_exit+0xe0/0x2b0 [ 158.205558] __x64_sys_exit_group+0x47/0x50 [ 158.205932] do_syscall_64+0x3b/0x90 [ 158.206264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.206748] RIP: 0033:0x7f4b87518a4d [ 158.207072] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.207618] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.208282] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.208902] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.209510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.210117] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.210744] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.211379] [ 158.211589] irq event stamp: 0 [ 158.211861] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.212399] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.213112] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.213819] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.214351] ---[ end trace 0000000000000000 ]--- [ 158.215125] ------------[ cut here ]------------ [ 158.215535] WARNING: CPU: 1 PID: 1488 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.216413] Modules linked in: [ 158.216689] CPU: 1 PID: 1488 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.217431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.218398] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.218867] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.220441] RSP: 0018:ffff888016cffb78 EFLAGS: 00010246 [ 158.220902] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.221505] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 158.222107] RBP: ffff888016cffb98 R08: ffffed10021e5f3e R09: ffffed10021e5f3e [ 158.222744] R10: ffff888010f2f9ef R11: ffffed10021e5f3d R12: ffff888010f2fa90 [ 158.223363] R13: ffff888010f2f8a8 R14: ffffffffffffffff R15: ffff888016cffc60 [ 158.223975] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.224665] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.225171] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.225787] PKRU: 55555554 [ 158.226037] Call Trace: [ 158.226264] [ 158.226463] iommufd_ioas_destroy+0x53/0x70 [ 158.226873] iommufd_fops_release+0x1f7/0x370 [ 158.227284] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.227725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.228153] ? write_comp_data+0x2f/0x90 [ 158.228515] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.228949] __fput+0x26d/0xa40 [ 158.229250] ____fput+0x1e/0x30 [ 158.229545] task_work_run+0x1a4/0x2d0 [ 158.229894] ? __pfx_task_work_run+0x10/0x10 [ 158.230278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.230725] ? switch_task_namespaces+0xa9/0xe0 [ 158.231152] do_exit+0xb17/0x2ef0 [ 158.231454] ? lock_acquire+0x427/0x4c0 [ 158.231806] ? __pfx_lock_release+0x10/0x10 [ 158.232185] ? __kasan_check_write+0x18/0x20 [ 158.232582] ? do_raw_spin_lock+0x132/0x2a0 [ 158.232959] ? __pfx_do_exit+0x10/0x10 [ 158.233313] ? debug_smp_processor_id+0x20/0x30 [ 158.233720] ? rcu_is_watching+0x19/0xb0 [ 158.234078] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.234478] ? trace_hardirqs_on+0x26/0x120 [ 158.234881] do_group_exit+0xe0/0x2b0 [ 158.235231] __x64_sys_exit_group+0x47/0x50 [ 158.235607] do_syscall_64+0x3b/0x90 [ 158.235944] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.236397] RIP: 0033:0x7f4b87518a4d [ 158.236720] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.237251] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.237913] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.238555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.239167] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.239753] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.240338] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.240930] [ 158.241121] irq event stamp: 0 [ 158.241380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.241895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.242612] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.243313] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.243846] ---[ end trace 0000000000000000 ]--- [ 158.249262] ------------[ cut here ]------------ [ 158.249711] WARNING: CPU: 1 PID: 1489 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.250745] Modules linked in: [ 158.251019] CPU: 1 PID: 1489 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.251763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.252812] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.253232] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.254866] RSP: 0018:ffff8880245d7bb8 EFLAGS: 00010246 [ 158.255324] RAX: 0000000000000000 RBX: ffff8880181d18a8 RCX: 0000000000000000 [ 158.255940] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 158.256689] RBP: ffff8880245d7bd0 R08: ffffed100303a333 R09: ffffed100303a333 [ 158.257324] R10: ffff8880181d1993 R11: ffffed100303a332 R12: ffff888018b89c00 [ 158.257942] R13: ffff8880181d19e8 R14: ffffffff8352e670 R15: ffff8880245d7e68 [ 158.258670] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.259384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.259902] CR2: 00007f4b877410e8 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 158.260567] PKRU: 55555554 [ 158.260911] Call Trace: [ 158.261136] [ 158.261340] __iommufd_access_detach+0x1c2/0x2b0 [ 158.261778] iommufd_access_change_pt+0x149/0x270 [ 158.262215] iommufd_access_replace+0xb4/0x120 [ 158.262755] iommufd_test+0x3e5/0x37e0 [ 158.263107] ? lock_release+0x532/0x770 [ 158.263480] ? __might_fault+0x102/0x1b0 [ 158.263852] ? lock_acquire+0x427/0x4c0 [ 158.264218] ? __pfx_iommufd_test+0x10/0x10 [ 158.264641] ? __pfx_lock_release+0x10/0x10 [ 158.265120] ? __pfx_lock_acquire+0x10/0x10 [ 158.265529] ? write_comp_data+0x2f/0x90 [ 158.265908] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.266350] ? write_comp_data+0x2f/0x90 [ 158.266877] iommufd_fops_ioctl+0x37d/0x510 [ 158.267284] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.267730] ? write_comp_data+0x2f/0x90 [ 158.268108] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.268545] __x64_sys_ioctl+0x1a3/0x230 [ 158.269054] do_syscall_64+0x3b/0x90 [ 158.269403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.269872] RIP: 0033:0x7f4b8743ee5d [ 158.270205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.271977] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.272663] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.273426] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.274054] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.274702] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.275545] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.276231] [ 158.276450] irq event stamp: 0 [ 158.276744] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.277486] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.278262] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.279074] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.279884] ---[ end trace 0000000000000000 ]--- [ 158.285073] ------------[ cut here ]------------ [ 158.285566] WARNING: CPU: 1 PID: 1489 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.286729] Modules linked in: [ 158.287029] CPU: 1 PID: 1489 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.287864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.289092] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.289569] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.291495] RSP: 0018:ffff8880245d7bd0 EFLAGS: 00010246 [ 158.292018] RAX: 0000000000000000 RBX: ffff8880181d18a8 RCX: 0000000000000000 [ 158.292780] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 158.293522] RBP: ffff8880245d7be8 R08: ffffed100303a333 R09: ffffed100303a333 [ 158.294203] R10: ffff8880181d1993 R11: ffffed100303a332 R12: ffff888018027800 [ 158.294949] R13: ffff8880181d19e8 R14: ffff888020e13500 R15: 0000000000000000 [ 158.295713] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.296480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.297075] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 158.297844] PKRU: 55555554 [ 158.298119] Call Trace: [ 158.298367] [ 158.298614] iommufd_access_destroy_object+0x65/0x170 [ 158.299147] iommufd_object_destroy_user+0x18e/0x220 [ 158.299913] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.300674] iommufd_access_destroy+0x43/0x70 [ 158.301326] iommufd_test_staccess_release+0x8d/0xd0 [ 158.302151] __fput+0x26d/0xa40 [ 158.302651] ____fput+0x1e/0x30 [ 158.303098] task_work_run+0x1a4/0x2d0 [ 158.303655] ? __pfx_task_work_run+0x10/0x10 [ 158.304234] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.305254] ? switch_task_namespaces+0xa9/0xe0 [ 158.305892] do_exit+0xb17/0x2ef0 [ 158.306364] ? lock_acquire+0x427/0x4c0 [ 158.307090] ? __pfx_lock_release+0x10/0x10 [ 158.307912] ? __kasan_check_write+0x18/0x20 [ 158.308522] ? do_raw_spin_lock+0x132/0x2a0 [ 158.309128] ? __pfx_do_exit+0x10/0x10 [ 158.309687] ? debug_smp_processor_id+0x20/0x30 [ 158.310497] ? rcu_is_watching+0x19/0xb0 [ 158.311205] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.311827] ? trace_hardirqs_on+0x26/0x120 [ 158.312410] do_group_exit+0xe0/0x2b0 [ 158.313120] __x64_sys_exit_group+0x47/0x50 [ 158.313723] do_syscall_64+0x3b/0x90 [ 158.314261] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.315093] RIP: 0033:0x7f4b87518a4d [ 158.315734] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.316565] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.317574] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.318761] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.319757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.320811] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.321838] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.322886] [ 158.323371] irq event stamp: 0 [ 158.323786] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.324629] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.325825] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.327069] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.328063] ---[ end trace 0000000000000000 ]--- [ 158.329792] ------------[ cut here ]------------ [ 158.330478] WARNING: CPU: 1 PID: 1489 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.332129] Modules linked in: [ 158.332576] CPU: 1 PID: 1489 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.333768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.335451] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.336181] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.338625] RSP: 0018:ffff8880245d7b78 EFLAGS: 00010246 [ 158.339387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.340365] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 158.341340] RBP: ffff8880245d7b98 R08: ffffed100303a33e R09: ffffed100303a33e [ 158.342320] R10: ffff8880181d19ef R11: ffffed100303a33d R12: ffff8880181d1a90 [ 158.343336] R13: ffff8880181d18a8 R14: ffffffffffffffff R15: ffff8880245d7c60 [ 158.344289] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.345355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.346132] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 158.347174] PKRU: 55555554 [ 158.347579] Call Trace: [ 158.347935] [ 158.348244] iommufd_ioas_destroy+0x53/0x70 [ 158.348835] iommufd_fops_release+0x1f7/0x370 [ 158.349440] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.350105] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.350807] ? write_comp_data+0x2f/0x90 [ 158.351395] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.352084] __fput+0x26d/0xa40 [ 158.352555] ____fput+0x1e/0x30 [ 158.353012] task_work_run+0x1a4/0x2d0 [ 158.353550] ? __pfx_task_work_run+0x10/0x10 [ 158.354148] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.354854] ? switch_task_namespaces+0xa9/0xe0 [ 158.355535] do_exit+0xb17/0x2ef0 [ 158.356016] ? lock_acquire+0x427/0x4c0 [ 158.356578] ? __pfx_lock_release+0x10/0x10 [ 158.357166] ? __kasan_check_write+0x18/0x20 [ 158.357759] ? do_raw_spin_lock+0x132/0x2a0 [ 158.358334] ? __pfx_do_exit+0x10/0x10 [ 158.358910] ? debug_smp_processor_id+0x20/0x30 [ 158.359552] ? rcu_is_watching+0x19/0xb0 [ 158.360097] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.360707] ? trace_hardirqs_on+0x26/0x120 [ 158.361294] do_group_exit+0xe0/0x2b0 [ 158.361804] __x64_sys_exit_group+0x47/0x50 [ 158.362375] do_syscall_64+0x3b/0x90 [ 158.362926] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.363647] RIP: 0033:0x7f4b87518a4d [ 158.364145] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.364952] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.365942] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.366914] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.367879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.368815] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.369754] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.370763] [ 158.371096] irq event stamp: 0 [ 158.371535] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.372362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.373453] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.374578] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.375433] ---[ end trace 0000000000000000 ]--- [ 158.383089] ------------[ cut here ]------------ [ 158.383803] WARNING: CPU: 1 PID: 1490 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.385140] Modules linked in: [ 158.385578] CPU: 1 PID: 1490 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.386805] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.388320] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.388988] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.391414] RSP: 0018:ffff88801899fbb8 EFLAGS: 00010246 [ 158.392126] RAX: 0000000000000000 RBX: ffff88800cb968a8 RCX: 0000000000000000 [ 158.393062] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 158.393992] RBP: ffff88801899fbd0 R08: ffffed1001972d33 R09: ffffed1001972d33 [ 158.394916] R10: ffff88800cb96993 R11: ffffed1001972d32 R12: ffff88800ef55400 [ 158.395839] R13: ffff88800cb969e8 R14: ffffffff8352e670 R15: ffff88801899fe68 [ 158.396739] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.397750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.398486] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 158.399446] PKRU: 55555554 [ 158.399811] Call Trace: [ 158.400140] [ 158.400436] __iommufd_access_detach+0x1c2/0x2b0 [ 158.401067] iommufd_access_change_pt+0x149/0x270 [ 158.401701] iommufd_access_replace+0xb4/0x120 [ 158.402313] iommufd_test+0x3e5/0x37e0 [ 158.402907] ? lock_release+0x532/0x770 [ 158.403465] ? __might_fault+0x102/0x1b0 [ 158.403999] ? lock_acquire+0x427/0x4c0 [ 158.404521] ? __pfx_iommufd_test+0x10/0x10 [ 158.405074] ? __pfx_lock_release+0x10/0x10 [ 158.405641] ? __pfx_lock_acquire+0x10/0x10 [ 158.406213] ? write_comp_data+0x2f/0x90 [ 158.406806] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.407467] ? write_comp_data+0x2f/0x90 [ 158.408021] iommufd_fops_ioctl+0x37d/0x510 [ 158.408596] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.409218] ? write_comp_data+0x2f/0x90 [ 158.409742] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.410352] __x64_sys_ioctl+0x1a3/0x230 [ 158.410918] do_syscall_64+0x3b/0x90 [ 158.411419] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.412072] RIP: 0033:0x7f4b8743ee5d [ 158.412537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.414774] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.415711] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.416548] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.417372] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.418201] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.419085] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.419956] [ 158.420250] irq event stamp: 0 [ 158.420629] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.421352] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.422335] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.423406] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.424151] ---[ end trace 0000000000000000 ]--- [ 158.428347] ------------[ cut here ]------------ [ 158.428948] WARNING: CPU: 1 PID: 1490 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.430116] Modules linked in: [ 158.430499] CPU: 1 PID: 1490 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.431605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.432880] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.433382] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.435230] RSP: 0018:ffff88801899fbd0 EFLAGS: 00010246 [ 158.435810] RAX: 0000000000000000 RBX: ffff88800cb968a8 RCX: 0000000000000000 [ 158.436626] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 158.437435] RBP: ffff88801899fbe8 R08: ffffed1001972d33 R09: ffffed1001972d33 [ 158.438256] R10: ffff88800cb96993 R11: ffffed1001972d32 R12: ffff888018b88c00 [ 158.439172] R13: ffff88800cb969e8 R14: ffff888013a63500 R15: 0000000000000000 [ 158.440035] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.440976] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.441653] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.442487] PKRU: 55555554 [ 158.442890] Call Trace: [ 158.443395] [ 158.443692] iommufd_access_destroy_object+0x65/0x170 [ 158.444334] iommufd_object_destroy_user+0x18e/0x220 [ 158.444965] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.445687] iommufd_access_destroy+0x43/0x70 [ 158.446255] iommufd_test_staccess_release+0x8d/0xd0 [ 158.446954] __fput+0x26d/0xa40 [ 158.447410] ____fput+0x1e/0x30 [ 158.447847] task_work_run+0x1a4/0x2d0 [ 158.448354] ? __pfx_task_work_run+0x10/0x10 [ 158.448914] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.449539] ? switch_task_namespaces+0xa9/0xe0 [ 158.450137] do_exit+0xb17/0x2ef0 [ 158.450606] ? lock_acquire+0x427/0x4c0 [ 158.451131] ? __pfx_lock_release+0x10/0x10 [ 158.451682] ? __kasan_check_write+0x18/0x20 [ 158.452240] ? do_raw_spin_lock+0x132/0x2a0 [ 158.452778] ? __pfx_do_exit+0x10/0x10 [ 158.453275] ? debug_smp_processor_id+0x20/0x30 [ 158.453857] ? rcu_is_watching+0x19/0xb0 [ 158.454369] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.454982] ? trace_hardirqs_on+0x26/0x120 [ 158.455562] do_group_exit+0xe0/0x2b0 [ 158.456046] __x64_sys_exit_group+0x47/0x50 [ 158.456580] do_syscall_64+0x3b/0x90 [ 158.457062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.457718] RIP: 0033:0x7f4b87518a4d [ 158.458184] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.458974] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.459913] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.460779] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.461642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.462503] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.463434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.464317] [ 158.464609] irq event stamp: 0 [ 158.465002] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.465770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.466824] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.467890] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.468694] ---[ end trace 0000000000000000 ]--- [ 158.469957] ------------[ cut here ]------------ [ 158.470609] WARNING: CPU: 1 PID: 1490 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.471940] Modules linked in: [ 158.472358] CPU: 1 PID: 1490 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.473470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.474939] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.475628] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.477945] RSP: 0018:ffff88801899fb78 EFLAGS: 00010246 [ 158.478663] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.479590] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 158.480500] RBP: ffff88801899fb98 R08: ffffed1001972d3e R09: ffffed1001972d3e [ 158.481410] R10: ffff88800cb969ef R11: ffffed1001972d3d R12: ffff88800cb96a90 [ 158.482316] R13: ffff88800cb968a8 R14: ffffffffffffffff R15: ffff88801899fc60 [ 158.483278] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.484317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.485069] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.485979] PKRU: 55555554 [ 158.486348] Call Trace: [ 158.486712] [ 158.487016] iommufd_ioas_destroy+0x53/0x70 [ 158.487600] iommufd_fops_release+0x1f7/0x370 [ 158.488193] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.488839] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.489478] ? write_comp_data+0x2f/0x90 [ 158.490013] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.490685] __fput+0x26d/0xa40 [ 158.491160] ____fput+0x1e/0x30 [ 158.491604] task_work_run+0x1a4/0x2d0 [ 158.492121] ? __pfx_task_work_run+0x10/0x10 [ 158.492686] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.493303] ? switch_task_namespaces+0xa9/0xe0 [ 158.493904] do_exit+0xb17/0x2ef0 [ 158.494344] ? lock_acquire+0x427/0x4c0 [ 158.494885] ? __pfx_lock_release+0x10/0x10 [ 158.495459] ? __kasan_check_write+0x18/0x20 [ 158.496026] ? do_raw_spin_lock+0x132/0x2a0 [ 158.496568] ? __pfx_do_exit+0x10/0x10 [ 158.497070] ? debug_smp_processor_id+0x20/0x30 [ 158.497658] ? rcu_is_watching+0x19/0xb0 [ 158.498172] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.498775] ? trace_hardirqs_on+0x26/0x120 [ 158.499352] do_group_exit+0xe0/0x2b0 [ 158.499846] __x64_sys_exit_group+0x47/0x50 [ 158.500392] do_syscall_64+0x3b/0x90 [ 158.500874] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.501536] RIP: 0033:0x7f4b87518a4d [ 158.502061] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.503162] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.504075] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.505079] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.505962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.506870] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.507784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.508648] [ 158.508935] irq event stamp: 0 [ 158.509395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.510227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.511264] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.512351] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.513113] ---[ end trace 0000000000000000 ]--- [ 158.520524] ------------[ cut here ]------------ [ 158.521154] WARNING: CPU: 1 PID: 1491 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.522468] Modules linked in: [ 158.522933] CPU: 1 PID: 1491 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.524106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.525566] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.526173] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.528641] RSP: 0018:ffff8880245d7bb8 EFLAGS: 00010246 [ 158.529302] RAX: 0000000000000000 RBX: ffff8880104678a8 RCX: 0000000000000000 [ 158.530273] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 158.531172] RBP: ffff8880245d7bd0 R08: ffffed100208cf33 R09: ffffed100208cf33 [ 158.532160] R10: ffff888010467993 R11: ffffed100208cf32 R12: ffff88801226e400 [ 158.533009] R13: ffff8880104679e8 R14: ffffffff8352e670 R15: ffff8880245d7e68 [ 158.533979] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.534975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.535807] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 158.536670] PKRU: 55555554 [ 158.537021] Call Trace: [ 158.537360] [ 158.537743] __iommufd_access_detach+0x1c2/0x2b0 [ 158.538351] iommufd_access_change_pt+0x149/0x270 [ 158.538996] iommufd_access_replace+0xb4/0x120 [ 158.539714] iommufd_test+0x3e5/0x37e0 [ 158.540202] ? lock_release+0x532/0x770 [ 158.540699] ? __might_fault+0x102/0x1b0 [ 158.541204] ? lock_acquire+0x427/0x4c0 [ 158.541803] ? __pfx_iommufd_test+0x10/0x10 [ 158.542316] ? __pfx_lock_release+0x10/0x10 [ 158.542878] ? __pfx_lock_acquire+0x10/0x10 [ 158.543507] ? write_comp_data+0x2f/0x90 [ 158.544029] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.544622] ? write_comp_data+0x2f/0x90 [ 158.545162] iommufd_fops_ioctl+0x37d/0x510 [ 158.545737] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.546327] ? write_comp_data+0x2f/0x90 [ 158.546863] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.547586] __x64_sys_ioctl+0x1a3/0x230 [ 158.548093] do_syscall_64+0x3b/0x90 [ 158.548558] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.549188] RIP: 0033:0x7f4b8743ee5d [ 158.549642] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.551802] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.552693] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.553520] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.554348] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.555247] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.556051] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.556685] [ 158.556880] irq event stamp: 0 [ 158.557208] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.557720] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.558406] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.559124] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.559639] ---[ end trace 0000000000000000 ]--- [ 158.562564] ------------[ cut here ]------------ [ 158.562983] WARNING: CPU: 1 PID: 1491 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.563823] Modules linked in: [ 158.564088] CPU: 1 PID: 1491 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.564811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.565725] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.566130] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.567650] RSP: 0018:ffff8880245d7bd0 EFLAGS: 00010246 [ 158.568091] RAX: 0000000000000000 RBX: ffff8880104678a8 RCX: 0000000000000000 [ 158.568674] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 158.569256] RBP: ffff8880245d7be8 R08: ffffed100208cf33 R09: ffffed100208cf33 [ 158.569839] R10: ffff888010467993 R11: ffffed100208cf32 R12: ffff88800ef57400 [ 158.570424] R13: ffff8880104679e8 R14: ffff888013727500 R15: 0000000000000000 [ 158.571028] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.571698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.572172] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.572757] PKRU: 55555554 [ 158.572991] Call Trace: [ 158.573201] [ 158.573389] iommufd_access_destroy_object+0x65/0x170 [ 158.573819] iommufd_object_destroy_user+0x18e/0x220 [ 158.574243] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.574747] iommufd_access_destroy+0x43/0x70 [ 158.575146] iommufd_test_staccess_release+0x8d/0xd0 [ 158.575561] __fput+0x26d/0xa40 [ 158.575842] ____fput+0x1e/0x30 [ 158.576115] task_work_run+0x1a4/0x2d0 [ 158.576439] ? __pfx_task_work_run+0x10/0x10 [ 158.576793] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.577186] ? switch_task_namespaces+0xa9/0xe0 [ 158.577567] do_exit+0xb17/0x2ef0 [ 158.577847] ? lock_acquire+0x427/0x4c0 [ 158.578176] ? __pfx_lock_release+0x10/0x10 [ 158.578544] ? __kasan_check_write+0x18/0x20 [ 158.578905] ? do_raw_spin_lock+0x132/0x2a0 [ 158.579260] ? __pfx_do_exit+0x10/0x10 [ 158.579580] ? debug_smp_processor_id+0x20/0x30 [ 158.579956] ? rcu_is_watching+0x19/0xb0 [ 158.580281] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.580645] ? trace_hardirqs_on+0x26/0x120 [ 158.580997] do_group_exit+0xe0/0x2b0 [ 158.581304] __x64_sys_exit_group+0x47/0x50 [ 158.581645] do_syscall_64+0x3b/0x90 [ 158.581951] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.582372] RIP: 0033:0x7f4b87518a4d [ 158.582697] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.583193] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.583794] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.584356] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.584918] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.585485] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.586051] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.586639] [ 158.586828] irq event stamp: 0 [ 158.587081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.587592] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.588259] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.588920] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.589476] ---[ end trace 0000000000000000 ]--- [ 158.590192] ------------[ cut here ]------------ [ 158.590592] WARNING: CPU: 1 PID: 1491 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.591402] Modules linked in: [ 158.591655] CPU: 1 PID: 1491 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.592337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.593214] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.593617] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.595047] RSP: 0018:ffff8880245d7b78 EFLAGS: 00010246 [ 158.595484] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.596035] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 158.596593] RBP: ffff8880245d7b98 R08: ffffed100208cf3e R09: ffffed100208cf3e [ 158.597144] R10: ffff8880104679ef R11: ffffed100208cf3d R12: ffff888010467a90 [ 158.597703] R13: ffff8880104678a8 R14: ffffffffffffffff R15: ffff8880245d7c60 [ 158.598263] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.598909] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.599375] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.599931] PKRU: 55555554 [ 158.600151] Call Trace: [ 158.600352] [ 158.600531] iommufd_ioas_destroy+0x53/0x70 [ 158.600877] iommufd_fops_release+0x1f7/0x370 [ 158.601236] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.601651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.602039] ? write_comp_data+0x2f/0x90 [ 158.602366] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.602778] __fput+0x26d/0xa40 [ 158.603054] ____fput+0x1e/0x30 [ 158.603336] task_work_run+0x1a4/0x2d0 [ 158.603651] ? __pfx_task_work_run+0x10/0x10 [ 158.604000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.604388] ? switch_task_namespaces+0xa9/0xe0 [ 158.604763] do_exit+0xb17/0x2ef0 [ 158.605042] ? lock_acquire+0x427/0x4c0 [ 158.605364] ? __pfx_lock_release+0x10/0x10 [ 158.605711] ? __kasan_check_write+0x18/0x20 [ 158.606047] ? do_raw_spin_lock+0x132/0x2a0 [ 158.606384] ? __pfx_do_exit+0x10/0x10 [ 158.606716] ? debug_smp_processor_id+0x20/0x30 [ 158.607084] ? rcu_is_watching+0x19/0xb0 [ 158.607419] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.607780] ? trace_hardirqs_on+0x26/0x120 [ 158.608124] do_group_exit+0xe0/0x2b0 [ 158.608426] __x64_sys_exit_group+0x47/0x50 [ 158.608761] do_syscall_64+0x3b/0x90 [ 158.609061] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.609470] RIP: 0033:0x7f4b87518a4d [ 158.609761] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.610236] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.610849] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.611411] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.611962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.612518] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.613068] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.613629] [ 158.613812] irq event stamp: 0 [ 158.614059] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.614570] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.615227] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.615882] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.616377] ---[ end trace 0000000000000000 ]--- [ 158.620394] ------------[ cut here ]------------ [ 158.620788] WARNING: CPU: 1 PID: 1492 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.621599] Modules linked in: [ 158.621851] CPU: 1 PID: 1492 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.622551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.623428] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.623812] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.625214] RSP: 0018:ffff88800b31fbb8 EFLAGS: 00010246 [ 158.625606] RAX: 0000000000000000 RBX: ffff888011ea68a8 RCX: 0000000000000000 [ 158.626158] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 158.626725] RBP: ffff88800b31fbd0 R08: ffffed10023d4d33 R09: ffffed10023d4d33 [ 158.627287] R10: ffff888011ea6993 R11: ffffed10023d4d32 R12: ffff8880129c6000 [ 158.627846] R13: ffff888011ea69e8 R14: ffffffff8352e670 R15: ffff88800b31fe68 [ 158.628398] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.629020] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.629470] CR2: 0000000020000140 CR3: 0000000014752000 CR4: 0000000000750ee0 [ 158.630021] PKRU: 55555554 [ 158.630243] Call Trace: [ 158.630443] [ 158.630641] __iommufd_access_detach+0x1c2/0x2b0 [ 158.631027] iommufd_access_change_pt+0x149/0x270 [ 158.631434] iommufd_access_replace+0xb4/0x120 [ 158.631802] iommufd_test+0x3e5/0x37e0 [ 158.632108] ? lock_release+0x532/0x770 [ 158.632430] ? __might_fault+0x102/0x1b0 [ 158.632760] ? lock_acquire+0x427/0x4c0 [ 158.633080] ? __pfx_iommufd_test+0x10/0x10 [ 158.633419] ? __pfx_lock_release+0x10/0x10 [ 158.633763] ? __pfx_lock_acquire+0x10/0x10 [ 158.634112] ? write_comp_data+0x2f/0x90 [ 158.634440] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.634845] ? write_comp_data+0x2f/0x90 [ 158.635181] iommufd_fops_ioctl+0x37d/0x510 [ 158.635526] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.635913] ? write_comp_data+0x2f/0x90 [ 158.636239] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.636617] __x64_sys_ioctl+0x1a3/0x230 [ 158.636946] do_syscall_64+0x3b/0x90 [ 158.637247] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.637661] RIP: 0033:0x7f4b8743ee5d [ 158.637952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.639387] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.639980] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.640537] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.641090] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.641643] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.642192] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.642774] [ 158.642957] irq event stamp: 0 [ 158.643216] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.643714] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.644359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.645009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.645498] ---[ end trace 0000000000000000 ]--- [ 158.648219] ------------[ cut here ]------------ [ 158.648613] WARNING: CPU: 1 PID: 1492 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.649395] Modules linked in: [ 158.649646] CPU: 1 PID: 1492 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.650326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.651417] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.651806] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.653270] RSP: 0018:ffff88800b31fbd0 EFLAGS: 00010246 [ 158.653682] RAX: 0000000000000000 RBX: ffff888011ea68a8 RCX: 0000000000000000 [ 158.654240] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 158.654804] RBP: ffff88800b31fbe8 R08: ffffed10023d4d33 R09: ffffed10023d4d33 [ 158.655365] R10: ffff888011ea6993 R11: ffffed10023d4d32 R12: ffff88801226cc00 [ 158.655912] R13: ffff888011ea69e8 R14: ffff888012b34200 R15: 0000000000000000 [ 158.656442] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.657059] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.657507] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.658056] PKRU: 55555554 [ 158.658274] Call Trace: [ 158.658471] [ 158.658662] iommufd_access_destroy_object+0x65/0x170 [ 158.659068] iommufd_object_destroy_user+0x18e/0x220 [ 158.659457] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.659922] iommufd_access_destroy+0x43/0x70 [ 158.660284] iommufd_test_staccess_release+0x8d/0xd0 [ 158.660687] __fput+0x26d/0xa40 [ 158.660957] ____fput+0x1e/0x30 [ 158.661220] task_work_run+0x1a4/0x2d0 [ 158.661534] ? __pfx_task_work_run+0x10/0x10 [ 158.661885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.662272] ? switch_task_namespaces+0xa9/0xe0 [ 158.662661] do_exit+0xb17/0x2ef0 [ 158.662937] ? lock_acquire+0x427/0x4c0 [ 158.663269] ? __pfx_lock_release+0x10/0x10 [ 158.663620] ? __kasan_check_write+0x18/0x20 [ 158.663968] ? do_raw_spin_lock+0x132/0x2a0 [ 158.664309] ? __pfx_do_exit+0x10/0x10 [ 158.664620] ? debug_smp_processor_id+0x20/0x30 [ 158.664989] ? rcu_is_watching+0x19/0xb0 [ 158.665307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.665669] ? trace_hardirqs_on+0x26/0x120 [ 158.666014] do_group_exit+0xe0/0x2b0 [ 158.666310] __x64_sys_exit_group+0x47/0x50 [ 158.666669] do_syscall_64+0x3b/0x90 [ 158.666971] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.667390] RIP: 0033:0x7f4b87518a4d [ 158.667680] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.668156] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.668745] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.669296] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.669843] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.670391] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.670957] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.671532] [ 158.671716] irq event stamp: 0 [ 158.671963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.672452] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.673100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.673751] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.674234] ---[ end trace 0000000000000000 ]--- [ 158.674942] ------------[ cut here ]------------ [ 158.675321] WARNING: CPU: 1 PID: 1492 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.676108] Modules linked in: [ 158.676358] CPU: 1 PID: 1492 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.677039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.677912] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.678315] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.679757] RSP: 0018:ffff88800b31fb78 EFLAGS: 00010246 [ 158.680178] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.680731] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 158.681280] RBP: ffff88800b31fb98 R08: ffffed10023d4d3e R09: ffffed10023d4d3e [ 158.681831] R10: ffff888011ea69ef R11: ffffed10023d4d3d R12: ffff888011ea6a90 [ 158.682383] R13: ffff888011ea68a8 R14: ffffffffffffffff R15: ffff88800b31fc60 [ 158.682948] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.683577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.684027] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.684581] PKRU: 55555554 [ 158.684801] Call Trace: [ 158.685054] [ 158.685233] iommufd_ioas_destroy+0x53/0x70 [ 158.685578] iommufd_fops_release+0x1f7/0x370 [ 158.685935] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.686325] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.686729] ? write_comp_data+0x2f/0x90 [ 158.687058] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.687455] __fput+0x26d/0xa40 [ 158.687728] ____fput+0x1e/0x30 [ 158.687995] task_work_run+0x1a4/0x2d0 [ 158.688309] ? __pfx_task_work_run+0x10/0x10 [ 158.688660] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.689044] ? switch_task_namespaces+0xa9/0xe0 [ 158.689419] do_exit+0xb17/0x2ef0 [ 158.689690] ? lock_acquire+0x427/0x4c0 [ 158.690010] ? __pfx_lock_release+0x10/0x10 [ 158.690353] ? __kasan_check_write+0x18/0x20 [ 158.690720] ? do_raw_spin_lock+0x132/0x2a0 [ 158.691059] ? __pfx_do_exit+0x10/0x10 [ 158.691381] ? debug_smp_processor_id+0x20/0x30 [ 158.691750] ? rcu_is_watching+0x19/0xb0 [ 158.692072] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.692434] ? trace_hardirqs_on+0x26/0x120 [ 158.692782] do_group_exit+0xe0/0x2b0 [ 158.693083] __x64_sys_exit_group+0x47/0x50 [ 158.693420] do_syscall_64+0x3b/0x90 [ 158.693720] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.694130] RIP: 0033:0x7f4b87518a4d [ 158.694424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.694919] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.695520] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.696076] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.696629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.697179] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.697730] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.698298] [ 158.698480] irq event stamp: 0 [ 158.698742] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.699242] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.699882] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.700514] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.700992] ---[ end trace 0000000000000000 ]--- [ 158.704865] ------------[ cut here ]------------ [ 158.705257] WARNING: CPU: 1 PID: 1493 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.706017] Modules linked in: [ 158.706258] CPU: 1 PID: 1493 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.706954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.707809] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.708187] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.709580] RSP: 0018:ffff8880171c7bb8 EFLAGS: 00010246 [ 158.709984] RAX: 0000000000000000 RBX: ffff888016cf88a8 RCX: 0000000000000000 [ 158.710533] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 158.711070] RBP: ffff8880171c7bd0 R08: ffffed1002d9f133 R09: ffffed1002d9f133 [ 158.711616] R10: ffff888016cf8993 R11: ffffed1002d9f132 R12: ffff888013b21000 [ 158.712154] R13: ffff888016cf89e8 R14: ffffffff8352e670 R15: ffff8880171c7e68 [ 158.712693] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.713302] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.713746] CR2: 0000000020000140 CR3: 00000000148b0000 CR4: 0000000000750ee0 [ 158.714286] PKRU: 55555554 [ 158.714523] Call Trace: [ 158.714722] [ 158.714898] __iommufd_access_detach+0x1c2/0x2b0 [ 158.715285] iommufd_access_change_pt+0x149/0x270 [ 158.715662] iommufd_access_replace+0xb4/0x120 [ 158.716023] iommufd_test+0x3e5/0x37e0 [ 158.716329] ? lock_release+0x532/0x770 [ 158.716645] ? __might_fault+0x102/0x1b0 [ 158.717019] ? lock_acquire+0x427/0x4c0 [ 158.717333] ? __pfx_iommufd_test+0x10/0x10 [ 158.717663] ? __pfx_lock_release+0x10/0x10 [ 158.718000] ? __pfx_lock_acquire+0x10/0x10 [ 158.718339] ? write_comp_data+0x2f/0x90 [ 158.718677] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.719057] ? write_comp_data+0x2f/0x90 [ 158.719388] iommufd_fops_ioctl+0x37d/0x510 [ 158.719725] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.720102] ? write_comp_data+0x2f/0x90 [ 158.720423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.720802] __x64_sys_ioctl+0x1a3/0x230 [ 158.721124] do_syscall_64+0x3b/0x90 [ 158.721418] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.721821] RIP: 0033:0x7f4b8743ee5d [ 158.722104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.723503] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.724081] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.724619] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.725166] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.725710] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.726256] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.726826] [ 158.727008] irq event stamp: 0 [ 158.727260] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.727742] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.728381] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.729012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.729493] ---[ end trace 0000000000000000 ]--- [ 158.732186] ------------[ cut here ]------------ [ 158.732570] WARNING: CPU: 1 PID: 1493 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.733338] Modules linked in: [ 158.733586] CPU: 1 PID: 1493 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.734247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.735149] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.735538] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.736903] RSP: 0018:ffff8880171c7bd0 EFLAGS: 00010246 [ 158.737306] RAX: 0000000000000000 RBX: ffff888016cf88a8 RCX: 0000000000000000 [ 158.737837] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 158.738367] RBP: ffff8880171c7be8 R08: ffffed1002d9f133 R09: ffffed1002d9f133 [ 158.738916] R10: ffff888016cf8993 R11: ffffed1002d9f132 R12: ffff88801341ec00 [ 158.739458] R13: ffff888016cf89e8 R14: ffff888020a6ee00 R15: 0000000000000000 [ 158.739992] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.740599] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.741038] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.741584] PKRU: 55555554 [ 158.741801] Call Trace: [ 158.741994] [ 158.742166] iommufd_access_destroy_object+0x65/0x170 [ 158.742581] iommufd_object_destroy_user+0x18e/0x220 [ 158.742978] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.743430] iommufd_access_destroy+0x43/0x70 [ 158.743782] iommufd_test_staccess_release+0x8d/0xd0 [ 158.744173] __fput+0x26d/0xa40 [ 158.744435] ____fput+0x1e/0x30 [ 158.744699] task_work_run+0x1a4/0x2d0 [ 158.745004] ? __pfx_task_work_run+0x10/0x10 [ 158.745340] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.745714] ? switch_task_namespaces+0xa9/0xe0 [ 158.746076] do_exit+0xb17/0x2ef0 [ 158.746343] ? lock_acquire+0x427/0x4c0 [ 158.746673] ? __pfx_lock_release+0x10/0x10 [ 158.747010] ? __kasan_check_write+0x18/0x20 [ 158.747359] ? do_raw_spin_lock+0x132/0x2a0 [ 158.747694] ? __pfx_do_exit+0x10/0x10 [ 158.748001] ? debug_smp_processor_id+0x20/0x30 [ 158.748358] ? rcu_is_watching+0x19/0xb0 [ 158.748671] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.749072] ? trace_hardirqs_on+0x26/0x120 [ 158.749414] do_group_exit+0xe0/0x2b0 [ 158.749705] __x64_sys_exit_group+0x47/0x50 [ 158.750029] do_syscall_64+0x3b/0x90 [ 158.750321] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.750736] RIP: 0033:0x7f4b87518a4d [ 158.751020] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.751495] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.752063] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.752601] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.753134] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.753668] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.754202] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.754764] [ 158.754945] irq event stamp: 0 [ 158.755193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.755673] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.756302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.756935] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.757410] ---[ end trace 0000000000000000 ]--- [ 158.758081] ------------[ cut here ]------------ [ 158.758440] WARNING: CPU: 1 PID: 1493 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.759239] Modules linked in: [ 158.759490] CPU: 1 PID: 1493 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.760162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.761013] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.761464] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.762930] RSP: 0018:ffff8880171c7b78 EFLAGS: 00010246 [ 158.763359] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.764007] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 158.764545] RBP: ffff8880171c7b98 R08: ffffed1002d9f13e R09: ffffed1002d9f13e [ 158.765080] R10: ffff888016cf89ef R11: ffffed1002d9f13d R12: ffff888016cf8a90 [ 158.765681] R13: ffff888016cf88a8 R14: ffffffffffffffff R15: ffff8880171c7c60 [ 158.766270] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.766901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.767343] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 158.767899] PKRU: 55555554 [ 158.768190] Call Trace: [ 158.768397] [ 158.768571] iommufd_ioas_destroy+0x53/0x70 [ 158.768905] iommufd_fops_release+0x1f7/0x370 [ 158.769253] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.769632] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.770036] ? write_comp_data+0x2f/0x90 [ 158.770417] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.770822] __fput+0x26d/0xa40 [ 158.771095] ____fput+0x1e/0x30 [ 158.771372] task_work_run+0x1a4/0x2d0 [ 158.771682] ? __pfx_task_work_run+0x10/0x10 [ 158.772029] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.772490] ? switch_task_namespaces+0xa9/0xe0 [ 158.772909] do_exit+0xb17/0x2ef0 [ 158.773183] ? lock_acquire+0x427/0x4c0 [ 158.773502] ? __pfx_lock_release+0x10/0x10 [ 158.773841] ? __kasan_check_write+0x18/0x20 [ 158.774187] ? do_raw_spin_lock+0x132/0x2a0 [ 158.774614] ? __pfx_do_exit+0x10/0x10 [ 158.774928] ? debug_smp_processor_id+0x20/0x30 [ 158.775299] ? rcu_is_watching+0x19/0xb0 [ 158.775615] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.775977] ? trace_hardirqs_on+0x26/0x120 [ 158.776319] do_group_exit+0xe0/0x2b0 [ 158.776617] __x64_sys_exit_group+0x47/0x50 [ 158.777066] do_syscall_64+0x3b/0x90 [ 158.777364] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.777777] RIP: 0033:0x7f4b87518a4d [ 158.778066] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.778561] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.779222] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.779820] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.780365] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.780915] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.781603] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.782162] [ 158.782346] irq event stamp: 0 [ 158.782615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.783107] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.783881] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.784524] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.785009] ---[ end trace 0000000000000000 ]--- [ 158.788530] ------------[ cut here ]------------ [ 158.788922] WARNING: CPU: 1 PID: 1494 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.789710] Modules linked in: [ 158.790027] CPU: 1 PID: 1494 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.790800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.791681] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.792068] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.793605] RSP: 0018:ffff88802452fbb8 EFLAGS: 00010246 [ 158.794023] RAX: 0000000000000000 RBX: ffff8880245080a8 RCX: 0000000000000000 [ 158.794623] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 158.795302] RBP: ffff88802452fbd0 R08: ffffed10048a1033 R09: ffffed10048a1033 [ 158.795941] R10: ffff888024508193 R11: ffffed10048a1032 R12: ffff888013f44800 [ 158.796520] R13: ffff8880245081e8 R14: ffffffff8352e670 R15: ffff88802452fe68 [ 158.797100] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.797889] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.798371] CR2: 00007f4b877410e8 CR3: 00000000148b0000 CR4: 0000000000750ee0 [ 158.798979] PKRU: 55555554 [ 158.799236] Call Trace: [ 158.799448] [ 158.799636] __iommufd_access_detach+0x1c2/0x2b0 [ 158.800058] iommufd_access_change_pt+0x149/0x270 [ 158.800565] iommufd_access_replace+0xb4/0x120 [ 158.800954] iommufd_test+0x3e5/0x37e0 [ 158.801275] ? lock_release+0x532/0x770 [ 158.801614] ? __might_fault+0x102/0x1b0 [ 158.801958] ? lock_acquire+0x427/0x4c0 [ 158.802334] ? __pfx_iommufd_test+0x10/0x10 [ 158.802768] ? __pfx_lock_release+0x10/0x10 [ 158.803141] ? __pfx_lock_acquire+0x10/0x10 [ 158.803506] ? write_comp_data+0x2f/0x90 [ 158.803852] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.804259] ? write_comp_data+0x2f/0x90 [ 158.804604] iommufd_fops_ioctl+0x37d/0x510 [ 158.805049] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.805508] ? write_comp_data+0x2f/0x90 [ 158.805854] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.806255] __x64_sys_ioctl+0x1a3/0x230 [ 158.806623] do_syscall_64+0x3b/0x90 [ 158.806943] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.807389] RIP: 0033:0x7f4b8743ee5d [ 158.807770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.809311] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.810059] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.810659] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.811246] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.811824] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.812530] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.813190] [ 158.813383] irq event stamp: 0 [ 158.813641] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.814258] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.814960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.815654] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.816167] ---[ end trace 0000000000000000 ]--- [ 158.819416] ------------[ cut here ]------------ [ 158.819859] WARNING: CPU: 1 PID: 1494 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.820725] Modules linked in: [ 158.821086] CPU: 1 PID: 1494 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.821883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.822858] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.823319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.824958] RSP: 0018:ffff88802452fbd0 EFLAGS: 00010246 [ 158.825506] RAX: 0000000000000000 RBX: ffff8880245080a8 RCX: 0000000000000000 [ 158.826177] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 158.826801] RBP: ffff88802452fbe8 R08: ffffed10048a1033 R09: ffffed10048a1033 [ 158.827416] R10: ffff888024508193 R11: ffffed10048a1032 R12: ffff888013b23400 [ 158.828102] R13: ffff8880245081e8 R14: ffff88800f48ba00 R15: 0000000000000000 [ 158.828765] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.829443] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.829938] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 158.830700] PKRU: 55555554 [ 158.830942] Call Trace: [ 158.831182] [ 158.831373] iommufd_access_destroy_object+0x65/0x170 [ 158.831819] iommufd_object_destroy_user+0x18e/0x220 [ 158.832254] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.832896] iommufd_access_destroy+0x43/0x70 [ 158.833288] iommufd_test_staccess_release+0x8d/0xd0 [ 158.833729] __fput+0x26d/0xa40 [ 158.834029] ____fput+0x1e/0x30 [ 158.834320] task_work_run+0x1a4/0x2d0 [ 158.834766] ? __pfx_task_work_run+0x10/0x10 [ 158.835191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.835623] ? switch_task_namespaces+0xa9/0xe0 [ 158.836037] do_exit+0xb17/0x2ef0 [ 158.836337] ? lock_acquire+0x427/0x4c0 [ 158.836692] ? __pfx_lock_release+0x10/0x10 [ 158.837106] ? __kasan_check_write+0x18/0x20 [ 158.837609] ? do_raw_spin_lock+0x132/0x2a0 [ 158.837982] ? __pfx_do_exit+0x10/0x10 [ 158.838328] ? debug_smp_processor_id+0x20/0x30 [ 158.838759] ? rcu_is_watching+0x19/0xb0 [ 158.839121] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.839613] ? trace_hardirqs_on+0x26/0x120 [ 158.840063] do_group_exit+0xe0/0x2b0 [ 158.840403] __x64_sys_exit_group+0x47/0x50 [ 158.840780] do_syscall_64+0x3b/0x90 [ 158.841109] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.841562] RIP: 0033:0x7f4b87518a4d [ 158.842027] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.842583] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.843256] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.843869] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.844617] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.845299] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.845913] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.846705] [ 158.846912] irq event stamp: 0 [ 158.847193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.847749] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.848471] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.849346] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.849900] ---[ end trace 0000000000000000 ]--- [ 158.850721] ------------[ cut here ]------------ [ 158.851160] WARNING: CPU: 1 PID: 1494 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.852210] Modules linked in: [ 158.852495] CPU: 1 PID: 1494 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.853254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.854374] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.854851] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.856590] RSP: 0018:ffff88802452fb78 EFLAGS: 00010246 [ 158.857058] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.857671] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 158.858375] RBP: ffff88802452fb98 R08: ffffed10048a103e R09: ffffed10048a103e [ 158.859074] R10: ffff8880245081ef R11: ffffed10048a103d R12: ffff888024508290 [ 158.859709] R13: ffff8880245080a8 R14: ffffffffffffffff R15: ffff88802452fc60 [ 158.860325] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.861168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.861670] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 158.862291] PKRU: 55555554 [ 158.862565] Call Trace: [ 158.862792] [ 158.863023] iommufd_ioas_destroy+0x53/0x70 [ 158.863523] iommufd_fops_release+0x1f7/0x370 [ 158.863927] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.864373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.864805] ? write_comp_data+0x2f/0x90 [ 158.865226] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.865735] __fput+0x26d/0xa40 [ 158.866036] ____fput+0x1e/0x30 [ 158.866330] task_work_run+0x1a4/0x2d0 [ 158.866701] ? __pfx_task_work_run+0x10/0x10 [ 158.867095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.867538] ? switch_task_namespaces+0xa9/0xe0 [ 158.868085] do_exit+0xb17/0x2ef0 [ 158.868399] ? lock_acquire+0x427/0x4c0 [ 158.868756] ? __pfx_lock_release+0x10/0x10 [ 158.869137] ? __kasan_check_write+0x18/0x20 [ 158.869527] ? do_raw_spin_lock+0x132/0x2a0 [ 158.870005] ? __pfx_do_exit+0x10/0x10 [ 158.870417] ? debug_smp_processor_id+0x20/0x30 [ 158.870868] ? rcu_is_watching+0x19/0xb0 [ 158.871244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.871646] ? trace_hardirqs_on+0x26/0x120 [ 158.872038] do_group_exit+0xe0/0x2b0 [ 158.872462] __x64_sys_exit_group+0x47/0x50 [ 158.872940] do_syscall_64+0x3b/0x90 [ 158.873273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.873730] RIP: 0033:0x7f4b87518a4d [ 158.874054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.874679] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.875446] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.876063] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.876675] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.877426] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.878118] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.878764] [ 158.878971] irq event stamp: 0 [ 158.879259] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.879901] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.880727] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.881444] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.882079] ---[ end trace 0000000000000000 ]--- [ 158.886988] ------------[ cut here ]------------ [ 158.887464] WARNING: CPU: 1 PID: 1495 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.888341] Modules linked in: [ 158.888705] CPU: 1 PID: 1495 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.889547] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.890595] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.891032] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.892770] RSP: 0018:ffff8880171c7bb8 EFLAGS: 00010246 [ 158.893233] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 158.893993] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 158.894627] RBP: ffff8880171c7bd0 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 158.895267] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff88800ef57800 [ 158.896030] R13: ffff8880178189e8 R14: ffffffff8352e670 R15: ffff8880171c7e68 [ 158.896793] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.897536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.898094] CR2: 00007f4b877410e8 CR3: 00000000148b0000 CR4: 0000000000750ee0 [ 158.898940] PKRU: 55555554 [ 158.899226] Call Trace: [ 158.899464] [ 158.899677] __iommufd_access_detach+0x1c2/0x2b0 [ 158.900137] iommufd_access_change_pt+0x149/0x270 [ 158.900592] iommufd_access_replace+0xb4/0x120 [ 158.901118] iommufd_test+0x3e5/0x37e0 [ 158.901575] ? lock_release+0x532/0x770 [ 158.901953] ? __might_fault+0x102/0x1b0 [ 158.902338] ? lock_acquire+0x427/0x4c0 [ 158.902744] ? __pfx_iommufd_test+0x10/0x10 [ 158.903162] ? __pfx_lock_release+0x10/0x10 [ 158.903594] ? __pfx_lock_acquire+0x10/0x10 [ 158.904155] ? write_comp_data+0x2f/0x90 [ 158.904546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.905001] ? write_comp_data+0x2f/0x90 [ 158.905389] iommufd_fops_ioctl+0x37d/0x510 [ 158.905803] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.906431] ? write_comp_data+0x2f/0x90 [ 158.906843] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 158.907307] __x64_sys_ioctl+0x1a3/0x230 [ 158.907696] do_syscall_64+0x3b/0x90 [ 158.908049] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.908543] RIP: 0033:0x7f4b8743ee5d [ 158.909116] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 158.910834] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 158.911678] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 158.912326] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 158.912978] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 158.913798] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 158.914473] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 158.915169] [ 158.915392] irq event stamp: 0 [ 158.915682] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.916452] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.917219] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.917987] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.918756] ---[ end trace 0000000000000000 ]--- [ 158.921953] ------------[ cut here ]------------ [ 158.922429] WARNING: CPU: 1 PID: 1495 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.923475] Modules linked in: [ 158.923845] CPU: 1 PID: 1495 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.924650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.925730] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.926300] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.928141] RSP: 0018:ffff8880171c7bd0 EFLAGS: 00010246 [ 158.928716] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 158.929376] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 158.930026] RBP: ffff8880171c7be8 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 158.930807] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff888013f46c00 [ 158.931511] R13: ffff8880178189e8 R14: ffff88800f5b5900 R15: 0000000000000000 [ 158.932165] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.932904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.933439] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 158.934101] PKRU: 55555554 [ 158.934422] Call Trace: [ 158.934762] [ 158.935084] iommufd_access_destroy_object+0x65/0x170 [ 158.935585] iommufd_object_destroy_user+0x18e/0x220 [ 158.936059] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 158.936597] iommufd_access_destroy+0x43/0x70 [ 158.937029] iommufd_test_staccess_release+0x8d/0xd0 [ 158.937507] __fput+0x26d/0xa40 [ 158.937833] ____fput+0x1e/0x30 [ 158.938148] task_work_run+0x1a4/0x2d0 [ 158.938554] ? __pfx_task_work_run+0x10/0x10 [ 158.939000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.939618] ? switch_task_namespaces+0xa9/0xe0 [ 158.940183] do_exit+0xb17/0x2ef0 [ 158.940507] ? lock_acquire+0x427/0x4c0 [ 158.940886] ? __pfx_lock_release+0x10/0x10 [ 158.941372] ? __kasan_check_write+0x18/0x20 [ 158.941784] ? do_raw_spin_lock+0x132/0x2a0 [ 158.942186] ? __pfx_do_exit+0x10/0x10 [ 158.942615] ? debug_smp_processor_id+0x20/0x30 [ 158.943095] ? rcu_is_watching+0x19/0xb0 [ 158.943596] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.944143] ? trace_hardirqs_on+0x26/0x120 [ 158.944549] do_group_exit+0xe0/0x2b0 [ 158.944908] __x64_sys_exit_group+0x47/0x50 [ 158.945308] do_syscall_64+0x3b/0x90 [ 158.945660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.946148] RIP: 0033:0x7f4b87518a4d [ 158.946498] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.947101] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.947885] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.948532] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.949175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.949825] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.950471] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.951153] [ 158.951370] irq event stamp: 0 [ 158.951659] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.952236] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.952997] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.953767] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.954336] ---[ end trace 0000000000000000 ]--- [ 158.955148] ------------[ cut here ]------------ [ 158.955582] WARNING: CPU: 1 PID: 1495 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 158.956512] Modules linked in: [ 158.956815] CPU: 1 PID: 1495 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.957613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.958684] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 158.959177] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 158.960827] RSP: 0018:ffff8880171c7b78 EFLAGS: 00010246 [ 158.961295] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 158.961909] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 158.962545] RBP: ffff8880171c7b98 R08: ffffed1002f0313e R09: ffffed1002f0313e [ 158.963166] R10: ffff8880178189ef R11: ffffed1002f0313d R12: ffff888017818a90 [ 158.963779] R13: ffff8880178188a8 R14: ffffffffffffffff R15: ffff8880171c7c60 [ 158.964388] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.965083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.965585] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 158.966206] PKRU: 55555554 [ 158.966447] Call Trace: [ 158.966695] [ 158.966895] iommufd_ioas_destroy+0x53/0x70 [ 158.967293] iommufd_fops_release+0x1f7/0x370 [ 158.967692] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.968132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.968562] ? write_comp_data+0x2f/0x90 [ 158.968918] ? __pfx_iommufd_fops_release+0x10/0x10 [ 158.969351] __fput+0x26d/0xa40 [ 158.969653] ____fput+0x1e/0x30 [ 158.969949] task_work_run+0x1a4/0x2d0 [ 158.970296] ? __pfx_task_work_run+0x10/0x10 [ 158.970714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 158.971153] ? switch_task_namespaces+0xa9/0xe0 [ 158.971569] do_exit+0xb17/0x2ef0 [ 158.971871] ? lock_acquire+0x427/0x4c0 [ 158.972222] ? __pfx_lock_release+0x10/0x10 [ 158.972601] ? __kasan_check_write+0x18/0x20 [ 158.973041] ? do_raw_spin_lock+0x132/0x2a0 [ 158.973417] ? __pfx_do_exit+0x10/0x10 [ 158.973769] ? debug_smp_processor_id+0x20/0x30 [ 158.974180] ? rcu_is_watching+0x19/0xb0 [ 158.974560] ? _raw_spin_unlock_irq+0x2b/0x60 [ 158.974966] ? trace_hardirqs_on+0x26/0x120 [ 158.975368] do_group_exit+0xe0/0x2b0 [ 158.975707] __x64_sys_exit_group+0x47/0x50 [ 158.976077] do_syscall_64+0x3b/0x90 [ 158.976407] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 158.976865] RIP: 0033:0x7f4b87518a4d [ 158.977193] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 158.977724] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 158.978379] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 158.979014] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 158.979638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 158.980257] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 158.980870] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 158.981492] [ 158.981698] irq event stamp: 0 [ 158.981974] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 158.982541] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 158.983273] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 158.984001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 158.984551] ---[ end trace 0000000000000000 ]--- [ 158.989113] ------------[ cut here ]------------ [ 158.989556] WARNING: CPU: 1 PID: 1496 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 158.990424] Modules linked in: [ 158.990908] CPU: 1 PID: 1496 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 158.991668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 158.992632] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 158.993057] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 158.994657] RSP: 0018:ffff888017aafbb8 EFLAGS: 00010246 [ 158.995125] RAX: 0000000000000000 RBX: ffff88801609f0a8 RCX: 0000000000000000 [ 158.995736] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 158.996344] RBP: ffff888017aafbd0 R08: ffffed1002c13e33 R09: ffffed1002c13e33 [ 158.996951] R10: ffff88801609f193 R11: ffffed1002c13e32 R12: ffff888010c4a400 [ 158.997563] R13: ffff88801609f1e8 R14: ffffffff8352e670 R15: ffff888017aafe68 [ 158.998178] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 158.998890] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 158.999401] CR2: 0000000020000140 CR3: 0000000017b90000 CR4: 0000000000750ee0 [ 159.000019] PKRU: 55555554 [ 159.000266] Call Trace: [ 159.000489] [ 159.000684] __iommufd_access_detach+0x1c2/0x2b0 [ 159.001114] iommufd_access_change_pt+0x149/0x270 [ 159.001541] iommufd_access_replace+0xb4/0x120 [ 159.002031] iommufd_test+0x3e5/0x37e0 [ 159.002364] ? lock_release+0x532/0x770 [ 159.002736] ? __might_fault+0x102/0x1b0 [ 159.003094] ? lock_acquire+0x427/0x4c0 [ 159.003441] ? __pfx_iommufd_test+0x10/0x10 [ 159.003791] ? __pfx_lock_release+0x10/0x10 [ 159.004150] ? __pfx_lock_acquire+0x10/0x10 [ 159.004511] ? write_comp_data+0x2f/0x90 [ 159.004852] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.005280] ? write_comp_data+0x2f/0x90 [ 159.005626] iommufd_fops_ioctl+0x37d/0x510 [ 159.005980] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.006380] ? write_comp_data+0x2f/0x90 [ 159.006748] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.007154] __x64_sys_ioctl+0x1a3/0x230 [ 159.007502] do_syscall_64+0x3b/0x90 [ 159.007823] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.008251] RIP: 0033:0x7f4b8743ee5d [ 159.008555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.010078] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.010742] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.011359] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.011968] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.012558] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.013161] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.013770] [ 159.013967] irq event stamp: 0 [ 159.014232] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.014789] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.015502] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.016207] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.016737] ---[ end trace 0000000000000000 ]--- [ 159.019613] ------------[ cut here ]------------ [ 159.020078] WARNING: CPU: 1 PID: 1496 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.021105] Modules linked in: [ 159.021381] CPU: 1 PID: 1496 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.022117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.023122] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.023556] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.025275] RSP: 0018:ffff888017aafbd0 EFLAGS: 00010246 [ 159.025732] RAX: 0000000000000000 RBX: ffff88801609f0a8 RCX: 0000000000000000 [ 159.026331] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 159.026956] RBP: ffff888017aafbe8 R08: ffffed1002c13e33 R09: ffffed1002c13e33 [ 159.027571] R10: ffff88801609f193 R11: ffffed1002c13e32 R12: ffff88800ef56800 [ 159.028175] R13: ffff88801609f1e8 R14: ffff888020e95600 R15: 0000000000000000 [ 159.028948] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 159.029623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.030200] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 159.030853] PKRU: 55555554 [ 159.031098] Call Trace: [ 159.031328] [ 159.031521] iommufd_access_destroy_object+0x65/0x170 [ 159.031965] iommufd_object_destroy_user+0x18e/0x220 [ 159.032480] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.033060] iommufd_access_destroy+0x43/0x70 [ 159.033452] iommufd_test_staccess_release+0x8d/0xd0 [ 159.033888] __fput+0x26d/0xa40 [ 159.034179] ____fput+0x1e/0x30 [ 159.034466] task_work_run+0x1a4/0x2d0 [ 159.034830] ? __pfx_task_work_run+0x10/0x10 [ 159.035221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.035646] ? switch_task_namespaces+0xa9/0xe0 [ 159.036088] do_exit+0xb17/0x2ef0 [ 159.036520] ? lock_acquire+0x427/0x4c0 [ 159.036878] ? __pfx_lock_release+0x10/0x10 [ 159.037308] ? __kasan_check_write+0x18/0x20 [ 159.037692] ? do_raw_spin_lock+0x132/0x2a0 [ 159.038072] ? __pfx_do_exit+0x10/0x10 [ 159.038537] ? debug_smp_processor_id+0x20/0x30 [ 159.039030] ? rcu_is_watching+0x19/0xb0 [ 159.039393] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.039785] ? trace_hardirqs_on+0x26/0x120 [ 159.040158] do_group_exit+0xe0/0x2b0 [ 159.040488] __x64_sys_exit_group+0x47/0x50 [ 159.040907] do_syscall_64+0x3b/0x90 [ 159.041349] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.041799] RIP: 0033:0x7f4b87518a4d [ 159.042119] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.042670] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.043371] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.044078] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.044690] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.045294] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.046060] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.046691] [ 159.046892] irq event stamp: 0 [ 159.047190] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.047725] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.048588] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.049304] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.049840] ---[ end trace 0000000000000000 ]--- [ 159.050792] ------------[ cut here ]------------ [ 159.051212] WARNING: CPU: 1 PID: 1496 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.052091] Modules linked in: [ 159.052409] CPU: 1 PID: 1496 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.053236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.054189] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.054822] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.056392] RSP: 0018:ffff888017aafb78 EFLAGS: 00010246 [ 159.056849] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.057586] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 159.058188] RBP: ffff888017aafb98 R08: ffffed1002c13e3e R09: ffffed1002c13e3e [ 159.058821] R10: ffff88801609f1ef R11: ffffed1002c13e3d R12: ffff88801609f290 [ 159.059474] R13: ffff88801609f0a8 R14: ffffffffffffffff R15: ffff888017aafc60 [ 159.060171] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 159.060849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.061340] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 159.062081] PKRU: 55555554 [ 159.062322] Call Trace: [ 159.062562] [ 159.062758] iommufd_ioas_destroy+0x53/0x70 [ 159.063144] iommufd_fops_release+0x1f7/0x370 [ 159.063532] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.063993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.064488] ? write_comp_data+0x2f/0x90 [ 159.064858] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.065285] __fput+0x26d/0xa40 [ 159.065583] ____fput+0x1e/0x30 [ 159.065886] task_work_run+0x1a4/0x2d0 [ 159.066311] ? __pfx_task_work_run+0x10/0x10 [ 159.066749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.067186] ? switch_task_namespaces+0xa9/0xe0 [ 159.067599] do_exit+0xb17/0x2ef0 [ 159.067896] ? lock_acquire+0x427/0x4c0 [ 159.068240] ? __pfx_lock_release+0x10/0x10 [ 159.068611] ? __kasan_check_write+0x18/0x20 [ 159.069149] ? do_raw_spin_lock+0x132/0x2a0 [ 159.069526] ? __pfx_do_exit+0x10/0x10 [ 159.069867] ? debug_smp_processor_id+0x20/0x30 [ 159.070271] ? rcu_is_watching+0x19/0xb0 [ 159.070652] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.071078] ? trace_hardirqs_on+0x26/0x120 [ 159.071567] do_group_exit+0xe0/0x2b0 [ 159.071905] __x64_sys_exit_group+0x47/0x50 [ 159.072276] do_syscall_64+0x3b/0x90 [ 159.072611] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.073103] RIP: 0033:0x7f4b87518a4d [ 159.073520] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.074052] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.074739] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.075369] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.076141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.076753] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.077382] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.078151] [ 159.078366] irq event stamp: 0 [ 159.078675] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.079255] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.080031] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.080863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.081411] ---[ end trace 0000000000000000 ]--- [ 159.086199] ------------[ cut here ]------------ [ 159.086779] WARNING: CPU: 1 PID: 1497 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.087669] Modules linked in: [ 159.087945] CPU: 1 PID: 1497 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.088849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.089849] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.090298] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.091989] RSP: 0018:ffff8880171c7bb8 EFLAGS: 00010246 [ 159.092477] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 159.093116] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 159.093750] RBP: ffff8880171c7bd0 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 159.094383] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff88800b9b6c00 [ 159.095034] R13: ffff88801587a9e8 R14: ffffffff8352e670 R15: ffff8880171c7e68 [ 159.095687] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 159.096406] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.096927] CR2: 00007f4b877410e8 CR3: 0000000017b90000 CR4: 0000000000750ee0 [ 159.097572] PKRU: 55555554 [ 159.097829] Call Trace: [ 159.098058] [ 159.098264] __iommufd_access_detach+0x1c2/0x2b0 [ 159.098741] iommufd_access_change_pt+0x149/0x270 [ 159.099209] iommufd_access_replace+0xb4/0x120 [ 159.099641] iommufd_test+0x3e5/0x37e0 [ 159.099996] ? lock_release+0x532/0x770 [ 159.100371] ? __might_fault+0x102/0x1b0 [ 159.100759] ? lock_acquire+0x427/0x4c0 [ 159.101212] ? __pfx_iommufd_test+0x10/0x10 [ 159.101602] ? __pfx_lock_release+0x10/0x10 [ 159.102011] ? __pfx_lock_acquire+0x10/0x10 [ 159.102412] ? write_comp_data+0x2f/0x90 [ 159.102840] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.103320] ? write_comp_data+0x2f/0x90 [ 159.103711] iommufd_fops_ioctl+0x37d/0x510 [ 159.104117] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.104571] ? write_comp_data+0x2f/0x90 [ 159.104954] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.105401] __x64_sys_ioctl+0x1a3/0x230 [ 159.105783] do_syscall_64+0x3b/0x90 [ 159.106136] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.106640] RIP: 0033:0x7f4b8743ee5d [ 159.106986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.108657] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.109351] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.109993] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.110673] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.111351] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.112008] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.112676] [ 159.112906] irq event stamp: 0 [ 159.113197] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.113773] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.114560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.115336] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.115918] ---[ end trace 0000000000000000 ]--- [ 159.118927] ------------[ cut here ]------------ [ 159.119428] WARNING: CPU: 1 PID: 1497 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.120348] Modules linked in: [ 159.120648] CPU: 1 PID: 1497 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.121451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.122471] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.123025] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.124712] RSP: 0018:ffff8880171c7bd0 EFLAGS: 00010246 [ 159.125202] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 159.125850] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 159.126538] RBP: ffff8880171c7be8 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 159.127207] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff888010c48800 [ 159.127864] R13: ffff88801587a9e8 R14: ffff888011f03800 R15: 0000000000000000 [ 159.128524] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 159.129272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.129811] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 159.130471] PKRU: 55555554 [ 159.130763] Call Trace: [ 159.131007] [ 159.131231] iommufd_access_destroy_object+0x65/0x170 [ 159.131718] iommufd_object_destroy_user+0x18e/0x220 [ 159.132191] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.132729] iommufd_access_destroy+0x43/0x70 [ 159.133223] iommufd_test_staccess_release+0x8d/0xd0 [ 159.133709] __fput+0x26d/0xa40 [ 159.134034] ____fput+0x1e/0x30 [ 159.134350] task_work_run+0x1a4/0x2d0 [ 159.134744] ? __pfx_task_work_run+0x10/0x10 [ 159.135170] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.135628] ? switch_task_namespaces+0xa9/0xe0 [ 159.136073] do_exit+0xb17/0x2ef0 [ 159.136401] ? lock_acquire+0x427/0x4c0 [ 159.136784] ? __pfx_lock_release+0x10/0x10 [ 159.137192] ? __kasan_check_write+0x18/0x20 [ 159.137605] ? do_raw_spin_lock+0x132/0x2a0 [ 159.138011] ? __pfx_do_exit+0x10/0x10 [ 159.138389] ? debug_smp_processor_id+0x20/0x30 [ 159.138850] ? rcu_is_watching+0x19/0xb0 [ 159.139255] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.139684] ? trace_hardirqs_on+0x26/0x120 [ 159.140086] do_group_exit+0xe0/0x2b0 [ 159.140444] __x64_sys_exit_group+0x47/0x50 [ 159.140848] do_syscall_64+0x3b/0x90 [ 159.141204] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.141687] RIP: 0033:0x7f4b87518a4d [ 159.142028] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.142620] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.143341] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.144004] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.144655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.145307] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.145951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.146632] [ 159.146852] irq event stamp: 0 [ 159.147151] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.147737] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.148508] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.149268] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.149851] ---[ end trace 0000000000000000 ]--- [ 159.150676] ------------[ cut here ]------------ [ 159.151139] WARNING: CPU: 1 PID: 1497 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.152093] Modules linked in: [ 159.152393] CPU: 1 PID: 1497 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.153198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.154251] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.154756] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.156441] RSP: 0018:ffff8880171c7b78 EFLAGS: 00010246 [ 159.156929] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.157574] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 159.158223] RBP: ffff8880171c7b98 R08: ffffed1002b0f53e R09: ffffed1002b0f53e [ 159.158896] R10: ffff88801587a9ef R11: ffffed1002b0f53d R12: ffff88801587aa90 [ 159.159573] R13: ffff88801587a8a8 R14: ffffffffffffffff R15: ffff8880171c7c60 [ 159.160224] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 159.160949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.161489] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 159.162138] PKRU: 55555554 [ 159.162401] Call Trace: [ 159.162659] [ 159.162874] iommufd_ioas_destroy+0x53/0x70 [ 159.163295] iommufd_fops_release+0x1f7/0x370 [ 159.163717] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.164196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.164653] ? write_comp_data+0x2f/0x90 [ 159.165099] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.165567] __fput+0x26d/0xa40 [ 159.165886] ____fput+0x1e/0x30 [ 159.166199] task_work_run+0x1a4/0x2d0 [ 159.166597] ? __pfx_task_work_run+0x10/0x10 [ 159.167015] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.167480] ? switch_task_namespaces+0xa9/0xe0 [ 159.167931] do_exit+0xb17/0x2ef0 [ 159.168253] ? lock_acquire+0x427/0x4c0 [ 159.168630] ? __pfx_lock_release+0x10/0x10 [ 159.169037] ? __kasan_check_write+0x18/0x20 [ 159.169446] ? do_raw_spin_lock+0x132/0x2a0 [ 159.169849] ? __pfx_do_exit+0x10/0x10 [ 159.170220] ? debug_smp_processor_id+0x20/0x30 [ 159.170688] ? rcu_is_watching+0x19/0xb0 [ 159.171071] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.171506] ? trace_hardirqs_on+0x26/0x120 [ 159.171913] do_group_exit+0xe0/0x2b0 [ 159.172272] __x64_sys_exit_group+0x47/0x50 [ 159.172680] do_syscall_64+0x3b/0x90 [ 159.173033] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.173510] RIP: 0033:0x7f4b87518a4d [ 159.173855] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.174437] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.175183] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.175848] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.176506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.177158] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.177811] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.178479] [ 159.178719] irq event stamp: 0 [ 159.179012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.179618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.180391] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.181154] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.181735] ---[ end trace 0000000000000000 ]--- [ 159.186225] ------------[ cut here ]------------ [ 159.186903] WARNING: CPU: 0 PID: 1498 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.187905] Modules linked in: [ 159.188210] CPU: 0 PID: 1498 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.189044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.190092] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.190606] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.192331] RSP: 0018:ffff888017aafbb8 EFLAGS: 00010246 [ 159.192848] RAX: 0000000000000000 RBX: ffff8880161cc0a8 RCX: 0000000000000000 [ 159.193521] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 159.194187] RBP: ffff888017aafbd0 R08: ffffed1002c39833 R09: ffffed1002c39833 [ 159.194902] R10: ffff8880161cc193 R11: ffffed1002c39832 R12: ffff88800ae93800 [ 159.195600] R13: ffff8880161cc1e8 R14: ffffffff8352e670 R15: ffff888017aafe68 [ 159.196280] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.197055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.197614] CR2: 0000000020000140 CR3: 0000000017b90000 CR4: 0000000000750ef0 [ 159.198294] PKRU: 55555554 [ 159.198612] Call Trace: [ 159.198861] [ 159.199084] __iommufd_access_detach+0x1c2/0x2b0 [ 159.199569] iommufd_access_change_pt+0x149/0x270 [ 159.200038] iommufd_access_replace+0xb4/0x120 [ 159.200487] iommufd_test+0x3e5/0x37e0 [ 159.200859] ? lock_release+0x532/0x770 [ 159.201246] ? __might_fault+0x102/0x1b0 [ 159.201643] ? lock_acquire+0x427/0x4c0 [ 159.202034] ? __pfx_iommufd_test+0x10/0x10 [ 159.202454] ? __pfx_lock_release+0x10/0x10 [ 159.202928] ? __pfx_lock_acquire+0x10/0x10 [ 159.203381] ? write_comp_data+0x2f/0x90 [ 159.203786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.204260] ? write_comp_data+0x2f/0x90 [ 159.204655] iommufd_fops_ioctl+0x37d/0x510 [ 159.205074] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.205536] ? write_comp_data+0x2f/0x90 [ 159.205933] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.206398] __x64_sys_ioctl+0x1a3/0x230 [ 159.206847] do_syscall_64+0x3b/0x90 [ 159.207224] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.207736] RIP: 0033:0x7f4b8743ee5d [ 159.208097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.209805] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.210561] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.211247] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.211919] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.212584] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.213258] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.213950] [ 159.214172] irq event stamp: 0 [ 159.214471] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.215148] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.215946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.216734] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.217328] ---[ end trace 0000000000000000 ]--- [ 159.220444] ------------[ cut here ]------------ [ 159.220929] WARNING: CPU: 0 PID: 1498 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.221873] Modules linked in: [ 159.222177] CPU: 0 PID: 1498 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.223103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.224195] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.224684] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.226411] RSP: 0018:ffff888017aafbd0 EFLAGS: 00010246 [ 159.226966] RAX: 0000000000000000 RBX: ffff8880161cc0a8 RCX: 0000000000000000 [ 159.227663] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 159.228344] RBP: ffff888017aafbe8 R08: ffffed1002c39833 R09: ffffed1002c39833 [ 159.229033] R10: ffff8880161cc193 R11: ffffed1002c39832 R12: ffff888014583800 [ 159.229735] R13: ffff8880161cc1e8 R14: ffff88800efd0300 R15: 0000000000000000 [ 159.230421] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.231263] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.231798] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.232496] PKRU: 55555554 [ 159.232779] Call Trace: [ 159.233029] [ 159.233250] iommufd_access_destroy_object+0x65/0x170 [ 159.233764] iommufd_object_destroy_user+0x18e/0x220 [ 159.234259] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.234861] iommufd_access_destroy+0x43/0x70 [ 159.235327] iommufd_test_staccess_release+0x8d/0xd0 [ 159.235824] __fput+0x26d/0xa40 [ 159.236162] ____fput+0x1e/0x30 [ 159.236489] task_work_run+0x1a4/0x2d0 [ 159.236874] ? __pfx_task_work_run+0x10/0x10 [ 159.237308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.237781] ? switch_task_namespaces+0xa9/0xe0 [ 159.238249] do_exit+0xb17/0x2ef0 [ 159.238642] ? lock_acquire+0x427/0x4c0 [ 159.239039] ? __pfx_lock_release+0x10/0x10 [ 159.239475] ? __kasan_check_write+0x18/0x20 [ 159.239911] ? do_raw_spin_lock+0x132/0x2a0 [ 159.240335] ? __pfx_do_exit+0x10/0x10 [ 159.240725] ? debug_smp_processor_id+0x20/0x30 [ 159.241177] ? rcu_is_watching+0x19/0xb0 [ 159.241569] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.242014] ? trace_hardirqs_on+0x26/0x120 [ 159.242444] do_group_exit+0xe0/0x2b0 [ 159.242851] __x64_sys_exit_group+0x47/0x50 [ 159.243292] do_syscall_64+0x3b/0x90 [ 159.243667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.244171] RIP: 0033:0x7f4b87518a4d [ 159.244524] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.245108] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.245827] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.246549] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.247242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.247917] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.248591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.249274] [ 159.249498] irq event stamp: 0 [ 159.249798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.250399] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.251229] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.252029] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.252629] ---[ end trace 0000000000000000 ]--- [ 159.253476] ------------[ cut here ]------------ [ 159.253933] WARNING: CPU: 0 PID: 1498 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.254944] Modules linked in: [ 159.255267] CPU: 0 PID: 1498 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.256108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.257185] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.257681] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.259710] RSP: 0018:ffff888017aafb78 EFLAGS: 00010246 [ 159.260239] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.260945] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 159.261654] RBP: ffff888017aafb98 R08: ffffed1002c3983e R09: ffffed1002c3983e [ 159.262343] R10: ffff8880161cc1ef R11: ffffed1002c3983d R12: ffff8880161cc290 [ 159.263061] R13: ffff8880161cc0a8 R14: ffffffffffffffff R15: ffff888017aafc60 [ 159.263742] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.264513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.265065] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.265739] PKRU: 55555554 [ 159.266014] Call Trace: [ 159.266261] [ 159.266487] iommufd_ioas_destroy+0x53/0x70 [ 159.266947] iommufd_fops_release+0x1f7/0x370 [ 159.267406] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.267889] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.268369] ? write_comp_data+0x2f/0x90 [ 159.268780] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.269267] __fput+0x26d/0xa40 [ 159.269600] ____fput+0x1e/0x30 [ 159.269930] task_work_run+0x1a4/0x2d0 [ 159.270313] ? __pfx_task_work_run+0x10/0x10 [ 159.270771] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.271260] ? switch_task_namespaces+0xa9/0xe0 [ 159.271721] do_exit+0xb17/0x2ef0 [ 159.272049] ? lock_acquire+0x427/0x4c0 [ 159.272442] ? __pfx_lock_release+0x10/0x10 [ 159.272862] ? __kasan_check_write+0x18/0x20 [ 159.273306] ? do_raw_spin_lock+0x132/0x2a0 [ 159.273753] ? __pfx_do_exit+0x10/0x10 [ 159.274144] ? debug_smp_processor_id+0x20/0x30 [ 159.274640] ? rcu_is_watching+0x19/0xb0 [ 159.275038] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.275501] ? trace_hardirqs_on+0x26/0x120 [ 159.275942] do_group_exit+0xe0/0x2b0 [ 159.276322] __x64_sys_exit_group+0x47/0x50 [ 159.276745] do_syscall_64+0x3b/0x90 [ 159.277124] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.277643] RIP: 0033:0x7f4b87518a4d [ 159.278004] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.278647] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.279713] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.280633] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.281330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.282015] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.282774] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.283492] [ 159.283719] irq event stamp: 0 [ 159.284019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.284638] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.285436] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.286224] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.286855] ---[ end trace 0000000000000000 ]--- [ 159.294605] ------------[ cut here ]------------ [ 159.295216] WARNING: CPU: 0 PID: 1499 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.296462] Modules linked in: [ 159.296782] CPU: 0 PID: 1499 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.297619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.298815] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.299462] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.301196] RSP: 0018:ffff88801812fbb8 EFLAGS: 00010246 [ 159.301719] RAX: 0000000000000000 RBX: ffff888013efe0a8 RCX: 0000000000000000 [ 159.302627] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 159.303479] RBP: ffff88801812fbd0 R08: ffffed10027dfc33 R09: ffffed10027dfc33 [ 159.304162] R10: ffff888013efe193 R11: ffffed10027dfc32 R12: ffff888018b8bc00 [ 159.304841] R13: ffff888013efe1e8 R14: ffffffff8352e670 R15: ffff88801812fe68 [ 159.305529] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.306640] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.307206] CR2: 00007f4b877410e8 CR3: 0000000017b90000 CR4: 0000000000750ef0 [ 159.307886] PKRU: 55555554 [ 159.308166] Call Trace: [ 159.308413] [ 159.308631] __iommufd_access_detach+0x1c2/0x2b0 [ 159.309118] iommufd_access_change_pt+0x149/0x270 [ 159.309781] iommufd_access_replace+0xb4/0x120 [ 159.310238] iommufd_test+0x3e5/0x37e0 [ 159.310649] ? lock_release+0x532/0x770 [ 159.311042] ? __might_fault+0x102/0x1b0 [ 159.311453] ? lock_acquire+0x427/0x4c0 [ 159.311849] ? __pfx_iommufd_test+0x10/0x10 [ 159.312312] ? __pfx_lock_release+0x10/0x10 [ 159.312978] ? __pfx_lock_acquire+0x10/0x10 [ 159.313416] ? write_comp_data+0x2f/0x90 [ 159.313822] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.314305] ? write_comp_data+0x2f/0x90 [ 159.314752] iommufd_fops_ioctl+0x37d/0x510 [ 159.315197] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.315712] ? write_comp_data+0x2f/0x90 [ 159.316316] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.316787] __x64_sys_ioctl+0x1a3/0x230 [ 159.317197] do_syscall_64+0x3b/0x90 [ 159.317568] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.318064] RIP: 0033:0x7f4b8743ee5d [ 159.318434] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.320479] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.321213] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.321896] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.322607] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.323307] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.323993] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.324703] [ 159.324937] irq event stamp: 0 [ 159.325248] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.325854] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.326701] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.327525] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.328131] ---[ end trace 0000000000000000 ]--- [ 159.331549] ------------[ cut here ]------------ [ 159.332037] WARNING: CPU: 0 PID: 1499 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.333104] Modules linked in: [ 159.333643] CPU: 0 PID: 1499 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.334594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.335770] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.336288] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.338676] RSP: 0018:ffff88801812fbd0 EFLAGS: 00010246 [ 159.339261] RAX: 0000000000000000 RBX: ffff888013efe0a8 RCX: 0000000000000000 [ 159.339993] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 159.340733] RBP: ffff88801812fbe8 R08: ffffed10027dfc33 R09: ffffed10027dfc33 [ 159.341476] R10: ffff888013efe193 R11: ffffed10027dfc32 R12: ffff88800ae92000 [ 159.342399] R13: ffff888013efe1e8 R14: ffff88800f48bc00 R15: 0000000000000000 [ 159.343495] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.344345] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.344955] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.345697] PKRU: 55555554 [ 159.346001] Call Trace: [ 159.346277] [ 159.346548] iommufd_access_destroy_object+0x65/0x170 [ 159.347282] iommufd_object_destroy_user+0x18e/0x220 [ 159.348016] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.348634] iommufd_access_destroy+0x43/0x70 [ 159.349115] iommufd_test_staccess_release+0x8d/0xd0 [ 159.349660] __fput+0x26d/0xa40 [ 159.350025] ____fput+0x1e/0x30 [ 159.350376] task_work_run+0x1a4/0x2d0 [ 159.350840] ? __pfx_task_work_run+0x10/0x10 [ 159.351328] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.351913] ? switch_task_namespaces+0xa9/0xe0 [ 159.352580] do_exit+0xb17/0x2ef0 [ 159.353127] ? lock_acquire+0x427/0x4c0 [ 159.353560] ? __pfx_lock_release+0x10/0x10 [ 159.354029] ? __kasan_check_write+0x18/0x20 [ 159.354500] ? do_raw_spin_lock+0x132/0x2a0 [ 159.354998] ? __pfx_do_exit+0x10/0x10 [ 159.355432] ? debug_smp_processor_id+0x20/0x30 [ 159.355920] ? rcu_is_watching+0x19/0xb0 [ 159.356346] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.356971] ? trace_hardirqs_on+0x26/0x120 [ 159.357578] do_group_exit+0xe0/0x2b0 [ 159.358177] __x64_sys_exit_group+0x47/0x50 [ 159.358670] do_syscall_64+0x3b/0x90 [ 159.359076] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.359643] RIP: 0033:0x7f4b87518a4d [ 159.360034] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.360680] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.361469] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.362434] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.363448] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.364192] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.364929] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.365681] [ 159.365929] irq event stamp: 0 [ 159.366262] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.367109] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.368185] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.369052] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.369711] ---[ end trace 0000000000000000 ]--- [ 159.371352] ------------[ cut here ]------------ [ 159.371869] WARNING: CPU: 0 PID: 1499 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.372917] Modules linked in: [ 159.373250] CPU: 0 PID: 1499 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.374317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.375962] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.376507] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.378364] RSP: 0018:ffff88801812fb78 EFLAGS: 00010246 [ 159.378957] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.379726] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 159.380479] RBP: ffff88801812fb98 R08: ffffed10027dfc3e R09: ffffed10027dfc3e [ 159.381232] R10: ffff888013efe1ef R11: ffffed10027dfc3d R12: ffff888013efe290 [ 159.381983] R13: ffff888013efe0a8 R14: ffffffffffffffff R15: ffff88801812fc60 [ 159.382766] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.383629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.384241] CR2: 00007f82e2f98018 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 159.384988] PKRU: 55555554 [ 159.385289] Call Trace: [ 159.385564] [ 159.385813] iommufd_ioas_destroy+0x53/0x70 [ 159.386285] iommufd_fops_release+0x1f7/0x370 [ 159.386811] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.387367] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.387896] ? write_comp_data+0x2f/0x90 [ 159.388344] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.388882] __fput+0x26d/0xa40 [ 159.389255] ____fput+0x1e/0x30 [ 159.389617] task_work_run+0x1a4/0x2d0 [ 159.390039] ? __pfx_task_work_run+0x10/0x10 [ 159.390549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.391071] ? switch_task_namespaces+0xa9/0xe0 [ 159.391599] do_exit+0xb17/0x2ef0 [ 159.391967] ? lock_acquire+0x427/0x4c0 [ 159.392402] ? __pfx_lock_release+0x10/0x10 [ 159.392865] ? __kasan_check_write+0x18/0x20 [ 159.393336] ? do_raw_spin_lock+0x132/0x2a0 [ 159.393806] ? __pfx_do_exit+0x10/0x10 [ 159.394231] ? debug_smp_processor_id+0x20/0x30 [ 159.394769] ? rcu_is_watching+0x19/0xb0 [ 159.395221] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.395714] ? trace_hardirqs_on+0x26/0x120 [ 159.396180] do_group_exit+0xe0/0x2b0 [ 159.396588] __x64_sys_exit_group+0x47/0x50 [ 159.397044] do_syscall_64+0x3b/0x90 [ 159.397454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.398010] RIP: 0033:0x7f4b87518a4d [ 159.398405] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.399091] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.399913] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.400663] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.401413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.402152] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.402937] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.403727] [ 159.403988] irq event stamp: 0 [ 159.404320] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.404987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.405870] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.406783] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.407461] ---[ end trace 0000000000000000 ]--- [ 159.413332] ------------[ cut here ]------------ [ 159.414121] WARNING: CPU: 0 PID: 1500 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.415458] Modules linked in: [ 159.415796] CPU: 0 PID: 1500 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.416708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.417879] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.418811] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.420954] RSP: 0018:ffff888015ccfbb8 EFLAGS: 00010246 [ 159.421514] RAX: 0000000000000000 RBX: ffff8880181d20a8 RCX: 0000000000000000 [ 159.422251] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 159.423109] RBP: ffff888015ccfbd0 R08: ffffed100303a433 R09: ffffed100303a433 [ 159.424159] R10: ffff8880181d2193 R11: ffffed100303a432 R12: ffff888012b67400 [ 159.424910] R13: ffff8880181d21e8 R14: ffffffff8352e670 R15: ffff888015ccfe68 [ 159.425651] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.426495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.427176] CR2: 0000000020000140 CR3: 00000000148b0000 CR4: 0000000000750ef0 [ 159.427959] PKRU: 55555554 [ 159.428346] Call Trace: [ 159.428719] [ 159.429141] __iommufd_access_detach+0x1c2/0x2b0 [ 159.429653] iommufd_access_change_pt+0x149/0x270 [ 159.430157] iommufd_access_replace+0xb4/0x120 [ 159.430680] iommufd_test+0x3e5/0x37e0 [ 159.431095] ? lock_release+0x532/0x770 [ 159.431543] ? __might_fault+0x102/0x1b0 [ 159.431981] ? lock_acquire+0x427/0x4c0 [ 159.432409] ? __pfx_iommufd_test+0x10/0x10 [ 159.432884] ? __pfx_lock_release+0x10/0x10 [ 159.433477] ? __pfx_lock_acquire+0x10/0x10 [ 159.434060] ? write_comp_data+0x2f/0x90 [ 159.434645] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.435178] ? write_comp_data+0x2f/0x90 [ 159.435609] iommufd_fops_ioctl+0x37d/0x510 [ 159.436062] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.436566] ? write_comp_data+0x2f/0x90 [ 159.437007] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.437528] __x64_sys_ioctl+0x1a3/0x230 [ 159.438074] do_syscall_64+0x3b/0x90 [ 159.438657] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.439385] RIP: 0033:0x7f4b8743ee5d [ 159.439801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.441705] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.442549] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.443512] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.444506] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.445239] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.445962] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.446735] [ 159.446974] irq event stamp: 0 [ 159.447308] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.448167] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.449236] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.450079] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.450743] ---[ end trace 0000000000000000 ]--- [ 159.454606] ------------[ cut here ]------------ [ 159.455141] WARNING: CPU: 0 PID: 1500 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.456464] Modules linked in: [ 159.456791] CPU: 0 PID: 1500 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.457673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.459106] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.459635] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.461506] RSP: 0018:ffff888015ccfbd0 EFLAGS: 00010246 [ 159.462053] RAX: 0000000000000000 RBX: ffff8880181d20a8 RCX: 0000000000000000 [ 159.462825] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 159.463566] RBP: ffff888015ccfbe8 R08: ffffed100303a433 R09: ffffed100303a433 [ 159.464281] R10: ffff8880181d2193 R11: ffffed100303a432 R12: ffff888018b89400 [ 159.464987] R13: ffff8880181d21e8 R14: ffff8880121bc400 R15: 0000000000000000 [ 159.465644] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.466385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.466951] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.467656] PKRU: 55555554 [ 159.467922] Call Trace: [ 159.468164] [ 159.468373] iommufd_access_destroy_object+0x65/0x170 [ 159.468863] iommufd_object_destroy_user+0x18e/0x220 [ 159.469346] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.469891] iommufd_access_destroy+0x43/0x70 [ 159.470321] iommufd_test_staccess_release+0x8d/0xd0 [ 159.470825] __fput+0x26d/0xa40 [ 159.471162] ____fput+0x1e/0x30 [ 159.471487] task_work_run+0x1a4/0x2d0 [ 159.471857] ? __pfx_task_work_run+0x10/0x10 [ 159.472270] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.472730] ? switch_task_namespaces+0xa9/0xe0 [ 159.473167] do_exit+0xb17/0x2ef0 [ 159.473494] ? lock_acquire+0x427/0x4c0 [ 159.473869] ? __pfx_lock_release+0x10/0x10 [ 159.474266] ? __kasan_check_write+0x18/0x20 [ 159.474692] ? do_raw_spin_lock+0x132/0x2a0 [ 159.475093] ? __pfx_do_exit+0x10/0x10 [ 159.475471] ? debug_smp_processor_id+0x20/0x30 [ 159.475904] ? rcu_is_watching+0x19/0xb0 [ 159.476279] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.476707] ? trace_hardirqs_on+0x26/0x120 [ 159.477107] do_group_exit+0xe0/0x2b0 [ 159.477435] __x64_sys_exit_group+0x47/0x50 [ 159.477804] do_syscall_64+0x3b/0x90 [ 159.478134] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.478607] RIP: 0033:0x7f4b87518a4d [ 159.478931] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.479479] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.480127] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.480733] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.481342] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.481950] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.482591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.483218] [ 159.483422] irq event stamp: 0 [ 159.483695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.484230] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.484955] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.485680] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.486229] ---[ end trace 0000000000000000 ]--- [ 159.487099] ------------[ cut here ]------------ [ 159.487646] WARNING: CPU: 0 PID: 1500 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.488666] Modules linked in: [ 159.488948] CPU: 0 PID: 1500 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.489787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.491159] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.491619] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.493396] RSP: 0018:ffff888015ccfb78 EFLAGS: 00010246 [ 159.493902] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.494699] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 159.495339] RBP: ffff888015ccfb98 R08: ffffed100303a43e R09: ffffed100303a43e [ 159.495960] R10: ffff8880181d21ef R11: ffffed100303a43d R12: ffff8880181d2290 [ 159.496775] R13: ffff8880181d20a8 R14: ffffffffffffffff R15: ffff888015ccfc60 [ 159.497391] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.498174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.498797] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.499429] PKRU: 55555554 [ 159.499676] Call Trace: [ 159.499902] [ 159.500130] iommufd_ioas_destroy+0x53/0x70 [ 159.500650] iommufd_fops_release+0x1f7/0x370 [ 159.501048] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.501483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.501959] ? write_comp_data+0x2f/0x90 [ 159.502449] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.502912] __fput+0x26d/0xa40 [ 159.503226] ____fput+0x1e/0x30 [ 159.503523] task_work_run+0x1a4/0x2d0 [ 159.503870] ? __pfx_task_work_run+0x10/0x10 [ 159.504339] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.504856] ? switch_task_namespaces+0xa9/0xe0 [ 159.505275] do_exit+0xb17/0x2ef0 [ 159.505586] ? lock_acquire+0x427/0x4c0 [ 159.505981] ? __pfx_lock_release+0x10/0x10 [ 159.506495] ? __kasan_check_write+0x18/0x20 [ 159.506929] ? do_raw_spin_lock+0x132/0x2a0 [ 159.507334] ? __pfx_do_exit+0x10/0x10 [ 159.507692] ? debug_smp_processor_id+0x20/0x30 [ 159.508103] ? rcu_is_watching+0x19/0xb0 [ 159.508524] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.509024] ? trace_hardirqs_on+0x26/0x120 [ 159.509411] do_group_exit+0xe0/0x2b0 [ 159.509756] __x64_sys_exit_group+0x47/0x50 [ 159.510215] do_syscall_64+0x3b/0x90 [ 159.510710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.511188] RIP: 0033:0x7f4b87518a4d [ 159.511518] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.512053] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.512904] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.513530] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.514226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.515017] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.515653] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.516318] [ 159.516571] irq event stamp: 0 [ 159.516935] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.517493] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.518298] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.519187] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.519746] ---[ end trace 0000000000000000 ]--- [ 159.523927] ------------[ cut here ]------------ [ 159.524584] WARNING: CPU: 0 PID: 1501 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.525471] Modules linked in: [ 159.525751] CPU: 0 PID: 1501 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.526717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.527711] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.528155] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.529770] RSP: 0018:ffff88801812fbb8 EFLAGS: 00010246 [ 159.530231] RAX: 0000000000000000 RBX: ffff8880121f80a8 RCX: 0000000000000000 [ 159.530874] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 159.531507] RBP: ffff88801812fbd0 R08: ffffed100243f033 R09: ffffed100243f033 [ 159.532129] R10: ffff8880121f8193 R11: ffffed100243f032 R12: ffff88801422d000 [ 159.532750] R13: ffff8880121f81e8 R14: ffffffff8352e670 R15: ffff88801812fe68 [ 159.533377] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.534072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.534597] CR2: 00007f4b877410e8 CR3: 00000000148b0000 CR4: 0000000000750ef0 [ 159.535229] PKRU: 55555554 [ 159.535478] Call Trace: [ 159.535700] [ 159.535895] __iommufd_access_detach+0x1c2/0x2b0 [ 159.536318] iommufd_access_change_pt+0x149/0x270 [ 159.536744] iommufd_access_replace+0xb4/0x120 [ 159.537157] iommufd_test+0x3e5/0x37e0 [ 159.537495] ? lock_release+0x532/0x770 [ 159.537848] ? __might_fault+0x102/0x1b0 [ 159.538208] ? lock_acquire+0x427/0x4c0 [ 159.538593] ? __pfx_iommufd_test+0x10/0x10 [ 159.538966] ? __pfx_lock_release+0x10/0x10 [ 159.539360] ? __pfx_lock_acquire+0x10/0x10 [ 159.539744] ? write_comp_data+0x2f/0x90 [ 159.540110] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.540540] ? write_comp_data+0x2f/0x90 [ 159.540898] iommufd_fops_ioctl+0x37d/0x510 [ 159.541277] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.541699] ? write_comp_data+0x2f/0x90 [ 159.542059] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.542483] __x64_sys_ioctl+0x1a3/0x230 [ 159.542876] do_syscall_64+0x3b/0x90 [ 159.543222] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.543675] RIP: 0033:0x7f4b8743ee5d [ 159.544000] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.545555] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.546205] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.546837] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.547473] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.548081] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.548691] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.549312] [ 159.549517] irq event stamp: 0 [ 159.549793] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.550333] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.551076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.551808] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.552352] ---[ end trace 0000000000000000 ]--- [ 159.555520] ------------[ cut here ]------------ [ 159.555940] WARNING: CPU: 0 PID: 1501 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.556805] Modules linked in: [ 159.557137] CPU: 0 PID: 1501 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.558003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.559092] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.559635] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.561324] RSP: 0018:ffff88801812fbd0 EFLAGS: 00010246 [ 159.561973] RAX: 0000000000000000 RBX: ffff8880121f80a8 RCX: 0000000000000000 [ 159.562622] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 159.563259] RBP: ffff88801812fbe8 R08: ffffed100243f033 R09: ffffed100243f033 [ 159.564071] R10: ffff8880121f8193 R11: ffffed100243f032 R12: ffff888012b65800 [ 159.564695] R13: ffff8880121f81e8 R14: ffff888016e16b00 R15: 0000000000000000 [ 159.565354] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.566215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.566746] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.567380] PKRU: 55555554 [ 159.567697] Call Trace: [ 159.568030] [ 159.568231] iommufd_access_destroy_object+0x65/0x170 [ 159.568697] iommufd_object_destroy_user+0x18e/0x220 [ 159.569152] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.569844] iommufd_access_destroy+0x43/0x70 [ 159.570250] iommufd_test_staccess_release+0x8d/0xd0 [ 159.570729] __fput+0x26d/0xa40 [ 159.571039] ____fput+0x1e/0x30 [ 159.571355] task_work_run+0x1a4/0x2d0 [ 159.571796] ? __pfx_task_work_run+0x10/0x10 [ 159.572294] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.572729] ? switch_task_namespaces+0xa9/0xe0 [ 159.573153] do_exit+0xb17/0x2ef0 [ 159.573489] ? lock_acquire+0x427/0x4c0 [ 159.573981] ? __pfx_lock_release+0x10/0x10 [ 159.574370] ? __kasan_check_write+0x18/0x20 [ 159.574784] ? do_raw_spin_lock+0x132/0x2a0 [ 159.575180] ? __pfx_do_exit+0x10/0x10 [ 159.575539] ? debug_smp_processor_id+0x20/0x30 [ 159.576116] ? rcu_is_watching+0x19/0xb0 [ 159.576479] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.576880] ? trace_hardirqs_on+0x26/0x120 [ 159.577265] do_group_exit+0xe0/0x2b0 [ 159.577677] __x64_sys_exit_group+0x47/0x50 [ 159.578153] do_syscall_64+0x3b/0x90 [ 159.578493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.578982] RIP: 0033:0x7f4b87518a4d [ 159.579318] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.579924] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.580692] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.581320] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.582110] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.582758] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.583397] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.584115] [ 159.584393] irq event stamp: 0 [ 159.584671] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.585227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.586145] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.586895] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.587457] ---[ end trace 0000000000000000 ]--- [ 159.588391] ------------[ cut here ]------------ [ 159.588793] WARNING: CPU: 0 PID: 1501 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.589749] Modules linked in: [ 159.590122] CPU: 0 PID: 1501 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.590912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.592091] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.592551] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.594321] RSP: 0018:ffff88801812fb78 EFLAGS: 00010246 [ 159.594814] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.595446] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 159.596253] RBP: ffff88801812fb98 R08: ffffed100243f03e R09: ffffed100243f03e [ 159.596875] R10: ffff8880121f81ef R11: ffffed100243f03d R12: ffff8880121f8290 [ 159.597574] R13: ffff8880121f80a8 R14: ffffffffffffffff R15: ffff88801812fc60 [ 159.598302] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.599031] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.599589] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.600365] PKRU: 55555554 [ 159.600617] Call Trace: [ 159.600842] [ 159.601044] iommufd_ioas_destroy+0x53/0x70 [ 159.601488] iommufd_fops_release+0x1f7/0x370 [ 159.601986] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.602434] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.602900] ? write_comp_data+0x2f/0x90 [ 159.603282] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.603806] __fput+0x26d/0xa40 [ 159.604216] ____fput+0x1e/0x30 [ 159.604521] task_work_run+0x1a4/0x2d0 [ 159.604873] ? __pfx_task_work_run+0x10/0x10 [ 159.605264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.605877] ? switch_task_namespaces+0xa9/0xe0 [ 159.606293] do_exit+0xb17/0x2ef0 [ 159.606623] ? lock_acquire+0x427/0x4c0 [ 159.606983] ? __pfx_lock_release+0x10/0x10 [ 159.607382] ? __kasan_check_write+0x18/0x20 [ 159.607822] ? do_raw_spin_lock+0x132/0x2a0 [ 159.608326] ? __pfx_do_exit+0x10/0x10 [ 159.608683] ? debug_smp_processor_id+0x20/0x30 [ 159.609093] ? rcu_is_watching+0x19/0xb0 [ 159.609452] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.609853] ? trace_hardirqs_on+0x26/0x120 [ 159.610235] do_group_exit+0xe0/0x2b0 [ 159.610600] __x64_sys_exit_group+0x47/0x50 [ 159.610979] do_syscall_64+0x3b/0x90 [ 159.611338] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.611810] RIP: 0033:0x7f4b87518a4d [ 159.612143] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.612678] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.613343] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.613959] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.614610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.615250] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.615858] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.616475] [ 159.616679] irq event stamp: 0 [ 159.616952] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.617500] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.618240] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.618977] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.619527] ---[ end trace 0000000000000000 ]--- [ 159.623788] ------------[ cut here ]------------ [ 159.624229] WARNING: CPU: 0 PID: 1502 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.625092] Modules linked in: [ 159.625365] CPU: 0 PID: 1502 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.626106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.627184] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.627611] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.629157] RSP: 0018:ffff888012c1fbb8 EFLAGS: 00010246 [ 159.629620] RAX: 0000000000000000 RBX: ffff88801609a8a8 RCX: 0000000000000000 [ 159.630224] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 159.630848] RBP: ffff888012c1fbd0 R08: ffffed1002c13533 R09: ffffed1002c13533 [ 159.631466] R10: ffff88801609a993 R11: ffffed1002c13532 R12: ffff888010c0b000 [ 159.632082] R13: ffff88801609a9e8 R14: ffffffff8352e670 R15: ffff888012c1fe68 [ 159.632688] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.633385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.633879] CR2: 0000000020000140 CR3: 0000000014752000 CR4: 0000000000750ef0 [ 159.634476] PKRU: 55555554 [ 159.634734] Call Trace: [ 159.634951] [ 159.635152] __iommufd_access_detach+0x1c2/0x2b0 [ 159.635571] iommufd_access_change_pt+0x149/0x270 [ 159.635987] iommufd_access_replace+0xb4/0x120 [ 159.636381] iommufd_test+0x3e5/0x37e0 [ 159.636708] ? lock_release+0x532/0x770 [ 159.637052] ? __might_fault+0x102/0x1b0 [ 159.637406] ? lock_acquire+0x427/0x4c0 [ 159.637753] ? __pfx_iommufd_test+0x10/0x10 [ 159.638116] ? __pfx_lock_release+0x10/0x10 [ 159.638487] ? __pfx_lock_acquire+0x10/0x10 [ 159.638890] ? write_comp_data+0x2f/0x90 [ 159.639258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.639671] ? write_comp_data+0x2f/0x90 [ 159.640024] iommufd_fops_ioctl+0x37d/0x510 [ 159.640396] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.640815] ? write_comp_data+0x2f/0x90 [ 159.641171] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.641581] __x64_sys_ioctl+0x1a3/0x230 [ 159.641934] do_syscall_64+0x3b/0x90 [ 159.642261] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.642735] RIP: 0033:0x7f4b8743ee5d [ 159.643052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.644584] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.645226] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.645821] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.646426] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.647044] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.647656] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.648261] [ 159.648459] irq event stamp: 0 [ 159.648726] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.649259] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.649962] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.650686] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.651227] ---[ end trace 0000000000000000 ]--- [ 159.654039] ------------[ cut here ]------------ [ 159.654466] WARNING: CPU: 0 PID: 1502 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.655369] Modules linked in: [ 159.655645] CPU: 0 PID: 1502 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.656379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.657326] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.657745] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.659292] RSP: 0018:ffff888012c1fbd0 EFLAGS: 00010246 [ 159.659741] RAX: 0000000000000000 RBX: ffff88801609a8a8 RCX: 0000000000000000 [ 159.660338] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 159.660936] RBP: ffff888012c1fbe8 R08: ffffed1002c13533 R09: ffffed1002c13533 [ 159.661530] R10: ffff88801609a993 R11: ffffed1002c13532 R12: ffff88801422e400 [ 159.662127] R13: ffff88801609a9e8 R14: ffff88800fe3f100 R15: 0000000000000000 [ 159.662746] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.663433] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.663921] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.664523] PKRU: 55555554 [ 159.664763] Call Trace: [ 159.664979] [ 159.665169] iommufd_access_destroy_object+0x65/0x170 [ 159.665614] iommufd_object_destroy_user+0x18e/0x220 [ 159.666046] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.666556] iommufd_access_destroy+0x43/0x70 [ 159.666947] iommufd_test_staccess_release+0x8d/0xd0 [ 159.667394] __fput+0x26d/0xa40 [ 159.667689] ____fput+0x1e/0x30 [ 159.667978] task_work_run+0x1a4/0x2d0 [ 159.668320] ? __pfx_task_work_run+0x10/0x10 [ 159.668694] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.669112] ? switch_task_namespaces+0xa9/0xe0 [ 159.669512] do_exit+0xb17/0x2ef0 [ 159.669806] ? lock_acquire+0x427/0x4c0 [ 159.670153] ? __pfx_lock_release+0x10/0x10 [ 159.670541] ? __kasan_check_write+0x18/0x20 [ 159.670920] ? do_raw_spin_lock+0x132/0x2a0 [ 159.671297] ? __pfx_do_exit+0x10/0x10 [ 159.671633] ? debug_smp_processor_id+0x20/0x30 [ 159.672036] ? rcu_is_watching+0x19/0xb0 [ 159.672384] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.672773] ? trace_hardirqs_on+0x26/0x120 [ 159.673146] do_group_exit+0xe0/0x2b0 [ 159.673474] __x64_sys_exit_group+0x47/0x50 [ 159.673842] do_syscall_64+0x3b/0x90 [ 159.674168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.674630] RIP: 0033:0x7f4b87518a4d [ 159.674943] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.675474] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.676110] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.676705] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.677309] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.677909] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.678523] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.679150] [ 159.679350] irq event stamp: 0 [ 159.679616] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.680148] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.680845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.681536] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.682055] ---[ end trace 0000000000000000 ]--- [ 159.682804] ------------[ cut here ]------------ [ 159.683212] WARNING: CPU: 0 PID: 1502 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.684071] Modules linked in: [ 159.684338] CPU: 0 PID: 1502 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.685067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.686002] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.686433] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.687980] RSP: 0018:ffff888012c1fb78 EFLAGS: 00010246 [ 159.688429] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.689017] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 159.689633] RBP: ffff888012c1fb98 R08: ffffed1002c1353e R09: ffffed1002c1353e [ 159.690219] R10: ffff88801609a9ef R11: ffffed1002c1353d R12: ffff88801609aa90 [ 159.690823] R13: ffff88801609a8a8 R14: ffffffffffffffff R15: ffff888012c1fc60 [ 159.691425] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.692088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.692571] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.693162] PKRU: 55555554 [ 159.693397] Call Trace: [ 159.693609] [ 159.693796] iommufd_ioas_destroy+0x53/0x70 [ 159.694163] iommufd_fops_release+0x1f7/0x370 [ 159.694564] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.694986] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.695407] ? write_comp_data+0x2f/0x90 [ 159.695752] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.696171] __fput+0x26d/0xa40 [ 159.696464] ____fput+0x1e/0x30 [ 159.696747] task_work_run+0x1a4/0x2d0 [ 159.697082] ? __pfx_task_work_run+0x10/0x10 [ 159.697456] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.697880] ? switch_task_namespaces+0xa9/0xe0 [ 159.698282] do_exit+0xb17/0x2ef0 [ 159.698596] ? lock_acquire+0x427/0x4c0 [ 159.698938] ? __pfx_lock_release+0x10/0x10 [ 159.699321] ? __kasan_check_write+0x18/0x20 [ 159.699695] ? do_raw_spin_lock+0x132/0x2a0 [ 159.700054] ? __pfx_do_exit+0x10/0x10 [ 159.700389] ? debug_smp_processor_id+0x20/0x30 [ 159.700785] ? rcu_is_watching+0x19/0xb0 [ 159.701123] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.701507] ? trace_hardirqs_on+0x26/0x120 [ 159.701874] do_group_exit+0xe0/0x2b0 [ 159.702196] __x64_sys_exit_group+0x47/0x50 [ 159.702587] do_syscall_64+0x3b/0x90 [ 159.702911] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.703352] RIP: 0033:0x7f4b87518a4d [ 159.703661] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.704160] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.704782] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.705323] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.705912] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.706528] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.707135] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.707739] [ 159.707935] irq event stamp: 0 [ 159.708203] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.708727] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.709421] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.710108] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.710656] ---[ end trace 0000000000000000 ]--- [ 159.714887] ------------[ cut here ]------------ [ 159.715344] WARNING: CPU: 0 PID: 1503 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.716184] Modules linked in: [ 159.716450] CPU: 0 PID: 1503 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.717169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.718094] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.718626] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.720141] RSP: 0018:ffff88800fa8fbb8 EFLAGS: 00010246 [ 159.720581] RAX: 0000000000000000 RBX: ffff88800b8120a8 RCX: 0000000000000000 [ 159.721168] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 159.721762] RBP: ffff88800fa8fbd0 R08: ffffed1001702433 R09: ffffed1001702433 [ 159.722361] R10: ffff88800b812193 R11: ffffed1001702432 R12: ffff888013b14000 [ 159.722982] R13: ffff88800b8121e8 R14: ffffffff8352e670 R15: ffff88800fa8fe68 [ 159.723583] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.724248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.724731] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 159.725319] PKRU: 55555554 [ 159.725554] Call Trace: [ 159.725768] [ 159.725959] __iommufd_access_detach+0x1c2/0x2b0 [ 159.726370] iommufd_access_change_pt+0x149/0x270 [ 159.726813] iommufd_access_replace+0xb4/0x120 [ 159.727220] iommufd_test+0x3e5/0x37e0 [ 159.727553] ? lock_release+0x532/0x770 [ 159.727896] ? __might_fault+0x102/0x1b0 [ 159.728242] ? lock_acquire+0x427/0x4c0 [ 159.728585] ? __pfx_iommufd_test+0x10/0x10 [ 159.728944] ? __pfx_lock_release+0x10/0x10 [ 159.729311] ? __pfx_lock_acquire+0x10/0x10 [ 159.729676] ? write_comp_data+0x2f/0x90 [ 159.730023] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.730433] ? write_comp_data+0x2f/0x90 [ 159.730815] iommufd_fops_ioctl+0x37d/0x510 [ 159.731193] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.731604] ? write_comp_data+0x2f/0x90 [ 159.731954] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.732359] __x64_sys_ioctl+0x1a3/0x230 [ 159.732711] do_syscall_64+0x3b/0x90 [ 159.733038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.733481] RIP: 0033:0x7f4b8743ee5d [ 159.733792] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.735334] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.735968] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.736559] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.737151] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.737741] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.738332] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.738957] [ 159.739166] irq event stamp: 0 [ 159.739431] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.739959] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.740660] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.741351] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.741870] ---[ end trace 0000000000000000 ]--- [ 159.744653] ------------[ cut here ]------------ [ 159.745083] WARNING: CPU: 0 PID: 1503 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.745921] Modules linked in: [ 159.746190] CPU: 0 PID: 1503 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.746955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.747911] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.748325] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.749856] RSP: 0018:ffff88800fa8fbd0 EFLAGS: 00010246 [ 159.750305] RAX: 0000000000000000 RBX: ffff88800b8120a8 RCX: 0000000000000000 [ 159.750918] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 159.751522] RBP: ffff88800fa8fbe8 R08: ffffed1001702433 R09: ffffed1001702433 [ 159.752110] R10: ffff88800b812193 R11: ffffed1001702432 R12: ffff888010c0ac00 [ 159.752702] R13: ffff88800b8121e8 R14: ffff88801426f500 R15: 0000000000000000 [ 159.753296] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.753975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.754458] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.755076] PKRU: 55555554 [ 159.755323] Call Trace: [ 159.755536] [ 159.755730] iommufd_access_destroy_object+0x65/0x170 [ 159.756172] iommufd_object_destroy_user+0x18e/0x220 [ 159.756599] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.757089] iommufd_access_destroy+0x43/0x70 [ 159.757477] iommufd_test_staccess_release+0x8d/0xd0 [ 159.757906] __fput+0x26d/0xa40 [ 159.758194] ____fput+0x1e/0x30 [ 159.758485] task_work_run+0x1a4/0x2d0 [ 159.758847] ? __pfx_task_work_run+0x10/0x10 [ 159.759239] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.759658] ? switch_task_namespaces+0xa9/0xe0 [ 159.760064] do_exit+0xb17/0x2ef0 [ 159.760357] ? lock_acquire+0x427/0x4c0 [ 159.760709] ? __pfx_lock_release+0x10/0x10 [ 159.761085] ? __kasan_check_write+0x18/0x20 [ 159.761458] ? do_raw_spin_lock+0x132/0x2a0 [ 159.761822] ? __pfx_do_exit+0x10/0x10 [ 159.762155] ? debug_smp_processor_id+0x20/0x30 [ 159.762577] ? rcu_is_watching+0x19/0xb0 [ 159.762926] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.763324] ? trace_hardirqs_on+0x26/0x120 [ 159.763692] do_group_exit+0xe0/0x2b0 [ 159.764018] __x64_sys_exit_group+0x47/0x50 [ 159.764382] do_syscall_64+0x3b/0x90 [ 159.764701] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.765137] RIP: 0033:0x7f4b87518a4d [ 159.765450] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.765959] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.766611] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.767224] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.767812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.768401] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.768989] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.769584] [ 159.769782] irq event stamp: 0 [ 159.770044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.770591] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.771301] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.772005] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.772530] ---[ end trace 0000000000000000 ]--- [ 159.773270] ------------[ cut here ]------------ [ 159.773676] WARNING: CPU: 0 PID: 1503 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.774590] Modules linked in: [ 159.774872] CPU: 0 PID: 1503 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.775630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.776591] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.777028] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.778589] RSP: 0018:ffff88800fa8fb78 EFLAGS: 00010246 [ 159.779038] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.779639] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 159.780243] RBP: ffff88800fa8fb98 R08: ffffed100170243e R09: ffffed100170243e [ 159.780846] R10: ffff88800b8121ef R11: ffffed100170243d R12: ffff88800b812290 [ 159.781450] R13: ffff88800b8120a8 R14: ffffffffffffffff R15: ffff88800fa8fc60 [ 159.782052] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.782748] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.783246] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.783849] PKRU: 55555554 [ 159.784094] Call Trace: [ 159.784310] [ 159.784503] iommufd_ioas_destroy+0x53/0x70 [ 159.784878] iommufd_fops_release+0x1f7/0x370 [ 159.785267] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.785698] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.786119] ? write_comp_data+0x2f/0x90 [ 159.786474] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.786927] __fput+0x26d/0xa40 [ 159.787242] ____fput+0x1e/0x30 [ 159.787537] task_work_run+0x1a4/0x2d0 [ 159.787882] ? __pfx_task_work_run+0x10/0x10 [ 159.788265] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.788697] ? switch_task_namespaces+0xa9/0xe0 [ 159.789105] do_exit+0xb17/0x2ef0 [ 159.789403] ? lock_acquire+0x427/0x4c0 [ 159.789751] ? __pfx_lock_release+0x10/0x10 [ 159.790129] ? __kasan_check_write+0x18/0x20 [ 159.790537] ? do_raw_spin_lock+0x132/0x2a0 [ 159.790911] ? __pfx_do_exit+0x10/0x10 [ 159.791271] ? debug_smp_processor_id+0x20/0x30 [ 159.791679] ? rcu_is_watching+0x19/0xb0 [ 159.792133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.792699] ? trace_hardirqs_on+0x26/0x120 [ 159.793081] do_group_exit+0xe0/0x2b0 [ 159.793407] __x64_sys_exit_group+0x47/0x50 [ 159.793766] do_syscall_64+0x3b/0x90 [ 159.794264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.794735] RIP: 0033:0x7f4b87518a4d [ 159.795049] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.795586] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.796416] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.797024] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.797653] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.798402] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.799031] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.799647] [ 159.799848] irq event stamp: 0 [ 159.800144] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.800857] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.801577] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.802479] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.803048] ---[ end trace 0000000000000000 ]--- [ 159.807328] ------------[ cut here ]------------ [ 159.807770] WARNING: CPU: 0 PID: 1504 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.808787] Modules linked in: [ 159.809064] CPU: 0 PID: 1504 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.809892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.810971] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.811411] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.812949] RSP: 0018:ffff888020fb7bb8 EFLAGS: 00010246 [ 159.813404] RAX: 0000000000000000 RBX: ffff8880244fe0a8 RCX: 0000000000000000 [ 159.814016] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 159.814652] RBP: ffff888020fb7bd0 R08: ffffed100489fc33 R09: ffffed100489fc33 [ 159.815264] R10: ffff8880244fe193 R11: ffffed100489fc32 R12: ffff888012b66c00 [ 159.815871] R13: ffff8880244fe1e8 R14: ffffffff8352e670 R15: ffff888020fb7e68 [ 159.816470] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.817152] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.817645] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 159.818250] PKRU: 55555554 [ 159.818495] Call Trace: [ 159.818732] [ 159.818927] __iommufd_access_detach+0x1c2/0x2b0 [ 159.819360] iommufd_access_change_pt+0x149/0x270 [ 159.819782] iommufd_access_replace+0xb4/0x120 [ 159.820183] iommufd_test+0x3e5/0x37e0 [ 159.820519] ? lock_release+0x532/0x770 [ 159.820869] ? __might_fault+0x102/0x1b0 [ 159.821223] ? lock_acquire+0x427/0x4c0 [ 159.821575] ? __pfx_iommufd_test+0x10/0x10 [ 159.821942] ? __pfx_lock_release+0x10/0x10 [ 159.822315] ? __pfx_lock_acquire+0x10/0x10 [ 159.822719] ? write_comp_data+0x2f/0x90 [ 159.823078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.823505] ? write_comp_data+0x2f/0x90 [ 159.823867] iommufd_fops_ioctl+0x37d/0x510 [ 159.824243] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.824666] ? write_comp_data+0x2f/0x90 [ 159.825020] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.825433] __x64_sys_ioctl+0x1a3/0x230 [ 159.825788] do_syscall_64+0x3b/0x90 [ 159.826113] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.826576] RIP: 0033:0x7f4b8743ee5d [ 159.826896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.828447] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.829082] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.829678] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.830275] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.830900] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.831520] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.832130] [ 159.832332] irq event stamp: 0 [ 159.832601] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.833132] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.833838] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.834555] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.835083] ---[ end trace 0000000000000000 ]--- [ 159.838193] ------------[ cut here ]------------ [ 159.838898] WARNING: CPU: 0 PID: 1504 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.839784] Modules linked in: [ 159.840092] CPU: 0 PID: 1504 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.840994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.841945] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.842374] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.843933] RSP: 0018:ffff888020fb7bd0 EFLAGS: 00010246 [ 159.844387] RAX: 0000000000000000 RBX: ffff8880244fe0a8 RCX: 0000000000000000 [ 159.844977] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 159.845563] RBP: ffff888020fb7be8 R08: ffffed100489fc33 R09: ffffed100489fc33 [ 159.846148] R10: ffff8880244fe193 R11: ffffed100489fc32 R12: ffff88800fd81000 [ 159.846768] R13: ffff8880244fe1e8 R14: ffff888020e13000 R15: 0000000000000000 [ 159.847380] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.848048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.848533] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.849135] PKRU: 55555554 [ 159.849378] Call Trace: [ 159.849593] [ 159.849788] iommufd_access_destroy_object+0x65/0x170 [ 159.850229] iommufd_object_destroy_user+0x18e/0x220 [ 159.850680] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.851191] iommufd_access_destroy+0x43/0x70 [ 159.851581] iommufd_test_staccess_release+0x8d/0xd0 [ 159.852022] __fput+0x26d/0xa40 [ 159.852322] ____fput+0x1e/0x30 [ 159.852609] task_work_run+0x1a4/0x2d0 [ 159.852949] ? __pfx_task_work_run+0x10/0x10 [ 159.853327] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.853749] ? switch_task_namespaces+0xa9/0xe0 [ 159.854153] do_exit+0xb17/0x2ef0 [ 159.854454] ? lock_acquire+0x427/0x4c0 [ 159.854823] ? __pfx_lock_release+0x10/0x10 [ 159.855212] ? __kasan_check_write+0x18/0x20 [ 159.855594] ? do_raw_spin_lock+0x132/0x2a0 [ 159.855956] ? __pfx_do_exit+0x10/0x10 [ 159.856293] ? debug_smp_processor_id+0x20/0x30 [ 159.856688] ? rcu_is_watching+0x19/0xb0 [ 159.857033] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.857417] ? trace_hardirqs_on+0x26/0x120 [ 159.857788] do_group_exit+0xe0/0x2b0 [ 159.858111] __x64_sys_exit_group+0x47/0x50 [ 159.858476] do_syscall_64+0x3b/0x90 [ 159.858830] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.859298] RIP: 0033:0x7f4b87518a4d [ 159.859616] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.860132] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.860778] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.861381] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.861983] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.862610] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.863228] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.863839] [ 159.864042] irq event stamp: 0 [ 159.864312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.864843] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.865554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.866253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.866811] ---[ end trace 0000000000000000 ]--- [ 159.867749] ------------[ cut here ]------------ [ 159.868333] WARNING: CPU: 0 PID: 1504 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.869202] Modules linked in: [ 159.869482] CPU: 0 PID: 1504 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.870392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.871400] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.871867] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.873575] RSP: 0018:ffff888020fb7b78 EFLAGS: 00010246 [ 159.874217] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.875035] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 159.875672] RBP: ffff888020fb7b98 R08: ffffed100489fc3e R09: ffffed100489fc3e [ 159.876274] R10: ffff8880244fe1ef R11: ffffed100489fc3d R12: ffff8880244fe290 [ 159.876982] R13: ffff8880244fe0a8 R14: ffffffffffffffff R15: ffff888020fb7c60 [ 159.877708] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.878385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.878903] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.879519] PKRU: 55555554 [ 159.879768] Call Trace: [ 159.879987] [ 159.880184] iommufd_ioas_destroy+0x53/0x70 [ 159.880667] iommufd_fops_release+0x1f7/0x370 [ 159.881226] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.881659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.882082] ? write_comp_data+0x2f/0x90 [ 159.882438] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.882893] __fput+0x26d/0xa40 [ 159.883203] ____fput+0x1e/0x30 [ 159.883490] task_work_run+0x1a4/0x2d0 [ 159.883830] ? __pfx_task_work_run+0x10/0x10 [ 159.884213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.884682] ? switch_task_namespaces+0xa9/0xe0 [ 159.885228] do_exit+0xb17/0x2ef0 [ 159.885523] ? lock_acquire+0x427/0x4c0 [ 159.885872] ? __pfx_lock_release+0x10/0x10 [ 159.886243] ? __kasan_check_write+0x18/0x20 [ 159.886650] ? do_raw_spin_lock+0x132/0x2a0 [ 159.887025] ? __pfx_do_exit+0x10/0x10 [ 159.887384] ? debug_smp_processor_id+0x20/0x30 [ 159.887783] ? rcu_is_watching+0x19/0xb0 [ 159.888137] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.888617] ? trace_hardirqs_on+0x26/0x120 [ 159.889084] do_group_exit+0xe0/0x2b0 [ 159.889411] __x64_sys_exit_group+0x47/0x50 [ 159.889779] do_syscall_64+0x3b/0x90 [ 159.890108] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.890584] RIP: 0033:0x7f4b87518a4d [ 159.890904] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.891430] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.892072] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.892882] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.893478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.894077] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.894698] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.895314] [ 159.895513] irq event stamp: 0 [ 159.895827] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.896537] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.897243] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.897942] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.898473] ---[ end trace 0000000000000000 ]--- [ 159.903361] ------------[ cut here ]------------ [ 159.903927] WARNING: CPU: 0 PID: 1505 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.904696] Modules linked in: [ 159.904941] CPU: 0 PID: 1505 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.905609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.906638] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.907020] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.908418] RSP: 0018:ffff8880245a7bb8 EFLAGS: 00010246 [ 159.908823] RAX: 0000000000000000 RBX: ffff88801873d8a8 RCX: 0000000000000000 [ 159.909378] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 159.909981] RBP: ffff8880245a7bd0 R08: ffffed10030e7b33 R09: ffffed10030e7b33 [ 159.910631] R10: ffff88801873d993 R11: ffffed10030e7b32 R12: ffff888018026400 [ 159.911182] R13: ffff88801873d9e8 R14: ffffffff8352e670 R15: ffff8880245a7e68 [ 159.911712] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.912310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.912746] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ef0 [ 159.913452] PKRU: 55555554 [ 159.913671] Call Trace: [ 159.913866] [ 159.914039] __iommufd_access_detach+0x1c2/0x2b0 [ 159.914415] iommufd_access_change_pt+0x149/0x270 [ 159.914819] iommufd_access_replace+0xb4/0x120 [ 159.915197] iommufd_test+0x3e5/0x37e0 [ 159.915500] ? lock_release+0x532/0x770 [ 159.915816] ? __might_fault+0x102/0x1b0 [ 159.916136] ? lock_acquire+0x427/0x4c0 [ 159.916456] ? __pfx_iommufd_test+0x10/0x10 [ 159.916945] ? __pfx_lock_release+0x10/0x10 [ 159.917287] ? __pfx_lock_acquire+0x10/0x10 [ 159.917631] ? write_comp_data+0x2f/0x90 [ 159.917955] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.918347] ? write_comp_data+0x2f/0x90 [ 159.918702] iommufd_fops_ioctl+0x37d/0x510 [ 159.919047] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.919458] ? write_comp_data+0x2f/0x90 [ 159.919815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 159.920276] __x64_sys_ioctl+0x1a3/0x230 [ 159.920805] do_syscall_64+0x3b/0x90 [ 159.921136] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.921586] RIP: 0033:0x7f4b8743ee5d [ 159.921904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 159.923518] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 159.924373] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 159.924976] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 159.925578] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 159.926183] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 159.926818] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 159.927505] [ 159.927823] irq event stamp: 0 [ 159.928097] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.928631] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.929420] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.930235] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.930794] ---[ end trace 0000000000000000 ]--- [ 159.934238] ------------[ cut here ]------------ [ 159.934702] WARNING: CPU: 0 PID: 1505 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 159.935737] Modules linked in: [ 159.936015] CPU: 0 PID: 1505 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.936932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.937880] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 159.938306] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 159.940091] RSP: 0018:ffff8880245a7bd0 EFLAGS: 00010246 [ 159.940551] RAX: 0000000000000000 RBX: ffff88801873d8a8 RCX: 0000000000000000 [ 159.941162] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 159.941769] RBP: ffff8880245a7be8 R08: ffffed10030e7b33 R09: ffffed10030e7b33 [ 159.942369] R10: ffff88801873d993 R11: ffffed10030e7b32 R12: ffff888012b66000 [ 159.942992] R13: ffff88801873d9e8 R14: ffff88801005ef00 R15: 0000000000000000 [ 159.943607] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.944285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.944773] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.945375] PKRU: 55555554 [ 159.945615] Call Trace: [ 159.945829] [ 159.946022] iommufd_access_destroy_object+0x65/0x170 [ 159.946475] iommufd_object_destroy_user+0x18e/0x220 [ 159.946932] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 159.947438] iommufd_access_destroy+0x43/0x70 [ 159.947832] iommufd_test_staccess_release+0x8d/0xd0 [ 159.948280] __fput+0x26d/0xa40 [ 159.948582] ____fput+0x1e/0x30 [ 159.948872] task_work_run+0x1a4/0x2d0 [ 159.949214] ? __pfx_task_work_run+0x10/0x10 [ 159.949591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.950008] ? switch_task_namespaces+0xa9/0xe0 [ 159.950416] do_exit+0xb17/0x2ef0 [ 159.950740] ? lock_acquire+0x427/0x4c0 [ 159.951091] ? __pfx_lock_release+0x10/0x10 [ 159.951475] ? __kasan_check_write+0x18/0x20 [ 159.951854] ? do_raw_spin_lock+0x132/0x2a0 [ 159.952223] ? __pfx_do_exit+0x10/0x10 [ 159.952562] ? debug_smp_processor_id+0x20/0x30 [ 159.952960] ? rcu_is_watching+0x19/0xb0 [ 159.953308] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.953698] ? trace_hardirqs_on+0x26/0x120 [ 159.954075] do_group_exit+0xe0/0x2b0 [ 159.954405] __x64_sys_exit_group+0x47/0x50 [ 159.954800] do_syscall_64+0x3b/0x90 [ 159.955147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.955610] RIP: 0033:0x7f4b87518a4d [ 159.955928] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.956450] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.957090] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.957692] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.958292] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.958918] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.959534] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.960150] [ 159.960349] irq event stamp: 0 [ 159.960616] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.961150] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.961859] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.962595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.963137] ---[ end trace 0000000000000000 ]--- [ 159.963944] ------------[ cut here ]------------ [ 159.964496] WARNING: CPU: 0 PID: 1505 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 159.965368] Modules linked in: [ 159.965648] CPU: 0 PID: 1505 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 159.966613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 159.967567] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 159.967978] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 159.969570] RSP: 0018:ffff8880245a7b78 EFLAGS: 00010246 [ 159.970051] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 159.970895] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 159.971470] RBP: ffff8880245a7b98 R08: ffffed10030e7b3e R09: ffffed10030e7b3e [ 159.972045] R10: ffff88801873d9ef R11: ffffed10030e7b3d R12: ffff88801873da90 [ 159.972725] R13: ffff88801873d8a8 R14: ffffffffffffffff R15: ffff8880245a7c60 [ 159.973286] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 159.973954] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.974558] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 159.975132] PKRU: 55555554 [ 159.975358] Call Trace: [ 159.975563] [ 159.975743] iommufd_ioas_destroy+0x53/0x70 [ 159.976238] iommufd_fops_release+0x1f7/0x370 [ 159.976611] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.977023] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.977425] ? write_comp_data+0x2f/0x90 [ 159.977837] ? __pfx_iommufd_fops_release+0x10/0x10 [ 159.978335] __fput+0x26d/0xa40 [ 159.978647] ____fput+0x1e/0x30 [ 159.978932] task_work_run+0x1a4/0x2d0 [ 159.979272] ? __pfx_task_work_run+0x10/0x10 [ 159.979643] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 159.980121] ? switch_task_namespaces+0xa9/0xe0 [ 159.980607] do_exit+0xb17/0x2ef0 [ 159.980905] ? lock_acquire+0x427/0x4c0 [ 159.981242] ? __pfx_lock_release+0x10/0x10 [ 159.981604] ? __kasan_check_write+0x18/0x20 [ 159.982124] ? do_raw_spin_lock+0x132/0x2a0 [ 159.982488] ? __pfx_do_exit+0x10/0x10 [ 159.982848] ? debug_smp_processor_id+0x20/0x30 [ 159.983252] ? rcu_is_watching+0x19/0xb0 [ 159.983596] ? _raw_spin_unlock_irq+0x2b/0x60 [ 159.984017] ? trace_hardirqs_on+0x26/0x120 [ 159.984514] do_group_exit+0xe0/0x2b0 [ 159.984847] __x64_sys_exit_group+0x47/0x50 [ 159.985228] do_syscall_64+0x3b/0x90 [ 159.985565] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 159.986195] RIP: 0033:0x7f4b87518a4d [ 159.986556] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 159.987077] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 159.987720] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 159.988500] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 159.989095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 159.989717] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 159.990551] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 159.991190] [ 159.991395] irq event stamp: 0 [ 159.991669] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 159.992218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 159.993163] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 159.993894] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 159.994561] ---[ end trace 0000000000000000 ]--- [ 160.000574] ------------[ cut here ]------------ [ 160.001018] WARNING: CPU: 0 PID: 1506 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.002169] Modules linked in: [ 160.002471] CPU: 0 PID: 1506 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.003325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.004520] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.004971] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.006791] RSP: 0018:ffff88801885fbb8 EFLAGS: 00010246 [ 160.007299] RAX: 0000000000000000 RBX: ffff888014a348a8 RCX: 0000000000000000 [ 160.007939] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.008786] RBP: ffff88801885fbd0 R08: ffffed1002946933 R09: ffffed1002946933 [ 160.009421] R10: ffff888014a34993 R11: ffffed1002946932 R12: ffff88801422e400 [ 160.010060] R13: ffff888014a349e8 R14: ffffffff8352e670 R15: ffff88801885fe68 [ 160.010917] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.011644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.012163] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 160.013059] PKRU: 55555554 [ 160.013334] Call Trace: [ 160.013589] [ 160.013817] __iommufd_access_detach+0x1c2/0x2b0 [ 160.014281] iommufd_access_change_pt+0x149/0x270 [ 160.014806] iommufd_access_replace+0xb4/0x120 [ 160.015416] iommufd_test+0x3e5/0x37e0 [ 160.015795] ? lock_release+0x532/0x770 [ 160.016185] ? __might_fault+0x102/0x1b0 [ 160.016580] ? lock_acquire+0x427/0x4c0 [ 160.016972] ? __pfx_iommufd_test+0x10/0x10 [ 160.017628] ? __pfx_lock_release+0x10/0x10 [ 160.018052] ? __pfx_lock_acquire+0x10/0x10 [ 160.018475] ? write_comp_data+0x2f/0x90 [ 160.018919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.019414] ? write_comp_data+0x2f/0x90 [ 160.019910] iommufd_fops_ioctl+0x37d/0x510 [ 160.020441] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.020912] ? write_comp_data+0x2f/0x90 [ 160.021316] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.021779] __x64_sys_ioctl+0x1a3/0x230 [ 160.022354] do_syscall_64+0x3b/0x90 [ 160.022760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.023281] RIP: 0033:0x7f4b8743ee5d [ 160.023640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.025598] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.026331] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.027266] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.027947] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.028625] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.029553] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.030241] [ 160.030469] irq event stamp: 0 [ 160.030810] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.031433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.032440] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.033241] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.034054] ---[ end trace 0000000000000000 ]--- [ 160.037438] ------------[ cut here ]------------ [ 160.037971] WARNING: CPU: 0 PID: 1506 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.039365] Modules linked in: [ 160.039707] CPU: 0 PID: 1506 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.040647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.042065] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.042643] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.044851] RSP: 0018:ffff88801885fbd0 EFLAGS: 00010246 [ 160.045453] RAX: 0000000000000000 RBX: ffff888014a348a8 RCX: 0000000000000000 [ 160.046411] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.047220] RBP: ffff88801885fbe8 R08: ffffed1002946933 R09: ffffed1002946933 [ 160.048094] R10: ffff888014a34993 R11: ffffed1002946932 R12: ffff888018024800 [ 160.048983] R13: ffff888014a349e8 R14: ffff888013dea600 R15: 0000000000000000 [ 160.049743] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.050873] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.051499] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.052243] PKRU: 55555554 [ 160.052547] Call Trace: [ 160.052814] [ 160.053051] iommufd_access_destroy_object+0x65/0x170 [ 160.053600] iommufd_object_destroy_user+0x18e/0x220 [ 160.054135] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.054786] iommufd_access_destroy+0x43/0x70 [ 160.055284] iommufd_test_staccess_release+0x8d/0xd0 [ 160.055834] __fput+0x26d/0xa40 [ 160.056208] ____fput+0x1e/0x30 [ 160.056570] task_work_run+0x1a4/0x2d0 [ 160.056985] ? __pfx_task_work_run+0x10/0x10 [ 160.057464] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.057990] ? switch_task_namespaces+0xa9/0xe0 [ 160.058885] do_exit+0xb17/0x2ef0 [ 160.059282] ? lock_acquire+0x427/0x4c0 [ 160.059715] ? __pfx_lock_release+0x10/0x10 [ 160.060179] ? __kasan_check_write+0x18/0x20 [ 160.060649] ? do_raw_spin_lock+0x132/0x2a0 [ 160.061380] ? __pfx_do_exit+0x10/0x10 [ 160.061806] ? debug_smp_processor_id+0x20/0x30 [ 160.062312] ? rcu_is_watching+0x19/0xb0 [ 160.062785] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.063306] ? trace_hardirqs_on+0x26/0x120 [ 160.063830] do_group_exit+0xe0/0x2b0 [ 160.064421] __x64_sys_exit_group+0x47/0x50 [ 160.064878] do_syscall_64+0x3b/0x90 [ 160.065283] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.065839] RIP: 0033:0x7f4b87518a4d [ 160.066476] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.067185] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.067988] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.068724] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.069457] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.070197] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.070966] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.071741] [ 160.071989] irq event stamp: 0 [ 160.072323] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.072984] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.073844] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.074737] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.075407] ---[ end trace 0000000000000000 ]--- [ 160.076330] ------------[ cut here ]------------ [ 160.076838] WARNING: CPU: 0 PID: 1506 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.077915] Modules linked in: [ 160.078252] CPU: 0 PID: 1506 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.079234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.080429] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.080942] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.082852] RSP: 0018:ffff88801885fb78 EFLAGS: 00010246 [ 160.083430] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.084162] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.085184] RBP: ffff88801885fb98 R08: ffffed100294693e R09: ffffed100294693e [ 160.085922] R10: ffff888014a349ef R11: ffffed100294693d R12: ffff888014a34a90 [ 160.086715] R13: ffff888014a348a8 R14: ffffffffffffffff R15: ffff88801885fc60 [ 160.087496] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.088333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.088938] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.089678] PKRU: 55555554 [ 160.089971] Call Trace: [ 160.090247] [ 160.090486] iommufd_ioas_destroy+0x53/0x70 [ 160.091006] iommufd_fops_release+0x1f7/0x370 [ 160.091513] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.092039] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.092553] ? write_comp_data+0x2f/0x90 [ 160.092977] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.093493] __fput+0x26d/0xa40 [ 160.093854] ____fput+0x1e/0x30 [ 160.094200] task_work_run+0x1a4/0x2d0 [ 160.094652] ? __pfx_task_work_run+0x10/0x10 [ 160.095147] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.095604] ? switch_task_namespaces+0xa9/0xe0 [ 160.096058] do_exit+0xb17/0x2ef0 [ 160.096423] ? lock_acquire+0x427/0x4c0 [ 160.096861] ? __pfx_lock_release+0x10/0x10 [ 160.097322] ? __kasan_check_write+0x18/0x20 [ 160.097783] ? do_raw_spin_lock+0x132/0x2a0 [ 160.098239] ? __pfx_do_exit+0x10/0x10 [ 160.098687] ? debug_smp_processor_id+0x20/0x30 [ 160.099189] ? rcu_is_watching+0x19/0xb0 [ 160.099629] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.100106] ? trace_hardirqs_on+0x26/0x120 [ 160.100569] do_group_exit+0xe0/0x2b0 [ 160.100978] __x64_sys_exit_group+0x47/0x50 [ 160.101430] do_syscall_64+0x3b/0x90 [ 160.101848] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.102396] RIP: 0033:0x7f4b87518a4d [ 160.102817] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.103503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.104368] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.105116] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.105860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.106642] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.106955] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 160.107399] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.107421] [ 160.107426] irq event stamp: 0 [ 160.107431] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.107446] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.110212] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 160.110936] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.110969] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.110980] ---[ end trace 0000000000000000 ]--- [ 160.115049] ------------[ cut here ]------------ [ 160.118099] WARNING: CPU: 0 PID: 1507 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.119292] Modules linked in: [ 160.119651] CPU: 0 PID: 1507 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.120585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.121827] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.122393] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.124404] RSP: 0018:ffff8880245a7bb8 EFLAGS: 00010246 [ 160.124995] RAX: 0000000000000000 RBX: ffff8880104610a8 RCX: 0000000000000000 [ 160.125771] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 160.126569] RBP: ffff8880245a7bd0 R08: ffffed100208c233 R09: ffffed100208c233 [ 160.127364] R10: ffff888010461193 R11: ffffed100208c232 R12: ffff88801226f000 [ 160.128142] R13: ffff8880104611e8 R14: ffffffff8352e670 R15: ffff8880245a7e68 [ 160.128907] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.129769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.130402] CR2: 00007f4b877410e8 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 160.131229] PKRU: 55555554 [ 160.131549] Call Trace: [ 160.131836] [ 160.132109] __iommufd_access_detach+0x1c2/0x2b0 [ 160.132674] iommufd_access_change_pt+0x149/0x270 [ 160.133214] iommufd_access_replace+0xb4/0x120 [ 160.133719] iommufd_test+0x3e5/0x37e0 [ 160.134147] ? lock_release+0x532/0x770 [ 160.134647] ? __might_fault+0x102/0x1b0 [ 160.135106] ? lock_acquire+0x427/0x4c0 [ 160.135574] ? __pfx_iommufd_test+0x10/0x10 [ 160.136054] ? __pfx_lock_release+0x10/0x10 [ 160.136556] ? __pfx_lock_acquire+0x10/0x10 [ 160.137052] ? write_comp_data+0x2f/0x90 [ 160.137514] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.138057] ? write_comp_data+0x2f/0x90 [ 160.138577] iommufd_fops_ioctl+0x37d/0x510 [ 160.139066] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.139615] ? write_comp_data+0x2f/0x90 [ 160.140062] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.140583] __x64_sys_ioctl+0x1a3/0x230 [ 160.141044] do_syscall_64+0x3b/0x90 [ 160.141458] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.142026] RIP: 0033:0x7f4b8743ee5d [ 160.142433] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.144439] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.145256] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.146012] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.146789] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.147576] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.148333] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.149104] [ 160.149353] irq event stamp: 0 [ 160.149686] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.150358] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.151279] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.152169] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.152857] ---[ end trace 0000000000000000 ]--- [ 160.156626] ------------[ cut here ]------------ [ 160.157205] WARNING: CPU: 0 PID: 1507 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.158336] Modules linked in: [ 160.158773] CPU: 0 PID: 1507 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.159737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.160941] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.161489] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.163499] RSP: 0018:ffff8880245a7bd0 EFLAGS: 00010246 [ 160.164077] RAX: 0000000000000000 RBX: ffff8880104610a8 RCX: 0000000000000000 [ 160.164829] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 160.165587] RBP: ffff8880245a7be8 R08: ffffed100208c233 R09: ffffed100208c233 [ 160.166347] R10: ffff888010461193 R11: ffffed100208c232 R12: ffff88801422c800 [ 160.167173] R13: ffff8880104611e8 R14: ffff88800f48b200 R15: 0000000000000000 [ 160.167939] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.168796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.169433] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 160.170193] PKRU: 55555554 [ 160.170556] Call Trace: [ 160.170832] [ 160.171078] iommufd_access_destroy_object+0x65/0x170 [ 160.171664] iommufd_object_destroy_user+0x18e/0x220 [ 160.172220] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.172850] iommufd_access_destroy+0x43/0x70 [ 160.173339] iommufd_test_staccess_release+0x8d/0xd0 [ 160.173893] __fput+0x26d/0xa40 [ 160.174272] ____fput+0x1e/0x30 [ 160.174702] task_work_run+0x1a4/0x2d0 [ 160.175149] ? __pfx_task_work_run+0x10/0x10 [ 160.175637] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.176178] ? switch_task_namespaces+0xa9/0xe0 [ 160.176708] do_exit+0xb17/0x2ef0 [ 160.177085] ? lock_acquire+0x427/0x4c0 [ 160.177524] ? __pfx_lock_release+0x10/0x10 [ 160.177998] ? __kasan_check_write+0x18/0x20 [ 160.178485] ? do_raw_spin_lock+0x132/0x2a0 [ 160.179007] ? __pfx_do_exit+0x10/0x10 [ 160.179460] ? debug_smp_processor_id+0x20/0x30 [ 160.179973] ? rcu_is_watching+0x19/0xb0 [ 160.180419] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.180914] ? trace_hardirqs_on+0x26/0x120 [ 160.181390] do_group_exit+0xe0/0x2b0 [ 160.181795] __x64_sys_exit_group+0x47/0x50 [ 160.182257] do_syscall_64+0x3b/0x90 [ 160.182717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.183298] RIP: 0033:0x7f4b87518a4d [ 160.183700] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.184352] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.185188] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.185975] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.186782] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.187559] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.188320] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.189101] [ 160.189356] irq event stamp: 0 [ 160.189691] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.190376] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.191315] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.192215] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.192892] ---[ end trace 0000000000000000 ]--- [ 160.193849] ------------[ cut here ]------------ [ 160.194359] WARNING: CPU: 0 PID: 1507 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.195521] Modules linked in: [ 160.195868] CPU: 0 PID: 1507 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.196804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.198013] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.198599] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.200563] RSP: 0018:ffff8880245a7b78 EFLAGS: 00010246 [ 160.201133] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.201889] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 160.202674] RBP: ffff8880245a7b98 R08: ffffed100208c23e R09: ffffed100208c23e [ 160.203450] R10: ffff8880104611ef R11: ffffed100208c23d R12: ffff888010461290 [ 160.204205] R13: ffff8880104610a8 R14: ffffffffffffffff R15: ffff8880245a7c60 [ 160.204952] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.205805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.206426] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 160.207221] PKRU: 55555554 [ 160.207499] Call Trace: [ 160.207736] [ 160.207948] iommufd_ioas_destroy+0x53/0x70 [ 160.208406] iommufd_fops_release+0x1f7/0x370 [ 160.208884] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.209419] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.209943] ? write_comp_data+0x2f/0x90 [ 160.210378] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.210934] __fput+0x26d/0xa40 [ 160.211325] ____fput+0x1e/0x30 [ 160.211683] task_work_run+0x1a4/0x2d0 [ 160.212109] ? __pfx_task_work_run+0x10/0x10 [ 160.212587] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.213109] ? switch_task_namespaces+0xa9/0xe0 [ 160.213616] do_exit+0xb17/0x2ef0 [ 160.213981] ? lock_acquire+0x427/0x4c0 [ 160.214412] ? __pfx_lock_release+0x10/0x10 [ 160.214906] ? __kasan_check_write+0x18/0x20 [ 160.215397] ? do_raw_spin_lock+0x132/0x2a0 [ 160.215856] ? __pfx_do_exit+0x10/0x10 [ 160.216277] ? debug_smp_processor_id+0x20/0x30 [ 160.216770] ? rcu_is_watching+0x19/0xb0 [ 160.217201] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.217684] ? trace_hardirqs_on+0x26/0x120 [ 160.218147] do_group_exit+0xe0/0x2b0 [ 160.218588] __x64_sys_exit_group+0x47/0x50 [ 160.219045] do_syscall_64+0x3b/0x90 [ 160.219475] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.220029] RIP: 0033:0x7f4b87518a4d [ 160.220431] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.221079] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.221868] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.222655] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.223413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.224164] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.224906] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.225662] [ 160.225909] irq event stamp: 0 [ 160.226243] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.226926] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.227814] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.228699] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.229363] ---[ end trace 0000000000000000 ]--- [ 160.237717] ------------[ cut here ]------------ [ 160.238447] WARNING: CPU: 1 PID: 1509 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.240294] Modules linked in: [ 160.240748] CPU: 1 PID: 1509 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.242049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.243827] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.244654] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.247492] RSP: 0018:ffff8880173dfbb8 EFLAGS: 00010246 [ 160.248220] RAX: 0000000000000000 RBX: ffff888015b650a8 RCX: 0000000000000000 [ 160.249178] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 160.250337] RBP: ffff8880173dfbd0 R08: ffffed1002b6ca33 R09: ffffed1002b6ca33 [ 160.251416] R10: ffff888015b65193 R11: ffffed1002b6ca32 R12: ffff888012e94c00 [ 160.252600] R13: ffff888015b651e8 R14: ffffffff8352e670 R15: ffff8880173dfe68 [ 160.253575] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.254929] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.255748] CR2: 00007f4b877410e8 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 160.256725] PKRU: 55555554 [ 160.257317] Call Trace: [ 160.257691] [ 160.258012] __iommufd_access_detach+0x1c2/0x2b0 [ 160.258753] iommufd_access_change_pt+0x149/0x270 [ 160.259589] iommufd_access_replace+0xb4/0x120 [ 160.260335] iommufd_test+0x3e5/0x37e0 [ 160.260890] ? lock_release+0x532/0x770 [ 160.261470] ? __might_fault+0x102/0x1b0 [ 160.262266] ? lock_acquire+0x427/0x4c0 [ 160.262890] ? __pfx_iommufd_test+0x10/0x10 [ 160.263531] ? __pfx_lock_release+0x10/0x10 [ 160.264215] ? __pfx_lock_acquire+0x10/0x10 [ 160.264931] ? write_comp_data+0x2f/0x90 [ 160.265511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.266192] ? write_comp_data+0x2f/0x90 [ 160.267022] iommufd_fops_ioctl+0x37d/0x510 [ 160.267671] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.268388] ? write_comp_data+0x2f/0x90 [ 160.268991] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.269882] __x64_sys_ioctl+0x1a3/0x230 [ 160.270474] do_syscall_64+0x3b/0x90 [ 160.271062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.271876] RIP: 0033:0x7f4b8743ee5d [ 160.272503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.275183] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.276248] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.277423] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.278379] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.279611] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.280578] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.281789] [ 160.282125] irq event stamp: 0 [ 160.282609] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.283505] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.284858] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.285984] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.287146] ---[ end trace 0000000000000000 ]--- [ 160.296877] ------------[ cut here ]------------ [ 160.297588] WARNING: CPU: 1 PID: 1509 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.299401] Modules linked in: [ 160.299872] CPU: 1 PID: 1509 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.301248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.302877] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.303661] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.306231] RSP: 0018:ffff8880173dfbd0 EFLAGS: 00010246 [ 160.306982] RAX: 0000000000000000 RBX: ffff888015b650a8 RCX: 0000000000000000 [ 160.308116] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 160.309046] RBP: ffff8880173dfbe8 R08: ffffed1002b6ca33 R09: ffffed1002b6ca33 [ 160.310006] R10: ffff888015b65193 R11: ffffed1002b6ca32 R12: ffff88800b9b6c00 [ 160.311109] R13: ffff888015b651e8 R14: ffff888020e59200 R15: 0000000000000000 [ 160.312071] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.313120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.313878] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 160.315057] PKRU: 55555554 [ 160.315455] Call Trace: [ 160.315806] [ 160.316119] iommufd_access_destroy_object+0x65/0x170 [ 160.316815] iommufd_object_destroy_user+0x18e/0x220 [ 160.317500] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.318282] iommufd_access_destroy+0x43/0x70 [ 160.319019] iommufd_test_staccess_release+0x8d/0xd0 [ 160.319823] __fput+0x26d/0xa40 [ 160.320307] ____fput+0x1e/0x30 [ 160.320772] task_work_run+0x1a4/0x2d0 [ 160.321306] ? __pfx_task_work_run+0x10/0x10 [ 160.321901] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.322609] ? switch_task_namespaces+0xa9/0xe0 [ 160.323263] do_exit+0xb17/0x2ef0 [ 160.323739] ? lock_acquire+0x427/0x4c0 [ 160.324284] ? __pfx_lock_release+0x10/0x10 [ 160.324876] ? __kasan_check_write+0x18/0x20 [ 160.325492] ? do_raw_spin_lock+0x132/0x2a0 [ 160.326092] ? __pfx_do_exit+0x10/0x10 [ 160.326690] ? debug_smp_processor_id+0x20/0x30 [ 160.327363] ? rcu_is_watching+0x19/0xb0 [ 160.327931] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.328575] ? trace_hardirqs_on+0x26/0x120 [ 160.329179] do_group_exit+0xe0/0x2b0 [ 160.329714] __x64_sys_exit_group+0x47/0x50 [ 160.330296] do_syscall_64+0x3b/0x90 [ 160.330879] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.331620] RIP: 0033:0x7f4b87518a4d [ 160.332125] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.332940] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.333970] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.334981] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.335942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.336874] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.337804] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.338792] [ 160.339122] irq event stamp: 0 [ 160.339544] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.340375] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.341474] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.342606] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.343461] ---[ end trace 0000000000000000 ]--- [ 160.344713] ------------[ cut here ]------------ [ 160.345310] WARNING: CPU: 0 PID: 1509 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.346388] Modules linked in: [ 160.346839] CPU: 0 PID: 1509 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.347778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.348970] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.349519] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.351520] RSP: 0018:ffff8880173dfb78 EFLAGS: 00010246 [ 160.352092] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.352836] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 160.353599] RBP: ffff8880173dfb98 R08: ffffed1002b6ca3e R09: ffffed1002b6ca3e [ 160.354353] R10: ffff888015b651ef R11: ffffed1002b6ca3d R12: ffff888015b65290 [ 160.355141] R13: ffff888015b650a8 R14: ffffffffffffffff R15: ffff8880173dfc60 [ 160.355914] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.356768] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.357383] CR2: 00007f82e2a85000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 160.358153] PKRU: 55555554 [ 160.358453] Call Trace: [ 160.358763] [ 160.359010] iommufd_ioas_destroy+0x53/0x70 [ 160.359516] iommufd_fops_release+0x1f7/0x370 [ 160.360011] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.360550] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.361079] ? write_comp_data+0x2f/0x90 [ 160.361519] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.362107] __fput+0x26d/0xa40 [ 160.362639] ____fput+0x1e/0x30 [ 160.363158] task_work_run+0x1a4/0x2d0 [ 160.363578] ? __pfx_task_work_run+0x10/0x10 [ 160.364053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.364568] ? switch_task_namespaces+0xa9/0xe0 [ 160.365063] do_exit+0xb17/0x2ef0 [ 160.365429] ? lock_acquire+0x427/0x4c0 [ 160.365851] ? __pfx_lock_release+0x10/0x10 [ 160.366311] ? __kasan_check_write+0x18/0x20 [ 160.366838] ? do_raw_spin_lock+0x132/0x2a0 [ 160.367316] ? __pfx_do_exit+0x10/0x10 [ 160.367737] ? debug_smp_processor_id+0x20/0x30 [ 160.368231] ? rcu_is_watching+0x19/0xb0 [ 160.368656] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.369130] ? trace_hardirqs_on+0x26/0x120 [ 160.369583] do_group_exit+0xe0/0x2b0 [ 160.369985] __x64_sys_exit_group+0x47/0x50 [ 160.370433] do_syscall_64+0x3b/0x90 [ 160.370862] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.371421] RIP: 0033:0x7f4b87518a4d [ 160.371815] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.372463] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.373250] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.373985] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.374777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.375524] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.376258] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.377004] [ 160.377256] irq event stamp: 0 [ 160.377585] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.378235] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.379155] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.380035] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.380691] ---[ end trace 0000000000000000 ]--- [ 160.386482] ------------[ cut here ]------------ [ 160.387056] WARNING: CPU: 0 PID: 1510 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.388134] Modules linked in: [ 160.388467] CPU: 0 PID: 1510 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.389560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.390970] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.391522] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.393468] RSP: 0018:ffff88801899fbb8 EFLAGS: 00010246 [ 160.394240] RAX: 0000000000000000 RBX: ffff88800f3730a8 RCX: 0000000000000000 [ 160.395205] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 160.395954] RBP: ffff88801899fbd0 R08: ffffed1001e6e633 R09: ffffed1001e6e633 [ 160.396680] R10: ffff88800f373193 R11: ffffed1001e6e632 R12: ffff888010c08400 [ 160.397422] R13: ffff88800f3731e8 R14: ffffffff8352e670 R15: ffff88801899fe68 [ 160.398161] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.399025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.399639] CR2: 00007f4b877410e8 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 160.400384] PKRU: 55555554 [ 160.400675] Call Trace: [ 160.400942] [ 160.401179] __iommufd_access_detach+0x1c2/0x2b0 [ 160.401689] iommufd_access_change_pt+0x149/0x270 [ 160.402197] iommufd_access_replace+0xb4/0x120 [ 160.402712] iommufd_test+0x3e5/0x37e0 [ 160.403124] ? lock_release+0x532/0x770 [ 160.403556] ? __might_fault+0x102/0x1b0 [ 160.403986] ? lock_acquire+0x427/0x4c0 [ 160.404409] ? __pfx_iommufd_test+0x10/0x10 [ 160.404859] ? __pfx_lock_release+0x10/0x10 [ 160.405312] ? __pfx_lock_acquire+0x10/0x10 [ 160.405764] ? write_comp_data+0x2f/0x90 [ 160.406194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.406737] ? write_comp_data+0x2f/0x90 [ 160.407186] iommufd_fops_ioctl+0x37d/0x510 [ 160.407640] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.408144] ? write_comp_data+0x2f/0x90 [ 160.408573] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.409077] __x64_sys_ioctl+0x1a3/0x230 [ 160.409506] do_syscall_64+0x3b/0x90 [ 160.409893] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.410429] RIP: 0033:0x7f4b8743ee5d [ 160.410843] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.412714] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.413487] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.414221] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.415003] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.415749] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.416474] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.417182] [ 160.417407] irq event stamp: 0 [ 160.417702] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.418293] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.419105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.419919] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.420512] ---[ end trace 0000000000000000 ]--- [ 160.423820] ------------[ cut here ]------------ [ 160.424285] WARNING: CPU: 0 PID: 1510 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.425334] Modules linked in: [ 160.425805] CPU: 0 PID: 1510 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.426652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.427724] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.428197] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.430151] RSP: 0018:ffff88801899fbd0 EFLAGS: 00010246 [ 160.430797] RAX: 0000000000000000 RBX: ffff88800f3730a8 RCX: 0000000000000000 [ 160.431462] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 160.432110] RBP: ffff88801899fbe8 R08: ffffed1001e6e633 R09: ffffed1001e6e633 [ 160.432753] R10: ffff88800f373193 R11: ffffed1001e6e632 R12: ffff88801226e800 [ 160.433396] R13: ffff88800f3731e8 R14: ffff888015bb5900 R15: 0000000000000000 [ 160.434235] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.435162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.435703] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.436363] PKRU: 55555554 [ 160.436629] Call Trace: [ 160.436869] [ 160.437133] iommufd_access_destroy_object+0x65/0x170 [ 160.437783] iommufd_object_destroy_user+0x18e/0x220 [ 160.438259] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.438833] iommufd_access_destroy+0x43/0x70 [ 160.439269] iommufd_test_staccess_release+0x8d/0xd0 [ 160.439933] __fput+0x26d/0xa40 [ 160.440254] ____fput+0x1e/0x30 [ 160.440573] task_work_run+0x1a4/0x2d0 [ 160.440947] ? __pfx_task_work_run+0x10/0x10 [ 160.441408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.441979] ? switch_task_namespaces+0xa9/0xe0 [ 160.442425] do_exit+0xb17/0x2ef0 [ 160.442778] ? lock_acquire+0x427/0x4c0 [ 160.443169] ? __pfx_lock_release+0x10/0x10 [ 160.443625] ? __kasan_check_write+0x18/0x20 [ 160.444183] ? do_raw_spin_lock+0x132/0x2a0 [ 160.444589] ? __pfx_do_exit+0x10/0x10 [ 160.444967] ? debug_smp_processor_id+0x20/0x30 [ 160.445438] ? rcu_is_watching+0x19/0xb0 [ 160.445968] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.446398] ? trace_hardirqs_on+0x26/0x120 [ 160.446826] do_group_exit+0xe0/0x2b0 [ 160.447193] __x64_sys_exit_group+0x47/0x50 [ 160.447595] do_syscall_64+0x3b/0x90 [ 160.448131] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.448621] RIP: 0033:0x7f4b87518a4d [ 160.448971] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.449553] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.450390] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.451076] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.451763] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.452611] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.453278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.454043] [ 160.454333] irq event stamp: 0 [ 160.454662] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.455265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.456088] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.456992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.457578] ---[ end trace 0000000000000000 ]--- [ 160.458501] ------------[ cut here ]------------ [ 160.458986] WARNING: CPU: 0 PID: 1510 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.459949] Modules linked in: [ 160.460301] CPU: 0 PID: 1510 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.461273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.462541] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.463025] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.464729] RSP: 0018:ffff88801899fb78 EFLAGS: 00010246 [ 160.465230] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.465892] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 160.466587] RBP: ffff88801899fb98 R08: ffffed1001e6e63e R09: ffffed1001e6e63e [ 160.467269] R10: ffff88800f3731ef R11: ffffed1001e6e63d R12: ffff88800f373290 [ 160.467927] R13: ffff88800f3730a8 R14: ffffffffffffffff R15: ffff88801899fc60 [ 160.468597] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.469347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.469899] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.470547] PKRU: 55555554 [ 160.470801] Call Trace: [ 160.471026] [ 160.471240] iommufd_ioas_destroy+0x53/0x70 [ 160.471630] iommufd_fops_release+0x1f7/0x370 [ 160.472037] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.472476] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.472911] ? write_comp_data+0x2f/0x90 [ 160.473283] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.473726] __fput+0x26d/0xa40 [ 160.474030] ____fput+0x1e/0x30 [ 160.474331] task_work_run+0x1a4/0x2d0 [ 160.474701] ? __pfx_task_work_run+0x10/0x10 [ 160.475088] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.475526] ? switch_task_namespaces+0xa9/0xe0 [ 160.475944] do_exit+0xb17/0x2ef0 [ 160.476252] ? lock_acquire+0x427/0x4c0 [ 160.476610] ? __pfx_lock_release+0x10/0x10 [ 160.476990] ? __kasan_check_write+0x18/0x20 [ 160.477374] ? do_raw_spin_lock+0x132/0x2a0 [ 160.477748] ? __pfx_do_exit+0x10/0x10 [ 160.478096] ? debug_smp_processor_id+0x20/0x30 [ 160.478500] ? rcu_is_watching+0x19/0xb0 [ 160.478886] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.479288] ? trace_hardirqs_on+0x26/0x120 [ 160.479659] do_group_exit+0xe0/0x2b0 [ 160.479984] __x64_sys_exit_group+0x47/0x50 [ 160.480347] do_syscall_64+0x3b/0x90 [ 160.480673] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.481115] RIP: 0033:0x7f4b87518a4d [ 160.481433] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.481948] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.482614] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.483224] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.483825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.484424] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.485022] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.485627] [ 160.485826] irq event stamp: 0 [ 160.486089] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.486639] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.487351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.488053] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.488587] ---[ end trace 0000000000000000 ]--- [ 160.493151] ------------[ cut here ]------------ [ 160.493594] WARNING: CPU: 0 PID: 1511 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.494465] Modules linked in: [ 160.494839] CPU: 0 PID: 1511 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.495595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.496539] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.496938] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.498378] RSP: 0018:ffff888012e6fbb8 EFLAGS: 00010246 [ 160.498823] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 160.499397] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.499959] RBP: ffff888012e6fbd0 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 160.500520] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff888012e90c00 [ 160.501081] R13: ffff888017a461e8 R14: ffffffff8352e670 R15: ffff888012e6fe68 [ 160.501642] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.502272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.502746] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ef0 [ 160.503330] PKRU: 55555554 [ 160.503558] Call Trace: [ 160.503762] [ 160.503941] __iommufd_access_detach+0x1c2/0x2b0 [ 160.504335] iommufd_access_change_pt+0x149/0x270 [ 160.504729] iommufd_access_replace+0xb4/0x120 [ 160.505103] iommufd_test+0x3e5/0x37e0 [ 160.505413] ? lock_release+0x532/0x770 [ 160.505739] ? __might_fault+0x102/0x1b0 [ 160.506069] ? lock_acquire+0x427/0x4c0 [ 160.506396] ? __pfx_iommufd_test+0x10/0x10 [ 160.506756] ? __pfx_lock_release+0x10/0x10 [ 160.507108] ? __pfx_lock_acquire+0x10/0x10 [ 160.507470] ? write_comp_data+0x2f/0x90 [ 160.507803] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.508198] ? write_comp_data+0x2f/0x90 [ 160.508529] iommufd_fops_ioctl+0x37d/0x510 [ 160.508874] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.509268] ? write_comp_data+0x2f/0x90 [ 160.509600] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.509984] __x64_sys_ioctl+0x1a3/0x230 [ 160.510323] do_syscall_64+0x3b/0x90 [ 160.510666] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.511091] RIP: 0033:0x7f4b8743ee5d [ 160.511401] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.512841] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.513443] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.514010] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.514617] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.515214] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.515799] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.516399] [ 160.516594] irq event stamp: 0 [ 160.516856] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.517379] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.518064] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.518773] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.519304] ---[ end trace 0000000000000000 ]--- [ 160.522170] ------------[ cut here ]------------ [ 160.522762] WARNING: CPU: 0 PID: 1511 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.523630] Modules linked in: [ 160.523905] CPU: 0 PID: 1511 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.524637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.525583] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.526000] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.527552] RSP: 0018:ffff888012e6fbd0 EFLAGS: 00010246 [ 160.527999] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 160.528597] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.529191] RBP: ffff888012e6fbe8 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 160.529796] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff888010c0bc00 [ 160.530388] R13: ffff888017a461e8 R14: ffff88800efec700 R15: 0000000000000000 [ 160.531001] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.531692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.532179] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.532774] PKRU: 55555554 [ 160.533011] Call Trace: [ 160.533225] [ 160.533417] iommufd_access_destroy_object+0x65/0x170 [ 160.533875] iommufd_object_destroy_user+0x18e/0x220 [ 160.534307] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.534817] iommufd_access_destroy+0x43/0x70 [ 160.535213] iommufd_test_staccess_release+0x8d/0xd0 [ 160.535644] __fput+0x26d/0xa40 [ 160.535940] ____fput+0x1e/0x30 [ 160.536229] task_work_run+0x1a4/0x2d0 [ 160.536567] ? __pfx_task_work_run+0x10/0x10 [ 160.536947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.537363] ? switch_task_namespaces+0xa9/0xe0 [ 160.537763] do_exit+0xb17/0x2ef0 [ 160.538057] ? lock_acquire+0x427/0x4c0 [ 160.538404] ? __pfx_lock_release+0x10/0x10 [ 160.538792] ? __kasan_check_write+0x18/0x20 [ 160.539193] ? do_raw_spin_lock+0x132/0x2a0 [ 160.539560] ? __pfx_do_exit+0x10/0x10 [ 160.539897] ? debug_smp_processor_id+0x20/0x30 [ 160.540290] ? rcu_is_watching+0x19/0xb0 [ 160.540638] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.541025] ? trace_hardirqs_on+0x26/0x120 [ 160.541395] do_group_exit+0xe0/0x2b0 [ 160.541718] __x64_sys_exit_group+0x47/0x50 [ 160.542083] do_syscall_64+0x3b/0x90 [ 160.542408] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.542868] RIP: 0033:0x7f4b87518a4d [ 160.543197] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.543724] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.544367] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.544960] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.545555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.546149] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.546766] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.547384] [ 160.547583] irq event stamp: 0 [ 160.547848] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.548377] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.549079] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.549777] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.550307] ---[ end trace 0000000000000000 ]--- [ 160.551071] ------------[ cut here ]------------ [ 160.551488] WARNING: CPU: 0 PID: 1511 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.552340] Modules linked in: [ 160.552613] CPU: 0 PID: 1511 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.553337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.554266] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.554718] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.556248] RSP: 0018:ffff888012e6fb78 EFLAGS: 00010246 [ 160.556698] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.557286] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.557879] RBP: ffff888012e6fb98 R08: ffffed1002f48c3e R09: ffffed1002f48c3e [ 160.558486] R10: ffff888017a461ef R11: ffffed1002f48c3d R12: ffff888017a46290 [ 160.559102] R13: ffff888017a460a8 R14: ffffffffffffffff R15: ffff888012e6fc60 [ 160.559707] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.560375] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.560855] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.561440] PKRU: 55555554 [ 160.561675] Call Trace: [ 160.561890] [ 160.562090] iommufd_ioas_destroy+0x53/0x70 [ 160.562454] iommufd_fops_release+0x1f7/0x370 [ 160.562855] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.563289] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.563705] ? write_comp_data+0x2f/0x90 [ 160.564053] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.564475] __fput+0x26d/0xa40 [ 160.564766] ____fput+0x1e/0x30 [ 160.565052] task_work_run+0x1a4/0x2d0 [ 160.565384] ? __pfx_task_work_run+0x10/0x10 [ 160.565756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.566168] ? switch_task_namespaces+0xa9/0xe0 [ 160.566585] do_exit+0xb17/0x2ef0 [ 160.566881] ? lock_acquire+0x427/0x4c0 [ 160.567239] ? __pfx_lock_release+0x10/0x10 [ 160.567604] ? __kasan_check_write+0x18/0x20 [ 160.567980] ? do_raw_spin_lock+0x132/0x2a0 [ 160.568345] ? __pfx_do_exit+0x10/0x10 [ 160.568681] ? debug_smp_processor_id+0x20/0x30 [ 160.569079] ? rcu_is_watching+0x19/0xb0 [ 160.569437] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.569818] ? trace_hardirqs_on+0x26/0x120 [ 160.570196] do_group_exit+0xe0/0x2b0 [ 160.570534] __x64_sys_exit_group+0x47/0x50 [ 160.570892] do_syscall_64+0x3b/0x90 [ 160.571220] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.571649] RIP: 0033:0x7f4b87518a4d [ 160.571955] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.572457] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.573081] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.573661] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.574241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.574842] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.575448] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.576038] [ 160.576231] irq event stamp: 0 [ 160.576488] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.577003] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.577683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.578361] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.578896] ---[ end trace 0000000000000000 ]--- [ 160.583338] ------------[ cut here ]------------ [ 160.583773] WARNING: CPU: 0 PID: 1512 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.584595] Modules linked in: [ 160.584855] CPU: 0 PID: 1512 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.585566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.586478] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.586932] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.588439] RSP: 0018:ffff888016edfbb8 EFLAGS: 00010246 [ 160.588875] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 160.589452] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 160.590032] RBP: ffff888016edfbd0 R08: ffffed100208c133 R09: ffffed100208c133 [ 160.590633] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff88800fcb0400 [ 160.591233] R13: ffff8880104609e8 R14: ffffffff8352e670 R15: ffff888016edfe68 [ 160.591816] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.592472] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.592944] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 160.593526] PKRU: 55555554 [ 160.593759] Call Trace: [ 160.593971] [ 160.594160] __iommufd_access_detach+0x1c2/0x2b0 [ 160.594592] iommufd_access_change_pt+0x149/0x270 [ 160.595004] iommufd_access_replace+0xb4/0x120 [ 160.595411] iommufd_test+0x3e5/0x37e0 [ 160.595741] ? lock_release+0x532/0x770 [ 160.596076] ? __might_fault+0x102/0x1b0 [ 160.596415] ? lock_acquire+0x427/0x4c0 [ 160.596757] ? __pfx_iommufd_test+0x10/0x10 [ 160.597113] ? __pfx_lock_release+0x10/0x10 [ 160.597479] ? __pfx_lock_acquire+0x10/0x10 [ 160.597844] ? write_comp_data+0x2f/0x90 [ 160.598192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.598621] ? write_comp_data+0x2f/0x90 [ 160.598965] iommufd_fops_ioctl+0x37d/0x510 [ 160.599337] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.599746] ? write_comp_data+0x2f/0x90 [ 160.600093] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.600500] __x64_sys_ioctl+0x1a3/0x230 [ 160.600847] do_syscall_64+0x3b/0x90 [ 160.601160] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.601601] RIP: 0033:0x7f4b8743ee5d [ 160.601915] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.603462] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.604105] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.604691] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.605283] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.605872] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.606464] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.607074] [ 160.607274] irq event stamp: 0 [ 160.607539] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.608060] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.608748] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.609436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.609953] ---[ end trace 0000000000000000 ]--- [ 160.612724] ------------[ cut here ]------------ [ 160.613144] WARNING: CPU: 0 PID: 1512 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.613977] Modules linked in: [ 160.614239] CPU: 0 PID: 1512 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.615198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.616120] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.616528] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.618321] RSP: 0018:ffff888016edfbd0 EFLAGS: 00010246 [ 160.618786] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 160.619377] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 160.619957] RBP: ffff888016edfbe8 R08: ffffed100208c133 R09: ffffed100208c133 [ 160.620744] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff888012e91400 [ 160.621327] R13: ffff8880104609e8 R14: ffff88800ca5ae00 R15: 0000000000000000 [ 160.621915] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.622596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.623075] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.623687] PKRU: 55555554 [ 160.623922] Call Trace: [ 160.624133] [ 160.624368] iommufd_access_destroy_object+0x65/0x170 [ 160.624970] iommufd_object_destroy_user+0x18e/0x220 [ 160.625392] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.625876] iommufd_access_destroy+0x43/0x70 [ 160.626256] iommufd_test_staccess_release+0x8d/0xd0 [ 160.626713] __fput+0x26d/0xa40 [ 160.627006] ____fput+0x1e/0x30 [ 160.627303] task_work_run+0x1a4/0x2d0 [ 160.627637] ? __pfx_task_work_run+0x10/0x10 [ 160.628003] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.628643] ? switch_task_namespaces+0xa9/0xe0 [ 160.629044] do_exit+0xb17/0x2ef0 [ 160.629334] ? lock_acquire+0x427/0x4c0 [ 160.629678] ? __pfx_lock_release+0x10/0x10 [ 160.630037] ? __kasan_check_write+0x18/0x20 [ 160.630403] ? do_raw_spin_lock+0x132/0x2a0 [ 160.630792] ? __pfx_do_exit+0x10/0x10 [ 160.631140] ? debug_smp_processor_id+0x20/0x30 [ 160.631529] ? rcu_is_watching+0x19/0xb0 [ 160.631904] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.632442] ? trace_hardirqs_on+0x26/0x120 [ 160.632806] do_group_exit+0xe0/0x2b0 [ 160.633122] __x64_sys_exit_group+0x47/0x50 [ 160.633481] do_syscall_64+0x3b/0x90 [ 160.633797] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.634228] RIP: 0033:0x7f4b87518a4d [ 160.634559] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.635064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.635782] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.636497] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.637082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.637664] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.638245] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.638925] [ 160.639231] irq event stamp: 0 [ 160.639491] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.640017] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.640701] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.641379] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.641902] ---[ end trace 0000000000000000 ]--- [ 160.642823] ------------[ cut here ]------------ [ 160.643235] WARNING: CPU: 0 PID: 1512 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.644068] Modules linked in: [ 160.644333] CPU: 0 PID: 1512 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.645053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.646205] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.646676] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.648201] RSP: 0018:ffff888016edfb78 EFLAGS: 00010246 [ 160.648645] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.649230] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 160.650027] RBP: ffff888016edfb98 R08: ffffed100208c13e R09: ffffed100208c13e [ 160.650638] R10: ffff8880104609ef R11: ffffed100208c13d R12: ffff888010460a90 [ 160.651230] R13: ffff8880104608a8 R14: ffffffffffffffff R15: ffff888016edfc60 [ 160.651813] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.652470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.652973] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.653744] PKRU: 55555554 [ 160.653984] Call Trace: [ 160.654197] [ 160.654385] iommufd_ioas_destroy+0x53/0x70 [ 160.654773] iommufd_fops_release+0x1f7/0x370 [ 160.655161] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.655574] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.655985] ? write_comp_data+0x2f/0x90 [ 160.656329] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.656786] __fput+0x26d/0xa40 [ 160.657239] ____fput+0x1e/0x30 [ 160.657532] task_work_run+0x1a4/0x2d0 [ 160.657868] ? __pfx_task_work_run+0x10/0x10 [ 160.658244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.658683] ? switch_task_namespaces+0xa9/0xe0 [ 160.659084] do_exit+0xb17/0x2ef0 [ 160.659386] ? lock_acquire+0x427/0x4c0 [ 160.659739] ? __pfx_lock_release+0x10/0x10 [ 160.660101] ? __kasan_check_write+0x18/0x20 [ 160.660471] ? do_raw_spin_lock+0x132/0x2a0 [ 160.660937] ? __pfx_do_exit+0x10/0x10 [ 160.661385] ? debug_smp_processor_id+0x20/0x30 [ 160.661780] ? rcu_is_watching+0x19/0xb0 [ 160.662122] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.662539] ? trace_hardirqs_on+0x26/0x120 [ 160.662912] do_group_exit+0xe0/0x2b0 [ 160.663248] __x64_sys_exit_group+0x47/0x50 [ 160.663608] do_syscall_64+0x3b/0x90 [ 160.663922] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.664357] RIP: 0033:0x7f4b87518a4d [ 160.664718] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.665383] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.666008] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.666624] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.667231] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.667818] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.668616] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.669215] [ 160.669411] irq event stamp: 0 [ 160.669676] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.670202] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.670923] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.671633] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.672358] ---[ end trace 0000000000000000 ]--- [ 160.678235] ------------[ cut here ]------------ [ 160.678672] WARNING: CPU: 0 PID: 1513 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.679523] Modules linked in: [ 160.679789] CPU: 0 PID: 1513 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.680505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.681612] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.682022] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.683555] RSP: 0018:ffff888012e6fbb8 EFLAGS: 00010246 [ 160.684000] RAX: 0000000000000000 RBX: ffff8880245a20a8 RCX: 0000000000000000 [ 160.684812] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 160.685397] RBP: ffff888012e6fbd0 R08: ffffed10048b4433 R09: ffffed10048b4433 [ 160.685988] R10: ffff8880245a2193 R11: ffffed10048b4432 R12: ffff8880138ad800 [ 160.686605] R13: ffff8880245a21e8 R14: ffffffff8352e670 R15: ffff888012e6fe68 [ 160.687252] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.688271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.688904] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 160.689664] PKRU: 55555554 [ 160.690013] Call Trace: [ 160.690363] [ 160.690628] __iommufd_access_detach+0x1c2/0x2b0 [ 160.691036] iommufd_access_change_pt+0x149/0x270 [ 160.691455] iommufd_access_replace+0xb4/0x120 [ 160.691839] iommufd_test+0x3e5/0x37e0 [ 160.692164] ? lock_release+0x532/0x770 [ 160.692502] ? __might_fault+0x102/0x1b0 [ 160.692842] ? lock_acquire+0x427/0x4c0 [ 160.693288] ? __pfx_iommufd_test+0x10/0x10 [ 160.693781] ? __pfx_lock_release+0x10/0x10 [ 160.694155] ? __pfx_lock_acquire+0x10/0x10 [ 160.694545] ? write_comp_data+0x2f/0x90 [ 160.694892] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.695307] ? write_comp_data+0x2f/0x90 [ 160.695659] iommufd_fops_ioctl+0x37d/0x510 [ 160.696059] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.696620] ? write_comp_data+0x2f/0x90 [ 160.696966] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.697364] __x64_sys_ioctl+0x1a3/0x230 [ 160.697713] do_syscall_64+0x3b/0x90 [ 160.698030] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.698465] RIP: 0033:0x7f4b8743ee5d [ 160.698805] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.700557] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.701188] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.701778] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.702586] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.703193] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.703788] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.704392] [ 160.704588] irq event stamp: 0 [ 160.704848] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.705375] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.706066] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.706783] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.707317] ---[ end trace 0000000000000000 ]--- [ 160.710302] ------------[ cut here ]------------ [ 160.710715] WARNING: CPU: 0 PID: 1513 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.711498] Modules linked in: [ 160.711817] CPU: 0 PID: 1513 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.712597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.713457] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.713848] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.715526] RSP: 0018:ffff888012e6fbd0 EFLAGS: 00010246 [ 160.715964] RAX: 0000000000000000 RBX: ffff8880245a20a8 RCX: 0000000000000000 [ 160.716542] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 160.717123] RBP: ffff888012e6fbe8 R08: ffffed10048b4433 R09: ffffed10048b4433 [ 160.717698] R10: ffff8880245a2193 R11: ffffed10048b4432 R12: ffff88800fcb2c00 [ 160.718275] R13: ffff8880245a21e8 R14: ffff88800f48b100 R15: 0000000000000000 [ 160.718879] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.719546] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.720016] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.720594] PKRU: 55555554 [ 160.720826] Call Trace: [ 160.721035] [ 160.721224] iommufd_access_destroy_object+0x65/0x170 [ 160.721653] iommufd_object_destroy_user+0x18e/0x220 [ 160.722070] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.722571] iommufd_access_destroy+0x43/0x70 [ 160.722947] iommufd_test_staccess_release+0x8d/0xd0 [ 160.723379] __fput+0x26d/0xa40 [ 160.723669] ____fput+0x1e/0x30 [ 160.723949] task_work_run+0x1a4/0x2d0 [ 160.724286] ? __pfx_task_work_run+0x10/0x10 [ 160.724650] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.725059] ? switch_task_namespaces+0xa9/0xe0 [ 160.725449] do_exit+0xb17/0x2ef0 [ 160.725731] ? lock_acquire+0x427/0x4c0 [ 160.726065] ? __pfx_lock_release+0x10/0x10 [ 160.726426] ? __kasan_check_write+0x18/0x20 [ 160.726820] ? do_raw_spin_lock+0x132/0x2a0 [ 160.727189] ? __pfx_do_exit+0x10/0x10 [ 160.727518] ? debug_smp_processor_id+0x20/0x30 [ 160.727901] ? rcu_is_watching+0x19/0xb0 [ 160.728232] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.728605] ? trace_hardirqs_on+0x26/0x120 [ 160.728972] do_group_exit+0xe0/0x2b0 [ 160.729285] __x64_sys_exit_group+0x47/0x50 [ 160.729634] do_syscall_64+0x3b/0x90 [ 160.729949] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.730377] RIP: 0033:0x7f4b87518a4d [ 160.730706] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.731221] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.731838] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.732417] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.732997] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.733567] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.734139] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.734748] [ 160.734944] irq event stamp: 0 [ 160.735216] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.735727] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.736412] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.737089] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.737599] ---[ end trace 0000000000000000 ]--- [ 160.738377] ------------[ cut here ]------------ [ 160.738940] WARNING: CPU: 0 PID: 1513 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.739791] Modules linked in: [ 160.740053] CPU: 0 PID: 1513 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.740928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.741835] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.742260] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.744127] RSP: 0018:ffff888012e6fb78 EFLAGS: 00010246 [ 160.744567] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.745284] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 160.745859] RBP: ffff888012e6fb98 R08: ffffed10048b443e R09: ffffed10048b443e [ 160.746534] R10: ffff8880245a21ef R11: ffffed10048b443d R12: ffff8880245a2290 [ 160.747205] R13: ffff8880245a20a8 R14: ffffffffffffffff R15: ffff888012e6fc60 [ 160.747783] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 160.748462] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.749045] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 160.749626] PKRU: 55555554 [ 160.749859] Call Trace: [ 160.750066] [ 160.750307] iommufd_ioas_destroy+0x53/0x70 [ 160.750781] iommufd_fops_release+0x1f7/0x370 [ 160.751173] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.751581] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.752056] ? write_comp_data+0x2f/0x90 [ 160.752479] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.752894] __fput+0x26d/0xa40 [ 160.753182] ____fput+0x1e/0x30 [ 160.753464] task_work_run+0x1a4/0x2d0 [ 160.753855] ? __pfx_task_work_run+0x10/0x10 [ 160.754291] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.754709] ? switch_task_namespaces+0xa9/0xe0 [ 160.755099] do_exit+0xb17/0x2ef0 [ 160.755420] ? lock_acquire+0x427/0x4c0 [ 160.755856] ? __pfx_lock_release+0x10/0x10 [ 160.756223] ? __kasan_check_write+0x18/0x20 [ 160.756593] ? do_raw_spin_lock+0x132/0x2a0 [ 160.756952] ? __pfx_do_exit+0x10/0x10 [ 160.757429] ? debug_smp_processor_id+0x20/0x30 [ 160.757820] ? rcu_is_watching+0x19/0xb0 [ 160.758155] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.758554] ? trace_hardirqs_on+0x26/0x120 [ 160.758942] do_group_exit+0xe0/0x2b0 [ 160.759375] __x64_sys_exit_group+0x47/0x50 [ 160.759738] do_syscall_64+0x3b/0x90 [ 160.760056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.760488] RIP: 0033:0x7f4b87518a4d [ 160.760942] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.761446] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.762066] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.762791] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.763379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.763965] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.764550] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.765136] [ 160.765329] irq event stamp: 0 [ 160.765587] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.766093] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.766792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.767485] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.768006] ---[ end trace 0000000000000000 ]--- [ 160.772072] ------------[ cut here ]------------ [ 160.772862] WARNING: CPU: 1 PID: 1514 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.773692] Modules linked in: [ 160.773954] CPU: 1 PID: 1514 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.774864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.775792] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.776271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.777822] RSP: 0018:ffff888015f67bb8 EFLAGS: 00010246 [ 160.778393] RAX: 0000000000000000 RBX: ffff888014ae90a8 RCX: 0000000000000000 [ 160.778988] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 160.779584] RBP: ffff888015f67bd0 R08: ffffed100295d233 R09: ffffed100295d233 [ 160.780301] R10: ffff888014ae9193 R11: ffffed100295d232 R12: ffff888014b94c00 [ 160.780883] R13: ffff888014ae91e8 R14: ffffffff8352e670 R15: ffff888015f67e68 [ 160.781464] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.782267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.782777] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 160.783400] PKRU: 55555554 [ 160.783666] Call Trace: [ 160.783934] [ 160.784199] __iommufd_access_detach+0x1c2/0x2b0 [ 160.784627] iommufd_access_change_pt+0x149/0x270 [ 160.785052] iommufd_access_replace+0xb4/0x120 [ 160.785458] iommufd_test+0x3e5/0x37e0 [ 160.785928] ? lock_release+0x532/0x770 [ 160.786283] ? __might_fault+0x102/0x1b0 [ 160.786655] ? lock_acquire+0x427/0x4c0 [ 160.787008] ? __pfx_iommufd_test+0x10/0x10 [ 160.787398] ? __pfx_lock_release+0x10/0x10 [ 160.787933] ? __pfx_lock_acquire+0x10/0x10 [ 160.788321] ? write_comp_data+0x2f/0x90 [ 160.788690] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.789117] ? write_comp_data+0x2f/0x90 [ 160.789517] iommufd_fops_ioctl+0x37d/0x510 [ 160.789978] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.790423] ? write_comp_data+0x2f/0x90 [ 160.790815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.791248] __x64_sys_ioctl+0x1a3/0x230 [ 160.791622] do_syscall_64+0x3b/0x90 [ 160.791963] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.792428] RIP: 0033:0x7f4b8743ee5d [ 160.792798] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.794485] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.795228] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.795946] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.796577] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.797233] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.797964] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.798618] [ 160.798826] irq event stamp: 0 [ 160.799103] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.799718] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.800521] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.801245] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.801917] ---[ end trace 0000000000000000 ]--- [ 160.805134] ------------[ cut here ]------------ [ 160.805579] WARNING: CPU: 1 PID: 1514 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.806657] Modules linked in: [ 160.806940] CPU: 1 PID: 1514 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.807707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.808839] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.809271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.810879] RSP: 0018:ffff888015f67bd0 EFLAGS: 00010246 [ 160.811356] RAX: 0000000000000000 RBX: ffff888014ae90a8 RCX: 0000000000000000 [ 160.811978] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 160.812593] RBP: ffff888015f67be8 R08: ffffed100295d233 R09: ffffed100295d233 [ 160.813220] R10: ffff888014ae9193 R11: ffffed100295d232 R12: ffff888012e96800 [ 160.813832] R13: ffff888014ae91e8 R14: ffff888020e13200 R15: 0000000000000000 [ 160.814450] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.815180] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.815683] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 160.816306] PKRU: 55555554 [ 160.816556] Call Trace: [ 160.816778] [ 160.816975] iommufd_access_destroy_object+0x65/0x170 [ 160.817432] iommufd_object_destroy_user+0x18e/0x220 [ 160.817871] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.818383] iommufd_access_destroy+0x43/0x70 [ 160.818822] iommufd_test_staccess_release+0x8d/0xd0 [ 160.819283] __fput+0x26d/0xa40 [ 160.819589] ____fput+0x1e/0x30 [ 160.819881] task_work_run+0x1a4/0x2d0 [ 160.820222] ? __pfx_task_work_run+0x10/0x10 [ 160.820612] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.821040] ? switch_task_namespaces+0xa9/0xe0 [ 160.821451] do_exit+0xb17/0x2ef0 [ 160.821753] ? lock_acquire+0x427/0x4c0 [ 160.822104] ? __pfx_lock_release+0x10/0x10 [ 160.822485] ? __kasan_check_write+0x18/0x20 [ 160.822901] ? do_raw_spin_lock+0x132/0x2a0 [ 160.823286] ? __pfx_do_exit+0x10/0x10 [ 160.823634] ? debug_smp_processor_id+0x20/0x30 [ 160.824037] ? rcu_is_watching+0x19/0xb0 [ 160.824388] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.824787] ? trace_hardirqs_on+0x26/0x120 [ 160.825170] do_group_exit+0xe0/0x2b0 [ 160.825501] __x64_sys_exit_group+0x47/0x50 [ 160.825870] do_syscall_64+0x3b/0x90 [ 160.826200] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.826677] RIP: 0033:0x7f4b87518a4d [ 160.827001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.827541] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.828192] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.828799] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.829407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.830011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.830639] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.831281] [ 160.831487] irq event stamp: 0 [ 160.831756] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.832295] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.833015] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.833722] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.834260] ---[ end trace 0000000000000000 ]--- [ 160.835039] ------------[ cut here ]------------ [ 160.835450] WARNING: CPU: 1 PID: 1514 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.836323] Modules linked in: [ 160.836604] CPU: 1 PID: 1514 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.837358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.838312] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.838794] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.840358] RSP: 0018:ffff888015f67b78 EFLAGS: 00010246 [ 160.840817] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.841424] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 160.842040] RBP: ffff888015f67b98 R08: ffffed100295d23e R09: ffffed100295d23e [ 160.842673] R10: ffff888014ae91ef R11: ffffed100295d23d R12: ffff888014ae9290 [ 160.843290] R13: ffff888014ae90a8 R14: ffffffffffffffff R15: ffff888015f67c60 [ 160.843908] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.844611] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.845104] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 160.845716] PKRU: 55555554 [ 160.845961] Call Trace: [ 160.846182] [ 160.846379] iommufd_ioas_destroy+0x53/0x70 [ 160.846799] iommufd_fops_release+0x1f7/0x370 [ 160.847211] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.847645] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.848068] ? write_comp_data+0x2f/0x90 [ 160.848429] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.848870] __fput+0x26d/0xa40 [ 160.849174] ____fput+0x1e/0x30 [ 160.849468] task_work_run+0x1a4/0x2d0 [ 160.849811] ? __pfx_task_work_run+0x10/0x10 [ 160.850191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.850632] ? switch_task_namespaces+0xa9/0xe0 [ 160.851036] do_exit+0xb17/0x2ef0 [ 160.851329] ? lock_acquire+0x427/0x4c0 [ 160.851662] ? __pfx_lock_release+0x10/0x10 [ 160.852016] ? __kasan_check_write+0x18/0x20 [ 160.852375] ? do_raw_spin_lock+0x132/0x2a0 [ 160.852726] ? __pfx_do_exit+0x10/0x10 [ 160.853047] ? debug_smp_processor_id+0x20/0x30 [ 160.853428] ? rcu_is_watching+0x19/0xb0 [ 160.853760] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.854137] ? trace_hardirqs_on+0x26/0x120 [ 160.854495] do_group_exit+0xe0/0x2b0 [ 160.854832] __x64_sys_exit_group+0x47/0x50 [ 160.855194] do_syscall_64+0x3b/0x90 [ 160.855508] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.855940] RIP: 0033:0x7f4b87518a4d [ 160.856244] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.856743] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.857367] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.857936] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.858528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.859108] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.859693] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.860274] [ 160.860464] irq event stamp: 0 [ 160.860719] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.861237] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.861913] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.862622] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.863137] ---[ end trace 0000000000000000 ]--- [ 160.867772] ------------[ cut here ]------------ [ 160.868182] WARNING: CPU: 1 PID: 1515 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.868992] Modules linked in: [ 160.869253] CPU: 1 PID: 1515 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.869955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.871049] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.871466] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.872927] RSP: 0018:ffff888016fe7bb8 EFLAGS: 00010246 [ 160.873353] RAX: 0000000000000000 RBX: ffff888011eac8a8 RCX: 0000000000000000 [ 160.873922] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.874493] RBP: ffff888016fe7bd0 R08: ffffed10023d5933 R09: ffffed10023d5933 [ 160.875088] R10: ffff888011eac993 R11: ffffed10023d5932 R12: ffff888012b64800 [ 160.875676] R13: ffff888011eac9e8 R14: ffffffff8352e670 R15: ffff888016fe7e68 [ 160.876409] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.877056] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.877525] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 160.878219] PKRU: 55555554 [ 160.878450] Call Trace: [ 160.878679] [ 160.878864] __iommufd_access_detach+0x1c2/0x2b0 [ 160.879271] iommufd_access_change_pt+0x149/0x270 [ 160.879673] iommufd_access_replace+0xb4/0x120 [ 160.880054] iommufd_test+0x3e5/0x37e0 [ 160.880448] ? lock_release+0x532/0x770 [ 160.880837] ? __might_fault+0x102/0x1b0 [ 160.881174] ? lock_acquire+0x427/0x4c0 [ 160.881506] ? __pfx_iommufd_test+0x10/0x10 [ 160.881859] ? __pfx_lock_release+0x10/0x10 [ 160.882236] ? __pfx_lock_acquire+0x10/0x10 [ 160.882725] ? write_comp_data+0x2f/0x90 [ 160.883067] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.883484] ? write_comp_data+0x2f/0x90 [ 160.883826] iommufd_fops_ioctl+0x37d/0x510 [ 160.884181] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.884608] ? write_comp_data+0x2f/0x90 [ 160.885033] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.885429] __x64_sys_ioctl+0x1a3/0x230 [ 160.885771] do_syscall_64+0x3b/0x90 [ 160.886085] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.886566] RIP: 0033:0x7f4b8743ee5d [ 160.886964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.888446] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.889138] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.889779] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.890364] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.891008] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.891658] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.892243] [ 160.892434] irq event stamp: 0 [ 160.892691] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.893253] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.894019] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.894721] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.895239] ---[ end trace 0000000000000000 ]--- [ 160.898040] ------------[ cut here ]------------ [ 160.898448] WARNING: CPU: 1 PID: 1515 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.899325] Modules linked in: [ 160.899707] CPU: 1 PID: 1515 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.900415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.901320] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.901808] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.903370] RSP: 0018:ffff888016fe7bd0 EFLAGS: 00010246 [ 160.903882] RAX: 0000000000000000 RBX: ffff888011eac8a8 RCX: 0000000000000000 [ 160.904520] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.905093] RBP: ffff888016fe7be8 R08: ffffed10023d5933 R09: ffffed10023d5933 [ 160.905682] R10: ffff888011eac993 R11: ffffed10023d5932 R12: ffff888014b96400 [ 160.906363] R13: ffff888011eac9e8 R14: ffff888021862000 R15: 0000000000000000 [ 160.906958] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.907601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.908126] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 160.908748] PKRU: 55555554 [ 160.908972] Call Trace: [ 160.909173] [ 160.909353] iommufd_access_destroy_object+0x65/0x170 [ 160.909769] iommufd_object_destroy_user+0x18e/0x220 [ 160.910242] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.910783] iommufd_access_destroy+0x43/0x70 [ 160.911166] iommufd_test_staccess_release+0x8d/0xd0 [ 160.911574] __fput+0x26d/0xa40 [ 160.911852] ____fput+0x1e/0x30 [ 160.912123] task_work_run+0x1a4/0x2d0 [ 160.912470] ? __pfx_task_work_run+0x10/0x10 [ 160.912899] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.913291] ? switch_task_namespaces+0xa9/0xe0 [ 160.913667] do_exit+0xb17/0x2ef0 [ 160.913942] ? lock_acquire+0x427/0x4c0 [ 160.914263] ? __pfx_lock_release+0x10/0x10 [ 160.914624] ? __kasan_check_write+0x18/0x20 [ 160.914974] ? do_raw_spin_lock+0x132/0x2a0 [ 160.915351] ? __pfx_do_exit+0x10/0x10 [ 160.915744] ? debug_smp_processor_id+0x20/0x30 [ 160.916118] ? rcu_is_watching+0x19/0xb0 [ 160.916443] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.916804] ? trace_hardirqs_on+0x26/0x120 [ 160.917152] do_group_exit+0xe0/0x2b0 [ 160.917459] __x64_sys_exit_group+0x47/0x50 [ 160.917837] do_syscall_64+0x3b/0x90 [ 160.918197] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.918631] RIP: 0033:0x7f4b87518a4d [ 160.918926] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.919418] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.920008] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.920561] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.921234] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.921789] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.922344] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.922937] [ 160.923129] irq event stamp: 0 [ 160.923381] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.923993] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.924646] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.925297] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.925792] ---[ end trace 0000000000000000 ]--- [ 160.926616] ------------[ cut here ]------------ [ 160.926986] WARNING: CPU: 1 PID: 1515 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 160.927792] Modules linked in: [ 160.928046] CPU: 1 PID: 1515 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.928725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.929599] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 160.930002] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 160.931465] RSP: 0018:ffff888016fe7b78 EFLAGS: 00010246 [ 160.931881] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 160.932431] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 160.932981] RBP: ffff888016fe7b98 R08: ffffed10023d593e R09: ffffed10023d593e [ 160.933532] R10: ffff888011eac9ef R11: ffffed10023d593d R12: ffff888011eaca90 [ 160.934082] R13: ffff888011eac8a8 R14: ffffffffffffffff R15: ffff888016fe7c60 [ 160.934651] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.935281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.935723] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 160.936266] PKRU: 55555554 [ 160.936486] Call Trace: [ 160.936683] [ 160.936858] iommufd_ioas_destroy+0x53/0x70 [ 160.937196] iommufd_fops_release+0x1f7/0x370 [ 160.937549] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.937939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.938324] ? write_comp_data+0x2f/0x90 [ 160.938665] ? __pfx_iommufd_fops_release+0x10/0x10 [ 160.939053] __fput+0x26d/0xa40 [ 160.939331] ____fput+0x1e/0x30 [ 160.939595] task_work_run+0x1a4/0x2d0 [ 160.939902] ? __pfx_task_work_run+0x10/0x10 [ 160.940244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.940623] ? switch_task_namespaces+0xa9/0xe0 [ 160.940993] do_exit+0xb17/0x2ef0 [ 160.941262] ? lock_acquire+0x427/0x4c0 [ 160.941578] ? __pfx_lock_release+0x10/0x10 [ 160.941916] ? __kasan_check_write+0x18/0x20 [ 160.942260] ? do_raw_spin_lock+0x132/0x2a0 [ 160.942612] ? __pfx_do_exit+0x10/0x10 [ 160.942927] ? debug_smp_processor_id+0x20/0x30 [ 160.943301] ? rcu_is_watching+0x19/0xb0 [ 160.943625] ? _raw_spin_unlock_irq+0x2b/0x60 [ 160.943981] ? trace_hardirqs_on+0x26/0x120 [ 160.944320] do_group_exit+0xe0/0x2b0 [ 160.944617] __x64_sys_exit_group+0x47/0x50 [ 160.944948] do_syscall_64+0x3b/0x90 [ 160.945244] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.945650] RIP: 0033:0x7f4b87518a4d [ 160.945938] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 160.946409] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 160.947010] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 160.947571] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 160.948123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 160.948673] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 160.949220] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 160.949777] [ 160.949959] irq event stamp: 0 [ 160.950202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.950708] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.951361] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.952007] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.952496] ---[ end trace 0000000000000000 ]--- [ 160.956349] ------------[ cut here ]------------ [ 160.956754] WARNING: CPU: 1 PID: 1516 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.957534] Modules linked in: [ 160.957782] CPU: 1 PID: 1516 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.958451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.959523] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.959913] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.961315] RSP: 0018:ffff888020c8fbb8 EFLAGS: 00010246 [ 160.961732] RAX: 0000000000000000 RBX: ffff888015f638a8 RCX: 0000000000000000 [ 160.962281] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 160.962851] RBP: ffff888020c8fbd0 R08: ffffed1002bec733 R09: ffffed1002bec733 [ 160.963412] R10: ffff888015f63993 R11: ffffed1002bec732 R12: ffff888012de7400 [ 160.963963] R13: ffff888015f639e8 R14: ffffffff8352e670 R15: ffff888020c8fe68 [ 160.964514] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.965136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.965586] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 160.966137] PKRU: 55555554 [ 160.966359] Call Trace: [ 160.966587] [ 160.966767] __iommufd_access_detach+0x1c2/0x2b0 [ 160.967159] iommufd_access_change_pt+0x149/0x270 [ 160.967547] iommufd_access_replace+0xb4/0x120 [ 160.967913] iommufd_test+0x3e5/0x37e0 [ 160.968216] ? lock_release+0x532/0x770 [ 160.968538] ? __might_fault+0x102/0x1b0 [ 160.968862] ? lock_acquire+0x427/0x4c0 [ 160.969184] ? __pfx_iommufd_test+0x10/0x10 [ 160.969524] ? __pfx_lock_release+0x10/0x10 [ 160.969869] ? __pfx_lock_acquire+0x10/0x10 [ 160.970214] ? write_comp_data+0x2f/0x90 [ 160.970566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.970955] ? write_comp_data+0x2f/0x90 [ 160.971297] iommufd_fops_ioctl+0x37d/0x510 [ 160.971646] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.972035] ? write_comp_data+0x2f/0x90 [ 160.972366] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.972749] __x64_sys_ioctl+0x1a3/0x230 [ 160.973078] do_syscall_64+0x3b/0x90 [ 160.973379] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 160.973792] RIP: 0033:0x7f4b8743ee5d [ 160.974084] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 160.975526] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 160.976125] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 160.976690] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.977255] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 160.977840] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 160.978415] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 160.979030] [ 160.979237] irq event stamp: 0 [ 160.979501] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 160.980020] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 160.980703] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 160.981384] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 160.981904] ---[ end trace 0000000000000000 ]--- [ 160.984759] ------------[ cut here ]------------ [ 160.985184] WARNING: CPU: 1 PID: 1516 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 160.986010] Modules linked in: [ 160.986277] CPU: 1 PID: 1516 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 160.987012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 160.987939] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 160.988349] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 160.989829] RSP: 0018:ffff888020c8fbd0 EFLAGS: 00010246 [ 160.990264] RAX: 0000000000000000 RBX: ffff888015f638a8 RCX: 0000000000000000 [ 160.990858] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 160.991445] RBP: ffff888020c8fbe8 R08: ffffed1002bec733 R09: ffffed1002bec733 [ 160.992024] R10: ffff888015f63993 R11: ffffed1002bec732 R12: ffff888012b66c00 [ 160.992604] R13: ffff888015f639e8 R14: ffff888013428500 R15: 0000000000000000 [ 160.993186] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 160.993852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.994332] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 160.994947] PKRU: 55555554 [ 160.995195] Call Trace: [ 160.995413] [ 160.995604] iommufd_access_destroy_object+0x65/0x170 [ 160.996039] iommufd_object_destroy_user+0x18e/0x220 [ 160.996468] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 160.996950] iommufd_access_destroy+0x43/0x70 [ 160.997326] iommufd_test_staccess_release+0x8d/0xd0 [ 160.997756] __fput+0x26d/0xa40 [ 160.998047] ____fput+0x1e/0x30 [ 160.998340] task_work_run+0x1a4/0x2d0 [ 160.998722] ? __pfx_task_work_run+0x10/0x10 [ 160.999122] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 160.999558] ? switch_task_namespaces+0xa9/0xe0 [ 160.999975] do_exit+0xb17/0x2ef0 [ 161.000279] ? lock_acquire+0x427/0x4c0 [ 161.000638] ? __pfx_lock_release+0x10/0x10 [ 161.001015] ? __kasan_check_write+0x18/0x20 [ 161.001395] ? do_raw_spin_lock+0x132/0x2a0 [ 161.001765] ? __pfx_do_exit+0x10/0x10 [ 161.002111] ? debug_smp_processor_id+0x20/0x30 [ 161.002548] ? rcu_is_watching+0x19/0xb0 [ 161.002910] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.003315] ? trace_hardirqs_on+0x26/0x120 [ 161.003698] do_group_exit+0xe0/0x2b0 [ 161.004029] __x64_sys_exit_group+0x47/0x50 [ 161.004404] do_syscall_64+0x3b/0x90 [ 161.004746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.005206] RIP: 0033:0x7f4b87518a4d [ 161.005532] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.006064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.006742] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.007373] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.007986] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.008598] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.009206] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.009827] [ 161.010030] irq event stamp: 0 [ 161.010300] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.010864] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.011603] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.012331] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.012875] ---[ end trace 0000000000000000 ]--- [ 161.013635] ------------[ cut here ]------------ [ 161.014048] WARNING: CPU: 1 PID: 1516 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.014971] Modules linked in: [ 161.015274] CPU: 1 PID: 1516 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.016029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.016997] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.017442] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.019077] RSP: 0018:ffff888020c8fb78 EFLAGS: 00010246 [ 161.019534] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.020143] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 161.020756] RBP: ffff888020c8fb98 R08: ffffed1002bec73e R09: ffffed1002bec73e [ 161.021371] R10: ffff888015f639ef R11: ffffed1002bec73d R12: ffff888015f63a90 [ 161.021985] R13: ffff888015f638a8 R14: ffffffffffffffff R15: ffff888020c8fc60 [ 161.022620] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.023324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.023827] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.024441] PKRU: 55555554 [ 161.024691] Call Trace: [ 161.024912] [ 161.025109] iommufd_ioas_destroy+0x53/0x70 [ 161.025505] iommufd_fops_release+0x1f7/0x370 [ 161.025907] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.026343] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.026797] ? write_comp_data+0x2f/0x90 [ 161.027176] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.027638] __fput+0x26d/0xa40 [ 161.027961] ____fput+0x1e/0x30 [ 161.028281] task_work_run+0x1a4/0x2d0 [ 161.028647] ? __pfx_task_work_run+0x10/0x10 [ 161.029058] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.029513] ? switch_task_namespaces+0xa9/0xe0 [ 161.029962] do_exit+0xb17/0x2ef0 [ 161.030286] ? lock_acquire+0x427/0x4c0 [ 161.030692] ? __pfx_lock_release+0x10/0x10 [ 161.031103] ? __kasan_check_write+0x18/0x20 [ 161.031528] ? do_raw_spin_lock+0x132/0x2a0 [ 161.031929] ? __pfx_do_exit+0x10/0x10 [ 161.032304] ? debug_smp_processor_id+0x20/0x30 [ 161.032738] ? rcu_is_watching+0x19/0xb0 [ 161.033121] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.033553] ? trace_hardirqs_on+0x26/0x120 [ 161.033967] do_group_exit+0xe0/0x2b0 [ 161.034327] __x64_sys_exit_group+0x47/0x50 [ 161.034752] do_syscall_64+0x3b/0x90 [ 161.035110] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.035611] RIP: 0033:0x7f4b87518a4d [ 161.035955] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.036522] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.037217] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.037865] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.038545] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.039213] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.039866] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.040538] [ 161.040762] irq event stamp: 0 [ 161.041062] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.041657] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.042425] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.043237] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.043819] ---[ end trace 0000000000000000 ]--- [ 161.048311] ------------[ cut here ]------------ [ 161.048810] WARNING: CPU: 1 PID: 1517 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.049744] Modules linked in: [ 161.050041] CPU: 1 PID: 1517 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.051059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.052113] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.052576] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.054257] RSP: 0018:ffff8880172d7bb8 EFLAGS: 00010246 [ 161.054783] RAX: 0000000000000000 RBX: ffff8880165b88a8 RCX: 0000000000000000 [ 161.055459] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 161.056122] RBP: ffff8880172d7bd0 R08: ffffed1002cb7133 R09: ffffed1002cb7133 [ 161.056783] R10: ffff8880165b8993 R11: ffffed1002cb7132 R12: ffff888013f44c00 [ 161.057447] R13: ffff8880165b89e8 R14: ffffffff8352e670 R15: ffff8880172d7e68 [ 161.058106] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.058887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.059461] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ee0 [ 161.060130] PKRU: 55555554 [ 161.060401] Call Trace: [ 161.060641] [ 161.060853] __iommufd_access_detach+0x1c2/0x2b0 [ 161.061313] iommufd_access_change_pt+0x149/0x270 [ 161.061769] iommufd_access_replace+0xb4/0x120 [ 161.062204] iommufd_test+0x3e5/0x37e0 [ 161.062598] ? lock_release+0x532/0x770 [ 161.062986] ? __might_fault+0x102/0x1b0 [ 161.063383] ? lock_acquire+0x427/0x4c0 [ 161.063766] ? __pfx_iommufd_test+0x10/0x10 [ 161.064168] ? __pfx_lock_release+0x10/0x10 [ 161.064583] ? __pfx_lock_acquire+0x10/0x10 [ 161.065000] ? write_comp_data+0x2f/0x90 [ 161.065391] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.065851] ? write_comp_data+0x2f/0x90 [ 161.066245] iommufd_fops_ioctl+0x37d/0x510 [ 161.066687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.067175] ? write_comp_data+0x2f/0x90 [ 161.067568] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.068038] __x64_sys_ioctl+0x1a3/0x230 [ 161.068432] do_syscall_64+0x3b/0x90 [ 161.068790] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.069279] RIP: 0033:0x7f4b8743ee5d [ 161.069625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.071360] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.072079] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.072739] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.073395] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.074053] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.074734] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.075413] [ 161.075631] irq event stamp: 0 [ 161.075925] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.076510] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.077281] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.078048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.078658] ---[ end trace 0000000000000000 ]--- [ 161.081672] ------------[ cut here ]------------ [ 161.082141] WARNING: CPU: 1 PID: 1517 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.083133] Modules linked in: [ 161.083439] CPU: 1 PID: 1517 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.084246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.085299] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.085764] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.087497] RSP: 0018:ffff8880172d7bd0 EFLAGS: 00010246 [ 161.088002] RAX: 0000000000000000 RBX: ffff8880165b88a8 RCX: 0000000000000000 [ 161.088663] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 161.089326] RBP: ffff8880172d7be8 R08: ffffed1002cb7133 R09: ffffed1002cb7133 [ 161.089979] R10: ffff8880165b8993 R11: ffffed1002cb7132 R12: ffff888012de5800 [ 161.090656] R13: ffff8880165b89e8 R14: ffff88801022f200 R15: 0000000000000000 [ 161.091329] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.092073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.092619] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.093281] PKRU: 55555554 [ 161.093546] Call Trace: [ 161.093789] [ 161.094003] iommufd_access_destroy_object+0x65/0x170 [ 161.094494] iommufd_object_destroy_user+0x18e/0x220 [ 161.095013] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.095582] iommufd_access_destroy+0x43/0x70 [ 161.096015] iommufd_test_staccess_release+0x8d/0xd0 [ 161.096501] __fput+0x26d/0xa40 [ 161.096827] ____fput+0x1e/0x30 [ 161.097153] task_work_run+0x1a4/0x2d0 [ 161.097528] ? __pfx_task_work_run+0x10/0x10 [ 161.097947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.098411] ? switch_task_namespaces+0xa9/0xe0 [ 161.098891] do_exit+0xb17/0x2ef0 [ 161.099246] ? lock_acquire+0x427/0x4c0 [ 161.099637] ? __pfx_lock_release+0x10/0x10 [ 161.100046] ? __kasan_check_write+0x18/0x20 [ 161.100463] ? do_raw_spin_lock+0x132/0x2a0 [ 161.100873] ? __pfx_do_exit+0x10/0x10 [ 161.101254] ? debug_smp_processor_id+0x20/0x30 [ 161.101697] ? rcu_is_watching+0x19/0xb0 [ 161.102080] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.102534] ? trace_hardirqs_on+0x26/0x120 [ 161.102946] do_group_exit+0xe0/0x2b0 [ 161.103320] __x64_sys_exit_group+0x47/0x50 [ 161.103726] do_syscall_64+0x3b/0x90 [ 161.104091] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.104589] RIP: 0033:0x7f4b87518a4d [ 161.104941] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.105512] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.106222] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.106922] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.107606] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.108269] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.108935] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.109607] [ 161.109827] irq event stamp: 0 [ 161.110121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.110733] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.111531] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.112309] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.112895] ---[ end trace 0000000000000000 ]--- [ 161.113694] ------------[ cut here ]------------ [ 161.114131] WARNING: CPU: 1 PID: 1517 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.115099] Modules linked in: [ 161.115413] CPU: 1 PID: 1517 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.116228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.117272] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.117753] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.119480] RSP: 0018:ffff8880172d7b78 EFLAGS: 00010246 [ 161.119988] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.120652] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 161.121312] RBP: ffff8880172d7b98 R08: ffffed1002cb713e R09: ffffed1002cb713e [ 161.121969] R10: ffff8880165b89ef R11: ffffed1002cb713d R12: ffff8880165b8a90 [ 161.122644] R13: ffff8880165b88a8 R14: ffffffffffffffff R15: ffff8880172d7c60 [ 161.123311] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.124057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.124602] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.125265] PKRU: 55555554 [ 161.125533] Call Trace: [ 161.125772] [ 161.125988] iommufd_ioas_destroy+0x53/0x70 [ 161.126403] iommufd_fops_release+0x1f7/0x370 [ 161.126855] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.127338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.127803] ? write_comp_data+0x2f/0x90 [ 161.128193] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.128664] __fput+0x26d/0xa40 [ 161.128990] ____fput+0x1e/0x30 [ 161.129306] task_work_run+0x1a4/0x2d0 [ 161.129678] ? __pfx_task_work_run+0x10/0x10 [ 161.130095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.130593] ? switch_task_namespaces+0xa9/0xe0 [ 161.131049] do_exit+0xb17/0x2ef0 [ 161.131396] ? lock_acquire+0x427/0x4c0 [ 161.131793] ? __pfx_lock_release+0x10/0x10 [ 161.132732] ? __kasan_check_write+0x18/0x20 [ 161.133309] ? do_raw_spin_lock+0x132/0x2a0 [ 161.133863] ? __pfx_do_exit+0x10/0x10 [ 161.134410] ? debug_smp_processor_id+0x20/0x30 [ 161.135298] ? rcu_is_watching+0x19/0xb0 [ 161.135843] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.136432] ? trace_hardirqs_on+0x26/0x120 [ 161.137291] do_group_exit+0xe0/0x2b0 [ 161.137785] __x64_sys_exit_group+0x47/0x50 [ 161.138322] do_syscall_64+0x3b/0x90 [ 161.138846] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.139622] RIP: 0033:0x7f4b87518a4d [ 161.140188] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.140949] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.142041] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.142978] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.143925] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.144896] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.145773] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.146859] [ 161.147188] irq event stamp: 0 [ 161.147585] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.148417] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.149530] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.150717] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.151622] ---[ end trace 0000000000000000 ]--- [ 161.158309] ------------[ cut here ]------------ [ 161.159107] WARNING: CPU: 1 PID: 1518 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.160536] Modules linked in: [ 161.160958] CPU: 1 PID: 1518 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.162197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.164145] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.164784] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.167271] RSP: 0018:ffff888020d8fbb8 EFLAGS: 00010246 [ 161.167949] RAX: 0000000000000000 RBX: ffff888010b9b0a8 RCX: 0000000000000000 [ 161.169013] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 161.169891] RBP: ffff888020d8fbd0 R08: ffffed1002173633 R09: ffffed1002173633 [ 161.170999] R10: ffff888010b9b193 R11: ffffed1002173632 R12: ffff88801422c000 [ 161.171911] R13: ffff888010b9b1e8 R14: ffffffff8352e670 R15: ffff888020d8fe68 [ 161.172847] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.173931] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.174716] CR2: 00007f4b877410e8 CR3: 0000000014268000 CR4: 0000000000750ee0 [ 161.175820] PKRU: 55555554 [ 161.176187] Call Trace: [ 161.176517] [ 161.176818] __iommufd_access_detach+0x1c2/0x2b0 [ 161.177520] iommufd_access_change_pt+0x149/0x270 [ 161.178218] iommufd_access_replace+0xb4/0x120 [ 161.178875] iommufd_test+0x3e5/0x37e0 [ 161.179461] ? lock_release+0x532/0x770 [ 161.179898] ? __might_fault+0x102/0x1b0 [ 161.180682] ? lock_acquire+0x427/0x4c0 [ 161.181232] ? __pfx_iommufd_test+0x10/0x10 [ 161.181813] ? __pfx_lock_release+0x10/0x10 [ 161.182493] ? __pfx_lock_acquire+0x10/0x10 [ 161.183171] ? write_comp_data+0x2f/0x90 [ 161.183709] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.184385] ? write_comp_data+0x2f/0x90 [ 161.185007] iommufd_fops_ioctl+0x37d/0x510 [ 161.185576] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.186210] ? write_comp_data+0x2f/0x90 [ 161.186964] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.187611] __x64_sys_ioctl+0x1a3/0x230 [ 161.188155] do_syscall_64+0x3b/0x90 [ 161.188642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.189494] RIP: 0033:0x7f4b8743ee5d [ 161.189977] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.192452] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.193410] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.194477] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.195458] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.196517] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.197363] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.198367] [ 161.198813] irq event stamp: 0 [ 161.199228] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.199974] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.201155] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.202154] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.203018] ---[ end trace 0000000000000000 ]--- [ 161.208148] ------------[ cut here ]------------ [ 161.208962] WARNING: CPU: 1 PID: 1518 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.210398] Modules linked in: [ 161.211013] CPU: 1 PID: 1518 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.212032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.213420] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.213943] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.216157] RSP: 0018:ffff888020d8fbd0 EFLAGS: 00010246 [ 161.216705] RAX: 0000000000000000 RBX: ffff888010b9b0a8 RCX: 0000000000000000 [ 161.217438] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 161.218385] RBP: ffff888020d8fbe8 R08: ffffed1002173633 R09: ffffed1002173633 [ 161.219149] R10: ffff888010b9b193 R11: ffffed1002173632 R12: ffff888013f46400 [ 161.219882] R13: ffff888010b9b1e8 R14: ffff88802185ed00 R15: 0000000000000000 [ 161.220748] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.221652] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.222244] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 161.223198] PKRU: 55555554 [ 161.223493] Call Trace: [ 161.223757] [ 161.223993] iommufd_access_destroy_object+0x65/0x170 [ 161.224532] iommufd_object_destroy_user+0x18e/0x220 [ 161.225065] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.225869] iommufd_access_destroy+0x43/0x70 [ 161.226347] iommufd_test_staccess_release+0x8d/0xd0 [ 161.226906] __fput+0x26d/0xa40 [ 161.227292] ____fput+0x1e/0x30 [ 161.227653] task_work_run+0x1a4/0x2d0 [ 161.228115] ? __pfx_task_work_run+0x10/0x10 [ 161.228741] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.229241] ? switch_task_namespaces+0xa9/0xe0 [ 161.229723] do_exit+0xb17/0x2ef0 [ 161.230078] ? lock_acquire+0x427/0x4c0 [ 161.230639] ? __pfx_lock_release+0x10/0x10 [ 161.231157] ? __kasan_check_write+0x18/0x20 [ 161.231609] ? do_raw_spin_lock+0x132/0x2a0 [ 161.232046] ? __pfx_do_exit+0x10/0x10 [ 161.232453] ? debug_smp_processor_id+0x20/0x30 [ 161.232938] ? rcu_is_watching+0x19/0xb0 [ 161.233539] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.234010] ? trace_hardirqs_on+0x26/0x120 [ 161.234458] do_group_exit+0xe0/0x2b0 [ 161.234885] __x64_sys_exit_group+0x47/0x50 [ 161.235340] do_syscall_64+0x3b/0x90 [ 161.235789] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.236479] RIP: 0033:0x7f4b87518a4d [ 161.236864] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.237495] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.238493] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.239273] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.240003] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.240858] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.241668] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.242406] [ 161.242681] irq event stamp: 0 [ 161.242999] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.243897] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.244755] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.245688] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.246447] ---[ end trace 0000000000000000 ]--- [ 161.247465] ------------[ cut here ]------------ [ 161.247962] WARNING: CPU: 1 PID: 1518 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.249240] Modules linked in: [ 161.249577] CPU: 1 PID: 1518 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.250493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.251918] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.252453] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.254598] RSP: 0018:ffff888020d8fb78 EFLAGS: 00010246 [ 161.255193] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.256059] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 161.256917] RBP: ffff888020d8fb98 R08: ffffed100217363e R09: ffffed100217363e [ 161.257657] R10: ffff888010b9b1ef R11: ffffed100217363d R12: ffff888010b9b290 [ 161.258386] R13: ffff888010b9b0a8 R14: ffffffffffffffff R15: ffff888020d8fc60 [ 161.259161] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.259988] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.260589] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 161.261328] PKRU: 55555554 [ 161.261616] Call Trace: [ 161.261875] [ 161.262107] iommufd_ioas_destroy+0x53/0x70 [ 161.262572] iommufd_fops_release+0x1f7/0x370 [ 161.263033] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.263554] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.264053] ? write_comp_data+0x2f/0x90 [ 161.264472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.264985] __fput+0x26d/0xa40 [ 161.265335] ____fput+0x1e/0x30 [ 161.265677] task_work_run+0x1a4/0x2d0 [ 161.266073] ? __pfx_task_work_run+0x10/0x10 [ 161.266547] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.267044] ? switch_task_namespaces+0xa9/0xe0 [ 161.267532] do_exit+0xb17/0x2ef0 [ 161.267889] ? lock_acquire+0x427/0x4c0 [ 161.268304] ? __pfx_lock_release+0x10/0x10 [ 161.268749] ? __kasan_check_write+0x18/0x20 [ 161.269187] ? do_raw_spin_lock+0x132/0x2a0 [ 161.269592] ? __pfx_do_exit+0x10/0x10 [ 161.269964] ? debug_smp_processor_id+0x20/0x30 [ 161.270406] ? rcu_is_watching+0x19/0xb0 [ 161.270809] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.271255] ? trace_hardirqs_on+0x26/0x120 [ 161.271672] do_group_exit+0xe0/0x2b0 [ 161.272032] __x64_sys_exit_group+0x47/0x50 [ 161.272435] do_syscall_64+0x3b/0x90 [ 161.272797] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.273289] RIP: 0033:0x7f4b87518a4d [ 161.273636] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.274211] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.274960] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.275646] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.276314] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.276990] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.277648] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.278307] [ 161.278548] irq event stamp: 0 [ 161.278844] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.279432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.280209] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.280982] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.281563] ---[ end trace 0000000000000000 ]--- [ 161.286658] ------------[ cut here ]------------ [ 161.287150] WARNING: CPU: 1 PID: 1519 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.288036] Modules linked in: [ 161.288318] CPU: 1 PID: 1519 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.289070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.290042] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.290480] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.292102] RSP: 0018:ffff888020fe7bb8 EFLAGS: 00010246 [ 161.292564] RAX: 0000000000000000 RBX: ffff888020c8a8a8 RCX: 0000000000000000 [ 161.293186] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 161.293804] RBP: ffff888020fe7bd0 R08: ffffed1004191533 R09: ffffed1004191533 [ 161.294423] R10: ffff888020c8a993 R11: ffffed1004191532 R12: ffff888010e01c00 [ 161.295059] R13: ffff888020c8a9e8 R14: ffffffff8352e670 R15: ffff888020fe7e68 [ 161.295684] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.296373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.296877] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 161.297499] PKRU: 55555554 [ 161.297747] Call Trace: [ 161.297972] [ 161.298170] __iommufd_access_detach+0x1c2/0x2b0 [ 161.298611] iommufd_access_change_pt+0x149/0x270 [ 161.299035] iommufd_access_replace+0xb4/0x120 [ 161.299452] iommufd_test+0x3e5/0x37e0 [ 161.299799] ? lock_release+0x532/0x770 [ 161.300160] ? __might_fault+0x102/0x1b0 [ 161.300526] ? lock_acquire+0x427/0x4c0 [ 161.300886] ? __pfx_iommufd_test+0x10/0x10 [ 161.301266] ? __pfx_lock_release+0x10/0x10 [ 161.301654] ? __pfx_lock_acquire+0x10/0x10 [ 161.302048] ? write_comp_data+0x2f/0x90 [ 161.302410] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.302862] ? write_comp_data+0x2f/0x90 [ 161.303238] iommufd_fops_ioctl+0x37d/0x510 [ 161.303612] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.304022] ? write_comp_data+0x2f/0x90 [ 161.304368] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.304770] __x64_sys_ioctl+0x1a3/0x230 [ 161.305118] do_syscall_64+0x3b/0x90 [ 161.305435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.305870] RIP: 0033:0x7f4b8743ee5d [ 161.306179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.307717] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.308347] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.308921] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.309520] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.310104] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.310717] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.311333] [ 161.311527] irq event stamp: 0 [ 161.311793] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.312312] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.312999] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.313685] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.314205] ---[ end trace 0000000000000000 ]--- [ 161.317072] ------------[ cut here ]------------ [ 161.317491] WARNING: CPU: 1 PID: 1519 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.318320] Modules linked in: [ 161.318617] CPU: 1 PID: 1519 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.319345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.320268] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.320680] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.322171] RSP: 0018:ffff888020fe7bd0 EFLAGS: 00010246 [ 161.322646] RAX: 0000000000000000 RBX: ffff888020c8a8a8 RCX: 0000000000000000 [ 161.323237] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 161.323815] RBP: ffff888020fe7be8 R08: ffffed1004191533 R09: ffffed1004191533 [ 161.324388] R10: ffff888020c8a993 R11: ffffed1004191532 R12: ffff88801422f000 [ 161.324971] R13: ffff888020c8a9e8 R14: ffff88800ef92f00 R15: 0000000000000000 [ 161.325557] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.326213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.326704] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.327299] PKRU: 55555554 [ 161.327535] Call Trace: [ 161.327745] [ 161.327934] iommufd_access_destroy_object+0x65/0x170 [ 161.328362] iommufd_object_destroy_user+0x18e/0x220 [ 161.328785] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.329254] iommufd_access_destroy+0x43/0x70 [ 161.329624] iommufd_test_staccess_release+0x8d/0xd0 [ 161.330037] __fput+0x26d/0xa40 [ 161.330318] ____fput+0x1e/0x30 [ 161.330606] task_work_run+0x1a4/0x2d0 [ 161.330931] ? __pfx_task_work_run+0x10/0x10 [ 161.331296] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.331692] ? switch_task_namespaces+0xa9/0xe0 [ 161.332070] do_exit+0xb17/0x2ef0 [ 161.332347] ? lock_acquire+0x427/0x4c0 [ 161.332674] ? __pfx_lock_release+0x10/0x10 [ 161.333025] ? __kasan_check_write+0x18/0x20 [ 161.333382] ? do_raw_spin_lock+0x132/0x2a0 [ 161.333729] ? __pfx_do_exit+0x10/0x10 [ 161.334049] ? debug_smp_processor_id+0x20/0x30 [ 161.334424] ? rcu_is_watching+0x19/0xb0 [ 161.334766] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.335140] ? trace_hardirqs_on+0x26/0x120 [ 161.335492] do_group_exit+0xe0/0x2b0 [ 161.335799] __x64_sys_exit_group+0x47/0x50 [ 161.336142] do_syscall_64+0x3b/0x90 [ 161.336442] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.336854] RIP: 0033:0x7f4b87518a4d [ 161.337146] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.337624] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.338222] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.338795] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.339351] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.339903] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.340457] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.341023] [ 161.341206] irq event stamp: 0 [ 161.341454] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.341944] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.342605] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.343260] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.343751] ---[ end trace 0000000000000000 ]--- [ 161.344451] ------------[ cut here ]------------ [ 161.344815] WARNING: CPU: 1 PID: 1519 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.345604] Modules linked in: [ 161.345851] CPU: 1 PID: 1519 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.346542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.347416] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.347816] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.349212] RSP: 0018:ffff888020fe7b78 EFLAGS: 00010246 [ 161.349620] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.350166] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 161.350726] RBP: ffff888020fe7b98 R08: ffffed100419153e R09: ffffed100419153e [ 161.351282] R10: ffff888020c8a9ef R11: ffffed100419153d R12: ffff888020c8aa90 [ 161.351830] R13: ffff888020c8a8a8 R14: ffffffffffffffff R15: ffff888020fe7c60 [ 161.352377] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.352993] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.353437] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.353983] PKRU: 55555554 [ 161.354199] Call Trace: [ 161.354399] [ 161.354587] iommufd_ioas_destroy+0x53/0x70 [ 161.354927] iommufd_fops_release+0x1f7/0x370 [ 161.355290] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.355677] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.356062] ? write_comp_data+0x2f/0x90 [ 161.356382] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.356772] __fput+0x26d/0xa40 [ 161.357043] ____fput+0x1e/0x30 [ 161.357313] task_work_run+0x1a4/0x2d0 [ 161.357622] ? __pfx_task_work_run+0x10/0x10 [ 161.357966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.358348] ? switch_task_namespaces+0xa9/0xe0 [ 161.358732] do_exit+0xb17/0x2ef0 [ 161.359002] ? lock_acquire+0x427/0x4c0 [ 161.359330] ? __pfx_lock_release+0x10/0x10 [ 161.359672] ? __kasan_check_write+0x18/0x20 [ 161.360018] ? do_raw_spin_lock+0x132/0x2a0 [ 161.360353] ? __pfx_do_exit+0x10/0x10 [ 161.360664] ? debug_smp_processor_id+0x20/0x30 [ 161.361028] ? rcu_is_watching+0x19/0xb0 [ 161.361346] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.361701] ? trace_hardirqs_on+0x26/0x120 [ 161.362041] do_group_exit+0xe0/0x2b0 [ 161.362341] __x64_sys_exit_group+0x47/0x50 [ 161.362691] do_syscall_64+0x3b/0x90 [ 161.362988] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.363397] RIP: 0033:0x7f4b87518a4d [ 161.363687] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.364159] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.364741] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.365285] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.365832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.366374] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.366931] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.367486] [ 161.367666] irq event stamp: 0 [ 161.367902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.368373] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.368999] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.369621] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.370093] ---[ end trace 0000000000000000 ]--- [ 161.374054] ------------[ cut here ]------------ [ 161.374443] WARNING: CPU: 1 PID: 1520 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.375262] Modules linked in: [ 161.375501] CPU: 1 PID: 1520 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.376147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.376980] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.377351] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.378703] RSP: 0018:ffff888015f67bb8 EFLAGS: 00010246 [ 161.379095] RAX: 0000000000000000 RBX: ffff8880147000a8 RCX: 0000000000000000 [ 161.379624] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 161.380145] RBP: ffff888015f67bd0 R08: ffffed10028e0033 R09: ffffed10028e0033 [ 161.380668] R10: ffff888014700193 R11: ffffed10028e0032 R12: ffff8880129c6400 [ 161.381189] R13: ffff8880147001e8 R14: ffffffff8352e670 R15: ffff888015f67e68 [ 161.381709] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.382299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.382737] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 161.383270] PKRU: 55555554 [ 161.383481] Call Trace: [ 161.383671] [ 161.383838] __iommufd_access_detach+0x1c2/0x2b0 [ 161.384200] iommufd_access_change_pt+0x149/0x270 [ 161.384568] iommufd_access_replace+0xb4/0x120 [ 161.384917] iommufd_test+0x3e5/0x37e0 [ 161.385206] ? lock_release+0x532/0x770 [ 161.385512] ? __might_fault+0x102/0x1b0 [ 161.385827] ? lock_acquire+0x427/0x4c0 [ 161.386138] ? __pfx_iommufd_test+0x10/0x10 [ 161.386455] ? __pfx_lock_release+0x10/0x10 [ 161.386795] ? __pfx_lock_acquire+0x10/0x10 [ 161.387126] ? write_comp_data+0x2f/0x90 [ 161.387435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.387798] ? write_comp_data+0x2f/0x90 [ 161.388104] iommufd_fops_ioctl+0x37d/0x510 [ 161.388426] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.388789] ? write_comp_data+0x2f/0x90 [ 161.389094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.389447] __x64_sys_ioctl+0x1a3/0x230 [ 161.389753] do_syscall_64+0x3b/0x90 [ 161.390033] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.390418] RIP: 0033:0x7f4b8743ee5d [ 161.390705] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.392050] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.393010] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.393545] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.394080] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.394748] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.395284] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.395816] [ 161.396001] irq event stamp: 0 [ 161.396318] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.396787] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.397411] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.398130] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.398615] ---[ end trace 0000000000000000 ]--- [ 161.401210] ------------[ cut here ]------------ [ 161.401694] WARNING: CPU: 1 PID: 1520 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.402440] Modules linked in: [ 161.402703] CPU: 1 PID: 1520 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.403482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.404313] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.404683] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.406139] RSP: 0018:ffff888015f67bd0 EFLAGS: 00010246 [ 161.406553] RAX: 0000000000000000 RBX: ffff8880147000a8 RCX: 0000000000000000 [ 161.407187] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 161.407711] RBP: ffff888015f67be8 R08: ffffed10028e0033 R09: ffffed10028e0033 [ 161.408237] R10: ffff888014700193 R11: ffffed10028e0032 R12: ffff888010e00c00 [ 161.408870] R13: ffff8880147001e8 R14: ffff888020874400 R15: 0000000000000000 [ 161.409394] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.409986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.410540] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.411071] PKRU: 55555554 [ 161.411298] Call Trace: [ 161.411493] [ 161.411666] iommufd_access_destroy_object+0x65/0x170 [ 161.412079] iommufd_object_destroy_user+0x18e/0x220 [ 161.412559] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.413007] iommufd_access_destroy+0x43/0x70 [ 161.413357] iommufd_test_staccess_release+0x8d/0xd0 [ 161.413762] __fput+0x26d/0xa40 [ 161.414115] ____fput+0x1e/0x30 [ 161.414382] task_work_run+0x1a4/0x2d0 [ 161.414710] ? __pfx_task_work_run+0x10/0x10 [ 161.415057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.415440] ? switch_task_namespaces+0xa9/0xe0 [ 161.415808] do_exit+0xb17/0x2ef0 [ 161.416189] ? lock_acquire+0x427/0x4c0 [ 161.416503] ? __pfx_lock_release+0x10/0x10 [ 161.416841] ? __kasan_check_write+0x18/0x20 [ 161.417185] ? do_raw_spin_lock+0x132/0x2a0 [ 161.417520] ? __pfx_do_exit+0x10/0x10 [ 161.417930] ? debug_smp_processor_id+0x20/0x30 [ 161.418289] ? rcu_is_watching+0x19/0xb0 [ 161.418626] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.418982] ? trace_hardirqs_on+0x26/0x120 [ 161.419335] do_group_exit+0xe0/0x2b0 [ 161.419631] __x64_sys_exit_group+0x47/0x50 [ 161.420073] do_syscall_64+0x3b/0x90 [ 161.420371] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.420774] RIP: 0033:0x7f4b87518a4d [ 161.421058] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.421582] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.422209] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.422772] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.423333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.424036] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.424586] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.425143] [ 161.425341] irq event stamp: 0 [ 161.425677] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.426166] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.426840] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.427573] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.428114] ---[ end trace 0000000000000000 ]--- [ 161.428799] ------------[ cut here ]------------ [ 161.429169] WARNING: CPU: 1 PID: 1520 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.430062] Modules linked in: [ 161.430320] CPU: 1 PID: 1520 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.431046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.431991] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.432400] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.433933] RSP: 0018:ffff888015f67b78 EFLAGS: 00010246 [ 161.434347] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.435015] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 161.435579] RBP: ffff888015f67b98 R08: ffffed10028e003e R09: ffffed10028e003e [ 161.436130] R10: ffff8880147001ef R11: ffffed10028e003d R12: ffff888014700290 [ 161.436696] R13: ffff8880147000a8 R14: ffffffffffffffff R15: ffff888015f67c60 [ 161.437338] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.437960] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.438428] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.439083] PKRU: 55555554 [ 161.439318] Call Trace: [ 161.439519] [ 161.439697] iommufd_ioas_destroy+0x53/0x70 [ 161.440046] iommufd_fops_release+0x1f7/0x370 [ 161.440413] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.440900] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.441289] ? write_comp_data+0x2f/0x90 [ 161.441618] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.442013] __fput+0x26d/0xa40 [ 161.442351] ____fput+0x1e/0x30 [ 161.442665] task_work_run+0x1a4/0x2d0 [ 161.442978] ? __pfx_task_work_run+0x10/0x10 [ 161.443336] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.443721] ? switch_task_namespaces+0xa9/0xe0 [ 161.444095] do_exit+0xb17/0x2ef0 [ 161.444471] ? lock_acquire+0x427/0x4c0 [ 161.444793] ? __pfx_lock_release+0x10/0x10 [ 161.445142] ? __kasan_check_write+0x18/0x20 [ 161.445498] ? do_raw_spin_lock+0x132/0x2a0 [ 161.445843] ? __pfx_do_exit+0x10/0x10 [ 161.446273] ? debug_smp_processor_id+0x20/0x30 [ 161.446662] ? rcu_is_watching+0x19/0xb0 [ 161.446987] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.447358] ? trace_hardirqs_on+0x26/0x120 [ 161.447712] do_group_exit+0xe0/0x2b0 [ 161.448016] __x64_sys_exit_group+0x47/0x50 [ 161.448481] do_syscall_64+0x3b/0x90 [ 161.448787] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.449205] RIP: 0033:0x7f4b87518a4d [ 161.449512] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.450078] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.450747] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.451341] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.451928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.452642] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.453217] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.453813] [ 161.454059] irq event stamp: 0 [ 161.454379] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.454904] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.455590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.456402] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.456919] ---[ end trace 0000000000000000 ]--- [ 161.461464] ------------[ cut here ]------------ [ 161.461870] WARNING: CPU: 0 PID: 1521 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.462897] Modules linked in: [ 161.463177] CPU: 0 PID: 1521 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.463899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.464810] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.465219] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.466735] RSP: 0018:ffff888023c97bb8 EFLAGS: 00010246 [ 161.467184] RAX: 0000000000000000 RBX: ffff8880158158a8 RCX: 0000000000000000 [ 161.467759] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 161.468335] RBP: ffff888023c97bd0 R08: ffffed1002b02b33 R09: ffffed1002b02b33 [ 161.468909] R10: ffff888015815993 R11: ffffed1002b02b32 R12: ffff888018b89800 [ 161.469501] R13: ffff8880158159e8 R14: ffffffff8352e670 R15: ffff888023c97e68 [ 161.470073] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.470747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.471227] CR2: 00007f4b877410e8 CR3: 0000000014752000 CR4: 0000000000750ef0 [ 161.471806] PKRU: 55555554 [ 161.472035] Call Trace: [ 161.472241] [ 161.472423] __iommufd_access_detach+0x1c2/0x2b0 [ 161.472825] iommufd_access_change_pt+0x149/0x270 [ 161.473226] iommufd_access_replace+0xb4/0x120 [ 161.473606] iommufd_test+0x3e5/0x37e0 [ 161.473920] ? lock_release+0x532/0x770 [ 161.474250] ? __might_fault+0x102/0x1b0 [ 161.474603] ? lock_acquire+0x427/0x4c0 [ 161.474936] ? __pfx_iommufd_test+0x10/0x10 [ 161.475305] ? __pfx_lock_release+0x10/0x10 [ 161.475667] ? __pfx_lock_acquire+0x10/0x10 [ 161.476026] ? write_comp_data+0x2f/0x90 [ 161.476363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.476762] ? write_comp_data+0x2f/0x90 [ 161.477097] iommufd_fops_ioctl+0x37d/0x510 [ 161.477450] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.477847] ? write_comp_data+0x2f/0x90 [ 161.478182] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.478591] __x64_sys_ioctl+0x1a3/0x230 [ 161.478931] do_syscall_64+0x3b/0x90 [ 161.479251] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.479679] RIP: 0033:0x7f4b8743ee5d [ 161.479979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.481443] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.482053] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.482649] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.483226] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.483799] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.484375] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.484950] [ 161.485137] irq event stamp: 0 [ 161.485388] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.485896] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.486585] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.487263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.487769] ---[ end trace 0000000000000000 ]--- [ 161.491244] ------------[ cut here ]------------ [ 161.491638] WARNING: CPU: 0 PID: 1521 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.492516] Modules linked in: [ 161.492900] CPU: 0 PID: 1521 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.493600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.494701] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.495103] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.496594] RSP: 0018:ffff888023c97bd0 EFLAGS: 00010246 [ 161.497022] RAX: 0000000000000000 RBX: ffff8880158158a8 RCX: 0000000000000000 [ 161.497594] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 161.498161] RBP: ffff888023c97be8 R08: ffffed1002b02b33 R09: ffffed1002b02b33 [ 161.498751] R10: ffff888015815993 R11: ffffed1002b02b32 R12: ffff8880138ad000 [ 161.499329] R13: ffff8880158159e8 R14: ffff888013d63000 R15: 0000000000000000 [ 161.499899] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.500549] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.501015] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.501583] PKRU: 55555554 [ 161.501809] Call Trace: [ 161.502015] [ 161.502198] iommufd_access_destroy_object+0x65/0x170 [ 161.502637] iommufd_object_destroy_user+0x18e/0x220 [ 161.503057] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.503536] iommufd_access_destroy+0x43/0x70 [ 161.503907] iommufd_test_staccess_release+0x8d/0xd0 [ 161.504329] __fput+0x26d/0xa40 [ 161.504620] ____fput+0x1e/0x30 [ 161.504896] task_work_run+0x1a4/0x2d0 [ 161.505221] ? __pfx_task_work_run+0x10/0x10 [ 161.505585] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.505987] ? switch_task_namespaces+0xa9/0xe0 [ 161.506376] do_exit+0xb17/0x2ef0 [ 161.506673] ? lock_acquire+0x427/0x4c0 [ 161.506998] ? __pfx_lock_release+0x10/0x10 [ 161.507358] ? __kasan_check_write+0x18/0x20 [ 161.507717] ? do_raw_spin_lock+0x132/0x2a0 [ 161.508057] ? __pfx_do_exit+0x10/0x10 [ 161.508373] ? debug_smp_processor_id+0x20/0x30 [ 161.508740] ? rcu_is_watching+0x19/0xb0 [ 161.509061] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.509419] ? trace_hardirqs_on+0x26/0x120 [ 161.509761] do_group_exit+0xe0/0x2b0 [ 161.510061] __x64_sys_exit_group+0x47/0x50 [ 161.510395] do_syscall_64+0x3b/0x90 [ 161.510716] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.511133] RIP: 0033:0x7f4b87518a4d [ 161.511425] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.511903] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.512497] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.513050] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.513609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.514167] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.514738] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.515311] [ 161.515497] irq event stamp: 0 [ 161.515746] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.516243] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.516894] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.517544] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.518036] ---[ end trace 0000000000000000 ]--- [ 161.519170] ------------[ cut here ]------------ [ 161.519676] WARNING: CPU: 0 PID: 1521 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.520485] Modules linked in: [ 161.520734] CPU: 0 PID: 1521 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.521577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.522440] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.523121] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.524529] RSP: 0018:ffff888023c97b78 EFLAGS: 00010246 [ 161.525007] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.525647] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 161.526197] RBP: ffff888023c97b98 R08: ffffed1002b02b3e R09: ffffed1002b02b3e [ 161.526919] R10: ffff8880158159ef R11: ffffed1002b02b3d R12: ffff888015815a90 [ 161.527476] R13: ffff8880158158a8 R14: ffffffffffffffff R15: ffff888023c97c60 [ 161.528026] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.528673] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.529243] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.529794] PKRU: 55555554 [ 161.530017] Call Trace: [ 161.530219] [ 161.530441] iommufd_ioas_destroy+0x53/0x70 [ 161.530895] iommufd_fops_release+0x1f7/0x370 [ 161.531264] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.531662] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.532048] ? write_comp_data+0x2f/0x90 [ 161.532374] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.532917] __fput+0x26d/0xa40 [ 161.533189] ____fput+0x1e/0x30 [ 161.533458] task_work_run+0x1a4/0x2d0 [ 161.533771] ? __pfx_task_work_run+0x10/0x10 [ 161.534117] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.534665] ? switch_task_namespaces+0xa9/0xe0 [ 161.535036] do_exit+0xb17/0x2ef0 [ 161.535318] ? lock_acquire+0x427/0x4c0 [ 161.535633] ? __pfx_lock_release+0x10/0x10 [ 161.535972] ? __kasan_check_write+0x18/0x20 [ 161.536378] ? do_raw_spin_lock+0x132/0x2a0 [ 161.536794] ? __pfx_do_exit+0x10/0x10 [ 161.537109] ? debug_smp_processor_id+0x20/0x30 [ 161.537476] ? rcu_is_watching+0x19/0xb0 [ 161.537797] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.538375] ? trace_hardirqs_on+0x26/0x120 [ 161.538754] do_group_exit+0xe0/0x2b0 [ 161.539069] __x64_sys_exit_group+0x47/0x50 [ 161.539429] do_syscall_64+0x3b/0x90 [ 161.539745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.540206] RIP: 0033:0x7f4b87518a4d [ 161.540662] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.541163] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.541774] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.542580] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.543165] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.543745] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.544349] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.545094] [ 161.545290] irq event stamp: 0 [ 161.545546] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.546054] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.546748] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.547427] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.547939] ---[ end trace 0000000000000000 ]--- [ 161.552544] ------------[ cut here ]------------ [ 161.552948] WARNING: CPU: 0 PID: 1522 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.553764] Modules linked in: [ 161.554022] CPU: 0 PID: 1522 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.554748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.555657] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.556057] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.557526] RSP: 0018:ffff88800f7afbb8 EFLAGS: 00010246 [ 161.557949] RAX: 0000000000000000 RBX: ffff8880182938a8 RCX: 0000000000000000 [ 161.558534] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 161.559105] RBP: ffff88800f7afbd0 R08: ffffed1003052733 R09: ffffed1003052733 [ 161.559683] R10: ffff888018293993 R11: ffffed1003052732 R12: ffff888013b15c00 [ 161.560250] R13: ffff8880182939e8 R14: ffffffff8352e670 R15: ffff88800f7afe68 [ 161.560816] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.561459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.561922] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 161.562492] PKRU: 55555554 [ 161.562737] Call Trace: [ 161.562944] [ 161.563132] __iommufd_access_detach+0x1c2/0x2b0 [ 161.563531] iommufd_access_change_pt+0x149/0x270 [ 161.563933] iommufd_access_replace+0xb4/0x120 [ 161.564309] iommufd_test+0x3e5/0x37e0 [ 161.564628] ? lock_release+0x532/0x770 [ 161.564966] ? __might_fault+0x102/0x1b0 [ 161.565303] ? lock_acquire+0x427/0x4c0 [ 161.565634] ? __pfx_iommufd_test+0x10/0x10 [ 161.565983] ? __pfx_lock_release+0x10/0x10 [ 161.566338] ? __pfx_lock_acquire+0x10/0x10 [ 161.566712] ? write_comp_data+0x2f/0x90 [ 161.567049] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.567459] ? write_comp_data+0x2f/0x90 [ 161.567798] iommufd_fops_ioctl+0x37d/0x510 [ 161.568151] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.568537] ? write_comp_data+0x2f/0x90 [ 161.568864] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.569245] __x64_sys_ioctl+0x1a3/0x230 [ 161.569580] do_syscall_64+0x3b/0x90 [ 161.569886] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.570304] RIP: 0033:0x7f4b8743ee5d [ 161.570620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.572053] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.572638] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.573180] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.573728] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.574269] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.574841] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.575400] [ 161.575581] irq event stamp: 0 [ 161.575824] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.576307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.576949] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.577584] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.578063] ---[ end trace 0000000000000000 ]--- [ 161.580738] ------------[ cut here ]------------ [ 161.581131] WARNING: CPU: 0 PID: 1522 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.581909] Modules linked in: [ 161.582158] CPU: 0 PID: 1522 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.582888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.583775] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.584158] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.585546] RSP: 0018:ffff88800f7afbd0 EFLAGS: 00010246 [ 161.585953] RAX: 0000000000000000 RBX: ffff8880182938a8 RCX: 0000000000000000 [ 161.586497] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 161.587067] RBP: ffff88800f7afbe8 R08: ffffed1003052733 R09: ffffed1003052733 [ 161.587616] R10: ffff888018293993 R11: ffffed1003052732 R12: ffff888018b89000 [ 161.588168] R13: ffff8880182939e8 R14: ffff88800ca5a500 R15: 0000000000000000 [ 161.588723] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.589342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.589789] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.590342] PKRU: 55555554 [ 161.590582] Call Trace: [ 161.590784] [ 161.590962] iommufd_access_destroy_object+0x65/0x170 [ 161.591379] iommufd_object_destroy_user+0x18e/0x220 [ 161.591775] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.592228] iommufd_access_destroy+0x43/0x70 [ 161.592585] iommufd_test_staccess_release+0x8d/0xd0 [ 161.592985] __fput+0x26d/0xa40 [ 161.593255] ____fput+0x1e/0x30 [ 161.593522] task_work_run+0x1a4/0x2d0 [ 161.593836] ? __pfx_task_work_run+0x10/0x10 [ 161.594183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.594602] ? switch_task_namespaces+0xa9/0xe0 [ 161.594976] do_exit+0xb17/0x2ef0 [ 161.595252] ? lock_acquire+0x427/0x4c0 [ 161.595568] ? __pfx_lock_release+0x10/0x10 [ 161.595906] ? __kasan_check_write+0x18/0x20 [ 161.596251] ? do_raw_spin_lock+0x132/0x2a0 [ 161.596586] ? __pfx_do_exit+0x10/0x10 [ 161.596895] ? debug_smp_processor_id+0x20/0x30 [ 161.597260] ? rcu_is_watching+0x19/0xb0 [ 161.597575] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.597930] ? trace_hardirqs_on+0x26/0x120 [ 161.598269] do_group_exit+0xe0/0x2b0 [ 161.598584] __x64_sys_exit_group+0x47/0x50 [ 161.598916] do_syscall_64+0x3b/0x90 [ 161.599223] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.599630] RIP: 0033:0x7f4b87518a4d [ 161.599918] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.600388] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.600972] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.601522] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.602076] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.602639] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.603189] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.603741] [ 161.603922] irq event stamp: 0 [ 161.604167] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.604658] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.605307] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.605946] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.606434] ---[ end trace 0000000000000000 ]--- [ 161.607142] ------------[ cut here ]------------ [ 161.607508] WARNING: CPU: 0 PID: 1522 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.608294] Modules linked in: [ 161.608543] CPU: 0 PID: 1522 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.609222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.610084] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.610485] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.611914] RSP: 0018:ffff88800f7afb78 EFLAGS: 00010246 [ 161.612333] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.612876] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 161.613425] RBP: ffff88800f7afb98 R08: ffffed100305273e R09: ffffed100305273e [ 161.613972] R10: ffff8880182939ef R11: ffffed100305273d R12: ffff888018293a90 [ 161.614540] R13: ffff8880182938a8 R14: ffffffffffffffff R15: ffff88800f7afc60 [ 161.615090] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.615714] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.616160] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.616711] PKRU: 55555554 [ 161.616932] Call Trace: [ 161.617131] [ 161.617306] iommufd_ioas_destroy+0x53/0x70 [ 161.617650] iommufd_fops_release+0x1f7/0x370 [ 161.618004] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.618392] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.618794] ? write_comp_data+0x2f/0x90 [ 161.619129] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.619523] __fput+0x26d/0xa40 [ 161.619795] ____fput+0x1e/0x30 [ 161.620059] task_work_run+0x1a4/0x2d0 [ 161.620371] ? __pfx_task_work_run+0x10/0x10 [ 161.620724] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.621106] ? switch_task_namespaces+0xa9/0xe0 [ 161.621479] do_exit+0xb17/0x2ef0 [ 161.621752] ? lock_acquire+0x427/0x4c0 [ 161.622066] ? __pfx_lock_release+0x10/0x10 [ 161.622407] ? __kasan_check_write+0x18/0x20 [ 161.622779] ? do_raw_spin_lock+0x132/0x2a0 [ 161.623124] ? __pfx_do_exit+0x10/0x10 [ 161.623443] ? debug_smp_processor_id+0x20/0x30 [ 161.623807] ? rcu_is_watching+0x19/0xb0 [ 161.624125] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.624483] ? trace_hardirqs_on+0x26/0x120 [ 161.624824] do_group_exit+0xe0/0x2b0 [ 161.625123] __x64_sys_exit_group+0x47/0x50 [ 161.625454] do_syscall_64+0x3b/0x90 [ 161.625750] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.626155] RIP: 0033:0x7f4b87518a4d [ 161.626445] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.626941] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.627536] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.628083] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.628632] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.629177] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.629727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.630287] [ 161.630468] irq event stamp: 0 [ 161.630730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.631228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.631872] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.632512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.632996] ---[ end trace 0000000000000000 ]--- [ 161.637434] ------------[ cut here ]------------ [ 161.637822] WARNING: CPU: 0 PID: 1523 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.638620] Modules linked in: [ 161.638864] CPU: 0 PID: 1523 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.639526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.640359] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.640730] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.642084] RSP: 0018:ffff888015c7fbb8 EFLAGS: 00010246 [ 161.642482] RAX: 0000000000000000 RBX: ffff888023c948a8 RCX: 0000000000000000 [ 161.643078] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 161.643614] RBP: ffff888015c7fbd0 R08: ffffed1004792933 R09: ffffed1004792933 [ 161.644146] R10: ffff888023c94993 R11: ffffed1004792932 R12: ffff88800fcb0400 [ 161.644678] R13: ffff888023c949e8 R14: ffffffff8352e670 R15: ffff888015c7fe68 [ 161.645208] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.645810] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.646244] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ef0 [ 161.646794] PKRU: 55555554 [ 161.647008] Call Trace: [ 161.647209] [ 161.647380] __iommufd_access_detach+0x1c2/0x2b0 [ 161.647752] iommufd_access_change_pt+0x149/0x270 [ 161.648126] iommufd_access_replace+0xb4/0x120 [ 161.648480] iommufd_test+0x3e5/0x37e0 [ 161.648770] ? lock_release+0x532/0x770 [ 161.649079] ? __might_fault+0x102/0x1b0 [ 161.649396] ? lock_acquire+0x427/0x4c0 [ 161.649710] ? __pfx_iommufd_test+0x10/0x10 [ 161.650036] ? __pfx_lock_release+0x10/0x10 [ 161.650371] ? __pfx_lock_acquire+0x10/0x10 [ 161.650727] ? write_comp_data+0x2f/0x90 [ 161.651051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.651437] ? write_comp_data+0x2f/0x90 [ 161.651759] iommufd_fops_ioctl+0x37d/0x510 [ 161.652095] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.652609] ? write_comp_data+0x2f/0x90 [ 161.653043] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.653412] __x64_sys_ioctl+0x1a3/0x230 [ 161.653733] do_syscall_64+0x3b/0x90 [ 161.654025] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.654428] RIP: 0033:0x7f4b8743ee5d [ 161.654733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.656104] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.656674] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.657205] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.657739] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.658270] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.658820] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.659368] [ 161.659547] irq event stamp: 0 [ 161.659784] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.660256] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.660883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.661508] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.661978] ---[ end trace 0000000000000000 ]--- [ 161.664855] ------------[ cut here ]------------ [ 161.665386] WARNING: CPU: 0 PID: 1523 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.666145] Modules linked in: [ 161.666389] CPU: 0 PID: 1523 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.667237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.668078] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.668457] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.669981] RSP: 0018:ffff888015c7fbd0 EFLAGS: 00010246 [ 161.670468] RAX: 0000000000000000 RBX: ffff888023c948a8 RCX: 0000000000000000 [ 161.671098] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 161.671647] RBP: ffff888015c7fbe8 R08: ffffed1004792933 R09: ffffed1004792933 [ 161.672205] R10: ffff888023c94993 R11: ffffed1004792932 R12: ffff888013b16800 [ 161.672879] R13: ffff888023c949e8 R14: ffff888020874200 R15: 0000000000000000 [ 161.673415] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.674098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.674638] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.675183] PKRU: 55555554 [ 161.675399] Call Trace: [ 161.675595] [ 161.675771] iommufd_access_destroy_object+0x65/0x170 [ 161.676346] iommufd_object_destroy_user+0x18e/0x220 [ 161.676748] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.677206] iommufd_access_destroy+0x43/0x70 [ 161.677572] iommufd_test_staccess_release+0x8d/0xd0 [ 161.678156] __fput+0x26d/0xa40 [ 161.678430] ____fput+0x1e/0x30 [ 161.678722] task_work_run+0x1a4/0x2d0 [ 161.679033] ? __pfx_task_work_run+0x10/0x10 [ 161.679391] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.679795] ? switch_task_namespaces+0xa9/0xe0 [ 161.680323] do_exit+0xb17/0x2ef0 [ 161.680599] ? lock_acquire+0x427/0x4c0 [ 161.680921] ? __pfx_lock_release+0x10/0x10 [ 161.681270] ? __kasan_check_write+0x18/0x20 [ 161.681705] ? do_raw_spin_lock+0x132/0x2a0 [ 161.682129] ? __pfx_do_exit+0x10/0x10 [ 161.682444] ? debug_smp_processor_id+0x20/0x30 [ 161.682841] ? rcu_is_watching+0x19/0xb0 [ 161.683173] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.683532] ? trace_hardirqs_on+0x26/0x120 [ 161.683923] do_group_exit+0xe0/0x2b0 [ 161.684338] __x64_sys_exit_group+0x47/0x50 [ 161.684674] do_syscall_64+0x3b/0x90 [ 161.684972] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.685382] RIP: 0033:0x7f4b87518a4d [ 161.685762] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.686310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.686912] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.687471] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.688188] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.688732] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.689305] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.690001] [ 161.690185] irq event stamp: 0 [ 161.690431] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.690936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.691755] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.692402] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.692893] ---[ end trace 0000000000000000 ]--- [ 161.693733] ------------[ cut here ]------------ [ 161.694098] WARNING: CPU: 0 PID: 1523 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.694930] Modules linked in: [ 161.695340] CPU: 0 PID: 1523 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.696013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.697051] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.697458] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.699058] RSP: 0018:ffff888015c7fb78 EFLAGS: 00010246 [ 161.699484] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.700033] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 161.700764] RBP: ffff888015c7fb98 R08: ffffed100479293e R09: ffffed100479293e [ 161.701330] R10: ffff888023c949ef R11: ffffed100479293d R12: ffff888023c94a90 [ 161.701921] R13: ffff888023c948a8 R14: ffffffffffffffff R15: ffff888015c7fc60 [ 161.702675] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.703338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.703857] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.704576] PKRU: 55555554 [ 161.704810] Call Trace: [ 161.705019] [ 161.705207] iommufd_ioas_destroy+0x53/0x70 [ 161.705602] iommufd_fops_release+0x1f7/0x370 [ 161.706114] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.706551] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.706964] ? write_comp_data+0x2f/0x90 [ 161.707330] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.707912] __fput+0x26d/0xa40 [ 161.708201] ____fput+0x1e/0x30 [ 161.708482] task_work_run+0x1a4/0x2d0 [ 161.708809] ? __pfx_task_work_run+0x10/0x10 [ 161.709203] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.709736] ? switch_task_namespaces+0xa9/0xe0 [ 161.710132] do_exit+0xb17/0x2ef0 [ 161.710422] ? lock_acquire+0x427/0x4c0 [ 161.710776] ? __pfx_lock_release+0x10/0x10 [ 161.711334] ? __kasan_check_write+0x18/0x20 [ 161.711702] ? do_raw_spin_lock+0x132/0x2a0 [ 161.712060] ? __pfx_do_exit+0x10/0x10 [ 161.712389] ? debug_smp_processor_id+0x20/0x30 [ 161.712791] ? rcu_is_watching+0x19/0xb0 [ 161.713301] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.713682] ? trace_hardirqs_on+0x26/0x120 [ 161.714045] do_group_exit+0xe0/0x2b0 [ 161.714364] __x64_sys_exit_group+0x47/0x50 [ 161.714738] do_syscall_64+0x3b/0x90 [ 161.715050] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.715493] RIP: 0033:0x7f4b87518a4d [ 161.715799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.716296] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.716909] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.717482] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.718058] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.718659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.719246] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.719831] [ 161.720025] irq event stamp: 0 [ 161.720281] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.720792] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.721465] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.722142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.722679] ---[ end trace 0000000000000000 ]--- [ 161.726390] ------------[ cut here ]------------ [ 161.726850] WARNING: CPU: 0 PID: 1524 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.727683] Modules linked in: [ 161.727944] CPU: 0 PID: 1524 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.728644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.729543] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.729943] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.731437] RSP: 0018:ffff88800cb8fbb8 EFLAGS: 00010246 [ 161.731869] RAX: 0000000000000000 RBX: ffff8880139488a8 RCX: 0000000000000000 [ 161.732438] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 161.733013] RBP: ffff88800cb8fbd0 R08: ffffed1002729133 R09: ffffed1002729133 [ 161.733583] R10: ffff888013948993 R11: ffffed1002729132 R12: ffff888017b96800 [ 161.734152] R13: ffff8880139489e8 R14: ffffffff8352e670 R15: ffff88800cb8fe68 [ 161.734737] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.735395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.735864] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 161.736441] PKRU: 55555554 [ 161.736672] Call Trace: [ 161.736881] [ 161.737066] __iommufd_access_detach+0x1c2/0x2b0 [ 161.737462] iommufd_access_change_pt+0x149/0x270 [ 161.737865] iommufd_access_replace+0xb4/0x120 [ 161.738244] iommufd_test+0x3e5/0x37e0 [ 161.738582] ? lock_release+0x532/0x770 [ 161.738918] ? __might_fault+0x102/0x1b0 [ 161.739262] ? lock_acquire+0x427/0x4c0 [ 161.739596] ? __pfx_iommufd_test+0x10/0x10 [ 161.739945] ? __pfx_lock_release+0x10/0x10 [ 161.740306] ? __pfx_lock_acquire+0x10/0x10 [ 161.740666] ? write_comp_data+0x2f/0x90 [ 161.741006] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.741403] ? write_comp_data+0x2f/0x90 [ 161.741742] iommufd_fops_ioctl+0x37d/0x510 [ 161.742099] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.742527] ? write_comp_data+0x2f/0x90 [ 161.742868] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.743269] __x64_sys_ioctl+0x1a3/0x230 [ 161.743612] do_syscall_64+0x3b/0x90 [ 161.743928] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.744356] RIP: 0033:0x7f4b8743ee5d [ 161.744661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.746131] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.746767] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.747348] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.747923] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.748497] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.749075] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.749658] [ 161.749849] irq event stamp: 0 [ 161.750104] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.750633] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.751326] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.751998] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.752503] ---[ end trace 0000000000000000 ]--- [ 161.755299] ------------[ cut here ]------------ [ 161.755715] WARNING: CPU: 0 PID: 1524 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.756533] Modules linked in: [ 161.756794] CPU: 0 PID: 1524 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.757493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.758393] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.759015] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.760493] RSP: 0018:ffff88800cb8fbd0 EFLAGS: 00010246 [ 161.760921] RAX: 0000000000000000 RBX: ffff8880139488a8 RCX: 0000000000000000 [ 161.761492] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 161.762065] RBP: ffff88800cb8fbe8 R08: ffffed1002729133 R09: ffffed1002729133 [ 161.762668] R10: ffff888013948993 R11: ffffed1002729132 R12: ffff888012e91400 [ 161.763257] R13: ffff8880139489e8 R14: ffff88800f5b5700 R15: 0000000000000000 [ 161.763833] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.764482] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.764951] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.765525] PKRU: 55555554 [ 161.765756] Call Trace: [ 161.765964] [ 161.766146] iommufd_access_destroy_object+0x65/0x170 [ 161.766589] iommufd_object_destroy_user+0x18e/0x220 [ 161.767013] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.767498] iommufd_access_destroy+0x43/0x70 [ 161.767876] iommufd_test_staccess_release+0x8d/0xd0 [ 161.768301] __fput+0x26d/0xa40 [ 161.768583] ____fput+0x1e/0x30 [ 161.768862] task_work_run+0x1a4/0x2d0 [ 161.769185] ? __pfx_task_work_run+0x10/0x10 [ 161.769549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.769950] ? switch_task_namespaces+0xa9/0xe0 [ 161.770341] do_exit+0xb17/0x2ef0 [ 161.770647] ? lock_acquire+0x427/0x4c0 [ 161.770985] ? __pfx_lock_release+0x10/0x10 [ 161.771356] ? __kasan_check_write+0x18/0x20 [ 161.771723] ? do_raw_spin_lock+0x132/0x2a0 [ 161.772074] ? __pfx_do_exit+0x10/0x10 [ 161.772400] ? debug_smp_processor_id+0x20/0x30 [ 161.772783] ? rcu_is_watching+0x19/0xb0 [ 161.773116] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.773492] ? trace_hardirqs_on+0x26/0x120 [ 161.773849] do_group_exit+0xe0/0x2b0 [ 161.774163] __x64_sys_exit_group+0x47/0x50 [ 161.774538] do_syscall_64+0x3b/0x90 [ 161.774852] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.775294] RIP: 0033:0x7f4b87518a4d [ 161.775588] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.776071] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.776671] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.777229] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.777790] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.778346] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.778923] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.779501] [ 161.779686] irq event stamp: 0 [ 161.779936] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.780429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.781086] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.781743] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.782242] ---[ end trace 0000000000000000 ]--- [ 161.782959] ------------[ cut here ]------------ [ 161.783340] WARNING: CPU: 0 PID: 1524 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.784141] Modules linked in: [ 161.784394] CPU: 0 PID: 1524 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.785078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.785958] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.786361] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.787814] RSP: 0018:ffff88800cb8fb78 EFLAGS: 00010246 [ 161.788237] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.788792] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 161.789345] RBP: ffff88800cb8fb98 R08: ffffed100272913e R09: ffffed100272913e [ 161.789893] R10: ffff8880139489ef R11: ffffed100272913d R12: ffff888013948a90 [ 161.790439] R13: ffff8880139488a8 R14: ffffffffffffffff R15: ffff88800cb8fc60 [ 161.791008] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.791638] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.792082] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.792634] PKRU: 55555554 [ 161.792853] Call Trace: [ 161.793051] [ 161.793228] iommufd_ioas_destroy+0x53/0x70 [ 161.793568] iommufd_fops_release+0x1f7/0x370 [ 161.793922] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.794315] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.794725] ? write_comp_data+0x2f/0x90 [ 161.795054] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.795457] __fput+0x26d/0xa40 [ 161.795727] ____fput+0x1e/0x30 [ 161.795991] task_work_run+0x1a4/0x2d0 [ 161.796299] ? __pfx_task_work_run+0x10/0x10 [ 161.796644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.797028] ? switch_task_namespaces+0xa9/0xe0 [ 161.797402] do_exit+0xb17/0x2ef0 [ 161.797673] ? lock_acquire+0x427/0x4c0 [ 161.797988] ? __pfx_lock_release+0x10/0x10 [ 161.798330] ? __kasan_check_write+0x18/0x20 [ 161.798705] ? do_raw_spin_lock+0x132/0x2a0 [ 161.799057] ? __pfx_do_exit+0x10/0x10 [ 161.799383] ? debug_smp_processor_id+0x20/0x30 [ 161.799758] ? rcu_is_watching+0x19/0xb0 [ 161.800087] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.800453] ? trace_hardirqs_on+0x26/0x120 [ 161.800802] do_group_exit+0xe0/0x2b0 [ 161.801121] __x64_sys_exit_group+0x47/0x50 [ 161.801457] do_syscall_64+0x3b/0x90 [ 161.801760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.802168] RIP: 0033:0x7f4b87518a4d [ 161.802458] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.802967] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.803574] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.804131] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.804680] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.805225] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.805774] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.806335] [ 161.806539] irq event stamp: 0 [ 161.806791] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.807292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.807945] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.808588] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.809075] ---[ end trace 0000000000000000 ]--- [ 161.813181] ------------[ cut here ]------------ [ 161.813592] WARNING: CPU: 1 PID: 1525 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.814390] Modules linked in: [ 161.814777] CPU: 1 PID: 1525 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.815487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.816398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.816806] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.818337] RSP: 0018:ffff888011de7bb8 EFLAGS: 00010246 [ 161.818833] RAX: 0000000000000000 RBX: ffff88800f47e8a8 RCX: 0000000000000000 [ 161.819462] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 161.820072] RBP: ffff888011de7bd0 R08: ffffed1001e8fd33 R09: ffffed1001e8fd33 [ 161.820680] R10: ffff88800f47e993 R11: ffffed1001e8fd32 R12: ffff888013f45000 [ 161.821285] R13: ffff88800f47e9e8 R14: ffffffff8352e670 R15: ffff888011de7e68 [ 161.821876] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.822585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.823088] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 161.823701] PKRU: 55555554 [ 161.823937] Call Trace: [ 161.824156] [ 161.824346] __iommufd_access_detach+0x1c2/0x2b0 [ 161.824757] iommufd_access_change_pt+0x149/0x270 [ 161.825173] iommufd_access_replace+0xb4/0x120 [ 161.825574] iommufd_test+0x3e5/0x37e0 [ 161.825907] ? lock_release+0x532/0x770 [ 161.826251] ? __might_fault+0x102/0x1b0 [ 161.826625] ? lock_acquire+0x427/0x4c0 [ 161.826985] ? __pfx_iommufd_test+0x10/0x10 [ 161.827364] ? __pfx_lock_release+0x10/0x10 [ 161.827732] ? __pfx_lock_acquire+0x10/0x10 [ 161.828104] ? write_comp_data+0x2f/0x90 [ 161.828454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.828863] ? write_comp_data+0x2f/0x90 [ 161.829210] iommufd_fops_ioctl+0x37d/0x510 [ 161.829578] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.829986] ? write_comp_data+0x2f/0x90 [ 161.830335] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.830799] __x64_sys_ioctl+0x1a3/0x230 [ 161.831171] do_syscall_64+0x3b/0x90 [ 161.831502] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.831945] RIP: 0033:0x7f4b8743ee5d [ 161.832260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.833785] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.834436] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.835061] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.835676] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.836272] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.836865] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.837459] [ 161.837652] irq event stamp: 0 [ 161.837919] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.838447] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.839169] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.839872] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.840402] ---[ end trace 0000000000000000 ]--- [ 161.843363] ------------[ cut here ]------------ [ 161.843801] WARNING: CPU: 1 PID: 1525 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.844644] Modules linked in: [ 161.844912] CPU: 1 PID: 1525 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.845635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.846595] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.847018] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.848567] RSP: 0018:ffff888011de7bd0 EFLAGS: 00010246 [ 161.849037] RAX: 0000000000000000 RBX: ffff88800f47e8a8 RCX: 0000000000000000 [ 161.849657] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 161.850279] RBP: ffff888011de7be8 R08: ffffed1001e8fd33 R09: ffffed1001e8fd33 [ 161.850931] R10: ffff88800f47e993 R11: ffffed1001e8fd32 R12: ffff8880129c5400 [ 161.851567] R13: ffff88800f47e9e8 R14: ffff888013727c00 R15: 0000000000000000 [ 161.852185] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.852883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.853392] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.854008] PKRU: 55555554 [ 161.854254] Call Trace: [ 161.854480] [ 161.854701] iommufd_access_destroy_object+0x65/0x170 [ 161.855173] iommufd_object_destroy_user+0x18e/0x220 [ 161.855625] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.856147] iommufd_access_destroy+0x43/0x70 [ 161.856557] iommufd_test_staccess_release+0x8d/0xd0 [ 161.857013] __fput+0x26d/0xa40 [ 161.857322] ____fput+0x1e/0x30 [ 161.857636] task_work_run+0x1a4/0x2d0 [ 161.857986] ? __pfx_task_work_run+0x10/0x10 [ 161.858382] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.858845] ? switch_task_namespaces+0xa9/0xe0 [ 161.859290] do_exit+0xb17/0x2ef0 [ 161.859608] ? lock_acquire+0x427/0x4c0 [ 161.859975] ? __pfx_lock_release+0x10/0x10 [ 161.860369] ? __kasan_check_write+0x18/0x20 [ 161.860775] ? do_raw_spin_lock+0x132/0x2a0 [ 161.861162] ? __pfx_do_exit+0x10/0x10 [ 161.861517] ? debug_smp_processor_id+0x20/0x30 [ 161.861937] ? rcu_is_watching+0x19/0xb0 [ 161.862306] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.862770] ? trace_hardirqs_on+0x26/0x120 [ 161.863185] do_group_exit+0xe0/0x2b0 [ 161.863531] __x64_sys_exit_group+0x47/0x50 [ 161.863908] do_syscall_64+0x3b/0x90 [ 161.864253] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.864724] RIP: 0033:0x7f4b87518a4d [ 161.865056] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.865611] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.866289] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.866941] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.867581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.868205] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.868829] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.869462] [ 161.869676] irq event stamp: 0 [ 161.869961] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.870544] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.871297] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.872035] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.872591] ---[ end trace 0000000000000000 ]--- [ 161.873357] ------------[ cut here ]------------ [ 161.873775] WARNING: CPU: 1 PID: 1525 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.874697] Modules linked in: [ 161.874994] CPU: 1 PID: 1525 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.875773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.876750] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.877207] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.878828] RSP: 0018:ffff888011de7b78 EFLAGS: 00010246 [ 161.879310] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.879939] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 161.880582] RBP: ffff888011de7b98 R08: ffffed1001e8fd3e R09: ffffed1001e8fd3e [ 161.881217] R10: ffff88800f47e9ef R11: ffffed1001e8fd3d R12: ffff88800f47ea90 [ 161.881848] R13: ffff88800f47e8a8 R14: ffffffffffffffff R15: ffff888011de7c60 [ 161.882477] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 161.883221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.883737] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 161.884365] PKRU: 55555554 [ 161.884612] Call Trace: [ 161.884837] [ 161.885043] iommufd_ioas_destroy+0x53/0x70 [ 161.885432] iommufd_fops_release+0x1f7/0x370 [ 161.885834] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.886273] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.886740] ? write_comp_data+0x2f/0x90 [ 161.887123] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.887567] __fput+0x26d/0xa40 [ 161.887881] ____fput+0x1e/0x30 [ 161.888180] task_work_run+0x1a4/0x2d0 [ 161.888540] ? __pfx_task_work_run+0x10/0x10 [ 161.888950] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.889393] ? switch_task_namespaces+0xa9/0xe0 [ 161.889825] do_exit+0xb17/0x2ef0 [ 161.890140] ? lock_acquire+0x427/0x4c0 [ 161.890539] ? __pfx_lock_release+0x10/0x10 [ 161.890938] ? __kasan_check_write+0x18/0x20 [ 161.891352] ? do_raw_spin_lock+0x132/0x2a0 [ 161.891749] ? __pfx_do_exit+0x10/0x10 [ 161.892112] ? debug_smp_processor_id+0x20/0x30 [ 161.892532] ? rcu_is_watching+0x19/0xb0 [ 161.892905] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.893321] ? trace_hardirqs_on+0x26/0x120 [ 161.893717] do_group_exit+0xe0/0x2b0 [ 161.894059] __x64_sys_exit_group+0x47/0x50 [ 161.894452] do_syscall_64+0x3b/0x90 [ 161.894814] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.895301] RIP: 0033:0x7f4b87518a4d [ 161.895635] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.896179] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.896848] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.897473] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.898115] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.898764] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.899419] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.900055] [ 161.900259] irq event stamp: 0 [ 161.900532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.901090] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.901840] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.902610] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.903189] ---[ end trace 0000000000000000 ]--- [ 161.908761] ------------[ cut here ]------------ [ 161.909218] WARNING: CPU: 0 PID: 1526 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.910347] Modules linked in: [ 161.910692] CPU: 0 PID: 1526 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.911482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.912700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.913152] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.914911] RSP: 0018:ffff888016f0fbb8 EFLAGS: 00010246 [ 161.915421] RAX: 0000000000000000 RBX: ffff888011e4e8a8 RCX: 0000000000000000 [ 161.916082] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 161.916744] RBP: ffff888016f0fbd0 R08: ffffed10023c9d33 R09: ffffed10023c9d33 [ 161.917401] R10: ffff888011e4e993 R11: ffffed10023c9d32 R12: ffff88800fd80c00 [ 161.918054] R13: ffff888011e4e9e8 R14: ffffffff8352e670 R15: ffff888016f0fe68 [ 161.918736] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.919499] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.920047] CR2: 00007f4b877410e8 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 161.920723] PKRU: 55555554 [ 161.920996] Call Trace: [ 161.921242] [ 161.921459] __iommufd_access_detach+0x1c2/0x2b0 [ 161.921921] iommufd_access_change_pt+0x149/0x270 [ 161.922385] iommufd_access_replace+0xb4/0x120 [ 161.922853] iommufd_test+0x3e5/0x37e0 [ 161.923232] ? lock_release+0x532/0x770 [ 161.923625] ? __might_fault+0x102/0x1b0 [ 161.924013] ? lock_acquire+0x427/0x4c0 [ 161.924395] ? __pfx_iommufd_test+0x10/0x10 [ 161.924797] ? __pfx_lock_release+0x10/0x10 [ 161.925204] ? __pfx_lock_acquire+0x10/0x10 [ 161.925619] ? write_comp_data+0x2f/0x90 [ 161.926007] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.926467] ? write_comp_data+0x2f/0x90 [ 161.926892] iommufd_fops_ioctl+0x37d/0x510 [ 161.927320] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.927787] ? write_comp_data+0x2f/0x90 [ 161.928177] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 161.928629] __x64_sys_ioctl+0x1a3/0x230 [ 161.929025] do_syscall_64+0x3b/0x90 [ 161.929384] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.929878] RIP: 0033:0x7f4b8743ee5d [ 161.930231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 161.931968] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 161.932694] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 161.933356] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 161.934020] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 161.934706] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 161.935375] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 161.936044] [ 161.936263] irq event stamp: 0 [ 161.936553] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.937139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.937914] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.938710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.939310] ---[ end trace 0000000000000000 ]--- [ 161.942804] ------------[ cut here ]------------ [ 161.943282] WARNING: CPU: 0 PID: 1526 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 161.944227] Modules linked in: [ 161.944585] CPU: 0 PID: 1526 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.945665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.946776] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 161.947410] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 161.949276] RSP: 0018:ffff888016f0fbd0 EFLAGS: 00010246 [ 161.950033] RAX: 0000000000000000 RBX: ffff888011e4e8a8 RCX: 0000000000000000 [ 161.950750] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 161.951453] RBP: ffff888016f0fbe8 R08: ffffed10023c9d33 R09: ffffed10023c9d33 [ 161.952182] R10: ffff888011e4e993 R11: ffffed10023c9d32 R12: ffff888013f44400 [ 161.953149] R13: ffff888011e4e9e8 R14: ffff8880181b8100 R15: 0000000000000000 [ 161.953907] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.955051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.955671] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 161.956415] PKRU: 55555554 [ 161.956713] Call Trace: [ 161.956982] [ 161.957282] iommufd_access_destroy_object+0x65/0x170 [ 161.958001] iommufd_object_destroy_user+0x18e/0x220 [ 161.958571] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 161.959210] iommufd_access_destroy+0x43/0x70 [ 161.959695] iommufd_test_staccess_release+0x8d/0xd0 [ 161.960529] __fput+0x26d/0xa40 [ 161.960892] ____fput+0x1e/0x30 [ 161.961245] task_work_run+0x1a4/0x2d0 [ 161.961662] ? __pfx_task_work_run+0x10/0x10 [ 161.962231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.962903] ? switch_task_namespaces+0xa9/0xe0 [ 161.963420] do_exit+0xb17/0x2ef0 [ 161.963786] ? lock_acquire+0x427/0x4c0 [ 161.964219] ? __pfx_lock_release+0x10/0x10 [ 161.964687] ? __kasan_check_write+0x18/0x20 [ 161.965381] ? do_raw_spin_lock+0x132/0x2a0 [ 161.965846] ? __pfx_do_exit+0x10/0x10 [ 161.966264] ? debug_smp_processor_id+0x20/0x30 [ 161.966784] ? rcu_is_watching+0x19/0xb0 [ 161.967235] ? _raw_spin_unlock_irq+0x2b/0x60 [ 161.967817] ? trace_hardirqs_on+0x26/0x120 [ 161.968443] do_group_exit+0xe0/0x2b0 [ 161.968848] __x64_sys_exit_group+0x47/0x50 [ 161.969299] do_syscall_64+0x3b/0x90 [ 161.969706] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 161.970551] RIP: 0033:0x7f4b87518a4d [ 161.970948] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 161.971596] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 161.972389] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 161.973418] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 161.974164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 161.974999] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 161.975937] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 161.976694] [ 161.976941] irq event stamp: 0 [ 161.977273] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 161.978221] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 161.979163] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 161.980155] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 161.980986] ---[ end trace 0000000000000000 ]--- [ 161.982360] ------------[ cut here ]------------ [ 161.983025] WARNING: CPU: 0 PID: 1526 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 161.984139] Modules linked in: [ 161.984488] CPU: 0 PID: 1526 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 161.985405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 161.986614] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 161.987187] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 161.989119] RSP: 0018:ffff888016f0fb78 EFLAGS: 00010246 [ 161.989690] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.990435] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 161.991237] RBP: ffff888016f0fb98 R08: ffffed10023c9d3e R09: ffffed10023c9d3e [ 161.991982] R10: ffff888011e4e9ef R11: ffffed10023c9d3d R12: ffff888011e4ea90 [ 161.992742] R13: ffff888011e4e8a8 R14: ffffffffffffffff R15: ffff888016f0fc60 [ 161.993501] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 161.994335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.994971] CR2: 00007f82e2b81000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 161.995736] PKRU: 55555554 [ 161.996038] Call Trace: [ 161.996307] [ 161.996546] iommufd_ioas_destroy+0x53/0x70 [ 161.997004] iommufd_fops_release+0x1f7/0x370 [ 161.997483] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.998013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 161.998576] ? write_comp_data+0x2f/0x90 [ 161.999028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 161.999570] __fput+0x26d/0xa40 [ 161.999939] ____fput+0x1e/0x30 [ 162.000297] task_work_run+0x1a4/0x2d0 [ 162.000718] ? __pfx_task_work_run+0x10/0x10 [ 162.001193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.001715] ? switch_task_namespaces+0xa9/0xe0 [ 162.002216] do_exit+0xb17/0x2ef0 [ 162.002620] ? lock_acquire+0x427/0x4c0 [ 162.003059] ? __pfx_lock_release+0x10/0x10 [ 162.003547] ? __kasan_check_write+0x18/0x20 [ 162.004017] ? do_raw_spin_lock+0x132/0x2a0 [ 162.004475] ? __pfx_do_exit+0x10/0x10 [ 162.004891] ? debug_smp_processor_id+0x20/0x30 [ 162.005386] ? rcu_is_watching+0x19/0xb0 [ 162.005819] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.006297] ? trace_hardirqs_on+0x26/0x120 [ 162.006792] do_group_exit+0xe0/0x2b0 [ 162.007206] __x64_sys_exit_group+0x47/0x50 [ 162.007664] do_syscall_64+0x3b/0x90 [ 162.008067] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.008618] RIP: 0033:0x7f4b87518a4d [ 162.009010] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.009660] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.010480] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.011278] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.012033] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.012780] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.013519] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.014275] [ 162.014558] irq event stamp: 0 [ 162.014889] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.015575] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.016454] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.017335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.017999] ---[ end trace 0000000000000000 ]--- [ 162.023856] ------------[ cut here ]------------ [ 162.024385] WARNING: CPU: 0 PID: 1527 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.025762] Modules linked in: [ 162.026108] CPU: 0 PID: 1527 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.027318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.028810] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.029346] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.031596] RSP: 0018:ffff888015a97bb8 EFLAGS: 00010246 [ 162.032174] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 162.032948] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 162.033937] RBP: ffff888015a97bd0 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 162.034725] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff888010825c00 [ 162.035499] R13: ffff888011f649e8 R14: ffffffff8352e670 R15: ffff888015a97e68 [ 162.036520] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.037375] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.038115] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ef0 [ 162.039089] PKRU: 55555554 [ 162.039407] Call Trace: [ 162.039681] [ 162.039921] __iommufd_access_detach+0x1c2/0x2b0 [ 162.040447] iommufd_access_change_pt+0x149/0x270 [ 162.041257] iommufd_access_replace+0xb4/0x120 [ 162.041763] iommufd_test+0x3e5/0x37e0 [ 162.042177] ? lock_release+0x532/0x770 [ 162.042657] ? __might_fault+0x102/0x1b0 [ 162.043103] ? lock_acquire+0x427/0x4c0 [ 162.043673] ? __pfx_iommufd_test+0x10/0x10 [ 162.044306] ? __pfx_lock_release+0x10/0x10 [ 162.044774] ? __pfx_lock_acquire+0x10/0x10 [ 162.045239] ? write_comp_data+0x2f/0x90 [ 162.045684] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.046468] ? write_comp_data+0x2f/0x90 [ 162.046957] iommufd_fops_ioctl+0x37d/0x510 [ 162.047447] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.047971] ? write_comp_data+0x2f/0x90 [ 162.048423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.049207] __x64_sys_ioctl+0x1a3/0x230 [ 162.049661] do_syscall_64+0x3b/0x90 [ 162.050074] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.050680] RIP: 0033:0x7f4b8743ee5d [ 162.051079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.053283] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.054345] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.055136] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.055888] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.056754] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.057705] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.058469] [ 162.058803] irq event stamp: 0 [ 162.059321] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.059996] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.060878] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.062037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.062743] ---[ end trace 0000000000000000 ]--- [ 162.066130] ------------[ cut here ]------------ [ 162.066856] WARNING: CPU: 0 PID: 1527 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.067940] Modules linked in: [ 162.068284] CPU: 0 PID: 1527 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.069478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.070720] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.071280] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.073486] RSP: 0018:ffff888015a97bd0 EFLAGS: 00010246 [ 162.074074] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 162.075062] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 162.075828] RBP: ffff888015a97be8 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 162.076604] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff88800fd82400 [ 162.077594] R13: ffff888011f649e8 R14: ffff888013a63e00 R15: 0000000000000000 [ 162.078349] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.079391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.080115] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 162.080871] PKRU: 55555554 [ 162.081167] Call Trace: [ 162.081438] [ 162.081702] iommufd_access_destroy_object+0x65/0x170 [ 162.082480] iommufd_object_destroy_user+0x18e/0x220 [ 162.083054] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.083688] iommufd_access_destroy+0x43/0x70 [ 162.084171] iommufd_test_staccess_release+0x8d/0xd0 [ 162.084979] __fput+0x26d/0xa40 [ 162.085347] ____fput+0x1e/0x30 [ 162.085704] task_work_run+0x1a4/0x2d0 [ 162.086123] ? __pfx_task_work_run+0x10/0x10 [ 162.086675] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.087365] ? switch_task_namespaces+0xa9/0xe0 [ 162.087892] do_exit+0xb17/0x2ef0 [ 162.088267] ? lock_acquire+0x427/0x4c0 [ 162.088700] ? __pfx_lock_release+0x10/0x10 [ 162.089161] ? __kasan_check_write+0x18/0x20 [ 162.089951] ? do_raw_spin_lock+0x132/0x2a0 [ 162.090414] ? __pfx_do_exit+0x10/0x10 [ 162.090861] ? debug_smp_processor_id+0x20/0x30 [ 162.091359] ? rcu_is_watching+0x19/0xb0 [ 162.091782] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.092594] ? trace_hardirqs_on+0x26/0x120 [ 162.093064] do_group_exit+0xe0/0x2b0 [ 162.093462] __x64_sys_exit_group+0x47/0x50 [ 162.093908] do_syscall_64+0x3b/0x90 [ 162.094419] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.095198] RIP: 0033:0x7f4b87518a4d [ 162.095594] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.096233] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.097089] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.098013] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.098785] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.099543] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.100559] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.101314] [ 162.101564] irq event stamp: 0 [ 162.101924] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.102853] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.103758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.104661] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.105560] ---[ end trace 0000000000000000 ]--- [ 162.106453] ------------[ cut here ]------------ [ 162.107018] WARNING: CPU: 0 PID: 1527 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.108396] Modules linked in: [ 162.108741] CPU: 0 PID: 1527 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.109675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.111195] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.111750] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.113906] RSP: 0018:ffff888015a97b78 EFLAGS: 00010246 [ 162.114466] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.115370] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 162.116263] RBP: ffff888015a97b98 R08: ffffed10023ec93e R09: ffffed10023ec93e [ 162.117011] R10: ffff888011f649ef R11: ffffed10023ec93d R12: ffff888011f64a90 [ 162.117829] R13: ffff888011f648a8 R14: ffffffffffffffff R15: ffff888015a97c60 [ 162.118787] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.119644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.120260] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 162.121313] PKRU: 55555554 [ 162.121614] Call Trace: [ 162.121885] [ 162.122122] iommufd_ioas_destroy+0x53/0x70 [ 162.122623] iommufd_fops_release+0x1f7/0x370 [ 162.123314] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.123850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.124374] ? write_comp_data+0x2f/0x90 [ 162.124815] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.125384] __fput+0x26d/0xa40 [ 162.125928] ____fput+0x1e/0x30 [ 162.126291] task_work_run+0x1a4/0x2d0 [ 162.126749] ? __pfx_task_work_run+0x10/0x10 [ 162.127244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.127768] ? switch_task_namespaces+0xa9/0xe0 [ 162.128368] do_exit+0xb17/0x2ef0 [ 162.128891] ? lock_acquire+0x427/0x4c0 [ 162.129319] ? __pfx_lock_release+0x10/0x10 [ 162.129788] ? __kasan_check_write+0x18/0x20 [ 162.130279] ? do_raw_spin_lock+0x132/0x2a0 [ 162.130972] ? __pfx_do_exit+0x10/0x10 [ 162.131417] ? debug_smp_processor_id+0x20/0x30 [ 162.131914] ? rcu_is_watching+0x19/0xb0 [ 162.132346] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.132831] ? trace_hardirqs_on+0x26/0x120 [ 162.133561] do_group_exit+0xe0/0x2b0 [ 162.133966] __x64_sys_exit_group+0x47/0x50 [ 162.134426] do_syscall_64+0x3b/0x90 [ 162.134876] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.135433] RIP: 0033:0x7f4b87518a4d [ 162.135872] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.136733] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.137526] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.138554] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.139310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.140049] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.140888] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.141800] [ 162.142049] irq event stamp: 0 [ 162.142380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.143203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.144225] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.145108] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.145888] ---[ end trace 0000000000000000 ]--- [ 162.152625] ------------[ cut here ]------------ [ 162.153150] WARNING: CPU: 0 PID: 1528 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.154441] Modules linked in: [ 162.154991] CPU: 0 PID: 1528 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.155928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.157361] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.157893] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.160091] RSP: 0018:ffff888020aefbb8 EFLAGS: 00010246 [ 162.160655] RAX: 0000000000000000 RBX: ffff888012ab50a8 RCX: 0000000000000000 [ 162.161390] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 162.162123] RBP: ffff888020aefbd0 R08: ffffed1002556a33 R09: ffffed1002556a33 [ 162.162900] R10: ffff888012ab5193 R11: ffffed1002556a32 R12: ffff88801226ec00 [ 162.163658] R13: ffff888012ab51e8 R14: ffffffff8352e670 R15: ffff888020aefe68 [ 162.164398] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.165230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.165829] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 162.166601] PKRU: 55555554 [ 162.166899] Call Trace: [ 162.167179] [ 162.167429] __iommufd_access_detach+0x1c2/0x2b0 [ 162.167958] iommufd_access_change_pt+0x149/0x270 [ 162.168820] iommufd_access_replace+0xb4/0x120 [ 162.169326] iommufd_test+0x3e5/0x37e0 [ 162.169740] ? lock_release+0x532/0x770 [ 162.170174] ? __might_fault+0x102/0x1b0 [ 162.170872] ? lock_acquire+0x427/0x4c0 [ 162.171326] ? __pfx_iommufd_test+0x10/0x10 [ 162.171795] ? __pfx_lock_release+0x10/0x10 [ 162.172264] ? __pfx_lock_acquire+0x10/0x10 [ 162.172735] ? write_comp_data+0x2f/0x90 [ 162.173178] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.173697] ? write_comp_data+0x2f/0x90 [ 162.174139] iommufd_fops_ioctl+0x37d/0x510 [ 162.174628] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.175160] ? write_comp_data+0x2f/0x90 [ 162.175603] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.176110] __x64_sys_ioctl+0x1a3/0x230 [ 162.176555] do_syscall_64+0x3b/0x90 [ 162.176958] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.177521] RIP: 0033:0x7f4b8743ee5d [ 162.177916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.179876] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.180690] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.181434] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.182179] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.182957] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.183714] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.184467] [ 162.184715] irq event stamp: 0 [ 162.185045] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.185701] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.186599] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.187473] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.188128] ---[ end trace 0000000000000000 ]--- [ 162.191420] ------------[ cut here ]------------ [ 162.191955] WARNING: CPU: 0 PID: 1528 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.193012] Modules linked in: [ 162.193348] CPU: 0 PID: 1528 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.194253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.195514] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.196044] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.197937] RSP: 0018:ffff888020aefbd0 EFLAGS: 00010246 [ 162.198489] RAX: 0000000000000000 RBX: ffff888012ab50a8 RCX: 0000000000000000 [ 162.199270] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 162.200007] RBP: ffff888020aefbe8 R08: ffffed1002556a33 R09: ffffed1002556a33 [ 162.200742] R10: ffff888012ab5193 R11: ffffed1002556a32 R12: ffff888010824c00 [ 162.201487] R13: ffff888012ab51e8 R14: ffff888020e13c00 R15: 0000000000000000 [ 162.202232] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.203096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.203721] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 162.204467] PKRU: 55555554 [ 162.204767] Call Trace: [ 162.205040] [ 162.205276] iommufd_access_destroy_object+0x65/0x170 [ 162.205819] iommufd_object_destroy_user+0x18e/0x220 [ 162.206358] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.206996] iommufd_access_destroy+0x43/0x70 [ 162.207495] iommufd_test_staccess_release+0x8d/0xd0 [ 162.208053] __fput+0x26d/0xa40 [ 162.208421] ____fput+0x1e/0x30 [ 162.208775] task_work_run+0x1a4/0x2d0 [ 162.209197] ? __pfx_task_work_run+0x10/0x10 [ 162.209668] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.210183] ? switch_task_namespaces+0xa9/0xe0 [ 162.210724] do_exit+0xb17/0x2ef0 [ 162.211097] ? lock_acquire+0x427/0x4c0 [ 162.211534] ? __pfx_lock_release+0x10/0x10 [ 162.211994] ? __kasan_check_write+0x18/0x20 [ 162.212459] ? do_raw_spin_lock+0x132/0x2a0 [ 162.212912] ? __pfx_do_exit+0x10/0x10 [ 162.213334] ? debug_smp_processor_id+0x20/0x30 [ 162.213827] ? rcu_is_watching+0x19/0xb0 [ 162.214263] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.214779] ? trace_hardirqs_on+0x26/0x120 [ 162.215265] do_group_exit+0xe0/0x2b0 [ 162.215674] __x64_sys_exit_group+0x47/0x50 [ 162.216124] do_syscall_64+0x3b/0x90 [ 162.216533] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.217084] RIP: 0033:0x7f4b87518a4d [ 162.217473] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.218119] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.218950] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.219714] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.220463] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.221207] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.221953] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.222746] [ 162.223000] irq event stamp: 0 [ 162.223349] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.224011] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.224880] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.225749] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.226408] ---[ end trace 0000000000000000 ]--- [ 162.227338] ------------[ cut here ]------------ [ 162.227840] WARNING: CPU: 0 PID: 1528 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.228895] Modules linked in: [ 162.229230] CPU: 0 PID: 1528 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.230142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.231359] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.231905] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.233786] RSP: 0018:ffff888020aefb78 EFLAGS: 00010246 [ 162.234337] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.235104] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 162.235847] RBP: ffff888020aefb98 R08: ffffed1002556a3e R09: ffffed1002556a3e [ 162.236576] R10: ffff888012ab51ef R11: ffffed1002556a3d R12: ffff888012ab5290 [ 162.237313] R13: ffff888012ab50a8 R14: ffffffffffffffff R15: ffff888020aefc60 [ 162.238040] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.238893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.239518] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 162.240249] PKRU: 55555554 [ 162.240542] Call Trace: [ 162.240810] [ 162.241043] iommufd_ioas_destroy+0x53/0x70 [ 162.241501] iommufd_fops_release+0x1f7/0x370 [ 162.241973] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.242498] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.243073] ? write_comp_data+0x2f/0x90 [ 162.243520] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.244052] __fput+0x26d/0xa40 [ 162.244416] ____fput+0x1e/0x30 [ 162.244768] task_work_run+0x1a4/0x2d0 [ 162.245184] ? __pfx_task_work_run+0x10/0x10 [ 162.245650] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.246163] ? switch_task_namespaces+0xa9/0xe0 [ 162.246695] do_exit+0xb17/0x2ef0 [ 162.247065] ? lock_acquire+0x427/0x4c0 [ 162.247493] ? __pfx_lock_release+0x10/0x10 [ 162.247948] ? __kasan_check_write+0x18/0x20 [ 162.248406] ? do_raw_spin_lock+0x132/0x2a0 [ 162.248859] ? __pfx_do_exit+0x10/0x10 [ 162.249276] ? debug_smp_processor_id+0x20/0x30 [ 162.249764] ? rcu_is_watching+0x19/0xb0 [ 162.250191] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.250708] ? trace_hardirqs_on+0x26/0x120 [ 162.251194] do_group_exit+0xe0/0x2b0 [ 162.251600] __x64_sys_exit_group+0x47/0x50 [ 162.252048] do_syscall_64+0x3b/0x90 [ 162.252452] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.252992] RIP: 0033:0x7f4b87518a4d [ 162.253375] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.254013] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.254836] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.255586] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.256315] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.257055] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.257782] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.258553] [ 162.258797] irq event stamp: 0 [ 162.259132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.259788] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.260648] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.261504] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.262154] ---[ end trace 0000000000000000 ]--- [ 162.267472] ------------[ cut here ]------------ [ 162.268012] WARNING: CPU: 0 PID: 1529 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.269045] Modules linked in: [ 162.269374] CPU: 0 PID: 1529 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.270266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.271585] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.272104] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.273979] RSP: 0018:ffff888012da7bb8 EFLAGS: 00010246 [ 162.274547] RAX: 0000000000000000 RBX: ffff88800cb970a8 RCX: 0000000000000000 [ 162.275288] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 162.276011] RBP: ffff888012da7bd0 R08: ffffed1001972e33 R09: ffffed1001972e33 [ 162.276738] R10: ffff88800cb97193 R11: ffffed1001972e32 R12: ffff88801422e400 [ 162.277464] R13: ffff88800cb971e8 R14: ffffffff8352e670 R15: ffff888012da7e68 [ 162.278190] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.279031] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.279641] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 162.280374] PKRU: 55555554 [ 162.280668] Call Trace: [ 162.280932] [ 162.281163] __iommufd_access_detach+0x1c2/0x2b0 [ 162.281670] iommufd_access_change_pt+0x149/0x270 [ 162.282176] iommufd_access_replace+0xb4/0x120 [ 162.282687] iommufd_test+0x3e5/0x37e0 [ 162.283092] ? lock_release+0x532/0x770 [ 162.283526] ? __might_fault+0x102/0x1b0 [ 162.283958] ? lock_acquire+0x427/0x4c0 [ 162.284391] ? __pfx_iommufd_test+0x10/0x10 [ 162.284838] ? __pfx_lock_release+0x10/0x10 [ 162.285291] ? __pfx_lock_acquire+0x10/0x10 [ 162.285748] ? write_comp_data+0x2f/0x90 [ 162.286179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.286729] ? write_comp_data+0x2f/0x90 [ 162.287175] iommufd_fops_ioctl+0x37d/0x510 [ 162.287624] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.288129] ? write_comp_data+0x2f/0x90 [ 162.288558] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.289057] __x64_sys_ioctl+0x1a3/0x230 [ 162.289484] do_syscall_64+0x3b/0x90 [ 162.289877] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.290416] RIP: 0033:0x7f4b8743ee5d [ 162.290820] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.292687] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.293459] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.294185] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.294934] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.295671] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.296404] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.297144] [ 162.297380] irq event stamp: 0 [ 162.297703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.298356] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.299246] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.300099] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.300718] ---[ end trace 0000000000000000 ]--- [ 162.303793] ------------[ cut here ]------------ [ 162.304268] WARNING: CPU: 0 PID: 1529 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.305216] Modules linked in: [ 162.305520] CPU: 0 PID: 1529 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.306334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.307423] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.307890] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.309588] RSP: 0018:ffff888012da7bd0 EFLAGS: 00010246 [ 162.310090] RAX: 0000000000000000 RBX: ffff88800cb970a8 RCX: 0000000000000000 [ 162.310772] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 162.311442] RBP: ffff888012da7be8 R08: ffffed1001972e33 R09: ffffed1001972e33 [ 162.312094] R10: ffff88800cb97193 R11: ffffed1001972e32 R12: ffff88801226f000 [ 162.312743] R13: ffff88800cb971e8 R14: ffff8880181b8700 R15: 0000000000000000 [ 162.313396] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.314133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.314685] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 162.315346] PKRU: 55555554 [ 162.315607] Call Trace: [ 162.315840] [ 162.316048] iommufd_access_destroy_object+0x65/0x170 [ 162.316529] iommufd_object_destroy_user+0x18e/0x220 [ 162.317005] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.317518] iommufd_access_destroy+0x43/0x70 [ 162.317917] iommufd_test_staccess_release+0x8d/0xd0 [ 162.318372] __fput+0x26d/0xa40 [ 162.318696] ____fput+0x1e/0x30 [ 162.318997] task_work_run+0x1a4/0x2d0 [ 162.319359] ? __pfx_task_work_run+0x10/0x10 [ 162.319751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.320182] ? switch_task_namespaces+0xa9/0xe0 [ 162.320602] do_exit+0xb17/0x2ef0 [ 162.320907] ? lock_acquire+0x427/0x4c0 [ 162.321263] ? __pfx_lock_release+0x10/0x10 [ 162.321648] ? __kasan_check_write+0x18/0x20 [ 162.322037] ? do_raw_spin_lock+0x132/0x2a0 [ 162.322416] ? __pfx_do_exit+0x10/0x10 [ 162.322792] ? debug_smp_processor_id+0x20/0x30 [ 162.323212] ? rcu_is_watching+0x19/0xb0 [ 162.323572] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.323978] ? trace_hardirqs_on+0x26/0x120 [ 162.324362] do_group_exit+0xe0/0x2b0 [ 162.324697] __x64_sys_exit_group+0x47/0x50 [ 162.325075] do_syscall_64+0x3b/0x90 [ 162.325407] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.325869] RIP: 0033:0x7f4b87518a4d [ 162.326197] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.326749] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.327423] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.328039] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.328655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.329268] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.329879] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.330497] [ 162.330721] irq event stamp: 0 [ 162.330998] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.331554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.332280] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.333005] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.333549] ---[ end trace 0000000000000000 ]--- [ 162.334305] ------------[ cut here ]------------ [ 162.334737] WARNING: CPU: 0 PID: 1529 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.335636] Modules linked in: [ 162.335914] CPU: 0 PID: 1529 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.336674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.337635] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.338055] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.339552] RSP: 0018:ffff888012da7b78 EFLAGS: 00010246 [ 162.339989] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.340567] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 162.341144] RBP: ffff888012da7b98 R08: ffffed1001972e3e R09: ffffed1001972e3e [ 162.341719] R10: ffff88800cb971ef R11: ffffed1001972e3d R12: ffff88800cb97290 [ 162.342296] R13: ffff88800cb970a8 R14: ffffffffffffffff R15: ffff888012da7c60 [ 162.342894] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.343557] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.344029] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 162.344610] PKRU: 55555554 [ 162.344842] Call Trace: [ 162.345052] [ 162.345238] iommufd_ioas_destroy+0x53/0x70 [ 162.345598] iommufd_fops_release+0x1f7/0x370 [ 162.345971] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.346383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.346811] ? write_comp_data+0x2f/0x90 [ 162.347161] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.347582] __fput+0x26d/0xa40 [ 162.347872] ____fput+0x1e/0x30 [ 162.348153] task_work_run+0x1a4/0x2d0 [ 162.348481] ? __pfx_task_work_run+0x10/0x10 [ 162.348849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.349255] ? switch_task_namespaces+0xa9/0xe0 [ 162.349646] do_exit+0xb17/0x2ef0 [ 162.349932] ? lock_acquire+0x427/0x4c0 [ 162.350268] ? __pfx_lock_release+0x10/0x10 [ 162.350647] ? __kasan_check_write+0x18/0x20 [ 162.351018] ? do_raw_spin_lock+0x132/0x2a0 [ 162.351384] ? __pfx_do_exit+0x10/0x10 [ 162.351718] ? debug_smp_processor_id+0x20/0x30 [ 162.352103] ? rcu_is_watching+0x19/0xb0 [ 162.352439] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.352814] ? trace_hardirqs_on+0x26/0x120 [ 162.353172] do_group_exit+0xe0/0x2b0 [ 162.353486] __x64_sys_exit_group+0x47/0x50 [ 162.353841] do_syscall_64+0x3b/0x90 [ 162.354156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.354611] RIP: 0033:0x7f4b87518a4d [ 162.354919] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.355427] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.356043] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.356622] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.357199] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.357786] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.358363] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.358971] [ 162.359173] irq event stamp: 0 [ 162.359435] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.359949] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.360628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.361304] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.361815] ---[ end trace 0000000000000000 ]--- [ 162.366324] ------------[ cut here ]------------ [ 162.366869] WARNING: CPU: 0 PID: 1530 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.367673] Modules linked in: [ 162.367919] CPU: 0 PID: 1530 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.368592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.369458] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.369838] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.371426] RSP: 0018:ffff888018367bb8 EFLAGS: 00010246 [ 162.371831] RAX: 0000000000000000 RBX: ffff8880145df0a8 RCX: 0000000000000000 [ 162.372372] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 162.372909] RBP: ffff888018367bd0 R08: ffffed10028bbe33 R09: ffffed10028bbe33 [ 162.373447] R10: ffff8880145df193 R11: ffffed10028bbe32 R12: ffff888014582000 [ 162.373987] R13: ffff8880145df1e8 R14: ffffffff8352e670 R15: ffff888018367e68 [ 162.374544] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.375169] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.375613] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 162.376160] PKRU: 55555554 [ 162.376378] Call Trace: [ 162.376575] [ 162.376751] __iommufd_access_detach+0x1c2/0x2b0 [ 162.377131] iommufd_access_change_pt+0x149/0x270 [ 162.377513] iommufd_access_replace+0xb4/0x120 [ 162.377875] iommufd_test+0x3e5/0x37e0 [ 162.378175] ? lock_release+0x532/0x770 [ 162.378489] ? __might_fault+0x102/0x1b0 [ 162.378834] ? lock_acquire+0x427/0x4c0 [ 162.379166] ? __pfx_iommufd_test+0x10/0x10 [ 162.379497] ? __pfx_lock_release+0x10/0x10 [ 162.379839] ? __pfx_lock_acquire+0x10/0x10 [ 162.380180] ? write_comp_data+0x2f/0x90 [ 162.380505] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.380883] ? write_comp_data+0x2f/0x90 [ 162.381203] iommufd_fops_ioctl+0x37d/0x510 [ 162.381543] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.381922] ? write_comp_data+0x2f/0x90 [ 162.382245] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.382643] __x64_sys_ioctl+0x1a3/0x230 [ 162.382966] do_syscall_64+0x3b/0x90 [ 162.383283] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.383690] RIP: 0033:0x7f4b8743ee5d [ 162.383980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.385371] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.385952] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.386491] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.387052] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.387602] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.388148] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.388684] [ 162.388858] irq event stamp: 0 [ 162.389093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.389562] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.390182] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.390821] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.391302] ---[ end trace 0000000000000000 ]--- [ 162.394016] ------------[ cut here ]------------ [ 162.394397] WARNING: CPU: 0 PID: 1530 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.395208] Modules linked in: [ 162.395459] CPU: 0 PID: 1530 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.396111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.396952] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.397326] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.398704] RSP: 0018:ffff888018367bd0 EFLAGS: 00010246 [ 162.399103] RAX: 0000000000000000 RBX: ffff8880145df0a8 RCX: 0000000000000000 [ 162.399643] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 162.400174] RBP: ffff888018367be8 R08: ffffed10028bbe33 R09: ffffed10028bbe33 [ 162.400700] R10: ffff8880145df193 R11: ffffed10028bbe32 R12: ffff88801422c800 [ 162.401229] R13: ffff8880145df1e8 R14: ffff888020e5b900 R15: 0000000000000000 [ 162.401756] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.402353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.402809] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 162.403352] PKRU: 55555554 [ 162.403566] Call Trace: [ 162.403760] [ 162.403930] iommufd_access_destroy_object+0x65/0x170 [ 162.404321] iommufd_object_destroy_user+0x18e/0x220 [ 162.404708] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.405146] iommufd_access_destroy+0x43/0x70 [ 162.405492] iommufd_test_staccess_release+0x8d/0xd0 [ 162.405886] __fput+0x26d/0xa40 [ 162.406151] ____fput+0x1e/0x30 [ 162.406406] task_work_run+0x1a4/0x2d0 [ 162.406731] ? __pfx_task_work_run+0x10/0x10 [ 162.407078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.407467] ? switch_task_namespaces+0xa9/0xe0 [ 162.407829] do_exit+0xb17/0x2ef0 [ 162.408094] ? lock_acquire+0x427/0x4c0 [ 162.408402] ? __pfx_lock_release+0x10/0x10 [ 162.408738] ? __kasan_check_write+0x18/0x20 [ 162.409076] ? do_raw_spin_lock+0x132/0x2a0 [ 162.409402] ? __pfx_do_exit+0x10/0x10 [ 162.409707] ? debug_smp_processor_id+0x20/0x30 [ 162.410062] ? rcu_is_watching+0x19/0xb0 [ 162.410374] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.410749] ? trace_hardirqs_on+0x26/0x120 [ 162.411083] do_group_exit+0xe0/0x2b0 [ 162.411382] __x64_sys_exit_group+0x47/0x50 [ 162.411710] do_syscall_64+0x3b/0x90 [ 162.411998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.412391] RIP: 0033:0x7f4b87518a4d [ 162.412673] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.413133] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.413699] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.414233] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.414786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.415325] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.415854] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.416398] [ 162.416577] irq event stamp: 0 [ 162.416813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.417282] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.417906] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.418541] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.419010] ---[ end trace 0000000000000000 ]--- [ 162.419688] ------------[ cut here ]------------ [ 162.420036] WARNING: CPU: 0 PID: 1530 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.420786] Modules linked in: [ 162.421025] CPU: 0 PID: 1530 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.421666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.422488] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.422908] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.424327] RSP: 0018:ffff888018367b78 EFLAGS: 00010246 [ 162.424870] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.425399] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 162.425929] RBP: ffff888018367b98 R08: ffffed10028bbe3e R09: ffffed10028bbe3e [ 162.426462] R10: ffff8880145df1ef R11: ffffed10028bbe3d R12: ffff8880145df290 [ 162.427007] R13: ffff8880145df0a8 R14: ffffffffffffffff R15: ffff888018367c60 [ 162.427691] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.428285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.428719] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 162.429260] PKRU: 55555554 [ 162.429606] Call Trace: [ 162.429799] [ 162.429968] iommufd_ioas_destroy+0x53/0x70 [ 162.430297] iommufd_fops_release+0x1f7/0x370 [ 162.430660] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.431034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.431448] ? write_comp_data+0x2f/0x90 [ 162.431864] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.432244] __fput+0x26d/0xa40 [ 162.432507] ____fput+0x1e/0x30 [ 162.432761] task_work_run+0x1a4/0x2d0 [ 162.433065] ? __pfx_task_work_run+0x10/0x10 [ 162.433539] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.433912] ? switch_task_namespaces+0xa9/0xe0 [ 162.434276] do_exit+0xb17/0x2ef0 [ 162.434564] ? lock_acquire+0x427/0x4c0 [ 162.434872] ? __pfx_lock_release+0x10/0x10 [ 162.435263] ? __kasan_check_write+0x18/0x20 [ 162.435690] ? do_raw_spin_lock+0x132/0x2a0 [ 162.436019] ? __pfx_do_exit+0x10/0x10 [ 162.436320] ? debug_smp_processor_id+0x20/0x30 [ 162.436674] ? rcu_is_watching+0x19/0xb0 [ 162.437114] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.437460] ? trace_hardirqs_on+0x26/0x120 [ 162.437788] do_group_exit+0xe0/0x2b0 [ 162.438074] __x64_sys_exit_group+0x47/0x50 [ 162.438402] do_syscall_64+0x3b/0x90 [ 162.438847] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.439250] RIP: 0033:0x7f4b87518a4d [ 162.439529] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.439982] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.440556] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.441196] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.441721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.442292] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.442922] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.443465] [ 162.443643] irq event stamp: 0 [ 162.443881] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.444410] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.445113] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.445757] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.446330] ---[ end trace 0000000000000000 ]--- [ 162.450761] ------------[ cut here ]------------ [ 162.451248] WARNING: CPU: 0 PID: 1531 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.452014] Modules linked in: [ 162.452311] CPU: 0 PID: 1531 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.453056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.453960] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.454448] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.455933] RSP: 0018:ffff888012da7bb8 EFLAGS: 00010246 [ 162.456455] RAX: 0000000000000000 RBX: ffff8880188478a8 RCX: 0000000000000000 [ 162.457005] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 162.457549] RBP: ffff888012da7bd0 R08: ffffed1003108f33 R09: ffffed1003108f33 [ 162.458274] R10: ffff888018847993 R11: ffffed1003108f32 R12: ffff888012d47400 [ 162.458844] R13: ffff8880188479e8 R14: ffffffff8352e670 R15: ffff888012da7e68 [ 162.459408] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.460204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.460652] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 162.461200] PKRU: 55555554 [ 162.461477] Call Trace: [ 162.461789] [ 162.461969] __iommufd_access_detach+0x1c2/0x2b0 [ 162.462352] iommufd_access_change_pt+0x149/0x270 [ 162.462758] iommufd_access_replace+0xb4/0x120 [ 162.463129] iommufd_test+0x3e5/0x37e0 [ 162.463515] ? lock_release+0x532/0x770 [ 162.463940] ? __might_fault+0x102/0x1b0 [ 162.464261] ? lock_acquire+0x427/0x4c0 [ 162.464582] ? __pfx_iommufd_test+0x10/0x10 [ 162.464955] ? __pfx_lock_release+0x10/0x10 [ 162.465412] ? __pfx_lock_acquire+0x10/0x10 [ 162.465756] ? write_comp_data+0x2f/0x90 [ 162.466079] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.466476] ? write_comp_data+0x2f/0x90 [ 162.466938] iommufd_fops_ioctl+0x37d/0x510 [ 162.467297] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.467686] ? write_comp_data+0x2f/0x90 [ 162.468019] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.468404] __x64_sys_ioctl+0x1a3/0x230 [ 162.468885] do_syscall_64+0x3b/0x90 [ 162.469186] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.469597] RIP: 0033:0x7f4b8743ee5d [ 162.469886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.471477] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.472069] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.472792] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.473356] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.473982] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.474673] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.475262] [ 162.475452] irq event stamp: 0 [ 162.475703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.476381] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.477044] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.477858] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.478360] ---[ end trace 0000000000000000 ]--- [ 162.481334] ------------[ cut here ]------------ [ 162.481830] WARNING: CPU: 0 PID: 1531 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.482677] Modules linked in: [ 162.482938] CPU: 0 PID: 1531 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.483823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.484727] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.485282] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.486913] RSP: 0018:ffff888012da7bd0 EFLAGS: 00010246 [ 162.487357] RAX: 0000000000000000 RBX: ffff8880188478a8 RCX: 0000000000000000 [ 162.487928] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 162.488491] RBP: ffff888012da7be8 R08: ffffed1003108f33 R09: ffffed1003108f33 [ 162.489055] R10: ffff888018847993 R11: ffffed1003108f32 R12: ffff888014582800 [ 162.489620] R13: ffff8880188479e8 R14: ffff88802185ec00 R15: 0000000000000000 [ 162.490181] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.490848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.491330] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 162.491903] PKRU: 55555554 [ 162.492132] Call Trace: [ 162.492345] [ 162.492531] iommufd_access_destroy_object+0x65/0x170 [ 162.492955] iommufd_object_destroy_user+0x18e/0x220 [ 162.493378] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.493843] iommufd_access_destroy+0x43/0x70 [ 162.494205] iommufd_test_staccess_release+0x8d/0xd0 [ 162.494631] __fput+0x26d/0xa40 [ 162.494910] ____fput+0x1e/0x30 [ 162.495190] task_work_run+0x1a4/0x2d0 [ 162.495514] ? __pfx_task_work_run+0x10/0x10 [ 162.495875] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.496274] ? switch_task_namespaces+0xa9/0xe0 [ 162.496657] do_exit+0xb17/0x2ef0 [ 162.496937] ? lock_acquire+0x427/0x4c0 [ 162.497262] ? __pfx_lock_release+0x10/0x10 [ 162.497612] ? __kasan_check_write+0x18/0x20 [ 162.497968] ? do_raw_spin_lock+0x132/0x2a0 [ 162.498311] ? __pfx_do_exit+0x10/0x10 [ 162.498649] ? debug_smp_processor_id+0x20/0x30 [ 162.499025] ? rcu_is_watching+0x19/0xb0 [ 162.499362] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.499729] ? trace_hardirqs_on+0x26/0x120 [ 162.500087] do_group_exit+0xe0/0x2b0 [ 162.500395] __x64_sys_exit_group+0x47/0x50 [ 162.500739] do_syscall_64+0x3b/0x90 [ 162.501043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.501471] RIP: 0033:0x7f4b87518a4d [ 162.501770] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.502255] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.502880] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.503461] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.504036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.504606] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.505182] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.505761] [ 162.505948] irq event stamp: 0 [ 162.506201] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.506724] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.507408] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.508075] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.508589] ---[ end trace 0000000000000000 ]--- [ 162.509350] ------------[ cut here ]------------ [ 162.509883] WARNING: CPU: 0 PID: 1531 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.510754] Modules linked in: [ 162.511016] CPU: 0 PID: 1531 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.511914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.512819] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.513282] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.515147] RSP: 0018:ffff888012da7b78 EFLAGS: 00010246 [ 162.515731] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.516296] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 162.516858] RBP: ffff888012da7b98 R08: ffffed1003108f3e R09: ffffed1003108f3e [ 162.517419] R10: ffff8880188479ef R11: ffffed1003108f3d R12: ffff888018847a90 [ 162.517982] R13: ffff8880188478a8 R14: ffffffffffffffff R15: ffff888012da7c60 [ 162.518569] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.519222] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.519686] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 162.520249] PKRU: 55555554 [ 162.520475] Call Trace: [ 162.520681] [ 162.520863] iommufd_ioas_destroy+0x53/0x70 [ 162.521215] iommufd_fops_release+0x1f7/0x370 [ 162.521580] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.521982] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.522375] ? write_comp_data+0x2f/0x90 [ 162.522726] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.523149] __fput+0x26d/0xa40 [ 162.523426] ____fput+0x1e/0x30 [ 162.523699] task_work_run+0x1a4/0x2d0 [ 162.524017] ? __pfx_task_work_run+0x10/0x10 [ 162.524382] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.524777] ? switch_task_namespaces+0xa9/0xe0 [ 162.525174] do_exit+0xb17/0x2ef0 [ 162.525453] ? lock_acquire+0x427/0x4c0 [ 162.525777] ? __pfx_lock_release+0x10/0x10 [ 162.526127] ? __kasan_check_write+0x18/0x20 [ 162.526481] ? do_raw_spin_lock+0x132/0x2a0 [ 162.526850] ? __pfx_do_exit+0x10/0x10 [ 162.527186] ? debug_smp_processor_id+0x20/0x30 [ 162.527567] ? rcu_is_watching+0x19/0xb0 [ 162.527895] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.528261] ? trace_hardirqs_on+0x26/0x120 [ 162.528617] do_group_exit+0xe0/0x2b0 [ 162.528920] __x64_sys_exit_group+0x47/0x50 [ 162.529266] do_syscall_64+0x3b/0x90 [ 162.529576] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.530001] RIP: 0033:0x7f4b87518a4d [ 162.530301] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.530816] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.531434] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.531999] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.532564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.533126] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.533690] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.534262] [ 162.534451] irq event stamp: 0 [ 162.534726] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.535239] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.535897] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.536554] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.537048] ---[ end trace 0000000000000000 ]--- [ 162.541720] ------------[ cut here ]------------ [ 162.542579] WARNING: CPU: 0 PID: 1532 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.543434] Modules linked in: [ 162.543699] CPU: 0 PID: 1532 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.544562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.545464] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.545867] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.547353] RSP: 0018:ffff888017947bb8 EFLAGS: 00010246 [ 162.547784] RAX: 0000000000000000 RBX: ffff888023f538a8 RCX: 0000000000000000 [ 162.548353] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 162.548920] RBP: ffff888017947bd0 R08: ffffed10047ea733 R09: ffffed10047ea733 [ 162.549489] R10: ffff888023f53993 R11: ffffed10047ea732 R12: ffff888010827400 [ 162.550058] R13: ffff888023f539e8 R14: ffffffff8352e670 R15: ffff888017947e68 [ 162.550649] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 162.551310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.551776] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 162.552347] PKRU: 55555554 [ 162.552578] Call Trace: [ 162.552784] [ 162.552967] __iommufd_access_detach+0x1c2/0x2b0 [ 162.553361] iommufd_access_change_pt+0x149/0x270 [ 162.553761] iommufd_access_replace+0xb4/0x120 [ 162.554143] iommufd_test+0x3e5/0x37e0 [ 162.554458] ? lock_release+0x532/0x770 [ 162.554806] ? __might_fault+0x102/0x1b0 [ 162.555161] ? lock_acquire+0x427/0x4c0 [ 162.555488] ? __pfx_iommufd_test+0x10/0x10 [ 162.555832] ? __pfx_lock_release+0x10/0x10 [ 162.556183] ? __pfx_lock_acquire+0x10/0x10 [ 162.556543] ? write_comp_data+0x2f/0x90 [ 162.556878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.557268] ? write_comp_data+0x2f/0x90 [ 162.557606] iommufd_fops_ioctl+0x37d/0x510 [ 162.557961] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.558359] ? write_comp_data+0x2f/0x90 [ 162.558718] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.559126] __x64_sys_ioctl+0x1a3/0x230 [ 162.559469] do_syscall_64+0x3b/0x90 [ 162.559779] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.560196] RIP: 0033:0x7f4b8743ee5d [ 162.560494] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.561936] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.562573] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.563162] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.563733] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.564305] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.564874] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.565451] [ 162.565641] irq event stamp: 0 [ 162.565897] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.566403] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.567090] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.567761] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.568263] ---[ end trace 0000000000000000 ]--- [ 162.571344] ------------[ cut here ]------------ [ 162.571786] WARNING: CPU: 1 PID: 1532 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.572669] Modules linked in: [ 162.573197] CPU: 1 PID: 1532 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.573908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.575034] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.575457] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.577011] RSP: 0018:ffff888017947bd0 EFLAGS: 00010246 [ 162.577507] RAX: 0000000000000000 RBX: ffff888023f538a8 RCX: 0000000000000000 [ 162.578083] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 162.578701] RBP: ffff888017947be8 R08: ffffed10047ea733 R09: ffffed10047ea733 [ 162.579366] R10: ffff888023f53993 R11: ffffed10047ea732 R12: ffff888012d45800 [ 162.579944] R13: ffff888023f539e8 R14: ffff888012234200 R15: 0000000000000000 [ 162.580522] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.581326] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.581799] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 162.582382] PKRU: 55555554 [ 162.582637] Call Trace: [ 162.582949] [ 162.583156] iommufd_access_destroy_object+0x65/0x170 [ 162.583586] iommufd_object_destroy_user+0x18e/0x220 [ 162.584009] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.584498] iommufd_access_destroy+0x43/0x70 [ 162.584916] iommufd_test_staccess_release+0x8d/0xd0 [ 162.585421] __fput+0x26d/0xa40 [ 162.585710] ____fput+0x1e/0x30 [ 162.585991] task_work_run+0x1a4/0x2d0 [ 162.586322] ? __pfx_task_work_run+0x10/0x10 [ 162.586714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.587245] ? switch_task_namespaces+0xa9/0xe0 [ 162.587638] do_exit+0xb17/0x2ef0 [ 162.587929] ? lock_acquire+0x427/0x4c0 [ 162.588265] ? __pfx_lock_release+0x10/0x10 [ 162.588626] ? __kasan_check_write+0x18/0x20 [ 162.589107] ? do_raw_spin_lock+0x132/0x2a0 [ 162.589513] ? __pfx_do_exit+0x10/0x10 [ 162.589845] ? debug_smp_processor_id+0x20/0x30 [ 162.590238] ? rcu_is_watching+0x19/0xb0 [ 162.590612] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.591006] ? trace_hardirqs_on+0x26/0x120 [ 162.591523] do_group_exit+0xe0/0x2b0 [ 162.591858] __x64_sys_exit_group+0x47/0x50 [ 162.592238] do_syscall_64+0x3b/0x90 [ 162.592574] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.593028] RIP: 0033:0x7f4b87518a4d [ 162.593387] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.594049] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.594719] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.595346] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.596039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.596750] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.597366] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.598182] [ 162.598388] irq event stamp: 0 [ 162.598682] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.599240] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.599966] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.600898] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.601446] ---[ end trace 0000000000000000 ]--- [ 162.602367] ------------[ cut here ]------------ [ 162.602807] WARNING: CPU: 1 PID: 1532 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.603706] Modules linked in: [ 162.603991] CPU: 1 PID: 1532 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.604906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.605884] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.606415] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.608392] RSP: 0018:ffff888017947b78 EFLAGS: 00010246 [ 162.609035] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.609648] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 162.610271] RBP: ffff888017947b98 R08: ffffed10047ea73e R09: ffffed10047ea73e [ 162.610991] R10: ffff888023f539ef R11: ffffed10047ea73d R12: ffff888023f53a90 [ 162.611692] R13: ffff888023f538a8 R14: ffffffffffffffff R15: ffff888017947c60 [ 162.612316] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.613097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.613698] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 162.614320] PKRU: 55555554 [ 162.614593] Call Trace: [ 162.614817] [ 162.615014] iommufd_ioas_destroy+0x53/0x70 [ 162.615561] iommufd_fops_release+0x1f7/0x370 [ 162.615967] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.616412] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.616843] ? write_comp_data+0x2f/0x90 [ 162.617277] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.617824] __fput+0x26d/0xa40 [ 162.618132] ____fput+0x1e/0x30 [ 162.618432] task_work_run+0x1a4/0x2d0 [ 162.618801] ? __pfx_task_work_run+0x10/0x10 [ 162.619198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.619672] ? switch_task_namespaces+0xa9/0xe0 [ 162.620219] do_exit+0xb17/0x2ef0 [ 162.620523] ? lock_acquire+0x427/0x4c0 [ 162.620877] ? __pfx_lock_release+0x10/0x10 [ 162.621319] ? __kasan_check_write+0x18/0x20 [ 162.621788] ? do_raw_spin_lock+0x132/0x2a0 [ 162.622259] ? __pfx_do_exit+0x10/0x10 [ 162.622632] ? debug_smp_processor_id+0x20/0x30 [ 162.623044] ? rcu_is_watching+0x19/0xb0 [ 162.623411] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.623818] ? trace_hardirqs_on+0x26/0x120 [ 162.624291] do_group_exit+0xe0/0x2b0 [ 162.624721] __x64_sys_exit_group+0x47/0x50 [ 162.625097] do_syscall_64+0x3b/0x90 [ 162.625434] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.625895] RIP: 0033:0x7f4b87518a4d [ 162.626311] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.626949] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.627623] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.628242] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.629035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.629650] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.630270] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.631091] [ 162.631312] irq event stamp: 0 [ 162.631589] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.632164] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.632889] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.633791] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.634338] ---[ end trace 0000000000000000 ]--- [ 162.640696] ------------[ cut here ]------------ [ 162.641148] WARNING: CPU: 1 PID: 1533 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.642192] Modules linked in: [ 162.642473] CPU: 1 PID: 1533 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.643289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.644421] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.644857] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.646610] RSP: 0018:ffff8880145cfbb8 EFLAGS: 00010246 [ 162.647077] RAX: 0000000000000000 RBX: ffff888011f630a8 RCX: 0000000000000000 [ 162.647711] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 162.648362] RBP: ffff8880145cfbd0 R08: ffffed10023ec633 R09: ffffed10023ec633 [ 162.649093] R10: ffff888011f63193 R11: ffffed10023ec632 R12: ffff88800ae92000 [ 162.649706] R13: ffff888011f631e8 R14: ffffffff8352e670 R15: ffff8880145cfe68 [ 162.650373] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.651182] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.651690] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 162.652308] PKRU: 55555554 [ 162.652603] Call Trace: [ 162.652908] [ 162.653183] __iommufd_access_detach+0x1c2/0x2b0 [ 162.653617] iommufd_access_change_pt+0x149/0x270 [ 162.654047] iommufd_access_replace+0xb4/0x120 [ 162.654489] iommufd_test+0x3e5/0x37e0 [ 162.654943] ? lock_release+0x532/0x770 [ 162.655312] ? __might_fault+0x102/0x1b0 [ 162.655678] ? lock_acquire+0x427/0x4c0 [ 162.656037] ? __pfx_iommufd_test+0x10/0x10 [ 162.656413] ? __pfx_lock_release+0x10/0x10 [ 162.656818] ? __pfx_lock_acquire+0x10/0x10 [ 162.657323] ? write_comp_data+0x2f/0x90 [ 162.657692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.658124] ? write_comp_data+0x2f/0x90 [ 162.658489] iommufd_fops_ioctl+0x37d/0x510 [ 162.658895] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.659472] ? write_comp_data+0x2f/0x90 [ 162.659839] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.660263] __x64_sys_ioctl+0x1a3/0x230 [ 162.660631] do_syscall_64+0x3b/0x90 [ 162.660966] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.661559] RIP: 0033:0x7f4b8743ee5d [ 162.661884] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.663655] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.664324] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.664938] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.665642] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.666324] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.666964] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.667599] [ 162.667802] irq event stamp: 0 [ 162.668078] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.668629] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.669350] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.670074] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.670640] ---[ end trace 0000000000000000 ]--- [ 162.673540] ------------[ cut here ]------------ [ 162.673978] WARNING: CPU: 1 PID: 1533 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.674883] Modules linked in: [ 162.675171] CPU: 1 PID: 1533 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.675912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.676871] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.677294] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.678852] RSP: 0018:ffff8880145cfbd0 EFLAGS: 00010246 [ 162.679318] RAX: 0000000000000000 RBX: ffff888011f630a8 RCX: 0000000000000000 [ 162.679925] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 162.680539] RBP: ffff8880145cfbe8 R08: ffffed10023ec633 R09: ffffed10023ec633 [ 162.681146] R10: ffff888011f63193 R11: ffffed10023ec632 R12: ffff8880149b7400 [ 162.681759] R13: ffff888011f631e8 R14: ffff888012186c00 R15: 0000000000000000 [ 162.682366] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.683071] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.683583] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 162.684202] PKRU: 55555554 [ 162.684458] Call Trace: [ 162.684683] [ 162.684885] iommufd_access_destroy_object+0x65/0x170 [ 162.685594] iommufd_object_destroy_user+0x18e/0x220 [ 162.686049] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.686588] iommufd_access_destroy+0x43/0x70 [ 162.687002] iommufd_test_staccess_release+0x8d/0xd0 [ 162.687452] __fput+0x26d/0xa40 [ 162.687756] ____fput+0x1e/0x30 [ 162.688189] task_work_run+0x1a4/0x2d0 [ 162.688537] ? __pfx_task_work_run+0x10/0x10 [ 162.688924] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.689348] ? switch_task_namespaces+0xa9/0xe0 [ 162.689768] do_exit+0xb17/0x2ef0 [ 162.690159] ? lock_acquire+0x427/0x4c0 [ 162.690582] ? __pfx_lock_release+0x10/0x10 [ 162.690975] ? __kasan_check_write+0x18/0x20 [ 162.691372] ? do_raw_spin_lock+0x132/0x2a0 [ 162.691756] ? __pfx_do_exit+0x10/0x10 [ 162.692105] ? debug_smp_processor_id+0x20/0x30 [ 162.692587] ? rcu_is_watching+0x19/0xb0 [ 162.693028] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.693429] ? trace_hardirqs_on+0x26/0x120 [ 162.693810] do_group_exit+0xe0/0x2b0 [ 162.694145] __x64_sys_exit_group+0x47/0x50 [ 162.694545] do_syscall_64+0x3b/0x90 [ 162.694886] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.695361] RIP: 0033:0x7f4b87518a4d [ 162.695690] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.696230] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.696888] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.697504] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.698113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.698756] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.699397] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.700020] [ 162.700225] irq event stamp: 0 [ 162.700497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.701045] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.701768] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.702489] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.703065] ---[ end trace 0000000000000000 ]--- [ 162.703814] ------------[ cut here ]------------ [ 162.704235] WARNING: CPU: 1 PID: 1533 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.705117] Modules linked in: [ 162.705402] CPU: 1 PID: 1533 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.706154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.707152] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.707607] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.709184] RSP: 0018:ffff8880145cfb78 EFLAGS: 00010246 [ 162.709648] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.710270] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 162.710910] RBP: ffff8880145cfb98 R08: ffffed10023ec63e R09: ffffed10023ec63e [ 162.711537] R10: ffff888011f631ef R11: ffffed10023ec63d R12: ffff888011f63290 [ 162.712155] R13: ffff888011f630a8 R14: ffffffffffffffff R15: ffff8880145cfc60 [ 162.712767] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.713459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.713956] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 162.714590] PKRU: 55555554 [ 162.714844] Call Trace: [ 162.715068] [ 162.715273] iommufd_ioas_destroy+0x53/0x70 [ 162.715655] iommufd_fops_release+0x1f7/0x370 [ 162.716050] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.716485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.716913] ? write_comp_data+0x2f/0x90 [ 162.717331] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.717765] __fput+0x26d/0xa40 [ 162.718067] ____fput+0x1e/0x30 [ 162.718365] task_work_run+0x1a4/0x2d0 [ 162.718742] ? __pfx_task_work_run+0x10/0x10 [ 162.719143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.719576] ? switch_task_namespaces+0xa9/0xe0 [ 162.719996] do_exit+0xb17/0x2ef0 [ 162.720302] ? lock_acquire+0x427/0x4c0 [ 162.720658] ? __pfx_lock_release+0x10/0x10 [ 162.721040] ? __kasan_check_write+0x18/0x20 [ 162.721428] ? do_raw_spin_lock+0x132/0x2a0 [ 162.721807] ? __pfx_do_exit+0x10/0x10 [ 162.722157] ? debug_smp_processor_id+0x20/0x30 [ 162.722590] ? rcu_is_watching+0x19/0xb0 [ 162.722951] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.723373] ? trace_hardirqs_on+0x26/0x120 [ 162.723762] do_group_exit+0xe0/0x2b0 [ 162.724097] __x64_sys_exit_group+0x47/0x50 [ 162.724477] do_syscall_64+0x3b/0x90 [ 162.724816] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.725271] RIP: 0033:0x7f4b87518a4d [ 162.725596] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.726126] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.726808] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.727431] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.728045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.728660] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.729276] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.729893] [ 162.730097] irq event stamp: 0 [ 162.730370] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.730937] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.731682] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.732396] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.732940] ---[ end trace 0000000000000000 ]--- [ 162.737003] ------------[ cut here ]------------ [ 162.737438] WARNING: CPU: 1 PID: 1534 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.738312] Modules linked in: [ 162.738639] CPU: 1 PID: 1534 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.739403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.740361] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.740791] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.742351] RSP: 0018:ffff88801851fbb8 EFLAGS: 00010246 [ 162.742834] RAX: 0000000000000000 RBX: ffff888010b9b0a8 RCX: 0000000000000000 [ 162.743457] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 162.744067] RBP: ffff88801851fbd0 R08: ffffed1002173633 R09: ffffed1002173633 [ 162.744672] R10: ffff888010b9b193 R11: ffffed1002173632 R12: ffff888010e02400 [ 162.745299] R13: ffff888010b9b1e8 R14: ffffffff8352e670 R15: ffff88801851fe68 [ 162.745957] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.746719] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.747266] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 162.747922] PKRU: 55555554 [ 162.748185] Call Trace: [ 162.748423] [ 162.748631] __iommufd_access_detach+0x1c2/0x2b0 [ 162.749141] iommufd_access_change_pt+0x149/0x270 [ 162.749593] iommufd_access_replace+0xb4/0x120 [ 162.750022] iommufd_test+0x3e5/0x37e0 [ 162.750383] ? lock_release+0x532/0x770 [ 162.750783] ? __might_fault+0x102/0x1b0 [ 162.751182] ? lock_acquire+0x427/0x4c0 [ 162.751570] ? __pfx_iommufd_test+0x10/0x10 [ 162.751979] ? __pfx_lock_release+0x10/0x10 [ 162.752386] ? __pfx_lock_acquire+0x10/0x10 [ 162.752790] ? write_comp_data+0x2f/0x90 [ 162.753175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.753629] ? write_comp_data+0x2f/0x90 [ 162.754012] iommufd_fops_ioctl+0x37d/0x510 [ 162.754413] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.754892] ? write_comp_data+0x2f/0x90 [ 162.755297] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.755751] __x64_sys_ioctl+0x1a3/0x230 [ 162.756138] do_syscall_64+0x3b/0x90 [ 162.756495] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.756981] RIP: 0033:0x7f4b8743ee5d [ 162.757323] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.759002] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.759716] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.760380] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.761037] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.761687] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.762338] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.763034] [ 162.763273] irq event stamp: 0 [ 162.763567] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.764150] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.764921] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.765684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.766265] ---[ end trace 0000000000000000 ]--- [ 162.769247] ------------[ cut here ]------------ [ 162.769711] WARNING: CPU: 1 PID: 1534 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.770669] Modules linked in: [ 162.770969] CPU: 1 PID: 1534 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.771778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.772797] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.773252] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.774925] RSP: 0018:ffff88801851fbd0 EFLAGS: 00010246 [ 162.775421] RAX: 0000000000000000 RBX: ffff888010b9b0a8 RCX: 0000000000000000 [ 162.776064] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 162.776714] RBP: ffff88801851fbe8 R08: ffffed1002173633 R09: ffffed1002173633 [ 162.777364] R10: ffff888010b9b193 R11: ffffed1002173632 R12: ffff88800ae93400 [ 162.778010] R13: ffff888010b9b1e8 R14: ffff88801022fe00 R15: 0000000000000000 [ 162.778672] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.779413] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.779940] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 162.780597] PKRU: 55555554 [ 162.780854] Call Trace: [ 162.781153] [ 162.781365] iommufd_access_destroy_object+0x65/0x170 [ 162.781840] iommufd_object_destroy_user+0x18e/0x220 [ 162.782309] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.782867] iommufd_access_destroy+0x43/0x70 [ 162.783297] iommufd_test_staccess_release+0x8d/0xd0 [ 162.783775] __fput+0x26d/0xa40 [ 162.784098] ____fput+0x1e/0x30 [ 162.784408] task_work_run+0x1a4/0x2d0 [ 162.784775] ? __pfx_task_work_run+0x10/0x10 [ 162.785187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.785637] ? switch_task_namespaces+0xa9/0xe0 [ 162.786072] do_exit+0xb17/0x2ef0 [ 162.786393] ? lock_acquire+0x427/0x4c0 [ 162.786785] ? __pfx_lock_release+0x10/0x10 [ 162.787204] ? __kasan_check_write+0x18/0x20 [ 162.787622] ? do_raw_spin_lock+0x132/0x2a0 [ 162.788025] ? __pfx_do_exit+0x10/0x10 [ 162.788392] ? debug_smp_processor_id+0x20/0x30 [ 162.788834] ? rcu_is_watching+0x19/0xb0 [ 162.789218] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.789649] ? trace_hardirqs_on+0x26/0x120 [ 162.790063] do_group_exit+0xe0/0x2b0 [ 162.790421] __x64_sys_exit_group+0x47/0x50 [ 162.790844] do_syscall_64+0x3b/0x90 [ 162.791213] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.791704] RIP: 0033:0x7f4b87518a4d [ 162.792046] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.792600] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.793297] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.793946] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.794617] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.795296] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.795955] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.796629] [ 162.796846] irq event stamp: 0 [ 162.797134] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.797720] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.798484] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.799300] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.799880] ---[ end trace 0000000000000000 ]--- [ 162.800651] ------------[ cut here ]------------ [ 162.801084] WARNING: CPU: 1 PID: 1534 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.802019] Modules linked in: [ 162.802317] CPU: 1 PID: 1534 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.803145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.804179] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.804653] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.806332] RSP: 0018:ffff88801851fb78 EFLAGS: 00010246 [ 162.806842] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.807502] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 162.808156] RBP: ffff88801851fb98 R08: ffffed100217363e R09: ffffed100217363e [ 162.808807] R10: ffff888010b9b1ef R11: ffffed100217363d R12: ffff888010b9b290 [ 162.809463] R13: ffff888010b9b0a8 R14: ffffffffffffffff R15: ffff88801851fc60 [ 162.810132] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.810899] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.811453] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 162.812109] PKRU: 55555554 [ 162.812377] Call Trace: [ 162.812617] [ 162.812826] iommufd_ioas_destroy+0x53/0x70 [ 162.813288] iommufd_fops_release+0x1f7/0x370 [ 162.813707] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.814165] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.814642] ? write_comp_data+0x2f/0x90 [ 162.815029] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.815503] __fput+0x26d/0xa40 [ 162.815818] ____fput+0x1e/0x30 [ 162.816129] task_work_run+0x1a4/0x2d0 [ 162.816494] ? __pfx_task_work_run+0x10/0x10 [ 162.816907] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.817358] ? switch_task_namespaces+0xa9/0xe0 [ 162.817800] do_exit+0xb17/0x2ef0 [ 162.818126] ? lock_acquire+0x427/0x4c0 [ 162.818538] ? __pfx_lock_release+0x10/0x10 [ 162.818950] ? __kasan_check_write+0x18/0x20 [ 162.819371] ? do_raw_spin_lock+0x132/0x2a0 [ 162.819775] ? __pfx_do_exit+0x10/0x10 [ 162.820146] ? debug_smp_processor_id+0x20/0x30 [ 162.820589] ? rcu_is_watching+0x19/0xb0 [ 162.820971] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.821409] ? trace_hardirqs_on+0x26/0x120 [ 162.821831] do_group_exit+0xe0/0x2b0 [ 162.822195] __x64_sys_exit_group+0x47/0x50 [ 162.822616] do_syscall_64+0x3b/0x90 [ 162.822971] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.823477] RIP: 0033:0x7f4b87518a4d [ 162.823824] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.824393] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.825089] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.825746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.826405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.827087] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.827749] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.828401] [ 162.828615] irq event stamp: 0 [ 162.828901] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.829480] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.830243] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.831030] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.831662] ---[ end trace 0000000000000000 ]--- [ 162.835984] ------------[ cut here ]------------ [ 162.836465] WARNING: CPU: 1 PID: 1535 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.837388] Modules linked in: [ 162.837685] CPU: 1 PID: 1535 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.838478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.839737] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.840211] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.841904] RSP: 0018:ffff888020c9fbb8 EFLAGS: 00010246 [ 162.842398] RAX: 0000000000000000 RBX: ffff8880179410a8 RCX: 0000000000000000 [ 162.843082] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 162.843752] RBP: ffff888020c9fbd0 R08: ffffed1002f28233 R09: ffffed1002f28233 [ 162.844404] R10: ffff888017941193 R11: ffffed1002f28232 R12: ffff888017067000 [ 162.845137] R13: ffff8880179411e8 R14: ffffffff8352e670 R15: ffff888020c9fe68 [ 162.845785] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.846547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.847086] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 162.847758] PKRU: 55555554 [ 162.848019] Call Trace: [ 162.848251] [ 162.848462] __iommufd_access_detach+0x1c2/0x2b0 [ 162.848924] iommufd_access_change_pt+0x149/0x270 [ 162.849380] iommufd_access_replace+0xb4/0x120 [ 162.849820] iommufd_test+0x3e5/0x37e0 [ 162.850181] ? lock_release+0x532/0x770 [ 162.850580] ? __might_fault+0x102/0x1b0 [ 162.850967] ? lock_acquire+0x427/0x4c0 [ 162.851356] ? __pfx_iommufd_test+0x10/0x10 [ 162.851752] ? __pfx_lock_release+0x10/0x10 [ 162.852162] ? __pfx_lock_acquire+0x10/0x10 [ 162.852577] ? write_comp_data+0x2f/0x90 [ 162.852968] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.853426] ? write_comp_data+0x2f/0x90 [ 162.853824] iommufd_fops_ioctl+0x37d/0x510 [ 162.854239] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.854736] ? write_comp_data+0x2f/0x90 [ 162.855157] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.855623] __x64_sys_ioctl+0x1a3/0x230 [ 162.856022] do_syscall_64+0x3b/0x90 [ 162.856387] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.856892] RIP: 0033:0x7f4b8743ee5d [ 162.857250] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.859003] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.859753] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.860434] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.861109] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.861785] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.862458] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.863184] [ 162.863415] irq event stamp: 0 [ 162.863719] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.864319] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.865113] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.865903] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.866540] ---[ end trace 0000000000000000 ]--- [ 162.869671] ------------[ cut here ]------------ [ 162.870159] WARNING: CPU: 1 PID: 1535 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.871147] Modules linked in: [ 162.871457] CPU: 1 PID: 1535 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.872273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.873344] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.873820] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.875579] RSP: 0018:ffff888020c9fbd0 EFLAGS: 00010246 [ 162.876095] RAX: 0000000000000000 RBX: ffff8880179410a8 RCX: 0000000000000000 [ 162.876763] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 162.877501] RBP: ffff888020c9fbe8 R08: ffffed1002f28233 R09: ffffed1002f28233 [ 162.878176] R10: ffff888017941193 R11: ffffed1002f28232 R12: ffff888010e03000 [ 162.878881] R13: ffff8880179411e8 R14: ffff88800ef92a00 R15: 0000000000000000 [ 162.879575] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.880332] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.880884] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 162.881559] PKRU: 55555554 [ 162.881831] Call Trace: [ 162.882078] [ 162.882294] iommufd_access_destroy_object+0x65/0x170 [ 162.882819] iommufd_object_destroy_user+0x18e/0x220 [ 162.883323] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.883882] iommufd_access_destroy+0x43/0x70 [ 162.884322] iommufd_test_staccess_release+0x8d/0xd0 [ 162.884821] __fput+0x26d/0xa40 [ 162.885155] ____fput+0x1e/0x30 [ 162.885481] task_work_run+0x1a4/0x2d0 [ 162.885865] ? __pfx_task_work_run+0x10/0x10 [ 162.886290] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.886791] ? switch_task_namespaces+0xa9/0xe0 [ 162.887291] do_exit+0xb17/0x2ef0 [ 162.887631] ? lock_acquire+0x427/0x4c0 [ 162.888022] ? __pfx_lock_release+0x10/0x10 [ 162.888439] ? __kasan_check_write+0x18/0x20 [ 162.888869] ? do_raw_spin_lock+0x132/0x2a0 [ 162.889288] ? __pfx_do_exit+0x10/0x10 [ 162.889675] ? debug_smp_processor_id+0x20/0x30 [ 162.890132] ? rcu_is_watching+0x19/0xb0 [ 162.890559] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.891014] ? trace_hardirqs_on+0x26/0x120 [ 162.891456] do_group_exit+0xe0/0x2b0 [ 162.891826] __x64_sys_exit_group+0x47/0x50 [ 162.892237] do_syscall_64+0x3b/0x90 [ 162.892607] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.893112] RIP: 0033:0x7f4b87518a4d [ 162.893474] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.894058] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.894809] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.895507] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.896184] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.896868] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.897545] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.898227] [ 162.898457] irq event stamp: 0 [ 162.898789] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.899415] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.900206] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.901004] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.901610] ---[ end trace 0000000000000000 ]--- [ 162.902448] ------------[ cut here ]------------ [ 162.902953] WARNING: CPU: 1 PID: 1535 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 162.903951] Modules linked in: [ 162.904267] CPU: 1 PID: 1535 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.905107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.906174] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 162.906711] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 162.908456] RSP: 0018:ffff888020c9fb78 EFLAGS: 00010246 [ 162.909021] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 162.909695] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 162.910371] RBP: ffff888020c9fb98 R08: ffffed1002f2823e R09: ffffed1002f2823e [ 162.911095] R10: ffff8880179411ef R11: ffffed1002f2823d R12: ffff888017941290 [ 162.911799] R13: ffff8880179410a8 R14: ffffffffffffffff R15: ffff888020c9fc60 [ 162.912478] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.913238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.913803] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 162.914485] PKRU: 55555554 [ 162.914793] Call Trace: [ 162.915043] [ 162.915271] iommufd_ioas_destroy+0x53/0x70 [ 162.915695] iommufd_fops_release+0x1f7/0x370 [ 162.916136] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.916617] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.917092] ? write_comp_data+0x2f/0x90 [ 162.917497] ? __pfx_iommufd_fops_release+0x10/0x10 [ 162.917986] __fput+0x26d/0xa40 [ 162.918325] ____fput+0x1e/0x30 [ 162.918691] task_work_run+0x1a4/0x2d0 [ 162.919081] ? __pfx_task_work_run+0x10/0x10 [ 162.919524] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.919991] ? switch_task_namespaces+0xa9/0xe0 [ 162.920448] do_exit+0xb17/0x2ef0 [ 162.920784] ? lock_acquire+0x427/0x4c0 [ 162.921178] ? __pfx_lock_release+0x10/0x10 [ 162.921593] ? __kasan_check_write+0x18/0x20 [ 162.922012] ? do_raw_spin_lock+0x132/0x2a0 [ 162.922414] ? __pfx_do_exit+0x10/0x10 [ 162.922824] ? debug_smp_processor_id+0x20/0x30 [ 162.923300] ? rcu_is_watching+0x19/0xb0 [ 162.923694] ? _raw_spin_unlock_irq+0x2b/0x60 [ 162.924153] ? trace_hardirqs_on+0x26/0x120 [ 162.924585] do_group_exit+0xe0/0x2b0 [ 162.924956] __x64_sys_exit_group+0x47/0x50 [ 162.925375] do_syscall_64+0x3b/0x90 [ 162.925745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.926249] RIP: 0033:0x7f4b87518a4d [ 162.926643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 162.927249] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 162.927977] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 162.928651] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 162.929324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 162.929999] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 162.930714] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 162.931420] [ 162.931645] irq event stamp: 0 [ 162.931946] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.932563] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.933359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.934164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.934803] ---[ end trace 0000000000000000 ]--- [ 162.939636] ------------[ cut here ]------------ [ 162.940132] WARNING: CPU: 1 PID: 1536 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.941158] Modules linked in: [ 162.941475] CPU: 1 PID: 1536 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.942305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.943672] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.944158] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.945879] RSP: 0018:ffff888015e57bb8 EFLAGS: 00010246 [ 162.946446] RAX: 0000000000000000 RBX: ffff888013f990a8 RCX: 0000000000000000 [ 162.947381] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 162.948214] RBP: ffff888015e57bd0 R08: ffffed10027f3233 R09: ffffed10027f3233 [ 162.948875] R10: ffff888013f99193 R11: ffffed10027f3232 R12: ffff888012de4000 [ 162.949538] R13: ffff888013f991e8 R14: ffffffff8352e670 R15: ffff888015e57e68 [ 162.950206] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.950983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.951629] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 162.952556] PKRU: 55555554 [ 162.952835] Call Trace: [ 162.953083] [ 162.953083] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 162.953300] __iommufd_access_detach+0x1c2/0x2b0 [ 162.956341] iommufd_access_change_pt+0x149/0x270 [ 162.956821] iommufd_access_replace+0xb4/0x120 [ 162.957266] iommufd_test+0x3e5/0x37e0 [ 162.957632] ? lock_release+0x532/0x770 [ 162.958012] ? __might_fault+0x102/0x1b0 [ 162.958398] ? lock_acquire+0x427/0x4c0 [ 162.958800] ? __pfx_iommufd_test+0x10/0x10 [ 162.959282] ? __pfx_lock_release+0x10/0x10 [ 162.959854] ? __pfx_lock_acquire+0x10/0x10 [ 162.960025] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 162.960283] ? write_comp_data+0x2f/0x90 [ 162.962453] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.962941] ? write_comp_data+0x2f/0x90 [ 162.963352] iommufd_fops_ioctl+0x37d/0x510 [ 162.963771] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.964240] ? write_comp_data+0x2f/0x90 [ 162.964637] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 162.965099] __x64_sys_ioctl+0x1a3/0x230 [ 162.965504] do_syscall_64+0x3b/0x90 [ 162.965868] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 162.966370] RIP: 0033:0x7f4b8743ee5d [ 162.966744] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 162.968476] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 162.969217] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 162.969900] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 162.970632] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 162.971340] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 162.972021] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 162.972707] [ 162.973008] irq event stamp: 0 [ 162.973311] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 162.973914] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 162.975046] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 162.975851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 162.976460] ---[ end trace 0000000000000000 ]--- [ 162.979626] ------------[ cut here ]------------ [ 162.980116] WARNING: CPU: 1 PID: 1536 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 162.981072] Modules linked in: [ 162.981388] CPU: 1 PID: 1536 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 162.982216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 162.983575] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 162.984065] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 162.985812] RSP: 0018:ffff888015e57bd0 EFLAGS: 00010246 [ 162.986331] RAX: 0000000000000000 RBX: ffff888013f990a8 RCX: 0000000000000000 [ 162.987037] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 162.987744] RBP: ffff888015e57be8 R08: ffffed10027f3233 R09: ffffed10027f3233 [ 162.988434] R10: ffff888013f99193 R11: ffffed10027f3232 R12: ffff888017065c00 [ 162.989124] R13: ffff888013f991e8 R14: ffff888010d6dd00 R15: 0000000000000000 [ 162.989812] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 162.990611] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.991190] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 162.991878] PKRU: 55555554 [ 162.992158] Call Trace: [ 162.992414] [ 162.992639] iommufd_access_destroy_object+0x65/0x170 [ 162.993154] iommufd_object_destroy_user+0x18e/0x220 [ 162.993678] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 162.994341] iommufd_access_destroy+0x43/0x70 [ 162.995048] iommufd_test_staccess_release+0x8d/0xd0 [ 162.995842] __fput+0x26d/0xa40 [ 162.996224] ____fput+0x1e/0x30 [ 162.996591] task_work_run+0x1a4/0x2d0 [ 162.997013] ? __pfx_task_work_run+0x10/0x10 [ 162.997482] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 162.997991] ? switch_task_namespaces+0xa9/0xe0 [ 162.998485] do_exit+0xb17/0x2ef0 [ 162.998912] ? lock_acquire+0x427/0x4c0 [ 162.999362] ? __pfx_lock_release+0x10/0x10 [ 162.999827] ? __kasan_check_write+0x18/0x20 [ 163.000298] ? do_raw_spin_lock+0x132/0x2a0 [ 163.000755] ? __pfx_do_exit+0x10/0x10 [ 163.001181] ? debug_smp_processor_id+0x20/0x30 [ 163.001672] ? rcu_is_watching+0x19/0xb0 [ 163.002211] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.002952] ? trace_hardirqs_on+0x26/0x120 [ 163.003435] do_group_exit+0xe0/0x2b0 [ 163.003835] __x64_sys_exit_group+0x47/0x50 [ 163.004279] do_syscall_64+0x3b/0x90 [ 163.004675] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.005303] RIP: 0033:0x7f4b87518a4d [ 163.005697] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.006338] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.007187] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.007927] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.008674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.009545] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.010605] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.011382] [ 163.011630] irq event stamp: 0 [ 163.011960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.012610] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.013473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.014341] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.015224] ---[ end trace 0000000000000000 ]--- [ 163.027881] ------------[ cut here ]------------ [ 163.028588] WARNING: CPU: 0 PID: 1536 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.029933] Modules linked in: [ 163.030360] CPU: 0 PID: 1536 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.031626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.033106] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.033785] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.036208] RSP: 0018:ffff888015e57b78 EFLAGS: 00010246 [ 163.036916] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.037843] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 163.038807] RBP: ffff888015e57b98 R08: ffffed10027f323e R09: ffffed10027f323e [ 163.039762] R10: ffff888013f991ef R11: ffffed10027f323d R12: ffff888013f99290 [ 163.040694] R13: ffff888013f990a8 R14: ffffffffffffffff R15: ffff888015e57c60 [ 163.041625] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.042711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.043490] CR2: 00007f82e2e76000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 163.044432] PKRU: 55555554 [ 163.044808] Call Trace: [ 163.045149] [ 163.045455] iommufd_ioas_destroy+0x53/0x70 [ 163.046043] iommufd_fops_release+0x1f7/0x370 [ 163.047026] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.047713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.048374] ? write_comp_data+0x2f/0x90 [ 163.048928] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.049600] __fput+0x26d/0xa40 [ 163.050067] ____fput+0x1e/0x30 [ 163.050582] task_work_run+0x1a4/0x2d0 [ 163.051145] ? __pfx_task_work_run+0x10/0x10 [ 163.051749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.052404] ? switch_task_namespaces+0xa9/0xe0 [ 163.053043] do_exit+0xb17/0x2ef0 [ 163.053511] ? lock_acquire+0x427/0x4c0 [ 163.054060] ? __pfx_lock_release+0x10/0x10 [ 163.054706] ? __kasan_check_write+0x18/0x20 [ 163.055329] ? do_raw_spin_lock+0x132/0x2a0 [ 163.055906] ? __pfx_do_exit+0x10/0x10 [ 163.056439] ? debug_smp_processor_id+0x20/0x30 [ 163.057065] ? rcu_is_watching+0x19/0xb0 [ 163.057608] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.058215] ? trace_hardirqs_on+0x26/0x120 [ 163.058856] do_group_exit+0xe0/0x2b0 [ 163.059392] __x64_sys_exit_group+0x47/0x50 [ 163.059964] do_syscall_64+0x3b/0x90 [ 163.060474] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.061169] RIP: 0033:0x7f4b87518a4d [ 163.061669] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.062474] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.063546] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.064480] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.065410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.066346] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.067338] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.068295] [ 163.068613] irq event stamp: 0 [ 163.069031] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.069851] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.070983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.072088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.072913] ---[ end trace 0000000000000000 ]--- [ 163.080735] ------------[ cut here ]------------ [ 163.081458] WARNING: CPU: 0 PID: 1538 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.083034] Modules linked in: [ 163.083496] CPU: 0 PID: 1538 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.084650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.086119] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.086853] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.089252] RSP: 0018:ffff888018477bb8 EFLAGS: 00010246 [ 163.089957] RAX: 0000000000000000 RBX: ffff888015a958a8 RCX: 0000000000000000 [ 163.090929] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 163.091877] RBP: ffff888018477bd0 R08: ffffed1002b52b33 R09: ffffed1002b52b33 [ 163.092816] R10: ffff888015a95993 R11: ffffed1002b52b32 R12: ffff88801341e000 [ 163.093749] R13: ffff888015a959e8 R14: ffffffff8352e670 R15: ffff888018477e68 [ 163.094727] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.095804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.096564] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ef0 [ 163.097502] PKRU: 55555554 [ 163.097877] Call Trace: [ 163.098221] [ 163.098576] __iommufd_access_detach+0x1c2/0x2b0 [ 163.099251] iommufd_access_change_pt+0x149/0x270 [ 163.099905] iommufd_access_replace+0xb4/0x120 [ 163.100531] iommufd_test+0x3e5/0x37e0 [ 163.101051] ? lock_release+0x532/0x770 [ 163.101595] ? __might_fault+0x102/0x1b0 [ 163.102148] ? lock_acquire+0x427/0x4c0 [ 163.102733] ? __pfx_iommufd_test+0x10/0x10 [ 163.103324] ? __pfx_lock_release+0x10/0x10 [ 163.103908] ? __pfx_lock_acquire+0x10/0x10 [ 163.104494] ? write_comp_data+0x2f/0x90 [ 163.105047] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.105695] ? write_comp_data+0x2f/0x90 [ 163.106248] iommufd_fops_ioctl+0x37d/0x510 [ 163.106871] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.107544] ? write_comp_data+0x2f/0x90 [ 163.108102] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.108742] __x64_sys_ioctl+0x1a3/0x230 [ 163.109299] do_syscall_64+0x3b/0x90 [ 163.109810] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.110551] RIP: 0033:0x7f4b8743ee5d [ 163.111050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.113430] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.114423] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.115413] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.116357] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.117287] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.118216] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.119216] [ 163.119536] irq event stamp: 0 [ 163.119956] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.120782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.121871] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.122996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.123837] ---[ end trace 0000000000000000 ]--- [ 163.129275] ------------[ cut here ]------------ [ 163.130195] WARNING: CPU: 0 PID: 1538 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.131632] Modules linked in: [ 163.132104] CPU: 0 PID: 1538 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.133445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.135266] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.135941] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.138606] RSP: 0018:ffff888018477bd0 EFLAGS: 00010246 [ 163.139592] RAX: 0000000000000000 RBX: ffff888015a958a8 RCX: 0000000000000000 [ 163.140525] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 163.141453] RBP: ffff888018477be8 R08: ffffed1002b52b33 R09: ffffed1002b52b33 [ 163.142383] R10: ffff888015a95993 R11: ffffed1002b52b32 R12: ffff888010824c00 [ 163.143376] R13: ffff888015a959e8 R14: ffff88800f492900 R15: 0000000000000000 [ 163.144316] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.145365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.146096] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.147034] PKRU: 55555554 [ 163.147409] Call Trace: [ 163.147739] [ 163.148035] iommufd_access_destroy_object+0x65/0x170 [ 163.148700] iommufd_object_destroy_user+0x18e/0x220 [ 163.149359] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 163.150104] iommufd_access_destroy+0x43/0x70 [ 163.150733] iommufd_test_staccess_release+0x8d/0xd0 [ 163.151404] __fput+0x26d/0xa40 [ 163.151852] ____fput+0x1e/0x30 [ 163.152290] task_work_run+0x1a4/0x2d0 [ 163.152805] ? __pfx_task_work_run+0x10/0x10 [ 163.153375] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.154005] ? switch_task_namespaces+0xa9/0xe0 [ 163.154657] do_exit+0xb17/0x2ef0 [ 163.155109] ? lock_acquire+0x427/0x4c0 [ 163.155648] ? __pfx_lock_release+0x10/0x10 [ 163.156206] ? __kasan_check_write+0x18/0x20 [ 163.156775] ? do_raw_spin_lock+0x132/0x2a0 [ 163.157327] ? __pfx_do_exit+0x10/0x10 [ 163.157838] ? debug_smp_processor_id+0x20/0x30 [ 163.158437] ? rcu_is_watching+0x19/0xb0 [ 163.159003] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.159609] ? trace_hardirqs_on+0x26/0x120 [ 163.160170] do_group_exit+0xe0/0x2b0 [ 163.160662] __x64_sys_exit_group+0x47/0x50 [ 163.161216] do_syscall_64+0x3b/0x90 [ 163.161707] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.162374] RIP: 0033:0x7f4b87518a4d [ 163.162893] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.163679] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.164629] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.165520] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.166410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.167479] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.168162] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.168831] [ 163.169046] irq event stamp: 0 [ 163.169341] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.169918] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.170721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.171512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.172097] ---[ end trace 0000000000000000 ]--- [ 163.173044] ------------[ cut here ]------------ [ 163.173937] WARNING: CPU: 0 PID: 1538 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.174952] Modules linked in: [ 163.175276] CPU: 0 PID: 1538 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.176076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.177106] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.178180] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.180021] RSP: 0018:ffff888018477b78 EFLAGS: 00010246 [ 163.180513] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.181173] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 163.181976] RBP: ffff888018477b98 R08: ffffed1002b52b3e R09: ffffed1002b52b3e [ 163.182869] R10: ffff888015a959ef R11: ffffed1002b52b3d R12: ffff888015a95a90 [ 163.183526] R13: ffff888015a958a8 R14: ffffffffffffffff R15: ffff888018477c60 [ 163.184176] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.184913] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.185444] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.186325] PKRU: 55555554 [ 163.187001] Call Trace: [ 163.187339] [ 163.187607] iommufd_ioas_destroy+0x53/0x70 [ 163.188134] iommufd_fops_release+0x1f7/0x370 [ 163.188680] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.189280] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.189871] ? write_comp_data+0x2f/0x90 [ 163.190732] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.191315] __fput+0x26d/0xa40 [ 163.191730] ____fput+0x1e/0x30 [ 163.192136] task_work_run+0x1a4/0x2d0 [ 163.192577] ? __pfx_task_work_run+0x10/0x10 [ 163.193102] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.193707] ? switch_task_namespaces+0xa9/0xe0 [ 163.194422] do_exit+0xb17/0x2ef0 [ 163.195094] ? lock_acquire+0x427/0x4c0 [ 163.195628] ? __pfx_lock_release+0x10/0x10 [ 163.196164] ? __kasan_check_write+0x18/0x20 [ 163.196704] ? do_raw_spin_lock+0x132/0x2a0 [ 163.197226] ? __pfx_do_exit+0x10/0x10 [ 163.197698] ? debug_smp_processor_id+0x20/0x30 [ 163.198315] ? rcu_is_watching+0x19/0xb0 [ 163.199032] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.199815] ? trace_hardirqs_on+0x26/0x120 [ 163.200404] do_group_exit+0xe0/0x2b0 [ 163.200914] __x64_sys_exit_group+0x47/0x50 [ 163.201479] do_syscall_64+0x3b/0x90 [ 163.202006] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.203199] RIP: 0033:0x7f4b87518a4d [ 163.203720] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.204512] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.205489] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.206770] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.207720] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.208642] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.209556] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.210833] [ 163.211231] irq event stamp: 0 [ 163.211568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.212145] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.212905] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.213706] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.214601] ---[ end trace 0000000000000000 ]--- [ 163.222257] ------------[ cut here ]------------ [ 163.223196] WARNING: CPU: 0 PID: 1539 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.224407] Modules linked in: [ 163.224732] CPU: 0 PID: 1539 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.225604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.226818] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.227453] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.229908] RSP: 0018:ffff88801725fbb8 EFLAGS: 00010246 [ 163.230453] RAX: 0000000000000000 RBX: ffff88802456b8a8 RCX: 0000000000000000 [ 163.231337] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 163.232206] RBP: ffff88801725fbd0 R08: ffffed10048ad733 R09: ffffed10048ad733 [ 163.232909] R10: ffff88802456b993 R11: ffffed10048ad732 R12: ffff888013da4000 [ 163.233612] R13: ffff88802456b9e8 R14: ffffffff8352e670 R15: ffff88801725fe68 [ 163.234348] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.235198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.235786] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 163.236505] PKRU: 55555554 [ 163.236790] Call Trace: [ 163.237050] [ 163.237283] __iommufd_access_detach+0x1c2/0x2b0 [ 163.237777] iommufd_access_change_pt+0x149/0x270 [ 163.238287] iommufd_access_replace+0xb4/0x120 [ 163.238844] iommufd_test+0x3e5/0x37e0 [ 163.239416] ? lock_release+0x532/0x770 [ 163.240017] ? __might_fault+0x102/0x1b0 [ 163.240436] ? lock_acquire+0x427/0x4c0 [ 163.240848] ? __pfx_iommufd_test+0x10/0x10 [ 163.241283] ? __pfx_lock_release+0x10/0x10 [ 163.241731] ? __pfx_lock_acquire+0x10/0x10 [ 163.242182] ? write_comp_data+0x2f/0x90 [ 163.242648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.243167] ? write_comp_data+0x2f/0x90 [ 163.243592] iommufd_fops_ioctl+0x37d/0x510 [ 163.244039] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.244690] ? write_comp_data+0x2f/0x90 [ 163.245372] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.245866] __x64_sys_ioctl+0x1a3/0x230 [ 163.246287] do_syscall_64+0x3b/0x90 [ 163.246751] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.247299] RIP: 0033:0x7f4b8743ee5d [ 163.247673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.249705] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.250738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.251476] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.252186] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.252893] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.253699] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.254828] [ 163.255072] irq event stamp: 0 [ 163.255418] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.256051] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.256891] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.257730] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.258457] ---[ end trace 0000000000000000 ]--- [ 163.263577] ------------[ cut here ]------------ [ 163.264127] WARNING: CPU: 0 PID: 1539 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.265145] Modules linked in: [ 163.265474] CPU: 0 PID: 1539 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.266357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.267617] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.268147] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.270009] RSP: 0018:ffff88801725fbd0 EFLAGS: 00010246 [ 163.270592] RAX: 0000000000000000 RBX: ffff88802456b8a8 RCX: 0000000000000000 [ 163.271336] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 163.272061] RBP: ffff88801725fbe8 R08: ffffed10048ad733 R09: ffffed10048ad733 [ 163.272781] R10: ffff88802456b993 R11: ffffed10048ad732 R12: ffff88801341f400 [ 163.273503] R13: ffff88802456b9e8 R14: ffff888012234000 R15: 0000000000000000 [ 163.274223] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.275122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.275726] CR2: 00007f82e2e91020 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 163.276454] PKRU: 55555554 [ 163.276741] Call Trace: [ 163.277003] [ 163.277235] iommufd_access_destroy_object+0x65/0x170 [ 163.277778] iommufd_object_destroy_user+0x18e/0x220 [ 163.278313] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 163.278961] iommufd_access_destroy+0x43/0x70 [ 163.279455] iommufd_test_staccess_release+0x8d/0xd0 [ 163.280000] __fput+0x26d/0xa40 [ 163.280357] ____fput+0x1e/0x30 [ 163.280702] task_work_run+0x1a4/0x2d0 [ 163.281113] ? __pfx_task_work_run+0x10/0x10 [ 163.281567] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.282076] ? switch_task_namespaces+0xa9/0xe0 [ 163.282609] do_exit+0xb17/0x2ef0 [ 163.282972] ? lock_acquire+0x427/0x4c0 [ 163.283415] ? __pfx_lock_release+0x10/0x10 [ 163.283870] ? __kasan_check_write+0x18/0x20 [ 163.284328] ? do_raw_spin_lock+0x132/0x2a0 [ 163.284782] ? __pfx_do_exit+0x10/0x10 [ 163.285195] ? debug_smp_processor_id+0x20/0x30 [ 163.285682] ? rcu_is_watching+0x19/0xb0 [ 163.286103] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.286626] ? trace_hardirqs_on+0x26/0x120 [ 163.287083] do_group_exit+0xe0/0x2b0 [ 163.287499] __x64_sys_exit_group+0x47/0x50 [ 163.287943] do_syscall_64+0x3b/0x90 [ 163.288338] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.288874] RIP: 0033:0x7f4b87518a4d [ 163.289256] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.289886] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.290701] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.291447] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.292175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.292913] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.293656] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.294392] [ 163.294683] irq event stamp: 0 [ 163.295012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.295680] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.296545] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.297398] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.298046] ---[ end trace 0000000000000000 ]--- [ 163.299053] ------------[ cut here ]------------ [ 163.299567] WARNING: CPU: 0 PID: 1539 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.300625] Modules linked in: [ 163.300971] CPU: 0 PID: 1539 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.301864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.303082] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.303633] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.305485] RSP: 0018:ffff88801725fb78 EFLAGS: 00010246 [ 163.306030] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.306979] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 163.307723] RBP: ffff88801725fb98 R08: ffffed10048ad73e R09: ffffed10048ad73e [ 163.308451] R10: ffff88802456b9ef R11: ffffed10048ad73d R12: ffff88802456ba90 [ 163.309177] R13: ffff88802456b8a8 R14: ffffffffffffffff R15: ffff88801725fc60 [ 163.310031] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.311316] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.311916] CR2: 00007f82e2e91020 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 163.312646] PKRU: 55555554 [ 163.312944] Call Trace: [ 163.313208] [ 163.313441] iommufd_ioas_destroy+0x53/0x70 [ 163.313896] iommufd_fops_release+0x1f7/0x370 [ 163.314398] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.315142] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.315845] ? write_comp_data+0x2f/0x90 [ 163.316278] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.316789] __fput+0x26d/0xa40 [ 163.317143] ____fput+0x1e/0x30 [ 163.317495] task_work_run+0x1a4/0x2d0 [ 163.317908] ? __pfx_task_work_run+0x10/0x10 [ 163.318376] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.318941] ? switch_task_namespaces+0xa9/0xe0 [ 163.319449] do_exit+0xb17/0x2ef0 [ 163.319808] ? lock_acquire+0x427/0x4c0 [ 163.320358] ? __pfx_lock_release+0x10/0x10 [ 163.321102] ? __kasan_check_write+0x18/0x20 [ 163.321560] ? do_raw_spin_lock+0x132/0x2a0 [ 163.322006] ? __pfx_do_exit+0x10/0x10 [ 163.322414] ? debug_smp_processor_id+0x20/0x30 [ 163.322934] ? rcu_is_watching+0x19/0xb0 [ 163.323370] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.323841] ? trace_hardirqs_on+0x26/0x120 [ 163.324302] do_group_exit+0xe0/0x2b0 [ 163.324700] __x64_sys_exit_group+0x47/0x50 [ 163.325254] do_syscall_64+0x3b/0x90 [ 163.325814] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.326354] RIP: 0033:0x7f4b87518a4d [ 163.326772] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.327427] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.328421] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.329353] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.330075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.330844] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.331596] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.332332] [ 163.332575] irq event stamp: 0 [ 163.332924] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.333771] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.334808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.335676] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.336320] ---[ end trace 0000000000000000 ]--- [ 163.342840] ------------[ cut here ]------------ [ 163.343381] WARNING: CPU: 0 PID: 1540 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.344415] Modules linked in: [ 163.344741] CPU: 0 PID: 1540 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.345755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.347499] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.348012] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.349826] RSP: 0018:ffff88800fcd7bb8 EFLAGS: 00010246 [ 163.350358] RAX: 0000000000000000 RBX: ffff888015f520a8 RCX: 0000000000000000 [ 163.351095] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 163.351831] RBP: ffff88800fcd7bd0 R08: ffffed1002bea433 R09: ffffed1002bea433 [ 163.352542] R10: ffff888015f52193 R11: ffffed1002bea432 R12: ffff888012e95000 [ 163.353257] R13: ffff888015f521e8 R14: ffffffff8352e670 R15: ffff88800fcd7e68 [ 163.353979] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.354819] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.355417] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 163.356138] PKRU: 55555554 [ 163.356431] Call Trace: [ 163.356693] [ 163.356924] __iommufd_access_detach+0x1c2/0x2b0 [ 163.357418] iommufd_access_change_pt+0x149/0x270 [ 163.357917] iommufd_access_replace+0xb4/0x120 [ 163.358400] iommufd_test+0x3e5/0x37e0 [ 163.358836] ? lock_release+0x532/0x770 [ 163.359332] ? __might_fault+0x102/0x1b0 [ 163.359779] ? lock_acquire+0x427/0x4c0 [ 163.360215] ? __pfx_iommufd_test+0x10/0x10 [ 163.360666] ? __pfx_lock_release+0x10/0x10 [ 163.361128] ? __pfx_lock_acquire+0x10/0x10 [ 163.361598] ? write_comp_data+0x2f/0x90 [ 163.362034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.362590] ? write_comp_data+0x2f/0x90 [ 163.363031] iommufd_fops_ioctl+0x37d/0x510 [ 163.363509] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.364027] ? write_comp_data+0x2f/0x90 [ 163.364463] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.364978] __x64_sys_ioctl+0x1a3/0x230 [ 163.365423] do_syscall_64+0x3b/0x90 [ 163.365833] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.366382] RIP: 0033:0x7f4b8743ee5d [ 163.366812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.368732] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.369543] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.370301] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.371099] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.371863] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.372618] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.373378] [ 163.373629] irq event stamp: 0 [ 163.373965] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.374666] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.375569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.376454] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.377129] ---[ end trace 0000000000000000 ]--- [ 163.380964] ------------[ cut here ]------------ [ 163.381491] WARNING: CPU: 0 PID: 1540 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.382819] Modules linked in: [ 163.383477] CPU: 0 PID: 1540 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.384407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.385564] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.386080] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.388449] RSP: 0018:ffff88800fcd7bd0 EFLAGS: 00010246 [ 163.389187] RAX: 0000000000000000 RBX: ffff888015f520a8 RCX: 0000000000000000 [ 163.389926] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 163.390685] RBP: ffff88800fcd7be8 R08: ffffed1002bea433 R09: ffffed1002bea433 [ 163.391450] R10: ffff888015f52193 R11: ffffed1002bea432 R12: ffff888013da7000 [ 163.392192] R13: ffff888015f521e8 R14: ffff88800fdb1f00 R15: 0000000000000000 [ 163.393062] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.394256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.394885] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.395639] PKRU: 55555554 [ 163.395933] Call Trace: [ 163.396199] [ 163.396435] iommufd_access_destroy_object+0x65/0x170 [ 163.396981] iommufd_object_destroy_user+0x18e/0x220 [ 163.397554] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 163.398370] iommufd_access_destroy+0x43/0x70 [ 163.399031] iommufd_test_staccess_release+0x8d/0xd0 [ 163.399597] __fput+0x26d/0xa40 [ 163.399992] ____fput+0x1e/0x30 [ 163.400351] task_work_run+0x1a4/0x2d0 [ 163.400780] ? __pfx_task_work_run+0x10/0x10 [ 163.401262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.402099] ? switch_task_namespaces+0xa9/0xe0 [ 163.402648] do_exit+0xb17/0x2ef0 [ 163.403018] ? lock_acquire+0x427/0x4c0 [ 163.403476] ? __pfx_lock_release+0x10/0x10 [ 163.403935] ? __kasan_check_write+0x18/0x20 [ 163.404542] ? do_raw_spin_lock+0x132/0x2a0 [ 163.405149] ? __pfx_do_exit+0x10/0x10 [ 163.405581] ? debug_smp_processor_id+0x20/0x30 [ 163.406072] ? rcu_is_watching+0x19/0xb0 [ 163.406661] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.407371] ? trace_hardirqs_on+0x26/0x120 [ 163.407849] do_group_exit+0xe0/0x2b0 [ 163.408255] __x64_sys_exit_group+0x47/0x50 [ 163.408732] do_syscall_64+0x3b/0x90 [ 163.409375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.410117] RIP: 0033:0x7f4b87518a4d [ 163.410547] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.411209] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.412252] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.413014] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.413739] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.414741] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.415492] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.416239] [ 163.416591] irq event stamp: 0 [ 163.417075] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.417738] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.418642] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.419807] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.420459] ---[ end trace 0000000000000000 ]--- [ 163.421347] ------------[ cut here ]------------ [ 163.422024] WARNING: CPU: 0 PID: 1540 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.423137] Modules linked in: [ 163.423492] CPU: 0 PID: 1540 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.424635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.425830] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.426551] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.428506] RSP: 0018:ffff88800fcd7b78 EFLAGS: 00010246 [ 163.429010] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.429696] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 163.430637] RBP: ffff88800fcd7b98 R08: ffffed1002bea43e R09: ffffed1002bea43e [ 163.431315] R10: ffff888015f521ef R11: ffffed1002bea43d R12: ffff888015f52290 [ 163.431987] R13: ffff888015f520a8 R14: ffffffffffffffff R15: ffff88800fcd7c60 [ 163.432878] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.433633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.434222] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.435159] PKRU: 55555554 [ 163.435438] Call Trace: [ 163.435682] [ 163.435910] iommufd_ioas_destroy+0x53/0x70 [ 163.436331] iommufd_fops_release+0x1f7/0x370 [ 163.436990] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.437471] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.437933] ? write_comp_data+0x2f/0x90 [ 163.438336] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.439004] __fput+0x26d/0xa40 [ 163.439360] ____fput+0x1e/0x30 [ 163.439686] task_work_run+0x1a4/0x2d0 [ 163.440061] ? __pfx_task_work_run+0x10/0x10 [ 163.440493] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.441046] ? switch_task_namespaces+0xa9/0xe0 [ 163.441631] do_exit+0xb17/0x2ef0 [ 163.441966] ? lock_acquire+0x427/0x4c0 [ 163.442363] ? __pfx_lock_release+0x10/0x10 [ 163.442847] ? __kasan_check_write+0x18/0x20 [ 163.443386] ? do_raw_spin_lock+0x132/0x2a0 [ 163.443810] ? __pfx_do_exit+0x10/0x10 [ 163.444180] ? debug_smp_processor_id+0x20/0x30 [ 163.444648] ? rcu_is_watching+0x19/0xb0 [ 163.445197] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.445642] ? trace_hardirqs_on+0x26/0x120 [ 163.446049] do_group_exit+0xe0/0x2b0 [ 163.446407] __x64_sys_exit_group+0x47/0x50 [ 163.446927] do_syscall_64+0x3b/0x90 [ 163.447404] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.447917] RIP: 0033:0x7f4b87518a4d [ 163.448278] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.448960] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.449768] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.450442] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.451354] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.452024] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.452797] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.453618] [ 163.453844] irq event stamp: 0 [ 163.454140] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.454851] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.455788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.456627] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.457381] ---[ end trace 0000000000000000 ]--- [ 163.464404] ------------[ cut here ]------------ [ 163.465058] WARNING: CPU: 0 PID: 1541 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.465942] Modules linked in: [ 163.466220] CPU: 0 PID: 1541 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.467198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.468185] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.468622] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.470217] RSP: 0018:ffff888015f67bb8 EFLAGS: 00010246 [ 163.470711] RAX: 0000000000000000 RBX: ffff88801587a0a8 RCX: 0000000000000000 [ 163.471358] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 163.471983] RBP: ffff888015f67bd0 R08: ffffed1002b0f433 R09: ffffed1002b0f433 [ 163.472603] R10: ffff88801587a193 R11: ffffed1002b0f432 R12: ffff88800b9b5c00 [ 163.473227] R13: ffff88801587a1e8 R14: ffffffff8352e670 R15: ffff888015f67e68 [ 163.473850] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.474574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.475088] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 163.475721] PKRU: 55555554 [ 163.475985] Call Trace: [ 163.476269] [ 163.476522] __iommufd_access_detach+0x1c2/0x2b0 [ 163.477073] iommufd_access_change_pt+0x149/0x270 [ 163.477648] iommufd_access_replace+0xb4/0x120 [ 163.478183] iommufd_test+0x3e5/0x37e0 [ 163.478680] ? lock_release+0x532/0x770 [ 163.479162] ? __might_fault+0x102/0x1b0 [ 163.479628] ? lock_acquire+0x427/0x4c0 [ 163.480087] ? __pfx_iommufd_test+0x10/0x10 [ 163.480581] ? __pfx_lock_release+0x10/0x10 [ 163.481078] ? __pfx_lock_acquire+0x10/0x10 [ 163.481569] ? write_comp_data+0x2f/0x90 [ 163.482048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.482643] ? write_comp_data+0x2f/0x90 [ 163.483138] iommufd_fops_ioctl+0x37d/0x510 [ 163.483626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.484188] ? write_comp_data+0x2f/0x90 [ 163.484657] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.485206] __x64_sys_ioctl+0x1a3/0x230 [ 163.485671] do_syscall_64+0x3b/0x90 [ 163.486107] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.486740] RIP: 0033:0x7f4b8743ee5d [ 163.487179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.489142] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.489949] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.490725] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.491445] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.492171] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.492903] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.493662] [ 163.493909] irq event stamp: 0 [ 163.494241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.494953] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.495848] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.496745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.497391] ---[ end trace 0000000000000000 ]--- [ 163.501928] ------------[ cut here ]------------ [ 163.502689] WARNING: CPU: 0 PID: 1541 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.503664] Modules linked in: [ 163.504038] CPU: 0 PID: 1541 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.505061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.506411] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.506990] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.509075] RSP: 0018:ffff888015f67bd0 EFLAGS: 00010246 [ 163.509723] RAX: 0000000000000000 RBX: ffff88801587a0a8 RCX: 0000000000000000 [ 163.510606] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 163.511384] RBP: ffff888015f67be8 R08: ffffed1002b0f433 R09: ffffed1002b0f433 [ 163.512263] R10: ffff88801587a193 R11: ffffed1002b0f432 R12: ffff888012e95c00 [ 163.513041] R13: ffff88801587a1e8 R14: ffff88800ef92a00 R15: 0000000000000000 [ 163.513951] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.514841] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.515594] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.516327] PKRU: 55555554 [ 163.516636] Call Trace: [ 163.516983] [ 163.517346] iommufd_access_destroy_object+0x65/0x170 [ 163.517895] iommufd_object_destroy_user+0x18e/0x220 [ 163.518436] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 163.519302] iommufd_access_destroy+0x43/0x70 [ 163.519788] iommufd_test_staccess_release+0x8d/0xd0 [ 163.520333] __fput+0x26d/0xa40 [ 163.520745] ____fput+0x1e/0x30 [ 163.521243] task_work_run+0x1a4/0x2d0 [ 163.521668] ? __pfx_task_work_run+0x10/0x10 [ 163.522137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.522901] ? switch_task_namespaces+0xa9/0xe0 [ 163.523426] do_exit+0xb17/0x2ef0 [ 163.523810] ? lock_acquire+0x427/0x4c0 [ 163.524234] ? __pfx_lock_release+0x10/0x10 [ 163.524760] ? __kasan_check_write+0x18/0x20 [ 163.525313] ? do_raw_spin_lock+0x132/0x2a0 [ 163.525771] ? __pfx_do_exit+0x10/0x10 [ 163.526191] ? debug_smp_processor_id+0x20/0x30 [ 163.526927] ? rcu_is_watching+0x19/0xb0 [ 163.527353] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.527734] ? trace_hardirqs_on+0x26/0x120 [ 163.528095] do_group_exit+0xe0/0x2b0 [ 163.528478] __x64_sys_exit_group+0x47/0x50 [ 163.528932] do_syscall_64+0x3b/0x90 [ 163.529247] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.529680] RIP: 0033:0x7f4b87518a4d [ 163.529988] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.530679] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.531307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.531887] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.532546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.533200] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.533779] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.534540] [ 163.534734] irq event stamp: 0 [ 163.534992] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.535517] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.536267] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.537035] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.537547] ---[ end trace 0000000000000000 ]--- [ 163.538401] ------------[ cut here ]------------ [ 163.538821] WARNING: CPU: 0 PID: 1541 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.539668] Modules linked in: [ 163.540000] CPU: 0 PID: 1541 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.540815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.541799] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.542308] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.543993] RSP: 0018:ffff888015f67b78 EFLAGS: 00010246 [ 163.544430] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.545011] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 163.545739] RBP: ffff888015f67b98 R08: ffffed1002b0f43e R09: ffffed1002b0f43e [ 163.546315] R10: ffff88801587a1ef R11: ffffed1002b0f43d R12: ffff88801587a290 [ 163.546930] R13: ffff88801587a0a8 R14: ffffffffffffffff R15: ffff888015f67c60 [ 163.547650] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.548306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.548778] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.549533] PKRU: 55555554 [ 163.549766] Call Trace: [ 163.549975] [ 163.550160] iommufd_ioas_destroy+0x53/0x70 [ 163.550547] iommufd_fops_release+0x1f7/0x370 [ 163.551075] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.551500] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.551907] ? write_comp_data+0x2f/0x90 [ 163.552245] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.552721] __fput+0x26d/0xa40 [ 163.553091] ____fput+0x1e/0x30 [ 163.553371] task_work_run+0x1a4/0x2d0 [ 163.553698] ? __pfx_task_work_run+0x10/0x10 [ 163.554064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.554670] ? switch_task_namespaces+0xa9/0xe0 [ 163.555070] do_exit+0xb17/0x2ef0 [ 163.555373] ? lock_acquire+0x427/0x4c0 [ 163.555712] ? __pfx_lock_release+0x10/0x10 [ 163.556073] ? __kasan_check_write+0x18/0x20 [ 163.556444] ? do_raw_spin_lock+0x132/0x2a0 [ 163.556801] ? __pfx_do_exit+0x10/0x10 [ 163.557127] ? debug_smp_processor_id+0x20/0x30 [ 163.557513] ? rcu_is_watching+0x19/0xb0 [ 163.557847] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.558223] ? trace_hardirqs_on+0x26/0x120 [ 163.558604] do_group_exit+0xe0/0x2b0 [ 163.558922] __x64_sys_exit_group+0x47/0x50 [ 163.559286] do_syscall_64+0x3b/0x90 [ 163.559600] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.560031] RIP: 0033:0x7f4b87518a4d [ 163.560334] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.560832] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.561446] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.562018] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.562611] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.563203] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.563783] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.564367] [ 163.564560] irq event stamp: 0 [ 163.564815] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.565324] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.565997] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.566685] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.567203] ---[ end trace 0000000000000000 ]--- [ 163.573193] ------------[ cut here ]------------ [ 163.573641] WARNING: CPU: 0 PID: 1542 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.574687] Modules linked in: [ 163.574949] CPU: 0 PID: 1542 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.575784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.576663] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.577055] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.578473] RSP: 0018:ffff888014aefbb8 EFLAGS: 00010246 [ 163.578911] RAX: 0000000000000000 RBX: ffff88800b9fc8a8 RCX: 0000000000000000 [ 163.579469] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 163.580021] RBP: ffff888014aefbd0 R08: ffffed100173f933 R09: ffffed100173f933 [ 163.580574] R10: ffff88800b9fc993 R11: ffffed100173f932 R12: ffff888013b15000 [ 163.581128] R13: ffff88800b9fc9e8 R14: ffffffff8352e670 R15: ffff888014aefe68 [ 163.581682] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.582319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.582790] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 163.583364] PKRU: 55555554 [ 163.583586] Call Trace: [ 163.583789] [ 163.583966] __iommufd_access_detach+0x1c2/0x2b0 [ 163.584352] iommufd_access_change_pt+0x149/0x270 [ 163.584737] iommufd_access_replace+0xb4/0x120 [ 163.585105] iommufd_test+0x3e5/0x37e0 [ 163.585409] ? lock_release+0x532/0x770 [ 163.585731] ? __might_fault+0x102/0x1b0 [ 163.586056] ? lock_acquire+0x427/0x4c0 [ 163.586376] ? __pfx_iommufd_test+0x10/0x10 [ 163.586727] ? __pfx_lock_release+0x10/0x10 [ 163.587068] ? __pfx_lock_acquire+0x10/0x10 [ 163.587416] ? write_comp_data+0x2f/0x90 [ 163.587742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.588127] ? write_comp_data+0x2f/0x90 [ 163.588455] iommufd_fops_ioctl+0x37d/0x510 [ 163.588796] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.589180] ? write_comp_data+0x2f/0x90 [ 163.589508] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.589890] __x64_sys_ioctl+0x1a3/0x230 [ 163.590218] do_syscall_64+0x3b/0x90 [ 163.590537] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.590950] RIP: 0033:0x7f4b8743ee5d [ 163.591249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.592659] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.593248] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.593798] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.594345] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.594913] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.595477] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.596043] [ 163.596226] irq event stamp: 0 [ 163.596475] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.596952] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.597582] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.598210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.598698] ---[ end trace 0000000000000000 ]--- [ 163.601700] ------------[ cut here ]------------ [ 163.602071] WARNING: CPU: 0 PID: 1542 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.603034] Modules linked in: [ 163.603297] CPU: 0 PID: 1542 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.603957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.604862] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.605331] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.606867] RSP: 0018:ffff888014aefbd0 EFLAGS: 00010246 [ 163.607281] RAX: 0000000000000000 RBX: ffff88800b9fc8a8 RCX: 0000000000000000 [ 163.607819] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 163.608503] RBP: ffff888014aefbe8 R08: ffffed100173f933 R09: ffffed100173f933 [ 163.609039] R10: ffff88800b9fc993 R11: ffffed100173f932 R12: ffff88800b9b4400 [ 163.609577] R13: ffff88800b9fc9e8 R14: ffff88800f120a00 R15: 0000000000000000 [ 163.610261] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.610887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.611338] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.611935] PKRU: 55555554 [ 163.612249] Call Trace: [ 163.612444] [ 163.612612] iommufd_access_destroy_object+0x65/0x170 [ 163.613001] iommufd_object_destroy_user+0x18e/0x220 [ 163.613440] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 163.613949] iommufd_access_destroy+0x43/0x70 [ 163.614298] iommufd_test_staccess_release+0x8d/0xd0 [ 163.614719] __fput+0x26d/0xa40 [ 163.614991] ____fput+0x1e/0x30 [ 163.615322] task_work_run+0x1a4/0x2d0 [ 163.615727] ? __pfx_task_work_run+0x10/0x10 [ 163.616064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.616439] ? switch_task_namespaces+0xa9/0xe0 [ 163.616828] do_exit+0xb17/0x2ef0 [ 163.617188] ? lock_acquire+0x427/0x4c0 [ 163.617496] ? __pfx_lock_release+0x10/0x10 [ 163.617830] ? __kasan_check_write+0x18/0x20 [ 163.618164] ? do_raw_spin_lock+0x132/0x2a0 [ 163.618566] ? __pfx_do_exit+0x10/0x10 [ 163.618943] ? debug_smp_processor_id+0x20/0x30 [ 163.619308] ? rcu_is_watching+0x19/0xb0 [ 163.619623] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.619972] ? trace_hardirqs_on+0x26/0x120 [ 163.620310] do_group_exit+0xe0/0x2b0 [ 163.620659] __x64_sys_exit_group+0x47/0x50 [ 163.621058] do_syscall_64+0x3b/0x90 [ 163.621353] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.621756] RIP: 0033:0x7f4b87518a4d [ 163.622084] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.622649] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.623227] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.623717] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.624400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.624941] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.625479] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.626025] [ 163.626202] irq event stamp: 0 [ 163.626442] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.626935] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.627579] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.628210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.628686] ---[ end trace 0000000000000000 ]--- [ 163.629361] ------------[ cut here ]------------ [ 163.629729] WARNING: CPU: 0 PID: 1542 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.630499] Modules linked in: [ 163.630771] CPU: 0 PID: 1542 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.631437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.632287] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.632676] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.634050] RSP: 0018:ffff888014aefb78 EFLAGS: 00010246 [ 163.634456] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.635013] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 163.635559] RBP: ffff888014aefb98 R08: ffffed100173f93e R09: ffffed100173f93e [ 163.636097] R10: ffff88800b9fc9ef R11: ffffed100173f93d R12: ffff88800b9fca90 [ 163.636636] R13: ffff88800b9fc8a8 R14: ffffffffffffffff R15: ffff888014aefc60 [ 163.637173] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.637779] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.638217] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.638768] PKRU: 55555554 [ 163.638985] Call Trace: [ 163.639197] [ 163.639370] iommufd_ioas_destroy+0x53/0x70 [ 163.639707] iommufd_fops_release+0x1f7/0x370 [ 163.640058] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.640442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.640830] ? write_comp_data+0x2f/0x90 [ 163.641151] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.641532] __fput+0x26d/0xa40 [ 163.641797] ____fput+0x1e/0x30 [ 163.642057] task_work_run+0x1a4/0x2d0 [ 163.642361] ? __pfx_task_work_run+0x10/0x10 [ 163.642721] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.643095] ? switch_task_namespaces+0xa9/0xe0 [ 163.643462] do_exit+0xb17/0x2ef0 [ 163.643725] ? lock_acquire+0x427/0x4c0 [ 163.644034] ? __pfx_lock_release+0x10/0x10 [ 163.644368] ? __kasan_check_write+0x18/0x20 [ 163.644701] ? do_raw_spin_lock+0x132/0x2a0 [ 163.645028] ? __pfx_do_exit+0x10/0x10 [ 163.645331] ? debug_smp_processor_id+0x20/0x30 [ 163.645682] ? rcu_is_watching+0x19/0xb0 [ 163.645989] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.646338] ? trace_hardirqs_on+0x26/0x120 [ 163.646691] do_group_exit+0xe0/0x2b0 [ 163.646988] __x64_sys_exit_group+0x47/0x50 [ 163.647325] do_syscall_64+0x3b/0x90 [ 163.647620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.648021] RIP: 0033:0x7f4b87518a4d [ 163.648302] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.648759] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.649322] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.649855] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.650385] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.650935] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.651471] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.652007] [ 163.652182] irq event stamp: 0 [ 163.652419] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.652886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.653511] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.654132] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.654616] ---[ end trace 0000000000000000 ]--- [ 163.658198] ------------[ cut here ]------------ [ 163.658620] WARNING: CPU: 0 PID: 1543 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.659391] Modules linked in: [ 163.659633] CPU: 0 PID: 1543 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.660280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.661116] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.661488] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.662853] RSP: 0018:ffff88801496fbb8 EFLAGS: 00010246 [ 163.663273] RAX: 0000000000000000 RBX: ffff8880145df8a8 RCX: 0000000000000000 [ 163.663801] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 163.664328] RBP: ffff88801496fbd0 R08: ffffed10028bbf33 R09: ffffed10028bbf33 [ 163.664855] R10: ffff8880145df993 R11: ffffed10028bbf32 R12: ffff88800ae92800 [ 163.665384] R13: ffff8880145df9e8 R14: ffffffff8352e670 R15: ffff88801496fe68 [ 163.665912] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.666520] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.666946] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 163.667479] PKRU: 55555554 [ 163.667688] Call Trace: [ 163.667876] [ 163.668043] __iommufd_access_detach+0x1c2/0x2b0 [ 163.668416] iommufd_access_change_pt+0x149/0x270 [ 163.668782] iommufd_access_replace+0xb4/0x120 [ 163.669128] iommufd_test+0x3e5/0x37e0 [ 163.669418] ? lock_release+0x532/0x770 [ 163.669719] ? __might_fault+0x102/0x1b0 [ 163.670024] ? lock_acquire+0x427/0x4c0 [ 163.670323] ? __pfx_iommufd_test+0x10/0x10 [ 163.670662] ? __pfx_lock_release+0x10/0x10 [ 163.670991] ? __pfx_lock_acquire+0x10/0x10 [ 163.671329] ? write_comp_data+0x2f/0x90 [ 163.671641] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.672002] ? write_comp_data+0x2f/0x90 [ 163.672309] iommufd_fops_ioctl+0x37d/0x510 [ 163.672632] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.672993] ? write_comp_data+0x2f/0x90 [ 163.673300] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.673657] __x64_sys_ioctl+0x1a3/0x230 [ 163.673965] do_syscall_64+0x3b/0x90 [ 163.674249] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.674658] RIP: 0033:0x7f4b8743ee5d [ 163.674935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.676265] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.676819] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.677339] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.677858] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.678378] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.678917] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.679459] [ 163.679635] irq event stamp: 0 [ 163.679868] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.680327] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.680937] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.681543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.681999] ---[ end trace 0000000000000000 ]--- [ 163.684657] ------------[ cut here ]------------ [ 163.685029] WARNING: CPU: 0 PID: 1543 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.685770] Modules linked in: [ 163.686004] CPU: 0 PID: 1543 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.686819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.687649] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.688014] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.689337] RSP: 0018:ffff88801496fbd0 EFLAGS: 00010246 [ 163.689726] RAX: 0000000000000000 RBX: ffff8880145df8a8 RCX: 0000000000000000 [ 163.690243] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 163.690777] RBP: ffff88801496fbe8 R08: ffffed10028bbf33 R09: ffffed10028bbf33 [ 163.691309] R10: ffff8880145df993 R11: ffffed10028bbf32 R12: ffff888013b17000 [ 163.691828] R13: ffff8880145df9e8 R14: ffff888012194200 R15: 0000000000000000 [ 163.692346] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.692934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.693356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.693877] PKRU: 55555554 [ 163.694086] Call Trace: [ 163.694274] [ 163.694441] iommufd_access_destroy_object+0x65/0x170 [ 163.694844] iommufd_object_destroy_user+0x18e/0x220 [ 163.695236] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 163.695669] iommufd_access_destroy+0x43/0x70 [ 163.696014] iommufd_test_staccess_release+0x8d/0xd0 [ 163.696395] __fput+0x26d/0xa40 [ 163.696653] ____fput+0x1e/0x30 [ 163.696905] task_work_run+0x1a4/0x2d0 [ 163.697202] ? __pfx_task_work_run+0x10/0x10 [ 163.697529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.697893] ? switch_task_namespaces+0xa9/0xe0 [ 163.698247] do_exit+0xb17/0x2ef0 [ 163.698525] ? lock_acquire+0x427/0x4c0 [ 163.698831] ? __pfx_lock_release+0x10/0x10 [ 163.699164] ? __kasan_check_write+0x18/0x20 [ 163.699494] ? do_raw_spin_lock+0x132/0x2a0 [ 163.699813] ? __pfx_do_exit+0x10/0x10 [ 163.700112] ? debug_smp_processor_id+0x20/0x30 [ 163.700459] ? rcu_is_watching+0x19/0xb0 [ 163.700765] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.701104] ? trace_hardirqs_on+0x26/0x120 [ 163.701427] do_group_exit+0xe0/0x2b0 [ 163.701712] __x64_sys_exit_group+0x47/0x50 [ 163.702027] do_syscall_64+0x3b/0x90 [ 163.702308] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.702716] RIP: 0033:0x7f4b87518a4d [ 163.702995] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.703454] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.704007] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.704524] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.705044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.705565] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.706085] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.706629] [ 163.706803] irq event stamp: 0 [ 163.707035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.707503] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.708115] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.708723] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.709186] ---[ end trace 0000000000000000 ]--- [ 163.709836] ------------[ cut here ]------------ [ 163.710179] WARNING: CPU: 0 PID: 1543 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.710944] Modules linked in: [ 163.711193] CPU: 0 PID: 1543 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.711832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.712647] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.713021] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.714339] RSP: 0018:ffff88801496fb78 EFLAGS: 00010246 [ 163.714740] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.715269] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 163.715786] RBP: ffff88801496fb98 R08: ffffed10028bbf3e R09: ffffed10028bbf3e [ 163.716304] R10: ffff8880145df9ef R11: ffffed10028bbf3d R12: ffff8880145dfa90 [ 163.716821] R13: ffff8880145df8a8 R14: ffffffffffffffff R15: ffff88801496fc60 [ 163.717340] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.717921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.718342] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.718877] PKRU: 55555554 [ 163.719087] Call Trace: [ 163.719284] [ 163.719454] iommufd_ioas_destroy+0x53/0x70 [ 163.719782] iommufd_fops_release+0x1f7/0x370 [ 163.720125] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.720700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.721071] ? write_comp_data+0x2f/0x90 [ 163.721378] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.721748] __fput+0x26d/0xa40 [ 163.722036] ____fput+0x1e/0x30 [ 163.722365] task_work_run+0x1a4/0x2d0 [ 163.722686] ? __pfx_task_work_run+0x10/0x10 [ 163.723018] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.723391] ? switch_task_namespaces+0xa9/0xe0 [ 163.723745] do_exit+0xb17/0x2ef0 [ 163.724040] ? lock_acquire+0x427/0x4c0 [ 163.724422] ? __pfx_lock_release+0x10/0x10 [ 163.724748] ? __kasan_check_write+0x18/0x20 [ 163.725073] ? do_raw_spin_lock+0x132/0x2a0 [ 163.725391] ? __pfx_do_exit+0x10/0x10 [ 163.725802] ? debug_smp_processor_id+0x20/0x30 [ 163.726148] ? rcu_is_watching+0x19/0xb0 [ 163.726449] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.726807] ? trace_hardirqs_on+0x26/0x120 [ 163.727138] do_group_exit+0xe0/0x2b0 [ 163.727421] __x64_sys_exit_group+0x47/0x50 [ 163.727863] do_syscall_64+0x3b/0x90 [ 163.728147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.728531] RIP: 0033:0x7f4b87518a4d [ 163.728806] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.729307] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.729937] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.730456] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.731131] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.731655] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.732172] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.732753] [ 163.732998] irq event stamp: 0 [ 163.733232] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.733696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.734361] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.735083] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.735558] ---[ end trace 0000000000000000 ]--- [ 163.739152] ------------[ cut here ]------------ [ 163.739641] WARNING: CPU: 0 PID: 1544 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.740384] Modules linked in: [ 163.740619] CPU: 0 PID: 1544 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.741384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.742202] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.742713] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.744050] RSP: 0018:ffff888015f67bb8 EFLAGS: 00010246 [ 163.744444] RAX: 0000000000000000 RBX: ffff88800fd3e8a8 RCX: 0000000000000000 [ 163.744974] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 163.745516] RBP: ffff888015f67bd0 R08: ffffed1001fa7d33 R09: ffffed1001fa7d33 [ 163.746051] R10: ffff88800fd3e993 R11: ffffed1001fa7d32 R12: ffff888010f05400 [ 163.746607] R13: ffff88800fd3e9e8 R14: ffffffff8352e670 R15: ffff888015f67e68 [ 163.747157] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.747759] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.748201] CR2: 00007f4b877410e8 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 163.748736] PKRU: 55555554 [ 163.748951] Call Trace: [ 163.749146] [ 163.749322] __iommufd_access_detach+0x1c2/0x2b0 [ 163.749699] iommufd_access_change_pt+0x149/0x270 [ 163.750078] iommufd_access_replace+0xb4/0x120 [ 163.750436] iommufd_test+0x3e5/0x37e0 [ 163.750761] ? lock_release+0x532/0x770 [ 163.751077] ? __might_fault+0x102/0x1b0 [ 163.751405] ? lock_acquire+0x427/0x4c0 [ 163.751719] ? __pfx_iommufd_test+0x10/0x10 [ 163.752050] ? __pfx_lock_release+0x10/0x10 [ 163.752385] ? __pfx_lock_acquire+0x10/0x10 [ 163.752723] ? write_comp_data+0x2f/0x90 [ 163.753041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.753418] ? write_comp_data+0x2f/0x90 [ 163.753742] iommufd_fops_ioctl+0x37d/0x510 [ 163.754080] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.754461] ? write_comp_data+0x2f/0x90 [ 163.754808] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.755197] __x64_sys_ioctl+0x1a3/0x230 [ 163.755522] do_syscall_64+0x3b/0x90 [ 163.755822] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.756232] RIP: 0033:0x7f4b8743ee5d [ 163.756521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.757916] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.758545] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.759110] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.759685] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.760254] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.760817] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.761392] [ 163.761583] irq event stamp: 0 [ 163.761833] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.762330] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.763029] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.763710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.764211] ---[ end trace 0000000000000000 ]--- [ 163.767204] ------------[ cut here ]------------ [ 163.767588] WARNING: CPU: 0 PID: 1544 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.768388] Modules linked in: [ 163.768661] CPU: 0 PID: 1544 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.769481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.770367] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.771158] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.772647] RSP: 0018:ffff888015f67bd0 EFLAGS: 00010246 [ 163.773296] RAX: 0000000000000000 RBX: ffff88800fd3e8a8 RCX: 0000000000000000 [ 163.773890] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 163.774494] RBP: ffff888015f67be8 R08: ffffed1001fa7d33 R09: ffffed1001fa7d33 [ 163.775303] R10: ffff88800fd3e993 R11: ffffed1001fa7d32 R12: ffff88800ae93c00 [ 163.775898] R13: ffff88800fd3e9e8 R14: ffff88800fdb1900 R15: 0000000000000000 [ 163.776498] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.777356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.777835] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.778427] PKRU: 55555554 [ 163.778850] Call Trace: [ 163.779067] [ 163.779268] iommufd_access_destroy_object+0x65/0x170 [ 163.779708] iommufd_object_destroy_user+0x18e/0x220 [ 163.780138] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 163.780626] iommufd_access_destroy+0x43/0x70 [ 163.781180] iommufd_test_staccess_release+0x8d/0xd0 [ 163.781616] __fput+0x26d/0xa40 [ 163.781912] ____fput+0x1e/0x30 [ 163.782203] task_work_run+0x1a4/0x2d0 [ 163.782615] ? __pfx_task_work_run+0x10/0x10 [ 163.783150] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.783596] ? switch_task_namespaces+0xa9/0xe0 [ 163.784020] do_exit+0xb17/0x2ef0 [ 163.784326] ? lock_acquire+0x427/0x4c0 [ 163.784698] ? __pfx_lock_release+0x10/0x10 [ 163.785307] ? __kasan_check_write+0x18/0x20 [ 163.785712] ? do_raw_spin_lock+0x132/0x2a0 [ 163.786105] ? __pfx_do_exit+0x10/0x10 [ 163.786468] ? debug_smp_processor_id+0x20/0x30 [ 163.786969] ? rcu_is_watching+0x19/0xb0 [ 163.787488] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.787909] ? trace_hardirqs_on+0x26/0x120 [ 163.788305] do_group_exit+0xe0/0x2b0 [ 163.788657] __x64_sys_exit_group+0x47/0x50 [ 163.789234] do_syscall_64+0x3b/0x90 [ 163.789580] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.790053] RIP: 0033:0x7f4b87518a4d [ 163.790387] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.791150] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.791834] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.792465] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.793286] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.793926] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.794604] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.795436] [ 163.795668] irq event stamp: 0 [ 163.795971] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.796595] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.797558] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.798349] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.799189] ---[ end trace 0000000000000000 ]--- [ 163.801155] ------------[ cut here ]------------ [ 163.801622] WARNING: CPU: 0 PID: 1544 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.802831] Modules linked in: [ 163.803164] CPU: 0 PID: 1544 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.803997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.805078] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.805579] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.807353] RSP: 0018:ffff888015f67b78 EFLAGS: 00010246 [ 163.807872] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.808550] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 163.809231] RBP: ffff888015f67b98 R08: ffffed1001fa7d3e R09: ffffed1001fa7d3e [ 163.809903] R10: ffff88800fd3e9ef R11: ffffed1001fa7d3d R12: ffff88800fd3ea90 [ 163.810607] R13: ffff88800fd3e8a8 R14: ffffffffffffffff R15: ffff888015f67c60 [ 163.811310] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.812074] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.812631] CR2: 00007f82e2eda000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 163.813314] PKRU: 55555554 [ 163.813594] Call Trace: [ 163.813842] [ 163.814063] iommufd_ioas_destroy+0x53/0x70 [ 163.814490] iommufd_fops_release+0x1f7/0x370 [ 163.814972] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.815470] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.815949] ? write_comp_data+0x2f/0x90 [ 163.816363] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.816860] __fput+0x26d/0xa40 [ 163.817196] ____fput+0x1e/0x30 [ 163.817534] task_work_run+0x1a4/0x2d0 [ 163.817931] ? __pfx_task_work_run+0x10/0x10 [ 163.818368] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.818884] ? switch_task_namespaces+0xa9/0xe0 [ 163.819381] do_exit+0xb17/0x2ef0 [ 163.819723] ? lock_acquire+0x427/0x4c0 [ 163.820113] ? __pfx_lock_release+0x10/0x10 [ 163.820532] ? __kasan_check_write+0x18/0x20 [ 163.820956] ? do_raw_spin_lock+0x132/0x2a0 [ 163.821370] ? __pfx_do_exit+0x10/0x10 [ 163.821755] ? debug_smp_processor_id+0x20/0x30 [ 163.822210] ? rcu_is_watching+0x19/0xb0 [ 163.822639] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.823086] ? trace_hardirqs_on+0x26/0x120 [ 163.823532] do_group_exit+0xe0/0x2b0 [ 163.823904] __x64_sys_exit_group+0x47/0x50 [ 163.824321] do_syscall_64+0x3b/0x90 [ 163.824684] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.825184] RIP: 0033:0x7f4b87518a4d [ 163.825540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.826123] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.826889] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.827599] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.828279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.828960] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.829634] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.830322] [ 163.830574] irq event stamp: 0 [ 163.830881] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.831489] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.832288] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.833083] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.833694] ---[ end trace 0000000000000000 ]--- [ 163.839087] ------------[ cut here ]------------ [ 163.839590] WARNING: CPU: 0 PID: 1545 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.840848] Modules linked in: [ 163.841188] CPU: 0 PID: 1545 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.842134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.843559] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.844088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.845986] RSP: 0018:ffff888020f9fbb8 EFLAGS: 00010246 [ 163.846578] RAX: 0000000000000000 RBX: ffff888017bb38a8 RCX: 0000000000000000 [ 163.847333] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 163.848074] RBP: ffff888020f9fbd0 R08: ffffed1002f76733 R09: ffffed1002f76733 [ 163.848808] R10: ffff888017bb3993 R11: ffffed1002f76732 R12: ffff888018afec00 [ 163.849541] R13: ffff888017bb39e8 R14: ffffffff8352e670 R15: ffff888020f9fe68 [ 163.850274] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.851157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.851769] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 163.852513] PKRU: 55555554 [ 163.852809] Call Trace: [ 163.853082] [ 163.853322] __iommufd_access_detach+0x1c2/0x2b0 [ 163.853840] iommufd_access_change_pt+0x149/0x270 [ 163.854358] iommufd_access_replace+0xb4/0x120 [ 163.854885] iommufd_test+0x3e5/0x37e0 [ 163.855322] ? lock_release+0x532/0x770 [ 163.855752] ? __might_fault+0x102/0x1b0 [ 163.856189] ? lock_acquire+0x427/0x4c0 [ 163.856619] ? __pfx_iommufd_test+0x10/0x10 [ 163.857073] ? __pfx_lock_release+0x10/0x10 [ 163.857532] ? __pfx_lock_acquire+0x10/0x10 [ 163.857996] ? write_comp_data+0x2f/0x90 [ 163.858436] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.858991] ? write_comp_data+0x2f/0x90 [ 163.859449] iommufd_fops_ioctl+0x37d/0x510 [ 163.859917] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.860435] ? write_comp_data+0x2f/0x90 [ 163.860873] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.861383] __x64_sys_ioctl+0x1a3/0x230 [ 163.861820] do_syscall_64+0x3b/0x90 [ 163.862219] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.862793] RIP: 0033:0x7f4b8743ee5d [ 163.863201] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.865093] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.865884] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.866638] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.867384] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.868111] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.868842] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.869590] [ 163.869832] irq event stamp: 0 [ 163.870156] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.870838] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.871713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.872581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.873247] ---[ end trace 0000000000000000 ]--- [ 163.876801] ------------[ cut here ]------------ [ 163.877339] WARNING: CPU: 0 PID: 1545 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.878713] Modules linked in: [ 163.879259] CPU: 0 PID: 1545 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.880177] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.881341] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.881859] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.884132] RSP: 0018:ffff888020f9fbd0 EFLAGS: 00010246 [ 163.884888] RAX: 0000000000000000 RBX: ffff888017bb38a8 RCX: 0000000000000000 [ 163.885632] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 163.886360] RBP: ffff888020f9fbe8 R08: ffffed1002f76733 R09: ffffed1002f76733 [ 163.887180] R10: ffff888017bb3993 R11: ffffed1002f76732 R12: ffff888010f07400 [ 163.887938] R13: ffff888017bb39e8 R14: ffff888013d63500 R15: 0000000000000000 [ 163.888819] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.889903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.890551] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.891310] PKRU: 55555554 [ 163.891610] Call Trace: [ 163.891879] [ 163.892116] iommufd_access_destroy_object+0x65/0x170 [ 163.892674] iommufd_object_destroy_user+0x18e/0x220 [ 163.893321] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 163.894223] iommufd_access_destroy+0x43/0x70 [ 163.894752] iommufd_test_staccess_release+0x8d/0xd0 [ 163.895328] __fput+0x26d/0xa40 [ 163.895694] ____fput+0x1e/0x30 [ 163.896050] task_work_run+0x1a4/0x2d0 [ 163.896465] ? __pfx_task_work_run+0x10/0x10 [ 163.896927] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.897445] ? switch_task_namespaces+0xa9/0xe0 [ 163.898031] do_exit+0xb17/0x2ef0 [ 163.898560] ? lock_acquire+0x427/0x4c0 [ 163.899182] ? __pfx_lock_release+0x10/0x10 [ 163.899649] ? __kasan_check_write+0x18/0x20 [ 163.900121] ? do_raw_spin_lock+0x132/0x2a0 [ 163.900573] ? __pfx_do_exit+0x10/0x10 [ 163.900996] ? debug_smp_processor_id+0x20/0x30 [ 163.901495] ? rcu_is_watching+0x19/0xb0 [ 163.901922] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.902411] ? trace_hardirqs_on+0x26/0x120 [ 163.902995] do_group_exit+0xe0/0x2b0 [ 163.903685] __x64_sys_exit_group+0x47/0x50 [ 163.904149] do_syscall_64+0x3b/0x90 [ 163.904555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.905111] RIP: 0033:0x7f4b87518a4d [ 163.905502] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.906148] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.907006] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.908021] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.909078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.909823] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.910602] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.911379] [ 163.911628] irq event stamp: 0 [ 163.911963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.912610] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.913715] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.914818] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.915520] ---[ end trace 0000000000000000 ]--- [ 163.916492] ------------[ cut here ]------------ [ 163.916991] WARNING: CPU: 0 PID: 1545 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 163.918107] Modules linked in: [ 163.918614] CPU: 0 PID: 1545 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.919709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.920894] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 163.921441] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 163.923761] RSP: 0018:ffff888020f9fb78 EFLAGS: 00010246 [ 163.924442] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 163.925184] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 163.925923] RBP: ffff888020f9fb98 R08: ffffed1002f7673e R09: ffffed1002f7673e [ 163.926739] R10: ffff888017bb39ef R11: ffffed1002f7673d R12: ffff888017bb3a90 [ 163.927564] R13: ffff888017bb38a8 R14: ffffffffffffffff R15: ffff888020f9fc60 [ 163.928566] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.929585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.930213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 163.931023] PKRU: 55555554 [ 163.931344] Call Trace: [ 163.931621] [ 163.931864] iommufd_ioas_destroy+0x53/0x70 [ 163.932425] iommufd_fops_release+0x1f7/0x370 [ 163.933063] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.933759] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.934305] ? write_comp_data+0x2f/0x90 [ 163.934805] ? __pfx_iommufd_fops_release+0x10/0x10 [ 163.935372] __fput+0x26d/0xa40 [ 163.935746] ____fput+0x1e/0x30 [ 163.936114] task_work_run+0x1a4/0x2d0 [ 163.936548] ? __pfx_task_work_run+0x10/0x10 [ 163.937180] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.937883] ? switch_task_namespaces+0xa9/0xe0 [ 163.938406] do_exit+0xb17/0x2ef0 [ 163.938813] ? lock_acquire+0x427/0x4c0 [ 163.939261] ? __pfx_lock_release+0x10/0x10 [ 163.939730] ? __kasan_check_write+0x18/0x20 [ 163.940222] ? do_raw_spin_lock+0x132/0x2a0 [ 163.940728] ? __pfx_do_exit+0x10/0x10 [ 163.941279] ? debug_smp_processor_id+0x20/0x30 [ 163.941945] ? rcu_is_watching+0x19/0xb0 [ 163.942387] ? _raw_spin_unlock_irq+0x2b/0x60 [ 163.942904] ? trace_hardirqs_on+0x26/0x120 [ 163.943393] do_group_exit+0xe0/0x2b0 [ 163.943800] __x64_sys_exit_group+0x47/0x50 [ 163.944259] do_syscall_64+0x3b/0x90 [ 163.944668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.945274] RIP: 0033:0x7f4b87518a4d [ 163.945862] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 163.946542] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 163.947354] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 163.948093] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 163.948836] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 163.949585] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 163.950336] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 163.951134] [ 163.951386] irq event stamp: 0 [ 163.951716] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.952370] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.953248] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.954117] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.954800] ---[ end trace 0000000000000000 ]--- [ 163.959716] ------------[ cut here ]------------ [ 163.960270] WARNING: CPU: 0 PID: 1546 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.961339] Modules linked in: [ 163.961677] CPU: 0 PID: 1546 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 163.962698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 163.963893] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 163.964418] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 163.966326] RSP: 0018:ffff8880208dfbb8 EFLAGS: 00010246 [ 163.966913] RAX: 0000000000000000 RBX: ffff8880158988a8 RCX: 0000000000000000 [ 163.967696] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 163.968442] RBP: ffff8880208dfbd0 R08: ffffed1002b13133 R09: ffffed1002b13133 [ 163.969187] R10: ffff888015898993 R11: ffffed1002b13132 R12: ffff888013ed9c00 [ 163.969934] R13: ffff8880158989e8 R14: ffffffff8352e670 R15: ffff8880208dfe68 [ 163.970719] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 163.971573] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.972178] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 163.972924] PKRU: 55555554 [ 163.973228] Call Trace: [ 163.973496] [ 163.973735] __iommufd_access_detach+0x1c2/0x2b0 [ 163.974255] iommufd_access_change_pt+0x149/0x270 [ 163.974806] iommufd_access_replace+0xb4/0x120 [ 163.975316] iommufd_test+0x3e5/0x37e0 [ 163.975729] ? lock_release+0x532/0x770 [ 163.976161] ? __might_fault+0x102/0x1b0 [ 163.976603] ? lock_acquire+0x427/0x4c0 [ 163.977046] ? __pfx_iommufd_test+0x10/0x10 [ 163.977501] ? __pfx_lock_release+0x10/0x10 [ 163.977985] ? __pfx_lock_acquire+0x10/0x10 [ 163.978450] ? write_comp_data+0x2f/0x90 [ 163.978920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 163.979462] ? write_comp_data+0x2f/0x90 [ 163.979915] iommufd_fops_ioctl+0x37d/0x510 [ 163.980522] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.981306] ? write_comp_data+0x2f/0x90 [ 163.981754] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.982272] __x64_sys_ioctl+0x1a3/0x230 [ 163.982749] do_syscall_64+0x3b/0x90 [ 163.983170] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 163.983722] RIP: 0033:0x7f4b8743ee5d [ 163.984118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 163.986029] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 163.986869] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 163.987629] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.988361] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 163.989089] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 163.989818] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 163.990602] [ 163.990844] irq event stamp: 0 [ 163.991187] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 163.991840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 163.992698] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 163.993574] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 163.994225] ---[ end trace 0000000000000000 ]--- [ 163.997869] ------------[ cut here ]------------ [ 163.998486] WARNING: CPU: 0 PID: 1546 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 163.999741] Modules linked in: [ 164.000078] CPU: 0 PID: 1546 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.000994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.002398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.002956] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.005122] RSP: 0018:ffff8880208dfbd0 EFLAGS: 00010246 [ 164.005691] RAX: 0000000000000000 RBX: ffff8880158988a8 RCX: 0000000000000000 [ 164.006680] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 164.007439] RBP: ffff8880208dfbe8 R08: ffffed1002b13133 R09: ffffed1002b13133 [ 164.008178] R10: ffff888015898993 R11: ffffed1002b13132 R12: ffff888018afe000 [ 164.009174] R13: ffff8880158989e8 R14: ffff8880129ea000 R15: 0000000000000000 [ 164.009914] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.010835] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.011674] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.012418] PKRU: 55555554 [ 164.012721] Call Trace: [ 164.012988] [ 164.013254] iommufd_access_destroy_object+0x65/0x170 [ 164.014015] iommufd_object_destroy_user+0x18e/0x220 [ 164.014580] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.015216] iommufd_access_destroy+0x43/0x70 [ 164.015699] iommufd_test_staccess_release+0x8d/0xd0 [ 164.016523] __fput+0x26d/0xa40 [ 164.016890] ____fput+0x1e/0x30 [ 164.017247] task_work_run+0x1a4/0x2d0 [ 164.017670] ? __pfx_task_work_run+0x10/0x10 [ 164.018134] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.018971] ? switch_task_namespaces+0xa9/0xe0 [ 164.019493] do_exit+0xb17/0x2ef0 [ 164.019863] ? lock_acquire+0x427/0x4c0 [ 164.020283] ? __pfx_lock_release+0x10/0x10 [ 164.020742] ? __kasan_check_write+0x18/0x20 [ 164.021446] ? do_raw_spin_lock+0x132/0x2a0 [ 164.021901] ? __pfx_do_exit+0x10/0x10 [ 164.022316] ? debug_smp_processor_id+0x20/0x30 [ 164.022845] ? rcu_is_watching+0x19/0xb0 [ 164.023298] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.024069] ? trace_hardirqs_on+0x26/0x120 [ 164.024533] do_group_exit+0xe0/0x2b0 [ 164.024937] __x64_sys_exit_group+0x47/0x50 [ 164.025389] do_syscall_64+0x3b/0x90 [ 164.025841] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.026575] RIP: 0033:0x7f4b87518a4d [ 164.026968] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.027637] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.028428] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.029164] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.029896] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.030674] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.031428] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.032181] [ 164.032431] irq event stamp: 0 [ 164.032762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.033420] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.034290] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.035221] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.035885] ---[ end trace 0000000000000000 ]--- [ 164.036755] ------------[ cut here ]------------ [ 164.037246] WARNING: CPU: 0 PID: 1546 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.038297] Modules linked in: [ 164.038700] CPU: 0 PID: 1546 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.039627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.040787] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.041325] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.043276] RSP: 0018:ffff8880208dfb78 EFLAGS: 00010246 [ 164.043843] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.044577] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 164.045306] RBP: ffff8880208dfb98 R08: ffffed1002b1313e R09: ffffed1002b1313e [ 164.046036] R10: ffff8880158989ef R11: ffffed1002b1313d R12: ffff888015898a90 [ 164.046798] R13: ffff8880158988a8 R14: ffffffffffffffff R15: ffff8880208dfc60 [ 164.047558] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.048396] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.048999] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.049735] PKRU: 55555554 [ 164.050029] Call Trace: [ 164.050296] [ 164.050571] iommufd_ioas_destroy+0x53/0x70 [ 164.051038] iommufd_fops_release+0x1f7/0x370 [ 164.051522] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.052043] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.052563] ? write_comp_data+0x2f/0x90 [ 164.052996] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.053520] __fput+0x26d/0xa40 [ 164.053882] ____fput+0x1e/0x30 [ 164.054237] task_work_run+0x1a4/0x2d0 [ 164.054715] ? __pfx_task_work_run+0x10/0x10 [ 164.055206] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.055723] ? switch_task_namespaces+0xa9/0xe0 [ 164.056216] do_exit+0xb17/0x2ef0 [ 164.056573] ? lock_acquire+0x427/0x4c0 [ 164.057003] ? __pfx_lock_release+0x10/0x10 [ 164.057459] ? __kasan_check_write+0x18/0x20 [ 164.057919] ? do_raw_spin_lock+0x132/0x2a0 [ 164.058371] ? __pfx_do_exit+0x10/0x10 [ 164.058828] ? debug_smp_processor_id+0x20/0x30 [ 164.059340] ? rcu_is_watching+0x19/0xb0 [ 164.059767] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.060240] ? trace_hardirqs_on+0x26/0x120 [ 164.060703] do_group_exit+0xe0/0x2b0 [ 164.061109] __x64_sys_exit_group+0x47/0x50 [ 164.061560] do_syscall_64+0x3b/0x90 [ 164.061961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.062551] RIP: 0033:0x7f4b87518a4d [ 164.062943] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.063598] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.064393] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.065129] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.065864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.066657] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.067411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.068154] [ 164.068399] irq event stamp: 0 [ 164.068724] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.069366] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.070231] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.071153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.071816] ---[ end trace 0000000000000000 ]--- [ 164.077146] ------------[ cut here ]------------ [ 164.077690] WARNING: CPU: 0 PID: 1547 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.078986] Modules linked in: [ 164.079353] CPU: 0 PID: 1547 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.080268] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.081433] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.081949] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.083882] RSP: 0018:ffff88800bd87bb8 EFLAGS: 00010246 [ 164.084445] RAX: 0000000000000000 RBX: ffff88800b8110a8 RCX: 0000000000000000 [ 164.085186] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 164.085922] RBP: ffff88800bd87bd0 R08: ffffed1001702233 R09: ffffed1001702233 [ 164.086688] R10: ffff88800b811193 R11: ffffed1001702232 R12: ffff88801226cc00 [ 164.087453] R13: ffff88800b8111e8 R14: ffffffff8352e670 R15: ffff88800bd87e68 [ 164.088203] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.089035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.089632] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 164.090367] PKRU: 55555554 [ 164.090715] Call Trace: [ 164.090995] [ 164.091249] __iommufd_access_detach+0x1c2/0x2b0 [ 164.091758] iommufd_access_change_pt+0x149/0x270 [ 164.092275] iommufd_access_replace+0xb4/0x120 [ 164.092767] iommufd_test+0x3e5/0x37e0 [ 164.093178] ? lock_release+0x532/0x770 [ 164.093610] ? __might_fault+0x102/0x1b0 [ 164.094043] ? lock_acquire+0x427/0x4c0 [ 164.094470] ? __pfx_iommufd_test+0x10/0x10 [ 164.094964] ? __pfx_lock_release+0x10/0x10 [ 164.095435] ? __pfx_lock_acquire+0x10/0x10 [ 164.095899] ? write_comp_data+0x2f/0x90 [ 164.096331] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.096837] ? write_comp_data+0x2f/0x90 [ 164.097272] iommufd_fops_ioctl+0x37d/0x510 [ 164.097724] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.098239] ? write_comp_data+0x2f/0x90 [ 164.098735] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.099265] __x64_sys_ioctl+0x1a3/0x230 [ 164.099711] do_syscall_64+0x3b/0x90 [ 164.100116] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.100670] RIP: 0033:0x7f4b8743ee5d [ 164.101062] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.103000] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.103818] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.104560] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.105306] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.106052] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.106835] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.107615] [ 164.107866] irq event stamp: 0 [ 164.108202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.108862] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.109739] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.110652] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.111343] ---[ end trace 0000000000000000 ]--- [ 164.114718] ------------[ cut here ]------------ [ 164.115289] WARNING: CPU: 0 PID: 1547 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.116355] Modules linked in: [ 164.116700] CPU: 0 PID: 1547 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.117611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.118831] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.119394] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.121316] RSP: 0018:ffff88800bd87bd0 EFLAGS: 00010246 [ 164.121877] RAX: 0000000000000000 RBX: ffff88800b8110a8 RCX: 0000000000000000 [ 164.122657] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 164.123419] RBP: ffff88800bd87be8 R08: ffffed1001702233 R09: ffffed1001702233 [ 164.124161] R10: ffff88800b811193 R11: ffffed1001702232 R12: ffff888013ed8c00 [ 164.124921] R13: ffff88800b8111e8 R14: ffff888014522d00 R15: 0000000000000000 [ 164.125682] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.126578] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.127211] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.127964] PKRU: 55555554 [ 164.128262] Call Trace: [ 164.128535] [ 164.128773] iommufd_access_destroy_object+0x65/0x170 [ 164.129327] iommufd_object_destroy_user+0x18e/0x220 [ 164.129864] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.130482] iommufd_access_destroy+0x43/0x70 [ 164.131027] iommufd_test_staccess_release+0x8d/0xd0 [ 164.131584] __fput+0x26d/0xa40 [ 164.131944] ____fput+0x1e/0x30 [ 164.132293] task_work_run+0x1a4/0x2d0 [ 164.132707] ? __pfx_task_work_run+0x10/0x10 [ 164.133165] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.133674] ? switch_task_namespaces+0xa9/0xe0 [ 164.134179] do_exit+0xb17/0x2ef0 [ 164.134576] ? lock_acquire+0x427/0x4c0 [ 164.135009] ? __pfx_lock_release+0x10/0x10 [ 164.135483] ? __kasan_check_write+0x18/0x20 [ 164.135942] ? do_raw_spin_lock+0x132/0x2a0 [ 164.136403] ? __pfx_do_exit+0x10/0x10 [ 164.136822] ? debug_smp_processor_id+0x20/0x30 [ 164.137308] ? rcu_is_watching+0x19/0xb0 [ 164.137736] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.138219] ? trace_hardirqs_on+0x26/0x120 [ 164.138712] do_group_exit+0xe0/0x2b0 [ 164.139121] __x64_sys_exit_group+0x47/0x50 [ 164.139579] do_syscall_64+0x3b/0x90 [ 164.139972] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.140520] RIP: 0033:0x7f4b87518a4d [ 164.140911] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.141545] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.142323] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.143131] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.143875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.144616] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.145342] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.146090] [ 164.146333] irq event stamp: 0 [ 164.146691] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.147356] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.148212] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.149064] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.149724] ---[ end trace 0000000000000000 ]--- [ 164.150655] ------------[ cut here ]------------ [ 164.151167] WARNING: CPU: 0 PID: 1547 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.152219] Modules linked in: [ 164.152555] CPU: 0 PID: 1547 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.153427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.154484] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.155011] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.156743] RSP: 0018:ffff88800bd87b78 EFLAGS: 00010246 [ 164.157249] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.157931] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 164.158680] RBP: ffff88800bd87b98 R08: ffffed100170223e R09: ffffed100170223e [ 164.159367] R10: ffff88800b8111ef R11: ffffed100170223d R12: ffff88800b811290 [ 164.160037] R13: ffff88800b8110a8 R14: ffffffffffffffff R15: ffff88800bd87c60 [ 164.160726] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.161495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.162045] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.162750] PKRU: 55555554 [ 164.163022] Call Trace: [ 164.163282] [ 164.163502] iommufd_ioas_destroy+0x53/0x70 [ 164.163924] iommufd_fops_release+0x1f7/0x370 [ 164.164355] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.164836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.165308] ? write_comp_data+0x2f/0x90 [ 164.165703] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.166183] __fput+0x26d/0xa40 [ 164.166537] ____fput+0x1e/0x30 [ 164.166861] task_work_run+0x1a4/0x2d0 [ 164.167257] ? __pfx_task_work_run+0x10/0x10 [ 164.167684] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.168148] ? switch_task_namespaces+0xa9/0xe0 [ 164.168614] do_exit+0xb17/0x2ef0 [ 164.168944] ? lock_acquire+0x427/0x4c0 [ 164.169336] ? __pfx_lock_release+0x10/0x10 [ 164.169751] ? __kasan_check_write+0x18/0x20 [ 164.170172] ? do_raw_spin_lock+0x132/0x2a0 [ 164.170607] ? __pfx_do_exit+0x10/0x10 [ 164.170992] ? debug_smp_processor_id+0x20/0x30 [ 164.171452] ? rcu_is_watching+0x19/0xb0 [ 164.171840] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.172278] ? trace_hardirqs_on+0x26/0x120 [ 164.172695] do_group_exit+0xe0/0x2b0 [ 164.173058] __x64_sys_exit_group+0x47/0x50 [ 164.173463] do_syscall_64+0x3b/0x90 [ 164.173824] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.174320] RIP: 0033:0x7f4b87518a4d [ 164.174711] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.175323] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.176027] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.176687] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.177348] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.178010] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.178697] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.179391] [ 164.179597] irq event stamp: 0 [ 164.179874] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.180421] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.181150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.181877] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.182424] ---[ end trace 0000000000000000 ]--- [ 164.188169] ------------[ cut here ]------------ [ 164.188786] WARNING: CPU: 1 PID: 1548 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.189983] Modules linked in: [ 164.190372] CPU: 1 PID: 1548 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.191866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.193206] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.193794] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.195808] RSP: 0018:ffff8880208dfbb8 EFLAGS: 00010246 [ 164.196301] RAX: 0000000000000000 RBX: ffff888010b7d8a8 RCX: 0000000000000000 [ 164.196886] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 164.197470] RBP: ffff8880208dfbd0 R08: ffffed100216fb33 R09: ffffed100216fb33 [ 164.198049] R10: ffff888010b7d993 R11: ffffed100216fb32 R12: ffff888013b15800 [ 164.198644] R13: ffff888010b7d9e8 R14: ffffffff8352e670 R15: ffff8880208dfe68 [ 164.199323] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.199973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.200451] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 164.201039] PKRU: 55555554 [ 164.201281] Call Trace: [ 164.201496] [ 164.201682] __iommufd_access_detach+0x1c2/0x2b0 [ 164.202083] iommufd_access_change_pt+0x149/0x270 [ 164.202499] iommufd_access_replace+0xb4/0x120 [ 164.203031] iommufd_test+0x3e5/0x37e0 [ 164.203383] ? lock_release+0x532/0x770 [ 164.203719] ? __might_fault+0x102/0x1b0 [ 164.204067] ? lock_acquire+0x427/0x4c0 [ 164.204409] ? __pfx_iommufd_test+0x10/0x10 [ 164.204762] ? __pfx_lock_release+0x10/0x10 [ 164.205122] ? __pfx_lock_acquire+0x10/0x10 [ 164.205495] ? write_comp_data+0x2f/0x90 [ 164.205837] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.206238] ? write_comp_data+0x2f/0x90 [ 164.206614] iommufd_fops_ioctl+0x37d/0x510 [ 164.207078] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.207501] ? write_comp_data+0x2f/0x90 [ 164.207849] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.208236] __x64_sys_ioctl+0x1a3/0x230 [ 164.208571] do_syscall_64+0x3b/0x90 [ 164.208889] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.209308] RIP: 0033:0x7f4b8743ee5d [ 164.209605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.211087] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.211989] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.212774] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.213558] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.214339] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.215185] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.215995] [ 164.216262] irq event stamp: 0 [ 164.216616] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.217316] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.218239] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.219200] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.219903] ---[ end trace 0000000000000000 ]--- [ 164.224358] ------------[ cut here ]------------ [ 164.224913] WARNING: CPU: 1 PID: 1548 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.226026] Modules linked in: [ 164.226388] CPU: 1 PID: 1548 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.227394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.228625] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.229172] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.231178] RSP: 0018:ffff8880208dfbd0 EFLAGS: 00010246 [ 164.231768] RAX: 0000000000000000 RBX: ffff888010b7d8a8 RCX: 0000000000000000 [ 164.232543] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 164.233318] RBP: ffff8880208dfbe8 R08: ffffed100216fb33 R09: ffffed100216fb33 [ 164.234092] R10: ffff888010b7d993 R11: ffffed100216fb32 R12: ffff888012de7000 [ 164.234894] R13: ffff888010b7d9e8 R14: ffff88800efecc00 R15: 0000000000000000 [ 164.235685] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.236706] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.237341] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 164.238209] PKRU: 55555554 [ 164.238570] Call Trace: [ 164.238862] [ 164.239124] iommufd_access_destroy_object+0x65/0x170 [ 164.239745] iommufd_object_destroy_user+0x18e/0x220 [ 164.240371] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.241019] iommufd_access_destroy+0x43/0x70 [ 164.241531] iommufd_test_staccess_release+0x8d/0xd0 [ 164.242224] __fput+0x26d/0xa40 [ 164.242648] ____fput+0x1e/0x30 [ 164.243036] task_work_run+0x1a4/0x2d0 [ 164.243495] ? __pfx_task_work_run+0x10/0x10 [ 164.244088] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.244635] ? switch_task_namespaces+0xa9/0xe0 [ 164.245169] do_exit+0xb17/0x2ef0 [ 164.245558] ? lock_acquire+0x427/0x4c0 [ 164.246132] ? __pfx_lock_release+0x10/0x10 [ 164.246657] ? __kasan_check_write+0x18/0x20 [ 164.247168] ? do_raw_spin_lock+0x132/0x2a0 [ 164.247667] ? __pfx_do_exit+0x10/0x10 [ 164.248179] ? debug_smp_processor_id+0x20/0x30 [ 164.248703] ? rcu_is_watching+0x19/0xb0 [ 164.249157] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.249763] ? trace_hardirqs_on+0x26/0x120 [ 164.250253] do_group_exit+0xe0/0x2b0 [ 164.250717] __x64_sys_exit_group+0x47/0x50 [ 164.251208] do_syscall_64+0x3b/0x90 [ 164.251721] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.252303] RIP: 0033:0x7f4b87518a4d [ 164.252715] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.253465] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.254294] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.255165] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.255993] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.256768] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.257629] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.258424] [ 164.258728] irq event stamp: 0 [ 164.259101] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.259869] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.260788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.261753] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.262440] ---[ end trace 0000000000000000 ]--- [ 164.263670] ------------[ cut here ]------------ [ 164.264195] WARNING: CPU: 1 PID: 1548 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.265404] Modules linked in: [ 164.265763] CPU: 1 PID: 1548 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.266857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.268099] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.268724] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.271132] RSP: 0018:ffff8880208dfb78 EFLAGS: 00010246 [ 164.271722] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.272545] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 164.273370] RBP: ffff8880208dfb98 R08: ffffed100216fb3e R09: ffffed100216fb3e [ 164.274155] R10: ffff888010b7d9ef R11: ffffed100216fb3d R12: ffff888010b7da90 [ 164.275027] R13: ffff888010b7d8a8 R14: ffffffffffffffff R15: ffff8880208dfc60 [ 164.275819] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.276782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.277415] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 164.278274] PKRU: 55555554 [ 164.278623] Call Trace: [ 164.278912] [ 164.279178] iommufd_ioas_destroy+0x53/0x70 [ 164.279665] iommufd_fops_release+0x1f7/0x370 [ 164.280222] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.280833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.281381] ? write_comp_data+0x2f/0x90 [ 164.281865] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.282465] __fput+0x26d/0xa40 [ 164.282887] ____fput+0x1e/0x30 [ 164.283287] task_work_run+0x1a4/0x2d0 [ 164.283732] ? __pfx_task_work_run+0x10/0x10 [ 164.284324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.284871] ? switch_task_namespaces+0xa9/0xe0 [ 164.285402] do_exit+0xb17/0x2ef0 [ 164.285846] ? lock_acquire+0x427/0x4c0 [ 164.286332] ? __pfx_lock_release+0x10/0x10 [ 164.286850] ? __kasan_check_write+0x18/0x20 [ 164.287357] ? do_raw_spin_lock+0x132/0x2a0 [ 164.287894] ? __pfx_do_exit+0x10/0x10 [ 164.288403] ? debug_smp_processor_id+0x20/0x30 [ 164.288924] ? rcu_is_watching+0x19/0xb0 [ 164.289381] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.289984] ? trace_hardirqs_on+0x26/0x120 [ 164.290475] do_group_exit+0xe0/0x2b0 [ 164.290988] __x64_sys_exit_group+0x47/0x50 [ 164.291602] do_syscall_64+0x3b/0x90 [ 164.292035] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.292712] RIP: 0033:0x7f4b87518a4d [ 164.293125] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.293794] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.294751] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.295538] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.296404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.297177] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.298000] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.298895] [ 164.299170] irq event stamp: 0 [ 164.299522] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.300297] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.301203] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.302195] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.302914] ---[ end trace 0000000000000000 ]--- [ 164.308853] ------------[ cut here ]------------ [ 164.309441] WARNING: CPU: 1 PID: 1549 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.310694] Modules linked in: [ 164.311061] CPU: 1 PID: 1549 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.312027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.313335] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.313885] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.315988] RSP: 0018:ffff8880163d7bb8 EFLAGS: 00010246 [ 164.316626] RAX: 0000000000000000 RBX: ffff88800cb928a8 RCX: 0000000000000000 [ 164.317400] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 164.318265] RBP: ffff8880163d7bd0 R08: ffffed1001972533 R09: ffffed1001972533 [ 164.319069] R10: ffff88800cb92993 R11: ffffed1001972532 R12: ffff888010c0a800 [ 164.319863] R13: ffff88800cb929e8 R14: ffffffff8352e670 R15: ffff8880163d7e68 [ 164.320640] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.321513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.322144] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 164.322958] PKRU: 55555554 [ 164.323289] Call Trace: [ 164.323576] [ 164.323832] __iommufd_access_detach+0x1c2/0x2b0 [ 164.324377] iommufd_access_change_pt+0x149/0x270 [ 164.324925] iommufd_access_replace+0xb4/0x120 [ 164.325448] iommufd_test+0x3e5/0x37e0 [ 164.325888] ? lock_release+0x532/0x770 [ 164.326346] ? __might_fault+0x102/0x1b0 [ 164.326841] ? lock_acquire+0x427/0x4c0 [ 164.327317] ? __pfx_iommufd_test+0x10/0x10 [ 164.327798] ? __pfx_lock_release+0x10/0x10 [ 164.328288] ? __pfx_lock_acquire+0x10/0x10 [ 164.328781] ? write_comp_data+0x2f/0x90 [ 164.329250] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.329798] ? write_comp_data+0x2f/0x90 [ 164.330265] iommufd_fops_ioctl+0x37d/0x510 [ 164.330783] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.331366] ? write_comp_data+0x2f/0x90 [ 164.331713] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.332089] __x64_sys_ioctl+0x1a3/0x230 [ 164.332415] do_syscall_64+0x3b/0x90 [ 164.332710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.333115] RIP: 0033:0x7f4b8743ee5d [ 164.333400] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.334789] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.335374] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.335907] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.336439] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.336978] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.337524] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.338070] [ 164.338247] irq event stamp: 0 [ 164.338485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.338987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.339626] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.340258] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.340729] ---[ end trace 0000000000000000 ]--- [ 164.343559] ------------[ cut here ]------------ [ 164.343941] WARNING: CPU: 1 PID: 1549 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.344704] Modules linked in: [ 164.344946] CPU: 1 PID: 1549 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.345598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.346438] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.346835] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.348215] RSP: 0018:ffff8880163d7bd0 EFLAGS: 00010246 [ 164.348615] RAX: 0000000000000000 RBX: ffff88800cb928a8 RCX: 0000000000000000 [ 164.349221] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 164.349763] RBP: ffff8880163d7be8 R08: ffffed1001972533 R09: ffffed1001972533 [ 164.350299] R10: ffff88800cb92993 R11: ffffed1001972532 R12: ffff888013b14c00 [ 164.350856] R13: ffff88800cb929e8 R14: ffff888020e5bb00 R15: 0000000000000000 [ 164.351404] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.352006] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.352445] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 164.352980] PKRU: 55555554 [ 164.353193] Call Trace: [ 164.353391] [ 164.353565] iommufd_access_destroy_object+0x65/0x170 [ 164.353963] iommufd_object_destroy_user+0x18e/0x220 [ 164.354352] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.354814] iommufd_access_destroy+0x43/0x70 [ 164.355171] iommufd_test_staccess_release+0x8d/0xd0 [ 164.355565] __fput+0x26d/0xa40 [ 164.355830] ____fput+0x1e/0x30 [ 164.356092] task_work_run+0x1a4/0x2d0 [ 164.356395] ? __pfx_task_work_run+0x10/0x10 [ 164.356736] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.357115] ? switch_task_namespaces+0xa9/0xe0 [ 164.357478] do_exit+0xb17/0x2ef0 [ 164.357745] ? lock_acquire+0x427/0x4c0 [ 164.358057] ? __pfx_lock_release+0x10/0x10 [ 164.358388] ? __kasan_check_write+0x18/0x20 [ 164.358739] ? do_raw_spin_lock+0x132/0x2a0 [ 164.359069] ? __pfx_do_exit+0x10/0x10 [ 164.359382] ? debug_smp_processor_id+0x20/0x30 [ 164.359740] ? rcu_is_watching+0x19/0xb0 [ 164.360049] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.360399] ? trace_hardirqs_on+0x26/0x120 [ 164.360735] do_group_exit+0xe0/0x2b0 [ 164.361027] __x64_sys_exit_group+0x47/0x50 [ 164.361354] do_syscall_64+0x3b/0x90 [ 164.361646] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.362045] RIP: 0033:0x7f4b87518a4d [ 164.362330] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.362810] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.363404] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.363940] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.364475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.365011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.365549] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.366095] [ 164.366273] irq event stamp: 0 [ 164.366534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.367014] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.367658] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.368288] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.368764] ---[ end trace 0000000000000000 ]--- [ 164.369443] ------------[ cut here ]------------ [ 164.369798] WARNING: CPU: 1 PID: 1549 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.370585] Modules linked in: [ 164.370834] CPU: 1 PID: 1549 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.371508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.372352] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.372742] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.374102] RSP: 0018:ffff8880163d7b78 EFLAGS: 00010246 [ 164.374528] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.375065] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 164.375611] RBP: ffff8880163d7b98 R08: ffffed100197253e R09: ffffed100197253e [ 164.376148] R10: ffff88800cb929ef R11: ffffed100197253d R12: ffff88800cb92a90 [ 164.376685] R13: ffff88800cb928a8 R14: ffffffffffffffff R15: ffff8880163d7c60 [ 164.377222] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.377826] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.378267] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 164.378825] PKRU: 55555554 [ 164.379044] Call Trace: [ 164.379249] [ 164.379425] iommufd_ioas_destroy+0x53/0x70 [ 164.379763] iommufd_fops_release+0x1f7/0x370 [ 164.380114] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.380502] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.380878] ? write_comp_data+0x2f/0x90 [ 164.381245] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.381625] __fput+0x26d/0xa40 [ 164.381891] ____fput+0x1e/0x30 [ 164.382150] task_work_run+0x1a4/0x2d0 [ 164.382456] ? __pfx_task_work_run+0x10/0x10 [ 164.382812] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.383196] ? switch_task_namespaces+0xa9/0xe0 [ 164.383563] do_exit+0xb17/0x2ef0 [ 164.383826] ? lock_acquire+0x427/0x4c0 [ 164.384136] ? __pfx_lock_release+0x10/0x10 [ 164.384471] ? __kasan_check_write+0x18/0x20 [ 164.384808] ? do_raw_spin_lock+0x132/0x2a0 [ 164.385136] ? __pfx_do_exit+0x10/0x10 [ 164.385443] ? debug_smp_processor_id+0x20/0x30 [ 164.385802] ? rcu_is_watching+0x19/0xb0 [ 164.386112] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.386463] ? trace_hardirqs_on+0x26/0x120 [ 164.386814] do_group_exit+0xe0/0x2b0 [ 164.387109] __x64_sys_exit_group+0x47/0x50 [ 164.387455] do_syscall_64+0x3b/0x90 [ 164.387751] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.388154] RIP: 0033:0x7f4b87518a4d [ 164.388436] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.388901] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.389475] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.390006] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.390563] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.391105] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.391650] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.392195] [ 164.392373] irq event stamp: 0 [ 164.392613] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.393087] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.393718] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.394343] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.394833] ---[ end trace 0000000000000000 ]--- [ 164.398994] ------------[ cut here ]------------ [ 164.399396] WARNING: CPU: 1 PID: 1550 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.400157] Modules linked in: [ 164.400402] CPU: 1 PID: 1550 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.401055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.401896] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.402272] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.403674] RSP: 0018:ffff888012c5fbb8 EFLAGS: 00010246 [ 164.404078] RAX: 0000000000000000 RBX: ffff888020b090a8 RCX: 0000000000000000 [ 164.404611] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 164.405142] RBP: ffff888012c5fbd0 R08: ffffed1004161233 R09: ffffed1004161233 [ 164.405677] R10: ffff888020b09193 R11: ffffed1004161232 R12: ffff888017b97400 [ 164.406212] R13: ffff888020b091e8 R14: ffffffff8352e670 R15: ffff888012c5fe68 [ 164.406762] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.407375] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.407816] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 164.408352] PKRU: 55555554 [ 164.408569] Call Trace: [ 164.408764] [ 164.408935] __iommufd_access_detach+0x1c2/0x2b0 [ 164.409308] iommufd_access_change_pt+0x149/0x270 [ 164.409682] iommufd_access_replace+0xb4/0x120 [ 164.410038] iommufd_test+0x3e5/0x37e0 [ 164.410333] ? lock_release+0x532/0x770 [ 164.410664] ? __might_fault+0x102/0x1b0 [ 164.410981] ? lock_acquire+0x427/0x4c0 [ 164.411309] ? __pfx_iommufd_test+0x10/0x10 [ 164.411637] ? __pfx_lock_release+0x10/0x10 [ 164.411972] ? __pfx_lock_acquire+0x10/0x10 [ 164.412308] ? write_comp_data+0x2f/0x90 [ 164.412625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.413037] ? write_comp_data+0x2f/0x90 [ 164.413355] iommufd_fops_ioctl+0x37d/0x510 [ 164.413689] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.414063] ? write_comp_data+0x2f/0x90 [ 164.414379] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.414765] __x64_sys_ioctl+0x1a3/0x230 [ 164.415088] do_syscall_64+0x3b/0x90 [ 164.415391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.415789] RIP: 0033:0x7f4b8743ee5d [ 164.416075] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.417437] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.418009] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.418554] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.419089] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.419631] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.420170] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.420717] [ 164.420894] irq event stamp: 0 [ 164.421134] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.421612] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.422250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.422887] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.423365] ---[ end trace 0000000000000000 ]--- [ 164.426036] ------------[ cut here ]------------ [ 164.426422] WARNING: CPU: 1 PID: 1550 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.427232] Modules linked in: [ 164.427482] CPU: 1 PID: 1550 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.428139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.428981] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.429355] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.430718] RSP: 0018:ffff888012c5fbd0 EFLAGS: 00010246 [ 164.431127] RAX: 0000000000000000 RBX: ffff888020b090a8 RCX: 0000000000000000 [ 164.431664] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 164.432193] RBP: ffff888012c5fbe8 R08: ffffed1004161233 R09: ffffed1004161233 [ 164.432734] R10: ffff888020b09193 R11: ffffed1004161232 R12: ffff888010c0b000 [ 164.433268] R13: ffff888020b091e8 R14: ffff888012cd9c00 R15: 0000000000000000 [ 164.433806] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.434412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.434868] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 164.435420] PKRU: 55555554 [ 164.435636] Call Trace: [ 164.435831] [ 164.436004] iommufd_access_destroy_object+0x65/0x170 [ 164.436404] iommufd_object_destroy_user+0x18e/0x220 [ 164.436796] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.437240] iommufd_access_destroy+0x43/0x70 [ 164.437588] iommufd_test_staccess_release+0x8d/0xd0 [ 164.437979] __fput+0x26d/0xa40 [ 164.438244] ____fput+0x1e/0x30 [ 164.438526] task_work_run+0x1a4/0x2d0 [ 164.438833] ? __pfx_task_work_run+0x10/0x10 [ 164.439185] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.439560] ? switch_task_namespaces+0xa9/0xe0 [ 164.439923] do_exit+0xb17/0x2ef0 [ 164.440185] ? lock_acquire+0x427/0x4c0 [ 164.440493] ? __pfx_lock_release+0x10/0x10 [ 164.440825] ? __kasan_check_write+0x18/0x20 [ 164.441164] ? do_raw_spin_lock+0x132/0x2a0 [ 164.441492] ? __pfx_do_exit+0x10/0x10 [ 164.441798] ? debug_smp_processor_id+0x20/0x30 [ 164.442154] ? rcu_is_watching+0x19/0xb0 [ 164.442466] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.442837] ? trace_hardirqs_on+0x26/0x120 [ 164.443184] do_group_exit+0xe0/0x2b0 [ 164.443478] __x64_sys_exit_group+0x47/0x50 [ 164.443804] do_syscall_64+0x3b/0x90 [ 164.444098] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.444495] RIP: 0033:0x7f4b87518a4d [ 164.444777] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.445291] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.445866] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.446406] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.446968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.447514] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.448055] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.448597] [ 164.448774] irq event stamp: 0 [ 164.449012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.449486] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.450116] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.450763] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.451244] ---[ end trace 0000000000000000 ]--- [ 164.451915] ------------[ cut here ]------------ [ 164.452273] WARNING: CPU: 1 PID: 1550 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.453047] Modules linked in: [ 164.453291] CPU: 1 PID: 1550 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.453947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.454805] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.455205] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.456566] RSP: 0018:ffff888012c5fb78 EFLAGS: 00010246 [ 164.456961] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.457490] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 164.458022] RBP: ffff888012c5fb98 R08: ffffed100416123e R09: ffffed100416123e [ 164.458574] R10: ffff888020b091ef R11: ffffed100416123d R12: ffff888020b09290 [ 164.459128] R13: ffff888020b090a8 R14: ffffffffffffffff R15: ffff888012c5fc60 [ 164.459663] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 164.460264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.460700] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 164.461234] PKRU: 55555554 [ 164.461448] Call Trace: [ 164.461642] [ 164.461816] iommufd_ioas_destroy+0x53/0x70 [ 164.462148] iommufd_fops_release+0x1f7/0x370 [ 164.462494] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.462899] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.463287] ? write_comp_data+0x2f/0x90 [ 164.463603] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.463985] __fput+0x26d/0xa40 [ 164.464252] ____fput+0x1e/0x30 [ 164.464511] task_work_run+0x1a4/0x2d0 [ 164.464812] ? __pfx_task_work_run+0x10/0x10 [ 164.465149] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.465525] ? switch_task_namespaces+0xa9/0xe0 [ 164.465887] do_exit+0xb17/0x2ef0 [ 164.466149] ? lock_acquire+0x427/0x4c0 [ 164.466460] ? __pfx_lock_release+0x10/0x10 [ 164.466815] ? __kasan_check_write+0x18/0x20 [ 164.467163] ? do_raw_spin_lock+0x132/0x2a0 [ 164.467496] ? __pfx_do_exit+0x10/0x10 [ 164.467799] ? debug_smp_processor_id+0x20/0x30 [ 164.468158] ? rcu_is_watching+0x19/0xb0 [ 164.468475] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.468827] ? trace_hardirqs_on+0x26/0x120 [ 164.469163] do_group_exit+0xe0/0x2b0 [ 164.469457] __x64_sys_exit_group+0x47/0x50 [ 164.469783] do_syscall_64+0x3b/0x90 [ 164.470074] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.470472] RIP: 0033:0x7f4b87518a4d [ 164.470775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.471253] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.471830] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.472362] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.472899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.473436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.473969] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.474537] [ 164.474716] irq event stamp: 0 [ 164.474956] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.475440] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.476067] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.476697] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.477223] ---[ end trace 0000000000000000 ]--- [ 164.481299] ------------[ cut here ]------------ [ 164.481703] WARNING: CPU: 0 PID: 1551 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.482457] Modules linked in: [ 164.482933] CPU: 0 PID: 1551 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.483589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.484415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.484792] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.486142] RSP: 0018:ffff888016117bb8 EFLAGS: 00010246 [ 164.486555] RAX: 0000000000000000 RBX: ffff8880244850a8 RCX: 0000000000000000 [ 164.487085] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 164.487618] RBP: ffff888016117bd0 R08: ffffed1004890a33 R09: ffffed1004890a33 [ 164.488148] R10: ffff888024485193 R11: ffffed1004890a32 R12: ffff888010f06400 [ 164.488673] R13: ffff8880244851e8 R14: ffffffff8352e670 R15: ffff888016117e68 [ 164.489221] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.489809] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.490243] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 164.490786] PKRU: 55555554 [ 164.491010] Call Trace: [ 164.491208] [ 164.491395] __iommufd_access_detach+0x1c2/0x2b0 [ 164.491761] iommufd_access_change_pt+0x149/0x270 [ 164.492128] iommufd_access_replace+0xb4/0x120 [ 164.492563] iommufd_test+0x3e5/0x37e0 [ 164.492967] ? lock_release+0x532/0x770 [ 164.493285] ? __might_fault+0x102/0x1b0 [ 164.493608] ? lock_acquire+0x427/0x4c0 [ 164.493925] ? __pfx_iommufd_test+0x10/0x10 [ 164.494243] ? __pfx_lock_release+0x10/0x10 [ 164.494598] ? __pfx_lock_acquire+0x10/0x10 [ 164.494926] ? write_comp_data+0x2f/0x90 [ 164.495245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.495610] ? write_comp_data+0x2f/0x90 [ 164.495940] iommufd_fops_ioctl+0x37d/0x510 [ 164.496267] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.496630] ? write_comp_data+0x2f/0x90 [ 164.496950] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.497310] __x64_sys_ioctl+0x1a3/0x230 [ 164.497629] do_syscall_64+0x3b/0x90 [ 164.497936] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.498332] RIP: 0033:0x7f4b8743ee5d [ 164.498637] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.500028] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.500596] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.501136] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.501666] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.502208] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.502746] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.503324] [ 164.503501] irq event stamp: 0 [ 164.503740] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.504210] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.504845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.505471] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.505933] ---[ end trace 0000000000000000 ]--- [ 164.508939] ------------[ cut here ]------------ [ 164.509299] WARNING: CPU: 0 PID: 1551 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.510077] Modules linked in: [ 164.510410] CPU: 0 PID: 1551 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.511095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.512079] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.512458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.513848] RSP: 0018:ffff888016117bd0 EFLAGS: 00010246 [ 164.514345] RAX: 0000000000000000 RBX: ffff8880244850a8 RCX: 0000000000000000 [ 164.514902] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 164.515455] RBP: ffff888016117be8 R08: ffffed1004890a33 R09: ffffed1004890a33 [ 164.516117] R10: ffff888024485193 R11: ffffed1004890a32 R12: ffff88801226dc00 [ 164.516664] R13: ffff8880244851e8 R14: ffff88800efdb900 R15: 0000000000000000 [ 164.517209] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.517923] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.518358] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.519049] PKRU: 55555554 [ 164.519278] Call Trace: [ 164.519471] [ 164.519657] iommufd_access_destroy_object+0x65/0x170 [ 164.520054] iommufd_object_destroy_user+0x18e/0x220 [ 164.520448] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.521046] iommufd_access_destroy+0x43/0x70 [ 164.521406] iommufd_test_staccess_release+0x8d/0xd0 [ 164.521820] __fput+0x26d/0xa40 [ 164.522095] ____fput+0x1e/0x30 [ 164.522360] task_work_run+0x1a4/0x2d0 [ 164.522749] ? __pfx_task_work_run+0x10/0x10 [ 164.523204] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.523585] ? switch_task_namespaces+0xa9/0xe0 [ 164.523955] do_exit+0xb17/0x2ef0 [ 164.524237] ? lock_acquire+0x427/0x4c0 [ 164.524561] ? __pfx_lock_release+0x10/0x10 [ 164.525006] ? __kasan_check_write+0x18/0x20 [ 164.525365] ? do_raw_spin_lock+0x132/0x2a0 [ 164.525701] ? __pfx_do_exit+0x10/0x10 [ 164.526009] ? debug_smp_processor_id+0x20/0x30 [ 164.526538] ? rcu_is_watching+0x19/0xb0 [ 164.526865] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.527247] ? trace_hardirqs_on+0x26/0x120 [ 164.527605] do_group_exit+0xe0/0x2b0 [ 164.527909] __x64_sys_exit_group+0x47/0x50 [ 164.528280] do_syscall_64+0x3b/0x90 [ 164.528716] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.529133] RIP: 0033:0x7f4b87518a4d [ 164.529432] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.529993] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.530724] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.531308] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.531936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.532585] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.533177] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.533891] [ 164.534088] irq event stamp: 0 [ 164.534341] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.534864] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.535610] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.536377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.536878] ---[ end trace 0000000000000000 ]--- [ 164.537715] ------------[ cut here ]------------ [ 164.538091] WARNING: CPU: 0 PID: 1551 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.539001] Modules linked in: [ 164.539376] CPU: 0 PID: 1551 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.540075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.541131] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.541563] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.543181] RSP: 0018:ffff888016117b78 EFLAGS: 00010246 [ 164.543612] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.544176] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 164.544884] RBP: ffff888016117b98 R08: ffffed1004890a3e R09: ffffed1004890a3e [ 164.545445] R10: ffff8880244851ef R11: ffffed1004890a3d R12: ffff888024485290 [ 164.546045] R13: ffff8880244850a8 R14: ffffffffffffffff R15: ffff888016117c60 [ 164.546738] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.547388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.547861] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.548638] PKRU: 55555554 [ 164.548869] Call Trace: [ 164.549100] [ 164.549283] iommufd_ioas_destroy+0x53/0x70 [ 164.549663] iommufd_fops_release+0x1f7/0x370 [ 164.550122] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.550566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.550959] ? write_comp_data+0x2f/0x90 [ 164.551312] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.551845] __fput+0x26d/0xa40 [ 164.552127] ____fput+0x1e/0x30 [ 164.552412] task_work_run+0x1a4/0x2d0 [ 164.552733] ? __pfx_task_work_run+0x10/0x10 [ 164.553092] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.553631] ? switch_task_namespaces+0xa9/0xe0 [ 164.554015] do_exit+0xb17/0x2ef0 [ 164.554289] ? lock_acquire+0x427/0x4c0 [ 164.554659] ? __pfx_lock_release+0x10/0x10 [ 164.555021] ? __kasan_check_write+0x18/0x20 [ 164.555456] ? do_raw_spin_lock+0x132/0x2a0 [ 164.555934] ? __pfx_do_exit+0x10/0x10 [ 164.556275] ? debug_smp_processor_id+0x20/0x30 [ 164.556652] ? rcu_is_watching+0x19/0xb0 [ 164.557001] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.557484] ? trace_hardirqs_on+0x26/0x120 [ 164.557853] do_group_exit+0xe0/0x2b0 [ 164.558177] __x64_sys_exit_group+0x47/0x50 [ 164.558569] do_syscall_64+0x3b/0x90 [ 164.558885] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.559488] RIP: 0033:0x7f4b87518a4d [ 164.559791] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.560292] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.560954] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.561665] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.562242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.563028] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.563649] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.564241] [ 164.564437] irq event stamp: 0 [ 164.564757] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.565365] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.566071] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.566968] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.567489] ---[ end trace 0000000000000000 ]--- [ 164.571570] ------------[ cut here ]------------ [ 164.572070] WARNING: CPU: 0 PID: 1552 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.573024] Modules linked in: [ 164.573301] CPU: 0 PID: 1552 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.574180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.575171] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.575608] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.577222] RSP: 0018:ffff888013577bb8 EFLAGS: 00010246 [ 164.577674] RAX: 0000000000000000 RBX: ffff88801609a0a8 RCX: 0000000000000000 [ 164.578258] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 164.578882] RBP: ffff888013577bd0 R08: ffffed1002c13433 R09: ffffed1002c13433 [ 164.579478] R10: ffff88801609a193 R11: ffffed1002c13432 R12: ffff888014393400 [ 164.580066] R13: ffff88801609a1e8 R14: ffffffff8352e670 R15: ffff888013577e68 [ 164.580644] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.581308] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.581791] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 164.582392] PKRU: 55555554 [ 164.582648] Call Trace: [ 164.582859] [ 164.583057] __iommufd_access_detach+0x1c2/0x2b0 [ 164.583467] iommufd_access_change_pt+0x149/0x270 [ 164.583866] iommufd_access_replace+0xb4/0x120 [ 164.584254] iommufd_test+0x3e5/0x37e0 [ 164.584574] ? lock_release+0x532/0x770 [ 164.584905] ? __might_fault+0x102/0x1b0 [ 164.585259] ? lock_acquire+0x427/0x4c0 [ 164.585591] ? __pfx_iommufd_test+0x10/0x10 [ 164.585937] ? __pfx_lock_release+0x10/0x10 [ 164.586303] ? __pfx_lock_acquire+0x10/0x10 [ 164.586690] ? write_comp_data+0x2f/0x90 [ 164.587038] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.587474] ? write_comp_data+0x2f/0x90 [ 164.587817] iommufd_fops_ioctl+0x37d/0x510 [ 164.588177] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.588589] ? write_comp_data+0x2f/0x90 [ 164.588930] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.589327] __x64_sys_ioctl+0x1a3/0x230 [ 164.589687] do_syscall_64+0x3b/0x90 [ 164.590008] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.590443] RIP: 0033:0x7f4b8743ee5d [ 164.590791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.592297] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.592938] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.593537] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.594131] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.594753] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.595366] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.595970] [ 164.596178] irq event stamp: 0 [ 164.596437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.596967] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.597649] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.598342] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.598885] ---[ end trace 0000000000000000 ]--- [ 164.602352] ------------[ cut here ]------------ [ 164.602785] WARNING: CPU: 0 PID: 1552 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.603642] Modules linked in: [ 164.603977] CPU: 0 PID: 1552 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.604831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.605953] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.606364] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.608101] RSP: 0018:ffff888013577bd0 EFLAGS: 00010246 [ 164.608543] RAX: 0000000000000000 RBX: ffff88801609a0a8 RCX: 0000000000000000 [ 164.609141] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 164.609930] RBP: ffff888013577be8 R08: ffffed1002c13433 R09: ffffed1002c13433 [ 164.610543] R10: ffff88801609a193 R11: ffffed1002c13432 R12: ffff888010f04800 [ 164.611156] R13: ffff88801609a1e8 R14: ffff888010fd7d00 R15: 0000000000000000 [ 164.611924] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.612597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.613156] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.613858] PKRU: 55555554 [ 164.614095] Call Trace: [ 164.614318] [ 164.614532] iommufd_access_destroy_object+0x65/0x170 [ 164.614976] iommufd_object_destroy_user+0x18e/0x220 [ 164.615593] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.616085] iommufd_access_destroy+0x43/0x70 [ 164.616480] iommufd_test_staccess_release+0x8d/0xd0 [ 164.616934] __fput+0x26d/0xa40 [ 164.617374] ____fput+0x1e/0x30 [ 164.617666] task_work_run+0x1a4/0x2d0 [ 164.617994] ? __pfx_task_work_run+0x10/0x10 [ 164.618363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.618882] ? switch_task_namespaces+0xa9/0xe0 [ 164.619398] do_exit+0xb17/0x2ef0 [ 164.619750] ? lock_acquire+0x427/0x4c0 [ 164.620162] ? __pfx_lock_release+0x10/0x10 [ 164.620539] ? __kasan_check_write+0x18/0x20 [ 164.620979] ? do_raw_spin_lock+0x132/0x2a0 [ 164.621435] ? __pfx_do_exit+0x10/0x10 [ 164.621770] ? debug_smp_processor_id+0x20/0x30 [ 164.622161] ? rcu_is_watching+0x19/0xb0 [ 164.622577] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.623059] ? trace_hardirqs_on+0x26/0x120 [ 164.623456] do_group_exit+0xe0/0x2b0 [ 164.623791] __x64_sys_exit_group+0x47/0x50 [ 164.624166] do_syscall_64+0x3b/0x90 [ 164.624493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.625013] RIP: 0033:0x7f4b87518a4d [ 164.625450] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.625982] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.626686] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.627445] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.628067] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.628771] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.629528] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.630160] [ 164.630433] irq event stamp: 0 [ 164.630864] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.631430] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.632166] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.632895] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.633446] ---[ end trace 0000000000000000 ]--- [ 164.634251] ------------[ cut here ]------------ [ 164.634826] WARNING: CPU: 0 PID: 1552 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.635733] Modules linked in: [ 164.636023] CPU: 0 PID: 1552 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.636781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.637763] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.638215] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.639876] RSP: 0018:ffff888013577b78 EFLAGS: 00010246 [ 164.640353] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.640969] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 164.641588] RBP: ffff888013577b98 R08: ffffed1002c1343e R09: ffffed1002c1343e [ 164.642203] R10: ffff88801609a1ef R11: ffffed1002c1343d R12: ffff88801609a290 [ 164.642835] R13: ffff88801609a0a8 R14: ffffffffffffffff R15: ffff888013577c60 [ 164.643462] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.644162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.644665] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.645289] PKRU: 55555554 [ 164.645544] Call Trace: [ 164.645770] [ 164.645973] iommufd_ioas_destroy+0x53/0x70 [ 164.646368] iommufd_fops_release+0x1f7/0x370 [ 164.646798] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.647264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.647708] ? write_comp_data+0x2f/0x90 [ 164.648086] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.648545] __fput+0x26d/0xa40 [ 164.648860] ____fput+0x1e/0x30 [ 164.649167] task_work_run+0x1a4/0x2d0 [ 164.649529] ? __pfx_task_work_run+0x10/0x10 [ 164.649935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.650375] ? switch_task_namespaces+0xa9/0xe0 [ 164.650838] do_exit+0xb17/0x2ef0 [ 164.651179] ? lock_acquire+0x427/0x4c0 [ 164.651542] ? __pfx_lock_release+0x10/0x10 [ 164.651933] ? __kasan_check_write+0x18/0x20 [ 164.652331] ? do_raw_spin_lock+0x132/0x2a0 [ 164.652723] ? __pfx_do_exit+0x10/0x10 [ 164.653080] ? debug_smp_processor_id+0x20/0x30 [ 164.653492] ? rcu_is_watching+0x19/0xb0 [ 164.653853] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.654263] ? trace_hardirqs_on+0x26/0x120 [ 164.654681] do_group_exit+0xe0/0x2b0 [ 164.655029] __x64_sys_exit_group+0x47/0x50 [ 164.655423] do_syscall_64+0x3b/0x90 [ 164.655766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.656234] RIP: 0033:0x7f4b87518a4d [ 164.656568] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.657107] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.657779] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.658403] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.659052] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.659699] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.660329] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.660966] [ 164.661177] irq event stamp: 0 [ 164.661459] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.662022] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.662792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.663548] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.664107] ---[ end trace 0000000000000000 ]--- [ 164.670254] ------------[ cut here ]------------ [ 164.670930] WARNING: CPU: 0 PID: 1553 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.672045] Modules linked in: [ 164.672337] CPU: 0 PID: 1553 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.673103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.674283] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.674766] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.676584] RSP: 0018:ffff888010887bb8 EFLAGS: 00010246 [ 164.677086] RAX: 0000000000000000 RBX: ffff888021a380a8 RCX: 0000000000000000 [ 164.677869] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 164.678500] RBP: ffff888010887bd0 R08: ffffed1004347033 R09: ffffed1004347033 [ 164.679416] R10: ffff888021a38193 R11: ffffed1004347032 R12: ffff88800b9b7c00 [ 164.680102] R13: ffff888021a381e8 R14: ffffffff8352e670 R15: ffff888010887e68 [ 164.680783] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.681765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.682322] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 164.683017] PKRU: 55555554 [ 164.683399] Call Trace: [ 164.683753] [ 164.683975] __iommufd_access_detach+0x1c2/0x2b0 [ 164.684447] iommufd_access_change_pt+0x149/0x270 [ 164.684919] iommufd_access_replace+0xb4/0x120 [ 164.685365] iommufd_test+0x3e5/0x37e0 [ 164.685735] ? lock_release+0x532/0x770 [ 164.686122] ? __might_fault+0x102/0x1b0 [ 164.686543] ? lock_acquire+0x427/0x4c0 [ 164.686930] ? __pfx_iommufd_test+0x10/0x10 [ 164.687355] ? __pfx_lock_release+0x10/0x10 [ 164.687773] ? __pfx_lock_acquire+0x10/0x10 [ 164.688184] ? write_comp_data+0x2f/0x90 [ 164.688587] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.689056] ? write_comp_data+0x2f/0x90 [ 164.689453] iommufd_fops_ioctl+0x37d/0x510 [ 164.689864] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.690322] ? write_comp_data+0x2f/0x90 [ 164.690746] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.691224] __x64_sys_ioctl+0x1a3/0x230 [ 164.691633] do_syscall_64+0x3b/0x90 [ 164.692002] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.692503] RIP: 0033:0x7f4b8743ee5d [ 164.692866] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.694627] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.695381] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.696073] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.696761] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.697455] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.698129] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.698855] [ 164.699090] irq event stamp: 0 [ 164.699417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.700024] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.700824] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.701623] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.702230] ---[ end trace 0000000000000000 ]--- [ 164.705392] ------------[ cut here ]------------ [ 164.705882] WARNING: CPU: 0 PID: 1553 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.706904] Modules linked in: [ 164.707234] CPU: 0 PID: 1553 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.708063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.709139] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.709623] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.711420] RSP: 0018:ffff888010887bd0 EFLAGS: 00010246 [ 164.711940] RAX: 0000000000000000 RBX: ffff888021a380a8 RCX: 0000000000000000 [ 164.712615] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 164.713290] RBP: ffff888010887be8 R08: ffffed1004347033 R09: ffffed1004347033 [ 164.713971] R10: ffff888021a38193 R11: ffffed1004347032 R12: ffff888014391400 [ 164.714672] R13: ffff888021a381e8 R14: ffff888013d63000 R15: 0000000000000000 [ 164.715361] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.716120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.716674] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.717349] PKRU: 55555554 [ 164.717617] Call Trace: [ 164.717862] [ 164.718078] iommufd_access_destroy_object+0x65/0x170 [ 164.718596] iommufd_object_destroy_user+0x18e/0x220 [ 164.719089] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.719677] iommufd_access_destroy+0x43/0x70 [ 164.720117] iommufd_test_staccess_release+0x8d/0xd0 [ 164.720618] __fput+0x26d/0xa40 [ 164.720966] ____fput+0x1e/0x30 [ 164.721294] task_work_run+0x1a4/0x2d0 [ 164.721676] ? __pfx_task_work_run+0x10/0x10 [ 164.722106] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.722612] ? switch_task_namespaces+0xa9/0xe0 [ 164.723074] do_exit+0xb17/0x2ef0 [ 164.723428] ? lock_acquire+0x427/0x4c0 [ 164.723816] ? __pfx_lock_release+0x10/0x10 [ 164.724237] ? __kasan_check_write+0x18/0x20 [ 164.724672] ? do_raw_spin_lock+0x132/0x2a0 [ 164.725094] ? __pfx_do_exit+0x10/0x10 [ 164.725480] ? debug_smp_processor_id+0x20/0x30 [ 164.725937] ? rcu_is_watching+0x19/0xb0 [ 164.726331] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.726806] ? trace_hardirqs_on+0x26/0x120 [ 164.727264] do_group_exit+0xe0/0x2b0 [ 164.727645] __x64_sys_exit_group+0x47/0x50 [ 164.728056] do_syscall_64+0x3b/0x90 [ 164.728422] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.728925] RIP: 0033:0x7f4b87518a4d [ 164.729281] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.729863] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.730617] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.731312] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.731989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.732668] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.733361] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.734041] [ 164.734267] irq event stamp: 0 [ 164.734603] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.735234] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.736035] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.736850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.737460] ---[ end trace 0000000000000000 ]--- [ 164.738281] ------------[ cut here ]------------ [ 164.738800] WARNING: CPU: 0 PID: 1553 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.739792] Modules linked in: [ 164.740103] CPU: 0 PID: 1553 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.740935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.742017] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.742568] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.744342] RSP: 0018:ffff888010887b78 EFLAGS: 00010246 [ 164.744859] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.745535] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 164.746215] RBP: ffff888010887b98 R08: ffffed100434703e R09: ffffed100434703e [ 164.746941] R10: ffff888021a381ef R11: ffffed100434703d R12: ffff888021a38290 [ 164.747641] R13: ffff888021a380a8 R14: ffffffffffffffff R15: ffff888010887c60 [ 164.748318] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.749177] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.750030] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.750768] PKRU: 55555554 [ 164.751045] Call Trace: [ 164.751314] [ 164.751534] iommufd_ioas_destroy+0x53/0x70 [ 164.751958] iommufd_fops_release+0x1f7/0x370 [ 164.752396] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.752888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.753416] ? write_comp_data+0x2f/0x90 [ 164.754015] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.754554] __fput+0x26d/0xa40 [ 164.754897] ____fput+0x1e/0x30 [ 164.755245] task_work_run+0x1a4/0x2d0 [ 164.755628] ? __pfx_task_work_run+0x10/0x10 [ 164.756052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.756522] ? switch_task_namespaces+0xa9/0xe0 [ 164.756978] do_exit+0xb17/0x2ef0 [ 164.757318] ? lock_acquire+0x427/0x4c0 [ 164.757805] ? __pfx_lock_release+0x10/0x10 [ 164.758342] ? __kasan_check_write+0x18/0x20 [ 164.758942] ? do_raw_spin_lock+0x132/0x2a0 [ 164.759371] ? __pfx_do_exit+0x10/0x10 [ 164.759784] ? debug_smp_processor_id+0x20/0x30 [ 164.760268] ? rcu_is_watching+0x19/0xb0 [ 164.760681] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.761151] ? trace_hardirqs_on+0x26/0x120 [ 164.761604] do_group_exit+0xe0/0x2b0 [ 164.762007] __x64_sys_exit_group+0x47/0x50 [ 164.762587] do_syscall_64+0x3b/0x90 [ 164.763230] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.763769] RIP: 0033:0x7f4b87518a4d [ 164.764151] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.764788] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.765578] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.766312] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.767198] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.768097] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.768830] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.769574] [ 164.769813] irq event stamp: 0 [ 164.770140] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.770831] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.771756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.772878] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.773740] ---[ end trace 0000000000000000 ]--- [ 164.778878] ------------[ cut here ]------------ [ 164.779427] WARNING: CPU: 0 PID: 1554 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.780493] Modules linked in: [ 164.780823] CPU: 0 PID: 1554 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.781995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.783521] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.784048] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.785940] RSP: 0018:ffff888018177bb8 EFLAGS: 00010246 [ 164.786501] RAX: 0000000000000000 RBX: ffff888017a440a8 RCX: 0000000000000000 [ 164.787295] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 164.788036] RBP: ffff888018177bd0 R08: ffffed1002f48833 R09: ffffed1002f48833 [ 164.788774] R10: ffff888017a44193 R11: ffffed1002f48832 R12: ffff88800ae90400 [ 164.789518] R13: ffff888017a441e8 R14: ffffffff8352e670 R15: ffff888018177e68 [ 164.790258] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.791130] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.791728] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 164.792462] PKRU: 55555554 [ 164.792757] Call Trace: [ 164.793021] [ 164.793254] __iommufd_access_detach+0x1c2/0x2b0 [ 164.793754] iommufd_access_change_pt+0x149/0x270 [ 164.794262] iommufd_access_replace+0xb4/0x120 [ 164.794778] iommufd_test+0x3e5/0x37e0 [ 164.795192] ? lock_release+0x532/0x770 [ 164.795615] ? __might_fault+0x102/0x1b0 [ 164.796041] ? lock_acquire+0x427/0x4c0 [ 164.796461] ? __pfx_iommufd_test+0x10/0x10 [ 164.796915] ? __pfx_lock_release+0x10/0x10 [ 164.797372] ? __pfx_lock_acquire+0x10/0x10 [ 164.797837] ? write_comp_data+0x2f/0x90 [ 164.798269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.798799] ? write_comp_data+0x2f/0x90 [ 164.799240] iommufd_fops_ioctl+0x37d/0x510 [ 164.799693] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.800207] ? write_comp_data+0x2f/0x90 [ 164.800642] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.801151] __x64_sys_ioctl+0x1a3/0x230 [ 164.801582] do_syscall_64+0x3b/0x90 [ 164.801977] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.802564] RIP: 0033:0x7f4b8743ee5d [ 164.802956] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.804841] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.805632] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.806376] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.807170] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.807913] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.808650] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.809402] [ 164.809644] irq event stamp: 0 [ 164.809973] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.810665] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.811545] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.812410] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.813064] ---[ end trace 0000000000000000 ]--- [ 164.816794] ------------[ cut here ]------------ [ 164.817329] WARNING: CPU: 0 PID: 1554 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.818598] Modules linked in: [ 164.819155] CPU: 0 PID: 1554 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.820059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.821218] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.821742] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.824152] RSP: 0018:ffff888018177bd0 EFLAGS: 00010246 [ 164.824729] RAX: 0000000000000000 RBX: ffff888017a440a8 RCX: 0000000000000000 [ 164.825470] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 164.826205] RBP: ffff888018177be8 R08: ffffed1002f48833 R09: ffffed1002f48833 [ 164.826989] R10: ffff888017a44193 R11: ffffed1002f48832 R12: ffff88800b9b6800 [ 164.827739] R13: ffff888017a441e8 R14: ffff888012fb5a00 R15: 0000000000000000 [ 164.828476] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.829315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.829916] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.830689] PKRU: 55555554 [ 164.830987] Call Trace: [ 164.831278] [ 164.831524] iommufd_access_destroy_object+0x65/0x170 [ 164.832077] iommufd_object_destroy_user+0x18e/0x220 [ 164.832604] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.833207] iommufd_access_destroy+0x43/0x70 [ 164.833686] iommufd_test_staccess_release+0x8d/0xd0 [ 164.834220] __fput+0x26d/0xa40 [ 164.834627] ____fput+0x1e/0x30 [ 164.834985] task_work_run+0x1a4/0x2d0 [ 164.835428] ? __pfx_task_work_run+0x10/0x10 [ 164.835898] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.836424] ? switch_task_namespaces+0xa9/0xe0 [ 164.836937] do_exit+0xb17/0x2ef0 [ 164.837313] ? lock_acquire+0x427/0x4c0 [ 164.837744] ? __pfx_lock_release+0x10/0x10 [ 164.838204] ? __kasan_check_write+0x18/0x20 [ 164.838717] ? do_raw_spin_lock+0x132/0x2a0 [ 164.839192] ? __pfx_do_exit+0x10/0x10 [ 164.839614] ? debug_smp_processor_id+0x20/0x30 [ 164.840110] ? rcu_is_watching+0x19/0xb0 [ 164.840532] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.841014] ? trace_hardirqs_on+0x26/0x120 [ 164.841479] do_group_exit+0xe0/0x2b0 [ 164.841889] __x64_sys_exit_group+0x47/0x50 [ 164.842347] do_syscall_64+0x3b/0x90 [ 164.842801] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.843379] RIP: 0033:0x7f4b87518a4d [ 164.843779] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.844424] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.845226] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.845979] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.846765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.847546] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.848290] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.849043] [ 164.849288] irq event stamp: 0 [ 164.849618] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.850281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.851200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.852074] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.852728] ---[ end trace 0000000000000000 ]--- [ 164.853730] ------------[ cut here ]------------ [ 164.854421] WARNING: CPU: 0 PID: 1554 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.855790] Modules linked in: [ 164.856145] CPU: 0 PID: 1554 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.857064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.858248] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.858860] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.861417] RSP: 0018:ffff888018177b78 EFLAGS: 00010246 [ 164.861978] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.862761] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 164.863519] RBP: ffff888018177b98 R08: ffffed1002f4883e R09: ffffed1002f4883e [ 164.864269] R10: ffff888017a441ef R11: ffffed1002f4883d R12: ffff888017a44290 [ 164.865140] R13: ffff888017a440a8 R14: ffffffffffffffff R15: ffff888018177c60 [ 164.866278] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.867192] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.867803] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.868547] PKRU: 55555554 [ 164.868843] Call Trace: [ 164.869109] [ 164.869348] iommufd_ioas_destroy+0x53/0x70 [ 164.869879] iommufd_fops_release+0x1f7/0x370 [ 164.870589] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.871306] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.871828] ? write_comp_data+0x2f/0x90 [ 164.872269] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.872793] __fput+0x26d/0xa40 [ 164.873158] ____fput+0x1e/0x30 [ 164.873516] task_work_run+0x1a4/0x2d0 [ 164.873984] ? __pfx_task_work_run+0x10/0x10 [ 164.874601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.875360] ? switch_task_namespaces+0xa9/0xe0 [ 164.875864] do_exit+0xb17/0x2ef0 [ 164.876234] ? lock_acquire+0x427/0x4c0 [ 164.876663] ? __pfx_lock_release+0x10/0x10 [ 164.877124] ? __kasan_check_write+0x18/0x20 [ 164.877597] ? do_raw_spin_lock+0x132/0x2a0 [ 164.878053] ? __pfx_do_exit+0x10/0x10 [ 164.878472] ? debug_smp_processor_id+0x20/0x30 [ 164.879096] ? rcu_is_watching+0x19/0xb0 [ 164.879721] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.880207] ? trace_hardirqs_on+0x26/0x120 [ 164.880668] do_group_exit+0xe0/0x2b0 [ 164.881069] __x64_sys_exit_group+0x47/0x50 [ 164.881517] do_syscall_64+0x3b/0x90 [ 164.881921] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.882470] RIP: 0033:0x7f4b87518a4d [ 164.882902] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.883718] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.884846] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.885596] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.886356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.887139] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.887962] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.889060] [ 164.889311] irq event stamp: 0 [ 164.889645] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.890302] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.891228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.892256] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.893139] ---[ end trace 0000000000000000 ]--- [ 164.899307] ------------[ cut here ]------------ [ 164.899832] WARNING: CPU: 0 PID: 1555 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.900862] Modules linked in: [ 164.901276] CPU: 0 PID: 1555 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.902491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.903703] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.904219] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.906410] RSP: 0018:ffff88801622fbb8 EFLAGS: 00010246 [ 164.907182] RAX: 0000000000000000 RBX: ffff88802464f0a8 RCX: 0000000000000000 [ 164.907966] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 164.908727] RBP: ffff88801622fbd0 R08: ffffed10048c9e33 R09: ffffed10048c9e33 [ 164.909633] R10: ffff88802464f193 R11: ffffed10048c9e32 R12: ffff88801890cc00 [ 164.910566] R13: ffff88802464f1e8 R14: ffffffff8352e670 R15: ffff88801622fe68 [ 164.911348] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.912432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.913032] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 164.913790] PKRU: 55555554 [ 164.914078] Call Trace: [ 164.914349] [ 164.914629] __iommufd_access_detach+0x1c2/0x2b0 [ 164.915145] iommufd_access_change_pt+0x149/0x270 [ 164.915683] iommufd_access_replace+0xb4/0x120 [ 164.916165] iommufd_test+0x3e5/0x37e0 [ 164.916579] ? lock_release+0x532/0x770 [ 164.917009] ? __might_fault+0x102/0x1b0 [ 164.917432] ? lock_acquire+0x427/0x4c0 [ 164.917870] ? __pfx_iommufd_test+0x10/0x10 [ 164.918312] ? __pfx_lock_release+0x10/0x10 [ 164.918813] ? __pfx_lock_acquire+0x10/0x10 [ 164.919304] ? write_comp_data+0x2f/0x90 [ 164.919751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.920269] ? write_comp_data+0x2f/0x90 [ 164.920707] iommufd_fops_ioctl+0x37d/0x510 [ 164.921186] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.921694] ? write_comp_data+0x2f/0x90 [ 164.922144] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 164.922674] __x64_sys_ioctl+0x1a3/0x230 [ 164.923130] do_syscall_64+0x3b/0x90 [ 164.923553] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.924114] RIP: 0033:0x7f4b8743ee5d [ 164.924523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 164.926453] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 164.927319] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 164.928069] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 164.928778] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 164.929460] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 164.930133] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 164.930863] [ 164.931086] irq event stamp: 0 [ 164.931396] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.932021] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.932828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.933635] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.934273] ---[ end trace 0000000000000000 ]--- [ 164.937757] ------------[ cut here ]------------ [ 164.938254] WARNING: CPU: 0 PID: 1555 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 164.939443] Modules linked in: [ 164.939912] CPU: 0 PID: 1555 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.940768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.941867] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 164.942365] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 164.944535] RSP: 0018:ffff88801622fbd0 EFLAGS: 00010246 [ 164.945056] RAX: 0000000000000000 RBX: ffff88802464f0a8 RCX: 0000000000000000 [ 164.945733] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 164.946394] RBP: ffff88801622fbe8 R08: ffffed10048c9e33 R09: ffffed10048c9e33 [ 164.947209] R10: ffff88802464f193 R11: ffffed10048c9e32 R12: ffff88800ae90800 [ 164.948052] R13: ffff88802464f1e8 R14: ffff8880104d9600 R15: 0000000000000000 [ 164.948716] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.949491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.950056] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.950823] PKRU: 55555554 [ 164.951319] Call Trace: [ 164.951561] [ 164.951769] iommufd_access_destroy_object+0x65/0x170 [ 164.952279] iommufd_object_destroy_user+0x18e/0x220 [ 164.952756] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 164.953323] iommufd_access_destroy+0x43/0x70 [ 164.953757] iommufd_test_staccess_release+0x8d/0xd0 [ 164.954257] __fput+0x26d/0xa40 [ 164.954696] ____fput+0x1e/0x30 [ 164.955205] task_work_run+0x1a4/0x2d0 [ 164.955602] ? __pfx_task_work_run+0x10/0x10 [ 164.956041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.956532] ? switch_task_namespaces+0xa9/0xe0 [ 164.957007] do_exit+0xb17/0x2ef0 [ 164.957366] ? lock_acquire+0x427/0x4c0 [ 164.958006] ? __pfx_lock_release+0x10/0x10 [ 164.958469] ? __kasan_check_write+0x18/0x20 [ 164.958943] ? do_raw_spin_lock+0x132/0x2a0 [ 164.959380] ? __pfx_do_exit+0x10/0x10 [ 164.959813] ? debug_smp_processor_id+0x20/0x30 [ 164.960460] ? rcu_is_watching+0x19/0xb0 [ 164.960868] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.961318] ? trace_hardirqs_on+0x26/0x120 [ 164.961804] do_group_exit+0xe0/0x2b0 [ 164.962341] __x64_sys_exit_group+0x47/0x50 [ 164.962810] do_syscall_64+0x3b/0x90 [ 164.963202] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.963722] RIP: 0033:0x7f4b87518a4d [ 164.964155] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 164.964890] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 164.965627] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 164.966541] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 164.967248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 164.967930] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 164.968732] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 164.969588] [ 164.969821] irq event stamp: 0 [ 164.970114] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 164.971004] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 164.971837] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 164.972652] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 164.973513] ---[ end trace 0000000000000000 ]--- [ 164.974343] ------------[ cut here ]------------ [ 164.974906] WARNING: CPU: 0 PID: 1555 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 164.976066] Modules linked in: [ 164.976371] CPU: 0 PID: 1555 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 164.977299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 164.978497] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 164.979026] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 164.981003] RSP: 0018:ffff88801622fb78 EFLAGS: 00010246 [ 164.981694] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 164.982367] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 164.983080] RBP: ffff88801622fb98 R08: ffffed10048c9e3e R09: ffffed10048c9e3e [ 164.983917] R10: ffff88802464f1ef R11: ffffed10048c9e3d R12: ffff88802464f290 [ 164.984592] R13: ffff88802464f0a8 R14: ffffffffffffffff R15: ffff88801622fc60 [ 164.985504] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 164.986266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.986841] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 164.987726] PKRU: 55555554 [ 164.988002] Call Trace: [ 164.988252] [ 164.988461] iommufd_ioas_destroy+0x53/0x70 [ 164.988878] iommufd_fops_release+0x1f7/0x370 [ 164.989323] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.989781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.990250] ? write_comp_data+0x2f/0x90 [ 164.990663] ? __pfx_iommufd_fops_release+0x10/0x10 [ 164.991151] __fput+0x26d/0xa40 [ 164.991483] ____fput+0x1e/0x30 [ 164.991806] task_work_run+0x1a4/0x2d0 [ 164.992191] ? __pfx_task_work_run+0x10/0x10 [ 164.992623] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 164.993091] ? switch_task_namespaces+0xa9/0xe0 [ 164.993547] do_exit+0xb17/0x2ef0 [ 164.993872] ? lock_acquire+0x427/0x4c0 [ 164.994259] ? __pfx_lock_release+0x10/0x10 [ 164.994711] ? __kasan_check_write+0x18/0x20 [ 164.995131] ? do_raw_spin_lock+0x132/0x2a0 [ 164.995540] ? __pfx_do_exit+0x10/0x10 [ 164.995914] ? debug_smp_processor_id+0x20/0x30 [ 164.996356] ? rcu_is_watching+0x19/0xb0 [ 164.996741] ? _raw_spin_unlock_irq+0x2b/0x60 [ 164.997167] ? trace_hardirqs_on+0x26/0x120 [ 164.997582] do_group_exit+0xe0/0x2b0 [ 164.997952] __x64_sys_exit_group+0x47/0x50 [ 164.998356] do_syscall_64+0x3b/0x90 [ 164.998744] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 164.999232] RIP: 0033:0x7f4b87518a4d [ 164.999564] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.000107] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.000777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.001402] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.002023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.002668] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.003352] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.004248] [ 165.004463] irq event stamp: 0 [ 165.004743] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.005304] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.006199] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.006955] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.007527] ---[ end trace 0000000000000000 ]--- [ 165.012040] ------------[ cut here ]------------ [ 165.012495] WARNING: CPU: 0 PID: 1556 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.013421] Modules linked in: [ 165.013798] CPU: 0 PID: 1556 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.014744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.015787] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.016352] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.018066] RSP: 0018:ffff888016c57bb8 EFLAGS: 00010246 [ 165.018585] RAX: 0000000000000000 RBX: ffff888014aeb8a8 RCX: 0000000000000000 [ 165.019230] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 165.019881] RBP: ffff888016c57bd0 R08: ffffed100295d733 R09: ffffed100295d733 [ 165.020523] R10: ffff888014aeb993 R11: ffffed100295d732 R12: ffff888020fee400 [ 165.021173] R13: ffff888014aeb9e8 R14: ffffffff8352e670 R15: ffff888016c57e68 [ 165.021790] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 165.022538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.023083] CR2: 00007f4b877410e8 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 165.023748] PKRU: 55555554 [ 165.024011] Call Trace: [ 165.024245] [ 165.024457] __iommufd_access_detach+0x1c2/0x2b0 [ 165.024892] iommufd_access_change_pt+0x149/0x270 [ 165.025339] iommufd_access_replace+0xb4/0x120 [ 165.025757] iommufd_test+0x3e5/0x37e0 [ 165.026103] ? lock_release+0x532/0x770 [ 165.026479] ? __might_fault+0x102/0x1b0 [ 165.026883] ? lock_acquire+0x427/0x4c0 [ 165.027268] ? __pfx_iommufd_test+0x10/0x10 [ 165.027661] ? __pfx_lock_release+0x10/0x10 [ 165.028053] ? __pfx_lock_acquire+0x10/0x10 [ 165.028481] ? write_comp_data+0x2f/0x90 [ 165.028849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.029283] ? write_comp_data+0x2f/0x90 [ 165.029678] iommufd_fops_ioctl+0x37d/0x510 [ 165.030063] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.030534] ? write_comp_data+0x2f/0x90 [ 165.030918] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.031356] __x64_sys_ioctl+0x1a3/0x230 [ 165.031740] do_syscall_64+0x3b/0x90 [ 165.032083] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.032553] RIP: 0033:0x7f4b8743ee5d [ 165.032899] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.034534] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.035235] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.035866] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.036500] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.037147] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.037780] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.038430] [ 165.038657] irq event stamp: 0 [ 165.038945] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.039536] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.040267] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.040986] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.041524] ---[ end trace 0000000000000000 ]--- [ 165.045055] ------------[ cut here ]------------ [ 165.045527] WARNING: CPU: 1 PID: 1556 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.046398] Modules linked in: [ 165.046701] CPU: 1 PID: 1556 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.047453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.048364] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.048767] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.050240] RSP: 0018:ffff888016c57bd0 EFLAGS: 00010246 [ 165.050689] RAX: 0000000000000000 RBX: ffff888014aeb8a8 RCX: 0000000000000000 [ 165.051273] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 165.051853] RBP: ffff888016c57be8 R08: ffffed100295d733 R09: ffffed100295d733 [ 165.052428] R10: ffff888014aeb993 R11: ffffed100295d732 R12: ffff88801890c800 [ 165.053008] R13: ffff888014aeb9e8 R14: ffff888010d6d400 R15: 0000000000000000 [ 165.053583] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.054233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.054727] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.055324] PKRU: 55555554 [ 165.055558] Call Trace: [ 165.055768] [ 165.055957] iommufd_access_destroy_object+0x65/0x170 [ 165.056384] iommufd_object_destroy_user+0x18e/0x220 [ 165.056808] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.057292] iommufd_access_destroy+0x43/0x70 [ 165.057673] iommufd_test_staccess_release+0x8d/0xd0 [ 165.058096] __fput+0x26d/0xa40 [ 165.058384] ____fput+0x1e/0x30 [ 165.058693] task_work_run+0x1a4/0x2d0 [ 165.059027] ? __pfx_task_work_run+0x10/0x10 [ 165.059409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.059817] ? switch_task_namespaces+0xa9/0xe0 [ 165.060211] do_exit+0xb17/0x2ef0 [ 165.060500] ? lock_acquire+0x427/0x4c0 [ 165.060838] ? __pfx_lock_release+0x10/0x10 [ 165.061202] ? __kasan_check_write+0x18/0x20 [ 165.061571] ? do_raw_spin_lock+0x132/0x2a0 [ 165.061926] ? __pfx_do_exit+0x10/0x10 [ 165.062252] ? debug_smp_processor_id+0x20/0x30 [ 165.062663] ? rcu_is_watching+0x19/0xb0 [ 165.063002] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.063397] ? trace_hardirqs_on+0x26/0x120 [ 165.063764] do_group_exit+0xe0/0x2b0 [ 165.064081] __x64_sys_exit_group+0x47/0x50 [ 165.064436] do_syscall_64+0x3b/0x90 [ 165.064754] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.065184] RIP: 0033:0x7f4b87518a4d [ 165.065490] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.065994] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.066641] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.067236] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.067820] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.068398] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.068977] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.069565] [ 165.069760] irq event stamp: 0 [ 165.070016] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.070553] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.071253] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.071936] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.072456] ---[ end trace 0000000000000000 ]--- [ 165.073202] ------------[ cut here ]------------ [ 165.073591] WARNING: CPU: 1 PID: 1556 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.074422] Modules linked in: [ 165.074722] CPU: 1 PID: 1556 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.075460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.076374] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.076795] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.078278] RSP: 0018:ffff888016c57b78 EFLAGS: 00010246 [ 165.078737] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.079330] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 165.079915] RBP: ffff888016c57b98 R08: ffffed100295d73e R09: ffffed100295d73e [ 165.080493] R10: ffff888014aeb9ef R11: ffffed100295d73d R12: ffff888014aeba90 [ 165.081073] R13: ffff888014aeb8a8 R14: ffffffffffffffff R15: ffff888016c57c60 [ 165.081658] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.082314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.082811] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.083407] PKRU: 55555554 [ 165.083645] Call Trace: [ 165.083856] [ 165.084043] iommufd_ioas_destroy+0x53/0x70 [ 165.084406] iommufd_fops_release+0x1f7/0x370 [ 165.084789] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.085209] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.085623] ? write_comp_data+0x2f/0x90 [ 165.085965] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.086376] __fput+0x26d/0xa40 [ 165.086687] ____fput+0x1e/0x30 [ 165.086971] task_work_run+0x1a4/0x2d0 [ 165.087327] ? __pfx_task_work_run+0x10/0x10 [ 165.087697] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.088105] ? switch_task_namespaces+0xa9/0xe0 [ 165.088501] do_exit+0xb17/0x2ef0 [ 165.088791] ? lock_acquire+0x427/0x4c0 [ 165.089128] ? __pfx_lock_release+0x10/0x10 [ 165.089488] ? __kasan_check_write+0x18/0x20 [ 165.089855] ? do_raw_spin_lock+0x132/0x2a0 [ 165.090219] ? __pfx_do_exit+0x10/0x10 [ 165.090577] ? debug_smp_processor_id+0x20/0x30 [ 165.090975] ? rcu_is_watching+0x19/0xb0 [ 165.091326] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.091708] ? trace_hardirqs_on+0x26/0x120 [ 165.092070] do_group_exit+0xe0/0x2b0 [ 165.092385] __x64_sys_exit_group+0x47/0x50 [ 165.092740] do_syscall_64+0x3b/0x90 [ 165.093055] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.093484] RIP: 0033:0x7f4b87518a4d [ 165.093790] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.094290] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.094927] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.095524] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.096109] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.096693] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.097276] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.097865] [ 165.098059] irq event stamp: 0 [ 165.098324] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.098861] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.099560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.100244] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.100760] ---[ end trace 0000000000000000 ]--- [ 165.104812] ------------[ cut here ]------------ [ 165.105231] WARNING: CPU: 1 PID: 1557 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.106032] Modules linked in: [ 165.106286] CPU: 1 PID: 1557 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.107183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.108085] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.108478] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.109902] RSP: 0018:ffff888014627bb8 EFLAGS: 00010246 [ 165.110318] RAX: 0000000000000000 RBX: ffff888020e388a8 RCX: 0000000000000000 [ 165.110889] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 165.111460] RBP: ffff888014627bd0 R08: ffffed10041c7133 R09: ffffed10041c7133 [ 165.112029] R10: ffff888020e38993 R11: ffffed10041c7132 R12: ffff888013ed9400 [ 165.112589] R13: ffff888020e389e8 R14: ffffffff8352e670 R15: ffff888014627e68 [ 165.113152] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.113785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.114243] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 165.114825] PKRU: 55555554 [ 165.115053] Call Trace: [ 165.115267] [ 165.115449] __iommufd_access_detach+0x1c2/0x2b0 [ 165.115833] iommufd_access_change_pt+0x149/0x270 [ 165.116218] iommufd_access_replace+0xb4/0x120 [ 165.116586] iommufd_test+0x3e5/0x37e0 [ 165.116892] ? lock_release+0x532/0x770 [ 165.117217] ? __might_fault+0x102/0x1b0 [ 165.117539] ? lock_acquire+0x427/0x4c0 [ 165.117858] ? __pfx_iommufd_test+0x10/0x10 [ 165.118193] ? __pfx_lock_release+0x10/0x10 [ 165.118557] ? __pfx_lock_acquire+0x10/0x10 [ 165.118909] ? write_comp_data+0x2f/0x90 [ 165.119244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.119631] ? write_comp_data+0x2f/0x90 [ 165.119957] iommufd_fops_ioctl+0x37d/0x510 [ 165.120304] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.120689] ? write_comp_data+0x2f/0x90 [ 165.121015] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.121396] __x64_sys_ioctl+0x1a3/0x230 [ 165.121728] do_syscall_64+0x3b/0x90 [ 165.122029] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.122443] RIP: 0033:0x7f4b8743ee5d [ 165.122767] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.124196] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.124788] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.125338] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.125887] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.126438] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.127011] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.127591] [ 165.127777] irq event stamp: 0 [ 165.128022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.128511] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.129153] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.129801] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.130287] ---[ end trace 0000000000000000 ]--- [ 165.133044] ------------[ cut here ]------------ [ 165.133435] WARNING: CPU: 1 PID: 1557 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.134222] Modules linked in: [ 165.134474] CPU: 1 PID: 1557 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.135207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.136090] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.136478] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.137874] RSP: 0018:ffff888014627bd0 EFLAGS: 00010246 [ 165.138285] RAX: 0000000000000000 RBX: ffff888020e388a8 RCX: 0000000000000000 [ 165.138867] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 165.139430] RBP: ffff888014627be8 R08: ffffed10041c7133 R09: ffffed10041c7133 [ 165.139981] R10: ffff888020e38993 R11: ffffed10041c7132 R12: ffff888017b97c00 [ 165.140535] R13: ffff888020e389e8 R14: ffff88800f2e7e00 R15: 0000000000000000 [ 165.141084] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.141704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.142152] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.142723] PKRU: 55555554 [ 165.142945] Call Trace: [ 165.143155] [ 165.143332] iommufd_access_destroy_object+0x65/0x170 [ 165.143738] iommufd_object_destroy_user+0x18e/0x220 [ 165.144144] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.144600] iommufd_access_destroy+0x43/0x70 [ 165.144956] iommufd_test_staccess_release+0x8d/0xd0 [ 165.145359] __fput+0x26d/0xa40 [ 165.145634] ____fput+0x1e/0x30 [ 165.145902] task_work_run+0x1a4/0x2d0 [ 165.146217] ? __pfx_task_work_run+0x10/0x10 [ 165.146581] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.146974] ? switch_task_namespaces+0xa9/0xe0 [ 165.147362] do_exit+0xb17/0x2ef0 [ 165.147628] ? lock_acquire+0x427/0x4c0 [ 165.147946] ? __pfx_lock_release+0x10/0x10 [ 165.148288] ? __kasan_check_write+0x18/0x20 [ 165.148636] ? do_raw_spin_lock+0x132/0x2a0 [ 165.148979] ? __pfx_do_exit+0x10/0x10 [ 165.149294] ? debug_smp_processor_id+0x20/0x30 [ 165.149662] ? rcu_is_watching+0x19/0xb0 [ 165.149981] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.150343] ? trace_hardirqs_on+0x26/0x120 [ 165.150709] do_group_exit+0xe0/0x2b0 [ 165.151009] __x64_sys_exit_group+0x47/0x50 [ 165.151354] do_syscall_64+0x3b/0x90 [ 165.151653] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.152061] RIP: 0033:0x7f4b87518a4d [ 165.152356] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.152833] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.153421] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.153971] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.154539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.155089] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.155651] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.156209] [ 165.156388] irq event stamp: 0 [ 165.156634] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.157111] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.157744] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.158374] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.158879] ---[ end trace 0000000000000000 ]--- [ 165.159574] ------------[ cut here ]------------ [ 165.159930] WARNING: CPU: 1 PID: 1557 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.160694] Modules linked in: [ 165.160941] CPU: 1 PID: 1557 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.161602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.162448] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.162869] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.164250] RSP: 0018:ffff888014627b78 EFLAGS: 00010246 [ 165.164656] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.165197] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 165.165733] RBP: ffff888014627b98 R08: ffffed10041c713e R09: ffffed10041c713e [ 165.166283] R10: ffff888020e389ef R11: ffffed10041c713d R12: ffff888020e38a90 [ 165.167006] R13: ffff888020e388a8 R14: ffffffffffffffff R15: ffff888014627c60 [ 165.167554] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.168160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.168600] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.169139] PKRU: 55555554 [ 165.169357] Call Trace: [ 165.169554] [ 165.169725] iommufd_ioas_destroy+0x53/0x70 [ 165.170059] iommufd_fops_release+0x1f7/0x370 [ 165.170406] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.170810] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.171198] ? write_comp_data+0x2f/0x90 [ 165.171521] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.171902] __fput+0x26d/0xa40 [ 165.172169] ____fput+0x1e/0x30 [ 165.172430] task_work_run+0x1a4/0x2d0 [ 165.172735] ? __pfx_task_work_run+0x10/0x10 [ 165.173074] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.173448] ? switch_task_namespaces+0xa9/0xe0 [ 165.173812] do_exit+0xb17/0x2ef0 [ 165.174077] ? lock_acquire+0x427/0x4c0 [ 165.174387] ? __pfx_lock_release+0x10/0x10 [ 165.174737] ? __kasan_check_write+0x18/0x20 [ 165.175078] ? do_raw_spin_lock+0x132/0x2a0 [ 165.175417] ? __pfx_do_exit+0x10/0x10 [ 165.175724] ? debug_smp_processor_id+0x20/0x30 [ 165.176083] ? rcu_is_watching+0x19/0xb0 [ 165.176395] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.176748] ? trace_hardirqs_on+0x26/0x120 [ 165.177084] do_group_exit+0xe0/0x2b0 [ 165.177378] __x64_sys_exit_group+0x47/0x50 [ 165.177707] do_syscall_64+0x3b/0x90 [ 165.177998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.178402] RIP: 0033:0x7f4b87518a4d [ 165.178704] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.179182] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.179758] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.180295] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.180837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.181374] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.181916] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.182458] [ 165.182660] irq event stamp: 0 [ 165.182902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.183391] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.184030] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.184660] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.185136] ---[ end trace 0000000000000000 ]--- [ 165.188922] ------------[ cut here ]------------ [ 165.189305] WARNING: CPU: 1 PID: 1558 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.190068] Modules linked in: [ 165.190311] CPU: 1 PID: 1558 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.191007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.191866] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.192241] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.193622] RSP: 0018:ffff888020f9fbb8 EFLAGS: 00010246 [ 165.194025] RAX: 0000000000000000 RBX: ffff888010be60a8 RCX: 0000000000000000 [ 165.194574] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 165.195125] RBP: ffff888020f9fbd0 R08: ffffed100217cc33 R09: ffffed100217cc33 [ 165.195666] R10: ffff888010be6193 R11: ffffed100217cc32 R12: ffff888012d46400 [ 165.196204] R13: ffff888010be61e8 R14: ffffffff8352e670 R15: ffff888020f9fe68 [ 165.196741] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.197349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.197789] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 165.198327] PKRU: 55555554 [ 165.198559] Call Trace: [ 165.198755] [ 165.198929] __iommufd_access_detach+0x1c2/0x2b0 [ 165.199325] iommufd_access_change_pt+0x149/0x270 [ 165.199703] iommufd_access_replace+0xb4/0x120 [ 165.200062] iommufd_test+0x3e5/0x37e0 [ 165.200359] ? lock_release+0x532/0x770 [ 165.200674] ? __might_fault+0x102/0x1b0 [ 165.200990] ? lock_acquire+0x427/0x4c0 [ 165.201306] ? __pfx_iommufd_test+0x10/0x10 [ 165.201634] ? __pfx_lock_release+0x10/0x10 [ 165.201970] ? __pfx_lock_acquire+0x10/0x10 [ 165.202308] ? write_comp_data+0x2f/0x90 [ 165.202644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.203021] ? write_comp_data+0x2f/0x90 [ 165.203350] iommufd_fops_ioctl+0x37d/0x510 [ 165.203686] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.204065] ? write_comp_data+0x2f/0x90 [ 165.204384] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.204756] __x64_sys_ioctl+0x1a3/0x230 [ 165.205078] do_syscall_64+0x3b/0x90 [ 165.205374] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.205776] RIP: 0033:0x7f4b8743ee5d [ 165.206062] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.207466] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.208047] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.208582] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.209120] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.209655] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.210191] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.210753] [ 165.210934] irq event stamp: 0 [ 165.211187] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.211671] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.212304] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.212935] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.213413] ---[ end trace 0000000000000000 ]--- [ 165.216160] ------------[ cut here ]------------ [ 165.216543] WARNING: CPU: 1 PID: 1558 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.217313] Modules linked in: [ 165.217558] CPU: 1 PID: 1558 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.218216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.219085] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.219475] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.220846] RSP: 0018:ffff888020f9fbd0 EFLAGS: 00010246 [ 165.221246] RAX: 0000000000000000 RBX: ffff888010be60a8 RCX: 0000000000000000 [ 165.221780] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 165.222317] RBP: ffff888020f9fbe8 R08: ffffed100217cc33 R09: ffffed100217cc33 [ 165.222871] R10: ffff888010be6193 R11: ffffed100217cc32 R12: ffff888013edb400 [ 165.223416] R13: ffff888010be61e8 R14: ffff88800fa77000 R15: 0000000000000000 [ 165.223954] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.224561] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.225002] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.225546] PKRU: 55555554 [ 165.225763] Call Trace: [ 165.225958] [ 165.226132] iommufd_access_destroy_object+0x65/0x170 [ 165.226546] iommufd_object_destroy_user+0x18e/0x220 [ 165.226940] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.227397] iommufd_access_destroy+0x43/0x70 [ 165.227753] iommufd_test_staccess_release+0x8d/0xd0 [ 165.228152] __fput+0x26d/0xa40 [ 165.228422] ____fput+0x1e/0x30 [ 165.228685] task_work_run+0x1a4/0x2d0 [ 165.228987] ? __pfx_task_work_run+0x10/0x10 [ 165.229327] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.229708] ? switch_task_namespaces+0xa9/0xe0 [ 165.230075] do_exit+0xb17/0x2ef0 [ 165.230336] ? lock_acquire+0x427/0x4c0 [ 165.230662] ? __pfx_lock_release+0x10/0x10 [ 165.230997] ? __kasan_check_write+0x18/0x20 [ 165.231336] ? do_raw_spin_lock+0x132/0x2a0 [ 165.231662] ? __pfx_do_exit+0x10/0x10 [ 165.231959] ? debug_smp_processor_id+0x20/0x30 [ 165.232308] ? rcu_is_watching+0x19/0xb0 [ 165.232617] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.232960] ? trace_hardirqs_on+0x26/0x120 [ 165.233289] do_group_exit+0xe0/0x2b0 [ 165.233580] __x64_sys_exit_group+0x47/0x50 [ 165.233901] do_syscall_64+0x3b/0x90 [ 165.234191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.234600] RIP: 0033:0x7f4b87518a4d [ 165.234880] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.235348] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.235913] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.236443] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.236971] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.237499] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.238025] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.238572] [ 165.238751] irq event stamp: 0 [ 165.238986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.239464] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.240093] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.240716] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.241186] ---[ end trace 0000000000000000 ]--- [ 165.241846] ------------[ cut here ]------------ [ 165.242200] WARNING: CPU: 1 PID: 1558 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.242983] Modules linked in: [ 165.243240] CPU: 1 PID: 1558 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.243900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.244731] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.245117] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.246468] RSP: 0018:ffff888020f9fb78 EFLAGS: 00010246 [ 165.246887] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.247423] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 165.247955] RBP: ffff888020f9fb98 R08: ffffed100217cc3e R09: ffffed100217cc3e [ 165.248485] R10: ffff888010be61ef R11: ffffed100217cc3d R12: ffff888010be6290 [ 165.249008] R13: ffff888010be60a8 R14: ffffffffffffffff R15: ffff888020f9fc60 [ 165.249535] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.250131] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.250589] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.251123] PKRU: 55555554 [ 165.251335] Call Trace: [ 165.251526] [ 165.251697] iommufd_ioas_destroy+0x53/0x70 [ 165.252030] iommufd_fops_release+0x1f7/0x370 [ 165.252378] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.252759] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.253131] ? write_comp_data+0x2f/0x90 [ 165.253446] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.253824] __fput+0x26d/0xa40 [ 165.254087] ____fput+0x1e/0x30 [ 165.254345] task_work_run+0x1a4/0x2d0 [ 165.254664] ? __pfx_task_work_run+0x10/0x10 [ 165.255005] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.255383] ? switch_task_namespaces+0xa9/0xe0 [ 165.255743] do_exit+0xb17/0x2ef0 [ 165.256008] ? lock_acquire+0x427/0x4c0 [ 165.256319] ? __pfx_lock_release+0x10/0x10 [ 165.256651] ? __kasan_check_write+0x18/0x20 [ 165.256987] ? do_raw_spin_lock+0x132/0x2a0 [ 165.257309] ? __pfx_do_exit+0x10/0x10 [ 165.257611] ? debug_smp_processor_id+0x20/0x30 [ 165.257962] ? rcu_is_watching+0x19/0xb0 [ 165.258273] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.258635] ? trace_hardirqs_on+0x26/0x120 [ 165.258971] do_group_exit+0xe0/0x2b0 [ 165.259273] __x64_sys_exit_group+0x47/0x50 [ 165.259604] do_syscall_64+0x3b/0x90 [ 165.259892] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.260291] RIP: 0033:0x7f4b87518a4d [ 165.260651] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.261347] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.261917] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.262472] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.263139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.263678] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.264211] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.264781] [ 165.265035] irq event stamp: 0 [ 165.265278] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.265754] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.266388] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.267148] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.267638] ---[ end trace 0000000000000000 ]--- [ 165.271274] ------------[ cut here ]------------ [ 165.271659] WARNING: CPU: 1 PID: 1559 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.272569] Modules linked in: [ 165.272828] CPU: 1 PID: 1559 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.273523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.274573] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.274973] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.276490] RSP: 0018:ffff888017307bb8 EFLAGS: 00010246 [ 165.276964] RAX: 0000000000000000 RBX: ffff888012c188a8 RCX: 0000000000000000 [ 165.277526] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 165.278115] RBP: ffff888017307bd0 R08: ffffed1002583133 R09: ffffed1002583133 [ 165.278747] R10: ffff888012c18993 R11: ffffed1002583132 R12: ffff888012b65c00 [ 165.279321] R13: ffff888012c189e8 R14: ffffffff8352e670 R15: ffff888017307e68 [ 165.279879] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.280644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.281101] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 165.281662] PKRU: 55555554 [ 165.281887] Call Trace: [ 165.282160] [ 165.282400] __iommufd_access_detach+0x1c2/0x2b0 [ 165.282812] iommufd_access_change_pt+0x149/0x270 [ 165.283211] iommufd_access_replace+0xb4/0x120 [ 165.283585] iommufd_test+0x3e5/0x37e0 [ 165.283896] ? lock_release+0x532/0x770 [ 165.284296] ? __might_fault+0x102/0x1b0 [ 165.284682] ? lock_acquire+0x427/0x4c0 [ 165.285009] ? __pfx_iommufd_test+0x10/0x10 [ 165.285356] ? __pfx_lock_release+0x10/0x10 [ 165.285718] ? __pfx_lock_acquire+0x10/0x10 [ 165.286140] ? write_comp_data+0x2f/0x90 [ 165.286542] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.286944] ? write_comp_data+0x2f/0x90 [ 165.287295] iommufd_fops_ioctl+0x37d/0x510 [ 165.287660] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.288070] ? write_comp_data+0x2f/0x90 [ 165.288538] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.288949] __x64_sys_ioctl+0x1a3/0x230 [ 165.289302] do_syscall_64+0x3b/0x90 [ 165.289625] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.290092] RIP: 0033:0x7f4b8743ee5d [ 165.290498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.292036] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.292814] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.293404] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.293992] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.294746] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.295349] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.295947] [ 165.296141] irq event stamp: 0 [ 165.296405] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.297070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.297770] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.298543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.299144] ---[ end trace 0000000000000000 ]--- [ 165.302049] ------------[ cut here ]------------ [ 165.302595] WARNING: CPU: 1 PID: 1559 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.303465] Modules linked in: [ 165.303733] CPU: 1 PID: 1559 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.304532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.305512] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.305926] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.307619] RSP: 0018:ffff888017307bd0 EFLAGS: 00010246 [ 165.308027] RAX: 0000000000000000 RBX: ffff888012c188a8 RCX: 0000000000000000 [ 165.308687] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 165.309318] RBP: ffff888017307be8 R08: ffffed1002583133 R09: ffffed1002583133 [ 165.309902] R10: ffff888012c18993 R11: ffffed1002583132 R12: ffff888012d44800 [ 165.310578] R13: ffff888012c189e8 R14: ffff888012c61300 R15: 0000000000000000 [ 165.311202] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.311862] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.312340] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 165.313058] PKRU: 55555554 [ 165.313297] Call Trace: [ 165.313514] [ 165.313703] iommufd_access_destroy_object+0x65/0x170 [ 165.314151] iommufd_object_destroy_user+0x18e/0x220 [ 165.314722] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.315215] iommufd_access_destroy+0x43/0x70 [ 165.315598] iommufd_test_staccess_release+0x8d/0xd0 [ 165.316024] __fput+0x26d/0xa40 [ 165.316315] ____fput+0x1e/0x30 [ 165.316635] task_work_run+0x1a4/0x2d0 [ 165.317035] ? __pfx_task_work_run+0x10/0x10 [ 165.317403] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.317812] ? switch_task_namespaces+0xa9/0xe0 [ 165.318209] do_exit+0xb17/0x2ef0 [ 165.318583] ? lock_acquire+0x427/0x4c0 [ 165.318974] ? __pfx_lock_release+0x10/0x10 [ 165.319348] ? __kasan_check_write+0x18/0x20 [ 165.319719] ? do_raw_spin_lock+0x132/0x2a0 [ 165.320078] ? __pfx_do_exit+0x10/0x10 [ 165.320412] ? debug_smp_processor_id+0x20/0x30 [ 165.320919] ? rcu_is_watching+0x19/0xb0 [ 165.321261] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.321644] ? trace_hardirqs_on+0x26/0x120 [ 165.322011] do_group_exit+0xe0/0x2b0 [ 165.322335] __x64_sys_exit_group+0x47/0x50 [ 165.322854] do_syscall_64+0x3b/0x90 [ 165.323195] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.323652] RIP: 0033:0x7f4b87518a4d [ 165.323975] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.324502] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.325308] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.325922] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.326558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.327326] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.327938] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.328555] [ 165.328758] irq event stamp: 0 [ 165.329118] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.329735] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.330454] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.331354] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.331900] ---[ end trace 0000000000000000 ]--- [ 165.332930] ------------[ cut here ]------------ [ 165.333430] WARNING: CPU: 1 PID: 1559 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.334339] Modules linked in: [ 165.334641] CPU: 1 PID: 1559 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.335408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.336532] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.336976] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.338708] RSP: 0018:ffff888017307b78 EFLAGS: 00010246 [ 165.339176] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.339835] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 165.340528] RBP: ffff888017307b98 R08: ffffed100258313e R09: ffffed100258313e [ 165.341134] R10: ffff888012c189ef R11: ffffed100258313d R12: ffff888012c18a90 [ 165.341806] R13: ffff888012c188a8 R14: ffffffffffffffff R15: ffff888017307c60 [ 165.342491] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.343230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.343729] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 165.344497] PKRU: 55555554 [ 165.344742] Call Trace: [ 165.344962] [ 165.345162] iommufd_ioas_destroy+0x53/0x70 [ 165.345546] iommufd_fops_release+0x1f7/0x370 [ 165.345980] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.346487] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.346940] ? write_comp_data+0x2f/0x90 [ 165.347307] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.347741] __fput+0x26d/0xa40 [ 165.348043] ____fput+0x1e/0x30 [ 165.348431] task_work_run+0x1a4/0x2d0 [ 165.348821] ? __pfx_task_work_run+0x10/0x10 [ 165.349205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.349631] ? switch_task_namespaces+0xa9/0xe0 [ 165.350085] do_exit+0xb17/0x2ef0 [ 165.350465] ? lock_acquire+0x427/0x4c0 [ 165.350845] ? __pfx_lock_release+0x10/0x10 [ 165.351236] ? __kasan_check_write+0x18/0x20 [ 165.351621] ? do_raw_spin_lock+0x132/0x2a0 [ 165.351994] ? __pfx_do_exit+0x10/0x10 [ 165.352373] ? debug_smp_processor_id+0x20/0x30 [ 165.352877] ? rcu_is_watching+0x19/0xb0 [ 165.353229] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.353621] ? trace_hardirqs_on+0x26/0x120 [ 165.353996] do_group_exit+0xe0/0x2b0 [ 165.354410] __x64_sys_exit_group+0x47/0x50 [ 165.354862] do_syscall_64+0x3b/0x90 [ 165.355196] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.355647] RIP: 0033:0x7f4b87518a4d [ 165.355968] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.356533] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.357274] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.357885] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.358593] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.359262] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.359869] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.360488] [ 165.360771] irq event stamp: 0 [ 165.361100] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.361642] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.362381] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.363229] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.363772] ---[ end trace 0000000000000000 ]--- [ 165.368535] ------------[ cut here ]------------ [ 165.369120] WARNING: CPU: 1 PID: 1560 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.369989] Modules linked in: [ 165.370269] CPU: 1 PID: 1560 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.371196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.372163] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.372601] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.374366] RSP: 0018:ffff888020f9fbb8 EFLAGS: 00010246 [ 165.374855] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 165.375641] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 165.376272] RBP: ffff888020f9fbd0 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 165.376898] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff88801226cc00 [ 165.377683] R13: ffff888011f621e8 R14: ffffffff8352e670 R15: ffff888020f9fe68 [ 165.378311] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.379040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.379643] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 165.380342] PKRU: 55555554 [ 165.380592] Call Trace: [ 165.380820] [ 165.381022] __iommufd_access_detach+0x1c2/0x2b0 [ 165.381501] iommufd_access_change_pt+0x149/0x270 [ 165.382023] iommufd_access_replace+0xb4/0x120 [ 165.382442] iommufd_test+0x3e5/0x37e0 [ 165.382812] ? lock_release+0x532/0x770 [ 165.383193] ? __might_fault+0x102/0x1b0 [ 165.383566] ? lock_acquire+0x427/0x4c0 [ 165.384020] ? __pfx_iommufd_test+0x10/0x10 [ 165.384481] ? __pfx_lock_release+0x10/0x10 [ 165.384873] ? __pfx_lock_acquire+0x10/0x10 [ 165.385272] ? write_comp_data+0x2f/0x90 [ 165.385664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.386225] ? write_comp_data+0x2f/0x90 [ 165.386619] iommufd_fops_ioctl+0x37d/0x510 [ 165.387006] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.387459] ? write_comp_data+0x2f/0x90 [ 165.387834] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.388354] __x64_sys_ioctl+0x1a3/0x230 [ 165.388778] do_syscall_64+0x3b/0x90 [ 165.389120] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.389588] RIP: 0033:0x7f4b8743ee5d [ 165.389920] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.391733] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.392455] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.393183] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.393815] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.394500] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.395267] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.395909] [ 165.396119] irq event stamp: 0 [ 165.396401] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.397106] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.397852] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.398642] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.399284] ---[ end trace 0000000000000000 ]--- [ 165.402328] ------------[ cut here ]------------ [ 165.402894] WARNING: CPU: 1 PID: 1560 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.403842] Modules linked in: [ 165.404127] CPU: 1 PID: 1560 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.404961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.406017] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.406489] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.408407] RSP: 0018:ffff888020f9fbd0 EFLAGS: 00010246 [ 165.408914] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 165.409744] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 165.410414] RBP: ffff888020f9fbe8 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 165.411099] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff888012b64c00 [ 165.411946] R13: ffff888011f621e8 R14: ffff888013727c00 R15: 0000000000000000 [ 165.412610] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.413357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.414060] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 165.414751] PKRU: 55555554 [ 165.415023] Call Trace: [ 165.415277] [ 165.415489] iommufd_access_destroy_object+0x65/0x170 [ 165.416031] iommufd_object_destroy_user+0x18e/0x220 [ 165.416606] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.417153] iommufd_access_destroy+0x43/0x70 [ 165.417596] iommufd_test_staccess_release+0x8d/0xd0 [ 165.418085] __fput+0x26d/0xa40 [ 165.418410] ____fput+0x1e/0x30 [ 165.418799] task_work_run+0x1a4/0x2d0 [ 165.419206] ? __pfx_task_work_run+0x10/0x10 [ 165.419631] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.420095] ? switch_task_namespaces+0xa9/0xe0 [ 165.420541] do_exit+0xb17/0x2ef0 [ 165.420864] ? lock_acquire+0x427/0x4c0 [ 165.421244] ? __pfx_lock_release+0x10/0x10 [ 165.421656] ? __kasan_check_write+0x18/0x20 [ 165.422069] ? do_raw_spin_lock+0x132/0x2a0 [ 165.422476] ? __pfx_do_exit+0x10/0x10 [ 165.422870] ? debug_smp_processor_id+0x20/0x30 [ 165.423323] ? rcu_is_watching+0x19/0xb0 [ 165.423708] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.424140] ? trace_hardirqs_on+0x26/0x120 [ 165.424552] do_group_exit+0xe0/0x2b0 [ 165.424911] __x64_sys_exit_group+0x47/0x50 [ 165.425307] do_syscall_64+0x3b/0x90 [ 165.425659] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.426140] RIP: 0033:0x7f4b87518a4d [ 165.426482] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.427067] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.427774] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.428421] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.429078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.429725] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.430371] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.431050] [ 165.431280] irq event stamp: 0 [ 165.431574] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.432154] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.432926] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.433696] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.434270] ---[ end trace 0000000000000000 ]--- [ 165.435157] ------------[ cut here ]------------ [ 165.435592] WARNING: CPU: 1 PID: 1560 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.436524] Modules linked in: [ 165.436819] CPU: 1 PID: 1560 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.437615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.438839] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.439330] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.440989] RSP: 0018:ffff888020f9fb78 EFLAGS: 00010246 [ 165.441476] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.442132] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 165.442800] RBP: ffff888020f9fb98 R08: ffffed10023ec43e R09: ffffed10023ec43e [ 165.443468] R10: ffff888011f621ef R11: ffffed10023ec43d R12: ffff888011f62290 [ 165.444115] R13: ffff888011f620a8 R14: ffffffffffffffff R15: ffff888020f9fc60 [ 165.444764] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.445502] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.446027] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 165.446692] PKRU: 55555554 [ 165.446940] Call Trace: [ 165.447170] [ 165.447371] iommufd_ioas_destroy+0x53/0x70 [ 165.447757] iommufd_fops_release+0x1f7/0x370 [ 165.448160] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.448601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.449031] ? write_comp_data+0x2f/0x90 [ 165.449396] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.449837] __fput+0x26d/0xa40 [ 165.450145] ____fput+0x1e/0x30 [ 165.450445] task_work_run+0x1a4/0x2d0 [ 165.450822] ? __pfx_task_work_run+0x10/0x10 [ 165.451218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.451651] ? switch_task_namespaces+0xa9/0xe0 [ 165.452070] do_exit+0xb17/0x2ef0 [ 165.452375] ? lock_acquire+0x427/0x4c0 [ 165.452730] ? __pfx_lock_release+0x10/0x10 [ 165.453112] ? __kasan_check_write+0x18/0x20 [ 165.453497] ? do_raw_spin_lock+0x132/0x2a0 [ 165.453875] ? __pfx_do_exit+0x10/0x10 [ 165.454228] ? debug_smp_processor_id+0x20/0x30 [ 165.454656] ? rcu_is_watching+0x19/0xb0 [ 165.455017] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.455428] ? trace_hardirqs_on+0x26/0x120 [ 165.455808] do_group_exit+0xe0/0x2b0 [ 165.456141] __x64_sys_exit_group+0x47/0x50 [ 165.456517] do_syscall_64+0x3b/0x90 [ 165.456850] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.457304] RIP: 0033:0x7f4b87518a4d [ 165.457628] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.458159] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.458835] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.459460] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.460071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.460677] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.461288] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.461906] [ 165.462111] irq event stamp: 0 [ 165.462385] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.462942] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.463672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.464392] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.464937] ---[ end trace 0000000000000000 ]--- [ 165.469064] ------------[ cut here ]------------ [ 165.469515] WARNING: CPU: 1 PID: 1561 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.470387] Modules linked in: [ 165.470693] CPU: 1 PID: 1561 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.471463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.472410] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.472818] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.474293] RSP: 0018:ffff888017847bb8 EFLAGS: 00010246 [ 165.474748] RAX: 0000000000000000 RBX: ffff88800cb970a8 RCX: 0000000000000000 [ 165.475333] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 165.475911] RBP: ffff888017847bd0 R08: ffffed1001972e33 R09: ffffed1001972e33 [ 165.476492] R10: ffff88800cb97193 R11: ffffed1001972e32 R12: ffff88800ae93c00 [ 165.477073] R13: ffff88800cb971e8 R14: ffffffff8352e670 R15: ffff888017847e68 [ 165.477651] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.478302] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.478791] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 165.479385] PKRU: 55555554 [ 165.479619] Call Trace: [ 165.479828] [ 165.480015] __iommufd_access_detach+0x1c2/0x2b0 [ 165.480418] iommufd_access_change_pt+0x149/0x270 [ 165.480826] iommufd_access_replace+0xb4/0x120 [ 165.481213] iommufd_test+0x3e5/0x37e0 [ 165.481536] ? lock_release+0x532/0x770 [ 165.481874] ? __might_fault+0x102/0x1b0 [ 165.482213] ? lock_acquire+0x427/0x4c0 [ 165.482566] ? __pfx_iommufd_test+0x10/0x10 [ 165.482923] ? __pfx_lock_release+0x10/0x10 [ 165.483297] ? __pfx_lock_acquire+0x10/0x10 [ 165.483664] ? write_comp_data+0x2f/0x90 [ 165.484008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.484417] ? write_comp_data+0x2f/0x90 [ 165.484770] iommufd_fops_ioctl+0x37d/0x510 [ 165.485128] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.485534] ? write_comp_data+0x2f/0x90 [ 165.485878] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.486276] __x64_sys_ioctl+0x1a3/0x230 [ 165.486641] do_syscall_64+0x3b/0x90 [ 165.486961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.487404] RIP: 0033:0x7f4b8743ee5d [ 165.487712] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.489228] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.489853] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.490435] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.491035] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.491625] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.492204] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.492797] [ 165.492989] irq event stamp: 0 [ 165.493247] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.493782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.494468] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.495180] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.495698] ---[ end trace 0000000000000000 ]--- [ 165.498530] ------------[ cut here ]------------ [ 165.498956] WARNING: CPU: 1 PID: 1561 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.499798] Modules linked in: [ 165.500063] CPU: 1 PID: 1561 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.500787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.501705] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.502114] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.503622] RSP: 0018:ffff888017847bd0 EFLAGS: 00010246 [ 165.504063] RAX: 0000000000000000 RBX: ffff88800cb970a8 RCX: 0000000000000000 [ 165.504652] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 165.505235] RBP: ffff888017847be8 R08: ffffed1001972e33 R09: ffffed1001972e33 [ 165.505817] R10: ffff88800cb97193 R11: ffffed1001972e32 R12: ffff88801226dc00 [ 165.506398] R13: ffff88800cb971e8 R14: ffff88800efdb900 R15: 0000000000000000 [ 165.507003] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.507681] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.508161] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.508745] PKRU: 55555554 [ 165.508980] Call Trace: [ 165.509191] [ 165.509378] iommufd_access_destroy_object+0x65/0x170 [ 165.509810] iommufd_object_destroy_user+0x18e/0x220 [ 165.510239] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.510752] iommufd_access_destroy+0x43/0x70 [ 165.511145] iommufd_test_staccess_release+0x8d/0xd0 [ 165.511578] __fput+0x26d/0xa40 [ 165.511870] ____fput+0x1e/0x30 [ 165.512157] task_work_run+0x1a4/0x2d0 [ 165.512491] ? __pfx_task_work_run+0x10/0x10 [ 165.512860] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.513272] ? switch_task_namespaces+0xa9/0xe0 [ 165.513677] do_exit+0xb17/0x2ef0 [ 165.513969] ? lock_acquire+0x427/0x4c0 [ 165.514314] ? __pfx_lock_release+0x10/0x10 [ 165.514705] ? __kasan_check_write+0x18/0x20 [ 165.515082] ? do_raw_spin_lock+0x132/0x2a0 [ 165.515460] ? __pfx_do_exit+0x10/0x10 [ 165.515799] ? debug_smp_processor_id+0x20/0x30 [ 165.516189] ? rcu_is_watching+0x19/0xb0 [ 165.516538] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.516977] ? trace_hardirqs_on+0x26/0x120 [ 165.517490] do_group_exit+0xe0/0x2b0 [ 165.517820] __x64_sys_exit_group+0x47/0x50 [ 165.518182] do_syscall_64+0x3b/0x90 [ 165.518533] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.518979] RIP: 0033:0x7f4b87518a4d [ 165.519450] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.519962] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.520596] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.521193] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.521927] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.522536] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.523130] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.523743] [ 165.523984] irq event stamp: 0 [ 165.524309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.524838] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.525525] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.526348] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.526897] ---[ end trace 0000000000000000 ]--- [ 165.527624] ------------[ cut here ]------------ [ 165.528079] WARNING: CPU: 1 PID: 1561 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.528982] Modules linked in: [ 165.529249] CPU: 1 PID: 1561 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.530034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.531039] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.531478] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.533132] RSP: 0018:ffff888017847b78 EFLAGS: 00010246 [ 165.533574] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.534372] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 165.534982] RBP: ffff888017847b98 R08: ffffed1001972e3e R09: ffffed1001972e3e [ 165.535589] R10: ffff88800cb971ef R11: ffffed1001972e3d R12: ffff88800cb97290 [ 165.536189] R13: ffff88800cb970a8 R14: ffffffffffffffff R15: ffff888017847c60 [ 165.536910] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.537568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.538050] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.538863] PKRU: 55555554 [ 165.539099] Call Trace: [ 165.539319] [ 165.539508] iommufd_ioas_destroy+0x53/0x70 [ 165.539878] iommufd_fops_release+0x1f7/0x370 [ 165.540259] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.540847] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.541272] ? write_comp_data+0x2f/0x90 [ 165.541630] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.542069] __fput+0x26d/0xa40 [ 165.542403] ____fput+0x1e/0x30 [ 165.542879] task_work_run+0x1a4/0x2d0 [ 165.543245] ? __pfx_task_work_run+0x10/0x10 [ 165.543635] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.544062] ? switch_task_namespaces+0xa9/0xe0 [ 165.544479] do_exit+0xb17/0x2ef0 [ 165.544786] ? lock_acquire+0x427/0x4c0 [ 165.545311] ? __pfx_lock_release+0x10/0x10 [ 165.545690] ? __kasan_check_write+0x18/0x20 [ 165.546083] ? do_raw_spin_lock+0x132/0x2a0 [ 165.546460] ? __pfx_do_exit+0x10/0x10 [ 165.546861] ? debug_smp_processor_id+0x20/0x30 [ 165.547424] ? rcu_is_watching+0x19/0xb0 [ 165.547781] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.548182] ? trace_hardirqs_on+0x26/0x120 [ 165.548568] do_group_exit+0xe0/0x2b0 [ 165.548913] __x64_sys_exit_group+0x47/0x50 [ 165.549383] do_syscall_64+0x3b/0x90 [ 165.549794] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.550276] RIP: 0033:0x7f4b87518a4d [ 165.550639] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.551193] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.552000] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.552630] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.553270] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.553983] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.554688] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.555328] [ 165.555535] irq event stamp: 0 [ 165.555812] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.556534] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.557264] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.557990] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.558712] ---[ end trace 0000000000000000 ]--- [ 165.563088] ------------[ cut here ]------------ [ 165.563563] WARNING: CPU: 1 PID: 1562 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.564550] Modules linked in: [ 165.564866] CPU: 1 PID: 1562 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.565611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.566786] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.567236] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.568927] RSP: 0018:ffff888017307bb8 EFLAGS: 00010246 [ 165.569495] RAX: 0000000000000000 RBX: ffff8880147048a8 RCX: 0000000000000000 [ 165.570151] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 165.570856] RBP: ffff888017307bd0 R08: ffffed10028e0933 R09: ffffed10028e0933 [ 165.571689] R10: ffff888014704993 R11: ffffed10028e0932 R12: ffff88800a726000 [ 165.572348] R13: ffff8880147049e8 R14: ffffffff8352e670 R15: ffff888017307e68 [ 165.573005] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.573924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.574462] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 165.575159] PKRU: 55555554 [ 165.575435] Call Trace: [ 165.575677] [ 165.575935] __iommufd_access_detach+0x1c2/0x2b0 [ 165.576466] iommufd_access_change_pt+0x149/0x270 [ 165.576924] iommufd_access_replace+0xb4/0x120 [ 165.577356] iommufd_test+0x3e5/0x37e0 [ 165.577718] ? lock_release+0x532/0x770 [ 165.578247] ? __might_fault+0x102/0x1b0 [ 165.578659] ? lock_acquire+0x427/0x4c0 [ 165.579037] ? __pfx_iommufd_test+0x10/0x10 [ 165.579446] ? __pfx_lock_release+0x10/0x10 [ 165.579859] ? __pfx_lock_acquire+0x10/0x10 [ 165.580280] ? write_comp_data+0x2f/0x90 [ 165.580848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.581313] ? write_comp_data+0x2f/0x90 [ 165.581704] iommufd_fops_ioctl+0x37d/0x510 [ 165.582116] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.582602] ? write_comp_data+0x2f/0x90 [ 165.582999] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.583463] __x64_sys_ioctl+0x1a3/0x230 [ 165.583854] do_syscall_64+0x3b/0x90 [ 165.584220] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.584721] RIP: 0033:0x7f4b8743ee5d [ 165.585071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.586776] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.587502] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.588166] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.588843] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.589516] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.590179] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.590875] [ 165.591100] irq event stamp: 0 [ 165.591406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.592002] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.592796] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.593595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.594186] ---[ end trace 0000000000000000 ]--- [ 165.597285] ------------[ cut here ]------------ [ 165.597756] WARNING: CPU: 1 PID: 1562 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.598749] Modules linked in: [ 165.599054] CPU: 1 PID: 1562 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.599873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.600922] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.601393] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.603391] RSP: 0018:ffff888017307bd0 EFLAGS: 00010246 [ 165.603889] RAX: 0000000000000000 RBX: ffff8880147048a8 RCX: 0000000000000000 [ 165.604548] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 165.605223] RBP: ffff888017307be8 R08: ffffed10028e0933 R09: ffffed10028e0933 [ 165.605894] R10: ffff888014704993 R11: ffffed10028e0932 R12: ffff88800ae93800 [ 165.606593] R13: ffff8880147049e8 R14: ffff8880104c0700 R15: 0000000000000000 [ 165.607286] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.608040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.608595] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.609268] PKRU: 55555554 [ 165.609538] Call Trace: [ 165.609779] [ 165.609996] iommufd_access_destroy_object+0x65/0x170 [ 165.610535] iommufd_object_destroy_user+0x18e/0x220 [ 165.611033] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.611595] iommufd_access_destroy+0x43/0x70 [ 165.612045] iommufd_test_staccess_release+0x8d/0xd0 [ 165.612544] __fput+0x26d/0xa40 [ 165.612876] ____fput+0x1e/0x30 [ 165.613205] task_work_run+0x1a4/0x2d0 [ 165.613591] ? __pfx_task_work_run+0x10/0x10 [ 165.614030] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.614547] ? switch_task_namespaces+0xa9/0xe0 [ 165.615017] do_exit+0xb17/0x2ef0 [ 165.615390] ? lock_acquire+0x427/0x4c0 [ 165.615785] ? __pfx_lock_release+0x10/0x10 [ 165.616210] ? __kasan_check_write+0x18/0x20 [ 165.616649] ? do_raw_spin_lock+0x132/0x2a0 [ 165.617068] ? __pfx_do_exit+0x10/0x10 [ 165.617446] ? debug_smp_processor_id+0x20/0x30 [ 165.617887] ? rcu_is_watching+0x19/0xb0 [ 165.618276] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.618739] ? trace_hardirqs_on+0x26/0x120 [ 165.619171] do_group_exit+0xe0/0x2b0 [ 165.619542] __x64_sys_exit_group+0x47/0x50 [ 165.619953] do_syscall_64+0x3b/0x90 [ 165.620319] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.620824] RIP: 0033:0x7f4b87518a4d [ 165.621178] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.621758] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.622473] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.623178] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.623855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.624516] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.625182] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.625870] [ 165.626090] irq event stamp: 0 [ 165.626394] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.627019] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.627829] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.628612] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.629205] ---[ end trace 0000000000000000 ]--- [ 165.630015] ------------[ cut here ]------------ [ 165.630478] WARNING: CPU: 1 PID: 1562 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.631542] Modules linked in: [ 165.631856] CPU: 1 PID: 1562 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.632693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.633760] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.634261] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.636031] RSP: 0018:ffff888017307b78 EFLAGS: 00010246 [ 165.636560] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.637231] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 165.637901] RBP: ffff888017307b98 R08: ffffed10028e093e R09: ffffed10028e093e [ 165.638596] R10: ffff8880147049ef R11: ffffed10028e093d R12: ffff888014704a90 [ 165.639301] R13: ffff8880147048a8 R14: ffffffffffffffff R15: ffff888017307c60 [ 165.639972] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.640725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.641269] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.641950] PKRU: 55555554 [ 165.642229] Call Trace: [ 165.642483] [ 165.642735] iommufd_ioas_destroy+0x53/0x70 [ 165.643192] iommufd_fops_release+0x1f7/0x370 [ 165.643639] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.644124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.644592] ? write_comp_data+0x2f/0x90 [ 165.644989] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.645458] __fput+0x26d/0xa40 [ 165.645783] ____fput+0x1e/0x30 [ 165.646110] task_work_run+0x1a4/0x2d0 [ 165.646494] ? __pfx_task_work_run+0x10/0x10 [ 165.646956] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.647446] ? switch_task_namespaces+0xa9/0xe0 [ 165.647910] do_exit+0xb17/0x2ef0 [ 165.648250] ? lock_acquire+0x427/0x4c0 [ 165.648640] ? __pfx_lock_release+0x10/0x10 [ 165.649058] ? __kasan_check_write+0x18/0x20 [ 165.649479] ? do_raw_spin_lock+0x132/0x2a0 [ 165.649891] ? __pfx_do_exit+0x10/0x10 [ 165.650270] ? debug_smp_processor_id+0x20/0x30 [ 165.650742] ? rcu_is_watching+0x19/0xb0 [ 165.651143] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.651593] ? trace_hardirqs_on+0x26/0x120 [ 165.652022] do_group_exit+0xe0/0x2b0 [ 165.652393] __x64_sys_exit_group+0x47/0x50 [ 165.652803] do_syscall_64+0x3b/0x90 [ 165.653174] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.653697] RIP: 0033:0x7f4b87518a4d [ 165.654068] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.654697] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.655436] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.656112] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.656783] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.657456] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.658148] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.658866] [ 165.659103] irq event stamp: 0 [ 165.659421] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.660015] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.660797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.661597] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.662192] ---[ end trace 0000000000000000 ]--- [ 165.666853] ------------[ cut here ]------------ [ 165.667374] WARNING: CPU: 1 PID: 1563 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.668322] Modules linked in: [ 165.668624] CPU: 1 PID: 1563 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.669435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.670485] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.671053] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.672771] RSP: 0018:ffff888016ff7bb8 EFLAGS: 00010246 [ 165.673269] RAX: 0000000000000000 RBX: ffff8880146208a8 RCX: 0000000000000000 [ 165.673930] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 165.674634] RBP: ffff888016ff7bd0 R08: ffffed10028c4133 R09: ffffed10028c4133 [ 165.675316] R10: ffff888014620993 R11: ffffed10028c4132 R12: ffff888010f04c00 [ 165.675985] R13: ffff8880146209e8 R14: ffffffff8352e670 R15: ffff888016ff7e68 [ 165.676658] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.677419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.677969] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 165.678659] PKRU: 55555554 [ 165.678926] Call Trace: [ 165.679179] [ 165.679394] __iommufd_access_detach+0x1c2/0x2b0 [ 165.679859] iommufd_access_change_pt+0x149/0x270 [ 165.680328] iommufd_access_replace+0xb4/0x120 [ 165.680773] iommufd_test+0x3e5/0x37e0 [ 165.681147] ? lock_release+0x532/0x770 [ 165.681537] ? __might_fault+0x102/0x1b0 [ 165.681933] ? lock_acquire+0x427/0x4c0 [ 165.682321] ? __pfx_iommufd_test+0x10/0x10 [ 165.682756] ? __pfx_lock_release+0x10/0x10 [ 165.683201] ? __pfx_lock_acquire+0x10/0x10 [ 165.683623] ? write_comp_data+0x2f/0x90 [ 165.684017] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.684477] ? write_comp_data+0x2f/0x90 [ 165.684876] iommufd_fops_ioctl+0x37d/0x510 [ 165.685290] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.685756] ? write_comp_data+0x2f/0x90 [ 165.686153] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.686631] __x64_sys_ioctl+0x1a3/0x230 [ 165.687031] do_syscall_64+0x3b/0x90 [ 165.687405] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.687905] RIP: 0033:0x7f4b8743ee5d [ 165.688256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.689988] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.690728] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.691416] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.692081] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.692747] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.693414] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.694090] [ 165.694318] irq event stamp: 0 [ 165.694650] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.695275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.696063] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.696839] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.697434] ---[ end trace 0000000000000000 ]--- [ 165.701449] ------------[ cut here ]------------ [ 165.701964] WARNING: CPU: 0 PID: 1563 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.702988] Modules linked in: [ 165.703318] CPU: 0 PID: 1563 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.704152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.705229] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.705716] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.707502] RSP: 0018:ffff888016ff7bd0 EFLAGS: 00010246 [ 165.708063] RAX: 0000000000000000 RBX: ffff8880146208a8 RCX: 0000000000000000 [ 165.708753] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 165.709428] RBP: ffff888016ff7be8 R08: ffffed10028c4133 R09: ffffed10028c4133 [ 165.710107] R10: ffff888014620993 R11: ffffed10028c4132 R12: ffff88800a724000 [ 165.710826] R13: ffff8880146209e8 R14: ffff888015bb8a00 R15: 0000000000000000 [ 165.711528] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 165.712292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.712848] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 165.713530] PKRU: 55555554 [ 165.713804] Call Trace: [ 165.714050] [ 165.714268] iommufd_access_destroy_object+0x65/0x170 [ 165.714803] iommufd_object_destroy_user+0x18e/0x220 [ 165.715317] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.715870] iommufd_access_destroy+0x43/0x70 [ 165.716303] iommufd_test_staccess_release+0x8d/0xd0 [ 165.716800] __fput+0x26d/0xa40 [ 165.717137] ____fput+0x1e/0x30 [ 165.717465] task_work_run+0x1a4/0x2d0 [ 165.717841] ? __pfx_task_work_run+0x10/0x10 [ 165.718268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.718807] ? switch_task_namespaces+0xa9/0xe0 [ 165.719282] do_exit+0xb17/0x2ef0 [ 165.719623] ? lock_acquire+0x427/0x4c0 [ 165.720010] ? __pfx_lock_release+0x10/0x10 [ 165.720443] ? __kasan_check_write+0x18/0x20 [ 165.720881] ? do_raw_spin_lock+0x132/0x2a0 [ 165.721296] ? __pfx_do_exit+0x10/0x10 [ 165.721681] ? debug_smp_processor_id+0x20/0x30 [ 165.722140] ? rcu_is_watching+0x19/0xb0 [ 165.722571] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.723032] ? trace_hardirqs_on+0x26/0x120 [ 165.723476] do_group_exit+0xe0/0x2b0 [ 165.723849] __x64_sys_exit_group+0x47/0x50 [ 165.724252] do_syscall_64+0x3b/0x90 [ 165.724628] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.725135] RIP: 0033:0x7f4b87518a4d [ 165.725496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.726086] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.726838] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.727538] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.728221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.728903] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.729595] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.730285] [ 165.730544] irq event stamp: 0 [ 165.730851] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.731475] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.732274] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.733066] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.733667] ---[ end trace 0000000000000000 ]--- [ 165.734499] ------------[ cut here ]------------ [ 165.735003] WARNING: CPU: 0 PID: 1563 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.736029] Modules linked in: [ 165.736344] CPU: 0 PID: 1563 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.737183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.738279] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.739027] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.740793] RSP: 0018:ffff888016ff7b78 EFLAGS: 00010246 [ 165.741318] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.742005] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 165.742741] RBP: ffff888016ff7b98 R08: ffffed10028c413e R09: ffffed10028c413e [ 165.743448] R10: ffff8880146209ef R11: ffffed10028c413d R12: ffff888014620a90 [ 165.744134] R13: ffff8880146208a8 R14: ffffffffffffffff R15: ffff888016ff7c60 [ 165.744811] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 165.745618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.746221] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 165.747012] PKRU: 55555554 [ 165.747331] Call Trace: [ 165.747604] [ 165.747843] iommufd_ioas_destroy+0x53/0x70 [ 165.748304] iommufd_fops_release+0x1f7/0x370 [ 165.748784] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.749309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.749829] ? write_comp_data+0x2f/0x90 [ 165.750256] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.750830] __fput+0x26d/0xa40 [ 165.751216] ____fput+0x1e/0x30 [ 165.751575] task_work_run+0x1a4/0x2d0 [ 165.751989] ? __pfx_task_work_run+0x10/0x10 [ 165.752467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.752982] ? switch_task_namespaces+0xa9/0xe0 [ 165.753476] do_exit+0xb17/0x2ef0 [ 165.753842] ? lock_acquire+0x427/0x4c0 [ 165.754270] ? __pfx_lock_release+0x10/0x10 [ 165.754772] ? __kasan_check_write+0x18/0x20 [ 165.755256] ? do_raw_spin_lock+0x132/0x2a0 [ 165.755709] ? __pfx_do_exit+0x10/0x10 [ 165.756129] ? debug_smp_processor_id+0x20/0x30 [ 165.756618] ? rcu_is_watching+0x19/0xb0 [ 165.757048] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.757532] ? trace_hardirqs_on+0x26/0x120 [ 165.757990] do_group_exit+0xe0/0x2b0 [ 165.758399] __x64_sys_exit_group+0x47/0x50 [ 165.758891] do_syscall_64+0x3b/0x90 [ 165.759309] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.759854] RIP: 0033:0x7f4b87518a4d [ 165.760241] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.760879] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.761671] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.762414] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.763227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.763973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.764711] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.765469] [ 165.765721] irq event stamp: 0 [ 165.766056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.766755] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.767657] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.768527] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.769196] ---[ end trace 0000000000000000 ]--- [ 165.776951] ------------[ cut here ]------------ [ 165.777736] WARNING: CPU: 1 PID: 1564 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.779333] Modules linked in: [ 165.779773] CPU: 1 PID: 1564 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.781207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.782727] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.783584] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.786128] RSP: 0018:ffff888023e1fbb8 EFLAGS: 00010246 [ 165.786882] RAX: 0000000000000000 RBX: ffff8880173008a8 RCX: 0000000000000000 [ 165.787905] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 165.788750] RBP: ffff888023e1fbd0 R08: ffffed1002e60133 R09: ffffed1002e60133 [ 165.789570] R10: ffff888017300993 R11: ffffed1002e60132 R12: ffff888018025000 [ 165.790496] R13: ffff8880173009e8 R14: ffffffff8352e670 R15: ffff888023e1fe68 [ 165.791300] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.792140] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.792853] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 165.793727] PKRU: 55555554 [ 165.794021] Call Trace: [ 165.794288] [ 165.794548] __iommufd_access_detach+0x1c2/0x2b0 [ 165.795068] iommufd_access_change_pt+0x149/0x270 [ 165.795807] iommufd_access_replace+0xb4/0x120 [ 165.796302] iommufd_test+0x3e5/0x37e0 [ 165.796715] ? lock_release+0x532/0x770 [ 165.797146] ? __might_fault+0x102/0x1b0 [ 165.797612] ? lock_acquire+0x427/0x4c0 [ 165.798322] ? __pfx_iommufd_test+0x10/0x10 [ 165.799002] ? __pfx_lock_release+0x10/0x10 [ 165.799624] ? __pfx_lock_acquire+0x10/0x10 [ 165.800217] ? write_comp_data+0x2f/0x90 [ 165.801096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.801757] ? write_comp_data+0x2f/0x90 [ 165.802320] iommufd_fops_ioctl+0x37d/0x510 [ 165.803248] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.803925] ? write_comp_data+0x2f/0x90 [ 165.804483] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.805131] __x64_sys_ioctl+0x1a3/0x230 [ 165.805842] do_syscall_64+0x3b/0x90 [ 165.806358] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.807102] RIP: 0033:0x7f4b8743ee5d [ 165.807634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.810171] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.811391] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.812332] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.813369] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.814365] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.815342] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.816464] [ 165.816779] irq event stamp: 0 [ 165.817196] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.818018] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.819325] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.820420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.821437] ---[ end trace 0000000000000000 ]--- [ 165.826409] ------------[ cut here ]------------ [ 165.827379] WARNING: CPU: 1 PID: 1564 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.828804] Modules linked in: [ 165.829215] CPU: 1 PID: 1564 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.830387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.831840] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.832323] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.834216] RSP: 0018:ffff888023e1fbd0 EFLAGS: 00010246 [ 165.834743] RAX: 0000000000000000 RBX: ffff8880173008a8 RCX: 0000000000000000 [ 165.835521] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 165.836244] RBP: ffff888023e1fbe8 R08: ffffed1002e60133 R09: ffffed1002e60133 [ 165.836921] R10: ffff888017300993 R11: ffffed1002e60132 R12: ffff888010f06400 [ 165.837767] R13: ffff8880173009e8 R14: ffff888020c48200 R15: 0000000000000000 [ 165.838448] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.839257] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.839841] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.840669] PKRU: 55555554 [ 165.840941] Call Trace: [ 165.841185] [ 165.841410] iommufd_access_destroy_object+0x65/0x170 [ 165.841911] iommufd_object_destroy_user+0x18e/0x220 [ 165.842602] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.843182] iommufd_access_destroy+0x43/0x70 [ 165.843625] iommufd_test_staccess_release+0x8d/0xd0 [ 165.844127] __fput+0x26d/0xa40 [ 165.844462] ____fput+0x1e/0x30 [ 165.844883] task_work_run+0x1a4/0x2d0 [ 165.845338] ? __pfx_task_work_run+0x10/0x10 [ 165.845762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.846239] ? switch_task_namespaces+0xa9/0xe0 [ 165.846721] do_exit+0xb17/0x2ef0 [ 165.847058] ? lock_acquire+0x427/0x4c0 [ 165.847616] ? __pfx_lock_release+0x10/0x10 [ 165.848042] ? __kasan_check_write+0x18/0x20 [ 165.848476] ? do_raw_spin_lock+0x132/0x2a0 [ 165.848897] ? __pfx_do_exit+0x10/0x10 [ 165.849289] ? debug_smp_processor_id+0x20/0x30 [ 165.849907] ? rcu_is_watching+0x19/0xb0 [ 165.850311] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.850779] ? trace_hardirqs_on+0x26/0x120 [ 165.851218] do_group_exit+0xe0/0x2b0 [ 165.851599] __x64_sys_exit_group+0x47/0x50 [ 165.852067] do_syscall_64+0x3b/0x90 [ 165.852542] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.853133] RIP: 0033:0x7f4b87518a4d [ 165.853496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.854085] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.854978] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.855671] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.856349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.857206] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.857882] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.858600] [ 165.858825] irq event stamp: 0 [ 165.859142] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.859925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.860729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.861567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.862286] ---[ end trace 0000000000000000 ]--- [ 165.863165] ------------[ cut here ]------------ [ 165.863620] WARNING: CPU: 1 PID: 1564 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.864776] Modules linked in: [ 165.865089] CPU: 1 PID: 1564 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.865920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.867208] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.867707] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.869612] RSP: 0018:ffff888023e1fb78 EFLAGS: 00010246 [ 165.870121] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.870811] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 165.871640] RBP: ffff888023e1fb98 R08: ffffed1002e6013e R09: ffffed1002e6013e [ 165.872293] R10: ffff8880173009ef R11: ffffed1002e6013d R12: ffff888017300a90 [ 165.872949] R13: ffff8880173008a8 R14: ffffffffffffffff R15: ffff888023e1fc60 [ 165.873751] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.874534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.875075] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.875757] PKRU: 55555554 [ 165.876134] Call Trace: [ 165.876451] [ 165.876663] iommufd_ioas_destroy+0x53/0x70 [ 165.877075] iommufd_fops_release+0x1f7/0x370 [ 165.877497] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.877968] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.878587] ? write_comp_data+0x2f/0x90 [ 165.878977] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.879457] __fput+0x26d/0xa40 [ 165.879781] ____fput+0x1e/0x30 [ 165.880098] task_work_run+0x1a4/0x2d0 [ 165.880517] ? __pfx_task_work_run+0x10/0x10 [ 165.881039] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.881503] ? switch_task_namespaces+0xa9/0xe0 [ 165.881946] do_exit+0xb17/0x2ef0 [ 165.882271] ? lock_acquire+0x427/0x4c0 [ 165.882674] ? __pfx_lock_release+0x10/0x10 [ 165.883080] ? __kasan_check_write+0x18/0x20 [ 165.883497] ? do_raw_spin_lock+0x132/0x2a0 [ 165.883897] ? __pfx_do_exit+0x10/0x10 [ 165.884265] ? debug_smp_processor_id+0x20/0x30 [ 165.884695] ? rcu_is_watching+0x19/0xb0 [ 165.885149] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.885573] ? trace_hardirqs_on+0x26/0x120 [ 165.885978] do_group_exit+0xe0/0x2b0 [ 165.886332] __x64_sys_exit_group+0x47/0x50 [ 165.886745] do_syscall_64+0x3b/0x90 [ 165.887099] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.887592] RIP: 0033:0x7f4b87518a4d [ 165.887941] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.888504] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.889196] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.889861] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.890533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.891200] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.891847] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.892508] [ 165.892719] irq event stamp: 0 [ 165.893004] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.893540] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.894258] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.894996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.895543] ---[ end trace 0000000000000000 ]--- [ 165.899406] ------------[ cut here ]------------ [ 165.899848] WARNING: CPU: 1 PID: 1565 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.900706] Modules linked in: [ 165.900978] CPU: 1 PID: 1565 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.901730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.902712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.903146] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.904696] RSP: 0018:ffff88802456fbb8 EFLAGS: 00010246 [ 165.905147] RAX: 0000000000000000 RBX: ffff8880147b68a8 RCX: 0000000000000000 [ 165.905753] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 165.906357] RBP: ffff88802456fbd0 R08: ffffed10028f6d33 R09: ffffed10028f6d33 [ 165.906980] R10: ffff8880147b6993 R11: ffffed10028f6d32 R12: ffff888010f04800 [ 165.907597] R13: ffff8880147b69e8 R14: ffffffff8352e670 R15: ffff88802456fe68 [ 165.908201] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.908887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.909380] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 165.909989] PKRU: 55555554 [ 165.910232] Call Trace: [ 165.910451] [ 165.910663] __iommufd_access_detach+0x1c2/0x2b0 [ 165.910942] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 165.911084] iommufd_access_change_pt+0x149/0x270 [ 165.912891] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 165.913285] iommufd_access_replace+0xb4/0x120 [ 165.914907] iommufd_test+0x3e5/0x37e0 [ 165.915253] ? lock_release+0x532/0x770 [ 165.915608] ? __might_fault+0x102/0x1b0 [ 165.915967] ? lock_acquire+0x427/0x4c0 [ 165.916317] ? __pfx_iommufd_test+0x10/0x10 [ 165.916685] ? __pfx_lock_release+0x10/0x10 [ 165.917140] ? __pfx_lock_acquire+0x10/0x10 [ 165.917520] ? write_comp_data+0x2f/0x90 [ 165.917880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.918306] ? write_comp_data+0x2f/0x90 [ 165.918680] iommufd_fops_ioctl+0x37d/0x510 [ 165.919055] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.919488] ? write_comp_data+0x2f/0x90 [ 165.919855] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 165.920289] __x64_sys_ioctl+0x1a3/0x230 [ 165.920656] do_syscall_64+0x3b/0x90 [ 165.920995] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.921448] RIP: 0033:0x7f4b8743ee5d [ 165.921770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 165.923354] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 165.924008] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 165.924617] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 165.925223] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 165.925833] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 165.926448] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 165.927079] [ 165.927299] irq event stamp: 0 [ 165.927573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.928118] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.928849] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.929560] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.930103] ---[ end trace 0000000000000000 ]--- [ 165.933007] ------------[ cut here ]------------ [ 165.933441] WARNING: CPU: 1 PID: 1565 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 165.934303] Modules linked in: [ 165.934623] CPU: 1 PID: 1565 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.935376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.936334] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 165.936761] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 165.938333] RSP: 0018:ffff88802456fbd0 EFLAGS: 00010246 [ 165.938805] RAX: 0000000000000000 RBX: ffff8880147b68a8 RCX: 0000000000000000 [ 165.939426] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 165.940034] RBP: ffff88802456fbe8 R08: ffffed10028f6d33 R09: ffffed10028f6d33 [ 165.940640] R10: ffff8880147b6993 R11: ffffed10028f6d32 R12: ffff888018024400 [ 165.941244] R13: ffff8880147b69e8 R14: ffff888014522600 R15: 0000000000000000 [ 165.941854] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.942560] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.943057] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.943720] PKRU: 55555554 [ 165.944030] Call Trace: [ 165.944342] [ 165.944540] iommufd_access_destroy_object+0x65/0x170 [ 165.944991] iommufd_object_destroy_user+0x18e/0x220 [ 165.945434] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 165.945974] iommufd_access_destroy+0x43/0x70 [ 165.946457] iommufd_test_staccess_release+0x8d/0xd0 [ 165.946921] __fput+0x26d/0xa40 [ 165.947232] ____fput+0x1e/0x30 [ 165.947534] task_work_run+0x1a4/0x2d0 [ 165.947885] ? __pfx_task_work_run+0x10/0x10 [ 165.948268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.948692] ? switch_task_namespaces+0xa9/0xe0 [ 165.949166] do_exit+0xb17/0x2ef0 [ 165.949467] ? lock_acquire+0x427/0x4c0 [ 165.949821] ? __pfx_lock_release+0x10/0x10 [ 165.950197] ? __kasan_check_write+0x18/0x20 [ 165.950610] ? do_raw_spin_lock+0x132/0x2a0 [ 165.950990] ? __pfx_do_exit+0x10/0x10 [ 165.951344] ? debug_smp_processor_id+0x20/0x30 [ 165.951753] ? rcu_is_watching+0x19/0xb0 [ 165.952114] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.952516] ? trace_hardirqs_on+0x26/0x120 [ 165.953029] do_group_exit+0xe0/0x2b0 [ 165.953361] __x64_sys_exit_group+0x47/0x50 [ 165.953730] do_syscall_64+0x3b/0x90 [ 165.954063] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.954583] RIP: 0033:0x7f4b87518a4d [ 165.954983] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.955524] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.956170] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.956779] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.957396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.958007] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.958649] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.959276] [ 165.959483] irq event stamp: 0 [ 165.959847] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.960455] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.961172] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.961880] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.962423] ---[ end trace 0000000000000000 ]--- [ 165.963238] ------------[ cut here ]------------ [ 165.963652] WARNING: CPU: 1 PID: 1565 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 165.964670] Modules linked in: [ 165.964950] CPU: 1 PID: 1565 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 165.965700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 165.966885] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 165.967353] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 165.968949] RSP: 0018:ffff88802456fb78 EFLAGS: 00010246 [ 165.969522] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 165.970126] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 165.970760] RBP: ffff88802456fb98 R08: ffffed10028f6d3e R09: ffffed10028f6d3e [ 165.971409] R10: ffff8880147b69ef R11: ffffed10028f6d3d R12: ffff8880147b6a90 [ 165.972124] R13: ffff8880147b68a8 R14: ffffffffffffffff R15: ffff88802456fc60 [ 165.972746] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 165.973516] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 165.974081] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 165.974714] PKRU: 55555554 [ 165.974961] Call Trace: [ 165.975194] [ 165.975391] iommufd_ioas_destroy+0x53/0x70 [ 165.975847] iommufd_fops_release+0x1f7/0x370 [ 165.976302] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.976740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.977171] ? write_comp_data+0x2f/0x90 [ 165.977528] ? __pfx_iommufd_fops_release+0x10/0x10 [ 165.978103] __fput+0x26d/0xa40 [ 165.978398] ____fput+0x1e/0x30 [ 165.978716] task_work_run+0x1a4/0x2d0 [ 165.979063] ? __pfx_task_work_run+0x10/0x10 [ 165.979456] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 165.979878] ? switch_task_namespaces+0xa9/0xe0 [ 165.980411] do_exit+0xb17/0x2ef0 [ 165.980714] ? lock_acquire+0x427/0x4c0 [ 165.981129] ? __pfx_lock_release+0x10/0x10 [ 165.981513] ? __kasan_check_write+0x18/0x20 [ 165.981899] ? do_raw_spin_lock+0x132/0x2a0 [ 165.982394] ? __pfx_do_exit+0x10/0x10 [ 165.982767] ? debug_smp_processor_id+0x20/0x30 [ 165.983189] ? rcu_is_watching+0x19/0xb0 [ 165.983545] ? _raw_spin_unlock_irq+0x2b/0x60 [ 165.983943] ? trace_hardirqs_on+0x26/0x120 [ 165.984329] do_group_exit+0xe0/0x2b0 [ 165.984762] __x64_sys_exit_group+0x47/0x50 [ 165.985136] do_syscall_64+0x3b/0x90 [ 165.985470] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 165.985926] RIP: 0033:0x7f4b87518a4d [ 165.986288] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 165.986935] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 165.987601] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 165.988211] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 165.988909] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 165.989576] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 165.990189] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 165.990966] [ 165.991262] irq event stamp: 0 [ 165.991551] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 165.992133] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 165.992893] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 165.993812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 165.994390] ---[ end trace 0000000000000000 ]--- [ 165.999364] ------------[ cut here ]------------ [ 165.999842] WARNING: CPU: 1 PID: 1567 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.000945] Modules linked in: [ 166.001242] CPU: 1 PID: 1567 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.002036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.003101] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.003571] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.005205] RSP: 0018:ffff88801036fbb8 EFLAGS: 00010246 [ 166.005683] RAX: 0000000000000000 RBX: ffff88801587d8a8 RCX: 0000000000000000 [ 166.006325] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 166.006988] RBP: ffff88801036fbd0 R08: ffffed1002b0fb33 R09: ffffed1002b0fb33 [ 166.007644] R10: ffff88801587d993 R11: ffffed1002b0fb32 R12: ffff88800ae90000 [ 166.008280] R13: ffff88801587d9e8 R14: ffffffff8352e670 R15: ffff88801036fe68 [ 166.008921] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.009648] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.010173] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 166.010840] PKRU: 55555554 [ 166.011098] Call Trace: [ 166.011347] [ 166.011557] __iommufd_access_detach+0x1c2/0x2b0 [ 166.012006] iommufd_access_change_pt+0x149/0x270 [ 166.012453] iommufd_access_replace+0xb4/0x120 [ 166.012880] iommufd_test+0x3e5/0x37e0 [ 166.013330] ? lock_release+0x532/0x770 [ 166.013703] ? __might_fault+0x102/0x1b0 [ 166.014077] ? lock_acquire+0x427/0x4c0 [ 166.014451] ? __pfx_iommufd_test+0x10/0x10 [ 166.014862] ? __pfx_lock_release+0x10/0x10 [ 166.015279] ? __pfx_lock_acquire+0x10/0x10 [ 166.015683] ? write_comp_data+0x2f/0x90 [ 166.016057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.016508] ? write_comp_data+0x2f/0x90 [ 166.016887] iommufd_fops_ioctl+0x37d/0x510 [ 166.017279] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.017725] ? write_comp_data+0x2f/0x90 [ 166.018112] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.018595] __x64_sys_ioctl+0x1a3/0x230 [ 166.018983] do_syscall_64+0x3b/0x90 [ 166.019356] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.019831] RIP: 0033:0x7f4b8743ee5d [ 166.020167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.021807] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.022499] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.023170] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.023814] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.024465] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.025106] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.025755] [ 166.025966] irq event stamp: 0 [ 166.026254] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.026841] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.027618] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.028388] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.028955] ---[ end trace 0000000000000000 ]--- [ 166.031931] ------------[ cut here ]------------ [ 166.032364] WARNING: CPU: 1 PID: 1567 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.033428] Modules linked in: [ 166.033706] CPU: 1 PID: 1567 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.034454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.035605] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.036043] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.037642] RSP: 0018:ffff88801036fbd0 EFLAGS: 00010246 [ 166.038162] RAX: 0000000000000000 RBX: ffff88801587d8a8 RCX: 0000000000000000 [ 166.038784] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 166.039407] RBP: ffff88801036fbe8 R08: ffffed1002b0fb33 R09: ffffed1002b0fb33 [ 166.040160] R10: ffff88801587d993 R11: ffffed1002b0fb32 R12: ffff888010f06c00 [ 166.040771] R13: ffff88801587d9e8 R14: ffff888013727c00 R15: 0000000000000000 [ 166.041375] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.042196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.042711] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.043338] PKRU: 55555554 [ 166.043583] Call Trace: [ 166.043803] [ 166.044014] iommufd_access_destroy_object+0x65/0x170 [ 166.044588] iommufd_object_destroy_user+0x18e/0x220 [ 166.045098] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.045610] iommufd_access_destroy+0x43/0x70 [ 166.046009] iommufd_test_staccess_release+0x8d/0xd0 [ 166.046625] __fput+0x26d/0xa40 [ 166.046929] ____fput+0x1e/0x30 [ 166.047231] task_work_run+0x1a4/0x2d0 [ 166.047577] ? __pfx_task_work_run+0x10/0x10 [ 166.047962] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.048387] ? switch_task_namespaces+0xa9/0xe0 [ 166.048798] do_exit+0xb17/0x2ef0 [ 166.049097] ? lock_acquire+0x427/0x4c0 [ 166.049447] ? __pfx_lock_release+0x10/0x10 [ 166.049823] ? __kasan_check_write+0x18/0x20 [ 166.050211] ? do_raw_spin_lock+0x132/0x2a0 [ 166.050612] ? __pfx_do_exit+0x10/0x10 [ 166.050957] ? debug_smp_processor_id+0x20/0x30 [ 166.051367] ? rcu_is_watching+0x19/0xb0 [ 166.051719] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.052114] ? trace_hardirqs_on+0x26/0x120 [ 166.052489] do_group_exit+0xe0/0x2b0 [ 166.052815] __x64_sys_exit_group+0x47/0x50 [ 166.053181] do_syscall_64+0x3b/0x90 [ 166.053508] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.053958] RIP: 0033:0x7f4b87518a4d [ 166.054278] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.054819] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.055480] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.056087] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.056697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.057312] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.057917] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.058564] [ 166.058770] irq event stamp: 0 [ 166.059041] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.059600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.060317] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.061028] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.061569] ---[ end trace 0000000000000000 ]--- [ 166.062353] ------------[ cut here ]------------ [ 166.062793] WARNING: CPU: 1 PID: 1567 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.063679] Modules linked in: [ 166.063958] CPU: 1 PID: 1567 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.064706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.065667] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.066105] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.067776] RSP: 0018:ffff88801036fb78 EFLAGS: 00010246 [ 166.068240] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.068847] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 166.069465] RBP: ffff88801036fb98 R08: ffffed1002b0fb3e R09: ffffed1002b0fb3e [ 166.070071] R10: ffff88801587d9ef R11: ffffed1002b0fb3d R12: ffff88801587da90 [ 166.070702] R13: ffff88801587d8a8 R14: ffffffffffffffff R15: ffff88801036fc60 [ 166.071326] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.072015] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.072510] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.073114] PKRU: 55555554 [ 166.073361] Call Trace: [ 166.073581] [ 166.073781] iommufd_ioas_destroy+0x53/0x70 [ 166.074158] iommufd_fops_release+0x1f7/0x370 [ 166.074574] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.075010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.075446] ? write_comp_data+0x2f/0x90 [ 166.075811] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.076245] __fput+0x26d/0xa40 [ 166.076547] ____fput+0x1e/0x30 [ 166.076846] task_work_run+0x1a4/0x2d0 [ 166.077255] ? __pfx_task_work_run+0x10/0x10 [ 166.077640] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.078060] ? switch_task_namespaces+0xa9/0xe0 [ 166.078477] do_exit+0xb17/0x2ef0 [ 166.078811] ? lock_acquire+0x427/0x4c0 [ 166.079199] ? __pfx_lock_release+0x10/0x10 [ 166.079583] ? __kasan_check_write+0x18/0x20 [ 166.079963] ? do_raw_spin_lock+0x132/0x2a0 [ 166.080331] ? __pfx_do_exit+0x10/0x10 [ 166.080672] ? debug_smp_processor_id+0x20/0x30 [ 166.081072] ? rcu_is_watching+0x19/0xb0 [ 166.081422] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.081814] ? trace_hardirqs_on+0x26/0x120 [ 166.082190] do_group_exit+0xe0/0x2b0 [ 166.082523] __x64_sys_exit_group+0x47/0x50 [ 166.082871] do_syscall_64+0x3b/0x90 [ 166.083189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.083612] RIP: 0033:0x7f4b87518a4d [ 166.083913] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.084407] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.085016] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.085586] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.086152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.086747] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.087327] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.087906] [ 166.088094] irq event stamp: 0 [ 166.088348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.088860] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.089529] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.090194] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.090709] ---[ end trace 0000000000000000 ]--- [ 166.095208] ------------[ cut here ]------------ [ 166.095631] WARNING: CPU: 1 PID: 1568 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.096441] Modules linked in: [ 166.096698] CPU: 1 PID: 1568 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.097395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.098292] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.098833] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.100305] RSP: 0018:ffff8880134bfbb8 EFLAGS: 00010246 [ 166.100732] RAX: 0000000000000000 RBX: ffff88800b9fe8a8 RCX: 0000000000000000 [ 166.101297] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 166.101867] RBP: ffff8880134bfbd0 R08: ffffed100173fd33 R09: ffffed100173fd33 [ 166.102439] R10: ffff88800b9fe993 R11: ffffed100173fd32 R12: ffff888012e96400 [ 166.103023] R13: ffff88800b9fe9e8 R14: ffffffff8352e670 R15: ffff8880134bfe68 [ 166.103604] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.104247] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.104710] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 166.105282] PKRU: 55555554 [ 166.105508] Call Trace: [ 166.105718] [ 166.105900] __iommufd_access_detach+0x1c2/0x2b0 [ 166.106299] iommufd_access_change_pt+0x149/0x270 [ 166.106712] iommufd_access_replace+0xb4/0x120 [ 166.107101] iommufd_test+0x3e5/0x37e0 [ 166.107436] ? lock_release+0x532/0x770 [ 166.107768] ? __might_fault+0x102/0x1b0 [ 166.108103] ? lock_acquire+0x427/0x4c0 [ 166.108435] ? __pfx_iommufd_test+0x10/0x10 [ 166.108785] ? __pfx_lock_release+0x10/0x10 [ 166.109218] ? __pfx_lock_acquire+0x10/0x10 [ 166.109577] ? write_comp_data+0x2f/0x90 [ 166.109921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.110319] ? write_comp_data+0x2f/0x90 [ 166.110681] iommufd_fops_ioctl+0x37d/0x510 [ 166.111038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.111445] ? write_comp_data+0x2f/0x90 [ 166.111783] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.112177] __x64_sys_ioctl+0x1a3/0x230 [ 166.112521] do_syscall_64+0x3b/0x90 [ 166.112834] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.113261] RIP: 0033:0x7f4b8743ee5d [ 166.113563] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.115043] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.115667] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.116242] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.116811] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.117382] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.117956] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.118552] [ 166.118748] irq event stamp: 0 [ 166.119005] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.119522] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.120192] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.120867] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.121374] ---[ end trace 0000000000000000 ]--- [ 166.124170] ------------[ cut here ]------------ [ 166.124584] WARNING: CPU: 1 PID: 1568 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.125395] Modules linked in: [ 166.125659] CPU: 1 PID: 1568 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.126360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.127291] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.127701] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.129164] RSP: 0018:ffff8880134bfbd0 EFLAGS: 00010246 [ 166.129603] RAX: 0000000000000000 RBX: ffff88800b9fe8a8 RCX: 0000000000000000 [ 166.130189] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 166.130786] RBP: ffff8880134bfbe8 R08: ffffed100173fd33 R09: ffffed100173fd33 [ 166.131385] R10: ffff88800b9fe993 R11: ffffed100173fd32 R12: ffff88800ae93c00 [ 166.131958] R13: ffff88800b9fe9e8 R14: ffff8880144e5000 R15: 0000000000000000 [ 166.132536] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.133183] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.133657] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.134232] PKRU: 55555554 [ 166.134467] Call Trace: [ 166.134699] [ 166.134889] iommufd_access_destroy_object+0x65/0x170 [ 166.135324] iommufd_object_destroy_user+0x18e/0x220 [ 166.135738] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.136216] iommufd_access_destroy+0x43/0x70 [ 166.136590] iommufd_test_staccess_release+0x8d/0xd0 [ 166.137008] __fput+0x26d/0xa40 [ 166.137291] ____fput+0x1e/0x30 [ 166.137571] task_work_run+0x1a4/0x2d0 [ 166.137896] ? __pfx_task_work_run+0x10/0x10 [ 166.138259] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.138685] ? switch_task_namespaces+0xa9/0xe0 [ 166.139076] do_exit+0xb17/0x2ef0 [ 166.139375] ? lock_acquire+0x427/0x4c0 [ 166.139709] ? __pfx_lock_release+0x10/0x10 [ 166.140062] ? __kasan_check_write+0x18/0x20 [ 166.140420] ? do_raw_spin_lock+0x132/0x2a0 [ 166.140832] ? __pfx_do_exit+0x10/0x10 [ 166.141167] ? debug_smp_processor_id+0x20/0x30 [ 166.141544] ? rcu_is_watching+0x19/0xb0 [ 166.141870] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.142243] ? trace_hardirqs_on+0x26/0x120 [ 166.142614] do_group_exit+0xe0/0x2b0 [ 166.142918] __x64_sys_exit_group+0x47/0x50 [ 166.143261] do_syscall_64+0x3b/0x90 [ 166.143564] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.143976] RIP: 0033:0x7f4b87518a4d [ 166.144269] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.144747] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.145334] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.145883] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.146433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.147013] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.147573] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.148124] [ 166.148307] irq event stamp: 0 [ 166.148555] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.149044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.149690] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.150330] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.150834] ---[ end trace 0000000000000000 ]--- [ 166.151535] ------------[ cut here ]------------ [ 166.151902] WARNING: CPU: 1 PID: 1568 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.152684] Modules linked in: [ 166.152931] CPU: 1 PID: 1568 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.153602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.154464] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.154888] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.156301] RSP: 0018:ffff8880134bfb78 EFLAGS: 00010246 [ 166.156713] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.157259] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 166.157804] RBP: ffff8880134bfb98 R08: ffffed100173fd3e R09: ffffed100173fd3e [ 166.158348] R10: ffff88800b9fe9ef R11: ffffed100173fd3d R12: ffff88800b9fea90 [ 166.158910] R13: ffff88800b9fe8a8 R14: ffffffffffffffff R15: ffff8880134bfc60 [ 166.159462] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.160076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.160537] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.161081] PKRU: 55555554 [ 166.161298] Call Trace: [ 166.161498] [ 166.161673] iommufd_ioas_destroy+0x53/0x70 [ 166.162009] iommufd_fops_release+0x1f7/0x370 [ 166.162361] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.162768] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.163160] ? write_comp_data+0x2f/0x90 [ 166.163488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.163882] __fput+0x26d/0xa40 [ 166.164158] ____fput+0x1e/0x30 [ 166.164424] task_work_run+0x1a4/0x2d0 [ 166.164739] ? __pfx_task_work_run+0x10/0x10 [ 166.165169] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.165642] ? switch_task_namespaces+0xa9/0xe0 [ 166.166019] do_exit+0xb17/0x2ef0 [ 166.166287] ? lock_acquire+0x427/0x4c0 [ 166.166629] ? __pfx_lock_release+0x10/0x10 [ 166.166971] ? __kasan_check_write+0x18/0x20 [ 166.167393] ? do_raw_spin_lock+0x132/0x2a0 [ 166.167750] ? __pfx_do_exit+0x10/0x10 [ 166.168063] ? debug_smp_processor_id+0x20/0x30 [ 166.168436] ? rcu_is_watching+0x19/0xb0 [ 166.168753] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.169111] ? trace_hardirqs_on+0x26/0x120 [ 166.169527] do_group_exit+0xe0/0x2b0 [ 166.169891] __x64_sys_exit_group+0x47/0x50 [ 166.170232] do_syscall_64+0x3b/0x90 [ 166.170545] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.170954] RIP: 0033:0x7f4b87518a4d [ 166.171254] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.171802] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.172444] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.173054] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.173670] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.174267] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.174844] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.175412] [ 166.175598] irq event stamp: 0 [ 166.175908] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.176449] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.177102] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.177796] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.178340] ---[ end trace 0000000000000000 ]--- [ 166.182168] ------------[ cut here ]------------ [ 166.182635] WARNING: CPU: 1 PID: 1569 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.183448] Modules linked in: [ 166.183732] CPU: 1 PID: 1569 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.184486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.185344] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.185791] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.187250] RSP: 0018:ffff88802456fbb8 EFLAGS: 00010246 [ 166.187675] RAX: 0000000000000000 RBX: ffff8880145b80a8 RCX: 0000000000000000 [ 166.188357] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 166.188913] RBP: ffff88802456fbd0 R08: ffffed10028b7033 R09: ffffed10028b7033 [ 166.189477] R10: ffff8880145b8193 R11: ffffed10028b7032 R12: ffff888010c0a800 [ 166.190165] R13: ffff8880145b81e8 R14: ffffffff8352e670 R15: ffff88802456fe68 [ 166.190758] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.191422] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.191916] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 166.192592] PKRU: 55555554 [ 166.192827] Call Trace: [ 166.193036] [ 166.193223] __iommufd_access_detach+0x1c2/0x2b0 [ 166.193626] iommufd_access_change_pt+0x149/0x270 [ 166.194163] iommufd_access_replace+0xb4/0x120 [ 166.194581] iommufd_test+0x3e5/0x37e0 [ 166.194910] ? lock_release+0x532/0x770 [ 166.195256] ? __might_fault+0x102/0x1b0 [ 166.195598] ? lock_acquire+0x427/0x4c0 [ 166.195939] ? __pfx_iommufd_test+0x10/0x10 [ 166.196362] ? __pfx_lock_release+0x10/0x10 [ 166.196759] ? __pfx_lock_acquire+0x10/0x10 [ 166.197121] ? write_comp_data+0x2f/0x90 [ 166.197464] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.197864] ? write_comp_data+0x2f/0x90 [ 166.198322] iommufd_fops_ioctl+0x37d/0x510 [ 166.198707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.199126] ? write_comp_data+0x2f/0x90 [ 166.199470] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.199873] __x64_sys_ioctl+0x1a3/0x230 [ 166.200218] do_syscall_64+0x3b/0x90 [ 166.200612] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.201091] RIP: 0033:0x7f4b8743ee5d [ 166.201402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.203022] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.203658] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.204237] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.204921] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.205575] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.206152] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.206883] [ 166.207078] irq event stamp: 0 [ 166.207345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.207857] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.208538] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.209341] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.209861] ---[ end trace 0000000000000000 ]--- [ 166.212790] ------------[ cut here ]------------ [ 166.213322] WARNING: CPU: 1 PID: 1569 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.214152] Modules linked in: [ 166.214413] CPU: 1 PID: 1569 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.215187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.216150] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.216554] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.218202] RSP: 0018:ffff88802456fbd0 EFLAGS: 00010246 [ 166.218675] RAX: 0000000000000000 RBX: ffff8880145b80a8 RCX: 0000000000000000 [ 166.219307] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 166.220040] RBP: ffff88802456fbe8 R08: ffffed10028b7033 R09: ffffed10028b7033 [ 166.220638] R10: ffff8880145b8193 R11: ffffed10028b7032 R12: ffff888012e94400 [ 166.221240] R13: ffff8880145b81e8 R14: ffff888012018900 R15: 0000000000000000 [ 166.221977] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.222677] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.223179] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 166.223816] PKRU: 55555554 [ 166.224103] Call Trace: [ 166.224382] [ 166.224578] iommufd_access_destroy_object+0x65/0x170 [ 166.225029] iommufd_object_destroy_user+0x18e/0x220 [ 166.225475] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.226029] iommufd_access_destroy+0x43/0x70 [ 166.226491] iommufd_test_staccess_release+0x8d/0xd0 [ 166.226967] __fput+0x26d/0xa40 [ 166.227283] ____fput+0x1e/0x30 [ 166.227582] task_work_run+0x1a4/0x2d0 [ 166.227928] ? __pfx_task_work_run+0x10/0x10 [ 166.228337] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.228881] ? switch_task_namespaces+0xa9/0xe0 [ 166.229299] do_exit+0xb17/0x2ef0 [ 166.229601] ? lock_acquire+0x427/0x4c0 [ 166.229961] ? __pfx_lock_release+0x10/0x10 [ 166.230375] ? __kasan_check_write+0x18/0x20 [ 166.230900] ? do_raw_spin_lock+0x132/0x2a0 [ 166.231298] ? __pfx_do_exit+0x10/0x10 [ 166.231648] ? debug_smp_processor_id+0x20/0x30 [ 166.232054] ? rcu_is_watching+0x19/0xb0 [ 166.232410] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.232883] ? trace_hardirqs_on+0x26/0x120 [ 166.233330] do_group_exit+0xe0/0x2b0 [ 166.233673] __x64_sys_exit_group+0x47/0x50 [ 166.234051] do_syscall_64+0x3b/0x90 [ 166.234389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.234901] RIP: 0033:0x7f4b87518a4d [ 166.235332] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.235868] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.236527] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.237220] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.237963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.238603] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.239254] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.240004] [ 166.240222] irq event stamp: 0 [ 166.240497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.241042] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.241851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.242632] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.243185] ---[ end trace 0000000000000000 ]--- [ 166.243953] ------------[ cut here ]------------ [ 166.244447] WARNING: CPU: 1 PID: 1569 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.245333] Modules linked in: [ 166.245618] CPU: 1 PID: 1569 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.246363] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.247365] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.247815] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.249365] RSP: 0018:ffff88802456fb78 EFLAGS: 00010246 [ 166.249828] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.250436] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 166.251106] RBP: ffff88802456fb98 R08: ffffed10028b703e R09: ffffed10028b703e [ 166.251731] R10: ffff8880145b81ef R11: ffffed10028b703d R12: ffff8880145b8290 [ 166.252343] R13: ffff8880145b80a8 R14: ffffffffffffffff R15: ffff88802456fc60 [ 166.252950] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.253660] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.254154] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 166.254886] PKRU: 55555554 [ 166.255143] Call Trace: [ 166.255370] [ 166.255566] iommufd_ioas_destroy+0x53/0x70 [ 166.255947] iommufd_fops_release+0x1f7/0x370 [ 166.256372] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.256807] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.257236] ? write_comp_data+0x2f/0x90 [ 166.257594] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.258026] __fput+0x26d/0xa40 [ 166.258332] ____fput+0x1e/0x30 [ 166.258650] task_work_run+0x1a4/0x2d0 [ 166.258996] ? __pfx_task_work_run+0x10/0x10 [ 166.259393] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.259823] ? switch_task_namespaces+0xa9/0xe0 [ 166.260234] do_exit+0xb17/0x2ef0 [ 166.260534] ? lock_acquire+0x427/0x4c0 [ 166.260886] ? __pfx_lock_release+0x10/0x10 [ 166.261262] ? __kasan_check_write+0x18/0x20 [ 166.261647] ? do_raw_spin_lock+0x132/0x2a0 [ 166.262029] ? __pfx_do_exit+0x10/0x10 [ 166.262375] ? debug_smp_processor_id+0x20/0x30 [ 166.262800] ? rcu_is_watching+0x19/0xb0 [ 166.263166] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.263568] ? trace_hardirqs_on+0x26/0x120 [ 166.263948] do_group_exit+0xe0/0x2b0 [ 166.264279] __x64_sys_exit_group+0x47/0x50 [ 166.264646] do_syscall_64+0x3b/0x90 [ 166.264976] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.265432] RIP: 0033:0x7f4b87518a4d [ 166.265757] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.266281] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.266949] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.267579] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.268183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.268793] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.269453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.270065] [ 166.270265] irq event stamp: 0 [ 166.270557] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.271097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.271819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.272531] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.273064] ---[ end trace 0000000000000000 ]--- [ 166.277983] ------------[ cut here ]------------ [ 166.278451] WARNING: CPU: 0 PID: 1570 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.279426] Modules linked in: [ 166.279718] CPU: 0 PID: 1570 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.280485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.281478] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.281916] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.283577] RSP: 0018:ffff8880134bfbb8 EFLAGS: 00010246 [ 166.284194] RAX: 0000000000000000 RBX: ffff8880146208a8 RCX: 0000000000000000 [ 166.284869] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 166.285479] RBP: ffff8880134bfbd0 R08: ffffed10028c4133 R09: ffffed10028c4133 [ 166.286084] R10: ffff888014620993 R11: ffffed10028c4132 R12: ffff888013b22400 [ 166.286715] R13: ffff8880146209e8 R14: ffffffff8352e670 R15: ffff8880134bfe68 [ 166.287342] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.288025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.288522] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 166.289133] PKRU: 55555554 [ 166.289381] Call Trace: [ 166.289600] [ 166.289796] __iommufd_access_detach+0x1c2/0x2b0 [ 166.290225] iommufd_access_change_pt+0x149/0x270 [ 166.290667] iommufd_access_replace+0xb4/0x120 [ 166.291072] iommufd_test+0x3e5/0x37e0 [ 166.291417] ? lock_release+0x532/0x770 [ 166.291770] ? __might_fault+0x102/0x1b0 [ 166.292129] ? lock_acquire+0x427/0x4c0 [ 166.292481] ? __pfx_iommufd_test+0x10/0x10 [ 166.292849] ? __pfx_lock_release+0x10/0x10 [ 166.293225] ? __pfx_lock_acquire+0x10/0x10 [ 166.293606] ? write_comp_data+0x2f/0x90 [ 166.293970] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.294394] ? write_comp_data+0x2f/0x90 [ 166.294778] iommufd_fops_ioctl+0x37d/0x510 [ 166.295170] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.295593] ? write_comp_data+0x2f/0x90 [ 166.295952] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.296379] __x64_sys_ioctl+0x1a3/0x230 [ 166.296745] do_syscall_64+0x3b/0x90 [ 166.297080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.297545] RIP: 0033:0x7f4b8743ee5d [ 166.297869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.299469] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.300138] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.300761] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.301371] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.301979] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.302607] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.303248] [ 166.303450] irq event stamp: 0 [ 166.303718] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.304253] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.304973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.305688] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.306227] ---[ end trace 0000000000000000 ]--- [ 166.309498] ------------[ cut here ]------------ [ 166.309945] WARNING: CPU: 0 PID: 1570 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.310858] Modules linked in: [ 166.311160] CPU: 0 PID: 1570 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.311910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.312859] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.313287] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.314864] RSP: 0018:ffff8880134bfbd0 EFLAGS: 00010246 [ 166.315341] RAX: 0000000000000000 RBX: ffff8880146208a8 RCX: 0000000000000000 [ 166.315949] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 166.316556] RBP: ffff8880134bfbe8 R08: ffffed10028c4133 R09: ffffed10028c4133 [ 166.317162] R10: ffff888014620993 R11: ffffed10028c4132 R12: ffff888020fedc00 [ 166.317769] R13: ffff8880146209e8 R14: ffff8880103c3700 R15: 0000000000000000 [ 166.318379] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.319090] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.319603] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 166.320216] PKRU: 55555554 [ 166.320463] Call Trace: [ 166.320685] [ 166.320880] iommufd_access_destroy_object+0x65/0x170 [ 166.321327] iommufd_object_destroy_user+0x18e/0x220 [ 166.321775] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.322280] iommufd_access_destroy+0x43/0x70 [ 166.322693] iommufd_test_staccess_release+0x8d/0xd0 [ 166.323151] __fput+0x26d/0xa40 [ 166.323455] ____fput+0x1e/0x30 [ 166.323748] task_work_run+0x1a4/0x2d0 [ 166.324093] ? __pfx_task_work_run+0x10/0x10 [ 166.324479] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.324902] ? switch_task_namespaces+0xa9/0xe0 [ 166.325315] do_exit+0xb17/0x2ef0 [ 166.325619] ? lock_acquire+0x427/0x4c0 [ 166.325969] ? __pfx_lock_release+0x10/0x10 [ 166.326344] ? __kasan_check_write+0x18/0x20 [ 166.326755] ? do_raw_spin_lock+0x132/0x2a0 [ 166.327133] ? __pfx_do_exit+0x10/0x10 [ 166.327479] ? debug_smp_processor_id+0x20/0x30 [ 166.327879] ? rcu_is_watching+0x19/0xb0 [ 166.328226] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.328620] ? trace_hardirqs_on+0x26/0x120 [ 166.328994] do_group_exit+0xe0/0x2b0 [ 166.329321] __x64_sys_exit_group+0x47/0x50 [ 166.329683] do_syscall_64+0x3b/0x90 [ 166.330011] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.330460] RIP: 0033:0x7f4b87518a4d [ 166.330803] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.331341] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.331983] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.332596] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.333193] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.333791] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.334385] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.335017] [ 166.335231] irq event stamp: 0 [ 166.335500] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.336034] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.336742] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.337445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.337970] ---[ end trace 0000000000000000 ]--- [ 166.338751] ------------[ cut here ]------------ [ 166.339171] WARNING: CPU: 0 PID: 1570 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.340034] Modules linked in: [ 166.340305] CPU: 0 PID: 1570 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.341038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.341985] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.342419] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.344027] RSP: 0018:ffff8880134bfb78 EFLAGS: 00010246 [ 166.344486] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.345100] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 166.345700] RBP: ffff8880134bfb98 R08: ffffed10028c413e R09: ffffed10028c413e [ 166.346307] R10: ffff8880146209ef R11: ffffed10028c413d R12: ffff888014620a90 [ 166.347161] R13: ffff8880146208a8 R14: ffffffffffffffff R15: ffff8880134bfc60 [ 166.347781] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.348466] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.348957] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 166.349560] PKRU: 55555554 [ 166.349801] Call Trace: [ 166.350017] [ 166.350210] iommufd_ioas_destroy+0x53/0x70 [ 166.350619] iommufd_fops_release+0x1f7/0x370 [ 166.351015] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.351461] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.351881] ? write_comp_data+0x2f/0x90 [ 166.352233] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.352662] __fput+0x26d/0xa40 [ 166.352960] ____fput+0x1e/0x30 [ 166.353250] task_work_run+0x1a4/0x2d0 [ 166.353604] ? __pfx_task_work_run+0x10/0x10 [ 166.353983] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.354401] ? switch_task_namespaces+0xa9/0xe0 [ 166.354841] do_exit+0xb17/0x2ef0 [ 166.355171] ? lock_acquire+0x427/0x4c0 [ 166.355523] ? __pfx_lock_release+0x10/0x10 [ 166.355897] ? __kasan_check_write+0x18/0x20 [ 166.356282] ? do_raw_spin_lock+0x132/0x2a0 [ 166.356655] ? __pfx_do_exit+0x10/0x10 [ 166.356999] ? debug_smp_processor_id+0x20/0x30 [ 166.357399] ? rcu_is_watching+0x19/0xb0 [ 166.357747] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.358136] ? trace_hardirqs_on+0x26/0x120 [ 166.358533] do_group_exit+0xe0/0x2b0 [ 166.358862] __x64_sys_exit_group+0x47/0x50 [ 166.359243] do_syscall_64+0x3b/0x90 [ 166.359576] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.360021] RIP: 0033:0x7f4b87518a4d [ 166.360347] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.360867] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.361509] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.362110] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.362734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.363362] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.363959] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.364573] [ 166.364773] irq event stamp: 0 [ 166.365046] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.365576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.366294] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.367027] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.367574] ---[ end trace 0000000000000000 ]--- [ 166.371773] ------------[ cut here ]------------ [ 166.372216] WARNING: CPU: 0 PID: 1571 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.373067] Modules linked in: [ 166.373336] CPU: 0 PID: 1571 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.374071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.375055] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.375501] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.377041] RSP: 0018:ffff8880178cfbb8 EFLAGS: 00010246 [ 166.377490] RAX: 0000000000000000 RBX: ffff8880188e08a8 RCX: 0000000000000000 [ 166.378085] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 166.378705] RBP: ffff8880178cfbd0 R08: ffffed100311c133 R09: ffffed100311c133 [ 166.379328] R10: ffff8880188e0993 R11: ffffed100311c132 R12: ffff888013ed9400 [ 166.379937] R13: ffff8880188e09e8 R14: ffffffff8352e670 R15: ffff8880178cfe68 [ 166.380543] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.381237] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.381741] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 166.382341] PKRU: 55555554 [ 166.382606] Call Trace: [ 166.382840] [ 166.383032] __iommufd_access_detach+0x1c2/0x2b0 [ 166.383477] iommufd_access_change_pt+0x149/0x270 [ 166.383899] iommufd_access_replace+0xb4/0x120 [ 166.384298] iommufd_test+0x3e5/0x37e0 [ 166.384633] ? lock_release+0x532/0x770 [ 166.384983] ? __might_fault+0x102/0x1b0 [ 166.385342] ? lock_acquire+0x427/0x4c0 [ 166.385704] ? __pfx_iommufd_test+0x10/0x10 [ 166.386070] ? __pfx_lock_release+0x10/0x10 [ 166.386445] ? __pfx_lock_acquire+0x10/0x10 [ 166.386850] ? write_comp_data+0x2f/0x90 [ 166.387218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.387641] ? write_comp_data+0x2f/0x90 [ 166.387994] iommufd_fops_ioctl+0x37d/0x510 [ 166.388376] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.388795] ? write_comp_data+0x2f/0x90 [ 166.389152] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.389569] __x64_sys_ioctl+0x1a3/0x230 [ 166.389937] do_syscall_64+0x3b/0x90 [ 166.390274] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.390745] RIP: 0033:0x7f4b8743ee5d [ 166.391067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.392631] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.393285] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.393896] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.394506] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.395160] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.395768] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.396390] [ 166.396593] irq event stamp: 0 [ 166.396856] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.397394] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.398118] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.398857] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.399400] ---[ end trace 0000000000000000 ]--- [ 166.402154] ------------[ cut here ]------------ [ 166.402654] WARNING: CPU: 0 PID: 1571 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.403535] Modules linked in: [ 166.403803] CPU: 0 PID: 1571 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.404545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.405489] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.405909] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.407475] RSP: 0018:ffff8880178cfbd0 EFLAGS: 00010246 [ 166.407926] RAX: 0000000000000000 RBX: ffff8880188e08a8 RCX: 0000000000000000 [ 166.408521] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 166.409126] RBP: ffff8880178cfbe8 R08: ffffed100311c133 R09: ffffed100311c133 [ 166.409733] R10: ffff8880188e0993 R11: ffffed100311c132 R12: ffff888013b20800 [ 166.410326] R13: ffff8880188e09e8 R14: ffff888020903900 R15: 0000000000000000 [ 166.410946] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.411634] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.412118] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 166.412720] PKRU: 55555554 [ 166.412970] Call Trace: [ 166.413188] [ 166.413380] iommufd_access_destroy_object+0x65/0x170 [ 166.413824] iommufd_object_destroy_user+0x18e/0x220 [ 166.414263] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.414785] iommufd_access_destroy+0x43/0x70 [ 166.415193] iommufd_test_staccess_release+0x8d/0xd0 [ 166.415637] __fput+0x26d/0xa40 [ 166.415930] ____fput+0x1e/0x30 [ 166.416220] task_work_run+0x1a4/0x2d0 [ 166.416559] ? __pfx_task_work_run+0x10/0x10 [ 166.416947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.417376] ? switch_task_namespaces+0xa9/0xe0 [ 166.417778] do_exit+0xb17/0x2ef0 [ 166.418077] ? lock_acquire+0x427/0x4c0 [ 166.418426] ? __pfx_lock_release+0x10/0x10 [ 166.418815] ? __kasan_check_write+0x18/0x20 [ 166.419215] ? do_raw_spin_lock+0x132/0x2a0 [ 166.419597] ? __pfx_do_exit+0x10/0x10 [ 166.419953] ? debug_smp_processor_id+0x20/0x30 [ 166.420463] ? rcu_is_watching+0x19/0xb0 [ 166.420982] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.421379] ? trace_hardirqs_on+0x26/0x120 [ 166.421759] do_group_exit+0xe0/0x2b0 [ 166.422083] __x64_sys_exit_group+0x47/0x50 [ 166.422727] do_syscall_64+0x3b/0x90 [ 166.423056] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.423519] RIP: 0033:0x7f4b87518a4d [ 166.423834] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.424371] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.425215] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.425815] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.426697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.427332] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.427935] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.428632] [ 166.429006] irq event stamp: 0 [ 166.429287] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.429839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.430797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.431515] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.432065] ---[ end trace 0000000000000000 ]--- [ 166.432855] ------------[ cut here ]------------ [ 166.433416] WARNING: CPU: 0 PID: 1571 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.434282] Modules linked in: [ 166.434687] CPU: 0 PID: 1571 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.435583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.436550] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.437211] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.439107] RSP: 0018:ffff8880178cfb78 EFLAGS: 00010246 [ 166.439561] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.440120] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 166.440712] RBP: ffff8880178cfb98 R08: ffffed100311c13e R09: ffffed100311c13e [ 166.441464] R10: ffff8880188e09ef R11: ffffed100311c13d R12: ffff8880188e0a90 [ 166.442038] R13: ffff8880188e08a8 R14: ffffffffffffffff R15: ffff8880178cfc60 [ 166.442820] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.443485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.443955] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 166.444605] PKRU: 55555554 [ 166.444982] Call Trace: [ 166.445202] [ 166.445403] iommufd_ioas_destroy+0x53/0x70 [ 166.445784] iommufd_fops_release+0x1f7/0x370 [ 166.446178] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.446850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.447283] ? write_comp_data+0x2f/0x90 [ 166.447640] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.448072] __fput+0x26d/0xa40 [ 166.448373] ____fput+0x1e/0x30 [ 166.448732] task_work_run+0x1a4/0x2d0 [ 166.449228] ? __pfx_task_work_run+0x10/0x10 [ 166.449614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.450029] ? switch_task_namespaces+0xa9/0xe0 [ 166.450488] do_exit+0xb17/0x2ef0 [ 166.450966] ? lock_acquire+0x427/0x4c0 [ 166.451340] ? __pfx_lock_release+0x10/0x10 [ 166.451723] ? __kasan_check_write+0x18/0x20 [ 166.452103] ? do_raw_spin_lock+0x132/0x2a0 [ 166.452493] ? __pfx_do_exit+0x10/0x10 [ 166.453018] ? debug_smp_processor_id+0x20/0x30 [ 166.453428] ? rcu_is_watching+0x19/0xb0 [ 166.453775] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.454161] ? trace_hardirqs_on+0x26/0x120 [ 166.454751] do_group_exit+0xe0/0x2b0 [ 166.455085] __x64_sys_exit_group+0x47/0x50 [ 166.455492] do_syscall_64+0x3b/0x90 [ 166.455849] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.456325] RIP: 0033:0x7f4b87518a4d [ 166.456657] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.457200] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.457865] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.458489] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.459153] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.459777] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.460411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.461044] [ 166.461249] irq event stamp: 0 [ 166.461532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.462092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.462859] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.463614] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.464176] ---[ end trace 0000000000000000 ]--- [ 166.468950] ------------[ cut here ]------------ [ 166.469469] WARNING: CPU: 0 PID: 1572 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.470484] Modules linked in: [ 166.470850] CPU: 0 PID: 1572 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.471701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.472814] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.473271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.474905] RSP: 0018:ffff888023c9fbb8 EFLAGS: 00010246 [ 166.475397] RAX: 0000000000000000 RBX: ffff8880139cf0a8 RCX: 0000000000000000 [ 166.476028] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 166.476654] RBP: ffff888023c9fbd0 R08: ffffed1002739e33 R09: ffffed1002739e33 [ 166.477279] R10: ffff8880139cf193 R11: ffffed1002739e32 R12: ffff888010c54400 [ 166.477906] R13: ffff8880139cf1e8 R14: ffffffff8352e670 R15: ffff888023c9fe68 [ 166.478563] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.479294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.479802] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 166.480431] PKRU: 55555554 [ 166.480688] Call Trace: [ 166.480920] [ 166.481127] __iommufd_access_detach+0x1c2/0x2b0 [ 166.481579] iommufd_access_change_pt+0x149/0x270 [ 166.482029] iommufd_access_replace+0xb4/0x120 [ 166.482454] iommufd_test+0x3e5/0x37e0 [ 166.482843] ? lock_release+0x532/0x770 [ 166.483239] ? __might_fault+0x102/0x1b0 [ 166.483617] ? lock_acquire+0x427/0x4c0 [ 166.483981] ? __pfx_iommufd_test+0x10/0x10 [ 166.484364] ? __pfx_lock_release+0x10/0x10 [ 166.484759] ? __pfx_lock_acquire+0x10/0x10 [ 166.485156] ? write_comp_data+0x2f/0x90 [ 166.485535] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.485991] ? write_comp_data+0x2f/0x90 [ 166.486369] iommufd_fops_ioctl+0x37d/0x510 [ 166.486800] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.487268] ? write_comp_data+0x2f/0x90 [ 166.487649] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.488079] __x64_sys_ioctl+0x1a3/0x230 [ 166.488453] do_syscall_64+0x3b/0x90 [ 166.488795] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.489261] RIP: 0033:0x7f4b8743ee5d [ 166.489590] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.491221] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.491899] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.492527] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.493152] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.493779] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.494399] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.495064] [ 166.495287] irq event stamp: 0 [ 166.495571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.496131] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.496877] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.497609] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.498180] ---[ end trace 0000000000000000 ]--- [ 166.501614] ------------[ cut here ]------------ [ 166.502051] WARNING: CPU: 0 PID: 1572 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.502983] Modules linked in: [ 166.503298] CPU: 0 PID: 1572 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.504329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.505319] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.505852] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.507782] RSP: 0018:ffff888023c9fbd0 EFLAGS: 00010246 [ 166.508390] RAX: 0000000000000000 RBX: ffff8880139cf0a8 RCX: 0000000000000000 [ 166.509233] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 166.509928] RBP: ffff888023c9fbe8 R08: ffffed1002739e33 R09: ffffed1002739e33 [ 166.510944] R10: ffff8880139cf193 R11: ffffed1002739e32 R12: ffff888013edb400 [ 166.511642] R13: ffff8880139cf1e8 R14: ffff88800f2e7c00 R15: 0000000000000000 [ 166.512334] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.513376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.513928] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 166.514740] PKRU: 55555554 [ 166.515219] Call Trace: [ 166.515468] [ 166.515685] iommufd_access_destroy_object+0x65/0x170 [ 166.516179] iommufd_object_destroy_user+0x18e/0x220 [ 166.516663] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.517472] iommufd_access_destroy+0x43/0x70 [ 166.517920] iommufd_test_staccess_release+0x8d/0xd0 [ 166.518414] __fput+0x26d/0xa40 [ 166.518782] ____fput+0x1e/0x30 [ 166.519215] task_work_run+0x1a4/0x2d0 [ 166.519777] ? __pfx_task_work_run+0x10/0x10 [ 166.520215] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.520695] ? switch_task_namespaces+0xa9/0xe0 [ 166.521210] do_exit+0xb17/0x2ef0 [ 166.521739] ? lock_acquire+0x427/0x4c0 [ 166.522163] ? __pfx_lock_release+0x10/0x10 [ 166.522618] ? __kasan_check_write+0x18/0x20 [ 166.523053] ? do_raw_spin_lock+0x132/0x2a0 [ 166.523758] ? __pfx_do_exit+0x10/0x10 [ 166.524155] ? debug_smp_processor_id+0x20/0x30 [ 166.524618] ? rcu_is_watching+0x19/0xb0 [ 166.525031] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.525523] ? trace_hardirqs_on+0x26/0x120 [ 166.526185] do_group_exit+0xe0/0x2b0 [ 166.526601] __x64_sys_exit_group+0x47/0x50 [ 166.527027] do_syscall_64+0x3b/0x90 [ 166.527414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.528146] RIP: 0033:0x7f4b87518a4d [ 166.528514] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.529124] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.529949] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.530800] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.531537] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.532333] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.533168] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.533903] [ 166.534147] irq event stamp: 0 [ 166.534641] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.535416] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.536301] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.537406] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.538083] ---[ end trace 0000000000000000 ]--- [ 166.540674] ------------[ cut here ]------------ [ 166.541315] WARNING: CPU: 0 PID: 1572 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.542596] Modules linked in: [ 166.542938] CPU: 0 PID: 1572 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.544118] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.545324] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.545877] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.547841] RSP: 0018:ffff888023c9fb78 EFLAGS: 00010246 [ 166.548411] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.549157] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 166.549907] RBP: ffff888023c9fb98 R08: ffffed1002739e3e R09: ffffed1002739e3e [ 166.550680] R10: ffff8880139cf1ef R11: ffffed1002739e3d R12: ffff8880139cf290 [ 166.551440] R13: ffff8880139cf0a8 R14: ffffffffffffffff R15: ffff888023c9fc60 [ 166.552191] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 166.553040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.553648] CR2: 00007f82e2acf000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 166.554382] PKRU: 55555554 [ 166.554708] Call Trace: [ 166.554972] [ 166.555223] iommufd_ioas_destroy+0x53/0x70 [ 166.555684] iommufd_fops_release+0x1f7/0x370 [ 166.556173] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.556707] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.557225] ? write_comp_data+0x2f/0x90 [ 166.557668] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.558199] __fput+0x26d/0xa40 [ 166.558618] ____fput+0x1e/0x30 [ 166.558988] task_work_run+0x1a4/0x2d0 [ 166.559414] ? __pfx_task_work_run+0x10/0x10 [ 166.559874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.560391] ? switch_task_namespaces+0xa9/0xe0 [ 166.560879] do_exit+0xb17/0x2ef0 [ 166.561249] ? lock_acquire+0x427/0x4c0 [ 166.561678] ? __pfx_lock_release+0x10/0x10 [ 166.562139] ? __kasan_check_write+0x18/0x20 [ 166.562637] ? do_raw_spin_lock+0x132/0x2a0 [ 166.563088] ? __pfx_do_exit+0x10/0x10 [ 166.563523] ? debug_smp_processor_id+0x20/0x30 [ 166.564008] ? rcu_is_watching+0x19/0xb0 [ 166.564430] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.564921] ? trace_hardirqs_on+0x26/0x120 [ 166.565383] do_group_exit+0xe0/0x2b0 [ 166.565791] __x64_sys_exit_group+0x47/0x50 [ 166.566232] do_syscall_64+0x3b/0x90 [ 166.566664] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.567233] RIP: 0033:0x7f4b87518a4d [ 166.567633] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.568285] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.569078] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.569827] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.570610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.571388] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.572134] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.572904] [ 166.573157] irq event stamp: 0 [ 166.573495] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.574162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.575080] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.575963] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.576626] ---[ end trace 0000000000000000 ]--- [ 166.585578] ------------[ cut here ]------------ [ 166.586756] WARNING: CPU: 1 PID: 1573 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.588147] Modules linked in: [ 166.588964] CPU: 1 PID: 1573 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.590135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.592108] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.592805] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.595571] RSP: 0018:ffff88800f387bb8 EFLAGS: 00010246 [ 166.596302] RAX: 0000000000000000 RBX: ffff888010b9a0a8 RCX: 0000000000000000 [ 166.597548] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 166.598493] RBP: ffff88800f387bd0 R08: ffffed1002173433 R09: ffffed1002173433 [ 166.599605] R10: ffff888010b9a193 R11: ffffed1002173432 R12: ffff88801422e400 [ 166.600801] R13: ffff888010b9a1e8 R14: ffffffff8352e670 R15: ffff88800f387e68 [ 166.601760] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.603312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.604110] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 166.605419] PKRU: 55555554 [ 166.605818] Call Trace: [ 166.606173] [ 166.606492] __iommufd_access_detach+0x1c2/0x2b0 [ 166.607297] iommufd_access_change_pt+0x149/0x270 [ 166.608144] iommufd_access_replace+0xb4/0x120 [ 166.608949] iommufd_test+0x3e5/0x37e0 [ 166.609500] ? lock_release+0x532/0x770 [ 166.610066] ? __might_fault+0x102/0x1b0 [ 166.610867] ? lock_acquire+0x427/0x4c0 [ 166.611484] ? __pfx_iommufd_test+0x10/0x10 [ 166.612085] ? __pfx_lock_release+0x10/0x10 [ 166.612696] ? __pfx_lock_acquire+0x10/0x10 [ 166.613363] ? write_comp_data+0x2f/0x90 [ 166.614122] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.614874] ? write_comp_data+0x2f/0x90 [ 166.615507] iommufd_fops_ioctl+0x37d/0x510 [ 166.616185] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.617142] ? write_comp_data+0x2f/0x90 [ 166.617722] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.618390] __x64_sys_ioctl+0x1a3/0x230 [ 166.619327] do_syscall_64+0x3b/0x90 [ 166.619880] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.620601] RIP: 0033:0x7f4b8743ee5d [ 166.621116] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.624013] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.625237] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.626195] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.627641] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.628613] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.629648] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.630976] [ 166.631355] irq event stamp: 0 [ 166.631789] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.632634] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.633757] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.634937] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.635826] ---[ end trace 0000000000000000 ]--- [ 166.641047] ------------[ cut here ]------------ [ 166.641717] WARNING: CPU: 1 PID: 1573 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.643144] Modules linked in: [ 166.643612] CPU: 1 PID: 1573 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.644773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.646261] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.647155] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.649575] RSP: 0018:ffff88800f387bd0 EFLAGS: 00010246 [ 166.650303] RAX: 0000000000000000 RBX: ffff888010b9a0a8 RCX: 0000000000000000 [ 166.651339] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 166.652300] RBP: ffff88800f387be8 R08: ffffed1002173433 R09: ffffed1002173433 [ 166.653250] R10: ffff888010b9a193 R11: ffffed1002173432 R12: ffff888010c08400 [ 166.654202] R13: ffff888010b9a1e8 R14: ffff88800f952500 R15: 0000000000000000 [ 166.655241] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.656312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.657090] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.658039] PKRU: 55555554 [ 166.658434] Call Trace: [ 166.658835] [ 166.659185] iommufd_access_destroy_object+0x65/0x170 [ 166.659885] iommufd_object_destroy_user+0x18e/0x220 [ 166.660560] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.661331] iommufd_access_destroy+0x43/0x70 [ 166.661938] iommufd_test_staccess_release+0x8d/0xd0 [ 166.662637] __fput+0x26d/0xa40 [ 166.663088] ____fput+0x1e/0x30 [ 166.663543] task_work_run+0x1a4/0x2d0 [ 166.664053] ? __pfx_task_work_run+0x10/0x10 [ 166.664621] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.665247] ? switch_task_namespaces+0xa9/0xe0 [ 166.665854] do_exit+0xb17/0x2ef0 [ 166.666300] ? lock_acquire+0x427/0x4c0 [ 166.666848] ? __pfx_lock_release+0x10/0x10 [ 166.667417] ? __kasan_check_write+0x18/0x20 [ 166.667989] ? do_raw_spin_lock+0x132/0x2a0 [ 166.668542] ? __pfx_do_exit+0x10/0x10 [ 166.669052] ? debug_smp_processor_id+0x20/0x30 [ 166.669648] ? rcu_is_watching+0x19/0xb0 [ 166.670170] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.670787] ? trace_hardirqs_on+0x26/0x120 [ 166.671369] do_group_exit+0xe0/0x2b0 [ 166.671859] __x64_sys_exit_group+0x47/0x50 [ 166.672405] do_syscall_64+0x3b/0x90 [ 166.672894] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.673558] RIP: 0033:0x7f4b87518a4d [ 166.674015] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.674787] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.675777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.676414] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.677517] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.678173] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.678824] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.679591] [ 166.679866] irq event stamp: 0 [ 166.680157] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.680696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.681473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.682345] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.682910] ---[ end trace 0000000000000000 ]--- [ 166.683694] ------------[ cut here ]------------ [ 166.684280] WARNING: CPU: 1 PID: 1573 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.685208] Modules linked in: [ 166.685503] CPU: 1 PID: 1573 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.686456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.687507] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.687970] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.689775] RSP: 0018:ffff88800f387b78 EFLAGS: 00010246 [ 166.690365] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.691094] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 166.691732] RBP: ffff88800f387b98 R08: ffffed100217343e R09: ffffed100217343e [ 166.692386] R10: ffff888010b9a1ef R11: ffffed100217343d R12: ffff888010b9a290 [ 166.693186] R13: ffff888010b9a0a8 R14: ffffffffffffffff R15: ffff88800f387c60 [ 166.693801] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.694501] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.695032] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.695671] PKRU: 55555554 [ 166.695912] Call Trace: [ 166.696132] [ 166.696335] iommufd_ioas_destroy+0x53/0x70 [ 166.696729] iommufd_fops_release+0x1f7/0x370 [ 166.697121] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.697564] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.697995] ? write_comp_data+0x2f/0x90 [ 166.698347] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.698803] __fput+0x26d/0xa40 [ 166.699120] ____fput+0x1e/0x30 [ 166.699409] task_work_run+0x1a4/0x2d0 [ 166.699756] ? __pfx_task_work_run+0x10/0x10 [ 166.700130] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.700542] ? switch_task_namespaces+0xa9/0xe0 [ 166.700944] do_exit+0xb17/0x2ef0 [ 166.701239] ? lock_acquire+0x427/0x4c0 [ 166.701570] ? __pfx_lock_release+0x10/0x10 [ 166.701938] ? __kasan_check_write+0x18/0x20 [ 166.702310] ? do_raw_spin_lock+0x132/0x2a0 [ 166.702687] ? __pfx_do_exit+0x10/0x10 [ 166.703023] ? debug_smp_processor_id+0x20/0x30 [ 166.703431] ? rcu_is_watching+0x19/0xb0 [ 166.703776] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.704154] ? trace_hardirqs_on+0x26/0x120 [ 166.704527] do_group_exit+0xe0/0x2b0 [ 166.704854] __x64_sys_exit_group+0x47/0x50 [ 166.705207] do_syscall_64+0x3b/0x90 [ 166.705542] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.705978] RIP: 0033:0x7f4b87518a4d [ 166.706285] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.706817] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.707466] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.708063] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.708664] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.709240] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.709839] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.710431] [ 166.710643] irq event stamp: 0 [ 166.710919] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.711448] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.712142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.712840] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.713361] ---[ end trace 0000000000000000 ]--- [ 166.718118] ------------[ cut here ]------------ [ 166.718652] WARNING: CPU: 1 PID: 1574 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.719453] Modules linked in: [ 166.719699] CPU: 1 PID: 1574 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.720375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.721265] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.721657] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.723150] RSP: 0018:ffff8880140d7bb8 EFLAGS: 00010246 [ 166.723568] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 166.724122] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 166.724684] RBP: ffff8880140d7bd0 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 166.725239] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff888010f05800 [ 166.725804] R13: ffff8880158789e8 R14: ffffffff8352e670 R15: ffff8880140d7e68 [ 166.726357] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.727008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.727475] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 166.728033] PKRU: 55555554 [ 166.728255] Call Trace: [ 166.728453] [ 166.728639] __iommufd_access_detach+0x1c2/0x2b0 [ 166.729035] iommufd_access_change_pt+0x149/0x270 [ 166.729422] iommufd_access_replace+0xb4/0x120 [ 166.729798] iommufd_test+0x3e5/0x37e0 [ 166.730111] ? lock_release+0x532/0x770 [ 166.730432] ? __might_fault+0x102/0x1b0 [ 166.730787] ? lock_acquire+0x427/0x4c0 [ 166.731120] ? __pfx_iommufd_test+0x10/0x10 [ 166.731466] ? __pfx_lock_release+0x10/0x10 [ 166.731822] ? __pfx_lock_acquire+0x10/0x10 [ 166.732168] ? write_comp_data+0x2f/0x90 [ 166.732511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.732922] ? write_comp_data+0x2f/0x90 [ 166.733249] iommufd_fops_ioctl+0x37d/0x510 [ 166.733600] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.733997] ? write_comp_data+0x2f/0x90 [ 166.734323] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.734726] __x64_sys_ioctl+0x1a3/0x230 [ 166.735067] do_syscall_64+0x3b/0x90 [ 166.735376] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.735789] RIP: 0033:0x7f4b8743ee5d [ 166.736083] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.737500] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.738087] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.738667] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.739227] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.739784] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.740332] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.740903] [ 166.741079] irq event stamp: 0 [ 166.741317] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.741808] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.742453] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.743129] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.743615] ---[ end trace 0000000000000000 ]--- [ 166.746432] ------------[ cut here ]------------ [ 166.746853] WARNING: CPU: 1 PID: 1574 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.747640] Modules linked in: [ 166.747891] CPU: 1 PID: 1574 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.748562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.749430] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.749804] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.751216] RSP: 0018:ffff8880140d7bd0 EFLAGS: 00010246 [ 166.751636] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 166.752186] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 166.752740] RBP: ffff8880140d7be8 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 166.753285] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff888018afe000 [ 166.753843] R13: ffff8880158789e8 R14: ffff8880104d9300 R15: 0000000000000000 [ 166.754388] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.755021] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.755469] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.756016] PKRU: 55555554 [ 166.756226] Call Trace: [ 166.756426] [ 166.756601] iommufd_access_destroy_object+0x65/0x170 [ 166.757010] iommufd_object_destroy_user+0x18e/0x220 [ 166.757395] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.757852] iommufd_access_destroy+0x43/0x70 [ 166.758206] iommufd_test_staccess_release+0x8d/0xd0 [ 166.758622] __fput+0x26d/0xa40 [ 166.758895] ____fput+0x1e/0x30 [ 166.759174] task_work_run+0x1a4/0x2d0 [ 166.759476] ? __pfx_task_work_run+0x10/0x10 [ 166.759821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.760213] ? switch_task_namespaces+0xa9/0xe0 [ 166.760571] do_exit+0xb17/0x2ef0 [ 166.760842] ? lock_acquire+0x427/0x4c0 [ 166.761170] ? __pfx_lock_release+0x10/0x10 [ 166.761498] ? __kasan_check_write+0x18/0x20 [ 166.761842] ? do_raw_spin_lock+0x132/0x2a0 [ 166.762176] ? __pfx_do_exit+0x10/0x10 [ 166.762491] ? debug_smp_processor_id+0x20/0x30 [ 166.762871] ? rcu_is_watching+0x19/0xb0 [ 166.763191] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.763547] ? trace_hardirqs_on+0x26/0x120 [ 166.763876] do_group_exit+0xe0/0x2b0 [ 166.764171] __x64_sys_exit_group+0x47/0x50 [ 166.764513] do_syscall_64+0x3b/0x90 [ 166.764802] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.765208] RIP: 0033:0x7f4b87518a4d [ 166.765508] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.765965] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.766573] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.767103] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.767661] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.768189] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.768749] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.769297] [ 166.769474] irq event stamp: 0 [ 166.769729] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.770203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.770880] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.771529] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.772028] ---[ end trace 0000000000000000 ]--- [ 166.772703] ------------[ cut here ]------------ [ 166.773074] WARNING: CPU: 1 PID: 1574 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.773844] Modules linked in: [ 166.774093] CPU: 1 PID: 1574 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.774771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.775633] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.776034] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.777433] RSP: 0018:ffff8880140d7b78 EFLAGS: 00010246 [ 166.777830] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.778391] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 166.778942] RBP: ffff8880140d7b98 R08: ffffed1002b0f13e R09: ffffed1002b0f13e [ 166.779516] R10: ffff8880158789ef R11: ffffed1002b0f13d R12: ffff888015878a90 [ 166.780055] R13: ffff8880158788a8 R14: ffffffffffffffff R15: ffff8880140d7c60 [ 166.780608] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.781214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.781666] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.782201] PKRU: 55555554 [ 166.782423] Call Trace: [ 166.782647] [ 166.782822] iommufd_ioas_destroy+0x53/0x70 [ 166.783158] iommufd_fops_release+0x1f7/0x370 [ 166.783521] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.783909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.784278] ? write_comp_data+0x2f/0x90 [ 166.784610] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.785002] __fput+0x26d/0xa40 [ 166.785263] ____fput+0x1e/0x30 [ 166.785528] task_work_run+0x1a4/0x2d0 [ 166.785849] ? __pfx_task_work_run+0x10/0x10 [ 166.786184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.786576] ? switch_task_namespaces+0xa9/0xe0 [ 166.786960] do_exit+0xb17/0x2ef0 [ 166.787229] ? lock_acquire+0x427/0x4c0 [ 166.787542] ? __pfx_lock_release+0x10/0x10 [ 166.787887] ? __kasan_check_write+0x18/0x20 [ 166.788235] ? do_raw_spin_lock+0x132/0x2a0 [ 166.788560] ? __pfx_do_exit+0x10/0x10 [ 166.788880] ? debug_smp_processor_id+0x20/0x30 [ 166.789243] ? rcu_is_watching+0x19/0xb0 [ 166.789549] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.789911] ? trace_hardirqs_on+0x26/0x120 [ 166.790252] do_group_exit+0xe0/0x2b0 [ 166.790555] __x64_sys_exit_group+0x47/0x50 [ 166.790887] do_syscall_64+0x3b/0x90 [ 166.791208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.791602] RIP: 0033:0x7f4b87518a4d [ 166.791891] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.792372] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.792943] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.793492] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.794026] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.794604] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.795162] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.795724] [ 166.795900] irq event stamp: 0 [ 166.796144] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.796637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.797274] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.797909] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.798376] ---[ end trace 0000000000000000 ]--- [ 166.802787] ------------[ cut here ]------------ [ 166.803181] WARNING: CPU: 1 PID: 1575 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.803940] Modules linked in: [ 166.804189] CPU: 1 PID: 1575 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.804848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.805676] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.806057] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.807455] RSP: 0018:ffff888024437bb8 EFLAGS: 00010246 [ 166.807846] RAX: 0000000000000000 RBX: ffff8880145be8a8 RCX: 0000000000000000 [ 166.808395] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 166.808911] RBP: ffff888024437bd0 R08: ffffed10028b7d33 R09: ffffed10028b7d33 [ 166.809457] R10: ffff8880145be993 R11: ffffed10028b7d32 R12: ffff888010c0b800 [ 166.809981] R13: ffff8880145be9e8 R14: ffffffff8352e670 R15: ffff888024437e68 [ 166.810546] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.811310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.811953] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 166.812728] PKRU: 55555554 [ 166.813040] Call Trace: [ 166.813324] [ 166.813577] __iommufd_access_detach+0x1c2/0x2b0 [ 166.814118] iommufd_access_change_pt+0x149/0x270 [ 166.814701] iommufd_access_replace+0xb4/0x120 [ 166.815234] iommufd_test+0x3e5/0x37e0 [ 166.815666] ? lock_release+0x532/0x770 [ 166.816117] ? __might_fault+0x102/0x1b0 [ 166.816573] ? lock_acquire+0x427/0x4c0 [ 166.817025] ? __pfx_iommufd_test+0x10/0x10 [ 166.817495] ? __pfx_lock_release+0x10/0x10 [ 166.817977] ? __pfx_lock_acquire+0x10/0x10 [ 166.818468] ? write_comp_data+0x2f/0x90 [ 166.818955] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.819505] ? write_comp_data+0x2f/0x90 [ 166.819966] iommufd_fops_ioctl+0x37d/0x510 [ 166.820445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.820987] ? write_comp_data+0x2f/0x90 [ 166.821447] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.821980] __x64_sys_ioctl+0x1a3/0x230 [ 166.822441] do_syscall_64+0x3b/0x90 [ 166.822887] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.823478] RIP: 0033:0x7f4b8743ee5d [ 166.823890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.825838] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.826662] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.827441] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.828193] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.828932] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.829671] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.830432] [ 166.830718] irq event stamp: 0 [ 166.831068] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.831757] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.832658] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.833553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.834233] ---[ end trace 0000000000000000 ]--- [ 166.838420] ------------[ cut here ]------------ [ 166.838969] WARNING: CPU: 1 PID: 1575 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.840023] Modules linked in: [ 166.840362] CPU: 1 PID: 1575 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.841265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.842418] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.842962] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.844838] RSP: 0018:ffff888024437bd0 EFLAGS: 00010246 [ 166.845392] RAX: 0000000000000000 RBX: ffff8880145be8a8 RCX: 0000000000000000 [ 166.846129] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 166.846891] RBP: ffff888024437be8 R08: ffffed10028b7d33 R09: ffffed10028b7d33 [ 166.847633] R10: ffff8880145be993 R11: ffffed10028b7d32 R12: ffff888010f05000 [ 166.848373] R13: ffff8880145be9e8 R14: ffff88800f8f1100 R15: 0000000000000000 [ 166.849111] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.849945] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.850573] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.851325] PKRU: 55555554 [ 166.851627] Call Trace: [ 166.851900] [ 166.852144] iommufd_access_destroy_object+0x65/0x170 [ 166.852691] iommufd_object_destroy_user+0x18e/0x220 [ 166.853234] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.853848] iommufd_access_destroy+0x43/0x70 [ 166.854334] iommufd_test_staccess_release+0x8d/0xd0 [ 166.854908] __fput+0x26d/0xa40 [ 166.855290] ____fput+0x1e/0x30 [ 166.855654] task_work_run+0x1a4/0x2d0 [ 166.856078] ? __pfx_task_work_run+0x10/0x10 [ 166.856549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.857071] ? switch_task_namespaces+0xa9/0xe0 [ 166.857578] do_exit+0xb17/0x2ef0 [ 166.857948] ? lock_acquire+0x427/0x4c0 [ 166.858380] ? __pfx_lock_release+0x10/0x10 [ 166.858867] ? __kasan_check_write+0x18/0x20 [ 166.859346] ? do_raw_spin_lock+0x132/0x2a0 [ 166.859805] ? __pfx_do_exit+0x10/0x10 [ 166.860230] ? debug_smp_processor_id+0x20/0x30 [ 166.860726] ? rcu_is_watching+0x19/0xb0 [ 166.861159] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.861645] ? trace_hardirqs_on+0x26/0x120 [ 166.862109] do_group_exit+0xe0/0x2b0 [ 166.862544] __x64_sys_exit_group+0x47/0x50 [ 166.863006] do_syscall_64+0x3b/0x90 [ 166.863421] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.863974] RIP: 0033:0x7f4b87518a4d [ 166.864368] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.865006] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.865787] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.866555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.867394] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.867911] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.868416] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.868936] [ 166.869099] irq event stamp: 0 [ 166.869321] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.869783] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.870367] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.870998] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.871451] ---[ end trace 0000000000000000 ]--- [ 166.872110] ------------[ cut here ]------------ [ 166.872442] WARNING: CPU: 1 PID: 1575 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.873195] Modules linked in: [ 166.873423] CPU: 1 PID: 1575 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.874055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.874891] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.875284] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.876602] RSP: 0018:ffff888024437b78 EFLAGS: 00010246 [ 166.877031] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.877554] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 166.878053] RBP: ffff888024437b98 R08: ffffed10028b7d3e R09: ffffed10028b7d3e [ 166.878600] R10: ffff8880145be9ef R11: ffffed10028b7d3d R12: ffff8880145bea90 [ 166.879104] R13: ffff8880145be8a8 R14: ffffffffffffffff R15: ffff888024437c60 [ 166.879648] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.880213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.880654] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.881173] PKRU: 55555554 [ 166.881396] Call Trace: [ 166.881582] [ 166.881744] iommufd_ioas_destroy+0x53/0x70 [ 166.882068] iommufd_fops_release+0x1f7/0x370 [ 166.882402] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.882791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.883162] ? write_comp_data+0x2f/0x90 [ 166.883468] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.883843] __fput+0x26d/0xa40 [ 166.884104] ____fput+0x1e/0x30 [ 166.884348] task_work_run+0x1a4/0x2d0 [ 166.884654] ? __pfx_task_work_run+0x10/0x10 [ 166.884973] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.885334] ? switch_task_namespaces+0xa9/0xe0 [ 166.885694] do_exit+0xb17/0x2ef0 [ 166.885947] ? lock_acquire+0x427/0x4c0 [ 166.886247] ? __pfx_lock_release+0x10/0x10 [ 166.886576] ? __kasan_check_write+0x18/0x20 [ 166.886914] ? do_raw_spin_lock+0x132/0x2a0 [ 166.887235] ? __pfx_do_exit+0x10/0x10 [ 166.887519] ? debug_smp_processor_id+0x20/0x30 [ 166.887861] ? rcu_is_watching+0x19/0xb0 [ 166.888152] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.888489] ? trace_hardirqs_on+0x26/0x120 [ 166.888803] do_group_exit+0xe0/0x2b0 [ 166.889096] __x64_sys_exit_group+0x47/0x50 [ 166.889408] do_syscall_64+0x3b/0x90 [ 166.889679] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.890058] RIP: 0033:0x7f4b87518a4d [ 166.890333] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.890787] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.891348] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.891856] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.892376] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.892880] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.893399] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.893913] [ 166.894081] irq event stamp: 0 [ 166.894313] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.894796] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.895402] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.896009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.896466] ---[ end trace 0000000000000000 ]--- [ 166.900724] ------------[ cut here ]------------ [ 166.901106] WARNING: CPU: 1 PID: 1576 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.901825] Modules linked in: [ 166.902062] CPU: 1 PID: 1576 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.902901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.903718] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.904088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.905395] RSP: 0018:ffff888023dc7bb8 EFLAGS: 00010246 [ 166.905768] RAX: 0000000000000000 RBX: ffff88800f0a00a8 RCX: 0000000000000000 [ 166.906284] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 166.906806] RBP: ffff888023dc7bd0 R08: ffffed1001e14033 R09: ffffed1001e14033 [ 166.907339] R10: ffff88800f0a0193 R11: ffffed1001e14032 R12: ffff8880149b6400 [ 166.907849] R13: ffff88800f0a01e8 R14: ffffffff8352e670 R15: ffff888023dc7e68 [ 166.908364] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.908936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.909357] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 166.909867] PKRU: 55555554 [ 166.910072] Call Trace: [ 166.910255] [ 166.910430] __iommufd_access_detach+0x1c2/0x2b0 [ 166.910808] iommufd_access_change_pt+0x149/0x270 [ 166.911176] iommufd_access_replace+0xb4/0x120 [ 166.911525] iommufd_test+0x3e5/0x37e0 [ 166.911815] ? lock_release+0x532/0x770 [ 166.912109] ? __might_fault+0x102/0x1b0 [ 166.912405] ? lock_acquire+0x427/0x4c0 [ 166.912708] ? __pfx_iommufd_test+0x10/0x10 [ 166.913025] ? __pfx_lock_release+0x10/0x10 [ 166.913339] ? __pfx_lock_acquire+0x10/0x10 [ 166.913668] ? write_comp_data+0x2f/0x90 [ 166.913989] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.914339] ? write_comp_data+0x2f/0x90 [ 166.914658] iommufd_fops_ioctl+0x37d/0x510 [ 166.915005] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.915365] ? write_comp_data+0x2f/0x90 [ 166.915671] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 166.916055] __x64_sys_ioctl+0x1a3/0x230 [ 166.916368] do_syscall_64+0x3b/0x90 [ 166.916643] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.917035] RIP: 0033:0x7f4b8743ee5d [ 166.917317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 166.918652] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 166.919273] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 166.919787] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 166.920304] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 166.920819] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 166.921337] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 166.921854] [ 166.922026] irq event stamp: 0 [ 166.922256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.922753] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.923470] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.924070] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.924536] ---[ end trace 0000000000000000 ]--- [ 166.927290] ------------[ cut here ]------------ [ 166.927649] WARNING: CPU: 1 PID: 1576 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 166.928381] Modules linked in: [ 166.928616] CPU: 1 PID: 1576 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.929249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.930058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 166.930419] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 166.931767] RSP: 0018:ffff888023dc7bd0 EFLAGS: 00010246 [ 166.932256] RAX: 0000000000000000 RBX: ffff88800f0a00a8 RCX: 0000000000000000 [ 166.932938] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 166.933634] RBP: ffff888023dc7be8 R08: ffffed1001e14033 R09: ffffed1001e14033 [ 166.934298] R10: ffff88800f0a0193 R11: ffffed1001e14032 R12: ffff888013cfa400 [ 166.935079] R13: ffff88800f0a01e8 R14: ffff88800fa2d300 R15: 0000000000000000 [ 166.935784] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.936537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.937149] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.937840] PKRU: 55555554 [ 166.938117] Call Trace: [ 166.938363] [ 166.938592] iommufd_access_destroy_object+0x65/0x170 [ 166.939082] iommufd_object_destroy_user+0x18e/0x220 [ 166.939579] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 166.940205] iommufd_access_destroy+0x43/0x70 [ 166.940653] iommufd_test_staccess_release+0x8d/0xd0 [ 166.941157] __fput+0x26d/0xa40 [ 166.941488] ____fput+0x1e/0x30 [ 166.941814] task_work_run+0x1a4/0x2d0 [ 166.942195] ? __pfx_task_work_run+0x10/0x10 [ 166.942693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.943182] ? switch_task_namespaces+0xa9/0xe0 [ 166.943661] do_exit+0xb17/0x2ef0 [ 166.944006] ? lock_acquire+0x427/0x4c0 [ 166.944399] ? __pfx_lock_release+0x10/0x10 [ 166.944827] ? __kasan_check_write+0x18/0x20 [ 166.945304] ? do_raw_spin_lock+0x132/0x2a0 [ 166.945740] ? __pfx_do_exit+0x10/0x10 [ 166.946140] ? debug_smp_processor_id+0x20/0x30 [ 166.946615] ? rcu_is_watching+0x19/0xb0 [ 166.947007] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.947475] ? trace_hardirqs_on+0x26/0x120 [ 166.947879] do_group_exit+0xe0/0x2b0 [ 166.948318] __x64_sys_exit_group+0x47/0x50 [ 166.948748] do_syscall_64+0x3b/0x90 [ 166.949131] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.949646] RIP: 0033:0x7f4b87518a4d [ 166.950001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.950668] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.951412] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.952119] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.952809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.953562] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.954260] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.955004] [ 166.955248] irq event stamp: 0 [ 166.955551] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.956244] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.957078] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.957902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.958616] ---[ end trace 0000000000000000 ]--- [ 166.959614] ------------[ cut here ]------------ [ 166.960087] WARNING: CPU: 1 PID: 1576 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 166.961059] Modules linked in: [ 166.961445] CPU: 1 PID: 1576 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 166.962304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 166.963440] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 166.964015] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 166.965801] RSP: 0018:ffff888023dc7b78 EFLAGS: 00010246 [ 166.966328] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 166.967099] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 166.968000] RBP: ffff888023dc7b98 R08: ffffed1001e1403e R09: ffffed1001e1403e [ 166.969027] R10: ffff88800f0a01ef R11: ffffed1001e1403d R12: ffff88800f0a0290 [ 166.969814] R13: ffff88800f0a00a8 R14: ffffffffffffffff R15: ffff888023dc7c60 [ 166.970823] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 166.971727] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 166.972381] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 166.973251] PKRU: 55555554 [ 166.973571] Call Trace: [ 166.973851] [ 166.974102] iommufd_ioas_destroy+0x53/0x70 [ 166.974738] iommufd_fops_release+0x1f7/0x370 [ 166.975255] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.975814] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.976450] ? write_comp_data+0x2f/0x90 [ 166.976961] ? __pfx_iommufd_fops_release+0x10/0x10 [ 166.977523] __fput+0x26d/0xa40 [ 166.977917] ____fput+0x1e/0x30 [ 166.978371] task_work_run+0x1a4/0x2d0 [ 166.978853] ? __pfx_task_work_run+0x10/0x10 [ 166.979358] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 166.979894] ? switch_task_namespaces+0xa9/0xe0 [ 166.980448] do_exit+0xb17/0x2ef0 [ 166.980890] ? lock_acquire+0x427/0x4c0 [ 166.981332] ? __pfx_lock_release+0x10/0x10 [ 166.981806] ? __kasan_check_write+0x18/0x20 [ 166.982377] ? do_raw_spin_lock+0x132/0x2a0 [ 166.982932] ? __pfx_do_exit+0x10/0x10 [ 166.983393] ? debug_smp_processor_id+0x20/0x30 [ 166.983917] ? rcu_is_watching+0x19/0xb0 [ 166.984374] ? _raw_spin_unlock_irq+0x2b/0x60 [ 166.984983] ? trace_hardirqs_on+0x26/0x120 [ 166.985472] do_group_exit+0xe0/0x2b0 [ 166.985900] __x64_sys_exit_group+0x47/0x50 [ 166.986456] do_syscall_64+0x3b/0x90 [ 166.986970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 166.987573] RIP: 0033:0x7f4b87518a4d [ 166.987989] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 166.988803] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 166.989634] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 166.990572] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 166.991362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 166.992151] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 166.993082] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 166.993890] [ 166.994159] irq event stamp: 0 [ 166.994689] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 166.995409] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 166.996342] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 166.997389] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 166.998090] ---[ end trace 0000000000000000 ]--- [ 167.005643] ------------[ cut here ]------------ [ 167.006199] WARNING: CPU: 1 PID: 1577 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.007473] Modules linked in: [ 167.007845] CPU: 1 PID: 1577 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.008919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.010158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.010852] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.012965] RSP: 0018:ffff88801794fbb8 EFLAGS: 00010246 [ 167.013559] RAX: 0000000000000000 RBX: ffff888016c578a8 RCX: 0000000000000000 [ 167.014382] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 167.015267] RBP: ffff88801794fbd0 R08: ffffed1002d8af33 R09: ffffed1002d8af33 [ 167.016061] R10: ffff888016c57993 R11: ffffed1002d8af32 R12: ffff888010f04800 [ 167.016952] R13: ffff888016c579e8 R14: ffffffff8352e670 R15: ffff88801794fe68 [ 167.017741] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.018771] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.019435] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 167.020234] PKRU: 55555554 [ 167.020651] Call Trace: [ 167.020943] [ 167.021203] __iommufd_access_detach+0x1c2/0x2b0 [ 167.021759] iommufd_access_change_pt+0x149/0x270 [ 167.022385] iommufd_access_replace+0xb4/0x120 [ 167.022964] iommufd_test+0x3e5/0x37e0 [ 167.023421] ? lock_release+0x532/0x770 [ 167.023882] ? __might_fault+0x102/0x1b0 [ 167.024350] ? lock_acquire+0x427/0x4c0 [ 167.024929] ? __pfx_iommufd_test+0x10/0x10 [ 167.025423] ? __pfx_lock_release+0x10/0x10 [ 167.025931] ? __pfx_lock_acquire+0x10/0x10 [ 167.026466] ? write_comp_data+0x2f/0x90 [ 167.027048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.027630] ? write_comp_data+0x2f/0x90 [ 167.028113] iommufd_fops_ioctl+0x37d/0x510 [ 167.028613] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.029296] ? write_comp_data+0x2f/0x90 [ 167.029777] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.030332] __x64_sys_ioctl+0x1a3/0x230 [ 167.030916] do_syscall_64+0x3b/0x90 [ 167.031386] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.031857] RIP: 0033:0x7f4b8743ee5d [ 167.032173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.033815] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.034448] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.035180] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.035831] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.036445] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.037031] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.037776] [ 167.037972] irq event stamp: 0 [ 167.038252] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.038800] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.039569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.040331] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.040859] ---[ end trace 0000000000000000 ]--- [ 167.043852] ------------[ cut here ]------------ [ 167.044278] WARNING: CPU: 1 PID: 1577 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.045144] Modules linked in: [ 167.045520] CPU: 1 PID: 1577 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.046276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.047325] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.047796] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.049359] RSP: 0018:ffff88801794fbd0 EFLAGS: 00010246 [ 167.049929] RAX: 0000000000000000 RBX: ffff888016c578a8 RCX: 0000000000000000 [ 167.050571] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 167.051177] RBP: ffff88801794fbe8 R08: ffffed1002d8af33 R09: ffffed1002d8af33 [ 167.051784] R10: ffff888016c57993 R11: ffffed1002d8af32 R12: ffff8880149b4800 [ 167.052516] R13: ffff888016c579e8 R14: ffff88800f48b500 R15: 0000000000000000 [ 167.053110] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.053803] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.054425] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 167.055063] PKRU: 55555554 [ 167.055311] Call Trace: [ 167.055546] [ 167.055747] iommufd_access_destroy_object+0x65/0x170 [ 167.056188] iommufd_object_destroy_user+0x18e/0x220 [ 167.056750] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.057253] iommufd_access_destroy+0x43/0x70 [ 167.057648] iommufd_test_staccess_release+0x8d/0xd0 [ 167.058131] __fput+0x26d/0xa40 [ 167.058541] ____fput+0x1e/0x30 [ 167.058853] task_work_run+0x1a4/0x2d0 [ 167.059214] ? __pfx_task_work_run+0x10/0x10 [ 167.059593] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.060030] ? switch_task_namespaces+0xa9/0xe0 [ 167.060459] do_exit+0xb17/0x2ef0 [ 167.060882] ? lock_acquire+0x427/0x4c0 [ 167.061248] ? __pfx_lock_release+0x10/0x10 [ 167.061634] ? __kasan_check_write+0x18/0x20 [ 167.062042] ? do_raw_spin_lock+0x132/0x2a0 [ 167.062450] ? __pfx_do_exit+0x10/0x10 [ 167.062938] ? debug_smp_processor_id+0x20/0x30 [ 167.063383] ? rcu_is_watching+0x19/0xb0 [ 167.063741] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.064187] ? trace_hardirqs_on+0x26/0x120 [ 167.064582] do_group_exit+0xe0/0x2b0 [ 167.064954] __x64_sys_exit_group+0x47/0x50 [ 167.065431] do_syscall_64+0x3b/0x90 [ 167.065767] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.066231] RIP: 0033:0x7f4b87518a4d [ 167.066596] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.067138] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.067974] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.068593] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.069216] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.070008] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.070652] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.071300] [ 167.071506] irq event stamp: 0 [ 167.071828] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.072489] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.073243] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.074142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.074724] ---[ end trace 0000000000000000 ]--- [ 167.075542] ------------[ cut here ]------------ [ 167.075971] WARNING: CPU: 1 PID: 1577 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.077053] Modules linked in: [ 167.077340] CPU: 1 PID: 1577 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.078104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.079297] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.079760] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.081341] RSP: 0018:ffff88801794fb78 EFLAGS: 00010246 [ 167.081978] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.082629] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 167.083252] RBP: ffff88801794fb98 R08: ffffed1002d8af3e R09: ffffed1002d8af3e [ 167.083985] R10: ffff888016c579ef R11: ffffed1002d8af3d R12: ffff888016c57a90 [ 167.084687] R13: ffff888016c578a8 R14: ffffffffffffffff R15: ffff88801794fc60 [ 167.085323] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.086036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.086608] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 167.087262] PKRU: 55555554 [ 167.087510] Call Trace: [ 167.087731] [ 167.087936] iommufd_ioas_destroy+0x53/0x70 [ 167.088341] iommufd_fops_release+0x1f7/0x370 [ 167.088734] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.089201] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.089624] ? write_comp_data+0x2f/0x90 [ 167.089991] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.090440] __fput+0x26d/0xa40 [ 167.090763] ____fput+0x1e/0x30 [ 167.091068] task_work_run+0x1a4/0x2d0 [ 167.091447] ? __pfx_task_work_run+0x10/0x10 [ 167.091829] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.092272] ? switch_task_namespaces+0xa9/0xe0 [ 167.092695] do_exit+0xb17/0x2ef0 [ 167.092994] ? lock_acquire+0x427/0x4c0 [ 167.093363] ? __pfx_lock_release+0x10/0x10 [ 167.093752] ? __kasan_check_write+0x18/0x20 [ 167.094134] ? do_raw_spin_lock+0x132/0x2a0 [ 167.094557] ? __pfx_do_exit+0x10/0x10 [ 167.094902] ? debug_smp_processor_id+0x20/0x30 [ 167.095322] ? rcu_is_watching+0x19/0xb0 [ 167.095699] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.096090] ? trace_hardirqs_on+0x26/0x120 [ 167.096475] do_group_exit+0xe0/0x2b0 [ 167.096825] __x64_sys_exit_group+0x47/0x50 [ 167.097190] do_syscall_64+0x3b/0x90 [ 167.097526] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.098000] RIP: 0033:0x7f4b87518a4d [ 167.098319] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.098912] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.099574] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.100215] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.100843] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.101472] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.102116] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.102753] [ 167.102973] irq event stamp: 0 [ 167.103280] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.103819] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.104571] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.105316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.105853] ---[ end trace 0000000000000000 ]--- [ 167.110022] ------------[ cut here ]------------ [ 167.110485] WARNING: CPU: 1 PID: 1578 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.111435] Modules linked in: [ 167.111732] CPU: 1 PID: 1578 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.112475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.113459] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.113901] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.115501] RSP: 0018:ffff888023ebfbb8 EFLAGS: 00010246 [ 167.115957] RAX: 0000000000000000 RBX: ffff888010b780a8 RCX: 0000000000000000 [ 167.116585] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 167.117221] RBP: ffff888023ebfbd0 R08: ffffed100216f033 R09: ffffed100216f033 [ 167.117835] R10: ffff888010b78193 R11: ffffed100216f032 R12: ffff88800fcb3800 [ 167.118464] R13: ffff888010b781e8 R14: ffffffff8352e670 R15: ffff888023ebfe68 [ 167.119091] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.119819] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.120314] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 167.120914] PKRU: 55555554 [ 167.121148] Call Trace: [ 167.121364] [ 167.121575] __iommufd_access_detach+0x1c2/0x2b0 [ 167.121985] iommufd_access_change_pt+0x149/0x270 [ 167.122397] iommufd_access_replace+0xb4/0x120 [ 167.122828] iommufd_test+0x3e5/0x37e0 [ 167.123162] ? lock_release+0x532/0x770 [ 167.123506] ? __might_fault+0x102/0x1b0 [ 167.123867] ? lock_acquire+0x427/0x4c0 [ 167.124211] ? __pfx_iommufd_test+0x10/0x10 [ 167.124567] ? __pfx_lock_release+0x10/0x10 [ 167.124945] ? __pfx_lock_acquire+0x10/0x10 [ 167.125315] ? write_comp_data+0x2f/0x90 [ 167.125661] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.126083] ? write_comp_data+0x2f/0x90 [ 167.126430] iommufd_fops_ioctl+0x37d/0x510 [ 167.126827] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.127274] ? write_comp_data+0x2f/0x90 [ 167.127623] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.128038] __x64_sys_ioctl+0x1a3/0x230 [ 167.128389] do_syscall_64+0x3b/0x90 [ 167.128710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.129166] RIP: 0033:0x7f4b8743ee5d [ 167.129483] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.131026] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.131700] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.132295] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.132909] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.133535] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.134135] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.134781] [ 167.134982] irq event stamp: 0 [ 167.135251] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.135803] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.136500] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.137211] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.137746] ---[ end trace 0000000000000000 ]--- [ 167.140769] ------------[ cut here ]------------ [ 167.141225] WARNING: CPU: 1 PID: 1578 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.142078] Modules linked in: [ 167.142364] CPU: 1 PID: 1578 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.143127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.144074] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.144514] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.146032] RSP: 0018:ffff888023ebfbd0 EFLAGS: 00010246 [ 167.146526] RAX: 0000000000000000 RBX: ffff888010b780a8 RCX: 0000000000000000 [ 167.147109] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 167.147735] RBP: ffff888023ebfbe8 R08: ffffed100216f033 R09: ffffed100216f033 [ 167.148314] R10: ffff888010b78193 R11: ffffed100216f032 R12: ffff888010f06400 [ 167.148926] R13: ffff888010b781e8 R14: ffff8880181b8300 R15: 0000000000000000 [ 167.149519] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.150196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.150721] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 167.151332] PKRU: 55555554 [ 167.151570] Call Trace: [ 167.151807] [ 167.152010] iommufd_access_destroy_object+0x65/0x170 [ 167.152440] iommufd_object_destroy_user+0x18e/0x220 [ 167.152899] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.153388] iommufd_access_destroy+0x43/0x70 [ 167.153775] iommufd_test_staccess_release+0x8d/0xd0 [ 167.154229] __fput+0x26d/0xa40 [ 167.154537] ____fput+0x1e/0x30 [ 167.154823] task_work_run+0x1a4/0x2d0 [ 167.155231] ? __pfx_task_work_run+0x10/0x10 [ 167.155601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.156023] ? switch_task_namespaces+0xa9/0xe0 [ 167.156454] do_exit+0xb17/0x2ef0 [ 167.156744] ? lock_acquire+0x427/0x4c0 [ 167.157112] ? __pfx_lock_release+0x10/0x10 [ 167.157500] ? __kasan_check_write+0x18/0x20 [ 167.157868] ? do_raw_spin_lock+0x132/0x2a0 [ 167.158258] ? __pfx_do_exit+0x10/0x10 [ 167.158615] ? debug_smp_processor_id+0x20/0x30 [ 167.159009] ? rcu_is_watching+0x19/0xb0 [ 167.159395] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.159779] ? trace_hardirqs_on+0x26/0x120 [ 167.160143] do_group_exit+0xe0/0x2b0 [ 167.160491] __x64_sys_exit_group+0x47/0x50 [ 167.160851] do_syscall_64+0x3b/0x90 [ 167.161168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.161628] RIP: 0033:0x7f4b87518a4d [ 167.161935] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.162457] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.163122] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.163736] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.164320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.164937] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.165533] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.166146] [ 167.166340] irq event stamp: 0 [ 167.166623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.167181] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.167859] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.168532] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.169050] ---[ end trace 0000000000000000 ]--- [ 167.169771] ------------[ cut here ]------------ [ 167.170176] WARNING: CPU: 1 PID: 1578 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.171013] Modules linked in: [ 167.171303] CPU: 1 PID: 1578 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.172004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.172925] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.173356] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.174863] RSP: 0018:ffff888023ebfb78 EFLAGS: 00010246 [ 167.175299] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.175887] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 167.176459] RBP: ffff888023ebfb98 R08: ffffed100216f03e R09: ffffed100216f03e [ 167.177035] R10: ffff888010b781ef R11: ffffed100216f03d R12: ffff888010b78290 [ 167.177620] R13: ffff888010b780a8 R14: ffffffffffffffff R15: ffff888023ebfc60 [ 167.178183] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.178859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.179333] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 167.179922] PKRU: 55555554 [ 167.180147] Call Trace: [ 167.180348] [ 167.180527] iommufd_ioas_destroy+0x53/0x70 [ 167.180894] iommufd_fops_release+0x1f7/0x370 [ 167.181252] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.181649] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.182061] ? write_comp_data+0x2f/0x90 [ 167.182394] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.182811] __fput+0x26d/0xa40 [ 167.183110] ____fput+0x1e/0x30 [ 167.183398] task_work_run+0x1a4/0x2d0 [ 167.183718] ? __pfx_task_work_run+0x10/0x10 [ 167.184093] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.184489] ? switch_task_namespaces+0xa9/0xe0 [ 167.184870] do_exit+0xb17/0x2ef0 [ 167.185167] ? lock_acquire+0x427/0x4c0 [ 167.185495] ? __pfx_lock_release+0x10/0x10 [ 167.185842] ? __kasan_check_write+0x18/0x20 [ 167.186214] ? do_raw_spin_lock+0x132/0x2a0 [ 167.186578] ? __pfx_do_exit+0x10/0x10 [ 167.186898] ? debug_smp_processor_id+0x20/0x30 [ 167.187327] ? rcu_is_watching+0x19/0xb0 [ 167.187649] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.188003] ? trace_hardirqs_on+0x26/0x120 [ 167.188341] do_group_exit+0xe0/0x2b0 [ 167.188634] __x64_sys_exit_group+0x47/0x50 [ 167.188962] do_syscall_64+0x3b/0x90 [ 167.189259] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.189664] RIP: 0033:0x7f4b87518a4d [ 167.189949] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.190419] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.191027] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.191578] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.192121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.192665] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.193573] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.194137] [ 167.194318] irq event stamp: 0 [ 167.194586] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.195081] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.195895] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.196538] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.197020] ---[ end trace 0000000000000000 ]--- [ 167.200534] ------------[ cut here ]------------ [ 167.200926] WARNING: CPU: 1 PID: 1579 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.201845] Modules linked in: [ 167.202098] CPU: 1 PID: 1579 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.202820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.203823] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.204213] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.205753] RSP: 0018:ffff888023dc7bb8 EFLAGS: 00010246 [ 167.206171] RAX: 0000000000000000 RBX: ffff88800cb960a8 RCX: 0000000000000000 [ 167.206741] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 167.207303] RBP: ffff888023dc7bd0 R08: ffffed1001972c33 R09: ffffed1001972c33 [ 167.207993] R10: ffff88800cb96193 R11: ffffed1001972c32 R12: ffff88800b9b5c00 [ 167.208543] R13: ffff88800cb961e8 R14: ffffffff8352e670 R15: ffff888023dc7e68 [ 167.209107] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.209858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.210311] CR2: 00007f4b877410e8 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 167.210884] PKRU: 55555554 [ 167.211108] Call Trace: [ 167.211316] [ 167.211496] __iommufd_access_detach+0x1c2/0x2b0 [ 167.211957] iommufd_access_change_pt+0x149/0x270 [ 167.212400] iommufd_access_replace+0xb4/0x120 [ 167.212767] iommufd_test+0x3e5/0x37e0 [ 167.213073] ? lock_release+0x532/0x770 [ 167.213393] ? __might_fault+0x102/0x1b0 [ 167.213791] ? lock_acquire+0x427/0x4c0 [ 167.214173] ? __pfx_iommufd_test+0x10/0x10 [ 167.214530] ? __pfx_lock_release+0x10/0x10 [ 167.214879] ? __pfx_lock_acquire+0x10/0x10 [ 167.215237] ? write_comp_data+0x2f/0x90 [ 167.215572] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.216016] ? write_comp_data+0x2f/0x90 [ 167.216413] iommufd_fops_ioctl+0x37d/0x510 [ 167.216767] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.217158] ? write_comp_data+0x2f/0x90 [ 167.217493] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.217946] __x64_sys_ioctl+0x1a3/0x230 [ 167.218339] do_syscall_64+0x3b/0x90 [ 167.218671] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.219096] RIP: 0033:0x7f4b8743ee5d [ 167.219405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.220943] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.221537] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.222160] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.222766] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.223330] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.223890] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.224574] [ 167.224761] irq event stamp: 0 [ 167.225007] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.225501] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.226268] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.226942] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.227449] ---[ end trace 0000000000000000 ]--- [ 167.230308] ------------[ cut here ]------------ [ 167.230754] WARNING: CPU: 1 PID: 1579 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.231602] Modules linked in: [ 167.231887] CPU: 1 PID: 1579 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.232705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.233624] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.234155] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.235728] RSP: 0018:ffff888023dc7bd0 EFLAGS: 00010246 [ 167.236170] RAX: 0000000000000000 RBX: ffff88800cb960a8 RCX: 0000000000000000 [ 167.236892] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 167.237478] RBP: ffff888023dc7be8 R08: ffffed1001972c33 R09: ffffed1001972c33 [ 167.238062] R10: ffff88800cb96193 R11: ffffed1001972c32 R12: ffff88800fcb2400 [ 167.238791] R13: ffff88800cb961e8 R14: ffff88800f952000 R15: 0000000000000000 [ 167.239386] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.240041] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.240516] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 167.241238] PKRU: 55555554 [ 167.241471] Call Trace: [ 167.241683] [ 167.241870] iommufd_access_destroy_object+0x65/0x170 [ 167.242297] iommufd_object_destroy_user+0x18e/0x220 [ 167.242850] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.243340] iommufd_access_destroy+0x43/0x70 [ 167.243720] iommufd_test_staccess_release+0x8d/0xd0 [ 167.244146] __fput+0x26d/0xa40 [ 167.244436] ____fput+0x1e/0x30 [ 167.244716] task_work_run+0x1a4/0x2d0 [ 167.245163] ? __pfx_task_work_run+0x10/0x10 [ 167.245538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.245949] ? switch_task_namespaces+0xa9/0xe0 [ 167.246347] do_exit+0xb17/0x2ef0 [ 167.246657] ? lock_acquire+0x427/0x4c0 [ 167.247001] ? __pfx_lock_release+0x10/0x10 [ 167.247471] ? __kasan_check_write+0x18/0x20 [ 167.247878] ? do_raw_spin_lock+0x132/0x2a0 [ 167.248236] ? __pfx_do_exit+0x10/0x10 [ 167.248573] ? debug_smp_processor_id+0x20/0x30 [ 167.248965] ? rcu_is_watching+0x19/0xb0 [ 167.249374] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.249803] ? trace_hardirqs_on+0x26/0x120 [ 167.250167] do_group_exit+0xe0/0x2b0 [ 167.250488] __x64_sys_exit_group+0x47/0x50 [ 167.250876] do_syscall_64+0x3b/0x90 [ 167.251207] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.251665] RIP: 0033:0x7f4b87518a4d [ 167.252084] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.252595] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.253223] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.253925] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.254538] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.255136] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.255720] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.256453] [ 167.256649] irq event stamp: 0 [ 167.256909] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.257421] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.258241] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.258948] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.259481] ---[ end trace 0000000000000000 ]--- [ 167.260477] ------------[ cut here ]------------ [ 167.260885] WARNING: CPU: 1 PID: 1579 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.261772] Modules linked in: [ 167.262051] CPU: 1 PID: 1579 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.262816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.263804] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.264246] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.265790] RSP: 0018:ffff888023dc7b78 EFLAGS: 00010246 [ 167.266243] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.266877] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 167.267495] RBP: ffff888023dc7b98 R08: ffffed1001972c3e R09: ffffed1001972c3e [ 167.268097] R10: ffff88800cb961ef R11: ffffed1001972c3d R12: ffff88800cb96290 [ 167.268693] R13: ffff88800cb960a8 R14: ffffffffffffffff R15: ffff888023dc7c60 [ 167.269289] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.269972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.270460] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 167.271079] PKRU: 55555554 [ 167.271337] Call Trace: [ 167.271560] [ 167.271751] iommufd_ioas_destroy+0x53/0x70 [ 167.272120] iommufd_fops_release+0x1f7/0x370 [ 167.272507] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.272937] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.273362] ? write_comp_data+0x2f/0x90 [ 167.273723] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.274153] __fput+0x26d/0xa40 [ 167.274449] ____fput+0x1e/0x30 [ 167.274755] task_work_run+0x1a4/0x2d0 [ 167.275095] ? __pfx_task_work_run+0x10/0x10 [ 167.275489] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.275912] ? switch_task_namespaces+0xa9/0xe0 [ 167.276323] do_exit+0xb17/0x2ef0 [ 167.276622] ? lock_acquire+0x427/0x4c0 [ 167.276968] ? __pfx_lock_release+0x10/0x10 [ 167.277339] ? __kasan_check_write+0x18/0x20 [ 167.277720] ? do_raw_spin_lock+0x132/0x2a0 [ 167.278087] ? __pfx_do_exit+0x10/0x10 [ 167.278434] ? debug_smp_processor_id+0x20/0x30 [ 167.278859] ? rcu_is_watching+0x19/0xb0 [ 167.279219] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.279613] ? trace_hardirqs_on+0x26/0x120 [ 167.279985] do_group_exit+0xe0/0x2b0 [ 167.280312] __x64_sys_exit_group+0x47/0x50 [ 167.280687] do_syscall_64+0x3b/0x90 [ 167.281014] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.281464] RIP: 0033:0x7f4b87518a4d [ 167.281778] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.282293] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.282953] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.283562] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.284157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.284764] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.285361] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.285969] [ 167.286166] irq event stamp: 0 [ 167.286437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.286992] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.287713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.288417] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.288949] ---[ end trace 0000000000000000 ]--- [ 167.294689] ------------[ cut here ]------------ [ 167.295231] WARNING: CPU: 0 PID: 1580 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.296148] Modules linked in: [ 167.296489] CPU: 0 PID: 1580 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.297266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.298231] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.298692] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.300338] RSP: 0018:ffff888018647bb8 EFLAGS: 00010246 [ 167.300931] RAX: 0000000000000000 RBX: ffff8880171b90a8 RCX: 0000000000000000 [ 167.301685] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 167.302470] RBP: ffff888018647bd0 R08: ffffed1002e37233 R09: ffffed1002e37233 [ 167.303327] R10: ffff8880171b9193 R11: ffffed1002e37232 R12: ffff888014392400 [ 167.304107] R13: ffff8880171b91e8 R14: ffffffff8352e670 R15: ffff888018647e68 [ 167.304883] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.305751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.306369] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 167.307221] PKRU: 55555554 [ 167.307481] Call Trace: [ 167.307701] [ 167.307897] __iommufd_access_detach+0x1c2/0x2b0 [ 167.308315] iommufd_access_change_pt+0x149/0x270 [ 167.308731] iommufd_access_replace+0xb4/0x120 [ 167.309132] iommufd_test+0x3e5/0x37e0 [ 167.309465] ? lock_release+0x532/0x770 [ 167.309811] ? __might_fault+0x102/0x1b0 [ 167.310165] ? lock_acquire+0x427/0x4c0 [ 167.310543] ? __pfx_iommufd_test+0x10/0x10 [ 167.310914] ? __pfx_lock_release+0x10/0x10 [ 167.311319] ? __pfx_lock_acquire+0x10/0x10 [ 167.311703] ? write_comp_data+0x2f/0x90 [ 167.312060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.312478] ? write_comp_data+0x2f/0x90 [ 167.312833] iommufd_fops_ioctl+0x37d/0x510 [ 167.313210] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.313630] ? write_comp_data+0x2f/0x90 [ 167.313992] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.314409] __x64_sys_ioctl+0x1a3/0x230 [ 167.314793] do_syscall_64+0x3b/0x90 [ 167.315137] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.315588] RIP: 0033:0x7f4b8743ee5d [ 167.315909] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.317452] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.318112] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.318750] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.319367] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.319985] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.320592] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.321205] [ 167.321405] irq event stamp: 0 [ 167.321672] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.322216] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.322980] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.323687] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.324188] ---[ end trace 0000000000000000 ]--- [ 167.327063] ------------[ cut here ]------------ [ 167.327523] WARNING: CPU: 0 PID: 1580 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.328389] Modules linked in: [ 167.328673] CPU: 0 PID: 1580 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.329441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.330419] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.330896] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.332504] RSP: 0018:ffff888018647bd0 EFLAGS: 00010246 [ 167.332983] RAX: 0000000000000000 RBX: ffff8880171b90a8 RCX: 0000000000000000 [ 167.333606] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 167.334229] RBP: ffff888018647be8 R08: ffffed1002e37233 R09: ffffed1002e37233 [ 167.334880] R10: ffff8880171b9193 R11: ffffed1002e37232 R12: ffff888010c56800 [ 167.335512] R13: ffff8880171b91e8 R14: ffff88802185e700 R15: 0000000000000000 [ 167.336131] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.336831] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.337331] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 167.337966] PKRU: 55555554 [ 167.338217] Call Trace: [ 167.338445] [ 167.338682] iommufd_access_destroy_object+0x65/0x170 [ 167.339165] iommufd_object_destroy_user+0x18e/0x220 [ 167.339620] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.340143] iommufd_access_destroy+0x43/0x70 [ 167.340557] iommufd_test_staccess_release+0x8d/0xd0 [ 167.341014] __fput+0x26d/0xa40 [ 167.341323] ____fput+0x1e/0x30 [ 167.341627] task_work_run+0x1a4/0x2d0 [ 167.341984] ? __pfx_task_work_run+0x10/0x10 [ 167.342387] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.342891] ? switch_task_namespaces+0xa9/0xe0 [ 167.343342] do_exit+0xb17/0x2ef0 [ 167.343670] ? lock_acquire+0x427/0x4c0 [ 167.344034] ? __pfx_lock_release+0x10/0x10 [ 167.344426] ? __kasan_check_write+0x18/0x20 [ 167.344824] ? do_raw_spin_lock+0x132/0x2a0 [ 167.345207] ? __pfx_do_exit+0x10/0x10 [ 167.345558] ? debug_smp_processor_id+0x20/0x30 [ 167.345972] ? rcu_is_watching+0x19/0xb0 [ 167.346332] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.346798] ? trace_hardirqs_on+0x26/0x120 [ 167.347211] do_group_exit+0xe0/0x2b0 [ 167.347559] __x64_sys_exit_group+0x47/0x50 [ 167.347943] do_syscall_64+0x3b/0x90 [ 167.348278] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.348741] RIP: 0033:0x7f4b87518a4d [ 167.349071] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.349612] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.350307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.351007] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.351700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.352367] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.353042] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.353718] [ 167.353939] irq event stamp: 0 [ 167.354238] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.354864] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.355676] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.356453] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.357042] ---[ end trace 0000000000000000 ]--- [ 167.357846] ------------[ cut here ]------------ [ 167.358304] WARNING: CPU: 0 PID: 1580 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.359320] Modules linked in: [ 167.359620] CPU: 0 PID: 1580 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.360453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.361501] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.361981] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.363711] RSP: 0018:ffff888018647b78 EFLAGS: 00010246 [ 167.364209] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.364870] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 167.365549] RBP: ffff888018647b98 R08: ffffed1002e3723e R09: ffffed1002e3723e [ 167.366217] R10: ffff8880171b91ef R11: ffffed1002e3723d R12: ffff8880171b9290 [ 167.366901] R13: ffff8880171b90a8 R14: ffffffffffffffff R15: ffff888018647c60 [ 167.367584] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.368331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.368871] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 167.369536] PKRU: 55555554 [ 167.369803] Call Trace: [ 167.370046] [ 167.370260] iommufd_ioas_destroy+0x53/0x70 [ 167.370705] iommufd_fops_release+0x1f7/0x370 [ 167.371164] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.371634] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.372106] ? write_comp_data+0x2f/0x90 [ 167.372498] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.372970] __fput+0x26d/0xa40 [ 167.373301] ____fput+0x1e/0x30 [ 167.373623] task_work_run+0x1a4/0x2d0 [ 167.373998] ? __pfx_task_work_run+0x10/0x10 [ 167.374421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.374927] ? switch_task_namespaces+0xa9/0xe0 [ 167.375404] do_exit+0xb17/0x2ef0 [ 167.375759] ? lock_acquire+0x427/0x4c0 [ 167.376169] ? __pfx_lock_release+0x10/0x10 [ 167.376590] ? __kasan_check_write+0x18/0x20 [ 167.377011] ? do_raw_spin_lock+0x132/0x2a0 [ 167.377422] ? __pfx_do_exit+0x10/0x10 [ 167.377803] ? debug_smp_processor_id+0x20/0x30 [ 167.378249] ? rcu_is_watching+0x19/0xb0 [ 167.378671] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.379107] ? trace_hardirqs_on+0x26/0x120 [ 167.379535] do_group_exit+0xe0/0x2b0 [ 167.379900] __x64_sys_exit_group+0x47/0x50 [ 167.380315] do_syscall_64+0x3b/0x90 [ 167.380689] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.381190] RIP: 0033:0x7f4b87518a4d [ 167.381546] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.382129] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.382899] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.383603] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.384274] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.384936] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.385605] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.386311] [ 167.386583] irq event stamp: 0 [ 167.386900] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.387522] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.388321] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.389129] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.389743] ---[ end trace 0000000000000000 ]--- [ 167.396008] ------------[ cut here ]------------ [ 167.396668] WARNING: CPU: 1 PID: 1581 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.397951] Modules linked in: [ 167.398368] CPU: 1 PID: 1581 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.399562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.400989] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.401624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.403937] RSP: 0018:ffff88802192fbb8 EFLAGS: 00010246 [ 167.404621] RAX: 0000000000000000 RBX: ffff888023dc28a8 RCX: 0000000000000000 [ 167.405516] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 167.406413] RBP: ffff88802192fbd0 R08: ffffed10047b8533 R09: ffffed10047b8533 [ 167.407372] R10: ffff888023dc2993 R11: ffffed10047b8532 R12: ffff888010e02000 [ 167.408275] R13: ffff888023dc29e8 R14: ffffffff8352e670 R15: ffff88802192fe68 [ 167.409175] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.410190] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.410962] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ee0 [ 167.411884] PKRU: 55555554 [ 167.412257] Call Trace: [ 167.412589] [ 167.412887] __iommufd_access_detach+0x1c2/0x2b0 [ 167.413520] iommufd_access_change_pt+0x149/0x270 [ 167.414157] iommufd_access_replace+0xb4/0x120 [ 167.414800] iommufd_test+0x3e5/0x37e0 [ 167.415325] ? lock_release+0x532/0x770 [ 167.415848] ? __might_fault+0x102/0x1b0 [ 167.416378] ? lock_acquire+0x427/0x4c0 [ 167.416902] ? __pfx_iommufd_test+0x10/0x10 [ 167.417449] ? __pfx_lock_release+0x10/0x10 [ 167.418009] ? __pfx_lock_acquire+0x10/0x10 [ 167.418611] ? write_comp_data+0x2f/0x90 [ 167.419168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.419798] ? write_comp_data+0x2f/0x90 [ 167.420338] iommufd_fops_ioctl+0x37d/0x510 [ 167.420894] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.421521] ? write_comp_data+0x2f/0x90 [ 167.422055] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.422720] __x64_sys_ioctl+0x1a3/0x230 [ 167.423280] do_syscall_64+0x3b/0x90 [ 167.423774] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.424444] RIP: 0033:0x7f4b8743ee5d [ 167.424923] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.427249] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.428217] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.429115] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.430009] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.430943] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.431859] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.432775] [ 167.433076] irq event stamp: 0 [ 167.433483] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.434281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.435400] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.436456] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.437254] ---[ end trace 0000000000000000 ]--- [ 167.442126] ------------[ cut here ]------------ [ 167.443298] WARNING: CPU: 1 PID: 1581 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.444651] Modules linked in: [ 167.445084] CPU: 1 PID: 1581 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.446232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.447790] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.448473] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.451427] RSP: 0018:ffff88802192fbd0 EFLAGS: 00010246 [ 167.451983] RAX: 0000000000000000 RBX: ffff888023dc28a8 RCX: 0000000000000000 [ 167.452917] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 167.453930] RBP: ffff88802192fbe8 R08: ffffed10047b8533 R09: ffffed10047b8533 [ 167.454932] R10: ffff888023dc2993 R11: ffffed10047b8532 R12: ffff88800b9b4400 [ 167.456242] R13: ffff888023dc29e8 R14: ffff888020903600 R15: 0000000000000000 [ 167.457182] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.458448] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.459306] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 167.460263] PKRU: 55555554 [ 167.460750] Call Trace: [ 167.461166] [ 167.461479] iommufd_access_destroy_object+0x65/0x170 [ 167.462179] iommufd_object_destroy_user+0x18e/0x220 [ 167.462917] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.463857] iommufd_access_destroy+0x43/0x70 [ 167.464477] iommufd_test_staccess_release+0x8d/0xd0 [ 167.465169] __fput+0x26d/0xa40 [ 167.465638] ____fput+0x1e/0x30 [ 167.466233] task_work_run+0x1a4/0x2d0 [ 167.466826] ? __pfx_task_work_run+0x10/0x10 [ 167.467445] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.468103] ? switch_task_namespaces+0xa9/0xe0 [ 167.468850] do_exit+0xb17/0x2ef0 [ 167.469351] ? lock_acquire+0x427/0x4c0 [ 167.469897] ? __pfx_lock_release+0x10/0x10 [ 167.470481] ? __kasan_check_write+0x18/0x20 [ 167.471144] ? do_raw_spin_lock+0x132/0x2a0 [ 167.471864] ? __pfx_do_exit+0x10/0x10 [ 167.472396] ? debug_smp_processor_id+0x20/0x30 [ 167.473016] ? rcu_is_watching+0x19/0xb0 [ 167.473670] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.474346] ? trace_hardirqs_on+0x26/0x120 [ 167.474978] do_group_exit+0xe0/0x2b0 [ 167.475504] __x64_sys_exit_group+0x47/0x50 [ 167.476077] do_syscall_64+0x3b/0x90 [ 167.476766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.477462] RIP: 0033:0x7f4b87518a4d [ 167.477957] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.478948] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.479965] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.480894] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.481996] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.482977] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.483966] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.485020] [ 167.485337] irq event stamp: 0 [ 167.485761] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.486804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.487931] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.489141] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.490041] ---[ end trace 0000000000000000 ]--- [ 167.491685] ------------[ cut here ]------------ [ 167.492422] WARNING: CPU: 1 PID: 1581 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.493758] Modules linked in: [ 167.494295] CPU: 1 PID: 1581 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.495874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.497526] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.498207] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.500813] RSP: 0018:ffff88802192fb78 EFLAGS: 00010246 [ 167.501522] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.502652] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 167.503599] RBP: ffff88802192fb98 R08: ffffed10047b853e R09: ffffed10047b853e [ 167.504540] R10: ffff888023dc29ef R11: ffffed10047b853d R12: ffff888023dc2a90 [ 167.505633] R13: ffff888023dc28a8 R14: ffffffffffffffff R15: ffff88802192fc60 [ 167.506589] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.507832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.508596] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 167.509536] PKRU: 55555554 [ 167.510021] Call Trace: [ 167.510426] [ 167.510783] iommufd_ioas_destroy+0x53/0x70 [ 167.511382] iommufd_fops_release+0x1f7/0x370 [ 167.511991] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.512777] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.513502] ? write_comp_data+0x2f/0x90 [ 167.514060] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.514777] __fput+0x26d/0xa40 [ 167.515265] ____fput+0x1e/0x30 [ 167.515886] task_work_run+0x1a4/0x2d0 [ 167.516419] ? __pfx_task_work_run+0x10/0x10 [ 167.517010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.517727] ? switch_task_namespaces+0xa9/0xe0 [ 167.518429] do_exit+0xb17/0x2ef0 [ 167.518943] ? lock_acquire+0x427/0x4c0 [ 167.519507] ? __pfx_lock_release+0x10/0x10 [ 167.520092] ? __kasan_check_write+0x18/0x20 [ 167.520854] ? do_raw_spin_lock+0x132/0x2a0 [ 167.521432] ? __pfx_do_exit+0x10/0x10 [ 167.521968] ? debug_smp_processor_id+0x20/0x30 [ 167.522642] ? rcu_is_watching+0x19/0xb0 [ 167.523255] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.523935] ? trace_hardirqs_on+0x26/0x120 [ 167.524518] do_group_exit+0xe0/0x2b0 [ 167.525029] __x64_sys_exit_group+0x47/0x50 [ 167.525696] do_syscall_64+0x3b/0x90 [ 167.526273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.527016] RIP: 0033:0x7f4b87518a4d [ 167.527528] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.528342] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.529506] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.530438] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.531609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.532547] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.533476] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.534647] [ 167.534966] irq event stamp: 0 [ 167.535403] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.536231] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.537495] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.538622] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.539571] ---[ end trace 0000000000000000 ]--- [ 167.546380] ------------[ cut here ]------------ [ 167.547099] WARNING: CPU: 1 PID: 1582 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.548560] Modules linked in: [ 167.548992] CPU: 1 PID: 1582 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.550304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.551857] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.552527] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.555183] RSP: 0018:ffff88801872fbb8 EFLAGS: 00010246 [ 167.555954] RAX: 0000000000000000 RBX: ffff88800fb6b0a8 RCX: 0000000000000000 [ 167.556880] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 167.557963] RBP: ffff88801872fbd0 R08: ffffed1001f6d633 R09: ffffed1001f6d633 [ 167.558934] R10: ffff88800fb6b193 R11: ffffed1001f6d632 R12: ffff88802081d800 [ 167.559872] R13: ffff88800fb6b1e8 R14: ffffffff8352e670 R15: ffff88801872fe68 [ 167.560802] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.561846] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.562637] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 167.563584] PKRU: 55555554 [ 167.563963] Call Trace: [ 167.564304] [ 167.564609] __iommufd_access_detach+0x1c2/0x2b0 [ 167.565258] iommufd_access_change_pt+0x149/0x270 [ 167.565911] iommufd_access_replace+0xb4/0x120 [ 167.566570] iommufd_test+0x3e5/0x37e0 [ 167.567093] ? lock_release+0x532/0x770 [ 167.567662] ? __might_fault+0x102/0x1b0 [ 167.568213] ? lock_acquire+0x427/0x4c0 [ 167.568754] ? __pfx_iommufd_test+0x10/0x10 [ 167.569322] ? __pfx_lock_release+0x10/0x10 [ 167.569903] ? __pfx_lock_acquire+0x10/0x10 [ 167.570487] ? write_comp_data+0x2f/0x90 [ 167.571081] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.571751] ? write_comp_data+0x2f/0x90 [ 167.572306] iommufd_fops_ioctl+0x37d/0x510 [ 167.572881] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.573510] ? write_comp_data+0x2f/0x90 [ 167.574044] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.574704] __x64_sys_ioctl+0x1a3/0x230 [ 167.575341] do_syscall_64+0x3b/0x90 [ 167.575758] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.576273] RIP: 0033:0x7f4b8743ee5d [ 167.576640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.578434] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.579244] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.580006] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.580713] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.581440] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.582085] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.582784] [ 167.583052] irq event stamp: 0 [ 167.583360] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.583936] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.584698] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.585454] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.586021] ---[ end trace 0000000000000000 ]--- [ 167.589233] ------------[ cut here ]------------ [ 167.589710] WARNING: CPU: 1 PID: 1582 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.590728] Modules linked in: [ 167.591085] CPU: 1 PID: 1582 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.591911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.592917] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.593369] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.595017] RSP: 0018:ffff88801872fbd0 EFLAGS: 00010246 [ 167.595535] RAX: 0000000000000000 RBX: ffff88800fb6b0a8 RCX: 0000000000000000 [ 167.596134] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 167.596739] RBP: ffff88801872fbe8 R08: ffffed1001f6d633 R09: ffffed1001f6d633 [ 167.597336] R10: ffff88800fb6b193 R11: ffffed1001f6d632 R12: ffff888010e03800 [ 167.597945] R13: ffff88800fb6b1e8 R14: ffff888020c48500 R15: 0000000000000000 [ 167.598597] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.599356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.599858] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 167.600459] PKRU: 55555554 [ 167.600707] Call Trace: [ 167.600924] [ 167.601118] iommufd_access_destroy_object+0x65/0x170 [ 167.601555] iommufd_object_destroy_user+0x18e/0x220 [ 167.602002] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.602497] iommufd_access_destroy+0x43/0x70 [ 167.603004] iommufd_test_staccess_release+0x8d/0xd0 [ 167.603455] __fput+0x26d/0xa40 [ 167.603753] ____fput+0x1e/0x30 [ 167.604051] task_work_run+0x1a4/0x2d0 [ 167.604395] ? __pfx_task_work_run+0x10/0x10 [ 167.604774] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.605206] ? switch_task_namespaces+0xa9/0xe0 [ 167.605614] do_exit+0xb17/0x2ef0 [ 167.605912] ? lock_acquire+0x427/0x4c0 [ 167.606264] ? __pfx_lock_release+0x10/0x10 [ 167.606665] ? __kasan_check_write+0x18/0x20 [ 167.607165] ? do_raw_spin_lock+0x132/0x2a0 [ 167.607549] ? __pfx_do_exit+0x10/0x10 [ 167.607895] ? debug_smp_processor_id+0x20/0x30 [ 167.608304] ? rcu_is_watching+0x19/0xb0 [ 167.608658] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.609042] ? trace_hardirqs_on+0x26/0x120 [ 167.609417] do_group_exit+0xe0/0x2b0 [ 167.609738] __x64_sys_exit_group+0x47/0x50 [ 167.610098] do_syscall_64+0x3b/0x90 [ 167.610428] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.610912] RIP: 0033:0x7f4b87518a4d [ 167.611314] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.611871] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.612483] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.613073] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.613646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.614222] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.614822] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.615481] [ 167.615673] irq event stamp: 0 [ 167.615935] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.616443] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.617122] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.617785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.618291] ---[ end trace 0000000000000000 ]--- [ 167.619192] ------------[ cut here ]------------ [ 167.619579] WARNING: CPU: 1 PID: 1582 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.620399] Modules linked in: [ 167.620655] CPU: 1 PID: 1582 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.621354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.622246] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.622690] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.624238] RSP: 0018:ffff88801872fb78 EFLAGS: 00010246 [ 167.624676] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.625241] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 167.625812] RBP: ffff88801872fb98 R08: ffffed1001f6d63e R09: ffffed1001f6d63e [ 167.626385] R10: ffff88800fb6b1ef R11: ffffed1001f6d63d R12: ffff88800fb6b290 [ 167.626991] R13: ffff88800fb6b0a8 R14: ffffffffffffffff R15: ffff88801872fc60 [ 167.627639] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.628313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.628790] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 167.629374] PKRU: 55555554 [ 167.629600] Call Trace: [ 167.629805] [ 167.629995] iommufd_ioas_destroy+0x53/0x70 [ 167.630348] iommufd_fops_release+0x1f7/0x370 [ 167.630736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.631441] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.632019] ? write_comp_data+0x2f/0x90 [ 167.632500] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.633073] __fput+0x26d/0xa40 [ 167.633473] ____fput+0x1e/0x30 [ 167.633865] task_work_run+0x1a4/0x2d0 [ 167.634322] ? __pfx_task_work_run+0x10/0x10 [ 167.634878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.635459] ? switch_task_namespaces+0xa9/0xe0 [ 167.636005] do_exit+0xb17/0x2ef0 [ 167.636403] ? lock_acquire+0x427/0x4c0 [ 167.636870] ? __pfx_lock_release+0x10/0x10 [ 167.637370] ? __kasan_check_write+0x18/0x20 [ 167.637872] ? do_raw_spin_lock+0x132/0x2a0 [ 167.638357] ? __pfx_do_exit+0x10/0x10 [ 167.638837] ? debug_smp_processor_id+0x20/0x30 [ 167.639379] ? rcu_is_watching+0x19/0xb0 [ 167.639843] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.640362] ? trace_hardirqs_on+0x26/0x120 [ 167.640860] do_group_exit+0xe0/0x2b0 [ 167.641293] __x64_sys_exit_group+0x47/0x50 [ 167.641778] do_syscall_64+0x3b/0x90 [ 167.642213] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.642828] RIP: 0033:0x7f4b87518a4d [ 167.643265] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.643950] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.644786] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.645575] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.646362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.647318] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.648120] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.648919] [ 167.649185] irq event stamp: 0 [ 167.649541] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.650236] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.651201] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.652123] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.652819] ---[ end trace 0000000000000000 ]--- [ 167.657166] ------------[ cut here ]------------ [ 167.657563] WARNING: CPU: 0 PID: 1583 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.658335] Modules linked in: [ 167.658772] CPU: 0 PID: 1583 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.659438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.660286] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.660661] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.662034] RSP: 0018:ffff888023ff7bb8 EFLAGS: 00010246 [ 167.662431] RAX: 0000000000000000 RBX: ffff888010cd38a8 RCX: 0000000000000000 [ 167.662992] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 167.663549] RBP: ffff888023ff7bd0 R08: ffffed100219a733 R09: ffffed100219a733 [ 167.664083] R10: ffff888010cd3993 R11: ffffed100219a732 R12: ffff8880149b6c00 [ 167.664620] R13: ffff888010cd39e8 R14: ffffffff8352e670 R15: ffff888023ff7e68 [ 167.665155] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.665761] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.666194] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 167.666757] PKRU: 55555554 [ 167.666974] Call Trace: [ 167.667178] [ 167.667349] __iommufd_access_detach+0x1c2/0x2b0 [ 167.667722] iommufd_access_change_pt+0x149/0x270 [ 167.668106] iommufd_access_replace+0xb4/0x120 [ 167.668466] iommufd_test+0x3e5/0x37e0 [ 167.668763] ? lock_release+0x532/0x770 [ 167.669082] ? __might_fault+0x102/0x1b0 [ 167.669398] ? lock_acquire+0x427/0x4c0 [ 167.669710] ? __pfx_iommufd_test+0x10/0x10 [ 167.670039] ? __pfx_lock_release+0x10/0x10 [ 167.670380] ? __pfx_lock_acquire+0x10/0x10 [ 167.670748] ? write_comp_data+0x2f/0x90 [ 167.671075] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.671472] ? write_comp_data+0x2f/0x90 [ 167.671800] iommufd_fops_ioctl+0x37d/0x510 [ 167.672139] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.672524] ? write_comp_data+0x2f/0x90 [ 167.672837] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.673212] __x64_sys_ioctl+0x1a3/0x230 [ 167.673534] do_syscall_64+0x3b/0x90 [ 167.673829] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.674233] RIP: 0033:0x7f4b8743ee5d [ 167.674547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.675939] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.676524] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.677071] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.677611] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.678153] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.678733] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.679299] [ 167.679479] irq event stamp: 0 [ 167.679714] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.680192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.680828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.681460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.681936] ---[ end trace 0000000000000000 ]--- [ 167.684690] ------------[ cut here ]------------ [ 167.685081] WARNING: CPU: 0 PID: 1583 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.685846] Modules linked in: [ 167.686093] CPU: 0 PID: 1583 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.686785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.687645] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.688023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.689394] RSP: 0018:ffff888023ff7bd0 EFLAGS: 00010246 [ 167.689797] RAX: 0000000000000000 RBX: ffff888010cd38a8 RCX: 0000000000000000 [ 167.690333] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 167.690911] RBP: ffff888023ff7be8 R08: ffffed100219a733 R09: ffffed100219a733 [ 167.691460] R10: ffff888010cd3993 R11: ffffed100219a732 R12: ffff888014390c00 [ 167.692021] R13: ffff888010cd39e8 R14: ffff888013a63f00 R15: 0000000000000000 [ 167.692560] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.693164] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.693598] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 167.694134] PKRU: 55555554 [ 167.694352] Call Trace: [ 167.694570] [ 167.694746] iommufd_access_destroy_object+0x65/0x170 [ 167.695152] iommufd_object_destroy_user+0x18e/0x220 [ 167.695545] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.695991] iommufd_access_destroy+0x43/0x70 [ 167.696337] iommufd_test_staccess_release+0x8d/0xd0 [ 167.696735] __fput+0x26d/0xa40 [ 167.697003] ____fput+0x1e/0x30 [ 167.697264] task_work_run+0x1a4/0x2d0 [ 167.697567] ? __pfx_task_work_run+0x10/0x10 [ 167.697909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.698287] ? switch_task_namespaces+0xa9/0xe0 [ 167.698674] do_exit+0xb17/0x2ef0 [ 167.698943] ? lock_acquire+0x427/0x4c0 [ 167.699266] ? __pfx_lock_release+0x10/0x10 [ 167.699602] ? __kasan_check_write+0x18/0x20 [ 167.699938] ? do_raw_spin_lock+0x132/0x2a0 [ 167.700271] ? __pfx_do_exit+0x10/0x10 [ 167.700575] ? debug_smp_processor_id+0x20/0x30 [ 167.700930] ? rcu_is_watching+0x19/0xb0 [ 167.701245] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.701595] ? trace_hardirqs_on+0x26/0x120 [ 167.701933] do_group_exit+0xe0/0x2b0 [ 167.702232] __x64_sys_exit_group+0x47/0x50 [ 167.702584] do_syscall_64+0x3b/0x90 [ 167.702879] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.703292] RIP: 0033:0x7f4b87518a4d [ 167.703580] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.704053] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.704625] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.705162] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.705694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.706233] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.706797] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.707365] [ 167.707549] irq event stamp: 0 [ 167.707791] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.708278] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.709133] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.709765] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.710234] ---[ end trace 0000000000000000 ]--- [ 167.711089] ------------[ cut here ]------------ [ 167.711461] WARNING: CPU: 0 PID: 1583 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.712238] Modules linked in: [ 167.712524] CPU: 0 PID: 1583 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.713269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.714143] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.714632] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.716049] RSP: 0018:ffff888023ff7b78 EFLAGS: 00010246 [ 167.716461] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.717001] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 167.717543] RBP: ffff888023ff7b98 R08: ffffed100219a73e R09: ffffed100219a73e [ 167.718088] R10: ffff888010cd39ef R11: ffffed100219a73d R12: ffff888010cd3a90 [ 167.718660] R13: ffff888010cd38a8 R14: ffffffffffffffff R15: ffff888023ff7c60 [ 167.719214] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.719836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.720279] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 167.720815] PKRU: 55555554 [ 167.721030] Call Trace: [ 167.721228] [ 167.721402] iommufd_ioas_destroy+0x53/0x70 [ 167.721744] iommufd_fops_release+0x1f7/0x370 [ 167.722091] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.722471] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.722874] ? write_comp_data+0x2f/0x90 [ 167.723213] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.723602] __fput+0x26d/0xa40 [ 167.723869] ____fput+0x1e/0x30 [ 167.724125] task_work_run+0x1a4/0x2d0 [ 167.724430] ? __pfx_task_work_run+0x10/0x10 [ 167.724770] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.725150] ? switch_task_namespaces+0xa9/0xe0 [ 167.725506] do_exit+0xb17/0x2ef0 [ 167.725765] ? lock_acquire+0x427/0x4c0 [ 167.726071] ? __pfx_lock_release+0x10/0x10 [ 167.726398] ? __kasan_check_write+0x18/0x20 [ 167.726768] ? do_raw_spin_lock+0x132/0x2a0 [ 167.727098] ? __pfx_do_exit+0x10/0x10 [ 167.727418] ? debug_smp_processor_id+0x20/0x30 [ 167.727772] ? rcu_is_watching+0x19/0xb0 [ 167.728084] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.728442] ? trace_hardirqs_on+0x26/0x120 [ 167.728776] do_group_exit+0xe0/0x2b0 [ 167.729080] __x64_sys_exit_group+0x47/0x50 [ 167.729413] do_syscall_64+0x3b/0x90 [ 167.729709] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.730103] RIP: 0033:0x7f4b87518a4d [ 167.730386] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.730880] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.731470] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.732006] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.732541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.733086] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.733626] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.734169] [ 167.734353] irq event stamp: 0 [ 167.734611] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.735097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.735753] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.736388] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.736872] ---[ end trace 0000000000000000 ]--- [ 167.740930] ------------[ cut here ]------------ [ 167.741375] WARNING: CPU: 0 PID: 1584 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.742213] Modules linked in: [ 167.742456] CPU: 0 PID: 1584 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.743246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.744115] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.744504] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.745917] RSP: 0018:ffff888017847bb8 EFLAGS: 00010246 [ 167.746333] RAX: 0000000000000000 RBX: ffff88800b8128a8 RCX: 0000000000000000 [ 167.746905] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 167.747492] RBP: ffff888017847bd0 R08: ffffed1001702533 R09: ffffed1001702533 [ 167.748055] R10: ffff88800b812993 R11: ffffed1001702532 R12: ffff8880129c7400 [ 167.748617] R13: ffff88800b8129e8 R14: ffffffff8352e670 R15: ffff888017847e68 [ 167.749183] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.749805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.750262] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 167.750841] PKRU: 55555554 [ 167.751064] Call Trace: [ 167.751284] [ 167.751460] __iommufd_access_detach+0x1c2/0x2b0 [ 167.751849] iommufd_access_change_pt+0x149/0x270 [ 167.752242] iommufd_access_replace+0xb4/0x120 [ 167.752606] iommufd_test+0x3e5/0x37e0 [ 167.752911] ? lock_release+0x532/0x770 [ 167.753237] ? __might_fault+0x102/0x1b0 [ 167.753567] ? lock_acquire+0x427/0x4c0 [ 167.753892] ? __pfx_iommufd_test+0x10/0x10 [ 167.754227] ? __pfx_lock_release+0x10/0x10 [ 167.754590] ? __pfx_lock_acquire+0x10/0x10 [ 167.754942] ? write_comp_data+0x2f/0x90 [ 167.755288] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.755675] ? write_comp_data+0x2f/0x90 [ 167.756000] iommufd_fops_ioctl+0x37d/0x510 [ 167.756345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.756731] ? write_comp_data+0x2f/0x90 [ 167.757057] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.757438] __x64_sys_ioctl+0x1a3/0x230 [ 167.757770] do_syscall_64+0x3b/0x90 [ 167.758074] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.758491] RIP: 0033:0x7f4b8743ee5d [ 167.758807] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.760246] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.760858] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.761417] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.761965] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.762545] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.763105] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.763675] [ 167.763864] irq event stamp: 0 [ 167.764113] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.764604] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.765259] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.765910] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.766405] ---[ end trace 0000000000000000 ]--- [ 167.769334] ------------[ cut here ]------------ [ 167.769806] WARNING: CPU: 0 PID: 1584 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.770624] Modules linked in: [ 167.770873] CPU: 0 PID: 1584 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.771712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.772586] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.772995] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.774564] RSP: 0018:ffff888017847bd0 EFLAGS: 00010246 [ 167.774993] RAX: 0000000000000000 RBX: ffff88800b8128a8 RCX: 0000000000000000 [ 167.775692] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 167.776249] RBP: ffff888017847be8 R08: ffffed1001702533 R09: ffffed1001702533 [ 167.776815] R10: ffff88800b812993 R11: ffffed1001702532 R12: ffff8880149b6000 [ 167.777374] R13: ffff88800b8129e8 R14: ffff88800fa2d700 R15: 0000000000000000 [ 167.777939] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.778598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.779055] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 167.779611] PKRU: 55555554 [ 167.779826] Call Trace: [ 167.780026] [ 167.780201] iommufd_access_destroy_object+0x65/0x170 [ 167.780603] iommufd_object_destroy_user+0x18e/0x220 [ 167.781003] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.781460] iommufd_access_destroy+0x43/0x70 [ 167.781815] iommufd_test_staccess_release+0x8d/0xd0 [ 167.782221] __fput+0x26d/0xa40 [ 167.782494] ____fput+0x1e/0x30 [ 167.782780] task_work_run+0x1a4/0x2d0 [ 167.783089] ? __pfx_task_work_run+0x10/0x10 [ 167.783456] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.783832] ? switch_task_namespaces+0xa9/0xe0 [ 167.784207] do_exit+0xb17/0x2ef0 [ 167.784477] ? lock_acquire+0x427/0x4c0 [ 167.784799] ? __pfx_lock_release+0x10/0x10 [ 167.785145] ? __kasan_check_write+0x18/0x20 [ 167.785499] ? do_raw_spin_lock+0x132/0x2a0 [ 167.785836] ? __pfx_do_exit+0x10/0x10 [ 167.786153] ? debug_smp_processor_id+0x20/0x30 [ 167.786546] ? rcu_is_watching+0x19/0xb0 [ 167.786877] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.787253] ? trace_hardirqs_on+0x26/0x120 [ 167.787633] do_group_exit+0xe0/0x2b0 [ 167.787952] __x64_sys_exit_group+0x47/0x50 [ 167.788296] do_syscall_64+0x3b/0x90 [ 167.788617] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.789046] RIP: 0033:0x7f4b87518a4d [ 167.789352] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.789854] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.790461] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.791069] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.791668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.792244] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.792825] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.793402] [ 167.793594] irq event stamp: 0 [ 167.793852] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.794363] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.795063] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.795754] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.796266] ---[ end trace 0000000000000000 ]--- [ 167.797085] ------------[ cut here ]------------ [ 167.797634] WARNING: CPU: 0 PID: 1584 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.798484] Modules linked in: [ 167.798792] CPU: 0 PID: 1584 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.799507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.800487] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.801028] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.802793] RSP: 0018:ffff888017847b78 EFLAGS: 00010246 [ 167.803312] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.803882] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 167.804461] RBP: ffff888017847b98 R08: ffffed100170253e R09: ffffed100170253e [ 167.805032] R10: ffff88800b8129ef R11: ffffed100170253d R12: ffff88800b812a90 [ 167.805795] R13: ffff88800b8128a8 R14: ffffffffffffffff R15: ffff888017847c60 [ 167.806378] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.807052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.807536] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 167.808292] PKRU: 55555554 [ 167.808526] Call Trace: [ 167.808736] [ 167.808926] iommufd_ioas_destroy+0x53/0x70 [ 167.809280] iommufd_fops_release+0x1f7/0x370 [ 167.809652] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.810065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.810680] ? write_comp_data+0x2f/0x90 [ 167.811019] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.811438] __fput+0x26d/0xa40 [ 167.811725] ____fput+0x1e/0x30 [ 167.812004] task_work_run+0x1a4/0x2d0 [ 167.812333] ? __pfx_task_work_run+0x10/0x10 [ 167.812698] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.813168] ? switch_task_namespaces+0xa9/0xe0 [ 167.813685] do_exit+0xb17/0x2ef0 [ 167.813973] ? lock_acquire+0x427/0x4c0 [ 167.814306] ? __pfx_lock_release+0x10/0x10 [ 167.814689] ? __kasan_check_write+0x18/0x20 [ 167.815055] ? do_raw_spin_lock+0x132/0x2a0 [ 167.815448] ? __pfx_do_exit+0x10/0x10 [ 167.815804] ? debug_smp_processor_id+0x20/0x30 [ 167.816345] ? rcu_is_watching+0x19/0xb0 [ 167.816682] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.817054] ? trace_hardirqs_on+0x26/0x120 [ 167.817413] do_group_exit+0xe0/0x2b0 [ 167.817725] __x64_sys_exit_group+0x47/0x50 [ 167.818145] do_syscall_64+0x3b/0x90 [ 167.818599] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.819027] RIP: 0033:0x7f4b87518a4d [ 167.819339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.819831] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.820452] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.821108] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.821810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.822381] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.822994] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.823791] [ 167.823989] irq event stamp: 0 [ 167.824264] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.824786] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.825479] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.826362] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.826900] ---[ end trace 0000000000000000 ]--- [ 167.831298] ------------[ cut here ]------------ [ 167.831839] WARNING: CPU: 0 PID: 1585 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.832684] Modules linked in: [ 167.833024] CPU: 0 PID: 1585 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.833841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.834807] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.835225] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.836759] RSP: 0018:ffff888023ff7bb8 EFLAGS: 00010246 [ 167.837407] RAX: 0000000000000000 RBX: ffff888020b978a8 RCX: 0000000000000000 [ 167.838007] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 167.838628] RBP: ffff888023ff7bd0 R08: ffffed1004172f33 R09: ffffed1004172f33 [ 167.839239] R10: ffff888020b97993 R11: ffffed1004172f32 R12: ffff888010c0a800 [ 167.840047] R13: ffff888020b979e8 R14: ffffffff8352e670 R15: ffff888023ff7e68 [ 167.840652] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.841356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.841933] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 167.842707] PKRU: 55555554 [ 167.842948] Call Trace: [ 167.843176] [ 167.843371] __iommufd_access_detach+0x1c2/0x2b0 [ 167.843786] iommufd_access_change_pt+0x149/0x270 [ 167.844287] iommufd_access_replace+0xb4/0x120 [ 167.844829] iommufd_test+0x3e5/0x37e0 [ 167.845167] ? lock_release+0x532/0x770 [ 167.845514] ? __might_fault+0x102/0x1b0 [ 167.845872] ? lock_acquire+0x427/0x4c0 [ 167.846231] ? __pfx_iommufd_test+0x10/0x10 [ 167.846713] ? __pfx_lock_release+0x10/0x10 [ 167.847248] ? __pfx_lock_acquire+0x10/0x10 [ 167.847646] ? write_comp_data+0x2f/0x90 [ 167.848020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.848450] ? write_comp_data+0x2f/0x90 [ 167.848847] iommufd_fops_ioctl+0x37d/0x510 [ 167.849394] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.849832] ? write_comp_data+0x2f/0x90 [ 167.850201] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.850650] __x64_sys_ioctl+0x1a3/0x230 [ 167.851024] do_syscall_64+0x3b/0x90 [ 167.851467] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.852041] RIP: 0033:0x7f4b8743ee5d [ 167.852372] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.854161] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.854840] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.855476] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.856175] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.856935] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.857560] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.858192] [ 167.858458] irq event stamp: 0 [ 167.858902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.859477] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.860211] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.861016] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.861711] ---[ end trace 0000000000000000 ]--- [ 167.866779] ------------[ cut here ]------------ [ 167.867383] WARNING: CPU: 0 PID: 1585 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.868272] Modules linked in: [ 167.868558] CPU: 0 PID: 1585 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.869418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.870594] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.871038] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.872835] RSP: 0018:ffff888023ff7bd0 EFLAGS: 00010246 [ 167.873306] RAX: 0000000000000000 RBX: ffff888020b978a8 RCX: 0000000000000000 [ 167.873924] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 167.874580] RBP: ffff888023ff7be8 R08: ffffed1004172f33 R09: ffffed1004172f33 [ 167.875279] R10: ffff888020b97993 R11: ffffed1004172f32 R12: ffff8880129c4800 [ 167.875906] R13: ffff888020b979e8 R14: ffff88800fde0700 R15: 0000000000000000 [ 167.876528] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.877227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.877733] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 167.878350] PKRU: 55555554 [ 167.878629] Call Trace: [ 167.878859] [ 167.879061] iommufd_access_destroy_object+0x65/0x170 [ 167.879532] iommufd_object_destroy_user+0x18e/0x220 [ 167.879972] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.880487] iommufd_access_destroy+0x43/0x70 [ 167.880885] iommufd_test_staccess_release+0x8d/0xd0 [ 167.881329] __fput+0x26d/0xa40 [ 167.881630] ____fput+0x1e/0x30 [ 167.881925] task_work_run+0x1a4/0x2d0 [ 167.882270] ? __pfx_task_work_run+0x10/0x10 [ 167.882682] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.883123] ? switch_task_namespaces+0xa9/0xe0 [ 167.883547] do_exit+0xb17/0x2ef0 [ 167.883847] ? lock_acquire+0x427/0x4c0 [ 167.884200] ? __pfx_lock_release+0x10/0x10 [ 167.884586] ? __kasan_check_write+0x18/0x20 [ 167.884981] ? do_raw_spin_lock+0x132/0x2a0 [ 167.885358] ? __pfx_do_exit+0x10/0x10 [ 167.885704] ? debug_smp_processor_id+0x20/0x30 [ 167.886112] ? rcu_is_watching+0x19/0xb0 [ 167.886469] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.886894] ? trace_hardirqs_on+0x26/0x120 [ 167.887297] do_group_exit+0xe0/0x2b0 [ 167.887634] __x64_sys_exit_group+0x47/0x50 [ 167.888003] do_syscall_64+0x3b/0x90 [ 167.888332] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.888786] RIP: 0033:0x7f4b87518a4d [ 167.889110] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.889640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.890289] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.890922] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.891548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.892158] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.892770] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.893396] [ 167.893604] irq event stamp: 0 [ 167.893876] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.894422] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.895172] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.895890] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.896430] ---[ end trace 0000000000000000 ]--- [ 167.897267] ------------[ cut here ]------------ [ 167.897825] WARNING: CPU: 1 PID: 1585 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 167.898820] Modules linked in: [ 167.899138] CPU: 1 PID: 1585 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.900140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.901134] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 167.901705] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 167.903590] RSP: 0018:ffff888023ff7b78 EFLAGS: 00010246 [ 167.904255] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 167.904939] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 167.905640] RBP: ffff888023ff7b98 R08: ffffed1004172f3e R09: ffffed1004172f3e [ 167.906443] R10: ffff888020b979ef R11: ffffed1004172f3d R12: ffff888020b97a90 [ 167.907145] R13: ffff888020b978a8 R14: ffffffffffffffff R15: ffff888023ff7c60 [ 167.907889] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 167.908751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.909303] CR2: 00007f82e2b89000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 167.910137] PKRU: 55555554 [ 167.910413] Call Trace: [ 167.910676] [ 167.910894] iommufd_ioas_destroy+0x53/0x70 [ 167.911333] iommufd_fops_release+0x1f7/0x370 [ 167.911776] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.912432] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.912910] ? write_comp_data+0x2f/0x90 [ 167.913305] ? __pfx_iommufd_fops_release+0x10/0x10 [ 167.913792] __fput+0x26d/0xa40 [ 167.914181] ____fput+0x1e/0x30 [ 167.914621] task_work_run+0x1a4/0x2d0 [ 167.915000] ? __pfx_task_work_run+0x10/0x10 [ 167.915434] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.915923] ? switch_task_namespaces+0xa9/0xe0 [ 167.916511] do_exit+0xb17/0x2ef0 [ 167.916856] ? lock_acquire+0x427/0x4c0 [ 167.917253] ? __pfx_lock_release+0x10/0x10 [ 167.917697] ? __kasan_check_write+0x18/0x20 [ 167.918146] ? do_raw_spin_lock+0x132/0x2a0 [ 167.918695] ? __pfx_do_exit+0x10/0x10 [ 167.919080] ? debug_smp_processor_id+0x20/0x30 [ 167.919540] ? rcu_is_watching+0x19/0xb0 [ 167.919933] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.920525] ? trace_hardirqs_on+0x26/0x120 [ 167.920951] do_group_exit+0xe0/0x2b0 [ 167.921324] __x64_sys_exit_group+0x47/0x50 [ 167.921741] do_syscall_64+0x3b/0x90 [ 167.922121] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.922734] RIP: 0033:0x7f4b87518a4d [ 167.923097] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.923699] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.924491] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 167.925272] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 167.925958] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 167.926821] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 167.927519] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 167.928220] [ 167.928497] irq event stamp: 0 [ 167.928896] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.929501] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.930327] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.931214] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.931828] ---[ end trace 0000000000000000 ]--- [ 167.936920] ------------[ cut here ]------------ [ 167.937372] WARNING: CPU: 0 PID: 1586 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.938246] Modules linked in: [ 167.938559] CPU: 0 PID: 1586 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.939318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.940279] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.940702] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.942266] RSP: 0018:ffff88800f067bb8 EFLAGS: 00010246 [ 167.942747] RAX: 0000000000000000 RBX: ffff88800b9fd0a8 RCX: 0000000000000000 [ 167.943376] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 167.943986] RBP: ffff88800f067bd0 R08: ffffed100173fa33 R09: ffffed100173fa33 [ 167.944599] R10: ffff88800b9fd193 R11: ffffed100173fa32 R12: ffff88800b9b7c00 [ 167.945198] R13: ffff88800b9fd1e8 R14: ffffffff8352e670 R15: ffff88800f067e68 [ 167.945816] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.946537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.947041] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ef0 [ 167.947672] PKRU: 55555554 [ 167.947928] Call Trace: [ 167.948153] [ 167.948346] __iommufd_access_detach+0x1c2/0x2b0 [ 167.948766] iommufd_access_change_pt+0x149/0x270 [ 167.949196] iommufd_access_replace+0xb4/0x120 [ 167.949602] iommufd_test+0x3e5/0x37e0 [ 167.949939] ? lock_release+0x532/0x770 [ 167.950296] ? __might_fault+0x102/0x1b0 [ 167.950681] ? lock_acquire+0x427/0x4c0 [ 167.951036] ? __pfx_iommufd_test+0x10/0x10 [ 167.951417] ? __pfx_lock_release+0x10/0x10 [ 167.951796] ? __pfx_lock_acquire+0x10/0x10 [ 167.952173] ? write_comp_data+0x2f/0x90 [ 167.952534] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.952962] ? write_comp_data+0x2f/0x90 [ 167.953319] iommufd_fops_ioctl+0x37d/0x510 [ 167.953693] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.954114] ? write_comp_data+0x2f/0x90 [ 167.954475] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 167.954925] __x64_sys_ioctl+0x1a3/0x230 [ 167.955298] do_syscall_64+0x3b/0x90 [ 167.955631] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.956086] RIP: 0033:0x7f4b8743ee5d [ 167.956413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 167.957986] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 167.958670] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 167.959302] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 167.959926] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 167.960528] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 167.961135] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 167.961756] [ 167.961963] irq event stamp: 0 [ 167.962229] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 167.962767] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 167.963461] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 167.964154] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 167.964871] ---[ end trace 0000000000000000 ]--- [ 167.969548] ------------[ cut here ]------------ [ 167.970374] WARNING: CPU: 0 PID: 1586 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 167.971809] Modules linked in: [ 167.972188] CPU: 0 PID: 1586 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 167.973166] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 167.974415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 167.975024] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 167.977139] RSP: 0018:ffff88800f067bd0 EFLAGS: 00010246 [ 167.977749] RAX: 0000000000000000 RBX: ffff88800b9fd0a8 RCX: 0000000000000000 [ 167.978587] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 167.979398] RBP: ffff88800f067be8 R08: ffffed100173fa33 R09: ffffed100173fa33 [ 167.980195] R10: ffff88800b9fd193 R11: ffffed100173fa32 R12: ffff8880149b6400 [ 167.980992] R13: ffff88800b9fd1e8 R14: ffff888020e59d00 R15: 0000000000000000 [ 167.981783] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 167.982717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.983388] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 167.984187] PKRU: 55555554 [ 167.984512] Call Trace: [ 167.984807] [ 167.985071] iommufd_access_destroy_object+0x65/0x170 [ 167.985665] iommufd_object_destroy_user+0x18e/0x220 [ 167.986249] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 167.986953] iommufd_access_destroy+0x43/0x70 [ 167.987496] iommufd_test_staccess_release+0x8d/0xd0 [ 167.988085] __fput+0x26d/0xa40 [ 167.988485] ____fput+0x1e/0x30 [ 167.988878] task_work_run+0x1a4/0x2d0 [ 167.989339] ? __pfx_task_work_run+0x10/0x10 [ 167.989850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 167.990415] ? switch_task_namespaces+0xa9/0xe0 [ 167.990995] do_exit+0xb17/0x2ef0 [ 167.991411] ? lock_acquire+0x427/0x4c0 [ 167.991879] ? __pfx_lock_release+0x10/0x10 [ 167.992379] ? __kasan_check_write+0x18/0x20 [ 167.992888] ? do_raw_spin_lock+0x132/0x2a0 [ 167.993379] ? __pfx_do_exit+0x10/0x10 [ 167.993836] ? debug_smp_processor_id+0x20/0x30 [ 167.994371] ? rcu_is_watching+0x19/0xb0 [ 167.994875] ? _raw_spin_unlock_irq+0x2b/0x60 [ 167.995415] ? trace_hardirqs_on+0x26/0x120 [ 167.995918] do_group_exit+0xe0/0x2b0 [ 167.996359] __x64_sys_exit_group+0x47/0x50 [ 167.996857] do_syscall_64+0x3b/0x90 [ 167.997308] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 167.997911] RIP: 0033:0x7f4b87518a4d [ 167.998337] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 167.999067] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 167.999940] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.000730] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.001519] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.002307] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.003138] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.003945] [ 168.004210] irq event stamp: 0 [ 168.004564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.005261] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.006183] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.007140] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.007842] ---[ end trace 0000000000000000 ]--- [ 168.009328] ------------[ cut here ]------------ [ 168.009862] WARNING: CPU: 0 PID: 1586 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.011272] Modules linked in: [ 168.011537] CPU: 0 PID: 1586 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.012206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.013212] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.013607] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.015319] RSP: 0018:ffff88800f067b78 EFLAGS: 00010246 [ 168.015734] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.016285] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 168.016984] RBP: ffff88800f067b98 R08: ffffed100173fa3e R09: ffffed100173fa3e [ 168.017530] R10: ffff88800b9fd1ef R11: ffffed100173fa3d R12: ffff88800b9fd290 [ 168.018111] R13: ffff88800b9fd0a8 R14: ffffffffffffffff R15: ffff88800f067c60 [ 168.018800] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.019574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.020057] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 168.020611] PKRU: 55555554 [ 168.020833] Call Trace: [ 168.021034] [ 168.021210] iommufd_ioas_destroy+0x53/0x70 [ 168.021553] iommufd_fops_release+0x1f7/0x370 [ 168.021912] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.022301] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.022705] ? write_comp_data+0x2f/0x90 [ 168.023032] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.023439] __fput+0x26d/0xa40 [ 168.023709] ____fput+0x1e/0x30 [ 168.024076] task_work_run+0x1a4/0x2d0 [ 168.024393] ? __pfx_task_work_run+0x10/0x10 [ 168.024740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.025124] ? switch_task_namespaces+0xa9/0xe0 [ 168.025494] do_exit+0xb17/0x2ef0 [ 168.025763] ? lock_acquire+0x427/0x4c0 [ 168.026078] ? __pfx_lock_release+0x10/0x10 [ 168.026416] ? __kasan_check_write+0x18/0x20 [ 168.026778] ? do_raw_spin_lock+0x132/0x2a0 [ 168.027123] ? __pfx_do_exit+0x10/0x10 [ 168.027441] ? debug_smp_processor_id+0x20/0x30 [ 168.027810] ? rcu_is_watching+0x19/0xb0 [ 168.028125] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.028480] ? trace_hardirqs_on+0x26/0x120 [ 168.028815] do_group_exit+0xe0/0x2b0 [ 168.029105] __x64_sys_exit_group+0x47/0x50 [ 168.029432] do_syscall_64+0x3b/0x90 [ 168.029728] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.030136] RIP: 0033:0x7f4b87518a4d [ 168.030424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.030915] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.031500] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.032048] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.032609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.033154] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.033701] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.034255] [ 168.034437] irq event stamp: 0 [ 168.034714] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.035210] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.035860] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.036513] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.036996] ---[ end trace 0000000000000000 ]--- [ 168.041311] ------------[ cut here ]------------ [ 168.041691] WARNING: CPU: 0 PID: 1587 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.042637] Modules linked in: [ 168.042886] CPU: 0 PID: 1587 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.043570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.044446] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.044960] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.046463] RSP: 0018:ffff8880136f7bb8 EFLAGS: 00010246 [ 168.046970] RAX: 0000000000000000 RBX: ffff888010b9d0a8 RCX: 0000000000000000 [ 168.047542] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 168.048105] RBP: ffff8880136f7bd0 R08: ffffed1002173a33 R09: ffffed1002173a33 [ 168.048809] R10: ffff888010b9d193 R11: ffffed1002173a32 R12: ffff888013b21800 [ 168.049375] R13: ffff888010b9d1e8 R14: ffffffff8352e670 R15: ffff8880136f7e68 [ 168.049936] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.050616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.051079] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 168.051663] PKRU: 55555554 [ 168.051888] Call Trace: [ 168.052093] [ 168.052274] __iommufd_access_detach+0x1c2/0x2b0 [ 168.052676] iommufd_access_change_pt+0x149/0x270 [ 168.053095] iommufd_access_replace+0xb4/0x120 [ 168.053478] iommufd_test+0x3e5/0x37e0 [ 168.053789] ? lock_release+0x532/0x770 [ 168.054116] ? __might_fault+0x102/0x1b0 [ 168.054450] ? lock_acquire+0x427/0x4c0 [ 168.054803] ? __pfx_iommufd_test+0x10/0x10 [ 168.055165] ? __pfx_lock_release+0x10/0x10 [ 168.055521] ? __pfx_lock_acquire+0x10/0x10 [ 168.055876] ? write_comp_data+0x2f/0x90 [ 168.056215] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.056606] ? write_comp_data+0x2f/0x90 [ 168.056937] iommufd_fops_ioctl+0x37d/0x510 [ 168.057289] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.057678] ? write_comp_data+0x2f/0x90 [ 168.058016] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.058410] __x64_sys_ioctl+0x1a3/0x230 [ 168.058767] do_syscall_64+0x3b/0x90 [ 168.059077] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.059511] RIP: 0033:0x7f4b8743ee5d [ 168.059810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.061251] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.061857] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.062434] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.063016] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.063598] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.064162] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.064735] [ 168.064925] irq event stamp: 0 [ 168.065183] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.065692] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.066357] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.067035] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.067573] ---[ end trace 0000000000000000 ]--- [ 168.070747] ------------[ cut here ]------------ [ 168.071184] WARNING: CPU: 1 PID: 1587 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.072163] Modules linked in: [ 168.072443] CPU: 1 PID: 1587 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.073145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.074211] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.074709] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.076303] RSP: 0018:ffff8880136f7bd0 EFLAGS: 00010246 [ 168.076823] RAX: 0000000000000000 RBX: ffff888010b9d0a8 RCX: 0000000000000000 [ 168.077411] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 168.078083] RBP: ffff8880136f7be8 R08: ffffed1002173a33 R09: ffffed1002173a33 [ 168.078784] R10: ffff888010b9d193 R11: ffffed1002173a32 R12: ffff88801226dc00 [ 168.079394] R13: ffff888010b9d1e8 R14: ffff888020903200 R15: 0000000000000000 [ 168.079980] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.080785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.081262] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 168.081854] PKRU: 55555554 [ 168.082158] Call Trace: [ 168.082435] [ 168.082639] iommufd_access_destroy_object+0x65/0x170 [ 168.083072] iommufd_object_destroy_user+0x18e/0x220 [ 168.083512] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.083992] iommufd_access_destroy+0x43/0x70 [ 168.084447] iommufd_test_staccess_release+0x8d/0xd0 [ 168.084920] __fput+0x26d/0xa40 [ 168.085209] ____fput+0x1e/0x30 [ 168.085490] task_work_run+0x1a4/0x2d0 [ 168.085825] ? __pfx_task_work_run+0x10/0x10 [ 168.086270] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.086744] ? switch_task_namespaces+0xa9/0xe0 [ 168.087151] do_exit+0xb17/0x2ef0 [ 168.087443] ? lock_acquire+0x427/0x4c0 [ 168.087782] ? __pfx_lock_release+0x10/0x10 [ 168.088144] ? __kasan_check_write+0x18/0x20 [ 168.088645] ? do_raw_spin_lock+0x132/0x2a0 [ 168.089000] ? __pfx_do_exit+0x10/0x10 [ 168.089333] ? debug_smp_processor_id+0x20/0x30 [ 168.089723] ? rcu_is_watching+0x19/0xb0 [ 168.090060] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.090599] ? trace_hardirqs_on+0x26/0x120 [ 168.090969] do_group_exit+0xe0/0x2b0 [ 168.091297] __x64_sys_exit_group+0x47/0x50 [ 168.091657] do_syscall_64+0x3b/0x90 [ 168.091978] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.092450] RIP: 0033:0x7f4b87518a4d [ 168.092844] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.093352] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.093983] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.094752] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.095344] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.095928] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.096533] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.097228] [ 168.097428] irq event stamp: 0 [ 168.097695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.098213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.099048] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.099738] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.100255] ---[ end trace 0000000000000000 ]--- [ 168.101189] ------------[ cut here ]------------ [ 168.101584] WARNING: CPU: 1 PID: 1587 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.102422] Modules linked in: [ 168.102763] CPU: 1 PID: 1587 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.103525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.104475] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.104919] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.106461] RSP: 0018:ffff8880136f7b78 EFLAGS: 00010246 [ 168.106948] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.107568] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 168.108182] RBP: ffff8880136f7b98 R08: ffffed1002173a3e R09: ffffed1002173a3e [ 168.108788] R10: ffff888010b9d1ef R11: ffffed1002173a3d R12: ffff888010b9d290 [ 168.109395] R13: ffff888010b9d0a8 R14: ffffffffffffffff R15: ffff8880136f7c60 [ 168.110002] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.110699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.111206] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 168.111821] PKRU: 55555554 [ 168.112066] Call Trace: [ 168.112280] [ 168.112471] iommufd_ioas_destroy+0x53/0x70 [ 168.112842] iommufd_fops_release+0x1f7/0x370 [ 168.113231] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.113665] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.114088] ? write_comp_data+0x2f/0x90 [ 168.114446] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.114904] __fput+0x26d/0xa40 [ 168.115212] ____fput+0x1e/0x30 [ 168.115505] task_work_run+0x1a4/0x2d0 [ 168.115846] ? __pfx_task_work_run+0x10/0x10 [ 168.116231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.116658] ? switch_task_namespaces+0xa9/0xe0 [ 168.117077] do_exit+0xb17/0x2ef0 [ 168.117380] ? lock_acquire+0x427/0x4c0 [ 168.117732] ? __pfx_lock_release+0x10/0x10 [ 168.118111] ? __kasan_check_write+0x18/0x20 [ 168.118490] ? do_raw_spin_lock+0x132/0x2a0 [ 168.118891] ? __pfx_do_exit+0x10/0x10 [ 168.119244] ? debug_smp_processor_id+0x20/0x30 [ 168.119648] ? rcu_is_watching+0x19/0xb0 [ 168.120002] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.120395] ? trace_hardirqs_on+0x26/0x120 [ 168.120770] do_group_exit+0xe0/0x2b0 [ 168.121098] __x64_sys_exit_group+0x47/0x50 [ 168.121463] do_syscall_64+0x3b/0x90 [ 168.121791] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.122250] RIP: 0033:0x7f4b87518a4d [ 168.122603] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.123139] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.123794] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.124397] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.125051] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.125672] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.126298] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.126946] [ 168.127167] irq event stamp: 0 [ 168.127453] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.127997] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.128726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.129404] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.129918] ---[ end trace 0000000000000000 ]--- [ 168.134065] ------------[ cut here ]------------ [ 168.134492] WARNING: CPU: 0 PID: 1588 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.135366] Modules linked in: [ 168.135621] CPU: 0 PID: 1588 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.136307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.137187] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.137577] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.139030] RSP: 0018:ffff888021b97bb8 EFLAGS: 00010246 [ 168.139466] RAX: 0000000000000000 RBX: ffff88801496c0a8 RCX: 0000000000000000 [ 168.140023] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 168.140582] RBP: ffff888021b97bd0 R08: ffffed100292d833 R09: ffffed100292d833 [ 168.141140] R10: ffff88801496c193 R11: ffffed100292d832 R12: ffff888010f04800 [ 168.141701] R13: ffff88801496c1e8 R14: ffffffff8352e670 R15: ffff888021b97e68 [ 168.142258] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.142905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.143373] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 168.143936] PKRU: 55555554 [ 168.144159] Call Trace: [ 168.144363] [ 168.144542] __iommufd_access_detach+0x1c2/0x2b0 [ 168.144930] iommufd_access_change_pt+0x149/0x270 [ 168.145322] iommufd_access_replace+0xb4/0x120 [ 168.145700] iommufd_test+0x3e5/0x37e0 [ 168.146014] ? lock_release+0x532/0x770 [ 168.146341] ? __might_fault+0x102/0x1b0 [ 168.146688] ? lock_acquire+0x427/0x4c0 [ 168.147016] ? __pfx_iommufd_test+0x10/0x10 [ 168.147375] ? __pfx_lock_release+0x10/0x10 [ 168.147726] ? __pfx_lock_acquire+0x10/0x10 [ 168.148079] ? write_comp_data+0x2f/0x90 [ 168.148415] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.148806] ? write_comp_data+0x2f/0x90 [ 168.149141] iommufd_fops_ioctl+0x37d/0x510 [ 168.149490] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.149884] ? write_comp_data+0x2f/0x90 [ 168.150217] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.150622] __x64_sys_ioctl+0x1a3/0x230 [ 168.150959] do_syscall_64+0x3b/0x90 [ 168.151284] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.151706] RIP: 0033:0x7f4b8743ee5d [ 168.152002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.153437] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.154035] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.154616] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.155200] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.155762] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.156336] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.156913] [ 168.157103] irq event stamp: 0 [ 168.157359] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.157862] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.158564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.159258] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.159776] ---[ end trace 0000000000000000 ]--- [ 168.162582] ------------[ cut here ]------------ [ 168.162988] WARNING: CPU: 0 PID: 1588 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.163810] Modules linked in: [ 168.164069] CPU: 0 PID: 1588 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.164762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.165656] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.166061] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.167568] RSP: 0018:ffff888021b97bd0 EFLAGS: 00010246 [ 168.168003] RAX: 0000000000000000 RBX: ffff88801496c0a8 RCX: 0000000000000000 [ 168.168570] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 168.169144] RBP: ffff888021b97be8 R08: ffffed100292d833 R09: ffffed100292d833 [ 168.169716] R10: ffff88801496c193 R11: ffffed100292d832 R12: ffff888013b23c00 [ 168.170283] R13: ffff88801496c1e8 R14: ffff888013555e00 R15: 0000000000000000 [ 168.170873] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.171526] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.171994] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 168.172560] PKRU: 55555554 [ 168.172791] Call Trace: [ 168.173000] [ 168.173183] iommufd_access_destroy_object+0x65/0x170 [ 168.173605] iommufd_object_destroy_user+0x18e/0x220 [ 168.174031] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.174531] iommufd_access_destroy+0x43/0x70 [ 168.174905] iommufd_test_staccess_release+0x8d/0xd0 [ 168.175330] __fput+0x26d/0xa40 [ 168.175610] ____fput+0x1e/0x30 [ 168.175886] task_work_run+0x1a4/0x2d0 [ 168.176209] ? __pfx_task_work_run+0x10/0x10 [ 168.176573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.176972] ? switch_task_namespaces+0xa9/0xe0 [ 168.177363] do_exit+0xb17/0x2ef0 [ 168.177659] ? lock_acquire+0x427/0x4c0 [ 168.178007] ? __pfx_lock_release+0x10/0x10 [ 168.178384] ? __kasan_check_write+0x18/0x20 [ 168.178790] ? do_raw_spin_lock+0x132/0x2a0 [ 168.179184] ? __pfx_do_exit+0x10/0x10 [ 168.179527] ? debug_smp_processor_id+0x20/0x30 [ 168.179925] ? rcu_is_watching+0x19/0xb0 [ 168.180266] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.180655] ? trace_hardirqs_on+0x26/0x120 [ 168.181026] do_group_exit+0xe0/0x2b0 [ 168.181348] __x64_sys_exit_group+0x47/0x50 [ 168.181723] do_syscall_64+0x3b/0x90 [ 168.182057] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.182537] RIP: 0033:0x7f4b87518a4d [ 168.182862] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.183398] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.184047] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.184664] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.185283] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.185899] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.186563] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.187205] [ 168.187406] irq event stamp: 0 [ 168.187685] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.188229] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.188952] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.189678] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.190231] ---[ end trace 0000000000000000 ]--- [ 168.191038] ------------[ cut here ]------------ [ 168.191700] WARNING: CPU: 0 PID: 1588 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.192600] Modules linked in: [ 168.192880] CPU: 0 PID: 1588 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.193641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.194682] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.195159] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.196751] RSP: 0018:ffff888021b97b78 EFLAGS: 00010246 [ 168.197218] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.197847] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 168.198477] RBP: ffff888021b97b98 R08: ffffed100292d83e R09: ffffed100292d83e [ 168.199219] R10: ffff88801496c1ef R11: ffffed100292d83d R12: ffff88801496c290 [ 168.199902] R13: ffff88801496c0a8 R14: ffffffffffffffff R15: ffff888021b97c60 [ 168.200572] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.201325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.201866] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 168.202568] PKRU: 55555554 [ 168.202834] Call Trace: [ 168.203075] [ 168.203305] iommufd_ioas_destroy+0x53/0x70 [ 168.203718] iommufd_fops_release+0x1f7/0x370 [ 168.204143] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.204615] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.205086] ? write_comp_data+0x2f/0x90 [ 168.205471] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.205944] __fput+0x26d/0xa40 [ 168.206270] ____fput+0x1e/0x30 [ 168.206628] task_work_run+0x1a4/0x2d0 [ 168.207011] ? __pfx_task_work_run+0x10/0x10 [ 168.207448] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.207918] ? switch_task_namespaces+0xa9/0xe0 [ 168.208369] do_exit+0xb17/0x2ef0 [ 168.208702] ? lock_acquire+0x427/0x4c0 [ 168.209093] ? __pfx_lock_release+0x10/0x10 [ 168.209518] ? __kasan_check_write+0x18/0x20 [ 168.209949] ? do_raw_spin_lock+0x132/0x2a0 [ 168.210367] ? __pfx_do_exit+0x10/0x10 [ 168.210786] ? debug_smp_processor_id+0x20/0x30 [ 168.211251] ? rcu_is_watching+0x19/0xb0 [ 168.211643] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.212082] ? trace_hardirqs_on+0x26/0x120 [ 168.212502] do_group_exit+0xe0/0x2b0 [ 168.212863] __x64_sys_exit_group+0x47/0x50 [ 168.213274] do_syscall_64+0x3b/0x90 [ 168.213641] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.214150] RIP: 0033:0x7f4b87518a4d [ 168.214535] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.215133] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.215868] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.216568] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.217254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.217939] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.218657] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.219357] [ 168.219586] irq event stamp: 0 [ 168.219887] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.220494] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.221291] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.222098] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.223060] ---[ end trace 0000000000000000 ]--- [ 168.227607] ------------[ cut here ]------------ [ 168.228363] WARNING: CPU: 0 PID: 1589 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.229418] Modules linked in: [ 168.229756] CPU: 0 PID: 1589 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.230721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.231914] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.232575] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.234750] RSP: 0018:ffff888020b37bb8 EFLAGS: 00010246 [ 168.235332] RAX: 0000000000000000 RBX: ffff8880108848a8 RCX: 0000000000000000 [ 168.236073] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 168.236866] RBP: ffff888020b37bd0 R08: ffffed1002110933 R09: ffffed1002110933 [ 168.237861] R10: ffff888010884993 R11: ffffed1002110932 R12: ffff888012b66400 [ 168.238647] R13: ffff8880108849e8 R14: ffffffff8352e670 R15: ffff888020b37e68 [ 168.239407] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.240239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.240847] CR2: 00007f4b877410e8 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 168.241746] PKRU: 55555554 [ 168.242245] Call Trace: [ 168.242555] [ 168.242796] __iommufd_access_detach+0x1c2/0x2b0 [ 168.243327] iommufd_access_change_pt+0x149/0x270 [ 168.243841] iommufd_access_replace+0xb4/0x120 [ 168.244341] iommufd_test+0x3e5/0x37e0 [ 168.244768] ? lock_release+0x532/0x770 [ 168.245203] ? __might_fault+0x102/0x1b0 [ 168.245643] ? lock_acquire+0x427/0x4c0 [ 168.246073] ? __pfx_iommufd_test+0x10/0x10 [ 168.246880] ? __pfx_lock_release+0x10/0x10 [ 168.247362] ? __pfx_lock_acquire+0x10/0x10 [ 168.247825] ? write_comp_data+0x2f/0x90 [ 168.248262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.248776] ? write_comp_data+0x2f/0x90 [ 168.249218] iommufd_fops_ioctl+0x37d/0x510 [ 168.249679] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.250204] ? write_comp_data+0x2f/0x90 [ 168.250695] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.251582] __x64_sys_ioctl+0x1a3/0x230 [ 168.252026] do_syscall_64+0x3b/0x90 [ 168.252411] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.252959] RIP: 0033:0x7f4b8743ee5d [ 168.253345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.255445] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.256603] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.257356] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.258086] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.258878] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.259638] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.260716] [ 168.261106] irq event stamp: 0 [ 168.261434] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.262096] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.263023] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.263911] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.264579] ---[ end trace 0000000000000000 ]--- [ 168.268408] ------------[ cut here ]------------ [ 168.268973] WARNING: CPU: 0 PID: 1589 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.270357] Modules linked in: [ 168.270939] CPU: 0 PID: 1589 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.271858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.273043] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.273577] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.275679] RSP: 0018:ffff888020b37bd0 EFLAGS: 00010246 [ 168.276262] RAX: 0000000000000000 RBX: ffff8880108848a8 RCX: 0000000000000000 [ 168.276999] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 168.277735] RBP: ffff888020b37be8 R08: ffffed1002110933 R09: ffffed1002110933 [ 168.278470] R10: ffff888010884993 R11: ffffed1002110932 R12: ffff888010f06c00 [ 168.279270] R13: ffff8880108849e8 R14: ffff88800fd8c800 R15: 0000000000000000 [ 168.280021] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.280852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.281450] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 168.282189] PKRU: 55555554 [ 168.282487] Call Trace: [ 168.282791] [ 168.283039] iommufd_access_destroy_object+0x65/0x170 [ 168.283612] iommufd_object_destroy_user+0x18e/0x220 [ 168.284162] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.284770] iommufd_access_destroy+0x43/0x70 [ 168.285253] iommufd_test_staccess_release+0x8d/0xd0 [ 168.285787] __fput+0x26d/0xa40 [ 168.286149] ____fput+0x1e/0x30 [ 168.286499] task_work_run+0x1a4/0x2d0 [ 168.286963] ? __pfx_task_work_run+0x10/0x10 [ 168.287445] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.287974] ? switch_task_namespaces+0xa9/0xe0 [ 168.288478] do_exit+0xb17/0x2ef0 [ 168.288848] ? lock_acquire+0x427/0x4c0 [ 168.289284] ? __pfx_lock_release+0x10/0x10 [ 168.289743] ? __kasan_check_write+0x18/0x20 [ 168.290216] ? do_raw_spin_lock+0x132/0x2a0 [ 168.290727] ? __pfx_do_exit+0x10/0x10 [ 168.291171] ? debug_smp_processor_id+0x20/0x30 [ 168.291669] ? rcu_is_watching+0x19/0xb0 [ 168.292111] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.292584] ? trace_hardirqs_on+0x26/0x120 [ 168.293049] do_group_exit+0xe0/0x2b0 [ 168.293466] __x64_sys_exit_group+0x47/0x50 [ 168.293923] do_syscall_64+0x3b/0x90 [ 168.294322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.294909] RIP: 0033:0x7f4b87518a4d [ 168.295317] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.295958] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.296743] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.297503] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.298243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.299027] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.299784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.300537] [ 168.300781] irq event stamp: 0 [ 168.301112] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.301763] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.302665] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.303540] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.304180] ---[ end trace 0000000000000000 ]--- [ 168.305205] ------------[ cut here ]------------ [ 168.306013] WARNING: CPU: 0 PID: 1589 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.307187] Modules linked in: [ 168.307543] CPU: 0 PID: 1589 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.308457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.309629] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.310180] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.312675] RSP: 0018:ffff888020b37b78 EFLAGS: 00010246 [ 168.313234] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.313964] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 168.314754] RBP: ffff888020b37b98 R08: ffffed100211093e R09: ffffed100211093e [ 168.315532] R10: ffff8880108849ef R11: ffffed100211093d R12: ffff888010884a90 [ 168.316284] R13: ffff8880108848a8 R14: ffffffffffffffff R15: ffff888020b37c60 [ 168.317264] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.318306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.318949] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 168.319720] PKRU: 55555554 [ 168.320018] Call Trace: [ 168.320280] [ 168.320518] iommufd_ioas_destroy+0x53/0x70 [ 168.320975] iommufd_fops_release+0x1f7/0x370 [ 168.321442] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.322132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.322938] ? write_comp_data+0x2f/0x90 [ 168.323392] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.323908] __fput+0x26d/0xa40 [ 168.324277] ____fput+0x1e/0x30 [ 168.324623] task_work_run+0x1a4/0x2d0 [ 168.325033] ? __pfx_task_work_run+0x10/0x10 [ 168.325502] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.326024] ? switch_task_namespaces+0xa9/0xe0 [ 168.326569] do_exit+0xb17/0x2ef0 [ 168.326937] ? lock_acquire+0x427/0x4c0 [ 168.327375] ? __pfx_lock_release+0x10/0x10 [ 168.327840] ? __kasan_check_write+0x18/0x20 [ 168.328311] ? do_raw_spin_lock+0x132/0x2a0 [ 168.328768] ? __pfx_do_exit+0x10/0x10 [ 168.329191] ? debug_smp_processor_id+0x20/0x30 [ 168.329688] ? rcu_is_watching+0x19/0xb0 [ 168.330117] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.330632] ? trace_hardirqs_on+0x26/0x120 [ 168.331106] do_group_exit+0xe0/0x2b0 [ 168.331534] __x64_sys_exit_group+0x47/0x50 [ 168.331988] do_syscall_64+0x3b/0x90 [ 168.332391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.332934] RIP: 0033:0x7f4b87518a4d [ 168.333320] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.333950] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.334767] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.335540] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.336279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.336996] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.337712] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.338452] [ 168.338742] irq event stamp: 0 [ 168.339068] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.339751] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.340608] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.341466] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.342119] ---[ end trace 0000000000000000 ]--- [ 168.351416] ------------[ cut here ]------------ [ 168.352138] WARNING: CPU: 1 PID: 1590 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.353697] Modules linked in: [ 168.354145] CPU: 1 PID: 1590 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.355678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.357221] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.358111] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.360827] RSP: 0018:ffff8880137c7bb8 EFLAGS: 00010246 [ 168.361570] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 168.362635] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 168.363743] RBP: ffff8880137c7bd0 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 168.364725] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff888020fed000 [ 168.365898] R13: ffff88800b8161e8 R14: ffffffff8352e670 R15: ffff8880137c7e68 [ 168.366917] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.368255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.369070] CR2: 00007f4b877410e8 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 168.370126] PKRU: 55555554 [ 168.370644] Call Trace: [ 168.371000] [ 168.371344] __iommufd_access_detach+0x1c2/0x2b0 [ 168.372001] iommufd_access_change_pt+0x149/0x270 [ 168.372864] iommufd_access_replace+0xb4/0x120 [ 168.373518] iommufd_test+0x3e5/0x37e0 [ 168.374057] ? lock_release+0x532/0x770 [ 168.374674] ? __might_fault+0x102/0x1b0 [ 168.375299] ? lock_acquire+0x427/0x4c0 [ 168.375946] ? __pfx_iommufd_test+0x10/0x10 [ 168.376669] ? __pfx_lock_release+0x10/0x10 [ 168.377303] ? __pfx_lock_acquire+0x10/0x10 [ 168.377926] ? write_comp_data+0x2f/0x90 [ 168.378762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.379505] ? write_comp_data+0x2f/0x90 [ 168.380086] iommufd_fops_ioctl+0x37d/0x510 [ 168.380689] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.381586] ? write_comp_data+0x2f/0x90 [ 168.382176] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.382934] __x64_sys_ioctl+0x1a3/0x230 [ 168.383575] do_syscall_64+0x3b/0x90 [ 168.384236] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.385031] RIP: 0033:0x7f4b8743ee5d [ 168.385570] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.388334] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.389533] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.390681] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.391714] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.392911] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.393912] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.395191] [ 168.395542] irq event stamp: 0 [ 168.395983] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.396857] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.398219] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.399490] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.400412] ---[ end trace 0000000000000000 ]--- [ 168.406226] ------------[ cut here ]------------ [ 168.407030] WARNING: CPU: 1 PID: 1590 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.408702] Modules linked in: [ 168.409171] CPU: 1 PID: 1590 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.410634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.412230] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.412985] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.415882] RSP: 0018:ffff8880137c7bd0 EFLAGS: 00010246 [ 168.416678] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 168.417677] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 168.418940] RBP: ffff8880137c7be8 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 168.419973] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff88802081d000 [ 168.421038] R13: ffff88800b8161e8 R14: ffff888020982300 R15: 0000000000000000 [ 168.422108] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.423339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.424348] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 168.425338] PKRU: 55555554 [ 168.425749] Call Trace: [ 168.426115] [ 168.426439] iommufd_access_destroy_object+0x65/0x170 [ 168.427305] iommufd_object_destroy_user+0x18e/0x220 [ 168.428051] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.428881] iommufd_access_destroy+0x43/0x70 [ 168.429532] iommufd_test_staccess_release+0x8d/0xd0 [ 168.430248] __fput+0x26d/0xa40 [ 168.430805] ____fput+0x1e/0x30 [ 168.431336] task_work_run+0x1a4/0x2d0 [ 168.431904] ? __pfx_task_work_run+0x10/0x10 [ 168.432532] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.433231] ? switch_task_namespaces+0xa9/0xe0 [ 168.433924] do_exit+0xb17/0x2ef0 [ 168.434432] ? lock_acquire+0x427/0x4c0 [ 168.435079] ? __pfx_lock_release+0x10/0x10 [ 168.435738] ? __kasan_check_write+0x18/0x20 [ 168.436364] ? do_raw_spin_lock+0x132/0x2a0 [ 168.436975] ? __pfx_do_exit+0x10/0x10 [ 168.437540] ? debug_smp_processor_id+0x20/0x30 [ 168.438206] ? rcu_is_watching+0x19/0xb0 [ 168.438849] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.439543] ? trace_hardirqs_on+0x26/0x120 [ 168.440189] do_group_exit+0xe0/0x2b0 [ 168.440747] __x64_sys_exit_group+0x47/0x50 [ 168.441365] do_syscall_64+0x3b/0x90 [ 168.441919] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.442728] RIP: 0033:0x7f4b87518a4d [ 168.443300] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.444152] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.445202] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.446193] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.447283] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.448277] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.449269] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.450267] [ 168.450668] irq event stamp: 0 [ 168.451148] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.452013] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.453151] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.454275] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.455227] ---[ end trace 0000000000000000 ]--- [ 168.456627] ------------[ cut here ]------------ [ 168.457294] WARNING: CPU: 1 PID: 1590 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.458812] Modules linked in: [ 168.459312] CPU: 1 PID: 1590 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.460473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.462002] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.462835] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.465333] RSP: 0018:ffff8880137c7b78 EFLAGS: 00010246 [ 168.466077] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.467105] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 168.468099] RBP: ffff8880137c7b98 R08: ffffed1001702c3e R09: ffffed1001702c3e [ 168.469074] R10: ffff88800b8161ef R11: ffffed1001702c3d R12: ffff88800b816290 [ 168.470057] R13: ffff88800b8160a8 R14: ffffffffffffffff R15: ffff8880137c7c60 [ 168.471103] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.472205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.472974] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 168.473921] PKRU: 55555554 [ 168.474322] Call Trace: [ 168.474739] [ 168.475061] iommufd_ioas_destroy+0x53/0x70 [ 168.475666] iommufd_fops_release+0x1f7/0x370 [ 168.476290] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.477042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.477894] ? write_comp_data+0x2f/0x90 [ 168.478463] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.479224] __fput+0x26d/0xa40 [ 168.479702] ____fput+0x1e/0x30 [ 168.480165] task_work_run+0x1a4/0x2d0 [ 168.480726] ? __pfx_task_work_run+0x10/0x10 [ 168.481507] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.482316] ? switch_task_namespaces+0xa9/0xe0 [ 168.483055] do_exit+0xb17/0x2ef0 [ 168.483597] ? lock_acquire+0x427/0x4c0 [ 168.484209] ? __pfx_lock_release+0x10/0x10 [ 168.484909] ? __kasan_check_write+0x18/0x20 [ 168.485508] ? do_raw_spin_lock+0x132/0x2a0 [ 168.486091] ? __pfx_do_exit+0x10/0x10 [ 168.486811] ? debug_smp_processor_id+0x20/0x30 [ 168.487501] ? rcu_is_watching+0x19/0xb0 [ 168.488061] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.488678] ? trace_hardirqs_on+0x26/0x120 [ 168.489325] do_group_exit+0xe0/0x2b0 [ 168.489940] __x64_sys_exit_group+0x47/0x50 [ 168.490593] do_syscall_64+0x3b/0x90 [ 168.491144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.491879] RIP: 0033:0x7f4b87518a4d [ 168.492568] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.493411] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.494497] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.495612] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.496560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.497707] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.498697] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.499686] [ 168.500116] irq event stamp: 0 [ 168.500618] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.501450] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.502717] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.503833] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.504663] ---[ end trace 0000000000000000 ]--- [ 168.510114] ------------[ cut here ]------------ [ 168.510879] WARNING: CPU: 1 PID: 1591 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.511947] Modules linked in: [ 168.512282] CPU: 1 PID: 1591 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.513180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.514331] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.514854] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.516593] RSP: 0018:ffff888014a37bb8 EFLAGS: 00010246 [ 168.517098] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 168.517768] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 168.518438] RBP: ffff888014a37bd0 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 168.519142] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff888010826c00 [ 168.519822] R13: ffff88801609b1e8 R14: ffffffff8352e670 R15: ffff888014a37e68 [ 168.520503] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.521264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.521813] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ee0 [ 168.522487] PKRU: 55555554 [ 168.522773] Call Trace: [ 168.523021] [ 168.523262] __iommufd_access_detach+0x1c2/0x2b0 [ 168.523728] iommufd_access_change_pt+0x149/0x270 [ 168.524199] iommufd_access_replace+0xb4/0x120 [ 168.524647] iommufd_test+0x3e5/0x37e0 [ 168.525024] ? lock_release+0x532/0x770 [ 168.525402] ? __might_fault+0x102/0x1b0 [ 168.525787] ? lock_acquire+0x427/0x4c0 [ 168.526164] ? __pfx_iommufd_test+0x10/0x10 [ 168.526580] ? __pfx_lock_release+0x10/0x10 [ 168.526989] ? __pfx_lock_acquire+0x10/0x10 [ 168.527412] ? write_comp_data+0x2f/0x90 [ 168.527800] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.528258] ? write_comp_data+0x2f/0x90 [ 168.528651] iommufd_fops_ioctl+0x37d/0x510 [ 168.529064] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.529521] ? write_comp_data+0x2f/0x90 [ 168.529912] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.530361] __x64_sys_ioctl+0x1a3/0x230 [ 168.530776] do_syscall_64+0x3b/0x90 [ 168.531158] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.531650] RIP: 0033:0x7f4b8743ee5d [ 168.531993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.533646] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.534324] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.534982] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.535611] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.536229] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.536843] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.537465] [ 168.537671] irq event stamp: 0 [ 168.537947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.538491] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.539246] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.539969] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.540514] ---[ end trace 0000000000000000 ]--- [ 168.543519] ------------[ cut here ]------------ [ 168.543962] WARNING: CPU: 1 PID: 1591 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.544842] Modules linked in: [ 168.545122] CPU: 1 PID: 1591 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.545876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.546871] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.547317] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.548910] RSP: 0018:ffff888014a37bd0 EFLAGS: 00010246 [ 168.549373] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 168.549992] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 168.550635] RBP: ffff888014a37be8 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 168.551260] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff888020fec400 [ 168.551870] R13: ffff88801609b1e8 R14: ffff8880123ed400 R15: 0000000000000000 [ 168.552488] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.553185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.553686] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 168.554300] PKRU: 55555554 [ 168.554569] Call Trace: [ 168.554797] [ 168.554997] iommufd_access_destroy_object+0x65/0x170 [ 168.555479] iommufd_object_destroy_user+0x18e/0x220 [ 168.555930] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.556453] iommufd_access_destroy+0x43/0x70 [ 168.556855] iommufd_test_staccess_release+0x8d/0xd0 [ 168.557307] __fput+0x26d/0xa40 [ 168.557613] ____fput+0x1e/0x30 [ 168.557908] task_work_run+0x1a4/0x2d0 [ 168.558257] ? __pfx_task_work_run+0x10/0x10 [ 168.558671] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.559097] ? switch_task_namespaces+0xa9/0xe0 [ 168.559521] do_exit+0xb17/0x2ef0 [ 168.559821] ? lock_acquire+0x427/0x4c0 [ 168.560177] ? __pfx_lock_release+0x10/0x10 [ 168.560562] ? __kasan_check_write+0x18/0x20 [ 168.560954] ? do_raw_spin_lock+0x132/0x2a0 [ 168.561332] ? __pfx_do_exit+0x10/0x10 [ 168.561676] ? debug_smp_processor_id+0x20/0x30 [ 168.562079] ? rcu_is_watching+0x19/0xb0 [ 168.562431] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.562845] ? trace_hardirqs_on+0x26/0x120 [ 168.563236] do_group_exit+0xe0/0x2b0 [ 168.563572] __x64_sys_exit_group+0x47/0x50 [ 168.563941] do_syscall_64+0x3b/0x90 [ 168.564269] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.564722] RIP: 0033:0x7f4b87518a4d [ 168.565042] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.565565] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.566207] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.566834] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.567452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.568056] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.568660] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.569273] [ 168.569474] irq event stamp: 0 [ 168.569744] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.570289] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.571021] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.571744] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.572281] ---[ end trace 0000000000000000 ]--- [ 168.573091] ------------[ cut here ]------------ [ 168.573491] WARNING: CPU: 1 PID: 1591 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.574356] Modules linked in: [ 168.574650] CPU: 1 PID: 1591 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.575406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.576365] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.576811] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.578363] RSP: 0018:ffff888014a37b78 EFLAGS: 00010246 [ 168.578846] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.579453] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 168.580036] RBP: ffff888014a37b98 R08: ffffed1002c1363e R09: ffffed1002c1363e [ 168.580619] R10: ffff88801609b1ef R11: ffffed1002c1363d R12: ffff88801609b290 [ 168.581199] R13: ffff88801609b0a8 R14: ffffffffffffffff R15: ffff888014a37c60 [ 168.581779] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.582431] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.582921] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 168.583514] PKRU: 55555554 [ 168.583746] Call Trace: [ 168.583961] [ 168.584147] iommufd_ioas_destroy+0x53/0x70 [ 168.584511] iommufd_fops_release+0x1f7/0x370 [ 168.584886] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.585299] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.585707] ? write_comp_data+0x2f/0x90 [ 168.586051] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.586468] __fput+0x26d/0xa40 [ 168.586774] ____fput+0x1e/0x30 [ 168.587057] task_work_run+0x1a4/0x2d0 [ 168.587405] ? __pfx_task_work_run+0x10/0x10 [ 168.587774] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.588184] ? switch_task_namespaces+0xa9/0xe0 [ 168.588581] do_exit+0xb17/0x2ef0 [ 168.588872] ? lock_acquire+0x427/0x4c0 [ 168.589208] ? __pfx_lock_release+0x10/0x10 [ 168.589569] ? __kasan_check_write+0x18/0x20 [ 168.589935] ? do_raw_spin_lock+0x132/0x2a0 [ 168.590291] ? __pfx_do_exit+0x10/0x10 [ 168.590642] ? debug_smp_processor_id+0x20/0x30 [ 168.591030] ? rcu_is_watching+0x19/0xb0 [ 168.591372] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.591752] ? trace_hardirqs_on+0x26/0x120 [ 168.592113] do_group_exit+0xe0/0x2b0 [ 168.592428] __x64_sys_exit_group+0x47/0x50 [ 168.592783] do_syscall_64+0x3b/0x90 [ 168.593100] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.593534] RIP: 0033:0x7f4b87518a4d [ 168.593843] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.594344] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.594988] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.595583] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.596162] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.596744] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.597325] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.597915] [ 168.598115] irq event stamp: 0 [ 168.598376] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.598912] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.599641] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.600351] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.600893] ---[ end trace 0000000000000000 ]--- [ 168.605211] ------------[ cut here ]------------ [ 168.605650] WARNING: CPU: 1 PID: 1592 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.606496] Modules linked in: [ 168.606804] CPU: 1 PID: 1592 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.607517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.608381] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.608767] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.610172] RSP: 0018:ffff88801822fbb8 EFLAGS: 00010246 [ 168.610605] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 168.611163] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 168.611712] RBP: ffff88801822fbd0 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 168.612263] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff888012e96800 [ 168.612819] R13: ffff88801781f9e8 R14: ffffffff8352e670 R15: ffff88801822fe68 [ 168.613370] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.613988] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.614437] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 168.615002] PKRU: 55555554 [ 168.615231] Call Trace: [ 168.615434] [ 168.615610] __iommufd_access_detach+0x1c2/0x2b0 [ 168.615990] iommufd_access_change_pt+0x149/0x270 [ 168.616375] iommufd_access_replace+0xb4/0x120 [ 168.616742] iommufd_test+0x3e5/0x37e0 [ 168.617046] ? lock_release+0x532/0x770 [ 168.617368] ? __might_fault+0x102/0x1b0 [ 168.617691] ? lock_acquire+0x427/0x4c0 [ 168.618011] ? __pfx_iommufd_test+0x10/0x10 [ 168.618347] ? __pfx_lock_release+0x10/0x10 [ 168.618707] ? __pfx_lock_acquire+0x10/0x10 [ 168.619056] ? write_comp_data+0x2f/0x90 [ 168.619405] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.619788] ? write_comp_data+0x2f/0x90 [ 168.620119] iommufd_fops_ioctl+0x37d/0x510 [ 168.620465] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.620852] ? write_comp_data+0x2f/0x90 [ 168.621179] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.621560] __x64_sys_ioctl+0x1a3/0x230 [ 168.621888] do_syscall_64+0x3b/0x90 [ 168.622189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.622621] RIP: 0033:0x7f4b8743ee5d [ 168.622915] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.624328] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.624920] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.625479] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.626029] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.626593] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.627155] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.627715] [ 168.627898] irq event stamp: 0 [ 168.628145] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.628641] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.629291] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.629931] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.630426] ---[ end trace 0000000000000000 ]--- [ 168.633174] ------------[ cut here ]------------ [ 168.633606] WARNING: CPU: 1 PID: 1592 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.634457] Modules linked in: [ 168.634753] CPU: 1 PID: 1592 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.635496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.636436] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.636854] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.638441] RSP: 0018:ffff88801822fbd0 EFLAGS: 00010246 [ 168.638906] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 168.639508] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 168.640117] RBP: ffff88801822fbe8 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 168.640712] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff888010827000 [ 168.641305] R13: ffff88801781f9e8 R14: ffff888012186100 R15: 0000000000000000 [ 168.641908] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.642631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.643136] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 168.643736] PKRU: 55555554 [ 168.643974] Call Trace: [ 168.644192] [ 168.644383] iommufd_access_destroy_object+0x65/0x170 [ 168.644831] iommufd_object_destroy_user+0x18e/0x220 [ 168.645261] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.645750] iommufd_access_destroy+0x43/0x70 [ 168.646142] iommufd_test_staccess_release+0x8d/0xd0 [ 168.646606] __fput+0x26d/0xa40 [ 168.646903] ____fput+0x1e/0x30 [ 168.647201] task_work_run+0x1a4/0x2d0 [ 168.647543] ? __pfx_task_work_run+0x10/0x10 [ 168.647919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.648336] ? switch_task_namespaces+0xa9/0xe0 [ 168.648739] do_exit+0xb17/0x2ef0 [ 168.649036] ? lock_acquire+0x427/0x4c0 [ 168.649380] ? __pfx_lock_release+0x10/0x10 [ 168.649755] ? __kasan_check_write+0x18/0x20 [ 168.650131] ? do_raw_spin_lock+0x132/0x2a0 [ 168.650497] ? __pfx_do_exit+0x10/0x10 [ 168.650862] ? debug_smp_processor_id+0x20/0x30 [ 168.651275] ? rcu_is_watching+0x19/0xb0 [ 168.651628] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.652023] ? trace_hardirqs_on+0x26/0x120 [ 168.652403] do_group_exit+0xe0/0x2b0 [ 168.652736] __x64_sys_exit_group+0x47/0x50 [ 168.653103] do_syscall_64+0x3b/0x90 [ 168.653424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.653868] RIP: 0033:0x7f4b87518a4d [ 168.654183] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.654729] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.655379] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.655976] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.656569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.657166] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.657761] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.658366] [ 168.658583] irq event stamp: 0 [ 168.658855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.659398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.660097] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.660797] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.661333] ---[ end trace 0000000000000000 ]--- [ 168.662093] ------------[ cut here ]------------ [ 168.662494] WARNING: CPU: 1 PID: 1592 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.663409] Modules linked in: [ 168.663681] CPU: 1 PID: 1592 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.664414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.665356] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.665790] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.667542] RSP: 0018:ffff88801822fb78 EFLAGS: 00010246 [ 168.668003] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.668603] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 168.669259] RBP: ffff88801822fb98 R08: ffffed1002f03f3e R09: ffffed1002f03f3e [ 168.669858] R10: ffff88801781f9ef R11: ffffed1002f03f3d R12: ffff88801781fa90 [ 168.670450] R13: ffff88801781f8a8 R14: ffffffffffffffff R15: ffff88801822fc60 [ 168.671070] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.671756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.672253] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 168.672846] PKRU: 55555554 [ 168.673082] Call Trace: [ 168.673297] [ 168.673488] iommufd_ioas_destroy+0x53/0x70 [ 168.673860] iommufd_fops_release+0x1f7/0x370 [ 168.674248] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.674696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.675121] ? write_comp_data+0x2f/0x90 [ 168.675477] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.675900] __fput+0x26d/0xa40 [ 168.676193] ____fput+0x1e/0x30 [ 168.676478] task_work_run+0x1a4/0x2d0 [ 168.676819] ? __pfx_task_work_run+0x10/0x10 [ 168.677195] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.677610] ? switch_task_namespaces+0xa9/0xe0 [ 168.678013] do_exit+0xb17/0x2ef0 [ 168.678307] ? lock_acquire+0x427/0x4c0 [ 168.678673] ? __pfx_lock_release+0x10/0x10 [ 168.679051] ? __kasan_check_write+0x18/0x20 [ 168.679437] ? do_raw_spin_lock+0x132/0x2a0 [ 168.679804] ? __pfx_do_exit+0x10/0x10 [ 168.680141] ? debug_smp_processor_id+0x20/0x30 [ 168.680534] ? rcu_is_watching+0x19/0xb0 [ 168.680876] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.681267] ? trace_hardirqs_on+0x26/0x120 [ 168.681641] do_group_exit+0xe0/0x2b0 [ 168.681963] __x64_sys_exit_group+0x47/0x50 [ 168.682327] do_syscall_64+0x3b/0x90 [ 168.682668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.683110] RIP: 0033:0x7f4b87518a4d [ 168.683452] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.683970] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.684609] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.685207] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.685806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.686406] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.687018] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.687638] [ 168.687836] irq event stamp: 0 [ 168.688102] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.688629] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.689328] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.690024] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.690564] ---[ end trace 0000000000000000 ]--- [ 168.695436] ------------[ cut here ]------------ [ 168.695888] WARNING: CPU: 1 PID: 1593 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.696736] Modules linked in: [ 168.697004] CPU: 1 PID: 1593 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.697732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.698855] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.699284] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.700802] RSP: 0018:ffff88800f677bb8 EFLAGS: 00010246 [ 168.701316] RAX: 0000000000000000 RBX: ffff8880246658a8 RCX: 0000000000000000 [ 168.701909] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 168.702500] RBP: ffff88800f677bd0 R08: ffffed10048ccb33 R09: ffffed10048ccb33 [ 168.703127] R10: ffff888024665993 R11: ffffed10048ccb32 R12: ffff888012c04800 [ 168.703722] R13: ffff8880246659e8 R14: ffffffff8352e670 R15: ffff88800f677e68 [ 168.704316] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.704983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.705466] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 168.706060] PKRU: 55555554 [ 168.706297] Call Trace: [ 168.706526] [ 168.706715] __iommufd_access_detach+0x1c2/0x2b0 [ 168.707136] iommufd_access_change_pt+0x149/0x270 [ 168.707550] iommufd_access_replace+0xb4/0x120 [ 168.707940] iommufd_test+0x3e5/0x37e0 [ 168.708270] ? lock_release+0x532/0x770 [ 168.708613] ? __might_fault+0x102/0x1b0 [ 168.708959] ? lock_acquire+0x427/0x4c0 [ 168.709302] ? __pfx_iommufd_test+0x10/0x10 [ 168.709660] ? __pfx_lock_release+0x10/0x10 [ 168.710028] ? __pfx_lock_acquire+0x10/0x10 [ 168.710396] ? write_comp_data+0x2f/0x90 [ 168.710774] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.711198] ? write_comp_data+0x2f/0x90 [ 168.711554] iommufd_fops_ioctl+0x37d/0x510 [ 168.711923] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.712343] ? write_comp_data+0x2f/0x90 [ 168.712691] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.713098] __x64_sys_ioctl+0x1a3/0x230 [ 168.713450] do_syscall_64+0x3b/0x90 [ 168.713772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.714212] RIP: 0033:0x7f4b8743ee5d [ 168.714539] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.716091] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.716726] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.717318] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.717914] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.718537] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.719144] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.719755] [ 168.719953] irq event stamp: 0 [ 168.720219] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.720748] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.721449] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.722144] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.722691] ---[ end trace 0000000000000000 ]--- [ 168.725458] ------------[ cut here ]------------ [ 168.725885] WARNING: CPU: 1 PID: 1593 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.726773] Modules linked in: [ 168.727045] CPU: 1 PID: 1593 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.727785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.728713] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.729125] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.730661] RSP: 0018:ffff88800f677bd0 EFLAGS: 00010246 [ 168.731105] RAX: 0000000000000000 RBX: ffff8880246658a8 RCX: 0000000000000000 [ 168.731706] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 168.732299] RBP: ffff88800f677be8 R08: ffffed10048ccb33 R09: ffffed10048ccb33 [ 168.733093] R10: ffff888024665993 R11: ffffed10048ccb32 R12: ffff888012e95000 [ 168.733784] R13: ffff8880246659e8 R14: ffff88800fde3700 R15: 0000000000000000 [ 168.734390] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.735137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.735681] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 168.736288] PKRU: 55555554 [ 168.736530] Call Trace: [ 168.736750] [ 168.736979] iommufd_access_destroy_object+0x65/0x170 [ 168.737491] iommufd_object_destroy_user+0x18e/0x220 [ 168.737921] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.738411] iommufd_access_destroy+0x43/0x70 [ 168.738821] iommufd_test_staccess_release+0x8d/0xd0 [ 168.739270] __fput+0x26d/0xa40 [ 168.739701] ____fput+0x1e/0x30 [ 168.739992] task_work_run+0x1a4/0x2d0 [ 168.740332] ? __pfx_task_work_run+0x10/0x10 [ 168.740710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.741131] ? switch_task_namespaces+0xa9/0xe0 [ 168.741575] do_exit+0xb17/0x2ef0 [ 168.741968] ? lock_acquire+0x427/0x4c0 [ 168.742318] ? __pfx_lock_release+0x10/0x10 [ 168.742710] ? __kasan_check_write+0x18/0x20 [ 168.743085] ? do_raw_spin_lock+0x132/0x2a0 [ 168.743470] ? __pfx_do_exit+0x10/0x10 [ 168.743903] ? debug_smp_processor_id+0x20/0x30 [ 168.744365] ? rcu_is_watching+0x19/0xb0 [ 168.744721] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.745112] ? trace_hardirqs_on+0x26/0x120 [ 168.745481] do_group_exit+0xe0/0x2b0 [ 168.745821] __x64_sys_exit_group+0x47/0x50 [ 168.746300] do_syscall_64+0x3b/0x90 [ 168.746649] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.747092] RIP: 0033:0x7f4b87518a4d [ 168.747430] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.747939] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.748721] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.749316] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.749910] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.750663] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.751273] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.751873] [ 168.752072] irq event stamp: 0 [ 168.752364] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.752996] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.753706] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.754597] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.755207] ---[ end trace 0000000000000000 ]--- [ 168.755936] ------------[ cut here ]------------ [ 168.756333] WARNING: CPU: 1 PID: 1593 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.757344] Modules linked in: [ 168.757620] CPU: 1 PID: 1593 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.758356] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.759484] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.759931] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.761618] RSP: 0018:ffff88800f677b78 EFLAGS: 00010246 [ 168.762069] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.762690] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 168.763380] RBP: ffff88800f677b98 R08: ffffed10048ccb3e R09: ffffed10048ccb3e [ 168.764039] R10: ffff8880246659ef R11: ffffed10048ccb3d R12: ffff888024665a90 [ 168.764640] R13: ffff8880246658a8 R14: ffffffffffffffff R15: ffff88800f677c60 [ 168.765374] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.766109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.766619] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 168.767246] PKRU: 55555554 [ 168.767546] Call Trace: [ 168.767844] [ 168.768041] iommufd_ioas_destroy+0x53/0x70 [ 168.768421] iommufd_fops_release+0x1f7/0x370 [ 168.768808] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.769235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.769799] ? write_comp_data+0x2f/0x90 [ 168.770157] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.770605] __fput+0x26d/0xa40 [ 168.770904] ____fput+0x1e/0x30 [ 168.771211] task_work_run+0x1a4/0x2d0 [ 168.771558] ? __pfx_task_work_run+0x10/0x10 [ 168.771935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.772399] ? switch_task_namespaces+0xa9/0xe0 [ 168.772925] do_exit+0xb17/0x2ef0 [ 168.773224] ? lock_acquire+0x427/0x4c0 [ 168.773569] ? __pfx_lock_release+0x10/0x10 [ 168.773951] ? __kasan_check_write+0x18/0x20 [ 168.774331] ? do_raw_spin_lock+0x132/0x2a0 [ 168.774743] ? __pfx_do_exit+0x10/0x10 [ 168.775090] ? debug_smp_processor_id+0x20/0x30 [ 168.775508] ? rcu_is_watching+0x19/0xb0 [ 168.775859] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.776259] ? trace_hardirqs_on+0x26/0x120 [ 168.776734] do_group_exit+0xe0/0x2b0 [ 168.777112] __x64_sys_exit_group+0x47/0x50 [ 168.777480] do_syscall_64+0x3b/0x90 [ 168.777803] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.778243] RIP: 0033:0x7f4b87518a4d [ 168.778585] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.779109] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.779764] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.780374] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.781129] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.781727] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.782325] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.782962] [ 168.783177] irq event stamp: 0 [ 168.783449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.783982] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.784792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.785596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.786124] ---[ end trace 0000000000000000 ]--- [ 168.789840] ------------[ cut here ]------------ [ 168.790269] WARNING: CPU: 1 PID: 1594 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.791196] Modules linked in: [ 168.791593] CPU: 1 PID: 1594 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.792328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.793269] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.793688] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.795463] RSP: 0018:ffff88801822fbb8 EFLAGS: 00010246 [ 168.795917] RAX: 0000000000000000 RBX: ffff888011e398a8 RCX: 0000000000000000 [ 168.796509] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 168.797175] RBP: ffff88801822fbd0 R08: ffffed10023c7333 R09: ffffed10023c7333 [ 168.797767] R10: ffff888011e39993 R11: ffffed10023c7332 R12: ffff888013b20c00 [ 168.798436] R13: ffff888011e399e8 R14: ffffffff8352e670 R15: ffff88801822fe68 [ 168.799171] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.799848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.800332] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 168.800936] PKRU: 55555554 [ 168.801173] Call Trace: [ 168.801387] [ 168.801578] __iommufd_access_detach+0x1c2/0x2b0 [ 168.802069] iommufd_access_change_pt+0x149/0x270 [ 168.802594] iommufd_access_replace+0xb4/0x120 [ 168.802990] iommufd_test+0x3e5/0x37e0 [ 168.803329] ? lock_release+0x532/0x770 [ 168.803677] ? __might_fault+0x102/0x1b0 [ 168.804037] ? lock_acquire+0x427/0x4c0 [ 168.804381] ? __pfx_iommufd_test+0x10/0x10 [ 168.804744] ? __pfx_lock_release+0x10/0x10 [ 168.805111] ? __pfx_lock_acquire+0x10/0x10 [ 168.805486] ? write_comp_data+0x2f/0x90 [ 168.805927] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.806431] ? write_comp_data+0x2f/0x90 [ 168.806818] iommufd_fops_ioctl+0x37d/0x510 [ 168.807204] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.807623] ? write_comp_data+0x2f/0x90 [ 168.807976] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.808386] __x64_sys_ioctl+0x1a3/0x230 [ 168.808742] do_syscall_64+0x3b/0x90 [ 168.809073] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.809546] RIP: 0033:0x7f4b8743ee5d [ 168.809971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.811566] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.811813] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 168.812217] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.814659] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 168.815157] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.817381] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.817976] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.818590] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.819198] [ 168.819391] irq event stamp: 0 [ 168.819652] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.820175] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.820853] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.821488] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.821967] ---[ end trace 0000000000000000 ]--- [ 168.824901] ------------[ cut here ]------------ [ 168.825294] WARNING: CPU: 1 PID: 1594 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.826080] Modules linked in: [ 168.826331] CPU: 1 PID: 1594 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.827015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.828063] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.828451] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.829922] RSP: 0018:ffff88801822fbd0 EFLAGS: 00010246 [ 168.830414] RAX: 0000000000000000 RBX: ffff888011e398a8 RCX: 0000000000000000 [ 168.831042] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 168.831592] RBP: ffff88801822fbe8 R08: ffffed10023c7333 R09: ffffed10023c7333 [ 168.832137] R10: ffff888011e39993 R11: ffffed10023c7332 R12: ffff888012c06c00 [ 168.832682] R13: ffff888011e399e8 R14: ffff888011f03500 R15: 0000000000000000 [ 168.833231] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.833845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.834291] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 168.834852] PKRU: 55555554 [ 168.835082] Call Trace: [ 168.835291] [ 168.835470] iommufd_access_destroy_object+0x65/0x170 [ 168.835874] iommufd_object_destroy_user+0x18e/0x220 [ 168.836277] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.836734] iommufd_access_destroy+0x43/0x70 [ 168.837118] iommufd_test_staccess_release+0x8d/0xd0 [ 168.837669] __fput+0x26d/0xa40 [ 168.837941] ____fput+0x1e/0x30 [ 168.838207] task_work_run+0x1a4/0x2d0 [ 168.838539] ? __pfx_task_work_run+0x10/0x10 [ 168.838891] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.839284] ? switch_task_namespaces+0xa9/0xe0 [ 168.839657] do_exit+0xb17/0x2ef0 [ 168.839925] ? lock_acquire+0x427/0x4c0 [ 168.840242] ? __pfx_lock_release+0x10/0x10 [ 168.840582] ? __kasan_check_write+0x18/0x20 [ 168.840927] ? do_raw_spin_lock+0x132/0x2a0 [ 168.841266] ? __pfx_do_exit+0x10/0x10 [ 168.841576] ? debug_smp_processor_id+0x20/0x30 [ 168.841940] ? rcu_is_watching+0x19/0xb0 [ 168.842260] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.842638] ? trace_hardirqs_on+0x26/0x120 [ 168.842980] do_group_exit+0xe0/0x2b0 [ 168.843297] __x64_sys_exit_group+0x47/0x50 [ 168.843629] do_syscall_64+0x3b/0x90 [ 168.843924] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.844331] RIP: 0033:0x7f4b87518a4d [ 168.844622] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.845122] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.845897] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.846454] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.847024] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.847587] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.848159] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.848742] [ 168.848933] irq event stamp: 0 [ 168.849187] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.849698] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.850375] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.851067] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.851594] ---[ end trace 0000000000000000 ]--- [ 168.852337] ------------[ cut here ]------------ [ 168.852723] WARNING: CPU: 1 PID: 1594 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.853554] Modules linked in: [ 168.853818] CPU: 1 PID: 1594 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.854560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.855484] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.855905] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.857587] RSP: 0018:ffff88801822fb78 EFLAGS: 00010246 [ 168.858017] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.858608] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 168.859189] RBP: ffff88801822fb98 R08: ffffed10023c733e R09: ffffed10023c733e [ 168.859763] R10: ffff888011e399ef R11: ffffed10023c733d R12: ffff888011e39a90 [ 168.860333] R13: ffff888011e398a8 R14: ffffffffffffffff R15: ffff88801822fc60 [ 168.860904] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 168.861601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.862065] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 168.862650] PKRU: 55555554 [ 168.862883] Call Trace: [ 168.863090] [ 168.863285] iommufd_ioas_destroy+0x53/0x70 [ 168.863643] iommufd_fops_release+0x1f7/0x370 [ 168.864013] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.864416] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.864817] ? write_comp_data+0x2f/0x90 [ 168.865154] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.865559] __fput+0x26d/0xa40 [ 168.865841] ____fput+0x1e/0x30 [ 168.866206] task_work_run+0x1a4/0x2d0 [ 168.866666] ? __pfx_task_work_run+0x10/0x10 [ 168.867028] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.867434] ? switch_task_namespaces+0xa9/0xe0 [ 168.867822] do_exit+0xb17/0x2ef0 [ 168.868102] ? lock_acquire+0x427/0x4c0 [ 168.868434] ? __pfx_lock_release+0x10/0x10 [ 168.868790] ? __kasan_check_write+0x18/0x20 [ 168.869150] ? do_raw_spin_lock+0x132/0x2a0 [ 168.869502] ? __pfx_do_exit+0x10/0x10 [ 168.869875] ? debug_smp_processor_id+0x20/0x30 [ 168.870395] ? rcu_is_watching+0x19/0xb0 [ 168.870756] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.871142] ? trace_hardirqs_on+0x26/0x120 [ 168.871501] do_group_exit+0xe0/0x2b0 [ 168.871810] __x64_sys_exit_group+0x47/0x50 [ 168.872159] do_syscall_64+0x3b/0x90 [ 168.872471] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.872894] RIP: 0033:0x7f4b87518a4d [ 168.873191] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.873686] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.874298] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.874886] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.875482] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.876054] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.876630] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.877214] [ 168.877403] irq event stamp: 0 [ 168.877660] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.878257] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.879075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.879759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.880267] ---[ end trace 0000000000000000 ]--- [ 168.896708] ------------[ cut here ]------------ [ 168.897281] WARNING: CPU: 0 PID: 1596 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.898718] Modules linked in: [ 168.899110] CPU: 0 PID: 1596 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.900073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.900969] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.901374] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.902850] RSP: 0018:ffff88801822fbb8 EFLAGS: 00010246 [ 168.903290] RAX: 0000000000000000 RBX: ffff8880218b80a8 RCX: 0000000000000000 [ 168.903858] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 168.904424] RBP: ffff88801822fbd0 R08: ffffed1004317033 R09: ffffed1004317033 [ 168.905001] R10: ffff8880218b8193 R11: ffffed1004317032 R12: ffff88800fd83000 [ 168.905569] R13: ffff8880218b81e8 R14: ffffffff8352e670 R15: ffff88801822fe68 [ 168.906136] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.906797] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.907276] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 168.907848] PKRU: 55555554 [ 168.908080] Call Trace: [ 168.908289] [ 168.908472] __iommufd_access_detach+0x1c2/0x2b0 [ 168.908872] iommufd_access_change_pt+0x149/0x270 [ 168.909287] iommufd_access_replace+0xb4/0x120 [ 168.909675] iommufd_test+0x3e5/0x37e0 [ 168.909992] ? lock_release+0x532/0x770 [ 168.910326] ? __might_fault+0x102/0x1b0 [ 168.910908] ? lock_acquire+0x427/0x4c0 [ 168.911256] ? __pfx_iommufd_test+0x10/0x10 [ 168.911604] ? __pfx_lock_release+0x10/0x10 [ 168.911964] ? __pfx_lock_acquire+0x10/0x10 [ 168.912325] ? write_comp_data+0x2f/0x90 [ 168.912739] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.913246] ? write_comp_data+0x2f/0x90 [ 168.913593] iommufd_fops_ioctl+0x37d/0x510 [ 168.913954] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.914400] ? write_comp_data+0x2f/0x90 [ 168.914877] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 168.915293] __x64_sys_ioctl+0x1a3/0x230 [ 168.915645] do_syscall_64+0x3b/0x90 [ 168.915964] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.916415] RIP: 0033:0x7f4b8743ee5d [ 168.916859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 168.918355] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 168.919134] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 168.919711] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 168.920304] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 168.921008] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 168.921579] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 168.922159] [ 168.922347] irq event stamp: 0 [ 168.922624] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.923143] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.923804] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.924469] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.924970] ---[ end trace 0000000000000000 ]--- [ 168.927794] ------------[ cut here ]------------ [ 168.928200] WARNING: CPU: 0 PID: 1596 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.929009] Modules linked in: [ 168.929270] CPU: 0 PID: 1596 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.930048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.931109] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.931532] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.933018] RSP: 0018:ffff88801822fbd0 EFLAGS: 00010246 [ 168.933455] RAX: 0000000000000000 RBX: ffff8880218b80a8 RCX: 0000000000000000 [ 168.934039] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 168.934649] RBP: ffff88801822fbe8 R08: ffffed1004317033 R09: ffffed1004317033 [ 168.935260] R10: ffff8880218b8193 R11: ffffed1004317032 R12: ffff888012b64800 [ 168.935842] R13: ffff8880218b81e8 R14: ffff88800fa20e00 R15: 0000000000000000 [ 168.936425] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.937080] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.937554] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 168.938134] PKRU: 55555554 [ 168.938369] Call Trace: [ 168.938600] [ 168.938790] iommufd_access_destroy_object+0x65/0x170 [ 168.939237] iommufd_object_destroy_user+0x18e/0x220 [ 168.939664] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 168.940147] iommufd_access_destroy+0x43/0x70 [ 168.940526] iommufd_test_staccess_release+0x8d/0xd0 [ 168.940953] __fput+0x26d/0xa40 [ 168.941241] ____fput+0x1e/0x30 [ 168.941521] task_work_run+0x1a4/0x2d0 [ 168.941853] ? __pfx_task_work_run+0x10/0x10 [ 168.942226] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.942661] ? switch_task_namespaces+0xa9/0xe0 [ 168.943065] do_exit+0xb17/0x2ef0 [ 168.943369] ? lock_acquire+0x427/0x4c0 [ 168.943707] ? __pfx_lock_release+0x10/0x10 [ 168.944074] ? __kasan_check_write+0x18/0x20 [ 168.944455] ? do_raw_spin_lock+0x132/0x2a0 [ 168.944819] ? __pfx_do_exit+0x10/0x10 [ 168.945155] ? debug_smp_processor_id+0x20/0x30 [ 168.945549] ? rcu_is_watching+0x19/0xb0 [ 168.945891] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.946268] ? trace_hardirqs_on+0x26/0x120 [ 168.946651] do_group_exit+0xe0/0x2b0 [ 168.946967] __x64_sys_exit_group+0x47/0x50 [ 168.947334] do_syscall_64+0x3b/0x90 [ 168.947653] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.948085] RIP: 0033:0x7f4b87518a4d [ 168.948389] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.948890] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.949507] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.950084] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.950682] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.951277] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.951866] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.952462] [ 168.952658] irq event stamp: 0 [ 168.952920] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.953440] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.954129] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.954833] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.955367] ---[ end trace 0000000000000000 ]--- [ 168.956208] ------------[ cut here ]------------ [ 168.956803] WARNING: CPU: 0 PID: 1596 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 168.957647] Modules linked in: [ 168.957917] CPU: 0 PID: 1596 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.958787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.959744] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 168.960177] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 168.961953] RSP: 0018:ffff88801822fb78 EFLAGS: 00010246 [ 168.962401] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 168.963017] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 168.963625] RBP: ffff88801822fb98 R08: ffffed100431703e R09: ffffed100431703e [ 168.964324] R10: ffff8880218b81ef R11: ffffed100431703d R12: ffff8880218b8290 [ 168.965044] R13: ffff8880218b80a8 R14: ffffffffffffffff R15: ffff88801822fc60 [ 168.965632] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.966296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.966826] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 168.967435] PKRU: 55555554 [ 168.967673] Call Trace: [ 168.967925] [ 168.968171] iommufd_ioas_destroy+0x53/0x70 [ 168.968668] iommufd_fops_release+0x1f7/0x370 [ 168.969054] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.969472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.969887] ? write_comp_data+0x2f/0x90 [ 168.970237] ? __pfx_iommufd_fops_release+0x10/0x10 [ 168.970705] __fput+0x26d/0xa40 [ 168.971171] ____fput+0x1e/0x30 [ 168.971464] task_work_run+0x1a4/0x2d0 [ 168.971804] ? __pfx_task_work_run+0x10/0x10 [ 168.972179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 168.972591] ? switch_task_namespaces+0xa9/0xe0 [ 168.972991] do_exit+0xb17/0x2ef0 [ 168.973289] ? lock_acquire+0x427/0x4c0 [ 168.973627] ? __pfx_lock_release+0x10/0x10 [ 168.974057] ? __kasan_check_write+0x18/0x20 [ 168.974593] ? do_raw_spin_lock+0x132/0x2a0 [ 168.974963] ? __pfx_do_exit+0x10/0x10 [ 168.975314] ? debug_smp_processor_id+0x20/0x30 [ 168.975711] ? rcu_is_watching+0x19/0xb0 [ 168.976056] ? _raw_spin_unlock_irq+0x2b/0x60 [ 168.976439] ? trace_hardirqs_on+0x26/0x120 [ 168.976814] do_group_exit+0xe0/0x2b0 [ 168.977234] __x64_sys_exit_group+0x47/0x50 [ 168.977694] do_syscall_64+0x3b/0x90 [ 168.978023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 168.978468] RIP: 0033:0x7f4b87518a4d [ 168.978812] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 168.979339] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 168.979970] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 168.980561] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 168.981149] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 168.981739] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 168.982329] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 168.982949] [ 168.983161] irq event stamp: 0 [ 168.983434] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 168.983961] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 168.984663] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 168.985364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 168.985882] ---[ end trace 0000000000000000 ]--- [ 168.990333] ------------[ cut here ]------------ [ 168.990949] WARNING: CPU: 0 PID: 1597 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 168.991775] Modules linked in: [ 168.992032] CPU: 0 PID: 1597 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 168.992730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 168.993628] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 168.994023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 168.995507] RSP: 0018:ffff88802189fbb8 EFLAGS: 00010246 [ 168.995934] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 168.996498] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 168.997063] RBP: ffff88802189fbd0 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 168.997627] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff8880129c6800 [ 168.998191] R13: ffff888011f649e8 R14: ffffffff8352e670 R15: ffff88802189fe68 [ 168.998773] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 168.999432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.999893] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 169.000477] PKRU: 55555554 [ 169.000702] Call Trace: [ 169.000907] [ 169.001093] __iommufd_access_detach+0x1c2/0x2b0 [ 169.001491] iommufd_access_change_pt+0x149/0x270 [ 169.001895] iommufd_access_replace+0xb4/0x120 [ 169.002272] iommufd_test+0x3e5/0x37e0 [ 169.002608] ? lock_release+0x532/0x770 [ 169.002936] ? __might_fault+0x102/0x1b0 [ 169.003291] ? lock_acquire+0x427/0x4c0 [ 169.003622] ? __pfx_iommufd_test+0x10/0x10 [ 169.003967] ? __pfx_lock_release+0x10/0x10 [ 169.004322] ? __pfx_lock_acquire+0x10/0x10 [ 169.004676] ? write_comp_data+0x2f/0x90 [ 169.005010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.005405] ? write_comp_data+0x2f/0x90 [ 169.005739] iommufd_fops_ioctl+0x37d/0x510 [ 169.006082] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.006470] ? write_comp_data+0x2f/0x90 [ 169.006824] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.007226] __x64_sys_ioctl+0x1a3/0x230 [ 169.007565] do_syscall_64+0x3b/0x90 [ 169.007872] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.008290] RIP: 0033:0x7f4b8743ee5d [ 169.008592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.010035] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.010655] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.011231] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.011797] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.012363] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.012927] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.013504] [ 169.013692] irq event stamp: 0 [ 169.013943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.014445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.015122] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.015794] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.016302] ---[ end trace 0000000000000000 ]--- [ 169.019628] ------------[ cut here ]------------ [ 169.020056] WARNING: CPU: 0 PID: 1597 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.021086] Modules linked in: [ 169.021347] CPU: 0 PID: 1597 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.022130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.023212] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.023624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.025305] RSP: 0018:ffff88802189fbd0 EFLAGS: 00010246 [ 169.025752] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 169.026527] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 169.027108] RBP: ffff88802189fbe8 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 169.027780] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff88800fd81c00 [ 169.028631] R13: ffff888011f649e8 R14: ffff888013555000 R15: 0000000000000000 [ 169.029287] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 169.030186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.030747] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 169.031419] PKRU: 55555554 [ 169.031714] Call Trace: [ 169.032122] [ 169.032335] iommufd_access_destroy_object+0x65/0x170 [ 169.032815] iommufd_object_destroy_user+0x18e/0x220 [ 169.033292] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.034056] iommufd_access_destroy+0x43/0x70 [ 169.034487] iommufd_test_staccess_release+0x8d/0xd0 [ 169.034997] __fput+0x26d/0xa40 [ 169.035331] ____fput+0x1e/0x30 [ 169.035689] task_work_run+0x1a4/0x2d0 [ 169.036254] ? __pfx_task_work_run+0x10/0x10 [ 169.036667] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.037117] ? switch_task_namespaces+0xa9/0xe0 [ 169.037619] do_exit+0xb17/0x2ef0 [ 169.038038] ? lock_acquire+0x427/0x4c0 [ 169.038409] ? __pfx_lock_release+0x10/0x10 [ 169.038836] ? __kasan_check_write+0x18/0x20 [ 169.039258] ? do_raw_spin_lock+0x132/0x2a0 [ 169.039683] ? __pfx_do_exit+0x10/0x10 [ 169.040183] ? debug_smp_processor_id+0x20/0x30 [ 169.040631] ? rcu_is_watching+0x19/0xb0 [ 169.041022] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.041503] ? trace_hardirqs_on+0x26/0x120 [ 169.042087] do_group_exit+0xe0/0x2b0 [ 169.042454] __x64_sys_exit_group+0x47/0x50 [ 169.042892] do_syscall_64+0x3b/0x90 [ 169.043271] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.043801] RIP: 0033:0x7f4b87518a4d [ 169.044286] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.044871] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.045612] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.046432] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.047142] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.047821] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.048673] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.049327] [ 169.049551] irq event stamp: 0 [ 169.049872] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.050612] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.051399] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.052232] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.052940] ---[ end trace 0000000000000000 ]--- [ 169.053725] ------------[ cut here ]------------ [ 169.054299] WARNING: CPU: 0 PID: 1597 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.055311] Modules linked in: [ 169.055633] CPU: 0 PID: 1597 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.056699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.057825] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.058495] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.060413] RSP: 0018:ffff88802189fb78 EFLAGS: 00010246 [ 169.061023] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.061719] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 169.062601] RBP: ffff88802189fb98 R08: ffffed10023ec93e R09: ffffed10023ec93e [ 169.063314] R10: ffff888011f649ef R11: ffffed10023ec93d R12: ffff888011f64a90 [ 169.064005] R13: ffff888011f648a8 R14: ffffffffffffffff R15: ffff88802189fc60 [ 169.064864] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 169.065636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.066217] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 169.067073] PKRU: 55555554 [ 169.067372] Call Trace: [ 169.067626] [ 169.067847] iommufd_ioas_destroy+0x53/0x70 [ 169.068286] iommufd_fops_release+0x1f7/0x370 [ 169.068933] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.069454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.069967] ? write_comp_data+0x2f/0x90 [ 169.070398] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.071052] __fput+0x26d/0xa40 [ 169.071564] ____fput+0x1e/0x30 [ 169.071909] task_work_run+0x1a4/0x2d0 [ 169.072309] ? __pfx_task_work_run+0x10/0x10 [ 169.072768] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.073308] ? switch_task_namespaces+0xa9/0xe0 [ 169.073924] do_exit+0xb17/0x2ef0 [ 169.074280] ? lock_acquire+0x427/0x4c0 [ 169.074739] ? __pfx_lock_release+0x10/0x10 [ 169.075201] ? __kasan_check_write+0x18/0x20 [ 169.075697] ? do_raw_spin_lock+0x132/0x2a0 [ 169.076313] ? __pfx_do_exit+0x10/0x10 [ 169.076743] ? debug_smp_processor_id+0x20/0x30 [ 169.077231] ? rcu_is_watching+0x19/0xb0 [ 169.077702] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.078310] ? trace_hardirqs_on+0x26/0x120 [ 169.078812] do_group_exit+0xe0/0x2b0 [ 169.079233] __x64_sys_exit_group+0x47/0x50 [ 169.079688] do_syscall_64+0x3b/0x90 [ 169.080090] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.080806] RIP: 0033:0x7f4b87518a4d [ 169.081198] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.081832] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.082835] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.083591] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.084330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.085151] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.086017] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.086839] [ 169.087105] irq event stamp: 0 [ 169.087535] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.088355] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.089272] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.090420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.091177] ---[ end trace 0000000000000000 ]--- [ 169.095880] ------------[ cut here ]------------ [ 169.096572] WARNING: CPU: 0 PID: 1598 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.097798] Modules linked in: [ 169.098162] CPU: 0 PID: 1598 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.099190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.100425] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.100978] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.103019] RSP: 0018:ffff88801822fbb8 EFLAGS: 00010246 [ 169.103627] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 169.104412] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 169.105194] RBP: ffff88801822fbd0 R08: ffffed100173f333 R09: ffffed100173f333 [ 169.105967] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff888010827000 [ 169.106767] R13: ffff88800b9f99e8 R14: ffffffff8352e670 R15: ffff88801822fe68 [ 169.107560] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 169.108432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.109062] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 169.109840] PKRU: 55555554 [ 169.110153] Call Trace: [ 169.110439] [ 169.110720] __iommufd_access_detach+0x1c2/0x2b0 [ 169.111280] iommufd_access_change_pt+0x149/0x270 [ 169.111820] iommufd_access_replace+0xb4/0x120 [ 169.112332] iommufd_test+0x3e5/0x37e0 [ 169.112757] ? lock_release+0x532/0x770 [ 169.113201] ? __might_fault+0x102/0x1b0 [ 169.113653] ? lock_acquire+0x427/0x4c0 [ 169.114094] ? __pfx_iommufd_test+0x10/0x10 [ 169.114596] ? __pfx_lock_release+0x10/0x10 [ 169.115082] ? __pfx_lock_acquire+0x10/0x10 [ 169.115589] ? write_comp_data+0x2f/0x90 [ 169.116041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.116586] ? write_comp_data+0x2f/0x90 [ 169.117041] iommufd_fops_ioctl+0x37d/0x510 [ 169.117522] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.118062] ? write_comp_data+0x2f/0x90 [ 169.118557] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.119093] __x64_sys_ioctl+0x1a3/0x230 [ 169.119569] do_syscall_64+0x3b/0x90 [ 169.119986] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.120556] RIP: 0033:0x7f4b8743ee5d [ 169.120971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.123000] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.123859] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.124629] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.125395] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.126163] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.126956] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.127763] [ 169.128016] irq event stamp: 0 [ 169.128353] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.129022] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.129916] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.130841] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.131536] ---[ end trace 0000000000000000 ]--- [ 169.134717] ------------[ cut here ]------------ [ 169.135284] WARNING: CPU: 0 PID: 1598 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.136351] Modules linked in: [ 169.136692] CPU: 0 PID: 1598 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.137621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.139159] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.139719] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.141592] RSP: 0018:ffff88801822fbd0 EFLAGS: 00010246 [ 169.142153] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 169.142927] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 169.143685] RBP: ffff88801822fbe8 R08: ffffed100173f333 R09: ffffed100173f333 [ 169.144419] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff8880129c7800 [ 169.145156] R13: ffff88800b9f99e8 R14: ffff888012305600 R15: 0000000000000000 [ 169.145886] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 169.146741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.147370] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 169.148117] PKRU: 55555554 [ 169.148419] Call Trace: [ 169.148686] [ 169.148922] iommufd_access_destroy_object+0x65/0x170 [ 169.149462] iommufd_object_destroy_user+0x18e/0x220 [ 169.149998] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.150648] iommufd_access_destroy+0x43/0x70 [ 169.151162] iommufd_test_staccess_release+0x8d/0xd0 [ 169.151707] __fput+0x26d/0xa40 [ 169.152073] ____fput+0x1e/0x30 [ 169.152429] task_work_run+0x1a4/0x2d0 [ 169.152841] ? __pfx_task_work_run+0x10/0x10 [ 169.153298] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.153816] ? switch_task_namespaces+0xa9/0xe0 [ 169.154319] do_exit+0xb17/0x2ef0 [ 169.154724] ? lock_acquire+0x427/0x4c0 [ 169.155164] ? __pfx_lock_release+0x10/0x10 [ 169.155628] ? __kasan_check_write+0x18/0x20 [ 169.156094] ? do_raw_spin_lock+0x132/0x2a0 [ 169.156538] ? __pfx_do_exit+0x10/0x10 [ 169.156954] ? debug_smp_processor_id+0x20/0x30 [ 169.157451] ? rcu_is_watching+0x19/0xb0 [ 169.157888] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.158375] ? trace_hardirqs_on+0x26/0x120 [ 169.158875] do_group_exit+0xe0/0x2b0 [ 169.159303] __x64_sys_exit_group+0x47/0x50 [ 169.159760] do_syscall_64+0x3b/0x90 [ 169.160166] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.160710] RIP: 0033:0x7f4b87518a4d [ 169.161105] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.161756] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.162614] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.163408] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.164178] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.164925] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.165660] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.166413] [ 169.166705] irq event stamp: 0 [ 169.167044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.167723] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.168601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.169467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.170120] ---[ end trace 0000000000000000 ]--- [ 169.171043] ------------[ cut here ]------------ [ 169.171564] WARNING: CPU: 0 PID: 1598 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.172620] Modules linked in: [ 169.172967] CPU: 0 PID: 1598 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.173888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.175142] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.175694] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.177593] RSP: 0018:ffff88801822fb78 EFLAGS: 00010246 [ 169.178158] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.178936] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 169.179707] RBP: ffff88801822fb98 R08: ffffed100173f33e R09: ffffed100173f33e [ 169.180459] R10: ffff88800b9f99ef R11: ffffed100173f33d R12: ffff88800b9f9a90 [ 169.181208] R13: ffff88800b9f98a8 R14: ffffffffffffffff R15: ffff88801822fc60 [ 169.181958] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 169.182840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.183463] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 169.184199] PKRU: 55555554 [ 169.184505] Call Trace: [ 169.184777] [ 169.185019] iommufd_ioas_destroy+0x53/0x70 [ 169.185483] iommufd_fops_release+0x1f7/0x370 [ 169.185969] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.186506] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.187062] ? write_comp_data+0x2f/0x90 [ 169.187532] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.188065] __fput+0x26d/0xa40 [ 169.188438] ____fput+0x1e/0x30 [ 169.188796] task_work_run+0x1a4/0x2d0 [ 169.189217] ? __pfx_task_work_run+0x10/0x10 [ 169.189687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.190210] ? switch_task_namespaces+0xa9/0xe0 [ 169.190758] do_exit+0xb17/0x2ef0 [ 169.191147] ? lock_acquire+0x427/0x4c0 [ 169.191582] ? __pfx_lock_release+0x10/0x10 [ 169.192046] ? __kasan_check_write+0x18/0x20 [ 169.192518] ? do_raw_spin_lock+0x132/0x2a0 [ 169.193004] ? __pfx_do_exit+0x10/0x10 [ 169.193433] ? debug_smp_processor_id+0x20/0x30 [ 169.193932] ? rcu_is_watching+0x19/0xb0 [ 169.194367] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.194874] ? trace_hardirqs_on+0x26/0x120 [ 169.195326] do_group_exit+0xe0/0x2b0 [ 169.195704] __x64_sys_exit_group+0x47/0x50 [ 169.196123] do_syscall_64+0x3b/0x90 [ 169.196494] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.197003] RIP: 0033:0x7f4b87518a4d [ 169.197364] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.197959] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.198719] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.199421] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.200103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.200784] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.201470] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.202160] [ 169.202385] irq event stamp: 0 [ 169.202720] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.203335] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.204136] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.204950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.205553] ---[ end trace 0000000000000000 ]--- [ 169.210238] ------------[ cut here ]------------ [ 169.210974] WARNING: CPU: 1 PID: 1599 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.211942] Modules linked in: [ 169.212246] CPU: 1 PID: 1599 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.213062] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.214114] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.214621] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.216386] RSP: 0018:ffff88802189fbb8 EFLAGS: 00010246 [ 169.216891] RAX: 0000000000000000 RBX: ffff8880171b80a8 RCX: 0000000000000000 [ 169.217574] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 169.218253] RBP: ffff88802189fbd0 R08: ffffed1002e37033 R09: ffffed1002e37033 [ 169.218950] R10: ffff8880171b8193 R11: ffffed1002e37032 R12: ffff88800b9b4400 [ 169.219643] R13: ffff8880171b81e8 R14: ffffffff8352e670 R15: ffff88802189fe68 [ 169.220326] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.221099] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.221648] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 169.222327] PKRU: 55555554 [ 169.222627] Call Trace: [ 169.222886] [ 169.223111] __iommufd_access_detach+0x1c2/0x2b0 [ 169.223600] iommufd_access_change_pt+0x149/0x270 [ 169.224083] iommufd_access_replace+0xb4/0x120 [ 169.224549] iommufd_test+0x3e5/0x37e0 [ 169.224924] ? lock_release+0x532/0x770 [ 169.225320] ? __might_fault+0x102/0x1b0 [ 169.225716] ? lock_acquire+0x427/0x4c0 [ 169.226114] ? __pfx_iommufd_test+0x10/0x10 [ 169.226554] ? __pfx_lock_release+0x10/0x10 [ 169.226976] ? __pfx_lock_acquire+0x10/0x10 [ 169.227411] ? write_comp_data+0x2f/0x90 [ 169.227815] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.228295] ? write_comp_data+0x2f/0x90 [ 169.228703] iommufd_fops_ioctl+0x37d/0x510 [ 169.229119] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.229583] ? write_comp_data+0x2f/0x90 [ 169.229985] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.230443] __x64_sys_ioctl+0x1a3/0x230 [ 169.230868] do_syscall_64+0x3b/0x90 [ 169.231246] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.231743] RIP: 0033:0x7f4b8743ee5d [ 169.232097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.233796] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.234532] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.235222] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.235894] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.236562] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.237239] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.237920] [ 169.238144] irq event stamp: 0 [ 169.238447] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.239060] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.239862] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.240652] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.241250] ---[ end trace 0000000000000000 ]--- [ 169.244342] ------------[ cut here ]------------ [ 169.244829] WARNING: CPU: 1 PID: 1599 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.245775] Modules linked in: [ 169.246076] CPU: 1 PID: 1599 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.246916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.247986] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.248464] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.250182] RSP: 0018:ffff88802189fbd0 EFLAGS: 00010246 [ 169.250725] RAX: 0000000000000000 RBX: ffff8880171b80a8 RCX: 0000000000000000 [ 169.251423] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 169.252085] RBP: ffff88802189fbe8 R08: ffffed1002e37033 R09: ffffed1002e37033 [ 169.252750] R10: ffff8880171b8193 R11: ffffed1002e37032 R12: ffff888013b23c00 [ 169.253422] R13: ffff8880171b81e8 R14: ffff888020874700 R15: 0000000000000000 [ 169.254086] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.254859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.255426] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.256094] PKRU: 55555554 [ 169.256363] Call Trace: [ 169.256602] [ 169.256817] iommufd_access_destroy_object+0x65/0x170 [ 169.257308] iommufd_object_destroy_user+0x18e/0x220 [ 169.257792] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.258341] iommufd_access_destroy+0x43/0x70 [ 169.258822] iommufd_test_staccess_release+0x8d/0xd0 [ 169.259330] __fput+0x26d/0xa40 [ 169.259634] ____fput+0x1e/0x30 [ 169.259939] task_work_run+0x1a4/0x2d0 [ 169.260327] ? __pfx_task_work_run+0x10/0x10 [ 169.260709] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.261169] ? switch_task_namespaces+0xa9/0xe0 [ 169.261631] do_exit+0xb17/0x2ef0 [ 169.261973] ? lock_acquire+0x427/0x4c0 [ 169.262374] ? __pfx_lock_release+0x10/0x10 [ 169.262843] ? __kasan_check_write+0x18/0x20 [ 169.263303] ? do_raw_spin_lock+0x132/0x2a0 [ 169.263736] ? __pfx_do_exit+0x10/0x10 [ 169.264123] ? debug_smp_processor_id+0x20/0x30 [ 169.264571] ? rcu_is_watching+0x19/0xb0 [ 169.264959] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.265390] ? trace_hardirqs_on+0x26/0x120 [ 169.265815] do_group_exit+0xe0/0x2b0 [ 169.266179] __x64_sys_exit_group+0x47/0x50 [ 169.266620] do_syscall_64+0x3b/0x90 [ 169.266988] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.267514] RIP: 0033:0x7f4b87518a4d [ 169.267883] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.268464] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.269181] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.269863] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.270583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.271272] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.271940] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.272614] [ 169.272834] irq event stamp: 0 [ 169.273129] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.273716] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.274493] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.275337] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.275927] ---[ end trace 0000000000000000 ]--- [ 169.276761] ------------[ cut here ]------------ [ 169.277215] WARNING: CPU: 1 PID: 1599 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.278168] Modules linked in: [ 169.278466] CPU: 1 PID: 1599 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.279312] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.280378] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.280876] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.282604] RSP: 0018:ffff88802189fb78 EFLAGS: 00010246 [ 169.283099] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.283777] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 169.284446] RBP: ffff88802189fb98 R08: ffffed1002e3703e R09: ffffed1002e3703e [ 169.285101] R10: ffff8880171b81ef R11: ffffed1002e3703d R12: ffff8880171b8290 [ 169.285774] R13: ffff8880171b80a8 R14: ffffffffffffffff R15: ffff88802189fc60 [ 169.286448] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.287248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.287807] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.288477] PKRU: 55555554 [ 169.288745] Call Trace: [ 169.288988] [ 169.289203] iommufd_ioas_destroy+0x53/0x70 [ 169.289615] iommufd_fops_release+0x1f7/0x370 [ 169.290046] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.290552] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.291017] ? write_comp_data+0x2f/0x90 [ 169.291418] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.291895] __fput+0x26d/0xa40 [ 169.292228] ____fput+0x1e/0x30 [ 169.292552] task_work_run+0x1a4/0x2d0 [ 169.292935] ? __pfx_task_work_run+0x10/0x10 [ 169.293366] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.293845] ? switch_task_namespaces+0xa9/0xe0 [ 169.294299] do_exit+0xb17/0x2ef0 [ 169.294663] ? lock_acquire+0x427/0x4c0 [ 169.295049] ? __pfx_lock_release+0x10/0x10 [ 169.295474] ? __kasan_check_write+0x18/0x20 [ 169.295899] ? do_raw_spin_lock+0x132/0x2a0 [ 169.296308] ? __pfx_do_exit+0x10/0x10 [ 169.296688] ? debug_smp_processor_id+0x20/0x30 [ 169.297136] ? rcu_is_watching+0x19/0xb0 [ 169.297522] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.297953] ? trace_hardirqs_on+0x26/0x120 [ 169.298372] do_group_exit+0xe0/0x2b0 [ 169.298774] __x64_sys_exit_group+0x47/0x50 [ 169.299204] do_syscall_64+0x3b/0x90 [ 169.299571] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.300070] RIP: 0033:0x7f4b87518a4d [ 169.300420] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.300991] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.301703] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.302365] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.303068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.303762] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.304432] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.305111] [ 169.305338] irq event stamp: 0 [ 169.305636] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.306237] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.307068] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.307871] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.308466] ---[ end trace 0000000000000000 ]--- [ 169.314301] ------------[ cut here ]------------ [ 169.314865] WARNING: CPU: 1 PID: 1600 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.315845] Modules linked in: [ 169.316148] CPU: 1 PID: 1600 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.316983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.318059] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.318560] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.320310] RSP: 0018:ffff88800f22fbb8 EFLAGS: 00010246 [ 169.321284] RAX: 0000000000000000 RBX: ffff888023e1c8a8 RCX: 0000000000000000 [ 169.321969] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 169.322730] RBP: ffff88800f22fbd0 R08: ffffed10047c3933 R09: ffffed10047c3933 [ 169.323633] R10: ffff888023e1c993 R11: ffffed10047c3932 R12: ffff888013b16c00 [ 169.324303] R13: ffff888023e1c9e8 R14: ffffffff8352e670 R15: ffff88800f22fe68 [ 169.324979] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.325743] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.326454] CR2: 0000000020000140 CR3: 0000000014752000 CR4: 0000000000750ee0 [ 169.327167] PKRU: 55555554 [ 169.327447] Call Trace: [ 169.327699] [ 169.327922] __iommufd_access_detach+0x1c2/0x2b0 [ 169.328577] iommufd_access_change_pt+0x149/0x270 [ 169.329057] iommufd_access_replace+0xb4/0x120 [ 169.329511] iommufd_test+0x3e5/0x37e0 [ 169.329886] ? lock_release+0x532/0x770 [ 169.330275] ? __might_fault+0x102/0x1b0 [ 169.330855] ? lock_acquire+0x427/0x4c0 [ 169.331261] ? __pfx_iommufd_test+0x10/0x10 [ 169.331673] ? __pfx_lock_release+0x10/0x10 [ 169.332095] ? __pfx_lock_acquire+0x10/0x10 [ 169.332518] ? write_comp_data+0x2f/0x90 [ 169.332938] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.333541] ? write_comp_data+0x2f/0x90 [ 169.333944] iommufd_fops_ioctl+0x37d/0x510 [ 169.334363] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.334859] ? write_comp_data+0x2f/0x90 [ 169.335264] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.335893] __x64_sys_ioctl+0x1a3/0x230 [ 169.336289] do_syscall_64+0x3b/0x90 [ 169.336656] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.337176] RIP: 0033:0x7f4b8743ee5d [ 169.337541] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.339560] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.340298] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.341181] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.341860] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.342568] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.343443] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.344151] [ 169.344381] irq event stamp: 0 [ 169.344683] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.345478] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.346274] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.347097] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.347830] ---[ end trace 0000000000000000 ]--- [ 169.351317] ------------[ cut here ]------------ [ 169.351800] WARNING: CPU: 1 PID: 1600 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.352979] Modules linked in: [ 169.353290] CPU: 1 PID: 1600 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.354115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.355444] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.355930] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.357865] RSP: 0018:ffff88800f22fbd0 EFLAGS: 00010246 [ 169.358372] RAX: 0000000000000000 RBX: ffff888023e1c8a8 RCX: 0000000000000000 [ 169.359062] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 169.359884] RBP: ffff88800f22fbe8 R08: ffffed10047c3933 R09: ffffed10047c3933 [ 169.360660] R10: ffff888023e1c993 R11: ffffed10047c3932 R12: ffff88800b9b7c00 [ 169.361348] R13: ffff888023e1c9e8 R14: ffff88800fde3400 R15: 0000000000000000 [ 169.362220] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.363014] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.363582] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.364303] PKRU: 55555554 [ 169.364749] Call Trace: [ 169.364994] [ 169.365207] iommufd_access_destroy_object+0x65/0x170 [ 169.365719] iommufd_object_destroy_user+0x18e/0x220 [ 169.366210] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.366978] iommufd_access_destroy+0x43/0x70 [ 169.367431] iommufd_test_staccess_release+0x8d/0xd0 [ 169.367924] __fput+0x26d/0xa40 [ 169.368257] ____fput+0x1e/0x30 [ 169.368580] task_work_run+0x1a4/0x2d0 [ 169.368984] ? __pfx_task_work_run+0x10/0x10 [ 169.369569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.370040] ? switch_task_namespaces+0xa9/0xe0 [ 169.370496] do_exit+0xb17/0x2ef0 [ 169.370855] ? lock_acquire+0x427/0x4c0 [ 169.371253] ? __pfx_lock_release+0x10/0x10 [ 169.371789] ? __kasan_check_write+0x18/0x20 [ 169.372315] ? do_raw_spin_lock+0x132/0x2a0 [ 169.372732] ? __pfx_do_exit+0x10/0x10 [ 169.373122] ? debug_smp_processor_id+0x20/0x30 [ 169.373571] ? rcu_is_watching+0x19/0xb0 [ 169.374087] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.374672] ? trace_hardirqs_on+0x26/0x120 [ 169.375096] do_group_exit+0xe0/0x2b0 [ 169.375480] __x64_sys_exit_group+0x47/0x50 [ 169.375892] do_syscall_64+0x3b/0x90 [ 169.376263] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.376974] RIP: 0033:0x7f4b87518a4d [ 169.377327] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.377908] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.378715] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.379471] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.380147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.380814] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.381678] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.382360] [ 169.382602] irq event stamp: 0 [ 169.382902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.383537] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.384507] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.385289] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.386072] ---[ end trace 0000000000000000 ]--- [ 169.386908] ------------[ cut here ]------------ [ 169.387366] WARNING: CPU: 1 PID: 1600 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.388531] Modules linked in: [ 169.388831] CPU: 1 PID: 1600 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.389637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.390926] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.391420] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.393337] RSP: 0018:ffff88800f22fb78 EFLAGS: 00010246 [ 169.393840] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.394537] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 169.395430] RBP: ffff88800f22fb98 R08: ffffed10047c393e R09: ffffed10047c393e [ 169.396096] R10: ffff888023e1c9ef R11: ffffed10047c393d R12: ffff888023e1ca90 [ 169.396766] R13: ffff888023e1c8a8 R14: ffffffffffffffff R15: ffff88800f22fc60 [ 169.397583] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.398286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.398812] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.399551] PKRU: 55555554 [ 169.399878] Call Trace: [ 169.400105] [ 169.400308] iommufd_ioas_destroy+0x53/0x70 [ 169.400696] iommufd_fops_release+0x1f7/0x370 [ 169.401099] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.401708] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.402147] ? write_comp_data+0x2f/0x90 [ 169.402546] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.402989] __fput+0x26d/0xa40 [ 169.403306] ____fput+0x1e/0x30 [ 169.403662] task_work_run+0x1a4/0x2d0 [ 169.404134] ? __pfx_task_work_run+0x10/0x10 [ 169.404531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.404971] ? switch_task_namespaces+0xa9/0xe0 [ 169.405397] do_exit+0xb17/0x2ef0 [ 169.405770] ? lock_acquire+0x427/0x4c0 [ 169.406229] ? __pfx_lock_release+0x10/0x10 [ 169.406642] ? __kasan_check_write+0x18/0x20 [ 169.407039] ? do_raw_spin_lock+0x132/0x2a0 [ 169.407433] ? __pfx_do_exit+0x10/0x10 [ 169.407794] ? debug_smp_processor_id+0x20/0x30 [ 169.408321] ? rcu_is_watching+0x19/0xb0 [ 169.408766] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.409177] ? trace_hardirqs_on+0x26/0x120 [ 169.409570] do_group_exit+0xe0/0x2b0 [ 169.409912] __x64_sys_exit_group+0x47/0x50 [ 169.410477] do_syscall_64+0x3b/0x90 [ 169.410843] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.411321] RIP: 0033:0x7f4b87518a4d [ 169.411652] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.412193] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.413051] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.413679] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.414308] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.415103] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.415743] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.416379] [ 169.416587] irq event stamp: 0 [ 169.416943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.417578] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.418321] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.419211] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.419772] ---[ end trace 0000000000000000 ]--- [ 169.423801] ------------[ cut here ]------------ [ 169.424266] WARNING: CPU: 1 PID: 1601 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.425309] Modules linked in: [ 169.425589] CPU: 1 PID: 1601 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.426348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.427524] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.427961] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.429711] RSP: 0018:ffff88802189fbb8 EFLAGS: 00010246 [ 169.430176] RAX: 0000000000000000 RBX: ffff8880143b20a8 RCX: 0000000000000000 [ 169.430826] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 169.431605] RBP: ffff88802189fbd0 R08: ffffed1002876433 R09: ffffed1002876433 [ 169.432225] R10: ffff8880143b2193 R11: ffffed1002876432 R12: ffff888018aff000 [ 169.432838] R13: ffff8880143b21e8 R14: ffffffff8352e670 R15: ffff88802189fe68 [ 169.433608] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.434303] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.434828] CR2: 00007f4b877410e8 CR3: 0000000014752000 CR4: 0000000000750ee0 [ 169.435586] PKRU: 55555554 [ 169.435829] Call Trace: [ 169.436048] [ 169.436243] __iommufd_access_detach+0x1c2/0x2b0 [ 169.436657] iommufd_access_change_pt+0x149/0x270 [ 169.437064] iommufd_access_replace+0xb4/0x120 [ 169.437577] iommufd_test+0x3e5/0x37e0 [ 169.437902] ? lock_release+0x532/0x770 [ 169.438243] ? __might_fault+0x102/0x1b0 [ 169.438607] ? lock_acquire+0x427/0x4c0 [ 169.438947] ? __pfx_iommufd_test+0x10/0x10 [ 169.439311] ? __pfx_lock_release+0x10/0x10 [ 169.439794] ? __pfx_lock_acquire+0x10/0x10 [ 169.440163] ? write_comp_data+0x2f/0x90 [ 169.440508] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.440917] ? write_comp_data+0x2f/0x90 [ 169.441295] iommufd_fops_ioctl+0x37d/0x510 [ 169.441723] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.442129] ? write_comp_data+0x2f/0x90 [ 169.442477] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.442900] __x64_sys_ioctl+0x1a3/0x230 [ 169.443258] do_syscall_64+0x3b/0x90 [ 169.443576] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.444011] RIP: 0033:0x7f4b8743ee5d [ 169.444325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.445822] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.446445] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.447042] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.447638] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.448217] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.448797] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.449385] [ 169.449578] irq event stamp: 0 [ 169.449838] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.450356] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.451058] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.451747] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.452263] ---[ end trace 0000000000000000 ]--- [ 169.455103] ------------[ cut here ]------------ [ 169.455527] WARNING: CPU: 1 PID: 1601 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.456354] Modules linked in: [ 169.456618] CPU: 1 PID: 1601 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.457326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.458239] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.458907] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.460413] RSP: 0018:ffff88802189fbd0 EFLAGS: 00010246 [ 169.460850] RAX: 0000000000000000 RBX: ffff8880143b20a8 RCX: 0000000000000000 [ 169.461436] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 169.462019] RBP: ffff88802189fbe8 R08: ffffed1002876433 R09: ffffed1002876433 [ 169.462605] R10: ffff8880143b2193 R11: ffffed1002876432 R12: ffff888013b15c00 [ 169.463182] R13: ffff8880143b21e8 R14: ffff888010fd7e00 R15: 0000000000000000 [ 169.463744] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.464383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.464846] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.465414] PKRU: 55555554 [ 169.465639] Call Trace: [ 169.465844] [ 169.466023] iommufd_access_destroy_object+0x65/0x170 [ 169.466441] iommufd_object_destroy_user+0x18e/0x220 [ 169.466871] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.467344] iommufd_access_destroy+0x43/0x70 [ 169.467705] iommufd_test_staccess_release+0x8d/0xd0 [ 169.468113] __fput+0x26d/0xa40 [ 169.468389] ____fput+0x1e/0x30 [ 169.468660] task_work_run+0x1a4/0x2d0 [ 169.468978] ? __pfx_task_work_run+0x10/0x10 [ 169.469333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.469722] ? switch_task_namespaces+0xa9/0xe0 [ 169.470100] do_exit+0xb17/0x2ef0 [ 169.470374] ? lock_acquire+0x427/0x4c0 [ 169.470716] ? __pfx_lock_release+0x10/0x10 [ 169.471067] ? __kasan_check_write+0x18/0x20 [ 169.471429] ? do_raw_spin_lock+0x132/0x2a0 [ 169.471770] ? __pfx_do_exit+0x10/0x10 [ 169.472085] ? debug_smp_processor_id+0x20/0x30 [ 169.472454] ? rcu_is_watching+0x19/0xb0 [ 169.472771] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.473128] ? trace_hardirqs_on+0x26/0x120 [ 169.473471] do_group_exit+0xe0/0x2b0 [ 169.473773] __x64_sys_exit_group+0x47/0x50 [ 169.474107] do_syscall_64+0x3b/0x90 [ 169.474406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.474836] RIP: 0033:0x7f4b87518a4d [ 169.475142] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.475619] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.476205] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.476757] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.477309] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.477862] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.478412] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.478990] [ 169.479187] irq event stamp: 0 [ 169.479437] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.479932] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.480580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.481224] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.481711] ---[ end trace 0000000000000000 ]--- [ 169.482398] ------------[ cut here ]------------ [ 169.482793] WARNING: CPU: 1 PID: 1601 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.483596] Modules linked in: [ 169.483851] CPU: 1 PID: 1601 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.484526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.485407] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.485809] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.487243] RSP: 0018:ffff88802189fb78 EFLAGS: 00010246 [ 169.487657] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.488207] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 169.488759] RBP: ffff88802189fb98 R08: ffffed100287643e R09: ffffed100287643e [ 169.489308] R10: ffff8880143b21ef R11: ffffed100287643d R12: ffff8880143b2290 [ 169.489861] R13: ffff8880143b20a8 R14: ffffffffffffffff R15: ffff88802189fc60 [ 169.490413] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.491079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.491540] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.492090] PKRU: 55555554 [ 169.492311] Call Trace: [ 169.492511] [ 169.492690] iommufd_ioas_destroy+0x53/0x70 [ 169.493032] iommufd_fops_release+0x1f7/0x370 [ 169.493390] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.493785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.494171] ? write_comp_data+0x2f/0x90 [ 169.494498] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.494914] __fput+0x26d/0xa40 [ 169.495193] ____fput+0x1e/0x30 [ 169.495463] task_work_run+0x1a4/0x2d0 [ 169.495775] ? __pfx_task_work_run+0x10/0x10 [ 169.496124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.496508] ? switch_task_namespaces+0xa9/0xe0 [ 169.496880] do_exit+0xb17/0x2ef0 [ 169.497152] ? lock_acquire+0x427/0x4c0 [ 169.497471] ? __pfx_lock_release+0x10/0x10 [ 169.497813] ? __kasan_check_write+0x18/0x20 [ 169.498158] ? do_raw_spin_lock+0x132/0x2a0 [ 169.498493] ? __pfx_do_exit+0x10/0x10 [ 169.498828] ? debug_smp_processor_id+0x20/0x30 [ 169.499202] ? rcu_is_watching+0x19/0xb0 [ 169.499525] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.499884] ? trace_hardirqs_on+0x26/0x120 [ 169.500223] do_group_exit+0xe0/0x2b0 [ 169.500521] __x64_sys_exit_group+0x47/0x50 [ 169.500860] do_syscall_64+0x3b/0x90 [ 169.501159] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.501571] RIP: 0033:0x7f4b87518a4d [ 169.501861] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.502334] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.502943] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.503504] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.504053] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.504600] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.505150] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.505707] [ 169.505890] irq event stamp: 0 [ 169.506134] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.506642] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.507303] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.507946] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.508433] ---[ end trace 0000000000000000 ]--- [ 169.512774] ------------[ cut here ]------------ [ 169.513161] WARNING: CPU: 1 PID: 1602 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.513925] Modules linked in: [ 169.514167] CPU: 1 PID: 1602 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.514960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.515817] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.516190] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.517554] RSP: 0018:ffff888020d8fbb8 EFLAGS: 00010246 [ 169.517953] RAX: 0000000000000000 RBX: ffff888010b7f0a8 RCX: 0000000000000000 [ 169.518489] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 169.519042] RBP: ffff888020d8fbd0 R08: ffffed100216fe33 R09: ffffed100216fe33 [ 169.519586] R10: ffff888010b7f193 R11: ffffed100216fe32 R12: ffff8880129c5000 [ 169.520119] R13: ffff888010b7f1e8 R14: ffffffff8352e670 R15: ffff888020d8fe68 [ 169.520654] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.521254] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.521694] CR2: 0000000020000140 CR3: 00000000148b0000 CR4: 0000000000750ee0 [ 169.522242] PKRU: 55555554 [ 169.522459] Call Trace: [ 169.522673] [ 169.522846] __iommufd_access_detach+0x1c2/0x2b0 [ 169.523227] iommufd_access_change_pt+0x149/0x270 [ 169.523602] iommufd_access_replace+0xb4/0x120 [ 169.523958] iommufd_test+0x3e5/0x37e0 [ 169.524253] ? lock_release+0x532/0x770 [ 169.524569] ? __might_fault+0x102/0x1b0 [ 169.524885] ? lock_acquire+0x427/0x4c0 [ 169.525198] ? __pfx_iommufd_test+0x10/0x10 [ 169.525525] ? __pfx_lock_release+0x10/0x10 [ 169.525861] ? __pfx_lock_acquire+0x10/0x10 [ 169.526199] ? write_comp_data+0x2f/0x90 [ 169.526534] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.526915] ? write_comp_data+0x2f/0x90 [ 169.527250] iommufd_fops_ioctl+0x37d/0x510 [ 169.527582] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.527957] ? write_comp_data+0x2f/0x90 [ 169.528278] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.528648] __x64_sys_ioctl+0x1a3/0x230 [ 169.528972] do_syscall_64+0x3b/0x90 [ 169.529270] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.529669] RIP: 0033:0x7f4b8743ee5d [ 169.529951] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.531355] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.531933] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.532470] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.533009] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.533546] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.534083] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.534648] [ 169.534830] irq event stamp: 0 [ 169.535071] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.535565] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.536198] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.536829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.537311] ---[ end trace 0000000000000000 ]--- [ 169.540067] ------------[ cut here ]------------ [ 169.540454] WARNING: CPU: 1 PID: 1602 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.541205] Modules linked in: [ 169.541449] CPU: 1 PID: 1602 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.542110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.542987] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.543375] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.544752] RSP: 0018:ffff888020d8fbd0 EFLAGS: 00010246 [ 169.545156] RAX: 0000000000000000 RBX: ffff888010b7f0a8 RCX: 0000000000000000 [ 169.545691] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 169.546225] RBP: ffff888020d8fbe8 R08: ffffed100216fe33 R09: ffffed100216fe33 [ 169.546784] R10: ffff888010b7f193 R11: ffffed100216fe32 R12: ffff888018afdc00 [ 169.547337] R13: ffff888010b7f1e8 R14: ffff8880123eda00 R15: 0000000000000000 [ 169.547879] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.548489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.548929] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.549471] PKRU: 55555554 [ 169.549688] Call Trace: [ 169.549884] [ 169.550057] iommufd_access_destroy_object+0x65/0x170 [ 169.550456] iommufd_object_destroy_user+0x18e/0x220 [ 169.550881] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.551352] iommufd_access_destroy+0x43/0x70 [ 169.551710] iommufd_test_staccess_release+0x8d/0xd0 [ 169.552105] __fput+0x26d/0xa40 [ 169.552374] ____fput+0x1e/0x30 [ 169.552638] task_work_run+0x1a4/0x2d0 [ 169.552948] ? __pfx_task_work_run+0x10/0x10 [ 169.553292] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.553672] ? switch_task_namespaces+0xa9/0xe0 [ 169.554042] do_exit+0xb17/0x2ef0 [ 169.554315] ? lock_acquire+0x427/0x4c0 [ 169.554654] ? __pfx_lock_release+0x10/0x10 [ 169.554995] ? __kasan_check_write+0x18/0x20 [ 169.555358] ? do_raw_spin_lock+0x132/0x2a0 [ 169.555695] ? __pfx_do_exit+0x10/0x10 [ 169.556002] ? debug_smp_processor_id+0x20/0x30 [ 169.556364] ? rcu_is_watching+0x19/0xb0 [ 169.556687] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.557041] ? trace_hardirqs_on+0x26/0x120 [ 169.557377] do_group_exit+0xe0/0x2b0 [ 169.557674] __x64_sys_exit_group+0x47/0x50 [ 169.558006] do_syscall_64+0x3b/0x90 [ 169.558301] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.558724] RIP: 0033:0x7f4b87518a4d [ 169.559008] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.559477] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.560055] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.560598] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.561143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.561682] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.562221] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.562774] [ 169.562951] irq event stamp: 0 [ 169.563206] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.563685] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.564321] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.564976] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.565453] ---[ end trace 0000000000000000 ]--- [ 169.566133] ------------[ cut here ]------------ [ 169.566494] WARNING: CPU: 1 PID: 1602 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.567303] Modules linked in: [ 169.567552] CPU: 1 PID: 1602 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.568221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.569073] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.569467] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.570862] RSP: 0018:ffff888020d8fb78 EFLAGS: 00010246 [ 169.571269] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.571787] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 169.572309] RBP: ffff888020d8fb98 R08: ffffed100216fe3e R09: ffffed100216fe3e [ 169.572832] R10: ffff888010b7f1ef R11: ffffed100216fe3d R12: ffff888010b7f290 [ 169.573357] R13: ffff888010b7f0a8 R14: ffffffffffffffff R15: ffff888020d8fc60 [ 169.573880] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.574463] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.574901] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.575442] PKRU: 55555554 [ 169.575661] Call Trace: [ 169.575859] [ 169.576067] iommufd_ioas_destroy+0x53/0x70 [ 169.576514] iommufd_fops_release+0x1f7/0x370 [ 169.576867] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.577248] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.577627] ? write_comp_data+0x2f/0x90 [ 169.577969] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.578431] __fput+0x26d/0xa40 [ 169.578711] ____fput+0x1e/0x30 [ 169.578970] task_work_run+0x1a4/0x2d0 [ 169.579292] ? __pfx_task_work_run+0x10/0x10 [ 169.579635] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.580111] ? switch_task_namespaces+0xa9/0xe0 [ 169.580473] do_exit+0xb17/0x2ef0 [ 169.580737] ? lock_acquire+0x427/0x4c0 [ 169.581046] ? __pfx_lock_release+0x10/0x10 [ 169.581380] ? __kasan_check_write+0x18/0x20 [ 169.581812] ? do_raw_spin_lock+0x132/0x2a0 [ 169.582142] ? __pfx_do_exit+0x10/0x10 [ 169.582451] ? debug_smp_processor_id+0x20/0x30 [ 169.582829] ? rcu_is_watching+0x19/0xb0 [ 169.583149] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.583503] ? trace_hardirqs_on+0x26/0x120 [ 169.583837] do_group_exit+0xe0/0x2b0 [ 169.584187] __x64_sys_exit_group+0x47/0x50 [ 169.584568] do_syscall_64+0x3b/0x90 [ 169.584863] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.585259] RIP: 0033:0x7f4b87518a4d [ 169.585542] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.586053] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.586686] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.587239] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.587779] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.588423] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.588957] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.589497] [ 169.589698] irq event stamp: 0 [ 169.590005] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.590477] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.591135] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.591815] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.592338] ---[ end trace 0000000000000000 ]--- [ 169.596148] ------------[ cut here ]------------ [ 169.596524] WARNING: CPU: 1 PID: 1603 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.597392] Modules linked in: [ 169.597632] CPU: 1 PID: 1603 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.598280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.599277] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.599656] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.601108] RSP: 0018:ffff88800f22fbb8 EFLAGS: 00010246 [ 169.601505] RAX: 0000000000000000 RBX: ffff88800a7810a8 RCX: 0000000000000000 [ 169.602041] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 169.602663] RBP: ffff88800f22fbd0 R08: ffffed10014f0233 R09: ffffed10014f0233 [ 169.603199] R10: ffff88800a781193 R11: ffffed10014f0232 R12: ffff888010b0f000 [ 169.603733] R13: ffff88800a7811e8 R14: ffffffff8352e670 R15: ffff88800f22fe68 [ 169.604297] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.604946] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.605379] CR2: 00007f4b877410e8 CR3: 00000000148b0000 CR4: 0000000000750ee0 [ 169.605932] PKRU: 55555554 [ 169.606202] Call Trace: [ 169.606400] [ 169.606587] __iommufd_access_detach+0x1c2/0x2b0 [ 169.606965] iommufd_access_change_pt+0x149/0x270 [ 169.607357] iommufd_access_replace+0xb4/0x120 [ 169.607720] iommufd_test+0x3e5/0x37e0 [ 169.608080] ? lock_release+0x532/0x770 [ 169.608443] ? __might_fault+0x102/0x1b0 [ 169.608764] ? lock_acquire+0x427/0x4c0 [ 169.609079] ? __pfx_iommufd_test+0x10/0x10 [ 169.609413] ? __pfx_lock_release+0x10/0x10 [ 169.609811] ? __pfx_lock_acquire+0x10/0x10 [ 169.610201] ? write_comp_data+0x2f/0x90 [ 169.610544] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.610924] ? write_comp_data+0x2f/0x90 [ 169.611254] iommufd_fops_ioctl+0x37d/0x510 [ 169.611595] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.612071] ? write_comp_data+0x2f/0x90 [ 169.612395] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.612769] __x64_sys_ioctl+0x1a3/0x230 [ 169.613093] do_syscall_64+0x3b/0x90 [ 169.613391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.613901] RIP: 0033:0x7f4b8743ee5d [ 169.614189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.615701] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.616296] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.616844] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.617446] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.618041] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.618610] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.619174] [ 169.619381] irq event stamp: 0 [ 169.619706] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.620190] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.620834] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.621589] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.622073] ---[ end trace 0000000000000000 ]--- [ 169.625093] ------------[ cut here ]------------ [ 169.625493] WARNING: CPU: 1 PID: 1603 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.626304] Modules linked in: [ 169.626615] CPU: 1 PID: 1603 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.627345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.628227] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.628623] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.630169] RSP: 0018:ffff88800f22fbd0 EFLAGS: 00010246 [ 169.630675] RAX: 0000000000000000 RBX: ffff88800a7810a8 RCX: 0000000000000000 [ 169.631292] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 169.631852] RBP: ffff88800f22fbe8 R08: ffffed10014f0233 R09: ffffed10014f0233 [ 169.632410] R10: ffff88800a781193 R11: ffffed10014f0232 R12: ffff8880129c5800 [ 169.633113] R13: ffff88800a7811e8 R14: ffff88800fa20b00 R15: 0000000000000000 [ 169.633671] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.634302] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.634918] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 169.635490] PKRU: 55555554 [ 169.635714] Call Trace: [ 169.635915] [ 169.636096] iommufd_access_destroy_object+0x65/0x170 [ 169.636536] iommufd_object_destroy_user+0x18e/0x220 [ 169.637035] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.637497] iommufd_access_destroy+0x43/0x70 [ 169.637860] iommufd_test_staccess_release+0x8d/0xd0 [ 169.638314] __fput+0x26d/0xa40 [ 169.638671] ____fput+0x1e/0x30 [ 169.638943] task_work_run+0x1a4/0x2d0 [ 169.639272] ? __pfx_task_work_run+0x10/0x10 [ 169.639626] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.640016] ? switch_task_namespaces+0xa9/0xe0 [ 169.640428] do_exit+0xb17/0x2ef0 [ 169.640764] ? lock_acquire+0x427/0x4c0 [ 169.641101] ? __pfx_lock_release+0x10/0x10 [ 169.641448] ? __kasan_check_write+0x18/0x20 [ 169.641800] ? do_raw_spin_lock+0x132/0x2a0 [ 169.642172] ? __pfx_do_exit+0x10/0x10 [ 169.642556] ? debug_smp_processor_id+0x20/0x30 [ 169.642930] ? rcu_is_watching+0x19/0xb0 [ 169.643264] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.643628] ? trace_hardirqs_on+0x26/0x120 [ 169.643977] do_group_exit+0xe0/0x2b0 [ 169.644326] __x64_sys_exit_group+0x47/0x50 [ 169.644722] do_syscall_64+0x3b/0x90 [ 169.645026] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.645440] RIP: 0033:0x7f4b87518a4d [ 169.645735] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.646311] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.646924] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.647491] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.648057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.648736] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.649292] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.649883] [ 169.650147] irq event stamp: 0 [ 169.650397] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.650906] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.651573] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.652332] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.652822] ---[ end trace 0000000000000000 ]--- [ 169.653536] ------------[ cut here ]------------ [ 169.653974] WARNING: CPU: 1 PID: 1603 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.654813] Modules linked in: [ 169.655065] CPU: 1 PID: 1603 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.655813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.656734] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.657144] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.658711] RSP: 0018:ffff88800f22fb78 EFLAGS: 00010246 [ 169.659140] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.659694] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 169.660252] RBP: ffff88800f22fb98 R08: ffffed10014f023e R09: ffffed10014f023e [ 169.660811] R10: ffff88800a7811ef R11: ffffed10014f023d R12: ffff88800a781290 [ 169.661367] R13: ffff88800a7810a8 R14: ffffffffffffffff R15: ffff88800f22fc60 [ 169.661921] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.662566] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.663023] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 169.663584] PKRU: 55555554 [ 169.663808] Call Trace: [ 169.664010] [ 169.664189] iommufd_ioas_destroy+0x53/0x70 [ 169.664537] iommufd_fops_release+0x1f7/0x370 [ 169.664899] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.665297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.665688] ? write_comp_data+0x2f/0x90 [ 169.666018] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.666419] __fput+0x26d/0xa40 [ 169.666711] ____fput+0x1e/0x30 [ 169.666982] task_work_run+0x1a4/0x2d0 [ 169.667309] ? __pfx_task_work_run+0x10/0x10 [ 169.667667] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.668054] ? switch_task_namespaces+0xa9/0xe0 [ 169.668431] do_exit+0xb17/0x2ef0 [ 169.668707] ? lock_acquire+0x427/0x4c0 [ 169.669028] ? __pfx_lock_release+0x10/0x10 [ 169.669378] ? __kasan_check_write+0x18/0x20 [ 169.669728] ? do_raw_spin_lock+0x132/0x2a0 [ 169.670068] ? __pfx_do_exit+0x10/0x10 [ 169.670382] ? debug_smp_processor_id+0x20/0x30 [ 169.670766] ? rcu_is_watching+0x19/0xb0 [ 169.671092] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.671460] ? trace_hardirqs_on+0x26/0x120 [ 169.671808] do_group_exit+0xe0/0x2b0 [ 169.672112] __x64_sys_exit_group+0x47/0x50 [ 169.672449] do_syscall_64+0x3b/0x90 [ 169.672752] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.673166] RIP: 0033:0x7f4b87518a4d [ 169.673462] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.673942] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.674558] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.675106] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.675660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.676206] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.676760] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.677324] [ 169.677509] irq event stamp: 0 [ 169.677758] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.678241] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.678912] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.679575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.680069] ---[ end trace 0000000000000000 ]--- [ 169.684457] ------------[ cut here ]------------ [ 169.684866] WARNING: CPU: 1 PID: 1604 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.685648] Modules linked in: [ 169.685901] CPU: 1 PID: 1604 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.686784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.687669] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.688062] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.689474] RSP: 0018:ffff888017307bb8 EFLAGS: 00010246 [ 169.689891] RAX: 0000000000000000 RBX: ffff8880245f28a8 RCX: 0000000000000000 [ 169.690442] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 169.691024] RBP: ffff888017307bd0 R08: ffffed10048be533 R09: ffffed10048be533 [ 169.691590] R10: ffff8880245f2993 R11: ffffed10048be532 R12: ffff88800ef54400 [ 169.692146] R13: ffff8880245f29e8 R14: ffffffff8352e670 R15: ffff888017307e68 [ 169.692700] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.693327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.693781] CR2: 0000000020000140 CR3: 0000000017b90000 CR4: 0000000000750ee0 [ 169.694332] PKRU: 55555554 [ 169.694571] Call Trace: [ 169.694775] [ 169.694955] __iommufd_access_detach+0x1c2/0x2b0 [ 169.695348] iommufd_access_change_pt+0x149/0x270 [ 169.695740] iommufd_access_replace+0xb4/0x120 [ 169.696110] iommufd_test+0x3e5/0x37e0 [ 169.696416] ? lock_release+0x532/0x770 [ 169.696739] ? __might_fault+0x102/0x1b0 [ 169.697066] ? lock_acquire+0x427/0x4c0 [ 169.697388] ? __pfx_iommufd_test+0x10/0x10 [ 169.697725] ? __pfx_lock_release+0x10/0x10 [ 169.698071] ? __pfx_lock_acquire+0x10/0x10 [ 169.698421] ? write_comp_data+0x2f/0x90 [ 169.698770] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.699170] ? write_comp_data+0x2f/0x90 [ 169.699502] iommufd_fops_ioctl+0x37d/0x510 [ 169.699843] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.700228] ? write_comp_data+0x2f/0x90 [ 169.700558] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.700939] __x64_sys_ioctl+0x1a3/0x230 [ 169.701268] do_syscall_64+0x3b/0x90 [ 169.701575] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.701988] RIP: 0033:0x7f4b8743ee5d [ 169.702279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.703725] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.704327] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.704883] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.705438] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.705995] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.706569] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.707140] [ 169.707324] irq event stamp: 0 [ 169.707571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.708062] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.708718] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.709367] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.709859] ---[ end trace 0000000000000000 ]--- [ 169.712599] ------------[ cut here ]------------ [ 169.712987] WARNING: CPU: 1 PID: 1604 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.713756] Modules linked in: [ 169.714004] CPU: 1 PID: 1604 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.714681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.715532] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.715909] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.717275] RSP: 0018:ffff888017307bd0 EFLAGS: 00010246 [ 169.717682] RAX: 0000000000000000 RBX: ffff8880245f28a8 RCX: 0000000000000000 [ 169.718222] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 169.718774] RBP: ffff888017307be8 R08: ffffed10048be533 R09: ffffed10048be533 [ 169.719323] R10: ffff8880245f2993 R11: ffffed10048be532 R12: ffff888010b0dc00 [ 169.719864] R13: ffff8880245f29e8 R14: ffff888021862500 R15: 0000000000000000 [ 169.720402] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.721009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.721448] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.721989] PKRU: 55555554 [ 169.722207] Call Trace: [ 169.722402] [ 169.722593] iommufd_access_destroy_object+0x65/0x170 [ 169.722990] iommufd_object_destroy_user+0x18e/0x220 [ 169.723383] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.723829] iommufd_access_destroy+0x43/0x70 [ 169.724206] iommufd_test_staccess_release+0x8d/0xd0 [ 169.724603] __fput+0x26d/0xa40 [ 169.724874] ____fput+0x1e/0x30 [ 169.725138] task_work_run+0x1a4/0x2d0 [ 169.725444] ? __pfx_task_work_run+0x10/0x10 [ 169.725787] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.726168] ? switch_task_namespaces+0xa9/0xe0 [ 169.726560] do_exit+0xb17/0x2ef0 [ 169.726830] ? lock_acquire+0x427/0x4c0 [ 169.727155] ? __pfx_lock_release+0x10/0x10 [ 169.727497] ? __kasan_check_write+0x18/0x20 [ 169.727840] ? do_raw_spin_lock+0x132/0x2a0 [ 169.728174] ? __pfx_do_exit+0x10/0x10 [ 169.728484] ? debug_smp_processor_id+0x20/0x30 [ 169.728844] ? rcu_is_watching+0x19/0xb0 [ 169.729159] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.729516] ? trace_hardirqs_on+0x26/0x120 [ 169.729852] do_group_exit+0xe0/0x2b0 [ 169.730145] __x64_sys_exit_group+0x47/0x50 [ 169.730479] do_syscall_64+0x3b/0x90 [ 169.730789] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.731190] RIP: 0033:0x7f4b87518a4d [ 169.731466] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.731918] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.732475] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.732999] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.733523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.734052] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.734596] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.735142] [ 169.735319] irq event stamp: 0 [ 169.735556] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.736027] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.736650] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.737263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.737727] ---[ end trace 0000000000000000 ]--- [ 169.738386] ------------[ cut here ]------------ [ 169.738759] WARNING: CPU: 1 PID: 1604 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.739523] Modules linked in: [ 169.739765] CPU: 1 PID: 1604 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.740418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.741255] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.741642] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.742987] RSP: 0018:ffff888017307b78 EFLAGS: 00010246 [ 169.743387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.743909] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 169.744431] RBP: ffff888017307b98 R08: ffffed10048be53e R09: ffffed10048be53e [ 169.744950] R10: ffff8880245f29ef R11: ffffed10048be53d R12: ffff8880245f2a90 [ 169.745467] R13: ffff8880245f28a8 R14: ffffffffffffffff R15: ffff888017307c60 [ 169.745988] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.746594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.747022] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.747550] PKRU: 55555554 [ 169.747762] Call Trace: [ 169.747953] [ 169.748124] iommufd_ioas_destroy+0x53/0x70 [ 169.748453] iommufd_fops_release+0x1f7/0x370 [ 169.748793] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.749164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.749529] ? write_comp_data+0x2f/0x90 [ 169.749838] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.750205] __fput+0x26d/0xa40 [ 169.750462] ____fput+0x1e/0x30 [ 169.750731] task_work_run+0x1a4/0x2d0 [ 169.751030] ? __pfx_task_work_run+0x10/0x10 [ 169.751364] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.751729] ? switch_task_namespaces+0xa9/0xe0 [ 169.752089] do_exit+0xb17/0x2ef0 [ 169.752350] ? lock_acquire+0x427/0x4c0 [ 169.752658] ? __pfx_lock_release+0x10/0x10 [ 169.752983] ? __kasan_check_write+0x18/0x20 [ 169.753309] ? do_raw_spin_lock+0x132/0x2a0 [ 169.753625] ? __pfx_do_exit+0x10/0x10 [ 169.753917] ? debug_smp_processor_id+0x20/0x30 [ 169.754263] ? rcu_is_watching+0x19/0xb0 [ 169.754581] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.754924] ? trace_hardirqs_on+0x26/0x120 [ 169.755254] do_group_exit+0xe0/0x2b0 [ 169.755538] __x64_sys_exit_group+0x47/0x50 [ 169.755854] do_syscall_64+0x3b/0x90 [ 169.756138] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.756528] RIP: 0033:0x7f4b87518a4d [ 169.756801] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.757260] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.757809] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.758321] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.758846] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.759362] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.759874] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.760392] [ 169.760561] irq event stamp: 0 [ 169.760788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.761235] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.761831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.762424] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.762886] ---[ end trace 0000000000000000 ]--- [ 169.766794] ------------[ cut here ]------------ [ 169.767168] WARNING: CPU: 1 PID: 1605 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.767892] Modules linked in: [ 169.768122] CPU: 1 PID: 1605 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.768751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.769564] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.769922] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.771256] RSP: 0018:ffff888017b77bb8 EFLAGS: 00010246 [ 169.771639] RAX: 0000000000000000 RBX: ffff8880147b78a8 RCX: 0000000000000000 [ 169.772146] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 169.772652] RBP: ffff888017b77bd0 R08: ffffed10028f6f33 R09: ffffed10028f6f33 [ 169.773160] R10: ffff8880147b7993 R11: ffffed10028f6f32 R12: ffff888020e6a400 [ 169.773672] R13: ffff8880147b79e8 R14: ffffffff8352e670 R15: ffff888017b77e68 [ 169.774186] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.774791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.775210] CR2: 0000000020000140 CR3: 000000000f1ae000 CR4: 0000000000750ee0 [ 169.775719] PKRU: 55555554 [ 169.775921] Call Trace: [ 169.776105] [ 169.776267] __iommufd_access_detach+0x1c2/0x2b0 [ 169.776621] iommufd_access_change_pt+0x149/0x270 [ 169.776976] iommufd_access_replace+0xb4/0x120 [ 169.777314] iommufd_test+0x3e5/0x37e0 [ 169.777598] ? lock_release+0x532/0x770 [ 169.777892] ? __might_fault+0x102/0x1b0 [ 169.778191] ? lock_acquire+0x427/0x4c0 [ 169.778488] ? __pfx_iommufd_test+0x10/0x10 [ 169.778809] ? __pfx_lock_release+0x10/0x10 [ 169.779135] ? __pfx_lock_acquire+0x10/0x10 [ 169.779457] ? write_comp_data+0x2f/0x90 [ 169.779759] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.780113] ? write_comp_data+0x2f/0x90 [ 169.780416] iommufd_fops_ioctl+0x37d/0x510 [ 169.780732] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.781088] ? write_comp_data+0x2f/0x90 [ 169.781391] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.781742] __x64_sys_ioctl+0x1a3/0x230 [ 169.782046] do_syscall_64+0x3b/0x90 [ 169.782326] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.782717] RIP: 0033:0x7f4b8743ee5d [ 169.782986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.784292] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.784835] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.785344] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.785850] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.786358] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.786879] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.787401] [ 169.787569] irq event stamp: 0 [ 169.787796] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.788248] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.788845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.789446] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.789894] ---[ end trace 0000000000000000 ]--- [ 169.792441] ------------[ cut here ]------------ [ 169.792789] WARNING: CPU: 1 PID: 1605 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.793513] Modules linked in: [ 169.793741] CPU: 1 PID: 1605 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.794342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.795143] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.795491] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.796744] RSP: 0018:ffff888017b77bd0 EFLAGS: 00010246 [ 169.797113] RAX: 0000000000000000 RBX: ffff8880147b78a8 RCX: 0000000000000000 [ 169.797604] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 169.798093] RBP: ffff888017b77be8 R08: ffffed10028f6f33 R09: ffffed10028f6f33 [ 169.798597] R10: ffff8880147b7993 R11: ffffed10028f6f32 R12: ffff88800ef54000 [ 169.799087] R13: ffff8880147b79e8 R14: ffff88800f022f00 R15: 0000000000000000 [ 169.799587] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.800142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.800542] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.801038] PKRU: 55555554 [ 169.801234] Call Trace: [ 169.801415] [ 169.801573] iommufd_access_destroy_object+0x65/0x170 [ 169.801932] iommufd_object_destroy_user+0x18e/0x220 [ 169.802289] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.802707] iommufd_access_destroy+0x43/0x70 [ 169.803029] iommufd_test_staccess_release+0x8d/0xd0 [ 169.803394] __fput+0x26d/0xa40 [ 169.803638] ____fput+0x1e/0x30 [ 169.803877] task_work_run+0x1a4/0x2d0 [ 169.804156] ? __pfx_task_work_run+0x10/0x10 [ 169.804467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.804811] ? switch_task_namespaces+0xa9/0xe0 [ 169.805145] do_exit+0xb17/0x2ef0 [ 169.805386] ? lock_acquire+0x427/0x4c0 [ 169.805670] ? __pfx_lock_release+0x10/0x10 [ 169.805976] ? __kasan_check_write+0x18/0x20 [ 169.806289] ? do_raw_spin_lock+0x132/0x2a0 [ 169.806606] ? __pfx_do_exit+0x10/0x10 [ 169.806891] ? debug_smp_processor_id+0x20/0x30 [ 169.807226] ? rcu_is_watching+0x19/0xb0 [ 169.807514] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.807833] ? trace_hardirqs_on+0x26/0x120 [ 169.808138] do_group_exit+0xe0/0x2b0 [ 169.808408] __x64_sys_exit_group+0x47/0x50 [ 169.808708] do_syscall_64+0x3b/0x90 [ 169.808975] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.809340] RIP: 0033:0x7f4b87518a4d [ 169.809601] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.810024] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.810564] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.811059] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.811557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.812045] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.812534] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.813031] [ 169.813197] irq event stamp: 0 [ 169.813416] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.813849] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.814425] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.815012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.815453] ---[ end trace 0000000000000000 ]--- [ 169.816073] ------------[ cut here ]------------ [ 169.816403] WARNING: CPU: 1 PID: 1605 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.817112] Modules linked in: [ 169.817338] CPU: 1 PID: 1605 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.817942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.818741] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.819105] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.820383] RSP: 0018:ffff888017b77b78 EFLAGS: 00010246 [ 169.820754] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.821249] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 169.821738] RBP: ffff888017b77b98 R08: ffffed10028f6f3e R09: ffffed10028f6f3e [ 169.822229] R10: ffff8880147b79ef R11: ffffed10028f6f3d R12: ffff8880147b7a90 [ 169.822735] R13: ffff8880147b78a8 R14: ffffffffffffffff R15: ffff888017b77c60 [ 169.823234] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.823788] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.824189] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.824677] PKRU: 55555554 [ 169.824875] Call Trace: [ 169.825054] [ 169.825211] iommufd_ioas_destroy+0x53/0x70 [ 169.825517] iommufd_fops_release+0x1f7/0x370 [ 169.825834] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.826184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.826541] ? write_comp_data+0x2f/0x90 [ 169.826836] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.827194] __fput+0x26d/0xa40 [ 169.827437] ____fput+0x1e/0x30 [ 169.827675] task_work_run+0x1a4/0x2d0 [ 169.827955] ? __pfx_task_work_run+0x10/0x10 [ 169.828269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.828617] ? switch_task_namespaces+0xa9/0xe0 [ 169.828956] do_exit+0xb17/0x2ef0 [ 169.829201] ? lock_acquire+0x427/0x4c0 [ 169.829487] ? __pfx_lock_release+0x10/0x10 [ 169.829796] ? __kasan_check_write+0x18/0x20 [ 169.830110] ? do_raw_spin_lock+0x132/0x2a0 [ 169.830412] ? __pfx_do_exit+0x10/0x10 [ 169.830705] ? debug_smp_processor_id+0x20/0x30 [ 169.831034] ? rcu_is_watching+0x19/0xb0 [ 169.831323] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.831645] ? trace_hardirqs_on+0x26/0x120 [ 169.831956] do_group_exit+0xe0/0x2b0 [ 169.832229] __x64_sys_exit_group+0x47/0x50 [ 169.832529] do_syscall_64+0x3b/0x90 [ 169.832798] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.833166] RIP: 0033:0x7f4b87518a4d [ 169.833424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.833866] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.834393] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.834902] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.835405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.835902] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.836423] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.837044] [ 169.837214] irq event stamp: 0 [ 169.837438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.837876] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.838521] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.839153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.839600] ---[ end trace 0000000000000000 ]--- [ 169.843014] ------------[ cut here ]------------ [ 169.843382] WARNING: CPU: 1 PID: 1606 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.844202] Modules linked in: [ 169.844429] CPU: 1 PID: 1606 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.845063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.845985] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.846341] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.847785] RSP: 0018:ffff888018937bb8 EFLAGS: 00010246 [ 169.848167] RAX: 0000000000000000 RBX: ffff8880142d30a8 RCX: 0000000000000000 [ 169.848673] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 169.849224] RBP: ffff888018937bd0 R08: ffffed100285a633 R09: ffffed100285a633 [ 169.849781] R10: ffff8880142d3193 R11: ffffed100285a632 R12: ffff888020955800 [ 169.850292] R13: ffff8880142d31e8 R14: ffffffff8352e670 R15: ffff888018937e68 [ 169.850825] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.851472] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.851888] CR2: 0000000020000140 CR3: 000000001431a000 CR4: 0000000000750ee0 [ 169.852397] PKRU: 55555554 [ 169.852646] Call Trace: [ 169.852878] [ 169.853042] __iommufd_access_detach+0x1c2/0x2b0 [ 169.853392] iommufd_access_change_pt+0x149/0x270 [ 169.853745] iommufd_access_replace+0xb4/0x120 [ 169.854098] iommufd_test+0x3e5/0x37e0 [ 169.854460] ? lock_release+0x532/0x770 [ 169.854773] ? __might_fault+0x102/0x1b0 [ 169.855077] ? lock_acquire+0x427/0x4c0 [ 169.855384] ? __pfx_iommufd_test+0x10/0x10 [ 169.855698] ? __pfx_lock_release+0x10/0x10 [ 169.856115] ? __pfx_lock_acquire+0x10/0x10 [ 169.856439] ? write_comp_data+0x2f/0x90 [ 169.856747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.857111] ? write_comp_data+0x2f/0x90 [ 169.857435] iommufd_fops_ioctl+0x37d/0x510 [ 169.857840] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.858206] ? write_comp_data+0x2f/0x90 [ 169.858535] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.858896] __x64_sys_ioctl+0x1a3/0x230 [ 169.859264] do_syscall_64+0x3b/0x90 [ 169.859610] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.860002] RIP: 0033:0x7f4b8743ee5d [ 169.860277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.861708] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.862265] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.862900] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.863435] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.863956] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.864571] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.865103] [ 169.865279] irq event stamp: 0 [ 169.865512] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.866030] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.866709] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.867324] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.867843] ---[ end trace 0000000000000000 ]--- [ 169.872161] ------------[ cut here ]------------ [ 169.872551] WARNING: CPU: 1 PID: 1606 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.873398] Modules linked in: [ 169.873636] CPU: 1 PID: 1606 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.874285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.875315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.875702] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.877195] RSP: 0018:ffff888018937bd0 EFLAGS: 00010246 [ 169.877600] RAX: 0000000000000000 RBX: ffff8880142d30a8 RCX: 0000000000000000 [ 169.878134] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 169.878794] RBP: ffff888018937be8 R08: ffffed100285a633 R09: ffffed100285a633 [ 169.879337] R10: ffff8880142d3193 R11: ffffed100285a632 R12: ffff888020e68800 [ 169.879875] R13: ffff8880142d31e8 R14: ffff88800b79ba00 R15: 0000000000000000 [ 169.880515] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.881117] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.881561] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 169.882216] PKRU: 55555554 [ 169.882430] Call Trace: [ 169.882636] [ 169.882811] iommufd_access_destroy_object+0x65/0x170 [ 169.883220] iommufd_object_destroy_user+0x18e/0x220 [ 169.883669] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.884174] iommufd_access_destroy+0x43/0x70 [ 169.884527] iommufd_test_staccess_release+0x8d/0xd0 [ 169.884929] __fput+0x26d/0xa40 [ 169.885203] ____fput+0x1e/0x30 [ 169.885564] task_work_run+0x1a4/0x2d0 [ 169.885875] ? __pfx_task_work_run+0x10/0x10 [ 169.886220] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.886618] ? switch_task_namespaces+0xa9/0xe0 [ 169.886991] do_exit+0xb17/0x2ef0 [ 169.887330] ? lock_acquire+0x427/0x4c0 [ 169.887675] ? __pfx_lock_release+0x10/0x10 [ 169.888016] ? __kasan_check_write+0x18/0x20 [ 169.888364] ? do_raw_spin_lock+0x132/0x2a0 [ 169.888701] ? __pfx_do_exit+0x10/0x10 [ 169.889111] ? debug_smp_processor_id+0x20/0x30 [ 169.889477] ? rcu_is_watching+0x19/0xb0 [ 169.889796] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.890150] ? trace_hardirqs_on+0x26/0x120 [ 169.890490] do_group_exit+0xe0/0x2b0 [ 169.890893] __x64_sys_exit_group+0x47/0x50 [ 169.891236] do_syscall_64+0x3b/0x90 [ 169.891538] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.891945] RIP: 0033:0x7f4b87518a4d [ 169.892249] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.892814] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.893401] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.893946] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.894626] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.895181] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.895730] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.896397] [ 169.896584] irq event stamp: 0 [ 169.896832] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.897320] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.898107] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.898778] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.899285] ---[ end trace 0000000000000000 ]--- [ 169.901701] ------------[ cut here ]------------ [ 169.902093] WARNING: CPU: 1 PID: 1606 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 169.902968] Modules linked in: [ 169.903301] CPU: 1 PID: 1606 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.904077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.904957] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 169.905361] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 169.906934] RSP: 0018:ffff888018937b78 EFLAGS: 00010246 [ 169.907361] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 169.907913] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 169.908468] RBP: ffff888018937b98 R08: ffffed100285a63e R09: ffffed100285a63e [ 169.909023] R10: ffff8880142d31ef R11: ffffed100285a63d R12: ffff8880142d3290 [ 169.909647] R13: ffff8880142d30a8 R14: ffffffffffffffff R15: ffff888018937c60 [ 169.910262] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.910899] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.911365] CR2: 00007f82e2eff018 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 169.911921] PKRU: 55555554 [ 169.912148] Call Trace: [ 169.912352] [ 169.912576] iommufd_ioas_destroy+0x53/0x70 [ 169.912987] iommufd_fops_release+0x1f7/0x370 [ 169.913350] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.913749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.914141] ? write_comp_data+0x2f/0x90 [ 169.914472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 169.914885] __fput+0x26d/0xa40 [ 169.915173] ____fput+0x1e/0x30 [ 169.915466] task_work_run+0x1a4/0x2d0 [ 169.915879] ? __pfx_task_work_run+0x10/0x10 [ 169.916228] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.916614] ? switch_task_namespaces+0xa9/0xe0 [ 169.916991] do_exit+0xb17/0x2ef0 [ 169.917267] ? lock_acquire+0x427/0x4c0 [ 169.917588] ? __pfx_lock_release+0x10/0x10 [ 169.917933] ? __kasan_check_write+0x18/0x20 [ 169.918311] ? do_raw_spin_lock+0x132/0x2a0 [ 169.918778] ? __pfx_do_exit+0x10/0x10 [ 169.919095] ? debug_smp_processor_id+0x20/0x30 [ 169.919475] ? rcu_is_watching+0x19/0xb0 [ 169.919798] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.920159] ? trace_hardirqs_on+0x26/0x120 [ 169.920505] do_group_exit+0xe0/0x2b0 [ 169.920803] __x64_sys_exit_group+0x47/0x50 [ 169.921137] do_syscall_64+0x3b/0x90 [ 169.921487] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.921961] RIP: 0033:0x7f4b87518a4d [ 169.922257] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.922751] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.923356] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.923916] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.924518] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.925153] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.925707] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.926270] [ 169.926455] irq event stamp: 0 [ 169.926709] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.927200] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.927986] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.928639] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.929132] ---[ end trace 0000000000000000 ]--- [ 169.937076] ------------[ cut here ]------------ [ 169.937618] WARNING: CPU: 1 PID: 1607 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.938418] Modules linked in: [ 169.938725] CPU: 1 PID: 1607 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.939435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.940324] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.940854] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.942286] RSP: 0018:ffff88801793fbb8 EFLAGS: 00010246 [ 169.942774] RAX: 0000000000000000 RBX: ffff888011e3f0a8 RCX: 0000000000000000 [ 169.943354] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 169.943997] RBP: ffff88801793fbd0 R08: ffffed10023c7e33 R09: ffffed10023c7e33 [ 169.944610] R10: ffff888011e3f193 R11: ffffed10023c7e32 R12: ffff88801890f400 [ 169.945176] R13: ffff888011e3f1e8 R14: ffffffff8352e670 R15: ffff88801793fe68 [ 169.945738] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.946368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.946876] CR2: 0000000020000140 CR3: 0000000013e70000 CR4: 0000000000750ee0 [ 169.947605] PKRU: 55555554 [ 169.947846] Call Trace: [ 169.948060] [ 169.948251] __iommufd_access_detach+0x1c2/0x2b0 [ 169.948664] iommufd_access_change_pt+0x149/0x270 [ 169.949081] iommufd_access_replace+0xb4/0x120 [ 169.949473] iommufd_test+0x3e5/0x37e0 [ 169.949799] ? lock_release+0x532/0x770 [ 169.950190] ? __might_fault+0x102/0x1b0 [ 169.950653] ? lock_acquire+0x427/0x4c0 [ 169.951001] ? __pfx_iommufd_test+0x10/0x10 [ 169.951383] ? __pfx_lock_release+0x10/0x10 [ 169.951757] ? __pfx_lock_acquire+0x10/0x10 [ 169.952130] ? write_comp_data+0x2f/0x90 [ 169.952478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.952891] ? write_comp_data+0x2f/0x90 [ 169.953244] iommufd_fops_ioctl+0x37d/0x510 [ 169.953687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.954125] ? write_comp_data+0x2f/0x90 [ 169.954479] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 169.954917] __x64_sys_ioctl+0x1a3/0x230 [ 169.955282] do_syscall_64+0x3b/0x90 [ 169.955604] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.956040] RIP: 0033:0x7f4b8743ee5d [ 169.956357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 169.957882] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 169.958565] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 169.959194] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 169.959847] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 169.960625] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 169.961250] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 169.961889] [ 169.962097] irq event stamp: 0 [ 169.962378] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.962967] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 169.963730] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 169.964521] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 169.965183] ---[ end trace 0000000000000000 ]--- [ 169.968302] ------------[ cut here ]------------ [ 169.968756] WARNING: CPU: 1 PID: 1607 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 169.969648] Modules linked in: [ 169.969949] CPU: 1 PID: 1607 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 169.970873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 169.971875] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 169.972334] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 169.974149] RSP: 0018:ffff88801793fbd0 EFLAGS: 00010246 [ 169.974825] RAX: 0000000000000000 RBX: ffff888011e3f0a8 RCX: 0000000000000000 [ 169.975509] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 169.976174] RBP: ffff88801793fbe8 R08: ffffed10023c7e33 R09: ffffed10023c7e33 [ 169.976842] R10: ffff888011e3f193 R11: ffffed10023c7e32 R12: ffff888020955000 [ 169.977511] R13: ffff888011e3f1e8 R14: ffff88800b874100 R15: 0000000000000000 [ 169.978172] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 169.979230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.979778] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 169.980446] PKRU: 55555554 [ 169.980716] Call Trace: [ 169.980961] [ 169.981176] iommufd_access_destroy_object+0x65/0x170 [ 169.981666] iommufd_object_destroy_user+0x18e/0x220 [ 169.982148] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 169.982724] iommufd_access_destroy+0x43/0x70 [ 169.983168] iommufd_test_staccess_release+0x8d/0xd0 [ 169.983705] __fput+0x26d/0xa40 [ 169.984143] ____fput+0x1e/0x30 [ 169.984619] task_work_run+0x1a4/0x2d0 [ 169.985012] ? __pfx_task_work_run+0x10/0x10 [ 169.985456] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 169.985943] ? switch_task_namespaces+0xa9/0xe0 [ 169.986400] do_exit+0xb17/0x2ef0 [ 169.986772] ? lock_acquire+0x427/0x4c0 [ 169.987195] ? __pfx_lock_release+0x10/0x10 [ 169.987626] ? __kasan_check_write+0x18/0x20 [ 169.988059] ? do_raw_spin_lock+0x132/0x2a0 [ 169.988473] ? __pfx_do_exit+0x10/0x10 [ 169.988862] ? debug_smp_processor_id+0x20/0x30 [ 169.989421] ? rcu_is_watching+0x19/0xb0 [ 169.989916] ? _raw_spin_unlock_irq+0x2b/0x60 [ 169.990354] ? trace_hardirqs_on+0x26/0x120 [ 169.990816] do_group_exit+0xe0/0x2b0 [ 169.991204] __x64_sys_exit_group+0x47/0x50 [ 169.991638] do_syscall_64+0x3b/0x90 [ 169.992018] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 169.992534] RIP: 0033:0x7f4b87518a4d [ 169.992892] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 169.993486] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 169.994275] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 169.995179] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 169.995865] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 169.996547] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 169.997222] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 169.997911] [ 169.998142] irq event stamp: 0 [ 169.998449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 169.999183] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.000121] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.000983] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.001648] ---[ end trace 0000000000000000 ]--- [ 170.002556] ------------[ cut here ]------------ [ 170.003059] WARNING: CPU: 1 PID: 1607 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.004129] Modules linked in: [ 170.004469] CPU: 1 PID: 1607 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.005669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.007101] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.007657] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.009545] RSP: 0018:ffff88801793fb78 EFLAGS: 00010246 [ 170.010112] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.011012] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 170.012066] RBP: ffff88801793fb98 R08: ffffed10023c7e3e R09: ffffed10023c7e3e [ 170.012805] R10: ffff888011e3f1ef R11: ffffed10023c7e3d R12: ffff888011e3f290 [ 170.013544] R13: ffff888011e3f0a8 R14: ffffffffffffffff R15: ffff88801793fc60 [ 170.014284] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.015148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.015754] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.016487] PKRU: 55555554 [ 170.016846] Call Trace: [ 170.017204] [ 170.017537] iommufd_ioas_destroy+0x53/0x70 [ 170.018202] iommufd_fops_release+0x1f7/0x370 [ 170.018712] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.019252] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.019767] ? write_comp_data+0x2f/0x90 [ 170.020196] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.020716] __fput+0x26d/0xa40 [ 170.021076] ____fput+0x1e/0x30 [ 170.021432] task_work_run+0x1a4/0x2d0 [ 170.021855] ? __pfx_task_work_run+0x10/0x10 [ 170.022318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.022886] ? switch_task_namespaces+0xa9/0xe0 [ 170.023552] do_exit+0xb17/0x2ef0 [ 170.024114] ? lock_acquire+0x427/0x4c0 [ 170.024550] ? __pfx_lock_release+0x10/0x10 [ 170.025008] ? __kasan_check_write+0x18/0x20 [ 170.025470] ? do_raw_spin_lock+0x132/0x2a0 [ 170.025923] ? __pfx_do_exit+0x10/0x10 [ 170.026355] ? debug_smp_processor_id+0x20/0x30 [ 170.026878] ? rcu_is_watching+0x19/0xb0 [ 170.027322] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.027807] ? trace_hardirqs_on+0x26/0x120 [ 170.028265] do_group_exit+0xe0/0x2b0 [ 170.028667] __x64_sys_exit_group+0x47/0x50 [ 170.029118] do_syscall_64+0x3b/0x90 [ 170.029583] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.030343] RIP: 0033:0x7f4b87518a4d [ 170.030780] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.031436] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.032221] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.032964] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.033698] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.034436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.035452] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.036426] [ 170.036680] irq event stamp: 0 [ 170.037014] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.037670] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.038566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.039446] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.040114] ---[ end trace 0000000000000000 ]--- [ 170.044527] ------------[ cut here ]------------ [ 170.045082] WARNING: CPU: 1 PID: 1608 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.046376] Modules linked in: [ 170.046910] CPU: 1 PID: 1608 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.047823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.048982] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.049498] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.051693] RSP: 0018:ffff888018937bb8 EFLAGS: 00010246 [ 170.052455] RAX: 0000000000000000 RBX: ffff8880143b60a8 RCX: 0000000000000000 [ 170.053198] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 170.053942] RBP: ffff888018937bd0 R08: ffffed1002876c33 R09: ffffed1002876c33 [ 170.054747] R10: ffff8880143b6193 R11: ffffed1002876c32 R12: ffff88801341f000 [ 170.055510] R13: ffff8880143b61e8 R14: ffffffff8352e670 R15: ffff888018937e68 [ 170.056256] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.057235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.058030] CR2: 00007f4b877410e8 CR3: 0000000013e70000 CR4: 0000000000750ee0 [ 170.059003] PKRU: 55555554 [ 170.059308] Call Trace: [ 170.059575] [ 170.059811] __iommufd_access_detach+0x1c2/0x2b0 [ 170.060327] iommufd_access_change_pt+0x149/0x270 [ 170.060835] iommufd_access_replace+0xb4/0x120 [ 170.061315] iommufd_test+0x3e5/0x37e0 [ 170.061719] ? lock_release+0x532/0x770 [ 170.062143] ? __might_fault+0x102/0x1b0 [ 170.062612] ? lock_acquire+0x427/0x4c0 [ 170.063204] ? __pfx_iommufd_test+0x10/0x10 [ 170.063785] ? __pfx_lock_release+0x10/0x10 [ 170.064429] ? __pfx_lock_acquire+0x10/0x10 [ 170.064889] ? write_comp_data+0x2f/0x90 [ 170.065320] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.065833] ? write_comp_data+0x2f/0x90 [ 170.066267] iommufd_fops_ioctl+0x37d/0x510 [ 170.066823] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.067361] ? write_comp_data+0x2f/0x90 [ 170.067794] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.068291] __x64_sys_ioctl+0x1a3/0x230 [ 170.068718] do_syscall_64+0x3b/0x90 [ 170.069114] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.069821] RIP: 0033:0x7f4b8743ee5d [ 170.070369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.072522] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.073312] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.074053] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.074812] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.075666] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.076738] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.077503] [ 170.077747] irq event stamp: 0 [ 170.078073] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.078772] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.079673] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.080528] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.081357] ---[ end trace 0000000000000000 ]--- [ 170.085052] ------------[ cut here ]------------ [ 170.085593] WARNING: CPU: 1 PID: 1608 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.086704] Modules linked in: [ 170.087040] CPU: 1 PID: 1608 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.088205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.089689] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.090216] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.092161] RSP: 0018:ffff888018937bd0 EFLAGS: 00010246 [ 170.092731] RAX: 0000000000000000 RBX: ffff8880143b60a8 RCX: 0000000000000000 [ 170.093586] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 170.094630] RBP: ffff888018937be8 R08: ffffed1002876c33 R09: ffffed1002876c33 [ 170.095390] R10: ffff8880143b6193 R11: ffffed1002876c32 R12: ffff88801890d000 [ 170.096148] R13: ffff8880143b61e8 R14: ffff888010fd7d00 R15: 0000000000000000 [ 170.096897] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.097733] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.098340] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.099110] PKRU: 55555554 [ 170.099420] Call Trace: [ 170.099691] [ 170.099931] iommufd_access_destroy_object+0x65/0x170 [ 170.100486] iommufd_object_destroy_user+0x18e/0x220 [ 170.101016] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.101615] iommufd_access_destroy+0x43/0x70 [ 170.102089] iommufd_test_staccess_release+0x8d/0xd0 [ 170.102659] __fput+0x26d/0xa40 [ 170.103025] ____fput+0x1e/0x30 [ 170.103387] task_work_run+0x1a4/0x2d0 [ 170.103802] ? __pfx_task_work_run+0x10/0x10 [ 170.104267] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.104785] ? switch_task_namespaces+0xa9/0xe0 [ 170.105287] do_exit+0xb17/0x2ef0 [ 170.105659] ? lock_acquire+0x427/0x4c0 [ 170.106080] ? __pfx_lock_release+0x10/0x10 [ 170.106575] ? __kasan_check_write+0x18/0x20 [ 170.107045] ? do_raw_spin_lock+0x132/0x2a0 [ 170.107522] ? __pfx_do_exit+0x10/0x10 [ 170.107937] ? debug_smp_processor_id+0x20/0x30 [ 170.108429] ? rcu_is_watching+0x19/0xb0 [ 170.108861] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.109355] ? trace_hardirqs_on+0x26/0x120 [ 170.109828] do_group_exit+0xe0/0x2b0 [ 170.110236] __x64_sys_exit_group+0x47/0x50 [ 170.110725] do_syscall_64+0x3b/0x90 [ 170.111151] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.111708] RIP: 0033:0x7f4b87518a4d [ 170.112098] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.112736] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.113524] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.114264] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.115047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.115786] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.116510] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.117269] [ 170.117519] irq event stamp: 0 [ 170.117850] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.118545] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.119435] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.120303] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.120953] ---[ end trace 0000000000000000 ]--- [ 170.121866] ------------[ cut here ]------------ [ 170.122355] WARNING: CPU: 1 PID: 1608 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.123487] Modules linked in: [ 170.123825] CPU: 1 PID: 1608 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.124713] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.125869] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.126397] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.128332] RSP: 0018:ffff888018937b78 EFLAGS: 00010246 [ 170.128891] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.129619] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 170.130348] RBP: ffff888018937b98 R08: ffffed1002876c3e R09: ffffed1002876c3e [ 170.131093] R10: ffff8880143b61ef R11: ffffed1002876c3d R12: ffff8880143b6290 [ 170.131848] R13: ffff8880143b60a8 R14: ffffffffffffffff R15: ffff888018937c60 [ 170.132579] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.133407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.134004] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.134769] PKRU: 55555554 [ 170.135071] Call Trace: [ 170.135352] [ 170.135594] iommufd_ioas_destroy+0x53/0x70 [ 170.136057] iommufd_fops_release+0x1f7/0x370 [ 170.136524] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.137048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.137559] ? write_comp_data+0x2f/0x90 [ 170.137983] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.138536] __fput+0x26d/0xa40 [ 170.138900] ____fput+0x1e/0x30 [ 170.139275] task_work_run+0x1a4/0x2d0 [ 170.139698] ? __pfx_task_work_run+0x10/0x10 [ 170.140160] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.140671] ? switch_task_namespaces+0xa9/0xe0 [ 170.141167] do_exit+0xb17/0x2ef0 [ 170.141526] ? lock_acquire+0x427/0x4c0 [ 170.141956] ? __pfx_lock_release+0x10/0x10 [ 170.142420] ? __kasan_check_write+0x18/0x20 [ 170.142909] ? do_raw_spin_lock+0x132/0x2a0 [ 170.143364] ? __pfx_do_exit+0x10/0x10 [ 170.143778] ? debug_smp_processor_id+0x20/0x30 [ 170.144260] ? rcu_is_watching+0x19/0xb0 [ 170.144679] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.145150] ? trace_hardirqs_on+0x26/0x120 [ 170.145610] do_group_exit+0xe0/0x2b0 [ 170.146016] __x64_sys_exit_group+0x47/0x50 [ 170.146472] do_syscall_64+0x3b/0x90 [ 170.146899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.147463] RIP: 0033:0x7f4b87518a4d [ 170.147858] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.148503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.149301] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.150030] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.150812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.151566] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.152312] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.153053] [ 170.153294] irq event stamp: 0 [ 170.153615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.154279] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.155201] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.156065] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.156714] ---[ end trace 0000000000000000 ]--- [ 170.162422] ------------[ cut here ]------------ [ 170.163256] WARNING: CPU: 1 PID: 1609 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.164318] Modules linked in: [ 170.164652] CPU: 1 PID: 1609 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.165545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.166783] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.167315] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.169217] RSP: 0018:ffff888014967bb8 EFLAGS: 00010246 [ 170.169780] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 170.170545] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 170.171319] RBP: ffff888014967bd0 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 170.172065] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff88800a726000 [ 170.172812] R13: ffff88801609d1e8 R14: ffffffff8352e670 R15: ffff888014967e68 [ 170.173553] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.174406] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.175042] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 170.175809] PKRU: 55555554 [ 170.176107] Call Trace: [ 170.176370] [ 170.176605] __iommufd_access_detach+0x1c2/0x2b0 [ 170.177124] iommufd_access_change_pt+0x149/0x270 [ 170.177638] iommufd_access_replace+0xb4/0x120 [ 170.178130] iommufd_test+0x3e5/0x37e0 [ 170.178567] ? lock_release+0x532/0x770 [ 170.178991] ? __might_fault+0x102/0x1b0 [ 170.179441] ? lock_acquire+0x427/0x4c0 [ 170.179865] ? __pfx_iommufd_test+0x10/0x10 [ 170.180318] ? __pfx_lock_release+0x10/0x10 [ 170.180790] ? __pfx_lock_acquire+0x10/0x10 [ 170.181274] ? write_comp_data+0x2f/0x90 [ 170.181717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.182239] ? write_comp_data+0x2f/0x90 [ 170.182711] iommufd_fops_ioctl+0x37d/0x510 [ 170.183175] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.183694] ? write_comp_data+0x2f/0x90 [ 170.184138] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.184659] __x64_sys_ioctl+0x1a3/0x230 [ 170.185098] do_syscall_64+0x3b/0x90 [ 170.185499] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.186050] RIP: 0033:0x7f4b8743ee5d [ 170.186440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.188390] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.189197] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.189945] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.190698] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.191448] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.192196] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.192952] [ 170.193196] irq event stamp: 0 [ 170.193520] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.194175] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.195076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.195969] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.196636] ---[ end trace 0000000000000000 ]--- [ 170.199955] ------------[ cut here ]------------ [ 170.200489] WARNING: CPU: 1 PID: 1609 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.201524] Modules linked in: [ 170.201854] CPU: 1 PID: 1609 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.202794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.203965] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.204485] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.206377] RSP: 0018:ffff888014967bd0 EFLAGS: 00010246 [ 170.206965] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 170.207737] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 170.208482] RBP: ffff888014967be8 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 170.209223] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff88801341d000 [ 170.209954] R13: ffff88801609d1e8 R14: ffff88800fceef00 R15: 0000000000000000 [ 170.210716] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.211554] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.212149] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.212883] PKRU: 55555554 [ 170.213188] Call Trace: [ 170.213452] [ 170.213693] iommufd_access_destroy_object+0x65/0x170 [ 170.214245] iommufd_object_destroy_user+0x18e/0x220 [ 170.214816] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.215457] iommufd_access_destroy+0x43/0x70 [ 170.215957] iommufd_test_staccess_release+0x8d/0xd0 [ 170.216515] __fput+0x26d/0xa40 [ 170.216891] ____fput+0x1e/0x30 [ 170.217260] task_work_run+0x1a4/0x2d0 [ 170.217681] ? __pfx_task_work_run+0x10/0x10 [ 170.218147] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.218704] ? switch_task_namespaces+0xa9/0xe0 [ 170.219230] do_exit+0xb17/0x2ef0 [ 170.219604] ? lock_acquire+0x427/0x4c0 [ 170.220032] ? __pfx_lock_release+0x10/0x10 [ 170.220506] ? __kasan_check_write+0x18/0x20 [ 170.220973] ? do_raw_spin_lock+0x132/0x2a0 [ 170.221427] ? __pfx_do_exit+0x10/0x10 [ 170.221862] ? debug_smp_processor_id+0x20/0x30 [ 170.222363] ? rcu_is_watching+0x19/0xb0 [ 170.222833] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.223345] ? trace_hardirqs_on+0x26/0x120 [ 170.223808] do_group_exit+0xe0/0x2b0 [ 170.224220] __x64_sys_exit_group+0x47/0x50 [ 170.224676] do_syscall_64+0x3b/0x90 [ 170.225087] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.225645] RIP: 0033:0x7f4b87518a4d [ 170.226042] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.226727] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.227545] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.228279] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.229022] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.229762] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.230534] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.231312] [ 170.231561] irq event stamp: 0 [ 170.231890] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.232550] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.233429] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.234299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.234989] ---[ end trace 0000000000000000 ]--- [ 170.235890] ------------[ cut here ]------------ [ 170.236397] WARNING: CPU: 1 PID: 1609 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.237476] Modules linked in: [ 170.237808] CPU: 1 PID: 1609 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.238751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.239940] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.240489] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.242384] RSP: 0018:ffff888014967b78 EFLAGS: 00010246 [ 170.242981] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.243726] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 170.244464] RBP: ffff888014967b98 R08: ffffed1002c13a3e R09: ffffed1002c13a3e [ 170.245201] R10: ffff88801609d1ef R11: ffffed1002c13a3d R12: ffff88801609d290 [ 170.245944] R13: ffff88801609d0a8 R14: ffffffffffffffff R15: ffff888014967c60 [ 170.246727] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.247583] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.248192] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.248932] PKRU: 55555554 [ 170.249231] Call Trace: [ 170.249495] [ 170.249727] iommufd_ioas_destroy+0x53/0x70 [ 170.250185] iommufd_fops_release+0x1f7/0x370 [ 170.250686] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.251245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.251763] ? write_comp_data+0x2f/0x90 [ 170.252192] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.252711] __fput+0x26d/0xa40 [ 170.253070] ____fput+0x1e/0x30 [ 170.253423] task_work_run+0x1a4/0x2d0 [ 170.253838] ? __pfx_task_work_run+0x10/0x10 [ 170.254310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.254846] ? switch_task_namespaces+0xa9/0xe0 [ 170.255358] do_exit+0xb17/0x2ef0 [ 170.255726] ? lock_acquire+0x427/0x4c0 [ 170.256150] ? __pfx_lock_release+0x10/0x10 [ 170.256613] ? __kasan_check_write+0x18/0x20 [ 170.257090] ? do_raw_spin_lock+0x132/0x2a0 [ 170.257550] ? __pfx_do_exit+0x10/0x10 [ 170.257973] ? debug_smp_processor_id+0x20/0x30 [ 170.258466] ? rcu_is_watching+0x19/0xb0 [ 170.258926] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.259428] ? trace_hardirqs_on+0x26/0x120 [ 170.259888] do_group_exit+0xe0/0x2b0 [ 170.260289] __x64_sys_exit_group+0x47/0x50 [ 170.260737] do_syscall_64+0x3b/0x90 [ 170.261135] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.261683] RIP: 0033:0x7f4b87518a4d [ 170.262077] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.262744] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.263546] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.264299] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.265040] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.265782] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.266561] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.267334] [ 170.267582] irq event stamp: 0 [ 170.267914] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.268580] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.269459] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.270328] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.271020] ---[ end trace 0000000000000000 ]--- [ 170.276027] ------------[ cut here ]------------ [ 170.276571] WARNING: CPU: 1 PID: 1610 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.277605] Modules linked in: [ 170.277939] CPU: 1 PID: 1610 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.278953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.280147] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.280669] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.282589] RSP: 0018:ffff888012917bb8 EFLAGS: 00010246 [ 170.283175] RAX: 0000000000000000 RBX: ffff888015db48a8 RCX: 0000000000000000 [ 170.283921] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 170.284655] RBP: ffff888012917bd0 R08: ffffed1002bb6933 R09: ffffed1002bb6933 [ 170.285387] R10: ffff888015db4993 R11: ffffed1002bb6932 R12: ffff888010c6dc00 [ 170.286133] R13: ffff888015db49e8 R14: ffffffff8352e670 R15: ffff888012917e68 [ 170.286898] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.287746] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.288352] CR2: 0000000020000140 CR3: 000000002187e000 CR4: 0000000000750ee0 [ 170.289081] PKRU: 55555554 [ 170.289376] Call Trace: [ 170.289646] [ 170.289887] __iommufd_access_detach+0x1c2/0x2b0 [ 170.290407] iommufd_access_change_pt+0x149/0x270 [ 170.290956] iommufd_access_replace+0xb4/0x120 [ 170.291474] iommufd_test+0x3e5/0x37e0 [ 170.291877] ? lock_release+0x532/0x770 [ 170.292313] ? __might_fault+0x102/0x1b0 [ 170.292736] ? lock_acquire+0x427/0x4c0 [ 170.293156] ? __pfx_iommufd_test+0x10/0x10 [ 170.293606] ? __pfx_lock_release+0x10/0x10 [ 170.294066] ? __pfx_lock_acquire+0x10/0x10 [ 170.294552] ? write_comp_data+0x2f/0x90 [ 170.294984] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.295509] ? write_comp_data+0x2f/0x90 [ 170.295947] iommufd_fops_ioctl+0x37d/0x510 [ 170.296397] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.296905] ? write_comp_data+0x2f/0x90 [ 170.297334] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.297834] __x64_sys_ioctl+0x1a3/0x230 [ 170.298263] do_syscall_64+0x3b/0x90 [ 170.298695] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.299258] RIP: 0033:0x7f4b8743ee5d [ 170.299662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.301560] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.302363] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.303142] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.303883] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.304622] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.305352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.306094] [ 170.306334] irq event stamp: 0 [ 170.306698] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.307371] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.308248] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.309115] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.309769] ---[ end trace 0000000000000000 ]--- [ 170.313055] ------------[ cut here ]------------ [ 170.313583] WARNING: CPU: 1 PID: 1610 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.314658] Modules linked in: [ 170.314993] CPU: 1 PID: 1610 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.315900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.317048] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.317570] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.319506] RSP: 0018:ffff888012917bd0 EFLAGS: 00010246 [ 170.320073] RAX: 0000000000000000 RBX: ffff888015db48a8 RCX: 0000000000000000 [ 170.320803] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 170.321527] RBP: ffff888012917be8 R08: ffffed1002bb6933 R09: ffffed1002bb6933 [ 170.322260] R10: ffff888015db4993 R11: ffffed1002bb6932 R12: ffff888014391400 [ 170.323026] R13: ffff888015db49e8 R14: ffff88800fe3fb00 R15: 0000000000000000 [ 170.323779] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.324618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.325212] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.325945] PKRU: 55555554 [ 170.326241] Call Trace: [ 170.326535] [ 170.326774] iommufd_access_destroy_object+0x65/0x170 [ 170.327347] iommufd_object_destroy_user+0x18e/0x220 [ 170.327887] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.328504] iommufd_access_destroy+0x43/0x70 [ 170.328963] iommufd_test_staccess_release+0x8d/0xd0 [ 170.329451] __fput+0x26d/0xa40 [ 170.329788] ____fput+0x1e/0x30 [ 170.330119] task_work_run+0x1a4/0x2d0 [ 170.330524] ? __pfx_task_work_run+0x10/0x10 [ 170.330947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.331429] ? switch_task_namespaces+0xa9/0xe0 [ 170.331896] do_exit+0xb17/0x2ef0 [ 170.332237] ? lock_acquire+0x427/0x4c0 [ 170.332635] ? __pfx_lock_release+0x10/0x10 [ 170.333070] ? __kasan_check_write+0x18/0x20 [ 170.333502] ? do_raw_spin_lock+0x132/0x2a0 [ 170.333915] ? __pfx_do_exit+0x10/0x10 [ 170.334295] ? debug_smp_processor_id+0x20/0x30 [ 170.334766] ? rcu_is_watching+0x19/0xb0 [ 170.335171] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.335619] ? trace_hardirqs_on+0x26/0x120 [ 170.336035] do_group_exit+0xe0/0x2b0 [ 170.336404] __x64_sys_exit_group+0x47/0x50 [ 170.336825] do_syscall_64+0x3b/0x90 [ 170.337192] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.337698] RIP: 0033:0x7f4b87518a4d [ 170.338051] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.338656] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.339396] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.340066] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.340728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.341392] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.342058] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.342751] [ 170.342977] irq event stamp: 0 [ 170.343283] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.343875] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.344659] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.345444] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.346035] ---[ end trace 0000000000000000 ]--- [ 170.346876] ------------[ cut here ]------------ [ 170.347331] WARNING: CPU: 1 PID: 1610 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.348290] Modules linked in: [ 170.348596] CPU: 1 PID: 1610 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.349681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.351046] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.351540] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.353223] RSP: 0018:ffff888012917b78 EFLAGS: 00010246 [ 170.353753] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.354666] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 170.355343] RBP: ffff888012917b98 R08: ffffed1002bb693e R09: ffffed1002bb693e [ 170.356002] R10: ffff888015db49ef R11: ffffed1002bb693d R12: ffff888015db4a90 [ 170.356658] R13: ffff888015db48a8 R14: ffffffffffffffff R15: ffff888012917c60 [ 170.357314] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.358057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.358626] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.359491] PKRU: 55555554 [ 170.359879] Call Trace: [ 170.360116] [ 170.360327] iommufd_ioas_destroy+0x53/0x70 [ 170.360737] iommufd_fops_release+0x1f7/0x370 [ 170.361165] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.361628] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.362085] ? write_comp_data+0x2f/0x90 [ 170.362472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.362964] __fput+0x26d/0xa40 [ 170.363298] ____fput+0x1e/0x30 [ 170.363611] task_work_run+0x1a4/0x2d0 [ 170.363978] ? __pfx_task_work_run+0x10/0x10 [ 170.364413] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.365034] ? switch_task_namespaces+0xa9/0xe0 [ 170.365479] do_exit+0xb17/0x2ef0 [ 170.365800] ? lock_acquire+0x427/0x4c0 [ 170.366177] ? __pfx_lock_release+0x10/0x10 [ 170.366613] ? __kasan_check_write+0x18/0x20 [ 170.367022] ? do_raw_spin_lock+0x132/0x2a0 [ 170.367433] ? __pfx_do_exit+0x10/0x10 [ 170.367757] ? debug_smp_processor_id+0x20/0x30 [ 170.368174] ? rcu_is_watching+0x19/0xb0 [ 170.368608] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.369154] ? trace_hardirqs_on+0x26/0x120 [ 170.369563] do_group_exit+0xe0/0x2b0 [ 170.369916] __x64_sys_exit_group+0x47/0x50 [ 170.370313] do_syscall_64+0x3b/0x90 [ 170.370772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.371312] RIP: 0033:0x7f4b87518a4d [ 170.371662] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.372227] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.372943] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.373754] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.374404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.375108] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.375878] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.376541] [ 170.376756] irq event stamp: 0 [ 170.377047] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.377793] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.378585] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.379379] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.380129] ---[ end trace 0000000000000000 ]--- [ 170.384708] ------------[ cut here ]------------ [ 170.385154] WARNING: CPU: 1 PID: 1611 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.386092] Modules linked in: [ 170.386492] CPU: 1 PID: 1611 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.387461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.388527] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.389056] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.390787] RSP: 0018:ffff88801824fbb8 EFLAGS: 00010246 [ 170.391265] RAX: 0000000000000000 RBX: ffff88802192d8a8 RCX: 0000000000000000 [ 170.391881] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 170.392555] RBP: ffff88801824fbd0 R08: ffffed1004325b33 R09: ffffed1004325b33 [ 170.393284] R10: ffff88802192d993 R11: ffffed1004325b32 R12: ffff888010570800 [ 170.393905] R13: ffff88802192d9e8 R14: ffffffff8352e670 R15: ffff88801824fe68 [ 170.394628] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.395385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.395894] CR2: 0000000020000140 CR3: 00000000103ca000 CR4: 0000000000750ee0 [ 170.396521] PKRU: 55555554 [ 170.396842] Call Trace: [ 170.397135] [ 170.397334] __iommufd_access_detach+0x1c2/0x2b0 [ 170.397764] iommufd_access_change_pt+0x149/0x270 [ 170.398207] iommufd_access_replace+0xb4/0x120 [ 170.398637] iommufd_test+0x3e5/0x37e0 [ 170.399156] ? lock_release+0x532/0x770 [ 170.399520] ? __might_fault+0x102/0x1b0 [ 170.399885] ? lock_acquire+0x427/0x4c0 [ 170.400245] ? __pfx_iommufd_test+0x10/0x10 [ 170.400624] ? __pfx_lock_release+0x10/0x10 [ 170.401010] ? __pfx_lock_acquire+0x10/0x10 [ 170.401542] ? write_comp_data+0x2f/0x90 [ 170.401915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.402349] ? write_comp_data+0x2f/0x90 [ 170.402745] iommufd_fops_ioctl+0x37d/0x510 [ 170.403147] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.403668] ? write_comp_data+0x2f/0x90 [ 170.404110] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.404541] __x64_sys_ioctl+0x1a3/0x230 [ 170.404910] do_syscall_64+0x3b/0x90 [ 170.405255] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.405874] RIP: 0033:0x7f4b8743ee5d [ 170.406214] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.408003] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.408676] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.409298] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.409994] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.410728] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.411366] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.412041] [ 170.412248] irq event stamp: 0 [ 170.412620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.413172] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.413926] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.414815] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.415372] ---[ end trace 0000000000000000 ]--- [ 170.418324] ------------[ cut here ]------------ [ 170.418801] WARNING: CPU: 1 PID: 1611 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.419702] Modules linked in: [ 170.420000] CPU: 1 PID: 1611 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.420905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.421890] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.422466] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.424113] RSP: 0018:ffff88801824fbd0 EFLAGS: 00010246 [ 170.424693] RAX: 0000000000000000 RBX: ffff88802192d8a8 RCX: 0000000000000000 [ 170.425319] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 170.425941] RBP: ffff88801824fbe8 R08: ffffed1004325b33 R09: ffffed1004325b33 [ 170.426740] R10: ffff88802192d993 R11: ffffed1004325b32 R12: ffff888010c6cc00 [ 170.427375] R13: ffff88802192d9e8 R14: ffff888020818200 R15: 0000000000000000 [ 170.427999] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.428821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.429334] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.429956] PKRU: 55555554 [ 170.430212] Call Trace: [ 170.430538] [ 170.430821] iommufd_access_destroy_object+0x65/0x170 [ 170.431296] iommufd_object_destroy_user+0x18e/0x220 [ 170.431747] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.432263] iommufd_access_destroy+0x43/0x70 [ 170.432704] iommufd_test_staccess_release+0x8d/0xd0 [ 170.433246] __fput+0x26d/0xa40 [ 170.433556] ____fput+0x1e/0x30 [ 170.433855] task_work_run+0x1a4/0x2d0 [ 170.434207] ? __pfx_task_work_run+0x10/0x10 [ 170.434688] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.435273] ? switch_task_namespaces+0xa9/0xe0 [ 170.435836] do_exit+0xb17/0x2ef0 [ 170.436147] ? lock_acquire+0x427/0x4c0 [ 170.436507] ? __pfx_lock_release+0x10/0x10 [ 170.436896] ? __kasan_check_write+0x18/0x20 [ 170.437291] ? do_raw_spin_lock+0x132/0x2a0 [ 170.437747] ? __pfx_do_exit+0x10/0x10 [ 170.438147] ? debug_smp_processor_id+0x20/0x30 [ 170.438582] ? rcu_is_watching+0x19/0xb0 [ 170.438941] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.439353] ? trace_hardirqs_on+0x26/0x120 [ 170.439771] do_group_exit+0xe0/0x2b0 [ 170.440213] __x64_sys_exit_group+0x47/0x50 [ 170.440595] do_syscall_64+0x3b/0x90 [ 170.440941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.441408] RIP: 0033:0x7f4b87518a4d [ 170.441811] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.442420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.443108] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.443741] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.444508] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.445130] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.445750] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.446377] [ 170.446602] irq event stamp: 0 [ 170.446880] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.447436] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.448353] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.449075] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.449622] ---[ end trace 0000000000000000 ]--- [ 170.450426] ------------[ cut here ]------------ [ 170.450875] WARNING: CPU: 1 PID: 1611 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.451933] Modules linked in: [ 170.452216] CPU: 1 PID: 1611 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.452973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.453947] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.454398] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.456213] RSP: 0018:ffff88801824fb78 EFLAGS: 00010246 [ 170.456680] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.457296] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 170.457918] RBP: ffff88801824fb98 R08: ffffed1004325b3e R09: ffffed1004325b3e [ 170.458712] R10: ffff88802192d9ef R11: ffffed1004325b3d R12: ffff88802192da90 [ 170.459348] R13: ffff88802192d8a8 R14: ffffffffffffffff R15: ffff88801824fc60 [ 170.459985] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.460687] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.461230] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 170.462001] PKRU: 55555554 [ 170.462251] Call Trace: [ 170.462476] [ 170.462693] iommufd_ioas_destroy+0x53/0x70 [ 170.463081] iommufd_fops_release+0x1f7/0x370 [ 170.463540] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.464065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.464502] ? write_comp_data+0x2f/0x90 [ 170.464869] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.465332] __fput+0x26d/0xa40 [ 170.465752] ____fput+0x1e/0x30 [ 170.466053] task_work_run+0x1a4/0x2d0 [ 170.466403] ? __pfx_task_work_run+0x10/0x10 [ 170.466812] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.467260] ? switch_task_namespaces+0xa9/0xe0 [ 170.467763] do_exit+0xb17/0x2ef0 [ 170.468169] ? lock_acquire+0x427/0x4c0 [ 170.468528] ? __pfx_lock_release+0x10/0x10 [ 170.468912] ? __kasan_check_write+0x18/0x20 [ 170.469301] ? do_raw_spin_lock+0x132/0x2a0 [ 170.469759] ? __pfx_do_exit+0x10/0x10 [ 170.470177] ? debug_smp_processor_id+0x20/0x30 [ 170.470617] ? rcu_is_watching+0x19/0xb0 [ 170.470983] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.471398] ? trace_hardirqs_on+0x26/0x120 [ 170.471823] do_group_exit+0xe0/0x2b0 [ 170.472252] __x64_sys_exit_group+0x47/0x50 [ 170.472634] do_syscall_64+0x3b/0x90 [ 170.472977] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.473443] RIP: 0033:0x7f4b87518a4d [ 170.473842] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.474436] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.475112] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.475745] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.476541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.477162] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.477785] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.478596] [ 170.478801] irq event stamp: 0 [ 170.479078] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.479639] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.480536] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.481274] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.481817] ---[ end trace 0000000000000000 ]--- [ 170.486711] ------------[ cut here ]------------ [ 170.487181] WARNING: CPU: 1 PID: 1612 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.488125] Modules linked in: [ 170.488490] CPU: 1 PID: 1612 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.489215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.490280] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.490716] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.492346] RSP: 0018:ffff888012917bb8 EFLAGS: 00010246 [ 170.492785] RAX: 0000000000000000 RBX: ffff88800f22f8a8 RCX: 0000000000000000 [ 170.493371] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 170.494075] RBP: ffff888012917bd0 R08: ffffed1001e45f33 R09: ffffed1001e45f33 [ 170.494668] R10: ffff88800f22f993 R11: ffffed1001e45f32 R12: ffff888020a8f400 [ 170.495254] R13: ffff88800f22f9e8 R14: ffffffff8352e670 R15: ffff888012917e68 [ 170.495953] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.496603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.497097] CR2: 00007f4b877410e8 CR3: 00000000103ca000 CR4: 0000000000750ee0 [ 170.497784] PKRU: 55555554 [ 170.498016] Call Trace: [ 170.498229] [ 170.498417] __iommufd_access_detach+0x1c2/0x2b0 [ 170.498838] iommufd_access_change_pt+0x149/0x270 [ 170.499253] iommufd_access_replace+0xb4/0x120 [ 170.499642] iommufd_test+0x3e5/0x37e0 [ 170.499965] ? lock_release+0x532/0x770 [ 170.500305] ? __might_fault+0x102/0x1b0 [ 170.500653] ? lock_acquire+0x427/0x4c0 [ 170.500993] ? __pfx_iommufd_test+0x10/0x10 [ 170.501346] ? __pfx_lock_release+0x10/0x10 [ 170.501711] ? __pfx_lock_acquire+0x10/0x10 [ 170.502075] ? write_comp_data+0x2f/0x90 [ 170.502422] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.502875] ? write_comp_data+0x2f/0x90 [ 170.503233] iommufd_fops_ioctl+0x37d/0x510 [ 170.503589] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.503986] ? write_comp_data+0x2f/0x90 [ 170.504322] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.504717] __x64_sys_ioctl+0x1a3/0x230 [ 170.505063] do_syscall_64+0x3b/0x90 [ 170.505380] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.505805] RIP: 0033:0x7f4b8743ee5d [ 170.506112] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.507618] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.508229] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.508802] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.509369] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.509939] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.510522] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.511100] [ 170.511293] irq event stamp: 0 [ 170.511553] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.512066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.512737] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.513401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.513904] ---[ end trace 0000000000000000 ]--- [ 170.516732] ------------[ cut here ]------------ [ 170.517133] WARNING: CPU: 1 PID: 1612 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.517928] Modules linked in: [ 170.518180] CPU: 1 PID: 1612 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.518876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.519741] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.520121] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.521510] RSP: 0018:ffff888012917bd0 EFLAGS: 00010246 [ 170.521925] RAX: 0000000000000000 RBX: ffff88800f22f8a8 RCX: 0000000000000000 [ 170.522473] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 170.523027] RBP: ffff888012917be8 R08: ffffed1001e45f33 R09: ffffed1001e45f33 [ 170.523584] R10: ffff88800f22f993 R11: ffffed1001e45f32 R12: ffff888010572c00 [ 170.524126] R13: ffff88800f22f9e8 R14: ffff88800fd8c600 R15: 0000000000000000 [ 170.524670] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.525287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.525730] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.526278] PKRU: 55555554 [ 170.526499] Call Trace: [ 170.526716] [ 170.526895] iommufd_access_destroy_object+0x65/0x170 [ 170.527312] iommufd_object_destroy_user+0x18e/0x220 [ 170.527718] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.528172] iommufd_access_destroy+0x43/0x70 [ 170.528537] iommufd_test_staccess_release+0x8d/0xd0 [ 170.528943] __fput+0x26d/0xa40 [ 170.529222] ____fput+0x1e/0x30 [ 170.529493] task_work_run+0x1a4/0x2d0 [ 170.529806] ? __pfx_task_work_run+0x10/0x10 [ 170.530153] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.530557] ? switch_task_namespaces+0xa9/0xe0 [ 170.530930] do_exit+0xb17/0x2ef0 [ 170.531208] ? lock_acquire+0x427/0x4c0 [ 170.531530] ? __pfx_lock_release+0x10/0x10 [ 170.531873] ? __kasan_check_write+0x18/0x20 [ 170.532225] ? do_raw_spin_lock+0x132/0x2a0 [ 170.532567] ? __pfx_do_exit+0x10/0x10 [ 170.532884] ? debug_smp_processor_id+0x20/0x30 [ 170.533264] ? rcu_is_watching+0x19/0xb0 [ 170.533588] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.533951] ? trace_hardirqs_on+0x26/0x120 [ 170.534298] do_group_exit+0xe0/0x2b0 [ 170.534623] __x64_sys_exit_group+0x47/0x50 [ 170.534965] do_syscall_64+0x3b/0x90 [ 170.535271] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.535675] RIP: 0033:0x7f4b87518a4d [ 170.535956] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.536425] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.537012] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.537561] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.538112] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.538679] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.539239] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.539803] [ 170.539986] irq event stamp: 0 [ 170.540233] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.540723] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.541375] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.542021] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.542525] ---[ end trace 0000000000000000 ]--- [ 170.543221] ------------[ cut here ]------------ [ 170.543579] WARNING: CPU: 1 PID: 1612 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.544351] Modules linked in: [ 170.544602] CPU: 1 PID: 1612 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.545265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.546116] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.546523] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.547911] RSP: 0018:ffff888012917b78 EFLAGS: 00010246 [ 170.548319] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.548859] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 170.549395] RBP: ffff888012917b98 R08: ffffed1001e45f3e R09: ffffed1001e45f3e [ 170.549934] R10: ffff88800f22f9ef R11: ffffed1001e45f3d R12: ffff88800f22fa90 [ 170.550471] R13: ffff88800f22f8a8 R14: ffffffffffffffff R15: ffff888012917c60 [ 170.551023] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 170.551647] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.552089] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 170.552631] PKRU: 55555554 [ 170.552846] Call Trace: [ 170.553041] [ 170.553214] iommufd_ioas_destroy+0x53/0x70 [ 170.553551] iommufd_fops_release+0x1f7/0x370 [ 170.553901] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.554286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.554678] ? write_comp_data+0x2f/0x90 [ 170.554999] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.555390] __fput+0x26d/0xa40 [ 170.555659] ____fput+0x1e/0x30 [ 170.555920] task_work_run+0x1a4/0x2d0 [ 170.556241] ? __pfx_task_work_run+0x10/0x10 [ 170.556587] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.556965] ? switch_task_namespaces+0xa9/0xe0 [ 170.557339] do_exit+0xb17/0x2ef0 [ 170.557608] ? lock_acquire+0x427/0x4c0 [ 170.557917] ? __pfx_lock_release+0x10/0x10 [ 170.558250] ? __kasan_check_write+0x18/0x20 [ 170.558601] ? do_raw_spin_lock+0x132/0x2a0 [ 170.558929] ? __pfx_do_exit+0x10/0x10 [ 170.559246] ? debug_smp_processor_id+0x20/0x30 [ 170.559607] ? rcu_is_watching+0x19/0xb0 [ 170.559917] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.560262] ? trace_hardirqs_on+0x26/0x120 [ 170.560594] do_group_exit+0xe0/0x2b0 [ 170.560884] __x64_sys_exit_group+0x47/0x50 [ 170.561211] do_syscall_64+0x3b/0x90 [ 170.561500] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.561895] RIP: 0033:0x7f4b87518a4d [ 170.562175] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.562651] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.563227] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.563759] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.564288] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.564817] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.565349] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.565888] [ 170.566068] irq event stamp: 0 [ 170.566304] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.566791] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.567426] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.568046] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.568517] ---[ end trace 0000000000000000 ]--- [ 170.574853] ------------[ cut here ]------------ [ 170.575432] WARNING: CPU: 0 PID: 1613 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.576527] Modules linked in: [ 170.576881] CPU: 0 PID: 1613 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.577819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.579066] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.579621] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.581562] RSP: 0018:ffff88800e8e7bb8 EFLAGS: 00010246 [ 170.582138] RAX: 0000000000000000 RBX: ffff888017a400a8 RCX: 0000000000000000 [ 170.582935] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 170.583717] RBP: ffff88800e8e7bd0 R08: ffffed1002f48033 R09: ffffed1002f48033 [ 170.584484] R10: ffff888017a40193 R11: ffffed1002f48032 R12: ffff888013b17c00 [ 170.585250] R13: ffff888017a401e8 R14: ffffffff8352e670 R15: ffff88800e8e7e68 [ 170.586023] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.586917] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.587558] CR2: 0000000020000140 CR3: 000000002087a000 CR4: 0000000000750ef0 [ 170.588329] PKRU: 55555554 [ 170.588643] Call Trace: [ 170.588928] [ 170.589181] __iommufd_access_detach+0x1c2/0x2b0 [ 170.589720] iommufd_access_change_pt+0x149/0x270 [ 170.590264] iommufd_access_replace+0xb4/0x120 [ 170.590811] iommufd_test+0x3e5/0x37e0 [ 170.591259] ? lock_release+0x532/0x770 [ 170.591713] ? __might_fault+0x102/0x1b0 [ 170.592169] ? lock_acquire+0x427/0x4c0 [ 170.592622] ? __pfx_iommufd_test+0x10/0x10 [ 170.593095] ? __pfx_lock_release+0x10/0x10 [ 170.593581] ? __pfx_lock_acquire+0x10/0x10 [ 170.594072] ? write_comp_data+0x2f/0x90 [ 170.594565] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.595108] ? write_comp_data+0x2f/0x90 [ 170.595582] iommufd_fops_ioctl+0x37d/0x510 [ 170.596062] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.596606] ? write_comp_data+0x2f/0x90 [ 170.597066] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.597601] __x64_sys_ioctl+0x1a3/0x230 [ 170.598064] do_syscall_64+0x3b/0x90 [ 170.598490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.599099] RIP: 0033:0x7f4b8743ee5d [ 170.599522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.601469] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.602290] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.603085] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.603859] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.604606] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.605353] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.606103] [ 170.606352] irq event stamp: 0 [ 170.606715] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.607387] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.608609] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.609483] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.610430] ---[ end trace 0000000000000000 ]--- [ 170.614883] ------------[ cut here ]------------ [ 170.615398] WARNING: CPU: 0 PID: 1613 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.616598] Modules linked in: [ 170.616944] CPU: 0 PID: 1613 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.617979] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.619196] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.619859] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.621872] RSP: 0018:ffff88800e8e7bd0 EFLAGS: 00010246 [ 170.622432] RAX: 0000000000000000 RBX: ffff888017a400a8 RCX: 0000000000000000 [ 170.623352] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 170.624094] RBP: ffff88800e8e7be8 R08: ffffed1002f48033 R09: ffffed1002f48033 [ 170.624958] R10: ffff888017a40193 R11: ffffed1002f48032 R12: ffff888010827000 [ 170.625712] R13: ffff888017a401e8 R14: ffff888012fb5900 R15: 0000000000000000 [ 170.626609] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.627463] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.628160] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 170.628910] PKRU: 55555554 [ 170.629214] Call Trace: [ 170.629488] [ 170.629734] iommufd_access_destroy_object+0x65/0x170 [ 170.630290] iommufd_object_destroy_user+0x18e/0x220 [ 170.630872] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.631508] iommufd_access_destroy+0x43/0x70 [ 170.631997] iommufd_test_staccess_release+0x8d/0xd0 [ 170.632550] __fput+0x26d/0xa40 [ 170.632924] ____fput+0x1e/0x30 [ 170.633290] task_work_run+0x1a4/0x2d0 [ 170.633718] ? __pfx_task_work_run+0x10/0x10 [ 170.634193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.634744] ? switch_task_namespaces+0xa9/0xe0 [ 170.635267] do_exit+0xb17/0x2ef0 [ 170.635643] ? lock_acquire+0x427/0x4c0 [ 170.636082] ? __pfx_lock_release+0x10/0x10 [ 170.636549] ? __kasan_check_write+0x18/0x20 [ 170.637025] ? do_raw_spin_lock+0x132/0x2a0 [ 170.637486] ? __pfx_do_exit+0x10/0x10 [ 170.637913] ? debug_smp_processor_id+0x20/0x30 [ 170.638413] ? rcu_is_watching+0x19/0xb0 [ 170.638874] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.639404] ? trace_hardirqs_on+0x26/0x120 [ 170.639741] do_group_exit+0xe0/0x2b0 [ 170.640020] __x64_sys_exit_group+0x47/0x50 [ 170.640330] do_syscall_64+0x3b/0x90 [ 170.640611] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.640994] RIP: 0033:0x7f4b87518a4d [ 170.641264] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.641708] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.642253] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.642799] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.643323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.643831] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.644337] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.644851] [ 170.645020] irq event stamp: 0 [ 170.645247] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.645696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.646292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.646901] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.647358] ---[ end trace 0000000000000000 ]--- [ 170.648049] ------------[ cut here ]------------ [ 170.648549] WARNING: CPU: 0 PID: 1613 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.649282] Modules linked in: [ 170.649515] CPU: 0 PID: 1613 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.650198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.651110] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.651493] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.653031] RSP: 0018:ffff88800e8e7b78 EFLAGS: 00010246 [ 170.653440] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.654050] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 170.654780] RBP: ffff88800e8e7b98 R08: ffffed1002f4803e R09: ffffed1002f4803e [ 170.655352] R10: ffff888017a401ef R11: ffffed1002f4803d R12: ffff888017a40290 [ 170.655947] R13: ffff888017a400a8 R14: ffffffffffffffff R15: ffff88800e8e7c60 [ 170.656457] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.657031] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.657445] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 170.657955] PKRU: 55555554 [ 170.658159] Call Trace: [ 170.658344] [ 170.658529] iommufd_ioas_destroy+0x53/0x70 [ 170.658849] iommufd_fops_release+0x1f7/0x370 [ 170.659188] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.659552] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.659912] ? write_comp_data+0x2f/0x90 [ 170.660217] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.660579] __fput+0x26d/0xa40 [ 170.660830] ____fput+0x1e/0x30 [ 170.661076] task_work_run+0x1a4/0x2d0 [ 170.661367] ? __pfx_task_work_run+0x10/0x10 [ 170.661690] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.662045] ? switch_task_namespaces+0xa9/0xe0 [ 170.662391] do_exit+0xb17/0x2ef0 [ 170.662661] ? lock_acquire+0x427/0x4c0 [ 170.662958] ? __pfx_lock_release+0x10/0x10 [ 170.663287] ? __kasan_check_write+0x18/0x20 [ 170.663612] ? do_raw_spin_lock+0x132/0x2a0 [ 170.663923] ? __pfx_do_exit+0x10/0x10 [ 170.664215] ? debug_smp_processor_id+0x20/0x30 [ 170.664555] ? rcu_is_watching+0x19/0xb0 [ 170.664851] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.665184] ? trace_hardirqs_on+0x26/0x120 [ 170.665501] do_group_exit+0xe0/0x2b0 [ 170.665778] __x64_sys_exit_group+0x47/0x50 [ 170.666088] do_syscall_64+0x3b/0x90 [ 170.666364] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.666760] RIP: 0033:0x7f4b87518a4d [ 170.667032] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.667477] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.668021] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.668531] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.669042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.669548] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.670057] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.670587] [ 170.670757] irq event stamp: 0 [ 170.670987] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.671454] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.672054] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.672650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.673098] ---[ end trace 0000000000000000 ]--- [ 170.677729] ------------[ cut here ]------------ [ 170.678082] WARNING: CPU: 0 PID: 1614 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.678888] Modules linked in: [ 170.679234] CPU: 0 PID: 1614 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.679865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.680816] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.681176] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.682643] RSP: 0018:ffff888020b77bb8 EFLAGS: 00010246 [ 170.683029] RAX: 0000000000000000 RBX: ffff8880184c20a8 RCX: 0000000000000000 [ 170.683601] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 170.684218] RBP: ffff888020b77bd0 R08: ffffed1003098433 R09: ffffed1003098433 [ 170.684731] R10: ffff8880184c2193 R11: ffffed1003098432 R12: ffff88801226f800 [ 170.685415] R13: ffff8880184c21e8 R14: ffffffff8352e670 R15: ffff888020b77e68 [ 170.685930] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.686530] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.687050] CR2: 00007f4b877410e8 CR3: 000000002087a000 CR4: 0000000000750ef0 [ 170.687572] PKRU: 55555554 [ 170.687783] Call Trace: [ 170.687973] [ 170.688161] __iommufd_access_detach+0x1c2/0x2b0 [ 170.688620] iommufd_access_change_pt+0x149/0x270 [ 170.688981] iommufd_access_replace+0xb4/0x120 [ 170.689329] iommufd_test+0x3e5/0x37e0 [ 170.689615] ? lock_release+0x532/0x770 [ 170.690039] ? __might_fault+0x102/0x1b0 [ 170.690346] ? lock_acquire+0x427/0x4c0 [ 170.690666] ? __pfx_iommufd_test+0x10/0x10 [ 170.690987] ? __pfx_lock_release+0x10/0x10 [ 170.691345] ? __pfx_lock_acquire+0x10/0x10 [ 170.691788] ? write_comp_data+0x2f/0x90 [ 170.692104] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.692472] ? write_comp_data+0x2f/0x90 [ 170.692786] iommufd_fops_ioctl+0x37d/0x510 [ 170.693160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.693637] ? write_comp_data+0x2f/0x90 [ 170.693951] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.694318] __x64_sys_ioctl+0x1a3/0x230 [ 170.694709] do_syscall_64+0x3b/0x90 [ 170.695108] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.695513] RIP: 0033:0x7f4b8743ee5d [ 170.695793] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.697286] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.697897] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.698526] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.699051] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.699626] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.700255] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.700782] [ 170.700955] irq event stamp: 0 [ 170.701190] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.701653] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.702269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.702919] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.703406] ---[ end trace 0000000000000000 ]--- [ 170.706035] ------------[ cut here ]------------ [ 170.706406] WARNING: CPU: 0 PID: 1614 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.707209] Modules linked in: [ 170.707453] CPU: 0 PID: 1614 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.708099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.708935] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.709309] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.710686] RSP: 0018:ffff888020b77bd0 EFLAGS: 00010246 [ 170.711082] RAX: 0000000000000000 RBX: ffff8880184c20a8 RCX: 0000000000000000 [ 170.711618] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 170.712139] RBP: ffff888020b77be8 R08: ffffed1003098433 R09: ffffed1003098433 [ 170.712664] R10: ffff8880184c2193 R11: ffffed1003098432 R12: ffff888013b16000 [ 170.713194] R13: ffff8880184c21e8 R14: ffff88800fe3f000 R15: 0000000000000000 [ 170.713724] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.714324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.714771] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 170.715303] PKRU: 55555554 [ 170.715514] Call Trace: [ 170.715707] [ 170.715879] iommufd_access_destroy_object+0x65/0x170 [ 170.716272] iommufd_object_destroy_user+0x18e/0x220 [ 170.716658] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.717156] iommufd_access_destroy+0x43/0x70 [ 170.717506] iommufd_test_staccess_release+0x8d/0xd0 [ 170.717891] __fput+0x26d/0xa40 [ 170.718154] ____fput+0x1e/0x30 [ 170.718408] task_work_run+0x1a4/0x2d0 [ 170.718729] ? __pfx_task_work_run+0x10/0x10 [ 170.719068] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.719446] ? switch_task_namespaces+0xa9/0xe0 [ 170.719808] do_exit+0xb17/0x2ef0 [ 170.720070] ? lock_acquire+0x427/0x4c0 [ 170.720376] ? __pfx_lock_release+0x10/0x10 [ 170.720706] ? __kasan_check_write+0x18/0x20 [ 170.721039] ? do_raw_spin_lock+0x132/0x2a0 [ 170.721365] ? __pfx_do_exit+0x10/0x10 [ 170.721663] ? debug_smp_processor_id+0x20/0x30 [ 170.722008] ? rcu_is_watching+0x19/0xb0 [ 170.722307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.722663] ? trace_hardirqs_on+0x26/0x120 [ 170.722992] do_group_exit+0xe0/0x2b0 [ 170.723287] __x64_sys_exit_group+0x47/0x50 [ 170.723609] do_syscall_64+0x3b/0x90 [ 170.723893] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.724279] RIP: 0033:0x7f4b87518a4d [ 170.724555] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.725007] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.725559] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.726079] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.726612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.727142] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.727673] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.728206] [ 170.728381] irq event stamp: 0 [ 170.728612] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.729071] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.729685] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.730305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.730793] ---[ end trace 0000000000000000 ]--- [ 170.731451] ------------[ cut here ]------------ [ 170.731800] WARNING: CPU: 0 PID: 1614 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.732543] Modules linked in: [ 170.732780] CPU: 0 PID: 1614 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.733421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.734249] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.734646] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.736001] RSP: 0018:ffff888020b77b78 EFLAGS: 00010246 [ 170.736402] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.736930] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 170.737449] RBP: ffff888020b77b98 R08: ffffed100309843e R09: ffffed100309843e [ 170.737968] R10: ffff8880184c21ef R11: ffffed100309843d R12: ffff8880184c2290 [ 170.738487] R13: ffff8880184c20a8 R14: ffffffffffffffff R15: ffff888020b77c60 [ 170.739029] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.739638] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.740067] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 170.740593] PKRU: 55555554 [ 170.740801] Call Trace: [ 170.740989] [ 170.741156] iommufd_ioas_destroy+0x53/0x70 [ 170.741483] iommufd_fops_release+0x1f7/0x370 [ 170.741827] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.742205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.742597] ? write_comp_data+0x2f/0x90 [ 170.742910] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.743290] __fput+0x26d/0xa40 [ 170.743552] ____fput+0x1e/0x30 [ 170.743809] task_work_run+0x1a4/0x2d0 [ 170.744109] ? __pfx_task_work_run+0x10/0x10 [ 170.744449] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.744820] ? switch_task_namespaces+0xa9/0xe0 [ 170.745181] do_exit+0xb17/0x2ef0 [ 170.745445] ? lock_acquire+0x427/0x4c0 [ 170.745754] ? __pfx_lock_release+0x10/0x10 [ 170.746084] ? __kasan_check_write+0x18/0x20 [ 170.746419] ? do_raw_spin_lock+0x132/0x2a0 [ 170.746764] ? __pfx_do_exit+0x10/0x10 [ 170.747069] ? debug_smp_processor_id+0x20/0x30 [ 170.747433] ? rcu_is_watching+0x19/0xb0 [ 170.747740] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.748079] ? trace_hardirqs_on+0x26/0x120 [ 170.748402] do_group_exit+0xe0/0x2b0 [ 170.748687] __x64_sys_exit_group+0x47/0x50 [ 170.749056] do_syscall_64+0x3b/0x90 [ 170.749339] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.749729] RIP: 0033:0x7f4b87518a4d [ 170.750009] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.750470] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.751064] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.751613] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.752144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.752674] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.753208] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.753751] [ 170.753966] irq event stamp: 0 [ 170.754203] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.754742] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.755363] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.755977] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.756437] ---[ end trace 0000000000000000 ]--- [ 170.760649] ------------[ cut here ]------------ [ 170.761027] WARNING: CPU: 0 PID: 1615 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.761779] Modules linked in: [ 170.762021] CPU: 0 PID: 1615 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.762902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.763746] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.764119] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.765477] RSP: 0018:ffff88800f577bb8 EFLAGS: 00010246 [ 170.765874] RAX: 0000000000000000 RBX: ffff888012c508a8 RCX: 0000000000000000 [ 170.766397] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 170.766938] RBP: ffff88800f577bd0 R08: ffffed100258a133 R09: ffffed100258a133 [ 170.767490] R10: ffff888012c50993 R11: ffffed100258a132 R12: ffff888020954400 [ 170.768018] R13: ffff888012c509e8 R14: ffffffff8352e670 R15: ffff88800f577e68 [ 170.768549] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.769150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.769586] CR2: 0000000020000140 CR3: 00000000103ca000 CR4: 0000000000750ef0 [ 170.770116] PKRU: 55555554 [ 170.770327] Call Trace: [ 170.770534] [ 170.770705] __iommufd_access_detach+0x1c2/0x2b0 [ 170.771071] iommufd_access_change_pt+0x149/0x270 [ 170.771448] iommufd_access_replace+0xb4/0x120 [ 170.771796] iommufd_test+0x3e5/0x37e0 [ 170.772084] ? lock_release+0x532/0x770 [ 170.772386] ? __might_fault+0x102/0x1b0 [ 170.772698] ? lock_acquire+0x427/0x4c0 [ 170.773007] ? __pfx_iommufd_test+0x10/0x10 [ 170.773332] ? __pfx_lock_release+0x10/0x10 [ 170.773663] ? __pfx_lock_acquire+0x10/0x10 [ 170.773989] ? write_comp_data+0x2f/0x90 [ 170.774297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.774680] ? write_comp_data+0x2f/0x90 [ 170.774990] iommufd_fops_ioctl+0x37d/0x510 [ 170.775321] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.775688] ? write_comp_data+0x2f/0x90 [ 170.775995] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.776353] __x64_sys_ioctl+0x1a3/0x230 [ 170.776661] do_syscall_64+0x3b/0x90 [ 170.776948] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.777342] RIP: 0033:0x7f4b8743ee5d [ 170.777621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.778991] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.779563] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.780089] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.780610] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.781194] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.781722] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.782260] [ 170.782438] irq event stamp: 0 [ 170.782690] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.783168] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.783788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.784403] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.784865] ---[ end trace 0000000000000000 ]--- [ 170.787517] ------------[ cut here ]------------ [ 170.787877] WARNING: CPU: 0 PID: 1615 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.788622] Modules linked in: [ 170.788858] CPU: 0 PID: 1615 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.789497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.790315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.790722] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.792065] RSP: 0018:ffff88800f577bd0 EFLAGS: 00010246 [ 170.792458] RAX: 0000000000000000 RBX: ffff888012c508a8 RCX: 0000000000000000 [ 170.792976] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 170.793496] RBP: ffff88800f577be8 R08: ffffed100258a133 R09: ffffed100258a133 [ 170.794017] R10: ffff888012c50993 R11: ffffed100258a132 R12: ffff88801226e000 [ 170.794557] R13: ffff888012c509e8 R14: ffff88800ca5aa00 R15: 0000000000000000 [ 170.795085] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.795690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.796115] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 170.796636] PKRU: 55555554 [ 170.796847] Call Trace: [ 170.797035] [ 170.797201] iommufd_access_destroy_object+0x65/0x170 [ 170.797585] iommufd_object_destroy_user+0x18e/0x220 [ 170.797966] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.798398] iommufd_access_destroy+0x43/0x70 [ 170.798759] iommufd_test_staccess_release+0x8d/0xd0 [ 170.799169] __fput+0x26d/0xa40 [ 170.799433] ____fput+0x1e/0x30 [ 170.799687] task_work_run+0x1a4/0x2d0 [ 170.799983] ? __pfx_task_work_run+0x10/0x10 [ 170.800313] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.800679] ? switch_task_namespaces+0xa9/0xe0 [ 170.801035] do_exit+0xb17/0x2ef0 [ 170.801296] ? lock_acquire+0x427/0x4c0 [ 170.801603] ? __pfx_lock_release+0x10/0x10 [ 170.801932] ? __kasan_check_write+0x18/0x20 [ 170.802262] ? do_raw_spin_lock+0x132/0x2a0 [ 170.802598] ? __pfx_do_exit+0x10/0x10 [ 170.802898] ? debug_smp_processor_id+0x20/0x30 [ 170.803251] ? rcu_is_watching+0x19/0xb0 [ 170.803556] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.803901] ? trace_hardirqs_on+0x26/0x120 [ 170.804231] do_group_exit+0xe0/0x2b0 [ 170.804520] __x64_sys_exit_group+0x47/0x50 [ 170.804843] do_syscall_64+0x3b/0x90 [ 170.805132] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.805528] RIP: 0033:0x7f4b87518a4d [ 170.805808] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.806264] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.806848] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.807382] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.807906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.808430] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.808949] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.809475] [ 170.809651] irq event stamp: 0 [ 170.809883] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.810346] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.810983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.811600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.812062] ---[ end trace 0000000000000000 ]--- [ 170.812706] ------------[ cut here ]------------ [ 170.813096] WARNING: CPU: 0 PID: 1615 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.813835] Modules linked in: [ 170.814067] CPU: 0 PID: 1615 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.814711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.815525] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.815897] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.817204] RSP: 0018:ffff88800f577b78 EFLAGS: 00010246 [ 170.817588] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.818101] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 170.818630] RBP: ffff88800f577b98 R08: ffffed100258a13e R09: ffffed100258a13e [ 170.819149] R10: ffff888012c509ef R11: ffffed100258a13d R12: ffff888012c50a90 [ 170.819660] R13: ffff888012c508a8 R14: ffffffffffffffff R15: ffff88800f577c60 [ 170.820165] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.820736] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.821151] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 170.821662] PKRU: 55555554 [ 170.821870] Call Trace: [ 170.822059] [ 170.822226] iommufd_ioas_destroy+0x53/0x70 [ 170.822572] iommufd_fops_release+0x1f7/0x370 [ 170.822906] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.823279] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.823639] ? write_comp_data+0x2f/0x90 [ 170.823943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.824306] __fput+0x26d/0xa40 [ 170.824564] ____fput+0x1e/0x30 [ 170.824812] task_work_run+0x1a4/0x2d0 [ 170.825101] ? __pfx_task_work_run+0x10/0x10 [ 170.825424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.825785] ? switch_task_namespaces+0xa9/0xe0 [ 170.826138] do_exit+0xb17/0x2ef0 [ 170.826396] ? lock_acquire+0x427/0x4c0 [ 170.826712] ? __pfx_lock_release+0x10/0x10 [ 170.827033] ? __kasan_check_write+0x18/0x20 [ 170.827376] ? do_raw_spin_lock+0x132/0x2a0 [ 170.827702] ? __pfx_do_exit+0x10/0x10 [ 170.828003] ? debug_smp_processor_id+0x20/0x30 [ 170.828353] ? rcu_is_watching+0x19/0xb0 [ 170.828660] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.828995] ? trace_hardirqs_on+0x26/0x120 [ 170.829316] do_group_exit+0xe0/0x2b0 [ 170.829600] __x64_sys_exit_group+0x47/0x50 [ 170.829917] do_syscall_64+0x3b/0x90 [ 170.830201] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.830606] RIP: 0033:0x7f4b87518a4d [ 170.830879] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.831338] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.831888] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.832399] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.832914] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.833427] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.833940] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.834462] [ 170.834665] irq event stamp: 0 [ 170.834903] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.835369] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.835973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.836575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.837030] ---[ end trace 0000000000000000 ]--- [ 170.841485] ------------[ cut here ]------------ [ 170.841849] WARNING: CPU: 0 PID: 1616 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.842670] Modules linked in: [ 170.842905] CPU: 0 PID: 1616 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.843539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.844355] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.844718] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.846069] RSP: 0018:ffff8880219e7bb8 EFLAGS: 00010246 [ 170.846449] RAX: 0000000000000000 RBX: ffff888020c9b0a8 RCX: 0000000000000000 [ 170.847081] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 170.847605] RBP: ffff8880219e7bd0 R08: ffffed1004193633 R09: ffffed1004193633 [ 170.848123] R10: ffff888020c9b193 R11: ffffed1004193632 R12: ffff888020fef000 [ 170.848641] R13: ffff888020c9b1e8 R14: ffffffff8352e670 R15: ffff8880219e7e68 [ 170.849151] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.849724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.850142] CR2: 0000000020000140 CR3: 000000002187e000 CR4: 0000000000750ef0 [ 170.850679] PKRU: 55555554 [ 170.850886] Call Trace: [ 170.851071] [ 170.851242] __iommufd_access_detach+0x1c2/0x2b0 [ 170.851600] iommufd_access_change_pt+0x149/0x270 [ 170.851957] iommufd_access_replace+0xb4/0x120 [ 170.852298] iommufd_test+0x3e5/0x37e0 [ 170.852584] ? lock_release+0x532/0x770 [ 170.852880] ? __might_fault+0x102/0x1b0 [ 170.853180] ? lock_acquire+0x427/0x4c0 [ 170.853475] ? __pfx_iommufd_test+0x10/0x10 [ 170.853783] ? __pfx_lock_release+0x10/0x10 [ 170.854099] ? __pfx_lock_acquire+0x10/0x10 [ 170.854417] ? write_comp_data+0x2f/0x90 [ 170.854738] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.855089] ? write_comp_data+0x2f/0x90 [ 170.855394] iommufd_fops_ioctl+0x37d/0x510 [ 170.855705] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.856059] ? write_comp_data+0x2f/0x90 [ 170.856356] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.856700] __x64_sys_ioctl+0x1a3/0x230 [ 170.856997] do_syscall_64+0x3b/0x90 [ 170.857270] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.857641] RIP: 0033:0x7f4b8743ee5d [ 170.857906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.859207] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.859741] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.860245] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.860747] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.861245] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.861746] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.862254] [ 170.862420] irq event stamp: 0 [ 170.862658] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.863102] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.863700] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.864297] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.864749] ---[ end trace 0000000000000000 ]--- [ 170.867443] ------------[ cut here ]------------ [ 170.867789] WARNING: CPU: 0 PID: 1616 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.868523] Modules linked in: [ 170.868877] CPU: 0 PID: 1616 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.869500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.870299] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.870679] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.872130] RSP: 0018:ffff8880219e7bd0 EFLAGS: 00010246 [ 170.872513] RAX: 0000000000000000 RBX: ffff888020c9b0a8 RCX: 0000000000000000 [ 170.873018] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 170.873523] RBP: ffff8880219e7be8 R08: ffffed1004193633 R09: ffffed1004193633 [ 170.874028] R10: ffff888020c9b193 R11: ffffed1004193632 R12: ffff888020954000 [ 170.874559] R13: ffff888020c9b1e8 R14: ffff88800fa0b400 R15: 0000000000000000 [ 170.875063] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.875681] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.876211] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 170.876717] PKRU: 55555554 [ 170.876920] Call Trace: [ 170.877156] [ 170.877318] iommufd_access_destroy_object+0x65/0x170 [ 170.877690] iommufd_object_destroy_user+0x18e/0x220 [ 170.878059] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 170.878561] iommufd_access_destroy+0x43/0x70 [ 170.878981] iommufd_test_staccess_release+0x8d/0xd0 [ 170.879366] __fput+0x26d/0xa40 [ 170.879623] ____fput+0x1e/0x30 [ 170.879873] task_work_run+0x1a4/0x2d0 [ 170.880168] ? __pfx_task_work_run+0x10/0x10 [ 170.880495] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.880855] ? switch_task_namespaces+0xa9/0xe0 [ 170.881206] do_exit+0xb17/0x2ef0 [ 170.881462] ? lock_acquire+0x427/0x4c0 [ 170.881758] ? __pfx_lock_release+0x10/0x10 [ 170.882089] ? __kasan_check_write+0x18/0x20 [ 170.882581] ? do_raw_spin_lock+0x132/0x2a0 [ 170.882903] ? __pfx_do_exit+0x10/0x10 [ 170.883208] ? debug_smp_processor_id+0x20/0x30 [ 170.883551] ? rcu_is_watching+0x19/0xb0 [ 170.883850] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.884183] ? trace_hardirqs_on+0x26/0x120 [ 170.884501] do_group_exit+0xe0/0x2b0 [ 170.884782] __x64_sys_exit_group+0x47/0x50 [ 170.885097] do_syscall_64+0x3b/0x90 [ 170.885379] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.885773] RIP: 0033:0x7f4b87518a4d [ 170.886107] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.886675] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.887236] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.887750] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.888262] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.888778] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.889296] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.889981] [ 170.890157] irq event stamp: 0 [ 170.890391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.890867] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.891492] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.892095] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.892561] ---[ end trace 0000000000000000 ]--- [ 170.893281] ------------[ cut here ]------------ [ 170.893627] WARNING: CPU: 0 PID: 1616 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 170.894364] Modules linked in: [ 170.894629] CPU: 0 PID: 1616 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.895270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.896083] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 170.896485] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 170.898678] RSP: 0018:ffff8880219e7b78 EFLAGS: 00010246 [ 170.899296] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 170.900442] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 170.901226] RBP: ffff8880219e7b98 R08: ffffed100419363e R09: ffffed100419363e [ 170.902006] R10: ffff888020c9b1ef R11: ffffed100419363d R12: ffff888020c9b290 [ 170.903218] R13: ffff888020c9b0a8 R14: ffffffffffffffff R15: ffff8880219e7c60 [ 170.904018] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.904907] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.905556] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 170.906587] PKRU: 55555554 [ 170.906914] Call Trace: [ 170.907216] [ 170.907478] iommufd_ioas_destroy+0x53/0x70 [ 170.907970] iommufd_fops_release+0x1f7/0x370 [ 170.908488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.909060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.909795] ? write_comp_data+0x2f/0x90 [ 170.910272] ? __pfx_iommufd_fops_release+0x10/0x10 [ 170.910887] __fput+0x26d/0xa40 [ 170.911310] ____fput+0x1e/0x30 [ 170.911703] task_work_run+0x1a4/0x2d0 [ 170.912149] ? __pfx_task_work_run+0x10/0x10 [ 170.912663] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.913356] ? switch_task_namespaces+0xa9/0xe0 [ 170.913886] do_exit+0xb17/0x2ef0 [ 170.914271] ? lock_acquire+0x427/0x4c0 [ 170.914756] ? __pfx_lock_release+0x10/0x10 [ 170.915257] ? __kasan_check_write+0x18/0x20 [ 170.915750] ? do_raw_spin_lock+0x132/0x2a0 [ 170.916418] ? __pfx_do_exit+0x10/0x10 [ 170.916860] ? debug_smp_processor_id+0x20/0x30 [ 170.917372] ? rcu_is_watching+0x19/0xb0 [ 170.917810] ? _raw_spin_unlock_irq+0x2b/0x60 [ 170.918307] ? trace_hardirqs_on+0x26/0x120 [ 170.918829] do_group_exit+0xe0/0x2b0 [ 170.919269] __x64_sys_exit_group+0x47/0x50 [ 170.919791] do_syscall_64+0x3b/0x90 [ 170.920348] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.920945] RIP: 0033:0x7f4b87518a4d [ 170.921364] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 170.922211] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 170.923086] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 170.924088] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 170.924874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 170.925824] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 170.926662] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 170.927541] [ 170.927918] irq event stamp: 0 [ 170.928280] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.928981] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.930073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.931206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.931916] ---[ end trace 0000000000000000 ]--- [ 170.938621] ------------[ cut here ]------------ [ 170.939218] WARNING: CPU: 0 PID: 1617 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.940435] Modules linked in: [ 170.940932] CPU: 0 PID: 1617 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.941921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.943418] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.944001] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.946296] RSP: 0018:ffff88800f577bb8 EFLAGS: 00010246 [ 170.947170] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 170.948020] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 170.948871] RBP: ffff88800f577bd0 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 170.949728] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff888014390c00 [ 170.950625] R13: ffff88801587c9e8 R14: ffffffff8352e670 R15: ffff88800f577e68 [ 170.951500] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.952457] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.953153] CR2: 00007f4b877410e8 CR3: 000000002187e000 CR4: 0000000000750ef0 [ 170.954006] PKRU: 55555554 [ 170.954351] Call Trace: [ 170.954714] [ 170.955006] __iommufd_access_detach+0x1c2/0x2b0 [ 170.955624] iommufd_access_change_pt+0x149/0x270 [ 170.956225] iommufd_access_replace+0xb4/0x120 [ 170.956793] iommufd_test+0x3e5/0x37e0 [ 170.957267] ? lock_release+0x532/0x770 [ 170.957765] ? __might_fault+0x102/0x1b0 [ 170.958267] ? lock_acquire+0x427/0x4c0 [ 170.958803] ? __pfx_iommufd_test+0x10/0x10 [ 170.959342] ? __pfx_lock_release+0x10/0x10 [ 170.959876] ? __pfx_lock_acquire+0x10/0x10 [ 170.960409] ? write_comp_data+0x2f/0x90 [ 170.960916] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 170.961510] ? write_comp_data+0x2f/0x90 [ 170.962016] iommufd_fops_ioctl+0x37d/0x510 [ 170.962590] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.963208] ? write_comp_data+0x2f/0x90 [ 170.963709] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 170.964296] __x64_sys_ioctl+0x1a3/0x230 [ 170.964804] do_syscall_64+0x3b/0x90 [ 170.965273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 170.965904] RIP: 0033:0x7f4b8743ee5d [ 170.966356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 170.968571] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 170.969484] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 170.970332] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 170.971231] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 170.972084] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 170.972932] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 170.973792] [ 170.974079] irq event stamp: 0 [ 170.974463] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 170.975277] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 170.976276] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 170.977262] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 170.978012] ---[ end trace 0000000000000000 ]--- [ 170.983070] ------------[ cut here ]------------ [ 170.983803] WARNING: CPU: 0 PID: 1617 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 170.985089] Modules linked in: [ 170.985607] CPU: 0 PID: 1617 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 170.987100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 170.988728] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 170.989347] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 170.991831] RSP: 0018:ffff88800f577bd0 EFLAGS: 00010246 [ 170.992696] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 170.993573] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 170.994710] RBP: ffff88800f577be8 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 170.995616] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff888020fedc00 [ 170.996513] R13: ffff88801587c9e8 R14: ffff88800b874300 R15: 0000000000000000 [ 170.997579] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 170.998715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.999622] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.000532] PKRU: 55555554 [ 171.000949] Call Trace: [ 171.001442] [ 171.001746] iommufd_access_destroy_object+0x65/0x170 [ 171.002428] iommufd_object_destroy_user+0x18e/0x220 [ 171.003360] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.004130] iommufd_access_destroy+0x43/0x70 [ 171.004724] iommufd_test_staccess_release+0x8d/0xd0 [ 171.005600] __fput+0x26d/0xa40 [ 171.006054] ____fput+0x1e/0x30 [ 171.006497] task_work_run+0x1a4/0x2d0 [ 171.007055] ? __pfx_task_work_run+0x10/0x10 [ 171.007829] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.008471] ? switch_task_namespaces+0xa9/0xe0 [ 171.009091] do_exit+0xb17/0x2ef0 [ 171.009731] ? lock_acquire+0x427/0x4c0 [ 171.010265] ? __pfx_lock_release+0x10/0x10 [ 171.010866] ? __kasan_check_write+0x18/0x20 [ 171.011672] ? do_raw_spin_lock+0x132/0x2a0 [ 171.012252] ? __pfx_do_exit+0x10/0x10 [ 171.012791] ? debug_smp_processor_id+0x20/0x30 [ 171.013482] ? rcu_is_watching+0x19/0xb0 [ 171.014190] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.014859] ? trace_hardirqs_on+0x26/0x120 [ 171.015461] do_group_exit+0xe0/0x2b0 [ 171.016229] __x64_sys_exit_group+0x47/0x50 [ 171.016811] do_syscall_64+0x3b/0x90 [ 171.017321] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.018119] RIP: 0033:0x7f4b87518a4d [ 171.018812] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.019654] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.020899] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.021845] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.023076] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.024035] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.025246] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.026212] [ 171.026570] irq event stamp: 0 [ 171.027038] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.028089] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.029244] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.030577] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.031483] ---[ end trace 0000000000000000 ]--- [ 171.036293] ------------[ cut here ]------------ [ 171.036938] WARNING: CPU: 0 PID: 1617 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.038588] Modules linked in: [ 171.039031] CPU: 0 PID: 1617 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.040403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.041883] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.042633] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.045035] RSP: 0018:ffff88800f577b78 EFLAGS: 00010246 [ 171.045745] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.046736] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 171.047700] RBP: ffff88800f577b98 R08: ffffed1002b0f93e R09: ffffed1002b0f93e [ 171.048641] R10: ffff88801587c9ef R11: ffffed1002b0f93d R12: ffff88801587ca90 [ 171.049574] R13: ffff88801587c8a8 R14: ffffffffffffffff R15: ffff88800f577c60 [ 171.050553] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.051624] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.052390] CR2: 00007f82e2fa7018 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 171.053331] PKRU: 55555554 [ 171.053712] Call Trace: [ 171.054057] [ 171.054370] iommufd_ioas_destroy+0x53/0x70 [ 171.054999] iommufd_fops_release+0x1f7/0x370 [ 171.055657] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.056345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.057011] ? write_comp_data+0x2f/0x90 [ 171.057571] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.058240] __fput+0x26d/0xa40 [ 171.058752] ____fput+0x1e/0x30 [ 171.059242] task_work_run+0x1a4/0x2d0 [ 171.059785] ? __pfx_task_work_run+0x10/0x10 [ 171.060381] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.061011] ? switch_task_namespaces+0xa9/0xe0 [ 171.061624] do_exit+0xb17/0x2ef0 [ 171.062070] ? lock_acquire+0x427/0x4c0 [ 171.062644] ? __pfx_lock_release+0x10/0x10 [ 171.063233] ? __kasan_check_write+0x18/0x20 [ 171.063805] ? do_raw_spin_lock+0x132/0x2a0 [ 171.064357] ? __pfx_do_exit+0x10/0x10 [ 171.064867] ? debug_smp_processor_id+0x20/0x30 [ 171.065468] ? rcu_is_watching+0x19/0xb0 [ 171.065990] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.066615] ? trace_hardirqs_on+0x26/0x120 [ 171.067365] do_group_exit+0xe0/0x2b0 [ 171.067739] __x64_sys_exit_group+0x47/0x50 [ 171.068137] do_syscall_64+0x3b/0x90 [ 171.068490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.068999] RIP: 0033:0x7f4b87518a4d [ 171.069340] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.069895] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.070627] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.071294] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.071912] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.072519] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.073167] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.073785] [ 171.073985] irq event stamp: 0 [ 171.074257] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.074818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.075550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.076262] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.076824] ---[ end trace 0000000000000000 ]--- [ 171.081958] ------------[ cut here ]------------ [ 171.082414] WARNING: CPU: 0 PID: 1618 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.083499] Modules linked in: [ 171.083984] CPU: 0 PID: 1618 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.084785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.085766] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.086193] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.087805] RSP: 0018:ffff88801713fbb8 EFLAGS: 00010246 [ 171.088277] RAX: 0000000000000000 RBX: ffff88800b8100a8 RCX: 0000000000000000 [ 171.088885] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 171.089506] RBP: ffff88801713fbd0 R08: ffffed1001702033 R09: ffffed1001702033 [ 171.090125] R10: ffff88800b810193 R11: ffffed1001702032 R12: ffff888010c4a000 [ 171.090749] R13: ffff88800b8101e8 R14: ffffffff8352e670 R15: ffff88801713fe68 [ 171.091377] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.092067] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.092575] CR2: 00007f4b877410e8 CR3: 000000002187e000 CR4: 0000000000750ef0 [ 171.093184] PKRU: 55555554 [ 171.093438] Call Trace: [ 171.093658] [ 171.093853] __iommufd_access_detach+0x1c2/0x2b0 [ 171.094273] iommufd_access_change_pt+0x149/0x270 [ 171.094728] iommufd_access_replace+0xb4/0x120 [ 171.095141] iommufd_test+0x3e5/0x37e0 [ 171.095488] ? lock_release+0x532/0x770 [ 171.095826] ? __might_fault+0x102/0x1b0 [ 171.096166] ? lock_acquire+0x427/0x4c0 [ 171.096498] ? __pfx_iommufd_test+0x10/0x10 [ 171.096858] ? __pfx_lock_release+0x10/0x10 [ 171.097213] ? __pfx_lock_acquire+0x10/0x10 [ 171.097570] ? write_comp_data+0x2f/0x90 [ 171.097921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.098319] ? write_comp_data+0x2f/0x90 [ 171.098687] iommufd_fops_ioctl+0x37d/0x510 [ 171.099050] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.099458] ? write_comp_data+0x2f/0x90 [ 171.099811] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.100202] __x64_sys_ioctl+0x1a3/0x230 [ 171.100540] do_syscall_64+0x3b/0x90 [ 171.100862] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.101290] RIP: 0033:0x7f4b8743ee5d [ 171.101594] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.103094] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.103715] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.104299] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.104873] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.105456] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.106025] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.106639] [ 171.106831] irq event stamp: 0 [ 171.107089] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.107625] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.108295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.108977] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.109499] ---[ end trace 0000000000000000 ]--- [ 171.112537] ------------[ cut here ]------------ [ 171.113084] WARNING: CPU: 0 PID: 1618 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.113915] Modules linked in: [ 171.114186] CPU: 0 PID: 1618 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.115050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.115966] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.116446] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.118008] RSP: 0018:ffff88801713fbd0 EFLAGS: 00010246 [ 171.118649] RAX: 0000000000000000 RBX: ffff88800b8100a8 RCX: 0000000000000000 [ 171.119233] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 171.119821] RBP: ffff88801713fbe8 R08: ffffed1001702033 R09: ffffed1001702033 [ 171.120479] R10: ffff88800b810193 R11: ffffed1001702032 R12: ffff888014393c00 [ 171.121140] R13: ffff88800b8101e8 R14: ffff88800b1cf700 R15: 0000000000000000 [ 171.121732] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.122598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.123078] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.123683] PKRU: 55555554 [ 171.123924] Call Trace: [ 171.124195] [ 171.124496] iommufd_access_destroy_object+0x65/0x170 [ 171.124939] iommufd_object_destroy_user+0x18e/0x220 [ 171.125358] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.125903] iommufd_access_destroy+0x43/0x70 [ 171.126359] iommufd_test_staccess_release+0x8d/0xd0 [ 171.126812] __fput+0x26d/0xa40 [ 171.127121] ____fput+0x1e/0x30 [ 171.127406] task_work_run+0x1a4/0x2d0 [ 171.127735] ? __pfx_task_work_run+0x10/0x10 [ 171.128173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.128692] ? switch_task_namespaces+0xa9/0xe0 [ 171.129112] do_exit+0xb17/0x2ef0 [ 171.129402] ? lock_acquire+0x427/0x4c0 [ 171.129770] ? __pfx_lock_release+0x10/0x10 [ 171.130259] ? __kasan_check_write+0x18/0x20 [ 171.130651] ? do_raw_spin_lock+0x132/0x2a0 [ 171.131008] ? __pfx_do_exit+0x10/0x10 [ 171.131358] ? debug_smp_processor_id+0x20/0x30 [ 171.131744] ? rcu_is_watching+0x19/0xb0 [ 171.132250] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.132637] ? trace_hardirqs_on+0x26/0x120 [ 171.132998] do_group_exit+0xe0/0x2b0 [ 171.133314] __x64_sys_exit_group+0x47/0x50 [ 171.133730] do_syscall_64+0x3b/0x90 [ 171.134174] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.134645] RIP: 0033:0x7f4b87518a4d [ 171.134954] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.135470] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.136271] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.136862] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.137486] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.138161] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.138764] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.139380] [ 171.139571] irq event stamp: 0 [ 171.139828] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.140351] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.141040] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.141717] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.142238] ---[ end trace 0000000000000000 ]--- [ 171.142969] ------------[ cut here ]------------ [ 171.143388] WARNING: CPU: 0 PID: 1618 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.144221] Modules linked in: [ 171.144500] CPU: 0 PID: 1618 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.145215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.146140] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.146605] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.148098] RSP: 0018:ffff88801713fb78 EFLAGS: 00010246 [ 171.148532] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.149125] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 171.149713] RBP: ffff88801713fb98 R08: ffffed100170203e R09: ffffed100170203e [ 171.150290] R10: ffff88800b8101ef R11: ffffed100170203d R12: ffff88800b810290 [ 171.150902] R13: ffff88800b8100a8 R14: ffffffffffffffff R15: ffff88801713fc60 [ 171.151488] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.152150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.152619] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.153207] PKRU: 55555554 [ 171.153437] Call Trace: [ 171.153645] [ 171.153830] iommufd_ioas_destroy+0x53/0x70 [ 171.154199] iommufd_fops_release+0x1f7/0x370 [ 171.154591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.155001] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.155433] ? write_comp_data+0x2f/0x90 [ 171.155778] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.156198] __fput+0x26d/0xa40 [ 171.156479] ____fput+0x1e/0x30 [ 171.156758] task_work_run+0x1a4/0x2d0 [ 171.157083] ? __pfx_task_work_run+0x10/0x10 [ 171.157462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.157868] ? switch_task_namespaces+0xa9/0xe0 [ 171.158257] do_exit+0xb17/0x2ef0 [ 171.158577] ? lock_acquire+0x427/0x4c0 [ 171.158913] ? __pfx_lock_release+0x10/0x10 [ 171.159285] ? __kasan_check_write+0x18/0x20 [ 171.159665] ? do_raw_spin_lock+0x132/0x2a0 [ 171.160021] ? __pfx_do_exit+0x10/0x10 [ 171.160348] ? debug_smp_processor_id+0x20/0x30 [ 171.160746] ? rcu_is_watching+0x19/0xb0 [ 171.161081] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.161455] ? trace_hardirqs_on+0x26/0x120 [ 171.161825] do_group_exit+0xe0/0x2b0 [ 171.162137] __x64_sys_exit_group+0x47/0x50 [ 171.162486] do_syscall_64+0x3b/0x90 [ 171.162840] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.163279] RIP: 0033:0x7f4b87518a4d [ 171.163584] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.164095] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.164712] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.165297] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.165887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.166464] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.167085] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.167682] [ 171.167875] irq event stamp: 0 [ 171.168147] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.168659] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.169347] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.170023] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.170572] ---[ end trace 0000000000000000 ]--- [ 171.174626] ------------[ cut here ]------------ [ 171.175043] WARNING: CPU: 0 PID: 1619 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.175863] Modules linked in: [ 171.176118] CPU: 0 PID: 1619 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.176823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.177702] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.178107] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.179589] RSP: 0018:ffff888023eafbb8 EFLAGS: 00010246 [ 171.180024] RAX: 0000000000000000 RBX: ffff888010b790a8 RCX: 0000000000000000 [ 171.180584] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 171.181153] RBP: ffff888023eafbd0 R08: ffffed100216f233 R09: ffffed100216f233 [ 171.181712] R10: ffff888010b79193 R11: ffffed100216f232 R12: ffff888010825400 [ 171.182282] R13: ffff888010b791e8 R14: ffffffff8352e670 R15: ffff888023eafe68 [ 171.182858] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.183515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.183970] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ef0 [ 171.184544] PKRU: 55555554 [ 171.184768] Call Trace: [ 171.184972] [ 171.185152] __iommufd_access_detach+0x1c2/0x2b0 [ 171.185556] iommufd_access_change_pt+0x149/0x270 [ 171.185947] iommufd_access_replace+0xb4/0x120 [ 171.186321] iommufd_test+0x3e5/0x37e0 [ 171.186668] ? lock_release+0x532/0x770 [ 171.186996] ? __might_fault+0x102/0x1b0 [ 171.187332] ? lock_acquire+0x427/0x4c0 [ 171.187670] ? __pfx_iommufd_test+0x10/0x10 [ 171.188011] ? __pfx_lock_release+0x10/0x10 [ 171.188364] ? __pfx_lock_acquire+0x10/0x10 [ 171.188742] ? write_comp_data+0x2f/0x90 [ 171.189076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.189469] ? write_comp_data+0x2f/0x90 [ 171.189814] iommufd_fops_ioctl+0x37d/0x510 [ 171.190160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.190577] ? write_comp_data+0x2f/0x90 [ 171.190921] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.191315] __x64_sys_ioctl+0x1a3/0x230 [ 171.191650] do_syscall_64+0x3b/0x90 [ 171.191967] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.192385] RIP: 0033:0x7f4b8743ee5d [ 171.192681] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.194134] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.194753] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.195328] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.195881] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.196442] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.196999] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.197570] [ 171.197751] irq event stamp: 0 [ 171.197996] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.198499] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.199203] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.199858] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.200345] ---[ end trace 0000000000000000 ]--- [ 171.203108] ------------[ cut here ]------------ [ 171.203519] WARNING: CPU: 0 PID: 1619 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.204309] Modules linked in: [ 171.204559] CPU: 0 PID: 1619 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.205243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.206118] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.206498] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.207942] RSP: 0018:ffff888023eafbd0 EFLAGS: 00010246 [ 171.208365] RAX: 0000000000000000 RBX: ffff888010b790a8 RCX: 0000000000000000 [ 171.208915] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 171.209485] RBP: ffff888023eafbe8 R08: ffffed100216f233 R09: ffffed100216f233 [ 171.210034] R10: ffff888010b79193 R11: ffffed100216f232 R12: ffff888010c4b800 [ 171.210629] R13: ffff888010b791e8 R14: ffff888013c90500 R15: 0000000000000000 [ 171.211189] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.211821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.212268] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.212830] PKRU: 55555554 [ 171.213051] Call Trace: [ 171.213250] [ 171.213431] iommufd_access_destroy_object+0x65/0x170 [ 171.213849] iommufd_object_destroy_user+0x18e/0x220 [ 171.214247] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.214735] iommufd_access_destroy+0x43/0x70 [ 171.215097] iommufd_test_staccess_release+0x8d/0xd0 [ 171.215511] __fput+0x26d/0xa40 [ 171.215794] ____fput+0x1e/0x30 [ 171.216059] task_work_run+0x1a4/0x2d0 [ 171.216369] ? __pfx_task_work_run+0x10/0x10 [ 171.216734] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.217117] ? switch_task_namespaces+0xa9/0xe0 [ 171.217491] do_exit+0xb17/0x2ef0 [ 171.217769] ? lock_acquire+0x427/0x4c0 [ 171.218095] ? __pfx_lock_release+0x10/0x10 [ 171.218436] ? __kasan_check_write+0x18/0x20 [ 171.218805] ? do_raw_spin_lock+0x132/0x2a0 [ 171.219161] ? __pfx_do_exit+0x10/0x10 [ 171.219476] ? debug_smp_processor_id+0x20/0x30 [ 171.219842] ? rcu_is_watching+0x19/0xb0 [ 171.220174] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.220531] ? trace_hardirqs_on+0x26/0x120 [ 171.220871] do_group_exit+0xe0/0x2b0 [ 171.221182] __x64_sys_exit_group+0x47/0x50 [ 171.221520] do_syscall_64+0x3b/0x90 [ 171.221818] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.222238] RIP: 0033:0x7f4b87518a4d [ 171.222549] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.223023] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.223632] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.224180] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.224744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.225290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.225857] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.226421] [ 171.226637] irq event stamp: 0 [ 171.226885] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.227386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.228095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.228749] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.229237] ---[ end trace 0000000000000000 ]--- [ 171.229932] ------------[ cut here ]------------ [ 171.230300] WARNING: CPU: 0 PID: 1619 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.231133] Modules linked in: [ 171.231391] CPU: 0 PID: 1619 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.232086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.232967] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.233373] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.234818] RSP: 0018:ffff888023eafb78 EFLAGS: 00010246 [ 171.235286] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.235970] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 171.236573] RBP: ffff888023eafb98 R08: ffffed100216f23e R09: ffffed100216f23e [ 171.237121] R10: ffff888010b791ef R11: ffffed100216f23d R12: ffff888010b79290 [ 171.237680] R13: ffff888010b790a8 R14: ffffffffffffffff R15: ffff888023eafc60 [ 171.238229] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.238883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.239351] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.239903] PKRU: 55555554 [ 171.240122] Call Trace: [ 171.240321] [ 171.240509] iommufd_ioas_destroy+0x53/0x70 [ 171.240854] iommufd_fops_release+0x1f7/0x370 [ 171.241208] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.241613] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.242001] ? write_comp_data+0x2f/0x90 [ 171.242327] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.242747] __fput+0x26d/0xa40 [ 171.243021] ____fput+0x1e/0x30 [ 171.243293] task_work_run+0x1a4/0x2d0 [ 171.243612] ? __pfx_task_work_run+0x10/0x10 [ 171.243971] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.244355] ? switch_task_namespaces+0xa9/0xe0 [ 171.244738] do_exit+0xb17/0x2ef0 [ 171.245012] ? lock_acquire+0x427/0x4c0 [ 171.245329] ? __pfx_lock_release+0x10/0x10 [ 171.245670] ? __kasan_check_write+0x18/0x20 [ 171.246027] ? do_raw_spin_lock+0x132/0x2a0 [ 171.246365] ? __pfx_do_exit+0x10/0x10 [ 171.246695] ? debug_smp_processor_id+0x20/0x30 [ 171.247075] ? rcu_is_watching+0x19/0xb0 [ 171.247404] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.247763] ? trace_hardirqs_on+0x26/0x120 [ 171.248117] do_group_exit+0xe0/0x2b0 [ 171.248414] __x64_sys_exit_group+0x47/0x50 [ 171.248755] do_syscall_64+0x3b/0x90 [ 171.249064] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.249471] RIP: 0033:0x7f4b87518a4d [ 171.249761] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.250243] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.250851] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.251417] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.251967] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.252524] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.253072] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.253646] [ 171.253831] irq event stamp: 0 [ 171.254076] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.254594] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.255251] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.255904] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.256389] ---[ end trace 0000000000000000 ]--- [ 171.260915] ------------[ cut here ]------------ [ 171.261322] WARNING: CPU: 0 PID: 1620 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.262120] Modules linked in: [ 171.262372] CPU: 0 PID: 1620 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.263295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.264172] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.264570] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.265987] RSP: 0018:ffff8880209bfbb8 EFLAGS: 00010246 [ 171.266415] RAX: 0000000000000000 RBX: ffff88801837b0a8 RCX: 0000000000000000 [ 171.266985] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 171.267561] RBP: ffff8880209bfbd0 R08: ffffed100306f633 R09: ffffed100306f633 [ 171.268111] R10: ffff88801837b193 R11: ffffed100306f632 R12: ffff888010c54000 [ 171.268675] R13: ffff88801837b1e8 R14: ffffffff8352e670 R15: ffff8880209bfe68 [ 171.269225] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.269858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.270306] CR2: 0000000020000140 CR3: 0000000013e70000 CR4: 0000000000750ef0 [ 171.270890] PKRU: 55555554 [ 171.271130] Call Trace: [ 171.271332] [ 171.271511] __iommufd_access_detach+0x1c2/0x2b0 [ 171.271910] iommufd_access_change_pt+0x149/0x270 [ 171.272301] iommufd_access_replace+0xb4/0x120 [ 171.272669] iommufd_test+0x3e5/0x37e0 [ 171.272994] ? lock_release+0x532/0x770 [ 171.273312] ? __might_fault+0x102/0x1b0 [ 171.273637] ? lock_acquire+0x427/0x4c0 [ 171.273969] ? __pfx_iommufd_test+0x10/0x10 [ 171.274304] ? __pfx_lock_release+0x10/0x10 [ 171.274665] ? __pfx_lock_acquire+0x10/0x10 [ 171.275023] ? write_comp_data+0x2f/0x90 [ 171.275390] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.275781] ? write_comp_data+0x2f/0x90 [ 171.276145] iommufd_fops_ioctl+0x37d/0x510 [ 171.276487] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.276873] ? write_comp_data+0x2f/0x90 [ 171.277212] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.277597] __x64_sys_ioctl+0x1a3/0x230 [ 171.277924] do_syscall_64+0x3b/0x90 [ 171.278223] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.278685] RIP: 0033:0x7f4b8743ee5d [ 171.278979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.280423] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.281036] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.281604] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.282156] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.282745] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.283334] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.283918] [ 171.284105] irq event stamp: 0 [ 171.284365] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.284872] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.285524] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.286180] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.286698] ---[ end trace 0000000000000000 ]--- [ 171.289418] ------------[ cut here ]------------ [ 171.289821] WARNING: CPU: 0 PID: 1620 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.290645] Modules linked in: [ 171.290895] CPU: 0 PID: 1620 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.291591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.292466] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.292853] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.294264] RSP: 0018:ffff8880209bfbd0 EFLAGS: 00010246 [ 171.294705] RAX: 0000000000000000 RBX: ffff88801837b0a8 RCX: 0000000000000000 [ 171.295269] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 171.295826] RBP: ffff8880209bfbe8 R08: ffffed100306f633 R09: ffffed100306f633 [ 171.296372] R10: ffff88801837b193 R11: ffffed100306f632 R12: ffff888010826c00 [ 171.296933] R13: ffff88801837b1e8 R14: ffff888010aa9500 R15: 0000000000000000 [ 171.297479] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.298107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.298577] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.299148] PKRU: 55555554 [ 171.299370] Call Trace: [ 171.299569] [ 171.299746] iommufd_access_destroy_object+0x65/0x170 [ 171.300166] iommufd_object_destroy_user+0x18e/0x220 [ 171.300576] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.301041] iommufd_access_destroy+0x43/0x70 [ 171.301401] iommufd_test_staccess_release+0x8d/0xd0 [ 171.301798] __fput+0x26d/0xa40 [ 171.302070] ____fput+0x1e/0x30 [ 171.302347] task_work_run+0x1a4/0x2d0 [ 171.302678] ? __pfx_task_work_run+0x10/0x10 [ 171.303027] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.303434] ? switch_task_namespaces+0xa9/0xe0 [ 171.303811] do_exit+0xb17/0x2ef0 [ 171.304085] ? lock_acquire+0x427/0x4c0 [ 171.304420] ? __pfx_lock_release+0x10/0x10 [ 171.304767] ? __kasan_check_write+0x18/0x20 [ 171.305115] ? do_raw_spin_lock+0x132/0x2a0 [ 171.305464] ? __pfx_do_exit+0x10/0x10 [ 171.305774] ? debug_smp_processor_id+0x20/0x30 [ 171.306139] ? rcu_is_watching+0x19/0xb0 [ 171.306466] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.306844] ? trace_hardirqs_on+0x26/0x120 [ 171.307193] do_group_exit+0xe0/0x2b0 [ 171.307503] __x64_sys_exit_group+0x47/0x50 [ 171.307848] do_syscall_64+0x3b/0x90 [ 171.308148] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.308562] RIP: 0033:0x7f4b87518a4d [ 171.308863] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.309337] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.309937] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.310486] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.311067] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.311629] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.312192] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.312755] [ 171.312951] irq event stamp: 0 [ 171.313195] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.313687] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.314348] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.315034] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.315548] ---[ end trace 0000000000000000 ]--- [ 171.316262] ------------[ cut here ]------------ [ 171.316637] WARNING: CPU: 0 PID: 1620 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.317436] Modules linked in: [ 171.317688] CPU: 0 PID: 1620 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.318378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.319280] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.319699] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.321116] RSP: 0018:ffff8880209bfb78 EFLAGS: 00010246 [ 171.321526] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.322084] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 171.322653] RBP: ffff8880209bfb98 R08: ffffed100306f63e R09: ffffed100306f63e [ 171.323223] R10: ffff88801837b1ef R11: ffffed100306f63d R12: ffff88801837b290 [ 171.323786] R13: ffff88801837b0a8 R14: ffffffffffffffff R15: ffff8880209bfc60 [ 171.324339] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.324969] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.325417] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.325978] PKRU: 55555554 [ 171.326202] Call Trace: [ 171.326404] [ 171.326602] iommufd_ioas_destroy+0x53/0x70 [ 171.326948] iommufd_fops_release+0x1f7/0x370 [ 171.327328] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.327725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.328124] ? write_comp_data+0x2f/0x90 [ 171.328450] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.328840] __fput+0x26d/0xa40 [ 171.329116] ____fput+0x1e/0x30 [ 171.329395] task_work_run+0x1a4/0x2d0 [ 171.329705] ? __pfx_task_work_run+0x10/0x10 [ 171.330052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.330451] ? switch_task_namespaces+0xa9/0xe0 [ 171.330847] do_exit+0xb17/0x2ef0 [ 171.331125] ? lock_acquire+0x427/0x4c0 [ 171.331464] ? __pfx_lock_release+0x10/0x10 [ 171.331811] ? __kasan_check_write+0x18/0x20 [ 171.332159] ? do_raw_spin_lock+0x132/0x2a0 [ 171.332511] ? __pfx_do_exit+0x10/0x10 [ 171.332825] ? debug_smp_processor_id+0x20/0x30 [ 171.333192] ? rcu_is_watching+0x19/0xb0 [ 171.333514] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.333882] ? trace_hardirqs_on+0x26/0x120 [ 171.334224] do_group_exit+0xe0/0x2b0 [ 171.334554] __x64_sys_exit_group+0x47/0x50 [ 171.334902] do_syscall_64+0x3b/0x90 [ 171.335213] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.335624] RIP: 0033:0x7f4b87518a4d [ 171.335926] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.336409] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.337026] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.337583] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.338152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.338732] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.339301] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.339861] [ 171.340052] irq event stamp: 0 [ 171.340301] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.340788] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.341447] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.342094] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.342619] ---[ end trace 0000000000000000 ]--- [ 171.348042] ------------[ cut here ]------------ [ 171.348617] WARNING: CPU: 1 PID: 1621 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.349742] Modules linked in: [ 171.350107] CPU: 1 PID: 1621 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.351509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.352746] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.353295] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.355304] RSP: 0018:ffff88801713fbb8 EFLAGS: 00010246 [ 171.355893] RAX: 0000000000000000 RBX: ffff888021af48a8 RCX: 0000000000000000 [ 171.356667] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 171.357443] RBP: ffff88801713fbd0 R08: ffffed100435e933 R09: ffffed100435e933 [ 171.358221] R10: ffff888021af4993 R11: ffffed100435e932 R12: ffff88800f0e2000 [ 171.359026] R13: ffff888021af49e8 R14: ffffffff8352e670 R15: ffff88801713fe68 [ 171.359814] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.360686] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.361317] CR2: 0000000020000140 CR3: 0000000013e70000 CR4: 0000000000750ee0 [ 171.362088] PKRU: 55555554 [ 171.362392] Call Trace: [ 171.362698] [ 171.362951] __iommufd_access_detach+0x1c2/0x2b0 [ 171.363487] iommufd_access_change_pt+0x149/0x270 [ 171.364022] iommufd_access_replace+0xb4/0x120 [ 171.364526] iommufd_test+0x3e5/0x37e0 [ 171.364950] ? lock_release+0x532/0x770 [ 171.365390] ? __might_fault+0x102/0x1b0 [ 171.365836] ? lock_acquire+0x427/0x4c0 [ 171.366277] ? __pfx_iommufd_test+0x10/0x10 [ 171.366766] ? __pfx_lock_release+0x10/0x10 [ 171.367257] ? __pfx_lock_acquire+0x10/0x10 [ 171.367734] ? write_comp_data+0x2f/0x90 [ 171.368184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.368713] ? write_comp_data+0x2f/0x90 [ 171.369162] iommufd_fops_ioctl+0x37d/0x510 [ 171.369630] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.370159] ? write_comp_data+0x2f/0x90 [ 171.370637] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.371179] __x64_sys_ioctl+0x1a3/0x230 [ 171.371630] do_syscall_64+0x3b/0x90 [ 171.372043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.372605] RIP: 0033:0x7f4b8743ee5d [ 171.373006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.374924] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.375652] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.376165] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.376669] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.377173] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.377678] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.378195] [ 171.378363] irq event stamp: 0 [ 171.378613] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.379066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.379679] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.380286] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.380888] ---[ end trace 0000000000000000 ]--- [ 171.383738] ------------[ cut here ]------------ [ 171.384157] WARNING: CPU: 1 PID: 1621 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.384942] Modules linked in: [ 171.385177] CPU: 1 PID: 1621 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.385860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.386782] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.387163] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.388604] RSP: 0018:ffff88801713fbd0 EFLAGS: 00010246 [ 171.388997] RAX: 0000000000000000 RBX: ffff888021af48a8 RCX: 0000000000000000 [ 171.389519] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 171.390128] RBP: ffff88801713fbe8 R08: ffffed100435e933 R09: ffffed100435e933 [ 171.390667] R10: ffff888021af4993 R11: ffffed100435e932 R12: ffff888020a8f800 [ 171.391198] R13: ffff888021af49e8 R14: ffff888013a63700 R15: 0000000000000000 [ 171.391812] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.392401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.392830] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 171.393376] PKRU: 55555554 [ 171.393645] Call Trace: [ 171.393834] [ 171.394002] iommufd_access_destroy_object+0x65/0x170 [ 171.394389] iommufd_object_destroy_user+0x18e/0x220 [ 171.394794] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.395239] iommufd_access_destroy+0x43/0x70 [ 171.395604] iommufd_test_staccess_release+0x8d/0xd0 [ 171.396051] __fput+0x26d/0xa40 [ 171.396309] ____fput+0x1e/0x30 [ 171.396560] task_work_run+0x1a4/0x2d0 [ 171.396855] ? __pfx_task_work_run+0x10/0x10 [ 171.397200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.397638] ? switch_task_namespaces+0xa9/0xe0 [ 171.397992] do_exit+0xb17/0x2ef0 [ 171.398252] ? lock_acquire+0x427/0x4c0 [ 171.398570] ? __pfx_lock_release+0x10/0x10 [ 171.398897] ? __kasan_check_write+0x18/0x20 [ 171.399250] ? do_raw_spin_lock+0x132/0x2a0 [ 171.399670] ? __pfx_do_exit+0x10/0x10 [ 171.399969] ? debug_smp_processor_id+0x20/0x30 [ 171.400319] ? rcu_is_watching+0x19/0xb0 [ 171.400622] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.400963] ? trace_hardirqs_on+0x26/0x120 [ 171.401380] do_group_exit+0xe0/0x2b0 [ 171.401664] __x64_sys_exit_group+0x47/0x50 [ 171.401983] do_syscall_64+0x3b/0x90 [ 171.402269] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.402680] RIP: 0033:0x7f4b87518a4d [ 171.402959] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.403507] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.404068] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.404592] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.405193] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.405721] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.406254] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.406866] [ 171.407055] irq event stamp: 0 [ 171.407304] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.407774] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.408405] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.409140] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.409615] ---[ end trace 0000000000000000 ]--- [ 171.410476] ------------[ cut here ]------------ [ 171.411058] WARNING: CPU: 1 PID: 1621 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.411836] Modules linked in: [ 171.412088] CPU: 1 PID: 1621 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.412847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.413685] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.414072] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.415569] RSP: 0018:ffff88801713fb78 EFLAGS: 00010246 [ 171.415974] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.416565] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 171.417122] RBP: ffff88801713fb98 R08: ffffed100435e93e R09: ffffed100435e93e [ 171.417654] R10: ffff888021af49ef R11: ffffed100435e93d R12: ffff888021af4a90 [ 171.418250] R13: ffff888021af48a8 R14: ffffffffffffffff R15: ffff88801713fc60 [ 171.418843] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.419464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.419906] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 171.420548] PKRU: 55555554 [ 171.420767] Call Trace: [ 171.420966] [ 171.421141] iommufd_ioas_destroy+0x53/0x70 [ 171.421480] iommufd_fops_release+0x1f7/0x370 [ 171.421865] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.422318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.422728] ? write_comp_data+0x2f/0x90 [ 171.423062] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.423466] __fput+0x26d/0xa40 [ 171.423738] ____fput+0x1e/0x30 [ 171.424019] task_work_run+0x1a4/0x2d0 [ 171.424398] ? __pfx_task_work_run+0x10/0x10 [ 171.424749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.425130] ? switch_task_namespaces+0xa9/0xe0 [ 171.425510] do_exit+0xb17/0x2ef0 [ 171.425804] ? lock_acquire+0x427/0x4c0 [ 171.426212] ? __pfx_lock_release+0x10/0x10 [ 171.426581] ? __kasan_check_write+0x18/0x20 [ 171.426936] ? do_raw_spin_lock+0x132/0x2a0 [ 171.427290] ? __pfx_do_exit+0x10/0x10 [ 171.427609] ? debug_smp_processor_id+0x20/0x30 [ 171.427996] ? rcu_is_watching+0x19/0xb0 [ 171.428397] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.428765] ? trace_hardirqs_on+0x26/0x120 [ 171.429115] do_group_exit+0xe0/0x2b0 [ 171.429419] __x64_sys_exit_group+0x47/0x50 [ 171.429773] do_syscall_64+0x3b/0x90 [ 171.430160] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.430595] RIP: 0033:0x7f4b87518a4d [ 171.430890] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.431384] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.432004] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.432627] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.433185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.433754] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.434407] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.434992] [ 171.435193] irq event stamp: 0 [ 171.435447] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.435969] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.436695] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.437350] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.437907] ---[ end trace 0000000000000000 ]--- [ 171.442166] ------------[ cut here ]------------ [ 171.442596] WARNING: CPU: 1 PID: 1622 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.443556] Modules linked in: [ 171.443807] CPU: 1 PID: 1622 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.444483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.445468] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.445858] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.447413] RSP: 0018:ffff88801862fbb8 EFLAGS: 00010246 [ 171.447829] RAX: 0000000000000000 RBX: ffff888021b908a8 RCX: 0000000000000000 [ 171.448437] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 171.449054] RBP: ffff88801862fbd0 R08: ffffed1004372133 R09: ffffed1004372133 [ 171.449606] R10: ffff888021b90993 R11: ffffed1004372132 R12: ffff88801226cc00 [ 171.450208] R13: ffff888021b909e8 R14: ffffffff8352e670 R15: ffff88801862fe68 [ 171.450825] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.451462] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.451931] CR2: 00007f4b877410e8 CR3: 0000000013e70000 CR4: 0000000000750ee0 [ 171.452567] PKRU: 55555554 [ 171.452791] Call Trace: [ 171.452993] [ 171.453170] __iommufd_access_detach+0x1c2/0x2b0 [ 171.453559] iommufd_access_change_pt+0x149/0x270 [ 171.454049] iommufd_access_replace+0xb4/0x120 [ 171.454418] iommufd_test+0x3e5/0x37e0 [ 171.454739] ? lock_release+0x532/0x770 [ 171.455062] ? __might_fault+0x102/0x1b0 [ 171.455405] ? lock_acquire+0x427/0x4c0 [ 171.455831] ? __pfx_iommufd_test+0x10/0x10 [ 171.456181] ? __pfx_lock_release+0x10/0x10 [ 171.456536] ? __pfx_lock_acquire+0x10/0x10 [ 171.456898] ? write_comp_data+0x2f/0x90 [ 171.457231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.457735] ? write_comp_data+0x2f/0x90 [ 171.458071] iommufd_fops_ioctl+0x37d/0x510 [ 171.458426] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.458842] ? write_comp_data+0x2f/0x90 [ 171.459197] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.459690] __x64_sys_ioctl+0x1a3/0x230 [ 171.460039] do_syscall_64+0x3b/0x90 [ 171.460359] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.460794] RIP: 0033:0x7f4b8743ee5d [ 171.461171] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.462733] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.463514] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.464100] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.464685] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.465422] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.466001] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.466617] [ 171.466811] irq event stamp: 0 [ 171.467072] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.467603] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.468316] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.469098] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.469616] ---[ end trace 0000000000000000 ]--- [ 171.472579] ------------[ cut here ]------------ [ 171.473016] WARNING: CPU: 1 PID: 1622 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.473877] Modules linked in: [ 171.474236] CPU: 1 PID: 1622 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.475008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.475934] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.476412] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.477990] RSP: 0018:ffff88801862fbd0 EFLAGS: 00010246 [ 171.478565] RAX: 0000000000000000 RBX: ffff888021b908a8 RCX: 0000000000000000 [ 171.479151] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 171.479747] RBP: ffff88801862fbe8 R08: ffffed1004372133 R09: ffffed1004372133 [ 171.480395] R10: ffff888021b90993 R11: ffffed1004372132 R12: ffff88800f0e3800 [ 171.481061] R13: ffff888021b909e8 R14: ffff88800f9a0700 R15: 0000000000000000 [ 171.481651] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.482362] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.482933] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 171.483529] PKRU: 55555554 [ 171.483762] Call Trace: [ 171.483974] [ 171.484162] iommufd_access_destroy_object+0x65/0x170 [ 171.484662] iommufd_object_destroy_user+0x18e/0x220 [ 171.485167] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.485654] iommufd_access_destroy+0x43/0x70 [ 171.486031] iommufd_test_staccess_release+0x8d/0xd0 [ 171.486555] __fput+0x26d/0xa40 [ 171.486926] ____fput+0x1e/0x30 [ 171.487217] task_work_run+0x1a4/0x2d0 [ 171.487551] ? __pfx_task_work_run+0x10/0x10 [ 171.487921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.488326] ? switch_task_namespaces+0xa9/0xe0 [ 171.488722] do_exit+0xb17/0x2ef0 [ 171.489067] ? lock_acquire+0x427/0x4c0 [ 171.489454] ? __pfx_lock_release+0x10/0x10 [ 171.489818] ? __kasan_check_write+0x18/0x20 [ 171.490184] ? do_raw_spin_lock+0x132/0x2a0 [ 171.490563] ? __pfx_do_exit+0x10/0x10 [ 171.491005] ? debug_smp_processor_id+0x20/0x30 [ 171.491404] ? rcu_is_watching+0x19/0xb0 [ 171.491742] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.492121] ? trace_hardirqs_on+0x26/0x120 [ 171.492481] do_group_exit+0xe0/0x2b0 [ 171.492808] __x64_sys_exit_group+0x47/0x50 [ 171.493275] do_syscall_64+0x3b/0x90 [ 171.493592] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.494029] RIP: 0033:0x7f4b87518a4d [ 171.494335] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.494928] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.495617] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.496198] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.496781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.497492] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.498073] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.498681] [ 171.498875] irq event stamp: 0 [ 171.499192] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.499782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.500463] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.501208] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.501795] ---[ end trace 0000000000000000 ]--- [ 171.502566] ------------[ cut here ]------------ [ 171.502959] WARNING: CPU: 1 PID: 1622 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.503937] Modules linked in: [ 171.504208] CPU: 1 PID: 1622 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.504921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.505956] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.506385] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.508018] RSP: 0018:ffff88801862fb78 EFLAGS: 00010246 [ 171.508468] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.509048] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 171.509768] RBP: ffff88801862fb98 R08: ffffed100437213e R09: ffffed100437213e [ 171.510352] R10: ffff888021b909ef R11: ffffed100437213d R12: ffff888021b90a90 [ 171.510949] R13: ffff888021b908a8 R14: ffffffffffffffff R15: ffff88801862fc60 [ 171.511653] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.512311] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.512793] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 171.513491] PKRU: 55555554 [ 171.513728] Call Trace: [ 171.513942] [ 171.514132] iommufd_ioas_destroy+0x53/0x70 [ 171.514492] iommufd_fops_release+0x1f7/0x370 [ 171.514896] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.515352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.515837] ? write_comp_data+0x2f/0x90 [ 171.516180] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.516593] __fput+0x26d/0xa40 [ 171.516879] ____fput+0x1e/0x30 [ 171.517200] task_work_run+0x1a4/0x2d0 [ 171.517584] ? __pfx_task_work_run+0x10/0x10 [ 171.517953] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.518360] ? switch_task_namespaces+0xa9/0xe0 [ 171.518786] do_exit+0xb17/0x2ef0 [ 171.519084] ? lock_acquire+0x427/0x4c0 [ 171.519479] ? __pfx_lock_release+0x10/0x10 [ 171.519906] ? __kasan_check_write+0x18/0x20 [ 171.520275] ? do_raw_spin_lock+0x132/0x2a0 [ 171.520633] ? __pfx_do_exit+0x10/0x10 [ 171.520966] ? debug_smp_processor_id+0x20/0x30 [ 171.521375] ? rcu_is_watching+0x19/0xb0 [ 171.521806] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.522183] ? trace_hardirqs_on+0x26/0x120 [ 171.522589] do_group_exit+0xe0/0x2b0 [ 171.522924] __x64_sys_exit_group+0x47/0x50 [ 171.523305] do_syscall_64+0x3b/0x90 [ 171.523655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.524191] RIP: 0033:0x7f4b87518a4d [ 171.524511] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.525033] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.525747] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.526403] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.527056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.527664] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.528268] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.528880] [ 171.529080] irq event stamp: 0 [ 171.529348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.529882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.530611] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.531339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.531871] ---[ end trace 0000000000000000 ]--- [ 171.536060] ------------[ cut here ]------------ [ 171.536492] WARNING: CPU: 1 PID: 1623 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.537341] Modules linked in: [ 171.537611] CPU: 1 PID: 1623 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.538342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.539345] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.539766] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.541291] RSP: 0018:ffff888016097bb8 EFLAGS: 00010246 [ 171.541731] RAX: 0000000000000000 RBX: ffff88800cb960a8 RCX: 0000000000000000 [ 171.542333] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 171.542946] RBP: ffff888016097bd0 R08: ffffed1001972c33 R09: ffffed1001972c33 [ 171.543545] R10: ffff88800cb96193 R11: ffffed1001972c32 R12: ffff88800fcb2c00 [ 171.544130] R13: ffff88800cb961e8 R14: ffffffff8352e670 R15: ffff888016097e68 [ 171.544718] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.545366] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.545832] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ee0 [ 171.546397] PKRU: 55555554 [ 171.546636] Call Trace: [ 171.546843] [ 171.547027] __iommufd_access_detach+0x1c2/0x2b0 [ 171.547435] iommufd_access_change_pt+0x149/0x270 [ 171.547838] iommufd_access_replace+0xb4/0x120 [ 171.548219] iommufd_test+0x3e5/0x37e0 [ 171.548540] ? lock_release+0x532/0x770 [ 171.548881] ? __might_fault+0x102/0x1b0 [ 171.549225] ? lock_acquire+0x427/0x4c0 [ 171.549564] ? __pfx_iommufd_test+0x10/0x10 [ 171.549916] ? __pfx_lock_release+0x10/0x10 [ 171.550277] ? __pfx_lock_acquire+0x10/0x10 [ 171.550659] ? write_comp_data+0x2f/0x90 [ 171.550998] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.551411] ? write_comp_data+0x2f/0x90 [ 171.551756] iommufd_fops_ioctl+0x37d/0x510 [ 171.552112] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.552513] ? write_comp_data+0x2f/0x90 [ 171.552850] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.553238] __x64_sys_ioctl+0x1a3/0x230 [ 171.553574] do_syscall_64+0x3b/0x90 [ 171.553885] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.554307] RIP: 0033:0x7f4b8743ee5d [ 171.554623] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.556111] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.556738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.557311] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.557881] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.558451] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.559046] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.559644] [ 171.559836] irq event stamp: 0 [ 171.560093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.560605] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.561275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.561946] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.562456] ---[ end trace 0000000000000000 ]--- [ 171.565397] ------------[ cut here ]------------ [ 171.565813] WARNING: CPU: 1 PID: 1623 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.566672] Modules linked in: [ 171.566936] CPU: 1 PID: 1623 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.567995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.569250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.569820] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.571905] RSP: 0018:ffff888016097bd0 EFLAGS: 00010246 [ 171.572513] RAX: 0000000000000000 RBX: ffff88800cb960a8 RCX: 0000000000000000 [ 171.573308] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 171.574107] RBP: ffff888016097be8 R08: ffffed1001972c33 R09: ffffed1001972c33 [ 171.574941] R10: ffff88800cb96193 R11: ffffed1001972c32 R12: ffff88801226dc00 [ 171.575097] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 171.575758] R13: ffff88800cb961e8 R14: ffff8880104c0500 R15: 0000000000000000 [ 171.575775] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.577415] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 171.578165] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.580990] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 171.581779] PKRU: 55555554 [ 171.582097] Call Trace: [ 171.582388] [ 171.582701] iommufd_access_destroy_object+0x65/0x170 [ 171.583307] iommufd_object_destroy_user+0x18e/0x220 [ 171.583891] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.584548] iommufd_access_destroy+0x43/0x70 [ 171.585066] iommufd_test_staccess_release+0x8d/0xd0 [ 171.585651] __fput+0x26d/0xa40 [ 171.586047] ____fput+0x1e/0x30 [ 171.586437] task_work_run+0x1a4/0x2d0 [ 171.586927] ? __pfx_task_work_run+0x10/0x10 [ 171.587442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.587996] ? switch_task_namespaces+0xa9/0xe0 [ 171.588537] do_exit+0xb17/0x2ef0 [ 171.588932] ? lock_acquire+0x427/0x4c0 [ 171.589397] ? __pfx_lock_release+0x10/0x10 [ 171.589891] ? __kasan_check_write+0x18/0x20 [ 171.590396] ? do_raw_spin_lock+0x132/0x2a0 [ 171.590921] ? __pfx_do_exit+0x10/0x10 [ 171.591388] ? debug_smp_processor_id+0x20/0x30 [ 171.591916] ? rcu_is_watching+0x19/0xb0 [ 171.592380] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.592899] ? trace_hardirqs_on+0x26/0x120 [ 171.593393] do_group_exit+0xe0/0x2b0 [ 171.593827] __x64_sys_exit_group+0x47/0x50 [ 171.594310] do_syscall_64+0x3b/0x90 [ 171.594775] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.595378] RIP: 0033:0x7f4b87518a4d [ 171.595799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.596482] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.597318] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.598101] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.598905] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.599700] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.600487] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.601285] [ 171.601554] irq event stamp: 0 [ 171.601910] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.602626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.603558] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.604732] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.605440] ---[ end trace 0000000000000000 ]--- [ 171.607845] ------------[ cut here ]------------ [ 171.608239] WARNING: CPU: 1 PID: 1623 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.609031] Modules linked in: [ 171.609284] CPU: 1 PID: 1623 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.609962] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.610865] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.611278] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.612690] RSP: 0018:ffff888016097b78 EFLAGS: 00010246 [ 171.613104] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.613933] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 171.614488] RBP: ffff888016097b98 R08: ffffed1001972c3e R09: ffffed1001972c3e [ 171.615060] R10: ffff88800cb961ef R11: ffffed1001972c3d R12: ffff88800cb96290 [ 171.615623] R13: ffff88800cb960a8 R14: ffffffffffffffff R15: ffff888016097c60 [ 171.616167] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.616779] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.617223] CR2: 00007f82e2a720c8 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 171.617768] PKRU: 55555554 [ 171.617987] Call Trace: [ 171.618184] [ 171.618361] iommufd_ioas_destroy+0x53/0x70 [ 171.618711] iommufd_fops_release+0x1f7/0x370 [ 171.619063] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.619464] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.619846] ? write_comp_data+0x2f/0x90 [ 171.620168] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.620555] __fput+0x26d/0xa40 [ 171.620890] ____fput+0x1e/0x30 [ 171.621215] task_work_run+0x1a4/0x2d0 [ 171.621528] ? __pfx_task_work_run+0x10/0x10 [ 171.621875] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.622257] ? switch_task_namespaces+0xa9/0xe0 [ 171.622641] do_exit+0xb17/0x2ef0 [ 171.622911] ? lock_acquire+0x427/0x4c0 [ 171.623237] ? __pfx_lock_release+0x10/0x10 [ 171.623579] ? __kasan_check_write+0x18/0x20 [ 171.623926] ? do_raw_spin_lock+0x132/0x2a0 [ 171.624260] ? __pfx_do_exit+0x10/0x10 [ 171.624574] ? debug_smp_processor_id+0x20/0x30 [ 171.624940] ? rcu_is_watching+0x19/0xb0 [ 171.625258] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.625616] ? trace_hardirqs_on+0x26/0x120 [ 171.625981] do_group_exit+0xe0/0x2b0 [ 171.626376] __x64_sys_exit_group+0x47/0x50 [ 171.626723] do_syscall_64+0x3b/0x90 [ 171.627020] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.627439] RIP: 0033:0x7f4b87518a4d [ 171.627728] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.628201] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.628783] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.629330] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.629875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.630420] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.630981] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.631545] [ 171.631727] irq event stamp: 0 [ 171.631971] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.632460] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.633457] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.634399] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.635260] ---[ end trace 0000000000000000 ]--- [ 171.644367] ------------[ cut here ]------------ [ 171.644984] WARNING: CPU: 1 PID: 1625 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.645784] Modules linked in: [ 171.646036] CPU: 1 PID: 1625 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.647050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.647945] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.648593] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.650073] RSP: 0018:ffff888016d8fbb8 EFLAGS: 00010246 [ 171.650585] RAX: 0000000000000000 RBX: ffff888017a438a8 RCX: 0000000000000000 [ 171.651156] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 171.651731] RBP: ffff888016d8fbd0 R08: ffffed1002f48733 R09: ffffed1002f48733 [ 171.652389] R10: ffff888017a43993 R11: ffffed1002f48732 R12: ffff888010c09c00 [ 171.652939] R13: ffff888017a439e8 R14: ffffffff8352e670 R15: ffff888016d8fe68 [ 171.653496] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.654238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.654701] CR2: 0000000020000140 CR3: 000000002187e000 CR4: 0000000000750ee0 [ 171.655263] PKRU: 55555554 [ 171.655511] Call Trace: [ 171.655743] [ 171.655990] __iommufd_access_detach+0x1c2/0x2b0 [ 171.656371] iommufd_access_change_pt+0x149/0x270 [ 171.656759] iommufd_access_replace+0xb4/0x120 [ 171.657127] iommufd_test+0x3e5/0x37e0 [ 171.657499] ? lock_release+0x532/0x770 [ 171.657902] ? __might_fault+0x102/0x1b0 [ 171.658229] ? lock_acquire+0x427/0x4c0 [ 171.658566] ? __pfx_iommufd_test+0x10/0x10 [ 171.658903] ? __pfx_lock_release+0x10/0x10 [ 171.659256] ? __pfx_lock_acquire+0x10/0x10 [ 171.659601] ? write_comp_data+0x2f/0x90 [ 171.659926] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.660309] ? write_comp_data+0x2f/0x90 [ 171.660636] iommufd_fops_ioctl+0x37d/0x510 [ 171.660973] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.661356] ? write_comp_data+0x2f/0x90 [ 171.661681] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.662057] __x64_sys_ioctl+0x1a3/0x230 [ 171.662380] do_syscall_64+0x3b/0x90 [ 171.662696] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.663107] RIP: 0033:0x7f4b8743ee5d [ 171.663407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.664808] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.665392] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.665938] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.666489] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.667056] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.667612] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.668170] [ 171.668351] irq event stamp: 0 [ 171.668597] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.669084] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.669728] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.670371] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.670871] ---[ end trace 0000000000000000 ]--- [ 171.673613] ------------[ cut here ]------------ [ 171.674000] WARNING: CPU: 1 PID: 1625 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.674819] Modules linked in: [ 171.675070] CPU: 1 PID: 1625 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.675754] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.676617] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.677004] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.678402] RSP: 0018:ffff888016d8fbd0 EFLAGS: 00010246 [ 171.678992] RAX: 0000000000000000 RBX: ffff888017a438a8 RCX: 0000000000000000 [ 171.679566] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 171.680111] RBP: ffff888016d8fbe8 R08: ffffed1002f48733 R09: ffffed1002f48733 [ 171.680655] R10: ffff888017a43993 R11: ffffed1002f48732 R12: ffff88800fcb0800 [ 171.681200] R13: ffff888017a439e8 R14: ffff88800b874d00 R15: 0000000000000000 [ 171.681742] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.682345] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.682790] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 171.683336] PKRU: 55555554 [ 171.683551] Call Trace: [ 171.683748] [ 171.683924] iommufd_access_destroy_object+0x65/0x170 [ 171.684328] iommufd_object_destroy_user+0x18e/0x220 [ 171.684730] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.685183] iommufd_access_destroy+0x43/0x70 [ 171.685541] iommufd_test_staccess_release+0x8d/0xd0 [ 171.685933] __fput+0x26d/0xa40 [ 171.686204] ____fput+0x1e/0x30 [ 171.686466] task_work_run+0x1a4/0x2d0 [ 171.686798] ? __pfx_task_work_run+0x10/0x10 [ 171.687156] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.687541] ? switch_task_namespaces+0xa9/0xe0 [ 171.687912] do_exit+0xb17/0x2ef0 [ 171.688183] ? lock_acquire+0x427/0x4c0 [ 171.688500] ? __pfx_lock_release+0x10/0x10 [ 171.688834] ? __kasan_check_write+0x18/0x20 [ 171.689174] ? do_raw_spin_lock+0x132/0x2a0 [ 171.689503] ? __pfx_do_exit+0x10/0x10 [ 171.689805] ? debug_smp_processor_id+0x20/0x30 [ 171.690165] ? rcu_is_watching+0x19/0xb0 [ 171.690474] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.690838] ? trace_hardirqs_on+0x26/0x120 [ 171.691182] do_group_exit+0xe0/0x2b0 [ 171.691478] __x64_sys_exit_group+0x47/0x50 [ 171.691814] do_syscall_64+0x3b/0x90 [ 171.692112] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.692519] RIP: 0033:0x7f4b87518a4d [ 171.692811] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.693285] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.693871] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.694418] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.694989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.695550] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.696089] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.696642] [ 171.696824] irq event stamp: 0 [ 171.697067] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.697548] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.698182] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.698828] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.699318] ---[ end trace 0000000000000000 ]--- [ 171.699990] ------------[ cut here ]------------ [ 171.700349] WARNING: CPU: 1 PID: 1625 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.701129] Modules linked in: [ 171.701376] CPU: 1 PID: 1625 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.702046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.702929] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.703341] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.704729] RSP: 0018:ffff888016d8fb78 EFLAGS: 00010246 [ 171.705144] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.705688] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 171.706226] RBP: ffff888016d8fb98 R08: ffffed1002f4873e R09: ffffed1002f4873e [ 171.706778] R10: ffff888017a439ef R11: ffffed1002f4873d R12: ffff888017a43a90 [ 171.707329] R13: ffff888017a438a8 R14: ffffffffffffffff R15: ffff888016d8fc60 [ 171.707867] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 171.708480] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.708917] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 171.709470] PKRU: 55555554 [ 171.709690] Call Trace: [ 171.709887] [ 171.710061] iommufd_ioas_destroy+0x53/0x70 [ 171.710397] iommufd_fops_release+0x1f7/0x370 [ 171.710763] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.711163] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.711544] ? write_comp_data+0x2f/0x90 [ 171.711862] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.712246] __fput+0x26d/0xa40 [ 171.712517] ____fput+0x1e/0x30 [ 171.712782] task_work_run+0x1a4/0x2d0 [ 171.713093] ? __pfx_task_work_run+0x10/0x10 [ 171.713439] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.713817] ? switch_task_namespaces+0xa9/0xe0 [ 171.714180] do_exit+0xb17/0x2ef0 [ 171.714447] ? lock_acquire+0x427/0x4c0 [ 171.714776] ? __pfx_lock_release+0x10/0x10 [ 171.715119] ? __kasan_check_write+0x18/0x20 [ 171.715462] ? do_raw_spin_lock+0x132/0x2a0 [ 171.715793] ? __pfx_do_exit+0x10/0x10 [ 171.716096] ? debug_smp_processor_id+0x20/0x30 [ 171.716452] ? rcu_is_watching+0x19/0xb0 [ 171.716764] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.717113] ? trace_hardirqs_on+0x26/0x120 [ 171.717453] do_group_exit+0xe0/0x2b0 [ 171.717750] __x64_sys_exit_group+0x47/0x50 [ 171.718087] do_syscall_64+0x3b/0x90 [ 171.718385] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.718808] RIP: 0033:0x7f4b87518a4d [ 171.719100] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.719583] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.720160] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.720697] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.721232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.721770] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.722307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.722869] [ 171.723049] irq event stamp: 0 [ 171.723299] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.723776] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.724408] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.725040] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.725512] ---[ end trace 0000000000000000 ]--- [ 171.729785] ------------[ cut here ]------------ [ 171.730197] WARNING: CPU: 0 PID: 1626 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.731039] Modules linked in: [ 171.731302] CPU: 0 PID: 1626 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.731985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.732869] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.733251] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.734994] RSP: 0018:ffff888012a7fbb8 EFLAGS: 00010246 [ 171.735551] RAX: 0000000000000000 RBX: ffff888015ba10a8 RCX: 0000000000000000 [ 171.736272] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 171.737002] RBP: ffff888012a7fbd0 R08: ffffed1002b74233 R09: ffffed1002b74233 [ 171.737724] R10: ffff888015ba1193 R11: ffffed1002b74232 R12: ffff88800ae92000 [ 171.738430] R13: ffff888015ba11e8 R14: ffffffff8352e670 R15: ffff888012a7fe68 [ 171.739303] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.740205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.740852] CR2: 0000000020000140 CR3: 000000002187e000 CR4: 0000000000750ef0 [ 171.741645] PKRU: 55555554 [ 171.741966] Call Trace: [ 171.742259] [ 171.742560] __iommufd_access_detach+0x1c2/0x2b0 [ 171.743137] iommufd_access_change_pt+0x149/0x270 [ 171.743702] iommufd_access_replace+0xb4/0x120 [ 171.744241] iommufd_test+0x3e5/0x37e0 [ 171.744685] ? lock_release+0x532/0x770 [ 171.745151] ? __might_fault+0x102/0x1b0 [ 171.745622] ? lock_acquire+0x427/0x4c0 [ 171.746090] ? __pfx_iommufd_test+0x10/0x10 [ 171.746626] ? __pfx_lock_release+0x10/0x10 [ 171.747145] ? __pfx_lock_acquire+0x10/0x10 [ 171.747655] ? write_comp_data+0x2f/0x90 [ 171.748131] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.748689] ? write_comp_data+0x2f/0x90 [ 171.749163] iommufd_fops_ioctl+0x37d/0x510 [ 171.749660] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.750213] ? write_comp_data+0x2f/0x90 [ 171.750738] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.751326] __x64_sys_ioctl+0x1a3/0x230 [ 171.751803] do_syscall_64+0x3b/0x90 [ 171.752240] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.752835] RIP: 0033:0x7f4b8743ee5d [ 171.753261] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.755366] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.756254] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.757050] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.757838] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.758698] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.759551] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.760400] [ 171.760675] irq event stamp: 0 [ 171.761044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.761762] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.762748] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.763718] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.764441] ---[ end trace 0000000000000000 ]--- [ 171.768821] ------------[ cut here ]------------ [ 171.769381] WARNING: CPU: 0 PID: 1626 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.770569] Modules linked in: [ 171.770948] CPU: 0 PID: 1626 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.771911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.773076] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.773591] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.775367] RSP: 0018:ffff888012a7fbd0 EFLAGS: 00010246 [ 171.775943] RAX: 0000000000000000 RBX: ffff888015ba10a8 RCX: 0000000000000000 [ 171.776690] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 171.777486] RBP: ffff888012a7fbe8 R08: ffffed1002b74233 R09: ffffed1002b74233 [ 171.778164] R10: ffff888015ba1193 R11: ffffed1002b74232 R12: ffff888010c57c00 [ 171.778906] R13: ffff888015ba11e8 R14: ffff88802187b200 R15: 0000000000000000 [ 171.779609] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.780437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.781046] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.781811] PKRU: 55555554 [ 171.782127] Call Trace: [ 171.782401] [ 171.782693] iommufd_access_destroy_object+0x65/0x170 [ 171.783273] iommufd_object_destroy_user+0x18e/0x220 [ 171.783842] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.784491] iommufd_access_destroy+0x43/0x70 [ 171.784986] iommufd_test_staccess_release+0x8d/0xd0 [ 171.785445] __fput+0x26d/0xa40 [ 171.785737] ____fput+0x1e/0x30 [ 171.786061] task_work_run+0x1a4/0x2d0 [ 171.786406] ? __pfx_task_work_run+0x10/0x10 [ 171.786828] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.787298] ? switch_task_namespaces+0xa9/0xe0 [ 171.787811] do_exit+0xb17/0x2ef0 [ 171.788192] ? lock_acquire+0x427/0x4c0 [ 171.788648] ? __pfx_lock_release+0x10/0x10 [ 171.789146] ? __kasan_check_write+0x18/0x20 [ 171.789649] ? do_raw_spin_lock+0x132/0x2a0 [ 171.790123] ? __pfx_do_exit+0x10/0x10 [ 171.790601] ? debug_smp_processor_id+0x20/0x30 [ 171.791131] ? rcu_is_watching+0x19/0xb0 [ 171.791634] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.792042] ? trace_hardirqs_on+0x26/0x120 [ 171.792435] do_group_exit+0xe0/0x2b0 [ 171.792792] __x64_sys_exit_group+0x47/0x50 [ 171.793198] do_syscall_64+0x3b/0x90 [ 171.793556] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.794048] RIP: 0033:0x7f4b87518a4d [ 171.794399] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.795021] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.795777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.796448] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.797099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.797761] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.798425] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.799136] [ 171.799364] irq event stamp: 0 [ 171.799662] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.800252] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.801028] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.801809] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.802400] ---[ end trace 0000000000000000 ]--- [ 171.803270] ------------[ cut here ]------------ [ 171.803718] WARNING: CPU: 0 PID: 1626 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.804686] Modules linked in: [ 171.805000] CPU: 0 PID: 1626 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.805823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.806965] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.807502] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.809267] RSP: 0018:ffff888012a7fb78 EFLAGS: 00010246 [ 171.809787] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.810465] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 171.811224] RBP: ffff888012a7fb98 R08: ffffed1002b7423e R09: ffffed1002b7423e [ 171.811914] R10: ffff888015ba11ef R11: ffffed1002b7423d R12: ffff888015ba1290 [ 171.812589] R13: ffff888015ba10a8 R14: ffffffffffffffff R15: ffff888012a7fc60 [ 171.813262] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.814028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.814619] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.815332] PKRU: 55555554 [ 171.815612] Call Trace: [ 171.815862] [ 171.816086] iommufd_ioas_destroy+0x53/0x70 [ 171.816513] iommufd_fops_release+0x1f7/0x370 [ 171.816950] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.817438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.817916] ? write_comp_data+0x2f/0x90 [ 171.818321] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.818841] __fput+0x26d/0xa40 [ 171.819194] ____fput+0x1e/0x30 [ 171.819523] task_work_run+0x1a4/0x2d0 [ 171.819918] ? __pfx_task_work_run+0x10/0x10 [ 171.820349] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.820827] ? switch_task_namespaces+0xa9/0xe0 [ 171.821295] do_exit+0xb17/0x2ef0 [ 171.821637] ? lock_acquire+0x427/0x4c0 [ 171.822033] ? __pfx_lock_release+0x10/0x10 [ 171.822466] ? __kasan_check_write+0x18/0x20 [ 171.822928] ? do_raw_spin_lock+0x132/0x2a0 [ 171.823371] ? __pfx_do_exit+0x10/0x10 [ 171.823762] ? debug_smp_processor_id+0x20/0x30 [ 171.824217] ? rcu_is_watching+0x19/0xb0 [ 171.824609] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.825055] ? trace_hardirqs_on+0x26/0x120 [ 171.825481] do_group_exit+0xe0/0x2b0 [ 171.825857] __x64_sys_exit_group+0x47/0x50 [ 171.826278] do_syscall_64+0x3b/0x90 [ 171.826679] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.827193] RIP: 0033:0x7f4b87518a4d [ 171.827550] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.828136] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.828855] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.829543] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.830394] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.831426] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.832126] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.832819] [ 171.833049] irq event stamp: 0 [ 171.833350] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.833960] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.835037] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.835981] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.836584] ---[ end trace 0000000000000000 ]--- [ 171.840874] ------------[ cut here ]------------ [ 171.841408] WARNING: CPU: 0 PID: 1627 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.842795] Modules linked in: [ 171.843155] CPU: 0 PID: 1627 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.844045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.845194] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.845708] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.847638] RSP: 0018:ffff888012e07bb8 EFLAGS: 00010246 [ 171.848196] RAX: 0000000000000000 RBX: ffff888016ed18a8 RCX: 0000000000000000 [ 171.848935] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 171.849668] RBP: ffff888012e07bd0 R08: ffffed1002dda333 R09: ffffed1002dda333 [ 171.850403] R10: ffff888016ed1993 R11: ffffed1002dda332 R12: ffff888010e06800 [ 171.851180] R13: ffff888016ed19e8 R14: ffffffff8352e670 R15: ffff888012e07e68 [ 171.851915] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.852748] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.853349] CR2: 00007f4b877410e8 CR3: 000000002187e000 CR4: 0000000000750ef0 [ 171.854080] PKRU: 55555554 [ 171.854377] Call Trace: [ 171.854677] [ 171.854914] __iommufd_access_detach+0x1c2/0x2b0 [ 171.855448] iommufd_access_change_pt+0x149/0x270 [ 171.855965] iommufd_access_replace+0xb4/0x120 [ 171.856446] iommufd_test+0x3e5/0x37e0 [ 171.856845] ? lock_release+0x532/0x770 [ 171.857266] ? __might_fault+0x102/0x1b0 [ 171.857693] ? lock_acquire+0x427/0x4c0 [ 171.858116] ? __pfx_iommufd_test+0x10/0x10 [ 171.858579] ? __pfx_lock_release+0x10/0x10 [ 171.859034] ? __pfx_lock_acquire+0x10/0x10 [ 171.859508] ? write_comp_data+0x2f/0x90 [ 171.859934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.860436] ? write_comp_data+0x2f/0x90 [ 171.860861] iommufd_fops_ioctl+0x37d/0x510 [ 171.861304] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.861807] ? write_comp_data+0x2f/0x90 [ 171.862236] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.862764] __x64_sys_ioctl+0x1a3/0x230 [ 171.863208] do_syscall_64+0x3b/0x90 [ 171.863608] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.864157] RIP: 0033:0x7f4b8743ee5d [ 171.864542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.866404] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.867224] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.867953] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.868679] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.869392] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.870117] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.870874] [ 171.871133] irq event stamp: 0 [ 171.871462] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.872118] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.872988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.873854] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.874543] ---[ end trace 0000000000000000 ]--- [ 171.878129] ------------[ cut here ]------------ [ 171.878962] WARNING: CPU: 0 PID: 1627 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.880049] Modules linked in: [ 171.880487] CPU: 0 PID: 1627 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.881794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.883007] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.883556] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.885584] RSP: 0018:ffff888012e07bd0 EFLAGS: 00010246 [ 171.886323] RAX: 0000000000000000 RBX: ffff888016ed18a8 RCX: 0000000000000000 [ 171.887279] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 171.888026] RBP: ffff888012e07be8 R08: ffffed1002dda333 R09: ffffed1002dda333 [ 171.888774] R10: ffff888016ed1993 R11: ffffed1002dda332 R12: ffff88800ae90400 [ 171.889615] R13: ffff888016ed19e8 R14: ffff88801218c100 R15: 0000000000000000 [ 171.890595] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.891443] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.892174] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.893094] PKRU: 55555554 [ 171.893399] Call Trace: [ 171.893670] [ 171.893904] iommufd_access_destroy_object+0x65/0x170 [ 171.894454] iommufd_object_destroy_user+0x18e/0x220 [ 171.895085] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 171.895871] iommufd_access_destroy+0x43/0x70 [ 171.896355] iommufd_test_staccess_release+0x8d/0xd0 [ 171.896901] __fput+0x26d/0xa40 [ 171.897263] ____fput+0x1e/0x30 [ 171.897621] task_work_run+0x1a4/0x2d0 [ 171.898037] ? __pfx_task_work_run+0x10/0x10 [ 171.898560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.899078] ? switch_task_namespaces+0xa9/0xe0 [ 171.899888] do_exit+0xb17/0x2ef0 [ 171.900265] ? lock_acquire+0x427/0x4c0 [ 171.900691] ? __pfx_lock_release+0x10/0x10 [ 171.901157] ? __kasan_check_write+0x18/0x20 [ 171.901622] ? do_raw_spin_lock+0x132/0x2a0 [ 171.902075] ? __pfx_do_exit+0x10/0x10 [ 171.902560] ? debug_smp_processor_id+0x20/0x30 [ 171.903281] ? rcu_is_watching+0x19/0xb0 [ 171.903712] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.904193] ? trace_hardirqs_on+0x26/0x120 [ 171.904652] do_group_exit+0xe0/0x2b0 [ 171.905053] __x64_sys_exit_group+0x47/0x50 [ 171.905505] do_syscall_64+0x3b/0x90 [ 171.905918] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.906475] RIP: 0033:0x7f4b87518a4d [ 171.906917] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.907580] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.908473] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.909601] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.910352] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.911153] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.911917] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.912671] [ 171.912918] irq event stamp: 0 [ 171.913252] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.914042] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.915312] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.916192] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.916862] ---[ end trace 0000000000000000 ]--- [ 171.917732] ------------[ cut here ]------------ [ 171.918232] WARNING: CPU: 0 PID: 1627 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 171.919637] Modules linked in: [ 171.920187] CPU: 0 PID: 1627 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.921108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.922283] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 171.922853] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 171.924934] RSP: 0018:ffff888012e07b78 EFLAGS: 00010246 [ 171.925665] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 171.926609] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 171.927368] RBP: ffff888012e07b98 R08: ffffed1002dda33e R09: ffffed1002dda33e [ 171.928115] R10: ffff888016ed19ef R11: ffffed1002dda33d R12: ffff888016ed1a90 [ 171.928850] R13: ffff888016ed18a8 R14: ffffffffffffffff R15: ffff888012e07c60 [ 171.929592] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.930737] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.931546] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 171.932298] PKRU: 55555554 [ 171.932594] Call Trace: [ 171.932862] [ 171.933103] iommufd_ioas_destroy+0x53/0x70 [ 171.933567] iommufd_fops_release+0x1f7/0x370 [ 171.934040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.934591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.935104] ? write_comp_data+0x2f/0x90 [ 171.935559] ? __pfx_iommufd_fops_release+0x10/0x10 [ 171.936189] __fput+0x26d/0xa40 [ 171.936695] ____fput+0x1e/0x30 [ 171.937199] task_work_run+0x1a4/0x2d0 [ 171.937623] ? __pfx_task_work_run+0x10/0x10 [ 171.938093] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.938655] ? switch_task_namespaces+0xa9/0xe0 [ 171.939173] do_exit+0xb17/0x2ef0 [ 171.939543] ? lock_acquire+0x427/0x4c0 [ 171.939972] ? __pfx_lock_release+0x10/0x10 [ 171.940468] ? __kasan_check_write+0x18/0x20 [ 171.941068] ? do_raw_spin_lock+0x132/0x2a0 [ 171.941748] ? __pfx_do_exit+0x10/0x10 [ 171.942166] ? debug_smp_processor_id+0x20/0x30 [ 171.942700] ? rcu_is_watching+0x19/0xb0 [ 171.943148] ? _raw_spin_unlock_irq+0x2b/0x60 [ 171.943643] ? trace_hardirqs_on+0x26/0x120 [ 171.944111] do_group_exit+0xe0/0x2b0 [ 171.944563] __x64_sys_exit_group+0x47/0x50 [ 171.945266] do_syscall_64+0x3b/0x90 [ 171.945669] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.946219] RIP: 0033:0x7f4b87518a4d [ 171.946636] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 171.947422] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 171.948350] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 171.949078] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 171.949874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 171.950777] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 171.951528] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 171.952399] [ 171.952766] irq event stamp: 0 [ 171.953093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.953732] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.954678] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.955655] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.956297] ---[ end trace 0000000000000000 ]--- [ 171.962163] ------------[ cut here ]------------ [ 171.962709] WARNING: CPU: 0 PID: 1628 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.964035] Modules linked in: [ 171.964362] CPU: 0 PID: 1628 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 171.965170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 171.966434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 171.966983] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 171.968870] RSP: 0018:ffff888012a7fbb8 EFLAGS: 00010246 [ 171.969372] RAX: 0000000000000000 RBX: ffff8880178cb0a8 RCX: 0000000000000000 [ 171.970040] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 171.970730] RBP: ffff888012a7fbd0 R08: ffffed1002f19633 R09: ffffed1002f19633 [ 171.971405] R10: ffff8880178cb193 R11: ffffed1002f19632 R12: ffff8880138afc00 [ 171.972068] R13: ffff8880178cb1e8 R14: ffffffff8352e670 R15: ffff888012a7fe68 [ 171.972725] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 171.973465] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.974003] CR2: 0000000020000140 CR3: 000000002187e000 CR4: 0000000000750ef0 [ 171.974690] PKRU: 55555554 [ 171.974962] Call Trace: [ 171.975211] [ 171.975428] __iommufd_access_detach+0x1c2/0x2b0 [ 171.975889] iommufd_access_change_pt+0x149/0x270 [ 171.976345] iommufd_access_replace+0xb4/0x120 [ 171.976777] iommufd_test+0x3e5/0x37e0 [ 171.977140] ? lock_release+0x532/0x770 [ 171.977522] ? __might_fault+0x102/0x1b0 [ 171.977895] ? lock_acquire+0x427/0x4c0 [ 171.978267] ? __pfx_iommufd_test+0x10/0x10 [ 171.978679] ? __pfx_lock_release+0x10/0x10 [ 171.979084] ? __pfx_lock_acquire+0x10/0x10 [ 171.979491] ? write_comp_data+0x2f/0x90 [ 171.979873] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 171.980308] ? write_comp_data+0x2f/0x90 [ 171.980669] iommufd_fops_ioctl+0x37d/0x510 [ 171.981044] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.981466] ? write_comp_data+0x2f/0x90 [ 171.981823] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 171.982239] __x64_sys_ioctl+0x1a3/0x230 [ 171.982628] do_syscall_64+0x3b/0x90 [ 171.982959] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 171.983418] RIP: 0033:0x7f4b8743ee5d [ 171.983740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 171.985282] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 171.985927] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 171.986550] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 171.987178] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 171.987787] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 171.988396] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 171.989006] [ 171.989207] irq event stamp: 0 [ 171.989476] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 171.990015] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 171.990745] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 171.991462] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 171.991996] ---[ end trace 0000000000000000 ]--- [ 171.996903] ------------[ cut here ]------------ [ 171.997497] WARNING: CPU: 1 PID: 1628 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 171.998973] Modules linked in: [ 171.999356] CPU: 1 PID: 1628 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.000071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.001127] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.001536] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.003167] RSP: 0018:ffff888012a7fbd0 EFLAGS: 00010246 [ 172.003601] RAX: 0000000000000000 RBX: ffff8880178cb0a8 RCX: 0000000000000000 [ 172.004231] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 172.004857] RBP: ffff888012a7fbe8 R08: ffffed1002f19633 R09: ffffed1002f19633 [ 172.005433] R10: ffff8880178cb193 R11: ffffed1002f19632 R12: ffff888010e07c00 [ 172.006078] R13: ffff8880178cb1e8 R14: ffff8880138abe00 R15: 0000000000000000 [ 172.006723] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.007389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.007894] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 172.008556] PKRU: 55555554 [ 172.008786] Call Trace: [ 172.008998] [ 172.009186] iommufd_access_destroy_object+0x65/0x170 [ 172.009648] iommufd_object_destroy_user+0x18e/0x220 [ 172.010136] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.010628] iommufd_access_destroy+0x43/0x70 [ 172.011012] iommufd_test_staccess_release+0x8d/0xd0 [ 172.011496] __fput+0x26d/0xa40 [ 172.011853] ____fput+0x1e/0x30 [ 172.012134] task_work_run+0x1a4/0x2d0 [ 172.012468] ? __pfx_task_work_run+0x10/0x10 [ 172.012836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.013270] ? switch_task_namespaces+0xa9/0xe0 [ 172.013740] do_exit+0xb17/0x2ef0 [ 172.014033] ? lock_acquire+0x427/0x4c0 [ 172.014373] ? __pfx_lock_release+0x10/0x10 [ 172.014758] ? __kasan_check_write+0x18/0x20 [ 172.015194] ? do_raw_spin_lock+0x132/0x2a0 [ 172.015610] ? __pfx_do_exit+0x10/0x10 [ 172.015947] ? debug_smp_processor_id+0x20/0x30 [ 172.016340] ? rcu_is_watching+0x19/0xb0 [ 172.016676] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.017127] ? trace_hardirqs_on+0x26/0x120 [ 172.017539] do_group_exit+0xe0/0x2b0 [ 172.017858] __x64_sys_exit_group+0x47/0x50 [ 172.018210] do_syscall_64+0x3b/0x90 [ 172.018536] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.019041] RIP: 0033:0x7f4b87518a4d [ 172.019402] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.019906] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.020524] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.021232] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.021828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.022417] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.023150] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.023749] [ 172.023945] irq event stamp: 0 [ 172.024203] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.024857] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.025547] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.026233] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.026885] ---[ end trace 0000000000000000 ]--- [ 172.029622] ------------[ cut here ]------------ [ 172.030123] WARNING: CPU: 1 PID: 1628 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.031061] Modules linked in: [ 172.031337] CPU: 1 PID: 1628 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.032131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.033103] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.033528] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.035146] RSP: 0018:ffff888012a7fb78 EFLAGS: 00010246 [ 172.035589] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.036306] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 172.036892] RBP: ffff888012a7fb98 R08: ffffed1002f1963e R09: ffffed1002f1963e [ 172.037477] R10: ffff8880178cb1ef R11: ffffed1002f1963d R12: ffff8880178cb290 [ 172.038178] R13: ffff8880178cb0a8 R14: ffffffffffffffff R15: ffff888012a7fc60 [ 172.038785] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.039482] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.040061] CR2: 00007f82e2aa5000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 172.040655] PKRU: 55555554 [ 172.040888] Call Trace: [ 172.041100] [ 172.041304] iommufd_ioas_destroy+0x53/0x70 [ 172.041753] iommufd_fops_release+0x1f7/0x370 [ 172.042133] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.042562] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.042972] ? write_comp_data+0x2f/0x90 [ 172.043413] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.043890] __fput+0x26d/0xa40 [ 172.044190] ____fput+0x1e/0x30 [ 172.044490] task_work_run+0x1a4/0x2d0 [ 172.044839] ? __pfx_task_work_run+0x10/0x10 [ 172.045303] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.045773] ? switch_task_namespaces+0xa9/0xe0 [ 172.046199] do_exit+0xb17/0x2ef0 [ 172.046504] ? lock_acquire+0x427/0x4c0 [ 172.046883] ? __pfx_lock_release+0x10/0x10 [ 172.047411] ? __kasan_check_write+0x18/0x20 [ 172.047799] ? do_raw_spin_lock+0x132/0x2a0 [ 172.048183] ? __pfx_do_exit+0x10/0x10 [ 172.048539] ? debug_smp_processor_id+0x20/0x30 [ 172.049015] ? rcu_is_watching+0x19/0xb0 [ 172.049422] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.049825] ? trace_hardirqs_on+0x26/0x120 [ 172.050209] do_group_exit+0xe0/0x2b0 [ 172.050558] __x64_sys_exit_group+0x47/0x50 [ 172.050961] do_syscall_64+0x3b/0x90 [ 172.051408] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.051868] RIP: 0033:0x7f4b87518a4d [ 172.052198] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.052725] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.053510] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.054138] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.054780] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.055404] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.056030] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.056666] [ 172.056871] irq event stamp: 0 [ 172.057145] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.057707] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.058446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.059206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.059766] ---[ end trace 0000000000000000 ]--- [ 172.064495] ------------[ cut here ]------------ [ 172.064947] WARNING: CPU: 1 PID: 1629 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.065809] Modules linked in: [ 172.066085] CPU: 1 PID: 1629 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.067002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.067978] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.068404] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.069947] RSP: 0018:ffff88801806fbb8 EFLAGS: 00010246 [ 172.070404] RAX: 0000000000000000 RBX: ffff8880160dd8a8 RCX: 0000000000000000 [ 172.071034] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 172.071654] RBP: ffff88801806fbd0 R08: ffffed1002c1bb33 R09: ffffed1002c1bb33 [ 172.072271] R10: ffff8880160dd993 R11: ffffed1002c1bb32 R12: ffff88800a725c00 [ 172.072885] R13: ffff8880160dd9e8 R14: ffffffff8352e670 R15: ffff88801806fe68 [ 172.073497] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.074185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.074697] CR2: 0000000020000140 CR3: 00000000103ca000 CR4: 0000000000750ee0 [ 172.075337] PKRU: 55555554 [ 172.075588] Call Trace: [ 172.075809] [ 172.076004] __iommufd_access_detach+0x1c2/0x2b0 [ 172.076432] iommufd_access_change_pt+0x149/0x270 [ 172.076859] iommufd_access_replace+0xb4/0x120 [ 172.077269] iommufd_test+0x3e5/0x37e0 [ 172.077600] ? lock_release+0x532/0x770 [ 172.077932] ? __might_fault+0x102/0x1b0 [ 172.078271] ? lock_acquire+0x427/0x4c0 [ 172.078623] ? __pfx_iommufd_test+0x10/0x10 [ 172.078974] ? __pfx_lock_release+0x10/0x10 [ 172.079345] ? __pfx_lock_acquire+0x10/0x10 [ 172.079706] ? write_comp_data+0x2f/0x90 [ 172.080048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.080454] ? write_comp_data+0x2f/0x90 [ 172.080796] iommufd_fops_ioctl+0x37d/0x510 [ 172.081153] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.081553] ? write_comp_data+0x2f/0x90 [ 172.081894] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.082291] __x64_sys_ioctl+0x1a3/0x230 [ 172.082650] do_syscall_64+0x3b/0x90 [ 172.082965] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.083409] RIP: 0033:0x7f4b8743ee5d [ 172.083711] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.085173] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.085790] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.086360] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.086960] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.087548] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.088135] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.088903] [ 172.089107] irq event stamp: 0 [ 172.089370] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.089882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.090625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.091364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.091884] ---[ end trace 0000000000000000 ]--- [ 172.094775] ------------[ cut here ]------------ [ 172.095320] WARNING: CPU: 1 PID: 1629 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.096137] Modules linked in: [ 172.096402] CPU: 1 PID: 1629 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.097236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.098154] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.098587] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.100209] RSP: 0018:ffff88801806fbd0 EFLAGS: 00010246 [ 172.100641] RAX: 0000000000000000 RBX: ffff8880160dd8a8 RCX: 0000000000000000 [ 172.101336] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 172.101923] RBP: ffff88801806fbe8 R08: ffffed1002c1bb33 R09: ffffed1002c1bb33 [ 172.102499] R10: ffff8880160dd993 R11: ffffed1002c1bb32 R12: ffff888010c09000 [ 172.103146] R13: ffff8880160dd9e8 R14: ffff8880143be700 R15: 0000000000000000 [ 172.103802] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.104450] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.104950] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.105621] PKRU: 55555554 [ 172.105851] Call Trace: [ 172.106067] [ 172.106254] iommufd_access_destroy_object+0x65/0x170 [ 172.106702] iommufd_object_destroy_user+0x18e/0x220 [ 172.107173] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.107743] iommufd_access_destroy+0x43/0x70 [ 172.108127] iommufd_test_staccess_release+0x8d/0xd0 [ 172.108549] __fput+0x26d/0xa40 [ 172.108837] ____fput+0x1e/0x30 [ 172.109172] task_work_run+0x1a4/0x2d0 [ 172.109550] ? __pfx_task_work_run+0x10/0x10 [ 172.109915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.110316] ? switch_task_namespaces+0xa9/0xe0 [ 172.110726] do_exit+0xb17/0x2ef0 [ 172.111018] ? lock_acquire+0x427/0x4c0 [ 172.111396] ? __pfx_lock_release+0x10/0x10 [ 172.111832] ? __kasan_check_write+0x18/0x20 [ 172.112197] ? do_raw_spin_lock+0x132/0x2a0 [ 172.112558] ? __pfx_do_exit+0x10/0x10 [ 172.112888] ? debug_smp_processor_id+0x20/0x30 [ 172.113350] ? rcu_is_watching+0x19/0xb0 [ 172.113742] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.114121] ? trace_hardirqs_on+0x26/0x120 [ 172.114483] do_group_exit+0xe0/0x2b0 [ 172.114822] __x64_sys_exit_group+0x47/0x50 [ 172.115186] do_syscall_64+0x3b/0x90 [ 172.115534] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.116029] RIP: 0033:0x7f4b87518a4d [ 172.116333] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.116833] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.117516] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.118151] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.118747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.119333] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.119985] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.120600] [ 172.120793] irq event stamp: 0 [ 172.121055] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.121581] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.122377] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.123070] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.123589] ---[ end trace 0000000000000000 ]--- [ 172.124286] ------------[ cut here ]------------ [ 172.124666] WARNING: CPU: 1 PID: 1629 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.125539] Modules linked in: [ 172.125800] CPU: 1 PID: 1629 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.126531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.127458] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.127880] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.129344] RSP: 0018:ffff88801806fb78 EFLAGS: 00010246 [ 172.129774] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.130343] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 172.130948] RBP: ffff88801806fb98 R08: ffffed1002c1bb3e R09: ffffed1002c1bb3e [ 172.131532] R10: ffff8880160dd9ef R11: ffffed1002c1bb3d R12: ffff8880160dda90 [ 172.132104] R13: ffff8880160dd8a8 R14: ffffffffffffffff R15: ffff88801806fc60 [ 172.132677] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.133328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.133798] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.134375] PKRU: 55555554 [ 172.134622] Call Trace: [ 172.134832] [ 172.135017] iommufd_ioas_destroy+0x53/0x70 [ 172.135380] iommufd_fops_release+0x1f7/0x370 [ 172.135751] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.136157] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.136561] ? write_comp_data+0x2f/0x90 [ 172.136905] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.137316] __fput+0x26d/0xa40 [ 172.137599] ____fput+0x1e/0x30 [ 172.137876] task_work_run+0x1a4/0x2d0 [ 172.138198] ? __pfx_task_work_run+0x10/0x10 [ 172.138582] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.138985] ? switch_task_namespaces+0xa9/0xe0 [ 172.139393] do_exit+0xb17/0x2ef0 [ 172.139679] ? lock_acquire+0x427/0x4c0 [ 172.140007] ? __pfx_lock_release+0x10/0x10 [ 172.140363] ? __kasan_check_write+0x18/0x20 [ 172.140725] ? do_raw_spin_lock+0x132/0x2a0 [ 172.141077] ? __pfx_do_exit+0x10/0x10 [ 172.141404] ? debug_smp_processor_id+0x20/0x30 [ 172.141785] ? rcu_is_watching+0x19/0xb0 [ 172.142116] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.142490] ? trace_hardirqs_on+0x26/0x120 [ 172.142877] do_group_exit+0xe0/0x2b0 [ 172.143206] __x64_sys_exit_group+0x47/0x50 [ 172.143559] do_syscall_64+0x3b/0x90 [ 172.143871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.144294] RIP: 0033:0x7f4b87518a4d [ 172.144594] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.145090] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.145704] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.146279] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.146877] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.147460] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.148033] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.148612] [ 172.148802] irq event stamp: 0 [ 172.149056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.149561] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.150245] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.150928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.151451] ---[ end trace 0000000000000000 ]--- [ 172.156176] ------------[ cut here ]------------ [ 172.156602] WARNING: CPU: 1 PID: 1630 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.157472] Modules linked in: [ 172.157730] CPU: 1 PID: 1630 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.158429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.159364] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.159772] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.161231] RSP: 0018:ffff8880165afbb8 EFLAGS: 00010246 [ 172.161661] RAX: 0000000000000000 RBX: ffff88800b9fd8a8 RCX: 0000000000000000 [ 172.162240] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 172.162831] RBP: ffff8880165afbd0 R08: ffffed100173fb33 R09: ffffed100173fb33 [ 172.163410] R10: ffff88800b9fd993 R11: ffffed100173fb32 R12: ffff88801422e800 [ 172.163987] R13: ffff88800b9fd9e8 R14: ffffffff8352e670 R15: ffff8880165afe68 [ 172.164557] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.165199] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.165662] CR2: 0000000020000140 CR3: 000000002087a000 CR4: 0000000000750ee0 [ 172.166228] PKRU: 55555554 [ 172.166450] Call Trace: [ 172.166667] [ 172.166846] __iommufd_access_detach+0x1c2/0x2b0 [ 172.167236] iommufd_access_change_pt+0x149/0x270 [ 172.167626] iommufd_access_replace+0xb4/0x120 [ 172.167996] iommufd_test+0x3e5/0x37e0 [ 172.168301] ? lock_release+0x532/0x770 [ 172.168626] ? __might_fault+0x102/0x1b0 [ 172.168951] ? lock_acquire+0x427/0x4c0 [ 172.169271] ? __pfx_iommufd_test+0x10/0x10 [ 172.169609] ? __pfx_lock_release+0x10/0x10 [ 172.169956] ? __pfx_lock_acquire+0x10/0x10 [ 172.170301] ? write_comp_data+0x2f/0x90 [ 172.170643] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.171035] ? write_comp_data+0x2f/0x90 [ 172.171383] iommufd_fops_ioctl+0x37d/0x510 [ 172.171725] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.172117] ? write_comp_data+0x2f/0x90 [ 172.172445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.172830] __x64_sys_ioctl+0x1a3/0x230 [ 172.173161] do_syscall_64+0x3b/0x90 [ 172.173464] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.173878] RIP: 0033:0x7f4b8743ee5d [ 172.174173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.175620] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.176223] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.176779] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.177331] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.177881] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.178434] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.179015] [ 172.179214] irq event stamp: 0 [ 172.179466] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.179964] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.180612] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.181249] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.181732] ---[ end trace 0000000000000000 ]--- [ 172.184435] ------------[ cut here ]------------ [ 172.184828] WARNING: CPU: 1 PID: 1630 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.185608] Modules linked in: [ 172.185855] CPU: 1 PID: 1630 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.186734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.187616] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.188005] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.189450] RSP: 0018:ffff8880165afbd0 EFLAGS: 00010246 [ 172.189860] RAX: 0000000000000000 RBX: ffff88800b9fd8a8 RCX: 0000000000000000 [ 172.190402] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 172.190966] RBP: ffff8880165afbe8 R08: ffffed100173fb33 R09: ffffed100173fb33 [ 172.191521] R10: ffff88800b9fd993 R11: ffffed100173fb32 R12: ffff88800a724c00 [ 172.192065] R13: ffff88800b9fd9e8 R14: ffff888012090400 R15: 0000000000000000 [ 172.192606] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.193221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.193666] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.194212] PKRU: 55555554 [ 172.194432] Call Trace: [ 172.194648] [ 172.194826] iommufd_access_destroy_object+0x65/0x170 [ 172.195234] iommufd_object_destroy_user+0x18e/0x220 [ 172.195634] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.196085] iommufd_access_destroy+0x43/0x70 [ 172.196441] iommufd_test_staccess_release+0x8d/0xd0 [ 172.196842] __fput+0x26d/0xa40 [ 172.197114] ____fput+0x1e/0x30 [ 172.197379] task_work_run+0x1a4/0x2d0 [ 172.197689] ? __pfx_task_work_run+0x10/0x10 [ 172.198037] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.198421] ? switch_task_namespaces+0xa9/0xe0 [ 172.198809] do_exit+0xb17/0x2ef0 [ 172.199080] ? lock_acquire+0x427/0x4c0 [ 172.199408] ? __pfx_lock_release+0x10/0x10 [ 172.199753] ? __kasan_check_write+0x18/0x20 [ 172.200097] ? do_raw_spin_lock+0x132/0x2a0 [ 172.200424] ? __pfx_do_exit+0x10/0x10 [ 172.200736] ? debug_smp_processor_id+0x20/0x30 [ 172.201099] ? rcu_is_watching+0x19/0xb0 [ 172.201412] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.201766] ? trace_hardirqs_on+0x26/0x120 [ 172.202102] do_group_exit+0xe0/0x2b0 [ 172.202397] __x64_sys_exit_group+0x47/0x50 [ 172.202743] do_syscall_64+0x3b/0x90 [ 172.203040] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.203464] RIP: 0033:0x7f4b87518a4d [ 172.203750] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.204218] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.204799] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.205345] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.205886] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.206430] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.206989] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.207558] [ 172.207739] irq event stamp: 0 [ 172.207982] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.208460] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.209100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.209737] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.210219] ---[ end trace 0000000000000000 ]--- [ 172.210903] ------------[ cut here ]------------ [ 172.211272] WARNING: CPU: 1 PID: 1630 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.212053] Modules linked in: [ 172.212301] CPU: 1 PID: 1630 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.212967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.213831] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.214224] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.215636] RSP: 0018:ffff8880165afb78 EFLAGS: 00010246 [ 172.216045] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.216585] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 172.217112] RBP: ffff8880165afb98 R08: ffffed100173fb3e R09: ffffed100173fb3e [ 172.217646] R10: ffff88800b9fd9ef R11: ffffed100173fb3d R12: ffff88800b9fda90 [ 172.218174] R13: ffff88800b9fd8a8 R14: ffffffffffffffff R15: ffff8880165afc60 [ 172.218721] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.219327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.219760] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.220291] PKRU: 55555554 [ 172.220505] Call Trace: [ 172.220697] [ 172.220867] iommufd_ioas_destroy+0x53/0x70 [ 172.221253] iommufd_fops_release+0x1f7/0x370 [ 172.221595] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.221972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.222344] ? write_comp_data+0x2f/0x90 [ 172.222674] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.223055] __fput+0x26d/0xa40 [ 172.223326] ____fput+0x1e/0x30 [ 172.223586] task_work_run+0x1a4/0x2d0 [ 172.223886] ? __pfx_task_work_run+0x10/0x10 [ 172.224223] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.224592] ? switch_task_namespaces+0xa9/0xe0 [ 172.224950] do_exit+0xb17/0x2ef0 [ 172.225213] ? lock_acquire+0x427/0x4c0 [ 172.225541] ? __pfx_lock_release+0x10/0x10 [ 172.225869] ? __kasan_check_write+0x18/0x20 [ 172.226203] ? do_raw_spin_lock+0x132/0x2a0 [ 172.226549] ? __pfx_do_exit+0x10/0x10 [ 172.226853] ? debug_smp_processor_id+0x20/0x30 [ 172.227219] ? rcu_is_watching+0x19/0xb0 [ 172.227534] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.227883] ? trace_hardirqs_on+0x26/0x120 [ 172.228216] do_group_exit+0xe0/0x2b0 [ 172.228512] __x64_sys_exit_group+0x47/0x50 [ 172.228836] do_syscall_64+0x3b/0x90 [ 172.229123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.229519] RIP: 0033:0x7f4b87518a4d [ 172.229799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.230259] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.230841] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.231382] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.231921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.232447] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.232978] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.233517] [ 172.233694] irq event stamp: 0 [ 172.233930] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.234400] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.235034] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.235672] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.236141] ---[ end trace 0000000000000000 ]--- [ 172.240051] ------------[ cut here ]------------ [ 172.240423] WARNING: CPU: 1 PID: 1631 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.241171] Modules linked in: [ 172.241410] CPU: 1 PID: 1631 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.242055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.242918] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.243295] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.244642] RSP: 0018:ffff888020e3fbb8 EFLAGS: 00010246 [ 172.245040] RAX: 0000000000000000 RBX: ffff888010b980a8 RCX: 0000000000000000 [ 172.245569] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 172.246097] RBP: ffff888020e3fbd0 R08: ffffed1002173033 R09: ffffed1002173033 [ 172.246644] R10: ffff888010b98193 R11: ffffed1002173032 R12: ffff888010e01c00 [ 172.247179] R13: ffff888010b981e8 R14: ffffffff8352e670 R15: ffff888020e3fe68 [ 172.247706] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.248304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.248727] CR2: 0000000020000140 CR3: 0000000021872000 CR4: 0000000000750ee0 [ 172.249248] PKRU: 55555554 [ 172.249454] Call Trace: [ 172.249642] [ 172.249809] __iommufd_access_detach+0x1c2/0x2b0 [ 172.250169] iommufd_access_change_pt+0x149/0x270 [ 172.250544] iommufd_access_replace+0xb4/0x120 [ 172.250892] iommufd_test+0x3e5/0x37e0 [ 172.251189] ? lock_release+0x532/0x770 [ 172.251490] ? __might_fault+0x102/0x1b0 [ 172.251796] ? lock_acquire+0x427/0x4c0 [ 172.252096] ? __pfx_iommufd_test+0x10/0x10 [ 172.252409] ? __pfx_lock_release+0x10/0x10 [ 172.252733] ? __pfx_lock_acquire+0x10/0x10 [ 172.253111] ? write_comp_data+0x2f/0x90 [ 172.253417] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.253777] ? write_comp_data+0x2f/0x90 [ 172.254083] iommufd_fops_ioctl+0x37d/0x510 [ 172.254402] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.254775] ? write_comp_data+0x2f/0x90 [ 172.255085] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.255448] __x64_sys_ioctl+0x1a3/0x230 [ 172.255760] do_syscall_64+0x3b/0x90 [ 172.256043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.256433] RIP: 0033:0x7f4b8743ee5d [ 172.256708] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.258041] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.258620] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.259147] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.259671] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.260189] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.260709] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.261243] [ 172.261420] irq event stamp: 0 [ 172.261655] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.262115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.262742] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.263358] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.263818] ---[ end trace 0000000000000000 ]--- [ 172.266384] ------------[ cut here ]------------ [ 172.266775] WARNING: CPU: 1 PID: 1631 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.267536] Modules linked in: [ 172.267775] CPU: 1 PID: 1631 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.268412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.269230] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.269598] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.270956] RSP: 0018:ffff888020e3fbd0 EFLAGS: 00010246 [ 172.271356] RAX: 0000000000000000 RBX: ffff888010b980a8 RCX: 0000000000000000 [ 172.271882] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 172.272410] RBP: ffff888020e3fbe8 R08: ffffed1002173033 R09: ffffed1002173033 [ 172.272933] R10: ffff888010b98193 R11: ffffed1002173032 R12: ffff88801422fc00 [ 172.273454] R13: ffff888010b981e8 R14: ffff888020939700 R15: 0000000000000000 [ 172.273978] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.274591] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.275020] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.275553] PKRU: 55555554 [ 172.275764] Call Trace: [ 172.275958] [ 172.276131] iommufd_access_destroy_object+0x65/0x170 [ 172.276525] iommufd_object_destroy_user+0x18e/0x220 [ 172.276916] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.277363] iommufd_access_destroy+0x43/0x70 [ 172.277712] iommufd_test_staccess_release+0x8d/0xd0 [ 172.278103] __fput+0x26d/0xa40 [ 172.278372] ____fput+0x1e/0x30 [ 172.278652] task_work_run+0x1a4/0x2d0 [ 172.278955] ? __pfx_task_work_run+0x10/0x10 [ 172.279299] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.279666] ? switch_task_namespaces+0xa9/0xe0 [ 172.280020] do_exit+0xb17/0x2ef0 [ 172.280282] ? lock_acquire+0x427/0x4c0 [ 172.280589] ? __pfx_lock_release+0x10/0x10 [ 172.280914] ? __kasan_check_write+0x18/0x20 [ 172.281243] ? do_raw_spin_lock+0x132/0x2a0 [ 172.281562] ? __pfx_do_exit+0x10/0x10 [ 172.281856] ? debug_smp_processor_id+0x20/0x30 [ 172.282203] ? rcu_is_watching+0x19/0xb0 [ 172.282523] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.282864] ? trace_hardirqs_on+0x26/0x120 [ 172.283201] do_group_exit+0xe0/0x2b0 [ 172.283486] __x64_sys_exit_group+0x47/0x50 [ 172.283803] do_syscall_64+0x3b/0x90 [ 172.284085] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.284475] RIP: 0033:0x7f4b87518a4d [ 172.284756] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.285272] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.285839] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.286372] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.286928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.287472] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.287994] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.288526] [ 172.288702] irq event stamp: 0 [ 172.288941] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.289413] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.290030] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.290728] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.291212] ---[ end trace 0000000000000000 ]--- [ 172.291887] ------------[ cut here ]------------ [ 172.292242] WARNING: CPU: 1 PID: 1631 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.292997] Modules linked in: [ 172.293236] CPU: 1 PID: 1631 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.293887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.294757] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.295152] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.296511] RSP: 0018:ffff888020e3fb78 EFLAGS: 00010246 [ 172.296910] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.297443] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 172.297961] RBP: ffff888020e3fb98 R08: ffffed100217303e R09: ffffed100217303e [ 172.298482] R10: ffff888010b981ef R11: ffffed100217303d R12: ffff888010b98290 [ 172.299203] R13: ffff888010b980a8 R14: ffffffffffffffff R15: ffff888020e3fc60 [ 172.299741] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.300340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.300766] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.301289] PKRU: 55555554 [ 172.301499] Call Trace: [ 172.301687] [ 172.301859] iommufd_ioas_destroy+0x53/0x70 [ 172.302191] iommufd_fops_release+0x1f7/0x370 [ 172.302555] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.302933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.303317] ? write_comp_data+0x2f/0x90 [ 172.303631] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.304006] __fput+0x26d/0xa40 [ 172.304267] ____fput+0x1e/0x30 [ 172.304526] task_work_run+0x1a4/0x2d0 [ 172.304829] ? __pfx_task_work_run+0x10/0x10 [ 172.305167] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.305543] ? switch_task_namespaces+0xa9/0xe0 [ 172.305899] do_exit+0xb17/0x2ef0 [ 172.306154] ? lock_acquire+0x427/0x4c0 [ 172.306457] ? __pfx_lock_release+0x10/0x10 [ 172.306800] ? __kasan_check_write+0x18/0x20 [ 172.307142] ? do_raw_spin_lock+0x132/0x2a0 [ 172.307468] ? __pfx_do_exit+0x10/0x10 [ 172.307769] ? debug_smp_processor_id+0x20/0x30 [ 172.308117] ? rcu_is_watching+0x19/0xb0 [ 172.308420] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.308768] ? trace_hardirqs_on+0x26/0x120 [ 172.309100] do_group_exit+0xe0/0x2b0 [ 172.309389] __x64_sys_exit_group+0x47/0x50 [ 172.309715] do_syscall_64+0x3b/0x90 [ 172.310000] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.310386] RIP: 0033:0x7f4b87518a4d [ 172.310681] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.311139] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.311702] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.312229] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.312759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.313285] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.313812] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.314337] [ 172.314529] irq event stamp: 0 [ 172.314763] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.315257] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.315885] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.316512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.317029] ---[ end trace 0000000000000000 ]--- [ 172.320720] ------------[ cut here ]------------ [ 172.321110] WARNING: CPU: 1 PID: 1632 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.321866] Modules linked in: [ 172.322107] CPU: 1 PID: 1632 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.322942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.323790] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.324162] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.325511] RSP: 0018:ffff888013577bb8 EFLAGS: 00010246 [ 172.325908] RAX: 0000000000000000 RBX: ffff888015f9a8a8 RCX: 0000000000000000 [ 172.326437] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 172.326987] RBP: ffff888013577bd0 R08: ffffed1002bf3533 R09: ffffed1002bf3533 [ 172.327531] R10: ffff888015f9a993 R11: ffffed1002bf3532 R12: ffff8880142a7c00 [ 172.328060] R13: ffff888015f9a9e8 R14: ffffffff8352e670 R15: ffff888013577e68 [ 172.328591] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.329191] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.329627] CR2: 0000000020000140 CR3: 0000000013a7a000 CR4: 0000000000750ee0 [ 172.330157] PKRU: 55555554 [ 172.330369] Call Trace: [ 172.330578] [ 172.330749] __iommufd_access_detach+0x1c2/0x2b0 [ 172.331135] iommufd_access_change_pt+0x149/0x270 [ 172.331504] iommufd_access_replace+0xb4/0x120 [ 172.331857] iommufd_test+0x3e5/0x37e0 [ 172.332150] ? lock_release+0x532/0x770 [ 172.332457] ? __might_fault+0x102/0x1b0 [ 172.332768] ? lock_acquire+0x427/0x4c0 [ 172.333077] ? __pfx_iommufd_test+0x10/0x10 [ 172.333404] ? __pfx_lock_release+0x10/0x10 [ 172.333736] ? __pfx_lock_acquire+0x10/0x10 [ 172.334069] ? write_comp_data+0x2f/0x90 [ 172.334384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.334772] ? write_comp_data+0x2f/0x90 [ 172.335091] iommufd_fops_ioctl+0x37d/0x510 [ 172.335428] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.335793] ? write_comp_data+0x2f/0x90 [ 172.336103] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.336464] __x64_sys_ioctl+0x1a3/0x230 [ 172.336782] do_syscall_64+0x3b/0x90 [ 172.337072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.337470] RIP: 0033:0x7f4b8743ee5d [ 172.337750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.339123] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.339699] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.340230] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.340764] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.341295] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.341828] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.342369] [ 172.342565] irq event stamp: 0 [ 172.342804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.343285] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.343918] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.344543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.345014] ---[ end trace 0000000000000000 ]--- [ 172.347955] ------------[ cut here ]------------ [ 172.348331] WARNING: CPU: 1 PID: 1632 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.349160] Modules linked in: [ 172.349471] CPU: 1 PID: 1632 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.350180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.351071] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.351457] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.352935] RSP: 0018:ffff888013577bd0 EFLAGS: 00010246 [ 172.353339] RAX: 0000000000000000 RBX: ffff888015f9a8a8 RCX: 0000000000000000 [ 172.353874] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 172.354411] RBP: ffff888013577be8 R08: ffffed1002bf3533 R09: ffffed1002bf3533 [ 172.354963] R10: ffff888015f9a993 R11: ffffed1002bf3532 R12: ffff888010e03c00 [ 172.355576] R13: ffff888015f9a9e8 R14: ffff888020e8be00 R15: 0000000000000000 [ 172.356186] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.356792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.357236] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.357817] PKRU: 55555554 [ 172.358146] Call Trace: [ 172.358347] [ 172.358542] iommufd_access_destroy_object+0x65/0x170 [ 172.358950] iommufd_object_destroy_user+0x18e/0x220 [ 172.359361] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.359815] iommufd_access_destroy+0x43/0x70 [ 172.360174] iommufd_test_staccess_release+0x8d/0xd0 [ 172.360610] __fput+0x26d/0xa40 [ 172.360947] ____fput+0x1e/0x30 [ 172.361220] task_work_run+0x1a4/0x2d0 [ 172.361537] ? __pfx_task_work_run+0x10/0x10 [ 172.361896] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.362295] ? switch_task_namespaces+0xa9/0xe0 [ 172.362690] do_exit+0xb17/0x2ef0 [ 172.362982] ? lock_acquire+0x427/0x4c0 [ 172.363327] ? __pfx_lock_release+0x10/0x10 [ 172.363739] ? __kasan_check_write+0x18/0x20 [ 172.364171] ? do_raw_spin_lock+0x132/0x2a0 [ 172.364533] ? __pfx_do_exit+0x10/0x10 [ 172.364846] ? debug_smp_processor_id+0x20/0x30 [ 172.365212] ? rcu_is_watching+0x19/0xb0 [ 172.365534] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.365894] ? trace_hardirqs_on+0x26/0x120 [ 172.366388] do_group_exit+0xe0/0x2b0 [ 172.366706] __x64_sys_exit_group+0x47/0x50 [ 172.367041] do_syscall_64+0x3b/0x90 [ 172.367351] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.367762] RIP: 0033:0x7f4b87518a4d [ 172.368050] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.368523] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.369188] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.369806] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.370358] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.370930] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.371493] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.372129] [ 172.372369] irq event stamp: 0 [ 172.372617] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.373105] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.373756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.374465] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.375024] ---[ end trace 0000000000000000 ]--- [ 172.375715] ------------[ cut here ]------------ [ 172.376087] WARNING: CPU: 1 PID: 1632 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.376962] Modules linked in: [ 172.377278] CPU: 1 PID: 1632 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.377998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.379021] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.379488] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.381046] RSP: 0018:ffff888013577b78 EFLAGS: 00010246 [ 172.381575] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.382157] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 172.382764] RBP: ffff888013577b98 R08: ffffed1002bf353e R09: ffffed1002bf353e [ 172.383485] R10: ffff888015f9a9ef R11: ffffed1002bf353d R12: ffff888015f9aa90 [ 172.384067] R13: ffff888015f9a8a8 R14: ffffffffffffffff R15: ffff888013577c60 [ 172.384651] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.385430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.385908] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.386490] PKRU: 55555554 [ 172.386756] Call Trace: [ 172.386968] [ 172.387176] iommufd_ioas_destroy+0x53/0x70 [ 172.387633] iommufd_fops_release+0x1f7/0x370 [ 172.388014] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.388427] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.388839] ? write_comp_data+0x2f/0x90 [ 172.389261] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.389733] __fput+0x26d/0xa40 [ 172.390021] ____fput+0x1e/0x30 [ 172.390308] task_work_run+0x1a4/0x2d0 [ 172.390661] ? __pfx_task_work_run+0x10/0x10 [ 172.391030] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.391533] ? switch_task_namespaces+0xa9/0xe0 [ 172.391962] do_exit+0xb17/0x2ef0 [ 172.392254] ? lock_acquire+0x427/0x4c0 [ 172.392595] ? __pfx_lock_release+0x10/0x10 [ 172.392964] ? __kasan_check_write+0x18/0x20 [ 172.393429] ? do_raw_spin_lock+0x132/0x2a0 [ 172.393793] ? __pfx_do_exit+0x10/0x10 [ 172.394127] ? debug_smp_processor_id+0x20/0x30 [ 172.394537] ? rcu_is_watching+0x19/0xb0 [ 172.394876] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.395280] ? trace_hardirqs_on+0x26/0x120 [ 172.395722] do_group_exit+0xe0/0x2b0 [ 172.396080] __x64_sys_exit_group+0x47/0x50 [ 172.396441] do_syscall_64+0x3b/0x90 [ 172.396758] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.397196] RIP: 0033:0x7f4b87518a4d [ 172.397576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.398136] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.398783] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.399379] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.400095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.400676] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.401257] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.401972] [ 172.402167] irq event stamp: 0 [ 172.402430] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.402973] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.403677] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.404491] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.405004] ---[ end trace 0000000000000000 ]--- [ 172.409767] ------------[ cut here ]------------ [ 172.410182] WARNING: CPU: 1 PID: 1633 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.411079] Modules linked in: [ 172.411361] CPU: 1 PID: 1633 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.412212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.413202] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.413787] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.415423] RSP: 0018:ffff888020e3fbb8 EFLAGS: 00010246 [ 172.415946] RAX: 0000000000000000 RBX: ffff8880172488a8 RCX: 0000000000000000 [ 172.416554] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 172.417160] RBP: ffff888020e3fbd0 R08: ffffed1002e49133 R09: ffffed1002e49133 [ 172.417907] R10: ffff888017248993 R11: ffffed1002e49132 R12: ffff88800f0e2c00 [ 172.418537] R13: ffff8880172489e8 R14: ffffffff8352e670 R15: ffff888020e3fe68 [ 172.419159] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.419929] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.420503] CR2: 00007f4b877410e8 CR3: 0000000013a7a000 CR4: 0000000000750ee0 [ 172.421136] PKRU: 55555554 [ 172.421383] Call Trace: [ 172.421600] [ 172.421879] __iommufd_access_detach+0x1c2/0x2b0 [ 172.422361] iommufd_access_change_pt+0x149/0x270 [ 172.422808] iommufd_access_replace+0xb4/0x120 [ 172.423224] iommufd_test+0x3e5/0x37e0 [ 172.423569] ? lock_release+0x532/0x770 [ 172.423926] ? __might_fault+0x102/0x1b0 [ 172.424375] ? lock_acquire+0x427/0x4c0 [ 172.424767] ? __pfx_iommufd_test+0x10/0x10 [ 172.425146] ? __pfx_lock_release+0x10/0x10 [ 172.425533] ? __pfx_lock_acquire+0x10/0x10 [ 172.425957] ? write_comp_data+0x2f/0x90 [ 172.426424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.426883] ? write_comp_data+0x2f/0x90 [ 172.427278] iommufd_fops_ioctl+0x37d/0x510 [ 172.427670] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.428102] ? write_comp_data+0x2f/0x90 [ 172.428561] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.429056] __x64_sys_ioctl+0x1a3/0x230 [ 172.429428] do_syscall_64+0x3b/0x90 [ 172.429765] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.430227] RIP: 0033:0x7f4b8743ee5d [ 172.430696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.432306] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.433065] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.433754] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.434373] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.435173] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.435813] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.436461] [ 172.436669] irq event stamp: 0 [ 172.436948] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.437654] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.438397] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.439230] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.439844] ---[ end trace 0000000000000000 ]--- [ 172.442959] ------------[ cut here ]------------ [ 172.443418] WARNING: CPU: 1 PID: 1633 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.444452] Modules linked in: [ 172.444737] CPU: 1 PID: 1633 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.445601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.446718] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.447168] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.448895] RSP: 0018:ffff888020e3fbd0 EFLAGS: 00010246 [ 172.449363] RAX: 0000000000000000 RBX: ffff8880172488a8 RCX: 0000000000000000 [ 172.450100] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 172.450794] RBP: ffff888020e3fbe8 R08: ffffed1002e49133 R09: ffffed1002e49133 [ 172.451582] R10: ffff888017248993 R11: ffffed1002e49132 R12: ffff8880142a5400 [ 172.452205] R13: ffff8880172489e8 R14: ffff888010936900 R15: 0000000000000000 [ 172.452917] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.453681] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.454188] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 172.454921] PKRU: 55555554 [ 172.455257] Call Trace: [ 172.455482] [ 172.455689] iommufd_access_destroy_object+0x65/0x170 [ 172.456146] iommufd_object_destroy_user+0x18e/0x220 [ 172.456596] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.457192] iommufd_access_destroy+0x43/0x70 [ 172.457654] iommufd_test_staccess_release+0x8d/0xd0 [ 172.458112] __fput+0x26d/0xa40 [ 172.458421] ____fput+0x1e/0x30 [ 172.458745] task_work_run+0x1a4/0x2d0 [ 172.459097] ? __pfx_task_work_run+0x10/0x10 [ 172.459597] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.460095] ? switch_task_namespaces+0xa9/0xe0 [ 172.460519] do_exit+0xb17/0x2ef0 [ 172.460825] ? lock_acquire+0x427/0x4c0 [ 172.461182] ? __pfx_lock_release+0x10/0x10 [ 172.461690] ? __kasan_check_write+0x18/0x20 [ 172.462082] ? do_raw_spin_lock+0x132/0x2a0 [ 172.462463] ? __pfx_do_exit+0x10/0x10 [ 172.462836] ? debug_smp_processor_id+0x20/0x30 [ 172.463257] ? rcu_is_watching+0x19/0xb0 [ 172.463620] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.464175] ? trace_hardirqs_on+0x26/0x120 [ 172.464566] do_group_exit+0xe0/0x2b0 [ 172.464906] __x64_sys_exit_group+0x47/0x50 [ 172.465284] do_syscall_64+0x3b/0x90 [ 172.465626] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.466232] RIP: 0033:0x7f4b87518a4d [ 172.466576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.467108] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.467773] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.468545] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.469168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.469787] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.470570] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.471214] [ 172.471422] irq event stamp: 0 [ 172.471696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.472243] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.473129] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.473857] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.474449] ---[ end trace 0000000000000000 ]--- [ 172.475341] ------------[ cut here ]------------ [ 172.475760] WARNING: CPU: 1 PID: 1633 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.476690] Modules linked in: [ 172.477150] CPU: 1 PID: 1633 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.477913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.479051] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.479518] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.481261] RSP: 0018:ffff888020e3fb78 EFLAGS: 00010246 [ 172.481725] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.482342] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 172.483078] RBP: ffff888020e3fb98 R08: ffffed1002e4913e R09: ffffed1002e4913e [ 172.483773] R10: ffff8880172489ef R11: ffffed1002e4913d R12: ffff888017248a90 [ 172.484396] R13: ffff8880172488a8 R14: ffffffffffffffff R15: ffff888020e3fc60 [ 172.485047] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.485879] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.486390] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 172.487055] PKRU: 55555554 [ 172.487435] Call Trace: [ 172.487661] [ 172.487860] iommufd_ioas_destroy+0x53/0x70 [ 172.488248] iommufd_fops_release+0x1f7/0x370 [ 172.488653] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.489094] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.489659] ? write_comp_data+0x2f/0x90 [ 172.490026] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.490464] __fput+0x26d/0xa40 [ 172.490794] ____fput+0x1e/0x30 [ 172.491096] task_work_run+0x1a4/0x2d0 [ 172.491473] ? __pfx_task_work_run+0x10/0x10 [ 172.492019] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.492455] ? switch_task_namespaces+0xa9/0xe0 [ 172.492872] do_exit+0xb17/0x2ef0 [ 172.493180] ? lock_acquire+0x427/0x4c0 [ 172.493576] ? __pfx_lock_release+0x10/0x10 [ 172.494058] ? __kasan_check_write+0x18/0x20 [ 172.494453] ? do_raw_spin_lock+0x132/0x2a0 [ 172.494857] ? __pfx_do_exit+0x10/0x10 [ 172.495222] ? debug_smp_processor_id+0x20/0x30 [ 172.495638] ? rcu_is_watching+0x19/0xb0 [ 172.496081] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.496552] ? trace_hardirqs_on+0x26/0x120 [ 172.496943] do_group_exit+0xe0/0x2b0 [ 172.497282] __x64_sys_exit_group+0x47/0x50 [ 172.497661] do_syscall_64+0x3b/0x90 [ 172.498077] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.498640] RIP: 0033:0x7f4b87518a4d [ 172.498974] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.499531] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.500208] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.500986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.501616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.502237] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.503022] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.503667] [ 172.503870] irq event stamp: 0 [ 172.504149] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.504791] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.505594] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.506335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.507055] ---[ end trace 0000000000000000 ]--- [ 172.511906] ------------[ cut here ]------------ [ 172.512367] WARNING: CPU: 1 PID: 1634 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.513250] Modules linked in: [ 172.513528] CPU: 1 PID: 1634 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.514281] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.515340] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.515775] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.517334] RSP: 0018:ffff888013577bb8 EFLAGS: 00010246 [ 172.517791] RAX: 0000000000000000 RBX: ffff8880139c80a8 RCX: 0000000000000000 [ 172.518396] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 172.519023] RBP: ffff888013577bd0 R08: ffffed1002739033 R09: ffffed1002739033 [ 172.519642] R10: ffff8880139c8193 R11: ffffed1002739032 R12: ffff888020e6a400 [ 172.520252] R13: ffff8880139c81e8 R14: ffffffff8352e670 R15: ffff888013577e68 [ 172.520860] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.521563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.522060] CR2: 00007f4b877410e8 CR3: 0000000013a7a000 CR4: 0000000000750ee0 [ 172.522685] PKRU: 55555554 [ 172.522937] Call Trace: [ 172.523182] [ 172.523378] __iommufd_access_detach+0x1c2/0x2b0 [ 172.523812] iommufd_access_change_pt+0x149/0x270 [ 172.524243] iommufd_access_replace+0xb4/0x120 [ 172.524645] iommufd_test+0x3e5/0x37e0 [ 172.524982] ? lock_release+0x532/0x770 [ 172.525336] ? __might_fault+0x102/0x1b0 [ 172.525693] ? lock_acquire+0x427/0x4c0 [ 172.526047] ? __pfx_iommufd_test+0x10/0x10 [ 172.526423] ? __pfx_lock_release+0x10/0x10 [ 172.526819] ? __pfx_lock_acquire+0x10/0x10 [ 172.527217] ? write_comp_data+0x2f/0x90 [ 172.527585] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.528011] ? write_comp_data+0x2f/0x90 [ 172.528375] iommufd_fops_ioctl+0x37d/0x510 [ 172.528751] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.529172] ? write_comp_data+0x2f/0x90 [ 172.529544] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.529974] __x64_sys_ioctl+0x1a3/0x230 [ 172.530337] do_syscall_64+0x3b/0x90 [ 172.530687] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.531150] RIP: 0033:0x7f4b8743ee5d [ 172.531480] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.533033] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.533689] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.534299] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.534929] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.535546] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.536165] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.536776] [ 172.536977] irq event stamp: 0 [ 172.537248] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.537782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.538494] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.539237] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.539777] ---[ end trace 0000000000000000 ]--- [ 172.544041] ------------[ cut here ]------------ [ 172.544491] WARNING: CPU: 0 PID: 1634 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.545364] Modules linked in: [ 172.545641] CPU: 0 PID: 1634 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.546387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.547473] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.547898] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.549397] RSP: 0018:ffff888013577bd0 EFLAGS: 00010246 [ 172.549826] RAX: 0000000000000000 RBX: ffff8880139c80a8 RCX: 0000000000000000 [ 172.550396] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 172.550996] RBP: ffff888013577be8 R08: ffffed1002739033 R09: ffffed1002739033 [ 172.551590] R10: ffff8880139c8193 R11: ffffed1002739032 R12: ffff88800f0e2000 [ 172.552164] R13: ffff8880139c81e8 R14: ffff8880138ab600 R15: 0000000000000000 [ 172.552734] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.553383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.553851] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 172.554425] PKRU: 55555554 [ 172.554673] Call Trace: [ 172.554885] [ 172.555072] iommufd_access_destroy_object+0x65/0x170 [ 172.555507] iommufd_object_destroy_user+0x18e/0x220 [ 172.555924] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.556398] iommufd_access_destroy+0x43/0x70 [ 172.556773] iommufd_test_staccess_release+0x8d/0xd0 [ 172.557194] __fput+0x26d/0xa40 [ 172.557475] ____fput+0x1e/0x30 [ 172.557753] task_work_run+0x1a4/0x2d0 [ 172.558076] ? __pfx_task_work_run+0x10/0x10 [ 172.558440] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.558861] ? switch_task_namespaces+0xa9/0xe0 [ 172.559263] do_exit+0xb17/0x2ef0 [ 172.559548] ? lock_acquire+0x427/0x4c0 [ 172.559876] ? __pfx_lock_release+0x10/0x10 [ 172.560235] ? __kasan_check_write+0x18/0x20 [ 172.560594] ? do_raw_spin_lock+0x132/0x2a0 [ 172.560942] ? __pfx_do_exit+0x10/0x10 [ 172.561266] ? debug_smp_processor_id+0x20/0x30 [ 172.561643] ? rcu_is_watching+0x19/0xb0 [ 172.561973] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.562343] ? trace_hardirqs_on+0x26/0x120 [ 172.562715] do_group_exit+0xe0/0x2b0 [ 172.563029] __x64_sys_exit_group+0x47/0x50 [ 172.563387] do_syscall_64+0x3b/0x90 [ 172.563698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.564121] RIP: 0033:0x7f4b87518a4d [ 172.564428] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.564913] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.565511] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.566068] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.566643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.567212] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.567765] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.568324] [ 172.568509] irq event stamp: 0 [ 172.568758] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.569257] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.569910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.570578] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.571074] ---[ end trace 0000000000000000 ]--- [ 172.571814] ------------[ cut here ]------------ [ 172.572179] WARNING: CPU: 0 PID: 1634 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.572965] Modules linked in: [ 172.573214] CPU: 0 PID: 1634 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.573885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.574762] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.575177] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.576568] RSP: 0018:ffff888013577b78 EFLAGS: 00010246 [ 172.576977] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.577517] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 172.578058] RBP: ffff888013577b98 R08: ffffed100273903e R09: ffffed100273903e [ 172.578619] R10: ffff8880139c81ef R11: ffffed100273903d R12: ffff8880139c8290 [ 172.579175] R13: ffff8880139c80a8 R14: ffffffffffffffff R15: ffff888013577c60 [ 172.579717] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.580330] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.580773] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 172.581322] PKRU: 55555554 [ 172.581541] Call Trace: [ 172.581740] [ 172.581916] iommufd_ioas_destroy+0x53/0x70 [ 172.582256] iommufd_fops_release+0x1f7/0x370 [ 172.582631] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.583022] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.583418] ? write_comp_data+0x2f/0x90 [ 172.583742] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.584131] __fput+0x26d/0xa40 [ 172.584399] ____fput+0x1e/0x30 [ 172.584663] task_work_run+0x1a4/0x2d0 [ 172.584972] ? __pfx_task_work_run+0x10/0x10 [ 172.585317] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.585702] ? switch_task_namespaces+0xa9/0xe0 [ 172.586071] do_exit+0xb17/0x2ef0 [ 172.586338] ? lock_acquire+0x427/0x4c0 [ 172.586677] ? __pfx_lock_release+0x10/0x10 [ 172.587028] ? __kasan_check_write+0x18/0x20 [ 172.587390] ? do_raw_spin_lock+0x132/0x2a0 [ 172.587730] ? __pfx_do_exit+0x10/0x10 [ 172.588041] ? debug_smp_processor_id+0x20/0x30 [ 172.588406] ? rcu_is_watching+0x19/0xb0 [ 172.588740] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.589097] ? trace_hardirqs_on+0x26/0x120 [ 172.589441] do_group_exit+0xe0/0x2b0 [ 172.589728] __x64_sys_exit_group+0x47/0x50 [ 172.590052] do_syscall_64+0x3b/0x90 [ 172.590342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.590756] RIP: 0033:0x7f4b87518a4d [ 172.591038] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.591517] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.592083] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.592616] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.593157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.593695] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.594225] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.594776] [ 172.594955] irq event stamp: 0 [ 172.595202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.595674] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.596311] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.596952] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.597436] ---[ end trace 0000000000000000 ]--- [ 172.603386] ------------[ cut here ]------------ [ 172.603765] WARNING: CPU: 1 PID: 1635 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.604595] Modules linked in: [ 172.604839] CPU: 1 PID: 1635 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.605562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.606546] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.606928] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.608427] RSP: 0018:ffff8880134d7bb8 EFLAGS: 00010246 [ 172.608833] RAX: 0000000000000000 RBX: ffff88801781a0a8 RCX: 0000000000000000 [ 172.609370] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 172.609964] RBP: ffff8880134d7bd0 R08: ffffed1002f03433 R09: ffffed1002f03433 [ 172.610571] R10: ffff88801781a193 R11: ffffed1002f03432 R12: ffff8880129c5000 [ 172.611108] R13: ffff88801781a1e8 R14: ffffffff8352e670 R15: ffff8880134d7e68 [ 172.611713] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.612368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.612803] CR2: 00007f4b877410e8 CR3: 0000000013a7a000 CR4: 0000000000750ee0 [ 172.613381] PKRU: 55555554 [ 172.613642] Call Trace: [ 172.613835] [ 172.614009] __iommufd_access_detach+0x1c2/0x2b0 [ 172.614388] iommufd_access_change_pt+0x149/0x270 [ 172.614775] iommufd_access_replace+0xb4/0x120 [ 172.615203] iommufd_test+0x3e5/0x37e0 [ 172.615562] ? lock_release+0x532/0x770 [ 172.615881] ? __might_fault+0x102/0x1b0 [ 172.616204] ? lock_acquire+0x427/0x4c0 [ 172.616521] ? __pfx_iommufd_test+0x10/0x10 [ 172.616876] ? __pfx_lock_release+0x10/0x10 [ 172.617295] ? __pfx_lock_acquire+0x10/0x10 [ 172.617635] ? write_comp_data+0x2f/0x90 [ 172.617957] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.618335] ? write_comp_data+0x2f/0x90 [ 172.618709] iommufd_fops_ioctl+0x37d/0x510 [ 172.619107] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.619516] ? write_comp_data+0x2f/0x90 [ 172.619845] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.620228] __x64_sys_ioctl+0x1a3/0x230 [ 172.620560] do_syscall_64+0x3b/0x90 [ 172.620985] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.621404] RIP: 0033:0x7f4b8743ee5d [ 172.621697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.623278] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.623879] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.624470] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.625110] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.625669] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.626254] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.626950] [ 172.627153] irq event stamp: 0 [ 172.627410] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.627912] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.628708] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.629372] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.629875] ---[ end trace 0000000000000000 ]--- [ 172.634346] ------------[ cut here ]------------ [ 172.634810] WARNING: CPU: 1 PID: 1635 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.635660] Modules linked in: [ 172.636049] CPU: 1 PID: 1635 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.636770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.637855] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.638354] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.640042] RSP: 0018:ffff8880134d7bd0 EFLAGS: 00010246 [ 172.640492] RAX: 0000000000000000 RBX: ffff88801781a0a8 RCX: 0000000000000000 [ 172.641075] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 172.641757] RBP: ffff8880134d7be8 R08: ffffed1002f03433 R09: ffffed1002f03433 [ 172.642447] R10: ffff88801781a193 R11: ffffed1002f03432 R12: ffff8880138af400 [ 172.643087] R13: ffff88801781a1e8 R14: ffff888014060900 R15: 0000000000000000 [ 172.643726] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.644432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.644938] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.645571] PKRU: 55555554 [ 172.645824] Call Trace: [ 172.646049] [ 172.646253] iommufd_access_destroy_object+0x65/0x170 [ 172.646742] iommufd_object_destroy_user+0x18e/0x220 [ 172.647211] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.647731] iommufd_access_destroy+0x43/0x70 [ 172.648134] iommufd_test_staccess_release+0x8d/0xd0 [ 172.648589] __fput+0x26d/0xa40 [ 172.648899] ____fput+0x1e/0x30 [ 172.649203] task_work_run+0x1a4/0x2d0 [ 172.649560] ? __pfx_task_work_run+0x10/0x10 [ 172.649958] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.650395] ? switch_task_namespaces+0xa9/0xe0 [ 172.650843] do_exit+0xb17/0x2ef0 [ 172.651170] ? lock_acquire+0x427/0x4c0 [ 172.651531] ? __pfx_lock_release+0x10/0x10 [ 172.651920] ? __kasan_check_write+0x18/0x20 [ 172.652308] ? do_raw_spin_lock+0x132/0x2a0 [ 172.652699] ? __pfx_do_exit+0x10/0x10 [ 172.653059] ? debug_smp_processor_id+0x20/0x30 [ 172.653476] ? rcu_is_watching+0x19/0xb0 [ 172.653832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.654227] ? trace_hardirqs_on+0x26/0x120 [ 172.654652] do_group_exit+0xe0/0x2b0 [ 172.655004] __x64_sys_exit_group+0x47/0x50 [ 172.655411] do_syscall_64+0x3b/0x90 [ 172.655751] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.656208] RIP: 0033:0x7f4b87518a4d [ 172.656534] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.657064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.657728] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.658345] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.658991] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.659627] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.660248] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.660883] [ 172.661090] irq event stamp: 0 [ 172.661361] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.661907] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.662654] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.663391] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.663935] ---[ end trace 0000000000000000 ]--- [ 172.664694] ------------[ cut here ]------------ [ 172.665101] WARNING: CPU: 1 PID: 1635 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.665981] Modules linked in: [ 172.666262] CPU: 1 PID: 1635 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.667048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.668036] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.668483] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.670122] RSP: 0018:ffff8880134d7b78 EFLAGS: 00010246 [ 172.670624] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.671261] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 172.671897] RBP: ffff8880134d7b98 R08: ffffed1002f0343e R09: ffffed1002f0343e [ 172.672511] R10: ffff88801781a1ef R11: ffffed1002f0343d R12: ffff88801781a290 [ 172.673131] R13: ffff88801781a0a8 R14: ffffffffffffffff R15: ffff8880134d7c60 [ 172.673742] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.674434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.674958] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 172.675595] PKRU: 55555554 [ 172.675841] Call Trace: [ 172.676064] [ 172.676259] iommufd_ioas_destroy+0x53/0x70 [ 172.676645] iommufd_fops_release+0x1f7/0x370 [ 172.677055] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.677521] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.677978] ? write_comp_data+0x2f/0x90 [ 172.678368] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.678872] __fput+0x26d/0xa40 [ 172.679220] ____fput+0x1e/0x30 [ 172.679533] task_work_run+0x1a4/0x2d0 [ 172.679898] ? __pfx_task_work_run+0x10/0x10 [ 172.680315] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.680767] ? switch_task_namespaces+0xa9/0xe0 [ 172.681203] do_exit+0xb17/0x2ef0 [ 172.681530] ? lock_acquire+0x427/0x4c0 [ 172.681904] ? __pfx_lock_release+0x10/0x10 [ 172.682306] ? __kasan_check_write+0x18/0x20 [ 172.682745] ? do_raw_spin_lock+0x132/0x2a0 [ 172.683178] ? __pfx_do_exit+0x10/0x10 [ 172.683552] ? debug_smp_processor_id+0x20/0x30 [ 172.683992] ? rcu_is_watching+0x19/0xb0 [ 172.684382] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.684802] ? trace_hardirqs_on+0x26/0x120 [ 172.685205] do_group_exit+0xe0/0x2b0 [ 172.685564] __x64_sys_exit_group+0x47/0x50 [ 172.685957] do_syscall_64+0x3b/0x90 [ 172.686313] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.686823] RIP: 0033:0x7f4b87518a4d [ 172.687183] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.687749] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.688461] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.689108] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.689760] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.690410] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.691078] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.691751] [ 172.691967] irq event stamp: 0 [ 172.692257] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.692832] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.693593] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.694364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.694968] ---[ end trace 0000000000000000 ]--- [ 172.699952] ------------[ cut here ]------------ [ 172.700429] WARNING: CPU: 1 PID: 1636 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.701426] Modules linked in: [ 172.701720] CPU: 1 PID: 1636 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.702589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.703625] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.704078] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.705750] RSP: 0018:ffff888016f6fbb8 EFLAGS: 00010246 [ 172.706234] RAX: 0000000000000000 RBX: ffff8880172d50a8 RCX: 0000000000000000 [ 172.706904] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 172.707578] RBP: ffff888016f6fbd0 R08: ffffed1002e5aa33 R09: ffffed1002e5aa33 [ 172.708229] R10: ffff8880172d5193 R11: ffffed1002e5aa32 R12: ffff888014391800 [ 172.708879] R13: ffff8880172d51e8 R14: ffffffff8352e670 R15: ffff888016f6fe68 [ 172.709535] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 172.710267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.710825] CR2: 0000000020000140 CR3: 000000000fa7c000 CR4: 0000000000750ee0 [ 172.711488] PKRU: 55555554 [ 172.711748] Call Trace: [ 172.711982] [ 172.712188] __iommufd_access_detach+0x1c2/0x2b0 [ 172.712638] iommufd_access_change_pt+0x149/0x270 [ 172.713088] iommufd_access_replace+0xb4/0x120 [ 172.713518] iommufd_test+0x3e5/0x37e0 [ 172.713875] ? lock_release+0x532/0x770 [ 172.714246] ? __might_fault+0x102/0x1b0 [ 172.714646] ? lock_acquire+0x427/0x4c0 [ 172.715024] ? __pfx_iommufd_test+0x10/0x10 [ 172.715447] ? __pfx_lock_release+0x10/0x10 [ 172.715852] ? __pfx_lock_acquire+0x10/0x10 [ 172.716258] ? write_comp_data+0x2f/0x90 [ 172.716644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.717094] ? write_comp_data+0x2f/0x90 [ 172.717479] iommufd_fops_ioctl+0x37d/0x510 [ 172.717881] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.718331] ? write_comp_data+0x2f/0x90 [ 172.718736] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.719199] __x64_sys_ioctl+0x1a3/0x230 [ 172.719583] do_syscall_64+0x3b/0x90 [ 172.719935] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.720416] RIP: 0033:0x7f4b8743ee5d [ 172.720759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.722424] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.723163] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.723832] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.724483] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.725143] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.725792] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.726448] [ 172.726687] irq event stamp: 0 [ 172.726981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.727566] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.728325] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.729090] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.729657] ---[ end trace 0000000000000000 ]--- [ 172.733150] ------------[ cut here ]------------ [ 172.733656] WARNING: CPU: 0 PID: 1636 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.734638] Modules linked in: [ 172.734940] CPU: 0 PID: 1636 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.735770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.736812] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.737275] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.739015] RSP: 0018:ffff888016f6fbd0 EFLAGS: 00010246 [ 172.739526] RAX: 0000000000000000 RBX: ffff8880172d50a8 RCX: 0000000000000000 [ 172.740181] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 172.740854] RBP: ffff888016f6fbe8 R08: ffffed1002e5aa33 R09: ffffed1002e5aa33 [ 172.741524] R10: ffff8880172d5193 R11: ffffed1002e5aa32 R12: ffff888012e91400 [ 172.742199] R13: ffff8880172d51e8 R14: ffff888020e0fb00 R15: 0000000000000000 [ 172.742889] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.743651] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.744204] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 172.744872] PKRU: 55555554 [ 172.745141] Call Trace: [ 172.745380] [ 172.745593] iommufd_access_destroy_object+0x65/0x170 [ 172.746085] iommufd_object_destroy_user+0x18e/0x220 [ 172.746602] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.747198] iommufd_access_destroy+0x43/0x70 [ 172.747636] iommufd_test_staccess_release+0x8d/0xd0 [ 172.748121] __fput+0x26d/0xa40 [ 172.748445] ____fput+0x1e/0x30 [ 172.748766] task_work_run+0x1a4/0x2d0 [ 172.749143] ? __pfx_task_work_run+0x10/0x10 [ 172.749570] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.750035] ? switch_task_namespaces+0xa9/0xe0 [ 172.750484] do_exit+0xb17/0x2ef0 [ 172.750840] ? lock_acquire+0x427/0x4c0 [ 172.751240] ? __pfx_lock_release+0x10/0x10 [ 172.751660] ? __kasan_check_write+0x18/0x20 [ 172.752089] ? do_raw_spin_lock+0x132/0x2a0 [ 172.752500] ? __pfx_do_exit+0x10/0x10 [ 172.752878] ? debug_smp_processor_id+0x20/0x30 [ 172.753327] ? rcu_is_watching+0x19/0xb0 [ 172.753711] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.754145] ? trace_hardirqs_on+0x26/0x120 [ 172.754594] do_group_exit+0xe0/0x2b0 [ 172.754958] __x64_sys_exit_group+0x47/0x50 [ 172.755377] do_syscall_64+0x3b/0x90 [ 172.755737] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.756232] RIP: 0033:0x7f4b87518a4d [ 172.756585] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.757155] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.757869] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.758559] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.759248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.759905] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.760563] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.761231] [ 172.761448] irq event stamp: 0 [ 172.761747] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.762338] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.763164] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.763971] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.764562] ---[ end trace 0000000000000000 ]--- [ 172.765365] ------------[ cut here ]------------ [ 172.765804] WARNING: CPU: 0 PID: 1636 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.766789] Modules linked in: [ 172.767099] CPU: 0 PID: 1636 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.767933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.768975] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.769462] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.771174] RSP: 0018:ffff888016f6fb78 EFLAGS: 00010246 [ 172.771650] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.772273] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 172.772894] RBP: ffff888016f6fb98 R08: ffffed1002e5aa3e R09: ffffed1002e5aa3e [ 172.773516] R10: ffff8880172d51ef R11: ffffed1002e5aa3d R12: ffff8880172d5290 [ 172.774138] R13: ffff8880172d50a8 R14: ffffffffffffffff R15: ffff888016f6fc60 [ 172.774777] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.775510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.776027] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 172.776649] PKRU: 55555554 [ 172.776906] Call Trace: [ 172.777133] [ 172.777332] iommufd_ioas_destroy+0x53/0x70 [ 172.777721] iommufd_fops_release+0x1f7/0x370 [ 172.778124] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.778595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.779039] ? write_comp_data+0x2f/0x90 [ 172.779430] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.779900] __fput+0x26d/0xa40 [ 172.780212] ____fput+0x1e/0x30 [ 172.780514] task_work_run+0x1a4/0x2d0 [ 172.780866] ? __pfx_task_work_run+0x10/0x10 [ 172.781268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.781704] ? switch_task_namespaces+0xa9/0xe0 [ 172.782122] do_exit+0xb17/0x2ef0 [ 172.782433] ? lock_acquire+0x427/0x4c0 [ 172.782820] ? __pfx_lock_release+0x10/0x10 [ 172.783225] ? __kasan_check_write+0x18/0x20 [ 172.783620] ? do_raw_spin_lock+0x132/0x2a0 [ 172.784000] ? __pfx_do_exit+0x10/0x10 [ 172.784351] ? debug_smp_processor_id+0x20/0x30 [ 172.784775] ? rcu_is_watching+0x19/0xb0 [ 172.785133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.785537] ? trace_hardirqs_on+0x26/0x120 [ 172.785921] do_group_exit+0xe0/0x2b0 [ 172.786256] __x64_sys_exit_group+0x47/0x50 [ 172.786649] do_syscall_64+0x3b/0x90 [ 172.786987] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.787463] RIP: 0033:0x7f4b87518a4d [ 172.787790] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.788327] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.788988] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.789615] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.790230] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.790867] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.791501] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.792131] [ 172.792337] irq event stamp: 0 [ 172.792610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.793160] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.793883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.794625] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.795194] ---[ end trace 0000000000000000 ]--- [ 172.799643] ------------[ cut here ]------------ [ 172.800108] WARNING: CPU: 0 PID: 1637 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.800984] Modules linked in: [ 172.801268] CPU: 0 PID: 1637 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.802030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.803091] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.803554] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.805148] RSP: 0018:ffff888021897bb8 EFLAGS: 00010246 [ 172.805616] RAX: 0000000000000000 RBX: ffff88800fad38a8 RCX: 0000000000000000 [ 172.806238] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 172.806892] RBP: ffff888021897bd0 R08: ffffed1001f5a733 R09: ffffed1001f5a733 [ 172.807532] R10: ffff88800fad3993 R11: ffffed1001f5a732 R12: ffff888010570000 [ 172.808158] R13: ffff88800fad39e8 R14: ffffffff8352e670 R15: ffff888021897e68 [ 172.808782] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.809484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.810000] CR2: 0000000020000140 CR3: 0000000013a7a000 CR4: 0000000000750ef0 [ 172.810654] PKRU: 55555554 [ 172.810911] Call Trace: [ 172.811148] [ 172.811351] __iommufd_access_detach+0x1c2/0x2b0 [ 172.811789] iommufd_access_change_pt+0x149/0x270 [ 172.812223] iommufd_access_replace+0xb4/0x120 [ 172.812635] iommufd_test+0x3e5/0x37e0 [ 172.812981] ? lock_release+0x532/0x770 [ 172.813346] ? __might_fault+0x102/0x1b0 [ 172.813715] ? lock_acquire+0x427/0x4c0 [ 172.814076] ? __pfx_iommufd_test+0x10/0x10 [ 172.814455] ? __pfx_lock_release+0x10/0x10 [ 172.814866] ? __pfx_lock_acquire+0x10/0x10 [ 172.815289] ? write_comp_data+0x2f/0x90 [ 172.815665] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.816102] ? write_comp_data+0x2f/0x90 [ 172.816474] iommufd_fops_ioctl+0x37d/0x510 [ 172.816863] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.817301] ? write_comp_data+0x2f/0x90 [ 172.817674] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.818111] __x64_sys_ioctl+0x1a3/0x230 [ 172.818483] do_syscall_64+0x3b/0x90 [ 172.818853] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.819341] RIP: 0033:0x7f4b8743ee5d [ 172.819672] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.821270] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.821938] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.822578] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.823204] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.823814] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.824426] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.825050] [ 172.825260] irq event stamp: 0 [ 172.825542] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.826095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.826858] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.827603] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.828154] ---[ end trace 0000000000000000 ]--- [ 172.831299] ------------[ cut here ]------------ [ 172.831752] WARNING: CPU: 0 PID: 1637 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.832638] Modules linked in: [ 172.832921] CPU: 0 PID: 1637 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.833688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.834702] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.835154] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.836739] RSP: 0018:ffff888021897bd0 EFLAGS: 00010246 [ 172.837199] RAX: 0000000000000000 RBX: ffff88800fad38a8 RCX: 0000000000000000 [ 172.837816] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 172.838443] RBP: ffff888021897be8 R08: ffffed1001f5a733 R09: ffffed1001f5a733 [ 172.839102] R10: ffff88800fad3993 R11: ffffed1001f5a732 R12: ffff888010c0b400 [ 172.839748] R13: ffff88800fad39e8 R14: ffff88800fa0bd00 R15: 0000000000000000 [ 172.840373] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.841081] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.841593] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 172.842234] PKRU: 55555554 [ 172.842498] Call Trace: [ 172.842765] [ 172.842976] iommufd_access_destroy_object+0x65/0x170 [ 172.843488] iommufd_object_destroy_user+0x18e/0x220 [ 172.843969] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.844527] iommufd_access_destroy+0x43/0x70 [ 172.844957] iommufd_test_staccess_release+0x8d/0xd0 [ 172.845450] __fput+0x26d/0xa40 [ 172.845780] ____fput+0x1e/0x30 [ 172.846102] task_work_run+0x1a4/0x2d0 [ 172.846484] ? __pfx_task_work_run+0x10/0x10 [ 172.846962] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.847444] ? switch_task_namespaces+0xa9/0xe0 [ 172.847895] do_exit+0xb17/0x2ef0 [ 172.848222] ? lock_acquire+0x427/0x4c0 [ 172.848610] ? __pfx_lock_release+0x10/0x10 [ 172.849027] ? __kasan_check_write+0x18/0x20 [ 172.849447] ? do_raw_spin_lock+0x132/0x2a0 [ 172.849860] ? __pfx_do_exit+0x10/0x10 [ 172.850239] ? debug_smp_processor_id+0x20/0x30 [ 172.850715] ? rcu_is_watching+0x19/0xb0 [ 172.851099] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.851544] ? trace_hardirqs_on+0x26/0x120 [ 172.851964] do_group_exit+0xe0/0x2b0 [ 172.852331] __x64_sys_exit_group+0x47/0x50 [ 172.852748] do_syscall_64+0x3b/0x90 [ 172.853108] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.853600] RIP: 0033:0x7f4b87518a4d [ 172.853949] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.854555] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.855272] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.855934] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.856604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.857268] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.857924] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.858618] [ 172.858841] irq event stamp: 0 [ 172.859158] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.859758] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.860543] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.861322] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.861910] ---[ end trace 0000000000000000 ]--- [ 172.862777] ------------[ cut here ]------------ [ 172.863246] WARNING: CPU: 0 PID: 1637 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.864210] Modules linked in: [ 172.864520] CPU: 0 PID: 1637 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.865347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.866415] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.866956] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.868702] RSP: 0018:ffff888021897b78 EFLAGS: 00010246 [ 172.869211] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.869895] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 172.870596] RBP: ffff888021897b98 R08: ffffed1001f5a73e R09: ffffed1001f5a73e [ 172.871299] R10: ffff88800fad39ef R11: ffffed1001f5a73d R12: ffff88800fad3a90 [ 172.871980] R13: ffff88800fad38a8 R14: ffffffffffffffff R15: ffff888021897c60 [ 172.872652] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.873416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.873991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 172.874696] PKRU: 55555554 [ 172.874970] Call Trace: [ 172.875243] [ 172.875466] iommufd_ioas_destroy+0x53/0x70 [ 172.875888] iommufd_fops_release+0x1f7/0x370 [ 172.876337] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.876898] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.877375] ? write_comp_data+0x2f/0x90 [ 172.877769] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.878249] __fput+0x26d/0xa40 [ 172.878615] ____fput+0x1e/0x30 [ 172.878938] task_work_run+0x1a4/0x2d0 [ 172.879333] ? __pfx_task_work_run+0x10/0x10 [ 172.879755] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.880216] ? switch_task_namespaces+0xa9/0xe0 [ 172.880668] do_exit+0xb17/0x2ef0 [ 172.880996] ? lock_acquire+0x427/0x4c0 [ 172.881389] ? __pfx_lock_release+0x10/0x10 [ 172.881805] ? __kasan_check_write+0x18/0x20 [ 172.882227] ? do_raw_spin_lock+0x132/0x2a0 [ 172.882682] ? __pfx_do_exit+0x10/0x10 [ 172.883067] ? debug_smp_processor_id+0x20/0x30 [ 172.883541] ? rcu_is_watching+0x19/0xb0 [ 172.883933] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.884374] ? trace_hardirqs_on+0x26/0x120 [ 172.884791] do_group_exit+0xe0/0x2b0 [ 172.885209] __x64_sys_exit_group+0x47/0x50 [ 172.885874] do_syscall_64+0x3b/0x90 [ 172.886245] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.886794] RIP: 0033:0x7f4b87518a4d [ 172.887163] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.887749] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.888469] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.889314] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.890185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.890884] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.891572] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.892256] [ 172.892477] irq event stamp: 0 [ 172.892773] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.893371] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.894313] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.895276] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.895876] ---[ end trace 0000000000000000 ]--- [ 172.901112] ------------[ cut here ]------------ [ 172.901731] WARNING: CPU: 0 PID: 1638 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.902898] Modules linked in: [ 172.903228] CPU: 0 PID: 1638 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.904049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.905108] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.905588] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.907330] RSP: 0018:ffff888016f6fbb8 EFLAGS: 00010246 [ 172.907834] RAX: 0000000000000000 RBX: ffff8880178cd0a8 RCX: 0000000000000000 [ 172.908492] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 172.909151] RBP: ffff888016f6fbd0 R08: ffffed1002f19a33 R09: ffffed1002f19a33 [ 172.909807] R10: ffff8880178cd193 R11: ffffed1002f19a32 R12: ffff8880218e1400 [ 172.910472] R13: ffff8880178cd1e8 R14: ffffffff8352e670 R15: ffff888016f6fe68 [ 172.911174] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.911928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.912468] CR2: 00007f4b877410e8 CR3: 0000000013a7a000 CR4: 0000000000750ef0 [ 172.913127] PKRU: 55555554 [ 172.913398] Call Trace: [ 172.913643] [ 172.913855] __iommufd_access_detach+0x1c2/0x2b0 [ 172.914313] iommufd_access_change_pt+0x149/0x270 [ 172.914769] iommufd_access_replace+0xb4/0x120 [ 172.915195] iommufd_test+0x3e5/0x37e0 [ 172.915542] ? lock_release+0x532/0x770 [ 172.915909] ? __might_fault+0x102/0x1b0 [ 172.916272] ? lock_acquire+0x427/0x4c0 [ 172.916639] ? __pfx_iommufd_test+0x10/0x10 [ 172.917022] ? __pfx_lock_release+0x10/0x10 [ 172.917414] ? __pfx_lock_acquire+0x10/0x10 [ 172.917807] ? write_comp_data+0x2f/0x90 [ 172.918181] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.918642] ? write_comp_data+0x2f/0x90 [ 172.919011] iommufd_fops_ioctl+0x37d/0x510 [ 172.919410] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.919845] ? write_comp_data+0x2f/0x90 [ 172.920213] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 172.920648] __x64_sys_ioctl+0x1a3/0x230 [ 172.921016] do_syscall_64+0x3b/0x90 [ 172.921356] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.921819] RIP: 0033:0x7f4b8743ee5d [ 172.922147] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 172.923772] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 172.924446] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 172.925069] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 172.925695] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 172.926313] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 172.926958] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 172.927617] [ 172.927824] irq event stamp: 0 [ 172.928103] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.928658] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.929387] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.930113] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.930684] ---[ end trace 0000000000000000 ]--- [ 172.933878] ------------[ cut here ]------------ [ 172.934307] WARNING: CPU: 0 PID: 1638 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.935321] Modules linked in: [ 172.935757] CPU: 0 PID: 1638 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.936533] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.937512] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 172.937948] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 172.939732] RSP: 0018:ffff888016f6fbd0 EFLAGS: 00010246 [ 172.940203] RAX: 0000000000000000 RBX: ffff8880178cd0a8 RCX: 0000000000000000 [ 172.940830] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 172.941626] RBP: ffff888016f6fbe8 R08: ffffed1002f19a33 R09: ffffed1002f19a33 [ 172.942247] R10: ffff8880178cd193 R11: ffffed1002f19a32 R12: ffff888010573000 [ 172.942888] R13: ffff8880178cd1e8 R14: ffff88800f2e7400 R15: 0000000000000000 [ 172.943520] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.944223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.944825] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 172.945531] PKRU: 55555554 [ 172.945783] Call Trace: [ 172.946008] [ 172.946207] iommufd_access_destroy_object+0x65/0x170 [ 172.946693] iommufd_object_destroy_user+0x18e/0x220 [ 172.947179] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 172.947732] iommufd_access_destroy+0x43/0x70 [ 172.948277] iommufd_test_staccess_release+0x8d/0xd0 [ 172.948739] __fput+0x26d/0xa40 [ 172.949053] ____fput+0x1e/0x30 [ 172.949356] task_work_run+0x1a4/0x2d0 [ 172.949701] ? __pfx_task_work_run+0x10/0x10 [ 172.950088] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.950634] ? switch_task_namespaces+0xa9/0xe0 [ 172.951131] do_exit+0xb17/0x2ef0 [ 172.951424] ? lock_acquire+0x427/0x4c0 [ 172.951763] ? __pfx_lock_release+0x10/0x10 [ 172.952128] ? __kasan_check_write+0x18/0x20 [ 172.952499] ? do_raw_spin_lock+0x132/0x2a0 [ 172.952859] ? __pfx_do_exit+0x10/0x10 [ 172.953195] ? debug_smp_processor_id+0x20/0x30 [ 172.953620] ? rcu_is_watching+0x19/0xb0 [ 172.954090] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.954470] ? trace_hardirqs_on+0x26/0x120 [ 172.954866] do_group_exit+0xe0/0x2b0 [ 172.955203] __x64_sys_exit_group+0x47/0x50 [ 172.955562] do_syscall_64+0x3b/0x90 [ 172.955879] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.956313] RIP: 0033:0x7f4b87518a4d [ 172.956628] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.957298] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.957924] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.958533] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.959121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.959711] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.960465] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.961059] [ 172.961255] irq event stamp: 0 [ 172.961516] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.962044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.962924] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.963629] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.964146] ---[ end trace 0000000000000000 ]--- [ 172.964859] ------------[ cut here ]------------ [ 172.965250] WARNING: CPU: 0 PID: 1638 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 172.966257] Modules linked in: [ 172.966547] CPU: 0 PID: 1638 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 172.967290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 172.968217] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 172.968650] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 172.970367] RSP: 0018:ffff888016f6fb78 EFLAGS: 00010246 [ 172.970837] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 172.971431] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 172.972021] RBP: ffff888016f6fb98 R08: ffffed1002f19a3e R09: ffffed1002f19a3e [ 172.972607] R10: ffff8880178cd1ef R11: ffffed1002f19a3d R12: ffff8880178cd290 [ 172.973373] R13: ffff8880178cd0a8 R14: ffffffffffffffff R15: ffff888016f6fc60 [ 172.973968] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 172.974658] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 172.975165] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 172.975760] PKRU: 55555554 [ 172.975999] Call Trace: [ 172.976214] [ 172.976449] iommufd_ioas_destroy+0x53/0x70 [ 172.976954] iommufd_fops_release+0x1f7/0x370 [ 172.977334] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.977748] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.978158] ? write_comp_data+0x2f/0x90 [ 172.978539] ? __pfx_iommufd_fops_release+0x10/0x10 [ 172.978963] __fput+0x26d/0xa40 [ 172.979261] ____fput+0x1e/0x30 [ 172.979541] task_work_run+0x1a4/0x2d0 [ 172.979872] ? __pfx_task_work_run+0x10/0x10 [ 172.980424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 172.980844] ? switch_task_namespaces+0xa9/0xe0 [ 172.981242] do_exit+0xb17/0x2ef0 [ 172.981538] ? lock_acquire+0x427/0x4c0 [ 172.981877] ? __pfx_lock_release+0x10/0x10 [ 172.982240] ? __kasan_check_write+0x18/0x20 [ 172.982638] ? do_raw_spin_lock+0x132/0x2a0 [ 172.982999] ? __pfx_do_exit+0x10/0x10 [ 172.983345] ? debug_smp_processor_id+0x20/0x30 [ 172.983782] ? rcu_is_watching+0x19/0xb0 [ 172.984267] ? _raw_spin_unlock_irq+0x2b/0x60 [ 172.984647] ? trace_hardirqs_on+0x26/0x120 [ 172.985009] do_group_exit+0xe0/0x2b0 [ 172.985323] __x64_sys_exit_group+0x47/0x50 [ 172.985678] do_syscall_64+0x3b/0x90 [ 172.985998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 172.986439] RIP: 0033:0x7f4b87518a4d [ 172.986842] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 172.987475] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 172.988098] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 172.988680] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 172.989264] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 172.989843] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 172.990657] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 172.991274] [ 172.991468] irq event stamp: 0 [ 172.991731] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 172.992259] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 172.992950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 172.993848] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 172.994372] ---[ end trace 0000000000000000 ]--- [ 172.998486] ------------[ cut here ]------------ [ 172.999016] WARNING: CPU: 0 PID: 1639 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 172.999867] Modules linked in: [ 173.000138] CPU: 0 PID: 1639 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.000858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.001778] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.002188] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.003728] RSP: 0018:ffff888021897bb8 EFLAGS: 00010246 [ 173.004178] RAX: 0000000000000000 RBX: ffff8880178438a8 RCX: 0000000000000000 [ 173.004763] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 173.005346] RBP: ffff888021897bd0 R08: ffffed1002f08733 R09: ffffed1002f08733 [ 173.005929] R10: ffff888017843993 R11: ffffed1002f08732 R12: ffff888013cfa400 [ 173.006532] R13: ffff8880178439e8 R14: ffffffff8352e670 R15: ffff888021897e68 [ 173.007138] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.007802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.008278] CR2: 0000000020000140 CR3: 0000000013a7a000 CR4: 0000000000750ef0 [ 173.008863] PKRU: 55555554 [ 173.009095] Call Trace: [ 173.009304] [ 173.009498] __iommufd_access_detach+0x1c2/0x2b0 [ 173.009906] iommufd_access_change_pt+0x149/0x270 [ 173.010317] iommufd_access_replace+0xb4/0x120 [ 173.010733] iommufd_test+0x3e5/0x37e0 [ 173.011063] ? lock_release+0x532/0x770 [ 173.011414] ? __might_fault+0x102/0x1b0 [ 173.011758] ? lock_acquire+0x427/0x4c0 [ 173.012095] ? __pfx_iommufd_test+0x10/0x10 [ 173.012459] ? __pfx_lock_release+0x10/0x10 [ 173.012822] ? __pfx_lock_acquire+0x10/0x10 [ 173.013192] ? write_comp_data+0x2f/0x90 [ 173.013543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.013953] ? write_comp_data+0x2f/0x90 [ 173.014298] iommufd_fops_ioctl+0x37d/0x510 [ 173.014684] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.015097] ? write_comp_data+0x2f/0x90 [ 173.015456] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.015859] __x64_sys_ioctl+0x1a3/0x230 [ 173.016204] do_syscall_64+0x3b/0x90 [ 173.016525] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.016959] RIP: 0033:0x7f4b8743ee5d [ 173.017269] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.018804] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.019430] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.020013] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.020597] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.021178] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.021764] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.022362] [ 173.022573] irq event stamp: 0 [ 173.022833] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.023364] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.024053] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.024734] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.025248] ---[ end trace 0000000000000000 ]--- [ 173.028446] ------------[ cut here ]------------ [ 173.028868] WARNING: CPU: 0 PID: 1639 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.029717] Modules linked in: [ 173.029988] CPU: 0 PID: 1639 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.030908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.031865] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.032278] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.033755] RSP: 0018:ffff888021897bd0 EFLAGS: 00010246 [ 173.034189] RAX: 0000000000000000 RBX: ffff8880178438a8 RCX: 0000000000000000 [ 173.034780] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 173.035363] RBP: ffff888021897be8 R08: ffffed1002f08733 R09: ffffed1002f08733 [ 173.035944] R10: ffff888017843993 R11: ffffed1002f08732 R12: ffff8880218e3400 [ 173.036525] R13: ffff8880178439e8 R14: ffff88800fd13400 R15: 0000000000000000 [ 173.037110] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.037761] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.038228] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.038843] PKRU: 55555554 [ 173.039078] Call Trace: [ 173.039316] [ 173.039502] iommufd_access_destroy_object+0x65/0x170 [ 173.039930] iommufd_object_destroy_user+0x18e/0x220 [ 173.040356] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.040841] iommufd_access_destroy+0x43/0x70 [ 173.041241] iommufd_test_staccess_release+0x8d/0xd0 [ 173.041684] __fput+0x26d/0xa40 [ 173.041972] ____fput+0x1e/0x30 [ 173.042262] task_work_run+0x1a4/0x2d0 [ 173.042616] ? __pfx_task_work_run+0x10/0x10 [ 173.042986] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.043400] ? switch_task_namespaces+0xa9/0xe0 [ 173.043789] do_exit+0xb17/0x2ef0 [ 173.044075] ? lock_acquire+0x427/0x4c0 [ 173.044408] ? __pfx_lock_release+0x10/0x10 [ 173.044764] ? __kasan_check_write+0x18/0x20 [ 173.045125] ? do_raw_spin_lock+0x132/0x2a0 [ 173.045478] ? __pfx_do_exit+0x10/0x10 [ 173.045813] ? debug_smp_processor_id+0x20/0x30 [ 173.046198] ? rcu_is_watching+0x19/0xb0 [ 173.046555] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.046940] ? trace_hardirqs_on+0x26/0x120 [ 173.047313] do_group_exit+0xe0/0x2b0 [ 173.047631] __x64_sys_exit_group+0x47/0x50 [ 173.047980] do_syscall_64+0x3b/0x90 [ 173.048299] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.048735] RIP: 0033:0x7f4b87518a4d [ 173.049041] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.049543] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.050175] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.050778] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.051372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.051961] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.052536] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.053130] [ 173.053327] irq event stamp: 0 [ 173.053588] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.054104] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.054808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.055507] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.056024] ---[ end trace 0000000000000000 ]--- [ 173.057129] ------------[ cut here ]------------ [ 173.058002] WARNING: CPU: 1 PID: 1639 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.059352] Modules linked in: [ 173.059656] CPU: 1 PID: 1639 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.060505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.061416] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.061840] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.063487] RSP: 0018:ffff888021897b78 EFLAGS: 00010246 [ 173.063926] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.064645] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 173.065224] RBP: ffff888021897b98 R08: ffffed1002f0873e R09: ffffed1002f0873e [ 173.065802] R10: ffff8880178439ef R11: ffffed1002f0873d R12: ffff888017843a90 [ 173.066531] R13: ffff8880178438a8 R14: ffffffffffffffff R15: ffff888021897c60 [ 173.067136] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 173.067796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.068403] CR2: 00007f82e2b28010 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 173.068993] PKRU: 55555554 [ 173.069230] Call Trace: [ 173.069446] [ 173.069633] iommufd_ioas_destroy+0x53/0x70 [ 173.070069] iommufd_fops_release+0x1f7/0x370 [ 173.070472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.070906] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.071325] ? write_comp_data+0x2f/0x90 [ 173.071670] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.072216] __fput+0x26d/0xa40 [ 173.072510] ____fput+0x1e/0x30 [ 173.072789] task_work_run+0x1a4/0x2d0 [ 173.073121] ? __pfx_task_work_run+0x10/0x10 [ 173.073495] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.074017] ? switch_task_namespaces+0xa9/0xe0 [ 173.074418] do_exit+0xb17/0x2ef0 [ 173.074724] ? lock_acquire+0x427/0x4c0 [ 173.075062] ? __pfx_lock_release+0x10/0x10 [ 173.075439] ? __kasan_check_write+0x18/0x20 [ 173.075885] ? do_raw_spin_lock+0x132/0x2a0 [ 173.076286] ? __pfx_do_exit+0x10/0x10 [ 173.076617] ? debug_smp_processor_id+0x20/0x30 [ 173.077004] ? rcu_is_watching+0x19/0xb0 [ 173.077347] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.077843] ? trace_hardirqs_on+0x26/0x120 [ 173.078214] do_group_exit+0xe0/0x2b0 [ 173.078551] __x64_sys_exit_group+0x47/0x50 [ 173.078906] do_syscall_64+0x3b/0x90 [ 173.079235] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.079787] RIP: 0033:0x7f4b87518a4d [ 173.080099] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.080615] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.081237] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.081952] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.082552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.083145] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.083873] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.084469] [ 173.084665] irq event stamp: 0 [ 173.085001] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.085648] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.086338] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.087038] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.087703] ---[ end trace 0000000000000000 ]--- [ 173.093623] ------------[ cut here ]------------ [ 173.094039] WARNING: CPU: 1 PID: 1640 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.095030] Modules linked in: [ 173.095312] CPU: 1 PID: 1640 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.096022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.097071] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.097483] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.099144] RSP: 0018:ffff888010507bb8 EFLAGS: 00010246 [ 173.099590] RAX: 0000000000000000 RBX: ffff88801804f0a8 RCX: 0000000000000000 [ 173.100190] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 173.100878] RBP: ffff888010507bd0 R08: ffffed1003009e33 R09: ffffed1003009e33 [ 173.101465] R10: ffff88801804f193 R11: ffffed1003009e32 R12: ffff88801341ec00 [ 173.102076] R13: ffff88801804f1e8 R14: ffffffff8352e670 R15: ffff888010507e68 [ 173.102759] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 173.103423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.103899] CR2: 00007f4b877410e8 CR3: 0000000021872000 CR4: 0000000000750ee0 [ 173.104624] PKRU: 55555554 [ 173.104862] Call Trace: [ 173.105073] [ 173.105260] __iommufd_access_detach+0x1c2/0x2b0 [ 173.105670] iommufd_access_change_pt+0x149/0x270 [ 173.106157] iommufd_access_replace+0xb4/0x120 [ 173.106606] iommufd_test+0x3e5/0x37e0 [ 173.106924] ? lock_release+0x532/0x770 [ 173.107265] ? __might_fault+0x102/0x1b0 [ 173.107607] ? lock_acquire+0x427/0x4c0 [ 173.108019] ? __pfx_iommufd_test+0x10/0x10 [ 173.108406] ? __pfx_lock_release+0x10/0x10 [ 173.108778] ? __pfx_lock_acquire+0x10/0x10 [ 173.109152] ? write_comp_data+0x2f/0x90 [ 173.109496] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.109973] ? write_comp_data+0x2f/0x90 [ 173.110380] iommufd_fops_ioctl+0x37d/0x510 [ 173.110762] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.111183] ? write_comp_data+0x2f/0x90 [ 173.111531] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.112053] __x64_sys_ioctl+0x1a3/0x230 [ 173.112406] do_syscall_64+0x3b/0x90 [ 173.112723] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.113160] RIP: 0033:0x7f4b8743ee5d [ 173.113467] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.115126] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.115884] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.116467] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.117121] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.117824] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.118412] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.119021] [ 173.119249] irq event stamp: 0 [ 173.119605] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.120126] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.120823] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.121651] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.122169] ---[ end trace 0000000000000000 ]--- [ 173.126496] ------------[ cut here ]------------ [ 173.127055] WARNING: CPU: 1 PID: 1640 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.127920] Modules linked in: [ 173.128187] CPU: 1 PID: 1640 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.128976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.129942] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.130360] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.132020] RSP: 0018:ffff888010507bd0 EFLAGS: 00010246 [ 173.132464] RAX: 0000000000000000 RBX: ffff88801804f0a8 RCX: 0000000000000000 [ 173.133168] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 173.133749] RBP: ffff888010507be8 R08: ffffed1003009e33 R09: ffffed1003009e33 [ 173.134331] R10: ffff88801804f193 R11: ffffed1003009e32 R12: ffff888014393400 [ 173.135065] R13: ffff88801804f1e8 R14: ffff88802184bc00 R15: 0000000000000000 [ 173.135661] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 173.136340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.136991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 173.137608] PKRU: 55555554 [ 173.137856] Call Trace: [ 173.138081] [ 173.138278] iommufd_access_destroy_object+0x65/0x170 [ 173.138884] iommufd_object_destroy_user+0x18e/0x220 [ 173.139345] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.139857] iommufd_access_destroy+0x43/0x70 [ 173.140262] iommufd_test_staccess_release+0x8d/0xd0 [ 173.140800] __fput+0x26d/0xa40 [ 173.141120] ____fput+0x1e/0x30 [ 173.141413] task_work_run+0x1a4/0x2d0 [ 173.141759] ? __pfx_task_work_run+0x10/0x10 [ 173.142144] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.142667] ? switch_task_namespaces+0xa9/0xe0 [ 173.143141] do_exit+0xb17/0x2ef0 [ 173.143448] ? lock_acquire+0x427/0x4c0 [ 173.143807] ? __pfx_lock_release+0x10/0x10 [ 173.144189] ? __kasan_check_write+0x18/0x20 [ 173.144667] ? do_raw_spin_lock+0x132/0x2a0 [ 173.145101] ? __pfx_do_exit+0x10/0x10 [ 173.145448] ? debug_smp_processor_id+0x20/0x30 [ 173.145855] ? rcu_is_watching+0x19/0xb0 [ 173.146216] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.146720] ? trace_hardirqs_on+0x26/0x120 [ 173.147155] do_group_exit+0xe0/0x2b0 [ 173.147496] __x64_sys_exit_group+0x47/0x50 [ 173.147878] do_syscall_64+0x3b/0x90 [ 173.148219] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.148821] RIP: 0033:0x7f4b87518a4d [ 173.149224] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.149748] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.150438] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.151179] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.151793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.152432] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.153139] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.153760] [ 173.153963] irq event stamp: 0 [ 173.154233] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.154950] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.155700] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.156469] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.157124] ---[ end trace 0000000000000000 ]--- [ 173.159865] ------------[ cut here ]------------ [ 173.160325] WARNING: CPU: 1 PID: 1640 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.161302] Modules linked in: [ 173.161587] CPU: 1 PID: 1640 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.162424] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.163551] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.164013] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.165763] RSP: 0018:ffff888010507b78 EFLAGS: 00010246 [ 173.166235] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.167004] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 173.167637] RBP: ffff888010507b98 R08: ffffed1003009e3e R09: ffffed1003009e3e [ 173.168267] R10: ffff88801804f1ef R11: ffffed1003009e3d R12: ffff88801804f290 [ 173.168982] R13: ffff88801804f0a8 R14: ffffffffffffffff R15: ffff888010507c60 [ 173.169671] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 173.170372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.170982] CR2: 00007f82e2b32030 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 173.171686] PKRU: 55555554 [ 173.171936] Call Trace: [ 173.172160] [ 173.172365] iommufd_ioas_destroy+0x53/0x70 [ 173.172774] iommufd_fops_release+0x1f7/0x370 [ 173.173291] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.173735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.174167] ? write_comp_data+0x2f/0x90 [ 173.174548] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.175129] __fput+0x26d/0xa40 [ 173.175438] ____fput+0x1e/0x30 [ 173.175738] task_work_run+0x1a4/0x2d0 [ 173.176093] ? __pfx_task_work_run+0x10/0x10 [ 173.176492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.177009] ? switch_task_namespaces+0xa9/0xe0 [ 173.177461] do_exit+0xb17/0x2ef0 [ 173.177767] ? lock_acquire+0x427/0x4c0 [ 173.178124] ? __pfx_lock_release+0x10/0x10 [ 173.178532] ? __kasan_check_write+0x18/0x20 [ 173.179008] ? do_raw_spin_lock+0x132/0x2a0 [ 173.179457] ? __pfx_do_exit+0x10/0x10 [ 173.179812] ? debug_smp_processor_id+0x20/0x30 [ 173.180229] ? rcu_is_watching+0x19/0xb0 [ 173.180591] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.181211] ? trace_hardirqs_on+0x26/0x120 [ 173.181608] do_group_exit+0xe0/0x2b0 [ 173.181951] __x64_sys_exit_group+0x47/0x50 [ 173.182331] do_syscall_64+0x3b/0x90 [ 173.182689] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.183163] RIP: 0033:0x7f4b87518a4d [ 173.183491] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.184023] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.184681] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.185302] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.185919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.186561] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.187186] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.187811] [ 173.188015] irq event stamp: 0 [ 173.188288] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.188839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.189568] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.190285] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.190841] ---[ end trace 0000000000000000 ]--- [ 173.196058] ------------[ cut here ]------------ [ 173.196495] WARNING: CPU: 1 PID: 1641 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.197356] Modules linked in: [ 173.197629] CPU: 1 PID: 1641 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.198370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.199366] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.199793] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.201344] RSP: 0018:ffff888016d37bb8 EFLAGS: 00010246 [ 173.201796] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 173.202403] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 173.203024] RBP: ffff888016d37bd0 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 173.203646] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff888010c09000 [ 173.204250] R13: ffff888011f649e8 R14: ffffffff8352e670 R15: ffff888016d37e68 [ 173.204854] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 173.205537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.206028] CR2: 0000000020000140 CR3: 0000000013a7a000 CR4: 0000000000750ee0 [ 173.206658] PKRU: 55555554 [ 173.206905] Call Trace: [ 173.207136] [ 173.207335] __iommufd_access_detach+0x1c2/0x2b0 [ 173.207760] iommufd_access_change_pt+0x149/0x270 [ 173.208194] iommufd_access_replace+0xb4/0x120 [ 173.208606] iommufd_test+0x3e5/0x37e0 [ 173.208943] ? lock_release+0x532/0x770 [ 173.209298] ? __might_fault+0x102/0x1b0 [ 173.209656] ? lock_acquire+0x427/0x4c0 [ 173.210005] ? __pfx_iommufd_test+0x10/0x10 [ 173.210372] ? __pfx_lock_release+0x10/0x10 [ 173.210771] ? __pfx_lock_acquire+0x10/0x10 [ 173.211163] ? write_comp_data+0x2f/0x90 [ 173.211522] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.211943] ? write_comp_data+0x2f/0x90 [ 173.212299] iommufd_fops_ioctl+0x37d/0x510 [ 173.212677] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.213168] ? write_comp_data+0x2f/0x90 [ 173.213532] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.213948] __x64_sys_ioctl+0x1a3/0x230 [ 173.214311] do_syscall_64+0x3b/0x90 [ 173.214667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.215132] RIP: 0033:0x7f4b8743ee5d [ 173.215453] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.217010] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.217662] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.218276] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.218903] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.219527] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.220136] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.220726] [ 173.220914] irq event stamp: 0 [ 173.221169] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.221674] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.222344] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.223032] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.223551] ---[ end trace 0000000000000000 ]--- [ 173.226327] ------------[ cut here ]------------ [ 173.226758] WARNING: CPU: 1 PID: 1641 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.227599] Modules linked in: [ 173.227859] CPU: 1 PID: 1641 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.228560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.229464] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.229870] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.231361] RSP: 0018:ffff888016d37bd0 EFLAGS: 00010246 [ 173.231798] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 173.232369] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 173.232938] RBP: ffff888016d37be8 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 173.233511] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff88801341e400 [ 173.234078] R13: ffff888011f649e8 R14: ffff888020e8b600 R15: 0000000000000000 [ 173.234666] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 173.235319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.235794] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 173.236363] PKRU: 55555554 [ 173.236592] Call Trace: [ 173.236798] [ 173.236983] iommufd_access_destroy_object+0x65/0x170 [ 173.237405] iommufd_object_destroy_user+0x18e/0x220 [ 173.237823] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.238295] iommufd_access_destroy+0x43/0x70 [ 173.238686] iommufd_test_staccess_release+0x8d/0xd0 [ 173.239105] __fput+0x26d/0xa40 [ 173.239399] ____fput+0x1e/0x30 [ 173.239676] task_work_run+0x1a4/0x2d0 [ 173.240003] ? __pfx_task_work_run+0x10/0x10 [ 173.240369] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.240771] ? switch_task_namespaces+0xa9/0xe0 [ 173.241162] do_exit+0xb17/0x2ef0 [ 173.241449] ? lock_acquire+0x427/0x4c0 [ 173.241778] ? __pfx_lock_release+0x10/0x10 [ 173.242132] ? __kasan_check_write+0x18/0x20 [ 173.242497] ? do_raw_spin_lock+0x132/0x2a0 [ 173.242874] ? __pfx_do_exit+0x10/0x10 [ 173.243207] ? debug_smp_processor_id+0x20/0x30 [ 173.243594] ? rcu_is_watching+0x19/0xb0 [ 173.243926] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.244301] ? trace_hardirqs_on+0x26/0x120 [ 173.244662] do_group_exit+0xe0/0x2b0 [ 173.245032] __x64_sys_exit_group+0x47/0x50 [ 173.245382] do_syscall_64+0x3b/0x90 [ 173.245691] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.246116] RIP: 0033:0x7f4b87518a4d [ 173.246418] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.246937] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.247558] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.248132] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.248707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.249279] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.249852] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.250430] [ 173.250677] irq event stamp: 0 [ 173.250936] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.251458] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.252128] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.252794] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.253298] ---[ end trace 0000000000000000 ]--- [ 173.254016] ------------[ cut here ]------------ [ 173.254395] WARNING: CPU: 1 PID: 1641 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.255250] Modules linked in: [ 173.255519] CPU: 1 PID: 1641 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.256221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.257122] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.257538] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.259017] RSP: 0018:ffff888016d37b78 EFLAGS: 00010246 [ 173.259470] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.260038] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 173.260608] RBP: ffff888016d37b98 R08: ffffed10023ec93e R09: ffffed10023ec93e [ 173.261172] R10: ffff888011f649ef R11: ffffed10023ec93d R12: ffff888011f64a90 [ 173.261746] R13: ffff888011f648a8 R14: ffffffffffffffff R15: ffff888016d37c60 [ 173.262318] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 173.262980] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.263460] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 173.264033] PKRU: 55555554 [ 173.264261] Call Trace: [ 173.264470] [ 173.264656] iommufd_ioas_destroy+0x53/0x70 [ 173.265011] iommufd_fops_release+0x1f7/0x370 [ 173.265382] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.265786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.266186] ? write_comp_data+0x2f/0x90 [ 173.266546] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.266954] __fput+0x26d/0xa40 [ 173.267247] ____fput+0x1e/0x30 [ 173.267527] task_work_run+0x1a4/0x2d0 [ 173.267854] ? __pfx_task_work_run+0x10/0x10 [ 173.268218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.268616] ? switch_task_namespaces+0xa9/0xe0 [ 173.268999] do_exit+0xb17/0x2ef0 [ 173.269285] ? lock_acquire+0x427/0x4c0 [ 173.269616] ? __pfx_lock_release+0x10/0x10 [ 173.269969] ? __kasan_check_write+0x18/0x20 [ 173.270328] ? do_raw_spin_lock+0x132/0x2a0 [ 173.270698] ? __pfx_do_exit+0x10/0x10 [ 173.271023] ? debug_smp_processor_id+0x20/0x30 [ 173.271414] ? rcu_is_watching+0x19/0xb0 [ 173.271744] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.272104] ? trace_hardirqs_on+0x26/0x120 [ 173.272453] do_group_exit+0xe0/0x2b0 [ 173.272754] __x64_sys_exit_group+0x47/0x50 [ 173.273090] do_syscall_64+0x3b/0x90 [ 173.273389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.273802] RIP: 0033:0x7f4b87518a4d [ 173.274095] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.274592] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.275192] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.275745] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.276296] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.276845] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.277449] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.278010] [ 173.278193] irq event stamp: 0 [ 173.278440] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.278947] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.279592] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.280242] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.280733] ---[ end trace 0000000000000000 ]--- [ 173.285168] ------------[ cut here ]------------ [ 173.285586] WARNING: CPU: 0 PID: 1642 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.286381] Modules linked in: [ 173.286705] CPU: 0 PID: 1642 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.287420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.288312] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.288703] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.290126] RSP: 0018:ffff8880161dfbb8 EFLAGS: 00010246 [ 173.290565] RAX: 0000000000000000 RBX: ffff88800b8130a8 RCX: 0000000000000000 [ 173.291125] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 173.291718] RBP: ffff8880161dfbd0 R08: ffffed1001702633 R09: ffffed1001702633 [ 173.292271] R10: ffff88800b813193 R11: ffffed1001702632 R12: ffff888014583000 [ 173.292823] R13: ffff88800b8131e8 R14: ffffffff8352e670 R15: ffff8880161dfe68 [ 173.293377] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.294006] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.294455] CR2: 0000000020000140 CR3: 000000000fa7c000 CR4: 0000000000750ef0 [ 173.295030] PKRU: 55555554 [ 173.295267] Call Trace: [ 173.295469] [ 173.295649] __iommufd_access_detach+0x1c2/0x2b0 [ 173.296041] iommufd_access_change_pt+0x149/0x270 [ 173.296437] iommufd_access_replace+0xb4/0x120 [ 173.296810] iommufd_test+0x3e5/0x37e0 [ 173.297118] ? lock_release+0x532/0x770 [ 173.297440] ? __might_fault+0x102/0x1b0 [ 173.297764] ? lock_acquire+0x427/0x4c0 [ 173.298087] ? __pfx_iommufd_test+0x10/0x10 [ 173.298427] ? __pfx_lock_release+0x10/0x10 [ 173.298798] ? __pfx_lock_acquire+0x10/0x10 [ 173.299158] ? write_comp_data+0x2f/0x90 [ 173.299493] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.299878] ? write_comp_data+0x2f/0x90 [ 173.300210] iommufd_fops_ioctl+0x37d/0x510 [ 173.300557] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.300945] ? write_comp_data+0x2f/0x90 [ 173.301272] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.301656] __x64_sys_ioctl+0x1a3/0x230 [ 173.301985] do_syscall_64+0x3b/0x90 [ 173.302290] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.302721] RIP: 0033:0x7f4b8743ee5d [ 173.303015] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.304442] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.305035] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.305589] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.306146] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.306719] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.307295] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.307858] [ 173.308042] irq event stamp: 0 [ 173.308289] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.308785] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.309437] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.310092] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.310602] ---[ end trace 0000000000000000 ]--- [ 173.313570] ------------[ cut here ]------------ [ 173.313970] WARNING: CPU: 0 PID: 1642 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.314792] Modules linked in: [ 173.315045] CPU: 0 PID: 1642 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.315739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.316617] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.317005] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.318418] RSP: 0018:ffff8880161dfbd0 EFLAGS: 00010246 [ 173.318852] RAX: 0000000000000000 RBX: ffff88800b8130a8 RCX: 0000000000000000 [ 173.319413] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 173.319969] RBP: ffff8880161dfbe8 R08: ffffed1001702633 R09: ffffed1001702633 [ 173.320520] R10: ffff88800b813193 R11: ffffed1001702632 R12: ffff888013cf9c00 [ 173.321073] R13: ffff88800b8131e8 R14: ffff888010aaa700 R15: 0000000000000000 [ 173.321627] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.322249] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.322717] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.323296] PKRU: 55555554 [ 173.323517] Call Trace: [ 173.323744] [ 173.323928] iommufd_access_destroy_object+0x65/0x170 [ 173.324332] iommufd_object_destroy_user+0x18e/0x220 [ 173.324732] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.325192] iommufd_access_destroy+0x43/0x70 [ 173.325553] iommufd_test_staccess_release+0x8d/0xd0 [ 173.325956] __fput+0x26d/0xa40 [ 173.326226] ____fput+0x1e/0x30 [ 173.326496] task_work_run+0x1a4/0x2d0 [ 173.326842] ? __pfx_task_work_run+0x10/0x10 [ 173.327208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.327597] ? switch_task_namespaces+0xa9/0xe0 [ 173.327973] do_exit+0xb17/0x2ef0 [ 173.328250] ? lock_acquire+0x427/0x4c0 [ 173.328569] ? __pfx_lock_release+0x10/0x10 [ 173.328910] ? __kasan_check_write+0x18/0x20 [ 173.329255] ? do_raw_spin_lock+0x132/0x2a0 [ 173.329593] ? __pfx_do_exit+0x10/0x10 [ 173.329905] ? debug_smp_processor_id+0x20/0x30 [ 173.330272] ? rcu_is_watching+0x19/0xb0 [ 173.330615] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.330975] ? trace_hardirqs_on+0x26/0x120 [ 173.331334] do_group_exit+0xe0/0x2b0 [ 173.331634] __x64_sys_exit_group+0x47/0x50 [ 173.331973] do_syscall_64+0x3b/0x90 [ 173.332276] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.332693] RIP: 0033:0x7f4b87518a4d [ 173.332985] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.333464] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.334048] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.334624] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.335185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.335738] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.336288] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.336848] [ 173.337031] irq event stamp: 0 [ 173.337277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.337765] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.338410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.339088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.339589] ---[ end trace 0000000000000000 ]--- [ 173.340285] ------------[ cut here ]------------ [ 173.340652] WARNING: CPU: 0 PID: 1642 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.341432] Modules linked in: [ 173.341686] CPU: 0 PID: 1642 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.342364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.343281] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.343689] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.345096] RSP: 0018:ffff8880161dfb78 EFLAGS: 00010246 [ 173.345507] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.346052] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 173.346622] RBP: ffff8880161dfb98 R08: ffffed100170263e R09: ffffed100170263e [ 173.347181] R10: ffff88800b8131ef R11: ffffed100170263d R12: ffff88800b813290 [ 173.347731] R13: ffff88800b8130a8 R14: ffffffffffffffff R15: ffff8880161dfc60 [ 173.348280] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.348900] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.349348] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.349897] PKRU: 55555554 [ 173.350116] Call Trace: [ 173.350319] [ 173.350498] iommufd_ioas_destroy+0x53/0x70 [ 173.350863] iommufd_fops_release+0x1f7/0x370 [ 173.351232] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.351624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.352008] ? write_comp_data+0x2f/0x90 [ 173.352332] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.352720] __fput+0x26d/0xa40 [ 173.352994] ____fput+0x1e/0x30 [ 173.353262] task_work_run+0x1a4/0x2d0 [ 173.353581] ? __pfx_task_work_run+0x10/0x10 [ 173.353931] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.354317] ? switch_task_namespaces+0xa9/0xe0 [ 173.354709] do_exit+0xb17/0x2ef0 [ 173.354981] ? lock_acquire+0x427/0x4c0 [ 173.355313] ? __pfx_lock_release+0x10/0x10 [ 173.355658] ? __kasan_check_write+0x18/0x20 [ 173.356004] ? do_raw_spin_lock+0x132/0x2a0 [ 173.356343] ? __pfx_do_exit+0x10/0x10 [ 173.356659] ? debug_smp_processor_id+0x20/0x30 [ 173.357026] ? rcu_is_watching+0x19/0xb0 [ 173.357343] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.357702] ? trace_hardirqs_on+0x26/0x120 [ 173.358046] do_group_exit+0xe0/0x2b0 [ 173.358346] __x64_sys_exit_group+0x47/0x50 [ 173.358704] do_syscall_64+0x3b/0x90 [ 173.359004] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.359421] RIP: 0033:0x7f4b87518a4d [ 173.359712] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.360185] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.360776] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.361327] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.361877] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.362425] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.362991] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.363559] [ 173.363743] irq event stamp: 0 [ 173.363987] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.364476] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.365120] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.365761] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.366249] ---[ end trace 0000000000000000 ]--- [ 173.370777] ------------[ cut here ]------------ [ 173.371217] WARNING: CPU: 0 PID: 1643 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.371983] Modules linked in: [ 173.372226] CPU: 0 PID: 1643 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.372882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.373718] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.374091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.375651] RSP: 0018:ffff888016d37bb8 EFLAGS: 00010246 [ 173.376053] RAX: 0000000000000000 RBX: ffff88800b9e68a8 RCX: 0000000000000000 [ 173.376588] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 173.377117] RBP: ffff888016d37bd0 R08: ffffed100173cd33 R09: ffffed100173cd33 [ 173.377648] R10: ffff88800b9e6993 R11: ffffed100173cd32 R12: ffff88801226d800 [ 173.378179] R13: ffff88800b9e69e8 R14: ffffffff8352e670 R15: ffff888016d37e68 [ 173.378725] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.379340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.379774] CR2: 0000000020000140 CR3: 0000000013a7a000 CR4: 0000000000750ef0 [ 173.380307] PKRU: 55555554 [ 173.380523] Call Trace: [ 173.380716] [ 173.380887] __iommufd_access_detach+0x1c2/0x2b0 [ 173.381259] iommufd_access_change_pt+0x149/0x270 [ 173.381633] iommufd_access_replace+0xb4/0x120 [ 173.381988] iommufd_test+0x3e5/0x37e0 [ 173.382284] ? lock_release+0x532/0x770 [ 173.382608] ? __might_fault+0x102/0x1b0 [ 173.382924] ? lock_acquire+0x427/0x4c0 [ 173.383247] ? __pfx_iommufd_test+0x10/0x10 [ 173.383575] ? __pfx_lock_release+0x10/0x10 [ 173.383909] ? __pfx_lock_acquire+0x10/0x10 [ 173.384249] ? write_comp_data+0x2f/0x90 [ 173.384568] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.384944] ? write_comp_data+0x2f/0x90 [ 173.385266] iommufd_fops_ioctl+0x37d/0x510 [ 173.385596] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.385970] ? write_comp_data+0x2f/0x90 [ 173.386288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.386673] __x64_sys_ioctl+0x1a3/0x230 [ 173.386994] do_syscall_64+0x3b/0x90 [ 173.387295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.387699] RIP: 0033:0x7f4b8743ee5d [ 173.387985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.389359] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.389933] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.390463] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.391019] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.391567] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.392104] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.392651] [ 173.392829] irq event stamp: 0 [ 173.393068] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.393544] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.394176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.394824] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.395311] ---[ end trace 0000000000000000 ]--- [ 173.398005] ------------[ cut here ]------------ [ 173.398394] WARNING: CPU: 0 PID: 1643 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.399193] Modules linked in: [ 173.399438] CPU: 0 PID: 1643 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.400096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.400943] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.401319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.402702] RSP: 0018:ffff888016d37bd0 EFLAGS: 00010246 [ 173.403103] RAX: 0000000000000000 RBX: ffff88800b9e68a8 RCX: 0000000000000000 [ 173.403670] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 173.404204] RBP: ffff888016d37be8 R08: ffffed100173cd33 R09: ffffed100173cd33 [ 173.404759] R10: ffff88800b9e6993 R11: ffffed100173cd32 R12: ffff888014580000 [ 173.405294] R13: ffff88800b9e69e8 R14: ffff888010c53500 R15: 0000000000000000 [ 173.405828] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.406429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.406886] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.407435] PKRU: 55555554 [ 173.407651] Call Trace: [ 173.407847] [ 173.408020] iommufd_access_destroy_object+0x65/0x170 [ 173.408415] iommufd_object_destroy_user+0x18e/0x220 [ 173.408807] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.409250] iommufd_access_destroy+0x43/0x70 [ 173.409598] iommufd_test_staccess_release+0x8d/0xd0 [ 173.409993] __fput+0x26d/0xa40 [ 173.410259] ____fput+0x1e/0x30 [ 173.410536] task_work_run+0x1a4/0x2d0 [ 173.410837] ? __pfx_task_work_run+0x10/0x10 [ 173.411183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.411565] ? switch_task_namespaces+0xa9/0xe0 [ 173.411928] do_exit+0xb17/0x2ef0 [ 173.412193] ? lock_acquire+0x427/0x4c0 [ 173.412505] ? __pfx_lock_release+0x10/0x10 [ 173.412838] ? __kasan_check_write+0x18/0x20 [ 173.413175] ? do_raw_spin_lock+0x132/0x2a0 [ 173.413502] ? __pfx_do_exit+0x10/0x10 [ 173.413805] ? debug_smp_processor_id+0x20/0x30 [ 173.414162] ? rcu_is_watching+0x19/0xb0 [ 173.414475] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.414840] ? trace_hardirqs_on+0x26/0x120 [ 173.415183] do_group_exit+0xe0/0x2b0 [ 173.415475] __x64_sys_exit_group+0x47/0x50 [ 173.415800] do_syscall_64+0x3b/0x90 [ 173.416091] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.416490] RIP: 0033:0x7f4b87518a4d [ 173.416775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.417242] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.417814] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.418348] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.418909] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.419460] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.419997] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.420542] [ 173.420724] irq event stamp: 0 [ 173.420962] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.421434] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.422062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.422705] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.423189] ---[ end trace 0000000000000000 ]--- [ 173.423866] ------------[ cut here ]------------ [ 173.424224] WARNING: CPU: 0 PID: 1643 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.424990] Modules linked in: [ 173.425231] CPU: 0 PID: 1643 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.425887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.426747] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.427142] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.428530] RSP: 0018:ffff888016d37b78 EFLAGS: 00010246 [ 173.428932] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.429465] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 173.429999] RBP: ffff888016d37b98 R08: ffffed100173cd3e R09: ffffed100173cd3e [ 173.430561] R10: ffff88800b9e69ef R11: ffffed100173cd3d R12: ffff88800b9e6a90 [ 173.431093] R13: ffff88800b9e68a8 R14: ffffffffffffffff R15: ffff888016d37c60 [ 173.431636] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.432237] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.432677] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.433217] PKRU: 55555554 [ 173.433431] Call Trace: [ 173.433627] [ 173.433800] iommufd_ioas_destroy+0x53/0x70 [ 173.434133] iommufd_fops_release+0x1f7/0x370 [ 173.434481] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.434884] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.435268] ? write_comp_data+0x2f/0x90 [ 173.435592] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.435979] __fput+0x26d/0xa40 [ 173.436246] ____fput+0x1e/0x30 [ 173.436505] task_work_run+0x1a4/0x2d0 [ 173.436813] ? __pfx_task_work_run+0x10/0x10 [ 173.437153] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.437531] ? switch_task_namespaces+0xa9/0xe0 [ 173.437899] do_exit+0xb17/0x2ef0 [ 173.438233] ? lock_acquire+0x427/0x4c0 [ 173.438880] ? __pfx_lock_release+0x10/0x10 [ 173.439242] ? __kasan_check_write+0x18/0x20 [ 173.439581] ? do_raw_spin_lock+0x132/0x2a0 [ 173.439908] ? __pfx_do_exit+0x10/0x10 [ 173.440212] ? debug_smp_processor_id+0x20/0x30 [ 173.440568] ? rcu_is_watching+0x19/0xb0 [ 173.440878] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.441311] ? trace_hardirqs_on+0x26/0x120 [ 173.441734] do_group_exit+0xe0/0x2b0 [ 173.442026] __x64_sys_exit_group+0x47/0x50 [ 173.442353] do_syscall_64+0x3b/0x90 [ 173.442661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.443062] RIP: 0033:0x7f4b87518a4d [ 173.443359] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.443825] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.444398] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.444931] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.445644] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.446179] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.446733] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.447289] [ 173.447479] irq event stamp: 0 [ 173.447717] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.448192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.448988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.449620] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.450095] ---[ end trace 0000000000000000 ]--- [ 173.453824] ------------[ cut here ]------------ [ 173.454200] WARNING: CPU: 0 PID: 1644 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.455031] Modules linked in: [ 173.455418] CPU: 0 PID: 1644 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.456079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.456927] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.457307] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.458860] RSP: 0018:ffff888013497bb8 EFLAGS: 00010246 [ 173.459281] RAX: 0000000000000000 RBX: ffff888017bbf8a8 RCX: 0000000000000000 [ 173.459827] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 173.460380] RBP: ffff888013497bd0 R08: ffffed1002f77f33 R09: ffffed1002f77f33 [ 173.460930] R10: ffff888017bbf993 R11: ffffed1002f77f32 R12: ffff888010b0dc00 [ 173.461480] R13: ffff888017bbf9e8 R14: ffffffff8352e670 R15: ffff888013497e68 [ 173.462031] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.462683] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.463151] CR2: 00007f4b877410e8 CR3: 0000000013a7a000 CR4: 0000000000750ef0 [ 173.463709] PKRU: 55555554 [ 173.463930] Call Trace: [ 173.464133] [ 173.464314] __iommufd_access_detach+0x1c2/0x2b0 [ 173.464700] iommufd_access_change_pt+0x149/0x270 [ 173.465084] iommufd_access_replace+0xb4/0x120 [ 173.465451] iommufd_test+0x3e5/0x37e0 [ 173.465756] ? lock_release+0x532/0x770 [ 173.466078] ? __might_fault+0x102/0x1b0 [ 173.466403] ? lock_acquire+0x427/0x4c0 [ 173.466749] ? __pfx_iommufd_test+0x10/0x10 [ 173.467084] ? __pfx_lock_release+0x10/0x10 [ 173.467434] ? __pfx_lock_acquire+0x10/0x10 [ 173.467781] ? write_comp_data+0x2f/0x90 [ 173.468116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.468503] ? write_comp_data+0x2f/0x90 [ 173.468840] iommufd_fops_ioctl+0x37d/0x510 [ 173.469178] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.469565] ? write_comp_data+0x2f/0x90 [ 173.469894] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.470274] __x64_sys_ioctl+0x1a3/0x230 [ 173.470626] do_syscall_64+0x3b/0x90 [ 173.470931] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.471355] RIP: 0033:0x7f4b8743ee5d [ 173.471649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.473059] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.473649] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.474203] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.474781] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.475352] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.475905] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.476468] [ 173.476656] irq event stamp: 0 [ 173.476903] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.477391] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.478039] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.478708] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.479203] ---[ end trace 0000000000000000 ]--- [ 173.482129] ------------[ cut here ]------------ [ 173.482563] WARNING: CPU: 0 PID: 1644 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.483365] Modules linked in: [ 173.483651] CPU: 0 PID: 1644 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.484465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.485336] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.485724] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.487516] RSP: 0018:ffff888013497bd0 EFLAGS: 00010246 [ 173.487940] RAX: 0000000000000000 RBX: ffff888017bbf8a8 RCX: 0000000000000000 [ 173.488490] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 173.489039] RBP: ffff888013497be8 R08: ffffed1002f77f33 R09: ffffed1002f77f33 [ 173.489588] R10: ffff888017bbf993 R11: ffffed1002f77f32 R12: ffff88801226c400 [ 173.490138] R13: ffff888017bbf9e8 R14: ffff888013727500 R15: 0000000000000000 [ 173.490874] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.491508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.491959] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.492509] PKRU: 55555554 [ 173.492732] Call Trace: [ 173.492934] [ 173.493111] iommufd_access_destroy_object+0x65/0x170 [ 173.493554] iommufd_object_destroy_user+0x18e/0x220 [ 173.494113] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.494603] iommufd_access_destroy+0x43/0x70 [ 173.494969] iommufd_test_staccess_release+0x8d/0xd0 [ 173.495392] __fput+0x26d/0xa40 [ 173.495671] ____fput+0x1e/0x30 [ 173.495941] task_work_run+0x1a4/0x2d0 [ 173.496256] ? __pfx_task_work_run+0x10/0x10 [ 173.496641] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.497094] ? switch_task_namespaces+0xa9/0xe0 [ 173.497697] do_exit+0xb17/0x2ef0 [ 173.498021] ? lock_acquire+0x427/0x4c0 [ 173.498385] ? __pfx_lock_release+0x10/0x10 [ 173.498819] ? __kasan_check_write+0x18/0x20 [ 173.499232] ? do_raw_spin_lock+0x132/0x2a0 [ 173.499620] ? __pfx_do_exit+0x10/0x10 [ 173.499977] ? debug_smp_processor_id+0x20/0x30 [ 173.500393] ? rcu_is_watching+0x19/0xb0 [ 173.500787] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.501321] ? trace_hardirqs_on+0x26/0x120 [ 173.501715] do_group_exit+0xe0/0x2b0 [ 173.502058] __x64_sys_exit_group+0x47/0x50 [ 173.502452] do_syscall_64+0x3b/0x90 [ 173.502840] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.503345] RIP: 0033:0x7f4b87518a4d [ 173.503697] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.504269] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.505145] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.505798] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.506438] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.507102] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.507772] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.508621] [ 173.508841] irq event stamp: 0 [ 173.509132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.509701] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.510457] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.511330] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.512047] ---[ end trace 0000000000000000 ]--- [ 173.512803] ------------[ cut here ]------------ [ 173.513232] WARNING: CPU: 0 PID: 1644 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.514167] Modules linked in: [ 173.514488] CPU: 0 PID: 1644 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.515568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.516624] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.517112] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.519060] RSP: 0018:ffff888013497b78 EFLAGS: 00010246 [ 173.519569] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.520214] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 173.520875] RBP: ffff888013497b98 R08: ffffed1002f77f3e R09: ffffed1002f77f3e [ 173.521572] R10: ffff888017bbf9ef R11: ffffed1002f77f3d R12: ffff888017bbfa90 [ 173.522417] R13: ffff888017bbf8a8 R14: ffffffffffffffff R15: ffff888013497c60 [ 173.523134] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.523905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.524436] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.525160] PKRU: 55555554 [ 173.525628] Call Trace: [ 173.525887] [ 173.526109] iommufd_ioas_destroy+0x53/0x70 [ 173.526576] iommufd_fops_release+0x1f7/0x370 [ 173.527027] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.527541] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.528027] ? write_comp_data+0x2f/0x90 [ 173.528433] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.528998] __fput+0x26d/0xa40 [ 173.529510] ____fput+0x1e/0x30 [ 173.529845] task_work_run+0x1a4/0x2d0 [ 173.530226] ? __pfx_task_work_run+0x10/0x10 [ 173.530687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.531180] ? switch_task_namespaces+0xa9/0xe0 [ 173.531642] do_exit+0xb17/0x2ef0 [ 173.531984] ? lock_acquire+0x427/0x4c0 [ 173.532387] ? __pfx_lock_release+0x10/0x10 [ 173.532840] ? __kasan_check_write+0x18/0x20 [ 173.533463] ? do_raw_spin_lock+0x132/0x2a0 [ 173.533889] ? __pfx_do_exit+0x10/0x10 [ 173.534279] ? debug_smp_processor_id+0x20/0x30 [ 173.534781] ? rcu_is_watching+0x19/0xb0 [ 173.535200] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.535652] ? trace_hardirqs_on+0x26/0x120 [ 173.536089] do_group_exit+0xe0/0x2b0 [ 173.536471] __x64_sys_exit_group+0x47/0x50 [ 173.536998] do_syscall_64+0x3b/0x90 [ 173.537529] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.538051] RIP: 0033:0x7f4b87518a4d [ 173.538433] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.539095] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.539892] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.540625] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.541552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.542268] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.543030] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.543786] [ 173.544028] irq event stamp: 0 [ 173.544355] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.545250] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.546124] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.547048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.547726] ---[ end trace 0000000000000000 ]--- [ 173.552409] ------------[ cut here ]------------ [ 173.552977] WARNING: CPU: 0 PID: 1645 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.554062] Modules linked in: [ 173.554420] CPU: 0 PID: 1645 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.555506] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.556917] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.557674] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.559718] RSP: 0018:ffff8880161dfbb8 EFLAGS: 00010246 [ 173.560303] RAX: 0000000000000000 RBX: ffff8880143a18a8 RCX: 0000000000000000 [ 173.561073] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 173.561840] RBP: ffff8880161dfbd0 R08: ffffed1002874333 R09: ffffed1002874333 [ 173.562640] R10: ffff8880143a1993 R11: ffffed1002874332 R12: ffff888013da4c00 [ 173.563448] R13: ffff8880143a19e8 R14: ffffffff8352e670 R15: ffff8880161dfe68 [ 173.564246] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.565132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.565753] CR2: 0000000020000140 CR3: 0000000013a7a000 CR4: 0000000000750ef0 [ 173.566567] PKRU: 55555554 [ 173.566882] Call Trace: [ 173.567174] [ 173.567416] __iommufd_access_detach+0x1c2/0x2b0 [ 173.567948] iommufd_access_change_pt+0x149/0x270 [ 173.568480] iommufd_access_replace+0xb4/0x120 [ 173.568988] iommufd_test+0x3e5/0x37e0 [ 173.569417] ? lock_release+0x532/0x770 [ 173.569869] ? __might_fault+0x102/0x1b0 [ 173.570327] ? lock_acquire+0x427/0x4c0 [ 173.570821] ? __pfx_iommufd_test+0x10/0x10 [ 173.571315] ? __pfx_lock_release+0x10/0x10 [ 173.571794] ? __pfx_lock_acquire+0x10/0x10 [ 173.572269] ? write_comp_data+0x2f/0x90 [ 173.572716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.573243] ? write_comp_data+0x2f/0x90 [ 173.573693] iommufd_fops_ioctl+0x37d/0x510 [ 173.574163] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.574729] ? write_comp_data+0x2f/0x90 [ 173.575203] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.575738] __x64_sys_ioctl+0x1a3/0x230 [ 173.576190] do_syscall_64+0x3b/0x90 [ 173.576614] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.577177] RIP: 0033:0x7f4b8743ee5d [ 173.577578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.579603] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.580458] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.581238] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.582014] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.582823] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.583613] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.584398] [ 173.584650] irq event stamp: 0 [ 173.584999] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.585706] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.586699] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.587684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.588402] ---[ end trace 0000000000000000 ]--- [ 173.592332] ------------[ cut here ]------------ [ 173.592915] WARNING: CPU: 0 PID: 1645 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.594055] Modules linked in: [ 173.594578] CPU: 0 PID: 1645 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.595807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.597078] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.597642] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.600078] RSP: 0018:ffff8880161dfbd0 EFLAGS: 00010246 [ 173.600693] RAX: 0000000000000000 RBX: ffff8880143a18a8 RCX: 0000000000000000 [ 173.601488] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 173.602291] RBP: ffff8880161dfbe8 R08: ffffed1002874333 R09: ffffed1002874333 [ 173.603460] R10: ffff8880143a1993 R11: ffffed1002874332 R12: ffff888010b0cc00 [ 173.604283] R13: ffff8880143a19e8 R14: ffff88800f935600 R15: 0000000000000000 [ 173.605079] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.605974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.606670] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.607560] PKRU: 55555554 [ 173.608131] Call Trace: [ 173.608421] [ 173.608669] iommufd_access_destroy_object+0x65/0x170 [ 173.609252] iommufd_object_destroy_user+0x18e/0x220 [ 173.609820] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.610466] iommufd_access_destroy+0x43/0x70 [ 173.611024] iommufd_test_staccess_release+0x8d/0xd0 [ 173.611947] __fput+0x26d/0xa40 [ 173.612343] ____fput+0x1e/0x30 [ 173.612723] task_work_run+0x1a4/0x2d0 [ 173.613171] ? __pfx_task_work_run+0x10/0x10 [ 173.613661] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.614218] ? switch_task_namespaces+0xa9/0xe0 [ 173.614812] do_exit+0xb17/0x2ef0 [ 173.615237] ? lock_acquire+0x427/0x4c0 [ 173.615707] ? __pfx_lock_release+0x10/0x10 [ 173.616245] ? __kasan_check_write+0x18/0x20 [ 173.617017] ? do_raw_spin_lock+0x132/0x2a0 [ 173.617520] ? __pfx_do_exit+0x10/0x10 [ 173.617962] ? debug_smp_processor_id+0x20/0x30 [ 173.618487] ? rcu_is_watching+0x19/0xb0 [ 173.618985] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.619516] ? trace_hardirqs_on+0x26/0x120 [ 173.620004] do_group_exit+0xe0/0x2b0 [ 173.620533] __x64_sys_exit_group+0x47/0x50 [ 173.621237] do_syscall_64+0x3b/0x90 [ 173.621670] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.622268] RIP: 0033:0x7f4b87518a4d [ 173.622717] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.623384] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.624190] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.624945] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.625777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.626833] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.627586] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.628319] [ 173.628565] irq event stamp: 0 [ 173.628888] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.629538] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.630711] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.631785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.632445] ---[ end trace 0000000000000000 ]--- [ 173.633331] ------------[ cut here ]------------ [ 173.633831] WARNING: CPU: 0 PID: 1645 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.635039] Modules linked in: [ 173.635591] CPU: 0 PID: 1645 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.636509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.637712] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.638273] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.640711] RSP: 0018:ffff8880161dfb78 EFLAGS: 00010246 [ 173.641291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.642029] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 173.642790] RBP: ffff8880161dfb98 R08: ffffed100287433e R09: ffffed100287433e [ 173.643541] R10: ffff8880143a19ef R11: ffffed100287433d R12: ffff8880143a1a90 [ 173.644299] R13: ffff8880143a18a8 R14: ffffffffffffffff R15: ffff8880161dfc60 [ 173.645161] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.646319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.646980] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.647736] PKRU: 55555554 [ 173.648031] Call Trace: [ 173.648297] [ 173.648529] iommufd_ioas_destroy+0x53/0x70 [ 173.648983] iommufd_fops_release+0x1f7/0x370 [ 173.649459] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.650056] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.650797] ? write_comp_data+0x2f/0x90 [ 173.651400] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.651955] __fput+0x26d/0xa40 [ 173.652313] ____fput+0x1e/0x30 [ 173.652660] task_work_run+0x1a4/0x2d0 [ 173.653074] ? __pfx_task_work_run+0x10/0x10 [ 173.653552] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.654082] ? switch_task_namespaces+0xa9/0xe0 [ 173.654639] do_exit+0xb17/0x2ef0 [ 173.655015] ? lock_acquire+0x427/0x4c0 [ 173.655478] ? __pfx_lock_release+0x10/0x10 [ 173.655948] ? __kasan_check_write+0x18/0x20 [ 173.656576] ? do_raw_spin_lock+0x132/0x2a0 [ 173.657191] ? __pfx_do_exit+0x10/0x10 [ 173.657807] ? debug_smp_processor_id+0x20/0x30 [ 173.658307] ? rcu_is_watching+0x19/0xb0 [ 173.658787] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.659295] ? trace_hardirqs_on+0x26/0x120 [ 173.659758] do_group_exit+0xe0/0x2b0 [ 173.660162] __x64_sys_exit_group+0x47/0x50 [ 173.660616] do_syscall_64+0x3b/0x90 [ 173.661021] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.661641] RIP: 0033:0x7f4b87518a4d [ 173.662162] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.663073] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.663885] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.664609] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.665331] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.666058] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.667043] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.668008] [ 173.668255] irq event stamp: 0 [ 173.668581] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.669238] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.670107] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.671011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.671716] ---[ end trace 0000000000000000 ]--- [ 173.677029] ------------[ cut here ]------------ [ 173.677550] WARNING: CPU: 0 PID: 1646 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.678648] Modules linked in: [ 173.678978] CPU: 0 PID: 1646 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.680121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.681686] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.682207] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.684167] RSP: 0018:ffff888013497bb8 EFLAGS: 00010246 [ 173.684946] RAX: 0000000000000000 RBX: ffff888016de90a8 RCX: 0000000000000000 [ 173.686082] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 173.686904] RBP: ffff888013497bd0 R08: ffffed1002dbd233 R09: ffffed1002dbd233 [ 173.687709] R10: ffff888016de9193 R11: ffffed1002dbd232 R12: ffff8880138ad400 [ 173.688466] R13: ffff888016de91e8 R14: ffffffff8352e670 R15: ffff888013497e68 [ 173.689232] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.690092] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.690810] CR2: 00007f4b877410e8 CR3: 0000000013a7a000 CR4: 0000000000750ef0 [ 173.691890] PKRU: 55555554 [ 173.692205] Call Trace: [ 173.692480] [ 173.692722] __iommufd_access_detach+0x1c2/0x2b0 [ 173.693260] iommufd_access_change_pt+0x149/0x270 [ 173.693794] iommufd_access_replace+0xb4/0x120 [ 173.694292] iommufd_test+0x3e5/0x37e0 [ 173.694746] ? lock_release+0x532/0x770 [ 173.695210] ? __might_fault+0x102/0x1b0 [ 173.695776] ? lock_acquire+0x427/0x4c0 [ 173.696366] ? __pfx_iommufd_test+0x10/0x10 [ 173.697016] ? __pfx_lock_release+0x10/0x10 [ 173.697495] ? __pfx_lock_acquire+0x10/0x10 [ 173.697973] ? write_comp_data+0x2f/0x90 [ 173.698428] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.698981] ? write_comp_data+0x2f/0x90 [ 173.699452] iommufd_fops_ioctl+0x37d/0x510 [ 173.699924] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.700593] ? write_comp_data+0x2f/0x90 [ 173.701196] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.701825] __x64_sys_ioctl+0x1a3/0x230 [ 173.702283] do_syscall_64+0x3b/0x90 [ 173.702731] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.703315] RIP: 0033:0x7f4b8743ee5d [ 173.703716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.706028] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.707041] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.707816] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.708583] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.709356] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.710263] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.711412] [ 173.711670] irq event stamp: 0 [ 173.712010] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.712687] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.713630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.714546] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.715351] ---[ end trace 0000000000000000 ]--- [ 173.720680] ------------[ cut here ]------------ [ 173.721212] WARNING: CPU: 0 PID: 1646 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.722281] Modules linked in: [ 173.722728] CPU: 0 PID: 1646 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.723702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.725133] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.725888] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.727909] RSP: 0018:ffff888013497bd0 EFLAGS: 00010246 [ 173.728499] RAX: 0000000000000000 RBX: ffff888016de90a8 RCX: 0000000000000000 [ 173.729277] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 173.730046] RBP: ffff888013497be8 R08: ffffed1002dbd233 R09: ffffed1002dbd233 [ 173.730838] R10: ffff888016de9193 R11: ffffed1002dbd232 R12: ffff888013da6400 [ 173.731619] R13: ffff888016de91e8 R14: ffff88800fd78600 R15: 0000000000000000 [ 173.732377] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.733233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.733855] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 173.734644] PKRU: 55555554 [ 173.734952] Call Trace: [ 173.735245] [ 173.735490] iommufd_access_destroy_object+0x65/0x170 [ 173.736047] iommufd_object_destroy_user+0x18e/0x220 [ 173.736596] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.737224] iommufd_access_destroy+0x43/0x70 [ 173.737722] iommufd_test_staccess_release+0x8d/0xd0 [ 173.738271] __fput+0x26d/0xa40 [ 173.738685] ____fput+0x1e/0x30 [ 173.739055] task_work_run+0x1a4/0x2d0 [ 173.739502] ? __pfx_task_work_run+0x10/0x10 [ 173.739972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.740504] ? switch_task_namespaces+0xa9/0xe0 [ 173.741016] do_exit+0xb17/0x2ef0 [ 173.741397] ? lock_acquire+0x427/0x4c0 [ 173.741833] ? __pfx_lock_release+0x10/0x10 [ 173.742302] ? __kasan_check_write+0x18/0x20 [ 173.742807] ? do_raw_spin_lock+0x132/0x2a0 [ 173.743289] ? __pfx_do_exit+0x10/0x10 [ 173.743722] ? debug_smp_processor_id+0x20/0x30 [ 173.744233] ? rcu_is_watching+0x19/0xb0 [ 173.744676] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.745172] ? trace_hardirqs_on+0x26/0x120 [ 173.745648] do_group_exit+0xe0/0x2b0 [ 173.746065] __x64_sys_exit_group+0x47/0x50 [ 173.746559] do_syscall_64+0x3b/0x90 [ 173.746963] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.747539] RIP: 0033:0x7f4b87518a4d [ 173.747944] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.748603] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.749410] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.750166] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.750960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.751803] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.752619] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.753422] [ 173.753703] irq event stamp: 0 [ 173.754081] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.754851] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.755828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.756749] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.757451] ---[ end trace 0000000000000000 ]--- [ 173.758885] ------------[ cut here ]------------ [ 173.759438] WARNING: CPU: 0 PID: 1646 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.760574] Modules linked in: [ 173.760938] CPU: 0 PID: 1646 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.761925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.763574] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.764170] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.766203] RSP: 0018:ffff888013497b78 EFLAGS: 00010246 [ 173.766852] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.767664] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 173.768527] RBP: ffff888013497b98 R08: ffffed1002dbd23e R09: ffffed1002dbd23e [ 173.769590] R10: ffff888016de91ef R11: ffffed1002dbd23d R12: ffff888016de9290 [ 173.770391] R13: ffff888016de90a8 R14: ffffffffffffffff R15: ffff888013497c60 [ 173.771246] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.772161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.772826] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 173.773895] PKRU: 55555554 [ 173.774231] Call Trace: [ 173.774572] [ 173.774835] iommufd_ioas_destroy+0x53/0x70 [ 173.775354] iommufd_fops_release+0x1f7/0x370 [ 173.775863] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.776423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.776980] ? write_comp_data+0x2f/0x90 [ 173.777440] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.778288] __fput+0x26d/0xa40 [ 173.778742] ____fput+0x1e/0x30 [ 173.779146] task_work_run+0x1a4/0x2d0 [ 173.779603] ? __pfx_task_work_run+0x10/0x10 [ 173.780121] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.780685] ? switch_task_namespaces+0xa9/0xe0 [ 173.781232] do_exit+0xb17/0x2ef0 [ 173.781632] ? lock_acquire+0x427/0x4c0 [ 173.782102] ? __pfx_lock_release+0x10/0x10 [ 173.782937] ? __kasan_check_write+0x18/0x20 [ 173.783465] ? do_raw_spin_lock+0x132/0x2a0 [ 173.783952] ? __pfx_do_exit+0x10/0x10 [ 173.784407] ? debug_smp_processor_id+0x20/0x30 [ 173.784940] ? rcu_is_watching+0x19/0xb0 [ 173.785395] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.785906] ? trace_hardirqs_on+0x26/0x120 [ 173.786409] do_group_exit+0xe0/0x2b0 [ 173.786956] __x64_sys_exit_group+0x47/0x50 [ 173.787624] do_syscall_64+0x3b/0x90 [ 173.788062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.788651] RIP: 0033:0x7f4b87518a4d [ 173.789072] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.789758] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.790650] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.791470] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.792572] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.793366] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.794151] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.795013] [ 173.795298] irq event stamp: 0 [ 173.795648] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.796628] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.797565] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.798497] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.799278] ---[ end trace 0000000000000000 ]--- [ 173.806819] ------------[ cut here ]------------ [ 173.807415] WARNING: CPU: 0 PID: 1647 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.808584] Modules linked in: [ 173.809183] CPU: 0 PID: 1647 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.810152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.811526] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.812102] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.814422] RSP: 0018:ffff8880183b7bb8 EFLAGS: 00010246 [ 173.815090] RAX: 0000000000000000 RBX: ffff888010b7e8a8 RCX: 0000000000000000 [ 173.815921] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 173.816989] RBP: ffff8880183b7bd0 R08: ffffed100216fd33 R09: ffffed100216fd33 [ 173.817793] R10: ffff888010b7e993 R11: ffffed100216fd32 R12: ffff888010e00400 [ 173.818618] R13: ffff888010b7e9e8 R14: ffffffff8352e670 R15: ffff8880183b7e68 [ 173.819428] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.820579] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.821230] CR2: 0000000020000140 CR3: 0000000021872000 CR4: 0000000000750ef0 [ 173.822023] PKRU: 55555554 [ 173.822337] Call Trace: [ 173.822654] [ 173.822909] __iommufd_access_detach+0x1c2/0x2b0 [ 173.823532] iommufd_access_change_pt+0x149/0x270 [ 173.824287] iommufd_access_replace+0xb4/0x120 [ 173.824827] iommufd_test+0x3e5/0x37e0 [ 173.825275] ? lock_release+0x532/0x770 [ 173.825732] ? __might_fault+0x102/0x1b0 [ 173.826210] ? lock_acquire+0x427/0x4c0 [ 173.826719] ? __pfx_iommufd_test+0x10/0x10 [ 173.827291] ? __pfx_lock_release+0x10/0x10 [ 173.827991] ? __pfx_lock_acquire+0x10/0x10 [ 173.828500] ? write_comp_data+0x2f/0x90 [ 173.828979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.829532] ? write_comp_data+0x2f/0x90 [ 173.830003] iommufd_fops_ioctl+0x37d/0x510 [ 173.830575] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.831717] ? write_comp_data+0x2f/0x90 [ 173.832324] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.832996] __x64_sys_ioctl+0x1a3/0x230 [ 173.833573] do_syscall_64+0x3b/0x90 [ 173.834097] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.835348] RIP: 0033:0x7f4b8743ee5d [ 173.835898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.838795] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.839898] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.840865] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.841872] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.843155] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.844154] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.845156] [ 173.845511] irq event stamp: 0 [ 173.846068] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.847207] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.848125] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.848976] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.849806] ---[ end trace 0000000000000000 ]--- [ 173.855489] ------------[ cut here ]------------ [ 173.856003] WARNING: CPU: 0 PID: 1647 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.857038] Modules linked in: [ 173.857397] CPU: 0 PID: 1647 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.858702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.860020] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.860550] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.862611] RSP: 0018:ffff8880183b7bd0 EFLAGS: 00010246 [ 173.863376] RAX: 0000000000000000 RBX: ffff888010b7e8a8 RCX: 0000000000000000 [ 173.864124] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 173.864862] RBP: ffff8880183b7be8 R08: ffffed100216fd33 R09: ffffed100216fd33 [ 173.865600] R10: ffff888010b7e993 R11: ffffed100216fd32 R12: ffff8880138af400 [ 173.866466] R13: ffff888010b7e9e8 R14: ffff8880139bc300 R15: 0000000000000000 [ 173.867612] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.868446] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.869045] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.869789] PKRU: 55555554 [ 173.870094] Call Trace: [ 173.870363] [ 173.870714] iommufd_access_destroy_object+0x65/0x170 [ 173.871509] iommufd_object_destroy_user+0x18e/0x220 [ 173.872042] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.872655] iommufd_access_destroy+0x43/0x70 [ 173.873129] iommufd_test_staccess_release+0x8d/0xd0 [ 173.873663] __fput+0x26d/0xa40 [ 173.874025] ____fput+0x1e/0x30 [ 173.874390] task_work_run+0x1a4/0x2d0 [ 173.874962] ? __pfx_task_work_run+0x10/0x10 [ 173.875651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.876178] ? switch_task_namespaces+0xa9/0xe0 [ 173.876681] do_exit+0xb17/0x2ef0 [ 173.877051] ? lock_acquire+0x427/0x4c0 [ 173.877480] ? __pfx_lock_release+0x10/0x10 [ 173.877943] ? __kasan_check_write+0x18/0x20 [ 173.878566] ? do_raw_spin_lock+0x132/0x2a0 [ 173.879200] ? __pfx_do_exit+0x10/0x10 [ 173.879618] ? debug_smp_processor_id+0x20/0x30 [ 173.880100] ? rcu_is_watching+0x19/0xb0 [ 173.880514] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.880985] ? trace_hardirqs_on+0x26/0x120 [ 173.881438] do_group_exit+0xe0/0x2b0 [ 173.881838] __x64_sys_exit_group+0x47/0x50 [ 173.882279] do_syscall_64+0x3b/0x90 [ 173.882713] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.883262] RIP: 0033:0x7f4b87518a4d [ 173.883642] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.884258] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.885204] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.886280] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.887041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.887772] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.888487] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.889301] [ 173.889624] irq event stamp: 0 [ 173.890163] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.890853] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.891737] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.892585] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.893234] ---[ end trace 0000000000000000 ]--- [ 173.894133] ------------[ cut here ]------------ [ 173.894737] WARNING: CPU: 0 PID: 1647 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 173.896014] Modules linked in: [ 173.896355] CPU: 0 PID: 1647 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.897244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.898467] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 173.899241] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 173.901216] RSP: 0018:ffff8880183b7b78 EFLAGS: 00010246 [ 173.901775] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 173.902619] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 173.903716] RBP: ffff8880183b7b98 R08: ffffed100216fd3e R09: ffffed100216fd3e [ 173.904455] R10: ffff888010b7e9ef R11: ffffed100216fd3d R12: ffff888010b7ea90 [ 173.905187] R13: ffff888010b7e8a8 R14: ffffffffffffffff R15: ffff8880183b7c60 [ 173.905915] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.906879] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.907819] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.908553] PKRU: 55555554 [ 173.908850] Call Trace: [ 173.909112] [ 173.909352] iommufd_ioas_destroy+0x53/0x70 [ 173.909807] iommufd_fops_release+0x1f7/0x370 [ 173.910283] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.910858] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.911573] ? write_comp_data+0x2f/0x90 [ 173.912197] ? __pfx_iommufd_fops_release+0x10/0x10 [ 173.912717] __fput+0x26d/0xa40 [ 173.913086] ____fput+0x1e/0x30 [ 173.913438] task_work_run+0x1a4/0x2d0 [ 173.913849] ? __pfx_task_work_run+0x10/0x10 [ 173.914311] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.914853] ? switch_task_namespaces+0xa9/0xe0 [ 173.915527] do_exit+0xb17/0x2ef0 [ 173.916064] ? lock_acquire+0x427/0x4c0 [ 173.916489] ? __pfx_lock_release+0x10/0x10 [ 173.916948] ? __kasan_check_write+0x18/0x20 [ 173.917417] ? do_raw_spin_lock+0x132/0x2a0 [ 173.917873] ? __pfx_do_exit+0x10/0x10 [ 173.918292] ? debug_smp_processor_id+0x20/0x30 [ 173.918812] ? rcu_is_watching+0x19/0xb0 [ 173.919405] ? _raw_spin_unlock_irq+0x2b/0x60 [ 173.920069] ? trace_hardirqs_on+0x26/0x120 [ 173.920696] do_group_exit+0xe0/0x2b0 [ 173.921107] __x64_sys_exit_group+0x47/0x50 [ 173.921555] do_syscall_64+0x3b/0x90 [ 173.921947] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.922492] RIP: 0033:0x7f4b87518a4d [ 173.922914] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 173.923625] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 173.924739] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 173.925484] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 173.926221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 173.926977] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 173.927784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 173.928790] [ 173.929194] irq event stamp: 0 [ 173.929520] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.930176] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.931062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.931940] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.932793] ---[ end trace 0000000000000000 ]--- [ 173.940348] ------------[ cut here ]------------ [ 173.941030] WARNING: CPU: 0 PID: 1648 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.942305] Modules linked in: [ 173.942690] CPU: 0 PID: 1648 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.943640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.944987] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.945798] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.947770] RSP: 0018:ffff888013497bb8 EFLAGS: 00010246 [ 173.948333] RAX: 0000000000000000 RBX: ffff88800cb908a8 RCX: 0000000000000000 [ 173.949224] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 173.950306] RBP: ffff888013497bd0 R08: ffffed1001972133 R09: ffffed1001972133 [ 173.951077] R10: ffff88800cb90993 R11: ffffed1001972132 R12: ffff888014582c00 [ 173.951842] R13: ffff88800cb909e8 R14: ffffffff8352e670 R15: ffff888013497e68 [ 173.952601] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.953585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.954431] CR2: 00007f4b877410e8 CR3: 0000000021872000 CR4: 0000000000750ef0 [ 173.955419] PKRU: 55555554 [ 173.955729] Call Trace: [ 173.956001] [ 173.956241] __iommufd_access_detach+0x1c2/0x2b0 [ 173.956762] iommufd_access_change_pt+0x149/0x270 [ 173.957281] iommufd_access_replace+0xb4/0x120 [ 173.957835] iommufd_test+0x3e5/0x37e0 [ 173.958380] ? lock_release+0x532/0x770 [ 173.958996] ? __might_fault+0x102/0x1b0 [ 173.959457] ? lock_acquire+0x427/0x4c0 [ 173.959897] ? __pfx_iommufd_test+0x10/0x10 [ 173.960364] ? __pfx_lock_release+0x10/0x10 [ 173.960837] ? __pfx_lock_acquire+0x10/0x10 [ 173.961306] ? write_comp_data+0x2f/0x90 [ 173.961887] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 173.962618] ? write_comp_data+0x2f/0x90 [ 173.963232] iommufd_fops_ioctl+0x37d/0x510 [ 173.963698] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.964218] ? write_comp_data+0x2f/0x90 [ 173.964676] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 173.965206] __x64_sys_ioctl+0x1a3/0x230 [ 173.965653] do_syscall_64+0x3b/0x90 [ 173.966143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 173.967044] RIP: 0033:0x7f4b8743ee5d [ 173.967460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 173.969365] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 173.970176] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 173.970977] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 173.971744] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 173.972483] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 173.973234] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 173.974009] [ 173.974257] irq event stamp: 0 [ 173.974623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 173.975308] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 173.976187] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 173.977060] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 173.977726] ---[ end trace 0000000000000000 ]--- [ 173.981595] ------------[ cut here ]------------ [ 173.982128] WARNING: CPU: 0 PID: 1648 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 173.983850] Modules linked in: [ 173.984197] CPU: 0 PID: 1648 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 173.985115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 173.986301] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 173.986877] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 173.988860] RSP: 0018:ffff888013497bd0 EFLAGS: 00010246 [ 173.989605] RAX: 0000000000000000 RBX: ffff88800cb908a8 RCX: 0000000000000000 [ 173.990579] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 173.991352] RBP: ffff888013497be8 R08: ffffed1001972133 R09: ffffed1001972133 [ 173.992106] R10: ffff88800cb90993 R11: ffffed1001972132 R12: ffff888010e00800 [ 173.992855] R13: ffff88800cb909e8 R14: ffff88802187b800 R15: 0000000000000000 [ 173.993705] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 173.994917] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.995547] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 173.996296] PKRU: 55555554 [ 173.996604] Call Trace: [ 173.996875] [ 173.997111] iommufd_access_destroy_object+0x65/0x170 [ 173.997663] iommufd_object_destroy_user+0x18e/0x220 [ 173.998206] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 173.998899] iommufd_access_destroy+0x43/0x70 [ 173.999518] iommufd_test_staccess_release+0x8d/0xd0 [ 174.000250] __fput+0x26d/0xa40 [ 174.000803] ____fput+0x1e/0x30 [ 174.001168] task_work_run+0x1a4/0x2d0 [ 174.001593] ? __pfx_task_work_run+0x10/0x10 [ 174.002067] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.002650] ? switch_task_namespaces+0xa9/0xe0 [ 174.003182] do_exit+0xb17/0x2ef0 [ 174.003564] ? lock_acquire+0x427/0x4c0 [ 174.004132] ? __pfx_lock_release+0x10/0x10 [ 174.004839] ? __kasan_check_write+0x18/0x20 [ 174.005312] ? do_raw_spin_lock+0x132/0x2a0 [ 174.005774] ? __pfx_do_exit+0x10/0x10 [ 174.006204] ? debug_smp_processor_id+0x20/0x30 [ 174.006764] ? rcu_is_watching+0x19/0xb0 [ 174.007224] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.007714] ? trace_hardirqs_on+0x26/0x120 [ 174.008174] do_group_exit+0xe0/0x2b0 [ 174.008574] __x64_sys_exit_group+0x47/0x50 [ 174.009035] do_syscall_64+0x3b/0x90 [ 174.009441] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.010144] RIP: 0033:0x7f4b87518a4d [ 174.010729] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.011579] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.012374] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.013114] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.013855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.014630] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.015601] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.016751] [ 174.017002] irq event stamp: 0 [ 174.017329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.017983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.018896] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.019781] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.020619] ---[ end trace 0000000000000000 ]--- [ 174.022640] ------------[ cut here ]------------ [ 174.023195] WARNING: CPU: 0 PID: 1648 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.024256] Modules linked in: [ 174.024597] CPU: 0 PID: 1648 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.025795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.027241] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.027786] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.029665] RSP: 0018:ffff888013497b78 EFLAGS: 00010246 [ 174.030233] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.031002] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 174.031754] RBP: ffff888013497b98 R08: ffffed100197213e R09: ffffed100197213e [ 174.032501] R10: ffff88800cb909ef R11: ffffed100197213d R12: ffff88800cb90a90 [ 174.033248] R13: ffff88800cb908a8 R14: ffffffffffffffff R15: ffff888013497c60 [ 174.033977] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.034842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.035464] CR2: 00007f82e2bba018 CR3: 0000000014000000 CR4: 0000000000750ef0 [ 174.036205] PKRU: 55555554 [ 174.036500] Call Trace: [ 174.036768] [ 174.037001] iommufd_ioas_destroy+0x53/0x70 [ 174.037460] iommufd_fops_release+0x1f7/0x370 [ 174.037931] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.038442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.038978] ? write_comp_data+0x2f/0x90 [ 174.039425] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.039946] __fput+0x26d/0xa40 [ 174.040309] ____fput+0x1e/0x30 [ 174.040654] task_work_run+0x1a4/0x2d0 [ 174.041062] ? __pfx_task_work_run+0x10/0x10 [ 174.041523] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.042028] ? switch_task_namespaces+0xa9/0xe0 [ 174.042557] do_exit+0xb17/0x2ef0 [ 174.042923] ? lock_acquire+0x427/0x4c0 [ 174.043355] ? __pfx_lock_release+0x10/0x10 [ 174.043805] ? __kasan_check_write+0x18/0x20 [ 174.044262] ? do_raw_spin_lock+0x132/0x2a0 [ 174.044707] ? __pfx_do_exit+0x10/0x10 [ 174.045123] ? debug_smp_processor_id+0x20/0x30 [ 174.045609] ? rcu_is_watching+0x19/0xb0 [ 174.046027] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.046494] ? trace_hardirqs_on+0x26/0x120 [ 174.046998] do_group_exit+0xe0/0x2b0 [ 174.047416] __x64_sys_exit_group+0x47/0x50 [ 174.047860] do_syscall_64+0x3b/0x90 [ 174.048250] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.048792] RIP: 0033:0x7f4b87518a4d [ 174.049173] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.049805] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.050639] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.051388] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.052111] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.052834] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.053573] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.054307] [ 174.054593] irq event stamp: 0 [ 174.054920] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.055586] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.056440] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.057287] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.057927] ---[ end trace 0000000000000000 ]--- [ 174.063455] ------------[ cut here ]------------ [ 174.064012] WARNING: CPU: 0 PID: 1649 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.065362] Modules linked in: [ 174.065834] CPU: 0 PID: 1649 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.066918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.068102] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.068620] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.070485] RSP: 0018:ffff88801299fbb8 EFLAGS: 00010246 [ 174.071077] RAX: 0000000000000000 RBX: ffff88801609c0a8 RCX: 0000000000000000 [ 174.071817] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 174.072536] RBP: ffff88801299fbd0 R08: ffffed1002c13833 R09: ffffed1002c13833 [ 174.073264] R10: ffff88801609c193 R11: ffffed1002c13832 R12: ffff8880129c4000 [ 174.073985] R13: ffff88801609c1e8 R14: ffffffff8352e670 R15: ffff88801299fe68 [ 174.074756] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.075610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.076206] CR2: 00007f4b877410e8 CR3: 000000002087a000 CR4: 0000000000750ef0 [ 174.076935] PKRU: 55555554 [ 174.077227] Call Trace: [ 174.077492] [ 174.077729] __iommufd_access_detach+0x1c2/0x2b0 [ 174.078229] iommufd_access_change_pt+0x149/0x270 [ 174.078763] iommufd_access_replace+0xb4/0x120 [ 174.079251] iommufd_test+0x3e5/0x37e0 [ 174.079650] ? lock_release+0x532/0x770 [ 174.080064] ? __might_fault+0x102/0x1b0 [ 174.080484] ? lock_acquire+0x427/0x4c0 [ 174.080894] ? __pfx_iommufd_test+0x10/0x10 [ 174.081330] ? __pfx_lock_release+0x10/0x10 [ 174.081779] ? __pfx_lock_acquire+0x10/0x10 [ 174.082231] ? write_comp_data+0x2f/0x90 [ 174.082690] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.083211] ? write_comp_data+0x2f/0x90 [ 174.083639] iommufd_fops_ioctl+0x37d/0x510 [ 174.084082] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.084583] ? write_comp_data+0x2f/0x90 [ 174.085008] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.085496] __x64_sys_ioctl+0x1a3/0x230 [ 174.085916] do_syscall_64+0x3b/0x90 [ 174.086299] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.086864] RIP: 0033:0x7f4b8743ee5d [ 174.087276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 174.089098] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 174.089860] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 174.090621] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 174.091375] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 174.092088] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 174.092816] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 174.093536] [ 174.093759] irq event stamp: 0 [ 174.094054] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.094667] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.095452] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.096220] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.096801] ---[ end trace 0000000000000000 ]--- [ 174.100259] ------------[ cut here ]------------ [ 174.100720] WARNING: CPU: 0 PID: 1649 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.101829] Modules linked in: [ 174.102262] CPU: 0 PID: 1649 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.103088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.104105] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.104546] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.106534] RSP: 0018:ffff88801299fbd0 EFLAGS: 00010246 [ 174.107009] RAX: 0000000000000000 RBX: ffff88801609c0a8 RCX: 0000000000000000 [ 174.107657] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 174.108284] RBP: ffff88801299fbe8 R08: ffffed1002c13833 R09: ffffed1002c13833 [ 174.108884] R10: ffff88801609c193 R11: ffffed1002c13832 R12: ffff888014581c00 [ 174.109504] R13: ffff88801609c1e8 R14: ffff88800f126200 R15: 0000000000000000 [ 174.110310] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.111023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.111534] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 174.112134] PKRU: 55555554 [ 174.112376] Call Trace: [ 174.112590] [ 174.112780] iommufd_access_destroy_object+0x65/0x170 [ 174.113243] iommufd_object_destroy_user+0x18e/0x220 [ 174.113854] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 174.114349] iommufd_access_destroy+0x43/0x70 [ 174.114803] iommufd_test_staccess_release+0x8d/0xd0 [ 174.115253] __fput+0x26d/0xa40 [ 174.115549] ____fput+0x1e/0x30 [ 174.115843] task_work_run+0x1a4/0x2d0 [ 174.116188] ? __pfx_task_work_run+0x10/0x10 [ 174.116570] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.116991] ? switch_task_namespaces+0xa9/0xe0 [ 174.117501] do_exit+0xb17/0x2ef0 [ 174.117925] ? lock_acquire+0x427/0x4c0 [ 174.118275] ? __pfx_lock_release+0x10/0x10 [ 174.118677] ? __kasan_check_write+0x18/0x20 [ 174.119058] ? do_raw_spin_lock+0x132/0x2a0 [ 174.119428] ? __pfx_do_exit+0x10/0x10 [ 174.119766] ? debug_smp_processor_id+0x20/0x30 [ 174.120159] ? rcu_is_watching+0x19/0xb0 [ 174.120498] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.120884] ? trace_hardirqs_on+0x26/0x120 [ 174.121346] do_group_exit+0xe0/0x2b0 [ 174.121798] __x64_sys_exit_group+0x47/0x50 [ 174.122158] do_syscall_64+0x3b/0x90 [ 174.122479] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.122946] RIP: 0033:0x7f4b87518a4d [ 174.123279] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.123790] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.124427] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.125072] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.125820] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.126407] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.127017] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.127624] [ 174.127823] irq event stamp: 0 [ 174.128104] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.128818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.129516] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.130215] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.130756] ---[ end trace 0000000000000000 ]--- [ 174.132116] ------------[ cut here ]------------ [ 174.132528] WARNING: CPU: 0 PID: 1649 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.133389] Modules linked in: [ 174.133660] CPU: 0 PID: 1649 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.134478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.135576] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.136002] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.137525] RSP: 0018:ffff88801299fb78 EFLAGS: 00010246 [ 174.137979] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.138592] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 174.139168] RBP: ffff88801299fb98 R08: ffffed1002c1383e R09: ffffed1002c1383e [ 174.139721] R10: ffff88801609c1ef R11: ffffed1002c1383d R12: ffff88801609c290 [ 174.140274] R13: ffff88801609c0a8 R14: ffffffffffffffff R15: ffff88801299fc60 [ 174.140825] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.141449] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.141900] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 174.142456] PKRU: 55555554 [ 174.142695] Call Trace: [ 174.142898] [ 174.143078] iommufd_ioas_destroy+0x53/0x70 [ 174.143441] iommufd_fops_release+0x1f7/0x370 [ 174.143800] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.144197] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.144588] ? write_comp_data+0x2f/0x90 [ 174.144915] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.145308] __fput+0x26d/0xa40 [ 174.145580] ____fput+0x1e/0x30 [ 174.145848] task_work_run+0x1a4/0x2d0 [ 174.146162] ? __pfx_task_work_run+0x10/0x10 [ 174.146530] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.146922] ? switch_task_namespaces+0xa9/0xe0 [ 174.147310] do_exit+0xb17/0x2ef0 [ 174.147584] ? lock_acquire+0x427/0x4c0 [ 174.147903] ? __pfx_lock_release+0x10/0x10 [ 174.148246] ? __kasan_check_write+0x18/0x20 [ 174.148593] ? do_raw_spin_lock+0x132/0x2a0 [ 174.148931] ? __pfx_do_exit+0x10/0x10 [ 174.149242] ? debug_smp_processor_id+0x20/0x30 [ 174.149607] ? rcu_is_watching+0x19/0xb0 [ 174.149926] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.150283] ? trace_hardirqs_on+0x26/0x120 [ 174.150643] do_group_exit+0xe0/0x2b0 [ 174.150943] __x64_sys_exit_group+0x47/0x50 [ 174.151288] do_syscall_64+0x3b/0x90 [ 174.151593] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.152004] RIP: 0033:0x7f4b87518a4d [ 174.152296] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.152780] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.153378] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.153934] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.154482] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.155057] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.155623] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.156185] [ 174.156370] irq event stamp: 0 [ 174.156615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.157104] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.157752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.158396] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.158904] ---[ end trace 0000000000000000 ]--- [ 174.165323] ------------[ cut here ]------------ [ 174.165897] WARNING: CPU: 1 PID: 1650 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.167241] Modules linked in: [ 174.167616] CPU: 1 PID: 1650 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.168639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.169998] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.170691] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.172836] RSP: 0018:ffff888020f97bb8 EFLAGS: 00010246 [ 174.173437] RAX: 0000000000000000 RBX: ffff8880140738a8 RCX: 0000000000000000 [ 174.174322] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 174.175156] RBP: ffff888020f97bd0 R08: ffffed100280e733 R09: ffffed100280e733 [ 174.176022] R10: ffff888014073993 R11: ffffed100280e732 R12: ffff888013da5800 [ 174.176863] R13: ffff8880140739e8 R14: ffffffff8352e670 R15: ffff888020f97e68 [ 174.177682] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.178699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.179391] CR2: 00007f4b877410e8 CR3: 00000000103ca000 CR4: 0000000000750ee0 [ 174.180331] PKRU: 55555554 [ 174.180656] Call Trace: [ 174.180948] [ 174.181211] __iommufd_access_detach+0x1c2/0x2b0 [ 174.181879] iommufd_access_change_pt+0x149/0x270 [ 174.182443] iommufd_access_replace+0xb4/0x120 [ 174.183003] iommufd_test+0x3e5/0x37e0 [ 174.183578] ? lock_release+0x532/0x770 [ 174.184047] ? __might_fault+0x102/0x1b0 [ 174.184518] ? lock_acquire+0x427/0x4c0 [ 174.184982] ? __pfx_iommufd_test+0x10/0x10 [ 174.185562] ? __pfx_lock_release+0x10/0x10 [ 174.186062] ? __pfx_lock_acquire+0x10/0x10 [ 174.186590] ? write_comp_data+0x2f/0x90 [ 174.187141] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.187722] ? write_comp_data+0x2f/0x90 [ 174.188200] iommufd_fops_ioctl+0x37d/0x510 [ 174.188696] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.189262] ? write_comp_data+0x2f/0x90 [ 174.189807] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.190409] __x64_sys_ioctl+0x1a3/0x230 [ 174.190933] do_syscall_64+0x3b/0x90 [ 174.191394] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.192053] RIP: 0033:0x7f4b8743ee5d [ 174.192532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 174.194710] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 174.195576] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 174.196483] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 174.197279] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 174.198187] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 174.199019] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 174.199919] [ 174.200237] irq event stamp: 0 [ 174.200596] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.201300] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.202326] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.203310] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.204059] ---[ end trace 0000000000000000 ]--- [ 174.208790] ------------[ cut here ]------------ [ 174.209363] WARNING: CPU: 1 PID: 1650 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.210675] Modules linked in: [ 174.211047] CPU: 1 PID: 1650 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.212148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.213424] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.214028] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.216211] RSP: 0018:ffff888020f97bd0 EFLAGS: 00010246 [ 174.216818] RAX: 0000000000000000 RBX: ffff8880140738a8 RCX: 0000000000000000 [ 174.217714] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 174.218541] RBP: ffff888020f97be8 R08: ffffed100280e733 R09: ffffed100280e733 [ 174.219463] R10: ffff888014073993 R11: ffffed100280e732 R12: ffff888010c0b400 [ 174.220279] R13: ffff8880140739e8 R14: ffff88802184bf00 R15: 0000000000000000 [ 174.221010] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.222001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.222666] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 174.223633] PKRU: 55555554 [ 174.223970] Call Trace: [ 174.224263] [ 174.224527] iommufd_access_destroy_object+0x65/0x170 [ 174.225147] iommufd_object_destroy_user+0x18e/0x220 [ 174.225879] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 174.226604] iommufd_access_destroy+0x43/0x70 [ 174.227176] iommufd_test_staccess_release+0x8d/0xd0 [ 174.227813] __fput+0x26d/0xa40 [ 174.228214] ____fput+0x1e/0x30 [ 174.228605] task_work_run+0x1a4/0x2d0 [ 174.229116] ? __pfx_task_work_run+0x10/0x10 [ 174.229677] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.230243] ? switch_task_namespaces+0xa9/0xe0 [ 174.230852] do_exit+0xb17/0x2ef0 [ 174.231321] ? lock_acquire+0x427/0x4c0 [ 174.231792] ? __pfx_lock_release+0x10/0x10 [ 174.232296] ? __kasan_check_write+0x18/0x20 [ 174.232811] ? do_raw_spin_lock+0x132/0x2a0 [ 174.233422] ? __pfx_do_exit+0x10/0x10 [ 174.233879] ? debug_smp_processor_id+0x20/0x30 [ 174.234418] ? rcu_is_watching+0x19/0xb0 [ 174.234920] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.235464] ? trace_hardirqs_on+0x26/0x120 [ 174.235975] do_group_exit+0xe0/0x2b0 [ 174.236422] __x64_sys_exit_group+0x47/0x50 [ 174.236921] do_syscall_64+0x3b/0x90 [ 174.237379] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.237993] RIP: 0033:0x7f4b87518a4d [ 174.238430] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.239195] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.240061] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.240874] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.241690] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.242496] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.243370] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.244189] [ 174.244470] irq event stamp: 0 [ 174.244836] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.245544] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.246473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.247465] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.248241] ---[ end trace 0000000000000000 ]--- [ 174.249810] ------------[ cut here ]------------ [ 174.250490] WARNING: CPU: 1 PID: 1650 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.251579] Modules linked in: [ 174.251834] CPU: 1 PID: 1650 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.252552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.253494] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.253892] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.255328] RSP: 0018:ffff888020f97b78 EFLAGS: 00010246 [ 174.255749] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.256292] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 174.256854] RBP: ffff888020f97b98 R08: ffffed100280e73e R09: ffffed100280e73e [ 174.257396] R10: ffff8880140739ef R11: ffffed100280e73d R12: ffff888014073a90 [ 174.257947] R13: ffff8880140738a8 R14: ffffffffffffffff R15: ffff888020f97c60 [ 174.258494] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.259151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.259596] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 174.260153] PKRU: 55555554 [ 174.260375] Call Trace: [ 174.260572] [ 174.260751] iommufd_ioas_destroy+0x53/0x70 [ 174.261100] iommufd_fops_release+0x1f7/0x370 [ 174.261454] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.261843] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.262246] ? write_comp_data+0x2f/0x90 [ 174.262591] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.262981] __fput+0x26d/0xa40 [ 174.263272] ____fput+0x1e/0x30 [ 174.263538] task_work_run+0x1a4/0x2d0 [ 174.263850] ? __pfx_task_work_run+0x10/0x10 [ 174.264198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.264596] ? switch_task_namespaces+0xa9/0xe0 [ 174.264969] do_exit+0xb17/0x2ef0 [ 174.265241] ? lock_acquire+0x427/0x4c0 [ 174.265568] ? __pfx_lock_release+0x10/0x10 [ 174.265910] ? __kasan_check_write+0x18/0x20 [ 174.266256] ? do_raw_spin_lock+0x132/0x2a0 [ 174.266633] ? __pfx_do_exit+0x10/0x10 [ 174.266944] ? debug_smp_processor_id+0x20/0x30 [ 174.267318] ? rcu_is_watching+0x19/0xb0 [ 174.267647] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.268004] ? trace_hardirqs_on+0x26/0x120 [ 174.268347] do_group_exit+0xe0/0x2b0 [ 174.268654] __x64_sys_exit_group+0x47/0x50 [ 174.268989] do_syscall_64+0x3b/0x90 [ 174.269289] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.269714] RIP: 0033:0x7f4b87518a4d [ 174.270003] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.270475] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.271093] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.271651] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.272206] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.272753] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.273310] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.273862] [ 174.274057] irq event stamp: 0 [ 174.274303] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.274808] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.275470] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.276110] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.276582] ---[ end trace 0000000000000000 ]--- [ 174.280794] ------------[ cut here ]------------ [ 174.281175] WARNING: CPU: 1 PID: 1651 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.281942] Modules linked in: [ 174.282182] CPU: 1 PID: 1651 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.282871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.283742] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.284118] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.285486] RSP: 0018:ffff88801855fbb8 EFLAGS: 00010246 [ 174.285896] RAX: 0000000000000000 RBX: ffff8880158368a8 RCX: 0000000000000000 [ 174.286426] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 174.286998] RBP: ffff88801855fbd0 R08: ffffed1002b06d33 R09: ffffed1002b06d33 [ 174.287541] R10: ffff888015836993 R11: ffffed1002b06d32 R12: ffff88801341c800 [ 174.288083] R13: ffff8880158369e8 R14: ffffffff8352e670 R15: ffff88801855fe68 [ 174.288623] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.289243] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.289677] CR2: 0000000020000140 CR3: 000000002087a000 CR4: 0000000000750ee0 [ 174.290219] PKRU: 55555554 [ 174.290431] Call Trace: [ 174.290639] [ 174.290812] __iommufd_access_detach+0x1c2/0x2b0 [ 174.291204] iommufd_access_change_pt+0x149/0x270 [ 174.291587] iommufd_access_replace+0xb4/0x120 [ 174.291947] iommufd_test+0x3e5/0x37e0 [ 174.292241] ? lock_release+0x532/0x770 [ 174.292563] ? __might_fault+0x102/0x1b0 [ 174.292878] ? lock_acquire+0x427/0x4c0 [ 174.293189] ? __pfx_iommufd_test+0x10/0x10 [ 174.293532] ? __pfx_lock_release+0x10/0x10 [ 174.293864] ? __pfx_lock_acquire+0x10/0x10 [ 174.294199] ? write_comp_data+0x2f/0x90 [ 174.294551] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.294928] ? write_comp_data+0x2f/0x90 [ 174.295258] iommufd_fops_ioctl+0x37d/0x510 [ 174.295598] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.295971] ? write_comp_data+0x2f/0x90 [ 174.296286] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.296664] __x64_sys_ioctl+0x1a3/0x230 [ 174.296981] do_syscall_64+0x3b/0x90 [ 174.297273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.297674] RIP: 0033:0x7f4b8743ee5d [ 174.297961] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 174.299376] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 174.299956] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 174.300493] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 174.301038] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 174.301568] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 174.302112] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 174.302666] [ 174.302846] irq event stamp: 0 [ 174.303095] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.303588] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.304229] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.304852] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.305337] ---[ end trace 0000000000000000 ]--- [ 174.308065] ------------[ cut here ]------------ [ 174.308451] WARNING: CPU: 1 PID: 1651 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.309219] Modules linked in: [ 174.309455] CPU: 1 PID: 1651 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.310102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.310999] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.311377] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.312716] RSP: 0018:ffff88801855fbd0 EFLAGS: 00010246 [ 174.313117] RAX: 0000000000000000 RBX: ffff8880158368a8 RCX: 0000000000000000 [ 174.313638] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 174.314170] RBP: ffff88801855fbe8 R08: ffffed1002b06d33 R09: ffffed1002b06d33 [ 174.314704] R10: ffff888015836993 R11: ffffed1002b06d32 R12: ffff888013da5000 [ 174.315244] R13: ffff8880158369e8 R14: ffff8880103e6900 R15: 0000000000000000 [ 174.315770] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.316375] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.316801] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 174.317338] PKRU: 55555554 [ 174.317548] Call Trace: [ 174.317739] [ 174.317907] iommufd_access_destroy_object+0x65/0x170 [ 174.318300] iommufd_object_destroy_user+0x18e/0x220 [ 174.318701] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 174.319146] iommufd_access_destroy+0x43/0x70 [ 174.319501] iommufd_test_staccess_release+0x8d/0xd0 [ 174.319885] __fput+0x26d/0xa40 [ 174.320142] ____fput+0x1e/0x30 [ 174.320404] task_work_run+0x1a4/0x2d0 [ 174.320698] ? __pfx_task_work_run+0x10/0x10 [ 174.321030] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.321399] ? switch_task_namespaces+0xa9/0xe0 [ 174.321763] do_exit+0xb17/0x2ef0 [ 174.322021] ? lock_acquire+0x427/0x4c0 [ 174.322323] ? __pfx_lock_release+0x10/0x10 [ 174.322672] ? __kasan_check_write+0x18/0x20 [ 174.323004] ? do_raw_spin_lock+0x132/0x2a0 [ 174.323337] ? __pfx_do_exit+0x10/0x10 [ 174.323647] ? debug_smp_processor_id+0x20/0x30 [ 174.323994] ? rcu_is_watching+0x19/0xb0 [ 174.324300] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.324647] ? trace_hardirqs_on+0x26/0x120 [ 174.324980] do_group_exit+0xe0/0x2b0 [ 174.325261] __x64_sys_exit_group+0x47/0x50 [ 174.325578] do_syscall_64+0x3b/0x90 [ 174.325870] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.326258] RIP: 0033:0x7f4b87518a4d [ 174.326551] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.327016] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.327579] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.328113] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.328635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.329174] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.329694] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.330230] [ 174.330406] irq event stamp: 0 [ 174.330654] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.331135] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.331749] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.332382] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.332844] ---[ end trace 0000000000000000 ]--- [ 174.333514] ------------[ cut here ]------------ [ 174.333862] WARNING: CPU: 1 PID: 1651 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.334644] Modules linked in: [ 174.334883] CPU: 1 PID: 1651 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.335545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.336377] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.336767] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.338111] RSP: 0018:ffff88801855fb78 EFLAGS: 00010246 [ 174.338500] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.339056] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 174.339584] RBP: ffff88801855fb98 R08: ffffed1002b06d3e R09: ffffed1002b06d3e [ 174.340104] R10: ffff8880158369ef R11: ffffed1002b06d3d R12: ffff888015836a90 [ 174.340619] R13: ffff8880158368a8 R14: ffffffffffffffff R15: ffff88801855fc60 [ 174.341138] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.341715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.342140] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 174.342666] PKRU: 55555554 [ 174.342872] Call Trace: [ 174.343070] [ 174.343243] iommufd_ioas_destroy+0x53/0x70 [ 174.343562] iommufd_fops_release+0x1f7/0x370 [ 174.343889] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.344263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.344621] ? write_comp_data+0x2f/0x90 [ 174.344920] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.345294] __fput+0x26d/0xa40 [ 174.345544] ____fput+0x1e/0x30 [ 174.345789] task_work_run+0x1a4/0x2d0 [ 174.346075] ? __pfx_task_work_run+0x10/0x10 [ 174.346408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.346776] ? switch_task_namespaces+0xa9/0xe0 [ 174.347131] do_exit+0xb17/0x2ef0 [ 174.347396] ? lock_acquire+0x427/0x4c0 [ 174.347691] ? __pfx_lock_release+0x10/0x10 [ 174.348008] ? __kasan_check_write+0x18/0x20 [ 174.348339] ? do_raw_spin_lock+0x132/0x2a0 [ 174.348652] ? __pfx_do_exit+0x10/0x10 [ 174.348945] ? debug_smp_processor_id+0x20/0x30 [ 174.349281] ? rcu_is_watching+0x19/0xb0 [ 174.349585] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.349914] ? trace_hardirqs_on+0x26/0x120 [ 174.350233] do_group_exit+0xe0/0x2b0 [ 174.350535] __x64_sys_exit_group+0x47/0x50 [ 174.350845] do_syscall_64+0x3b/0x90 [ 174.351125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.351514] RIP: 0033:0x7f4b87518a4d [ 174.351787] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.352227] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.352778] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.353278] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.353795] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.354301] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.354834] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.355357] [ 174.355527] irq event stamp: 0 [ 174.355755] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.356213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.356808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.357411] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.357858] ---[ end trace 0000000000000000 ]--- [ 174.362016] ------------[ cut here ]------------ [ 174.362407] WARNING: CPU: 0 PID: 1652 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.363191] Modules linked in: [ 174.363437] CPU: 0 PID: 1652 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.364061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.364874] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.365282] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.366623] RSP: 0018:ffff888020f97bb8 EFLAGS: 00010246 [ 174.367012] RAX: 0000000000000000 RBX: ffff888017a178a8 RCX: 0000000000000000 [ 174.367530] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 174.368046] RBP: ffff888020f97bd0 R08: ffffed1002f42f33 R09: ffffed1002f42f33 [ 174.368557] R10: ffff888017a17993 R11: ffffed1002f42f32 R12: ffff88800f0e0400 [ 174.369075] R13: ffff888017a179e8 R14: ffffffff8352e670 R15: ffff888020f97e68 [ 174.369590] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.370175] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.370607] CR2: 0000000020000140 CR3: 000000002087a000 CR4: 0000000000750ef0 [ 174.371146] PKRU: 55555554 [ 174.371349] Call Trace: [ 174.371535] [ 174.371701] __iommufd_access_detach+0x1c2/0x2b0 [ 174.372065] iommufd_access_change_pt+0x149/0x270 [ 174.372422] iommufd_access_replace+0xb4/0x120 [ 174.372760] iommufd_test+0x3e5/0x37e0 [ 174.373040] ? lock_release+0x532/0x770 [ 174.373349] ? __might_fault+0x102/0x1b0 [ 174.373653] ? lock_acquire+0x427/0x4c0 [ 174.373952] ? __pfx_iommufd_test+0x10/0x10 [ 174.374274] ? __pfx_lock_release+0x10/0x10 [ 174.374618] ? __pfx_lock_acquire+0x10/0x10 [ 174.374943] ? write_comp_data+0x2f/0x90 [ 174.375260] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.375621] ? write_comp_data+0x2f/0x90 [ 174.375925] iommufd_fops_ioctl+0x37d/0x510 [ 174.376241] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.376611] ? write_comp_data+0x2f/0x90 [ 174.376919] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.377271] __x64_sys_ioctl+0x1a3/0x230 [ 174.377589] do_syscall_64+0x3b/0x90 [ 174.377869] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.378250] RIP: 0033:0x7f4b8743ee5d [ 174.378553] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 174.379878] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 174.380431] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 174.380960] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 174.381478] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 174.382000] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 174.382532] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 174.383065] [ 174.383247] irq event stamp: 0 [ 174.383478] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.383948] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.384556] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.385172] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.385625] ---[ end trace 0000000000000000 ]--- [ 174.388286] ------------[ cut here ]------------ [ 174.388647] WARNING: CPU: 0 PID: 1652 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.389381] Modules linked in: [ 174.389611] CPU: 0 PID: 1652 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.390234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.391287] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.391664] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.392977] RSP: 0018:ffff888020f97bd0 EFLAGS: 00010246 [ 174.393355] RAX: 0000000000000000 RBX: ffff888017a178a8 RCX: 0000000000000000 [ 174.393874] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 174.394381] RBP: ffff888020f97be8 R08: ffffed1002f42f33 R09: ffffed1002f42f33 [ 174.394923] R10: ffff888017a17993 R11: ffffed1002f42f32 R12: ffff8880129c4400 [ 174.395444] R13: ffff888017a179e8 R14: ffff888015bb5d00 R15: 0000000000000000 [ 174.395964] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.396539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.397021] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 174.397531] PKRU: 55555554 [ 174.397734] Call Trace: [ 174.397924] [ 174.398097] iommufd_access_destroy_object+0x65/0x170 [ 174.398475] iommufd_object_destroy_user+0x18e/0x220 [ 174.398873] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 174.399323] iommufd_access_destroy+0x43/0x70 [ 174.399662] iommufd_test_staccess_release+0x8d/0xd0 [ 174.400039] __fput+0x26d/0xa40 [ 174.400303] ____fput+0x1e/0x30 [ 174.400551] task_work_run+0x1a4/0x2d0 [ 174.400841] ? __pfx_task_work_run+0x10/0x10 [ 174.401170] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.401539] ? switch_task_namespaces+0xa9/0xe0 [ 174.401884] do_exit+0xb17/0x2ef0 [ 174.402138] ? lock_acquire+0x427/0x4c0 [ 174.402447] ? __pfx_lock_release+0x10/0x10 [ 174.402787] ? __kasan_check_write+0x18/0x20 [ 174.403126] ? do_raw_spin_lock+0x132/0x2a0 [ 174.403459] ? __pfx_do_exit+0x10/0x10 [ 174.403750] ? debug_smp_processor_id+0x20/0x30 [ 174.404089] ? rcu_is_watching+0x19/0xb0 [ 174.404386] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.404732] ? trace_hardirqs_on+0x26/0x120 [ 174.405050] do_group_exit+0xe0/0x2b0 [ 174.405327] __x64_sys_exit_group+0x47/0x50 [ 174.405653] do_syscall_64+0x3b/0x90 [ 174.405929] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.406307] RIP: 0033:0x7f4b87518a4d [ 174.406602] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.406767] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 174.407047] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.408551] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 174.409087] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.410626] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.411156] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.411666] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.412187] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.412710] [ 174.412881] irq event stamp: 0 [ 174.413124] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.413578] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.414194] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.414812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.415301] ---[ end trace 0000000000000000 ]--- [ 174.418761] ------------[ cut here ]------------ [ 174.419132] WARNING: CPU: 0 PID: 1652 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.419882] Modules linked in: [ 174.420115] CPU: 0 PID: 1652 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.420763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.421569] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.421953] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.423336] RSP: 0018:ffff888020f97b78 EFLAGS: 00010246 [ 174.423726] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.424260] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 174.424784] RBP: ffff888020f97b98 R08: ffffed1002f42f3e R09: ffffed1002f42f3e [ 174.425315] R10: ffff888017a179ef R11: ffffed1002f42f3d R12: ffff888017a17a90 [ 174.425835] R13: ffff888017a178a8 R14: ffffffffffffffff R15: ffff888020f97c60 [ 174.426371] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.426973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.427418] CR2: 00007ff8d7292000 CR3: 000000001444e000 CR4: 0000000000750ef0 [ 174.427944] PKRU: 55555554 [ 174.428155] Call Trace: [ 174.428357] [ 174.428524] iommufd_ioas_destroy+0x53/0x70 [ 174.428850] iommufd_fops_release+0x1f7/0x370 [ 174.429253] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.429638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.430004] ? write_comp_data+0x2f/0x90 [ 174.430313] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.430719] __fput+0x26d/0xa40 [ 174.430985] ____fput+0x1e/0x30 [ 174.431256] task_work_run+0x1a4/0x2d0 [ 174.431566] ? __pfx_task_work_run+0x10/0x10 [ 174.431911] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.432283] ? switch_task_namespaces+0xa9/0xe0 [ 174.432649] do_exit+0xb17/0x2ef0 [ 174.432932] ? lock_acquire+0x427/0x4c0 [ 174.433244] ? __pfx_lock_release+0x10/0x10 [ 174.433575] ? __kasan_check_write+0x18/0x20 [ 174.433922] ? do_raw_spin_lock+0x132/0x2a0 [ 174.434248] ? __pfx_do_exit+0x10/0x10 [ 174.434576] ? debug_smp_processor_id+0x20/0x30 [ 174.434946] ? rcu_is_watching+0x19/0xb0 [ 174.435265] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.435611] ? trace_hardirqs_on+0x26/0x120 [ 174.435941] do_group_exit+0xe0/0x2b0 [ 174.436242] __x64_sys_exit_group+0x47/0x50 [ 174.436567] do_syscall_64+0x3b/0x90 [ 174.436860] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.437274] RIP: 0033:0x7f4b87518a4d [ 174.437554] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.438013] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.438622] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.439165] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.439705] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.440235] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.440775] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.441308] [ 174.441496] irq event stamp: 0 [ 174.441736] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.442213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.442869] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.443500] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.443981] ---[ end trace 0000000000000000 ]--- [ 174.447905] ------------[ cut here ]------------ [ 174.448387] WARNING: CPU: 0 PID: 1654 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.449159] Modules linked in: [ 174.449401] CPU: 0 PID: 1654 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.450051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.450931] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.451330] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.452700] RSP: 0018:ffff888011de7bb8 EFLAGS: 00010246 [ 174.453098] RAX: 0000000000000000 RBX: ffff888011f610a8 RCX: 0000000000000000 [ 174.453637] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 174.454162] RBP: ffff888011de7bd0 R08: ffffed10023ec233 R09: ffffed10023ec233 [ 174.454727] R10: ffff888011f61193 R11: ffffed10023ec232 R12: ffff888014390400 [ 174.455271] R13: ffff888011f611e8 R14: ffffffff8352e670 R15: ffff888011de7e68 [ 174.455814] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.456417] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.456867] CR2: 0000000020000140 CR3: 00000000103ca000 CR4: 0000000000750ef0 [ 174.457400] PKRU: 55555554 [ 174.457616] Call Trace: [ 174.457821] [ 174.457990] __iommufd_access_detach+0x1c2/0x2b0 [ 174.458359] iommufd_access_change_pt+0x149/0x270 [ 174.458766] iommufd_access_replace+0xb4/0x120 [ 174.459128] iommufd_test+0x3e5/0x37e0 [ 174.459425] ? lock_release+0x532/0x770 [ 174.459739] ? __might_fault+0x102/0x1b0 [ 174.460071] ? lock_acquire+0x427/0x4c0 [ 174.460384] ? __pfx_iommufd_test+0x10/0x10 [ 174.460709] ? __pfx_lock_release+0x10/0x10 [ 174.461107] ? __pfx_lock_acquire+0x10/0x10 [ 174.461447] ? write_comp_data+0x2f/0x90 [ 174.461762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.462144] ? write_comp_data+0x2f/0x90 [ 174.462460] iommufd_fops_ioctl+0x37d/0x510 [ 174.462808] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.463207] ? write_comp_data+0x2f/0x90 [ 174.463523] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.463888] __x64_sys_ioctl+0x1a3/0x230 [ 174.464220] do_syscall_64+0x3b/0x90 [ 174.464510] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.464905] RIP: 0033:0x7f4b8743ee5d [ 174.465186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 174.466596] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 174.467183] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 174.467728] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 174.468255] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 174.468795] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 174.469323] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 174.469874] [ 174.470051] irq event stamp: 0 [ 174.470288] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.470789] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.471434] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.472074] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.472549] ---[ end trace 0000000000000000 ]--- [ 174.475495] ------------[ cut here ]------------ [ 174.475881] WARNING: CPU: 1 PID: 1654 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.476653] Modules linked in: [ 174.476896] CPU: 1 PID: 1654 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.477565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.478769] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.479173] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.480681] RSP: 0018:ffff888011de7bd0 EFLAGS: 00010246 [ 174.481089] RAX: 0000000000000000 RBX: ffff888011f610a8 RCX: 0000000000000000 [ 174.481639] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 174.482201] RBP: ffff888011de7be8 R08: ffffed10023ec233 R09: ffffed10023ec233 [ 174.482888] R10: ffff888011f61193 R11: ffffed10023ec232 R12: ffff88800f0e3000 [ 174.483451] R13: ffff888011f611e8 R14: ffff8880139bc800 R15: 0000000000000000 [ 174.484009] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.484728] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.485189] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 174.485740] PKRU: 55555554 [ 174.485959] Call Trace: [ 174.486168] [ 174.486402] iommufd_access_destroy_object+0x65/0x170 [ 174.486895] iommufd_object_destroy_user+0x18e/0x220 [ 174.487317] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 174.487776] iommufd_access_destroy+0x43/0x70 [ 174.488143] iommufd_test_staccess_release+0x8d/0xd0 [ 174.488643] __fput+0x26d/0xa40 [ 174.488917] ____fput+0x1e/0x30 [ 174.489185] task_work_run+0x1a4/0x2d0 [ 174.489507] ? __pfx_task_work_run+0x10/0x10 [ 174.489857] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.490312] ? switch_task_namespaces+0xa9/0xe0 [ 174.490751] do_exit+0xb17/0x2ef0 [ 174.491026] ? lock_acquire+0x427/0x4c0 [ 174.491367] ? __pfx_lock_release+0x10/0x10 [ 174.491716] ? __kasan_check_write+0x18/0x20 [ 174.492062] ? do_raw_spin_lock+0x132/0x2a0 [ 174.492418] ? __pfx_do_exit+0x10/0x10 [ 174.492808] ? debug_smp_processor_id+0x20/0x30 [ 174.493176] ? rcu_is_watching+0x19/0xb0 [ 174.493499] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.493866] ? trace_hardirqs_on+0x26/0x120 [ 174.494210] do_group_exit+0xe0/0x2b0 [ 174.494647] __x64_sys_exit_group+0x47/0x50 [ 174.494988] do_syscall_64+0x3b/0x90 [ 174.495297] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.495720] RIP: 0033:0x7f4b87518a4d [ 174.496013] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.496495] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.497195] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.497750] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.498334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.499058] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.499646] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.500246] [ 174.500439] irq event stamp: 0 [ 174.500701] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.501340] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.502017] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.502742] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.503349] ---[ end trace 0000000000000000 ]--- [ 174.504338] ------------[ cut here ]------------ [ 174.504730] WARNING: CPU: 1 PID: 1654 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.505678] Modules linked in: [ 174.505942] CPU: 1 PID: 1654 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.506773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.507816] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.508231] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.509834] RSP: 0018:ffff888011de7b78 EFLAGS: 00010246 [ 174.510267] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.510877] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 174.511527] RBP: ffff888011de7b98 R08: ffffed10023ec23e R09: ffffed10023ec23e [ 174.512169] R10: ffff888011f611ef R11: ffffed10023ec23d R12: ffff888011f61290 [ 174.512747] R13: ffff888011f610a8 R14: ffffffffffffffff R15: ffff888011de7c60 [ 174.513397] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.514109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.514603] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 174.515212] PKRU: 55555554 [ 174.515468] Call Trace: [ 174.515764] [ 174.515950] iommufd_ioas_destroy+0x53/0x70 [ 174.516322] iommufd_fops_release+0x1f7/0x370 [ 174.516691] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.517102] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.517622] ? write_comp_data+0x2f/0x90 [ 174.517965] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.518391] __fput+0x26d/0xa40 [ 174.518700] ____fput+0x1e/0x30 [ 174.518983] task_work_run+0x1a4/0x2d0 [ 174.519333] ? __pfx_task_work_run+0x10/0x10 [ 174.519767] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.520220] ? switch_task_namespaces+0xa9/0xe0 [ 174.520622] do_exit+0xb17/0x2ef0 [ 174.520908] ? lock_acquire+0x427/0x4c0 [ 174.521241] ? __pfx_lock_release+0x10/0x10 [ 174.521642] ? __kasan_check_write+0x18/0x20 [ 174.522074] ? do_raw_spin_lock+0x132/0x2a0 [ 174.522429] ? __pfx_do_exit+0x10/0x10 [ 174.522790] ? debug_smp_processor_id+0x20/0x30 [ 174.523193] ? rcu_is_watching+0x19/0xb0 [ 174.523527] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.523952] ? trace_hardirqs_on+0x26/0x120 [ 174.524363] do_group_exit+0xe0/0x2b0 [ 174.524675] __x64_sys_exit_group+0x47/0x50 [ 174.525037] do_syscall_64+0x3b/0x90 [ 174.525349] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.525799] RIP: 0033:0x7f4b87518a4d [ 174.526191] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.526718] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.527358] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.527937] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.528630] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.529218] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.529793] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.530506] [ 174.530719] irq event stamp: 0 [ 174.530974] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.531567] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.532507] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.533602] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.534322] ---[ end trace 0000000000000000 ]--- [ 174.542991] ------------[ cut here ]------------ [ 174.543635] WARNING: CPU: 0 PID: 1656 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.545200] Modules linked in: [ 174.545606] CPU: 0 PID: 1656 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.546694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.548298] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.548919] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.551243] RSP: 0018:ffff8880147b7bb8 EFLAGS: 00010246 [ 174.552094] RAX: 0000000000000000 RBX: ffff8880172d78a8 RCX: 0000000000000000 [ 174.552987] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 174.553865] RBP: ffff8880147b7bd0 R08: ffffed1002e5af33 R09: ffffed1002e5af33 [ 174.554997] R10: ffff8880172d7993 R11: ffffed1002e5af32 R12: ffff888017066400 [ 174.555906] R13: ffff8880172d79e8 R14: ffffffff8352e670 R15: ffff8880147b7e68 [ 174.556796] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.557785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.558624] CR2: 0000000020000140 CR3: 00000000103ca000 CR4: 0000000000750ef0 [ 174.559709] PKRU: 55555554 [ 174.560087] Call Trace: [ 174.560412] [ 174.560699] __iommufd_access_detach+0x1c2/0x2b0 [ 174.561314] iommufd_access_change_pt+0x149/0x270 [ 174.561942] iommufd_access_replace+0xb4/0x120 [ 174.562832] iommufd_test+0x3e5/0x37e0 [ 174.563395] ? lock_release+0x532/0x770 [ 174.563954] ? __might_fault+0x102/0x1b0 [ 174.564499] ? lock_acquire+0x427/0x4c0 [ 174.565038] ? __pfx_iommufd_test+0x10/0x10 [ 174.565619] ? __pfx_lock_release+0x10/0x10 [ 174.566329] ? __pfx_lock_acquire+0x10/0x10 [ 174.567165] ? write_comp_data+0x2f/0x90 [ 174.567752] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.568419] ? write_comp_data+0x2f/0x90 [ 174.568983] iommufd_fops_ioctl+0x37d/0x510 [ 174.569582] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.570589] ? write_comp_data+0x2f/0x90 [ 174.571211] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.571868] __x64_sys_ioctl+0x1a3/0x230 [ 174.572436] do_syscall_64+0x3b/0x90 [ 174.572961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.573948] RIP: 0033:0x7f4b8743ee5d [ 174.574471] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 174.576952] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 174.578262] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 174.579294] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 174.580241] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 174.581486] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 174.582450] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 174.583477] [ 174.583811] irq event stamp: 0 [ 174.584243] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.585377] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.586546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.587699] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.588858] ---[ end trace 0000000000000000 ]--- [ 174.596600] ------------[ cut here ]------------ [ 174.597274] WARNING: CPU: 0 PID: 1656 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.598726] Modules linked in: [ 174.599251] CPU: 0 PID: 1656 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.600659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.602171] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.603223] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.605639] RSP: 0018:ffff8880147b7bd0 EFLAGS: 00010246 [ 174.606359] RAX: 0000000000000000 RBX: ffff8880172d78a8 RCX: 0000000000000000 [ 174.607388] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 174.608362] RBP: ffff8880147b7be8 R08: ffffed1002e5af33 R09: ffffed1002e5af33 [ 174.609324] R10: ffff8880172d7993 R11: ffffed1002e5af32 R12: ffff888014391000 [ 174.610289] R13: ffff8880172d79e8 R14: ffff88800f126600 R15: 0000000000000000 [ 174.611352] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.612450] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.613236] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 174.614179] PKRU: 55555554 [ 174.614604] Call Trace: [ 174.614959] [ 174.615297] iommufd_access_destroy_object+0x65/0x170 [ 174.616001] iommufd_object_destroy_user+0x18e/0x220 [ 174.616659] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 174.617437] iommufd_access_destroy+0x43/0x70 [ 174.618050] iommufd_test_staccess_release+0x8d/0xd0 [ 174.618791] __fput+0x26d/0xa40 [ 174.619306] ____fput+0x1e/0x30 [ 174.619775] task_work_run+0x1a4/0x2d0 [ 174.620315] ? __pfx_task_work_run+0x10/0x10 [ 174.620910] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.621565] ? switch_task_namespaces+0xa9/0xe0 [ 174.622201] do_exit+0xb17/0x2ef0 [ 174.622711] ? lock_acquire+0x427/0x4c0 [ 174.623292] ? __pfx_lock_release+0x10/0x10 [ 174.623881] ? __kasan_check_write+0x18/0x20 [ 174.624473] ? do_raw_spin_lock+0x132/0x2a0 [ 174.625048] ? __pfx_do_exit+0x10/0x10 [ 174.625581] ? debug_smp_processor_id+0x20/0x30 [ 174.626203] ? rcu_is_watching+0x19/0xb0 [ 174.626794] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.627455] ? trace_hardirqs_on+0x26/0x120 [ 174.628055] do_group_exit+0xe0/0x2b0 [ 174.628571] __x64_sys_exit_group+0x47/0x50 [ 174.629145] do_syscall_64+0x3b/0x90 [ 174.629650] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.630360] RIP: 0033:0x7f4b87518a4d [ 174.630909] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.631781] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.632800] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.633734] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.634716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.635710] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.636669] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.637641] [ 174.637962] irq event stamp: 0 [ 174.638385] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.639309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.640824] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.641940] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.642825] ---[ end trace 0000000000000000 ]--- [ 174.644986] ------------[ cut here ]------------ [ 174.645646] WARNING: CPU: 0 PID: 1656 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.647051] Modules linked in: [ 174.647550] CPU: 0 PID: 1656 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.649021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.650580] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.651319] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.654029] RSP: 0018:ffff8880147b7b78 EFLAGS: 00010246 [ 174.654823] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.655835] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 174.657120] RBP: ffff8880147b7b98 R08: ffffed1002e5af3e R09: ffffed1002e5af3e [ 174.658113] R10: ffff8880172d79ef R11: ffffed1002e5af3d R12: ffff8880172d7a90 [ 174.659171] R13: ffff8880172d78a8 R14: ffffffffffffffff R15: ffff8880147b7c60 [ 174.660171] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.661569] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.662379] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 174.663444] PKRU: 55555554 [ 174.663855] Call Trace: [ 174.664211] [ 174.664533] iommufd_ioas_destroy+0x53/0x70 [ 174.665190] iommufd_fops_release+0x1f7/0x370 [ 174.666078] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.666849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.667600] ? write_comp_data+0x2f/0x90 [ 174.668198] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.668899] __fput+0x26d/0xa40 [ 174.669406] ____fput+0x1e/0x30 [ 174.670189] task_work_run+0x1a4/0x2d0 [ 174.670832] ? __pfx_task_work_run+0x10/0x10 [ 174.671517] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.672216] ? switch_task_namespaces+0xa9/0xe0 [ 174.672895] do_exit+0xb17/0x2ef0 [ 174.673397] ? lock_acquire+0x427/0x4c0 [ 174.673988] ? __pfx_lock_release+0x10/0x10 [ 174.674929] ? __kasan_check_write+0x18/0x20 [ 174.675609] ? do_raw_spin_lock+0x132/0x2a0 [ 174.676220] ? __pfx_do_exit+0x10/0x10 [ 174.676779] ? debug_smp_processor_id+0x20/0x30 [ 174.677429] ? rcu_is_watching+0x19/0xb0 [ 174.677998] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.678779] ? trace_hardirqs_on+0x26/0x120 [ 174.679624] do_group_exit+0xe0/0x2b0 [ 174.680188] __x64_sys_exit_group+0x47/0x50 [ 174.680796] do_syscall_64+0x3b/0x90 [ 174.681338] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.682060] RIP: 0033:0x7f4b87518a4d [ 174.682668] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.683839] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.684894] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.685865] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.686936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.688157] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.689143] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.690146] [ 174.690607] irq event stamp: 0 [ 174.691270] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.692148] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.693290] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.694778] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.695695] ---[ end trace 0000000000000000 ]--- [ 174.705040] ------------[ cut here ]------------ [ 174.705895] WARNING: CPU: 0 PID: 1657 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.707403] Modules linked in: [ 174.707876] CPU: 0 PID: 1657 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.709369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.710966] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.711714] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.714588] RSP: 0018:ffff88800f017bb8 EFLAGS: 00010246 [ 174.715396] RAX: 0000000000000000 RBX: ffff888013e178a8 RCX: 0000000000000000 [ 174.716383] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 174.717631] RBP: ffff88800f017bd0 R08: ffffed10027c2f33 R09: ffffed10027c2f33 [ 174.718680] R10: ffff888013e17993 R11: ffffed10027c2f32 R12: ffff888010c09400 [ 174.719707] R13: ffff888013e179e8 R14: ffffffff8352e670 R15: ffff88800f017e68 [ 174.720707] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.721834] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.722702] CR2: 0000000020000140 CR3: 00000000103ca000 CR4: 0000000000750ef0 [ 174.723733] PKRU: 55555554 [ 174.724129] Call Trace: [ 174.724487] [ 174.724804] __iommufd_access_detach+0x1c2/0x2b0 [ 174.725486] iommufd_access_change_pt+0x149/0x270 [ 174.726163] iommufd_access_replace+0xb4/0x120 [ 174.726852] iommufd_test+0x3e5/0x37e0 [ 174.727450] ? lock_release+0x532/0x770 [ 174.728042] ? __might_fault+0x102/0x1b0 [ 174.728627] ? lock_acquire+0x427/0x4c0 [ 174.729197] ? __pfx_iommufd_test+0x10/0x10 [ 174.729793] ? __pfx_lock_release+0x10/0x10 [ 174.730405] ? __pfx_lock_acquire+0x10/0x10 [ 174.731072] ? write_comp_data+0x2f/0x90 [ 174.731697] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.732383] ? write_comp_data+0x2f/0x90 [ 174.732965] iommufd_fops_ioctl+0x37d/0x510 [ 174.733568] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.734250] ? write_comp_data+0x2f/0x90 [ 174.734875] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.735591] __x64_sys_ioctl+0x1a3/0x230 [ 174.736178] do_syscall_64+0x3b/0x90 [ 174.736710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.737433] RIP: 0033:0x7f4b8743ee5d [ 174.737950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 174.740476] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 174.741527] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 174.742547] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 174.743577] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 174.744556] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 174.745524] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 174.746554] [ 174.746899] irq event stamp: 0 [ 174.747391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.748267] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.749417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.750603] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.751498] ---[ end trace 0000000000000000 ]--- [ 174.757384] ------------[ cut here ]------------ [ 174.758074] WARNING: CPU: 0 PID: 1657 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.759587] Modules linked in: [ 174.760063] CPU: 0 PID: 1657 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.761581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.763225] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.763944] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.766786] RSP: 0018:ffff88800f017bd0 EFLAGS: 00010246 [ 174.767584] RAX: 0000000000000000 RBX: ffff888013e178a8 RCX: 0000000000000000 [ 174.768583] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 174.769884] RBP: ffff88800f017be8 R08: ffffed10027c2f33 R09: ffffed10027c2f33 [ 174.770930] R10: ffff888013e17993 R11: ffffed10027c2f32 R12: ffff888017064800 [ 174.771957] R13: ffff888013e179e8 R14: ffff88801371cd00 R15: 0000000000000000 [ 174.772947] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.774358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.775275] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 174.776274] PKRU: 55555554 [ 174.776680] Call Trace: [ 174.777040] [ 174.777368] iommufd_access_destroy_object+0x65/0x170 [ 174.778395] iommufd_object_destroy_user+0x18e/0x220 [ 174.779390] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 174.780222] iommufd_access_destroy+0x43/0x70 [ 174.780877] iommufd_test_staccess_release+0x8d/0xd0 [ 174.781596] __fput+0x26d/0xa40 [ 174.782179] ____fput+0x1e/0x30 [ 174.782963] task_work_run+0x1a4/0x2d0 [ 174.783562] ? __pfx_task_work_run+0x10/0x10 [ 174.784193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.784866] ? switch_task_namespaces+0xa9/0xe0 [ 174.785527] do_exit+0xb17/0x2ef0 [ 174.786043] ? lock_acquire+0x427/0x4c0 [ 174.787002] ? __pfx_lock_release+0x10/0x10 [ 174.787640] ? __kasan_check_write+0x18/0x20 [ 174.788257] ? do_raw_spin_lock+0x132/0x2a0 [ 174.788872] ? __pfx_do_exit+0x10/0x10 [ 174.789427] ? debug_smp_processor_id+0x20/0x30 [ 174.790099] ? rcu_is_watching+0x19/0xb0 [ 174.790732] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.791426] ? trace_hardirqs_on+0x26/0x120 [ 174.792045] do_group_exit+0xe0/0x2b0 [ 174.792569] __x64_sys_exit_group+0x47/0x50 [ 174.793167] do_syscall_64+0x3b/0x90 [ 174.793702] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.794420] RIP: 0033:0x7f4b87518a4d [ 174.795042] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.795935] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.796999] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.797992] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.799060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.800053] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.801034] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.802016] [ 174.802345] irq event stamp: 0 [ 174.802847] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.803734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.804883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.806036] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.806981] ---[ end trace 0000000000000000 ]--- [ 174.808630] ------------[ cut here ]------------ [ 174.809416] WARNING: CPU: 1 PID: 1657 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.810857] Modules linked in: [ 174.811360] CPU: 1 PID: 1657 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.812745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.814315] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.815104] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.817828] RSP: 0018:ffff88800f017b78 EFLAGS: 00010246 [ 174.818615] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.819632] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 174.820806] RBP: ffff88800f017b98 R08: ffffed10027c2f3e R09: ffffed10027c2f3e [ 174.821797] R10: ffff888013e179ef R11: ffffed10027c2f3d R12: ffff888013e17a90 [ 174.822830] R13: ffff888013e178a8 R14: ffffffffffffffff R15: ffff88800f017c60 [ 174.823865] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 174.825154] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.825961] CR2: 00007f82e2e9a000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 174.826968] PKRU: 55555554 [ 174.827409] Call Trace: [ 174.827830] [ 174.828277] iommufd_ioas_destroy+0x53/0x70 [ 174.828905] iommufd_fops_release+0x1f7/0x370 [ 174.829550] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.830247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.831026] ? write_comp_data+0x2f/0x90 [ 174.831773] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.832499] __fput+0x26d/0xa40 [ 174.833006] ____fput+0x1e/0x30 [ 174.833485] task_work_run+0x1a4/0x2d0 [ 174.834037] ? __pfx_task_work_run+0x10/0x10 [ 174.834703] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.835590] ? switch_task_namespaces+0xa9/0xe0 [ 174.836279] do_exit+0xb17/0x2ef0 [ 174.836784] ? lock_acquire+0x427/0x4c0 [ 174.837352] ? __pfx_lock_release+0x10/0x10 [ 174.837962] ? __kasan_check_write+0x18/0x20 [ 174.838637] ? do_raw_spin_lock+0x132/0x2a0 [ 174.839473] ? __pfx_do_exit+0x10/0x10 [ 174.840047] ? debug_smp_processor_id+0x20/0x30 [ 174.840702] ? rcu_is_watching+0x19/0xb0 [ 174.841272] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.841915] ? trace_hardirqs_on+0x26/0x120 [ 174.842629] do_group_exit+0xe0/0x2b0 [ 174.843266] __x64_sys_exit_group+0x47/0x50 [ 174.843882] do_syscall_64+0x3b/0x90 [ 174.844421] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.845149] RIP: 0033:0x7f4b87518a4d [ 174.845671] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.846725] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.847811] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.848795] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.849785] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.850994] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.852027] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.853025] [ 174.853363] irq event stamp: 0 [ 174.853905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.854899] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.856102] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.857250] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.858120] ---[ end trace 0000000000000000 ]--- [ 174.865995] ------------[ cut here ]------------ [ 174.866738] WARNING: CPU: 0 PID: 1658 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.868139] Modules linked in: [ 174.868587] CPU: 0 PID: 1658 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.869779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.871360] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.872064] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.874586] RSP: 0018:ffff88800ee87bb8 EFLAGS: 00010246 [ 174.875383] RAX: 0000000000000000 RBX: ffff888010b790a8 RCX: 0000000000000000 [ 174.876357] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 174.877324] RBP: ffff88800ee87bd0 R08: ffffed100216f233 R09: ffffed100216f233 [ 174.878307] R10: ffff888010b79193 R11: ffffed100216f232 R12: ffff888010e00c00 [ 174.879356] R13: ffff888010b791e8 R14: ffffffff8352e670 R15: ffff88800ee87e68 [ 174.880344] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.881443] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.882237] CR2: 0000000020000140 CR3: 000000002187e000 CR4: 0000000000750ef0 [ 174.883280] PKRU: 55555554 [ 174.883681] Call Trace: [ 174.884041] [ 174.884363] __iommufd_access_detach+0x1c2/0x2b0 [ 174.885056] iommufd_access_change_pt+0x149/0x270 [ 174.885740] iommufd_access_replace+0xb4/0x120 [ 174.886386] iommufd_test+0x3e5/0x37e0 [ 174.886981] ? lock_release+0x532/0x770 [ 174.887597] ? __might_fault+0x102/0x1b0 [ 174.888179] ? lock_acquire+0x427/0x4c0 [ 174.888748] ? __pfx_iommufd_test+0x10/0x10 [ 174.889340] ? __pfx_lock_release+0x10/0x10 [ 174.889950] ? __pfx_lock_acquire+0x10/0x10 [ 174.890612] ? write_comp_data+0x2f/0x90 [ 174.891245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.891929] ? write_comp_data+0x2f/0x90 [ 174.892508] iommufd_fops_ioctl+0x37d/0x510 [ 174.893131] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.893824] ? write_comp_data+0x2f/0x90 [ 174.894408] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 174.895144] __x64_sys_ioctl+0x1a3/0x230 [ 174.895744] do_syscall_64+0x3b/0x90 [ 174.896285] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.897014] RIP: 0033:0x7f4b8743ee5d [ 174.897537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 174.900072] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 174.901135] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 174.902117] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 174.903137] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 174.904129] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 174.905102] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 174.906089] [ 174.906418] irq event stamp: 0 [ 174.906894] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.907798] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.908949] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.910093] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.910994] ---[ end trace 0000000000000000 ]--- [ 174.916160] ------------[ cut here ]------------ [ 174.916854] WARNING: CPU: 0 PID: 1658 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 174.918232] Modules linked in: [ 174.918740] CPU: 0 PID: 1658 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.919976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.921514] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 174.922233] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 174.925216] RSP: 0018:ffff88800ee87bd0 EFLAGS: 00010246 [ 174.925982] RAX: 0000000000000000 RBX: ffff888010b790a8 RCX: 0000000000000000 [ 174.927072] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 174.928453] RBP: ffff88800ee87be8 R08: ffffed100216f233 R09: ffffed100216f233 [ 174.929453] R10: ffff888010b79193 R11: ffffed100216f232 R12: ffff888010c08800 [ 174.930446] R13: ffff888010b791e8 R14: ffff888020e5ba00 R15: 0000000000000000 [ 174.931983] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.933097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.933904] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 174.934954] PKRU: 55555554 [ 174.935421] Call Trace: [ 174.935830] [ 174.936403] iommufd_access_destroy_object+0x65/0x170 [ 174.937157] iommufd_object_destroy_user+0x18e/0x220 [ 174.937881] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 174.938760] iommufd_access_destroy+0x43/0x70 [ 174.939462] iommufd_test_staccess_release+0x8d/0xd0 [ 174.940472] __fput+0x26d/0xa40 [ 174.940987] ____fput+0x1e/0x30 [ 174.941478] task_work_run+0x1a4/0x2d0 [ 174.942035] ? __pfx_task_work_run+0x10/0x10 [ 174.942707] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.943457] ? switch_task_namespaces+0xa9/0xe0 [ 174.944151] do_exit+0xb17/0x2ef0 [ 174.944954] ? lock_acquire+0x427/0x4c0 [ 174.945547] ? __pfx_lock_release+0x10/0x10 [ 174.946164] ? __kasan_check_write+0x18/0x20 [ 174.946834] ? do_raw_spin_lock+0x132/0x2a0 [ 174.947493] ? __pfx_do_exit+0x10/0x10 [ 174.948070] ? debug_smp_processor_id+0x20/0x30 [ 174.948786] ? rcu_is_watching+0x19/0xb0 [ 174.949572] ? _raw_spin_unlock_irq+0x2b/0x60 [ 174.950235] ? trace_hardirqs_on+0x26/0x120 [ 174.950899] do_group_exit+0xe0/0x2b0 [ 174.951568] __x64_sys_exit_group+0x47/0x50 [ 174.952186] do_syscall_64+0x3b/0x90 [ 174.952724] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 174.953473] RIP: 0033:0x7f4b87518a4d [ 174.954205] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 174.954987] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 174.955924] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 174.956881] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 174.957930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 174.959188] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 174.960185] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 174.961177] [ 174.961515] irq event stamp: 0 [ 174.961959] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 174.962893] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 174.964085] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 174.965274] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 174.966158] ---[ end trace 0000000000000000 ]--- [ 174.967731] ------------[ cut here ]------------ [ 174.968591] WARNING: CPU: 0 PID: 1658 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 174.969984] Modules linked in: [ 174.970445] CPU: 0 PID: 1658 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 174.972200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 174.973762] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 174.974495] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 174.977802] RSP: 0018:ffff88800ee87b78 EFLAGS: 00010246 [ 174.978640] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 174.979682] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 174.980980] RBP: ffff88800ee87b98 R08: ffffed100216f23e R09: ffffed100216f23e [ 174.981989] R10: ffff888010b791ef R11: ffffed100216f23d R12: ffff888010b79290 [ 174.983035] R13: ffff888010b790a8 R14: ffffffffffffffff R15: ffff88800ee87c60 [ 174.984077] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 174.985502] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.986321] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 174.987407] PKRU: 55555554 [ 174.987820] Call Trace: [ 174.988179] [ 174.988501] iommufd_ioas_destroy+0x53/0x70 [ 174.989164] iommufd_fops_release+0x1f7/0x370 [ 174.990028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.990803] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.991549] ? write_comp_data+0x2f/0x90 [ 174.992137] ? __pfx_iommufd_fops_release+0x10/0x10 [ 174.992843] __fput+0x26d/0xa40 [ 174.993388] ____fput+0x1e/0x30 [ 174.994099] task_work_run+0x1a4/0x2d0 [ 174.994734] ? __pfx_task_work_run+0x10/0x10 [ 174.995406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 174.996102] ? switch_task_namespaces+0xa9/0xe0 [ 174.996772] do_exit+0xb17/0x2ef0 [ 174.997276] ? lock_acquire+0x427/0x4c0 [ 174.998151] ? __pfx_lock_release+0x10/0x10 [ 174.998839] ? __kasan_check_write+0x18/0x20 [ 174.999516] ? do_raw_spin_lock+0x132/0x2a0 [ 175.000130] ? __pfx_do_exit+0x10/0x10 [ 175.000689] ? debug_smp_processor_id+0x20/0x30 [ 175.001349] ? rcu_is_watching+0x19/0xb0 [ 175.001999] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.002909] ? trace_hardirqs_on+0x26/0x120 [ 175.003599] do_group_exit+0xe0/0x2b0 [ 175.004155] __x64_sys_exit_group+0x47/0x50 [ 175.004755] do_syscall_64+0x3b/0x90 [ 175.005295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.006031] RIP: 0033:0x7f4b87518a4d [ 175.006725] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.007792] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.008860] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.009837] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.011098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.012133] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.013125] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.014119] [ 175.014460] irq event stamp: 0 [ 175.015273] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.016162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.017314] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.018458] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.019711] ---[ end trace 0000000000000000 ]--- [ 175.029199] ------------[ cut here ]------------ [ 175.029774] WARNING: CPU: 0 PID: 1659 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.030962] Modules linked in: [ 175.031330] CPU: 0 PID: 1659 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.032286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.033765] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.034452] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.036980] RSP: 0018:ffff888015d97bb8 EFLAGS: 00010246 [ 175.037687] RAX: 0000000000000000 RBX: ffff8880158870a8 RCX: 0000000000000000 [ 175.038713] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 175.039662] RBP: ffff888015d97bd0 R08: ffffed1002b10e33 R09: ffffed1002b10e33 [ 175.040435] R10: ffff888015887193 R11: ffffed1002b10e32 R12: ffff88800fd83400 [ 175.041240] R13: ffff8880158871e8 R14: ffffffff8352e670 R15: ffff888015d97e68 [ 175.041998] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.042901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.043537] CR2: 0000000020000140 CR3: 000000001421a000 CR4: 0000000000750ef0 [ 175.044299] PKRU: 55555554 [ 175.044668] Call Trace: [ 175.045011] [ 175.045304] __iommufd_access_detach+0x1c2/0x2b0 [ 175.045951] iommufd_access_change_pt+0x149/0x270 [ 175.046668] iommufd_access_replace+0xb4/0x120 [ 175.047326] iommufd_test+0x3e5/0x37e0 [ 175.047878] ? lock_release+0x532/0x770 [ 175.048437] ? __might_fault+0x102/0x1b0 [ 175.049000] ? lock_acquire+0x427/0x4c0 [ 175.049542] ? __pfx_iommufd_test+0x10/0x10 [ 175.050138] ? __pfx_lock_release+0x10/0x10 [ 175.050783] ? __pfx_lock_acquire+0x10/0x10 [ 175.051399] ? write_comp_data+0x2f/0x90 [ 175.051963] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.052631] ? write_comp_data+0x2f/0x90 [ 175.053181] iommufd_fops_ioctl+0x37d/0x510 [ 175.053769] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.054442] ? write_comp_data+0x2f/0x90 [ 175.055075] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.055782] __x64_sys_ioctl+0x1a3/0x230 [ 175.056348] do_syscall_64+0x3b/0x90 [ 175.056870] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.057575] RIP: 0033:0x7f4b8743ee5d [ 175.058071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.060551] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.061564] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.062584] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.063715] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.064690] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.065657] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.066719] [ 175.067059] irq event stamp: 0 [ 175.067530] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.068391] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.069528] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.070709] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.071584] ---[ end trace 0000000000000000 ]--- [ 175.076870] ------------[ cut here ]------------ [ 175.077556] WARNING: CPU: 0 PID: 1659 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.079022] Modules linked in: [ 175.079495] CPU: 0 PID: 1659 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.080689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.082207] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.082965] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.085452] RSP: 0018:ffff888015d97bd0 EFLAGS: 00010246 [ 175.086181] RAX: 0000000000000000 RBX: ffff8880158870a8 RCX: 0000000000000000 [ 175.087227] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 175.088200] RBP: ffff888015d97be8 R08: ffffed1002b10e33 R09: ffffed1002b10e33 [ 175.089153] R10: ffff888015887193 R11: ffffed1002b10e32 R12: ffff888010e01800 [ 175.090091] R13: ffff8880158871e8 R14: ffff8880139bc400 R15: 0000000000000000 [ 175.091074] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.092161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.092930] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.093876] PKRU: 55555554 [ 175.094256] Call Trace: [ 175.094653] [ 175.094967] iommufd_access_destroy_object+0x65/0x170 [ 175.095691] iommufd_object_destroy_user+0x18e/0x220 [ 175.096380] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 175.097171] iommufd_access_destroy+0x43/0x70 [ 175.097802] iommufd_test_staccess_release+0x8d/0xd0 [ 175.098491] __fput+0x26d/0xa40 [ 175.099013] ____fput+0x1e/0x30 [ 175.099489] task_work_run+0x1a4/0x2d0 [ 175.100024] ? __pfx_task_work_run+0x10/0x10 [ 175.100630] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.101286] ? switch_task_namespaces+0xa9/0xe0 [ 175.101922] do_exit+0xb17/0x2ef0 [ 175.102391] ? lock_acquire+0x427/0x4c0 [ 175.102987] ? __pfx_lock_release+0x10/0x10 [ 175.103592] ? __kasan_check_write+0x18/0x20 [ 175.104194] ? do_raw_spin_lock+0x132/0x2a0 [ 175.104774] ? __pfx_do_exit+0x10/0x10 [ 175.105308] ? debug_smp_processor_id+0x20/0x30 [ 175.105933] ? rcu_is_watching+0x19/0xb0 [ 175.106479] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.107176] ? trace_hardirqs_on+0x26/0x120 [ 175.107767] do_group_exit+0xe0/0x2b0 [ 175.108282] __x64_sys_exit_group+0x47/0x50 [ 175.108857] do_syscall_64+0x3b/0x90 [ 175.109370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.110070] RIP: 0033:0x7f4b87518a4d [ 175.110625] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.111450] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.112452] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.113388] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.114326] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.115325] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.116269] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.117222] [ 175.117536] irq event stamp: 0 [ 175.117955] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.118834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.119965] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.121066] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.121895] ---[ end trace 0000000000000000 ]--- [ 175.123302] ------------[ cut here ]------------ [ 175.123948] WARNING: CPU: 0 PID: 1659 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 175.125290] Modules linked in: [ 175.125719] CPU: 0 PID: 1659 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.126928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.128427] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 175.129119] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 175.131560] RSP: 0018:ffff888015d97b78 EFLAGS: 00010246 [ 175.132275] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.133215] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 175.134143] RBP: ffff888015d97b98 R08: ffffed1002b10e3e R09: ffffed1002b10e3e [ 175.135138] R10: ffff8880158871ef R11: ffffed1002b10e3d R12: ffff888015887290 [ 175.136085] R13: ffff8880158870a8 R14: ffffffffffffffff R15: ffff888015d97c60 [ 175.137021] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.138072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.138890] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.139862] PKRU: 55555554 [ 175.140256] Call Trace: [ 175.140610] [ 175.140931] iommufd_ioas_destroy+0x53/0x70 [ 175.141523] iommufd_fops_release+0x1f7/0x370 [ 175.142134] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.142855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.143972] ? write_comp_data+0x2f/0x90 [ 175.144590] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.145292] __fput+0x26d/0xa40 [ 175.145773] ____fput+0x1e/0x30 [ 175.146234] task_work_run+0x1a4/0x2d0 [ 175.146838] ? __pfx_task_work_run+0x10/0x10 [ 175.147512] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.148213] ? switch_task_namespaces+0xa9/0xe0 [ 175.148878] do_exit+0xb17/0x2ef0 [ 175.149364] ? lock_acquire+0x427/0x4c0 [ 175.149927] ? __pfx_lock_release+0x10/0x10 [ 175.150584] ? __kasan_check_write+0x18/0x20 [ 175.151266] ? do_raw_spin_lock+0x132/0x2a0 [ 175.151882] ? __pfx_do_exit+0x10/0x10 [ 175.152438] ? debug_smp_processor_id+0x20/0x30 [ 175.153085] ? rcu_is_watching+0x19/0xb0 [ 175.153652] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.154286] ? trace_hardirqs_on+0x26/0x120 [ 175.154936] do_group_exit+0xe0/0x2b0 [ 175.155506] __x64_sys_exit_group+0x47/0x50 [ 175.156112] do_syscall_64+0x3b/0x90 [ 175.156647] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.157378] RIP: 0033:0x7f4b87518a4d [ 175.157894] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.158782] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.159849] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.160825] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.161792] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.162800] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.163813] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.164809] [ 175.165134] irq event stamp: 0 [ 175.165572] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.166444] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.167654] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.168796] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.169660] ---[ end trace 0000000000000000 ]--- [ 175.177750] ------------[ cut here ]------------ [ 175.178477] WARNING: CPU: 0 PID: 1660 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.179973] Modules linked in: [ 175.180434] CPU: 0 PID: 1660 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.182264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.183873] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.184566] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.187533] RSP: 0018:ffff88800e94fbb8 EFLAGS: 00010246 [ 175.188256] RAX: 0000000000000000 RBX: ffff888011c8f0a8 RCX: 0000000000000000 [ 175.189199] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 175.190444] RBP: ffff88800e94fbd0 R08: ffffed1002391e33 R09: ffffed1002391e33 [ 175.191505] R10: ffff888011c8f193 R11: ffffed1002391e32 R12: ffff888012b67000 [ 175.192453] R13: ffff888011c8f1e8 R14: ffffffff8352e670 R15: ffff88800e94fe68 [ 175.193399] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.194813] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.195619] CR2: 0000000020000140 CR3: 0000000013e70000 CR4: 0000000000750ef0 [ 175.196564] PKRU: 55555554 [ 175.196947] Call Trace: [ 175.197301] [ 175.197615] __iommufd_access_detach+0x1c2/0x2b0 [ 175.198656] iommufd_access_change_pt+0x149/0x270 [ 175.199347] iommufd_access_replace+0xb4/0x120 [ 175.199983] iommufd_test+0x3e5/0x37e0 [ 175.200511] ? lock_release+0x532/0x770 [ 175.201060] ? __might_fault+0x102/0x1b0 [ 175.201618] ? lock_acquire+0x427/0x4c0 [ 175.202275] ? __pfx_iommufd_test+0x10/0x10 [ 175.203080] ? __pfx_lock_release+0x10/0x10 [ 175.203711] ? __pfx_lock_acquire+0x10/0x10 [ 175.204315] ? write_comp_data+0x2f/0x90 [ 175.204875] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.205538] ? write_comp_data+0x2f/0x90 [ 175.206101] iommufd_fops_ioctl+0x37d/0x510 [ 175.207079] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.207780] ? write_comp_data+0x2f/0x90 [ 175.208344] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.208998] __x64_sys_ioctl+0x1a3/0x230 [ 175.209560] do_syscall_64+0x3b/0x90 [ 175.210077] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.211158] RIP: 0033:0x7f4b8743ee5d [ 175.211665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.214045] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.215460] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.216410] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.217350] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.218292] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.219606] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.220595] [ 175.220921] irq event stamp: 0 [ 175.221356] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.222192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.223668] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.224802] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.225655] ---[ end trace 0000000000000000 ]--- [ 175.231263] ------------[ cut here ]------------ [ 175.231928] WARNING: CPU: 0 PID: 1660 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.233298] Modules linked in: [ 175.233740] CPU: 0 PID: 1660 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.235326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.236855] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.237538] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.240343] RSP: 0018:ffff88800e94fbd0 EFLAGS: 00010246 [ 175.241083] RAX: 0000000000000000 RBX: ffff888011c8f0a8 RCX: 0000000000000000 [ 175.242108] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 175.243328] RBP: ffff88800e94fbe8 R08: ffffed1002391e33 R09: ffffed1002391e33 [ 175.244309] R10: ffff888011c8f193 R11: ffffed1002391e32 R12: ffff88800fd81800 [ 175.245536] R13: ffff888011c8f1e8 R14: ffff888011f03300 R15: 0000000000000000 [ 175.246551] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.247769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.248777] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.249758] PKRU: 55555554 [ 175.250151] Call Trace: [ 175.250649] [ 175.251177] iommufd_access_destroy_object+0x65/0x170 [ 175.251899] iommufd_object_destroy_user+0x18e/0x220 [ 175.252606] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 175.253703] iommufd_access_destroy+0x43/0x70 [ 175.254348] iommufd_test_staccess_release+0x8d/0xd0 [ 175.255099] __fput+0x26d/0xa40 [ 175.255653] ____fput+0x1e/0x30 [ 175.256359] task_work_run+0x1a4/0x2d0 [ 175.256919] ? __pfx_task_work_run+0x10/0x10 [ 175.257535] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.258372] ? switch_task_namespaces+0xa9/0xe0 [ 175.259291] do_exit+0xb17/0x2ef0 [ 175.259777] ? lock_acquire+0x427/0x4c0 [ 175.260340] ? __pfx_lock_release+0x10/0x10 [ 175.261208] ? __kasan_check_write+0x18/0x20 [ 175.261832] ? do_raw_spin_lock+0x132/0x2a0 [ 175.262428] ? __pfx_do_exit+0x10/0x10 [ 175.263026] ? debug_smp_processor_id+0x20/0x30 [ 175.263711] ? rcu_is_watching+0x19/0xb0 [ 175.264287] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.264921] ? trace_hardirqs_on+0x26/0x120 [ 175.265506] do_group_exit+0xe0/0x2b0 [ 175.266034] __x64_sys_exit_group+0x47/0x50 [ 175.266700] do_syscall_64+0x3b/0x90 [ 175.267261] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.267982] RIP: 0033:0x7f4b87518a4d [ 175.268492] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.269332] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.270350] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.271394] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.272362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.273320] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.274277] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.275326] [ 175.275659] irq event stamp: 0 [ 175.276095] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.276946] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.278075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.279257] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.280118] ---[ end trace 0000000000000000 ]--- [ 175.281503] ------------[ cut here ]------------ [ 175.282136] WARNING: CPU: 0 PID: 1660 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 175.283772] Modules linked in: [ 175.284207] CPU: 0 PID: 1660 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.285160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.286450] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 175.287082] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 175.289158] RSP: 0018:ffff88800e94fb78 EFLAGS: 00010246 [ 175.289711] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.290454] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 175.291439] RBP: ffff88800e94fb98 R08: ffffed1002391e3e R09: ffffed1002391e3e [ 175.292403] R10: ffff888011c8f1ef R11: ffffed1002391e3d R12: ffff888011c8f290 [ 175.293344] R13: ffff888011c8f0a8 R14: ffffffffffffffff R15: ffff88800e94fc60 [ 175.294285] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.295425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.296205] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.297157] PKRU: 55555554 [ 175.297543] Call Trace: [ 175.297893] [ 175.298206] iommufd_ioas_destroy+0x53/0x70 [ 175.298865] iommufd_fops_release+0x1f7/0x370 [ 175.299512] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.300152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.300701] ? write_comp_data+0x2f/0x90 [ 175.301183] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.301697] __fput+0x26d/0xa40 [ 175.302062] ____fput+0x1e/0x30 [ 175.302451] task_work_run+0x1a4/0x2d0 [ 175.302998] ? __pfx_task_work_run+0x10/0x10 [ 175.303514] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.304024] ? switch_task_namespaces+0xa9/0xe0 [ 175.304523] do_exit+0xb17/0x2ef0 [ 175.304921] ? lock_acquire+0x427/0x4c0 [ 175.305446] ? __pfx_lock_release+0x10/0x10 [ 175.305903] ? __kasan_check_write+0x18/0x20 [ 175.306367] ? do_raw_spin_lock+0x132/0x2a0 [ 175.306864] ? __pfx_do_exit+0x10/0x10 [ 175.307288] ? debug_smp_processor_id+0x20/0x30 [ 175.308005] ? rcu_is_watching+0x19/0xb0 [ 175.308583] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.309214] ? trace_hardirqs_on+0x26/0x120 [ 175.309820] do_group_exit+0xe0/0x2b0 [ 175.310349] __x64_sys_exit_group+0x47/0x50 [ 175.310979] do_syscall_64+0x3b/0x90 [ 175.311531] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.312244] RIP: 0033:0x7f4b87518a4d [ 175.312748] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.313577] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.314627] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.315626] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.316593] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.317556] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.318490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.319759] [ 175.320193] irq event stamp: 0 [ 175.320534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.321213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.322098] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.323065] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.324049] ---[ end trace 0000000000000000 ]--- [ 175.331003] ------------[ cut here ]------------ [ 175.331638] WARNING: CPU: 0 PID: 1661 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.332871] Modules linked in: [ 175.333269] CPU: 0 PID: 1661 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.334331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.335735] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.336347] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.338564] RSP: 0018:ffff888018737bb8 EFLAGS: 00010246 [ 175.339225] RAX: 0000000000000000 RBX: ffff8880171bd8a8 RCX: 0000000000000000 [ 175.340081] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 175.340914] RBP: ffff888018737bd0 R08: ffffed1002e37b33 R09: ffffed1002e37b33 [ 175.341748] R10: ffff8880171bd993 R11: ffffed1002e37b32 R12: ffff88800fcb1c00 [ 175.342613] R13: ffff8880171bd9e8 R14: ffffffff8352e670 R15: ffff888018737e68 [ 175.343462] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.344716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.345420] CR2: 0000000020000140 CR3: 000000001431a000 CR4: 0000000000750ef0 [ 175.346262] PKRU: 55555554 [ 175.346646] Call Trace: [ 175.346960] [ 175.347252] __iommufd_access_detach+0x1c2/0x2b0 [ 175.347842] iommufd_access_change_pt+0x149/0x270 [ 175.348432] iommufd_access_replace+0xb4/0x120 [ 175.348992] iommufd_test+0x3e5/0x37e0 [ 175.349459] ? lock_release+0x532/0x770 [ 175.349949] ? __might_fault+0x102/0x1b0 [ 175.350445] ? lock_acquire+0x427/0x4c0 [ 175.350970] ? __pfx_iommufd_test+0x10/0x10 [ 175.351499] ? __pfx_lock_release+0x10/0x10 [ 175.352028] ? __pfx_lock_acquire+0x10/0x10 [ 175.352557] ? write_comp_data+0x2f/0x90 [ 175.353060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.353648] ? write_comp_data+0x2f/0x90 [ 175.354150] iommufd_fops_ioctl+0x37d/0x510 [ 175.354707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.355339] ? write_comp_data+0x2f/0x90 [ 175.355842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.356421] __x64_sys_ioctl+0x1a3/0x230 [ 175.356922] do_syscall_64+0x3b/0x90 [ 175.357383] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.358011] RIP: 0033:0x7f4b8743ee5d [ 175.358456] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.360629] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.361536] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.362375] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.363457] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.364031] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.364605] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.365170] [ 175.365355] irq event stamp: 0 [ 175.365615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.366112] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.366800] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.367465] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.367973] ---[ end trace 0000000000000000 ]--- [ 175.370822] ------------[ cut here ]------------ [ 175.371249] WARNING: CPU: 0 PID: 1661 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.372049] Modules linked in: [ 175.372319] CPU: 0 PID: 1661 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.373007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.373904] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.374314] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.375842] RSP: 0018:ffff888018737bd0 EFLAGS: 00010246 [ 175.376269] RAX: 0000000000000000 RBX: ffff8880171bd8a8 RCX: 0000000000000000 [ 175.376847] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 175.377412] RBP: ffff888018737be8 R08: ffffed1002e37b33 R09: ffffed1002e37b33 [ 175.377985] R10: ffff8880171bd993 R11: ffffed1002e37b32 R12: ffff888012b65c00 [ 175.378581] R13: ffff8880171bd9e8 R14: ffff88800ef92900 R15: 0000000000000000 [ 175.379168] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.379822] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.380282] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.380860] PKRU: 55555554 [ 175.381083] Call Trace: [ 175.381289] [ 175.381470] iommufd_access_destroy_object+0x65/0x170 [ 175.381894] iommufd_object_destroy_user+0x18e/0x220 [ 175.382299] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 175.382784] iommufd_access_destroy+0x43/0x70 [ 175.383173] iommufd_test_staccess_release+0x8d/0xd0 [ 175.383588] __fput+0x26d/0xa40 [ 175.383866] ____fput+0x1e/0x30 [ 175.384160] task_work_run+0x1a4/0x2d0 [ 175.384477] ? __pfx_task_work_run+0x10/0x10 [ 175.384832] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.385240] ? switch_task_namespaces+0xa9/0xe0 [ 175.385623] do_exit+0xb17/0x2ef0 [ 175.385900] ? lock_acquire+0x427/0x4c0 [ 175.386238] ? __pfx_lock_release+0x10/0x10 [ 175.386625] ? __kasan_check_write+0x18/0x20 [ 175.386984] ? do_raw_spin_lock+0x132/0x2a0 [ 175.387355] ? __pfx_do_exit+0x10/0x10 [ 175.387678] ? debug_smp_processor_id+0x20/0x30 [ 175.388054] ? rcu_is_watching+0x19/0xb0 [ 175.388392] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.388766] ? trace_hardirqs_on+0x26/0x120 [ 175.389191] do_group_exit+0xe0/0x2b0 [ 175.389517] __x64_sys_exit_group+0x47/0x50 [ 175.389871] do_syscall_64+0x3b/0x90 [ 175.390179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.390648] RIP: 0033:0x7f4b87518a4d [ 175.390951] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.391448] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.392058] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.392619] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.393189] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.393747] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.394317] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.394918] [ 175.395118] irq event stamp: 0 [ 175.395374] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.395872] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.396546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.397219] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.397719] ---[ end trace 0000000000000000 ]--- [ 175.398457] ------------[ cut here ]------------ [ 175.398864] WARNING: CPU: 0 PID: 1661 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 175.399703] Modules linked in: [ 175.399960] CPU: 0 PID: 1661 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.400660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.401561] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 175.401970] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 175.403453] RSP: 0018:ffff888018737b78 EFLAGS: 00010246 [ 175.403890] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.404453] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 175.405027] RBP: ffff888018737b98 R08: ffffed1002e37b3e R09: ffffed1002e37b3e [ 175.405590] R10: ffff8880171bd9ef R11: ffffed1002e37b3d R12: ffff8880171bda90 [ 175.406163] R13: ffff8880171bd8a8 R14: ffffffffffffffff R15: ffff888018737c60 [ 175.406747] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.407418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.407874] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.408449] PKRU: 55555554 [ 175.408673] Call Trace: [ 175.408877] [ 175.409068] iommufd_ioas_destroy+0x53/0x70 [ 175.409420] iommufd_fops_release+0x1f7/0x370 [ 175.409782] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.410194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.410622] ? write_comp_data+0x2f/0x90 [ 175.410957] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.411386] __fput+0x26d/0xa40 [ 175.411667] ____fput+0x1e/0x30 [ 175.411938] task_work_run+0x1a4/0x2d0 [ 175.412263] ? __pfx_task_work_run+0x10/0x10 [ 175.412630] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.413025] ? switch_task_namespaces+0xa9/0xe0 [ 175.413415] do_exit+0xb17/0x2ef0 [ 175.413695] ? lock_acquire+0x427/0x4c0 [ 175.414023] ? __pfx_lock_release+0x10/0x10 [ 175.414373] ? __kasan_check_write+0x18/0x20 [ 175.414772] ? do_raw_spin_lock+0x132/0x2a0 [ 175.415131] ? __pfx_do_exit+0x10/0x10 [ 175.415451] ? debug_smp_processor_id+0x20/0x30 [ 175.415839] ? rcu_is_watching+0x19/0xb0 [ 175.416165] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.416529] ? trace_hardirqs_on+0x26/0x120 [ 175.416889] do_group_exit+0xe0/0x2b0 [ 175.417195] __x64_sys_exit_group+0x47/0x50 [ 175.417535] do_syscall_64+0x3b/0x90 [ 175.417854] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.418274] RIP: 0033:0x7f4b87518a4d [ 175.418595] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.419100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.419712] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.420286] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.420830] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.421456] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.422000] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.422593] [ 175.422776] irq event stamp: 0 [ 175.423019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.423555] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.424215] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.424868] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.425358] ---[ end trace 0000000000000000 ]--- [ 175.429437] ------------[ cut here ]------------ [ 175.429827] WARNING: CPU: 0 PID: 1662 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.430766] Modules linked in: [ 175.431014] CPU: 0 PID: 1662 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.431692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.432545] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.432926] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.434308] RSP: 0018:ffff8880189bfbb8 EFLAGS: 00010246 [ 175.434800] RAX: 0000000000000000 RBX: ffff8880134940a8 RCX: 0000000000000000 [ 175.435354] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 175.435897] RBP: ffff8880189bfbd0 R08: ffffed1002692833 R09: ffffed1002692833 [ 175.436440] R10: ffff888013494193 R11: ffffed1002692832 R12: ffff888010824000 [ 175.436982] R13: ffff8880134941e8 R14: ffffffff8352e670 R15: ffff8880189bfe68 [ 175.437530] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.438141] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.438610] CR2: 0000000020000140 CR3: 000000000f1ae000 CR4: 0000000000750ef0 [ 175.439175] PKRU: 55555554 [ 175.439404] Call Trace: [ 175.439603] [ 175.439785] __iommufd_access_detach+0x1c2/0x2b0 [ 175.440614] iommufd_access_change_pt+0x149/0x270 [ 175.441009] iommufd_access_replace+0xb4/0x120 [ 175.441374] iommufd_test+0x3e5/0x37e0 [ 175.441675] ? lock_release+0x532/0x770 [ 175.442073] ? __might_fault+0x102/0x1b0 [ 175.442470] ? lock_acquire+0x427/0x4c0 [ 175.442812] ? __pfx_iommufd_test+0x10/0x10 [ 175.443164] ? __pfx_lock_release+0x10/0x10 [ 175.443510] ? __pfx_lock_acquire+0x10/0x10 [ 175.443991] ? write_comp_data+0x2f/0x90 [ 175.444320] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.444704] ? write_comp_data+0x2f/0x90 [ 175.445032] iommufd_fops_ioctl+0x37d/0x510 [ 175.445389] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.445889] ? write_comp_data+0x2f/0x90 [ 175.446219] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.446629] __x64_sys_ioctl+0x1a3/0x230 [ 175.446958] do_syscall_64+0x3b/0x90 [ 175.447263] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.447680] RIP: 0033:0x7f4b8743ee5d [ 175.448125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.449553] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.450270] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.450853] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.451422] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.452126] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.452677] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.453282] [ 175.453504] irq event stamp: 0 [ 175.453834] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.454323] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.454986] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.455784] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.456267] ---[ end trace 0000000000000000 ]--- [ 175.459035] ------------[ cut here ]------------ [ 175.459491] WARNING: CPU: 0 PID: 1662 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.460273] Modules linked in: [ 175.460539] CPU: 0 PID: 1662 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.461318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.462213] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.462748] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.464240] RSP: 0018:ffff8880189bfbd0 EFLAGS: 00010246 [ 175.464830] RAX: 0000000000000000 RBX: ffff8880134940a8 RCX: 0000000000000000 [ 175.465404] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 175.465981] RBP: ffff8880189bfbe8 R08: ffffed1002692833 R09: ffffed1002692833 [ 175.466733] R10: ffff888013494193 R11: ffffed1002692832 R12: ffff88800fcb3800 [ 175.467318] R13: ffff8880134941e8 R14: ffff88801218c100 R15: 0000000000000000 [ 175.467892] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.468702] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.469172] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.469752] PKRU: 55555554 [ 175.469986] Call Trace: [ 175.470258] [ 175.470557] iommufd_access_destroy_object+0x65/0x170 [ 175.470985] iommufd_object_destroy_user+0x18e/0x220 [ 175.471425] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 175.471900] iommufd_access_destroy+0x43/0x70 [ 175.472307] iommufd_test_staccess_release+0x8d/0xd0 [ 175.472825] __fput+0x26d/0xa40 [ 175.473107] ____fput+0x1e/0x30 [ 175.473384] task_work_run+0x1a4/0x2d0 [ 175.473710] ? __pfx_task_work_run+0x10/0x10 [ 175.474142] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.474631] ? switch_task_namespaces+0xa9/0xe0 [ 175.475023] do_exit+0xb17/0x2ef0 [ 175.475317] ? lock_acquire+0x427/0x4c0 [ 175.475650] ? __pfx_lock_release+0x10/0x10 [ 175.476011] ? __kasan_check_write+0x18/0x20 [ 175.476526] ? do_raw_spin_lock+0x132/0x2a0 [ 175.476880] ? __pfx_do_exit+0x10/0x10 [ 175.477206] ? debug_smp_processor_id+0x20/0x30 [ 175.477584] ? rcu_is_watching+0x19/0xb0 [ 175.477941] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.478421] ? trace_hardirqs_on+0x26/0x120 [ 175.478802] do_group_exit+0xe0/0x2b0 [ 175.479124] __x64_sys_exit_group+0x47/0x50 [ 175.479473] do_syscall_64+0x3b/0x90 [ 175.479783] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.480283] RIP: 0033:0x7f4b87518a4d [ 175.480673] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.481170] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.481785] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.482533] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.483108] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.483692] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.484424] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.485052] [ 175.485243] irq event stamp: 0 [ 175.485501] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.486079] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.486847] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.487530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.488091] ---[ end trace 0000000000000000 ]--- [ 175.488882] ------------[ cut here ]------------ [ 175.489263] WARNING: CPU: 0 PID: 1662 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 175.490249] Modules linked in: [ 175.490539] CPU: 0 PID: 1662 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.491254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.492328] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 175.492750] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 175.494388] RSP: 0018:ffff8880189bfb78 EFLAGS: 00010246 [ 175.494844] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.495426] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 175.496066] RBP: ffff8880189bfb98 R08: ffffed100269283e R09: ffffed100269283e [ 175.496736] R10: ffff8880134941ef R11: ffffed100269283d R12: ffff888013494290 [ 175.497318] R13: ffff8880134940a8 R14: ffffffffffffffff R15: ffff8880189bfc60 [ 175.498049] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.498715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.499204] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.499839] PKRU: 55555554 [ 175.500204] Call Trace: [ 175.500421] [ 175.500612] iommufd_ioas_destroy+0x53/0x70 [ 175.500989] iommufd_fops_release+0x1f7/0x370 [ 175.501375] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.501877] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.502358] ? write_comp_data+0x2f/0x90 [ 175.502737] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.503181] __fput+0x26d/0xa40 [ 175.503476] ____fput+0x1e/0x30 [ 175.503764] task_work_run+0x1a4/0x2d0 [ 175.504175] ? __pfx_task_work_run+0x10/0x10 [ 175.504644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.505058] ? switch_task_namespaces+0xa9/0xe0 [ 175.505464] do_exit+0xb17/0x2ef0 [ 175.505798] ? lock_acquire+0x427/0x4c0 [ 175.506270] ? __pfx_lock_release+0x10/0x10 [ 175.506680] ? __kasan_check_write+0x18/0x20 [ 175.507065] ? do_raw_spin_lock+0x132/0x2a0 [ 175.507447] ? __pfx_do_exit+0x10/0x10 [ 175.507792] ? debug_smp_processor_id+0x20/0x30 [ 175.508376] ? rcu_is_watching+0x19/0xb0 [ 175.508734] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.509138] ? trace_hardirqs_on+0x26/0x120 [ 175.509518] do_group_exit+0xe0/0x2b0 [ 175.509885] __x64_sys_exit_group+0x47/0x50 [ 175.510380] do_syscall_64+0x3b/0x90 [ 175.510738] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.511204] RIP: 0033:0x7f4b87518a4d [ 175.511524] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.512053] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.512881] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.513492] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.514129] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.514928] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.515550] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.516174] [ 175.516412] irq event stamp: 0 [ 175.516837] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.517412] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.518120] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.519005] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.519558] ---[ end trace 0000000000000000 ]--- [ 175.523693] ------------[ cut here ]------------ [ 175.524197] WARNING: CPU: 0 PID: 1663 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.525152] Modules linked in: [ 175.525427] CPU: 0 PID: 1663 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.526331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.527341] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.527773] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.529517] RSP: 0018:ffff888018737bb8 EFLAGS: 00010246 [ 175.529982] RAX: 0000000000000000 RBX: ffff88801609b8a8 RCX: 0000000000000000 [ 175.530785] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 175.531407] RBP: ffff888018737bd0 R08: ffffed1002c13733 R09: ffffed1002c13733 [ 175.532013] R10: ffff88801609b993 R11: ffffed1002c13732 R12: ffff888013b20c00 [ 175.532619] R13: ffff88801609b9e8 R14: ffffffff8352e670 R15: ffff888018737e68 [ 175.533232] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.533914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.534405] CR2: 00007f4b877410e8 CR3: 000000000f1ae000 CR4: 0000000000750ef0 [ 175.535037] PKRU: 55555554 [ 175.535303] Call Trace: [ 175.535526] [ 175.535721] __iommufd_access_detach+0x1c2/0x2b0 [ 175.536141] iommufd_access_change_pt+0x149/0x270 [ 175.536564] iommufd_access_replace+0xb4/0x120 [ 175.536965] iommufd_test+0x3e5/0x37e0 [ 175.537307] ? lock_release+0x532/0x770 [ 175.537657] ? __might_fault+0x102/0x1b0 [ 175.538010] ? lock_acquire+0x427/0x4c0 [ 175.538365] ? __pfx_iommufd_test+0x10/0x10 [ 175.538768] ? __pfx_lock_release+0x10/0x10 [ 175.539164] ? __pfx_lock_acquire+0x10/0x10 [ 175.539546] ? write_comp_data+0x2f/0x90 [ 175.539904] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.540322] ? write_comp_data+0x2f/0x90 [ 175.540677] iommufd_fops_ioctl+0x37d/0x510 [ 175.541056] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.541477] ? write_comp_data+0x2f/0x90 [ 175.541833] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.542252] __x64_sys_ioctl+0x1a3/0x230 [ 175.542637] do_syscall_64+0x3b/0x90 [ 175.542965] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.543421] RIP: 0033:0x7f4b8743ee5d [ 175.543737] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.545548] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.546197] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.546822] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.547438] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.548044] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.548663] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.549324] [ 175.549528] irq event stamp: 0 [ 175.549796] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.550332] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.551061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.551776] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.552307] ---[ end trace 0000000000000000 ]--- [ 175.555206] ------------[ cut here ]------------ [ 175.555635] WARNING: CPU: 0 PID: 1663 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.556506] Modules linked in: [ 175.556782] CPU: 0 PID: 1663 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.557529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.558461] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.559129] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.560588] RSP: 0018:ffff888018737bd0 EFLAGS: 00010246 [ 175.561017] RAX: 0000000000000000 RBX: ffff88801609b8a8 RCX: 0000000000000000 [ 175.561586] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 175.562155] RBP: ffff888018737be8 R08: ffffed1002c13733 R09: ffffed1002c13733 [ 175.562750] R10: ffff88801609b993 R11: ffffed1002c13732 R12: ffff888010825c00 [ 175.563344] R13: ffff88801609b9e8 R14: ffff8880181b8d00 R15: 0000000000000000 [ 175.563918] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.564559] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.565026] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.565595] PKRU: 55555554 [ 175.565823] Call Trace: [ 175.566033] [ 175.566215] iommufd_access_destroy_object+0x65/0x170 [ 175.566654] iommufd_object_destroy_user+0x18e/0x220 [ 175.567070] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 175.567551] iommufd_access_destroy+0x43/0x70 [ 175.567923] iommufd_test_staccess_release+0x8d/0xd0 [ 175.568343] __fput+0x26d/0xa40 [ 175.568626] ____fput+0x1e/0x30 [ 175.568902] task_work_run+0x1a4/0x2d0 [ 175.569226] ? __pfx_task_work_run+0x10/0x10 [ 175.569600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.570002] ? switch_task_namespaces+0xa9/0xe0 [ 175.570388] do_exit+0xb17/0x2ef0 [ 175.570694] ? lock_acquire+0x427/0x4c0 [ 175.571032] ? __pfx_lock_release+0x10/0x10 [ 175.571394] ? __kasan_check_write+0x18/0x20 [ 175.571760] ? do_raw_spin_lock+0x132/0x2a0 [ 175.572113] ? __pfx_do_exit+0x10/0x10 [ 175.572443] ? debug_smp_processor_id+0x20/0x30 [ 175.572828] ? rcu_is_watching+0x19/0xb0 [ 175.573163] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.573533] ? trace_hardirqs_on+0x26/0x120 [ 175.573892] do_group_exit+0xe0/0x2b0 [ 175.574209] __x64_sys_exit_group+0x47/0x50 [ 175.574584] do_syscall_64+0x3b/0x90 [ 175.574899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.575337] RIP: 0033:0x7f4b87518a4d [ 175.575642] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.576134] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.576743] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.577314] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.577886] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.578455] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.579052] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.579650] [ 175.579842] irq event stamp: 0 [ 175.580096] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.580609] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.581341] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.582012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.582547] ---[ end trace 0000000000000000 ]--- [ 175.583262] ------------[ cut here ]------------ [ 175.583651] WARNING: CPU: 0 PID: 1663 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 175.584476] Modules linked in: [ 175.584737] CPU: 0 PID: 1663 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.585434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.586344] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 175.586777] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 175.588246] RSP: 0018:ffff888018737b78 EFLAGS: 00010246 [ 175.588677] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.589248] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 175.589819] RBP: ffff888018737b98 R08: ffffed1002c1373e R09: ffffed1002c1373e [ 175.590395] R10: ffff88801609b9ef R11: ffffed1002c1373d R12: ffff88801609ba90 [ 175.590987] R13: ffff88801609b8a8 R14: ffffffffffffffff R15: ffff888018737c60 [ 175.591580] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.592206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.592655] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.593208] PKRU: 55555554 [ 175.593433] Call Trace: [ 175.593632] [ 175.593810] iommufd_ioas_destroy+0x53/0x70 [ 175.594157] iommufd_fops_release+0x1f7/0x370 [ 175.594545] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.594945] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.595356] ? write_comp_data+0x2f/0x90 [ 175.595686] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.596081] __fput+0x26d/0xa40 [ 175.596356] ____fput+0x1e/0x30 [ 175.596626] task_work_run+0x1a4/0x2d0 [ 175.596938] ? __pfx_task_work_run+0x10/0x10 [ 175.597289] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.597676] ? switch_task_namespaces+0xa9/0xe0 [ 175.598051] do_exit+0xb17/0x2ef0 [ 175.598323] ? lock_acquire+0x427/0x4c0 [ 175.598663] ? __pfx_lock_release+0x10/0x10 [ 175.599012] ? __kasan_check_write+0x18/0x20 [ 175.599370] ? do_raw_spin_lock+0x132/0x2a0 [ 175.599713] ? __pfx_do_exit+0x10/0x10 [ 175.600028] ? debug_smp_processor_id+0x20/0x30 [ 175.600395] ? rcu_is_watching+0x19/0xb0 [ 175.600715] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.601075] ? trace_hardirqs_on+0x26/0x120 [ 175.601419] do_group_exit+0xe0/0x2b0 [ 175.601719] __x64_sys_exit_group+0x47/0x50 [ 175.602054] do_syscall_64+0x3b/0x90 [ 175.602356] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.602799] RIP: 0033:0x7f4b87518a4d [ 175.603097] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.603585] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.604173] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.604725] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.605276] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.605826] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.606388] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.606975] [ 175.607167] irq event stamp: 0 [ 175.607414] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.607910] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.608560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.609207] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.609694] ---[ end trace 0000000000000000 ]--- [ 175.613299] ------------[ cut here ]------------ [ 175.613689] WARNING: CPU: 0 PID: 1664 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.614461] Modules linked in: [ 175.614839] CPU: 0 PID: 1664 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.615517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.616369] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.616747] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.618124] RSP: 0018:ffff888015ccfbb8 EFLAGS: 00010246 [ 175.618640] RAX: 0000000000000000 RBX: ffff8880170cf0a8 RCX: 0000000000000000 [ 175.619188] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 175.619729] RBP: ffff888015ccfbd0 R08: ffffed1002e19e33 R09: ffffed1002e19e33 [ 175.620269] R10: ffff8880170cf193 R11: ffffed1002e19e32 R12: ffff888018027800 [ 175.620808] R13: ffff8880170cf1e8 R14: ffffffff8352e670 R15: ffff888015ccfe68 [ 175.621350] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.621964] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.622404] CR2: 0000000020000140 CR3: 0000000017b90000 CR4: 0000000000750ef0 [ 175.622965] PKRU: 55555554 [ 175.623196] Call Trace: [ 175.623394] [ 175.623568] __iommufd_access_detach+0x1c2/0x2b0 [ 175.623944] iommufd_access_change_pt+0x149/0x270 [ 175.624323] iommufd_access_replace+0xb4/0x120 [ 175.624687] iommufd_test+0x3e5/0x37e0 [ 175.624993] ? lock_release+0x532/0x770 [ 175.625311] ? __might_fault+0x102/0x1b0 [ 175.625630] ? lock_acquire+0x427/0x4c0 [ 175.625945] ? __pfx_iommufd_test+0x10/0x10 [ 175.626276] ? __pfx_lock_release+0x10/0x10 [ 175.626631] ? __pfx_lock_acquire+0x10/0x10 [ 175.626977] ? write_comp_data+0x2f/0x90 [ 175.627318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.627696] ? write_comp_data+0x2f/0x90 [ 175.628016] iommufd_fops_ioctl+0x37d/0x510 [ 175.628358] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.628739] ? write_comp_data+0x2f/0x90 [ 175.629062] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.629492] __x64_sys_ioctl+0x1a3/0x230 [ 175.629823] do_syscall_64+0x3b/0x90 [ 175.630119] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.630540] RIP: 0033:0x7f4b8743ee5d [ 175.630830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.632229] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.632814] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.633363] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.633907] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.634456] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.635017] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.635585] [ 175.635766] irq event stamp: 0 [ 175.636008] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.636488] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.637128] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.637760] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.638243] ---[ end trace 0000000000000000 ]--- [ 175.640938] ------------[ cut here ]------------ [ 175.641319] WARNING: CPU: 0 PID: 1664 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.642088] Modules linked in: [ 175.642336] CPU: 0 PID: 1664 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.643017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.643875] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.644249] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.645649] RSP: 0018:ffff888015ccfbd0 EFLAGS: 00010246 [ 175.646047] RAX: 0000000000000000 RBX: ffff8880170cf0a8 RCX: 0000000000000000 [ 175.646594] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 175.647137] RBP: ffff888015ccfbe8 R08: ffffed1002e19e33 R09: ffffed1002e19e33 [ 175.647667] R10: ffff8880170cf193 R11: ffffed1002e19e32 R12: ffff888013b20800 [ 175.648196] R13: ffff8880170cf1e8 R14: ffff888020e7aa00 R15: 0000000000000000 [ 175.648723] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.649326] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.649762] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.650293] PKRU: 55555554 [ 175.650528] Call Trace: [ 175.650724] [ 175.650894] iommufd_access_destroy_object+0x65/0x170 [ 175.651300] iommufd_object_destroy_user+0x18e/0x220 [ 175.651690] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 175.652130] iommufd_access_destroy+0x43/0x70 [ 175.652475] iommufd_test_staccess_release+0x8d/0xd0 [ 175.652864] __fput+0x26d/0xa40 [ 175.653125] ____fput+0x1e/0x30 [ 175.653382] task_work_run+0x1a4/0x2d0 [ 175.653687] ? __pfx_task_work_run+0x10/0x10 [ 175.654025] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.654403] ? switch_task_namespaces+0xa9/0xe0 [ 175.654787] do_exit+0xb17/0x2ef0 [ 175.655052] ? lock_acquire+0x427/0x4c0 [ 175.655373] ? __pfx_lock_release+0x10/0x10 [ 175.655704] ? __kasan_check_write+0x18/0x20 [ 175.656041] ? do_raw_spin_lock+0x132/0x2a0 [ 175.656369] ? __pfx_do_exit+0x10/0x10 [ 175.656669] ? debug_smp_processor_id+0x20/0x30 [ 175.657023] ? rcu_is_watching+0x19/0xb0 [ 175.657332] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.657679] ? trace_hardirqs_on+0x26/0x120 [ 175.658009] do_group_exit+0xe0/0x2b0 [ 175.658298] __x64_sys_exit_group+0x47/0x50 [ 175.658644] do_syscall_64+0x3b/0x90 [ 175.658935] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.659346] RIP: 0033:0x7f4b87518a4d [ 175.659626] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.660084] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.660647] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.661175] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.661701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.662228] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.662774] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.663325] [ 175.663503] irq event stamp: 0 [ 175.663738] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.664207] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.664833] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.665455] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.665926] ---[ end trace 0000000000000000 ]--- [ 175.666625] ------------[ cut here ]------------ [ 175.666980] WARNING: CPU: 0 PID: 1664 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 175.667748] Modules linked in: [ 175.667991] CPU: 0 PID: 1664 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.668642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.669482] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 175.669872] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 175.671257] RSP: 0018:ffff888015ccfb78 EFLAGS: 00010246 [ 175.671666] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.672196] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 175.672732] RBP: ffff888015ccfb98 R08: ffffed1002e19e3e R09: ffffed1002e19e3e [ 175.673261] R10: ffff8880170cf1ef R11: ffffed1002e19e3d R12: ffff8880170cf290 [ 175.673799] R13: ffff8880170cf0a8 R14: ffffffffffffffff R15: ffff888015ccfc60 [ 175.674334] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.674957] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.675400] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 175.675934] PKRU: 55555554 [ 175.676148] Call Trace: [ 175.676344] [ 175.676514] iommufd_ioas_destroy+0x53/0x70 [ 175.676844] iommufd_fops_release+0x1f7/0x370 [ 175.677222] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.677601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.677973] ? write_comp_data+0x2f/0x90 [ 175.678291] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.678685] __fput+0x26d/0xa40 [ 175.678951] ____fput+0x1e/0x30 [ 175.679219] task_work_run+0x1a4/0x2d0 [ 175.679521] ? __pfx_task_work_run+0x10/0x10 [ 175.679857] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.680230] ? switch_task_namespaces+0xa9/0xe0 [ 175.680595] do_exit+0xb17/0x2ef0 [ 175.680859] ? lock_acquire+0x427/0x4c0 [ 175.681166] ? __pfx_lock_release+0x10/0x10 [ 175.681495] ? __kasan_check_write+0x18/0x20 [ 175.681832] ? do_raw_spin_lock+0x132/0x2a0 [ 175.682158] ? __pfx_do_exit+0x10/0x10 [ 175.682459] ? debug_smp_processor_id+0x20/0x30 [ 175.682830] ? rcu_is_watching+0x19/0xb0 [ 175.683144] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.683492] ? trace_hardirqs_on+0x26/0x120 [ 175.683820] do_group_exit+0xe0/0x2b0 [ 175.684106] __x64_sys_exit_group+0x47/0x50 [ 175.684433] do_syscall_64+0x3b/0x90 [ 175.684724] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.685120] RIP: 0033:0x7f4b87518a4d [ 175.685402] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.685859] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.686426] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.686984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.687528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.688059] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.688591] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.689130] [ 175.689306] irq event stamp: 0 [ 175.689545] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.690015] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.690655] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.691294] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.691766] ---[ end trace 0000000000000000 ]--- [ 175.696044] ------------[ cut here ]------------ [ 175.696426] WARNING: CPU: 0 PID: 1665 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.697180] Modules linked in: [ 175.697420] CPU: 0 PID: 1665 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.698068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.699083] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.699475] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.701043] RSP: 0018:ffff888021b0fbb8 EFLAGS: 00010246 [ 175.701445] RAX: 0000000000000000 RBX: ffff8880244160a8 RCX: 0000000000000000 [ 175.701992] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 175.702640] RBP: ffff888021b0fbd0 R08: ffffed1004882c33 R09: ffffed1004882c33 [ 175.703183] R10: ffff888024416193 R11: ffffed1004882c32 R12: ffff888012979000 [ 175.703740] R13: ffff8880244161e8 R14: ffffffff8352e670 R15: ffff888021b0fe68 [ 175.704386] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.704989] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.705444] CR2: 0000000020000140 CR3: 00000000148b0000 CR4: 0000000000750ef0 [ 175.706063] PKRU: 55555554 [ 175.706282] Call Trace: [ 175.706475] [ 175.706668] __iommufd_access_detach+0x1c2/0x2b0 [ 175.707041] iommufd_access_change_pt+0x149/0x270 [ 175.707425] iommufd_access_replace+0xb4/0x120 [ 175.707913] iommufd_test+0x3e5/0x37e0 [ 175.708212] ? lock_release+0x532/0x770 [ 175.708524] ? __might_fault+0x102/0x1b0 [ 175.708842] ? lock_acquire+0x427/0x4c0 [ 175.709204] ? __pfx_iommufd_test+0x10/0x10 [ 175.709569] ? __pfx_lock_release+0x10/0x10 [ 175.709981] ? __pfx_lock_acquire+0x10/0x10 [ 175.710322] ? write_comp_data+0x2f/0x90 [ 175.710664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.711037] ? write_comp_data+0x2f/0x90 [ 175.711364] iommufd_fops_ioctl+0x37d/0x510 [ 175.711736] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.712189] ? write_comp_data+0x2f/0x90 [ 175.712508] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.712882] __x64_sys_ioctl+0x1a3/0x230 [ 175.713205] do_syscall_64+0x3b/0x90 [ 175.713510] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.714021] RIP: 0033:0x7f4b8743ee5d [ 175.714305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.715841] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.716430] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.716978] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.717541] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.718267] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.718889] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.719541] [ 175.719746] irq event stamp: 0 [ 175.720019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.720579] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.721296] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.722229] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.722813] ---[ end trace 0000000000000000 ]--- [ 175.725891] ------------[ cut here ]------------ [ 175.726431] WARNING: CPU: 0 PID: 1665 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.727360] Modules linked in: [ 175.727643] CPU: 0 PID: 1665 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.728373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.729374] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.730054] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.731735] RSP: 0018:ffff888021b0fbd0 EFLAGS: 00010246 [ 175.732219] RAX: 0000000000000000 RBX: ffff8880244160a8 RCX: 0000000000000000 [ 175.732850] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 175.733511] RBP: ffff888021b0fbe8 R08: ffffed1004882c33 R09: ffffed1004882c33 [ 175.734302] R10: ffff888024416193 R11: ffffed1004882c32 R12: ffff888018026800 [ 175.734956] R13: ffff8880244161e8 R14: ffff8880103e0200 R15: 0000000000000000 [ 175.735589] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.736294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.736824] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 175.737801] PKRU: 55555554 [ 175.738082] Call Trace: [ 175.738329] [ 175.738594] iommufd_access_destroy_object+0x65/0x170 [ 175.739086] iommufd_object_destroy_user+0x18e/0x220 [ 175.739538] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 175.740110] iommufd_access_destroy+0x43/0x70 [ 175.740559] iommufd_test_staccess_release+0x8d/0xd0 [ 175.741114] __fput+0x26d/0xa40 [ 175.741465] ____fput+0x1e/0x30 [ 175.741828] task_work_run+0x1a4/0x2d0 [ 175.742579] ? __pfx_task_work_run+0x10/0x10 [ 175.743036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.743536] ? switch_task_namespaces+0xa9/0xe0 [ 175.744006] do_exit+0xb17/0x2ef0 [ 175.744350] ? lock_acquire+0x427/0x4c0 [ 175.744767] ? __pfx_lock_release+0x10/0x10 [ 175.745203] ? __kasan_check_write+0x18/0x20 [ 175.745647] ? do_raw_spin_lock+0x132/0x2a0 [ 175.746086] ? __pfx_do_exit+0x10/0x10 [ 175.746492] ? debug_smp_processor_id+0x20/0x30 [ 175.747334] ? rcu_is_watching+0x19/0xb0 [ 175.747771] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.748253] ? trace_hardirqs_on+0x26/0x120 [ 175.748718] do_group_exit+0xe0/0x2b0 [ 175.749138] __x64_sys_exit_group+0x47/0x50 [ 175.749603] do_syscall_64+0x3b/0x90 [ 175.750016] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.750647] RIP: 0033:0x7f4b87518a4d [ 175.751055] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.751742] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.752763] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.753678] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.754396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.755187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.755911] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.756629] [ 175.756864] irq event stamp: 0 [ 175.757307] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.758139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.759205] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.760049] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.760728] ---[ end trace 0000000000000000 ]--- [ 175.761645] ------------[ cut here ]------------ [ 175.762226] WARNING: CPU: 0 PID: 1665 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 175.763572] Modules linked in: [ 175.763914] CPU: 0 PID: 1665 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.764799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.765919] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 175.766445] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 175.768325] RSP: 0018:ffff888021b0fb78 EFLAGS: 00010246 [ 175.768872] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.769959] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 175.770713] RBP: ffff888021b0fb98 R08: ffffed1004882c3e R09: ffffed1004882c3e [ 175.771456] R10: ffff8880244161ef R11: ffffed1004882c3d R12: ffff888024416290 [ 175.772160] R13: ffff8880244160a8 R14: ffffffffffffffff R15: ffff888021b0fc60 [ 175.772872] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.773714] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.774323] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 175.775097] PKRU: 55555554 [ 175.775401] Call Trace: [ 175.775668] [ 175.775906] iommufd_ioas_destroy+0x53/0x70 [ 175.776350] iommufd_fops_release+0x1f7/0x370 [ 175.776811] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.777312] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.777800] ? write_comp_data+0x2f/0x90 [ 175.778207] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.778756] __fput+0x26d/0xa40 [ 175.779109] ____fput+0x1e/0x30 [ 175.779469] task_work_run+0x1a4/0x2d0 [ 175.779868] ? __pfx_task_work_run+0x10/0x10 [ 175.780317] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.780810] ? switch_task_namespaces+0xa9/0xe0 [ 175.781287] do_exit+0xb17/0x2ef0 [ 175.781638] ? lock_acquire+0x427/0x4c0 [ 175.782052] ? __pfx_lock_release+0x10/0x10 [ 175.782489] ? __kasan_check_write+0x18/0x20 [ 175.783002] ? do_raw_spin_lock+0x132/0x2a0 [ 175.783479] ? __pfx_do_exit+0x10/0x10 [ 175.783893] ? debug_smp_processor_id+0x20/0x30 [ 175.784375] ? rcu_is_watching+0x19/0xb0 [ 175.784793] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.785253] ? trace_hardirqs_on+0x26/0x120 [ 175.785687] do_group_exit+0xe0/0x2b0 [ 175.786070] __x64_sys_exit_group+0x47/0x50 [ 175.786496] do_syscall_64+0x3b/0x90 [ 175.786931] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.787481] RIP: 0033:0x7f4b87518a4d [ 175.787858] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.788471] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.789235] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.789955] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.790701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.791436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.792146] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.792860] [ 175.793102] irq event stamp: 0 [ 175.793415] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.794043] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.794907] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.795760] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.796385] ---[ end trace 0000000000000000 ]--- [ 175.804618] ------------[ cut here ]------------ [ 175.805341] WARNING: CPU: 1 PID: 1666 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.806933] Modules linked in: [ 175.807388] CPU: 1 PID: 1666 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.808520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.810184] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.810892] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.813459] RSP: 0018:ffff888021a2fbb8 EFLAGS: 00010246 [ 175.814193] RAX: 0000000000000000 RBX: ffff888013af48a8 RCX: 0000000000000000 [ 175.815310] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 175.816241] RBP: ffff888021a2fbd0 R08: ffffed100275e933 R09: ffffed100275e933 [ 175.817362] R10: ffff888013af4993 R11: ffffed100275e932 R12: ffff88800f0e1400 [ 175.818290] R13: ffff888013af49e8 R14: ffffffff8352e670 R15: ffff888021a2fe68 [ 175.819692] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 175.820747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.821522] CR2: 00007f4b877410e8 CR3: 0000000014752000 CR4: 0000000000750ee0 [ 175.822925] PKRU: 55555554 [ 175.823349] Call Trace: [ 175.823693] [ 175.823999] __iommufd_access_detach+0x1c2/0x2b0 [ 175.825102] iommufd_access_change_pt+0x149/0x270 [ 175.825777] iommufd_access_replace+0xb4/0x120 [ 175.826392] iommufd_test+0x3e5/0x37e0 [ 175.827195] ? lock_release+0x532/0x770 [ 175.827745] ? __might_fault+0x102/0x1b0 [ 175.828292] ? lock_acquire+0x427/0x4c0 [ 175.828830] ? __pfx_iommufd_test+0x10/0x10 [ 175.829500] ? __pfx_lock_release+0x10/0x10 [ 175.830223] ? __pfx_lock_acquire+0x10/0x10 [ 175.830845] ? write_comp_data+0x2f/0x90 [ 175.831432] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.832342] ? write_comp_data+0x2f/0x90 [ 175.832901] iommufd_fops_ioctl+0x37d/0x510 [ 175.833479] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.834222] ? write_comp_data+0x2f/0x90 [ 175.834942] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.835599] __x64_sys_ioctl+0x1a3/0x230 [ 175.836154] do_syscall_64+0x3b/0x90 [ 175.836660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.837552] RIP: 0033:0x7f4b8743ee5d [ 175.838045] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.840700] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.841699] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.842860] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.843795] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.844816] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.845848] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.846848] [ 175.847326] irq event stamp: 0 [ 175.847746] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.848569] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.849864] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.851000] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.851870] ---[ end trace 0000000000000000 ]--- [ 175.857302] ------------[ cut here ]------------ [ 175.857977] WARNING: CPU: 1 PID: 1666 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.859553] Modules linked in: [ 175.860002] CPU: 1 PID: 1666 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.861183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.862906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.863581] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.866164] RSP: 0018:ffff888021a2fbd0 EFLAGS: 00010246 [ 175.867088] RAX: 0000000000000000 RBX: ffff888013af48a8 RCX: 0000000000000000 [ 175.868044] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 175.868978] RBP: ffff888021a2fbe8 R08: ffffed100275e933 R09: ffffed100275e933 [ 175.870116] R10: ffff888013af4993 R11: ffffed100275e932 R12: ffff88801341e400 [ 175.871093] R13: ffff888013af49e8 R14: ffff88800fec2900 R15: 0000000000000000 [ 175.872100] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 175.873247] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.874009] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 175.875206] PKRU: 55555554 [ 175.875593] Call Trace: [ 175.875936] [ 175.876240] iommufd_access_destroy_object+0x65/0x170 [ 175.876931] iommufd_object_destroy_user+0x18e/0x220 [ 175.877793] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 175.878631] iommufd_access_destroy+0x43/0x70 [ 175.879276] iommufd_test_staccess_release+0x8d/0xd0 [ 175.880066] __fput+0x26d/0xa40 [ 175.880658] ____fput+0x1e/0x30 [ 175.881119] task_work_run+0x1a4/0x2d0 [ 175.881651] ? __pfx_task_work_run+0x10/0x10 [ 175.882283] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.883111] ? switch_task_namespaces+0xa9/0xe0 [ 175.883784] do_exit+0xb17/0x2ef0 [ 175.884257] ? lock_acquire+0x427/0x4c0 [ 175.884800] ? __pfx_lock_release+0x10/0x10 [ 175.885495] ? __kasan_check_write+0x18/0x20 [ 175.886181] ? do_raw_spin_lock+0x132/0x2a0 [ 175.886807] ? __pfx_do_exit+0x10/0x10 [ 175.887363] ? debug_smp_processor_id+0x20/0x30 [ 175.887991] ? rcu_is_watching+0x19/0xb0 [ 175.888730] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.889343] ? trace_hardirqs_on+0x26/0x120 [ 175.889929] do_group_exit+0xe0/0x2b0 [ 175.890486] __x64_sys_exit_group+0x47/0x50 [ 175.891276] do_syscall_64+0x3b/0x90 [ 175.891793] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.892494] RIP: 0033:0x7f4b87518a4d [ 175.892991] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.894006] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.895054] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.896080] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.897146] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.898090] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.899279] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.900240] [ 175.900558] irq event stamp: 0 [ 175.900983] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.902026] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.903171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.904279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.905110] ---[ end trace 0000000000000000 ]--- [ 175.906314] ------------[ cut here ]------------ [ 175.906963] WARNING: CPU: 0 PID: 1666 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 175.908051] Modules linked in: [ 175.908392] CPU: 0 PID: 1666 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.909307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.910484] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 175.911089] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 175.913014] RSP: 0018:ffff888021a2fb78 EFLAGS: 00010246 [ 175.913577] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.914318] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 175.915146] RBP: ffff888021a2fb98 R08: ffffed100275e93e R09: ffffed100275e93e [ 175.915904] R10: ffff888013af49ef R11: ffffed100275e93d R12: ffff888013af4a90 [ 175.916652] R13: ffff888013af48a8 R14: ffffffffffffffff R15: ffff888021a2fc60 [ 175.917399] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.918245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.918911] CR2: 00007ff8de5b2000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 175.919680] PKRU: 55555554 [ 175.919991] Call Trace: [ 175.920261] [ 175.920502] iommufd_ioas_destroy+0x53/0x70 [ 175.920971] iommufd_fops_release+0x1f7/0x370 [ 175.921442] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.921970] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.922497] ? write_comp_data+0x2f/0x90 [ 175.922982] ? __pfx_iommufd_fops_release+0x10/0x10 [ 175.923517] __fput+0x26d/0xa40 [ 175.923894] ____fput+0x1e/0x30 [ 175.924252] task_work_run+0x1a4/0x2d0 [ 175.924673] ? __pfx_task_work_run+0x10/0x10 [ 175.925150] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.925669] ? switch_task_namespaces+0xa9/0xe0 [ 175.926168] do_exit+0xb17/0x2ef0 [ 175.926579] ? lock_acquire+0x427/0x4c0 [ 175.927015] ? __pfx_lock_release+0x10/0x10 [ 175.927495] ? __kasan_check_write+0x18/0x20 [ 175.927968] ? do_raw_spin_lock+0x132/0x2a0 [ 175.928429] ? __pfx_do_exit+0x10/0x10 [ 175.928851] ? debug_smp_processor_id+0x20/0x30 [ 175.929338] ? rcu_is_watching+0x19/0xb0 [ 175.929770] ? _raw_spin_unlock_irq+0x2b/0x60 [ 175.930263] ? trace_hardirqs_on+0x26/0x120 [ 175.930774] do_group_exit+0xe0/0x2b0 [ 175.931196] __x64_sys_exit_group+0x47/0x50 [ 175.931655] do_syscall_64+0x3b/0x90 [ 175.932062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.932620] RIP: 0033:0x7f4b87518a4d [ 175.933075] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 175.933729] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 175.934574] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 175.935364] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 175.936112] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 175.936855] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 175.937597] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 175.938357] [ 175.938643] irq event stamp: 0 [ 175.938979] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.939665] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.940546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.941419] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.942083] ---[ end trace 0000000000000000 ]--- [ 175.948597] ------------[ cut here ]------------ [ 175.949166] WARNING: CPU: 0 PID: 1667 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.950222] Modules linked in: [ 175.950616] CPU: 0 PID: 1667 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.951542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.952713] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.953237] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.955185] RSP: 0018:ffff888020affbb8 EFLAGS: 00010246 [ 175.955755] RAX: 0000000000000000 RBX: ffff888013e150a8 RCX: 0000000000000000 [ 175.956497] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 175.957244] RBP: ffff888020affbd0 R08: ffffed10027c2a33 R09: ffffed10027c2a33 [ 175.957993] R10: ffff888013e15193 R11: ffffed10027c2a32 R12: ffff88800fcb0800 [ 175.958766] R13: ffff888013e151e8 R14: ffffffff8352e670 R15: ffff888020affe68 [ 175.959533] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 175.960378] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.960982] CR2: 0000000020000140 CR3: 0000000014752000 CR4: 0000000000750ef0 [ 175.961740] PKRU: 55555554 [ 175.962049] Call Trace: [ 175.962321] [ 175.962646] __iommufd_access_detach+0x1c2/0x2b0 [ 175.963516] iommufd_access_change_pt+0x149/0x270 [ 175.964341] iommufd_access_replace+0xb4/0x120 [ 175.964853] iommufd_test+0x3e5/0x37e0 [ 175.965309] ? lock_release+0x532/0x770 [ 175.965728] ? __might_fault+0x102/0x1b0 [ 175.966156] ? lock_acquire+0x427/0x4c0 [ 175.966640] ? __pfx_iommufd_test+0x10/0x10 [ 175.967080] ? __pfx_lock_release+0x10/0x10 [ 175.967563] ? __pfx_lock_acquire+0x10/0x10 [ 175.968125] ? write_comp_data+0x2f/0x90 [ 175.968697] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 175.969399] ? write_comp_data+0x2f/0x90 [ 175.969840] iommufd_fops_ioctl+0x37d/0x510 [ 175.970306] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.970869] ? write_comp_data+0x2f/0x90 [ 175.971329] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 175.971842] __x64_sys_ioctl+0x1a3/0x230 [ 175.972285] do_syscall_64+0x3b/0x90 [ 175.972701] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 175.973336] RIP: 0033:0x7f4b8743ee5d [ 175.973865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 175.976012] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 175.976826] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 175.977574] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 175.978427] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 175.979606] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 175.980360] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 175.981117] [ 175.981364] irq event stamp: 0 [ 175.981696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 175.982362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 175.983402] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 175.984477] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 175.985136] ---[ end trace 0000000000000000 ]--- [ 175.988904] ------------[ cut here ]------------ [ 175.989427] WARNING: CPU: 0 PID: 1667 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 175.990485] Modules linked in: [ 175.990876] CPU: 0 PID: 1667 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 175.992136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 175.993320] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 175.993853] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 175.996192] RSP: 0018:ffff888020affbd0 EFLAGS: 00010246 [ 175.996971] RAX: 0000000000000000 RBX: ffff888013e150a8 RCX: 0000000000000000 [ 175.997744] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 175.998496] RBP: ffff888020affbe8 R08: ffffed10027c2a33 R09: ffffed10027c2a33 [ 175.999298] R10: ffff888013e15193 R11: ffffed10027c2a32 R12: ffff888012978400 [ 176.000221] R13: ffff888013e151e8 R14: ffff88802185e400 R15: 0000000000000000 [ 176.001335] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.002180] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.002856] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 176.003637] PKRU: 55555554 [ 176.003945] Call Trace: [ 176.004247] [ 176.004559] iommufd_access_destroy_object+0x65/0x170 [ 176.005276] iommufd_object_destroy_user+0x18e/0x220 [ 176.005952] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.006594] iommufd_access_destroy+0x43/0x70 [ 176.007083] iommufd_test_staccess_release+0x8d/0xd0 [ 176.007652] __fput+0x26d/0xa40 [ 176.008033] ____fput+0x1e/0x30 [ 176.008405] task_work_run+0x1a4/0x2d0 [ 176.009013] ? __pfx_task_work_run+0x10/0x10 [ 176.009690] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.010241] ? switch_task_namespaces+0xa9/0xe0 [ 176.010798] do_exit+0xb17/0x2ef0 [ 176.011196] ? lock_acquire+0x427/0x4c0 [ 176.011630] ? __pfx_lock_release+0x10/0x10 [ 176.012100] ? __kasan_check_write+0x18/0x20 [ 176.012576] ? do_raw_spin_lock+0x132/0x2a0 [ 176.013181] ? __pfx_do_exit+0x10/0x10 [ 176.013871] ? debug_smp_processor_id+0x20/0x30 [ 176.014382] ? rcu_is_watching+0x19/0xb0 [ 176.014853] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.015356] ? trace_hardirqs_on+0x26/0x120 [ 176.015821] do_group_exit+0xe0/0x2b0 [ 176.016225] __x64_sys_exit_group+0x47/0x50 [ 176.016678] do_syscall_64+0x3b/0x90 [ 176.017083] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.017643] RIP: 0033:0x7f4b87518a4d [ 176.018036] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.018723] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.019537] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.020281] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.021029] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.021776] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.022558] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.023336] [ 176.023584] irq event stamp: 0 [ 176.023914] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.024581] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.025461] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.026347] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.027088] ---[ end trace 0000000000000000 ]--- [ 176.028036] ------------[ cut here ]------------ [ 176.028532] WARNING: CPU: 0 PID: 1667 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.029653] Modules linked in: [ 176.030001] CPU: 0 PID: 1667 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.030997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.032206] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.032754] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.034780] RSP: 0018:ffff888020affb78 EFLAGS: 00010246 [ 176.035361] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.036097] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 176.036841] RBP: ffff888020affb98 R08: ffffed10027c2a3e R09: ffffed10027c2a3e [ 176.037585] R10: ffff888013e151ef R11: ffffed10027c2a3d R12: ffff888013e15290 [ 176.038329] R13: ffff888013e150a8 R14: ffffffffffffffff R15: ffff888020affc60 [ 176.039127] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.039975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.040586] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 176.041344] PKRU: 55555554 [ 176.041644] Call Trace: [ 176.041909] [ 176.042150] iommufd_ioas_destroy+0x53/0x70 [ 176.042648] iommufd_fops_release+0x1f7/0x370 [ 176.043163] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.043702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.044219] ? write_comp_data+0x2f/0x90 [ 176.044655] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.045181] __fput+0x26d/0xa40 [ 176.045539] ____fput+0x1e/0x30 [ 176.045900] task_work_run+0x1a4/0x2d0 [ 176.046315] ? __pfx_task_work_run+0x10/0x10 [ 176.046817] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.047358] ? switch_task_namespaces+0xa9/0xe0 [ 176.047856] do_exit+0xb17/0x2ef0 [ 176.048228] ? lock_acquire+0x427/0x4c0 [ 176.048660] ? __pfx_lock_release+0x10/0x10 [ 176.049121] ? __kasan_check_write+0x18/0x20 [ 176.049589] ? do_raw_spin_lock+0x132/0x2a0 [ 176.050040] ? __pfx_do_exit+0x10/0x10 [ 176.050457] ? debug_smp_processor_id+0x20/0x30 [ 176.050995] ? rcu_is_watching+0x19/0xb0 [ 176.051448] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.051929] ? trace_hardirqs_on+0x26/0x120 [ 176.052389] do_group_exit+0xe0/0x2b0 [ 176.052789] __x64_sys_exit_group+0x47/0x50 [ 176.053245] do_syscall_64+0x3b/0x90 [ 176.053649] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.054205] RIP: 0033:0x7f4b87518a4d [ 176.054660] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.055382] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.056210] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.056957] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.057705] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.058455] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.059253] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.060026] [ 176.060281] irq event stamp: 0 [ 176.060609] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.061307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.062182] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.063144] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.063805] ---[ end trace 0000000000000000 ]--- [ 176.069407] ------------[ cut here ]------------ [ 176.069962] WARNING: CPU: 0 PID: 1668 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.071266] Modules linked in: [ 176.071614] CPU: 0 PID: 1668 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.072528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.073712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.074244] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.076210] RSP: 0018:ffff888023eafbb8 EFLAGS: 00010246 [ 176.076785] RAX: 0000000000000000 RBX: ffff8880161f80a8 RCX: 0000000000000000 [ 176.077535] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 176.078287] RBP: ffff888023eafbd0 R08: ffffed1002c3f033 R09: ffffed1002c3f033 [ 176.079066] R10: ffff8880161f8193 R11: ffffed1002c3f032 R12: ffff888010c0a800 [ 176.079854] R13: ffff8880161f81e8 R14: ffffffff8352e670 R15: ffff888023eafe68 [ 176.080603] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.081461] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.082070] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 176.082865] PKRU: 55555554 [ 176.083191] Call Trace: [ 176.083462] [ 176.083703] __iommufd_access_detach+0x1c2/0x2b0 [ 176.084218] iommufd_access_change_pt+0x149/0x270 [ 176.084738] iommufd_access_replace+0xb4/0x120 [ 176.085236] iommufd_test+0x3e5/0x37e0 [ 176.085654] ? lock_release+0x532/0x770 [ 176.086084] ? __might_fault+0x102/0x1b0 [ 176.086554] ? lock_acquire+0x427/0x4c0 [ 176.086986] ? __pfx_iommufd_test+0x10/0x10 [ 176.087471] ? __pfx_lock_release+0x10/0x10 [ 176.087949] ? __pfx_lock_acquire+0x10/0x10 [ 176.088418] ? write_comp_data+0x2f/0x90 [ 176.088864] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.089382] ? write_comp_data+0x2f/0x90 [ 176.089824] iommufd_fops_ioctl+0x37d/0x510 [ 176.090289] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.090841] ? write_comp_data+0x2f/0x90 [ 176.091292] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.091805] __x64_sys_ioctl+0x1a3/0x230 [ 176.092245] do_syscall_64+0x3b/0x90 [ 176.092645] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.093259] RIP: 0033:0x7f4b8743ee5d [ 176.093652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.095633] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.096454] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.097231] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.098005] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.098812] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.099595] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.100363] [ 176.100609] irq event stamp: 0 [ 176.100937] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.101598] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.102479] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.103416] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.104106] ---[ end trace 0000000000000000 ]--- [ 176.107534] ------------[ cut here ]------------ [ 176.108086] WARNING: CPU: 0 PID: 1668 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.109144] Modules linked in: [ 176.109478] CPU: 0 PID: 1668 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.110392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.111698] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.112242] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.114149] RSP: 0018:ffff888023eafbd0 EFLAGS: 00010246 [ 176.114739] RAX: 0000000000000000 RBX: ffff8880161f80a8 RCX: 0000000000000000 [ 176.115495] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 176.116233] RBP: ffff888023eafbe8 R08: ffffed1002c3f033 R09: ffffed1002c3f033 [ 176.116985] R10: ffff8880161f8193 R11: ffffed1002c3f032 R12: ffff88800fcb1000 [ 176.117736] R13: ffff8880161f81e8 R14: ffff88800f953100 R15: 0000000000000000 [ 176.118474] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.119369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.119984] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 176.120726] PKRU: 55555554 [ 176.121026] Call Trace: [ 176.121302] [ 176.121546] iommufd_access_destroy_object+0x65/0x170 [ 176.122097] iommufd_object_destroy_user+0x18e/0x220 [ 176.122689] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.123324] iommufd_access_destroy+0x43/0x70 [ 176.123813] iommufd_test_staccess_release+0x8d/0xd0 [ 176.125013] __fput+0x26d/0xa40 [ 176.125395] ____fput+0x1e/0x30 [ 176.125761] task_work_run+0x1a4/0x2d0 [ 176.126178] ? __pfx_task_work_run+0x10/0x10 [ 176.126707] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.127245] ? switch_task_namespaces+0xa9/0xe0 [ 176.127742] do_exit+0xb17/0x2ef0 [ 176.128109] ? lock_acquire+0x427/0x4c0 [ 176.128555] ? __pfx_lock_release+0x10/0x10 [ 176.129012] ? __kasan_check_write+0x18/0x20 [ 176.129476] ? do_raw_spin_lock+0x132/0x2a0 [ 176.129935] ? __pfx_do_exit+0x10/0x10 [ 176.130357] ? debug_smp_processor_id+0x20/0x30 [ 176.130891] ? rcu_is_watching+0x19/0xb0 [ 176.131348] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.131837] ? trace_hardirqs_on+0x26/0x120 [ 176.132306] do_group_exit+0xe0/0x2b0 [ 176.132714] __x64_sys_exit_group+0x47/0x50 [ 176.133169] do_syscall_64+0x3b/0x90 [ 176.133567] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.134118] RIP: 0033:0x7f4b87518a4d [ 176.134550] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.135213] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.136005] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.136745] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.137494] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.138229] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.139006] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.139792] [ 176.140046] irq event stamp: 0 [ 176.140370] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.141044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.141917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.142826] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.143495] ---[ end trace 0000000000000000 ]--- [ 176.144396] ------------[ cut here ]------------ [ 176.144889] WARNING: CPU: 0 PID: 1668 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.145960] Modules linked in: [ 176.146303] CPU: 0 PID: 1668 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.147270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.148444] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.148984] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.150934] RSP: 0018:ffff888023eafb78 EFLAGS: 00010246 [ 176.151516] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.152267] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 176.153020] RBP: ffff888023eafb98 R08: ffffed1002c3f03e R09: ffffed1002c3f03e [ 176.153772] R10: ffff8880161f81ef R11: ffffed1002c3f03d R12: ffff8880161f8290 [ 176.154560] R13: ffff8880161f80a8 R14: ffffffffffffffff R15: ffff888023eafc60 [ 176.155320] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.156166] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.156770] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 176.157566] PKRU: 55555554 [ 176.157861] Call Trace: [ 176.158133] [ 176.158376] iommufd_ioas_destroy+0x53/0x70 [ 176.158864] iommufd_fops_release+0x1f7/0x370 [ 176.159357] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.159885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.160406] ? write_comp_data+0x2f/0x90 [ 176.160847] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.161375] __fput+0x26d/0xa40 [ 176.161736] ____fput+0x1e/0x30 [ 176.162090] task_work_run+0x1a4/0x2d0 [ 176.162543] ? __pfx_task_work_run+0x10/0x10 [ 176.163023] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.163568] ? switch_task_namespaces+0xa9/0xe0 [ 176.164075] do_exit+0xb17/0x2ef0 [ 176.164438] ? lock_acquire+0x427/0x4c0 [ 176.164866] ? __pfx_lock_release+0x10/0x10 [ 176.165319] ? __kasan_check_write+0x18/0x20 [ 176.165797] ? do_raw_spin_lock+0x132/0x2a0 [ 176.166251] ? __pfx_do_exit+0x10/0x10 [ 176.166709] ? debug_smp_processor_id+0x20/0x30 [ 176.167221] ? rcu_is_watching+0x19/0xb0 [ 176.167655] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.168137] ? trace_hardirqs_on+0x26/0x120 [ 176.168607] do_group_exit+0xe0/0x2b0 [ 176.169015] __x64_sys_exit_group+0x47/0x50 [ 176.169468] do_syscall_64+0x3b/0x90 [ 176.169873] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.170426] RIP: 0033:0x7f4b87518a4d [ 176.170856] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.171531] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.172327] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.173082] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.173823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.174611] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.175371] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.176121] [ 176.176367] irq event stamp: 0 [ 176.176695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.177352] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.178224] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.179143] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.179811] ---[ end trace 0000000000000000 ]--- [ 176.185095] ------------[ cut here ]------------ [ 176.185646] WARNING: CPU: 0 PID: 1669 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.186862] Modules linked in: [ 176.187236] CPU: 0 PID: 1669 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.188146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.189377] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.189903] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.191862] RSP: 0018:ffff888014687bb8 EFLAGS: 00010246 [ 176.192447] RAX: 0000000000000000 RBX: ffff88801861a0a8 RCX: 0000000000000000 [ 176.193193] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 176.193961] RBP: ffff888014687bd0 R08: ffffed10030c3433 R09: ffffed10030c3433 [ 176.194762] R10: ffff88801861a193 R11: ffffed10030c3432 R12: ffff888013f83000 [ 176.195535] R13: ffff88801861a1e8 R14: ffffffff8352e670 R15: ffff888014687e68 [ 176.196295] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.197144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.197769] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ef0 [ 176.198580] PKRU: 55555554 [ 176.198895] Call Trace: [ 176.199181] [ 176.199427] __iommufd_access_detach+0x1c2/0x2b0 [ 176.199955] iommufd_access_change_pt+0x149/0x270 [ 176.200485] iommufd_access_replace+0xb4/0x120 [ 176.200981] iommufd_test+0x3e5/0x37e0 [ 176.201391] ? lock_release+0x532/0x770 [ 176.201822] ? __might_fault+0x102/0x1b0 [ 176.202261] ? lock_acquire+0x427/0x4c0 [ 176.202724] ? __pfx_iommufd_test+0x10/0x10 [ 176.203214] ? __pfx_lock_release+0x10/0x10 [ 176.203693] ? __pfx_lock_acquire+0x10/0x10 [ 176.204161] ? write_comp_data+0x2f/0x90 [ 176.204598] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.205119] ? write_comp_data+0x2f/0x90 [ 176.205567] iommufd_fops_ioctl+0x37d/0x510 [ 176.206031] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.206591] ? write_comp_data+0x2f/0x90 [ 176.207034] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.207557] __x64_sys_ioctl+0x1a3/0x230 [ 176.207999] do_syscall_64+0x3b/0x90 [ 176.208403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.208964] RIP: 0033:0x7f4b8743ee5d [ 176.209353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.211320] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.212136] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.212886] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.213630] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.214366] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.215160] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.215910] [ 176.216160] irq event stamp: 0 [ 176.216492] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.217158] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.218041] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.218958] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.220069] ---[ end trace 0000000000000000 ]--- [ 176.223490] ------------[ cut here ]------------ [ 176.224165] WARNING: CPU: 0 PID: 1669 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.225224] Modules linked in: [ 176.225556] CPU: 0 PID: 1669 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.226466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.227769] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.228497] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.230397] RSP: 0018:ffff888014687bd0 EFLAGS: 00010246 [ 176.230989] RAX: 0000000000000000 RBX: ffff88801861a0a8 RCX: 0000000000000000 [ 176.231781] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 176.232809] RBP: ffff888014687be8 R08: ffffed10030c3433 R09: ffffed10030c3433 [ 176.233736] R10: ffff88801861a193 R11: ffffed10030c3432 R12: ffff888010c0b000 [ 176.234476] R13: ffff88801861a1e8 R14: ffff888020e7a800 R15: 0000000000000000 [ 176.235303] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.236151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.236969] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 176.238050] PKRU: 55555554 [ 176.238357] Call Trace: [ 176.238657] [ 176.238900] iommufd_access_destroy_object+0x65/0x170 [ 176.239462] iommufd_object_destroy_user+0x18e/0x220 [ 176.240010] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.240631] iommufd_access_destroy+0x43/0x70 [ 176.241215] iommufd_test_staccess_release+0x8d/0xd0 [ 176.241961] __fput+0x26d/0xa40 [ 176.242560] ____fput+0x1e/0x30 [ 176.242930] task_work_run+0x1a4/0x2d0 [ 176.243364] ? __pfx_task_work_run+0x10/0x10 [ 176.243834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.244353] ? switch_task_namespaces+0xa9/0xe0 [ 176.244861] do_exit+0xb17/0x2ef0 [ 176.245239] ? lock_acquire+0x427/0x4c0 [ 176.245774] ? __pfx_lock_release+0x10/0x10 [ 176.246421] ? __kasan_check_write+0x18/0x20 [ 176.246927] ? do_raw_spin_lock+0x132/0x2a0 [ 176.247397] ? __pfx_do_exit+0x10/0x10 [ 176.247818] ? debug_smp_processor_id+0x20/0x30 [ 176.248308] ? rcu_is_watching+0x19/0xb0 [ 176.248745] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.249242] ? trace_hardirqs_on+0x26/0x120 [ 176.249713] do_group_exit+0xe0/0x2b0 [ 176.250123] __x64_sys_exit_group+0x47/0x50 [ 176.250611] do_syscall_64+0x3b/0x90 [ 176.251014] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.251587] RIP: 0033:0x7f4b87518a4d [ 176.251990] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.252626] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.253466] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.254223] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.255007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.255768] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.256512] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.257263] [ 176.257507] irq event stamp: 0 [ 176.257837] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.258493] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.259421] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.260304] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.260965] ---[ end trace 0000000000000000 ]--- [ 176.261967] ------------[ cut here ]------------ [ 176.262774] WARNING: CPU: 0 PID: 1669 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.263867] Modules linked in: [ 176.264206] CPU: 0 PID: 1669 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.265115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.266294] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.266879] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.268843] RSP: 0018:ffff888014687b78 EFLAGS: 00010246 [ 176.269409] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.270148] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 176.270937] RBP: ffff888014687b98 R08: ffffed10030c343e R09: ffffed10030c343e [ 176.271701] R10: ffff88801861a1ef R11: ffffed10030c343d R12: ffff88801861a290 [ 176.272441] R13: ffff88801861a0a8 R14: ffffffffffffffff R15: ffff888014687c60 [ 176.273185] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.274023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.274665] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 176.275437] PKRU: 55555554 [ 176.275731] Call Trace: [ 176.276002] [ 176.276251] iommufd_ioas_destroy+0x53/0x70 [ 176.276717] iommufd_fops_release+0x1f7/0x370 [ 176.277200] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.277722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.278232] ? write_comp_data+0x2f/0x90 [ 176.278701] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.279238] __fput+0x26d/0xa40 [ 176.279603] ____fput+0x1e/0x30 [ 176.279958] task_work_run+0x1a4/0x2d0 [ 176.280381] ? __pfx_task_work_run+0x10/0x10 [ 176.280844] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.281356] ? switch_task_namespaces+0xa9/0xe0 [ 176.281851] do_exit+0xb17/0x2ef0 [ 176.282215] ? lock_acquire+0x427/0x4c0 [ 176.282676] ? __pfx_lock_release+0x10/0x10 [ 176.283164] ? __kasan_check_write+0x18/0x20 [ 176.283632] ? do_raw_spin_lock+0x132/0x2a0 [ 176.284086] ? __pfx_do_exit+0x10/0x10 [ 176.284509] ? debug_smp_processor_id+0x20/0x30 [ 176.285054] ? rcu_is_watching+0x19/0xb0 [ 176.285486] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.285966] ? trace_hardirqs_on+0x26/0x120 [ 176.286428] do_group_exit+0xe0/0x2b0 [ 176.286867] __x64_sys_exit_group+0x47/0x50 [ 176.287331] do_syscall_64+0x3b/0x90 [ 176.287730] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.288279] RIP: 0033:0x7f4b87518a4d [ 176.288668] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.289309] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.290091] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.290859] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.291608] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.292341] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.293083] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.293827] [ 176.294074] irq event stamp: 0 [ 176.294405] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.295085] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.295972] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.296829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.297483] ---[ end trace 0000000000000000 ]--- [ 176.305689] ------------[ cut here ]------------ [ 176.306388] WARNING: CPU: 1 PID: 1670 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.308084] Modules linked in: [ 176.308435] CPU: 1 PID: 1670 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.309339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.310759] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.311316] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.313353] RSP: 0018:ffff888016757bb8 EFLAGS: 00010246 [ 176.313889] RAX: 0000000000000000 RBX: ffff888013e178a8 RCX: 0000000000000000 [ 176.314768] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 176.315558] RBP: ffff888016757bd0 R08: ffffed10027c2f33 R09: ffffed10027c2f33 [ 176.316280] R10: ffff888013e17993 R11: ffffed10027c2f32 R12: ffff888010e00c00 [ 176.317165] R13: ffff888013e179e8 R14: ffffffff8352e670 R15: ffff888016757e68 [ 176.317976] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.318834] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.319553] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ee0 [ 176.320354] PKRU: 55555554 [ 176.320648] Call Trace: [ 176.320940] [ 176.321180] __iommufd_access_detach+0x1c2/0x2b0 [ 176.321792] iommufd_access_change_pt+0x149/0x270 [ 176.322358] iommufd_access_replace+0xb4/0x120 [ 176.322858] iommufd_test+0x3e5/0x37e0 [ 176.323304] ? lock_release+0x532/0x770 [ 176.323725] ? __might_fault+0x102/0x1b0 [ 176.324318] ? lock_acquire+0x427/0x4c0 [ 176.324708] ? __pfx_iommufd_test+0x10/0x10 [ 176.325116] ? __pfx_lock_release+0x10/0x10 [ 176.325549] ? __pfx_lock_acquire+0x10/0x10 [ 176.325988] ? write_comp_data+0x2f/0x90 [ 176.326529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.327007] ? write_comp_data+0x2f/0x90 [ 176.327416] iommufd_fops_ioctl+0x37d/0x510 [ 176.327828] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.328288] ? write_comp_data+0x2f/0x90 [ 176.328684] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.329130] __x64_sys_ioctl+0x1a3/0x230 [ 176.329656] do_syscall_64+0x3b/0x90 [ 176.330017] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.330543] RIP: 0033:0x7f4b8743ee5d [ 176.330907] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.332776] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.333500] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.334321] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.335025] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.335707] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.336432] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.337225] [ 176.337455] irq event stamp: 0 [ 176.337756] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.338363] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.339318] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.340134] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.340728] ---[ end trace 0000000000000000 ]--- [ 176.344237] ------------[ cut here ]------------ [ 176.344734] WARNING: CPU: 1 PID: 1670 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.345860] Modules linked in: [ 176.346176] CPU: 1 PID: 1670 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.347019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.348172] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.348700] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.350595] RSP: 0018:ffff888016757bd0 EFLAGS: 00010246 [ 176.351092] RAX: 0000000000000000 RBX: ffff888013e178a8 RCX: 0000000000000000 [ 176.351818] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 176.352517] RBP: ffff888016757be8 R08: ffffed10027c2f33 R09: ffffed10027c2f33 [ 176.353339] R10: ffff888013e17993 R11: ffffed10027c2f32 R12: ffff88800f0e3400 [ 176.354000] R13: ffff888013e179e8 R14: ffff888020982000 R15: 0000000000000000 [ 176.354707] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.355690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.356227] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.356874] PKRU: 55555554 [ 176.357215] Call Trace: [ 176.357541] [ 176.357751] iommufd_access_destroy_object+0x65/0x170 [ 176.358237] iommufd_object_destroy_user+0x18e/0x220 [ 176.358754] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.359316] iommufd_access_destroy+0x43/0x70 [ 176.359866] iommufd_test_staccess_release+0x8d/0xd0 [ 176.360346] __fput+0x26d/0xa40 [ 176.360669] ____fput+0x1e/0x30 [ 176.360984] task_work_run+0x1a4/0x2d0 [ 176.361356] ? __pfx_task_work_run+0x10/0x10 [ 176.361894] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.362364] ? switch_task_namespaces+0xa9/0xe0 [ 176.362831] do_exit+0xb17/0x2ef0 [ 176.363172] ? lock_acquire+0x427/0x4c0 [ 176.363554] ? __pfx_lock_release+0x10/0x10 [ 176.363966] ? __kasan_check_write+0x18/0x20 [ 176.364541] ? do_raw_spin_lock+0x132/0x2a0 [ 176.364943] ? __pfx_do_exit+0x10/0x10 [ 176.365313] ? debug_smp_processor_id+0x20/0x30 [ 176.365747] ? rcu_is_watching+0x19/0xb0 [ 176.366172] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.366698] ? trace_hardirqs_on+0x26/0x120 [ 176.367122] do_group_exit+0xe0/0x2b0 [ 176.367487] __x64_sys_exit_group+0x47/0x50 [ 176.367900] do_syscall_64+0x3b/0x90 [ 176.368258] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.368839] RIP: 0033:0x7f4b87518a4d [ 176.369248] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.369816] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.370551] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.371326] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.372034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.372708] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.373391] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.374153] [ 176.374371] irq event stamp: 0 [ 176.374696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.375280] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.376178] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.376935] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.377503] ---[ end trace 0000000000000000 ]--- [ 176.378428] ------------[ cut here ]------------ [ 176.378899] WARNING: CPU: 1 PID: 1670 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.379841] Modules linked in: [ 176.380228] CPU: 1 PID: 1670 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.381090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.382149] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.382738] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.384439] RSP: 0018:ffff888016757b78 EFLAGS: 00010246 [ 176.384979] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.385585] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 176.386205] RBP: ffff888016757b98 R08: ffffed10027c2f3e R09: ffffed10027c2f3e [ 176.386967] R10: ffff888013e179ef R11: ffffed10027c2f3d R12: ffff888013e17a90 [ 176.387589] R13: ffff888013e178a8 R14: ffffffffffffffff R15: ffff888016757c60 [ 176.388202] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.389013] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.389510] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.390118] PKRU: 55555554 [ 176.390363] Call Trace: [ 176.390679] [ 176.390931] iommufd_ioas_destroy+0x53/0x70 [ 176.391320] iommufd_fops_release+0x1f7/0x370 [ 176.391729] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.392162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.392587] ? write_comp_data+0x2f/0x90 [ 176.393020] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.393506] __fput+0x26d/0xa40 [ 176.393814] ____fput+0x1e/0x30 [ 176.394106] task_work_run+0x1a4/0x2d0 [ 176.394459] ? __pfx_task_work_run+0x10/0x10 [ 176.394947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.395469] ? switch_task_namespaces+0xa9/0xe0 [ 176.395893] do_exit+0xb17/0x2ef0 [ 176.396198] ? lock_acquire+0x427/0x4c0 [ 176.396556] ? __pfx_lock_release+0x10/0x10 [ 176.396939] ? __kasan_check_write+0x18/0x20 [ 176.397411] ? do_raw_spin_lock+0x132/0x2a0 [ 176.397886] ? __pfx_do_exit+0x10/0x10 [ 176.398239] ? debug_smp_processor_id+0x20/0x30 [ 176.398704] ? rcu_is_watching+0x19/0xb0 [ 176.399067] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.399501] ? trace_hardirqs_on+0x26/0x120 [ 176.400011] do_group_exit+0xe0/0x2b0 [ 176.400345] __x64_sys_exit_group+0x47/0x50 [ 176.400727] do_syscall_64+0x3b/0x90 [ 176.401062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.401530] RIP: 0033:0x7f4b87518a4d [ 176.401967] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.402543] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.403206] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.403856] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.404570] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.405179] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.405802] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.406569] [ 176.406774] irq event stamp: 0 [ 176.407057] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.407614] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.408419] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.409237] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.409784] ---[ end trace 0000000000000000 ]--- [ 176.413964] ------------[ cut here ]------------ [ 176.414416] WARNING: CPU: 1 PID: 1671 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.415474] Modules linked in: [ 176.415754] CPU: 1 PID: 1671 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.416569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.417632] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.418066] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.419887] RSP: 0018:ffff88800e83fbb8 EFLAGS: 00010246 [ 176.420351] RAX: 0000000000000000 RBX: ffff888017a438a8 RCX: 0000000000000000 [ 176.421121] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 176.421734] RBP: ffff88800e83fbd0 R08: ffffed1002f48733 R09: ffffed1002f48733 [ 176.422342] R10: ffff888017a43993 R11: ffffed1002f48732 R12: ffff88800ae93800 [ 176.423110] R13: ffff888017a439e8 R14: ffffffff8352e670 R15: ffff88800e83fe68 [ 176.423740] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.424436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.424930] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 176.425538] PKRU: 55555554 [ 176.425780] Call Trace: [ 176.426002] [ 176.426206] __iommufd_access_detach+0x1c2/0x2b0 [ 176.426652] iommufd_access_change_pt+0x149/0x270 [ 176.427078] iommufd_access_replace+0xb4/0x120 [ 176.427503] iommufd_test+0x3e5/0x37e0 [ 176.427840] ? lock_release+0x532/0x770 [ 176.428194] ? __might_fault+0x102/0x1b0 [ 176.428561] ? lock_acquire+0x427/0x4c0 [ 176.428914] ? __pfx_iommufd_test+0x10/0x10 [ 176.429285] ? __pfx_lock_release+0x10/0x10 [ 176.429675] ? __pfx_lock_acquire+0x10/0x10 [ 176.430056] ? write_comp_data+0x2f/0x90 [ 176.430414] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.430858] ? write_comp_data+0x2f/0x90 [ 176.431234] iommufd_fops_ioctl+0x37d/0x510 [ 176.431617] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.432044] ? write_comp_data+0x2f/0x90 [ 176.432405] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.432836] __x64_sys_ioctl+0x1a3/0x230 [ 176.433199] do_syscall_64+0x3b/0x90 [ 176.433544] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.433995] RIP: 0033:0x7f4b8743ee5d [ 176.434323] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.435909] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.436573] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.437189] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.437808] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.438424] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.439054] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.439684] [ 176.439885] irq event stamp: 0 [ 176.440156] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.440708] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.441435] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.442151] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.442703] ---[ end trace 0000000000000000 ]--- [ 176.445683] ------------[ cut here ]------------ [ 176.446110] WARNING: CPU: 1 PID: 1671 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.446970] Modules linked in: [ 176.447243] CPU: 1 PID: 1671 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.447960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.448873] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.449278] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.450759] RSP: 0018:ffff88800e83fbd0 EFLAGS: 00010246 [ 176.451212] RAX: 0000000000000000 RBX: ffff888017a438a8 RCX: 0000000000000000 [ 176.451785] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 176.452369] RBP: ffff88800e83fbe8 R08: ffffed1002f48733 R09: ffffed1002f48733 [ 176.452943] R10: ffff888017a43993 R11: ffffed1002f48732 R12: ffff888010e01800 [ 176.453512] R13: ffff888017a439e8 R14: ffff88800f078b00 R15: 0000000000000000 [ 176.454092] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.454777] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.455265] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.455847] PKRU: 55555554 [ 176.456078] Call Trace: [ 176.456284] [ 176.456477] iommufd_access_destroy_object+0x65/0x170 [ 176.456908] iommufd_object_destroy_user+0x18e/0x220 [ 176.457334] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.457810] iommufd_access_destroy+0x43/0x70 [ 176.458196] iommufd_test_staccess_release+0x8d/0xd0 [ 176.458644] __fput+0x26d/0xa40 [ 176.458935] ____fput+0x1e/0x30 [ 176.459226] task_work_run+0x1a4/0x2d0 [ 176.459555] ? __pfx_task_work_run+0x10/0x10 [ 176.459918] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.460320] ? switch_task_namespaces+0xa9/0xe0 [ 176.460708] do_exit+0xb17/0x2ef0 [ 176.460994] ? lock_acquire+0x427/0x4c0 [ 176.461339] ? __pfx_lock_release+0x10/0x10 [ 176.461701] ? __kasan_check_write+0x18/0x20 [ 176.462062] ? do_raw_spin_lock+0x132/0x2a0 [ 176.462412] ? __pfx_do_exit+0x10/0x10 [ 176.462766] ? debug_smp_processor_id+0x20/0x30 [ 176.463159] ? rcu_is_watching+0x19/0xb0 [ 176.463503] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.463882] ? trace_hardirqs_on+0x26/0x120 [ 176.464252] do_group_exit+0xe0/0x2b0 [ 176.464565] __x64_sys_exit_group+0x47/0x50 [ 176.464914] do_syscall_64+0x3b/0x90 [ 176.465230] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.465662] RIP: 0033:0x7f4b87518a4d [ 176.465974] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.466476] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.467118] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.467705] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.468289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.468869] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.469450] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.470043] [ 176.470245] irq event stamp: 0 [ 176.470502] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.471035] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.471721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.472404] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.472913] ---[ end trace 0000000000000000 ]--- [ 176.473631] ------------[ cut here ]------------ [ 176.474011] WARNING: CPU: 1 PID: 1671 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.474858] Modules linked in: [ 176.475138] CPU: 1 PID: 1671 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.475865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.476801] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.477305] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.478899] RSP: 0018:ffff88800e83fb78 EFLAGS: 00010246 [ 176.479370] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.480054] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 176.480625] RBP: ffff88800e83fb98 R08: ffffed1002f4873e R09: ffffed1002f4873e [ 176.481212] R10: ffff888017a439ef R11: ffffed1002f4873d R12: ffff888017a43a90 [ 176.481858] R13: ffff888017a438a8 R14: ffffffffffffffff R15: ffff88800e83fc60 [ 176.482424] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.483238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.483724] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.484400] PKRU: 55555554 [ 176.484623] Call Trace: [ 176.484826] [ 176.485006] iommufd_ioas_destroy+0x53/0x70 [ 176.485362] iommufd_fops_release+0x1f7/0x370 [ 176.485749] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.486221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.486643] ? write_comp_data+0x2f/0x90 [ 176.486976] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.487384] __fput+0x26d/0xa40 [ 176.487662] ____fput+0x1e/0x30 [ 176.487994] task_work_run+0x1a4/0x2d0 [ 176.488366] ? __pfx_task_work_run+0x10/0x10 [ 176.488725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.489120] ? switch_task_namespaces+0xa9/0xe0 [ 176.489508] do_exit+0xb17/0x2ef0 [ 176.489845] ? lock_acquire+0x427/0x4c0 [ 176.490201] ? __pfx_lock_release+0x10/0x10 [ 176.490570] ? __kasan_check_write+0x18/0x20 [ 176.490927] ? do_raw_spin_lock+0x132/0x2a0 [ 176.491287] ? __pfx_do_exit+0x10/0x10 [ 176.491605] ? debug_smp_processor_id+0x20/0x30 [ 176.492043] ? rcu_is_watching+0x19/0xb0 [ 176.492411] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.492782] ? trace_hardirqs_on+0x26/0x120 [ 176.493133] do_group_exit+0xe0/0x2b0 [ 176.493438] __x64_sys_exit_group+0x47/0x50 [ 176.493850] do_syscall_64+0x3b/0x90 [ 176.494174] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.494618] RIP: 0033:0x7f4b87518a4d [ 176.494916] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.495417] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.496083] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.496703] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.497266] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.497916] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.498483] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.499081] [ 176.499280] irq event stamp: 0 [ 176.499530] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.500139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.500801] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.501460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.502059] ---[ end trace 0000000000000000 ]--- [ 176.507059] ------------[ cut here ]------------ [ 176.507478] WARNING: CPU: 1 PID: 1672 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.508365] Modules linked in: [ 176.508616] CPU: 1 PID: 1672 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.509310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.510276] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.510703] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.512128] RSP: 0018:ffff888015f9fbb8 EFLAGS: 00010246 [ 176.512539] RAX: 0000000000000000 RBX: ffff88800cb900a8 RCX: 0000000000000000 [ 176.513097] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 176.513652] RBP: ffff888015f9fbd0 R08: ffffed1001972033 R09: ffffed1001972033 [ 176.514209] R10: ffff88800cb90193 R11: ffffed1001972032 R12: ffff88800fcb0000 [ 176.514775] R13: ffff88800cb901e8 R14: ffffffff8352e670 R15: ffff888015f9fe68 [ 176.515342] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.515974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.516421] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 176.516981] PKRU: 55555554 [ 176.517207] Call Trace: [ 176.517409] [ 176.517591] __iommufd_access_detach+0x1c2/0x2b0 [ 176.517973] iommufd_access_change_pt+0x149/0x270 [ 176.518377] iommufd_access_replace+0xb4/0x120 [ 176.518761] iommufd_test+0x3e5/0x37e0 [ 176.519078] ? lock_release+0x532/0x770 [ 176.519407] ? __might_fault+0x102/0x1b0 [ 176.519733] ? lock_acquire+0x427/0x4c0 [ 176.520054] ? __pfx_iommufd_test+0x10/0x10 [ 176.520401] ? __pfx_lock_release+0x10/0x10 [ 176.520746] ? __pfx_lock_acquire+0x10/0x10 [ 176.521094] ? write_comp_data+0x2f/0x90 [ 176.521443] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.521829] ? write_comp_data+0x2f/0x90 [ 176.522156] iommufd_fops_ioctl+0x37d/0x510 [ 176.522527] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.522916] ? write_comp_data+0x2f/0x90 [ 176.523262] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.523641] __x64_sys_ioctl+0x1a3/0x230 [ 176.523967] do_syscall_64+0x3b/0x90 [ 176.524276] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.524686] RIP: 0033:0x7f4b8743ee5d [ 176.524987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.526394] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.527023] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.527585] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.528143] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.528699] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.529260] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.529834] [ 176.530019] irq event stamp: 0 [ 176.530265] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.530790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.531461] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.532107] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.532605] ---[ end trace 0000000000000000 ]--- [ 176.535435] ------------[ cut here ]------------ [ 176.535832] WARNING: CPU: 1 PID: 1672 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.536614] Modules linked in: [ 176.536862] CPU: 1 PID: 1672 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.537546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.538421] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.538825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.540252] RSP: 0018:ffff888015f9fbd0 EFLAGS: 00010246 [ 176.540667] RAX: 0000000000000000 RBX: ffff88800cb900a8 RCX: 0000000000000000 [ 176.541221] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 176.541785] RBP: ffff888015f9fbe8 R08: ffffed1001972033 R09: ffffed1001972033 [ 176.542342] R10: ffff88800cb90193 R11: ffffed1001972032 R12: ffff88800ae92000 [ 176.542917] R13: ffff88800cb901e8 R14: ffff88801371c700 R15: 0000000000000000 [ 176.543478] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.544109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.544559] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.545122] PKRU: 55555554 [ 176.545343] Call Trace: [ 176.545552] [ 176.545733] iommufd_access_destroy_object+0x65/0x170 [ 176.546152] iommufd_object_destroy_user+0x18e/0x220 [ 176.546576] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.547045] iommufd_access_destroy+0x43/0x70 [ 176.547415] iommufd_test_staccess_release+0x8d/0xd0 [ 176.547826] __fput+0x26d/0xa40 [ 176.548098] ____fput+0x1e/0x30 [ 176.548365] task_work_run+0x1a4/0x2d0 [ 176.548681] ? __pfx_task_work_run+0x10/0x10 [ 176.549038] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.549433] ? switch_task_namespaces+0xa9/0xe0 [ 176.549814] do_exit+0xb17/0x2ef0 [ 176.550087] ? lock_acquire+0x427/0x4c0 [ 176.550415] ? __pfx_lock_release+0x10/0x10 [ 176.550777] ? __kasan_check_write+0x18/0x20 [ 176.551136] ? do_raw_spin_lock+0x132/0x2a0 [ 176.551475] ? __pfx_do_exit+0x10/0x10 [ 176.551798] ? debug_smp_processor_id+0x20/0x30 [ 176.552166] ? rcu_is_watching+0x19/0xb0 [ 176.552485] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.552855] ? trace_hardirqs_on+0x26/0x120 [ 176.553196] do_group_exit+0xe0/0x2b0 [ 176.553501] __x64_sys_exit_group+0x47/0x50 [ 176.553842] do_syscall_64+0x3b/0x90 [ 176.554141] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.554581] RIP: 0033:0x7f4b87518a4d [ 176.554875] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.555369] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.555954] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.556501] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.557052] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.557597] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.558138] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.558727] [ 176.558911] irq event stamp: 0 [ 176.559166] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.559653] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.560284] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.560914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.561391] ---[ end trace 0000000000000000 ]--- [ 176.562079] ------------[ cut here ]------------ [ 176.562448] WARNING: CPU: 1 PID: 1672 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.563249] Modules linked in: [ 176.563506] CPU: 1 PID: 1672 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.564171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.565027] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.565429] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.566838] RSP: 0018:ffff888015f9fb78 EFLAGS: 00010246 [ 176.567258] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.567807] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 176.568348] RBP: ffff888015f9fb98 R08: ffffed100197203e R09: ffffed100197203e [ 176.568889] R10: ffff88800cb901ef R11: ffffed100197203d R12: ffff88800cb90290 [ 176.569441] R13: ffff88800cb900a8 R14: ffffffffffffffff R15: ffff888015f9fc60 [ 176.569987] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.570620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.571064] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.571626] PKRU: 55555554 [ 176.571842] Call Trace: [ 176.572047] [ 176.572221] iommufd_ioas_destroy+0x53/0x70 [ 176.572560] iommufd_fops_release+0x1f7/0x370 [ 176.572914] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.573305] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.573688] ? write_comp_data+0x2f/0x90 [ 176.574011] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.574399] __fput+0x26d/0xa40 [ 176.574693] ____fput+0x1e/0x30 [ 176.574961] task_work_run+0x1a4/0x2d0 [ 176.575288] ? __pfx_task_work_run+0x10/0x10 [ 176.575638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.576020] ? switch_task_namespaces+0xa9/0xe0 [ 176.576387] do_exit+0xb17/0x2ef0 [ 176.576657] ? lock_acquire+0x427/0x4c0 [ 176.576976] ? __pfx_lock_release+0x10/0x10 [ 176.577321] ? __kasan_check_write+0x18/0x20 [ 176.577664] ? do_raw_spin_lock+0x132/0x2a0 [ 176.577998] ? __pfx_do_exit+0x10/0x10 [ 176.578309] ? debug_smp_processor_id+0x20/0x30 [ 176.578690] ? rcu_is_watching+0x19/0xb0 [ 176.579016] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.579379] ? trace_hardirqs_on+0x26/0x120 [ 176.579719] do_group_exit+0xe0/0x2b0 [ 176.580027] __x64_sys_exit_group+0x47/0x50 [ 176.580359] do_syscall_64+0x3b/0x90 [ 176.580655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.581061] RIP: 0033:0x7f4b87518a4d [ 176.581347] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.581815] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.582396] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.582959] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.583523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.584067] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.584612] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.585159] [ 176.585345] irq event stamp: 0 [ 176.585585] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.586070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.586723] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.587372] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.587858] ---[ end trace 0000000000000000 ]--- [ 176.591887] ------------[ cut here ]------------ [ 176.592275] WARNING: CPU: 1 PID: 1673 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.593033] Modules linked in: [ 176.593281] CPU: 1 PID: 1673 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.593925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.594949] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.595340] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.596698] RSP: 0018:ffff88802088fbb8 EFLAGS: 00010246 [ 176.597093] RAX: 0000000000000000 RBX: ffff88801637e0a8 RCX: 0000000000000000 [ 176.597628] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 176.598155] RBP: ffff88802088fbd0 R08: ffffed1002c6fc33 R09: ffffed1002c6fc33 [ 176.598711] R10: ffff88801637e193 R11: ffffed1002c6fc32 R12: ffff88801226c400 [ 176.599247] R13: ffff88801637e1e8 R14: ffffffff8352e670 R15: ffff88802088fe68 [ 176.599787] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.600387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.600816] CR2: 0000000020000140 CR3: 0000000014752000 CR4: 0000000000750ee0 [ 176.601356] PKRU: 55555554 [ 176.601569] Call Trace: [ 176.601762] [ 176.601933] __iommufd_access_detach+0x1c2/0x2b0 [ 176.602311] iommufd_access_change_pt+0x149/0x270 [ 176.602699] iommufd_access_replace+0xb4/0x120 [ 176.603053] iommufd_test+0x3e5/0x37e0 [ 176.603353] ? lock_release+0x532/0x770 [ 176.603664] ? __might_fault+0x102/0x1b0 [ 176.603982] ? lock_acquire+0x427/0x4c0 [ 176.604293] ? __pfx_iommufd_test+0x10/0x10 [ 176.604615] ? __pfx_lock_release+0x10/0x10 [ 176.604947] ? __pfx_lock_acquire+0x10/0x10 [ 176.605283] ? write_comp_data+0x2f/0x90 [ 176.605605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.605977] ? write_comp_data+0x2f/0x90 [ 176.606298] iommufd_fops_ioctl+0x37d/0x510 [ 176.606650] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.607023] ? write_comp_data+0x2f/0x90 [ 176.607351] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.607716] __x64_sys_ioctl+0x1a3/0x230 [ 176.608029] do_syscall_64+0x3b/0x90 [ 176.608328] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.608723] RIP: 0033:0x7f4b8743ee5d [ 176.609001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.610361] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.610948] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.611489] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.612030] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.612557] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.613097] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.613645] [ 176.613822] irq event stamp: 0 [ 176.614058] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.614554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.615184] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.615811] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.616277] ---[ end trace 0000000000000000 ]--- [ 176.618966] ------------[ cut here ]------------ [ 176.619346] WARNING: CPU: 1 PID: 1673 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.620108] Modules linked in: [ 176.620347] CPU: 1 PID: 1673 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.621006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.621842] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.622211] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.623609] RSP: 0018:ffff88802088fbd0 EFLAGS: 00010246 [ 176.624014] RAX: 0000000000000000 RBX: ffff88801637e0a8 RCX: 0000000000000000 [ 176.624551] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 176.625077] RBP: ffff88802088fbe8 R08: ffffed1002c6fc33 R09: ffffed1002c6fc33 [ 176.625612] R10: ffff88801637e193 R11: ffffed1002c6fc32 R12: ffff88800fcb2000 [ 176.626146] R13: ffff88801637e1e8 R14: ffff888020e7a100 R15: 0000000000000000 [ 176.626698] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.627316] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.627748] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.628286] PKRU: 55555554 [ 176.628499] Call Trace: [ 176.628692] [ 176.628866] iommufd_access_destroy_object+0x65/0x170 [ 176.629255] iommufd_object_destroy_user+0x18e/0x220 [ 176.629648] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.630094] iommufd_access_destroy+0x43/0x70 [ 176.630441] iommufd_test_staccess_release+0x8d/0xd0 [ 176.630861] __fput+0x26d/0xa40 [ 176.631131] ____fput+0x1e/0x30 [ 176.631398] task_work_run+0x1a4/0x2d0 [ 176.631699] ? __pfx_task_work_run+0x10/0x10 [ 176.632042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.632412] ? switch_task_namespaces+0xa9/0xe0 [ 176.632773] do_exit+0xb17/0x2ef0 [ 176.633038] ? lock_acquire+0x427/0x4c0 [ 176.633349] ? __pfx_lock_release+0x10/0x10 [ 176.633687] ? __kasan_check_write+0x18/0x20 [ 176.634021] ? do_raw_spin_lock+0x132/0x2a0 [ 176.634349] ? __pfx_do_exit+0x10/0x10 [ 176.634665] ? debug_smp_processor_id+0x20/0x30 [ 176.635020] ? rcu_is_watching+0x19/0xb0 [ 176.635343] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.635686] ? trace_hardirqs_on+0x26/0x120 [ 176.636016] do_group_exit+0xe0/0x2b0 [ 176.636308] __x64_sys_exit_group+0x47/0x50 [ 176.636631] do_syscall_64+0x3b/0x90 [ 176.636922] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.637313] RIP: 0033:0x7f4b87518a4d [ 176.637591] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.638057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.638648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.639187] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.639721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.640256] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.640795] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.641334] [ 176.641515] irq event stamp: 0 [ 176.641752] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.642222] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.642860] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.643494] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.643961] ---[ end trace 0000000000000000 ]--- [ 176.644645] ------------[ cut here ]------------ [ 176.644998] WARNING: CPU: 1 PID: 1673 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.645753] Modules linked in: [ 176.645994] CPU: 1 PID: 1673 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.646662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.647509] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.647898] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.649257] RSP: 0018:ffff88802088fb78 EFLAGS: 00010246 [ 176.649656] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.650193] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 176.650749] RBP: ffff88802088fb98 R08: ffffed1002c6fc3e R09: ffffed1002c6fc3e [ 176.651299] R10: ffff88801637e1ef R11: ffffed1002c6fc3d R12: ffff88801637e290 [ 176.651828] R13: ffff88801637e0a8 R14: ffffffffffffffff R15: ffff88802088fc60 [ 176.652362] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.652970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.653402] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.653935] PKRU: 55555554 [ 176.654149] Call Trace: [ 176.654341] [ 176.654535] iommufd_ioas_destroy+0x53/0x70 [ 176.654868] iommufd_fops_release+0x1f7/0x370 [ 176.655231] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.655614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.655985] ? write_comp_data+0x2f/0x90 [ 176.656309] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.656694] __fput+0x26d/0xa40 [ 176.656964] ____fput+0x1e/0x30 [ 176.657238] task_work_run+0x1a4/0x2d0 [ 176.657545] ? __pfx_task_work_run+0x10/0x10 [ 176.657888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.658272] ? switch_task_namespaces+0xa9/0xe0 [ 176.658659] do_exit+0xb17/0x2ef0 [ 176.658928] ? lock_acquire+0x427/0x4c0 [ 176.659248] ? __pfx_lock_release+0x10/0x10 [ 176.659579] ? __kasan_check_write+0x18/0x20 [ 176.659927] ? do_raw_spin_lock+0x132/0x2a0 [ 176.660262] ? __pfx_do_exit+0x10/0x10 [ 176.660568] ? debug_smp_processor_id+0x20/0x30 [ 176.660936] ? rcu_is_watching+0x19/0xb0 [ 176.661249] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.661596] ? trace_hardirqs_on+0x26/0x120 [ 176.661931] do_group_exit+0xe0/0x2b0 [ 176.662230] __x64_sys_exit_group+0x47/0x50 [ 176.662587] do_syscall_64+0x3b/0x90 [ 176.662882] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.663300] RIP: 0033:0x7f4b87518a4d [ 176.663582] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.664044] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.664612] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.665147] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.665680] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.666222] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.666778] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.667322] [ 176.667499] irq event stamp: 0 [ 176.667736] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.668206] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.668836] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.669467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.669951] ---[ end trace 0000000000000000 ]--- [ 176.673584] ------------[ cut here ]------------ [ 176.673981] WARNING: CPU: 0 PID: 1674 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.674990] Modules linked in: [ 176.675248] CPU: 0 PID: 1674 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.675902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.676738] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.677109] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.678467] RSP: 0018:ffff88801818fbb8 EFLAGS: 00010246 [ 176.678898] RAX: 0000000000000000 RBX: ffff888011e3a8a8 RCX: 0000000000000000 [ 176.679446] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 176.679978] RBP: ffff88801818fbd0 R08: ffffed10023c7533 R09: ffffed10023c7533 [ 176.680513] R10: ffff888011e3a993 R11: ffffed10023c7532 R12: ffff888013edb800 [ 176.681043] R13: ffff888011e3a9e8 R14: ffffffff8352e670 R15: ffff88801818fe68 [ 176.681575] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.682171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.682633] CR2: 0000000020000140 CR3: 0000000014752000 CR4: 0000000000750ef0 [ 176.683184] PKRU: 55555554 [ 176.683396] Call Trace: [ 176.683589] [ 176.683760] __iommufd_access_detach+0x1c2/0x2b0 [ 176.684131] iommufd_access_change_pt+0x149/0x270 [ 176.684504] iommufd_access_replace+0xb4/0x120 [ 176.684860] iommufd_test+0x3e5/0x37e0 [ 176.685161] ? lock_release+0x532/0x770 [ 176.685486] ? __might_fault+0x102/0x1b0 [ 176.685815] ? lock_acquire+0x427/0x4c0 [ 176.686139] ? __pfx_iommufd_test+0x10/0x10 [ 176.686479] ? __pfx_lock_release+0x10/0x10 [ 176.686856] ? __pfx_lock_acquire+0x10/0x10 [ 176.687220] ? write_comp_data+0x2f/0x90 [ 176.687551] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.687943] ? write_comp_data+0x2f/0x90 [ 176.688269] iommufd_fops_ioctl+0x37d/0x510 [ 176.688616] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.689010] ? write_comp_data+0x2f/0x90 [ 176.689341] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.689733] __x64_sys_ioctl+0x1a3/0x230 [ 176.690068] do_syscall_64+0x3b/0x90 [ 176.690375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.690808] RIP: 0033:0x7f4b8743ee5d [ 176.691101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.692500] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.693089] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.693635] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.694177] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.694748] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.695305] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.695864] [ 176.696046] irq event stamp: 0 [ 176.696288] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.696774] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.697413] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.698055] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.698563] ---[ end trace 0000000000000000 ]--- [ 176.701441] ------------[ cut here ]------------ [ 176.701837] WARNING: CPU: 0 PID: 1674 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.702849] Modules linked in: [ 176.703106] CPU: 0 PID: 1674 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.703802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.704686] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.705089] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.706582] RSP: 0018:ffff88801818fbd0 EFLAGS: 00010246 [ 176.707021] RAX: 0000000000000000 RBX: ffff888011e3a8a8 RCX: 0000000000000000 [ 176.707613] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 176.708193] RBP: ffff88801818fbe8 R08: ffffed10023c7533 R09: ffffed10023c7533 [ 176.708778] R10: ffff888011e3a993 R11: ffffed10023c7532 R12: ffff888013f80c00 [ 176.709350] R13: ffff888011e3a9e8 R14: ffff888020a6e100 R15: 0000000000000000 [ 176.709927] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 176.710597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.711074] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 176.711666] PKRU: 55555554 [ 176.711902] Call Trace: [ 176.712114] [ 176.712300] iommufd_access_destroy_object+0x65/0x170 [ 176.712734] iommufd_object_destroy_user+0x18e/0x220 [ 176.713159] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.713643] iommufd_access_destroy+0x43/0x70 [ 176.714024] iommufd_test_staccess_release+0x8d/0xd0 [ 176.714462] __fput+0x26d/0xa40 [ 176.714787] ____fput+0x1e/0x30 [ 176.715078] task_work_run+0x1a4/0x2d0 [ 176.715443] ? __pfx_task_work_run+0x10/0x10 [ 176.715818] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.716229] ? switch_task_namespaces+0xa9/0xe0 [ 176.716623] do_exit+0xb17/0x2ef0 [ 176.716912] ? lock_acquire+0x427/0x4c0 [ 176.717253] ? __pfx_lock_release+0x10/0x10 [ 176.717613] ? __kasan_check_write+0x18/0x20 [ 176.717997] ? do_raw_spin_lock+0x132/0x2a0 [ 176.718358] ? __pfx_do_exit+0x10/0x10 [ 176.718717] ? debug_smp_processor_id+0x20/0x30 [ 176.719105] ? rcu_is_watching+0x19/0xb0 [ 176.719452] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.719830] ? trace_hardirqs_on+0x26/0x120 [ 176.720192] do_group_exit+0xe0/0x2b0 [ 176.720515] __x64_sys_exit_group+0x47/0x50 [ 176.720878] do_syscall_64+0x3b/0x90 [ 176.721200] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.721648] RIP: 0033:0x7f4b87518a4d [ 176.721968] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.722497] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.723193] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.723803] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.724408] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.725015] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.725637] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.726260] [ 176.726467] irq event stamp: 0 [ 176.726773] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.727336] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.728058] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.728776] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.729326] ---[ end trace 0000000000000000 ]--- [ 176.730597] ------------[ cut here ]------------ [ 176.731239] WARNING: CPU: 1 PID: 1674 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.732510] Modules linked in: [ 176.733184] CPU: 1 PID: 1674 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.734226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.735978] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.736629] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.739020] RSP: 0018:ffff88801818fb78 EFLAGS: 00010246 [ 176.739875] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.740756] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 176.741667] RBP: ffff88801818fb98 R08: ffffed10023c753e R09: ffffed10023c753e [ 176.742688] R10: ffff888011e3a9ef R11: ffffed10023c753d R12: ffff888011e3aa90 [ 176.743618] R13: ffff888011e3a8a8 R14: ffffffffffffffff R15: ffff88801818fc60 [ 176.744672] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.745675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.746585] CR2: 00007f82e2f5f000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 176.747493] PKRU: 55555554 [ 176.747851] Call Trace: [ 176.748172] [ 176.748487] iommufd_ioas_destroy+0x53/0x70 [ 176.749135] iommufd_fops_release+0x1f7/0x370 [ 176.749726] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.750387] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.751265] ? write_comp_data+0x2f/0x90 [ 176.751833] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.752491] __fput+0x26d/0xa40 [ 176.752959] ____fput+0x1e/0x30 [ 176.753555] task_work_run+0x1a4/0x2d0 [ 176.754089] ? __pfx_task_work_run+0x10/0x10 [ 176.754738] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.755421] ? switch_task_namespaces+0xa9/0xe0 [ 176.756200] do_exit+0xb17/0x2ef0 [ 176.756664] ? lock_acquire+0x427/0x4c0 [ 176.757198] ? __pfx_lock_release+0x10/0x10 [ 176.757766] ? __kasan_check_write+0x18/0x20 [ 176.758582] ? do_raw_spin_lock+0x132/0x2a0 [ 176.759228] ? __pfx_do_exit+0x10/0x10 [ 176.759781] ? debug_smp_processor_id+0x20/0x30 [ 176.760422] ? rcu_is_watching+0x19/0xb0 [ 176.761170] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.761816] ? trace_hardirqs_on+0x26/0x120 [ 176.762393] do_group_exit+0xe0/0x2b0 [ 176.762998] __x64_sys_exit_group+0x47/0x50 [ 176.763644] do_syscall_64+0x3b/0x90 [ 176.764366] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.765100] RIP: 0033:0x7f4b87518a4d [ 176.765633] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.766675] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.767847] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.768821] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.769991] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.771037] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.772096] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.773186] [ 176.773521] irq event stamp: 0 [ 176.773957] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.775047] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.776216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.777469] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.778408] ---[ end trace 0000000000000000 ]--- [ 176.786088] ------------[ cut here ]------------ [ 176.786831] WARNING: CPU: 1 PID: 1675 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.788453] Modules linked in: [ 176.788917] CPU: 1 PID: 1675 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.790102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.791929] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.792640] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.795383] RSP: 0018:ffff888010f4fbb8 EFLAGS: 00010246 [ 176.796203] RAX: 0000000000000000 RBX: ffff88800f6268a8 RCX: 0000000000000000 [ 176.797250] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 176.798254] RBP: ffff888010f4fbd0 R08: ffffed1001ec4d33 R09: ffffed1001ec4d33 [ 176.799590] R10: ffff88800f626993 R11: ffffed1001ec4d32 R12: ffff8880138aec00 [ 176.800570] R13: ffff88800f6269e8 R14: ffffffff8352e670 R15: ffff888010f4fe68 [ 176.801573] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.802853] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.803666] CR2: 0000000020000140 CR3: 0000000014752000 CR4: 0000000000750ee0 [ 176.804869] PKRU: 55555554 [ 176.805275] Call Trace: [ 176.805638] [ 176.805967] __iommufd_access_detach+0x1c2/0x2b0 [ 176.806727] iommufd_access_change_pt+0x149/0x270 [ 176.807547] iommufd_access_replace+0xb4/0x120 [ 176.808358] iommufd_test+0x3e5/0x37e0 [ 176.808907] ? lock_release+0x532/0x770 [ 176.809483] ? __might_fault+0x102/0x1b0 [ 176.810305] ? lock_acquire+0x427/0x4c0 [ 176.810943] ? __pfx_iommufd_test+0x10/0x10 [ 176.811570] ? __pfx_lock_release+0x10/0x10 [ 176.812178] ? __pfx_lock_acquire+0x10/0x10 [ 176.813027] ? write_comp_data+0x2f/0x90 [ 176.813752] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.814442] ? write_comp_data+0x2f/0x90 [ 176.815258] iommufd_fops_ioctl+0x37d/0x510 [ 176.816020] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.816723] ? write_comp_data+0x2f/0x90 [ 176.817328] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.818127] __x64_sys_ioctl+0x1a3/0x230 [ 176.818899] do_syscall_64+0x3b/0x90 [ 176.819497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.820249] RIP: 0033:0x7f4b8743ee5d [ 176.820884] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.823743] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.824781] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.825749] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.827018] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.828039] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.829155] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.830278] [ 176.830683] irq event stamp: 0 [ 176.831169] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.832142] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.833354] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.834804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.835695] ---[ end trace 0000000000000000 ]--- [ 176.840871] ------------[ cut here ]------------ [ 176.841611] WARNING: CPU: 1 PID: 1675 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.843197] Modules linked in: [ 176.843664] CPU: 1 PID: 1675 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.845077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.846747] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.847481] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.850077] RSP: 0018:ffff888010f4fbd0 EFLAGS: 00010246 [ 176.850889] RAX: 0000000000000000 RBX: ffff88800f6268a8 RCX: 0000000000000000 [ 176.852063] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 176.853021] RBP: ffff888010f4fbe8 R08: ffffed1001ec4d33 R09: ffffed1001ec4d33 [ 176.854043] R10: ffff88800f626993 R11: ffffed1001ec4d32 R12: ffff88801226d000 [ 176.855238] R13: ffff88800f6269e8 R14: ffff88800fa77000 R15: 0000000000000000 [ 176.856209] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.857515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.858309] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 176.859541] PKRU: 55555554 [ 176.859947] Call Trace: [ 176.860310] [ 176.860634] iommufd_access_destroy_object+0x65/0x170 [ 176.861380] iommufd_object_destroy_user+0x18e/0x220 [ 176.862271] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 176.863155] iommufd_access_destroy+0x43/0x70 [ 176.863810] iommufd_test_staccess_release+0x8d/0xd0 [ 176.864687] __fput+0x26d/0xa40 [ 176.865173] ____fput+0x1e/0x30 [ 176.865654] task_work_run+0x1a4/0x2d0 [ 176.866224] ? __pfx_task_work_run+0x10/0x10 [ 176.867104] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.867827] ? switch_task_namespaces+0xa9/0xe0 [ 176.868503] do_exit+0xb17/0x2ef0 [ 176.868994] ? lock_acquire+0x427/0x4c0 [ 176.869731] ? __pfx_lock_release+0x10/0x10 [ 176.870341] ? __kasan_check_write+0x18/0x20 [ 176.871030] ? do_raw_spin_lock+0x132/0x2a0 [ 176.871698] ? __pfx_do_exit+0x10/0x10 [ 176.872342] ? debug_smp_processor_id+0x20/0x30 [ 176.873066] ? rcu_is_watching+0x19/0xb0 [ 176.873628] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.874249] ? trace_hardirqs_on+0x26/0x120 [ 176.875094] do_group_exit+0xe0/0x2b0 [ 176.875651] __x64_sys_exit_group+0x47/0x50 [ 176.876247] do_syscall_64+0x3b/0x90 [ 176.876780] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.877608] RIP: 0033:0x7f4b87518a4d [ 176.878190] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.879095] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.880285] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.881341] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.882370] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.883543] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.884542] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.885718] [ 176.886050] irq event stamp: 0 [ 176.886481] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.887469] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.888797] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.890072] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.891102] ---[ end trace 0000000000000000 ]--- [ 176.892631] ------------[ cut here ]------------ [ 176.893431] WARNING: CPU: 1 PID: 1675 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 176.894925] Modules linked in: [ 176.895428] CPU: 1 PID: 1675 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.896624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.898121] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 176.898899] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 176.901378] RSP: 0018:ffff888010f4fb78 EFLAGS: 00010246 [ 176.902121] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 176.903173] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 176.904154] RBP: ffff888010f4fb98 R08: ffffed1001ec4d3e R09: ffffed1001ec4d3e [ 176.905109] R10: ffff88800f6269ef R11: ffffed1001ec4d3d R12: ffff88800f626a90 [ 176.906058] R13: ffff88800f6268a8 R14: ffffffffffffffff R15: ffff888010f4fc60 [ 176.907067] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.908185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.908969] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 176.909928] PKRU: 55555554 [ 176.910327] Call Trace: [ 176.910743] [ 176.911078] iommufd_ioas_destroy+0x53/0x70 [ 176.911701] iommufd_fops_release+0x1f7/0x370 [ 176.912188] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.912716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.913247] ? write_comp_data+0x2f/0x90 [ 176.913684] ? __pfx_iommufd_fops_release+0x10/0x10 [ 176.914222] __fput+0x26d/0xa40 [ 176.914628] ____fput+0x1e/0x30 [ 176.915066] task_work_run+0x1a4/0x2d0 [ 176.915537] ? __pfx_task_work_run+0x10/0x10 [ 176.916009] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.916542] ? switch_task_namespaces+0xa9/0xe0 [ 176.917038] do_exit+0xb17/0x2ef0 [ 176.917417] ? lock_acquire+0x427/0x4c0 [ 176.917847] ? __pfx_lock_release+0x10/0x10 [ 176.918316] ? __kasan_check_write+0x18/0x20 [ 176.918826] ? do_raw_spin_lock+0x132/0x2a0 [ 176.919632] ? __pfx_do_exit+0x10/0x10 [ 176.920205] ? debug_smp_processor_id+0x20/0x30 [ 176.920855] ? rcu_is_watching+0x19/0xb0 [ 176.921420] ? _raw_spin_unlock_irq+0x2b/0x60 [ 176.922060] ? trace_hardirqs_on+0x26/0x120 [ 176.922745] do_group_exit+0xe0/0x2b0 [ 176.923318] __x64_sys_exit_group+0x47/0x50 [ 176.923909] do_syscall_64+0x3b/0x90 [ 176.924438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.925167] RIP: 0033:0x7f4b87518a4d [ 176.925685] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 176.926602] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 176.927667] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 176.928645] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 176.929616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 176.930630] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 176.931636] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 176.932650] [ 176.933003] irq event stamp: 0 [ 176.933452] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.934324] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.935560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.936688] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.937539] ---[ end trace 0000000000000000 ]--- [ 176.944660] ------------[ cut here ]------------ [ 176.945324] WARNING: CPU: 1 PID: 1676 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.946692] Modules linked in: [ 176.947148] CPU: 1 PID: 1676 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.948265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.949710] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.950367] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.952731] RSP: 0018:ffff888010b97bb8 EFLAGS: 00010246 [ 176.953414] RAX: 0000000000000000 RBX: ffff888015d2d8a8 RCX: 0000000000000000 [ 176.954294] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 176.955245] RBP: ffff888010b97bd0 R08: ffffed1002ba5b33 R09: ffffed1002ba5b33 [ 176.956135] R10: ffff888015d2d993 R11: ffffed1002ba5b32 R12: ffff88800f0e0c00 [ 176.957023] R13: ffff888015d2d9e8 R14: ffffffff8352e670 R15: ffff888010b97e68 [ 176.957900] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 176.958950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 176.959712] CR2: 0000000020000140 CR3: 00000000148b0000 CR4: 0000000000750ee0 [ 176.960606] PKRU: 55555554 [ 176.960980] Call Trace: [ 176.961307] [ 176.961598] __iommufd_access_detach+0x1c2/0x2b0 [ 176.962225] iommufd_access_change_pt+0x149/0x270 [ 176.962908] iommufd_access_replace+0xb4/0x120 [ 176.963514] iommufd_test+0x3e5/0x37e0 [ 176.964006] ? lock_release+0x532/0x770 [ 176.964509] ? __might_fault+0x102/0x1b0 [ 176.965023] ? lock_acquire+0x427/0x4c0 [ 176.965525] ? __pfx_iommufd_test+0x10/0x10 [ 176.966049] ? __pfx_lock_release+0x10/0x10 [ 176.966638] ? __pfx_lock_acquire+0x10/0x10 [ 176.967213] ? write_comp_data+0x2f/0x90 [ 176.967730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 176.968336] ? write_comp_data+0x2f/0x90 [ 176.968851] iommufd_fops_ioctl+0x37d/0x510 [ 176.969391] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.969994] ? write_comp_data+0x2f/0x90 [ 176.970544] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 176.971165] __x64_sys_ioctl+0x1a3/0x230 [ 176.971688] do_syscall_64+0x3b/0x90 [ 176.972164] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 176.972798] RIP: 0033:0x7f4b8743ee5d [ 176.973252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 176.975467] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 176.976385] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 176.977246] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 176.978097] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 176.978986] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 176.979864] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 176.980728] [ 176.981017] irq event stamp: 0 [ 176.981406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 176.982164] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 176.983220] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 176.984227] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 176.984984] ---[ end trace 0000000000000000 ]--- [ 176.989635] ------------[ cut here ]------------ [ 176.990227] WARNING: CPU: 1 PID: 1676 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 176.991506] Modules linked in: [ 176.991911] CPU: 1 PID: 1676 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 176.992955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 176.994675] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 176.995433] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 176.997075] RSP: 0018:ffff888010b97bd0 EFLAGS: 00010246 [ 176.997565] RAX: 0000000000000000 RBX: ffff888015d2d8a8 RCX: 0000000000000000 [ 176.998304] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 176.998959] RBP: ffff888010b97be8 R08: ffffed1002ba5b33 R09: ffffed1002ba5b33 [ 176.999570] R10: ffff888015d2d993 R11: ffffed1002ba5b32 R12: ffff8880138ae000 [ 177.000277] R13: ffff888015d2d9e8 R14: ffff88802097aa00 R15: 0000000000000000 [ 177.000858] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 177.001512] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.002123] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 177.002723] PKRU: 55555554 [ 177.002962] Call Trace: [ 177.003187] [ 177.003378] iommufd_access_destroy_object+0x65/0x170 [ 177.003835] iommufd_object_destroy_user+0x18e/0x220 [ 177.004350] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.004841] iommufd_access_destroy+0x43/0x70 [ 177.005227] iommufd_test_staccess_release+0x8d/0xd0 [ 177.005670] __fput+0x26d/0xa40 [ 177.006052] ____fput+0x1e/0x30 [ 177.006335] task_work_run+0x1a4/0x2d0 [ 177.006685] ? __pfx_task_work_run+0x10/0x10 [ 177.007057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.007479] ? switch_task_namespaces+0xa9/0xe0 [ 177.007894] do_exit+0xb17/0x2ef0 [ 177.008289] ? lock_acquire+0x427/0x4c0 [ 177.008628] ? __pfx_lock_release+0x10/0x10 [ 177.008995] ? __kasan_check_write+0x18/0x20 [ 177.009367] ? do_raw_spin_lock+0x132/0x2a0 [ 177.009733] ? __pfx_do_exit+0x10/0x10 [ 177.010147] ? debug_smp_processor_id+0x20/0x30 [ 177.010554] ? rcu_is_watching+0x19/0xb0 [ 177.010890] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.011272] ? trace_hardirqs_on+0x26/0x120 [ 177.011626] do_group_exit+0xe0/0x2b0 [ 177.011968] __x64_sys_exit_group+0x47/0x50 [ 177.012416] do_syscall_64+0x3b/0x90 [ 177.012731] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.013160] RIP: 0033:0x7f4b87518a4d [ 177.013461] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.014023] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.014717] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.015302] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.015873] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.016587] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.017173] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.017767] [ 177.017962] irq event stamp: 0 [ 177.018285] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.018883] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.019574] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.020284] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.020877] ---[ end trace 0000000000000000 ]--- [ 177.021718] ------------[ cut here ]------------ [ 177.022163] WARNING: CPU: 1 PID: 1676 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.023101] Modules linked in: [ 177.023387] CPU: 1 PID: 1676 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.024103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.025151] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.025577] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.027229] RSP: 0018:ffff888010b97b78 EFLAGS: 00010246 [ 177.027674] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.028257] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 177.028954] RBP: ffff888010b97b98 R08: ffffed1002ba5b3e R09: ffffed1002ba5b3e [ 177.029534] R10: ffff888015d2d9ef R11: ffffed1002ba5b3d R12: ffff888015d2da90 [ 177.030123] R13: ffff888015d2d8a8 R14: ffffffffffffffff R15: ffff888010b97c60 [ 177.030720] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 177.031390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.031866] CR2: 00007f4b875fca50 CR3: 00000000141f6000 CR4: 0000000000750ee0 [ 177.032445] PKRU: 55555554 [ 177.032679] Call Trace: [ 177.032889] [ 177.033077] iommufd_ioas_destroy+0x53/0x70 [ 177.033443] iommufd_fops_release+0x1f7/0x370 [ 177.033819] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.034231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.034665] ? write_comp_data+0x2f/0x90 [ 177.035008] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.035437] __fput+0x26d/0xa40 [ 177.035726] ____fput+0x1e/0x30 [ 177.036006] task_work_run+0x1a4/0x2d0 [ 177.036336] ? __pfx_task_work_run+0x10/0x10 [ 177.036706] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.037107] ? switch_task_namespaces+0xa9/0xe0 [ 177.037496] do_exit+0xb17/0x2ef0 [ 177.037781] ? lock_acquire+0x427/0x4c0 [ 177.038111] ? __pfx_lock_release+0x10/0x10 [ 177.038467] ? __kasan_check_write+0x18/0x20 [ 177.038845] ? do_raw_spin_lock+0x132/0x2a0 [ 177.039205] ? __pfx_do_exit+0x10/0x10 [ 177.039528] ? debug_smp_processor_id+0x20/0x30 [ 177.039907] ? rcu_is_watching+0x19/0xb0 [ 177.040238] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.040607] ? trace_hardirqs_on+0x26/0x120 [ 177.040962] do_group_exit+0xe0/0x2b0 [ 177.041272] __x64_sys_exit_group+0x47/0x50 [ 177.041620] do_syscall_64+0x3b/0x90 [ 177.041933] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.042361] RIP: 0033:0x7f4b87518a4d [ 177.042682] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.043191] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.043804] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.044380] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.044945] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.045512] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.046078] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.046681] [ 177.046872] irq event stamp: 0 [ 177.047136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.047640] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.048307] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.048976] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.049477] ---[ end trace 0000000000000000 ]--- [ 177.053750] ------------[ cut here ]------------ [ 177.054176] WARNING: CPU: 0 PID: 1677 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.055279] Modules linked in: [ 177.055552] CPU: 0 PID: 1677 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.056255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.057168] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.057579] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.059076] RSP: 0018:ffff888010f4fbb8 EFLAGS: 00010246 [ 177.059532] RAX: 0000000000000000 RBX: ffff888020f920a8 RCX: 0000000000000000 [ 177.060103] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 177.060677] RBP: ffff888010f4fbd0 R08: ffffed10041f2433 R09: ffffed10041f2433 [ 177.061250] R10: ffff888020f92193 R11: ffffed10041f2432 R12: ffff888014391800 [ 177.061824] R13: ffff888020f921e8 R14: ffffffff8352e670 R15: ffff888010f4fe68 [ 177.062406] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.063098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.063578] CR2: 0000000020000140 CR3: 00000000148b0000 CR4: 0000000000750ef0 [ 177.064163] PKRU: 55555554 [ 177.064393] Call Trace: [ 177.064600] [ 177.064786] __iommufd_access_detach+0x1c2/0x2b0 [ 177.065197] iommufd_access_change_pt+0x149/0x270 [ 177.065603] iommufd_access_replace+0xb4/0x120 [ 177.065985] iommufd_test+0x3e5/0x37e0 [ 177.066306] ? lock_release+0x532/0x770 [ 177.066660] ? __might_fault+0x102/0x1b0 [ 177.067000] ? lock_acquire+0x427/0x4c0 [ 177.067346] ? __pfx_iommufd_test+0x10/0x10 [ 177.067708] ? __pfx_lock_release+0x10/0x10 [ 177.068071] ? __pfx_lock_acquire+0x10/0x10 [ 177.068432] ? write_comp_data+0x2f/0x90 [ 177.068783] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.069186] ? write_comp_data+0x2f/0x90 [ 177.069538] iommufd_fops_ioctl+0x37d/0x510 [ 177.069894] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.070308] ? write_comp_data+0x2f/0x90 [ 177.070680] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.071091] __x64_sys_ioctl+0x1a3/0x230 [ 177.071453] do_syscall_64+0x3b/0x90 [ 177.071766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.072200] RIP: 0033:0x7f4b8743ee5d [ 177.072506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.073989] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.074643] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.075231] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.075815] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.076387] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.076961] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.077526] [ 177.077709] irq event stamp: 0 [ 177.077956] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.078457] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.079130] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.079795] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.080297] ---[ end trace 0000000000000000 ]--- [ 177.083276] ------------[ cut here ]------------ [ 177.083676] WARNING: CPU: 0 PID: 1677 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.084473] Modules linked in: [ 177.084718] CPU: 0 PID: 1677 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.085393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.086254] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.086657] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.088078] RSP: 0018:ffff888010f4fbd0 EFLAGS: 00010246 [ 177.088488] RAX: 0000000000000000 RBX: ffff888020f920a8 RCX: 0000000000000000 [ 177.089030] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 177.089582] RBP: ffff888010f4fbe8 R08: ffffed10041f2433 R09: ffffed10041f2433 [ 177.090131] R10: ffff888020f92193 R11: ffffed10041f2432 R12: ffff888013ed8c00 [ 177.090696] R13: ffff888020f921e8 R14: ffff88800f953000 R15: 0000000000000000 [ 177.091261] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.091885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.092334] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.092885] PKRU: 55555554 [ 177.093101] Call Trace: [ 177.093299] [ 177.093478] iommufd_access_destroy_object+0x65/0x170 [ 177.093878] iommufd_object_destroy_user+0x18e/0x220 [ 177.094281] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.094753] iommufd_access_destroy+0x43/0x70 [ 177.095112] iommufd_test_staccess_release+0x8d/0xd0 [ 177.095519] __fput+0x26d/0xa40 [ 177.095793] ____fput+0x1e/0x30 [ 177.096056] task_work_run+0x1a4/0x2d0 [ 177.096364] ? __pfx_task_work_run+0x10/0x10 [ 177.096712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.097095] ? switch_task_namespaces+0xa9/0xe0 [ 177.097474] do_exit+0xb17/0x2ef0 [ 177.097744] ? lock_acquire+0x427/0x4c0 [ 177.098064] ? __pfx_lock_release+0x10/0x10 [ 177.098415] ? __kasan_check_write+0x18/0x20 [ 177.098777] ? do_raw_spin_lock+0x132/0x2a0 [ 177.099124] ? __pfx_do_exit+0x10/0x10 [ 177.099439] ? debug_smp_processor_id+0x20/0x30 [ 177.099805] ? rcu_is_watching+0x19/0xb0 [ 177.100130] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.100484] ? trace_hardirqs_on+0x26/0x120 [ 177.100834] do_group_exit+0xe0/0x2b0 [ 177.101131] __x64_sys_exit_group+0x47/0x50 [ 177.101468] do_syscall_64+0x3b/0x90 [ 177.101766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.102176] RIP: 0033:0x7f4b87518a4d [ 177.102460] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.102958] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.103557] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.104101] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.104653] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.105202] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.105754] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.106320] [ 177.106501] irq event stamp: 0 [ 177.106767] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.107260] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.107914] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.108551] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.109037] ---[ end trace 0000000000000000 ]--- [ 177.109707] ------------[ cut here ]------------ [ 177.110081] WARNING: CPU: 0 PID: 1677 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.110891] Modules linked in: [ 177.111161] CPU: 0 PID: 1677 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.111840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.112707] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.113107] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.114540] RSP: 0018:ffff888010f4fb78 EFLAGS: 00010246 [ 177.114957] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.115507] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 177.116051] RBP: ffff888010f4fb98 R08: ffffed10041f243e R09: ffffed10041f243e [ 177.116603] R10: ffff888020f921ef R11: ffffed10041f243d R12: ffff888020f92290 [ 177.117158] R13: ffff888020f920a8 R14: ffffffffffffffff R15: ffff888010f4fc60 [ 177.117711] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.118328] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.118794] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.119356] PKRU: 55555554 [ 177.119574] Call Trace: [ 177.119779] [ 177.119959] iommufd_ioas_destroy+0x53/0x70 [ 177.120301] iommufd_fops_release+0x1f7/0x370 [ 177.120652] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.121044] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.121433] ? write_comp_data+0x2f/0x90 [ 177.121760] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.122152] __fput+0x26d/0xa40 [ 177.122430] ____fput+0x1e/0x30 [ 177.122712] task_work_run+0x1a4/0x2d0 [ 177.123025] ? __pfx_task_work_run+0x10/0x10 [ 177.123387] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.123762] ? switch_task_namespaces+0xa9/0xe0 [ 177.124129] do_exit+0xb17/0x2ef0 [ 177.124392] ? lock_acquire+0x427/0x4c0 [ 177.124703] ? __pfx_lock_release+0x10/0x10 [ 177.125033] ? __kasan_check_write+0x18/0x20 [ 177.125368] ? do_raw_spin_lock+0x132/0x2a0 [ 177.125694] ? __pfx_do_exit+0x10/0x10 [ 177.126004] ? debug_smp_processor_id+0x20/0x30 [ 177.126357] ? rcu_is_watching+0x19/0xb0 [ 177.126691] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.127043] ? trace_hardirqs_on+0x26/0x120 [ 177.127385] do_group_exit+0xe0/0x2b0 [ 177.127677] __x64_sys_exit_group+0x47/0x50 [ 177.128013] do_syscall_64+0x3b/0x90 [ 177.128304] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.128711] RIP: 0033:0x7f4b87518a4d [ 177.128993] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.129459] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.130027] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.130588] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.131140] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.131676] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.132219] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.132772] [ 177.132949] irq event stamp: 0 [ 177.133185] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.133662] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.134291] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.134943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.135433] ---[ end trace 0000000000000000 ]--- [ 177.138974] ------------[ cut here ]------------ [ 177.139367] WARNING: CPU: 0 PID: 1678 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.140132] Modules linked in: [ 177.140372] CPU: 0 PID: 1678 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.141027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.141859] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.142237] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.143773] RSP: 0018:ffff88800f067bb8 EFLAGS: 00010246 [ 177.144174] RAX: 0000000000000000 RBX: ffff8880140398a8 RCX: 0000000000000000 [ 177.144709] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 177.145244] RBP: ffff88800f067bd0 R08: ffffed1002807333 R09: ffffed1002807333 [ 177.145782] R10: ffff888014039993 R11: ffffed1002807332 R12: ffff888012e96c00 [ 177.146311] R13: ffff8880140399e8 R14: ffffffff8352e670 R15: ffff88800f067e68 [ 177.146881] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.147492] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.147924] CR2: 0000000020000140 CR3: 0000000014752000 CR4: 0000000000750ef0 [ 177.148462] PKRU: 55555554 [ 177.148676] Call Trace: [ 177.148868] [ 177.149039] __iommufd_access_detach+0x1c2/0x2b0 [ 177.149416] iommufd_access_change_pt+0x149/0x270 [ 177.149797] iommufd_access_replace+0xb4/0x120 [ 177.150152] iommufd_test+0x3e5/0x37e0 [ 177.150448] ? lock_release+0x532/0x770 [ 177.150776] ? __might_fault+0x102/0x1b0 [ 177.151095] ? lock_acquire+0x427/0x4c0 [ 177.151415] ? __pfx_iommufd_test+0x10/0x10 [ 177.151747] ? __pfx_lock_release+0x10/0x10 [ 177.152078] ? __pfx_lock_acquire+0x10/0x10 [ 177.152416] ? write_comp_data+0x2f/0x90 [ 177.152730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.153101] ? write_comp_data+0x2f/0x90 [ 177.153426] iommufd_fops_ioctl+0x37d/0x510 [ 177.153756] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.154137] ? write_comp_data+0x2f/0x90 [ 177.154455] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.154843] __x64_sys_ioctl+0x1a3/0x230 [ 177.155169] do_syscall_64+0x3b/0x90 [ 177.155457] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.155848] RIP: 0033:0x7f4b8743ee5d [ 177.156125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.157465] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.158022] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.158571] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.159102] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.159632] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.160157] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.160684] [ 177.160866] irq event stamp: 0 [ 177.161099] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.161569] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.162187] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.162813] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.163285] ---[ end trace 0000000000000000 ]--- [ 177.165880] ------------[ cut here ]------------ [ 177.166264] WARNING: CPU: 0 PID: 1678 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.167033] Modules linked in: [ 177.167291] CPU: 0 PID: 1678 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.167937] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.168759] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.169123] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.170463] RSP: 0018:ffff88800f067bd0 EFLAGS: 00010246 [ 177.170888] RAX: 0000000000000000 RBX: ffff8880140398a8 RCX: 0000000000000000 [ 177.171419] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 177.171937] RBP: ffff88800f067be8 R08: ffffed1002807333 R09: ffffed1002807333 [ 177.172467] R10: ffff888014039993 R11: ffffed1002807332 R12: ffff888014393400 [ 177.172995] R13: ffff8880140399e8 R14: ffff888020e7ae00 R15: 0000000000000000 [ 177.173514] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.174107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.174549] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.175077] PKRU: 55555554 [ 177.175294] Call Trace: [ 177.175487] [ 177.175656] iommufd_access_destroy_object+0x65/0x170 [ 177.176045] iommufd_object_destroy_user+0x18e/0x220 [ 177.176421] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.176854] iommufd_access_destroy+0x43/0x70 [ 177.177192] iommufd_test_staccess_release+0x8d/0xd0 [ 177.177577] __fput+0x26d/0xa40 [ 177.177836] ____fput+0x1e/0x30 [ 177.178096] task_work_run+0x1a4/0x2d0 [ 177.178390] ? __pfx_task_work_run+0x10/0x10 [ 177.178744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.179112] ? switch_task_namespaces+0xa9/0xe0 [ 177.179478] do_exit+0xb17/0x2ef0 [ 177.179736] ? lock_acquire+0x427/0x4c0 [ 177.180039] ? __pfx_lock_release+0x10/0x10 [ 177.180373] ? __kasan_check_write+0x18/0x20 [ 177.180705] ? do_raw_spin_lock+0x132/0x2a0 [ 177.181033] ? __pfx_do_exit+0x10/0x10 [ 177.181333] ? debug_smp_processor_id+0x20/0x30 [ 177.181680] ? rcu_is_watching+0x19/0xb0 [ 177.181984] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.182325] ? trace_hardirqs_on+0x26/0x120 [ 177.182680] do_group_exit+0xe0/0x2b0 [ 177.182967] __x64_sys_exit_group+0x47/0x50 [ 177.183300] do_syscall_64+0x3b/0x90 [ 177.183586] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.183979] RIP: 0033:0x7f4b87518a4d [ 177.184261] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.184713] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.185272] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.185791] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.186327] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.186876] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.187409] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.187939] [ 177.188113] irq event stamp: 0 [ 177.188347] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.188816] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.189435] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.190056] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.190538] ---[ end trace 0000000000000000 ]--- [ 177.191222] ------------[ cut here ]------------ [ 177.191573] WARNING: CPU: 0 PID: 1678 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.192327] Modules linked in: [ 177.192565] CPU: 0 PID: 1678 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.193212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.194038] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.194418] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.195814] RSP: 0018:ffff88800f067b78 EFLAGS: 00010246 [ 177.196215] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.196736] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 177.197258] RBP: ffff88800f067b98 R08: ffffed100280733e R09: ffffed100280733e [ 177.197782] R10: ffff8880140399ef R11: ffffed100280733d R12: ffff888014039a90 [ 177.198305] R13: ffff8880140398a8 R14: ffffffffffffffff R15: ffff88800f067c60 [ 177.198848] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.199468] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.199896] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.200433] PKRU: 55555554 [ 177.200642] Call Trace: [ 177.200833] [ 177.201002] iommufd_ioas_destroy+0x53/0x70 [ 177.201338] iommufd_fops_release+0x1f7/0x370 [ 177.201676] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.202047] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.202425] ? write_comp_data+0x2f/0x90 [ 177.202760] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.203155] __fput+0x26d/0xa40 [ 177.203415] ____fput+0x1e/0x30 [ 177.203669] task_work_run+0x1a4/0x2d0 [ 177.203965] ? __pfx_task_work_run+0x10/0x10 [ 177.204294] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.204660] ? switch_task_namespaces+0xa9/0xe0 [ 177.205025] do_exit+0xb17/0x2ef0 [ 177.205284] ? lock_acquire+0x427/0x4c0 [ 177.205593] ? __pfx_lock_release+0x10/0x10 [ 177.205919] ? __kasan_check_write+0x18/0x20 [ 177.206256] ? do_raw_spin_lock+0x132/0x2a0 [ 177.206596] ? __pfx_do_exit+0x10/0x10 [ 177.206895] ? debug_smp_processor_id+0x20/0x30 [ 177.207262] ? rcu_is_watching+0x19/0xb0 [ 177.207569] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.207913] ? trace_hardirqs_on+0x26/0x120 [ 177.208253] do_group_exit+0xe0/0x2b0 [ 177.208538] __x64_sys_exit_group+0x47/0x50 [ 177.208868] do_syscall_64+0x3b/0x90 [ 177.209154] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.209549] RIP: 0033:0x7f4b87518a4d [ 177.209828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.210277] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.210870] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.211416] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.211942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.212473] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.213004] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.213538] [ 177.213711] irq event stamp: 0 [ 177.213945] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.214417] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.215060] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.215693] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.216155] ---[ end trace 0000000000000000 ]--- [ 177.220858] ------------[ cut here ]------------ [ 177.221244] WARNING: CPU: 0 PID: 1679 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.221994] Modules linked in: [ 177.222236] CPU: 0 PID: 1679 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.223074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.223912] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.224287] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.225625] RSP: 0018:ffff88801419fbb8 EFLAGS: 00010246 [ 177.226012] RAX: 0000000000000000 RBX: ffff88800ba208a8 RCX: 0000000000000000 [ 177.226558] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 177.227084] RBP: ffff88801419fbd0 R08: ffffed1001744133 R09: ffffed1001744133 [ 177.227617] R10: ffff88800ba20993 R11: ffffed1001744132 R12: ffff88801422f400 [ 177.228146] R13: ffff88800ba209e8 R14: ffffffff8352e670 R15: ffff88801419fe68 [ 177.228668] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.229262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.229686] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 177.230215] PKRU: 55555554 [ 177.230430] Call Trace: [ 177.230646] [ 177.230817] __iommufd_access_detach+0x1c2/0x2b0 [ 177.231193] iommufd_access_change_pt+0x149/0x270 [ 177.231564] iommufd_access_replace+0xb4/0x120 [ 177.231926] iommufd_test+0x3e5/0x37e0 [ 177.232214] ? lock_release+0x532/0x770 [ 177.232526] ? __might_fault+0x102/0x1b0 [ 177.232835] ? lock_acquire+0x427/0x4c0 [ 177.233141] ? __pfx_iommufd_test+0x10/0x10 [ 177.233462] ? __pfx_lock_release+0x10/0x10 [ 177.233801] ? __pfx_lock_acquire+0x10/0x10 [ 177.234145] ? write_comp_data+0x2f/0x90 [ 177.234454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.234846] ? write_comp_data+0x2f/0x90 [ 177.235168] iommufd_fops_ioctl+0x37d/0x510 [ 177.235505] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.235872] ? write_comp_data+0x2f/0x90 [ 177.236182] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.236550] __x64_sys_ioctl+0x1a3/0x230 [ 177.236860] do_syscall_64+0x3b/0x90 [ 177.237155] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.237551] RIP: 0033:0x7f4b8743ee5d [ 177.237827] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.239203] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.239769] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.240290] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.240819] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.241349] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.241874] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.242410] [ 177.242606] irq event stamp: 0 [ 177.242838] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.243317] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.243938] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.244548] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.245011] ---[ end trace 0000000000000000 ]--- [ 177.247650] ------------[ cut here ]------------ [ 177.248133] WARNING: CPU: 0 PID: 1679 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.249220] Modules linked in: [ 177.249465] CPU: 0 PID: 1679 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.250249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.251120] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.251491] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.252967] RSP: 0018:ffff88801419fbd0 EFLAGS: 00010246 [ 177.253361] RAX: 0000000000000000 RBX: ffff88800ba208a8 RCX: 0000000000000000 [ 177.253989] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 177.254701] RBP: ffff88801419fbe8 R08: ffffed1001744133 R09: ffffed1001744133 [ 177.255240] R10: ffff88800ba20993 R11: ffffed1001744132 R12: ffff888012e95400 [ 177.255901] R13: ffff88800ba209e8 R14: ffff8880139bcf00 R15: 0000000000000000 [ 177.256433] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.257018] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.257594] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.258128] PKRU: 55555554 [ 177.258339] Call Trace: [ 177.258551] [ 177.258721] iommufd_access_destroy_object+0x65/0x170 [ 177.259159] iommufd_object_destroy_user+0x18e/0x220 [ 177.259655] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.260088] iommufd_access_destroy+0x43/0x70 [ 177.260430] iommufd_test_staccess_release+0x8d/0xd0 [ 177.260876] __fput+0x26d/0xa40 [ 177.261251] ____fput+0x1e/0x30 [ 177.261506] task_work_run+0x1a4/0x2d0 [ 177.261803] ? __pfx_task_work_run+0x10/0x10 [ 177.262135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.262586] ? switch_task_namespaces+0xa9/0xe0 [ 177.263023] do_exit+0xb17/0x2ef0 [ 177.263300] ? lock_acquire+0x427/0x4c0 [ 177.263603] ? __pfx_lock_release+0x10/0x10 [ 177.263929] ? __kasan_check_write+0x18/0x20 [ 177.264271] ? do_raw_spin_lock+0x132/0x2a0 [ 177.264659] ? __pfx_do_exit+0x10/0x10 [ 177.265039] ? debug_smp_processor_id+0x20/0x30 [ 177.265393] ? rcu_is_watching+0x19/0xb0 [ 177.265696] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.266039] ? trace_hardirqs_on+0x26/0x120 [ 177.266483] do_group_exit+0xe0/0x2b0 [ 177.266790] __x64_sys_exit_group+0x47/0x50 [ 177.267120] do_syscall_64+0x3b/0x90 [ 177.267407] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.267800] RIP: 0033:0x7f4b87518a4d [ 177.268078] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.268673] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.269238] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.269766] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.270421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.270973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.271513] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.272104] [ 177.272365] irq event stamp: 0 [ 177.272601] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.273075] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.273750] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.274456] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.274960] ---[ end trace 0000000000000000 ]--- [ 177.275731] ------------[ cut here ]------------ [ 177.276202] WARNING: CPU: 0 PID: 1679 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.276978] Modules linked in: [ 177.277222] CPU: 0 PID: 1679 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.278014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.278887] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.279325] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.280804] RSP: 0018:ffff88801419fb78 EFLAGS: 00010246 [ 177.281334] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.281889] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 177.282445] RBP: ffff88801419fb98 R08: ffffed100174413e R09: ffffed100174413e [ 177.283359] R10: ffff88800ba209ef R11: ffffed100174413d R12: ffff88800ba20a90 [ 177.283919] R13: ffff88800ba208a8 R14: ffffffffffffffff R15: ffff88801419fc60 [ 177.284482] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.285256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.285716] CR2: 00007f4b875fca50 CR3: 000000000fce2000 CR4: 0000000000750ef0 [ 177.286267] PKRU: 55555554 [ 177.286497] Call Trace: [ 177.286723] [ 177.286923] iommufd_ioas_destroy+0x53/0x70 [ 177.287409] iommufd_fops_release+0x1f7/0x370 [ 177.287768] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.288162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.288546] ? write_comp_data+0x2f/0x90 [ 177.288996] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.289386] __fput+0x26d/0xa40 [ 177.289656] ____fput+0x1e/0x30 [ 177.289919] task_work_run+0x1a4/0x2d0 [ 177.290230] ? __pfx_task_work_run+0x10/0x10 [ 177.290752] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.291140] ? switch_task_namespaces+0xa9/0xe0 [ 177.291514] do_exit+0xb17/0x2ef0 [ 177.291791] ? lock_acquire+0x427/0x4c0 [ 177.292110] ? __pfx_lock_release+0x10/0x10 [ 177.292490] ? __kasan_check_write+0x18/0x20 [ 177.292947] ? do_raw_spin_lock+0x132/0x2a0 [ 177.293287] ? __pfx_do_exit+0x10/0x10 [ 177.293600] ? debug_smp_processor_id+0x20/0x30 [ 177.293967] ? rcu_is_watching+0x19/0xb0 [ 177.294430] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.294825] ? trace_hardirqs_on+0x26/0x120 [ 177.295179] do_group_exit+0xe0/0x2b0 [ 177.295470] __x64_sys_exit_group+0x47/0x50 [ 177.295806] do_syscall_64+0x3b/0x90 [ 177.296105] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.296663] RIP: 0033:0x7f4b87518a4d [ 177.296966] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.297444] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.298111] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.298767] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.299323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.299877] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.300577] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.301133] [ 177.301315] irq event stamp: 0 [ 177.301559] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.302185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.302848] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.303500] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.304127] ---[ end trace 0000000000000000 ]--- [ 177.308670] ------------[ cut here ]------------ [ 177.309189] WARNING: CPU: 0 PID: 1680 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.309975] Modules linked in: [ 177.310221] CPU: 0 PID: 1680 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.311050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.311932] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.312321] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.313759] RSP: 0018:ffff88800f067bb8 EFLAGS: 00010246 [ 177.314195] RAX: 0000000000000000 RBX: ffff888011e970a8 RCX: 0000000000000000 [ 177.314796] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 177.315387] RBP: ffff88800f067bd0 R08: ffffed10023d2e33 R09: ffffed10023d2e33 [ 177.315966] R10: ffff888011e97193 R11: ffffed10023d2e32 R12: ffff888018025c00 [ 177.316550] R13: ffff888011e971e8 R14: ffffffff8352e670 R15: ffff88800f067e68 [ 177.317123] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.317789] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.318272] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 177.318869] PKRU: 55555554 [ 177.319108] Call Trace: [ 177.319324] [ 177.319508] __iommufd_access_detach+0x1c2/0x2b0 [ 177.319919] iommufd_access_change_pt+0x149/0x270 [ 177.320317] iommufd_access_replace+0xb4/0x120 [ 177.320700] iommufd_test+0x3e5/0x37e0 [ 177.321027] ? lock_release+0x532/0x770 [ 177.321360] ? __might_fault+0x102/0x1b0 [ 177.321707] ? lock_acquire+0x427/0x4c0 [ 177.322045] ? __pfx_iommufd_test+0x10/0x10 [ 177.322405] ? __pfx_lock_release+0x10/0x10 [ 177.322787] ? __pfx_lock_acquire+0x10/0x10 [ 177.323189] ? write_comp_data+0x2f/0x90 [ 177.323536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.323938] ? write_comp_data+0x2f/0x90 [ 177.324284] iommufd_fops_ioctl+0x37d/0x510 [ 177.324642] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.325051] ? write_comp_data+0x2f/0x90 [ 177.325390] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.325790] __x64_sys_ioctl+0x1a3/0x230 [ 177.326129] do_syscall_64+0x3b/0x90 [ 177.326451] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.326900] RIP: 0033:0x7f4b8743ee5d [ 177.327224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.328718] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.329344] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.329929] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.330530] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.331123] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.331705] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.332293] [ 177.332485] irq event stamp: 0 [ 177.332741] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.333258] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.333945] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.334651] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.335172] ---[ end trace 0000000000000000 ]--- [ 177.338124] ------------[ cut here ]------------ [ 177.338556] WARNING: CPU: 0 PID: 1680 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.339440] Modules linked in: [ 177.339724] CPU: 0 PID: 1680 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.340577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.341499] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.342031] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.343580] RSP: 0018:ffff88800f067bd0 EFLAGS: 00010246 [ 177.344122] RAX: 0000000000000000 RBX: ffff888011e970a8 RCX: 0000000000000000 [ 177.344710] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 177.345290] RBP: ffff88800f067be8 R08: ffffed10023d2e33 R09: ffffed10023d2e33 [ 177.346008] R10: ffff888011e97193 R11: ffffed10023d2e32 R12: ffff88801422c000 [ 177.346616] R13: ffff888011e971e8 R14: ffff888021810d00 R15: 0000000000000000 [ 177.347216] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.348043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.348514] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.349110] PKRU: 55555554 [ 177.349465] Call Trace: [ 177.349673] [ 177.349856] iommufd_access_destroy_object+0x65/0x170 [ 177.350284] iommufd_object_destroy_user+0x18e/0x220 [ 177.350720] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.351351] iommufd_access_destroy+0x43/0x70 [ 177.351733] iommufd_test_staccess_release+0x8d/0xd0 [ 177.352154] __fput+0x26d/0xa40 [ 177.352447] ____fput+0x1e/0x30 [ 177.352799] task_work_run+0x1a4/0x2d0 [ 177.353209] ? __pfx_task_work_run+0x10/0x10 [ 177.353587] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.353991] ? switch_task_namespaces+0xa9/0xe0 [ 177.354412] do_exit+0xb17/0x2ef0 [ 177.354826] ? lock_acquire+0x427/0x4c0 [ 177.355178] ? __pfx_lock_release+0x10/0x10 [ 177.355535] ? __kasan_check_write+0x18/0x20 [ 177.355912] ? do_raw_spin_lock+0x132/0x2a0 [ 177.356268] ? __pfx_do_exit+0x10/0x10 [ 177.356600] ? debug_smp_processor_id+0x20/0x30 [ 177.356988] ? rcu_is_watching+0x19/0xb0 [ 177.357332] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.357706] ? trace_hardirqs_on+0x26/0x120 [ 177.358076] do_group_exit+0xe0/0x2b0 [ 177.358392] __x64_sys_exit_group+0x47/0x50 [ 177.358774] do_syscall_64+0x3b/0x90 [ 177.359088] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.359540] RIP: 0033:0x7f4b87518a4d [ 177.359840] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.360342] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.360958] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.361542] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.362126] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.362725] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.363306] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.363897] [ 177.364087] irq event stamp: 0 [ 177.364345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.364858] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.365542] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.366220] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.366746] ---[ end trace 0000000000000000 ]--- [ 177.367604] ------------[ cut here ]------------ [ 177.367997] WARNING: CPU: 0 PID: 1680 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.368827] Modules linked in: [ 177.369101] CPU: 0 PID: 1680 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.369987] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.370928] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.371405] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.373005] RSP: 0018:ffff88800f067b78 EFLAGS: 00010246 [ 177.373590] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.374172] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 177.374812] RBP: ffff88800f067b98 R08: ffffed10023d2e3e R09: ffffed10023d2e3e [ 177.375476] R10: ffff888011e971ef R11: ffffed10023d2e3d R12: ffff888011e97290 [ 177.376124] R13: ffff888011e970a8 R14: ffffffffffffffff R15: ffff88800f067c60 [ 177.376699] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.377358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.377833] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.378420] PKRU: 55555554 [ 177.378679] Call Trace: [ 177.378891] [ 177.379078] iommufd_ioas_destroy+0x53/0x70 [ 177.379462] iommufd_fops_release+0x1f7/0x370 [ 177.379831] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.380240] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.380651] ? write_comp_data+0x2f/0x90 [ 177.380992] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.381403] __fput+0x26d/0xa40 [ 177.381686] ____fput+0x1e/0x30 [ 177.381963] task_work_run+0x1a4/0x2d0 [ 177.382299] ? __pfx_task_work_run+0x10/0x10 [ 177.382685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.383091] ? switch_task_namespaces+0xa9/0xe0 [ 177.383488] do_exit+0xb17/0x2ef0 [ 177.383769] ? lock_acquire+0x427/0x4c0 [ 177.384111] ? __pfx_lock_release+0x10/0x10 [ 177.384468] ? __kasan_check_write+0x18/0x20 [ 177.384835] ? do_raw_spin_lock+0x132/0x2a0 [ 177.385198] ? __pfx_do_exit+0x10/0x10 [ 177.385522] ? debug_smp_processor_id+0x20/0x30 [ 177.385904] ? rcu_is_watching+0x19/0xb0 [ 177.386238] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.386645] ? trace_hardirqs_on+0x26/0x120 [ 177.387006] do_group_exit+0xe0/0x2b0 [ 177.387342] __x64_sys_exit_group+0x47/0x50 [ 177.387692] do_syscall_64+0x3b/0x90 [ 177.388009] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.388433] RIP: 0033:0x7f4b87518a4d [ 177.388747] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.389248] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.389867] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.390459] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.391075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.391684] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.392272] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.392855] [ 177.393045] irq event stamp: 0 [ 177.393312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.393833] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.394534] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.395232] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.395740] ---[ end trace 0000000000000000 ]--- [ 177.402118] ------------[ cut here ]------------ [ 177.402722] WARNING: CPU: 0 PID: 1681 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.403543] Modules linked in: [ 177.403795] CPU: 0 PID: 1681 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.404474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.405364] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.405755] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.407212] RSP: 0018:ffff88801419fbb8 EFLAGS: 00010246 [ 177.407637] RAX: 0000000000000000 RBX: ffff88801587d0a8 RCX: 0000000000000000 [ 177.408195] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 177.408753] RBP: ffff88801419fbd0 R08: ffffed1002b0fa33 R09: ffffed1002b0fa33 [ 177.409314] R10: ffff88801587d193 R11: ffffed1002b0fa32 R12: ffff88801226d400 [ 177.409869] R13: ffff88801587d1e8 R14: ffffffff8352e670 R15: ffff88801419fe68 [ 177.410433] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.411097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.411577] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 177.412132] PKRU: 55555554 [ 177.412364] Call Trace: [ 177.412563] [ 177.412741] __iommufd_access_detach+0x1c2/0x2b0 [ 177.413138] iommufd_access_change_pt+0x149/0x270 [ 177.413529] iommufd_access_replace+0xb4/0x120 [ 177.413907] iommufd_test+0x3e5/0x37e0 [ 177.414221] ? lock_release+0x532/0x770 [ 177.414563] ? __might_fault+0x102/0x1b0 [ 177.414894] ? lock_acquire+0x427/0x4c0 [ 177.415231] ? __pfx_iommufd_test+0x10/0x10 [ 177.415569] ? __pfx_lock_release+0x10/0x10 [ 177.415919] ? __pfx_lock_acquire+0x10/0x10 [ 177.416270] ? write_comp_data+0x2f/0x90 [ 177.416603] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.416992] ? write_comp_data+0x2f/0x90 [ 177.417332] iommufd_fops_ioctl+0x37d/0x510 [ 177.417687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.418075] ? write_comp_data+0x2f/0x90 [ 177.418413] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.418818] __x64_sys_ioctl+0x1a3/0x230 [ 177.419162] do_syscall_64+0x3b/0x90 [ 177.419469] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.419892] RIP: 0033:0x7f4b8743ee5d [ 177.420188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.421625] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.422232] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.422810] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.423393] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.423948] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.424503] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.425073] [ 177.425258] irq event stamp: 0 [ 177.425512] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.426006] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.426670] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.427323] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.427815] ---[ end trace 0000000000000000 ]--- [ 177.430790] ------------[ cut here ]------------ [ 177.431179] WARNING: CPU: 0 PID: 1681 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.431965] Modules linked in: [ 177.432320] CPU: 0 PID: 1681 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.433077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.434006] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.434457] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.436107] RSP: 0018:ffff88801419fbd0 EFLAGS: 00010246 [ 177.436520] RAX: 0000000000000000 RBX: ffff88801587d0a8 RCX: 0000000000000000 [ 177.437071] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 177.437615] RBP: ffff88801419fbe8 R08: ffffed1002b0fa33 R09: ffffed1002b0fa33 [ 177.438309] R10: ffff88801587d193 R11: ffffed1002b0fa32 R12: ffff888018024c00 [ 177.438874] R13: ffff88801587d1e8 R14: ffff888011f03e00 R15: 0000000000000000 [ 177.439431] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.440201] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.440650] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.441201] PKRU: 55555554 [ 177.441469] Call Trace: [ 177.441760] [ 177.441937] iommufd_access_destroy_object+0x65/0x170 [ 177.442350] iommufd_object_destroy_user+0x18e/0x220 [ 177.442781] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.443267] iommufd_access_destroy+0x43/0x70 [ 177.443693] iommufd_test_staccess_release+0x8d/0xd0 [ 177.444179] __fput+0x26d/0xa40 [ 177.444452] ____fput+0x1e/0x30 [ 177.444726] task_work_run+0x1a4/0x2d0 [ 177.445035] ? __pfx_task_work_run+0x10/0x10 [ 177.445520] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.445907] ? switch_task_namespaces+0xa9/0xe0 [ 177.446282] do_exit+0xb17/0x2ef0 [ 177.446578] ? lock_acquire+0x427/0x4c0 [ 177.446898] ? __pfx_lock_release+0x10/0x10 [ 177.447267] ? __kasan_check_write+0x18/0x20 [ 177.447760] ? do_raw_spin_lock+0x132/0x2a0 [ 177.448107] ? __pfx_do_exit+0x10/0x10 [ 177.448416] ? debug_smp_processor_id+0x20/0x30 [ 177.448784] ? rcu_is_watching+0x19/0xb0 [ 177.449149] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.449599] ? trace_hardirqs_on+0x26/0x120 [ 177.449949] do_group_exit+0xe0/0x2b0 [ 177.450250] __x64_sys_exit_group+0x47/0x50 [ 177.450627] do_syscall_64+0x3b/0x90 [ 177.450944] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.451479] RIP: 0033:0x7f4b87518a4d [ 177.451854] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.452353] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.453005] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.453727] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.454310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.454961] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.455990] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.456841] [ 177.457442] irq event stamp: 0 [ 177.457821] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.458622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.459920] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.460976] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.461809] ---[ end trace 0000000000000000 ]--- [ 177.463727] ------------[ cut here ]------------ [ 177.464311] WARNING: CPU: 0 PID: 1681 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.465582] Modules linked in: [ 177.465979] CPU: 0 PID: 1681 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.467186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.468446] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.469033] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.471069] RSP: 0018:ffff88801419fb78 EFLAGS: 00010246 [ 177.471677] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.472473] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 177.473268] RBP: ffff88801419fb98 R08: ffffed1002b0fa3e R09: ffffed1002b0fa3e [ 177.474062] R10: ffff88801587d1ef R11: ffffed1002b0fa3d R12: ffff88801587d290 [ 177.474888] R13: ffff88801587d0a8 R14: ffffffffffffffff R15: ffff88801419fc60 [ 177.475699] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.476600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.477254] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 177.478060] PKRU: 55555554 [ 177.478385] Call Trace: [ 177.478710] [ 177.478977] iommufd_ioas_destroy+0x53/0x70 [ 177.479482] iommufd_fops_release+0x1f7/0x370 [ 177.479999] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.480568] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.481127] ? write_comp_data+0x2f/0x90 [ 177.481601] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.482169] __fput+0x26d/0xa40 [ 177.482595] ____fput+0x1e/0x30 [ 177.482988] task_work_run+0x1a4/0x2d0 [ 177.483452] ? __pfx_task_work_run+0x10/0x10 [ 177.483960] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.484518] ? switch_task_namespaces+0xa9/0xe0 [ 177.485055] do_exit+0xb17/0x2ef0 [ 177.485446] ? lock_acquire+0x427/0x4c0 [ 177.485904] ? __pfx_lock_release+0x10/0x10 [ 177.486394] ? __kasan_check_write+0x18/0x20 [ 177.486921] ? do_raw_spin_lock+0x132/0x2a0 [ 177.487419] ? __pfx_do_exit+0x10/0x10 [ 177.487870] ? debug_smp_processor_id+0x20/0x30 [ 177.488395] ? rcu_is_watching+0x19/0xb0 [ 177.488853] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.489366] ? trace_hardirqs_on+0x26/0x120 [ 177.489859] do_group_exit+0xe0/0x2b0 [ 177.490289] __x64_sys_exit_group+0x47/0x50 [ 177.490798] do_syscall_64+0x3b/0x90 [ 177.491313] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.491745] RIP: 0033:0x7f4b87518a4d [ 177.492036] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.492518] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.493110] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.493659] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.494205] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.494795] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.495354] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.495907] [ 177.496091] irq event stamp: 0 [ 177.496332] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.496826] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.497474] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.498120] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.498628] ---[ end trace 0000000000000000 ]--- [ 177.506494] ------------[ cut here ]------------ [ 177.507169] WARNING: CPU: 0 PID: 1682 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.508579] Modules linked in: [ 177.508991] CPU: 0 PID: 1682 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.510134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.511591] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.512153] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.514309] RSP: 0018:ffff88802189fbb8 EFLAGS: 00010246 [ 177.515090] RAX: 0000000000000000 RBX: ffff888011f608a8 RCX: 0000000000000000 [ 177.515890] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 177.516903] RBP: ffff88802189fbd0 R08: ffffed10023ec133 R09: ffffed10023ec133 [ 177.517618] R10: ffff888011f60993 R11: ffffed10023ec132 R12: ffff8880138af400 [ 177.518497] R13: ffff888011f609e8 R14: ffffffff8352e670 R15: ffff88802189fe68 [ 177.519263] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.520115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.520915] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ef0 [ 177.521669] PKRU: 55555554 [ 177.522002] Call Trace: [ 177.522405] [ 177.522687] __iommufd_access_detach+0x1c2/0x2b0 [ 177.523223] iommufd_access_change_pt+0x149/0x270 [ 177.523756] iommufd_access_replace+0xb4/0x120 [ 177.524339] iommufd_test+0x3e5/0x37e0 [ 177.524845] ? lock_release+0x532/0x770 [ 177.525285] ? __might_fault+0x102/0x1b0 [ 177.525727] ? lock_acquire+0x427/0x4c0 [ 177.526237] ? __pfx_iommufd_test+0x10/0x10 [ 177.526820] ? __pfx_lock_release+0x10/0x10 [ 177.527326] ? __pfx_lock_acquire+0x10/0x10 [ 177.527793] ? write_comp_data+0x2f/0x90 [ 177.528326] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.528966] ? write_comp_data+0x2f/0x90 [ 177.529410] iommufd_fops_ioctl+0x37d/0x510 [ 177.529868] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.530600] ? write_comp_data+0x2f/0x90 [ 177.531054] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.531582] __x64_sys_ioctl+0x1a3/0x230 [ 177.532042] do_syscall_64+0x3b/0x90 [ 177.532690] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.533341] RIP: 0033:0x7f4b8743ee5d [ 177.533740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.535962] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.536803] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.537586] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.538377] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.539318] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.540227] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.541107] [ 177.541410] irq event stamp: 0 [ 177.541801] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.542612] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.543663] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.544677] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.545445] ---[ end trace 0000000000000000 ]--- [ 177.550149] ------------[ cut here ]------------ [ 177.550797] WARNING: CPU: 0 PID: 1682 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.552001] Modules linked in: [ 177.552286] CPU: 0 PID: 1682 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.553037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.554006] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.554439] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.556070] RSP: 0018:ffff88802189fbd0 EFLAGS: 00010246 [ 177.556540] RAX: 0000000000000000 RBX: ffff888011f608a8 RCX: 0000000000000000 [ 177.557154] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 177.557771] RBP: ffff88802189fbe8 R08: ffffed10023ec133 R09: ffffed10023ec133 [ 177.558390] R10: ffff888011f60993 R11: ffffed10023ec132 R12: ffff88801226c800 [ 177.559042] R13: ffff888011f609e8 R14: ffff888020a6e700 R15: 0000000000000000 [ 177.559687] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.560389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.560894] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.561517] PKRU: 55555554 [ 177.561766] Call Trace: [ 177.561989] [ 177.562189] iommufd_access_destroy_object+0x65/0x170 [ 177.562687] iommufd_object_destroy_user+0x18e/0x220 [ 177.563158] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.563676] iommufd_access_destroy+0x43/0x70 [ 177.564077] iommufd_test_staccess_release+0x8d/0xd0 [ 177.564523] __fput+0x26d/0xa40 [ 177.564826] ____fput+0x1e/0x30 [ 177.565198] task_work_run+0x1a4/0x2d0 [ 177.565544] ? __pfx_task_work_run+0x10/0x10 [ 177.565934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.566369] ? switch_task_namespaces+0xa9/0xe0 [ 177.566819] do_exit+0xb17/0x2ef0 [ 177.567136] ? lock_acquire+0x427/0x4c0 [ 177.567497] ? __pfx_lock_release+0x10/0x10 [ 177.567884] ? __kasan_check_write+0x18/0x20 [ 177.568276] ? do_raw_spin_lock+0x132/0x2a0 [ 177.568659] ? __pfx_do_exit+0x10/0x10 [ 177.569014] ? debug_smp_processor_id+0x20/0x30 [ 177.569425] ? rcu_is_watching+0x19/0xb0 [ 177.569784] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.570186] ? trace_hardirqs_on+0x26/0x120 [ 177.570597] do_group_exit+0xe0/0x2b0 [ 177.570770] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 177.570939] __x64_sys_exit_group+0x47/0x50 [ 177.572774] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 177.573106] do_syscall_64+0x3b/0x90 [ 177.574672] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.575146] RIP: 0033:0x7f4b87518a4d [ 177.575475] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.576013] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.576763] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.577384] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.577999] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.578639] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.579269] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.579898] [ 177.580106] irq event stamp: 0 [ 177.580391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.580946] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.581672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.582404] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.582984] ---[ end trace 0000000000000000 ]--- [ 177.583775] ------------[ cut here ]------------ [ 177.584194] WARNING: CPU: 0 PID: 1682 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.585096] Modules linked in: [ 177.585386] CPU: 0 PID: 1682 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.586150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.587179] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.587640] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.589227] RSP: 0018:ffff88802189fb78 EFLAGS: 00010246 [ 177.589695] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.590324] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 177.590976] RBP: ffff88802189fb98 R08: ffffed10023ec13e R09: ffffed10023ec13e [ 177.591638] R10: ffff888011f609ef R11: ffffed10023ec13d R12: ffff888011f60a90 [ 177.592278] R13: ffff888011f608a8 R14: ffffffffffffffff R15: ffff88802189fc60 [ 177.592913] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.593631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.594155] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.594883] PKRU: 55555554 [ 177.595169] Call Trace: [ 177.595411] [ 177.595625] iommufd_ioas_destroy+0x53/0x70 [ 177.596039] iommufd_fops_release+0x1f7/0x370 [ 177.596468] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.596994] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.597453] ? write_comp_data+0x2f/0x90 [ 177.597843] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.598319] __fput+0x26d/0xa40 [ 177.598668] ____fput+0x1e/0x30 [ 177.598987] task_work_run+0x1a4/0x2d0 [ 177.599377] ? __pfx_task_work_run+0x10/0x10 [ 177.599791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.600252] ? switch_task_namespaces+0xa9/0xe0 [ 177.600701] do_exit+0xb17/0x2ef0 [ 177.601027] ? lock_acquire+0x427/0x4c0 [ 177.601413] ? __pfx_lock_release+0x10/0x10 [ 177.601823] ? __kasan_check_write+0x18/0x20 [ 177.602242] ? do_raw_spin_lock+0x132/0x2a0 [ 177.602687] ? __pfx_do_exit+0x10/0x10 [ 177.603075] ? debug_smp_processor_id+0x20/0x30 [ 177.603527] ? rcu_is_watching+0x19/0xb0 [ 177.603913] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.604347] ? trace_hardirqs_on+0x26/0x120 [ 177.604766] do_group_exit+0xe0/0x2b0 [ 177.605131] __x64_sys_exit_group+0x47/0x50 [ 177.605541] do_syscall_64+0x3b/0x90 [ 177.605918] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.606427] RIP: 0033:0x7f4b87518a4d [ 177.606826] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.607432] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.608165] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.608854] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.609537] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.610219] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.610917] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.611609] [ 177.611835] irq event stamp: 0 [ 177.612136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.612735] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.613544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.614343] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.614978] ---[ end trace 0000000000000000 ]--- [ 177.620001] ------------[ cut here ]------------ [ 177.620515] WARNING: CPU: 0 PID: 1684 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.622052] Modules linked in: [ 177.622367] CPU: 0 PID: 1684 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.623282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.624593] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.625075] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.627027] RSP: 0018:ffff888010befbb8 EFLAGS: 00010246 [ 177.627558] RAX: 0000000000000000 RBX: ffff88800cb900a8 RCX: 0000000000000000 [ 177.628287] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 177.629187] RBP: ffff888010befbd0 R08: ffffed1001972033 R09: ffffed1001972033 [ 177.629868] R10: ffff88800cb90193 R11: ffffed1001972032 R12: ffff888013b21400 [ 177.630775] R13: ffff88800cb901e8 R14: ffffffff8352e670 R15: ffff888010befe68 [ 177.631464] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.632229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.632981] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 177.633730] PKRU: 55555554 [ 177.634003] Call Trace: [ 177.634249] [ 177.634559] __iommufd_access_detach+0x1c2/0x2b0 [ 177.635167] iommufd_access_change_pt+0x149/0x270 [ 177.635645] iommufd_access_replace+0xb4/0x120 [ 177.636098] iommufd_test+0x3e5/0x37e0 [ 177.636478] ? lock_release+0x532/0x770 [ 177.636971] ? __might_fault+0x102/0x1b0 [ 177.637498] ? lock_acquire+0x427/0x4c0 [ 177.637898] ? __pfx_iommufd_test+0x10/0x10 [ 177.638313] ? __pfx_lock_release+0x10/0x10 [ 177.638775] ? __pfx_lock_acquire+0x10/0x10 [ 177.639375] ? write_comp_data+0x2f/0x90 [ 177.639805] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.640419] ? write_comp_data+0x2f/0x90 [ 177.640865] iommufd_fops_ioctl+0x37d/0x510 [ 177.641381] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.642063] ? write_comp_data+0x2f/0x90 [ 177.642551] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.643076] __x64_sys_ioctl+0x1a3/0x230 [ 177.643529] do_syscall_64+0x3b/0x90 [ 177.643999] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.644704] RIP: 0033:0x7f4b8743ee5d [ 177.645108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.647351] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.648155] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.648915] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.649668] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.650415] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.651212] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.651977] [ 177.652221] irq event stamp: 0 [ 177.652549] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.653208] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.654086] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.655005] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.655687] ---[ end trace 0000000000000000 ]--- [ 177.659182] ------------[ cut here ]------------ [ 177.659849] WARNING: CPU: 0 PID: 1684 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.661006] Modules linked in: [ 177.661354] CPU: 0 PID: 1684 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.662611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.663797] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.664323] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.666496] RSP: 0018:ffff888010befbd0 EFLAGS: 00010246 [ 177.667095] RAX: 0000000000000000 RBX: ffff88800cb900a8 RCX: 0000000000000000 [ 177.667854] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 177.668597] RBP: ffff888010befbe8 R08: ffffed1001972033 R09: ffffed1001972033 [ 177.669339] R10: ffff88800cb90193 R11: ffffed1001972032 R12: ffff8880138ad800 [ 177.670071] R13: ffff88800cb901e8 R14: ffff888014060600 R15: 0000000000000000 [ 177.670847] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.671703] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.672308] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.673059] PKRU: 55555554 [ 177.673357] Call Trace: [ 177.673626] [ 177.673866] iommufd_access_destroy_object+0x65/0x170 [ 177.674415] iommufd_object_destroy_user+0x18e/0x220 [ 177.674984] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.675619] iommufd_access_destroy+0x43/0x70 [ 177.676105] iommufd_test_staccess_release+0x8d/0xd0 [ 177.676653] __fput+0x26d/0xa40 [ 177.677018] ____fput+0x1e/0x30 [ 177.677373] task_work_run+0x1a4/0x2d0 [ 177.677789] ? __pfx_task_work_run+0x10/0x10 [ 177.678255] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.678810] ? switch_task_namespaces+0xa9/0xe0 [ 177.679348] do_exit+0xb17/0x2ef0 [ 177.679718] ? lock_acquire+0x427/0x4c0 [ 177.680144] ? __pfx_lock_release+0x10/0x10 [ 177.680613] ? __kasan_check_write+0x18/0x20 [ 177.681085] ? do_raw_spin_lock+0x132/0x2a0 [ 177.681534] ? __pfx_do_exit+0x10/0x10 [ 177.681948] ? debug_smp_processor_id+0x20/0x30 [ 177.682434] ? rcu_is_watching+0x19/0xb0 [ 177.682902] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.683381] ? trace_hardirqs_on+0x26/0x120 [ 177.683838] do_group_exit+0xe0/0x2b0 [ 177.684247] __x64_sys_exit_group+0x47/0x50 [ 177.684701] do_syscall_64+0x3b/0x90 [ 177.685114] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.685670] RIP: 0033:0x7f4b87518a4d [ 177.686062] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.686742] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.687552] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.688300] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.689048] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.689794] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.690567] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.691347] [ 177.691599] irq event stamp: 0 [ 177.691932] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.692595] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.693549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.694426] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.695133] ---[ end trace 0000000000000000 ]--- [ 177.696237] ------------[ cut here ]------------ [ 177.696920] WARNING: CPU: 0 PID: 1684 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.698001] Modules linked in: [ 177.698352] CPU: 0 PID: 1684 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.699726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.700922] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.701534] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.703669] RSP: 0018:ffff888010befb78 EFLAGS: 00010246 [ 177.704353] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.705242] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 177.705996] RBP: ffff888010befb98 R08: ffffed100197203e R09: ffffed100197203e [ 177.707065] R10: ffff88800cb901ef R11: ffffed100197203d R12: ffff88800cb90290 [ 177.707832] R13: ffff88800cb900a8 R14: ffffffffffffffff R15: ffff888010befc60 [ 177.708585] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.709708] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.710316] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.711167] PKRU: 55555554 [ 177.711673] Call Trace: [ 177.711944] [ 177.712183] iommufd_ioas_destroy+0x53/0x70 [ 177.712647] iommufd_fops_release+0x1f7/0x370 [ 177.713126] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.713791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.714491] ? write_comp_data+0x2f/0x90 [ 177.714973] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.715518] __fput+0x26d/0xa40 [ 177.715888] ____fput+0x1e/0x30 [ 177.716307] task_work_run+0x1a4/0x2d0 [ 177.716954] ? __pfx_task_work_run+0x10/0x10 [ 177.717433] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.717960] ? switch_task_namespaces+0xa9/0xe0 [ 177.718569] do_exit+0xb17/0x2ef0 [ 177.719083] ? lock_acquire+0x427/0x4c0 [ 177.719535] ? __pfx_lock_release+0x10/0x10 [ 177.719995] ? __kasan_check_write+0x18/0x20 [ 177.720471] ? do_raw_spin_lock+0x132/0x2a0 [ 177.720973] ? __pfx_do_exit+0x10/0x10 [ 177.721617] ? debug_smp_processor_id+0x20/0x30 [ 177.722114] ? rcu_is_watching+0x19/0xb0 [ 177.722588] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.723074] ? trace_hardirqs_on+0x26/0x120 [ 177.723562] do_group_exit+0xe0/0x2b0 [ 177.724231] __x64_sys_exit_group+0x47/0x50 [ 177.724699] do_syscall_64+0x3b/0x90 [ 177.725170] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.725721] RIP: 0033:0x7f4b87518a4d [ 177.726241] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.727085] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.727898] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.728697] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.729665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.730416] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.731338] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.732256] [ 177.732505] irq event stamp: 0 [ 177.732843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.733507] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.734378] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.735305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.735981] ---[ end trace 0000000000000000 ]--- [ 177.740504] ------------[ cut here ]------------ [ 177.741061] WARNING: CPU: 0 PID: 1685 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.742132] Modules linked in: [ 177.742472] CPU: 0 PID: 1685 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.743529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.744742] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.745279] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.747271] RSP: 0018:ffff88801403fbb8 EFLAGS: 00010246 [ 177.747838] RAX: 0000000000000000 RBX: ffff8880136018a8 RCX: 0000000000000000 [ 177.748590] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 177.749349] RBP: ffff88801403fbd0 R08: ffffed10026c0333 R09: ffffed10026c0333 [ 177.750108] R10: ffff888013601993 R11: ffffed10026c0332 R12: ffff88801422f400 [ 177.750897] R13: ffff8880136019e8 R14: ffffffff8352e670 R15: ffff88801403fe68 [ 177.751671] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.752520] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.753131] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ef0 [ 177.753886] PKRU: 55555554 [ 177.754192] Call Trace: [ 177.754461] [ 177.754726] __iommufd_access_detach+0x1c2/0x2b0 [ 177.755280] iommufd_access_change_pt+0x149/0x270 [ 177.755809] iommufd_access_replace+0xb4/0x120 [ 177.756311] iommufd_test+0x3e5/0x37e0 [ 177.756728] ? lock_release+0x532/0x770 [ 177.757239] ? __might_fault+0x102/0x1b0 [ 177.757685] ? lock_acquire+0x427/0x4c0 [ 177.758123] ? __pfx_iommufd_test+0x10/0x10 [ 177.758611] ? __pfx_lock_release+0x10/0x10 [ 177.759084] ? __pfx_lock_acquire+0x10/0x10 [ 177.759568] ? write_comp_data+0x2f/0x90 [ 177.760021] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.760545] ? write_comp_data+0x2f/0x90 [ 177.760989] iommufd_fops_ioctl+0x37d/0x510 [ 177.761453] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.761973] ? write_comp_data+0x2f/0x90 [ 177.762423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.762987] __x64_sys_ioctl+0x1a3/0x230 [ 177.763453] do_syscall_64+0x3b/0x90 [ 177.763866] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.764431] RIP: 0033:0x7f4b8743ee5d [ 177.764831] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.766841] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.767676] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.768436] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.769200] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.770134] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.771193] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.771970] [ 177.772227] irq event stamp: 0 [ 177.772560] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.773234] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.774169] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.775418] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.776094] ---[ end trace 0000000000000000 ]--- [ 177.779494] ------------[ cut here ]------------ [ 177.780018] WARNING: CPU: 0 PID: 1685 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.781075] Modules linked in: [ 177.781411] CPU: 0 PID: 1685 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.782332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.783937] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.784474] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.786375] RSP: 0018:ffff88801403fbd0 EFLAGS: 00010246 [ 177.786961] RAX: 0000000000000000 RBX: ffff8880136018a8 RCX: 0000000000000000 [ 177.787817] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 177.788861] RBP: ffff88801403fbe8 R08: ffffed10026c0333 R09: ffffed10026c0333 [ 177.789689] R10: ffff888013601993 R11: ffffed10026c0332 R12: ffff888013b21800 [ 177.790429] R13: ffff8880136019e8 R14: ffff888010804600 R15: 0000000000000000 [ 177.791229] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.792082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.792913] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.793790] PKRU: 55555554 [ 177.794088] Call Trace: [ 177.794360] [ 177.794643] iommufd_access_destroy_object+0x65/0x170 [ 177.795214] iommufd_object_destroy_user+0x18e/0x220 [ 177.795768] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.796524] iommufd_access_destroy+0x43/0x70 [ 177.797243] iommufd_test_staccess_release+0x8d/0xd0 [ 177.797786] __fput+0x26d/0xa40 [ 177.798155] ____fput+0x1e/0x30 [ 177.798560] task_work_run+0x1a4/0x2d0 [ 177.798982] ? __pfx_task_work_run+0x10/0x10 [ 177.799478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.800005] ? switch_task_namespaces+0xa9/0xe0 [ 177.800652] do_exit+0xb17/0x2ef0 [ 177.801188] ? lock_acquire+0x427/0x4c0 [ 177.801622] ? __pfx_lock_release+0x10/0x10 [ 177.802080] ? __kasan_check_write+0x18/0x20 [ 177.802610] ? do_raw_spin_lock+0x132/0x2a0 [ 177.803071] ? __pfx_do_exit+0x10/0x10 [ 177.803514] ? debug_smp_processor_id+0x20/0x30 [ 177.804011] ? rcu_is_watching+0x19/0xb0 [ 177.804446] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.804929] ? trace_hardirqs_on+0x26/0x120 [ 177.805388] do_group_exit+0xe0/0x2b0 [ 177.805794] __x64_sys_exit_group+0x47/0x50 [ 177.806245] do_syscall_64+0x3b/0x90 [ 177.806686] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.807251] RIP: 0033:0x7f4b87518a4d [ 177.807645] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.808285] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.809079] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.809822] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.810609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.811362] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.812103] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.812854] [ 177.813098] irq event stamp: 0 [ 177.813432] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.814081] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.815014] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.815893] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.816548] ---[ end trace 0000000000000000 ]--- [ 177.817473] ------------[ cut here ]------------ [ 177.817966] WARNING: CPU: 0 PID: 1685 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.819096] Modules linked in: [ 177.819452] CPU: 0 PID: 1685 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.820362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.821610] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.822150] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.824144] RSP: 0018:ffff88801403fb78 EFLAGS: 00010246 [ 177.824701] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.825445] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 177.826187] RBP: ffff88801403fb98 R08: ffffed10026c033e R09: ffffed10026c033e [ 177.826957] R10: ffff8880136019ef R11: ffffed10026c033d R12: ffff888013601a90 [ 177.827711] R13: ffff8880136018a8 R14: ffffffffffffffff R15: ffff88801403fc60 [ 177.828454] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.829498] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.830390] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.831184] PKRU: 55555554 [ 177.831495] Call Trace: [ 177.831766] [ 177.832003] iommufd_ioas_destroy+0x53/0x70 [ 177.832461] iommufd_fops_release+0x1f7/0x370 [ 177.832936] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.833459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.833976] ? write_comp_data+0x2f/0x90 [ 177.834403] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.834952] __fput+0x26d/0xa40 [ 177.835337] ____fput+0x1e/0x30 [ 177.835687] task_work_run+0x1a4/0x2d0 [ 177.836105] ? __pfx_task_work_run+0x10/0x10 [ 177.836567] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.837080] ? switch_task_namespaces+0xa9/0xe0 [ 177.837584] do_exit+0xb17/0x2ef0 [ 177.837951] ? lock_acquire+0x427/0x4c0 [ 177.838375] ? __pfx_lock_release+0x10/0x10 [ 177.838862] ? __kasan_check_write+0x18/0x20 [ 177.839325] ? do_raw_spin_lock+0x132/0x2a0 [ 177.839744] ? __pfx_do_exit+0x10/0x10 [ 177.840123] ? debug_smp_processor_id+0x20/0x30 [ 177.840566] ? rcu_is_watching+0x19/0xb0 [ 177.840954] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.841392] ? trace_hardirqs_on+0x26/0x120 [ 177.841813] do_group_exit+0xe0/0x2b0 [ 177.842181] __x64_sys_exit_group+0x47/0x50 [ 177.842622] do_syscall_64+0x3b/0x90 [ 177.842988] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.843500] RIP: 0033:0x7f4b87518a4d [ 177.843850] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.844429] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.845135] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.845798] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.846461] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.847174] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.847850] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.848525] [ 177.848746] irq event stamp: 0 [ 177.849043] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.849626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.850396] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.851196] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.851781] ---[ end trace 0000000000000000 ]--- [ 177.858844] ------------[ cut here ]------------ [ 177.859570] WARNING: CPU: 1 PID: 1686 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.860839] Modules linked in: [ 177.861286] CPU: 1 PID: 1686 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.862314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.863881] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.864487] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.866815] RSP: 0018:ffff8880245f7bb8 EFLAGS: 00010246 [ 177.867480] RAX: 0000000000000000 RBX: ffff8880166210a8 RCX: 0000000000000000 [ 177.868320] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 177.869271] RBP: ffff8880245f7bd0 R08: ffffed1002cc4233 R09: ffffed1002cc4233 [ 177.870110] R10: ffff888016621193 R11: ffffed1002cc4232 R12: ffff88801890fc00 [ 177.870993] R13: ffff8880166211e8 R14: ffffffff8352e670 R15: ffff8880245f7e68 [ 177.871856] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 177.872803] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.873490] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 177.874332] PKRU: 55555554 [ 177.874706] Call Trace: [ 177.875019] [ 177.875310] __iommufd_access_detach+0x1c2/0x2b0 [ 177.875898] iommufd_access_change_pt+0x149/0x270 [ 177.876489] iommufd_access_replace+0xb4/0x120 [ 177.877051] iommufd_test+0x3e5/0x37e0 [ 177.877521] ? lock_release+0x532/0x770 [ 177.878011] ? __might_fault+0x102/0x1b0 [ 177.878549] ? lock_acquire+0x427/0x4c0 [ 177.879056] ? __pfx_iommufd_test+0x10/0x10 [ 177.879586] ? __pfx_lock_release+0x10/0x10 [ 177.880113] ? __pfx_lock_acquire+0x10/0x10 [ 177.880640] ? write_comp_data+0x2f/0x90 [ 177.881141] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.881703] ? write_comp_data+0x2f/0x90 [ 177.882181] iommufd_fops_ioctl+0x37d/0x510 [ 177.882714] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.883295] ? write_comp_data+0x2f/0x90 [ 177.883773] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.884326] __x64_sys_ioctl+0x1a3/0x230 [ 177.884809] do_syscall_64+0x3b/0x90 [ 177.885250] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.885849] RIP: 0033:0x7f4b8743ee5d [ 177.886276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.888149] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.888778] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.889350] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.889922] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.890494] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.891087] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.891675] [ 177.891862] irq event stamp: 0 [ 177.892115] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.892620] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.893287] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.893948] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.894453] ---[ end trace 0000000000000000 ]--- [ 177.897419] ------------[ cut here ]------------ [ 177.897833] WARNING: CPU: 1 PID: 1686 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.898681] Modules linked in: [ 177.898941] CPU: 1 PID: 1686 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.899664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.900559] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.900956] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.902407] RSP: 0018:ffff8880245f7bd0 EFLAGS: 00010246 [ 177.902859] RAX: 0000000000000000 RBX: ffff8880166210a8 RCX: 0000000000000000 [ 177.903445] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 177.904014] RBP: ffff8880245f7be8 R08: ffffed1002cc4233 R09: ffffed1002cc4233 [ 177.904581] R10: ffff888016621193 R11: ffffed1002cc4232 R12: ffff88800f0e2800 [ 177.905151] R13: ffff8880166211e8 R14: ffff888013a60500 R15: 0000000000000000 [ 177.905720] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 177.906361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.906835] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 177.907400] PKRU: 55555554 [ 177.907621] Call Trace: [ 177.907821] [ 177.907997] iommufd_access_destroy_object+0x65/0x170 [ 177.908402] iommufd_object_destroy_user+0x18e/0x220 [ 177.908806] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.909262] iommufd_access_destroy+0x43/0x70 [ 177.909619] iommufd_test_staccess_release+0x8d/0xd0 [ 177.910023] __fput+0x26d/0xa40 [ 177.910295] ____fput+0x1e/0x30 [ 177.910582] task_work_run+0x1a4/0x2d0 [ 177.910896] ? __pfx_task_work_run+0x10/0x10 [ 177.911256] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.911644] ? switch_task_namespaces+0xa9/0xe0 [ 177.912018] do_exit+0xb17/0x2ef0 [ 177.912290] ? lock_acquire+0x427/0x4c0 [ 177.912610] ? __pfx_lock_release+0x10/0x10 [ 177.912953] ? __kasan_check_write+0x18/0x20 [ 177.913299] ? do_raw_spin_lock+0x132/0x2a0 [ 177.913638] ? __pfx_do_exit+0x10/0x10 [ 177.913952] ? debug_smp_processor_id+0x20/0x30 [ 177.914318] ? rcu_is_watching+0x19/0xb0 [ 177.914650] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.915012] ? trace_hardirqs_on+0x26/0x120 [ 177.915365] do_group_exit+0xe0/0x2b0 [ 177.915667] __x64_sys_exit_group+0x47/0x50 [ 177.916005] do_syscall_64+0x3b/0x90 [ 177.916307] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.916717] RIP: 0033:0x7f4b87518a4d [ 177.917003] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.917472] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.918046] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.918599] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.919155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.919707] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.920248] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.920799] [ 177.920980] irq event stamp: 0 [ 177.921221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.921702] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.922341] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.922996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.923481] ---[ end trace 0000000000000000 ]--- [ 177.924161] ------------[ cut here ]------------ [ 177.924525] WARNING: CPU: 1 PID: 1686 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 177.925308] Modules linked in: [ 177.925557] CPU: 1 PID: 1686 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.926223] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.927096] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 177.927499] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 177.928889] RSP: 0018:ffff8880245f7b78 EFLAGS: 00010246 [ 177.929293] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 177.929834] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 177.930375] RBP: ffff8880245f7b98 R08: ffffed1002cc423e R09: ffffed1002cc423e [ 177.930932] R10: ffff8880166211ef R11: ffffed1002cc423d R12: ffff888016621290 [ 177.931487] R13: ffff8880166210a8 R14: ffffffffffffffff R15: ffff8880245f7c60 [ 177.932028] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 177.932638] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.933078] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 177.933620] PKRU: 55555554 [ 177.933837] Call Trace: [ 177.934033] [ 177.934206] iommufd_ioas_destroy+0x53/0x70 [ 177.934556] iommufd_fops_release+0x1f7/0x370 [ 177.934905] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.935304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.935690] ? write_comp_data+0x2f/0x90 [ 177.936018] ? __pfx_iommufd_fops_release+0x10/0x10 [ 177.936407] __fput+0x26d/0xa40 [ 177.936674] ____fput+0x1e/0x30 [ 177.936937] task_work_run+0x1a4/0x2d0 [ 177.937244] ? __pfx_task_work_run+0x10/0x10 [ 177.937592] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.937973] ? switch_task_namespaces+0xa9/0xe0 [ 177.938346] do_exit+0xb17/0x2ef0 [ 177.938629] ? lock_acquire+0x427/0x4c0 [ 177.938945] ? __pfx_lock_release+0x10/0x10 [ 177.939290] ? __kasan_check_write+0x18/0x20 [ 177.939635] ? do_raw_spin_lock+0x132/0x2a0 [ 177.939969] ? __pfx_do_exit+0x10/0x10 [ 177.940277] ? debug_smp_processor_id+0x20/0x30 [ 177.940637] ? rcu_is_watching+0x19/0xb0 [ 177.940950] ? _raw_spin_unlock_irq+0x2b/0x60 [ 177.941303] ? trace_hardirqs_on+0x26/0x120 [ 177.941640] do_group_exit+0xe0/0x2b0 [ 177.941934] __x64_sys_exit_group+0x47/0x50 [ 177.942263] do_syscall_64+0x3b/0x90 [ 177.942572] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.942979] RIP: 0033:0x7f4b87518a4d [ 177.943273] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 177.943746] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 177.944328] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 177.944874] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 177.945413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 177.945954] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 177.946495] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 177.947064] [ 177.947252] irq event stamp: 0 [ 177.947494] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.947973] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.948611] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.949248] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.949732] ---[ end trace 0000000000000000 ]--- [ 177.955655] ------------[ cut here ]------------ [ 177.956226] WARNING: CPU: 0 PID: 1687 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.957343] Modules linked in: [ 177.957704] CPU: 0 PID: 1687 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.958718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.959967] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.960523] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.962544] RSP: 0018:ffff8880188efbb8 EFLAGS: 00010246 [ 177.963153] RAX: 0000000000000000 RBX: ffff8880170988a8 RCX: 0000000000000000 [ 177.963790] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 177.964322] RBP: ffff8880188efbd0 R08: ffffed1002e13133 R09: ffffed1002e13133 [ 177.964847] R10: ffff888017098993 R11: ffffed1002e13132 R12: ffff888012978400 [ 177.965360] R13: ffff8880170989e8 R14: ffffffff8352e670 R15: ffff8880188efe68 [ 177.965876] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.966459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.966911] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 177.967449] PKRU: 55555554 [ 177.967664] Call Trace: [ 177.967858] [ 177.968028] __iommufd_access_detach+0x1c2/0x2b0 [ 177.968399] iommufd_access_change_pt+0x149/0x270 [ 177.968769] iommufd_access_replace+0xb4/0x120 [ 177.969123] iommufd_test+0x3e5/0x37e0 [ 177.969412] ? lock_release+0x532/0x770 [ 177.969715] ? __might_fault+0x102/0x1b0 [ 177.970023] ? lock_acquire+0x427/0x4c0 [ 177.970327] ? __pfx_iommufd_test+0x10/0x10 [ 177.970660] ? __pfx_lock_release+0x10/0x10 [ 177.970986] ? __pfx_lock_acquire+0x10/0x10 [ 177.971320] ? write_comp_data+0x2f/0x90 [ 177.971633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.972001] ? write_comp_data+0x2f/0x90 [ 177.972312] iommufd_fops_ioctl+0x37d/0x510 [ 177.972636] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.973000] ? write_comp_data+0x2f/0x90 [ 177.973309] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 177.973667] __x64_sys_ioctl+0x1a3/0x230 [ 177.973978] do_syscall_64+0x3b/0x90 [ 177.974263] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 177.974666] RIP: 0033:0x7f4b8743ee5d [ 177.974945] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 177.976281] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 177.976838] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 177.977357] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 177.977876] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 177.978418] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 177.978955] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 177.979499] [ 177.979672] irq event stamp: 0 [ 177.979905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 177.980365] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 177.980987] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 177.981600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 177.982058] ---[ end trace 0000000000000000 ]--- [ 177.984735] ------------[ cut here ]------------ [ 177.985109] WARNING: CPU: 0 PID: 1687 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 177.985846] Modules linked in: [ 177.986080] CPU: 0 PID: 1687 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 177.986750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 177.987586] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 177.987954] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 177.989299] RSP: 0018:ffff8880188efbd0 EFLAGS: 00010246 [ 177.989694] RAX: 0000000000000000 RBX: ffff8880170988a8 RCX: 0000000000000000 [ 177.990211] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 177.990750] RBP: ffff8880188efbe8 R08: ffffed1002e13133 R09: ffffed1002e13133 [ 177.991282] R10: ffff888017098993 R11: ffffed1002e13132 R12: ffff88801422c000 [ 177.991807] R13: ffff8880170989e8 R14: ffff8880144e5900 R15: 0000000000000000 [ 177.992326] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 177.992911] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.993361] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 177.993881] PKRU: 55555554 [ 177.994087] Call Trace: [ 177.994273] [ 177.994440] iommufd_access_destroy_object+0x65/0x170 [ 177.994845] iommufd_object_destroy_user+0x18e/0x220 [ 177.995237] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 177.995672] iommufd_access_destroy+0x43/0x70 [ 177.996010] iommufd_test_staccess_release+0x8d/0xd0 [ 177.996389] __fput+0x26d/0xa40 [ 177.996646] ____fput+0x1e/0x30 [ 177.996897] task_work_run+0x1a4/0x2d0 [ 177.997189] ? __pfx_task_work_run+0x10/0x10 [ 177.997519] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 177.997881] ? switch_task_namespaces+0xa9/0xe0 [ 177.998233] do_exit+0xb17/0x2ef0 [ 177.998491] ? lock_acquire+0x427/0x4c0 [ 177.998814] ? __pfx_lock_release+0x10/0x10 [ 177.999147] ? __kasan_check_write+0x18/0x20 [ 177.999478] ? do_raw_spin_lock+0x132/0x2a0 [ 177.999800] ? __pfx_do_exit+0x10/0x10 [ 178.000099] ? debug_smp_processor_id+0x20/0x30 [ 178.000446] ? rcu_is_watching+0x19/0xb0 [ 178.000750] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.001090] ? trace_hardirqs_on+0x26/0x120 [ 178.001413] do_group_exit+0xe0/0x2b0 [ 178.001695] __x64_sys_exit_group+0x47/0x50 [ 178.002011] do_syscall_64+0x3b/0x90 [ 178.002292] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.002709] RIP: 0033:0x7f4b87518a4d [ 178.002985] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.003446] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.004004] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.004531] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.005059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.005581] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.006102] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.006668] [ 178.006842] irq event stamp: 0 [ 178.007075] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.007551] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.008162] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.008771] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.009232] ---[ end trace 0000000000000000 ]--- [ 178.009900] ------------[ cut here ]------------ [ 178.010246] WARNING: CPU: 0 PID: 1687 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.011028] Modules linked in: [ 178.011280] CPU: 0 PID: 1687 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.011921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.012740] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.013121] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.014440] RSP: 0018:ffff8880188efb78 EFLAGS: 00010246 [ 178.014853] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.015384] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 178.015904] RBP: ffff8880188efb98 R08: ffffed1002e1313e R09: ffffed1002e1313e [ 178.016430] R10: ffff8880170989ef R11: ffffed1002e1313d R12: ffff888017098a90 [ 178.016947] R13: ffff8880170988a8 R14: ffffffffffffffff R15: ffff8880188efc60 [ 178.017468] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.018055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.018481] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.019028] PKRU: 55555554 [ 178.019245] Call Trace: [ 178.019438] [ 178.019608] iommufd_ioas_destroy+0x53/0x70 [ 178.019934] iommufd_fops_release+0x1f7/0x370 [ 178.020270] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.020639] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.021007] ? write_comp_data+0x2f/0x90 [ 178.021320] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.021689] __fput+0x26d/0xa40 [ 178.021944] ____fput+0x1e/0x30 [ 178.022195] task_work_run+0x1a4/0x2d0 [ 178.022489] ? __pfx_task_work_run+0x10/0x10 [ 178.022846] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.023221] ? switch_task_namespaces+0xa9/0xe0 [ 178.023574] do_exit+0xb17/0x2ef0 [ 178.023831] ? lock_acquire+0x427/0x4c0 [ 178.024132] ? __pfx_lock_release+0x10/0x10 [ 178.024456] ? __kasan_check_write+0x18/0x20 [ 178.024785] ? do_raw_spin_lock+0x132/0x2a0 [ 178.025111] ? __pfx_do_exit+0x10/0x10 [ 178.025411] ? debug_smp_processor_id+0x20/0x30 [ 178.025760] ? rcu_is_watching+0x19/0xb0 [ 178.026065] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.026404] ? trace_hardirqs_on+0x26/0x120 [ 178.026754] do_group_exit+0xe0/0x2b0 [ 178.027039] __x64_sys_exit_group+0x47/0x50 [ 178.027367] do_syscall_64+0x3b/0x90 [ 178.027654] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.028042] RIP: 0033:0x7f4b87518a4d [ 178.028322] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.028782] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.029338] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.029858] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.030380] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.030925] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.031458] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.031988] [ 178.032164] irq event stamp: 0 [ 178.032396] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.032855] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.033468] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.034078] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.034557] ---[ end trace 0000000000000000 ]--- [ 178.039110] ------------[ cut here ]------------ [ 178.039512] WARNING: CPU: 0 PID: 1688 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.040252] Modules linked in: [ 178.040487] CPU: 0 PID: 1688 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.041123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.041935] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.042308] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.043884] RSP: 0018:ffff8880245f7bb8 EFLAGS: 00010246 [ 178.044279] RAX: 0000000000000000 RBX: ffff888023e8d0a8 RCX: 0000000000000000 [ 178.044802] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 178.045321] RBP: ffff8880245f7bd0 R08: ffffed10047d1a33 R09: ffffed10047d1a33 [ 178.045838] R10: ffff888023e8d193 R11: ffffed10047d1a32 R12: ffff888012de4800 [ 178.046356] R13: ffff888023e8d1e8 R14: ffffffff8352e670 R15: ffff8880245f7e68 [ 178.046898] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.047508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.047932] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 178.048452] PKRU: 55555554 [ 178.048662] Call Trace: [ 178.048849] [ 178.049016] __iommufd_access_detach+0x1c2/0x2b0 [ 178.049382] iommufd_access_change_pt+0x149/0x270 [ 178.049746] iommufd_access_replace+0xb4/0x120 [ 178.050089] iommufd_test+0x3e5/0x37e0 [ 178.050375] ? lock_release+0x532/0x770 [ 178.050699] ? __might_fault+0x102/0x1b0 [ 178.051005] ? lock_acquire+0x427/0x4c0 [ 178.051314] ? __pfx_iommufd_test+0x10/0x10 [ 178.051630] ? __pfx_lock_release+0x10/0x10 [ 178.051953] ? __pfx_lock_acquire+0x10/0x10 [ 178.052280] ? write_comp_data+0x2f/0x90 [ 178.052589] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.052953] ? write_comp_data+0x2f/0x90 [ 178.053264] iommufd_fops_ioctl+0x37d/0x510 [ 178.053587] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.053949] ? write_comp_data+0x2f/0x90 [ 178.054256] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.054634] __x64_sys_ioctl+0x1a3/0x230 [ 178.054951] do_syscall_64+0x3b/0x90 [ 178.055250] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.055644] RIP: 0033:0x7f4b8743ee5d [ 178.055920] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.057264] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.057824] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.058346] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.058890] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.059425] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.059948] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.060476] [ 178.060650] irq event stamp: 0 [ 178.060883] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.061345] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.061957] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.062581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.063041] ---[ end trace 0000000000000000 ]--- [ 178.065898] ------------[ cut here ]------------ [ 178.066302] WARNING: CPU: 1 PID: 1688 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.067139] Modules linked in: [ 178.067385] CPU: 1 PID: 1688 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.068041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.068879] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.069252] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.070659] RSP: 0018:ffff8880245f7bd0 EFLAGS: 00010246 [ 178.071067] RAX: 0000000000000000 RBX: ffff888023e8d0a8 RCX: 0000000000000000 [ 178.071613] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 178.072150] RBP: ffff8880245f7be8 R08: ffffed10047d1a33 R09: ffffed10047d1a33 [ 178.072688] R10: ffff888023e8d193 R11: ffffed10047d1a32 R12: ffff888012978000 [ 178.073219] R13: ffff888023e8d1e8 R14: ffff888012870a00 R15: 0000000000000000 [ 178.073761] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 178.074363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.074817] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 178.075360] PKRU: 55555554 [ 178.075577] Call Trace: [ 178.075781] [ 178.075952] iommufd_access_destroy_object+0x65/0x170 [ 178.076351] iommufd_object_destroy_user+0x18e/0x220 [ 178.076756] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.077208] iommufd_access_destroy+0x43/0x70 [ 178.077564] iommufd_test_staccess_release+0x8d/0xd0 [ 178.077964] __fput+0x26d/0xa40 [ 178.078232] ____fput+0x1e/0x30 [ 178.078489] task_work_run+0x1a4/0x2d0 [ 178.078820] ? __pfx_task_work_run+0x10/0x10 [ 178.079173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.079564] ? switch_task_namespaces+0xa9/0xe0 [ 178.079940] do_exit+0xb17/0x2ef0 [ 178.080298] ? lock_acquire+0x427/0x4c0 [ 178.080942] ? __pfx_lock_release+0x10/0x10 [ 178.081344] ? __kasan_check_write+0x18/0x20 [ 178.081759] ? do_raw_spin_lock+0x132/0x2a0 [ 178.082091] ? __pfx_do_exit+0x10/0x10 [ 178.082394] ? debug_smp_processor_id+0x20/0x30 [ 178.082786] ? rcu_is_watching+0x19/0xb0 [ 178.083097] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.083471] ? trace_hardirqs_on+0x26/0x120 [ 178.083803] do_group_exit+0xe0/0x2b0 [ 178.084097] __x64_sys_exit_group+0x47/0x50 [ 178.084424] do_syscall_64+0x3b/0x90 [ 178.084725] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.085127] RIP: 0033:0x7f4b87518a4d [ 178.085420] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.085957] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.086628] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.087258] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.087842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.088396] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.088945] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.089609] [ 178.089793] irq event stamp: 0 [ 178.090035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.090538] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.091204] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.091929] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.092417] ---[ end trace 0000000000000000 ]--- [ 178.093350] ------------[ cut here ]------------ [ 178.093723] WARNING: CPU: 1 PID: 1688 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.094534] Modules linked in: [ 178.094785] CPU: 1 PID: 1688 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.095603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.096470] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.096877] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.098403] RSP: 0018:ffff8880245f7b78 EFLAGS: 00010246 [ 178.098850] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.099412] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 178.099957] RBP: ffff8880245f7b98 R08: ffffed10047d1a3e R09: ffffed10047d1a3e [ 178.100507] R10: ffff888023e8d1ef R11: ffffed10047d1a3d R12: ffff888023e8d290 [ 178.101060] R13: ffff888023e8d0a8 R14: ffffffffffffffff R15: ffff8880245f7c60 [ 178.101678] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 178.102641] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.103317] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 178.104237] PKRU: 55555554 [ 178.104561] Call Trace: [ 178.104852] [ 178.105113] iommufd_ioas_destroy+0x53/0x70 [ 178.105628] iommufd_fops_release+0x1f7/0x370 [ 178.106221] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.106827] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.107408] ? write_comp_data+0x2f/0x90 [ 178.107932] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.108550] __fput+0x26d/0xa40 [ 178.108950] ____fput+0x1e/0x30 [ 178.109340] task_work_run+0x1a4/0x2d0 [ 178.109876] ? __pfx_task_work_run+0x10/0x10 [ 178.110385] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.110980] ? switch_task_namespaces+0xa9/0xe0 [ 178.111540] do_exit+0xb17/0x2ef0 [ 178.111990] ? lock_acquire+0x427/0x4c0 [ 178.112485] ? __pfx_lock_release+0x10/0x10 [ 178.112983] ? __kasan_check_write+0x18/0x20 [ 178.113504] ? do_raw_spin_lock+0x132/0x2a0 [ 178.114058] ? __pfx_do_exit+0x10/0x10 [ 178.114569] ? debug_smp_processor_id+0x20/0x30 [ 178.115107] ? rcu_is_watching+0x19/0xb0 [ 178.115585] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.116177] ? trace_hardirqs_on+0x26/0x120 [ 178.116675] do_group_exit+0xe0/0x2b0 [ 178.117112] __x64_sys_exit_group+0x47/0x50 [ 178.117655] do_syscall_64+0x3b/0x90 [ 178.118118] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.118598] RIP: 0033:0x7f4b87518a4d [ 178.118903] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.119420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.120165] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.120749] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.121335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.122032] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.122633] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.123244] [ 178.123437] irq event stamp: 0 [ 178.123716] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.124344] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.125028] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.125785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.126372] ---[ end trace 0000000000000000 ]--- [ 178.131471] ------------[ cut here ]------------ [ 178.131973] WARNING: CPU: 0 PID: 1689 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.132978] Modules linked in: [ 178.133247] CPU: 0 PID: 1689 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.133989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.135201] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.135642] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.137390] RSP: 0018:ffff88800fbe7bb8 EFLAGS: 00010246 [ 178.137858] RAX: 0000000000000000 RBX: ffff88801048d0a8 RCX: 0000000000000000 [ 178.138573] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 178.139287] RBP: ffff88800fbe7bd0 R08: ffffed1002091a33 R09: ffffed1002091a33 [ 178.139910] R10: ffff88801048d193 R11: ffffed1002091a32 R12: ffff8880145a7400 [ 178.140721] R13: ffff88801048d1e8 R14: ffffffff8352e670 R15: ffff88800fbe7e68 [ 178.141346] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.142050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.142753] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 178.143391] PKRU: 55555554 [ 178.143645] Call Trace: [ 178.143870] [ 178.144070] __iommufd_access_detach+0x1c2/0x2b0 [ 178.144653] iommufd_access_change_pt+0x149/0x270 [ 178.145080] iommufd_access_replace+0xb4/0x120 [ 178.145497] iommufd_test+0x3e5/0x37e0 [ 178.145838] ? lock_release+0x532/0x770 [ 178.146280] ? __might_fault+0x102/0x1b0 [ 178.146736] ? lock_acquire+0x427/0x4c0 [ 178.147094] ? __pfx_iommufd_test+0x10/0x10 [ 178.147476] ? __pfx_lock_release+0x10/0x10 [ 178.147861] ? __pfx_lock_acquire+0x10/0x10 [ 178.148425] ? write_comp_data+0x2f/0x90 [ 178.148795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.149225] ? write_comp_data+0x2f/0x90 [ 178.149597] iommufd_fops_ioctl+0x37d/0x510 [ 178.150083] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.150665] ? write_comp_data+0x2f/0x90 [ 178.151036] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.151469] __x64_sys_ioctl+0x1a3/0x230 [ 178.151900] do_syscall_64+0x3b/0x90 [ 178.152361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.152830] RIP: 0033:0x7f4b8743ee5d [ 178.153161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.154958] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.155693] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.156442] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.157069] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.157780] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.158580] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.159220] [ 178.159451] irq event stamp: 0 [ 178.159899] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.160458] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.161199] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.162120] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.162695] ---[ end trace 0000000000000000 ]--- [ 178.167781] ------------[ cut here ]------------ [ 178.168428] WARNING: CPU: 0 PID: 1689 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.169468] Modules linked in: [ 178.169966] CPU: 0 PID: 1689 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.170828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.172127] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.172587] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.174245] RSP: 0018:ffff88800fbe7bd0 EFLAGS: 00010246 [ 178.174764] RAX: 0000000000000000 RBX: ffff88801048d0a8 RCX: 0000000000000000 [ 178.175422] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 178.176067] RBP: ffff88800fbe7be8 R08: ffffed1002091a33 R09: ffffed1002091a33 [ 178.176713] R10: ffff88801048d193 R11: ffffed1002091a32 R12: ffff888012de6c00 [ 178.177355] R13: ffff88801048d1e8 R14: ffff8880143bf500 R15: 0000000000000000 [ 178.178015] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.178778] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.179314] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 178.179982] PKRU: 55555554 [ 178.180241] Call Trace: [ 178.180475] [ 178.180684] iommufd_access_destroy_object+0x65/0x170 [ 178.181174] iommufd_object_destroy_user+0x18e/0x220 [ 178.181648] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.182196] iommufd_access_destroy+0x43/0x70 [ 178.182655] iommufd_test_staccess_release+0x8d/0xd0 [ 178.183261] __fput+0x26d/0xa40 [ 178.183585] ____fput+0x1e/0x30 [ 178.183896] task_work_run+0x1a4/0x2d0 [ 178.184273] ? __pfx_task_work_run+0x10/0x10 [ 178.184684] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.185153] ? switch_task_namespaces+0xa9/0xe0 [ 178.185599] do_exit+0xb17/0x2ef0 [ 178.185922] ? lock_acquire+0x427/0x4c0 [ 178.186303] ? __pfx_lock_release+0x10/0x10 [ 178.186752] ? __kasan_check_write+0x18/0x20 [ 178.187278] ? do_raw_spin_lock+0x132/0x2a0 [ 178.187693] ? __pfx_do_exit+0x10/0x10 [ 178.188064] ? debug_smp_processor_id+0x20/0x30 [ 178.188494] ? rcu_is_watching+0x19/0xb0 [ 178.188875] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.189294] ? trace_hardirqs_on+0x26/0x120 [ 178.189706] do_group_exit+0xe0/0x2b0 [ 178.190059] __x64_sys_exit_group+0x47/0x50 [ 178.190454] do_syscall_64+0x3b/0x90 [ 178.190848] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.191448] RIP: 0033:0x7f4b87518a4d [ 178.191800] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.192367] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.193065] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.193711] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.194366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.195053] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.195806] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.196474] [ 178.196688] irq event stamp: 0 [ 178.196976] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.197560] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.198328] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.199126] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.199700] ---[ end trace 0000000000000000 ]--- [ 178.201122] ------------[ cut here ]------------ [ 178.201578] WARNING: CPU: 0 PID: 1689 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.202576] Modules linked in: [ 178.203136] CPU: 0 PID: 1689 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.203951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.205002] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.205570] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.207540] RSP: 0018:ffff88800fbe7b78 EFLAGS: 00010246 [ 178.208270] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.208923] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 178.209577] RBP: ffff88800fbe7b98 R08: ffffed1002091a3e R09: ffffed1002091a3e [ 178.210440] R10: ffff88801048d1ef R11: ffffed1002091a3d R12: ffff88801048d290 [ 178.211124] R13: ffff88801048d0a8 R14: ffffffffffffffff R15: ffff88800fbe7c60 [ 178.211784] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.212724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.213262] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 178.213969] PKRU: 55555554 [ 178.214423] Call Trace: [ 178.214708] [ 178.214922] iommufd_ioas_destroy+0x53/0x70 [ 178.215341] iommufd_fops_release+0x1f7/0x370 [ 178.215767] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.216231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.216887] ? write_comp_data+0x2f/0x90 [ 178.217277] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.217749] __fput+0x26d/0xa40 [ 178.218074] ____fput+0x1e/0x30 [ 178.218432] task_work_run+0x1a4/0x2d0 [ 178.218965] ? __pfx_task_work_run+0x10/0x10 [ 178.219393] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.219849] ? switch_task_namespaces+0xa9/0xe0 [ 178.220293] do_exit+0xb17/0x2ef0 [ 178.220620] ? lock_acquire+0x427/0x4c0 [ 178.221095] ? __pfx_lock_release+0x10/0x10 [ 178.221594] ? __kasan_check_write+0x18/0x20 [ 178.222012] ? do_raw_spin_lock+0x132/0x2a0 [ 178.222429] ? __pfx_do_exit+0x10/0x10 [ 178.222827] ? debug_smp_processor_id+0x20/0x30 [ 178.223276] ? rcu_is_watching+0x19/0xb0 [ 178.223849] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.224274] ? trace_hardirqs_on+0x26/0x120 [ 178.224680] do_group_exit+0xe0/0x2b0 [ 178.225035] __x64_sys_exit_group+0x47/0x50 [ 178.225532] do_syscall_64+0x3b/0x90 [ 178.225978] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.226471] RIP: 0033:0x7f4b87518a4d [ 178.226842] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.227432] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.228354] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.229009] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.229667] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.230558] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.231239] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.231911] [ 178.232155] irq event stamp: 0 [ 178.232603] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.233185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.233970] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.234978] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.235573] ---[ end trace 0000000000000000 ]--- [ 178.239695] ------------[ cut here ]------------ [ 178.240176] WARNING: CPU: 0 PID: 1690 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.241319] Modules linked in: [ 178.241620] CPU: 0 PID: 1690 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.242586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.243644] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.244106] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.245761] RSP: 0018:ffff8880120e7bb8 EFLAGS: 00010246 [ 178.246251] RAX: 0000000000000000 RBX: ffff8880171bc0a8 RCX: 0000000000000000 [ 178.246928] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 178.247595] RBP: ffff8880120e7bd0 R08: ffffed1002e37833 R09: ffffed1002e37833 [ 178.248246] R10: ffff8880171bc193 R11: ffffed1002e37832 R12: ffff888013b22800 [ 178.248892] R13: ffff8880171bc1e8 R14: ffffffff8352e670 R15: ffff8880120e7e68 [ 178.249536] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.250266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.250819] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 178.251491] PKRU: 55555554 [ 178.251755] Call Trace: [ 178.251996] [ 178.252205] __iommufd_access_detach+0x1c2/0x2b0 [ 178.252664] iommufd_access_change_pt+0x149/0x270 [ 178.253119] iommufd_access_replace+0xb4/0x120 [ 178.253556] iommufd_test+0x3e5/0x37e0 [ 178.253918] ? lock_release+0x532/0x770 [ 178.254295] ? __might_fault+0x102/0x1b0 [ 178.254704] ? lock_acquire+0x427/0x4c0 [ 178.255083] ? __pfx_iommufd_test+0x10/0x10 [ 178.255491] ? __pfx_lock_release+0x10/0x10 [ 178.255896] ? __pfx_lock_acquire+0x10/0x10 [ 178.256305] ? write_comp_data+0x2f/0x90 [ 178.256708] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.257169] ? write_comp_data+0x2f/0x90 [ 178.257558] iommufd_fops_ioctl+0x37d/0x510 [ 178.257963] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.258417] ? write_comp_data+0x2f/0x90 [ 178.258826] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.259291] __x64_sys_ioctl+0x1a3/0x230 [ 178.259677] do_syscall_64+0x3b/0x90 [ 178.260039] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.260531] RIP: 0033:0x7f4b8743ee5d [ 178.260876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.262566] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.263277] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.263927] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.264587] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.265240] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.265889] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.266573] [ 178.266789] irq event stamp: 0 [ 178.267079] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.267662] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.268426] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.269185] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.269761] ---[ end trace 0000000000000000 ]--- [ 178.272920] ------------[ cut here ]------------ [ 178.273537] WARNING: CPU: 0 PID: 1690 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.274411] Modules linked in: [ 178.274791] CPU: 0 PID: 1690 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.275651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.276723] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.277158] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.278915] RSP: 0018:ffff8880120e7bd0 EFLAGS: 00010246 [ 178.279386] RAX: 0000000000000000 RBX: ffff8880171bc0a8 RCX: 0000000000000000 [ 178.280186] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 178.280801] RBP: ffff8880120e7be8 R08: ffffed1002e37833 R09: ffffed1002e37833 [ 178.281413] R10: ffff8880171bc193 R11: ffffed1002e37832 R12: ffff8880145a5800 [ 178.282202] R13: ffff8880171bc1e8 R14: ffff8880138abb00 R15: 0000000000000000 [ 178.282865] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.283579] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.284282] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.284905] PKRU: 55555554 [ 178.285153] Call Trace: [ 178.285376] [ 178.285574] iommufd_access_destroy_object+0x65/0x170 [ 178.286120] iommufd_object_destroy_user+0x18e/0x220 [ 178.286676] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.287203] iommufd_access_destroy+0x43/0x70 [ 178.287607] iommufd_test_staccess_release+0x8d/0xd0 [ 178.288066] __fput+0x26d/0xa40 [ 178.288540] ____fput+0x1e/0x30 [ 178.288841] task_work_run+0x1a4/0x2d0 [ 178.289192] ? __pfx_task_work_run+0x10/0x10 [ 178.289586] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.290044] ? switch_task_namespaces+0xa9/0xe0 [ 178.290618] do_exit+0xb17/0x2ef0 [ 178.290929] ? lock_acquire+0x427/0x4c0 [ 178.291298] ? __pfx_lock_release+0x10/0x10 [ 178.291680] ? __kasan_check_write+0x18/0x20 [ 178.292068] ? do_raw_spin_lock+0x132/0x2a0 [ 178.292527] ? __pfx_do_exit+0x10/0x10 [ 178.292948] ? debug_smp_processor_id+0x20/0x30 [ 178.293365] ? rcu_is_watching+0x19/0xb0 [ 178.293726] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.294148] ? trace_hardirqs_on+0x26/0x120 [ 178.294697] do_group_exit+0xe0/0x2b0 [ 178.295041] __x64_sys_exit_group+0x47/0x50 [ 178.295412] do_syscall_64+0x3b/0x90 [ 178.295746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.296199] RIP: 0033:0x7f4b87518a4d [ 178.296595] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.297237] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.297947] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.298794] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.299460] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.300100] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.300759] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.301572] [ 178.301779] irq event stamp: 0 [ 178.302055] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.302677] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.303551] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.304270] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.304833] ---[ end trace 0000000000000000 ]--- [ 178.305619] ------------[ cut here ]------------ [ 178.306027] WARNING: CPU: 0 PID: 1690 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.306955] Modules linked in: [ 178.307250] CPU: 0 PID: 1690 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.308023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.309011] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.309455] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.311089] RSP: 0018:ffff8880120e7b78 EFLAGS: 00010246 [ 178.311566] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.312188] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 178.312791] RBP: ffff8880120e7b98 R08: ffffed1002e3783e R09: ffffed1002e3783e [ 178.313428] R10: ffff8880171bc1ef R11: ffffed1002e3783d R12: ffff8880171bc290 [ 178.314034] R13: ffff8880171bc0a8 R14: ffffffffffffffff R15: ffff8880120e7c60 [ 178.314683] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.315403] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.315901] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.316547] PKRU: 55555554 [ 178.316793] Call Trace: [ 178.317017] [ 178.317211] iommufd_ioas_destroy+0x53/0x70 [ 178.317615] iommufd_fops_release+0x1f7/0x370 [ 178.318008] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.318444] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.318939] ? write_comp_data+0x2f/0x90 [ 178.319317] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.319782] __fput+0x26d/0xa40 [ 178.320082] ____fput+0x1e/0x30 [ 178.320374] task_work_run+0x1a4/0x2d0 [ 178.320731] ? __pfx_task_work_run+0x10/0x10 [ 178.321120] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.321543] ? switch_task_namespaces+0xa9/0xe0 [ 178.321970] do_exit+0xb17/0x2ef0 [ 178.322270] ? lock_acquire+0x427/0x4c0 [ 178.322653] ? __pfx_lock_release+0x10/0x10 [ 178.323052] ? __kasan_check_write+0x18/0x20 [ 178.323441] ? do_raw_spin_lock+0x132/0x2a0 [ 178.323813] ? __pfx_do_exit+0x10/0x10 [ 178.324172] ? debug_smp_processor_id+0x20/0x30 [ 178.324575] ? rcu_is_watching+0x19/0xb0 [ 178.324924] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.325330] ? trace_hardirqs_on+0x26/0x120 [ 178.325707] do_group_exit+0xe0/0x2b0 [ 178.326037] __x64_sys_exit_group+0x47/0x50 [ 178.326423] do_syscall_64+0x3b/0x90 [ 178.326772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.327236] RIP: 0033:0x7f4b87518a4d [ 178.327573] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.328102] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.328769] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.329380] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.330000] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.330642] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.331266] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.331900] [ 178.332099] irq event stamp: 0 [ 178.332372] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.332929] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.333651] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.334383] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.334959] ---[ end trace 0000000000000000 ]--- [ 178.340266] ------------[ cut here ]------------ [ 178.340719] WARNING: CPU: 0 PID: 1691 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.341842] Modules linked in: [ 178.342123] CPU: 0 PID: 1691 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.342941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.344094] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.344556] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.346383] RSP: 0018:ffff888017b77bb8 EFLAGS: 00010246 [ 178.346880] RAX: 0000000000000000 RBX: ffff8880165330a8 RCX: 0000000000000000 [ 178.347685] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 178.348319] RBP: ffff888017b77bd0 R08: ffffed1002ca6633 R09: ffffed1002ca6633 [ 178.348930] R10: ffff888016533193 R11: ffffed1002ca6632 R12: ffff88800a724400 [ 178.349760] R13: ffff8880165331e8 R14: ffffffff8352e670 R15: ffff888017b77e68 [ 178.350394] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.351127] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.351652] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 178.352262] PKRU: 55555554 [ 178.352510] Call Trace: [ 178.352742] [ 178.352940] __iommufd_access_detach+0x1c2/0x2b0 [ 178.353367] iommufd_access_change_pt+0x149/0x270 [ 178.353818] iommufd_access_replace+0xb4/0x120 [ 178.354226] iommufd_test+0x3e5/0x37e0 [ 178.354585] ? lock_release+0x532/0x770 [ 178.354976] ? __might_fault+0x102/0x1b0 [ 178.355343] ? lock_acquire+0x427/0x4c0 [ 178.355702] ? __pfx_iommufd_test+0x10/0x10 [ 178.356092] ? __pfx_lock_release+0x10/0x10 [ 178.356470] ? __pfx_lock_acquire+0x10/0x10 [ 178.356852] ? write_comp_data+0x2f/0x90 [ 178.357229] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.357655] ? write_comp_data+0x2f/0x90 [ 178.358040] iommufd_fops_ioctl+0x37d/0x510 [ 178.358417] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.358878] ? write_comp_data+0x2f/0x90 [ 178.359280] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.359705] __x64_sys_ioctl+0x1a3/0x230 [ 178.360070] do_syscall_64+0x3b/0x90 [ 178.360466] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.361050] RIP: 0033:0x7f4b8743ee5d [ 178.361468] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.363494] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.364266] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.364990] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.365618] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.366242] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.366904] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.367710] [ 178.367976] irq event stamp: 0 [ 178.368325] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.369032] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.369988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.370967] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.371555] ---[ end trace 0000000000000000 ]--- [ 178.374679] ------------[ cut here ]------------ [ 178.375141] WARNING: CPU: 0 PID: 1691 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.376035] Modules linked in: [ 178.376322] CPU: 0 PID: 1691 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.377169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.378385] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.379171] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.380951] RSP: 0018:ffff888017b77bd0 EFLAGS: 00010246 [ 178.381564] RAX: 0000000000000000 RBX: ffff8880165330a8 RCX: 0000000000000000 [ 178.382355] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 178.383274] RBP: ffff888017b77be8 R08: ffffed1002ca6633 R09: ffffed1002ca6633 [ 178.384079] R10: ffff888016533193 R11: ffffed1002ca6632 R12: ffff888013b23000 [ 178.384865] R13: ffff8880165331e8 R14: ffff888012ce0b00 R15: 0000000000000000 [ 178.385659] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.386593] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.387282] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.388074] PKRU: 55555554 [ 178.388404] Call Trace: [ 178.388699] [ 178.388959] iommufd_access_destroy_object+0x65/0x170 [ 178.389556] iommufd_object_destroy_user+0x18e/0x220 [ 178.390135] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.390843] iommufd_access_destroy+0x43/0x70 [ 178.391351] iommufd_test_staccess_release+0x8d/0xd0 [ 178.391817] __fput+0x26d/0xa40 [ 178.392123] ____fput+0x1e/0x30 [ 178.392417] task_work_run+0x1a4/0x2d0 [ 178.392767] ? __pfx_task_work_run+0x10/0x10 [ 178.393159] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.393592] ? switch_task_namespaces+0xa9/0xe0 [ 178.394019] do_exit+0xb17/0x2ef0 [ 178.394324] ? lock_acquire+0x427/0x4c0 [ 178.394711] ? __pfx_lock_release+0x10/0x10 [ 178.395103] ? __kasan_check_write+0x18/0x20 [ 178.395509] ? do_raw_spin_lock+0x132/0x2a0 [ 178.395889] ? __pfx_do_exit+0x10/0x10 [ 178.396246] ? debug_smp_processor_id+0x20/0x30 [ 178.396661] ? rcu_is_watching+0x19/0xb0 [ 178.397024] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.397425] ? trace_hardirqs_on+0x26/0x120 [ 178.397815] do_group_exit+0xe0/0x2b0 [ 178.398153] __x64_sys_exit_group+0x47/0x50 [ 178.398558] do_syscall_64+0x3b/0x90 [ 178.398909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.399386] RIP: 0033:0x7f4b87518a4d [ 178.399711] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.400246] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.400904] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.401530] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.402157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.402813] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.403453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.404083] [ 178.404288] irq event stamp: 0 [ 178.404568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.405130] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.405853] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.406601] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.407161] ---[ end trace 0000000000000000 ]--- [ 178.407914] ------------[ cut here ]------------ [ 178.408324] WARNING: CPU: 0 PID: 1691 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.409214] Modules linked in: [ 178.409501] CPU: 0 PID: 1691 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.410265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.411278] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.411743] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.413333] RSP: 0018:ffff888017b77b78 EFLAGS: 00010246 [ 178.413803] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.414423] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 178.415075] RBP: ffff888017b77b98 R08: ffffed1002ca663e R09: ffffed1002ca663e [ 178.415707] R10: ffff8880165331ef R11: ffffed1002ca663d R12: ffff888016533290 [ 178.416322] R13: ffff8880165330a8 R14: ffffffffffffffff R15: ffff888017b77c60 [ 178.416938] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.417635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.418139] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.418789] PKRU: 55555554 [ 178.419042] Call Trace: [ 178.419277] [ 178.419478] iommufd_ioas_destroy+0x53/0x70 [ 178.419871] iommufd_fops_release+0x1f7/0x370 [ 178.420269] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.420708] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.421147] ? write_comp_data+0x2f/0x90 [ 178.421515] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.421955] __fput+0x26d/0xa40 [ 178.422259] ____fput+0x1e/0x30 [ 178.422597] task_work_run+0x1a4/0x2d0 [ 178.422948] ? __pfx_task_work_run+0x10/0x10 [ 178.423352] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.423790] ? switch_task_namespaces+0xa9/0xe0 [ 178.424213] do_exit+0xb17/0x2ef0 [ 178.424528] ? lock_acquire+0x427/0x4c0 [ 178.424893] ? __pfx_lock_release+0x10/0x10 [ 178.425284] ? __kasan_check_write+0x18/0x20 [ 178.425675] ? do_raw_spin_lock+0x132/0x2a0 [ 178.426058] ? __pfx_do_exit+0x10/0x10 [ 178.426417] ? debug_smp_processor_id+0x20/0x30 [ 178.426861] ? rcu_is_watching+0x19/0xb0 [ 178.427234] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.427649] ? trace_hardirqs_on+0x26/0x120 [ 178.428040] do_group_exit+0xe0/0x2b0 [ 178.428381] __x64_sys_exit_group+0x47/0x50 [ 178.428773] do_syscall_64+0x3b/0x90 [ 178.429111] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.429565] RIP: 0033:0x7f4b87518a4d [ 178.429892] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.430427] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.431119] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.431750] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.432371] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.432985] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.433604] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.434230] [ 178.434437] irq event stamp: 0 [ 178.434735] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.435297] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.436023] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.436745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.437295] ---[ end trace 0000000000000000 ]--- [ 178.441137] ------------[ cut here ]------------ [ 178.441584] WARNING: CPU: 0 PID: 1692 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.442458] Modules linked in: [ 178.442786] CPU: 0 PID: 1692 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.443558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.444542] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.444979] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.446630] RSP: 0018:ffff8880143afbb8 EFLAGS: 00010246 [ 178.447133] RAX: 0000000000000000 RBX: ffff8880120e40a8 RCX: 0000000000000000 [ 178.447787] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 178.448453] RBP: ffff8880143afbd0 R08: ffffed100241c833 R09: ffffed100241c833 [ 178.449106] R10: ffff8880120e4193 R11: ffffed100241c832 R12: ffff88800fcb1c00 [ 178.449755] R13: ffff8880120e41e8 R14: ffffffff8352e670 R15: ffff8880143afe68 [ 178.450413] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.451193] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.451737] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 178.452397] PKRU: 55555554 [ 178.452658] Call Trace: [ 178.452895] [ 178.453102] __iommufd_access_detach+0x1c2/0x2b0 [ 178.453558] iommufd_access_change_pt+0x149/0x270 [ 178.454016] iommufd_access_replace+0xb4/0x120 [ 178.454452] iommufd_test+0x3e5/0x37e0 [ 178.454836] ? lock_release+0x532/0x770 [ 178.455225] ? __might_fault+0x102/0x1b0 [ 178.455612] ? lock_acquire+0x427/0x4c0 [ 178.455992] ? __pfx_iommufd_test+0x10/0x10 [ 178.456394] ? __pfx_lock_release+0x10/0x10 [ 178.456817] ? __pfx_lock_acquire+0x10/0x10 [ 178.457235] ? write_comp_data+0x2f/0x90 [ 178.457633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.458094] ? write_comp_data+0x2f/0x90 [ 178.458486] iommufd_fops_ioctl+0x37d/0x510 [ 178.458932] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.459402] ? write_comp_data+0x2f/0x90 [ 178.459792] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.460243] __x64_sys_ioctl+0x1a3/0x230 [ 178.460631] do_syscall_64+0x3b/0x90 [ 178.460988] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.461473] RIP: 0033:0x7f4b8743ee5d [ 178.461816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.463543] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.464252] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.464909] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.465570] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.466224] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.466907] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.467587] [ 178.467809] irq event stamp: 0 [ 178.468102] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.468685] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.469458] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.470227] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.470837] ---[ end trace 0000000000000000 ]--- [ 178.473855] ------------[ cut here ]------------ [ 178.474348] WARNING: CPU: 0 PID: 1692 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.475343] Modules linked in: [ 178.475652] CPU: 0 PID: 1692 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.476476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.477526] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.477995] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.479766] RSP: 0018:ffff8880143afbd0 EFLAGS: 00010246 [ 178.480275] RAX: 0000000000000000 RBX: ffff8880120e40a8 RCX: 0000000000000000 [ 178.480939] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 178.481599] RBP: ffff8880143afbe8 R08: ffffed100241c833 R09: ffffed100241c833 [ 178.482263] R10: ffff8880120e4193 R11: ffffed100241c832 R12: ffff88800a727000 [ 178.482965] R13: ffff8880120e41e8 R14: ffff888013797000 R15: 0000000000000000 [ 178.483659] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.484413] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.484961] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.485630] PKRU: 55555554 [ 178.485897] Call Trace: [ 178.486138] [ 178.486354] iommufd_access_destroy_object+0x65/0x170 [ 178.486876] iommufd_object_destroy_user+0x18e/0x220 [ 178.487378] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.487932] iommufd_access_destroy+0x43/0x70 [ 178.488378] iommufd_test_staccess_release+0x8d/0xd0 [ 178.488871] __fput+0x26d/0xa40 [ 178.489208] ____fput+0x1e/0x30 [ 178.489529] task_work_run+0x1a4/0x2d0 [ 178.489904] ? __pfx_task_work_run+0x10/0x10 [ 178.490338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.490841] ? switch_task_namespaces+0xa9/0xe0 [ 178.491314] do_exit+0xb17/0x2ef0 [ 178.491652] ? lock_acquire+0x427/0x4c0 [ 178.492049] ? __pfx_lock_release+0x10/0x10 [ 178.492484] ? __kasan_check_write+0x18/0x20 [ 178.492940] ? do_raw_spin_lock+0x132/0x2a0 [ 178.493380] ? __pfx_do_exit+0x10/0x10 [ 178.493789] ? debug_smp_processor_id+0x20/0x30 [ 178.494287] ? rcu_is_watching+0x19/0xb0 [ 178.494748] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.495229] ? trace_hardirqs_on+0x26/0x120 [ 178.495689] do_group_exit+0xe0/0x2b0 [ 178.496095] __x64_sys_exit_group+0x47/0x50 [ 178.496546] do_syscall_64+0x3b/0x90 [ 178.496941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.497489] RIP: 0033:0x7f4b87518a4d [ 178.497878] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.498573] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.499373] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.500099] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.500835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.501568] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.502305] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.503083] [ 178.503334] irq event stamp: 0 [ 178.503660] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.504312] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.505178] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.506034] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.506713] ---[ end trace 0000000000000000 ]--- [ 178.508017] ------------[ cut here ]------------ [ 178.508519] WARNING: CPU: 0 PID: 1692 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.509561] Modules linked in: [ 178.509895] CPU: 0 PID: 1692 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.510854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.512032] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.512574] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.514445] RSP: 0018:ffff8880143afb78 EFLAGS: 00010246 [ 178.515100] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.515858] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 178.516589] RBP: ffff8880143afb98 R08: ffffed100241c83e R09: ffffed100241c83e [ 178.517320] R10: ffff8880120e41ef R11: ffffed100241c83d R12: ffff8880120e4290 [ 178.518060] R13: ffff8880120e40a8 R14: ffffffffffffffff R15: ffff8880143afc60 [ 178.518834] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.519685] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.520274] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.521001] PKRU: 55555554 [ 178.521293] Call Trace: [ 178.521558] [ 178.521789] iommufd_ioas_destroy+0x53/0x70 [ 178.522238] iommufd_fops_release+0x1f7/0x370 [ 178.522745] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.523292] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.523812] ? write_comp_data+0x2f/0x90 [ 178.524239] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.524754] __fput+0x26d/0xa40 [ 178.525115] ____fput+0x1e/0x30 [ 178.525460] task_work_run+0x1a4/0x2d0 [ 178.525869] ? __pfx_task_work_run+0x10/0x10 [ 178.526334] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.526891] ? switch_task_namespaces+0xa9/0xe0 [ 178.527403] do_exit+0xb17/0x2ef0 [ 178.527770] ? lock_acquire+0x427/0x4c0 [ 178.528197] ? __pfx_lock_release+0x10/0x10 [ 178.528654] ? __kasan_check_write+0x18/0x20 [ 178.529124] ? do_raw_spin_lock+0x132/0x2a0 [ 178.529574] ? __pfx_do_exit+0x10/0x10 [ 178.529988] ? debug_smp_processor_id+0x20/0x30 [ 178.530472] ? rcu_is_watching+0x19/0xb0 [ 178.530929] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.531426] ? trace_hardirqs_on+0x26/0x120 [ 178.531875] do_group_exit+0xe0/0x2b0 [ 178.532279] __x64_sys_exit_group+0x47/0x50 [ 178.532722] do_syscall_64+0x3b/0x90 [ 178.533123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.533660] RIP: 0033:0x7f4b87518a4d [ 178.534047] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.534711] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.535502] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.536235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.536982] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.537715] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.538450] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.539253] [ 178.539506] irq event stamp: 0 [ 178.539831] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.540479] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.541359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.542223] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.542910] ---[ end trace 0000000000000000 ]--- [ 178.548628] ------------[ cut here ]------------ [ 178.549176] WARNING: CPU: 0 PID: 1693 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.550219] Modules linked in: [ 178.550796] CPU: 0 PID: 1693 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.551720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.552895] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.553428] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.555383] RSP: 0018:ffff88800f677bb8 EFLAGS: 00010246 [ 178.555960] RAX: 0000000000000000 RBX: ffff888011ea70a8 RCX: 0000000000000000 [ 178.556703] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 178.557452] RBP: ffff88800f677bd0 R08: ffffed10023d4e33 R09: ffffed10023d4e33 [ 178.558194] R10: ffff888011ea7193 R11: ffffed10023d4e32 R12: ffff8880139e0800 [ 178.558965] R13: ffff888011ea71e8 R14: ffffffff8352e670 R15: ffff88800f677e68 [ 178.559720] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.560562] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.561171] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 178.561917] PKRU: 55555554 [ 178.562212] Call Trace: [ 178.562478] [ 178.562744] __iommufd_access_detach+0x1c2/0x2b0 [ 178.563269] iommufd_access_change_pt+0x149/0x270 [ 178.563778] iommufd_access_replace+0xb4/0x120 [ 178.564259] iommufd_test+0x3e5/0x37e0 [ 178.564664] ? lock_release+0x532/0x770 [ 178.565091] ? __might_fault+0x102/0x1b0 [ 178.565517] ? lock_acquire+0x427/0x4c0 [ 178.565944] ? __pfx_iommufd_test+0x10/0x10 [ 178.566390] ? __pfx_lock_release+0x10/0x10 [ 178.566870] ? __pfx_lock_acquire+0x10/0x10 [ 178.567341] ? write_comp_data+0x2f/0x90 [ 178.567780] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.568301] ? write_comp_data+0x2f/0x90 [ 178.568738] iommufd_fops_ioctl+0x37d/0x510 [ 178.569207] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.569722] ? write_comp_data+0x2f/0x90 [ 178.570156] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.570698] __x64_sys_ioctl+0x1a3/0x230 [ 178.571150] do_syscall_64+0x3b/0x90 [ 178.571553] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.572100] RIP: 0033:0x7f4b8743ee5d [ 178.572487] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.574423] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.575274] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.576014] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.576755] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.577499] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.578240] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.579027] [ 178.579288] irq event stamp: 0 [ 178.579612] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.580268] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.581144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.582006] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.582722] ---[ end trace 0000000000000000 ]--- [ 178.585930] ------------[ cut here ]------------ [ 178.586467] WARNING: CPU: 0 PID: 1693 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.587616] Modules linked in: [ 178.587956] CPU: 0 PID: 1693 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.588873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.590078] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.590647] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.592578] RSP: 0018:ffff88800f677bd0 EFLAGS: 00010246 [ 178.593142] RAX: 0000000000000000 RBX: ffff888011ea70a8 RCX: 0000000000000000 [ 178.593916] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 178.594722] RBP: ffff88800f677be8 R08: ffffed10023d4e33 R09: ffffed10023d4e33 [ 178.595502] R10: ffff888011ea7193 R11: ffffed10023d4e32 R12: ffff88800fcb3800 [ 178.596270] R13: ffff888011ea71e8 R14: ffff88800f899e00 R15: 0000000000000000 [ 178.597211] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.598629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.599277] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.600029] PKRU: 55555554 [ 178.600330] Call Trace: [ 178.600600] [ 178.600841] iommufd_access_destroy_object+0x65/0x170 [ 178.601513] iommufd_object_destroy_user+0x18e/0x220 [ 178.602179] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.602847] iommufd_access_destroy+0x43/0x70 [ 178.603356] iommufd_test_staccess_release+0x8d/0xd0 [ 178.603916] __fput+0x26d/0xa40 [ 178.604300] ____fput+0x1e/0x30 [ 178.604668] task_work_run+0x1a4/0x2d0 [ 178.605109] ? __pfx_task_work_run+0x10/0x10 [ 178.605600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.606147] ? switch_task_namespaces+0xa9/0xe0 [ 178.606730] do_exit+0xb17/0x2ef0 [ 178.607148] ? lock_acquire+0x427/0x4c0 [ 178.607595] ? __pfx_lock_release+0x10/0x10 [ 178.608085] ? __kasan_check_write+0x18/0x20 [ 178.608586] ? do_raw_spin_lock+0x132/0x2a0 [ 178.609053] ? __pfx_do_exit+0x10/0x10 [ 178.609480] ? debug_smp_processor_id+0x20/0x30 [ 178.609979] ? rcu_is_watching+0x19/0xb0 [ 178.610422] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.610941] ? trace_hardirqs_on+0x26/0x120 [ 178.611420] do_group_exit+0xe0/0x2b0 [ 178.611828] __x64_sys_exit_group+0x47/0x50 [ 178.612284] do_syscall_64+0x3b/0x90 [ 178.612693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.613260] RIP: 0033:0x7f4b87518a4d [ 178.613659] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.614313] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.615147] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.615899] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.616642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.617392] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.618142] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.618919] [ 178.619180] irq event stamp: 0 [ 178.619514] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.620184] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.621073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.621957] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.622648] ---[ end trace 0000000000000000 ]--- [ 178.623647] ------------[ cut here ]------------ [ 178.624401] WARNING: CPU: 0 PID: 1693 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.625502] Modules linked in: [ 178.625854] CPU: 0 PID: 1693 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.626831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.628051] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.628675] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.630905] RSP: 0018:ffff88800f677b78 EFLAGS: 00010246 [ 178.631504] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.632267] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 178.633025] RBP: ffff88800f677b98 R08: ffffed10023d4e3e R09: ffffed10023d4e3e [ 178.633978] R10: ffff888011ea71ef R11: ffffed10023d4e3d R12: ffff888011ea7290 [ 178.634903] R13: ffff888011ea70a8 R14: ffffffffffffffff R15: ffff88800f677c60 [ 178.635674] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.636521] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.637132] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.637887] PKRU: 55555554 [ 178.638297] Call Trace: [ 178.638816] [ 178.639064] iommufd_ioas_destroy+0x53/0x70 [ 178.639556] iommufd_fops_release+0x1f7/0x370 [ 178.640042] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.640576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.641102] ? write_comp_data+0x2f/0x90 [ 178.641543] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.642077] __fput+0x26d/0xa40 [ 178.642449] ____fput+0x1e/0x30 [ 178.642966] task_work_run+0x1a4/0x2d0 [ 178.643563] ? __pfx_task_work_run+0x10/0x10 [ 178.644048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.644573] ? switch_task_namespaces+0xa9/0xe0 [ 178.645085] do_exit+0xb17/0x2ef0 [ 178.645459] ? lock_acquire+0x427/0x4c0 [ 178.645901] ? __pfx_lock_release+0x10/0x10 [ 178.646370] ? __kasan_check_write+0x18/0x20 [ 178.646880] ? do_raw_spin_lock+0x132/0x2a0 [ 178.647369] ? __pfx_do_exit+0x10/0x10 [ 178.647797] ? debug_smp_processor_id+0x20/0x30 [ 178.648298] ? rcu_is_watching+0x19/0xb0 [ 178.648903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.649522] ? trace_hardirqs_on+0x26/0x120 [ 178.649992] do_group_exit+0xe0/0x2b0 [ 178.650397] __x64_sys_exit_group+0x47/0x50 [ 178.650892] do_syscall_64+0x3b/0x90 [ 178.651308] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.651862] RIP: 0033:0x7f4b87518a4d [ 178.652253] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.652901] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.654027] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.654814] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.655590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.656349] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.657113] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.657903] [ 178.658242] irq event stamp: 0 [ 178.658746] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.659428] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.660311] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.661184] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.661845] ---[ end trace 0000000000000000 ]--- [ 178.667219] ------------[ cut here ]------------ [ 178.667792] WARNING: CPU: 0 PID: 1694 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.669222] Modules linked in: [ 178.669573] CPU: 0 PID: 1694 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.670491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.671747] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.672284] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.674597] RSP: 0018:ffff888016ef7bb8 EFLAGS: 00010246 [ 178.675183] RAX: 0000000000000000 RBX: ffff888015fb90a8 RCX: 0000000000000000 [ 178.675938] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 178.676930] RBP: ffff888016ef7bd0 R08: ffffed1002bf7233 R09: ffffed1002bf7233 [ 178.677683] R10: ffff888015fb9193 R11: ffffed1002bf7232 R12: ffff88801883cc00 [ 178.678444] R13: ffff888015fb91e8 R14: ffffffff8352e670 R15: ffff888016ef7e68 [ 178.679260] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.680242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.680999] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 178.681764] PKRU: 55555554 [ 178.682068] Call Trace: [ 178.682339] [ 178.682617] __iommufd_access_detach+0x1c2/0x2b0 [ 178.683158] iommufd_access_change_pt+0x149/0x270 [ 178.683684] iommufd_access_replace+0xb4/0x120 [ 178.684341] iommufd_test+0x3e5/0x37e0 [ 178.684871] ? lock_release+0x532/0x770 [ 178.685311] ? __might_fault+0x102/0x1b0 [ 178.685750] ? lock_acquire+0x427/0x4c0 [ 178.686189] ? __pfx_iommufd_test+0x10/0x10 [ 178.686674] ? __pfx_lock_release+0x10/0x10 [ 178.687148] ? __pfx_lock_acquire+0x10/0x10 [ 178.687618] ? write_comp_data+0x2f/0x90 [ 178.688129] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.688875] ? write_comp_data+0x2f/0x90 [ 178.689321] iommufd_fops_ioctl+0x37d/0x510 [ 178.689791] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.690317] ? write_comp_data+0x2f/0x90 [ 178.690789] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.691319] __x64_sys_ioctl+0x1a3/0x230 [ 178.691769] do_syscall_64+0x3b/0x90 [ 178.692236] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.693007] RIP: 0033:0x7f4b8743ee5d [ 178.693413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.695364] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.696253] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.697161] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.697909] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.698676] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.699442] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.700306] [ 178.700695] irq event stamp: 0 [ 178.701029] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.701698] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.702613] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.703512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.704346] ---[ end trace 0000000000000000 ]--- [ 178.709821] ------------[ cut here ]------------ [ 178.710350] WARNING: CPU: 0 PID: 1694 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.711507] Modules linked in: [ 178.711921] CPU: 0 PID: 1694 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.713050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.714247] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.714809] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.716973] RSP: 0018:ffff888016ef7bd0 EFLAGS: 00010246 [ 178.717541] RAX: 0000000000000000 RBX: ffff888015fb90a8 RCX: 0000000000000000 [ 178.718289] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 178.719143] RBP: ffff888016ef7be8 R08: ffffed1002bf7233 R09: ffffed1002bf7233 [ 178.720088] R10: ffff888015fb9193 R11: ffffed1002bf7232 R12: ffff8880139e2c00 [ 178.720835] R13: ffff888015fb91e8 R14: ffff88801022f600 R15: 0000000000000000 [ 178.721583] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.722427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.723215] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.724117] PKRU: 55555554 [ 178.724414] Call Trace: [ 178.724680] [ 178.724918] iommufd_access_destroy_object+0x65/0x170 [ 178.725478] iommufd_object_destroy_user+0x18e/0x220 [ 178.726029] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.726700] iommufd_access_destroy+0x43/0x70 [ 178.727442] iommufd_test_staccess_release+0x8d/0xd0 [ 178.727990] __fput+0x26d/0xa40 [ 178.728358] ____fput+0x1e/0x30 [ 178.728720] task_work_run+0x1a4/0x2d0 [ 178.729144] ? __pfx_task_work_run+0x10/0x10 [ 178.729617] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.730142] ? switch_task_namespaces+0xa9/0xe0 [ 178.730733] do_exit+0xb17/0x2ef0 [ 178.731326] ? lock_acquire+0x427/0x4c0 [ 178.731777] ? __pfx_lock_release+0x10/0x10 [ 178.732245] ? __kasan_check_write+0x18/0x20 [ 178.732709] ? do_raw_spin_lock+0x132/0x2a0 [ 178.733174] ? __pfx_do_exit+0x10/0x10 [ 178.733602] ? debug_smp_processor_id+0x20/0x30 [ 178.734101] ? rcu_is_watching+0x19/0xb0 [ 178.734670] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.735352] ? trace_hardirqs_on+0x26/0x120 [ 178.735825] do_group_exit+0xe0/0x2b0 [ 178.736236] __x64_sys_exit_group+0x47/0x50 [ 178.736695] do_syscall_64+0x3b/0x90 [ 178.737105] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.737881] RIP: 0033:0x7f4b87518a4d [ 178.738280] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.738957] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.739786] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.740793] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.741560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.742423] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.743322] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.744091] [ 178.744350] irq event stamp: 0 [ 178.744744] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.745557] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.746444] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.747595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.748263] ---[ end trace 0000000000000000 ]--- [ 178.749254] ------------[ cut here ]------------ [ 178.749762] WARNING: CPU: 0 PID: 1694 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.750884] Modules linked in: [ 178.751240] CPU: 0 PID: 1694 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.752392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.753592] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.754160] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.756340] RSP: 0018:ffff888016ef7b78 EFLAGS: 00010246 [ 178.756920] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.757670] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 178.758424] RBP: ffff888016ef7b98 R08: ffffed1002bf723e R09: ffffed1002bf723e [ 178.759223] R10: ffff888015fb91ef R11: ffffed1002bf723d R12: ffff888015fb9290 [ 178.759997] R13: ffff888015fb90a8 R14: ffffffffffffffff R15: ffff888016ef7c60 [ 178.760767] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.761631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.762249] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.763025] PKRU: 55555554 [ 178.763336] Call Trace: [ 178.763607] [ 178.763846] iommufd_ioas_destroy+0x53/0x70 [ 178.764308] iommufd_fops_release+0x1f7/0x370 [ 178.764789] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.765308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.765826] ? write_comp_data+0x2f/0x90 [ 178.766256] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.766801] __fput+0x26d/0xa40 [ 178.767172] ____fput+0x1e/0x30 [ 178.767525] task_work_run+0x1a4/0x2d0 [ 178.767941] ? __pfx_task_work_run+0x10/0x10 [ 178.768408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.768924] ? switch_task_namespaces+0xa9/0xe0 [ 178.769422] do_exit+0xb17/0x2ef0 [ 178.769792] ? lock_acquire+0x427/0x4c0 [ 178.770232] ? __pfx_lock_release+0x10/0x10 [ 178.770734] ? __kasan_check_write+0x18/0x20 [ 178.771213] ? do_raw_spin_lock+0x132/0x2a0 [ 178.771672] ? __pfx_do_exit+0x10/0x10 [ 178.772082] ? debug_smp_processor_id+0x20/0x30 [ 178.772579] ? rcu_is_watching+0x19/0xb0 [ 178.773020] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.773505] ? trace_hardirqs_on+0x26/0x120 [ 178.773966] do_group_exit+0xe0/0x2b0 [ 178.774362] __x64_sys_exit_group+0x47/0x50 [ 178.774846] do_syscall_64+0x3b/0x90 [ 178.775259] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.775811] RIP: 0033:0x7f4b87518a4d [ 178.776208] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.776830] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.777554] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.778228] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.778942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.779635] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.780322] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.781013] [ 178.781248] irq event stamp: 0 [ 178.781545] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.782142] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.782958] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.783751] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.784348] ---[ end trace 0000000000000000 ]--- [ 178.789828] ------------[ cut here ]------------ [ 178.790473] WARNING: CPU: 0 PID: 1695 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.791518] Modules linked in: [ 178.791823] CPU: 0 PID: 1695 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.792829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.793879] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.794378] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.796254] RSP: 0018:ffff88800f677bb8 EFLAGS: 00010246 [ 178.796764] RAX: 0000000000000000 RBX: ffff8880245a60a8 RCX: 0000000000000000 [ 178.797421] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 178.798088] RBP: ffff88800f677bd0 R08: ffffed10048b4c33 R09: ffffed10048b4c33 [ 178.798780] R10: ffff8880245a6193 R11: ffffed10048b4c32 R12: ffff888013a02c00 [ 178.799464] R13: ffff8880245a61e8 R14: ffffffff8352e670 R15: ffff88800f677e68 [ 178.800132] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.800877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.801416] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 178.802082] PKRU: 55555554 [ 178.802354] Call Trace: [ 178.802623] [ 178.802843] __iommufd_access_detach+0x1c2/0x2b0 [ 178.803315] iommufd_access_change_pt+0x149/0x270 [ 178.803788] iommufd_access_replace+0xb4/0x120 [ 178.804233] iommufd_test+0x3e5/0x37e0 [ 178.804610] ? lock_release+0x532/0x770 [ 178.804993] ? __might_fault+0x102/0x1b0 [ 178.805378] ? lock_acquire+0x427/0x4c0 [ 178.805754] ? __pfx_iommufd_test+0x10/0x10 [ 178.806151] ? __pfx_lock_release+0x10/0x10 [ 178.806585] ? __pfx_lock_acquire+0x10/0x10 [ 178.807004] ? write_comp_data+0x2f/0x90 [ 178.807408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.807862] ? write_comp_data+0x2f/0x90 [ 178.808246] iommufd_fops_ioctl+0x37d/0x510 [ 178.808646] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.809096] ? write_comp_data+0x2f/0x90 [ 178.809490] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.809936] __x64_sys_ioctl+0x1a3/0x230 [ 178.810319] do_syscall_64+0x3b/0x90 [ 178.810703] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.811203] RIP: 0033:0x7f4b8743ee5d [ 178.811546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.813212] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.813914] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.814566] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.815189] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.815810] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.816422] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.817054] [ 178.817260] irq event stamp: 0 [ 178.817535] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.818079] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.818828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.819564] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.820108] ---[ end trace 0000000000000000 ]--- [ 178.823207] ------------[ cut here ]------------ [ 178.823757] WARNING: CPU: 0 PID: 1695 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.824640] Modules linked in: [ 178.824921] CPU: 0 PID: 1695 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.825854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.826860] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.827314] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.829067] RSP: 0018:ffff88800f677bd0 EFLAGS: 00010246 [ 178.829574] RAX: 0000000000000000 RBX: ffff8880245a60a8 RCX: 0000000000000000 [ 178.830316] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 178.830962] RBP: ffff88800f677be8 R08: ffffed10048b4c33 R09: ffffed10048b4c33 [ 178.831585] R10: ffff8880245a6193 R11: ffffed10048b4c32 R12: ffff88801883e400 [ 178.832372] R13: ffff8880245a61e8 R14: ffff888012a0be00 R15: 0000000000000000 [ 178.832988] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.833688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.834370] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.835011] PKRU: 55555554 [ 178.835277] Call Trace: [ 178.835500] [ 178.835699] iommufd_access_destroy_object+0x65/0x170 [ 178.836155] iommufd_object_destroy_user+0x18e/0x220 [ 178.836784] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.837293] iommufd_access_destroy+0x43/0x70 [ 178.837697] iommufd_test_staccess_release+0x8d/0xd0 [ 178.838154] __fput+0x26d/0xa40 [ 178.838570] ____fput+0x1e/0x30 [ 178.838959] task_work_run+0x1a4/0x2d0 [ 178.839314] ? __pfx_task_work_run+0x10/0x10 [ 178.839701] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.840131] ? switch_task_namespaces+0xa9/0xe0 [ 178.840554] do_exit+0xb17/0x2ef0 [ 178.841044] ? lock_acquire+0x427/0x4c0 [ 178.841404] ? __pfx_lock_release+0x10/0x10 [ 178.841790] ? __kasan_check_write+0x18/0x20 [ 178.842185] ? do_raw_spin_lock+0x132/0x2a0 [ 178.842595] ? __pfx_do_exit+0x10/0x10 [ 178.842948] ? debug_smp_processor_id+0x20/0x30 [ 178.843534] ? rcu_is_watching+0x19/0xb0 [ 178.843892] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.844294] ? trace_hardirqs_on+0x26/0x120 [ 178.844681] do_group_exit+0xe0/0x2b0 [ 178.845018] __x64_sys_exit_group+0x47/0x50 [ 178.845562] do_syscall_64+0x3b/0x90 [ 178.845900] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.846369] RIP: 0033:0x7f4b87518a4d [ 178.846732] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.847284] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.848137] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.848755] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.849383] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.850172] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.850813] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.851447] [ 178.851653] irq event stamp: 0 [ 178.851928] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.852480] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.853215] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.854140] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.854711] ---[ end trace 0000000000000000 ]--- [ 178.855467] ------------[ cut here ]------------ [ 178.855878] WARNING: CPU: 0 PID: 1695 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.856763] Modules linked in: [ 178.857085] CPU: 0 PID: 1695 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.858017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.859020] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.859479] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.861165] RSP: 0018:ffff88800f677b78 EFLAGS: 00010246 [ 178.861747] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.862359] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 178.862993] RBP: ffff88800f677b98 R08: ffffed10048b4c3e R09: ffffed10048b4c3e [ 178.863627] R10: ffff8880245a61ef R11: ffffed10048b4c3d R12: ffff8880245a6290 [ 178.864257] R13: ffff8880245a60a8 R14: ffffffffffffffff R15: ffff88800f677c60 [ 178.865068] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.865765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.866267] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.866906] PKRU: 55555554 [ 178.867164] Call Trace: [ 178.867394] [ 178.867591] iommufd_ioas_destroy+0x53/0x70 [ 178.867976] iommufd_fops_release+0x1f7/0x370 [ 178.868371] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.868820] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.869459] ? write_comp_data+0x2f/0x90 [ 178.869822] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.870256] __fput+0x26d/0xa40 [ 178.870580] ____fput+0x1e/0x30 [ 178.870880] task_work_run+0x1a4/0x2d0 [ 178.871239] ? __pfx_task_work_run+0x10/0x10 [ 178.871628] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.872059] ? switch_task_namespaces+0xa9/0xe0 [ 178.872478] do_exit+0xb17/0x2ef0 [ 178.872846] ? lock_acquire+0x427/0x4c0 [ 178.873340] ? __pfx_lock_release+0x10/0x10 [ 178.873723] ? __kasan_check_write+0x18/0x20 [ 178.874111] ? do_raw_spin_lock+0x132/0x2a0 [ 178.874486] ? __pfx_do_exit+0x10/0x10 [ 178.874865] ? debug_smp_processor_id+0x20/0x30 [ 178.875282] ? rcu_is_watching+0x19/0xb0 [ 178.875644] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.876044] ? trace_hardirqs_on+0x26/0x120 [ 178.876428] do_group_exit+0xe0/0x2b0 [ 178.876861] __x64_sys_exit_group+0x47/0x50 [ 178.877361] do_syscall_64+0x3b/0x90 [ 178.877700] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.878154] RIP: 0033:0x7f4b87518a4d [ 178.878482] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.879057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.879738] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.880386] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.881173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.881788] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.882400] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.883043] [ 178.883255] irq event stamp: 0 [ 178.883529] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.884109] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.884995] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.885713] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.886266] ---[ end trace 0000000000000000 ]--- [ 178.891519] ------------[ cut here ]------------ [ 178.892283] WARNING: CPU: 0 PID: 1696 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.893172] Modules linked in: [ 178.893455] CPU: 0 PID: 1696 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.894226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.895493] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.895930] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.897515] RSP: 0018:ffff888023dafbb8 EFLAGS: 00010246 [ 178.897980] RAX: 0000000000000000 RBX: ffff888013e118a8 RCX: 0000000000000000 [ 178.898626] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 178.899270] RBP: ffff888023dafbd0 R08: ffffed10027c2333 R09: ffffed10027c2333 [ 178.899890] R10: ffff888013e11993 R11: ffffed10027c2332 R12: ffff888013b21000 [ 178.900509] R13: ffff888013e119e8 R14: ffffffff8352e670 R15: ffff888023dafe68 [ 178.901128] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.901824] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.902331] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 178.902976] PKRU: 55555554 [ 178.903236] Call Trace: [ 178.903461] [ 178.903660] __iommufd_access_detach+0x1c2/0x2b0 [ 178.904089] iommufd_access_change_pt+0x149/0x270 [ 178.904520] iommufd_access_replace+0xb4/0x120 [ 178.904927] iommufd_test+0x3e5/0x37e0 [ 178.905270] ? lock_release+0x532/0x770 [ 178.905628] ? __might_fault+0x102/0x1b0 [ 178.905989] ? lock_acquire+0x427/0x4c0 [ 178.906350] ? __pfx_iommufd_test+0x10/0x10 [ 178.906750] ? __pfx_lock_release+0x10/0x10 [ 178.907143] ? __pfx_lock_acquire+0x10/0x10 [ 178.907535] ? write_comp_data+0x2f/0x90 [ 178.907903] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.908337] ? write_comp_data+0x2f/0x90 [ 178.908707] iommufd_fops_ioctl+0x37d/0x510 [ 178.909091] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.909522] ? write_comp_data+0x2f/0x90 [ 178.909887] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 178.910310] __x64_sys_ioctl+0x1a3/0x230 [ 178.910703] do_syscall_64+0x3b/0x90 [ 178.911045] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.911512] RIP: 0033:0x7f4b8743ee5d [ 178.911840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 178.913423] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 178.914095] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 178.914736] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 178.915365] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 178.915984] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 178.916613] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 178.917231] [ 178.917434] irq event stamp: 0 [ 178.917703] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.918218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.918930] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.919572] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.920086] ---[ end trace 0000000000000000 ]--- [ 178.923136] ------------[ cut here ]------------ [ 178.923627] WARNING: CPU: 0 PID: 1696 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.924538] Modules linked in: [ 178.924798] CPU: 0 PID: 1696 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.925525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.926642] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.927048] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.928566] RSP: 0018:ffff888023dafbd0 EFLAGS: 00010246 [ 178.929132] RAX: 0000000000000000 RBX: ffff888013e118a8 RCX: 0000000000000000 [ 178.929731] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 178.930300] RBP: ffff888023dafbe8 R08: ffffed10027c2333 R09: ffffed10027c2333 [ 178.930925] R10: ffff888013e11993 R11: ffffed10027c2332 R12: ffff888013a02000 [ 178.931588] R13: ffff888013e119e8 R14: ffff88800b591b00 R15: 0000000000000000 [ 178.932236] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.932915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.933386] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.934130] PKRU: 55555554 [ 178.934359] Call Trace: [ 178.934587] [ 178.934770] iommufd_access_destroy_object+0x65/0x170 [ 178.935230] iommufd_object_destroy_user+0x18e/0x220 [ 178.935648] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 178.936147] iommufd_access_destroy+0x43/0x70 [ 178.936521] iommufd_test_staccess_release+0x8d/0xd0 [ 178.936944] __fput+0x26d/0xa40 [ 178.937294] ____fput+0x1e/0x30 [ 178.937684] task_work_run+0x1a4/0x2d0 [ 178.938011] ? __pfx_task_work_run+0x10/0x10 [ 178.938386] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.938811] ? switch_task_namespaces+0xa9/0xe0 [ 178.939207] do_exit+0xb17/0x2ef0 [ 178.939507] ? lock_acquire+0x427/0x4c0 [ 178.939838] ? __pfx_lock_release+0x10/0x10 [ 178.940194] ? __kasan_check_write+0x18/0x20 [ 178.940567] ? do_raw_spin_lock+0x132/0x2a0 [ 178.940920] ? __pfx_do_exit+0x10/0x10 [ 178.941285] ? debug_smp_processor_id+0x20/0x30 [ 178.941825] ? rcu_is_watching+0x19/0xb0 [ 178.942157] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.942573] ? trace_hardirqs_on+0x26/0x120 [ 178.942930] do_group_exit+0xe0/0x2b0 [ 178.943250] __x64_sys_exit_group+0x47/0x50 [ 178.943609] do_syscall_64+0x3b/0x90 [ 178.943920] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.944346] RIP: 0033:0x7f4b87518a4d [ 178.944658] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.945250] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.945975] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.946579] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.947185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.947755] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.948352] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.949106] [ 178.949321] irq event stamp: 0 [ 178.949578] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.950084] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.950830] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.951533] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.952064] ---[ end trace 0000000000000000 ]--- [ 178.952918] ------------[ cut here ]------------ [ 178.953298] WARNING: CPU: 0 PID: 1696 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 178.954159] Modules linked in: [ 178.954419] CPU: 0 PID: 1696 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.955334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.956281] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 178.956700] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 178.958200] RSP: 0018:ffff888023dafb78 EFLAGS: 00010246 [ 178.958798] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 178.959418] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 178.960002] RBP: ffff888023dafb98 R08: ffffed10027c233e R09: ffffed10027c233e [ 178.960603] R10: ffff888013e119ef R11: ffffed10027c233d R12: ffff888013e11a90 [ 178.961191] R13: ffff888013e118a8 R14: ffffffffffffffff R15: ffff888023dafc60 [ 178.961814] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.962643] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.963112] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 178.963711] PKRU: 55555554 [ 178.963941] Call Trace: [ 178.964148] [ 178.964332] iommufd_ioas_destroy+0x53/0x70 [ 178.964688] iommufd_fops_release+0x1f7/0x370 [ 178.965133] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.965659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.966062] ? write_comp_data+0x2f/0x90 [ 178.966400] ? __pfx_iommufd_fops_release+0x10/0x10 [ 178.966827] __fput+0x26d/0xa40 [ 178.967111] ____fput+0x1e/0x30 [ 178.967401] task_work_run+0x1a4/0x2d0 [ 178.967728] ? __pfx_task_work_run+0x10/0x10 [ 178.968238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 178.968644] ? switch_task_namespaces+0xa9/0xe0 [ 178.969035] do_exit+0xb17/0x2ef0 [ 178.969322] ? lock_acquire+0x427/0x4c0 [ 178.969657] ? __pfx_lock_release+0x10/0x10 [ 178.970012] ? __kasan_check_write+0x18/0x20 [ 178.970562] ? do_raw_spin_lock+0x132/0x2a0 [ 178.970915] ? __pfx_do_exit+0x10/0x10 [ 178.971252] ? debug_smp_processor_id+0x20/0x30 [ 178.971644] ? rcu_is_watching+0x19/0xb0 [ 178.971993] ? _raw_spin_unlock_irq+0x2b/0x60 [ 178.972380] ? trace_hardirqs_on+0x26/0x120 [ 178.972753] do_group_exit+0xe0/0x2b0 [ 178.973109] __x64_sys_exit_group+0x47/0x50 [ 178.973628] do_syscall_64+0x3b/0x90 [ 178.973960] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 178.974406] RIP: 0033:0x7f4b87518a4d [ 178.974749] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 178.975277] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 178.976091] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 178.976691] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 178.977288] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 178.978056] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 178.978699] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 178.979330] [ 178.979533] irq event stamp: 0 [ 178.979843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 178.980494] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 178.981203] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 178.982001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 178.982633] ---[ end trace 0000000000000000 ]--- [ 178.987132] ------------[ cut here ]------------ [ 178.987559] WARNING: CPU: 0 PID: 1697 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 178.988426] Modules linked in: [ 178.988706] CPU: 0 PID: 1697 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 178.989454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 178.990748] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 178.991190] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 178.992741] RSP: 0018:ffff88800efa7bb8 EFLAGS: 00010246 [ 178.993196] RAX: 0000000000000000 RBX: ffff888011d990a8 RCX: 0000000000000000 [ 178.993960] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 178.994599] RBP: ffff88800efa7bd0 R08: ffffed10023b3233 R09: ffffed10023b3233 [ 178.995222] R10: ffff888011d99193 R11: ffffed10023b3232 R12: ffff888014390c00 [ 178.995831] R13: ffff888011d991e8 R14: ffffffff8352e670 R15: ffff88800efa7e68 [ 178.996437] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 178.997126] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.997621] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 178.998235] PKRU: 55555554 [ 178.998477] Call Trace: [ 178.998717] [ 178.998915] __iommufd_access_detach+0x1c2/0x2b0 [ 178.999349] iommufd_access_change_pt+0x149/0x270 [ 178.999773] iommufd_access_replace+0xb4/0x120 [ 179.000179] iommufd_test+0x3e5/0x37e0 [ 179.000515] ? lock_release+0x532/0x770 [ 179.000866] ? __might_fault+0x102/0x1b0 [ 179.001220] ? lock_acquire+0x427/0x4c0 [ 179.001572] ? __pfx_iommufd_test+0x10/0x10 [ 179.001937] ? __pfx_lock_release+0x10/0x10 [ 179.002311] ? __pfx_lock_acquire+0x10/0x10 [ 179.002708] ? write_comp_data+0x2f/0x90 [ 179.003067] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.003497] ? write_comp_data+0x2f/0x90 [ 179.003860] iommufd_fops_ioctl+0x37d/0x510 [ 179.004235] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.004657] ? write_comp_data+0x2f/0x90 [ 179.005021] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.005440] __x64_sys_ioctl+0x1a3/0x230 [ 179.005806] do_syscall_64+0x3b/0x90 [ 179.006143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.006614] RIP: 0033:0x7f4b8743ee5d [ 179.006935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.008511] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.009159] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.009765] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.010370] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.011000] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.011626] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.012239] [ 179.012440] irq event stamp: 0 [ 179.012713] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.013249] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.013929] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.014623] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.015141] ---[ end trace 0000000000000000 ]--- [ 179.018168] ------------[ cut here ]------------ [ 179.018684] WARNING: CPU: 0 PID: 1697 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.019527] Modules linked in: [ 179.019793] CPU: 0 PID: 1697 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.020686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.021594] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.022006] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.023665] RSP: 0018:ffff88800efa7bd0 EFLAGS: 00010246 [ 179.024101] RAX: 0000000000000000 RBX: ffff888011d990a8 RCX: 0000000000000000 [ 179.024826] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 179.025404] RBP: ffff88800efa7be8 R08: ffffed10023b3233 R09: ffffed10023b3233 [ 179.025985] R10: ffff888011d99193 R11: ffffed10023b3232 R12: ffff888013b23400 [ 179.026734] R13: ffff888011d991e8 R14: ffff888010fd7200 R15: 0000000000000000 [ 179.027326] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.027975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.028444] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.029023] PKRU: 55555554 [ 179.029259] Call Trace: [ 179.029494] [ 179.029750] iommufd_access_destroy_object+0x65/0x170 [ 179.030301] iommufd_object_destroy_user+0x18e/0x220 [ 179.030752] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.031246] iommufd_access_destroy+0x43/0x70 [ 179.031623] iommufd_test_staccess_release+0x8d/0xd0 [ 179.032043] __fput+0x26d/0xa40 [ 179.032330] ____fput+0x1e/0x30 [ 179.032608] task_work_run+0x1a4/0x2d0 [ 179.032937] ? __pfx_task_work_run+0x10/0x10 [ 179.033328] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.033887] ? switch_task_namespaces+0xa9/0xe0 [ 179.034280] do_exit+0xb17/0x2ef0 [ 179.034587] ? lock_acquire+0x427/0x4c0 [ 179.034922] ? __pfx_lock_release+0x10/0x10 [ 179.035292] ? __kasan_check_write+0x18/0x20 [ 179.035656] ? do_raw_spin_lock+0x132/0x2a0 [ 179.036013] ? __pfx_do_exit+0x10/0x10 [ 179.036339] ? debug_smp_processor_id+0x20/0x30 [ 179.036722] ? rcu_is_watching+0x19/0xb0 [ 179.037108] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.037592] ? trace_hardirqs_on+0x26/0x120 [ 179.037957] do_group_exit+0xe0/0x2b0 [ 179.038271] __x64_sys_exit_group+0x47/0x50 [ 179.038672] do_syscall_64+0x3b/0x90 [ 179.038991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.039435] RIP: 0033:0x7f4b87518a4d [ 179.039742] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.040239] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.040883] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.041612] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.042190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.042784] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.043375] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.043959] [ 179.044152] irq event stamp: 0 [ 179.044443] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.045108] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.045792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.046466] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.047010] ---[ end trace 0000000000000000 ]--- [ 179.047740] ------------[ cut here ]------------ [ 179.048214] WARNING: CPU: 0 PID: 1697 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.049175] Modules linked in: [ 179.049443] CPU: 0 PID: 1697 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.050146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.051128] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.051687] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.053165] RSP: 0018:ffff88800efa7b78 EFLAGS: 00010246 [ 179.053762] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.054341] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 179.054942] RBP: ffff88800efa7b98 R08: ffffed10023b323e R09: ffffed10023b323e [ 179.055557] R10: ffff888011d991ef R11: ffffed10023b323d R12: ffff888011d99290 [ 179.056276] R13: ffff888011d990a8 R14: ffffffffffffffff R15: ffff88800efa7c60 [ 179.056865] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.057553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.058129] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.058730] PKRU: 55555554 [ 179.058966] Call Trace: [ 179.059188] [ 179.059373] iommufd_ioas_destroy+0x53/0x70 [ 179.059792] iommufd_fops_release+0x1f7/0x370 [ 179.060309] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.060742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.061166] ? write_comp_data+0x2f/0x90 [ 179.061527] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.062130] __fput+0x26d/0xa40 [ 179.062428] ____fput+0x1e/0x30 [ 179.062739] task_work_run+0x1a4/0x2d0 [ 179.063085] ? __pfx_task_work_run+0x10/0x10 [ 179.063483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.063902] ? switch_task_namespaces+0xa9/0xe0 [ 179.064313] do_exit+0xb17/0x2ef0 [ 179.064615] ? lock_acquire+0x427/0x4c0 [ 179.065003] ? __pfx_lock_release+0x10/0x10 [ 179.065550] ? __kasan_check_write+0x18/0x20 [ 179.065935] ? do_raw_spin_lock+0x132/0x2a0 [ 179.066309] ? __pfx_do_exit+0x10/0x10 [ 179.066682] ? debug_smp_processor_id+0x20/0x30 [ 179.067088] ? rcu_is_watching+0x19/0xb0 [ 179.067452] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.067854] ? trace_hardirqs_on+0x26/0x120 [ 179.068239] do_group_exit+0xe0/0x2b0 [ 179.068577] __x64_sys_exit_group+0x47/0x50 [ 179.069000] do_syscall_64+0x3b/0x90 [ 179.069485] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.069942] RIP: 0033:0x7f4b87518a4d [ 179.070263] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.070819] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.071483] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.072091] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.072733] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.073492] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.074106] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.074757] [ 179.074961] irq event stamp: 0 [ 179.075242] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.075783] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.076514] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.077384] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.077925] ---[ end trace 0000000000000000 ]--- [ 179.081937] ------------[ cut here ]------------ [ 179.082380] WARNING: CPU: 0 PID: 1698 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.083362] Modules linked in: [ 179.083727] CPU: 0 PID: 1698 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.084472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.085424] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.085848] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.087647] RSP: 0018:ffff888023dafbb8 EFLAGS: 00010246 [ 179.088111] RAX: 0000000000000000 RBX: ffff88800b8130a8 RCX: 0000000000000000 [ 179.088719] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 179.089322] RBP: ffff888023dafbd0 R08: ffffed1001702633 R09: ffffed1001702633 [ 179.089930] R10: ffff88800b813193 R11: ffffed1001702632 R12: ffff8880129c7c00 [ 179.090560] R13: ffff88800b8131e8 R14: ffffffff8352e670 R15: ffff888023dafe68 [ 179.091184] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.091871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.092370] CR2: 00007f4b877410e8 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 179.092988] PKRU: 55555554 [ 179.093234] Call Trace: [ 179.093456] [ 179.093650] __iommufd_access_detach+0x1c2/0x2b0 [ 179.094075] iommufd_access_change_pt+0x149/0x270 [ 179.094498] iommufd_access_replace+0xb4/0x120 [ 179.094927] iommufd_test+0x3e5/0x37e0 [ 179.095273] ? lock_release+0x532/0x770 [ 179.095624] ? __might_fault+0x102/0x1b0 [ 179.095975] ? lock_acquire+0x427/0x4c0 [ 179.096320] ? __pfx_iommufd_test+0x10/0x10 [ 179.096689] ? __pfx_lock_release+0x10/0x10 [ 179.097061] ? __pfx_lock_acquire+0x10/0x10 [ 179.097438] ? write_comp_data+0x2f/0x90 [ 179.097790] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.098207] ? write_comp_data+0x2f/0x90 [ 179.098585] iommufd_fops_ioctl+0x37d/0x510 [ 179.098958] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.099386] ? write_comp_data+0x2f/0x90 [ 179.099739] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.100150] __x64_sys_ioctl+0x1a3/0x230 [ 179.100504] do_syscall_64+0x3b/0x90 [ 179.100829] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.101275] RIP: 0033:0x7f4b8743ee5d [ 179.101596] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.103156] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.103805] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.104405] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.105008] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.105624] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.106225] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.106855] [ 179.107056] irq event stamp: 0 [ 179.107335] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.107865] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.108569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.109271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.109802] ---[ end trace 0000000000000000 ]--- [ 179.112944] ------------[ cut here ]------------ [ 179.113433] WARNING: CPU: 0 PID: 1698 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.114410] Modules linked in: [ 179.114720] CPU: 0 PID: 1698 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.115475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.116599] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.117023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.118762] RSP: 0018:ffff888023dafbd0 EFLAGS: 00010246 [ 179.119225] RAX: 0000000000000000 RBX: ffff88800b8130a8 RCX: 0000000000000000 [ 179.120020] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 179.120630] RBP: ffff888023dafbe8 R08: ffffed1001702633 R09: ffffed1001702633 [ 179.121237] R10: ffff88800b813193 R11: ffffed1001702632 R12: ffff888014393c00 [ 179.122013] R13: ffff88800b8131e8 R14: ffff8880178e6100 R15: 0000000000000000 [ 179.122639] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.123341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.123916] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.124618] PKRU: 55555554 [ 179.124860] Call Trace: [ 179.125080] [ 179.125274] iommufd_access_destroy_object+0x65/0x170 [ 179.125805] iommufd_object_destroy_user+0x18e/0x220 [ 179.126326] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.126845] iommufd_access_destroy+0x43/0x70 [ 179.127256] iommufd_test_staccess_release+0x8d/0xd0 [ 179.127702] __fput+0x26d/0xa40 [ 179.128000] ____fput+0x1e/0x30 [ 179.128300] task_work_run+0x1a4/0x2d0 [ 179.128646] ? __pfx_task_work_run+0x10/0x10 [ 179.129029] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.129452] ? switch_task_namespaces+0xa9/0xe0 [ 179.129862] do_exit+0xb17/0x2ef0 [ 179.130159] ? lock_acquire+0x427/0x4c0 [ 179.130540] ? __pfx_lock_release+0x10/0x10 [ 179.130919] ? __kasan_check_write+0x18/0x20 [ 179.131313] ? do_raw_spin_lock+0x132/0x2a0 [ 179.131679] ? __pfx_do_exit+0x10/0x10 [ 179.132015] ? debug_smp_processor_id+0x20/0x30 [ 179.132417] ? rcu_is_watching+0x19/0xb0 [ 179.132767] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.133158] ? trace_hardirqs_on+0x26/0x120 [ 179.133534] do_group_exit+0xe0/0x2b0 [ 179.133858] __x64_sys_exit_group+0x47/0x50 [ 179.134222] do_syscall_64+0x3b/0x90 [ 179.134570] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.135020] RIP: 0033:0x7f4b87518a4d [ 179.135349] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.135867] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.136514] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.137112] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.137713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.138331] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.138967] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.139591] [ 179.139793] irq event stamp: 0 [ 179.140062] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.140599] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.141319] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.142023] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.142585] ---[ end trace 0000000000000000 ]--- [ 179.143343] ------------[ cut here ]------------ [ 179.143751] WARNING: CPU: 0 PID: 1698 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.144615] Modules linked in: [ 179.144890] CPU: 0 PID: 1698 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.145633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.146618] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.147059] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.148606] RSP: 0018:ffff888023dafb78 EFLAGS: 00010246 [ 179.149060] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.149657] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 179.150255] RBP: ffff888023dafb98 R08: ffffed100170263e R09: ffffed100170263e [ 179.150895] R10: ffff88800b8131ef R11: ffffed100170263d R12: ffff88800b813290 [ 179.151511] R13: ffff88800b8130a8 R14: ffffffffffffffff R15: ffff888023dafc60 [ 179.152107] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.152788] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.153276] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.153873] PKRU: 55555554 [ 179.154114] Call Trace: [ 179.154333] [ 179.154548] iommufd_ioas_destroy+0x53/0x70 [ 179.154930] iommufd_fops_release+0x1f7/0x370 [ 179.155329] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.155756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.156180] ? write_comp_data+0x2f/0x90 [ 179.156534] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.156966] __fput+0x26d/0xa40 [ 179.157260] ____fput+0x1e/0x30 [ 179.157554] task_work_run+0x1a4/0x2d0 [ 179.157892] ? __pfx_task_work_run+0x10/0x10 [ 179.158270] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.158716] ? switch_task_namespaces+0xa9/0xe0 [ 179.159131] do_exit+0xb17/0x2ef0 [ 179.159437] ? lock_acquire+0x427/0x4c0 [ 179.159789] ? __pfx_lock_release+0x10/0x10 [ 179.160163] ? __kasan_check_write+0x18/0x20 [ 179.160541] ? do_raw_spin_lock+0x132/0x2a0 [ 179.160910] ? __pfx_do_exit+0x10/0x10 [ 179.161247] ? debug_smp_processor_id+0x20/0x30 [ 179.161642] ? rcu_is_watching+0x19/0xb0 [ 179.161988] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.162376] ? trace_hardirqs_on+0x26/0x120 [ 179.162779] do_group_exit+0xe0/0x2b0 [ 179.163109] __x64_sys_exit_group+0x47/0x50 [ 179.163485] do_syscall_64+0x3b/0x90 [ 179.163812] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.164259] RIP: 0033:0x7f4b87518a4d [ 179.164574] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.165094] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.165731] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.166329] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.166961] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.167573] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.168172] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.168786] [ 179.168984] irq event stamp: 0 [ 179.169248] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.169780] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.170483] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.171230] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.171762] ---[ end trace 0000000000000000 ]--- [ 179.176275] ------------[ cut here ]------------ [ 179.176715] WARNING: CPU: 0 PID: 1699 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.177569] Modules linked in: [ 179.177838] CPU: 0 PID: 1699 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.178780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.179742] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.180162] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.181694] RSP: 0018:ffff88800f7f7bb8 EFLAGS: 00010246 [ 179.182140] RAX: 0000000000000000 RBX: ffff8880219e10a8 RCX: 0000000000000000 [ 179.182757] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 179.183370] RBP: ffff88800f7f7bd0 R08: ffffed100433c233 R09: ffffed100433c233 [ 179.183972] R10: ffff8880219e1193 R11: ffffed100433c232 R12: ffff88801341fc00 [ 179.184572] R13: ffff8880219e11e8 R14: ffffffff8352e670 R15: ffff88800f7f7e68 [ 179.185173] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.185849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.186337] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 179.186961] PKRU: 55555554 [ 179.187216] Call Trace: [ 179.187435] [ 179.187629] __iommufd_access_detach+0x1c2/0x2b0 [ 179.188049] iommufd_access_change_pt+0x149/0x270 [ 179.188467] iommufd_access_replace+0xb4/0x120 [ 179.188863] iommufd_test+0x3e5/0x37e0 [ 179.189196] ? lock_release+0x532/0x770 [ 179.189548] ? __might_fault+0x102/0x1b0 [ 179.189903] ? lock_acquire+0x427/0x4c0 [ 179.190253] ? __pfx_iommufd_test+0x10/0x10 [ 179.190635] ? __pfx_lock_release+0x10/0x10 [ 179.191009] ? __pfx_lock_acquire+0x10/0x10 [ 179.191394] ? write_comp_data+0x2f/0x90 [ 179.191757] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.192171] ? write_comp_data+0x2f/0x90 [ 179.192523] iommufd_fops_ioctl+0x37d/0x510 [ 179.192891] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.193302] ? write_comp_data+0x2f/0x90 [ 179.193650] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.194055] __x64_sys_ioctl+0x1a3/0x230 [ 179.194406] do_syscall_64+0x3b/0x90 [ 179.194753] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.195208] RIP: 0033:0x7f4b8743ee5d [ 179.195506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.196901] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.197488] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.198033] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.198605] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.199158] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.199707] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.200272] [ 179.200455] irq event stamp: 0 [ 179.200701] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.201187] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.201830] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.202467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.202989] ---[ end trace 0000000000000000 ]--- [ 179.205673] ------------[ cut here ]------------ [ 179.206063] WARNING: CPU: 0 PID: 1699 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.206873] Modules linked in: [ 179.207137] CPU: 0 PID: 1699 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.207808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.208669] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.209055] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.210451] RSP: 0018:ffff88800f7f7bd0 EFLAGS: 00010246 [ 179.210883] RAX: 0000000000000000 RBX: ffff8880219e10a8 RCX: 0000000000000000 [ 179.211462] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 179.212044] RBP: ffff88800f7f7be8 R08: ffffed100433c233 R09: ffffed100433c233 [ 179.212635] R10: ffff8880219e1193 R11: ffffed100433c232 R12: ffff8880129c6c00 [ 179.213222] R13: ffff8880219e11e8 R14: ffff888020985300 R15: 0000000000000000 [ 179.213809] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.214474] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.214983] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.215585] PKRU: 55555554 [ 179.215823] Call Trace: [ 179.216041] [ 179.216229] iommufd_access_destroy_object+0x65/0x170 [ 179.216663] iommufd_object_destroy_user+0x18e/0x220 [ 179.217091] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.217587] iommufd_access_destroy+0x43/0x70 [ 179.217972] iommufd_test_staccess_release+0x8d/0xd0 [ 179.218402] __fput+0x26d/0xa40 [ 179.218717] ____fput+0x1e/0x30 [ 179.219002] task_work_run+0x1a4/0x2d0 [ 179.219345] ? __pfx_task_work_run+0x10/0x10 [ 179.219719] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.220130] ? switch_task_namespaces+0xa9/0xe0 [ 179.220531] do_exit+0xb17/0x2ef0 [ 179.220825] ? lock_acquire+0x427/0x4c0 [ 179.221165] ? __pfx_lock_release+0x10/0x10 [ 179.221534] ? __kasan_check_write+0x18/0x20 [ 179.221904] ? do_raw_spin_lock+0x132/0x2a0 [ 179.222266] ? __pfx_do_exit+0x10/0x10 [ 179.222621] ? debug_smp_processor_id+0x20/0x30 [ 179.223018] ? rcu_is_watching+0x19/0xb0 [ 179.223371] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.223759] ? trace_hardirqs_on+0x26/0x120 [ 179.224129] do_group_exit+0xe0/0x2b0 [ 179.224456] __x64_sys_exit_group+0x47/0x50 [ 179.224820] do_syscall_64+0x3b/0x90 [ 179.225139] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.225574] RIP: 0033:0x7f4b87518a4d [ 179.225884] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.226392] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.227051] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.227652] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.228243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.228835] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.229428] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.230028] [ 179.230225] irq event stamp: 0 [ 179.230489] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.231051] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.231759] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.232452] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.232977] ---[ end trace 0000000000000000 ]--- [ 179.233705] ------------[ cut here ]------------ [ 179.234099] WARNING: CPU: 0 PID: 1699 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.234972] Modules linked in: [ 179.235262] CPU: 0 PID: 1699 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.235992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.236928] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.237360] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.238900] RSP: 0018:ffff88800f7f7b78 EFLAGS: 00010246 [ 179.239365] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.239971] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 179.240572] RBP: ffff88800f7f7b98 R08: ffffed100433c23e R09: ffffed100433c23e [ 179.241183] R10: ffff8880219e11ef R11: ffffed100433c23d R12: ffff8880219e1290 [ 179.241792] R13: ffff8880219e10a8 R14: ffffffffffffffff R15: ffff88800f7f7c60 [ 179.242410] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.243146] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.243613] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.244170] PKRU: 55555554 [ 179.244391] Call Trace: [ 179.244592] [ 179.244772] iommufd_ioas_destroy+0x53/0x70 [ 179.245117] iommufd_fops_release+0x1f7/0x370 [ 179.245474] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.245869] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.246263] ? write_comp_data+0x2f/0x90 [ 179.246619] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.247019] __fput+0x26d/0xa40 [ 179.247306] ____fput+0x1e/0x30 [ 179.247574] task_work_run+0x1a4/0x2d0 [ 179.247888] ? __pfx_task_work_run+0x10/0x10 [ 179.248237] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.248624] ? switch_task_namespaces+0xa9/0xe0 [ 179.249003] do_exit+0xb17/0x2ef0 [ 179.249281] ? lock_acquire+0x427/0x4c0 [ 179.249601] ? __pfx_lock_release+0x10/0x10 [ 179.249947] ? __kasan_check_write+0x18/0x20 [ 179.250297] ? do_raw_spin_lock+0x132/0x2a0 [ 179.250662] ? __pfx_do_exit+0x10/0x10 [ 179.250980] ? debug_smp_processor_id+0x20/0x30 [ 179.251364] ? rcu_is_watching+0x19/0xb0 [ 179.251688] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.252052] ? trace_hardirqs_on+0x26/0x120 [ 179.252401] do_group_exit+0xe0/0x2b0 [ 179.252706] __x64_sys_exit_group+0x47/0x50 [ 179.253054] do_syscall_64+0x3b/0x90 [ 179.253365] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.253793] RIP: 0033:0x7f4b87518a4d [ 179.254097] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.254640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.255276] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.255863] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.256442] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.257021] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.257601] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.258194] [ 179.258387] irq event stamp: 0 [ 179.258669] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.259212] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.259912] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.260601] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.261124] ---[ end trace 0000000000000000 ]--- [ 179.267295] ------------[ cut here ]------------ [ 179.267887] WARNING: CPU: 1 PID: 1700 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.269026] Modules linked in: [ 179.269396] CPU: 1 PID: 1700 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.270375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.271699] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.272275] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.274302] RSP: 0018:ffff888013fafbb8 EFLAGS: 00010246 [ 179.274938] RAX: 0000000000000000 RBX: ffff88800fcd00a8 RCX: 0000000000000000 [ 179.275768] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 179.276573] RBP: ffff888013fafbd0 R08: ffffed1001f9a033 R09: ffffed1001f9a033 [ 179.277378] R10: ffff88800fcd0193 R11: ffffed1001f9a032 R12: ffff888014581000 [ 179.278191] R13: ffff88800fcd01e8 R14: ffffffff8352e670 R15: ffff888013fafe68 [ 179.279044] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 179.279994] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.280666] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 179.281484] PKRU: 55555554 [ 179.281821] Call Trace: [ 179.282123] [ 179.282394] __iommufd_access_detach+0x1c2/0x2b0 [ 179.283016] iommufd_access_change_pt+0x149/0x270 [ 179.283614] iommufd_access_replace+0xb4/0x120 [ 179.284161] iommufd_test+0x3e5/0x37e0 [ 179.284617] ? lock_release+0x532/0x770 [ 179.285094] ? __might_fault+0x102/0x1b0 [ 179.285575] ? lock_acquire+0x427/0x4c0 [ 179.286051] ? __pfx_iommufd_test+0x10/0x10 [ 179.286590] ? __pfx_lock_release+0x10/0x10 [ 179.287108] ? __pfx_lock_acquire+0x10/0x10 [ 179.287643] ? write_comp_data+0x2f/0x90 [ 179.288128] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.288702] ? write_comp_data+0x2f/0x90 [ 179.289188] iommufd_fops_ioctl+0x37d/0x510 [ 179.289701] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.290275] ? write_comp_data+0x2f/0x90 [ 179.290796] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.291386] __x64_sys_ioctl+0x1a3/0x230 [ 179.291875] do_syscall_64+0x3b/0x90 [ 179.292322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.292935] RIP: 0033:0x7f4b8743ee5d [ 179.293386] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.295580] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.296487] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.297326] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.298161] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.299029] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.299891] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.300744] [ 179.301027] irq event stamp: 0 [ 179.301406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.302152] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.303189] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.304171] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.304912] ---[ end trace 0000000000000000 ]--- [ 179.308709] ------------[ cut here ]------------ [ 179.309163] WARNING: CPU: 1 PID: 1700 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.310039] Modules linked in: [ 179.310317] CPU: 1 PID: 1700 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.311247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.312290] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.312724] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.314296] RSP: 0018:ffff888013fafbd0 EFLAGS: 00010246 [ 179.314799] RAX: 0000000000000000 RBX: ffff88800fcd00a8 RCX: 0000000000000000 [ 179.315491] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 179.316112] RBP: ffff888013fafbe8 R08: ffffed1001f9a033 R09: ffffed1001f9a033 [ 179.316745] R10: ffff88800fcd0193 R11: ffffed1001f9a032 R12: ffff88801890d000 [ 179.317375] R13: ffff88800fcd01e8 R14: ffff8880139bcc00 R15: 0000000000000000 [ 179.318008] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 179.318749] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.319364] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 179.319997] PKRU: 55555554 [ 179.320249] Call Trace: [ 179.320474] [ 179.320675] iommufd_access_destroy_object+0x65/0x170 [ 179.321144] iommufd_object_destroy_user+0x18e/0x220 [ 179.321598] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.322125] iommufd_access_destroy+0x43/0x70 [ 179.322564] iommufd_test_staccess_release+0x8d/0xd0 [ 179.323129] __fput+0x26d/0xa40 [ 179.323453] ____fput+0x1e/0x30 [ 179.323763] task_work_run+0x1a4/0x2d0 [ 179.324126] ? __pfx_task_work_run+0x10/0x10 [ 179.324526] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.324959] ? switch_task_namespaces+0xa9/0xe0 [ 179.325390] do_exit+0xb17/0x2ef0 [ 179.325695] ? lock_acquire+0x427/0x4c0 [ 179.326051] ? __pfx_lock_release+0x10/0x10 [ 179.326443] ? __kasan_check_write+0x18/0x20 [ 179.326869] ? do_raw_spin_lock+0x132/0x2a0 [ 179.327355] ? __pfx_do_exit+0x10/0x10 [ 179.327751] ? debug_smp_processor_id+0x20/0x30 [ 179.328163] ? rcu_is_watching+0x19/0xb0 [ 179.328527] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.328939] ? trace_hardirqs_on+0x26/0x120 [ 179.329328] do_group_exit+0xe0/0x2b0 [ 179.329670] __x64_sys_exit_group+0x47/0x50 [ 179.330056] do_syscall_64+0x3b/0x90 [ 179.330397] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.330900] RIP: 0033:0x7f4b87518a4d [ 179.331331] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.331882] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.332548] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.333175] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.333811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.334441] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.335104] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.335834] [ 179.336045] irq event stamp: 0 [ 179.336329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.336892] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.337624] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.338363] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.338969] ---[ end trace 0000000000000000 ]--- [ 179.339838] ------------[ cut here ]------------ [ 179.340276] WARNING: CPU: 1 PID: 1700 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.341170] Modules linked in: [ 179.341451] CPU: 1 PID: 1700 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.342218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.343248] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.343786] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.345383] RSP: 0018:ffff888013fafb78 EFLAGS: 00010246 [ 179.345847] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.346468] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 179.347147] RBP: ffff888013fafb98 R08: ffffed1001f9a03e R09: ffffed1001f9a03e [ 179.347846] R10: ffff88800fcd01ef R11: ffffed1001f9a03d R12: ffff88800fcd0290 [ 179.348464] R13: ffff88800fcd00a8 R14: ffffffffffffffff R15: ffff888013fafc60 [ 179.349092] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 179.349798] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.350298] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 179.350953] PKRU: 55555554 [ 179.351272] Call Trace: [ 179.351524] [ 179.351728] iommufd_ioas_destroy+0x53/0x70 [ 179.352124] iommufd_fops_release+0x1f7/0x370 [ 179.352525] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.352974] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.353404] ? write_comp_data+0x2f/0x90 [ 179.353765] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.354210] __fput+0x26d/0xa40 [ 179.354544] ____fput+0x1e/0x30 [ 179.354913] task_work_run+0x1a4/0x2d0 [ 179.355333] ? __pfx_task_work_run+0x10/0x10 [ 179.355740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.356175] ? switch_task_namespaces+0xa9/0xe0 [ 179.356603] do_exit+0xb17/0x2ef0 [ 179.356911] ? lock_acquire+0x427/0x4c0 [ 179.357272] ? __pfx_lock_release+0x10/0x10 [ 179.357668] ? __kasan_check_write+0x18/0x20 [ 179.358062] ? do_raw_spin_lock+0x132/0x2a0 [ 179.358458] ? __pfx_do_exit+0x10/0x10 [ 179.358847] ? debug_smp_processor_id+0x20/0x30 [ 179.359375] ? rcu_is_watching+0x19/0xb0 [ 179.359762] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.360164] ? trace_hardirqs_on+0x26/0x120 [ 179.360557] do_group_exit+0xe0/0x2b0 [ 179.360903] __x64_sys_exit_group+0x47/0x50 [ 179.361281] do_syscall_64+0x3b/0x90 [ 179.361621] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.362089] RIP: 0033:0x7f4b87518a4d [ 179.362426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.363256] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.363938] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.364567] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.365183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.365801] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.366415] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.367063] [ 179.367286] irq event stamp: 0 [ 179.367573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.368140] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.369185] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.369914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.370464] ---[ end trace 0000000000000000 ]--- [ 179.378149] ------------[ cut here ]------------ [ 179.378896] WARNING: CPU: 1 PID: 1701 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.380606] Modules linked in: [ 179.381034] CPU: 1 PID: 1701 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.382170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.383881] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.384516] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.387074] RSP: 0018:ffff88801806fbb8 EFLAGS: 00010246 [ 179.387898] RAX: 0000000000000000 RBX: ffff888017a9b0a8 RCX: 0000000000000000 [ 179.388839] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 179.389708] RBP: ffff88801806fbd0 R08: ffffed1002f53633 R09: ffffed1002f53633 [ 179.390856] R10: ffff888017a9b193 R11: ffffed1002f53632 R12: ffff8880139e0400 [ 179.391761] R13: ffff888017a9b1e8 R14: ffffffff8352e670 R15: ffff88801806fe68 [ 179.392644] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 179.393827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.394593] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 179.395550] PKRU: 55555554 [ 179.396148] Call Trace: [ 179.396486] [ 179.396777] __iommufd_access_detach+0x1c2/0x2b0 [ 179.397393] iommufd_access_change_pt+0x149/0x270 [ 179.398023] iommufd_access_replace+0xb4/0x120 [ 179.398717] iommufd_test+0x3e5/0x37e0 [ 179.399261] ? lock_release+0x532/0x770 [ 179.399916] ? __might_fault+0x102/0x1b0 [ 179.400524] ? lock_acquire+0x427/0x4c0 [ 179.401031] ? __pfx_iommufd_test+0x10/0x10 [ 179.401570] ? __pfx_lock_release+0x10/0x10 [ 179.402122] ? __pfx_lock_acquire+0x10/0x10 [ 179.403093] ? write_comp_data+0x2f/0x90 [ 179.403609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.404087] ? write_comp_data+0x2f/0x90 [ 179.404465] iommufd_fops_ioctl+0x37d/0x510 [ 179.404913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.405617] ? write_comp_data+0x2f/0x90 [ 179.406234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.406877] __x64_sys_ioctl+0x1a3/0x230 [ 179.407400] do_syscall_64+0x3b/0x90 [ 179.407847] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.408473] RIP: 0033:0x7f4b8743ee5d [ 179.409070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.411956] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.412892] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.413763] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.415055] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.415977] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.416860] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.418122] [ 179.418425] irq event stamp: 0 [ 179.418889] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.419711] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.421061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.422080] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.422979] ---[ end trace 0000000000000000 ]--- [ 179.428510] ------------[ cut here ]------------ [ 179.429012] WARNING: CPU: 1 PID: 1701 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.429943] Modules linked in: [ 179.430280] CPU: 1 PID: 1701 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.431445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.432498] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.432964] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.434918] RSP: 0018:ffff88801806fbd0 EFLAGS: 00010246 [ 179.435434] RAX: 0000000000000000 RBX: ffff888017a9b0a8 RCX: 0000000000000000 [ 179.436099] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 179.436979] RBP: ffff88801806fbe8 R08: ffffed1002f53633 R09: ffffed1002f53633 [ 179.437657] R10: ffff888017a9b193 R11: ffffed1002f53632 R12: ffff888014580400 [ 179.438324] R13: ffff888017a9b1e8 R14: ffff88800f90bf00 R15: 0000000000000000 [ 179.439043] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 179.439987] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.440593] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 179.441259] PKRU: 55555554 [ 179.441525] Call Trace: [ 179.441762] [ 179.441977] iommufd_access_destroy_object+0x65/0x170 [ 179.442501] iommufd_object_destroy_user+0x18e/0x220 [ 179.443201] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.443758] iommufd_access_destroy+0x43/0x70 [ 179.444198] iommufd_test_staccess_release+0x8d/0xd0 [ 179.444690] __fput+0x26d/0xa40 [ 179.445023] ____fput+0x1e/0x30 [ 179.445349] task_work_run+0x1a4/0x2d0 [ 179.445748] ? __pfx_task_work_run+0x10/0x10 [ 179.446351] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.446853] ? switch_task_namespaces+0xa9/0xe0 [ 179.447318] do_exit+0xb17/0x2ef0 [ 179.447649] ? lock_acquire+0x427/0x4c0 [ 179.448036] ? __pfx_lock_release+0x10/0x10 [ 179.448455] ? __kasan_check_write+0x18/0x20 [ 179.448882] ? do_raw_spin_lock+0x132/0x2a0 [ 179.449468] ? __pfx_do_exit+0x10/0x10 [ 179.449850] ? debug_smp_processor_id+0x20/0x30 [ 179.450303] ? rcu_is_watching+0x19/0xb0 [ 179.450717] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.451170] ? trace_hardirqs_on+0x26/0x120 [ 179.451591] do_group_exit+0xe0/0x2b0 [ 179.451960] __x64_sys_exit_group+0x47/0x50 [ 179.452465] do_syscall_64+0x3b/0x90 [ 179.453006] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.453510] RIP: 0033:0x7f4b87518a4d [ 179.453875] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.454456] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.455299] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.456056] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.456729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.457412] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.458106] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.459106] [ 179.459367] irq event stamp: 0 [ 179.459696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.460346] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.461196] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.462258] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.462937] ---[ end trace 0000000000000000 ]--- [ 179.463875] ------------[ cut here ]------------ [ 179.464385] WARNING: CPU: 1 PID: 1701 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.465699] Modules linked in: [ 179.466040] CPU: 1 PID: 1701 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.467002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.468370] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.468922] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.471065] RSP: 0018:ffff88801806fb78 EFLAGS: 00010246 [ 179.471677] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.472618] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 179.473689] RBP: ffff88801806fb98 R08: ffffed1002f5363e R09: ffffed1002f5363e [ 179.475084] R10: ffff888017a9b1ef R11: ffffed1002f5363d R12: ffff888017a9b290 [ 179.476077] R13: ffff888017a9b0a8 R14: ffffffffffffffff R15: ffff88801806fc60 [ 179.477045] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 179.478361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.479272] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 179.480460] PKRU: 55555554 [ 179.480857] Call Trace: [ 179.481209] [ 179.481526] iommufd_ioas_destroy+0x53/0x70 [ 179.482156] iommufd_fops_release+0x1f7/0x370 [ 179.482957] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.483658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.484325] ? write_comp_data+0x2f/0x90 [ 179.484990] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.485783] __fput+0x26d/0xa40 [ 179.486252] ____fput+0x1e/0x30 [ 179.486766] task_work_run+0x1a4/0x2d0 [ 179.487401] ? __pfx_task_work_run+0x10/0x10 [ 179.488109] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.488779] ? switch_task_namespaces+0xa9/0xe0 [ 179.489443] do_exit+0xb17/0x2ef0 [ 179.490084] ? lock_acquire+0x427/0x4c0 [ 179.490712] ? __pfx_lock_release+0x10/0x10 [ 179.491348] ? __kasan_check_write+0x18/0x20 [ 179.491966] ? do_raw_spin_lock+0x132/0x2a0 [ 179.492749] ? __pfx_do_exit+0x10/0x10 [ 179.493306] ? debug_smp_processor_id+0x20/0x30 [ 179.493955] ? rcu_is_watching+0x19/0xb0 [ 179.494634] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.495414] ? trace_hardirqs_on+0x26/0x120 [ 179.496020] do_group_exit+0xe0/0x2b0 [ 179.496534] __x64_sys_exit_group+0x47/0x50 [ 179.497177] do_syscall_64+0x3b/0x90 [ 179.497816] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.498577] RIP: 0033:0x7f4b87518a4d [ 179.499084] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.500221] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.501245] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.502432] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.503496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.504450] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.505647] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.506684] [ 179.507030] irq event stamp: 0 [ 179.507547] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.508324] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.509527] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.510650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.511499] ---[ end trace 0000000000000000 ]--- [ 179.519906] ------------[ cut here ]------------ [ 179.520481] WARNING: CPU: 1 PID: 1702 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.521544] Modules linked in: [ 179.521855] CPU: 1 PID: 1702 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.522889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.523979] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.524460] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.526371] RSP: 0018:ffff888013fafbb8 EFLAGS: 00010246 [ 179.526929] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 179.527813] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 179.528491] RBP: ffff888013fafbd0 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 179.529177] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff888013b21400 [ 179.530035] R13: ffff888017a461e8 R14: ffffffff8352e670 R15: ffff888013fafe68 [ 179.530750] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 179.531545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.532202] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 179.532975] PKRU: 55555554 [ 179.533259] Call Trace: [ 179.533505] [ 179.533725] __iommufd_access_detach+0x1c2/0x2b0 [ 179.534286] iommufd_access_change_pt+0x149/0x270 [ 179.534878] iommufd_access_replace+0xb4/0x120 [ 179.535357] iommufd_test+0x3e5/0x37e0 [ 179.535742] ? lock_release+0x532/0x770 [ 179.536146] ? __might_fault+0x102/0x1b0 [ 179.536553] ? lock_acquire+0x427/0x4c0 [ 179.537103] ? __pfx_iommufd_test+0x10/0x10 [ 179.537528] ? __pfx_lock_release+0x10/0x10 [ 179.537958] ? __pfx_lock_acquire+0x10/0x10 [ 179.538395] ? write_comp_data+0x2f/0x90 [ 179.538868] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.539448] ? write_comp_data+0x2f/0x90 [ 179.539858] iommufd_fops_ioctl+0x37d/0x510 [ 179.540286] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.540764] ? write_comp_data+0x2f/0x90 [ 179.541196] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.541796] __x64_sys_ioctl+0x1a3/0x230 [ 179.542212] do_syscall_64+0x3b/0x90 [ 179.542674] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.543199] RIP: 0033:0x7f4b8743ee5d [ 179.543564] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.545305] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.546042] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.546766] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.547474] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.548159] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.548850] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.549631] [ 179.549867] irq event stamp: 0 [ 179.550166] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.550793] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.551603] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.552392] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.552997] ---[ end trace 0000000000000000 ]--- [ 179.556407] ------------[ cut here ]------------ [ 179.556911] WARNING: CPU: 0 PID: 1702 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.557870] Modules linked in: [ 179.558174] CPU: 0 PID: 1702 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.559036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.560113] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.560592] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.562300] RSP: 0018:ffff888013fafbd0 EFLAGS: 00010246 [ 179.562834] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 179.563520] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 179.564190] RBP: ffff888013fafbe8 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 179.564862] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff8880139e0000 [ 179.565528] R13: ffff888017a461e8 R14: ffff888013be6100 R15: 0000000000000000 [ 179.566195] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.566995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.567560] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 179.568229] PKRU: 55555554 [ 179.568493] Call Trace: [ 179.568734] [ 179.568947] iommufd_access_destroy_object+0x65/0x170 [ 179.569434] iommufd_object_destroy_user+0x18e/0x220 [ 179.569911] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.570461] iommufd_access_destroy+0x43/0x70 [ 179.570920] iommufd_test_staccess_release+0x8d/0xd0 [ 179.571417] __fput+0x26d/0xa40 [ 179.571742] ____fput+0x1e/0x30 [ 179.572071] task_work_run+0x1a4/0x2d0 [ 179.572443] ? __pfx_task_work_run+0x10/0x10 [ 179.572861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.573326] ? switch_task_namespaces+0xa9/0xe0 [ 179.573780] do_exit+0xb17/0x2ef0 [ 179.574122] ? lock_acquire+0x427/0x4c0 [ 179.574534] ? __pfx_lock_release+0x10/0x10 [ 179.574949] ? __kasan_check_write+0x18/0x20 [ 179.575387] ? do_raw_spin_lock+0x132/0x2a0 [ 179.575792] ? __pfx_do_exit+0x10/0x10 [ 179.576166] ? debug_smp_processor_id+0x20/0x30 [ 179.576611] ? rcu_is_watching+0x19/0xb0 [ 179.576993] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.577429] ? trace_hardirqs_on+0x26/0x120 [ 179.577843] do_group_exit+0xe0/0x2b0 [ 179.578198] __x64_sys_exit_group+0x47/0x50 [ 179.578628] do_syscall_64+0x3b/0x90 [ 179.578986] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.579479] RIP: 0033:0x7f4b87518a4d [ 179.579826] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.580393] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.581081] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.581738] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.582396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.583075] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.583744] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.584406] [ 179.584624] irq event stamp: 0 [ 179.584903] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.585452] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.586171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.586912] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.587470] ---[ end trace 0000000000000000 ]--- [ 179.588369] ------------[ cut here ]------------ [ 179.588795] WARNING: CPU: 0 PID: 1702 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.589671] Modules linked in: [ 179.589950] CPU: 0 PID: 1702 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.590735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.591721] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.592166] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.593739] RSP: 0018:ffff888013fafb78 EFLAGS: 00010246 [ 179.594202] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.594841] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 179.595482] RBP: ffff888013fafb98 R08: ffffed1002f48c3e R09: ffffed1002f48c3e [ 179.596093] R10: ffff888017a461ef R11: ffffed1002f48c3d R12: ffff888017a46290 [ 179.596722] R13: ffff888017a460a8 R14: ffffffffffffffff R15: ffff888013fafc60 [ 179.597340] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.598026] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.598552] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 179.599184] PKRU: 55555554 [ 179.599433] Call Trace: [ 179.599656] [ 179.599854] iommufd_ioas_destroy+0x53/0x70 [ 179.600238] iommufd_fops_release+0x1f7/0x370 [ 179.600639] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.601081] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.601509] ? write_comp_data+0x2f/0x90 [ 179.601870] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.602321] __fput+0x26d/0xa40 [ 179.602651] ____fput+0x1e/0x30 [ 179.602958] task_work_run+0x1a4/0x2d0 [ 179.603314] ? __pfx_task_work_run+0x10/0x10 [ 179.603714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.604139] ? switch_task_namespaces+0xa9/0xe0 [ 179.604545] do_exit+0xb17/0x2ef0 [ 179.604849] ? lock_acquire+0x427/0x4c0 [ 179.605195] ? __pfx_lock_release+0x10/0x10 [ 179.605565] ? __kasan_check_write+0x18/0x20 [ 179.605944] ? do_raw_spin_lock+0x132/0x2a0 [ 179.606319] ? __pfx_do_exit+0x10/0x10 [ 179.606680] ? debug_smp_processor_id+0x20/0x30 [ 179.607091] ? rcu_is_watching+0x19/0xb0 [ 179.607451] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.607839] ? trace_hardirqs_on+0x26/0x120 [ 179.608217] do_group_exit+0xe0/0x2b0 [ 179.608545] __x64_sys_exit_group+0x47/0x50 [ 179.608914] do_syscall_64+0x3b/0x90 [ 179.609239] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.609683] RIP: 0033:0x7f4b87518a4d [ 179.610003] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.610550] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.611216] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.611822] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.612424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.613031] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.613630] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.614251] [ 179.614449] irq event stamp: 0 [ 179.614740] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.615287] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.615990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.616708] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.617244] ---[ end trace 0000000000000000 ]--- [ 179.621797] ------------[ cut here ]------------ [ 179.622252] WARNING: CPU: 0 PID: 1703 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.623380] Modules linked in: [ 179.623669] CPU: 0 PID: 1703 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.624414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.625667] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.626107] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.627917] RSP: 0018:ffff88801806fbb8 EFLAGS: 00010246 [ 179.628387] RAX: 0000000000000000 RBX: ffff88801609b8a8 RCX: 0000000000000000 [ 179.629171] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 179.629793] RBP: ffff88801806fbd0 R08: ffffed1002c13733 R09: ffffed1002c13733 [ 179.630405] R10: ffff88801609b993 R11: ffffed1002c13732 R12: ffff888010e01800 [ 179.631251] R13: ffff88801609b9e8 R14: ffffffff8352e670 R15: ffff88801806fe68 [ 179.631844] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.632513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.633164] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 179.633756] PKRU: 55555554 [ 179.633992] Call Trace: [ 179.634204] [ 179.634400] __iommufd_access_detach+0x1c2/0x2b0 [ 179.635010] iommufd_access_change_pt+0x149/0x270 [ 179.635440] iommufd_access_replace+0xb4/0x120 [ 179.635841] iommufd_test+0x3e5/0x37e0 [ 179.636163] ? lock_release+0x532/0x770 [ 179.636504] ? __might_fault+0x102/0x1b0 [ 179.636916] ? lock_acquire+0x427/0x4c0 [ 179.637364] ? __pfx_iommufd_test+0x10/0x10 [ 179.637731] ? __pfx_lock_release+0x10/0x10 [ 179.638096] ? __pfx_lock_acquire+0x10/0x10 [ 179.638466] ? write_comp_data+0x2f/0x90 [ 179.639006] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.639429] ? write_comp_data+0x2f/0x90 [ 179.639785] iommufd_fops_ioctl+0x37d/0x510 [ 179.640157] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.640571] ? write_comp_data+0x2f/0x90 [ 179.640985] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.641503] __x64_sys_ioctl+0x1a3/0x230 [ 179.641853] do_syscall_64+0x3b/0x90 [ 179.642172] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.642708] RIP: 0033:0x7f4b8743ee5d [ 179.643128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.644658] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.645446] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.646036] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.646736] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.647468] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.648061] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.648697] [ 179.649008] irq event stamp: 0 [ 179.649276] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.649800] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.650606] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.651440] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.651980] ---[ end trace 0000000000000000 ]--- [ 179.655373] ------------[ cut here ]------------ [ 179.655824] WARNING: CPU: 0 PID: 1703 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.656783] Modules linked in: [ 179.657201] CPU: 0 PID: 1703 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.657956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.659168] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.659607] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.661198] RSP: 0018:ffff88801806fbd0 EFLAGS: 00010246 [ 179.661672] RAX: 0000000000000000 RBX: ffff88801609b8a8 RCX: 0000000000000000 [ 179.662294] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 179.662953] RBP: ffff88801806fbe8 R08: ffffed1002c13733 R09: ffffed1002c13733 [ 179.663596] R10: ffff88801609b993 R11: ffffed1002c13732 R12: ffff88801341e400 [ 179.664216] R13: ffff88801609b9e8 R14: ffff88800f503700 R15: 0000000000000000 [ 179.664842] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.665536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.666042] CR2: 00007f4b875fca50 CR3: 00000000141f6000 CR4: 0000000000750ef0 [ 179.666680] PKRU: 55555554 [ 179.666934] Call Trace: [ 179.667171] [ 179.667368] iommufd_access_destroy_object+0x65/0x170 [ 179.667829] iommufd_object_destroy_user+0x18e/0x220 [ 179.668274] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.668790] iommufd_access_destroy+0x43/0x70 [ 179.669191] iommufd_test_staccess_release+0x8d/0xd0 [ 179.669644] __fput+0x26d/0xa40 [ 179.669953] ____fput+0x1e/0x30 [ 179.670249] task_work_run+0x1a4/0x2d0 [ 179.670631] ? __pfx_task_work_run+0x10/0x10 [ 179.671036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.671484] ? switch_task_namespaces+0xa9/0xe0 [ 179.671909] do_exit+0xb17/0x2ef0 [ 179.672227] ? lock_acquire+0x427/0x4c0 [ 179.672589] ? __pfx_lock_release+0x10/0x10 [ 179.672976] ? __kasan_check_write+0x18/0x20 [ 179.673369] ? do_raw_spin_lock+0x132/0x2a0 [ 179.673767] ? __pfx_do_exit+0x10/0x10 [ 179.674130] ? debug_smp_processor_id+0x20/0x30 [ 179.674582] ? rcu_is_watching+0x19/0xb0 [ 179.674950] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.675374] ? trace_hardirqs_on+0x26/0x120 [ 179.675766] do_group_exit+0xe0/0x2b0 [ 179.676102] __x64_sys_exit_group+0x47/0x50 [ 179.676480] do_syscall_64+0x3b/0x90 [ 179.676818] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.677283] RIP: 0033:0x7f4b87518a4d [ 179.677617] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.678152] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.678862] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.679512] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.680134] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.680755] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.681372] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.682005] [ 179.682210] irq event stamp: 0 [ 179.682493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.683087] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.683841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.684567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.685118] ---[ end trace 0000000000000000 ]--- [ 179.685985] ------------[ cut here ]------------ [ 179.686701] WARNING: CPU: 0 PID: 1703 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.687616] Modules linked in: [ 179.687899] CPU: 0 PID: 1703 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.688694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.689850] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.690314] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.692309] RSP: 0018:ffff88801806fb78 EFLAGS: 00010246 [ 179.692790] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.693491] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 179.694228] RBP: ffff88801806fb98 R08: ffffed1002c1373e R09: ffffed1002c1373e [ 179.694877] R10: ffff88801609b9ef R11: ffffed1002c1373d R12: ffff88801609ba90 [ 179.695588] R13: ffff88801609b8a8 R14: ffffffffffffffff R15: ffff88801806fc60 [ 179.696339] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.697045] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.697717] CR2: 00007f4b875fca50 CR3: 00000000141f6000 CR4: 0000000000750ef0 [ 179.698342] PKRU: 55555554 [ 179.698623] Call Trace: [ 179.698851] [ 179.699054] iommufd_ioas_destroy+0x53/0x70 [ 179.699491] iommufd_fops_release+0x1f7/0x370 [ 179.700037] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.700484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.700926] ? write_comp_data+0x2f/0x90 [ 179.701401] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.701988] __fput+0x26d/0xa40 [ 179.702317] ____fput+0x1e/0x30 [ 179.702665] task_work_run+0x1a4/0x2d0 [ 179.703044] ? __pfx_task_work_run+0x10/0x10 [ 179.703477] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.704180] ? switch_task_namespaces+0xa9/0xe0 [ 179.704630] do_exit+0xb17/0x2ef0 [ 179.704964] ? lock_acquire+0x427/0x4c0 [ 179.705349] ? __pfx_lock_release+0x10/0x10 [ 179.705852] ? __kasan_check_write+0x18/0x20 [ 179.706348] ? do_raw_spin_lock+0x132/0x2a0 [ 179.706785] ? __pfx_do_exit+0x10/0x10 [ 179.707179] ? debug_smp_processor_id+0x20/0x30 [ 179.707619] ? rcu_is_watching+0x19/0xb0 [ 179.708036] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.708646] ? trace_hardirqs_on+0x26/0x120 [ 179.709063] do_group_exit+0xe0/0x2b0 [ 179.709426] __x64_sys_exit_group+0x47/0x50 [ 179.709821] do_syscall_64+0x3b/0x90 [ 179.710181] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.710704] RIP: 0033:0x7f4b87518a4d [ 179.711056] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.711635] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.712331] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.712995] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.713651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.714315] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.715011] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.715683] [ 179.715906] irq event stamp: 0 [ 179.716196] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.716779] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.717557] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.718318] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.718919] ---[ end trace 0000000000000000 ]--- [ 179.723389] ------------[ cut here ]------------ [ 179.723869] WARNING: CPU: 0 PID: 1704 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.724796] Modules linked in: [ 179.725098] CPU: 0 PID: 1704 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.725896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.727047] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.727503] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.729163] RSP: 0018:ffff888021a2fbb8 EFLAGS: 00010246 [ 179.729646] RAX: 0000000000000000 RBX: ffff8880159ea0a8 RCX: 0000000000000000 [ 179.730291] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 179.730967] RBP: ffff888021a2fbd0 R08: ffffed1002b3d433 R09: ffffed1002b3d433 [ 179.731634] R10: ffff8880159ea193 R11: ffffed1002b3d432 R12: ffff88800fcb0000 [ 179.732281] R13: ffff8880159ea1e8 R14: ffffffff8352e670 R15: ffff888021a2fe68 [ 179.732932] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.733667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.734199] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 179.734888] PKRU: 55555554 [ 179.735154] Call Trace: [ 179.735384] [ 179.735584] __iommufd_access_detach+0x1c2/0x2b0 [ 179.736011] iommufd_access_change_pt+0x149/0x270 [ 179.736439] iommufd_access_replace+0xb4/0x120 [ 179.736848] iommufd_test+0x3e5/0x37e0 [ 179.737188] ? lock_release+0x532/0x770 [ 179.737543] ? __might_fault+0x102/0x1b0 [ 179.737901] ? lock_acquire+0x427/0x4c0 [ 179.738257] ? __pfx_iommufd_test+0x10/0x10 [ 179.738654] ? __pfx_lock_release+0x10/0x10 [ 179.739045] ? __pfx_lock_acquire+0x10/0x10 [ 179.739445] ? write_comp_data+0x2f/0x90 [ 179.739807] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.740235] ? write_comp_data+0x2f/0x90 [ 179.740602] iommufd_fops_ioctl+0x37d/0x510 [ 179.740984] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.741413] ? write_comp_data+0x2f/0x90 [ 179.741775] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.742197] __x64_sys_ioctl+0x1a3/0x230 [ 179.742590] do_syscall_64+0x3b/0x90 [ 179.742930] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.743397] RIP: 0033:0x7f4b8743ee5d [ 179.743724] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.745284] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.745940] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.746581] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.747209] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.747823] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.748436] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.749060] [ 179.749264] irq event stamp: 0 [ 179.749538] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.750092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.750840] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.751580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.752125] ---[ end trace 0000000000000000 ]--- [ 179.755021] ------------[ cut here ]------------ [ 179.755476] WARNING: CPU: 0 PID: 1704 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.756367] Modules linked in: [ 179.756645] CPU: 0 PID: 1704 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.757392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.758354] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.758812] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.760399] RSP: 0018:ffff888021a2fbd0 EFLAGS: 00010246 [ 179.760882] RAX: 0000000000000000 RBX: ffff8880159ea0a8 RCX: 0000000000000000 [ 179.761505] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 179.762120] RBP: ffff888021a2fbe8 R08: ffffed1002b3d433 R09: ffffed1002b3d433 [ 179.762769] R10: ffff8880159ea193 R11: ffffed1002b3d432 R12: ffff888010e02800 [ 179.763410] R13: ffff8880159ea1e8 R14: ffff88800ca5a400 R15: 0000000000000000 [ 179.764032] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.764732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.765237] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.765852] PKRU: 55555554 [ 179.766092] Call Trace: [ 179.766313] [ 179.766539] iommufd_access_destroy_object+0x65/0x170 [ 179.766992] iommufd_object_destroy_user+0x18e/0x220 [ 179.767463] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.767973] iommufd_access_destroy+0x43/0x70 [ 179.768376] iommufd_test_staccess_release+0x8d/0xd0 [ 179.768813] __fput+0x26d/0xa40 [ 179.769110] ____fput+0x1e/0x30 [ 179.769401] task_work_run+0x1a4/0x2d0 [ 179.769748] ? __pfx_task_work_run+0x10/0x10 [ 179.770132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.770581] ? switch_task_namespaces+0xa9/0xe0 [ 179.770990] do_exit+0xb17/0x2ef0 [ 179.771300] ? lock_acquire+0x427/0x4c0 [ 179.771653] ? __pfx_lock_release+0x10/0x10 [ 179.772030] ? __kasan_check_write+0x18/0x20 [ 179.772418] ? do_raw_spin_lock+0x132/0x2a0 [ 179.772797] ? __pfx_do_exit+0x10/0x10 [ 179.773136] ? debug_smp_processor_id+0x20/0x30 [ 179.773543] ? rcu_is_watching+0x19/0xb0 [ 179.773892] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.774285] ? trace_hardirqs_on+0x26/0x120 [ 179.774692] do_group_exit+0xe0/0x2b0 [ 179.775022] __x64_sys_exit_group+0x47/0x50 [ 179.775399] do_syscall_64+0x3b/0x90 [ 179.775727] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.776176] RIP: 0033:0x7f4b87518a4d [ 179.776502] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.777031] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.777682] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.778287] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.778924] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.779540] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.780138] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.780753] [ 179.780959] irq event stamp: 0 [ 179.781227] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.781761] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.782475] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.783217] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.783751] ---[ end trace 0000000000000000 ]--- [ 179.784511] ------------[ cut here ]------------ [ 179.784923] WARNING: CPU: 0 PID: 1704 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.785797] Modules linked in: [ 179.786070] CPU: 0 PID: 1704 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.786840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.787820] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.788269] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.789814] RSP: 0018:ffff888021a2fb78 EFLAGS: 00010246 [ 179.790271] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.790913] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 179.791536] RBP: ffff888021a2fb98 R08: ffffed1002b3d43e R09: ffffed1002b3d43e [ 179.792143] R10: ffff8880159ea1ef R11: ffffed1002b3d43d R12: ffff8880159ea290 [ 179.792745] R13: ffff8880159ea0a8 R14: ffffffffffffffff R15: ffff888021a2fc60 [ 179.793349] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.794023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.794547] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.795164] PKRU: 55555554 [ 179.795404] Call Trace: [ 179.795619] [ 179.795812] iommufd_ioas_destroy+0x53/0x70 [ 179.796195] iommufd_fops_release+0x1f7/0x370 [ 179.796588] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.797014] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.797436] ? write_comp_data+0x2f/0x90 [ 179.797789] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.798217] __fput+0x26d/0xa40 [ 179.798550] ____fput+0x1e/0x30 [ 179.798843] task_work_run+0x1a4/0x2d0 [ 179.799194] ? __pfx_task_work_run+0x10/0x10 [ 179.799584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.800005] ? switch_task_namespaces+0xa9/0xe0 [ 179.800410] do_exit+0xb17/0x2ef0 [ 179.800705] ? lock_acquire+0x427/0x4c0 [ 179.801059] ? __pfx_lock_release+0x10/0x10 [ 179.801438] ? __kasan_check_write+0x18/0x20 [ 179.801825] ? do_raw_spin_lock+0x132/0x2a0 [ 179.802192] ? __pfx_do_exit+0x10/0x10 [ 179.802573] ? debug_smp_processor_id+0x20/0x30 [ 179.802982] ? rcu_is_watching+0x19/0xb0 [ 179.803348] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.803744] ? trace_hardirqs_on+0x26/0x120 [ 179.804114] do_group_exit+0xe0/0x2b0 [ 179.804435] __x64_sys_exit_group+0x47/0x50 [ 179.804800] do_syscall_64+0x3b/0x90 [ 179.805123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.805565] RIP: 0033:0x7f4b87518a4d [ 179.805880] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.806394] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.807051] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.807667] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.808268] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.808869] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.809461] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.810062] [ 179.810269] irq event stamp: 0 [ 179.810555] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.811089] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.811809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.812512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.813041] ---[ end trace 0000000000000000 ]--- [ 179.817136] ------------[ cut here ]------------ [ 179.817569] WARNING: CPU: 0 PID: 1705 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.818418] Modules linked in: [ 179.818748] CPU: 0 PID: 1705 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.819498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.820432] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.820847] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.822364] RSP: 0018:ffff888020fa7bb8 EFLAGS: 00010246 [ 179.822830] RAX: 0000000000000000 RBX: ffff8880173058a8 RCX: 0000000000000000 [ 179.823435] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 179.824029] RBP: ffff888020fa7bd0 R08: ffffed1002e60b33 R09: ffffed1002e60b33 [ 179.824623] R10: ffff888017305993 R11: ffffed1002e60b32 R12: ffff88800f20b000 [ 179.825216] R13: ffff8880173059e8 R14: ffffffff8352e670 R15: ffff888020fa7e68 [ 179.825810] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.826529] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.827007] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 179.827619] PKRU: 55555554 [ 179.827853] Call Trace: [ 179.828070] [ 179.828256] __iommufd_access_detach+0x1c2/0x2b0 [ 179.828666] iommufd_access_change_pt+0x149/0x270 [ 179.829077] iommufd_access_replace+0xb4/0x120 [ 179.829465] iommufd_test+0x3e5/0x37e0 [ 179.829789] ? lock_release+0x532/0x770 [ 179.830137] ? __might_fault+0x102/0x1b0 [ 179.830481] ? lock_acquire+0x427/0x4c0 [ 179.830840] ? __pfx_iommufd_test+0x10/0x10 [ 179.831213] ? __pfx_lock_release+0x10/0x10 [ 179.831583] ? __pfx_lock_acquire+0x10/0x10 [ 179.831951] ? write_comp_data+0x2f/0x90 [ 179.832303] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.832717] ? write_comp_data+0x2f/0x90 [ 179.833067] iommufd_fops_ioctl+0x37d/0x510 [ 179.833435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.833855] ? write_comp_data+0x2f/0x90 [ 179.834202] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.834621] __x64_sys_ioctl+0x1a3/0x230 [ 179.834973] do_syscall_64+0x3b/0x90 [ 179.835308] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.835756] RIP: 0033:0x7f4b8743ee5d [ 179.836073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.837583] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.838215] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.838826] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.839425] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.840005] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.840590] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.841177] [ 179.841372] irq event stamp: 0 [ 179.841636] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.842155] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.842856] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.843550] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.844067] ---[ end trace 0000000000000000 ]--- [ 179.846799] ------------[ cut here ]------------ [ 179.847229] WARNING: CPU: 0 PID: 1705 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.848058] Modules linked in: [ 179.848320] CPU: 0 PID: 1705 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.849040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.849959] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.850370] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.851898] RSP: 0018:ffff888020fa7bd0 EFLAGS: 00010246 [ 179.852336] RAX: 0000000000000000 RBX: ffff8880173058a8 RCX: 0000000000000000 [ 179.852922] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 179.853509] RBP: ffff888020fa7be8 R08: ffffed1002e60b33 R09: ffffed1002e60b33 [ 179.854091] R10: ffff888017305993 R11: ffffed1002e60b32 R12: ffff88800fcb2000 [ 179.854688] R13: ffff8880173059e8 R14: ffff88800b1d8900 R15: 0000000000000000 [ 179.855282] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.855948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.856425] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.857010] PKRU: 55555554 [ 179.857247] Call Trace: [ 179.857457] [ 179.857648] iommufd_access_destroy_object+0x65/0x170 [ 179.858070] iommufd_object_destroy_user+0x18e/0x220 [ 179.858495] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.858996] iommufd_access_destroy+0x43/0x70 [ 179.859385] iommufd_test_staccess_release+0x8d/0xd0 [ 179.859813] __fput+0x26d/0xa40 [ 179.860102] ____fput+0x1e/0x30 [ 179.860382] task_work_run+0x1a4/0x2d0 [ 179.860710] ? __pfx_task_work_run+0x10/0x10 [ 179.861080] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.861488] ? switch_task_namespaces+0xa9/0xe0 [ 179.861878] do_exit+0xb17/0x2ef0 [ 179.862168] ? lock_acquire+0x427/0x4c0 [ 179.862501] ? __pfx_lock_release+0x10/0x10 [ 179.862893] ? __kasan_check_write+0x18/0x20 [ 179.863275] ? do_raw_spin_lock+0x132/0x2a0 [ 179.863631] ? __pfx_do_exit+0x10/0x10 [ 179.863961] ? debug_smp_processor_id+0x20/0x30 [ 179.864348] ? rcu_is_watching+0x19/0xb0 [ 179.864682] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.865058] ? trace_hardirqs_on+0x26/0x120 [ 179.865427] do_group_exit+0xe0/0x2b0 [ 179.865742] __x64_sys_exit_group+0x47/0x50 [ 179.866099] do_syscall_64+0x3b/0x90 [ 179.866415] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.866863] RIP: 0033:0x7f4b87518a4d [ 179.867182] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.867690] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.868309] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.868897] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.869477] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.870052] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.870653] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.871257] [ 179.871450] irq event stamp: 0 [ 179.871710] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.872237] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.872910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.873599] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.874128] ---[ end trace 0000000000000000 ]--- [ 179.874861] ------------[ cut here ]------------ [ 179.875261] WARNING: CPU: 0 PID: 1705 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.876097] Modules linked in: [ 179.876359] CPU: 0 PID: 1705 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.877087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.878003] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.878421] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.879915] RSP: 0018:ffff888020fa7b78 EFLAGS: 00010246 [ 179.880316] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.880865] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 179.881512] RBP: ffff888020fa7b98 R08: ffffed1002e60b3e R09: ffffed1002e60b3e [ 179.882222] R10: ffff8880173059ef R11: ffffed1002e60b3d R12: ffff888017305a90 [ 179.882782] R13: ffff8880173058a8 R14: ffffffffffffffff R15: ffff888020fa7c60 [ 179.883428] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.884178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.884624] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.885249] PKRU: 55555554 [ 179.885581] Call Trace: [ 179.885781] [ 179.885959] iommufd_ioas_destroy+0x53/0x70 [ 179.886311] iommufd_fops_release+0x1f7/0x370 [ 179.886715] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.887227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.887619] ? write_comp_data+0x2f/0x90 [ 179.887943] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.888338] __fput+0x26d/0xa40 [ 179.888611] ____fput+0x1e/0x30 [ 179.888949] task_work_run+0x1a4/0x2d0 [ 179.889385] ? __pfx_task_work_run+0x10/0x10 [ 179.889732] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.890120] ? switch_task_namespaces+0xa9/0xe0 [ 179.890559] do_exit+0xb17/0x2ef0 [ 179.890947] ? lock_acquire+0x427/0x4c0 [ 179.891276] ? __pfx_lock_release+0x10/0x10 [ 179.891624] ? __kasan_check_write+0x18/0x20 [ 179.891972] ? do_raw_spin_lock+0x132/0x2a0 [ 179.892315] ? __pfx_do_exit+0x10/0x10 [ 179.892706] ? debug_smp_processor_id+0x20/0x30 [ 179.893190] ? rcu_is_watching+0x19/0xb0 [ 179.893518] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.893874] ? trace_hardirqs_on+0x26/0x120 [ 179.894254] do_group_exit+0xe0/0x2b0 [ 179.894722] __x64_sys_exit_group+0x47/0x50 [ 179.895059] do_syscall_64+0x3b/0x90 [ 179.895369] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.895781] RIP: 0033:0x7f4b87518a4d [ 179.896074] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.896621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.897324] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.897884] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.898665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.899229] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.899782] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.900533] [ 179.900732] irq event stamp: 0 [ 179.900997] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.901532] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.902436] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.903175] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.903711] ---[ end trace 0000000000000000 ]--- [ 179.907918] ------------[ cut here ]------------ [ 179.908410] WARNING: CPU: 0 PID: 1706 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.909169] Modules linked in: [ 179.909441] CPU: 0 PID: 1706 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.910173] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.911057] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.911439] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.912896] RSP: 0018:ffff88801806fbb8 EFLAGS: 00010246 [ 179.913286] RAX: 0000000000000000 RBX: ffff88800fb8b8a8 RCX: 0000000000000000 [ 179.913816] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 179.914333] RBP: ffff88801806fbd0 R08: ffffed1001f71733 R09: ffffed1001f71733 [ 179.914878] R10: ffff88800fb8b993 R11: ffffed1001f71732 R12: ffff888014025000 [ 179.915414] R13: ffff88800fb8b9e8 R14: ffffffff8352e670 R15: ffff88801806fe68 [ 179.915938] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.916533] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.916956] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 179.917486] PKRU: 55555554 [ 179.917696] Call Trace: [ 179.917880] [ 179.918049] __iommufd_access_detach+0x1c2/0x2b0 [ 179.918407] iommufd_access_change_pt+0x149/0x270 [ 179.918789] iommufd_access_replace+0xb4/0x120 [ 179.919150] iommufd_test+0x3e5/0x37e0 [ 179.919436] ? lock_release+0x532/0x770 [ 179.919743] ? __might_fault+0x102/0x1b0 [ 179.920047] ? lock_acquire+0x427/0x4c0 [ 179.920350] ? __pfx_iommufd_test+0x10/0x10 [ 179.920668] ? __pfx_lock_release+0x10/0x10 [ 179.920998] ? __pfx_lock_acquire+0x10/0x10 [ 179.921326] ? write_comp_data+0x2f/0x90 [ 179.921629] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.921989] ? write_comp_data+0x2f/0x90 [ 179.922293] iommufd_fops_ioctl+0x37d/0x510 [ 179.922631] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.922990] ? write_comp_data+0x2f/0x90 [ 179.923298] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 179.923651] __x64_sys_ioctl+0x1a3/0x230 [ 179.923957] do_syscall_64+0x3b/0x90 [ 179.924243] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.924631] RIP: 0033:0x7f4b8743ee5d [ 179.924912] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 179.926234] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 179.926802] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 179.927367] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 179.927892] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 179.928407] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 179.928933] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 179.929470] [ 179.929645] irq event stamp: 0 [ 179.929878] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.930343] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.930973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.931603] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.932062] ---[ end trace 0000000000000000 ]--- [ 179.935134] ------------[ cut here ]------------ [ 179.935492] WARNING: CPU: 0 PID: 1706 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.936229] Modules linked in: [ 179.936464] CPU: 0 PID: 1706 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.937288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.938117] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.938561] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 179.940034] RSP: 0018:ffff88801806fbd0 EFLAGS: 00010246 [ 179.940499] RAX: 0000000000000000 RBX: ffff88800fb8b8a8 RCX: 0000000000000000 [ 179.941127] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 179.941661] RBP: ffff88801806fbe8 R08: ffffed1001f71733 R09: ffffed1001f71733 [ 179.942316] R10: ffff88800fb8b993 R11: ffffed1001f71732 R12: ffff88800f209c00 [ 179.942861] R13: ffff88800fb8b9e8 R14: ffff88802099cd00 R15: 0000000000000000 [ 179.943398] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.944128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.944567] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.945096] PKRU: 55555554 [ 179.945308] Call Trace: [ 179.945525] [ 179.945800] iommufd_access_destroy_object+0x65/0x170 [ 179.946195] iommufd_object_destroy_user+0x18e/0x220 [ 179.946602] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 179.947043] iommufd_access_destroy+0x43/0x70 [ 179.947404] iommufd_test_staccess_release+0x8d/0xd0 [ 179.947959] __fput+0x26d/0xa40 [ 179.948223] ____fput+0x1e/0x30 [ 179.948485] task_work_run+0x1a4/0x2d0 [ 179.948790] ? __pfx_task_work_run+0x10/0x10 [ 179.949147] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.949653] ? switch_task_namespaces+0xa9/0xe0 [ 179.950019] do_exit+0xb17/0x2ef0 [ 179.950283] ? lock_acquire+0x427/0x4c0 [ 179.950614] ? __pfx_lock_release+0x10/0x10 [ 179.950950] ? __kasan_check_write+0x18/0x20 [ 179.951376] ? do_raw_spin_lock+0x132/0x2a0 [ 179.951814] ? __pfx_do_exit+0x10/0x10 [ 179.952119] ? debug_smp_processor_id+0x20/0x30 [ 179.952485] ? rcu_is_watching+0x19/0xb0 [ 179.952816] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.953304] ? trace_hardirqs_on+0x26/0x120 [ 179.953640] do_group_exit+0xe0/0x2b0 [ 179.953933] __x64_sys_exit_group+0x47/0x50 [ 179.954261] do_syscall_64+0x3b/0x90 [ 179.954628] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.955137] RIP: 0033:0x7f4b87518a4d [ 179.955420] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.955885] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.956459] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.957133] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.957673] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.958227] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.958915] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.959475] [ 179.959654] irq event stamp: 0 [ 179.959900] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.960432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.961163] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.961795] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.962427] ---[ end trace 0000000000000000 ]--- [ 179.963139] ------------[ cut here ]------------ [ 179.963508] WARNING: CPU: 0 PID: 1706 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 179.964489] Modules linked in: [ 179.964742] CPU: 0 PID: 1706 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.965433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.966482] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 179.966927] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 179.968480] RSP: 0018:ffff88801806fb78 EFLAGS: 00010246 [ 179.968893] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 179.969570] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 179.970117] RBP: ffff88801806fb98 R08: ffffed1001f7173e R09: ffffed1001f7173e [ 179.970690] R10: ffff88800fb8b9ef R11: ffffed1001f7173d R12: ffff88800fb8ba90 [ 179.971389] R13: ffff88800fb8b8a8 R14: ffffffffffffffff R15: ffff88801806fc60 [ 179.971940] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 179.972637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 179.973167] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 179.973722] PKRU: 55555554 [ 179.973943] Call Trace: [ 179.974178] [ 179.974444] iommufd_ioas_destroy+0x53/0x70 [ 179.974813] iommufd_fops_release+0x1f7/0x370 [ 179.975181] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.975574] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.976044] ? write_comp_data+0x2f/0x90 [ 179.976462] ? __pfx_iommufd_fops_release+0x10/0x10 [ 179.976864] __fput+0x26d/0xa40 [ 179.977142] ____fput+0x1e/0x30 [ 179.977409] task_work_run+0x1a4/0x2d0 [ 179.977793] ? __pfx_task_work_run+0x10/0x10 [ 179.978202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 179.978605] ? switch_task_namespaces+0xa9/0xe0 [ 179.978983] do_exit+0xb17/0x2ef0 [ 179.979271] ? lock_acquire+0x427/0x4c0 [ 179.979656] ? __pfx_lock_release+0x10/0x10 [ 179.980111] ? __kasan_check_write+0x18/0x20 [ 179.980466] ? do_raw_spin_lock+0x132/0x2a0 [ 179.980803] ? __pfx_do_exit+0x10/0x10 [ 179.981136] ? debug_smp_processor_id+0x20/0x30 [ 179.981625] ? rcu_is_watching+0x19/0xb0 [ 179.981945] ? _raw_spin_unlock_irq+0x2b/0x60 [ 179.982311] ? trace_hardirqs_on+0x26/0x120 [ 179.982681] do_group_exit+0xe0/0x2b0 [ 179.983136] __x64_sys_exit_group+0x47/0x50 [ 179.983482] do_syscall_64+0x3b/0x90 [ 179.983788] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 179.984198] RIP: 0033:0x7f4b87518a4d [ 179.984513] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 179.985114] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 179.985711] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 179.986307] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 179.986970] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 179.987543] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 179.988091] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 179.988648] [ 179.988832] irq event stamp: 0 [ 179.989077] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 179.989570] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 179.990215] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 179.990883] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 179.991412] ---[ end trace 0000000000000000 ]--- [ 179.995182] ------------[ cut here ]------------ [ 179.995583] WARNING: CPU: 0 PID: 1707 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 179.996371] Modules linked in: [ 179.996619] CPU: 0 PID: 1707 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 179.997301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 179.998173] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 179.998589] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.000007] RSP: 0018:ffff8880120e7bb8 EFLAGS: 00010246 [ 180.000425] RAX: 0000000000000000 RBX: ffff8880167530a8 RCX: 0000000000000000 [ 180.000973] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 180.001520] RBP: ffff8880120e7bd0 R08: ffffed1002cea633 R09: ffffed1002cea633 [ 180.002071] R10: ffff888016753193 R11: ffffed1002cea632 R12: ffff88800f1f3c00 [ 180.002838] R13: ffff8880167531e8 R14: ffffffff8352e670 R15: ffff8880120e7e68 [ 180.003408] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.004031] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.004478] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 180.005033] PKRU: 55555554 [ 180.005259] Call Trace: [ 180.005456] [ 180.005630] __iommufd_access_detach+0x1c2/0x2b0 [ 180.006012] iommufd_access_change_pt+0x149/0x270 [ 180.006397] iommufd_access_replace+0xb4/0x120 [ 180.006783] iommufd_test+0x3e5/0x37e0 [ 180.007092] ? lock_release+0x532/0x770 [ 180.007427] ? __might_fault+0x102/0x1b0 [ 180.007752] ? lock_acquire+0x427/0x4c0 [ 180.008073] ? __pfx_iommufd_test+0x10/0x10 [ 180.008406] ? __pfx_lock_release+0x10/0x10 [ 180.008748] ? __pfx_lock_acquire+0x10/0x10 [ 180.009095] ? write_comp_data+0x2f/0x90 [ 180.009423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.009805] ? write_comp_data+0x2f/0x90 [ 180.010136] iommufd_fops_ioctl+0x37d/0x510 [ 180.010477] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.010882] ? write_comp_data+0x2f/0x90 [ 180.011222] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.011602] __x64_sys_ioctl+0x1a3/0x230 [ 180.011928] do_syscall_64+0x3b/0x90 [ 180.012224] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.012633] RIP: 0033:0x7f4b8743ee5d [ 180.012923] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.014328] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.014930] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.015488] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.016041] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.016583] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.017133] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.017697] [ 180.017880] irq event stamp: 0 [ 180.018130] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.018631] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.019281] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.019905] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.020386] ---[ end trace 0000000000000000 ]--- [ 180.023081] ------------[ cut here ]------------ [ 180.023477] WARNING: CPU: 0 PID: 1707 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.024242] Modules linked in: [ 180.024487] CPU: 0 PID: 1707 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.025151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.025995] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.026370] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.027771] RSP: 0018:ffff8880120e7bd0 EFLAGS: 00010246 [ 180.028177] RAX: 0000000000000000 RBX: ffff8880167530a8 RCX: 0000000000000000 [ 180.028715] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 180.029253] RBP: ffff8880120e7be8 R08: ffffed1002cea633 R09: ffffed1002cea633 [ 180.029799] R10: ffff888016753193 R11: ffffed1002cea632 R12: ffff888014024400 [ 180.030339] R13: ffff8880167531e8 R14: ffff888013884700 R15: 0000000000000000 [ 180.030898] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.031508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.031947] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 180.032483] PKRU: 55555554 [ 180.032703] Call Trace: [ 180.032896] [ 180.033072] iommufd_access_destroy_object+0x65/0x170 [ 180.033468] iommufd_object_destroy_user+0x18e/0x220 [ 180.033860] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.034307] iommufd_access_destroy+0x43/0x70 [ 180.034680] iommufd_test_staccess_release+0x8d/0xd0 [ 180.035082] __fput+0x26d/0xa40 [ 180.035357] ____fput+0x1e/0x30 [ 180.035621] task_work_run+0x1a4/0x2d0 [ 180.035923] ? __pfx_task_work_run+0x10/0x10 [ 180.036258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.036628] ? switch_task_namespaces+0xa9/0xe0 [ 180.036988] do_exit+0xb17/0x2ef0 [ 180.037255] ? lock_acquire+0x427/0x4c0 [ 180.037566] ? __pfx_lock_release+0x10/0x10 [ 180.037898] ? __kasan_check_write+0x18/0x20 [ 180.038245] ? do_raw_spin_lock+0x132/0x2a0 [ 180.038597] ? __pfx_do_exit+0x10/0x10 [ 180.038905] ? debug_smp_processor_id+0x20/0x30 [ 180.039271] ? rcu_is_watching+0x19/0xb0 [ 180.039588] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.039938] ? trace_hardirqs_on+0x26/0x120 [ 180.040273] do_group_exit+0xe0/0x2b0 [ 180.040572] __x64_sys_exit_group+0x47/0x50 [ 180.040899] do_syscall_64+0x3b/0x90 [ 180.041195] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.041605] RIP: 0033:0x7f4b87518a4d [ 180.041889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.042354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.042949] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.043496] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.044039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.044585] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.045123] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.045669] [ 180.045849] irq event stamp: 0 [ 180.046096] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.046596] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.047241] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.047872] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.048347] ---[ end trace 0000000000000000 ]--- [ 180.049020] ------------[ cut here ]------------ [ 180.049380] WARNING: CPU: 0 PID: 1707 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.050147] Modules linked in: [ 180.050392] CPU: 0 PID: 1707 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.051088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.051947] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.052338] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.053710] RSP: 0018:ffff8880120e7b78 EFLAGS: 00010246 [ 180.054120] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.054671] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 180.055224] RBP: ffff8880120e7b98 R08: ffffed1002cea63e R09: ffffed1002cea63e [ 180.055772] R10: ffff8880167531ef R11: ffffed1002cea63d R12: ffff888016753290 [ 180.056301] R13: ffff8880167530a8 R14: ffffffffffffffff R15: ffff8880120e7c60 [ 180.056836] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.057437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.057889] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 180.058425] PKRU: 55555554 [ 180.058657] Call Trace: [ 180.058851] [ 180.059025] iommufd_ioas_destroy+0x53/0x70 [ 180.059365] iommufd_fops_release+0x1f7/0x370 [ 180.059705] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.060081] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.060458] ? write_comp_data+0x2f/0x90 [ 180.060778] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.061152] __fput+0x26d/0xa40 [ 180.061412] ____fput+0x1e/0x30 [ 180.061663] task_work_run+0x1a4/0x2d0 [ 180.061965] ? __pfx_task_work_run+0x10/0x10 [ 180.062299] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.062685] ? switch_task_namespaces+0xa9/0xe0 [ 180.063043] do_exit+0xb17/0x2ef0 [ 180.063304] ? lock_acquire+0x427/0x4c0 [ 180.063604] ? __pfx_lock_release+0x10/0x10 [ 180.063934] ? __kasan_check_write+0x18/0x20 [ 180.064274] ? do_raw_spin_lock+0x132/0x2a0 [ 180.064605] ? __pfx_do_exit+0x10/0x10 [ 180.064905] ? debug_smp_processor_id+0x20/0x30 [ 180.065263] ? rcu_is_watching+0x19/0xb0 [ 180.065572] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.065918] ? trace_hardirqs_on+0x26/0x120 [ 180.066245] do_group_exit+0xe0/0x2b0 [ 180.066564] __x64_sys_exit_group+0x47/0x50 [ 180.066889] do_syscall_64+0x3b/0x90 [ 180.067186] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.067583] RIP: 0033:0x7f4b87518a4d [ 180.067863] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.068322] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.068880] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.069411] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.069947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.070476] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.071026] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.071569] [ 180.071744] irq event stamp: 0 [ 180.071976] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.072443] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.073067] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.073678] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.074149] ---[ end trace 0000000000000000 ]--- [ 180.077890] ------------[ cut here ]------------ [ 180.078265] WARNING: CPU: 0 PID: 1708 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.079059] Modules linked in: [ 180.079306] CPU: 0 PID: 1708 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.079962] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.080799] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.081165] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.082537] RSP: 0018:ffff888013fbfbb8 EFLAGS: 00010246 [ 180.082937] RAX: 0000000000000000 RBX: ffff888020fa78a8 RCX: 0000000000000000 [ 180.083469] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 180.084006] RBP: ffff888013fbfbd0 R08: ffffed10041f4f33 R09: ffffed10041f4f33 [ 180.084532] R10: ffff888020fa7993 R11: ffffed10041f4f32 R12: ffff888014392800 [ 180.085062] R13: ffff888020fa79e8 R14: ffffffff8352e670 R15: ffff888013fbfe68 [ 180.085596] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.086198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.086662] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 180.087220] PKRU: 55555554 [ 180.087436] Call Trace: [ 180.087626] [ 180.087795] __iommufd_access_detach+0x1c2/0x2b0 [ 180.088161] iommufd_access_change_pt+0x149/0x270 [ 180.088532] iommufd_access_replace+0xb4/0x120 [ 180.088882] iommufd_test+0x3e5/0x37e0 [ 180.089172] ? lock_release+0x532/0x770 [ 180.089482] ? __might_fault+0x102/0x1b0 [ 180.089797] ? lock_acquire+0x427/0x4c0 [ 180.090101] ? __pfx_iommufd_test+0x10/0x10 [ 180.090417] ? __pfx_lock_release+0x10/0x10 [ 180.090764] ? __pfx_lock_acquire+0x10/0x10 [ 180.091100] ? write_comp_data+0x2f/0x90 [ 180.091423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.091790] ? write_comp_data+0x2f/0x90 [ 180.092103] iommufd_fops_ioctl+0x37d/0x510 [ 180.092428] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.092796] ? write_comp_data+0x2f/0x90 [ 180.093110] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.093477] __x64_sys_ioctl+0x1a3/0x230 [ 180.093786] do_syscall_64+0x3b/0x90 [ 180.094076] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.094476] RIP: 0033:0x7f4b8743ee5d [ 180.094770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.096136] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.096705] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.097238] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.097764] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.098295] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.098845] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.099403] [ 180.099580] irq event stamp: 0 [ 180.099822] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.100295] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.100926] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.101551] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.102012] ---[ end trace 0000000000000000 ]--- [ 180.104636] ------------[ cut here ]------------ [ 180.105005] WARNING: CPU: 0 PID: 1708 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.105757] Modules linked in: [ 180.105993] CPU: 0 PID: 1708 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.106675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.107523] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.107894] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.109261] RSP: 0018:ffff888013fbfbd0 EFLAGS: 00010246 [ 180.109656] RAX: 0000000000000000 RBX: ffff888020fa78a8 RCX: 0000000000000000 [ 180.110180] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 180.110726] RBP: ffff888013fbfbe8 R08: ffffed10041f4f33 R09: ffffed10041f4f33 [ 180.111277] R10: ffff888020fa7993 R11: ffffed10041f4f32 R12: ffff88800f1f1400 [ 180.111813] R13: ffff888020fa79e8 R14: ffff888012870200 R15: 0000000000000000 [ 180.112340] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.112938] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.113369] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 180.113896] PKRU: 55555554 [ 180.114110] Call Trace: [ 180.114303] [ 180.114474] iommufd_access_destroy_object+0x65/0x170 [ 180.114884] iommufd_object_destroy_user+0x18e/0x220 [ 180.115289] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.115731] iommufd_access_destroy+0x43/0x70 [ 180.116077] iommufd_test_staccess_release+0x8d/0xd0 [ 180.116475] __fput+0x26d/0xa40 [ 180.116742] ____fput+0x1e/0x30 [ 180.116998] task_work_run+0x1a4/0x2d0 [ 180.117297] ? __pfx_task_work_run+0x10/0x10 [ 180.117638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.118007] ? switch_task_namespaces+0xa9/0xe0 [ 180.118360] do_exit+0xb17/0x2ef0 [ 180.118634] ? lock_acquire+0x427/0x4c0 [ 180.118945] ? __pfx_lock_release+0x10/0x10 [ 180.119286] ? __kasan_check_write+0x18/0x20 [ 180.119617] ? do_raw_spin_lock+0x132/0x2a0 [ 180.119936] ? __pfx_do_exit+0x10/0x10 [ 180.120238] ? debug_smp_processor_id+0x20/0x30 [ 180.120591] ? rcu_is_watching+0x19/0xb0 [ 180.120902] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.121243] ? trace_hardirqs_on+0x26/0x120 [ 180.121572] do_group_exit+0xe0/0x2b0 [ 180.121860] __x64_sys_exit_group+0x47/0x50 [ 180.122181] do_syscall_64+0x3b/0x90 [ 180.122464] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.122869] RIP: 0033:0x7f4b87518a4d [ 180.123158] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.123614] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.124165] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.124687] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.125207] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.125736] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.126251] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.126799] [ 180.126979] irq event stamp: 0 [ 180.127218] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.127687] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.128299] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.128900] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.129353] ---[ end trace 0000000000000000 ]--- [ 180.129997] ------------[ cut here ]------------ [ 180.130336] WARNING: CPU: 0 PID: 1708 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.131102] Modules linked in: [ 180.131348] CPU: 0 PID: 1708 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.131979] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.132785] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.133160] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.134464] RSP: 0018:ffff888013fbfb78 EFLAGS: 00010246 [ 180.134867] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.135398] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 180.135917] RBP: ffff888013fbfb98 R08: ffffed10041f4f3e R09: ffffed10041f4f3e [ 180.136445] R10: ffff888020fa79ef R11: ffffed10041f4f3d R12: ffff888020fa7a90 [ 180.136962] R13: ffff888020fa78a8 R14: ffffffffffffffff R15: ffff888013fbfc60 [ 180.137488] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.138072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.138496] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 180.139049] PKRU: 55555554 [ 180.139271] Call Trace: [ 180.139462] [ 180.139759] iommufd_ioas_destroy+0x53/0x70 [ 180.140439] iommufd_fops_release+0x1f7/0x370 [ 180.140784] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.141153] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.141586] ? write_comp_data+0x2f/0x90 [ 180.142013] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.142379] __fput+0x26d/0xa40 [ 180.142654] ____fput+0x1e/0x30 [ 180.142905] task_work_run+0x1a4/0x2d0 [ 180.143242] ? __pfx_task_work_run+0x10/0x10 [ 180.143700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.144062] ? switch_task_namespaces+0xa9/0xe0 [ 180.144420] do_exit+0xb17/0x2ef0 [ 180.144677] ? lock_acquire+0x427/0x4c0 [ 180.145032] ? __pfx_lock_release+0x10/0x10 [ 180.145429] ? __kasan_check_write+0x18/0x20 [ 180.145762] ? do_raw_spin_lock+0x132/0x2a0 [ 180.146079] ? __pfx_do_exit+0x10/0x10 [ 180.146375] ? debug_smp_processor_id+0x20/0x30 [ 180.146747] ? rcu_is_watching+0x19/0xb0 [ 180.147044] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.147551] ? trace_hardirqs_on+0x26/0x120 [ 180.147874] do_group_exit+0xe0/0x2b0 [ 180.148153] __x64_sys_exit_group+0x47/0x50 [ 180.148468] do_syscall_64+0x3b/0x90 [ 180.148746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.149190] RIP: 0033:0x7f4b87518a4d [ 180.149569] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.150016] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.150593] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.151262] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.151778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.152286] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.152956] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.153472] [ 180.153642] irq event stamp: 0 [ 180.153868] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.154444] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.155078] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.155704] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.156345] ---[ end trace 0000000000000000 ]--- [ 180.160710] ------------[ cut here ]------------ [ 180.161075] WARNING: CPU: 0 PID: 1709 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.161984] Modules linked in: [ 180.162223] CPU: 0 PID: 1709 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.162945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.163978] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.164360] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.165716] RSP: 0018:ffff888016647bb8 EFLAGS: 00010246 [ 180.166117] RAX: 0000000000000000 RBX: ffff88801794a0a8 RCX: 0000000000000000 [ 180.166665] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 180.167200] RBP: ffff888016647bd0 R08: ffffed1002f29433 R09: ffffed1002f29433 [ 180.167735] R10: ffff88801794a193 R11: ffffed1002f29432 R12: ffff888013b6b000 [ 180.168274] R13: ffff88801794a1e8 R14: ffffffff8352e670 R15: ffff888016647e68 [ 180.168814] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.169425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.169868] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 180.170408] PKRU: 55555554 [ 180.170643] Call Trace: [ 180.170844] [ 180.171016] __iommufd_access_detach+0x1c2/0x2b0 [ 180.171396] iommufd_access_change_pt+0x149/0x270 [ 180.171774] iommufd_access_replace+0xb4/0x120 [ 180.172135] iommufd_test+0x3e5/0x37e0 [ 180.172432] ? lock_release+0x532/0x770 [ 180.172746] ? __might_fault+0x102/0x1b0 [ 180.173067] ? lock_acquire+0x427/0x4c0 [ 180.173385] ? __pfx_iommufd_test+0x10/0x10 [ 180.173715] ? __pfx_lock_release+0x10/0x10 [ 180.174051] ? __pfx_lock_acquire+0x10/0x10 [ 180.174388] ? write_comp_data+0x2f/0x90 [ 180.174740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.175124] ? write_comp_data+0x2f/0x90 [ 180.175448] iommufd_fops_ioctl+0x37d/0x510 [ 180.175780] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.176173] ? write_comp_data+0x2f/0x90 [ 180.176494] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.176875] __x64_sys_ioctl+0x1a3/0x230 [ 180.177210] do_syscall_64+0x3b/0x90 [ 180.177501] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.177899] RIP: 0033:0x7f4b8743ee5d [ 180.178185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.179590] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.180167] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.180712] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.181252] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.181788] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.182327] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.182890] [ 180.183071] irq event stamp: 0 [ 180.183323] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.183804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.184443] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.185075] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.185554] ---[ end trace 0000000000000000 ]--- [ 180.188679] ------------[ cut here ]------------ [ 180.189151] WARNING: CPU: 0 PID: 1709 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.189935] Modules linked in: [ 180.190208] CPU: 0 PID: 1709 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.191029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.191890] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.192310] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.193759] RSP: 0018:ffff888016647bd0 EFLAGS: 00010246 [ 180.194293] RAX: 0000000000000000 RBX: ffff88801794a0a8 RCX: 0000000000000000 [ 180.194852] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 180.195400] RBP: ffff888016647be8 R08: ffffed1002f29433 R09: ffffed1002f29433 [ 180.196002] R10: ffff88801794a193 R11: ffffed1002f29432 R12: ffff888014393800 [ 180.196623] R13: ffff88801794a1e8 R14: ffff888012b9bb00 R15: 0000000000000000 [ 180.197165] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.197928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.198375] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 180.198936] PKRU: 55555554 [ 180.199166] Call Trace: [ 180.199365] [ 180.199568] iommufd_access_destroy_object+0x65/0x170 [ 180.200083] iommufd_object_destroy_user+0x18e/0x220 [ 180.200482] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.200936] iommufd_access_destroy+0x43/0x70 [ 180.201289] iommufd_test_staccess_release+0x8d/0xd0 [ 180.201809] __fput+0x26d/0xa40 [ 180.202077] ____fput+0x1e/0x30 [ 180.202339] task_work_run+0x1a4/0x2d0 [ 180.202665] ? __pfx_task_work_run+0x10/0x10 [ 180.203010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.203428] ? switch_task_namespaces+0xa9/0xe0 [ 180.203941] do_exit+0xb17/0x2ef0 [ 180.204220] ? lock_acquire+0x427/0x4c0 [ 180.204539] ? __pfx_lock_release+0x10/0x10 [ 180.204892] ? __kasan_check_write+0x18/0x20 [ 180.205313] ? do_raw_spin_lock+0x132/0x2a0 [ 180.205763] ? __pfx_do_exit+0x10/0x10 [ 180.206074] ? debug_smp_processor_id+0x20/0x30 [ 180.206443] ? rcu_is_watching+0x19/0xb0 [ 180.206801] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.207279] ? trace_hardirqs_on+0x26/0x120 [ 180.207626] do_group_exit+0xe0/0x2b0 [ 180.207931] __x64_sys_exit_group+0x47/0x50 [ 180.208270] do_syscall_64+0x3b/0x90 [ 180.208571] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.209015] RIP: 0033:0x7f4b87518a4d [ 180.209457] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.209941] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.210570] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.211315] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.211882] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.212453] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.213149] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.213711] [ 180.213896] irq event stamp: 0 [ 180.214167] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.214777] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.215444] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.216171] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.216744] ---[ end trace 0000000000000000 ]--- [ 180.218088] ------------[ cut here ]------------ [ 180.218462] WARNING: CPU: 0 PID: 1709 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.219339] Modules linked in: [ 180.219677] CPU: 0 PID: 1709 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.220366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.221317] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.221761] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.223343] RSP: 0018:ffff888016647b78 EFLAGS: 00010246 [ 180.223769] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.224346] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 180.225053] RBP: ffff888016647b98 R08: ffffed1002f2943e R09: ffffed1002f2943e [ 180.225633] R10: ffff88801794a1ef R11: ffffed1002f2943d R12: ffff88801794a290 [ 180.226293] R13: ffff88801794a0a8 R14: ffffffffffffffff R15: ffff888016647c60 [ 180.226977] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.227658] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.228210] CR2: 00007f82e2bcc008 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 180.228891] PKRU: 55555554 [ 180.229124] Call Trace: [ 180.229333] [ 180.229524] iommufd_ioas_destroy+0x53/0x70 [ 180.229963] iommufd_fops_release+0x1f7/0x370 [ 180.230413] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.230849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.231282] ? write_comp_data+0x2f/0x90 [ 180.231703] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.232215] __fput+0x26d/0xa40 [ 180.232505] ____fput+0x1e/0x30 [ 180.232795] task_work_run+0x1a4/0x2d0 [ 180.233134] ? __pfx_task_work_run+0x10/0x10 [ 180.233583] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.234049] ? switch_task_namespaces+0xa9/0xe0 [ 180.234446] do_exit+0xb17/0x2ef0 [ 180.234756] ? lock_acquire+0x427/0x4c0 [ 180.235132] ? __pfx_lock_release+0x10/0x10 [ 180.235621] ? __kasan_check_write+0x18/0x20 [ 180.235996] ? do_raw_spin_lock+0x132/0x2a0 [ 180.236362] ? __pfx_do_exit+0x10/0x10 [ 180.236691] ? debug_smp_processor_id+0x20/0x30 [ 180.237235] ? rcu_is_watching+0x19/0xb0 [ 180.237576] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.237957] ? trace_hardirqs_on+0x26/0x120 [ 180.238320] do_group_exit+0xe0/0x2b0 [ 180.238694] __x64_sys_exit_group+0x47/0x50 [ 180.239155] do_syscall_64+0x3b/0x90 [ 180.239475] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.239912] RIP: 0033:0x7f4b87518a4d [ 180.240227] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.240886] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.241510] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.242099] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.242851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.243448] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.244111] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.244795] [ 180.244989] irq event stamp: 0 [ 180.245252] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.245842] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.246644] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.247350] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.248022] ---[ end trace 0000000000000000 ]--- [ 180.253826] ------------[ cut here ]------------ [ 180.254228] WARNING: CPU: 0 PID: 1710 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.255237] Modules linked in: [ 180.255501] CPU: 0 PID: 1710 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.256206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.257117] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.257519] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.258997] RSP: 0018:ffff88801724fbb8 EFLAGS: 00010246 [ 180.259440] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 180.260006] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 180.260588] RBP: ffff88801724fbd0 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 180.261164] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff88800fcb0400 [ 180.261738] R13: ffff88801781f9e8 R14: ffffffff8352e670 R15: ffff88801724fe68 [ 180.262315] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.262977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.263459] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 180.264034] PKRU: 55555554 [ 180.264265] Call Trace: [ 180.264473] [ 180.264657] __iommufd_access_detach+0x1c2/0x2b0 [ 180.265056] iommufd_access_change_pt+0x149/0x270 [ 180.265456] iommufd_access_replace+0xb4/0x120 [ 180.265839] iommufd_test+0x3e5/0x37e0 [ 180.266155] ? lock_release+0x532/0x770 [ 180.266490] ? __might_fault+0x102/0x1b0 [ 180.266849] ? lock_acquire+0x427/0x4c0 [ 180.267191] ? __pfx_iommufd_test+0x10/0x10 [ 180.267543] ? __pfx_lock_release+0x10/0x10 [ 180.267901] ? __pfx_lock_acquire+0x10/0x10 [ 180.268261] ? write_comp_data+0x2f/0x90 [ 180.268601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.268999] ? write_comp_data+0x2f/0x90 [ 180.269338] iommufd_fops_ioctl+0x37d/0x510 [ 180.269692] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.270090] ? write_comp_data+0x2f/0x90 [ 180.270431] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.270846] __x64_sys_ioctl+0x1a3/0x230 [ 180.271198] do_syscall_64+0x3b/0x90 [ 180.271512] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.271940] RIP: 0033:0x7f4b8743ee5d [ 180.272246] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.273716] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.274331] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.274929] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.275516] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.276092] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.276670] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.277258] [ 180.277449] irq event stamp: 0 [ 180.277705] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.278213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.278909] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.279600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.280111] ---[ end trace 0000000000000000 ]--- [ 180.283259] ------------[ cut here ]------------ [ 180.283787] WARNING: CPU: 0 PID: 1710 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.284585] Modules linked in: [ 180.284839] CPU: 0 PID: 1710 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.285603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.286603] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.287001] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.288611] RSP: 0018:ffff88801724fbd0 EFLAGS: 00010246 [ 180.289035] RAX: 0000000000000000 RBX: ffff88801781f8a8 RCX: 0000000000000000 [ 180.289750] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 180.290315] RBP: ffff88801724fbe8 R08: ffffed1002f03f33 R09: ffffed1002f03f33 [ 180.290916] R10: ffff88801781f993 R11: ffffed1002f03f32 R12: ffff888013b69c00 [ 180.291532] R13: ffff88801781f9e8 R14: ffff888020929100 R15: 0000000000000000 [ 180.292225] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.292878] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.293409] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 180.294068] PKRU: 55555554 [ 180.294298] Call Trace: [ 180.294502] [ 180.294715] iommufd_access_destroy_object+0x65/0x170 [ 180.295141] iommufd_object_destroy_user+0x18e/0x220 [ 180.295709] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.296187] iommufd_access_destroy+0x43/0x70 [ 180.296560] iommufd_test_staccess_release+0x8d/0xd0 [ 180.296976] __fput+0x26d/0xa40 [ 180.297326] ____fput+0x1e/0x30 [ 180.297696] task_work_run+0x1a4/0x2d0 [ 180.298024] ? __pfx_task_work_run+0x10/0x10 [ 180.298391] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.298834] ? switch_task_namespaces+0xa9/0xe0 [ 180.299245] do_exit+0xb17/0x2ef0 [ 180.299612] ? lock_acquire+0x427/0x4c0 [ 180.300076] ? __pfx_lock_release+0x10/0x10 [ 180.300447] ? __kasan_check_write+0x18/0x20 [ 180.300817] ? do_raw_spin_lock+0x132/0x2a0 [ 180.301175] ? __pfx_do_exit+0x10/0x10 [ 180.301676] ? debug_smp_processor_id+0x20/0x30 [ 180.302065] ? rcu_is_watching+0x19/0xb0 [ 180.302413] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.302819] ? trace_hardirqs_on+0x26/0x120 [ 180.303197] do_group_exit+0xe0/0x2b0 [ 180.303548] __x64_sys_exit_group+0x47/0x50 [ 180.304044] do_syscall_64+0x3b/0x90 [ 180.304358] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.304792] RIP: 0033:0x7f4b87518a4d [ 180.305100] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.305781] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.306404] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.307008] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.307601] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.308367] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.308955] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.309593] [ 180.309846] irq event stamp: 0 [ 180.310229] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.310801] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.311556] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.312484] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.313033] ---[ end trace 0000000000000000 ]--- [ 180.313779] ------------[ cut here ]------------ [ 180.314189] WARNING: CPU: 0 PID: 1710 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.315126] Modules linked in: [ 180.315418] CPU: 0 PID: 1710 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.316171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.317148] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.317600] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.319220] RSP: 0018:ffff88801724fb78 EFLAGS: 00010246 [ 180.319702] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.320315] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 180.320933] RBP: ffff88801724fb98 R08: ffffed1002f03f3e R09: ffffed1002f03f3e [ 180.321549] R10: ffff88801781f9ef R11: ffffed1002f03f3d R12: ffff88801781fa90 [ 180.322160] R13: ffff88801781f8a8 R14: ffffffffffffffff R15: ffff88801724fc60 [ 180.322798] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.323507] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.324009] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 180.324626] PKRU: 55555554 [ 180.324877] Call Trace: [ 180.325101] [ 180.325301] iommufd_ioas_destroy+0x53/0x70 [ 180.325687] iommufd_fops_release+0x1f7/0x370 [ 180.326087] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.326554] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.326984] ? write_comp_data+0x2f/0x90 [ 180.327361] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.327803] __fput+0x26d/0xa40 [ 180.328107] ____fput+0x1e/0x30 [ 180.328408] task_work_run+0x1a4/0x2d0 [ 180.328754] ? __pfx_task_work_run+0x10/0x10 [ 180.329145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.329576] ? switch_task_namespaces+0xa9/0xe0 [ 180.329995] do_exit+0xb17/0x2ef0 [ 180.330310] ? lock_acquire+0x427/0x4c0 [ 180.330694] ? __pfx_lock_release+0x10/0x10 [ 180.331083] ? __kasan_check_write+0x18/0x20 [ 180.331483] ? do_raw_spin_lock+0x132/0x2a0 [ 180.331863] ? __pfx_do_exit+0x10/0x10 [ 180.332210] ? debug_smp_processor_id+0x20/0x30 [ 180.332616] ? rcu_is_watching+0x19/0xb0 [ 180.332975] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.333369] ? trace_hardirqs_on+0x26/0x120 [ 180.333756] do_group_exit+0xe0/0x2b0 [ 180.334094] __x64_sys_exit_group+0x47/0x50 [ 180.334475] do_syscall_64+0x3b/0x90 [ 180.334836] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.335314] RIP: 0033:0x7f4b87518a4d [ 180.335641] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.336174] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.336835] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.337454] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.338081] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.338744] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.339399] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.340027] [ 180.340229] irq event stamp: 0 [ 180.340503] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.341048] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.341774] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.342496] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.343073] ---[ end trace 0000000000000000 ]--- [ 180.347821] ------------[ cut here ]------------ [ 180.348271] WARNING: CPU: 0 PID: 1711 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.349145] Modules linked in: [ 180.349422] CPU: 0 PID: 1711 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.350173] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.351188] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.351624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.353203] RSP: 0018:ffff888010b97bb8 EFLAGS: 00010246 [ 180.353674] RAX: 0000000000000000 RBX: ffff88800f3740a8 RCX: 0000000000000000 [ 180.354288] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 180.354931] RBP: ffff888010b97bd0 R08: ffffed1001e6e833 R09: ffffed1001e6e833 [ 180.355567] R10: ffff88800f374193 R11: ffffed1001e6e832 R12: ffff888014581800 [ 180.356197] R13: ffff88800f3741e8 R14: ffffffff8352e670 R15: ffff888010b97e68 [ 180.356849] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.357581] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.358112] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 180.358794] PKRU: 55555554 [ 180.359069] Call Trace: [ 180.359316] [ 180.359524] __iommufd_access_detach+0x1c2/0x2b0 [ 180.359991] iommufd_access_change_pt+0x149/0x270 [ 180.360454] iommufd_access_replace+0xb4/0x120 [ 180.360891] iommufd_test+0x3e5/0x37e0 [ 180.361259] ? lock_release+0x532/0x770 [ 180.361639] ? __might_fault+0x102/0x1b0 [ 180.362020] ? lock_acquire+0x427/0x4c0 [ 180.362407] ? __pfx_iommufd_test+0x10/0x10 [ 180.362853] ? __pfx_lock_release+0x10/0x10 [ 180.363286] ? __pfx_lock_acquire+0x10/0x10 [ 180.363705] ? write_comp_data+0x2f/0x90 [ 180.364098] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.364562] ? write_comp_data+0x2f/0x90 [ 180.364955] iommufd_fops_ioctl+0x37d/0x510 [ 180.365367] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.365822] ? write_comp_data+0x2f/0x90 [ 180.366212] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.366702] __x64_sys_ioctl+0x1a3/0x230 [ 180.367099] do_syscall_64+0x3b/0x90 [ 180.367475] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.367964] RIP: 0033:0x7f4b8743ee5d [ 180.368315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.370000] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.370744] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.371420] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.372076] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.372730] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.373394] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.374074] [ 180.374298] irq event stamp: 0 [ 180.374643] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.375256] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.376034] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.376807] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.377398] ---[ end trace 0000000000000000 ]--- [ 180.380507] ------------[ cut here ]------------ [ 180.380991] WARNING: CPU: 0 PID: 1711 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.381940] Modules linked in: [ 180.382245] CPU: 0 PID: 1711 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.383349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.384416] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.384891] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.386626] RSP: 0018:ffff888010b97bd0 EFLAGS: 00010246 [ 180.387145] RAX: 0000000000000000 RBX: ffff88800f3740a8 RCX: 0000000000000000 [ 180.387807] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 180.388472] RBP: ffff888010b97be8 R08: ffffed1001e6e833 R09: ffffed1001e6e833 [ 180.389136] R10: ffff88800f374193 R11: ffffed1001e6e832 R12: ffff88800fcb2c00 [ 180.389810] R13: ffff88800f3741e8 R14: ffff88800f503500 R15: 0000000000000000 [ 180.390468] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.391261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.391864] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 180.392600] PKRU: 55555554 [ 180.392893] Call Trace: [ 180.393157] [ 180.393406] iommufd_access_destroy_object+0x65/0x170 [ 180.393944] iommufd_object_destroy_user+0x18e/0x220 [ 180.394470] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.395106] iommufd_access_destroy+0x43/0x70 [ 180.395615] iommufd_test_staccess_release+0x8d/0xd0 [ 180.396156] __fput+0x26d/0xa40 [ 180.396522] ____fput+0x1e/0x30 [ 180.396881] task_work_run+0x1a4/0x2d0 [ 180.397309] ? __pfx_task_work_run+0x10/0x10 [ 180.397814] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.398482] ? switch_task_namespaces+0xa9/0xe0 [ 180.399302] do_exit+0xb17/0x2ef0 [ 180.399680] ? lock_acquire+0x427/0x4c0 [ 180.400109] ? __pfx_lock_release+0x10/0x10 [ 180.400562] ? __kasan_check_write+0x18/0x20 [ 180.401021] ? do_raw_spin_lock+0x132/0x2a0 [ 180.401475] ? __pfx_do_exit+0x10/0x10 [ 180.401894] ? debug_smp_processor_id+0x20/0x30 [ 180.402472] ? rcu_is_watching+0x19/0xb0 [ 180.403137] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.403796] ? trace_hardirqs_on+0x26/0x120 [ 180.404265] do_group_exit+0xe0/0x2b0 [ 180.404667] __x64_sys_exit_group+0x47/0x50 [ 180.405116] do_syscall_64+0x3b/0x90 [ 180.405509] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.406048] RIP: 0033:0x7f4b87518a4d [ 180.406433] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.407299] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.408284] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.409014] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.409743] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.410475] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.411429] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.412356] [ 180.412602] irq event stamp: 0 [ 180.412925] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.413564] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.414419] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.415488] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.416303] ---[ end trace 0000000000000000 ]--- [ 180.417950] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 180.420672] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 180.432320] ------------[ cut here ]------------ [ 180.432851] WARNING: CPU: 0 PID: 1711 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.433895] Modules linked in: [ 180.434228] CPU: 0 PID: 1711 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.435231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.436388] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.436926] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.439247] RSP: 0018:ffff888010b97b78 EFLAGS: 00010246 [ 180.439819] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.440561] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 180.441305] RBP: ffff888010b97b98 R08: ffffed1001e6e83e R09: ffffed1001e6e83e [ 180.442063] R10: ffff88800f3741ef R11: ffffed1001e6e83d R12: ffff88800f374290 [ 180.442832] R13: ffff88800f3740a8 R14: ffffffffffffffff R15: ffff888010b97c60 [ 180.443591] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 180.444435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.445048] CR2: 00007f82e2e6d000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 180.445806] PKRU: 55555554 [ 180.446111] Call Trace: [ 180.446386] [ 180.446663] iommufd_ioas_destroy+0x53/0x70 [ 180.447151] iommufd_fops_release+0x1f7/0x370 [ 180.447630] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.448168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.448694] ? write_comp_data+0x2f/0x90 [ 180.449147] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.449672] __fput+0x26d/0xa40 [ 180.450044] ____fput+0x1e/0x30 [ 180.450405] task_work_run+0x1a4/0x2d0 [ 180.450865] ? __pfx_task_work_run+0x10/0x10 [ 180.451363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.451884] ? switch_task_namespaces+0xa9/0xe0 [ 180.452395] do_exit+0xb17/0x2ef0 [ 180.452771] ? lock_acquire+0x427/0x4c0 [ 180.453200] ? __pfx_lock_release+0x10/0x10 [ 180.453662] ? __kasan_check_write+0x18/0x20 [ 180.454126] ? do_raw_spin_lock+0x132/0x2a0 [ 180.454628] ? __pfx_do_exit+0x10/0x10 [ 180.455058] ? debug_smp_processor_id+0x20/0x30 [ 180.455567] ? rcu_is_watching+0x19/0xb0 [ 180.455998] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.456492] ? trace_hardirqs_on+0x26/0x120 [ 180.456961] do_group_exit+0xe0/0x2b0 [ 180.457366] __x64_sys_exit_group+0x47/0x50 [ 180.457825] do_syscall_64+0x3b/0x90 [ 180.458229] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.458840] RIP: 0033:0x7f4b87518a4d [ 180.459247] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.459892] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.460688] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.461430] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.462173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.462973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.463737] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.464497] [ 180.464745] irq event stamp: 0 [ 180.465072] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.465727] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.466657] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.467551] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.468212] ---[ end trace 0000000000000000 ]--- [ 180.476235] ------------[ cut here ]------------ [ 180.476952] WARNING: CPU: 1 PID: 1713 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.478632] Modules linked in: [ 180.479087] CPU: 1 PID: 1713 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.480497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.481979] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.482681] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.485151] RSP: 0018:ffff8880128d7bb8 EFLAGS: 00010246 [ 180.485868] RAX: 0000000000000000 RBX: ffff888015d940a8 RCX: 0000000000000000 [ 180.486823] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 180.487771] RBP: ffff8880128d7bd0 R08: ffffed1002bb2833 R09: ffffed1002bb2833 [ 180.488700] R10: ffff888015d94193 R11: ffffed1002bb2832 R12: ffff888012e91400 [ 180.489644] R13: ffff888015d941e8 R14: ffffffff8352e670 R15: ffff8880128d7e68 [ 180.490641] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.491727] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.492515] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 180.493533] PKRU: 55555554 [ 180.494074] Call Trace: [ 180.494420] [ 180.494797] __iommufd_access_detach+0x1c2/0x2b0 [ 180.495483] iommufd_access_change_pt+0x149/0x270 [ 180.496141] iommufd_access_replace+0xb4/0x120 [ 180.496961] iommufd_test+0x3e5/0x37e0 [ 180.497482] ? lock_release+0x532/0x770 [ 180.498026] ? __might_fault+0x102/0x1b0 [ 180.498655] ? lock_acquire+0x427/0x4c0 [ 180.499242] ? __pfx_iommufd_test+0x10/0x10 [ 180.499829] ? __pfx_lock_release+0x10/0x10 [ 180.500430] ? __pfx_lock_acquire+0x10/0x10 [ 180.501016] ? write_comp_data+0x2f/0x90 [ 180.501566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.502216] ? write_comp_data+0x2f/0x90 [ 180.502821] iommufd_fops_ioctl+0x37d/0x510 [ 180.503434] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.504102] ? write_comp_data+0x2f/0x90 [ 180.504669] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.505331] __x64_sys_ioctl+0x1a3/0x230 [ 180.505930] do_syscall_64+0x3b/0x90 [ 180.506442] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.507181] RIP: 0033:0x7f4b8743ee5d [ 180.507685] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.510041] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.511074] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.512040] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.512966] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.513889] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.514905] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.516063] [ 180.516387] irq event stamp: 0 [ 180.516813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.517641] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.518795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.519912] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.520743] ---[ end trace 0000000000000000 ]--- [ 180.526293] ------------[ cut here ]------------ [ 180.527094] WARNING: CPU: 1 PID: 1713 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.528486] Modules linked in: [ 180.529023] CPU: 1 PID: 1713 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.530160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.531921] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.532470] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.534809] RSP: 0018:ffff8880128d7bd0 EFLAGS: 00010246 [ 180.535408] RAX: 0000000000000000 RBX: ffff888015d940a8 RCX: 0000000000000000 [ 180.536371] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 180.537118] RBP: ffff8880128d7be8 R08: ffffed1002bb2833 R09: ffffed1002bb2833 [ 180.537871] R10: ffff888015d94193 R11: ffffed1002bb2832 R12: ffff888013b23400 [ 180.538854] R13: ffff888015d941e8 R14: ffff88800f253e00 R15: 0000000000000000 [ 180.539620] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.540462] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.541289] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.542053] PKRU: 55555554 [ 180.542362] Call Trace: [ 180.542660] [ 180.542905] iommufd_access_destroy_object+0x65/0x170 [ 180.543479] iommufd_object_destroy_user+0x18e/0x220 [ 180.544242] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.544871] iommufd_access_destroy+0x43/0x70 [ 180.545367] iommufd_test_staccess_release+0x8d/0xd0 [ 180.545959] __fput+0x26d/0xa40 [ 180.546453] ____fput+0x1e/0x30 [ 180.546856] task_work_run+0x1a4/0x2d0 [ 180.547313] ? __pfx_task_work_run+0x10/0x10 [ 180.547791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.548319] ? switch_task_namespaces+0xa9/0xe0 [ 180.549050] do_exit+0xb17/0x2ef0 [ 180.549421] ? lock_acquire+0x427/0x4c0 [ 180.549847] ? __pfx_lock_release+0x10/0x10 [ 180.550312] ? __kasan_check_write+0x18/0x20 [ 180.550815] ? do_raw_spin_lock+0x132/0x2a0 [ 180.551469] ? __pfx_do_exit+0x10/0x10 [ 180.551890] ? debug_smp_processor_id+0x20/0x30 [ 180.552389] ? rcu_is_watching+0x19/0xb0 [ 180.552827] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.553322] ? trace_hardirqs_on+0x26/0x120 [ 180.553897] do_group_exit+0xe0/0x2b0 [ 180.554386] __x64_sys_exit_group+0x47/0x50 [ 180.554872] do_syscall_64+0x3b/0x90 [ 180.555297] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.555852] RIP: 0033:0x7f4b87518a4d [ 180.556293] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.557103] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.557910] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.558788] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.559592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.560336] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.561080] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.562009] [ 180.562253] irq event stamp: 0 [ 180.562619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.563283] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.564343] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.565201] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.565847] ---[ end trace 0000000000000000 ]--- [ 180.566822] ------------[ cut here ]------------ [ 180.567325] WARNING: CPU: 1 PID: 1713 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.568367] Modules linked in: [ 180.568699] CPU: 1 PID: 1713 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.569598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.570782] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.571323] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.573177] RSP: 0018:ffff8880128d7b78 EFLAGS: 00010246 [ 180.573718] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.574441] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 180.575249] RBP: ffff8880128d7b98 R08: ffffed1002bb283e R09: ffffed1002bb283e [ 180.575980] R10: ffff888015d941ef R11: ffffed1002bb283d R12: ffff888015d94290 [ 180.576672] R13: ffff888015d940a8 R14: ffffffffffffffff R15: ffff8880128d7c60 [ 180.577341] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.578096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.578662] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.579360] PKRU: 55555554 [ 180.579629] Call Trace: [ 180.579872] [ 180.580088] iommufd_ioas_destroy+0x53/0x70 [ 180.580508] iommufd_fops_release+0x1f7/0x370 [ 180.580939] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.581412] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.581875] ? write_comp_data+0x2f/0x90 [ 180.582266] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.582767] __fput+0x26d/0xa40 [ 180.583101] ____fput+0x1e/0x30 [ 180.583433] task_work_run+0x1a4/0x2d0 [ 180.583813] ? __pfx_task_work_run+0x10/0x10 [ 180.584234] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.584699] ? switch_task_namespaces+0xa9/0xe0 [ 180.585148] do_exit+0xb17/0x2ef0 [ 180.585479] ? lock_acquire+0x427/0x4c0 [ 180.585864] ? __pfx_lock_release+0x10/0x10 [ 180.586284] ? __kasan_check_write+0x18/0x20 [ 180.586733] ? do_raw_spin_lock+0x132/0x2a0 [ 180.587147] ? __pfx_do_exit+0x10/0x10 [ 180.587517] ? debug_smp_processor_id+0x20/0x30 [ 180.587949] ? rcu_is_watching+0x19/0xb0 [ 180.588332] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.588766] ? trace_hardirqs_on+0x26/0x120 [ 180.589176] do_group_exit+0xe0/0x2b0 [ 180.589534] __x64_sys_exit_group+0x47/0x50 [ 180.589936] do_syscall_64+0x3b/0x90 [ 180.590292] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.590800] RIP: 0033:0x7f4b87518a4d [ 180.591149] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.591710] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.592413] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.593072] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.593721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.594368] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.595033] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.595690] [ 180.595892] irq event stamp: 0 [ 180.596163] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.596704] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.597422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.598133] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.598690] ---[ end trace 0000000000000000 ]--- [ 180.603850] ------------[ cut here ]------------ [ 180.604306] WARNING: CPU: 1 PID: 1714 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.605177] Modules linked in: [ 180.605453] CPU: 1 PID: 1714 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.606214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.607217] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.607655] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.609240] RSP: 0018:ffff888014b8fbb8 EFLAGS: 00010246 [ 180.609704] RAX: 0000000000000000 RBX: ffff88800f5528a8 RCX: 0000000000000000 [ 180.610329] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 180.610960] RBP: ffff888014b8fbd0 R08: ffffed1001eaa533 R09: ffffed1001eaa533 [ 180.611590] R10: ffff88800f552993 R11: ffffed1001eaa532 R12: ffff888010cf8000 [ 180.612210] R13: ffff88800f5529e8 R14: ffffffff8352e670 R15: ffff888014b8fe68 [ 180.612820] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.613510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.614023] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 180.614663] PKRU: 55555554 [ 180.614916] Call Trace: [ 180.615151] [ 180.615346] __iommufd_access_detach+0x1c2/0x2b0 [ 180.615771] iommufd_access_change_pt+0x149/0x270 [ 180.616194] iommufd_access_replace+0xb4/0x120 [ 180.616583] iommufd_test+0x3e5/0x37e0 [ 180.616904] ? lock_release+0x532/0x770 [ 180.617244] ? __might_fault+0x102/0x1b0 [ 180.617595] ? lock_acquire+0x427/0x4c0 [ 180.617939] ? __pfx_iommufd_test+0x10/0x10 [ 180.618295] ? __pfx_lock_release+0x10/0x10 [ 180.618677] ? __pfx_lock_acquire+0x10/0x10 [ 180.619044] ? write_comp_data+0x2f/0x90 [ 180.619401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.619817] ? write_comp_data+0x2f/0x90 [ 180.620165] iommufd_fops_ioctl+0x37d/0x510 [ 180.620522] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.620922] ? write_comp_data+0x2f/0x90 [ 180.621260] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.621658] __x64_sys_ioctl+0x1a3/0x230 [ 180.622004] do_syscall_64+0x3b/0x90 [ 180.622324] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.622772] RIP: 0033:0x7f4b8743ee5d [ 180.623084] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.624579] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.625210] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.625796] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.626376] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.626979] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.627571] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.628165] [ 180.628357] irq event stamp: 0 [ 180.628622] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.629153] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.629856] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.630568] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.631096] ---[ end trace 0000000000000000 ]--- [ 180.633919] ------------[ cut here ]------------ [ 180.634338] WARNING: CPU: 1 PID: 1714 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.635209] Modules linked in: [ 180.635483] CPU: 1 PID: 1714 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.636206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.637134] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.637547] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.639068] RSP: 0018:ffff888014b8fbd0 EFLAGS: 00010246 [ 180.639524] RAX: 0000000000000000 RBX: ffff88800f5528a8 RCX: 0000000000000000 [ 180.640109] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 180.640700] RBP: ffff888014b8fbe8 R08: ffffed1001eaa533 R09: ffffed1001eaa533 [ 180.641289] R10: ffff88800f552993 R11: ffffed1001eaa532 R12: ffff888012e92800 [ 180.641881] R13: ffff88800f5529e8 R14: ffff888012b9b800 R15: 0000000000000000 [ 180.642470] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.643161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.643647] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.644236] PKRU: 55555554 [ 180.644473] Call Trace: [ 180.644690] [ 180.644881] iommufd_access_destroy_object+0x65/0x170 [ 180.645313] iommufd_object_destroy_user+0x18e/0x220 [ 180.645742] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.646231] iommufd_access_destroy+0x43/0x70 [ 180.646634] iommufd_test_staccess_release+0x8d/0xd0 [ 180.647068] __fput+0x26d/0xa40 [ 180.647365] ____fput+0x1e/0x30 [ 180.647648] task_work_run+0x1a4/0x2d0 [ 180.647982] ? __pfx_task_work_run+0x10/0x10 [ 180.648351] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.648760] ? switch_task_namespaces+0xa9/0xe0 [ 180.649157] do_exit+0xb17/0x2ef0 [ 180.649448] ? lock_acquire+0x427/0x4c0 [ 180.649789] ? __pfx_lock_release+0x10/0x10 [ 180.650154] ? __kasan_check_write+0x18/0x20 [ 180.650541] ? do_raw_spin_lock+0x132/0x2a0 [ 180.650907] ? __pfx_do_exit+0x10/0x10 [ 180.651255] ? debug_smp_processor_id+0x20/0x30 [ 180.651647] ? rcu_is_watching+0x19/0xb0 [ 180.651987] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.652369] ? trace_hardirqs_on+0x26/0x120 [ 180.652736] do_group_exit+0xe0/0x2b0 [ 180.653054] __x64_sys_exit_group+0x47/0x50 [ 180.653417] do_syscall_64+0x3b/0x90 [ 180.653738] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.654173] RIP: 0033:0x7f4b87518a4d [ 180.654484] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.655014] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.655646] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.656214] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.656785] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.657352] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.657920] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.658495] [ 180.658707] irq event stamp: 0 [ 180.658960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.659473] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.660146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.660820] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.661324] ---[ end trace 0000000000000000 ]--- [ 180.662016] ------------[ cut here ]------------ [ 180.662385] WARNING: CPU: 1 PID: 1714 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.663219] Modules linked in: [ 180.663483] CPU: 1 PID: 1714 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.664183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.665079] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.665493] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.666971] RSP: 0018:ffff888014b8fb78 EFLAGS: 00010246 [ 180.667408] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.667982] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 180.668594] RBP: ffff888014b8fb98 R08: ffffed1001eaa53e R09: ffffed1001eaa53e [ 180.669288] R10: ffff88800f5529ef R11: ffffed1001eaa53d R12: ffff88800f552a90 [ 180.669844] R13: ffff88800f5528a8 R14: ffffffffffffffff R15: ffff888014b8fc60 [ 180.670398] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.671175] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.671641] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.672202] PKRU: 55555554 [ 180.672428] Call Trace: [ 180.672646] [ 180.672875] iommufd_ioas_destroy+0x53/0x70 [ 180.673261] iommufd_fops_release+0x1f7/0x370 [ 180.673626] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.674025] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.674419] ? write_comp_data+0x2f/0x90 [ 180.674871] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.675278] __fput+0x26d/0xa40 [ 180.675559] ____fput+0x1e/0x30 [ 180.675831] task_work_run+0x1a4/0x2d0 [ 180.676151] ? __pfx_task_work_run+0x10/0x10 [ 180.676507] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.677017] ? switch_task_namespaces+0xa9/0xe0 [ 180.677404] do_exit+0xb17/0x2ef0 [ 180.677680] ? lock_acquire+0x427/0x4c0 [ 180.678005] ? __pfx_lock_release+0x10/0x10 [ 180.678355] ? __kasan_check_write+0x18/0x20 [ 180.678839] ? do_raw_spin_lock+0x132/0x2a0 [ 180.679198] ? __pfx_do_exit+0x10/0x10 [ 180.679519] ? debug_smp_processor_id+0x20/0x30 [ 180.679894] ? rcu_is_watching+0x19/0xb0 [ 180.680219] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.680635] ? trace_hardirqs_on+0x26/0x120 [ 180.681045] do_group_exit+0xe0/0x2b0 [ 180.681352] __x64_sys_exit_group+0x47/0x50 [ 180.681693] do_syscall_64+0x3b/0x90 [ 180.681998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.682475] RIP: 0033:0x7f4b87518a4d [ 180.682851] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.683343] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.683943] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.684531] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.685179] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.685740] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.686329] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.687002] [ 180.687203] irq event stamp: 0 [ 180.687458] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.687971] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.688815] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.689514] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.690042] ---[ end trace 0000000000000000 ]--- [ 180.693788] ------------[ cut here ]------------ [ 180.694214] WARNING: CPU: 1 PID: 1715 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.695226] Modules linked in: [ 180.695493] CPU: 1 PID: 1715 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.696212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.697258] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.697671] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.699534] RSP: 0018:ffff888020f9fbb8 EFLAGS: 00010246 [ 180.699983] RAX: 0000000000000000 RBX: ffff888012b2b8a8 RCX: 0000000000000000 [ 180.700571] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 180.701292] RBP: ffff888020f9fbd0 R08: ffffed1002565733 R09: ffffed1002565733 [ 180.701878] R10: ffff888012b2b993 R11: ffffed1002565732 R12: ffff88801351c400 [ 180.702468] R13: ffff888012b2b9e8 R14: ffffffff8352e670 R15: ffff888020f9fe68 [ 180.703201] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.703871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.704349] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 180.705060] PKRU: 55555554 [ 180.705299] Call Trace: [ 180.705514] [ 180.705705] __iommufd_access_detach+0x1c2/0x2b0 [ 180.706115] iommufd_access_change_pt+0x149/0x270 [ 180.706567] iommufd_access_replace+0xb4/0x120 [ 180.707020] iommufd_test+0x3e5/0x37e0 [ 180.707352] ? lock_release+0x532/0x770 [ 180.707697] ? __might_fault+0x102/0x1b0 [ 180.708048] ? lock_acquire+0x427/0x4c0 [ 180.708389] ? __pfx_iommufd_test+0x10/0x10 [ 180.708846] ? __pfx_lock_release+0x10/0x10 [ 180.709215] ? __pfx_lock_acquire+0x10/0x10 [ 180.709586] ? write_comp_data+0x2f/0x90 [ 180.709940] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.710354] ? write_comp_data+0x2f/0x90 [ 180.710856] iommufd_fops_ioctl+0x37d/0x510 [ 180.711249] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.711684] ? write_comp_data+0x2f/0x90 [ 180.712046] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.712471] __x64_sys_ioctl+0x1a3/0x230 [ 180.712886] do_syscall_64+0x3b/0x90 [ 180.713286] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.713743] RIP: 0033:0x7f4b8743ee5d [ 180.714069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.715811] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.716483] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.717219] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.717844] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.718468] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.719255] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.719886] [ 180.720099] irq event stamp: 0 [ 180.720376] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.720928] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.721822] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.722583] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.723153] ---[ end trace 0000000000000000 ]--- [ 180.726204] ------------[ cut here ]------------ [ 180.726680] WARNING: CPU: 1 PID: 1715 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.727583] Modules linked in: [ 180.727866] CPU: 1 PID: 1715 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.728629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.729608] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.730043] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.731653] RSP: 0018:ffff888020f9fbd0 EFLAGS: 00010246 [ 180.732122] RAX: 0000000000000000 RBX: ffff888012b2b8a8 RCX: 0000000000000000 [ 180.732741] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 180.733374] RBP: ffff888020f9fbe8 R08: ffffed1002565733 R09: ffffed1002565733 [ 180.733987] R10: ffff888012b2b993 R11: ffffed1002565732 R12: ffff888010cfb000 [ 180.734618] R13: ffff888012b2b9e8 R14: ffff88800ace4600 R15: 0000000000000000 [ 180.735248] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.735941] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.736440] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.737065] PKRU: 55555554 [ 180.737310] Call Trace: [ 180.737536] [ 180.737733] iommufd_access_destroy_object+0x65/0x170 [ 180.738186] iommufd_object_destroy_user+0x18e/0x220 [ 180.738655] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.739175] iommufd_access_destroy+0x43/0x70 [ 180.739576] iommufd_test_staccess_release+0x8d/0xd0 [ 180.740026] __fput+0x26d/0xa40 [ 180.740335] ____fput+0x1e/0x30 [ 180.740634] task_work_run+0x1a4/0x2d0 [ 180.740979] ? __pfx_task_work_run+0x10/0x10 [ 180.741369] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.741793] ? switch_task_namespaces+0xa9/0xe0 [ 180.742199] do_exit+0xb17/0x2ef0 [ 180.742524] ? lock_acquire+0x427/0x4c0 [ 180.742885] ? __pfx_lock_release+0x10/0x10 [ 180.743282] ? __kasan_check_write+0x18/0x20 [ 180.743670] ? do_raw_spin_lock+0x132/0x2a0 [ 180.744052] ? __pfx_do_exit+0x10/0x10 [ 180.744396] ? debug_smp_processor_id+0x20/0x30 [ 180.744805] ? rcu_is_watching+0x19/0xb0 [ 180.745162] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.745561] ? trace_hardirqs_on+0x26/0x120 [ 180.745942] do_group_exit+0xe0/0x2b0 [ 180.746277] __x64_sys_exit_group+0x47/0x50 [ 180.746665] do_syscall_64+0x3b/0x90 [ 180.746997] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.747456] RIP: 0033:0x7f4b87518a4d [ 180.747786] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.748323] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.748979] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.749590] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.750207] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.750838] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.751461] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.752091] [ 180.752297] irq event stamp: 0 [ 180.752569] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.753115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.753847] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.754591] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.755144] ---[ end trace 0000000000000000 ]--- [ 180.755899] ------------[ cut here ]------------ [ 180.756309] WARNING: CPU: 1 PID: 1715 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.757192] Modules linked in: [ 180.757470] CPU: 1 PID: 1715 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.758222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.759204] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.759640] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.761120] RSP: 0018:ffff888020f9fb78 EFLAGS: 00010246 [ 180.761557] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.762134] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 180.762730] RBP: ffff888020f9fb98 R08: ffffed100256573e R09: ffffed100256573e [ 180.763311] R10: ffff888012b2b9ef R11: ffffed100256573d R12: ffff888012b2ba90 [ 180.763897] R13: ffff888012b2b8a8 R14: ffffffffffffffff R15: ffff888020f9fc60 [ 180.764499] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.765168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.765652] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.766244] PKRU: 55555554 [ 180.766481] Call Trace: [ 180.766716] [ 180.766910] iommufd_ioas_destroy+0x53/0x70 [ 180.767286] iommufd_fops_release+0x1f7/0x370 [ 180.767664] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.768076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.768487] ? write_comp_data+0x2f/0x90 [ 180.768838] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.769269] __fput+0x26d/0xa40 [ 180.769558] ____fput+0x1e/0x30 [ 180.769843] task_work_run+0x1a4/0x2d0 [ 180.770182] ? __pfx_task_work_run+0x10/0x10 [ 180.770577] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.770992] ? switch_task_namespaces+0xa9/0xe0 [ 180.771411] do_exit+0xb17/0x2ef0 [ 180.771709] ? lock_acquire+0x427/0x4c0 [ 180.772048] ? __pfx_lock_release+0x10/0x10 [ 180.772420] ? __kasan_check_write+0x18/0x20 [ 180.772790] ? do_raw_spin_lock+0x132/0x2a0 [ 180.773147] ? __pfx_do_exit+0x10/0x10 [ 180.773479] ? debug_smp_processor_id+0x20/0x30 [ 180.773868] ? rcu_is_watching+0x19/0xb0 [ 180.774206] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.774611] ? trace_hardirqs_on+0x26/0x120 [ 180.774980] do_group_exit+0xe0/0x2b0 [ 180.775308] __x64_sys_exit_group+0x47/0x50 [ 180.775665] do_syscall_64+0x3b/0x90 [ 180.775985] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.776421] RIP: 0033:0x7f4b87518a4d [ 180.776730] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.777236] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.777858] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.778440] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.779046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.779654] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.780247] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.780854] [ 180.781049] irq event stamp: 0 [ 180.781312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.781834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.782544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.783247] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.783765] ---[ end trace 0000000000000000 ]--- [ 180.788262] ------------[ cut here ]------------ [ 180.788686] WARNING: CPU: 1 PID: 1716 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.789524] Modules linked in: [ 180.789786] CPU: 1 PID: 1716 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.790540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.791485] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.791900] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.793397] RSP: 0018:ffff88801035fbb8 EFLAGS: 00010246 [ 180.793835] RAX: 0000000000000000 RBX: ffff888010b9e8a8 RCX: 0000000000000000 [ 180.794418] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 180.795019] RBP: ffff88801035fbd0 R08: ffffed1002173d33 R09: ffffed1002173d33 [ 180.795618] R10: ffff888010b9e993 R11: ffffed1002173d32 R12: ffff8880129c6800 [ 180.796200] R13: ffff888010b9e9e8 R14: ffffffff8352e670 R15: ffff88801035fe68 [ 180.796786] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.797446] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.797921] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 180.798525] PKRU: 55555554 [ 180.798762] Call Trace: [ 180.798973] [ 180.799176] __iommufd_access_detach+0x1c2/0x2b0 [ 180.799583] iommufd_access_change_pt+0x149/0x270 [ 180.799991] iommufd_access_replace+0xb4/0x120 [ 180.800376] iommufd_test+0x3e5/0x37e0 [ 180.800701] ? lock_release+0x532/0x770 [ 180.801041] ? __might_fault+0x102/0x1b0 [ 180.801383] ? lock_acquire+0x427/0x4c0 [ 180.801722] ? __pfx_iommufd_test+0x10/0x10 [ 180.802079] ? __pfx_lock_release+0x10/0x10 [ 180.802442] ? __pfx_lock_acquire+0x10/0x10 [ 180.802827] ? write_comp_data+0x2f/0x90 [ 180.803197] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.803606] ? write_comp_data+0x2f/0x90 [ 180.803958] iommufd_fops_ioctl+0x37d/0x510 [ 180.804320] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.804730] ? write_comp_data+0x2f/0x90 [ 180.805075] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.805481] __x64_sys_ioctl+0x1a3/0x230 [ 180.805827] do_syscall_64+0x3b/0x90 [ 180.806143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.806592] RIP: 0033:0x7f4b8743ee5d [ 180.806902] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.808396] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.809023] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.809601] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.810182] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.810776] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.811369] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.811955] [ 180.812150] irq event stamp: 0 [ 180.812406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.812907] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.813587] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.814257] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.814787] ---[ end trace 0000000000000000 ]--- [ 180.817584] ------------[ cut here ]------------ [ 180.818000] WARNING: CPU: 1 PID: 1716 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.818832] Modules linked in: [ 180.819091] CPU: 1 PID: 1716 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.819805] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.820707] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.821107] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.822583] RSP: 0018:ffff88801035fbd0 EFLAGS: 00010246 [ 180.823012] RAX: 0000000000000000 RBX: ffff888010b9e8a8 RCX: 0000000000000000 [ 180.823590] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 180.824160] RBP: ffff88801035fbe8 R08: ffffed1002173d33 R09: ffffed1002173d33 [ 180.824727] R10: ffff888010b9e993 R11: ffffed1002173d32 R12: ffff88801351c000 [ 180.825294] R13: ffff888010b9e9e8 R14: ffff888012b9b700 R15: 0000000000000000 [ 180.825861] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.826522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.826988] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.827556] PKRU: 55555554 [ 180.827787] Call Trace: [ 180.828001] [ 180.828190] iommufd_access_destroy_object+0x65/0x170 [ 180.828619] iommufd_object_destroy_user+0x18e/0x220 [ 180.829044] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.829529] iommufd_access_destroy+0x43/0x70 [ 180.829906] iommufd_test_staccess_release+0x8d/0xd0 [ 180.830327] __fput+0x26d/0xa40 [ 180.830634] ____fput+0x1e/0x30 [ 180.830917] task_work_run+0x1a4/0x2d0 [ 180.831251] ? __pfx_task_work_run+0x10/0x10 [ 180.831614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.832020] ? switch_task_namespaces+0xa9/0xe0 [ 180.832416] do_exit+0xb17/0x2ef0 [ 180.832701] ? lock_acquire+0x427/0x4c0 [ 180.833034] ? __pfx_lock_release+0x10/0x10 [ 180.833393] ? __kasan_check_write+0x18/0x20 [ 180.833758] ? do_raw_spin_lock+0x132/0x2a0 [ 180.834112] ? __pfx_do_exit+0x10/0x10 [ 180.834439] ? debug_smp_processor_id+0x20/0x30 [ 180.834845] ? rcu_is_watching+0x19/0xb0 [ 180.835193] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.835571] ? trace_hardirqs_on+0x26/0x120 [ 180.835933] do_group_exit+0xe0/0x2b0 [ 180.836248] __x64_sys_exit_group+0x47/0x50 [ 180.836601] do_syscall_64+0x3b/0x90 [ 180.836916] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.837350] RIP: 0033:0x7f4b87518a4d [ 180.837657] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.838158] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.838791] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.839382] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.839955] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.840527] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.841107] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.841691] [ 180.841885] irq event stamp: 0 [ 180.842144] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.842665] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.843338] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.844003] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.844507] ---[ end trace 0000000000000000 ]--- [ 180.845225] ------------[ cut here ]------------ [ 180.845603] WARNING: CPU: 1 PID: 1716 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.846416] Modules linked in: [ 180.846693] CPU: 1 PID: 1716 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.847421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.848337] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.848758] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.850232] RSP: 0018:ffff88801035fb78 EFLAGS: 00010246 [ 180.850683] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.851267] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 180.851852] RBP: ffff88801035fb98 R08: ffffed1002173d3e R09: ffffed1002173d3e [ 180.852431] R10: ffff888010b9e9ef R11: ffffed1002173d3d R12: ffff888010b9ea90 [ 180.853005] R13: ffff888010b9e8a8 R14: ffffffffffffffff R15: ffff88801035fc60 [ 180.853581] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.854230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.854717] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.855310] PKRU: 55555554 [ 180.855542] Call Trace: [ 180.855750] [ 180.855937] iommufd_ioas_destroy+0x53/0x70 [ 180.856295] iommufd_fops_release+0x1f7/0x370 [ 180.856663] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.857064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.857462] ? write_comp_data+0x2f/0x90 [ 180.857802] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.858213] __fput+0x26d/0xa40 [ 180.858499] ____fput+0x1e/0x30 [ 180.858804] task_work_run+0x1a4/0x2d0 [ 180.859137] ? __pfx_task_work_run+0x10/0x10 [ 180.859503] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.859908] ? switch_task_namespaces+0xa9/0xe0 [ 180.860305] do_exit+0xb17/0x2ef0 [ 180.860590] ? lock_acquire+0x427/0x4c0 [ 180.860926] ? __pfx_lock_release+0x10/0x10 [ 180.861290] ? __kasan_check_write+0x18/0x20 [ 180.861652] ? do_raw_spin_lock+0x132/0x2a0 [ 180.862009] ? __pfx_do_exit+0x10/0x10 [ 180.862341] ? debug_smp_processor_id+0x20/0x30 [ 180.862745] ? rcu_is_watching+0x19/0xb0 [ 180.863082] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.863468] ? trace_hardirqs_on+0x26/0x120 [ 180.863829] do_group_exit+0xe0/0x2b0 [ 180.864141] __x64_sys_exit_group+0x47/0x50 [ 180.864493] do_syscall_64+0x3b/0x90 [ 180.864809] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.865243] RIP: 0033:0x7f4b87518a4d [ 180.865554] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.866057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.866694] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.867280] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.867870] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.868448] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.869023] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.869612] [ 180.869807] irq event stamp: 0 [ 180.870065] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.870592] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.871280] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.871950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.872443] ---[ end trace 0000000000000000 ]--- [ 180.876206] ------------[ cut here ]------------ [ 180.876602] WARNING: CPU: 1 PID: 1717 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.877398] Modules linked in: [ 180.877652] CPU: 1 PID: 1717 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.878335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.879427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.879825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.881235] RSP: 0018:ffff88801638fbb8 EFLAGS: 00010246 [ 180.881642] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 180.882186] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 180.882742] RBP: ffff88801638fbd0 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 180.883286] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff88801422f800 [ 180.883823] R13: ffff88800f3709e8 R14: ffffffff8352e670 R15: ffff88801638fe68 [ 180.884369] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.884983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.885429] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 180.885975] PKRU: 55555554 [ 180.886193] Call Trace: [ 180.886393] [ 180.886584] __iommufd_access_detach+0x1c2/0x2b0 [ 180.886958] iommufd_access_change_pt+0x149/0x270 [ 180.887339] iommufd_access_replace+0xb4/0x120 [ 180.887699] iommufd_test+0x3e5/0x37e0 [ 180.887998] ? lock_release+0x532/0x770 [ 180.888313] ? __might_fault+0x102/0x1b0 [ 180.888630] ? lock_acquire+0x427/0x4c0 [ 180.888945] ? __pfx_iommufd_test+0x10/0x10 [ 180.889274] ? __pfx_lock_release+0x10/0x10 [ 180.889613] ? __pfx_lock_acquire+0x10/0x10 [ 180.889968] ? write_comp_data+0x2f/0x90 [ 180.890287] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.890680] ? write_comp_data+0x2f/0x90 [ 180.891005] iommufd_fops_ioctl+0x37d/0x510 [ 180.891350] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.891737] ? write_comp_data+0x2f/0x90 [ 180.892066] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.892447] __x64_sys_ioctl+0x1a3/0x230 [ 180.892773] do_syscall_64+0x3b/0x90 [ 180.893070] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.893472] RIP: 0033:0x7f4b8743ee5d [ 180.893755] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.895151] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.895729] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.896265] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.896811] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.897353] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.897894] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.898447] [ 180.898651] irq event stamp: 0 [ 180.898896] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.899385] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.900028] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.900669] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.901151] ---[ end trace 0000000000000000 ]--- [ 180.903888] ------------[ cut here ]------------ [ 180.904278] WARNING: CPU: 1 PID: 1717 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.905049] Modules linked in: [ 180.905298] CPU: 1 PID: 1717 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.905963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.906838] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.907233] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.908622] RSP: 0018:ffff88801638fbd0 EFLAGS: 00010246 [ 180.909031] RAX: 0000000000000000 RBX: ffff88800f3708a8 RCX: 0000000000000000 [ 180.909574] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 180.910117] RBP: ffff88801638fbe8 R08: ffffed1001e6e133 R09: ffffed1001e6e133 [ 180.910674] R10: ffff88800f370993 R11: ffffed1001e6e132 R12: ffff8880129c7800 [ 180.911231] R13: ffff88800f3709e8 R14: ffff88800ca5a400 R15: 0000000000000000 [ 180.911773] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.912382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.912824] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.913366] PKRU: 55555554 [ 180.913585] Call Trace: [ 180.913781] [ 180.913957] iommufd_access_destroy_object+0x65/0x170 [ 180.914357] iommufd_object_destroy_user+0x18e/0x220 [ 180.914770] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 180.915224] iommufd_access_destroy+0x43/0x70 [ 180.915579] iommufd_test_staccess_release+0x8d/0xd0 [ 180.915977] __fput+0x26d/0xa40 [ 180.916246] ____fput+0x1e/0x30 [ 180.916511] task_work_run+0x1a4/0x2d0 [ 180.916820] ? __pfx_task_work_run+0x10/0x10 [ 180.917164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.917544] ? switch_task_namespaces+0xa9/0xe0 [ 180.917910] do_exit+0xb17/0x2ef0 [ 180.918176] ? lock_acquire+0x427/0x4c0 [ 180.918487] ? __pfx_lock_release+0x10/0x10 [ 180.918844] ? __kasan_check_write+0x18/0x20 [ 180.919193] ? do_raw_spin_lock+0x132/0x2a0 [ 180.919527] ? __pfx_do_exit+0x10/0x10 [ 180.919837] ? debug_smp_processor_id+0x20/0x30 [ 180.920199] ? rcu_is_watching+0x19/0xb0 [ 180.920511] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.920865] ? trace_hardirqs_on+0x26/0x120 [ 180.921207] do_group_exit+0xe0/0x2b0 [ 180.921503] __x64_sys_exit_group+0x47/0x50 [ 180.921838] do_syscall_64+0x3b/0x90 [ 180.922136] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.922560] RIP: 0033:0x7f4b87518a4d [ 180.922845] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.923320] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.923903] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.924447] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.924994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.925536] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.926081] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.926656] [ 180.926840] irq event stamp: 0 [ 180.927087] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.927583] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.928222] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.929236] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.929730] ---[ end trace 0000000000000000 ]--- [ 180.930426] ------------[ cut here ]------------ [ 180.930812] WARNING: CPU: 1 PID: 1717 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 180.931729] Modules linked in: [ 180.931979] CPU: 1 PID: 1717 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.932652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.933520] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 180.934022] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 180.935458] RSP: 0018:ffff88801638fb78 EFLAGS: 00010246 [ 180.935872] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 180.936420] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 180.937093] RBP: ffff88801638fb98 R08: ffffed1001e6e13e R09: ffffed1001e6e13e [ 180.937648] R10: ffff88800f3709ef R11: ffffed1001e6e13d R12: ffff88800f370a90 [ 180.938194] R13: ffff88800f3708a8 R14: ffffffffffffffff R15: ffff88801638fc60 [ 180.938765] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.939395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.939982] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 180.940538] PKRU: 55555554 [ 180.940760] Call Trace: [ 180.940958] [ 180.941135] iommufd_ioas_destroy+0x53/0x70 [ 180.941479] iommufd_fops_release+0x1f7/0x370 [ 180.941870] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.942325] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.942728] ? write_comp_data+0x2f/0x90 [ 180.943055] ? __pfx_iommufd_fops_release+0x10/0x10 [ 180.943450] __fput+0x26d/0xa40 [ 180.943721] ____fput+0x1e/0x30 [ 180.943991] task_work_run+0x1a4/0x2d0 [ 180.944303] ? __pfx_task_work_run+0x10/0x10 [ 180.944760] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.945149] ? switch_task_namespaces+0xa9/0xe0 [ 180.945525] do_exit+0xb17/0x2ef0 [ 180.945802] ? lock_acquire+0x427/0x4c0 [ 180.946130] ? __pfx_lock_release+0x10/0x10 [ 180.946478] ? __kasan_check_write+0x18/0x20 [ 180.946864] ? do_raw_spin_lock+0x132/0x2a0 [ 180.947279] ? __pfx_do_exit+0x10/0x10 [ 180.947598] ? debug_smp_processor_id+0x20/0x30 [ 180.947968] ? rcu_is_watching+0x19/0xb0 [ 180.948293] ? _raw_spin_unlock_irq+0x2b/0x60 [ 180.948654] ? trace_hardirqs_on+0x26/0x120 [ 180.948997] do_group_exit+0xe0/0x2b0 [ 180.949295] __x64_sys_exit_group+0x47/0x50 [ 180.949651] do_syscall_64+0x3b/0x90 [ 180.950036] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.950447] RIP: 0033:0x7f4b87518a4d [ 180.950760] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 180.951243] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 180.951835] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 180.952409] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 180.953067] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 180.953616] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 180.954165] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 180.954738] [ 180.954977] irq event stamp: 0 [ 180.955315] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.955804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.956454] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.957099] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.957640] ---[ end trace 0000000000000000 ]--- [ 180.962068] ------------[ cut here ]------------ [ 180.962457] WARNING: CPU: 1 PID: 1718 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.963334] Modules linked in: [ 180.963636] CPU: 1 PID: 1718 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.964311] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.965240] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.965687] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.967215] RSP: 0018:ffff888020f9fbb8 EFLAGS: 00010246 [ 180.967634] RAX: 0000000000000000 RBX: ffff8880101c70a8 RCX: 0000000000000000 [ 180.968184] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 180.968850] RBP: ffff888020f9fbd0 R08: ffffed1002038e33 R09: ffffed1002038e33 [ 180.969420] R10: ffff8880101c7193 R11: ffffed1002038e32 R12: ffff88801420e800 [ 180.969986] R13: ffff8880101c71e8 R14: ffffffff8352e670 R15: ffff888020f9fe68 [ 180.970701] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 180.971374] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.971854] CR2: 00007f4b877410e8 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 180.972561] PKRU: 55555554 [ 180.972804] Call Trace: [ 180.973017] [ 180.973208] __iommufd_access_detach+0x1c2/0x2b0 [ 180.973618] iommufd_access_change_pt+0x149/0x270 [ 180.974061] iommufd_access_replace+0xb4/0x120 [ 180.974526] iommufd_test+0x3e5/0x37e0 [ 180.974854] ? lock_release+0x532/0x770 [ 180.975206] ? __might_fault+0x102/0x1b0 [ 180.975555] ? lock_acquire+0x427/0x4c0 [ 180.975926] ? __pfx_iommufd_test+0x10/0x10 [ 180.976338] ? __pfx_lock_release+0x10/0x10 [ 180.976712] ? __pfx_lock_acquire+0x10/0x10 [ 180.977088] ? write_comp_data+0x2f/0x90 [ 180.977439] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 180.977923] ? write_comp_data+0x2f/0x90 [ 180.978323] iommufd_fops_ioctl+0x37d/0x510 [ 180.978699] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.979108] ? write_comp_data+0x2f/0x90 [ 180.979467] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 180.979979] __x64_sys_ioctl+0x1a3/0x230 [ 180.980337] do_syscall_64+0x3b/0x90 [ 180.980660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 180.981094] RIP: 0033:0x7f4b8743ee5d [ 180.981404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 180.983023] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 180.983771] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 180.984362] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 180.984963] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 180.985641] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 180.986227] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 180.986839] [ 180.987035] irq event stamp: 0 [ 180.987302] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 180.987820] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 180.988516] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 180.989344] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 180.989863] ---[ end trace 0000000000000000 ]--- [ 180.992938] ------------[ cut here ]------------ [ 180.993411] WARNING: CPU: 1 PID: 1718 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 180.994262] Modules linked in: [ 180.994573] CPU: 1 PID: 1718 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 180.995388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 180.996310] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 180.996747] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 180.998328] RSP: 0018:ffff888020f9fbd0 EFLAGS: 00010246 [ 180.998865] RAX: 0000000000000000 RBX: ffff8880101c70a8 RCX: 0000000000000000 [ 180.999495] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 181.000075] RBP: ffff888020f9fbe8 R08: ffffed1002038e33 R09: ffffed1002038e33 [ 181.000661] R10: ffff8880101c7193 R11: ffffed1002038e32 R12: ffff88801422c400 [ 181.001367] R13: ffff8880101c71e8 R14: ffff888014229000 R15: 0000000000000000 [ 181.001950] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 181.002629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.003184] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 181.003833] PKRU: 55555554 [ 181.004071] Call Trace: [ 181.004284] [ 181.004478] iommufd_access_destroy_object+0x65/0x170 [ 181.004931] iommufd_object_destroy_user+0x18e/0x220 [ 181.005448] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.005936] iommufd_access_destroy+0x43/0x70 [ 181.006323] iommufd_test_staccess_release+0x8d/0xd0 [ 181.006781] __fput+0x26d/0xa40 [ 181.007139] ____fput+0x1e/0x30 [ 181.007486] task_work_run+0x1a4/0x2d0 [ 181.007833] ? __pfx_task_work_run+0x10/0x10 [ 181.008228] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.008654] ? switch_task_namespaces+0xa9/0xe0 [ 181.009065] do_exit+0xb17/0x2ef0 [ 181.009460] ? lock_acquire+0x427/0x4c0 [ 181.009899] ? __pfx_lock_release+0x10/0x10 [ 181.010281] ? __kasan_check_write+0x18/0x20 [ 181.010687] ? do_raw_spin_lock+0x132/0x2a0 [ 181.011069] ? __pfx_do_exit+0x10/0x10 [ 181.011423] ? debug_smp_processor_id+0x20/0x30 [ 181.011903] ? rcu_is_watching+0x19/0xb0 [ 181.012328] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.012724] ? trace_hardirqs_on+0x26/0x120 [ 181.013105] do_group_exit+0xe0/0x2b0 [ 181.013441] __x64_sys_exit_group+0x47/0x50 [ 181.013889] do_syscall_64+0x3b/0x90 [ 181.014299] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.014787] RIP: 0033:0x7f4b87518a4d [ 181.015129] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.015671] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.016406] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.017095] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.017719] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.018461] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.019123] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.019760] [ 181.019965] irq event stamp: 0 [ 181.020241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.020933] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.021663] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.022391] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.023089] ---[ end trace 0000000000000000 ]--- [ 181.023988] ------------[ cut here ]------------ [ 181.024413] WARNING: CPU: 1 PID: 1718 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.025447] Modules linked in: [ 181.025734] CPU: 1 PID: 1718 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.026490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.027634] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.028155] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.029872] RSP: 0018:ffff888020f9fb78 EFLAGS: 00010246 [ 181.030348] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.030990] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 181.031624] RBP: ffff888020f9fb98 R08: ffffed1002038e3e R09: ffffed1002038e3e [ 181.032385] R10: ffff8880101c71ef R11: ffffed1002038e3d R12: ffff8880101c7290 [ 181.033004] R13: ffff8880101c70a8 R14: ffffffffffffffff R15: ffff888020f9fc60 [ 181.033622] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 181.034450] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.034983] CR2: 00007f4b875fca50 CR3: 00000000141f6000 CR4: 0000000000750ee0 [ 181.035612] PKRU: 55555554 [ 181.035863] Call Trace: [ 181.036160] [ 181.036361] iommufd_ioas_destroy+0x53/0x70 [ 181.036812] iommufd_fops_release+0x1f7/0x370 [ 181.037214] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.037658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.038137] ? write_comp_data+0x2f/0x90 [ 181.038590] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.039040] __fput+0x26d/0xa40 [ 181.039354] ____fput+0x1e/0x30 [ 181.039656] task_work_run+0x1a4/0x2d0 [ 181.040010] ? __pfx_task_work_run+0x10/0x10 [ 181.040410] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.040986] ? switch_task_namespaces+0xa9/0xe0 [ 181.041411] do_exit+0xb17/0x2ef0 [ 181.041716] ? lock_acquire+0x427/0x4c0 [ 181.042076] ? __pfx_lock_release+0x10/0x10 [ 181.042464] ? __kasan_check_write+0x18/0x20 [ 181.043013] ? do_raw_spin_lock+0x132/0x2a0 [ 181.043407] ? __pfx_do_exit+0x10/0x10 [ 181.043759] ? debug_smp_processor_id+0x20/0x30 [ 181.044175] ? rcu_is_watching+0x19/0xb0 [ 181.044541] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.044952] ? trace_hardirqs_on+0x26/0x120 [ 181.045456] do_group_exit+0xe0/0x2b0 [ 181.045804] __x64_sys_exit_group+0x47/0x50 [ 181.046182] do_syscall_64+0x3b/0x90 [ 181.046552] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.047012] RIP: 0033:0x7f4b87518a4d [ 181.047379] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.048016] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.048686] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.049310] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.050069] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.050722] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.051362] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.052004] [ 181.052251] irq event stamp: 0 [ 181.052594] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.053145] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.053876] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.054766] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.055324] ---[ end trace 0000000000000000 ]--- [ 181.060147] ------------[ cut here ]------------ [ 181.060600] WARNING: CPU: 1 PID: 1719 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.061573] Modules linked in: [ 181.061900] CPU: 1 PID: 1719 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.062709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.063784] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.064290] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.066011] RSP: 0018:ffff88801812fbb8 EFLAGS: 00010246 [ 181.066481] RAX: 0000000000000000 RBX: ffff88800b9fe0a8 RCX: 0000000000000000 [ 181.067139] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 181.067776] RBP: ffff88801812fbd0 R08: ffffed100173fc33 R09: ffffed100173fc33 [ 181.068514] R10: ffff88800b9fe193 R11: ffffed100173fc32 R12: ffff888010c0b000 [ 181.069131] R13: ffff88800b9fe1e8 R14: ffffffff8352e670 R15: ffff88801812fe68 [ 181.069776] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 181.070606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.071110] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 181.071743] PKRU: 55555554 [ 181.071989] Call Trace: [ 181.072210] [ 181.072405] __iommufd_access_detach+0x1c2/0x2b0 [ 181.072831] iommufd_access_change_pt+0x149/0x270 [ 181.073267] iommufd_access_replace+0xb4/0x120 [ 181.073674] iommufd_test+0x3e5/0x37e0 [ 181.074021] ? lock_release+0x532/0x770 [ 181.074378] ? __might_fault+0x102/0x1b0 [ 181.074779] ? lock_acquire+0x427/0x4c0 [ 181.075146] ? __pfx_iommufd_test+0x10/0x10 [ 181.075522] ? __pfx_lock_release+0x10/0x10 [ 181.075906] ? __pfx_lock_acquire+0x10/0x10 [ 181.076294] ? write_comp_data+0x2f/0x90 [ 181.076660] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.077090] ? write_comp_data+0x2f/0x90 [ 181.077459] iommufd_fops_ioctl+0x37d/0x510 [ 181.077843] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.078271] ? write_comp_data+0x2f/0x90 [ 181.078669] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.079102] __x64_sys_ioctl+0x1a3/0x230 [ 181.079479] do_syscall_64+0x3b/0x90 [ 181.079817] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.080275] RIP: 0033:0x7f4b8743ee5d [ 181.080603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.082171] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.082860] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.083493] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.084112] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.084728] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.085347] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.085973] [ 181.086179] irq event stamp: 0 [ 181.086453] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.087021] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.087758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.088483] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.089035] ---[ end trace 0000000000000000 ]--- [ 181.092031] ------------[ cut here ]------------ [ 181.092470] WARNING: CPU: 1 PID: 1719 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.093346] Modules linked in: [ 181.093624] CPU: 1 PID: 1719 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.094377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.095385] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.095820] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.097383] RSP: 0018:ffff88801812fbd0 EFLAGS: 00010246 [ 181.097840] RAX: 0000000000000000 RBX: ffff88800b9fe0a8 RCX: 0000000000000000 [ 181.098451] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 181.099082] RBP: ffff88801812fbe8 R08: ffffed100173fc33 R09: ffffed100173fc33 [ 181.099701] R10: ffff88800b9fe193 R11: ffffed100173fc32 R12: ffff88801420fc00 [ 181.100309] R13: ffff88800b9fe1e8 R14: ffff88800f253a00 R15: 0000000000000000 [ 181.100922] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 181.101609] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.102107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 181.102737] PKRU: 55555554 [ 181.102984] Call Trace: [ 181.103210] [ 181.103395] iommufd_access_destroy_object+0x65/0x170 [ 181.103845] iommufd_object_destroy_user+0x18e/0x220 [ 181.104291] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.104794] iommufd_access_destroy+0x43/0x70 [ 181.105191] iommufd_test_staccess_release+0x8d/0xd0 [ 181.105640] __fput+0x26d/0xa40 [ 181.105939] ____fput+0x1e/0x30 [ 181.106233] task_work_run+0x1a4/0x2d0 [ 181.106604] ? __pfx_task_work_run+0x10/0x10 [ 181.106992] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.107431] ? switch_task_namespaces+0xa9/0xe0 [ 181.107839] do_exit+0xb17/0x2ef0 [ 181.108135] ? lock_acquire+0x427/0x4c0 [ 181.108481] ? __pfx_lock_release+0x10/0x10 [ 181.108853] ? __kasan_check_write+0x18/0x20 [ 181.109229] ? do_raw_spin_lock+0x132/0x2a0 [ 181.109597] ? __pfx_do_exit+0x10/0x10 [ 181.109937] ? debug_smp_processor_id+0x20/0x30 [ 181.110332] ? rcu_is_watching+0x19/0xb0 [ 181.110700] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.111090] ? trace_hardirqs_on+0x26/0x120 [ 181.111479] do_group_exit+0xe0/0x2b0 [ 181.111806] __x64_sys_exit_group+0x47/0x50 [ 181.112171] do_syscall_64+0x3b/0x90 [ 181.112495] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.112942] RIP: 0033:0x7f4b87518a4d [ 181.113257] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.113780] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.114420] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.115042] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.115659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.116269] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.116867] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.117465] [ 181.117666] irq event stamp: 0 [ 181.117931] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.118464] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.119192] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.119898] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.120427] ---[ end trace 0000000000000000 ]--- [ 181.121163] ------------[ cut here ]------------ [ 181.121559] WARNING: CPU: 1 PID: 1719 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.122417] Modules linked in: [ 181.122712] CPU: 1 PID: 1719 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.123457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.124398] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.124835] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.126359] RSP: 0018:ffff88801812fb78 EFLAGS: 00010246 [ 181.126825] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.127437] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 181.128035] RBP: ffff88801812fb98 R08: ffffed100173fc3e R09: ffffed100173fc3e [ 181.128638] R10: ffff88800b9fe1ef R11: ffffed100173fc3d R12: ffff88800b9fe290 [ 181.129235] R13: ffff88800b9fe0a8 R14: ffffffffffffffff R15: ffff88801812fc60 [ 181.129830] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 181.130526] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.131015] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 181.131626] PKRU: 55555554 [ 181.131866] Call Trace: [ 181.132084] [ 181.132278] iommufd_ioas_destroy+0x53/0x70 [ 181.132656] iommufd_fops_release+0x1f7/0x370 [ 181.133046] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.133472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.133893] ? write_comp_data+0x2f/0x90 [ 181.134247] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.134691] __fput+0x26d/0xa40 [ 181.134987] ____fput+0x1e/0x30 [ 181.135281] task_work_run+0x1a4/0x2d0 [ 181.135625] ? __pfx_task_work_run+0x10/0x10 [ 181.136006] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.136424] ? switch_task_namespaces+0xa9/0xe0 [ 181.136830] do_exit+0xb17/0x2ef0 [ 181.137124] ? lock_acquire+0x427/0x4c0 [ 181.137468] ? __pfx_lock_release+0x10/0x10 [ 181.137841] ? __kasan_check_write+0x18/0x20 [ 181.138217] ? do_raw_spin_lock+0x132/0x2a0 [ 181.138606] ? __pfx_do_exit+0x10/0x10 [ 181.138946] ? debug_smp_processor_id+0x20/0x30 [ 181.139351] ? rcu_is_watching+0x19/0xb0 [ 181.139700] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.140094] ? trace_hardirqs_on+0x26/0x120 [ 181.140466] do_group_exit+0xe0/0x2b0 [ 181.140788] __x64_sys_exit_group+0x47/0x50 [ 181.141151] do_syscall_64+0x3b/0x90 [ 181.141477] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.141922] RIP: 0033:0x7f4b87518a4d [ 181.142235] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.142765] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.143414] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.144013] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.144611] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.145210] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.145805] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.146427] [ 181.146637] irq event stamp: 0 [ 181.146904] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.147440] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.148150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.148853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.149382] ---[ end trace 0000000000000000 ]--- [ 181.155351] ------------[ cut here ]------------ [ 181.155976] WARNING: CPU: 0 PID: 1720 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.157177] Modules linked in: [ 181.157566] CPU: 0 PID: 1720 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.158637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.159976] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.160574] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.162705] RSP: 0018:ffff888015c87bb8 EFLAGS: 00010246 [ 181.163353] RAX: 0000000000000000 RBX: ffff888015b2c8a8 RCX: 0000000000000000 [ 181.164166] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 181.164983] RBP: ffff888015c87bd0 R08: ffffed1002b65933 R09: ffffed1002b65933 [ 181.165814] R10: ffff888015b2c993 R11: ffffed1002b65932 R12: ffff88801890d000 [ 181.166697] R13: ffff888015b2c9e8 R14: ffffffff8352e670 R15: ffff888015c87e68 [ 181.167543] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.168459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.169122] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 181.169938] PKRU: 55555554 [ 181.170267] Call Trace: [ 181.170614] [ 181.170887] __iommufd_access_detach+0x1c2/0x2b0 [ 181.171465] iommufd_access_change_pt+0x149/0x270 [ 181.172021] iommufd_access_replace+0xb4/0x120 [ 181.172565] iommufd_test+0x3e5/0x37e0 [ 181.173020] ? lock_release+0x532/0x770 [ 181.173499] ? __might_fault+0x102/0x1b0 [ 181.173988] ? lock_acquire+0x427/0x4c0 [ 181.174466] ? __pfx_iommufd_test+0x10/0x10 [ 181.175010] ? __pfx_lock_release+0x10/0x10 [ 181.175539] ? __pfx_lock_acquire+0x10/0x10 [ 181.176054] ? write_comp_data+0x2f/0x90 [ 181.176544] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.177115] ? write_comp_data+0x2f/0x90 [ 181.177607] iommufd_fops_ioctl+0x37d/0x510 [ 181.178123] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.178736] ? write_comp_data+0x2f/0x90 [ 181.179255] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.179831] __x64_sys_ioctl+0x1a3/0x230 [ 181.180322] do_syscall_64+0x3b/0x90 [ 181.180775] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.181388] RIP: 0033:0x7f4b8743ee5d [ 181.181825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.183936] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.184827] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.185696] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.186892] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.187731] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.188554] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.189395] [ 181.189680] irq event stamp: 0 [ 181.190048] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.190811] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.191801] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.192760] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.193479] ---[ end trace 0000000000000000 ]--- [ 181.198544] ------------[ cut here ]------------ [ 181.199137] WARNING: CPU: 0 PID: 1720 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.200303] Modules linked in: [ 181.200684] CPU: 0 PID: 1720 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.202083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.203494] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.204104] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.206562] RSP: 0018:ffff888015c87bd0 EFLAGS: 00010246 [ 181.207410] RAX: 0000000000000000 RBX: ffff888015b2c8a8 RCX: 0000000000000000 [ 181.208047] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 181.209060] RBP: ffff888015c87be8 R08: ffffed1002b65933 R09: ffffed1002b65933 [ 181.209681] R10: ffff888015b2c993 R11: ffffed1002b65932 R12: ffff888014583400 [ 181.210291] R13: ffff888015b2c9e8 R14: ffff8880103c9f00 R15: 0000000000000000 [ 181.210962] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.211692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.212206] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.212830] PKRU: 55555554 [ 181.213083] Call Trace: [ 181.213309] [ 181.213511] iommufd_access_destroy_object+0x65/0x170 [ 181.213972] iommufd_object_destroy_user+0x18e/0x220 [ 181.214425] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.214982] iommufd_access_destroy+0x43/0x70 [ 181.215401] iommufd_test_staccess_release+0x8d/0xd0 [ 181.215858] __fput+0x26d/0xa40 [ 181.216167] ____fput+0x1e/0x30 [ 181.216473] task_work_run+0x1a4/0x2d0 [ 181.216825] ? __pfx_task_work_run+0x10/0x10 [ 181.217218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.217657] ? switch_task_namespaces+0xa9/0xe0 [ 181.218075] do_exit+0xb17/0x2ef0 [ 181.218388] ? lock_acquire+0x427/0x4c0 [ 181.218782] ? __pfx_lock_release+0x10/0x10 [ 181.219193] ? __kasan_check_write+0x18/0x20 [ 181.219593] ? do_raw_spin_lock+0x132/0x2a0 [ 181.219979] ? __pfx_do_exit+0x10/0x10 [ 181.220331] ? debug_smp_processor_id+0x20/0x30 [ 181.220755] ? rcu_is_watching+0x19/0xb0 [ 181.221119] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.221525] ? trace_hardirqs_on+0x26/0x120 [ 181.221913] do_group_exit+0xe0/0x2b0 [ 181.222255] __x64_sys_exit_group+0x47/0x50 [ 181.222672] do_syscall_64+0x3b/0x90 [ 181.223023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.223508] RIP: 0033:0x7f4b87518a4d [ 181.223851] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.224405] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.225089] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.225732] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.226376] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.227067] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.227718] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.228371] [ 181.228582] irq event stamp: 0 [ 181.228867] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.229431] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.230189] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.230973] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.231553] ---[ end trace 0000000000000000 ]--- [ 181.232421] ------------[ cut here ]------------ [ 181.233267] WARNING: CPU: 0 PID: 1720 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.234174] Modules linked in: [ 181.234457] CPU: 0 PID: 1720 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.235299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.236296] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.237012] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.238902] RSP: 0018:ffff888015c87b78 EFLAGS: 00010246 [ 181.239391] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.240033] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 181.240915] RBP: ffff888015c87b98 R08: ffffed1002b6593e R09: ffffed1002b6593e [ 181.241582] R10: ffff888015b2c9ef R11: ffffed1002b6593d R12: ffff888015b2ca90 [ 181.242252] R13: ffff888015b2c8a8 R14: ffffffffffffffff R15: ffff888015c87c60 [ 181.242966] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.243741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.244291] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.244964] PKRU: 55555554 [ 181.245237] Call Trace: [ 181.245483] [ 181.245706] iommufd_ioas_destroy+0x53/0x70 [ 181.246133] iommufd_fops_release+0x1f7/0x370 [ 181.246604] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.247079] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.247575] ? write_comp_data+0x2f/0x90 [ 181.247980] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.248461] __fput+0x26d/0xa40 [ 181.248800] ____fput+0x1e/0x30 [ 181.249130] task_work_run+0x1a4/0x2d0 [ 181.249521] ? __pfx_task_work_run+0x10/0x10 [ 181.249969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.250446] ? switch_task_namespaces+0xa9/0xe0 [ 181.250950] do_exit+0xb17/0x2ef0 [ 181.251301] ? lock_acquire+0x427/0x4c0 [ 181.251693] ? __pfx_lock_release+0x10/0x10 [ 181.252115] ? __kasan_check_write+0x18/0x20 [ 181.252543] ? do_raw_spin_lock+0x132/0x2a0 [ 181.252959] ? __pfx_do_exit+0x10/0x10 [ 181.253343] ? debug_smp_processor_id+0x20/0x30 [ 181.253789] ? rcu_is_watching+0x19/0xb0 [ 181.254186] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.254671] ? trace_hardirqs_on+0x26/0x120 [ 181.255097] do_group_exit+0xe0/0x2b0 [ 181.255471] __x64_sys_exit_group+0x47/0x50 [ 181.255883] do_syscall_64+0x3b/0x90 [ 181.256246] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.256754] RIP: 0033:0x7f4b87518a4d [ 181.257111] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.257704] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.258434] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.259152] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.259840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.260533] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.261223] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.261915] [ 181.262144] irq event stamp: 0 [ 181.262451] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.263092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.263913] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.264719] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.265331] ---[ end trace 0000000000000000 ]--- [ 181.271231] ------------[ cut here ]------------ [ 181.271748] WARNING: CPU: 0 PID: 1721 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.272796] Modules linked in: [ 181.273128] CPU: 0 PID: 1721 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.274112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.275604] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.276130] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.278052] RSP: 0018:ffff88800ea3fbb8 EFLAGS: 00010246 [ 181.278660] RAX: 0000000000000000 RBX: ffff8880208890a8 RCX: 0000000000000000 [ 181.279422] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 181.280170] RBP: ffff88800ea3fbd0 R08: ffffed1004111233 R09: ffffed1004111233 [ 181.280917] R10: ffff888020889193 R11: ffffed1004111232 R12: ffff88801351dc00 [ 181.281662] R13: ffff8880208891e8 R14: ffffffff8352e670 R15: ffff88800ea3fe68 [ 181.282414] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.283307] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.283928] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 181.284673] PKRU: 55555554 [ 181.284968] Call Trace: [ 181.285242] [ 181.285488] __iommufd_access_detach+0x1c2/0x2b0 [ 181.285999] iommufd_access_change_pt+0x149/0x270 [ 181.286555] iommufd_access_replace+0xb4/0x120 [ 181.287043] iommufd_test+0x3e5/0x37e0 [ 181.287475] ? lock_release+0x532/0x770 [ 181.287903] ? __might_fault+0x102/0x1b0 [ 181.288337] ? lock_acquire+0x427/0x4c0 [ 181.288761] ? __pfx_iommufd_test+0x10/0x10 [ 181.289209] ? __pfx_lock_release+0x10/0x10 [ 181.289669] ? __pfx_lock_acquire+0x10/0x10 [ 181.290127] ? write_comp_data+0x2f/0x90 [ 181.290609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.291132] ? write_comp_data+0x2f/0x90 [ 181.291575] iommufd_fops_ioctl+0x37d/0x510 [ 181.292047] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.292569] ? write_comp_data+0x2f/0x90 [ 181.293003] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.293506] __x64_sys_ioctl+0x1a3/0x230 [ 181.293949] do_syscall_64+0x3b/0x90 [ 181.294357] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.294962] RIP: 0033:0x7f4b8743ee5d [ 181.295373] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.297267] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.298054] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.298838] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.299582] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.300312] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.301041] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.301785] [ 181.302033] irq event stamp: 0 [ 181.302356] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.303059] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.303939] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.304800] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.305461] ---[ end trace 0000000000000000 ]--- [ 181.308994] ------------[ cut here ]------------ [ 181.309684] WARNING: CPU: 0 PID: 1721 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.310987] Modules linked in: [ 181.311341] CPU: 0 PID: 1721 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.312292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.313683] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.314209] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.316403] RSP: 0018:ffff88800ea3fbd0 EFLAGS: 00010246 [ 181.316963] RAX: 0000000000000000 RBX: ffff8880208890a8 RCX: 0000000000000000 [ 181.317984] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 181.318743] RBP: ffff88800ea3fbe8 R08: ffffed1004111233 R09: ffffed1004111233 [ 181.319499] R10: ffff888020889193 R11: ffffed1004111232 R12: ffff88801890fc00 [ 181.320550] R13: ffff8880208891e8 R14: ffff888020edb800 R15: 0000000000000000 [ 181.321303] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.322273] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.323051] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.323819] PKRU: 55555554 [ 181.324123] Call Trace: [ 181.324395] [ 181.324697] iommufd_access_destroy_object+0x65/0x170 [ 181.325423] iommufd_object_destroy_user+0x18e/0x220 [ 181.325963] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.326616] iommufd_access_destroy+0x43/0x70 [ 181.327125] iommufd_test_staccess_release+0x8d/0xd0 [ 181.327947] __fput+0x26d/0xa40 [ 181.328322] ____fput+0x1e/0x30 [ 181.328698] task_work_run+0x1a4/0x2d0 [ 181.329122] ? __pfx_task_work_run+0x10/0x10 [ 181.329664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.330375] ? switch_task_namespaces+0xa9/0xe0 [ 181.330914] do_exit+0xb17/0x2ef0 [ 181.331296] ? lock_acquire+0x427/0x4c0 [ 181.331732] ? __pfx_lock_release+0x10/0x10 [ 181.332196] ? __kasan_check_write+0x18/0x20 [ 181.332952] ? do_raw_spin_lock+0x132/0x2a0 [ 181.333417] ? __pfx_do_exit+0x10/0x10 [ 181.333847] ? debug_smp_processor_id+0x20/0x30 [ 181.334353] ? rcu_is_watching+0x19/0xb0 [ 181.334886] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.335558] ? trace_hardirqs_on+0x26/0x120 [ 181.336022] do_group_exit+0xe0/0x2b0 [ 181.336428] __x64_sys_exit_group+0x47/0x50 [ 181.336883] do_syscall_64+0x3b/0x90 [ 181.337498] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.338210] RIP: 0033:0x7f4b87518a4d [ 181.338652] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.339319] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.340266] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.341153] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.341913] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.342974] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.343766] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.344543] [ 181.344833] irq event stamp: 0 [ 181.345393] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.346085] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.347033] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.348220] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.348901] ---[ end trace 0000000000000000 ]--- [ 181.349826] ------------[ cut here ]------------ [ 181.350628] WARNING: CPU: 0 PID: 1721 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.351749] Modules linked in: [ 181.352102] CPU: 0 PID: 1721 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.353347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.354642] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.355392] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.357663] RSP: 0018:ffff88800ea3fb78 EFLAGS: 00010246 [ 181.358248] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.359047] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 181.359925] RBP: ffff88800ea3fb98 R08: ffffed100411123e R09: ffffed100411123e [ 181.360861] R10: ffff8880208891ef R11: ffffed100411123d R12: ffff888020889290 [ 181.361635] R13: ffff8880208890a8 R14: ffffffffffffffff R15: ffff88800ea3fc60 [ 181.362754] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.363637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.364271] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.365348] PKRU: 55555554 [ 181.365665] Call Trace: [ 181.365945] [ 181.366190] iommufd_ioas_destroy+0x53/0x70 [ 181.366725] iommufd_fops_release+0x1f7/0x370 [ 181.367245] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.368085] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.368620] ? write_comp_data+0x2f/0x90 [ 181.369071] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.369612] __fput+0x26d/0xa40 [ 181.370349] ____fput+0x1e/0x30 [ 181.370759] task_work_run+0x1a4/0x2d0 [ 181.371209] ? __pfx_task_work_run+0x10/0x10 [ 181.371701] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.372238] ? switch_task_namespaces+0xa9/0xe0 [ 181.372885] do_exit+0xb17/0x2ef0 [ 181.373478] ? lock_acquire+0x427/0x4c0 [ 181.373926] ? __pfx_lock_release+0x10/0x10 [ 181.374404] ? __kasan_check_write+0x18/0x20 [ 181.374979] ? do_raw_spin_lock+0x132/0x2a0 [ 181.375644] ? __pfx_do_exit+0x10/0x10 [ 181.376083] ? debug_smp_processor_id+0x20/0x30 [ 181.376595] ? rcu_is_watching+0x19/0xb0 [ 181.377038] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.377708] ? trace_hardirqs_on+0x26/0x120 [ 181.378446] do_group_exit+0xe0/0x2b0 [ 181.378911] __x64_sys_exit_group+0x47/0x50 [ 181.379397] do_syscall_64+0x3b/0x90 [ 181.379810] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.380881] RIP: 0033:0x7f4b87518a4d [ 181.381296] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.381955] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.383218] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.383982] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.384743] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.385807] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.386603] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.387384] [ 181.387732] irq event stamp: 0 [ 181.388247] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.388913] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.389945] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.391097] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.391788] ---[ end trace 0000000000000000 ]--- [ 181.397398] ------------[ cut here ]------------ [ 181.398275] WARNING: CPU: 0 PID: 1722 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.399438] Modules linked in: [ 181.400409] CPU: 0 PID: 1722 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.401353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.402916] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.403467] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.405372] RSP: 0018:ffff88802445fbb8 EFLAGS: 00010246 [ 181.405924] RAX: 0000000000000000 RBX: ffff888013b878a8 RCX: 0000000000000000 [ 181.406697] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 181.407458] RBP: ffff88802445fbd0 R08: ffffed1002770f33 R09: ffffed1002770f33 [ 181.408204] R10: ffff888013b87993 R11: ffffed1002770f32 R12: ffff88801888e000 [ 181.408955] R13: ffff888013b879e8 R14: ffffffff8352e670 R15: ffff88802445fe68 [ 181.409701] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.410578] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.411209] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 181.411972] PKRU: 55555554 [ 181.412277] Call Trace: [ 181.412554] [ 181.412792] __iommufd_access_detach+0x1c2/0x2b0 [ 181.413307] iommufd_access_change_pt+0x149/0x270 [ 181.413823] iommufd_access_replace+0xb4/0x120 [ 181.414319] iommufd_test+0x3e5/0x37e0 [ 181.414761] ? lock_release+0x532/0x770 [ 181.415216] ? __might_fault+0x102/0x1b0 [ 181.415653] ? lock_acquire+0x427/0x4c0 [ 181.416083] ? __pfx_iommufd_test+0x10/0x10 [ 181.416541] ? __pfx_lock_release+0x10/0x10 [ 181.417012] ? __pfx_lock_acquire+0x10/0x10 [ 181.417488] ? write_comp_data+0x2f/0x90 [ 181.417923] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.418427] ? write_comp_data+0x2f/0x90 [ 181.418897] iommufd_fops_ioctl+0x37d/0x510 [ 181.419368] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.419887] ? write_comp_data+0x2f/0x90 [ 181.420313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.420813] __x64_sys_ioctl+0x1a3/0x230 [ 181.421241] do_syscall_64+0x3b/0x90 [ 181.421635] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.422182] RIP: 0033:0x7f4b8743ee5d [ 181.422602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.424514] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.425303] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.426035] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.426795] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.427519] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.428260] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.428998] [ 181.429235] irq event stamp: 0 [ 181.429538] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.430145] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.430956] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.431756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.432347] ---[ end trace 0000000000000000 ]--- [ 181.435488] ------------[ cut here ]------------ [ 181.435971] WARNING: CPU: 0 PID: 1722 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.436922] Modules linked in: [ 181.437226] CPU: 0 PID: 1722 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.438047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.439359] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.439840] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.441969] RSP: 0018:ffff88802445fbd0 EFLAGS: 00010246 [ 181.442468] RAX: 0000000000000000 RBX: ffff888013b878a8 RCX: 0000000000000000 [ 181.443390] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 181.444053] RBP: ffff88802445fbe8 R08: ffffed1002770f33 R09: ffffed1002770f33 [ 181.444714] R10: ffff888013b87993 R11: ffffed1002770f32 R12: ffff888010cf9000 [ 181.445597] R13: ffff888013b879e8 R14: ffff8880143e0d00 R15: 0000000000000000 [ 181.446257] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.447037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.447642] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.448534] PKRU: 55555554 [ 181.448802] Call Trace: [ 181.449041] [ 181.449252] iommufd_access_destroy_object+0x65/0x170 [ 181.449974] iommufd_object_destroy_user+0x18e/0x220 [ 181.450452] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.451027] iommufd_access_destroy+0x43/0x70 [ 181.451466] iommufd_test_staccess_release+0x8d/0xd0 [ 181.452005] __fput+0x26d/0xa40 [ 181.452489] ____fput+0x1e/0x30 [ 181.452812] task_work_run+0x1a4/0x2d0 [ 181.453189] ? __pfx_task_work_run+0x10/0x10 [ 181.453608] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.454310] ? switch_task_namespaces+0xa9/0xe0 [ 181.454784] do_exit+0xb17/0x2ef0 [ 181.455124] ? lock_acquire+0x427/0x4c0 [ 181.455516] ? __pfx_lock_release+0x10/0x10 [ 181.455928] ? __kasan_check_write+0x18/0x20 [ 181.456399] ? do_raw_spin_lock+0x132/0x2a0 [ 181.456982] ? __pfx_do_exit+0x10/0x10 [ 181.457364] ? debug_smp_processor_id+0x20/0x30 [ 181.457814] ? rcu_is_watching+0x19/0xb0 [ 181.458205] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.458665] ? trace_hardirqs_on+0x26/0x120 [ 181.459096] do_group_exit+0xe0/0x2b0 [ 181.459461] __x64_sys_exit_group+0x47/0x50 [ 181.459864] do_syscall_64+0x3b/0x90 [ 181.460222] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.460715] RIP: 0033:0x7f4b87518a4d [ 181.461062] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.461637] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.462344] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.463032] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.463700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.464360] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.465021] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.465687] [ 181.465912] irq event stamp: 0 [ 181.466211] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.466823] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.467614] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.468391] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.468983] ---[ end trace 0000000000000000 ]--- [ 181.469781] ------------[ cut here ]------------ [ 181.470197] WARNING: CPU: 0 PID: 1722 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.471139] Modules linked in: [ 181.471430] CPU: 0 PID: 1722 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.472195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.473182] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.473641] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.475262] RSP: 0018:ffff88802445fb78 EFLAGS: 00010246 [ 181.475733] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.476357] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 181.476978] RBP: ffff88802445fb98 R08: ffffed1002770f3e R09: ffffed1002770f3e [ 181.477599] R10: ffff888013b879ef R11: ffffed1002770f3d R12: ffff888013b87a90 [ 181.478221] R13: ffff888013b878a8 R14: ffffffffffffffff R15: ffff88802445fc60 [ 181.478870] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.479594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.480102] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.480724] PKRU: 55555554 [ 181.480975] Call Trace: [ 181.481203] [ 181.481402] iommufd_ioas_destroy+0x53/0x70 [ 181.481794] iommufd_fops_release+0x1f7/0x370 [ 181.482196] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.482662] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.483105] ? write_comp_data+0x2f/0x90 [ 181.483482] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.483927] __fput+0x26d/0xa40 [ 181.484236] ____fput+0x1e/0x30 [ 181.484537] task_work_run+0x1a4/0x2d0 [ 181.484889] ? __pfx_task_work_run+0x10/0x10 [ 181.485286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.485720] ? switch_task_namespaces+0xa9/0xe0 [ 181.486138] do_exit+0xb17/0x2ef0 [ 181.486445] ? lock_acquire+0x427/0x4c0 [ 181.486828] ? __pfx_lock_release+0x10/0x10 [ 181.487236] ? __kasan_check_write+0x18/0x20 [ 181.487635] ? do_raw_spin_lock+0x132/0x2a0 [ 181.488024] ? __pfx_do_exit+0x10/0x10 [ 181.488381] ? debug_smp_processor_id+0x20/0x30 [ 181.488800] ? rcu_is_watching+0x19/0xb0 [ 181.489169] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.489576] ? trace_hardirqs_on+0x26/0x120 [ 181.489968] do_group_exit+0xe0/0x2b0 [ 181.490308] __x64_sys_exit_group+0x47/0x50 [ 181.490710] do_syscall_64+0x3b/0x90 [ 181.491049] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.491523] RIP: 0033:0x7f4b87518a4d [ 181.491852] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.492393] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.493054] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.493680] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.494302] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.494951] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.495582] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.496204] [ 181.496412] irq event stamp: 0 [ 181.496676] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.497195] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.497886] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.498595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.499124] ---[ end trace 0000000000000000 ]--- [ 181.503760] ------------[ cut here ]------------ [ 181.504191] WARNING: CPU: 0 PID: 1723 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.505022] Modules linked in: [ 181.505288] CPU: 0 PID: 1723 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.506004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.507035] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.507454] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.508947] RSP: 0018:ffff88801700fbb8 EFLAGS: 00010246 [ 181.509389] RAX: 0000000000000000 RBX: ffff88801587c0a8 RCX: 0000000000000000 [ 181.509972] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 181.510581] RBP: ffff88801700fbd0 R08: ffffed1002b0f833 R09: ffffed1002b0f833 [ 181.511174] R10: ffff88801587c193 R11: ffffed1002b0f832 R12: ffff88801341fc00 [ 181.511758] R13: ffff88801587c1e8 R14: ffffffff8352e670 R15: ffff88801700fe68 [ 181.512343] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.513005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.513482] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 181.514076] PKRU: 55555554 [ 181.514317] Call Trace: [ 181.514547] [ 181.514737] __iommufd_access_detach+0x1c2/0x2b0 [ 181.515161] iommufd_access_change_pt+0x149/0x270 [ 181.515579] iommufd_access_replace+0xb4/0x120 [ 181.515971] iommufd_test+0x3e5/0x37e0 [ 181.516294] ? lock_release+0x532/0x770 [ 181.516637] ? __might_fault+0x102/0x1b0 [ 181.516984] ? lock_acquire+0x427/0x4c0 [ 181.517327] ? __pfx_iommufd_test+0x10/0x10 [ 181.517689] ? __pfx_lock_release+0x10/0x10 [ 181.518056] ? __pfx_lock_acquire+0x10/0x10 [ 181.518424] ? write_comp_data+0x2f/0x90 [ 181.518800] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.519224] ? write_comp_data+0x2f/0x90 [ 181.519570] iommufd_fops_ioctl+0x37d/0x510 [ 181.519935] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.520346] ? write_comp_data+0x2f/0x90 [ 181.520693] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.521097] __x64_sys_ioctl+0x1a3/0x230 [ 181.521444] do_syscall_64+0x3b/0x90 [ 181.521763] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.522201] RIP: 0033:0x7f4b8743ee5d [ 181.522533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.524037] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.524668] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.525255] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.525848] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.526437] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.527044] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.527648] [ 181.527844] irq event stamp: 0 [ 181.528105] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.528623] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.529318] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.530009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.530560] ---[ end trace 0000000000000000 ]--- [ 181.533421] ------------[ cut here ]------------ [ 181.533842] WARNING: CPU: 0 PID: 1723 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.534716] Modules linked in: [ 181.534987] CPU: 0 PID: 1723 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.535717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.536641] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.537055] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.538537] RSP: 0018:ffff88801700fbd0 EFLAGS: 00010246 [ 181.538962] RAX: 0000000000000000 RBX: ffff88801587c0a8 RCX: 0000000000000000 [ 181.539537] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 181.540104] RBP: ffff88801700fbe8 R08: ffffed1002b0f833 R09: ffffed1002b0f833 [ 181.540672] R10: ffff88801587c193 R11: ffffed1002b0f832 R12: ffff88801888f800 [ 181.541241] R13: ffff88801587c1e8 R14: ffff888020edb500 R15: 0000000000000000 [ 181.541815] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.542460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.542953] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.543535] PKRU: 55555554 [ 181.543767] Call Trace: [ 181.543977] [ 181.544165] iommufd_access_destroy_object+0x65/0x170 [ 181.544589] iommufd_object_destroy_user+0x18e/0x220 [ 181.545004] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.545475] iommufd_access_destroy+0x43/0x70 [ 181.545846] iommufd_test_staccess_release+0x8d/0xd0 [ 181.546264] __fput+0x26d/0xa40 [ 181.546572] ____fput+0x1e/0x30 [ 181.546849] task_work_run+0x1a4/0x2d0 [ 181.547175] ? __pfx_task_work_run+0x10/0x10 [ 181.547538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.547937] ? switch_task_namespaces+0xa9/0xe0 [ 181.548325] do_exit+0xb17/0x2ef0 [ 181.548603] ? lock_acquire+0x427/0x4c0 [ 181.548925] ? __pfx_lock_release+0x10/0x10 [ 181.549271] ? __kasan_check_write+0x18/0x20 [ 181.549622] ? do_raw_spin_lock+0x132/0x2a0 [ 181.549965] ? __pfx_do_exit+0x10/0x10 [ 181.550280] ? debug_smp_processor_id+0x20/0x30 [ 181.550675] ? rcu_is_watching+0x19/0xb0 [ 181.551001] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.551374] ? trace_hardirqs_on+0x26/0x120 [ 181.551725] do_group_exit+0xe0/0x2b0 [ 181.552031] __x64_sys_exit_group+0x47/0x50 [ 181.552374] do_syscall_64+0x3b/0x90 [ 181.552676] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.553096] RIP: 0033:0x7f4b87518a4d [ 181.553390] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.553874] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.554467] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.555059] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.555622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.556181] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.556742] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.557309] [ 181.557494] irq event stamp: 0 [ 181.557743] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.558240] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.558915] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.559582] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.560075] ---[ end trace 0000000000000000 ]--- [ 181.560775] ------------[ cut here ]------------ [ 181.561144] WARNING: CPU: 0 PID: 1723 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.561944] Modules linked in: [ 181.562197] CPU: 0 PID: 1723 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.562914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.563821] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.564232] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.565666] RSP: 0018:ffff88801700fb78 EFLAGS: 00010246 [ 181.566094] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.566682] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 181.567250] RBP: ffff88801700fb98 R08: ffffed1002b0f83e R09: ffffed1002b0f83e [ 181.567813] R10: ffff88801587c1ef R11: ffffed1002b0f83d R12: ffff88801587c290 [ 181.568370] R13: ffff88801587c0a8 R14: ffffffffffffffff R15: ffff88801700fc60 [ 181.568930] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.569563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.570017] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.570602] PKRU: 55555554 [ 181.570825] Call Trace: [ 181.571029] [ 181.571212] iommufd_ioas_destroy+0x53/0x70 [ 181.571560] iommufd_fops_release+0x1f7/0x370 [ 181.571919] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.572314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.572709] ? write_comp_data+0x2f/0x90 [ 181.573040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.573435] __fput+0x26d/0xa40 [ 181.573710] ____fput+0x1e/0x30 [ 181.573978] task_work_run+0x1a4/0x2d0 [ 181.574292] ? __pfx_task_work_run+0x10/0x10 [ 181.574673] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.575066] ? switch_task_namespaces+0xa9/0xe0 [ 181.575453] do_exit+0xb17/0x2ef0 [ 181.575732] ? lock_acquire+0x427/0x4c0 [ 181.576061] ? __pfx_lock_release+0x10/0x10 [ 181.576414] ? __kasan_check_write+0x18/0x20 [ 181.576769] ? do_raw_spin_lock+0x132/0x2a0 [ 181.577113] ? __pfx_do_exit+0x10/0x10 [ 181.577433] ? debug_smp_processor_id+0x20/0x30 [ 181.577805] ? rcu_is_watching+0x19/0xb0 [ 181.578129] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.578494] ? trace_hardirqs_on+0x26/0x120 [ 181.578876] do_group_exit+0xe0/0x2b0 [ 181.579192] __x64_sys_exit_group+0x47/0x50 [ 181.579536] do_syscall_64+0x3b/0x90 [ 181.579848] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.580281] RIP: 0033:0x7f4b87518a4d [ 181.580589] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.581100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.581747] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.582349] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.582986] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.583612] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.584215] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.584823] [ 181.585024] irq event stamp: 0 [ 181.585292] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.585822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.586554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.587271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.587804] ---[ end trace 0000000000000000 ]--- [ 181.592387] ------------[ cut here ]------------ [ 181.592839] WARNING: CPU: 0 PID: 1724 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.593692] Modules linked in: [ 181.593964] CPU: 0 PID: 1724 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.594808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.595772] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.596192] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.597744] RSP: 0018:ffff888023e8fbb8 EFLAGS: 00010246 [ 181.598196] RAX: 0000000000000000 RBX: ffff88800b9ff0a8 RCX: 0000000000000000 [ 181.598847] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 181.599453] RBP: ffff888023e8fbd0 R08: ffffed100173fe33 R09: ffffed100173fe33 [ 181.600062] R10: ffff88800b9ff193 R11: ffffed100173fe32 R12: ffff88801432ac00 [ 181.600662] R13: ffff88800b9ff1e8 R14: ffffffff8352e670 R15: ffff888023e8fe68 [ 181.601259] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.601944] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.602441] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 181.603061] PKRU: 55555554 [ 181.603310] Call Trace: [ 181.603533] [ 181.603726] __iommufd_access_detach+0x1c2/0x2b0 [ 181.604143] iommufd_access_change_pt+0x149/0x270 [ 181.604561] iommufd_access_replace+0xb4/0x120 [ 181.604961] iommufd_test+0x3e5/0x37e0 [ 181.605295] ? lock_release+0x532/0x770 [ 181.605645] ? __might_fault+0x102/0x1b0 [ 181.605999] ? lock_acquire+0x427/0x4c0 [ 181.606345] ? __pfx_iommufd_test+0x10/0x10 [ 181.606726] ? __pfx_lock_release+0x10/0x10 [ 181.607100] ? __pfx_lock_acquire+0x10/0x10 [ 181.607489] ? write_comp_data+0x2f/0x90 [ 181.607838] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.608249] ? write_comp_data+0x2f/0x90 [ 181.608601] iommufd_fops_ioctl+0x37d/0x510 [ 181.608969] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.609381] ? write_comp_data+0x2f/0x90 [ 181.609732] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.610140] __x64_sys_ioctl+0x1a3/0x230 [ 181.610488] do_syscall_64+0x3b/0x90 [ 181.610839] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.611292] RIP: 0033:0x7f4b8743ee5d [ 181.611612] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.613133] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.613775] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.614363] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.614980] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.615585] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.616176] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.616782] [ 181.616979] irq event stamp: 0 [ 181.617244] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.617771] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.618470] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.619183] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.619712] ---[ end trace 0000000000000000 ]--- [ 181.622440] ------------[ cut here ]------------ [ 181.622889] WARNING: CPU: 0 PID: 1724 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.623754] Modules linked in: [ 181.624022] CPU: 0 PID: 1724 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.624746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.625672] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.626085] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.627609] RSP: 0018:ffff888023e8fbd0 EFLAGS: 00010246 [ 181.628045] RAX: 0000000000000000 RBX: ffff88800b9ff0a8 RCX: 0000000000000000 [ 181.628637] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 181.629243] RBP: ffff888023e8fbe8 R08: ffffed100173fe33 R09: ffffed100173fe33 [ 181.629836] R10: ffff88800b9ff193 R11: ffffed100173fe32 R12: ffff88801341dc00 [ 181.630429] R13: ffff88800b9ff1e8 R14: ffff888013a7db00 R15: 0000000000000000 [ 181.631043] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.631720] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.632207] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.632803] PKRU: 55555554 [ 181.633039] Call Trace: [ 181.633254] [ 181.633445] iommufd_access_destroy_object+0x65/0x170 [ 181.633882] iommufd_object_destroy_user+0x18e/0x220 [ 181.634309] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.634831] iommufd_access_destroy+0x43/0x70 [ 181.635233] iommufd_test_staccess_release+0x8d/0xd0 [ 181.635674] __fput+0x26d/0xa40 [ 181.635966] ____fput+0x1e/0x30 [ 181.636255] task_work_run+0x1a4/0x2d0 [ 181.636588] ? __pfx_task_work_run+0x10/0x10 [ 181.636960] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.637373] ? switch_task_namespaces+0xa9/0xe0 [ 181.637774] do_exit+0xb17/0x2ef0 [ 181.638067] ? lock_acquire+0x427/0x4c0 [ 181.638410] ? __pfx_lock_release+0x10/0x10 [ 181.638802] ? __kasan_check_write+0x18/0x20 [ 181.639186] ? do_raw_spin_lock+0x132/0x2a0 [ 181.639552] ? __pfx_do_exit+0x10/0x10 [ 181.639890] ? debug_smp_processor_id+0x20/0x30 [ 181.640285] ? rcu_is_watching+0x19/0xb0 [ 181.640634] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.641027] ? trace_hardirqs_on+0x26/0x120 [ 181.641408] do_group_exit+0xe0/0x2b0 [ 181.641732] __x64_sys_exit_group+0x47/0x50 [ 181.642091] do_syscall_64+0x3b/0x90 [ 181.642414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.642885] RIP: 0033:0x7f4b87518a4d [ 181.643206] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.643727] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.644360] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.644954] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.645547] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.646141] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.646765] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.647392] [ 181.647592] irq event stamp: 0 [ 181.647856] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.648387] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.649091] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.649792] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.650318] ---[ end trace 0000000000000000 ]--- [ 181.651078] ------------[ cut here ]------------ [ 181.651485] WARNING: CPU: 0 PID: 1724 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.652340] Modules linked in: [ 181.652612] CPU: 0 PID: 1724 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.653350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.654286] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.654756] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.656280] RSP: 0018:ffff888023e8fb78 EFLAGS: 00010246 [ 181.656736] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.657330] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 181.657921] RBP: ffff888023e8fb98 R08: ffffed100173fe3e R09: ffffed100173fe3e [ 181.658772] R10: ffff88800b9ff1ef R11: ffffed100173fe3d R12: ffff88800b9ff290 [ 181.659398] R13: ffff88800b9ff0a8 R14: ffffffffffffffff R15: ffff888023e8fc60 [ 181.659996] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.660671] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.661158] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.661755] PKRU: 55555554 [ 181.661993] Call Trace: [ 181.662212] [ 181.662406] iommufd_ioas_destroy+0x53/0x70 [ 181.662801] iommufd_fops_release+0x1f7/0x370 [ 181.663200] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.663625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.664041] ? write_comp_data+0x2f/0x90 [ 181.664392] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.664818] __fput+0x26d/0xa40 [ 181.665111] ____fput+0x1e/0x30 [ 181.665395] task_work_run+0x1a4/0x2d0 [ 181.665736] ? __pfx_task_work_run+0x10/0x10 [ 181.666115] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.666552] ? switch_task_namespaces+0xa9/0xe0 [ 181.666963] do_exit+0xb17/0x2ef0 [ 181.667267] ? lock_acquire+0x427/0x4c0 [ 181.667614] ? __pfx_lock_release+0x10/0x10 [ 181.667988] ? __kasan_check_write+0x18/0x20 [ 181.668363] ? do_raw_spin_lock+0x132/0x2a0 [ 181.668727] ? __pfx_do_exit+0x10/0x10 [ 181.669063] ? debug_smp_processor_id+0x20/0x30 [ 181.669464] ? rcu_is_watching+0x19/0xb0 [ 181.669808] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.670193] ? trace_hardirqs_on+0x26/0x120 [ 181.670585] do_group_exit+0xe0/0x2b0 [ 181.670914] __x64_sys_exit_group+0x47/0x50 [ 181.671291] do_syscall_64+0x3b/0x90 [ 181.671620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.672063] RIP: 0033:0x7f4b87518a4d [ 181.672382] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.672896] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.673532] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.674129] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.674753] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.675360] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.675957] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.676560] [ 181.676757] irq event stamp: 0 [ 181.677021] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.677546] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.678255] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.678986] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.679488] ---[ end trace 0000000000000000 ]--- [ 181.684094] ------------[ cut here ]------------ [ 181.684469] WARNING: CPU: 0 PID: 1725 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.685202] Modules linked in: [ 181.685434] CPU: 0 PID: 1725 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.686065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.687050] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.687418] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.688745] RSP: 0018:ffff888016127bb8 EFLAGS: 00010246 [ 181.689121] RAX: 0000000000000000 RBX: ffff8880143ae0a8 RCX: 0000000000000000 [ 181.689631] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 181.690133] RBP: ffff888016127bd0 R08: ffffed1002875c33 R09: ffffed1002875c33 [ 181.690649] R10: ffff8880143ae193 R11: ffffed1002875c32 R12: ffff888018539800 [ 181.691159] R13: ffff8880143ae1e8 R14: ffffffff8352e670 R15: ffff888016127e68 [ 181.691663] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.692232] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.692648] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 181.693169] PKRU: 55555554 [ 181.693371] Call Trace: [ 181.693556] [ 181.693717] __iommufd_access_detach+0x1c2/0x2b0 [ 181.694067] iommufd_access_change_pt+0x149/0x270 [ 181.694422] iommufd_access_replace+0xb4/0x120 [ 181.694776] iommufd_test+0x3e5/0x37e0 [ 181.695059] ? lock_release+0x532/0x770 [ 181.695367] ? __might_fault+0x102/0x1b0 [ 181.695677] ? lock_acquire+0x427/0x4c0 [ 181.696050] ? __pfx_iommufd_test+0x10/0x10 [ 181.696731] ? __pfx_lock_release+0x10/0x10 [ 181.697067] ? __pfx_lock_acquire+0x10/0x10 [ 181.697396] ? write_comp_data+0x2f/0x90 [ 181.697723] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.698367] ? write_comp_data+0x2f/0x90 [ 181.698726] iommufd_fops_ioctl+0x37d/0x510 [ 181.699067] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.699499] ? write_comp_data+0x2f/0x90 [ 181.699955] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.700348] __x64_sys_ioctl+0x1a3/0x230 [ 181.700681] do_syscall_64+0x3b/0x90 [ 181.700984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.701483] RIP: 0033:0x7f4b8743ee5d [ 181.701888] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.703339] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.704103] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.704667] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.705225] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.705935] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.706491] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.707085] [ 181.707280] irq event stamp: 0 [ 181.707563] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.708164] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.708826] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.709650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.710150] ---[ end trace 0000000000000000 ]--- [ 181.712962] ------------[ cut here ]------------ [ 181.713456] WARNING: CPU: 0 PID: 1725 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.714303] Modules linked in: [ 181.714643] CPU: 0 PID: 1725 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.715465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.716410] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.717009] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.718716] RSP: 0018:ffff888016127bd0 EFLAGS: 00010246 [ 181.719179] RAX: 0000000000000000 RBX: ffff8880143ae0a8 RCX: 0000000000000000 [ 181.719781] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 181.720384] RBP: ffff888016127be8 R08: ffffed1002875c33 R09: ffffed1002875c33 [ 181.720976] R10: ffff8880143ae193 R11: ffffed1002875c32 R12: ffff88801432a000 [ 181.721571] R13: ffff8880143ae1e8 R14: ffff88800ace4200 R15: 0000000000000000 [ 181.722166] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.722866] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.723360] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.723953] PKRU: 55555554 [ 181.724190] Call Trace: [ 181.724404] [ 181.724596] iommufd_access_destroy_object+0x65/0x170 [ 181.725038] iommufd_object_destroy_user+0x18e/0x220 [ 181.725467] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.725959] iommufd_access_destroy+0x43/0x70 [ 181.726343] iommufd_test_staccess_release+0x8d/0xd0 [ 181.726797] __fput+0x26d/0xa40 [ 181.727092] ____fput+0x1e/0x30 [ 181.727388] task_work_run+0x1a4/0x2d0 [ 181.727724] ? __pfx_task_work_run+0x10/0x10 [ 181.728101] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.728519] ? switch_task_namespaces+0xa9/0xe0 [ 181.728928] do_exit+0xb17/0x2ef0 [ 181.729224] ? lock_acquire+0x427/0x4c0 [ 181.729570] ? __pfx_lock_release+0x10/0x10 [ 181.729942] ? __kasan_check_write+0x18/0x20 [ 181.730318] ? do_raw_spin_lock+0x132/0x2a0 [ 181.730707] ? __pfx_do_exit+0x10/0x10 [ 181.731047] ? debug_smp_processor_id+0x20/0x30 [ 181.731454] ? rcu_is_watching+0x19/0xb0 [ 181.731800] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.732184] ? trace_hardirqs_on+0x26/0x120 [ 181.732554] do_group_exit+0xe0/0x2b0 [ 181.732877] __x64_sys_exit_group+0x47/0x50 [ 181.733239] do_syscall_64+0x3b/0x90 [ 181.733561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.734002] RIP: 0033:0x7f4b87518a4d [ 181.734318] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.734850] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.735496] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.736095] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.736689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.737288] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.737886] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.738492] [ 181.738721] irq event stamp: 0 [ 181.738990] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.739528] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.740232] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.740926] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.741455] ---[ end trace 0000000000000000 ]--- [ 181.742243] ------------[ cut here ]------------ [ 181.742864] WARNING: CPU: 0 PID: 1725 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.743748] Modules linked in: [ 181.744021] CPU: 0 PID: 1725 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.744759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.745700] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.746135] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.747689] RSP: 0018:ffff888016127b78 EFLAGS: 00010246 [ 181.748146] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.748740] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 181.749332] RBP: ffff888016127b98 R08: ffffed1002875c3e R09: ffffed1002875c3e [ 181.749923] R10: ffff8880143ae1ef R11: ffffed1002875c3d R12: ffff8880143ae290 [ 181.750543] R13: ffff8880143ae0a8 R14: ffffffffffffffff R15: ffff888016127c60 [ 181.751149] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.751828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.752312] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.752920] PKRU: 55555554 [ 181.753164] Call Trace: [ 181.753378] [ 181.753570] iommufd_ioas_destroy+0x53/0x70 [ 181.753942] iommufd_fops_release+0x1f7/0x370 [ 181.754321] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.754763] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.755186] ? write_comp_data+0x2f/0x90 [ 181.755542] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.755976] __fput+0x26d/0xa40 [ 181.756271] ____fput+0x1e/0x30 [ 181.756554] task_work_run+0x1a4/0x2d0 [ 181.756894] ? __pfx_task_work_run+0x10/0x10 [ 181.757269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.757686] ? switch_task_namespaces+0xa9/0xe0 [ 181.758093] do_exit+0xb17/0x2ef0 [ 181.758387] ? lock_acquire+0x427/0x4c0 [ 181.758759] ? __pfx_lock_release+0x10/0x10 [ 181.759144] ? __kasan_check_write+0x18/0x20 [ 181.759519] ? do_raw_spin_lock+0x132/0x2a0 [ 181.759882] ? __pfx_do_exit+0x10/0x10 [ 181.760219] ? debug_smp_processor_id+0x20/0x30 [ 181.760617] ? rcu_is_watching+0x19/0xb0 [ 181.760964] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.761349] ? trace_hardirqs_on+0x26/0x120 [ 181.761722] do_group_exit+0xe0/0x2b0 [ 181.762043] __x64_sys_exit_group+0x47/0x50 [ 181.762407] do_syscall_64+0x3b/0x90 [ 181.762753] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.763204] RIP: 0033:0x7f4b87518a4d [ 181.763519] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.764042] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.764680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.765276] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.765869] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.766481] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.767122] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.767742] [ 181.767940] irq event stamp: 0 [ 181.768207] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.768733] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.769429] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.770128] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.770676] ---[ end trace 0000000000000000 ]--- [ 181.775049] ------------[ cut here ]------------ [ 181.775557] WARNING: CPU: 0 PID: 1726 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.776418] Modules linked in: [ 181.776752] CPU: 0 PID: 1726 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.777576] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.778658] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.779145] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.780670] RSP: 0018:ffff888023e8fbb8 EFLAGS: 00010246 [ 181.781122] RAX: 0000000000000000 RBX: ffff8880171bf0a8 RCX: 0000000000000000 [ 181.781713] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 181.782311] RBP: ffff888023e8fbd0 R08: ffffed1002e37e33 R09: ffffed1002e37e33 [ 181.782934] R10: ffff8880171bf193 R11: ffffed1002e37e32 R12: ffff888013b23400 [ 181.783554] R13: ffff8880171bf1e8 R14: ffffffff8352e670 R15: ffff888023e8fe68 [ 181.784160] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.784830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.785316] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 181.785924] PKRU: 55555554 [ 181.786164] Call Trace: [ 181.786382] [ 181.786599] __iommufd_access_detach+0x1c2/0x2b0 [ 181.787026] iommufd_access_change_pt+0x149/0x270 [ 181.787445] iommufd_access_replace+0xb4/0x120 [ 181.787841] iommufd_test+0x3e5/0x37e0 [ 181.788172] ? lock_release+0x532/0x770 [ 181.788521] ? __might_fault+0x102/0x1b0 [ 181.788873] ? lock_acquire+0x427/0x4c0 [ 181.789223] ? __pfx_iommufd_test+0x10/0x10 [ 181.789591] ? __pfx_lock_release+0x10/0x10 [ 181.789965] ? __pfx_lock_acquire+0x10/0x10 [ 181.790341] ? write_comp_data+0x2f/0x90 [ 181.790713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.791143] ? write_comp_data+0x2f/0x90 [ 181.791502] iommufd_fops_ioctl+0x37d/0x510 [ 181.791873] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.792288] ? write_comp_data+0x2f/0x90 [ 181.792642] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.793052] __x64_sys_ioctl+0x1a3/0x230 [ 181.793412] do_syscall_64+0x3b/0x90 [ 181.793738] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.794181] RIP: 0033:0x7f4b8743ee5d [ 181.794498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.796074] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.796712] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.797313] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.797911] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.798531] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.799133] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.799749] [ 181.799947] irq event stamp: 0 [ 181.800211] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.800737] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.801439] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.802133] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.802681] ---[ end trace 0000000000000000 ]--- [ 181.805798] ------------[ cut here ]------------ [ 181.806208] WARNING: CPU: 0 PID: 1726 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.807094] Modules linked in: [ 181.807377] CPU: 0 PID: 1726 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.808282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.809227] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.809736] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.811402] RSP: 0018:ffff888023e8fbd0 EFLAGS: 00010246 [ 181.811943] RAX: 0000000000000000 RBX: ffff8880171bf0a8 RCX: 0000000000000000 [ 181.812544] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 181.813146] RBP: ffff888023e8fbe8 R08: ffffed1002e37e33 R09: ffffed1002e37e33 [ 181.813930] R10: ffff8880171bf193 R11: ffffed1002e37e32 R12: ffff888018539000 [ 181.814558] R13: ffff8880171bf1e8 R14: ffff888012870a00 R15: 0000000000000000 [ 181.815169] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.816017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.816509] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.817151] PKRU: 55555554 [ 181.817516] Call Trace: [ 181.817732] [ 181.817924] iommufd_access_destroy_object+0x65/0x170 [ 181.818368] iommufd_object_destroy_user+0x18e/0x220 [ 181.818820] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.819490] iommufd_access_destroy+0x43/0x70 [ 181.819880] iommufd_test_staccess_release+0x8d/0xd0 [ 181.820318] __fput+0x26d/0xa40 [ 181.820611] ____fput+0x1e/0x30 [ 181.821096] task_work_run+0x1a4/0x2d0 [ 181.821439] ? __pfx_task_work_run+0x10/0x10 [ 181.821817] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.822242] ? switch_task_namespaces+0xa9/0xe0 [ 181.822831] do_exit+0xb17/0x2ef0 [ 181.823145] ? lock_acquire+0x427/0x4c0 [ 181.823506] ? __pfx_lock_release+0x10/0x10 [ 181.823878] ? __kasan_check_write+0x18/0x20 [ 181.824255] ? do_raw_spin_lock+0x132/0x2a0 [ 181.824819] ? __pfx_do_exit+0x10/0x10 [ 181.825161] ? debug_smp_processor_id+0x20/0x30 [ 181.825562] ? rcu_is_watching+0x19/0xb0 [ 181.825911] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.826390] ? trace_hardirqs_on+0x26/0x120 [ 181.826890] do_group_exit+0xe0/0x2b0 [ 181.827233] __x64_sys_exit_group+0x47/0x50 [ 181.827615] do_syscall_64+0x3b/0x90 [ 181.827948] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.828594] RIP: 0033:0x7f4b87518a4d [ 181.828917] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.829444] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.830171] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.830897] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.831513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.832295] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.832904] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.833533] [ 181.833784] irq event stamp: 0 [ 181.834179] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.834744] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.835470] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.836358] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.836897] ---[ end trace 0000000000000000 ]--- [ 181.839276] ------------[ cut here ]------------ [ 181.839891] WARNING: CPU: 0 PID: 1726 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.840762] Modules linked in: [ 181.841041] CPU: 0 PID: 1726 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.841945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.842929] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.843511] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.845227] RSP: 0018:ffff888023e8fb78 EFLAGS: 00010246 [ 181.845687] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.846293] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 181.847099] RBP: ffff888023e8fb98 R08: ffffed1002e37e3e R09: ffffed1002e37e3e [ 181.847715] R10: ffff8880171bf1ef R11: ffffed1002e37e3d R12: ffff8880171bf290 [ 181.848324] R13: ffff8880171bf0a8 R14: ffffffffffffffff R15: ffff888023e8fc60 [ 181.849096] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.849780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.850275] CR2: 00007f82e2f1c010 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 181.851061] PKRU: 55555554 [ 181.851312] Call Trace: [ 181.851531] [ 181.851724] iommufd_ioas_destroy+0x53/0x70 [ 181.852100] iommufd_fops_release+0x1f7/0x370 [ 181.852675] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.853107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.853534] ? write_comp_data+0x2f/0x90 [ 181.853895] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.854500] __fput+0x26d/0xa40 [ 181.854824] ____fput+0x1e/0x30 [ 181.855125] task_work_run+0x1a4/0x2d0 [ 181.855453] ? __pfx_task_work_run+0x10/0x10 [ 181.855810] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.856350] ? switch_task_namespaces+0xa9/0xe0 [ 181.856734] do_exit+0xb17/0x2ef0 [ 181.857014] ? lock_acquire+0x427/0x4c0 [ 181.857345] ? __pfx_lock_release+0x10/0x10 [ 181.857727] ? __kasan_check_write+0x18/0x20 [ 181.858189] ? do_raw_spin_lock+0x132/0x2a0 [ 181.858560] ? __pfx_do_exit+0x10/0x10 [ 181.858885] ? debug_smp_processor_id+0x20/0x30 [ 181.859278] ? rcu_is_watching+0x19/0xb0 [ 181.859680] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.860129] ? trace_hardirqs_on+0x26/0x120 [ 181.860486] do_group_exit+0xe0/0x2b0 [ 181.860795] __x64_sys_exit_group+0x47/0x50 [ 181.861142] do_syscall_64+0x3b/0x90 [ 181.861598] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.862023] RIP: 0033:0x7f4b87518a4d [ 181.862330] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.862851] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.863633] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.864218] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.864838] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.865555] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.866158] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.866785] [ 181.867038] irq event stamp: 0 [ 181.867400] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.867927] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.868655] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.869472] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.870006] ---[ end trace 0000000000000000 ]--- [ 181.875966] ------------[ cut here ]------------ [ 181.876432] WARNING: CPU: 0 PID: 1727 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.877423] Modules linked in: [ 181.877701] CPU: 0 PID: 1727 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.878658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.879643] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.880080] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.881652] RSP: 0018:ffff88801619fbb8 EFLAGS: 00010246 [ 181.882108] RAX: 0000000000000000 RBX: ffff88801609e8a8 RCX: 0000000000000000 [ 181.882741] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 181.883368] RBP: ffff88801619fbd0 R08: ffffed1002c13d33 R09: ffffed1002c13d33 [ 181.883982] R10: ffff88801609e993 R11: ffffed1002c13d32 R12: ffff888010826c00 [ 181.884600] R13: ffff88801609e9e8 R14: ffffffff8352e670 R15: ffff88801619fe68 [ 181.885217] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.885913] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.886404] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 181.887026] PKRU: 55555554 [ 181.887284] Call Trace: [ 181.887502] [ 181.887696] __iommufd_access_detach+0x1c2/0x2b0 [ 181.888116] iommufd_access_change_pt+0x149/0x270 [ 181.888534] iommufd_access_replace+0xb4/0x120 [ 181.888935] iommufd_test+0x3e5/0x37e0 [ 181.889270] ? lock_release+0x532/0x770 [ 181.889621] ? __might_fault+0x102/0x1b0 [ 181.889976] ? lock_acquire+0x427/0x4c0 [ 181.890327] ? __pfx_iommufd_test+0x10/0x10 [ 181.890715] ? __pfx_lock_release+0x10/0x10 [ 181.891094] ? __pfx_lock_acquire+0x10/0x10 [ 181.891483] ? write_comp_data+0x2f/0x90 [ 181.891841] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.892260] ? write_comp_data+0x2f/0x90 [ 181.892620] iommufd_fops_ioctl+0x37d/0x510 [ 181.892998] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.893420] ? write_comp_data+0x2f/0x90 [ 181.893775] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.894193] __x64_sys_ioctl+0x1a3/0x230 [ 181.894572] do_syscall_64+0x3b/0x90 [ 181.894903] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.895362] RIP: 0033:0x7f4b8743ee5d [ 181.895687] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.897253] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.897906] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.898555] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 181.899173] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 181.899778] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 181.900381] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 181.900995] [ 181.901194] irq event stamp: 0 [ 181.901464] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.901999] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.902735] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.903455] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.903990] ---[ end trace 0000000000000000 ]--- [ 181.907329] ------------[ cut here ]------------ [ 181.907756] WARNING: CPU: 0 PID: 1727 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.908624] Modules linked in: [ 181.908956] CPU: 0 PID: 1727 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.909851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.910907] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.911445] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.913064] RSP: 0018:ffff88801619fbd0 EFLAGS: 00010246 [ 181.913613] RAX: 0000000000000000 RBX: ffff88801609e8a8 RCX: 0000000000000000 [ 181.914220] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 181.914879] RBP: ffff88801619fbe8 R08: ffffed1002c13d33 R09: ffffed1002c13d33 [ 181.915630] R10: ffff88801609e993 R11: ffffed1002c13d32 R12: ffff888013b21400 [ 181.916244] R13: ffff88801609e9e8 R14: ffff888015bbba00 R15: 0000000000000000 [ 181.916847] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.917724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.918223] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.918920] PKRU: 55555554 [ 181.919272] Call Trace: [ 181.919500] [ 181.919697] iommufd_access_destroy_object+0x65/0x170 [ 181.920150] iommufd_object_destroy_user+0x18e/0x220 [ 181.920590] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 181.921183] iommufd_access_destroy+0x43/0x70 [ 181.921693] iommufd_test_staccess_release+0x8d/0xd0 [ 181.922137] __fput+0x26d/0xa40 [ 181.922436] ____fput+0x1e/0x30 [ 181.922778] task_work_run+0x1a4/0x2d0 [ 181.923261] ? __pfx_task_work_run+0x10/0x10 [ 181.923651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.924076] ? switch_task_namespaces+0xa9/0xe0 [ 181.924490] do_exit+0xb17/0x2ef0 [ 181.924796] ? lock_acquire+0x427/0x4c0 [ 181.925245] ? __pfx_lock_release+0x10/0x10 [ 181.925737] ? __kasan_check_write+0x18/0x20 [ 181.926127] ? do_raw_spin_lock+0x132/0x2a0 [ 181.926535] ? __pfx_do_exit+0x10/0x10 [ 181.926883] ? debug_smp_processor_id+0x20/0x30 [ 181.927484] ? rcu_is_watching+0x19/0xb0 [ 181.927839] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.928236] ? trace_hardirqs_on+0x26/0x120 [ 181.928619] do_group_exit+0xe0/0x2b0 [ 181.929033] __x64_sys_exit_group+0x47/0x50 [ 181.929494] do_syscall_64+0x3b/0x90 [ 181.929831] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.930286] RIP: 0033:0x7f4b87518a4d [ 181.930657] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.931330] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.931980] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.932682] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.933392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.934000] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.934812] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.935441] [ 181.935651] irq event stamp: 0 [ 181.935924] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.936483] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.937199] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.937914] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.938450] ---[ end trace 0000000000000000 ]--- [ 181.939276] ------------[ cut here ]------------ [ 181.939845] WARNING: CPU: 0 PID: 1727 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 181.940721] Modules linked in: [ 181.941003] CPU: 0 PID: 1727 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.941944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.942948] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 181.943591] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 181.945220] RSP: 0018:ffff88801619fb78 EFLAGS: 00010246 [ 181.945748] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 181.946358] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 181.947066] RBP: ffff88801619fb98 R08: ffffed1002c13d3e R09: ffffed1002c13d3e [ 181.947808] R10: ffff88801609e9ef R11: ffffed1002c13d3d R12: ffff88801609ea90 [ 181.948418] R13: ffff88801609e8a8 R14: ffffffffffffffff R15: ffff88801619fc60 [ 181.949204] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.949887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.950381] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 181.951200] PKRU: 55555554 [ 181.951448] Call Trace: [ 181.951670] [ 181.951869] iommufd_ioas_destroy+0x53/0x70 [ 181.952255] iommufd_fops_release+0x1f7/0x370 [ 181.952744] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.953244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.953676] ? write_comp_data+0x2f/0x90 [ 181.954040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 181.954564] __fput+0x26d/0xa40 [ 181.954959] ____fput+0x1e/0x30 [ 181.955259] task_work_run+0x1a4/0x2d0 [ 181.955604] ? __pfx_task_work_run+0x10/0x10 [ 181.955994] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.956611] ? switch_task_namespaces+0xa9/0xe0 [ 181.957032] do_exit+0xb17/0x2ef0 [ 181.957333] ? lock_acquire+0x427/0x4c0 [ 181.957687] ? __pfx_lock_release+0x10/0x10 [ 181.958106] ? __kasan_check_write+0x18/0x20 [ 181.958598] ? do_raw_spin_lock+0x132/0x2a0 [ 181.958977] ? __pfx_do_exit+0x10/0x10 [ 181.959334] ? debug_smp_processor_id+0x20/0x30 [ 181.959746] ? rcu_is_watching+0x19/0xb0 [ 181.960271] ? _raw_spin_unlock_irq+0x2b/0x60 [ 181.960672] ? trace_hardirqs_on+0x26/0x120 [ 181.961056] do_group_exit+0xe0/0x2b0 [ 181.961389] __x64_sys_exit_group+0x47/0x50 [ 181.961807] do_syscall_64+0x3b/0x90 [ 181.962277] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.962770] RIP: 0033:0x7f4b87518a4d [ 181.963105] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 181.963694] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 181.964471] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 181.965079] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 181.965687] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 181.966295] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 181.966944] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 181.967773] [ 181.967977] irq event stamp: 0 [ 181.968250] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 181.968791] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 181.969692] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 181.970410] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 181.971008] ---[ end trace 0000000000000000 ]--- [ 181.976818] ------------[ cut here ]------------ [ 181.977254] WARNING: CPU: 0 PID: 1728 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 181.978364] Modules linked in: [ 181.978734] CPU: 0 PID: 1728 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 181.979505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 181.980477] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 181.980910] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 181.982487] RSP: 0018:ffff888014bb7bb8 EFLAGS: 00010246 [ 181.982982] RAX: 0000000000000000 RBX: ffff888010b7c0a8 RCX: 0000000000000000 [ 181.983608] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 181.984231] RBP: ffff888014bb7bd0 R08: ffffed100216f833 R09: ffffed100216f833 [ 181.984848] R10: ffff888010b7c193 R11: ffffed100216f832 R12: ffff88801422d800 [ 181.985462] R13: ffff888010b7c1e8 R14: ffffffff8352e670 R15: ffff888014bb7e68 [ 181.986090] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 181.986812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 181.987327] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 181.987942] PKRU: 55555554 [ 181.988195] Call Trace: [ 181.988417] [ 181.988616] __iommufd_access_detach+0x1c2/0x2b0 [ 181.989043] iommufd_access_change_pt+0x149/0x270 [ 181.989473] iommufd_access_replace+0xb4/0x120 [ 181.989882] iommufd_test+0x3e5/0x37e0 [ 181.990238] ? lock_release+0x532/0x770 [ 181.990626] ? __might_fault+0x102/0x1b0 [ 181.991001] ? lock_acquire+0x427/0x4c0 [ 181.991367] ? __pfx_iommufd_test+0x10/0x10 [ 181.991741] ? __pfx_lock_release+0x10/0x10 [ 181.992126] ? __pfx_lock_acquire+0x10/0x10 [ 181.992518] ? write_comp_data+0x2f/0x90 [ 181.992884] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 181.993310] ? write_comp_data+0x2f/0x90 [ 181.993677] iommufd_fops_ioctl+0x37d/0x510 [ 181.994072] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.994534] ? write_comp_data+0x2f/0x90 [ 181.994902] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 181.995338] __x64_sys_ioctl+0x1a3/0x230 [ 181.995708] do_syscall_64+0x3b/0x90 [ 181.996043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 181.996502] RIP: 0033:0x7f4b8743ee5d [ 181.996832] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 181.998405] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 181.999089] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 181.999718] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.000338] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.000952] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.001568] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.002189] [ 182.002393] irq event stamp: 0 [ 182.002689] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.003242] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.003963] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.004679] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.005220] ---[ end trace 0000000000000000 ]--- [ 182.008405] ------------[ cut here ]------------ [ 182.008845] WARNING: CPU: 1 PID: 1728 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.009660] Modules linked in: [ 182.009915] CPU: 1 PID: 1728 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.010736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.011647] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.012045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.013495] RSP: 0018:ffff888014bb7bd0 EFLAGS: 00010246 [ 182.013920] RAX: 0000000000000000 RBX: ffff888010b7c0a8 RCX: 0000000000000000 [ 182.014486] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 182.015101] RBP: ffff888014bb7be8 R08: ffffed100216f833 R09: ffffed100216f833 [ 182.015714] R10: ffff888010b7c193 R11: ffffed100216f832 R12: ffff888010827000 [ 182.016304] R13: ffff888010b7c1e8 R14: ffff888020929900 R15: 0000000000000000 [ 182.016893] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 182.017559] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.018040] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 182.018660] PKRU: 55555554 [ 182.018902] Call Trace: [ 182.019129] [ 182.019329] iommufd_access_destroy_object+0x65/0x170 [ 182.019769] iommufd_object_destroy_user+0x18e/0x220 [ 182.020200] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.020698] iommufd_access_destroy+0x43/0x70 [ 182.021085] iommufd_test_staccess_release+0x8d/0xd0 [ 182.021523] __fput+0x26d/0xa40 [ 182.021816] ____fput+0x1e/0x30 [ 182.022105] task_work_run+0x1a4/0x2d0 [ 182.022448] ? __pfx_task_work_run+0x10/0x10 [ 182.022843] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.023272] ? switch_task_namespaces+0xa9/0xe0 [ 182.023677] do_exit+0xb17/0x2ef0 [ 182.023973] ? lock_acquire+0x427/0x4c0 [ 182.024315] ? __pfx_lock_release+0x10/0x10 [ 182.024688] ? __kasan_check_write+0x18/0x20 [ 182.025066] ? do_raw_spin_lock+0x132/0x2a0 [ 182.025429] ? __pfx_do_exit+0x10/0x10 [ 182.025762] ? debug_smp_processor_id+0x20/0x30 [ 182.026158] ? rcu_is_watching+0x19/0xb0 [ 182.026499] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.026911] ? trace_hardirqs_on+0x26/0x120 [ 182.027291] do_group_exit+0xe0/0x2b0 [ 182.027617] __x64_sys_exit_group+0x47/0x50 [ 182.027976] do_syscall_64+0x3b/0x90 [ 182.028300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.028739] RIP: 0033:0x7f4b87518a4d [ 182.029054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.029575] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.030208] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.030828] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.031435] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.032031] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.032622] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.033224] [ 182.033421] irq event stamp: 0 [ 182.033685] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.034217] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.034936] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.035649] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.036175] ---[ end trace 0000000000000000 ]--- [ 182.036918] ------------[ cut here ]------------ [ 182.037321] WARNING: CPU: 1 PID: 1728 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.038174] Modules linked in: [ 182.038444] CPU: 1 PID: 1728 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.039224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.040174] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.040609] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.042132] RSP: 0018:ffff888014bb7b78 EFLAGS: 00010246 [ 182.042633] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.043242] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 182.043844] RBP: ffff888014bb7b98 R08: ffffed100216f83e R09: ffffed100216f83e [ 182.044447] R10: ffff888010b7c1ef R11: ffffed100216f83d R12: ffff888010b7c290 [ 182.045055] R13: ffff888010b7c0a8 R14: ffffffffffffffff R15: ffff888014bb7c60 [ 182.045677] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 182.046342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.046818] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 182.047390] PKRU: 55555554 [ 182.047613] Call Trace: [ 182.047817] [ 182.047997] iommufd_ioas_destroy+0x53/0x70 [ 182.048347] iommufd_fops_release+0x1f7/0x370 [ 182.048710] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.049111] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.049504] ? write_comp_data+0x2f/0x90 [ 182.049835] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.050234] __fput+0x26d/0xa40 [ 182.050534] ____fput+0x1e/0x30 [ 182.050812] task_work_run+0x1a4/0x2d0 [ 182.051143] ? __pfx_task_work_run+0x10/0x10 [ 182.051497] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.051891] ? switch_task_namespaces+0xa9/0xe0 [ 182.052274] do_exit+0xb17/0x2ef0 [ 182.052553] ? lock_acquire+0x427/0x4c0 [ 182.052882] ? __pfx_lock_release+0x10/0x10 [ 182.053228] ? __kasan_check_write+0x18/0x20 [ 182.053582] ? do_raw_spin_lock+0x132/0x2a0 [ 182.053923] ? __pfx_do_exit+0x10/0x10 [ 182.054240] ? debug_smp_processor_id+0x20/0x30 [ 182.054642] ? rcu_is_watching+0x19/0xb0 [ 182.054975] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.055354] ? trace_hardirqs_on+0x26/0x120 [ 182.055706] do_group_exit+0xe0/0x2b0 [ 182.056010] __x64_sys_exit_group+0x47/0x50 [ 182.056351] do_syscall_64+0x3b/0x90 [ 182.056657] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.057076] RIP: 0033:0x7f4b87518a4d [ 182.057378] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.057866] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.058465] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.059058] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.059644] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.060208] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.060775] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.061343] [ 182.061532] irq event stamp: 0 [ 182.061781] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.062280] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.062992] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.063709] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.064247] ---[ end trace 0000000000000000 ]--- [ 182.069305] ------------[ cut here ]------------ [ 182.069779] WARNING: CPU: 0 PID: 1729 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.070929] Modules linked in: [ 182.071230] CPU: 0 PID: 1729 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.071985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.072965] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.073407] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.075027] RSP: 0018:ffff888016c27bb8 EFLAGS: 00010246 [ 182.075513] RAX: 0000000000000000 RBX: ffff888016eb08a8 RCX: 0000000000000000 [ 182.076138] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 182.076775] RBP: ffff888016c27bd0 R08: ffffed1002dd6133 R09: ffffed1002dd6133 [ 182.077400] R10: ffff888016eb0993 R11: ffffed1002dd6132 R12: ffff888020d18000 [ 182.078026] R13: ffff888016eb09e8 R14: ffffffff8352e670 R15: ffff888016c27e68 [ 182.078702] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.079425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.079935] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 182.080558] PKRU: 55555554 [ 182.080810] Call Trace: [ 182.081037] [ 182.081242] __iommufd_access_detach+0x1c2/0x2b0 [ 182.081682] iommufd_access_change_pt+0x149/0x270 [ 182.082116] iommufd_access_replace+0xb4/0x120 [ 182.082579] iommufd_test+0x3e5/0x37e0 [ 182.082931] ? lock_release+0x532/0x770 [ 182.083305] ? __might_fault+0x102/0x1b0 [ 182.083674] ? lock_acquire+0x427/0x4c0 [ 182.084037] ? __pfx_iommufd_test+0x10/0x10 [ 182.084418] ? __pfx_lock_release+0x10/0x10 [ 182.084809] ? __pfx_lock_acquire+0x10/0x10 [ 182.085202] ? write_comp_data+0x2f/0x90 [ 182.085572] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.086008] ? write_comp_data+0x2f/0x90 [ 182.086387] iommufd_fops_ioctl+0x37d/0x510 [ 182.086819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.087263] ? write_comp_data+0x2f/0x90 [ 182.087619] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.088036] __x64_sys_ioctl+0x1a3/0x230 [ 182.088405] do_syscall_64+0x3b/0x90 [ 182.088745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.089208] RIP: 0033:0x7f4b8743ee5d [ 182.089535] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.091187] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.091871] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.092520] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.093157] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.093797] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.094434] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.095130] [ 182.095348] irq event stamp: 0 [ 182.095631] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.096199] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.096959] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.097705] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.098268] ---[ end trace 0000000000000000 ]--- [ 182.101487] ------------[ cut here ]------------ [ 182.101945] WARNING: CPU: 0 PID: 1729 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.102915] Modules linked in: [ 182.103228] CPU: 0 PID: 1729 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.104013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.105008] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.105466] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.107125] RSP: 0018:ffff888016c27bd0 EFLAGS: 00010246 [ 182.107617] RAX: 0000000000000000 RBX: ffff888016eb08a8 RCX: 0000000000000000 [ 182.108262] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 182.108903] RBP: ffff888016c27be8 R08: ffffed1002dd6133 R09: ffffed1002dd6133 [ 182.109540] R10: ffff888016eb0993 R11: ffffed1002dd6132 R12: ffff88801422f400 [ 182.110179] R13: ffff888016eb09e8 R14: ffff88800fd4f100 R15: 0000000000000000 [ 182.110866] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.111648] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.112208] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.112891] PKRU: 55555554 [ 182.113164] Call Trace: [ 182.113412] [ 182.113626] iommufd_access_destroy_object+0x65/0x170 [ 182.114131] iommufd_object_destroy_user+0x18e/0x220 [ 182.114694] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.115265] iommufd_access_destroy+0x43/0x70 [ 182.115702] iommufd_test_staccess_release+0x8d/0xd0 [ 182.116195] __fput+0x26d/0xa40 [ 182.116524] ____fput+0x1e/0x30 [ 182.116849] task_work_run+0x1a4/0x2d0 [ 182.117227] ? __pfx_task_work_run+0x10/0x10 [ 182.117655] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.118128] ? switch_task_namespaces+0xa9/0xe0 [ 182.118625] do_exit+0xb17/0x2ef0 [ 182.118957] ? lock_acquire+0x427/0x4c0 [ 182.119358] ? __pfx_lock_release+0x10/0x10 [ 182.119774] ? __kasan_check_write+0x18/0x20 [ 182.120199] ? do_raw_spin_lock+0x132/0x2a0 [ 182.120622] ? __pfx_do_exit+0x10/0x10 [ 182.121004] ? debug_smp_processor_id+0x20/0x30 [ 182.121459] ? rcu_is_watching+0x19/0xb0 [ 182.121852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.122299] ? trace_hardirqs_on+0x26/0x120 [ 182.122769] do_group_exit+0xe0/0x2b0 [ 182.123157] __x64_sys_exit_group+0x47/0x50 [ 182.123576] do_syscall_64+0x3b/0x90 [ 182.123937] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.124436] RIP: 0033:0x7f4b87518a4d [ 182.124790] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.125375] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.126087] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.126795] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.127485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.128161] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.128845] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.129545] [ 182.129781] irq event stamp: 0 [ 182.130092] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.130751] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.131587] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.132393] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.132999] ---[ end trace 0000000000000000 ]--- [ 182.133842] ------------[ cut here ]------------ [ 182.134298] WARNING: CPU: 0 PID: 1729 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.135324] Modules linked in: [ 182.135639] CPU: 0 PID: 1729 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.136479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.137585] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.138090] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.139903] RSP: 0018:ffff888016c27b78 EFLAGS: 00010246 [ 182.140431] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.141119] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 182.141811] RBP: ffff888016c27b98 R08: ffffed1002dd613e R09: ffffed1002dd613e [ 182.142541] R10: ffff888016eb09ef R11: ffffed1002dd613d R12: ffff888016eb0a90 [ 182.143244] R13: ffff888016eb08a8 R14: ffffffffffffffff R15: ffff888016c27c60 [ 182.143929] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.144701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.145259] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.145946] PKRU: 55555554 [ 182.146227] Call Trace: [ 182.146479] [ 182.146744] iommufd_ioas_destroy+0x53/0x70 [ 182.147185] iommufd_fops_release+0x1f7/0x370 [ 182.147652] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.148183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.148709] ? write_comp_data+0x2f/0x90 [ 182.149153] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.149686] __fput+0x26d/0xa40 [ 182.150047] ____fput+0x1e/0x30 [ 182.150401] task_work_run+0x1a4/0x2d0 [ 182.150866] ? __pfx_task_work_run+0x10/0x10 [ 182.151365] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.151908] ? switch_task_namespaces+0xa9/0xe0 [ 182.152428] do_exit+0xb17/0x2ef0 [ 182.152799] ? lock_acquire+0x427/0x4c0 [ 182.153228] ? __pfx_lock_release+0x10/0x10 [ 182.153682] ? __kasan_check_write+0x18/0x20 [ 182.154150] ? do_raw_spin_lock+0x132/0x2a0 [ 182.154660] ? __pfx_do_exit+0x10/0x10 [ 182.155100] ? debug_smp_processor_id+0x20/0x30 [ 182.155604] ? rcu_is_watching+0x19/0xb0 [ 182.156031] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.156509] ? trace_hardirqs_on+0x26/0x120 [ 182.156968] do_group_exit+0xe0/0x2b0 [ 182.157386] __x64_sys_exit_group+0x47/0x50 [ 182.157849] do_syscall_64+0x3b/0x90 [ 182.158261] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.158890] RIP: 0033:0x7f4b87518a4d [ 182.159306] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.159949] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.160737] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.161486] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.162226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.163011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.163766] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.164533] [ 182.164787] irq event stamp: 0 [ 182.165120] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.165787] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.166708] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.167600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.168277] ---[ end trace 0000000000000000 ]--- [ 182.173693] ------------[ cut here ]------------ [ 182.174254] WARNING: CPU: 0 PID: 1730 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.175402] Modules linked in: [ 182.175737] CPU: 0 PID: 1730 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.176635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.177787] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.178313] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.180494] RSP: 0018:ffff888016e97bb8 EFLAGS: 00010246 [ 182.181061] RAX: 0000000000000000 RBX: ffff888016d1d8a8 RCX: 0000000000000000 [ 182.181793] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 182.182565] RBP: ffff888016e97bd0 R08: ffffed1002da3b33 R09: ffffed1002da3b33 [ 182.183318] R10: ffff888016d1d993 R11: ffffed1002da3b32 R12: ffff888012b45000 [ 182.184058] R13: ffff888016d1d9e8 R14: ffffffff8352e670 R15: ffff888016e97e68 [ 182.184803] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.185644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.186252] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 182.187052] PKRU: 55555554 [ 182.187374] Call Trace: [ 182.187642] [ 182.187886] __iommufd_access_detach+0x1c2/0x2b0 [ 182.188400] iommufd_access_change_pt+0x149/0x270 [ 182.188912] iommufd_access_replace+0xb4/0x120 [ 182.189399] iommufd_test+0x3e5/0x37e0 [ 182.189806] ? lock_release+0x532/0x770 [ 182.190236] ? __might_fault+0x102/0x1b0 [ 182.190722] ? lock_acquire+0x427/0x4c0 [ 182.191170] ? __pfx_iommufd_test+0x10/0x10 [ 182.191629] ? __pfx_lock_release+0x10/0x10 [ 182.192098] ? __pfx_lock_acquire+0x10/0x10 [ 182.192562] ? write_comp_data+0x2f/0x90 [ 182.193006] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.193516] ? write_comp_data+0x2f/0x90 [ 182.193958] iommufd_fops_ioctl+0x37d/0x510 [ 182.194416] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.194986] ? write_comp_data+0x2f/0x90 [ 182.195444] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.195974] __x64_sys_ioctl+0x1a3/0x230 [ 182.196425] do_syscall_64+0x3b/0x90 [ 182.196837] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.197393] RIP: 0033:0x7f4b8743ee5d [ 182.197791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.199744] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.200554] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.201297] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.202066] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.202860] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.203628] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.204383] [ 182.204634] irq event stamp: 0 [ 182.204967] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.205627] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.206560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.207448] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.208108] ---[ end trace 0000000000000000 ]--- [ 182.211526] ------------[ cut here ]------------ [ 182.212076] WARNING: CPU: 0 PID: 1730 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.213131] Modules linked in: [ 182.213470] CPU: 0 PID: 1730 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.214381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.215608] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.216131] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.218029] RSP: 0018:ffff888016e97bd0 EFLAGS: 00010246 [ 182.218665] RAX: 0000000000000000 RBX: ffff888016d1d8a8 RCX: 0000000000000000 [ 182.219435] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 182.220183] RBP: ffff888016e97be8 R08: ffffed1002da3b33 R09: ffffed1002da3b33 [ 182.220926] R10: ffff888016d1d993 R11: ffffed1002da3b32 R12: ffff888020d1b000 [ 182.221686] R13: ffff888016d1d9e8 R14: ffff88801235b400 R15: 0000000000000000 [ 182.222712] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.223790] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.224383] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.225118] PKRU: 55555554 [ 182.225420] Call Trace: [ 182.225690] [ 182.225928] iommufd_access_destroy_object+0x65/0x170 [ 182.226621] iommufd_object_destroy_user+0x18e/0x220 [ 182.227358] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.227957] iommufd_access_destroy+0x43/0x70 [ 182.228432] iommufd_test_staccess_release+0x8d/0xd0 [ 182.228978] __fput+0x26d/0xa40 [ 182.229341] ____fput+0x1e/0x30 [ 182.229691] task_work_run+0x1a4/0x2d0 [ 182.230100] ? __pfx_task_work_run+0x10/0x10 [ 182.230602] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.231124] ? switch_task_namespaces+0xa9/0xe0 [ 182.231621] do_exit+0xb17/0x2ef0 [ 182.232263] ? lock_acquire+0x427/0x4c0 [ 182.232863] ? __pfx_lock_release+0x10/0x10 [ 182.233320] ? __kasan_check_write+0x18/0x20 [ 182.233781] ? do_raw_spin_lock+0x132/0x2a0 [ 182.234231] ? __pfx_do_exit+0x10/0x10 [ 182.234699] ? debug_smp_processor_id+0x20/0x30 [ 182.235219] ? rcu_is_watching+0x19/0xb0 [ 182.235653] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.236144] ? trace_hardirqs_on+0x26/0x120 [ 182.236743] do_group_exit+0xe0/0x2b0 [ 182.237293] __x64_sys_exit_group+0x47/0x50 [ 182.237930] do_syscall_64+0x3b/0x90 [ 182.238341] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.238943] RIP: 0033:0x7f4b87518a4d [ 182.239367] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.240023] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.240829] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.241700] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.242697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.243484] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.244257] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.245041] [ 182.245296] irq event stamp: 0 [ 182.245700] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.246716] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.247628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.248522] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.249200] ---[ end trace 0000000000000000 ]--- [ 182.250132] ------------[ cut here ]------------ [ 182.250866] WARNING: CPU: 0 PID: 1730 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.251987] Modules linked in: [ 182.252335] CPU: 0 PID: 1730 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.253277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.254855] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.255434] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.257394] RSP: 0018:ffff888016e97b78 EFLAGS: 00010246 [ 182.257981] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.258954] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 182.259927] RBP: ffff888016e97b98 R08: ffffed1002da3b3e R09: ffffed1002da3b3e [ 182.260698] R10: ffff888016d1d9ef R11: ffffed1002da3b3d R12: ffff888016d1da90 [ 182.261475] R13: ffff888016d1d8a8 R14: ffffffffffffffff R15: ffff888016e97c60 [ 182.262244] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.263236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.264140] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.264913] PKRU: 55555554 [ 182.265224] Call Trace: [ 182.265494] [ 182.265731] iommufd_ioas_destroy+0x53/0x70 [ 182.266202] iommufd_fops_release+0x1f7/0x370 [ 182.266748] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.267312] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.268025] ? write_comp_data+0x2f/0x90 [ 182.268643] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.269188] __fput+0x26d/0xa40 [ 182.269572] ____fput+0x1e/0x30 [ 182.269942] task_work_run+0x1a4/0x2d0 [ 182.270371] ? __pfx_task_work_run+0x10/0x10 [ 182.270892] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.271466] ? switch_task_namespaces+0xa9/0xe0 [ 182.272135] do_exit+0xb17/0x2ef0 [ 182.272641] ? lock_acquire+0x427/0x4c0 [ 182.273082] ? __pfx_lock_release+0x10/0x10 [ 182.273565] ? __kasan_check_write+0x18/0x20 [ 182.274052] ? do_raw_spin_lock+0x132/0x2a0 [ 182.274556] ? __pfx_do_exit+0x10/0x10 [ 182.275000] ? debug_smp_processor_id+0x20/0x30 [ 182.275706] ? rcu_is_watching+0x19/0xb0 [ 182.276317] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.276823] ? trace_hardirqs_on+0x26/0x120 [ 182.277303] do_group_exit+0xe0/0x2b0 [ 182.277734] __x64_sys_exit_group+0x47/0x50 [ 182.278201] do_syscall_64+0x3b/0x90 [ 182.278675] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.279326] RIP: 0033:0x7f4b87518a4d [ 182.279954] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.280608] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.281411] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.282168] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.283019] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.284033] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.284808] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.285595] [ 182.285857] irq event stamp: 0 [ 182.286203] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.286997] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.288103] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.289014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.289704] ---[ end trace 0000000000000000 ]--- [ 182.298576] ------------[ cut here ]------------ [ 182.299112] WARNING: CPU: 0 PID: 1731 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.300204] Modules linked in: [ 182.300552] CPU: 0 PID: 1731 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.301753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.303184] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.303728] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.305666] RSP: 0018:ffff888016c27bb8 EFLAGS: 00010246 [ 182.306253] RAX: 0000000000000000 RBX: ffff8880172640a8 RCX: 0000000000000000 [ 182.307060] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 182.307829] RBP: ffff888016c27bd0 R08: ffffed1002e4c833 R09: ffffed1002e4c833 [ 182.308583] R10: ffff888017264193 R11: ffffed1002e4c832 R12: ffff888018ab9800 [ 182.309333] R13: ffff8880172641e8 R14: ffffffff8352e670 R15: ffff888016c27e68 [ 182.310101] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.311004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.311625] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 182.312373] PKRU: 55555554 [ 182.312673] Call Trace: [ 182.312944] [ 182.313184] __iommufd_access_detach+0x1c2/0x2b0 [ 182.313702] iommufd_access_change_pt+0x149/0x270 [ 182.314218] iommufd_access_replace+0xb4/0x120 [ 182.314747] iommufd_test+0x3e5/0x37e0 [ 182.315172] ? lock_release+0x532/0x770 [ 182.315610] ? __might_fault+0x102/0x1b0 [ 182.316054] ? lock_acquire+0x427/0x4c0 [ 182.316489] ? __pfx_iommufd_test+0x10/0x10 [ 182.316952] ? __pfx_lock_release+0x10/0x10 [ 182.317419] ? __pfx_lock_acquire+0x10/0x10 [ 182.317894] ? write_comp_data+0x2f/0x90 [ 182.318335] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.318901] ? write_comp_data+0x2f/0x90 [ 182.319353] iommufd_fops_ioctl+0x37d/0x510 [ 182.319830] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.320361] ? write_comp_data+0x2f/0x90 [ 182.320805] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.321329] __x64_sys_ioctl+0x1a3/0x230 [ 182.321771] do_syscall_64+0x3b/0x90 [ 182.322176] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.322779] RIP: 0033:0x7f4b8743ee5d [ 182.323189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.325126] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.325945] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.326767] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.327554] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.328319] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.329086] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.329858] [ 182.330114] irq event stamp: 0 [ 182.330457] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.331189] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.332086] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.332972] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.333647] ---[ end trace 0000000000000000 ]--- [ 182.337575] ------------[ cut here ]------------ [ 182.338124] WARNING: CPU: 0 PID: 1731 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.339662] Modules linked in: [ 182.340017] CPU: 0 PID: 1731 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.340946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.342131] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.342704] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.345051] RSP: 0018:ffff888016c27bd0 EFLAGS: 00010246 [ 182.345621] RAX: 0000000000000000 RBX: ffff8880172640a8 RCX: 0000000000000000 [ 182.346374] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 182.347181] RBP: ffff888016c27be8 R08: ffffed1002e4c833 R09: ffffed1002e4c833 [ 182.347941] R10: ffff888017264193 R11: ffffed1002e4c832 R12: ffff888012b44400 [ 182.348885] R13: ffff8880172641e8 R14: ffff888020985700 R15: 0000000000000000 [ 182.349794] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.350688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.351330] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.352088] PKRU: 55555554 [ 182.352395] Call Trace: [ 182.352677] [ 182.353040] iommufd_access_destroy_object+0x65/0x170 [ 182.353856] iommufd_object_destroy_user+0x18e/0x220 [ 182.354419] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.355089] iommufd_access_destroy+0x43/0x70 [ 182.355614] iommufd_test_staccess_release+0x8d/0xd0 [ 182.356174] __fput+0x26d/0xa40 [ 182.356549] ____fput+0x1e/0x30 [ 182.356914] task_work_run+0x1a4/0x2d0 [ 182.357384] ? __pfx_task_work_run+0x10/0x10 [ 182.358053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.358787] ? switch_task_namespaces+0xa9/0xe0 [ 182.359316] do_exit+0xb17/0x2ef0 [ 182.359691] ? lock_acquire+0x427/0x4c0 [ 182.360126] ? __pfx_lock_release+0x10/0x10 [ 182.360595] ? __kasan_check_write+0x18/0x20 [ 182.361066] ? do_raw_spin_lock+0x132/0x2a0 [ 182.361540] ? __pfx_do_exit+0x10/0x10 [ 182.361980] ? debug_smp_processor_id+0x20/0x30 [ 182.362802] ? rcu_is_watching+0x19/0xb0 [ 182.363258] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.363750] ? trace_hardirqs_on+0x26/0x120 [ 182.364225] do_group_exit+0xe0/0x2b0 [ 182.364639] __x64_sys_exit_group+0x47/0x50 [ 182.365101] do_syscall_64+0x3b/0x90 [ 182.365515] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.366096] RIP: 0033:0x7f4b87518a4d [ 182.366501] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.367578] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.368406] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.369170] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.369935] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.370740] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.371506] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.372434] [ 182.372904] irq event stamp: 0 [ 182.373244] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.373913] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.374847] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.375753] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.376476] ---[ end trace 0000000000000000 ]--- [ 182.377606] ------------[ cut here ]------------ [ 182.378065] WARNING: CPU: 0 PID: 1731 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.379283] Modules linked in: [ 182.379820] CPU: 0 PID: 1731 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.380751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.382074] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.382823] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.384897] RSP: 0018:ffff888016c27b78 EFLAGS: 00010246 [ 182.385627] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.386395] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 182.387441] RBP: ffff888016c27b98 R08: ffffed1002e4c83e R09: ffffed1002e4c83e [ 182.388185] R10: ffff8880172641ef R11: ffffed1002e4c83d R12: ffff888017264290 [ 182.388946] R13: ffff8880172640a8 R14: ffffffffffffffff R15: ffff888016c27c60 [ 182.389992] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.390920] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.391558] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.392428] PKRU: 55555554 [ 182.392894] Call Trace: [ 182.393170] [ 182.393414] iommufd_ioas_destroy+0x53/0x70 [ 182.393892] iommufd_fops_release+0x1f7/0x370 [ 182.394545] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.395242] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.395773] ? write_comp_data+0x2f/0x90 [ 182.396226] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.396771] __fput+0x26d/0xa40 [ 182.397212] ____fput+0x1e/0x30 [ 182.397733] task_work_run+0x1a4/0x2d0 [ 182.398172] ? __pfx_task_work_run+0x10/0x10 [ 182.398703] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.399256] ? switch_task_namespaces+0xa9/0xe0 [ 182.399845] do_exit+0xb17/0x2ef0 [ 182.400421] ? lock_acquire+0x427/0x4c0 [ 182.400874] ? __pfx_lock_release+0x10/0x10 [ 182.401356] ? __kasan_check_write+0x18/0x20 [ 182.401836] ? do_raw_spin_lock+0x132/0x2a0 [ 182.402417] ? __pfx_do_exit+0x10/0x10 [ 182.403001] ? debug_smp_processor_id+0x20/0x30 [ 182.403518] ? rcu_is_watching+0x19/0xb0 [ 182.403966] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.404463] ? trace_hardirqs_on+0x26/0x120 [ 182.405061] do_group_exit+0xe0/0x2b0 [ 182.405647] __x64_sys_exit_group+0x47/0x50 [ 182.406115] do_syscall_64+0x3b/0x90 [ 182.406566] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.407156] RIP: 0033:0x7f4b87518a4d [ 182.407673] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.408494] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.409306] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.410340] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.411168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.411939] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.412994] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.413764] [ 182.414015] irq event stamp: 0 [ 182.414351] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.415344] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.416248] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.417130] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.418084] ---[ end trace 0000000000000000 ]--- [ 182.424368] ------------[ cut here ]------------ [ 182.424992] WARNING: CPU: 0 PID: 1732 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.426215] Modules linked in: [ 182.426615] CPU: 0 PID: 1732 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.427569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.428972] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.429504] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.431766] RSP: 0018:ffff888011da7bb8 EFLAGS: 00010246 [ 182.432338] RAX: 0000000000000000 RBX: ffff8880158870a8 RCX: 0000000000000000 [ 182.433092] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 182.433846] RBP: ffff888011da7bd0 R08: ffffed1002b10e33 R09: ffffed1002b10e33 [ 182.434620] R10: ffff888015887193 R11: ffffed1002b10e32 R12: ffff88800fcb2800 [ 182.435374] R13: ffff8880158871e8 R14: ffffffff8352e670 R15: ffff888011da7e68 [ 182.436113] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.436969] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.437584] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 182.438334] PKRU: 55555554 [ 182.438672] Call Trace: [ 182.438941] [ 182.439201] __iommufd_access_detach+0x1c2/0x2b0 [ 182.439724] iommufd_access_change_pt+0x149/0x270 [ 182.440243] iommufd_access_replace+0xb4/0x120 [ 182.440735] iommufd_test+0x3e5/0x37e0 [ 182.441151] ? lock_release+0x532/0x770 [ 182.441585] ? __might_fault+0x102/0x1b0 [ 182.442021] ? lock_acquire+0x427/0x4c0 [ 182.442449] ? __pfx_iommufd_test+0x10/0x10 [ 182.442936] ? __pfx_lock_release+0x10/0x10 [ 182.443425] ? __pfx_lock_acquire+0x10/0x10 [ 182.443906] ? write_comp_data+0x2f/0x90 [ 182.444338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.444870] ? write_comp_data+0x2f/0x90 [ 182.445309] iommufd_fops_ioctl+0x37d/0x510 [ 182.445765] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.446287] ? write_comp_data+0x2f/0x90 [ 182.446755] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.447286] __x64_sys_ioctl+0x1a3/0x230 [ 182.447722] do_syscall_64+0x3b/0x90 [ 182.448119] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.448677] RIP: 0033:0x7f4b8743ee5d [ 182.449064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.450970] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.451783] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.452516] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.453244] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.453972] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.454732] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.455490] [ 182.455736] irq event stamp: 0 [ 182.456064] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.456714] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.457572] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.458422] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.459110] ---[ end trace 0000000000000000 ]--- [ 182.462837] ------------[ cut here ]------------ [ 182.463524] WARNING: CPU: 0 PID: 1732 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.464568] Modules linked in: [ 182.464901] CPU: 0 PID: 1732 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.466086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.467309] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.467837] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.469957] RSP: 0018:ffff888011da7bd0 EFLAGS: 00010246 [ 182.470706] RAX: 0000000000000000 RBX: ffff8880158870a8 RCX: 0000000000000000 [ 182.471451] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 182.472185] RBP: ffff888011da7be8 R08: ffffed1002b10e33 R09: ffffed1002b10e33 [ 182.473042] R10: ffff888015887193 R11: ffffed1002b10e32 R12: ffff888018ab9000 [ 182.473914] R13: ffff8880158871e8 R14: ffff888012860a00 R15: 0000000000000000 [ 182.474686] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.475762] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.476367] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.477104] PKRU: 55555554 [ 182.477394] Call Trace: [ 182.477762] [ 182.478106] iommufd_access_destroy_object+0x65/0x170 [ 182.478677] iommufd_object_destroy_user+0x18e/0x220 [ 182.479223] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.479841] iommufd_access_destroy+0x43/0x70 [ 182.480557] iommufd_test_staccess_release+0x8d/0xd0 [ 182.481104] __fput+0x26d/0xa40 [ 182.481476] ____fput+0x1e/0x30 [ 182.481844] task_work_run+0x1a4/0x2d0 [ 182.482300] ? __pfx_task_work_run+0x10/0x10 [ 182.483000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.483527] ? switch_task_namespaces+0xa9/0xe0 [ 182.484031] do_exit+0xb17/0x2ef0 [ 182.484395] ? lock_acquire+0x427/0x4c0 [ 182.484849] ? __pfx_lock_release+0x10/0x10 [ 182.485503] ? __kasan_check_write+0x18/0x20 [ 182.485969] ? do_raw_spin_lock+0x132/0x2a0 [ 182.486420] ? __pfx_do_exit+0x10/0x10 [ 182.486880] ? debug_smp_processor_id+0x20/0x30 [ 182.487406] ? rcu_is_watching+0x19/0xb0 [ 182.488040] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.488519] ? trace_hardirqs_on+0x26/0x120 [ 182.488979] do_group_exit+0xe0/0x2b0 [ 182.489381] __x64_sys_exit_group+0x47/0x50 [ 182.489944] do_syscall_64+0x3b/0x90 [ 182.490499] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.491086] RIP: 0033:0x7f4b87518a4d [ 182.491496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.492133] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.493167] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.493899] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.494691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.495637] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.496387] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.497148] [ 182.497506] irq event stamp: 0 [ 182.497993] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.498690] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.499569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.500666] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.501314] ---[ end trace 0000000000000000 ]--- [ 182.502188] ------------[ cut here ]------------ [ 182.502819] WARNING: CPU: 0 PID: 1732 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.503891] Modules linked in: [ 182.504226] CPU: 0 PID: 1732 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.505336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.506485] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.507266] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.509176] RSP: 0018:ffff888011da7b78 EFLAGS: 00010246 [ 182.509967] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.510721] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 182.511503] RBP: ffff888011da7b98 R08: ffffed1002b10e3e R09: ffffed1002b10e3e [ 182.512432] R10: ffff8880158871ef R11: ffffed1002b10e3d R12: ffff888015887290 [ 182.513161] R13: ffff8880158870a8 R14: ffffffffffffffff R15: ffff888011da7c60 [ 182.514002] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.514979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.515576] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.516422] PKRU: 55555554 [ 182.516842] Call Trace: [ 182.517113] [ 182.517350] iommufd_ioas_destroy+0x53/0x70 [ 182.517807] iommufd_fops_release+0x1f7/0x370 [ 182.518286] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.519064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.519591] ? write_comp_data+0x2f/0x90 [ 182.520029] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.520547] __fput+0x26d/0xa40 [ 182.520907] ____fput+0x1e/0x30 [ 182.521364] task_work_run+0x1a4/0x2d0 [ 182.521871] ? __pfx_task_work_run+0x10/0x10 [ 182.522337] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.522876] ? switch_task_namespaces+0xa9/0xe0 [ 182.523398] do_exit+0xb17/0x2ef0 [ 182.523868] ? lock_acquire+0x427/0x4c0 [ 182.524434] ? __pfx_lock_release+0x10/0x10 [ 182.524894] ? __kasan_check_write+0x18/0x20 [ 182.525359] ? do_raw_spin_lock+0x132/0x2a0 [ 182.525847] ? __pfx_do_exit+0x10/0x10 [ 182.526446] ? debug_smp_processor_id+0x20/0x30 [ 182.526963] ? rcu_is_watching+0x19/0xb0 [ 182.527408] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.527891] ? trace_hardirqs_on+0x26/0x120 [ 182.528367] do_group_exit+0xe0/0x2b0 [ 182.528946] __x64_sys_exit_group+0x47/0x50 [ 182.529407] do_syscall_64+0x3b/0x90 [ 182.529790] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.530323] RIP: 0033:0x7f4b87518a4d [ 182.530873] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.531634] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.532417] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.533274] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.534146] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.534897] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.535738] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.536627] [ 182.536865] irq event stamp: 0 [ 182.537186] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.538049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.538934] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.539811] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.540688] ---[ end trace 0000000000000000 ]--- [ 182.546467] ------------[ cut here ]------------ [ 182.547134] WARNING: CPU: 1 PID: 1733 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.548091] Modules linked in: [ 182.548396] CPU: 1 PID: 1733 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.549218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.550280] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.551030] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.552759] RSP: 0018:ffff888016c27bb8 EFLAGS: 00010246 [ 182.553260] RAX: 0000000000000000 RBX: ffff8880171b98a8 RCX: 0000000000000000 [ 182.553924] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 182.554612] RBP: ffff888016c27bd0 R08: ffffed1002e37333 R09: ffffed1002e37333 [ 182.555296] R10: ffff8880171b9993 R11: ffffed1002e37332 R12: ffff888012e93000 [ 182.555967] R13: ffff8880171b99e8 R14: ffffffff8352e670 R15: ffff888016c27e68 [ 182.556643] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 182.557474] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.558016] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 182.558710] PKRU: 55555554 [ 182.558984] Call Trace: [ 182.559247] [ 182.559464] __iommufd_access_detach+0x1c2/0x2b0 [ 182.559935] iommufd_access_change_pt+0x149/0x270 [ 182.560399] iommufd_access_replace+0xb4/0x120 [ 182.560842] iommufd_test+0x3e5/0x37e0 [ 182.561208] ? lock_release+0x532/0x770 [ 182.561584] ? __might_fault+0x102/0x1b0 [ 182.561964] ? lock_acquire+0x427/0x4c0 [ 182.562339] ? __pfx_iommufd_test+0x10/0x10 [ 182.562752] ? __pfx_lock_release+0x10/0x10 [ 182.563166] ? __pfx_lock_acquire+0x10/0x10 [ 182.563575] ? write_comp_data+0x2f/0x90 [ 182.563966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.564418] ? write_comp_data+0x2f/0x90 [ 182.564802] iommufd_fops_ioctl+0x37d/0x510 [ 182.565208] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.565656] ? write_comp_data+0x2f/0x90 [ 182.566038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.566481] __x64_sys_ioctl+0x1a3/0x230 [ 182.566885] do_syscall_64+0x3b/0x90 [ 182.567235] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.567691] RIP: 0033:0x7f4b8743ee5d [ 182.568016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.569577] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.570229] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.570861] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.571479] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.572083] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.572695] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.573316] [ 182.573521] irq event stamp: 0 [ 182.573799] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.574339] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.575076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.575813] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.576360] ---[ end trace 0000000000000000 ]--- [ 182.579665] ------------[ cut here ]------------ [ 182.580125] WARNING: CPU: 0 PID: 1733 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.581005] Modules linked in: [ 182.581283] CPU: 0 PID: 1733 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.582038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.583143] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.583579] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.585122] RSP: 0018:ffff888016c27bd0 EFLAGS: 00010246 [ 182.585559] RAX: 0000000000000000 RBX: ffff8880171b98a8 RCX: 0000000000000000 [ 182.586141] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 182.586739] RBP: ffff888016c27be8 R08: ffffed1002e37333 R09: ffffed1002e37333 [ 182.587334] R10: ffff8880171b9993 R11: ffffed1002e37332 R12: ffff888010c0b000 [ 182.587915] R13: ffff8880171b99e8 R14: ffff888014b9bb00 R15: 0000000000000000 [ 182.588498] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.589160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.589639] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.590222] PKRU: 55555554 [ 182.590456] Call Trace: [ 182.590691] [ 182.590881] iommufd_access_destroy_object+0x65/0x170 [ 182.591316] iommufd_object_destroy_user+0x18e/0x220 [ 182.591742] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.592228] iommufd_access_destroy+0x43/0x70 [ 182.592612] iommufd_test_staccess_release+0x8d/0xd0 [ 182.593039] __fput+0x26d/0xa40 [ 182.593327] ____fput+0x1e/0x30 [ 182.593608] task_work_run+0x1a4/0x2d0 [ 182.593939] ? __pfx_task_work_run+0x10/0x10 [ 182.594311] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.594745] ? switch_task_namespaces+0xa9/0xe0 [ 182.595160] do_exit+0xb17/0x2ef0 [ 182.595447] ? lock_acquire+0x427/0x4c0 [ 182.595785] ? __pfx_lock_release+0x10/0x10 [ 182.596153] ? __kasan_check_write+0x18/0x20 [ 182.596527] ? do_raw_spin_lock+0x132/0x2a0 [ 182.596890] ? __pfx_do_exit+0x10/0x10 [ 182.597221] ? debug_smp_processor_id+0x20/0x30 [ 182.597611] ? rcu_is_watching+0x19/0xb0 [ 182.597950] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.598329] ? trace_hardirqs_on+0x26/0x120 [ 182.598723] do_group_exit+0xe0/0x2b0 [ 182.599049] __x64_sys_exit_group+0x47/0x50 [ 182.599416] do_syscall_64+0x3b/0x90 [ 182.599744] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.600183] RIP: 0033:0x7f4b87518a4d [ 182.600495] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.601004] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.601635] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.602219] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.602840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.603446] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.604030] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.604620] [ 182.604814] irq event stamp: 0 [ 182.605075] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.605588] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.606267] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.606966] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.607495] ---[ end trace 0000000000000000 ]--- [ 182.608216] ------------[ cut here ]------------ [ 182.608613] WARNING: CPU: 0 PID: 1733 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.609443] Modules linked in: [ 182.609707] CPU: 0 PID: 1733 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.610422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.611368] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.611801] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.613300] RSP: 0018:ffff888016c27b78 EFLAGS: 00010246 [ 182.613737] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.614319] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 182.614929] RBP: ffff888016c27b98 R08: ffffed1002e3733e R09: ffffed1002e3733e [ 182.615516] R10: ffff8880171b99ef R11: ffffed1002e3733d R12: ffff8880171b9a90 [ 182.616097] R13: ffff8880171b98a8 R14: ffffffffffffffff R15: ffff888016c27c60 [ 182.616682] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.617336] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.617813] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.618396] PKRU: 55555554 [ 182.618646] Call Trace: [ 182.618857] [ 182.619047] iommufd_ioas_destroy+0x53/0x70 [ 182.619417] iommufd_fops_release+0x1f7/0x370 [ 182.619792] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.620206] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.620617] ? write_comp_data+0x2f/0x90 [ 182.620962] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.621378] __fput+0x26d/0xa40 [ 182.621664] ____fput+0x1e/0x30 [ 182.621943] task_work_run+0x1a4/0x2d0 [ 182.622270] ? __pfx_task_work_run+0x10/0x10 [ 182.622659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.623067] ? switch_task_namespaces+0xa9/0xe0 [ 182.623473] do_exit+0xb17/0x2ef0 [ 182.623760] ? lock_acquire+0x427/0x4c0 [ 182.624097] ? __pfx_lock_release+0x10/0x10 [ 182.624457] ? __kasan_check_write+0x18/0x20 [ 182.624820] ? do_raw_spin_lock+0x132/0x2a0 [ 182.625175] ? __pfx_do_exit+0x10/0x10 [ 182.625504] ? debug_smp_processor_id+0x20/0x30 [ 182.625892] ? rcu_is_watching+0x19/0xb0 [ 182.626233] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.626634] ? trace_hardirqs_on+0x26/0x120 [ 182.626998] do_group_exit+0xe0/0x2b0 [ 182.627325] __x64_sys_exit_group+0x47/0x50 [ 182.627687] do_syscall_64+0x3b/0x90 [ 182.628007] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.628460] RIP: 0033:0x7f4b87518a4d [ 182.628761] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.629252] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.629852] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.630416] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.631001] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.631581] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.632145] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.632717] [ 182.632904] irq event stamp: 0 [ 182.633157] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.633659] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.634335] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.635011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.635527] ---[ end trace 0000000000000000 ]--- [ 182.639292] ------------[ cut here ]------------ [ 182.639718] WARNING: CPU: 0 PID: 1734 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.640532] Modules linked in: [ 182.640791] CPU: 0 PID: 1734 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.641491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.642390] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.642825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.644298] RSP: 0018:ffff888014bb7bb8 EFLAGS: 00010246 [ 182.644728] RAX: 0000000000000000 RBX: ffff888010b7a8a8 RCX: 0000000000000000 [ 182.645302] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 182.645870] RBP: ffff888014bb7bd0 R08: ffffed100216f533 R09: ffffed100216f533 [ 182.646443] R10: ffff888010b7a993 R11: ffffed100216f532 R12: ffff88801422e400 [ 182.647025] R13: ffff888010b7a9e8 R14: ffffffff8352e670 R15: ffff888014bb7e68 [ 182.647604] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.648237] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.648694] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ef0 [ 182.649255] PKRU: 55555554 [ 182.649478] Call Trace: [ 182.649681] [ 182.649862] __iommufd_access_detach+0x1c2/0x2b0 [ 182.650255] iommufd_access_change_pt+0x149/0x270 [ 182.650668] iommufd_access_replace+0xb4/0x120 [ 182.651044] iommufd_test+0x3e5/0x37e0 [ 182.651362] ? lock_release+0x532/0x770 [ 182.651692] ? __might_fault+0x102/0x1b0 [ 182.652021] ? lock_acquire+0x427/0x4c0 [ 182.652349] ? __pfx_iommufd_test+0x10/0x10 [ 182.652692] ? __pfx_lock_release+0x10/0x10 [ 182.653042] ? __pfx_lock_acquire+0x10/0x10 [ 182.653394] ? write_comp_data+0x2f/0x90 [ 182.653726] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.654112] ? write_comp_data+0x2f/0x90 [ 182.654442] iommufd_fops_ioctl+0x37d/0x510 [ 182.654810] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.655217] ? write_comp_data+0x2f/0x90 [ 182.655547] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.655933] __x64_sys_ioctl+0x1a3/0x230 [ 182.656265] do_syscall_64+0x3b/0x90 [ 182.656570] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.656987] RIP: 0033:0x7f4b8743ee5d [ 182.657282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.658727] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.659333] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.659891] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.660452] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.661011] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.661573] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.662139] [ 182.662327] irq event stamp: 0 [ 182.662603] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.663102] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.663764] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.664420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.664913] ---[ end trace 0000000000000000 ]--- [ 182.667696] ------------[ cut here ]------------ [ 182.668092] WARNING: CPU: 0 PID: 1734 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.668884] Modules linked in: [ 182.669140] CPU: 0 PID: 1734 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.669824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.670726] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.671129] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.672556] RSP: 0018:ffff888014bb7bd0 EFLAGS: 00010246 [ 182.672963] RAX: 0000000000000000 RBX: ffff888010b7a8a8 RCX: 0000000000000000 [ 182.673509] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 182.674056] RBP: ffff888014bb7be8 R08: ffffed100216f533 R09: ffffed100216f533 [ 182.674627] R10: ffff888010b7a993 R11: ffffed100216f532 R12: ffff88800fcb3000 [ 182.675189] R13: ffff888010b7a9e8 R14: ffff8880139bc200 R15: 0000000000000000 [ 182.675733] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.676351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.676798] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.677348] PKRU: 55555554 [ 182.677568] Call Trace: [ 182.677766] [ 182.677941] iommufd_access_destroy_object+0x65/0x170 [ 182.678343] iommufd_object_destroy_user+0x18e/0x220 [ 182.678760] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.679227] iommufd_access_destroy+0x43/0x70 [ 182.679593] iommufd_test_staccess_release+0x8d/0xd0 [ 182.679993] __fput+0x26d/0xa40 [ 182.680266] ____fput+0x1e/0x30 [ 182.680532] task_work_run+0x1a4/0x2d0 [ 182.680845] ? __pfx_task_work_run+0x10/0x10 [ 182.681194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.681580] ? switch_task_namespaces+0xa9/0xe0 [ 182.681959] do_exit+0xb17/0x2ef0 [ 182.682230] ? lock_acquire+0x427/0x4c0 [ 182.682576] ? __pfx_lock_release+0x10/0x10 [ 182.682922] ? __kasan_check_write+0x18/0x20 [ 182.683278] ? do_raw_spin_lock+0x132/0x2a0 [ 182.683619] ? __pfx_do_exit+0x10/0x10 [ 182.683932] ? debug_smp_processor_id+0x20/0x30 [ 182.684299] ? rcu_is_watching+0x19/0xb0 [ 182.684621] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.684976] ? trace_hardirqs_on+0x26/0x120 [ 182.685320] do_group_exit+0xe0/0x2b0 [ 182.685620] __x64_sys_exit_group+0x47/0x50 [ 182.685954] do_syscall_64+0x3b/0x90 [ 182.686253] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.686683] RIP: 0033:0x7f4b87518a4d [ 182.686977] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.687462] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.688047] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.688619] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.689163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.689708] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.690256] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.690835] [ 182.691021] irq event stamp: 0 [ 182.691275] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.691762] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.692410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.693053] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.693543] ---[ end trace 0000000000000000 ]--- [ 182.694235] ------------[ cut here ]------------ [ 182.694623] WARNING: CPU: 0 PID: 1734 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.695421] Modules linked in: [ 182.695673] CPU: 0 PID: 1734 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.696349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.697219] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.697623] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.699063] RSP: 0018:ffff888014bb7b78 EFLAGS: 00010246 [ 182.699488] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.700016] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 182.700565] RBP: ffff888014bb7b98 R08: ffffed100216f53e R09: ffffed100216f53e [ 182.701112] R10: ffff888010b7a9ef R11: ffffed100216f53d R12: ffff888010b7aa90 [ 182.701665] R13: ffff888010b7a8a8 R14: ffffffffffffffff R15: ffff888014bb7c60 [ 182.702212] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.702851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.703304] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.703852] PKRU: 55555554 [ 182.704068] Call Trace: [ 182.704264] [ 182.704445] iommufd_ioas_destroy+0x53/0x70 [ 182.704786] iommufd_fops_release+0x1f7/0x370 [ 182.705141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.705536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.705920] ? write_comp_data+0x2f/0x90 [ 182.706245] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.706652] __fput+0x26d/0xa40 [ 182.706924] ____fput+0x1e/0x30 [ 182.707196] task_work_run+0x1a4/0x2d0 [ 182.707508] ? __pfx_task_work_run+0x10/0x10 [ 182.707853] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.708235] ? switch_task_namespaces+0xa9/0xe0 [ 182.708608] do_exit+0xb17/0x2ef0 [ 182.708875] ? lock_acquire+0x427/0x4c0 [ 182.709192] ? __pfx_lock_release+0x10/0x10 [ 182.709538] ? __kasan_check_write+0x18/0x20 [ 182.709883] ? do_raw_spin_lock+0x132/0x2a0 [ 182.710217] ? __pfx_do_exit+0x10/0x10 [ 182.710547] ? debug_smp_processor_id+0x20/0x30 [ 182.710916] ? rcu_is_watching+0x19/0xb0 [ 182.711243] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.711599] ? trace_hardirqs_on+0x26/0x120 [ 182.711938] do_group_exit+0xe0/0x2b0 [ 182.712235] __x64_sys_exit_group+0x47/0x50 [ 182.712569] do_syscall_64+0x3b/0x90 [ 182.712872] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.713278] RIP: 0033:0x7f4b87518a4d [ 182.713572] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.714045] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.714648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.715202] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.715748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.716291] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.716843] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.717401] [ 182.717582] irq event stamp: 0 [ 182.717826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.718318] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.718977] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.719631] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.720114] ---[ end trace 0000000000000000 ]--- [ 182.724623] ------------[ cut here ]------------ [ 182.725022] WARNING: CPU: 0 PID: 1735 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.725796] Modules linked in: [ 182.726042] CPU: 0 PID: 1735 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.726850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.727721] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.728104] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.729497] RSP: 0018:ffff888016407bb8 EFLAGS: 00010246 [ 182.729903] RAX: 0000000000000000 RBX: ffff8880172290a8 RCX: 0000000000000000 [ 182.730449] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 182.731013] RBP: ffff888016407bd0 R08: ffffed1002e45233 R09: ffffed1002e45233 [ 182.731571] R10: ffff888017229193 R11: ffffed1002e45232 R12: ffff8880129c6000 [ 182.732124] R13: ffff8880172291e8 R14: ffffffff8352e670 R15: ffff888016407e68 [ 182.732669] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.733281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.733726] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 182.734272] PKRU: 55555554 [ 182.734494] Call Trace: [ 182.734711] [ 182.734890] __iommufd_access_detach+0x1c2/0x2b0 [ 182.735287] iommufd_access_change_pt+0x149/0x270 [ 182.735672] iommufd_access_replace+0xb4/0x120 [ 182.736045] iommufd_test+0x3e5/0x37e0 [ 182.736790] ? lock_release+0x532/0x770 [ 182.737116] ? __might_fault+0x102/0x1b0 [ 182.737438] ? lock_acquire+0x427/0x4c0 [ 182.737750] ? __pfx_iommufd_test+0x10/0x10 [ 182.738353] ? __pfx_lock_release+0x10/0x10 [ 182.738722] ? __pfx_lock_acquire+0x10/0x10 [ 182.739063] ? write_comp_data+0x2f/0x90 [ 182.739398] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.739911] ? write_comp_data+0x2f/0x90 [ 182.740233] iommufd_fops_ioctl+0x37d/0x510 [ 182.740570] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.740947] ? write_comp_data+0x2f/0x90 [ 182.741392] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.741770] __x64_sys_ioctl+0x1a3/0x230 [ 182.742094] do_syscall_64+0x3b/0x90 [ 182.742390] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.742813] RIP: 0033:0x7f4b8743ee5d [ 182.743101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.744643] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.745230] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.745901] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.746447] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.747122] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.747674] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.748229] [ 182.748411] irq event stamp: 0 [ 182.748654] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.749277] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.749921] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.750697] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.751189] ---[ end trace 0000000000000000 ]--- [ 182.754017] ------------[ cut here ]------------ [ 182.754394] WARNING: CPU: 0 PID: 1735 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.755240] Modules linked in: [ 182.755497] CPU: 0 PID: 1735 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.756344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.757232] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.757762] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.759345] RSP: 0018:ffff888016407bd0 EFLAGS: 00010246 [ 182.759765] RAX: 0000000000000000 RBX: ffff8880172290a8 RCX: 0000000000000000 [ 182.760320] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 182.760888] RBP: ffff888016407be8 R08: ffffed1002e45233 R09: ffffed1002e45233 [ 182.761565] R10: ffff888017229193 R11: ffffed1002e45232 R12: ffff88801422c800 [ 182.762122] R13: ffff8880172291e8 R14: ffff8880218dbd00 R15: 0000000000000000 [ 182.762826] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.763466] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.763923] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.764522] PKRU: 55555554 [ 182.764861] Call Trace: [ 182.765064] [ 182.765239] iommufd_access_destroy_object+0x65/0x170 [ 182.765655] iommufd_object_destroy_user+0x18e/0x220 [ 182.766063] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.766663] iommufd_access_destroy+0x43/0x70 [ 182.767028] iommufd_test_staccess_release+0x8d/0xd0 [ 182.767455] __fput+0x26d/0xa40 [ 182.767735] ____fput+0x1e/0x30 [ 182.768010] task_work_run+0x1a4/0x2d0 [ 182.768459] ? __pfx_task_work_run+0x10/0x10 [ 182.768832] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.769238] ? switch_task_namespaces+0xa9/0xe0 [ 182.769644] do_exit+0xb17/0x2ef0 [ 182.770096] ? lock_acquire+0x427/0x4c0 [ 182.770458] ? __pfx_lock_release+0x10/0x10 [ 182.770862] ? __kasan_check_write+0x18/0x20 [ 182.771255] ? do_raw_spin_lock+0x132/0x2a0 [ 182.771626] ? __pfx_do_exit+0x10/0x10 [ 182.772044] ? debug_smp_processor_id+0x20/0x30 [ 182.772530] ? rcu_is_watching+0x19/0xb0 [ 182.772880] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.773273] ? trace_hardirqs_on+0x26/0x120 [ 182.773668] do_group_exit+0xe0/0x2b0 [ 182.774123] __x64_sys_exit_group+0x47/0x50 [ 182.774496] do_syscall_64+0x3b/0x90 [ 182.774848] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.775313] RIP: 0033:0x7f4b87518a4d [ 182.775641] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.776348] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.777000] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.777694] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.778388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.779029] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.779698] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.780463] [ 182.780666] irq event stamp: 0 [ 182.780939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.781501] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.782354] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.783109] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.783711] ---[ end trace 0000000000000000 ]--- [ 182.784735] ------------[ cut here ]------------ [ 182.785153] WARNING: CPU: 0 PID: 1735 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.786211] Modules linked in: [ 182.786496] CPU: 0 PID: 1735 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.787304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.788446] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.788894] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.790852] RSP: 0018:ffff888016407b78 EFLAGS: 00010246 [ 182.791335] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.792094] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 182.792683] RBP: ffff888016407b98 R08: ffffed1002e4523e R09: ffffed1002e4523e [ 182.793325] R10: ffff8880172291ef R11: ffffed1002e4523d R12: ffff888017229290 [ 182.794003] R13: ffff8880172290a8 R14: ffffffffffffffff R15: ffff888016407c60 [ 182.794620] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.795336] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.795934] CR2: 00007f4b875fca50 CR3: 0000000014284000 CR4: 0000000000750ef0 [ 182.796532] PKRU: 55555554 [ 182.796768] Call Trace: [ 182.797014] [ 182.797324] iommufd_ioas_destroy+0x53/0x70 [ 182.797693] iommufd_fops_release+0x1f7/0x370 [ 182.798073] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.798496] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.798936] ? write_comp_data+0x2f/0x90 [ 182.799450] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.799870] __fput+0x26d/0xa40 [ 182.800161] ____fput+0x1e/0x30 [ 182.800447] task_work_run+0x1a4/0x2d0 [ 182.800847] ? __pfx_task_work_run+0x10/0x10 [ 182.801318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.801732] ? switch_task_namespaces+0xa9/0xe0 [ 182.802135] do_exit+0xb17/0x2ef0 [ 182.802456] ? lock_acquire+0x427/0x4c0 [ 182.802928] ? __pfx_lock_release+0x10/0x10 [ 182.803306] ? __kasan_check_write+0x18/0x20 [ 182.803680] ? do_raw_spin_lock+0x132/0x2a0 [ 182.804046] ? __pfx_do_exit+0x10/0x10 [ 182.804385] ? debug_smp_processor_id+0x20/0x30 [ 182.804941] ? rcu_is_watching+0x19/0xb0 [ 182.805284] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.805669] ? trace_hardirqs_on+0x26/0x120 [ 182.806039] do_group_exit+0xe0/0x2b0 [ 182.806433] __x64_sys_exit_group+0x47/0x50 [ 182.806908] do_syscall_64+0x3b/0x90 [ 182.807239] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.807682] RIP: 0033:0x7f4b87518a4d [ 182.808007] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.808617] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.809374] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.809998] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.810806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.811436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.812060] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.812850] [ 182.813056] irq event stamp: 0 [ 182.813330] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.813870] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.814787] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.815513] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.816055] ---[ end trace 0000000000000000 ]--- [ 182.821714] ------------[ cut here ]------------ [ 182.822233] WARNING: CPU: 0 PID: 1736 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.823282] Modules linked in: [ 182.823567] CPU: 0 PID: 1736 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.824327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.825298] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.825740] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.827366] RSP: 0018:ffff888015c47bb8 EFLAGS: 00010246 [ 182.827837] RAX: 0000000000000000 RBX: ffff888016eb08a8 RCX: 0000000000000000 [ 182.828462] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 182.829094] RBP: ffff888015c47bd0 R08: ffffed1002dd6133 R09: ffffed1002dd6133 [ 182.829714] R10: ffff888016eb0993 R11: ffffed1002dd6132 R12: ffff888021901c00 [ 182.830332] R13: ffff888016eb09e8 R14: ffffffff8352e670 R15: ffff888015c47e68 [ 182.830965] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.831675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.832178] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 182.832801] PKRU: 55555554 [ 182.833051] Call Trace: [ 182.833277] [ 182.833476] __iommufd_access_detach+0x1c2/0x2b0 [ 182.833906] iommufd_access_change_pt+0x149/0x270 [ 182.834337] iommufd_access_replace+0xb4/0x120 [ 182.834767] iommufd_test+0x3e5/0x37e0 [ 182.835112] ? lock_release+0x532/0x770 [ 182.835485] ? __might_fault+0x102/0x1b0 [ 182.835848] ? lock_acquire+0x427/0x4c0 [ 182.836206] ? __pfx_iommufd_test+0x10/0x10 [ 182.836586] ? __pfx_lock_release+0x10/0x10 [ 182.836970] ? __pfx_lock_acquire+0x10/0x10 [ 182.837359] ? write_comp_data+0x2f/0x90 [ 182.837727] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.838155] ? write_comp_data+0x2f/0x90 [ 182.838540] iommufd_fops_ioctl+0x37d/0x510 [ 182.838927] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.839368] ? write_comp_data+0x2f/0x90 [ 182.839735] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.840166] __x64_sys_ioctl+0x1a3/0x230 [ 182.840533] do_syscall_64+0x3b/0x90 [ 182.840869] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.841326] RIP: 0033:0x7f4b8743ee5d [ 182.841647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.843252] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.843918] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.844535] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.845145] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.845766] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.846381] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.847027] [ 182.847244] irq event stamp: 0 [ 182.847522] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.848071] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.848798] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.849523] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.850069] ---[ end trace 0000000000000000 ]--- [ 182.853580] ------------[ cut here ]------------ [ 182.854010] WARNING: CPU: 0 PID: 1736 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.854937] Modules linked in: [ 182.855238] CPU: 0 PID: 1736 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.856202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.857208] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.857774] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.859566] RSP: 0018:ffff888015c47bd0 EFLAGS: 00010246 [ 182.860038] RAX: 0000000000000000 RBX: ffff888016eb08a8 RCX: 0000000000000000 [ 182.860665] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 182.861355] RBP: ffff888015c47be8 R08: ffffed1002dd6133 R09: ffffed1002dd6133 [ 182.862073] R10: ffff888016eb0993 R11: ffffed1002dd6132 R12: ffff8880129c4000 [ 182.862723] R13: ffff888016eb09e8 R14: ffff8880143d7200 R15: 0000000000000000 [ 182.863368] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.864255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.864770] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.865421] PKRU: 55555554 [ 182.865806] Call Trace: [ 182.866038] [ 182.866239] iommufd_access_destroy_object+0x65/0x170 [ 182.866732] iommufd_object_destroy_user+0x18e/0x220 [ 182.867208] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.867808] iommufd_access_destroy+0x43/0x70 [ 182.868316] iommufd_test_staccess_release+0x8d/0xd0 [ 182.868779] __fput+0x26d/0xa40 [ 182.869087] ____fput+0x1e/0x30 [ 182.869392] task_work_run+0x1a4/0x2d0 [ 182.869902] ? __pfx_task_work_run+0x10/0x10 [ 182.870302] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.870768] ? switch_task_namespaces+0xa9/0xe0 [ 182.871205] do_exit+0xb17/0x2ef0 [ 182.871515] ? lock_acquire+0x427/0x4c0 [ 182.871959] ? __pfx_lock_release+0x10/0x10 [ 182.872427] ? __kasan_check_write+0x18/0x20 [ 182.872821] ? do_raw_spin_lock+0x132/0x2a0 [ 182.873207] ? __pfx_do_exit+0x10/0x10 [ 182.873583] ? debug_smp_processor_id+0x20/0x30 [ 182.874127] ? rcu_is_watching+0x19/0xb0 [ 182.874490] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.874933] ? trace_hardirqs_on+0x26/0x120 [ 182.875339] do_group_exit+0xe0/0x2b0 [ 182.875679] __x64_sys_exit_group+0x47/0x50 [ 182.876240] do_syscall_64+0x3b/0x90 [ 182.876588] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.877052] RIP: 0033:0x7f4b87518a4d [ 182.877385] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.878098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.878792] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.879434] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.880267] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.880899] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.881525] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.882159] [ 182.882369] irq event stamp: 0 [ 182.882678] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.883255] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.883998] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.884728] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.885280] ---[ end trace 0000000000000000 ]--- [ 182.886048] ------------[ cut here ]------------ [ 182.886464] WARNING: CPU: 0 PID: 1736 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.887386] Modules linked in: [ 182.887672] CPU: 0 PID: 1736 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.888437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.889419] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.889862] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.891430] RSP: 0018:ffff888015c47b78 EFLAGS: 00010246 [ 182.891882] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.892486] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 182.893087] RBP: ffff888015c47b98 R08: ffffed1002dd613e R09: ffffed1002dd613e [ 182.893683] R10: ffff888016eb09ef R11: ffffed1002dd613d R12: ffff888016eb0a90 [ 182.894281] R13: ffff888016eb08a8 R14: ffffffffffffffff R15: ffff888015c47c60 [ 182.894900] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.895594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.896092] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.896698] PKRU: 55555554 [ 182.896939] Call Trace: [ 182.897153] [ 182.897342] iommufd_ioas_destroy+0x53/0x70 [ 182.897715] iommufd_fops_release+0x1f7/0x370 [ 182.898099] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.898535] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.898955] ? write_comp_data+0x2f/0x90 [ 182.899313] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.899743] __fput+0x26d/0xa40 [ 182.900044] ____fput+0x1e/0x30 [ 182.900332] task_work_run+0x1a4/0x2d0 [ 182.900674] ? __pfx_task_work_run+0x10/0x10 [ 182.901053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.901477] ? switch_task_namespaces+0xa9/0xe0 [ 182.901886] do_exit+0xb17/0x2ef0 [ 182.902188] ? lock_acquire+0x427/0x4c0 [ 182.902556] ? __pfx_lock_release+0x10/0x10 [ 182.902928] ? __kasan_check_write+0x18/0x20 [ 182.903310] ? do_raw_spin_lock+0x132/0x2a0 [ 182.903674] ? __pfx_do_exit+0x10/0x10 [ 182.904012] ? debug_smp_processor_id+0x20/0x30 [ 182.904411] ? rcu_is_watching+0x19/0xb0 [ 182.904760] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.905153] ? trace_hardirqs_on+0x26/0x120 [ 182.905522] do_group_exit+0xe0/0x2b0 [ 182.905853] __x64_sys_exit_group+0x47/0x50 [ 182.906218] do_syscall_64+0x3b/0x90 [ 182.906561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.907009] RIP: 0033:0x7f4b87518a4d [ 182.907334] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.907847] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.908476] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.909073] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.909676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.910263] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.910885] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.911495] [ 182.911689] irq event stamp: 0 [ 182.911951] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.912480] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.913173] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.913866] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.914390] ---[ end trace 0000000000000000 ]--- [ 182.918775] ------------[ cut here ]------------ [ 182.919175] WARNING: CPU: 0 PID: 1737 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.919954] Modules linked in: [ 182.920202] CPU: 0 PID: 1737 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.920883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.921752] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.922137] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.923566] RSP: 0018:ffff8880172d7bb8 EFLAGS: 00010246 [ 182.923979] RAX: 0000000000000000 RBX: ffff888010b9f8a8 RCX: 0000000000000000 [ 182.924525] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 182.925071] RBP: ffff8880172d7bd0 R08: ffffed1002173f33 R09: ffffed1002173f33 [ 182.925618] R10: ffff888010b9f993 R11: ffffed1002173f32 R12: ffff888013b22000 [ 182.926165] R13: ffff888010b9f9e8 R14: ffffffff8352e670 R15: ffff8880172d7e68 [ 182.926725] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.927349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.927803] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 182.928366] PKRU: 55555554 [ 182.928585] Call Trace: [ 182.928782] [ 182.928958] __iommufd_access_detach+0x1c2/0x2b0 [ 182.929341] iommufd_access_change_pt+0x149/0x270 [ 182.929724] iommufd_access_replace+0xb4/0x120 [ 182.930088] iommufd_test+0x3e5/0x37e0 [ 182.930390] ? lock_release+0x532/0x770 [ 182.930723] ? __might_fault+0x102/0x1b0 [ 182.931047] ? lock_acquire+0x427/0x4c0 [ 182.931370] ? __pfx_iommufd_test+0x10/0x10 [ 182.931707] ? __pfx_lock_release+0x10/0x10 [ 182.932056] ? __pfx_lock_acquire+0x10/0x10 [ 182.932409] ? write_comp_data+0x2f/0x90 [ 182.932735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.933116] ? write_comp_data+0x2f/0x90 [ 182.933444] iommufd_fops_ioctl+0x37d/0x510 [ 182.933787] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.934169] ? write_comp_data+0x2f/0x90 [ 182.934495] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 182.934902] __x64_sys_ioctl+0x1a3/0x230 [ 182.935241] do_syscall_64+0x3b/0x90 [ 182.935550] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.935966] RIP: 0033:0x7f4b8743ee5d [ 182.936261] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 182.937672] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 182.938260] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 182.938830] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 182.939393] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 182.939950] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 182.940522] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 182.941133] [ 182.941330] irq event stamp: 0 [ 182.941597] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.942131] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.942861] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.943578] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.944106] ---[ end trace 0000000000000000 ]--- [ 182.946898] ------------[ cut here ]------------ [ 182.947342] WARNING: CPU: 0 PID: 1737 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 182.948183] Modules linked in: [ 182.948450] CPU: 0 PID: 1737 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.949174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.950106] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 182.950546] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 182.952069] RSP: 0018:ffff8880172d7bd0 EFLAGS: 00010246 [ 182.952513] RAX: 0000000000000000 RBX: ffff888010b9f8a8 RCX: 0000000000000000 [ 182.953120] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 182.953709] RBP: ffff8880172d7be8 R08: ffffed1002173f33 R09: ffffed1002173f33 [ 182.954300] R10: ffff888010b9f993 R11: ffffed1002173f32 R12: ffff888021900c00 [ 182.954910] R13: ffff888010b9f9e8 R14: ffff88800fa76500 R15: 0000000000000000 [ 182.955519] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.956189] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.956671] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.957262] PKRU: 55555554 [ 182.957503] Call Trace: [ 182.957719] [ 182.957912] iommufd_access_destroy_object+0x65/0x170 [ 182.958357] iommufd_object_destroy_user+0x18e/0x220 [ 182.958815] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 182.959316] iommufd_access_destroy+0x43/0x70 [ 182.959703] iommufd_test_staccess_release+0x8d/0xd0 [ 182.960137] __fput+0x26d/0xa40 [ 182.960426] ____fput+0x1e/0x30 [ 182.960707] task_work_run+0x1a4/0x2d0 [ 182.961043] ? __pfx_task_work_run+0x10/0x10 [ 182.961423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.961844] ? switch_task_namespaces+0xa9/0xe0 [ 182.962244] do_exit+0xb17/0x2ef0 [ 182.962561] ? lock_acquire+0x427/0x4c0 [ 182.962911] ? __pfx_lock_release+0x10/0x10 [ 182.963298] ? __kasan_check_write+0x18/0x20 [ 182.963680] ? do_raw_spin_lock+0x132/0x2a0 [ 182.964052] ? __pfx_do_exit+0x10/0x10 [ 182.964397] ? debug_smp_processor_id+0x20/0x30 [ 182.964798] ? rcu_is_watching+0x19/0xb0 [ 182.965148] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.965540] ? trace_hardirqs_on+0x26/0x120 [ 182.965907] do_group_exit+0xe0/0x2b0 [ 182.966231] __x64_sys_exit_group+0x47/0x50 [ 182.966618] do_syscall_64+0x3b/0x90 [ 182.966946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.967394] RIP: 0033:0x7f4b87518a4d [ 182.967710] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.968229] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.968873] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.969473] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.970065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.970685] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 182.971287] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 182.971895] [ 182.972095] irq event stamp: 0 [ 182.972359] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 182.972886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 182.973583] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 182.974275] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 182.974825] ---[ end trace 0000000000000000 ]--- [ 182.975562] ------------[ cut here ]------------ [ 182.975946] WARNING: CPU: 0 PID: 1737 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 182.976785] Modules linked in: [ 182.977050] CPU: 0 PID: 1737 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 182.977771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 182.978739] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 182.979180] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 182.980693] RSP: 0018:ffff8880172d7b78 EFLAGS: 00010246 [ 182.981140] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 182.981730] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 182.982321] RBP: ffff8880172d7b98 R08: ffffed1002173f3e R09: ffffed1002173f3e [ 182.982937] R10: ffff888010b9f9ef R11: ffffed1002173f3d R12: ffff888010b9fa90 [ 182.983543] R13: ffff888010b9f8a8 R14: ffffffffffffffff R15: ffff8880172d7c60 [ 182.984134] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 182.984803] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.985285] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 182.985879] PKRU: 55555554 [ 182.986116] Call Trace: [ 182.986330] [ 182.986544] iommufd_ioas_destroy+0x53/0x70 [ 182.986912] iommufd_fops_release+0x1f7/0x370 [ 182.987299] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.987719] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.988137] ? write_comp_data+0x2f/0x90 [ 182.988486] ? __pfx_iommufd_fops_release+0x10/0x10 [ 182.988908] __fput+0x26d/0xa40 [ 182.989204] ____fput+0x1e/0x30 [ 182.989493] task_work_run+0x1a4/0x2d0 [ 182.989827] ? __pfx_task_work_run+0x10/0x10 [ 182.990199] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 182.990636] ? switch_task_namespaces+0xa9/0xe0 [ 182.991039] do_exit+0xb17/0x2ef0 [ 182.991341] ? lock_acquire+0x427/0x4c0 [ 182.991686] ? __pfx_lock_release+0x10/0x10 [ 182.992051] ? __kasan_check_write+0x18/0x20 [ 182.992426] ? do_raw_spin_lock+0x132/0x2a0 [ 182.992800] ? __pfx_do_exit+0x10/0x10 [ 182.993139] ? debug_smp_processor_id+0x20/0x30 [ 182.993535] ? rcu_is_watching+0x19/0xb0 [ 182.993878] ? _raw_spin_unlock_irq+0x2b/0x60 [ 182.994266] ? trace_hardirqs_on+0x26/0x120 [ 182.994667] do_group_exit+0xe0/0x2b0 [ 182.994996] __x64_sys_exit_group+0x47/0x50 [ 182.995370] do_syscall_64+0x3b/0x90 [ 182.995696] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 182.996142] RIP: 0033:0x7f4b87518a4d [ 182.996461] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 182.996993] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 182.997915] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 182.998561] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 182.999176] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 182.999781] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.000387] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.001287] [ 183.001498] irq event stamp: 0 [ 183.001762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.002290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.003020] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.003729] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.004255] ---[ end trace 0000000000000000 ]--- [ 183.008245] ------------[ cut here ]------------ [ 183.008841] WARNING: CPU: 0 PID: 1738 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.009681] Modules linked in: [ 183.009949] CPU: 0 PID: 1738 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.010764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.011725] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.012342] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.013868] RSP: 0018:ffff888016407bb8 EFLAGS: 00010246 [ 183.014320] RAX: 0000000000000000 RBX: ffff8880181778a8 RCX: 0000000000000000 [ 183.014959] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 183.015578] RBP: ffff888016407bd0 R08: ffffed100302ef33 R09: ffffed100302ef33 [ 183.016177] R10: ffff888018177993 R11: ffffed100302ef32 R12: ffff8880134f9c00 [ 183.016770] R13: ffff8880181779e8 R14: ffffffff8352e670 R15: ffff888016407e68 [ 183.017381] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.018076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.018605] CR2: 00007f4b877410e8 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 183.019233] PKRU: 55555554 [ 183.019479] Call Trace: [ 183.019699] [ 183.019896] __iommufd_access_detach+0x1c2/0x2b0 [ 183.020325] iommufd_access_change_pt+0x149/0x270 [ 183.020755] iommufd_access_replace+0xb4/0x120 [ 183.021162] iommufd_test+0x3e5/0x37e0 [ 183.021499] ? lock_release+0x532/0x770 [ 183.021851] ? __might_fault+0x102/0x1b0 [ 183.022208] ? lock_acquire+0x427/0x4c0 [ 183.022599] ? __pfx_iommufd_test+0x10/0x10 [ 183.022974] ? __pfx_lock_release+0x10/0x10 [ 183.023363] ? __pfx_lock_acquire+0x10/0x10 [ 183.023728] ? write_comp_data+0x2f/0x90 [ 183.024074] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.024484] ? write_comp_data+0x2f/0x90 [ 183.024832] iommufd_fops_ioctl+0x37d/0x510 [ 183.025195] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.025604] ? write_comp_data+0x2f/0x90 [ 183.025952] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.026355] __x64_sys_ioctl+0x1a3/0x230 [ 183.026731] do_syscall_64+0x3b/0x90 [ 183.027052] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.027506] RIP: 0033:0x7f4b8743ee5d [ 183.027823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.029325] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.029953] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.030570] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.031166] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.031751] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.032335] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.032925] [ 183.033118] irq event stamp: 0 [ 183.033377] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.033895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.034620] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.035319] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.035848] ---[ end trace 0000000000000000 ]--- [ 183.039278] ------------[ cut here ]------------ [ 183.039692] WARNING: CPU: 0 PID: 1738 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.040555] Modules linked in: [ 183.040923] CPU: 0 PID: 1738 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.041816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.042814] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.043263] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.045064] RSP: 0018:ffff888016407bd0 EFLAGS: 00010246 [ 183.045527] RAX: 0000000000000000 RBX: ffff8880181778a8 RCX: 0000000000000000 [ 183.046140] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 183.046788] RBP: ffff888016407be8 R08: ffffed100302ef33 R09: ffffed100302ef33 [ 183.047416] R10: ffff888018177993 R11: ffffed100302ef32 R12: ffff888013b22800 [ 183.048129] R13: ffff8880181779e8 R14: ffff888020edb100 R15: 0000000000000000 [ 183.048871] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.049574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.050080] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 183.050736] PKRU: 55555554 [ 183.050989] Call Trace: [ 183.051226] [ 183.051431] iommufd_access_destroy_object+0x65/0x170 [ 183.051981] iommufd_object_destroy_user+0x18e/0x220 [ 183.052554] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.053069] iommufd_access_destroy+0x43/0x70 [ 183.053474] iommufd_test_staccess_release+0x8d/0xd0 [ 183.053931] __fput+0x26d/0xa40 [ 183.054245] ____fput+0x1e/0x30 [ 183.054584] task_work_run+0x1a4/0x2d0 [ 183.054940] ? __pfx_task_work_run+0x10/0x10 [ 183.055344] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.055875] ? switch_task_namespaces+0xa9/0xe0 [ 183.056426] do_exit+0xb17/0x2ef0 [ 183.056738] ? lock_acquire+0x427/0x4c0 [ 183.057105] ? __pfx_lock_release+0x10/0x10 [ 183.057496] ? __kasan_check_write+0x18/0x20 [ 183.057890] ? do_raw_spin_lock+0x132/0x2a0 [ 183.058274] ? __pfx_do_exit+0x10/0x10 [ 183.058665] ? debug_smp_processor_id+0x20/0x30 [ 183.059084] ? rcu_is_watching+0x19/0xb0 [ 183.059459] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.060081] ? trace_hardirqs_on+0x26/0x120 [ 183.060472] do_group_exit+0xe0/0x2b0 [ 183.060807] __x64_sys_exit_group+0x47/0x50 [ 183.061188] do_syscall_64+0x3b/0x90 [ 183.061529] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.061996] RIP: 0033:0x7f4b87518a4d [ 183.062339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.063284] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.063993] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.064646] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.065297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.065949] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.066712] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.067521] [ 183.067740] irq event stamp: 0 [ 183.068032] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.068622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.069399] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.070174] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.071070] ---[ end trace 0000000000000000 ]--- [ 183.071901] ------------[ cut here ]------------ [ 183.072343] WARNING: CPU: 0 PID: 1738 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.073290] Modules linked in: [ 183.073590] CPU: 0 PID: 1738 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.074493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.075780] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.076268] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.077962] RSP: 0018:ffff888016407b78 EFLAGS: 00010246 [ 183.078775] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.079457] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 183.080139] RBP: ffff888016407b98 R08: ffffed100302ef3e R09: ffffed100302ef3e [ 183.080803] R10: ffff8880181779ef R11: ffffed100302ef3d R12: ffff888018177a90 [ 183.081469] R13: ffff8880181778a8 R14: ffffffffffffffff R15: ffff888016407c60 [ 183.082396] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.083210] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.083757] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 183.084425] PKRU: 55555554 [ 183.084692] Call Trace: [ 183.084933] [ 183.085146] iommufd_ioas_destroy+0x53/0x70 [ 183.085646] iommufd_fops_release+0x1f7/0x370 [ 183.086267] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.086875] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.087373] ? write_comp_data+0x2f/0x90 [ 183.087777] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.088266] __fput+0x26d/0xa40 [ 183.088613] ____fput+0x1e/0x30 [ 183.088944] task_work_run+0x1a4/0x2d0 [ 183.089334] ? __pfx_task_work_run+0x10/0x10 [ 183.089760] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.090236] ? switch_task_namespaces+0xa9/0xe0 [ 183.090750] do_exit+0xb17/0x2ef0 [ 183.091093] ? lock_acquire+0x427/0x4c0 [ 183.091657] ? __pfx_lock_release+0x10/0x10 [ 183.092085] ? __kasan_check_write+0x18/0x20 [ 183.092516] ? do_raw_spin_lock+0x132/0x2a0 [ 183.092938] ? __pfx_do_exit+0x10/0x10 [ 183.093327] ? debug_smp_processor_id+0x20/0x30 [ 183.093772] ? rcu_is_watching+0x19/0xb0 [ 183.094169] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.094663] ? trace_hardirqs_on+0x26/0x120 [ 183.095095] do_group_exit+0xe0/0x2b0 [ 183.095478] __x64_sys_exit_group+0x47/0x50 [ 183.095936] do_syscall_64+0x3b/0x90 [ 183.096347] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.096893] RIP: 0033:0x7f4b87518a4d [ 183.097279] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.097928] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.098760] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.099501] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.100221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.100950] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.101677] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.102409] [ 183.102702] irq event stamp: 0 [ 183.103028] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.103692] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.104571] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.105426] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.106074] ---[ end trace 0000000000000000 ]--- [ 183.112395] ------------[ cut here ]------------ [ 183.112987] WARNING: CPU: 0 PID: 1739 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.114354] Modules linked in: [ 183.114744] CPU: 0 PID: 1739 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.115657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.116808] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.117329] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.119635] RSP: 0018:ffff88800efa7bb8 EFLAGS: 00010246 [ 183.120120] RAX: 0000000000000000 RBX: ffff8880142260a8 RCX: 0000000000000000 [ 183.120829] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 183.121547] RBP: ffff88800efa7bd0 R08: ffffed1002844c33 R09: ffffed1002844c33 [ 183.122271] R10: ffff888014226193 R11: ffffed1002844c32 R12: ffff888014761800 [ 183.123026] R13: ffff8880142261e8 R14: ffffffff8352e670 R15: ffff88800efa7e68 [ 183.123770] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.124687] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.125532] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 183.126255] PKRU: 55555554 [ 183.126602] Call Trace: [ 183.126864] [ 183.127092] __iommufd_access_detach+0x1c2/0x2b0 [ 183.127616] iommufd_access_change_pt+0x149/0x270 [ 183.128117] iommufd_access_replace+0xb4/0x120 [ 183.128595] iommufd_test+0x3e5/0x37e0 [ 183.129001] ? lock_release+0x532/0x770 [ 183.129488] ? __might_fault+0x102/0x1b0 [ 183.130063] ? lock_acquire+0x427/0x4c0 [ 183.130735] ? __pfx_iommufd_test+0x10/0x10 [ 183.131199] ? __pfx_lock_release+0x10/0x10 [ 183.131642] ? __pfx_lock_acquire+0x10/0x10 [ 183.132091] ? write_comp_data+0x2f/0x90 [ 183.132521] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.133011] ? write_comp_data+0x2f/0x90 [ 183.133440] iommufd_fops_ioctl+0x37d/0x510 [ 183.133896] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.134399] ? write_comp_data+0x2f/0x90 [ 183.135027] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.135719] __x64_sys_ioctl+0x1a3/0x230 [ 183.136146] do_syscall_64+0x3b/0x90 [ 183.136535] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.137066] RIP: 0033:0x7f4b8743ee5d [ 183.137440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.139325] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.140119] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.141065] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.142134] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.142896] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.143647] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.144373] [ 183.144614] irq event stamp: 0 [ 183.144930] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.145568] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.146755] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.147746] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.148387] ---[ end trace 0000000000000000 ]--- [ 183.151603] ------------[ cut here ]------------ [ 183.152288] WARNING: CPU: 0 PID: 1739 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.153569] Modules linked in: [ 183.153893] CPU: 0 PID: 1739 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.155046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.156210] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.156720] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.158989] RSP: 0018:ffff88800efa7bd0 EFLAGS: 00010246 [ 183.159754] RAX: 0000000000000000 RBX: ffff8880142260a8 RCX: 0000000000000000 [ 183.160477] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 183.161198] RBP: ffff88800efa7be8 R08: ffffed1002844c33 R09: ffffed1002844c33 [ 183.161920] R10: ffff888014226193 R11: ffffed1002844c32 R12: ffff8880134f8c00 [ 183.162688] R13: ffff8880142261e8 R14: ffff88800efec800 R15: 0000000000000000 [ 183.163436] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.164511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.165322] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 183.166050] PKRU: 55555554 [ 183.166345] Call Trace: [ 183.166649] [ 183.166881] iommufd_access_destroy_object+0x65/0x170 [ 183.167432] iommufd_object_destroy_user+0x18e/0x220 [ 183.167955] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.168547] iommufd_access_destroy+0x43/0x70 [ 183.169018] iommufd_test_staccess_release+0x8d/0xd0 [ 183.169694] __fput+0x26d/0xa40 [ 183.170152] ____fput+0x1e/0x30 [ 183.170706] task_work_run+0x1a4/0x2d0 [ 183.171139] ? __pfx_task_work_run+0x10/0x10 [ 183.171591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.172094] ? switch_task_namespaces+0xa9/0xe0 [ 183.172579] do_exit+0xb17/0x2ef0 [ 183.172936] ? lock_acquire+0x427/0x4c0 [ 183.173357] ? __pfx_lock_release+0x10/0x10 [ 183.173809] ? __kasan_check_write+0x18/0x20 [ 183.174263] ? do_raw_spin_lock+0x132/0x2a0 [ 183.174827] ? __pfx_do_exit+0x10/0x10 [ 183.175473] ? debug_smp_processor_id+0x20/0x30 [ 183.175958] ? rcu_is_watching+0x19/0xb0 [ 183.176376] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.176842] ? trace_hardirqs_on+0x26/0x120 [ 183.177288] do_group_exit+0xe0/0x2b0 [ 183.177679] __x64_sys_exit_group+0x47/0x50 [ 183.178123] do_syscall_64+0x3b/0x90 [ 183.178561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.179097] RIP: 0033:0x7f4b87518a4d [ 183.179491] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.180191] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.181309] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.182027] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.182776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.183519] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.184243] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.184998] [ 183.185310] irq event stamp: 0 [ 183.185759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.186615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.187480] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.188322] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.188954] ---[ end trace 0000000000000000 ]--- [ 183.189853] ------------[ cut here ]------------ [ 183.190417] WARNING: CPU: 0 PID: 1739 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.191958] Modules linked in: [ 183.192317] CPU: 0 PID: 1739 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.193194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.194424] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.195436] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.197352] RSP: 0018:ffff88800efa7b78 EFLAGS: 00010246 [ 183.197920] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.198689] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 183.199443] RBP: ffff88800efa7b98 R08: ffffed1002844c3e R09: ffffed1002844c3e [ 183.200177] R10: ffff8880142261ef R11: ffffed1002844c3d R12: ffff888014226290 [ 183.200918] R13: ffff8880142260a8 R14: ffffffffffffffff R15: ffff88800efa7c60 [ 183.201653] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.202704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.203490] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 183.204232] PKRU: 55555554 [ 183.204523] Call Trace: [ 183.204789] [ 183.205024] iommufd_ioas_destroy+0x53/0x70 [ 183.205479] iommufd_fops_release+0x1f7/0x370 [ 183.205953] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.206478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.207026] ? write_comp_data+0x2f/0x90 [ 183.207483] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.208092] __fput+0x26d/0xa40 [ 183.208648] ____fput+0x1e/0x30 [ 183.209011] task_work_run+0x1a4/0x2d0 [ 183.209426] ? __pfx_task_work_run+0x10/0x10 [ 183.209891] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.210409] ? switch_task_namespaces+0xa9/0xe0 [ 183.210948] do_exit+0xb17/0x2ef0 [ 183.211349] ? lock_acquire+0x427/0x4c0 [ 183.211787] ? __pfx_lock_release+0x10/0x10 [ 183.212246] ? __kasan_check_write+0x18/0x20 [ 183.212712] ? do_raw_spin_lock+0x132/0x2a0 [ 183.213206] ? __pfx_do_exit+0x10/0x10 [ 183.213763] ? debug_smp_processor_id+0x20/0x30 [ 183.214460] ? rcu_is_watching+0x19/0xb0 [ 183.214925] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.215417] ? trace_hardirqs_on+0x26/0x120 [ 183.215877] do_group_exit+0xe0/0x2b0 [ 183.216278] __x64_sys_exit_group+0x47/0x50 [ 183.216727] do_syscall_64+0x3b/0x90 [ 183.217126] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.217675] RIP: 0033:0x7f4b87518a4d [ 183.218090] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.219008] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.219936] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.220681] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.221424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.222161] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.222949] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.223706] [ 183.224010] irq event stamp: 0 [ 183.224486] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.225324] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.226202] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.227106] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.227780] ---[ end trace 0000000000000000 ]--- [ 183.233475] ------------[ cut here ]------------ [ 183.234201] WARNING: CPU: 0 PID: 1740 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.235616] Modules linked in: [ 183.236046] CPU: 0 PID: 1740 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.237218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.238386] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.238945] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.240854] RSP: 0018:ffff888013fafbb8 EFLAGS: 00010246 [ 183.241580] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 183.242471] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 183.243251] RBP: ffff888013fafbd0 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 183.243999] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff88800a724000 [ 183.244741] R13: ffff8880104669e8 R14: ffffffff8352e670 R15: ffff888013fafe68 [ 183.245496] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.246670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.247286] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 183.248033] PKRU: 55555554 [ 183.248332] Call Trace: [ 183.248599] [ 183.248834] __iommufd_access_detach+0x1c2/0x2b0 [ 183.249343] iommufd_access_change_pt+0x149/0x270 [ 183.249861] iommufd_access_replace+0xb4/0x120 [ 183.250359] iommufd_test+0x3e5/0x37e0 [ 183.250823] ? lock_release+0x532/0x770 [ 183.251272] ? __might_fault+0x102/0x1b0 [ 183.251717] ? lock_acquire+0x427/0x4c0 [ 183.252151] ? __pfx_iommufd_test+0x10/0x10 [ 183.252611] ? __pfx_lock_release+0x10/0x10 [ 183.253075] ? __pfx_lock_acquire+0x10/0x10 [ 183.253549] ? write_comp_data+0x2f/0x90 [ 183.253992] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.254546] ? write_comp_data+0x2f/0x90 [ 183.254985] iommufd_fops_ioctl+0x37d/0x510 [ 183.255456] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.255991] ? write_comp_data+0x2f/0x90 [ 183.256439] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.256964] __x64_sys_ioctl+0x1a3/0x230 [ 183.257414] do_syscall_64+0x3b/0x90 [ 183.257828] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.258397] RIP: 0033:0x7f4b8743ee5d [ 183.258825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.260791] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.261609] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.262363] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.263137] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.263890] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.264646] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.265410] [ 183.265668] irq event stamp: 0 [ 183.266005] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.266715] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.267623] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.268521] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.269191] ---[ end trace 0000000000000000 ]--- [ 183.273017] ------------[ cut here ]------------ [ 183.273545] WARNING: CPU: 0 PID: 1740 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.274745] Modules linked in: [ 183.275276] CPU: 0 PID: 1740 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.276199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.277393] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.277924] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.280404] RSP: 0018:ffff888013fafbd0 EFLAGS: 00010246 [ 183.280980] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 183.281727] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 183.282475] RBP: ffff888013fafbe8 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 183.283263] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff888014761000 [ 183.284018] R13: ffff8880104669e8 R14: ffff88800ca5ad00 R15: 0000000000000000 [ 183.284766] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.285611] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.286213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 183.286994] PKRU: 55555554 [ 183.287301] Call Trace: [ 183.287572] [ 183.287811] iommufd_access_destroy_object+0x65/0x170 [ 183.288384] iommufd_object_destroy_user+0x18e/0x220 [ 183.288936] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.289553] iommufd_access_destroy+0x43/0x70 [ 183.290041] iommufd_test_staccess_release+0x8d/0xd0 [ 183.290609] __fput+0x26d/0xa40 [ 183.290969] ____fput+0x1e/0x30 [ 183.291336] task_work_run+0x1a4/0x2d0 [ 183.291759] ? __pfx_task_work_run+0x10/0x10 [ 183.292227] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.292745] ? switch_task_namespaces+0xa9/0xe0 [ 183.293252] do_exit+0xb17/0x2ef0 [ 183.293624] ? lock_acquire+0x427/0x4c0 [ 183.294055] ? __pfx_lock_release+0x10/0x10 [ 183.294550] ? __kasan_check_write+0x18/0x20 [ 183.295016] ? do_raw_spin_lock+0x132/0x2a0 [ 183.295487] ? __pfx_do_exit+0x10/0x10 [ 183.295908] ? debug_smp_processor_id+0x20/0x30 [ 183.296400] ? rcu_is_watching+0x19/0xb0 [ 183.296832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.297315] ? trace_hardirqs_on+0x26/0x120 [ 183.297770] do_group_exit+0xe0/0x2b0 [ 183.298162] __x64_sys_exit_group+0x47/0x50 [ 183.298633] do_syscall_64+0x3b/0x90 [ 183.299034] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.299584] RIP: 0033:0x7f4b87518a4d [ 183.299967] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.300600] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.301394] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.302131] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.302891] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.303636] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.304371] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.305116] [ 183.305359] irq event stamp: 0 [ 183.305673] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.306272] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.307086] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.307886] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.308481] ---[ end trace 0000000000000000 ]--- [ 183.309451] ------------[ cut here ]------------ [ 183.310081] WARNING: CPU: 0 PID: 1740 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.311085] Modules linked in: [ 183.311397] CPU: 0 PID: 1740 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.312222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.313561] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.314050] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.315789] RSP: 0018:ffff888013fafb78 EFLAGS: 00010246 [ 183.316288] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.317068] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 183.317852] RBP: ffff888013fafb98 R08: ffffed100208cd3e R09: ffffed100208cd3e [ 183.318538] R10: ffff8880104669ef R11: ffffed100208cd3d R12: ffff888010466a90 [ 183.318636] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5462 of 7281 items, 4194304 file size, 767 bytes per hash table item), suggesting rotation. [ 183.319209] R13: ffff8880104668a8 R14: ffffffffffffffff R15: ffff888013fafc60 [ 183.319220] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.321105] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 183.321738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.324331] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 183.324992] PKRU: 55555554 [ 183.325258] Call Trace: [ 183.325497] [ 183.325709] iommufd_ioas_destroy+0x53/0x70 [ 183.326121] iommufd_fops_release+0x1f7/0x370 [ 183.326562] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.327032] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.327506] ? write_comp_data+0x2f/0x90 [ 183.327903] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.328376] __fput+0x26d/0xa40 [ 183.328702] ____fput+0x1e/0x30 [ 183.329023] task_work_run+0x1a4/0x2d0 [ 183.329399] ? __pfx_task_work_run+0x10/0x10 [ 183.329817] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.330284] ? switch_task_namespaces+0xa9/0xe0 [ 183.330767] do_exit+0xb17/0x2ef0 [ 183.331202] ? lock_acquire+0x427/0x4c0 [ 183.331755] ? __pfx_lock_release+0x10/0x10 [ 183.332172] ? __kasan_check_write+0x18/0x20 [ 183.332590] ? do_raw_spin_lock+0x132/0x2a0 [ 183.332999] ? __pfx_do_exit+0x10/0x10 [ 183.333543] ? debug_smp_processor_id+0x20/0x30 [ 183.333994] ? rcu_is_watching+0x19/0xb0 [ 183.334383] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.334835] ? trace_hardirqs_on+0x26/0x120 [ 183.335340] do_group_exit+0xe0/0x2b0 [ 183.335817] __x64_sys_exit_group+0x47/0x50 [ 183.336226] do_syscall_64+0x3b/0x90 [ 183.336595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.337088] RIP: 0033:0x7f4b87518a4d [ 183.337438] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.338015] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.338750] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.339511] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.340307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.340972] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.341631] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.342300] [ 183.342542] irq event stamp: 0 [ 183.342839] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.343435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.344216] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.344986] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.345568] ---[ end trace 0000000000000000 ]--- [ 183.352099] ------------[ cut here ]------------ [ 183.352568] WARNING: CPU: 0 PID: 1742 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.353502] Modules linked in: [ 183.353799] CPU: 0 PID: 1742 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.354639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.355690] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.356160] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.357862] RSP: 0018:ffff88800efa7bb8 EFLAGS: 00010246 [ 183.358369] RAX: 0000000000000000 RBX: ffff88800f3710a8 RCX: 0000000000000000 [ 183.359054] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 183.359729] RBP: ffff88800efa7bd0 R08: ffffed1001e6e233 R09: ffffed1001e6e233 [ 183.360500] R10: ffff88800f371193 R11: ffffed1001e6e232 R12: ffff88801226e800 [ 183.361325] R13: ffff88800f3711e8 R14: ffffffff8352e670 R15: ffff88800efa7e68 [ 183.361993] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.362962] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.363523] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 183.364202] PKRU: 55555554 [ 183.364663] Call Trace: [ 183.364905] [ 183.365116] __iommufd_access_detach+0x1c2/0x2b0 [ 183.365584] iommufd_access_change_pt+0x149/0x270 [ 183.366060] iommufd_access_replace+0xb4/0x120 [ 183.366726] iommufd_test+0x3e5/0x37e0 [ 183.367096] ? lock_release+0x532/0x770 [ 183.367489] ? __might_fault+0x102/0x1b0 [ 183.367877] ? lock_acquire+0x427/0x4c0 [ 183.368260] ? __pfx_iommufd_test+0x10/0x10 [ 183.368663] ? __pfx_lock_release+0x10/0x10 [ 183.369070] ? __pfx_lock_acquire+0x10/0x10 [ 183.369485] ? write_comp_data+0x2f/0x90 [ 183.369876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.370337] ? write_comp_data+0x2f/0x90 [ 183.370750] iommufd_fops_ioctl+0x37d/0x510 [ 183.371168] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.371632] ? write_comp_data+0x2f/0x90 [ 183.372024] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.372485] __x64_sys_ioctl+0x1a3/0x230 [ 183.372879] do_syscall_64+0x3b/0x90 [ 183.373237] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.373730] RIP: 0033:0x7f4b8743ee5d [ 183.374082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.375852] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.376810] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.377472] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.378213] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.378998] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.379674] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.380532] [ 183.380751] irq event stamp: 0 [ 183.381044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.381632] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.382422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.383224] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.383897] ---[ end trace 0000000000000000 ]--- [ 183.389119] ------------[ cut here ]------------ [ 183.389628] WARNING: CPU: 0 PID: 1742 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.390730] Modules linked in: [ 183.391029] CPU: 0 PID: 1742 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.391853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.392908] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.393369] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.395086] RSP: 0018:ffff88800efa7bd0 EFLAGS: 00010246 [ 183.395593] RAX: 0000000000000000 RBX: ffff88800f3710a8 RCX: 0000000000000000 [ 183.396250] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 183.396908] RBP: ffff88800efa7be8 R08: ffffed1001e6e233 R09: ffffed1001e6e233 [ 183.397563] R10: ffff88800f371193 R11: ffffed1001e6e232 R12: ffff88800a726400 [ 183.398220] R13: ffff88800f3711e8 R14: ffff8880139bc100 R15: 0000000000000000 [ 183.398904] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.399660] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.400195] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 183.400855] PKRU: 55555554 [ 183.401120] Call Trace: [ 183.401361] [ 183.401571] iommufd_access_destroy_object+0x65/0x170 [ 183.402054] iommufd_object_destroy_user+0x18e/0x220 [ 183.402560] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.403107] iommufd_access_destroy+0x43/0x70 [ 183.403544] iommufd_test_staccess_release+0x8d/0xd0 [ 183.404016] __fput+0x26d/0xa40 [ 183.404330] ____fput+0x1e/0x30 [ 183.404640] task_work_run+0x1a4/0x2d0 [ 183.405009] ? __pfx_task_work_run+0x10/0x10 [ 183.405429] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.405886] ? switch_task_namespaces+0xa9/0xe0 [ 183.406328] do_exit+0xb17/0x2ef0 [ 183.406671] ? lock_acquire+0x427/0x4c0 [ 183.407052] ? __pfx_lock_release+0x10/0x10 [ 183.407465] ? __kasan_check_write+0x18/0x20 [ 183.407870] ? do_raw_spin_lock+0x132/0x2a0 [ 183.408272] ? __pfx_do_exit+0x10/0x10 [ 183.408641] ? debug_smp_processor_id+0x20/0x30 [ 183.409072] ? rcu_is_watching+0x19/0xb0 [ 183.409453] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.409878] ? trace_hardirqs_on+0x26/0x120 [ 183.410288] do_group_exit+0xe0/0x2b0 [ 183.410664] __x64_sys_exit_group+0x47/0x50 [ 183.411070] do_syscall_64+0x3b/0x90 [ 183.411435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.411923] RIP: 0033:0x7f4b87518a4d [ 183.412275] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.412835] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.413526] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.414182] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.414865] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.415540] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.416211] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.416861] [ 183.417075] irq event stamp: 0 [ 183.417365] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.417926] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.418675] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.419425] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.419966] ---[ end trace 0000000000000000 ]--- [ 183.420797] ------------[ cut here ]------------ [ 183.421433] WARNING: CPU: 0 PID: 1742 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.422318] Modules linked in: [ 183.422635] CPU: 0 PID: 1742 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.423599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.424595] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.425059] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.426819] RSP: 0018:ffff88800efa7b78 EFLAGS: 00010246 [ 183.427298] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.427922] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 183.428544] RBP: ffff88800efa7b98 R08: ffffed1001e6e23e R09: ffffed1001e6e23e [ 183.429172] R10: ffff88800f3711ef R11: ffffed1001e6e23d R12: ffff88800f371290 [ 183.429798] R13: ffff88800f3710a8 R14: ffffffffffffffff R15: ffff88800efa7c60 [ 183.430422] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 183.431158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.431670] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 183.432292] PKRU: 55555554 [ 183.432546] Call Trace: [ 183.432771] [ 183.432972] iommufd_ioas_destroy+0x53/0x70 [ 183.433361] iommufd_fops_release+0x1f7/0x370 [ 183.433765] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.434209] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.434674] ? write_comp_data+0x2f/0x90 [ 183.435046] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.435502] __fput+0x26d/0xa40 [ 183.435826] ____fput+0x1e/0x30 [ 183.436133] task_work_run+0x1a4/0x2d0 [ 183.436489] ? __pfx_task_work_run+0x10/0x10 [ 183.436886] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.437323] ? switch_task_namespaces+0xa9/0xe0 [ 183.437753] do_exit+0xb17/0x2ef0 [ 183.438061] ? lock_acquire+0x427/0x4c0 [ 183.438423] ? __pfx_lock_release+0x10/0x10 [ 183.438832] ? __kasan_check_write+0x18/0x20 [ 183.439238] ? do_raw_spin_lock+0x132/0x2a0 [ 183.439620] ? __pfx_do_exit+0x10/0x10 [ 183.439971] ? debug_smp_processor_id+0x20/0x30 [ 183.440384] ? rcu_is_watching+0x19/0xb0 [ 183.440747] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.441153] ? trace_hardirqs_on+0x26/0x120 [ 183.441539] do_group_exit+0xe0/0x2b0 [ 183.441876] __x64_sys_exit_group+0x47/0x50 [ 183.442253] do_syscall_64+0x3b/0x90 [ 183.442606] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.443070] RIP: 0033:0x7f4b87518a4d [ 183.443409] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.443937] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.444593] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.445215] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.445834] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.446451] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.447101] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.447750] [ 183.447957] irq event stamp: 0 [ 183.448232] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.448785] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.449530] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.450258] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.450821] ---[ end trace 0000000000000000 ]--- [ 183.455698] ------------[ cut here ]------------ [ 183.456633] WARNING: CPU: 1 PID: 1743 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.457510] Modules linked in: [ 183.457788] CPU: 1 PID: 1743 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.458834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.459818] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.460247] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.461992] RSP: 0018:ffff8880123dfbb8 EFLAGS: 00010246 [ 183.462581] RAX: 0000000000000000 RBX: ffff88801722a8a8 RCX: 0000000000000000 [ 183.463270] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 183.463890] RBP: ffff8880123dfbd0 R08: ffffed1002e45533 R09: ffffed1002e45533 [ 183.464618] R10: ffff88801722a993 R11: ffffed1002e45532 R12: ffff888014581000 [ 183.465306] R13: ffff88801722a9e8 R14: ffffffff8352e670 R15: ffff8880123dfe68 [ 183.465927] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.466758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.467274] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 183.467894] PKRU: 55555554 [ 183.468146] Call Trace: [ 183.468400] [ 183.468683] __iommufd_access_detach+0x1c2/0x2b0 [ 183.469114] iommufd_access_change_pt+0x149/0x270 [ 183.469549] iommufd_access_replace+0xb4/0x120 [ 183.469961] iommufd_test+0x3e5/0x37e0 [ 183.470377] ? lock_release+0x532/0x770 [ 183.470822] ? __might_fault+0x102/0x1b0 [ 183.471199] ? lock_acquire+0x427/0x4c0 [ 183.471558] ? __pfx_iommufd_test+0x10/0x10 [ 183.471932] ? __pfx_lock_release+0x10/0x10 [ 183.472396] ? __pfx_lock_acquire+0x10/0x10 [ 183.472852] ? write_comp_data+0x2f/0x90 [ 183.473235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.473678] ? write_comp_data+0x2f/0x90 [ 183.474050] iommufd_fops_ioctl+0x37d/0x510 [ 183.474536] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.475024] ? write_comp_data+0x2f/0x90 [ 183.475412] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.475850] __x64_sys_ioctl+0x1a3/0x230 [ 183.476218] do_syscall_64+0x3b/0x90 [ 183.476677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.477138] RIP: 0033:0x7f4b8743ee5d [ 183.477469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.479223] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.479887] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.480579] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.481261] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.481876] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.482640] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.483283] [ 183.483493] irq event stamp: 0 [ 183.483767] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.484376] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.485179] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.485905] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.486625] ---[ end trace 0000000000000000 ]--- [ 183.491495] ------------[ cut here ]------------ [ 183.491946] WARNING: CPU: 1 PID: 1743 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.492975] Modules linked in: [ 183.493255] CPU: 1 PID: 1743 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.494007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.495177] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.495617] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.497341] RSP: 0018:ffff8880123dfbd0 EFLAGS: 00010246 [ 183.497807] RAX: 0000000000000000 RBX: ffff88801722a8a8 RCX: 0000000000000000 [ 183.498570] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 183.499198] RBP: ffff8880123dfbe8 R08: ffffed1002e45533 R09: ffffed1002e45533 [ 183.499818] R10: ffff88801722a993 R11: ffffed1002e45532 R12: ffff888012e90000 [ 183.500572] R13: ffff88801722a9e8 R14: ffff88801235be00 R15: 0000000000000000 [ 183.501191] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.501885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.502546] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 183.503181] PKRU: 55555554 [ 183.503431] Call Trace: [ 183.503654] [ 183.503858] iommufd_access_destroy_object+0x65/0x170 [ 183.504449] iommufd_object_destroy_user+0x18e/0x220 [ 183.504905] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.505423] iommufd_access_destroy+0x43/0x70 [ 183.505824] iommufd_test_staccess_release+0x8d/0xd0 [ 183.506422] __fput+0x26d/0xa40 [ 183.506745] ____fput+0x1e/0x30 [ 183.507041] task_work_run+0x1a4/0x2d0 [ 183.507406] ? __pfx_task_work_run+0x10/0x10 [ 183.507800] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.508304] ? switch_task_namespaces+0xa9/0xe0 [ 183.508760] do_exit+0xb17/0x2ef0 [ 183.509064] ? lock_acquire+0x427/0x4c0 [ 183.509425] ? __pfx_lock_release+0x10/0x10 [ 183.509809] ? __kasan_check_write+0x18/0x20 [ 183.510322] ? do_raw_spin_lock+0x132/0x2a0 [ 183.510723] ? __pfx_do_exit+0x10/0x10 [ 183.511073] ? debug_smp_processor_id+0x20/0x30 [ 183.511493] ? rcu_is_watching+0x19/0xb0 [ 183.511857] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.512390] ? trace_hardirqs_on+0x26/0x120 [ 183.512777] do_group_exit+0xe0/0x2b0 [ 183.513113] __x64_sys_exit_group+0x47/0x50 [ 183.513493] do_syscall_64+0x3b/0x90 [ 183.513833] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.514289] RIP: 0033:0x7f4b87518a4d [ 183.514634] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.515183] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.515844] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.516501] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.517261] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.517882] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.518536] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.519316] [ 183.519524] irq event stamp: 0 [ 183.519798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.520349] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.521165] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.521959] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.522532] ---[ end trace 0000000000000000 ]--- [ 183.523573] ------------[ cut here ]------------ [ 183.524087] WARNING: CPU: 1 PID: 1743 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.525040] Modules linked in: [ 183.525348] CPU: 1 PID: 1743 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.526308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.527401] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.527889] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.529553] RSP: 0018:ffff8880123dfb78 EFLAGS: 00010246 [ 183.530044] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.530976] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 183.531649] RBP: ffff8880123dfb98 R08: ffffed1002e4553e R09: ffffed1002e4553e [ 183.532302] R10: ffff88801722a9ef R11: ffffed1002e4553d R12: ffff88801722aa90 [ 183.532951] R13: ffff88801722a8a8 R14: ffffffffffffffff R15: ffff8880123dfc60 [ 183.533599] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.534332] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.534883] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 183.535546] PKRU: 55555554 [ 183.535807] Call Trace: [ 183.536042] [ 183.536249] iommufd_ioas_destroy+0x53/0x70 [ 183.536645] iommufd_fops_release+0x1f7/0x370 [ 183.537060] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.537516] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.537966] ? write_comp_data+0x2f/0x90 [ 183.538342] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.538817] __fput+0x26d/0xa40 [ 183.539140] ____fput+0x1e/0x30 [ 183.539459] task_work_run+0x1a4/0x2d0 [ 183.539821] ? __pfx_task_work_run+0x10/0x10 [ 183.540232] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.540689] ? switch_task_namespaces+0xa9/0xe0 [ 183.541124] do_exit+0xb17/0x2ef0 [ 183.541446] ? lock_acquire+0x427/0x4c0 [ 183.541821] ? __pfx_lock_release+0x10/0x10 [ 183.542215] ? __kasan_check_write+0x18/0x20 [ 183.542643] ? do_raw_spin_lock+0x132/0x2a0 [ 183.543044] ? __pfx_do_exit+0x10/0x10 [ 183.543413] ? debug_smp_processor_id+0x20/0x30 [ 183.543837] ? rcu_is_watching+0x19/0xb0 [ 183.544208] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.544619] ? trace_hardirqs_on+0x26/0x120 [ 183.545016] do_group_exit+0xe0/0x2b0 [ 183.545373] __x64_sys_exit_group+0x47/0x50 [ 183.545771] do_syscall_64+0x3b/0x90 [ 183.546122] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.546616] RIP: 0033:0x7f4b87518a4d [ 183.546956] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.547526] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.548220] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.548838] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.549472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.550100] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.550752] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.551380] [ 183.551585] irq event stamp: 0 [ 183.551860] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.552405] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.553132] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.553853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.554396] ---[ end trace 0000000000000000 ]--- [ 183.559335] ------------[ cut here ]------------ [ 183.559786] WARNING: CPU: 1 PID: 1744 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.560650] Modules linked in: [ 183.560925] CPU: 1 PID: 1744 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.561669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.562656] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.563083] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.564649] RSP: 0018:ffff8880219d7bb8 EFLAGS: 00010246 [ 183.565104] RAX: 0000000000000000 RBX: ffff88800efa10a8 RCX: 0000000000000000 [ 183.565712] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 183.566314] RBP: ffff8880219d7bd0 R08: ffffed1001df4233 R09: ffffed1001df4233 [ 183.566947] R10: ffff88800efa1193 R11: ffffed1001df4232 R12: ffff888018abac00 [ 183.567572] R13: ffff88800efa11e8 R14: ffffffff8352e670 R15: ffff8880219d7e68 [ 183.568180] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.568866] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.569361] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 183.569972] PKRU: 55555554 [ 183.570216] Call Trace: [ 183.570435] [ 183.570649] __iommufd_access_detach+0x1c2/0x2b0 [ 183.571073] iommufd_access_change_pt+0x149/0x270 [ 183.571512] iommufd_access_replace+0xb4/0x120 [ 183.571933] iommufd_test+0x3e5/0x37e0 [ 183.572280] ? lock_release+0x532/0x770 [ 183.572697] ? __might_fault+0x102/0x1b0 [ 183.573263] ? lock_acquire+0x427/0x4c0 [ 183.573625] ? __pfx_iommufd_test+0x10/0x10 [ 183.574009] ? __pfx_lock_release+0x10/0x10 [ 183.574418] ? __pfx_lock_acquire+0x10/0x10 [ 183.574842] ? write_comp_data+0x2f/0x90 [ 183.575215] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.575651] ? write_comp_data+0x2f/0x90 [ 183.576017] iommufd_fops_ioctl+0x37d/0x510 [ 183.576402] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.576834] ? write_comp_data+0x2f/0x90 [ 183.577199] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.577830] __x64_sys_ioctl+0x1a3/0x230 [ 183.578202] do_syscall_64+0x3b/0x90 [ 183.578565] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.579024] RIP: 0033:0x7f4b8743ee5d [ 183.579359] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.580921] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.581620] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.582370] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.583023] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.583651] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.584264] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.584885] [ 183.585091] irq event stamp: 0 [ 183.585366] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.586104] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.586853] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.587614] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.588197] ---[ end trace 0000000000000000 ]--- [ 183.591191] ------------[ cut here ]------------ [ 183.591660] WARNING: CPU: 1 PID: 1744 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.592588] Modules linked in: [ 183.592887] CPU: 1 PID: 1744 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.593693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.595126] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.595593] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.597271] RSP: 0018:ffff8880219d7bd0 EFLAGS: 00010246 [ 183.597758] RAX: 0000000000000000 RBX: ffff88800efa10a8 RCX: 0000000000000000 [ 183.598408] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 183.599230] RBP: ffff8880219d7be8 R08: ffffed1001df4233 R09: ffffed1001df4233 [ 183.600014] R10: ffff88800efa1193 R11: ffffed1001df4232 R12: ffff888012e95400 [ 183.600666] R13: ffff88800efa11e8 R14: ffff88800efecf00 R15: 0000000000000000 [ 183.601312] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.602044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.602599] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 183.603277] PKRU: 55555554 [ 183.603585] Call Trace: [ 183.603892] [ 183.604227] iommufd_access_destroy_object+0x65/0x170 [ 183.604707] iommufd_object_destroy_user+0x18e/0x220 [ 183.605177] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.605717] iommufd_access_destroy+0x43/0x70 [ 183.606138] iommufd_test_staccess_release+0x8d/0xd0 [ 183.606654] __fput+0x26d/0xa40 [ 183.606974] ____fput+0x1e/0x30 [ 183.607303] task_work_run+0x1a4/0x2d0 [ 183.607676] ? __pfx_task_work_run+0x10/0x10 [ 183.608084] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.608749] ? switch_task_namespaces+0xa9/0xe0 [ 183.609191] do_exit+0xb17/0x2ef0 [ 183.609512] ? lock_acquire+0x427/0x4c0 [ 183.609884] ? __pfx_lock_release+0x10/0x10 [ 183.610290] ? __kasan_check_write+0x18/0x20 [ 183.610730] ? do_raw_spin_lock+0x132/0x2a0 [ 183.611145] ? __pfx_do_exit+0x10/0x10 [ 183.611526] ? debug_smp_processor_id+0x20/0x30 [ 183.611974] ? rcu_is_watching+0x19/0xb0 [ 183.612364] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.612875] ? trace_hardirqs_on+0x26/0x120 [ 183.613438] do_group_exit+0xe0/0x2b0 [ 183.613806] __x64_sys_exit_group+0x47/0x50 [ 183.614215] do_syscall_64+0x3b/0x90 [ 183.614607] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.615109] RIP: 0033:0x7f4b87518a4d [ 183.615479] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.616063] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.616780] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.617448] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.618378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.619079] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.619760] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.620436] [ 183.620656] irq event stamp: 0 [ 183.620957] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.621544] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.622448] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.623453] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.624050] ---[ end trace 0000000000000000 ]--- [ 183.624870] ------------[ cut here ]------------ [ 183.625310] WARNING: CPU: 1 PID: 1744 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.626271] Modules linked in: [ 183.626616] CPU: 1 PID: 1744 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.627450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.628724] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.629214] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.630934] RSP: 0018:ffff8880219d7b78 EFLAGS: 00010246 [ 183.631519] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.632564] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 183.633281] RBP: ffff8880219d7b98 R08: ffffed1001df423e R09: ffffed1001df423e [ 183.633995] R10: ffff88800efa11ef R11: ffffed1001df423d R12: ffff88800efa1290 [ 183.634791] R13: ffff88800efa10a8 R14: ffffffffffffffff R15: ffff8880219d7c60 [ 183.635523] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.636371] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.637144] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 183.638002] PKRU: 55555554 [ 183.638286] Call Trace: [ 183.638563] [ 183.638793] iommufd_ioas_destroy+0x53/0x70 [ 183.639253] iommufd_fops_release+0x1f7/0x370 [ 183.639729] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.640234] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.640739] ? write_comp_data+0x2f/0x90 [ 183.641290] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.641969] __fput+0x26d/0xa40 [ 183.642440] ____fput+0x1e/0x30 [ 183.642823] task_work_run+0x1a4/0x2d0 [ 183.643242] ? __pfx_task_work_run+0x10/0x10 [ 183.643696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.644198] ? switch_task_namespaces+0xa9/0xe0 [ 183.644685] do_exit+0xb17/0x2ef0 [ 183.645051] ? lock_acquire+0x427/0x4c0 [ 183.645471] ? __pfx_lock_release+0x10/0x10 [ 183.645962] ? __kasan_check_write+0x18/0x20 [ 183.646566] ? do_raw_spin_lock+0x132/0x2a0 [ 183.647210] ? __pfx_do_exit+0x10/0x10 [ 183.647618] ? debug_smp_processor_id+0x20/0x30 [ 183.648086] ? rcu_is_watching+0x19/0xb0 [ 183.648499] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.648960] ? trace_hardirqs_on+0x26/0x120 [ 183.649403] do_group_exit+0xe0/0x2b0 [ 183.649788] __x64_sys_exit_group+0x47/0x50 [ 183.650222] do_syscall_64+0x3b/0x90 [ 183.650669] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.651473] RIP: 0033:0x7f4b87518a4d [ 183.651904] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.652518] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.653237] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.653894] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.654569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.655237] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.655890] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.656558] [ 183.656776] irq event stamp: 0 [ 183.657066] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.657648] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.658416] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.659209] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.659799] ---[ end trace 0000000000000000 ]--- [ 183.664566] ------------[ cut here ]------------ [ 183.665051] WARNING: CPU: 1 PID: 1745 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.665989] Modules linked in: [ 183.666284] CPU: 1 PID: 1745 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.667144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.668193] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.668654] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.670333] RSP: 0018:ffff888016eb7bb8 EFLAGS: 00010246 [ 183.670843] RAX: 0000000000000000 RBX: ffff888015c470a8 RCX: 0000000000000000 [ 183.671517] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 183.672167] RBP: ffff888016eb7bd0 R08: ffffed1002b88e33 R09: ffffed1002b88e33 [ 183.672812] R10: ffff888015c47193 R11: ffffed1002b88e32 R12: ffff88801341f000 [ 183.673461] R13: ffff888015c471e8 R14: ffffffff8352e670 R15: ffff888016eb7e68 [ 183.674109] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.674866] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.675402] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 183.676054] PKRU: 55555554 [ 183.676316] Call Trace: [ 183.676554] [ 183.676765] __iommufd_access_detach+0x1c2/0x2b0 [ 183.677217] iommufd_access_change_pt+0x149/0x270 [ 183.677670] iommufd_access_replace+0xb4/0x120 [ 183.678100] iommufd_test+0x3e5/0x37e0 [ 183.678454] ? lock_release+0x532/0x770 [ 183.678854] ? __might_fault+0x102/0x1b0 [ 183.679247] ? lock_acquire+0x427/0x4c0 [ 183.679625] ? __pfx_iommufd_test+0x10/0x10 [ 183.680020] ? __pfx_lock_release+0x10/0x10 [ 183.680423] ? __pfx_lock_acquire+0x10/0x10 [ 183.680823] ? write_comp_data+0x2f/0x90 [ 183.681208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.681657] ? write_comp_data+0x2f/0x90 [ 183.682040] iommufd_fops_ioctl+0x37d/0x510 [ 183.682440] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.682925] ? write_comp_data+0x2f/0x90 [ 183.683319] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.683768] __x64_sys_ioctl+0x1a3/0x230 [ 183.684150] do_syscall_64+0x3b/0x90 [ 183.684501] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.684987] RIP: 0033:0x7f4b8743ee5d [ 183.685327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.687006] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.687697] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.688308] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.688922] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.689536] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.690146] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.690784] [ 183.690988] irq event stamp: 0 [ 183.691273] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.691817] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.692542] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.693252] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.693798] ---[ end trace 0000000000000000 ]--- [ 183.696777] ------------[ cut here ]------------ [ 183.697216] WARNING: CPU: 1 PID: 1745 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.698082] Modules linked in: [ 183.698360] CPU: 1 PID: 1745 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.699166] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.700131] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.700564] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.702124] RSP: 0018:ffff888016eb7bd0 EFLAGS: 00010246 [ 183.702599] RAX: 0000000000000000 RBX: ffff888015c470a8 RCX: 0000000000000000 [ 183.703217] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 183.703825] RBP: ffff888016eb7be8 R08: ffffed1002b88e33 R09: ffffed1002b88e33 [ 183.704434] R10: ffff888015c47193 R11: ffffed1002b88e32 R12: ffff8880184ef000 [ 183.705043] R13: ffff888015c471e8 R14: ffff888014b9b700 R15: 0000000000000000 [ 183.705653] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.706339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.706860] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 183.707488] PKRU: 55555554 [ 183.707733] Call Trace: [ 183.707954] [ 183.708147] iommufd_access_destroy_object+0x65/0x170 [ 183.708596] iommufd_object_destroy_user+0x18e/0x220 [ 183.709044] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.709550] iommufd_access_destroy+0x43/0x70 [ 183.709946] iommufd_test_staccess_release+0x8d/0xd0 [ 183.710387] __fput+0x26d/0xa40 [ 183.710706] ____fput+0x1e/0x30 [ 183.711001] task_work_run+0x1a4/0x2d0 [ 183.711351] ? __pfx_task_work_run+0x10/0x10 [ 183.711736] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.712163] ? switch_task_namespaces+0xa9/0xe0 [ 183.712573] do_exit+0xb17/0x2ef0 [ 183.712875] ? lock_acquire+0x427/0x4c0 [ 183.713229] ? __pfx_lock_release+0x10/0x10 [ 183.713606] ? __kasan_check_write+0x18/0x20 [ 183.713993] ? do_raw_spin_lock+0x132/0x2a0 [ 183.714367] ? __pfx_do_exit+0x10/0x10 [ 183.714728] ? debug_smp_processor_id+0x20/0x30 [ 183.715146] ? rcu_is_watching+0x19/0xb0 [ 183.715504] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.715903] ? trace_hardirqs_on+0x26/0x120 [ 183.716285] do_group_exit+0xe0/0x2b0 [ 183.716616] __x64_sys_exit_group+0x47/0x50 [ 183.716991] do_syscall_64+0x3b/0x90 [ 183.717320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.717773] RIP: 0033:0x7f4b87518a4d [ 183.718095] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.718648] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.719307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.719920] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.720530] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.721139] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.721751] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.722374] [ 183.722602] irq event stamp: 0 [ 183.722879] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.723439] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.724158] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.724872] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.725410] ---[ end trace 0000000000000000 ]--- [ 183.726167] ------------[ cut here ]------------ [ 183.726607] WARNING: CPU: 1 PID: 1745 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.727498] Modules linked in: [ 183.727778] CPU: 1 PID: 1745 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.728532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.729502] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.729949] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.731732] RSP: 0018:ffff888016eb7b78 EFLAGS: 00010246 [ 183.732196] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.732804] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 183.733412] RBP: ffff888016eb7b98 R08: ffffed1002b88e3e R09: ffffed1002b88e3e [ 183.734006] R10: ffff888015c471ef R11: ffffed1002b88e3d R12: ffff888015c47290 [ 183.734622] R13: ffff888015c470a8 R14: ffffffffffffffff R15: ffff888016eb7c60 [ 183.735224] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.735887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.736378] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 183.736976] PKRU: 55555554 [ 183.737218] Call Trace: [ 183.737434] [ 183.737628] iommufd_ioas_destroy+0x53/0x70 [ 183.738002] iommufd_fops_release+0x1f7/0x370 [ 183.738392] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.738834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.739258] ? write_comp_data+0x2f/0x90 [ 183.739612] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.740020] __fput+0x26d/0xa40 [ 183.740303] ____fput+0x1e/0x30 [ 183.740583] task_work_run+0x1a4/0x2d0 [ 183.740912] ? __pfx_task_work_run+0x10/0x10 [ 183.741277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.741679] ? switch_task_namespaces+0xa9/0xe0 [ 183.742071] do_exit+0xb17/0x2ef0 [ 183.742356] ? lock_acquire+0x427/0x4c0 [ 183.742707] ? __pfx_lock_release+0x10/0x10 [ 183.743065] ? __kasan_check_write+0x18/0x20 [ 183.743437] ? do_raw_spin_lock+0x132/0x2a0 [ 183.743794] ? __pfx_do_exit+0x10/0x10 [ 183.744117] ? debug_smp_processor_id+0x20/0x30 [ 183.744501] ? rcu_is_watching+0x19/0xb0 [ 183.744835] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.745210] ? trace_hardirqs_on+0x26/0x120 [ 183.745573] do_group_exit+0xe0/0x2b0 [ 183.745887] __x64_sys_exit_group+0x47/0x50 [ 183.746240] do_syscall_64+0x3b/0x90 [ 183.746572] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.746998] RIP: 0033:0x7f4b87518a4d [ 183.747307] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.747806] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.748425] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.749002] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.749579] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.750152] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.750744] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.751334] [ 183.751531] irq event stamp: 0 [ 183.751789] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.752300] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.752977] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.753655] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.754169] ---[ end trace 0000000000000000 ]--- [ 183.758844] ------------[ cut here ]------------ [ 183.759273] WARNING: CPU: 1 PID: 1746 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.760091] Modules linked in: [ 183.760351] CPU: 1 PID: 1746 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.761054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.761954] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.762356] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.763870] RSP: 0018:ffff8880160d7bb8 EFLAGS: 00010246 [ 183.764302] RAX: 0000000000000000 RBX: ffff888018b5f8a8 RCX: 0000000000000000 [ 183.764875] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 183.765445] RBP: ffff8880160d7bd0 R08: ffffed100316bf33 R09: ffffed100316bf33 [ 183.766019] R10: ffff888018b5f993 R11: ffffed100316bf32 R12: ffff888018a3f400 [ 183.766608] R13: ffff888018b5f9e8 R14: ffffffff8352e670 R15: ffff8880160d7e68 [ 183.767191] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.767837] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.768304] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 183.768877] PKRU: 55555554 [ 183.769106] Call Trace: [ 183.769314] [ 183.769497] __iommufd_access_detach+0x1c2/0x2b0 [ 183.769896] iommufd_access_change_pt+0x149/0x270 [ 183.770298] iommufd_access_replace+0xb4/0x120 [ 183.770697] iommufd_test+0x3e5/0x37e0 [ 183.771014] ? lock_release+0x532/0x770 [ 183.771357] ? __might_fault+0x102/0x1b0 [ 183.771698] ? lock_acquire+0x427/0x4c0 [ 183.772034] ? __pfx_iommufd_test+0x10/0x10 [ 183.772383] ? __pfx_lock_release+0x10/0x10 [ 183.772740] ? __pfx_lock_acquire+0x10/0x10 [ 183.773103] ? write_comp_data+0x2f/0x90 [ 183.773445] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.773845] ? write_comp_data+0x2f/0x90 [ 183.774184] iommufd_fops_ioctl+0x37d/0x510 [ 183.774551] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.774952] ? write_comp_data+0x2f/0x90 [ 183.775302] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.775698] __x64_sys_ioctl+0x1a3/0x230 [ 183.776039] do_syscall_64+0x3b/0x90 [ 183.776353] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.776779] RIP: 0033:0x7f4b8743ee5d [ 183.777082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.778569] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.779192] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.779770] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.780344] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.780921] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.781490] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.782069] [ 183.782260] irq event stamp: 0 [ 183.782538] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.783049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.783736] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.784416] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.784927] ---[ end trace 0000000000000000 ]--- [ 183.787756] ------------[ cut here ]------------ [ 183.788173] WARNING: CPU: 1 PID: 1746 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.788996] Modules linked in: [ 183.789259] CPU: 1 PID: 1746 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.789963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.790892] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.791307] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.792775] RSP: 0018:ffff8880160d7bd0 EFLAGS: 00010246 [ 183.793207] RAX: 0000000000000000 RBX: ffff888018b5f8a8 RCX: 0000000000000000 [ 183.793787] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 183.794358] RBP: ffff8880160d7be8 R08: ffffed100316bf33 R09: ffffed100316bf33 [ 183.794956] R10: ffff888018b5f993 R11: ffffed100316bf32 R12: ffff88801341d000 [ 183.795541] R13: ffff888018b5f9e8 R14: ffff888012c78600 R15: 0000000000000000 [ 183.796116] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.796762] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.797230] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 183.797802] PKRU: 55555554 [ 183.798031] Call Trace: [ 183.798241] [ 183.798426] iommufd_access_destroy_object+0x65/0x170 [ 183.798865] iommufd_object_destroy_user+0x18e/0x220 [ 183.799290] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.799769] iommufd_access_destroy+0x43/0x70 [ 183.800144] iommufd_test_staccess_release+0x8d/0xd0 [ 183.800561] __fput+0x26d/0xa40 [ 183.800845] ____fput+0x1e/0x30 [ 183.801124] task_work_run+0x1a4/0x2d0 [ 183.801450] ? __pfx_task_work_run+0x10/0x10 [ 183.801814] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.802217] ? switch_task_namespaces+0xa9/0xe0 [ 183.802634] do_exit+0xb17/0x2ef0 [ 183.802918] ? lock_acquire+0x427/0x4c0 [ 183.803259] ? __pfx_lock_release+0x10/0x10 [ 183.803625] ? __kasan_check_write+0x18/0x20 [ 183.803988] ? do_raw_spin_lock+0x132/0x2a0 [ 183.804343] ? __pfx_do_exit+0x10/0x10 [ 183.804672] ? debug_smp_processor_id+0x20/0x30 [ 183.805061] ? rcu_is_watching+0x19/0xb0 [ 183.805395] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.805767] ? trace_hardirqs_on+0x26/0x120 [ 183.806125] do_group_exit+0xe0/0x2b0 [ 183.806440] __x64_sys_exit_group+0x47/0x50 [ 183.806808] do_syscall_64+0x3b/0x90 [ 183.807132] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.807563] RIP: 0033:0x7f4b87518a4d [ 183.807865] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.808361] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.808977] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.809549] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.810126] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.810718] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.811290] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.811877] [ 183.812069] irq event stamp: 0 [ 183.812325] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.812830] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.813503] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.814169] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.814694] ---[ end trace 0000000000000000 ]--- [ 183.815413] ------------[ cut here ]------------ [ 183.815801] WARNING: CPU: 1 PID: 1746 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.816625] Modules linked in: [ 183.816887] CPU: 1 PID: 1746 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.817597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.818534] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.818942] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.820421] RSP: 0018:ffff8880160d7b78 EFLAGS: 00010246 [ 183.820851] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.821424] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 183.821993] RBP: ffff8880160d7b98 R08: ffffed100316bf3e R09: ffffed100316bf3e [ 183.822580] R10: ffff888018b5f9ef R11: ffffed100316bf3d R12: ffff888018b5fa90 [ 183.823167] R13: ffff888018b5f8a8 R14: ffffffffffffffff R15: ffff8880160d7c60 [ 183.823750] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.824401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.824869] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 183.825439] PKRU: 55555554 [ 183.825667] Call Trace: [ 183.825867] [ 183.826045] iommufd_ioas_destroy+0x53/0x70 [ 183.826388] iommufd_fops_release+0x1f7/0x370 [ 183.826764] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.827167] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.827566] ? write_comp_data+0x2f/0x90 [ 183.827902] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.828679] __fput+0x26d/0xa40 [ 183.828966] ____fput+0x1e/0x30 [ 183.829239] task_work_run+0x1a4/0x2d0 [ 183.829557] ? __pfx_task_work_run+0x10/0x10 [ 183.829909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.830331] ? switch_task_namespaces+0xa9/0xe0 [ 183.830833] do_exit+0xb17/0x2ef0 [ 183.831111] ? lock_acquire+0x427/0x4c0 [ 183.831446] ? __pfx_lock_release+0x10/0x10 [ 183.831793] ? __kasan_check_write+0x18/0x20 [ 183.832145] ? do_raw_spin_lock+0x132/0x2a0 [ 183.832599] ? __pfx_do_exit+0x10/0x10 [ 183.832917] ? debug_smp_processor_id+0x20/0x30 [ 183.833289] ? rcu_is_watching+0x19/0xb0 [ 183.833612] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.833976] ? trace_hardirqs_on+0x26/0x120 [ 183.834429] do_group_exit+0xe0/0x2b0 [ 183.834748] __x64_sys_exit_group+0x47/0x50 [ 183.835091] do_syscall_64+0x3b/0x90 [ 183.835409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.835830] RIP: 0033:0x7f4b87518a4d [ 183.836130] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.836622] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.837348] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.837916] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.838495] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.839222] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.839787] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.840347] [ 183.840536] irq event stamp: 0 [ 183.840789] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.841413] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.842078] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.842803] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.843360] ---[ end trace 0000000000000000 ]--- [ 183.846942] ------------[ cut here ]------------ [ 183.847358] WARNING: CPU: 1 PID: 1747 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.848171] Modules linked in: [ 183.848539] CPU: 1 PID: 1747 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.849225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.850144] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.850625] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.852097] RSP: 0018:ffff888023e5fbb8 EFLAGS: 00010246 [ 183.852664] RAX: 0000000000000000 RBX: ffff8880182968a8 RCX: 0000000000000000 [ 183.853245] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 183.853834] RBP: ffff888023e5fbd0 R08: ffffed1003052d33 R09: ffffed1003052d33 [ 183.854549] R10: ffff888018296993 R11: ffffed1003052d32 R12: ffff888010824c00 [ 183.855152] R13: ffff8880182969e8 R14: ffffffff8352e670 R15: ffff888023e5fe68 [ 183.855736] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.856460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.856977] CR2: 00007f4b877410e8 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 183.857562] PKRU: 55555554 [ 183.857801] Call Trace: [ 183.858012] [ 183.858238] __iommufd_access_detach+0x1c2/0x2b0 [ 183.858708] iommufd_access_change_pt+0x149/0x270 [ 183.859126] iommufd_access_replace+0xb4/0x120 [ 183.859514] iommufd_test+0x3e5/0x37e0 [ 183.859835] ? lock_release+0x532/0x770 [ 183.860175] ? __might_fault+0x102/0x1b0 [ 183.860638] ? lock_acquire+0x427/0x4c0 [ 183.860979] ? __pfx_iommufd_test+0x10/0x10 [ 183.861333] ? __pfx_lock_release+0x10/0x10 [ 183.861692] ? __pfx_lock_acquire+0x10/0x10 [ 183.862055] ? write_comp_data+0x2f/0x90 [ 183.862584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.862991] ? write_comp_data+0x2f/0x90 [ 183.863345] iommufd_fops_ioctl+0x37d/0x510 [ 183.863702] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.864116] ? write_comp_data+0x2f/0x90 [ 183.864490] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.864995] __x64_sys_ioctl+0x1a3/0x230 [ 183.865338] do_syscall_64+0x3b/0x90 [ 183.865655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.866091] RIP: 0033:0x7f4b8743ee5d [ 183.866473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.868051] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.868758] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.869408] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.870002] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.870684] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.871303] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.871895] [ 183.872086] irq event stamp: 0 [ 183.872348] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.873012] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.873704] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.874403] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.875039] ---[ end trace 0000000000000000 ]--- [ 183.877969] ------------[ cut here ]------------ [ 183.878406] WARNING: CPU: 1 PID: 1747 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.879397] Modules linked in: [ 183.879681] CPU: 1 PID: 1747 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.880430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.881537] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.881969] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.883803] RSP: 0018:ffff888023e5fbd0 EFLAGS: 00010246 [ 183.884283] RAX: 0000000000000000 RBX: ffff8880182968a8 RCX: 0000000000000000 [ 183.884923] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 183.885698] RBP: ffff888023e5fbe8 R08: ffffed1003052d33 R09: ffffed1003052d33 [ 183.886327] R10: ffff888018296993 R11: ffffed1003052d32 R12: ffff88800ae92000 [ 183.886990] R13: ffff8880182969e8 R14: ffff888020f66700 R15: 0000000000000000 [ 183.887770] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.888484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.889003] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 183.889759] PKRU: 55555554 [ 183.890017] Call Trace: [ 183.890245] [ 183.890447] iommufd_access_destroy_object+0x65/0x170 [ 183.890930] iommufd_object_destroy_user+0x18e/0x220 [ 183.891475] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 183.892044] iommufd_access_destroy+0x43/0x70 [ 183.892477] iommufd_test_staccess_release+0x8d/0xd0 [ 183.892971] __fput+0x26d/0xa40 [ 183.893321] ____fput+0x1e/0x30 [ 183.893749] task_work_run+0x1a4/0x2d0 [ 183.894127] ? __pfx_task_work_run+0x10/0x10 [ 183.894567] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.895035] ? switch_task_namespaces+0xa9/0xe0 [ 183.895567] do_exit+0xb17/0x2ef0 [ 183.895965] ? lock_acquire+0x427/0x4c0 [ 183.896354] ? __pfx_lock_release+0x10/0x10 [ 183.896770] ? __kasan_check_write+0x18/0x20 [ 183.897196] ? do_raw_spin_lock+0x132/0x2a0 [ 183.897698] ? __pfx_do_exit+0x10/0x10 [ 183.898143] ? debug_smp_processor_id+0x20/0x30 [ 183.898608] ? rcu_is_watching+0x19/0xb0 [ 183.898994] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.899455] ? trace_hardirqs_on+0x26/0x120 [ 183.900011] do_group_exit+0xe0/0x2b0 [ 183.900393] __x64_sys_exit_group+0x47/0x50 [ 183.900813] do_syscall_64+0x3b/0x90 [ 183.901192] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.901701] RIP: 0033:0x7f4b87518a4d [ 183.902203] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.902815] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.903554] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.904326] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.905065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.905745] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.906604] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.907303] [ 183.907533] irq event stamp: 0 [ 183.907834] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.908507] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.909453] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.910338] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.911214] ---[ end trace 0000000000000000 ]--- [ 183.914130] ------------[ cut here ]------------ [ 183.914684] WARNING: CPU: 1 PID: 1747 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 183.915885] Modules linked in: [ 183.916283] CPU: 1 PID: 1747 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.917190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.918564] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 183.919105] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 183.921192] RSP: 0018:ffff888023e5fb78 EFLAGS: 00010246 [ 183.921749] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 183.922566] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 183.923410] RBP: ffff888023e5fb98 R08: ffffed1003052d3e R09: ffffed1003052d3e [ 183.924153] R10: ffff8880182969ef R11: ffffed1003052d3d R12: ffff888018296a90 [ 183.925013] R13: ffff8880182968a8 R14: ffffffffffffffff R15: ffff888023e5fc60 [ 183.925847] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.926709] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.927458] CR2: 00007f82e2ab6000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 183.928281] PKRU: 55555554 [ 183.928582] Call Trace: [ 183.928857] [ 183.929095] iommufd_ioas_destroy+0x53/0x70 [ 183.929607] iommufd_fops_release+0x1f7/0x370 [ 183.930205] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.930778] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.931322] ? write_comp_data+0x2f/0x90 [ 183.931771] ? __pfx_iommufd_fops_release+0x10/0x10 [ 183.932496] __fput+0x26d/0xa40 [ 183.932871] ____fput+0x1e/0x30 [ 183.933241] task_work_run+0x1a4/0x2d0 [ 183.933666] ? __pfx_task_work_run+0x10/0x10 [ 183.934138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.934842] ? switch_task_namespaces+0xa9/0xe0 [ 183.935370] do_exit+0xb17/0x2ef0 [ 183.935745] ? lock_acquire+0x427/0x4c0 [ 183.936175] ? __pfx_lock_release+0x10/0x10 [ 183.936695] ? __kasan_check_write+0x18/0x20 [ 183.937273] ? do_raw_spin_lock+0x132/0x2a0 [ 183.937741] ? __pfx_do_exit+0x10/0x10 [ 183.938164] ? debug_smp_processor_id+0x20/0x30 [ 183.938680] ? rcu_is_watching+0x19/0xb0 [ 183.939137] ? _raw_spin_unlock_irq+0x2b/0x60 [ 183.939631] ? trace_hardirqs_on+0x26/0x120 [ 183.940103] do_group_exit+0xe0/0x2b0 [ 183.940509] __x64_sys_exit_group+0x47/0x50 [ 183.940967] do_syscall_64+0x3b/0x90 [ 183.941369] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.941924] RIP: 0033:0x7f4b87518a4d [ 183.942322] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 183.943017] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 183.943851] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 183.944611] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 183.945360] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 183.946100] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 183.946863] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 183.947627] [ 183.947872] irq event stamp: 0 [ 183.948205] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.948861] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.949713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.950595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.951264] ---[ end trace 0000000000000000 ]--- [ 183.956078] ------------[ cut here ]------------ [ 183.956622] WARNING: CPU: 1 PID: 1748 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.957653] Modules linked in: [ 183.957986] CPU: 1 PID: 1748 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.958910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.960076] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.960594] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.962459] RSP: 0018:ffff888017bbfbb8 EFLAGS: 00010246 [ 183.963039] RAX: 0000000000000000 RBX: ffff88801722d8a8 RCX: 0000000000000000 [ 183.963795] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 183.964533] RBP: ffff888017bbfbd0 R08: ffffed1002e45b33 R09: ffffed1002e45b33 [ 183.965264] R10: ffff88801722d993 R11: ffffed1002e45b32 R12: ffff888012b44c00 [ 183.965991] R13: ffff88801722d9e8 R14: ffffffff8352e670 R15: ffff888017bbfe68 [ 183.966746] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 183.967587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 183.968187] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 183.968926] PKRU: 55555554 [ 183.969223] Call Trace: [ 183.969499] [ 183.969737] __iommufd_access_detach+0x1c2/0x2b0 [ 183.970253] iommufd_access_change_pt+0x149/0x270 [ 183.970798] iommufd_access_replace+0xb4/0x120 [ 183.971328] iommufd_test+0x3e5/0x37e0 [ 183.971740] ? lock_release+0x532/0x770 [ 183.972165] ? __might_fault+0x102/0x1b0 [ 183.972597] ? lock_acquire+0x427/0x4c0 [ 183.973023] ? __pfx_iommufd_test+0x10/0x10 [ 183.973465] ? __pfx_lock_release+0x10/0x10 [ 183.973915] ? __pfx_lock_acquire+0x10/0x10 [ 183.974376] ? write_comp_data+0x2f/0x90 [ 183.974831] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 183.975351] ? write_comp_data+0x2f/0x90 [ 183.975787] iommufd_fops_ioctl+0x37d/0x510 [ 183.976241] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.976764] ? write_comp_data+0x2f/0x90 [ 183.977198] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 183.977703] __x64_sys_ioctl+0x1a3/0x230 [ 183.978137] do_syscall_64+0x3b/0x90 [ 183.978564] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 183.979127] RIP: 0033:0x7f4b8743ee5d [ 183.979519] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 183.981376] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 183.982162] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 183.982925] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 183.983685] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 183.984409] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 183.985128] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 183.985863] [ 183.986109] irq event stamp: 0 [ 183.986431] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 183.987102] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 183.987969] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 183.988818] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 183.989466] ---[ end trace 0000000000000000 ]--- [ 183.992621] ------------[ cut here ]------------ [ 183.993126] WARNING: CPU: 1 PID: 1748 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 183.994151] Modules linked in: [ 183.994475] CPU: 1 PID: 1748 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 183.995418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 183.996563] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 183.997084] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 183.998950] RSP: 0018:ffff888017bbfbd0 EFLAGS: 00010246 [ 183.999508] RAX: 0000000000000000 RBX: ffff88801722d8a8 RCX: 0000000000000000 [ 184.000223] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 184.000945] RBP: ffff888017bbfbe8 R08: ffffed1002e45b33 R09: ffffed1002e45b33 [ 184.001666] R10: ffff88801722d993 R11: ffffed1002e45b32 R12: ffff888010826400 [ 184.002409] R13: ffff88801722d9e8 R14: ffff888012f91900 R15: 0000000000000000 [ 184.003211] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.004036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.004628] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.005354] PKRU: 55555554 [ 184.005641] Call Trace: [ 184.005897] [ 184.006131] iommufd_access_destroy_object+0x65/0x170 [ 184.006696] iommufd_object_destroy_user+0x18e/0x220 [ 184.007235] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.007830] iommufd_access_destroy+0x43/0x70 [ 184.008293] iommufd_test_staccess_release+0x8d/0xd0 [ 184.008818] __fput+0x26d/0xa40 [ 184.009170] ____fput+0x1e/0x30 [ 184.009517] task_work_run+0x1a4/0x2d0 [ 184.009926] ? __pfx_task_work_run+0x10/0x10 [ 184.010377] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.010913] ? switch_task_namespaces+0xa9/0xe0 [ 184.011417] do_exit+0xb17/0x2ef0 [ 184.011776] ? lock_acquire+0x427/0x4c0 [ 184.012193] ? __pfx_lock_release+0x10/0x10 [ 184.012637] ? __kasan_check_write+0x18/0x20 [ 184.013088] ? do_raw_spin_lock+0x132/0x2a0 [ 184.013529] ? __pfx_do_exit+0x10/0x10 [ 184.013934] ? debug_smp_processor_id+0x20/0x30 [ 184.014414] ? rcu_is_watching+0x19/0xb0 [ 184.014882] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.015377] ? trace_hardirqs_on+0x26/0x120 [ 184.015824] do_group_exit+0xe0/0x2b0 [ 184.016217] __x64_sys_exit_group+0x47/0x50 [ 184.016649] do_syscall_64+0x3b/0x90 [ 184.017009] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.017499] RIP: 0033:0x7f4b87518a4d [ 184.017847] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.018436] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.019174] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.019842] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.020517] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.021187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.021851] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.022542] [ 184.022761] irq event stamp: 0 [ 184.023056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.023667] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.024444] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.025215] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.025800] ---[ end trace 0000000000000000 ]--- [ 184.026617] ------------[ cut here ]------------ [ 184.027061] WARNING: CPU: 1 PID: 1748 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.028019] Modules linked in: [ 184.028329] CPU: 1 PID: 1748 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.029139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.030182] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.030701] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.032429] RSP: 0018:ffff888017bbfb78 EFLAGS: 00010246 [ 184.032926] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.033589] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 184.034246] RBP: ffff888017bbfb98 R08: ffffed1002e45b3e R09: ffffed1002e45b3e [ 184.034951] R10: ffff88801722d9ef R11: ffffed1002e45b3d R12: ffff88801722da90 [ 184.035630] R13: ffff88801722d8a8 R14: ffffffffffffffff R15: ffff888017bbfc60 [ 184.036290] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.037042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.037583] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.038255] PKRU: 55555554 [ 184.038545] Call Trace: [ 184.038792] [ 184.039008] iommufd_ioas_destroy+0x53/0x70 [ 184.039449] iommufd_fops_release+0x1f7/0x370 [ 184.039892] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.040369] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.040833] ? write_comp_data+0x2f/0x90 [ 184.041224] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.041689] __fput+0x26d/0xa40 [ 184.042019] ____fput+0x1e/0x30 [ 184.042337] task_work_run+0x1a4/0x2d0 [ 184.042737] ? __pfx_task_work_run+0x10/0x10 [ 184.043171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.043624] ? switch_task_namespaces+0xa9/0xe0 [ 184.044066] do_exit+0xb17/0x2ef0 [ 184.044391] ? lock_acquire+0x427/0x4c0 [ 184.044772] ? __pfx_lock_release+0x10/0x10 [ 184.045183] ? __kasan_check_write+0x18/0x20 [ 184.045601] ? do_raw_spin_lock+0x132/0x2a0 [ 184.046011] ? __pfx_do_exit+0x10/0x10 [ 184.046384] ? debug_smp_processor_id+0x20/0x30 [ 184.046838] ? rcu_is_watching+0x19/0xb0 [ 184.047232] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.047661] ? trace_hardirqs_on+0x26/0x120 [ 184.048071] do_group_exit+0xe0/0x2b0 [ 184.048432] __x64_sys_exit_group+0x47/0x50 [ 184.048831] do_syscall_64+0x3b/0x90 [ 184.049188] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.049679] RIP: 0033:0x7f4b87518a4d [ 184.050025] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.050623] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.051350] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.052010] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.052666] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.053324] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.053986] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.054694] [ 184.054917] irq event stamp: 0 [ 184.055226] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.055818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.056604] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.057395] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.057981] ---[ end trace 0000000000000000 ]--- [ 184.064952] ------------[ cut here ]------------ [ 184.065657] WARNING: CPU: 0 PID: 1749 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.067085] Modules linked in: [ 184.067552] CPU: 0 PID: 1749 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.068642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.070044] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.070761] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.073055] RSP: 0018:ffff888017267bb8 EFLAGS: 00010246 [ 184.073737] RAX: 0000000000000000 RBX: ffff888021bde8a8 RCX: 0000000000000000 [ 184.074700] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 184.075645] RBP: ffff888017267bd0 R08: ffffed100437bd33 R09: ffffed100437bd33 [ 184.076540] R10: ffff888021bde993 R11: ffffed100437bd32 R12: ffff8880129b5400 [ 184.077433] R13: ffff888021bde9e8 R14: ffffffff8352e670 R15: ffff888017267e68 [ 184.078327] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 184.079417] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.080163] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 184.081069] PKRU: 55555554 [ 184.081446] Call Trace: [ 184.081782] [ 184.082081] __iommufd_access_detach+0x1c2/0x2b0 [ 184.082768] iommufd_access_change_pt+0x149/0x270 [ 184.083434] iommufd_access_replace+0xb4/0x120 [ 184.084024] iommufd_test+0x3e5/0x37e0 [ 184.084505] ? lock_release+0x532/0x770 [ 184.085010] ? __might_fault+0x102/0x1b0 [ 184.085520] ? lock_acquire+0x427/0x4c0 [ 184.086023] ? __pfx_iommufd_test+0x10/0x10 [ 184.086602] ? __pfx_lock_release+0x10/0x10 [ 184.087166] ? __pfx_lock_acquire+0x10/0x10 [ 184.087711] ? write_comp_data+0x2f/0x90 [ 184.088225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.088877] ? write_comp_data+0x2f/0x90 [ 184.089809] iommufd_fops_ioctl+0x37d/0x510 [ 184.090356] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.091003] ? write_comp_data+0x2f/0x90 [ 184.091538] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.092125] __x64_sys_ioctl+0x1a3/0x230 [ 184.092630] do_syscall_64+0x3b/0x90 [ 184.093096] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.093727] RIP: 0033:0x7f4b8743ee5d [ 184.094179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.096381] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.097297] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.098145] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.099031] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.099896] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.100746] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.101616] [ 184.101915] irq event stamp: 0 [ 184.102299] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.103106] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.104142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.105148] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.105913] ---[ end trace 0000000000000000 ]--- [ 184.113896] ------------[ cut here ]------------ [ 184.114773] WARNING: CPU: 0 PID: 1749 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.116023] Modules linked in: [ 184.116644] CPU: 0 PID: 1749 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.117703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.119335] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.119957] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.122344] RSP: 0018:ffff888017267bd0 EFLAGS: 00010246 [ 184.123273] RAX: 0000000000000000 RBX: ffff888021bde8a8 RCX: 0000000000000000 [ 184.124135] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 184.125202] RBP: ffff888017267be8 R08: ffffed100437bd33 R09: ffffed100437bd33 [ 184.126062] R10: ffff888021bde993 R11: ffffed100437bd32 R12: ffff88801226d000 [ 184.127209] R13: ffff888021bde9e8 R14: ffff8880135c1a00 R15: 0000000000000000 [ 184.128073] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 184.129254] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.129958] CR2: 0000000020000140 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 184.130929] PKRU: 55555554 [ 184.131442] Call Trace: [ 184.131773] [ 184.132058] iommufd_access_destroy_object+0x65/0x170 [ 184.132697] iommufd_object_destroy_user+0x18e/0x220 [ 184.133548] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.134272] iommufd_access_destroy+0x43/0x70 [ 184.135089] iommufd_test_staccess_release+0x8d/0xd0 [ 184.135753] __fput+0x26d/0xa40 [ 184.136191] ____fput+0x1e/0x30 [ 184.136616] task_work_run+0x1a4/0x2d0 [ 184.137117] ? __pfx_task_work_run+0x10/0x10 [ 184.137679] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.138292] ? switch_task_namespaces+0xa9/0xe0 [ 184.138937] do_exit+0xb17/0x2ef0 [ 184.139402] ? lock_acquire+0x427/0x4c0 [ 184.139926] ? __pfx_lock_release+0x10/0x10 [ 184.140483] ? __kasan_check_write+0x18/0x20 [ 184.141043] ? do_raw_spin_lock+0x132/0x2a0 [ 184.141586] ? __pfx_do_exit+0x10/0x10 [ 184.142087] ? debug_smp_processor_id+0x20/0x30 [ 184.142709] ? rcu_is_watching+0x19/0xb0 [ 184.143244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.143819] ? trace_hardirqs_on+0x26/0x120 [ 184.144366] do_group_exit+0xe0/0x2b0 [ 184.144847] __x64_sys_exit_group+0x47/0x50 [ 184.145381] do_syscall_64+0x3b/0x90 [ 184.145866] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.146562] RIP: 0033:0x7f4b87518a4d [ 184.147041] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.147813] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.148757] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.149645] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.150587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.151515] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.152411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.153320] [ 184.153629] irq event stamp: 0 [ 184.154025] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.154861] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.155926] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.156968] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.157755] ---[ end trace 0000000000000000 ]--- [ 184.159363] ------------[ cut here ]------------ [ 184.159969] WARNING: CPU: 0 PID: 1749 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.161503] Modules linked in: [ 184.161923] CPU: 0 PID: 1749 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.163079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.164739] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.165405] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.167983] RSP: 0018:ffff888017267b78 EFLAGS: 00010246 [ 184.168910] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.169828] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 184.171017] RBP: ffff888017267b98 R08: ffffed100437bd3e R09: ffffed100437bd3e [ 184.171965] R10: ffff888021bde9ef R11: ffffed100437bd3d R12: ffff888021bdea90 [ 184.173171] R13: ffff888021bde8a8 R14: ffffffffffffffff R15: ffff888017267c60 [ 184.174138] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 184.175582] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.176363] CR2: 0000000020000140 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 184.177590] PKRU: 55555554 [ 184.177992] Call Trace: [ 184.178346] [ 184.178731] iommufd_ioas_destroy+0x53/0x70 [ 184.179375] iommufd_fops_release+0x1f7/0x370 [ 184.180285] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.180994] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.181711] ? write_comp_data+0x2f/0x90 [ 184.182478] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.183266] __fput+0x26d/0xa40 [ 184.183751] ____fput+0x1e/0x30 [ 184.184491] task_work_run+0x1a4/0x2d0 [ 184.185065] ? __pfx_task_work_run+0x10/0x10 [ 184.185689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.186694] ? switch_task_namespaces+0xa9/0xe0 [ 184.187395] do_exit+0xb17/0x2ef0 [ 184.187883] ? lock_acquire+0x427/0x4c0 [ 184.188483] ? __pfx_lock_release+0x10/0x10 [ 184.189294] ? __kasan_check_write+0x18/0x20 [ 184.189923] ? do_raw_spin_lock+0x132/0x2a0 [ 184.190597] ? __pfx_do_exit+0x10/0x10 [ 184.191361] ? debug_smp_processor_id+0x20/0x30 [ 184.192026] ? rcu_is_watching+0x19/0xb0 [ 184.192600] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.193364] ? trace_hardirqs_on+0x26/0x120 [ 184.194128] do_group_exit+0xe0/0x2b0 [ 184.194781] __x64_sys_exit_group+0x47/0x50 [ 184.195425] do_syscall_64+0x3b/0x90 [ 184.196227] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.196959] RIP: 0033:0x7f4b87518a4d [ 184.197475] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.198637] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.199710] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.200956] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.201925] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.203245] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.204191] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.205464] [ 184.205805] irq event stamp: 0 [ 184.206242] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.207320] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.208595] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.209995] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.210909] ---[ end trace 0000000000000000 ]--- [ 184.218280] ------------[ cut here ]------------ [ 184.219336] WARNING: CPU: 0 PID: 1750 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.220691] Modules linked in: [ 184.221122] CPU: 0 PID: 1750 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.222261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.223791] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.224455] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.226863] RSP: 0018:ffff888011da7bb8 EFLAGS: 00010246 [ 184.227587] RAX: 0000000000000000 RBX: ffff88801722c8a8 RCX: 0000000000000000 [ 184.228521] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 184.229453] RBP: ffff888011da7bd0 R08: ffffed1002e45933 R09: ffffed1002e45933 [ 184.230383] R10: ffff88801722c993 R11: ffffed1002e45932 R12: ffff888013b21000 [ 184.231360] R13: ffff88801722c9e8 R14: ffffffff8352e670 R15: ffff888011da7e68 [ 184.232300] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 184.233353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.234116] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 184.235092] PKRU: 55555554 [ 184.235493] Call Trace: [ 184.235845] [ 184.236152] __iommufd_access_detach+0x1c2/0x2b0 [ 184.236802] iommufd_access_change_pt+0x149/0x270 [ 184.237456] iommufd_access_replace+0xb4/0x120 [ 184.238078] iommufd_test+0x3e5/0x37e0 [ 184.238648] ? lock_release+0x532/0x770 [ 184.239204] ? __might_fault+0x102/0x1b0 [ 184.239759] ? lock_acquire+0x427/0x4c0 [ 184.240304] ? __pfx_iommufd_test+0x10/0x10 [ 184.240879] ? __pfx_lock_release+0x10/0x10 [ 184.241466] ? __pfx_lock_acquire+0x10/0x10 [ 184.242056] ? write_comp_data+0x2f/0x90 [ 184.242671] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.243341] ? write_comp_data+0x2f/0x90 [ 184.243908] iommufd_fops_ioctl+0x37d/0x510 [ 184.244491] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.245143] ? write_comp_data+0x2f/0x90 [ 184.245677] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.246298] __x64_sys_ioctl+0x1a3/0x230 [ 184.246775] do_syscall_64+0x3b/0x90 [ 184.247173] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.247665] RIP: 0033:0x7f4b8743ee5d [ 184.248012] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.249681] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.250384] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.251072] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.251741] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.252399] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.253048] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.253711] [ 184.253930] irq event stamp: 0 [ 184.254224] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.254848] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.255641] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.256409] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.256994] ---[ end trace 0000000000000000 ]--- [ 184.260175] ------------[ cut here ]------------ [ 184.260645] WARNING: CPU: 0 PID: 1750 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.261577] Modules linked in: [ 184.261873] CPU: 0 PID: 1750 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.262717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.263763] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.264214] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.265902] RSP: 0018:ffff888011da7bd0 EFLAGS: 00010246 [ 184.266396] RAX: 0000000000000000 RBX: ffff88801722c8a8 RCX: 0000000000000000 [ 184.267058] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 184.267703] RBP: ffff888011da7be8 R08: ffffed1002e45933 R09: ffffed1002e45933 [ 184.268333] R10: ffff88801722c993 R11: ffffed1002e45932 R12: ffff8880129b7400 [ 184.268976] R13: ffff88801722c9e8 R14: ffff88802085ef00 R15: 0000000000000000 [ 184.269617] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 184.270333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.270890] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 184.271551] PKRU: 55555554 [ 184.271807] Call Trace: [ 184.272038] [ 184.272241] iommufd_access_destroy_object+0x65/0x170 [ 184.272713] iommufd_object_destroy_user+0x18e/0x220 [ 184.273175] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.273704] iommufd_access_destroy+0x43/0x70 [ 184.274122] iommufd_test_staccess_release+0x8d/0xd0 [ 184.274625] __fput+0x26d/0xa40 [ 184.274943] ____fput+0x1e/0x30 [ 184.275269] task_work_run+0x1a4/0x2d0 [ 184.275630] ? __pfx_task_work_run+0x10/0x10 [ 184.276029] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.276469] ? switch_task_namespaces+0xa9/0xe0 [ 184.276902] do_exit+0xb17/0x2ef0 [ 184.277215] ? lock_acquire+0x427/0x4c0 [ 184.277563] ? __pfx_lock_release+0x10/0x10 [ 184.277934] ? __kasan_check_write+0x18/0x20 [ 184.278311] ? do_raw_spin_lock+0x132/0x2a0 [ 184.278710] ? __pfx_do_exit+0x10/0x10 [ 184.279053] ? debug_smp_processor_id+0x20/0x30 [ 184.279466] ? rcu_is_watching+0x19/0xb0 [ 184.279816] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.280204] ? trace_hardirqs_on+0x26/0x120 [ 184.280576] do_group_exit+0xe0/0x2b0 [ 184.280906] __x64_sys_exit_group+0x47/0x50 [ 184.281274] do_syscall_64+0x3b/0x90 [ 184.281599] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.282051] RIP: 0033:0x7f4b87518a4d [ 184.282374] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.282922] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.283578] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.284178] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.284775] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.285374] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.285975] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.286609] [ 184.286811] irq event stamp: 0 [ 184.287083] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.287630] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.288330] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.289025] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.289560] ---[ end trace 0000000000000000 ]--- [ 184.290301] ------------[ cut here ]------------ [ 184.290726] WARNING: CPU: 0 PID: 1750 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.291601] Modules linked in: [ 184.291876] CPU: 0 PID: 1750 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.292613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.293578] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.294021] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.295585] RSP: 0018:ffff888011da7b78 EFLAGS: 00010246 [ 184.296030] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.296619] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 184.297204] RBP: ffff888011da7b98 R08: ffffed1002e4593e R09: ffffed1002e4593e [ 184.297788] R10: ffff88801722c9ef R11: ffffed1002e4593d R12: ffff88801722ca90 [ 184.298374] R13: ffff88801722c8a8 R14: ffffffffffffffff R15: ffff888011da7c60 [ 184.298985] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 184.299662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.300138] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 184.300725] PKRU: 55555554 [ 184.300960] Call Trace: [ 184.301171] [ 184.301360] iommufd_ioas_destroy+0x53/0x70 [ 184.301725] iommufd_fops_release+0x1f7/0x370 [ 184.302105] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.302555] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.302967] ? write_comp_data+0x2f/0x90 [ 184.303328] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.303746] __fput+0x26d/0xa40 [ 184.304035] ____fput+0x1e/0x30 [ 184.304318] task_work_run+0x1a4/0x2d0 [ 184.304647] ? __pfx_task_work_run+0x10/0x10 [ 184.305017] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.305426] ? switch_task_namespaces+0xa9/0xe0 [ 184.305829] do_exit+0xb17/0x2ef0 [ 184.306122] ? lock_acquire+0x427/0x4c0 [ 184.306466] ? __pfx_lock_release+0x10/0x10 [ 184.306858] ? __kasan_check_write+0x18/0x20 [ 184.307250] ? do_raw_spin_lock+0x132/0x2a0 [ 184.307613] ? __pfx_do_exit+0x10/0x10 [ 184.307946] ? debug_smp_processor_id+0x20/0x30 [ 184.308335] ? rcu_is_watching+0x19/0xb0 [ 184.308674] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.309052] ? trace_hardirqs_on+0x26/0x120 [ 184.309416] do_group_exit+0xe0/0x2b0 [ 184.309732] __x64_sys_exit_group+0x47/0x50 [ 184.310088] do_syscall_64+0x3b/0x90 [ 184.310409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.310899] RIP: 0033:0x7f4b87518a4d [ 184.311218] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.311727] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.312353] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.312935] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.313516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.314103] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.314724] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.315333] [ 184.315526] irq event stamp: 0 [ 184.315787] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.316305] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.316996] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.317680] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.318195] ---[ end trace 0000000000000000 ]--- [ 184.323839] ------------[ cut here ]------------ [ 184.324425] WARNING: CPU: 1 PID: 1751 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.325572] Modules linked in: [ 184.325950] CPU: 1 PID: 1751 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.327453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.328714] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.329276] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.331342] RSP: 0018:ffff88801885fbb8 EFLAGS: 00010246 [ 184.331950] RAX: 0000000000000000 RBX: ffff888016ec18a8 RCX: 0000000000000000 [ 184.332743] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 184.333535] RBP: ffff88801885fbd0 R08: ffffed1002dd8333 R09: ffffed1002dd8333 [ 184.334328] R10: ffff888016ec1993 R11: ffffed1002dd8332 R12: ffff88801890fc00 [ 184.335167] R13: ffff888016ec19e8 R14: ffffffff8352e670 R15: ffff88801885fe68 [ 184.335956] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.336864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.337520] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 184.338329] PKRU: 55555554 [ 184.338686] Call Trace: [ 184.338986] [ 184.339323] __iommufd_access_detach+0x1c2/0x2b0 [ 184.339732] iommufd_access_change_pt+0x149/0x270 [ 184.340142] iommufd_access_replace+0xb4/0x120 [ 184.340527] iommufd_test+0x3e5/0x37e0 [ 184.340846] ? lock_release+0x532/0x770 [ 184.341187] ? __might_fault+0x102/0x1b0 [ 184.341526] ? lock_acquire+0x427/0x4c0 [ 184.341861] ? __pfx_iommufd_test+0x10/0x10 [ 184.342209] ? __pfx_lock_release+0x10/0x10 [ 184.342595] ? __pfx_lock_acquire+0x10/0x10 [ 184.342960] ? write_comp_data+0x2f/0x90 [ 184.343316] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.343703] ? write_comp_data+0x2f/0x90 [ 184.344216] iommufd_fops_ioctl+0x37d/0x510 [ 184.344581] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.344987] ? write_comp_data+0x2f/0x90 [ 184.345333] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.345751] __x64_sys_ioctl+0x1a3/0x230 [ 184.346192] do_syscall_64+0x3b/0x90 [ 184.346539] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.346976] RIP: 0033:0x7f4b8743ee5d [ 184.347312] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.348945] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.349584] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.350304] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.350907] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.351505] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.352091] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.352817] [ 184.353014] irq event stamp: 0 [ 184.353277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.353795] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.354552] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.355296] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.355824] ---[ end trace 0000000000000000 ]--- [ 184.358730] ------------[ cut here ]------------ [ 184.359166] WARNING: CPU: 1 PID: 1751 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.359997] Modules linked in: [ 184.360264] CPU: 1 PID: 1751 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.361108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.362032] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.362775] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.364281] RSP: 0018:ffff88801885fbd0 EFLAGS: 00010246 [ 184.364807] RAX: 0000000000000000 RBX: ffff888016ec18a8 RCX: 0000000000000000 [ 184.365443] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 184.366026] RBP: ffff88801885fbe8 R08: ffffed1002dd8333 R09: ffffed1002dd8333 [ 184.366699] R10: ffff888016ec1993 R11: ffffed1002dd8332 R12: ffff888012b46400 [ 184.367315] R13: ffff888016ec19e8 R14: ffff888020806c00 R15: 0000000000000000 [ 184.367902] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.368567] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.369184] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.369776] PKRU: 55555554 [ 184.370010] Call Trace: [ 184.370222] [ 184.370409] iommufd_access_destroy_object+0x65/0x170 [ 184.371041] iommufd_object_destroy_user+0x18e/0x220 [ 184.371472] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.371963] iommufd_access_destroy+0x43/0x70 [ 184.372345] iommufd_test_staccess_release+0x8d/0xd0 [ 184.372773] __fput+0x26d/0xa40 [ 184.373208] ____fput+0x1e/0x30 [ 184.373496] task_work_run+0x1a4/0x2d0 [ 184.373830] ? __pfx_task_work_run+0x10/0x10 [ 184.374205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.374641] ? switch_task_namespaces+0xa9/0xe0 [ 184.375039] do_exit+0xb17/0x2ef0 [ 184.375415] ? lock_acquire+0x427/0x4c0 [ 184.375826] ? __pfx_lock_release+0x10/0x10 [ 184.376190] ? __kasan_check_write+0x18/0x20 [ 184.376561] ? do_raw_spin_lock+0x132/0x2a0 [ 184.376921] ? __pfx_do_exit+0x10/0x10 [ 184.377328] ? debug_smp_processor_id+0x20/0x30 [ 184.377780] ? rcu_is_watching+0x19/0xb0 [ 184.378124] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.378528] ? trace_hardirqs_on+0x26/0x120 [ 184.378894] do_group_exit+0xe0/0x2b0 [ 184.379224] __x64_sys_exit_group+0x47/0x50 [ 184.379716] do_syscall_64+0x3b/0x90 [ 184.380043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.380477] RIP: 0033:0x7f4b87518a4d [ 184.380784] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.381351] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.382031] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.382638] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.383244] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.383984] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.384599] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.385213] [ 184.385440] irq event stamp: 0 [ 184.385807] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.386346] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.387096] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.387844] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.388502] ---[ end trace 0000000000000000 ]--- [ 184.389382] ------------[ cut here ]------------ [ 184.389802] WARNING: CPU: 1 PID: 1751 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.390959] Modules linked in: [ 184.391252] CPU: 1 PID: 1751 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.392061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.393099] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.393545] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.395274] RSP: 0018:ffff88801885fb78 EFLAGS: 00010246 [ 184.395740] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.396350] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 184.397099] RBP: ffff88801885fb98 R08: ffffed1002dd833e R09: ffffed1002dd833e [ 184.397721] R10: ffff888016ec19ef R11: ffffed1002dd833d R12: ffff888016ec1a90 [ 184.398338] R13: ffff888016ec18a8 R14: ffffffffffffffff R15: ffff88801885fc60 [ 184.399138] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.399845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.400350] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.401069] PKRU: 55555554 [ 184.401388] Call Trace: [ 184.401615] [ 184.401816] iommufd_ioas_destroy+0x53/0x70 [ 184.402205] iommufd_fops_release+0x1f7/0x370 [ 184.402632] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.403073] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.403638] ? write_comp_data+0x2f/0x90 [ 184.404007] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.404452] __fput+0x26d/0xa40 [ 184.404758] ____fput+0x1e/0x30 [ 184.405056] task_work_run+0x1a4/0x2d0 [ 184.405543] ? __pfx_task_work_run+0x10/0x10 [ 184.405940] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.406378] ? switch_task_namespaces+0xa9/0xe0 [ 184.406817] do_exit+0xb17/0x2ef0 [ 184.407134] ? lock_acquire+0x427/0x4c0 [ 184.407499] ? __pfx_lock_release+0x10/0x10 [ 184.408009] ? __kasan_check_write+0x18/0x20 [ 184.408401] ? do_raw_spin_lock+0x132/0x2a0 [ 184.408792] ? __pfx_do_exit+0x10/0x10 [ 184.409141] ? debug_smp_processor_id+0x20/0x30 [ 184.409596] ? rcu_is_watching+0x19/0xb0 [ 184.410033] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.410437] ? trace_hardirqs_on+0x26/0x120 [ 184.410843] do_group_exit+0xe0/0x2b0 [ 184.411199] __x64_sys_exit_group+0x47/0x50 [ 184.411580] do_syscall_64+0x3b/0x90 [ 184.411939] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.412513] RIP: 0033:0x7f4b87518a4d [ 184.412840] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.413382] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.414122] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.414824] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.415465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.416084] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.416848] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.417481] [ 184.417689] irq event stamp: 0 [ 184.417964] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.418531] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.419275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.419995] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.420545] ---[ end trace 0000000000000000 ]--- [ 184.424381] ------------[ cut here ]------------ [ 184.424838] WARNING: CPU: 1 PID: 1752 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.425721] Modules linked in: [ 184.425997] CPU: 1 PID: 1752 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.426770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.427739] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.428182] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.429725] RSP: 0018:ffff88801709fbb8 EFLAGS: 00010246 [ 184.430182] RAX: 0000000000000000 RBX: ffff888023dc30a8 RCX: 0000000000000000 [ 184.430815] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 184.431433] RBP: ffff88801709fbd0 R08: ffffed10047b8633 R09: ffffed10047b8633 [ 184.432042] R10: ffff888023dc3193 R11: ffffed10047b8632 R12: ffff888010827000 [ 184.432651] R13: ffff888023dc31e8 R14: ffffffff8352e670 R15: ffff88801709fe68 [ 184.433254] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.433937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.434431] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 184.435065] PKRU: 55555554 [ 184.435318] Call Trace: [ 184.435537] [ 184.435733] __iommufd_access_detach+0x1c2/0x2b0 [ 184.436159] iommufd_access_change_pt+0x149/0x270 [ 184.436584] iommufd_access_replace+0xb4/0x120 [ 184.436987] iommufd_test+0x3e5/0x37e0 [ 184.437322] ? lock_release+0x532/0x770 [ 184.437674] ? __might_fault+0x102/0x1b0 [ 184.438030] ? lock_acquire+0x427/0x4c0 [ 184.438380] ? __pfx_iommufd_test+0x10/0x10 [ 184.438774] ? __pfx_lock_release+0x10/0x10 [ 184.439173] ? __pfx_lock_acquire+0x10/0x10 [ 184.439559] ? write_comp_data+0x2f/0x90 [ 184.439924] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.440350] ? write_comp_data+0x2f/0x90 [ 184.440712] iommufd_fops_ioctl+0x37d/0x510 [ 184.441085] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.441511] ? write_comp_data+0x2f/0x90 [ 184.441870] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.442297] __x64_sys_ioctl+0x1a3/0x230 [ 184.442685] do_syscall_64+0x3b/0x90 [ 184.443021] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.443487] RIP: 0033:0x7f4b8743ee5d [ 184.443815] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.445390] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.446045] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.446692] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.447316] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.447925] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.448533] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.449148] [ 184.449354] irq event stamp: 0 [ 184.449627] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.450169] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.450908] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.451626] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.452166] ---[ end trace 0000000000000000 ]--- [ 184.455095] ------------[ cut here ]------------ [ 184.455540] WARNING: CPU: 1 PID: 1752 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.456403] Modules linked in: [ 184.456680] CPU: 1 PID: 1752 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.457423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.458381] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.458827] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.460387] RSP: 0018:ffff88801709fbd0 EFLAGS: 00010246 [ 184.460834] RAX: 0000000000000000 RBX: ffff888023dc30a8 RCX: 0000000000000000 [ 184.461432] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 184.462029] RBP: ffff88801709fbe8 R08: ffffed10047b8633 R09: ffffed10047b8633 [ 184.462628] R10: ffff888023dc3193 R11: ffffed10047b8632 R12: ffff88801890e000 [ 184.463219] R13: ffff888023dc31e8 R14: ffff88801663f600 R15: 0000000000000000 [ 184.463793] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.464441] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.464907] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.465481] PKRU: 55555554 [ 184.465710] Call Trace: [ 184.465919] [ 184.466106] iommufd_access_destroy_object+0x65/0x170 [ 184.466555] iommufd_object_destroy_user+0x18e/0x220 [ 184.466975] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.467463] iommufd_access_destroy+0x43/0x70 [ 184.467845] iommufd_test_staccess_release+0x8d/0xd0 [ 184.468270] __fput+0x26d/0xa40 [ 184.468555] ____fput+0x1e/0x30 [ 184.468836] task_work_run+0x1a4/0x2d0 [ 184.469165] ? __pfx_task_work_run+0x10/0x10 [ 184.469529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.469930] ? switch_task_namespaces+0xa9/0xe0 [ 184.470318] do_exit+0xb17/0x2ef0 [ 184.470620] ? lock_acquire+0x427/0x4c0 [ 184.470954] ? __pfx_lock_release+0x10/0x10 [ 184.471320] ? __kasan_check_write+0x18/0x20 [ 184.471686] ? do_raw_spin_lock+0x132/0x2a0 [ 184.472038] ? __pfx_do_exit+0x10/0x10 [ 184.472363] ? debug_smp_processor_id+0x20/0x30 [ 184.472743] ? rcu_is_watching+0x19/0xb0 [ 184.473076] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.473449] ? trace_hardirqs_on+0x26/0x120 [ 184.473809] do_group_exit+0xe0/0x2b0 [ 184.474125] __x64_sys_exit_group+0x47/0x50 [ 184.474477] do_syscall_64+0x3b/0x90 [ 184.474810] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.475252] RIP: 0033:0x7f4b87518a4d [ 184.475559] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.476060] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.476672] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.477248] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.477822] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.478398] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.478991] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.479587] [ 184.479780] irq event stamp: 0 [ 184.480034] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.480543] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.481221] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.481894] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.482403] ---[ end trace 0000000000000000 ]--- [ 184.483129] ------------[ cut here ]------------ [ 184.483514] WARNING: CPU: 1 PID: 1752 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.484336] Modules linked in: [ 184.484599] CPU: 1 PID: 1752 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.485304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.486208] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.486645] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.488120] RSP: 0018:ffff88801709fb78 EFLAGS: 00010246 [ 184.488551] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.489126] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 184.489697] RBP: ffff88801709fb98 R08: ffffed10047b863e R09: ffffed10047b863e [ 184.490272] R10: ffff888023dc31ef R11: ffffed10047b863d R12: ffff888023dc3290 [ 184.490874] R13: ffff888023dc30a8 R14: ffffffffffffffff R15: ffff88801709fc60 [ 184.491462] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.492107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.492577] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.493151] PKRU: 55555554 [ 184.493381] Call Trace: [ 184.493588] [ 184.493774] iommufd_ioas_destroy+0x53/0x70 [ 184.494134] iommufd_fops_release+0x1f7/0x370 [ 184.494529] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.494942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.495350] ? write_comp_data+0x2f/0x90 [ 184.495691] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.496100] __fput+0x26d/0xa40 [ 184.496381] ____fput+0x1e/0x30 [ 184.496663] task_work_run+0x1a4/0x2d0 [ 184.496992] ? __pfx_task_work_run+0x10/0x10 [ 184.497358] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.497758] ? switch_task_namespaces+0xa9/0xe0 [ 184.498147] do_exit+0xb17/0x2ef0 [ 184.498434] ? lock_acquire+0x427/0x4c0 [ 184.498783] ? __pfx_lock_release+0x10/0x10 [ 184.499158] ? __kasan_check_write+0x18/0x20 [ 184.499524] ? do_raw_spin_lock+0x132/0x2a0 [ 184.499877] ? __pfx_do_exit+0x10/0x10 [ 184.500208] ? debug_smp_processor_id+0x20/0x30 [ 184.500596] ? rcu_is_watching+0x19/0xb0 [ 184.500932] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.501309] ? trace_hardirqs_on+0x26/0x120 [ 184.501666] do_group_exit+0xe0/0x2b0 [ 184.501980] __x64_sys_exit_group+0x47/0x50 [ 184.502330] do_syscall_64+0x3b/0x90 [ 184.502657] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.503088] RIP: 0033:0x7f4b87518a4d [ 184.503401] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.503896] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.504513] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.505099] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.505676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.506264] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.506859] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.507448] [ 184.507639] irq event stamp: 0 [ 184.507894] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.508403] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.509083] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.509758] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.510266] ---[ end trace 0000000000000000 ]--- [ 184.514263] ------------[ cut here ]------------ [ 184.514715] WARNING: CPU: 1 PID: 1753 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.515540] Modules linked in: [ 184.515799] CPU: 1 PID: 1753 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.516507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.517405] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.517804] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.519315] RSP: 0018:ffff8880219d7bb8 EFLAGS: 00010246 [ 184.519745] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 184.520314] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 184.520883] RBP: ffff8880219d7bd0 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 184.521456] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff88801422e000 [ 184.522028] R13: ffff88801587c9e8 R14: ffffffff8352e670 R15: ffff8880219d7e68 [ 184.522613] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.523279] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.523753] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 184.524330] PKRU: 55555554 [ 184.524564] Call Trace: [ 184.524775] [ 184.524959] __iommufd_access_detach+0x1c2/0x2b0 [ 184.525365] iommufd_access_change_pt+0x149/0x270 [ 184.525764] iommufd_access_replace+0xb4/0x120 [ 184.526148] iommufd_test+0x3e5/0x37e0 [ 184.526467] ? lock_release+0x532/0x770 [ 184.526819] ? __might_fault+0x102/0x1b0 [ 184.527171] ? lock_acquire+0x427/0x4c0 [ 184.527510] ? __pfx_iommufd_test+0x10/0x10 [ 184.527860] ? __pfx_lock_release+0x10/0x10 [ 184.528216] ? __pfx_lock_acquire+0x10/0x10 [ 184.528577] ? write_comp_data+0x2f/0x90 [ 184.528914] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.529316] ? write_comp_data+0x2f/0x90 [ 184.529659] iommufd_fops_ioctl+0x37d/0x510 [ 184.530018] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.530418] ? write_comp_data+0x2f/0x90 [ 184.530774] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.531185] __x64_sys_ioctl+0x1a3/0x230 [ 184.531526] do_syscall_64+0x3b/0x90 [ 184.531840] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.532271] RIP: 0033:0x7f4b8743ee5d [ 184.532574] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.534039] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.534678] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.535257] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.535816] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.536371] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.536923] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.537484] [ 184.537667] irq event stamp: 0 [ 184.537913] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.538404] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.539070] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.539728] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.540217] ---[ end trace 0000000000000000 ]--- [ 184.542961] ------------[ cut here ]------------ [ 184.543365] WARNING: CPU: 1 PID: 1753 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.544162] Modules linked in: [ 184.544416] CPU: 1 PID: 1753 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.545094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.545966] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.546358] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.548201] RSP: 0018:ffff8880219d7bd0 EFLAGS: 00010246 [ 184.548627] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 184.549183] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 184.549737] RBP: ffff8880219d7be8 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 184.550283] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff888010824400 [ 184.550849] R13: ffff88801587c9e8 R14: ffff888014b93700 R15: 0000000000000000 [ 184.551405] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.552031] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.552478] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.553029] PKRU: 55555554 [ 184.553250] Call Trace: [ 184.553452] [ 184.553630] iommufd_access_destroy_object+0x65/0x170 [ 184.554037] iommufd_object_destroy_user+0x18e/0x220 [ 184.554437] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.554912] iommufd_access_destroy+0x43/0x70 [ 184.555287] iommufd_test_staccess_release+0x8d/0xd0 [ 184.555693] __fput+0x26d/0xa40 [ 184.555970] ____fput+0x1e/0x30 [ 184.556240] task_work_run+0x1a4/0x2d0 [ 184.556552] ? __pfx_task_work_run+0x10/0x10 [ 184.556902] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.557292] ? switch_task_namespaces+0xa9/0xe0 [ 184.557667] do_exit+0xb17/0x2ef0 [ 184.557938] ? lock_acquire+0x427/0x4c0 [ 184.558256] ? __pfx_lock_release+0x10/0x10 [ 184.558616] ? __kasan_check_write+0x18/0x20 [ 184.558966] ? do_raw_spin_lock+0x132/0x2a0 [ 184.559310] ? __pfx_do_exit+0x10/0x10 [ 184.559622] ? debug_smp_processor_id+0x20/0x30 [ 184.559990] ? rcu_is_watching+0x19/0xb0 [ 184.560311] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.560668] ? trace_hardirqs_on+0x26/0x120 [ 184.561013] do_group_exit+0xe0/0x2b0 [ 184.561314] __x64_sys_exit_group+0x47/0x50 [ 184.561649] do_syscall_64+0x3b/0x90 [ 184.561947] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.562376] RIP: 0033:0x7f4b87518a4d [ 184.562689] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.563187] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.563779] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.564330] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.564885] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.565437] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.565989] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.566572] [ 184.566760] irq event stamp: 0 [ 184.567007] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.567517] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.568167] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.568812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.569298] ---[ end trace 0000000000000000 ]--- [ 184.569993] ------------[ cut here ]------------ [ 184.570360] WARNING: CPU: 1 PID: 1753 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.571176] Modules linked in: [ 184.571432] CPU: 1 PID: 1753 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.572116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.572993] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.573399] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.574829] RSP: 0018:ffff8880219d7b78 EFLAGS: 00010246 [ 184.575252] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.575805] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 184.576356] RBP: ffff8880219d7b98 R08: ffffed1002b0f93e R09: ffffed1002b0f93e [ 184.576908] R10: ffff88801587c9ef R11: ffffed1002b0f93d R12: ffff88801587ca90 [ 184.577466] R13: ffff88801587c8a8 R14: ffffffffffffffff R15: ffff8880219d7c60 [ 184.578015] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.578651] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.579104] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.579667] PKRU: 55555554 [ 184.579888] Call Trace: [ 184.580086] [ 184.580262] iommufd_ioas_destroy+0x53/0x70 [ 184.580606] iommufd_fops_release+0x1f7/0x370 [ 184.580962] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.581355] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.581741] ? write_comp_data+0x2f/0x90 [ 184.582066] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.582460] __fput+0x26d/0xa40 [ 184.582749] ____fput+0x1e/0x30 [ 184.583016] task_work_run+0x1a4/0x2d0 [ 184.583337] ? __pfx_task_work_run+0x10/0x10 [ 184.583690] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.584075] ? switch_task_namespaces+0xa9/0xe0 [ 184.584450] do_exit+0xb17/0x2ef0 [ 184.584722] ? lock_acquire+0x427/0x4c0 [ 184.585040] ? __pfx_lock_release+0x10/0x10 [ 184.585384] ? __kasan_check_write+0x18/0x20 [ 184.585731] ? do_raw_spin_lock+0x132/0x2a0 [ 184.586070] ? __pfx_do_exit+0x10/0x10 [ 184.586384] ? debug_smp_processor_id+0x20/0x30 [ 184.586767] ? rcu_is_watching+0x19/0xb0 [ 184.587087] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.587452] ? trace_hardirqs_on+0x26/0x120 [ 184.587800] do_group_exit+0xe0/0x2b0 [ 184.588101] __x64_sys_exit_group+0x47/0x50 [ 184.588441] do_syscall_64+0x3b/0x90 [ 184.588740] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.589148] RIP: 0033:0x7f4b87518a4d [ 184.589438] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.589915] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.590524] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.591075] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.591632] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.592184] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.592738] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.593296] [ 184.593481] irq event stamp: 0 [ 184.593727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.594214] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.594878] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.595540] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.596032] ---[ end trace 0000000000000000 ]--- [ 184.600079] ------------[ cut here ]------------ [ 184.600482] WARNING: CPU: 1 PID: 1754 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.601266] Modules linked in: [ 184.601517] CPU: 1 PID: 1754 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.602715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.603604] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.603994] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.605546] RSP: 0018:ffff88800ea77bb8 EFLAGS: 00010246 [ 184.605963] RAX: 0000000000000000 RBX: ffff888010b7e8a8 RCX: 0000000000000000 [ 184.606652] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 184.607213] RBP: ffff88800ea77bd0 R08: ffffed100216fd33 R09: ffffed100216fd33 [ 184.607772] R10: ffff888010b7e993 R11: ffffed100216fd32 R12: ffff888014738000 [ 184.608451] R13: ffff888010b7e9e8 R14: ffffffff8352e670 R15: ffff88800ea77e68 [ 184.609007] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.609634] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.610086] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 184.610788] PKRU: 55555554 [ 184.611016] Call Trace: [ 184.611226] [ 184.611406] __iommufd_access_detach+0x1c2/0x2b0 [ 184.611788] iommufd_access_change_pt+0x149/0x270 [ 184.612177] iommufd_access_replace+0xb4/0x120 [ 184.612616] iommufd_test+0x3e5/0x37e0 [ 184.612991] ? lock_release+0x532/0x770 [ 184.613314] ? __might_fault+0x102/0x1b0 [ 184.613649] ? lock_acquire+0x427/0x4c0 [ 184.613975] ? __pfx_iommufd_test+0x10/0x10 [ 184.614349] ? __pfx_lock_release+0x10/0x10 [ 184.614794] ? __pfx_lock_acquire+0x10/0x10 [ 184.615152] ? write_comp_data+0x2f/0x90 [ 184.615486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.615877] ? write_comp_data+0x2f/0x90 [ 184.616210] iommufd_fops_ioctl+0x37d/0x510 [ 184.616556] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.617058] ? write_comp_data+0x2f/0x90 [ 184.617389] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.617775] __x64_sys_ioctl+0x1a3/0x230 [ 184.618109] do_syscall_64+0x3b/0x90 [ 184.618436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.618972] RIP: 0033:0x7f4b8743ee5d [ 184.619281] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.620759] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.621423] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.621978] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.622615] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.623236] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.623795] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.624366] [ 184.624558] irq event stamp: 0 [ 184.624938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.625455] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.626141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.626988] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.627519] ---[ end trace 0000000000000000 ]--- [ 184.630290] ------------[ cut here ]------------ [ 184.630839] WARNING: CPU: 1 PID: 1754 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.631689] Modules linked in: [ 184.631956] CPU: 1 PID: 1754 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.632748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.633729] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.634142] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.635798] RSP: 0018:ffff88800ea77bd0 EFLAGS: 00010246 [ 184.636238] RAX: 0000000000000000 RBX: ffff888010b7e8a8 RCX: 0000000000000000 [ 184.636890] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 184.637532] RBP: ffff88800ea77be8 R08: ffffed100216fd33 R09: ffffed100216fd33 [ 184.638116] R10: ffff888010b7e993 R11: ffffed100216fd32 R12: ffff88801422f800 [ 184.638797] R13: ffff888010b7e9e8 R14: ffff888015bb8300 R15: 0000000000000000 [ 184.639497] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.640155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.640632] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.641375] PKRU: 55555554 [ 184.641609] Call Trace: [ 184.641820] [ 184.642005] iommufd_access_destroy_object+0x65/0x170 [ 184.642433] iommufd_object_destroy_user+0x18e/0x220 [ 184.642908] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.643476] iommufd_access_destroy+0x43/0x70 [ 184.643862] iommufd_test_staccess_release+0x8d/0xd0 [ 184.644286] __fput+0x26d/0xa40 [ 184.644572] ____fput+0x1e/0x30 [ 184.644856] task_work_run+0x1a4/0x2d0 [ 184.645325] ? __pfx_task_work_run+0x10/0x10 [ 184.645693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.646101] ? switch_task_namespaces+0xa9/0xe0 [ 184.646496] do_exit+0xb17/0x2ef0 [ 184.646807] ? lock_acquire+0x427/0x4c0 [ 184.647191] ? __pfx_lock_release+0x10/0x10 [ 184.647737] ? __kasan_check_write+0x18/0x20 [ 184.648125] ? do_raw_spin_lock+0x132/0x2a0 [ 184.648508] ? __pfx_do_exit+0x10/0x10 [ 184.648851] ? debug_smp_processor_id+0x20/0x30 [ 184.649336] ? rcu_is_watching+0x19/0xb0 [ 184.649756] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.650152] ? trace_hardirqs_on+0x26/0x120 [ 184.650559] do_group_exit+0xe0/0x2b0 [ 184.650902] __x64_sys_exit_group+0x47/0x50 [ 184.651293] do_syscall_64+0x3b/0x90 [ 184.651705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.652209] RIP: 0033:0x7f4b87518a4d [ 184.652533] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.653066] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.653885] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.654529] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.655154] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.655785] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.656557] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.657197] [ 184.657400] irq event stamp: 0 [ 184.657679] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.658383] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.659146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.659877] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.660582] ---[ end trace 0000000000000000 ]--- [ 184.661347] ------------[ cut here ]------------ [ 184.661761] WARNING: CPU: 1 PID: 1754 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.662819] Modules linked in: [ 184.663105] CPU: 1 PID: 1754 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.663880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.665026] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.665486] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.667255] RSP: 0018:ffff88800ea77b78 EFLAGS: 00010246 [ 184.667727] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.668346] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 184.669049] RBP: ffff88800ea77b98 R08: ffffed100216fd3e R09: ffffed100216fd3e [ 184.669745] R10: ffff888010b7e9ef R11: ffffed100216fd3d R12: ffff888010b7ea90 [ 184.670369] R13: ffff888010b7e8a8 R14: ffffffffffffffff R15: ffff88800ea77c60 [ 184.671082] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.671863] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.672369] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.672992] PKRU: 55555554 [ 184.673244] Call Trace: [ 184.673559] [ 184.673835] iommufd_ioas_destroy+0x53/0x70 [ 184.674225] iommufd_fops_release+0x1f7/0x370 [ 184.674645] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.675086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.675530] ? write_comp_data+0x2f/0x90 [ 184.675984] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.676503] __fput+0x26d/0xa40 [ 184.676808] ____fput+0x1e/0x30 [ 184.677110] task_work_run+0x1a4/0x2d0 [ 184.677463] ? __pfx_task_work_run+0x10/0x10 [ 184.677906] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.678425] ? switch_task_namespaces+0xa9/0xe0 [ 184.678874] do_exit+0xb17/0x2ef0 [ 184.679192] ? lock_acquire+0x427/0x4c0 [ 184.679555] ? __pfx_lock_release+0x10/0x10 [ 184.679940] ? __kasan_check_write+0x18/0x20 [ 184.680371] ? do_raw_spin_lock+0x132/0x2a0 [ 184.680852] ? __pfx_do_exit+0x10/0x10 [ 184.681204] ? debug_smp_processor_id+0x20/0x30 [ 184.681616] ? rcu_is_watching+0x19/0xb0 [ 184.681976] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.682465] ? trace_hardirqs_on+0x26/0x120 [ 184.682910] do_group_exit+0xe0/0x2b0 [ 184.683269] __x64_sys_exit_group+0x47/0x50 [ 184.683643] do_syscall_64+0x3b/0x90 [ 184.683981] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.684446] RIP: 0033:0x7f4b87518a4d [ 184.684859] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.685452] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.686111] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.686888] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.687522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.688145] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.688770] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.689561] [ 184.689774] irq event stamp: 0 [ 184.690051] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.690626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.691414] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.692236] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.692791] ---[ end trace 0000000000000000 ]--- [ 184.696899] ------------[ cut here ]------------ [ 184.697348] WARNING: CPU: 1 PID: 1755 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.698370] Modules linked in: [ 184.698877] CPU: 1 PID: 1755 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.699651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.700712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.701191] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.703061] RSP: 0018:ffff888013927bb8 EFLAGS: 00010246 [ 184.703567] RAX: 0000000000000000 RBX: ffff8880181750a8 RCX: 0000000000000000 [ 184.704233] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 184.704889] RBP: ffff888013927bd0 R08: ffffed100302ea33 R09: ffffed100302ea33 [ 184.705734] R10: ffff888018175193 R11: ffffed100302ea32 R12: ffff888014580000 [ 184.706390] R13: ffff8880181751e8 R14: ffffffff8352e670 R15: ffff888013927e68 [ 184.707108] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.707984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.708521] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 184.709185] PKRU: 55555554 [ 184.709546] Call Trace: [ 184.709865] [ 184.710075] __iommufd_access_detach+0x1c2/0x2b0 [ 184.710552] iommufd_access_change_pt+0x149/0x270 [ 184.711010] iommufd_access_replace+0xb4/0x120 [ 184.711449] iommufd_test+0x3e5/0x37e0 [ 184.711837] ? lock_release+0x532/0x770 [ 184.712358] ? __might_fault+0x102/0x1b0 [ 184.712744] ? lock_acquire+0x427/0x4c0 [ 184.713123] ? __pfx_iommufd_test+0x10/0x10 [ 184.713518] ? __pfx_lock_release+0x10/0x10 [ 184.713966] ? __pfx_lock_acquire+0x10/0x10 [ 184.714483] ? write_comp_data+0x2f/0x90 [ 184.714895] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.715366] ? write_comp_data+0x2f/0x90 [ 184.715771] iommufd_fops_ioctl+0x37d/0x510 [ 184.716191] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.716704] ? write_comp_data+0x2f/0x90 [ 184.717183] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.717634] __x64_sys_ioctl+0x1a3/0x230 [ 184.718023] do_syscall_64+0x3b/0x90 [ 184.718385] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.718998] RIP: 0033:0x7f4b8743ee5d [ 184.719421] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.721102] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.721991] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.722673] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.723346] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.724176] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.724835] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.725505] [ 184.725720] irq event stamp: 0 [ 184.726010] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.726618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.727406] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.728170] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.728748] ---[ end trace 0000000000000000 ]--- [ 184.731760] ------------[ cut here ]------------ [ 184.732226] WARNING: CPU: 1 PID: 1755 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.733148] Modules linked in: [ 184.733444] CPU: 1 PID: 1755 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.734231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.735345] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.735802] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.737450] RSP: 0018:ffff888013927bd0 EFLAGS: 00010246 [ 184.737934] RAX: 0000000000000000 RBX: ffff8880181750a8 RCX: 0000000000000000 [ 184.738597] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 184.739215] RBP: ffff888013927be8 R08: ffffed100302ea33 R09: ffffed100302ea33 [ 184.739827] R10: ffff888018175193 R11: ffffed100302ea32 R12: ffff88801473b000 [ 184.740440] R13: ffff8880181751e8 R14: ffff88801287e700 R15: 0000000000000000 [ 184.741051] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.741753] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.742258] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.742897] PKRU: 55555554 [ 184.743160] Call Trace: [ 184.743387] [ 184.743586] iommufd_access_destroy_object+0x65/0x170 [ 184.744036] iommufd_object_destroy_user+0x18e/0x220 [ 184.744479] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.744987] iommufd_access_destroy+0x43/0x70 [ 184.745388] iommufd_test_staccess_release+0x8d/0xd0 [ 184.745844] __fput+0x26d/0xa40 [ 184.746148] ____fput+0x1e/0x30 [ 184.746443] task_work_run+0x1a4/0x2d0 [ 184.746814] ? __pfx_task_work_run+0x10/0x10 [ 184.747217] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.747647] ? switch_task_namespaces+0xa9/0xe0 [ 184.748063] do_exit+0xb17/0x2ef0 [ 184.748369] ? lock_acquire+0x427/0x4c0 [ 184.748721] ? __pfx_lock_release+0x10/0x10 [ 184.749100] ? __kasan_check_write+0x18/0x20 [ 184.749486] ? do_raw_spin_lock+0x132/0x2a0 [ 184.749861] ? __pfx_do_exit+0x10/0x10 [ 184.750209] ? debug_smp_processor_id+0x20/0x30 [ 184.750637] ? rcu_is_watching+0x19/0xb0 [ 184.750995] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.751404] ? trace_hardirqs_on+0x26/0x120 [ 184.751787] do_group_exit+0xe0/0x2b0 [ 184.752120] __x64_sys_exit_group+0x47/0x50 [ 184.752495] do_syscall_64+0x3b/0x90 [ 184.752834] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.753289] RIP: 0033:0x7f4b87518a4d [ 184.753614] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.754144] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.754827] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.755455] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.756071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.756687] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.757301] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.757931] [ 184.758140] irq event stamp: 0 [ 184.758415] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.758982] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.759713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.760441] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.760990] ---[ end trace 0000000000000000 ]--- [ 184.762011] ------------[ cut here ]------------ [ 184.762432] WARNING: CPU: 1 PID: 1755 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.763359] Modules linked in: [ 184.763646] CPU: 1 PID: 1755 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.764395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.765371] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.765826] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.767461] RSP: 0018:ffff888013927b78 EFLAGS: 00010246 [ 184.767936] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.768549] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 184.769168] RBP: ffff888013927b98 R08: ffffed100302ea3e R09: ffffed100302ea3e [ 184.769784] R10: ffff8880181751ef R11: ffffed100302ea3d R12: ffff888018175290 [ 184.770400] R13: ffff8880181750a8 R14: ffffffffffffffff R15: ffff888013927c60 [ 184.771045] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.771755] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.772257] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.772871] PKRU: 55555554 [ 184.773117] Call Trace: [ 184.773342] [ 184.773542] iommufd_ioas_destroy+0x53/0x70 [ 184.773928] iommufd_fops_release+0x1f7/0x370 [ 184.774324] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.774785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.775227] ? write_comp_data+0x2f/0x90 [ 184.775594] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.776029] __fput+0x26d/0xa40 [ 184.776335] ____fput+0x1e/0x30 [ 184.776635] task_work_run+0x1a4/0x2d0 [ 184.776983] ? __pfx_task_work_run+0x10/0x10 [ 184.777368] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.777790] ? switch_task_namespaces+0xa9/0xe0 [ 184.778202] do_exit+0xb17/0x2ef0 [ 184.778533] ? lock_acquire+0x427/0x4c0 [ 184.778893] ? __pfx_lock_release+0x10/0x10 [ 184.779287] ? __kasan_check_write+0x18/0x20 [ 184.779683] ? do_raw_spin_lock+0x132/0x2a0 [ 184.780064] ? __pfx_do_exit+0x10/0x10 [ 184.780403] ? debug_smp_processor_id+0x20/0x30 [ 184.780813] ? rcu_is_watching+0x19/0xb0 [ 184.781174] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.781573] ? trace_hardirqs_on+0x26/0x120 [ 184.781958] do_group_exit+0xe0/0x2b0 [ 184.782291] __x64_sys_exit_group+0x47/0x50 [ 184.782704] do_syscall_64+0x3b/0x90 [ 184.783041] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.783505] RIP: 0033:0x7f4b87518a4d [ 184.783835] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.784376] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.785037] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.785650] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.786263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.786897] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.787523] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.788144] [ 184.788348] irq event stamp: 0 [ 184.788623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.789172] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.789901] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.790647] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.791200] ---[ end trace 0000000000000000 ]--- [ 184.795952] ------------[ cut here ]------------ [ 184.796407] WARNING: CPU: 1 PID: 1756 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.797292] Modules linked in: [ 184.797568] CPU: 1 PID: 1756 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.798322] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.799353] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.799794] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.801360] RSP: 0018:ffff888017a87bb8 EFLAGS: 00010246 [ 184.801819] RAX: 0000000000000000 RBX: ffff8880219d70a8 RCX: 0000000000000000 [ 184.802430] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 184.803062] RBP: ffff888017a87bd0 R08: ffffed100433ae33 R09: ffffed100433ae33 [ 184.803694] R10: ffff8880219d7193 R11: ffffed100433ae32 R12: ffff8880129c4800 [ 184.804312] R13: ffff8880219d71e8 R14: ffffffff8352e670 R15: ffff888017a87e68 [ 184.804931] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.805632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.806147] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 184.806787] PKRU: 55555554 [ 184.807038] Call Trace: [ 184.807273] [ 184.807470] __iommufd_access_detach+0x1c2/0x2b0 [ 184.807903] iommufd_access_change_pt+0x149/0x270 [ 184.808335] iommufd_access_replace+0xb4/0x120 [ 184.808744] iommufd_test+0x3e5/0x37e0 [ 184.809087] ? lock_release+0x532/0x770 [ 184.809445] ? __might_fault+0x102/0x1b0 [ 184.809810] ? lock_acquire+0x427/0x4c0 [ 184.810165] ? __pfx_iommufd_test+0x10/0x10 [ 184.810563] ? __pfx_lock_release+0x10/0x10 [ 184.810948] ? __pfx_lock_acquire+0x10/0x10 [ 184.811348] ? write_comp_data+0x2f/0x90 [ 184.811711] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.812139] ? write_comp_data+0x2f/0x90 [ 184.812505] iommufd_fops_ioctl+0x37d/0x510 [ 184.812888] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.813317] ? write_comp_data+0x2f/0x90 [ 184.813685] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.814106] __x64_sys_ioctl+0x1a3/0x230 [ 184.814471] do_syscall_64+0x3b/0x90 [ 184.814827] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.815290] RIP: 0033:0x7f4b8743ee5d [ 184.815616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.817210] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.817874] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.818495] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.819159] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.819778] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.820390] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.821009] [ 184.821212] irq event stamp: 0 [ 184.821490] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.822037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.822788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.823525] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.824073] ---[ end trace 0000000000000000 ]--- [ 184.827022] ------------[ cut here ]------------ [ 184.827479] WARNING: CPU: 1 PID: 1756 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.828375] Modules linked in: [ 184.828655] CPU: 1 PID: 1756 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.829409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.830383] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.830849] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.832439] RSP: 0018:ffff888017a87bd0 EFLAGS: 00010246 [ 184.832902] RAX: 0000000000000000 RBX: ffff8880219d70a8 RCX: 0000000000000000 [ 184.833517] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 184.834133] RBP: ffff888017a87be8 R08: ffffed100433ae33 R09: ffffed100433ae33 [ 184.834781] R10: ffff8880219d7193 R11: ffffed100433ae32 R12: ffff888014581000 [ 184.835425] R13: ffff8880219d71e8 R14: ffff8880143ce000 R15: 0000000000000000 [ 184.836053] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.836793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.837332] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.837999] PKRU: 55555554 [ 184.838270] Call Trace: [ 184.838537] [ 184.838748] iommufd_access_destroy_object+0x65/0x170 [ 184.839245] iommufd_object_destroy_user+0x18e/0x220 [ 184.839722] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.840261] iommufd_access_destroy+0x43/0x70 [ 184.840686] iommufd_test_staccess_release+0x8d/0xd0 [ 184.841167] __fput+0x26d/0xa40 [ 184.841490] ____fput+0x1e/0x30 [ 184.841808] task_work_run+0x1a4/0x2d0 [ 184.842185] ? __pfx_task_work_run+0x10/0x10 [ 184.842637] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.843111] ? switch_task_namespaces+0xa9/0xe0 [ 184.843573] do_exit+0xb17/0x2ef0 [ 184.843906] ? lock_acquire+0x427/0x4c0 [ 184.844297] ? __pfx_lock_release+0x10/0x10 [ 184.844709] ? __kasan_check_write+0x18/0x20 [ 184.845127] ? do_raw_spin_lock+0x132/0x2a0 [ 184.845529] ? __pfx_do_exit+0x10/0x10 [ 184.845900] ? debug_smp_processor_id+0x20/0x30 [ 184.846339] ? rcu_is_watching+0x19/0xb0 [ 184.846748] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.847184] ? trace_hardirqs_on+0x26/0x120 [ 184.847605] do_group_exit+0xe0/0x2b0 [ 184.847974] __x64_sys_exit_group+0x47/0x50 [ 184.848381] do_syscall_64+0x3b/0x90 [ 184.848754] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.849253] RIP: 0033:0x7f4b87518a4d [ 184.849600] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.850172] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.850912] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.851599] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.852275] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.852931] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.853577] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.854245] [ 184.854464] irq event stamp: 0 [ 184.854778] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.855380] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.856153] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.856931] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.857519] ---[ end trace 0000000000000000 ]--- [ 184.858325] ------------[ cut here ]------------ [ 184.858792] WARNING: CPU: 1 PID: 1756 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.859766] Modules linked in: [ 184.860070] CPU: 1 PID: 1756 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.860889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.862163] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.862696] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.864427] RSP: 0018:ffff888017a87b78 EFLAGS: 00010246 [ 184.864934] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.865597] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 184.866458] RBP: ffff888017a87b98 R08: ffffed100433ae3e R09: ffffed100433ae3e [ 184.867162] R10: ffff8880219d71ef R11: ffffed100433ae3d R12: ffff8880219d7290 [ 184.867826] R13: ffff8880219d70a8 R14: ffffffffffffffff R15: ffff888017a87c60 [ 184.868488] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.869237] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.869781] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 184.870446] PKRU: 55555554 [ 184.870795] Call Trace: [ 184.871124] [ 184.871449] iommufd_ioas_destroy+0x53/0x70 [ 184.871863] iommufd_fops_release+0x1f7/0x370 [ 184.872290] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.872760] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.873227] ? write_comp_data+0x2f/0x90 [ 184.873621] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.874103] __fput+0x26d/0xa40 [ 184.874442] ____fput+0x1e/0x30 [ 184.874802] task_work_run+0x1a4/0x2d0 [ 184.875200] ? __pfx_task_work_run+0x10/0x10 [ 184.875632] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.876177] ? switch_task_namespaces+0xa9/0xe0 [ 184.876759] do_exit+0xb17/0x2ef0 [ 184.877086] ? lock_acquire+0x427/0x4c0 [ 184.877469] ? __pfx_lock_release+0x10/0x10 [ 184.877882] ? __kasan_check_write+0x18/0x20 [ 184.878305] ? do_raw_spin_lock+0x132/0x2a0 [ 184.878776] ? __pfx_do_exit+0x10/0x10 [ 184.879176] ? debug_smp_processor_id+0x20/0x30 [ 184.879619] ? rcu_is_watching+0x19/0xb0 [ 184.880003] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.880508] ? trace_hardirqs_on+0x26/0x120 [ 184.881106] do_group_exit+0xe0/0x2b0 [ 184.881643] __x64_sys_exit_group+0x47/0x50 [ 184.882192] do_syscall_64+0x3b/0x90 [ 184.882636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.883180] RIP: 0033:0x7f4b87518a4d [ 184.883561] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.884187] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.884957] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.885684] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.886660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.887656] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.888383] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.889120] [ 184.889357] irq event stamp: 0 [ 184.889680] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.890323] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.891229] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.892093] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.892933] ---[ end trace 0000000000000000 ]--- [ 184.898274] ------------[ cut here ]------------ [ 184.898887] WARNING: CPU: 1 PID: 1757 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.899932] Modules linked in: [ 184.900259] CPU: 1 PID: 1757 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.901147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.902695] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.903217] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.905069] RSP: 0018:ffff888018287bb8 EFLAGS: 00010246 [ 184.905609] RAX: 0000000000000000 RBX: ffff88802088b0a8 RCX: 0000000000000000 [ 184.906334] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 184.907243] RBP: ffff888018287bd0 R08: ffffed1004111633 R09: ffffed1004111633 [ 184.908084] R10: ffff88802088b193 R11: ffffed1004111632 R12: ffff88801432b000 [ 184.908823] R13: ffff88802088b1e8 R14: ffffffff8352e670 R15: ffff888018287e68 [ 184.909562] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.910399] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.911031] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 184.911780] PKRU: 55555554 [ 184.912165] Call Trace: [ 184.912513] [ 184.912839] __iommufd_access_detach+0x1c2/0x2b0 [ 184.913505] iommufd_access_change_pt+0x149/0x270 [ 184.914024] iommufd_access_replace+0xb4/0x120 [ 184.914542] iommufd_test+0x3e5/0x37e0 [ 184.914949] ? lock_release+0x532/0x770 [ 184.915384] ? __might_fault+0x102/0x1b0 [ 184.915812] ? lock_acquire+0x427/0x4c0 [ 184.916233] ? __pfx_iommufd_test+0x10/0x10 [ 184.916681] ? __pfx_lock_release+0x10/0x10 [ 184.917140] ? __pfx_lock_acquire+0x10/0x10 [ 184.917681] ? write_comp_data+0x2f/0x90 [ 184.918242] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.918974] ? write_comp_data+0x2f/0x90 [ 184.919428] iommufd_fops_ioctl+0x37d/0x510 [ 184.919887] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.920399] ? write_comp_data+0x2f/0x90 [ 184.920835] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 184.921340] __x64_sys_ioctl+0x1a3/0x230 [ 184.921772] do_syscall_64+0x3b/0x90 [ 184.922178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.922815] RIP: 0033:0x7f4b8743ee5d [ 184.923331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 184.925381] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 184.926187] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 184.926967] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 184.927719] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 184.928531] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 184.929494] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 184.930243] [ 184.930493] irq event stamp: 0 [ 184.930863] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.931541] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.932409] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.933369] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.934290] ---[ end trace 0000000000000000 ]--- [ 184.937816] ------------[ cut here ]------------ [ 184.938455] WARNING: CPU: 1 PID: 1757 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 184.939776] Modules linked in: [ 184.940113] CPU: 1 PID: 1757 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.941024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.942195] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 184.942757] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 184.944818] RSP: 0018:ffff888018287bd0 EFLAGS: 00010246 [ 184.945495] RAX: 0000000000000000 RBX: ffff88802088b0a8 RCX: 0000000000000000 [ 184.946223] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 184.946997] RBP: ffff888018287be8 R08: ffffed1004111633 R09: ffffed1004111633 [ 184.947749] R10: ffff88802088b193 R11: ffffed1004111632 R12: ffff8880129c6400 [ 184.948491] R13: ffff88802088b1e8 R14: ffff88802080ca00 R15: 0000000000000000 [ 184.949275] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.950446] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.951098] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 184.951852] PKRU: 55555554 [ 184.952149] Call Trace: [ 184.952417] [ 184.952652] iommufd_access_destroy_object+0x65/0x170 [ 184.953196] iommufd_object_destroy_user+0x18e/0x220 [ 184.953743] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 184.954356] iommufd_access_destroy+0x43/0x70 [ 184.955040] iommufd_test_staccess_release+0x8d/0xd0 [ 184.955700] __fput+0x26d/0xa40 [ 184.956062] ____fput+0x1e/0x30 [ 184.956416] task_work_run+0x1a4/0x2d0 [ 184.956839] ? __pfx_task_work_run+0x10/0x10 [ 184.957309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.957829] ? switch_task_namespaces+0xa9/0xe0 [ 184.958327] do_exit+0xb17/0x2ef0 [ 184.958722] ? lock_acquire+0x427/0x4c0 [ 184.959155] ? __pfx_lock_release+0x10/0x10 [ 184.959613] ? __kasan_check_write+0x18/0x20 [ 184.960089] ? do_raw_spin_lock+0x132/0x2a0 [ 184.960628] ? __pfx_do_exit+0x10/0x10 [ 184.961206] ? debug_smp_processor_id+0x20/0x30 [ 184.961882] ? rcu_is_watching+0x19/0xb0 [ 184.962311] ? _raw_spin_unlock_irq+0x2b/0x60 [ 184.962830] ? trace_hardirqs_on+0x26/0x120 [ 184.963304] do_group_exit+0xe0/0x2b0 [ 184.963706] __x64_sys_exit_group+0x47/0x50 [ 184.964154] do_syscall_64+0x3b/0x90 [ 184.964560] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 184.965112] RIP: 0033:0x7f4b87518a4d [ 184.965509] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 184.966221] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 184.967353] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 184.968096] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 184.968836] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 184.969569] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 184.970297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 184.971100] [ 184.971439] irq event stamp: 0 [ 184.971912] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 184.972585] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 184.973458] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 184.974316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 184.975006] ---[ end trace 0000000000000000 ]--- [ 184.975933] ------------[ cut here ]------------ [ 184.976510] WARNING: CPU: 1 PID: 1757 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 184.977844] Modules linked in: [ 184.978187] CPU: 1 PID: 1757 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 184.979163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 184.980335] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 184.980875] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 184.983167] RSP: 0018:ffff888018287b78 EFLAGS: 00010246 [ 184.983732] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 184.984472] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 184.985199] RBP: ffff888018287b98 R08: ffffed100411163e R09: ffffed100411163e [ 184.985937] R10: ffff88802088b1ef R11: ffffed100411163d R12: ffff88802088b290 [ 184.986892] R13: ffff88802088b0a8 R14: ffffffffffffffff R15: ffff888018287c60 [ 184.987819] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 184.988658] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 184.989264] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 184.990122] PKRU: 55555554 [ 184.990486] Call Trace: [ 184.990785] [ 184.991023] iommufd_ioas_destroy+0x53/0x70 [ 184.991493] iommufd_fops_release+0x1f7/0x370 [ 184.991967] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.992497] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.993191] ? write_comp_data+0x2f/0x90 [ 184.993627] ? __pfx_iommufd_fops_release+0x10/0x10 [ 184.994152] __fput+0x26d/0xa40 [ 184.994572] ____fput+0x1e/0x30 [ 184.994931] task_work_run+0x1a4/0x2d0 [ 184.995407] ? __pfx_task_work_run+0x10/0x10 [ 184.996005] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 184.996517] ? switch_task_namespaces+0xa9/0xe0 [ 184.997006] do_exit+0xb17/0x2ef0 [ 184.997366] ? lock_acquire+0x427/0x4c0 [ 184.997933] ? __pfx_lock_release+0x10/0x10 [ 184.998389] ? __kasan_check_write+0x18/0x20 [ 184.998884] ? do_raw_spin_lock+0x132/0x2a0 [ 184.999342] ? __pfx_do_exit+0x10/0x10 [ 184.999756] ? debug_smp_processor_id+0x20/0x30 [ 185.000281] ? rcu_is_watching+0x19/0xb0 [ 185.000821] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.001291] ? trace_hardirqs_on+0x26/0x120 [ 185.001746] do_group_exit+0xe0/0x2b0 [ 185.002141] __x64_sys_exit_group+0x47/0x50 [ 185.002717] do_syscall_64+0x3b/0x90 [ 185.003195] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.003739] RIP: 0033:0x7f4b87518a4d [ 185.004123] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.004763] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.005718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.006456] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.007238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.008043] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.008898] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.009635] [ 185.009881] irq event stamp: 0 [ 185.010287] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.011024] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.011917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.012813] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.013580] ---[ end trace 0000000000000000 ]--- [ 185.019040] ------------[ cut here ]------------ [ 185.019596] WARNING: CPU: 0 PID: 1758 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.020729] Modules linked in: [ 185.021331] CPU: 0 PID: 1758 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.022257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.023708] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.024242] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.026183] RSP: 0018:ffff888017a87bb8 EFLAGS: 00010246 [ 185.026780] RAX: 0000000000000000 RBX: ffff888017a9a8a8 RCX: 0000000000000000 [ 185.027559] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 185.028299] RBP: ffff888017a87bd0 R08: ffffed1002f53533 R09: ffffed1002f53533 [ 185.029045] R10: ffff888017a9a993 R11: ffffed1002f53532 R12: ffff888018aba000 [ 185.029789] R13: ffff888017a9a9e8 R14: ffffffff8352e670 R15: ffff888017a87e68 [ 185.030566] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.031430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.032039] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 185.032784] PKRU: 55555554 [ 185.033080] Call Trace: [ 185.033347] [ 185.033586] __iommufd_access_detach+0x1c2/0x2b0 [ 185.034100] iommufd_access_change_pt+0x149/0x270 [ 185.034642] iommufd_access_replace+0xb4/0x120 [ 185.035161] iommufd_test+0x3e5/0x37e0 [ 185.035580] ? lock_release+0x532/0x770 [ 185.036014] ? __might_fault+0x102/0x1b0 [ 185.036448] ? lock_acquire+0x427/0x4c0 [ 185.036873] ? __pfx_iommufd_test+0x10/0x10 [ 185.037330] ? __pfx_lock_release+0x10/0x10 [ 185.037793] ? __pfx_lock_acquire+0x10/0x10 [ 185.038262] ? write_comp_data+0x2f/0x90 [ 185.038722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.039245] ? write_comp_data+0x2f/0x90 [ 185.039677] iommufd_fops_ioctl+0x37d/0x510 [ 185.040134] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.040646] ? write_comp_data+0x2f/0x90 [ 185.041070] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.041564] __x64_sys_ioctl+0x1a3/0x230 [ 185.041993] do_syscall_64+0x3b/0x90 [ 185.042394] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.042968] RIP: 0033:0x7f4b8743ee5d [ 185.043372] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.045220] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.046009] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.046777] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.047517] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.048245] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.048963] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.049693] [ 185.049931] irq event stamp: 0 [ 185.050251] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.050925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.051790] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.052644] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.053364] ---[ end trace 0000000000000000 ]--- [ 185.056814] ------------[ cut here ]------------ [ 185.057513] WARNING: CPU: 0 PID: 1758 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.058618] Modules linked in: [ 185.058976] CPU: 0 PID: 1758 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.060067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.061215] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.061729] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.063601] RSP: 0018:ffff888017a87bd0 EFLAGS: 00010246 [ 185.064137] RAX: 0000000000000000 RBX: ffff888017a9a8a8 RCX: 0000000000000000 [ 185.064847] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 185.065561] RBP: ffff888017a87be8 R08: ffffed1002f53533 R09: ffffed1002f53533 [ 185.066268] R10: ffff888017a9a993 R11: ffffed1002f53532 R12: ffff888013b22800 [ 185.067017] R13: ffff888017a9a9e8 R14: ffff888020edb500 R15: 0000000000000000 [ 185.067758] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.068585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.069175] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.069891] PKRU: 55555554 [ 185.070181] Call Trace: [ 185.070444] [ 185.070696] iommufd_access_destroy_object+0x65/0x170 [ 185.071240] iommufd_object_destroy_user+0x18e/0x220 [ 185.071755] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.072341] iommufd_access_destroy+0x43/0x70 [ 185.072799] iommufd_test_staccess_release+0x8d/0xd0 [ 185.073312] __fput+0x26d/0xa40 [ 185.073657] ____fput+0x1e/0x30 [ 185.073994] task_work_run+0x1a4/0x2d0 [ 185.074396] ? __pfx_task_work_run+0x10/0x10 [ 185.074874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.075359] ? switch_task_namespaces+0xa9/0xe0 [ 185.075801] do_exit+0xb17/0x2ef0 [ 185.076124] ? lock_acquire+0x427/0x4c0 [ 185.076509] ? __pfx_lock_release+0x10/0x10 [ 185.076924] ? __kasan_check_write+0x18/0x20 [ 185.077335] ? do_raw_spin_lock+0x132/0x2a0 [ 185.077741] ? __pfx_do_exit+0x10/0x10 [ 185.078110] ? debug_smp_processor_id+0x20/0x30 [ 185.078570] ? rcu_is_watching+0x19/0xb0 [ 185.078950] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.079383] ? trace_hardirqs_on+0x26/0x120 [ 185.079787] do_group_exit+0xe0/0x2b0 [ 185.080145] __x64_sys_exit_group+0x47/0x50 [ 185.080543] do_syscall_64+0x3b/0x90 [ 185.080897] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.081408] RIP: 0033:0x7f4b87518a4d [ 185.081754] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.082326] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.083067] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.083742] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.084415] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.085136] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.085790] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.086459] [ 185.086702] irq event stamp: 0 [ 185.086999] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.087600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.088368] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.089134] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.089712] ---[ end trace 0000000000000000 ]--- [ 185.091478] ------------[ cut here ]------------ [ 185.091929] WARNING: CPU: 0 PID: 1758 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.092906] Modules linked in: [ 185.093382] CPU: 0 PID: 1758 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.094176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.095400] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.095875] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.097522] RSP: 0018:ffff888017a87b78 EFLAGS: 00010246 [ 185.098001] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.098665] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 185.099333] RBP: ffff888017a87b98 R08: ffffed1002f5353e R09: ffffed1002f5353e [ 185.099981] R10: ffff888017a9a9ef R11: ffffed1002f5353d R12: ffff888017a9aa90 [ 185.100624] R13: ffff888017a9a8a8 R14: ffffffffffffffff R15: ffff888017a87c60 [ 185.101277] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.102002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.102565] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 185.103228] PKRU: 55555554 [ 185.103490] Call Trace: [ 185.103722] [ 185.103928] iommufd_ioas_destroy+0x53/0x70 [ 185.104330] iommufd_fops_release+0x1f7/0x370 [ 185.104743] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.105200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.105645] ? write_comp_data+0x2f/0x90 [ 185.106018] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.106469] __fput+0x26d/0xa40 [ 185.106806] ____fput+0x1e/0x30 [ 185.107129] task_work_run+0x1a4/0x2d0 [ 185.107495] ? __pfx_task_work_run+0x10/0x10 [ 185.107897] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.108342] ? switch_task_namespaces+0xa9/0xe0 [ 185.108774] do_exit+0xb17/0x2ef0 [ 185.109093] ? lock_acquire+0x427/0x4c0 [ 185.109471] ? __pfx_lock_release+0x10/0x10 [ 185.109869] ? __kasan_check_write+0x18/0x20 [ 185.110275] ? do_raw_spin_lock+0x132/0x2a0 [ 185.110696] ? __pfx_do_exit+0x10/0x10 [ 185.111069] ? debug_smp_processor_id+0x20/0x30 [ 185.111483] ? rcu_is_watching+0x19/0xb0 [ 185.111831] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.112224] ? trace_hardirqs_on+0x26/0x120 [ 185.112607] do_group_exit+0xe0/0x2b0 [ 185.112937] __x64_sys_exit_group+0x47/0x50 [ 185.113305] do_syscall_64+0x3b/0x90 [ 185.113635] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.114089] RIP: 0033:0x7f4b87518a4d [ 185.114406] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.114946] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.115604] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.116212] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.116819] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.117503] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.118105] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.118739] [ 185.118944] irq event stamp: 0 [ 185.119224] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.119759] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.120465] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.121169] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.121703] ---[ end trace 0000000000000000 ]--- [ 185.126004] ------------[ cut here ]------------ [ 185.126429] WARNING: CPU: 0 PID: 1759 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.127516] Modules linked in: [ 185.127793] CPU: 0 PID: 1759 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.128542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.129496] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.129920] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.131519] RSP: 0018:ffff888018287bb8 EFLAGS: 00010246 [ 185.131972] RAX: 0000000000000000 RBX: ffff8880172d20a8 RCX: 0000000000000000 [ 185.132578] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 185.133185] RBP: ffff888018287bd0 R08: ffffed1002e5a433 R09: ffffed1002e5a433 [ 185.133797] R10: ffff8880172d2193 R11: ffffed1002e5a432 R12: ffff8880184ed800 [ 185.134407] R13: ffff8880172d21e8 R14: ffffffff8352e670 R15: ffff888018287e68 [ 185.135031] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.135733] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.136230] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 185.136839] PKRU: 55555554 [ 185.137084] Call Trace: [ 185.137308] [ 185.137503] __iommufd_access_detach+0x1c2/0x2b0 [ 185.137923] iommufd_access_change_pt+0x149/0x270 [ 185.138352] iommufd_access_replace+0xb4/0x120 [ 185.138783] iommufd_test+0x3e5/0x37e0 [ 185.139131] ? lock_release+0x532/0x770 [ 185.139489] ? __might_fault+0x102/0x1b0 [ 185.139854] ? lock_acquire+0x427/0x4c0 [ 185.140210] ? __pfx_iommufd_test+0x10/0x10 [ 185.140579] ? __pfx_lock_release+0x10/0x10 [ 185.140959] ? __pfx_lock_acquire+0x10/0x10 [ 185.141340] ? write_comp_data+0x2f/0x90 [ 185.141702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.142125] ? write_comp_data+0x2f/0x90 [ 185.142481] iommufd_fops_ioctl+0x37d/0x510 [ 185.142879] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.143314] ? write_comp_data+0x2f/0x90 [ 185.143673] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.144093] __x64_sys_ioctl+0x1a3/0x230 [ 185.144455] do_syscall_64+0x3b/0x90 [ 185.144784] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.145231] RIP: 0033:0x7f4b8743ee5d [ 185.145549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.147128] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.147769] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.148358] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.148997] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.149570] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.150138] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.150743] [ 185.150933] irq event stamp: 0 [ 185.151188] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.151696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.152365] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.153030] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.153531] ---[ end trace 0000000000000000 ]--- [ 185.156541] ------------[ cut here ]------------ [ 185.156934] WARNING: CPU: 0 PID: 1759 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.157748] Modules linked in: [ 185.158025] CPU: 0 PID: 1759 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.158948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.159878] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.160341] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.161908] RSP: 0018:ffff888018287bd0 EFLAGS: 00010246 [ 185.162471] RAX: 0000000000000000 RBX: ffff8880172d20a8 RCX: 0000000000000000 [ 185.163056] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 185.163641] RBP: ffff888018287be8 R08: ffffed1002e5a433 R09: ffffed1002e5a433 [ 185.164284] R10: ffff8880172d2193 R11: ffffed1002e5a432 R12: ffff888018abb800 [ 185.164938] R13: ffff8880172d21e8 R14: ffff888012de2700 R15: 0000000000000000 [ 185.165508] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.166287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.166776] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.167367] PKRU: 55555554 [ 185.167597] Call Trace: [ 185.167829] [ 185.168131] iommufd_access_destroy_object+0x65/0x170 [ 185.168556] iommufd_object_destroy_user+0x18e/0x220 [ 185.168970] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.169443] iommufd_access_destroy+0x43/0x70 [ 185.169943] iommufd_test_staccess_release+0x8d/0xd0 [ 185.170369] __fput+0x26d/0xa40 [ 185.170671] ____fput+0x1e/0x30 [ 185.170946] task_work_run+0x1a4/0x2d0 [ 185.171281] ? __pfx_task_work_run+0x10/0x10 [ 185.171711] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.172201] ? switch_task_namespaces+0xa9/0xe0 [ 185.172590] do_exit+0xb17/0x2ef0 [ 185.172872] ? lock_acquire+0x427/0x4c0 [ 185.173227] ? __pfx_lock_release+0x10/0x10 [ 185.173685] ? __kasan_check_write+0x18/0x20 [ 185.174049] ? do_raw_spin_lock+0x132/0x2a0 [ 185.174403] ? __pfx_do_exit+0x10/0x10 [ 185.174747] ? debug_smp_processor_id+0x20/0x30 [ 185.175137] ? rcu_is_watching+0x19/0xb0 [ 185.175534] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.175980] ? trace_hardirqs_on+0x26/0x120 [ 185.176335] do_group_exit+0xe0/0x2b0 [ 185.176647] __x64_sys_exit_group+0x47/0x50 [ 185.177016] do_syscall_64+0x3b/0x90 [ 185.177435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.177867] RIP: 0033:0x7f4b87518a4d [ 185.178167] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.178680] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.179429] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.180002] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.180574] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.181364] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.181938] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.182542] [ 185.182792] irq event stamp: 0 [ 185.183139] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.183651] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.184351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.185122] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.185634] ---[ end trace 0000000000000000 ]--- [ 185.186864] ------------[ cut here ]------------ [ 185.187275] WARNING: CPU: 0 PID: 1759 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.188259] Modules linked in: [ 185.188524] CPU: 0 PID: 1759 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.189224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.190303] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.190776] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.192390] RSP: 0018:ffff888018287b78 EFLAGS: 00010246 [ 185.192826] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.193545] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 185.194115] RBP: ffff888018287b98 R08: ffffed1002e5a43e R09: ffffed1002e5a43e [ 185.194720] R10: ffff8880172d21ef R11: ffffed1002e5a43d R12: ffff8880172d2290 [ 185.195476] R13: ffff8880172d20a8 R14: ffffffffffffffff R15: ffff888018287c60 [ 185.196049] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.196698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.197363] CR2: 00007f82e2b42008 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 185.197960] PKRU: 55555554 [ 185.198200] Call Trace: [ 185.198418] [ 185.198629] iommufd_ioas_destroy+0x53/0x70 [ 185.198999] iommufd_fops_release+0x1f7/0x370 [ 185.199396] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.199826] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.200346] ? write_comp_data+0x2f/0x90 [ 185.200803] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.201225] __fput+0x26d/0xa40 [ 185.201515] ____fput+0x1e/0x30 [ 185.201799] task_work_run+0x1a4/0x2d0 [ 185.202142] ? __pfx_task_work_run+0x10/0x10 [ 185.202541] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.202958] ? switch_task_namespaces+0xa9/0xe0 [ 185.203457] do_exit+0xb17/0x2ef0 [ 185.203852] ? lock_acquire+0x427/0x4c0 [ 185.204199] ? __pfx_lock_release+0x10/0x10 [ 185.204571] ? __kasan_check_write+0x18/0x20 [ 185.204953] ? do_raw_spin_lock+0x132/0x2a0 [ 185.205463] ? __pfx_do_exit+0x10/0x10 [ 185.205801] ? debug_smp_processor_id+0x20/0x30 [ 185.206199] ? rcu_is_watching+0x19/0xb0 [ 185.206564] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.207125] ? trace_hardirqs_on+0x26/0x120 [ 185.207502] do_group_exit+0xe0/0x2b0 [ 185.207832] __x64_sys_exit_group+0x47/0x50 [ 185.208200] do_syscall_64+0x3b/0x90 [ 185.208528] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.208972] RIP: 0033:0x7f4b87518a4d [ 185.209294] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.209816] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.210452] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.211106] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.211721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.212315] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.212914] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.213581] [ 185.213780] irq event stamp: 0 [ 185.214044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.214592] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.215304] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.216007] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.216535] ---[ end trace 0000000000000000 ]--- [ 185.221415] ------------[ cut here ]------------ [ 185.221847] WARNING: CPU: 0 PID: 1760 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.222741] Modules linked in: [ 185.223014] CPU: 0 PID: 1760 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.223763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.224721] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.225142] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.226692] RSP: 0018:ffff8880140d7bb8 EFLAGS: 00010246 [ 185.227160] RAX: 0000000000000000 RBX: ffff888015d2c0a8 RCX: 0000000000000000 [ 185.227756] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 185.228351] RBP: ffff8880140d7bd0 R08: ffffed1002ba5833 R09: ffffed1002ba5833 [ 185.228943] R10: ffff888015d2c193 R11: ffffed1002ba5832 R12: ffff88800ae90400 [ 185.229537] R13: ffff888015d2c1e8 R14: ffffffff8352e670 R15: ffff8880140d7e68 [ 185.230134] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.230819] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.231317] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ef0 [ 185.231914] PKRU: 55555554 [ 185.232153] Call Trace: [ 185.232370] [ 185.232559] __iommufd_access_detach+0x1c2/0x2b0 [ 185.232970] iommufd_access_change_pt+0x149/0x270 [ 185.233383] iommufd_access_replace+0xb4/0x120 [ 185.233775] iommufd_test+0x3e5/0x37e0 [ 185.234100] ? lock_release+0x532/0x770 [ 185.234444] ? __might_fault+0x102/0x1b0 [ 185.234811] ? lock_acquire+0x427/0x4c0 [ 185.235159] ? __pfx_iommufd_test+0x10/0x10 [ 185.235526] ? __pfx_lock_release+0x10/0x10 [ 185.235896] ? __pfx_lock_acquire+0x10/0x10 [ 185.236270] ? write_comp_data+0x2f/0x90 [ 185.236625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.237039] ? write_comp_data+0x2f/0x90 [ 185.237395] iommufd_fops_ioctl+0x37d/0x510 [ 185.237771] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.238188] ? write_comp_data+0x2f/0x90 [ 185.238561] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.238972] __x64_sys_ioctl+0x1a3/0x230 [ 185.239334] do_syscall_64+0x3b/0x90 [ 185.239670] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.240211] RIP: 0033:0x7f4b8743ee5d [ 185.240526] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.242049] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.242701] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.243294] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.243863] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.244432] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.245031] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.245610] [ 185.245799] irq event stamp: 0 [ 185.246055] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.246588] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.247270] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.247945] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.248457] ---[ end trace 0000000000000000 ]--- [ 185.251254] ------------[ cut here ]------------ [ 185.251664] WARNING: CPU: 0 PID: 1760 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.252481] Modules linked in: [ 185.252739] CPU: 0 PID: 1760 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.253442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.254344] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.254801] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.256280] RSP: 0018:ffff8880140d7bd0 EFLAGS: 00010246 [ 185.256713] RAX: 0000000000000000 RBX: ffff888015d2c0a8 RCX: 0000000000000000 [ 185.257285] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 185.257859] RBP: ffff8880140d7be8 R08: ffffed1002ba5833 R09: ffffed1002ba5833 [ 185.258429] R10: ffff888015d2c193 R11: ffffed1002ba5832 R12: ffff8880184ed000 [ 185.259021] R13: ffff888015d2c1e8 R14: ffff888015bb8700 R15: 0000000000000000 [ 185.259605] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.260261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.260734] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.261313] PKRU: 55555554 [ 185.261542] Call Trace: [ 185.261749] [ 185.261935] iommufd_access_destroy_object+0x65/0x170 [ 185.262361] iommufd_object_destroy_user+0x18e/0x220 [ 185.262799] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.263286] iommufd_access_destroy+0x43/0x70 [ 185.263661] iommufd_test_staccess_release+0x8d/0xd0 [ 185.264084] __fput+0x26d/0xa40 [ 185.264370] ____fput+0x1e/0x30 [ 185.264650] task_work_run+0x1a4/0x2d0 [ 185.264975] ? __pfx_task_work_run+0x10/0x10 [ 185.265338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.265741] ? switch_task_namespaces+0xa9/0xe0 [ 185.266129] do_exit+0xb17/0x2ef0 [ 185.266413] ? lock_acquire+0x427/0x4c0 [ 185.266764] ? __pfx_lock_release+0x10/0x10 [ 185.267130] ? __kasan_check_write+0x18/0x20 [ 185.267496] ? do_raw_spin_lock+0x132/0x2a0 [ 185.267849] ? __pfx_do_exit+0x10/0x10 [ 185.268173] ? debug_smp_processor_id+0x20/0x30 [ 185.268556] ? rcu_is_watching+0x19/0xb0 [ 185.268891] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.269264] ? trace_hardirqs_on+0x26/0x120 [ 185.269622] do_group_exit+0xe0/0x2b0 [ 185.269936] __x64_sys_exit_group+0x47/0x50 [ 185.270288] do_syscall_64+0x3b/0x90 [ 185.270621] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.271049] RIP: 0033:0x7f4b87518a4d [ 185.271370] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.271864] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.272477] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.273047] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.273619] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.274193] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.274784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.275379] [ 185.275570] irq event stamp: 0 [ 185.275825] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.276335] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.277063] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.277735] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.278243] ---[ end trace 0000000000000000 ]--- [ 185.278965] ------------[ cut here ]------------ [ 185.279359] WARNING: CPU: 0 PID: 1760 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.280184] Modules linked in: [ 185.280447] CPU: 0 PID: 1760 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.281158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.282062] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.282481] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.283978] RSP: 0018:ffff8880140d7b78 EFLAGS: 00010246 [ 185.284415] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.284985] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 185.285555] RBP: ffff8880140d7b98 R08: ffffed1002ba583e R09: ffffed1002ba583e [ 185.286128] R10: ffff888015d2c1ef R11: ffffed1002ba583d R12: ffff888015d2c290 [ 185.286714] R13: ffff888015d2c0a8 R14: ffffffffffffffff R15: ffff8880140d7c60 [ 185.287297] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.287940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.288409] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.288988] PKRU: 55555554 [ 185.289210] Call Trace: [ 185.289409] [ 185.289588] iommufd_ioas_destroy+0x53/0x70 [ 185.289934] iommufd_fops_release+0x1f7/0x370 [ 185.290297] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.290711] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.291105] ? write_comp_data+0x2f/0x90 [ 185.291449] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.291845] __fput+0x26d/0xa40 [ 185.292118] ____fput+0x1e/0x30 [ 185.292385] task_work_run+0x1a4/0x2d0 [ 185.292697] ? __pfx_task_work_run+0x10/0x10 [ 185.293055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.293443] ? switch_task_namespaces+0xa9/0xe0 [ 185.293822] do_exit+0xb17/0x2ef0 [ 185.294097] ? lock_acquire+0x427/0x4c0 [ 185.294416] ? __pfx_lock_release+0x10/0x10 [ 185.294778] ? __kasan_check_write+0x18/0x20 [ 185.295137] ? do_raw_spin_lock+0x132/0x2a0 [ 185.295481] ? __pfx_do_exit+0x10/0x10 [ 185.295796] ? debug_smp_processor_id+0x20/0x30 [ 185.296163] ? rcu_is_watching+0x19/0xb0 [ 185.296483] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.296847] ? trace_hardirqs_on+0x26/0x120 [ 185.297190] do_group_exit+0xe0/0x2b0 [ 185.297490] __x64_sys_exit_group+0x47/0x50 [ 185.297828] do_syscall_64+0x3b/0x90 [ 185.298131] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.298574] RIP: 0033:0x7f4b87518a4d [ 185.298870] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.299363] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.299955] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.300510] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.301059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.301617] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.302166] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.302746] [ 185.302932] irq event stamp: 0 [ 185.303186] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.303678] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.304332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.304979] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.305457] ---[ end trace 0000000000000000 ]--- [ 185.311978] ------------[ cut here ]------------ [ 185.312547] WARNING: CPU: 0 PID: 1761 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.313657] Modules linked in: [ 185.314019] CPU: 0 PID: 1761 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.315224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.316467] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.317023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.319034] RSP: 0018:ffff88801806fbb8 EFLAGS: 00010246 [ 185.319639] RAX: 0000000000000000 RBX: ffff888010b7b0a8 RCX: 0000000000000000 [ 185.320422] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 185.321206] RBP: ffff88801806fbd0 R08: ffffed100216f633 R09: ffffed100216f633 [ 185.321990] R10: ffff888010b7b193 R11: ffffed100216f632 R12: ffff888010e02800 [ 185.322807] R13: ffff888010b7b1e8 R14: ffffffff8352e670 R15: ffff88801806fe68 [ 185.323617] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.324519] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.325165] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 185.325950] PKRU: 55555554 [ 185.326267] Call Trace: [ 185.326595] [ 185.326861] __iommufd_access_detach+0x1c2/0x2b0 [ 185.327429] iommufd_access_change_pt+0x149/0x270 [ 185.327988] iommufd_access_replace+0xb4/0x120 [ 185.328516] iommufd_test+0x3e5/0x37e0 [ 185.328953] ? lock_release+0x532/0x770 [ 185.329413] ? __might_fault+0x102/0x1b0 [ 185.329875] ? lock_acquire+0x427/0x4c0 [ 185.330329] ? __pfx_iommufd_test+0x10/0x10 [ 185.330838] ? __pfx_lock_release+0x10/0x10 [ 185.331465] ? __pfx_lock_acquire+0x10/0x10 [ 185.331813] ? write_comp_data+0x2f/0x90 [ 185.332129] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.332500] ? write_comp_data+0x2f/0x90 [ 185.332817] iommufd_fops_ioctl+0x37d/0x510 [ 185.333147] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.333521] ? write_comp_data+0x2f/0x90 [ 185.333835] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.334204] __x64_sys_ioctl+0x1a3/0x230 [ 185.334550] do_syscall_64+0x3b/0x90 [ 185.334842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.335247] RIP: 0033:0x7f4b8743ee5d [ 185.335537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.336896] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.337465] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.337997] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.338550] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.339085] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.339626] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.340165] [ 185.340344] irq event stamp: 0 [ 185.340580] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.341123] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.341750] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.342376] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.342863] ---[ end trace 0000000000000000 ]--- [ 185.345529] ------------[ cut here ]------------ [ 185.345907] WARNING: CPU: 0 PID: 1761 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.346693] Modules linked in: [ 185.346941] CPU: 0 PID: 1761 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.347609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.348453] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.348833] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.350212] RSP: 0018:ffff88801806fbd0 EFLAGS: 00010246 [ 185.350633] RAX: 0000000000000000 RBX: ffff888010b7b0a8 RCX: 0000000000000000 [ 185.351179] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 185.351722] RBP: ffff88801806fbe8 R08: ffffed100216f633 R09: ffffed100216f633 [ 185.352258] R10: ffff888010b7b193 R11: ffffed100216f632 R12: ffff88800ae90800 [ 185.352795] R13: ffff888010b7b1e8 R14: ffff8880143e0000 R15: 0000000000000000 [ 185.353338] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.353951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.354391] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.354952] PKRU: 55555554 [ 185.355189] Call Trace: [ 185.355384] [ 185.355556] iommufd_access_destroy_object+0x65/0x170 [ 185.355951] iommufd_object_destroy_user+0x18e/0x220 [ 185.356343] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.356786] iommufd_access_destroy+0x43/0x70 [ 185.357137] iommufd_test_staccess_release+0x8d/0xd0 [ 185.357528] __fput+0x26d/0xa40 [ 185.357793] ____fput+0x1e/0x30 [ 185.358050] task_work_run+0x1a4/0x2d0 [ 185.358354] ? __pfx_task_work_run+0x10/0x10 [ 185.358715] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.359099] ? switch_task_namespaces+0xa9/0xe0 [ 185.359476] do_exit+0xb17/0x2ef0 [ 185.359744] ? lock_acquire+0x427/0x4c0 [ 185.360056] ? __pfx_lock_release+0x10/0x10 [ 185.360389] ? __kasan_check_write+0x18/0x20 [ 185.360727] ? do_raw_spin_lock+0x132/0x2a0 [ 185.361056] ? __pfx_do_exit+0x10/0x10 [ 185.361359] ? debug_smp_processor_id+0x20/0x30 [ 185.361714] ? rcu_is_watching+0x19/0xb0 [ 185.362028] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.362379] ? trace_hardirqs_on+0x26/0x120 [ 185.362734] do_group_exit+0xe0/0x2b0 [ 185.363027] __x64_sys_exit_group+0x47/0x50 [ 185.363365] do_syscall_64+0x3b/0x90 [ 185.363661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.364059] RIP: 0033:0x7f4b87518a4d [ 185.364340] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.364799] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.365368] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.365899] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.366431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.366988] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.367535] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.368081] [ 185.368261] irq event stamp: 0 [ 185.368501] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.368977] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.369605] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.370241] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.370743] ---[ end trace 0000000000000000 ]--- [ 185.371434] ------------[ cut here ]------------ [ 185.371790] WARNING: CPU: 0 PID: 1761 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.372560] Modules linked in: [ 185.372807] CPU: 0 PID: 1761 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.373522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.374371] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.374787] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.376173] RSP: 0018:ffff88801806fb78 EFLAGS: 00010246 [ 185.377001] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.377541] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 185.378071] RBP: ffff88801806fb98 R08: ffffed100216f63e R09: ffffed100216f63e [ 185.378777] R10: ffff888010b7b1ef R11: ffffed100216f63d R12: ffff888010b7b290 [ 185.379322] R13: ffff888010b7b0a8 R14: ffffffffffffffff R15: ffff88801806fc60 [ 185.379856] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.380587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.381023] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.381559] PKRU: 55555554 [ 185.381830] Call Trace: [ 185.382096] [ 185.382269] iommufd_ioas_destroy+0x53/0x70 [ 185.382624] iommufd_fops_release+0x1f7/0x370 [ 185.382974] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.383361] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.383738] ? write_comp_data+0x2f/0x90 [ 185.384114] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.384572] __fput+0x26d/0xa40 [ 185.384838] ____fput+0x1e/0x30 [ 185.385101] task_work_run+0x1a4/0x2d0 [ 185.385409] ? __pfx_task_work_run+0x10/0x10 [ 185.385749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.386240] ? switch_task_namespaces+0xa9/0xe0 [ 185.386625] do_exit+0xb17/0x2ef0 [ 185.386892] ? lock_acquire+0x427/0x4c0 [ 185.387224] ? __pfx_lock_release+0x10/0x10 [ 185.387561] ? __kasan_check_write+0x18/0x20 [ 185.387955] ? do_raw_spin_lock+0x132/0x2a0 [ 185.388367] ? __pfx_do_exit+0x10/0x10 [ 185.388678] ? debug_smp_processor_id+0x20/0x30 [ 185.389036] ? rcu_is_watching+0x19/0xb0 [ 185.389349] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.389827] ? trace_hardirqs_on+0x26/0x120 [ 185.390161] do_group_exit+0xe0/0x2b0 [ 185.390456] __x64_sys_exit_group+0x47/0x50 [ 185.390800] do_syscall_64+0x3b/0x90 [ 185.391097] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.391515] RIP: 0033:0x7f4b87518a4d [ 185.391953] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.392435] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.393020] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.393717] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.394271] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.394847] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.395440] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.396114] [ 185.396301] irq event stamp: 0 [ 185.396547] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.397042] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.397827] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.398487] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.399067] ---[ end trace 0000000000000000 ]--- [ 185.403840] ------------[ cut here ]------------ [ 185.404221] WARNING: CPU: 0 PID: 1762 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.405210] Modules linked in: [ 185.405460] CPU: 0 PID: 1762 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.406198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.407165] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.407554] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.408962] RSP: 0018:ffff8880140d7bb8 EFLAGS: 00010246 [ 185.409376] RAX: 0000000000000000 RBX: ffff888017a810a8 RCX: 0000000000000000 [ 185.409923] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 185.410480] RBP: ffff8880140d7bd0 R08: ffffed1002f50233 R09: ffffed1002f50233 [ 185.411057] R10: ffff888017a81193 R11: ffffed1002f50232 R12: ffff888012e97c00 [ 185.411625] R13: ffff888017a811e8 R14: ffffffff8352e670 R15: ffff8880140d7e68 [ 185.412191] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.412823] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.413280] CR2: 00007f4b877410e8 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 185.413841] PKRU: 55555554 [ 185.414067] Call Trace: [ 185.414271] [ 185.414453] __iommufd_access_detach+0x1c2/0x2b0 [ 185.414868] iommufd_access_change_pt+0x149/0x270 [ 185.415278] iommufd_access_replace+0xb4/0x120 [ 185.415652] iommufd_test+0x3e5/0x37e0 [ 185.415961] ? lock_release+0x532/0x770 [ 185.416295] ? __might_fault+0x102/0x1b0 [ 185.416632] ? lock_acquire+0x427/0x4c0 [ 185.416956] ? __pfx_iommufd_test+0x10/0x10 [ 185.417299] ? __pfx_lock_release+0x10/0x10 [ 185.417652] ? __pfx_lock_acquire+0x10/0x10 [ 185.418004] ? write_comp_data+0x2f/0x90 [ 185.418336] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.418746] ? write_comp_data+0x2f/0x90 [ 185.419081] iommufd_fops_ioctl+0x37d/0x510 [ 185.419436] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.419833] ? write_comp_data+0x2f/0x90 [ 185.420166] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.420554] __x64_sys_ioctl+0x1a3/0x230 [ 185.420885] do_syscall_64+0x3b/0x90 [ 185.421191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.421608] RIP: 0033:0x7f4b8743ee5d [ 185.421903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.423377] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.423979] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.424540] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.425105] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.425666] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.426225] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.426810] [ 185.426998] irq event stamp: 0 [ 185.427261] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.427768] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.428433] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.429093] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.429586] ---[ end trace 0000000000000000 ]--- [ 185.432556] ------------[ cut here ]------------ [ 185.433037] WARNING: CPU: 0 PID: 1762 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.433839] Modules linked in: [ 185.434095] CPU: 0 PID: 1762 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.435186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.436073] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.436474] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.438128] RSP: 0018:ffff8880140d7bd0 EFLAGS: 00010246 [ 185.438661] RAX: 0000000000000000 RBX: ffff888017a810a8 RCX: 0000000000000000 [ 185.439331] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 185.439915] RBP: ffff8880140d7be8 R08: ffffed1002f50233 R09: ffffed1002f50233 [ 185.440497] R10: ffff888017a81193 R11: ffffed1002f50232 R12: ffff888010e00000 [ 185.441234] R13: ffff888017a811e8 R14: ffff88801024fe00 R15: 0000000000000000 [ 185.441819] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.442538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.443093] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.443683] PKRU: 55555554 [ 185.443915] Call Trace: [ 185.444127] [ 185.444316] iommufd_access_destroy_object+0x65/0x170 [ 185.444899] iommufd_object_destroy_user+0x18e/0x220 [ 185.445325] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.445809] iommufd_access_destroy+0x43/0x70 [ 185.446189] iommufd_test_staccess_release+0x8d/0xd0 [ 185.446794] __fput+0x26d/0xa40 [ 185.447084] ____fput+0x1e/0x30 [ 185.447373] task_work_run+0x1a4/0x2d0 [ 185.447705] ? __pfx_task_work_run+0x10/0x10 [ 185.448078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.448647] ? switch_task_namespaces+0xa9/0xe0 [ 185.449047] do_exit+0xb17/0x2ef0 [ 185.449340] ? lock_acquire+0x427/0x4c0 [ 185.449681] ? __pfx_lock_release+0x10/0x10 [ 185.450097] ? __kasan_check_write+0x18/0x20 [ 185.450572] ? do_raw_spin_lock+0x132/0x2a0 [ 185.450932] ? __pfx_do_exit+0x10/0x10 [ 185.451268] ? debug_smp_processor_id+0x20/0x30 [ 185.451657] ? rcu_is_watching+0x19/0xb0 [ 185.452065] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.452531] ? trace_hardirqs_on+0x26/0x120 [ 185.452899] do_group_exit+0xe0/0x2b0 [ 185.453217] __x64_sys_exit_group+0x47/0x50 [ 185.453578] do_syscall_64+0x3b/0x90 [ 185.454076] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.454533] RIP: 0033:0x7f4b87518a4d [ 185.454845] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.455376] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.456171] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.456766] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.457358] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.458116] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.458723] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.459369] [ 185.459652] irq event stamp: 0 [ 185.459915] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.460437] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.461153] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.461943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.462462] ---[ end trace 0000000000000000 ]--- [ 185.464587] ------------[ cut here ]------------ [ 185.465203] WARNING: CPU: 0 PID: 1762 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.466075] Modules linked in: [ 185.466353] CPU: 0 PID: 1762 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.467298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.468259] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.468705] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.470343] RSP: 0018:ffff8880140d7b78 EFLAGS: 00010246 [ 185.470827] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.471443] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 185.472047] RBP: ffff8880140d7b98 R08: ffffed1002f5023e R09: ffffed1002f5023e [ 185.472652] R10: ffff888017a811ef R11: ffffed1002f5023d R12: ffff888017a81290 [ 185.473257] R13: ffff888017a810a8 R14: ffffffffffffffff R15: ffff8880140d7c60 [ 185.473864] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.474564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.475061] CR2: 00007f82e2b99008 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 185.475678] PKRU: 55555554 [ 185.475918] Call Trace: [ 185.476133] [ 185.476326] iommufd_ioas_destroy+0x53/0x70 [ 185.476697] iommufd_fops_release+0x1f7/0x370 [ 185.477084] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.477511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.477929] ? write_comp_data+0x2f/0x90 [ 185.478278] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.478724] __fput+0x26d/0xa40 [ 185.479016] ____fput+0x1e/0x30 [ 185.479312] task_work_run+0x1a4/0x2d0 [ 185.479652] ? __pfx_task_work_run+0x10/0x10 [ 185.480031] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.480463] ? switch_task_namespaces+0xa9/0xe0 [ 185.480867] do_exit+0xb17/0x2ef0 [ 185.481164] ? lock_acquire+0x427/0x4c0 [ 185.481511] ? __pfx_lock_release+0x10/0x10 [ 185.481880] ? __kasan_check_write+0x18/0x20 [ 185.482256] ? do_raw_spin_lock+0x132/0x2a0 [ 185.482645] ? __pfx_do_exit+0x10/0x10 [ 185.482987] ? debug_smp_processor_id+0x20/0x30 [ 185.483389] ? rcu_is_watching+0x19/0xb0 [ 185.483737] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.484126] ? trace_hardirqs_on+0x26/0x120 [ 185.484502] do_group_exit+0xe0/0x2b0 [ 185.484828] __x64_sys_exit_group+0x47/0x50 [ 185.485194] do_syscall_64+0x3b/0x90 [ 185.485523] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.485970] RIP: 0033:0x7f4b87518a4d [ 185.486283] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.486830] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.487496] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.488094] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.488691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.489286] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.489885] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.490490] [ 185.490712] irq event stamp: 0 [ 185.490979] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.491513] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.492214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.492912] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.493441] ---[ end trace 0000000000000000 ]--- [ 185.498064] ------------[ cut here ]------------ [ 185.498660] WARNING: CPU: 0 PID: 1763 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.499531] Modules linked in: [ 185.499802] CPU: 0 PID: 1763 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.500577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.501710] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.502126] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.503680] RSP: 0018:ffff88801806fbb8 EFLAGS: 00010246 [ 185.504134] RAX: 0000000000000000 RBX: ffff888011c9f0a8 RCX: 0000000000000000 [ 185.504731] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 185.505324] RBP: ffff88801806fbd0 R08: ffffed1002393e33 R09: ffffed1002393e33 [ 185.505915] R10: ffff888011c9f193 R11: ffffed1002393e32 R12: ffff888015c71000 [ 185.506528] R13: ffff888011c9f1e8 R14: ffffffff8352e670 R15: ffff88801806fe68 [ 185.507133] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.507802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.508291] CR2: 00007f4b877410e8 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 185.508891] PKRU: 55555554 [ 185.509131] Call Trace: [ 185.509346] [ 185.509537] __iommufd_access_detach+0x1c2/0x2b0 [ 185.509949] iommufd_access_change_pt+0x149/0x270 [ 185.510364] iommufd_access_replace+0xb4/0x120 [ 185.510782] iommufd_test+0x3e5/0x37e0 [ 185.511118] ? lock_release+0x532/0x770 [ 185.511469] ? __might_fault+0x102/0x1b0 [ 185.511821] ? lock_acquire+0x427/0x4c0 [ 185.512164] ? __pfx_iommufd_test+0x10/0x10 [ 185.512525] ? __pfx_lock_release+0x10/0x10 [ 185.512904] ? __pfx_lock_acquire+0x10/0x10 [ 185.513286] ? write_comp_data+0x2f/0x90 [ 185.513644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.514067] ? write_comp_data+0x2f/0x90 [ 185.514423] iommufd_fops_ioctl+0x37d/0x510 [ 185.514820] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.515258] ? write_comp_data+0x2f/0x90 [ 185.515613] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.516025] __x64_sys_ioctl+0x1a3/0x230 [ 185.516384] do_syscall_64+0x3b/0x90 [ 185.516713] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.517162] RIP: 0033:0x7f4b8743ee5d [ 185.517479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.519039] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.519720] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.520320] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.520916] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.521519] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.522114] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.522748] [ 185.522949] irq event stamp: 0 [ 185.523227] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.523759] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.524462] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.525165] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.525694] ---[ end trace 0000000000000000 ]--- [ 185.528957] ------------[ cut here ]------------ [ 185.529542] WARNING: CPU: 0 PID: 1763 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.530393] Modules linked in: [ 185.530749] CPU: 0 PID: 1763 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.531495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.532617] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.533111] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.534812] RSP: 0018:ffff88801806fbd0 EFLAGS: 00010246 [ 185.535279] RAX: 0000000000000000 RBX: ffff888011c9f0a8 RCX: 0000000000000000 [ 185.535874] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 185.536473] RBP: ffff88801806fbe8 R08: ffffed1002393e33 R09: ffffed1002393e33 [ 185.537127] R10: ffff888011c9f193 R11: ffffed1002393e32 R12: ffff888012e94c00 [ 185.537825] R13: ffff888011c9f1e8 R14: ffff88800f90b200 R15: 0000000000000000 [ 185.538427] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.539132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.539626] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.540395] PKRU: 55555554 [ 185.540638] Call Trace: [ 185.540854] [ 185.541047] iommufd_access_destroy_object+0x65/0x170 [ 185.541490] iommufd_object_destroy_user+0x18e/0x220 [ 185.541925] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.542499] iommufd_access_destroy+0x43/0x70 [ 185.542984] iommufd_test_staccess_release+0x8d/0xd0 [ 185.543432] __fput+0x26d/0xa40 [ 185.543734] ____fput+0x1e/0x30 [ 185.544029] task_work_run+0x1a4/0x2d0 [ 185.544372] ? __pfx_task_work_run+0x10/0x10 [ 185.544750] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.545239] ? switch_task_namespaces+0xa9/0xe0 [ 185.545759] do_exit+0xb17/0x2ef0 [ 185.546060] ? lock_acquire+0x427/0x4c0 [ 185.546411] ? __pfx_lock_release+0x10/0x10 [ 185.546815] ? __kasan_check_write+0x18/0x20 [ 185.547217] ? do_raw_spin_lock+0x132/0x2a0 [ 185.547590] ? __pfx_do_exit+0x10/0x10 [ 185.547930] ? debug_smp_processor_id+0x20/0x30 [ 185.548504] ? rcu_is_watching+0x19/0xb0 [ 185.548855] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.549241] ? trace_hardirqs_on+0x26/0x120 [ 185.549614] do_group_exit+0xe0/0x2b0 [ 185.549944] __x64_sys_exit_group+0x47/0x50 [ 185.550310] do_syscall_64+0x3b/0x90 [ 185.550732] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.551294] RIP: 0033:0x7f4b87518a4d [ 185.551613] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.552131] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.552769] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.553385] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.554130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.554759] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.555371] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.555980] [ 185.556238] irq event stamp: 0 [ 185.556620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.557156] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.557860] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.558593] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.559268] ---[ end trace 0000000000000000 ]--- [ 185.560026] ------------[ cut here ]------------ [ 185.560430] WARNING: CPU: 0 PID: 1763 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.561292] Modules linked in: [ 185.561601] CPU: 0 PID: 1763 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.562477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.563482] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.563925] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.565719] RSP: 0018:ffff88801806fb78 EFLAGS: 00010246 [ 185.566173] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.566790] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 185.567561] RBP: ffff88801806fb98 R08: ffffed1002393e3e R09: ffffed1002393e3e [ 185.568158] R10: ffff888011c9f1ef R11: ffffed1002393e3d R12: ffff888011c9f290 [ 185.568752] R13: ffff888011c9f0a8 R14: ffffffffffffffff R15: ffff88801806fc60 [ 185.569352] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.570183] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.570694] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.571317] PKRU: 55555554 [ 185.571560] Call Trace: [ 185.571780] [ 185.571971] iommufd_ioas_destroy+0x53/0x70 [ 185.572373] iommufd_fops_release+0x1f7/0x370 [ 185.572881] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.573309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.573728] ? write_comp_data+0x2f/0x90 [ 185.574082] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.574531] __fput+0x26d/0xa40 [ 185.574827] ____fput+0x1e/0x30 [ 185.575122] task_work_run+0x1a4/0x2d0 [ 185.575537] ? __pfx_task_work_run+0x10/0x10 [ 185.575978] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.576397] ? switch_task_namespaces+0xa9/0xe0 [ 185.576807] do_exit+0xb17/0x2ef0 [ 185.577103] ? lock_acquire+0x427/0x4c0 [ 185.577450] ? __pfx_lock_release+0x10/0x10 [ 185.577984] ? __kasan_check_write+0x18/0x20 [ 185.578363] ? do_raw_spin_lock+0x132/0x2a0 [ 185.578760] ? __pfx_do_exit+0x10/0x10 [ 185.579097] ? debug_smp_processor_id+0x20/0x30 [ 185.579504] ? rcu_is_watching+0x19/0xb0 [ 185.579853] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.580242] ? trace_hardirqs_on+0x26/0x120 [ 185.580688] do_group_exit+0xe0/0x2b0 [ 185.581113] __x64_sys_exit_group+0x47/0x50 [ 185.581479] do_syscall_64+0x3b/0x90 [ 185.581805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.582257] RIP: 0033:0x7f4b87518a4d [ 185.582613] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.583152] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.583970] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.584567] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.585167] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.585767] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.586567] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.587199] [ 185.587405] irq event stamp: 0 [ 185.587674] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.588203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.589075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.589788] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.590318] ---[ end trace 0000000000000000 ]--- [ 185.596786] ------------[ cut here ]------------ [ 185.597289] WARNING: CPU: 0 PID: 1764 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.598321] Modules linked in: [ 185.598677] CPU: 0 PID: 1764 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.599431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.600421] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.600950] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.602495] RSP: 0018:ffff88800ba27bb8 EFLAGS: 00010246 [ 185.602984] RAX: 0000000000000000 RBX: ffff8880166208a8 RCX: 0000000000000000 [ 185.603596] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 185.604195] RBP: ffff88800ba27bd0 R08: ffffed1002cc4133 R09: ffffed1002cc4133 [ 185.604797] R10: ffff888016620993 R11: ffffed1002cc4132 R12: ffff888018abb800 [ 185.605399] R13: ffff8880166209e8 R14: ffffffff8352e670 R15: ffff88800ba27e68 [ 185.606013] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.606729] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.607231] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 185.607834] PKRU: 55555554 [ 185.608078] Call Trace: [ 185.608294] [ 185.608486] __iommufd_access_detach+0x1c2/0x2b0 [ 185.608907] iommufd_access_change_pt+0x149/0x270 [ 185.609330] iommufd_access_replace+0xb4/0x120 [ 185.609728] iommufd_test+0x3e5/0x37e0 [ 185.610056] ? lock_release+0x532/0x770 [ 185.610401] ? __might_fault+0x102/0x1b0 [ 185.610781] ? lock_acquire+0x427/0x4c0 [ 185.611160] ? __pfx_iommufd_test+0x10/0x10 [ 185.611533] ? __pfx_lock_release+0x10/0x10 [ 185.611923] ? __pfx_lock_acquire+0x10/0x10 [ 185.612303] ? write_comp_data+0x2f/0x90 [ 185.612661] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.613087] ? write_comp_data+0x2f/0x90 [ 185.613445] iommufd_fops_ioctl+0x37d/0x510 [ 185.613816] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.614242] ? write_comp_data+0x2f/0x90 [ 185.614639] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.615058] __x64_sys_ioctl+0x1a3/0x230 [ 185.615430] do_syscall_64+0x3b/0x90 [ 185.615766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.616218] RIP: 0033:0x7f4b8743ee5d [ 185.616544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.618086] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.618771] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.619397] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.620004] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.620606] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.621206] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.621818] [ 185.622019] irq event stamp: 0 [ 185.622292] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.622859] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.623582] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.624289] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.624834] ---[ end trace 0000000000000000 ]--- [ 185.628048] ------------[ cut here ]------------ [ 185.628643] WARNING: CPU: 0 PID: 1764 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.629564] Modules linked in: [ 185.629838] CPU: 0 PID: 1764 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.630600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.631773] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.632227] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.633930] RSP: 0018:ffff88800ba27bd0 EFLAGS: 00010246 [ 185.634544] RAX: 0000000000000000 RBX: ffff8880166208a8 RCX: 0000000000000000 [ 185.635209] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 185.635846] RBP: ffff88800ba27be8 R08: ffffed1002cc4133 R09: ffffed1002cc4133 [ 185.636477] R10: ffff888016620993 R11: ffffed1002cc4132 R12: ffff888015c70400 [ 185.637323] R13: ffff8880166209e8 R14: ffff88802080ce00 R15: 0000000000000000 [ 185.637960] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.638710] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.639246] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.640070] PKRU: 55555554 [ 185.640326] Call Trace: [ 185.640554] [ 185.640756] iommufd_access_destroy_object+0x65/0x170 [ 185.641225] iommufd_object_destroy_user+0x18e/0x220 [ 185.641688] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.642299] iommufd_access_destroy+0x43/0x70 [ 185.642835] iommufd_test_staccess_release+0x8d/0xd0 [ 185.643323] __fput+0x26d/0xa40 [ 185.643636] ____fput+0x1e/0x30 [ 185.643948] task_work_run+0x1a4/0x2d0 [ 185.644315] ? __pfx_task_work_run+0x10/0x10 [ 185.644811] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.645393] ? switch_task_namespaces+0xa9/0xe0 [ 185.645838] do_exit+0xb17/0x2ef0 [ 185.646168] ? lock_acquire+0x427/0x4c0 [ 185.646621] ? __pfx_lock_release+0x10/0x10 [ 185.647214] ? __kasan_check_write+0x18/0x20 [ 185.647640] ? do_raw_spin_lock+0x132/0x2a0 [ 185.648060] ? __pfx_do_exit+0x10/0x10 [ 185.648449] ? debug_smp_processor_id+0x20/0x30 [ 185.648906] ? rcu_is_watching+0x19/0xb0 [ 185.649588] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.650039] ? trace_hardirqs_on+0x26/0x120 [ 185.650460] do_group_exit+0xe0/0x2b0 [ 185.650861] __x64_sys_exit_group+0x47/0x50 [ 185.651371] do_syscall_64+0x3b/0x90 [ 185.651884] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.652393] RIP: 0033:0x7f4b87518a4d [ 185.652747] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.653412] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.654271] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.654974] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.655985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.656732] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.657566] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.658492] [ 185.658769] irq event stamp: 0 [ 185.659099] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.659772] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.660627] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.661549] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.662196] ---[ end trace 0000000000000000 ]--- [ 185.663095] ------------[ cut here ]------------ [ 185.663604] WARNING: CPU: 0 PID: 1764 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.664649] Modules linked in: [ 185.664983] CPU: 0 PID: 1764 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.665873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.667065] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.667615] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.669471] RSP: 0018:ffff88800ba27b78 EFLAGS: 00010246 [ 185.670031] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.670792] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 185.671534] RBP: ffff88800ba27b98 R08: ffffed1002cc413e R09: ffffed1002cc413e [ 185.672256] R10: ffff8880166209ef R11: ffffed1002cc413d R12: ffff888016620a90 [ 185.672978] R13: ffff8880166208a8 R14: ffffffffffffffff R15: ffff88800ba27c60 [ 185.673705] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.674568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.675174] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.675905] PKRU: 55555554 [ 185.676201] Call Trace: [ 185.676462] [ 185.676695] iommufd_ioas_destroy+0x53/0x70 [ 185.677146] iommufd_fops_release+0x1f7/0x370 [ 185.677610] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.678119] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.678659] ? write_comp_data+0x2f/0x90 [ 185.679088] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.679614] __fput+0x26d/0xa40 [ 185.679970] ____fput+0x1e/0x30 [ 185.680317] task_work_run+0x1a4/0x2d0 [ 185.680726] ? __pfx_task_work_run+0x10/0x10 [ 185.681178] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.681673] ? switch_task_namespaces+0xa9/0xe0 [ 185.682153] do_exit+0xb17/0x2ef0 [ 185.682547] ? lock_acquire+0x427/0x4c0 [ 185.682971] ? __pfx_lock_release+0x10/0x10 [ 185.683432] ? __kasan_check_write+0x18/0x20 [ 185.683897] ? do_raw_spin_lock+0x132/0x2a0 [ 185.684344] ? __pfx_do_exit+0x10/0x10 [ 185.684755] ? debug_smp_processor_id+0x20/0x30 [ 185.685239] ? rcu_is_watching+0x19/0xb0 [ 185.685666] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.686145] ? trace_hardirqs_on+0x26/0x120 [ 185.686630] do_group_exit+0xe0/0x2b0 [ 185.687030] __x64_sys_exit_group+0x47/0x50 [ 185.687480] do_syscall_64+0x3b/0x90 [ 185.687869] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.688404] RIP: 0033:0x7f4b87518a4d [ 185.688796] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.689420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.690202] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.690954] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.691702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.692427] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.693203] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.693930] [ 185.694166] irq event stamp: 0 [ 185.694480] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.695154] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.696005] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.696851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.697498] ---[ end trace 0000000000000000 ]--- [ 185.702339] ------------[ cut here ]------------ [ 185.703081] WARNING: CPU: 0 PID: 1765 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.704089] Modules linked in: [ 185.704387] CPU: 0 PID: 1765 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.705200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.706253] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.706776] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.708494] RSP: 0018:ffff888015e7fbb8 EFLAGS: 00010246 [ 185.708991] RAX: 0000000000000000 RBX: ffff888015d2f8a8 RCX: 0000000000000000 [ 185.709652] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 185.710315] RBP: ffff888015e7fbd0 R08: ffffed1002ba5f33 R09: ffffed1002ba5f33 [ 185.711015] R10: ffff888015d2f993 R11: ffffed1002ba5f32 R12: ffff8880129cb000 [ 185.711695] R13: ffff888015d2f9e8 R14: ffffffff8352e670 R15: ffff888015e7fe68 [ 185.712367] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.713114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.713651] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 185.714323] PKRU: 55555554 [ 185.714611] Call Trace: [ 185.714852] [ 185.715066] __iommufd_access_detach+0x1c2/0x2b0 [ 185.715539] iommufd_access_change_pt+0x149/0x270 [ 185.716003] iommufd_access_replace+0xb4/0x120 [ 185.716444] iommufd_test+0x3e5/0x37e0 [ 185.716809] ? lock_release+0x532/0x770 [ 185.717196] ? __might_fault+0x102/0x1b0 [ 185.717587] ? lock_acquire+0x427/0x4c0 [ 185.717974] ? __pfx_iommufd_test+0x10/0x10 [ 185.718375] ? __pfx_lock_release+0x10/0x10 [ 185.718817] ? __pfx_lock_acquire+0x10/0x10 [ 185.719251] ? write_comp_data+0x2f/0x90 [ 185.719648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.720113] ? write_comp_data+0x2f/0x90 [ 185.720514] iommufd_fops_ioctl+0x37d/0x510 [ 185.720934] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.721405] ? write_comp_data+0x2f/0x90 [ 185.721805] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.722266] __x64_sys_ioctl+0x1a3/0x230 [ 185.722681] do_syscall_64+0x3b/0x90 [ 185.723043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.723563] RIP: 0033:0x7f4b8743ee5d [ 185.723914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.725696] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.726422] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.727133] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.727808] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.728476] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.729151] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.729835] [ 185.730058] irq event stamp: 0 [ 185.730359] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.730972] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.731766] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.732547] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.733138] ---[ end trace 0000000000000000 ]--- [ 185.736370] ------------[ cut here ]------------ [ 185.736841] WARNING: CPU: 0 PID: 1765 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.737814] Modules linked in: [ 185.738115] CPU: 0 PID: 1765 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.738957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.740022] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.740506] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.742194] RSP: 0018:ffff888015e7fbd0 EFLAGS: 00010246 [ 185.742723] RAX: 0000000000000000 RBX: ffff888015d2f8a8 RCX: 0000000000000000 [ 185.743402] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 185.744059] RBP: ffff888015e7fbe8 R08: ffffed1002ba5f33 R09: ffffed1002ba5f33 [ 185.744719] R10: ffff888015d2f993 R11: ffffed1002ba5f32 R12: ffff88801422f800 [ 185.745398] R13: ffff888015d2f9e8 R14: ffff888013cc1200 R15: 0000000000000000 [ 185.746061] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.746834] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.747403] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.748070] PKRU: 55555554 [ 185.748339] Call Trace: [ 185.748580] [ 185.748794] iommufd_access_destroy_object+0x65/0x170 [ 185.749286] iommufd_object_destroy_user+0x18e/0x220 [ 185.749765] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.750309] iommufd_access_destroy+0x43/0x70 [ 185.750768] iommufd_test_staccess_release+0x8d/0xd0 [ 185.751270] __fput+0x26d/0xa40 [ 185.751598] ____fput+0x1e/0x30 [ 185.751915] task_work_run+0x1a4/0x2d0 [ 185.752290] ? __pfx_task_work_run+0x10/0x10 [ 185.752703] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.753164] ? switch_task_namespaces+0xa9/0xe0 [ 185.753621] do_exit+0xb17/0x2ef0 [ 185.753952] ? lock_acquire+0x427/0x4c0 [ 185.754337] ? __pfx_lock_release+0x10/0x10 [ 185.754777] ? __kasan_check_write+0x18/0x20 [ 185.755210] ? do_raw_spin_lock+0x132/0x2a0 [ 185.755619] ? __pfx_do_exit+0x10/0x10 [ 185.755995] ? debug_smp_processor_id+0x20/0x30 [ 185.756430] ? rcu_is_watching+0x19/0xb0 [ 185.756810] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.757291] ? trace_hardirqs_on+0x26/0x120 [ 185.757700] do_group_exit+0xe0/0x2b0 [ 185.758056] __x64_sys_exit_group+0x47/0x50 [ 185.758463] do_syscall_64+0x3b/0x90 [ 185.758854] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.759357] RIP: 0033:0x7f4b87518a4d [ 185.759703] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.760275] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.760981] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.761640] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.762300] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.762990] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.763672] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.764345] [ 185.764570] irq event stamp: 0 [ 185.764863] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.765460] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.766233] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.767029] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.767628] ---[ end trace 0000000000000000 ]--- [ 185.768416] ------------[ cut here ]------------ [ 185.768934] WARNING: CPU: 0 PID: 1765 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.769883] Modules linked in: [ 185.770187] CPU: 0 PID: 1765 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.771028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.772103] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.772580] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.774247] RSP: 0018:ffff888015e7fb78 EFLAGS: 00010246 [ 185.774765] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.775435] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 185.776088] RBP: ffff888015e7fb98 R08: ffffed1002ba5f3e R09: ffffed1002ba5f3e [ 185.776746] R10: ffff888015d2f9ef R11: ffffed1002ba5f3d R12: ffff888015d2fa90 [ 185.777407] R13: ffff888015d2f8a8 R14: ffffffffffffffff R15: ffff888015e7fc60 [ 185.778069] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.778834] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.779387] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.780042] PKRU: 55555554 [ 185.780300] Call Trace: [ 185.780540] [ 185.780751] iommufd_ioas_destroy+0x53/0x70 [ 185.781162] iommufd_fops_release+0x1f7/0x370 [ 185.781582] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.782045] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.782500] ? write_comp_data+0x2f/0x90 [ 185.782912] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.783401] __fput+0x26d/0xa40 [ 185.783727] ____fput+0x1e/0x30 [ 185.784049] task_work_run+0x1a4/0x2d0 [ 185.784424] ? __pfx_task_work_run+0x10/0x10 [ 185.784848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.785310] ? switch_task_namespaces+0xa9/0xe0 [ 185.785756] do_exit+0xb17/0x2ef0 [ 185.786088] ? lock_acquire+0x427/0x4c0 [ 185.786479] ? __pfx_lock_release+0x10/0x10 [ 185.786935] ? __kasan_check_write+0x18/0x20 [ 185.787371] ? do_raw_spin_lock+0x132/0x2a0 [ 185.787781] ? __pfx_do_exit+0x10/0x10 [ 185.788155] ? debug_smp_processor_id+0x20/0x30 [ 185.788594] ? rcu_is_watching+0x19/0xb0 [ 185.789026] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.789455] ? trace_hardirqs_on+0x26/0x120 [ 185.789865] do_group_exit+0xe0/0x2b0 [ 185.790225] __x64_sys_exit_group+0x47/0x50 [ 185.790656] do_syscall_64+0x3b/0x90 [ 185.791027] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.791532] RIP: 0033:0x7f4b87518a4d [ 185.791883] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.792503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.793285] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.794016] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.794771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.795516] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.796256] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.796985] [ 185.797225] irq event stamp: 0 [ 185.797547] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.798192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.799093] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.799974] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.800618] ---[ end trace 0000000000000000 ]--- [ 185.805812] ------------[ cut here ]------------ [ 185.806355] WARNING: CPU: 0 PID: 1766 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.807464] Modules linked in: [ 185.807797] CPU: 0 PID: 1766 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.808686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.809818] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.810325] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.812439] RSP: 0018:ffff88801478fbb8 EFLAGS: 00010246 [ 185.813004] RAX: 0000000000000000 RBX: ffff888018b5f8a8 RCX: 0000000000000000 [ 185.813728] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 185.814456] RBP: ffff88801478fbd0 R08: ffffed100316bf33 R09: ffffed100316bf33 [ 185.815228] R10: ffff888018b5f993 R11: ffffed100316bf32 R12: ffff8880167ae400 [ 185.815970] R13: ffff888018b5f9e8 R14: ffffffff8352e670 R15: ffff88801478fe68 [ 185.816703] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.817532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.818119] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 185.818866] PKRU: 55555554 [ 185.819173] Call Trace: [ 185.819444] [ 185.819676] __iommufd_access_detach+0x1c2/0x2b0 [ 185.820173] iommufd_access_change_pt+0x149/0x270 [ 185.820683] iommufd_access_replace+0xb4/0x120 [ 185.821246] iommufd_test+0x3e5/0x37e0 [ 185.821639] ? lock_release+0x532/0x770 [ 185.822060] ? __might_fault+0x102/0x1b0 [ 185.822489] ? lock_acquire+0x427/0x4c0 [ 185.822951] ? __pfx_iommufd_test+0x10/0x10 [ 185.823415] ? __pfx_lock_release+0x10/0x10 [ 185.823865] ? __pfx_lock_acquire+0x10/0x10 [ 185.824315] ? write_comp_data+0x2f/0x90 [ 185.824745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.825246] ? write_comp_data+0x2f/0x90 [ 185.825684] iommufd_fops_ioctl+0x37d/0x510 [ 185.826143] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.826678] ? write_comp_data+0x2f/0x90 [ 185.827105] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.827620] __x64_sys_ioctl+0x1a3/0x230 [ 185.828051] do_syscall_64+0x3b/0x90 [ 185.828455] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.828990] RIP: 0033:0x7f4b8743ee5d [ 185.829374] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.831301] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.832106] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.832837] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.833565] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.834307] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.835079] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.835864] [ 185.836105] irq event stamp: 0 [ 185.836430] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.837081] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.837928] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.838798] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.839466] ---[ end trace 0000000000000000 ]--- [ 185.842643] ------------[ cut here ]------------ [ 185.843195] WARNING: CPU: 0 PID: 1766 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.844233] Modules linked in: [ 185.844563] CPU: 0 PID: 1766 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.845463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.846638] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.847157] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.849045] RSP: 0018:ffff88801478fbd0 EFLAGS: 00010246 [ 185.849604] RAX: 0000000000000000 RBX: ffff888018b5f8a8 RCX: 0000000000000000 [ 185.850338] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 185.851104] RBP: ffff88801478fbe8 R08: ffffed100316bf33 R09: ffffed100316bf33 [ 185.851868] R10: ffff888018b5f993 R11: ffffed100316bf32 R12: ffff8880129c9c00 [ 185.852592] R13: ffff888018b5f9e8 R14: ffff888012cf9100 R15: 0000000000000000 [ 185.853405] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.854231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.854851] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.855604] PKRU: 55555554 [ 185.855901] Call Trace: [ 185.856163] [ 185.856393] iommufd_access_destroy_object+0x65/0x170 [ 185.856930] iommufd_object_destroy_user+0x18e/0x220 [ 185.857458] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.858063] iommufd_access_destroy+0x43/0x70 [ 185.858564] iommufd_test_staccess_release+0x8d/0xd0 [ 185.859106] __fput+0x26d/0xa40 [ 185.859474] ____fput+0x1e/0x30 [ 185.859824] task_work_run+0x1a4/0x2d0 [ 185.860237] ? __pfx_task_work_run+0x10/0x10 [ 185.860700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.861213] ? switch_task_namespaces+0xa9/0xe0 [ 185.861711] do_exit+0xb17/0x2ef0 [ 185.862073] ? lock_acquire+0x427/0x4c0 [ 185.862497] ? __pfx_lock_release+0x10/0x10 [ 185.862981] ? __kasan_check_write+0x18/0x20 [ 185.863454] ? do_raw_spin_lock+0x132/0x2a0 [ 185.863903] ? __pfx_do_exit+0x10/0x10 [ 185.864316] ? debug_smp_processor_id+0x20/0x30 [ 185.864791] ? rcu_is_watching+0x19/0xb0 [ 185.865205] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.865677] ? trace_hardirqs_on+0x26/0x120 [ 185.866126] do_group_exit+0xe0/0x2b0 [ 185.866560] __x64_sys_exit_group+0x47/0x50 [ 185.867015] do_syscall_64+0x3b/0x90 [ 185.867450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.867992] RIP: 0033:0x7f4b87518a4d [ 185.868382] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.869012] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.869796] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.870562] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.871312] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.872040] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.872771] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.873509] [ 185.873749] irq event stamp: 0 [ 185.874070] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.874742] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.875608] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.876463] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.877117] ---[ end trace 0000000000000000 ]--- [ 185.877978] ------------[ cut here ]------------ [ 185.878465] WARNING: CPU: 0 PID: 1766 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.879574] Modules linked in: [ 185.879926] CPU: 0 PID: 1766 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.880832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.882010] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 185.882584] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 185.884503] RSP: 0018:ffff88801478fb78 EFLAGS: 00010246 [ 185.885131] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 185.885878] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 185.886642] RBP: ffff88801478fb98 R08: ffffed100316bf3e R09: ffffed100316bf3e [ 185.887394] R10: ffff888018b5f9ef R11: ffffed100316bf3d R12: ffff888018b5fa90 [ 185.888141] R13: ffff888018b5f8a8 R14: ffffffffffffffff R15: ffff88801478fc60 [ 185.888887] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.889721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.890324] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.891105] PKRU: 55555554 [ 185.891430] Call Trace: [ 185.891706] [ 185.891946] iommufd_ioas_destroy+0x53/0x70 [ 185.892414] iommufd_fops_release+0x1f7/0x370 [ 185.892892] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.893422] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.894144] ? write_comp_data+0x2f/0x90 [ 185.894814] ? __pfx_iommufd_fops_release+0x10/0x10 [ 185.895354] __fput+0x26d/0xa40 [ 185.895712] ____fput+0x1e/0x30 [ 185.896066] task_work_run+0x1a4/0x2d0 [ 185.896478] ? __pfx_task_work_run+0x10/0x10 [ 185.896949] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.897565] ? switch_task_namespaces+0xa9/0xe0 [ 185.898194] do_exit+0xb17/0x2ef0 [ 185.898590] ? lock_acquire+0x427/0x4c0 [ 185.899017] ? __pfx_lock_release+0x10/0x10 [ 185.899511] ? __kasan_check_write+0x18/0x20 [ 185.899984] ? do_raw_spin_lock+0x132/0x2a0 [ 185.900433] ? __pfx_do_exit+0x10/0x10 [ 185.900849] ? debug_smp_processor_id+0x20/0x30 [ 185.901350] ? rcu_is_watching+0x19/0xb0 [ 185.901927] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.902598] ? trace_hardirqs_on+0x26/0x120 [ 185.903063] do_group_exit+0xe0/0x2b0 [ 185.903477] __x64_sys_exit_group+0x47/0x50 [ 185.903928] do_syscall_64+0x3b/0x90 [ 185.904323] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.904876] RIP: 0033:0x7f4b87518a4d [ 185.905265] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.906168] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.907005] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.907778] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.908521] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.909264] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.910038] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.911048] [ 185.911478] irq event stamp: 0 [ 185.911812] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.912474] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.913348] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.914218] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.914927] ---[ end trace 0000000000000000 ]--- [ 185.919745] ------------[ cut here ]------------ [ 185.920305] WARNING: CPU: 0 PID: 1767 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.921517] Modules linked in: [ 185.921998] CPU: 0 PID: 1767 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.923145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.924321] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.924847] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.926768] RSP: 0018:ffff888015e7fbb8 EFLAGS: 00010246 [ 185.927343] RAX: 0000000000000000 RBX: ffff88800fb130a8 RCX: 0000000000000000 [ 185.928082] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 185.928828] RBP: ffff888015e7fbd0 R08: ffffed1001f62633 R09: ffffed1001f62633 [ 185.929564] R10: ffff88800fb13193 R11: ffffed1001f62632 R12: ffff888012b44000 [ 185.930295] R13: ffff88800fb131e8 R14: ffffffff8352e670 R15: ffff888015e7fe68 [ 185.931057] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.931904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.932522] CR2: 00007f4b877410e8 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 185.933267] PKRU: 55555554 [ 185.933566] Call Trace: [ 185.933829] [ 185.934064] __iommufd_access_detach+0x1c2/0x2b0 [ 185.934607] iommufd_access_change_pt+0x149/0x270 [ 185.935143] iommufd_access_replace+0xb4/0x120 [ 185.935636] iommufd_test+0x3e5/0x37e0 [ 185.936049] ? lock_release+0x532/0x770 [ 185.936476] ? __might_fault+0x102/0x1b0 [ 185.936912] ? lock_acquire+0x427/0x4c0 [ 185.937334] ? __pfx_iommufd_test+0x10/0x10 [ 185.937783] ? __pfx_lock_release+0x10/0x10 [ 185.938238] ? __pfx_lock_acquire+0x10/0x10 [ 185.938728] ? write_comp_data+0x2f/0x90 [ 185.939179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.939690] ? write_comp_data+0x2f/0x90 [ 185.940126] iommufd_fops_ioctl+0x37d/0x510 [ 185.940584] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.941099] ? write_comp_data+0x2f/0x90 [ 185.941539] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 185.942049] __x64_sys_ioctl+0x1a3/0x230 [ 185.942490] do_syscall_64+0x3b/0x90 [ 185.942946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.943516] RIP: 0033:0x7f4b8743ee5d [ 185.943906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 185.945801] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 185.946634] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 185.947384] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 185.948118] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 185.948865] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 185.949698] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 185.950447] [ 185.950716] irq event stamp: 0 [ 185.951044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.951708] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.952573] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.953439] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.954101] ---[ end trace 0000000000000000 ]--- [ 185.957555] ------------[ cut here ]------------ [ 185.958049] WARNING: CPU: 0 PID: 1767 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 185.959164] Modules linked in: [ 185.959495] CPU: 0 PID: 1767 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.960516] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 185.962007] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 185.962824] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 185.964710] RSP: 0018:ffff888015e7fbd0 EFLAGS: 00010246 [ 185.965262] RAX: 0000000000000000 RBX: ffff88800fb130a8 RCX: 0000000000000000 [ 185.966065] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 185.967136] RBP: ffff888015e7fbe8 R08: ffffed1001f62633 R09: ffffed1001f62633 [ 185.967871] R10: ffff88800fb13193 R11: ffffed1001f62632 R12: ffff8880167ac800 [ 185.968592] R13: ffff88800fb131e8 R14: ffff888013d63c00 R15: 0000000000000000 [ 185.969311] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 185.970124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 185.970750] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 185.971709] PKRU: 55555554 [ 185.972133] Call Trace: [ 185.972568] [ 185.972804] iommufd_access_destroy_object+0x65/0x170 [ 185.973341] iommufd_object_destroy_user+0x18e/0x220 [ 185.973883] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 185.974484] iommufd_access_destroy+0x43/0x70 [ 185.974994] iommufd_test_staccess_release+0x8d/0xd0 [ 185.975538] __fput+0x26d/0xa40 [ 185.975896] ____fput+0x1e/0x30 [ 185.976241] task_work_run+0x1a4/0x2d0 [ 185.976667] ? __pfx_task_work_run+0x10/0x10 [ 185.977294] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 185.977954] ? switch_task_namespaces+0xa9/0xe0 [ 185.978443] do_exit+0xb17/0x2ef0 [ 185.978846] ? lock_acquire+0x427/0x4c0 [ 185.979281] ? __pfx_lock_release+0x10/0x10 [ 185.979727] ? __kasan_check_write+0x18/0x20 [ 185.980175] ? do_raw_spin_lock+0x132/0x2a0 [ 185.980619] ? __pfx_do_exit+0x10/0x10 [ 185.981260] ? debug_smp_processor_id+0x20/0x30 [ 185.981897] ? rcu_is_watching+0x19/0xb0 [ 185.982325] ? _raw_spin_unlock_irq+0x2b/0x60 [ 185.982820] ? trace_hardirqs_on+0x26/0x120 [ 185.983286] do_group_exit+0xe0/0x2b0 [ 185.983686] __x64_sys_exit_group+0x47/0x50 [ 185.984132] do_syscall_64+0x3b/0x90 [ 185.984528] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 185.985197] RIP: 0033:0x7f4b87518a4d [ 185.985703] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 185.986489] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 185.987312] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 185.988041] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 185.988721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 185.989492] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 185.990337] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 185.991034] [ 185.991266] irq event stamp: 0 [ 185.991559] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 185.992152] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 185.992988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 185.993962] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 185.994576] ---[ end trace 0000000000000000 ]--- [ 185.996674] ------------[ cut here ]------------ [ 185.997300] WARNING: CPU: 0 PID: 1767 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 185.998257] Modules linked in: [ 185.998608] CPU: 0 PID: 1767 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 185.999440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.000679] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 186.001305] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 186.003009] RSP: 0018:ffff888015e7fb78 EFLAGS: 00010246 [ 186.003534] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 186.004278] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 186.005116] RBP: ffff888015e7fb98 R08: ffffed1001f6263e R09: ffffed1001f6263e [ 186.005889] R10: ffff88800fb131ef R11: ffffed1001f6263d R12: ffff88800fb13290 [ 186.006589] R13: ffff88800fb130a8 R14: ffffffffffffffff R15: ffff888015e7fc60 [ 186.007271] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 186.008028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.008667] CR2: 00007f82e2bca000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 186.009478] PKRU: 55555554 [ 186.009747] Call Trace: [ 186.009986] [ 186.010199] iommufd_ioas_destroy+0x53/0x70 [ 186.010635] iommufd_fops_release+0x1f7/0x370 [ 186.011066] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.011522] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.011997] ? write_comp_data+0x2f/0x90 [ 186.012673] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.013209] __fput+0x26d/0xa40 [ 186.013548] ____fput+0x1e/0x30 [ 186.013873] task_work_run+0x1a4/0x2d0 [ 186.014258] ? __pfx_task_work_run+0x10/0x10 [ 186.014933] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.015422] ? switch_task_namespaces+0xa9/0xe0 [ 186.015883] do_exit+0xb17/0x2ef0 [ 186.016222] ? lock_acquire+0x427/0x4c0 [ 186.016613] ? __pfx_lock_release+0x10/0x10 [ 186.017032] ? __kasan_check_write+0x18/0x20 [ 186.017462] ? do_raw_spin_lock+0x132/0x2a0 [ 186.017880] ? __pfx_do_exit+0x10/0x10 [ 186.018270] ? debug_smp_processor_id+0x20/0x30 [ 186.018747] ? rcu_is_watching+0x19/0xb0 [ 186.019145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.019584] ? trace_hardirqs_on+0x26/0x120 [ 186.020002] do_group_exit+0xe0/0x2b0 [ 186.020369] __x64_sys_exit_group+0x47/0x50 [ 186.020773] do_syscall_64+0x3b/0x90 [ 186.021129] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.021630] RIP: 0033:0x7f4b87518a4d [ 186.021987] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.022611] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.023346] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.024025] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.024706] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.025370] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.026035] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.026756] [ 186.026986] irq event stamp: 0 [ 186.027313] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.027903] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.028692] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.029481] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.030081] ---[ end trace 0000000000000000 ]--- [ 186.038085] ------------[ cut here ]------------ [ 186.038848] WARNING: CPU: 1 PID: 1768 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.040401] Modules linked in: [ 186.040818] CPU: 1 PID: 1768 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.042239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.043751] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.044548] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.047165] RSP: 0018:ffff888018297bb8 EFLAGS: 00010246 [ 186.047859] RAX: 0000000000000000 RBX: ffff88800a7810a8 RCX: 0000000000000000 [ 186.048980] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 186.049907] RBP: ffff888018297bd0 R08: ffffed10014f0233 R09: ffffed10014f0233 [ 186.051109] R10: ffff88800a781193 R11: ffffed10014f0232 R12: ffff888014582400 [ 186.052073] R13: ffff88800a7811e8 R14: ffffffff8352e670 R15: ffff888018297e68 [ 186.053080] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.054266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.055065] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 186.056232] PKRU: 55555554 [ 186.056612] Call Trace: [ 186.056958] [ 186.057266] __iommufd_access_detach+0x1c2/0x2b0 [ 186.058033] iommufd_access_change_pt+0x149/0x270 [ 186.058804] iommufd_access_replace+0xb4/0x120 [ 186.059460] iommufd_test+0x3e5/0x37e0 [ 186.059991] ? lock_release+0x532/0x770 [ 186.060717] ? __might_fault+0x102/0x1b0 [ 186.061272] ? lock_acquire+0x427/0x4c0 [ 186.061815] ? __pfx_iommufd_test+0x10/0x10 [ 186.062414] ? __pfx_lock_release+0x10/0x10 [ 186.063181] ? __pfx_lock_acquire+0x10/0x10 [ 186.063781] ? write_comp_data+0x2f/0x90 [ 186.064342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.065112] ? write_comp_data+0x2f/0x90 [ 186.065794] iommufd_fops_ioctl+0x37d/0x510 [ 186.066378] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.067091] ? write_comp_data+0x2f/0x90 [ 186.067672] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.068351] __x64_sys_ioctl+0x1a3/0x230 [ 186.069084] do_syscall_64+0x3b/0x90 [ 186.069602] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.070304] RIP: 0033:0x7f4b8743ee5d [ 186.070861] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 186.073524] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 186.074728] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 186.075682] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 186.076845] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 186.077790] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 186.078989] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 186.079966] [ 186.080283] irq event stamp: 0 [ 186.080704] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.081775] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.082927] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.084158] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.085092] ---[ end trace 0000000000000000 ]--- [ 186.090318] ------------[ cut here ]------------ [ 186.091146] WARNING: CPU: 1 PID: 1768 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.092615] Modules linked in: [ 186.093047] CPU: 1 PID: 1768 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.094416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.096066] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.096874] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.099606] RSP: 0018:ffff888018297bd0 EFLAGS: 00010246 [ 186.100326] RAX: 0000000000000000 RBX: ffff88800a7810a8 RCX: 0000000000000000 [ 186.101376] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 186.102414] RBP: ffff888018297be8 R08: ffffed10014f0233 R09: ffffed10014f0233 [ 186.103435] R10: ffff88800a781193 R11: ffffed10014f0232 R12: ffff88801432bc00 [ 186.104542] R13: ffff88800a7811e8 R14: ffff8880179cf300 R15: 0000000000000000 [ 186.105453] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.106630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.107512] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 186.108459] PKRU: 55555554 [ 186.108836] Call Trace: [ 186.109186] [ 186.109547] iommufd_access_destroy_object+0x65/0x170 [ 186.110377] iommufd_object_destroy_user+0x18e/0x220 [ 186.111112] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 186.111914] iommufd_access_destroy+0x43/0x70 [ 186.112781] iommufd_test_staccess_release+0x8d/0xd0 [ 186.113471] __fput+0x26d/0xa40 [ 186.113940] ____fput+0x1e/0x30 [ 186.114403] task_work_run+0x1a4/0x2d0 [ 186.115236] ? __pfx_task_work_run+0x10/0x10 [ 186.115839] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.116501] ? switch_task_namespaces+0xa9/0xe0 [ 186.117141] do_exit+0xb17/0x2ef0 [ 186.117814] ? lock_acquire+0x427/0x4c0 [ 186.118369] ? __pfx_lock_release+0x10/0x10 [ 186.119029] ? __kasan_check_write+0x18/0x20 [ 186.119648] ? do_raw_spin_lock+0x132/0x2a0 [ 186.120331] ? __pfx_do_exit+0x10/0x10 [ 186.120993] ? debug_smp_processor_id+0x20/0x30 [ 186.121622] ? rcu_is_watching+0x19/0xb0 [ 186.122173] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.123030] ? trace_hardirqs_on+0x26/0x120 [ 186.123652] do_group_exit+0xe0/0x2b0 [ 186.124180] __x64_sys_exit_group+0x47/0x50 [ 186.124753] do_syscall_64+0x3b/0x90 [ 186.125373] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.126215] RIP: 0033:0x7f4b87518a4d [ 186.126768] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.127609] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.128834] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.129768] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.130950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.131906] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.132846] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.134010] [ 186.134327] irq event stamp: 0 [ 186.134796] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.135649] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.136980] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.138082] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.139218] ---[ end trace 0000000000000000 ]--- [ 186.140579] ------------[ cut here ]------------ [ 186.141260] WARNING: CPU: 1 PID: 1768 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 186.142828] Modules linked in: [ 186.143285] CPU: 1 PID: 1768 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.144669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.146144] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 186.147102] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 186.149742] RSP: 0018:ffff888018297b78 EFLAGS: 00010246 [ 186.150451] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 186.151455] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 186.152599] RBP: ffff888018297b98 R08: ffffed10014f023e R09: ffffed10014f023e [ 186.153541] R10: ffff88800a7811ef R11: ffffed10014f023d R12: ffff88800a781290 [ 186.154735] R13: ffff88800a7810a8 R14: ffffffffffffffff R15: ffff888018297c60 [ 186.155696] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.156772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.157759] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 186.158756] PKRU: 55555554 [ 186.159160] Call Trace: [ 186.159510] [ 186.159822] iommufd_ioas_destroy+0x53/0x70 [ 186.160677] iommufd_fops_release+0x1f7/0x370 [ 186.161280] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.161959] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.162677] ? write_comp_data+0x2f/0x90 [ 186.163259] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.163927] __fput+0x26d/0xa40 [ 186.164391] ____fput+0x1e/0x30 [ 186.164845] task_work_run+0x1a4/0x2d0 [ 186.165379] ? __pfx_task_work_run+0x10/0x10 [ 186.165971] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.166663] ? switch_task_namespaces+0xa9/0xe0 [ 186.167320] do_exit+0xb17/0x2ef0 [ 186.167787] ? lock_acquire+0x427/0x4c0 [ 186.168333] ? __pfx_lock_release+0x10/0x10 [ 186.168917] ? __kasan_check_write+0x18/0x20 [ 186.169511] ? do_raw_spin_lock+0x132/0x2a0 [ 186.170087] ? __pfx_do_exit+0x10/0x10 [ 186.170666] ? debug_smp_processor_id+0x20/0x30 [ 186.171307] ? rcu_is_watching+0x19/0xb0 [ 186.171856] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.172464] ? trace_hardirqs_on+0x26/0x120 [ 186.173050] do_group_exit+0xe0/0x2b0 [ 186.173563] __x64_sys_exit_group+0x47/0x50 [ 186.174135] do_syscall_64+0x3b/0x90 [ 186.174690] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.175412] RIP: 0033:0x7f4b87518a4d [ 186.175905] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.176713] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.177710] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.178714] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.179665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.180602] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.181536] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.182484] [ 186.182856] irq event stamp: 0 [ 186.183295] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.184133] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.185225] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.186313] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.187196] ---[ end trace 0000000000000000 ]--- [ 186.195242] ------------[ cut here ]------------ [ 186.195905] WARNING: CPU: 1 PID: 1769 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.197227] Modules linked in: [ 186.197656] CPU: 1 PID: 1769 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.198908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.200394] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.201348] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.203245] RSP: 0018:ffff888017a97bb8 EFLAGS: 00010246 [ 186.203753] RAX: 0000000000000000 RBX: ffff888011d9d0a8 RCX: 0000000000000000 [ 186.204419] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 186.205163] RBP: ffff888017a97bd0 R08: ffffed10023b3a33 R09: ffffed10023b3a33 [ 186.205828] R10: ffff888011d9d193 R11: ffffed10023b3a32 R12: ffff88800a726400 [ 186.206490] R13: ffff888011d9d1e8 R14: ffffffff8352e670 R15: ffff888017a97e68 [ 186.207191] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.207954] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.208499] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 186.209171] PKRU: 55555554 [ 186.209443] Call Trace: [ 186.209689] [ 186.209904] __iommufd_access_detach+0x1c2/0x2b0 [ 186.210372] iommufd_access_change_pt+0x149/0x270 [ 186.210858] iommufd_access_replace+0xb4/0x120 [ 186.211319] iommufd_test+0x3e5/0x37e0 [ 186.211690] ? lock_release+0x532/0x770 [ 186.212078] ? __might_fault+0x102/0x1b0 [ 186.212470] ? lock_acquire+0x427/0x4c0 [ 186.212856] ? __pfx_iommufd_test+0x10/0x10 [ 186.213265] ? __pfx_lock_release+0x10/0x10 [ 186.213677] ? __pfx_lock_acquire+0x10/0x10 [ 186.214099] ? write_comp_data+0x2f/0x90 [ 186.214492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.214974] ? write_comp_data+0x2f/0x90 [ 186.215402] iommufd_fops_ioctl+0x37d/0x510 [ 186.215821] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.216292] ? write_comp_data+0x2f/0x90 [ 186.216696] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.217155] __x64_sys_ioctl+0x1a3/0x230 [ 186.217551] do_syscall_64+0x3b/0x90 [ 186.217920] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.218416] RIP: 0033:0x7f4b8743ee5d [ 186.218797] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 186.220530] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 186.221246] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 186.221916] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 186.222631] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 186.223325] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 186.223998] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 186.224689] [ 186.224914] irq event stamp: 0 [ 186.225212] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.225819] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.226634] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.227445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.228043] ---[ end trace 0000000000000000 ]--- [ 186.231205] ------------[ cut here ]------------ [ 186.231694] WARNING: CPU: 1 PID: 1769 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.232648] Modules linked in: [ 186.232959] CPU: 1 PID: 1769 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.233768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.234855] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.235344] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.237137] RSP: 0018:ffff888017a97bd0 EFLAGS: 00010246 [ 186.237644] RAX: 0000000000000000 RBX: ffff888011d9d0a8 RCX: 0000000000000000 [ 186.238315] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 186.239015] RBP: ffff888017a97be8 R08: ffffed10023b3a33 R09: ffffed10023b3a33 [ 186.239704] R10: ffff888011d9d193 R11: ffffed10023b3a32 R12: ffff888014580800 [ 186.240378] R13: ffff888011d9d1e8 R14: ffff8880149b9100 R15: 0000000000000000 [ 186.241049] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.241812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.242356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 186.243055] PKRU: 55555554 [ 186.243337] Call Trace: [ 186.243587] [ 186.243805] iommufd_access_destroy_object+0x65/0x170 [ 186.244302] iommufd_object_destroy_user+0x18e/0x220 [ 186.244792] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 186.245355] iommufd_access_destroy+0x43/0x70 [ 186.245790] iommufd_test_staccess_release+0x8d/0xd0 [ 186.246279] __fput+0x26d/0xa40 [ 186.246635] ____fput+0x1e/0x30 [ 186.246958] task_work_run+0x1a4/0x2d0 [ 186.247357] ? __pfx_task_work_run+0x10/0x10 [ 186.247782] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.248251] ? switch_task_namespaces+0xa9/0xe0 [ 186.248715] do_exit+0xb17/0x2ef0 [ 186.249052] ? lock_acquire+0x427/0x4c0 [ 186.249441] ? __pfx_lock_release+0x10/0x10 [ 186.249867] ? __kasan_check_write+0x18/0x20 [ 186.250293] ? do_raw_spin_lock+0x132/0x2a0 [ 186.250731] ? __pfx_do_exit+0x10/0x10 [ 186.251135] ? debug_smp_processor_id+0x20/0x30 [ 186.251587] ? rcu_is_watching+0x19/0xb0 [ 186.251977] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.252416] ? trace_hardirqs_on+0x26/0x120 [ 186.252839] do_group_exit+0xe0/0x2b0 [ 186.253206] __x64_sys_exit_group+0x47/0x50 [ 186.253614] do_syscall_64+0x3b/0x90 [ 186.253984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.254489] RIP: 0033:0x7f4b87518a4d [ 186.254880] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.255477] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.256190] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.256868] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.257539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.258217] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.258921] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.259615] [ 186.259839] irq event stamp: 0 [ 186.260142] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.260743] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.261540] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.262336] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.262969] ---[ end trace 0000000000000000 ]--- [ 186.263800] ------------[ cut here ]------------ [ 186.264244] WARNING: CPU: 1 PID: 1769 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 186.265203] Modules linked in: [ 186.265511] CPU: 1 PID: 1769 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.266339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.267442] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 186.267944] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 186.269723] RSP: 0018:ffff888017a97b78 EFLAGS: 00010246 [ 186.270222] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 186.270907] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 186.271589] RBP: ffff888017a97b98 R08: ffffed10023b3a3e R09: ffffed10023b3a3e [ 186.272260] R10: ffff888011d9d1ef R11: ffffed10023b3a3d R12: ffff888011d9d290 [ 186.272931] R13: ffff888011d9d0a8 R14: ffffffffffffffff R15: ffff888017a97c60 [ 186.273605] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.274352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.274913] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 186.275601] PKRU: 55555554 [ 186.275868] Call Trace: [ 186.276109] [ 186.276325] iommufd_ioas_destroy+0x53/0x70 [ 186.276738] iommufd_fops_release+0x1f7/0x370 [ 186.277169] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.277647] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.278119] ? write_comp_data+0x2f/0x90 [ 186.278539] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.279034] __fput+0x26d/0xa40 [ 186.279377] ____fput+0x1e/0x30 [ 186.279701] task_work_run+0x1a4/0x2d0 [ 186.280079] ? __pfx_task_work_run+0x10/0x10 [ 186.280500] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.280966] ? switch_task_namespaces+0xa9/0xe0 [ 186.281425] do_exit+0xb17/0x2ef0 [ 186.281759] ? lock_acquire+0x427/0x4c0 [ 186.282153] ? __pfx_lock_release+0x10/0x10 [ 186.282594] ? __kasan_check_write+0x18/0x20 [ 186.283023] ? do_raw_spin_lock+0x132/0x2a0 [ 186.283189] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 186.283461] ? __pfx_do_exit+0x10/0x10 [ 186.286074] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 186.286399] ? debug_smp_processor_id+0x20/0x30 [ 186.288635] ? rcu_is_watching+0x19/0xb0 [ 186.289022] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.289470] ? trace_hardirqs_on+0x26/0x120 [ 186.289884] do_group_exit+0xe0/0x2b0 [ 186.290245] __x64_sys_exit_group+0x47/0x50 [ 186.290670] do_syscall_64+0x3b/0x90 [ 186.291042] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.291656] RIP: 0033:0x7f4b87518a4d [ 186.292015] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.292600] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.293317] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.293992] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.294678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.295345] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.296021] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.296696] [ 186.296920] irq event stamp: 0 [ 186.297218] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.297812] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.298632] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.299462] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.300072] ---[ end trace 0000000000000000 ]--- [ 186.304268] ------------[ cut here ]------------ [ 186.304777] WARNING: CPU: 1 PID: 1770 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.305722] Modules linked in: [ 186.306024] CPU: 1 PID: 1770 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.306888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.307970] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.308444] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.310164] RSP: 0018:ffff888018297bb8 EFLAGS: 00010246 [ 186.310706] RAX: 0000000000000000 RBX: ffff888015d2b8a8 RCX: 0000000000000000 [ 186.311392] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 186.312065] RBP: ffff888018297bd0 R08: ffffed1002ba5733 R09: ffffed1002ba5733 [ 186.312738] R10: ffff888015d2b993 R11: ffffed1002ba5732 R12: ffff888012e90c00 [ 186.313431] R13: ffff888015d2b9e8 R14: ffffffff8352e670 R15: ffff888018297e68 [ 186.314097] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.314880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.315461] CR2: 00007f4b877410e8 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 186.316145] PKRU: 55555554 [ 186.316421] Call Trace: [ 186.316663] [ 186.316881] __iommufd_access_detach+0x1c2/0x2b0 [ 186.317344] iommufd_access_change_pt+0x149/0x270 [ 186.317812] iommufd_access_replace+0xb4/0x120 [ 186.318259] iommufd_test+0x3e5/0x37e0 [ 186.318655] ? lock_release+0x532/0x770 [ 186.319050] ? __might_fault+0x102/0x1b0 [ 186.319470] ? lock_acquire+0x427/0x4c0 [ 186.319862] ? __pfx_iommufd_test+0x10/0x10 [ 186.320283] ? __pfx_lock_release+0x10/0x10 [ 186.320720] ? __pfx_lock_acquire+0x10/0x10 [ 186.321360] ? write_comp_data+0x2f/0x90 [ 186.321762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.322235] ? write_comp_data+0x2f/0x90 [ 186.322661] iommufd_fops_ioctl+0x37d/0x510 [ 186.323081] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.323563] ? write_comp_data+0x2f/0x90 [ 186.323961] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.324432] __x64_sys_ioctl+0x1a3/0x230 [ 186.325008] do_syscall_64+0x3b/0x90 [ 186.325403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.325943] RIP: 0033:0x7f4b8743ee5d [ 186.326333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 186.328331] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 186.329251] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 186.329978] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 186.330738] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 186.331478] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 186.332202] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 186.333023] [ 186.333266] irq event stamp: 0 [ 186.333587] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.334233] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.335151] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.336018] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.336673] ---[ end trace 0000000000000000 ]--- [ 186.340323] ------------[ cut here ]------------ [ 186.340876] WARNING: CPU: 1 PID: 1770 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.342035] Modules linked in: [ 186.342482] CPU: 1 PID: 1770 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.343491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.344651] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.345169] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.347056] RSP: 0018:ffff888018297bd0 EFLAGS: 00010246 [ 186.347647] RAX: 0000000000000000 RBX: ffff888015d2b8a8 RCX: 0000000000000000 [ 186.348382] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 186.349117] RBP: ffff888018297be8 R08: ffffed1002ba5733 R09: ffffed1002ba5733 [ 186.349850] R10: ffff888015d2b993 R11: ffffed1002ba5732 R12: ffff88800a727c00 [ 186.350619] R13: ffff888015d2b9e8 R14: ffff88802080ca00 R15: 0000000000000000 [ 186.351383] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.352222] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.352961] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 186.353846] PKRU: 55555554 [ 186.354151] Call Trace: [ 186.354414] [ 186.354684] iommufd_access_destroy_object+0x65/0x170 [ 186.355228] iommufd_object_destroy_user+0x18e/0x220 [ 186.355850] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 186.356620] iommufd_access_destroy+0x43/0x70 [ 186.357100] iommufd_test_staccess_release+0x8d/0xd0 [ 186.357634] __fput+0x26d/0xa40 [ 186.357994] ____fput+0x1e/0x30 [ 186.358463] task_work_run+0x1a4/0x2d0 [ 186.359036] ? __pfx_task_work_run+0x10/0x10 [ 186.359517] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.360030] ? switch_task_namespaces+0xa9/0xe0 [ 186.360533] do_exit+0xb17/0x2ef0 [ 186.360960] ? lock_acquire+0x427/0x4c0 [ 186.361567] ? __pfx_lock_release+0x10/0x10 [ 186.362023] ? __kasan_check_write+0x18/0x20 [ 186.362480] ? do_raw_spin_lock+0x132/0x2a0 [ 186.362956] ? __pfx_do_exit+0x10/0x10 [ 186.363391] ? debug_smp_processor_id+0x20/0x30 [ 186.363993] ? rcu_is_watching+0x19/0xb0 [ 186.364571] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.365130] ? trace_hardirqs_on+0x26/0x120 [ 186.365582] do_group_exit+0xe0/0x2b0 [ 186.365980] __x64_sys_exit_group+0x47/0x50 [ 186.366554] do_syscall_64+0x3b/0x90 [ 186.367001] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.367563] RIP: 0033:0x7f4b87518a4d [ 186.367958] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.368594] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.369602] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.370345] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.371127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.371973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.372844] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.373584] [ 186.373829] irq event stamp: 0 [ 186.374193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.375052] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.375935] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.376838] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.377675] ---[ end trace 0000000000000000 ]--- [ 186.378788] ------------[ cut here ]------------ [ 186.379328] WARNING: CPU: 1 PID: 1770 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 186.380645] Modules linked in: [ 186.380987] CPU: 1 PID: 1770 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.381895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.383506] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 186.384057] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 186.386192] RSP: 0018:ffff888018297b78 EFLAGS: 00010246 [ 186.386771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 186.387531] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 186.388466] RBP: ffff888018297b98 R08: ffffed1002ba573e R09: ffffed1002ba573e [ 186.389220] R10: ffff888015d2b9ef R11: ffffed1002ba573d R12: ffff888015d2ba90 [ 186.389977] R13: ffff888015d2b8a8 R14: ffffffffffffffff R15: ffff888018297c60 [ 186.390952] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.391811] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.392415] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 186.393242] PKRU: 55555554 [ 186.393669] Call Trace: [ 186.393941] [ 186.394181] iommufd_ioas_destroy+0x53/0x70 [ 186.394669] iommufd_fops_release+0x1f7/0x370 [ 186.395166] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.395693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.396416] ? write_comp_data+0x2f/0x90 [ 186.396858] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.397466] __fput+0x26d/0xa40 [ 186.397830] ____fput+0x1e/0x30 [ 186.398188] task_work_run+0x1a4/0x2d0 [ 186.398826] ? __pfx_task_work_run+0x10/0x10 [ 186.399318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.399841] ? switch_task_namespaces+0xa9/0xe0 [ 186.400360] do_exit+0xb17/0x2ef0 [ 186.400737] ? lock_acquire+0x427/0x4c0 [ 186.401212] ? __pfx_lock_release+0x10/0x10 [ 186.401818] ? __kasan_check_write+0x18/0x20 [ 186.402296] ? do_raw_spin_lock+0x132/0x2a0 [ 186.402790] ? __pfx_do_exit+0x10/0x10 [ 186.403243] ? debug_smp_processor_id+0x20/0x30 [ 186.403738] ? rcu_is_watching+0x19/0xb0 [ 186.404287] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.404888] ? trace_hardirqs_on+0x26/0x120 [ 186.405354] do_group_exit+0xe0/0x2b0 [ 186.405757] __x64_sys_exit_group+0x47/0x50 [ 186.406212] do_syscall_64+0x3b/0x90 [ 186.406754] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.407427] RIP: 0033:0x7f4b87518a4d [ 186.407821] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.408468] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.409300] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.410232] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.411017] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.411790] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.412751] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.413501] [ 186.413753] irq event stamp: 0 [ 186.414085] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.414958] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.415859] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.416726] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.417496] ---[ end trace 0000000000000000 ]--- [ 186.422582] ------------[ cut here ]------------ [ 186.423161] WARNING: CPU: 1 PID: 1772 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.424277] Modules linked in: [ 186.424737] CPU: 1 PID: 1772 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.425638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.427040] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.427584] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.429805] RSP: 0018:ffff888017a97bb8 EFLAGS: 00010246 [ 186.430370] RAX: 0000000000000000 RBX: ffff8880135250a8 RCX: 0000000000000000 [ 186.431185] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 186.431968] RBP: ffff888017a97bd0 R08: ffffed10026a4a33 R09: ffffed10026a4a33 [ 186.432863] R10: ffff888013525193 R11: ffffed10026a4a32 R12: ffff88801422f400 [ 186.433611] R13: ffff8880135251e8 R14: ffffffff8352e670 R15: ffff888017a97e68 [ 186.434425] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.435402] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.436009] CR2: 00007f4b877410e8 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 186.436746] PKRU: 55555554 [ 186.437139] Call Trace: [ 186.437503] [ 186.437739] __iommufd_access_detach+0x1c2/0x2b0 [ 186.438249] iommufd_access_change_pt+0x149/0x270 [ 186.438793] iommufd_access_replace+0xb4/0x120 [ 186.439297] iommufd_test+0x3e5/0x37e0 [ 186.439836] ? lock_release+0x532/0x770 [ 186.440343] ? __might_fault+0x102/0x1b0 [ 186.440785] ? lock_acquire+0x427/0x4c0 [ 186.441216] ? __pfx_iommufd_test+0x10/0x10 [ 186.441669] ? __pfx_lock_release+0x10/0x10 [ 186.442328] ? __pfx_lock_acquire+0x10/0x10 [ 186.442825] ? write_comp_data+0x2f/0x90 [ 186.443298] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.443822] ? write_comp_data+0x2f/0x90 [ 186.444264] iommufd_fops_ioctl+0x37d/0x510 [ 186.444850] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.445478] ? write_comp_data+0x2f/0x90 [ 186.445924] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.446436] __x64_sys_ioctl+0x1a3/0x230 [ 186.446971] do_syscall_64+0x3b/0x90 [ 186.447389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.447944] RIP: 0033:0x7f4b8743ee5d [ 186.448332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 186.450234] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 186.451060] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 186.451816] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 186.452560] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 186.453293] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 186.454029] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 186.454801] [ 186.455049] irq event stamp: 0 [ 186.455398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.456047] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.456914] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.457781] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.458447] ---[ end trace 0000000000000000 ]--- [ 186.461860] ------------[ cut here ]------------ [ 186.462402] WARNING: CPU: 1 PID: 1772 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.463539] Modules linked in: [ 186.463879] CPU: 1 PID: 1772 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.464784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.465937] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.466454] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.468435] RSP: 0018:ffff888017a97bd0 EFLAGS: 00010246 [ 186.468997] RAX: 0000000000000000 RBX: ffff8880135250a8 RCX: 0000000000000000 [ 186.469730] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 186.470466] RBP: ffff888017a97be8 R08: ffffed10026a4a33 R09: ffffed10026a4a33 [ 186.471240] R10: ffff888013525193 R11: ffffed10026a4a32 R12: ffff888012e91400 [ 186.471987] R13: ffff8880135251e8 R14: ffff888012132200 R15: 0000000000000000 [ 186.472721] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.473545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.474146] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 186.474898] PKRU: 55555554 [ 186.475224] Call Trace: [ 186.475489] [ 186.475720] iommufd_access_destroy_object+0x65/0x170 [ 186.476252] iommufd_object_destroy_user+0x18e/0x220 [ 186.476775] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 186.477370] iommufd_access_destroy+0x43/0x70 [ 186.477840] iommufd_test_staccess_release+0x8d/0xd0 [ 186.478369] __fput+0x26d/0xa40 [ 186.478749] ____fput+0x1e/0x30 [ 186.479099] task_work_run+0x1a4/0x2d0 [ 186.479519] ? __pfx_task_work_run+0x10/0x10 [ 186.479976] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.480487] ? switch_task_namespaces+0xa9/0xe0 [ 186.480982] do_exit+0xb17/0x2ef0 [ 186.481342] ? lock_acquire+0x427/0x4c0 [ 186.481767] ? __pfx_lock_release+0x10/0x10 [ 186.482223] ? __kasan_check_write+0x18/0x20 [ 186.482706] ? do_raw_spin_lock+0x132/0x2a0 [ 186.483173] ? __pfx_do_exit+0x10/0x10 [ 186.483589] ? debug_smp_processor_id+0x20/0x30 [ 186.484068] ? rcu_is_watching+0x19/0xb0 [ 186.484489] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.484962] ? trace_hardirqs_on+0x26/0x120 [ 186.485418] do_group_exit+0xe0/0x2b0 [ 186.485812] __x64_sys_exit_group+0x47/0x50 [ 186.486260] do_syscall_64+0x3b/0x90 [ 186.486674] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.487239] RIP: 0033:0x7f4b87518a4d [ 186.487624] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.488252] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.489028] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.489759] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.490489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.491267] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.491993] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.492726] [ 186.493029] irq event stamp: 0 [ 186.493352] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.493994] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.494835] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.495632] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.496220] ---[ end trace 0000000000000000 ]--- [ 186.497037] ------------[ cut here ]------------ [ 186.497486] WARNING: CPU: 1 PID: 1772 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 186.498442] Modules linked in: [ 186.498770] CPU: 1 PID: 1772 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.499607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.500689] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 186.501177] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 186.502909] RSP: 0018:ffff888017a97b78 EFLAGS: 00010246 [ 186.503434] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 186.504093] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 186.504757] RBP: ffff888017a97b98 R08: ffffed10026a4a3e R09: ffffed10026a4a3e [ 186.505428] R10: ffff8880135251ef R11: ffffed10026a4a3d R12: ffff888013525290 [ 186.506088] R13: ffff8880135250a8 R14: ffffffffffffffff R15: ffff888017a97c60 [ 186.506781] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.507567] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.508110] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 186.508781] PKRU: 55555554 [ 186.509052] Call Trace: [ 186.509295] [ 186.509507] iommufd_ioas_destroy+0x53/0x70 [ 186.509929] iommufd_fops_release+0x1f7/0x370 [ 186.510370] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.510878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.511374] ? write_comp_data+0x2f/0x90 [ 186.511778] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.512253] __fput+0x26d/0xa40 [ 186.512587] ____fput+0x1e/0x30 [ 186.512916] task_work_run+0x1a4/0x2d0 [ 186.513303] ? __pfx_task_work_run+0x10/0x10 [ 186.513727] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.514193] ? switch_task_namespaces+0xa9/0xe0 [ 186.514671] do_exit+0xb17/0x2ef0 [ 186.515005] ? lock_acquire+0x427/0x4c0 [ 186.515407] ? __pfx_lock_release+0x10/0x10 [ 186.515814] ? __kasan_check_write+0x18/0x20 [ 186.516225] ? do_raw_spin_lock+0x132/0x2a0 [ 186.516637] ? __pfx_do_exit+0x10/0x10 [ 186.517019] ? debug_smp_processor_id+0x20/0x30 [ 186.517460] ? rcu_is_watching+0x19/0xb0 [ 186.517845] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.518280] ? trace_hardirqs_on+0x26/0x120 [ 186.518723] do_group_exit+0xe0/0x2b0 [ 186.519092] __x64_sys_exit_group+0x47/0x50 [ 186.519510] do_syscall_64+0x3b/0x90 [ 186.519864] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.520353] RIP: 0033:0x7f4b87518a4d [ 186.520696] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.521254] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.521953] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.522627] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.523290] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.523934] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.524589] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.525304] [ 186.525518] irq event stamp: 0 [ 186.525802] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.526374] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.527167] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.527938] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.528527] ---[ end trace 0000000000000000 ]--- [ 186.534840] ------------[ cut here ]------------ [ 186.535473] WARNING: CPU: 1 PID: 1773 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.536644] Modules linked in: [ 186.537017] CPU: 1 PID: 1773 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.538015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.539400] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.539996] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.542334] RSP: 0018:ffff888016347bb8 EFLAGS: 00010246 [ 186.542998] RAX: 0000000000000000 RBX: ffff88800fb478a8 RCX: 0000000000000000 [ 186.543976] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 186.544888] RBP: ffff888016347bd0 R08: ffffed1001f68f33 R09: ffffed1001f68f33 [ 186.545722] R10: ffff88800fb47993 R11: ffffed1001f68f32 R12: ffff888014241c00 [ 186.546764] R13: ffff88800fb479e8 R14: ffffffff8352e670 R15: ffff888016347e68 [ 186.547785] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.548940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.549658] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 186.550611] PKRU: 55555554 [ 186.551171] Call Trace: [ 186.551507] [ 186.551803] __iommufd_access_detach+0x1c2/0x2b0 [ 186.552427] iommufd_access_change_pt+0x149/0x270 [ 186.553105] iommufd_access_replace+0xb4/0x120 [ 186.553866] iommufd_test+0x3e5/0x37e0 [ 186.554383] ? lock_release+0x532/0x770 [ 186.554988] ? __might_fault+0x102/0x1b0 [ 186.555566] ? lock_acquire+0x427/0x4c0 [ 186.556236] ? __pfx_iommufd_test+0x10/0x10 [ 186.556791] ? __pfx_lock_release+0x10/0x10 [ 186.557373] ? __pfx_lock_acquire+0x10/0x10 [ 186.558013] ? write_comp_data+0x2f/0x90 [ 186.558705] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.559391] ? write_comp_data+0x2f/0x90 [ 186.559932] iommufd_fops_ioctl+0x37d/0x510 [ 186.560591] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.561323] ? write_comp_data+0x2f/0x90 [ 186.561867] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.562489] __x64_sys_ioctl+0x1a3/0x230 [ 186.563204] do_syscall_64+0x3b/0x90 [ 186.563879] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.564638] RIP: 0033:0x7f4b8743ee5d [ 186.565137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 186.567698] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 186.568743] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 186.569778] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 186.570753] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 186.571937] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 186.572873] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 186.574012] [ 186.574339] irq event stamp: 0 [ 186.574809] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.575676] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.576977] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.578067] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.579153] ---[ end trace 0000000000000000 ]--- [ 186.584449] ------------[ cut here ]------------ [ 186.585119] WARNING: CPU: 1 PID: 1773 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.586756] Modules linked in: [ 186.587220] CPU: 1 PID: 1773 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.588369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.590058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.590894] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.593302] RSP: 0018:ffff888016347bd0 EFLAGS: 00010246 [ 186.594000] RAX: 0000000000000000 RBX: ffff88800fb478a8 RCX: 0000000000000000 [ 186.594978] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 186.595933] RBP: ffff888016347be8 R08: ffffed1001f68f33 R09: ffffed1001f68f33 [ 186.596872] R10: ffff88800fb47993 R11: ffffed1001f68f32 R12: ffff88801422c000 [ 186.597814] R13: ffff88800fb479e8 R14: ffff888015bb8c00 R15: 0000000000000000 [ 186.598796] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.599868] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.600639] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 186.601579] PKRU: 55555554 [ 186.601966] Call Trace: [ 186.602317] [ 186.602683] iommufd_access_destroy_object+0x65/0x170 [ 186.603405] iommufd_object_destroy_user+0x18e/0x220 [ 186.604096] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 186.604885] iommufd_access_destroy+0x43/0x70 [ 186.605506] iommufd_test_staccess_release+0x8d/0xd0 [ 186.606196] __fput+0x26d/0xa40 [ 186.606716] ____fput+0x1e/0x30 [ 186.607223] task_work_run+0x1a4/0x2d0 [ 186.607772] ? __pfx_task_work_run+0x10/0x10 [ 186.608380] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.609061] ? switch_task_namespaces+0xa9/0xe0 [ 186.609727] do_exit+0xb17/0x2ef0 [ 186.610212] ? lock_acquire+0x427/0x4c0 [ 186.610818] ? __pfx_lock_release+0x10/0x10 [ 186.611441] ? __kasan_check_write+0x18/0x20 [ 186.612061] ? do_raw_spin_lock+0x132/0x2a0 [ 186.612660] ? __pfx_do_exit+0x10/0x10 [ 186.613213] ? debug_smp_processor_id+0x20/0x30 [ 186.613857] ? rcu_is_watching+0x19/0xb0 [ 186.614416] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.615085] ? trace_hardirqs_on+0x26/0x120 [ 186.615737] do_group_exit+0xe0/0x2b0 [ 186.616259] __x64_sys_exit_group+0x47/0x50 [ 186.616832] do_syscall_64+0x3b/0x90 [ 186.617342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.618061] RIP: 0033:0x7f4b87518a4d [ 186.618617] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.619469] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.620511] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.621481] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.622443] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.623440] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.624415] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.625401] [ 186.625726] irq event stamp: 0 [ 186.626160] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.627030] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.628176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.629300] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.630125] ---[ end trace 0000000000000000 ]--- [ 186.631719] ------------[ cut here ]------------ [ 186.632389] WARNING: CPU: 1 PID: 1773 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 186.633733] Modules linked in: [ 186.634179] CPU: 1 PID: 1773 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.635434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.636980] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 186.637701] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 186.640207] RSP: 0018:ffff888016347b78 EFLAGS: 00010246 [ 186.640946] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 186.641914] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 186.642924] RBP: ffff888016347b98 R08: ffffed1001f68f3e R09: ffffed1001f68f3e [ 186.643941] R10: ffff88800fb479ef R11: ffffed1001f68f3d R12: ffff88800fb47a90 [ 186.644910] R13: ffff88800fb478a8 R14: ffffffffffffffff R15: ffff888016347c60 [ 186.645850] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.646936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.647737] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 186.648699] PKRU: 55555554 [ 186.649086] Call Trace: [ 186.649435] [ 186.649739] iommufd_ioas_destroy+0x53/0x70 [ 186.650323] iommufd_fops_release+0x1f7/0x370 [ 186.650965] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.651672] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.652332] ? write_comp_data+0x2f/0x90 [ 186.652882] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.653545] __fput+0x26d/0xa40 [ 186.654007] ____fput+0x1e/0x30 [ 186.654459] task_work_run+0x1a4/0x2d0 [ 186.655020] ? __pfx_task_work_run+0x10/0x10 [ 186.655665] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.656208] ? switch_task_namespaces+0xa9/0xe0 [ 186.656703] do_exit+0xb17/0x2ef0 [ 186.657158] ? lock_acquire+0x427/0x4c0 [ 186.657606] ? __pfx_lock_release+0x10/0x10 [ 186.658050] ? __kasan_check_write+0x18/0x20 [ 186.658596] ? do_raw_spin_lock+0x132/0x2a0 [ 186.659039] ? __pfx_do_exit+0x10/0x10 [ 186.659482] ? debug_smp_processor_id+0x20/0x30 [ 186.659968] ? rcu_is_watching+0x19/0xb0 [ 186.660385] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.660899] ? trace_hardirqs_on+0x26/0x120 [ 186.661349] do_group_exit+0xe0/0x2b0 [ 186.661803] __x64_sys_exit_group+0x47/0x50 [ 186.662355] do_syscall_64+0x3b/0x90 [ 186.662909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.663620] RIP: 0033:0x7f4b87518a4d [ 186.664116] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.664922] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.665934] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.666943] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.667926] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.668849] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.669778] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.670789] [ 186.671141] irq event stamp: 0 [ 186.671737] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.672602] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.673737] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.674916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.675813] ---[ end trace 0000000000000000 ]--- [ 186.683179] ------------[ cut here ]------------ [ 186.683904] WARNING: CPU: 1 PID: 1774 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.685304] Modules linked in: [ 186.685763] CPU: 1 PID: 1774 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.686993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.688536] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.689070] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.691080] RSP: 0018:ffff888016c8fbb8 EFLAGS: 00010246 [ 186.691675] RAX: 0000000000000000 RBX: ffff888015c808a8 RCX: 0000000000000000 [ 186.692426] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 186.693184] RBP: ffff888016c8fbd0 R08: ffffed1002b90133 R09: ffffed1002b90133 [ 186.693944] R10: ffff888015c80993 R11: ffffed1002b90132 R12: ffff888010c09c00 [ 186.694735] R13: ffff888015c809e8 R14: ffffffff8352e670 R15: ffff888016c8fe68 [ 186.695498] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.696337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.696965] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 186.697737] PKRU: 55555554 [ 186.698044] Call Trace: [ 186.698325] [ 186.698602] __iommufd_access_detach+0x1c2/0x2b0 [ 186.699141] iommufd_access_change_pt+0x149/0x270 [ 186.699675] iommufd_access_replace+0xb4/0x120 [ 186.700188] iommufd_test+0x3e5/0x37e0 [ 186.700618] ? lock_release+0x532/0x770 [ 186.701060] ? __might_fault+0x102/0x1b0 [ 186.701506] ? lock_acquire+0x427/0x4c0 [ 186.701946] ? __pfx_iommufd_test+0x10/0x10 [ 186.702406] ? __pfx_lock_release+0x10/0x10 [ 186.702913] ? __pfx_lock_acquire+0x10/0x10 [ 186.703409] ? write_comp_data+0x2f/0x90 [ 186.703867] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.704403] ? write_comp_data+0x2f/0x90 [ 186.704867] iommufd_fops_ioctl+0x37d/0x510 [ 186.705348] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.705886] ? write_comp_data+0x2f/0x90 [ 186.706345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.706906] __x64_sys_ioctl+0x1a3/0x230 [ 186.707386] do_syscall_64+0x3b/0x90 [ 186.707814] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.708382] RIP: 0033:0x7f4b8743ee5d [ 186.708791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 186.710766] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 186.711599] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 186.712353] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 186.713110] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 186.713859] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 186.714632] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 186.715413] [ 186.715664] irq event stamp: 0 [ 186.716002] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.716681] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.717567] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.718459] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.719195] ---[ end trace 0000000000000000 ]--- [ 186.722603] ------------[ cut here ]------------ [ 186.723176] WARNING: CPU: 1 PID: 1774 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.724247] Modules linked in: [ 186.724594] CPU: 1 PID: 1774 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.725526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.726758] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.727319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.729251] RSP: 0018:ffff888016c8fbd0 EFLAGS: 00010246 [ 186.729818] RAX: 0000000000000000 RBX: ffff888015c808a8 RCX: 0000000000000000 [ 186.730610] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 186.731385] RBP: ffff888016c8fbe8 R08: ffffed1002b90133 R09: ffffed1002b90133 [ 186.732141] R10: ffff888015c80993 R11: ffffed1002b90132 R12: ffff888014240c00 [ 186.732904] R13: ffff888015c809e8 R14: ffff888020edbd00 R15: 0000000000000000 [ 186.733677] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.734568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.735208] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 186.735976] PKRU: 55555554 [ 186.736281] Call Trace: [ 186.736561] [ 186.736806] iommufd_access_destroy_object+0x65/0x170 [ 186.737366] iommufd_object_destroy_user+0x18e/0x220 [ 186.737925] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 186.738586] iommufd_access_destroy+0x43/0x70 [ 186.739084] iommufd_test_staccess_release+0x8d/0xd0 [ 186.739669] __fput+0x26d/0xa40 [ 186.740047] ____fput+0x1e/0x30 [ 186.740426] task_work_run+0x1a4/0x2d0 [ 186.740867] ? __pfx_task_work_run+0x10/0x10 [ 186.741349] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.741879] ? switch_task_namespaces+0xa9/0xe0 [ 186.742385] do_exit+0xb17/0x2ef0 [ 186.742797] ? lock_acquire+0x427/0x4c0 [ 186.743245] ? __pfx_lock_release+0x10/0x10 [ 186.743716] ? __kasan_check_write+0x18/0x20 [ 186.744200] ? do_raw_spin_lock+0x132/0x2a0 [ 186.744663] ? __pfx_do_exit+0x10/0x10 [ 186.745098] ? debug_smp_processor_id+0x20/0x30 [ 186.745604] ? rcu_is_watching+0x19/0xb0 [ 186.746041] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.746574] ? trace_hardirqs_on+0x26/0x120 [ 186.747051] do_group_exit+0xe0/0x2b0 [ 186.747482] __x64_sys_exit_group+0x47/0x50 [ 186.747943] do_syscall_64+0x3b/0x90 [ 186.748355] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.748930] RIP: 0033:0x7f4b87518a4d [ 186.749337] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.750003] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.750849] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.751620] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.752386] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.753162] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.753913] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.754719] [ 186.754976] irq event stamp: 0 [ 186.755336] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.756020] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.756920] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.757817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.758496] ---[ end trace 0000000000000000 ]--- [ 186.759473] ------------[ cut here ]------------ [ 186.759979] WARNING: CPU: 1 PID: 1774 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 186.761072] Modules linked in: [ 186.761419] CPU: 1 PID: 1774 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.762344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.763573] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 186.764141] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 186.766086] RSP: 0018:ffff888016c8fb78 EFLAGS: 00010246 [ 186.766695] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 186.767478] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 186.768247] RBP: ffff888016c8fb98 R08: ffffed1002b9013e R09: ffffed1002b9013e [ 186.769033] R10: ffff888015c809ef R11: ffffed1002b9013d R12: ffff888015c80a90 [ 186.769803] R13: ffff888015c808a8 R14: ffffffffffffffff R15: ffff888016c8fc60 [ 186.770610] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.771497] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.772118] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 186.772880] PKRU: 55555554 [ 186.773184] Call Trace: [ 186.773463] [ 186.773711] iommufd_ioas_destroy+0x53/0x70 [ 186.774196] iommufd_fops_release+0x1f7/0x370 [ 186.774724] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.775287] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.775829] ? write_comp_data+0x2f/0x90 [ 186.776279] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.776835] __fput+0x26d/0xa40 [ 186.777199] ____fput+0x1e/0x30 [ 186.777563] task_work_run+0x1a4/0x2d0 [ 186.777995] ? __pfx_task_work_run+0x10/0x10 [ 186.778474] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.779037] ? switch_task_namespaces+0xa9/0xe0 [ 186.779557] do_exit+0xb17/0x2ef0 [ 186.779927] ? lock_acquire+0x427/0x4c0 [ 186.780360] ? __pfx_lock_release+0x10/0x10 [ 186.780826] ? __kasan_check_write+0x18/0x20 [ 186.781295] ? do_raw_spin_lock+0x132/0x2a0 [ 186.781766] ? __pfx_do_exit+0x10/0x10 [ 186.782196] ? debug_smp_processor_id+0x20/0x30 [ 186.782729] ? rcu_is_watching+0x19/0xb0 [ 186.783193] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.783688] ? trace_hardirqs_on+0x26/0x120 [ 186.784155] do_group_exit+0xe0/0x2b0 [ 186.784568] __x64_sys_exit_group+0x47/0x50 [ 186.785039] do_syscall_64+0x3b/0x90 [ 186.785454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.786013] RIP: 0033:0x7f4b87518a4d [ 186.786408] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.787098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.787934] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.788699] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.789459] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.790208] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.791002] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.791793] [ 186.792045] irq event stamp: 0 [ 186.792388] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.793066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.793960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.794884] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.795587] ---[ end trace 0000000000000000 ]--- [ 186.800453] ------------[ cut here ]------------ [ 186.801002] WARNING: CPU: 1 PID: 1775 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.802064] Modules linked in: [ 186.802404] CPU: 1 PID: 1775 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.803993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.805194] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.805725] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.807714] RSP: 0018:ffff888017a97bb8 EFLAGS: 00010246 [ 186.808740] RAX: 0000000000000000 RBX: ffff88800b8150a8 RCX: 0000000000000000 [ 186.809502] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 186.810252] RBP: ffff888017a97bd0 R08: ffffed1001702a33 R09: ffffed1001702a33 [ 186.811046] R10: ffff88800b815193 R11: ffffed1001702a32 R12: ffff8880129c5000 [ 186.811823] R13: ffff88800b8151e8 R14: ffffffff8352e670 R15: ffff888017a97e68 [ 186.812709] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.813890] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.814545] CR2: 00007f4b877410e8 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 186.815332] PKRU: 55555554 [ 186.815643] Call Trace: [ 186.815925] [ 186.816178] __iommufd_access_detach+0x1c2/0x2b0 [ 186.816710] iommufd_access_change_pt+0x149/0x270 [ 186.817271] iommufd_access_replace+0xb4/0x120 [ 186.818001] iommufd_test+0x3e5/0x37e0 [ 186.818427] ? lock_release+0x532/0x770 [ 186.818918] ? __might_fault+0x102/0x1b0 [ 186.819373] ? lock_acquire+0x427/0x4c0 [ 186.819808] ? __pfx_iommufd_test+0x10/0x10 [ 186.820272] ? __pfx_lock_release+0x10/0x10 [ 186.820743] ? __pfx_lock_acquire+0x10/0x10 [ 186.821212] ? write_comp_data+0x2f/0x90 [ 186.821797] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.822586] ? write_comp_data+0x2f/0x90 [ 186.823038] iommufd_fops_ioctl+0x37d/0x510 [ 186.823520] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.824050] ? write_comp_data+0x2f/0x90 [ 186.824503] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.825031] __x64_sys_ioctl+0x1a3/0x230 [ 186.825477] do_syscall_64+0x3b/0x90 [ 186.826006] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.826776] RIP: 0033:0x7f4b8743ee5d [ 186.827200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 186.829138] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 186.830028] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 186.831132] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 186.831912] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 186.832683] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 186.833435] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 186.834206] [ 186.834534] irq event stamp: 0 [ 186.835053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.835755] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.836657] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.837543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.838227] ---[ end trace 0000000000000000 ]--- [ 186.843821] ------------[ cut here ]------------ [ 186.844376] WARNING: CPU: 1 PID: 1775 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.845439] Modules linked in: [ 186.845779] CPU: 1 PID: 1775 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.847068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.848284] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.848822] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.850816] RSP: 0018:ffff888017a97bd0 EFLAGS: 00010246 [ 186.851628] RAX: 0000000000000000 RBX: ffff88800b8150a8 RCX: 0000000000000000 [ 186.852550] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 186.853314] RBP: ffff888017a97be8 R08: ffffed1001702a33 R09: ffffed1001702a33 [ 186.854079] R10: ffff88800b815193 R11: ffffed1001702a32 R12: ffff888010c09000 [ 186.854884] R13: ffff88800b8151e8 R14: ffff888018b81200 R15: 0000000000000000 [ 186.855727] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.856867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.857494] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 186.858260] PKRU: 55555554 [ 186.858605] Call Trace: [ 186.858879] [ 186.859139] iommufd_access_destroy_object+0x65/0x170 [ 186.859705] iommufd_object_destroy_user+0x18e/0x220 [ 186.860267] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 186.860912] iommufd_access_destroy+0x43/0x70 [ 186.861447] iommufd_test_staccess_release+0x8d/0xd0 [ 186.862221] __fput+0x26d/0xa40 [ 186.862628] ____fput+0x1e/0x30 [ 186.863004] task_work_run+0x1a4/0x2d0 [ 186.863450] ? __pfx_task_work_run+0x10/0x10 [ 186.863936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.864475] ? switch_task_namespaces+0xa9/0xe0 [ 186.865001] do_exit+0xb17/0x2ef0 [ 186.865392] ? lock_acquire+0x427/0x4c0 [ 186.865973] ? __pfx_lock_release+0x10/0x10 [ 186.866609] ? __kasan_check_write+0x18/0x20 [ 186.867095] ? do_raw_spin_lock+0x132/0x2a0 [ 186.867587] ? __pfx_do_exit+0x10/0x10 [ 186.868024] ? debug_smp_processor_id+0x20/0x30 [ 186.868532] ? rcu_is_watching+0x19/0xb0 [ 186.868978] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.869476] ? trace_hardirqs_on+0x26/0x120 [ 186.870062] do_group_exit+0xe0/0x2b0 [ 186.870687] __x64_sys_exit_group+0x47/0x50 [ 186.871175] do_syscall_64+0x3b/0x90 [ 186.871595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.872159] RIP: 0033:0x7f4b87518a4d [ 186.872562] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.873227] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.874115] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.875244] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.876018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.876780] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.877534] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.878305] [ 186.878748] irq event stamp: 0 [ 186.879235] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.879931] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.880845] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.881751] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.882430] ---[ end trace 0000000000000000 ]--- [ 186.883842] ------------[ cut here ]------------ [ 186.884367] WARNING: CPU: 1 PID: 1775 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 186.885481] Modules linked in: [ 186.885831] CPU: 1 PID: 1775 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.886818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.888028] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 186.888579] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 186.890738] RSP: 0018:ffff888017a97b78 EFLAGS: 00010246 [ 186.891502] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 186.892252] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 186.893000] RBP: ffff888017a97b98 R08: ffffed1001702a3e R09: ffffed1001702a3e [ 186.893751] R10: ffff88800b8151ef R11: ffffed1001702a3d R12: ffff88800b815290 [ 186.894540] R13: ffff88800b8150a8 R14: ffffffffffffffff R15: ffff888017a97c60 [ 186.895317] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 186.896466] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.897096] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 186.897843] PKRU: 55555554 [ 186.898143] Call Trace: [ 186.898412] [ 186.898689] iommufd_ioas_destroy+0x53/0x70 [ 186.899171] iommufd_fops_release+0x1f7/0x370 [ 186.899662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.900229] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.900958] ? write_comp_data+0x2f/0x90 [ 186.901551] ? __pfx_iommufd_fops_release+0x10/0x10 [ 186.902089] __fput+0x26d/0xa40 [ 186.902463] ____fput+0x1e/0x30 [ 186.902861] task_work_run+0x1a4/0x2d0 [ 186.903299] ? __pfx_task_work_run+0x10/0x10 [ 186.903757] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.904275] ? switch_task_namespaces+0xa9/0xe0 [ 186.904786] do_exit+0xb17/0x2ef0 [ 186.905214] ? lock_acquire+0x427/0x4c0 [ 186.905873] ? __pfx_lock_release+0x10/0x10 [ 186.906340] ? __kasan_check_write+0x18/0x20 [ 186.906848] ? do_raw_spin_lock+0x132/0x2a0 [ 186.907322] ? __pfx_do_exit+0x10/0x10 [ 186.907747] ? debug_smp_processor_id+0x20/0x30 [ 186.908238] ? rcu_is_watching+0x19/0xb0 [ 186.908670] ? _raw_spin_unlock_irq+0x2b/0x60 [ 186.909169] ? trace_hardirqs_on+0x26/0x120 [ 186.909643] do_group_exit+0xe0/0x2b0 [ 186.910183] __x64_sys_exit_group+0x47/0x50 [ 186.910800] do_syscall_64+0x3b/0x90 [ 186.911215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.911769] RIP: 0033:0x7f4b87518a4d [ 186.912159] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 186.912806] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 186.913602] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 186.914379] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 186.915443] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 186.916189] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 186.916924] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 186.917666] [ 186.917907] irq event stamp: 0 [ 186.918230] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.918922] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.920146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.921014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.921667] ---[ end trace 0000000000000000 ]--- [ 186.929542] ------------[ cut here ]------------ [ 186.930418] WARNING: CPU: 0 PID: 1776 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.932126] Modules linked in: [ 186.932555] CPU: 0 PID: 1776 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.933683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.935207] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.935838] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.938085] RSP: 0018:ffff888016c8fbb8 EFLAGS: 00010246 [ 186.938796] RAX: 0000000000000000 RBX: ffff88802445a0a8 RCX: 0000000000000000 [ 186.939710] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 186.940583] RBP: ffff888016c8fbd0 R08: ffffed100488b433 R09: ffffed100488b433 [ 186.941443] R10: ffff88802445a193 R11: ffffed100488b432 R12: ffff88801432b000 [ 186.942325] R13: ffff88802445a1e8 R14: ffffffff8352e670 R15: ffff888016c8fe68 [ 186.943280] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 186.944297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.945019] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 186.945889] PKRU: 55555554 [ 186.946246] Call Trace: [ 186.946602] [ 186.946893] __iommufd_access_detach+0x1c2/0x2b0 [ 186.947518] iommufd_access_change_pt+0x149/0x270 [ 186.948128] iommufd_access_replace+0xb4/0x120 [ 186.948712] iommufd_test+0x3e5/0x37e0 [ 186.949193] ? lock_release+0x532/0x770 [ 186.949699] ? __might_fault+0x102/0x1b0 [ 186.950211] ? lock_acquire+0x427/0x4c0 [ 186.950762] ? __pfx_iommufd_test+0x10/0x10 [ 186.951307] ? __pfx_lock_release+0x10/0x10 [ 186.951838] ? __pfx_lock_acquire+0x10/0x10 [ 186.952370] ? write_comp_data+0x2f/0x90 [ 186.952874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.953464] ? write_comp_data+0x2f/0x90 [ 186.953966] iommufd_fops_ioctl+0x37d/0x510 [ 186.954494] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.955146] ? write_comp_data+0x2f/0x90 [ 186.955652] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 186.956237] __x64_sys_ioctl+0x1a3/0x230 [ 186.956746] do_syscall_64+0x3b/0x90 [ 186.957211] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 186.957840] RIP: 0033:0x7f4b8743ee5d [ 186.958290] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 186.960479] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 186.961382] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 186.962227] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 186.963101] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 186.963962] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 186.964805] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 186.965662] [ 186.965947] irq event stamp: 0 [ 186.966319] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 186.967075] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 186.968048] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 186.968993] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 186.969703] ---[ end trace 0000000000000000 ]--- [ 186.974553] ------------[ cut here ]------------ [ 186.975177] WARNING: CPU: 0 PID: 1776 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 186.976456] Modules linked in: [ 186.976852] CPU: 0 PID: 1776 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 186.977966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 186.979450] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 186.980021] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 186.982239] RSP: 0018:ffff888016c8fbd0 EFLAGS: 00010246 [ 186.983047] RAX: 0000000000000000 RBX: ffff88802445a0a8 RCX: 0000000000000000 [ 186.983865] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 186.984722] RBP: ffff888016c8fbe8 R08: ffffed100488b433 R09: ffffed100488b433 [ 186.985623] R10: ffff88802445a193 R11: ffffed100488b432 R12: ffff888012b47800 [ 186.986640] R13: ffff88802445a1e8 R14: ffff888020806c00 R15: 0000000000000000 [ 186.987452] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 186.988415] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 186.989197] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 186.990024] PKRU: 55555554 [ 186.990579] Call Trace: [ 186.990880] [ 186.991153] iommufd_access_destroy_object+0x65/0x170 [ 186.991657] iommufd_object_destroy_user+0x18e/0x220 [ 186.992113] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 186.993010] iommufd_access_destroy+0x43/0x70 [ 186.993554] iommufd_test_staccess_release+0x8d/0xd0 [ 186.994481] __fput+0x26d/0xa40 [ 186.994951] ____fput+0x1e/0x30 [ 186.995374] task_work_run+0x1a4/0x2d0 [ 186.995835] ? __pfx_task_work_run+0x10/0x10 [ 186.996685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 186.997258] ? switch_task_namespaces+0xa9/0xe0 [ 186.997829] do_exit+0xb17/0x2ef0 [ 186.998570] ? lock_acquire+0x427/0x4c0 [ 186.999053] ? __pfx_lock_release+0x10/0x10 [ 186.999574] ? __kasan_check_write+0x18/0x20 [ 187.000301] ? do_raw_spin_lock+0x132/0x2a0 [ 187.000796] ? __pfx_do_exit+0x10/0x10 [ 187.001256] ? debug_smp_processor_id+0x20/0x30 [ 187.001825] ? rcu_is_watching+0x19/0xb0 [ 187.002458] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.003065] ? trace_hardirqs_on+0x26/0x120 [ 187.003590] do_group_exit+0xe0/0x2b0 [ 187.004061] __x64_sys_exit_group+0x47/0x50 [ 187.004695] do_syscall_64+0x3b/0x90 [ 187.005142] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.005764] RIP: 0033:0x7f4b87518a4d [ 187.006358] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.007099] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.008069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.008998] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.009831] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.010822] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.011641] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.012633] [ 187.012908] irq event stamp: 0 [ 187.013270] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.014169] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.015166] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.016320] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.017032] ---[ end trace 0000000000000000 ]--- [ 187.018279] ------------[ cut here ]------------ [ 187.018856] WARNING: CPU: 0 PID: 1776 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.019952] Modules linked in: [ 187.020334] CPU: 0 PID: 1776 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.021048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.022153] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.022603] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.024094] RSP: 0018:ffff888016c8fb78 EFLAGS: 00010246 [ 187.024528] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.025103] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 187.025681] RBP: ffff888016c8fb98 R08: ffffed100488b43e R09: ffffed100488b43e [ 187.026259] R10: ffff88802445a1ef R11: ffffed100488b43d R12: ffff88802445a290 [ 187.026865] R13: ffff88802445a0a8 R14: ffffffffffffffff R15: ffff888016c8fc60 [ 187.027466] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.028123] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.028595] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.029174] PKRU: 55555554 [ 187.029406] Call Trace: [ 187.029631] [ 187.029817] iommufd_ioas_destroy+0x53/0x70 [ 187.030176] iommufd_fops_release+0x1f7/0x370 [ 187.030583] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.031002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.031417] ? write_comp_data+0x2f/0x90 [ 187.031763] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.032178] __fput+0x26d/0xa40 [ 187.032467] ____fput+0x1e/0x30 [ 187.032751] task_work_run+0x1a4/0x2d0 [ 187.033081] ? __pfx_task_work_run+0x10/0x10 [ 187.033446] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.033851] ? switch_task_namespaces+0xa9/0xe0 [ 187.034248] do_exit+0xb17/0x2ef0 [ 187.034564] ? lock_acquire+0x427/0x4c0 [ 187.034901] ? __pfx_lock_release+0x10/0x10 [ 187.035281] ? __kasan_check_write+0x18/0x20 [ 187.035651] ? do_raw_spin_lock+0x132/0x2a0 [ 187.036008] ? __pfx_do_exit+0x10/0x10 [ 187.036338] ? debug_smp_processor_id+0x20/0x30 [ 187.036723] ? rcu_is_watching+0x19/0xb0 [ 187.037133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.037513] ? trace_hardirqs_on+0x26/0x120 [ 187.037883] do_group_exit+0xe0/0x2b0 [ 187.038199] __x64_sys_exit_group+0x47/0x50 [ 187.038577] do_syscall_64+0x3b/0x90 [ 187.038895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.039335] RIP: 0033:0x7f4b87518a4d [ 187.039645] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.040150] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.040772] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.041351] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.041934] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.042532] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.043119] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.043716] [ 187.043907] irq event stamp: 0 [ 187.044164] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.044677] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.045360] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.046037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.046567] ---[ end trace 0000000000000000 ]--- [ 187.050573] ------------[ cut here ]------------ [ 187.050999] WARNING: CPU: 0 PID: 1777 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.051831] Modules linked in: [ 187.052092] CPU: 0 PID: 1777 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.052811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.053729] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.054137] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.055657] RSP: 0018:ffff888016067bb8 EFLAGS: 00010246 [ 187.056096] RAX: 0000000000000000 RBX: ffff8880171bf0a8 RCX: 0000000000000000 [ 187.056680] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 187.057257] RBP: ffff888016067bd0 R08: ffffed1002e37e33 R09: ffffed1002e37e33 [ 187.057840] R10: ffff8880171bf193 R11: ffffed1002e37e32 R12: ffff888013b16800 [ 187.058758] R13: ffff8880171bf1e8 R14: ffffffff8352e670 R15: ffff888016067e68 [ 187.059350] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.060017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.060684] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 187.061266] PKRU: 55555554 [ 187.061499] Call Trace: [ 187.061709] [ 187.061894] __iommufd_access_detach+0x1c2/0x2b0 [ 187.062500] iommufd_access_change_pt+0x149/0x270 [ 187.062938] iommufd_access_replace+0xb4/0x120 [ 187.063339] iommufd_test+0x3e5/0x37e0 [ 187.063662] ? lock_release+0x532/0x770 [ 187.063998] ? __might_fault+0x102/0x1b0 [ 187.064396] ? lock_acquire+0x427/0x4c0 [ 187.064853] ? __pfx_iommufd_test+0x10/0x10 [ 187.065207] ? __pfx_lock_release+0x10/0x10 [ 187.065574] ? __pfx_lock_acquire+0x10/0x10 [ 187.065944] ? write_comp_data+0x2f/0x90 [ 187.066393] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.066896] ? write_comp_data+0x2f/0x90 [ 187.067254] iommufd_fops_ioctl+0x37d/0x510 [ 187.067616] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.068029] ? write_comp_data+0x2f/0x90 [ 187.068377] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.069072] __x64_sys_ioctl+0x1a3/0x230 [ 187.069425] do_syscall_64+0x3b/0x90 [ 187.069746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.070185] RIP: 0033:0x7f4b8743ee5d [ 187.070608] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.072193] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.073014] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.073595] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.074185] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.074966] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.075562] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.076152] [ 187.076344] irq event stamp: 0 [ 187.076606] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.077122] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.077803] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.078480] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.079021] ---[ end trace 0000000000000000 ]--- [ 187.082032] ------------[ cut here ]------------ [ 187.082435] WARNING: CPU: 0 PID: 1777 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.083325] Modules linked in: [ 187.083594] CPU: 0 PID: 1777 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.084313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.085230] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.085643] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.087328] RSP: 0018:ffff888016067bd0 EFLAGS: 00010246 [ 187.087768] RAX: 0000000000000000 RBX: ffff8880171bf0a8 RCX: 0000000000000000 [ 187.088354] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 187.088932] RBP: ffff888016067be8 R08: ffffed1002e37e33 R09: ffffed1002e37e33 [ 187.089511] R10: ffff8880171bf193 R11: ffffed1002e37e32 R12: ffff888014329c00 [ 187.090096] R13: ffff8880171bf1e8 R14: ffff88800ace4900 R15: 0000000000000000 [ 187.090705] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.091375] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.091849] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.092434] PKRU: 55555554 [ 187.092670] Call Trace: [ 187.092881] [ 187.093067] iommufd_access_destroy_object+0x65/0x170 [ 187.093503] iommufd_object_destroy_user+0x18e/0x220 [ 187.093925] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 187.094411] iommufd_access_destroy+0x43/0x70 [ 187.094823] iommufd_test_staccess_release+0x8d/0xd0 [ 187.095260] __fput+0x26d/0xa40 [ 187.095554] ____fput+0x1e/0x30 [ 187.095838] task_work_run+0x1a4/0x2d0 [ 187.096167] ? __pfx_task_work_run+0x10/0x10 [ 187.096533] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.096941] ? switch_task_namespaces+0xa9/0xe0 [ 187.097333] do_exit+0xb17/0x2ef0 [ 187.097618] ? lock_acquire+0x427/0x4c0 [ 187.097955] ? __pfx_lock_release+0x10/0x10 [ 187.098311] ? __kasan_check_write+0x18/0x20 [ 187.098702] ? do_raw_spin_lock+0x132/0x2a0 [ 187.099060] ? __pfx_do_exit+0x10/0x10 [ 187.099400] ? debug_smp_processor_id+0x20/0x30 [ 187.099789] ? rcu_is_watching+0x19/0xb0 [ 187.100125] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.100506] ? trace_hardirqs_on+0x26/0x120 [ 187.100866] do_group_exit+0xe0/0x2b0 [ 187.101257] __x64_sys_exit_group+0x47/0x50 [ 187.101610] do_syscall_64+0x3b/0x90 [ 187.101928] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.102359] RIP: 0033:0x7f4b87518a4d [ 187.102693] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.103215] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.103840] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.104423] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.105002] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.105580] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.106158] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.106783] [ 187.106978] irq event stamp: 0 [ 187.107247] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.107763] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.108449] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.109129] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.109641] ---[ end trace 0000000000000000 ]--- [ 187.110369] ------------[ cut here ]------------ [ 187.110779] WARNING: CPU: 0 PID: 1777 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.111623] Modules linked in: [ 187.111889] CPU: 0 PID: 1777 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.112601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.113513] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.113932] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.115443] RSP: 0018:ffff888016067b78 EFLAGS: 00010246 [ 187.115878] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.116455] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 187.117029] RBP: ffff888016067b98 R08: ffffed1002e37e3e R09: ffffed1002e37e3e [ 187.117603] R10: ffff8880171bf1ef R11: ffffed1002e37e3d R12: ffff8880171bf290 [ 187.118190] R13: ffff8880171bf0a8 R14: ffffffffffffffff R15: ffff888016067c60 [ 187.118788] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.119463] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.119936] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.120518] PKRU: 55555554 [ 187.120750] Call Trace: [ 187.120962] [ 187.121148] iommufd_ioas_destroy+0x53/0x70 [ 187.121515] iommufd_fops_release+0x1f7/0x370 [ 187.121890] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.122299] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.122730] ? write_comp_data+0x2f/0x90 [ 187.123074] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.123503] __fput+0x26d/0xa40 [ 187.123793] ____fput+0x1e/0x30 [ 187.124072] task_work_run+0x1a4/0x2d0 [ 187.124399] ? __pfx_task_work_run+0x10/0x10 [ 187.124765] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.125176] ? switch_task_namespaces+0xa9/0xe0 [ 187.125569] do_exit+0xb17/0x2ef0 [ 187.125852] ? lock_acquire+0x427/0x4c0 [ 187.126186] ? __pfx_lock_release+0x10/0x10 [ 187.126576] ? __kasan_check_write+0x18/0x20 [ 187.126944] ? do_raw_spin_lock+0x132/0x2a0 [ 187.127311] ? __pfx_do_exit+0x10/0x10 [ 187.127644] ? debug_smp_processor_id+0x20/0x30 [ 187.128032] ? rcu_is_watching+0x19/0xb0 [ 187.128370] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.128747] ? trace_hardirqs_on+0x26/0x120 [ 187.129107] do_group_exit+0xe0/0x2b0 [ 187.129421] __x64_sys_exit_group+0x47/0x50 [ 187.129776] do_syscall_64+0x3b/0x90 [ 187.130089] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.130542] RIP: 0033:0x7f4b87518a4d [ 187.130851] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.131370] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.131987] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.132569] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.133203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.133787] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.134367] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.134991] [ 187.135198] irq event stamp: 0 [ 187.135458] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.135969] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.136647] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.137333] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.137845] ---[ end trace 0000000000000000 ]--- [ 187.142122] ------------[ cut here ]------------ [ 187.142738] WARNING: CPU: 0 PID: 1778 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.143589] Modules linked in: [ 187.143851] CPU: 0 PID: 1778 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.144560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.145481] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.145886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.147417] RSP: 0018:ffff888010447bb8 EFLAGS: 00010246 [ 187.147847] RAX: 0000000000000000 RBX: ffff888023da70a8 RCX: 0000000000000000 [ 187.148409] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 187.148970] RBP: ffff888010447bd0 R08: ffffed10047b4e33 R09: ffffed10047b4e33 [ 187.149529] R10: ffff888023da7193 R11: ffffed10047b4e32 R12: ffff888014240000 [ 187.150087] R13: ffff888023da71e8 R14: ffffffff8352e670 R15: ffff888010447e68 [ 187.150664] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.151315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.151771] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 187.152333] PKRU: 55555554 [ 187.152557] Call Trace: [ 187.152763] [ 187.152945] __iommufd_access_detach+0x1c2/0x2b0 [ 187.153333] iommufd_access_change_pt+0x149/0x270 [ 187.153727] iommufd_access_replace+0xb4/0x120 [ 187.154103] iommufd_test+0x3e5/0x37e0 [ 187.154411] ? lock_release+0x532/0x770 [ 187.154752] ? __might_fault+0x102/0x1b0 [ 187.155083] ? lock_acquire+0x427/0x4c0 [ 187.155411] ? __pfx_iommufd_test+0x10/0x10 [ 187.155754] ? __pfx_lock_release+0x10/0x10 [ 187.156105] ? __pfx_lock_acquire+0x10/0x10 [ 187.156458] ? write_comp_data+0x2f/0x90 [ 187.156792] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.157183] ? write_comp_data+0x2f/0x90 [ 187.157517] iommufd_fops_ioctl+0x37d/0x510 [ 187.157867] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.158256] ? write_comp_data+0x2f/0x90 [ 187.158604] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.158989] __x64_sys_ioctl+0x1a3/0x230 [ 187.159328] do_syscall_64+0x3b/0x90 [ 187.159633] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.160042] RIP: 0033:0x7f4b8743ee5d [ 187.160331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.161753] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.162346] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.162930] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.163489] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.164041] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.164600] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.165225] [ 187.165407] irq event stamp: 0 [ 187.165651] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.166140] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.166810] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.167463] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.167950] ---[ end trace 0000000000000000 ]--- [ 187.170650] ------------[ cut here ]------------ [ 187.171044] WARNING: CPU: 0 PID: 1778 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.171841] Modules linked in: [ 187.172091] CPU: 0 PID: 1778 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.172766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.173629] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.174016] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.175444] RSP: 0018:ffff888010447bd0 EFLAGS: 00010246 [ 187.175855] RAX: 0000000000000000 RBX: ffff888023da70a8 RCX: 0000000000000000 [ 187.176406] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 187.176960] RBP: ffff888010447be8 R08: ffffed10047b4e33 R09: ffffed10047b4e33 [ 187.177509] R10: ffff888023da7193 R11: ffffed10047b4e32 R12: ffff888013b17800 [ 187.178056] R13: ffff888023da71e8 R14: ffff888012b36d00 R15: 0000000000000000 [ 187.178624] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.179253] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.179710] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.180261] PKRU: 55555554 [ 187.180483] Call Trace: [ 187.180680] [ 187.180857] iommufd_access_destroy_object+0x65/0x170 [ 187.181262] iommufd_object_destroy_user+0x18e/0x220 [ 187.181665] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 187.182123] iommufd_access_destroy+0x43/0x70 [ 187.182481] iommufd_test_staccess_release+0x8d/0xd0 [ 187.182900] __fput+0x26d/0xa40 [ 187.183181] ____fput+0x1e/0x30 [ 187.183443] task_work_run+0x1a4/0x2d0 [ 187.183750] ? __pfx_task_work_run+0x10/0x10 [ 187.184090] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.184474] ? switch_task_namespaces+0xa9/0xe0 [ 187.184847] do_exit+0xb17/0x2ef0 [ 187.185119] ? lock_acquire+0x427/0x4c0 [ 187.185438] ? __pfx_lock_release+0x10/0x10 [ 187.185775] ? __kasan_check_write+0x18/0x20 [ 187.186115] ? do_raw_spin_lock+0x132/0x2a0 [ 187.186448] ? __pfx_do_exit+0x10/0x10 [ 187.186771] ? debug_smp_processor_id+0x20/0x30 [ 187.187136] ? rcu_is_watching+0x19/0xb0 [ 187.187451] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.187801] ? trace_hardirqs_on+0x26/0x120 [ 187.188134] do_group_exit+0xe0/0x2b0 [ 187.188428] __x64_sys_exit_group+0x47/0x50 [ 187.188755] do_syscall_64+0x3b/0x90 [ 187.189050] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.189449] RIP: 0033:0x7f4b87518a4d [ 187.189730] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.190192] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.190778] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.191323] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.191857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.192393] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.192929] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.193473] [ 187.193650] irq event stamp: 0 [ 187.193889] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.194362] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.195013] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.195652] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.196127] ---[ end trace 0000000000000000 ]--- [ 187.196799] ------------[ cut here ]------------ [ 187.197198] WARNING: CPU: 0 PID: 1778 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.197976] Modules linked in: [ 187.198223] CPU: 0 PID: 1778 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.198908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.199767] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.200158] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.201529] RSP: 0018:ffff888010447b78 EFLAGS: 00010246 [ 187.201930] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.202464] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 187.203021] RBP: ffff888010447b98 R08: ffffed10047b4e3e R09: ffffed10047b4e3e [ 187.203563] R10: ffff888023da71ef R11: ffffed10047b4e3d R12: ffff888023da7290 [ 187.204097] R13: ffff888023da70a8 R14: ffffffffffffffff R15: ffff888010447c60 [ 187.204622] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.205215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.205642] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.206169] PKRU: 55555554 [ 187.206378] Call Trace: [ 187.206582] [ 187.206754] iommufd_ioas_destroy+0x53/0x70 [ 187.207083] iommufd_fops_release+0x1f7/0x370 [ 187.207432] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.207805] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.208177] ? write_comp_data+0x2f/0x90 [ 187.208493] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.208869] __fput+0x26d/0xa40 [ 187.209129] ____fput+0x1e/0x30 [ 187.209384] task_work_run+0x1a4/0x2d0 [ 187.209682] ? __pfx_task_work_run+0x10/0x10 [ 187.210018] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.210384] ? switch_task_namespaces+0xa9/0xe0 [ 187.210765] do_exit+0xb17/0x2ef0 [ 187.211028] ? lock_acquire+0x427/0x4c0 [ 187.211344] ? __pfx_lock_release+0x10/0x10 [ 187.211674] ? __kasan_check_write+0x18/0x20 [ 187.212008] ? do_raw_spin_lock+0x132/0x2a0 [ 187.212331] ? __pfx_do_exit+0x10/0x10 [ 187.212633] ? debug_smp_processor_id+0x20/0x30 [ 187.212992] ? rcu_is_watching+0x19/0xb0 [ 187.213299] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.213641] ? trace_hardirqs_on+0x26/0x120 [ 187.213968] do_group_exit+0xe0/0x2b0 [ 187.214255] __x64_sys_exit_group+0x47/0x50 [ 187.214597] do_syscall_64+0x3b/0x90 [ 187.214888] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.215298] RIP: 0033:0x7f4b87518a4d [ 187.215578] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.216032] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.216593] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.217117] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.217649] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.218175] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.218719] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.219261] [ 187.219440] irq event stamp: 0 [ 187.219676] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.220143] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.220764] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.221383] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.221850] ---[ end trace 0000000000000000 ]--- [ 187.226223] ------------[ cut here ]------------ [ 187.226634] WARNING: CPU: 0 PID: 1779 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.227397] Modules linked in: [ 187.227641] CPU: 0 PID: 1779 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.228288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.229174] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.229545] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.231092] RSP: 0018:ffff88801035fbb8 EFLAGS: 00010246 [ 187.231501] RAX: 0000000000000000 RBX: ffff888015e770a8 RCX: 0000000000000000 [ 187.232025] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 187.232550] RBP: ffff88801035fbd0 R08: ffffed1002bcee33 R09: ffffed1002bcee33 [ 187.233073] R10: ffff888015e77193 R11: ffffed1002bcee32 R12: ffff888018a3c400 [ 187.233600] R13: ffff888015e771e8 R14: ffffffff8352e670 R15: ffff88801035fe68 [ 187.234125] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.234745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.235190] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 187.235718] PKRU: 55555554 [ 187.235931] Call Trace: [ 187.236122] [ 187.236290] __iommufd_access_detach+0x1c2/0x2b0 [ 187.236659] iommufd_access_change_pt+0x149/0x270 [ 187.237029] iommufd_access_replace+0xb4/0x120 [ 187.237382] iommufd_test+0x3e5/0x37e0 [ 187.237678] ? lock_release+0x532/0x770 [ 187.237989] ? __might_fault+0x102/0x1b0 [ 187.238304] ? lock_acquire+0x427/0x4c0 [ 187.238631] ? __pfx_iommufd_test+0x10/0x10 [ 187.238958] ? __pfx_lock_release+0x10/0x10 [ 187.239303] ? __pfx_lock_acquire+0x10/0x10 [ 187.239631] ? write_comp_data+0x2f/0x90 [ 187.239938] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.240300] ? write_comp_data+0x2f/0x90 [ 187.240608] iommufd_fops_ioctl+0x37d/0x510 [ 187.240930] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.241291] ? write_comp_data+0x2f/0x90 [ 187.241601] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.241956] __x64_sys_ioctl+0x1a3/0x230 [ 187.242263] do_syscall_64+0x3b/0x90 [ 187.242567] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.242955] RIP: 0033:0x7f4b8743ee5d [ 187.243237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.244564] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.245117] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.245637] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.246154] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.246691] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.247234] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.247759] [ 187.247932] irq event stamp: 0 [ 187.248168] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.248627] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.249236] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.249841] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.250300] ---[ end trace 0000000000000000 ]--- [ 187.252909] ------------[ cut here ]------------ [ 187.253279] WARNING: CPU: 0 PID: 1779 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.254018] Modules linked in: [ 187.254256] CPU: 0 PID: 1779 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.254915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.255749] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.256115] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.257437] RSP: 0018:ffff88801035fbd0 EFLAGS: 00010246 [ 187.257827] RAX: 0000000000000000 RBX: ffff888015e770a8 RCX: 0000000000000000 [ 187.258343] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 187.258880] RBP: ffff88801035fbe8 R08: ffffed1002bcee33 R09: ffffed1002bcee33 [ 187.259415] R10: ffff888015e77193 R11: ffffed1002bcee32 R12: ffff888014243000 [ 187.259924] R13: ffff888015e771e8 R14: ffff8880141d8c00 R15: 0000000000000000 [ 187.260443] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.261088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.261519] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.262047] PKRU: 55555554 [ 187.262260] Call Trace: [ 187.262449] [ 187.262642] iommufd_access_destroy_object+0x65/0x170 [ 187.263033] iommufd_object_destroy_user+0x18e/0x220 [ 187.263422] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 187.263864] iommufd_access_destroy+0x43/0x70 [ 187.264218] iommufd_test_staccess_release+0x8d/0xd0 [ 187.264608] __fput+0x26d/0xa40 [ 187.264870] ____fput+0x1e/0x30 [ 187.265127] task_work_run+0x1a4/0x2d0 [ 187.265432] ? __pfx_task_work_run+0x10/0x10 [ 187.265766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.266134] ? switch_task_namespaces+0xa9/0xe0 [ 187.266496] do_exit+0xb17/0x2ef0 [ 187.266778] ? lock_acquire+0x427/0x4c0 [ 187.267083] ? __pfx_lock_release+0x10/0x10 [ 187.267423] ? __kasan_check_write+0x18/0x20 [ 187.267765] ? do_raw_spin_lock+0x132/0x2a0 [ 187.268096] ? __pfx_do_exit+0x10/0x10 [ 187.268397] ? debug_smp_processor_id+0x20/0x30 [ 187.268749] ? rcu_is_watching+0x19/0xb0 [ 187.269055] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.269396] ? trace_hardirqs_on+0x26/0x120 [ 187.269730] do_group_exit+0xe0/0x2b0 [ 187.270018] __x64_sys_exit_group+0x47/0x50 [ 187.270339] do_syscall_64+0x3b/0x90 [ 187.270655] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.271052] RIP: 0033:0x7f4b87518a4d [ 187.271341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.271796] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.272366] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.272893] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.273421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.273947] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.274480] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.275037] [ 187.275220] irq event stamp: 0 [ 187.275459] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.275931] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.276559] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.277183] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.277653] ---[ end trace 0000000000000000 ]--- [ 187.278322] ------------[ cut here ]------------ [ 187.278699] WARNING: CPU: 0 PID: 1779 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.279480] Modules linked in: [ 187.279721] CPU: 0 PID: 1779 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.280376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.281208] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.281594] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.282966] RSP: 0018:ffff88801035fb78 EFLAGS: 00010246 [ 187.283369] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.283905] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 187.284435] RBP: ffff88801035fb98 R08: ffffed1002bcee3e R09: ffffed1002bcee3e [ 187.284963] R10: ffff888015e771ef R11: ffffed1002bcee3d R12: ffff888015e77290 [ 187.285494] R13: ffff888015e770a8 R14: ffffffffffffffff R15: ffff88801035fc60 [ 187.286021] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.286637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.287071] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.287605] PKRU: 55555554 [ 187.287817] Call Trace: [ 187.288010] [ 187.288184] iommufd_ioas_destroy+0x53/0x70 [ 187.288512] iommufd_fops_release+0x1f7/0x370 [ 187.288852] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.289225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.289593] ? write_comp_data+0x2f/0x90 [ 187.289908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.290283] __fput+0x26d/0xa40 [ 187.290565] ____fput+0x1e/0x30 [ 187.290824] task_work_run+0x1a4/0x2d0 [ 187.291138] ? __pfx_task_work_run+0x10/0x10 [ 187.291481] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.291853] ? switch_task_namespaces+0xa9/0xe0 [ 187.292214] do_exit+0xb17/0x2ef0 [ 187.292480] ? lock_acquire+0x427/0x4c0 [ 187.292787] ? __pfx_lock_release+0x10/0x10 [ 187.293168] ? __kasan_check_write+0x18/0x20 [ 187.293504] ? do_raw_spin_lock+0x132/0x2a0 [ 187.293829] ? __pfx_do_exit+0x10/0x10 [ 187.294129] ? debug_smp_processor_id+0x20/0x30 [ 187.294484] ? rcu_is_watching+0x19/0xb0 [ 187.294813] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.295168] ? trace_hardirqs_on+0x26/0x120 [ 187.295501] do_group_exit+0xe0/0x2b0 [ 187.295789] __x64_sys_exit_group+0x47/0x50 [ 187.296110] do_syscall_64+0x3b/0x90 [ 187.296397] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.296798] RIP: 0033:0x7f4b87518a4d [ 187.297077] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.297536] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.298104] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.298649] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.299196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.299720] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.300249] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.300792] [ 187.300966] irq event stamp: 0 [ 187.301206] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.301677] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.302300] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.302949] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.303428] ---[ end trace 0000000000000000 ]--- [ 187.307575] ------------[ cut here ]------------ [ 187.307951] WARNING: CPU: 0 PID: 1780 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.308698] Modules linked in: [ 187.308937] CPU: 0 PID: 1780 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.309583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.310413] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.310816] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.312192] RSP: 0018:ffff888016d37bb8 EFLAGS: 00010246 [ 187.312631] RAX: 0000000000000000 RBX: ffff888021ab78a8 RCX: 0000000000000000 [ 187.313380] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 187.313914] RBP: ffff888016d37bd0 R08: ffffed1004356f33 R09: ffffed1004356f33 [ 187.314485] R10: ffff888021ab7993 R11: ffffed1004356f32 R12: ffff888015c70c00 [ 187.315183] R13: ffff888021ab79e8 R14: ffffffff8352e670 R15: ffff888016d37e68 [ 187.315708] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.316455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.316890] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 187.317421] PKRU: 55555554 [ 187.317635] Call Trace: [ 187.317904] [ 187.318157] __iommufd_access_detach+0x1c2/0x2b0 [ 187.318541] iommufd_access_change_pt+0x149/0x270 [ 187.318915] iommufd_access_replace+0xb4/0x120 [ 187.319273] iommufd_test+0x3e5/0x37e0 [ 187.319570] ? lock_release+0x532/0x770 [ 187.319904] ? __might_fault+0x102/0x1b0 [ 187.320334] ? lock_acquire+0x427/0x4c0 [ 187.320649] ? __pfx_iommufd_test+0x10/0x10 [ 187.320972] ? __pfx_lock_release+0x10/0x10 [ 187.321300] ? __pfx_lock_acquire+0x10/0x10 [ 187.321789] ? write_comp_data+0x2f/0x90 [ 187.322105] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.322480] ? write_comp_data+0x2f/0x90 [ 187.322820] iommufd_fops_ioctl+0x37d/0x510 [ 187.323158] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.323575] ? write_comp_data+0x2f/0x90 [ 187.323993] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.324362] __x64_sys_ioctl+0x1a3/0x230 [ 187.324678] do_syscall_64+0x3b/0x90 [ 187.325022] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.325568] RIP: 0033:0x7f4b8743ee5d [ 187.325854] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.327978] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.328559] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.329262] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.329807] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.330352] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.331074] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.331652] [ 187.331838] irq event stamp: 0 [ 187.332085] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.332638] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.333387] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.334036] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.334674] ---[ end trace 0000000000000000 ]--- [ 187.337425] ------------[ cut here ]------------ [ 187.337866] WARNING: CPU: 0 PID: 1780 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.338760] Modules linked in: [ 187.339012] CPU: 0 PID: 1780 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.339762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.340707] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.341095] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.342688] RSP: 0018:ffff888016d37bd0 EFLAGS: 00010246 [ 187.343147] RAX: 0000000000000000 RBX: ffff888021ab78a8 RCX: 0000000000000000 [ 187.343796] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 187.344346] RBP: ffff888016d37be8 R08: ffffed1004356f33 R09: ffffed1004356f33 [ 187.344950] R10: ffff888021ab7993 R11: ffffed1004356f32 R12: ffff888018a3c000 [ 187.345592] R13: ffff888021ab79e8 R14: ffff88801381a500 R15: 0000000000000000 [ 187.346161] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.346995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.347482] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.348069] PKRU: 55555554 [ 187.348304] Call Trace: [ 187.348516] [ 187.348763] iommufd_access_destroy_object+0x65/0x170 [ 187.349295] iommufd_object_destroy_user+0x18e/0x220 [ 187.349720] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 187.350203] iommufd_access_destroy+0x43/0x70 [ 187.350757] iommufd_test_staccess_release+0x8d/0xd0 [ 187.351192] __fput+0x26d/0xa40 [ 187.351481] ____fput+0x1e/0x30 [ 187.351762] task_work_run+0x1a4/0x2d0 [ 187.352093] ? __pfx_task_work_run+0x10/0x10 [ 187.352504] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.353029] ? switch_task_namespaces+0xa9/0xe0 [ 187.353426] do_exit+0xb17/0x2ef0 [ 187.353718] ? lock_acquire+0x427/0x4c0 [ 187.354055] ? __pfx_lock_release+0x10/0x10 [ 187.354596] ? __kasan_check_write+0x18/0x20 [ 187.354970] ? do_raw_spin_lock+0x132/0x2a0 [ 187.355341] ? __pfx_do_exit+0x10/0x10 [ 187.355675] ? debug_smp_processor_id+0x20/0x30 [ 187.356067] ? rcu_is_watching+0x19/0xb0 [ 187.356459] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.356993] ? trace_hardirqs_on+0x26/0x120 [ 187.357360] do_group_exit+0xe0/0x2b0 [ 187.357678] __x64_sys_exit_group+0x47/0x50 [ 187.358049] do_syscall_64+0x3b/0x90 [ 187.358490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.358948] RIP: 0033:0x7f4b87518a4d [ 187.359262] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.359764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.360561] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.361146] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.361728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.362461] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.363072] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.363679] [ 187.363872] irq event stamp: 0 [ 187.364199] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.364823] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.365522] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.366363] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.366911] ---[ end trace 0000000000000000 ]--- [ 187.367640] ------------[ cut here ]------------ [ 187.368097] WARNING: CPU: 0 PID: 1780 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.369025] Modules linked in: [ 187.369296] CPU: 0 PID: 1780 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.370164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.371108] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.371578] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.373324] RSP: 0018:ffff888016d37b78 EFLAGS: 00010246 [ 187.373948] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.374583] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 187.375210] RBP: ffff888016d37b98 R08: ffffed1004356f3e R09: ffffed1004356f3e [ 187.376000] R10: ffff888021ab79ef R11: ffffed1004356f3d R12: ffff888021ab7a90 [ 187.376608] R13: ffff888021ab78a8 R14: ffffffffffffffff R15: ffff888016d37c60 [ 187.377225] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.378094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.378627] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.379260] PKRU: 55555554 [ 187.379529] Call Trace: [ 187.379805] [ 187.380106] iommufd_ioas_destroy+0x53/0x70 [ 187.380496] iommufd_fops_release+0x1f7/0x370 [ 187.380894] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.381370] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.381929] ? write_comp_data+0x2f/0x90 [ 187.382298] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.382762] __fput+0x26d/0xa40 [ 187.383068] ____fput+0x1e/0x30 [ 187.383382] task_work_run+0x1a4/0x2d0 [ 187.383814] ? __pfx_task_work_run+0x10/0x10 [ 187.384323] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.384758] ? switch_task_namespaces+0xa9/0xe0 [ 187.385177] do_exit+0xb17/0x2ef0 [ 187.385513] ? lock_acquire+0x427/0x4c0 [ 187.385997] ? __pfx_lock_release+0x10/0x10 [ 187.386385] ? __kasan_check_write+0x18/0x20 [ 187.386799] ? do_raw_spin_lock+0x132/0x2a0 [ 187.387189] ? __pfx_do_exit+0x10/0x10 [ 187.387545] ? debug_smp_processor_id+0x20/0x30 [ 187.388143] ? rcu_is_watching+0x19/0xb0 [ 187.388503] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.388910] ? trace_hardirqs_on+0x26/0x120 [ 187.389358] do_group_exit+0xe0/0x2b0 [ 187.389741] __x64_sys_exit_group+0x47/0x50 [ 187.390234] do_syscall_64+0x3b/0x90 [ 187.390597] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.391057] RIP: 0033:0x7f4b87518a4d [ 187.391403] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.391990] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.392763] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.393382] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.394175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.394816] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.395441] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.396233] [ 187.396438] irq event stamp: 0 [ 187.396717] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.397274] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.398175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.398924] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.399478] ---[ end trace 0000000000000000 ]--- [ 187.403618] ------------[ cut here ]------------ [ 187.404140] WARNING: CPU: 0 PID: 1781 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.405036] Modules linked in: [ 187.405458] CPU: 0 PID: 1781 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.406213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.407291] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.407810] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.409385] RSP: 0018:ffff88801876fbb8 EFLAGS: 00010246 [ 187.409846] RAX: 0000000000000000 RBX: ffff8880104618a8 RCX: 0000000000000000 [ 187.410464] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 187.411108] RBP: ffff88801876fbd0 R08: ffffed100208c333 R09: ffffed100208c333 [ 187.411734] R10: ffff888010461993 R11: ffffed100208c332 R12: ffff888010c09000 [ 187.412349] R13: ffff8880104619e8 R14: ffffffff8352e670 R15: ffff88801876fe68 [ 187.412970] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.413657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.414154] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 187.414791] PKRU: 55555554 [ 187.415039] Call Trace: [ 187.415270] [ 187.415467] __iommufd_access_detach+0x1c2/0x2b0 [ 187.415897] iommufd_access_change_pt+0x149/0x270 [ 187.416325] iommufd_access_replace+0xb4/0x120 [ 187.416736] iommufd_test+0x3e5/0x37e0 [ 187.417080] ? lock_release+0x532/0x770 [ 187.417440] ? __might_fault+0x102/0x1b0 [ 187.417799] ? lock_acquire+0x427/0x4c0 [ 187.418160] ? __pfx_iommufd_test+0x10/0x10 [ 187.418582] ? __pfx_lock_release+0x10/0x10 [ 187.418979] ? __pfx_lock_acquire+0x10/0x10 [ 187.419378] ? write_comp_data+0x2f/0x90 [ 187.419746] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.420167] ? write_comp_data+0x2f/0x90 [ 187.420538] iommufd_fops_ioctl+0x37d/0x510 [ 187.420916] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.421420] ? write_comp_data+0x2f/0x90 [ 187.421785] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.422207] __x64_sys_ioctl+0x1a3/0x230 [ 187.422602] do_syscall_64+0x3b/0x90 [ 187.422939] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.423413] RIP: 0033:0x7f4b8743ee5d [ 187.423744] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.425305] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.425961] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.426598] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.427227] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.427848] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.428463] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.429092] [ 187.429301] irq event stamp: 0 [ 187.429575] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.430114] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.430881] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.431617] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.432172] ---[ end trace 0000000000000000 ]--- [ 187.435658] ------------[ cut here ]------------ [ 187.436210] WARNING: CPU: 0 PID: 1781 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.437277] Modules linked in: [ 187.437580] CPU: 0 PID: 1781 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.438626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.439700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.440162] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.442101] RSP: 0018:ffff88801876fbd0 EFLAGS: 00010246 [ 187.442640] RAX: 0000000000000000 RBX: ffff8880104618a8 RCX: 0000000000000000 [ 187.443403] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 187.444206] RBP: ffff88801876fbe8 R08: ffffed100208c333 R09: ffffed100208c333 [ 187.444883] R10: ffff888010461993 R11: ffffed100208c332 R12: ffff8880184edc00 [ 187.445799] R13: ffff8880104619e8 R14: ffff888015bb8b00 R15: 0000000000000000 [ 187.446481] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.447285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.448038] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.448712] PKRU: 55555554 [ 187.448984] Call Trace: [ 187.449224] [ 187.449444] iommufd_access_destroy_object+0x65/0x170 [ 187.450237] iommufd_object_destroy_user+0x18e/0x220 [ 187.450811] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 187.451433] iommufd_access_destroy+0x43/0x70 [ 187.451912] iommufd_test_staccess_release+0x8d/0xd0 [ 187.452544] __fput+0x26d/0xa40 [ 187.453146] ____fput+0x1e/0x30 [ 187.453503] task_work_run+0x1a4/0x2d0 [ 187.453924] ? __pfx_task_work_run+0x10/0x10 [ 187.454385] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.455181] ? switch_task_namespaces+0xa9/0xe0 [ 187.455684] do_exit+0xb17/0x2ef0 [ 187.456046] ? lock_acquire+0x427/0x4c0 [ 187.456473] ? __pfx_lock_release+0x10/0x10 [ 187.456923] ? __kasan_check_write+0x18/0x20 [ 187.457487] ? do_raw_spin_lock+0x132/0x2a0 [ 187.458126] ? __pfx_do_exit+0x10/0x10 [ 187.458594] ? debug_smp_processor_id+0x20/0x30 [ 187.459099] ? rcu_is_watching+0x19/0xb0 [ 187.459556] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.460147] ? trace_hardirqs_on+0x26/0x120 [ 187.460773] do_group_exit+0xe0/0x2b0 [ 187.461178] __x64_sys_exit_group+0x47/0x50 [ 187.461629] do_syscall_64+0x3b/0x90 [ 187.462085] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.462857] RIP: 0033:0x7f4b87518a4d [ 187.463266] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.463902] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.464783] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.465672] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.466404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.467420] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.468168] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.468916] [ 187.469207] irq event stamp: 0 [ 187.469759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.470417] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.471329] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.472419] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.473068] ---[ end trace 0000000000000000 ]--- [ 187.474063] ------------[ cut here ]------------ [ 187.474603] WARNING: CPU: 0 PID: 1781 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.475700] Modules linked in: [ 187.476051] CPU: 0 PID: 1781 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.477231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.478556] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.479277] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.481300] RSP: 0018:ffff88801876fb78 EFLAGS: 00010246 [ 187.481998] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.482779] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 187.483577] RBP: ffff88801876fb98 R08: ffffed100208c33e R09: ffffed100208c33e [ 187.484526] R10: ffff8880104619ef R11: ffffed100208c33d R12: ffff888010461a90 [ 187.485349] R13: ffff8880104618a8 R14: ffffffffffffffff R15: ffff88801876fc60 [ 187.486306] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.487186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.487800] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.488802] PKRU: 55555554 [ 187.489110] Call Trace: [ 187.489381] [ 187.489624] iommufd_ioas_destroy+0x53/0x70 [ 187.490097] iommufd_fops_release+0x1f7/0x370 [ 187.490722] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.491340] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.491872] ? write_comp_data+0x2f/0x90 [ 187.492314] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.492847] __fput+0x26d/0xa40 [ 187.493319] ____fput+0x1e/0x30 [ 187.493843] task_work_run+0x1a4/0x2d0 [ 187.494274] ? __pfx_task_work_run+0x10/0x10 [ 187.494787] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.495336] ? switch_task_namespaces+0xa9/0xe0 [ 187.495845] do_exit+0xb17/0x2ef0 [ 187.496217] ? lock_acquire+0x427/0x4c0 [ 187.496664] ? __pfx_lock_release+0x10/0x10 [ 187.497136] ? __kasan_check_write+0x18/0x20 [ 187.497626] ? do_raw_spin_lock+0x132/0x2a0 [ 187.498089] ? __pfx_do_exit+0x10/0x10 [ 187.498557] ? debug_smp_processor_id+0x20/0x30 [ 187.499056] ? rcu_is_watching+0x19/0xb0 [ 187.499505] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.500000] ? trace_hardirqs_on+0x26/0x120 [ 187.500467] do_group_exit+0xe0/0x2b0 [ 187.500875] __x64_sys_exit_group+0x47/0x50 [ 187.501329] do_syscall_64+0x3b/0x90 [ 187.501730] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.502280] RIP: 0033:0x7f4b87518a4d [ 187.502715] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.503408] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.504205] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.504952] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.505700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.506452] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.507246] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.508021] [ 187.508276] irq event stamp: 0 [ 187.508615] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.509292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.510160] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.511088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.511796] ---[ end trace 0000000000000000 ]--- [ 187.516918] ------------[ cut here ]------------ [ 187.517550] WARNING: CPU: 0 PID: 1782 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.518669] Modules linked in: [ 187.519007] CPU: 0 PID: 1782 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.519919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.521081] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.521598] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.523474] RSP: 0018:ffff88800f7d7bb8 EFLAGS: 00010246 [ 187.523979] RAX: 0000000000000000 RBX: ffff88800cb928a8 RCX: 0000000000000000 [ 187.524716] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 187.525470] RBP: ffff88800f7d7bd0 R08: ffffed1001972533 R09: ffffed1001972533 [ 187.526215] R10: ffff88800cb92993 R11: ffffed1001972532 R12: ffff88800ae92000 [ 187.526992] R13: ffff88800cb929e8 R14: ffffffff8352e670 R15: ffff88800f7d7e68 [ 187.527762] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.528613] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.529219] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 187.529976] PKRU: 55555554 [ 187.530286] Call Trace: [ 187.530610] [ 187.530853] __iommufd_access_detach+0x1c2/0x2b0 [ 187.531385] iommufd_access_change_pt+0x149/0x270 [ 187.531910] iommufd_access_replace+0xb4/0x120 [ 187.532409] iommufd_test+0x3e5/0x37e0 [ 187.532828] ? lock_release+0x532/0x770 [ 187.533272] ? __might_fault+0x102/0x1b0 [ 187.533727] ? lock_acquire+0x427/0x4c0 [ 187.534158] ? __pfx_iommufd_test+0x10/0x10 [ 187.534689] ? __pfx_lock_release+0x10/0x10 [ 187.535196] ? __pfx_lock_acquire+0x10/0x10 [ 187.535688] ? write_comp_data+0x2f/0x90 [ 187.536135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.536663] ? write_comp_data+0x2f/0x90 [ 187.537112] iommufd_fops_ioctl+0x37d/0x510 [ 187.537584] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.538120] ? write_comp_data+0x2f/0x90 [ 187.538617] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.539156] __x64_sys_ioctl+0x1a3/0x230 [ 187.539612] do_syscall_64+0x3b/0x90 [ 187.540025] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.540584] RIP: 0033:0x7f4b8743ee5d [ 187.540982] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.542957] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.543791] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.544552] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.545292] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.546034] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.546820] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.547592] [ 187.547841] irq event stamp: 0 [ 187.548175] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.548828] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.549776] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.550681] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.551351] ---[ end trace 0000000000000000 ]--- [ 187.554674] ------------[ cut here ]------------ [ 187.555229] WARNING: CPU: 0 PID: 1782 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.556279] Modules linked in: [ 187.556618] CPU: 0 PID: 1782 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.557524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.558739] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.559290] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.561215] RSP: 0018:ffff88800f7d7bd0 EFLAGS: 00010246 [ 187.561782] RAX: 0000000000000000 RBX: ffff88800cb928a8 RCX: 0000000000000000 [ 187.562577] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 187.563341] RBP: ffff88800f7d7be8 R08: ffffed1001972533 R09: ffffed1001972533 [ 187.564082] R10: ffff88800cb92993 R11: ffffed1001972532 R12: ffff888010c0a400 [ 187.564826] R13: ffff88800cb929e8 R14: ffff8880104c0700 R15: 0000000000000000 [ 187.565570] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.566408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.567070] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.567850] PKRU: 55555554 [ 187.568155] Call Trace: [ 187.568427] [ 187.568666] iommufd_access_destroy_object+0x65/0x170 [ 187.569220] iommufd_object_destroy_user+0x18e/0x220 [ 187.569759] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 187.570377] iommufd_access_destroy+0x43/0x70 [ 187.570906] iommufd_test_staccess_release+0x8d/0xd0 [ 187.571476] __fput+0x26d/0xa40 [ 187.571847] ____fput+0x1e/0x30 [ 187.572203] task_work_run+0x1a4/0x2d0 [ 187.572627] ? __pfx_task_work_run+0x10/0x10 [ 187.573108] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.573706] ? switch_task_namespaces+0xa9/0xe0 [ 187.574387] do_exit+0xb17/0x2ef0 [ 187.575013] ? lock_acquire+0x427/0x4c0 [ 187.575474] ? __pfx_lock_release+0x10/0x10 [ 187.575945] ? __kasan_check_write+0x18/0x20 [ 187.576422] ? do_raw_spin_lock+0x132/0x2a0 [ 187.576890] ? __pfx_do_exit+0x10/0x10 [ 187.577321] ? debug_smp_processor_id+0x20/0x30 [ 187.577827] ? rcu_is_watching+0x19/0xb0 [ 187.578272] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.578817] ? trace_hardirqs_on+0x26/0x120 [ 187.579443] do_group_exit+0xe0/0x2b0 [ 187.580026] __x64_sys_exit_group+0x47/0x50 [ 187.580487] do_syscall_64+0x3b/0x90 [ 187.580899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.581538] RIP: 0033:0x7f4b87518a4d [ 187.581935] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.582647] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.583476] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.584268] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.585382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.586127] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.586925] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.587701] [ 187.587951] irq event stamp: 0 [ 187.588282] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.589044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.590202] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.591113] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.591783] ---[ end trace 0000000000000000 ]--- [ 187.592675] ------------[ cut here ]------------ [ 187.593184] WARNING: CPU: 0 PID: 1782 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.594752] Modules linked in: [ 187.595125] CPU: 0 PID: 1782 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.596054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.597237] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.597796] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.600341] RSP: 0018:ffff88800f7d7b78 EFLAGS: 00010246 [ 187.600924] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.601660] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 187.602417] RBP: ffff88800f7d7b98 R08: ffffed100197253e R09: ffffed100197253e [ 187.603222] R10: ffff88800cb929ef R11: ffffed100197253d R12: ffff88800cb92a90 [ 187.604229] R13: ffff88800cb928a8 R14: ffffffffffffffff R15: ffff88800f7d7c60 [ 187.605131] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.605972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.606626] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.607388] PKRU: 55555554 [ 187.607688] Call Trace: [ 187.607958] [ 187.608200] iommufd_ioas_destroy+0x53/0x70 [ 187.608776] iommufd_fops_release+0x1f7/0x370 [ 187.609527] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.610060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.610617] ? write_comp_data+0x2f/0x90 [ 187.611056] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.611612] __fput+0x26d/0xa40 [ 187.611983] ____fput+0x1e/0x30 [ 187.612340] task_work_run+0x1a4/0x2d0 [ 187.612769] ? __pfx_task_work_run+0x10/0x10 [ 187.613634] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.614173] ? switch_task_namespaces+0xa9/0xe0 [ 187.614725] do_exit+0xb17/0x2ef0 [ 187.615098] ? lock_acquire+0x427/0x4c0 [ 187.615659] ? __pfx_lock_release+0x10/0x10 [ 187.616285] ? __kasan_check_write+0x18/0x20 [ 187.616761] ? do_raw_spin_lock+0x132/0x2a0 [ 187.617233] ? __pfx_do_exit+0x10/0x10 [ 187.617667] ? debug_smp_processor_id+0x20/0x30 [ 187.618403] ? rcu_is_watching+0x19/0xb0 [ 187.618876] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.619373] ? trace_hardirqs_on+0x26/0x120 [ 187.619849] do_group_exit+0xe0/0x2b0 [ 187.620380] __x64_sys_exit_group+0x47/0x50 [ 187.620975] do_syscall_64+0x3b/0x90 [ 187.621391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.621954] RIP: 0033:0x7f4b87518a4d [ 187.622385] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.623287] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.624097] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.624946] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.625874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.626660] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.627686] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.628443] [ 187.628695] irq event stamp: 0 [ 187.629031] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.629808] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.630796] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.631703] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.632647] ---[ end trace 0000000000000000 ]--- [ 187.643462] ------------[ cut here ]------------ [ 187.644124] WARNING: CPU: 0 PID: 1783 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.645439] Modules linked in: [ 187.645863] CPU: 0 PID: 1783 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.647575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.649046] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.649702] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.652129] RSP: 0018:ffff888011c7fbb8 EFLAGS: 00010246 [ 187.652836] RAX: 0000000000000000 RBX: ffff8880171bf8a8 RCX: 0000000000000000 [ 187.653770] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 187.654751] RBP: ffff888011c7fbd0 R08: ffffed1002e37f33 R09: ffffed1002e37f33 [ 187.655710] R10: ffff8880171bf993 R11: ffffed1002e37f32 R12: ffff88800fcb2000 [ 187.656642] R13: ffff8880171bf9e8 R14: ffffffff8352e670 R15: ffff888011c7fe68 [ 187.657575] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.658671] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.659479] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 187.660420] PKRU: 55555554 [ 187.660802] Call Trace: [ 187.661144] [ 187.661449] __iommufd_access_detach+0x1c2/0x2b0 [ 187.662107] iommufd_access_change_pt+0x149/0x270 [ 187.662810] iommufd_access_replace+0xb4/0x120 [ 187.663484] iommufd_test+0x3e5/0x37e0 [ 187.664012] ? lock_release+0x532/0x770 [ 187.664557] ? __might_fault+0x102/0x1b0 [ 187.665112] ? lock_acquire+0x427/0x4c0 [ 187.665658] ? __pfx_iommufd_test+0x10/0x10 [ 187.666231] ? __pfx_lock_release+0x10/0x10 [ 187.666861] ? __pfx_lock_acquire+0x10/0x10 [ 187.667493] ? write_comp_data+0x2f/0x90 [ 187.668063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.668715] ? write_comp_data+0x2f/0x90 [ 187.669268] iommufd_fops_ioctl+0x37d/0x510 [ 187.669851] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.670550] ? write_comp_data+0x2f/0x90 [ 187.671137] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.671796] __x64_sys_ioctl+0x1a3/0x230 [ 187.672354] do_syscall_64+0x3b/0x90 [ 187.672862] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.673556] RIP: 0033:0x7f4b8743ee5d [ 187.674054] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.676476] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.677498] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.678440] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.679424] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.680364] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.681298] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.682244] [ 187.682596] irq event stamp: 0 [ 187.683029] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.683881] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.684976] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.686056] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.686921] ---[ end trace 0000000000000000 ]--- [ 187.691965] ------------[ cut here ]------------ [ 187.692629] WARNING: CPU: 0 PID: 1783 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.693954] Modules linked in: [ 187.694382] CPU: 0 PID: 1783 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.695579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.697067] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.697744] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.700151] RSP: 0018:ffff888011c7fbd0 EFLAGS: 00010246 [ 187.700865] RAX: 0000000000000000 RBX: ffff8880171bf8a8 RCX: 0000000000000000 [ 187.701799] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 187.702775] RBP: ffff888011c7fbe8 R08: ffffed1002e37f33 R09: ffffed1002e37f33 [ 187.703735] R10: ffff8880171bf993 R11: ffffed1002e37f32 R12: ffff88800ae90400 [ 187.704668] R13: ffff8880171bf9e8 R14: ffff888012b36300 R15: 0000000000000000 [ 187.705592] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.706674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.707479] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.708467] PKRU: 55555554 [ 187.708855] Call Trace: [ 187.709197] [ 187.709499] iommufd_access_destroy_object+0x65/0x170 [ 187.710189] iommufd_object_destroy_user+0x18e/0x220 [ 187.710909] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 187.711716] iommufd_access_destroy+0x43/0x70 [ 187.712336] iommufd_test_staccess_release+0x8d/0xd0 [ 187.713016] __fput+0x26d/0xa40 [ 187.713480] ____fput+0x1e/0x30 [ 187.713930] task_work_run+0x1a4/0x2d0 [ 187.714465] ? __pfx_task_work_run+0x10/0x10 [ 187.715097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.715788] ? switch_task_namespaces+0xa9/0xe0 [ 187.716434] do_exit+0xb17/0x2ef0 [ 187.716899] ? lock_acquire+0x427/0x4c0 [ 187.717439] ? __pfx_lock_release+0x10/0x10 [ 187.718020] ? __kasan_check_write+0x18/0x20 [ 187.718657] ? do_raw_spin_lock+0x132/0x2a0 [ 187.719272] ? __pfx_do_exit+0x10/0x10 [ 187.719823] ? debug_smp_processor_id+0x20/0x30 [ 187.720446] ? rcu_is_watching+0x19/0xb0 [ 187.720987] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.721596] ? trace_hardirqs_on+0x26/0x120 [ 187.722177] do_group_exit+0xe0/0x2b0 [ 187.722730] __x64_sys_exit_group+0x47/0x50 [ 187.723347] do_syscall_64+0x3b/0x90 [ 187.723866] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.724560] RIP: 0033:0x7f4b87518a4d [ 187.725052] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.725854] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.726883] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.727851] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.728783] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.729713] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.730681] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.731673] [ 187.731992] irq event stamp: 0 [ 187.732410] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.733235] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.734326] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.735467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.736311] ---[ end trace 0000000000000000 ]--- [ 187.737633] ------------[ cut here ]------------ [ 187.738270] WARNING: CPU: 0 PID: 1783 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.739667] Modules linked in: [ 187.740110] CPU: 0 PID: 1783 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.741255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.742775] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.743491] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.745862] RSP: 0018:ffff888011c7fb78 EFLAGS: 00010246 [ 187.746616] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.747584] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 187.748515] RBP: ffff888011c7fb98 R08: ffffed1002e37f3e R09: ffffed1002e37f3e [ 187.749437] R10: ffff8880171bf9ef R11: ffffed1002e37f3d R12: ffff8880171bfa90 [ 187.750357] R13: ffff8880171bf8a8 R14: ffffffffffffffff R15: ffff888011c7fc60 [ 187.751327] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.752381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.753145] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.754075] PKRU: 55555554 [ 187.754450] Call Trace: [ 187.754826] [ 187.755163] iommufd_ioas_destroy+0x53/0x70 [ 187.755754] iommufd_fops_release+0x1f7/0x370 [ 187.756356] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.757016] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.757671] ? write_comp_data+0x2f/0x90 [ 187.758222] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.758917] __fput+0x26d/0xa40 [ 187.759401] ____fput+0x1e/0x30 [ 187.759864] task_work_run+0x1a4/0x2d0 [ 187.760393] ? __pfx_task_work_run+0x10/0x10 [ 187.760985] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.761638] ? switch_task_namespaces+0xa9/0xe0 [ 187.762268] do_exit+0xb17/0x2ef0 [ 187.762773] ? lock_acquire+0x427/0x4c0 [ 187.763351] ? __pfx_lock_release+0x10/0x10 [ 187.763938] ? __kasan_check_write+0x18/0x20 [ 187.764530] ? do_raw_spin_lock+0x132/0x2a0 [ 187.765099] ? __pfx_do_exit+0x10/0x10 [ 187.765628] ? debug_smp_processor_id+0x20/0x30 [ 187.766248] ? rcu_is_watching+0x19/0xb0 [ 187.766827] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.767458] ? trace_hardirqs_on+0x26/0x120 [ 187.768048] do_group_exit+0xe0/0x2b0 [ 187.768554] __x64_sys_exit_group+0x47/0x50 [ 187.769120] do_syscall_64+0x3b/0x90 [ 187.769626] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.770324] RIP: 0033:0x7f4b87518a4d [ 187.770854] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.771693] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.772695] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.773622] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.774590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.775547] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.776475] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.777417] [ 187.777728] irq event stamp: 0 [ 187.778144] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.779005] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.780132] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.781227] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.782048] ---[ end trace 0000000000000000 ]--- [ 187.788749] ------------[ cut here ]------------ [ 187.789431] WARNING: CPU: 0 PID: 1784 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.790798] Modules linked in: [ 187.791276] CPU: 0 PID: 1784 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.792422] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.793876] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.794585] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.796986] RSP: 0018:ffff888012da7bb8 EFLAGS: 00010246 [ 187.797695] RAX: 0000000000000000 RBX: ffff888018ac38a8 RCX: 0000000000000000 [ 187.798669] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 187.799634] RBP: ffff888012da7bd0 R08: ffffed1003158733 R09: ffffed1003158733 [ 187.800562] R10: ffff888018ac3993 R11: ffffed1003158732 R12: ffff888012e96800 [ 187.801486] R13: ffff888018ac39e8 R14: ffffffff8352e670 R15: ffff888012da7e68 [ 187.802409] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.803503] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.804288] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ef0 [ 187.805221] PKRU: 55555554 [ 187.805595] Call Trace: [ 187.805932] [ 187.806236] __iommufd_access_detach+0x1c2/0x2b0 [ 187.806928] iommufd_access_change_pt+0x149/0x270 [ 187.807620] iommufd_access_replace+0xb4/0x120 [ 187.808251] iommufd_test+0x3e5/0x37e0 [ 187.808785] ? lock_release+0x532/0x770 [ 187.809355] ? __might_fault+0x102/0x1b0 [ 187.809931] ? lock_acquire+0x427/0x4c0 [ 187.810479] ? __pfx_iommufd_test+0x10/0x10 [ 187.811108] ? __pfx_lock_release+0x10/0x10 [ 187.811734] ? __pfx_lock_acquire+0x10/0x10 [ 187.812328] ? write_comp_data+0x2f/0x90 [ 187.812884] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.813537] ? write_comp_data+0x2f/0x90 [ 187.814089] iommufd_fops_ioctl+0x37d/0x510 [ 187.814713] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.815410] ? write_comp_data+0x2f/0x90 [ 187.815966] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.816607] __x64_sys_ioctl+0x1a3/0x230 [ 187.817156] do_syscall_64+0x3b/0x90 [ 187.817663] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.818352] RIP: 0033:0x7f4b8743ee5d [ 187.818881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.821250] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.822238] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.823219] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.824165] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.825120] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.826067] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.827037] [ 187.827376] irq event stamp: 0 [ 187.827804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.828631] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.829963] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.831432] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.832285] ---[ end trace 0000000000000000 ]--- [ 187.837404] ------------[ cut here ]------------ [ 187.838333] WARNING: CPU: 0 PID: 1784 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.839775] Modules linked in: [ 187.840229] CPU: 0 PID: 1784 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.841579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.843346] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.844041] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.846785] RSP: 0018:ffff888012da7bd0 EFLAGS: 00010246 [ 187.847534] RAX: 0000000000000000 RBX: ffff888018ac38a8 RCX: 0000000000000000 [ 187.848469] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 187.849698] RBP: ffff888012da7be8 R08: ffffed1003158733 R09: ffffed1003158733 [ 187.850694] R10: ffff888018ac3993 R11: ffffed1003158732 R12: ffff88800fcb1400 [ 187.851667] R13: ffff888018ac39e8 R14: ffff88800b8cfa00 R15: 0000000000000000 [ 187.852588] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.853674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.854724] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.855670] PKRU: 55555554 [ 187.856043] Call Trace: [ 187.856380] [ 187.856680] iommufd_access_destroy_object+0x65/0x170 [ 187.857370] iommufd_object_destroy_user+0x18e/0x220 [ 187.858146] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 187.859111] iommufd_access_destroy+0x43/0x70 [ 187.859749] iommufd_test_staccess_release+0x8d/0xd0 [ 187.860428] __fput+0x26d/0xa40 [ 187.860890] ____fput+0x1e/0x30 [ 187.861343] task_work_run+0x1a4/0x2d0 [ 187.861922] ? __pfx_task_work_run+0x10/0x10 [ 187.862744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.863424] ? switch_task_namespaces+0xa9/0xe0 [ 187.864057] do_exit+0xb17/0x2ef0 [ 187.864520] ? lock_acquire+0x427/0x4c0 [ 187.865062] ? __pfx_lock_release+0x10/0x10 [ 187.865640] ? __kasan_check_write+0x18/0x20 [ 187.866485] ? do_raw_spin_lock+0x132/0x2a0 [ 187.867130] ? __pfx_do_exit+0x10/0x10 [ 187.867666] ? debug_smp_processor_id+0x20/0x30 [ 187.868285] ? rcu_is_watching+0x19/0xb0 [ 187.868825] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.869431] ? trace_hardirqs_on+0x26/0x120 [ 187.870015] do_group_exit+0xe0/0x2b0 [ 187.870846] __x64_sys_exit_group+0x47/0x50 [ 187.871451] do_syscall_64+0x3b/0x90 [ 187.871963] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.872657] RIP: 0033:0x7f4b87518a4d [ 187.873149] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.873954] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.875301] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.876258] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.877206] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.878156] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.879489] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.880463] [ 187.880793] irq event stamp: 0 [ 187.881224] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.882069] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.883653] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.884771] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.885609] ---[ end trace 0000000000000000 ]--- [ 187.887052] ------------[ cut here ]------------ [ 187.887828] WARNING: CPU: 0 PID: 1784 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 187.889394] Modules linked in: [ 187.889855] CPU: 0 PID: 1784 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.891486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.893329] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 187.894030] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 187.896787] RSP: 0018:ffff888012da7b78 EFLAGS: 00010246 [ 187.897514] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 187.898451] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 187.899498] RBP: ffff888012da7b98 R08: ffffed100315873e R09: ffffed100315873e [ 187.900774] R10: ffff888018ac39ef R11: ffffed100315873d R12: ffff888018ac3a90 [ 187.901740] R13: ffff888018ac38a8 R14: ffffffffffffffff R15: ffff888012da7c60 [ 187.902746] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.903932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.904911] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 187.905886] PKRU: 55555554 [ 187.906274] Call Trace: [ 187.906680] [ 187.907009] iommufd_ioas_destroy+0x53/0x70 [ 187.907733] iommufd_fops_release+0x1f7/0x370 [ 187.908556] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.909258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.910042] ? write_comp_data+0x2f/0x90 [ 187.910814] ? __pfx_iommufd_fops_release+0x10/0x10 [ 187.911541] __fput+0x26d/0xa40 [ 187.912023] ____fput+0x1e/0x30 [ 187.912498] task_work_run+0x1a4/0x2d0 [ 187.913051] ? __pfx_task_work_run+0x10/0x10 [ 187.913660] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.914335] ? switch_task_namespaces+0xa9/0xe0 [ 187.915068] do_exit+0xb17/0x2ef0 [ 187.915588] ? lock_acquire+0x427/0x4c0 [ 187.916160] ? __pfx_lock_release+0x10/0x10 [ 187.916767] ? __kasan_check_write+0x18/0x20 [ 187.917381] ? do_raw_spin_lock+0x132/0x2a0 [ 187.917978] ? __pfx_do_exit+0x10/0x10 [ 187.918608] ? debug_smp_processor_id+0x20/0x30 [ 187.919294] ? rcu_is_watching+0x19/0xb0 [ 187.919862] ? _raw_spin_unlock_irq+0x2b/0x60 [ 187.920489] ? trace_hardirqs_on+0x26/0x120 [ 187.921089] do_group_exit+0xe0/0x2b0 [ 187.921619] __x64_sys_exit_group+0x47/0x50 [ 187.922209] do_syscall_64+0x3b/0x90 [ 187.922802] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.923548] RIP: 0033:0x7f4b87518a4d [ 187.924064] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 187.924879] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 187.925888] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 187.926899] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 187.927888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 187.928836] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 187.929790] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 187.930815] [ 187.931170] irq event stamp: 0 [ 187.931598] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.932437] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.933559] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.934733] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.935609] ---[ end trace 0000000000000000 ]--- [ 187.943482] ------------[ cut here ]------------ [ 187.944134] WARNING: CPU: 0 PID: 1785 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.945924] Modules linked in: [ 187.946385] CPU: 0 PID: 1785 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.948100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.949688] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.950766] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 187.953712] RSP: 0018:ffff88800fb17bb8 EFLAGS: 00010246 [ 187.954831] RAX: 0000000000000000 RBX: ffff88801478a0a8 RCX: 0000000000000000 [ 187.955827] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 187.956887] RBP: ffff88800fb17bd0 R08: ffffed10028f1433 R09: ffffed10028f1433 [ 187.958083] R10: ffff88801478a193 R11: ffffed10028f1432 R12: ffff888020d18c00 [ 187.959286] R13: ffff88801478a1e8 R14: ffffffff8352e670 R15: ffff88800fb17e68 [ 187.960453] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 187.961580] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.962661] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ef0 [ 187.963675] PKRU: 55555554 [ 187.964122] Call Trace: [ 187.964694] [ 187.965026] __iommufd_access_detach+0x1c2/0x2b0 [ 187.965705] iommufd_access_change_pt+0x149/0x270 [ 187.966391] iommufd_access_replace+0xb4/0x120 [ 187.967423] iommufd_test+0x3e5/0x37e0 [ 187.967977] ? lock_release+0x532/0x770 [ 187.968541] ? __might_fault+0x102/0x1b0 [ 187.969149] ? lock_acquire+0x427/0x4c0 [ 187.969928] ? __pfx_iommufd_test+0x10/0x10 [ 187.970610] ? __pfx_lock_release+0x10/0x10 [ 187.971258] ? __pfx_lock_acquire+0x10/0x10 [ 187.972154] ? write_comp_data+0x2f/0x90 [ 187.972745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 187.973426] ? write_comp_data+0x2f/0x90 [ 187.974292] iommufd_fops_ioctl+0x37d/0x510 [ 187.974976] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.975697] ? write_comp_data+0x2f/0x90 [ 187.976284] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 187.977219] __x64_sys_ioctl+0x1a3/0x230 [ 187.977814] do_syscall_64+0x3b/0x90 [ 187.978353] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 187.979173] RIP: 0033:0x7f4b8743ee5d [ 187.979713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 187.982120] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 187.983241] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 187.984213] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 187.985191] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 187.986158] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 187.987237] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 187.988178] [ 187.988439] irq event stamp: 0 [ 187.988776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 187.989462] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 187.990359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 187.991301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 187.991986] ---[ end trace 0000000000000000 ]--- [ 187.995321] ------------[ cut here ]------------ [ 187.995851] WARNING: CPU: 0 PID: 1785 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 187.996885] Modules linked in: [ 187.997298] CPU: 0 PID: 1785 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 187.998198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 187.999432] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 187.999958] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.001846] RSP: 0018:ffff88800fb17bd0 EFLAGS: 00010246 [ 188.002398] RAX: 0000000000000000 RBX: ffff88801478a0a8 RCX: 0000000000000000 [ 188.003189] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 188.003940] RBP: ffff88800fb17be8 R08: ffffed10028f1433 R09: ffffed10028f1433 [ 188.004687] R10: ffff88801478a193 R11: ffffed10028f1432 R12: ffff888012e95000 [ 188.005434] R13: ffff88801478a1e8 R14: ffff888012040700 R15: 0000000000000000 [ 188.006175] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 188.007032] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.007648] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 188.008387] PKRU: 55555554 [ 188.008694] Call Trace: [ 188.008961] [ 188.009194] iommufd_access_destroy_object+0x65/0x170 [ 188.009745] iommufd_object_destroy_user+0x18e/0x220 [ 188.010275] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.010919] iommufd_access_destroy+0x43/0x70 [ 188.011417] iommufd_test_staccess_release+0x8d/0xd0 [ 188.011962] __fput+0x26d/0xa40 [ 188.012326] ____fput+0x1e/0x30 [ 188.012674] task_work_run+0x1a4/0x2d0 [ 188.013091] ? __pfx_task_work_run+0x10/0x10 [ 188.013553] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.014065] ? switch_task_namespaces+0xa9/0xe0 [ 188.014583] do_exit+0xb17/0x2ef0 [ 188.014943] ? lock_acquire+0x427/0x4c0 [ 188.015394] ? __pfx_lock_release+0x10/0x10 [ 188.015845] ? __kasan_check_write+0x18/0x20 [ 188.016297] ? do_raw_spin_lock+0x132/0x2a0 [ 188.016745] ? __pfx_do_exit+0x10/0x10 [ 188.017154] ? debug_smp_processor_id+0x20/0x30 [ 188.017640] ? rcu_is_watching+0x19/0xb0 [ 188.018067] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.018562] ? trace_hardirqs_on+0x26/0x120 [ 188.019013] do_group_exit+0xe0/0x2b0 [ 188.019416] __x64_sys_exit_group+0x47/0x50 [ 188.019866] do_syscall_64+0x3b/0x90 [ 188.020257] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.020797] RIP: 0033:0x7f4b87518a4d [ 188.021180] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.021809] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.022602] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.023345] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.024072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.024802] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.025529] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.026260] [ 188.026502] irq event stamp: 0 [ 188.026846] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.027496] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.028336] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.029272] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.029918] ---[ end trace 0000000000000000 ]--- [ 188.030857] ------------[ cut here ]------------ [ 188.031370] WARNING: CPU: 0 PID: 1785 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.032399] Modules linked in: [ 188.032728] CPU: 0 PID: 1785 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.033615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.034876] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.035369] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.037057] RSP: 0018:ffff88800fb17b78 EFLAGS: 00010246 [ 188.037552] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.038207] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 188.038892] RBP: ffff88800fb17b98 R08: ffffed10028f143e R09: ffffed10028f143e [ 188.039560] R10: ffff88801478a1ef R11: ffffed10028f143d R12: ffff88801478a290 [ 188.040220] R13: ffff88801478a0a8 R14: ffffffffffffffff R15: ffff88800fb17c60 [ 188.040882] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 188.041623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.042174] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 188.042860] PKRU: 55555554 [ 188.043135] Call Trace: [ 188.043375] [ 188.043590] iommufd_ioas_destroy+0x53/0x70 [ 188.044015] iommufd_fops_release+0x1f7/0x370 [ 188.044451] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.044932] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.045403] ? write_comp_data+0x2f/0x90 [ 188.045799] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.046281] __fput+0x26d/0xa40 [ 188.046640] ____fput+0x1e/0x30 [ 188.046970] task_work_run+0x1a4/0x2d0 [ 188.047374] ? __pfx_task_work_run+0x10/0x10 [ 188.047807] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.048279] ? switch_task_namespaces+0xa9/0xe0 [ 188.048745] do_exit+0xb17/0x2ef0 [ 188.049072] ? lock_acquire+0x427/0x4c0 [ 188.049461] ? __pfx_lock_release+0x10/0x10 [ 188.049888] ? __kasan_check_write+0x18/0x20 [ 188.050314] ? do_raw_spin_lock+0x132/0x2a0 [ 188.050751] ? __pfx_do_exit+0x10/0x10 [ 188.051142] ? debug_smp_processor_id+0x20/0x30 [ 188.051593] ? rcu_is_watching+0x19/0xb0 [ 188.051983] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.052418] ? trace_hardirqs_on+0x26/0x120 [ 188.052842] do_group_exit+0xe0/0x2b0 [ 188.053205] __x64_sys_exit_group+0x47/0x50 [ 188.053622] do_syscall_64+0x3b/0x90 [ 188.053999] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.054548] RIP: 0033:0x7f4b87518a4d [ 188.054913] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.055506] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.056229] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.056914] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.057585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.058255] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.058954] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.059654] [ 188.059879] irq event stamp: 0 [ 188.060177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.060772] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.061607] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.062408] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.063035] ---[ end trace 0000000000000000 ]--- [ 188.068755] ------------[ cut here ]------------ [ 188.069279] WARNING: CPU: 0 PID: 1786 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.070253] Modules linked in: [ 188.070678] CPU: 0 PID: 1786 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.071538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.072619] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.073101] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.074882] RSP: 0018:ffff888010dc7bb8 EFLAGS: 00010246 [ 188.075408] RAX: 0000000000000000 RBX: ffff888016ded8a8 RCX: 0000000000000000 [ 188.076097] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 188.076790] RBP: ffff888010dc7bd0 R08: ffffed1002dbdb33 R09: ffffed1002dbdb33 [ 188.077483] R10: ffff888016ded993 R11: ffffed1002dbdb32 R12: ffff8880129ca000 [ 188.078174] R13: ffff888016ded9e8 R14: ffffffff8352e670 R15: ffff888010dc7e68 [ 188.078884] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 188.079684] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.080242] CR2: 0000000020000140 CR3: 00000000148a4000 CR4: 0000000000750ef0 [ 188.080932] PKRU: 55555554 [ 188.081205] Call Trace: [ 188.081456] [ 188.081689] __iommufd_access_detach+0x1c2/0x2b0 [ 188.082166] iommufd_access_change_pt+0x149/0x270 [ 188.082687] iommufd_access_replace+0xb4/0x120 [ 188.083160] iommufd_test+0x3e5/0x37e0 [ 188.083542] ? lock_release+0x532/0x770 [ 188.083947] ? __might_fault+0x102/0x1b0 [ 188.084362] ? lock_acquire+0x427/0x4c0 [ 188.084768] ? __pfx_iommufd_test+0x10/0x10 [ 188.085184] ? __pfx_lock_release+0x10/0x10 [ 188.085611] ? __pfx_lock_acquire+0x10/0x10 [ 188.086045] ? write_comp_data+0x2f/0x90 [ 188.086448] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.086950] ? write_comp_data+0x2f/0x90 [ 188.087365] iommufd_fops_ioctl+0x37d/0x510 [ 188.087789] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.088269] ? write_comp_data+0x2f/0x90 [ 188.088673] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.089148] __x64_sys_ioctl+0x1a3/0x230 [ 188.089764] do_syscall_64+0x3b/0x90 [ 188.090447] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.091085] RIP: 0033:0x7f4b8743ee5d [ 188.091476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.093428] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.094162] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.094877] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.095572] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.096262] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.096948] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.097646] [ 188.097871] irq event stamp: 0 [ 188.098180] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.098819] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.099647] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.100450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.101057] ---[ end trace 0000000000000000 ]--- [ 188.106082] ------------[ cut here ]------------ [ 188.107211] WARNING: CPU: 1 PID: 1786 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.108475] Modules linked in: [ 188.108801] CPU: 1 PID: 1786 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.109692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.111056] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.111588] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.113622] RSP: 0018:ffff888010dc7bd0 EFLAGS: 00010246 [ 188.114170] RAX: 0000000000000000 RBX: ffff888016ded8a8 RCX: 0000000000000000 [ 188.115014] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 188.115844] RBP: ffff888010dc7be8 R08: ffffed1002dbdb33 R09: ffffed1002dbdb33 [ 188.116576] R10: ffff888016ded993 R11: ffffed1002dbdb32 R12: ffff888020d1a400 [ 188.117371] R13: ffff888016ded9e8 R14: ffff888020edb000 R15: 0000000000000000 [ 188.118182] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.119038] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.119679] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.120544] PKRU: 55555554 [ 188.120838] Call Trace: [ 188.121104] [ 188.121340] iommufd_access_destroy_object+0x65/0x170 [ 188.121916] iommufd_object_destroy_user+0x18e/0x220 [ 188.122578] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.123203] iommufd_access_destroy+0x43/0x70 [ 188.123688] iommufd_test_staccess_release+0x8d/0xd0 [ 188.124257] __fput+0x26d/0xa40 [ 188.124740] ____fput+0x1e/0x30 [ 188.125206] task_work_run+0x1a4/0x2d0 [ 188.125642] ? __pfx_task_work_run+0x10/0x10 [ 188.126130] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.126707] ? switch_task_namespaces+0xa9/0xe0 [ 188.127285] do_exit+0xb17/0x2ef0 [ 188.127808] ? lock_acquire+0x427/0x4c0 [ 188.128254] ? __pfx_lock_release+0x10/0x10 [ 188.128727] ? __kasan_check_write+0x18/0x20 [ 188.129210] ? do_raw_spin_lock+0x132/0x2a0 [ 188.129783] ? __pfx_do_exit+0x10/0x10 [ 188.130311] ? debug_smp_processor_id+0x20/0x30 [ 188.130853] ? rcu_is_watching+0x19/0xb0 [ 188.131320] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.131827] ? trace_hardirqs_on+0x26/0x120 [ 188.132364] do_group_exit+0xe0/0x2b0 [ 188.132899] __x64_sys_exit_group+0x47/0x50 [ 188.133367] do_syscall_64+0x3b/0x90 [ 188.133788] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.134363] RIP: 0033:0x7f4b87518a4d [ 188.134889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.135671] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.136489] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.137255] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.138201] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.139005] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.139807] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.140784] [ 188.141036] irq event stamp: 0 [ 188.141380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.142066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.143218] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.144131] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.144818] ---[ end trace 0000000000000000 ]--- [ 188.145976] ------------[ cut here ]------------ [ 188.146717] WARNING: CPU: 1 PID: 1786 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.147886] Modules linked in: [ 188.148395] CPU: 1 PID: 1786 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.149342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.150800] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.151382] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.153557] RSP: 0018:ffff888010dc7b78 EFLAGS: 00010246 [ 188.154142] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.154946] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 188.155893] RBP: ffff888010dc7b98 R08: ffffed1002dbdb3e R09: ffffed1002dbdb3e [ 188.156671] R10: ffff888016ded9ef R11: ffffed1002dbdb3d R12: ffff888016deda90 [ 188.157443] R13: ffff888016ded8a8 R14: ffffffffffffffff R15: ffff888010dc7c60 [ 188.158415] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.159341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.159986] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.160871] PKRU: 55555554 [ 188.161283] Call Trace: [ 188.161567] [ 188.161823] iommufd_ioas_destroy+0x53/0x70 [ 188.162311] iommufd_fops_release+0x1f7/0x370 [ 188.162851] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.163631] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.164181] ? write_comp_data+0x2f/0x90 [ 188.164640] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.165207] __fput+0x26d/0xa40 [ 188.165590] ____fput+0x1e/0x30 [ 188.166064] task_work_run+0x1a4/0x2d0 [ 188.166625] ? __pfx_task_work_run+0x10/0x10 [ 188.167137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.167689] ? switch_task_namespaces+0xa9/0xe0 [ 188.168223] do_exit+0xb17/0x2ef0 [ 188.168696] ? lock_acquire+0x427/0x4c0 [ 188.169245] ? __pfx_lock_release+0x10/0x10 [ 188.169736] ? __kasan_check_write+0x18/0x20 [ 188.170238] ? do_raw_spin_lock+0x132/0x2a0 [ 188.170800] ? __pfx_do_exit+0x10/0x10 [ 188.171269] ? debug_smp_processor_id+0x20/0x30 [ 188.171796] ? rcu_is_watching+0x19/0xb0 [ 188.172250] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.172764] ? trace_hardirqs_on+0x26/0x120 [ 188.173252] do_group_exit+0xe0/0x2b0 [ 188.173683] __x64_sys_exit_group+0x47/0x50 [ 188.174157] do_syscall_64+0x3b/0x90 [ 188.174608] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.175210] RIP: 0033:0x7f4b87518a4d [ 188.175624] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.176297] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.177128] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.177910] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.178722] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.179531] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.180326] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.181121] [ 188.181382] irq event stamp: 0 [ 188.181732] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.182426] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.183385] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.184316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.185018] ---[ end trace 0000000000000000 ]--- [ 188.190038] ------------[ cut here ]------------ [ 188.190692] WARNING: CPU: 1 PID: 1787 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.191833] Modules linked in: [ 188.192191] CPU: 1 PID: 1787 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.193157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.194398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.195023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.197067] RSP: 0018:ffff888016ef7bb8 EFLAGS: 00010246 [ 188.197655] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 188.198435] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 188.199270] RBP: ffff888016ef7bd0 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 188.200056] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff88801422c800 [ 188.200843] R13: ffff88801587c9e8 R14: ffffffff8352e670 R15: ffff888016ef7e68 [ 188.201636] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.202551] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.203375] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ee0 [ 188.204328] PKRU: 55555554 [ 188.204709] Call Trace: [ 188.205052] [ 188.205362] __iommufd_access_detach+0x1c2/0x2b0 [ 188.206021] iommufd_access_change_pt+0x149/0x270 [ 188.206741] iommufd_access_replace+0xb4/0x120 [ 188.207415] iommufd_test+0x3e5/0x37e0 [ 188.207949] ? lock_release+0x532/0x770 [ 188.208501] ? __might_fault+0x102/0x1b0 [ 188.209058] ? lock_acquire+0x427/0x4c0 [ 188.209602] ? __pfx_iommufd_test+0x10/0x10 [ 188.210178] ? __pfx_lock_release+0x10/0x10 [ 188.210809] ? __pfx_lock_acquire+0x10/0x10 [ 188.211435] ? write_comp_data+0x2f/0x90 [ 188.212011] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.212677] ? write_comp_data+0x2f/0x90 [ 188.213237] iommufd_fops_ioctl+0x37d/0x510 [ 188.213821] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.214483] ? write_comp_data+0x2f/0x90 [ 188.215107] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.215795] __x64_sys_ioctl+0x1a3/0x230 [ 188.216359] do_syscall_64+0x3b/0x90 [ 188.216878] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.217577] RIP: 0033:0x7f4b8743ee5d [ 188.218075] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.220460] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.221434] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.222339] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.223287] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.224192] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.225097] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.226012] [ 188.226317] irq event stamp: 0 [ 188.226754] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.227579] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.228642] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.229691] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.230489] ---[ end trace 0000000000000000 ]--- [ 188.235323] ------------[ cut here ]------------ [ 188.235939] WARNING: CPU: 1 PID: 1787 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.237177] Modules linked in: [ 188.237572] CPU: 1 PID: 1787 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.238669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.240073] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.240695] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.242925] RSP: 0018:ffff888016ef7bd0 EFLAGS: 00010246 [ 188.243606] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 188.244472] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 188.245336] RBP: ffff888016ef7be8 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 188.246200] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff8880129c6400 [ 188.247095] R13: ffff88801587c9e8 R14: ffff888012860500 R15: 0000000000000000 [ 188.247991] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.248976] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.249689] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.250593] PKRU: 55555554 [ 188.250947] Call Trace: [ 188.251272] [ 188.251551] iommufd_access_destroy_object+0x65/0x170 [ 188.252180] iommufd_object_destroy_user+0x18e/0x220 [ 188.252794] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.253495] iommufd_access_destroy+0x43/0x70 [ 188.254048] iommufd_test_staccess_release+0x8d/0xd0 [ 188.254695] __fput+0x26d/0xa40 [ 188.255156] ____fput+0x1e/0x30 [ 188.255585] task_work_run+0x1a4/0x2d0 [ 188.256073] ? __pfx_task_work_run+0x10/0x10 [ 188.256613] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.257211] ? switch_task_namespaces+0xa9/0xe0 [ 188.257788] do_exit+0xb17/0x2ef0 [ 188.258210] ? lock_acquire+0x427/0x4c0 [ 188.258741] ? __pfx_lock_release+0x10/0x10 [ 188.259297] ? __kasan_check_write+0x18/0x20 [ 188.259840] ? do_raw_spin_lock+0x132/0x2a0 [ 188.260363] ? __pfx_do_exit+0x10/0x10 [ 188.260846] ? debug_smp_processor_id+0x20/0x30 [ 188.261410] ? rcu_is_watching+0x19/0xb0 [ 188.261902] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.262457] ? trace_hardirqs_on+0x26/0x120 [ 188.263013] do_group_exit+0xe0/0x2b0 [ 188.263502] __x64_sys_exit_group+0x47/0x50 [ 188.264025] do_syscall_64+0x3b/0x90 [ 188.264496] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.265127] RIP: 0033:0x7f4b87518a4d [ 188.265574] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.266303] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.267328] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.267968] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.268595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.269225] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.269853] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.270493] [ 188.270723] irq event stamp: 0 [ 188.271004] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.271578] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.272313] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.273045] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.273597] ---[ end trace 0000000000000000 ]--- [ 188.274391] ------------[ cut here ]------------ [ 188.274842] WARNING: CPU: 1 PID: 1787 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.275758] Modules linked in: [ 188.276047] CPU: 1 PID: 1787 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.276822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.277821] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.278278] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.279928] RSP: 0018:ffff888016ef7b78 EFLAGS: 00010246 [ 188.280404] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.281031] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 188.281659] RBP: ffff888016ef7b98 R08: ffffed1002b0f93e R09: ffffed1002b0f93e [ 188.282283] R10: ffff88801587c9ef R11: ffffed1002b0f93d R12: ffff88801587ca90 [ 188.282931] R13: ffff88801587c8a8 R14: ffffffffffffffff R15: ffff888016ef7c60 [ 188.283574] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.284286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.284799] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.285442] PKRU: 55555554 [ 188.285700] Call Trace: [ 188.285929] [ 188.286132] iommufd_ioas_destroy+0x53/0x70 [ 188.286552] iommufd_fops_release+0x1f7/0x370 [ 188.286962] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.287426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.287867] ? write_comp_data+0x2f/0x90 [ 188.288238] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.288690] __fput+0x26d/0xa40 [ 188.289005] ____fput+0x1e/0x30 [ 188.289312] task_work_run+0x1a4/0x2d0 [ 188.289671] ? __pfx_task_work_run+0x10/0x10 [ 188.290069] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.290535] ? switch_task_namespaces+0xa9/0xe0 [ 188.290968] do_exit+0xb17/0x2ef0 [ 188.291291] ? lock_acquire+0x427/0x4c0 [ 188.291656] ? __pfx_lock_release+0x10/0x10 [ 188.292048] ? __kasan_check_write+0x18/0x20 [ 188.292445] ? do_raw_spin_lock+0x132/0x2a0 [ 188.292836] ? __pfx_do_exit+0x10/0x10 [ 188.293202] ? debug_smp_processor_id+0x20/0x30 [ 188.293620] ? rcu_is_watching+0x19/0xb0 [ 188.293984] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.294397] ? trace_hardirqs_on+0x26/0x120 [ 188.294833] do_group_exit+0xe0/0x2b0 [ 188.295187] __x64_sys_exit_group+0x47/0x50 [ 188.295578] do_syscall_64+0x3b/0x90 [ 188.295922] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.296389] RIP: 0033:0x7f4b87518a4d [ 188.296722] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.297271] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.297947] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.298607] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.299251] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.299886] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.300526] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.301173] [ 188.301382] irq event stamp: 0 [ 188.301665] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.302224] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.303004] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.303758] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.304314] ---[ end trace 0000000000000000 ]--- [ 188.309558] ------------[ cut here ]------------ [ 188.309995] WARNING: CPU: 1 PID: 1788 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.310889] Modules linked in: [ 188.311174] CPU: 1 PID: 1788 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.311901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.312837] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.313252] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.314784] RSP: 0018:ffff888010dc7bb8 EFLAGS: 00010246 [ 188.315237] RAX: 0000000000000000 RBX: ffff888011f660a8 RCX: 0000000000000000 [ 188.315828] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 188.316417] RBP: ffff888010dc7bd0 R08: ffffed10023ecc33 R09: ffffed10023ecc33 [ 188.317008] R10: ffff888011f66193 R11: ffffed10023ecc32 R12: ffff888010e03800 [ 188.317601] R13: ffff888011f661e8 R14: ffffffff8352e670 R15: ffff888010dc7e68 [ 188.318190] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.318879] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.319375] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 188.319970] PKRU: 55555554 [ 188.320207] Call Trace: [ 188.320422] [ 188.320612] __iommufd_access_detach+0x1c2/0x2b0 [ 188.321017] iommufd_access_change_pt+0x149/0x270 [ 188.321422] iommufd_access_replace+0xb4/0x120 [ 188.321812] iommufd_test+0x3e5/0x37e0 [ 188.322139] ? lock_release+0x532/0x770 [ 188.322484] ? __might_fault+0x102/0x1b0 [ 188.322861] ? lock_acquire+0x427/0x4c0 [ 188.323213] ? __pfx_iommufd_test+0x10/0x10 [ 188.323577] ? __pfx_lock_release+0x10/0x10 [ 188.323946] ? __pfx_lock_acquire+0x10/0x10 [ 188.324317] ? write_comp_data+0x2f/0x90 [ 188.324671] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.325084] ? write_comp_data+0x2f/0x90 [ 188.325435] iommufd_fops_ioctl+0x37d/0x510 [ 188.325798] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.326203] ? write_comp_data+0x2f/0x90 [ 188.326573] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.326983] __x64_sys_ioctl+0x1a3/0x230 [ 188.327350] do_syscall_64+0x3b/0x90 [ 188.327674] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.328113] RIP: 0033:0x7f4b8743ee5d [ 188.328425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.329935] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.330591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.331171] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.331733] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.332291] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.332850] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.333429] [ 188.333618] irq event stamp: 0 [ 188.333874] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.334382] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.335085] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.335765] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.336276] ---[ end trace 0000000000000000 ]--- [ 188.339098] ------------[ cut here ]------------ [ 188.339514] WARNING: CPU: 1 PID: 1788 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.340314] Modules linked in: [ 188.340567] CPU: 1 PID: 1788 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.341255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.342137] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.342549] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.343983] RSP: 0018:ffff888010dc7bd0 EFLAGS: 00010246 [ 188.344403] RAX: 0000000000000000 RBX: ffff888011f660a8 RCX: 0000000000000000 [ 188.344966] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 188.345526] RBP: ffff888010dc7be8 R08: ffffed10023ecc33 R09: ffffed10023ecc33 [ 188.346077] R10: ffff888011f66193 R11: ffffed10023ecc32 R12: ffff88801422e800 [ 188.346657] R13: ffff888011f661e8 R14: ffff8880139be100 R15: 0000000000000000 [ 188.347243] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.347879] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.348341] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.349052] PKRU: 55555554 [ 188.349369] Call Trace: [ 188.349572] [ 188.349751] iommufd_access_destroy_object+0x65/0x170 [ 188.350163] iommufd_object_destroy_user+0x18e/0x220 [ 188.350587] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.351049] iommufd_access_destroy+0x43/0x70 [ 188.351422] iommufd_test_staccess_release+0x8d/0xd0 [ 188.351833] __fput+0x26d/0xa40 [ 188.352190] ____fput+0x1e/0x30 [ 188.352519] task_work_run+0x1a4/0x2d0 [ 188.352843] ? __pfx_task_work_run+0x10/0x10 [ 188.353202] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.353595] ? switch_task_namespaces+0xa9/0xe0 [ 188.353977] do_exit+0xb17/0x2ef0 [ 188.354256] ? lock_acquire+0x427/0x4c0 [ 188.354618] ? __pfx_lock_release+0x10/0x10 [ 188.354968] ? __kasan_check_write+0x18/0x20 [ 188.355333] ? do_raw_spin_lock+0x132/0x2a0 [ 188.355681] ? __pfx_do_exit+0x10/0x10 [ 188.356002] ? debug_smp_processor_id+0x20/0x30 [ 188.356502] ? rcu_is_watching+0x19/0xb0 [ 188.356833] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.357202] ? trace_hardirqs_on+0x26/0x120 [ 188.357557] do_group_exit+0xe0/0x2b0 [ 188.357864] __x64_sys_exit_group+0x47/0x50 [ 188.358204] do_syscall_64+0x3b/0x90 [ 188.358534] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.358950] RIP: 0033:0x7f4b87518a4d [ 188.359253] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.359771] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.360472] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.361034] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.361592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.362151] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.362728] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.363321] [ 188.363507] irq event stamp: 0 [ 188.363821] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.364374] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.365037] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.365697] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.366196] ---[ end trace 0000000000000000 ]--- [ 188.366925] ------------[ cut here ]------------ [ 188.367316] WARNING: CPU: 1 PID: 1788 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.368126] Modules linked in: [ 188.368381] CPU: 1 PID: 1788 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.369073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.369965] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.370492] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.371987] RSP: 0018:ffff888010dc7b78 EFLAGS: 00010246 [ 188.372415] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.372975] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 188.373576] RBP: ffff888010dc7b98 R08: ffffed10023ecc3e R09: ffffed10023ecc3e [ 188.374250] R10: ffff888011f661ef R11: ffffed10023ecc3d R12: ffff888011f66290 [ 188.375033] R13: ffff888011f660a8 R14: ffffffffffffffff R15: ffff888010dc7c60 [ 188.375609] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.376245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.376707] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.377275] PKRU: 55555554 [ 188.377537] Call Trace: [ 188.377780] [ 188.378009] iommufd_ioas_destroy+0x53/0x70 [ 188.378365] iommufd_fops_release+0x1f7/0x370 [ 188.378749] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.379160] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.379562] ? write_comp_data+0x2f/0x90 [ 188.379895] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.380295] __fput+0x26d/0xa40 [ 188.380575] ____fput+0x1e/0x30 [ 188.380849] task_work_run+0x1a4/0x2d0 [ 188.381212] ? __pfx_task_work_run+0x10/0x10 [ 188.381661] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.382056] ? switch_task_namespaces+0xa9/0xe0 [ 188.382439] do_exit+0xb17/0x2ef0 [ 188.382741] ? lock_acquire+0x427/0x4c0 [ 188.383071] ? __pfx_lock_release+0x10/0x10 [ 188.383431] ? __kasan_check_write+0x18/0x20 [ 188.383787] ? do_raw_spin_lock+0x132/0x2a0 [ 188.384133] ? __pfx_do_exit+0x10/0x10 [ 188.384457] ? debug_smp_processor_id+0x20/0x30 [ 188.384830] ? rcu_is_watching+0x19/0xb0 [ 188.385259] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.385629] ? trace_hardirqs_on+0x26/0x120 [ 188.385984] do_group_exit+0xe0/0x2b0 [ 188.386294] __x64_sys_exit_group+0x47/0x50 [ 188.386662] do_syscall_64+0x3b/0x90 [ 188.386974] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.387403] RIP: 0033:0x7f4b87518a4d [ 188.387704] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.388193] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.388799] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.389490] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.390056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.390637] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.391209] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.391781] [ 188.391967] irq event stamp: 0 [ 188.392218] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.392834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.393503] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.394160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.394691] ---[ end trace 0000000000000000 ]--- [ 188.400022] ------------[ cut here ]------------ [ 188.400492] WARNING: CPU: 1 PID: 1789 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.401309] Modules linked in: [ 188.401567] CPU: 1 PID: 1789 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.402270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.403408] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.403831] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.405294] RSP: 0018:ffff88800f557bb8 EFLAGS: 00010246 [ 188.405726] RAX: 0000000000000000 RBX: ffff88802189a8a8 RCX: 0000000000000000 [ 188.406297] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 188.407002] RBP: ffff88800f557bd0 R08: ffffed1004313533 R09: ffffed1004313533 [ 188.407583] R10: ffff88802189a993 R11: ffffed1004313532 R12: ffff88801853a400 [ 188.408155] R13: ffff88802189a9e8 R14: ffffffff8352e670 R15: ffff88800f557e68 [ 188.408732] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.409382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.409852] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 188.410584] PKRU: 55555554 [ 188.410819] Call Trace: [ 188.411028] [ 188.411220] __iommufd_access_detach+0x1c2/0x2b0 [ 188.411626] iommufd_access_change_pt+0x149/0x270 [ 188.412029] iommufd_access_replace+0xb4/0x120 [ 188.412417] iommufd_test+0x3e5/0x37e0 [ 188.412742] ? lock_release+0x532/0x770 [ 188.413093] ? __might_fault+0x102/0x1b0 [ 188.413437] ? lock_acquire+0x427/0x4c0 [ 188.413774] ? __pfx_iommufd_test+0x10/0x10 [ 188.414210] ? __pfx_lock_release+0x10/0x10 [ 188.414653] ? __pfx_lock_acquire+0x10/0x10 [ 188.415019] ? write_comp_data+0x2f/0x90 [ 188.415373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.415778] ? write_comp_data+0x2f/0x90 [ 188.416119] iommufd_fops_ioctl+0x37d/0x510 [ 188.416473] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.416875] ? write_comp_data+0x2f/0x90 [ 188.417216] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.417668] __x64_sys_ioctl+0x1a3/0x230 [ 188.418070] do_syscall_64+0x3b/0x90 [ 188.418386] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.418839] RIP: 0033:0x7f4b8743ee5d [ 188.419151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.420623] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.421254] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.421923] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.422499] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.423124] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.423703] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.424288] [ 188.424482] irq event stamp: 0 [ 188.424781] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.425372] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.426047] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.426745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.427291] ---[ end trace 0000000000000000 ]--- [ 188.430163] ------------[ cut here ]------------ [ 188.430623] WARNING: CPU: 1 PID: 1789 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.431482] Modules linked in: [ 188.431815] CPU: 1 PID: 1789 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.432610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.433541] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.433955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.435653] RSP: 0018:ffff88800f557bd0 EFLAGS: 00010246 [ 188.436099] RAX: 0000000000000000 RBX: ffff88802189a8a8 RCX: 0000000000000000 [ 188.436687] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 188.437279] RBP: ffff88800f557be8 R08: ffffed1004313533 R09: ffffed1004313533 [ 188.437873] R10: ffff88802189a993 R11: ffffed1004313532 R12: ffff888010e00400 [ 188.438469] R13: ffff88802189a9e8 R14: ffff888012e15300 R15: 0000000000000000 [ 188.439226] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.439900] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.440387] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.441007] PKRU: 55555554 [ 188.441247] Call Trace: [ 188.441462] [ 188.441652] iommufd_access_destroy_object+0x65/0x170 [ 188.442092] iommufd_object_destroy_user+0x18e/0x220 [ 188.442651] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.443152] iommufd_access_destroy+0x43/0x70 [ 188.443542] iommufd_test_staccess_release+0x8d/0xd0 [ 188.443976] __fput+0x26d/0xa40 [ 188.444270] ____fput+0x1e/0x30 [ 188.444557] task_work_run+0x1a4/0x2d0 [ 188.444897] ? __pfx_task_work_run+0x10/0x10 [ 188.445276] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.445716] ? switch_task_namespaces+0xa9/0xe0 [ 188.446180] do_exit+0xb17/0x2ef0 [ 188.446557] ? lock_acquire+0x427/0x4c0 [ 188.446905] ? __pfx_lock_release+0x10/0x10 [ 188.447293] ? __kasan_check_write+0x18/0x20 [ 188.447671] ? do_raw_spin_lock+0x132/0x2a0 [ 188.448037] ? __pfx_do_exit+0x10/0x10 [ 188.448375] ? debug_smp_processor_id+0x20/0x30 [ 188.448774] ? rcu_is_watching+0x19/0xb0 [ 188.449122] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.449513] ? trace_hardirqs_on+0x26/0x120 [ 188.449963] do_group_exit+0xe0/0x2b0 [ 188.450358] __x64_sys_exit_group+0x47/0x50 [ 188.450744] do_syscall_64+0x3b/0x90 [ 188.451068] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.451518] RIP: 0033:0x7f4b87518a4d [ 188.451831] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.452347] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.452986] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.453673] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.454336] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.454957] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.455563] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.456167] [ 188.456364] irq event stamp: 0 [ 188.456630] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.457177] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.457992] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.458717] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.459259] ---[ end trace 0000000000000000 ]--- [ 188.460003] ------------[ cut here ]------------ [ 188.460402] WARNING: CPU: 1 PID: 1789 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.461340] Modules linked in: [ 188.461677] CPU: 1 PID: 1789 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.462410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.463373] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.463814] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.465483] RSP: 0018:ffff88800f557b78 EFLAGS: 00010246 [ 188.465928] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.466538] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 188.467141] RBP: ffff88800f557b98 R08: ffffed100431353e R09: ffffed100431353e [ 188.467805] R10: ffff88802189a9ef R11: ffffed100431353d R12: ffff88802189aa90 [ 188.468448] R13: ffff88802189a8a8 R14: ffffffffffffffff R15: ffff88800f557c60 [ 188.469031] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.469692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.470246] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.470899] PKRU: 55555554 [ 188.471146] Call Trace: [ 188.471359] [ 188.471552] iommufd_ioas_destroy+0x53/0x70 [ 188.471918] iommufd_fops_release+0x1f7/0x370 [ 188.472298] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.472716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.473184] ? write_comp_data+0x2f/0x90 [ 188.473592] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.474013] __fput+0x26d/0xa40 [ 188.474304] ____fput+0x1e/0x30 [ 188.474611] task_work_run+0x1a4/0x2d0 [ 188.474948] ? __pfx_task_work_run+0x10/0x10 [ 188.475334] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.475741] ? switch_task_namespaces+0xa9/0xe0 [ 188.476141] do_exit+0xb17/0x2ef0 [ 188.476581] ? lock_acquire+0x427/0x4c0 [ 188.476926] ? __pfx_lock_release+0x10/0x10 [ 188.477296] ? __kasan_check_write+0x18/0x20 [ 188.477669] ? do_raw_spin_lock+0x132/0x2a0 [ 188.478037] ? __pfx_do_exit+0x10/0x10 [ 188.478372] ? debug_smp_processor_id+0x20/0x30 [ 188.478790] ? rcu_is_watching+0x19/0xb0 [ 188.479288] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.479676] ? trace_hardirqs_on+0x26/0x120 [ 188.480046] do_group_exit+0xe0/0x2b0 [ 188.480372] __x64_sys_exit_group+0x47/0x50 [ 188.480730] do_syscall_64+0x3b/0x90 [ 188.481050] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.481487] RIP: 0033:0x7f4b87518a4d [ 188.481799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.482391] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.483138] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.483730] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.484321] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.484910] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.485657] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.486254] [ 188.486451] irq event stamp: 0 [ 188.486733] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.487268] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.487960] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.488807] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.489329] ---[ end trace 0000000000000000 ]--- [ 188.493060] ------------[ cut here ]------------ [ 188.493482] WARNING: CPU: 1 PID: 1790 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.494320] Modules linked in: [ 188.494652] CPU: 1 PID: 1790 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.495466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.496455] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.496864] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.498532] RSP: 0018:ffff888010dc7bb8 EFLAGS: 00010246 [ 188.498975] RAX: 0000000000000000 RBX: ffff88801876e8a8 RCX: 0000000000000000 [ 188.499572] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 188.500155] RBP: ffff888010dc7bd0 R08: ffffed10030edd33 R09: ffffed10030edd33 [ 188.500827] R10: ffff88801876e993 R11: ffffed10030edd32 R12: ffff888013b21800 [ 188.501478] R13: ffff88801876e9e8 R14: ffffffff8352e670 R15: ffff888010dc7e68 [ 188.502062] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.502763] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.503275] CR2: 00007f4b877410e8 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 188.504063] PKRU: 55555554 [ 188.504308] Call Trace: [ 188.504528] [ 188.504724] __iommufd_access_detach+0x1c2/0x2b0 [ 188.505142] iommufd_access_change_pt+0x149/0x270 [ 188.505575] iommufd_access_replace+0xb4/0x120 [ 188.506035] iommufd_test+0x3e5/0x37e0 [ 188.506488] ? lock_release+0x532/0x770 [ 188.506866] ? __might_fault+0x102/0x1b0 [ 188.507258] ? lock_acquire+0x427/0x4c0 [ 188.507612] ? __pfx_iommufd_test+0x10/0x10 [ 188.507985] ? __pfx_lock_release+0x10/0x10 [ 188.508368] ? __pfx_lock_acquire+0x10/0x10 [ 188.508753] ? write_comp_data+0x2f/0x90 [ 188.509206] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.509693] ? write_comp_data+0x2f/0x90 [ 188.510055] iommufd_fops_ioctl+0x37d/0x510 [ 188.510434] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.510879] ? write_comp_data+0x2f/0x90 [ 188.511249] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.511668] __x64_sys_ioctl+0x1a3/0x230 [ 188.512060] do_syscall_64+0x3b/0x90 [ 188.512492] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.512960] RIP: 0033:0x7f4b8743ee5d [ 188.513288] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.514998] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.515710] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.516328] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.516951] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.517606] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.518342] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.519001] [ 188.519240] irq event stamp: 0 [ 188.519516] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.520067] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.520941] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.521672] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.522222] ---[ end trace 0000000000000000 ]--- [ 188.525434] ------------[ cut here ]------------ [ 188.526049] WARNING: CPU: 1 PID: 1790 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.526964] Modules linked in: [ 188.527264] CPU: 1 PID: 1790 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.528026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.529104] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.529684] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.531291] RSP: 0018:ffff888010dc7bd0 EFLAGS: 00010246 [ 188.531851] RAX: 0000000000000000 RBX: ffff88801876e8a8 RCX: 0000000000000000 [ 188.532619] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 188.533239] RBP: ffff888010dc7be8 R08: ffffed10030edd33 R09: ffffed10030edd33 [ 188.533862] R10: ffff88801876e993 R11: ffffed10030edd32 R12: ffff888018538800 [ 188.534595] R13: ffff88801876e9e8 R14: ffff8880149bda00 R15: 0000000000000000 [ 188.535369] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.536074] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.536581] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 188.537200] PKRU: 55555554 [ 188.537447] Call Trace: [ 188.537672] [ 188.537872] iommufd_access_destroy_object+0x65/0x170 [ 188.538431] iommufd_object_destroy_user+0x18e/0x220 [ 188.539012] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.539536] iommufd_access_destroy+0x43/0x70 [ 188.539940] iommufd_test_staccess_release+0x8d/0xd0 [ 188.540416] __fput+0x26d/0xa40 [ 188.540728] ____fput+0x1e/0x30 [ 188.541036] task_work_run+0x1a4/0x2d0 [ 188.541387] ? __pfx_task_work_run+0x10/0x10 [ 188.541779] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.542307] ? switch_task_namespaces+0xa9/0xe0 [ 188.542857] do_exit+0xb17/0x2ef0 [ 188.543176] ? lock_acquire+0x427/0x4c0 [ 188.543542] ? __pfx_lock_release+0x10/0x10 [ 188.543927] ? __kasan_check_write+0x18/0x20 [ 188.544328] ? do_raw_spin_lock+0x132/0x2a0 [ 188.544712] ? __pfx_do_exit+0x10/0x10 [ 188.545063] ? debug_smp_processor_id+0x20/0x30 [ 188.545475] ? rcu_is_watching+0x19/0xb0 [ 188.545833] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.546343] ? trace_hardirqs_on+0x26/0x120 [ 188.546863] do_group_exit+0xe0/0x2b0 [ 188.547217] __x64_sys_exit_group+0x47/0x50 [ 188.547602] do_syscall_64+0x3b/0x90 [ 188.547941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.548409] RIP: 0033:0x7f4b87518a4d [ 188.548740] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.549272] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.549936] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.550768] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.551404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.552028] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.552651] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.553282] [ 188.553489] irq event stamp: 0 [ 188.553768] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.554494] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.555264] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.555990] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.556547] ---[ end trace 0000000000000000 ]--- [ 188.557351] ------------[ cut here ]------------ [ 188.557816] WARNING: CPU: 1 PID: 1790 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.558883] Modules linked in: [ 188.559184] CPU: 1 PID: 1790 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.559948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.560932] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.561392] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.563192] RSP: 0018:ffff888010dc7b78 EFLAGS: 00010246 [ 188.563666] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.564289] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 188.564911] RBP: ffff888010dc7b98 R08: ffffed10030edd3e R09: ffffed10030edd3e [ 188.565634] R10: ffff88801876e9ef R11: ffffed10030edd3d R12: ffff88801876ea90 [ 188.566315] R13: ffff88801876e8a8 R14: ffffffffffffffff R15: ffff888010dc7c60 [ 188.566966] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.567679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.568193] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 188.568817] PKRU: 55555554 [ 188.569067] Call Trace: [ 188.569382] [ 188.569679] iommufd_ioas_destroy+0x53/0x70 [ 188.570068] iommufd_fops_release+0x1f7/0x370 [ 188.570472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.570941] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.571393] ? write_comp_data+0x2f/0x90 [ 188.571764] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.572205] __fput+0x26d/0xa40 [ 188.572510] ____fput+0x1e/0x30 [ 188.572809] task_work_run+0x1a4/0x2d0 [ 188.573162] ? __pfx_task_work_run+0x10/0x10 [ 188.573722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.574162] ? switch_task_namespaces+0xa9/0xe0 [ 188.574619] do_exit+0xb17/0x2ef0 [ 188.574926] ? lock_acquire+0x427/0x4c0 [ 188.575295] ? __pfx_lock_release+0x10/0x10 [ 188.575684] ? __kasan_check_write+0x18/0x20 [ 188.576078] ? do_raw_spin_lock+0x132/0x2a0 [ 188.576461] ? __pfx_do_exit+0x10/0x10 [ 188.576813] ? debug_smp_processor_id+0x20/0x30 [ 188.577239] ? rcu_is_watching+0x19/0xb0 [ 188.577746] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.578149] ? trace_hardirqs_on+0x26/0x120 [ 188.578555] do_group_exit+0xe0/0x2b0 [ 188.578940] __x64_sys_exit_group+0x47/0x50 [ 188.579468] do_syscall_64+0x3b/0x90 [ 188.579812] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.580275] RIP: 0033:0x7f4b87518a4d [ 188.580599] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.581135] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.581793] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.582628] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.583258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.583880] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.584497] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.585124] [ 188.585330] irq event stamp: 0 [ 188.585610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.586357] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.587112] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.587858] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.588409] ---[ end trace 0000000000000000 ]--- [ 188.593245] ------------[ cut here ]------------ [ 188.593703] WARNING: CPU: 1 PID: 1791 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.594673] Modules linked in: [ 188.594956] CPU: 1 PID: 1791 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.595734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.596710] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.597143] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.598741] RSP: 0018:ffff88800f557bb8 EFLAGS: 00010246 [ 188.599214] RAX: 0000000000000000 RBX: ffff8880160660a8 RCX: 0000000000000000 [ 188.599830] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 188.600442] RBP: ffff88800f557bd0 R08: ffffed1002c0cc33 R09: ffffed1002c0cc33 [ 188.601058] R10: ffff888016066193 R11: ffffed1002c0cc32 R12: ffff888018a69c00 [ 188.601674] R13: ffff8880160661e8 R14: ffffffff8352e670 R15: ffff88800f557e68 [ 188.602289] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.603015] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.603533] CR2: 00007f4b877410e8 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 188.604171] PKRU: 55555554 [ 188.604418] Call Trace: [ 188.604644] [ 188.604843] __iommufd_access_detach+0x1c2/0x2b0 [ 188.605277] iommufd_access_change_pt+0x149/0x270 [ 188.605710] iommufd_access_replace+0xb4/0x120 [ 188.606118] iommufd_test+0x3e5/0x37e0 [ 188.606459] ? lock_release+0x532/0x770 [ 188.606941] ? __might_fault+0x102/0x1b0 [ 188.607413] ? lock_acquire+0x427/0x4c0 [ 188.607776] ? __pfx_iommufd_test+0x10/0x10 [ 188.608156] ? __pfx_lock_release+0x10/0x10 [ 188.608547] ? __pfx_lock_acquire+0x10/0x10 [ 188.608937] ? write_comp_data+0x2f/0x90 [ 188.609305] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.609737] ? write_comp_data+0x2f/0x90 [ 188.610101] iommufd_fops_ioctl+0x37d/0x510 [ 188.610528] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.610961] ? write_comp_data+0x2f/0x90 [ 188.611337] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.611836] __x64_sys_ioctl+0x1a3/0x230 [ 188.612307] do_syscall_64+0x3b/0x90 [ 188.612646] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.613109] RIP: 0033:0x7f4b8743ee5d [ 188.613441] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.615049] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.615752] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.616534] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.617155] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.617772] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.618390] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.619038] [ 188.619254] irq event stamp: 0 [ 188.619535] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.620171] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.620984] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.621715] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.622268] ---[ end trace 0000000000000000 ]--- [ 188.625380] ------------[ cut here ]------------ [ 188.625825] WARNING: CPU: 1 PID: 1791 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.626746] Modules linked in: [ 188.627027] CPU: 1 PID: 1791 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.627800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.628777] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.629209] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.630794] RSP: 0018:ffff88800f557bd0 EFLAGS: 00010246 [ 188.631241] RAX: 0000000000000000 RBX: ffff8880160660a8 RCX: 0000000000000000 [ 188.631827] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 188.632413] RBP: ffff88800f557be8 R08: ffffed1002c0cc33 R09: ffffed1002c0cc33 [ 188.632995] R10: ffff888016066193 R11: ffffed1002c0cc32 R12: ffff888013b22400 [ 188.633578] R13: ffff8880160661e8 R14: ffff888020edbe00 R15: 0000000000000000 [ 188.634166] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.634846] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.635336] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.635922] PKRU: 55555554 [ 188.636156] Call Trace: [ 188.636369] [ 188.636558] iommufd_access_destroy_object+0x65/0x170 [ 188.636988] iommufd_object_destroy_user+0x18e/0x220 [ 188.637410] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.637895] iommufd_access_destroy+0x43/0x70 [ 188.638275] iommufd_test_staccess_release+0x8d/0xd0 [ 188.638722] __fput+0x26d/0xa40 [ 188.639013] ____fput+0x1e/0x30 [ 188.639310] task_work_run+0x1a4/0x2d0 [ 188.639647] ? __pfx_task_work_run+0x10/0x10 [ 188.640022] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.640433] ? switch_task_namespaces+0xa9/0xe0 [ 188.640833] do_exit+0xb17/0x2ef0 [ 188.641123] ? lock_acquire+0x427/0x4c0 [ 188.641462] ? __pfx_lock_release+0x10/0x10 [ 188.641824] ? __kasan_check_write+0x18/0x20 [ 188.642194] ? do_raw_spin_lock+0x132/0x2a0 [ 188.642587] ? __pfx_do_exit+0x10/0x10 [ 188.642921] ? debug_smp_processor_id+0x20/0x30 [ 188.643327] ? rcu_is_watching+0x19/0xb0 [ 188.643670] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.644052] ? trace_hardirqs_on+0x26/0x120 [ 188.644422] do_group_exit+0xe0/0x2b0 [ 188.644744] __x64_sys_exit_group+0x47/0x50 [ 188.645101] do_syscall_64+0x3b/0x90 [ 188.645416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.645850] RIP: 0033:0x7f4b87518a4d [ 188.646157] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.646685] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.647319] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.647903] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.648485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.649069] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.649653] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.650244] [ 188.650438] irq event stamp: 0 [ 188.650721] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.651249] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.651937] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.652625] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.653142] ---[ end trace 0000000000000000 ]--- [ 188.653863] ------------[ cut here ]------------ [ 188.654250] WARNING: CPU: 1 PID: 1791 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.655110] Modules linked in: [ 188.655388] CPU: 1 PID: 1791 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.656107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.657028] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.657452] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.658960] RSP: 0018:ffff88800f557b78 EFLAGS: 00010246 [ 188.659411] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.659993] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 188.660576] RBP: ffff88800f557b98 R08: ffffed1002c0cc3e R09: ffffed1002c0cc3e [ 188.661160] R10: ffff8880160661ef R11: ffffed1002c0cc3d R12: ffff888016066290 [ 188.661750] R13: ffff8880160660a8 R14: ffffffffffffffff R15: ffff88800f557c60 [ 188.662336] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.663017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.663506] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.664090] PKRU: 55555554 [ 188.664328] Call Trace: [ 188.664541] [ 188.664730] iommufd_ioas_destroy+0x53/0x70 [ 188.665093] iommufd_fops_release+0x1f7/0x370 [ 188.665476] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.665894] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.666305] ? write_comp_data+0x2f/0x90 [ 188.666670] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.667087] __fput+0x26d/0xa40 [ 188.667386] ____fput+0x1e/0x30 [ 188.667670] task_work_run+0x1a4/0x2d0 [ 188.668002] ? __pfx_task_work_run+0x10/0x10 [ 188.668371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.668781] ? switch_task_namespaces+0xa9/0xe0 [ 188.669182] do_exit+0xb17/0x2ef0 [ 188.669469] ? lock_acquire+0x427/0x4c0 [ 188.669806] ? __pfx_lock_release+0x10/0x10 [ 188.670168] ? __kasan_check_write+0x18/0x20 [ 188.670560] ? do_raw_spin_lock+0x132/0x2a0 [ 188.670921] ? __pfx_do_exit+0x10/0x10 [ 188.671267] ? debug_smp_processor_id+0x20/0x30 [ 188.671662] ? rcu_is_watching+0x19/0xb0 [ 188.672006] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.672386] ? trace_hardirqs_on+0x26/0x120 [ 188.672751] do_group_exit+0xe0/0x2b0 [ 188.673071] __x64_sys_exit_group+0x47/0x50 [ 188.673430] do_syscall_64+0x3b/0x90 [ 188.673747] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.674182] RIP: 0033:0x7f4b87518a4d [ 188.674492] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.675016] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.675658] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.676245] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.676831] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.677419] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.678001] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.678609] [ 188.678806] irq event stamp: 0 [ 188.679069] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.679601] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.680292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.680975] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.681491] ---[ end trace 0000000000000000 ]--- [ 188.685464] ------------[ cut here ]------------ [ 188.685880] WARNING: CPU: 1 PID: 1792 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.686748] Modules linked in: [ 188.687014] CPU: 1 PID: 1792 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.687748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.688664] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.689072] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.690792] RSP: 0018:ffff888023fafbb8 EFLAGS: 00010246 [ 188.691241] RAX: 0000000000000000 RBX: ffff888013ece8a8 RCX: 0000000000000000 [ 188.691824] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 188.692403] RBP: ffff888023fafbd0 R08: ffffed10027d9d33 R09: ffffed10027d9d33 [ 188.692990] R10: ffff888013ece993 R11: ffffed10027d9d32 R12: ffff888014328800 [ 188.693582] R13: ffff888013ece9e8 R14: ffffffff8352e670 R15: ffff888023fafe68 [ 188.694164] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.694844] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.695329] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 188.695920] PKRU: 55555554 [ 188.696156] Call Trace: [ 188.696368] [ 188.696556] __iommufd_access_detach+0x1c2/0x2b0 [ 188.696966] iommufd_access_change_pt+0x149/0x270 [ 188.697378] iommufd_access_replace+0xb4/0x120 [ 188.697768] iommufd_test+0x3e5/0x37e0 [ 188.698090] ? lock_release+0x532/0x770 [ 188.698432] ? __might_fault+0x102/0x1b0 [ 188.698797] ? lock_acquire+0x427/0x4c0 [ 188.699152] ? __pfx_iommufd_test+0x10/0x10 [ 188.699510] ? __pfx_lock_release+0x10/0x10 [ 188.699881] ? __pfx_lock_acquire+0x10/0x10 [ 188.700262] ? write_comp_data+0x2f/0x90 [ 188.700610] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.701022] ? write_comp_data+0x2f/0x90 [ 188.701370] iommufd_fops_ioctl+0x37d/0x510 [ 188.701731] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.702137] ? write_comp_data+0x2f/0x90 [ 188.702481] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.702905] __x64_sys_ioctl+0x1a3/0x230 [ 188.703266] do_syscall_64+0x3b/0x90 [ 188.703589] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.704026] RIP: 0033:0x7f4b8743ee5d [ 188.704334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.705827] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.706453] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.707057] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.707657] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.708245] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.708830] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.709425] [ 188.709620] irq event stamp: 0 [ 188.709880] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.710397] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.711113] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.711812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.712335] ---[ end trace 0000000000000000 ]--- [ 188.715213] ------------[ cut here ]------------ [ 188.715639] WARNING: CPU: 1 PID: 1792 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.716472] Modules linked in: [ 188.716740] CPU: 1 PID: 1792 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.717454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.718347] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.718762] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.720222] RSP: 0018:ffff888023fafbd0 EFLAGS: 00010246 [ 188.720649] RAX: 0000000000000000 RBX: ffff888013ece8a8 RCX: 0000000000000000 [ 188.721216] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 188.721787] RBP: ffff888023fafbe8 R08: ffffed10027d9d33 R09: ffffed10027d9d33 [ 188.722359] R10: ffff888013ece993 R11: ffffed10027d9d32 R12: ffff888018a68c00 [ 188.722950] R13: ffff888013ece9e8 R14: ffff8880123ec200 R15: 0000000000000000 [ 188.723533] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.724177] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.724644] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.725209] PKRU: 55555554 [ 188.725440] Call Trace: [ 188.725645] [ 188.725830] iommufd_access_destroy_object+0x65/0x170 [ 188.726246] iommufd_object_destroy_user+0x18e/0x220 [ 188.726677] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.727170] iommufd_access_destroy+0x43/0x70 [ 188.727546] iommufd_test_staccess_release+0x8d/0xd0 [ 188.727963] __fput+0x26d/0xa40 [ 188.728248] ____fput+0x1e/0x30 [ 188.728524] task_work_run+0x1a4/0x2d0 [ 188.728848] ? __pfx_task_work_run+0x10/0x10 [ 188.729209] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.729609] ? switch_task_namespaces+0xa9/0xe0 [ 188.729993] do_exit+0xb17/0x2ef0 [ 188.730273] ? lock_acquire+0x427/0x4c0 [ 188.730620] ? __pfx_lock_release+0x10/0x10 [ 188.730976] ? __kasan_check_write+0x18/0x20 [ 188.731350] ? do_raw_spin_lock+0x132/0x2a0 [ 188.731703] ? __pfx_do_exit+0x10/0x10 [ 188.732026] ? debug_smp_processor_id+0x20/0x30 [ 188.732407] ? rcu_is_watching+0x19/0xb0 [ 188.732738] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.733114] ? trace_hardirqs_on+0x26/0x120 [ 188.733471] do_group_exit+0xe0/0x2b0 [ 188.733782] __x64_sys_exit_group+0x47/0x50 [ 188.734132] do_syscall_64+0x3b/0x90 [ 188.734442] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.734884] RIP: 0033:0x7f4b87518a4d [ 188.735199] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.735688] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.736298] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.736865] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.737434] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.738000] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.738588] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.739178] [ 188.739366] irq event stamp: 0 [ 188.739620] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.740123] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.740794] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.741467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.741972] ---[ end trace 0000000000000000 ]--- [ 188.742711] ------------[ cut here ]------------ [ 188.743093] WARNING: CPU: 1 PID: 1792 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.743913] Modules linked in: [ 188.744171] CPU: 1 PID: 1792 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.744867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.745762] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.746175] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.747657] RSP: 0018:ffff888023fafb78 EFLAGS: 00010246 [ 188.748092] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.748662] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 188.749229] RBP: ffff888023fafb98 R08: ffffed10027d9d3e R09: ffffed10027d9d3e [ 188.749797] R10: ffff888013ece9ef R11: ffffed10027d9d3d R12: ffff888013ecea90 [ 188.750360] R13: ffff888013ece8a8 R14: ffffffffffffffff R15: ffff888023fafc60 [ 188.750941] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.751594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.752058] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.752623] PKRU: 55555554 [ 188.752850] Call Trace: [ 188.753056] [ 188.753240] iommufd_ioas_destroy+0x53/0x70 [ 188.753600] iommufd_fops_release+0x1f7/0x370 [ 188.753972] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.754375] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.754791] ? write_comp_data+0x2f/0x90 [ 188.755140] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.755545] __fput+0x26d/0xa40 [ 188.755826] ____fput+0x1e/0x30 [ 188.756101] task_work_run+0x1a4/0x2d0 [ 188.756424] ? __pfx_task_work_run+0x10/0x10 [ 188.756786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.757190] ? switch_task_namespaces+0xa9/0xe0 [ 188.757585] do_exit+0xb17/0x2ef0 [ 188.757871] ? lock_acquire+0x427/0x4c0 [ 188.758214] ? __pfx_lock_release+0x10/0x10 [ 188.758605] ? __kasan_check_write+0x18/0x20 [ 188.758973] ? do_raw_spin_lock+0x132/0x2a0 [ 188.759345] ? __pfx_do_exit+0x10/0x10 [ 188.759672] ? debug_smp_processor_id+0x20/0x30 [ 188.760053] ? rcu_is_watching+0x19/0xb0 [ 188.760384] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.760757] ? trace_hardirqs_on+0x26/0x120 [ 188.761114] do_group_exit+0xe0/0x2b0 [ 188.761425] __x64_sys_exit_group+0x47/0x50 [ 188.761771] do_syscall_64+0x3b/0x90 [ 188.762079] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.762527] RIP: 0033:0x7f4b87518a4d [ 188.762831] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.763336] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.763945] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.764518] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.765089] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.765656] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.766221] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.766817] [ 188.767012] irq event stamp: 0 [ 188.767279] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.767783] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.768448] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.769125] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.769637] ---[ end trace 0000000000000000 ]--- [ 188.773691] ------------[ cut here ]------------ [ 188.774098] WARNING: CPU: 1 PID: 1793 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.774946] Modules linked in: [ 188.775219] CPU: 1 PID: 1793 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.775920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.776813] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.777214] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.778681] RSP: 0018:ffff8880245a7bb8 EFLAGS: 00010246 [ 188.779105] RAX: 0000000000000000 RBX: ffff8880136a80a8 RCX: 0000000000000000 [ 188.779685] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 188.780261] RBP: ffff8880245a7bd0 R08: ffffed10026d5033 R09: ffffed10026d5033 [ 188.780850] R10: ffff8880136a8193 R11: ffffed10026d5032 R12: ffff88801890b000 [ 188.781442] R13: ffff8880136a81e8 R14: ffffffff8352e670 R15: ffff8880245a7e68 [ 188.782033] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.782721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.783231] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 188.783824] PKRU: 55555554 [ 188.784060] Call Trace: [ 188.784276] [ 188.784469] __iommufd_access_detach+0x1c2/0x2b0 [ 188.784886] iommufd_access_change_pt+0x149/0x270 [ 188.785297] iommufd_access_replace+0xb4/0x120 [ 188.785690] iommufd_test+0x3e5/0x37e0 [ 188.786017] ? lock_release+0x532/0x770 [ 188.786360] ? __might_fault+0x102/0x1b0 [ 188.786728] ? lock_acquire+0x427/0x4c0 [ 188.787074] ? __pfx_iommufd_test+0x10/0x10 [ 188.787446] ? __pfx_lock_release+0x10/0x10 [ 188.787812] ? __pfx_lock_acquire+0x10/0x10 [ 188.788179] ? write_comp_data+0x2f/0x90 [ 188.788543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.788956] ? write_comp_data+0x2f/0x90 [ 188.789308] iommufd_fops_ioctl+0x37d/0x510 [ 188.789672] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.790078] ? write_comp_data+0x2f/0x90 [ 188.790426] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.790851] __x64_sys_ioctl+0x1a3/0x230 [ 188.791214] do_syscall_64+0x3b/0x90 [ 188.791539] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.791978] RIP: 0033:0x7f4b8743ee5d [ 188.792290] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.793796] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.794426] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.795027] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.795627] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.796217] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.796798] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.797390] [ 188.797587] irq event stamp: 0 [ 188.797848] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.798364] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.799068] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.799776] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.800295] ---[ end trace 0000000000000000 ]--- [ 188.803089] ------------[ cut here ]------------ [ 188.803517] WARNING: CPU: 1 PID: 1793 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.804353] Modules linked in: [ 188.804622] CPU: 1 PID: 1793 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.805336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.806255] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.806686] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.808186] RSP: 0018:ffff8880245a7bd0 EFLAGS: 00010246 [ 188.808623] RAX: 0000000000000000 RBX: ffff8880136a80a8 RCX: 0000000000000000 [ 188.809204] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 188.809787] RBP: ffff8880245a7be8 R08: ffffed10026d5033 R09: ffffed10026d5033 [ 188.810366] R10: ffff8880136a8193 R11: ffffed10026d5032 R12: ffff88801432ac00 [ 188.810967] R13: ffff8880136a81e8 R14: ffff888020c43c00 R15: 0000000000000000 [ 188.811567] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.812231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.812717] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.813306] PKRU: 55555554 [ 188.813543] Call Trace: [ 188.813754] [ 188.813941] iommufd_access_destroy_object+0x65/0x170 [ 188.814374] iommufd_object_destroy_user+0x18e/0x220 [ 188.814817] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.815326] iommufd_access_destroy+0x43/0x70 [ 188.815714] iommufd_test_staccess_release+0x8d/0xd0 [ 188.816152] __fput+0x26d/0xa40 [ 188.816447] ____fput+0x1e/0x30 [ 188.816731] task_work_run+0x1a4/0x2d0 [ 188.817064] ? __pfx_task_work_run+0x10/0x10 [ 188.817439] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.817852] ? switch_task_namespaces+0xa9/0xe0 [ 188.818251] do_exit+0xb17/0x2ef0 [ 188.818576] ? lock_acquire+0x427/0x4c0 [ 188.818921] ? __pfx_lock_release+0x10/0x10 [ 188.819304] ? __kasan_check_write+0x18/0x20 [ 188.819673] ? do_raw_spin_lock+0x132/0x2a0 [ 188.820035] ? __pfx_do_exit+0x10/0x10 [ 188.820370] ? debug_smp_processor_id+0x20/0x30 [ 188.820766] ? rcu_is_watching+0x19/0xb0 [ 188.821106] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.821488] ? trace_hardirqs_on+0x26/0x120 [ 188.821851] do_group_exit+0xe0/0x2b0 [ 188.822166] __x64_sys_exit_group+0x47/0x50 [ 188.822543] do_syscall_64+0x3b/0x90 [ 188.822865] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.823313] RIP: 0033:0x7f4b87518a4d [ 188.823621] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.824125] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.824750] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.825336] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.825922] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.826525] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.827110] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.827722] [ 188.827920] irq event stamp: 0 [ 188.828191] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.828719] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.829419] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.830116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.830672] ---[ end trace 0000000000000000 ]--- [ 188.831412] ------------[ cut here ]------------ [ 188.831803] WARNING: CPU: 1 PID: 1793 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.832638] Modules linked in: [ 188.832903] CPU: 1 PID: 1793 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.833620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.834572] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.835005] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.836520] RSP: 0018:ffff8880245a7b78 EFLAGS: 00010246 [ 188.836967] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.837559] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 188.838159] RBP: ffff8880245a7b98 R08: ffffed10026d503e R09: ffffed10026d503e [ 188.838783] R10: ffff8880136a81ef R11: ffffed10026d503d R12: ffff8880136a8290 [ 188.839400] R13: ffff8880136a80a8 R14: ffffffffffffffff R15: ffff8880245a7c60 [ 188.839998] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.840661] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.841145] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 188.841731] PKRU: 55555554 [ 188.841974] Call Trace: [ 188.842195] [ 188.842393] iommufd_ioas_destroy+0x53/0x70 [ 188.842809] iommufd_fops_release+0x1f7/0x370 [ 188.843218] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.843654] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.844087] ? write_comp_data+0x2f/0x90 [ 188.844450] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.844887] __fput+0x26d/0xa40 [ 188.845189] ____fput+0x1e/0x30 [ 188.845490] task_work_run+0x1a4/0x2d0 [ 188.845840] ? __pfx_task_work_run+0x10/0x10 [ 188.846234] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.846703] ? switch_task_namespaces+0xa9/0xe0 [ 188.847142] do_exit+0xb17/0x2ef0 [ 188.847462] ? lock_acquire+0x427/0x4c0 [ 188.847824] ? __pfx_lock_release+0x10/0x10 [ 188.848209] ? __kasan_check_write+0x18/0x20 [ 188.848602] ? do_raw_spin_lock+0x132/0x2a0 [ 188.848984] ? __pfx_do_exit+0x10/0x10 [ 188.849347] ? debug_smp_processor_id+0x20/0x30 [ 188.849771] ? rcu_is_watching+0x19/0xb0 [ 188.850133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.850576] ? trace_hardirqs_on+0x26/0x120 [ 188.850968] do_group_exit+0xe0/0x2b0 [ 188.851318] __x64_sys_exit_group+0x47/0x50 [ 188.851708] do_syscall_64+0x3b/0x90 [ 188.852057] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.852534] RIP: 0033:0x7f4b87518a4d [ 188.852872] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.853419] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.854108] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.854778] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.855424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.856053] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.856682] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.857320] [ 188.857530] irq event stamp: 0 [ 188.857810] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.858370] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.859142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.859880] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.860433] ---[ end trace 0000000000000000 ]--- [ 188.864609] ------------[ cut here ]------------ [ 188.865104] WARNING: CPU: 1 PID: 1794 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.866247] Modules linked in: [ 188.866937] CPU: 1 PID: 1794 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.867782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.868815] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.869277] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.871392] RSP: 0018:ffff888010eefbb8 EFLAGS: 00010246 [ 188.871895] RAX: 0000000000000000 RBX: ffff888023e8c0a8 RCX: 0000000000000000 [ 188.872557] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 188.873224] RBP: ffff888010eefbd0 R08: ffffed10047d1833 R09: ffffed10047d1833 [ 188.874009] R10: ffff888023e8c193 R11: ffffed10047d1832 R12: ffff888010af6c00 [ 188.874924] R13: ffff888023e8c1e8 R14: ffffffff8352e670 R15: ffff888010eefe68 [ 188.875614] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.876375] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.876926] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 188.877595] PKRU: 55555554 [ 188.877921] Call Trace: [ 188.878236] [ 188.878602] __iommufd_access_detach+0x1c2/0x2b0 [ 188.879069] iommufd_access_change_pt+0x149/0x270 [ 188.879548] iommufd_access_replace+0xb4/0x120 [ 188.879994] iommufd_test+0x3e5/0x37e0 [ 188.880366] ? lock_release+0x532/0x770 [ 188.880759] ? __might_fault+0x102/0x1b0 [ 188.881160] ? lock_acquire+0x427/0x4c0 [ 188.881559] ? __pfx_iommufd_test+0x10/0x10 [ 188.881996] ? __pfx_lock_release+0x10/0x10 [ 188.882593] ? __pfx_lock_acquire+0x10/0x10 [ 188.883104] ? write_comp_data+0x2f/0x90 [ 188.883520] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.883990] ? write_comp_data+0x2f/0x90 [ 188.884395] iommufd_fops_ioctl+0x37d/0x510 [ 188.884820] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.885289] ? write_comp_data+0x2f/0x90 [ 188.885683] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 188.886278] __x64_sys_ioctl+0x1a3/0x230 [ 188.886844] do_syscall_64+0x3b/0x90 [ 188.887231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.887736] RIP: 0033:0x7f4b8743ee5d [ 188.888094] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 188.889902] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 188.890819] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 188.891510] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 188.892239] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 188.892971] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 188.893853] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 188.894815] [ 188.895059] irq event stamp: 0 [ 188.895400] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.896056] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.896921] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.897838] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.899062] ---[ end trace 0000000000000000 ]--- [ 188.908645] ------------[ cut here ]------------ [ 188.909334] WARNING: CPU: 1 PID: 1794 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 188.911254] Modules linked in: [ 188.911745] CPU: 1 PID: 1794 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.912936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.914680] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 188.915400] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 188.917932] RSP: 0018:ffff888010eefbd0 EFLAGS: 00010246 [ 188.918831] RAX: 0000000000000000 RBX: ffff888023e8c0a8 RCX: 0000000000000000 [ 188.919837] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 188.920783] RBP: ffff888010eefbe8 R08: ffffed10047d1833 R09: ffffed10047d1833 [ 188.921881] R10: ffff888023e8c193 R11: ffffed10047d1832 R12: ffff888018909c00 [ 188.922994] R13: ffff888023e8c1e8 R14: ffff888020f65f00 R15: 0000000000000000 [ 188.923975] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.925043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.925831] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 188.926877] PKRU: 55555554 [ 188.927327] Call Trace: [ 188.927721] [ 188.928152] iommufd_access_destroy_object+0x65/0x170 [ 188.928975] iommufd_object_destroy_user+0x18e/0x220 [ 188.929666] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 188.930452] iommufd_access_destroy+0x43/0x70 [ 188.931193] iommufd_test_staccess_release+0x8d/0xd0 [ 188.931941] __fput+0x26d/0xa40 [ 188.932485] ____fput+0x1e/0x30 [ 188.933147] task_work_run+0x1a4/0x2d0 [ 188.933690] ? __pfx_task_work_run+0x10/0x10 [ 188.934310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.935078] ? switch_task_namespaces+0xa9/0xe0 [ 188.935818] do_exit+0xb17/0x2ef0 [ 188.936332] ? lock_acquire+0x427/0x4c0 [ 188.936971] ? __pfx_lock_release+0x10/0x10 [ 188.937780] ? __kasan_check_write+0x18/0x20 [ 188.938418] ? do_raw_spin_lock+0x132/0x2a0 [ 188.939093] ? __pfx_do_exit+0x10/0x10 [ 188.939716] ? debug_smp_processor_id+0x20/0x30 [ 188.940386] ? rcu_is_watching+0x19/0xb0 [ 188.940963] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.941707] ? trace_hardirqs_on+0x26/0x120 [ 188.942453] do_group_exit+0xe0/0x2b0 [ 188.943055] __x64_sys_exit_group+0x47/0x50 [ 188.943695] do_syscall_64+0x3b/0x90 [ 188.944239] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.944951] RIP: 0033:0x7f4b87518a4d [ 188.945465] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.946464] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.947674] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.948647] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.949621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.950670] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.951746] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 188.952689] [ 188.953008] irq event stamp: 0 [ 188.953419] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 188.954341] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 188.955512] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 188.956582] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 188.957573] ---[ end trace 0000000000000000 ]--- [ 188.959107] ------------[ cut here ]------------ [ 188.959823] WARNING: CPU: 1 PID: 1794 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 188.961365] Modules linked in: [ 188.961785] CPU: 1 PID: 1794 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 188.963231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 188.964627] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 188.965292] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 188.967808] RSP: 0018:ffff888010eefb78 EFLAGS: 00010246 [ 188.968506] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 188.969504] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 188.970401] RBP: ffff888010eefb98 R08: ffffed10047d183e R09: ffffed10047d183e [ 188.971492] R10: ffff888023e8c1ef R11: ffffed10047d183d R12: ffff888023e8c290 [ 188.972398] R13: ffff888023e8c0a8 R14: ffffffffffffffff R15: ffff888010eefc60 [ 188.973284] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 188.974373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.975264] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 188.976184] PKRU: 55555554 [ 188.976558] Call Trace: [ 188.976890] [ 188.977271] iommufd_ioas_destroy+0x53/0x70 [ 188.977932] iommufd_fops_release+0x1f7/0x370 [ 188.978603] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.979375] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.979869] ? write_comp_data+0x2f/0x90 [ 188.980671] ? __pfx_iommufd_fops_release+0x10/0x10 [ 188.981320] __fput+0x26d/0xa40 [ 188.981774] ____fput+0x1e/0x30 [ 188.982217] task_work_run+0x1a4/0x2d0 [ 188.982900] ? __pfx_task_work_run+0x10/0x10 [ 188.983618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 188.984270] ? switch_task_namespaces+0xa9/0xe0 [ 188.984919] do_exit+0xb17/0x2ef0 [ 188.985387] ? lock_acquire+0x427/0x4c0 [ 188.986011] ? __pfx_lock_release+0x10/0x10 [ 188.986718] ? __kasan_check_write+0x18/0x20 [ 188.987328] ? do_raw_spin_lock+0x132/0x2a0 [ 188.987892] ? __pfx_do_exit+0x10/0x10 [ 188.988420] ? debug_smp_processor_id+0x20/0x30 [ 188.989128] ? rcu_is_watching+0x19/0xb0 [ 188.989757] ? _raw_spin_unlock_irq+0x2b/0x60 [ 188.990355] ? trace_hardirqs_on+0x26/0x120 [ 188.990985] do_group_exit+0xe0/0x2b0 [ 188.991523] __x64_sys_exit_group+0x47/0x50 [ 188.992201] do_syscall_64+0x3b/0x90 [ 188.992812] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 188.993507] RIP: 0033:0x7f4b87518a4d [ 188.994007] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 188.994972] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 188.995993] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 188.996934] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 188.997953] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 188.998991] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 188.999944] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.000953] [ 189.001366] irq event stamp: 0 [ 189.001782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.002651] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.003818] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.004801] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.005411] ---[ end trace 0000000000000000 ]--- [ 189.010554] ------------[ cut here ]------------ [ 189.011064] WARNING: CPU: 1 PID: 1795 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.012195] Modules linked in: [ 189.012630] CPU: 1 PID: 1795 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.013482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.014607] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.015205] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.017080] RSP: 0018:ffff888018347bb8 EFLAGS: 00010246 [ 189.017610] RAX: 0000000000000000 RBX: ffff88801609e8a8 RCX: 0000000000000000 [ 189.018534] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 189.019255] RBP: ffff888018347bd0 R08: ffffed1002c13d33 R09: ffffed1002c13d33 [ 189.019933] R10: ffff88801609e993 R11: ffffed1002c13d32 R12: ffff88801226f800 [ 189.020614] R13: ffff88801609e9e8 R14: ffffffff8352e670 R15: ffff888018347e68 [ 189.021482] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.022244] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.022819] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 189.023527] PKRU: 55555554 [ 189.023808] Call Trace: [ 189.024081] [ 189.024362] __iommufd_access_detach+0x1c2/0x2b0 [ 189.024892] iommufd_access_change_pt+0x149/0x270 [ 189.025374] iommufd_access_replace+0xb4/0x120 [ 189.025860] iommufd_test+0x3e5/0x37e0 [ 189.026268] ? lock_release+0x532/0x770 [ 189.026728] ? __might_fault+0x102/0x1b0 [ 189.027311] ? lock_acquire+0x427/0x4c0 [ 189.027860] ? __pfx_iommufd_test+0x10/0x10 [ 189.028321] ? __pfx_lock_release+0x10/0x10 [ 189.028781] ? __pfx_lock_acquire+0x10/0x10 [ 189.029243] ? write_comp_data+0x2f/0x90 [ 189.029683] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.030261] ? write_comp_data+0x2f/0x90 [ 189.030840] iommufd_fops_ioctl+0x37d/0x510 [ 189.031315] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.031829] ? write_comp_data+0x2f/0x90 [ 189.032259] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.032765] __x64_sys_ioctl+0x1a3/0x230 [ 189.033214] do_syscall_64+0x3b/0x90 [ 189.033611] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.034157] RIP: 0033:0x7f4b8743ee5d [ 189.034595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.036735] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.037528] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.038264] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.039166] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.040018] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.040747] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.041495] [ 189.041739] irq event stamp: 0 [ 189.042063] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.042987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.043868] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.044721] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.045383] ---[ end trace 0000000000000000 ]--- [ 189.048674] ------------[ cut here ]------------ [ 189.049241] WARNING: CPU: 1 PID: 1795 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.050278] Modules linked in: [ 189.050697] CPU: 1 PID: 1795 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.051608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.052985] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.053509] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.055521] RSP: 0018:ffff888018347bd0 EFLAGS: 00010246 [ 189.056177] RAX: 0000000000000000 RBX: ffff88801609e8a8 RCX: 0000000000000000 [ 189.056917] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 189.057664] RBP: ffff888018347be8 R08: ffffed1002c13d33 R09: ffffed1002c13d33 [ 189.058440] R10: ffff88801609e993 R11: ffffed1002c13d32 R12: ffff888010af6000 [ 189.059478] R13: ffff88801609e9e8 R14: ffff88801381ab00 R15: 0000000000000000 [ 189.060233] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.061081] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.061704] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.062541] PKRU: 55555554 [ 189.062970] Call Trace: [ 189.063266] [ 189.063519] iommufd_access_destroy_object+0x65/0x170 [ 189.064078] iommufd_object_destroy_user+0x18e/0x220 [ 189.064631] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.065261] iommufd_access_destroy+0x43/0x70 [ 189.065759] iommufd_test_staccess_release+0x8d/0xd0 [ 189.066448] __fput+0x26d/0xa40 [ 189.066987] ____fput+0x1e/0x30 [ 189.067368] task_work_run+0x1a4/0x2d0 [ 189.067795] ? __pfx_task_work_run+0x10/0x10 [ 189.068269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.068797] ? switch_task_namespaces+0xa9/0xe0 [ 189.069312] do_exit+0xb17/0x2ef0 [ 189.069719] ? lock_acquire+0x427/0x4c0 [ 189.070339] ? __pfx_lock_release+0x10/0x10 [ 189.070843] ? __kasan_check_write+0x18/0x20 [ 189.071333] ? do_raw_spin_lock+0x132/0x2a0 [ 189.071797] ? __pfx_do_exit+0x10/0x10 [ 189.072227] ? debug_smp_processor_id+0x20/0x30 [ 189.072731] ? rcu_is_watching+0x19/0xb0 [ 189.073173] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.073895] ? trace_hardirqs_on+0x26/0x120 [ 189.074369] do_group_exit+0xe0/0x2b0 [ 189.074815] __x64_sys_exit_group+0x47/0x50 [ 189.075295] do_syscall_64+0x3b/0x90 [ 189.075705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.076259] RIP: 0033:0x7f4b87518a4d [ 189.076657] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.077433] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.078357] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.079164] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.079930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.080691] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.081664] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.082435] [ 189.082716] irq event stamp: 0 [ 189.083054] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.083749] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.084731] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.085725] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.086405] ---[ end trace 0000000000000000 ]--- [ 189.087391] ------------[ cut here ]------------ [ 189.087900] WARNING: CPU: 1 PID: 1795 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.089230] Modules linked in: [ 189.089583] CPU: 1 PID: 1795 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.090502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.091821] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.092521] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.094420] RSP: 0018:ffff888018347b78 EFLAGS: 00010246 [ 189.095069] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.095977] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 189.096841] RBP: ffff888018347b98 R08: ffffed1002c13d3e R09: ffffed1002c13d3e [ 189.097610] R10: ffff88801609e9ef R11: ffffed1002c13d3d R12: ffff88801609ea90 [ 189.098377] R13: ffff88801609e8a8 R14: ffffffffffffffff R15: ffff888018347c60 [ 189.099195] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.100236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.100858] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.101624] PKRU: 55555554 [ 189.101933] Call Trace: [ 189.102214] [ 189.102459] iommufd_ioas_destroy+0x53/0x70 [ 189.103080] iommufd_fops_release+0x1f7/0x370 [ 189.103719] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.104262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.104789] ? write_comp_data+0x2f/0x90 [ 189.105233] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.105767] __fput+0x26d/0xa40 [ 189.106139] ____fput+0x1e/0x30 [ 189.106536] task_work_run+0x1a4/0x2d0 [ 189.106955] ? __pfx_task_work_run+0x10/0x10 [ 189.107654] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.108192] ? switch_task_namespaces+0xa9/0xe0 [ 189.108706] do_exit+0xb17/0x2ef0 [ 189.109081] ? lock_acquire+0x427/0x4c0 [ 189.109522] ? __pfx_lock_release+0x10/0x10 [ 189.109989] ? __kasan_check_write+0x18/0x20 [ 189.110668] ? do_raw_spin_lock+0x132/0x2a0 [ 189.111155] ? __pfx_do_exit+0x10/0x10 [ 189.111585] ? debug_smp_processor_id+0x20/0x30 [ 189.112094] ? rcu_is_watching+0x19/0xb0 [ 189.112529] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.113021] ? trace_hardirqs_on+0x26/0x120 [ 189.113491] do_group_exit+0xe0/0x2b0 [ 189.113949] __x64_sys_exit_group+0x47/0x50 [ 189.114571] do_syscall_64+0x3b/0x90 [ 189.114981] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.115551] RIP: 0033:0x7f4b87518a4d [ 189.115948] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.116606] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.117473] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.118374] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.119180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.119944] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.120701] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.121721] [ 189.121977] irq event stamp: 0 [ 189.122314] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.123035] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.123940] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.124830] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.125728] ---[ end trace 0000000000000000 ]--- [ 189.130950] ------------[ cut here ]------------ [ 189.131534] WARNING: CPU: 1 PID: 1796 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.132592] Modules linked in: [ 189.132934] CPU: 1 PID: 1796 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.134090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.135345] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.135870] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.137995] RSP: 0018:ffff888010eefbb8 EFLAGS: 00010246 [ 189.138588] RAX: 0000000000000000 RBX: ffff888013af28a8 RCX: 0000000000000000 [ 189.139364] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 189.140146] RBP: ffff888010eefbd0 R08: ffffed100275e533 R09: ffffed100275e533 [ 189.141113] R10: ffff888013af2993 R11: ffffed100275e532 R12: ffff888010e01c00 [ 189.141857] R13: ffff888013af29e8 R14: ffffffff8352e670 R15: ffff888010eefe68 [ 189.142632] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.143479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.144308] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 189.145057] PKRU: 55555554 [ 189.145356] Call Trace: [ 189.145622] [ 189.145858] __iommufd_access_detach+0x1c2/0x2b0 [ 189.146366] iommufd_access_change_pt+0x149/0x270 [ 189.147026] iommufd_access_replace+0xb4/0x120 [ 189.147950] iommufd_test+0x3e5/0x37e0 [ 189.148502] ? lock_release+0x532/0x770 [ 189.149070] ? __might_fault+0x102/0x1b0 [ 189.149632] ? lock_acquire+0x427/0x4c0 [ 189.150185] ? __pfx_iommufd_test+0x10/0x10 [ 189.150859] ? __pfx_lock_release+0x10/0x10 [ 189.151510] ? __pfx_lock_acquire+0x10/0x10 [ 189.152147] ? write_comp_data+0x2f/0x90 [ 189.153168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.153866] ? write_comp_data+0x2f/0x90 [ 189.154472] iommufd_fops_ioctl+0x37d/0x510 [ 189.155248] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.155938] ? write_comp_data+0x2f/0x90 [ 189.156541] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.157373] __x64_sys_ioctl+0x1a3/0x230 [ 189.158048] do_syscall_64+0x3b/0x90 [ 189.158660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.159427] RIP: 0033:0x7f4b8743ee5d [ 189.159957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.162756] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.163825] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.164809] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.165777] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.166914] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.167918] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.168901] [ 189.169251] irq event stamp: 0 [ 189.169686] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.170611] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.171779] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.172908] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.173770] ---[ end trace 0000000000000000 ]--- [ 189.179020] ------------[ cut here ]------------ [ 189.179708] WARNING: CPU: 1 PID: 1796 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.180756] Modules linked in: [ 189.181089] CPU: 1 PID: 1796 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.181973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.183170] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.183651] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.185356] RSP: 0018:ffff888010eefbd0 EFLAGS: 00010246 [ 189.185859] RAX: 0000000000000000 RBX: ffff888013af28a8 RCX: 0000000000000000 [ 189.186558] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 189.187235] RBP: ffff888010eefbe8 R08: ffffed100275e533 R09: ffffed100275e533 [ 189.187902] R10: ffff888013af2993 R11: ffffed100275e532 R12: ffff88801226e000 [ 189.188585] R13: ffff888013af29e8 R14: ffff88800b8cf200 R15: 0000000000000000 [ 189.189252] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.190010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.190589] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.191274] PKRU: 55555554 [ 189.191543] Call Trace: [ 189.191780] [ 189.191993] iommufd_access_destroy_object+0x65/0x170 [ 189.192486] iommufd_object_destroy_user+0x18e/0x220 [ 189.192981] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.193535] iommufd_access_destroy+0x43/0x70 [ 189.193964] iommufd_test_staccess_release+0x8d/0xd0 [ 189.194457] __fput+0x26d/0xa40 [ 189.194811] ____fput+0x1e/0x30 [ 189.195147] task_work_run+0x1a4/0x2d0 [ 189.195523] ? __pfx_task_work_run+0x10/0x10 [ 189.195955] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.196424] ? switch_task_namespaces+0xa9/0xe0 [ 189.196889] do_exit+0xb17/0x2ef0 [ 189.197217] ? lock_acquire+0x427/0x4c0 [ 189.197606] ? __pfx_lock_release+0x10/0x10 [ 189.198030] ? __kasan_check_write+0x18/0x20 [ 189.198460] ? do_raw_spin_lock+0x132/0x2a0 [ 189.198899] ? __pfx_do_exit+0x10/0x10 [ 189.199298] ? debug_smp_processor_id+0x20/0x30 [ 189.199746] ? rcu_is_watching+0x19/0xb0 [ 189.200139] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.200576] ? trace_hardirqs_on+0x26/0x120 [ 189.201006] do_group_exit+0xe0/0x2b0 [ 189.201372] __x64_sys_exit_group+0x47/0x50 [ 189.201784] do_syscall_64+0x3b/0x90 [ 189.202147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.202674] RIP: 0033:0x7f4b87518a4d [ 189.203029] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.203626] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.204359] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.205034] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.205701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.206369] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.207069] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.207769] [ 189.207995] irq event stamp: 0 [ 189.208289] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.208885] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.209671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.210454] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.211072] ---[ end trace 0000000000000000 ]--- [ 189.211915] ------------[ cut here ]------------ [ 189.212365] WARNING: CPU: 1 PID: 1796 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.213328] Modules linked in: [ 189.213635] CPU: 1 PID: 1796 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.214455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.215562] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.216051] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.217765] RSP: 0018:ffff888010eefb78 EFLAGS: 00010246 [ 189.218288] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.219039] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 189.219798] RBP: ffff888010eefb98 R08: ffffed100275e53e R09: ffffed100275e53e [ 189.220538] R10: ffff888013af29ef R11: ffffed100275e53d R12: ffff888013af2a90 [ 189.221263] R13: ffff888013af28a8 R14: ffffffffffffffff R15: ffff888010eefc60 [ 189.221986] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.222852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.223466] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.224208] PKRU: 55555554 [ 189.224500] Call Trace: [ 189.224771] [ 189.225003] iommufd_ioas_destroy+0x53/0x70 [ 189.225457] iommufd_fops_release+0x1f7/0x370 [ 189.225931] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.226451] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.226990] ? write_comp_data+0x2f/0x90 [ 189.227441] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.227966] __fput+0x26d/0xa40 [ 189.228327] ____fput+0x1e/0x30 [ 189.228675] task_work_run+0x1a4/0x2d0 [ 189.229084] ? __pfx_task_work_run+0x10/0x10 [ 189.229548] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.230047] ? switch_task_namespaces+0xa9/0xe0 [ 189.230565] do_exit+0xb17/0x2ef0 [ 189.230927] ? lock_acquire+0x427/0x4c0 [ 189.231361] ? __pfx_lock_release+0x10/0x10 [ 189.231817] ? __kasan_check_write+0x18/0x20 [ 189.232278] ? do_raw_spin_lock+0x132/0x2a0 [ 189.232724] ? __pfx_do_exit+0x10/0x10 [ 189.233137] ? debug_smp_processor_id+0x20/0x30 [ 189.233616] ? rcu_is_watching+0x19/0xb0 [ 189.234030] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.234500] ? trace_hardirqs_on+0x26/0x120 [ 189.234986] do_group_exit+0xe0/0x2b0 [ 189.235415] __x64_sys_exit_group+0x47/0x50 [ 189.235864] do_syscall_64+0x3b/0x90 [ 189.236255] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.236801] RIP: 0033:0x7f4b87518a4d [ 189.237184] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.237815] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.238626] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.239376] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.240116] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.240843] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.241567] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.242301] [ 189.242570] irq event stamp: 0 [ 189.242894] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.243569] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.244422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.245275] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.245922] ---[ end trace 0000000000000000 ]--- [ 189.251253] ------------[ cut here ]------------ [ 189.251807] WARNING: CPU: 1 PID: 1797 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.252845] Modules linked in: [ 189.253175] CPU: 1 PID: 1797 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.254085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.255326] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.255929] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.257849] RSP: 0018:ffff8880137c7bb8 EFLAGS: 00010246 [ 189.258406] RAX: 0000000000000000 RBX: ffff888010b990a8 RCX: 0000000000000000 [ 189.259190] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 189.259972] RBP: ffff8880137c7bd0 R08: ffffed1002173233 R09: ffffed1002173233 [ 189.260709] R10: ffff888010b99193 R11: ffffed1002173232 R12: ffff888014580800 [ 189.261431] R13: ffff888010b991e8 R14: ffffffff8352e670 R15: ffff8880137c7e68 [ 189.262165] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.263028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.263701] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 189.264436] PKRU: 55555554 [ 189.264734] Call Trace: [ 189.265010] [ 189.265242] __iommufd_access_detach+0x1c2/0x2b0 [ 189.265742] iommufd_access_change_pt+0x149/0x270 [ 189.266255] iommufd_access_replace+0xb4/0x120 [ 189.266783] iommufd_test+0x3e5/0x37e0 [ 189.267301] ? lock_release+0x532/0x770 [ 189.267742] ? __might_fault+0x102/0x1b0 [ 189.268173] ? lock_acquire+0x427/0x4c0 [ 189.268612] ? __pfx_iommufd_test+0x10/0x10 [ 189.269058] ? __pfx_lock_release+0x10/0x10 [ 189.269518] ? __pfx_lock_acquire+0x10/0x10 [ 189.269967] ? write_comp_data+0x2f/0x90 [ 189.270402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.270966] ? write_comp_data+0x2f/0x90 [ 189.271467] iommufd_fops_ioctl+0x37d/0x510 [ 189.271932] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.272440] ? write_comp_data+0x2f/0x90 [ 189.272876] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.273387] __x64_sys_ioctl+0x1a3/0x230 [ 189.273821] do_syscall_64+0x3b/0x90 [ 189.274227] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.274828] RIP: 0033:0x7f4b8743ee5d [ 189.275238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.277110] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.277896] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.278653] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.279398] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.280128] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.280856] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.281599] [ 189.281839] irq event stamp: 0 [ 189.282157] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.282845] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.283724] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.284580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.285226] ---[ end trace 0000000000000000 ]--- [ 189.288509] ------------[ cut here ]------------ [ 189.289045] WARNING: CPU: 1 PID: 1797 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.290073] Modules linked in: [ 189.290404] CPU: 1 PID: 1797 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.291560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.292712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.293229] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.295095] RSP: 0018:ffff8880137c7bd0 EFLAGS: 00010246 [ 189.295660] RAX: 0000000000000000 RBX: ffff888010b990a8 RCX: 0000000000000000 [ 189.296386] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 189.297132] RBP: ffff8880137c7be8 R08: ffffed1002173233 R09: ffffed1002173233 [ 189.297870] R10: ffff888010b99193 R11: ffffed1002173232 R12: ffff888010e03c00 [ 189.298614] R13: ffff888010b991e8 R14: ffff888012e15100 R15: 0000000000000000 [ 189.299359] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.300184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.300786] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.301524] PKRU: 55555554 [ 189.301818] Call Trace: [ 189.302079] [ 189.302312] iommufd_access_destroy_object+0x65/0x170 [ 189.302869] iommufd_object_destroy_user+0x18e/0x220 [ 189.303412] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.304018] iommufd_access_destroy+0x43/0x70 [ 189.304485] iommufd_test_staccess_release+0x8d/0xd0 [ 189.305021] __fput+0x26d/0xa40 [ 189.305374] ____fput+0x1e/0x30 [ 189.305718] task_work_run+0x1a4/0x2d0 [ 189.306125] ? __pfx_task_work_run+0x10/0x10 [ 189.306611] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.307121] ? switch_task_namespaces+0xa9/0xe0 [ 189.307612] do_exit+0xb17/0x2ef0 [ 189.307969] ? lock_acquire+0x427/0x4c0 [ 189.308384] ? __pfx_lock_release+0x10/0x10 [ 189.308828] ? __kasan_check_write+0x18/0x20 [ 189.309293] ? do_raw_spin_lock+0x132/0x2a0 [ 189.309736] ? __pfx_do_exit+0x10/0x10 [ 189.310142] ? debug_smp_processor_id+0x20/0x30 [ 189.310646] ? rcu_is_watching+0x19/0xb0 [ 189.311067] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.311556] ? trace_hardirqs_on+0x26/0x120 [ 189.311974] do_group_exit+0xe0/0x2b0 [ 189.312311] __x64_sys_exit_group+0x47/0x50 [ 189.312726] do_syscall_64+0x3b/0x90 [ 189.313115] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.313649] RIP: 0033:0x7f4b87518a4d [ 189.314028] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.314669] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.315448] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.316175] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.316902] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.317627] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.318347] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.319091] [ 189.319351] irq event stamp: 0 [ 189.319678] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.320314] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.321168] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.322007] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.322679] ---[ end trace 0000000000000000 ]--- [ 189.323554] ------------[ cut here ]------------ [ 189.324043] WARNING: CPU: 1 PID: 1797 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.325080] Modules linked in: [ 189.325412] CPU: 1 PID: 1797 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.326313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.327500] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.328036] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.329866] RSP: 0018:ffff8880137c7b78 EFLAGS: 00010246 [ 189.330414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.331172] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 189.331910] RBP: ffff8880137c7b98 R08: ffffed100217323e R09: ffffed100217323e [ 189.332642] R10: ffff888010b991ef R11: ffffed100217323d R12: ffff888010b99290 [ 189.333364] R13: ffff888010b990a8 R14: ffffffffffffffff R15: ffff8880137c7c60 [ 189.334103] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.334959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.335575] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.336301] PKRU: 55555554 [ 189.336589] Call Trace: [ 189.336855] [ 189.337089] iommufd_ioas_destroy+0x53/0x70 [ 189.337542] iommufd_fops_release+0x1f7/0x370 [ 189.338004] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.338536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.339050] ? write_comp_data+0x2f/0x90 [ 189.339484] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.339991] __fput+0x26d/0xa40 [ 189.340340] ____fput+0x1e/0x30 [ 189.340684] task_work_run+0x1a4/0x2d0 [ 189.341089] ? __pfx_task_work_run+0x10/0x10 [ 189.341537] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.342032] ? switch_task_namespaces+0xa9/0xe0 [ 189.342536] do_exit+0xb17/0x2ef0 [ 189.342898] ? lock_acquire+0x427/0x4c0 [ 189.343390] ? __pfx_lock_release+0x10/0x10 [ 189.343837] ? __kasan_check_write+0x18/0x20 [ 189.344294] ? do_raw_spin_lock+0x132/0x2a0 [ 189.344743] ? __pfx_do_exit+0x10/0x10 [ 189.345153] ? debug_smp_processor_id+0x20/0x30 [ 189.345632] ? rcu_is_watching+0x19/0xb0 [ 189.346064] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.346574] ? trace_hardirqs_on+0x26/0x120 [ 189.347033] do_group_exit+0xe0/0x2b0 [ 189.347441] __x64_sys_exit_group+0x47/0x50 [ 189.347892] do_syscall_64+0x3b/0x90 [ 189.348291] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.348839] RIP: 0033:0x7f4b87518a4d [ 189.349220] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.349844] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.350637] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.351374] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.352092] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.352812] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.353533] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.354260] [ 189.354497] irq event stamp: 0 [ 189.354846] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.355492] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.356317] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.357151] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.357784] ---[ end trace 0000000000000000 ]--- [ 189.364073] ------------[ cut here ]------------ [ 189.364734] WARNING: CPU: 0 PID: 1798 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.366003] Modules linked in: [ 189.366416] CPU: 0 PID: 1798 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.367613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.369028] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.369669] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.371948] RSP: 0018:ffff888023fafbb8 EFLAGS: 00010246 [ 189.372634] RAX: 0000000000000000 RBX: ffff888011eed0a8 RCX: 0000000000000000 [ 189.373703] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 189.374550] RBP: ffff888023fafbd0 R08: ffffed10023dda33 R09: ffffed10023dda33 [ 189.375172] R10: ffff888011eed193 R11: ffffed10023dda32 R12: ffff888013b22400 [ 189.375950] R13: ffff888011eed1e8 R14: ffffffff8352e670 R15: ffff888023fafe68 [ 189.376568] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 189.377246] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.377816] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 189.378556] PKRU: 55555554 [ 189.378803] Call Trace: [ 189.379020] [ 189.379223] __iommufd_access_detach+0x1c2/0x2b0 [ 189.379731] iommufd_access_change_pt+0x149/0x270 [ 189.380249] iommufd_access_replace+0xb4/0x120 [ 189.380655] iommufd_test+0x3e5/0x37e0 [ 189.380991] ? lock_release+0x532/0x770 [ 189.381344] ? __might_fault+0x102/0x1b0 [ 189.381706] ? lock_acquire+0x427/0x4c0 [ 189.382228] ? __pfx_iommufd_test+0x10/0x10 [ 189.382622] ? __pfx_lock_release+0x10/0x10 [ 189.383000] ? __pfx_lock_acquire+0x10/0x10 [ 189.383390] ? write_comp_data+0x2f/0x90 [ 189.383753] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.384365] ? write_comp_data+0x2f/0x90 [ 189.384725] iommufd_fops_ioctl+0x37d/0x510 [ 189.385102] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.385531] ? write_comp_data+0x2f/0x90 [ 189.385980] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.386546] __x64_sys_ioctl+0x1a3/0x230 [ 189.386912] do_syscall_64+0x3b/0x90 [ 189.387251] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.387709] RIP: 0033:0x7f4b8743ee5d [ 189.388037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.389815] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.390660] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.391282] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.391889] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.392679] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.393288] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.393903] [ 189.394134] irq event stamp: 0 [ 189.394567] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.395109] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.395831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.396714] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.397256] ---[ end trace 0000000000000000 ]--- [ 189.400507] ------------[ cut here ]------------ [ 189.400924] WARNING: CPU: 0 PID: 1798 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.401787] Modules linked in: [ 189.402134] CPU: 0 PID: 1798 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.403020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.404018] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.404450] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.405995] RSP: 0018:ffff888023fafbd0 EFLAGS: 00010246 [ 189.406446] RAX: 0000000000000000 RBX: ffff888011eed0a8 RCX: 0000000000000000 [ 189.407076] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 189.407691] RBP: ffff888023fafbe8 R08: ffffed10023dda33 R09: ffffed10023dda33 [ 189.408301] R10: ffff888011eed193 R11: ffffed10023dda32 R12: ffff8880129c8000 [ 189.408903] R13: ffff888011eed1e8 R14: ffff888013a33c00 R15: 0000000000000000 [ 189.409510] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 189.410193] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.410706] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 189.411332] PKRU: 55555554 [ 189.411578] Call Trace: [ 189.411798] [ 189.412000] iommufd_access_destroy_object+0x65/0x170 [ 189.412447] iommufd_object_destroy_user+0x18e/0x220 [ 189.412888] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.413390] iommufd_access_destroy+0x43/0x70 [ 189.413782] iommufd_test_staccess_release+0x8d/0xd0 [ 189.414228] __fput+0x26d/0xa40 [ 189.414549] ____fput+0x1e/0x30 [ 189.414848] task_work_run+0x1a4/0x2d0 [ 189.415207] ? __pfx_task_work_run+0x10/0x10 [ 189.415593] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.416017] ? switch_task_namespaces+0xa9/0xe0 [ 189.416425] do_exit+0xb17/0x2ef0 [ 189.416722] ? lock_acquire+0x427/0x4c0 [ 189.417072] ? __pfx_lock_release+0x10/0x10 [ 189.417450] ? __kasan_check_write+0x18/0x20 [ 189.417829] ? do_raw_spin_lock+0x132/0x2a0 [ 189.418199] ? __pfx_do_exit+0x10/0x10 [ 189.418563] ? debug_smp_processor_id+0x20/0x30 [ 189.418968] ? rcu_is_watching+0x19/0xb0 [ 189.419331] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.419724] ? trace_hardirqs_on+0x26/0x120 [ 189.420103] do_group_exit+0xe0/0x2b0 [ 189.420434] __x64_sys_exit_group+0x47/0x50 [ 189.420821] do_syscall_64+0x3b/0x90 [ 189.421149] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.421605] RIP: 0033:0x7f4b87518a4d [ 189.421922] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.422445] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.423145] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.423762] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.424364] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.424967] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.425569] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.426184] [ 189.426385] irq event stamp: 0 [ 189.426681] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.427227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.427938] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.428644] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.429180] ---[ end trace 0000000000000000 ]--- [ 189.430169] ------------[ cut here ]------------ [ 189.430807] WARNING: CPU: 0 PID: 1798 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.431708] Modules linked in: [ 189.431985] CPU: 0 PID: 1798 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.432839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.433899] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.434352] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.436117] RSP: 0018:ffff888023fafb78 EFLAGS: 00010246 [ 189.436579] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.437357] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 189.437967] RBP: ffff888023fafb98 R08: ffffed10023dda3e R09: ffffed10023dda3e [ 189.438630] R10: ffff888011eed1ef R11: ffffed10023dda3d R12: ffff888011eed290 [ 189.439433] R13: ffff888011eed0a8 R14: ffffffffffffffff R15: ffff888023fafc60 [ 189.440046] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 189.440757] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.441416] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 189.442032] PKRU: 55555554 [ 189.442278] Call Trace: [ 189.442498] [ 189.442779] iommufd_ioas_destroy+0x53/0x70 [ 189.443274] iommufd_fops_release+0x1f7/0x370 [ 189.443676] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.444111] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.444543] ? write_comp_data+0x2f/0x90 [ 189.445083] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.445521] __fput+0x26d/0xa40 [ 189.445824] ____fput+0x1e/0x30 [ 189.446122] task_work_run+0x1a4/0x2d0 [ 189.446472] ? __pfx_task_work_run+0x10/0x10 [ 189.447080] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.447522] ? switch_task_namespaces+0xa9/0xe0 [ 189.447943] do_exit+0xb17/0x2ef0 [ 189.448246] ? lock_acquire+0x427/0x4c0 [ 189.448686] ? __pfx_lock_release+0x10/0x10 [ 189.449170] ? __kasan_check_write+0x18/0x20 [ 189.449556] ? do_raw_spin_lock+0x132/0x2a0 [ 189.449934] ? __pfx_do_exit+0x10/0x10 [ 189.450292] ? debug_smp_processor_id+0x20/0x30 [ 189.450798] ? rcu_is_watching+0x19/0xb0 [ 189.451240] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.451640] ? trace_hardirqs_on+0x26/0x120 [ 189.452022] do_group_exit+0xe0/0x2b0 [ 189.452380] __x64_sys_exit_group+0x47/0x50 [ 189.452912] do_syscall_64+0x3b/0x90 [ 189.453255] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.453713] RIP: 0033:0x7f4b87518a4d [ 189.454037] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.454773] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.455428] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.456031] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.456808] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.457414] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.458029] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.458850] [ 189.459056] irq event stamp: 0 [ 189.459332] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.459875] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.460793] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.461512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.462074] ---[ end trace 0000000000000000 ]--- [ 189.469455] ------------[ cut here ]------------ [ 189.469928] WARNING: CPU: 1 PID: 1799 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.471038] Modules linked in: [ 189.471196] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 189.471335] CPU: 1 PID: 1799 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.473082] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 189.473818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.475985] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.476426] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.478020] RSP: 0018:ffff888020f97bb8 EFLAGS: 00010246 [ 189.478491] RAX: 0000000000000000 RBX: ffff888014a600a8 RCX: 0000000000000000 [ 189.479131] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 189.479761] RBP: ffff888020f97bd0 R08: ffffed100294c033 R09: ffffed100294c033 [ 189.480544] R10: ffff888014a60193 R11: ffffed100294c032 R12: ffff88801888f000 [ 189.481173] R13: ffff888014a601e8 R14: ffffffff8352e670 R15: ffff888020f97e68 [ 189.481797] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.482500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.483035] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 189.483679] PKRU: 55555554 [ 189.483930] Call Trace: [ 189.484156] [ 189.484357] __iommufd_access_detach+0x1c2/0x2b0 [ 189.484794] iommufd_access_change_pt+0x149/0x270 [ 189.485250] iommufd_access_replace+0xb4/0x120 [ 189.485669] iommufd_test+0x3e5/0x37e0 [ 189.486020] ? lock_release+0x532/0x770 [ 189.486387] ? __might_fault+0x102/0x1b0 [ 189.486781] ? lock_acquire+0x427/0x4c0 [ 189.487150] ? __pfx_iommufd_test+0x10/0x10 [ 189.487533] ? __pfx_lock_release+0x10/0x10 [ 189.487927] ? __pfx_lock_acquire+0x10/0x10 [ 189.488319] ? write_comp_data+0x2f/0x90 [ 189.488689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.489124] ? write_comp_data+0x2f/0x90 [ 189.489493] iommufd_fops_ioctl+0x37d/0x510 [ 189.489883] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.490318] ? write_comp_data+0x2f/0x90 [ 189.490712] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.491157] __x64_sys_ioctl+0x1a3/0x230 [ 189.491529] do_syscall_64+0x3b/0x90 [ 189.491868] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.492332] RIP: 0033:0x7f4b8743ee5d [ 189.492661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.494251] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.494942] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.495576] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.496198] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.496819] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.497443] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.498090] [ 189.498298] irq event stamp: 0 [ 189.498600] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.499161] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.499895] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.500653] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.501249] ---[ end trace 0000000000000000 ]--- [ 189.504906] ------------[ cut here ]------------ [ 189.505397] WARNING: CPU: 1 PID: 1799 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.506536] Modules linked in: [ 189.506839] CPU: 1 PID: 1799 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.507663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.508834] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.509304] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.511031] RSP: 0018:ffff888020f97bd0 EFLAGS: 00010246 [ 189.511533] RAX: 0000000000000000 RBX: ffff888014a600a8 RCX: 0000000000000000 [ 189.512188] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 189.512848] RBP: ffff888020f97be8 R08: ffffed100294c033 R09: ffffed100294c033 [ 189.513504] R10: ffff888014a60193 R11: ffffed100294c032 R12: ffff888014582c00 [ 189.514163] R13: ffff888014a601e8 R14: ffff888020f68f00 R15: 0000000000000000 [ 189.514841] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.515607] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.516146] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 189.516817] PKRU: 55555554 [ 189.517079] Call Trace: [ 189.517317] [ 189.517531] iommufd_access_destroy_object+0x65/0x170 [ 189.518020] iommufd_object_destroy_user+0x18e/0x220 [ 189.518500] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.519083] iommufd_access_destroy+0x43/0x70 [ 189.519532] iommufd_test_staccess_release+0x8d/0xd0 [ 189.520022] __fput+0x26d/0xa40 [ 189.520360] ____fput+0x1e/0x30 [ 189.520685] task_work_run+0x1a4/0x2d0 [ 189.521165] ? __pfx_task_work_run+0x10/0x10 [ 189.521664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.522131] ? switch_task_namespaces+0xa9/0xe0 [ 189.522615] do_exit+0xb17/0x2ef0 [ 189.522948] ? lock_acquire+0x427/0x4c0 [ 189.523340] ? __pfx_lock_release+0x10/0x10 [ 189.523883] ? __kasan_check_write+0x18/0x20 [ 189.524304] ? do_raw_spin_lock+0x132/0x2a0 [ 189.524710] ? __pfx_do_exit+0x10/0x10 [ 189.525086] ? debug_smp_processor_id+0x20/0x30 [ 189.525574] ? rcu_is_watching+0x19/0xb0 [ 189.526052] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.526490] ? trace_hardirqs_on+0x26/0x120 [ 189.526933] do_group_exit+0xe0/0x2b0 [ 189.527310] __x64_sys_exit_group+0x47/0x50 [ 189.527716] do_syscall_64+0x3b/0x90 [ 189.528134] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.528696] RIP: 0033:0x7f4b87518a4d [ 189.529051] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.529631] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.530442] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.531204] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.531875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.532542] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.533377] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.534055] [ 189.534287] irq event stamp: 0 [ 189.534608] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.535208] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.536142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.536920] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.537540] ---[ end trace 0000000000000000 ]--- [ 189.538455] ------------[ cut here ]------------ [ 189.538931] WARNING: CPU: 1 PID: 1799 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.539895] Modules linked in: [ 189.540209] CPU: 1 PID: 1799 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.541041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.542085] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.542589] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.544296] RSP: 0018:ffff888020f97b78 EFLAGS: 00010246 [ 189.544795] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.545449] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 189.546101] RBP: ffff888020f97b98 R08: ffffed100294c03e R09: ffffed100294c03e [ 189.546777] R10: ffff888014a601ef R11: ffffed100294c03d R12: ffff888014a60290 [ 189.547445] R13: ffff888014a600a8 R14: ffffffffffffffff R15: ffff888020f97c60 [ 189.548103] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.548845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.549381] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 189.550044] PKRU: 55555554 [ 189.550304] Call Trace: [ 189.550562] [ 189.550773] iommufd_ioas_destroy+0x53/0x70 [ 189.551193] iommufd_fops_release+0x1f7/0x370 [ 189.551619] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.552086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.552551] ? write_comp_data+0x2f/0x90 [ 189.552938] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.553404] __fput+0x26d/0xa40 [ 189.553726] ____fput+0x1e/0x30 [ 189.554043] task_work_run+0x1a4/0x2d0 [ 189.554414] ? __pfx_task_work_run+0x10/0x10 [ 189.554855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.555323] ? switch_task_namespaces+0xa9/0xe0 [ 189.555770] do_exit+0xb17/0x2ef0 [ 189.556093] ? lock_acquire+0x427/0x4c0 [ 189.556471] ? __pfx_lock_release+0x10/0x10 [ 189.556879] ? __kasan_check_write+0x18/0x20 [ 189.557297] ? do_raw_spin_lock+0x132/0x2a0 [ 189.557705] ? __pfx_do_exit+0x10/0x10 [ 189.558076] ? debug_smp_processor_id+0x20/0x30 [ 189.558537] ? rcu_is_watching+0x19/0xb0 [ 189.558920] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.559366] ? trace_hardirqs_on+0x26/0x120 [ 189.559782] do_group_exit+0xe0/0x2b0 [ 189.560143] __x64_sys_exit_group+0x47/0x50 [ 189.560559] do_syscall_64+0x3b/0x90 [ 189.560923] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.561424] RIP: 0033:0x7f4b87518a4d [ 189.561778] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.562356] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.563100] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.563781] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.564541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.565322] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.566002] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.566728] [ 189.567189] irq event stamp: 0 [ 189.567587] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.568351] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.569644] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.570728] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.571819] ---[ end trace 0000000000000000 ]--- [ 189.579433] ------------[ cut here ]------------ [ 189.580213] WARNING: CPU: 1 PID: 1801 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.581475] Modules linked in: [ 189.581977] CPU: 1 PID: 1801 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.583089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.584605] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.585215] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.587696] RSP: 0018:ffff88801812fbb8 EFLAGS: 00010246 [ 189.588514] RAX: 0000000000000000 RBX: ffff8880104600a8 RCX: 0000000000000000 [ 189.589383] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 189.590331] RBP: ffff88801812fbd0 R08: ffffed100208c033 R09: ffffed100208c033 [ 189.591303] R10: ffff888010460193 R11: ffffed100208c032 R12: ffff88801880bc00 [ 189.592172] R13: ffff8880104601e8 R14: ffffffff8352e670 R15: ffff88801812fe68 [ 189.593177] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.594155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.595036] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 189.595901] PKRU: 55555554 [ 189.596245] Call Trace: [ 189.596618] [ 189.596948] __iommufd_access_detach+0x1c2/0x2b0 [ 189.597540] iommufd_access_change_pt+0x149/0x270 [ 189.598135] iommufd_access_replace+0xb4/0x120 [ 189.598866] iommufd_test+0x3e5/0x37e0 [ 189.599362] ? lock_release+0x532/0x770 [ 189.599862] ? __might_fault+0x102/0x1b0 [ 189.600388] ? lock_acquire+0x427/0x4c0 [ 189.600959] ? __pfx_iommufd_test+0x10/0x10 [ 189.601481] ? __pfx_lock_release+0x10/0x10 [ 189.602016] ? __pfx_lock_acquire+0x10/0x10 [ 189.602582] ? write_comp_data+0x2f/0x90 [ 189.603088] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.603792] ? write_comp_data+0x2f/0x90 [ 189.604177] iommufd_fops_ioctl+0x37d/0x510 [ 189.604562] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.604991] ? write_comp_data+0x2f/0x90 [ 189.605355] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.605779] __x64_sys_ioctl+0x1a3/0x230 [ 189.606145] do_syscall_64+0x3b/0x90 [ 189.606480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.606987] RIP: 0033:0x7f4b8743ee5d [ 189.607334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.608922] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.609582] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.610202] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.610844] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.611482] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.612103] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.612733] [ 189.612939] irq event stamp: 0 [ 189.613216] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.613774] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.614528] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.615272] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.615831] ---[ end trace 0000000000000000 ]--- [ 189.618848] ------------[ cut here ]------------ [ 189.619310] WARNING: CPU: 1 PID: 1801 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.620210] Modules linked in: [ 189.620497] CPU: 1 PID: 1801 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.621261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.622246] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.622708] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.624324] RSP: 0018:ffff88801812fbd0 EFLAGS: 00010246 [ 189.624793] RAX: 0000000000000000 RBX: ffff8880104600a8 RCX: 0000000000000000 [ 189.625415] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 189.626036] RBP: ffff88801812fbe8 R08: ffffed100208c033 R09: ffffed100208c033 [ 189.626680] R10: ffff888010460193 R11: ffffed100208c032 R12: ffff88801888dc00 [ 189.627323] R13: ffff8880104601e8 R14: ffff88800fa76200 R15: 0000000000000000 [ 189.627952] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.628677] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.629697] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.630601] PKRU: 55555554 [ 189.630946] Call Trace: [ 189.631319] [ 189.631819] iommufd_access_destroy_object+0x65/0x170 [ 189.632449] iommufd_object_destroy_user+0x18e/0x220 [ 189.633066] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.634008] iommufd_access_destroy+0x43/0x70 [ 189.634620] iommufd_test_staccess_release+0x8d/0xd0 [ 189.635262] __fput+0x26d/0xa40 [ 189.635706] ____fput+0x1e/0x30 [ 189.636211] task_work_run+0x1a4/0x2d0 [ 189.636693] ? __pfx_task_work_run+0x10/0x10 [ 189.637233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.637904] ? switch_task_namespaces+0xa9/0xe0 [ 189.638575] do_exit+0xb17/0x2ef0 [ 189.639001] ? lock_acquire+0x427/0x4c0 [ 189.639510] ? __pfx_lock_release+0x10/0x10 [ 189.640073] ? __kasan_check_write+0x18/0x20 [ 189.640686] ? do_raw_spin_lock+0x132/0x2a0 [ 189.641207] ? __pfx_do_exit+0x10/0x10 [ 189.641692] ? debug_smp_processor_id+0x20/0x30 [ 189.642354] ? rcu_is_watching+0x19/0xb0 [ 189.642889] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.643461] ? trace_hardirqs_on+0x26/0x120 [ 189.643990] do_group_exit+0xe0/0x2b0 [ 189.644491] __x64_sys_exit_group+0x47/0x50 [ 189.645040] do_syscall_64+0x3b/0x90 [ 189.645493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.646101] RIP: 0033:0x7f4b87518a4d [ 189.646643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.647426] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.648090] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.648928] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.649810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.650667] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.651496] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.652323] [ 189.652596] irq event stamp: 0 [ 189.652962] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.653688] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.654671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.655639] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.656364] ---[ end trace 0000000000000000 ]--- [ 189.657506] ------------[ cut here ]------------ [ 189.658041] WARNING: CPU: 1 PID: 1801 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.659243] Modules linked in: [ 189.659618] CPU: 1 PID: 1801 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.660602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.661858] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.662437] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.664214] RSP: 0018:ffff88801812fb78 EFLAGS: 00010246 [ 189.664656] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.665233] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 189.665808] RBP: ffff88801812fb98 R08: ffffed100208c03e R09: ffffed100208c03e [ 189.666384] R10: ffff8880104601ef R11: ffffed100208c03d R12: ffff888010460290 [ 189.666982] R13: ffff8880104600a8 R14: ffffffffffffffff R15: ffff88801812fc60 [ 189.667574] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.668231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.668701] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.669283] PKRU: 55555554 [ 189.669516] Call Trace: [ 189.669723] [ 189.669907] iommufd_ioas_destroy+0x53/0x70 [ 189.670260] iommufd_fops_release+0x1f7/0x370 [ 189.670648] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.671056] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.671468] ? write_comp_data+0x2f/0x90 [ 189.671808] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.672219] __fput+0x26d/0xa40 [ 189.672506] ____fput+0x1e/0x30 [ 189.672785] task_work_run+0x1a4/0x2d0 [ 189.673116] ? __pfx_task_work_run+0x10/0x10 [ 189.673484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.673881] ? switch_task_namespaces+0xa9/0xe0 [ 189.674268] do_exit+0xb17/0x2ef0 [ 189.674571] ? lock_acquire+0x427/0x4c0 [ 189.674906] ? __pfx_lock_release+0x10/0x10 [ 189.675280] ? __kasan_check_write+0x18/0x20 [ 189.675644] ? do_raw_spin_lock+0x132/0x2a0 [ 189.675992] ? __pfx_do_exit+0x10/0x10 [ 189.676320] ? debug_smp_processor_id+0x20/0x30 [ 189.676695] ? rcu_is_watching+0x19/0xb0 [ 189.677024] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.677393] ? trace_hardirqs_on+0x26/0x120 [ 189.677748] do_group_exit+0xe0/0x2b0 [ 189.678056] __x64_sys_exit_group+0x47/0x50 [ 189.678403] do_syscall_64+0x3b/0x90 [ 189.678732] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.679169] RIP: 0033:0x7f4b87518a4d [ 189.679469] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.679947] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.680546] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.681100] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.681657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.682217] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.682799] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.683371] [ 189.683555] irq event stamp: 0 [ 189.683803] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.684303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.684963] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.685612] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.686110] ---[ end trace 0000000000000000 ]--- [ 189.690405] ------------[ cut here ]------------ [ 189.690974] WARNING: CPU: 1 PID: 1802 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.691790] Modules linked in: [ 189.692048] CPU: 1 PID: 1802 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.692738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.693612] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.693997] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.695433] RSP: 0018:ffff888023dc7bb8 EFLAGS: 00010246 [ 189.695848] RAX: 0000000000000000 RBX: ffff88800f3728a8 RCX: 0000000000000000 [ 189.696403] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 189.696950] RBP: ffff888023dc7bd0 R08: ffffed1001e6e533 R09: ffffed1001e6e533 [ 189.697500] R10: ffff88800f372993 R11: ffffed1001e6e532 R12: ffff888010e01800 [ 189.698050] R13: ffff88800f3729e8 R14: ffffffff8352e670 R15: ffff888023dc7e68 [ 189.698618] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.699252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.699701] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 189.700253] PKRU: 55555554 [ 189.700473] Call Trace: [ 189.700673] [ 189.700851] __iommufd_access_detach+0x1c2/0x2b0 [ 189.701239] iommufd_access_change_pt+0x149/0x270 [ 189.701625] iommufd_access_replace+0xb4/0x120 [ 189.701992] iommufd_test+0x3e5/0x37e0 [ 189.702302] ? lock_release+0x532/0x770 [ 189.702655] ? __might_fault+0x102/0x1b0 [ 189.702983] ? lock_acquire+0x427/0x4c0 [ 189.703319] ? __pfx_iommufd_test+0x10/0x10 [ 189.703675] ? __pfx_lock_release+0x10/0x10 [ 189.704024] ? __pfx_lock_acquire+0x10/0x10 [ 189.704373] ? write_comp_data+0x2f/0x90 [ 189.704710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.705101] ? write_comp_data+0x2f/0x90 [ 189.705434] iommufd_fops_ioctl+0x37d/0x510 [ 189.705779] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.706166] ? write_comp_data+0x2f/0x90 [ 189.706493] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.706905] __x64_sys_ioctl+0x1a3/0x230 [ 189.707255] do_syscall_64+0x3b/0x90 [ 189.707565] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.707991] RIP: 0033:0x7f4b8743ee5d [ 189.708289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.709718] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.710320] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.710908] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.711479] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.712037] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.712596] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.713176] [ 189.713366] irq event stamp: 0 [ 189.713621] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.714116] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.714802] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.715471] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.715963] ---[ end trace 0000000000000000 ]--- [ 189.718753] ------------[ cut here ]------------ [ 189.719169] WARNING: CPU: 1 PID: 1802 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.719980] Modules linked in: [ 189.720243] CPU: 1 PID: 1802 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.720946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.721854] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.722257] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.723766] RSP: 0018:ffff888023dc7bd0 EFLAGS: 00010246 [ 189.724202] RAX: 0000000000000000 RBX: ffff88800f3728a8 RCX: 0000000000000000 [ 189.724787] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 189.725365] RBP: ffff888023dc7be8 R08: ffffed1001e6e533 R09: ffffed1001e6e533 [ 189.725940] R10: ffff88800f372993 R11: ffffed1001e6e532 R12: ffff888018809400 [ 189.726541] R13: ffff88800f3729e8 R14: ffff888013444700 R15: 0000000000000000 [ 189.727122] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.727954] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.728446] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.729032] PKRU: 55555554 [ 189.729276] Call Trace: [ 189.729489] [ 189.729675] iommufd_access_destroy_object+0x65/0x170 [ 189.730102] iommufd_object_destroy_user+0x18e/0x220 [ 189.730558] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.731035] iommufd_access_destroy+0x43/0x70 [ 189.731435] iommufd_test_staccess_release+0x8d/0xd0 [ 189.731912] __fput+0x26d/0xa40 [ 189.732279] ____fput+0x1e/0x30 [ 189.732559] task_work_run+0x1a4/0x2d0 [ 189.732888] ? __pfx_task_work_run+0x10/0x10 [ 189.733260] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.733666] ? switch_task_namespaces+0xa9/0xe0 [ 189.734059] do_exit+0xb17/0x2ef0 [ 189.734348] ? lock_acquire+0x427/0x4c0 [ 189.734719] ? __pfx_lock_release+0x10/0x10 [ 189.735090] ? __kasan_check_write+0x18/0x20 [ 189.735474] ? do_raw_spin_lock+0x132/0x2a0 [ 189.735857] ? __pfx_do_exit+0x10/0x10 [ 189.736330] ? debug_smp_processor_id+0x20/0x30 [ 189.736731] ? rcu_is_watching+0x19/0xb0 [ 189.737079] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.737476] ? trace_hardirqs_on+0x26/0x120 [ 189.737866] do_group_exit+0xe0/0x2b0 [ 189.738211] __x64_sys_exit_group+0x47/0x50 [ 189.738627] do_syscall_64+0x3b/0x90 [ 189.738969] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.739443] RIP: 0033:0x7f4b87518a4d [ 189.739775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.740504] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.741173] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.741798] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.742419] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.743074] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.743719] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.744509] [ 189.744718] irq event stamp: 0 [ 189.744999] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.745551] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.746284] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.747060] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.747630] ---[ end trace 0000000000000000 ]--- [ 189.748433] ------------[ cut here ]------------ [ 189.748851] WARNING: CPU: 1 PID: 1802 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.749798] Modules linked in: [ 189.750103] CPU: 1 PID: 1802 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.750958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.752135] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.752747] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.754422] RSP: 0018:ffff888023dc7b78 EFLAGS: 00010246 [ 189.754961] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.755649] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 189.756400] RBP: ffff888023dc7b98 R08: ffffed1001e6e53e R09: ffffed1001e6e53e [ 189.757244] R10: ffff88800f3729ef R11: ffffed1001e6e53d R12: ffff88800f372a90 [ 189.757911] R13: ffff88800f3728a8 R14: ffffffffffffffff R15: ffff888023dc7c60 [ 189.758617] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.759393] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.759942] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.760704] PKRU: 55555554 [ 189.761113] Call Trace: [ 189.761360] [ 189.761576] iommufd_ioas_destroy+0x53/0x70 [ 189.761992] iommufd_fops_release+0x1f7/0x370 [ 189.762422] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.762925] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.763409] ? write_comp_data+0x2f/0x90 [ 189.763811] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.764293] __fput+0x26d/0xa40 [ 189.764623] ____fput+0x1e/0x30 [ 189.764949] task_work_run+0x1a4/0x2d0 [ 189.765449] ? __pfx_task_work_run+0x10/0x10 [ 189.766007] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.766481] ? switch_task_namespaces+0xa9/0xe0 [ 189.766979] do_exit+0xb17/0x2ef0 [ 189.767328] ? lock_acquire+0x427/0x4c0 [ 189.767718] ? __pfx_lock_release+0x10/0x10 [ 189.768136] ? __kasan_check_write+0x18/0x20 [ 189.768579] ? do_raw_spin_lock+0x132/0x2a0 [ 189.769024] ? __pfx_do_exit+0x10/0x10 [ 189.769438] ? debug_smp_processor_id+0x20/0x30 [ 189.770010] ? rcu_is_watching+0x19/0xb0 [ 189.770593] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.771243] ? trace_hardirqs_on+0x26/0x120 [ 189.771702] do_group_exit+0xe0/0x2b0 [ 189.772097] __x64_sys_exit_group+0x47/0x50 [ 189.772556] do_syscall_64+0x3b/0x90 [ 189.772956] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.773505] RIP: 0033:0x7f4b87518a4d [ 189.773903] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.774591] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.775401] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.776141] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.777074] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.778087] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.778872] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.779618] [ 189.779856] irq event stamp: 0 [ 189.780177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.780811] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.781663] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.782904] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.783573] ---[ end trace 0000000000000000 ]--- [ 189.789296] ------------[ cut here ]------------ [ 189.789832] WARNING: CPU: 1 PID: 1803 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.790943] Modules linked in: [ 189.791300] CPU: 1 PID: 1803 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.792189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.793499] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.794243] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.796174] RSP: 0018:ffff888016067bb8 EFLAGS: 00010246 [ 189.796724] RAX: 0000000000000000 RBX: ffff888011f668a8 RCX: 0000000000000000 [ 189.797451] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 189.798177] RBP: ffff888016067bd0 R08: ffffed10023ecd33 R09: ffffed10023ecd33 [ 189.799203] R10: ffff888011f66993 R11: ffffed10023ecd32 R12: ffff88801422d000 [ 189.800139] R13: ffff888011f669e8 R14: ffffffff8352e670 R15: ffff888016067e68 [ 189.800886] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.801708] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.802301] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 189.803075] PKRU: 55555554 [ 189.803388] Call Trace: [ 189.803655] [ 189.803894] __iommufd_access_detach+0x1c2/0x2b0 [ 189.804530] iommufd_access_change_pt+0x149/0x270 [ 189.805591] iommufd_access_replace+0xb4/0x120 [ 189.806078] iommufd_test+0x3e5/0x37e0 [ 189.806474] ? lock_release+0x532/0x770 [ 189.806956] ? __might_fault+0x102/0x1b0 [ 189.807416] ? lock_acquire+0x427/0x4c0 [ 189.807832] ? __pfx_iommufd_test+0x10/0x10 [ 189.808268] ? __pfx_lock_release+0x10/0x10 [ 189.808714] ? __pfx_lock_acquire+0x10/0x10 [ 189.809166] ? write_comp_data+0x2f/0x90 [ 189.809654] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.810332] ? write_comp_data+0x2f/0x90 [ 189.810991] iommufd_fops_ioctl+0x37d/0x510 [ 189.811456] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.811965] ? write_comp_data+0x2f/0x90 [ 189.812398] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.812915] __x64_sys_ioctl+0x1a3/0x230 [ 189.813362] do_syscall_64+0x3b/0x90 [ 189.813766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.814326] RIP: 0033:0x7f4b8743ee5d [ 189.814762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.817116] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.817922] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.818707] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.819466] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.820198] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.820975] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.821981] [ 189.822362] irq event stamp: 0 [ 189.822768] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.823436] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.824310] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.825177] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.825836] ---[ end trace 0000000000000000 ]--- [ 189.829224] ------------[ cut here ]------------ [ 189.829756] WARNING: CPU: 1 PID: 1803 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.831103] Modules linked in: [ 189.831631] CPU: 1 PID: 1803 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.832553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.833732] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.834261] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.836238] RSP: 0018:ffff888016067bd0 EFLAGS: 00010246 [ 189.836994] RAX: 0000000000000000 RBX: ffff888011f668a8 RCX: 0000000000000000 [ 189.837976] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 189.838755] RBP: ffff888016067be8 R08: ffffed10023ecd33 R09: ffffed10023ecd33 [ 189.839510] R10: ffff888011f66993 R11: ffffed10023ecd32 R12: ffff888010e02800 [ 189.840246] R13: ffff888011f669e8 R14: ffff8880181ba000 R15: 0000000000000000 [ 189.841004] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.841991] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.842811] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.843760] PKRU: 55555554 [ 189.844073] Call Trace: [ 189.844346] [ 189.844596] iommufd_access_destroy_object+0x65/0x170 [ 189.845145] iommufd_object_destroy_user+0x18e/0x220 [ 189.845684] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.846311] iommufd_access_destroy+0x43/0x70 [ 189.846872] iommufd_test_staccess_release+0x8d/0xd0 [ 189.847458] __fput+0x26d/0xa40 [ 189.847834] ____fput+0x1e/0x30 [ 189.848198] task_work_run+0x1a4/0x2d0 [ 189.848727] ? __pfx_task_work_run+0x10/0x10 [ 189.849435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.849959] ? switch_task_namespaces+0xa9/0xe0 [ 189.850466] do_exit+0xb17/0x2ef0 [ 189.850874] ? lock_acquire+0x427/0x4c0 [ 189.851331] ? __pfx_lock_release+0x10/0x10 [ 189.851797] ? __kasan_check_write+0x18/0x20 [ 189.852266] ? do_raw_spin_lock+0x132/0x2a0 [ 189.852726] ? __pfx_do_exit+0x10/0x10 [ 189.853153] ? debug_smp_processor_id+0x20/0x30 [ 189.853656] ? rcu_is_watching+0x19/0xb0 [ 189.854208] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.854971] ? trace_hardirqs_on+0x26/0x120 [ 189.855453] do_group_exit+0xe0/0x2b0 [ 189.855864] __x64_sys_exit_group+0x47/0x50 [ 189.856316] do_syscall_64+0x3b/0x90 [ 189.856717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.857265] RIP: 0033:0x7f4b87518a4d [ 189.857662] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.858302] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.859307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.860326] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.861061] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.861802] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.862573] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.863337] [ 189.863579] irq event stamp: 0 [ 189.863909] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.864615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.865829] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.866743] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.867419] ---[ end trace 0000000000000000 ]--- [ 189.868485] ------------[ cut here ]------------ [ 189.868982] WARNING: CPU: 1 PID: 1803 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.870110] Modules linked in: [ 189.870634] CPU: 1 PID: 1803 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.871739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.872910] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.873468] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.875647] RSP: 0018:ffff888016067b78 EFLAGS: 00010246 [ 189.876271] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.877323] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 189.878064] RBP: ffff888016067b98 R08: ffffed10023ecd3e R09: ffffed10023ecd3e [ 189.878831] R10: ffff888011f669ef R11: ffffed10023ecd3d R12: ffff888011f66a90 [ 189.879575] R13: ffff888011f668a8 R14: ffffffffffffffff R15: ffff888016067c60 [ 189.880318] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.881180] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.881969] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.882986] PKRU: 55555554 [ 189.883306] Call Trace: [ 189.883586] [ 189.883827] iommufd_ioas_destroy+0x53/0x70 [ 189.884290] iommufd_fops_release+0x1f7/0x370 [ 189.884767] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.885289] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.885799] ? write_comp_data+0x2f/0x90 [ 189.886244] ? __pfx_iommufd_fops_release+0x10/0x10 [ 189.886923] __fput+0x26d/0xa40 [ 189.887496] ____fput+0x1e/0x30 [ 189.887863] task_work_run+0x1a4/0x2d0 [ 189.888281] ? __pfx_task_work_run+0x10/0x10 [ 189.888743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.889257] ? switch_task_namespaces+0xa9/0xe0 [ 189.889752] do_exit+0xb17/0x2ef0 [ 189.890117] ? lock_acquire+0x427/0x4c0 [ 189.890576] ? __pfx_lock_release+0x10/0x10 [ 189.891034] ? __kasan_check_write+0x18/0x20 [ 189.891518] ? do_raw_spin_lock+0x132/0x2a0 [ 189.891968] ? __pfx_do_exit+0x10/0x10 [ 189.892470] ? debug_smp_processor_id+0x20/0x30 [ 189.893109] ? rcu_is_watching+0x19/0xb0 [ 189.893731] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.894215] ? trace_hardirqs_on+0x26/0x120 [ 189.894716] do_group_exit+0xe0/0x2b0 [ 189.895132] __x64_sys_exit_group+0x47/0x50 [ 189.895583] do_syscall_64+0x3b/0x90 [ 189.895981] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.896530] RIP: 0033:0x7f4b87518a4d [ 189.896920] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.897604] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.898667] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.899693] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.900436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.901172] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.901914] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.902713] [ 189.902964] irq event stamp: 0 [ 189.903322] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.903980] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.905119] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.906287] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.906992] ---[ end trace 0000000000000000 ]--- [ 189.911563] ------------[ cut here ]------------ [ 189.912134] WARNING: CPU: 1 PID: 1804 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.913176] Modules linked in: [ 189.913543] CPU: 1 PID: 1804 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.914795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.916194] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.916718] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.918667] RSP: 0018:ffff888023dc7bb8 EFLAGS: 00010246 [ 189.919427] RAX: 0000000000000000 RBX: ffff8880189bc8a8 RCX: 0000000000000000 [ 189.920481] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 189.921234] RBP: ffff888023dc7bd0 R08: ffffed1003137933 R09: ffffed1003137933 [ 189.921983] R10: ffff8880189bc993 R11: ffffed1003137932 R12: ffff888013b68000 [ 189.922776] R13: ffff8880189bc9e8 R14: ffffffff8352e670 R15: ffff888023dc7e68 [ 189.923557] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.924667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.925517] CR2: 00007f4b877410e8 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 189.926282] PKRU: 55555554 [ 189.926616] Call Trace: [ 189.926895] [ 189.927158] __iommufd_access_detach+0x1c2/0x2b0 [ 189.927683] iommufd_access_change_pt+0x149/0x270 [ 189.928213] iommufd_access_replace+0xb4/0x120 [ 189.928807] iommufd_test+0x3e5/0x37e0 [ 189.929343] ? lock_release+0x532/0x770 [ 189.929974] ? __might_fault+0x102/0x1b0 [ 189.930418] ? lock_acquire+0x427/0x4c0 [ 189.930878] ? __pfx_iommufd_test+0x10/0x10 [ 189.931356] ? __pfx_lock_release+0x10/0x10 [ 189.931824] ? __pfx_lock_acquire+0x10/0x10 [ 189.932292] ? write_comp_data+0x2f/0x90 [ 189.932736] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.933344] ? write_comp_data+0x2f/0x90 [ 189.933947] iommufd_fops_ioctl+0x37d/0x510 [ 189.934619] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.935164] ? write_comp_data+0x2f/0x90 [ 189.935614] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 189.936141] __x64_sys_ioctl+0x1a3/0x230 [ 189.936587] do_syscall_64+0x3b/0x90 [ 189.936994] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.937558] RIP: 0033:0x7f4b8743ee5d [ 189.937955] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 189.939957] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 189.940769] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 189.941539] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 189.942307] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 189.943101] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 189.943890] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 189.944651] [ 189.944899] irq event stamp: 0 [ 189.945231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.945902] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.946838] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.947745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.948411] ---[ end trace 0000000000000000 ]--- [ 189.951904] ------------[ cut here ]------------ [ 189.952454] WARNING: CPU: 1 PID: 1804 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 189.953510] Modules linked in: [ 189.953846] CPU: 1 PID: 1804 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.954886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.956097] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 189.956628] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 189.958589] RSP: 0018:ffff888023dc7bd0 EFLAGS: 00010246 [ 189.959168] RAX: 0000000000000000 RBX: ffff8880189bc8a8 RCX: 0000000000000000 [ 189.959919] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 189.960676] RBP: ffff888023dc7be8 R08: ffffed1003137933 R09: ffffed1003137933 [ 189.961434] R10: ffff8880189bc993 R11: ffffed1003137932 R12: ffff88801422e400 [ 189.962184] R13: ffff8880189bc9e8 R14: ffff88801215f700 R15: 0000000000000000 [ 189.962984] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 189.963855] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 189.964467] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 189.965211] PKRU: 55555554 [ 189.965508] Call Trace: [ 189.965778] [ 189.966018] iommufd_access_destroy_object+0x65/0x170 [ 189.966604] iommufd_object_destroy_user+0x18e/0x220 [ 189.967162] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 189.967791] iommufd_access_destroy+0x43/0x70 [ 189.968271] iommufd_test_staccess_release+0x8d/0xd0 [ 189.968829] __fput+0x26d/0xa40 [ 189.969194] ____fput+0x1e/0x30 [ 189.969564] task_work_run+0x1a4/0x2d0 [ 189.969997] ? __pfx_task_work_run+0x10/0x10 [ 189.970478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 189.971055] ? switch_task_namespaces+0xa9/0xe0 [ 189.971578] do_exit+0xb17/0x2ef0 [ 189.971951] ? lock_acquire+0x427/0x4c0 [ 189.972380] ? __pfx_lock_release+0x10/0x10 [ 189.972855] ? __kasan_check_write+0x18/0x20 [ 189.973334] ? do_raw_spin_lock+0x132/0x2a0 [ 189.973794] ? __pfx_do_exit+0x10/0x10 [ 189.974220] ? debug_smp_processor_id+0x20/0x30 [ 189.974758] ? rcu_is_watching+0x19/0xb0 [ 189.975205] ? _raw_spin_unlock_irq+0x2b/0x60 [ 189.975691] ? trace_hardirqs_on+0x26/0x120 [ 189.976154] do_group_exit+0xe0/0x2b0 [ 189.976564] __x64_sys_exit_group+0x47/0x50 [ 189.977024] do_syscall_64+0x3b/0x90 [ 189.977429] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 189.977995] RIP: 0033:0x7f4b87518a4d [ 189.978393] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 189.979074] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 189.979907] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 189.980675] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 189.981543] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 189.982668] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 189.983448] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 189.984228] [ 189.984481] irq event stamp: 0 [ 189.984816] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 189.985478] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 189.986363] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 189.987543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 189.988485] ---[ end trace 0000000000000000 ]--- [ 189.989397] ------------[ cut here ]------------ [ 189.989900] WARNING: CPU: 1 PID: 1804 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 189.991018] Modules linked in: [ 189.991380] CPU: 1 PID: 1804 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 189.992290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 189.993616] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 189.994381] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 189.996341] RSP: 0018:ffff888023dc7b78 EFLAGS: 00010246 [ 189.996912] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 189.997659] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 189.998488] RBP: ffff888023dc7b98 R08: ffffed100313793e R09: ffffed100313793e [ 189.999546] R10: ffff8880189bc9ef R11: ffffed100313793d R12: ffff8880189bca90 [ 190.000296] R13: ffff8880189bc8a8 R14: ffffffffffffffff R15: ffff888023dc7c60 [ 190.001050] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.001904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.002602] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.003385] PKRU: 55555554 [ 190.003727] Call Trace: [ 190.004081] [ 190.004463] iommufd_ioas_destroy+0x53/0x70 [ 190.004946] iommufd_fops_release+0x1f7/0x370 [ 190.005432] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.005968] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.006496] ? write_comp_data+0x2f/0x90 [ 190.006992] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.007554] __fput+0x26d/0xa40 [ 190.007931] ____fput+0x1e/0x30 [ 190.008308] task_work_run+0x1a4/0x2d0 [ 190.008809] ? __pfx_task_work_run+0x10/0x10 [ 190.009463] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.010196] ? switch_task_namespaces+0xa9/0xe0 [ 190.010760] do_exit+0xb17/0x2ef0 [ 190.011158] ? lock_acquire+0x427/0x4c0 [ 190.011601] ? __pfx_lock_release+0x10/0x10 [ 190.012067] ? __kasan_check_write+0x18/0x20 [ 190.012540] ? do_raw_spin_lock+0x132/0x2a0 [ 190.013004] ? __pfx_do_exit+0x10/0x10 [ 190.013432] ? debug_smp_processor_id+0x20/0x30 [ 190.013937] ? rcu_is_watching+0x19/0xb0 [ 190.014470] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.015230] ? trace_hardirqs_on+0x26/0x120 [ 190.015705] do_group_exit+0xe0/0x2b0 [ 190.016109] __x64_sys_exit_group+0x47/0x50 [ 190.016566] do_syscall_64+0x3b/0x90 [ 190.016975] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.017537] RIP: 0033:0x7f4b87518a4d [ 190.017923] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.018617] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.019432] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.020372] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.021349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.022087] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.022867] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.023646] [ 190.023894] irq event stamp: 0 [ 190.024220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.024881] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.025976] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.027079] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.027750] ---[ end trace 0000000000000000 ]--- [ 190.032329] ------------[ cut here ]------------ [ 190.032891] WARNING: CPU: 1 PID: 1805 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.034229] Modules linked in: [ 190.034670] CPU: 1 PID: 1805 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.035612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.036898] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.037522] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.039679] RSP: 0018:ffff888016067bb8 EFLAGS: 00010246 [ 190.040243] RAX: 0000000000000000 RBX: ffff888023c140a8 RCX: 0000000000000000 [ 190.040977] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 190.041750] RBP: ffff888016067bd0 R08: ffffed1004782833 R09: ffffed1004782833 [ 190.042708] R10: ffff888023c14193 R11: ffffed1004782832 R12: ffff888014024400 [ 190.043481] R13: ffff888023c141e8 R14: ffffffff8352e670 R15: ffff888016067e68 [ 190.044217] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.045304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.045907] CR2: 00007f4b877410e8 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 190.046684] PKRU: 55555554 [ 190.046990] Call Trace: [ 190.047358] [ 190.047743] __iommufd_access_detach+0x1c2/0x2b0 [ 190.048258] iommufd_access_change_pt+0x149/0x270 [ 190.048772] iommufd_access_replace+0xb4/0x120 [ 190.049269] iommufd_test+0x3e5/0x37e0 [ 190.049742] ? lock_release+0x532/0x770 [ 190.050322] ? __might_fault+0x102/0x1b0 [ 190.050802] ? lock_acquire+0x427/0x4c0 [ 190.051264] ? __pfx_iommufd_test+0x10/0x10 [ 190.051723] ? __pfx_lock_release+0x10/0x10 [ 190.052189] ? __pfx_lock_acquire+0x10/0x10 [ 190.052717] ? write_comp_data+0x2f/0x90 [ 190.053309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.053820] ? write_comp_data+0x2f/0x90 [ 190.054259] iommufd_fops_ioctl+0x37d/0x510 [ 190.054750] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.055289] ? write_comp_data+0x2f/0x90 [ 190.055951] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.056463] __x64_sys_ioctl+0x1a3/0x230 [ 190.056906] do_syscall_64+0x3b/0x90 [ 190.057306] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.057935] RIP: 0033:0x7f4b8743ee5d [ 190.058453] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.060462] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.061386] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.062124] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.062883] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.063841] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.064585] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.065329] [ 190.065578] irq event stamp: 0 [ 190.065904] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.066590] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.067478] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.068350] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.069000] ---[ end trace 0000000000000000 ]--- [ 190.072584] ------------[ cut here ]------------ [ 190.073118] WARNING: CPU: 1 PID: 1805 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.074161] Modules linked in: [ 190.074496] CPU: 1 PID: 1805 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.075460] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.076618] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.077144] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.079107] RSP: 0018:ffff888016067bd0 EFLAGS: 00010246 [ 190.079693] RAX: 0000000000000000 RBX: ffff888023c140a8 RCX: 0000000000000000 [ 190.080432] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 190.081168] RBP: ffff888016067be8 R08: ffffed1004782833 R09: ffffed1004782833 [ 190.081902] R10: ffff888023c14193 R11: ffffed1004782832 R12: ffff888013b6b000 [ 190.082670] R13: ffff888023c141e8 R14: ffff888015acbe00 R15: 0000000000000000 [ 190.083429] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.084261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.084860] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.085600] PKRU: 55555554 [ 190.085896] Call Trace: [ 190.086159] [ 190.086396] iommufd_access_destroy_object+0x65/0x170 [ 190.086954] iommufd_object_destroy_user+0x18e/0x220 [ 190.087495] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.088105] iommufd_access_destroy+0x43/0x70 [ 190.088587] iommufd_test_staccess_release+0x8d/0xd0 [ 190.089129] __fput+0x26d/0xa40 [ 190.089494] ____fput+0x1e/0x30 [ 190.089849] task_work_run+0x1a4/0x2d0 [ 190.090269] ? __pfx_task_work_run+0x10/0x10 [ 190.090753] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.091287] ? switch_task_namespaces+0xa9/0xe0 [ 190.091792] do_exit+0xb17/0x2ef0 [ 190.092161] ? lock_acquire+0x427/0x4c0 [ 190.092587] ? __pfx_lock_release+0x10/0x10 [ 190.093043] ? __kasan_check_write+0x18/0x20 [ 190.093510] ? do_raw_spin_lock+0x132/0x2a0 [ 190.093965] ? __pfx_do_exit+0x10/0x10 [ 190.094386] ? debug_smp_processor_id+0x20/0x30 [ 190.094910] ? rcu_is_watching+0x19/0xb0 [ 190.095366] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.095844] ? trace_hardirqs_on+0x26/0x120 [ 190.096303] do_group_exit+0xe0/0x2b0 [ 190.096707] __x64_sys_exit_group+0x47/0x50 [ 190.097161] do_syscall_64+0x3b/0x90 [ 190.097569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.098125] RIP: 0033:0x7f4b87518a4d [ 190.098538] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.099202] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.099985] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.100718] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.101450] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.102185] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.102957] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.103736] [ 190.103984] irq event stamp: 0 [ 190.104322] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.104979] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.105850] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.106740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.107416] ---[ end trace 0000000000000000 ]--- [ 190.108298] ------------[ cut here ]------------ [ 190.108789] WARNING: CPU: 1 PID: 1805 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.109844] Modules linked in: [ 190.110181] CPU: 1 PID: 1805 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.111130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.112311] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.112849] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.114915] RSP: 0018:ffff888016067b78 EFLAGS: 00010246 [ 190.115495] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.116228] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 190.116962] RBP: ffff888016067b98 R08: ffffed100478283e R09: ffffed100478283e [ 190.117693] R10: ffff888023c141ef R11: ffffed100478283d R12: ffff888023c14290 [ 190.118423] R13: ffff888023c140a8 R14: ffffffffffffffff R15: ffff888016067c60 [ 190.119185] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.120013] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.120606] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.121328] PKRU: 55555554 [ 190.121615] Call Trace: [ 190.121874] [ 190.122106] iommufd_ioas_destroy+0x53/0x70 [ 190.122582] iommufd_fops_release+0x1f7/0x370 [ 190.123059] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.123591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.124095] ? write_comp_data+0x2f/0x90 [ 190.124518] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.125034] __fput+0x26d/0xa40 [ 190.125390] ____fput+0x1e/0x30 [ 190.125738] task_work_run+0x1a4/0x2d0 [ 190.126155] ? __pfx_task_work_run+0x10/0x10 [ 190.126645] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.127166] ? switch_task_namespaces+0xa9/0xe0 [ 190.127657] do_exit+0xb17/0x2ef0 [ 190.128015] ? lock_acquire+0x427/0x4c0 [ 190.128434] ? __pfx_lock_release+0x10/0x10 [ 190.128882] ? __kasan_check_write+0x18/0x20 [ 190.129347] ? do_raw_spin_lock+0x132/0x2a0 [ 190.129801] ? __pfx_do_exit+0x10/0x10 [ 190.130223] ? debug_smp_processor_id+0x20/0x30 [ 190.130734] ? rcu_is_watching+0x19/0xb0 [ 190.131207] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.131681] ? trace_hardirqs_on+0x26/0x120 [ 190.132134] do_group_exit+0xe0/0x2b0 [ 190.132533] __x64_sys_exit_group+0x47/0x50 [ 190.132980] do_syscall_64+0x3b/0x90 [ 190.133375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.133909] RIP: 0033:0x7f4b87518a4d [ 190.134297] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.134957] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.135749] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.136475] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.137212] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.137929] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.138684] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.139432] [ 190.139675] irq event stamp: 0 [ 190.139996] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.140632] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.141502] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.142371] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.143056] ---[ end trace 0000000000000000 ]--- [ 190.147717] ------------[ cut here ]------------ [ 190.148256] WARNING: CPU: 1 PID: 1806 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.149283] Modules linked in: [ 190.149603] CPU: 1 PID: 1806 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.150489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.151717] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.152230] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.154085] RSP: 0018:ffff88801059fbb8 EFLAGS: 00010246 [ 190.154666] RAX: 0000000000000000 RBX: ffff8880159588a8 RCX: 0000000000000000 [ 190.155413] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 190.156160] RBP: ffff88801059fbd0 R08: ffffed1002b2b133 R09: ffffed1002b2b133 [ 190.156880] R10: ffff888015958993 R11: ffffed1002b2b132 R12: ffff888014582c00 [ 190.157595] R13: ffff8880159589e8 R14: ffffffff8352e670 R15: ffff88801059fe68 [ 190.158319] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.159196] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.159790] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 190.160529] PKRU: 55555554 [ 190.160822] Call Trace: [ 190.161087] [ 190.161323] __iommufd_access_detach+0x1c2/0x2b0 [ 190.161821] iommufd_access_change_pt+0x149/0x270 [ 190.162320] iommufd_access_replace+0xb4/0x120 [ 190.162832] iommufd_test+0x3e5/0x37e0 [ 190.163255] ? lock_release+0x532/0x770 [ 190.163684] ? __might_fault+0x102/0x1b0 [ 190.164105] ? lock_acquire+0x427/0x4c0 [ 190.164521] ? __pfx_iommufd_test+0x10/0x10 [ 190.164966] ? __pfx_lock_release+0x10/0x10 [ 190.165418] ? __pfx_lock_acquire+0x10/0x10 [ 190.165865] ? write_comp_data+0x2f/0x90 [ 190.166295] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.166836] ? write_comp_data+0x2f/0x90 [ 190.167282] iommufd_fops_ioctl+0x37d/0x510 [ 190.167730] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.168225] ? write_comp_data+0x2f/0x90 [ 190.168663] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.169176] __x64_sys_ioctl+0x1a3/0x230 [ 190.169606] do_syscall_64+0x3b/0x90 [ 190.170015] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.170598] RIP: 0033:0x7f4b8743ee5d [ 190.170986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.172857] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.173643] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.174361] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.175132] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.175878] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.176611] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.177344] [ 190.177588] irq event stamp: 0 [ 190.177913] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.178608] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.179486] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.180335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.180989] ---[ end trace 0000000000000000 ]--- [ 190.184268] ------------[ cut here ]------------ [ 190.184788] WARNING: CPU: 1 PID: 1806 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.185820] Modules linked in: [ 190.186148] CPU: 1 PID: 1806 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.187091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.188249] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.188764] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.190651] RSP: 0018:ffff88801059fbd0 EFLAGS: 00010246 [ 190.191210] RAX: 0000000000000000 RBX: ffff8880159588a8 RCX: 0000000000000000 [ 190.191933] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 190.192653] RBP: ffff88801059fbe8 R08: ffffed1002b2b133 R09: ffffed1002b2b133 [ 190.193378] R10: ffff888015958993 R11: ffffed1002b2b132 R12: ffff888014024000 [ 190.194093] R13: ffff8880159589e8 R14: ffff888012de0f00 R15: 0000000000000000 [ 190.194855] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.195685] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.196277] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.196997] PKRU: 55555554 [ 190.197287] Call Trace: [ 190.197549] [ 190.197781] iommufd_access_destroy_object+0x65/0x170 [ 190.198310] iommufd_object_destroy_user+0x18e/0x220 [ 190.198856] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.199471] iommufd_access_destroy+0x43/0x70 [ 190.199938] iommufd_test_staccess_release+0x8d/0xd0 [ 190.200464] __fput+0x26d/0xa40 [ 190.200819] ____fput+0x1e/0x30 [ 190.201174] task_work_run+0x1a4/0x2d0 [ 190.201584] ? __pfx_task_work_run+0x10/0x10 [ 190.202033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.202564] ? switch_task_namespaces+0xa9/0xe0 [ 190.203047] do_exit+0xb17/0x2ef0 [ 190.203416] ? lock_acquire+0x427/0x4c0 [ 190.203832] ? __pfx_lock_release+0x10/0x10 [ 190.204272] ? __kasan_check_write+0x18/0x20 [ 190.204719] ? do_raw_spin_lock+0x132/0x2a0 [ 190.205164] ? __pfx_do_exit+0x10/0x10 [ 190.205571] ? debug_smp_processor_id+0x20/0x30 [ 190.206043] ? rcu_is_watching+0x19/0xb0 [ 190.206456] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.206957] ? trace_hardirqs_on+0x26/0x120 [ 190.207426] do_group_exit+0xe0/0x2b0 [ 190.207825] __x64_sys_exit_group+0x47/0x50 [ 190.208261] do_syscall_64+0x3b/0x90 [ 190.208653] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.209191] RIP: 0033:0x7f4b87518a4d [ 190.209571] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.210199] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.211006] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.211754] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.212481] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.213202] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.213919] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.214687] [ 190.214929] irq event stamp: 0 [ 190.215273] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.215911] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.216754] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.217609] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.218243] ---[ end trace 0000000000000000 ]--- [ 190.219180] ------------[ cut here ]------------ [ 190.219678] WARNING: CPU: 1 PID: 1806 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.220725] Modules linked in: [ 190.221067] CPU: 1 PID: 1806 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.221947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.223156] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.223686] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.225569] RSP: 0018:ffff88801059fb78 EFLAGS: 00010246 [ 190.226107] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.226854] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 190.227585] RBP: ffff88801059fb98 R08: ffffed1002b2b13e R09: ffffed1002b2b13e [ 190.228302] R10: ffff8880159589ef R11: ffffed1002b2b13d R12: ffff888015958a90 [ 190.229021] R13: ffff8880159588a8 R14: ffffffffffffffff R15: ffff88801059fc60 [ 190.229739] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.230575] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.231168] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.231884] PKRU: 55555554 [ 190.232171] Call Trace: [ 190.232429] [ 190.232657] iommufd_ioas_destroy+0x53/0x70 [ 190.233098] iommufd_fops_release+0x1f7/0x370 [ 190.233563] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.234065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.234591] ? write_comp_data+0x2f/0x90 [ 190.235014] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.235545] __fput+0x26d/0xa40 [ 190.235903] ____fput+0x1e/0x30 [ 190.236250] task_work_run+0x1a4/0x2d0 [ 190.236668] ? __pfx_task_work_run+0x10/0x10 [ 190.237136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.237822] ? switch_task_namespaces+0xa9/0xe0 [ 190.238559] do_exit+0xb17/0x2ef0 [ 190.238918] ? lock_acquire+0x427/0x4c0 [ 190.239353] ? __pfx_lock_release+0x10/0x10 [ 190.239803] ? __kasan_check_write+0x18/0x20 [ 190.240258] ? do_raw_spin_lock+0x132/0x2a0 [ 190.240701] ? __pfx_do_exit+0x10/0x10 [ 190.241107] ? debug_smp_processor_id+0x20/0x30 [ 190.241590] ? rcu_is_watching+0x19/0xb0 [ 190.242101] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.242726] ? trace_hardirqs_on+0x26/0x120 [ 190.243338] do_group_exit+0xe0/0x2b0 [ 190.243789] __x64_sys_exit_group+0x47/0x50 [ 190.244226] do_syscall_64+0x3b/0x90 [ 190.244620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.245147] RIP: 0033:0x7f4b87518a4d [ 190.245529] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.246148] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.246972] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.247703] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.248565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.249580] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.250309] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.251086] [ 190.251334] irq event stamp: 0 [ 190.251655] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.252286] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.253069] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.254071] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.254699] ---[ end trace 0000000000000000 ]--- [ 190.258874] ------------[ cut here ]------------ [ 190.259403] WARNING: CPU: 1 PID: 1807 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.260344] Modules linked in: [ 190.260641] CPU: 1 PID: 1807 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.261653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.262780] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.263261] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.264945] RSP: 0018:ffff888020887bb8 EFLAGS: 00010246 [ 190.265469] RAX: 0000000000000000 RBX: ffff8880245d10a8 RCX: 0000000000000000 [ 190.266311] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 190.267169] RBP: ffff888020887bd0 R08: ffffed10048ba233 R09: ffffed10048ba233 [ 190.267820] R10: ffff8880245d1193 R11: ffffed10048ba232 R12: ffff88801420c000 [ 190.268485] R13: ffff8880245d11e8 R14: ffffffff8352e670 R15: ffff888020887e68 [ 190.269142] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.269891] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.270664] CR2: 00007f4b877410e8 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 190.271339] PKRU: 55555554 [ 190.271609] Call Trace: [ 190.271848] [ 190.272063] __iommufd_access_detach+0x1c2/0x2b0 [ 190.272528] iommufd_access_change_pt+0x149/0x270 [ 190.272990] iommufd_access_replace+0xb4/0x120 [ 190.273426] iommufd_test+0x3e5/0x37e0 [ 190.273790] ? lock_release+0x532/0x770 [ 190.274315] ? __might_fault+0x102/0x1b0 [ 190.274741] ? lock_acquire+0x427/0x4c0 [ 190.275124] ? __pfx_iommufd_test+0x10/0x10 [ 190.275529] ? __pfx_lock_release+0x10/0x10 [ 190.275931] ? __pfx_lock_acquire+0x10/0x10 [ 190.276336] ? write_comp_data+0x2f/0x90 [ 190.276722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.277171] ? write_comp_data+0x2f/0x90 [ 190.277555] iommufd_fops_ioctl+0x37d/0x510 [ 190.278013] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.278644] ? write_comp_data+0x2f/0x90 [ 190.279036] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.279486] __x64_sys_ioctl+0x1a3/0x230 [ 190.279853] do_syscall_64+0x3b/0x90 [ 190.280187] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.280650] RIP: 0033:0x7f4b8743ee5d [ 190.280975] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.282766] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.283451] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.284071] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.284685] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.285303] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.286039] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.286771] [ 190.286979] irq event stamp: 0 [ 190.287269] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.287816] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.288526] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.289266] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.289971] ---[ end trace 0000000000000000 ]--- [ 190.293098] ------------[ cut here ]------------ [ 190.293756] WARNING: CPU: 1 PID: 1807 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.294704] Modules linked in: [ 190.294985] CPU: 1 PID: 1807 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.295751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.296704] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.297132] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.298928] RSP: 0018:ffff888020887bd0 EFLAGS: 00010246 [ 190.299409] RAX: 0000000000000000 RBX: ffff8880245d10a8 RCX: 0000000000000000 [ 190.300024] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 190.300634] RBP: ffff888020887be8 R08: ffffed10048ba233 R09: ffffed10048ba233 [ 190.301302] R10: ffff8880245d1193 R11: ffffed10048ba232 R12: ffff888014581c00 [ 190.302042] R13: ffff8880245d11e8 R14: ffff888012132d00 R15: 0000000000000000 [ 190.302678] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.303373] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.303872] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 190.304494] PKRU: 55555554 [ 190.304752] Call Trace: [ 190.305016] [ 190.305257] iommufd_access_destroy_object+0x65/0x170 [ 190.305753] iommufd_object_destroy_user+0x18e/0x220 [ 190.306194] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.306731] iommufd_access_destroy+0x43/0x70 [ 190.307150] iommufd_test_staccess_release+0x8d/0xd0 [ 190.307607] __fput+0x26d/0xa40 [ 190.307909] ____fput+0x1e/0x30 [ 190.308206] task_work_run+0x1a4/0x2d0 [ 190.308559] ? __pfx_task_work_run+0x10/0x10 [ 190.309042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.309564] ? switch_task_namespaces+0xa9/0xe0 [ 190.309983] do_exit+0xb17/0x2ef0 [ 190.310287] ? lock_acquire+0x427/0x4c0 [ 190.310673] ? __pfx_lock_release+0x10/0x10 [ 190.311057] ? __kasan_check_write+0x18/0x20 [ 190.311456] ? do_raw_spin_lock+0x132/0x2a0 [ 190.311830] ? __pfx_do_exit+0x10/0x10 [ 190.312172] ? debug_smp_processor_id+0x20/0x30 [ 190.312578] ? rcu_is_watching+0x19/0xb0 [ 190.313011] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.313499] ? trace_hardirqs_on+0x26/0x120 [ 190.313880] do_group_exit+0xe0/0x2b0 [ 190.314208] __x64_sys_exit_group+0x47/0x50 [ 190.314614] do_syscall_64+0x3b/0x90 [ 190.314953] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.315427] RIP: 0033:0x7f4b87518a4d [ 190.315760] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.316293] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.317124] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.317741] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.318346] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.318985] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.319620] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.320249] [ 190.320504] irq event stamp: 0 [ 190.320898] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.321446] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.322171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.322916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.323469] ---[ end trace 0000000000000000 ]--- [ 190.324389] ------------[ cut here ]------------ [ 190.324889] WARNING: CPU: 1 PID: 1807 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.325773] Modules linked in: [ 190.326052] CPU: 1 PID: 1807 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.326888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.327896] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.328399] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.330084] RSP: 0018:ffff888020887b78 EFLAGS: 00010246 [ 190.330558] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.331140] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 190.331717] RBP: ffff888020887b98 R08: ffffed10048ba23e R09: ffffed10048ba23e [ 190.332423] R10: ffff8880245d11ef R11: ffffed10048ba23d R12: ffff8880245d1290 [ 190.333000] R13: ffff8880245d10a8 R14: ffffffffffffffff R15: ffff888020887c60 [ 190.333569] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.334217] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.334755] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 190.335443] PKRU: 55555554 [ 190.335675] Call Trace: [ 190.335887] [ 190.336075] iommufd_ioas_destroy+0x53/0x70 [ 190.336440] iommufd_fops_release+0x1f7/0x370 [ 190.336817] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.337223] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.337623] ? write_comp_data+0x2f/0x90 [ 190.337961] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.338442] __fput+0x26d/0xa40 [ 190.338843] ____fput+0x1e/0x30 [ 190.339130] task_work_run+0x1a4/0x2d0 [ 190.339457] ? __pfx_task_work_run+0x10/0x10 [ 190.339821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.340225] ? switch_task_namespaces+0xa9/0xe0 [ 190.340614] do_exit+0xb17/0x2ef0 [ 190.340901] ? lock_acquire+0x427/0x4c0 [ 190.341233] ? __pfx_lock_release+0x10/0x10 [ 190.341590] ? __kasan_check_write+0x18/0x20 [ 190.341973] ? do_raw_spin_lock+0x132/0x2a0 [ 190.342447] ? __pfx_do_exit+0x10/0x10 [ 190.342807] ? debug_smp_processor_id+0x20/0x30 [ 190.343216] ? rcu_is_watching+0x19/0xb0 [ 190.343555] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.343941] ? trace_hardirqs_on+0x26/0x120 [ 190.344303] do_group_exit+0xe0/0x2b0 [ 190.344618] __x64_sys_exit_group+0x47/0x50 [ 190.344965] do_syscall_64+0x3b/0x90 [ 190.345279] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.345775] RIP: 0033:0x7f4b87518a4d [ 190.346168] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.346696] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.347315] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.347888] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.348460] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.349044] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.349794] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.350371] [ 190.350582] irq event stamp: 0 [ 190.350835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.351359] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.352027] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.352693] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.353361] ---[ end trace 0000000000000000 ]--- [ 190.358172] ------------[ cut here ]------------ [ 190.358646] WARNING: CPU: 0 PID: 1808 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.359659] Modules linked in: [ 190.359926] CPU: 0 PID: 1808 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.360650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.361574] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.361985] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.363510] RSP: 0018:ffff88801059fbb8 EFLAGS: 00010246 [ 190.363952] RAX: 0000000000000000 RBX: ffff8880160158a8 RCX: 0000000000000000 [ 190.364536] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 190.365119] RBP: ffff88801059fbd0 R08: ffffed1002c02b33 R09: ffffed1002c02b33 [ 190.365702] R10: ffff888016015993 R11: ffffed1002c02b32 R12: ffff888017b2b800 [ 190.366282] R13: ffff8880160159e8 R14: ffffffff8352e670 R15: ffff88801059fe68 [ 190.366888] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 190.367556] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.368042] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 190.368629] PKRU: 55555554 [ 190.368862] Call Trace: [ 190.369076] [ 190.369265] __iommufd_access_detach+0x1c2/0x2b0 [ 190.369674] iommufd_access_change_pt+0x149/0x270 [ 190.370081] iommufd_access_replace+0xb4/0x120 [ 190.370470] iommufd_test+0x3e5/0x37e0 [ 190.370810] ? lock_release+0x532/0x770 [ 190.371156] ? __might_fault+0x102/0x1b0 [ 190.371502] ? lock_acquire+0x427/0x4c0 [ 190.371842] ? __pfx_iommufd_test+0x10/0x10 [ 190.372196] ? __pfx_lock_release+0x10/0x10 [ 190.372559] ? __pfx_lock_acquire+0x10/0x10 [ 190.372923] ? write_comp_data+0x2f/0x90 [ 190.373268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.373683] ? write_comp_data+0x2f/0x90 [ 190.374028] iommufd_fops_ioctl+0x37d/0x510 [ 190.374396] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.374831] ? write_comp_data+0x2f/0x90 [ 190.375187] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.375602] __x64_sys_ioctl+0x1a3/0x230 [ 190.375957] do_syscall_64+0x3b/0x90 [ 190.376281] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.376720] RIP: 0033:0x7f4b8743ee5d [ 190.377033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.378556] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.379192] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.379777] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.380362] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.380946] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.381545] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.382140] [ 190.382335] irq event stamp: 0 [ 190.382616] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.383144] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.383835] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.384520] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.385042] ---[ end trace 0000000000000000 ]--- [ 190.388405] ------------[ cut here ]------------ [ 190.388807] WARNING: CPU: 0 PID: 1808 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.389680] Modules linked in: [ 190.390057] CPU: 0 PID: 1808 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.390814] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.391833] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.392328] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.394016] RSP: 0018:ffff88801059fbd0 EFLAGS: 00010246 [ 190.394460] RAX: 0000000000000000 RBX: ffff8880160158a8 RCX: 0000000000000000 [ 190.395073] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 190.395741] RBP: ffff88801059fbe8 R08: ffffed1002c02b33 R09: ffffed1002c02b33 [ 190.396424] R10: ffff888016015993 R11: ffffed1002c02b32 R12: ffff888013b23c00 [ 190.397015] R13: ffff8880160159e8 R14: ffff888020edb400 R15: 0000000000000000 [ 190.397684] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 190.398436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.398940] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 190.399588] PKRU: 55555554 [ 190.399932] Call Trace: [ 190.400149] [ 190.400340] iommufd_access_destroy_object+0x65/0x170 [ 190.400779] iommufd_object_destroy_user+0x18e/0x220 [ 190.401242] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.401852] iommufd_access_destroy+0x43/0x70 [ 190.402239] iommufd_test_staccess_release+0x8d/0xd0 [ 190.402690] __fput+0x26d/0xa40 [ 190.402985] ____fput+0x1e/0x30 [ 190.403282] task_work_run+0x1a4/0x2d0 [ 190.403799] ? __pfx_task_work_run+0x10/0x10 [ 190.404175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.404586] ? switch_task_namespaces+0xa9/0xe0 [ 190.404983] do_exit+0xb17/0x2ef0 [ 190.405345] ? lock_acquire+0x427/0x4c0 [ 190.405788] ? __pfx_lock_release+0x10/0x10 [ 190.406161] ? __kasan_check_write+0x18/0x20 [ 190.406556] ? do_raw_spin_lock+0x132/0x2a0 [ 190.406923] ? __pfx_do_exit+0x10/0x10 [ 190.407269] ? debug_smp_processor_id+0x20/0x30 [ 190.407826] ? rcu_is_watching+0x19/0xb0 [ 190.408168] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.408556] ? trace_hardirqs_on+0x26/0x120 [ 190.408924] do_group_exit+0xe0/0x2b0 [ 190.409265] __x64_sys_exit_group+0x47/0x50 [ 190.409756] do_syscall_64+0x3b/0x90 [ 190.410079] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.410539] RIP: 0033:0x7f4b87518a4d [ 190.410851] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.411376] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.412172] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.412761] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.413426] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.414080] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.414692] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.415358] [ 190.415650] irq event stamp: 0 [ 190.415914] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.416432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.417200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.417986] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.418530] ---[ end trace 0000000000000000 ]--- [ 190.419340] ------------[ cut here ]------------ [ 190.419734] WARNING: CPU: 0 PID: 1808 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.420575] Modules linked in: [ 190.420922] CPU: 0 PID: 1808 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.421743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.422844] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.423282] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.424943] RSP: 0018:ffff88801059fb78 EFLAGS: 00010246 [ 190.425384] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.425972] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 190.426751] RBP: ffff88801059fb98 R08: ffffed1002c02b3e R09: ffffed1002c02b3e [ 190.427365] R10: ffff8880160159ef R11: ffffed1002c02b3d R12: ffff888016015a90 [ 190.427971] R13: ffff8880160158a8 R14: ffffffffffffffff R15: ffff88801059fc60 [ 190.428635] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 190.429396] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.429874] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 190.430639] PKRU: 55555554 [ 190.430874] Call Trace: [ 190.431087] [ 190.431284] iommufd_ioas_destroy+0x53/0x70 [ 190.431651] iommufd_fops_release+0x1f7/0x370 [ 190.432030] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.432616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.433030] ? write_comp_data+0x2f/0x90 [ 190.433378] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.433798] __fput+0x26d/0xa40 [ 190.434163] ____fput+0x1e/0x30 [ 190.434536] task_work_run+0x1a4/0x2d0 [ 190.434868] ? __pfx_task_work_run+0x10/0x10 [ 190.435247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.435661] ? switch_task_namespaces+0xa9/0xe0 [ 190.436061] do_exit+0xb17/0x2ef0 [ 190.436518] ? lock_acquire+0x427/0x4c0 [ 190.436864] ? __pfx_lock_release+0x10/0x10 [ 190.437232] ? __kasan_check_write+0x18/0x20 [ 190.437604] ? do_raw_spin_lock+0x132/0x2a0 [ 190.437964] ? __pfx_do_exit+0x10/0x10 [ 190.438371] ? debug_smp_processor_id+0x20/0x30 [ 190.438852] ? rcu_is_watching+0x19/0xb0 [ 190.439203] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.439588] ? trace_hardirqs_on+0x26/0x120 [ 190.439954] do_group_exit+0xe0/0x2b0 [ 190.440299] __x64_sys_exit_group+0x47/0x50 [ 190.440800] do_syscall_64+0x3b/0x90 [ 190.441120] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.441560] RIP: 0033:0x7f4b87518a4d [ 190.441871] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.442577] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.443217] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.443810] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.444559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.445152] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.445737] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.446332] [ 190.446548] irq event stamp: 0 [ 190.446811] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.447341] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.448032] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.448718] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.449235] ---[ end trace 0000000000000000 ]--- [ 190.452965] ------------[ cut here ]------------ [ 190.453386] WARNING: CPU: 1 PID: 1809 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.454210] Modules linked in: [ 190.454473] CPU: 1 PID: 1809 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.455453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.456352] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.456751] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.458242] RSP: 0018:ffff888014227bb8 EFLAGS: 00010246 [ 190.458680] RAX: 0000000000000000 RBX: ffff8880188460a8 RCX: 0000000000000000 [ 190.459274] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 190.459841] RBP: ffff888014227bd0 R08: ffffed1003108c33 R09: ffffed1003108c33 [ 190.460405] R10: ffff888018846193 R11: ffffed1003108c32 R12: ffff888010e00400 [ 190.460972] R13: ffff8880188461e8 R14: ffffffff8352e670 R15: ffff888014227e68 [ 190.461548] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.462199] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.462679] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 190.463263] PKRU: 55555554 [ 190.463489] Call Trace: [ 190.463693] [ 190.463876] __iommufd_access_detach+0x1c2/0x2b0 [ 190.464268] iommufd_access_change_pt+0x149/0x270 [ 190.464665] iommufd_access_replace+0xb4/0x120 [ 190.465041] iommufd_test+0x3e5/0x37e0 [ 190.465356] ? lock_release+0x532/0x770 [ 190.465685] ? __might_fault+0x102/0x1b0 [ 190.466016] ? lock_acquire+0x427/0x4c0 [ 190.466345] ? __pfx_iommufd_test+0x10/0x10 [ 190.466701] ? __pfx_lock_release+0x10/0x10 [ 190.467054] ? __pfx_lock_acquire+0x10/0x10 [ 190.467423] ? write_comp_data+0x2f/0x90 [ 190.467762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.468157] ? write_comp_data+0x2f/0x90 [ 190.468497] iommufd_fops_ioctl+0x37d/0x510 [ 190.468853] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.469254] ? write_comp_data+0x2f/0x90 [ 190.469592] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.469984] __x64_sys_ioctl+0x1a3/0x230 [ 190.470324] do_syscall_64+0x3b/0x90 [ 190.470652] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.471076] RIP: 0033:0x7f4b8743ee5d [ 190.471389] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.472847] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.473457] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.474031] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.474624] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.475209] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.475794] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.476374] [ 190.476565] irq event stamp: 0 [ 190.476819] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.477328] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.477998] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.478683] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.479217] ---[ end trace 0000000000000000 ]--- [ 190.482095] ------------[ cut here ]------------ [ 190.482570] WARNING: CPU: 1 PID: 1809 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.483402] Modules linked in: [ 190.483661] CPU: 1 PID: 1809 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.484359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.485260] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.485661] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.487150] RSP: 0018:ffff888014227bd0 EFLAGS: 00010246 [ 190.487589] RAX: 0000000000000000 RBX: ffff8880188460a8 RCX: 0000000000000000 [ 190.488160] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 190.488746] RBP: ffff888014227be8 R08: ffffed1003108c33 R09: ffffed1003108c33 [ 190.489316] R10: ffff888018846193 R11: ffffed1003108c32 R12: ffff88801420f000 [ 190.489885] R13: ffff8880188461e8 R14: ffff88802090d800 R15: 0000000000000000 [ 190.490455] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.491111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.491586] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.492158] PKRU: 55555554 [ 190.492384] Call Trace: [ 190.492591] [ 190.492775] iommufd_access_destroy_object+0x65/0x170 [ 190.493201] iommufd_object_destroy_user+0x18e/0x220 [ 190.493620] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.494098] iommufd_access_destroy+0x43/0x70 [ 190.494469] iommufd_test_staccess_release+0x8d/0xd0 [ 190.494910] __fput+0x26d/0xa40 [ 190.495201] ____fput+0x1e/0x30 [ 190.495476] task_work_run+0x1a4/0x2d0 [ 190.495810] ? __pfx_task_work_run+0x10/0x10 [ 190.496182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.496590] ? switch_task_namespaces+0xa9/0xe0 [ 190.496987] do_exit+0xb17/0x2ef0 [ 190.497349] ? lock_acquire+0x427/0x4c0 [ 190.497762] ? __pfx_lock_release+0x10/0x10 [ 190.498113] ? __kasan_check_write+0x18/0x20 [ 190.498469] ? do_raw_spin_lock+0x132/0x2a0 [ 190.498840] ? __pfx_do_exit+0x10/0x10 [ 190.499178] ? debug_smp_processor_id+0x20/0x30 [ 190.499617] ? rcu_is_watching+0x19/0xb0 [ 190.499996] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.500365] ? trace_hardirqs_on+0x26/0x120 [ 190.500713] do_group_exit+0xe0/0x2b0 [ 190.501017] __x64_sys_exit_group+0x47/0x50 [ 190.501418] do_syscall_64+0x3b/0x90 [ 190.501778] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.502199] RIP: 0033:0x7f4b87518a4d [ 190.502492] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.502991] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.503659] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.504270] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.504822] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.505442] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.506049] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.506637] [ 190.506826] irq event stamp: 0 [ 190.507076] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.507695] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.508351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.509004] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.509610] ---[ end trace 0000000000000000 ]--- [ 190.510302] ------------[ cut here ]------------ [ 190.510710] WARNING: CPU: 1 PID: 1809 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.511582] Modules linked in: [ 190.511909] CPU: 1 PID: 1809 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.512599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.513629] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.514045] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.515864] RSP: 0018:ffff888014227b78 EFLAGS: 00010246 [ 190.516301] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.516871] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 190.517511] RBP: ffff888014227b98 R08: ffffed1003108c3e R09: ffffed1003108c3e [ 190.518169] R10: ffff8880188461ef R11: ffffed1003108c3d R12: ffff888018846290 [ 190.518764] R13: ffff8880188460a8 R14: ffffffffffffffff R15: ffff888014227c60 [ 190.519350] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.520128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.520595] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.521168] PKRU: 55555554 [ 190.521428] Call Trace: [ 190.521731] [ 190.521916] iommufd_ioas_destroy+0x53/0x70 [ 190.522274] iommufd_fops_release+0x1f7/0x370 [ 190.522666] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.523076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.523498] ? write_comp_data+0x2f/0x90 [ 190.523972] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.524380] __fput+0x26d/0xa40 [ 190.524665] ____fput+0x1e/0x30 [ 190.524943] task_work_run+0x1a4/0x2d0 [ 190.525285] ? __pfx_task_work_run+0x10/0x10 [ 190.525720] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.526202] ? switch_task_namespaces+0xa9/0xe0 [ 190.526621] do_exit+0xb17/0x2ef0 [ 190.526911] ? lock_acquire+0x427/0x4c0 [ 190.527263] ? __pfx_lock_release+0x10/0x10 [ 190.527626] ? __kasan_check_write+0x18/0x20 [ 190.528068] ? do_raw_spin_lock+0x132/0x2a0 [ 190.528502] ? __pfx_do_exit+0x10/0x10 [ 190.528831] ? debug_smp_processor_id+0x20/0x30 [ 190.529218] ? rcu_is_watching+0x19/0xb0 [ 190.529553] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.529924] ? trace_hardirqs_on+0x26/0x120 [ 190.530279] do_group_exit+0xe0/0x2b0 [ 190.530626] __x64_sys_exit_group+0x47/0x50 [ 190.530983] do_syscall_64+0x3b/0x90 [ 190.531304] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.531731] RIP: 0033:0x7f4b87518a4d [ 190.532037] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.532535] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.533147] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.533720] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.534293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.534886] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.535479] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.536057] [ 190.536245] irq event stamp: 0 [ 190.536499] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.537011] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.537694] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.538377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.538932] ---[ end trace 0000000000000000 ]--- [ 190.542745] ------------[ cut here ]------------ [ 190.543181] WARNING: CPU: 1 PID: 1810 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.544008] Modules linked in: [ 190.544273] CPU: 1 PID: 1810 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.544970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.545882] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.546290] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.547996] RSP: 0018:ffff888021af7bb8 EFLAGS: 00010246 [ 190.548436] RAX: 0000000000000000 RBX: ffff88800f3718a8 RCX: 0000000000000000 [ 190.549001] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 190.549569] RBP: ffff888021af7bd0 R08: ffffed1001e6e333 R09: ffffed1001e6e333 [ 190.550147] R10: ffff88800f371993 R11: ffffed1001e6e332 R12: ffff88801422e400 [ 190.550741] R13: ffff88800f3719e8 R14: ffffffff8352e670 R15: ffff888021af7e68 [ 190.551329] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.551978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.552445] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 190.553017] PKRU: 55555554 [ 190.553246] Call Trace: [ 190.553451] [ 190.553634] __iommufd_access_detach+0x1c2/0x2b0 [ 190.554030] iommufd_access_change_pt+0x149/0x270 [ 190.554431] iommufd_access_replace+0xb4/0x120 [ 190.554828] iommufd_test+0x3e5/0x37e0 [ 190.555164] ? lock_release+0x532/0x770 [ 190.555497] ? __might_fault+0x102/0x1b0 [ 190.555836] ? lock_acquire+0x427/0x4c0 [ 190.556167] ? __pfx_iommufd_test+0x10/0x10 [ 190.556518] ? __pfx_lock_release+0x10/0x10 [ 190.556879] ? __pfx_lock_acquire+0x10/0x10 [ 190.557252] ? write_comp_data+0x2f/0x90 [ 190.557597] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.557995] ? write_comp_data+0x2f/0x90 [ 190.558338] iommufd_fops_ioctl+0x37d/0x510 [ 190.558707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.559109] ? write_comp_data+0x2f/0x90 [ 190.559458] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.559854] __x64_sys_ioctl+0x1a3/0x230 [ 190.560193] do_syscall_64+0x3b/0x90 [ 190.560508] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.560936] RIP: 0033:0x7f4b8743ee5d [ 190.561237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.562722] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.563355] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.563931] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.564503] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.565084] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.565676] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.566266] [ 190.566458] irq event stamp: 0 [ 190.566731] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.567265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.567956] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.568656] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.569172] ---[ end trace 0000000000000000 ]--- [ 190.572011] ------------[ cut here ]------------ [ 190.572422] WARNING: CPU: 1 PID: 1810 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.573232] Modules linked in: [ 190.573504] CPU: 1 PID: 1810 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.574205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.575158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.575570] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.577037] RSP: 0018:ffff888021af7bd0 EFLAGS: 00010246 [ 190.577475] RAX: 0000000000000000 RBX: ffff88800f3718a8 RCX: 0000000000000000 [ 190.578045] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 190.578639] RBP: ffff888021af7be8 R08: ffffed1001e6e333 R09: ffffed1001e6e333 [ 190.579243] R10: ffff88800f371993 R11: ffffed1001e6e332 R12: ffff888010e00800 [ 190.579821] R13: ffff88800f3719e8 R14: ffff88800b1f3000 R15: 0000000000000000 [ 190.580391] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.581035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.581514] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.582119] PKRU: 55555554 [ 190.582359] Call Trace: [ 190.582589] [ 190.582779] iommufd_access_destroy_object+0x65/0x170 [ 190.583218] iommufd_object_destroy_user+0x18e/0x220 [ 190.583633] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.584131] iommufd_access_destroy+0x43/0x70 [ 190.584500] iommufd_test_staccess_release+0x8d/0xd0 [ 190.584937] __fput+0x26d/0xa40 [ 190.585229] ____fput+0x1e/0x30 [ 190.585521] task_work_run+0x1a4/0x2d0 [ 190.585854] ? __pfx_task_work_run+0x10/0x10 [ 190.586224] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.586668] ? switch_task_namespaces+0xa9/0xe0 [ 190.587066] do_exit+0xb17/0x2ef0 [ 190.587378] ? lock_acquire+0x427/0x4c0 [ 190.587716] ? __pfx_lock_release+0x10/0x10 [ 190.588085] ? __kasan_check_write+0x18/0x20 [ 190.588461] ? do_raw_spin_lock+0x132/0x2a0 [ 190.588824] ? __pfx_do_exit+0x10/0x10 [ 190.589152] ? debug_smp_processor_id+0x20/0x30 [ 190.589540] ? rcu_is_watching+0x19/0xb0 [ 190.589870] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.590251] ? trace_hardirqs_on+0x26/0x120 [ 190.590644] do_group_exit+0xe0/0x2b0 [ 190.590953] __x64_sys_exit_group+0x47/0x50 [ 190.591321] do_syscall_64+0x3b/0x90 [ 190.591638] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.592053] RIP: 0033:0x7f4b87518a4d [ 190.592354] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.592855] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.593467] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.594019] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.594621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.595279] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.595989] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.596583] [ 190.596773] irq event stamp: 0 [ 190.597071] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.597587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.598281] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.598996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.599544] ---[ end trace 0000000000000000 ]--- [ 190.600260] ------------[ cut here ]------------ [ 190.600663] WARNING: CPU: 1 PID: 1810 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.601553] Modules linked in: [ 190.601839] CPU: 1 PID: 1810 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.602602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.603624] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.604086] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.605666] RSP: 0018:ffff888021af7b78 EFLAGS: 00010246 [ 190.606107] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.606752] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 190.607379] RBP: ffff888021af7b98 R08: ffffed1001e6e33e R09: ffffed1001e6e33e [ 190.608001] R10: ffff88800f3719ef R11: ffffed1001e6e33d R12: ffff88800f371a90 [ 190.608620] R13: ffff88800f3718a8 R14: ffffffffffffffff R15: ffff888021af7c60 [ 190.609218] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.609898] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.610405] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.611061] PKRU: 55555554 [ 190.611380] Call Trace: [ 190.611611] [ 190.611794] iommufd_ioas_destroy+0x53/0x70 [ 190.612163] iommufd_fops_release+0x1f7/0x370 [ 190.612564] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.612999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.613451] ? write_comp_data+0x2f/0x90 [ 190.613825] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.614281] __fput+0x26d/0xa40 [ 190.614646] ____fput+0x1e/0x30 [ 190.614945] task_work_run+0x1a4/0x2d0 [ 190.615314] ? __pfx_task_work_run+0x10/0x10 [ 190.615728] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.616200] ? switch_task_namespaces+0xa9/0xe0 [ 190.616634] do_exit+0xb17/0x2ef0 [ 190.616954] ? lock_acquire+0x427/0x4c0 [ 190.617345] ? __pfx_lock_release+0x10/0x10 [ 190.617772] ? __kasan_check_write+0x18/0x20 [ 190.618207] ? do_raw_spin_lock+0x132/0x2a0 [ 190.618647] ? __pfx_do_exit+0x10/0x10 [ 190.619004] ? debug_smp_processor_id+0x20/0x30 [ 190.619460] ? rcu_is_watching+0x19/0xb0 [ 190.619849] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.620282] ? trace_hardirqs_on+0x26/0x120 [ 190.620698] do_group_exit+0xe0/0x2b0 [ 190.621063] __x64_sys_exit_group+0x47/0x50 [ 190.621483] do_syscall_64+0x3b/0x90 [ 190.621852] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.622340] RIP: 0033:0x7f4b87518a4d [ 190.622729] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.623328] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.624049] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.624719] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.625388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.626074] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.626772] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.627460] [ 190.627684] irq event stamp: 0 [ 190.627984] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.628592] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.629384] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.630179] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.630833] ---[ end trace 0000000000000000 ]--- [ 190.636626] ------------[ cut here ]------------ [ 190.637169] WARNING: CPU: 1 PID: 1811 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.638211] Modules linked in: [ 190.638586] CPU: 1 PID: 1811 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.639504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.640659] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.641169] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.643070] RSP: 0018:ffff888017b4fbb8 EFLAGS: 00010246 [ 190.643643] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 190.644388] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 190.645122] RBP: ffff888017b4fbd0 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 190.645854] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff88800fcb2c00 [ 190.646608] R13: ffff88800b8161e8 R14: ffffffff8352e670 R15: ffff888017b4fe68 [ 190.647350] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.648168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.648761] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 190.649498] PKRU: 55555554 [ 190.649798] Call Trace: [ 190.650069] [ 190.650314] __iommufd_access_detach+0x1c2/0x2b0 [ 190.650914] iommufd_access_change_pt+0x149/0x270 [ 190.651443] iommufd_access_replace+0xb4/0x120 [ 190.651933] iommufd_test+0x3e5/0x37e0 [ 190.652338] ? lock_release+0x532/0x770 [ 190.652773] ? __might_fault+0x102/0x1b0 [ 190.653207] ? lock_acquire+0x427/0x4c0 [ 190.653639] ? __pfx_iommufd_test+0x10/0x10 [ 190.654082] ? __pfx_lock_release+0x10/0x10 [ 190.654563] ? __pfx_lock_acquire+0x10/0x10 [ 190.655020] ? write_comp_data+0x2f/0x90 [ 190.655462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.655970] ? write_comp_data+0x2f/0x90 [ 190.656404] iommufd_fops_ioctl+0x37d/0x510 [ 190.656849] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.657358] ? write_comp_data+0x2f/0x90 [ 190.657801] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.658319] __x64_sys_ioctl+0x1a3/0x230 [ 190.658809] do_syscall_64+0x3b/0x90 [ 190.659239] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.659789] RIP: 0033:0x7f4b8743ee5d [ 190.660185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.662084] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.662914] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.663674] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.664426] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.665164] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.665912] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.666706] [ 190.666961] irq event stamp: 0 [ 190.667312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.667967] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.668831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.669684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.670334] ---[ end trace 0000000000000000 ]--- [ 190.673654] ------------[ cut here ]------------ [ 190.674192] WARNING: CPU: 1 PID: 1811 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.675324] Modules linked in: [ 190.675668] CPU: 1 PID: 1811 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.676588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.677750] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.678265] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.680196] RSP: 0018:ffff888017b4fbd0 EFLAGS: 00010246 [ 190.680759] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 190.681499] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 190.682238] RBP: ffff888017b4fbe8 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 190.683000] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff88801422c800 [ 190.683764] R13: ffff88800b8161e8 R14: ffff888015bbf800 R15: 0000000000000000 [ 190.684499] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.685340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.685941] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.686708] PKRU: 55555554 [ 190.687010] Call Trace: [ 190.687298] [ 190.687550] iommufd_access_destroy_object+0x65/0x170 [ 190.688092] iommufd_object_destroy_user+0x18e/0x220 [ 190.688619] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.689221] iommufd_access_destroy+0x43/0x70 [ 190.689700] iommufd_test_staccess_release+0x8d/0xd0 [ 190.690251] __fput+0x26d/0xa40 [ 190.690652] ____fput+0x1e/0x30 [ 190.691016] task_work_run+0x1a4/0x2d0 [ 190.691446] ? __pfx_task_work_run+0x10/0x10 [ 190.691920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.692438] ? switch_task_namespaces+0xa9/0xe0 [ 190.692932] do_exit+0xb17/0x2ef0 [ 190.693308] ? lock_acquire+0x427/0x4c0 [ 190.693741] ? __pfx_lock_release+0x10/0x10 [ 190.694213] ? __kasan_check_write+0x18/0x20 [ 190.694720] ? do_raw_spin_lock+0x132/0x2a0 [ 190.695209] ? __pfx_do_exit+0x10/0x10 [ 190.695632] ? debug_smp_processor_id+0x20/0x30 [ 190.696127] ? rcu_is_watching+0x19/0xb0 [ 190.696552] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.697031] ? trace_hardirqs_on+0x26/0x120 [ 190.697482] do_group_exit+0xe0/0x2b0 [ 190.697872] __x64_sys_exit_group+0x47/0x50 [ 190.698313] do_syscall_64+0x3b/0x90 [ 190.698739] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.699301] RIP: 0033:0x7f4b87518a4d [ 190.699689] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.700324] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.701107] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.701838] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.702611] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.703368] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.704100] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.704845] [ 190.705088] irq event stamp: 0 [ 190.705415] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.706059] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.706957] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.707826] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.708473] ---[ end trace 0000000000000000 ]--- [ 190.709357] ------------[ cut here ]------------ [ 190.709844] WARNING: CPU: 1 PID: 1811 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.710924] Modules linked in: [ 190.711285] CPU: 1 PID: 1811 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.712188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.713356] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.713887] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.715807] RSP: 0018:ffff888017b4fb78 EFLAGS: 00010246 [ 190.716356] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.717088] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 190.717825] RBP: ffff888017b4fb98 R08: ffffed1001702c3e R09: ffffed1001702c3e [ 190.718601] R10: ffff88800b8161ef R11: ffffed1001702c3d R12: ffff88800b816290 [ 190.719356] R13: ffff88800b8160a8 R14: ffffffffffffffff R15: ffff888017b4fc60 [ 190.720081] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.720906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.721499] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.722228] PKRU: 55555554 [ 190.722554] Call Trace: [ 190.722826] [ 190.723062] iommufd_ioas_destroy+0x53/0x70 [ 190.723524] iommufd_fops_release+0x1f7/0x370 [ 190.723995] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.724522] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.725031] ? write_comp_data+0x2f/0x90 [ 190.725458] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.725976] __fput+0x26d/0xa40 [ 190.726336] ____fput+0x1e/0x30 [ 190.726711] task_work_run+0x1a4/0x2d0 [ 190.727133] ? __pfx_task_work_run+0x10/0x10 [ 190.727599] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.728102] ? switch_task_namespaces+0xa9/0xe0 [ 190.728591] do_exit+0xb17/0x2ef0 [ 190.728951] ? lock_acquire+0x427/0x4c0 [ 190.729373] ? __pfx_lock_release+0x10/0x10 [ 190.729815] ? __kasan_check_write+0x18/0x20 [ 190.730268] ? do_raw_spin_lock+0x132/0x2a0 [ 190.730727] ? __pfx_do_exit+0x10/0x10 [ 190.731149] ? debug_smp_processor_id+0x20/0x30 [ 190.731637] ? rcu_is_watching+0x19/0xb0 [ 190.732069] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.732541] ? trace_hardirqs_on+0x26/0x120 [ 190.732984] do_group_exit+0xe0/0x2b0 [ 190.733374] __x64_sys_exit_group+0x47/0x50 [ 190.733809] do_syscall_64+0x3b/0x90 [ 190.734195] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.734763] RIP: 0033:0x7f4b87518a4d [ 190.735150] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.735769] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.736518] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.737227] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.737944] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.738683] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.739423] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.740142] [ 190.740380] irq event stamp: 0 [ 190.740696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.741335] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.742160] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.743012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.743667] ---[ end trace 0000000000000000 ]--- [ 190.749240] ------------[ cut here ]------------ [ 190.749767] WARNING: CPU: 1 PID: 1812 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.751031] Modules linked in: [ 190.751377] CPU: 1 PID: 1812 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.752251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.753620] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.754757] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.756649] RSP: 0018:ffff88802455fbb8 EFLAGS: 00010246 [ 190.757180] RAX: 0000000000000000 RBX: ffff8880244830a8 RCX: 0000000000000000 [ 190.757897] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 190.758856] RBP: ffff88802455fbd0 R08: ffffed1004890633 R09: ffffed1004890633 [ 190.759821] R10: ffff888024483193 R11: ffffed1004890632 R12: ffff88800f1f2400 [ 190.760539] R13: ffff8880244831e8 R14: ffffffff8352e670 R15: ffff88802455fe68 [ 190.761267] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.762085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.762726] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 190.763474] PKRU: 55555554 [ 190.763772] Call Trace: [ 190.764037] [ 190.764278] __iommufd_access_detach+0x1c2/0x2b0 [ 190.764941] iommufd_access_change_pt+0x149/0x270 [ 190.765627] iommufd_access_replace+0xb4/0x120 [ 190.766102] iommufd_test+0x3e5/0x37e0 [ 190.766497] ? lock_release+0x532/0x770 [ 190.766961] ? __might_fault+0x102/0x1b0 [ 190.767419] ? lock_acquire+0x427/0x4c0 [ 190.767848] ? __pfx_iommufd_test+0x10/0x10 [ 190.768292] ? __pfx_lock_release+0x10/0x10 [ 190.768749] ? __pfx_lock_acquire+0x10/0x10 [ 190.769214] ? write_comp_data+0x2f/0x90 [ 190.769655] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.770328] ? write_comp_data+0x2f/0x90 [ 190.770945] iommufd_fops_ioctl+0x37d/0x510 [ 190.771420] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.771927] ? write_comp_data+0x2f/0x90 [ 190.772362] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.772868] __x64_sys_ioctl+0x1a3/0x230 [ 190.773303] do_syscall_64+0x3b/0x90 [ 190.773699] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.774237] RIP: 0033:0x7f4b8743ee5d [ 190.774658] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.776828] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.777887] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.778681] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.779431] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.780164] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.780889] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.781640] [ 190.781961] irq event stamp: 0 [ 190.782398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.783348] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.784207] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.785056] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.785701] ---[ end trace 0000000000000000 ]--- [ 190.788955] ------------[ cut here ]------------ [ 190.789475] WARNING: CPU: 1 PID: 1812 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.790506] Modules linked in: [ 190.790888] CPU: 1 PID: 1812 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.791807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.793331] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.794065] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.795990] RSP: 0018:ffff88802455fbd0 EFLAGS: 00010246 [ 190.796540] RAX: 0000000000000000 RBX: ffff8880244830a8 RCX: 0000000000000000 [ 190.797267] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 190.798051] RBP: ffff88802455fbe8 R08: ffffed1004890633 R09: ffffed1004890633 [ 190.799112] R10: ffff888024483193 R11: ffffed1004890632 R12: ffff88800fcb0800 [ 190.799872] R13: ffff8880244831e8 R14: ffff888012040200 R15: 0000000000000000 [ 190.800597] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.801408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.802003] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.802856] PKRU: 55555554 [ 190.803321] Call Trace: [ 190.803665] [ 190.803904] iommufd_access_destroy_object+0x65/0x170 [ 190.804449] iommufd_object_destroy_user+0x18e/0x220 [ 190.804976] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.805578] iommufd_access_destroy+0x43/0x70 [ 190.806055] iommufd_test_staccess_release+0x8d/0xd0 [ 190.806634] __fput+0x26d/0xa40 [ 190.806993] ____fput+0x1e/0x30 [ 190.807365] task_work_run+0x1a4/0x2d0 [ 190.807778] ? __pfx_task_work_run+0x10/0x10 [ 190.808686] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.809514] ? switch_task_namespaces+0xa9/0xe0 [ 190.810013] do_exit+0xb17/0x2ef0 [ 190.810368] ? lock_acquire+0x427/0x4c0 [ 190.810855] ? __pfx_lock_release+0x10/0x10 [ 190.811357] ? __kasan_check_write+0x18/0x20 [ 190.811814] ? do_raw_spin_lock+0x132/0x2a0 [ 190.812265] ? __pfx_do_exit+0x10/0x10 [ 190.812691] ? debug_smp_processor_id+0x20/0x30 [ 190.813228] ? rcu_is_watching+0x19/0xb0 [ 190.813795] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.814459] ? trace_hardirqs_on+0x26/0x120 [ 190.814959] do_group_exit+0xe0/0x2b0 [ 190.815388] __x64_sys_exit_group+0x47/0x50 [ 190.815839] do_syscall_64+0x3b/0x90 [ 190.816244] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.816787] RIP: 0033:0x7f4b87518a4d [ 190.817186] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.817831] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.818677] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.819699] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.820666] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.821407] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.822157] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.822941] [ 190.823211] irq event stamp: 0 [ 190.823537] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.824189] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.825075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.826219] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.827176] ---[ end trace 0000000000000000 ]--- [ 190.828083] ------------[ cut here ]------------ [ 190.828584] WARNING: CPU: 1 PID: 1812 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.829642] Modules linked in: [ 190.829981] CPU: 1 PID: 1812 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.830933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.832579] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.833129] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.835038] RSP: 0018:ffff88802455fb78 EFLAGS: 00010246 [ 190.835605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.836355] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 190.837289] RBP: ffff88802455fb98 R08: ffffed100489063e R09: ffffed100489063e [ 190.838320] R10: ffff8880244831ef R11: ffffed100489063d R12: ffff888024483290 [ 190.839141] R13: ffff8880244830a8 R14: ffffffffffffffff R15: ffff88802455fc60 [ 190.839887] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.840717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.841317] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 190.842065] PKRU: 55555554 [ 190.842465] Call Trace: [ 190.842864] [ 190.843252] iommufd_ioas_destroy+0x53/0x70 [ 190.843720] iommufd_fops_release+0x1f7/0x370 [ 190.844198] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.844724] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.845237] ? write_comp_data+0x2f/0x90 [ 190.845671] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.846191] __fput+0x26d/0xa40 [ 190.846586] ____fput+0x1e/0x30 [ 190.846947] task_work_run+0x1a4/0x2d0 [ 190.847382] ? __pfx_task_work_run+0x10/0x10 [ 190.847846] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.848523] ? switch_task_namespaces+0xa9/0xe0 [ 190.849235] do_exit+0xb17/0x2ef0 [ 190.849606] ? lock_acquire+0x427/0x4c0 [ 190.850029] ? __pfx_lock_release+0x10/0x10 [ 190.850481] ? __kasan_check_write+0x18/0x20 [ 190.850982] ? do_raw_spin_lock+0x132/0x2a0 [ 190.851444] ? __pfx_do_exit+0x10/0x10 [ 190.851856] ? debug_smp_processor_id+0x20/0x30 [ 190.852340] ? rcu_is_watching+0x19/0xb0 [ 190.852776] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.853311] ? trace_hardirqs_on+0x26/0x120 [ 190.853907] do_group_exit+0xe0/0x2b0 [ 190.854467] __x64_sys_exit_group+0x47/0x50 [ 190.854969] do_syscall_64+0x3b/0x90 [ 190.855393] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.855938] RIP: 0033:0x7f4b87518a4d [ 190.856325] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.856965] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.857752] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.858547] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.859528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.860544] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.861280] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.862023] [ 190.862266] irq event stamp: 0 [ 190.862624] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.863288] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.864155] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.865192] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.865939] ---[ end trace 0000000000000000 ]--- [ 190.870444] ------------[ cut here ]------------ [ 190.871077] WARNING: CPU: 1 PID: 1813 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.872148] Modules linked in: [ 190.872588] CPU: 1 PID: 1813 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.873568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.874795] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.875462] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.877338] RSP: 0018:ffff888021af7bb8 EFLAGS: 00010246 [ 190.878084] RAX: 0000000000000000 RBX: ffff8880181d20a8 RCX: 0000000000000000 [ 190.878840] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 190.879596] RBP: ffff888021af7bd0 R08: ffffed100303a433 R09: ffffed100303a433 [ 190.880498] R10: ffff8880181d2193 R11: ffffed100303a432 R12: ffff888018909800 [ 190.881233] R13: ffff8880181d21e8 R14: ffffffff8352e670 R15: ffff888021af7e68 [ 190.881961] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.883029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.883653] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 190.884395] PKRU: 55555554 [ 190.884691] Call Trace: [ 190.884962] [ 190.885265] __iommufd_access_detach+0x1c2/0x2b0 [ 190.885888] iommufd_access_change_pt+0x149/0x270 [ 190.886397] iommufd_access_replace+0xb4/0x120 [ 190.886920] iommufd_test+0x3e5/0x37e0 [ 190.887346] ? lock_release+0x532/0x770 [ 190.887768] ? __might_fault+0x102/0x1b0 [ 190.888389] ? lock_acquire+0x427/0x4c0 [ 190.888825] ? __pfx_iommufd_test+0x10/0x10 [ 190.889273] ? __pfx_lock_release+0x10/0x10 [ 190.889731] ? __pfx_lock_acquire+0x10/0x10 [ 190.890230] ? write_comp_data+0x2f/0x90 [ 190.890843] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.891381] ? write_comp_data+0x2f/0x90 [ 190.891823] iommufd_fops_ioctl+0x37d/0x510 [ 190.892278] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.892798] ? write_comp_data+0x2f/0x90 [ 190.893355] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 190.893906] __x64_sys_ioctl+0x1a3/0x230 [ 190.894340] do_syscall_64+0x3b/0x90 [ 190.894769] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.895333] RIP: 0033:0x7f4b8743ee5d [ 190.895725] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 190.897832] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 190.898843] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 190.899593] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 190.900319] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 190.901234] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 190.901985] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 190.902764] [ 190.903013] irq event stamp: 0 [ 190.903401] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.904264] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.905144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.906106] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.906838] ---[ end trace 0000000000000000 ]--- [ 190.910471] ------------[ cut here ]------------ [ 190.911081] WARNING: CPU: 1 PID: 1813 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.912386] Modules linked in: [ 190.912722] CPU: 1 PID: 1813 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.913622] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.915050] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.915573] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.917599] RSP: 0018:ffff888021af7bd0 EFLAGS: 00010246 [ 190.918135] RAX: 0000000000000000 RBX: ffff8880181d20a8 RCX: 0000000000000000 [ 190.918991] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 190.919765] RBP: ffff888021af7be8 R08: ffffed100303a433 R09: ffffed100303a433 [ 190.920486] R10: ffff8880181d2193 R11: ffffed100303a432 R12: ffff88800f1f0800 [ 190.921274] R13: ffff8880181d21e8 R14: ffff888020929700 R15: 0000000000000000 [ 190.922134] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.922975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.923583] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 190.924540] PKRU: 55555554 [ 190.924833] Call Trace: [ 190.925097] [ 190.925333] iommufd_access_destroy_object+0x65/0x170 [ 190.925872] iommufd_object_destroy_user+0x18e/0x220 [ 190.926542] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 190.927196] iommufd_access_destroy+0x43/0x70 [ 190.927670] iommufd_test_staccess_release+0x8d/0xd0 [ 190.928193] __fput+0x26d/0xa40 [ 190.928555] ____fput+0x1e/0x30 [ 190.928958] task_work_run+0x1a4/0x2d0 [ 190.929518] ? __pfx_task_work_run+0x10/0x10 [ 190.929982] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.930487] ? switch_task_namespaces+0xa9/0xe0 [ 190.931018] do_exit+0xb17/0x2ef0 [ 190.931404] ? lock_acquire+0x427/0x4c0 [ 190.931992] ? __pfx_lock_release+0x10/0x10 [ 190.932438] ? __kasan_check_write+0x18/0x20 [ 190.932897] ? do_raw_spin_lock+0x132/0x2a0 [ 190.933345] ? __pfx_do_exit+0x10/0x10 [ 190.933777] ? debug_smp_processor_id+0x20/0x30 [ 190.934416] ? rcu_is_watching+0x19/0xb0 [ 190.934861] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.935360] ? trace_hardirqs_on+0x26/0x120 [ 190.935806] do_group_exit+0xe0/0x2b0 [ 190.936199] __x64_sys_exit_group+0x47/0x50 [ 190.936757] do_syscall_64+0x3b/0x90 [ 190.937248] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.937793] RIP: 0033:0x7f4b87518a4d [ 190.938174] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.938842] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.939809] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.940547] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.941276] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.942193] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.942936] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.943703] [ 190.943945] irq event stamp: 0 [ 190.944323] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.945092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.945936] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.947025] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.947682] ---[ end trace 0000000000000000 ]--- [ 190.948647] ------------[ cut here ]------------ [ 190.949115] WARNING: CPU: 1 PID: 1813 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 190.950247] Modules linked in: [ 190.950577] CPU: 1 PID: 1813 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.951409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.952631] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 190.953122] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 190.955004] RSP: 0018:ffff888021af7b78 EFLAGS: 00010246 [ 190.955519] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.956203] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 190.957074] RBP: ffff888021af7b98 R08: ffffed100303a43e R09: ffffed100303a43e [ 190.957751] R10: ffff8880181d21ef R11: ffffed100303a43d R12: ffff8880181d2290 [ 190.958459] R13: ffff8880181d20a8 R14: ffffffffffffffff R15: ffff888021af7c60 [ 190.959291] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.960047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.960593] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 190.961439] PKRU: 55555554 [ 190.961708] Call Trace: [ 190.961951] [ 190.962167] iommufd_ioas_destroy+0x53/0x70 [ 190.962601] iommufd_fops_release+0x1f7/0x370 [ 190.963028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.963615] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.964203] ? write_comp_data+0x2f/0x90 [ 190.964595] ? __pfx_iommufd_fops_release+0x10/0x10 [ 190.965065] __fput+0x26d/0xa40 [ 190.965390] ____fput+0x1e/0x30 [ 190.965796] task_work_run+0x1a4/0x2d0 [ 190.966251] ? __pfx_task_work_run+0x10/0x10 [ 190.966702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 190.967180] ? switch_task_namespaces+0xa9/0xe0 [ 190.967627] do_exit+0xb17/0x2ef0 [ 190.967983] ? lock_acquire+0x427/0x4c0 [ 190.968498] ? __pfx_lock_release+0x10/0x10 [ 190.968917] ? __kasan_check_write+0x18/0x20 [ 190.969340] ? do_raw_spin_lock+0x132/0x2a0 [ 190.969749] ? __pfx_do_exit+0x10/0x10 [ 190.970169] ? debug_smp_processor_id+0x20/0x30 [ 190.970739] ? rcu_is_watching+0x19/0xb0 [ 190.971153] ? _raw_spin_unlock_irq+0x2b/0x60 [ 190.971587] ? trace_hardirqs_on+0x26/0x120 [ 190.972000] do_group_exit+0xe0/0x2b0 [ 190.972364] __x64_sys_exit_group+0x47/0x50 [ 190.972864] do_syscall_64+0x3b/0x90 [ 190.973278] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 190.973774] RIP: 0033:0x7f4b87518a4d [ 190.974126] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 190.974771] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 190.975604] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 190.976272] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 190.976936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 190.977768] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 190.978448] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 190.979170] [ 190.979396] irq event stamp: 0 [ 190.979728] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 190.980431] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 190.981223] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 190.982105] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 190.982765] ---[ end trace 0000000000000000 ]--- [ 190.987812] ------------[ cut here ]------------ [ 190.988422] WARNING: CPU: 1 PID: 1814 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 190.989397] Modules linked in: [ 190.989695] CPU: 1 PID: 1814 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 190.990747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 190.991820] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 190.992291] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 190.994166] RSP: 0018:ffff88802455fbb8 EFLAGS: 00010246 [ 190.994692] RAX: 0000000000000000 RBX: ffff888023e8a0a8 RCX: 0000000000000000 [ 190.995382] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 190.996028] RBP: ffff88802455fbd0 R08: ffffed10047d1433 R09: ffffed10047d1433 [ 190.996683] R10: ffff888023e8a193 R11: ffffed10047d1432 R12: ffff88801888c000 [ 190.997336] R13: ffff888023e8a1e8 R14: ffffffff8352e670 R15: ffff88802455fe68 [ 190.997987] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 190.998736] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.999280] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 190.999936] PKRU: 55555554 [ 191.000197] Call Trace: [ 191.000434] [ 191.000643] __iommufd_access_detach+0x1c2/0x2b0 [ 191.001096] iommufd_access_change_pt+0x149/0x270 [ 191.001552] iommufd_access_replace+0xb4/0x120 [ 191.001990] iommufd_test+0x3e5/0x37e0 [ 191.002350] ? lock_release+0x532/0x770 [ 191.002747] ? __might_fault+0x102/0x1b0 [ 191.003142] ? lock_acquire+0x427/0x4c0 [ 191.003520] ? __pfx_iommufd_test+0x10/0x10 [ 191.003903] ? __pfx_lock_release+0x10/0x10 [ 191.004283] ? __pfx_lock_acquire+0x10/0x10 [ 191.004672] ? write_comp_data+0x2f/0x90 [ 191.005045] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.005476] ? write_comp_data+0x2f/0x90 [ 191.005840] iommufd_fops_ioctl+0x37d/0x510 [ 191.006227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.006679] ? write_comp_data+0x2f/0x90 [ 191.007051] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.007487] __x64_sys_ioctl+0x1a3/0x230 [ 191.007849] do_syscall_64+0x3b/0x90 [ 191.008184] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.008643] RIP: 0033:0x7f4b8743ee5d [ 191.008979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.010577] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.011260] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.011890] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.012611] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.013326] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.013967] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.014642] [ 191.014932] irq event stamp: 0 [ 191.015227] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.015778] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.016505] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.017315] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.017959] ---[ end trace 0000000000000000 ]--- [ 191.021055] ------------[ cut here ]------------ [ 191.021493] WARNING: CPU: 1 PID: 1814 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.022580] Modules linked in: [ 191.022864] CPU: 1 PID: 1814 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.023634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.024604] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.025037] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.026632] RSP: 0018:ffff88802455fbd0 EFLAGS: 00010246 [ 191.027096] RAX: 0000000000000000 RBX: ffff888023e8a0a8 RCX: 0000000000000000 [ 191.027723] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 191.028338] RBP: ffff88802455fbe8 R08: ffffed10047d1433 R09: ffffed10047d1433 [ 191.028948] R10: ffff888023e8a193 R11: ffffed10047d1432 R12: ffff888018909000 [ 191.029554] R13: ffff888023e8a1e8 R14: ffff88800f0a9a00 R15: 0000000000000000 [ 191.030164] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 191.030873] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.031382] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 191.032009] PKRU: 55555554 [ 191.032262] Call Trace: [ 191.032491] [ 191.032690] iommufd_access_destroy_object+0x65/0x170 [ 191.033152] iommufd_object_destroy_user+0x18e/0x220 [ 191.033603] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.034116] iommufd_access_destroy+0x43/0x70 [ 191.034537] iommufd_test_staccess_release+0x8d/0xd0 [ 191.034993] __fput+0x26d/0xa40 [ 191.035305] ____fput+0x1e/0x30 [ 191.035602] task_work_run+0x1a4/0x2d0 [ 191.035952] ? __pfx_task_work_run+0x10/0x10 [ 191.036341] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.036775] ? switch_task_namespaces+0xa9/0xe0 [ 191.037197] do_exit+0xb17/0x2ef0 [ 191.037502] ? lock_acquire+0x427/0x4c0 [ 191.037856] ? __pfx_lock_release+0x10/0x10 [ 191.038241] ? __kasan_check_write+0x18/0x20 [ 191.038649] ? do_raw_spin_lock+0x132/0x2a0 [ 191.039027] ? __pfx_do_exit+0x10/0x10 [ 191.039390] ? debug_smp_processor_id+0x20/0x30 [ 191.039793] ? rcu_is_watching+0x19/0xb0 [ 191.040145] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.040537] ? trace_hardirqs_on+0x26/0x120 [ 191.040920] do_group_exit+0xe0/0x2b0 [ 191.041258] __x64_sys_exit_group+0x47/0x50 [ 191.041636] do_syscall_64+0x3b/0x90 [ 191.041968] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.042425] RIP: 0033:0x7f4b87518a4d [ 191.042782] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.043335] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.043995] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.044616] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.045231] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.045832] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.046442] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.047075] [ 191.047290] irq event stamp: 0 [ 191.047568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.048111] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.048810] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.049507] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.050012] ---[ end trace 0000000000000000 ]--- [ 191.050765] ------------[ cut here ]------------ [ 191.051154] WARNING: CPU: 1 PID: 1814 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.051980] Modules linked in: [ 191.052238] CPU: 1 PID: 1814 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.052935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.053853] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.054268] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.055795] RSP: 0018:ffff88802455fb78 EFLAGS: 00010246 [ 191.056233] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.056801] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 191.057371] RBP: ffff88802455fb98 R08: ffffed10047d143e R09: ffffed10047d143e [ 191.057939] R10: ffff888023e8a1ef R11: ffffed10047d143d R12: ffff888023e8a290 [ 191.058526] R13: ffff888023e8a0a8 R14: ffffffffffffffff R15: ffff88802455fc60 [ 191.059097] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 191.059747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.060210] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 191.060780] PKRU: 55555554 [ 191.061007] Call Trace: [ 191.061212] [ 191.061394] iommufd_ioas_destroy+0x53/0x70 [ 191.061748] iommufd_fops_release+0x1f7/0x370 [ 191.062114] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.062535] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.062944] ? write_comp_data+0x2f/0x90 [ 191.063293] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.063701] __fput+0x26d/0xa40 [ 191.063981] ____fput+0x1e/0x30 [ 191.064258] task_work_run+0x1a4/0x2d0 [ 191.064582] ? __pfx_task_work_run+0x10/0x10 [ 191.064949] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.065349] ? switch_task_namespaces+0xa9/0xe0 [ 191.065744] do_exit+0xb17/0x2ef0 [ 191.066026] ? lock_acquire+0x427/0x4c0 [ 191.066357] ? __pfx_lock_release+0x10/0x10 [ 191.066732] ? __kasan_check_write+0x18/0x20 [ 191.067097] ? do_raw_spin_lock+0x132/0x2a0 [ 191.067464] ? __pfx_do_exit+0x10/0x10 [ 191.067788] ? debug_smp_processor_id+0x20/0x30 [ 191.068168] ? rcu_is_watching+0x19/0xb0 [ 191.068500] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.068868] ? trace_hardirqs_on+0x26/0x120 [ 191.069225] do_group_exit+0xe0/0x2b0 [ 191.069545] __x64_sys_exit_group+0x47/0x50 [ 191.069897] do_syscall_64+0x3b/0x90 [ 191.070211] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.070658] RIP: 0033:0x7f4b87518a4d [ 191.070970] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.071478] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.072085] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.072653] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.073220] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.073800] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.074369] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.074967] [ 191.075171] irq event stamp: 0 [ 191.075429] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.075938] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.076619] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.077285] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.077790] ---[ end trace 0000000000000000 ]--- [ 191.081935] ------------[ cut here ]------------ [ 191.082368] WARNING: CPU: 0 PID: 1815 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.083275] Modules linked in: [ 191.083541] CPU: 0 PID: 1815 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.084249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.085157] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.085558] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.087050] RSP: 0018:ffff888021af7bb8 EFLAGS: 00010246 [ 191.087486] RAX: 0000000000000000 RBX: ffff8880147008a8 RCX: 0000000000000000 [ 191.088051] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 191.088623] RBP: ffff888021af7bd0 R08: ffffed10028e0133 R09: ffffed10028e0133 [ 191.089191] R10: ffff888014700993 R11: ffffed10028e0132 R12: ffff8880129cac00 [ 191.089761] R13: ffff8880147009e8 R14: ffffffff8352e670 R15: ffff888021af7e68 [ 191.090326] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.090987] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.091455] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 191.092031] PKRU: 55555554 [ 191.092259] Call Trace: [ 191.092463] [ 191.092645] __iommufd_access_detach+0x1c2/0x2b0 [ 191.093040] iommufd_access_change_pt+0x149/0x270 [ 191.093437] iommufd_access_replace+0xb4/0x120 [ 191.093809] iommufd_test+0x3e5/0x37e0 [ 191.094116] ? lock_release+0x532/0x770 [ 191.094440] ? __might_fault+0x102/0x1b0 [ 191.094790] ? lock_acquire+0x427/0x4c0 [ 191.095122] ? __pfx_iommufd_test+0x10/0x10 [ 191.095464] ? __pfx_lock_release+0x10/0x10 [ 191.095815] ? __pfx_lock_acquire+0x10/0x10 [ 191.096164] ? write_comp_data+0x2f/0x90 [ 191.096495] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.096889] ? write_comp_data+0x2f/0x90 [ 191.097220] iommufd_fops_ioctl+0x37d/0x510 [ 191.097571] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.097965] ? write_comp_data+0x2f/0x90 [ 191.098298] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.098706] __x64_sys_ioctl+0x1a3/0x230 [ 191.099047] do_syscall_64+0x3b/0x90 [ 191.099360] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.099775] RIP: 0033:0x7f4b8743ee5d [ 191.100068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.101496] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.102095] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.102672] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.103245] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.103798] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.104360] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.104899] [ 191.105075] irq event stamp: 0 [ 191.105327] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.105821] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.106480] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.107167] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.107664] ---[ end trace 0000000000000000 ]--- [ 191.110400] ------------[ cut here ]------------ [ 191.110836] WARNING: CPU: 0 PID: 1815 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.111641] Modules linked in: [ 191.111900] CPU: 0 PID: 1815 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.112585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.113463] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.113861] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.115315] RSP: 0018:ffff888021af7bd0 EFLAGS: 00010246 [ 191.115739] RAX: 0000000000000000 RBX: ffff8880147008a8 RCX: 0000000000000000 [ 191.116295] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 191.116854] RBP: ffff888021af7be8 R08: ffffed10028e0133 R09: ffffed10028e0133 [ 191.117412] R10: ffff888014700993 R11: ffffed10028e0132 R12: ffff888017b29c00 [ 191.117970] R13: ffff8880147009e8 R14: ffff888020984500 R15: 0000000000000000 [ 191.118553] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.119198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.119656] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.120220] PKRU: 55555554 [ 191.120446] Call Trace: [ 191.120649] [ 191.120832] iommufd_access_destroy_object+0x65/0x170 [ 191.121246] iommufd_object_destroy_user+0x18e/0x220 [ 191.121659] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.122125] iommufd_access_destroy+0x43/0x70 [ 191.122492] iommufd_test_staccess_release+0x8d/0xd0 [ 191.122932] __fput+0x26d/0xa40 [ 191.123216] ____fput+0x1e/0x30 [ 191.123496] task_work_run+0x1a4/0x2d0 [ 191.123815] ? __pfx_task_work_run+0x10/0x10 [ 191.124170] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.124567] ? switch_task_namespaces+0xa9/0xe0 [ 191.124948] do_exit+0xb17/0x2ef0 [ 191.125224] ? lock_acquire+0x427/0x4c0 [ 191.125551] ? __pfx_lock_release+0x10/0x10 [ 191.125901] ? __kasan_check_write+0x18/0x20 [ 191.126253] ? do_raw_spin_lock+0x132/0x2a0 [ 191.126620] ? __pfx_do_exit+0x10/0x10 [ 191.126943] ? debug_smp_processor_id+0x20/0x30 [ 191.127325] ? rcu_is_watching+0x19/0xb0 [ 191.127657] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.128019] ? trace_hardirqs_on+0x26/0x120 [ 191.128371] do_group_exit+0xe0/0x2b0 [ 191.128680] __x64_sys_exit_group+0x47/0x50 [ 191.129021] do_syscall_64+0x3b/0x90 [ 191.129326] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.129742] RIP: 0033:0x7f4b87518a4d [ 191.130037] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.130548] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.131156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.131714] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.132272] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.132832] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.133392] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.133960] [ 191.134147] irq event stamp: 0 [ 191.134398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.134929] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.135601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.136258] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.136751] ---[ end trace 0000000000000000 ]--- [ 191.137461] ------------[ cut here ]------------ [ 191.137838] WARNING: CPU: 0 PID: 1815 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.138667] Modules linked in: [ 191.138931] CPU: 0 PID: 1815 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.139629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.140514] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.140922] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.142353] RSP: 0018:ffff888021af7b78 EFLAGS: 00010246 [ 191.142797] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.143378] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 191.143945] RBP: ffff888021af7b98 R08: ffffed10028e013e R09: ffffed10028e013e [ 191.144517] R10: ffff8880147009ef R11: ffffed10028e013d R12: ffff888014700a90 [ 191.145085] R13: ffff8880147008a8 R14: ffffffffffffffff R15: ffff888021af7c60 [ 191.145652] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.146286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.146779] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.147353] PKRU: 55555554 [ 191.147583] Call Trace: [ 191.147788] [ 191.147969] iommufd_ioas_destroy+0x53/0x70 [ 191.148325] iommufd_fops_release+0x1f7/0x370 [ 191.148694] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.149097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.149496] ? write_comp_data+0x2f/0x90 [ 191.149831] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.150228] __fput+0x26d/0xa40 [ 191.150533] ____fput+0x1e/0x30 [ 191.150809] task_work_run+0x1a4/0x2d0 [ 191.151133] ? __pfx_task_work_run+0x10/0x10 [ 191.151492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.151886] ? switch_task_namespaces+0xa9/0xe0 [ 191.152269] do_exit+0xb17/0x2ef0 [ 191.152546] ? lock_acquire+0x427/0x4c0 [ 191.152876] ? __pfx_lock_release+0x10/0x10 [ 191.153225] ? __kasan_check_write+0x18/0x20 [ 191.153579] ? do_raw_spin_lock+0x132/0x2a0 [ 191.153923] ? __pfx_do_exit+0x10/0x10 [ 191.154242] ? debug_smp_processor_id+0x20/0x30 [ 191.154640] ? rcu_is_watching+0x19/0xb0 [ 191.154971] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.155343] ? trace_hardirqs_on+0x26/0x120 [ 191.155695] do_group_exit+0xe0/0x2b0 [ 191.155998] __x64_sys_exit_group+0x47/0x50 [ 191.156339] do_syscall_64+0x3b/0x90 [ 191.156641] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.157059] RIP: 0033:0x7f4b87518a4d [ 191.157356] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.157842] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.158438] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.159023] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.159594] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.160158] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.160717] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.161288] [ 191.161474] irq event stamp: 0 [ 191.161723] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.162217] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.162928] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.163599] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.164093] ---[ end trace 0000000000000000 ]--- [ 191.168865] ------------[ cut here ]------------ [ 191.169264] WARNING: CPU: 0 PID: 1816 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.170038] Modules linked in: [ 191.170284] CPU: 0 PID: 1816 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.171106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.171986] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.172366] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.173748] RSP: 0018:ffff88802455fbb8 EFLAGS: 00010246 [ 191.174161] RAX: 0000000000000000 RBX: ffff8880171b88a8 RCX: 0000000000000000 [ 191.174727] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 191.175276] RBP: ffff88802455fbd0 R08: ffffed1002e37133 R09: ffffed1002e37133 [ 191.175818] R10: ffff8880171b8993 R11: ffffed1002e37132 R12: ffff88801422f000 [ 191.176357] R13: ffff8880171b89e8 R14: ffffffff8352e670 R15: ffff88802455fe68 [ 191.176904] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.177525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.177972] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ef0 [ 191.178539] PKRU: 55555554 [ 191.178757] Call Trace: [ 191.178955] [ 191.179135] __iommufd_access_detach+0x1c2/0x2b0 [ 191.179517] iommufd_access_change_pt+0x149/0x270 [ 191.179902] iommufd_access_replace+0xb4/0x120 [ 191.180267] iommufd_test+0x3e5/0x37e0 [ 191.180571] ? lock_release+0x532/0x770 [ 191.180887] ? __might_fault+0x102/0x1b0 [ 191.181218] ? lock_acquire+0x427/0x4c0 [ 191.181536] ? __pfx_iommufd_test+0x10/0x10 [ 191.181870] ? __pfx_lock_release+0x10/0x10 [ 191.182213] ? __pfx_lock_acquire+0x10/0x10 [ 191.182576] ? write_comp_data+0x2f/0x90 [ 191.182901] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.183290] ? write_comp_data+0x2f/0x90 [ 191.183619] iommufd_fops_ioctl+0x37d/0x510 [ 191.183957] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.184337] ? write_comp_data+0x2f/0x90 [ 191.184662] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.185038] __x64_sys_ioctl+0x1a3/0x230 [ 191.185362] do_syscall_64+0x3b/0x90 [ 191.185666] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.186076] RIP: 0033:0x7f4b8743ee5d [ 191.186369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.187790] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.188369] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.188902] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.189439] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.189968] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.190501] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.191068] [ 191.191256] irq event stamp: 0 [ 191.191500] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.191981] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.192619] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.193254] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.193732] ---[ end trace 0000000000000000 ]--- [ 191.196474] ------------[ cut here ]------------ [ 191.196858] WARNING: CPU: 0 PID: 1816 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.197635] Modules linked in: [ 191.197882] CPU: 0 PID: 1816 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.198765] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.199618] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.199995] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.201350] RSP: 0018:ffff88802455fbd0 EFLAGS: 00010246 [ 191.201754] RAX: 0000000000000000 RBX: ffff8880171b88a8 RCX: 0000000000000000 [ 191.202284] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 191.202832] RBP: ffff88802455fbe8 R08: ffffed1002e37133 R09: ffffed1002e37133 [ 191.203371] R10: ffff8880171b8993 R11: ffffed1002e37132 R12: ffff8880129ca000 [ 191.203909] R13: ffff8880171b89e8 R14: ffff88800f5cb500 R15: 0000000000000000 [ 191.204442] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.205046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.205484] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.206017] PKRU: 55555554 [ 191.206235] Call Trace: [ 191.206430] [ 191.206622] iommufd_access_destroy_object+0x65/0x170 [ 191.207022] iommufd_object_destroy_user+0x18e/0x220 [ 191.207428] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.207875] iommufd_access_destroy+0x43/0x70 [ 191.208224] iommufd_test_staccess_release+0x8d/0xd0 [ 191.208617] __fput+0x26d/0xa40 [ 191.208882] ____fput+0x1e/0x30 [ 191.209142] task_work_run+0x1a4/0x2d0 [ 191.209444] ? __pfx_task_work_run+0x10/0x10 [ 191.209783] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.210156] ? switch_task_namespaces+0xa9/0xe0 [ 191.210539] do_exit+0xb17/0x2ef0 [ 191.210806] ? lock_acquire+0x427/0x4c0 [ 191.211124] ? __pfx_lock_release+0x10/0x10 [ 191.211466] ? __kasan_check_write+0x18/0x20 [ 191.211805] ? do_raw_spin_lock+0x132/0x2a0 [ 191.212134] ? __pfx_do_exit+0x10/0x10 [ 191.212437] ? debug_smp_processor_id+0x20/0x30 [ 191.212792] ? rcu_is_watching+0x19/0xb0 [ 191.213105] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.213456] ? trace_hardirqs_on+0x26/0x120 [ 191.213787] do_group_exit+0xe0/0x2b0 [ 191.214080] __x64_sys_exit_group+0x47/0x50 [ 191.214404] do_syscall_64+0x3b/0x90 [ 191.214731] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.215134] RIP: 0033:0x7f4b87518a4d [ 191.215421] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.215881] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.216453] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.216984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.217515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.218045] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.218604] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.219158] [ 191.219336] irq event stamp: 0 [ 191.219573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.220045] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.220679] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.221305] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.221778] ---[ end trace 0000000000000000 ]--- [ 191.222454] ------------[ cut here ]------------ [ 191.222835] WARNING: CPU: 0 PID: 1816 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.223611] Modules linked in: [ 191.223855] CPU: 0 PID: 1816 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.224518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.225359] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.225750] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.227137] RSP: 0018:ffff88802455fb78 EFLAGS: 00010246 [ 191.227542] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.228075] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 191.228611] RBP: ffff88802455fb98 R08: ffffed1002e3713e R09: ffffed1002e3713e [ 191.229140] R10: ffff8880171b89ef R11: ffffed1002e3713d R12: ffff8880171b8a90 [ 191.229674] R13: ffff8880171b88a8 R14: ffffffffffffffff R15: ffff88802455fc60 [ 191.230205] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.230827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.231273] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.231811] PKRU: 55555554 [ 191.232027] Call Trace: [ 191.232227] [ 191.232401] iommufd_ioas_destroy+0x53/0x70 [ 191.232732] iommufd_fops_release+0x1f7/0x370 [ 191.233076] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.233455] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.233828] ? write_comp_data+0x2f/0x90 [ 191.234145] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.234542] __fput+0x26d/0xa40 [ 191.234805] ____fput+0x1e/0x30 [ 191.235062] task_work_run+0x1a4/0x2d0 [ 191.235371] ? __pfx_task_work_run+0x10/0x10 [ 191.235708] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.236083] ? switch_task_namespaces+0xa9/0xe0 [ 191.236451] do_exit+0xb17/0x2ef0 [ 191.236713] ? lock_acquire+0x427/0x4c0 [ 191.237021] ? __pfx_lock_release+0x10/0x10 [ 191.237352] ? __kasan_check_write+0x18/0x20 [ 191.237686] ? do_raw_spin_lock+0x132/0x2a0 [ 191.238010] ? __pfx_do_exit+0x10/0x10 [ 191.238310] ? debug_smp_processor_id+0x20/0x30 [ 191.238685] ? rcu_is_watching+0x19/0xb0 [ 191.238999] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.239351] ? trace_hardirqs_on+0x26/0x120 [ 191.239687] do_group_exit+0xe0/0x2b0 [ 191.239976] __x64_sys_exit_group+0x47/0x50 [ 191.240300] do_syscall_64+0x3b/0x90 [ 191.240590] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.240987] RIP: 0033:0x7f4b87518a4d [ 191.241267] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.241730] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.242301] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.242855] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.243397] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.243938] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.244473] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.245013] [ 191.245189] irq event stamp: 0 [ 191.245425] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.245898] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.246546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.247185] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.247654] ---[ end trace 0000000000000000 ]--- [ 191.251685] ------------[ cut here ]------------ [ 191.252086] WARNING: CPU: 0 PID: 1817 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.252856] Modules linked in: [ 191.253102] CPU: 0 PID: 1817 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.253772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.254680] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.255058] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.256450] RSP: 0018:ffff888017b4fbb8 EFLAGS: 00010246 [ 191.256854] RAX: 0000000000000000 RBX: ffff888015d2c8a8 RCX: 0000000000000000 [ 191.257401] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 191.257940] RBP: ffff888017b4fbd0 R08: ffffed1002ba5933 R09: ffffed1002ba5933 [ 191.258478] R10: ffff888015d2c993 R11: ffffed1002ba5932 R12: ffff888010c0bc00 [ 191.259039] R13: ffff888015d2c9e8 R14: ffffffff8352e670 R15: ffff888017b4fe68 [ 191.259589] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.260200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.260644] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 191.261183] PKRU: 55555554 [ 191.261399] Call Trace: [ 191.261594] [ 191.261768] __iommufd_access_detach+0x1c2/0x2b0 [ 191.262145] iommufd_access_change_pt+0x149/0x270 [ 191.262546] iommufd_access_replace+0xb4/0x120 [ 191.262910] iommufd_test+0x3e5/0x37e0 [ 191.263222] ? lock_release+0x532/0x770 [ 191.263540] ? __might_fault+0x102/0x1b0 [ 191.263859] ? lock_acquire+0x427/0x4c0 [ 191.264174] ? __pfx_iommufd_test+0x10/0x10 [ 191.264502] ? __pfx_lock_release+0x10/0x10 [ 191.264841] ? __pfx_lock_acquire+0x10/0x10 [ 191.265181] ? write_comp_data+0x2f/0x90 [ 191.265500] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.265876] ? write_comp_data+0x2f/0x90 [ 191.266197] iommufd_fops_ioctl+0x37d/0x510 [ 191.266553] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.266934] ? write_comp_data+0x2f/0x90 [ 191.267260] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.267638] __x64_sys_ioctl+0x1a3/0x230 [ 191.267960] do_syscall_64+0x3b/0x90 [ 191.268257] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.268663] RIP: 0033:0x7f4b8743ee5d [ 191.268952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.270825] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.271418] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.271956] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.272495] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.273097] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.273752] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.274301] [ 191.274483] irq event stamp: 0 [ 191.274750] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.275241] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.275879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.276595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.277185] ---[ end trace 0000000000000000 ]--- [ 191.280057] ------------[ cut here ]------------ [ 191.280426] WARNING: CPU: 0 PID: 1817 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.281197] Modules linked in: [ 191.281445] CPU: 0 PID: 1817 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.282132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.283345] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.283749] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.285169] RSP: 0018:ffff888017b4fbd0 EFLAGS: 00010246 [ 191.285592] RAX: 0000000000000000 RBX: ffff888015d2c8a8 RCX: 0000000000000000 [ 191.286219] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 191.286917] RBP: ffff888017b4fbe8 R08: ffffed1002ba5933 R09: ffffed1002ba5933 [ 191.287482] R10: ffff888015d2c993 R11: ffffed1002ba5932 R12: ffff88801422cc00 [ 191.288035] R13: ffff888015d2c9e8 R14: ffff888020862c00 R15: 0000000000000000 [ 191.288591] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.289220] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.289831] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.290393] PKRU: 55555554 [ 191.290643] Call Trace: [ 191.290847] [ 191.291026] iommufd_access_destroy_object+0x65/0x170 [ 191.291449] iommufd_object_destroy_user+0x18e/0x220 [ 191.291855] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.292314] iommufd_access_destroy+0x43/0x70 [ 191.292675] iommufd_test_staccess_release+0x8d/0xd0 [ 191.293139] __fput+0x26d/0xa40 [ 191.293504] ____fput+0x1e/0x30 [ 191.293776] task_work_run+0x1a4/0x2d0 [ 191.294093] ? __pfx_task_work_run+0x10/0x10 [ 191.294450] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.294858] ? switch_task_namespaces+0xa9/0xe0 [ 191.295247] do_exit+0xb17/0x2ef0 [ 191.295527] ? lock_acquire+0x427/0x4c0 [ 191.295853] ? __pfx_lock_release+0x10/0x10 [ 191.296199] ? __kasan_check_write+0x18/0x20 [ 191.296550] ? do_raw_spin_lock+0x132/0x2a0 [ 191.296958] ? __pfx_do_exit+0x10/0x10 [ 191.297380] ? debug_smp_processor_id+0x20/0x30 [ 191.297753] ? rcu_is_watching+0x19/0xb0 [ 191.298078] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.298440] ? trace_hardirqs_on+0x26/0x120 [ 191.298810] do_group_exit+0xe0/0x2b0 [ 191.299112] __x64_sys_exit_group+0x47/0x50 [ 191.299461] do_syscall_64+0x3b/0x90 [ 191.299766] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.300183] RIP: 0033:0x7f4b87518a4d [ 191.300508] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.301127] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.301733] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.302293] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.302877] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.303441] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.304030] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.304711] [ 191.304898] irq event stamp: 0 [ 191.305145] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.305642] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.306293] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.307000] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.307633] ---[ end trace 0000000000000000 ]--- [ 191.308338] ------------[ cut here ]------------ [ 191.308712] WARNING: CPU: 0 PID: 1817 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.309510] Modules linked in: [ 191.309762] CPU: 0 PID: 1817 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.310549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.311530] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.311940] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.313356] RSP: 0018:ffff888017b4fb78 EFLAGS: 00010246 [ 191.313937] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.314492] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 191.315088] RBP: ffff888017b4fb98 R08: ffffed1002ba593e R09: ffffed1002ba593e [ 191.315654] R10: ffff888015d2c9ef R11: ffffed1002ba593d R12: ffff888015d2ca90 [ 191.316210] R13: ffff888015d2c8a8 R14: ffffffffffffffff R15: ffff888017b4fc60 [ 191.316770] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.317577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.318041] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.318641] PKRU: 55555554 [ 191.318871] Call Trace: [ 191.319076] [ 191.319267] iommufd_ioas_destroy+0x53/0x70 [ 191.319624] iommufd_fops_release+0x1f7/0x370 [ 191.319994] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.320395] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.320879] ? write_comp_data+0x2f/0x90 [ 191.321330] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.321745] __fput+0x26d/0xa40 [ 191.322035] ____fput+0x1e/0x30 [ 191.322321] task_work_run+0x1a4/0x2d0 [ 191.322676] ? __pfx_task_work_run+0x10/0x10 [ 191.323046] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.323464] ? switch_task_namespaces+0xa9/0xe0 [ 191.323857] do_exit+0xb17/0x2ef0 [ 191.324149] ? lock_acquire+0x427/0x4c0 [ 191.324490] ? __pfx_lock_release+0x10/0x10 [ 191.325010] ? __kasan_check_write+0x18/0x20 [ 191.325380] ? do_raw_spin_lock+0x132/0x2a0 [ 191.325736] ? __pfx_do_exit+0x10/0x10 [ 191.326066] ? debug_smp_processor_id+0x20/0x30 [ 191.326455] ? rcu_is_watching+0x19/0xb0 [ 191.326819] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.327259] ? trace_hardirqs_on+0x26/0x120 [ 191.327636] do_group_exit+0xe0/0x2b0 [ 191.327958] __x64_sys_exit_group+0x47/0x50 [ 191.328317] do_syscall_64+0x3b/0x90 [ 191.328834] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.329271] RIP: 0033:0x7f4b87518a4d [ 191.329576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.330079] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.330729] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.331327] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.331910] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.332664] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.333248] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.333836] [ 191.334029] irq event stamp: 0 [ 191.334291] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.334834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.335694] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.336381] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.336897] ---[ end trace 0000000000000000 ]--- [ 191.342252] ------------[ cut here ]------------ [ 191.342981] WARNING: CPU: 1 PID: 1818 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.344149] Modules linked in: [ 191.344611] CPU: 1 PID: 1818 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.345593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.346972] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.347558] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.349675] RSP: 0018:ffff88802455fbb8 EFLAGS: 00010246 [ 191.350375] RAX: 0000000000000000 RBX: ffff888017a650a8 RCX: 0000000000000000 [ 191.351211] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 191.352078] RBP: ffff88802455fbd0 R08: ffffed1002f4ca33 R09: ffffed1002f4ca33 [ 191.352924] R10: ffff888017a65193 R11: ffffed1002f4ca32 R12: ffff888020d1b400 [ 191.353722] R13: ffff888017a651e8 R14: ffffffff8352e670 R15: ffff88802455fe68 [ 191.354657] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 191.355569] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.356322] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 191.357123] PKRU: 55555554 [ 191.357451] Call Trace: [ 191.357803] [ 191.358120] __iommufd_access_detach+0x1c2/0x2b0 [ 191.358707] iommufd_access_change_pt+0x149/0x270 [ 191.359313] iommufd_access_replace+0xb4/0x120 [ 191.359978] iommufd_test+0x3e5/0x37e0 [ 191.360440] ? lock_release+0x532/0x770 [ 191.360925] ? __might_fault+0x102/0x1b0 [ 191.361429] ? lock_acquire+0x427/0x4c0 [ 191.361950] ? __pfx_iommufd_test+0x10/0x10 [ 191.362443] ? __pfx_lock_release+0x10/0x10 [ 191.362972] ? __pfx_lock_acquire+0x10/0x10 [ 191.363589] ? write_comp_data+0x2f/0x90 [ 191.364069] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.364631] ? write_comp_data+0x2f/0x90 [ 191.365127] iommufd_fops_ioctl+0x37d/0x510 [ 191.365707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.366291] ? write_comp_data+0x2f/0x90 [ 191.366871] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.367434] __x64_sys_ioctl+0x1a3/0x230 [ 191.367786] do_syscall_64+0x3b/0x90 [ 191.368097] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.368635] RIP: 0033:0x7f4b8743ee5d [ 191.368945] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.370550] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.371178] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.371748] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.372377] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.373025] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.373600] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.374200] [ 191.374474] irq event stamp: 0 [ 191.374759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.375303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.375986] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.376731] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.377301] ---[ end trace 0000000000000000 ]--- [ 191.380228] ------------[ cut here ]------------ [ 191.380643] WARNING: CPU: 1 PID: 1818 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.381588] Modules linked in: [ 191.381851] CPU: 1 PID: 1818 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.382825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.383872] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.384281] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.385896] RSP: 0018:ffff88802455fbd0 EFLAGS: 00010246 [ 191.386351] RAX: 0000000000000000 RBX: ffff888017a650a8 RCX: 0000000000000000 [ 191.387010] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 191.387709] RBP: ffff88802455fbe8 R08: ffffed1002f4ca33 R09: ffffed1002f4ca33 [ 191.388308] R10: ffff888017a65193 R11: ffffed1002f4ca32 R12: ffff88801888f000 [ 191.388911] R13: ffff888017a651e8 R14: ffff88800fd4f900 R15: 0000000000000000 [ 191.389771] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 191.390449] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.390962] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 191.391666] PKRU: 55555554 [ 191.391968] Call Trace: [ 191.392186] [ 191.392382] iommufd_access_destroy_object+0x65/0x170 [ 191.392827] iommufd_object_destroy_user+0x18e/0x220 [ 191.393265] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.393849] iommufd_access_destroy+0x43/0x70 [ 191.394349] iommufd_test_staccess_release+0x8d/0xd0 [ 191.394827] __fput+0x26d/0xa40 [ 191.395144] ____fput+0x1e/0x30 [ 191.395447] task_work_run+0x1a4/0x2d0 [ 191.395797] ? __pfx_task_work_run+0x10/0x10 [ 191.396265] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.396796] ? switch_task_namespaces+0xa9/0xe0 [ 191.397207] do_exit+0xb17/0x2ef0 [ 191.397512] ? lock_acquire+0x427/0x4c0 [ 191.397867] ? __pfx_lock_release+0x10/0x10 [ 191.398327] ? __kasan_check_write+0x18/0x20 [ 191.398817] ? do_raw_spin_lock+0x132/0x2a0 [ 191.399204] ? __pfx_do_exit+0x10/0x10 [ 191.399550] ? debug_smp_processor_id+0x20/0x30 [ 191.399957] ? rcu_is_watching+0x19/0xb0 [ 191.400316] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.400796] ? trace_hardirqs_on+0x26/0x120 [ 191.401247] do_group_exit+0xe0/0x2b0 [ 191.401588] __x64_sys_exit_group+0x47/0x50 [ 191.401965] do_syscall_64+0x3b/0x90 [ 191.402302] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.402905] RIP: 0033:0x7f4b87518a4d [ 191.403236] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.403771] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.404431] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.405090] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.405823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.406442] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.407086] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.407827] [ 191.408127] irq event stamp: 0 [ 191.408399] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.408941] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.409682] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.410563] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.411122] ---[ end trace 0000000000000000 ]--- [ 191.412006] ------------[ cut here ]------------ [ 191.412504] WARNING: CPU: 1 PID: 1818 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.413459] Modules linked in: [ 191.413739] CPU: 1 PID: 1818 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.414659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.415642] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.416087] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.417810] RSP: 0018:ffff88802455fb78 EFLAGS: 00010246 [ 191.418272] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.419091] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 191.419716] RBP: ffff88802455fb98 R08: ffffed1002f4ca3e R09: ffffed1002f4ca3e [ 191.420326] R10: ffff888017a651ef R11: ffffed1002f4ca3d R12: ffff888017a65290 [ 191.421011] R13: ffff888017a650a8 R14: ffffffffffffffff R15: ffff88802455fc60 [ 191.421704] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 191.422394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.422934] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 191.423675] PKRU: 55555554 [ 191.423921] Call Trace: [ 191.424148] [ 191.424346] iommufd_ioas_destroy+0x53/0x70 [ 191.424730] iommufd_fops_release+0x1f7/0x370 [ 191.425124] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.425692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.426122] ? write_comp_data+0x2f/0x90 [ 191.426487] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.426949] __fput+0x26d/0xa40 [ 191.427256] ____fput+0x1e/0x30 [ 191.427569] task_work_run+0x1a4/0x2d0 [ 191.428019] ? __pfx_task_work_run+0x10/0x10 [ 191.428410] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.428840] ? switch_task_namespaces+0xa9/0xe0 [ 191.429261] do_exit+0xb17/0x2ef0 [ 191.429594] ? lock_acquire+0x427/0x4c0 [ 191.430019] ? __pfx_lock_release+0x10/0x10 [ 191.430404] ? __kasan_check_write+0x18/0x20 [ 191.430816] ? do_raw_spin_lock+0x132/0x2a0 [ 191.431213] ? __pfx_do_exit+0x10/0x10 [ 191.431566] ? debug_smp_processor_id+0x20/0x30 [ 191.432015] ? rcu_is_watching+0x19/0xb0 [ 191.432473] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.432874] ? trace_hardirqs_on+0x26/0x120 [ 191.433255] do_group_exit+0xe0/0x2b0 [ 191.433589] __x64_sys_exit_group+0x47/0x50 [ 191.434006] do_syscall_64+0x3b/0x90 [ 191.434418] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.434908] RIP: 0033:0x7f4b87518a4d [ 191.435253] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.435785] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.436521] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.437198] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.437807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.438549] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.439186] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.439811] [ 191.440017] irq event stamp: 0 [ 191.440298] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.440983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.441710] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.442429] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.443169] ---[ end trace 0000000000000000 ]--- [ 191.447976] ------------[ cut here ]------------ [ 191.448434] WARNING: CPU: 1 PID: 1819 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.449456] Modules linked in: [ 191.449735] CPU: 1 PID: 1819 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.450479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.451617] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.452045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.453812] RSP: 0018:ffff88801638fbb8 EFLAGS: 00010246 [ 191.454265] RAX: 0000000000000000 RBX: ffff8880181730a8 RCX: 0000000000000000 [ 191.454900] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 191.455617] RBP: ffff88801638fbd0 R08: ffffed100302e633 R09: ffffed100302e633 [ 191.456279] R10: ffff888018173193 R11: ffffed100302e632 R12: ffff88800a724400 [ 191.456896] R13: ffff8880181731e8 R14: ffffffff8352e670 R15: ffff88801638fe68 [ 191.457559] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 191.458336] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.458859] CR2: 00007f4b877410e8 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 191.459495] PKRU: 55555554 [ 191.459792] Call Trace: [ 191.460103] [ 191.460307] __iommufd_access_detach+0x1c2/0x2b0 [ 191.460741] iommufd_access_change_pt+0x149/0x270 [ 191.461171] iommufd_access_replace+0xb4/0x120 [ 191.461603] iommufd_test+0x3e5/0x37e0 [ 191.462065] ? lock_release+0x532/0x770 [ 191.462425] ? __might_fault+0x102/0x1b0 [ 191.462813] ? lock_acquire+0x427/0x4c0 [ 191.463186] ? __pfx_iommufd_test+0x10/0x10 [ 191.463604] ? __pfx_lock_release+0x10/0x10 [ 191.464023] ? __pfx_lock_acquire+0x10/0x10 [ 191.464610] ? write_comp_data+0x2f/0x90 [ 191.464999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.465453] ? write_comp_data+0x2f/0x90 [ 191.465837] iommufd_fops_ioctl+0x37d/0x510 [ 191.466288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.466854] ? write_comp_data+0x2f/0x90 [ 191.467256] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.467700] __x64_sys_ioctl+0x1a3/0x230 [ 191.468082] do_syscall_64+0x3b/0x90 [ 191.468434] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.469070] RIP: 0033:0x7f4b8743ee5d [ 191.469413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.471287] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.471995] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.472649] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.473348] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.474128] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.474832] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.475525] [ 191.475829] irq event stamp: 0 [ 191.476216] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.476818] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.477613] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.478606] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.479231] ---[ end trace 0000000000000000 ]--- [ 191.482296] ------------[ cut here ]------------ [ 191.482822] WARNING: CPU: 1 PID: 1819 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.483791] Modules linked in: [ 191.484095] CPU: 1 PID: 1819 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.484920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.486039] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.486532] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.488320] RSP: 0018:ffff88801638fbd0 EFLAGS: 00010246 [ 191.488871] RAX: 0000000000000000 RBX: ffff8880181730a8 RCX: 0000000000000000 [ 191.489604] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 191.490342] RBP: ffff88801638fbe8 R08: ffffed100302e633 R09: ffffed100302e633 [ 191.491099] R10: ffff888018173193 R11: ffffed100302e632 R12: ffff888020d19800 [ 191.491848] R13: ffff8880181731e8 R14: ffff888020850700 R15: 0000000000000000 [ 191.492582] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 191.493411] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.494007] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 191.494784] PKRU: 55555554 [ 191.495090] Call Trace: [ 191.495367] [ 191.495600] iommufd_access_destroy_object+0x65/0x170 [ 191.496145] iommufd_object_destroy_user+0x18e/0x220 [ 191.496679] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.497285] iommufd_access_destroy+0x43/0x70 [ 191.497767] iommufd_test_staccess_release+0x8d/0xd0 [ 191.498323] __fput+0x26d/0xa40 [ 191.498728] ____fput+0x1e/0x30 [ 191.499089] task_work_run+0x1a4/0x2d0 [ 191.499542] ? __pfx_task_work_run+0x10/0x10 [ 191.500010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.500538] ? switch_task_namespaces+0xa9/0xe0 [ 191.501033] do_exit+0xb17/0x2ef0 [ 191.501402] ? lock_acquire+0x427/0x4c0 [ 191.501825] ? __pfx_lock_release+0x10/0x10 [ 191.502276] ? __kasan_check_write+0x18/0x20 [ 191.502787] ? do_raw_spin_lock+0x132/0x2a0 [ 191.503255] ? __pfx_do_exit+0x10/0x10 [ 191.503670] ? debug_smp_processor_id+0x20/0x30 [ 191.504153] ? rcu_is_watching+0x19/0xb0 [ 191.504578] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.505049] ? trace_hardirqs_on+0x26/0x120 [ 191.505512] do_group_exit+0xe0/0x2b0 [ 191.505908] __x64_sys_exit_group+0x47/0x50 [ 191.506355] do_syscall_64+0x3b/0x90 [ 191.506780] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.507344] RIP: 0033:0x7f4b87518a4d [ 191.507746] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.508392] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.509179] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.509924] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.510688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.511445] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.512177] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.512921] [ 191.513175] irq event stamp: 0 [ 191.513511] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.514167] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.515060] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.515928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.516575] ---[ end trace 0000000000000000 ]--- [ 191.517497] ------------[ cut here ]------------ [ 191.517989] WARNING: CPU: 1 PID: 1819 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.519077] Modules linked in: [ 191.519435] CPU: 1 PID: 1819 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.520342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.521504] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.522046] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.523952] RSP: 0018:ffff88801638fb78 EFLAGS: 00010246 [ 191.524521] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.525256] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 191.526008] RBP: ffff88801638fb98 R08: ffffed100302e63e R09: ffffed100302e63e [ 191.526787] R10: ffff8880181731ef R11: ffffed100302e63d R12: ffff888018173290 [ 191.527559] R13: ffff8880181730a8 R14: ffffffffffffffff R15: ffff88801638fc60 [ 191.528693] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 191.529758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.530606] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 191.531592] PKRU: 55555554 [ 191.532187] Call Trace: [ 191.532673] [ 191.532992] iommufd_ioas_destroy+0x53/0x70 [ 191.533587] iommufd_fops_release+0x1f7/0x370 [ 191.534202] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.534936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.535629] ? write_comp_data+0x2f/0x90 [ 191.536410] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.537086] __fput+0x26d/0xa40 [ 191.537559] ____fput+0x1e/0x30 [ 191.538017] task_work_run+0x1a4/0x2d0 [ 191.538611] ? __pfx_task_work_run+0x10/0x10 [ 191.539238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.539899] ? switch_task_namespaces+0xa9/0xe0 [ 191.540771] do_exit+0xb17/0x2ef0 [ 191.541242] ? lock_acquire+0x427/0x4c0 [ 191.541795] ? __pfx_lock_release+0x10/0x10 [ 191.542386] ? __kasan_check_write+0x18/0x20 [ 191.543037] ? do_raw_spin_lock+0x132/0x2a0 [ 191.543656] ? __pfx_do_exit+0x10/0x10 [ 191.544495] ? debug_smp_processor_id+0x20/0x30 [ 191.544999] ? rcu_is_watching+0x19/0xb0 [ 191.545415] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.545885] ? trace_hardirqs_on+0x26/0x120 [ 191.546346] do_group_exit+0xe0/0x2b0 [ 191.547111] __x64_sys_exit_group+0x47/0x50 [ 191.547753] do_syscall_64+0x3b/0x90 [ 191.548296] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.549021] RIP: 0033:0x7f4b87518a4d [ 191.549766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.550673] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.551747] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.552909] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.553863] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.555094] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.556084] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.557068] [ 191.557691] irq event stamp: 0 [ 191.558133] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.559049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.560341] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.561513] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.562404] ---[ end trace 0000000000000000 ]--- [ 191.567158] ------------[ cut here ]------------ [ 191.567692] WARNING: CPU: 0 PID: 1820 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.568741] Modules linked in: [ 191.569072] CPU: 0 PID: 1820 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.569963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.571441] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.571971] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.573826] RSP: 0018:ffff8880164dfbb8 EFLAGS: 00010246 [ 191.574379] RAX: 0000000000000000 RBX: ffff888023f788a8 RCX: 0000000000000000 [ 191.575412] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 191.576158] RBP: ffff8880164dfbd0 R08: ffffed10047ef133 R09: ffffed10047ef133 [ 191.576912] R10: ffff888023f78993 R11: ffffed10047ef132 R12: ffff88801888d000 [ 191.577649] R13: ffff888023f789e8 R14: ffffffff8352e670 R15: ffff8880164dfe68 [ 191.578395] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.579312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.579930] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 191.580663] PKRU: 55555554 [ 191.580956] Call Trace: [ 191.581224] [ 191.581463] __iommufd_access_detach+0x1c2/0x2b0 [ 191.581968] iommufd_access_change_pt+0x149/0x270 [ 191.582470] iommufd_access_replace+0xb4/0x120 [ 191.582986] iommufd_test+0x3e5/0x37e0 [ 191.583404] ? lock_release+0x532/0x770 [ 191.583831] ? __might_fault+0x102/0x1b0 [ 191.584260] ? lock_acquire+0x427/0x4c0 [ 191.584683] ? __pfx_iommufd_test+0x10/0x10 [ 191.585137] ? __pfx_lock_release+0x10/0x10 [ 191.585590] ? __pfx_lock_acquire+0x10/0x10 [ 191.586054] ? write_comp_data+0x2f/0x90 [ 191.586492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.587060] ? write_comp_data+0x2f/0x90 [ 191.587511] iommufd_fops_ioctl+0x37d/0x510 [ 191.587967] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.588485] ? write_comp_data+0x2f/0x90 [ 191.588937] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.589454] __x64_sys_ioctl+0x1a3/0x230 [ 191.589899] do_syscall_64+0x3b/0x90 [ 191.590305] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.590906] RIP: 0033:0x7f4b8743ee5d [ 191.591321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.593228] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.594012] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.594782] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.595544] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.596292] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.597019] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.597770] [ 191.598016] irq event stamp: 0 [ 191.598343] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.599031] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.599899] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.600752] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.601397] ---[ end trace 0000000000000000 ]--- [ 191.604805] ------------[ cut here ]------------ [ 191.605346] WARNING: CPU: 0 PID: 1820 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.606378] Modules linked in: [ 191.606741] CPU: 0 PID: 1820 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.607646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.608794] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.609310] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.611219] RSP: 0018:ffff8880164dfbd0 EFLAGS: 00010246 [ 191.611763] RAX: 0000000000000000 RBX: ffff888023f788a8 RCX: 0000000000000000 [ 191.612489] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 191.613220] RBP: ffff8880164dfbe8 R08: ffffed10047ef133 R09: ffffed10047ef133 [ 191.613948] R10: ffff888023f78993 R11: ffffed10047ef132 R12: ffff888010c0a400 [ 191.614716] R13: ffff888023f789e8 R14: ffff88800f90bf00 R15: 0000000000000000 [ 191.615465] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.616301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.616901] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.617648] PKRU: 55555554 [ 191.617952] Call Trace: [ 191.618217] [ 191.618451] iommufd_access_destroy_object+0x65/0x170 [ 191.619055] iommufd_object_destroy_user+0x18e/0x220 [ 191.619612] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.620234] iommufd_access_destroy+0x43/0x70 [ 191.620712] iommufd_test_staccess_release+0x8d/0xd0 [ 191.621245] __fput+0x26d/0xa40 [ 191.621611] ____fput+0x1e/0x30 [ 191.621971] task_work_run+0x1a4/0x2d0 [ 191.622389] ? __pfx_task_work_run+0x10/0x10 [ 191.622890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.623415] ? switch_task_namespaces+0xa9/0xe0 [ 191.623919] do_exit+0xb17/0x2ef0 [ 191.624285] ? lock_acquire+0x427/0x4c0 [ 191.624711] ? __pfx_lock_release+0x10/0x10 [ 191.625161] ? __kasan_check_write+0x18/0x20 [ 191.625618] ? do_raw_spin_lock+0x132/0x2a0 [ 191.626066] ? __pfx_do_exit+0x10/0x10 [ 191.626484] ? debug_smp_processor_id+0x20/0x30 [ 191.627015] ? rcu_is_watching+0x19/0xb0 [ 191.627460] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.627936] ? trace_hardirqs_on+0x26/0x120 [ 191.628401] do_group_exit+0xe0/0x2b0 [ 191.628805] __x64_sys_exit_group+0x47/0x50 [ 191.629250] do_syscall_64+0x3b/0x90 [ 191.629647] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.630187] RIP: 0033:0x7f4b87518a4d [ 191.630638] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.631293] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.632072] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.632814] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.633541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.634273] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.635054] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.635836] [ 191.636094] irq event stamp: 0 [ 191.636423] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.637081] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.637936] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.638841] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.639528] ---[ end trace 0000000000000000 ]--- [ 191.640441] ------------[ cut here ]------------ [ 191.640952] WARNING: CPU: 0 PID: 1820 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.642017] Modules linked in: [ 191.642360] CPU: 0 PID: 1820 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.643349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.644526] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.645068] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.646980] RSP: 0018:ffff8880164dfb78 EFLAGS: 00010246 [ 191.647558] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.648300] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 191.649036] RBP: ffff8880164dfb98 R08: ffffed10047ef13e R09: ffffed10047ef13e [ 191.649774] R10: ffff888023f789ef R11: ffffed10047ef13d R12: ffff888023f78a90 [ 191.650568] R13: ffff888023f788a8 R14: ffffffffffffffff R15: ffff8880164dfc60 [ 191.651320] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.652157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.652762] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.653490] PKRU: 55555554 [ 191.653788] Call Trace: [ 191.654061] [ 191.654308] iommufd_ioas_destroy+0x53/0x70 [ 191.654828] iommufd_fops_release+0x1f7/0x370 [ 191.655328] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.655850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.656358] ? write_comp_data+0x2f/0x90 [ 191.656791] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.657316] __fput+0x26d/0xa40 [ 191.657686] ____fput+0x1e/0x30 [ 191.658038] task_work_run+0x1a4/0x2d0 [ 191.658449] ? __pfx_task_work_run+0x10/0x10 [ 191.658980] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.659521] ? switch_task_namespaces+0xa9/0xe0 [ 191.660041] do_exit+0xb17/0x2ef0 [ 191.660417] ? lock_acquire+0x427/0x4c0 [ 191.660852] ? __pfx_lock_release+0x10/0x10 [ 191.661318] ? __kasan_check_write+0x18/0x20 [ 191.661796] ? do_raw_spin_lock+0x132/0x2a0 [ 191.662251] ? __pfx_do_exit+0x10/0x10 [ 191.662714] ? debug_smp_processor_id+0x20/0x30 [ 191.663221] ? rcu_is_watching+0x19/0xb0 [ 191.663649] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.664119] ? trace_hardirqs_on+0x26/0x120 [ 191.664586] do_group_exit+0xe0/0x2b0 [ 191.664993] __x64_sys_exit_group+0x47/0x50 [ 191.665451] do_syscall_64+0x3b/0x90 [ 191.665851] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.666399] RIP: 0033:0x7f4b87518a4d [ 191.666832] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.667469] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.668246] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.668972] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.669699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.670431] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.671206] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.671943] [ 191.672182] irq event stamp: 0 [ 191.672506] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.673152] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.674009] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.674903] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.675564] ---[ end trace 0000000000000000 ]--- [ 191.680817] ------------[ cut here ]------------ [ 191.681360] WARNING: CPU: 0 PID: 1821 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.682394] Modules linked in: [ 191.682780] CPU: 0 PID: 1821 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.683689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.684850] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.685374] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.687266] RSP: 0018:ffff8880137e7bb8 EFLAGS: 00010246 [ 191.687818] RAX: 0000000000000000 RBX: ffff888011d9f0a8 RCX: 0000000000000000 [ 191.688555] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 191.689287] RBP: ffff8880137e7bd0 R08: ffffed10023b3e33 R09: ffffed10023b3e33 [ 191.690010] R10: ffff888011d9f193 R11: ffffed10023b3e32 R12: ffff88800fcb2400 [ 191.690809] R13: ffff888011d9f1e8 R14: ffffffff8352e670 R15: ffff8880137e7e68 [ 191.691590] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.692435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.693050] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 191.693804] PKRU: 55555554 [ 191.694109] Call Trace: [ 191.694381] [ 191.694662] __iommufd_access_detach+0x1c2/0x2b0 [ 191.695201] iommufd_access_change_pt+0x149/0x270 [ 191.695728] iommufd_access_replace+0xb4/0x120 [ 191.696237] iommufd_test+0x3e5/0x37e0 [ 191.696656] ? lock_release+0x532/0x770 [ 191.697092] ? __might_fault+0x102/0x1b0 [ 191.697534] ? lock_acquire+0x427/0x4c0 [ 191.697962] ? __pfx_iommufd_test+0x10/0x10 [ 191.698417] ? __pfx_lock_release+0x10/0x10 [ 191.698926] ? __pfx_lock_acquire+0x10/0x10 [ 191.699400] ? write_comp_data+0x2f/0x90 [ 191.699839] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.700350] ? write_comp_data+0x2f/0x90 [ 191.700795] iommufd_fops_ioctl+0x37d/0x510 [ 191.701264] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.701781] ? write_comp_data+0x2f/0x90 [ 191.702223] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.702775] __x64_sys_ioctl+0x1a3/0x230 [ 191.703236] do_syscall_64+0x3b/0x90 [ 191.703642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.704195] RIP: 0033:0x7f4b8743ee5d [ 191.704593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.706496] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.707365] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.708115] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.708858] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.709607] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.710355] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.711169] [ 191.711433] irq event stamp: 0 [ 191.711769] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.712420] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.713291] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.714168] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.714876] ---[ end trace 0000000000000000 ]--- [ 191.718214] ------------[ cut here ]------------ [ 191.718843] WARNING: CPU: 0 PID: 1821 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.719913] Modules linked in: [ 191.720252] CPU: 0 PID: 1821 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.721154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.722313] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.722874] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.724770] RSP: 0018:ffff8880137e7bd0 EFLAGS: 00010246 [ 191.725338] RAX: 0000000000000000 RBX: ffff888011d9f0a8 RCX: 0000000000000000 [ 191.726086] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 191.726861] RBP: ffff8880137e7be8 R08: ffffed10023b3e33 R09: ffffed10023b3e33 [ 191.727622] R10: ffff888011d9f193 R11: ffffed10023b3e32 R12: ffff88801888c400 [ 191.728362] R13: ffff888011d9f1e8 R14: ffff888021841c00 R15: 0000000000000000 [ 191.729096] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.729927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.730577] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.731330] PKRU: 55555554 [ 191.731628] Call Trace: [ 191.731898] [ 191.732134] iommufd_access_destroy_object+0x65/0x170 [ 191.732683] iommufd_object_destroy_user+0x18e/0x220 [ 191.733222] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.733839] iommufd_access_destroy+0x43/0x70 [ 191.734321] iommufd_test_staccess_release+0x8d/0xd0 [ 191.734923] __fput+0x26d/0xa40 [ 191.735312] ____fput+0x1e/0x30 [ 191.735675] task_work_run+0x1a4/0x2d0 [ 191.736101] ? __pfx_task_work_run+0x10/0x10 [ 191.736574] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.737091] ? switch_task_namespaces+0xa9/0xe0 [ 191.737580] do_exit+0xb17/0x2ef0 [ 191.737946] ? lock_acquire+0x427/0x4c0 [ 191.738377] ? __pfx_lock_release+0x10/0x10 [ 191.738866] ? __kasan_check_write+0x18/0x20 [ 191.739341] ? do_raw_spin_lock+0x132/0x2a0 [ 191.739785] ? __pfx_do_exit+0x10/0x10 [ 191.740198] ? debug_smp_processor_id+0x20/0x30 [ 191.740684] ? rcu_is_watching+0x19/0xb0 [ 191.741112] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.741576] ? trace_hardirqs_on+0x26/0x120 [ 191.742022] do_group_exit+0xe0/0x2b0 [ 191.742415] __x64_sys_exit_group+0x47/0x50 [ 191.742898] do_syscall_64+0x3b/0x90 [ 191.743310] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.743857] RIP: 0033:0x7f4b87518a4d [ 191.744248] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.744874] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.745636] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.746356] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.747144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.747878] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.748608] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.749341] [ 191.749581] irq event stamp: 0 [ 191.749905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.750589] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.751469] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.752315] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.752986] ---[ end trace 0000000000000000 ]--- [ 191.753857] ------------[ cut here ]------------ [ 191.754344] WARNING: CPU: 0 PID: 1821 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.755443] Modules linked in: [ 191.755783] CPU: 0 PID: 1821 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.756687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.757834] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.758364] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.760256] RSP: 0018:ffff8880137e7b78 EFLAGS: 00010246 [ 191.760810] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.761534] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 191.762264] RBP: ffff8880137e7b98 R08: ffffed10023b3e3e R09: ffffed10023b3e3e [ 191.763031] R10: ffff888011d9f1ef R11: ffffed10023b3e3d R12: ffff888011d9f290 [ 191.763775] R13: ffff888011d9f0a8 R14: ffffffffffffffff R15: ffff8880137e7c60 [ 191.764493] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.765317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.765926] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.766715] PKRU: 55555554 [ 191.767013] Call Trace: [ 191.767294] [ 191.767529] iommufd_ioas_destroy+0x53/0x70 [ 191.767986] iommufd_fops_release+0x1f7/0x370 [ 191.768458] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.768970] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.769473] ? write_comp_data+0x2f/0x90 [ 191.769902] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.770411] __fput+0x26d/0xa40 [ 191.770804] ____fput+0x1e/0x30 [ 191.771159] task_work_run+0x1a4/0x2d0 [ 191.771566] ? __pfx_task_work_run+0x10/0x10 [ 191.772027] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.772528] ? switch_task_namespaces+0xa9/0xe0 [ 191.773018] do_exit+0xb17/0x2ef0 [ 191.773368] ? lock_acquire+0x427/0x4c0 [ 191.773775] ? __pfx_lock_release+0x10/0x10 [ 191.774212] ? __kasan_check_write+0x18/0x20 [ 191.774693] ? do_raw_spin_lock+0x132/0x2a0 [ 191.775150] ? __pfx_do_exit+0x10/0x10 [ 191.775562] ? debug_smp_processor_id+0x20/0x30 [ 191.776037] ? rcu_is_watching+0x19/0xb0 [ 191.776450] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.776920] ? trace_hardirqs_on+0x26/0x120 [ 191.777363] do_group_exit+0xe0/0x2b0 [ 191.777748] __x64_sys_exit_group+0x47/0x50 [ 191.778187] do_syscall_64+0x3b/0x90 [ 191.778626] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.779173] RIP: 0033:0x7f4b87518a4d [ 191.779561] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.780187] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.780966] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.781879] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.782876] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.783620] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.784341] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.785076] [ 191.785315] irq event stamp: 0 [ 191.785638] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.787003] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.787895] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.788746] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.789386] ---[ end trace 0000000000000000 ]--- [ 191.794038] ------------[ cut here ]------------ [ 191.795031] WARNING: CPU: 0 PID: 1822 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.796097] Modules linked in: [ 191.796426] CPU: 0 PID: 1822 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.797309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.798466] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.799017] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.800887] RSP: 0018:ffff888017357bb8 EFLAGS: 00010246 [ 191.801433] RAX: 0000000000000000 RBX: ffff8880141980a8 RCX: 0000000000000000 [ 191.802160] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 191.802917] RBP: ffff888017357bd0 R08: ffffed1002833033 R09: ffffed1002833033 [ 191.803662] R10: ffff888014198193 R11: ffffed1002833032 R12: ffff8880129c8400 [ 191.804399] R13: ffff8880141981e8 R14: ffffffff8352e670 R15: ffff888017357e68 [ 191.805124] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.805940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.806564] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 191.807308] PKRU: 55555554 [ 191.807596] Call Trace: [ 191.807863] [ 191.808097] __iommufd_access_detach+0x1c2/0x2b0 [ 191.808603] iommufd_access_change_pt+0x149/0x270 [ 191.809104] iommufd_access_replace+0xb4/0x120 [ 191.809580] iommufd_test+0x3e5/0x37e0 [ 191.809992] ? lock_release+0x532/0x770 [ 191.810409] ? __might_fault+0x102/0x1b0 [ 191.810882] ? lock_acquire+0x427/0x4c0 [ 191.811317] ? __pfx_iommufd_test+0x10/0x10 [ 191.811761] ? __pfx_lock_release+0x10/0x10 [ 191.812210] ? __pfx_lock_acquire+0x10/0x10 [ 191.812659] ? write_comp_data+0x2f/0x90 [ 191.813086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.813579] ? write_comp_data+0x2f/0x90 [ 191.814013] iommufd_fops_ioctl+0x37d/0x510 [ 191.814464] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.814991] ? write_comp_data+0x2f/0x90 [ 191.815436] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.815946] __x64_sys_ioctl+0x1a3/0x230 [ 191.816377] do_syscall_64+0x3b/0x90 [ 191.816770] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.817304] RIP: 0033:0x7f4b8743ee5d [ 191.817694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.819591] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.820382] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.821107] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.821834] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.822597] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.823352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.824083] [ 191.824328] irq event stamp: 0 [ 191.824655] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.825304] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.826150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.827031] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.827701] ---[ end trace 0000000000000000 ]--- [ 191.831639] ------------[ cut here ]------------ [ 191.832188] WARNING: CPU: 0 PID: 1822 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.833243] Modules linked in: [ 191.833696] CPU: 0 PID: 1822 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.835083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.836248] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.836755] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.838650] RSP: 0018:ffff888017357bd0 EFLAGS: 00010246 [ 191.839212] RAX: 0000000000000000 RBX: ffff8880141980a8 RCX: 0000000000000000 [ 191.840693] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 191.841434] RBP: ffff888017357be8 R08: ffffed1002833033 R09: ffffed1002833033 [ 191.842151] R10: ffff888014198193 R11: ffffed1002833032 R12: ffff88800fcb1800 [ 191.842921] R13: ffff8880141981e8 R14: ffff888020defe00 R15: 0000000000000000 [ 191.843693] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.844717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.845984] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.846791] PKRU: 55555554 [ 191.847081] Call Trace: [ 191.847368] [ 191.847600] iommufd_access_destroy_object+0x65/0x170 [ 191.848139] iommufd_object_destroy_user+0x18e/0x220 [ 191.848675] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.849277] iommufd_access_destroy+0x43/0x70 [ 191.849858] iommufd_test_staccess_release+0x8d/0xd0 [ 191.851089] __fput+0x26d/0xa40 [ 191.851493] ____fput+0x1e/0x30 [ 191.851842] task_work_run+0x1a4/0x2d0 [ 191.852255] ? __pfx_task_work_run+0x10/0x10 [ 191.852712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.853217] ? switch_task_namespaces+0xa9/0xe0 [ 191.853725] do_exit+0xb17/0x2ef0 [ 191.854098] ? lock_acquire+0x427/0x4c0 [ 191.854580] ? __pfx_lock_release+0x10/0x10 [ 191.855054] ? __kasan_check_write+0x18/0x20 [ 191.855545] ? do_raw_spin_lock+0x132/0x2a0 [ 191.856176] ? __pfx_do_exit+0x10/0x10 [ 191.857180] ? debug_smp_processor_id+0x20/0x30 [ 191.857703] ? rcu_is_watching+0x19/0xb0 [ 191.858137] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.858671] ? trace_hardirqs_on+0x26/0x120 [ 191.859169] do_group_exit+0xe0/0x2b0 [ 191.859584] __x64_sys_exit_group+0x47/0x50 [ 191.860036] do_syscall_64+0x3b/0x90 [ 191.860453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.861112] RIP: 0033:0x7f4b87518a4d [ 191.861656] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.862884] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.863719] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.864475] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.865227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.865988] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.867489] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.868274] [ 191.868524] irq event stamp: 0 [ 191.868857] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.869529] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.870423] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.871469] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.872911] ---[ end trace 0000000000000000 ]--- [ 191.874335] ------------[ cut here ]------------ [ 191.875096] WARNING: CPU: 0 PID: 1822 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.876564] Modules linked in: [ 191.877087] CPU: 0 PID: 1822 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.878647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.879875] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 191.880417] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 191.883221] RSP: 0018:ffff888017357b78 EFLAGS: 00010246 [ 191.883802] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 191.884559] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 191.885311] RBP: ffff888017357b98 R08: ffffed100283303e R09: ffffed100283303e [ 191.886074] R10: ffff8880141981ef R11: ffffed100283303d R12: ffff888014198290 [ 191.887111] R13: ffff8880141980a8 R14: ffffffffffffffff R15: ffff888017357c60 [ 191.888140] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.888985] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.889589] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.890346] PKRU: 55555554 [ 191.890674] Call Trace: [ 191.890945] [ 191.891448] iommufd_ioas_destroy+0x53/0x70 [ 191.892401] iommufd_fops_release+0x1f7/0x370 [ 191.892894] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.893421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.893944] ? write_comp_data+0x2f/0x90 [ 191.894386] ? __pfx_iommufd_fops_release+0x10/0x10 [ 191.894952] __fput+0x26d/0xa40 [ 191.895457] ____fput+0x1e/0x30 [ 191.896276] task_work_run+0x1a4/0x2d0 [ 191.896718] ? __pfx_task_work_run+0x10/0x10 [ 191.897184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.897691] ? switch_task_namespaces+0xa9/0xe0 [ 191.898182] do_exit+0xb17/0x2ef0 [ 191.898591] ? lock_acquire+0x427/0x4c0 [ 191.899020] ? __pfx_lock_release+0x10/0x10 [ 191.899588] ? __kasan_check_write+0x18/0x20 [ 191.900226] ? do_raw_spin_lock+0x132/0x2a0 [ 191.900930] ? __pfx_do_exit+0x10/0x10 [ 191.901357] ? debug_smp_processor_id+0x20/0x30 [ 191.901858] ? rcu_is_watching+0x19/0xb0 [ 191.902298] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.902820] ? trace_hardirqs_on+0x26/0x120 [ 191.903308] do_group_exit+0xe0/0x2b0 [ 191.903728] __x64_sys_exit_group+0x47/0x50 [ 191.904257] do_syscall_64+0x3b/0x90 [ 191.904895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.905595] RIP: 0033:0x7f4b87518a4d [ 191.906001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.906683] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.907518] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.908299] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.909321] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.910347] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.911145] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.911918] [ 191.912173] irq event stamp: 0 [ 191.912514] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.913206] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.914632] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.915553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.916225] ---[ end trace 0000000000000000 ]--- [ 191.924109] ------------[ cut here ]------------ [ 191.924647] WARNING: CPU: 0 PID: 1823 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.925733] Modules linked in: [ 191.926074] CPU: 0 PID: 1823 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.927066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.929092] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.929635] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.931617] RSP: 0018:ffff88800ea1fbb8 EFLAGS: 00010246 [ 191.932288] RAX: 0000000000000000 RBX: ffff888020dbf0a8 RCX: 0000000000000000 [ 191.933393] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 191.934138] RBP: ffff88800ea1fbd0 R08: ffffed10041b7e33 R09: ffffed10041b7e33 [ 191.934911] R10: ffff888020dbf193 R11: ffffed10041b7e32 R12: ffff88800ae90400 [ 191.935685] R13: ffff888020dbf1e8 R14: ffffffff8352e670 R15: ffff88800ea1fe68 [ 191.936446] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.937298] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.937914] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 191.939250] PKRU: 55555554 [ 191.939567] Call Trace: [ 191.939838] [ 191.940079] __iommufd_access_detach+0x1c2/0x2b0 [ 191.940602] iommufd_access_change_pt+0x149/0x270 [ 191.941127] iommufd_access_replace+0xb4/0x120 [ 191.941624] iommufd_test+0x3e5/0x37e0 [ 191.942035] ? lock_release+0x532/0x770 [ 191.942465] ? __might_fault+0x102/0x1b0 [ 191.942930] ? lock_acquire+0x427/0x4c0 [ 191.943368] ? __pfx_iommufd_test+0x10/0x10 [ 191.943822] ? __pfx_lock_release+0x10/0x10 [ 191.944285] ? __pfx_lock_acquire+0x10/0x10 [ 191.944750] ? write_comp_data+0x2f/0x90 [ 191.945192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.945709] ? write_comp_data+0x2f/0x90 [ 191.946149] iommufd_fops_ioctl+0x37d/0x510 [ 191.946635] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.947168] ? write_comp_data+0x2f/0x90 [ 191.947609] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 191.948127] __x64_sys_ioctl+0x1a3/0x230 [ 191.948572] do_syscall_64+0x3b/0x90 [ 191.948969] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.949508] RIP: 0033:0x7f4b8743ee5d [ 191.949891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 191.951810] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 191.952596] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 191.953329] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 191.954077] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 191.954837] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 191.955591] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 191.956345] [ 191.956587] irq event stamp: 0 [ 191.956919] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.957576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.958430] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.959316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.959973] ---[ end trace 0000000000000000 ]--- [ 191.963473] ------------[ cut here ]------------ [ 191.963934] WARNING: CPU: 0 PID: 1823 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 191.964874] Modules linked in: [ 191.965308] CPU: 0 PID: 1823 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.966372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 191.967749] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 191.968222] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 191.969959] RSP: 0018:ffff88800ea1fbd0 EFLAGS: 00010246 [ 191.970714] RAX: 0000000000000000 RBX: ffff888020dbf0a8 RCX: 0000000000000000 [ 191.971393] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 191.972073] RBP: ffff88800ea1fbe8 R08: ffffed10041b7e33 R09: ffffed10041b7e33 [ 191.972759] R10: ffff888020dbf193 R11: ffffed10041b7e32 R12: ffff8880129c8000 [ 191.973432] R13: ffff888020dbf1e8 R14: ffff88800f7e0100 R15: 0000000000000000 [ 191.974103] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 191.974881] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.975438] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 191.976110] PKRU: 55555554 [ 191.976380] Call Trace: [ 191.976622] [ 191.976836] iommufd_access_destroy_object+0x65/0x170 [ 191.977327] iommufd_object_destroy_user+0x18e/0x220 [ 191.977814] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 191.978370] iommufd_access_destroy+0x43/0x70 [ 191.978827] iommufd_test_staccess_release+0x8d/0xd0 [ 191.979326] __fput+0x26d/0xa40 [ 191.979653] ____fput+0x1e/0x30 [ 191.979973] task_work_run+0x1a4/0x2d0 [ 191.980353] ? __pfx_task_work_run+0x10/0x10 [ 191.980777] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 191.981244] ? switch_task_namespaces+0xa9/0xe0 [ 191.981689] do_exit+0xb17/0x2ef0 [ 191.982018] ? lock_acquire+0x427/0x4c0 [ 191.982403] ? __pfx_lock_release+0x10/0x10 [ 191.982835] ? __kasan_check_write+0x18/0x20 [ 191.983254] ? do_raw_spin_lock+0x132/0x2a0 [ 191.983662] ? __pfx_do_exit+0x10/0x10 [ 191.984033] ? debug_smp_processor_id+0x20/0x30 [ 191.984469] ? rcu_is_watching+0x19/0xb0 [ 191.984852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 191.985280] ? trace_hardirqs_on+0x26/0x120 [ 191.985693] do_group_exit+0xe0/0x2b0 [ 191.986055] __x64_sys_exit_group+0x47/0x50 [ 191.986457] do_syscall_64+0x3b/0x90 [ 191.986831] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 191.987332] RIP: 0033:0x7f4b87518a4d [ 191.987679] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 191.988246] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.988947] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 191.989603] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 191.990258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 191.990940] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 191.991611] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 191.992278] [ 191.992498] irq event stamp: 0 [ 191.992790] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 191.993372] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 191.994158] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 191.994965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 191.995564] ---[ end trace 0000000000000000 ]--- [ 191.996443] ------------[ cut here ]------------ [ 191.997115] WARNING: CPU: 0 PID: 1823 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 191.998011] Modules linked in: [ 191.998308] CPU: 0 PID: 1823 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 191.999243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.000231] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.000685] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.002652] RSP: 0018:ffff88800ea1fb78 EFLAGS: 00010246 [ 192.003136] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.003704] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 192.004310] RBP: ffff88800ea1fb98 R08: ffffed10041b7e3e R09: ffffed10041b7e3e [ 192.005189] R10: ffff888020dbf1ef R11: ffffed10041b7e3d R12: ffff888020dbf290 [ 192.005812] R13: ffff888020dbf0a8 R14: ffffffffffffffff R15: ffff88800ea1fc60 [ 192.006469] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 192.007384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.007901] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 192.008537] PKRU: 55555554 [ 192.008815] Call Trace: [ 192.009239] [ 192.009448] iommufd_ioas_destroy+0x53/0x70 [ 192.009837] iommufd_fops_release+0x1f7/0x370 [ 192.010240] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.010712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.011205] ? write_comp_data+0x2f/0x90 [ 192.011755] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.012205] __fput+0x26d/0xa40 [ 192.012516] ____fput+0x1e/0x30 [ 192.012819] task_work_run+0x1a4/0x2d0 [ 192.013298] ? __pfx_task_work_run+0x10/0x10 [ 192.013774] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.014216] ? switch_task_namespaces+0xa9/0xe0 [ 192.014665] do_exit+0xb17/0x2ef0 [ 192.014979] ? lock_acquire+0x427/0x4c0 [ 192.015357] ? __pfx_lock_release+0x10/0x10 [ 192.015983] ? __kasan_check_write+0x18/0x20 [ 192.016378] ? do_raw_spin_lock+0x132/0x2a0 [ 192.016768] ? __pfx_do_exit+0x10/0x10 [ 192.017123] ? debug_smp_processor_id+0x20/0x30 [ 192.017602] ? rcu_is_watching+0x19/0xb0 [ 192.018104] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.018539] ? trace_hardirqs_on+0x26/0x120 [ 192.018934] do_group_exit+0xe0/0x2b0 [ 192.019288] __x64_sys_exit_group+0x47/0x50 [ 192.019675] do_syscall_64+0x3b/0x90 [ 192.020269] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.020745] RIP: 0033:0x7f4b87518a4d [ 192.021092] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.021637] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.022575] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.023246] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.023911] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.024827] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.025492] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.026163] [ 192.026450] irq event stamp: 0 [ 192.026942] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.027547] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.028330] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.029385] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.029980] ---[ end trace 0000000000000000 ]--- [ 192.034402] ------------[ cut here ]------------ [ 192.034952] WARNING: CPU: 0 PID: 1824 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.036198] Modules linked in: [ 192.036508] CPU: 0 PID: 1824 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.037472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.038693] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.039188] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.040944] RSP: 0018:ffff888017357bb8 EFLAGS: 00010246 [ 192.041455] RAX: 0000000000000000 RBX: ffff888020add8a8 RCX: 0000000000000000 [ 192.042129] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 192.042837] RBP: ffff888017357bd0 R08: ffffed100415bb33 R09: ffffed100415bb33 [ 192.043525] R10: ffff888020add993 R11: ffffed100415bb32 R12: ffff888010cfb800 [ 192.044198] R13: ffff888020add9e8 R14: ffffffff8352e670 R15: ffff888017357e68 [ 192.044870] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 192.045634] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.046179] CR2: 00007f4b877410e8 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 192.046877] PKRU: 55555554 [ 192.047157] Call Trace: [ 192.047404] [ 192.047620] __iommufd_access_detach+0x1c2/0x2b0 [ 192.048088] iommufd_access_change_pt+0x149/0x270 [ 192.048558] iommufd_access_replace+0xb4/0x120 [ 192.049005] iommufd_test+0x3e5/0x37e0 [ 192.049372] ? lock_release+0x532/0x770 [ 192.049760] ? __might_fault+0x102/0x1b0 [ 192.050151] ? lock_acquire+0x427/0x4c0 [ 192.050563] ? __pfx_iommufd_test+0x10/0x10 [ 192.050971] ? __pfx_lock_release+0x10/0x10 [ 192.051394] ? __pfx_lock_acquire+0x10/0x10 [ 192.051810] ? write_comp_data+0x2f/0x90 [ 192.052207] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.052667] ? write_comp_data+0x2f/0x90 [ 192.053065] iommufd_fops_ioctl+0x37d/0x510 [ 192.053485] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.053952] ? write_comp_data+0x2f/0x90 [ 192.054345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.054833] __x64_sys_ioctl+0x1a3/0x230 [ 192.055249] do_syscall_64+0x3b/0x90 [ 192.055617] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.056113] RIP: 0033:0x7f4b8743ee5d [ 192.056463] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.058164] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.058888] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.059561] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.060217] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.060876] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.061528] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.062160] [ 192.062365] irq event stamp: 0 [ 192.062662] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.063225] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.063966] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.064694] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.065244] ---[ end trace 0000000000000000 ]--- [ 192.068547] ------------[ cut here ]------------ [ 192.069264] WARNING: CPU: 0 PID: 1824 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.070138] Modules linked in: [ 192.070419] CPU: 0 PID: 1824 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.071431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.072405] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.072839] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.074676] RSP: 0018:ffff888017357bd0 EFLAGS: 00010246 [ 192.075149] RAX: 0000000000000000 RBX: ffff888020add8a8 RCX: 0000000000000000 [ 192.076004] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 192.076615] RBP: ffff888017357be8 R08: ffffed100415bb33 R09: ffffed100415bb33 [ 192.077236] R10: ffff888020add993 R11: ffffed100415bb32 R12: ffff88800ae90800 [ 192.078083] R13: ffff888020add9e8 R14: ffff88801202b700 R15: 0000000000000000 [ 192.078725] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 192.079449] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.080194] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 192.080823] PKRU: 55555554 [ 192.081075] Call Trace: [ 192.081300] [ 192.081503] iommufd_access_destroy_object+0x65/0x170 [ 192.082167] iommufd_object_destroy_user+0x18e/0x220 [ 192.082650] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.083173] iommufd_access_destroy+0x43/0x70 [ 192.083580] iommufd_test_staccess_release+0x8d/0xd0 [ 192.084147] __fput+0x26d/0xa40 [ 192.084562] ____fput+0x1e/0x30 [ 192.084863] task_work_run+0x1a4/0x2d0 [ 192.085211] ? __pfx_task_work_run+0x10/0x10 [ 192.085603] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.086156] ? switch_task_namespaces+0xa9/0xe0 [ 192.086667] do_exit+0xb17/0x2ef0 [ 192.086974] ? lock_acquire+0x427/0x4c0 [ 192.087343] ? __pfx_lock_release+0x10/0x10 [ 192.087728] ? __kasan_check_write+0x18/0x20 [ 192.088138] ? do_raw_spin_lock+0x132/0x2a0 [ 192.088712] ? __pfx_do_exit+0x10/0x10 [ 192.089064] ? debug_smp_processor_id+0x20/0x30 [ 192.089473] ? rcu_is_watching+0x19/0xb0 [ 192.089832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.090360] ? trace_hardirqs_on+0x26/0x120 [ 192.090876] do_group_exit+0xe0/0x2b0 [ 192.091230] __x64_sys_exit_group+0x47/0x50 [ 192.091613] do_syscall_64+0x3b/0x90 [ 192.091946] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.092450] RIP: 0033:0x7f4b87518a4d [ 192.092963] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.093497] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.094156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.095040] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.095672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.096286] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.097133] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.097760] [ 192.097965] irq event stamp: 0 [ 192.098241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.098897] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.099708] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.100436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.101066] ---[ end trace 0000000000000000 ]--- [ 192.101926] ------------[ cut here ]------------ [ 192.102340] WARNING: CPU: 0 PID: 1824 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.103471] Modules linked in: [ 192.103757] CPU: 0 PID: 1824 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.104523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.105710] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.106168] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.107945] RSP: 0018:ffff888017357b78 EFLAGS: 00010246 [ 192.108415] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.109081] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 192.109818] RBP: ffff888017357b98 R08: ffffed100415bb3e R09: ffffed100415bb3e [ 192.110439] R10: ffff888020add9ef R11: ffffed100415bb3d R12: ffff888020adda90 [ 192.111259] R13: ffff888020add8a8 R14: ffffffffffffffff R15: ffff888017357c60 [ 192.111886] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 192.112588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.113138] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 192.113924] PKRU: 55555554 [ 192.114174] Call Trace: [ 192.114400] [ 192.114630] iommufd_ioas_destroy+0x53/0x70 [ 192.115031] iommufd_fops_release+0x1f7/0x370 [ 192.115532] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.116063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.116500] ? write_comp_data+0x2f/0x90 [ 192.116867] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.117379] __fput+0x26d/0xa40 [ 192.117789] ____fput+0x1e/0x30 [ 192.118091] task_work_run+0x1a4/0x2d0 [ 192.118443] ? __pfx_task_work_run+0x10/0x10 [ 192.118859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.119304] ? switch_task_namespaces+0xa9/0xe0 [ 192.119908] do_exit+0xb17/0x2ef0 [ 192.120217] ? lock_acquire+0x427/0x4c0 [ 192.120579] ? __pfx_lock_release+0x10/0x10 [ 192.120968] ? __kasan_check_write+0x18/0x20 [ 192.121380] ? do_raw_spin_lock+0x132/0x2a0 [ 192.121900] ? __pfx_do_exit+0x10/0x10 [ 192.122261] ? debug_smp_processor_id+0x20/0x30 [ 192.122701] ? rcu_is_watching+0x19/0xb0 [ 192.123066] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.123482] ? trace_hardirqs_on+0x26/0x120 [ 192.124044] do_group_exit+0xe0/0x2b0 [ 192.124382] __x64_sys_exit_group+0x47/0x50 [ 192.124760] do_syscall_64+0x3b/0x90 [ 192.125096] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.125594] RIP: 0033:0x7f4b87518a4d [ 192.126060] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.126632] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.127319] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.127948] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.128754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.129372] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.130085] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.130841] [ 192.131050] irq event stamp: 0 [ 192.131342] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.131896] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.132800] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.133524] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.134074] ---[ end trace 0000000000000000 ]--- [ 192.143627] ------------[ cut here ]------------ [ 192.144477] WARNING: CPU: 1 PID: 1825 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.145617] Modules linked in: [ 192.146126] CPU: 1 PID: 1825 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.147205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.148595] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.149164] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.151312] RSP: 0018:ffff88801638fbb8 EFLAGS: 00010246 [ 192.151926] RAX: 0000000000000000 RBX: ffff88802463f8a8 RCX: 0000000000000000 [ 192.152725] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 192.153521] RBP: ffff88801638fbd0 R08: ffffed10048c7f33 R09: ffffed10048c7f33 [ 192.154316] R10: ffff88802463f993 R11: ffffed10048c7f32 R12: ffff88801341cc00 [ 192.155163] R13: ffff88802463f9e8 R14: ffffffff8352e670 R15: ffff88801638fe68 [ 192.155970] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.156870] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.157522] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 192.158328] PKRU: 55555554 [ 192.158687] Call Trace: [ 192.158986] [ 192.159264] __iommufd_access_detach+0x1c2/0x2b0 [ 192.159821] iommufd_access_change_pt+0x149/0x270 [ 192.160387] iommufd_access_replace+0xb4/0x120 [ 192.160925] iommufd_test+0x3e5/0x37e0 [ 192.161372] ? lock_release+0x532/0x770 [ 192.161841] ? __might_fault+0x102/0x1b0 [ 192.162314] ? lock_acquire+0x427/0x4c0 [ 192.162821] ? __pfx_iommufd_test+0x10/0x10 [ 192.163330] ? __pfx_lock_release+0x10/0x10 [ 192.163833] ? __pfx_lock_acquire+0x10/0x10 [ 192.164347] ? write_comp_data+0x2f/0x90 [ 192.164825] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.165386] ? write_comp_data+0x2f/0x90 [ 192.165863] iommufd_fops_ioctl+0x37d/0x510 [ 192.166360] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.166957] ? write_comp_data+0x2f/0x90 [ 192.167452] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.168009] __x64_sys_ioctl+0x1a3/0x230 [ 192.168490] do_syscall_64+0x3b/0x90 [ 192.168934] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.169538] RIP: 0033:0x7f4b8743ee5d [ 192.169959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.171996] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.172840] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.173628] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.174416] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.175244] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.176035] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.176839] [ 192.177106] irq event stamp: 0 [ 192.177464] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.178162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.179113] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.180043] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.180741] ---[ end trace 0000000000000000 ]--- [ 192.184860] ------------[ cut here ]------------ [ 192.185280] WARNING: CPU: 1 PID: 1825 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.186073] Modules linked in: [ 192.186325] CPU: 1 PID: 1825 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.187046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.187935] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.188322] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.189725] RSP: 0018:ffff88801638fbd0 EFLAGS: 00010246 [ 192.190136] RAX: 0000000000000000 RBX: ffff88802463f8a8 RCX: 0000000000000000 [ 192.190700] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 192.191253] RBP: ffff88801638fbe8 R08: ffffed10048c7f33 R09: ffffed10048c7f33 [ 192.191788] R10: ffff88802463f993 R11: ffffed10048c7f32 R12: ffff88800a727c00 [ 192.192325] R13: ffff88802463f9e8 R14: ffff888020929b00 R15: 0000000000000000 [ 192.192864] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.193467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.193903] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.194439] PKRU: 55555554 [ 192.194667] Call Trace: [ 192.194863] [ 192.195035] iommufd_access_destroy_object+0x65/0x170 [ 192.195446] iommufd_object_destroy_user+0x18e/0x220 [ 192.195835] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.196278] iommufd_access_destroy+0x43/0x70 [ 192.196630] iommufd_test_staccess_release+0x8d/0xd0 [ 192.197018] __fput+0x26d/0xa40 [ 192.197282] ____fput+0x1e/0x30 [ 192.197537] task_work_run+0x1a4/0x2d0 [ 192.197842] ? __pfx_task_work_run+0x10/0x10 [ 192.198182] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.198590] ? switch_task_namespaces+0xa9/0xe0 [ 192.198957] do_exit+0xb17/0x2ef0 [ 192.199231] ? lock_acquire+0x427/0x4c0 [ 192.199539] ? __pfx_lock_release+0x10/0x10 [ 192.199869] ? __kasan_check_write+0x18/0x20 [ 192.200201] ? do_raw_spin_lock+0x132/0x2a0 [ 192.200528] ? __pfx_do_exit+0x10/0x10 [ 192.200828] ? debug_smp_processor_id+0x20/0x30 [ 192.201179] ? rcu_is_watching+0x19/0xb0 [ 192.201484] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.201820] ? trace_hardirqs_on+0x26/0x120 [ 192.202144] do_group_exit+0xe0/0x2b0 [ 192.202424] __x64_sys_exit_group+0x47/0x50 [ 192.202759] do_syscall_64+0x3b/0x90 [ 192.203047] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.203451] RIP: 0033:0x7f4b87518a4d [ 192.203729] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.204187] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.204755] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.205281] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.205797] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.206313] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.206852] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.207378] [ 192.207550] irq event stamp: 0 [ 192.207783] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.208242] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.208847] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.209450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.209899] ---[ end trace 0000000000000000 ]--- [ 192.210563] ------------[ cut here ]------------ [ 192.210904] WARNING: CPU: 1 PID: 1825 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.211648] Modules linked in: [ 192.211880] CPU: 1 PID: 1825 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.212504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.213308] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.213679] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.214992] RSP: 0018:ffff88801638fb78 EFLAGS: 00010246 [ 192.215384] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.215890] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 192.216394] RBP: ffff88801638fb98 R08: ffffed10048c7f3e R09: ffffed10048c7f3e [ 192.216901] R10: ffff88802463f9ef R11: ffffed10048c7f3d R12: ffff88802463fa90 [ 192.217413] R13: ffff88802463f8a8 R14: ffffffffffffffff R15: ffff88801638fc60 [ 192.217920] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.218495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.218926] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.219447] PKRU: 55555554 [ 192.219653] Call Trace: [ 192.219838] [ 192.220001] iommufd_ioas_destroy+0x53/0x70 [ 192.220317] iommufd_fops_release+0x1f7/0x370 [ 192.220646] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.221012] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.221368] ? write_comp_data+0x2f/0x90 [ 192.221672] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.222035] __fput+0x26d/0xa40 [ 192.222286] ____fput+0x1e/0x30 [ 192.222545] task_work_run+0x1a4/0x2d0 [ 192.222839] ? __pfx_task_work_run+0x10/0x10 [ 192.223171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.223524] ? switch_task_namespaces+0xa9/0xe0 [ 192.223867] do_exit+0xb17/0x2ef0 [ 192.224118] ? lock_acquire+0x427/0x4c0 [ 192.224414] ? __pfx_lock_release+0x10/0x10 [ 192.224730] ? __kasan_check_write+0x18/0x20 [ 192.225050] ? do_raw_spin_lock+0x132/0x2a0 [ 192.225361] ? __pfx_do_exit+0x10/0x10 [ 192.225649] ? debug_smp_processor_id+0x20/0x30 [ 192.225984] ? rcu_is_watching+0x19/0xb0 [ 192.226279] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.226629] ? trace_hardirqs_on+0x26/0x120 [ 192.226948] do_group_exit+0xe0/0x2b0 [ 192.227234] __x64_sys_exit_group+0x47/0x50 [ 192.227542] do_syscall_64+0x3b/0x90 [ 192.227817] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.228194] RIP: 0033:0x7f4b87518a4d [ 192.228461] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.228899] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.229439] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.229946] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.230456] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.230981] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.231499] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.232013] [ 192.232180] irq event stamp: 0 [ 192.232407] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.232856] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.233466] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.234065] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.234534] ---[ end trace 0000000000000000 ]--- [ 192.238827] ------------[ cut here ]------------ [ 192.239201] WARNING: CPU: 1 PID: 1826 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.239922] Modules linked in: [ 192.240155] CPU: 1 PID: 1826 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.240775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.241586] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.241940] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.243245] RSP: 0018:ffff888020f97bb8 EFLAGS: 00010246 [ 192.243617] RAX: 0000000000000000 RBX: ffff88800a7858a8 RCX: 0000000000000000 [ 192.244117] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 192.244621] RBP: ffff888020f97bd0 R08: ffffed10014f0b33 R09: ffffed10014f0b33 [ 192.245128] R10: ffff88800a785993 R11: ffffed10014f0b32 R12: ffff888014393800 [ 192.245639] R13: ffff88800a7859e8 R14: ffffffff8352e670 R15: ffff888020f97e68 [ 192.246134] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.246714] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.247128] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 192.247631] PKRU: 55555554 [ 192.247828] Call Trace: [ 192.248006] [ 192.248163] __iommufd_access_detach+0x1c2/0x2b0 [ 192.248506] iommufd_access_change_pt+0x149/0x270 [ 192.248848] iommufd_access_replace+0xb4/0x120 [ 192.249174] iommufd_test+0x3e5/0x37e0 [ 192.249446] ? lock_release+0x532/0x770 [ 192.249735] ? __might_fault+0x102/0x1b0 [ 192.250027] ? lock_acquire+0x427/0x4c0 [ 192.250318] ? __pfx_iommufd_test+0x10/0x10 [ 192.250633] ? __pfx_lock_release+0x10/0x10 [ 192.250945] ? __pfx_lock_acquire+0x10/0x10 [ 192.251264] ? write_comp_data+0x2f/0x90 [ 192.251560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.251907] ? write_comp_data+0x2f/0x90 [ 192.252199] iommufd_fops_ioctl+0x37d/0x510 [ 192.252505] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.252849] ? write_comp_data+0x2f/0x90 [ 192.253144] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.253488] __x64_sys_ioctl+0x1a3/0x230 [ 192.253788] do_syscall_64+0x3b/0x90 [ 192.254066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.254452] RIP: 0033:0x7f4b8743ee5d [ 192.254734] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.256014] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.256537] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.257028] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.257520] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.258007] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.258496] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.259013] [ 192.259190] irq event stamp: 0 [ 192.259409] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.259845] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.260426] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.261008] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.261449] ---[ end trace 0000000000000000 ]--- [ 192.264010] ------------[ cut here ]------------ [ 192.264356] WARNING: CPU: 1 PID: 1826 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.265064] Modules linked in: [ 192.265289] CPU: 1 PID: 1826 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.265903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.266892] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.267258] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.268532] RSP: 0018:ffff888020f97bd0 EFLAGS: 00010246 [ 192.268906] RAX: 0000000000000000 RBX: ffff88800a7858a8 RCX: 0000000000000000 [ 192.269402] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 192.269901] RBP: ffff888020f97be8 R08: ffffed10014f0b33 R09: ffffed10014f0b33 [ 192.270402] R10: ffff88800a785993 R11: ffffed10014f0b32 R12: ffff88801341c800 [ 192.270916] R13: ffff88800a7859e8 R14: ffff888012ba4d00 R15: 0000000000000000 [ 192.271428] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.271992] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.272398] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.272899] PKRU: 55555554 [ 192.273103] Call Trace: [ 192.273284] [ 192.273447] iommufd_access_destroy_object+0x65/0x170 [ 192.273815] iommufd_object_destroy_user+0x18e/0x220 [ 192.274181] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.274612] iommufd_access_destroy+0x43/0x70 [ 192.274951] iommufd_test_staccess_release+0x8d/0xd0 [ 192.275329] __fput+0x26d/0xa40 [ 192.275578] ____fput+0x1e/0x30 [ 192.275822] task_work_run+0x1a4/0x2d0 [ 192.276107] ? __pfx_task_work_run+0x10/0x10 [ 192.276431] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.276783] ? switch_task_namespaces+0xa9/0xe0 [ 192.277129] do_exit+0xb17/0x2ef0 [ 192.277378] ? lock_acquire+0x427/0x4c0 [ 192.277669] ? __pfx_lock_release+0x10/0x10 [ 192.277982] ? __kasan_check_write+0x18/0x20 [ 192.278298] ? do_raw_spin_lock+0x132/0x2a0 [ 192.278627] ? __pfx_do_exit+0x10/0x10 [ 192.278915] ? debug_smp_processor_id+0x20/0x30 [ 192.279257] ? rcu_is_watching+0x19/0xb0 [ 192.279550] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.279878] ? trace_hardirqs_on+0x26/0x120 [ 192.280192] do_group_exit+0xe0/0x2b0 [ 192.280466] __x64_sys_exit_group+0x47/0x50 [ 192.280775] do_syscall_64+0x3b/0x90 [ 192.281051] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.281425] RIP: 0033:0x7f4b87518a4d [ 192.281689] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.282122] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.282674] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.283181] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.283681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.284180] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.284681] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.285194] [ 192.285361] irq event stamp: 0 [ 192.285585] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.286027] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.286628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.287226] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.287677] ---[ end trace 0000000000000000 ]--- [ 192.288310] ------------[ cut here ]------------ [ 192.288642] WARNING: CPU: 1 PID: 1826 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.289363] Modules linked in: [ 192.289591] CPU: 1 PID: 1826 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.290208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.291017] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.291399] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.292681] RSP: 0018:ffff888020f97b78 EFLAGS: 00010246 [ 192.293057] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.293559] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 192.294059] RBP: ffff888020f97b98 R08: ffffed10014f0b3e R09: ffffed10014f0b3e [ 192.294578] R10: ffff88800a7859ef R11: ffffed10014f0b3d R12: ffff88800a785a90 [ 192.295089] R13: ffff88800a7858a8 R14: ffffffffffffffff R15: ffff888020f97c60 [ 192.295611] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.296536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.296954] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.297461] PKRU: 55555554 [ 192.297664] Call Trace: [ 192.297871] [ 192.298307] iommufd_ioas_destroy+0x53/0x70 [ 192.298650] iommufd_fops_release+0x1f7/0x370 [ 192.298977] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.299343] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.299713] ? write_comp_data+0x2f/0x90 [ 192.300080] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.300437] __fput+0x26d/0xa40 [ 192.300691] ____fput+0x1e/0x30 [ 192.300932] task_work_run+0x1a4/0x2d0 [ 192.301216] ? __pfx_task_work_run+0x10/0x10 [ 192.301539] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.301933] ? switch_task_namespaces+0xa9/0xe0 [ 192.302326] do_exit+0xb17/0x2ef0 [ 192.302605] ? lock_acquire+0x427/0x4c0 [ 192.302903] ? __pfx_lock_release+0x10/0x10 [ 192.303234] ? __kasan_check_write+0x18/0x20 [ 192.303560] ? do_raw_spin_lock+0x132/0x2a0 [ 192.303899] ? __pfx_do_exit+0x10/0x10 [ 192.304248] ? debug_smp_processor_id+0x20/0x30 [ 192.304595] ? rcu_is_watching+0x19/0xb0 [ 192.304896] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.305231] ? trace_hardirqs_on+0x26/0x120 [ 192.305572] do_group_exit+0xe0/0x2b0 [ 192.305934] __x64_sys_exit_group+0x47/0x50 [ 192.306251] do_syscall_64+0x3b/0x90 [ 192.306557] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.306945] RIP: 0033:0x7f4b87518a4d [ 192.307236] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.307702] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.308326] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.308846] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.309364] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.309973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.310496] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.311046] [ 192.311229] irq event stamp: 0 [ 192.311489] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.312022] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.312634] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.313295] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.313796] ---[ end trace 0000000000000000 ]--- [ 192.317449] ------------[ cut here ]------------ [ 192.317823] WARNING: CPU: 1 PID: 1827 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.318653] Modules linked in: [ 192.318933] CPU: 1 PID: 1827 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.319583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.320406] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.320824] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.322178] RSP: 0018:ffff88801876fbb8 EFLAGS: 00010246 [ 192.322652] RAX: 0000000000000000 RBX: ffff88800cb958a8 RCX: 0000000000000000 [ 192.323181] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 192.323702] RBP: ffff88801876fbd0 R08: ffffed1001972b33 R09: ffffed1001972b33 [ 192.324325] R10: ffff88800cb95993 R11: ffffed1001972b32 R12: ffff888012e96400 [ 192.324848] R13: ffff88800cb959e8 R14: ffffffff8352e670 R15: ffff88801876fe68 [ 192.325372] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.326068] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.326495] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 192.327040] PKRU: 55555554 [ 192.327265] Call Trace: [ 192.327488] [ 192.327713] __iommufd_access_detach+0x1c2/0x2b0 [ 192.328077] iommufd_access_change_pt+0x149/0x270 [ 192.328449] iommufd_access_replace+0xb4/0x120 [ 192.328801] iommufd_test+0x3e5/0x37e0 [ 192.329119] ? lock_release+0x532/0x770 [ 192.329483] ? __might_fault+0x102/0x1b0 [ 192.329794] ? lock_acquire+0x427/0x4c0 [ 192.330095] ? __pfx_iommufd_test+0x10/0x10 [ 192.330412] ? __pfx_lock_release+0x10/0x10 [ 192.330764] ? __pfx_lock_acquire+0x10/0x10 [ 192.331174] ? write_comp_data+0x2f/0x90 [ 192.331485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.331854] ? write_comp_data+0x2f/0x90 [ 192.332168] iommufd_fops_ioctl+0x37d/0x510 [ 192.332520] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.332938] ? write_comp_data+0x2f/0x90 [ 192.333247] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.333614] __x64_sys_ioctl+0x1a3/0x230 [ 192.333933] do_syscall_64+0x3b/0x90 [ 192.334263] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.334710] RIP: 0033:0x7f4b8743ee5d [ 192.334989] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.336431] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.336994] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.337519] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.338143] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.338677] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.339209] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.339838] [ 192.340013] irq event stamp: 0 [ 192.340246] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.340714] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.341435] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.342047] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.342528] ---[ end trace 0000000000000000 ]--- [ 192.346845] ------------[ cut here ]------------ [ 192.347304] WARNING: CPU: 1 PID: 1827 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.348056] Modules linked in: [ 192.348351] CPU: 1 PID: 1827 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.349072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.349910] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.350346] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.351848] RSP: 0018:ffff88801876fbd0 EFLAGS: 00010246 [ 192.352307] RAX: 0000000000000000 RBX: ffff88800cb958a8 RCX: 0000000000000000 [ 192.352908] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 192.353446] RBP: ffff88801876fbe8 R08: ffffed1001972b33 R09: ffffed1001972b33 [ 192.354034] R10: ffff88800cb95993 R11: ffffed1001972b32 R12: ffff888014390800 [ 192.354649] R13: ffff88800cb959e8 R14: ffff88802094e700 R15: 0000000000000000 [ 192.355189] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.355848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.356360] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 192.356905] PKRU: 55555554 [ 192.357121] Call Trace: [ 192.357318] [ 192.357514] iommufd_access_destroy_object+0x65/0x170 [ 192.357980] iommufd_object_destroy_user+0x18e/0x220 [ 192.358372] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.358825] iommufd_access_destroy+0x43/0x70 [ 192.359192] iommufd_test_staccess_release+0x8d/0xd0 [ 192.359687] __fput+0x26d/0xa40 [ 192.359952] ____fput+0x1e/0x30 [ 192.360215] task_work_run+0x1a4/0x2d0 [ 192.360524] ? __pfx_task_work_run+0x10/0x10 [ 192.360865] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.361290] ? switch_task_namespaces+0xa9/0xe0 [ 192.361695] do_exit+0xb17/0x2ef0 [ 192.361960] ? lock_acquire+0x427/0x4c0 [ 192.362276] ? __pfx_lock_release+0x10/0x10 [ 192.362622] ? __kasan_check_write+0x18/0x20 [ 192.363000] ? do_raw_spin_lock+0x132/0x2a0 [ 192.363425] ? __pfx_do_exit+0x10/0x10 [ 192.363765] ? debug_smp_processor_id+0x20/0x30 [ 192.364131] ? rcu_is_watching+0x19/0xb0 [ 192.364450] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.364865] ? trace_hardirqs_on+0x26/0x120 [ 192.365247] do_group_exit+0xe0/0x2b0 [ 192.365539] __x64_sys_exit_group+0x47/0x50 [ 192.365869] do_syscall_64+0x3b/0x90 [ 192.366164] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.366612] RIP: 0033:0x7f4b87518a4d [ 192.366947] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.367418] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.367994] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.368535] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.369080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.369622] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.370165] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.370746] [ 192.370932] irq event stamp: 0 [ 192.371189] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.371677] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.372324] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.372965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.373447] ---[ end trace 0000000000000000 ]--- [ 192.374218] ------------[ cut here ]------------ [ 192.374693] WARNING: CPU: 0 PID: 1827 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.375516] Modules linked in: [ 192.375771] CPU: 0 PID: 1827 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.376453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.377325] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.377729] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.379395] RSP: 0018:ffff88801876fb78 EFLAGS: 00010246 [ 192.379814] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.380369] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 192.380934] RBP: ffff88801876fb98 R08: ffffed1001972b3e R09: ffffed1001972b3e [ 192.381494] R10: ffff88800cb959ef R11: ffffed1001972b3d R12: ffff88800cb95a90 [ 192.382052] R13: ffff88800cb958a8 R14: ffffffffffffffff R15: ffff88801876fc60 [ 192.382631] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 192.383274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.383734] CR2: 00007f82e2bda000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 192.384291] PKRU: 55555554 [ 192.384509] Call Trace: [ 192.384710] [ 192.384890] iommufd_ioas_destroy+0x53/0x70 [ 192.385231] iommufd_fops_release+0x1f7/0x370 [ 192.385596] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.385994] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.386379] ? write_comp_data+0x2f/0x90 [ 192.386730] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.387134] __fput+0x26d/0xa40 [ 192.387410] ____fput+0x1e/0x30 [ 192.387675] task_work_run+0x1a4/0x2d0 [ 192.387991] ? __pfx_task_work_run+0x10/0x10 [ 192.388350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.388744] ? switch_task_namespaces+0xa9/0xe0 [ 192.389126] do_exit+0xb17/0x2ef0 [ 192.389406] ? lock_acquire+0x427/0x4c0 [ 192.389726] ? __pfx_lock_release+0x10/0x10 [ 192.390078] ? __kasan_check_write+0x18/0x20 [ 192.390435] ? do_raw_spin_lock+0x132/0x2a0 [ 192.390795] ? __pfx_do_exit+0x10/0x10 [ 192.391128] ? debug_smp_processor_id+0x20/0x30 [ 192.391506] ? rcu_is_watching+0x19/0xb0 [ 192.391833] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.392194] ? trace_hardirqs_on+0x26/0x120 [ 192.392543] do_group_exit+0xe0/0x2b0 [ 192.392846] __x64_sys_exit_group+0x47/0x50 [ 192.393185] do_syscall_64+0x3b/0x90 [ 192.393491] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.393912] RIP: 0033:0x7f4b87518a4d [ 192.394208] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.394715] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.395338] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.395894] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.396451] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.396997] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.397545] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.398105] [ 192.398294] irq event stamp: 0 [ 192.398580] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.399078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.399738] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.400397] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.400897] ---[ end trace 0000000000000000 ]--- [ 192.405167] ------------[ cut here ]------------ [ 192.405580] WARNING: CPU: 1 PID: 1828 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.406363] Modules linked in: [ 192.406663] CPU: 1 PID: 1828 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.407360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.408224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.408611] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.410013] RSP: 0018:ffff888020f97bb8 EFLAGS: 00010246 [ 192.410424] RAX: 0000000000000000 RBX: ffff888015e728a8 RCX: 0000000000000000 [ 192.410991] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 192.411550] RBP: ffff888020f97bd0 R08: ffffed1002bce533 R09: ffffed1002bce533 [ 192.412103] R10: ffff888015e72993 R11: ffffed1002bce532 R12: ffff88801880bc00 [ 192.412652] R13: ffff888015e729e8 R14: ffffffff8352e670 R15: ffff888020f97e68 [ 192.413208] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.413825] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.414277] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 192.414850] PKRU: 55555554 [ 192.415092] Call Trace: [ 192.415305] [ 192.415481] __iommufd_access_detach+0x1c2/0x2b0 [ 192.415870] iommufd_access_change_pt+0x149/0x270 [ 192.416257] iommufd_access_replace+0xb4/0x120 [ 192.416640] iommufd_test+0x3e5/0x37e0 [ 192.416945] ? lock_release+0x532/0x770 [ 192.417269] ? __might_fault+0x102/0x1b0 [ 192.417595] ? lock_acquire+0x427/0x4c0 [ 192.417917] ? __pfx_iommufd_test+0x10/0x10 [ 192.418256] ? __pfx_lock_release+0x10/0x10 [ 192.418634] ? __pfx_lock_acquire+0x10/0x10 [ 192.418999] ? write_comp_data+0x2f/0x90 [ 192.419359] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.419753] ? write_comp_data+0x2f/0x90 [ 192.420086] iommufd_fops_ioctl+0x37d/0x510 [ 192.420435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.420830] ? write_comp_data+0x2f/0x90 [ 192.421157] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.421541] __x64_sys_ioctl+0x1a3/0x230 [ 192.421875] do_syscall_64+0x3b/0x90 [ 192.422178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.422606] RIP: 0033:0x7f4b8743ee5d [ 192.422908] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.424345] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.424942] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.425497] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.426045] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.426624] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.426704] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 192.427186] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.428801] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 192.429321] [ 192.430616] irq event stamp: 0 [ 192.430871] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.431386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.432062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.432748] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.433269] ---[ end trace 0000000000000000 ]--- [ 192.436104] ------------[ cut here ]------------ [ 192.436521] WARNING: CPU: 1 PID: 1828 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.437327] Modules linked in: [ 192.437590] CPU: 1 PID: 1828 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.438296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.439231] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.439639] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.441085] RSP: 0018:ffff888020f97bd0 EFLAGS: 00010246 [ 192.441516] RAX: 0000000000000000 RBX: ffff888015e728a8 RCX: 0000000000000000 [ 192.442097] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 192.442687] RBP: ffff888020f97be8 R08: ffffed1002bce533 R09: ffffed1002bce533 [ 192.443280] R10: ffff888015e72993 R11: ffffed1002bce532 R12: ffff888012e94400 [ 192.443863] R13: ffff888015e729e8 R14: ffff88800efec200 R15: 0000000000000000 [ 192.444443] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.445103] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.445585] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.446175] PKRU: 55555554 [ 192.446416] Call Trace: [ 192.446648] [ 192.446835] iommufd_access_destroy_object+0x65/0x170 [ 192.447278] iommufd_object_destroy_user+0x18e/0x220 [ 192.447704] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.448205] iommufd_access_destroy+0x43/0x70 [ 192.448606] iommufd_test_staccess_release+0x8d/0xd0 [ 192.449047] __fput+0x26d/0xa40 [ 192.449349] ____fput+0x1e/0x30 [ 192.449641] task_work_run+0x1a4/0x2d0 [ 192.449986] ? __pfx_task_work_run+0x10/0x10 [ 192.450372] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.450842] ? switch_task_namespaces+0xa9/0xe0 [ 192.451273] do_exit+0xb17/0x2ef0 [ 192.451582] ? lock_acquire+0x427/0x4c0 [ 192.451939] ? __pfx_lock_release+0x10/0x10 [ 192.452324] ? __kasan_check_write+0x18/0x20 [ 192.452711] ? do_raw_spin_lock+0x132/0x2a0 [ 192.453085] ? __pfx_do_exit+0x10/0x10 [ 192.453436] ? debug_smp_processor_id+0x20/0x30 [ 192.453852] ? rcu_is_watching+0x19/0xb0 [ 192.454210] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.454634] ? trace_hardirqs_on+0x26/0x120 [ 192.455031] do_group_exit+0xe0/0x2b0 [ 192.455393] __x64_sys_exit_group+0x47/0x50 [ 192.455773] do_syscall_64+0x3b/0x90 [ 192.456111] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.456571] RIP: 0033:0x7f4b87518a4d [ 192.456898] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.457430] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.458089] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.458733] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.459366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.459990] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.460623] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.461470] [ 192.461687] irq event stamp: 0 [ 192.461969] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.462555] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.463300] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.464040] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.464592] ---[ end trace 0000000000000000 ]--- [ 192.465367] ------------[ cut here ]------------ [ 192.465806] WARNING: CPU: 1 PID: 1828 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.466793] Modules linked in: [ 192.467099] CPU: 1 PID: 1828 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.468117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.469163] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.469648] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.471566] RSP: 0018:ffff888020f97b78 EFLAGS: 00010246 [ 192.472069] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.472737] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 192.473397] RBP: ffff888020f97b98 R08: ffffed1002bce53e R09: ffffed1002bce53e [ 192.474051] R10: ffff888015e729ef R11: ffffed1002bce53d R12: ffff888015e72a90 [ 192.474835] R13: ffff888015e728a8 R14: ffffffffffffffff R15: ffff888020f97c60 [ 192.475645] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.476398] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.476942] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.477623] PKRU: 55555554 [ 192.477896] Call Trace: [ 192.478144] [ 192.478363] iommufd_ioas_destroy+0x53/0x70 [ 192.478835] iommufd_fops_release+0x1f7/0x370 [ 192.479284] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.479770] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.480340] ? write_comp_data+0x2f/0x90 [ 192.480832] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.481316] __fput+0x26d/0xa40 [ 192.481647] ____fput+0x1e/0x30 [ 192.481969] task_work_run+0x1a4/0x2d0 [ 192.482346] ? __pfx_task_work_run+0x10/0x10 [ 192.482797] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.483284] ? switch_task_namespaces+0xa9/0xe0 [ 192.483740] do_exit+0xb17/0x2ef0 [ 192.484092] ? lock_acquire+0x427/0x4c0 [ 192.484520] ? __pfx_lock_release+0x10/0x10 [ 192.484970] ? __kasan_check_write+0x18/0x20 [ 192.485560] ? do_raw_spin_lock+0x132/0x2a0 [ 192.486131] ? __pfx_do_exit+0x10/0x10 [ 192.486573] ? debug_smp_processor_id+0x20/0x30 [ 192.487053] ? rcu_is_watching+0x19/0xb0 [ 192.487496] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.487972] ? trace_hardirqs_on+0x26/0x120 [ 192.488423] do_group_exit+0xe0/0x2b0 [ 192.488815] __x64_sys_exit_group+0x47/0x50 [ 192.489258] do_syscall_64+0x3b/0x90 [ 192.489665] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.490220] RIP: 0033:0x7f4b87518a4d [ 192.490643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.491295] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.492092] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.493081] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.493813] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.494577] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.495470] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.496332] [ 192.496582] irq event stamp: 0 [ 192.496909] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.497567] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.498674] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.499552] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.500205] ---[ end trace 0000000000000000 ]--- [ 192.504674] ------------[ cut here ]------------ [ 192.505283] WARNING: CPU: 1 PID: 1830 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.506463] Modules linked in: [ 192.506838] CPU: 1 PID: 1830 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.507813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.509114] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.509635] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.511853] RSP: 0018:ffff88800f7f7bb8 EFLAGS: 00010246 [ 192.512408] RAX: 0000000000000000 RBX: ffff8880164de0a8 RCX: 0000000000000000 [ 192.513265] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 192.514110] RBP: ffff88800f7f7bd0 R08: ffffed1002c9bc33 R09: ffffed1002c9bc33 [ 192.514876] R10: ffff8880164de193 R11: ffffed1002c9bc32 R12: ffff8880129cac00 [ 192.515643] R13: ffff8880164de1e8 R14: ffffffff8352e670 R15: ffff88800f7f7e68 [ 192.516567] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.517391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.518034] CR2: 00007f4b877410e8 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 192.519001] PKRU: 55555554 [ 192.519332] Call Trace: [ 192.519603] [ 192.519845] __iommufd_access_detach+0x1c2/0x2b0 [ 192.520356] iommufd_access_change_pt+0x149/0x270 [ 192.520961] iommufd_access_replace+0xb4/0x120 [ 192.521567] iommufd_test+0x3e5/0x37e0 [ 192.521974] ? lock_release+0x532/0x770 [ 192.522911] ? __might_fault+0x102/0x1b0 [ 192.523376] ? lock_acquire+0x427/0x4c0 [ 192.524025] ? __pfx_iommufd_test+0x10/0x10 [ 192.524487] ? __pfx_lock_release+0x10/0x10 [ 192.524953] ? __pfx_lock_acquire+0x10/0x10 [ 192.525425] ? write_comp_data+0x2f/0x90 [ 192.525900] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.526621] ? write_comp_data+0x2f/0x90 [ 192.527066] iommufd_fops_ioctl+0x37d/0x510 [ 192.527559] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.528085] ? write_comp_data+0x2f/0x90 [ 192.528535] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.529262] __x64_sys_ioctl+0x1a3/0x230 [ 192.529717] do_syscall_64+0x3b/0x90 [ 192.530119] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.530705] RIP: 0033:0x7f4b8743ee5d [ 192.531126] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.533804] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.535325] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.536290] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.537486] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.538438] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.539632] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.540709] [ 192.541050] irq event stamp: 0 [ 192.541481] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.542615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.543771] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.545210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.546058] ---[ end trace 0000000000000000 ]--- [ 192.552013] ------------[ cut here ]------------ [ 192.552710] WARNING: CPU: 1 PID: 1830 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.554434] Modules linked in: [ 192.554981] CPU: 1 PID: 1830 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.556454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.557931] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.558863] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.561485] RSP: 0018:ffff88800f7f7bd0 EFLAGS: 00010246 [ 192.562211] RAX: 0000000000000000 RBX: ffff8880164de0a8 RCX: 0000000000000000 [ 192.563278] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 192.564309] RBP: ffff88800f7f7be8 R08: ffffed1002c9bc33 R09: ffffed1002c9bc33 [ 192.565259] R10: ffff8880164de193 R11: ffffed1002c9bc32 R12: ffff88800b9b7c00 [ 192.566400] R13: ffff8880164de1e8 R14: ffff888014951600 R15: 0000000000000000 [ 192.567472] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.568607] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.569493] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 192.570446] PKRU: 55555554 [ 192.570903] Call Trace: [ 192.571301] [ 192.571624] iommufd_access_destroy_object+0x65/0x170 [ 192.572334] iommufd_object_destroy_user+0x18e/0x220 [ 192.573040] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.573828] iommufd_access_destroy+0x43/0x70 [ 192.574458] iommufd_test_staccess_release+0x8d/0xd0 [ 192.575260] __fput+0x26d/0xa40 [ 192.575731] ____fput+0x1e/0x30 [ 192.576183] task_work_run+0x1a4/0x2d0 [ 192.576718] ? __pfx_task_work_run+0x10/0x10 [ 192.577317] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.577992] ? switch_task_namespaces+0xa9/0xe0 [ 192.578711] do_exit+0xb17/0x2ef0 [ 192.579235] ? lock_acquire+0x427/0x4c0 [ 192.579802] ? __pfx_lock_release+0x10/0x10 [ 192.580402] ? __kasan_check_write+0x18/0x20 [ 192.581017] ? do_raw_spin_lock+0x132/0x2a0 [ 192.581607] ? __pfx_do_exit+0x10/0x10 [ 192.582144] ? debug_smp_processor_id+0x20/0x30 [ 192.582821] ? rcu_is_watching+0x19/0xb0 [ 192.583402] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.584020] ? trace_hardirqs_on+0x26/0x120 [ 192.584621] do_group_exit+0xe0/0x2b0 [ 192.585147] __x64_sys_exit_group+0x47/0x50 [ 192.585739] do_syscall_64+0x3b/0x90 [ 192.586273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.587047] RIP: 0033:0x7f4b87518a4d [ 192.587580] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.588400] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.589410] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.590353] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.591368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.592321] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.593238] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.594211] [ 192.594602] irq event stamp: 0 [ 192.595037] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.595886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.596781] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.597646] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.598313] ---[ end trace 0000000000000000 ]--- [ 192.599766] ------------[ cut here ]------------ [ 192.600469] WARNING: CPU: 1 PID: 1830 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.601849] Modules linked in: [ 192.602293] CPU: 1 PID: 1830 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.603593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.605132] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.605844] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.608373] RSP: 0018:ffff88800f7f7b78 EFLAGS: 00010246 [ 192.609115] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.610079] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 192.611193] RBP: ffff88800f7f7b98 R08: ffffed1002c9bc3e R09: ffffed1002c9bc3e [ 192.612496] R10: ffff8880164de1ef R11: ffffed1002c9bc3d R12: ffff8880164de290 [ 192.613445] R13: ffff8880164de0a8 R14: ffffffffffffffff R15: ffff88800f7f7c60 [ 192.614414] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.615593] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.616369] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 192.617313] PKRU: 55555554 [ 192.617694] Call Trace: [ 192.618039] [ 192.618351] iommufd_ioas_destroy+0x53/0x70 [ 192.618998] iommufd_fops_release+0x1f7/0x370 [ 192.619646] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.620322] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.620981] ? write_comp_data+0x2f/0x90 [ 192.621538] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.622230] __fput+0x26d/0xa40 [ 192.622764] ____fput+0x1e/0x30 [ 192.623274] task_work_run+0x1a4/0x2d0 [ 192.623819] ? __pfx_task_work_run+0x10/0x10 [ 192.624405] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.625059] ? switch_task_namespaces+0xa9/0xe0 [ 192.625697] do_exit+0xb17/0x2ef0 [ 192.626162] ? lock_acquire+0x427/0x4c0 [ 192.626771] ? __pfx_lock_release+0x10/0x10 [ 192.627375] ? __kasan_check_write+0x18/0x20 [ 192.627973] ? do_raw_spin_lock+0x132/0x2a0 [ 192.628552] ? __pfx_do_exit+0x10/0x10 [ 192.629084] ? debug_smp_processor_id+0x20/0x30 [ 192.629707] ? rcu_is_watching+0x19/0xb0 [ 192.630252] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.630913] ? trace_hardirqs_on+0x26/0x120 [ 192.631526] do_group_exit+0xe0/0x2b0 [ 192.632040] __x64_sys_exit_group+0x47/0x50 [ 192.632609] do_syscall_64+0x3b/0x90 [ 192.633122] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.633818] RIP: 0033:0x7f4b87518a4d [ 192.634312] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.635198] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.636221] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.637186] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.638116] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.639101] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.640074] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.640997] [ 192.641314] irq event stamp: 0 [ 192.641732] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.642605] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.643741] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.644820] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.645643] ---[ end trace 0000000000000000 ]--- [ 192.653607] ------------[ cut here ]------------ [ 192.654294] WARNING: CPU: 1 PID: 1831 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.655711] Modules linked in: [ 192.656147] CPU: 1 PID: 1831 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.657276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.658765] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.659458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.661833] RSP: 0018:ffff8880100efbb8 EFLAGS: 00010246 [ 192.662596] RAX: 0000000000000000 RBX: ffff88801419d8a8 RCX: 0000000000000000 [ 192.663557] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 192.664489] RBP: ffff8880100efbd0 R08: ffffed1002833b33 R09: ffffed1002833b33 [ 192.665426] R10: ffff88801419d993 R11: ffffed1002833b32 R12: ffff888013b17400 [ 192.666360] R13: ffff88801419d9e8 R14: ffffffff8352e670 R15: ffff8880100efe68 [ 192.667360] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.668421] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.669190] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 192.670132] PKRU: 55555554 [ 192.670564] Call Trace: [ 192.670912] [ 192.671247] __iommufd_access_detach+0x1c2/0x2b0 [ 192.671900] iommufd_access_change_pt+0x149/0x270 [ 192.672559] iommufd_access_replace+0xb4/0x120 [ 192.673187] iommufd_test+0x3e5/0x37e0 [ 192.673705] ? lock_release+0x532/0x770 [ 192.674249] ? __might_fault+0x102/0x1b0 [ 192.674858] ? lock_acquire+0x427/0x4c0 [ 192.675435] ? __pfx_iommufd_test+0x10/0x10 [ 192.676006] ? __pfx_lock_release+0x10/0x10 [ 192.676590] ? __pfx_lock_acquire+0x10/0x10 [ 192.677176] ? write_comp_data+0x2f/0x90 [ 192.677730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.678381] ? write_comp_data+0x2f/0x90 [ 192.678990] iommufd_fops_ioctl+0x37d/0x510 [ 192.679601] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.680262] ? write_comp_data+0x2f/0x90 [ 192.680905] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.681809] __x64_sys_ioctl+0x1a3/0x230 [ 192.682374] do_syscall_64+0x3b/0x90 [ 192.682942] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.683673] RIP: 0033:0x7f4b8743ee5d [ 192.684432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.687067] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.688097] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.689083] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.690107] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.691082] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.692217] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.693176] [ 192.693499] irq event stamp: 0 [ 192.694088] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.694960] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.696139] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.697327] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.698161] ---[ end trace 0000000000000000 ]--- [ 192.702794] ------------[ cut here ]------------ [ 192.703524] WARNING: CPU: 1 PID: 1831 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.704554] Modules linked in: [ 192.704912] CPU: 1 PID: 1831 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.705985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.707186] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.707801] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.709903] RSP: 0018:ffff8880100efbd0 EFLAGS: 00010246 [ 192.710577] RAX: 0000000000000000 RBX: ffff88801419d8a8 RCX: 0000000000000000 [ 192.711315] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 192.712040] RBP: ffff8880100efbe8 R08: ffffed1002833b33 R09: ffffed1002833b33 [ 192.712919] R10: ffff88801419d993 R11: ffffed1002833b32 R12: ffff8880129ca000 [ 192.713648] R13: ffff88801419d9e8 R14: ffff888012de2000 R15: 0000000000000000 [ 192.714422] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.715445] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.716052] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 192.716821] PKRU: 55555554 [ 192.717145] Call Trace: [ 192.717515] [ 192.717746] iommufd_access_destroy_object+0x65/0x170 [ 192.718297] iommufd_object_destroy_user+0x18e/0x220 [ 192.718847] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.719486] iommufd_access_destroy+0x43/0x70 [ 192.719954] iommufd_test_staccess_release+0x8d/0xd0 [ 192.720485] __fput+0x26d/0xa40 [ 192.720832] ____fput+0x1e/0x30 [ 192.721176] task_work_run+0x1a4/0x2d0 [ 192.721585] ? __pfx_task_work_run+0x10/0x10 [ 192.722033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.722563] ? switch_task_namespaces+0xa9/0xe0 [ 192.723044] do_exit+0xb17/0x2ef0 [ 192.723409] ? lock_acquire+0x427/0x4c0 [ 192.723828] ? __pfx_lock_release+0x10/0x10 [ 192.724269] ? __kasan_check_write+0x18/0x20 [ 192.724753] ? do_raw_spin_lock+0x132/0x2a0 [ 192.725188] ? __pfx_do_exit+0x10/0x10 [ 192.725602] ? debug_smp_processor_id+0x20/0x30 [ 192.726082] ? rcu_is_watching+0x19/0xb0 [ 192.726492] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.726987] ? trace_hardirqs_on+0x26/0x120 [ 192.727426] do_group_exit+0xe0/0x2b0 [ 192.727796] __x64_sys_exit_group+0x47/0x50 [ 192.728198] do_syscall_64+0x3b/0x90 [ 192.728555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.729056] RIP: 0033:0x7f4b87518a4d [ 192.729403] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.729976] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.730703] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.731385] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.732045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.732712] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.733386] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.734054] [ 192.734272] irq event stamp: 0 [ 192.734603] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.735212] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.735993] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.736774] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.737356] ---[ end trace 0000000000000000 ]--- [ 192.738182] ------------[ cut here ]------------ [ 192.738696] WARNING: CPU: 1 PID: 1831 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.739673] Modules linked in: [ 192.740001] CPU: 1 PID: 1831 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.740799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.741822] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.742299] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.744246] RSP: 0018:ffff8880100efb78 EFLAGS: 00010246 [ 192.744740] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.745403] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 192.746044] RBP: ffff8880100efb98 R08: ffffed1002833b3e R09: ffffed1002833b3e [ 192.746728] R10: ffff88801419d9ef R11: ffffed1002833b3d R12: ffff88801419da90 [ 192.747391] R13: ffff88801419d8a8 R14: ffffffffffffffff R15: ffff8880100efc60 [ 192.748041] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.748759] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.749265] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 192.749893] PKRU: 55555554 [ 192.750140] Call Trace: [ 192.750361] [ 192.750577] iommufd_ioas_destroy+0x53/0x70 [ 192.750971] iommufd_fops_release+0x1f7/0x370 [ 192.751382] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.751829] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.752255] ? write_comp_data+0x2f/0x90 [ 192.752615] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.753068] __fput+0x26d/0xa40 [ 192.753372] ____fput+0x1e/0x30 [ 192.753668] task_work_run+0x1a4/0x2d0 [ 192.754026] ? __pfx_task_work_run+0x10/0x10 [ 192.754411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.754861] ? switch_task_namespaces+0xa9/0xe0 [ 192.755304] do_exit+0xb17/0x2ef0 [ 192.755612] ? lock_acquire+0x427/0x4c0 [ 192.755964] ? __pfx_lock_release+0x10/0x10 [ 192.756363] ? __kasan_check_write+0x18/0x20 [ 192.756758] ? do_raw_spin_lock+0x132/0x2a0 [ 192.757137] ? __pfx_do_exit+0x10/0x10 [ 192.757495] ? debug_smp_processor_id+0x20/0x30 [ 192.757903] ? rcu_is_watching+0x19/0xb0 [ 192.758268] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.758697] ? trace_hardirqs_on+0x26/0x120 [ 192.759083] do_group_exit+0xe0/0x2b0 [ 192.759436] __x64_sys_exit_group+0x47/0x50 [ 192.759811] do_syscall_64+0x3b/0x90 [ 192.760145] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.760616] RIP: 0033:0x7f4b87518a4d [ 192.760941] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.761466] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.762139] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.762787] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.763404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.764029] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.764639] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.765270] [ 192.765478] irq event stamp: 0 [ 192.765750] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.766298] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.767053] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.767801] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.768355] ---[ end trace 0000000000000000 ]--- [ 192.773154] ------------[ cut here ]------------ [ 192.773616] WARNING: CPU: 1 PID: 1832 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.774481] Modules linked in: [ 192.774831] CPU: 1 PID: 1832 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.775591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.776550] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.776966] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.778443] RSP: 0018:ffff88801608fbb8 EFLAGS: 00010246 [ 192.778892] RAX: 0000000000000000 RBX: ffff88800cbb58a8 RCX: 0000000000000000 [ 192.779488] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 192.780075] RBP: ffff88801608fbd0 R08: ffffed1001976b33 R09: ffffed1001976b33 [ 192.780650] R10: ffff88800cbb5993 R11: ffffed1001976b32 R12: ffff888014582000 [ 192.781239] R13: ffff88800cbb59e8 R14: ffffffff8352e670 R15: ffff88801608fe68 [ 192.781811] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.782473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.782959] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 192.783559] PKRU: 55555554 [ 192.783789] Call Trace: [ 192.783997] [ 192.784181] __iommufd_access_detach+0x1c2/0x2b0 [ 192.784595] iommufd_access_change_pt+0x149/0x270 [ 192.784997] iommufd_access_replace+0xb4/0x120 [ 192.785379] iommufd_test+0x3e5/0x37e0 [ 192.785719] ? lock_release+0x532/0x770 [ 192.786051] ? __might_fault+0x102/0x1b0 [ 192.786389] ? lock_acquire+0x427/0x4c0 [ 192.786756] ? __pfx_iommufd_test+0x10/0x10 [ 192.787111] ? __pfx_lock_release+0x10/0x10 [ 192.787481] ? __pfx_lock_acquire+0x10/0x10 [ 192.787855] ? write_comp_data+0x2f/0x90 [ 192.788204] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.788605] ? write_comp_data+0x2f/0x90 [ 192.788962] iommufd_fops_ioctl+0x37d/0x510 [ 192.789322] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.789723] ? write_comp_data+0x2f/0x90 [ 192.790073] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.790475] __x64_sys_ioctl+0x1a3/0x230 [ 192.790839] do_syscall_64+0x3b/0x90 [ 192.791172] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.791602] RIP: 0033:0x7f4b8743ee5d [ 192.791908] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.793402] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.794016] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.794637] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.795239] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.795815] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.796400] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.797008] [ 192.797202] irq event stamp: 0 [ 192.797497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.798003] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.798714] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.799400] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.799921] ---[ end trace 0000000000000000 ]--- [ 192.802726] ------------[ cut here ]------------ [ 192.803161] WARNING: CPU: 1 PID: 1832 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.803998] Modules linked in: [ 192.804262] CPU: 1 PID: 1832 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.804965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.805890] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.806304] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.807812] RSP: 0018:ffff88801608fbd0 EFLAGS: 00010246 [ 192.808248] RAX: 0000000000000000 RBX: ffff88800cbb58a8 RCX: 0000000000000000 [ 192.808835] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 192.809423] RBP: ffff88801608fbe8 R08: ffffed1001976b33 R09: ffffed1001976b33 [ 192.809997] R10: ffff88800cbb5993 R11: ffffed1001976b32 R12: ffff888013b15000 [ 192.810598] R13: ffff88800cbb59e8 R14: ffff888013596200 R15: 0000000000000000 [ 192.811181] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.811861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.812332] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.812926] PKRU: 55555554 [ 192.813157] Call Trace: [ 192.813365] [ 192.813550] iommufd_access_destroy_object+0x65/0x170 [ 192.813986] iommufd_object_destroy_user+0x18e/0x220 [ 192.814407] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.814916] iommufd_access_destroy+0x43/0x70 [ 192.815305] iommufd_test_staccess_release+0x8d/0xd0 [ 192.815731] __fput+0x26d/0xa40 [ 192.816027] ____fput+0x1e/0x30 [ 192.816306] task_work_run+0x1a4/0x2d0 [ 192.816633] ? __pfx_task_work_run+0x10/0x10 [ 192.817019] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.817420] ? switch_task_namespaces+0xa9/0xe0 [ 192.817809] do_exit+0xb17/0x2ef0 [ 192.818104] ? lock_acquire+0x427/0x4c0 [ 192.818438] ? __pfx_lock_release+0x10/0x10 [ 192.818817] ? __kasan_check_write+0x18/0x20 [ 192.819202] ? do_raw_spin_lock+0x132/0x2a0 [ 192.819560] ? __pfx_do_exit+0x10/0x10 [ 192.819889] ? debug_smp_processor_id+0x20/0x30 [ 192.820281] ? rcu_is_watching+0x19/0xb0 [ 192.820615] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.820989] ? trace_hardirqs_on+0x26/0x120 [ 192.821358] do_group_exit+0xe0/0x2b0 [ 192.821671] __x64_sys_exit_group+0x47/0x50 [ 192.822023] do_syscall_64+0x3b/0x90 [ 192.822342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.822792] RIP: 0033:0x7f4b87518a4d [ 192.823097] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.823614] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.824223] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.824811] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.825396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.825988] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.826581] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.827189] [ 192.827382] irq event stamp: 0 [ 192.827637] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.828156] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.828816] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.829480] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.829984] ---[ end trace 0000000000000000 ]--- [ 192.830714] ------------[ cut here ]------------ [ 192.831100] WARNING: CPU: 1 PID: 1832 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.831905] Modules linked in: [ 192.832170] CPU: 1 PID: 1832 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.832853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.833747] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.834155] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.835626] RSP: 0018:ffff88801608fb78 EFLAGS: 00010246 [ 192.836042] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.836605] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 192.837149] RBP: ffff88801608fb98 R08: ffffed1001976b3e R09: ffffed1001976b3e [ 192.837710] R10: ffff88800cbb59ef R11: ffffed1001976b3d R12: ffff88800cbb5a90 [ 192.838256] R13: ffff88800cbb58a8 R14: ffffffffffffffff R15: ffff88801608fc60 [ 192.838832] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.839463] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.839918] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.840462] PKRU: 55555554 [ 192.840680] Call Trace: [ 192.840891] [ 192.841074] iommufd_ioas_destroy+0x53/0x70 [ 192.841415] iommufd_fops_release+0x1f7/0x370 [ 192.841771] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.842175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.842576] ? write_comp_data+0x2f/0x90 [ 192.842909] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.843311] __fput+0x26d/0xa40 [ 192.843584] ____fput+0x1e/0x30 [ 192.843851] task_work_run+0x1a4/0x2d0 [ 192.844174] ? __pfx_task_work_run+0x10/0x10 [ 192.844524] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.844906] ? switch_task_namespaces+0xa9/0xe0 [ 192.845290] do_exit+0xb17/0x2ef0 [ 192.845563] ? lock_acquire+0x427/0x4c0 [ 192.845879] ? __pfx_lock_release+0x10/0x10 [ 192.846233] ? __kasan_check_write+0x18/0x20 [ 192.846608] ? do_raw_spin_lock+0x132/0x2a0 [ 192.846949] ? __pfx_do_exit+0x10/0x10 [ 192.847282] ? debug_smp_processor_id+0x20/0x30 [ 192.847648] ? rcu_is_watching+0x19/0xb0 [ 192.847967] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.848335] ? trace_hardirqs_on+0x26/0x120 [ 192.848675] do_group_exit+0xe0/0x2b0 [ 192.848970] __x64_sys_exit_group+0x47/0x50 [ 192.849306] do_syscall_64+0x3b/0x90 [ 192.849620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.850026] RIP: 0033:0x7f4b87518a4d [ 192.850316] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.850813] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.851408] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.851965] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.852513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.853067] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.853609] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.854171] [ 192.854351] irq event stamp: 0 [ 192.854609] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.855103] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.855754] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.856403] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.856883] ---[ end trace 0000000000000000 ]--- [ 192.860922] ------------[ cut here ]------------ [ 192.861319] WARNING: CPU: 1 PID: 1833 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.862120] Modules linked in: [ 192.862366] CPU: 1 PID: 1833 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.863245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.864106] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.864480] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.865855] RSP: 0018:ffff88800fb6fbb8 EFLAGS: 00010246 [ 192.866252] RAX: 0000000000000000 RBX: ffff88800f3740a8 RCX: 0000000000000000 [ 192.866810] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 192.867356] RBP: ffff88800fb6fbd0 R08: ffffed1001e6e833 R09: ffffed1001e6e833 [ 192.867895] R10: ffff88800f374193 R11: ffffed1001e6e832 R12: ffff88801226ec00 [ 192.868426] R13: ffff88800f3741e8 R14: ffffffff8352e670 R15: ffff88800fb6fe68 [ 192.868966] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.869563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.870010] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 192.870553] PKRU: 55555554 [ 192.870767] Call Trace: [ 192.870959] [ 192.871145] __iommufd_access_detach+0x1c2/0x2b0 [ 192.871512] iommufd_access_change_pt+0x149/0x270 [ 192.871882] iommufd_access_replace+0xb4/0x120 [ 192.872245] iommufd_test+0x3e5/0x37e0 [ 192.872537] ? lock_release+0x532/0x770 [ 192.872843] ? __might_fault+0x102/0x1b0 [ 192.873154] ? lock_acquire+0x427/0x4c0 [ 192.873473] ? __pfx_iommufd_test+0x10/0x10 [ 192.873797] ? __pfx_lock_release+0x10/0x10 [ 192.874126] ? __pfx_lock_acquire+0x10/0x10 [ 192.874470] ? write_comp_data+0x2f/0x90 [ 192.874796] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.875172] ? write_comp_data+0x2f/0x90 [ 192.875498] iommufd_fops_ioctl+0x37d/0x510 [ 192.875829] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.876201] ? write_comp_data+0x2f/0x90 [ 192.876528] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.876896] __x64_sys_ioctl+0x1a3/0x230 [ 192.877211] do_syscall_64+0x3b/0x90 [ 192.877507] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.877905] RIP: 0033:0x7f4b8743ee5d [ 192.878184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.879569] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.880148] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.880683] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.881232] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.881760] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.882298] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.882846] [ 192.883032] irq event stamp: 0 [ 192.883271] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.883738] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.884363] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.884979] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.885452] ---[ end trace 0000000000000000 ]--- [ 192.888110] ------------[ cut here ]------------ [ 192.888512] WARNING: CPU: 1 PID: 1833 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.889253] Modules linked in: [ 192.889500] CPU: 1 PID: 1833 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.890140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.890987] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.891366] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.892724] RSP: 0018:ffff88800fb6fbd0 EFLAGS: 00010246 [ 192.893115] RAX: 0000000000000000 RBX: ffff88800f3740a8 RCX: 0000000000000000 [ 192.893638] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 192.894174] RBP: ffff88800fb6fbe8 R08: ffffed1001e6e833 R09: ffffed1001e6e833 [ 192.894724] R10: ffff88800f374193 R11: ffffed1001e6e832 R12: ffff888014582800 [ 192.895266] R13: ffff88800f3741e8 R14: ffff888010f6d100 R15: 0000000000000000 [ 192.895789] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.896391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.896824] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.897361] PKRU: 55555554 [ 192.897571] Call Trace: [ 192.897759] [ 192.897927] iommufd_access_destroy_object+0x65/0x170 [ 192.898322] iommufd_object_destroy_user+0x18e/0x220 [ 192.898717] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.899174] iommufd_access_destroy+0x43/0x70 [ 192.899514] iommufd_test_staccess_release+0x8d/0xd0 [ 192.899896] __fput+0x26d/0xa40 [ 192.900154] ____fput+0x1e/0x30 [ 192.900419] task_work_run+0x1a4/0x2d0 [ 192.900718] ? __pfx_task_work_run+0x10/0x10 [ 192.901052] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.901431] ? switch_task_namespaces+0xa9/0xe0 [ 192.901788] do_exit+0xb17/0x2ef0 [ 192.902046] ? lock_acquire+0x427/0x4c0 [ 192.902348] ? __pfx_lock_release+0x10/0x10 [ 192.902704] ? __kasan_check_write+0x18/0x20 [ 192.903038] ? do_raw_spin_lock+0x132/0x2a0 [ 192.903368] ? __pfx_do_exit+0x10/0x10 [ 192.903676] ? debug_smp_processor_id+0x20/0x30 [ 192.904025] ? rcu_is_watching+0x19/0xb0 [ 192.904328] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.904681] ? trace_hardirqs_on+0x26/0x120 [ 192.905009] do_group_exit+0xe0/0x2b0 [ 192.905295] __x64_sys_exit_group+0x47/0x50 [ 192.905621] do_syscall_64+0x3b/0x90 [ 192.905912] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.906302] RIP: 0033:0x7f4b87518a4d [ 192.906593] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.907071] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.907646] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.908185] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.908711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.909261] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.909786] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.910338] [ 192.910538] irq event stamp: 0 [ 192.910775] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.911263] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.911883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.912514] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.912980] ---[ end trace 0000000000000000 ]--- [ 192.913656] ------------[ cut here ]------------ [ 192.914005] WARNING: CPU: 1 PID: 1833 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 192.914797] Modules linked in: [ 192.915041] CPU: 1 PID: 1833 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.915720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.916563] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 192.916942] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 192.918288] RSP: 0018:ffff88800fb6fb78 EFLAGS: 00010246 [ 192.918710] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 192.919242] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 192.919779] RBP: ffff88800fb6fb98 R08: ffffed1001e6e83e R09: ffffed1001e6e83e [ 192.920318] R10: ffff88800f3741ef R11: ffffed1001e6e83d R12: ffff88800f374290 [ 192.920863] R13: ffff88800f3740a8 R14: ffffffffffffffff R15: ffff88800fb6fc60 [ 192.921390] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.921991] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.922418] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.922968] PKRU: 55555554 [ 192.923192] Call Trace: [ 192.923383] [ 192.923556] iommufd_ioas_destroy+0x53/0x70 [ 192.923883] iommufd_fops_release+0x1f7/0x370 [ 192.924233] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.924608] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.924980] ? write_comp_data+0x2f/0x90 [ 192.925302] ? __pfx_iommufd_fops_release+0x10/0x10 [ 192.925675] __fput+0x26d/0xa40 [ 192.925931] ____fput+0x1e/0x30 [ 192.926187] task_work_run+0x1a4/0x2d0 [ 192.926494] ? __pfx_task_work_run+0x10/0x10 [ 192.926848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.927222] ? switch_task_namespaces+0xa9/0xe0 [ 192.927596] do_exit+0xb17/0x2ef0 [ 192.927857] ? lock_acquire+0x427/0x4c0 [ 192.928161] ? __pfx_lock_release+0x10/0x10 [ 192.928502] ? __kasan_check_write+0x18/0x20 [ 192.928839] ? do_raw_spin_lock+0x132/0x2a0 [ 192.929161] ? __pfx_do_exit+0x10/0x10 [ 192.929470] ? debug_smp_processor_id+0x20/0x30 [ 192.929821] ? rcu_is_watching+0x19/0xb0 [ 192.930125] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.930472] ? trace_hardirqs_on+0x26/0x120 [ 192.930832] do_group_exit+0xe0/0x2b0 [ 192.931126] __x64_sys_exit_group+0x47/0x50 [ 192.931449] do_syscall_64+0x3b/0x90 [ 192.931749] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.932145] RIP: 0033:0x7f4b87518a4d [ 192.932427] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 192.932901] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 192.933465] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 192.934031] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 192.934577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 192.935124] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 192.935652] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 192.936200] [ 192.936379] irq event stamp: 0 [ 192.936647] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.937239] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.937864] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.938493] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.938983] ---[ end trace 0000000000000000 ]--- [ 192.942730] ------------[ cut here ]------------ [ 192.943125] WARNING: CPU: 1 PID: 1834 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.944002] Modules linked in: [ 192.944246] CPU: 1 PID: 1834 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.944925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.945780] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.946222] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.947714] RSP: 0018:ffff888024417bb8 EFLAGS: 00010246 [ 192.948147] RAX: 0000000000000000 RBX: ffff8880159d18a8 RCX: 0000000000000000 [ 192.948752] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 192.949359] RBP: ffff888024417bd0 R08: ffffed1002b3a333 R09: ffffed1002b3a333 [ 192.949906] R10: ffff8880159d1993 R11: ffffed1002b3a332 R12: ffff88801883c000 [ 192.950462] R13: ffff8880159d19e8 R14: ffffffff8352e670 R15: ffff888024417e68 [ 192.951054] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.951764] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.952214] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 192.952776] PKRU: 55555554 [ 192.952998] Call Trace: [ 192.953197] [ 192.953408] __iommufd_access_detach+0x1c2/0x2b0 [ 192.953853] iommufd_access_change_pt+0x149/0x270 [ 192.954245] iommufd_access_replace+0xb4/0x120 [ 192.954639] iommufd_test+0x3e5/0x37e0 [ 192.954964] ? lock_release+0x532/0x770 [ 192.955291] ? __might_fault+0x102/0x1b0 [ 192.955631] ? lock_acquire+0x427/0x4c0 [ 192.956048] ? __pfx_iommufd_test+0x10/0x10 [ 192.956391] ? __pfx_lock_release+0x10/0x10 [ 192.956756] ? __pfx_lock_acquire+0x10/0x10 [ 192.957105] ? write_comp_data+0x2f/0x90 [ 192.957435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.957897] ? write_comp_data+0x2f/0x90 [ 192.958275] iommufd_fops_ioctl+0x37d/0x510 [ 192.958643] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.959047] ? write_comp_data+0x2f/0x90 [ 192.959388] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 192.959832] __x64_sys_ioctl+0x1a3/0x230 [ 192.960232] do_syscall_64+0x3b/0x90 [ 192.960541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.960953] RIP: 0033:0x7f4b8743ee5d [ 192.961258] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 192.962806] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 192.963484] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 192.964145] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 192.964710] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 192.965282] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 192.965925] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 192.966499] [ 192.966711] irq event stamp: 0 [ 192.966959] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 192.967600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 192.968252] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 192.968930] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 192.969505] ---[ end trace 0000000000000000 ]--- [ 192.973953] ------------[ cut here ]------------ [ 192.974460] WARNING: CPU: 1 PID: 1834 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 192.975437] Modules linked in: [ 192.975703] CPU: 1 PID: 1834 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 192.976483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 192.977572] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 192.977983] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 192.979690] RSP: 0018:ffff888024417bd0 EFLAGS: 00010246 [ 192.980129] RAX: 0000000000000000 RBX: ffff8880159d18a8 RCX: 0000000000000000 [ 192.980784] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 192.981477] RBP: ffff888024417be8 R08: ffffed1002b3a333 R09: ffffed1002b3a333 [ 192.982068] R10: ffff8880159d1993 R11: ffffed1002b3a332 R12: ffff88801226f000 [ 192.982864] R13: ffff8880159d19e8 R14: ffff888018b86300 R15: 0000000000000000 [ 192.983452] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 192.984117] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.984662] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 192.985373] PKRU: 55555554 [ 192.985609] Call Trace: [ 192.985817] [ 192.986002] iommufd_access_destroy_object+0x65/0x170 [ 192.986531] iommufd_object_destroy_user+0x18e/0x220 [ 192.987086] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 192.987906] iommufd_access_destroy+0x43/0x70 [ 192.988602] iommufd_test_staccess_release+0x8d/0xd0 [ 192.989193] __fput+0x26d/0xa40 [ 192.989573] ____fput+0x1e/0x30 [ 192.989928] task_work_run+0x1a4/0x2d0 [ 192.990429] ? __pfx_task_work_run+0x10/0x10 [ 192.991057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 192.991568] ? switch_task_namespaces+0xa9/0xe0 [ 192.992069] do_exit+0xb17/0x2ef0 [ 192.992524] ? lock_acquire+0x427/0x4c0 [ 192.993076] ? __pfx_lock_release+0x10/0x10 [ 192.993542] ? __kasan_check_write+0x18/0x20 [ 192.994008] ? do_raw_spin_lock+0x132/0x2a0 [ 192.994571] ? __pfx_do_exit+0x10/0x10 [ 192.995064] ? debug_smp_processor_id+0x20/0x30 [ 192.995573] ? rcu_is_watching+0x19/0xb0 [ 192.996017] ? _raw_spin_unlock_irq+0x2b/0x60 [ 192.996568] ? trace_hardirqs_on+0x26/0x120 [ 192.997098] do_group_exit+0xe0/0x2b0 [ 192.997500] __x64_sys_exit_group+0x47/0x50 [ 192.997936] do_syscall_64+0x3b/0x90 [ 192.998361] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 192.998998] RIP: 0033:0x7f4b87518a4d [ 192.999414] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.000046] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.000958] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.001694] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.002583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.003420] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.004534] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.005394] [ 193.005685] irq event stamp: 0 [ 193.006240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.007163] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.008257] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.009219] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.010018] ---[ end trace 0000000000000000 ]--- [ 193.014970] ------------[ cut here ]------------ [ 193.015602] WARNING: CPU: 1 PID: 1834 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.016837] Modules linked in: [ 193.017219] CPU: 1 PID: 1834 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.018348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.019871] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.020489] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.022835] RSP: 0018:ffff888024417b78 EFLAGS: 00010246 [ 193.023559] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.024481] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 193.025302] RBP: ffff888024417b98 R08: ffffed1002b3a33e R09: ffffed1002b3a33e [ 193.026243] R10: ffff8880159d19ef R11: ffffed1002b3a33d R12: ffff8880159d1a90 [ 193.027108] R13: ffff8880159d18a8 R14: ffffffffffffffff R15: ffff888024417c60 [ 193.028036] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.028986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.029707] CR2: 00007f82e2eb1020 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 193.030554] PKRU: 55555554 [ 193.030945] Call Trace: [ 193.031328] [ 193.031600] iommufd_ioas_destroy+0x53/0x70 [ 193.032113] iommufd_fops_release+0x1f7/0x370 [ 193.032674] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.033316] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.033893] ? write_comp_data+0x2f/0x90 [ 193.034411] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.035083] __fput+0x26d/0xa40 [ 193.035516] ____fput+0x1e/0x30 [ 193.035917] task_work_run+0x1a4/0x2d0 [ 193.036491] ? __pfx_task_work_run+0x10/0x10 [ 193.037010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.037584] ? switch_task_namespaces+0xa9/0xe0 [ 193.038257] do_exit+0xb17/0x2ef0 [ 193.038698] ? lock_acquire+0x427/0x4c0 [ 193.039188] ? __pfx_lock_release+0x10/0x10 [ 193.039720] ? __kasan_check_write+0x18/0x20 [ 193.040298] ? do_raw_spin_lock+0x132/0x2a0 [ 193.040799] ? __pfx_do_exit+0x10/0x10 [ 193.041257] ? debug_smp_processor_id+0x20/0x30 [ 193.041896] ? rcu_is_watching+0x19/0xb0 [ 193.042370] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.042927] ? trace_hardirqs_on+0x26/0x120 [ 193.043516] do_group_exit+0xe0/0x2b0 [ 193.044020] __x64_sys_exit_group+0x47/0x50 [ 193.044533] do_syscall_64+0x3b/0x90 [ 193.044971] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.045683] RIP: 0033:0x7f4b87518a4d [ 193.046115] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.046840] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.047815] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.048639] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.049520] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.050323] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.051179] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.052003] [ 193.052280] irq event stamp: 0 [ 193.052643] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.053355] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.054295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.055288] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.056003] ---[ end trace 0000000000000000 ]--- [ 193.061871] ------------[ cut here ]------------ [ 193.062412] WARNING: CPU: 1 PID: 1835 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.063602] Modules linked in: [ 193.063964] CPU: 1 PID: 1835 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.064894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.066085] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.066650] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.068577] RSP: 0018:ffff8880170cfbb8 EFLAGS: 00010246 [ 193.069144] RAX: 0000000000000000 RBX: ffff8880178760a8 RCX: 0000000000000000 [ 193.069899] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 193.070696] RBP: ffff8880170cfbd0 R08: ffffed1002f0ec33 R09: ffffed1002f0ec33 [ 193.071463] R10: ffff888017876193 R11: ffffed1002f0ec32 R12: ffff888013b22000 [ 193.072220] R13: ffff8880178761e8 R14: ffffffff8352e670 R15: ffff8880170cfe68 [ 193.072974] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.073816] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.074430] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 193.075225] PKRU: 55555554 [ 193.075533] Call Trace: [ 193.075810] [ 193.076056] __iommufd_access_detach+0x1c2/0x2b0 [ 193.076579] iommufd_access_change_pt+0x149/0x270 [ 193.077108] iommufd_access_replace+0xb4/0x120 [ 193.077612] iommufd_test+0x3e5/0x37e0 [ 193.078031] ? lock_release+0x532/0x770 [ 193.078474] ? __might_fault+0x102/0x1b0 [ 193.078957] ? lock_acquire+0x427/0x4c0 [ 193.079410] ? __pfx_iommufd_test+0x10/0x10 [ 193.079870] ? __pfx_lock_release+0x10/0x10 [ 193.080340] ? __pfx_lock_acquire+0x10/0x10 [ 193.080815] ? write_comp_data+0x2f/0x90 [ 193.081264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.081788] ? write_comp_data+0x2f/0x90 [ 193.082238] iommufd_fops_ioctl+0x37d/0x510 [ 193.082732] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.083273] ? write_comp_data+0x2f/0x90 [ 193.083721] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.084238] __x64_sys_ioctl+0x1a3/0x230 [ 193.084688] do_syscall_64+0x3b/0x90 [ 193.085101] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.085662] RIP: 0033:0x7f4b8743ee5d [ 193.086060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.087993] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.088792] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.089542] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.090290] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.091061] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.091823] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.092587] [ 193.092839] irq event stamp: 0 [ 193.093177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.093835] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.094731] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.095610] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.096268] ---[ end trace 0000000000000000 ]--- [ 193.100492] ------------[ cut here ]------------ [ 193.101005] WARNING: CPU: 1 PID: 1835 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.102057] Modules linked in: [ 193.102398] CPU: 1 PID: 1835 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.103359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.104225] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.104581] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.105840] RSP: 0018:ffff8880170cfbd0 EFLAGS: 00010246 [ 193.106205] RAX: 0000000000000000 RBX: ffff8880178760a8 RCX: 0000000000000000 [ 193.106714] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 193.107268] RBP: ffff8880170cfbe8 R08: ffffed1002f0ec33 R09: ffffed1002f0ec33 [ 193.107769] R10: ffff888017876193 R11: ffffed1002f0ec32 R12: ffff88801883f000 [ 193.108274] R13: ffff8880178761e8 R14: ffff88800ace4d00 R15: 0000000000000000 [ 193.108768] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.109324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.109723] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 193.110217] PKRU: 55555554 [ 193.110412] Call Trace: [ 193.110611] [ 193.110821] iommufd_access_destroy_object+0x65/0x170 [ 193.111237] iommufd_object_destroy_user+0x18e/0x220 [ 193.111596] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.112000] iommufd_access_destroy+0x43/0x70 [ 193.112327] iommufd_test_staccess_release+0x8d/0xd0 [ 193.112684] __fput+0x26d/0xa40 [ 193.112926] ____fput+0x1e/0x30 [ 193.113165] task_work_run+0x1a4/0x2d0 [ 193.113450] ? __pfx_task_work_run+0x10/0x10 [ 193.113760] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.114105] ? switch_task_namespaces+0xa9/0xe0 [ 193.114444] do_exit+0xb17/0x2ef0 [ 193.114725] ? lock_acquire+0x427/0x4c0 [ 193.115101] ? __pfx_lock_release+0x10/0x10 [ 193.115451] ? __kasan_check_write+0x18/0x20 [ 193.115771] ? do_raw_spin_lock+0x132/0x2a0 [ 193.116071] ? __pfx_do_exit+0x10/0x10 [ 193.116348] ? debug_smp_processor_id+0x20/0x30 [ 193.116682] ? rcu_is_watching+0x19/0xb0 [ 193.116972] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.117291] ? trace_hardirqs_on+0x26/0x120 [ 193.117602] do_group_exit+0xe0/0x2b0 [ 193.117872] __x64_sys_exit_group+0x47/0x50 [ 193.118171] do_syscall_64+0x3b/0x90 [ 193.118442] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.118834] RIP: 0033:0x7f4b87518a4d [ 193.119185] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.119648] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.120177] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.120666] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.121160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.121648] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.122143] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.122665] [ 193.122880] irq event stamp: 0 [ 193.123134] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.123573] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.124154] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.124724] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.125162] ---[ end trace 0000000000000000 ]--- [ 193.125786] ------------[ cut here ]------------ [ 193.126113] WARNING: CPU: 1 PID: 1835 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.126853] Modules linked in: [ 193.127146] CPU: 1 PID: 1835 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.127846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.128635] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.128994] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.130250] RSP: 0018:ffff8880170cfb78 EFLAGS: 00010246 [ 193.130644] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.131197] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 193.131689] RBP: ffff8880170cfb98 R08: ffffed1002f0ec3e R09: ffffed1002f0ec3e [ 193.132184] R10: ffff8880178761ef R11: ffffed1002f0ec3d R12: ffff888017876290 [ 193.132672] R13: ffff8880178760a8 R14: ffffffffffffffff R15: ffff8880170cfc60 [ 193.133171] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.133735] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.134146] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 193.134660] PKRU: 55555554 [ 193.134916] Call Trace: [ 193.135131] [ 193.135299] iommufd_ioas_destroy+0x53/0x70 [ 193.135606] iommufd_fops_release+0x1f7/0x370 [ 193.135924] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.136286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.136630] ? write_comp_data+0x2f/0x90 [ 193.136921] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.137279] __fput+0x26d/0xa40 [ 193.137528] ____fput+0x1e/0x30 [ 193.137765] task_work_run+0x1a4/0x2d0 [ 193.138044] ? __pfx_task_work_run+0x10/0x10 [ 193.138366] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.138742] ? switch_task_namespaces+0xa9/0xe0 [ 193.139318] do_exit+0xb17/0x2ef0 [ 193.139698] ? lock_acquire+0x427/0x4c0 [ 193.140131] ? __pfx_lock_release+0x10/0x10 [ 193.140594] ? __kasan_check_write+0x18/0x20 [ 193.141062] ? do_raw_spin_lock+0x132/0x2a0 [ 193.141516] ? __pfx_do_exit+0x10/0x10 [ 193.141939] ? debug_smp_processor_id+0x20/0x30 [ 193.142430] ? rcu_is_watching+0x19/0xb0 [ 193.142899] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.143397] ? trace_hardirqs_on+0x26/0x120 [ 193.143860] do_group_exit+0xe0/0x2b0 [ 193.144268] __x64_sys_exit_group+0x47/0x50 [ 193.144721] do_syscall_64+0x3b/0x90 [ 193.145124] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.145679] RIP: 0033:0x7f4b87518a4d [ 193.146071] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.146732] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.147530] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.148268] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.149006] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.149739] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.150476] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.151259] [ 193.151511] irq event stamp: 0 [ 193.151843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.152495] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.153359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.154221] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.154897] ---[ end trace 0000000000000000 ]--- [ 193.160213] ------------[ cut here ]------------ [ 193.160739] WARNING: CPU: 1 PID: 1836 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.161781] Modules linked in: [ 193.162119] CPU: 1 PID: 1836 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.163160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.164312] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.164827] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.166704] RSP: 0018:ffff88800f7f7bb8 EFLAGS: 00010246 [ 193.167263] RAX: 0000000000000000 RBX: ffff8880104620a8 RCX: 0000000000000000 [ 193.167987] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 193.168713] RBP: ffff88800f7f7bd0 R08: ffffed100208c433 R09: ffffed100208c433 [ 193.169440] R10: ffff888010462193 R11: ffffed100208c432 R12: ffff888013b15800 [ 193.170165] R13: ffff8880104621e8 R14: ffffffff8352e670 R15: ffff88800f7f7e68 [ 193.170908] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.171715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.172293] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 193.172999] PKRU: 55555554 [ 193.173286] Call Trace: [ 193.173547] [ 193.173780] __iommufd_access_detach+0x1c2/0x2b0 [ 193.174276] iommufd_access_change_pt+0x149/0x270 [ 193.174808] iommufd_access_replace+0xb4/0x120 [ 193.175297] iommufd_test+0x3e5/0x37e0 [ 193.175694] ? lock_release+0x532/0x770 [ 193.176109] ? __might_fault+0x102/0x1b0 [ 193.176529] ? lock_acquire+0x427/0x4c0 [ 193.176943] ? __pfx_iommufd_test+0x10/0x10 [ 193.177375] ? __pfx_lock_release+0x10/0x10 [ 193.177821] ? __pfx_lock_acquire+0x10/0x10 [ 193.178271] ? write_comp_data+0x2f/0x90 [ 193.178717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.179226] ? write_comp_data+0x2f/0x90 [ 193.179652] iommufd_fops_ioctl+0x37d/0x510 [ 193.180094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.180592] ? write_comp_data+0x2f/0x90 [ 193.181015] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.181504] __x64_sys_ioctl+0x1a3/0x230 [ 193.181927] do_syscall_64+0x3b/0x90 [ 193.182318] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.182869] RIP: 0033:0x7f4b8743ee5d [ 193.183259] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.185051] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.185805] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.186534] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.187252] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.187959] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.188667] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.189389] [ 193.189627] irq event stamp: 0 [ 193.189947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.190605] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.191448] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.192415] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.193202] ---[ end trace 0000000000000000 ]--- [ 193.196934] ------------[ cut here ]------------ [ 193.197260] WARNING: CPU: 1 PID: 1836 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.198153] Modules linked in: [ 193.198407] CPU: 1 PID: 1836 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.199418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.200410] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.200858] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.202492] RSP: 0018:ffff88800f7f7bd0 EFLAGS: 00010246 [ 193.202990] RAX: 0000000000000000 RBX: ffff8880104620a8 RCX: 0000000000000000 [ 193.203626] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 193.204301] RBP: ffff88800f7f7be8 R08: ffffed100208c433 R09: ffffed100208c433 [ 193.204945] R10: ffff888010462193 R11: ffffed100208c432 R12: ffff888013b22800 [ 193.205589] R13: ffff8880104621e8 R14: ffff888013596800 R15: 0000000000000000 [ 193.206271] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.207010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.207543] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 193.208183] PKRU: 55555554 [ 193.208439] Call Trace: [ 193.208702] [ 193.208917] iommufd_access_destroy_object+0x65/0x170 [ 193.209392] iommufd_object_destroy_user+0x18e/0x220 [ 193.209864] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.210391] iommufd_access_destroy+0x43/0x70 [ 193.210861] iommufd_test_staccess_release+0x8d/0xd0 [ 193.211349] __fput+0x26d/0xa40 [ 193.211673] ____fput+0x1e/0x30 [ 193.211989] task_work_run+0x1a4/0x2d0 [ 193.212353] ? __pfx_task_work_run+0x10/0x10 [ 193.212765] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.213224] ? switch_task_namespaces+0xa9/0xe0 [ 193.213696] do_exit+0xb17/0x2ef0 [ 193.214022] ? lock_acquire+0x427/0x4c0 [ 193.214401] ? __pfx_lock_release+0x10/0x10 [ 193.214817] ? __kasan_check_write+0x18/0x20 [ 193.215225] ? do_raw_spin_lock+0x132/0x2a0 [ 193.215620] ? __pfx_do_exit+0x10/0x10 [ 193.216019] ? debug_smp_processor_id+0x20/0x30 [ 193.216455] ? rcu_is_watching+0x19/0xb0 [ 193.216832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.217255] ? trace_hardirqs_on+0x26/0x120 [ 193.217637] do_group_exit+0xe0/0x2b0 [ 193.218028] __x64_sys_exit_group+0x47/0x50 [ 193.218424] do_syscall_64+0x3b/0x90 [ 193.218798] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.219368] RIP: 0033:0x7f4b87518a4d [ 193.219710] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.220286] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.220974] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.221637] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.222272] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.222938] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.223578] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.224272] [ 193.224493] irq event stamp: 0 [ 193.224776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.225350] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.226135] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.226911] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.227479] ---[ end trace 0000000000000000 ]--- [ 193.228412] ------------[ cut here ]------------ [ 193.228863] WARNING: CPU: 1 PID: 1836 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.229782] Modules linked in: [ 193.230077] CPU: 1 PID: 1836 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.230913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.231937] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.232427] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.234133] RSP: 0018:ffff88800f7f7b78 EFLAGS: 00010246 [ 193.234673] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.235346] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 193.236053] RBP: ffff88800f7f7b98 R08: ffffed100208c43e R09: ffffed100208c43e [ 193.236718] R10: ffff8880104621ef R11: ffffed100208c43d R12: ffff888010462290 [ 193.237379] R13: ffff8880104620a8 R14: ffffffffffffffff R15: ffff88800f7f7c60 [ 193.238063] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.238823] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.239372] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 193.240034] PKRU: 55555554 [ 193.240306] Call Trace: [ 193.240583] [ 193.240799] iommufd_ioas_destroy+0x53/0x70 [ 193.241216] iommufd_fops_release+0x1f7/0x370 [ 193.241646] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.242116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.242676] ? write_comp_data+0x2f/0x90 [ 193.243068] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.243553] __fput+0x26d/0xa40 [ 193.243889] ____fput+0x1e/0x30 [ 193.244210] task_work_run+0x1a4/0x2d0 [ 193.244586] ? __pfx_task_work_run+0x10/0x10 [ 193.244998] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.245523] ? switch_task_namespaces+0xa9/0xe0 [ 193.245984] do_exit+0xb17/0x2ef0 [ 193.246321] ? lock_acquire+0x427/0x4c0 [ 193.246722] ? __pfx_lock_release+0x10/0x10 [ 193.247133] ? __kasan_check_write+0x18/0x20 [ 193.247956] ? do_raw_spin_lock+0x132/0x2a0 [ 193.248422] ? __pfx_do_exit+0x10/0x10 [ 193.248847] ? debug_smp_processor_id+0x20/0x30 [ 193.249567] ? rcu_is_watching+0x19/0xb0 [ 193.250006] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.250494] ? trace_hardirqs_on+0x26/0x120 [ 193.251070] do_group_exit+0xe0/0x2b0 [ 193.251538] __x64_sys_exit_group+0x47/0x50 [ 193.251996] do_syscall_64+0x3b/0x90 [ 193.252404] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.253037] RIP: 0033:0x7f4b87518a4d [ 193.253434] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.254092] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.254951] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.255710] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.256534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.257272] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.258076] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.258859] [ 193.259112] irq event stamp: 0 [ 193.259531] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.260187] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.261129] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.262001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.262750] ---[ end trace 0000000000000000 ]--- [ 193.269055] ------------[ cut here ]------------ [ 193.269647] WARNING: CPU: 1 PID: 1837 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.270995] Modules linked in: [ 193.271443] CPU: 1 PID: 1837 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.272357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.273605] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.274133] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.276192] RSP: 0018:ffff8880161dfbb8 EFLAGS: 00010246 [ 193.276795] RAX: 0000000000000000 RBX: ffff8880147048a8 RCX: 0000000000000000 [ 193.277541] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 193.278366] RBP: ffff8880161dfbd0 R08: ffffed10028e0933 R09: ffffed10028e0933 [ 193.279168] R10: ffff888014704993 R11: ffffed10028e0932 R12: ffff8880129c5800 [ 193.279944] R13: ffff8880147049e8 R14: ffffffff8352e670 R15: ffff8880161dfe68 [ 193.280729] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.281577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.282228] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 193.283005] PKRU: 55555554 [ 193.283319] Call Trace: [ 193.283594] [ 193.283841] __iommufd_access_detach+0x1c2/0x2b0 [ 193.284364] iommufd_access_change_pt+0x149/0x270 [ 193.284891] iommufd_access_replace+0xb4/0x120 [ 193.285394] iommufd_test+0x3e5/0x37e0 [ 193.285811] ? lock_release+0x532/0x770 [ 193.286249] ? __might_fault+0x102/0x1b0 [ 193.286715] ? lock_acquire+0x427/0x4c0 [ 193.287167] ? __pfx_iommufd_test+0x10/0x10 [ 193.287626] ? __pfx_lock_release+0x10/0x10 [ 193.288093] ? __pfx_lock_acquire+0x10/0x10 [ 193.288569] ? write_comp_data+0x2f/0x90 [ 193.289022] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.289549] ? write_comp_data+0x2f/0x90 [ 193.289997] iommufd_fops_ioctl+0x37d/0x510 [ 193.290462] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.291019] ? write_comp_data+0x2f/0x90 [ 193.291482] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.292003] __x64_sys_ioctl+0x1a3/0x230 [ 193.292453] do_syscall_64+0x3b/0x90 [ 193.292871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.293442] RIP: 0033:0x7f4b8743ee5d [ 193.293849] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.295808] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.296621] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.297378] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.298130] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.298912] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.299678] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.300443] [ 193.300703] irq event stamp: 0 [ 193.301041] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.301707] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.302626] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.303545] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.304224] ---[ end trace 0000000000000000 ]--- [ 193.308423] ------------[ cut here ]------------ [ 193.308963] WARNING: CPU: 1 PID: 1837 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.310045] Modules linked in: [ 193.310401] CPU: 1 PID: 1837 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.311388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.312377] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.312762] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.314151] RSP: 0018:ffff8880161dfbd0 EFLAGS: 00010246 [ 193.314601] RAX: 0000000000000000 RBX: ffff8880147048a8 RCX: 0000000000000000 [ 193.315229] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 193.315787] RBP: ffff8880161dfbe8 R08: ffffed10028e0933 R09: ffffed10028e0933 [ 193.316356] R10: ffff888014704993 R11: ffffed10028e0932 R12: ffff888013b14c00 [ 193.316923] R13: ffff8880147049e8 R14: ffff888012de2e00 R15: 0000000000000000 [ 193.317482] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.318118] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.318618] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 193.319277] PKRU: 55555554 [ 193.319518] Call Trace: [ 193.319724] [ 193.319907] iommufd_access_destroy_object+0x65/0x170 [ 193.320326] iommufd_object_destroy_user+0x18e/0x220 [ 193.320750] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.321223] iommufd_access_destroy+0x43/0x70 [ 193.321601] iommufd_test_staccess_release+0x8d/0xd0 [ 193.322014] __fput+0x26d/0xa40 [ 193.322294] ____fput+0x1e/0x30 [ 193.322602] task_work_run+0x1a4/0x2d0 [ 193.323005] ? __pfx_task_work_run+0x10/0x10 [ 193.323448] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.323857] ? switch_task_namespaces+0xa9/0xe0 [ 193.324255] do_exit+0xb17/0x2ef0 [ 193.324566] ? lock_acquire+0x427/0x4c0 [ 193.324908] ? __pfx_lock_release+0x10/0x10 [ 193.325282] ? __kasan_check_write+0x18/0x20 [ 193.325672] ? do_raw_spin_lock+0x132/0x2a0 [ 193.326041] ? __pfx_do_exit+0x10/0x10 [ 193.326380] ? debug_smp_processor_id+0x20/0x30 [ 193.326823] ? rcu_is_watching+0x19/0xb0 [ 193.327247] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.327640] ? trace_hardirqs_on+0x26/0x120 [ 193.328010] do_group_exit+0xe0/0x2b0 [ 193.328329] __x64_sys_exit_group+0x47/0x50 [ 193.328690] do_syscall_64+0x3b/0x90 [ 193.329014] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.329463] RIP: 0033:0x7f4b87518a4d [ 193.329774] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.330280] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.330942] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.331550] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.332147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.332736] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.333321] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.333925] [ 193.334122] irq event stamp: 0 [ 193.334385] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.334950] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.335655] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.336350] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.336877] ---[ end trace 0000000000000000 ]--- [ 193.337730] ------------[ cut here ]------------ [ 193.338139] WARNING: CPU: 1 PID: 1837 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.339075] Modules linked in: [ 193.339377] CPU: 1 PID: 1837 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.340143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.341115] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.341578] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.343273] RSP: 0018:ffff8880161dfb78 EFLAGS: 00010246 [ 193.343761] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.344398] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 193.345018] RBP: ffff8880161dfb98 R08: ffffed10028e093e R09: ffffed10028e093e [ 193.345638] R10: ffff8880147049ef R11: ffffed10028e093d R12: ffff888014704a90 [ 193.346261] R13: ffff8880147048a8 R14: ffffffffffffffff R15: ffff8880161dfc60 [ 193.346919] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.347664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.348178] CR2: 00007f4b875fca50 CR3: 0000000014928000 CR4: 0000000000750ee0 [ 193.348805] PKRU: 55555554 [ 193.349061] Call Trace: [ 193.349295] [ 193.349503] iommufd_ioas_destroy+0x53/0x70 [ 193.349899] iommufd_fops_release+0x1f7/0x370 [ 193.350305] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.350792] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.351243] ? write_comp_data+0x2f/0x90 [ 193.351614] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.352066] __fput+0x26d/0xa40 [ 193.352377] ____fput+0x1e/0x30 [ 193.352677] task_work_run+0x1a4/0x2d0 [ 193.353034] ? __pfx_task_work_run+0x10/0x10 [ 193.353431] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.353883] ? switch_task_namespaces+0xa9/0xe0 [ 193.354319] do_exit+0xb17/0x2ef0 [ 193.354661] ? lock_acquire+0x427/0x4c0 [ 193.355029] ? __pfx_lock_release+0x10/0x10 [ 193.355462] ? __kasan_check_write+0x18/0x20 [ 193.355879] ? do_raw_spin_lock+0x132/0x2a0 [ 193.356283] ? __pfx_do_exit+0x10/0x10 [ 193.356663] ? debug_smp_processor_id+0x20/0x30 [ 193.357099] ? rcu_is_watching+0x19/0xb0 [ 193.357484] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.357921] ? trace_hardirqs_on+0x26/0x120 [ 193.358337] do_group_exit+0xe0/0x2b0 [ 193.358740] __x64_sys_exit_group+0x47/0x50 [ 193.359169] do_syscall_64+0x3b/0x90 [ 193.359547] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.360037] RIP: 0033:0x7f4b87518a4d [ 193.360386] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.360962] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.361674] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.362339] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.363047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.363741] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.364408] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.365088] [ 193.365312] irq event stamp: 0 [ 193.365608] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.366195] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.367012] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.367816] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.368420] ---[ end trace 0000000000000000 ]--- [ 193.373098] ------------[ cut here ]------------ [ 193.373615] WARNING: CPU: 1 PID: 1838 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.374818] Modules linked in: [ 193.375152] CPU: 1 PID: 1838 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.375977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.377041] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.377522] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.379300] RSP: 0018:ffff888016627bb8 EFLAGS: 00010246 [ 193.379814] RAX: 0000000000000000 RBX: ffff88800f7f10a8 RCX: 0000000000000000 [ 193.380478] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 193.381157] RBP: ffff888016627bd0 R08: ffffed1001efe233 R09: ffffed1001efe233 [ 193.381834] R10: ffff88800f7f1193 R11: ffffed1001efe232 R12: ffff88800f208800 [ 193.382559] R13: ffff88800f7f11e8 R14: ffffffff8352e670 R15: ffff888016627e68 [ 193.383254] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.384027] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.384582] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 193.385262] PKRU: 55555554 [ 193.385537] Call Trace: [ 193.385779] [ 193.385997] __iommufd_access_detach+0x1c2/0x2b0 [ 193.386464] iommufd_access_change_pt+0x149/0x270 [ 193.386976] iommufd_access_replace+0xb4/0x120 [ 193.387440] iommufd_test+0x3e5/0x37e0 [ 193.387818] ? lock_release+0x532/0x770 [ 193.388211] ? __might_fault+0x102/0x1b0 [ 193.388606] ? lock_acquire+0x427/0x4c0 [ 193.389001] ? __pfx_iommufd_test+0x10/0x10 [ 193.389412] ? __pfx_lock_release+0x10/0x10 [ 193.389834] ? __pfx_lock_acquire+0x10/0x10 [ 193.390253] ? write_comp_data+0x2f/0x90 [ 193.390683] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.391168] ? write_comp_data+0x2f/0x90 [ 193.391566] iommufd_fops_ioctl+0x37d/0x510 [ 193.391982] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.392450] ? write_comp_data+0x2f/0x90 [ 193.392854] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.393330] __x64_sys_ioctl+0x1a3/0x230 [ 193.393762] do_syscall_64+0x3b/0x90 [ 193.394154] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.394737] RIP: 0033:0x7f4b8743ee5d [ 193.395139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.397020] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.397811] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.398589] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.399343] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.400090] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.400826] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.401575] [ 193.401818] irq event stamp: 0 [ 193.402140] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.402829] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.403692] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.404547] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.405199] ---[ end trace 0000000000000000 ]--- [ 193.408524] ------------[ cut here ]------------ [ 193.409058] WARNING: CPU: 1 PID: 1838 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.410092] Modules linked in: [ 193.410421] CPU: 1 PID: 1838 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.411407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.412560] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.413080] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.414968] RSP: 0018:ffff888016627bd0 EFLAGS: 00010246 [ 193.415534] RAX: 0000000000000000 RBX: ffff88800f7f10a8 RCX: 0000000000000000 [ 193.416253] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 193.416984] RBP: ffff888016627be8 R08: ffffed1001efe233 R09: ffffed1001efe233 [ 193.417716] R10: ffff88800f7f1193 R11: ffffed1001efe232 R12: ffff8880129c7c00 [ 193.418437] R13: ffff88800f7f11e8 R14: ffff8880139bc100 R15: 0000000000000000 [ 193.419233] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.420083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.420686] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 193.421458] PKRU: 55555554 [ 193.421745] Call Trace: [ 193.422003] [ 193.422232] iommufd_access_destroy_object+0x65/0x170 [ 193.422800] iommufd_object_destroy_user+0x18e/0x220 [ 193.423343] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.423951] iommufd_access_destroy+0x43/0x70 [ 193.424431] iommufd_test_staccess_release+0x8d/0xd0 [ 193.424977] __fput+0x26d/0xa40 [ 193.425338] ____fput+0x1e/0x30 [ 193.425690] task_work_run+0x1a4/0x2d0 [ 193.426098] ? __pfx_task_work_run+0x10/0x10 [ 193.426601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.427111] ? switch_task_namespaces+0xa9/0xe0 [ 193.427621] do_exit+0xb17/0x2ef0 [ 193.427985] ? lock_acquire+0x427/0x4c0 [ 193.428412] ? __pfx_lock_release+0x10/0x10 [ 193.428866] ? __kasan_check_write+0x18/0x20 [ 193.429337] ? do_raw_spin_lock+0x132/0x2a0 [ 193.429791] ? __pfx_do_exit+0x10/0x10 [ 193.430202] ? debug_smp_processor_id+0x20/0x30 [ 193.430748] ? rcu_is_watching+0x19/0xb0 [ 193.431190] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.431669] ? trace_hardirqs_on+0x26/0x120 [ 193.432136] do_group_exit+0xe0/0x2b0 [ 193.432536] __x64_sys_exit_group+0x47/0x50 [ 193.432984] do_syscall_64+0x3b/0x90 [ 193.433385] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.433922] RIP: 0033:0x7f4b87518a4d [ 193.434307] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.434988] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.435777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.436504] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.437226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.437948] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.438705] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.439451] [ 193.439698] irq event stamp: 0 [ 193.440033] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.440681] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.441539] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.442401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.443082] ---[ end trace 0000000000000000 ]--- [ 193.443972] ------------[ cut here ]------------ [ 193.444458] WARNING: CPU: 1 PID: 1838 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.445507] Modules linked in: [ 193.445843] CPU: 1 PID: 1838 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.446801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.447977] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.448523] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.450395] RSP: 0018:ffff888016627b78 EFLAGS: 00010246 [ 193.451079] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.452406] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 193.453148] RBP: ffff888016627b98 R08: ffffed1001efe23e R09: ffffed1001efe23e [ 193.453882] R10: ffff88800f7f11ef R11: ffffed1001efe23d R12: ffff88800f7f1290 [ 193.454665] R13: ffff88800f7f10a8 R14: ffffffffffffffff R15: ffff888016627c60 [ 193.455449] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.456278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.457103] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 193.458341] PKRU: 55555554 [ 193.458695] Call Trace: [ 193.458966] [ 193.459225] iommufd_ioas_destroy+0x53/0x70 [ 193.459681] iommufd_fops_release+0x1f7/0x370 [ 193.460147] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.460667] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.461183] ? write_comp_data+0x2f/0x90 [ 193.461617] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.462346] __fput+0x26d/0xa40 [ 193.463162] ____fput+0x1e/0x30 [ 193.463528] task_work_run+0x1a4/0x2d0 [ 193.463941] ? __pfx_task_work_run+0x10/0x10 [ 193.464398] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.464904] ? switch_task_namespaces+0xa9/0xe0 [ 193.465394] do_exit+0xb17/0x2ef0 [ 193.465754] ? lock_acquire+0x427/0x4c0 [ 193.466181] ? __pfx_lock_release+0x10/0x10 [ 193.466680] ? __kasan_check_write+0x18/0x20 [ 193.467151] ? do_raw_spin_lock+0x132/0x2a0 [ 193.467607] ? __pfx_do_exit+0x10/0x10 [ 193.468131] ? debug_smp_processor_id+0x20/0x30 [ 193.468806] ? rcu_is_watching+0x19/0xb0 [ 193.469391] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.469858] ? trace_hardirqs_on+0x26/0x120 [ 193.470309] do_group_exit+0xe0/0x2b0 [ 193.470751] __x64_sys_exit_group+0x47/0x50 [ 193.471220] do_syscall_64+0x3b/0x90 [ 193.471613] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.472150] RIP: 0033:0x7f4b87518a4d [ 193.472541] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.473178] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.474181] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.475293] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.476033] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.476777] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.477520] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.478279] [ 193.478569] irq event stamp: 0 [ 193.478907] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.479586] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.480721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.481944] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.482633] ---[ end trace 0000000000000000 ]--- [ 193.487085] ------------[ cut here ]------------ [ 193.487662] WARNING: CPU: 1 PID: 1839 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.488694] Modules linked in: [ 193.489030] CPU: 1 PID: 1839 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.490148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.491744] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.492277] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.494185] RSP: 0018:ffff8880161dfbb8 EFLAGS: 00010246 [ 193.494792] RAX: 0000000000000000 RBX: ffff88800f16d0a8 RCX: 0000000000000000 [ 193.495585] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 193.496560] RBP: ffff8880161dfbd0 R08: ffffed1001e2da33 R09: ffffed1001e2da33 [ 193.497601] R10: ffff88800f16d193 R11: ffffed1001e2da32 R12: ffff88800f74e800 [ 193.498358] R13: ffff88800f16d1e8 R14: ffffffff8352e670 R15: ffff8880161dfe68 [ 193.499152] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.500002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.500606] CR2: 00007f4b877410e8 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 193.501443] PKRU: 55555554 [ 193.501830] Call Trace: [ 193.502176] [ 193.502571] __iommufd_access_detach+0x1c2/0x2b0 [ 193.503087] iommufd_access_change_pt+0x149/0x270 [ 193.503615] iommufd_access_replace+0xb4/0x120 [ 193.504098] iommufd_test+0x3e5/0x37e0 [ 193.504502] ? lock_release+0x532/0x770 [ 193.504934] ? __might_fault+0x102/0x1b0 [ 193.505373] ? lock_acquire+0x427/0x4c0 [ 193.505807] ? __pfx_iommufd_test+0x10/0x10 [ 193.506268] ? __pfx_lock_release+0x10/0x10 [ 193.506923] ? __pfx_lock_acquire+0x10/0x10 [ 193.507614] ? write_comp_data+0x2f/0x90 [ 193.508076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.508597] ? write_comp_data+0x2f/0x90 [ 193.509044] iommufd_fops_ioctl+0x37d/0x510 [ 193.509513] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.510048] ? write_comp_data+0x2f/0x90 [ 193.510544] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.511072] __x64_sys_ioctl+0x1a3/0x230 [ 193.511538] do_syscall_64+0x3b/0x90 [ 193.512043] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.512940] RIP: 0033:0x7f4b8743ee5d [ 193.513351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.515373] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.516201] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.517183] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.518246] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.519056] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.519824] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.520596] [ 193.520846] irq event stamp: 0 [ 193.521189] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.521989] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.523124] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.524026] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.524710] ---[ end trace 0000000000000000 ]--- [ 193.528547] ------------[ cut here ]------------ [ 193.529115] WARNING: CPU: 1 PID: 1839 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.530420] Modules linked in: [ 193.530951] CPU: 1 PID: 1839 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.531910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.533136] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.533684] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.536064] RSP: 0018:ffff8880161dfbd0 EFLAGS: 00010246 [ 193.536646] RAX: 0000000000000000 RBX: ffff88800f16d0a8 RCX: 0000000000000000 [ 193.537399] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 193.538150] RBP: ffff8880161dfbe8 R08: ffffed1001e2da33 R09: ffffed1001e2da33 [ 193.539071] R10: ffff88800f16d193 R11: ffffed1001e2da32 R12: ffff88800f20ac00 [ 193.540076] R13: ffff88800f16d1e8 R14: ffff888020804400 R15: 0000000000000000 [ 193.540844] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.541691] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.542304] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 193.543083] PKRU: 55555554 [ 193.543406] Call Trace: [ 193.543686] [ 193.543931] iommufd_access_destroy_object+0x65/0x170 [ 193.544605] iommufd_object_destroy_user+0x18e/0x220 [ 193.545423] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.546049] iommufd_access_destroy+0x43/0x70 [ 193.546591] iommufd_test_staccess_release+0x8d/0xd0 [ 193.547158] __fput+0x26d/0xa40 [ 193.547532] ____fput+0x1e/0x30 [ 193.547896] task_work_run+0x1a4/0x2d0 [ 193.548325] ? __pfx_task_work_run+0x10/0x10 [ 193.548803] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.549456] ? switch_task_namespaces+0xa9/0xe0 [ 193.550186] do_exit+0xb17/0x2ef0 [ 193.550597] ? lock_acquire+0x427/0x4c0 [ 193.551030] ? __pfx_lock_release+0x10/0x10 [ 193.551506] ? __kasan_check_write+0x18/0x20 [ 193.551978] ? do_raw_spin_lock+0x132/0x2a0 [ 193.552438] ? __pfx_do_exit+0x10/0x10 [ 193.552868] ? debug_smp_processor_id+0x20/0x30 [ 193.553364] ? rcu_is_watching+0x19/0xb0 [ 193.553800] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.554468] ? trace_hardirqs_on+0x26/0x120 [ 193.555192] do_group_exit+0xe0/0x2b0 [ 193.555600] __x64_sys_exit_group+0x47/0x50 [ 193.556058] do_syscall_64+0x3b/0x90 [ 193.556461] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.557008] RIP: 0033:0x7f4b87518a4d [ 193.557399] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.558038] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.558904] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.559940] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.560664] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.561398] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.562125] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.562898] [ 193.563163] irq event stamp: 0 [ 193.563491] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.564227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.565395] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.566248] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.566933] ---[ end trace 0000000000000000 ]--- [ 193.567870] ------------[ cut here ]------------ [ 193.568372] WARNING: CPU: 1 PID: 1839 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.569619] Modules linked in: [ 193.569952] CPU: 1 PID: 1839 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.570865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.572217] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.572735] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.574634] RSP: 0018:ffff8880161dfb78 EFLAGS: 00010246 [ 193.575143] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.575803] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 193.576620] RBP: ffff8880161dfb98 R08: ffffed1001e2da3e R09: ffffed1001e2da3e [ 193.577284] R10: ffff88800f16d1ef R11: ffffed1001e2da3d R12: ffff88800f16d290 [ 193.577943] R13: ffff88800f16d0a8 R14: ffffffffffffffff R15: ffff8880161dfc60 [ 193.578785] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 193.579543] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.580082] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 193.580870] PKRU: 55555554 [ 193.581145] Call Trace: [ 193.581390] [ 193.581601] iommufd_ioas_destroy+0x53/0x70 [ 193.582006] iommufd_fops_release+0x1f7/0x370 [ 193.582451] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.583044] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.583520] ? write_comp_data+0x2f/0x90 [ 193.583908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.584375] __fput+0x26d/0xa40 [ 193.584699] ____fput+0x1e/0x30 [ 193.585103] task_work_run+0x1a4/0x2d0 [ 193.585574] ? __pfx_task_work_run+0x10/0x10 [ 193.585990] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.586446] ? switch_task_namespaces+0xa9/0xe0 [ 193.586906] do_exit+0xb17/0x2ef0 [ 193.587244] ? lock_acquire+0x427/0x4c0 [ 193.587782] ? __pfx_lock_release+0x10/0x10 [ 193.588193] ? __kasan_check_write+0x18/0x20 [ 193.588608] ? do_raw_spin_lock+0x132/0x2a0 [ 193.589010] ? __pfx_do_exit+0x10/0x10 [ 193.589381] ? debug_smp_processor_id+0x20/0x30 [ 193.589954] ? rcu_is_watching+0x19/0xb0 [ 193.590326] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.590761] ? trace_hardirqs_on+0x26/0x120 [ 193.591175] do_group_exit+0xe0/0x2b0 [ 193.591526] __x64_sys_exit_group+0x47/0x50 [ 193.591959] do_syscall_64+0x3b/0x90 [ 193.592403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.592883] RIP: 0033:0x7f4b87518a4d [ 193.593220] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.593781] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.594664] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.595325] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.595973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.596783] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.597424] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.598076] [ 193.598322] irq event stamp: 0 [ 193.598711] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.599299] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.600060] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.600965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.601534] ---[ end trace 0000000000000000 ]--- [ 193.606240] ------------[ cut here ]------------ [ 193.606894] WARNING: CPU: 0 PID: 1840 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.607868] Modules linked in: [ 193.608235] CPU: 0 PID: 1840 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.608987] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.610108] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.610561] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.612303] RSP: 0018:ffff888016627bb8 EFLAGS: 00010246 [ 193.612758] RAX: 0000000000000000 RBX: ffff888017bea0a8 RCX: 0000000000000000 [ 193.613377] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 193.614149] RBP: ffff888016627bd0 R08: ffffed1002f7d433 R09: ffffed1002f7d433 [ 193.614799] R10: ffff888017bea193 R11: ffffed1002f7d432 R12: ffff88801226e800 [ 193.615427] R13: ffff888017bea1e8 R14: ffffffff8352e670 R15: ffff888016627e68 [ 193.616114] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.616940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.617445] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 193.618213] PKRU: 55555554 [ 193.618444] Call Trace: [ 193.618699] [ 193.618895] __iommufd_access_detach+0x1c2/0x2b0 [ 193.619341] iommufd_access_change_pt+0x149/0x270 [ 193.619779] iommufd_access_replace+0xb4/0x120 [ 193.620365] iommufd_test+0x3e5/0x37e0 [ 193.620708] ? lock_release+0x532/0x770 [ 193.621069] ? __might_fault+0x102/0x1b0 [ 193.621435] ? lock_acquire+0x427/0x4c0 [ 193.621824] ? __pfx_iommufd_test+0x10/0x10 [ 193.622363] ? __pfx_lock_release+0x10/0x10 [ 193.622789] ? __pfx_lock_acquire+0x10/0x10 [ 193.623199] ? write_comp_data+0x2f/0x90 [ 193.623570] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.624178] ? write_comp_data+0x2f/0x90 [ 193.624551] iommufd_fops_ioctl+0x37d/0x510 [ 193.624930] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.625371] ? write_comp_data+0x2f/0x90 [ 193.625823] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.626347] __x64_sys_ioctl+0x1a3/0x230 [ 193.626743] do_syscall_64+0x3b/0x90 [ 193.627076] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.627565] RIP: 0033:0x7f4b8743ee5d [ 193.628058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.629731] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.630597] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.631233] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.631863] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.632473] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.633108] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.633737] [ 193.633939] irq event stamp: 0 [ 193.634219] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.634801] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.635555] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.636294] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.636832] ---[ end trace 0000000000000000 ]--- [ 193.639774] ------------[ cut here ]------------ [ 193.640184] WARNING: CPU: 0 PID: 1840 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.641019] Modules linked in: [ 193.641279] CPU: 0 PID: 1840 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.642001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.643200] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.643633] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.645131] RSP: 0018:ffff888016627bd0 EFLAGS: 00010246 [ 193.645559] RAX: 0000000000000000 RBX: ffff888017bea0a8 RCX: 0000000000000000 [ 193.646152] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 193.646748] RBP: ffff888016627be8 R08: ffffed1002f7d433 R09: ffffed1002f7d433 [ 193.647351] R10: ffff888017bea193 R11: ffffed1002f7d432 R12: ffff888010cfa800 [ 193.647943] R13: ffff888017bea1e8 R14: ffff888020f65300 R15: 0000000000000000 [ 193.648528] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.649194] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.649667] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.650255] PKRU: 55555554 [ 193.650485] Call Trace: [ 193.650714] [ 193.650900] iommufd_access_destroy_object+0x65/0x170 [ 193.651345] iommufd_object_destroy_user+0x18e/0x220 [ 193.651761] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.652247] iommufd_access_destroy+0x43/0x70 [ 193.652618] iommufd_test_staccess_release+0x8d/0xd0 [ 193.653035] __fput+0x26d/0xa40 [ 193.653339] ____fput+0x1e/0x30 [ 193.653615] task_work_run+0x1a4/0x2d0 [ 193.653940] ? __pfx_task_work_run+0x10/0x10 [ 193.654302] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.654759] ? switch_task_namespaces+0xa9/0xe0 [ 193.655162] do_exit+0xb17/0x2ef0 [ 193.655457] ? lock_acquire+0x427/0x4c0 [ 193.655798] ? __pfx_lock_release+0x10/0x10 [ 193.656154] ? __kasan_check_write+0x18/0x20 [ 193.656513] ? do_raw_spin_lock+0x132/0x2a0 [ 193.656877] ? __pfx_do_exit+0x10/0x10 [ 193.657202] ? debug_smp_processor_id+0x20/0x30 [ 193.657584] ? rcu_is_watching+0x19/0xb0 [ 193.657935] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.658313] ? trace_hardirqs_on+0x26/0x120 [ 193.658696] do_group_exit+0xe0/0x2b0 [ 193.659020] __x64_sys_exit_group+0x47/0x50 [ 193.659379] do_syscall_64+0x3b/0x90 [ 193.659689] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.660129] RIP: 0033:0x7f4b87518a4d [ 193.660431] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.660938] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.661551] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.662135] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.662726] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.663330] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.663901] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.664496] [ 193.664687] irq event stamp: 0 [ 193.664946] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.665466] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.666146] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.666854] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.667388] ---[ end trace 0000000000000000 ]--- [ 193.668117] ------------[ cut here ]------------ [ 193.668503] WARNING: CPU: 0 PID: 1840 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.669327] Modules linked in: [ 193.669596] CPU: 0 PID: 1840 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.670289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.671205] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.671609] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.673053] RSP: 0018:ffff888016627b78 EFLAGS: 00010246 [ 193.673467] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.674026] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 193.674599] RBP: ffff888016627b98 R08: ffffed1002f7d43e R09: ffffed1002f7d43e [ 193.675170] R10: ffff888017bea1ef R11: ffffed1002f7d43d R12: ffff888017bea290 [ 193.675725] R13: ffff888017bea0a8 R14: ffffffffffffffff R15: ffff888016627c60 [ 193.676285] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.676899] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.677352] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.677893] PKRU: 55555554 [ 193.678108] Call Trace: [ 193.678316] [ 193.678490] iommufd_ioas_destroy+0x53/0x70 [ 193.678854] iommufd_fops_release+0x1f7/0x370 [ 193.679216] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.679616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.679999] ? write_comp_data+0x2f/0x90 [ 193.680323] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.680719] __fput+0x26d/0xa40 [ 193.680987] ____fput+0x1e/0x30 [ 193.681250] task_work_run+0x1a4/0x2d0 [ 193.681571] ? __pfx_task_work_run+0x10/0x10 [ 193.681915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.682292] ? switch_task_namespaces+0xa9/0xe0 [ 193.682705] do_exit+0xb17/0x2ef0 [ 193.682973] ? lock_acquire+0x427/0x4c0 [ 193.683294] ? __pfx_lock_release+0x10/0x10 [ 193.683644] ? __kasan_check_write+0x18/0x20 [ 193.683986] ? do_raw_spin_lock+0x132/0x2a0 [ 193.684320] ? __pfx_do_exit+0x10/0x10 [ 193.684625] ? debug_smp_processor_id+0x20/0x30 [ 193.684996] ? rcu_is_watching+0x19/0xb0 [ 193.685309] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.685662] ? trace_hardirqs_on+0x26/0x120 [ 193.686009] do_group_exit+0xe0/0x2b0 [ 193.686304] __x64_sys_exit_group+0x47/0x50 [ 193.686652] do_syscall_64+0x3b/0x90 [ 193.686959] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.687369] RIP: 0033:0x7f4b87518a4d [ 193.687655] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.688132] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.688706] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.689260] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.689795] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.690345] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.690900] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.691472] [ 193.691654] irq event stamp: 0 [ 193.691895] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.692393] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.693024] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.693668] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.694144] ---[ end trace 0000000000000000 ]--- [ 193.698935] ------------[ cut here ]------------ [ 193.699318] WARNING: CPU: 0 PID: 1841 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.700081] Modules linked in: [ 193.700320] CPU: 0 PID: 1841 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.700977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.701805] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.702184] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.703618] RSP: 0018:ffff88800fe5fbb8 EFLAGS: 00010246 [ 193.704005] RAX: 0000000000000000 RBX: ffff888017bfd8a8 RCX: 0000000000000000 [ 193.704533] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 193.705048] RBP: ffff88800fe5fbd0 R08: ffffed1002f7fb33 R09: ffffed1002f7fb33 [ 193.705573] R10: ffff888017bfd993 R11: ffffed1002f7fb32 R12: ffff88801883fc00 [ 193.706088] R13: ffff888017bfd9e8 R14: ffffffff8352e670 R15: ffff88800fe5fe68 [ 193.706628] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.707218] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.707649] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 193.708166] PKRU: 55555554 [ 193.708372] Call Trace: [ 193.708601] [ 193.708809] __iommufd_access_detach+0x1c2/0x2b0 [ 193.709329] iommufd_access_change_pt+0x149/0x270 [ 193.709709] iommufd_access_replace+0xb4/0x120 [ 193.710055] iommufd_test+0x3e5/0x37e0 [ 193.710342] ? lock_release+0x532/0x770 [ 193.710669] ? __might_fault+0x102/0x1b0 [ 193.710975] ? lock_acquire+0x427/0x4c0 [ 193.711284] ? __pfx_iommufd_test+0x10/0x10 [ 193.711602] ? __pfx_lock_release+0x10/0x10 [ 193.711991] ? __pfx_lock_acquire+0x10/0x10 [ 193.712435] ? write_comp_data+0x2f/0x90 [ 193.712750] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.713121] ? write_comp_data+0x2f/0x90 [ 193.713430] iommufd_fops_ioctl+0x37d/0x510 [ 193.713751] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.714124] ? write_comp_data+0x2f/0x90 [ 193.714430] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.714804] __x64_sys_ioctl+0x1a3/0x230 [ 193.715133] do_syscall_64+0x3b/0x90 [ 193.715425] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.715828] RIP: 0033:0x7f4b8743ee5d [ 193.716269] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.717602] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.718160] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.718702] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.719238] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.719928] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.720463] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.720987] [ 193.721160] irq event stamp: 0 [ 193.721395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.721873] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.722693] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.723312] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.723781] ---[ end trace 0000000000000000 ]--- [ 193.726493] ------------[ cut here ]------------ [ 193.726903] WARNING: CPU: 0 PID: 1841 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.727649] Modules linked in: [ 193.727884] CPU: 0 PID: 1841 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.728572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.729533] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.729898] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.731430] RSP: 0018:ffff88800fe5fbd0 EFLAGS: 00010246 [ 193.732197] RAX: 0000000000000000 RBX: ffff888017bfd8a8 RCX: 0000000000000000 [ 193.732959] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 193.733981] RBP: ffff88800fe5fbe8 R08: ffffed1002f7fb33 R09: ffffed1002f7fb33 [ 193.734788] R10: ffff888017bfd993 R11: ffffed1002f7fb32 R12: ffff88801226e400 [ 193.735755] R13: ffff888017bfd9e8 R14: ffff888021855d00 R15: 0000000000000000 [ 193.736529] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.737539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.738181] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.739113] PKRU: 55555554 [ 193.739441] Call Trace: [ 193.739719] [ 193.739985] iommufd_access_destroy_object+0x65/0x170 [ 193.740687] iommufd_object_destroy_user+0x18e/0x220 [ 193.741244] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.742039] iommufd_access_destroy+0x43/0x70 [ 193.742589] iommufd_test_staccess_release+0x8d/0xd0 [ 193.743170] __fput+0x26d/0xa40 [ 193.743595] ____fput+0x1e/0x30 [ 193.744061] task_work_run+0x1a4/0x2d0 [ 193.744493] ? __pfx_task_work_run+0x10/0x10 [ 193.744974] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.745650] ? switch_task_namespaces+0xa9/0xe0 [ 193.746171] do_exit+0xb17/0x2ef0 [ 193.746602] ? lock_acquire+0x427/0x4c0 [ 193.747174] ? __pfx_lock_release+0x10/0x10 [ 193.747654] ? __kasan_check_write+0x18/0x20 [ 193.748134] ? do_raw_spin_lock+0x132/0x2a0 [ 193.748768] ? __pfx_do_exit+0x10/0x10 [ 193.749205] ? debug_smp_processor_id+0x20/0x30 [ 193.749709] ? rcu_is_watching+0x19/0xb0 [ 193.750307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.750840] ? trace_hardirqs_on+0x26/0x120 [ 193.751446] do_group_exit+0xe0/0x2b0 [ 193.751750] __x64_sys_exit_group+0x47/0x50 [ 193.752311] do_syscall_64+0x3b/0x90 [ 193.752617] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.753006] RIP: 0033:0x7f4b87518a4d [ 193.753279] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.753903] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.754460] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.755010] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.755616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.756225] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.756746] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.757425] [ 193.757599] irq event stamp: 0 [ 193.757833] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.758299] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.759097] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.759731] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.760207] ---[ end trace 0000000000000000 ]--- [ 193.760961] ------------[ cut here ]------------ [ 193.761320] WARNING: CPU: 0 PID: 1841 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.762093] Modules linked in: [ 193.762361] CPU: 0 PID: 1841 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.763165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.764011] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.764460] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.765947] RSP: 0018:ffff88800fe5fb78 EFLAGS: 00010246 [ 193.766361] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.766932] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 193.767496] RBP: ffff88800fe5fb98 R08: ffffed1002f7fb3e R09: ffffed1002f7fb3e [ 193.768042] R10: ffff888017bfd9ef R11: ffffed1002f7fb3d R12: ffff888017bfda90 [ 193.768586] R13: ffff888017bfd8a8 R14: ffffffffffffffff R15: ffff88800fe5fc60 [ 193.769130] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.769753] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.770198] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.770770] PKRU: 55555554 [ 193.771002] Call Trace: [ 193.771208] [ 193.771385] iommufd_ioas_destroy+0x53/0x70 [ 193.771739] iommufd_fops_release+0x1f7/0x370 [ 193.772109] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.772498] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.772880] ? write_comp_data+0x2f/0x90 [ 193.773214] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.773602] __fput+0x26d/0xa40 [ 193.773871] ____fput+0x1e/0x30 [ 193.774133] task_work_run+0x1a4/0x2d0 [ 193.774442] ? __pfx_task_work_run+0x10/0x10 [ 193.774814] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.775213] ? switch_task_namespaces+0xa9/0xe0 [ 193.775590] do_exit+0xb17/0x2ef0 [ 193.775861] ? lock_acquire+0x427/0x4c0 [ 193.776176] ? __pfx_lock_release+0x10/0x10 [ 193.776528] ? __kasan_check_write+0x18/0x20 [ 193.776876] ? do_raw_spin_lock+0x132/0x2a0 [ 193.777210] ? __pfx_do_exit+0x10/0x10 [ 193.777517] ? debug_smp_processor_id+0x20/0x30 [ 193.777888] ? rcu_is_watching+0x19/0xb0 [ 193.778207] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.778594] ? trace_hardirqs_on+0x26/0x120 [ 193.778940] do_group_exit+0xe0/0x2b0 [ 193.779251] __x64_sys_exit_group+0x47/0x50 [ 193.779587] do_syscall_64+0x3b/0x90 [ 193.779900] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.780305] RIP: 0033:0x7f4b87518a4d [ 193.780597] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.781066] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.781653] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.782197] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.782773] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.783342] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.783899] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.784466] [ 193.784658] irq event stamp: 0 [ 193.784901] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.785383] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.786032] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.786700] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.787203] ---[ end trace 0000000000000000 ]--- [ 193.790950] ------------[ cut here ]------------ [ 193.791356] WARNING: CPU: 0 PID: 1842 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.792137] Modules linked in: [ 193.792391] CPU: 0 PID: 1842 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.793056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.793916] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.794297] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.795850] RSP: 0018:ffff88800fcd7bb8 EFLAGS: 00010246 [ 193.796270] RAX: 0000000000000000 RBX: ffff8880178728a8 RCX: 0000000000000000 [ 193.796817] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 193.797364] RBP: ffff88800fcd7bd0 R08: ffffed1002f0e533 R09: ffffed1002f0e533 [ 193.797912] R10: ffff888017872993 R11: ffffed1002f0e532 R12: ffff88800ae90800 [ 193.798452] R13: ffff8880178729e8 R14: ffffffff8352e670 R15: ffff88800fcd7e68 [ 193.799015] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.799647] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.800093] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 193.800636] PKRU: 55555554 [ 193.800859] Call Trace: [ 193.801056] [ 193.801231] __iommufd_access_detach+0x1c2/0x2b0 [ 193.801620] iommufd_access_change_pt+0x149/0x270 [ 193.801999] iommufd_access_replace+0xb4/0x120 [ 193.802363] iommufd_test+0x3e5/0x37e0 [ 193.802689] ? lock_release+0x532/0x770 [ 193.803007] ? __might_fault+0x102/0x1b0 [ 193.803338] ? lock_acquire+0x427/0x4c0 [ 193.803671] ? __pfx_iommufd_test+0x10/0x10 [ 193.804003] ? __pfx_lock_release+0x10/0x10 [ 193.804346] ? __pfx_lock_acquire+0x10/0x10 [ 193.804690] ? write_comp_data+0x2f/0x90 [ 193.805012] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.805391] ? write_comp_data+0x2f/0x90 [ 193.805713] iommufd_fops_ioctl+0x37d/0x510 [ 193.806051] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.806441] ? write_comp_data+0x2f/0x90 [ 193.806783] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.807178] __x64_sys_ioctl+0x1a3/0x230 [ 193.807506] do_syscall_64+0x3b/0x90 [ 193.807802] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.808216] RIP: 0033:0x7f4b8743ee5d [ 193.808506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.809907] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.810494] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.811073] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.811637] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.812187] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.812730] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.813283] [ 193.813463] irq event stamp: 0 [ 193.813705] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.814192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.814853] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.815498] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.815989] ---[ end trace 0000000000000000 ]--- [ 193.818716] ------------[ cut here ]------------ [ 193.819109] WARNING: CPU: 0 PID: 1842 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.819900] Modules linked in: [ 193.820147] CPU: 0 PID: 1842 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.820822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.821686] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.822067] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.823702] RSP: 0018:ffff88800fcd7bd0 EFLAGS: 00010246 [ 193.824128] RAX: 0000000000000000 RBX: ffff8880178728a8 RCX: 0000000000000000 [ 193.824671] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 193.825212] RBP: ffff88800fcd7be8 R08: ffffed1002f0e533 R09: ffffed1002f0e533 [ 193.825776] R10: ffff888017872993 R11: ffffed1002f0e532 R12: ffff88801883d400 [ 193.826329] R13: ffff8880178729e8 R14: ffff8880149bdc00 R15: 0000000000000000 [ 193.826894] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.827530] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.827972] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.828522] PKRU: 55555554 [ 193.828741] Call Trace: [ 193.828946] [ 193.829121] iommufd_access_destroy_object+0x65/0x170 [ 193.829522] iommufd_object_destroy_user+0x18e/0x220 [ 193.829917] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.830382] iommufd_access_destroy+0x43/0x70 [ 193.830767] iommufd_test_staccess_release+0x8d/0xd0 [ 193.831187] __fput+0x26d/0xa40 [ 193.831460] ____fput+0x1e/0x30 [ 193.831723] task_work_run+0x1a4/0x2d0 [ 193.832036] ? __pfx_task_work_run+0x10/0x10 [ 193.832394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.832775] ? switch_task_namespaces+0xa9/0xe0 [ 193.833153] do_exit+0xb17/0x2ef0 [ 193.833423] ? lock_acquire+0x427/0x4c0 [ 193.833742] ? __pfx_lock_release+0x10/0x10 [ 193.834092] ? __kasan_check_write+0x18/0x20 [ 193.834437] ? do_raw_spin_lock+0x132/0x2a0 [ 193.834800] ? __pfx_do_exit+0x10/0x10 [ 193.835113] ? debug_smp_processor_id+0x20/0x30 [ 193.835485] ? rcu_is_watching+0x19/0xb0 [ 193.835813] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.836168] ? trace_hardirqs_on+0x26/0x120 [ 193.836510] do_group_exit+0xe0/0x2b0 [ 193.836817] __x64_sys_exit_group+0x47/0x50 [ 193.837150] do_syscall_64+0x3b/0x90 [ 193.837445] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.837865] RIP: 0033:0x7f4b87518a4d [ 193.838154] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.838646] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.839243] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.839797] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.840353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.840906] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.841453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.842015] [ 193.842195] irq event stamp: 0 [ 193.842441] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.842953] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.843621] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.844263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.844755] ---[ end trace 0000000000000000 ]--- [ 193.845439] ------------[ cut here ]------------ [ 193.845801] WARNING: CPU: 0 PID: 1842 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.846607] Modules linked in: [ 193.846861] CPU: 0 PID: 1842 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.847548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.848390] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.848781] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.850168] RSP: 0018:ffff88800fcd7b78 EFLAGS: 00010246 [ 193.850592] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.851139] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 193.851675] RBP: ffff88800fcd7b98 R08: ffffed1002f0e53e R09: ffffed1002f0e53e [ 193.852215] R10: ffff8880178729ef R11: ffffed1002f0e53d R12: ffff888017872a90 [ 193.852758] R13: ffff8880178728a8 R14: ffffffffffffffff R15: ffff88800fcd7c60 [ 193.853301] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.853904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.854348] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.854906] PKRU: 55555554 [ 193.855131] Call Trace: [ 193.855327] [ 193.855508] iommufd_ioas_destroy+0x53/0x70 [ 193.855842] iommufd_fops_release+0x1f7/0x370 [ 193.856193] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.856573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.856947] ? write_comp_data+0x2f/0x90 [ 193.857268] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.857645] __fput+0x26d/0xa40 [ 193.857911] ____fput+0x1e/0x30 [ 193.858169] task_work_run+0x1a4/0x2d0 [ 193.858477] ? __pfx_task_work_run+0x10/0x10 [ 193.858838] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.859225] ? switch_task_namespaces+0xa9/0xe0 [ 193.859584] do_exit+0xb17/0x2ef0 [ 193.859848] ? lock_acquire+0x427/0x4c0 [ 193.860156] ? __pfx_lock_release+0x10/0x10 [ 193.860493] ? __kasan_check_write+0x18/0x20 [ 193.860825] ? do_raw_spin_lock+0x132/0x2a0 [ 193.861163] ? __pfx_do_exit+0x10/0x10 [ 193.861463] ? debug_smp_processor_id+0x20/0x30 [ 193.861827] ? rcu_is_watching+0x19/0xb0 [ 193.862133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.862489] ? trace_hardirqs_on+0x26/0x120 [ 193.862850] do_group_exit+0xe0/0x2b0 [ 193.863145] __x64_sys_exit_group+0x47/0x50 [ 193.863480] do_syscall_64+0x3b/0x90 [ 193.863772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.864168] RIP: 0033:0x7f4b87518a4d [ 193.864446] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.864911] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.865484] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.866013] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.866580] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.867125] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.867662] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.868200] [ 193.868378] irq event stamp: 0 [ 193.868619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.869096] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.869731] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.870369] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.870863] ---[ end trace 0000000000000000 ]--- [ 193.875461] ------------[ cut here ]------------ [ 193.875836] WARNING: CPU: 0 PID: 1843 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.876590] Modules linked in: [ 193.876829] CPU: 0 PID: 1843 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.877479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.878318] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.878870] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.880254] RSP: 0018:ffff8880161dfbb8 EFLAGS: 00010246 [ 193.880651] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 193.881190] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 193.881725] RBP: ffff8880161dfbd0 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 193.882257] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff8880138b2400 [ 193.882820] R13: ffff88801609b1e8 R14: ffffffff8352e670 R15: ffff8880161dfe68 [ 193.883369] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.883964] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.884416] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 193.884939] PKRU: 55555554 [ 193.885149] Call Trace: [ 193.885337] [ 193.885507] __iommufd_access_detach+0x1c2/0x2b0 [ 193.885879] iommufd_access_change_pt+0x149/0x270 [ 193.886243] iommufd_access_replace+0xb4/0x120 [ 193.886619] iommufd_test+0x3e5/0x37e0 [ 193.886918] ? lock_release+0x532/0x770 [ 193.887232] ? __might_fault+0x102/0x1b0 [ 193.887554] ? lock_acquire+0x427/0x4c0 [ 193.887859] ? __pfx_iommufd_test+0x10/0x10 [ 193.888178] ? __pfx_lock_release+0x10/0x10 [ 193.888506] ? __pfx_lock_acquire+0x10/0x10 [ 193.888839] ? write_comp_data+0x2f/0x90 [ 193.889147] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.889516] ? write_comp_data+0x2f/0x90 [ 193.889828] iommufd_fops_ioctl+0x37d/0x510 [ 193.890158] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.890542] ? write_comp_data+0x2f/0x90 [ 193.890860] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.891227] __x64_sys_ioctl+0x1a3/0x230 [ 193.891551] do_syscall_64+0x3b/0x90 [ 193.891837] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.892235] RIP: 0033:0x7f4b8743ee5d [ 193.892512] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.893878] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.894446] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.895000] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.895543] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.896078] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.896601] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.897136] [ 193.897309] irq event stamp: 0 [ 193.897541] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.898006] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.898635] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.899253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.899712] ---[ end trace 0000000000000000 ]--- [ 193.902313] ------------[ cut here ]------------ [ 193.902693] WARNING: CPU: 0 PID: 1843 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.903456] Modules linked in: [ 193.903701] CPU: 0 PID: 1843 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.904339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.905176] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.905540] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.906901] RSP: 0018:ffff8880161dfbd0 EFLAGS: 00010246 [ 193.907304] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 193.907832] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 193.908363] RBP: ffff8880161dfbe8 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 193.908885] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff88800ae92800 [ 193.909412] R13: ffff88801609b1e8 R14: ffff888013596500 R15: 0000000000000000 [ 193.909942] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.910560] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.910991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.911531] PKRU: 55555554 [ 193.911742] Call Trace: [ 193.911940] [ 193.912109] iommufd_access_destroy_object+0x65/0x170 [ 193.912499] iommufd_object_destroy_user+0x18e/0x220 [ 193.912878] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.913311] iommufd_access_destroy+0x43/0x70 [ 193.913651] iommufd_test_staccess_release+0x8d/0xd0 [ 193.914032] __fput+0x26d/0xa40 [ 193.914294] ____fput+0x1e/0x30 [ 193.914570] task_work_run+0x1a4/0x2d0 [ 193.914872] ? __pfx_task_work_run+0x10/0x10 [ 193.915230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.915597] ? switch_task_namespaces+0xa9/0xe0 [ 193.915954] do_exit+0xb17/0x2ef0 [ 193.916219] ? lock_acquire+0x427/0x4c0 [ 193.916523] ? __pfx_lock_release+0x10/0x10 [ 193.916858] ? __kasan_check_write+0x18/0x20 [ 193.917189] ? do_raw_spin_lock+0x132/0x2a0 [ 193.917514] ? __pfx_do_exit+0x10/0x10 [ 193.917823] ? debug_smp_processor_id+0x20/0x30 [ 193.918174] ? rcu_is_watching+0x19/0xb0 [ 193.918492] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.918859] ? trace_hardirqs_on+0x26/0x120 [ 193.919195] do_group_exit+0xe0/0x2b0 [ 193.919481] __x64_sys_exit_group+0x47/0x50 [ 193.919810] do_syscall_64+0x3b/0x90 [ 193.920095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.920487] RIP: 0033:0x7f4b87518a4d [ 193.920763] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.921217] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.921776] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.922295] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.922841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.923376] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.923904] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.924445] [ 193.924620] irq event stamp: 0 [ 193.924862] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.925327] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.925944] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.926580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.927047] ---[ end trace 0000000000000000 ]--- [ 193.927714] ------------[ cut here ]------------ [ 193.928061] WARNING: CPU: 0 PID: 1843 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 193.928814] Modules linked in: [ 193.929068] CPU: 0 PID: 1843 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.929714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.930558] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 193.930954] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 193.932333] RSP: 0018:ffff8880161dfb78 EFLAGS: 00010246 [ 193.932731] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 193.933250] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 193.933784] RBP: ffff8880161dfb98 R08: ffffed1002c1363e R09: ffffed1002c1363e [ 193.934307] R10: ffff88801609b1ef R11: ffffed1002c1363d R12: ffff88801609b290 [ 193.934866] R13: ffff88801609b0a8 R14: ffffffffffffffff R15: ffff8880161dfc60 [ 193.935403] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.936003] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.936431] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.936967] PKRU: 55555554 [ 193.937176] Call Trace: [ 193.937367] [ 193.937534] iommufd_ioas_destroy+0x53/0x70 [ 193.937860] iommufd_fops_release+0x1f7/0x370 [ 193.938199] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.938601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.938973] ? write_comp_data+0x2f/0x90 [ 193.939297] ? __pfx_iommufd_fops_release+0x10/0x10 [ 193.939677] __fput+0x26d/0xa40 [ 193.939937] ____fput+0x1e/0x30 [ 193.940192] task_work_run+0x1a4/0x2d0 [ 193.940488] ? __pfx_task_work_run+0x10/0x10 [ 193.940823] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.941200] ? switch_task_namespaces+0xa9/0xe0 [ 193.941556] do_exit+0xb17/0x2ef0 [ 193.941825] ? lock_acquire+0x427/0x4c0 [ 193.942128] ? __pfx_lock_release+0x10/0x10 [ 193.942465] ? __kasan_check_write+0x18/0x20 [ 193.942821] ? do_raw_spin_lock+0x132/0x2a0 [ 193.943167] ? __pfx_do_exit+0x10/0x10 [ 193.943467] ? debug_smp_processor_id+0x20/0x30 [ 193.943815] ? rcu_is_watching+0x19/0xb0 [ 193.944128] ? _raw_spin_unlock_irq+0x2b/0x60 [ 193.944472] ? trace_hardirqs_on+0x26/0x120 [ 193.944800] do_group_exit+0xe0/0x2b0 [ 193.945086] __x64_sys_exit_group+0x47/0x50 [ 193.945412] do_syscall_64+0x3b/0x90 [ 193.945698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.946088] RIP: 0033:0x7f4b87518a4d [ 193.946367] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 193.946839] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 193.947422] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 193.947944] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 193.948475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 193.949001] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 193.949525] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 193.950053] [ 193.950227] irq event stamp: 0 [ 193.950463] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.950946] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.951587] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.952216] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.952680] ---[ end trace 0000000000000000 ]--- [ 193.956649] ------------[ cut here ]------------ [ 193.957028] WARNING: CPU: 0 PID: 1844 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.957777] Modules linked in: [ 193.958022] CPU: 0 PID: 1844 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.958732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.959592] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.959959] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.961316] RSP: 0018:ffff888016e97bb8 EFLAGS: 00010246 [ 193.961706] RAX: 0000000000000000 RBX: ffff88800fbc10a8 RCX: 0000000000000000 [ 193.962237] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 193.962792] RBP: ffff888016e97bd0 R08: ffffed1001f78233 R09: ffffed1001f78233 [ 193.963331] R10: ffff88800fbc1193 R11: ffffed1001f78232 R12: ffff8880129cb400 [ 193.963904] R13: ffff88800fbc11e8 R14: ffffffff8352e670 R15: ffff888016e97e68 [ 193.964639] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.965239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.965697] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 193.966360] PKRU: 55555554 [ 193.966608] Call Trace: [ 193.966799] [ 193.966967] __iommufd_access_detach+0x1c2/0x2b0 [ 193.967370] iommufd_access_change_pt+0x149/0x270 [ 193.967865] iommufd_access_replace+0xb4/0x120 [ 193.968225] iommufd_test+0x3e5/0x37e0 [ 193.968516] ? lock_release+0x532/0x770 [ 193.968833] ? __might_fault+0x102/0x1b0 [ 193.969201] ? lock_acquire+0x427/0x4c0 [ 193.969612] ? __pfx_iommufd_test+0x10/0x10 [ 193.969936] ? __pfx_lock_release+0x10/0x10 [ 193.970271] ? __pfx_lock_acquire+0x10/0x10 [ 193.970626] ? write_comp_data+0x2f/0x90 [ 193.970942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 193.971368] ? write_comp_data+0x2f/0x90 [ 193.971787] iommufd_fops_ioctl+0x37d/0x510 [ 193.972119] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.972487] ? write_comp_data+0x2f/0x90 [ 193.972804] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 193.973207] __x64_sys_ioctl+0x1a3/0x230 [ 193.973638] do_syscall_64+0x3b/0x90 [ 193.973927] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 193.974321] RIP: 0033:0x7f4b8743ee5d [ 193.974626] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 193.976169] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 193.976785] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 193.977420] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 193.977968] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 193.978645] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 193.979197] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 193.979754] [ 193.979932] irq event stamp: 0 [ 193.980173] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 193.980794] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 193.981437] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 193.982111] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 193.982692] ---[ end trace 0000000000000000 ]--- [ 193.985467] ------------[ cut here ]------------ [ 193.985878] WARNING: CPU: 0 PID: 1844 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 193.986757] Modules linked in: [ 193.987006] CPU: 0 PID: 1844 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 193.987722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 193.988687] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 193.989079] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 193.990656] RSP: 0018:ffff888016e97bd0 EFLAGS: 00010246 [ 193.991069] RAX: 0000000000000000 RBX: ffff88800fbc10a8 RCX: 0000000000000000 [ 193.991782] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 193.992328] RBP: ffff888016e97be8 R08: ffffed1001f78233 R09: ffffed1001f78233 [ 193.992883] R10: ffff88800fbc1193 R11: ffffed1001f78232 R12: ffff8880138b0800 [ 193.993569] R13: ffff88800fbc11e8 R14: ffff888020a71b00 R15: 0000000000000000 [ 193.994122] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 193.994785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.995354] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 193.995913] PKRU: 55555554 [ 193.996145] Call Trace: [ 193.996343] [ 193.996526] iommufd_access_destroy_object+0x65/0x170 [ 193.997079] iommufd_object_destroy_user+0x18e/0x220 [ 193.997484] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 193.997950] iommufd_access_destroy+0x43/0x70 [ 193.998309] iommufd_test_staccess_release+0x8d/0xd0 [ 193.998886] __fput+0x26d/0xa40 [ 193.999173] ____fput+0x1e/0x30 [ 193.999445] task_work_run+0x1a4/0x2d0 [ 193.999769] ? __pfx_task_work_run+0x10/0x10 [ 194.000118] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.000576] ? switch_task_namespaces+0xa9/0xe0 [ 194.001042] do_exit+0xb17/0x2ef0 [ 194.001322] ? lock_acquire+0x427/0x4c0 [ 194.001649] ? __pfx_lock_release+0x10/0x10 [ 194.002015] ? __kasan_check_write+0x18/0x20 [ 194.002478] ? do_raw_spin_lock+0x132/0x2a0 [ 194.002851] ? __pfx_do_exit+0x10/0x10 [ 194.003202] ? debug_smp_processor_id+0x20/0x30 [ 194.003595] ? rcu_is_watching+0x19/0xb0 [ 194.004009] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.004483] ? trace_hardirqs_on+0x26/0x120 [ 194.004847] do_group_exit+0xe0/0x2b0 [ 194.005174] __x64_sys_exit_group+0x47/0x50 [ 194.005548] do_syscall_64+0x3b/0x90 [ 194.005979] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.006421] RIP: 0033:0x7f4b87518a4d [ 194.006751] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.007265] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.008040] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.008633] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.009222] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.009970] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.010581] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.011237] [ 194.011509] irq event stamp: 0 [ 194.011769] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.012289] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.013007] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.013779] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.014302] ---[ end trace 0000000000000000 ]--- [ 194.016478] ------------[ cut here ]------------ [ 194.017004] WARNING: CPU: 0 PID: 1844 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.017830] Modules linked in: [ 194.018096] CPU: 0 PID: 1844 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.018973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.019903] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.020338] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.021830] RSP: 0018:ffff888016e97b78 EFLAGS: 00010246 [ 194.022260] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.022872] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 194.023465] RBP: ffff888016e97b98 R08: ffffed1001f7823e R09: ffffed1001f7823e [ 194.024047] R10: ffff88800fbc11ef R11: ffffed1001f7823d R12: ffff88800fbc1290 [ 194.024627] R13: ffff88800fbc10a8 R14: ffffffffffffffff R15: ffff888016e97c60 [ 194.025198] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.025857] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.026336] CR2: 00007f82e2f29000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 194.026955] PKRU: 55555554 [ 194.027206] Call Trace: [ 194.027417] [ 194.027602] iommufd_ioas_destroy+0x53/0x70 [ 194.027962] iommufd_fops_release+0x1f7/0x370 [ 194.028331] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.028739] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.029143] ? write_comp_data+0x2f/0x90 [ 194.029485] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.029892] __fput+0x26d/0xa40 [ 194.030176] ____fput+0x1e/0x30 [ 194.030451] task_work_run+0x1a4/0x2d0 [ 194.030800] ? __pfx_task_work_run+0x10/0x10 [ 194.031178] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.031578] ? switch_task_namespaces+0xa9/0xe0 [ 194.031977] do_exit+0xb17/0x2ef0 [ 194.032261] ? lock_acquire+0x427/0x4c0 [ 194.032594] ? __pfx_lock_release+0x10/0x10 [ 194.032950] ? __kasan_check_write+0x18/0x20 [ 194.033323] ? do_raw_spin_lock+0x132/0x2a0 [ 194.033680] ? __pfx_do_exit+0x10/0x10 [ 194.034022] ? debug_smp_processor_id+0x20/0x30 [ 194.034409] ? rcu_is_watching+0x19/0xb0 [ 194.034779] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.035183] ? trace_hardirqs_on+0x26/0x120 [ 194.035544] do_group_exit+0xe0/0x2b0 [ 194.035859] __x64_sys_exit_group+0x47/0x50 [ 194.036207] do_syscall_64+0x3b/0x90 [ 194.036520] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.036954] RIP: 0033:0x7f4b87518a4d [ 194.037256] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.037759] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.038369] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.038976] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.039561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.040132] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.040704] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.041296] [ 194.041499] irq event stamp: 0 [ 194.041758] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.042267] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.042967] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.043666] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.044174] ---[ end trace 0000000000000000 ]--- [ 194.048459] ------------[ cut here ]------------ [ 194.048859] WARNING: CPU: 0 PID: 1845 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.049879] Modules linked in: [ 194.050142] CPU: 0 PID: 1845 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.050940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.051955] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.052371] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.054003] RSP: 0018:ffff8880161dfbb8 EFLAGS: 00010246 [ 194.054438] RAX: 0000000000000000 RBX: ffff88800f3758a8 RCX: 0000000000000000 [ 194.055219] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 194.055799] RBP: ffff8880161dfbd0 R08: ffffed1001e6eb33 R09: ffffed1001e6eb33 [ 194.056388] R10: ffff88800f375993 R11: ffffed1001e6eb32 R12: ffff888014580000 [ 194.057124] R13: ffff88800f3759e8 R14: ffffffff8352e670 R15: ffff8880161dfe68 [ 194.057709] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.058390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.059010] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 194.059611] PKRU: 55555554 [ 194.059840] Call Trace: [ 194.060048] [ 194.060241] __iommufd_access_detach+0x1c2/0x2b0 [ 194.060721] iommufd_access_change_pt+0x149/0x270 [ 194.061205] iommufd_access_replace+0xb4/0x120 [ 194.061592] iommufd_test+0x3e5/0x37e0 [ 194.061914] ? lock_release+0x532/0x770 [ 194.062318] ? __might_fault+0x102/0x1b0 [ 194.062763] ? lock_acquire+0x427/0x4c0 [ 194.063101] ? __pfx_iommufd_test+0x10/0x10 [ 194.063468] ? __pfx_lock_release+0x10/0x10 [ 194.063836] ? __pfx_lock_acquire+0x10/0x10 [ 194.064199] ? write_comp_data+0x2f/0x90 [ 194.064684] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.065088] ? write_comp_data+0x2f/0x90 [ 194.065433] iommufd_fops_ioctl+0x37d/0x510 [ 194.065797] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.066350] ? write_comp_data+0x2f/0x90 [ 194.066721] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.067134] __x64_sys_ioctl+0x1a3/0x230 [ 194.067490] do_syscall_64+0x3b/0x90 [ 194.067807] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.068265] RIP: 0033:0x7f4b8743ee5d [ 194.068690] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.070245] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.070985] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.071585] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.072167] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.072747] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.073330] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.073913] [ 194.074115] irq event stamp: 0 [ 194.074372] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.074925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.075629] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.076299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.076815] ---[ end trace 0000000000000000 ]--- [ 194.079862] ------------[ cut here ]------------ [ 194.080261] WARNING: CPU: 0 PID: 1845 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.081078] Modules linked in: [ 194.081419] CPU: 0 PID: 1845 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.082222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.083237] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.083720] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.085273] RSP: 0018:ffff8880161dfbd0 EFLAGS: 00010246 [ 194.085774] RAX: 0000000000000000 RBX: ffff88800f3758a8 RCX: 0000000000000000 [ 194.086358] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 194.087027] RBP: ffff8880161dfbe8 R08: ffffed1001e6eb33 R09: ffffed1001e6eb33 [ 194.087717] R10: ffff88800f375993 R11: ffffed1001e6eb32 R12: ffff8880129c9800 [ 194.088301] R13: ffff88800f3759e8 R14: ffff8880137a3a00 R15: 0000000000000000 [ 194.088874] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.089678] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.090154] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 194.090788] PKRU: 55555554 [ 194.091143] Call Trace: [ 194.091357] [ 194.091549] iommufd_access_destroy_object+0x65/0x170 [ 194.091975] iommufd_object_destroy_user+0x18e/0x220 [ 194.092406] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.093037] iommufd_access_destroy+0x43/0x70 [ 194.093430] iommufd_test_staccess_release+0x8d/0xd0 [ 194.093863] __fput+0x26d/0xa40 [ 194.094148] ____fput+0x1e/0x30 [ 194.094441] task_work_run+0x1a4/0x2d0 [ 194.094930] ? __pfx_task_work_run+0x10/0x10 [ 194.095313] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.095732] ? switch_task_namespaces+0xa9/0xe0 [ 194.096136] do_exit+0xb17/0x2ef0 [ 194.096465] ? lock_acquire+0x427/0x4c0 [ 194.096936] ? __pfx_lock_release+0x10/0x10 [ 194.097324] ? __kasan_check_write+0x18/0x20 [ 194.097704] ? do_raw_spin_lock+0x132/0x2a0 [ 194.098077] ? __pfx_do_exit+0x10/0x10 [ 194.098498] ? debug_smp_processor_id+0x20/0x30 [ 194.099032] ? rcu_is_watching+0x19/0xb0 [ 194.099402] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.099795] ? trace_hardirqs_on+0x26/0x120 [ 194.100174] do_group_exit+0xe0/0x2b0 [ 194.100578] __x64_sys_exit_group+0x47/0x50 [ 194.101001] do_syscall_64+0x3b/0x90 [ 194.101325] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.101776] RIP: 0033:0x7f4b87518a4d [ 194.102155] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.102787] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.103461] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.104160] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.104924] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.105549] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.106331] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.106987] [ 194.107210] irq event stamp: 0 [ 194.107485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.108121] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.108912] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.109637] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.110361] ---[ end trace 0000000000000000 ]--- [ 194.112689] ------------[ cut here ]------------ [ 194.113139] WARNING: CPU: 0 PID: 1845 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.114205] Modules linked in: [ 194.114484] CPU: 0 PID: 1845 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.115295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.116437] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.116887] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.118635] RSP: 0018:ffff8880161dfb78 EFLAGS: 00010246 [ 194.119090] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.119849] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 194.120459] RBP: ffff8880161dfb98 R08: ffffed1001e6eb3e R09: ffffed1001e6eb3e [ 194.121118] R10: ffff88800f3759ef R11: ffffed1001e6eb3d R12: ffff88800f375a90 [ 194.121860] R13: ffff88800f3758a8 R14: ffffffffffffffff R15: ffff8880161dfc60 [ 194.122481] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.123255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.123771] CR2: 00007f82e2f33000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 194.124381] PKRU: 55555554 [ 194.124624] Call Trace: [ 194.124855] [ 194.125051] iommufd_ioas_destroy+0x53/0x70 [ 194.125432] iommufd_fops_release+0x1f7/0x370 [ 194.125838] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.126273] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.126739] ? write_comp_data+0x2f/0x90 [ 194.127108] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.127562] __fput+0x26d/0xa40 [ 194.127861] ____fput+0x1e/0x30 [ 194.128152] task_work_run+0x1a4/0x2d0 [ 194.128496] ? __pfx_task_work_run+0x10/0x10 [ 194.128885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.129311] ? switch_task_namespaces+0xa9/0xe0 [ 194.129732] do_exit+0xb17/0x2ef0 [ 194.130034] ? lock_acquire+0x427/0x4c0 [ 194.130388] ? __pfx_lock_release+0x10/0x10 [ 194.130791] ? __kasan_check_write+0x18/0x20 [ 194.131214] ? do_raw_spin_lock+0x132/0x2a0 [ 194.131607] ? __pfx_do_exit+0x10/0x10 [ 194.131952] ? debug_smp_processor_id+0x20/0x30 [ 194.132358] ? rcu_is_watching+0x19/0xb0 [ 194.132711] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.133106] ? trace_hardirqs_on+0x26/0x120 [ 194.133483] do_group_exit+0xe0/0x2b0 [ 194.133814] __x64_sys_exit_group+0x47/0x50 [ 194.134193] do_syscall_64+0x3b/0x90 [ 194.134545] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.135003] RIP: 0033:0x7f4b87518a4d [ 194.135346] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.135880] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.136535] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.137147] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.137756] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.138383] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.139022] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.139668] [ 194.139875] irq event stamp: 0 [ 194.140163] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.140714] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.141447] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.142174] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.142748] ---[ end trace 0000000000000000 ]--- [ 194.147614] ------------[ cut here ]------------ [ 194.148065] WARNING: CPU: 0 PID: 1846 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.148964] Modules linked in: [ 194.149245] CPU: 0 PID: 1846 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.150008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.151034] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.151502] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.153125] RSP: 0018:ffff888018347bb8 EFLAGS: 00010246 [ 194.153592] RAX: 0000000000000000 RBX: ffff888020bee8a8 RCX: 0000000000000000 [ 194.154212] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 194.154861] RBP: ffff888018347bd0 R08: ffffed100417dd33 R09: ffffed100417dd33 [ 194.155508] R10: ffff888020bee993 R11: ffffed100417dd32 R12: ffff888010c0bc00 [ 194.156133] R13: ffff888020bee9e8 R14: ffffffff8352e670 R15: ffff888018347e68 [ 194.156759] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.157448] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.157955] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 194.158614] PKRU: 55555554 [ 194.158868] Call Trace: [ 194.159093] [ 194.159299] __iommufd_access_detach+0x1c2/0x2b0 [ 194.159729] iommufd_access_change_pt+0x149/0x270 [ 194.160171] iommufd_access_replace+0xb4/0x120 [ 194.160584] iommufd_test+0x3e5/0x37e0 [ 194.160946] ? lock_release+0x532/0x770 [ 194.161313] ? __might_fault+0x102/0x1b0 [ 194.161683] ? lock_acquire+0x427/0x4c0 [ 194.162041] ? __pfx_iommufd_test+0x10/0x10 [ 194.162428] ? __pfx_lock_release+0x10/0x10 [ 194.162846] ? __pfx_lock_acquire+0x10/0x10 [ 194.163256] ? write_comp_data+0x2f/0x90 [ 194.163627] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.164056] ? write_comp_data+0x2f/0x90 [ 194.164422] iommufd_fops_ioctl+0x37d/0x510 [ 194.164819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.165254] ? write_comp_data+0x2f/0x90 [ 194.165621] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.166056] __x64_sys_ioctl+0x1a3/0x230 [ 194.166420] do_syscall_64+0x3b/0x90 [ 194.166792] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.167267] RIP: 0033:0x7f4b8743ee5d [ 194.167595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.169203] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.169876] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.170540] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.171174] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.171809] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.172434] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.173064] [ 194.173273] irq event stamp: 0 [ 194.173545] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.174087] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.174846] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.175596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.176160] ---[ end trace 0000000000000000 ]--- [ 194.179111] ------------[ cut here ]------------ [ 194.179616] WARNING: CPU: 0 PID: 1846 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.180553] Modules linked in: [ 194.180849] CPU: 0 PID: 1846 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.181659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.182753] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.183263] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.184967] RSP: 0018:ffff888018347bd0 EFLAGS: 00010246 [ 194.185473] RAX: 0000000000000000 RBX: ffff888020bee8a8 RCX: 0000000000000000 [ 194.186147] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 194.186850] RBP: ffff888018347be8 R08: ffffed100417dd33 R09: ffffed100417dd33 [ 194.187540] R10: ffff888020bee993 R11: ffffed100417dd32 R12: ffff888014581000 [ 194.188210] R13: ffff888020bee9e8 R14: ffff888012ba4300 R15: 0000000000000000 [ 194.188883] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.189637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.190176] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 194.190882] PKRU: 55555554 [ 194.191170] Call Trace: [ 194.191417] [ 194.191637] iommufd_access_destroy_object+0x65/0x170 [ 194.192137] iommufd_object_destroy_user+0x18e/0x220 [ 194.192636] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.193194] iommufd_access_destroy+0x43/0x70 [ 194.193633] iommufd_test_staccess_release+0x8d/0xd0 [ 194.194125] __fput+0x26d/0xa40 [ 194.194455] ____fput+0x1e/0x30 [ 194.194826] task_work_run+0x1a4/0x2d0 [ 194.195235] ? __pfx_task_work_run+0x10/0x10 [ 194.195661] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.196138] ? switch_task_namespaces+0xa9/0xe0 [ 194.196594] do_exit+0xb17/0x2ef0 [ 194.196923] ? lock_acquire+0x427/0x4c0 [ 194.197323] ? __pfx_lock_release+0x10/0x10 [ 194.197737] ? __kasan_check_write+0x18/0x20 [ 194.198177] ? do_raw_spin_lock+0x132/0x2a0 [ 194.198637] ? __pfx_do_exit+0x10/0x10 [ 194.199023] ? debug_smp_processor_id+0x20/0x30 [ 194.199491] ? rcu_is_watching+0x19/0xb0 [ 194.199880] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.200318] ? trace_hardirqs_on+0x26/0x120 [ 194.200737] do_group_exit+0xe0/0x2b0 [ 194.201104] __x64_sys_exit_group+0x47/0x50 [ 194.201514] do_syscall_64+0x3b/0x90 [ 194.201880] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.202384] RIP: 0033:0x7f4b87518a4d [ 194.202802] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.203445] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.204246] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.204985] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.205707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.206447] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.207263] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.208026] [ 194.208273] irq event stamp: 0 [ 194.208606] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.209261] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.210139] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.211048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.211718] ---[ end trace 0000000000000000 ]--- [ 194.212605] ------------[ cut here ]------------ [ 194.213098] WARNING: CPU: 0 PID: 1846 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.214169] Modules linked in: [ 194.214501] CPU: 0 PID: 1846 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.215480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.216643] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.217182] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.219146] RSP: 0018:ffff888018347b78 EFLAGS: 00010246 [ 194.219723] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.220452] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 194.221195] RBP: ffff888018347b98 R08: ffffed100417dd3e R09: ffffed100417dd3e [ 194.221940] R10: ffff888020bee9ef R11: ffffed100417dd3d R12: ffff888020beea90 [ 194.222721] R13: ffff888020bee8a8 R14: ffffffffffffffff R15: ffff888018347c60 [ 194.223487] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.224346] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.224950] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 194.225892] PKRU: 55555554 [ 194.226409] Call Trace: [ 194.226739] [ 194.226974] iommufd_ioas_destroy+0x53/0x70 [ 194.227439] iommufd_fops_release+0x1f7/0x370 [ 194.227909] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.228429] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.228935] ? write_comp_data+0x2f/0x90 [ 194.229367] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.230050] __fput+0x26d/0xa40 [ 194.230632] ____fput+0x1e/0x30 [ 194.230997] task_work_run+0x1a4/0x2d0 [ 194.231418] ? __pfx_task_work_run+0x10/0x10 [ 194.231869] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.232382] ? switch_task_namespaces+0xa9/0xe0 [ 194.232869] do_exit+0xb17/0x2ef0 [ 194.233238] ? lock_acquire+0x427/0x4c0 [ 194.233657] ? __pfx_lock_release+0x10/0x10 [ 194.234112] ? __kasan_check_write+0x18/0x20 [ 194.234629] ? do_raw_spin_lock+0x132/0x2a0 [ 194.235086] ? __pfx_do_exit+0x10/0x10 [ 194.235550] ? debug_smp_processor_id+0x20/0x30 [ 194.236192] ? rcu_is_watching+0x19/0xb0 [ 194.236762] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.237244] ? trace_hardirqs_on+0x26/0x120 [ 194.237697] do_group_exit+0xe0/0x2b0 [ 194.238103] __x64_sys_exit_group+0x47/0x50 [ 194.238584] do_syscall_64+0x3b/0x90 [ 194.238982] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.239543] RIP: 0033:0x7f4b87518a4d [ 194.239938] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.240776] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.241717] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.242453] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.243271] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.244002] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.244766] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.245845] [ 194.246096] irq event stamp: 0 [ 194.246415] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.247097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.247998] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.248854] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.249582] ---[ end trace 0000000000000000 ]--- [ 194.255731] ------------[ cut here ]------------ [ 194.256261] WARNING: CPU: 0 PID: 1847 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.257369] Modules linked in: [ 194.257799] CPU: 0 PID: 1847 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.258925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.260137] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.260652] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.262597] RSP: 0018:ffff888016e97bb8 EFLAGS: 00010246 [ 194.263175] RAX: 0000000000000000 RBX: ffff888011db68a8 RCX: 0000000000000000 [ 194.263927] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 194.264670] RBP: ffff888016e97bd0 R08: ffffed10023b6d33 R09: ffffed10023b6d33 [ 194.265418] R10: ffff888011db6993 R11: ffffed10023b6d32 R12: ffff88801420e800 [ 194.266163] R13: ffff888011db69e8 R14: ffffffff8352e670 R15: ffff888016e97e68 [ 194.266954] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.267826] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.268434] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 194.269177] PKRU: 55555554 [ 194.269472] Call Trace: [ 194.269735] [ 194.269987] __iommufd_access_detach+0x1c2/0x2b0 [ 194.270497] iommufd_access_change_pt+0x149/0x270 [ 194.271068] iommufd_access_replace+0xb4/0x120 [ 194.271596] iommufd_test+0x3e5/0x37e0 [ 194.272000] ? lock_release+0x532/0x770 [ 194.272446] ? __might_fault+0x102/0x1b0 [ 194.272881] ? lock_acquire+0x427/0x4c0 [ 194.273305] ? __pfx_iommufd_test+0x10/0x10 [ 194.273754] ? __pfx_lock_release+0x10/0x10 [ 194.274222] ? __pfx_lock_acquire+0x10/0x10 [ 194.274724] ? write_comp_data+0x2f/0x90 [ 194.275199] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.275711] ? write_comp_data+0x2f/0x90 [ 194.276149] iommufd_fops_ioctl+0x37d/0x510 [ 194.276600] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.277125] ? write_comp_data+0x2f/0x90 [ 194.277562] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.278069] __x64_sys_ioctl+0x1a3/0x230 [ 194.278553] do_syscall_64+0x3b/0x90 [ 194.278956] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.279516] RIP: 0033:0x7f4b8743ee5d [ 194.279903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.281823] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.282653] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.283408] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.284162] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.284893] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.285627] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.286392] [ 194.286674] irq event stamp: 0 [ 194.287003] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.287679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.288554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.289436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.290091] ---[ end trace 0000000000000000 ]--- [ 194.293975] ------------[ cut here ]------------ [ 194.294503] WARNING: CPU: 0 PID: 1847 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.295717] Modules linked in: [ 194.296179] CPU: 0 PID: 1847 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.297220] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.298383] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.298955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.301234] RSP: 0018:ffff888016e97bd0 EFLAGS: 00010246 [ 194.301939] RAX: 0000000000000000 RBX: ffff888011db68a8 RCX: 0000000000000000 [ 194.302721] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 194.303483] RBP: ffff888016e97be8 R08: ffffed10023b6d33 R09: ffffed10023b6d33 [ 194.304215] R10: ffff888011db6993 R11: ffffed10023b6d32 R12: ffff888010c09800 [ 194.304960] R13: ffff888011db69e8 R14: ffff888021855100 R15: 0000000000000000 [ 194.305918] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.307189] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.307802] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 194.308541] PKRU: 55555554 [ 194.308830] Call Trace: [ 194.309093] [ 194.309326] iommufd_access_destroy_object+0x65/0x170 [ 194.309865] iommufd_object_destroy_user+0x18e/0x220 [ 194.310425] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.311294] iommufd_access_destroy+0x43/0x70 [ 194.311943] iommufd_test_staccess_release+0x8d/0xd0 [ 194.312476] __fput+0x26d/0xa40 [ 194.312836] ____fput+0x1e/0x30 [ 194.313188] task_work_run+0x1a4/0x2d0 [ 194.313596] ? __pfx_task_work_run+0x10/0x10 [ 194.314074] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.314643] ? switch_task_namespaces+0xa9/0xe0 [ 194.315156] do_exit+0xb17/0x2ef0 [ 194.315541] ? lock_acquire+0x427/0x4c0 [ 194.315971] ? __pfx_lock_release+0x10/0x10 [ 194.316598] ? __kasan_check_write+0x18/0x20 [ 194.317271] ? do_raw_spin_lock+0x132/0x2a0 [ 194.317726] ? __pfx_do_exit+0x10/0x10 [ 194.318157] ? debug_smp_processor_id+0x20/0x30 [ 194.318691] ? rcu_is_watching+0x19/0xb0 [ 194.319148] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.319634] ? trace_hardirqs_on+0x26/0x120 [ 194.320093] do_group_exit+0xe0/0x2b0 [ 194.320486] __x64_sys_exit_group+0x47/0x50 [ 194.320998] do_syscall_64+0x3b/0x90 [ 194.321516] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.322233] RIP: 0033:0x7f4b87518a4d [ 194.322651] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.323310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.324082] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.324811] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.325602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.326678] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.327431] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.328173] [ 194.328414] irq event stamp: 0 [ 194.328739] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.329404] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.330255] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.331558] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.332204] ---[ end trace 0000000000000000 ]--- [ 194.333079] ------------[ cut here ]------------ [ 194.333580] WARNING: CPU: 0 PID: 1847 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.334707] Modules linked in: [ 194.335047] CPU: 0 PID: 1847 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.336126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.337462] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.338014] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.340114] RSP: 0018:ffff888016e97b78 EFLAGS: 00010246 [ 194.340879] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.341631] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 194.342352] RBP: ffff888016e97b98 R08: ffffed10023b6d3e R09: ffffed10023b6d3e [ 194.343160] R10: ffff888011db69ef R11: ffffed10023b6d3d R12: ffff888011db6a90 [ 194.343948] R13: ffff888011db68a8 R14: ffffffffffffffff R15: ffff888016e97c60 [ 194.345018] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.345845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.346455] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 194.347246] PKRU: 55555554 [ 194.347548] Call Trace: [ 194.347842] [ 194.348171] iommufd_ioas_destroy+0x53/0x70 [ 194.348862] iommufd_fops_release+0x1f7/0x370 [ 194.349337] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.349872] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.350405] ? write_comp_data+0x2f/0x90 [ 194.350871] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.351416] __fput+0x26d/0xa40 [ 194.351835] ____fput+0x1e/0x30 [ 194.352425] task_work_run+0x1a4/0x2d0 [ 194.352847] ? __pfx_task_work_run+0x10/0x10 [ 194.353307] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.353829] ? switch_task_namespaces+0xa9/0xe0 [ 194.354323] do_exit+0xb17/0x2ef0 [ 194.354740] ? lock_acquire+0x427/0x4c0 [ 194.355197] ? __pfx_lock_release+0x10/0x10 [ 194.355742] ? __kasan_check_write+0x18/0x20 [ 194.356465] ? do_raw_spin_lock+0x132/0x2a0 [ 194.356916] ? __pfx_do_exit+0x10/0x10 [ 194.357328] ? debug_smp_processor_id+0x20/0x30 [ 194.357821] ? rcu_is_watching+0x19/0xb0 [ 194.358257] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.358783] ? trace_hardirqs_on+0x26/0x120 [ 194.359280] do_group_exit+0xe0/0x2b0 [ 194.359777] __x64_sys_exit_group+0x47/0x50 [ 194.360383] do_syscall_64+0x3b/0x90 [ 194.360925] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.361480] RIP: 0033:0x7f4b87518a4d [ 194.361866] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.362541] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.363400] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.364249] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.365283] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.366010] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.366782] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.367557] [ 194.367859] irq event stamp: 0 [ 194.368288] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.369124] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.369992] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.370889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.371627] ---[ end trace 0000000000000000 ]--- [ 194.380125] ------------[ cut here ]------------ [ 194.380803] WARNING: CPU: 1 PID: 1848 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.382323] Modules linked in: [ 194.382844] CPU: 1 PID: 1848 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.384124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.385706] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.386586] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.389153] RSP: 0018:ffff888017a17bb8 EFLAGS: 00010246 [ 194.389895] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 194.390902] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 194.392056] RBP: ffff888017a17bd0 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 194.393017] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff88800a727c00 [ 194.394042] R13: ffff88800b8161e8 R14: ffffffff8352e670 R15: ffff888017a17e68 [ 194.395083] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.396171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.397125] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 194.398084] PKRU: 55555554 [ 194.398476] Call Trace: [ 194.398878] [ 194.399315] __iommufd_access_detach+0x1c2/0x2b0 [ 194.400062] iommufd_access_change_pt+0x149/0x270 [ 194.400740] iommufd_access_replace+0xb4/0x120 [ 194.401384] iommufd_test+0x3e5/0x37e0 [ 194.402068] ? lock_release+0x532/0x770 [ 194.402671] ? __might_fault+0x102/0x1b0 [ 194.403264] ? lock_acquire+0x427/0x4c0 [ 194.403823] ? __pfx_iommufd_test+0x10/0x10 [ 194.404421] ? __pfx_lock_release+0x10/0x10 [ 194.405138] ? __pfx_lock_acquire+0x10/0x10 [ 194.405750] ? write_comp_data+0x2f/0x90 [ 194.406326] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.407170] ? write_comp_data+0x2f/0x90 [ 194.407760] iommufd_fops_ioctl+0x37d/0x510 [ 194.408361] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.409036] ? write_comp_data+0x2f/0x90 [ 194.409638] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.410414] __x64_sys_ioctl+0x1a3/0x230 [ 194.411040] do_syscall_64+0x3b/0x90 [ 194.411595] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.412312] RIP: 0033:0x7f4b8743ee5d [ 194.412979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.415604] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.416621] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.417685] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.418684] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.419666] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.420791] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.421758] [ 194.422072] irq event stamp: 0 [ 194.422493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.423381] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.424493] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.425590] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.426410] ---[ end trace 0000000000000000 ]--- [ 194.431466] ------------[ cut here ]------------ [ 194.432127] WARNING: CPU: 1 PID: 1848 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.433435] Modules linked in: [ 194.433860] CPU: 1 PID: 1848 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.435180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.436649] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.437303] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.439711] RSP: 0018:ffff888017a17bd0 EFLAGS: 00010246 [ 194.440416] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 194.441345] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 194.442271] RBP: ffff888017a17be8 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 194.443250] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff88800f74dc00 [ 194.444185] R13: ffff88800b8161e8 R14: ffff888014951e00 R15: 0000000000000000 [ 194.445115] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.446162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.446960] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 194.447928] PKRU: 55555554 [ 194.448305] Call Trace: [ 194.448648] [ 194.448955] iommufd_access_destroy_object+0x65/0x170 [ 194.449644] iommufd_object_destroy_user+0x18e/0x220 [ 194.450321] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.451137] iommufd_access_destroy+0x43/0x70 [ 194.451739] iommufd_test_staccess_release+0x8d/0xd0 [ 194.452400] __fput+0x26d/0xa40 [ 194.452848] ____fput+0x1e/0x30 [ 194.453298] task_work_run+0x1a4/0x2d0 [ 194.453829] ? __pfx_task_work_run+0x10/0x10 [ 194.454428] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.455133] ? switch_task_namespaces+0xa9/0xe0 [ 194.455766] do_exit+0xb17/0x2ef0 [ 194.456213] ? lock_acquire+0x427/0x4c0 [ 194.456742] ? __pfx_lock_release+0x10/0x10 [ 194.457281] ? __kasan_check_write+0x18/0x20 [ 194.457831] ? do_raw_spin_lock+0x132/0x2a0 [ 194.458364] ? __pfx_do_exit+0x10/0x10 [ 194.458889] ? debug_smp_processor_id+0x20/0x30 [ 194.459506] ? rcu_is_watching+0x19/0xb0 [ 194.460026] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.460592] ? trace_hardirqs_on+0x26/0x120 [ 194.461135] do_group_exit+0xe0/0x2b0 [ 194.461612] __x64_sys_exit_group+0x47/0x50 [ 194.462158] do_syscall_64+0x3b/0x90 [ 194.462677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.463342] RIP: 0033:0x7f4b87518a4d [ 194.463806] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.464555] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.465472] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.466335] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.467236] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.468104] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.468972] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.469826] [ 194.470109] irq event stamp: 0 [ 194.470489] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.471280] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.472266] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.473249] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.474004] ---[ end trace 0000000000000000 ]--- [ 194.475035] ------------[ cut here ]------------ [ 194.475534] WARNING: CPU: 0 PID: 1848 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.476419] Modules linked in: [ 194.476698] CPU: 0 PID: 1848 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.477445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.478411] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.479159] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.480749] RSP: 0000:ffff888017a17b78 EFLAGS: 00010246 [ 194.481204] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.481819] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 194.482427] RBP: ffff888017a17b98 R08: ffffed1001702c3e R09: ffffed1001702c3e [ 194.483067] R10: ffff88800b8161ef R11: ffffed1001702c3d R12: ffff88800b816290 [ 194.483708] R13: ffff88800b8160a8 R14: ffffffffffffffff R15: ffff888017a17c60 [ 194.484329] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.484997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.485516] CR2: 00007f82e2f88000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 194.486271] PKRU: 55555554 [ 194.486538] Call Trace: [ 194.486752] [ 194.486937] iommufd_ioas_destroy+0x53/0x70 [ 194.487312] iommufd_fops_release+0x1f7/0x370 [ 194.487687] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.488093] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.488500] ? write_comp_data+0x2f/0x90 [ 194.488839] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.489246] __fput+0x26d/0xa40 [ 194.489529] ____fput+0x1e/0x30 [ 194.489808] task_work_run+0x1a4/0x2d0 [ 194.490133] ? __pfx_task_work_run+0x10/0x10 [ 194.490532] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.490938] ? switch_task_namespaces+0xa9/0xe0 [ 194.491338] do_exit+0xb17/0x2ef0 [ 194.491626] ? lock_acquire+0x427/0x4c0 [ 194.491957] ? __pfx_lock_release+0x10/0x10 [ 194.492324] ? __kasan_check_write+0x18/0x20 [ 194.492686] ? do_raw_spin_lock+0x132/0x2a0 [ 194.493046] ? __pfx_do_exit+0x10/0x10 [ 194.493369] ? debug_smp_processor_id+0x20/0x30 [ 194.493757] ? rcu_is_watching+0x19/0xb0 [ 194.494086] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.494469] ? trace_hardirqs_on+0x26/0x120 [ 194.494846] do_group_exit+0xe0/0x2b0 [ 194.495173] __x64_sys_exit_group+0x47/0x50 [ 194.495534] do_syscall_64+0x3b/0x90 [ 194.495855] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.496284] RIP: 0033:0x7f4b87518a4d [ 194.496598] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.497094] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.497718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.498308] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.498914] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.499508] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.500090] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.500672] [ 194.500862] irq event stamp: 0 [ 194.501121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.501639] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.502319] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.503022] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.503541] ---[ end trace 0000000000000000 ]--- [ 194.510125] ------------[ cut here ]------------ [ 194.510565] WARNING: CPU: 0 PID: 1849 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.511569] Modules linked in: [ 194.511838] CPU: 0 PID: 1849 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.512544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.513453] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.514017] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.515532] RSP: 0018:ffff888020b57bb8 EFLAGS: 00010246 [ 194.515965] RAX: 0000000000000000 RBX: ffff8880159ea8a8 RCX: 0000000000000000 [ 194.516554] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 194.517318] RBP: ffff888020b57bd0 R08: ffffed1002b3d533 R09: ffffed1002b3d533 [ 194.517907] R10: ffff8880159ea993 R11: ffffed1002b3d532 R12: ffff888012e96800 [ 194.518488] R13: ffff8880159ea9e8 R14: ffffffff8352e670 R15: ffff888020b57e68 [ 194.519110] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.519797] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.520427] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 194.521032] PKRU: 55555554 [ 194.521264] Call Trace: [ 194.521474] [ 194.521656] __iommufd_access_detach+0x1c2/0x2b0 [ 194.522067] iommufd_access_change_pt+0x149/0x270 [ 194.522469] iommufd_access_replace+0xb4/0x120 [ 194.523042] iommufd_test+0x3e5/0x37e0 [ 194.523374] ? lock_release+0x532/0x770 [ 194.523709] ? __might_fault+0x102/0x1b0 [ 194.524048] ? lock_acquire+0x427/0x4c0 [ 194.524384] ? __pfx_iommufd_test+0x10/0x10 [ 194.524738] ? __pfx_lock_release+0x10/0x10 [ 194.525099] ? __pfx_lock_acquire+0x10/0x10 [ 194.525463] ? write_comp_data+0x2f/0x90 [ 194.525961] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.526362] ? write_comp_data+0x2f/0x90 [ 194.526729] iommufd_fops_ioctl+0x37d/0x510 [ 194.527087] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.527508] ? write_comp_data+0x2f/0x90 [ 194.527850] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.528256] __x64_sys_ioctl+0x1a3/0x230 [ 194.528644] do_syscall_64+0x3b/0x90 [ 194.529078] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.529518] RIP: 0033:0x7f4b8743ee5d [ 194.529837] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.531371] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.532055] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.532771] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.533374] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.534047] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.534737] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.535334] [ 194.535526] irq event stamp: 0 [ 194.535794] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.536313] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.537008] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.537681] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.538203] ---[ end trace 0000000000000000 ]--- [ 194.541305] ------------[ cut here ]------------ [ 194.541707] WARNING: CPU: 0 PID: 1849 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.542651] Modules linked in: [ 194.543033] CPU: 0 PID: 1849 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.543760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.544738] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.545227] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.546888] RSP: 0018:ffff888020b57bd0 EFLAGS: 00010246 [ 194.547335] RAX: 0000000000000000 RBX: ffff8880159ea8a8 RCX: 0000000000000000 [ 194.547925] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 194.548572] RBP: ffff888020b57be8 R08: ffffed1002b3d533 R09: ffffed1002b3d533 [ 194.549239] R10: ffff8880159ea993 R11: ffffed1002b3d532 R12: ffff88801420fc00 [ 194.549818] R13: ffff8880159ea9e8 R14: ffff8880104c0500 R15: 0000000000000000 [ 194.550585] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.551262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.551733] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 194.552460] PKRU: 55555554 [ 194.552698] Call Trace: [ 194.552909] [ 194.553096] iommufd_access_destroy_object+0x65/0x170 [ 194.553532] iommufd_object_destroy_user+0x18e/0x220 [ 194.553953] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.554443] iommufd_access_destroy+0x43/0x70 [ 194.554883] iommufd_test_staccess_release+0x8d/0xd0 [ 194.555342] __fput+0x26d/0xa40 [ 194.555626] ____fput+0x1e/0x30 [ 194.555903] task_work_run+0x1a4/0x2d0 [ 194.556230] ? __pfx_task_work_run+0x10/0x10 [ 194.556604] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.557011] ? switch_task_namespaces+0xa9/0xe0 [ 194.557402] do_exit+0xb17/0x2ef0 [ 194.557700] ? lock_acquire+0x427/0x4c0 [ 194.558037] ? __pfx_lock_release+0x10/0x10 [ 194.558394] ? __kasan_check_write+0x18/0x20 [ 194.558791] ? do_raw_spin_lock+0x132/0x2a0 [ 194.559156] ? __pfx_do_exit+0x10/0x10 [ 194.559485] ? debug_smp_processor_id+0x20/0x30 [ 194.559881] ? rcu_is_watching+0x19/0xb0 [ 194.560216] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.560590] ? trace_hardirqs_on+0x26/0x120 [ 194.560959] do_group_exit+0xe0/0x2b0 [ 194.561269] __x64_sys_exit_group+0x47/0x50 [ 194.561619] do_syscall_64+0x3b/0x90 [ 194.561942] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.562371] RIP: 0033:0x7f4b87518a4d [ 194.562714] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.563235] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.563857] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.564444] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.565033] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.565608] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.566199] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.566808] [ 194.567001] irq event stamp: 0 [ 194.567281] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.567790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.568476] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.569144] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.569663] ---[ end trace 0000000000000000 ]--- [ 194.570408] ------------[ cut here ]------------ [ 194.570846] WARNING: CPU: 0 PID: 1849 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.571694] Modules linked in: [ 194.571959] CPU: 0 PID: 1849 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.572674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.573579] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.574005] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.575692] RSP: 0018:ffff888020b57b78 EFLAGS: 00010246 [ 194.576140] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.576711] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 194.577292] RBP: ffff888020b57b98 R08: ffffed1002b3d53e R09: ffffed1002b3d53e [ 194.577857] R10: ffff8880159ea9ef R11: ffffed1002b3d53d R12: ffff8880159eaa90 [ 194.578441] R13: ffff8880159ea8a8 R14: ffffffffffffffff R15: ffff888020b57c60 [ 194.579052] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.579712] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.580195] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 194.580769] PKRU: 55555554 [ 194.580997] Call Trace: [ 194.581214] [ 194.581403] iommufd_ioas_destroy+0x53/0x70 [ 194.581756] iommufd_fops_release+0x1f7/0x370 [ 194.582125] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.582569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.582972] ? write_comp_data+0x2f/0x90 [ 194.583319] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.583739] __fput+0x26d/0xa40 [ 194.584023] ____fput+0x1e/0x30 [ 194.584302] task_work_run+0x1a4/0x2d0 [ 194.584640] ? __pfx_task_work_run+0x10/0x10 [ 194.584998] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.585397] ? switch_task_namespaces+0xa9/0xe0 [ 194.585794] do_exit+0xb17/0x2ef0 [ 194.586077] ? lock_acquire+0x427/0x4c0 [ 194.586408] ? __pfx_lock_release+0x10/0x10 [ 194.586798] ? __kasan_check_write+0x18/0x20 [ 194.587169] ? do_raw_spin_lock+0x132/0x2a0 [ 194.587522] ? __pfx_do_exit+0x10/0x10 [ 194.587854] ? debug_smp_processor_id+0x20/0x30 [ 194.588232] ? rcu_is_watching+0x19/0xb0 [ 194.588564] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.588958] ? trace_hardirqs_on+0x26/0x120 [ 194.589321] do_group_exit+0xe0/0x2b0 [ 194.589639] __x64_sys_exit_group+0x47/0x50 [ 194.589999] do_syscall_64+0x3b/0x90 [ 194.590301] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.590747] RIP: 0033:0x7f4b87518a4d [ 194.591057] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.591556] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.592170] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.592729] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.593304] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.593869] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.594438] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.595030] [ 194.595233] irq event stamp: 0 [ 194.595489] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.595983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.596651] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.597304] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.597816] ---[ end trace 0000000000000000 ]--- [ 194.603448] ------------[ cut here ]------------ [ 194.604026] WARNING: CPU: 1 PID: 1850 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.605151] Modules linked in: [ 194.605511] CPU: 1 PID: 1850 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.606475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.607756] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.608158] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.609581] RSP: 0018:ffff888017a17bb8 EFLAGS: 00010246 [ 194.609999] RAX: 0000000000000000 RBX: ffff8880104638a8 RCX: 0000000000000000 [ 194.610571] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 194.611132] RBP: ffff888017a17bd0 R08: ffffed100208c733 R09: ffffed100208c733 [ 194.611692] R10: ffff888010463993 R11: ffffed100208c732 R12: ffff88801226c400 [ 194.612252] R13: ffff8880104639e8 R14: ffffffff8352e670 R15: ffff888017a17e68 [ 194.612811] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.613447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.613900] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 194.614461] PKRU: 55555554 [ 194.614698] Call Trace: [ 194.614900] [ 194.615078] __iommufd_access_detach+0x1c2/0x2b0 [ 194.615477] iommufd_access_change_pt+0x149/0x270 [ 194.615858] iommufd_access_replace+0xb4/0x120 [ 194.616230] iommufd_test+0x3e5/0x37e0 [ 194.616532] ? lock_release+0x532/0x770 [ 194.616848] ? __might_fault+0x102/0x1b0 [ 194.617194] ? lock_acquire+0x427/0x4c0 [ 194.617509] ? __pfx_iommufd_test+0x10/0x10 [ 194.617845] ? __pfx_lock_release+0x10/0x10 [ 194.618183] ? __pfx_lock_acquire+0x10/0x10 [ 194.618546] ? write_comp_data+0x2f/0x90 [ 194.618870] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.619269] ? write_comp_data+0x2f/0x90 [ 194.619594] iommufd_fops_ioctl+0x37d/0x510 [ 194.619948] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.620331] ? write_comp_data+0x2f/0x90 [ 194.620659] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.621035] __x64_sys_ioctl+0x1a3/0x230 [ 194.621359] do_syscall_64+0x3b/0x90 [ 194.621667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.622070] RIP: 0033:0x7f4b8743ee5d [ 194.622362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.623809] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.624412] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.624963] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.625511] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.626053] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.626654] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.627409] [ 194.627605] irq event stamp: 0 [ 194.627847] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.628341] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.628990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.629650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.630156] ---[ end trace 0000000000000000 ]--- [ 194.632925] ------------[ cut here ]------------ [ 194.633329] WARNING: CPU: 1 PID: 1850 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.634123] Modules linked in: [ 194.634387] CPU: 1 PID: 1850 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.635097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.635979] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.636368] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.637777] RSP: 0018:ffff888017a17bd0 EFLAGS: 00010246 [ 194.638196] RAX: 0000000000000000 RBX: ffff8880104638a8 RCX: 0000000000000000 [ 194.638870] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 194.639437] RBP: ffff888017a17be8 R08: ffffed100208c733 R09: ffffed100208c733 [ 194.639995] R10: ffff888010463993 R11: ffffed100208c732 R12: ffff88800a724400 [ 194.640557] R13: ffff8880104639e8 R14: ffff888012040900 R15: 0000000000000000 [ 194.641110] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.641747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.642210] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 194.642792] PKRU: 55555554 [ 194.643021] Call Trace: [ 194.643235] [ 194.643414] iommufd_access_destroy_object+0x65/0x170 [ 194.643823] iommufd_object_destroy_user+0x18e/0x220 [ 194.644227] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.644696] iommufd_access_destroy+0x43/0x70 [ 194.645054] iommufd_test_staccess_release+0x8d/0xd0 [ 194.645460] __fput+0x26d/0xa40 [ 194.645742] ____fput+0x1e/0x30 [ 194.646011] task_work_run+0x1a4/0x2d0 [ 194.646333] ? __pfx_task_work_run+0x10/0x10 [ 194.646704] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.647103] ? switch_task_namespaces+0xa9/0xe0 [ 194.647492] do_exit+0xb17/0x2ef0 [ 194.647766] ? lock_acquire+0x427/0x4c0 [ 194.648092] ? __pfx_lock_release+0x10/0x10 [ 194.648446] ? __kasan_check_write+0x18/0x20 [ 194.648795] ? do_raw_spin_lock+0x132/0x2a0 [ 194.649136] ? __pfx_do_exit+0x10/0x10 [ 194.649463] ? debug_smp_processor_id+0x20/0x30 [ 194.649841] ? rcu_is_watching+0x19/0xb0 [ 194.650163] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.650552] ? trace_hardirqs_on+0x26/0x120 [ 194.650895] do_group_exit+0xe0/0x2b0 [ 194.651208] __x64_sys_exit_group+0x47/0x50 [ 194.651550] do_syscall_64+0x3b/0x90 [ 194.651852] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.652266] RIP: 0033:0x7f4b87518a4d [ 194.652556] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.653055] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.653642] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.654210] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.654791] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.655350] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.655900] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.656459] [ 194.656654] irq event stamp: 0 [ 194.656903] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.657392] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.658043] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.658712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.659213] ---[ end trace 0000000000000000 ]--- [ 194.659915] ------------[ cut here ]------------ [ 194.660275] WARNING: CPU: 1 PID: 1850 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.661069] Modules linked in: [ 194.661334] CPU: 1 PID: 1850 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.662014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.662918] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.663335] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.664755] RSP: 0018:ffff888017a17b78 EFLAGS: 00010246 [ 194.665170] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.665725] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 194.666269] RBP: ffff888017a17b98 R08: ffffed100208c73e R09: ffffed100208c73e [ 194.666843] R10: ffff8880104639ef R11: ffffed100208c73d R12: ffff888010463a90 [ 194.667417] R13: ffff8880104638a8 R14: ffffffffffffffff R15: ffff888017a17c60 [ 194.667973] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.668587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.669039] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 194.669584] PKRU: 55555554 [ 194.669801] Call Trace: [ 194.670009] [ 194.670189] iommufd_ioas_destroy+0x53/0x70 [ 194.670545] iommufd_fops_release+0x1f7/0x370 [ 194.670898] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.671308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.671698] ? write_comp_data+0x2f/0x90 [ 194.672031] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.672432] __fput+0x26d/0xa40 [ 194.672701] ____fput+0x1e/0x30 [ 194.672964] task_work_run+0x1a4/0x2d0 [ 194.673272] ? __pfx_task_work_run+0x10/0x10 [ 194.673615] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.673997] ? switch_task_namespaces+0xa9/0xe0 [ 194.674368] do_exit+0xb17/0x2ef0 [ 194.674670] ? lock_acquire+0x427/0x4c0 [ 194.674987] ? __pfx_lock_release+0x10/0x10 [ 194.675341] ? __kasan_check_write+0x18/0x20 [ 194.675687] ? do_raw_spin_lock+0x132/0x2a0 [ 194.676040] ? __pfx_do_exit+0x10/0x10 [ 194.676356] ? debug_smp_processor_id+0x20/0x30 [ 194.676720] ? rcu_is_watching+0x19/0xb0 [ 194.677037] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.677407] ? trace_hardirqs_on+0x26/0x120 [ 194.677755] do_group_exit+0xe0/0x2b0 [ 194.678057] __x64_sys_exit_group+0x47/0x50 [ 194.678414] do_syscall_64+0x3b/0x90 [ 194.678733] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.679150] RIP: 0033:0x7f4b87518a4d [ 194.679453] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.679927] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.680519] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.681060] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.681614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.682153] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.682723] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.683291] [ 194.683477] irq event stamp: 0 [ 194.683737] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.684228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.684888] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.685530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.686023] ---[ end trace 0000000000000000 ]--- [ 194.690768] ------------[ cut here ]------------ [ 194.691176] WARNING: CPU: 1 PID: 1851 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.691963] Modules linked in: [ 194.692212] CPU: 1 PID: 1851 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.692888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.693760] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.694138] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.695778] RSP: 0018:ffff888017837bb8 EFLAGS: 00010246 [ 194.696198] RAX: 0000000000000000 RBX: ffff8880180900a8 RCX: 0000000000000000 [ 194.696760] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 194.697316] RBP: ffff888017837bd0 R08: ffffed1003012033 R09: ffffed1003012033 [ 194.697880] R10: ffff888018090193 R11: ffffed1003012032 R12: ffff88801422e000 [ 194.698430] R13: ffff8880180901e8 R14: ffffffff8352e670 R15: ffff888017837e68 [ 194.699003] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.699628] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.700082] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 194.700630] PKRU: 55555554 [ 194.700846] Call Trace: [ 194.701041] [ 194.701229] __iommufd_access_detach+0x1c2/0x2b0 [ 194.701604] iommufd_access_change_pt+0x149/0x270 [ 194.701983] iommufd_access_replace+0xb4/0x120 [ 194.702356] iommufd_test+0x3e5/0x37e0 [ 194.702678] ? lock_release+0x532/0x770 [ 194.702995] ? __might_fault+0x102/0x1b0 [ 194.703336] ? lock_acquire+0x427/0x4c0 [ 194.703652] ? __pfx_iommufd_test+0x10/0x10 [ 194.703981] ? __pfx_lock_release+0x10/0x10 [ 194.704323] ? __pfx_lock_acquire+0x10/0x10 [ 194.704678] ? write_comp_data+0x2f/0x90 [ 194.704999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.705383] ? write_comp_data+0x2f/0x90 [ 194.705717] iommufd_fops_ioctl+0x37d/0x510 [ 194.706052] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.706428] ? write_comp_data+0x2f/0x90 [ 194.706782] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.707171] __x64_sys_ioctl+0x1a3/0x230 [ 194.707497] do_syscall_64+0x3b/0x90 [ 194.707799] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.708194] RIP: 0033:0x7f4b8743ee5d [ 194.708476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.709864] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.710433] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.710994] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.711533] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.712084] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.712625] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.713184] [ 194.713366] irq event stamp: 0 [ 194.713606] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.714079] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.714746] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.715397] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.715874] ---[ end trace 0000000000000000 ]--- [ 194.718684] ------------[ cut here ]------------ [ 194.719079] WARNING: CPU: 1 PID: 1851 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.719863] Modules linked in: [ 194.720104] CPU: 1 PID: 1851 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.720775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.721626] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.722015] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.723472] RSP: 0018:ffff888017837bd0 EFLAGS: 00010246 [ 194.723876] RAX: 0000000000000000 RBX: ffff8880180900a8 RCX: 0000000000000000 [ 194.724423] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 194.724946] RBP: ffff888017837be8 R08: ffffed1003012033 R09: ffffed1003012033 [ 194.725492] R10: ffff888018090193 R11: ffffed1003012032 R12: ffff88801226d000 [ 194.726018] R13: ffff8880180901e8 R14: ffff888013596a00 R15: 0000000000000000 [ 194.726577] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.727197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.727671] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 194.728218] PKRU: 55555554 [ 194.728447] Call Trace: [ 194.728637] [ 194.728806] iommufd_access_destroy_object+0x65/0x170 [ 194.729199] iommufd_object_destroy_user+0x18e/0x220 [ 194.729606] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.730051] iommufd_access_destroy+0x43/0x70 [ 194.730404] iommufd_test_staccess_release+0x8d/0xd0 [ 194.730828] __fput+0x26d/0xa40 [ 194.731099] ____fput+0x1e/0x30 [ 194.731373] task_work_run+0x1a4/0x2d0 [ 194.731696] ? __pfx_task_work_run+0x10/0x10 [ 194.732036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.732414] ? switch_task_namespaces+0xa9/0xe0 [ 194.732802] do_exit+0xb17/0x2ef0 [ 194.733068] ? lock_acquire+0x427/0x4c0 [ 194.733379] ? __pfx_lock_release+0x10/0x10 [ 194.733720] ? __kasan_check_write+0x18/0x20 [ 194.734062] ? do_raw_spin_lock+0x132/0x2a0 [ 194.734387] ? __pfx_do_exit+0x10/0x10 [ 194.734710] ? debug_smp_processor_id+0x20/0x30 [ 194.735087] ? rcu_is_watching+0x19/0xb0 [ 194.735415] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.735766] ? trace_hardirqs_on+0x26/0x120 [ 194.736115] do_group_exit+0xe0/0x2b0 [ 194.736409] __x64_sys_exit_group+0x47/0x50 [ 194.736737] do_syscall_64+0x3b/0x90 [ 194.737044] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.737443] RIP: 0033:0x7f4b87518a4d [ 194.737724] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.738197] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.738797] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.739370] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.739908] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.740454] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.740990] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.741554] [ 194.741734] irq event stamp: 0 [ 194.742028] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.742613] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.743250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.743889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.744359] ---[ end trace 0000000000000000 ]--- [ 194.745064] ------------[ cut here ]------------ [ 194.745430] WARNING: CPU: 1 PID: 1851 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.746318] Modules linked in: [ 194.746611] CPU: 1 PID: 1851 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.747307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.748157] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.748551] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.750057] RSP: 0018:ffff888017837b78 EFLAGS: 00010246 [ 194.750461] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.751198] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 194.751739] RBP: ffff888017837b98 R08: ffffed100301203e R09: ffffed100301203e [ 194.752287] R10: ffff8880180901ef R11: ffffed100301203d R12: ffff888018090290 [ 194.752837] R13: ffff8880180900a8 R14: ffffffffffffffff R15: ffff888017837c60 [ 194.753462] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.754062] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.754539] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 194.755071] PKRU: 55555554 [ 194.755296] Call Trace: [ 194.755494] [ 194.755679] iommufd_ioas_destroy+0x53/0x70 [ 194.756015] iommufd_fops_release+0x1f7/0x370 [ 194.756425] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.756861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.757241] ? write_comp_data+0x2f/0x90 [ 194.757561] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.757954] __fput+0x26d/0xa40 [ 194.758224] ____fput+0x1e/0x30 [ 194.758484] task_work_run+0x1a4/0x2d0 [ 194.758833] ? __pfx_task_work_run+0x10/0x10 [ 194.759184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.759560] ? switch_task_namespaces+0xa9/0xe0 [ 194.759938] do_exit+0xb17/0x2ef0 [ 194.760230] ? lock_acquire+0x427/0x4c0 [ 194.760623] ? __pfx_lock_release+0x10/0x10 [ 194.760966] ? __kasan_check_write+0x18/0x20 [ 194.761307] ? do_raw_spin_lock+0x132/0x2a0 [ 194.761636] ? __pfx_do_exit+0x10/0x10 [ 194.761939] ? debug_smp_processor_id+0x20/0x30 [ 194.762306] ? rcu_is_watching+0x19/0xb0 [ 194.762643] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.763004] ? trace_hardirqs_on+0x26/0x120 [ 194.763371] do_group_exit+0xe0/0x2b0 [ 194.763674] __x64_sys_exit_group+0x47/0x50 [ 194.764054] do_syscall_64+0x3b/0x90 [ 194.764410] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.764820] RIP: 0033:0x7f4b87518a4d [ 194.765109] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.765593] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.766171] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.766749] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.767417] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.767975] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.768524] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.769097] [ 194.769279] irq event stamp: 0 [ 194.769523] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.770020] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.770745] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.771424] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.771926] ---[ end trace 0000000000000000 ]--- [ 194.775710] ------------[ cut here ]------------ [ 194.776108] WARNING: CPU: 1 PID: 1852 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.776900] Modules linked in: [ 194.777199] CPU: 1 PID: 1852 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.777921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.778860] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.779258] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.780652] RSP: 0018:ffff888017a17bb8 EFLAGS: 00010246 [ 194.781167] RAX: 0000000000000000 RBX: ffff88800e9558a8 RCX: 0000000000000000 [ 194.781723] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 194.782273] RBP: ffff888017a17bd0 R08: ffffed1001d2ab33 R09: ffffed1001d2ab33 [ 194.782862] R10: ffff88800e955993 R11: ffffed1001d2ab32 R12: ffff88801883fc00 [ 194.783423] R13: ffff88800e9559e8 R14: ffffffff8352e670 R15: ffff888017a17e68 [ 194.783984] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.784718] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.785178] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 194.785724] PKRU: 55555554 [ 194.785942] Call Trace: [ 194.786152] [ 194.786328] __iommufd_access_detach+0x1c2/0x2b0 [ 194.786733] iommufd_access_change_pt+0x149/0x270 [ 194.787127] iommufd_access_replace+0xb4/0x120 [ 194.787507] iommufd_test+0x3e5/0x37e0 [ 194.787907] ? lock_release+0x532/0x770 [ 194.788233] ? __might_fault+0x102/0x1b0 [ 194.788566] ? lock_acquire+0x427/0x4c0 [ 194.788884] ? __pfx_iommufd_test+0x10/0x10 [ 194.789215] ? __pfx_lock_release+0x10/0x10 [ 194.789571] ? __pfx_lock_acquire+0x10/0x10 [ 194.789918] ? write_comp_data+0x2f/0x90 [ 194.790249] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.790734] ? write_comp_data+0x2f/0x90 [ 194.791108] iommufd_fops_ioctl+0x37d/0x510 [ 194.791462] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.791869] ? write_comp_data+0x2f/0x90 [ 194.792200] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.792581] __x64_sys_ioctl+0x1a3/0x230 [ 194.792917] do_syscall_64+0x3b/0x90 [ 194.793217] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.793622] RIP: 0033:0x7f4b8743ee5d [ 194.793926] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.795529] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.796142] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.796747] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.797340] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.797997] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.798677] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.799283] [ 194.799487] irq event stamp: 0 [ 194.799751] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.800267] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.800950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.801787] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.802297] ---[ end trace 0000000000000000 ]--- [ 194.805338] ------------[ cut here ]------------ [ 194.805759] WARNING: CPU: 1 PID: 1852 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.806630] Modules linked in: [ 194.806893] CPU: 1 PID: 1852 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.807619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.808658] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.809060] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.810615] RSP: 0018:ffff888017a17bd0 EFLAGS: 00010246 [ 194.811048] RAX: 0000000000000000 RBX: ffff88800e9558a8 RCX: 0000000000000000 [ 194.811723] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 194.812341] RBP: ffff888017a17be8 R08: ffffed1001d2ab33 R09: ffffed1001d2ab33 [ 194.812933] R10: ffff88800e955993 R11: ffffed1001d2ab32 R12: ffff88801422f800 [ 194.813519] R13: ffff88800e9559e8 R14: ffff8880149ba800 R15: 0000000000000000 [ 194.814094] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.814906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.815389] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 194.815979] PKRU: 55555554 [ 194.816208] Call Trace: [ 194.816421] [ 194.816608] iommufd_access_destroy_object+0x65/0x170 [ 194.817045] iommufd_object_destroy_user+0x18e/0x220 [ 194.817479] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.818056] iommufd_access_destroy+0x43/0x70 [ 194.818488] iommufd_test_staccess_release+0x8d/0xd0 [ 194.818958] __fput+0x26d/0xa40 [ 194.819260] ____fput+0x1e/0x30 [ 194.819539] task_work_run+0x1a4/0x2d0 [ 194.819879] ? __pfx_task_work_run+0x10/0x10 [ 194.820258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.820666] ? switch_task_namespaces+0xa9/0xe0 [ 194.821058] do_exit+0xb17/0x2ef0 [ 194.821372] ? lock_acquire+0x427/0x4c0 [ 194.821789] ? __pfx_lock_release+0x10/0x10 [ 194.822188] ? __kasan_check_write+0x18/0x20 [ 194.822600] ? do_raw_spin_lock+0x132/0x2a0 [ 194.822961] ? __pfx_do_exit+0x10/0x10 [ 194.823298] ? debug_smp_processor_id+0x20/0x30 [ 194.823695] ? rcu_is_watching+0x19/0xb0 [ 194.824026] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.824401] ? trace_hardirqs_on+0x26/0x120 [ 194.824780] do_group_exit+0xe0/0x2b0 [ 194.825098] __x64_sys_exit_group+0x47/0x50 [ 194.825570] do_syscall_64+0x3b/0x90 [ 194.825894] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.826319] RIP: 0033:0x7f4b87518a4d [ 194.826658] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.827167] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.827826] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.828406] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.829074] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.829698] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.830284] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.830894] [ 194.831103] irq event stamp: 0 [ 194.831372] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.831890] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.832677] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.833400] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.833913] ---[ end trace 0000000000000000 ]--- [ 194.834923] ------------[ cut here ]------------ [ 194.835384] WARNING: CPU: 1 PID: 1852 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.836301] Modules linked in: [ 194.836578] CPU: 1 PID: 1852 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.837308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.838364] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.838828] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.840460] RSP: 0018:ffff888017a17b78 EFLAGS: 00010246 [ 194.840910] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.841493] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 194.842191] RBP: ffff888017a17b98 R08: ffffed1001d2ab3e R09: ffffed1001d2ab3e [ 194.842804] R10: ffff88800e9559ef R11: ffffed1001d2ab3d R12: ffff88800e955a90 [ 194.843420] R13: ffff88800e9558a8 R14: ffffffffffffffff R15: ffff888017a17c60 [ 194.844117] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.844792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.845288] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 194.846000] PKRU: 55555554 [ 194.846235] Call Trace: [ 194.846458] [ 194.846686] iommufd_ioas_destroy+0x53/0x70 [ 194.847052] iommufd_fops_release+0x1f7/0x370 [ 194.847449] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.847861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.848271] ? write_comp_data+0x2f/0x90 [ 194.848638] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.849061] __fput+0x26d/0xa40 [ 194.849362] ____fput+0x1e/0x30 [ 194.849774] task_work_run+0x1a4/0x2d0 [ 194.850205] ? __pfx_task_work_run+0x10/0x10 [ 194.850648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.851088] ? switch_task_namespaces+0xa9/0xe0 [ 194.851511] do_exit+0xb17/0x2ef0 [ 194.851822] ? lock_acquire+0x427/0x4c0 [ 194.852175] ? __pfx_lock_release+0x10/0x10 [ 194.852556] ? __kasan_check_write+0x18/0x20 [ 194.852956] ? do_raw_spin_lock+0x132/0x2a0 [ 194.853329] ? __pfx_do_exit+0x10/0x10 [ 194.853761] ? debug_smp_processor_id+0x20/0x30 [ 194.854262] ? rcu_is_watching+0x19/0xb0 [ 194.854655] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.855062] ? trace_hardirqs_on+0x26/0x120 [ 194.855458] do_group_exit+0xe0/0x2b0 [ 194.855794] __x64_sys_exit_group+0x47/0x50 [ 194.856176] do_syscall_64+0x3b/0x90 [ 194.856505] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.856962] RIP: 0033:0x7f4b87518a4d [ 194.857296] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.857986] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.858689] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.859301] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.859923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.860581] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.861202] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.861956] [ 194.862157] irq event stamp: 0 [ 194.862421] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.862994] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.863710] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.864416] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.864961] ---[ end trace 0000000000000000 ]--- [ 194.872519] ------------[ cut here ]------------ [ 194.873322] WARNING: CPU: 0 PID: 1853 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.874624] Modules linked in: [ 194.875165] CPU: 0 PID: 1853 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.876201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.877700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.878299] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.880648] RSP: 0018:ffff888017837bb8 EFLAGS: 00010246 [ 194.881289] RAX: 0000000000000000 RBX: ffff88801826f8a8 RCX: 0000000000000000 [ 194.882128] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 194.882996] RBP: ffff888017837bd0 R08: ffffed100304df33 R09: ffffed100304df33 [ 194.883853] R10: ffff88801826f993 R11: ffffed100304df32 R12: ffff888010e02000 [ 194.884700] R13: ffff88801826f9e8 R14: ffffffff8352e670 R15: ffff888017837e68 [ 194.885544] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.886489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.887244] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 194.888083] PKRU: 55555554 [ 194.888421] Call Trace: [ 194.888729] [ 194.889005] __iommufd_access_detach+0x1c2/0x2b0 [ 194.889595] iommufd_access_change_pt+0x149/0x270 [ 194.890183] iommufd_access_replace+0xb4/0x120 [ 194.890781] iommufd_test+0x3e5/0x37e0 [ 194.891264] ? lock_release+0x532/0x770 [ 194.891765] ? __might_fault+0x102/0x1b0 [ 194.892277] ? lock_acquire+0x427/0x4c0 [ 194.892790] ? __pfx_iommufd_test+0x10/0x10 [ 194.893327] ? __pfx_lock_release+0x10/0x10 [ 194.893878] ? __pfx_lock_acquire+0x10/0x10 [ 194.894434] ? write_comp_data+0x2f/0x90 [ 194.895003] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.895646] ? write_comp_data+0x2f/0x90 [ 194.896168] iommufd_fops_ioctl+0x37d/0x510 [ 194.896682] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.897254] ? write_comp_data+0x2f/0x90 [ 194.897736] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 194.898289] __x64_sys_ioctl+0x1a3/0x230 [ 194.898809] do_syscall_64+0x3b/0x90 [ 194.899266] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.899862] RIP: 0033:0x7f4b8743ee5d [ 194.900285] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 194.902292] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 194.903299] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 194.904119] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 194.904913] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 194.905701] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 194.906494] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 194.907420] [ 194.907621] irq event stamp: 0 [ 194.907871] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.908371] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.909099] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.909754] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.910246] ---[ end trace 0000000000000000 ]--- [ 194.913253] ------------[ cut here ]------------ [ 194.913631] WARNING: CPU: 0 PID: 1853 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.914435] Modules linked in: [ 194.914803] CPU: 0 PID: 1853 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.915590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.916483] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.916883] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.918561] RSP: 0018:ffff888017837bd0 EFLAGS: 00010246 [ 194.918988] RAX: 0000000000000000 RBX: ffff88801826f8a8 RCX: 0000000000000000 [ 194.919571] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 194.920134] RBP: ffff888017837be8 R08: ffffed100304df33 R09: ffffed100304df33 [ 194.920699] R10: ffff88801826f993 R11: ffffed100304df32 R12: ffff88800f74dc00 [ 194.921261] R13: ffff88801826f9e8 R14: ffff88801663fc00 R15: 0000000000000000 [ 194.921903] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.922648] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.923127] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 194.923697] PKRU: 55555554 [ 194.923925] Call Trace: [ 194.924129] [ 194.924311] iommufd_access_destroy_object+0x65/0x170 [ 194.924730] iommufd_object_destroy_user+0x18e/0x220 [ 194.925154] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 194.925627] iommufd_access_destroy+0x43/0x70 [ 194.925998] iommufd_test_staccess_release+0x8d/0xd0 [ 194.926413] __fput+0x26d/0xa40 [ 194.926719] ____fput+0x1e/0x30 [ 194.926996] task_work_run+0x1a4/0x2d0 [ 194.927335] ? __pfx_task_work_run+0x10/0x10 [ 194.927696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.928096] ? switch_task_namespaces+0xa9/0xe0 [ 194.928481] do_exit+0xb17/0x2ef0 [ 194.928763] ? lock_acquire+0x427/0x4c0 [ 194.929094] ? __pfx_lock_release+0x10/0x10 [ 194.929446] ? __kasan_check_write+0x18/0x20 [ 194.929803] ? do_raw_spin_lock+0x132/0x2a0 [ 194.930152] ? __pfx_do_exit+0x10/0x10 [ 194.930472] ? debug_smp_processor_id+0x20/0x30 [ 194.930868] ? rcu_is_watching+0x19/0xb0 [ 194.931226] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.931598] ? trace_hardirqs_on+0x26/0x120 [ 194.931952] do_group_exit+0xe0/0x2b0 [ 194.932260] __x64_sys_exit_group+0x47/0x50 [ 194.932607] do_syscall_64+0x3b/0x90 [ 194.932915] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.933337] RIP: 0033:0x7f4b87518a4d [ 194.933639] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.934131] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.934768] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.935350] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.935924] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.936496] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.937063] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.937637] [ 194.937824] irq event stamp: 0 [ 194.938075] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.938600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.939278] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.939944] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.940449] ---[ end trace 0000000000000000 ]--- [ 194.941486] ------------[ cut here ]------------ [ 194.942224] WARNING: CPU: 1 PID: 1853 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 194.943489] Modules linked in: [ 194.944117] CPU: 1 PID: 1853 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.945105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.946464] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 194.947087] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 194.948934] RSP: 0018:ffff888017837b78 EFLAGS: 00010246 [ 194.949460] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 194.950168] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 194.950838] RBP: ffff888017837b98 R08: ffffed100304df3e R09: ffffed100304df3e [ 194.951554] R10: ffff88801826f9ef R11: ffffed100304df3d R12: ffff88801826fa90 [ 194.952248] R13: ffff88801826f8a8 R14: ffffffffffffffff R15: ffff888017837c60 [ 194.952892] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 194.953713] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.954237] CR2: 00007f82e2fbb000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 194.954904] PKRU: 55555554 [ 194.955224] Call Trace: [ 194.955538] [ 194.955748] iommufd_ioas_destroy+0x53/0x70 [ 194.956154] iommufd_fops_release+0x1f7/0x370 [ 194.956573] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.957063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.957592] ? write_comp_data+0x2f/0x90 [ 194.957974] ? __pfx_iommufd_fops_release+0x10/0x10 [ 194.958438] __fput+0x26d/0xa40 [ 194.958776] ____fput+0x1e/0x30 [ 194.959133] task_work_run+0x1a4/0x2d0 [ 194.959572] ? __pfx_task_work_run+0x10/0x10 [ 194.959979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 194.960430] ? switch_task_namespaces+0xa9/0xe0 [ 194.960917] do_exit+0xb17/0x2ef0 [ 194.961318] ? lock_acquire+0x427/0x4c0 [ 194.961694] ? __pfx_lock_release+0x10/0x10 [ 194.962092] ? __kasan_check_write+0x18/0x20 [ 194.962569] ? do_raw_spin_lock+0x132/0x2a0 [ 194.963055] ? __pfx_do_exit+0x10/0x10 [ 194.963599] ? debug_smp_processor_id+0x20/0x30 [ 194.964149] ? rcu_is_watching+0x19/0xb0 [ 194.964687] ? _raw_spin_unlock_irq+0x2b/0x60 [ 194.965292] ? trace_hardirqs_on+0x26/0x120 [ 194.965797] do_group_exit+0xe0/0x2b0 [ 194.966291] __x64_sys_exit_group+0x47/0x50 [ 194.966910] do_syscall_64+0x3b/0x90 [ 194.967368] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 194.967970] RIP: 0033:0x7f4b87518a4d [ 194.968542] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 194.969236] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.970143] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 194.971054] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 194.971929] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 194.972803] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 194.973622] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 194.974576] [ 194.974853] irq event stamp: 0 [ 194.975226] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 194.976070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 194.977010] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 194.978075] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 194.978815] ---[ end trace 0000000000000000 ]--- [ 194.987800] ------------[ cut here ]------------ [ 194.988215] WARNING: CPU: 0 PID: 1854 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 194.989258] Modules linked in: [ 194.989523] CPU: 0 PID: 1854 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 194.990219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 194.991208] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 194.991618] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 194.993276] RSP: 0018:ffff88800cb9fbb8 EFLAGS: 00010246 [ 194.993706] RAX: 0000000000000000 RBX: ffff8880164c48a8 RCX: 0000000000000000 [ 194.994273] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 194.994866] RBP: ffff88800cb9fbd0 R08: ffffed1002c98933 R09: ffffed1002c98933 [ 194.995470] R10: ffff8880164c4993 R11: ffffed1002c98932 R12: ffff888010c09000 [ 194.996250] R13: ffff8880164c49e8 R14: ffffffff8352e670 R15: ffff88800cb9fe68 [ 194.996822] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 194.997468] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.997931] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 194.998544] PKRU: 55555554 [ 194.998781] Call Trace: [ 194.999027] [ 194.999282] __iommufd_access_detach+0x1c2/0x2b0 [ 194.999816] iommufd_access_change_pt+0x149/0x270 [ 195.000232] iommufd_access_replace+0xb4/0x120 [ 195.000626] iommufd_test+0x3e5/0x37e0 [ 195.000962] ? lock_release+0x532/0x770 [ 195.001311] ? __might_fault+0x102/0x1b0 [ 195.001664] ? lock_acquire+0x427/0x4c0 [ 195.002014] ? __pfx_iommufd_test+0x10/0x10 [ 195.002482] ? __pfx_lock_release+0x10/0x10 [ 195.003024] ? __pfx_lock_acquire+0x10/0x10 [ 195.003414] ? write_comp_data+0x2f/0x90 [ 195.003780] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.004203] ? write_comp_data+0x2f/0x90 [ 195.004563] iommufd_fops_ioctl+0x37d/0x510 [ 195.005014] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.005443] ? write_comp_data+0x2f/0x90 [ 195.005871] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.006439] __x64_sys_ioctl+0x1a3/0x230 [ 195.006828] do_syscall_64+0x3b/0x90 [ 195.007169] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.007623] RIP: 0033:0x7f4b8743ee5d [ 195.007947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.009756] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.010425] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.011062] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.011686] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.012290] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.012914] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.013729] [ 195.013937] irq event stamp: 0 [ 195.014207] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.014763] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.015487] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.016198] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.016775] ---[ end trace 0000000000000000 ]--- [ 195.021927] ------------[ cut here ]------------ [ 195.022638] WARNING: CPU: 1 PID: 1854 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.023930] Modules linked in: [ 195.024348] CPU: 1 PID: 1854 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.025421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.026932] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.027603] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.029805] RSP: 0018:ffff88800cb9fbd0 EFLAGS: 00010246 [ 195.030469] RAX: 0000000000000000 RBX: ffff8880164c48a8 RCX: 0000000000000000 [ 195.031420] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 195.032311] RBP: ffff88800cb9fbe8 R08: ffffed1002c98933 R09: ffffed1002c98933 [ 195.033210] R10: ffff8880164c4993 R11: ffffed1002c98932 R12: ffff888010e03800 [ 195.034092] R13: ffff8880164c49e8 R14: ffff888010f6d800 R15: 0000000000000000 [ 195.035009] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.035970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.036506] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 195.037152] PKRU: 55555554 [ 195.037411] Call Trace: [ 195.037646] [ 195.037853] iommufd_access_destroy_object+0x65/0x170 [ 195.038341] iommufd_object_destroy_user+0x18e/0x220 [ 195.038849] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.039414] iommufd_access_destroy+0x43/0x70 [ 195.039838] iommufd_test_staccess_release+0x8d/0xd0 [ 195.040320] __fput+0x26d/0xa40 [ 195.040642] ____fput+0x1e/0x30 [ 195.040960] task_work_run+0x1a4/0x2d0 [ 195.041344] ? __pfx_task_work_run+0x10/0x10 [ 195.041773] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.042230] ? switch_task_namespaces+0xa9/0xe0 [ 195.042702] do_exit+0xb17/0x2ef0 [ 195.043043] ? lock_acquire+0x427/0x4c0 [ 195.043444] ? __pfx_lock_release+0x10/0x10 [ 195.043857] ? __kasan_check_write+0x18/0x20 [ 195.044302] ? do_raw_spin_lock+0x132/0x2a0 [ 195.044712] ? __pfx_do_exit+0x10/0x10 [ 195.045094] ? debug_smp_processor_id+0x20/0x30 [ 195.045527] ? rcu_is_watching+0x19/0xb0 [ 195.045903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.046331] ? trace_hardirqs_on+0x26/0x120 [ 195.046770] do_group_exit+0xe0/0x2b0 [ 195.047162] __x64_sys_exit_group+0x47/0x50 [ 195.047571] do_syscall_64+0x3b/0x90 [ 195.047925] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.048425] RIP: 0033:0x7f4b87518a4d [ 195.048793] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.049382] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.050080] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.050765] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.051440] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.052102] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.052768] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.053445] [ 195.053666] irq event stamp: 0 [ 195.053966] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.054569] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.055374] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.056156] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.056744] ---[ end trace 0000000000000000 ]--- [ 195.057741] ------------[ cut here ]------------ [ 195.058205] WARNING: CPU: 1 PID: 1854 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.059467] Modules linked in: [ 195.059796] CPU: 1 PID: 1854 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.060631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.061720] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.062219] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.063989] RSP: 0018:ffff88800cb9fb78 EFLAGS: 00010246 [ 195.064502] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.065178] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 195.065847] RBP: ffff88800cb9fb98 R08: ffffed1002c9893e R09: ffffed1002c9893e [ 195.066560] R10: ffff8880164c49ef R11: ffffed1002c9893d R12: ffff8880164c4a90 [ 195.067249] R13: ffff8880164c48a8 R14: ffffffffffffffff R15: ffff88800cb9fc60 [ 195.067924] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.068687] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.069246] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 195.069914] PKRU: 55555554 [ 195.070184] Call Trace: [ 195.070441] [ 195.070692] iommufd_ioas_destroy+0x53/0x70 [ 195.071134] iommufd_fops_release+0x1f7/0x370 [ 195.071566] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.072037] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.072508] ? write_comp_data+0x2f/0x90 [ 195.072919] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.073400] __fput+0x26d/0xa40 [ 195.073734] ____fput+0x1e/0x30 [ 195.074077] task_work_run+0x1a4/0x2d0 [ 195.074472] ? __pfx_task_work_run+0x10/0x10 [ 195.074940] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.075439] ? switch_task_namespaces+0xa9/0xe0 [ 195.075950] do_exit+0xb17/0x2ef0 [ 195.076305] ? lock_acquire+0x427/0x4c0 [ 195.076727] ? __pfx_lock_release+0x10/0x10 [ 195.077190] ? __kasan_check_write+0x18/0x20 [ 195.077653] ? do_raw_spin_lock+0x132/0x2a0 [ 195.078101] ? __pfx_do_exit+0x10/0x10 [ 195.078557] ? debug_smp_processor_id+0x20/0x30 [ 195.079054] ? rcu_is_watching+0x19/0xb0 [ 195.079496] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.079968] ? trace_hardirqs_on+0x26/0x120 [ 195.080421] do_group_exit+0xe0/0x2b0 [ 195.080838] __x64_sys_exit_group+0x47/0x50 [ 195.081285] do_syscall_64+0x3b/0x90 [ 195.081680] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.082230] RIP: 0033:0x7f4b87518a4d [ 195.082673] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.083328] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.084120] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.084864] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.085618] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.086347] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.087145] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.087899] [ 195.088144] irq event stamp: 0 [ 195.088484] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.089125] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.089981] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.090887] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.091565] ---[ end trace 0000000000000000 ]--- [ 195.096476] ------------[ cut here ]------------ [ 195.097016] WARNING: CPU: 1 PID: 1855 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.098050] Modules linked in: [ 195.098374] CPU: 1 PID: 1855 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.099337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.100480] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.100990] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.102858] RSP: 0018:ffff88800fb5fbb8 EFLAGS: 00010246 [ 195.103416] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 195.104135] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 195.104860] RBP: ffff88800fb5fbd0 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 195.105579] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff88801420f000 [ 195.106291] R13: ffff888017a471e8 R14: ffffffff8352e670 R15: ffff88800fb5fe68 [ 195.107045] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.107881] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.108465] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 195.109187] PKRU: 55555554 [ 195.109486] Call Trace: [ 195.109749] [ 195.109979] __iommufd_access_detach+0x1c2/0x2b0 [ 195.110477] iommufd_access_change_pt+0x149/0x270 [ 195.111030] iommufd_access_replace+0xb4/0x120 [ 195.111534] iommufd_test+0x3e5/0x37e0 [ 195.111951] ? lock_release+0x532/0x770 [ 195.112376] ? __might_fault+0x102/0x1b0 [ 195.112804] ? lock_acquire+0x427/0x4c0 [ 195.113229] ? __pfx_iommufd_test+0x10/0x10 [ 195.113675] ? __pfx_lock_release+0x10/0x10 [ 195.114126] ? __pfx_lock_acquire+0x10/0x10 [ 195.114637] ? write_comp_data+0x2f/0x90 [ 195.115073] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.115604] ? write_comp_data+0x2f/0x90 [ 195.116038] iommufd_fops_ioctl+0x37d/0x510 [ 195.116492] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.117004] ? write_comp_data+0x2f/0x90 [ 195.117431] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.117924] __x64_sys_ioctl+0x1a3/0x230 [ 195.118349] do_syscall_64+0x3b/0x90 [ 195.118784] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.119337] RIP: 0033:0x7f4b8743ee5d [ 195.119718] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.121567] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.122339] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.123086] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.123838] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.124560] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.125279] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.126021] [ 195.126263] irq event stamp: 0 [ 195.126622] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.127290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.128153] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.129002] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.129656] ---[ end trace 0000000000000000 ]--- [ 195.132892] ------------[ cut here ]------------ [ 195.133419] WARNING: CPU: 1 PID: 1855 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.134447] Modules linked in: [ 195.134815] CPU: 1 PID: 1855 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.135716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.136848] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.137353] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.139245] RSP: 0018:ffff88800fb5fbd0 EFLAGS: 00010246 [ 195.139794] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 195.140509] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 195.141224] RBP: ffff88800fb5fbe8 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 195.141940] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff88801883d400 [ 195.142704] R13: ffff888017a471e8 R14: ffff888012194c00 R15: 0000000000000000 [ 195.143438] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.144258] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.144844] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.145564] PKRU: 55555554 [ 195.145850] Call Trace: [ 195.146109] [ 195.146338] iommufd_access_destroy_object+0x65/0x170 [ 195.146906] iommufd_object_destroy_user+0x18e/0x220 [ 195.147435] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.148030] iommufd_access_destroy+0x43/0x70 [ 195.148494] iommufd_test_staccess_release+0x8d/0xd0 [ 195.149024] __fput+0x26d/0xa40 [ 195.149378] ____fput+0x1e/0x30 [ 195.149720] task_work_run+0x1a4/0x2d0 [ 195.150123] ? __pfx_task_work_run+0x10/0x10 [ 195.150608] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.151131] ? switch_task_namespaces+0xa9/0xe0 [ 195.151628] do_exit+0xb17/0x2ef0 [ 195.151983] ? lock_acquire+0x427/0x4c0 [ 195.152400] ? __pfx_lock_release+0x10/0x10 [ 195.152858] ? __kasan_check_write+0x18/0x20 [ 195.153333] ? do_raw_spin_lock+0x132/0x2a0 [ 195.153775] ? __pfx_do_exit+0x10/0x10 [ 195.154185] ? debug_smp_processor_id+0x20/0x30 [ 195.154707] ? rcu_is_watching+0x19/0xb0 [ 195.155143] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.155617] ? trace_hardirqs_on+0x26/0x120 [ 195.156065] do_group_exit+0xe0/0x2b0 [ 195.156463] __x64_sys_exit_group+0x47/0x50 [ 195.156902] do_syscall_64+0x3b/0x90 [ 195.157290] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.157827] RIP: 0033:0x7f4b87518a4d [ 195.158215] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.158885] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.159681] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.160399] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.161123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.161843] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.162603] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.163361] [ 195.163600] irq event stamp: 0 [ 195.163920] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.164560] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.165416] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.166257] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.166932] ---[ end trace 0000000000000000 ]--- [ 195.167812] ------------[ cut here ]------------ [ 195.168293] WARNING: CPU: 1 PID: 1855 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.169330] Modules linked in: [ 195.169659] CPU: 1 PID: 1855 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.170580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.171741] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.172269] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.174129] RSP: 0018:ffff88800fb5fb78 EFLAGS: 00010246 [ 195.174745] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.175482] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 195.176201] RBP: ffff88800fb5fb98 R08: ffffed1002f48e3e R09: ffffed1002f48e3e [ 195.176929] R10: ffff888017a471ef R11: ffffed1002f48e3d R12: ffff888017a47290 [ 195.177652] R13: ffff888017a470a8 R14: ffffffffffffffff R15: ffff88800fb5fc60 [ 195.178376] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.179254] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.179864] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.180616] PKRU: 55555554 [ 195.180929] Call Trace: [ 195.181217] [ 195.181453] iommufd_ioas_destroy+0x53/0x70 [ 195.181916] iommufd_fops_release+0x1f7/0x370 [ 195.182384] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.182945] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.183471] ? write_comp_data+0x2f/0x90 [ 195.183899] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.184413] __fput+0x26d/0xa40 [ 195.184767] ____fput+0x1e/0x30 [ 195.185112] task_work_run+0x1a4/0x2d0 [ 195.185514] ? __pfx_task_work_run+0x10/0x10 [ 195.185963] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.186468] ? switch_task_namespaces+0xa9/0xe0 [ 195.186996] do_exit+0xb17/0x2ef0 [ 195.187364] ? lock_acquire+0x427/0x4c0 [ 195.187779] ? __pfx_lock_release+0x10/0x10 [ 195.188227] ? __kasan_check_write+0x18/0x20 [ 195.188685] ? do_raw_spin_lock+0x132/0x2a0 [ 195.189128] ? __pfx_do_exit+0x10/0x10 [ 195.189539] ? debug_smp_processor_id+0x20/0x30 [ 195.190017] ? rcu_is_watching+0x19/0xb0 [ 195.190434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.190939] ? trace_hardirqs_on+0x26/0x120 [ 195.191405] do_group_exit+0xe0/0x2b0 [ 195.191805] __x64_sys_exit_group+0x47/0x50 [ 195.192245] do_syscall_64+0x3b/0x90 [ 195.192643] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.193189] RIP: 0033:0x7f4b87518a4d [ 195.193575] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.194203] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.195035] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.195793] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.196534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.197266] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.197996] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.198768] [ 195.199006] irq event stamp: 0 [ 195.199345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.199994] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.200849] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.201694] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.202336] ---[ end trace 0000000000000000 ]--- [ 195.208751] ------------[ cut here ]------------ [ 195.209450] WARNING: CPU: 0 PID: 1856 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.211112] Modules linked in: [ 195.211585] CPU: 0 PID: 1856 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.212475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.213608] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.214125] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.216034] RSP: 0018:ffff888012c47bb8 EFLAGS: 00010246 [ 195.216652] RAX: 0000000000000000 RBX: ffff888018a730a8 RCX: 0000000000000000 [ 195.217377] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 195.218105] RBP: ffff888012c47bd0 R08: ffffed100314e633 R09: ffffed100314e633 [ 195.218874] R10: ffff888018a73193 R11: ffffed100314e632 R12: ffff888020d19c00 [ 195.219697] R13: ffff888018a731e8 R14: ffffffff8352e670 R15: ffff888012c47e68 [ 195.220435] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.221288] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.221891] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 195.222677] PKRU: 55555554 [ 195.223038] Call Trace: [ 195.223377] [ 195.223618] __iommufd_access_detach+0x1c2/0x2b0 [ 195.224125] iommufd_access_change_pt+0x149/0x270 [ 195.224650] iommufd_access_replace+0xb4/0x120 [ 195.225142] iommufd_test+0x3e5/0x37e0 [ 195.225569] ? lock_release+0x532/0x770 [ 195.225994] ? __might_fault+0x102/0x1b0 [ 195.226414] ? lock_acquire+0x427/0x4c0 [ 195.226897] ? __pfx_iommufd_test+0x10/0x10 [ 195.227632] ? __pfx_lock_release+0x10/0x10 [ 195.228260] ? __pfx_lock_acquire+0x10/0x10 [ 195.228872] ? write_comp_data+0x2f/0x90 [ 195.229446] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.230125] ? write_comp_data+0x2f/0x90 [ 195.230788] iommufd_fops_ioctl+0x37d/0x510 [ 195.231424] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.232106] ? write_comp_data+0x2f/0x90 [ 195.232680] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.233346] __x64_sys_ioctl+0x1a3/0x230 [ 195.233922] do_syscall_64+0x3b/0x90 [ 195.234452] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.235202] RIP: 0033:0x7f4b8743ee5d [ 195.235710] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.238073] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.239110] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.240065] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.240996] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.241922] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.242891] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.243854] [ 195.244170] irq event stamp: 0 [ 195.244593] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.245422] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.246562] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.247666] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.248497] ---[ end trace 0000000000000000 ]--- [ 195.253328] ------------[ cut here ]------------ [ 195.253995] WARNING: CPU: 0 PID: 1856 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.255390] Modules linked in: [ 195.255828] CPU: 0 PID: 1856 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.256980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.258434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.259176] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.261277] RSP: 0018:ffff888012c47bd0 EFLAGS: 00010246 [ 195.261852] RAX: 0000000000000000 RBX: ffff888018a730a8 RCX: 0000000000000000 [ 195.262679] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 195.263437] RBP: ffff888012c47be8 R08: ffffed100314e633 R09: ffffed100314e633 [ 195.264171] R10: ffff888018a73193 R11: ffffed100314e632 R12: ffff888012e95000 [ 195.264912] R13: ffff888018a731e8 R14: ffff88801663f300 R15: 0000000000000000 [ 195.265646] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.266490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.267147] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 195.267891] PKRU: 55555554 [ 195.268185] Call Trace: [ 195.268456] [ 195.268700] iommufd_access_destroy_object+0x65/0x170 [ 195.269249] iommufd_object_destroy_user+0x18e/0x220 [ 195.269790] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.270407] iommufd_access_destroy+0x43/0x70 [ 195.270930] iommufd_test_staccess_release+0x8d/0xd0 [ 195.271480] __fput+0x26d/0xa40 [ 195.271837] ____fput+0x1e/0x30 [ 195.272184] task_work_run+0x1a4/0x2d0 [ 195.272590] ? __pfx_task_work_run+0x10/0x10 [ 195.273049] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.273554] ? switch_task_namespaces+0xa9/0xe0 [ 195.274044] do_exit+0xb17/0x2ef0 [ 195.274405] ? lock_acquire+0x427/0x4c0 [ 195.274856] ? __pfx_lock_release+0x10/0x10 [ 195.275405] ? __kasan_check_write+0x18/0x20 [ 195.276021] ? do_raw_spin_lock+0x132/0x2a0 [ 195.276684] ? __pfx_do_exit+0x10/0x10 [ 195.277098] ? debug_smp_processor_id+0x20/0x30 [ 195.277573] ? rcu_is_watching+0x19/0xb0 [ 195.277982] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.278454] ? trace_hardirqs_on+0x26/0x120 [ 195.278947] do_group_exit+0xe0/0x2b0 [ 195.279364] __x64_sys_exit_group+0x47/0x50 [ 195.279801] do_syscall_64+0x3b/0x90 [ 195.280192] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.280865] RIP: 0033:0x7f4b87518a4d [ 195.281387] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.282199] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.283018] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.283761] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.284491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.285217] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.286166] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.287149] [ 195.287404] irq event stamp: 0 [ 195.287730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.288380] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.289228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.290111] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.291089] ---[ end trace 0000000000000000 ]--- [ 195.292039] ------------[ cut here ]------------ [ 195.292527] WARNING: CPU: 0 PID: 1856 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.293559] Modules linked in: [ 195.293900] CPU: 0 PID: 1856 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.295003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.296363] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.296894] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.298868] RSP: 0018:ffff888012c47b78 EFLAGS: 00010246 [ 195.299447] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.300329] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 195.301273] RBP: ffff888012c47b98 R08: ffffed100314e63e R09: ffffed100314e63e [ 195.302146] R10: ffff888018a731ef R11: ffffed100314e63d R12: ffff888018a73290 [ 195.302918] R13: ffff888018a730a8 R14: ffffffffffffffff R15: ffff888012c47c60 [ 195.303672] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.304512] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.305181] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 195.306292] PKRU: 55555554 [ 195.306635] Call Trace: [ 195.306902] [ 195.307157] iommufd_ioas_destroy+0x53/0x70 [ 195.307619] iommufd_fops_release+0x1f7/0x370 [ 195.308094] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.308616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.309129] ? write_comp_data+0x2f/0x90 [ 195.309567] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.310185] __fput+0x26d/0xa40 [ 195.310699] ____fput+0x1e/0x30 [ 195.311207] task_work_run+0x1a4/0x2d0 [ 195.311622] ? __pfx_task_work_run+0x10/0x10 [ 195.312083] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.312586] ? switch_task_namespaces+0xa9/0xe0 [ 195.313079] do_exit+0xb17/0x2ef0 [ 195.313444] ? lock_acquire+0x427/0x4c0 [ 195.313862] ? __pfx_lock_release+0x10/0x10 [ 195.314326] ? __kasan_check_write+0x18/0x20 [ 195.314905] ? do_raw_spin_lock+0x132/0x2a0 [ 195.315595] ? __pfx_do_exit+0x10/0x10 [ 195.316023] ? debug_smp_processor_id+0x20/0x30 [ 195.316519] ? rcu_is_watching+0x19/0xb0 [ 195.316948] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.317424] ? trace_hardirqs_on+0x26/0x120 [ 195.317886] do_group_exit+0xe0/0x2b0 [ 195.318287] __x64_sys_exit_group+0x47/0x50 [ 195.318790] do_syscall_64+0x3b/0x90 [ 195.319215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.319801] RIP: 0033:0x7f4b87518a4d [ 195.320317] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.321161] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.321951] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.322754] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.323519] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.324265] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.325155] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.326142] [ 195.326388] irq event stamp: 0 [ 195.326760] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.327427] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.328293] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.329155] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.330015] ---[ end trace 0000000000000000 ]--- [ 195.336082] ------------[ cut here ]------------ [ 195.336600] WARNING: CPU: 0 PID: 1857 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.337639] Modules linked in: [ 195.337976] CPU: 0 PID: 1857 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.339029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.340293] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.341072] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.343005] RSP: 0018:ffff88800f6ffbb8 EFLAGS: 00010246 [ 195.343584] RAX: 0000000000000000 RBX: ffff8880171bc8a8 RCX: 0000000000000000 [ 195.344332] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 195.345067] RBP: ffff88800f6ffbd0 R08: ffffed1002e37933 R09: ffffed1002e37933 [ 195.345803] R10: ffff8880171bc993 R11: ffffed1002e37932 R12: ffff888012e90c00 [ 195.346580] R13: ffff8880171bc9e8 R14: ffffffff8352e670 R15: ffff88800f6ffe68 [ 195.347344] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.348186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.348790] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 195.349528] PKRU: 55555554 [ 195.349828] Call Trace: [ 195.350097] [ 195.350337] __iommufd_access_detach+0x1c2/0x2b0 [ 195.350897] iommufd_access_change_pt+0x149/0x270 [ 195.351426] iommufd_access_replace+0xb4/0x120 [ 195.351917] iommufd_test+0x3e5/0x37e0 [ 195.352329] ? lock_release+0x532/0x770 [ 195.352757] ? __might_fault+0x102/0x1b0 [ 195.353187] ? lock_acquire+0x427/0x4c0 [ 195.353612] ? __pfx_iommufd_test+0x10/0x10 [ 195.354053] ? __pfx_lock_release+0x10/0x10 [ 195.354549] ? __pfx_lock_acquire+0x10/0x10 [ 195.355012] ? write_comp_data+0x2f/0x90 [ 195.355471] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.355987] ? write_comp_data+0x2f/0x90 [ 195.356420] iommufd_fops_ioctl+0x37d/0x510 [ 195.356877] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.357388] ? write_comp_data+0x2f/0x90 [ 195.357823] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.358327] __x64_sys_ioctl+0x1a3/0x230 [ 195.358816] do_syscall_64+0x3b/0x90 [ 195.359237] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.359781] RIP: 0033:0x7f4b8743ee5d [ 195.360170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.362058] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.362896] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.363651] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.364387] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.365127] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.365862] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.366638] [ 195.366886] irq event stamp: 0 [ 195.367225] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.367876] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.368743] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.369598] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.370246] ---[ end trace 0000000000000000 ]--- [ 195.374113] ------------[ cut here ]------------ [ 195.374673] WARNING: CPU: 0 PID: 1857 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.375737] Modules linked in: [ 195.376067] CPU: 0 PID: 1857 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.377134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.378720] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.379249] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.381129] RSP: 0018:ffff88800f6ffbd0 EFLAGS: 00010246 [ 195.381726] RAX: 0000000000000000 RBX: ffff8880171bc8a8 RCX: 0000000000000000 [ 195.382729] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 195.383650] RBP: ffff88800f6ffbe8 R08: ffffed1002e37933 R09: ffffed1002e37933 [ 195.384381] R10: ffff8880171bc993 R11: ffffed1002e37932 R12: ffff888020d18c00 [ 195.385112] R13: ffff8880171bc9e8 R14: ffff888020908d00 R15: 0000000000000000 [ 195.385835] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.386755] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.387362] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 195.387579] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 195.390367] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 195.390906] PKRU: 55555554 [ 195.390916] Call Trace: [ 195.390920] [ 195.390929] iommufd_access_destroy_object+0x65/0x170 [ 195.394123] iommufd_object_destroy_user+0x18e/0x220 [ 195.394687] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.395293] iommufd_access_destroy+0x43/0x70 [ 195.395765] iommufd_test_staccess_release+0x8d/0xd0 [ 195.396295] __fput+0x26d/0xa40 [ 195.396656] ____fput+0x1e/0x30 [ 195.397002] task_work_run+0x1a4/0x2d0 [ 195.397412] ? __pfx_task_work_run+0x10/0x10 [ 195.397871] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.398379] ? switch_task_namespaces+0xa9/0xe0 [ 195.398896] do_exit+0xb17/0x2ef0 [ 195.399271] ? lock_acquire+0x427/0x4c0 [ 195.399697] ? __pfx_lock_release+0x10/0x10 [ 195.400144] ? __kasan_check_write+0x18/0x20 [ 195.400606] ? do_raw_spin_lock+0x132/0x2a0 [ 195.401357] ? __pfx_do_exit+0x10/0x10 [ 195.401776] ? debug_smp_processor_id+0x20/0x30 [ 195.402265] ? rcu_is_watching+0x19/0xb0 [ 195.402716] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.403263] ? trace_hardirqs_on+0x26/0x120 [ 195.403875] do_group_exit+0xe0/0x2b0 [ 195.404271] __x64_sys_exit_group+0x47/0x50 [ 195.404714] do_syscall_64+0x3b/0x90 [ 195.405124] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.405666] RIP: 0033:0x7f4b87518a4d [ 195.406062] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.406829] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.407767] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.408512] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.409241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.409971] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.410730] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.411482] [ 195.411727] irq event stamp: 0 [ 195.412053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.412710] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.413562] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.414716] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.415369] ---[ end trace 0000000000000000 ]--- [ 195.422917] ------------[ cut here ]------------ [ 195.423663] WARNING: CPU: 0 PID: 1857 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.424718] Modules linked in: [ 195.425052] CPU: 0 PID: 1857 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.426187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.427433] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.428092] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.430039] RSP: 0018:ffff88800f6ffb78 EFLAGS: 00010246 [ 195.430767] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.431509] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 195.432239] RBP: ffff88800f6ffb98 R08: ffffed1002e3793e R09: ffffed1002e3793e [ 195.432968] R10: ffff8880171bc9ef R11: ffffed1002e3793d R12: ffff8880171bca90 [ 195.433691] R13: ffff8880171bc8a8 R14: ffffffffffffffff R15: ffff88800f6ffc60 [ 195.434416] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.435284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.435877] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 195.436596] PKRU: 55555554 [ 195.436885] Call Trace: [ 195.437148] [ 195.437381] iommufd_ioas_destroy+0x53/0x70 [ 195.437831] iommufd_fops_release+0x1f7/0x370 [ 195.438299] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.438860] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.439391] ? write_comp_data+0x2f/0x90 [ 195.439818] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.440334] __fput+0x26d/0xa40 [ 195.440693] ____fput+0x1e/0x30 [ 195.441045] task_work_run+0x1a4/0x2d0 [ 195.441452] ? __pfx_task_work_run+0x10/0x10 [ 195.441909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.442415] ? switch_task_namespaces+0xa9/0xe0 [ 195.442925] do_exit+0xb17/0x2ef0 [ 195.443288] ? lock_acquire+0x427/0x4c0 [ 195.443695] ? __pfx_lock_release+0x10/0x10 [ 195.444136] ? __kasan_check_write+0x18/0x20 [ 195.444581] ? do_raw_spin_lock+0x132/0x2a0 [ 195.445017] ? __pfx_do_exit+0x10/0x10 [ 195.445425] ? debug_smp_processor_id+0x20/0x30 [ 195.445901] ? rcu_is_watching+0x19/0xb0 [ 195.446315] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.446802] ? trace_hardirqs_on+0x26/0x120 [ 195.447257] do_group_exit+0xe0/0x2b0 [ 195.447648] __x64_sys_exit_group+0x47/0x50 [ 195.448081] do_syscall_64+0x3b/0x90 [ 195.448465] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.449002] RIP: 0033:0x7f4b87518a4d [ 195.449387] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.450015] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.450806] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.451537] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.452250] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.452968] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.453697] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.454428] [ 195.454688] irq event stamp: 0 [ 195.455013] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.455665] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.456501] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.457332] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.457968] ---[ end trace 0000000000000000 ]--- [ 195.463412] ------------[ cut here ]------------ [ 195.463958] WARNING: CPU: 0 PID: 1859 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.465198] Modules linked in: [ 195.465524] CPU: 0 PID: 1859 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.466639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.467793] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.468303] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.470145] RSP: 0018:ffff8880159efbb8 EFLAGS: 00010246 [ 195.470704] RAX: 0000000000000000 RBX: ffff888012c440a8 RCX: 0000000000000000 [ 195.471402] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 195.472056] RBP: ffff8880159efbd0 R08: ffffed1002588833 R09: ffffed1002588833 [ 195.472719] R10: ffff888012c44193 R11: ffffed1002588832 R12: ffff888018808000 [ 195.473378] R13: ffff888012c441e8 R14: ffffffff8352e670 R15: ffff8880159efe68 [ 195.474034] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.474812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.475361] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ef0 [ 195.476022] PKRU: 55555554 [ 195.476285] Call Trace: [ 195.476524] [ 195.476735] __iommufd_access_detach+0x1c2/0x2b0 [ 195.477191] iommufd_access_change_pt+0x149/0x270 [ 195.477647] iommufd_access_replace+0xb4/0x120 [ 195.478081] iommufd_test+0x3e5/0x37e0 [ 195.478439] ? lock_release+0x532/0x770 [ 195.478842] ? __might_fault+0x102/0x1b0 [ 195.479242] ? lock_acquire+0x427/0x4c0 [ 195.479621] ? __pfx_iommufd_test+0x10/0x10 [ 195.480021] ? __pfx_lock_release+0x10/0x10 [ 195.480426] ? __pfx_lock_acquire+0x10/0x10 [ 195.480836] ? write_comp_data+0x2f/0x90 [ 195.481225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.481681] ? write_comp_data+0x2f/0x90 [ 195.482074] iommufd_fops_ioctl+0x37d/0x510 [ 195.482481] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.482963] ? write_comp_data+0x2f/0x90 [ 195.483364] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.483817] __x64_sys_ioctl+0x1a3/0x230 [ 195.484210] do_syscall_64+0x3b/0x90 [ 195.484563] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.485047] RIP: 0033:0x7f4b8743ee5d [ 195.485391] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.487061] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.487779] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.488423] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.489065] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.489706] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.490345] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.491021] [ 195.491242] irq event stamp: 0 [ 195.491512] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.492047] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.492765] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.493478] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.494018] ---[ end trace 0000000000000000 ]--- [ 195.497090] ------------[ cut here ]------------ [ 195.497604] WARNING: CPU: 0 PID: 1859 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.498470] Modules linked in: [ 195.498825] CPU: 0 PID: 1859 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.499744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.500706] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.501210] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.502900] RSP: 0018:ffff8880159efbd0 EFLAGS: 00010246 [ 195.503439] RAX: 0000000000000000 RBX: ffff888012c440a8 RCX: 0000000000000000 [ 195.504137] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 195.504750] RBP: ffff8880159efbe8 R08: ffffed1002588833 R09: ffffed1002588833 [ 195.505524] R10: ffff888012c44193 R11: ffffed1002588832 R12: ffff888012e92800 [ 195.506136] R13: ffff888012c441e8 R14: ffff88800f492400 R15: 0000000000000000 [ 195.506770] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.507664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.508162] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 195.508779] PKRU: 55555554 [ 195.509057] Call Trace: [ 195.509399] [ 195.509600] iommufd_access_destroy_object+0x65/0x170 [ 195.510048] iommufd_object_destroy_user+0x18e/0x220 [ 195.510489] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.511215] iommufd_access_destroy+0x43/0x70 [ 195.511618] iommufd_test_staccess_release+0x8d/0xd0 [ 195.512064] __fput+0x26d/0xa40 [ 195.512364] ____fput+0x1e/0x30 [ 195.512698] task_work_run+0x1a4/0x2d0 [ 195.513158] ? __pfx_task_work_run+0x10/0x10 [ 195.513551] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.513982] ? switch_task_namespaces+0xa9/0xe0 [ 195.514403] do_exit+0xb17/0x2ef0 [ 195.514891] ? lock_acquire+0x427/0x4c0 [ 195.515260] ? __pfx_lock_release+0x10/0x10 [ 195.515645] ? __kasan_check_write+0x18/0x20 [ 195.516035] ? do_raw_spin_lock+0x132/0x2a0 [ 195.516452] ? __pfx_do_exit+0x10/0x10 [ 195.516929] ? debug_smp_processor_id+0x20/0x30 [ 195.517344] ? rcu_is_watching+0x19/0xb0 [ 195.517697] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.518142] ? trace_hardirqs_on+0x26/0x120 [ 195.518669] do_group_exit+0xe0/0x2b0 [ 195.519007] __x64_sys_exit_group+0x47/0x50 [ 195.519397] do_syscall_64+0x3b/0x90 [ 195.519731] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.520261] RIP: 0033:0x7f4b87518a4d [ 195.520657] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.521200] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.521875] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.522655] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.523537] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.524380] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.525232] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.526088] [ 195.526373] irq event stamp: 0 [ 195.526816] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.527595] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.528587] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.529568] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.530310] ---[ end trace 0000000000000000 ]--- [ 195.532295] ------------[ cut here ]------------ [ 195.532765] WARNING: CPU: 0 PID: 1859 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.533736] Modules linked in: [ 195.534130] CPU: 0 PID: 1859 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.534920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.535980] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.536532] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.538263] RSP: 0018:ffff8880159efb78 EFLAGS: 00010246 [ 195.538757] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.539383] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 195.540066] RBP: ffff8880159efb98 R08: ffffed100258883e R09: ffffed100258883e [ 195.540797] R10: ffff888012c441ef R11: ffffed100258883d R12: ffff888012c44290 [ 195.541402] R13: ffff888012c440a8 R14: ffffffffffffffff R15: ffff8880159efc60 [ 195.542084] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.542901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.543409] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 195.544017] PKRU: 55555554 [ 195.544345] Call Trace: [ 195.544678] [ 195.544878] iommufd_ioas_destroy+0x53/0x70 [ 195.545260] iommufd_fops_release+0x1f7/0x370 [ 195.545652] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.546140] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.546703] ? write_comp_data+0x2f/0x90 [ 195.547063] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.547505] __fput+0x26d/0xa40 [ 195.547806] ____fput+0x1e/0x30 [ 195.548101] task_work_run+0x1a4/0x2d0 [ 195.548531] ? __pfx_task_work_run+0x10/0x10 [ 195.549042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.549483] ? switch_task_namespaces+0xa9/0xe0 [ 195.549901] do_exit+0xb17/0x2ef0 [ 195.550211] ? lock_acquire+0x427/0x4c0 [ 195.550586] ? __pfx_lock_release+0x10/0x10 [ 195.550965] ? __kasan_check_write+0x18/0x20 [ 195.551365] ? do_raw_spin_lock+0x132/0x2a0 [ 195.551738] ? __pfx_do_exit+0x10/0x10 [ 195.552080] ? debug_smp_processor_id+0x20/0x30 [ 195.552498] ? rcu_is_watching+0x19/0xb0 [ 195.552847] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.553241] ? trace_hardirqs_on+0x26/0x120 [ 195.553622] do_group_exit+0xe0/0x2b0 [ 195.553958] __x64_sys_exit_group+0x47/0x50 [ 195.554332] do_syscall_64+0x3b/0x90 [ 195.554688] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.555155] RIP: 0033:0x7f4b87518a4d [ 195.555474] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.555981] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.556603] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.557175] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.557738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.558302] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.558892] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.559479] [ 195.559667] irq event stamp: 0 [ 195.559920] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.560424] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.561093] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.561763] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.562268] ---[ end trace 0000000000000000 ]--- [ 195.569844] ------------[ cut here ]------------ [ 195.570670] WARNING: CPU: 0 PID: 1860 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.571507] Modules linked in: [ 195.571767] CPU: 0 PID: 1860 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.572467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.573363] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.573763] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.575231] RSP: 0018:ffff88802463fbb8 EFLAGS: 00010246 [ 195.575653] RAX: 0000000000000000 RBX: ffff888011db68a8 RCX: 0000000000000000 [ 195.576209] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 195.576769] RBP: ffff88802463fbd0 R08: ffffed10023b6d33 R09: ffffed10023b6d33 [ 195.577325] R10: ffff888011db6993 R11: ffffed10023b6d32 R12: ffff888013b22400 [ 195.577890] R13: ffff888011db69e8 R14: ffffffff8352e670 R15: ffff88802463fe68 [ 195.578450] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 195.579097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.579565] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 195.580116] PKRU: 55555554 [ 195.580335] Call Trace: [ 195.580529] [ 195.580701] __iommufd_access_detach+0x1c2/0x2b0 [ 195.581067] iommufd_access_change_pt+0x149/0x270 [ 195.581445] iommufd_access_replace+0xb4/0x120 [ 195.581802] iommufd_test+0x3e5/0x37e0 [ 195.582098] ? lock_release+0x532/0x770 [ 195.582410] ? __might_fault+0x102/0x1b0 [ 195.582745] ? lock_acquire+0x427/0x4c0 [ 195.583058] ? __pfx_iommufd_test+0x10/0x10 [ 195.583394] ? __pfx_lock_release+0x10/0x10 [ 195.583728] ? __pfx_lock_acquire+0x10/0x10 [ 195.584065] ? write_comp_data+0x2f/0x90 [ 195.584383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.584760] ? write_comp_data+0x2f/0x90 [ 195.585079] iommufd_fops_ioctl+0x37d/0x510 [ 195.585411] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.585792] ? write_comp_data+0x2f/0x90 [ 195.586114] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.586484] __x64_sys_ioctl+0x1a3/0x230 [ 195.586826] do_syscall_64+0x3b/0x90 [ 195.587129] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.587534] RIP: 0033:0x7f4b8743ee5d [ 195.587819] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.589188] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.589764] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.590299] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.590858] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.591407] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.591944] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.592490] [ 195.592668] irq event stamp: 0 [ 195.592909] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.593388] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.594023] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.594671] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.595158] ---[ end trace 0000000000000000 ]--- [ 195.597947] ------------[ cut here ]------------ [ 195.598451] WARNING: CPU: 1 PID: 1860 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.599328] Modules linked in: [ 195.599575] CPU: 1 PID: 1860 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.600423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.601290] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.601683] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.603234] RSP: 0018:ffff88802463fbd0 EFLAGS: 00010246 [ 195.603683] RAX: 0000000000000000 RBX: ffff888011db68a8 RCX: 0000000000000000 [ 195.604316] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 195.604867] RBP: ffff88802463fbe8 R08: ffffed10023b6d33 R09: ffffed10023b6d33 [ 195.605431] R10: ffff888011db6993 R11: ffffed10023b6d32 R12: ffff88801880b000 [ 195.606101] R13: ffff888011db69e8 R14: ffff8880149ba500 R15: 0000000000000000 [ 195.606654] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.607325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.607854] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.608408] PKRU: 55555554 [ 195.608627] Call Trace: [ 195.608824] [ 195.609025] iommufd_access_destroy_object+0x65/0x170 [ 195.609536] iommufd_object_destroy_user+0x18e/0x220 [ 195.609929] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.610390] iommufd_access_destroy+0x43/0x70 [ 195.610760] iommufd_test_staccess_release+0x8d/0xd0 [ 195.611292] __fput+0x26d/0xa40 [ 195.611562] ____fput+0x1e/0x30 [ 195.611822] task_work_run+0x1a4/0x2d0 [ 195.612133] ? __pfx_task_work_run+0x10/0x10 [ 195.612489] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.612985] ? switch_task_namespaces+0xa9/0xe0 [ 195.613368] do_exit+0xb17/0x2ef0 [ 195.613638] ? lock_acquire+0x427/0x4c0 [ 195.613954] ? __pfx_lock_release+0x10/0x10 [ 195.614294] ? __kasan_check_write+0x18/0x20 [ 195.614787] ? do_raw_spin_lock+0x132/0x2a0 [ 195.615130] ? __pfx_do_exit+0x10/0x10 [ 195.615451] ? debug_smp_processor_id+0x20/0x30 [ 195.615813] ? rcu_is_watching+0x19/0xb0 [ 195.616126] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.616602] ? trace_hardirqs_on+0x26/0x120 [ 195.617004] do_group_exit+0xe0/0x2b0 [ 195.617306] __x64_sys_exit_group+0x47/0x50 [ 195.617660] do_syscall_64+0x3b/0x90 [ 195.617972] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.618476] RIP: 0033:0x7f4b87518a4d [ 195.618791] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.619272] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.619921] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.620531] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.621083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.621681] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.622287] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.622849] [ 195.623041] irq event stamp: 0 [ 195.623291] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.623908] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.624561] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.625243] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.625810] ---[ end trace 0000000000000000 ]--- [ 195.628443] ------------[ cut here ]------------ [ 195.628912] WARNING: CPU: 1 PID: 1860 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.629774] Modules linked in: [ 195.630021] CPU: 1 PID: 1860 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.630769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.631727] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.632126] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.633644] RSP: 0018:ffff88802463fb78 EFLAGS: 00010246 [ 195.634070] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.634750] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 195.635312] RBP: ffff88802463fb98 R08: ffffed10023b6d3e R09: ffffed10023b6d3e [ 195.635855] R10: ffff888011db69ef R11: ffffed10023b6d3d R12: ffff888011db6a90 [ 195.636527] R13: ffff888011db68a8 R14: ffffffffffffffff R15: ffff88802463fc60 [ 195.637075] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.637713] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.638290] CR2: 00007f82e2a91018 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 195.638855] PKRU: 55555554 [ 195.639082] Call Trace: [ 195.639305] [ 195.639483] iommufd_ioas_destroy+0x53/0x70 [ 195.639839] iommufd_fops_release+0x1f7/0x370 [ 195.640307] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.640713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.641102] ? write_comp_data+0x2f/0x90 [ 195.641434] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.641896] __fput+0x26d/0xa40 [ 195.642229] ____fput+0x1e/0x30 [ 195.642493] task_work_run+0x1a4/0x2d0 [ 195.642836] ? __pfx_task_work_run+0x10/0x10 [ 195.643198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.643602] ? switch_task_namespaces+0xa9/0xe0 [ 195.644085] do_exit+0xb17/0x2ef0 [ 195.644361] ? lock_acquire+0x427/0x4c0 [ 195.644680] ? __pfx_lock_release+0x10/0x10 [ 195.645032] ? __kasan_check_write+0x18/0x20 [ 195.645391] ? do_raw_spin_lock+0x132/0x2a0 [ 195.645842] ? __pfx_do_exit+0x10/0x10 [ 195.646155] ? debug_smp_processor_id+0x20/0x30 [ 195.646536] ? rcu_is_watching+0x19/0xb0 [ 195.646859] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.647237] ? trace_hardirqs_on+0x26/0x120 [ 195.647701] do_group_exit+0xe0/0x2b0 [ 195.648014] __x64_sys_exit_group+0x47/0x50 [ 195.648353] do_syscall_64+0x3b/0x90 [ 195.648651] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.649066] RIP: 0033:0x7f4b87518a4d [ 195.649418] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.649963] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.650582] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.651144] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.651704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.652248] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.652933] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.653503] [ 195.653686] irq event stamp: 0 [ 195.653930] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.654439] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.655217] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.655875] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.656360] ---[ end trace 0000000000000000 ]--- [ 195.660990] ------------[ cut here ]------------ [ 195.661394] WARNING: CPU: 1 PID: 1861 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.662166] Modules linked in: [ 195.662447] CPU: 1 PID: 1861 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.663420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.664282] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.664692] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.666200] RSP: 0018:ffff888023e8fbb8 EFLAGS: 00010246 [ 195.666701] RAX: 0000000000000000 RBX: ffff8880178778a8 RCX: 0000000000000000 [ 195.667316] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 195.667868] RBP: ffff888023e8fbd0 R08: ffffed1002f0ef33 R09: ffffed1002f0ef33 [ 195.668410] R10: ffff888017877993 R11: ffffed1002f0ef32 R12: ffff888010e03c00 [ 195.669098] R13: ffff8880178779e8 R14: ffffffff8352e670 R15: ffff888023e8fe68 [ 195.669652] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.670296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.670898] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 195.671493] PKRU: 55555554 [ 195.671725] Call Trace: [ 195.671932] [ 195.672128] __iommufd_access_detach+0x1c2/0x2b0 [ 195.672527] iommufd_access_change_pt+0x149/0x270 [ 195.673061] iommufd_access_replace+0xb4/0x120 [ 195.673451] iommufd_test+0x3e5/0x37e0 [ 195.673767] ? lock_release+0x532/0x770 [ 195.674098] ? __might_fault+0x102/0x1b0 [ 195.674460] ? lock_acquire+0x427/0x4c0 [ 195.674926] ? __pfx_iommufd_test+0x10/0x10 [ 195.675298] ? __pfx_lock_release+0x10/0x10 [ 195.675658] ? __pfx_lock_acquire+0x10/0x10 [ 195.676018] ? write_comp_data+0x2f/0x90 [ 195.676375] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.676791] ? write_comp_data+0x2f/0x90 [ 195.677251] iommufd_fops_ioctl+0x37d/0x510 [ 195.677619] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.678024] ? write_comp_data+0x2f/0x90 [ 195.678366] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.678817] __x64_sys_ioctl+0x1a3/0x230 [ 195.679263] do_syscall_64+0x3b/0x90 [ 195.679590] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.680017] RIP: 0033:0x7f4b8743ee5d [ 195.680318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.681981] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.682634] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.683306] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.683948] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.684529] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.685179] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.685829] [ 195.686018] irq event stamp: 0 [ 195.686284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.686817] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.687652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.688327] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.688844] ---[ end trace 0000000000000000 ]--- [ 195.691759] ------------[ cut here ]------------ [ 195.692176] WARNING: CPU: 1 PID: 1861 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.692999] Modules linked in: [ 195.693255] CPU: 1 PID: 1861 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.693961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.694896] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.695311] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.696784] RSP: 0018:ffff888023e8fbd0 EFLAGS: 00010246 [ 195.697225] RAX: 0000000000000000 RBX: ffff8880178778a8 RCX: 0000000000000000 [ 195.697797] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 195.698376] RBP: ffff888023e8fbe8 R08: ffffed1002f0ef33 R09: ffffed1002f0ef33 [ 195.698988] R10: ffff888017877993 R11: ffffed1002f0ef32 R12: ffff88801420d400 [ 195.699587] R13: ffff8880178779e8 R14: ffff8880137a3700 R15: 0000000000000000 [ 195.700158] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.700816] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.701283] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.701867] PKRU: 55555554 [ 195.702095] Call Trace: [ 195.702301] [ 195.702490] iommufd_access_destroy_object+0x65/0x170 [ 195.702940] iommufd_object_destroy_user+0x18e/0x220 [ 195.703365] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.703853] iommufd_access_destroy+0x43/0x70 [ 195.704227] iommufd_test_staccess_release+0x8d/0xd0 [ 195.704650] __fput+0x26d/0xa40 [ 195.704949] ____fput+0x1e/0x30 [ 195.705223] task_work_run+0x1a4/0x2d0 [ 195.705545] ? __pfx_task_work_run+0x10/0x10 [ 195.705920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.706323] ? switch_task_namespaces+0xa9/0xe0 [ 195.706731] do_exit+0xb17/0x2ef0 [ 195.707026] ? lock_acquire+0x427/0x4c0 [ 195.707366] ? __pfx_lock_release+0x10/0x10 [ 195.707721] ? __kasan_check_write+0x18/0x20 [ 195.708091] ? do_raw_spin_lock+0x132/0x2a0 [ 195.708443] ? __pfx_do_exit+0x10/0x10 [ 195.708765] ? debug_smp_processor_id+0x20/0x30 [ 195.709155] ? rcu_is_watching+0x19/0xb0 [ 195.709488] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.709860] ? trace_hardirqs_on+0x26/0x120 [ 195.710228] do_group_exit+0xe0/0x2b0 [ 195.710556] __x64_sys_exit_group+0x47/0x50 [ 195.710908] do_syscall_64+0x3b/0x90 [ 195.711244] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.711671] RIP: 0033:0x7f4b87518a4d [ 195.711973] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.712478] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.713087] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.713669] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.714239] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.714840] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.715421] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.716013] [ 195.716203] irq event stamp: 0 [ 195.716460] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.716983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.717658] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.718339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.718893] ---[ end trace 0000000000000000 ]--- [ 195.719623] ------------[ cut here ]------------ [ 195.720020] WARNING: CPU: 1 PID: 1861 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.720844] Modules linked in: [ 195.721118] CPU: 1 PID: 1861 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.721820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.722759] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.723196] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.724669] RSP: 0018:ffff888023e8fb78 EFLAGS: 00010246 [ 195.725101] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.725687] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 195.726260] RBP: ffff888023e8fb98 R08: ffffed1002f0ef3e R09: ffffed1002f0ef3e [ 195.726860] R10: ffff8880178779ef R11: ffffed1002f0ef3d R12: ffff888017877a90 [ 195.727443] R13: ffff8880178778a8 R14: ffffffffffffffff R15: ffff888023e8fc60 [ 195.728028] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.728686] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.729150] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.729739] PKRU: 55555554 [ 195.729966] Call Trace: [ 195.730173] [ 195.730357] iommufd_ioas_destroy+0x53/0x70 [ 195.730736] iommufd_fops_release+0x1f7/0x370 [ 195.731106] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.731528] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.731943] ? write_comp_data+0x2f/0x90 [ 195.732272] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.732664] __fput+0x26d/0xa40 [ 195.732952] ____fput+0x1e/0x30 [ 195.733221] task_work_run+0x1a4/0x2d0 [ 195.733533] ? __pfx_task_work_run+0x10/0x10 [ 195.733883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.734284] ? switch_task_namespaces+0xa9/0xe0 [ 195.734679] do_exit+0xb17/0x2ef0 [ 195.734953] ? lock_acquire+0x427/0x4c0 [ 195.735303] ? __pfx_lock_release+0x10/0x10 [ 195.735650] ? __kasan_check_write+0x18/0x20 [ 195.736000] ? do_raw_spin_lock+0x132/0x2a0 [ 195.736352] ? __pfx_do_exit+0x10/0x10 [ 195.736666] ? debug_smp_processor_id+0x20/0x30 [ 195.737033] ? rcu_is_watching+0x19/0xb0 [ 195.737365] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.737726] ? trace_hardirqs_on+0x26/0x120 [ 195.738071] do_group_exit+0xe0/0x2b0 [ 195.738384] __x64_sys_exit_group+0x47/0x50 [ 195.738744] do_syscall_64+0x3b/0x90 [ 195.739047] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.739484] RIP: 0033:0x7f4b87518a4d [ 195.739777] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.740258] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.740859] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.741408] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.741972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.742541] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.743112] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.743686] [ 195.743880] irq event stamp: 0 [ 195.744126] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.744613] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.745270] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.745932] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.746410] ---[ end trace 0000000000000000 ]--- [ 195.750853] ------------[ cut here ]------------ [ 195.751251] WARNING: CPU: 1 PID: 1862 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.752029] Modules linked in: [ 195.752275] CPU: 1 PID: 1862 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.752951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.753817] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.754199] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.755631] RSP: 0018:ffff88800af3fbb8 EFLAGS: 00010246 [ 195.756052] RAX: 0000000000000000 RBX: ffff8880244110a8 RCX: 0000000000000000 [ 195.756594] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 195.757145] RBP: ffff88800af3fbd0 R08: ffffed1004882233 R09: ffffed1004882233 [ 195.757686] R10: ffff888024411193 R11: ffffed1004882232 R12: ffff88800f74dc00 [ 195.758240] R13: ffff8880244111e8 R14: ffffffff8352e670 R15: ffff88800af3fe68 [ 195.758801] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.759437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.759878] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 195.760438] PKRU: 55555554 [ 195.760657] Call Trace: [ 195.760856] [ 195.761030] __iommufd_access_detach+0x1c2/0x2b0 [ 195.761422] iommufd_access_change_pt+0x149/0x270 [ 195.761802] iommufd_access_replace+0xb4/0x120 [ 195.762173] iommufd_test+0x3e5/0x37e0 [ 195.762476] ? lock_release+0x532/0x770 [ 195.762812] ? __might_fault+0x102/0x1b0 [ 195.763150] ? lock_acquire+0x427/0x4c0 [ 195.763450] ? __pfx_iommufd_test+0x10/0x10 [ 195.763781] ? __pfx_lock_release+0x10/0x10 [ 195.764121] ? __pfx_lock_acquire+0x10/0x10 [ 195.764474] ? write_comp_data+0x2f/0x90 [ 195.764797] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.765181] ? write_comp_data+0x2f/0x90 [ 195.765517] iommufd_fops_ioctl+0x37d/0x510 [ 195.765855] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.766236] ? write_comp_data+0x2f/0x90 [ 195.766596] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.766973] __x64_sys_ioctl+0x1a3/0x230 [ 195.767315] do_syscall_64+0x3b/0x90 [ 195.767630] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.768042] RIP: 0033:0x7f4b8743ee5d [ 195.768332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.769756] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.770352] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.770933] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.771489] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.772048] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.772590] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.773160] [ 195.773344] irq event stamp: 0 [ 195.773588] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.774076] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.774752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.775427] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.775911] ---[ end trace 0000000000000000 ]--- [ 195.778658] ------------[ cut here ]------------ [ 195.779059] WARNING: CPU: 1 PID: 1862 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.779854] Modules linked in: [ 195.780101] CPU: 1 PID: 1862 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.780780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.781638] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.782031] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.783686] RSP: 0018:ffff88800af3fbd0 EFLAGS: 00010246 [ 195.784116] RAX: 0000000000000000 RBX: ffff8880244110a8 RCX: 0000000000000000 [ 195.784659] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 195.785214] RBP: ffff88800af3fbe8 R08: ffffed1004882233 R09: ffffed1004882233 [ 195.785757] R10: ffff888024411193 R11: ffffed1004882232 R12: ffff888010e02400 [ 195.786317] R13: ffff8880244111e8 R14: ffff8880123ecb00 R15: 0000000000000000 [ 195.786884] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.787531] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.787979] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.788540] PKRU: 55555554 [ 195.788759] Call Trace: [ 195.788958] [ 195.789136] iommufd_access_destroy_object+0x65/0x170 [ 195.789548] iommufd_object_destroy_user+0x18e/0x220 [ 195.789945] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.790402] iommufd_access_destroy+0x43/0x70 [ 195.790793] iommufd_test_staccess_release+0x8d/0xd0 [ 195.791209] __fput+0x26d/0xa40 [ 195.791483] ____fput+0x1e/0x30 [ 195.791762] task_work_run+0x1a4/0x2d0 [ 195.792073] ? __pfx_task_work_run+0x10/0x10 [ 195.792416] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.792810] ? switch_task_namespaces+0xa9/0xe0 [ 195.793182] do_exit+0xb17/0x2ef0 [ 195.793452] ? lock_acquire+0x427/0x4c0 [ 195.793780] ? __pfx_lock_release+0x10/0x10 [ 195.794119] ? __kasan_check_write+0x18/0x20 [ 195.794462] ? do_raw_spin_lock+0x132/0x2a0 [ 195.794834] ? __pfx_do_exit+0x10/0x10 [ 195.795158] ? debug_smp_processor_id+0x20/0x30 [ 195.795521] ? rcu_is_watching+0x19/0xb0 [ 195.795843] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.796206] ? trace_hardirqs_on+0x26/0x120 [ 195.796548] do_group_exit+0xe0/0x2b0 [ 195.796848] __x64_sys_exit_group+0x47/0x50 [ 195.797203] do_syscall_64+0x3b/0x90 [ 195.797504] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.797909] RIP: 0033:0x7f4b87518a4d [ 195.798209] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.798719] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.799327] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.799873] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.800430] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.800977] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.801541] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.802100] [ 195.802283] irq event stamp: 0 [ 195.802565] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.803056] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.803724] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.804359] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.804847] ---[ end trace 0000000000000000 ]--- [ 195.805524] ------------[ cut here ]------------ [ 195.805897] WARNING: CPU: 1 PID: 1862 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.806699] Modules linked in: [ 195.806959] CPU: 1 PID: 1862 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.807633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.808479] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.808870] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.810256] RSP: 0018:ffff88800af3fb78 EFLAGS: 00010246 [ 195.810674] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.811229] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 195.811762] RBP: ffff88800af3fb98 R08: ffffed100488223e R09: ffffed100488223e [ 195.812307] R10: ffff8880244111ef R11: ffffed100488223d R12: ffff888024411290 [ 195.812834] R13: ffff8880244110a8 R14: ffffffffffffffff R15: ffff88800af3fc60 [ 195.813379] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.813976] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.814419] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.814981] PKRU: 55555554 [ 195.815205] Call Trace: [ 195.815412] [ 195.815585] iommufd_ioas_destroy+0x53/0x70 [ 195.815917] iommufd_fops_release+0x1f7/0x370 [ 195.816265] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.816656] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.817028] ? write_comp_data+0x2f/0x90 [ 195.817341] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.817731] __fput+0x26d/0xa40 [ 195.817994] ____fput+0x1e/0x30 [ 195.818251] task_work_run+0x1a4/0x2d0 [ 195.818568] ? __pfx_task_work_run+0x10/0x10 [ 195.818917] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.819301] ? switch_task_namespaces+0xa9/0xe0 [ 195.819667] do_exit+0xb17/0x2ef0 [ 195.819938] ? lock_acquire+0x427/0x4c0 [ 195.820245] ? __pfx_lock_release+0x10/0x10 [ 195.820575] ? __kasan_check_write+0x18/0x20 [ 195.820924] ? do_raw_spin_lock+0x132/0x2a0 [ 195.821251] ? __pfx_do_exit+0x10/0x10 [ 195.821553] ? debug_smp_processor_id+0x20/0x30 [ 195.821914] ? rcu_is_watching+0x19/0xb0 [ 195.822220] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.822586] ? trace_hardirqs_on+0x26/0x120 [ 195.822930] do_group_exit+0xe0/0x2b0 [ 195.823232] __x64_sys_exit_group+0x47/0x50 [ 195.823556] do_syscall_64+0x3b/0x90 [ 195.823847] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.824257] RIP: 0033:0x7f4b87518a4d [ 195.824540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.825007] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.825589] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.826130] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.826710] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.827268] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.827808] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.828361] [ 195.828540] irq event stamp: 0 [ 195.828778] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.829249] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.829892] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.830554] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.831030] ---[ end trace 0000000000000000 ]--- [ 195.835100] ------------[ cut here ]------------ [ 195.835495] WARNING: CPU: 1 PID: 1863 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.836268] Modules linked in: [ 195.836510] CPU: 1 PID: 1863 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.837175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.838010] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.838398] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.839954] RSP: 0018:ffff88801840fbb8 EFLAGS: 00010246 [ 195.840375] RAX: 0000000000000000 RBX: ffff888011ee98a8 RCX: 0000000000000000 [ 195.840910] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 195.841453] RBP: ffff88801840fbd0 R08: ffffed10023dd333 R09: ffffed10023dd333 [ 195.841983] R10: ffff888011ee9993 R11: ffffed10023dd332 R12: ffff888013a02800 [ 195.842528] R13: ffff888011ee99e8 R14: ffffffff8352e670 R15: ffff88801840fe68 [ 195.843055] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.843663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.844088] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 195.844623] PKRU: 55555554 [ 195.844832] Call Trace: [ 195.845023] [ 195.845194] __iommufd_access_detach+0x1c2/0x2b0 [ 195.845556] iommufd_access_change_pt+0x149/0x270 [ 195.845932] iommufd_access_replace+0xb4/0x120 [ 195.846283] iommufd_test+0x3e5/0x37e0 [ 195.846590] ? lock_release+0x532/0x770 [ 195.846909] ? __might_fault+0x102/0x1b0 [ 195.847228] ? lock_acquire+0x427/0x4c0 [ 195.847534] ? __pfx_iommufd_test+0x10/0x10 [ 195.847862] ? __pfx_lock_release+0x10/0x10 [ 195.848190] ? __pfx_lock_acquire+0x10/0x10 [ 195.848519] ? write_comp_data+0x2f/0x90 [ 195.848836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.849209] ? write_comp_data+0x2f/0x90 [ 195.849521] iommufd_fops_ioctl+0x37d/0x510 [ 195.849845] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.850220] ? write_comp_data+0x2f/0x90 [ 195.850547] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.850910] __x64_sys_ioctl+0x1a3/0x230 [ 195.851244] do_syscall_64+0x3b/0x90 [ 195.851537] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.851929] RIP: 0033:0x7f4b8743ee5d [ 195.852217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.853566] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.854126] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.854679] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.855219] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.855752] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.856271] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.856815] [ 195.856990] irq event stamp: 0 [ 195.857221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.857696] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.858307] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.858946] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.859423] ---[ end trace 0000000000000000 ]--- [ 195.862046] ------------[ cut here ]------------ [ 195.862430] WARNING: CPU: 1 PID: 1863 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.863219] Modules linked in: [ 195.863459] CPU: 1 PID: 1863 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.864110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.864933] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.865311] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.866675] RSP: 0018:ffff88801840fbd0 EFLAGS: 00010246 [ 195.867071] RAX: 0000000000000000 RBX: ffff888011ee98a8 RCX: 0000000000000000 [ 195.867620] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 195.868138] RBP: ffff88801840fbe8 R08: ffffed10023dd333 R09: ffffed10023dd333 [ 195.868679] R10: ffff888011ee9993 R11: ffffed10023dd332 R12: ffff88800f74cc00 [ 195.869200] R13: ffff888011ee99e8 R14: ffff8880122fb600 R15: 0000000000000000 [ 195.869732] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.870321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.870782] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.871318] PKRU: 55555554 [ 195.871541] Call Trace: [ 195.871734] [ 195.871902] iommufd_access_destroy_object+0x65/0x170 [ 195.872286] iommufd_object_destroy_user+0x18e/0x220 [ 195.872677] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.873109] iommufd_access_destroy+0x43/0x70 [ 195.873449] iommufd_test_staccess_release+0x8d/0xd0 [ 195.873841] __fput+0x26d/0xa40 [ 195.874099] ____fput+0x1e/0x30 [ 195.874351] task_work_run+0x1a4/0x2d0 [ 195.874666] ? __pfx_task_work_run+0x10/0x10 [ 195.875008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.875383] ? switch_task_namespaces+0xa9/0xe0 [ 195.875739] do_exit+0xb17/0x2ef0 [ 195.876009] ? lock_acquire+0x427/0x4c0 [ 195.876317] ? __pfx_lock_release+0x10/0x10 [ 195.876640] ? __kasan_check_write+0x18/0x20 [ 195.876980] ? do_raw_spin_lock+0x132/0x2a0 [ 195.877300] ? __pfx_do_exit+0x10/0x10 [ 195.877595] ? debug_smp_processor_id+0x20/0x30 [ 195.877944] ? rcu_is_watching+0x19/0xb0 [ 195.878253] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.878606] ? trace_hardirqs_on+0x26/0x120 [ 195.878935] do_group_exit+0xe0/0x2b0 [ 195.879241] __x64_sys_exit_group+0x47/0x50 [ 195.879564] do_syscall_64+0x3b/0x90 [ 195.879850] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.880248] RIP: 0033:0x7f4b87518a4d [ 195.880525] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.880976] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.881546] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.882074] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.882627] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.883161] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.883696] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.884226] [ 195.884404] irq event stamp: 0 [ 195.884652] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.885122] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.885753] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.886370] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.886861] ---[ end trace 0000000000000000 ]--- [ 195.887519] ------------[ cut here ]------------ [ 195.887884] WARNING: CPU: 1 PID: 1863 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.888641] Modules linked in: [ 195.888894] CPU: 1 PID: 1863 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.889537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.890375] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.890775] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.892157] RSP: 0018:ffff88801840fb78 EFLAGS: 00010246 [ 195.892554] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.893082] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 195.893614] RBP: ffff88801840fb98 R08: ffffed10023dd33e R09: ffffed10023dd33e [ 195.894143] R10: ffff888011ee99ef R11: ffffed10023dd33d R12: ffff888011ee9a90 [ 195.894694] R13: ffff888011ee98a8 R14: ffffffffffffffff R15: ffff88801840fc60 [ 195.895227] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.895827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.896258] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 195.896800] PKRU: 55555554 [ 195.897011] Call Trace: [ 195.897202] [ 195.897370] iommufd_ioas_destroy+0x53/0x70 [ 195.897709] iommufd_fops_release+0x1f7/0x370 [ 195.898049] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.898425] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.898824] ? write_comp_data+0x2f/0x90 [ 195.899147] ? __pfx_iommufd_fops_release+0x10/0x10 [ 195.899520] __fput+0x26d/0xa40 [ 195.899793] ____fput+0x1e/0x30 [ 195.900048] task_work_run+0x1a4/0x2d0 [ 195.900349] ? __pfx_task_work_run+0x10/0x10 [ 195.900694] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.901063] ? switch_task_namespaces+0xa9/0xe0 [ 195.901418] do_exit+0xb17/0x2ef0 [ 195.901677] ? lock_acquire+0x427/0x4c0 [ 195.901993] ? __pfx_lock_release+0x10/0x10 [ 195.902320] ? __kasan_check_write+0x18/0x20 [ 195.902675] ? do_raw_spin_lock+0x132/0x2a0 [ 195.903013] ? __pfx_do_exit+0x10/0x10 [ 195.903325] ? debug_smp_processor_id+0x20/0x30 [ 195.903674] ? rcu_is_watching+0x19/0xb0 [ 195.903987] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.904325] ? trace_hardirqs_on+0x26/0x120 [ 195.904652] do_group_exit+0xe0/0x2b0 [ 195.904936] __x64_sys_exit_group+0x47/0x50 [ 195.905270] do_syscall_64+0x3b/0x90 [ 195.905555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.905943] RIP: 0033:0x7f4b87518a4d [ 195.906231] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.906700] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.907287] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.907814] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.908357] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.909253] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.909801] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.910329] [ 195.910533] irq event stamp: 0 [ 195.910816] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.911330] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.911954] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.912598] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.913128] ---[ end trace 0000000000000000 ]--- [ 195.918072] ------------[ cut here ]------------ [ 195.918615] WARNING: CPU: 1 PID: 1864 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.919653] Modules linked in: [ 195.920029] CPU: 1 PID: 1864 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.920889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.922085] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.922634] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.924576] RSP: 0018:ffff888021a5fbb8 EFLAGS: 00010246 [ 195.925195] RAX: 0000000000000000 RBX: ffff88800e8388a8 RCX: 0000000000000000 [ 195.925924] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 195.926675] RBP: ffff888021a5fbd0 R08: ffffed1001d07133 R09: ffffed1001d07133 [ 195.927492] R10: ffff88800e838993 R11: ffffed1001d07132 R12: ffff888012e91000 [ 195.928219] R13: ffff88800e8389e8 R14: ffffffff8352e670 R15: ffff888021a5fe68 [ 195.929064] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.929888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.930566] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 195.931310] PKRU: 55555554 [ 195.931542] Call Trace: [ 195.931744] [ 195.931921] __iommufd_access_detach+0x1c2/0x2b0 [ 195.932342] iommufd_access_change_pt+0x149/0x270 [ 195.932828] iommufd_access_replace+0xb4/0x120 [ 195.933214] iommufd_test+0x3e5/0x37e0 [ 195.933537] ? lock_release+0x532/0x770 [ 195.933875] ? __might_fault+0x102/0x1b0 [ 195.934257] ? lock_acquire+0x427/0x4c0 [ 195.934680] ? __pfx_iommufd_test+0x10/0x10 [ 195.935036] ? __pfx_lock_release+0x10/0x10 [ 195.935417] ? __pfx_lock_acquire+0x10/0x10 [ 195.935788] ? write_comp_data+0x2f/0x90 [ 195.936195] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.936671] ? write_comp_data+0x2f/0x90 [ 195.937017] iommufd_fops_ioctl+0x37d/0x510 [ 195.937376] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.937783] ? write_comp_data+0x2f/0x90 [ 195.938250] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 195.938671] __x64_sys_ioctl+0x1a3/0x230 [ 195.939021] do_syscall_64+0x3b/0x90 [ 195.939352] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.939798] RIP: 0033:0x7f4b8743ee5d [ 195.940203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 195.941732] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 195.942419] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 195.943043] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 195.943732] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 195.944439] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 195.945055] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 195.945805] [ 195.946016] irq event stamp: 0 [ 195.946294] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.946866] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.947640] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.948466] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.949021] ---[ end trace 0000000000000000 ]--- [ 195.953987] ------------[ cut here ]------------ [ 195.954478] WARNING: CPU: 1 PID: 1864 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 195.955506] Modules linked in: [ 195.955954] CPU: 1 PID: 1864 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.956757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.957956] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 195.958421] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 195.960298] RSP: 0018:ffff888021a5fbd0 EFLAGS: 00010246 [ 195.960794] RAX: 0000000000000000 RBX: ffff88800e8388a8 RCX: 0000000000000000 [ 195.961448] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 195.962275] RBP: ffff888021a5fbe8 R08: ffffed1001d07133 R09: ffffed1001d07133 [ 195.962944] R10: ffff88800e838993 R11: ffffed1001d07132 R12: ffff888013a03c00 [ 195.963619] R13: ffff88800e8389e8 R14: ffff8880209b7300 R15: 0000000000000000 [ 195.964450] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 195.965207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.965751] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 195.966589] PKRU: 55555554 [ 195.966865] Call Trace: [ 195.967108] [ 195.967331] iommufd_access_destroy_object+0x65/0x170 [ 195.967823] iommufd_object_destroy_user+0x18e/0x220 [ 195.968303] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 195.968848] iommufd_access_destroy+0x43/0x70 [ 195.969428] iommufd_test_staccess_release+0x8d/0xd0 [ 195.969917] __fput+0x26d/0xa40 [ 195.970251] ____fput+0x1e/0x30 [ 195.970603] task_work_run+0x1a4/0x2d0 [ 195.971002] ? __pfx_task_work_run+0x10/0x10 [ 195.971455] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 195.972081] ? switch_task_namespaces+0xa9/0xe0 [ 195.972538] do_exit+0xb17/0x2ef0 [ 195.972869] ? lock_acquire+0x427/0x4c0 [ 195.973261] ? __pfx_lock_release+0x10/0x10 [ 195.973748] ? __kasan_check_write+0x18/0x20 [ 195.974354] ? do_raw_spin_lock+0x132/0x2a0 [ 195.974847] ? __pfx_do_exit+0x10/0x10 [ 195.975284] ? debug_smp_processor_id+0x20/0x30 [ 195.975770] ? rcu_is_watching+0x19/0xb0 [ 195.976199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 195.976772] ? trace_hardirqs_on+0x26/0x120 [ 195.977320] do_group_exit+0xe0/0x2b0 [ 195.977712] __x64_sys_exit_group+0x47/0x50 [ 195.978154] do_syscall_64+0x3b/0x90 [ 195.978579] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 195.979215] RIP: 0033:0x7f4b87518a4d [ 195.979780] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 195.980415] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 195.981193] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 195.982125] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 195.982884] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 195.983631] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 195.984518] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 195.985256] [ 195.985497] irq event stamp: 0 [ 195.985819] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 195.986598] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 195.987559] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 195.988401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 195.989149] ---[ end trace 0000000000000000 ]--- [ 195.990134] ------------[ cut here ]------------ [ 195.990686] WARNING: CPU: 1 PID: 1864 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 195.991842] Modules linked in: [ 195.992279] CPU: 1 PID: 1864 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 195.993162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 195.994493] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 195.995096] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 195.997215] RSP: 0018:ffff888021a5fb78 EFLAGS: 00010246 [ 195.997766] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 195.998494] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 195.999383] RBP: ffff888021a5fb98 R08: ffffed1001d0713e R09: ffffed1001d0713e [ 196.000204] R10: ffff88800e8389ef R11: ffffed1001d0713d R12: ffff88800e838a90 [ 196.000931] R13: ffff88800e8388a8 R14: ffffffffffffffff R15: ffff888021a5fc60 [ 196.001765] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.002725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.003330] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 196.004095] PKRU: 55555554 [ 196.004510] Call Trace: [ 196.004769] [ 196.004998] iommufd_ioas_destroy+0x53/0x70 [ 196.005450] iommufd_fops_release+0x1f7/0x370 [ 196.005913] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.006610] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.007128] ? write_comp_data+0x2f/0x90 [ 196.007556] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.008072] __fput+0x26d/0xa40 [ 196.008430] ____fput+0x1e/0x30 [ 196.008820] task_work_run+0x1a4/0x2d0 [ 196.009373] ? __pfx_task_work_run+0x10/0x10 [ 196.009830] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.010341] ? switch_task_namespaces+0xa9/0xe0 [ 196.010874] do_exit+0xb17/0x2ef0 [ 196.011250] ? lock_acquire+0x427/0x4c0 [ 196.011764] ? __pfx_lock_release+0x10/0x10 [ 196.012327] ? __kasan_check_write+0x18/0x20 [ 196.012790] ? do_raw_spin_lock+0x132/0x2a0 [ 196.013233] ? __pfx_do_exit+0x10/0x10 [ 196.013669] ? debug_smp_processor_id+0x20/0x30 [ 196.014301] ? rcu_is_watching+0x19/0xb0 [ 196.014769] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.015288] ? trace_hardirqs_on+0x26/0x120 [ 196.015755] do_group_exit+0xe0/0x2b0 [ 196.016161] __x64_sys_exit_group+0x47/0x50 [ 196.016788] do_syscall_64+0x3b/0x90 [ 196.017185] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.017737] RIP: 0033:0x7f4b87518a4d [ 196.018127] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.018832] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.019774] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.020520] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.021257] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.022209] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.022972] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.023733] [ 196.023978] irq event stamp: 0 [ 196.024383] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.025139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.026013] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.027160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.027830] ---[ end trace 0000000000000000 ]--- [ 196.033267] ------------[ cut here ]------------ [ 196.033826] WARNING: CPU: 1 PID: 1865 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.035133] Modules linked in: [ 196.035474] CPU: 1 PID: 1865 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.036370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.037730] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.038242] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.040539] RSP: 0018:ffff888015a4fbb8 EFLAGS: 00010246 [ 196.041098] RAX: 0000000000000000 RBX: ffff888011f618a8 RCX: 0000000000000000 [ 196.041834] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 196.042599] RBP: ffff888015a4fbd0 R08: ffffed10023ec333 R09: ffffed10023ec333 [ 196.043398] R10: ffff888011f61993 R11: ffffed10023ec332 R12: ffff88800a725400 [ 196.044133] R13: ffff888011f619e8 R14: ffffffff8352e670 R15: ffff888015a4fe68 [ 196.044957] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.046121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.046801] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 196.047562] PKRU: 55555554 [ 196.047859] Call Trace: [ 196.048145] [ 196.048388] __iommufd_access_detach+0x1c2/0x2b0 [ 196.048907] iommufd_access_change_pt+0x149/0x270 [ 196.049425] iommufd_access_replace+0xb4/0x120 [ 196.049997] iommufd_test+0x3e5/0x37e0 [ 196.050569] ? lock_release+0x532/0x770 [ 196.051171] ? __might_fault+0x102/0x1b0 [ 196.051604] ? lock_acquire+0x427/0x4c0 [ 196.052026] ? __pfx_iommufd_test+0x10/0x10 [ 196.052480] ? __pfx_lock_release+0x10/0x10 [ 196.052938] ? __pfx_lock_acquire+0x10/0x10 [ 196.053393] ? write_comp_data+0x2f/0x90 [ 196.053826] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.054329] ? write_comp_data+0x2f/0x90 [ 196.054812] iommufd_fops_ioctl+0x37d/0x510 [ 196.055299] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.055845] ? write_comp_data+0x2f/0x90 [ 196.056486] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.057001] __x64_sys_ioctl+0x1a3/0x230 [ 196.057438] do_syscall_64+0x3b/0x90 [ 196.057838] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.058403] RIP: 0033:0x7f4b8743ee5d [ 196.058838] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.060876] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.061990] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.062769] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.063534] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.064312] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.065068] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.065951] [ 196.066317] irq event stamp: 0 [ 196.066857] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.067542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.068410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.069267] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.069919] ---[ end trace 0000000000000000 ]--- [ 196.073427] ------------[ cut here ]------------ [ 196.073981] WARNING: CPU: 1 PID: 1865 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.075201] Modules linked in: [ 196.075690] CPU: 1 PID: 1865 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.076581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.077739] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.078265] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.080615] RSP: 0018:ffff888015a4fbd0 EFLAGS: 00010246 [ 196.081180] RAX: 0000000000000000 RBX: ffff888011f618a8 RCX: 0000000000000000 [ 196.081914] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 196.082664] RBP: ffff888015a4fbe8 R08: ffffed10023ec333 R09: ffffed10023ec333 [ 196.083424] R10: ffff888011f61993 R11: ffffed10023ec332 R12: ffff888012e92400 [ 196.084165] R13: ffff888011f619e8 R14: ffff888013596d00 R15: 0000000000000000 [ 196.085118] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.086105] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.086752] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 196.087514] PKRU: 55555554 [ 196.087812] Call Trace: [ 196.088080] [ 196.088321] iommufd_access_destroy_object+0x65/0x170 [ 196.088874] iommufd_object_destroy_user+0x18e/0x220 [ 196.089543] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.090416] iommufd_access_destroy+0x43/0x70 [ 196.090965] iommufd_test_staccess_release+0x8d/0xd0 [ 196.091523] __fput+0x26d/0xa40 [ 196.091889] ____fput+0x1e/0x30 [ 196.092243] task_work_run+0x1a4/0x2d0 [ 196.092657] ? __pfx_task_work_run+0x10/0x10 [ 196.093120] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.093627] ? switch_task_namespaces+0xa9/0xe0 [ 196.094179] do_exit+0xb17/0x2ef0 [ 196.094713] ? lock_acquire+0x427/0x4c0 [ 196.095225] ? __pfx_lock_release+0x10/0x10 [ 196.095682] ? __kasan_check_write+0x18/0x20 [ 196.096144] ? do_raw_spin_lock+0x132/0x2a0 [ 196.096584] ? __pfx_do_exit+0x10/0x10 [ 196.096998] ? debug_smp_processor_id+0x20/0x30 [ 196.097477] ? rcu_is_watching+0x19/0xb0 [ 196.097904] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.098400] ? trace_hardirqs_on+0x26/0x120 [ 196.098964] do_group_exit+0xe0/0x2b0 [ 196.099527] __x64_sys_exit_group+0x47/0x50 [ 196.100155] do_syscall_64+0x3b/0x90 [ 196.100560] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.101107] RIP: 0033:0x7f4b87518a4d [ 196.101490] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.102127] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.102961] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.103727] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.104559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.105547] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.106300] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.107104] [ 196.107371] irq event stamp: 0 [ 196.107704] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.108361] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.109353] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.110606] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.111276] ---[ end trace 0000000000000000 ]--- [ 196.112224] ------------[ cut here ]------------ [ 196.112716] WARNING: CPU: 1 PID: 1865 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.113791] Modules linked in: [ 196.114182] CPU: 1 PID: 1865 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.115533] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.116712] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.117254] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.119236] RSP: 0018:ffff888015a4fb78 EFLAGS: 00010246 [ 196.119835] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.120817] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 196.121764] RBP: ffff888015a4fb98 R08: ffffed10023ec33e R09: ffffed10023ec33e [ 196.122501] R10: ffff888011f619ef R11: ffffed10023ec33d R12: ffff888011f61a90 [ 196.123300] R13: ffff888011f618a8 R14: ffffffffffffffff R15: ffff888015a4fc60 [ 196.124034] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.124864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.125466] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 196.126197] PKRU: 55555554 [ 196.126493] Call Trace: [ 196.126803] [ 196.127042] iommufd_ioas_destroy+0x53/0x70 [ 196.127531] iommufd_fops_release+0x1f7/0x370 [ 196.128009] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.128526] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.129035] ? write_comp_data+0x2f/0x90 [ 196.129460] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.129979] __fput+0x26d/0xa40 [ 196.130334] ____fput+0x1e/0x30 [ 196.130727] task_work_run+0x1a4/0x2d0 [ 196.131155] ? __pfx_task_work_run+0x10/0x10 [ 196.131622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.132133] ? switch_task_namespaces+0xa9/0xe0 [ 196.132632] do_exit+0xb17/0x2ef0 [ 196.133003] ? lock_acquire+0x427/0x4c0 [ 196.133423] ? __pfx_lock_release+0x10/0x10 [ 196.133883] ? __kasan_check_write+0x18/0x20 [ 196.134348] ? do_raw_spin_lock+0x132/0x2a0 [ 196.134837] ? __pfx_do_exit+0x10/0x10 [ 196.135277] ? debug_smp_processor_id+0x20/0x30 [ 196.135770] ? rcu_is_watching+0x19/0xb0 [ 196.136232] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.136721] ? trace_hardirqs_on+0x26/0x120 [ 196.137180] do_group_exit+0xe0/0x2b0 [ 196.137586] __x64_sys_exit_group+0x47/0x50 [ 196.138040] do_syscall_64+0x3b/0x90 [ 196.138437] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.139025] RIP: 0033:0x7f4b87518a4d [ 196.139437] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.140080] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.140862] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.141599] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.142342] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.143134] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.143871] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.144609] [ 196.144851] irq event stamp: 0 [ 196.145181] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.145832] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.146727] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.147596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.148239] ---[ end trace 0000000000000000 ]--- [ 196.153639] ------------[ cut here ]------------ [ 196.154176] WARNING: CPU: 1 PID: 1866 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.155316] Modules linked in: [ 196.155646] CPU: 1 PID: 1866 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.156543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.157716] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.158235] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.160160] RSP: 0018:ffff8880161ffbb8 EFLAGS: 00010246 [ 196.160735] RAX: 0000000000000000 RBX: ffff888015d290a8 RCX: 0000000000000000 [ 196.161471] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 196.162224] RBP: ffff8880161ffbd0 R08: ffffed1002ba5233 R09: ffffed1002ba5233 [ 196.163007] R10: ffff888015d29193 R11: ffffed1002ba5232 R12: ffff88801890e400 [ 196.163760] R13: ffff888015d291e8 R14: ffffffff8352e670 R15: ffff8880161ffe68 [ 196.164493] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.165325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.165929] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 196.166712] PKRU: 55555554 [ 196.167011] Call Trace: [ 196.167296] [ 196.167534] __iommufd_access_detach+0x1c2/0x2b0 [ 196.168049] iommufd_access_change_pt+0x149/0x270 [ 196.168559] iommufd_access_replace+0xb4/0x120 [ 196.169047] iommufd_test+0x3e5/0x37e0 [ 196.169461] ? lock_release+0x532/0x770 [ 196.170113] ? __might_fault+0x102/0x1b0 [ 196.171004] ? lock_acquire+0x427/0x4c0 [ 196.171463] ? __pfx_iommufd_test+0x10/0x10 [ 196.171903] ? __pfx_lock_release+0x10/0x10 [ 196.172355] ? __pfx_lock_acquire+0x10/0x10 [ 196.172812] ? write_comp_data+0x2f/0x90 [ 196.173241] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.173746] ? write_comp_data+0x2f/0x90 [ 196.174175] iommufd_fops_ioctl+0x37d/0x510 [ 196.174670] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.175198] ? write_comp_data+0x2f/0x90 [ 196.175634] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.176329] __x64_sys_ioctl+0x1a3/0x230 [ 196.177290] do_syscall_64+0x3b/0x90 [ 196.177693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.178227] RIP: 0033:0x7f4b8743ee5d [ 196.178668] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.180560] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.181347] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.182340] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.183425] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.184174] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.184917] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.185653] [ 196.185898] irq event stamp: 0 [ 196.186223] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.186904] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.187792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.188918] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.189792] ---[ end trace 0000000000000000 ]--- [ 196.193086] ------------[ cut here ]------------ [ 196.193749] WARNING: CPU: 1 PID: 1866 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.195156] Modules linked in: [ 196.195499] CPU: 1 PID: 1866 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.196409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.197565] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.198089] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.200498] RSP: 0018:ffff8880161ffbd0 EFLAGS: 00010246 [ 196.201066] RAX: 0000000000000000 RBX: ffff888015d290a8 RCX: 0000000000000000 [ 196.201798] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 196.202563] RBP: ffff8880161ffbe8 R08: ffffed1002ba5233 R09: ffffed1002ba5233 [ 196.203324] R10: ffff888015d29193 R11: ffffed1002ba5232 R12: ffff88800a726800 [ 196.204066] R13: ffff888015d291e8 R14: ffff888012f91900 R15: 0000000000000000 [ 196.204930] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.206030] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.206878] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.207647] PKRU: 55555554 [ 196.207950] Call Trace: [ 196.208223] [ 196.208465] iommufd_access_destroy_object+0x65/0x170 [ 196.209014] iommufd_object_destroy_user+0x18e/0x220 [ 196.209554] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.210177] iommufd_access_destroy+0x43/0x70 [ 196.210866] iommufd_test_staccess_release+0x8d/0xd0 [ 196.211607] __fput+0x26d/0xa40 [ 196.211984] ____fput+0x1e/0x30 [ 196.212347] task_work_run+0x1a4/0x2d0 [ 196.212772] ? __pfx_task_work_run+0x10/0x10 [ 196.213256] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.213783] ? switch_task_namespaces+0xa9/0xe0 [ 196.214283] do_exit+0xb17/0x2ef0 [ 196.214709] ? lock_acquire+0x427/0x4c0 [ 196.215161] ? __pfx_lock_release+0x10/0x10 [ 196.215633] ? __kasan_check_write+0x18/0x20 [ 196.216109] ? do_raw_spin_lock+0x132/0x2a0 [ 196.216659] ? __pfx_do_exit+0x10/0x10 [ 196.217224] ? debug_smp_processor_id+0x20/0x30 [ 196.217718] ? rcu_is_watching+0x19/0xb0 [ 196.218153] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.218677] ? trace_hardirqs_on+0x26/0x120 [ 196.219159] do_group_exit+0xe0/0x2b0 [ 196.219574] __x64_sys_exit_group+0x47/0x50 [ 196.220025] do_syscall_64+0x3b/0x90 [ 196.220430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.220983] RIP: 0033:0x7f4b87518a4d [ 196.221436] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.222358] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.223206] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.223951] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.224697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.225441] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.226186] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.227217] [ 196.227600] irq event stamp: 0 [ 196.227952] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.228615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.229494] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.230366] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.231072] ---[ end trace 0000000000000000 ]--- [ 196.231994] ------------[ cut here ]------------ [ 196.232595] WARNING: CPU: 1 PID: 1866 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.233965] Modules linked in: [ 196.234305] CPU: 1 PID: 1866 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.235290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.236479] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.237035] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.239469] RSP: 0018:ffff8880161ffb78 EFLAGS: 00010246 [ 196.240030] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.240768] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 196.241509] RBP: ffff8880161ffb98 R08: ffffed1002ba523e R09: ffffed1002ba523e [ 196.242265] R10: ffff888015d291ef R11: ffffed1002ba523d R12: ffff888015d29290 [ 196.243205] R13: ffff888015d290a8 R14: ffffffffffffffff R15: ffff8880161ffc60 [ 196.244177] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.245025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.245641] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.246386] PKRU: 55555554 [ 196.246728] Call Trace: [ 196.247004] [ 196.247270] iommufd_ioas_destroy+0x53/0x70 [ 196.247741] iommufd_fops_release+0x1f7/0x370 [ 196.248232] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.248909] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.249687] ? write_comp_data+0x2f/0x90 [ 196.250150] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.250740] __fput+0x26d/0xa40 [ 196.251105] ____fput+0x1e/0x30 [ 196.251475] task_work_run+0x1a4/0x2d0 [ 196.251894] ? __pfx_task_work_run+0x10/0x10 [ 196.252363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.252880] ? switch_task_namespaces+0xa9/0xe0 [ 196.253391] do_exit+0xb17/0x2ef0 [ 196.253880] ? lock_acquire+0x427/0x4c0 [ 196.254492] ? __pfx_lock_release+0x10/0x10 [ 196.254994] ? __kasan_check_write+0x18/0x20 [ 196.255484] ? do_raw_spin_lock+0x132/0x2a0 [ 196.255947] ? __pfx_do_exit+0x10/0x10 [ 196.256373] ? debug_smp_processor_id+0x20/0x30 [ 196.256879] ? rcu_is_watching+0x19/0xb0 [ 196.257313] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.257809] ? trace_hardirqs_on+0x26/0x120 [ 196.258311] do_group_exit+0xe0/0x2b0 [ 196.258957] __x64_sys_exit_group+0x47/0x50 [ 196.259564] do_syscall_64+0x3b/0x90 [ 196.259976] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.260540] RIP: 0033:0x7f4b87518a4d [ 196.260939] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.261595] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.262401] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.263225] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.264106] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.265010] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.265773] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.266584] [ 196.266837] irq event stamp: 0 [ 196.267202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.267887] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.268883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.270003] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.270756] ---[ end trace 0000000000000000 ]--- [ 196.276315] ------------[ cut here ]------------ [ 196.276921] WARNING: CPU: 1 PID: 1867 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.278268] Modules linked in: [ 196.278675] CPU: 1 PID: 1867 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.279637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.280838] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.281371] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.283775] RSP: 0018:ffff888021a5fbb8 EFLAGS: 00010246 [ 196.284345] RAX: 0000000000000000 RBX: ffff888017b378a8 RCX: 0000000000000000 [ 196.285104] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 196.285860] RBP: ffff888021a5fbd0 R08: ffffed1002f66f33 R09: ffffed1002f66f33 [ 196.286819] R10: ffff888017b37993 R11: ffffed1002f66f32 R12: ffff8880138b0000 [ 196.287768] R13: ffff888017b379e8 R14: ffffffff8352e670 R15: ffff888021a5fe68 [ 196.288546] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.289405] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.290015] CR2: 00007f4b877410e8 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 196.290804] PKRU: 55555554 [ 196.291210] Call Trace: [ 196.291559] [ 196.291880] __iommufd_access_detach+0x1c2/0x2b0 [ 196.292635] iommufd_access_change_pt+0x149/0x270 [ 196.293158] iommufd_access_replace+0xb4/0x120 [ 196.293654] iommufd_test+0x3e5/0x37e0 [ 196.294067] ? lock_release+0x532/0x770 [ 196.294494] ? __might_fault+0x102/0x1b0 [ 196.294970] ? lock_acquire+0x427/0x4c0 [ 196.295429] ? __pfx_iommufd_test+0x10/0x10 [ 196.295888] ? __pfx_lock_release+0x10/0x10 [ 196.296355] ? __pfx_lock_acquire+0x10/0x10 [ 196.296865] ? write_comp_data+0x2f/0x90 [ 196.297439] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.298203] ? write_comp_data+0x2f/0x90 [ 196.298738] iommufd_fops_ioctl+0x37d/0x510 [ 196.299228] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.299745] ? write_comp_data+0x2f/0x90 [ 196.300189] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.300713] __x64_sys_ioctl+0x1a3/0x230 [ 196.301154] do_syscall_64+0x3b/0x90 [ 196.301569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.302126] RIP: 0033:0x7f4b8743ee5d [ 196.302675] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.304827] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.305639] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.306386] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.307273] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.308033] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.308781] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.309533] [ 196.309780] irq event stamp: 0 [ 196.310112] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.310802] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.311687] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.312560] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.313219] ---[ end trace 0000000000000000 ]--- [ 196.316715] ------------[ cut here ]------------ [ 196.317255] WARNING: CPU: 1 PID: 1867 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.318298] Modules linked in: [ 196.318680] CPU: 1 PID: 1867 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.319589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.320757] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.321276] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.323212] RSP: 0018:ffff888021a5fbd0 EFLAGS: 00010246 [ 196.323773] RAX: 0000000000000000 RBX: ffff888017b378a8 RCX: 0000000000000000 [ 196.324514] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 196.325265] RBP: ffff888021a5fbe8 R08: ffffed1002f66f33 R09: ffffed1002f66f33 [ 196.326006] R10: ffff888017b37993 R11: ffffed1002f66f32 R12: ffff88801890d400 [ 196.326795] R13: ffff888017b379e8 R14: ffff8880149ba900 R15: 0000000000000000 [ 196.327570] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.328413] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.329023] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.329763] PKRU: 55555554 [ 196.330059] Call Trace: [ 196.330326] [ 196.330596] iommufd_access_destroy_object+0x65/0x170 [ 196.331163] iommufd_object_destroy_user+0x18e/0x220 [ 196.331707] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.332319] iommufd_access_destroy+0x43/0x70 [ 196.332807] iommufd_test_staccess_release+0x8d/0xd0 [ 196.333352] __fput+0x26d/0xa40 [ 196.333720] ____fput+0x1e/0x30 [ 196.334083] task_work_run+0x1a4/0x2d0 [ 196.334546] ? __pfx_task_work_run+0x10/0x10 [ 196.335019] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.335565] ? switch_task_namespaces+0xa9/0xe0 [ 196.336090] do_exit+0xb17/0x2ef0 [ 196.336464] ? lock_acquire+0x427/0x4c0 [ 196.336900] ? __pfx_lock_release+0x10/0x10 [ 196.337364] ? __kasan_check_write+0x18/0x20 [ 196.337843] ? do_raw_spin_lock+0x132/0x2a0 [ 196.338303] ? __pfx_do_exit+0x10/0x10 [ 196.338775] ? debug_smp_processor_id+0x20/0x30 [ 196.339292] ? rcu_is_watching+0x19/0xb0 [ 196.339728] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.340208] ? trace_hardirqs_on+0x26/0x120 [ 196.340671] do_group_exit+0xe0/0x2b0 [ 196.341075] __x64_sys_exit_group+0x47/0x50 [ 196.341526] do_syscall_64+0x3b/0x90 [ 196.341924] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.342477] RIP: 0033:0x7f4b87518a4d [ 196.342906] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.343569] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.344362] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.345109] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.345851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.346637] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.347434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.348194] [ 196.348443] irq event stamp: 0 [ 196.348776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.349441] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.350313] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.351235] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.351900] ---[ end trace 0000000000000000 ]--- [ 196.352780] ------------[ cut here ]------------ [ 196.353279] WARNING: CPU: 1 PID: 1867 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.354346] Modules linked in: [ 196.354731] CPU: 1 PID: 1867 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.355664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.356852] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.357399] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.359354] RSP: 0018:ffff888021a5fb78 EFLAGS: 00010246 [ 196.359921] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.360670] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 196.361404] RBP: ffff888021a5fb98 R08: ffffed1002f66f3e R09: ffffed1002f66f3e [ 196.362131] R10: ffff888017b379ef R11: ffffed1002f66f3d R12: ffff888017b37a90 [ 196.362889] R13: ffff888017b378a8 R14: ffffffffffffffff R15: ffff888021a5fc60 [ 196.363647] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.364478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.365089] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.365823] PKRU: 55555554 [ 196.366120] Call Trace: [ 196.366395] [ 196.366657] iommufd_ioas_destroy+0x53/0x70 [ 196.367128] iommufd_fops_release+0x1f7/0x370 [ 196.367609] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.368136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.368655] ? write_comp_data+0x2f/0x90 [ 196.369085] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.369606] __fput+0x26d/0xa40 [ 196.369959] ____fput+0x1e/0x30 [ 196.370306] task_work_run+0x1a4/0x2d0 [ 196.370750] ? __pfx_task_work_run+0x10/0x10 [ 196.371230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.371737] ? switch_task_namespaces+0xa9/0xe0 [ 196.372228] do_exit+0xb17/0x2ef0 [ 196.372587] ? lock_acquire+0x427/0x4c0 [ 196.373007] ? __pfx_lock_release+0x10/0x10 [ 196.373459] ? __kasan_check_write+0x18/0x20 [ 196.373925] ? do_raw_spin_lock+0x132/0x2a0 [ 196.374375] ? __pfx_do_exit+0x10/0x10 [ 196.374816] ? debug_smp_processor_id+0x20/0x30 [ 196.375315] ? rcu_is_watching+0x19/0xb0 [ 196.375739] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.376213] ? trace_hardirqs_on+0x26/0x120 [ 196.376667] do_group_exit+0xe0/0x2b0 [ 196.377061] __x64_sys_exit_group+0x47/0x50 [ 196.377499] do_syscall_64+0x3b/0x90 [ 196.377893] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.378430] RIP: 0033:0x7f4b87518a4d [ 196.378842] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.379488] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.380265] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.380987] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.381713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.382440] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.383207] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.383954] [ 196.384202] irq event stamp: 0 [ 196.384525] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.385178] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.386041] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.386926] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.387595] ---[ end trace 0000000000000000 ]--- [ 196.392501] ------------[ cut here ]------------ [ 196.393044] WARNING: CPU: 1 PID: 1868 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.394074] Modules linked in: [ 196.394402] CPU: 1 PID: 1868 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.395349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.396506] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.397019] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.398899] RSP: 0018:ffff88800f3afbb8 EFLAGS: 00010246 [ 196.399459] RAX: 0000000000000000 RBX: ffff888016d888a8 RCX: 0000000000000000 [ 196.400183] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 196.400905] RBP: ffff88800f3afbd0 R08: ffffed1002db1133 R09: ffffed1002db1133 [ 196.401633] R10: ffff888016d88993 R11: ffffed1002db1132 R12: ffff8880142f4400 [ 196.402365] R13: ffff888016d889e8 R14: ffffffff8352e670 R15: ffff88800f3afe68 [ 196.403128] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.403966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.404566] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 196.405302] PKRU: 55555554 [ 196.405594] Call Trace: [ 196.405856] [ 196.406088] __iommufd_access_detach+0x1c2/0x2b0 [ 196.406617] iommufd_access_change_pt+0x149/0x270 [ 196.407136] iommufd_access_replace+0xb4/0x120 [ 196.407619] iommufd_test+0x3e5/0x37e0 [ 196.408014] ? lock_release+0x532/0x770 [ 196.408433] ? __might_fault+0x102/0x1b0 [ 196.408858] ? lock_acquire+0x427/0x4c0 [ 196.409276] ? __pfx_iommufd_test+0x10/0x10 [ 196.409711] ? __pfx_lock_release+0x10/0x10 [ 196.410161] ? __pfx_lock_acquire+0x10/0x10 [ 196.410638] ? write_comp_data+0x2f/0x90 [ 196.411071] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.411590] ? write_comp_data+0x2f/0x90 [ 196.412020] iommufd_fops_ioctl+0x37d/0x510 [ 196.412471] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.412976] ? write_comp_data+0x2f/0x90 [ 196.413401] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.413900] __x64_sys_ioctl+0x1a3/0x230 [ 196.414338] do_syscall_64+0x3b/0x90 [ 196.414751] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.415298] RIP: 0033:0x7f4b8743ee5d [ 196.415684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.417543] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.418336] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.419090] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.419825] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.420551] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.421287] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.422025] [ 196.422268] irq event stamp: 0 [ 196.422621] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.423290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.424161] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.425197] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.425993] ---[ end trace 0000000000000000 ]--- [ 196.429162] ------------[ cut here ]------------ [ 196.429866] WARNING: CPU: 1 PID: 1868 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.431158] Modules linked in: [ 196.431490] CPU: 1 PID: 1868 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.432362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.433485] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.433989] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.436427] RSP: 0018:ffff88800f3afbd0 EFLAGS: 00010246 [ 196.436961] RAX: 0000000000000000 RBX: ffff888016d888a8 RCX: 0000000000000000 [ 196.437674] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 196.438390] RBP: ffff88800f3afbe8 R08: ffffed1002db1133 R09: ffffed1002db1133 [ 196.439294] R10: ffff888016d88993 R11: ffffed1002db1132 R12: ffff8880138b3000 [ 196.440128] R13: ffff888016d889e8 R14: ffff88802094e700 R15: 0000000000000000 [ 196.440858] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.441688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.442483] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.443254] PKRU: 55555554 [ 196.443555] Call Trace: [ 196.443817] [ 196.444050] iommufd_access_destroy_object+0x65/0x170 [ 196.444647] iommufd_object_destroy_user+0x18e/0x220 [ 196.445340] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.445940] iommufd_access_destroy+0x43/0x70 [ 196.446415] iommufd_test_staccess_release+0x8d/0xd0 [ 196.447024] __fput+0x26d/0xa40 [ 196.447506] ____fput+0x1e/0x30 [ 196.447853] task_work_run+0x1a4/0x2d0 [ 196.448267] ? __pfx_task_work_run+0x10/0x10 [ 196.448730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.449243] ? switch_task_namespaces+0xa9/0xe0 [ 196.449738] do_exit+0xb17/0x2ef0 [ 196.450232] ? lock_acquire+0x427/0x4c0 [ 196.450750] ? __pfx_lock_release+0x10/0x10 [ 196.451214] ? __kasan_check_write+0x18/0x20 [ 196.451674] ? do_raw_spin_lock+0x132/0x2a0 [ 196.452118] ? __pfx_do_exit+0x10/0x10 [ 196.452527] ? debug_smp_processor_id+0x20/0x30 [ 196.453139] ? rcu_is_watching+0x19/0xb0 [ 196.453653] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.454119] ? trace_hardirqs_on+0x26/0x120 [ 196.454608] do_group_exit+0xe0/0x2b0 [ 196.455008] __x64_sys_exit_group+0x47/0x50 [ 196.455481] do_syscall_64+0x3b/0x90 [ 196.456090] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.456637] RIP: 0033:0x7f4b87518a4d [ 196.457023] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.457655] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.458678] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.459431] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.460164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.461037] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.461886] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.462645] [ 196.462888] irq event stamp: 0 [ 196.463230] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.464090] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.464947] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.465796] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.466679] ---[ end trace 0000000000000000 ]--- [ 196.467542] ------------[ cut here ]------------ [ 196.468025] WARNING: CPU: 1 PID: 1868 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.469287] Modules linked in: [ 196.469631] CPU: 1 PID: 1868 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.470551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.471894] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.472426] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.474500] RSP: 0018:ffff88800f3afb78 EFLAGS: 00010246 [ 196.475080] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.475820] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 196.476679] RBP: ffff88800f3afb98 R08: ffffed1002db113e R09: ffffed1002db113e [ 196.477498] R10: ffff888016d889ef R11: ffffed1002db113d R12: ffff888016d88a90 [ 196.478218] R13: ffff888016d888a8 R14: ffffffffffffffff R15: ffff88800f3afc60 [ 196.479135] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.480028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.480623] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.481353] PKRU: 55555554 [ 196.481761] Call Trace: [ 196.482140] [ 196.482383] iommufd_ioas_destroy+0x53/0x70 [ 196.482862] iommufd_fops_release+0x1f7/0x370 [ 196.483349] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.483859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.484366] ? write_comp_data+0x2f/0x90 [ 196.484984] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.485498] __fput+0x26d/0xa40 [ 196.485852] ____fput+0x1e/0x30 [ 196.486197] task_work_run+0x1a4/0x2d0 [ 196.486638] ? __pfx_task_work_run+0x10/0x10 [ 196.487158] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.487816] ? switch_task_namespaces+0xa9/0xe0 [ 196.488303] do_exit+0xb17/0x2ef0 [ 196.488660] ? lock_acquire+0x427/0x4c0 [ 196.489078] ? __pfx_lock_release+0x10/0x10 [ 196.489594] ? __kasan_check_write+0x18/0x20 [ 196.490171] ? do_raw_spin_lock+0x132/0x2a0 [ 196.490660] ? __pfx_do_exit+0x10/0x10 [ 196.491074] ? debug_smp_processor_id+0x20/0x30 [ 196.491570] ? rcu_is_watching+0x19/0xb0 [ 196.492002] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.492698] ? trace_hardirqs_on+0x26/0x120 [ 196.493151] do_group_exit+0xe0/0x2b0 [ 196.493555] __x64_sys_exit_group+0x47/0x50 [ 196.494000] do_syscall_64+0x3b/0x90 [ 196.494399] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.495216] RIP: 0033:0x7f4b87518a4d [ 196.495606] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.496235] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.497008] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.497945] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.498705] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.499459] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.500251] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.501113] [ 196.501357] irq event stamp: 0 [ 196.501681] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.502331] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.503442] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.504296] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.504944] ---[ end trace 0000000000000000 ]--- [ 196.510164] ------------[ cut here ]------------ [ 196.510750] WARNING: CPU: 1 PID: 1869 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.511799] Modules linked in: [ 196.512126] CPU: 1 PID: 1869 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.513011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.514145] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.514746] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.516589] RSP: 0018:ffff888021a5fbb8 EFLAGS: 00010246 [ 196.517129] RAX: 0000000000000000 RBX: ffff888023e020a8 RCX: 0000000000000000 [ 196.517846] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 196.518596] RBP: ffff888021a5fbd0 R08: ffffed10047c0433 R09: ffffed10047c0433 [ 196.519331] R10: ffff888023e02193 R11: ffffed10047c0432 R12: ffff88800f0e1000 [ 196.520043] R13: ffff888023e021e8 R14: ffffffff8352e670 R15: ffff888021a5fe68 [ 196.520770] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.521576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.522157] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 196.522907] PKRU: 55555554 [ 196.523210] Call Trace: [ 196.523470] [ 196.523701] __iommufd_access_detach+0x1c2/0x2b0 [ 196.524197] iommufd_access_change_pt+0x149/0x270 [ 196.524689] iommufd_access_replace+0xb4/0x120 [ 196.525176] iommufd_test+0x3e5/0x37e0 [ 196.525573] ? lock_release+0x532/0x770 [ 196.525986] ? __might_fault+0x102/0x1b0 [ 196.526403] ? lock_acquire+0x427/0x4c0 [ 196.526844] ? __pfx_iommufd_test+0x10/0x10 [ 196.527291] ? __pfx_lock_release+0x10/0x10 [ 196.527738] ? __pfx_lock_acquire+0x10/0x10 [ 196.528186] ? write_comp_data+0x2f/0x90 [ 196.528609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.529108] ? write_comp_data+0x2f/0x90 [ 196.529526] iommufd_fops_ioctl+0x37d/0x510 [ 196.529969] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.530469] ? write_comp_data+0x2f/0x90 [ 196.530918] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.531403] __x64_sys_ioctl+0x1a3/0x230 [ 196.531794] do_syscall_64+0x3b/0x90 [ 196.532151] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.532640] RIP: 0033:0x7f4b8743ee5d [ 196.532988] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.534693] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.535409] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.536066] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.536732] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.537385] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.538042] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.538729] [ 196.538952] irq event stamp: 0 [ 196.539258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.539841] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.540614] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.541392] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.541973] ---[ end trace 0000000000000000 ]--- [ 196.545155] ------------[ cut here ]------------ [ 196.545622] WARNING: CPU: 1 PID: 1869 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.546570] Modules linked in: [ 196.546869] CPU: 1 PID: 1869 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.547686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.548706] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.549166] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.550841] RSP: 0018:ffff888021a5fbd0 EFLAGS: 00010246 [ 196.551338] RAX: 0000000000000000 RBX: ffff888023e020a8 RCX: 0000000000000000 [ 196.551983] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 196.552630] RBP: ffff888021a5fbe8 R08: ffffed10047c0433 R09: ffffed10047c0433 [ 196.553273] R10: ffff888023e02193 R11: ffffed10047c0432 R12: ffff8880142f4000 [ 196.553893] R13: ffff888023e021e8 R14: ffff888014603e00 R15: 0000000000000000 [ 196.554525] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.555228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.555722] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.556339] PKRU: 55555554 [ 196.556586] Call Trace: [ 196.556803] [ 196.556997] iommufd_access_destroy_object+0x65/0x170 [ 196.557447] iommufd_object_destroy_user+0x18e/0x220 [ 196.557887] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.558388] iommufd_access_destroy+0x43/0x70 [ 196.558803] iommufd_test_staccess_release+0x8d/0xd0 [ 196.559263] __fput+0x26d/0xa40 [ 196.559564] ____fput+0x1e/0x30 [ 196.559856] task_work_run+0x1a4/0x2d0 [ 196.560202] ? __pfx_task_work_run+0x10/0x10 [ 196.560591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.561019] ? switch_task_namespaces+0xa9/0xe0 [ 196.561430] do_exit+0xb17/0x2ef0 [ 196.561731] ? lock_acquire+0x427/0x4c0 [ 196.562083] ? __pfx_lock_release+0x10/0x10 [ 196.562460] ? __kasan_check_write+0x18/0x20 [ 196.562873] ? do_raw_spin_lock+0x132/0x2a0 [ 196.563258] ? __pfx_do_exit+0x10/0x10 [ 196.563605] ? debug_smp_processor_id+0x20/0x30 [ 196.564010] ? rcu_is_watching+0x19/0xb0 [ 196.564368] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.564766] ? trace_hardirqs_on+0x26/0x120 [ 196.565143] do_group_exit+0xe0/0x2b0 [ 196.565475] __x64_sys_exit_group+0x47/0x50 [ 196.565849] do_syscall_64+0x3b/0x90 [ 196.566176] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.566650] RIP: 0033:0x7f4b87518a4d [ 196.566971] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.567507] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.568156] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.568762] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.569373] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.569981] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.570610] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.571240] [ 196.571443] irq event stamp: 0 [ 196.571717] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.572253] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.572981] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.573692] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.574237] ---[ end trace 0000000000000000 ]--- [ 196.575002] ------------[ cut here ]------------ [ 196.575411] WARNING: CPU: 1 PID: 1869 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.576252] Modules linked in: [ 196.576514] CPU: 1 PID: 1869 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.577217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.578123] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.578557] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.580021] RSP: 0018:ffff888021a5fb78 EFLAGS: 00010246 [ 196.580452] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.581030] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 196.581599] RBP: ffff888021a5fb98 R08: ffffed10047c043e R09: ffffed10047c043e [ 196.582178] R10: ffff888023e021ef R11: ffffed10047c043d R12: ffff888023e02290 [ 196.582763] R13: ffff888023e020a8 R14: ffffffffffffffff R15: ffff888021a5fc60 [ 196.583344] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.583995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.584465] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.585039] PKRU: 55555554 [ 196.585271] Call Trace: [ 196.585479] [ 196.585664] iommufd_ioas_destroy+0x53/0x70 [ 196.586022] iommufd_fops_release+0x1f7/0x370 [ 196.586396] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.586827] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.587242] ? write_comp_data+0x2f/0x90 [ 196.587584] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.587992] __fput+0x26d/0xa40 [ 196.588276] ____fput+0x1e/0x30 [ 196.588560] task_work_run+0x1a4/0x2d0 [ 196.588883] ? __pfx_task_work_run+0x10/0x10 [ 196.589248] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.589649] ? switch_task_namespaces+0xa9/0xe0 [ 196.590037] do_exit+0xb17/0x2ef0 [ 196.590321] ? lock_acquire+0x427/0x4c0 [ 196.590668] ? __pfx_lock_release+0x10/0x10 [ 196.591029] ? __kasan_check_write+0x18/0x20 [ 196.591399] ? do_raw_spin_lock+0x132/0x2a0 [ 196.591751] ? __pfx_do_exit+0x10/0x10 [ 196.592079] ? debug_smp_processor_id+0x20/0x30 [ 196.592465] ? rcu_is_watching+0x19/0xb0 [ 196.592796] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.593169] ? trace_hardirqs_on+0x26/0x120 [ 196.593528] do_group_exit+0xe0/0x2b0 [ 196.593839] __x64_sys_exit_group+0x47/0x50 [ 196.594191] do_syscall_64+0x3b/0x90 [ 196.594525] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.594956] RIP: 0033:0x7f4b87518a4d [ 196.595276] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.595775] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.596395] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.596969] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.597560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.598136] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.598734] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.599329] [ 196.599521] irq event stamp: 0 [ 196.599781] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.600309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.600986] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.601666] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.602176] ---[ end trace 0000000000000000 ]--- [ 196.606244] ------------[ cut here ]------------ [ 196.606717] WARNING: CPU: 1 PID: 1870 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.607553] Modules linked in: [ 196.607813] CPU: 1 PID: 1870 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.608513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.609425] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.609825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.611311] RSP: 0018:ffff88800f16fbb8 EFLAGS: 00010246 [ 196.611745] RAX: 0000000000000000 RBX: ffff8880164fb0a8 RCX: 0000000000000000 [ 196.612316] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 196.612879] RBP: ffff88800f16fbd0 R08: ffffed1002c9f633 R09: ffffed1002c9f633 [ 196.613430] R10: ffff8880164fb193 R11: ffffed1002c9f632 R12: ffff888010f06c00 [ 196.613985] R13: ffff8880164fb1e8 R14: ffffffff8352e670 R15: ffff88800f16fe68 [ 196.614565] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.615199] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.615655] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 196.616210] PKRU: 55555554 [ 196.616437] Call Trace: [ 196.616637] [ 196.616817] __iommufd_access_detach+0x1c2/0x2b0 [ 196.617203] iommufd_access_change_pt+0x149/0x270 [ 196.617596] iommufd_access_replace+0xb4/0x120 [ 196.617967] iommufd_test+0x3e5/0x37e0 [ 196.618274] ? lock_release+0x532/0x770 [ 196.618614] ? __might_fault+0x102/0x1b0 [ 196.618946] ? lock_acquire+0x427/0x4c0 [ 196.619278] ? __pfx_iommufd_test+0x10/0x10 [ 196.619620] ? __pfx_lock_release+0x10/0x10 [ 196.619969] ? __pfx_lock_acquire+0x10/0x10 [ 196.620320] ? write_comp_data+0x2f/0x90 [ 196.620649] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.621038] ? write_comp_data+0x2f/0x90 [ 196.621370] iommufd_fops_ioctl+0x37d/0x510 [ 196.621715] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.622106] ? write_comp_data+0x2f/0x90 [ 196.622435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.622838] __x64_sys_ioctl+0x1a3/0x230 [ 196.623174] do_syscall_64+0x3b/0x90 [ 196.623477] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.623893] RIP: 0033:0x7f4b8743ee5d [ 196.624193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.625615] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.626213] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.626784] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.627348] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.627901] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.628457] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.629018] [ 196.629203] irq event stamp: 0 [ 196.629454] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.629947] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.630628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.631284] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.631778] ---[ end trace 0000000000000000 ]--- [ 196.634546] ------------[ cut here ]------------ [ 196.634947] WARNING: CPU: 1 PID: 1870 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.635734] Modules linked in: [ 196.635982] CPU: 1 PID: 1870 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.636651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.637508] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.637894] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.639314] RSP: 0018:ffff88800f16fbd0 EFLAGS: 00010246 [ 196.639721] RAX: 0000000000000000 RBX: ffff8880164fb0a8 RCX: 0000000000000000 [ 196.640264] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 196.640812] RBP: ffff88800f16fbe8 R08: ffffed1002c9f633 R09: ffffed1002c9f633 [ 196.641356] R10: ffff8880164fb193 R11: ffffed1002c9f632 R12: ffff88800f0e0400 [ 196.641907] R13: ffff8880164fb1e8 R14: ffff88800fa29000 R15: 0000000000000000 [ 196.642457] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.643389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.643857] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.644407] PKRU: 55555554 [ 196.644625] Call Trace: [ 196.644824] [ 196.645001] iommufd_access_destroy_object+0x65/0x170 [ 196.645408] iommufd_object_destroy_user+0x18e/0x220 [ 196.645809] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.646263] iommufd_access_destroy+0x43/0x70 [ 196.646660] iommufd_test_staccess_release+0x8d/0xd0 [ 196.647065] __fput+0x26d/0xa40 [ 196.647349] ____fput+0x1e/0x30 [ 196.647618] task_work_run+0x1a4/0x2d0 [ 196.647931] ? __pfx_task_work_run+0x10/0x10 [ 196.648282] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.648667] ? switch_task_namespaces+0xa9/0xe0 [ 196.649043] do_exit+0xb17/0x2ef0 [ 196.649316] ? lock_acquire+0x427/0x4c0 [ 196.649633] ? __pfx_lock_release+0x10/0x10 [ 196.649978] ? __kasan_check_write+0x18/0x20 [ 196.650328] ? do_raw_spin_lock+0x132/0x2a0 [ 196.650682] ? __pfx_do_exit+0x10/0x10 [ 196.650997] ? debug_smp_processor_id+0x20/0x30 [ 196.651373] ? rcu_is_watching+0x19/0xb0 [ 196.651699] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.652057] ? trace_hardirqs_on+0x26/0x120 [ 196.652403] do_group_exit+0xe0/0x2b0 [ 196.652702] __x64_sys_exit_group+0x47/0x50 [ 196.653037] do_syscall_64+0x3b/0x90 [ 196.653337] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.653748] RIP: 0033:0x7f4b87518a4d [ 196.654039] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.654538] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.655139] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.655691] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.656242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.656794] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.657354] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.657916] [ 196.658101] irq event stamp: 0 [ 196.658349] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.658861] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.659519] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.660169] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.660661] ---[ end trace 0000000000000000 ]--- [ 196.661358] ------------[ cut here ]------------ [ 196.661732] WARNING: CPU: 1 PID: 1870 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.662550] Modules linked in: [ 196.662806] CPU: 1 PID: 1870 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.663501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.664372] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.664772] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.666177] RSP: 0018:ffff88800f16fb78 EFLAGS: 00010246 [ 196.666616] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.667174] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 196.667729] RBP: ffff88800f16fb98 R08: ffffed1002c9f63e R09: ffffed1002c9f63e [ 196.668280] R10: ffff8880164fb1ef R11: ffffed1002c9f63d R12: ffff8880164fb290 [ 196.668836] R13: ffff8880164fb0a8 R14: ffffffffffffffff R15: ffff88800f16fc60 [ 196.669390] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.670010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.670464] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.671036] PKRU: 55555554 [ 196.671267] Call Trace: [ 196.671468] [ 196.671645] iommufd_ioas_destroy+0x53/0x70 [ 196.671990] iommufd_fops_release+0x1f7/0x370 [ 196.672348] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.672743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.673131] ? write_comp_data+0x2f/0x90 [ 196.673455] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.673847] __fput+0x26d/0xa40 [ 196.674119] ____fput+0x1e/0x30 [ 196.674387] task_work_run+0x1a4/0x2d0 [ 196.674719] ? __pfx_task_work_run+0x10/0x10 [ 196.675071] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.675466] ? switch_task_namespaces+0xa9/0xe0 [ 196.675842] do_exit+0xb17/0x2ef0 [ 196.676115] ? lock_acquire+0x427/0x4c0 [ 196.676433] ? __pfx_lock_release+0x10/0x10 [ 196.676778] ? __kasan_check_write+0x18/0x20 [ 196.677129] ? do_raw_spin_lock+0x132/0x2a0 [ 196.677471] ? __pfx_do_exit+0x10/0x10 [ 196.677786] ? debug_smp_processor_id+0x20/0x30 [ 196.678156] ? rcu_is_watching+0x19/0xb0 [ 196.678481] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.678860] ? trace_hardirqs_on+0x26/0x120 [ 196.679214] do_group_exit+0xe0/0x2b0 [ 196.679515] __x64_sys_exit_group+0x47/0x50 [ 196.679853] do_syscall_64+0x3b/0x90 [ 196.680161] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.680579] RIP: 0033:0x7f4b87518a4d [ 196.680872] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.681352] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.681946] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.682499] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.683081] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.683643] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.684196] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.684757] [ 196.684941] irq event stamp: 0 [ 196.685189] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.686049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.686729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.687387] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.687874] ---[ end trace 0000000000000000 ]--- [ 196.691791] ------------[ cut here ]------------ [ 196.692256] WARNING: CPU: 1 PID: 1871 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.693054] Modules linked in: [ 196.693305] CPU: 1 PID: 1871 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.693983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.695045] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.695446] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.696857] RSP: 0018:ffff8880101f7bb8 EFLAGS: 00010246 [ 196.697271] RAX: 0000000000000000 RBX: ffff888017b8a8a8 RCX: 0000000000000000 [ 196.697850] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 196.698519] RBP: ffff8880101f7bd0 R08: ffffed1002f71533 R09: ffffed1002f71533 [ 196.699074] R10: ffff888017b8a993 R11: ffffed1002f71532 R12: ffff8880138ad800 [ 196.699634] R13: ffff888017b8a9e8 R14: ffffffff8352e670 R15: ffff8880101f7e68 [ 196.700189] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.700855] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.701399] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 196.701958] PKRU: 55555554 [ 196.702181] Call Trace: [ 196.702384] [ 196.702586] __iommufd_access_detach+0x1c2/0x2b0 [ 196.702974] iommufd_access_change_pt+0x149/0x270 [ 196.703384] iommufd_access_replace+0xb4/0x120 [ 196.703805] iommufd_test+0x3e5/0x37e0 [ 196.704186] ? lock_release+0x532/0x770 [ 196.704513] ? __might_fault+0x102/0x1b0 [ 196.704841] ? lock_acquire+0x427/0x4c0 [ 196.705162] ? __pfx_iommufd_test+0x10/0x10 [ 196.705498] ? __pfx_lock_release+0x10/0x10 [ 196.705841] ? __pfx_lock_acquire+0x10/0x10 [ 196.706189] ? write_comp_data+0x2f/0x90 [ 196.706537] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.707013] ? write_comp_data+0x2f/0x90 [ 196.707350] iommufd_fops_ioctl+0x37d/0x510 [ 196.707694] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.708084] ? write_comp_data+0x2f/0x90 [ 196.708418] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.708804] __x64_sys_ioctl+0x1a3/0x230 [ 196.709136] do_syscall_64+0x3b/0x90 [ 196.709443] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.709987] RIP: 0033:0x7f4b8743ee5d [ 196.710284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.711736] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.712348] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.713037] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.713602] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.714169] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.714756] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.715319] [ 196.715519] irq event stamp: 0 [ 196.715840] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.716395] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.717091] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.717780] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.718300] ---[ end trace 0000000000000000 ]--- [ 196.723013] ------------[ cut here ]------------ [ 196.723460] WARNING: CPU: 1 PID: 1871 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.724302] Modules linked in: [ 196.724566] CPU: 1 PID: 1871 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.725404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.726340] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.726807] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.728428] RSP: 0018:ffff8880101f7bd0 EFLAGS: 00010246 [ 196.728869] RAX: 0000000000000000 RBX: ffff888017b8a8a8 RCX: 0000000000000000 [ 196.729460] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 196.730046] RBP: ffff8880101f7be8 R08: ffffed1002f71533 R09: ffffed1002f71533 [ 196.730651] R10: ffff888017b8a993 R11: ffffed1002f71532 R12: ffff888010f06000 [ 196.731350] R13: ffff888017b8a9e8 R14: ffff88800f503500 R15: 0000000000000000 [ 196.732000] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.732661] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.733136] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 196.733719] PKRU: 55555554 [ 196.733953] Call Trace: [ 196.734201] [ 196.734421] iommufd_access_destroy_object+0x65/0x170 [ 196.734934] iommufd_object_destroy_user+0x18e/0x220 [ 196.735375] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.735866] iommufd_access_destroy+0x43/0x70 [ 196.736250] iommufd_test_staccess_release+0x8d/0xd0 [ 196.736678] __fput+0x26d/0xa40 [ 196.736966] ____fput+0x1e/0x30 [ 196.737314] task_work_run+0x1a4/0x2d0 [ 196.737712] ? __pfx_task_work_run+0x10/0x10 [ 196.738086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.738495] ? switch_task_namespaces+0xa9/0xe0 [ 196.738909] do_exit+0xb17/0x2ef0 [ 196.739203] ? lock_acquire+0x427/0x4c0 [ 196.739542] ? __pfx_lock_release+0x10/0x10 [ 196.739906] ? __kasan_check_write+0x18/0x20 [ 196.740276] ? do_raw_spin_lock+0x132/0x2a0 [ 196.740635] ? __pfx_do_exit+0x10/0x10 [ 196.740967] ? debug_smp_processor_id+0x20/0x30 [ 196.741356] ? rcu_is_watching+0x19/0xb0 [ 196.741698] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.742095] ? trace_hardirqs_on+0x26/0x120 [ 196.742604] do_group_exit+0xe0/0x2b0 [ 196.742926] __x64_sys_exit_group+0x47/0x50 [ 196.743290] do_syscall_64+0x3b/0x90 [ 196.743606] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.744041] RIP: 0033:0x7f4b87518a4d [ 196.744347] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.744851] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.745475] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.746215] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.746828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.747432] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.748015] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.748606] [ 196.748801] irq event stamp: 0 [ 196.749062] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.749660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.750415] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.751139] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.751661] ---[ end trace 0000000000000000 ]--- [ 196.752495] ------------[ cut here ]------------ [ 196.752888] WARNING: CPU: 1 PID: 1871 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.753865] Modules linked in: [ 196.754135] CPU: 1 PID: 1871 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.754926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.755863] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.756288] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.757941] RSP: 0018:ffff8880101f7b78 EFLAGS: 00010246 [ 196.758382] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.758985] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 196.759582] RBP: ffff8880101f7b98 R08: ffffed1002f7153e R09: ffffed1002f7153e [ 196.760167] R10: ffff888017b8a9ef R11: ffffed1002f7153d R12: ffff888017b8aa90 [ 196.760749] R13: ffff888017b8a8a8 R14: ffffffffffffffff R15: ffff8880101f7c60 [ 196.761485] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.762142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.762638] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 196.763229] PKRU: 55555554 [ 196.763458] Call Trace: [ 196.763667] [ 196.763855] iommufd_ioas_destroy+0x53/0x70 [ 196.764219] iommufd_fops_release+0x1f7/0x370 [ 196.764678] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.765161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.765569] ? write_comp_data+0x2f/0x90 [ 196.765912] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.766328] __fput+0x26d/0xa40 [ 196.766642] ____fput+0x1e/0x30 [ 196.766927] task_work_run+0x1a4/0x2d0 [ 196.767267] ? __pfx_task_work_run+0x10/0x10 [ 196.767636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.768045] ? switch_task_namespaces+0xa9/0xe0 [ 196.768573] do_exit+0xb17/0x2ef0 [ 196.768862] ? lock_acquire+0x427/0x4c0 [ 196.769200] ? __pfx_lock_release+0x10/0x10 [ 196.769565] ? __kasan_check_write+0x18/0x20 [ 196.769930] ? do_raw_spin_lock+0x132/0x2a0 [ 196.770289] ? __pfx_do_exit+0x10/0x10 [ 196.770645] ? debug_smp_processor_id+0x20/0x30 [ 196.771035] ? rcu_is_watching+0x19/0xb0 [ 196.771384] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.771779] ? trace_hardirqs_on+0x26/0x120 [ 196.772247] do_group_exit+0xe0/0x2b0 [ 196.772565] __x64_sys_exit_group+0x47/0x50 [ 196.772921] do_syscall_64+0x3b/0x90 [ 196.773238] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.773674] RIP: 0033:0x7f4b87518a4d [ 196.773980] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.774486] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.775145] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.775868] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.776453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.777036] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.777619] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.778229] [ 196.778479] irq event stamp: 0 [ 196.778827] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.779360] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.780055] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.780742] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.781262] ---[ end trace 0000000000000000 ]--- [ 196.785958] ------------[ cut here ]------------ [ 196.786387] WARNING: CPU: 1 PID: 1872 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.787271] Modules linked in: [ 196.787535] CPU: 1 PID: 1872 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.788248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.789298] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.789701] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.791188] RSP: 0018:ffff88800f16fbb8 EFLAGS: 00010246 [ 196.791619] RAX: 0000000000000000 RBX: ffff88800e83d8a8 RCX: 0000000000000000 [ 196.792329] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 196.792902] RBP: ffff88800f16fbd0 R08: ffffed1001d07b33 R09: ffffed1001d07b33 [ 196.793476] R10: ffff88800e83d993 R11: ffffed1001d07b32 R12: ffff88800ae92800 [ 196.794049] R13: ffff88800e83d9e8 R14: ffffffff8352e670 R15: ffff88800f16fe68 [ 196.794645] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.795454] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.795924] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 196.796501] PKRU: 55555554 [ 196.796733] Call Trace: [ 196.796941] [ 196.797126] __iommufd_access_detach+0x1c2/0x2b0 [ 196.797523] iommufd_access_change_pt+0x149/0x270 [ 196.797924] iommufd_access_replace+0xb4/0x120 [ 196.798343] iommufd_test+0x3e5/0x37e0 [ 196.798776] ? lock_release+0x532/0x770 [ 196.799113] ? __might_fault+0x102/0x1b0 [ 196.799460] ? lock_acquire+0x427/0x4c0 [ 196.799792] ? __pfx_iommufd_test+0x10/0x10 [ 196.800139] ? __pfx_lock_release+0x10/0x10 [ 196.800495] ? __pfx_lock_acquire+0x10/0x10 [ 196.800855] ? write_comp_data+0x2f/0x90 [ 196.801196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.801597] ? write_comp_data+0x2f/0x90 [ 196.801973] iommufd_fops_ioctl+0x37d/0x510 [ 196.802435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.802859] ? write_comp_data+0x2f/0x90 [ 196.803211] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.803610] __x64_sys_ioctl+0x1a3/0x230 [ 196.803954] do_syscall_64+0x3b/0x90 [ 196.804272] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.804698] RIP: 0033:0x7f4b8743ee5d [ 196.805003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.806636] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.807259] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.807832] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.808406] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.808991] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.809688] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.810270] [ 196.810461] irq event stamp: 0 [ 196.810753] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.811274] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.811954] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.812664] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.813272] ---[ end trace 0000000000000000 ]--- [ 196.816206] ------------[ cut here ]------------ [ 196.816699] WARNING: CPU: 1 PID: 1872 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.817527] Modules linked in: [ 196.817788] CPU: 1 PID: 1872 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.818496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.819441] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.819995] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.821469] RSP: 0018:ffff88800f16fbd0 EFLAGS: 00010246 [ 196.821919] RAX: 0000000000000000 RBX: ffff88800e83d8a8 RCX: 0000000000000000 [ 196.822550] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 196.823226] RBP: ffff88800f16fbe8 R08: ffffed1001d07b33 R09: ffffed1001d07b33 [ 196.823951] R10: ffff88800e83d993 R11: ffffed1001d07b32 R12: ffff8880138ad000 [ 196.824552] R13: ffff88800e83d9e8 R14: ffff888020f65600 R15: 0000000000000000 [ 196.825150] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.825826] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.826316] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 196.827093] PKRU: 55555554 [ 196.827348] Call Trace: [ 196.827566] [ 196.827763] iommufd_access_destroy_object+0x65/0x170 [ 196.828208] iommufd_object_destroy_user+0x18e/0x220 [ 196.828647] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.829144] iommufd_access_destroy+0x43/0x70 [ 196.829532] iommufd_test_staccess_release+0x8d/0xd0 [ 196.829971] __fput+0x26d/0xa40 [ 196.830303] ____fput+0x1e/0x30 [ 196.830730] task_work_run+0x1a4/0x2d0 [ 196.831077] ? __pfx_task_work_run+0x10/0x10 [ 196.831472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.831895] ? switch_task_namespaces+0xa9/0xe0 [ 196.832306] do_exit+0xb17/0x2ef0 [ 196.832602] ? lock_acquire+0x427/0x4c0 [ 196.832954] ? __pfx_lock_release+0x10/0x10 [ 196.833335] ? __kasan_check_write+0x18/0x20 [ 196.833804] ? do_raw_spin_lock+0x132/0x2a0 [ 196.834250] ? __pfx_do_exit+0x10/0x10 [ 196.834608] ? debug_smp_processor_id+0x20/0x30 [ 196.835005] ? rcu_is_watching+0x19/0xb0 [ 196.835359] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.835752] ? trace_hardirqs_on+0x26/0x120 [ 196.836129] do_group_exit+0xe0/0x2b0 [ 196.836459] __x64_sys_exit_group+0x47/0x50 [ 196.836832] do_syscall_64+0x3b/0x90 [ 196.837268] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.837784] RIP: 0033:0x7f4b87518a4d [ 196.838102] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.838640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.839287] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.839890] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.840557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.841229] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.841832] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.842442] [ 196.842664] irq event stamp: 0 [ 196.842938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.843490] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.844374] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.845079] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.845610] ---[ end trace 0000000000000000 ]--- [ 196.847564] ------------[ cut here ]------------ [ 196.847988] WARNING: CPU: 1 PID: 1872 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.848844] Modules linked in: [ 196.849119] CPU: 1 PID: 1872 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.849853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.851029] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.851483] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.853120] RSP: 0018:ffff88800f16fb78 EFLAGS: 00010246 [ 196.853652] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.854252] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 196.854873] RBP: ffff88800f16fb98 R08: ffffed1001d07b3e R09: ffffed1001d07b3e [ 196.855498] R10: ffff88800e83d9ef R11: ffffed1001d07b3d R12: ffff88800e83da90 [ 196.856099] R13: ffff88800e83d8a8 R14: ffffffffffffffff R15: ffff88800f16fc60 [ 196.856894] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.857578] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.858073] CR2: 00007f82e2b1e008 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 196.858698] PKRU: 55555554 [ 196.858941] Call Trace: [ 196.859173] [ 196.859375] iommufd_ioas_destroy+0x53/0x70 [ 196.859812] iommufd_fops_release+0x1f7/0x370 [ 196.860317] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.860744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.861171] ? write_comp_data+0x2f/0x90 [ 196.861527] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.861952] __fput+0x26d/0xa40 [ 196.862246] ____fput+0x1e/0x30 [ 196.862556] task_work_run+0x1a4/0x2d0 [ 196.862902] ? __pfx_task_work_run+0x10/0x10 [ 196.863298] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.863867] ? switch_task_namespaces+0xa9/0xe0 [ 196.864278] do_exit+0xb17/0x2ef0 [ 196.864576] ? lock_acquire+0x427/0x4c0 [ 196.864924] ? __pfx_lock_release+0x10/0x10 [ 196.865299] ? __kasan_check_write+0x18/0x20 [ 196.865680] ? do_raw_spin_lock+0x132/0x2a0 [ 196.866051] ? __pfx_do_exit+0x10/0x10 [ 196.866398] ? debug_smp_processor_id+0x20/0x30 [ 196.866976] ? rcu_is_watching+0x19/0xb0 [ 196.867342] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.867740] ? trace_hardirqs_on+0x26/0x120 [ 196.868118] do_group_exit+0xe0/0x2b0 [ 196.868451] __x64_sys_exit_group+0x47/0x50 [ 196.868816] do_syscall_64+0x3b/0x90 [ 196.869143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.869593] RIP: 0033:0x7f4b87518a4d [ 196.869983] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.870637] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.871295] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.871898] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.872504] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.873126] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.873883] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.874496] [ 196.874722] irq event stamp: 0 [ 196.874990] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.875544] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.876268] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.876975] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.877508] ---[ end trace 0000000000000000 ]--- [ 196.881958] ------------[ cut here ]------------ [ 196.882395] WARNING: CPU: 1 PID: 1873 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.883344] Modules linked in: [ 196.883717] CPU: 1 PID: 1873 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.884534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.885485] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.885915] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.887674] RSP: 0018:ffff888014bb7bb8 EFLAGS: 00010246 [ 196.888129] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 196.888733] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 196.889331] RBP: ffff888014bb7bd0 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 196.889933] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff888010c0b800 [ 196.890710] R13: ffff88800b8161e8 R14: ffffffff8352e670 R15: ffff888014bb7e68 [ 196.891328] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.892007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.892500] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 196.893109] PKRU: 55555554 [ 196.893404] Call Trace: [ 196.893719] [ 196.893921] __iommufd_access_detach+0x1c2/0x2b0 [ 196.894350] iommufd_access_change_pt+0x149/0x270 [ 196.894792] iommufd_access_replace+0xb4/0x120 [ 196.895203] iommufd_test+0x3e5/0x37e0 [ 196.895537] ? lock_release+0x532/0x770 [ 196.895893] ? __might_fault+0x102/0x1b0 [ 196.896251] ? lock_acquire+0x427/0x4c0 [ 196.896608] ? __pfx_iommufd_test+0x10/0x10 [ 196.897102] ? __pfx_lock_release+0x10/0x10 [ 196.897499] ? __pfx_lock_acquire+0x10/0x10 [ 196.897877] ? write_comp_data+0x2f/0x90 [ 196.898233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.898669] ? write_comp_data+0x2f/0x90 [ 196.899028] iommufd_fops_ioctl+0x37d/0x510 [ 196.899404] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.899825] ? write_comp_data+0x2f/0x90 [ 196.900275] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 196.900769] __x64_sys_ioctl+0x1a3/0x230 [ 196.901134] do_syscall_64+0x3b/0x90 [ 196.901463] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.901912] RIP: 0033:0x7f4b8743ee5d [ 196.902233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 196.903898] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 196.904594] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 196.905194] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 196.905794] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 196.906390] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 196.907011] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 196.907634] [ 196.907835] irq event stamp: 0 [ 196.908103] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.908643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.909528] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.910240] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.910806] ---[ end trace 0000000000000000 ]--- [ 196.913749] ------------[ cut here ]------------ [ 196.914202] WARNING: CPU: 1 PID: 1873 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.915328] Modules linked in: [ 196.915611] CPU: 1 PID: 1873 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.916367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.917350] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.917945] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.919650] RSP: 0018:ffff888014bb7bd0 EFLAGS: 00010246 [ 196.920122] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 196.920745] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 196.921540] RBP: ffff888014bb7be8 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 196.922164] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff88800ae93400 [ 196.922822] R13: ffff88800b8161e8 R14: ffff88800b1f3200 R15: 0000000000000000 [ 196.923458] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.924160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.924837] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.925464] PKRU: 55555554 [ 196.925712] Call Trace: [ 196.925936] [ 196.926140] iommufd_access_destroy_object+0x65/0x170 [ 196.926645] iommufd_object_destroy_user+0x18e/0x220 [ 196.927138] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 196.927878] iommufd_access_destroy+0x43/0x70 [ 196.928316] iommufd_test_staccess_release+0x8d/0xd0 [ 196.928797] __fput+0x26d/0xa40 [ 196.929129] ____fput+0x1e/0x30 [ 196.929451] task_work_run+0x1a4/0x2d0 [ 196.929826] ? __pfx_task_work_run+0x10/0x10 [ 196.930297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.930916] ? switch_task_namespaces+0xa9/0xe0 [ 196.931379] do_exit+0xb17/0x2ef0 [ 196.931713] ? lock_acquire+0x427/0x4c0 [ 196.932097] ? __pfx_lock_release+0x10/0x10 [ 196.932507] ? __kasan_check_write+0x18/0x20 [ 196.932924] ? do_raw_spin_lock+0x132/0x2a0 [ 196.933355] ? __pfx_do_exit+0x10/0x10 [ 196.933885] ? debug_smp_processor_id+0x20/0x30 [ 196.934332] ? rcu_is_watching+0x19/0xb0 [ 196.934744] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.935195] ? trace_hardirqs_on+0x26/0x120 [ 196.935609] do_group_exit+0xe0/0x2b0 [ 196.935974] __x64_sys_exit_group+0x47/0x50 [ 196.936389] do_syscall_64+0x3b/0x90 [ 196.936827] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.937417] RIP: 0033:0x7f4b87518a4d [ 196.937775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.938365] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.939113] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.939796] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.940667] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.941338] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.942011] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.942727] [ 196.942954] irq event stamp: 0 [ 196.943267] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.944073] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.944898] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.945698] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.946297] ---[ end trace 0000000000000000 ]--- [ 196.947178] ------------[ cut here ]------------ [ 196.947633] WARNING: CPU: 1 PID: 1873 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 196.948659] Modules linked in: [ 196.948992] CPU: 1 PID: 1873 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.949894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.951327] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 196.951864] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 196.953969] RSP: 0018:ffff888014bb7b78 EFLAGS: 00010246 [ 196.954550] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 196.955295] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 196.956014] RBP: ffff888014bb7b98 R08: ffffed1001702c3e R09: ffffed1001702c3e [ 196.956795] R10: ffff88800b8161ef R11: ffffed1001702c3d R12: ffff88800b816290 [ 196.957718] R13: ffff88800b8160a8 R14: ffffffffffffffff R15: ffff888014bb7c60 [ 196.958459] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.959327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.959924] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 196.960650] PKRU: 55555554 [ 196.960943] Call Trace: [ 196.961207] [ 196.961440] iommufd_ioas_destroy+0x53/0x70 [ 196.961897] iommufd_fops_release+0x1f7/0x370 [ 196.962362] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.962905] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.963430] ? write_comp_data+0x2f/0x90 [ 196.963862] ? __pfx_iommufd_fops_release+0x10/0x10 [ 196.964382] __fput+0x26d/0xa40 [ 196.964742] ____fput+0x1e/0x30 [ 196.965095] task_work_run+0x1a4/0x2d0 [ 196.965507] ? __pfx_task_work_run+0x10/0x10 [ 196.965966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 196.966473] ? switch_task_namespaces+0xa9/0xe0 [ 196.966991] do_exit+0xb17/0x2ef0 [ 196.967367] ? lock_acquire+0x427/0x4c0 [ 196.967791] ? __pfx_lock_release+0x10/0x10 [ 196.968250] ? __kasan_check_write+0x18/0x20 [ 196.968721] ? do_raw_spin_lock+0x132/0x2a0 [ 196.969166] ? __pfx_do_exit+0x10/0x10 [ 196.969570] ? debug_smp_processor_id+0x20/0x30 [ 196.970048] ? rcu_is_watching+0x19/0xb0 [ 196.970468] ? _raw_spin_unlock_irq+0x2b/0x60 [ 196.970994] ? trace_hardirqs_on+0x26/0x120 [ 196.971513] do_group_exit+0xe0/0x2b0 [ 196.971944] __x64_sys_exit_group+0x47/0x50 [ 196.972391] do_syscall_64+0x3b/0x90 [ 196.972795] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 196.973335] RIP: 0033:0x7f4b87518a4d [ 196.973717] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 196.974347] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 196.975168] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 196.975901] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 196.976642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 196.977358] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 196.978075] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 196.978830] [ 196.979070] irq event stamp: 0 [ 196.979408] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 196.980057] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 196.980927] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 196.981813] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 196.982465] ---[ end trace 0000000000000000 ]--- [ 196.987405] ------------[ cut here ]------------ [ 196.987896] WARNING: CPU: 1 PID: 1874 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 196.988832] Modules linked in: [ 196.989135] CPU: 1 PID: 1874 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 196.989940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 196.991218] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 196.991692] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 196.993446] RSP: 0018:ffff888020c6fbb8 EFLAGS: 00010246 [ 196.993964] RAX: 0000000000000000 RBX: ffff88800f16a0a8 RCX: 0000000000000000 [ 196.994667] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 196.995358] RBP: ffff888020c6fbd0 R08: ffffed1001e2d433 R09: ffffed1001e2d433 [ 196.996036] R10: ffff88800f16a193 R11: ffffed1001e2d432 R12: ffff888010827400 [ 196.996705] R13: ffff88800f16a1e8 R14: ffffffff8352e670 R15: ffff888020c6fe68 [ 196.997370] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 196.998119] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.998688] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 196.999381] PKRU: 55555554 [ 196.999656] Call Trace: [ 196.999901] [ 197.000118] __iommufd_access_detach+0x1c2/0x2b0 [ 197.000586] iommufd_access_change_pt+0x149/0x270 [ 197.001057] iommufd_access_replace+0xb4/0x120 [ 197.001500] iommufd_test+0x3e5/0x37e0 [ 197.001867] ? lock_release+0x532/0x770 [ 197.002253] ? __might_fault+0x102/0x1b0 [ 197.002680] ? lock_acquire+0x427/0x4c0 [ 197.003083] ? __pfx_iommufd_test+0x10/0x10 [ 197.003500] ? __pfx_lock_release+0x10/0x10 [ 197.003927] ? __pfx_lock_acquire+0x10/0x10 [ 197.004347] ? write_comp_data+0x2f/0x90 [ 197.004746] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.005208] ? write_comp_data+0x2f/0x90 [ 197.005603] iommufd_fops_ioctl+0x37d/0x510 [ 197.006018] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.006489] ? write_comp_data+0x2f/0x90 [ 197.006920] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.007397] __x64_sys_ioctl+0x1a3/0x230 [ 197.007800] do_syscall_64+0x3b/0x90 [ 197.008160] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.008656] RIP: 0033:0x7f4b8743ee5d [ 197.009008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.010744] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.011479] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.012147] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.012820] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.013484] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.014153] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.014857] [ 197.015086] irq event stamp: 0 [ 197.015395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.015987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.016783] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.017584] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.018176] ---[ end trace 0000000000000000 ]--- [ 197.021256] ------------[ cut here ]------------ [ 197.021739] WARNING: CPU: 1 PID: 1874 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.022749] Modules linked in: [ 197.023056] CPU: 1 PID: 1874 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.023864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.024936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.025420] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.027171] RSP: 0018:ffff888020c6fbd0 EFLAGS: 00010246 [ 197.027686] RAX: 0000000000000000 RBX: ffff88800f16a0a8 RCX: 0000000000000000 [ 197.028350] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 197.029016] RBP: ffff888020c6fbe8 R08: ffffed1001e2d433 R09: ffffed1001e2d433 [ 197.029685] R10: ffff88800f16a193 R11: ffffed1001e2d432 R12: ffff888010c08400 [ 197.030362] R13: ffff88800f16a1e8 R14: ffff888014603600 R15: 0000000000000000 [ 197.031067] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.031828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.032372] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 197.033038] PKRU: 55555554 [ 197.033308] Call Trace: [ 197.033548] [ 197.033766] iommufd_access_destroy_object+0x65/0x170 [ 197.034261] iommufd_object_destroy_user+0x18e/0x220 [ 197.034771] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.035338] iommufd_access_destroy+0x43/0x70 [ 197.035773] iommufd_test_staccess_release+0x8d/0xd0 [ 197.036267] __fput+0x26d/0xa40 [ 197.036597] ____fput+0x1e/0x30 [ 197.036921] task_work_run+0x1a4/0x2d0 [ 197.037302] ? __pfx_task_work_run+0x10/0x10 [ 197.037722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.038187] ? switch_task_namespaces+0xa9/0xe0 [ 197.038664] do_exit+0xb17/0x2ef0 [ 197.038999] ? lock_acquire+0x427/0x4c0 [ 197.039402] ? __pfx_lock_release+0x10/0x10 [ 197.039817] ? __kasan_check_write+0x18/0x20 [ 197.040239] ? do_raw_spin_lock+0x132/0x2a0 [ 197.040646] ? __pfx_do_exit+0x10/0x10 [ 197.041030] ? debug_smp_processor_id+0x20/0x30 [ 197.041478] ? rcu_is_watching+0x19/0xb0 [ 197.041864] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.042302] ? trace_hardirqs_on+0x26/0x120 [ 197.042742] do_group_exit+0xe0/0x2b0 [ 197.043108] __x64_sys_exit_group+0x47/0x50 [ 197.043523] do_syscall_64+0x3b/0x90 [ 197.043885] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.044383] RIP: 0033:0x7f4b87518a4d [ 197.044740] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.045319] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.046033] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.046731] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.047415] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.048080] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.048759] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.049437] [ 197.049659] irq event stamp: 0 [ 197.049958] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.050576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.051380] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.052160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.052752] ---[ end trace 0000000000000000 ]--- [ 197.053557] ------------[ cut here ]------------ [ 197.054008] WARNING: CPU: 1 PID: 1874 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.054987] Modules linked in: [ 197.055315] CPU: 1 PID: 1874 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.056139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.057191] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.057674] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.059435] RSP: 0018:ffff888020c6fb78 EFLAGS: 00010246 [ 197.059942] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.060604] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 197.061270] RBP: ffff888020c6fb98 R08: ffffed1001e2d43e R09: ffffed1001e2d43e [ 197.061930] R10: ffff88800f16a1ef R11: ffffed1001e2d43d R12: ffff88800f16a290 [ 197.062619] R13: ffff88800f16a0a8 R14: ffffffffffffffff R15: ffff888020c6fc60 [ 197.063304] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.064063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.064605] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 197.065271] PKRU: 55555554 [ 197.065536] Call Trace: [ 197.065784] [ 197.066003] iommufd_ioas_destroy+0x53/0x70 [ 197.066420] iommufd_fops_release+0x1f7/0x370 [ 197.066875] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.067396] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.067909] ? write_comp_data+0x2f/0x90 [ 197.068339] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.068857] __fput+0x26d/0xa40 [ 197.069212] ____fput+0x1e/0x30 [ 197.069550] task_work_run+0x1a4/0x2d0 [ 197.069954] ? __pfx_task_work_run+0x10/0x10 [ 197.070406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.070933] ? switch_task_namespaces+0xa9/0xe0 [ 197.071434] do_exit+0xb17/0x2ef0 [ 197.071795] ? lock_acquire+0x427/0x4c0 [ 197.072216] ? __pfx_lock_release+0x10/0x10 [ 197.072666] ? __kasan_check_write+0x18/0x20 [ 197.073123] ? do_raw_spin_lock+0x132/0x2a0 [ 197.073560] ? __pfx_do_exit+0x10/0x10 [ 197.073963] ? debug_smp_processor_id+0x20/0x30 [ 197.074436] ? rcu_is_watching+0x19/0xb0 [ 197.074878] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.075363] ? trace_hardirqs_on+0x26/0x120 [ 197.075816] do_group_exit+0xe0/0x2b0 [ 197.076216] __x64_sys_exit_group+0x47/0x50 [ 197.076656] do_syscall_64+0x3b/0x90 [ 197.077055] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.077599] RIP: 0033:0x7f4b87518a4d [ 197.077980] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.078631] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.079420] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.080140] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.080863] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.081578] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.082301] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.083056] [ 197.083323] irq event stamp: 0 [ 197.083651] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.084297] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.085153] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.086002] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.086679] ---[ end trace 0000000000000000 ]--- [ 197.094073] ------------[ cut here ]------------ [ 197.095312] WARNING: CPU: 0 PID: 1875 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.096396] Modules linked in: [ 197.096717] CPU: 0 PID: 1875 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.097595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.098773] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.099386] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.101220] RSP: 0018:ffff888012bd7bb8 EFLAGS: 00010246 [ 197.101771] RAX: 0000000000000000 RBX: ffff888016e4b8a8 RCX: 0000000000000000 [ 197.102485] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 197.103264] RBP: ffff888012bd7bd0 R08: ffffed1002dc9733 R09: ffffed1002dc9733 [ 197.104062] R10: ffff888016e4b993 R11: ffffed1002dc9732 R12: ffff888014392000 [ 197.104795] R13: ffff888016e4b9e8 R14: ffffffff8352e670 R15: ffff888012bd7e68 [ 197.105505] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.106319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.106958] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 197.107774] PKRU: 55555554 [ 197.108080] Call Trace: [ 197.108346] [ 197.108579] __iommufd_access_detach+0x1c2/0x2b0 [ 197.109099] iommufd_access_change_pt+0x149/0x270 [ 197.109612] iommufd_access_replace+0xb4/0x120 [ 197.110091] iommufd_test+0x3e5/0x37e0 [ 197.110546] ? lock_release+0x532/0x770 [ 197.111052] ? __might_fault+0x102/0x1b0 [ 197.111499] ? lock_acquire+0x427/0x4c0 [ 197.111918] ? __pfx_iommufd_test+0x10/0x10 [ 197.112357] ? __pfx_lock_release+0x10/0x10 [ 197.112826] ? __pfx_lock_acquire+0x10/0x10 [ 197.113279] ? write_comp_data+0x2f/0x90 [ 197.113713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.114209] ? write_comp_data+0x2f/0x90 [ 197.114685] iommufd_fops_ioctl+0x37d/0x510 [ 197.115253] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.115768] ? write_comp_data+0x2f/0x90 [ 197.116188] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.116685] __x64_sys_ioctl+0x1a3/0x230 [ 197.117123] do_syscall_64+0x3b/0x90 [ 197.117512] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.118046] RIP: 0033:0x7f4b8743ee5d [ 197.118421] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.120326] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.121220] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.121938] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.122705] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.123484] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.124203] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.124938] [ 197.125179] irq event stamp: 0 [ 197.125506] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.126142] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.127024] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.127985] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.128621] ---[ end trace 0000000000000000 ]--- [ 197.132253] ------------[ cut here ]------------ [ 197.132778] WARNING: CPU: 0 PID: 1875 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.133804] Modules linked in: [ 197.134130] CPU: 0 PID: 1875 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.135467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.136637] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.137161] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.139071] RSP: 0018:ffff888012bd7bd0 EFLAGS: 00010246 [ 197.139697] RAX: 0000000000000000 RBX: ffff888016e4b8a8 RCX: 0000000000000000 [ 197.140443] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 197.141181] RBP: ffff888012bd7be8 R08: ffffed1002dc9733 R09: ffffed1002dc9733 [ 197.141899] R10: ffff888016e4b993 R11: ffffed1002dc9732 R12: ffff888013b22800 [ 197.142675] R13: ffff888016e4b9e8 R14: ffff8880149bd900 R15: 0000000000000000 [ 197.143486] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.144298] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.144909] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.145649] PKRU: 55555554 [ 197.145943] Call Trace: [ 197.146202] [ 197.146441] iommufd_access_destroy_object+0x65/0x170 [ 197.147036] iommufd_object_destroy_user+0x18e/0x220 [ 197.147686] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.148297] iommufd_access_destroy+0x43/0x70 [ 197.148776] iommufd_test_staccess_release+0x8d/0xd0 [ 197.149332] __fput+0x26d/0xa40 [ 197.149694] ____fput+0x1e/0x30 [ 197.150052] task_work_run+0x1a4/0x2d0 [ 197.150461] ? __pfx_task_work_run+0x10/0x10 [ 197.150986] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.151621] ? switch_task_namespaces+0xa9/0xe0 [ 197.152117] do_exit+0xb17/0x2ef0 [ 197.152483] ? lock_acquire+0x427/0x4c0 [ 197.152929] ? __pfx_lock_release+0x10/0x10 [ 197.153384] ? __kasan_check_write+0x18/0x20 [ 197.153864] ? do_raw_spin_lock+0x132/0x2a0 [ 197.154311] ? __pfx_do_exit+0x10/0x10 [ 197.154766] ? debug_smp_processor_id+0x20/0x30 [ 197.155365] ? rcu_is_watching+0x19/0xb0 [ 197.155786] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.156259] ? trace_hardirqs_on+0x26/0x120 [ 197.156717] do_group_exit+0xe0/0x2b0 [ 197.157116] __x64_sys_exit_group+0x47/0x50 [ 197.157568] do_syscall_64+0x3b/0x90 [ 197.157965] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.158498] RIP: 0033:0x7f4b87518a4d [ 197.159009] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.159690] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.160480] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.161206] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.161935] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.162711] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.163524] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.164272] [ 197.164521] irq event stamp: 0 [ 197.164857] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.165512] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.166375] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.167277] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.168013] ---[ end trace 0000000000000000 ]--- [ 197.169089] ------------[ cut here ]------------ [ 197.169613] WARNING: CPU: 1 PID: 1875 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.170757] Modules linked in: [ 197.171163] CPU: 1 PID: 1875 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.172068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.173230] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.173774] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.175824] RSP: 0018:ffff888012bd7b78 EFLAGS: 00010246 [ 197.176457] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.177184] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 197.177925] RBP: ffff888012bd7b98 R08: ffffed1002dc973e R09: ffffed1002dc973e [ 197.178693] R10: ffff888016e4b9ef R11: ffffed1002dc973d R12: ffff888016e4ba90 [ 197.179495] R13: ffff888016e4b8a8 R14: ffffffffffffffff R15: ffff888012bd7c60 [ 197.180224] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.181049] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.181644] CR2: 00007f82e2b3b000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 197.182379] PKRU: 55555554 [ 197.182720] Call Trace: [ 197.183043] [ 197.183333] iommufd_ioas_destroy+0x53/0x70 [ 197.183804] iommufd_fops_release+0x1f7/0x370 [ 197.184277] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.184804] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.185316] ? write_comp_data+0x2f/0x90 [ 197.185732] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.186248] __fput+0x26d/0xa40 [ 197.186659] ____fput+0x1e/0x30 [ 197.187016] task_work_run+0x1a4/0x2d0 [ 197.187405] ? __pfx_task_work_run+0x10/0x10 [ 197.187850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.188352] ? switch_task_namespaces+0xa9/0xe0 [ 197.188848] do_exit+0xb17/0x2ef0 [ 197.189204] ? lock_acquire+0x427/0x4c0 [ 197.189614] ? __pfx_lock_release+0x10/0x10 [ 197.190057] ? __kasan_check_write+0x18/0x20 [ 197.190532] ? do_raw_spin_lock+0x132/0x2a0 [ 197.190973] ? __pfx_do_exit+0x10/0x10 [ 197.191392] ? debug_smp_processor_id+0x20/0x30 [ 197.191865] ? rcu_is_watching+0x19/0xb0 [ 197.192283] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.192747] ? trace_hardirqs_on+0x26/0x120 [ 197.193188] do_group_exit+0xe0/0x2b0 [ 197.193574] __x64_sys_exit_group+0x47/0x50 [ 197.194010] do_syscall_64+0x3b/0x90 [ 197.194396] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.194951] RIP: 0033:0x7f4b87518a4d [ 197.195343] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.195978] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.196964] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.198338] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.199108] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.200248] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.200980] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.201715] [ 197.201953] irq event stamp: 0 [ 197.202274] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.203227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.204073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.204985] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.205745] ---[ end trace 0000000000000000 ]--- [ 197.210102] ------------[ cut here ]------------ [ 197.210665] WARNING: CPU: 1 PID: 1876 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.211711] Modules linked in: [ 197.212037] CPU: 1 PID: 1876 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.213387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.215081] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.215756] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.218250] RSP: 0018:ffff888014bb7bb8 EFLAGS: 00010246 [ 197.218990] RAX: 0000000000000000 RBX: ffff888018ab60a8 RCX: 0000000000000000 [ 197.220128] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 197.221033] RBP: ffff888014bb7bd0 R08: ffffed1003156c33 R09: ffffed1003156c33 [ 197.222050] R10: ffff888018ab6193 R11: ffffed1003156c32 R12: ffff888013f47c00 [ 197.223099] R13: ffff888018ab61e8 R14: ffffffff8352e670 R15: ffff888014bb7e68 [ 197.224032] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.225265] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.226004] CR2: 00007f4b877410e8 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 197.227062] PKRU: 55555554 [ 197.227562] Call Trace: [ 197.227898] [ 197.228197] __iommufd_access_detach+0x1c2/0x2b0 [ 197.228832] iommufd_access_change_pt+0x149/0x270 [ 197.229574] iommufd_access_replace+0xb4/0x120 [ 197.230220] iommufd_test+0x3e5/0x37e0 [ 197.230765] ? lock_release+0x532/0x770 [ 197.231442] ? __might_fault+0x102/0x1b0 [ 197.232091] ? lock_acquire+0x427/0x4c0 [ 197.232637] ? __pfx_iommufd_test+0x10/0x10 [ 197.233052] ? __pfx_lock_release+0x10/0x10 [ 197.233464] ? __pfx_lock_acquire+0x10/0x10 [ 197.234114] ? write_comp_data+0x2f/0x90 [ 197.234566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.235028] ? write_comp_data+0x2f/0x90 [ 197.235437] iommufd_fops_ioctl+0x37d/0x510 [ 197.235844] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.236414] ? write_comp_data+0x2f/0x90 [ 197.236882] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.237333] __x64_sys_ioctl+0x1a3/0x230 [ 197.237722] do_syscall_64+0x3b/0x90 [ 197.238080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.238769] RIP: 0033:0x7f4b8743ee5d [ 197.239135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.240849] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.241690] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.242351] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.243151] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.243882] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.244546] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.245255] [ 197.245586] irq event stamp: 0 [ 197.245891] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.246483] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.247293] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.248232] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.248819] ---[ end trace 0000000000000000 ]--- [ 197.252036] ------------[ cut here ]------------ [ 197.252599] WARNING: CPU: 1 PID: 1876 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.253548] Modules linked in: [ 197.253892] CPU: 1 PID: 1876 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.254834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.255902] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.256465] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.258248] RSP: 0018:ffff888014bb7bd0 EFLAGS: 00010246 [ 197.258900] RAX: 0000000000000000 RBX: ffff888018ab60a8 RCX: 0000000000000000 [ 197.259583] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 197.260250] RBP: ffff888014bb7be8 R08: ffffed1003156c33 R09: ffffed1003156c33 [ 197.261090] R10: ffff888018ab6193 R11: ffffed1003156c32 R12: ffff888010824c00 [ 197.261765] R13: ffff888018ab61e8 R14: ffff88800af2d300 R15: 0000000000000000 [ 197.262434] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.263385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.263936] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 197.264607] PKRU: 55555554 [ 197.264881] Call Trace: [ 197.265143] [ 197.265481] iommufd_access_destroy_object+0x65/0x170 [ 197.265981] iommufd_object_destroy_user+0x18e/0x220 [ 197.266462] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.267040] iommufd_access_destroy+0x43/0x70 [ 197.267524] iommufd_test_staccess_release+0x8d/0xd0 [ 197.268117] __fput+0x26d/0xa40 [ 197.268451] ____fput+0x1e/0x30 [ 197.268775] task_work_run+0x1a4/0x2d0 [ 197.269156] ? __pfx_task_work_run+0x10/0x10 [ 197.269621] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.270177] ? switch_task_namespaces+0xa9/0xe0 [ 197.270657] do_exit+0xb17/0x2ef0 [ 197.270985] ? lock_acquire+0x427/0x4c0 [ 197.271372] ? __pfx_lock_release+0x10/0x10 [ 197.271776] ? __kasan_check_write+0x18/0x20 [ 197.272341] ? do_raw_spin_lock+0x132/0x2a0 [ 197.272750] ? __pfx_do_exit+0x10/0x10 [ 197.273125] ? debug_smp_processor_id+0x20/0x30 [ 197.273565] ? rcu_is_watching+0x19/0xb0 [ 197.273952] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.274564] ? trace_hardirqs_on+0x26/0x120 [ 197.274986] do_group_exit+0xe0/0x2b0 [ 197.275355] __x64_sys_exit_group+0x47/0x50 [ 197.275759] do_syscall_64+0x3b/0x90 [ 197.276117] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.276658] RIP: 0033:0x7f4b87518a4d [ 197.277128] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.277703] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.278421] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.279291] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.279956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.280620] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.281418] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.282103] [ 197.282327] irq event stamp: 0 [ 197.282649] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.283247] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.284191] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.284967] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.285545] ---[ end trace 0000000000000000 ]--- [ 197.286578] ------------[ cut here ]------------ [ 197.287027] WARNING: CPU: 1 PID: 1876 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.288013] Modules linked in: [ 197.288415] CPU: 1 PID: 1876 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.289282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.290392] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.291022] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.292719] RSP: 0018:ffff888014bb7b78 EFLAGS: 00010246 [ 197.293378] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.294027] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 197.294710] RBP: ffff888014bb7b98 R08: ffffed1003156c3e R09: ffffed1003156c3e [ 197.295551] R10: ffff888018ab61ef R11: ffffed1003156c3d R12: ffff888018ab6290 [ 197.296203] R13: ffff888018ab60a8 R14: ffffffffffffffff R15: ffff888014bb7c60 [ 197.296857] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.297749] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.298287] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 197.298963] PKRU: 55555554 [ 197.299234] Call Trace: [ 197.299474] [ 197.299759] iommufd_ioas_destroy+0x53/0x70 [ 197.300209] iommufd_fops_release+0x1f7/0x370 [ 197.300630] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.301095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.301595] ? write_comp_data+0x2f/0x90 [ 197.302077] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.302561] __fput+0x26d/0xa40 [ 197.302885] ____fput+0x1e/0x30 [ 197.303211] task_work_run+0x1a4/0x2d0 [ 197.303580] ? __pfx_task_work_run+0x10/0x10 [ 197.304048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.304614] ? switch_task_namespaces+0xa9/0xe0 [ 197.305059] do_exit+0xb17/0x2ef0 [ 197.305388] ? lock_acquire+0x427/0x4c0 [ 197.305767] ? __pfx_lock_release+0x10/0x10 [ 197.306279] ? __kasan_check_write+0x18/0x20 [ 197.306753] ? do_raw_spin_lock+0x132/0x2a0 [ 197.307168] ? __pfx_do_exit+0x10/0x10 [ 197.307537] ? debug_smp_processor_id+0x20/0x30 [ 197.307977] ? rcu_is_watching+0x19/0xb0 [ 197.308360] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.308964] ? trace_hardirqs_on+0x26/0x120 [ 197.309373] do_group_exit+0xe0/0x2b0 [ 197.309728] __x64_sys_exit_group+0x47/0x50 [ 197.310126] do_syscall_64+0x3b/0x90 [ 197.310551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.311086] RIP: 0033:0x7f4b87518a4d [ 197.311446] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.312016] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.312718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.313511] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.314158] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.314835] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.315575] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.316323] [ 197.316540] irq event stamp: 0 [ 197.316833] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.317419] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.318336] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.319132] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.319721] ---[ end trace 0000000000000000 ]--- [ 197.324986] ------------[ cut here ]------------ [ 197.325474] WARNING: CPU: 1 PID: 1877 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.326493] Modules linked in: [ 197.326940] CPU: 1 PID: 1877 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.327746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.328819] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.329439] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.331103] RSP: 0018:ffff888012bd7bb8 EFLAGS: 00010246 [ 197.331593] RAX: 0000000000000000 RBX: ffff8880171be0a8 RCX: 0000000000000000 [ 197.332247] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 197.332890] RBP: ffff888012bd7bd0 R08: ffffed1002e37c33 R09: ffffed1002e37c33 [ 197.333542] R10: ffff8880171be193 R11: ffffed1002e37c32 R12: ffff88801351c000 [ 197.334187] R13: ffff8880171be1e8 R14: ffffffff8352e670 R15: ffff888012bd7e68 [ 197.334852] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.335596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.336125] CR2: 00007f4b877410e8 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 197.336778] PKRU: 55555554 [ 197.337034] Call Trace: [ 197.337269] [ 197.337479] __iommufd_access_detach+0x1c2/0x2b0 [ 197.337932] iommufd_access_change_pt+0x149/0x270 [ 197.338381] iommufd_access_replace+0xb4/0x120 [ 197.338826] iommufd_test+0x3e5/0x37e0 [ 197.339192] ? lock_release+0x532/0x770 [ 197.339570] ? __might_fault+0x102/0x1b0 [ 197.339948] ? lock_acquire+0x427/0x4c0 [ 197.340319] ? __pfx_iommufd_test+0x10/0x10 [ 197.340713] ? __pfx_lock_release+0x10/0x10 [ 197.341115] ? __pfx_lock_acquire+0x10/0x10 [ 197.341517] ? write_comp_data+0x2f/0x90 [ 197.341897] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.342340] ? write_comp_data+0x2f/0x90 [ 197.342741] iommufd_fops_ioctl+0x37d/0x510 [ 197.343153] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.343599] ? write_comp_data+0x2f/0x90 [ 197.343960] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.344375] __x64_sys_ioctl+0x1a3/0x230 [ 197.344735] do_syscall_64+0x3b/0x90 [ 197.345081] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.345536] RIP: 0033:0x7f4b8743ee5d [ 197.345858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.347442] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.348103] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.348717] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.349326] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.349935] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.350566] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.351191] [ 197.351394] irq event stamp: 0 [ 197.351664] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.352203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.352918] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.353631] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.354179] ---[ end trace 0000000000000000 ]--- [ 197.357134] ------------[ cut here ]------------ [ 197.357568] WARNING: CPU: 1 PID: 1877 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.358431] Modules linked in: [ 197.358751] CPU: 1 PID: 1877 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.359513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.360476] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.360905] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.362457] RSP: 0018:ffff888012bd7bd0 EFLAGS: 00010246 [ 197.362931] RAX: 0000000000000000 RBX: ffff8880171be0a8 RCX: 0000000000000000 [ 197.363550] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 197.364158] RBP: ffff888012bd7be8 R08: ffffed1002e37c33 R09: ffffed1002e37c33 [ 197.364770] R10: ffff8880171be193 R11: ffffed1002e37c32 R12: ffff888013f45400 [ 197.365372] R13: ffff8880171be1e8 R14: ffff88800f7e0f00 R15: 0000000000000000 [ 197.365980] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.366688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.367198] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 197.367808] PKRU: 55555554 [ 197.368052] Call Trace: [ 197.368274] [ 197.368473] iommufd_access_destroy_object+0x65/0x170 [ 197.368920] iommufd_object_destroy_user+0x18e/0x220 [ 197.369377] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.369881] iommufd_access_destroy+0x43/0x70 [ 197.370279] iommufd_test_staccess_release+0x8d/0xd0 [ 197.370745] __fput+0x26d/0xa40 [ 197.371048] ____fput+0x1e/0x30 [ 197.371368] task_work_run+0x1a4/0x2d0 [ 197.371718] ? __pfx_task_work_run+0x10/0x10 [ 197.372107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.372531] ? switch_task_namespaces+0xa9/0xe0 [ 197.372942] do_exit+0xb17/0x2ef0 [ 197.373246] ? lock_acquire+0x427/0x4c0 [ 197.373600] ? __pfx_lock_release+0x10/0x10 [ 197.373978] ? __kasan_check_write+0x18/0x20 [ 197.374359] ? do_raw_spin_lock+0x132/0x2a0 [ 197.374749] ? __pfx_do_exit+0x10/0x10 [ 197.375093] ? debug_smp_processor_id+0x20/0x30 [ 197.375509] ? rcu_is_watching+0x19/0xb0 [ 197.375862] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.376258] ? trace_hardirqs_on+0x26/0x120 [ 197.376639] do_group_exit+0xe0/0x2b0 [ 197.376951] __x64_sys_exit_group+0x47/0x50 [ 197.377298] do_syscall_64+0x3b/0x90 [ 197.377612] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.378039] RIP: 0033:0x7f4b87518a4d [ 197.378340] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.378854] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.379478] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.380052] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.380625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.381196] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.381769] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.382349] [ 197.382564] irq event stamp: 0 [ 197.382821] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.383337] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.384012] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.384684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.385191] ---[ end trace 0000000000000000 ]--- [ 197.385896] ------------[ cut here ]------------ [ 197.386277] WARNING: CPU: 1 PID: 1877 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.387121] Modules linked in: [ 197.387388] CPU: 1 PID: 1877 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.388099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.389010] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.389427] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.390903] RSP: 0018:ffff888012bd7b78 EFLAGS: 00010246 [ 197.391342] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.391915] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 197.392487] RBP: ffff888012bd7b98 R08: ffffed1002e37c3e R09: ffffed1002e37c3e [ 197.393060] R10: ffff8880171be1ef R11: ffffed1002e37c3d R12: ffff8880171be290 [ 197.393634] R13: ffff8880171be0a8 R14: ffffffffffffffff R15: ffff888012bd7c60 [ 197.394209] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.394877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.395356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 197.395932] PKRU: 55555554 [ 197.396164] Call Trace: [ 197.396376] [ 197.396560] iommufd_ioas_destroy+0x53/0x70 [ 197.396920] iommufd_fops_release+0x1f7/0x370 [ 197.397293] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.397700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.398108] ? write_comp_data+0x2f/0x90 [ 197.398447] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.398871] __fput+0x26d/0xa40 [ 197.399165] ____fput+0x1e/0x30 [ 197.399443] task_work_run+0x1a4/0x2d0 [ 197.399770] ? __pfx_task_work_run+0x10/0x10 [ 197.400133] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.400531] ? switch_task_namespaces+0xa9/0xe0 [ 197.400922] do_exit+0xb17/0x2ef0 [ 197.401207] ? lock_acquire+0x427/0x4c0 [ 197.401543] ? __pfx_lock_release+0x10/0x10 [ 197.401903] ? __kasan_check_write+0x18/0x20 [ 197.402275] ? do_raw_spin_lock+0x132/0x2a0 [ 197.402644] ? __pfx_do_exit+0x10/0x10 [ 197.402972] ? debug_smp_processor_id+0x20/0x30 [ 197.403361] ? rcu_is_watching+0x19/0xb0 [ 197.403693] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.404072] ? trace_hardirqs_on+0x26/0x120 [ 197.404432] do_group_exit+0xe0/0x2b0 [ 197.404744] __x64_sys_exit_group+0x47/0x50 [ 197.405101] do_syscall_64+0x3b/0x90 [ 197.405414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.405839] RIP: 0033:0x7f4b87518a4d [ 197.406141] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.406654] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.407282] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.407854] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.408427] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.408998] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.409572] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.410153] [ 197.410342] irq event stamp: 0 [ 197.410613] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.411127] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.411787] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.412440] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.412930] ---[ end trace 0000000000000000 ]--- [ 197.417504] ------------[ cut here ]------------ [ 197.417914] WARNING: CPU: 0 PID: 1878 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.418881] Modules linked in: [ 197.419158] CPU: 0 PID: 1878 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.419838] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.420708] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.421098] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.422530] RSP: 0018:ffff8880179afbb8 EFLAGS: 00010246 [ 197.422945] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 197.423509] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 197.424058] RBP: ffff8880179afbd0 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 197.424604] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff8880138acc00 [ 197.425145] R13: ffff888017a461e8 R14: ffffffff8352e670 R15: ffff8880179afe68 [ 197.425685] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.426304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.426761] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 197.427318] PKRU: 55555554 [ 197.427535] Call Trace: [ 197.427732] [ 197.427907] __iommufd_access_detach+0x1c2/0x2b0 [ 197.428284] iommufd_access_change_pt+0x149/0x270 [ 197.428662] iommufd_access_replace+0xb4/0x120 [ 197.429022] iommufd_test+0x3e5/0x37e0 [ 197.429320] ? lock_release+0x532/0x770 [ 197.429634] ? __might_fault+0x102/0x1b0 [ 197.429952] ? lock_acquire+0x427/0x4c0 [ 197.430269] ? __pfx_iommufd_test+0x10/0x10 [ 197.430616] ? __pfx_lock_release+0x10/0x10 [ 197.430956] ? __pfx_lock_acquire+0x10/0x10 [ 197.431315] ? write_comp_data+0x2f/0x90 [ 197.431639] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.432018] ? write_comp_data+0x2f/0x90 [ 197.432341] iommufd_fops_ioctl+0x37d/0x510 [ 197.432679] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.433058] ? write_comp_data+0x2f/0x90 [ 197.433380] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.433756] __x64_sys_ioctl+0x1a3/0x230 [ 197.434077] do_syscall_64+0x3b/0x90 [ 197.434378] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.434801] RIP: 0033:0x7f4b8743ee5d [ 197.435091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.436483] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.437076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.437621] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.438164] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.438722] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.439274] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.439829] [ 197.440010] irq event stamp: 0 [ 197.440251] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.440734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.441377] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.442015] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.442493] ---[ end trace 0000000000000000 ]--- [ 197.445188] ------------[ cut here ]------------ [ 197.445578] WARNING: CPU: 0 PID: 1878 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.446351] Modules linked in: [ 197.446624] CPU: 0 PID: 1878 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.447307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.448179] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.448565] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.449957] RSP: 0018:ffff8880179afbd0 EFLAGS: 00010246 [ 197.450362] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 197.450919] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 197.451481] RBP: ffff8880179afbe8 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 197.452034] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff888014390800 [ 197.452607] R13: ffff888017a461e8 R14: ffff8880143ff700 R15: 0000000000000000 [ 197.453356] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.453973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.454464] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.455137] PKRU: 55555554 [ 197.455360] Call Trace: [ 197.455560] [ 197.455738] iommufd_access_destroy_object+0x65/0x170 [ 197.456140] iommufd_object_destroy_user+0x18e/0x220 [ 197.456603] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.457105] iommufd_access_destroy+0x43/0x70 [ 197.457460] iommufd_test_staccess_release+0x8d/0xd0 [ 197.457865] __fput+0x26d/0xa40 [ 197.458178] ____fput+0x1e/0x30 [ 197.458540] task_work_run+0x1a4/0x2d0 [ 197.458854] ? __pfx_task_work_run+0x10/0x10 [ 197.459213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.459599] ? switch_task_namespaces+0xa9/0xe0 [ 197.459977] do_exit+0xb17/0x2ef0 [ 197.460402] ? lock_acquire+0x427/0x4c0 [ 197.460729] ? __pfx_lock_release+0x10/0x10 [ 197.461076] ? __kasan_check_write+0x18/0x20 [ 197.461425] ? do_raw_spin_lock+0x132/0x2a0 [ 197.461796] ? __pfx_do_exit+0x10/0x10 [ 197.462199] ? debug_smp_processor_id+0x20/0x30 [ 197.462595] ? rcu_is_watching+0x19/0xb0 [ 197.462919] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.463294] ? trace_hardirqs_on+0x26/0x120 [ 197.463663] do_group_exit+0xe0/0x2b0 [ 197.464075] __x64_sys_exit_group+0x47/0x50 [ 197.464417] do_syscall_64+0x3b/0x90 [ 197.464720] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.465134] RIP: 0033:0x7f4b87518a4d [ 197.465472] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.466050] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.466670] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.467241] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.467933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.468494] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.469066] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.469745] [ 197.469932] irq event stamp: 0 [ 197.470182] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.470706] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.471551] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.472202] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.472700] ---[ end trace 0000000000000000 ]--- [ 197.473529] ------------[ cut here ]------------ [ 197.473901] WARNING: CPU: 0 PID: 1878 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.474877] Modules linked in: [ 197.475148] CPU: 0 PID: 1878 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.475831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.476843] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.477253] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.478843] RSP: 0018:ffff8880179afb78 EFLAGS: 00010246 [ 197.479274] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.479828] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 197.480522] RBP: ffff8880179afb98 R08: ffffed1002f48c3e R09: ffffed1002f48c3e [ 197.481076] R10: ffff888017a461ef R11: ffffed1002f48c3d R12: ffff888017a46290 [ 197.481646] R13: ffff888017a460a8 R14: ffffffffffffffff R15: ffff8880179afc60 [ 197.482305] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.482955] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.483423] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.484132] PKRU: 55555554 [ 197.484358] Call Trace: [ 197.484558] [ 197.484736] iommufd_ioas_destroy+0x53/0x70 [ 197.485084] iommufd_fops_release+0x1f7/0x370 [ 197.485585] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.485981] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.486373] ? write_comp_data+0x2f/0x90 [ 197.486736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.487158] __fput+0x26d/0xa40 [ 197.487514] ____fput+0x1e/0x30 [ 197.487881] task_work_run+0x1a4/0x2d0 [ 197.488213] ? __pfx_task_work_run+0x10/0x10 [ 197.488584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.488990] ? switch_task_namespaces+0xa9/0xe0 [ 197.489525] do_exit+0xb17/0x2ef0 [ 197.489810] ? lock_acquire+0x427/0x4c0 [ 197.490144] ? __pfx_lock_release+0x10/0x10 [ 197.490533] ? __kasan_check_write+0x18/0x20 [ 197.490900] ? do_raw_spin_lock+0x132/0x2a0 [ 197.491315] ? __pfx_do_exit+0x10/0x10 [ 197.491727] ? debug_smp_processor_id+0x20/0x30 [ 197.492109] ? rcu_is_watching+0x19/0xb0 [ 197.492440] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.492822] ? trace_hardirqs_on+0x26/0x120 [ 197.493339] do_group_exit+0xe0/0x2b0 [ 197.493658] __x64_sys_exit_group+0x47/0x50 [ 197.494017] do_syscall_64+0x3b/0x90 [ 197.494334] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.494940] RIP: 0033:0x7f4b87518a4d [ 197.495261] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.495764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.496377] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.497105] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.497688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.498269] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.499033] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.499634] [ 197.499830] irq event stamp: 0 [ 197.500088] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.500632] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.501452] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.502124] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.502836] ---[ end trace 0000000000000000 ]--- [ 197.507754] ------------[ cut here ]------------ [ 197.508240] WARNING: CPU: 0 PID: 1879 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.509174] Modules linked in: [ 197.509439] CPU: 0 PID: 1879 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.510304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.511487] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.511901] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.513525] RSP: 0018:ffff888015a4fbb8 EFLAGS: 00010246 [ 197.513963] RAX: 0000000000000000 RBX: ffff888018b250a8 RCX: 0000000000000000 [ 197.514566] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 197.515173] RBP: ffff888015a4fbd0 R08: ffffed1003164a33 R09: ffffed1003164a33 [ 197.515757] R10: ffff888018b25193 R11: ffffed1003164a32 R12: ffff888010827400 [ 197.516336] R13: ffff888018b251e8 R14: ffffffff8352e670 R15: ffff888015a4fe68 [ 197.516908] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.517548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.518011] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 197.518598] PKRU: 55555554 [ 197.518826] Call Trace: [ 197.519032] [ 197.519222] __iommufd_access_detach+0x1c2/0x2b0 [ 197.519621] iommufd_access_change_pt+0x149/0x270 [ 197.520019] iommufd_access_replace+0xb4/0x120 [ 197.520399] iommufd_test+0x3e5/0x37e0 [ 197.520714] ? lock_release+0x532/0x770 [ 197.521048] ? __might_fault+0x102/0x1b0 [ 197.521383] ? lock_acquire+0x427/0x4c0 [ 197.521714] ? __pfx_iommufd_test+0x10/0x10 [ 197.522060] ? __pfx_lock_release+0x10/0x10 [ 197.522413] ? __pfx_lock_acquire+0x10/0x10 [ 197.522786] ? write_comp_data+0x2f/0x90 [ 197.523137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.523534] ? write_comp_data+0x2f/0x90 [ 197.523873] iommufd_fops_ioctl+0x37d/0x510 [ 197.524227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.524623] ? write_comp_data+0x2f/0x90 [ 197.524960] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.525350] __x64_sys_ioctl+0x1a3/0x230 [ 197.525687] do_syscall_64+0x3b/0x90 [ 197.525998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.526422] RIP: 0033:0x7f4b8743ee5d [ 197.526741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.528210] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.528822] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.529391] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.529962] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.530554] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.531135] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.531715] [ 197.531906] irq event stamp: 0 [ 197.532162] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.532668] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.533342] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.534009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.534531] ---[ end trace 0000000000000000 ]--- [ 197.537676] ------------[ cut here ]------------ [ 197.538074] WARNING: CPU: 0 PID: 1879 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.538928] Modules linked in: [ 197.539224] CPU: 0 PID: 1879 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.540089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.541015] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.541533] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.543183] RSP: 0018:ffff888015a4fbd0 EFLAGS: 00010246 [ 197.543614] RAX: 0000000000000000 RBX: ffff888018b250a8 RCX: 0000000000000000 [ 197.544186] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 197.544800] RBP: ffff888015a4fbe8 R08: ffffed1003164a33 R09: ffffed1003164a33 [ 197.545473] R10: ffff888018b25193 R11: ffffed1003164a32 R12: ffff8880138ae400 [ 197.546043] R13: ffff888018b251e8 R14: ffff888015acb000 R15: 0000000000000000 [ 197.546774] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.547432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.547901] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.548500] PKRU: 55555554 [ 197.548873] Call Trace: [ 197.549083] [ 197.549265] iommufd_access_destroy_object+0x65/0x170 [ 197.549691] iommufd_object_destroy_user+0x18e/0x220 [ 197.550108] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.550605] iommufd_access_destroy+0x43/0x70 [ 197.550982] iommufd_test_staccess_release+0x8d/0xd0 [ 197.551413] __fput+0x26d/0xa40 [ 197.551695] ____fput+0x1e/0x30 [ 197.551970] task_work_run+0x1a4/0x2d0 [ 197.552295] ? __pfx_task_work_run+0x10/0x10 [ 197.552655] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.553055] ? switch_task_namespaces+0xa9/0xe0 [ 197.553442] do_exit+0xb17/0x2ef0 [ 197.553721] ? lock_acquire+0x427/0x4c0 [ 197.554052] ? __pfx_lock_release+0x10/0x10 [ 197.554405] ? __kasan_check_write+0x18/0x20 [ 197.554785] ? do_raw_spin_lock+0x132/0x2a0 [ 197.555148] ? __pfx_do_exit+0x10/0x10 [ 197.555472] ? debug_smp_processor_id+0x20/0x30 [ 197.555850] ? rcu_is_watching+0x19/0xb0 [ 197.556182] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.556552] ? trace_hardirqs_on+0x26/0x120 [ 197.556907] do_group_exit+0xe0/0x2b0 [ 197.557216] __x64_sys_exit_group+0x47/0x50 [ 197.557562] do_syscall_64+0x3b/0x90 [ 197.557871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.558295] RIP: 0033:0x7f4b87518a4d [ 197.558609] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.559104] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.559721] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.560288] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.560855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.561421] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.561988] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.562579] [ 197.562771] irq event stamp: 0 [ 197.563029] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.563544] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.564211] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.564876] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.565372] ---[ end trace 0000000000000000 ]--- [ 197.566066] ------------[ cut here ]------------ [ 197.566432] WARNING: CPU: 0 PID: 1879 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.567255] Modules linked in: [ 197.567509] CPU: 0 PID: 1879 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.568187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.569056] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.569456] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.570876] RSP: 0018:ffff888015a4fb78 EFLAGS: 00010246 [ 197.571298] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.571844] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 197.572393] RBP: ffff888015a4fb98 R08: ffffed1003164a3e R09: ffffed1003164a3e [ 197.572942] R10: ffff888018b251ef R11: ffffed1003164a3d R12: ffff888018b25290 [ 197.573482] R13: ffff888018b250a8 R14: ffffffffffffffff R15: ffff888015a4fc60 [ 197.574029] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.574661] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.575106] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.575661] PKRU: 55555554 [ 197.575878] Call Trace: [ 197.576074] [ 197.576250] iommufd_ioas_destroy+0x53/0x70 [ 197.576587] iommufd_fops_release+0x1f7/0x370 [ 197.576937] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.577322] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.577704] ? write_comp_data+0x2f/0x90 [ 197.578024] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.578412] __fput+0x26d/0xa40 [ 197.578699] ____fput+0x1e/0x30 [ 197.578965] task_work_run+0x1a4/0x2d0 [ 197.579286] ? __pfx_task_work_run+0x10/0x10 [ 197.579639] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.580019] ? switch_task_namespaces+0xa9/0xe0 [ 197.580401] do_exit+0xb17/0x2ef0 [ 197.580669] ? lock_acquire+0x427/0x4c0 [ 197.580986] ? __pfx_lock_release+0x10/0x10 [ 197.581325] ? __kasan_check_write+0x18/0x20 [ 197.581671] ? do_raw_spin_lock+0x132/0x2a0 [ 197.582010] ? __pfx_do_exit+0x10/0x10 [ 197.582320] ? debug_smp_processor_id+0x20/0x30 [ 197.582708] ? rcu_is_watching+0x19/0xb0 [ 197.583030] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.583398] ? trace_hardirqs_on+0x26/0x120 [ 197.583737] do_group_exit+0xe0/0x2b0 [ 197.584034] __x64_sys_exit_group+0x47/0x50 [ 197.584366] do_syscall_64+0x3b/0x90 [ 197.584661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.585067] RIP: 0033:0x7f4b87518a4d [ 197.585356] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.585831] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.586411] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.586973] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.587557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.588102] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.588652] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.589200] [ 197.589379] irq event stamp: 0 [ 197.589622] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.590104] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.590767] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.591422] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.591903] ---[ end trace 0000000000000000 ]--- [ 197.596648] ------------[ cut here ]------------ [ 197.597032] WARNING: CPU: 0 PID: 1880 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.597804] Modules linked in: [ 197.598050] CPU: 0 PID: 1880 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.598742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.599613] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.599995] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.601381] RSP: 0018:ffff88800af3fbb8 EFLAGS: 00010246 [ 197.601787] RAX: 0000000000000000 RBX: ffff888012dc40a8 RCX: 0000000000000000 [ 197.602330] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 197.602890] RBP: ffff88800af3fbd0 R08: ffffed10025b8833 R09: ffffed10025b8833 [ 197.603446] R10: ffff888012dc4193 R11: ffffed10025b8832 R12: ffff8880140ed400 [ 197.603988] R13: ffff888012dc41e8 R14: ffffffff8352e670 R15: ffff88800af3fe68 [ 197.604532] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.605142] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.605585] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 197.606129] PKRU: 55555554 [ 197.606348] Call Trace: [ 197.606560] [ 197.606736] __iommufd_access_detach+0x1c2/0x2b0 [ 197.607123] iommufd_access_change_pt+0x149/0x270 [ 197.607507] iommufd_access_replace+0xb4/0x120 [ 197.607880] iommufd_test+0x3e5/0x37e0 [ 197.608181] ? lock_release+0x532/0x770 [ 197.608498] ? __might_fault+0x102/0x1b0 [ 197.608815] ? lock_acquire+0x427/0x4c0 [ 197.609127] ? __pfx_iommufd_test+0x10/0x10 [ 197.609457] ? __pfx_lock_release+0x10/0x10 [ 197.609793] ? __pfx_lock_acquire+0x10/0x10 [ 197.610132] ? write_comp_data+0x2f/0x90 [ 197.610452] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.610850] ? write_comp_data+0x2f/0x90 [ 197.611182] iommufd_fops_ioctl+0x37d/0x510 [ 197.611526] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.611906] ? write_comp_data+0x2f/0x90 [ 197.612225] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.612596] __x64_sys_ioctl+0x1a3/0x230 [ 197.612919] do_syscall_64+0x3b/0x90 [ 197.613214] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.613619] RIP: 0033:0x7f4b8743ee5d [ 197.613905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.615331] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.615918] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.616469] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.617015] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.617561] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.618101] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.618670] [ 197.618851] irq event stamp: 0 [ 197.619094] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.619583] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.620221] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.620855] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.621332] ---[ end trace 0000000000000000 ]--- [ 197.624022] ------------[ cut here ]------------ [ 197.624386] WARNING: CPU: 0 PID: 1880 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.625137] Modules linked in: [ 197.625378] CPU: 0 PID: 1880 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.626023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.627056] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.627446] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.628795] RSP: 0018:ffff88800af3fbd0 EFLAGS: 00010246 [ 197.629192] RAX: 0000000000000000 RBX: ffff888012dc40a8 RCX: 0000000000000000 [ 197.629721] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 197.630250] RBP: ffff88800af3fbe8 R08: ffffed10025b8833 R09: ffffed10025b8833 [ 197.630792] R10: ffff888012dc4193 R11: ffffed10025b8832 R12: ffff8880129c7c00 [ 197.631323] R13: ffff888012dc41e8 R14: ffff88800af2da00 R15: 0000000000000000 [ 197.631795] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.632387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.632819] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.633354] PKRU: 55555554 [ 197.633566] Call Trace: [ 197.633760] [ 197.633931] iommufd_access_destroy_object+0x65/0x170 [ 197.634321] iommufd_object_destroy_user+0x18e/0x220 [ 197.634732] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.635189] iommufd_access_destroy+0x43/0x70 [ 197.635537] iommufd_test_staccess_release+0x8d/0xd0 [ 197.635927] __fput+0x26d/0xa40 [ 197.636189] ____fput+0x1e/0x30 [ 197.636446] task_work_run+0x1a4/0x2d0 [ 197.636747] ? __pfx_task_work_run+0x10/0x10 [ 197.637082] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.637455] ? switch_task_namespaces+0xa9/0xe0 [ 197.637817] do_exit+0xb17/0x2ef0 [ 197.638078] ? lock_acquire+0x427/0x4c0 [ 197.638391] ? __pfx_lock_release+0x10/0x10 [ 197.638743] ? __kasan_check_write+0x18/0x20 [ 197.639081] ? do_raw_spin_lock+0x132/0x2a0 [ 197.639418] ? __pfx_do_exit+0x10/0x10 [ 197.639720] ? debug_smp_processor_id+0x20/0x30 [ 197.640080] ? rcu_is_watching+0x19/0xb0 [ 197.640390] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.640739] ? trace_hardirqs_on+0x26/0x120 [ 197.641070] do_group_exit+0xe0/0x2b0 [ 197.641360] __x64_sys_exit_group+0x47/0x50 [ 197.641686] do_syscall_64+0x3b/0x90 [ 197.641975] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.642372] RIP: 0033:0x7f4b87518a4d [ 197.642673] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.643159] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.643725] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.644256] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.644786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.645315] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.645842] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.646378] [ 197.646572] irq event stamp: 0 [ 197.646810] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.647294] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.647922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.648545] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.649017] ---[ end trace 0000000000000000 ]--- [ 197.649679] ------------[ cut here ]------------ [ 197.650029] WARNING: CPU: 0 PID: 1880 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.650810] Modules linked in: [ 197.651059] CPU: 0 PID: 1880 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.651722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.652559] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.652946] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.654302] RSP: 0018:ffff88800af3fb78 EFLAGS: 00010246 [ 197.654725] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.655271] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 197.655797] RBP: ffff88800af3fb98 R08: ffffed10025b883e R09: ffffed10025b883e [ 197.656327] R10: ffff888012dc41ef R11: ffffed10025b883d R12: ffff888012dc4290 [ 197.656856] R13: ffff888012dc40a8 R14: ffffffffffffffff R15: ffff88800af3fc60 [ 197.657388] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.657984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.658415] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.658961] PKRU: 55555554 [ 197.659185] Call Trace: [ 197.659381] [ 197.659552] iommufd_ioas_destroy+0x53/0x70 [ 197.659884] iommufd_fops_release+0x1f7/0x370 [ 197.660228] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.660605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.660979] ? write_comp_data+0x2f/0x90 [ 197.661292] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.661666] __fput+0x26d/0xa40 [ 197.661928] ____fput+0x1e/0x30 [ 197.662187] task_work_run+0x1a4/0x2d0 [ 197.662534] ? __pfx_task_work_run+0x10/0x10 [ 197.662874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.663262] ? switch_task_namespaces+0xa9/0xe0 [ 197.663621] do_exit+0xb17/0x2ef0 [ 197.663884] ? lock_acquire+0x427/0x4c0 [ 197.664191] ? __pfx_lock_release+0x10/0x10 [ 197.664540] ? __kasan_check_write+0x18/0x20 [ 197.664877] ? do_raw_spin_lock+0x132/0x2a0 [ 197.665207] ? __pfx_do_exit+0x10/0x10 [ 197.665509] ? debug_smp_processor_id+0x20/0x30 [ 197.665863] ? rcu_is_watching+0x19/0xb0 [ 197.666170] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.666535] ? trace_hardirqs_on+0x26/0x120 [ 197.666872] do_group_exit+0xe0/0x2b0 [ 197.667171] __x64_sys_exit_group+0x47/0x50 [ 197.667496] do_syscall_64+0x3b/0x90 [ 197.667784] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.668179] RIP: 0033:0x7f4b87518a4d [ 197.668457] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.668915] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.669482] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.670016] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.670565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.671103] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.671650] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.672194] [ 197.672374] irq event stamp: 0 [ 197.672614] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.673099] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.673725] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.674344] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.674831] ---[ end trace 0000000000000000 ]--- [ 197.679275] ------------[ cut here ]------------ [ 197.679651] WARNING: CPU: 0 PID: 1881 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.680402] Modules linked in: [ 197.680642] CPU: 0 PID: 1881 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.681286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.682113] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.682484] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.683900] RSP: 0018:ffff888020dbfbb8 EFLAGS: 00010246 [ 197.684301] RAX: 0000000000000000 RBX: ffff8880137c30a8 RCX: 0000000000000000 [ 197.684826] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 197.685351] RBP: ffff888020dbfbd0 R08: ffffed10026f8633 R09: ffffed10026f8633 [ 197.685878] R10: ffff8880137c3193 R11: ffffed10026f8632 R12: ffff888011d3ac00 [ 197.686406] R13: ffff8880137c31e8 R14: ffffffff8352e670 R15: ffff888020dbfe68 [ 197.686955] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.687564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.687996] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 197.688525] PKRU: 55555554 [ 197.688737] Call Trace: [ 197.688926] [ 197.689095] __iommufd_access_detach+0x1c2/0x2b0 [ 197.689460] iommufd_access_change_pt+0x149/0x270 [ 197.689828] iommufd_access_replace+0xb4/0x120 [ 197.690178] iommufd_test+0x3e5/0x37e0 [ 197.690470] ? lock_release+0x532/0x770 [ 197.690794] ? __might_fault+0x102/0x1b0 [ 197.691107] ? lock_acquire+0x427/0x4c0 [ 197.691421] ? __pfx_iommufd_test+0x10/0x10 [ 197.691746] ? __pfx_lock_release+0x10/0x10 [ 197.692076] ? __pfx_lock_acquire+0x10/0x10 [ 197.692408] ? write_comp_data+0x2f/0x90 [ 197.692721] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.693090] ? write_comp_data+0x2f/0x90 [ 197.693403] iommufd_fops_ioctl+0x37d/0x510 [ 197.693730] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.694098] ? write_comp_data+0x2f/0x90 [ 197.694409] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.694784] __x64_sys_ioctl+0x1a3/0x230 [ 197.695097] do_syscall_64+0x3b/0x90 [ 197.695394] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.695785] RIP: 0033:0x7f4b8743ee5d [ 197.696064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.697413] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.697970] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.698500] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.699045] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.699570] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.700086] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.700610] [ 197.700781] irq event stamp: 0 [ 197.701010] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.701466] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.702073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.702694] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.703174] ---[ end trace 0000000000000000 ]--- [ 197.705822] ------------[ cut here ]------------ [ 197.706200] WARNING: CPU: 0 PID: 1881 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.706978] Modules linked in: [ 197.707230] CPU: 0 PID: 1881 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.707881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.708713] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.709136] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.710822] RSP: 0018:ffff888020dbfbd0 EFLAGS: 00010246 [ 197.711235] RAX: 0000000000000000 RBX: ffff8880137c30a8 RCX: 0000000000000000 [ 197.711904] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 197.712431] RBP: ffff888020dbfbe8 R08: ffffed10026f8633 R09: ffffed10026f8633 [ 197.712960] R10: ffff8880137c3193 R11: ffffed10026f8632 R12: ffff8880140ef400 [ 197.713495] R13: ffff8880137c31e8 R14: ffff888012de2c00 R15: 0000000000000000 [ 197.714096] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.714795] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.715241] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.715769] PKRU: 55555554 [ 197.715980] Call Trace: [ 197.716171] [ 197.716340] iommufd_access_destroy_object+0x65/0x170 [ 197.716736] iommufd_object_destroy_user+0x18e/0x220 [ 197.717155] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.717701] iommufd_access_destroy+0x43/0x70 [ 197.718046] iommufd_test_staccess_release+0x8d/0xd0 [ 197.718433] __fput+0x26d/0xa40 [ 197.718714] ____fput+0x1e/0x30 [ 197.718971] task_work_run+0x1a4/0x2d0 [ 197.719278] ? __pfx_task_work_run+0x10/0x10 [ 197.719616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.720021] ? switch_task_namespaces+0xa9/0xe0 [ 197.720488] do_exit+0xb17/0x2ef0 [ 197.720748] ? lock_acquire+0x427/0x4c0 [ 197.721053] ? __pfx_lock_release+0x10/0x10 [ 197.721380] ? __kasan_check_write+0x18/0x20 [ 197.721712] ? do_raw_spin_lock+0x132/0x2a0 [ 197.722035] ? __pfx_do_exit+0x10/0x10 [ 197.722332] ? debug_smp_processor_id+0x20/0x30 [ 197.722817] ? rcu_is_watching+0x19/0xb0 [ 197.723206] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.723554] ? trace_hardirqs_on+0x26/0x120 [ 197.723884] do_group_exit+0xe0/0x2b0 [ 197.724175] __x64_sys_exit_group+0x47/0x50 [ 197.724496] do_syscall_64+0x3b/0x90 [ 197.724783] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.725168] RIP: 0033:0x7f4b87518a4d [ 197.725449] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.725904] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.726722] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.727263] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.727789] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.728317] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.728942] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.729571] [ 197.729746] irq event stamp: 0 [ 197.729980] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.730550] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.731260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.731883] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.732384] ---[ end trace 0000000000000000 ]--- [ 197.733158] ------------[ cut here ]------------ [ 197.733514] WARNING: CPU: 0 PID: 1881 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.734431] Modules linked in: [ 197.734703] CPU: 0 PID: 1881 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.735375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.736363] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.736758] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.738264] RSP: 0018:ffff888020dbfb78 EFLAGS: 00010246 [ 197.738685] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.739223] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 197.739913] RBP: ffff888020dbfb98 R08: ffffed10026f863e R09: ffffed10026f863e [ 197.740445] R10: ffff8880137c31ef R11: ffffed10026f863d R12: ffff8880137c3290 [ 197.740979] R13: ffff8880137c30a8 R14: ffffffffffffffff R15: ffff888020dbfc60 [ 197.741661] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.742273] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.742753] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.743405] PKRU: 55555554 [ 197.743625] Call Trace: [ 197.743820] [ 197.743993] iommufd_ioas_destroy+0x53/0x70 [ 197.744331] iommufd_fops_release+0x1f7/0x370 [ 197.744765] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.745199] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.745584] ? write_comp_data+0x2f/0x90 [ 197.745905] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.746333] __fput+0x26d/0xa40 [ 197.746705] ____fput+0x1e/0x30 [ 197.746969] task_work_run+0x1a4/0x2d0 [ 197.747290] ? __pfx_task_work_run+0x10/0x10 [ 197.747632] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.748085] ? switch_task_namespaces+0xa9/0xe0 [ 197.748521] do_exit+0xb17/0x2ef0 [ 197.748790] ? lock_acquire+0x427/0x4c0 [ 197.749104] ? __pfx_lock_release+0x10/0x10 [ 197.749441] ? __kasan_check_write+0x18/0x20 [ 197.749918] ? do_raw_spin_lock+0x132/0x2a0 [ 197.750253] ? __pfx_do_exit+0x10/0x10 [ 197.750577] ? debug_smp_processor_id+0x20/0x30 [ 197.750939] ? rcu_is_watching+0x19/0xb0 [ 197.751297] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.751726] ? trace_hardirqs_on+0x26/0x120 [ 197.752065] do_group_exit+0xe0/0x2b0 [ 197.752359] __x64_sys_exit_group+0x47/0x50 [ 197.752700] do_syscall_64+0x3b/0x90 [ 197.753098] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.753501] RIP: 0033:0x7f4b87518a4d [ 197.753787] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.754253] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.754964] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.755522] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.756123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.756729] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.757271] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.757946] [ 197.758127] irq event stamp: 0 [ 197.758367] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.758864] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.759636] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.760273] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.760774] ---[ end trace 0000000000000000 ]--- [ 197.767600] ------------[ cut here ]------------ [ 197.768098] WARNING: CPU: 0 PID: 1882 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.768911] Modules linked in: [ 197.769213] CPU: 0 PID: 1882 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.770002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.770969] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.771441] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.773047] RSP: 0018:ffff888018367bb8 EFLAGS: 00010246 [ 197.773482] RAX: 0000000000000000 RBX: ffff888021a5f8a8 RCX: 0000000000000000 [ 197.774041] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 197.774825] RBP: ffff888018367bd0 R08: ffffed100434bf33 R09: ffffed100434bf33 [ 197.775431] R10: ffff888021a5f993 R11: ffffed100434bf32 R12: ffff888012b65400 [ 197.775986] R13: ffff888021a5f9e8 R14: ffffffff8352e670 R15: ffff888018367e68 [ 197.776584] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.777211] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.777687] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 197.778242] PKRU: 55555554 [ 197.778475] Call Trace: [ 197.778716] [ 197.778899] __iommufd_access_detach+0x1c2/0x2b0 [ 197.779301] iommufd_access_change_pt+0x149/0x270 [ 197.779716] iommufd_access_replace+0xb4/0x120 [ 197.780089] iommufd_test+0x3e5/0x37e0 [ 197.780394] ? lock_release+0x532/0x770 [ 197.780736] ? __might_fault+0x102/0x1b0 [ 197.781073] ? lock_acquire+0x427/0x4c0 [ 197.781395] ? __pfx_iommufd_test+0x10/0x10 [ 197.781741] ? __pfx_lock_release+0x10/0x10 [ 197.782107] ? __pfx_lock_acquire+0x10/0x10 [ 197.782458] ? write_comp_data+0x2f/0x90 [ 197.782823] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.783247] ? write_comp_data+0x2f/0x90 [ 197.783576] iommufd_fops_ioctl+0x37d/0x510 [ 197.783928] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.784339] ? write_comp_data+0x2f/0x90 [ 197.784666] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.785108] __x64_sys_ioctl+0x1a3/0x230 [ 197.785516] do_syscall_64+0x3b/0x90 [ 197.785831] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.786248] RIP: 0033:0x7f4b8743ee5d [ 197.786589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.788045] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.788653] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.789308] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.790043] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.790808] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.791563] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.792313] [ 197.792570] irq event stamp: 0 [ 197.792895] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.793535] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.794373] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.795265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.795909] ---[ end trace 0000000000000000 ]--- [ 197.799906] ------------[ cut here ]------------ [ 197.800296] WARNING: CPU: 0 PID: 1882 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.801275] Modules linked in: [ 197.801531] CPU: 0 PID: 1882 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.802227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.803360] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.803776] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.805438] RSP: 0018:ffff888018367bd0 EFLAGS: 00010246 [ 197.805877] RAX: 0000000000000000 RBX: ffff888021a5f8a8 RCX: 0000000000000000 [ 197.806624] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 197.807221] RBP: ffff888018367be8 R08: ffffed100434bf33 R09: ffffed100434bf33 [ 197.807798] R10: ffff888021a5f993 R11: ffffed100434bf32 R12: ffff888011d3a000 [ 197.808404] R13: ffff888021a5f9e8 R14: ffff888012ba4b00 R15: 0000000000000000 [ 197.809127] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.809780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.810321] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.811045] PKRU: 55555554 [ 197.811307] Call Trace: [ 197.811523] [ 197.811710] iommufd_access_destroy_object+0x65/0x170 [ 197.812203] iommufd_object_destroy_user+0x18e/0x220 [ 197.812716] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.813224] iommufd_access_destroy+0x43/0x70 [ 197.813620] iommufd_test_staccess_release+0x8d/0xd0 [ 197.814232] __fput+0x26d/0xa40 [ 197.814544] ____fput+0x1e/0x30 [ 197.814833] task_work_run+0x1a4/0x2d0 [ 197.815185] ? __pfx_task_work_run+0x10/0x10 [ 197.815580] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.816160] ? switch_task_namespaces+0xa9/0xe0 [ 197.816585] do_exit+0xb17/0x2ef0 [ 197.816896] ? lock_acquire+0x427/0x4c0 [ 197.817259] ? __pfx_lock_release+0x10/0x10 [ 197.817724] ? __kasan_check_write+0x18/0x20 [ 197.818214] ? do_raw_spin_lock+0x132/0x2a0 [ 197.818622] ? __pfx_do_exit+0x10/0x10 [ 197.818982] ? debug_smp_processor_id+0x20/0x30 [ 197.819426] ? rcu_is_watching+0x19/0xb0 [ 197.819952] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.820366] ? trace_hardirqs_on+0x26/0x120 [ 197.820761] do_group_exit+0xe0/0x2b0 [ 197.821109] __x64_sys_exit_group+0x47/0x50 [ 197.821573] do_syscall_64+0x3b/0x90 [ 197.822030] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.822497] RIP: 0033:0x7f4b87518a4d [ 197.822852] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.823398] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.824069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.824900] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.825524] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.826154] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.827025] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.827675] [ 197.827884] irq event stamp: 0 [ 197.828163] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.828905] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.829647] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.830402] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.831144] ---[ end trace 0000000000000000 ]--- [ 197.832300] ------------[ cut here ]------------ [ 197.832926] WARNING: CPU: 0 PID: 1882 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.833829] Modules linked in: [ 197.834121] CPU: 0 PID: 1882 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.835109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.836129] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.836596] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.838258] RSP: 0018:ffff888018367b78 EFLAGS: 00010246 [ 197.838782] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.839464] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 197.840129] RBP: ffff888018367b98 R08: ffffed100434bf3e R09: ffffed100434bf3e [ 197.840795] R10: ffff888021a5f9ef R11: ffffed100434bf3d R12: ffff888021a5fa90 [ 197.841463] R13: ffff888021a5f8a8 R14: ffffffffffffffff R15: ffff888018367c60 [ 197.842132] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.842921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.843483] CR2: 00007f82e2bba028 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 197.844137] PKRU: 55555554 [ 197.844406] Call Trace: [ 197.844641] [ 197.844856] iommufd_ioas_destroy+0x53/0x70 [ 197.845273] iommufd_fops_release+0x1f7/0x370 [ 197.845696] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.846167] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.846662] ? write_comp_data+0x2f/0x90 [ 197.847055] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.847539] __fput+0x26d/0xa40 [ 197.847866] ____fput+0x1e/0x30 [ 197.848185] task_work_run+0x1a4/0x2d0 [ 197.848570] ? __pfx_task_work_run+0x10/0x10 [ 197.848985] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.849447] ? switch_task_namespaces+0xa9/0xe0 [ 197.849895] do_exit+0xb17/0x2ef0 [ 197.850224] ? lock_acquire+0x427/0x4c0 [ 197.850649] ? __pfx_lock_release+0x10/0x10 [ 197.851079] ? __kasan_check_write+0x18/0x20 [ 197.851511] ? do_raw_spin_lock+0x132/0x2a0 [ 197.851919] ? __pfx_do_exit+0x10/0x10 [ 197.852307] ? debug_smp_processor_id+0x20/0x30 [ 197.852745] ? rcu_is_watching+0x19/0xb0 [ 197.853125] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.853543] ? trace_hardirqs_on+0x26/0x120 [ 197.853947] do_group_exit+0xe0/0x2b0 [ 197.854302] __x64_sys_exit_group+0x47/0x50 [ 197.854731] do_syscall_64+0x3b/0x90 [ 197.855095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.855600] RIP: 0033:0x7f4b87518a4d [ 197.855945] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.856513] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.857212] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.857867] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.858541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.859207] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.859864] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.860524] [ 197.860738] irq event stamp: 0 [ 197.861029] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.861608] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.862374] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.863177] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.863761] ---[ end trace 0000000000000000 ]--- [ 197.870345] ------------[ cut here ]------------ [ 197.870975] WARNING: CPU: 0 PID: 1883 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.871930] Modules linked in: [ 197.872229] CPU: 0 PID: 1883 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.873040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.874086] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.874583] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.876292] RSP: 0018:ffff88800af3fbb8 EFLAGS: 00010246 [ 197.876779] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 197.877438] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 197.878092] RBP: ffff88800af3fbd0 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 197.878774] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff88800ae90800 [ 197.879443] R13: ffff88801587a9e8 R14: ffffffff8352e670 R15: ffff88800af3fe68 [ 197.880096] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.880802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.881302] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 197.881923] PKRU: 55555554 [ 197.882169] Call Trace: [ 197.882395] [ 197.882610] __iommufd_access_detach+0x1c2/0x2b0 [ 197.883038] iommufd_access_change_pt+0x149/0x270 [ 197.883478] iommufd_access_replace+0xb4/0x120 [ 197.883883] iommufd_test+0x3e5/0x37e0 [ 197.884222] ? lock_release+0x532/0x770 [ 197.884577] ? __might_fault+0x102/0x1b0 [ 197.884936] ? lock_acquire+0x427/0x4c0 [ 197.885295] ? __pfx_iommufd_test+0x10/0x10 [ 197.885673] ? __pfx_lock_release+0x10/0x10 [ 197.886056] ? __pfx_lock_acquire+0x10/0x10 [ 197.886439] ? write_comp_data+0x2f/0x90 [ 197.886829] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.887265] ? write_comp_data+0x2f/0x90 [ 197.887631] iommufd_fops_ioctl+0x37d/0x510 [ 197.888013] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.888444] ? write_comp_data+0x2f/0x90 [ 197.888809] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.889228] __x64_sys_ioctl+0x1a3/0x230 [ 197.889595] do_syscall_64+0x3b/0x90 [ 197.889932] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.890381] RIP: 0033:0x7f4b8743ee5d [ 197.890724] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.892276] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.892924] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.893521] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.894120] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.894737] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.895352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.895963] [ 197.896163] irq event stamp: 0 [ 197.896428] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.896963] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.897671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.898381] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.898943] ---[ end trace 0000000000000000 ]--- [ 197.902265] ------------[ cut here ]------------ [ 197.902731] WARNING: CPU: 0 PID: 1883 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.903608] Modules linked in: [ 197.903880] CPU: 0 PID: 1883 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.904854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.905814] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.906244] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.908034] RSP: 0018:ffff88800af3fbd0 EFLAGS: 00010246 [ 197.908499] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 197.909104] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 197.909715] RBP: ffff88800af3fbe8 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 197.910323] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff888012b67400 [ 197.910956] R13: ffff88801587a9e8 R14: ffff8880123b0300 R15: 0000000000000000 [ 197.911592] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.912407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.913043] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.913659] PKRU: 55555554 [ 197.913908] Call Trace: [ 197.914170] [ 197.914491] iommufd_access_destroy_object+0x65/0x170 [ 197.914974] iommufd_object_destroy_user+0x18e/0x220 [ 197.915433] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 197.915946] iommufd_access_destroy+0x43/0x70 [ 197.916420] iommufd_test_staccess_release+0x8d/0xd0 [ 197.916989] __fput+0x26d/0xa40 [ 197.917292] ____fput+0x1e/0x30 [ 197.917585] task_work_run+0x1a4/0x2d0 [ 197.917928] ? __pfx_task_work_run+0x10/0x10 [ 197.918393] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.918957] ? switch_task_namespaces+0xa9/0xe0 [ 197.919380] do_exit+0xb17/0x2ef0 [ 197.919683] ? lock_acquire+0x427/0x4c0 [ 197.920039] ? __pfx_lock_release+0x10/0x10 [ 197.920426] ? __kasan_check_write+0x18/0x20 [ 197.921012] ? do_raw_spin_lock+0x132/0x2a0 [ 197.921399] ? __pfx_do_exit+0x10/0x10 [ 197.921741] ? debug_smp_processor_id+0x20/0x30 [ 197.922142] ? rcu_is_watching+0x19/0xb0 [ 197.922592] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.923112] ? trace_hardirqs_on+0x26/0x120 [ 197.923517] do_group_exit+0xe0/0x2b0 [ 197.923850] __x64_sys_exit_group+0x47/0x50 [ 197.924222] do_syscall_64+0x3b/0x90 [ 197.924551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.925228] RIP: 0033:0x7f4b87518a4d [ 197.925551] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.926085] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.926906] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.927537] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.928156] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.928792] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.929612] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.930263] [ 197.930475] irq event stamp: 0 [ 197.930797] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.931507] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.932283] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.933052] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.933628] ---[ end trace 0000000000000000 ]--- [ 197.934408] ------------[ cut here ]------------ [ 197.934887] WARNING: CPU: 0 PID: 1883 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 197.935830] Modules linked in: [ 197.936129] CPU: 0 PID: 1883 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.936927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.937952] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 197.938425] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 197.940137] RSP: 0018:ffff88800af3fb78 EFLAGS: 00010246 [ 197.940632] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 197.941283] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 197.941953] RBP: ffff88800af3fb98 R08: ffffed1002b0f53e R09: ffffed1002b0f53e [ 197.942635] R10: ffff88801587a9ef R11: ffffed1002b0f53d R12: ffff88801587aa90 [ 197.943307] R13: ffff88801587a8a8 R14: ffffffffffffffff R15: ffff88800af3fc60 [ 197.943961] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 197.944698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.945235] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 197.945897] PKRU: 55555554 [ 197.946158] Call Trace: [ 197.946394] [ 197.946634] iommufd_ioas_destroy+0x53/0x70 [ 197.947042] iommufd_fops_release+0x1f7/0x370 [ 197.947477] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.947944] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.948413] ? write_comp_data+0x2f/0x90 [ 197.948803] ? __pfx_iommufd_fops_release+0x10/0x10 [ 197.949282] __fput+0x26d/0xa40 [ 197.949605] ____fput+0x1e/0x30 [ 197.949919] task_work_run+0x1a4/0x2d0 [ 197.950289] ? __pfx_task_work_run+0x10/0x10 [ 197.950735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.951212] ? switch_task_namespaces+0xa9/0xe0 [ 197.951659] do_exit+0xb17/0x2ef0 [ 197.951981] ? lock_acquire+0x427/0x4c0 [ 197.952362] ? __pfx_lock_release+0x10/0x10 [ 197.952779] ? __kasan_check_write+0x18/0x20 [ 197.953196] ? do_raw_spin_lock+0x132/0x2a0 [ 197.953604] ? __pfx_do_exit+0x10/0x10 [ 197.953980] ? debug_smp_processor_id+0x20/0x30 [ 197.954412] ? rcu_is_watching+0x19/0xb0 [ 197.954826] ? _raw_spin_unlock_irq+0x2b/0x60 [ 197.955281] ? trace_hardirqs_on+0x26/0x120 [ 197.955695] do_group_exit+0xe0/0x2b0 [ 197.956055] __x64_sys_exit_group+0x47/0x50 [ 197.956454] do_syscall_64+0x3b/0x90 [ 197.956809] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.957298] RIP: 0033:0x7f4b87518a4d [ 197.957643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 197.958219] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 197.958954] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 197.959639] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 197.960298] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 197.960958] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 197.961610] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 197.962287] [ 197.962532] irq event stamp: 0 [ 197.962834] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 197.963457] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 197.964238] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 197.965025] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 197.965615] ---[ end trace 0000000000000000 ]--- [ 197.970288] ------------[ cut here ]------------ [ 197.970870] WARNING: CPU: 1 PID: 1884 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 197.971834] Modules linked in: [ 197.972139] CPU: 1 PID: 1884 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 197.973132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 197.974191] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 197.974799] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 197.976578] RSP: 0018:ffff88801638fbb8 EFLAGS: 00010246 [ 197.977300] RAX: 0000000000000000 RBX: ffff88801609f8a8 RCX: 0000000000000000 [ 197.977991] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 197.978702] RBP: ffff88801638fbd0 R08: ffffed1002c13f33 R09: ffffed1002c13f33 [ 197.979594] R10: ffff88801609f993 R11: ffffed1002c13f32 R12: ffff888010c0b400 [ 197.980280] R13: ffff88801609f9e8 R14: ffffffff8352e670 R15: ffff88801638fe68 [ 197.981033] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 197.981970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.982542] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 197.983231] PKRU: 55555554 [ 197.983507] Call Trace: [ 197.983755] [ 197.983975] __iommufd_access_detach+0x1c2/0x2b0 [ 197.984451] iommufd_access_change_pt+0x149/0x270 [ 197.984927] iommufd_access_replace+0xb4/0x120 [ 197.985378] iommufd_test+0x3e5/0x37e0 [ 197.985755] ? lock_release+0x532/0x770 [ 197.986153] ? __might_fault+0x102/0x1b0 [ 197.986583] ? lock_acquire+0x427/0x4c0 [ 197.986971] ? __pfx_iommufd_test+0x10/0x10 [ 197.987386] ? __pfx_lock_release+0x10/0x10 [ 197.987816] ? __pfx_lock_acquire+0x10/0x10 [ 197.988256] ? write_comp_data+0x2f/0x90 [ 197.988669] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 197.989145] ? write_comp_data+0x2f/0x90 [ 197.989551] iommufd_fops_ioctl+0x37d/0x510 [ 197.989972] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.990449] ? write_comp_data+0x2f/0x90 [ 197.990880] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.991373] __x64_sys_ioctl+0x1a3/0x230 [ 197.991785] do_syscall_64+0x3b/0x90 [ 197.992163] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 197.992673] RIP: 0033:0x7f4b8743ee5d [ 197.993033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 197.994797] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 197.995563] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 197.996255] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.996932] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 197.997612] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 197.998312] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 197.999054] [ 197.999298] irq event stamp: 0 [ 197.999604] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.000211] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.001016] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.001816] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.002421] ---[ end trace 0000000000000000 ]--- [ 198.005629] ------------[ cut here ]------------ [ 198.006109] WARNING: CPU: 1 PID: 1884 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.007300] Modules linked in: [ 198.007614] CPU: 1 PID: 1884 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.008448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.009524] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.010004] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.011793] RSP: 0018:ffff88801638fbd0 EFLAGS: 00010246 [ 198.012321] RAX: 0000000000000000 RBX: ffff88801609f8a8 RCX: 0000000000000000 [ 198.013066] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 198.013740] RBP: ffff88801638fbe8 R08: ffffed1002c13f33 R09: ffffed1002c13f33 [ 198.014413] R10: ffff88801609f993 R11: ffffed1002c13f32 R12: ffff88801351e400 [ 198.015127] R13: ffff88801609f9e8 R14: ffff888012f91c00 R15: 0000000000000000 [ 198.015818] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.016598] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.017160] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.017843] PKRU: 55555554 [ 198.018117] Call Trace: [ 198.018367] [ 198.018618] iommufd_access_destroy_object+0x65/0x170 [ 198.019148] iommufd_object_destroy_user+0x18e/0x220 [ 198.019643] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.020192] iommufd_access_destroy+0x43/0x70 [ 198.020632] iommufd_test_staccess_release+0x8d/0xd0 [ 198.021126] __fput+0x26d/0xa40 [ 198.021460] ____fput+0x1e/0x30 [ 198.021788] task_work_run+0x1a4/0x2d0 [ 198.022173] ? __pfx_task_work_run+0x10/0x10 [ 198.022626] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.023111] ? switch_task_namespaces+0xa9/0xe0 [ 198.023577] do_exit+0xb17/0x2ef0 [ 198.023906] ? lock_acquire+0x427/0x4c0 [ 198.024303] ? __pfx_lock_release+0x10/0x10 [ 198.024726] ? __kasan_check_write+0x18/0x20 [ 198.025157] ? do_raw_spin_lock+0x132/0x2a0 [ 198.025573] ? __pfx_do_exit+0x10/0x10 [ 198.025960] ? debug_smp_processor_id+0x20/0x30 [ 198.026413] ? rcu_is_watching+0x19/0xb0 [ 198.026835] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.027294] ? trace_hardirqs_on+0x26/0x120 [ 198.027722] do_group_exit+0xe0/0x2b0 [ 198.028101] __x64_sys_exit_group+0x47/0x50 [ 198.028517] do_syscall_64+0x3b/0x90 [ 198.028888] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.029408] RIP: 0033:0x7f4b87518a4d [ 198.029773] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.030367] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.031140] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.031826] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.032496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.033162] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.033838] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.034548] [ 198.034779] irq event stamp: 0 [ 198.035085] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.035702] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.036503] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.037299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.037906] ---[ end trace 0000000000000000 ]--- [ 198.038757] ------------[ cut here ]------------ [ 198.039229] WARNING: CPU: 1 PID: 1884 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.040212] Modules linked in: [ 198.040523] CPU: 1 PID: 1884 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.041361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.042434] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.042961] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.044730] RSP: 0018:ffff88801638fb78 EFLAGS: 00010246 [ 198.045316] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.045994] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 198.046697] RBP: ffff88801638fb98 R08: ffffed1002c13f3e R09: ffffed1002c13f3e [ 198.047423] R10: ffff88801609f9ef R11: ffffed1002c13f3d R12: ffff88801609fa90 [ 198.048112] R13: ffff88801609f8a8 R14: ffffffffffffffff R15: ffff88801638fc60 [ 198.048801] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.049569] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.050128] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.050859] PKRU: 55555554 [ 198.051146] Call Trace: [ 198.051394] [ 198.051613] iommufd_ioas_destroy+0x53/0x70 [ 198.052044] iommufd_fops_release+0x1f7/0x370 [ 198.052483] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.052967] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.053440] ? write_comp_data+0x2f/0x90 [ 198.053847] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.054324] __fput+0x26d/0xa40 [ 198.054673] ____fput+0x1e/0x30 [ 198.054996] task_work_run+0x1a4/0x2d0 [ 198.055384] ? __pfx_task_work_run+0x10/0x10 [ 198.055813] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.056288] ? switch_task_namespaces+0xa9/0xe0 [ 198.056742] do_exit+0xb17/0x2ef0 [ 198.057068] ? lock_acquire+0x427/0x4c0 [ 198.057450] ? __pfx_lock_release+0x10/0x10 [ 198.057866] ? __kasan_check_write+0x18/0x20 [ 198.058289] ? do_raw_spin_lock+0x132/0x2a0 [ 198.058723] ? __pfx_do_exit+0x10/0x10 [ 198.059108] ? debug_smp_processor_id+0x20/0x30 [ 198.059563] ? rcu_is_watching+0x19/0xb0 [ 198.059957] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.060407] ? trace_hardirqs_on+0x26/0x120 [ 198.060843] do_group_exit+0xe0/0x2b0 [ 198.061221] __x64_sys_exit_group+0x47/0x50 [ 198.061632] do_syscall_64+0x3b/0x90 [ 198.061996] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.062493] RIP: 0033:0x7f4b87518a4d [ 198.062874] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.063473] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.064192] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.064862] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.065530] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.066203] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.066899] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.067602] [ 198.067830] irq event stamp: 0 [ 198.068134] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.068826] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.069625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.070423] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.071046] ---[ end trace 0000000000000000 ]--- [ 198.075912] ------------[ cut here ]------------ [ 198.076412] WARNING: CPU: 1 PID: 1885 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.077439] Modules linked in: [ 198.077746] CPU: 1 PID: 1885 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.078787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.079885] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.080359] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.082068] RSP: 0018:ffff88801873fbb8 EFLAGS: 00010246 [ 198.082601] RAX: 0000000000000000 RBX: ffff8880187690a8 RCX: 0000000000000000 [ 198.083292] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 198.083960] RBP: ffff88801873fbd0 R08: ffffed10030ed233 R09: ffffed10030ed233 [ 198.084681] R10: ffff888018769193 R11: ffffed10030ed232 R12: ffff8880138ae000 [ 198.085421] R13: ffff8880187691e8 R14: ffffffff8352e670 R15: ffff88801873fe68 [ 198.086157] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.087000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.087627] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 198.088358] PKRU: 55555554 [ 198.088646] Call Trace: [ 198.088910] [ 198.089145] __iommufd_access_detach+0x1c2/0x2b0 [ 198.089649] iommufd_access_change_pt+0x149/0x270 [ 198.090151] iommufd_access_replace+0xb4/0x120 [ 198.090656] iommufd_test+0x3e5/0x37e0 [ 198.091062] ? lock_release+0x532/0x770 [ 198.091493] ? __might_fault+0x102/0x1b0 [ 198.091923] ? lock_acquire+0x427/0x4c0 [ 198.092347] ? __pfx_iommufd_test+0x10/0x10 [ 198.092796] ? __pfx_lock_release+0x10/0x10 [ 198.093253] ? __pfx_lock_acquire+0x10/0x10 [ 198.093713] ? write_comp_data+0x2f/0x90 [ 198.094146] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.094688] ? write_comp_data+0x2f/0x90 [ 198.095147] iommufd_fops_ioctl+0x37d/0x510 [ 198.095601] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.096110] ? write_comp_data+0x2f/0x90 [ 198.096548] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.097059] __x64_sys_ioctl+0x1a3/0x230 [ 198.097496] do_syscall_64+0x3b/0x90 [ 198.097889] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.098447] RIP: 0033:0x7f4b8743ee5d [ 198.098870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.100759] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.101548] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.102288] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.103049] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.103798] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.104529] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.105270] [ 198.105512] irq event stamp: 0 [ 198.105837] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.106485] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.107382] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.108228] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.108883] ---[ end trace 0000000000000000 ]--- [ 198.112142] ------------[ cut here ]------------ [ 198.112671] WARNING: CPU: 1 PID: 1885 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.113710] Modules linked in: [ 198.114038] CPU: 1 PID: 1885 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.114954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.116134] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.116649] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.118545] RSP: 0018:ffff88801873fbd0 EFLAGS: 00010246 [ 198.119099] RAX: 0000000000000000 RBX: ffff8880187690a8 RCX: 0000000000000000 [ 198.119857] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 198.120587] RBP: ffff88801873fbe8 R08: ffffed10030ed233 R09: ffffed10030ed233 [ 198.121324] R10: ffff888018769193 R11: ffffed10030ed232 R12: ffff888010c0a800 [ 198.122080] R13: ffff8880187691e8 R14: ffff88802090d500 R15: 0000000000000000 [ 198.122875] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.123723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.124321] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.125053] PKRU: 55555554 [ 198.125353] Call Trace: [ 198.125625] [ 198.125860] iommufd_access_destroy_object+0x65/0x170 [ 198.126404] iommufd_object_destroy_user+0x18e/0x220 [ 198.126964] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.127596] iommufd_access_destroy+0x43/0x70 [ 198.128077] iommufd_test_staccess_release+0x8d/0xd0 [ 198.128617] __fput+0x26d/0xa40 [ 198.128977] ____fput+0x1e/0x30 [ 198.129330] task_work_run+0x1a4/0x2d0 [ 198.129738] ? __pfx_task_work_run+0x10/0x10 [ 198.130197] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.130725] ? switch_task_namespaces+0xa9/0xe0 [ 198.131234] do_exit+0xb17/0x2ef0 [ 198.131600] ? lock_acquire+0x427/0x4c0 [ 198.132025] ? __pfx_lock_release+0x10/0x10 [ 198.132482] ? __kasan_check_write+0x18/0x20 [ 198.132948] ? do_raw_spin_lock+0x132/0x2a0 [ 198.133391] ? __pfx_do_exit+0x10/0x10 [ 198.133808] ? debug_smp_processor_id+0x20/0x30 [ 198.134299] ? rcu_is_watching+0x19/0xb0 [ 198.134760] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.135256] ? trace_hardirqs_on+0x26/0x120 [ 198.135722] do_group_exit+0xe0/0x2b0 [ 198.136125] __x64_sys_exit_group+0x47/0x50 [ 198.136564] do_syscall_64+0x3b/0x90 [ 198.136956] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.137494] RIP: 0033:0x7f4b87518a4d [ 198.137875] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.138535] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.139350] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.140082] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.140814] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.141610] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.142346] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.143112] [ 198.143366] irq event stamp: 0 [ 198.143693] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.144348] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.145211] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.146082] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.146754] ---[ end trace 0000000000000000 ]--- [ 198.147642] ------------[ cut here ]------------ [ 198.148125] WARNING: CPU: 1 PID: 1885 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.149170] Modules linked in: [ 198.149501] CPU: 1 PID: 1885 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.150392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.151574] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.152114] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.153990] RSP: 0018:ffff88801873fb78 EFLAGS: 00010246 [ 198.154567] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.155312] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 198.156033] RBP: ffff88801873fb98 R08: ffffed10030ed23e R09: ffffed10030ed23e [ 198.156759] R10: ffff8880187691ef R11: ffffed10030ed23d R12: ffff888018769290 [ 198.157507] R13: ffff8880187690a8 R14: ffffffffffffffff R15: ffff88801873fc60 [ 198.158243] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.159097] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.159745] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.160482] PKRU: 55555554 [ 198.160780] Call Trace: [ 198.161045] [ 198.161283] iommufd_ioas_destroy+0x53/0x70 [ 198.161739] iommufd_fops_release+0x1f7/0x370 [ 198.162205] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.162755] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.163291] ? write_comp_data+0x2f/0x90 [ 198.163720] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.164248] __fput+0x26d/0xa40 [ 198.164609] ____fput+0x1e/0x30 [ 198.164963] task_work_run+0x1a4/0x2d0 [ 198.165375] ? __pfx_task_work_run+0x10/0x10 [ 198.165839] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.166341] ? switch_task_namespaces+0xa9/0xe0 [ 198.166856] do_exit+0xb17/0x2ef0 [ 198.167254] ? lock_acquire+0x427/0x4c0 [ 198.167688] ? __pfx_lock_release+0x10/0x10 [ 198.168147] ? __kasan_check_write+0x18/0x20 [ 198.168609] ? do_raw_spin_lock+0x132/0x2a0 [ 198.169057] ? __pfx_do_exit+0x10/0x10 [ 198.169468] ? debug_smp_processor_id+0x20/0x30 [ 198.169957] ? rcu_is_watching+0x19/0xb0 [ 198.170380] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.170879] ? trace_hardirqs_on+0x26/0x120 [ 198.171343] do_group_exit+0xe0/0x2b0 [ 198.171713] __x64_sys_exit_group+0x47/0x50 [ 198.172126] do_syscall_64+0x3b/0x90 [ 198.172492] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.173051] RIP: 0033:0x7f4b87518a4d [ 198.173403] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.173979] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.174722] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.175414] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.176080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.176753] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.177424] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.178122] [ 198.178350] irq event stamp: 0 [ 198.178677] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.179292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.180088] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.180875] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.181475] ---[ end trace 0000000000000000 ]--- [ 198.185640] ------------[ cut here ]------------ [ 198.186147] WARNING: CPU: 1 PID: 1886 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.187207] Modules linked in: [ 198.187519] CPU: 1 PID: 1886 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.188343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.189369] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.189824] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.191730] RSP: 0018:ffff888014a67bb8 EFLAGS: 00010246 [ 198.192236] RAX: 0000000000000000 RBX: ffff888013a8e8a8 RCX: 0000000000000000 [ 198.192881] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 198.193533] RBP: ffff888014a67bd0 R08: ffffed1002751d33 R09: ffffed1002751d33 [ 198.194178] R10: ffff888013a8e993 R11: ffffed1002751d32 R12: ffff888017b96c00 [ 198.194843] R13: ffff888013a8e9e8 R14: ffffffff8352e670 R15: ffff888014a67e68 [ 198.195507] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.196251] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.196790] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 198.197441] PKRU: 55555554 [ 198.197702] Call Trace: [ 198.197931] [ 198.198137] __iommufd_access_detach+0x1c2/0x2b0 [ 198.198606] iommufd_access_change_pt+0x149/0x270 [ 198.199071] iommufd_access_replace+0xb4/0x120 [ 198.199517] iommufd_test+0x3e5/0x37e0 [ 198.199858] ? lock_release+0x532/0x770 [ 198.200212] ? __might_fault+0x102/0x1b0 [ 198.200571] ? lock_acquire+0x427/0x4c0 [ 198.200926] ? __pfx_iommufd_test+0x10/0x10 [ 198.201299] ? __pfx_lock_release+0x10/0x10 [ 198.201682] ? __pfx_lock_acquire+0x10/0x10 [ 198.202068] ? write_comp_data+0x2f/0x90 [ 198.202435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.202884] ? write_comp_data+0x2f/0x90 [ 198.203256] iommufd_fops_ioctl+0x37d/0x510 [ 198.203638] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.204066] ? write_comp_data+0x2f/0x90 [ 198.204433] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.204859] __x64_sys_ioctl+0x1a3/0x230 [ 198.205284] do_syscall_64+0x3b/0x90 [ 198.205618] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.206076] RIP: 0033:0x7f4b8743ee5d [ 198.206402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.208012] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.208683] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.209304] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.209919] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.210561] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.211190] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.211815] [ 198.212021] irq event stamp: 0 [ 198.212298] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.212851] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.213580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.214296] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.214862] ---[ end trace 0000000000000000 ]--- [ 198.217746] ------------[ cut here ]------------ [ 198.218187] WARNING: CPU: 1 PID: 1886 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.219093] Modules linked in: [ 198.219401] CPU: 1 PID: 1886 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.220156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.221126] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.221559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.223161] RSP: 0018:ffff888014a67bd0 EFLAGS: 00010246 [ 198.223630] RAX: 0000000000000000 RBX: ffff888013a8e8a8 RCX: 0000000000000000 [ 198.224243] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 198.224862] RBP: ffff888014a67be8 R08: ffffed1002751d33 R09: ffffed1002751d33 [ 198.225473] R10: ffff888013a8e993 R11: ffffed1002751d32 R12: ffff8880138af800 [ 198.226085] R13: ffff888013a8e9e8 R14: ffff8880141d8200 R15: 0000000000000000 [ 198.226720] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.227437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.227935] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.228548] PKRU: 55555554 [ 198.228792] Call Trace: [ 198.229015] [ 198.229210] iommufd_access_destroy_object+0x65/0x170 [ 198.229666] iommufd_object_destroy_user+0x18e/0x220 [ 198.230122] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.230661] iommufd_access_destroy+0x43/0x70 [ 198.231070] iommufd_test_staccess_release+0x8d/0xd0 [ 198.231531] __fput+0x26d/0xa40 [ 198.231837] ____fput+0x1e/0x30 [ 198.232132] task_work_run+0x1a4/0x2d0 [ 198.232477] ? __pfx_task_work_run+0x10/0x10 [ 198.232875] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.233309] ? switch_task_namespaces+0xa9/0xe0 [ 198.233727] do_exit+0xb17/0x2ef0 [ 198.234033] ? lock_acquire+0x427/0x4c0 [ 198.234393] ? __pfx_lock_release+0x10/0x10 [ 198.234801] ? __kasan_check_write+0x18/0x20 [ 198.235193] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 198.235218] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 198.237006] ? do_raw_spin_lock+0x132/0x2a0 [ 198.238666] ? __pfx_do_exit+0x10/0x10 [ 198.239024] ? debug_smp_processor_id+0x20/0x30 [ 198.239445] ? rcu_is_watching+0x19/0xb0 [ 198.239806] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.240212] ? trace_hardirqs_on+0x26/0x120 [ 198.240596] do_group_exit+0xe0/0x2b0 [ 198.240930] __x64_sys_exit_group+0x47/0x50 [ 198.241306] do_syscall_64+0x3b/0x90 [ 198.241642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.242100] RIP: 0033:0x7f4b87518a4d [ 198.242423] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.242976] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.243648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.244260] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.244873] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.245483] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.246095] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.246759] [ 198.246972] irq event stamp: 0 [ 198.247255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.247809] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.248549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.249271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.249819] ---[ end trace 0000000000000000 ]--- [ 198.250612] ------------[ cut here ]------------ [ 198.251024] WARNING: CPU: 1 PID: 1886 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.251925] Modules linked in: [ 198.252223] CPU: 1 PID: 1886 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.252983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.253961] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.254415] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.256274] RSP: 0018:ffff888014a67b78 EFLAGS: 00010246 [ 198.256773] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.257431] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 198.258094] RBP: ffff888014a67b98 R08: ffffed1002751d3e R09: ffffed1002751d3e [ 198.258785] R10: ffff888013a8e9ef R11: ffffed1002751d3d R12: ffff888013a8ea90 [ 198.259471] R13: ffff888013a8e8a8 R14: ffffffffffffffff R15: ffff888014a67c60 [ 198.260131] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.260885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.261426] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.262080] PKRU: 55555554 [ 198.262340] Call Trace: [ 198.262591] [ 198.262804] iommufd_ioas_destroy+0x53/0x70 [ 198.263223] iommufd_fops_release+0x1f7/0x370 [ 198.263659] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.264132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.264583] ? write_comp_data+0x2f/0x90 [ 198.264971] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.265437] __fput+0x26d/0xa40 [ 198.265754] ____fput+0x1e/0x30 [ 198.266076] task_work_run+0x1a4/0x2d0 [ 198.266463] ? __pfx_task_work_run+0x10/0x10 [ 198.266913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.267517] ? switch_task_namespaces+0xa9/0xe0 [ 198.268113] do_exit+0xb17/0x2ef0 [ 198.268482] ? lock_acquire+0x427/0x4c0 [ 198.268848] ? __pfx_lock_release+0x10/0x10 [ 198.269318] ? __kasan_check_write+0x18/0x20 [ 198.269736] ? do_raw_spin_lock+0x132/0x2a0 [ 198.270117] ? __pfx_do_exit+0x10/0x10 [ 198.270491] ? debug_smp_processor_id+0x20/0x30 [ 198.270950] ? rcu_is_watching+0x19/0xb0 [ 198.271357] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.271778] ? trace_hardirqs_on+0x26/0x120 [ 198.272176] do_group_exit+0xe0/0x2b0 [ 198.272639] __x64_sys_exit_group+0x47/0x50 [ 198.273231] do_syscall_64+0x3b/0x90 [ 198.273615] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.274235] RIP: 0033:0x7f4b87518a4d [ 198.274740] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.275342] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.276054] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.276759] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.277586] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.278274] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.278965] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.279732] [ 198.280044] irq event stamp: 0 [ 198.280349] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.280946] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.281786] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.282749] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.283409] ---[ end trace 0000000000000000 ]--- [ 198.293436] ------------[ cut here ]------------ [ 198.293983] WARNING: CPU: 1 PID: 1888 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.295106] Modules linked in: [ 198.295455] CPU: 1 PID: 1888 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.296351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.297518] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.298049] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.300279] RSP: 0018:ffff888015e0fbb8 EFLAGS: 00010246 [ 198.300841] RAX: 0000000000000000 RBX: ffff88800fc418a8 RCX: 0000000000000000 [ 198.301664] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 198.302640] RBP: ffff888015e0fbd0 R08: ffffed1001f88333 R09: ffffed1001f88333 [ 198.303399] R10: ffff88800fc41993 R11: ffffed1001f88332 R12: ffff888013b14000 [ 198.304139] R13: ffff88800fc419e8 R14: ffffffff8352e670 R15: ffff888015e0fe68 [ 198.304883] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.305963] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.306591] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 198.307334] PKRU: 55555554 [ 198.307632] Call Trace: [ 198.307899] [ 198.308194] __iommufd_access_detach+0x1c2/0x2b0 [ 198.308863] iommufd_access_change_pt+0x149/0x270 [ 198.309389] iommufd_access_replace+0xb4/0x120 [ 198.309893] iommufd_test+0x3e5/0x37e0 [ 198.310307] ? lock_release+0x532/0x770 [ 198.310765] ? __might_fault+0x102/0x1b0 [ 198.311270] ? lock_acquire+0x427/0x4c0 [ 198.311871] ? __pfx_iommufd_test+0x10/0x10 [ 198.312333] ? __pfx_lock_release+0x10/0x10 [ 198.312801] ? __pfx_lock_acquire+0x10/0x10 [ 198.313271] ? write_comp_data+0x2f/0x90 [ 198.313713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.314242] ? write_comp_data+0x2f/0x90 [ 198.314955] iommufd_fops_ioctl+0x37d/0x510 [ 198.315445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.315968] ? write_comp_data+0x2f/0x90 [ 198.316415] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.316932] __x64_sys_ioctl+0x1a3/0x230 [ 198.317408] do_syscall_64+0x3b/0x90 [ 198.318012] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.318600] RIP: 0033:0x7f4b8743ee5d [ 198.319001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.321190] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.322002] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.322784] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.323539] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.324280] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.325023] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.325786] [ 198.326040] irq event stamp: 0 [ 198.326497] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.327311] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.328190] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.329069] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.329853] ---[ end trace 0000000000000000 ]--- [ 198.333386] ------------[ cut here ]------------ [ 198.333927] WARNING: CPU: 1 PID: 1888 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.335051] Modules linked in: [ 198.335420] CPU: 1 PID: 1888 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.336467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.337760] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.338298] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.340510] RSP: 0018:ffff888015e0fbd0 EFLAGS: 00010246 [ 198.341078] RAX: 0000000000000000 RBX: ffff88800fc418a8 RCX: 0000000000000000 [ 198.341819] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 198.342588] RBP: ffff888015e0fbe8 R08: ffffed1001f88333 R09: ffffed1001f88333 [ 198.343424] R10: ffff88800fc41993 R11: ffffed1001f88332 R12: ffff888017b96000 [ 198.344322] R13: ffff88800fc419e8 R14: ffff888010928900 R15: 0000000000000000 [ 198.345068] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.345914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.346676] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.347568] PKRU: 55555554 [ 198.347872] Call Trace: [ 198.348142] [ 198.348377] iommufd_access_destroy_object+0x65/0x170 [ 198.348928] iommufd_object_destroy_user+0x18e/0x220 [ 198.349472] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.350292] iommufd_access_destroy+0x43/0x70 [ 198.350815] iommufd_test_staccess_release+0x8d/0xd0 [ 198.351390] __fput+0x26d/0xa40 [ 198.351759] ____fput+0x1e/0x30 [ 198.352110] task_work_run+0x1a4/0x2d0 [ 198.352525] ? __pfx_task_work_run+0x10/0x10 [ 198.352992] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.353634] ? switch_task_namespaces+0xa9/0xe0 [ 198.354243] do_exit+0xb17/0x2ef0 [ 198.354641] ? lock_acquire+0x427/0x4c0 [ 198.355074] ? __pfx_lock_release+0x10/0x10 [ 198.355566] ? __kasan_check_write+0x18/0x20 [ 198.356034] ? do_raw_spin_lock+0x132/0x2a0 [ 198.356487] ? __pfx_do_exit+0x10/0x10 [ 198.356909] ? debug_smp_processor_id+0x20/0x30 [ 198.357633] ? rcu_is_watching+0x19/0xb0 [ 198.358063] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.358572] ? trace_hardirqs_on+0x26/0x120 [ 198.359034] do_group_exit+0xe0/0x2b0 [ 198.359453] __x64_sys_exit_group+0x47/0x50 [ 198.359903] do_syscall_64+0x3b/0x90 [ 198.360305] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.360942] RIP: 0033:0x7f4b87518a4d [ 198.361455] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.362095] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.362935] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.363728] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.364583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.365543] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.366289] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.367187] [ 198.367543] irq event stamp: 0 [ 198.367882] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.368551] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.369437] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.370553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.371244] ---[ end trace 0000000000000000 ]--- [ 198.372160] ------------[ cut here ]------------ [ 198.372788] WARNING: CPU: 1 PID: 1888 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.373964] Modules linked in: [ 198.374308] CPU: 1 PID: 1888 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.375477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.376676] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.377225] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.379436] RSP: 0018:ffff888015e0fb78 EFLAGS: 00010246 [ 198.380013] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.380881] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 198.381762] RBP: ffff888015e0fb98 R08: ffffed1001f8833e R09: ffffed1001f8833e [ 198.382540] R10: ffff88800fc419ef R11: ffffed1001f8833d R12: ffff88800fc41a90 [ 198.383348] R13: ffff88800fc418a8 R14: ffffffffffffffff R15: ffff888015e0fc60 [ 198.384263] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.385111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.385830] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.386716] PKRU: 55555554 [ 198.387021] Call Trace: [ 198.387299] [ 198.387538] iommufd_ioas_destroy+0x53/0x70 [ 198.388000] iommufd_fops_release+0x1f7/0x370 [ 198.388608] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.389221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.389742] ? write_comp_data+0x2f/0x90 [ 198.390180] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.390742] __fput+0x26d/0xa40 [ 198.391308] ____fput+0x1e/0x30 [ 198.391669] task_work_run+0x1a4/0x2d0 [ 198.392097] ? __pfx_task_work_run+0x10/0x10 [ 198.392579] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.393107] ? switch_task_namespaces+0xa9/0xe0 [ 198.393623] do_exit+0xb17/0x2ef0 [ 198.394163] ? lock_acquire+0x427/0x4c0 [ 198.394631] ? __pfx_lock_release+0x10/0x10 [ 198.395096] ? __kasan_check_write+0x18/0x20 [ 198.395576] ? do_raw_spin_lock+0x132/0x2a0 [ 198.396037] ? __pfx_do_exit+0x10/0x10 [ 198.396495] ? debug_smp_processor_id+0x20/0x30 [ 198.397228] ? rcu_is_watching+0x19/0xb0 [ 198.397664] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.398149] ? trace_hardirqs_on+0x26/0x120 [ 198.398642] do_group_exit+0xe0/0x2b0 [ 198.399058] __x64_sys_exit_group+0x47/0x50 [ 198.399598] do_syscall_64+0x3b/0x90 [ 198.400118] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.400665] RIP: 0033:0x7f4b87518a4d [ 198.401053] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.401735] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.402706] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.403482] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.404229] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.405218] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.405974] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.406760] [ 198.407008] irq event stamp: 0 [ 198.407429] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.408212] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.409109] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.410041] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.410904] ---[ end trace 0000000000000000 ]--- [ 198.415582] ------------[ cut here ]------------ [ 198.416237] WARNING: CPU: 1 PID: 1889 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.417294] Modules linked in: [ 198.417679] CPU: 1 PID: 1889 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.418846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.420042] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.420692] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.422756] RSP: 0018:ffff888014a67bb8 EFLAGS: 00010246 [ 198.423536] RAX: 0000000000000000 RBX: ffff888016e4b0a8 RCX: 0000000000000000 [ 198.424286] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 198.425043] RBP: ffff888014a67bd0 R08: ffffed1002dc9633 R09: ffffed1002dc9633 [ 198.425983] R10: ffff888016e4b193 R11: ffffed1002dc9632 R12: ffff8880141ebc00 [ 198.426756] R13: ffff888016e4b1e8 R14: ffffffff8352e670 R15: ffff888014a67e68 [ 198.427523] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.428481] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.429291] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 198.430041] PKRU: 55555554 [ 198.430346] Call Trace: [ 198.430646] [ 198.431007] __iommufd_access_detach+0x1c2/0x2b0 [ 198.431587] iommufd_access_change_pt+0x149/0x270 [ 198.432106] iommufd_access_replace+0xb4/0x120 [ 198.432604] iommufd_test+0x3e5/0x37e0 [ 198.433017] ? lock_release+0x532/0x770 [ 198.433553] ? __might_fault+0x102/0x1b0 [ 198.434066] ? lock_acquire+0x427/0x4c0 [ 198.434496] ? __pfx_iommufd_test+0x10/0x10 [ 198.434983] ? __pfx_lock_release+0x10/0x10 [ 198.435458] ? __pfx_lock_acquire+0x10/0x10 [ 198.435927] ? write_comp_data+0x2f/0x90 [ 198.436551] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.437082] ? write_comp_data+0x2f/0x90 [ 198.437529] iommufd_fops_ioctl+0x37d/0x510 [ 198.437983] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.438583] ? write_comp_data+0x2f/0x90 [ 198.439128] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.439644] __x64_sys_ioctl+0x1a3/0x230 [ 198.440078] do_syscall_64+0x3b/0x90 [ 198.440480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.441025] RIP: 0033:0x7f4b8743ee5d [ 198.441531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.443561] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.444589] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.445327] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.446074] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.447054] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.447833] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.448571] [ 198.448839] irq event stamp: 0 [ 198.449312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.449969] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.450856] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.451910] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.452571] ---[ end trace 0000000000000000 ]--- [ 198.455983] ------------[ cut here ]------------ [ 198.456653] WARNING: CPU: 1 PID: 1889 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.457745] Modules linked in: [ 198.458085] CPU: 1 PID: 1889 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.459159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.460389] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.460904] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.463104] RSP: 0018:ffff888014a67bd0 EFLAGS: 00010246 [ 198.463670] RAX: 0000000000000000 RBX: ffff888016e4b0a8 RCX: 0000000000000000 [ 198.464713] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 198.465462] RBP: ffff888014a67be8 R08: ffffed1002dc9633 R09: ffffed1002dc9633 [ 198.466210] R10: ffff888016e4b193 R11: ffffed1002dc9632 R12: ffff888013b17c00 [ 198.467251] R13: ffff888016e4b1e8 R14: ffff888012870d00 R15: 0000000000000000 [ 198.467999] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.468832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.469652] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 198.470390] PKRU: 55555554 [ 198.470711] Call Trace: [ 198.470980] [ 198.471231] iommufd_access_destroy_object+0x65/0x170 [ 198.471776] iommufd_object_destroy_user+0x18e/0x220 [ 198.472443] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.473179] iommufd_access_destroy+0x43/0x70 [ 198.473665] iommufd_test_staccess_release+0x8d/0xd0 [ 198.474210] __fput+0x26d/0xa40 [ 198.474633] ____fput+0x1e/0x30 [ 198.475090] task_work_run+0x1a4/0x2d0 [ 198.475484] ? __pfx_task_work_run+0x10/0x10 [ 198.475913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.476386] ? switch_task_namespaces+0xa9/0xe0 [ 198.476842] do_exit+0xb17/0x2ef0 [ 198.477276] ? lock_acquire+0x427/0x4c0 [ 198.477790] ? __pfx_lock_release+0x10/0x10 [ 198.478215] ? __kasan_check_write+0x18/0x20 [ 198.478681] ? do_raw_spin_lock+0x132/0x2a0 [ 198.479100] ? __pfx_do_exit+0x10/0x10 [ 198.479507] ? debug_smp_processor_id+0x20/0x30 [ 198.480154] ? rcu_is_watching+0x19/0xb0 [ 198.480550] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.480990] ? trace_hardirqs_on+0x26/0x120 [ 198.481408] do_group_exit+0xe0/0x2b0 [ 198.481773] __x64_sys_exit_group+0x47/0x50 [ 198.482371] do_syscall_64+0x3b/0x90 [ 198.482767] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.483288] RIP: 0033:0x7f4b87518a4d [ 198.483648] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.484230] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.485204] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.485893] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.486608] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.487419] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.488194] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.488882] [ 198.489116] irq event stamp: 0 [ 198.489468] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.490204] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.491019] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.491841] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.492627] ---[ end trace 0000000000000000 ]--- [ 198.493529] ------------[ cut here ]------------ [ 198.494019] WARNING: CPU: 1 PID: 1889 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.495188] Modules linked in: [ 198.495568] CPU: 1 PID: 1889 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.496400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.497687] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.498188] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.500189] RSP: 0018:ffff888014a67b78 EFLAGS: 00010246 [ 198.500706] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.501582] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 198.502264] RBP: ffff888014a67b98 R08: ffffed1002dc963e R09: ffffed1002dc963e [ 198.502958] R10: ffff888016e4b1ef R11: ffffed1002dc963d R12: ffff888016e4b290 [ 198.503837] R13: ffff888016e4b0a8 R14: ffffffffffffffff R15: ffff888014a67c60 [ 198.504527] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.505298] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.505849] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 198.506544] PKRU: 55555554 [ 198.506816] Call Trace: [ 198.507164] [ 198.507385] iommufd_ioas_destroy+0x53/0x70 [ 198.507809] iommufd_fops_release+0x1f7/0x370 [ 198.508243] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.508722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.509199] ? write_comp_data+0x2f/0x90 [ 198.509595] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.510071] __fput+0x26d/0xa40 [ 198.510400] ____fput+0x1e/0x30 [ 198.510757] task_work_run+0x1a4/0x2d0 [ 198.511168] ? __pfx_task_work_run+0x10/0x10 [ 198.511593] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.512066] ? switch_task_namespaces+0xa9/0xe0 [ 198.512528] do_exit+0xb17/0x2ef0 [ 198.512859] ? lock_acquire+0x427/0x4c0 [ 198.513242] ? __pfx_lock_release+0x10/0x10 [ 198.513646] ? __kasan_check_write+0x18/0x20 [ 198.514058] ? do_raw_spin_lock+0x132/0x2a0 [ 198.514457] ? __pfx_do_exit+0x10/0x10 [ 198.514841] ? debug_smp_processor_id+0x20/0x30 [ 198.515282] ? rcu_is_watching+0x19/0xb0 [ 198.515662] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.516084] ? trace_hardirqs_on+0x26/0x120 [ 198.516490] do_group_exit+0xe0/0x2b0 [ 198.516841] __x64_sys_exit_group+0x47/0x50 [ 198.517249] do_syscall_64+0x3b/0x90 [ 198.517600] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.518083] RIP: 0033:0x7f4b87518a4d [ 198.518428] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.519022] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.519738] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.520355] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.520973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.521587] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.522197] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.522845] [ 198.523050] irq event stamp: 0 [ 198.523335] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.523886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.524608] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.525376] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.525920] ---[ end trace 0000000000000000 ]--- [ 198.532230] ------------[ cut here ]------------ [ 198.532849] WARNING: CPU: 0 PID: 1890 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.534048] Modules linked in: [ 198.534439] CPU: 0 PID: 1890 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.535548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.536883] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.537480] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.539659] RSP: 0018:ffff888015e0fbb8 EFLAGS: 00010246 [ 198.540285] RAX: 0000000000000000 RBX: ffff88801587f8a8 RCX: 0000000000000000 [ 198.541095] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 198.541894] RBP: ffff888015e0fbd0 R08: ffffed1002b0ff33 R09: ffffed1002b0ff33 [ 198.542720] R10: ffff88801587f993 R11: ffffed1002b0ff32 R12: ffff88801226dc00 [ 198.543538] R13: ffff88801587f9e8 R14: ffffffff8352e670 R15: ffff888015e0fe68 [ 198.544350] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 198.545283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.545947] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 198.546786] PKRU: 55555554 [ 198.547125] Call Trace: [ 198.547427] [ 198.547691] __iommufd_access_detach+0x1c2/0x2b0 [ 198.548255] iommufd_access_change_pt+0x149/0x270 [ 198.548822] iommufd_access_replace+0xb4/0x120 [ 198.549375] iommufd_test+0x3e5/0x37e0 [ 198.549824] ? lock_release+0x532/0x770 [ 198.550293] ? __might_fault+0x102/0x1b0 [ 198.550802] ? lock_acquire+0x427/0x4c0 [ 198.551292] ? __pfx_iommufd_test+0x10/0x10 [ 198.551783] ? __pfx_lock_release+0x10/0x10 [ 198.552285] ? __pfx_lock_acquire+0x10/0x10 [ 198.552787] ? write_comp_data+0x2f/0x90 [ 198.553263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.553819] ? write_comp_data+0x2f/0x90 [ 198.554295] iommufd_fops_ioctl+0x37d/0x510 [ 198.554821] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.555394] ? write_comp_data+0x2f/0x90 [ 198.555864] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.556408] __x64_sys_ioctl+0x1a3/0x230 [ 198.556880] do_syscall_64+0x3b/0x90 [ 198.557311] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.557898] RIP: 0033:0x7f4b8743ee5d [ 198.558316] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.560358] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.561204] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.561988] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.562797] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.563594] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.564378] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.565175] [ 198.565444] irq event stamp: 0 [ 198.565793] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.566479] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.567445] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.568097] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.568575] ---[ end trace 0000000000000000 ]--- [ 198.571324] ------------[ cut here ]------------ [ 198.571696] WARNING: CPU: 0 PID: 1890 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.572438] Modules linked in: [ 198.572675] CPU: 0 PID: 1890 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.573316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.574137] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.574501] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.575862] RSP: 0018:ffff888015e0fbd0 EFLAGS: 00010246 [ 198.576250] RAX: 0000000000000000 RBX: ffff88801587f8a8 RCX: 0000000000000000 [ 198.576772] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 198.577295] RBP: ffff888015e0fbe8 R08: ffffed1002b0ff33 R09: ffffed1002b0ff33 [ 198.577814] R10: ffff88801587f993 R11: ffffed1002b0ff32 R12: ffff88800ae92800 [ 198.578337] R13: ffff88801587f9e8 R14: ffff88800f6d3600 R15: 0000000000000000 [ 198.578886] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 198.579486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.579907] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 198.580417] PKRU: 55555554 [ 198.580623] Call Trace: [ 198.580808] [ 198.580972] iommufd_access_destroy_object+0x65/0x170 [ 198.581348] iommufd_object_destroy_user+0x18e/0x220 [ 198.581719] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.582143] iommufd_access_destroy+0x43/0x70 [ 198.582474] iommufd_test_staccess_release+0x8d/0xd0 [ 198.582865] __fput+0x26d/0xa40 [ 198.583127] ____fput+0x1e/0x30 [ 198.583377] task_work_run+0x1a4/0x2d0 [ 198.583669] ? __pfx_task_work_run+0x10/0x10 [ 198.583994] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.584354] ? switch_task_namespaces+0xa9/0xe0 [ 198.584703] do_exit+0xb17/0x2ef0 [ 198.584958] ? lock_acquire+0x427/0x4c0 [ 198.585258] ? __pfx_lock_release+0x10/0x10 [ 198.585575] ? __kasan_check_write+0x18/0x20 [ 198.585914] ? do_raw_spin_lock+0x132/0x2a0 [ 198.586228] ? __pfx_do_exit+0x10/0x10 [ 198.586542] ? debug_smp_processor_id+0x20/0x30 [ 198.586883] ? rcu_is_watching+0x19/0xb0 [ 198.587188] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.587521] ? trace_hardirqs_on+0x26/0x120 [ 198.587843] do_group_exit+0xe0/0x2b0 [ 198.588124] __x64_sys_exit_group+0x47/0x50 [ 198.588440] do_syscall_64+0x3b/0x90 [ 198.588719] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.589099] RIP: 0033:0x7f4b87518a4d [ 198.589368] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.589811] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.590356] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.590882] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.591405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.591921] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.592434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.592955] [ 198.593124] irq event stamp: 0 [ 198.593353] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.593806] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.594410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.595046] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.595513] ---[ end trace 0000000000000000 ]--- [ 198.596155] ------------[ cut here ]------------ [ 198.596493] WARNING: CPU: 0 PID: 1890 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.597229] Modules linked in: [ 198.597463] CPU: 0 PID: 1890 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.598091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.598922] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.599303] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.600611] RSP: 0018:ffff888015e0fb78 EFLAGS: 00010246 [ 198.600994] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.601505] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 198.602014] RBP: ffff888015e0fb98 R08: ffffed1002b0ff3e R09: ffffed1002b0ff3e [ 198.602569] R10: ffff88801587f9ef R11: ffffed1002b0ff3d R12: ffff88801587fa90 [ 198.603082] R13: ffff88801587f8a8 R14: ffffffffffffffff R15: ffff888015e0fc60 [ 198.603603] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 198.604187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.604604] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 198.605119] PKRU: 55555554 [ 198.605324] Call Trace: [ 198.605508] [ 198.605672] iommufd_ioas_destroy+0x53/0x70 [ 198.605991] iommufd_fops_release+0x1f7/0x370 [ 198.606329] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.606705] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.607059] ? write_comp_data+0x2f/0x90 [ 198.607373] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.607730] __fput+0x26d/0xa40 [ 198.607980] ____fput+0x1e/0x30 [ 198.608223] task_work_run+0x1a4/0x2d0 [ 198.608512] ? __pfx_task_work_run+0x10/0x10 [ 198.608830] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.609180] ? switch_task_namespaces+0xa9/0xe0 [ 198.609522] do_exit+0xb17/0x2ef0 [ 198.609769] ? lock_acquire+0x427/0x4c0 [ 198.610059] ? __pfx_lock_release+0x10/0x10 [ 198.610373] ? __kasan_check_write+0x18/0x20 [ 198.610721] ? do_raw_spin_lock+0x132/0x2a0 [ 198.611032] ? __pfx_do_exit+0x10/0x10 [ 198.611324] ? debug_smp_processor_id+0x20/0x30 [ 198.611659] ? rcu_is_watching+0x19/0xb0 [ 198.611950] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.612275] ? trace_hardirqs_on+0x26/0x120 [ 198.612586] do_group_exit+0xe0/0x2b0 [ 198.612863] __x64_sys_exit_group+0x47/0x50 [ 198.613171] do_syscall_64+0x3b/0x90 [ 198.613440] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.613810] RIP: 0033:0x7f4b87518a4d [ 198.614069] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.614495] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.615039] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.615550] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.616045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.616539] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.617038] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.617542] [ 198.617705] irq event stamp: 0 [ 198.617927] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.618363] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.618965] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.619555] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.619992] ---[ end trace 0000000000000000 ]--- [ 198.623653] ------------[ cut here ]------------ [ 198.624014] WARNING: CPU: 0 PID: 1891 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.624725] Modules linked in: [ 198.624948] CPU: 0 PID: 1891 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.625552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.626326] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.626921] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.628195] RSP: 0018:ffff888018a0fbb8 EFLAGS: 00010246 [ 198.628570] RAX: 0000000000000000 RBX: ffff888015d2f8a8 RCX: 0000000000000000 [ 198.629068] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 198.629560] RBP: ffff888018a0fbd0 R08: ffffed1002ba5f33 R09: ffffed1002ba5f33 [ 198.630049] R10: ffff888015d2f993 R11: ffffed1002ba5f32 R12: ffff888014390400 [ 198.630558] R13: ffff888015d2f9e8 R14: ffffffff8352e670 R15: ffff888018a0fe68 [ 198.631054] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 198.631623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.632032] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 198.632533] PKRU: 55555554 [ 198.632730] Call Trace: [ 198.632910] [ 198.633068] __iommufd_access_detach+0x1c2/0x2b0 [ 198.633414] iommufd_access_change_pt+0x149/0x270 [ 198.633759] iommufd_access_replace+0xb4/0x120 [ 198.634091] iommufd_test+0x3e5/0x37e0 [ 198.634369] ? lock_release+0x532/0x770 [ 198.634678] ? __might_fault+0x102/0x1b0 [ 198.634976] ? lock_acquire+0x427/0x4c0 [ 198.635283] ? __pfx_iommufd_test+0x10/0x10 [ 198.635590] ? __pfx_lock_release+0x10/0x10 [ 198.635900] ? __pfx_lock_acquire+0x10/0x10 [ 198.636211] ? write_comp_data+0x2f/0x90 [ 198.636503] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.636849] ? write_comp_data+0x2f/0x90 [ 198.637142] iommufd_fops_ioctl+0x37d/0x510 [ 198.637449] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.637800] ? write_comp_data+0x2f/0x90 [ 198.638095] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.638437] __x64_sys_ioctl+0x1a3/0x230 [ 198.638750] do_syscall_64+0x3b/0x90 [ 198.639023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.639403] RIP: 0033:0x7f4b8743ee5d [ 198.639666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.640924] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.641453] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.641946] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.642439] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.642948] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.643455] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.643960] [ 198.644127] irq event stamp: 0 [ 198.644349] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.644786] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.645372] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.645948] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.646390] ---[ end trace 0000000000000000 ]--- [ 198.649045] ------------[ cut here ]------------ [ 198.649407] WARNING: CPU: 0 PID: 1891 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.650111] Modules linked in: [ 198.650336] CPU: 0 PID: 1891 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.650995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.651800] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.652148] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.653401] RSP: 0018:ffff888018a0fbd0 EFLAGS: 00010246 [ 198.653768] RAX: 0000000000000000 RBX: ffff888015d2f8a8 RCX: 0000000000000000 [ 198.654259] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 198.654765] RBP: ffff888018a0fbe8 R08: ffffed1002ba5f33 R09: ffffed1002ba5f33 [ 198.655267] R10: ffff888015d2f993 R11: ffffed1002ba5f32 R12: ffff88801226f400 [ 198.655760] R13: ffff888015d2f9e8 R14: ffff888010928f00 R15: 0000000000000000 [ 198.656259] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 198.656812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.657213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 198.657720] PKRU: 55555554 [ 198.657919] Call Trace: [ 198.658098] [ 198.658258] iommufd_access_destroy_object+0x65/0x170 [ 198.658650] iommufd_object_destroy_user+0x18e/0x220 [ 198.659016] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.659444] iommufd_access_destroy+0x43/0x70 [ 198.659768] iommufd_test_staccess_release+0x8d/0xd0 [ 198.660135] __fput+0x26d/0xa40 [ 198.660379] ____fput+0x1e/0x30 [ 198.660618] task_work_run+0x1a4/0x2d0 [ 198.660897] ? __pfx_task_work_run+0x10/0x10 [ 198.661212] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.661560] ? switch_task_namespaces+0xa9/0xe0 [ 198.661897] do_exit+0xb17/0x2ef0 [ 198.662142] ? lock_acquire+0x427/0x4c0 [ 198.662429] ? __pfx_lock_release+0x10/0x10 [ 198.662754] ? __kasan_check_write+0x18/0x20 [ 198.663071] ? do_raw_spin_lock+0x132/0x2a0 [ 198.663389] ? __pfx_do_exit+0x10/0x10 [ 198.663675] ? debug_smp_processor_id+0x20/0x30 [ 198.664004] ? rcu_is_watching+0x19/0xb0 [ 198.664292] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.664614] ? trace_hardirqs_on+0x26/0x120 [ 198.664927] do_group_exit+0xe0/0x2b0 [ 198.665196] __x64_sys_exit_group+0x47/0x50 [ 198.665505] do_syscall_64+0x3b/0x90 [ 198.665781] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.666158] RIP: 0033:0x7f4b87518a4d [ 198.666426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.666882] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.667429] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.667932] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.668434] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.668939] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.669445] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.669958] [ 198.670127] irq event stamp: 0 [ 198.670351] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.670819] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.671427] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.672010] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.672448] ---[ end trace 0000000000000000 ]--- [ 198.673442] ------------[ cut here ]------------ [ 198.673795] WARNING: CPU: 1 PID: 1891 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.674550] Modules linked in: [ 198.674781] CPU: 1 PID: 1891 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.675413] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.676213] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.676582] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.677880] RSP: 0018:ffff888018a0fb78 EFLAGS: 00010246 [ 198.678258] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.678814] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 198.679327] RBP: ffff888018a0fb98 R08: ffffed1002ba5f3e R09: ffffed1002ba5f3e [ 198.679835] R10: ffff888015d2f9ef R11: ffffed1002ba5f3d R12: ffff888015d2fa90 [ 198.680342] R13: ffff888015d2f8a8 R14: ffffffffffffffff R15: ffff888018a0fc60 [ 198.680848] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.681420] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.681833] CR2: 00007f82e2ea3000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 198.682359] PKRU: 55555554 [ 198.682580] Call Trace: [ 198.682766] [ 198.682930] iommufd_ioas_destroy+0x53/0x70 [ 198.683252] iommufd_fops_release+0x1f7/0x370 [ 198.683581] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.683943] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.684301] ? write_comp_data+0x2f/0x90 [ 198.684606] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.685023] __fput+0x26d/0xa40 [ 198.685274] ____fput+0x1e/0x30 [ 198.685520] task_work_run+0x1a4/0x2d0 [ 198.685809] ? __pfx_task_work_run+0x10/0x10 [ 198.686132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.686487] ? switch_task_namespaces+0xa9/0xe0 [ 198.686854] do_exit+0xb17/0x2ef0 [ 198.687106] ? lock_acquire+0x427/0x4c0 [ 198.687402] ? __pfx_lock_release+0x10/0x10 [ 198.687716] ? __kasan_check_write+0x18/0x20 [ 198.688036] ? do_raw_spin_lock+0x132/0x2a0 [ 198.688347] ? __pfx_do_exit+0x10/0x10 [ 198.688636] ? debug_smp_processor_id+0x20/0x30 [ 198.688979] ? rcu_is_watching+0x19/0xb0 [ 198.689274] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.689603] ? trace_hardirqs_on+0x26/0x120 [ 198.689918] do_group_exit+0xe0/0x2b0 [ 198.690191] __x64_sys_exit_group+0x47/0x50 [ 198.690499] do_syscall_64+0x3b/0x90 [ 198.690792] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.691177] RIP: 0033:0x7f4b87518a4d [ 198.691446] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.691885] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.692427] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.692936] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.693446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.693953] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.694461] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.694988] [ 198.695164] irq event stamp: 0 [ 198.695392] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.695843] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.696439] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.697035] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.697482] ---[ end trace 0000000000000000 ]--- [ 198.701098] ------------[ cut here ]------------ [ 198.701470] WARNING: CPU: 1 PID: 1892 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.702191] Modules linked in: [ 198.702422] CPU: 1 PID: 1892 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.703079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.703892] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.704251] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.705550] RSP: 0018:ffff888015e0fbb8 EFLAGS: 00010246 [ 198.705933] RAX: 0000000000000000 RBX: ffff888016e568a8 RCX: 0000000000000000 [ 198.706440] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 198.707080] RBP: ffff888015e0fbd0 R08: ffffed1002dcad33 R09: ffffed1002dcad33 [ 198.707604] R10: ffff888016e56993 R11: ffffed1002dcad32 R12: ffff888010e02000 [ 198.708112] R13: ffff888016e569e8 R14: ffffffff8352e670 R15: ffff888015e0fe68 [ 198.708626] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.709202] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.709617] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 198.710128] PKRU: 55555554 [ 198.710336] Call Trace: [ 198.710543] [ 198.710711] __iommufd_access_detach+0x1c2/0x2b0 [ 198.711070] iommufd_access_change_pt+0x149/0x270 [ 198.711436] iommufd_access_replace+0xb4/0x120 [ 198.711775] iommufd_test+0x3e5/0x37e0 [ 198.712056] ? lock_release+0x532/0x770 [ 198.712351] ? __might_fault+0x102/0x1b0 [ 198.712651] ? lock_acquire+0x427/0x4c0 [ 198.712945] ? __pfx_iommufd_test+0x10/0x10 [ 198.713254] ? __pfx_lock_release+0x10/0x10 [ 198.713571] ? __pfx_lock_acquire+0x10/0x10 [ 198.713892] ? write_comp_data+0x2f/0x90 [ 198.714194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.714568] ? write_comp_data+0x2f/0x90 [ 198.714873] iommufd_fops_ioctl+0x37d/0x510 [ 198.715196] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.715550] ? write_comp_data+0x2f/0x90 [ 198.715850] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.716201] __x64_sys_ioctl+0x1a3/0x230 [ 198.716504] do_syscall_64+0x3b/0x90 [ 198.716782] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.717231] RIP: 0033:0x7f4b8743ee5d [ 198.717502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.718817] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.719370] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.719878] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.720388] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.720894] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.721403] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.721919] [ 198.722088] irq event stamp: 0 [ 198.722314] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.722786] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.723393] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.723993] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.724444] ---[ end trace 0000000000000000 ]--- [ 198.727023] ------------[ cut here ]------------ [ 198.727388] WARNING: CPU: 1 PID: 1892 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.728113] Modules linked in: [ 198.728346] CPU: 1 PID: 1892 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.728973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.729774] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.730132] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.731453] RSP: 0018:ffff888015e0fbd0 EFLAGS: 00010246 [ 198.731839] RAX: 0000000000000000 RBX: ffff888016e568a8 RCX: 0000000000000000 [ 198.732347] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 198.732854] RBP: ffff888015e0fbe8 R08: ffffed1002dcad33 R09: ffffed1002dcad33 [ 198.733361] R10: ffff888016e56993 R11: ffffed1002dcad32 R12: ffff8880141e9400 [ 198.733868] R13: ffff888016e569e8 R14: ffff8880123b0600 R15: 0000000000000000 [ 198.734375] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.734968] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.735405] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.735918] PKRU: 55555554 [ 198.736123] Call Trace: [ 198.736311] [ 198.736477] iommufd_access_destroy_object+0x65/0x170 [ 198.736858] iommufd_object_destroy_user+0x18e/0x220 [ 198.737229] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.737651] iommufd_access_destroy+0x43/0x70 [ 198.737982] iommufd_test_staccess_release+0x8d/0xd0 [ 198.738356] __fput+0x26d/0xa40 [ 198.738624] ____fput+0x1e/0x30 [ 198.738873] task_work_run+0x1a4/0x2d0 [ 198.739170] ? __pfx_task_work_run+0x10/0x10 [ 198.739494] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.739852] ? switch_task_namespaces+0xa9/0xe0 [ 198.740198] do_exit+0xb17/0x2ef0 [ 198.740449] ? lock_acquire+0x427/0x4c0 [ 198.740744] ? __pfx_lock_release+0x10/0x10 [ 198.741059] ? __kasan_check_write+0x18/0x20 [ 198.741379] ? do_raw_spin_lock+0x132/0x2a0 [ 198.741692] ? __pfx_do_exit+0x10/0x10 [ 198.741981] ? debug_smp_processor_id+0x20/0x30 [ 198.742318] ? rcu_is_watching+0x19/0xb0 [ 198.742633] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.742968] ? trace_hardirqs_on+0x26/0x120 [ 198.743300] do_group_exit+0xe0/0x2b0 [ 198.743581] __x64_sys_exit_group+0x47/0x50 [ 198.743894] do_syscall_64+0x3b/0x90 [ 198.744171] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.744572] RIP: 0033:0x7f4b87518a4d [ 198.744902] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.745419] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.745968] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.746523] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.747092] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.747624] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.748161] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.748767] [ 198.748997] irq event stamp: 0 [ 198.749229] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.749692] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.750341] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.751040] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.751519] ---[ end trace 0000000000000000 ]--- [ 198.752180] ------------[ cut here ]------------ [ 198.752589] WARNING: CPU: 1 PID: 1892 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.753406] Modules linked in: [ 198.753648] CPU: 1 PID: 1892 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.754354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.755269] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.755661] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.757123] RSP: 0018:ffff888015e0fb78 EFLAGS: 00010246 [ 198.757524] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.758106] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 198.758701] RBP: ffff888015e0fb98 R08: ffffed1002dcad3e R09: ffffed1002dcad3e [ 198.759244] R10: ffff888016e569ef R11: ffffed1002dcad3d R12: ffff888016e56a90 [ 198.759782] R13: ffff888016e568a8 R14: ffffffffffffffff R15: ffff888015e0fc60 [ 198.760416] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.761011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.761447] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 198.762074] PKRU: 55555554 [ 198.762293] Call Trace: [ 198.762491] [ 198.762685] iommufd_ioas_destroy+0x53/0x70 [ 198.763026] iommufd_fops_release+0x1f7/0x370 [ 198.763385] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.763798] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.764251] ? write_comp_data+0x2f/0x90 [ 198.764574] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.764960] __fput+0x26d/0xa40 [ 198.765231] ____fput+0x1e/0x30 [ 198.765512] task_work_run+0x1a4/0x2d0 [ 198.765903] ? __pfx_task_work_run+0x10/0x10 [ 198.766244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.766644] ? switch_task_namespaces+0xa9/0xe0 [ 198.767014] do_exit+0xb17/0x2ef0 [ 198.767300] ? lock_acquire+0x427/0x4c0 [ 198.767633] ? __pfx_lock_release+0x10/0x10 [ 198.768057] ? __kasan_check_write+0x18/0x20 [ 198.768403] ? do_raw_spin_lock+0x132/0x2a0 [ 198.768735] ? __pfx_do_exit+0x10/0x10 [ 198.769035] ? debug_smp_processor_id+0x20/0x30 [ 198.769416] ? rcu_is_watching+0x19/0xb0 [ 198.769800] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.770145] ? trace_hardirqs_on+0x26/0x120 [ 198.770481] do_group_exit+0xe0/0x2b0 [ 198.770798] __x64_sys_exit_group+0x47/0x50 [ 198.771133] do_syscall_64+0x3b/0x90 [ 198.771432] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.771946] RIP: 0033:0x7f4b87518a4d [ 198.772229] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.772699] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.773279] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.773908] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.774451] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.775023] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.775663] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.776216] [ 198.776397] irq event stamp: 0 [ 198.776640] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.777120] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.777854] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.778490] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.778991] ---[ end trace 0000000000000000 ]--- [ 198.782670] ------------[ cut here ]------------ [ 198.783136] WARNING: CPU: 1 PID: 1893 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.783921] Modules linked in: [ 198.784175] CPU: 1 PID: 1893 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.784990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.785870] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.786283] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.787873] RSP: 0018:ffff888016eafbb8 EFLAGS: 00010246 [ 198.788300] RAX: 0000000000000000 RBX: ffff888023e8a8a8 RCX: 0000000000000000 [ 198.789007] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 198.789572] RBP: ffff888016eafbd0 R08: ffffed10047d1533 R09: ffffed10047d1533 [ 198.790131] R10: ffff888023e8a993 R11: ffffed10047d1532 R12: ffff888014b94c00 [ 198.790831] R13: ffff888023e8a9e8 R14: ffffffff8352e670 R15: ffff888016eafe68 [ 198.791404] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.792035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.792508] CR2: 00007f4b877410e8 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 198.793171] PKRU: 55555554 [ 198.793395] Call Trace: [ 198.793602] [ 198.793784] __iommufd_access_detach+0x1c2/0x2b0 [ 198.794177] iommufd_access_change_pt+0x149/0x270 [ 198.794719] iommufd_access_replace+0xb4/0x120 [ 198.795095] iommufd_test+0x3e5/0x37e0 [ 198.795412] ? lock_release+0x532/0x770 [ 198.795741] ? __might_fault+0x102/0x1b0 [ 198.796067] ? lock_acquire+0x427/0x4c0 [ 198.796391] ? __pfx_iommufd_test+0x10/0x10 [ 198.796801] ? __pfx_lock_release+0x10/0x10 [ 198.797195] ? __pfx_lock_acquire+0x10/0x10 [ 198.797556] ? write_comp_data+0x2f/0x90 [ 198.797895] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.798304] ? write_comp_data+0x2f/0x90 [ 198.798814] iommufd_fops_ioctl+0x37d/0x510 [ 198.799213] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.799633] ? write_comp_data+0x2f/0x90 [ 198.799984] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.800387] __x64_sys_ioctl+0x1a3/0x230 [ 198.800746] do_syscall_64+0x3b/0x90 [ 198.801311] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.801879] RIP: 0033:0x7f4b8743ee5d [ 198.802286] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.804427] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.805312] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.806107] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.806904] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.807825] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.808584] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.809382] [ 198.809701] irq event stamp: 0 [ 198.810034] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.810742] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.811953] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.812957] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.813813] ---[ end trace 0000000000000000 ]--- [ 198.819249] ------------[ cut here ]------------ [ 198.819860] WARNING: CPU: 1 PID: 1893 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.821202] Modules linked in: [ 198.821603] CPU: 1 PID: 1893 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.822834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.824207] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.824941] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.827297] RSP: 0018:ffff888016eafbd0 EFLAGS: 00010246 [ 198.827947] RAX: 0000000000000000 RBX: ffff888023e8a8a8 RCX: 0000000000000000 [ 198.828855] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 198.829759] RBP: ffff888016eafbe8 R08: ffffed10047d1533 R09: ffffed10047d1533 [ 198.830651] R10: ffff888023e8a993 R11: ffffed10047d1532 R12: ffff888017b97400 [ 198.831610] R13: ffff888023e8a9e8 R14: ffff88800f90b600 R15: 0000000000000000 [ 198.832454] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.833564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.834254] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 198.835195] PKRU: 55555554 [ 198.835614] Call Trace: [ 198.835926] [ 198.836193] iommufd_access_destroy_object+0x65/0x170 [ 198.836815] iommufd_object_destroy_user+0x18e/0x220 [ 198.837489] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.838320] iommufd_access_destroy+0x43/0x70 [ 198.838946] iommufd_test_staccess_release+0x8d/0xd0 [ 198.839622] __fput+0x26d/0xa40 [ 198.840133] ____fput+0x1e/0x30 [ 198.840651] task_work_run+0x1a4/0x2d0 [ 198.841151] ? __pfx_task_work_run+0x10/0x10 [ 198.841706] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.842456] ? switch_task_namespaces+0xa9/0xe0 [ 198.843134] do_exit+0xb17/0x2ef0 [ 198.843582] ? lock_acquire+0x427/0x4c0 [ 198.844094] ? __pfx_lock_release+0x10/0x10 [ 198.844668] ? __kasan_check_write+0x18/0x20 [ 198.845339] ? do_raw_spin_lock+0x132/0x2a0 [ 198.845882] ? __pfx_do_exit+0x10/0x10 [ 198.846386] ? debug_smp_processor_id+0x20/0x30 [ 198.847136] ? rcu_is_watching+0x19/0xb0 [ 198.847725] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.848315] ? trace_hardirqs_on+0x26/0x120 [ 198.848876] do_group_exit+0xe0/0x2b0 [ 198.849402] __x64_sys_exit_group+0x47/0x50 [ 198.850093] do_syscall_64+0x3b/0x90 [ 198.850662] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.851353] RIP: 0033:0x7f4b87518a4d [ 198.851831] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.852793] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.853779] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.854962] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.855913] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.856849] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.858041] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.859056] [ 198.859415] irq event stamp: 0 [ 198.859837] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.860866] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.861959] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.863329] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.864162] ---[ end trace 0000000000000000 ]--- [ 198.865556] ------------[ cut here ]------------ [ 198.866221] WARNING: CPU: 1 PID: 1893 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 198.867853] Modules linked in: [ 198.868292] CPU: 1 PID: 1893 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.869434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.871172] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 198.871866] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 198.874436] RSP: 0018:ffff888016eafb78 EFLAGS: 00010246 [ 198.875326] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 198.876318] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 198.877245] RBP: ffff888016eafb98 R08: ffffed10047d153e R09: ffffed10047d153e [ 198.878380] R10: ffff888023e8a9ef R11: ffffed10047d153d R12: ffff888023e8aa90 [ 198.879394] R13: ffff888023e8a8a8 R14: ffffffffffffffff R15: ffff888016eafc60 [ 198.880393] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.881537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.882294] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 198.883502] PKRU: 55555554 [ 198.883893] Call Trace: [ 198.884236] [ 198.884543] iommufd_ioas_destroy+0x53/0x70 [ 198.885164] iommufd_fops_release+0x1f7/0x370 [ 198.885921] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.886674] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.887374] ? write_comp_data+0x2f/0x90 [ 198.888123] ? __pfx_iommufd_fops_release+0x10/0x10 [ 198.888787] __fput+0x26d/0xa40 [ 198.889252] ____fput+0x1e/0x30 [ 198.889710] task_work_run+0x1a4/0x2d0 [ 198.890453] ? __pfx_task_work_run+0x10/0x10 [ 198.891097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.891787] ? switch_task_namespaces+0xa9/0xe0 [ 198.892430] do_exit+0xb17/0x2ef0 [ 198.893112] ? lock_acquire+0x427/0x4c0 [ 198.893677] ? __pfx_lock_release+0x10/0x10 [ 198.894286] ? __kasan_check_write+0x18/0x20 [ 198.894944] ? do_raw_spin_lock+0x132/0x2a0 [ 198.895751] ? __pfx_do_exit+0x10/0x10 [ 198.896295] ? debug_smp_processor_id+0x20/0x30 [ 198.896947] ? rcu_is_watching+0x19/0xb0 [ 198.897519] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.898161] ? trace_hardirqs_on+0x26/0x120 [ 198.898826] do_group_exit+0xe0/0x2b0 [ 198.899377] __x64_sys_exit_group+0x47/0x50 [ 198.899958] do_syscall_64+0x3b/0x90 [ 198.900473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.901178] RIP: 0033:0x7f4b87518a4d [ 198.901684] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.902500] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.903659] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.904635] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.905605] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.906611] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.907579] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.908565] [ 198.908898] irq event stamp: 0 [ 198.909339] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.910189] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.911366] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.912472] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.913320] ---[ end trace 0000000000000000 ]--- [ 198.918067] ------------[ cut here ]------------ [ 198.918772] WARNING: CPU: 1 PID: 1894 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.919864] Modules linked in: [ 198.920197] CPU: 1 PID: 1894 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.921094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.922262] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.922839] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.924742] RSP: 0018:ffff888017267bb8 EFLAGS: 00010246 [ 198.925301] RAX: 0000000000000000 RBX: ffff888011d9a0a8 RCX: 0000000000000000 [ 198.926040] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 198.926820] RBP: ffff888017267bd0 R08: ffffed10023b3433 R09: ffffed10023b3433 [ 198.927591] R10: ffff888011d9a193 R11: ffffed10023b3432 R12: ffff888017b96000 [ 198.928335] R13: ffff888011d9a1e8 R14: ffffffff8352e670 R15: ffff888017267e68 [ 198.929081] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 198.929919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.930557] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 198.931331] PKRU: 55555554 [ 198.931628] Call Trace: [ 198.931901] [ 198.932138] __iommufd_access_detach+0x1c2/0x2b0 [ 198.932659] iommufd_access_change_pt+0x149/0x270 [ 198.933177] iommufd_access_replace+0xb4/0x120 [ 198.933671] iommufd_test+0x3e5/0x37e0 [ 198.934084] ? lock_release+0x532/0x770 [ 198.934542] ? __might_fault+0x102/0x1b0 [ 198.934978] ? lock_acquire+0x427/0x4c0 [ 198.935422] ? __pfx_iommufd_test+0x10/0x10 [ 198.935878] ? __pfx_lock_release+0x10/0x10 [ 198.936334] ? __pfx_lock_acquire+0x10/0x10 [ 198.936801] ? write_comp_data+0x2f/0x90 [ 198.937236] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.937748] ? write_comp_data+0x2f/0x90 [ 198.938185] iommufd_fops_ioctl+0x37d/0x510 [ 198.938673] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.939191] ? write_comp_data+0x2f/0x90 [ 198.939622] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 198.940134] __x64_sys_ioctl+0x1a3/0x230 [ 198.940574] do_syscall_64+0x3b/0x90 [ 198.940975] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.941538] RIP: 0033:0x7f4b8743ee5d [ 198.941931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 198.943883] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 198.944685] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 198.945433] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 198.946170] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 198.946946] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 198.947698] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 198.948447] [ 198.948697] irq event stamp: 0 [ 198.949023] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 198.949682] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 198.950592] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 198.951473] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 198.952125] ---[ end trace 0000000000000000 ]--- [ 198.957745] ------------[ cut here ]------------ [ 198.958476] WARNING: CPU: 0 PID: 1894 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 198.959974] Modules linked in: [ 198.960410] CPU: 0 PID: 1894 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 198.961554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 198.963422] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 198.964106] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 198.966487] RSP: 0018:ffff888017267bd0 EFLAGS: 00010246 [ 198.967277] RAX: 0000000000000000 RBX: ffff888011d9a0a8 RCX: 0000000000000000 [ 198.968213] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 198.969150] RBP: ffff888017267be8 R08: ffffed10023b3433 R09: ffffed10023b3433 [ 198.970094] R10: ffff888011d9a193 R11: ffffed10023b3432 R12: ffff888014b96400 [ 198.971132] R13: ffff888011d9a1e8 R14: ffff88801381a900 R15: 0000000000000000 [ 198.972086] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 198.973147] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.973916] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 198.974915] PKRU: 55555554 [ 198.975314] Call Trace: [ 198.975664] [ 198.975974] iommufd_access_destroy_object+0x65/0x170 [ 198.976680] iommufd_object_destroy_user+0x18e/0x220 [ 198.977366] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 198.978149] iommufd_access_destroy+0x43/0x70 [ 198.978855] iommufd_test_staccess_release+0x8d/0xd0 [ 198.979599] __fput+0x26d/0xa40 [ 198.980088] ____fput+0x1e/0x30 [ 198.980558] task_work_run+0x1a4/0x2d0 [ 198.981097] ? __pfx_task_work_run+0x10/0x10 [ 198.981694] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 198.982357] ? switch_task_namespaces+0xa9/0xe0 [ 198.983055] do_exit+0xb17/0x2ef0 [ 198.983543] ? lock_acquire+0x427/0x4c0 [ 198.984098] ? __pfx_lock_release+0x10/0x10 [ 198.984685] ? __kasan_check_write+0x18/0x20 [ 198.985280] ? do_raw_spin_lock+0x132/0x2a0 [ 198.985856] ? __pfx_do_exit+0x10/0x10 [ 198.986393] ? debug_smp_processor_id+0x20/0x30 [ 198.987078] ? rcu_is_watching+0x19/0xb0 [ 198.987648] ? _raw_spin_unlock_irq+0x2b/0x60 [ 198.988270] ? trace_hardirqs_on+0x26/0x120 [ 198.988857] do_group_exit+0xe0/0x2b0 [ 198.989372] __x64_sys_exit_group+0x47/0x50 [ 198.989944] do_syscall_64+0x3b/0x90 [ 198.990463] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 198.991232] RIP: 0033:0x7f4b87518a4d [ 198.991731] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 198.992545] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 198.993539] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 198.994473] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 198.995493] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 198.996435] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 198.997373] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 198.998322] [ 198.998687] irq event stamp: 0 [ 198.999126] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.000001] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.001139] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.002834] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.003727] ---[ end trace 0000000000000000 ]--- [ 199.005222] ------------[ cut here ]------------ [ 199.005947] WARNING: CPU: 0 PID: 1894 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.007696] Modules linked in: [ 199.008157] CPU: 0 PID: 1894 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.009323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.011249] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.011963] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.014339] RSP: 0018:ffff888017267b78 EFLAGS: 00010246 [ 199.015140] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.016107] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 199.017073] RBP: ffff888017267b98 R08: ffffed10023b343e R09: ffffed10023b343e [ 199.018033] R10: ffff888011d9a1ef R11: ffffed10023b343d R12: ffff888011d9a290 [ 199.019024] R13: ffff888011d9a0a8 R14: ffffffffffffffff R15: ffff888017267c60 [ 199.019982] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 199.021034] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.021799] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 199.022805] PKRU: 55555554 [ 199.023214] Call Trace: [ 199.023561] [ 199.023883] iommufd_ioas_destroy+0x53/0x70 [ 199.024488] iommufd_fops_release+0x1f7/0x370 [ 199.025113] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.025798] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.026476] ? write_comp_data+0x2f/0x90 [ 199.027141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.027833] __fput+0x26d/0xa40 [ 199.028315] ____fput+0x1e/0x30 [ 199.028780] task_work_run+0x1a4/0x2d0 [ 199.029314] ? __pfx_task_work_run+0x10/0x10 [ 199.029928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.030681] ? switch_task_namespaces+0xa9/0xe0 [ 199.031379] do_exit+0xb17/0x2ef0 [ 199.031851] ? lock_acquire+0x427/0x4c0 [ 199.032389] ? __pfx_lock_release+0x10/0x10 [ 199.032979] ? __kasan_check_write+0x18/0x20 [ 199.033576] ? do_raw_spin_lock+0x132/0x2a0 [ 199.034153] ? __pfx_do_exit+0x10/0x10 [ 199.034757] ? debug_smp_processor_id+0x20/0x30 [ 199.035417] ? rcu_is_watching+0x19/0xb0 [ 199.035981] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.036609] ? trace_hardirqs_on+0x26/0x120 [ 199.037212] do_group_exit+0xe0/0x2b0 [ 199.037738] __x64_sys_exit_group+0x47/0x50 [ 199.038304] do_syscall_64+0x3b/0x90 [ 199.038879] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.039615] RIP: 0033:0x7f4b87518a4d [ 199.040120] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.040946] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.041969] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.043005] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.043968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.044918] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.045849] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.046900] [ 199.047252] irq event stamp: 0 [ 199.047678] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.048526] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.049618] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.050772] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.051656] ---[ end trace 0000000000000000 ]--- [ 199.060052] ------------[ cut here ]------------ [ 199.060756] WARNING: CPU: 0 PID: 1895 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.062449] Modules linked in: [ 199.062972] CPU: 0 PID: 1895 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.064144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.065633] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.066715] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.069126] RSP: 0018:ffff88800f16fbb8 EFLAGS: 00010246 [ 199.069834] RAX: 0000000000000000 RBX: ffff8880147058a8 RCX: 0000000000000000 [ 199.071128] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 199.072068] RBP: ffff88800f16fbd0 R08: ffffed10028e0b33 R09: ffffed10028e0b33 [ 199.073006] R10: ffff888014705993 R11: ffffed10028e0b32 R12: ffff888010824800 [ 199.073939] R13: ffff8880147059e8 R14: ffffffff8352e670 R15: ffff88800f16fe68 [ 199.074939] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 199.076012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.076772] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 199.077706] PKRU: 55555554 [ 199.078081] Call Trace: [ 199.078425] [ 199.078781] __iommufd_access_detach+0x1c2/0x2b0 [ 199.079467] iommufd_access_change_pt+0x149/0x270 [ 199.080124] iommufd_access_replace+0xb4/0x120 [ 199.080746] iommufd_test+0x3e5/0x37e0 [ 199.081266] ? lock_release+0x532/0x770 [ 199.081810] ? __might_fault+0x102/0x1b0 [ 199.082363] ? lock_acquire+0x427/0x4c0 [ 199.082969] ? __pfx_iommufd_test+0x10/0x10 [ 199.083567] ? __pfx_lock_release+0x10/0x10 [ 199.084155] ? __pfx_lock_acquire+0x10/0x10 [ 199.084746] ? write_comp_data+0x2f/0x90 [ 199.085316] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.085980] ? write_comp_data+0x2f/0x90 [ 199.086595] iommufd_fops_ioctl+0x37d/0x510 [ 199.087207] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.087878] ? write_comp_data+0x2f/0x90 [ 199.088439] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.089093] __x64_sys_ioctl+0x1a3/0x230 [ 199.089654] do_syscall_64+0x3b/0x90 [ 199.090175] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.090946] RIP: 0033:0x7f4b8743ee5d [ 199.091478] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 199.093865] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 199.094911] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 199.095874] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 199.096810] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 199.097747] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 199.098726] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 199.099688] [ 199.100003] irq event stamp: 0 [ 199.100425] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.101249] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.102339] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.103487] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.104319] ---[ end trace 0000000000000000 ]--- [ 199.109731] ------------[ cut here ]------------ [ 199.110927] WARNING: CPU: 0 PID: 1895 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.112296] Modules linked in: [ 199.112727] CPU: 0 PID: 1895 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.113864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.115737] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.116410] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.118962] RSP: 0018:ffff88800f16fbd0 EFLAGS: 00010246 [ 199.119854] RAX: 0000000000000000 RBX: ffff8880147058a8 RCX: 0000000000000000 [ 199.120613] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 199.121361] RBP: ffff88800f16fbe8 R08: ffffed10028e0b33 R09: ffffed10028e0b33 [ 199.122108] R10: ffff888014705993 R11: ffffed10028e0b32 R12: ffff888014390800 [ 199.122936] R13: ffff8880147059e8 R14: ffff88802097b600 R15: 0000000000000000 [ 199.124388] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 199.125460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.126222] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 199.127254] PKRU: 55555554 [ 199.127643] Call Trace: [ 199.127992] [ 199.128300] iommufd_access_destroy_object+0x65/0x170 [ 199.129557] iommufd_object_destroy_user+0x18e/0x220 [ 199.130257] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 199.131104] iommufd_access_destroy+0x43/0x70 [ 199.131755] iommufd_test_staccess_release+0x8d/0xd0 [ 199.132437] __fput+0x26d/0xa40 [ 199.132903] ____fput+0x1e/0x30 [ 199.133416] task_work_run+0x1a4/0x2d0 [ 199.134253] ? __pfx_task_work_run+0x10/0x10 [ 199.134796] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.135332] ? switch_task_namespaces+0xa9/0xe0 [ 199.135849] do_exit+0xb17/0x2ef0 [ 199.136223] ? lock_acquire+0x427/0x4c0 [ 199.136653] ? __pfx_lock_release+0x10/0x10 [ 199.137121] ? __kasan_check_write+0x18/0x20 [ 199.137604] ? do_raw_spin_lock+0x132/0x2a0 [ 199.138235] ? __pfx_do_exit+0x10/0x10 [ 199.139345] ? debug_smp_processor_id+0x20/0x30 [ 199.139995] ? rcu_is_watching+0x19/0xb0 [ 199.140556] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.141182] ? trace_hardirqs_on+0x26/0x120 [ 199.141777] do_group_exit+0xe0/0x2b0 [ 199.142293] __x64_sys_exit_group+0x47/0x50 [ 199.142922] do_syscall_64+0x3b/0x90 [ 199.143473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.144365] RIP: 0033:0x7f4b87518a4d [ 199.145138] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.145963] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.147036] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.148018] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.149057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.150217] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.151240] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.152196] [ 199.152521] irq event stamp: 0 [ 199.153045] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.154097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.155305] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.156661] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.157499] ---[ end trace 0000000000000000 ]--- [ 199.159182] ------------[ cut here ]------------ [ 199.159841] WARNING: CPU: 0 PID: 1895 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.161517] Modules linked in: [ 199.161957] CPU: 0 PID: 1895 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.163528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.165012] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.165724] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.168427] RSP: 0018:ffff88800f16fb78 EFLAGS: 00010246 [ 199.169408] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.170349] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 199.171465] RBP: ffff88800f16fb98 R08: ffffed10028e0b3e R09: ffffed10028e0b3e [ 199.172573] R10: ffff8880147059ef R11: ffffed10028e0b3d R12: ffff888014705a90 [ 199.173522] R13: ffff8880147058a8 R14: ffffffffffffffff R15: ffff88800f16fc60 [ 199.174772] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 199.175854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.176913] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 199.177854] PKRU: 55555554 [ 199.178236] Call Trace: [ 199.178630] [ 199.178945] iommufd_ioas_destroy+0x53/0x70 [ 199.179839] iommufd_fops_release+0x1f7/0x370 [ 199.180455] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.181120] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.182052] ? write_comp_data+0x2f/0x90 [ 199.182662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.183347] __fput+0x26d/0xa40 [ 199.183814] ____fput+0x1e/0x30 [ 199.184336] task_work_run+0x1a4/0x2d0 [ 199.185056] ? __pfx_task_work_run+0x10/0x10 [ 199.185659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.186317] ? switch_task_namespaces+0xa9/0xe0 [ 199.187306] do_exit+0xb17/0x2ef0 [ 199.187778] ? lock_acquire+0x427/0x4c0 [ 199.188325] ? __pfx_lock_release+0x10/0x10 [ 199.188918] ? __kasan_check_write+0x18/0x20 [ 199.189802] ? do_raw_spin_lock+0x132/0x2a0 [ 199.190380] ? __pfx_do_exit+0x10/0x10 [ 199.190957] ? debug_smp_processor_id+0x20/0x30 [ 199.191611] ? rcu_is_watching+0x19/0xb0 [ 199.192260] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.193012] ? trace_hardirqs_on+0x26/0x120 [ 199.193602] do_group_exit+0xe0/0x2b0 [ 199.194117] __x64_sys_exit_group+0x47/0x50 [ 199.194994] do_syscall_64+0x3b/0x90 [ 199.195525] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.196224] RIP: 0033:0x7f4b87518a4d [ 199.196724] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.197829] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.198891] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.200151] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.201091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.202282] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.203288] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.204245] [ 199.204565] irq event stamp: 0 [ 199.205003] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.205860] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.207062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.208184] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.209036] ---[ end trace 0000000000000000 ]--- [ 199.213835] ------------[ cut here ]------------ [ 199.214403] WARNING: CPU: 1 PID: 1896 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.215805] Modules linked in: [ 199.216150] CPU: 1 PID: 1896 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.217045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.218216] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.218752] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.220647] RSP: 0018:ffff888015e77bb8 EFLAGS: 00010246 [ 199.221200] RAX: 0000000000000000 RBX: ffff888013a510a8 RCX: 0000000000000000 [ 199.221927] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 199.222680] RBP: ffff888015e77bd0 R08: ffffed100274a233 R09: ffffed100274a233 [ 199.223419] R10: ffff888013a51193 R11: ffffed100274a232 R12: ffff88801422f000 [ 199.224151] R13: ffff888013a511e8 R14: ffffffff8352e670 R15: ffff888015e77e68 [ 199.224881] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.225709] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.226314] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 199.227094] PKRU: 55555554 [ 199.227407] Call Trace: [ 199.227680] [ 199.227922] __iommufd_access_detach+0x1c2/0x2b0 [ 199.228438] iommufd_access_change_pt+0x149/0x270 [ 199.228955] iommufd_access_replace+0xb4/0x120 [ 199.229446] iommufd_test+0x3e5/0x37e0 [ 199.229862] ? lock_release+0x532/0x770 [ 199.230304] ? __might_fault+0x102/0x1b0 [ 199.230784] ? lock_acquire+0x427/0x4c0 [ 199.231231] ? __pfx_iommufd_test+0x10/0x10 [ 199.231688] ? __pfx_lock_release+0x10/0x10 [ 199.232150] ? __pfx_lock_acquire+0x10/0x10 [ 199.232617] ? write_comp_data+0x2f/0x90 [ 199.233056] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.233578] ? write_comp_data+0x2f/0x90 [ 199.234029] iommufd_fops_ioctl+0x37d/0x510 [ 199.234491] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.235079] ? write_comp_data+0x2f/0x90 [ 199.235540] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.236063] __x64_sys_ioctl+0x1a3/0x230 [ 199.236506] do_syscall_64+0x3b/0x90 [ 199.236914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.237476] RIP: 0033:0x7f4b8743ee5d [ 199.237882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 199.239859] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 199.240674] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 199.241425] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 199.242176] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 199.242969] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 199.243756] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 199.244533] [ 199.244784] irq event stamp: 0 [ 199.245136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.245807] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.246743] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.247663] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.248337] ---[ end trace 0000000000000000 ]--- [ 199.251826] ------------[ cut here ]------------ [ 199.252354] WARNING: CPU: 1 PID: 1896 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.253418] Modules linked in: [ 199.253760] CPU: 1 PID: 1896 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.254726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.255931] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.256464] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.258669] RSP: 0018:ffff888015e77bd0 EFLAGS: 00010246 [ 199.259517] RAX: 0000000000000000 RBX: ffff888013a510a8 RCX: 0000000000000000 [ 199.260284] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 199.261043] RBP: ffff888015e77be8 R08: ffffed100274a233 R09: ffffed100274a233 [ 199.261802] R10: ffff888013a51193 R11: ffffed100274a232 R12: ffff888017b97800 [ 199.262616] R13: ffff888013a511e8 R14: ffff88801235b700 R15: 0000000000000000 [ 199.263399] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.264375] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.265203] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 199.266203] PKRU: 55555554 [ 199.266541] Call Trace: [ 199.266812] [ 199.267050] iommufd_access_destroy_object+0x65/0x170 [ 199.267616] iommufd_object_destroy_user+0x18e/0x220 [ 199.268167] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 199.268788] iommufd_access_destroy+0x43/0x70 [ 199.269278] iommufd_test_staccess_release+0x8d/0xd0 [ 199.269896] __fput+0x26d/0xa40 [ 199.270383] ____fput+0x1e/0x30 [ 199.270957] task_work_run+0x1a4/0x2d0 [ 199.271419] ? __pfx_task_work_run+0x10/0x10 [ 199.271920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.272476] ? switch_task_namespaces+0xa9/0xe0 [ 199.272997] do_exit+0xb17/0x2ef0 [ 199.273379] ? lock_acquire+0x427/0x4c0 [ 199.273814] ? __pfx_lock_release+0x10/0x10 [ 199.274286] ? __kasan_check_write+0x18/0x20 [ 199.274828] ? do_raw_spin_lock+0x132/0x2a0 [ 199.275325] ? __pfx_do_exit+0x10/0x10 [ 199.275755] ? debug_smp_processor_id+0x20/0x30 [ 199.276408] ? rcu_is_watching+0x19/0xb0 [ 199.277040] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.277545] ? trace_hardirqs_on+0x26/0x120 [ 199.278023] do_group_exit+0xe0/0x2b0 [ 199.278444] __x64_sys_exit_group+0x47/0x50 [ 199.278958] do_syscall_64+0x3b/0x90 [ 199.279398] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.279963] RIP: 0033:0x7f4b87518a4d [ 199.280377] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.281088] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.282257] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.283068] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.283836] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.284582] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.285333] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.286139] [ 199.286471] irq event stamp: 0 [ 199.287045] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.287748] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.288640] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.289534] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.290216] ---[ end trace 0000000000000000 ]--- [ 199.291192] ------------[ cut here ]------------ [ 199.291867] WARNING: CPU: 1 PID: 1896 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.293327] Modules linked in: [ 199.293679] CPU: 1 PID: 1896 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.294667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.295885] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.296441] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.298916] RSP: 0018:ffff888015e77b78 EFLAGS: 00010246 [ 199.299530] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.300295] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 199.301045] RBP: ffff888015e77b98 R08: ffffed100274a23e R09: ffffed100274a23e [ 199.301796] R10: ffff888013a511ef R11: ffffed100274a23d R12: ffff888013a51290 [ 199.302818] R13: ffff888013a510a8 R14: ffffffffffffffff R15: ffff888015e77c60 [ 199.303839] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.304699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.305317] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 199.306054] PKRU: 55555554 [ 199.306357] Call Trace: [ 199.306670] [ 199.306918] iommufd_ioas_destroy+0x53/0x70 [ 199.307422] iommufd_fops_release+0x1f7/0x370 [ 199.307912] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.308657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.309458] ? write_comp_data+0x2f/0x90 [ 199.309919] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.310463] __fput+0x26d/0xa40 [ 199.310888] ____fput+0x1e/0x30 [ 199.311279] task_work_run+0x1a4/0x2d0 [ 199.311718] ? __pfx_task_work_run+0x10/0x10 [ 199.312200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.312734] ? switch_task_namespaces+0xa9/0xe0 [ 199.313260] do_exit+0xb17/0x2ef0 [ 199.313778] ? lock_acquire+0x427/0x4c0 [ 199.314406] ? __pfx_lock_release+0x10/0x10 [ 199.314928] ? __kasan_check_write+0x18/0x20 [ 199.315417] ? do_raw_spin_lock+0x132/0x2a0 [ 199.315885] ? __pfx_do_exit+0x10/0x10 [ 199.316319] ? debug_smp_processor_id+0x20/0x30 [ 199.316826] ? rcu_is_watching+0x19/0xb0 [ 199.317269] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.317770] ? trace_hardirqs_on+0x26/0x120 [ 199.318337] do_group_exit+0xe0/0x2b0 [ 199.318995] __x64_sys_exit_group+0x47/0x50 [ 199.319488] do_syscall_64+0x3b/0x90 [ 199.319911] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.320478] RIP: 0033:0x7f4b87518a4d [ 199.320878] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.321541] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.322364] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.323335] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.324423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.325192] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.325951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.326794] [ 199.327060] irq event stamp: 0 [ 199.327455] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.328133] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.329332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.330601] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.331303] ---[ end trace 0000000000000000 ]--- [ 199.336222] ------------[ cut here ]------------ [ 199.336770] WARNING: CPU: 1 PID: 1897 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.338043] Modules linked in: [ 199.338951] CPU: 1 PID: 1897 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.339911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.341089] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.341626] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.344193] RSP: 0018:ffff888015817bb8 EFLAGS: 00010246 [ 199.344772] RAX: 0000000000000000 RBX: ffff8880170cc8a8 RCX: 0000000000000000 [ 199.345529] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 199.346283] RBP: ffff888015817bd0 R08: ffffed1002e19933 R09: ffffed1002e19933 [ 199.347069] R10: ffff8880170cc993 R11: ffffed1002e19932 R12: ffff888012c04000 [ 199.347854] R13: ffff8880170cc9e8 R14: ffffffff8352e670 R15: ffff888015817e68 [ 199.348876] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.349925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.350619] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 199.351394] PKRU: 55555554 [ 199.351699] Call Trace: [ 199.351970] [ 199.352214] __iommufd_access_detach+0x1c2/0x2b0 [ 199.352730] iommufd_access_change_pt+0x149/0x270 [ 199.353342] iommufd_access_replace+0xb4/0x120 [ 199.354019] iommufd_test+0x3e5/0x37e0 [ 199.354659] ? lock_release+0x532/0x770 [ 199.355102] ? __might_fault+0x102/0x1b0 [ 199.355579] ? lock_acquire+0x427/0x4c0 [ 199.356023] ? __pfx_iommufd_test+0x10/0x10 [ 199.356497] ? __pfx_lock_release+0x10/0x10 [ 199.356981] ? __pfx_lock_acquire+0x10/0x10 [ 199.357476] ? write_comp_data+0x2f/0x90 [ 199.357941] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.358568] ? write_comp_data+0x2f/0x90 [ 199.359179] iommufd_fops_ioctl+0x37d/0x510 [ 199.359845] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.360383] ? write_comp_data+0x2f/0x90 [ 199.360840] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.361386] __x64_sys_ioctl+0x1a3/0x230 [ 199.361855] do_syscall_64+0x3b/0x90 [ 199.362287] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.362962] RIP: 0033:0x7f4b8743ee5d [ 199.363414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 199.365564] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 199.366695] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 199.367494] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 199.368266] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 199.369043] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 199.369922] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 199.371058] [ 199.371337] irq event stamp: 0 [ 199.371683] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.372368] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.373275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.374177] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.374975] ---[ end trace 0000000000000000 ]--- [ 199.379477] ------------[ cut here ]------------ [ 199.380154] WARNING: CPU: 1 PID: 1897 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.381545] Modules linked in: [ 199.381902] CPU: 1 PID: 1897 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.382965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.384209] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.384754] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.386752] RSP: 0018:ffff888015817bd0 EFLAGS: 00010246 [ 199.387347] RAX: 0000000000000000 RBX: ffff8880170cc8a8 RCX: 0000000000000000 [ 199.388116] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 199.388888] RBP: ffff888015817be8 R08: ffffed1002e19933 R09: ffffed1002e19933 [ 199.389653] R10: ffff8880170cc993 R11: ffffed1002e19932 R12: ffff88801422cc00 [ 199.390414] R13: ffff8880170cc9e8 R14: ffff888015bbbf00 R15: 0000000000000000 [ 199.391233] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.392112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.392736] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 199.393504] PKRU: 55555554 [ 199.393817] Call Trace: [ 199.394095] [ 199.394339] iommufd_access_destroy_object+0x65/0x170 [ 199.394944] iommufd_object_destroy_user+0x18e/0x220 [ 199.395517] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 199.396149] iommufd_access_destroy+0x43/0x70 [ 199.396649] iommufd_test_staccess_release+0x8d/0xd0 [ 199.397219] __fput+0x26d/0xa40 [ 199.397613] ____fput+0x1e/0x30 [ 199.398000] task_work_run+0x1a4/0x2d0 [ 199.398442] ? __pfx_task_work_run+0x10/0x10 [ 199.398979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.399564] ? switch_task_namespaces+0xa9/0xe0 [ 199.400085] do_exit+0xb17/0x2ef0 [ 199.400469] ? lock_acquire+0x427/0x4c0 [ 199.400919] ? __pfx_lock_release+0x10/0x10 [ 199.401399] ? __kasan_check_write+0x18/0x20 [ 199.401885] ? do_raw_spin_lock+0x132/0x2a0 [ 199.402361] ? __pfx_do_exit+0x10/0x10 [ 199.402837] ? debug_smp_processor_id+0x20/0x30 [ 199.403367] ? rcu_is_watching+0x19/0xb0 [ 199.403820] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.404325] ? trace_hardirqs_on+0x26/0x120 [ 199.404802] do_group_exit+0xe0/0x2b0 [ 199.405226] __x64_sys_exit_group+0x47/0x50 [ 199.405696] do_syscall_64+0x3b/0x90 [ 199.406116] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.406736] RIP: 0033:0x7f4b87518a4d [ 199.407163] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.407830] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.408659] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.409430] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.410196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.411000] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.411781] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.412576] [ 199.412838] irq event stamp: 0 [ 199.413192] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.413886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.414849] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.415783] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.416480] ---[ end trace 0000000000000000 ]--- [ 199.417511] ------------[ cut here ]------------ [ 199.418031] WARNING: CPU: 1 PID: 1897 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.419353] Modules linked in: [ 199.419724] CPU: 1 PID: 1897 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.420676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.421904] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.422471] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.424499] RSP: 0018:ffff888015817b78 EFLAGS: 00010246 [ 199.425083] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.425848] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 199.426665] RBP: ffff888015817b98 R08: ffffed1002e1993e R09: ffffed1002e1993e [ 199.427455] R10: ffff8880170cc9ef R11: ffffed1002e1993d R12: ffff8880170cca90 [ 199.428225] R13: ffff8880170cc8a8 R14: ffffffffffffffff R15: ffff888015817c60 [ 199.429006] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.429882] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.430561] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 199.431349] PKRU: 55555554 [ 199.431659] Call Trace: [ 199.431935] [ 199.432187] iommufd_ioas_destroy+0x53/0x70 [ 199.432670] iommufd_fops_release+0x1f7/0x370 [ 199.433164] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.433711] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.434252] ? write_comp_data+0x2f/0x90 [ 199.434751] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.435309] __fput+0x26d/0xa40 [ 199.435691] ____fput+0x1e/0x30 [ 199.436069] task_work_run+0x1a4/0x2d0 [ 199.436512] ? __pfx_task_work_run+0x10/0x10 [ 199.437002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.437534] ? switch_task_namespaces+0xa9/0xe0 [ 199.438057] do_exit+0xb17/0x2ef0 [ 199.438443] ? lock_acquire+0x427/0x4c0 [ 199.438924] ? __pfx_lock_release+0x10/0x10 [ 199.439411] ? __kasan_check_write+0x18/0x20 [ 199.439892] ? do_raw_spin_lock+0x132/0x2a0 [ 199.440361] ? __pfx_do_exit+0x10/0x10 [ 199.440796] ? debug_smp_processor_id+0x20/0x30 [ 199.441309] ? rcu_is_watching+0x19/0xb0 [ 199.441754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.442248] ? trace_hardirqs_on+0x26/0x120 [ 199.442758] do_group_exit+0xe0/0x2b0 [ 199.443188] __x64_sys_exit_group+0x47/0x50 [ 199.443662] do_syscall_64+0x3b/0x90 [ 199.444080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.444647] RIP: 0033:0x7f4b87518a4d [ 199.445051] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.445718] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.446577] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.447363] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.448137] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.448905] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.449685] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.450464] [ 199.450759] irq event stamp: 0 [ 199.451106] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.451808] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.452702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.453601] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.454295] ---[ end trace 0000000000000000 ]--- [ 199.459642] ------------[ cut here ]------------ [ 199.460219] WARNING: CPU: 1 PID: 1898 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.461297] Modules linked in: [ 199.461642] CPU: 1 PID: 1898 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.462667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.463907] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.464453] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.466409] RSP: 0018:ffff888015cf7bb8 EFLAGS: 00010246 [ 199.467018] RAX: 0000000000000000 RBX: ffff888013f358a8 RCX: 0000000000000000 [ 199.467796] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 199.468563] RBP: ffff888015cf7bd0 R08: ffffed10027e6b33 R09: ffffed10027e6b33 [ 199.469326] R10: ffff888013f35993 R11: ffffed10027e6b32 R12: ffff888013b22800 [ 199.470095] R13: ffff888013f359e8 R14: ffffffff8352e670 R15: ffff888015cf7e68 [ 199.470892] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.471781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.472412] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 199.473182] PKRU: 55555554 [ 199.473487] Call Trace: [ 199.473764] [ 199.474008] __iommufd_access_detach+0x1c2/0x2b0 [ 199.474590] iommufd_access_change_pt+0x149/0x270 [ 199.475144] iommufd_access_replace+0xb4/0x120 [ 199.475658] iommufd_test+0x3e5/0x37e0 [ 199.476082] ? lock_release+0x532/0x770 [ 199.476523] ? __might_fault+0x102/0x1b0 [ 199.476971] ? lock_acquire+0x427/0x4c0 [ 199.477416] ? __pfx_iommufd_test+0x10/0x10 [ 199.477884] ? __pfx_lock_release+0x10/0x10 [ 199.478355] ? __pfx_lock_acquire+0x10/0x10 [ 199.478879] ? write_comp_data+0x2f/0x90 [ 199.479363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.479890] ? write_comp_data+0x2f/0x90 [ 199.480335] iommufd_fops_ioctl+0x37d/0x510 [ 199.480799] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.481319] ? write_comp_data+0x2f/0x90 [ 199.481758] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.482273] __x64_sys_ioctl+0x1a3/0x230 [ 199.482737] do_syscall_64+0x3b/0x90 [ 199.483144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.483691] RIP: 0033:0x7f4b8743ee5d [ 199.484078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 199.485963] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 199.486773] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 199.487527] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 199.488258] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 199.488987] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 199.489714] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 199.490454] [ 199.490723] irq event stamp: 0 [ 199.491051] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.491720] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.492590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.493453] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.494116] ---[ end trace 0000000000000000 ]--- [ 199.497417] ------------[ cut here ]------------ [ 199.497943] WARNING: CPU: 1 PID: 1898 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.499031] Modules linked in: [ 199.499378] CPU: 1 PID: 1898 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.500292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.501443] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.501955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.503886] RSP: 0018:ffff888015cf7bd0 EFLAGS: 00010246 [ 199.504443] RAX: 0000000000000000 RBX: ffff888013f358a8 RCX: 0000000000000000 [ 199.505177] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 199.505919] RBP: ffff888015cf7be8 R08: ffffed10027e6b33 R09: ffffed10027e6b33 [ 199.506682] R10: ffff888013f35993 R11: ffffed10027e6b32 R12: ffff888012c07000 [ 199.507449] R13: ffff888013f359e8 R14: ffff88800fa76100 R15: 0000000000000000 [ 199.508191] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.509029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.509636] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 199.510375] PKRU: 55555554 [ 199.510705] Call Trace: [ 199.510975] [ 199.511224] iommufd_access_destroy_object+0x65/0x170 [ 199.511779] iommufd_object_destroy_user+0x18e/0x220 [ 199.512318] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 199.512934] iommufd_access_destroy+0x43/0x70 [ 199.513412] iommufd_test_staccess_release+0x8d/0xd0 [ 199.513971] __fput+0x26d/0xa40 [ 199.514644] ____fput+0x1e/0x30 [ 199.515254] task_work_run+0x1a4/0x2d0 [ 199.515683] ? __pfx_task_work_run+0x10/0x10 [ 199.516149] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.516669] ? switch_task_namespaces+0xa9/0xe0 [ 199.517170] do_exit+0xb17/0x2ef0 [ 199.517536] ? lock_acquire+0x427/0x4c0 [ 199.517967] ? __pfx_lock_release+0x10/0x10 [ 199.518430] ? __kasan_check_write+0x18/0x20 [ 199.519076] ? do_raw_spin_lock+0x132/0x2a0 [ 199.520035] ? __pfx_do_exit+0x10/0x10 [ 199.520463] ? debug_smp_processor_id+0x20/0x30 [ 199.520958] ? rcu_is_watching+0x19/0xb0 [ 199.521387] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.521868] ? trace_hardirqs_on+0x26/0x120 [ 199.522328] do_group_exit+0xe0/0x2b0 [ 199.522798] __x64_sys_exit_group+0x47/0x50 [ 199.523290] do_syscall_64+0x3b/0x90 [ 199.523697] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.524252] RIP: 0033:0x7f4b87518a4d [ 199.524648] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.526044] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.526911] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.527688] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.528435] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.529195] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.530164] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.531441] [ 199.531699] irq event stamp: 0 [ 199.532032] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.532698] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.533581] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.534459] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.535279] ---[ end trace 0000000000000000 ]--- [ 199.536579] ------------[ cut here ]------------ [ 199.537085] WARNING: CPU: 1 PID: 1898 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.538151] Modules linked in: [ 199.538487] CPU: 1 PID: 1898 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.539473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.540863] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.541667] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.543659] RSP: 0018:ffff888015cf7b78 EFLAGS: 00010246 [ 199.544237] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.544989] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 199.545932] RBP: ffff888015cf7b98 R08: ffffed10027e6b3e R09: ffffed10027e6b3e [ 199.546949] R10: ffff888013f359ef R11: ffffed10027e6b3d R12: ffff888013f35a90 [ 199.547716] R13: ffff888013f358a8 R14: ffffffffffffffff R15: ffff888015cf7c60 [ 199.548468] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.549308] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.549949] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 199.550921] PKRU: 55555554 [ 199.551338] Call Trace: [ 199.551755] [ 199.552006] iommufd_ioas_destroy+0x53/0x70 [ 199.552469] iommufd_fops_release+0x1f7/0x370 [ 199.552950] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.553472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.553988] ? write_comp_data+0x2f/0x90 [ 199.554421] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.554990] __fput+0x26d/0xa40 [ 199.555379] ____fput+0x1e/0x30 [ 199.555746] task_work_run+0x1a4/0x2d0 [ 199.556175] ? __pfx_task_work_run+0x10/0x10 [ 199.556807] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.557578] ? switch_task_namespaces+0xa9/0xe0 [ 199.558096] do_exit+0xb17/0x2ef0 [ 199.558461] ? lock_acquire+0x427/0x4c0 [ 199.558932] ? __pfx_lock_release+0x10/0x10 [ 199.559431] ? __kasan_check_write+0x18/0x20 [ 199.559911] ? do_raw_spin_lock+0x132/0x2a0 [ 199.560371] ? __pfx_do_exit+0x10/0x10 [ 199.560801] ? debug_smp_processor_id+0x20/0x30 [ 199.561321] ? rcu_is_watching+0x19/0xb0 [ 199.561893] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.562658] ? trace_hardirqs_on+0x26/0x120 [ 199.563147] do_group_exit+0xe0/0x2b0 [ 199.563559] __x64_sys_exit_group+0x47/0x50 [ 199.564012] do_syscall_64+0x3b/0x90 [ 199.564419] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.564973] RIP: 0033:0x7f4b87518a4d [ 199.565375] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.566025] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.567126] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.567960] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.568712] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.569462] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.570205] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.571009] [ 199.571281] irq event stamp: 0 [ 199.571621] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.572443] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.573697] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.574626] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.575306] ---[ end trace 0000000000000000 ]--- [ 199.580901] ------------[ cut here ]------------ [ 199.581651] WARNING: CPU: 1 PID: 1899 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.583097] Modules linked in: [ 199.583465] CPU: 1 PID: 1899 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.584384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.585578] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.586180] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.588610] RSP: 0018:ffff888015e77bb8 EFLAGS: 00010246 [ 199.589163] RAX: 0000000000000000 RBX: ffff8880136fe0a8 RCX: 0000000000000000 [ 199.589899] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 199.590657] RBP: ffff888015e77bd0 R08: ffffed10026dfc33 R09: ffffed10026dfc33 [ 199.591432] R10: ffff8880136fe193 R11: ffffed10026dfc32 R12: ffff888017064800 [ 199.592355] R13: ffff8880136fe1e8 R14: ffffffff8352e670 R15: ffff888015e77e68 [ 199.593447] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.594300] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.594961] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 199.595743] PKRU: 55555554 [ 199.596045] Call Trace: [ 199.596316] [ 199.596564] __iommufd_access_detach+0x1c2/0x2b0 [ 199.597127] iommufd_access_change_pt+0x149/0x270 [ 199.597836] iommufd_access_replace+0xb4/0x120 [ 199.598579] iommufd_test+0x3e5/0x37e0 [ 199.598986] ? lock_release+0x532/0x770 [ 199.599432] ? __might_fault+0x102/0x1b0 [ 199.599888] ? lock_acquire+0x427/0x4c0 [ 199.600336] ? __pfx_iommufd_test+0x10/0x10 [ 199.600800] ? __pfx_lock_release+0x10/0x10 [ 199.601265] ? __pfx_lock_acquire+0x10/0x10 [ 199.601742] ? write_comp_data+0x2f/0x90 [ 199.602194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.602929] ? write_comp_data+0x2f/0x90 [ 199.603599] iommufd_fops_ioctl+0x37d/0x510 [ 199.604074] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.604595] ? write_comp_data+0x2f/0x90 [ 199.605041] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.605568] __x64_sys_ioctl+0x1a3/0x230 [ 199.606015] do_syscall_64+0x3b/0x90 [ 199.606432] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.607035] RIP: 0033:0x7f4b8743ee5d [ 199.607450] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 199.609829] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 199.610870] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 199.611675] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 199.612435] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 199.613196] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 199.614028] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 199.615191] [ 199.615460] irq event stamp: 0 [ 199.615804] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.616487] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.617398] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.618307] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.619048] ---[ end trace 0000000000000000 ]--- [ 199.623138] ------------[ cut here ]------------ [ 199.623708] WARNING: CPU: 1 PID: 1899 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.624891] Modules linked in: [ 199.625356] CPU: 1 PID: 1899 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.626610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.627858] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.628407] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.630642] RSP: 0018:ffff888015e77bd0 EFLAGS: 00010246 [ 199.631464] RAX: 0000000000000000 RBX: ffff8880136fe0a8 RCX: 0000000000000000 [ 199.632241] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 199.633012] RBP: ffff888015e77be8 R08: ffffed10026dfc33 R09: ffffed10026dfc33 [ 199.633776] R10: ffff8880136fe193 R11: ffffed10026dfc32 R12: ffff888013b23000 [ 199.634622] R13: ffff8880136fe1e8 R14: ffff88801381aa00 R15: 0000000000000000 [ 199.635414] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.636510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.637438] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 199.638217] PKRU: 55555554 [ 199.638572] Call Trace: [ 199.638859] [ 199.639110] iommufd_access_destroy_object+0x65/0x170 [ 199.639693] iommufd_object_destroy_user+0x18e/0x220 [ 199.640244] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 199.640882] iommufd_access_destroy+0x43/0x70 [ 199.641515] iommufd_test_staccess_release+0x8d/0xd0 [ 199.642357] __fput+0x26d/0xa40 [ 199.642784] ____fput+0x1e/0x30 [ 199.643169] task_work_run+0x1a4/0x2d0 [ 199.643609] ? __pfx_task_work_run+0x10/0x10 [ 199.644091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.644643] ? switch_task_namespaces+0xa9/0xe0 [ 199.645165] do_exit+0xb17/0x2ef0 [ 199.645542] ? lock_acquire+0x427/0x4c0 [ 199.645992] ? __pfx_lock_release+0x10/0x10 [ 199.646624] ? __kasan_check_write+0x18/0x20 [ 199.647348] ? do_raw_spin_lock+0x132/0x2a0 [ 199.647831] ? __pfx_do_exit+0x10/0x10 [ 199.648271] ? debug_smp_processor_id+0x20/0x30 [ 199.648789] ? rcu_is_watching+0x19/0xb0 [ 199.649236] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.649745] ? trace_hardirqs_on+0x26/0x120 [ 199.650229] do_group_exit+0xe0/0x2b0 [ 199.650707] __x64_sys_exit_group+0x47/0x50 [ 199.651192] do_syscall_64+0x3b/0x90 [ 199.651611] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.652280] RIP: 0033:0x7f4b87518a4d [ 199.652812] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.653804] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.654682] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.655464] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.656222] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.656981] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.658132] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.658976] [ 199.659251] irq event stamp: 0 [ 199.659592] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.660263] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.661159] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.662099] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.663048] ---[ end trace 0000000000000000 ]--- [ 199.664279] ------------[ cut here ]------------ [ 199.664806] WARNING: CPU: 1 PID: 1899 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.665938] Modules linked in: [ 199.666291] CPU: 1 PID: 1899 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.667303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.668622] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.669458] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.671474] RSP: 0018:ffff888015e77b78 EFLAGS: 00010246 [ 199.672051] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.672816] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 199.673791] RBP: ffff888015e77b98 R08: ffffed10026dfc3e R09: ffffed10026dfc3e [ 199.674776] R10: ffff8880136fe1ef R11: ffffed10026dfc3d R12: ffff8880136fe290 [ 199.675563] R13: ffff8880136fe0a8 R14: ffffffffffffffff R15: ffff888015e77c60 [ 199.676336] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.677201] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.677828] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 199.678845] PKRU: 55555554 [ 199.679335] Call Trace: [ 199.679635] [ 199.679882] iommufd_ioas_destroy+0x53/0x70 [ 199.680362] iommufd_fops_release+0x1f7/0x370 [ 199.680860] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.681402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.681942] ? write_comp_data+0x2f/0x90 [ 199.682392] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.682976] __fput+0x26d/0xa40 [ 199.683375] ____fput+0x1e/0x30 [ 199.683749] task_work_run+0x1a4/0x2d0 [ 199.684286] ? __pfx_task_work_run+0x10/0x10 [ 199.684956] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.685652] ? switch_task_namespaces+0xa9/0xe0 [ 199.686174] do_exit+0xb17/0x2ef0 [ 199.686615] ? lock_acquire+0x427/0x4c0 [ 199.687063] ? __pfx_lock_release+0x10/0x10 [ 199.687554] ? __kasan_check_write+0x18/0x20 [ 199.688032] ? do_raw_spin_lock+0x132/0x2a0 [ 199.688497] ? __pfx_do_exit+0x10/0x10 [ 199.688932] ? debug_smp_processor_id+0x20/0x30 [ 199.689535] ? rcu_is_watching+0x19/0xb0 [ 199.690163] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.690901] ? trace_hardirqs_on+0x26/0x120 [ 199.691404] do_group_exit+0xe0/0x2b0 [ 199.691822] __x64_sys_exit_group+0x47/0x50 [ 199.692293] do_syscall_64+0x3b/0x90 [ 199.692707] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.693272] RIP: 0033:0x7f4b87518a4d [ 199.693674] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.694339] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.695274] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.696374] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.697142] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.697931] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.698740] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.699553] [ 199.699807] irq event stamp: 0 [ 199.700148] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.700908] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.702181] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.703134] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.703831] ---[ end trace 0000000000000000 ]--- [ 199.709417] ------------[ cut here ]------------ [ 199.710074] WARNING: CPU: 1 PID: 1900 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.711582] Modules linked in: [ 199.711934] CPU: 1 PID: 1900 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.712870] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.714091] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.714679] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.717166] RSP: 0018:ffff888015cf7bb8 EFLAGS: 00010246 [ 199.717744] RAX: 0000000000000000 RBX: ffff888011f600a8 RCX: 0000000000000000 [ 199.718498] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 199.719315] RBP: ffff888015cf7bd0 R08: ffffed10023ec033 R09: ffffed10023ec033 [ 199.720072] R10: ffff888011f60193 R11: ffffed10023ec032 R12: ffff888012e96800 [ 199.720834] R13: ffff888011f601e8 R14: ffffffff8352e670 R15: ffff888015cf7e68 [ 199.721860] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.723040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.723697] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 199.724458] PKRU: 55555554 [ 199.724761] Call Trace: [ 199.725031] [ 199.725274] __iommufd_access_detach+0x1c2/0x2b0 [ 199.725799] iommufd_access_change_pt+0x149/0x270 [ 199.726340] iommufd_access_replace+0xb4/0x120 [ 199.727020] iommufd_test+0x3e5/0x37e0 [ 199.727648] ? lock_release+0x532/0x770 [ 199.728099] ? __might_fault+0x102/0x1b0 [ 199.728546] ? lock_acquire+0x427/0x4c0 [ 199.728997] ? __pfx_iommufd_test+0x10/0x10 [ 199.729449] ? __pfx_lock_release+0x10/0x10 [ 199.729901] ? __pfx_lock_acquire+0x10/0x10 [ 199.730358] ? write_comp_data+0x2f/0x90 [ 199.730822] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.731352] ? write_comp_data+0x2f/0x90 [ 199.731794] iommufd_fops_ioctl+0x37d/0x510 [ 199.732288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.733046] ? write_comp_data+0x2f/0x90 [ 199.733484] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.733983] __x64_sys_ioctl+0x1a3/0x230 [ 199.734421] do_syscall_64+0x3b/0x90 [ 199.734855] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.735411] RIP: 0033:0x7f4b8743ee5d [ 199.735801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 199.738153] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 199.739006] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 199.739849] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 199.740616] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 199.741450] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 199.742706] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 199.743732] [ 199.744065] irq event stamp: 0 [ 199.744535] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.745501] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.746678] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.748171] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.749029] ---[ end trace 0000000000000000 ]--- [ 199.754849] ------------[ cut here ]------------ [ 199.755705] WARNING: CPU: 1 PID: 1900 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.757064] Modules linked in: [ 199.757711] CPU: 1 PID: 1900 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.758966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.760616] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.761407] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.764167] RSP: 0018:ffff888015cf7bd0 EFLAGS: 00010246 [ 199.764745] RAX: 0000000000000000 RBX: ffff888011f600a8 RCX: 0000000000000000 [ 199.765499] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 199.766249] RBP: ffff888015cf7be8 R08: ffffed10023ec033 R09: ffffed10023ec033 [ 199.767027] R10: ffff888011f60193 R11: ffffed10023ec032 R12: ffff888017066c00 [ 199.767803] R13: ffff888011f601e8 R14: ffff888020f65300 R15: 0000000000000000 [ 199.768541] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.769374] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.769971] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 199.770726] PKRU: 55555554 [ 199.771027] Call Trace: [ 199.771308] [ 199.771553] iommufd_access_destroy_object+0x65/0x170 [ 199.772585] iommufd_object_destroy_user+0x18e/0x220 [ 199.773149] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 199.773767] iommufd_access_destroy+0x43/0x70 [ 199.774251] iommufd_test_staccess_release+0x8d/0xd0 [ 199.774849] __fput+0x26d/0xa40 [ 199.775255] ____fput+0x1e/0x30 [ 199.775613] task_work_run+0x1a4/0x2d0 [ 199.776029] ? __pfx_task_work_run+0x10/0x10 [ 199.776492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.777005] ? switch_task_namespaces+0xa9/0xe0 [ 199.777500] do_exit+0xb17/0x2ef0 [ 199.777863] ? lock_acquire+0x427/0x4c0 [ 199.778286] ? __pfx_lock_release+0x10/0x10 [ 199.778764] ? __kasan_check_write+0x18/0x20 [ 199.779242] ? do_raw_spin_lock+0x132/0x2a0 [ 199.779698] ? __pfx_do_exit+0x10/0x10 [ 199.780113] ? debug_smp_processor_id+0x20/0x30 [ 199.780600] ? rcu_is_watching+0x19/0xb0 [ 199.781029] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.781505] ? trace_hardirqs_on+0x26/0x120 [ 199.781975] do_group_exit+0xe0/0x2b0 [ 199.782379] __x64_sys_exit_group+0x47/0x50 [ 199.782854] do_syscall_64+0x3b/0x90 [ 199.783272] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.783825] RIP: 0033:0x7f4b87518a4d [ 199.784217] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.784855] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.785643] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.786373] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.787155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.787888] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.788637] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.789388] [ 199.789639] irq event stamp: 0 [ 199.789972] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.790660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.791550] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.792410] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.793074] ---[ end trace 0000000000000000 ]--- [ 199.793991] ------------[ cut here ]------------ [ 199.794491] WARNING: CPU: 1 PID: 1900 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.795631] Modules linked in: [ 199.795963] CPU: 1 PID: 1900 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.796849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.797983] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.798617] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.800477] RSP: 0018:ffff888015cf7b78 EFLAGS: 00010246 [ 199.801012] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.801733] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 199.802464] RBP: ffff888015cf7b98 R08: ffffed10023ec03e R09: ffffed10023ec03e [ 199.803241] R10: ffff888011f601ef R11: ffffed10023ec03d R12: ffff888011f60290 [ 199.803977] R13: ffff888011f600a8 R14: ffffffffffffffff R15: ffff888015cf7c60 [ 199.804695] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.805504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.806085] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 199.806819] PKRU: 55555554 [ 199.807105] Call Trace: [ 199.807383] [ 199.807622] iommufd_ioas_destroy+0x53/0x70 [ 199.808071] iommufd_fops_release+0x1f7/0x370 [ 199.808539] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.809063] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.809563] ? write_comp_data+0x2f/0x90 [ 199.809985] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.810499] __fput+0x26d/0xa40 [ 199.810896] ____fput+0x1e/0x30 [ 199.811265] task_work_run+0x1a4/0x2d0 [ 199.811691] ? __pfx_task_work_run+0x10/0x10 [ 199.812152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.812656] ? switch_task_namespaces+0xa9/0xe0 [ 199.813134] do_exit+0xb17/0x2ef0 [ 199.813484] ? lock_acquire+0x427/0x4c0 [ 199.813894] ? __pfx_lock_release+0x10/0x10 [ 199.814309] ? __kasan_check_write+0x18/0x20 [ 199.814753] ? do_raw_spin_lock+0x132/0x2a0 [ 199.815173] ? __pfx_do_exit+0x10/0x10 [ 199.815557] ? debug_smp_processor_id+0x20/0x30 [ 199.816000] ? rcu_is_watching+0x19/0xb0 [ 199.816388] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.816819] ? trace_hardirqs_on+0x26/0x120 [ 199.817244] do_group_exit+0xe0/0x2b0 [ 199.817609] __x64_sys_exit_group+0x47/0x50 [ 199.818013] do_syscall_64+0x3b/0x90 [ 199.818374] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.818915] RIP: 0033:0x7f4b87518a4d [ 199.819300] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.819889] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.820604] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.821266] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.821932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.822626] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.823310] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.823985] [ 199.824204] irq event stamp: 0 [ 199.824499] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.825092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.825883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.826695] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.827296] ---[ end trace 0000000000000000 ]--- [ 199.832654] ------------[ cut here ]------------ [ 199.833143] WARNING: CPU: 1 PID: 1901 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.834096] Modules linked in: [ 199.834398] CPU: 1 PID: 1901 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.835254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.836322] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.836794] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.838490] RSP: 0018:ffff88801873fbb8 EFLAGS: 00010246 [ 199.839002] RAX: 0000000000000000 RBX: ffff88801781d0a8 RCX: 0000000000000000 [ 199.839670] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 199.840325] RBP: ffff88801873fbd0 R08: ffffed1002f03a33 R09: ffffed1002f03a33 [ 199.840989] R10: ffff88801781d193 R11: ffffed1002f03a32 R12: ffff8880129c7000 [ 199.841661] R13: ffff88801781d1e8 R14: ffffffff8352e670 R15: ffff88801873fe68 [ 199.842323] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.843078] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.843637] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 199.844311] PKRU: 55555554 [ 199.844580] Call Trace: [ 199.844827] [ 199.845040] __iommufd_access_detach+0x1c2/0x2b0 [ 199.845501] iommufd_access_change_pt+0x149/0x270 [ 199.845970] iommufd_access_replace+0xb4/0x120 [ 199.846415] iommufd_test+0x3e5/0x37e0 [ 199.846799] ? lock_release+0x532/0x770 [ 199.847186] ? __might_fault+0x102/0x1b0 [ 199.847569] ? lock_acquire+0x427/0x4c0 [ 199.847952] ? __pfx_iommufd_test+0x10/0x10 [ 199.848353] ? __pfx_lock_release+0x10/0x10 [ 199.848768] ? __pfx_lock_acquire+0x10/0x10 [ 199.849186] ? write_comp_data+0x2f/0x90 [ 199.849575] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.850025] ? write_comp_data+0x2f/0x90 [ 199.850407] iommufd_fops_ioctl+0x37d/0x510 [ 199.850821] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.851295] ? write_comp_data+0x2f/0x90 [ 199.851679] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.852131] __x64_sys_ioctl+0x1a3/0x230 [ 199.852516] do_syscall_64+0x3b/0x90 [ 199.852869] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.853354] RIP: 0033:0x7f4b8743ee5d [ 199.853703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 199.855299] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 199.855961] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 199.856575] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 199.857190] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 199.857804] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 199.858417] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 199.859063] [ 199.859286] irq event stamp: 0 [ 199.859565] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.860110] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.860842] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.861564] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.862106] ---[ end trace 0000000000000000 ]--- [ 199.865086] ------------[ cut here ]------------ [ 199.865532] WARNING: CPU: 1 PID: 1901 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.866410] Modules linked in: [ 199.866717] CPU: 1 PID: 1901 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.867489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.868461] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.868895] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.870472] RSP: 0018:ffff88801873fbd0 EFLAGS: 00010246 [ 199.870955] RAX: 0000000000000000 RBX: ffff88801781d0a8 RCX: 0000000000000000 [ 199.871582] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 199.872196] RBP: ffff88801873fbe8 R08: ffffed1002f03a33 R09: ffffed1002f03a33 [ 199.872806] R10: ffff88801781d193 R11: ffffed1002f03a32 R12: ffff88801226f400 [ 199.873416] R13: ffff88801781d1e8 R14: ffff888013807800 R15: 0000000000000000 [ 199.874027] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.874727] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.875232] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 199.875848] PKRU: 55555554 [ 199.876100] Call Trace: [ 199.876325] [ 199.876522] iommufd_access_destroy_object+0x65/0x170 [ 199.876972] iommufd_object_destroy_user+0x18e/0x220 [ 199.877418] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 199.877925] iommufd_access_destroy+0x43/0x70 [ 199.878324] iommufd_test_staccess_release+0x8d/0xd0 [ 199.878783] __fput+0x26d/0xa40 [ 199.879084] ____fput+0x1e/0x30 [ 199.879387] task_work_run+0x1a4/0x2d0 [ 199.879731] ? __pfx_task_work_run+0x10/0x10 [ 199.880113] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.880525] ? switch_task_namespaces+0xa9/0xe0 [ 199.880918] do_exit+0xb17/0x2ef0 [ 199.881202] ? lock_acquire+0x427/0x4c0 [ 199.881544] ? __pfx_lock_release+0x10/0x10 [ 199.881907] ? __kasan_check_write+0x18/0x20 [ 199.882278] ? do_raw_spin_lock+0x132/0x2a0 [ 199.882656] ? __pfx_do_exit+0x10/0x10 [ 199.882989] ? debug_smp_processor_id+0x20/0x30 [ 199.883390] ? rcu_is_watching+0x19/0xb0 [ 199.883729] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.884108] ? trace_hardirqs_on+0x26/0x120 [ 199.884469] do_group_exit+0xe0/0x2b0 [ 199.884787] __x64_sys_exit_group+0x47/0x50 [ 199.885141] do_syscall_64+0x3b/0x90 [ 199.885460] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.885894] RIP: 0033:0x7f4b87518a4d [ 199.886202] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.886752] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.887385] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.887963] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.888539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.889119] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.889697] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.890284] [ 199.890479] irq event stamp: 0 [ 199.890759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.891283] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.891983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.892664] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.893178] ---[ end trace 0000000000000000 ]--- [ 199.893915] ------------[ cut here ]------------ [ 199.894304] WARNING: CPU: 1 PID: 1901 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.895167] Modules linked in: [ 199.895432] CPU: 1 PID: 1901 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.896142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.897063] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.897486] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.898992] RSP: 0018:ffff88801873fb78 EFLAGS: 00010246 [ 199.899440] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.900024] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 199.900599] RBP: ffff88801873fb98 R08: ffffed1002f03a3e R09: ffffed1002f03a3e [ 199.901186] R10: ffff88801781d1ef R11: ffffed1002f03a3d R12: ffff88801781d290 [ 199.901765] R13: ffff88801781d0a8 R14: ffffffffffffffff R15: ffff88801873fc60 [ 199.902343] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.903032] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.903515] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 199.904100] PKRU: 55555554 [ 199.904335] Call Trace: [ 199.904549] [ 199.904738] iommufd_ioas_destroy+0x53/0x70 [ 199.905097] iommufd_fops_release+0x1f7/0x370 [ 199.905477] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.905890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.906297] ? write_comp_data+0x2f/0x90 [ 199.906670] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.907085] __fput+0x26d/0xa40 [ 199.907384] ____fput+0x1e/0x30 [ 199.907664] task_work_run+0x1a4/0x2d0 [ 199.907991] ? __pfx_task_work_run+0x10/0x10 [ 199.908353] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.908757] ? switch_task_namespaces+0xa9/0xe0 [ 199.909150] do_exit+0xb17/0x2ef0 [ 199.909439] ? lock_acquire+0x427/0x4c0 [ 199.909773] ? __pfx_lock_release+0x10/0x10 [ 199.910132] ? __kasan_check_write+0x18/0x20 [ 199.910502] ? do_raw_spin_lock+0x132/0x2a0 [ 199.910885] ? __pfx_do_exit+0x10/0x10 [ 199.911232] ? debug_smp_processor_id+0x20/0x30 [ 199.911621] ? rcu_is_watching+0x19/0xb0 [ 199.911956] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.912335] ? trace_hardirqs_on+0x26/0x120 [ 199.912702] do_group_exit+0xe0/0x2b0 [ 199.913018] __x64_sys_exit_group+0x47/0x50 [ 199.913371] do_syscall_64+0x3b/0x90 [ 199.913691] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.914120] RIP: 0033:0x7f4b87518a4d [ 199.914423] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.914950] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.915594] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.916177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.916757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.917338] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.917915] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.918500] [ 199.918721] irq event stamp: 0 [ 199.918981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.919507] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.920195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.920878] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.921391] ---[ end trace 0000000000000000 ]--- [ 199.925950] ------------[ cut here ]------------ [ 199.926383] WARNING: CPU: 1 PID: 1902 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.927281] Modules linked in: [ 199.927547] CPU: 1 PID: 1902 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.928253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.929161] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.929563] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.931238] RSP: 0018:ffff8880137c7bb8 EFLAGS: 00010246 [ 199.931669] RAX: 0000000000000000 RBX: ffff8880129368a8 RCX: 0000000000000000 [ 199.932227] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 199.932785] RBP: ffff8880137c7bd0 R08: ffffed1002526d33 R09: ffffed1002526d33 [ 199.933364] R10: ffff888012936993 R11: ffffed1002526d32 R12: ffff888012c06800 [ 199.933923] R13: ffff8880129369e8 R14: ffffffff8352e670 R15: ffff8880137c7e68 [ 199.934483] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.935138] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.935599] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 199.936161] PKRU: 55555554 [ 199.936386] Call Trace: [ 199.936587] [ 199.936767] __iommufd_access_detach+0x1c2/0x2b0 [ 199.937173] iommufd_access_change_pt+0x149/0x270 [ 199.937564] iommufd_access_replace+0xb4/0x120 [ 199.937937] iommufd_test+0x3e5/0x37e0 [ 199.938247] ? lock_release+0x532/0x770 [ 199.938588] ? __might_fault+0x102/0x1b0 [ 199.938924] ? lock_acquire+0x427/0x4c0 [ 199.939271] ? __pfx_iommufd_test+0x10/0x10 [ 199.939617] ? __pfx_lock_release+0x10/0x10 [ 199.939970] ? __pfx_lock_acquire+0x10/0x10 [ 199.940322] ? write_comp_data+0x2f/0x90 [ 199.940659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.941048] ? write_comp_data+0x2f/0x90 [ 199.941382] iommufd_fops_ioctl+0x37d/0x510 [ 199.941735] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.942132] ? write_comp_data+0x2f/0x90 [ 199.942468] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 199.942879] __x64_sys_ioctl+0x1a3/0x230 [ 199.943231] do_syscall_64+0x3b/0x90 [ 199.943541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.943965] RIP: 0033:0x7f4b8743ee5d [ 199.944262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 199.945671] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 199.946252] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 199.946818] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 199.947377] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 199.947930] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 199.948491] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 199.949055] [ 199.949235] irq event stamp: 0 [ 199.949478] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.949958] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.950624] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.951279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.951758] ---[ end trace 0000000000000000 ]--- [ 199.954446] ------------[ cut here ]------------ [ 199.954862] WARNING: CPU: 1 PID: 1902 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 199.955659] Modules linked in: [ 199.955913] CPU: 1 PID: 1902 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.956589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.957443] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 199.957820] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 199.959229] RSP: 0018:ffff8880137c7bd0 EFLAGS: 00010246 [ 199.959645] RAX: 0000000000000000 RBX: ffff8880129368a8 RCX: 0000000000000000 [ 199.960198] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 199.960741] RBP: ffff8880137c7be8 R08: ffffed1002526d33 R09: ffffed1002526d33 [ 199.961276] R10: ffff888012936993 R11: ffffed1002526d32 R12: ffff8880129c7400 [ 199.961817] R13: ffff8880129369e8 R14: ffff888012fb6000 R15: 0000000000000000 [ 199.962354] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.962978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.963421] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 199.963955] PKRU: 55555554 [ 199.964166] Call Trace: [ 199.964357] [ 199.964527] iommufd_access_destroy_object+0x65/0x170 [ 199.964916] iommufd_object_destroy_user+0x18e/0x220 [ 199.965302] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 199.965747] iommufd_access_destroy+0x43/0x70 [ 199.966100] iommufd_test_staccess_release+0x8d/0xd0 [ 199.966499] __fput+0x26d/0xa40 [ 199.966783] ____fput+0x1e/0x30 [ 199.967041] task_work_run+0x1a4/0x2d0 [ 199.967348] ? __pfx_task_work_run+0x10/0x10 [ 199.967685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.968061] ? switch_task_namespaces+0xa9/0xe0 [ 199.968428] do_exit+0xb17/0x2ef0 [ 199.968697] ? lock_acquire+0x427/0x4c0 [ 199.969012] ? __pfx_lock_release+0x10/0x10 [ 199.969355] ? __kasan_check_write+0x18/0x20 [ 199.969691] ? do_raw_spin_lock+0x132/0x2a0 [ 199.970016] ? __pfx_do_exit+0x10/0x10 [ 199.970317] ? debug_smp_processor_id+0x20/0x30 [ 199.970690] ? rcu_is_watching+0x19/0xb0 [ 199.971001] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.971362] ? trace_hardirqs_on+0x26/0x120 [ 199.971693] do_group_exit+0xe0/0x2b0 [ 199.971982] __x64_sys_exit_group+0x47/0x50 [ 199.972305] do_syscall_64+0x3b/0x90 [ 199.972596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.972990] RIP: 0033:0x7f4b87518a4d [ 199.973268] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.973725] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 199.974289] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 199.974837] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 199.975384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 199.975929] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 199.976468] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 199.977014] [ 199.977191] irq event stamp: 0 [ 199.977426] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 199.977895] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 199.978536] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 199.979166] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 199.979640] ---[ end trace 0000000000000000 ]--- [ 199.980321] ------------[ cut here ]------------ [ 199.980671] WARNING: CPU: 1 PID: 1902 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 199.981435] Modules linked in: [ 199.981677] CPU: 1 PID: 1902 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 199.982322] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 199.983203] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 199.983602] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 199.984960] RSP: 0018:ffff8880137c7b78 EFLAGS: 00010246 [ 199.985365] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 199.985902] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 199.986443] RBP: ffff8880137c7b98 R08: ffffed1002526d3e R09: ffffed1002526d3e [ 199.986991] R10: ffff8880129369ef R11: ffffed1002526d3d R12: ffff888012936a90 [ 199.987534] R13: ffff8880129368a8 R14: ffffffffffffffff R15: ffff8880137c7c60 [ 199.988064] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 199.988664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.989095] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 199.989637] PKRU: 55555554 [ 199.989851] Call Trace: [ 199.990044] [ 199.990216] iommufd_ioas_destroy+0x53/0x70 [ 199.990569] iommufd_fops_release+0x1f7/0x370 [ 199.990922] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.991312] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.991685] ? write_comp_data+0x2f/0x90 [ 199.992001] ? __pfx_iommufd_fops_release+0x10/0x10 [ 199.992377] __fput+0x26d/0xa40 [ 199.992644] ____fput+0x1e/0x30 [ 199.992899] task_work_run+0x1a4/0x2d0 [ 199.993203] ? __pfx_task_work_run+0x10/0x10 [ 199.993541] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 199.993910] ? switch_task_namespaces+0xa9/0xe0 [ 199.994271] do_exit+0xb17/0x2ef0 [ 199.994554] ? lock_acquire+0x427/0x4c0 [ 199.994863] ? __pfx_lock_release+0x10/0x10 [ 199.995203] ? __kasan_check_write+0x18/0x20 [ 199.995542] ? do_raw_spin_lock+0x132/0x2a0 [ 199.995875] ? __pfx_do_exit+0x10/0x10 [ 199.996185] ? debug_smp_processor_id+0x20/0x30 [ 199.996543] ? rcu_is_watching+0x19/0xb0 [ 199.996860] ? _raw_spin_unlock_irq+0x2b/0x60 [ 199.997226] ? trace_hardirqs_on+0x26/0x120 [ 199.997562] do_group_exit+0xe0/0x2b0 [ 199.997856] __x64_sys_exit_group+0x47/0x50 [ 199.998183] do_syscall_64+0x3b/0x90 [ 199.998479] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 199.998904] RIP: 0033:0x7f4b87518a4d [ 199.999205] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 199.999670] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.000235] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.000769] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.001297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.001825] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.002354] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.002907] [ 200.003086] irq event stamp: 0 [ 200.003338] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.003814] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.004444] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.005076] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.005557] ---[ end trace 0000000000000000 ]--- [ 200.010469] ------------[ cut here ]------------ [ 200.010904] WARNING: CPU: 1 PID: 1903 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.011682] Modules linked in: [ 200.011926] CPU: 1 PID: 1903 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.012590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.013424] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.013795] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.015362] RSP: 0018:ffff88800f627bb8 EFLAGS: 00010246 [ 200.015766] RAX: 0000000000000000 RBX: ffff8880139208a8 RCX: 0000000000000000 [ 200.016298] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 200.016834] RBP: ffff88800f627bd0 R08: ffffed1002724133 R09: ffffed1002724133 [ 200.017371] R10: ffff888013920993 R11: ffffed1002724132 R12: ffff8880218e0c00 [ 200.017911] R13: ffff8880139209e8 R14: ffffffff8352e670 R15: ffff88800f627e68 [ 200.018440] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.019060] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.019513] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 200.020055] PKRU: 55555554 [ 200.020270] Call Trace: [ 200.020465] [ 200.020639] __iommufd_access_detach+0x1c2/0x2b0 [ 200.021007] iommufd_access_change_pt+0x149/0x270 [ 200.021379] iommufd_access_replace+0xb4/0x120 [ 200.021737] iommufd_test+0x3e5/0x37e0 [ 200.022036] ? lock_release+0x532/0x770 [ 200.022353] ? __might_fault+0x102/0x1b0 [ 200.022688] ? lock_acquire+0x427/0x4c0 [ 200.022998] ? __pfx_iommufd_test+0x10/0x10 [ 200.023336] ? __pfx_lock_release+0x10/0x10 [ 200.023669] ? __pfx_lock_acquire+0x10/0x10 [ 200.024001] ? write_comp_data+0x2f/0x90 [ 200.024317] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.024688] ? write_comp_data+0x2f/0x90 [ 200.025015] iommufd_fops_ioctl+0x37d/0x510 [ 200.025347] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.025718] ? write_comp_data+0x2f/0x90 [ 200.026033] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.026395] __x64_sys_ioctl+0x1a3/0x230 [ 200.026732] do_syscall_64+0x3b/0x90 [ 200.027026] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.027440] RIP: 0033:0x7f4b8743ee5d [ 200.027729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.029429] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.030001] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.030757] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.031318] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.031855] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.032455] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.033056] [ 200.033240] irq event stamp: 0 [ 200.033481] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.033959] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.034717] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.035366] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.035846] ---[ end trace 0000000000000000 ]--- [ 200.038569] ------------[ cut here ]------------ [ 200.038953] WARNING: CPU: 1 PID: 1903 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.039729] Modules linked in: [ 200.039974] CPU: 1 PID: 1903 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.040736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.041588] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.042030] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.043497] RSP: 0018:ffff88800f627bd0 EFLAGS: 00010246 [ 200.043908] RAX: 0000000000000000 RBX: ffff8880139208a8 RCX: 0000000000000000 [ 200.044503] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 200.045092] RBP: ffff88800f627be8 R08: ffffed1002724133 R09: ffffed1002724133 [ 200.045632] R10: ffff888013920993 R11: ffffed1002724132 R12: ffff888012c07c00 [ 200.046173] R13: ffff8880139209e8 R14: ffff888010928b00 R15: 0000000000000000 [ 200.046825] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.047451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.047895] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 200.048473] PKRU: 55555554 [ 200.048760] Call Trace: [ 200.048964] [ 200.049142] iommufd_access_destroy_object+0x65/0x170 [ 200.049557] iommufd_object_destroy_user+0x18e/0x220 [ 200.049961] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.050493] iommufd_access_destroy+0x43/0x70 [ 200.050906] iommufd_test_staccess_release+0x8d/0xd0 [ 200.051330] __fput+0x26d/0xa40 [ 200.051607] ____fput+0x1e/0x30 [ 200.051880] task_work_run+0x1a4/0x2d0 [ 200.052197] ? __pfx_task_work_run+0x10/0x10 [ 200.052614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.053069] ? switch_task_namespaces+0xa9/0xe0 [ 200.053451] do_exit+0xb17/0x2ef0 [ 200.053727] ? lock_acquire+0x427/0x4c0 [ 200.054048] ? __pfx_lock_release+0x10/0x10 [ 200.054432] ? __kasan_check_write+0x18/0x20 [ 200.054852] ? do_raw_spin_lock+0x132/0x2a0 [ 200.055213] ? __pfx_do_exit+0x10/0x10 [ 200.055528] ? debug_smp_processor_id+0x20/0x30 [ 200.055898] ? rcu_is_watching+0x19/0xb0 [ 200.056218] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.056582] ? trace_hardirqs_on+0x26/0x120 [ 200.057037] do_group_exit+0xe0/0x2b0 [ 200.057343] __x64_sys_exit_group+0x47/0x50 [ 200.057687] do_syscall_64+0x3b/0x90 [ 200.057992] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.058408] RIP: 0033:0x7f4b87518a4d [ 200.058781] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.059326] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.059919] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.060479] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.061096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.061692] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.062248] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.062831] [ 200.063062] irq event stamp: 0 [ 200.063373] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.063872] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.064521] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.065223] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.065767] ---[ end trace 0000000000000000 ]--- [ 200.066453] ------------[ cut here ]------------ [ 200.066854] WARNING: CPU: 1 PID: 1903 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.067768] Modules linked in: [ 200.068031] CPU: 1 PID: 1903 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.068729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.069736] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.070150] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.071747] RSP: 0018:ffff88800f627b78 EFLAGS: 00010246 [ 200.072192] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.072786] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 200.073406] RBP: ffff88800f627b98 R08: ffffed100272413e R09: ffffed100272413e [ 200.074060] R10: ffff8880139209ef R11: ffffed100272413d R12: ffff888013920a90 [ 200.074666] R13: ffff8880139208a8 R14: ffffffffffffffff R15: ffff88800f627c60 [ 200.075272] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.076052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.076530] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 200.077121] PKRU: 55555554 [ 200.077357] Call Trace: [ 200.077608] [ 200.077874] iommufd_ioas_destroy+0x53/0x70 [ 200.078239] iommufd_fops_release+0x1f7/0x370 [ 200.078637] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.079054] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.079474] ? write_comp_data+0x2f/0x90 [ 200.079849] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.080333] __fput+0x26d/0xa40 [ 200.080626] ____fput+0x1e/0x30 [ 200.080911] task_work_run+0x1a4/0x2d0 [ 200.081239] ? __pfx_task_work_run+0x10/0x10 [ 200.081609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.082130] ? switch_task_namespaces+0xa9/0xe0 [ 200.082548] do_exit+0xb17/0x2ef0 [ 200.082842] ? lock_acquire+0x427/0x4c0 [ 200.083204] ? __pfx_lock_release+0x10/0x10 [ 200.083576] ? __kasan_check_write+0x18/0x20 [ 200.083947] ? do_raw_spin_lock+0x132/0x2a0 [ 200.084385] ? __pfx_do_exit+0x10/0x10 [ 200.084776] ? debug_smp_processor_id+0x20/0x30 [ 200.085168] ? rcu_is_watching+0x19/0xb0 [ 200.085518] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.085899] ? trace_hardirqs_on+0x26/0x120 [ 200.086267] do_group_exit+0xe0/0x2b0 [ 200.086675] __x64_sys_exit_group+0x47/0x50 [ 200.087059] do_syscall_64+0x3b/0x90 [ 200.087391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.087829] RIP: 0033:0x7f4b87518a4d [ 200.088140] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.088654] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.089397] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.089978] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.090583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.091179] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.091875] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.092466] [ 200.092662] irq event stamp: 0 [ 200.092924] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.093558] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.094246] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.094957] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.095491] ---[ end trace 0000000000000000 ]--- [ 200.101029] ------------[ cut here ]------------ [ 200.101452] WARNING: CPU: 1 PID: 1904 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.102410] Modules linked in: [ 200.102869] CPU: 1 PID: 1904 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.103595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.104622] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.105033] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.106657] RSP: 0018:ffff888020ff7bb8 EFLAGS: 00010246 [ 200.107100] RAX: 0000000000000000 RBX: ffff888010a400a8 RCX: 0000000000000000 [ 200.107689] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 200.108269] RBP: ffff888020ff7bd0 R08: ffffed1002148033 R09: ffffed1002148033 [ 200.108975] R10: ffff888010a40193 R11: ffffed1002148032 R12: ffff888013b20800 [ 200.109563] R13: ffff888010a401e8 R14: ffffffff8352e670 R15: ffff888020ff7e68 [ 200.110146] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.110969] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.111488] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 200.112101] PKRU: 55555554 [ 200.112346] Call Trace: [ 200.112566] [ 200.112794] __iommufd_access_detach+0x1c2/0x2b0 [ 200.113305] iommufd_access_change_pt+0x149/0x270 [ 200.113734] iommufd_access_replace+0xb4/0x120 [ 200.114141] iommufd_test+0x3e5/0x37e0 [ 200.114478] ? lock_release+0x532/0x770 [ 200.114861] ? __might_fault+0x102/0x1b0 [ 200.115316] ? lock_acquire+0x427/0x4c0 [ 200.115753] ? __pfx_iommufd_test+0x10/0x10 [ 200.116125] ? __pfx_lock_release+0x10/0x10 [ 200.116506] ? __pfx_lock_acquire+0x10/0x10 [ 200.116890] ? write_comp_data+0x2f/0x90 [ 200.117289] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.117826] ? write_comp_data+0x2f/0x90 [ 200.118193] iommufd_fops_ioctl+0x37d/0x510 [ 200.118599] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.119038] ? write_comp_data+0x2f/0x90 [ 200.119419] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.119929] __x64_sys_ioctl+0x1a3/0x230 [ 200.120354] do_syscall_64+0x3b/0x90 [ 200.120699] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.121161] RIP: 0033:0x7f4b8743ee5d [ 200.121490] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.123245] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.123921] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.124677] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.125298] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.125917] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.126655] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.127342] [ 200.127551] irq event stamp: 0 [ 200.127827] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.128378] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.129257] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.129980] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.130553] ---[ end trace 0000000000000000 ]--- [ 200.133506] ------------[ cut here ]------------ [ 200.133948] WARNING: CPU: 1 PID: 1904 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.134884] Modules linked in: [ 200.135205] CPU: 1 PID: 1904 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.136055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.137029] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.137591] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.139210] RSP: 0018:ffff888020ff7bd0 EFLAGS: 00010246 [ 200.139766] RAX: 0000000000000000 RBX: ffff888010a400a8 RCX: 0000000000000000 [ 200.140446] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 200.141061] RBP: ffff888020ff7be8 R08: ffffed1002148033 R09: ffffed1002148033 [ 200.141692] R10: ffff888010a40193 R11: ffffed1002148032 R12: ffff8880218e2400 [ 200.142416] R13: ffff888010a401e8 R14: ffff88800f90ba00 R15: 0000000000000000 [ 200.143055] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.143774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.144423] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 200.145043] PKRU: 55555554 [ 200.145291] Call Trace: [ 200.145515] [ 200.145715] iommufd_access_destroy_object+0x65/0x170 [ 200.146248] iommufd_object_destroy_user+0x18e/0x220 [ 200.146772] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.147292] iommufd_access_destroy+0x43/0x70 [ 200.147702] iommufd_test_staccess_release+0x8d/0xd0 [ 200.148156] __fput+0x26d/0xa40 [ 200.148461] ____fput+0x1e/0x30 [ 200.148835] task_work_run+0x1a4/0x2d0 [ 200.149255] ? __pfx_task_work_run+0x10/0x10 [ 200.149648] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.150087] ? switch_task_namespaces+0xa9/0xe0 [ 200.150533] do_exit+0xb17/0x2ef0 [ 200.150844] ? lock_acquire+0x427/0x4c0 [ 200.151232] ? __pfx_lock_release+0x10/0x10 [ 200.151735] ? __kasan_check_write+0x18/0x20 [ 200.152126] ? do_raw_spin_lock+0x132/0x2a0 [ 200.152511] ? __pfx_do_exit+0x10/0x10 [ 200.152864] ? debug_smp_processor_id+0x20/0x30 [ 200.153282] ? rcu_is_watching+0x19/0xb0 [ 200.153754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.154161] ? trace_hardirqs_on+0x26/0x120 [ 200.154571] do_group_exit+0xe0/0x2b0 [ 200.154911] __x64_sys_exit_group+0x47/0x50 [ 200.155306] do_syscall_64+0x3b/0x90 [ 200.155646] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.156234] RIP: 0033:0x7f4b87518a4d [ 200.156570] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.157105] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.157767] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.158530] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.159159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.159772] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.160465] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.161162] [ 200.161370] irq event stamp: 0 [ 200.161649] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.162203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.163103] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.163843] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.164393] ---[ end trace 0000000000000000 ]--- [ 200.165194] ------------[ cut here ]------------ [ 200.165615] WARNING: CPU: 1 PID: 1904 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.166497] Modules linked in: [ 200.166816] CPU: 1 PID: 1904 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.167617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.168716] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.169171] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.170917] RSP: 0018:ffff888020ff7b78 EFLAGS: 00010246 [ 200.171397] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.172033] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 200.172756] RBP: ffff888020ff7b98 R08: ffffed100214803e R09: ffffed100214803e [ 200.173368] R10: ffff888010a401ef R11: ffffed100214803d R12: ffff888010a40290 [ 200.174011] R13: ffff888010a400a8 R14: ffffffffffffffff R15: ffff888020ff7c60 [ 200.174792] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.175545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.176089] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 200.176749] PKRU: 55555554 [ 200.177027] Call Trace: [ 200.177288] [ 200.177575] iommufd_ioas_destroy+0x53/0x70 [ 200.178048] iommufd_fops_release+0x1f7/0x370 [ 200.178483] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.178987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.179458] ? write_comp_data+0x2f/0x90 [ 200.179839] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.180299] __fput+0x26d/0xa40 [ 200.180621] ____fput+0x1e/0x30 [ 200.180949] task_work_run+0x1a4/0x2d0 [ 200.181431] ? __pfx_task_work_run+0x10/0x10 [ 200.181847] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.182303] ? switch_task_namespaces+0xa9/0xe0 [ 200.182770] do_exit+0xb17/0x2ef0 [ 200.183104] ? lock_acquire+0x427/0x4c0 [ 200.183496] ? __pfx_lock_release+0x10/0x10 [ 200.183907] ? __kasan_check_write+0x18/0x20 [ 200.184333] ? do_raw_spin_lock+0x132/0x2a0 [ 200.184886] ? __pfx_do_exit+0x10/0x10 [ 200.185267] ? debug_smp_processor_id+0x20/0x30 [ 200.185716] ? rcu_is_watching+0x19/0xb0 [ 200.186103] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.186578] ? trace_hardirqs_on+0x26/0x120 [ 200.186995] do_group_exit+0xe0/0x2b0 [ 200.187375] __x64_sys_exit_group+0x47/0x50 [ 200.187780] do_syscall_64+0x3b/0x90 [ 200.188146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.188809] RIP: 0033:0x7f4b87518a4d [ 200.189162] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.189735] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.190436] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.191136] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.191811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.192544] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.193414] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.194080] [ 200.194301] irq event stamp: 0 [ 200.194624] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.195246] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.196048] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.196918] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.197616] ---[ end trace 0000000000000000 ]--- [ 200.202110] ------------[ cut here ]------------ [ 200.202671] WARNING: CPU: 1 PID: 1905 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.203657] Modules linked in: [ 200.203972] CPU: 1 PID: 1905 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.204808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.206037] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.206564] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.208358] RSP: 0018:ffff88800f627bb8 EFLAGS: 00010246 [ 200.209095] RAX: 0000000000000000 RBX: ffff888016db38a8 RCX: 0000000000000000 [ 200.209936] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 200.210708] RBP: ffff88800f627bd0 R08: ffffed1002db6733 R09: ffffed1002db6733 [ 200.211476] R10: ffff888016db3993 R11: ffffed1002db6732 R12: ffff88801890e400 [ 200.212356] R13: ffff888016db39e8 R14: ffffffff8352e670 R15: ffff88800f627e68 [ 200.213183] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.214009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.214775] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 200.215570] PKRU: 55555554 [ 200.215869] Call Trace: [ 200.216132] [ 200.216369] __iommufd_access_detach+0x1c2/0x2b0 [ 200.216878] iommufd_access_change_pt+0x149/0x270 [ 200.217509] iommufd_access_replace+0xb4/0x120 [ 200.218047] iommufd_test+0x3e5/0x37e0 [ 200.218462] ? lock_release+0x532/0x770 [ 200.218916] ? __might_fault+0x102/0x1b0 [ 200.219367] ? lock_acquire+0x427/0x4c0 [ 200.219802] ? __pfx_iommufd_test+0x10/0x10 [ 200.220370] ? __pfx_lock_release+0x10/0x10 [ 200.220872] ? __pfx_lock_acquire+0x10/0x10 [ 200.221341] ? write_comp_data+0x2f/0x90 [ 200.221784] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.222300] ? write_comp_data+0x2f/0x90 [ 200.222964] iommufd_fops_ioctl+0x37d/0x510 [ 200.223452] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.223958] ? write_comp_data+0x2f/0x90 [ 200.224389] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.224898] __x64_sys_ioctl+0x1a3/0x230 [ 200.225469] do_syscall_64+0x3b/0x90 [ 200.225973] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.226563] RIP: 0033:0x7f4b8743ee5d [ 200.226956] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.228823] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.229611] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.230338] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.231138] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.231869] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.232618] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.233361] [ 200.233602] irq event stamp: 0 [ 200.233923] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.234601] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.235496] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.236367] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.237020] ---[ end trace 0000000000000000 ]--- [ 200.240291] ------------[ cut here ]------------ [ 200.240808] WARNING: CPU: 1 PID: 1905 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.241831] Modules linked in: [ 200.242158] CPU: 1 PID: 1905 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.243144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.244299] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.244817] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.246699] RSP: 0018:ffff88800f627bd0 EFLAGS: 00010246 [ 200.247257] RAX: 0000000000000000 RBX: ffff888016db38a8 RCX: 0000000000000000 [ 200.247995] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 200.248723] RBP: ffff88800f627be8 R08: ffffed1002db6733 R09: ffffed1002db6733 [ 200.249451] R10: ffff888016db3993 R11: ffffed1002db6732 R12: ffff888013b21000 [ 200.250186] R13: ffff888016db39e8 R14: ffff888020f65a00 R15: 0000000000000000 [ 200.250959] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.251805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.252399] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 200.253143] PKRU: 55555554 [ 200.253437] Call Trace: [ 200.253698] [ 200.253931] iommufd_access_destroy_object+0x65/0x170 [ 200.254474] iommufd_object_destroy_user+0x18e/0x220 [ 200.255031] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.255661] iommufd_access_destroy+0x43/0x70 [ 200.256135] iommufd_test_staccess_release+0x8d/0xd0 [ 200.256666] __fput+0x26d/0xa40 [ 200.257033] ____fput+0x1e/0x30 [ 200.257377] task_work_run+0x1a4/0x2d0 [ 200.257784] ? __pfx_task_work_run+0x10/0x10 [ 200.258238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.258778] ? switch_task_namespaces+0xa9/0xe0 [ 200.259283] do_exit+0xb17/0x2ef0 [ 200.259641] ? lock_acquire+0x427/0x4c0 [ 200.260063] ? __pfx_lock_release+0x10/0x10 [ 200.260511] ? __kasan_check_write+0x18/0x20 [ 200.260971] ? do_raw_spin_lock+0x132/0x2a0 [ 200.261414] ? __pfx_do_exit+0x10/0x10 [ 200.261835] ? debug_smp_processor_id+0x20/0x30 [ 200.262331] ? rcu_is_watching+0x19/0xb0 [ 200.262796] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.263325] ? trace_hardirqs_on+0x26/0x120 [ 200.263792] do_group_exit+0xe0/0x2b0 [ 200.264185] __x64_sys_exit_group+0x47/0x50 [ 200.264629] do_syscall_64+0x3b/0x90 [ 200.265028] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.265556] RIP: 0033:0x7f4b87518a4d [ 200.265948] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.266607] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.267402] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.268126] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.268860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.269597] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.270321] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.271088] [ 200.271347] irq event stamp: 0 [ 200.271678] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.272325] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.273190] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.274071] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.274753] ---[ end trace 0000000000000000 ]--- [ 200.275656] ------------[ cut here ]------------ [ 200.276132] WARNING: CPU: 1 PID: 1905 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.277177] Modules linked in: [ 200.277510] CPU: 1 PID: 1905 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.278408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.279618] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.280175] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.282062] RSP: 0018:ffff88800f627b78 EFLAGS: 00010246 [ 200.282672] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.283421] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 200.284154] RBP: ffff88800f627b98 R08: ffffed1002db673e R09: ffffed1002db673e [ 200.284888] R10: ffff888016db39ef R11: ffffed1002db673d R12: ffff888016db3a90 [ 200.285648] R13: ffff888016db38a8 R14: ffffffffffffffff R15: ffff88800f627c60 [ 200.286394] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.287281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.287889] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 200.288629] PKRU: 55555554 [ 200.288928] Call Trace: [ 200.289196] [ 200.289431] iommufd_ioas_destroy+0x53/0x70 [ 200.289890] iommufd_fops_release+0x1f7/0x370 [ 200.290357] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.291106] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.291793] ? write_comp_data+0x2f/0x90 [ 200.292229] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.292756] __fput+0x26d/0xa40 [ 200.293121] ____fput+0x1e/0x30 [ 200.293476] task_work_run+0x1a4/0x2d0 [ 200.293885] ? __pfx_task_work_run+0x10/0x10 [ 200.294342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.294896] ? switch_task_namespaces+0xa9/0xe0 [ 200.295425] do_exit+0xb17/0x2ef0 [ 200.295805] ? lock_acquire+0x427/0x4c0 [ 200.296246] ? __pfx_lock_release+0x10/0x10 [ 200.296707] ? __kasan_check_write+0x18/0x20 [ 200.297205] ? do_raw_spin_lock+0x132/0x2a0 [ 200.297821] ? __pfx_do_exit+0x10/0x10 [ 200.298378] ? debug_smp_processor_id+0x20/0x30 [ 200.298903] ? rcu_is_watching+0x19/0xb0 [ 200.299345] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.299823] ? trace_hardirqs_on+0x26/0x120 [ 200.300273] do_group_exit+0xe0/0x2b0 [ 200.300668] __x64_sys_exit_group+0x47/0x50 [ 200.301116] do_syscall_64+0x3b/0x90 [ 200.301510] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.302056] RIP: 0033:0x7f4b87518a4d [ 200.302452] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.303255] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.304315] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.305066] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.305826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.306608] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.307367] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.308135] [ 200.308391] irq event stamp: 0 [ 200.308731] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.309451] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.310714] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.311684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.312397] ---[ end trace 0000000000000000 ]--- [ 200.317061] ------------[ cut here ]------------ [ 200.317616] WARNING: CPU: 1 PID: 1906 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.318786] Modules linked in: [ 200.319148] CPU: 1 PID: 1906 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.320205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.321661] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.322216] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.324283] RSP: 0018:ffff888020ff7bb8 EFLAGS: 00010246 [ 200.324877] RAX: 0000000000000000 RBX: ffff8880147000a8 RCX: 0000000000000000 [ 200.325868] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 200.326833] RBP: ffff888020ff7bd0 R08: ffffed10028e0033 R09: ffffed10028e0033 [ 200.327608] R10: ffff888014700193 R11: ffffed10028e0032 R12: ffff888010e05c00 [ 200.328357] R13: ffff8880147001e8 R14: ffffffff8352e670 R15: ffff888020ff7e68 [ 200.329112] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.329961] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.330716] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 200.331687] PKRU: 55555554 [ 200.331991] Call Trace: [ 200.332262] [ 200.332514] __iommufd_access_detach+0x1c2/0x2b0 [ 200.333047] iommufd_access_change_pt+0x149/0x270 [ 200.333577] iommufd_access_replace+0xb4/0x120 [ 200.334082] iommufd_test+0x3e5/0x37e0 [ 200.334547] ? lock_release+0x532/0x770 [ 200.334984] ? __might_fault+0x102/0x1b0 [ 200.335446] ? lock_acquire+0x427/0x4c0 [ 200.335886] ? __pfx_iommufd_test+0x10/0x10 [ 200.336361] ? __pfx_lock_release+0x10/0x10 [ 200.336972] ? __pfx_lock_acquire+0x10/0x10 [ 200.337645] ? write_comp_data+0x2f/0x90 [ 200.338097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.338674] ? write_comp_data+0x2f/0x90 [ 200.339126] iommufd_fops_ioctl+0x37d/0x510 [ 200.339601] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.340130] ? write_comp_data+0x2f/0x90 [ 200.340568] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.341084] __x64_sys_ioctl+0x1a3/0x230 [ 200.341530] do_syscall_64+0x3b/0x90 [ 200.341941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.342714] RIP: 0033:0x7f4b8743ee5d [ 200.343257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.345186] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.345989] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.346823] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.347621] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.348475] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.349530] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.350308] [ 200.350600] irq event stamp: 0 [ 200.350932] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.351611] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.352503] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.353406] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.354285] ---[ end trace 0000000000000000 ]--- [ 200.358215] ------------[ cut here ]------------ [ 200.358846] WARNING: CPU: 1 PID: 1906 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.359976] Modules linked in: [ 200.360407] CPU: 1 PID: 1906 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.361684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.362938] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.363506] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.365413] RSP: 0018:ffff888020ff7bd0 EFLAGS: 00010246 [ 200.366129] RAX: 0000000000000000 RBX: ffff8880147000a8 RCX: 0000000000000000 [ 200.367164] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 200.367931] RBP: ffff888020ff7be8 R08: ffffed10028e0033 R09: ffffed10028e0033 [ 200.368667] R10: ffff888014700193 R11: ffffed10028e0032 R12: ffff888013b17c00 [ 200.369410] R13: ffff8880147001e8 R14: ffff88800fa76500 R15: 0000000000000000 [ 200.370160] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.371177] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.371964] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 200.372723] PKRU: 55555554 [ 200.373032] Call Trace: [ 200.373305] [ 200.373545] iommufd_access_destroy_object+0x65/0x170 [ 200.374092] iommufd_object_destroy_user+0x18e/0x220 [ 200.374709] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.375349] iommufd_access_destroy+0x43/0x70 [ 200.375837] iommufd_test_staccess_release+0x8d/0xd0 [ 200.376384] __fput+0x26d/0xa40 [ 200.376863] ____fput+0x1e/0x30 [ 200.377373] task_work_run+0x1a4/0x2d0 [ 200.377975] ? __pfx_task_work_run+0x10/0x10 [ 200.378478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.379068] ? switch_task_namespaces+0xa9/0xe0 [ 200.379597] do_exit+0xb17/0x2ef0 [ 200.379969] ? lock_acquire+0x427/0x4c0 [ 200.380408] ? __pfx_lock_release+0x10/0x10 [ 200.380881] ? __kasan_check_write+0x18/0x20 [ 200.381361] ? do_raw_spin_lock+0x132/0x2a0 [ 200.381829] ? __pfx_do_exit+0x10/0x10 [ 200.382388] ? debug_smp_processor_id+0x20/0x30 [ 200.383143] ? rcu_is_watching+0x19/0xb0 [ 200.383584] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.384089] ? trace_hardirqs_on+0x26/0x120 [ 200.384570] do_group_exit+0xe0/0x2b0 [ 200.384988] __x64_sys_exit_group+0x47/0x50 [ 200.385455] do_syscall_64+0x3b/0x90 [ 200.385866] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.386444] RIP: 0033:0x7f4b87518a4d [ 200.386920] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.387615] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.388537] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.389616] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.390388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.391200] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.391974] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.392735] [ 200.392993] irq event stamp: 0 [ 200.393334] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.394136] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.395222] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.396116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.396801] ---[ end trace 0000000000000000 ]--- [ 200.397789] ------------[ cut here ]------------ [ 200.398305] WARNING: CPU: 1 PID: 1906 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.399885] Modules linked in: [ 200.400261] CPU: 1 PID: 1906 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.401200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.402426] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.403062] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.405236] RSP: 0018:ffff888020ff7b78 EFLAGS: 00010246 [ 200.406067] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.406943] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 200.407733] RBP: ffff888020ff7b98 R08: ffffed10028e003e R09: ffffed10028e003e [ 200.408497] R10: ffff8880147001ef R11: ffffed10028e003d R12: ffff888014700290 [ 200.409275] R13: ffff8880147000a8 R14: ffffffffffffffff R15: ffff888020ff7c60 [ 200.410051] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.411326] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.411965] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 200.412734] PKRU: 55555554 [ 200.413042] Call Trace: [ 200.413319] [ 200.413566] iommufd_ioas_destroy+0x53/0x70 [ 200.414049] iommufd_fops_release+0x1f7/0x370 [ 200.414576] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.415122] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.415663] ? write_comp_data+0x2f/0x90 [ 200.416162] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.416956] __fput+0x26d/0xa40 [ 200.417336] ____fput+0x1e/0x30 [ 200.417706] task_work_run+0x1a4/0x2d0 [ 200.418139] ? __pfx_task_work_run+0x10/0x10 [ 200.418666] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.419221] ? switch_task_namespaces+0xa9/0xe0 [ 200.419745] do_exit+0xb17/0x2ef0 [ 200.420129] ? lock_acquire+0x427/0x4c0 [ 200.420582] ? __pfx_lock_release+0x10/0x10 [ 200.421073] ? __kasan_check_write+0x18/0x20 [ 200.421683] ? do_raw_spin_lock+0x132/0x2a0 [ 200.422325] ? __pfx_do_exit+0x10/0x10 [ 200.422799] ? debug_smp_processor_id+0x20/0x30 [ 200.423310] ? rcu_is_watching+0x19/0xb0 [ 200.423754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.424257] ? trace_hardirqs_on+0x26/0x120 [ 200.424729] do_group_exit+0xe0/0x2b0 [ 200.425150] __x64_sys_exit_group+0x47/0x50 [ 200.425629] do_syscall_64+0x3b/0x90 [ 200.426083] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.426866] RIP: 0033:0x7f4b87518a4d [ 200.427404] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.428081] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.428903] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.429668] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.430429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.431235] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.432008] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.433021] [ 200.433388] irq event stamp: 0 [ 200.433755] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.434429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.435369] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.436265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.436947] ---[ end trace 0000000000000000 ]--- [ 200.442868] ------------[ cut here ]------------ [ 200.443456] WARNING: CPU: 1 PID: 1907 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.444545] Modules linked in: [ 200.444892] CPU: 1 PID: 1907 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.446001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.447566] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.448116] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.450088] RSP: 0018:ffff88800f627bb8 EFLAGS: 00010246 [ 200.450711] RAX: 0000000000000000 RBX: ffff8880137c20a8 RCX: 0000000000000000 [ 200.451971] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 200.452949] RBP: ffff88800f627bd0 R08: ffffed10026f8433 R09: ffffed10026f8433 [ 200.453908] R10: ffff8880137c2193 R11: ffffed10026f8432 R12: ffff888010571c00 [ 200.454936] R13: ffff8880137c21e8 R14: ffffffff8352e670 R15: ffff88800f627e68 [ 200.456155] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.457244] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.458029] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 200.459042] PKRU: 55555554 [ 200.459464] Call Trace: [ 200.459830] [ 200.460160] __iommufd_access_detach+0x1c2/0x2b0 [ 200.460847] iommufd_access_change_pt+0x149/0x270 [ 200.461526] iommufd_access_replace+0xb4/0x120 [ 200.462172] iommufd_test+0x3e5/0x37e0 [ 200.462880] ? lock_release+0x532/0x770 [ 200.463475] ? __might_fault+0x102/0x1b0 [ 200.464046] ? lock_acquire+0x427/0x4c0 [ 200.464610] ? __pfx_iommufd_test+0x10/0x10 [ 200.465195] ? __pfx_lock_release+0x10/0x10 [ 200.465794] ? __pfx_lock_acquire+0x10/0x10 [ 200.466395] ? write_comp_data+0x2f/0x90 [ 200.467025] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.467717] ? write_comp_data+0x2f/0x90 [ 200.468289] iommufd_fops_ioctl+0x37d/0x510 [ 200.468885] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.469558] ? write_comp_data+0x2f/0x90 [ 200.470125] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.470832] __x64_sys_ioctl+0x1a3/0x230 [ 200.471434] do_syscall_64+0x3b/0x90 [ 200.471964] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.472678] RIP: 0033:0x7f4b8743ee5d [ 200.473187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.475694] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.476729] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.477688] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.478684] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.479653] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.480606] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.481576] [ 200.481897] irq event stamp: 0 [ 200.482327] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.483233] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.484360] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.485476] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.486319] ---[ end trace 0000000000000000 ]--- [ 200.491584] ------------[ cut here ]------------ [ 200.492260] WARNING: CPU: 1 PID: 1907 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.493610] Modules linked in: [ 200.494050] CPU: 1 PID: 1907 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.495295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.496805] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.497473] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.499876] RSP: 0018:ffff88800f627bd0 EFLAGS: 00010246 [ 200.500584] RAX: 0000000000000000 RBX: ffff8880137c20a8 RCX: 0000000000000000 [ 200.501515] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 200.502443] RBP: ffff88800f627be8 R08: ffffed10026f8433 R09: ffffed10026f8433 [ 200.503445] R10: ffff8880137c2193 R11: ffffed10026f8432 R12: ffff888010e04c00 [ 200.504384] R13: ffff8880137c21e8 R14: ffff88800f188d00 R15: 0000000000000000 [ 200.505316] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.506384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.507200] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 200.508134] PKRU: 55555554 [ 200.508510] Call Trace: [ 200.508853] [ 200.509156] iommufd_access_destroy_object+0x65/0x170 [ 200.509837] iommufd_object_destroy_user+0x18e/0x220 [ 200.510548] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.511333] iommufd_access_destroy+0x43/0x70 [ 200.511938] iommufd_test_staccess_release+0x8d/0xd0 [ 200.512617] __fput+0x26d/0xa40 [ 200.513077] ____fput+0x1e/0x30 [ 200.513528] task_work_run+0x1a4/0x2d0 [ 200.514051] ? __pfx_task_work_run+0x10/0x10 [ 200.514670] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.515340] ? switch_task_namespaces+0xa9/0xe0 [ 200.515971] do_exit+0xb17/0x2ef0 [ 200.516431] ? lock_acquire+0x427/0x4c0 [ 200.516966] ? __pfx_lock_release+0x10/0x10 [ 200.517541] ? __kasan_check_write+0x18/0x20 [ 200.518124] ? do_raw_spin_lock+0x132/0x2a0 [ 200.518729] ? __pfx_do_exit+0x10/0x10 [ 200.519274] ? debug_smp_processor_id+0x20/0x30 [ 200.519892] ? rcu_is_watching+0x19/0xb0 [ 200.520429] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.521032] ? trace_hardirqs_on+0x26/0x120 [ 200.521609] do_group_exit+0xe0/0x2b0 [ 200.522114] __x64_sys_exit_group+0x47/0x50 [ 200.522713] do_syscall_64+0x3b/0x90 [ 200.523238] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.523925] RIP: 0033:0x7f4b87518a4d [ 200.524415] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.525210] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.526186] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.527153] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.528081] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.529000] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.529915] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.530877] [ 200.531200] irq event stamp: 0 [ 200.531617] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.532432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.533508] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.534611] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.535556] ---[ end trace 0000000000000000 ]--- [ 200.536467] ------------[ cut here ]------------ [ 200.537019] WARNING: CPU: 1 PID: 1907 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.538076] Modules linked in: [ 200.538402] CPU: 1 PID: 1907 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.539336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.540373] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.540908] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.542625] RSP: 0018:ffff88800f627b78 EFLAGS: 00010246 [ 200.543140] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.543810] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 200.544992] RBP: ffff88800f627b98 R08: ffffed10026f843e R09: ffffed10026f843e [ 200.545658] R10: ffff8880137c21ef R11: ffffed10026f843d R12: ffff8880137c2290 [ 200.546314] R13: ffff8880137c20a8 R14: ffffffffffffffff R15: ffff88800f627c60 [ 200.547258] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.548118] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.548813] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 200.549873] PKRU: 55555554 [ 200.550219] Call Trace: [ 200.550593] [ 200.550878] iommufd_ioas_destroy+0x53/0x70 [ 200.551569] iommufd_fops_release+0x1f7/0x370 [ 200.552191] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.552966] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.553610] ? write_comp_data+0x2f/0x90 [ 200.554152] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.554996] __fput+0x26d/0xa40 [ 200.555486] ____fput+0x1e/0x30 [ 200.555936] task_work_run+0x1a4/0x2d0 [ 200.556457] ? __pfx_task_work_run+0x10/0x10 [ 200.557091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.557790] ? switch_task_namespaces+0xa9/0xe0 [ 200.558415] do_exit+0xb17/0x2ef0 [ 200.558920] ? lock_acquire+0x427/0x4c0 [ 200.559477] ? __pfx_lock_release+0x10/0x10 [ 200.560183] ? __kasan_check_write+0x18/0x20 [ 200.560757] ? do_raw_spin_lock+0x132/0x2a0 [ 200.561315] ? __pfx_do_exit+0x10/0x10 [ 200.561865] ? debug_smp_processor_id+0x20/0x30 [ 200.562596] ? rcu_is_watching+0x19/0xb0 [ 200.563154] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.563743] ? trace_hardirqs_on+0x26/0x120 [ 200.564326] do_group_exit+0xe0/0x2b0 [ 200.564911] __x64_sys_exit_group+0x47/0x50 [ 200.565463] do_syscall_64+0x3b/0x90 [ 200.565961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.566803] RIP: 0033:0x7f4b87518a4d [ 200.567320] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.568137] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.569189] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.570210] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.571215] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.572330] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.573273] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.574265] [ 200.574728] irq event stamp: 0 [ 200.575191] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.576029] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.577315] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.578418] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.579329] ---[ end trace 0000000000000000 ]--- [ 200.585834] ------------[ cut here ]------------ [ 200.586583] WARNING: CPU: 0 PID: 1908 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.587661] Modules linked in: [ 200.587997] CPU: 0 PID: 1908 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.588900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.590391] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.591100] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.593038] RSP: 0018:ffff888013927bb8 EFLAGS: 00010246 [ 200.593604] RAX: 0000000000000000 RBX: ffff88800ea988a8 RCX: 0000000000000000 [ 200.594362] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 200.595181] RBP: ffff888013927bd0 R08: ffffed1001d53133 R09: ffffed1001d53133 [ 200.595943] R10: ffff88800ea98993 R11: ffffed1001d53132 R12: ffff88800ae90800 [ 200.596692] R13: ffff88800ea989e8 R14: ffffffff8352e670 R15: ffff888013927e68 [ 200.597450] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.598305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.598962] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 200.599736] PKRU: 55555554 [ 200.600041] Call Trace: [ 200.600316] [ 200.600563] __iommufd_access_detach+0x1c2/0x2b0 [ 200.601089] iommufd_access_change_pt+0x149/0x270 [ 200.601617] iommufd_access_replace+0xb4/0x120 [ 200.602120] iommufd_test+0x3e5/0x37e0 [ 200.602575] ? lock_release+0x532/0x770 [ 200.603019] ? __might_fault+0x102/0x1b0 [ 200.603493] ? lock_acquire+0x427/0x4c0 [ 200.603933] ? __pfx_iommufd_test+0x10/0x10 [ 200.604396] ? __pfx_lock_release+0x10/0x10 [ 200.604870] ? __pfx_lock_acquire+0x10/0x10 [ 200.605343] ? write_comp_data+0x2f/0x90 [ 200.605796] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.606332] ? write_comp_data+0x2f/0x90 [ 200.606822] iommufd_fops_ioctl+0x37d/0x510 [ 200.607308] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.607845] ? write_comp_data+0x2f/0x90 [ 200.608296] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.608817] __x64_sys_ioctl+0x1a3/0x230 [ 200.609274] do_syscall_64+0x3b/0x90 [ 200.609687] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.610255] RIP: 0033:0x7f4b8743ee5d [ 200.610698] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.612655] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.613467] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.614228] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.615040] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.615817] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.616569] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.617346] [ 200.617599] irq event stamp: 0 [ 200.617936] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.618649] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.619544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.620426] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.621096] ---[ end trace 0000000000000000 ]--- [ 200.624798] ------------[ cut here ]------------ [ 200.625348] WARNING: CPU: 0 PID: 1908 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.626416] Modules linked in: [ 200.626799] CPU: 0 PID: 1908 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.627728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.628890] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.629417] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.631364] RSP: 0018:ffff888013927bd0 EFLAGS: 00010246 [ 200.631927] RAX: 0000000000000000 RBX: ffff88800ea988a8 RCX: 0000000000000000 [ 200.632680] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 200.633421] RBP: ffff888013927be8 R08: ffffed1001d53133 R09: ffffed1001d53133 [ 200.634186] R10: ffff88800ea98993 R11: ffffed1001d53132 R12: ffff888010824000 [ 200.634970] R13: ffff88800ea989e8 R14: ffff8880149bda00 R15: 0000000000000000 [ 200.635737] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.636603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.637225] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 200.637970] PKRU: 55555554 [ 200.638272] Call Trace: [ 200.638586] [ 200.638830] iommufd_access_destroy_object+0x65/0x170 [ 200.639414] iommufd_object_destroy_user+0x18e/0x220 [ 200.639962] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.640593] iommufd_access_destroy+0x43/0x70 [ 200.641089] iommufd_test_staccess_release+0x8d/0xd0 [ 200.641641] __fput+0x26d/0xa40 [ 200.642012] ____fput+0x1e/0x30 [ 200.642392] task_work_run+0x1a4/0x2d0 [ 200.642866] ? __pfx_task_work_run+0x10/0x10 [ 200.643354] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.643880] ? switch_task_namespaces+0xa9/0xe0 [ 200.644391] do_exit+0xb17/0x2ef0 [ 200.644762] ? lock_acquire+0x427/0x4c0 [ 200.645206] ? __pfx_lock_release+0x10/0x10 [ 200.645678] ? __kasan_check_write+0x18/0x20 [ 200.646154] ? do_raw_spin_lock+0x132/0x2a0 [ 200.646643] ? __pfx_do_exit+0x10/0x10 [ 200.647061] ? debug_smp_processor_id+0x20/0x30 [ 200.647576] ? rcu_is_watching+0x19/0xb0 [ 200.648006] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.648496] ? trace_hardirqs_on+0x26/0x120 [ 200.648971] do_group_exit+0xe0/0x2b0 [ 200.649381] __x64_sys_exit_group+0x47/0x50 [ 200.649845] do_syscall_64+0x3b/0x90 [ 200.650267] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.650863] RIP: 0033:0x7f4b87518a4d [ 200.651277] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.651930] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.652735] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.653474] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.654237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.655011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.655777] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.656545] [ 200.656793] irq event stamp: 0 [ 200.657124] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.657802] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.658734] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.659635] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.660312] ---[ end trace 0000000000000000 ]--- [ 200.661233] ------------[ cut here ]------------ [ 200.661737] WARNING: CPU: 0 PID: 1908 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.662856] Modules linked in: [ 200.663205] CPU: 0 PID: 1908 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.664122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.665305] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.665855] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.667825] RSP: 0018:ffff888013927b78 EFLAGS: 00010246 [ 200.668397] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.669145] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 200.669894] RBP: ffff888013927b98 R08: ffffed1001d5313e R09: ffffed1001d5313e [ 200.670662] R10: ffff88800ea989ef R11: ffffed1001d5313d R12: ffff88800ea98a90 [ 200.671422] R13: ffff88800ea988a8 R14: ffffffffffffffff R15: ffff888013927c60 [ 200.672166] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.673009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.673616] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 200.674369] PKRU: 55555554 [ 200.674743] Call Trace: [ 200.675020] [ 200.675281] iommufd_ioas_destroy+0x53/0x70 [ 200.675750] iommufd_fops_release+0x1f7/0x370 [ 200.676222] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.676752] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.677275] ? write_comp_data+0x2f/0x90 [ 200.677713] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.678236] __fput+0x26d/0xa40 [ 200.678653] ____fput+0x1e/0x30 [ 200.679015] task_work_run+0x1a4/0x2d0 [ 200.679447] ? __pfx_task_work_run+0x10/0x10 [ 200.679907] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.680411] ? switch_task_namespaces+0xa9/0xe0 [ 200.680920] do_exit+0xb17/0x2ef0 [ 200.681291] ? lock_acquire+0x427/0x4c0 [ 200.681719] ? __pfx_lock_release+0x10/0x10 [ 200.682188] ? __kasan_check_write+0x18/0x20 [ 200.682692] ? do_raw_spin_lock+0x132/0x2a0 [ 200.683162] ? __pfx_do_exit+0x10/0x10 [ 200.683589] ? debug_smp_processor_id+0x20/0x30 [ 200.684084] ? rcu_is_watching+0x19/0xb0 [ 200.684514] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.684998] ? trace_hardirqs_on+0x26/0x120 [ 200.685460] do_group_exit+0xe0/0x2b0 [ 200.685853] __x64_sys_exit_group+0x47/0x50 [ 200.686303] do_syscall_64+0x3b/0x90 [ 200.686749] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.687320] RIP: 0033:0x7f4b87518a4d [ 200.687710] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.688350] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.689144] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.689887] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.690652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.691413] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.692156] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.692913] [ 200.693161] irq event stamp: 0 [ 200.693510] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.694169] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.695083] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.695959] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.696617] ---[ end trace 0000000000000000 ]--- [ 200.703000] ------------[ cut here ]------------ [ 200.703596] WARNING: CPU: 0 PID: 1909 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.704652] Modules linked in: [ 200.704986] CPU: 0 PID: 1909 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.705893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.707104] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.707630] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.709501] RSP: 0018:ffff88800f627bb8 EFLAGS: 00010246 [ 200.710050] RAX: 0000000000000000 RBX: ffff888020fb08a8 RCX: 0000000000000000 [ 200.710815] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 200.711570] RBP: ffff88800f627bd0 R08: ffffed10041f6133 R09: ffffed10041f6133 [ 200.712309] R10: ffff888020fb0993 R11: ffffed10041f6132 R12: ffff888010e03c00 [ 200.713038] R13: ffff888020fb09e8 R14: ffffffff8352e670 R15: ffff88800f627e68 [ 200.713777] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.714653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.715280] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 200.716020] PKRU: 55555554 [ 200.716318] Call Trace: [ 200.716588] [ 200.716826] __iommufd_access_detach+0x1c2/0x2b0 [ 200.717335] iommufd_access_change_pt+0x149/0x270 [ 200.717831] iommufd_access_replace+0xb4/0x120 [ 200.718302] iommufd_test+0x3e5/0x37e0 [ 200.718729] ? lock_release+0x532/0x770 [ 200.719153] ? __might_fault+0x102/0x1b0 [ 200.719579] ? lock_acquire+0x427/0x4c0 [ 200.719998] ? __pfx_iommufd_test+0x10/0x10 [ 200.720442] ? __pfx_lock_release+0x10/0x10 [ 200.720892] ? __pfx_lock_acquire+0x10/0x10 [ 200.721344] ? write_comp_data+0x2f/0x90 [ 200.721767] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.722272] ? write_comp_data+0x2f/0x90 [ 200.722735] iommufd_fops_ioctl+0x37d/0x510 [ 200.723189] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.723695] ? write_comp_data+0x2f/0x90 [ 200.724123] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.724622] __x64_sys_ioctl+0x1a3/0x230 [ 200.725056] do_syscall_64+0x3b/0x90 [ 200.725453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.725989] RIP: 0033:0x7f4b8743ee5d [ 200.726368] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.728261] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.729023] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.729739] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.730469] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.731220] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.731947] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.732699] [ 200.732948] irq event stamp: 0 [ 200.733278] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.733926] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.734813] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.735672] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.736306] ---[ end trace 0000000000000000 ]--- [ 200.739579] ------------[ cut here ]------------ [ 200.740107] WARNING: CPU: 0 PID: 1909 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.741122] Modules linked in: [ 200.741442] CPU: 0 PID: 1909 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.742319] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.743496] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.744001] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.745847] RSP: 0018:ffff88800f627bd0 EFLAGS: 00010246 [ 200.746384] RAX: 0000000000000000 RBX: ffff888020fb08a8 RCX: 0000000000000000 [ 200.747167] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 200.747899] RBP: ffff88800f627be8 R08: ffffed10041f6133 R09: ffffed10041f6133 [ 200.748617] R10: ffff888020fb0993 R11: ffffed10041f6132 R12: ffff888014581000 [ 200.749340] R13: ffff888020fb09e8 R14: ffff888012870800 R15: 0000000000000000 [ 200.750051] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.750890] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.751491] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 200.752210] PKRU: 55555554 [ 200.752498] Call Trace: [ 200.752760] [ 200.752995] iommufd_access_destroy_object+0x65/0x170 [ 200.753527] iommufd_object_destroy_user+0x18e/0x220 [ 200.754045] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.754647] iommufd_access_destroy+0x43/0x70 [ 200.755082] iommufd_test_staccess_release+0x8d/0xd0 [ 200.755583] __fput+0x26d/0xa40 [ 200.755912] ____fput+0x1e/0x30 [ 200.756229] task_work_run+0x1a4/0x2d0 [ 200.756603] ? __pfx_task_work_run+0x10/0x10 [ 200.757023] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.757485] ? switch_task_namespaces+0xa9/0xe0 [ 200.757929] do_exit+0xb17/0x2ef0 [ 200.758253] ? lock_acquire+0x427/0x4c0 [ 200.758664] ? __pfx_lock_release+0x10/0x10 [ 200.759074] ? __kasan_check_write+0x18/0x20 [ 200.759512] ? do_raw_spin_lock+0x132/0x2a0 [ 200.759922] ? __pfx_do_exit+0x10/0x10 [ 200.760297] ? debug_smp_processor_id+0x20/0x30 [ 200.760745] ? rcu_is_watching+0x19/0xb0 [ 200.761139] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.761572] ? trace_hardirqs_on+0x26/0x120 [ 200.761985] do_group_exit+0xe0/0x2b0 [ 200.762344] __x64_sys_exit_group+0x47/0x50 [ 200.762773] do_syscall_64+0x3b/0x90 [ 200.763139] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.763632] RIP: 0033:0x7f4b87518a4d [ 200.763977] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.764548] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.765254] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.765911] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.766608] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.767290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.767951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.768620] [ 200.768841] irq event stamp: 0 [ 200.769136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.769716] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.770492] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.771310] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.771897] ---[ end trace 0000000000000000 ]--- [ 200.772702] ------------[ cut here ]------------ [ 200.773134] WARNING: CPU: 0 PID: 1909 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.774066] Modules linked in: [ 200.774367] CPU: 0 PID: 1909 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.775213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.776243] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.776713] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.778389] RSP: 0018:ffff88800f627b78 EFLAGS: 00010246 [ 200.779080] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.779740] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 200.780385] RBP: ffff88800f627b98 R08: ffffed10041f613e R09: ffffed10041f613e [ 200.781032] R10: ffff888020fb09ef R11: ffffed10041f613d R12: ffff888020fb0a90 [ 200.781679] R13: ffff888020fb08a8 R14: ffffffffffffffff R15: ffff88800f627c60 [ 200.782328] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.783038] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.783551] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 200.784162] PKRU: 55555554 [ 200.784407] Call Trace: [ 200.784632] [ 200.784832] iommufd_ioas_destroy+0x53/0x70 [ 200.785213] iommufd_fops_release+0x1f7/0x370 [ 200.785607] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.786040] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.786471] ? write_comp_data+0x2f/0x90 [ 200.786867] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.787312] __fput+0x26d/0xa40 [ 200.787618] ____fput+0x1e/0x30 [ 200.787916] task_work_run+0x1a4/0x2d0 [ 200.788263] ? __pfx_task_work_run+0x10/0x10 [ 200.788651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.789081] ? switch_task_namespaces+0xa9/0xe0 [ 200.789498] do_exit+0xb17/0x2ef0 [ 200.789799] ? lock_acquire+0x427/0x4c0 [ 200.790159] ? __pfx_lock_release+0x10/0x10 [ 200.790567] ? __kasan_check_write+0x18/0x20 [ 200.790960] ? do_raw_spin_lock+0x132/0x2a0 [ 200.791347] ? __pfx_do_exit+0x10/0x10 [ 200.791699] ? debug_smp_processor_id+0x20/0x30 [ 200.792111] ? rcu_is_watching+0x19/0xb0 [ 200.792470] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.792872] ? trace_hardirqs_on+0x26/0x120 [ 200.793253] do_group_exit+0xe0/0x2b0 [ 200.793585] __x64_sys_exit_group+0x47/0x50 [ 200.793958] do_syscall_64+0x3b/0x90 [ 200.794291] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.794768] RIP: 0033:0x7f4b87518a4d [ 200.795093] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.795640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.796300] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.796912] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.797532] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.798143] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.798787] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.799423] [ 200.799627] irq event stamp: 0 [ 200.799900] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.800441] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.801159] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.801880] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.802424] ---[ end trace 0000000000000000 ]--- [ 200.806623] ------------[ cut here ]------------ [ 200.807058] WARNING: CPU: 0 PID: 1910 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.807950] Modules linked in: [ 200.808303] CPU: 0 PID: 1910 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.809194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.810159] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.810660] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.812323] RSP: 0018:ffff88801709fbb8 EFLAGS: 00010246 [ 200.812868] RAX: 0000000000000000 RBX: ffff88802445c0a8 RCX: 0000000000000000 [ 200.813482] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 200.814094] RBP: ffff88801709fbd0 R08: ffffed100488b833 R09: ffffed100488b833 [ 200.814740] R10: ffff88802445c193 R11: ffffed100488b832 R12: ffff888018b8b000 [ 200.815368] R13: ffff88802445c1e8 R14: ffffffff8352e670 R15: ffff88801709fe68 [ 200.815984] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.816691] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.817189] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 200.817809] PKRU: 55555554 [ 200.818055] Call Trace: [ 200.818278] [ 200.818479] __iommufd_access_detach+0x1c2/0x2b0 [ 200.818935] iommufd_access_change_pt+0x149/0x270 [ 200.819380] iommufd_access_replace+0xb4/0x120 [ 200.819789] iommufd_test+0x3e5/0x37e0 [ 200.820126] ? lock_release+0x532/0x770 [ 200.820481] ? __might_fault+0x102/0x1b0 [ 200.820846] ? lock_acquire+0x427/0x4c0 [ 200.821201] ? __pfx_iommufd_test+0x10/0x10 [ 200.821571] ? __pfx_lock_release+0x10/0x10 [ 200.821955] ? __pfx_lock_acquire+0x10/0x10 [ 200.822337] ? write_comp_data+0x2f/0x90 [ 200.822716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.823138] ? write_comp_data+0x2f/0x90 [ 200.823481] iommufd_fops_ioctl+0x37d/0x510 [ 200.823842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.824246] ? write_comp_data+0x2f/0x90 [ 200.824586] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.824983] __x64_sys_ioctl+0x1a3/0x230 [ 200.825328] do_syscall_64+0x3b/0x90 [ 200.825642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.826071] RIP: 0033:0x7f4b8743ee5d [ 200.826376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.827895] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.828509] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.829089] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.829668] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.830249] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.830849] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.831452] [ 200.831645] irq event stamp: 0 [ 200.831903] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.832414] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.833092] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.833758] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.834258] ---[ end trace 0000000000000000 ]--- [ 200.837416] ------------[ cut here ]------------ [ 200.837816] WARNING: CPU: 0 PID: 1910 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.838772] Modules linked in: [ 200.839149] CPU: 0 PID: 1910 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.839869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.840781] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.841201] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.842885] RSP: 0018:ffff88801709fbd0 EFLAGS: 00010246 [ 200.843356] RAX: 0000000000000000 RBX: ffff88802445c0a8 RCX: 0000000000000000 [ 200.844085] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 200.844675] RBP: ffff88801709fbe8 R08: ffffed100488b833 R09: ffffed100488b833 [ 200.845317] R10: ffff88802445c193 R11: ffffed100488b832 R12: ffff888010e02800 [ 200.846000] R13: ffff88802445c1e8 R14: ffff88800f492c00 R15: 0000000000000000 [ 200.846610] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.847303] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.847908] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 200.848494] PKRU: 55555554 [ 200.848729] Call Trace: [ 200.848941] [ 200.849201] iommufd_access_destroy_object+0x65/0x170 [ 200.849743] iommufd_object_destroy_user+0x18e/0x220 [ 200.850166] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.850667] iommufd_access_destroy+0x43/0x70 [ 200.851051] iommufd_test_staccess_release+0x8d/0xd0 [ 200.851670] __fput+0x26d/0xa40 [ 200.851959] ____fput+0x1e/0x30 [ 200.852240] task_work_run+0x1a4/0x2d0 [ 200.852570] ? __pfx_task_work_run+0x10/0x10 [ 200.852952] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.853504] ? switch_task_namespaces+0xa9/0xe0 [ 200.853900] do_exit+0xb17/0x2ef0 [ 200.854189] ? lock_acquire+0x427/0x4c0 [ 200.854548] ? __pfx_lock_release+0x10/0x10 [ 200.854910] ? __kasan_check_write+0x18/0x20 [ 200.855344] ? do_raw_spin_lock+0x132/0x2a0 [ 200.855813] ? __pfx_do_exit+0x10/0x10 [ 200.856142] ? debug_smp_processor_id+0x20/0x30 [ 200.856552] ? rcu_is_watching+0x19/0xb0 [ 200.856903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.857433] ? trace_hardirqs_on+0x26/0x120 [ 200.857798] do_group_exit+0xe0/0x2b0 [ 200.858116] __x64_sys_exit_group+0x47/0x50 [ 200.858476] do_syscall_64+0x3b/0x90 [ 200.858871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.859439] RIP: 0033:0x7f4b87518a4d [ 200.859746] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.860246] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.860899] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.861615] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.862197] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.862871] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.863577] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.864170] [ 200.864365] irq event stamp: 0 [ 200.864690] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.865316] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.866004] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.866889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.867415] ---[ end trace 0000000000000000 ]--- [ 200.868739] ------------[ cut here ]------------ [ 200.869136] WARNING: CPU: 0 PID: 1910 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.870012] Modules linked in: [ 200.870286] CPU: 0 PID: 1910 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.871137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.872069] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.872494] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.873974] RSP: 0018:ffff88801709fb78 EFLAGS: 00010246 [ 200.874406] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.875008] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 200.875605] RBP: ffff88801709fb98 R08: ffffed100488b83e R09: ffffed100488b83e [ 200.876187] R10: ffff88802445c1ef R11: ffffed100488b83d R12: ffff88802445c290 [ 200.876767] R13: ffff88802445c0a8 R14: ffffffffffffffff R15: ffff88801709fc60 [ 200.877346] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 200.878000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.878470] CR2: 00007f82e2fae000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 200.879068] PKRU: 55555554 [ 200.879308] Call Trace: [ 200.879519] [ 200.879705] iommufd_ioas_destroy+0x53/0x70 [ 200.880064] iommufd_fops_release+0x1f7/0x370 [ 200.880439] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.880849] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.881256] ? write_comp_data+0x2f/0x90 [ 200.881597] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.882008] __fput+0x26d/0xa40 [ 200.882294] ____fput+0x1e/0x30 [ 200.882593] task_work_run+0x1a4/0x2d0 [ 200.882922] ? __pfx_task_work_run+0x10/0x10 [ 200.883305] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.883710] ? switch_task_namespaces+0xa9/0xe0 [ 200.884103] do_exit+0xb17/0x2ef0 [ 200.884389] ? lock_acquire+0x427/0x4c0 [ 200.884724] ? __pfx_lock_release+0x10/0x10 [ 200.885082] ? __kasan_check_write+0x18/0x20 [ 200.885447] ? do_raw_spin_lock+0x132/0x2a0 [ 200.885802] ? __pfx_do_exit+0x10/0x10 [ 200.886129] ? debug_smp_processor_id+0x20/0x30 [ 200.886545] ? rcu_is_watching+0x19/0xb0 [ 200.886888] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.887278] ? trace_hardirqs_on+0x26/0x120 [ 200.887645] do_group_exit+0xe0/0x2b0 [ 200.887959] __x64_sys_exit_group+0x47/0x50 [ 200.888315] do_syscall_64+0x3b/0x90 [ 200.888632] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.889063] RIP: 0033:0x7f4b87518a4d [ 200.889371] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.889868] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.890486] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.891097] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.891686] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.892262] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.892845] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.893436] [ 200.893630] irq event stamp: 0 [ 200.893889] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.894403] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.895107] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.895816] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.896329] ---[ end trace 0000000000000000 ]--- [ 200.901130] ------------[ cut here ]------------ [ 200.901655] WARNING: CPU: 1 PID: 1911 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.902497] Modules linked in: [ 200.902822] CPU: 1 PID: 1911 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.903641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.904530] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.905011] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.906533] RSP: 0018:ffff888016de7bb8 EFLAGS: 00010246 [ 200.907079] RAX: 0000000000000000 RBX: ffff8880149db0a8 RCX: 0000000000000000 [ 200.907653] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 200.908225] RBP: ffff888016de7bd0 R08: ffffed100293b633 R09: ffffed100293b633 [ 200.908859] R10: ffff8880149db193 R11: ffffed100293b632 R12: ffff888020e68000 [ 200.909482] R13: ffff8880149db1e8 R14: ffffffff8352e670 R15: ffff888016de7e68 [ 200.910054] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.910829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.911310] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 200.911873] PKRU: 55555554 [ 200.912099] Call Trace: [ 200.912316] [ 200.912568] __iommufd_access_detach+0x1c2/0x2b0 [ 200.913010] iommufd_access_change_pt+0x149/0x270 [ 200.913425] iommufd_access_replace+0xb4/0x120 [ 200.913803] iommufd_test+0x3e5/0x37e0 [ 200.914115] ? lock_release+0x532/0x770 [ 200.914535] ? __might_fault+0x102/0x1b0 [ 200.914963] ? lock_acquire+0x427/0x4c0 [ 200.915303] ? __pfx_iommufd_test+0x10/0x10 [ 200.915659] ? __pfx_lock_release+0x10/0x10 [ 200.916012] ? __pfx_lock_acquire+0x10/0x10 [ 200.916432] ? write_comp_data+0x2f/0x90 [ 200.916864] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.917258] ? write_comp_data+0x2f/0x90 [ 200.917604] iommufd_fops_ioctl+0x37d/0x510 [ 200.917954] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.918423] ? write_comp_data+0x2f/0x90 [ 200.918873] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 200.919272] __x64_sys_ioctl+0x1a3/0x230 [ 200.919612] do_syscall_64+0x3b/0x90 [ 200.919931] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.920427] RIP: 0033:0x7f4b8743ee5d [ 200.920814] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 200.922412] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 200.923049] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 200.923621] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 200.924199] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 200.924759] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 200.925336] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 200.926071] [ 200.926271] irq event stamp: 0 [ 200.926548] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.927049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.927802] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.928543] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.929039] ---[ end trace 0000000000000000 ]--- [ 200.932245] ------------[ cut here ]------------ [ 200.932664] WARNING: CPU: 1 PID: 1911 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.933507] Modules linked in: [ 200.933802] CPU: 1 PID: 1911 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.934602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.935526] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.936045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.937551] RSP: 0018:ffff888016de7bd0 EFLAGS: 00010246 [ 200.938056] RAX: 0000000000000000 RBX: ffff8880149db0a8 RCX: 0000000000000000 [ 200.938646] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 200.939219] RBP: ffff888016de7be8 R08: ffffed100293b633 R09: ffffed100293b633 [ 200.939932] R10: ffff8880149db193 R11: ffffed100293b632 R12: ffff888010570c00 [ 200.940506] R13: ffff8880149db1e8 R14: ffff888020edb400 R15: 0000000000000000 [ 200.941066] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.941828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.942285] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 200.942885] PKRU: 55555554 [ 200.943128] Call Trace: [ 200.943333] [ 200.943521] iommufd_access_destroy_object+0x65/0x170 [ 200.944102] iommufd_object_destroy_user+0x18e/0x220 [ 200.944513] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 200.944991] iommufd_access_destroy+0x43/0x70 [ 200.945364] iommufd_test_staccess_release+0x8d/0xd0 [ 200.945861] __fput+0x26d/0xa40 [ 200.946161] ____fput+0x1e/0x30 [ 200.946433] task_work_run+0x1a4/0x2d0 [ 200.946779] ? __pfx_task_work_run+0x10/0x10 [ 200.947150] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.947550] ? switch_task_namespaces+0xa9/0xe0 [ 200.948008] do_exit+0xb17/0x2ef0 [ 200.948329] ? lock_acquire+0x427/0x4c0 [ 200.948655] ? __pfx_lock_release+0x10/0x10 [ 200.949015] ? __kasan_check_write+0x18/0x20 [ 200.949368] ? do_raw_spin_lock+0x132/0x2a0 [ 200.949785] ? __pfx_do_exit+0x10/0x10 [ 200.950163] ? debug_smp_processor_id+0x20/0x30 [ 200.950562] ? rcu_is_watching+0x19/0xb0 [ 200.950890] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.951277] ? trace_hardirqs_on+0x26/0x120 [ 200.951631] do_group_exit+0xe0/0x2b0 [ 200.952009] __x64_sys_exit_group+0x47/0x50 [ 200.952408] do_syscall_64+0x3b/0x90 [ 200.952716] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.953140] RIP: 0033:0x7f4b87518a4d [ 200.953451] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.954064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.954697] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.955266] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.955847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.956560] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.957121] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.957703] [ 200.957933] irq event stamp: 0 [ 200.958258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.958791] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.959465] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.960208] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.960761] ---[ end trace 0000000000000000 ]--- [ 200.961502] ------------[ cut here ]------------ [ 200.961905] WARNING: CPU: 1 PID: 1911 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 200.962837] Modules linked in: [ 200.963112] CPU: 1 PID: 1911 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.963816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.964842] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 200.965262] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 200.966906] RSP: 0018:ffff888016de7b78 EFLAGS: 00010246 [ 200.967363] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 200.967927] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 200.968626] RBP: ffff888016de7b98 R08: ffffed100293b63e R09: ffffed100293b63e [ 200.969189] R10: ffff8880149db1ef R11: ffffed100293b63d R12: ffff8880149db290 [ 200.969771] R13: ffff8880149db0a8 R14: ffffffffffffffff R15: ffff888016de7c60 [ 200.970456] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 200.971133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 200.971605] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 200.972213] PKRU: 55555554 [ 200.972532] Call Trace: [ 200.972752] [ 200.972934] iommufd_ioas_destroy+0x53/0x70 [ 200.973291] iommufd_fops_release+0x1f7/0x370 [ 200.973657] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.974099] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.974580] ? write_comp_data+0x2f/0x90 [ 200.974927] ? __pfx_iommufd_fops_release+0x10/0x10 [ 200.975342] __fput+0x26d/0xa40 [ 200.975623] ____fput+0x1e/0x30 [ 200.975897] task_work_run+0x1a4/0x2d0 [ 200.976250] ? __pfx_task_work_run+0x10/0x10 [ 200.976702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 200.977115] ? switch_task_namespaces+0xa9/0xe0 [ 200.977501] do_exit+0xb17/0x2ef0 [ 200.977783] ? lock_acquire+0x427/0x4c0 [ 200.978147] ? __pfx_lock_release+0x10/0x10 [ 200.978588] ? __kasan_check_write+0x18/0x20 [ 200.978949] ? do_raw_spin_lock+0x132/0x2a0 [ 200.979319] ? __pfx_do_exit+0x10/0x10 [ 200.979638] ? debug_smp_processor_id+0x20/0x30 [ 200.980013] ? rcu_is_watching+0x19/0xb0 [ 200.980384] ? _raw_spin_unlock_irq+0x2b/0x60 [ 200.980838] ? trace_hardirqs_on+0x26/0x120 [ 200.981194] do_group_exit+0xe0/0x2b0 [ 200.981516] __x64_sys_exit_group+0x47/0x50 [ 200.981860] do_syscall_64+0x3b/0x90 [ 200.982193] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 200.982724] RIP: 0033:0x7f4b87518a4d [ 200.983030] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 200.983538] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 200.984151] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 200.984830] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 200.985398] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 200.985975] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 200.986690] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 200.987286] [ 200.987474] irq event stamp: 0 [ 200.987727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 200.988237] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 200.989026] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 200.989682] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 200.990189] ---[ end trace 0000000000000000 ]--- [ 200.994943] ------------[ cut here ]------------ [ 200.995365] WARNING: CPU: 1 PID: 1912 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 200.996192] Modules linked in: [ 200.996448] CPU: 1 PID: 1912 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 200.997148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 200.998053] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 200.998449] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 200.999970] RSP: 0018:ffff88800e9afbb8 EFLAGS: 00010246 [ 201.000398] RAX: 0000000000000000 RBX: ffff88800cb930a8 RCX: 0000000000000000 [ 201.000971] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 201.001528] RBP: ffff88800e9afbd0 R08: ffffed1001972633 R09: ffffed1001972633 [ 201.002099] R10: ffff88800cb93193 R11: ffffed1001972632 R12: ffff888014393800 [ 201.002684] R13: ffff88800cb931e8 R14: ffffffff8352e670 R15: ffff88800e9afe68 [ 201.003270] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.003904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.004375] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 201.004939] PKRU: 55555554 [ 201.005165] Call Trace: [ 201.005384] [ 201.005563] __iommufd_access_detach+0x1c2/0x2b0 [ 201.005953] iommufd_access_change_pt+0x149/0x270 [ 201.006361] iommufd_access_replace+0xb4/0x120 [ 201.006753] iommufd_test+0x3e5/0x37e0 [ 201.007069] ? lock_release+0x532/0x770 [ 201.007417] ? __might_fault+0x102/0x1b0 [ 201.007747] ? lock_acquire+0x427/0x4c0 [ 201.008072] ? __pfx_iommufd_test+0x10/0x10 [ 201.008419] ? __pfx_lock_release+0x10/0x10 [ 201.008777] ? __pfx_lock_acquire+0x10/0x10 [ 201.009127] ? write_comp_data+0x2f/0x90 [ 201.009457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.009862] ? write_comp_data+0x2f/0x90 [ 201.010192] iommufd_fops_ioctl+0x37d/0x510 [ 201.010561] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.010967] ? write_comp_data+0x2f/0x90 [ 201.011306] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.011700] __x64_sys_ioctl+0x1a3/0x230 [ 201.012033] do_syscall_64+0x3b/0x90 [ 201.012340] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.012771] RIP: 0033:0x7f4b8743ee5d [ 201.013069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.014535] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.015151] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.015716] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.016290] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.016849] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.017419] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.017991] [ 201.018190] irq event stamp: 0 [ 201.018441] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.018964] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.019650] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.020339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.020844] ---[ end trace 0000000000000000 ]--- [ 201.023809] ------------[ cut here ]------------ [ 201.024213] WARNING: CPU: 1 PID: 1912 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.025002] Modules linked in: [ 201.025250] CPU: 1 PID: 1912 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.025931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.026808] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.027213] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.028616] RSP: 0018:ffff88800e9afbd0 EFLAGS: 00010246 [ 201.029032] RAX: 0000000000000000 RBX: ffff88800cb930a8 RCX: 0000000000000000 [ 201.029576] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 201.030130] RBP: ffff88800e9afbe8 R08: ffffed1001972633 R09: ffffed1001972633 [ 201.030694] R10: ffff88800cb93193 R11: ffffed1001972632 R12: ffff888020e6b000 [ 201.031262] R13: ffff88800cb931e8 R14: ffff8880139bc600 R15: 0000000000000000 [ 201.031803] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.032421] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.032858] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 201.033404] PKRU: 55555554 [ 201.033619] Call Trace: [ 201.033811] [ 201.033983] iommufd_access_destroy_object+0x65/0x170 [ 201.034378] iommufd_object_destroy_user+0x18e/0x220 [ 201.034792] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.035245] iommufd_access_destroy+0x43/0x70 [ 201.035610] iommufd_test_staccess_release+0x8d/0xd0 [ 201.036002] __fput+0x26d/0xa40 [ 201.036268] ____fput+0x1e/0x30 [ 201.036527] task_work_run+0x1a4/0x2d0 [ 201.036844] ? __pfx_task_work_run+0x10/0x10 [ 201.037183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.037561] ? switch_task_namespaces+0xa9/0xe0 [ 201.037934] do_exit+0xb17/0x2ef0 [ 201.038201] ? lock_acquire+0x427/0x4c0 [ 201.038530] ? __pfx_lock_release+0x10/0x10 [ 201.038875] ? __kasan_check_write+0x18/0x20 [ 201.039221] ? do_raw_spin_lock+0x132/0x2a0 [ 201.039550] ? __pfx_do_exit+0x10/0x10 [ 201.039864] ? debug_smp_processor_id+0x20/0x30 [ 201.040220] ? rcu_is_watching+0x19/0xb0 [ 201.040528] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.040876] ? trace_hardirqs_on+0x26/0x120 [ 201.041221] do_group_exit+0xe0/0x2b0 [ 201.041514] __x64_sys_exit_group+0x47/0x50 [ 201.041838] do_syscall_64+0x3b/0x90 [ 201.042137] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.042552] RIP: 0033:0x7f4b87518a4d [ 201.042837] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.043305] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.043876] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.044433] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.044976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.045531] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.046076] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.046649] [ 201.046831] irq event stamp: 0 [ 201.047074] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.047570] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.048209] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.048856] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.049336] ---[ end trace 0000000000000000 ]--- [ 201.050028] ------------[ cut here ]------------ [ 201.050390] WARNING: CPU: 1 PID: 1912 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.051205] Modules linked in: [ 201.051454] CPU: 1 PID: 1912 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.052137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.053017] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.053412] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.054837] RSP: 0018:ffff88800e9afb78 EFLAGS: 00010246 [ 201.055269] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.055819] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 201.056374] RBP: ffff88800e9afb98 R08: ffffed100197263e R09: ffffed100197263e [ 201.056919] R10: ffff88800cb931ef R11: ffffed100197263d R12: ffff88800cb93290 [ 201.057478] R13: ffff88800cb930a8 R14: ffffffffffffffff R15: ffff88800e9afc60 [ 201.058035] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.058702] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.059164] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 201.059735] PKRU: 55555554 [ 201.059956] Call Trace: [ 201.060153] [ 201.060341] iommufd_ioas_destroy+0x53/0x70 [ 201.060683] iommufd_fops_release+0x1f7/0x370 [ 201.061035] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.061438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.061819] ? write_comp_data+0x2f/0x90 [ 201.062141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.062564] __fput+0x26d/0xa40 [ 201.062846] ____fput+0x1e/0x30 [ 201.063130] task_work_run+0x1a4/0x2d0 [ 201.063455] ? __pfx_task_work_run+0x10/0x10 [ 201.063815] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.064202] ? switch_task_namespaces+0xa9/0xe0 [ 201.064706] do_exit+0xb17/0x2ef0 [ 201.065040] ? lock_acquire+0x427/0x4c0 [ 201.065353] ? __pfx_lock_release+0x10/0x10 [ 201.065700] ? __kasan_check_write+0x18/0x20 [ 201.066050] ? do_raw_spin_lock+0x132/0x2a0 [ 201.066387] ? __pfx_do_exit+0x10/0x10 [ 201.066839] ? debug_smp_processor_id+0x20/0x30 [ 201.067212] ? rcu_is_watching+0x19/0xb0 [ 201.067534] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.067906] ? trace_hardirqs_on+0x26/0x120 [ 201.068251] do_group_exit+0xe0/0x2b0 [ 201.068556] __x64_sys_exit_group+0x47/0x50 [ 201.068994] do_syscall_64+0x3b/0x90 [ 201.069295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.069707] RIP: 0033:0x7f4b87518a4d [ 201.070004] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.070489] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.071211] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.071766] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.072330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.072971] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.073526] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.074083] [ 201.074265] irq event stamp: 0 [ 201.074579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.075144] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.075835] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.076504] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.077113] ---[ end trace 0000000000000000 ]--- [ 201.081457] ------------[ cut here ]------------ [ 201.081858] WARNING: CPU: 1 PID: 1913 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.082810] Modules linked in: [ 201.083076] CPU: 1 PID: 1913 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.083769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.084764] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.085149] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.086704] RSP: 0018:ffff888016de7bb8 EFLAGS: 00010246 [ 201.087132] RAX: 0000000000000000 RBX: ffff888011d990a8 RCX: 0000000000000000 [ 201.087702] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 201.088327] RBP: ffff888016de7bd0 R08: ffffed10023b3233 R09: ffffed10023b3233 [ 201.088918] R10: ffff888011d99193 R11: ffffed10023b3232 R12: ffff88801422fc00 [ 201.089476] R13: ffff888011d991e8 R14: ffffffff8352e670 R15: ffff888016de7e68 [ 201.090112] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.090789] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.091256] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 201.091824] PKRU: 55555554 [ 201.092111] Call Trace: [ 201.092356] [ 201.092539] __iommufd_access_detach+0x1c2/0x2b0 [ 201.092938] iommufd_access_change_pt+0x149/0x270 [ 201.093327] iommufd_access_replace+0xb4/0x120 [ 201.093743] iommufd_test+0x3e5/0x37e0 [ 201.094114] ? lock_release+0x532/0x770 [ 201.094437] ? __might_fault+0x102/0x1b0 [ 201.094784] ? lock_acquire+0x427/0x4c0 [ 201.095129] ? __pfx_iommufd_test+0x10/0x10 [ 201.095473] ? __pfx_lock_release+0x10/0x10 [ 201.095844] ? __pfx_lock_acquire+0x10/0x10 [ 201.096262] ? write_comp_data+0x2f/0x90 [ 201.096598] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.096986] ? write_comp_data+0x2f/0x90 [ 201.097333] iommufd_fops_ioctl+0x37d/0x510 [ 201.097738] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.098171] ? write_comp_data+0x2f/0x90 [ 201.098506] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.098911] __x64_sys_ioctl+0x1a3/0x230 [ 201.099262] do_syscall_64+0x3b/0x90 [ 201.099567] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.100099] RIP: 0033:0x7f4b8743ee5d [ 201.100402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.101982] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.102635] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.103218] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.103840] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.104495] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.105074] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.105672] [ 201.105865] irq event stamp: 0 [ 201.106122] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.106728] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.107412] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.108097] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.108607] ---[ end trace 0000000000000000 ]--- [ 201.111828] ------------[ cut here ]------------ [ 201.112266] WARNING: CPU: 0 PID: 1913 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.113090] Modules linked in: [ 201.113355] CPU: 0 PID: 1913 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.114059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.114998] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.115419] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.116898] RSP: 0018:ffff888016de7bd0 EFLAGS: 00010246 [ 201.117334] RAX: 0000000000000000 RBX: ffff888011d990a8 RCX: 0000000000000000 [ 201.117912] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 201.118496] RBP: ffff888016de7be8 R08: ffffed10023b3233 R09: ffffed10023b3233 [ 201.119098] R10: ffff888011d99193 R11: ffffed10023b3232 R12: ffff888012c07c00 [ 201.119685] R13: ffff888011d991e8 R14: ffff888020f65100 R15: 0000000000000000 [ 201.120268] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 201.120924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.121395] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 201.121973] PKRU: 55555554 [ 201.122207] Call Trace: [ 201.122417] [ 201.122620] iommufd_access_destroy_object+0x65/0x170 [ 201.123048] iommufd_object_destroy_user+0x18e/0x220 [ 201.123480] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.123958] iommufd_access_destroy+0x43/0x70 [ 201.124340] iommufd_test_staccess_release+0x8d/0xd0 [ 201.124766] __fput+0x26d/0xa40 [ 201.125053] ____fput+0x1e/0x30 [ 201.125334] task_work_run+0x1a4/0x2d0 [ 201.125662] ? __pfx_task_work_run+0x10/0x10 [ 201.126029] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.126440] ? switch_task_namespaces+0xa9/0xe0 [ 201.126858] do_exit+0xb17/0x2ef0 [ 201.127154] ? lock_acquire+0x427/0x4c0 [ 201.127490] ? __pfx_lock_release+0x10/0x10 [ 201.127851] ? __kasan_check_write+0x18/0x20 [ 201.128213] ? do_raw_spin_lock+0x132/0x2a0 [ 201.128565] ? __pfx_do_exit+0x10/0x10 [ 201.128897] ? debug_smp_processor_id+0x20/0x30 [ 201.129279] ? rcu_is_watching+0x19/0xb0 [ 201.129613] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.129990] ? trace_hardirqs_on+0x26/0x120 [ 201.130347] do_group_exit+0xe0/0x2b0 [ 201.130684] __x64_sys_exit_group+0x47/0x50 [ 201.131041] do_syscall_64+0x3b/0x90 [ 201.131363] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.131798] RIP: 0033:0x7f4b87518a4d [ 201.132103] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.132588] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.133185] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.133746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.134306] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.134892] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.135462] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.136025] [ 201.136208] irq event stamp: 0 [ 201.136454] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.136946] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.137594] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.138242] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.138756] ---[ end trace 0000000000000000 ]--- [ 201.139702] ------------[ cut here ]------------ [ 201.140075] WARNING: CPU: 0 PID: 1913 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.140871] Modules linked in: [ 201.141122] CPU: 0 PID: 1913 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.141803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.142803] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.143215] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.144622] RSP: 0018:ffff888016de7b78 EFLAGS: 00010246 [ 201.145038] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.145597] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 201.146159] RBP: ffff888016de7b98 R08: ffffed10023b323e R09: ffffed10023b323e [ 201.146736] R10: ffff888011d991ef R11: ffffed10023b323d R12: ffff888011d99290 [ 201.147308] R13: ffff888011d990a8 R14: ffffffffffffffff R15: ffff888016de7c60 [ 201.147864] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 201.148491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.148938] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 201.149497] PKRU: 55555554 [ 201.149720] Call Trace: [ 201.149925] [ 201.150105] iommufd_ioas_destroy+0x53/0x70 [ 201.150454] iommufd_fops_release+0x1f7/0x370 [ 201.150834] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.151241] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.151629] ? write_comp_data+0x2f/0x90 [ 201.151959] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.152353] __fput+0x26d/0xa40 [ 201.152627] ____fput+0x1e/0x30 [ 201.152896] task_work_run+0x1a4/0x2d0 [ 201.153209] ? __pfx_task_work_run+0x10/0x10 [ 201.153564] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.153954] ? switch_task_namespaces+0xa9/0xe0 [ 201.154332] do_exit+0xb17/0x2ef0 [ 201.154625] ? lock_acquire+0x427/0x4c0 [ 201.154951] ? __pfx_lock_release+0x10/0x10 [ 201.155312] ? __kasan_check_write+0x18/0x20 [ 201.155663] ? do_raw_spin_lock+0x132/0x2a0 [ 201.156003] ? __pfx_do_exit+0x10/0x10 [ 201.156320] ? debug_smp_processor_id+0x20/0x30 [ 201.156693] ? rcu_is_watching+0x19/0xb0 [ 201.157013] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.157371] ? trace_hardirqs_on+0x26/0x120 [ 201.157716] do_group_exit+0xe0/0x2b0 [ 201.158018] __x64_sys_exit_group+0x47/0x50 [ 201.158355] do_syscall_64+0x3b/0x90 [ 201.158672] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.159085] RIP: 0033:0x7f4b87518a4d [ 201.159385] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.159864] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.160454] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.161008] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.161565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.162124] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.162699] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.163279] [ 201.163462] irq event stamp: 0 [ 201.163709] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.164206] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.164856] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.165509] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.166001] ---[ end trace 0000000000000000 ]--- [ 201.170561] ------------[ cut here ]------------ [ 201.170974] WARNING: CPU: 0 PID: 1914 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.171776] Modules linked in: [ 201.172027] CPU: 0 PID: 1914 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.172702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.173569] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.173956] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.175396] RSP: 0018:ffff888016677bb8 EFLAGS: 00010246 [ 201.175819] RAX: 0000000000000000 RBX: ffff8880159d68a8 RCX: 0000000000000000 [ 201.176370] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 201.176926] RBP: ffff888016677bd0 R08: ffffed1002b3ad33 R09: ffffed1002b3ad33 [ 201.177479] R10: ffff8880159d6993 R11: ffffed1002b3ad32 R12: ffff888012e91800 [ 201.178030] R13: ffff8880159d69e8 R14: ffffffff8352e670 R15: ffff888016677e68 [ 201.178597] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 201.179235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.179685] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 201.180241] PKRU: 55555554 [ 201.180464] Call Trace: [ 201.180663] [ 201.180840] __iommufd_access_detach+0x1c2/0x2b0 [ 201.181226] iommufd_access_change_pt+0x149/0x270 [ 201.181613] iommufd_access_replace+0xb4/0x120 [ 201.181982] iommufd_test+0x3e5/0x37e0 [ 201.182291] ? lock_release+0x532/0x770 [ 201.182643] ? __might_fault+0x102/0x1b0 [ 201.182973] ? lock_acquire+0x427/0x4c0 [ 201.183304] ? __pfx_iommufd_test+0x10/0x10 [ 201.183639] ? __pfx_lock_release+0x10/0x10 [ 201.183982] ? __pfx_lock_acquire+0x10/0x10 [ 201.184330] ? write_comp_data+0x2f/0x90 [ 201.184664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.185054] ? write_comp_data+0x2f/0x90 [ 201.185388] iommufd_fops_ioctl+0x37d/0x510 [ 201.185729] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.186116] ? write_comp_data+0x2f/0x90 [ 201.186445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.186844] __x64_sys_ioctl+0x1a3/0x230 [ 201.187188] do_syscall_64+0x3b/0x90 [ 201.187496] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.187907] RIP: 0033:0x7f4b8743ee5d [ 201.188196] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.189573] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.190151] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.190709] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.191264] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.191809] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.192352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.192902] [ 201.193087] irq event stamp: 0 [ 201.193327] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.193804] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.194438] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.195091] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.195587] ---[ end trace 0000000000000000 ]--- [ 201.198284] ------------[ cut here ]------------ [ 201.198693] WARNING: CPU: 0 PID: 1914 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.199483] Modules linked in: [ 201.199730] CPU: 0 PID: 1914 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.200390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.201242] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.201622] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.203020] RSP: 0018:ffff888016677bd0 EFLAGS: 00010246 [ 201.203431] RAX: 0000000000000000 RBX: ffff8880159d68a8 RCX: 0000000000000000 [ 201.203968] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 201.204500] RBP: ffff888016677be8 R08: ffffed1002b3ad33 R09: ffffed1002b3ad33 [ 201.205035] R10: ffff8880159d6993 R11: ffffed1002b3ad32 R12: ffff888018b88c00 [ 201.205568] R13: ffff8880159d69e8 R14: ffff888020a71100 R15: 0000000000000000 [ 201.206103] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 201.206726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.207175] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 201.207714] PKRU: 55555554 [ 201.207929] Call Trace: [ 201.208123] [ 201.208296] iommufd_access_destroy_object+0x65/0x170 [ 201.208695] iommufd_object_destroy_user+0x18e/0x220 [ 201.209085] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.209531] iommufd_access_destroy+0x43/0x70 [ 201.209883] iommufd_test_staccess_release+0x8d/0xd0 [ 201.210277] __fput+0x26d/0xa40 [ 201.210563] ____fput+0x1e/0x30 [ 201.210827] task_work_run+0x1a4/0x2d0 [ 201.211144] ? __pfx_task_work_run+0x10/0x10 [ 201.211486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.211866] ? switch_task_namespaces+0xa9/0xe0 [ 201.212232] do_exit+0xb17/0x2ef0 [ 201.212500] ? lock_acquire+0x427/0x4c0 [ 201.212816] ? __pfx_lock_release+0x10/0x10 [ 201.213153] ? __kasan_check_write+0x18/0x20 [ 201.213493] ? do_raw_spin_lock+0x132/0x2a0 [ 201.213825] ? __pfx_do_exit+0x10/0x10 [ 201.214133] ? debug_smp_processor_id+0x20/0x30 [ 201.214490] ? rcu_is_watching+0x19/0xb0 [ 201.214828] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.215198] ? trace_hardirqs_on+0x26/0x120 [ 201.215537] do_group_exit+0xe0/0x2b0 [ 201.215830] __x64_sys_exit_group+0x47/0x50 [ 201.216159] do_syscall_64+0x3b/0x90 [ 201.216456] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.216856] RIP: 0033:0x7f4b87518a4d [ 201.217140] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.217609] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.218181] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.218741] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.219293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.219835] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.220372] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.220920] [ 201.221100] irq event stamp: 0 [ 201.221343] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.221817] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.222453] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.223109] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.223600] ---[ end trace 0000000000000000 ]--- [ 201.224275] ------------[ cut here ]------------ [ 201.224632] WARNING: CPU: 0 PID: 1914 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.225408] Modules linked in: [ 201.225656] CPU: 0 PID: 1914 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.226327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.227206] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.227608] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.228985] RSP: 0018:ffff888016677b78 EFLAGS: 00010246 [ 201.229391] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.229926] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 201.230465] RBP: ffff888016677b98 R08: ffffed1002b3ad3e R09: ffffed1002b3ad3e [ 201.231021] R10: ffff8880159d69ef R11: ffffed1002b3ad3d R12: ffff8880159d6a90 [ 201.231569] R13: ffff8880159d68a8 R14: ffffffffffffffff R15: ffff888016677c60 [ 201.232112] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 201.232716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.233153] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 201.233686] PKRU: 55555554 [ 201.233896] Call Trace: [ 201.234089] [ 201.234261] iommufd_ioas_destroy+0x53/0x70 [ 201.234616] iommufd_fops_release+0x1f7/0x370 [ 201.234963] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.235349] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.235726] ? write_comp_data+0x2f/0x90 [ 201.236046] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.236427] __fput+0x26d/0xa40 [ 201.236691] ____fput+0x1e/0x30 [ 201.236949] task_work_run+0x1a4/0x2d0 [ 201.237253] ? __pfx_task_work_run+0x10/0x10 [ 201.237589] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.237959] ? switch_task_namespaces+0xa9/0xe0 [ 201.238320] do_exit+0xb17/0x2ef0 [ 201.238609] ? lock_acquire+0x427/0x4c0 [ 201.238923] ? __pfx_lock_release+0x10/0x10 [ 201.239265] ? __kasan_check_write+0x18/0x20 [ 201.239603] ? do_raw_spin_lock+0x132/0x2a0 [ 201.239929] ? __pfx_do_exit+0x10/0x10 [ 201.240231] ? debug_smp_processor_id+0x20/0x30 [ 201.240585] ? rcu_is_watching+0x19/0xb0 [ 201.240893] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.241236] ? trace_hardirqs_on+0x26/0x120 [ 201.241567] do_group_exit+0xe0/0x2b0 [ 201.241857] __x64_sys_exit_group+0x47/0x50 [ 201.242181] do_syscall_64+0x3b/0x90 [ 201.242470] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.242887] RIP: 0033:0x7f4b87518a4d [ 201.243183] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.243640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.244216] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.244746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.245294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.245827] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.246363] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.246923] [ 201.247102] irq event stamp: 0 [ 201.247354] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.247824] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.248446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.249062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.249528] ---[ end trace 0000000000000000 ]--- [ 201.253831] ------------[ cut here ]------------ [ 201.254230] WARNING: CPU: 0 PID: 1915 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.255066] Modules linked in: [ 201.255330] CPU: 0 PID: 1915 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.255980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.256818] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.257193] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.258623] RSP: 0018:ffff888017bffbb8 EFLAGS: 00010246 [ 201.259034] RAX: 0000000000000000 RBX: ffff8880187548a8 RCX: 0000000000000000 [ 201.259582] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 201.260116] RBP: ffff888017bffbd0 R08: ffffed10030ea933 R09: ffffed10030ea933 [ 201.260652] R10: ffff888018754993 R11: ffffed10030ea932 R12: ffff888013b20000 [ 201.261187] R13: ffff8880187549e8 R14: ffffffff8352e670 R15: ffff888017bffe68 [ 201.261720] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 201.262325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.262789] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 201.263354] PKRU: 55555554 [ 201.263575] Call Trace: [ 201.263774] [ 201.263946] __iommufd_access_detach+0x1c2/0x2b0 [ 201.264320] iommufd_access_change_pt+0x149/0x270 [ 201.264695] iommufd_access_replace+0xb4/0x120 [ 201.265052] iommufd_test+0x3e5/0x37e0 [ 201.265353] ? lock_release+0x532/0x770 [ 201.265667] ? __might_fault+0x102/0x1b0 [ 201.265984] ? lock_acquire+0x427/0x4c0 [ 201.266300] ? __pfx_iommufd_test+0x10/0x10 [ 201.266653] ? __pfx_lock_release+0x10/0x10 [ 201.266995] ? __pfx_lock_acquire+0x10/0x10 [ 201.267345] ? write_comp_data+0x2f/0x90 [ 201.267675] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.268061] ? write_comp_data+0x2f/0x90 [ 201.268387] iommufd_fops_ioctl+0x37d/0x510 [ 201.268731] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.269113] ? write_comp_data+0x2f/0x90 [ 201.269436] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.269813] __x64_sys_ioctl+0x1a3/0x230 [ 201.270143] do_syscall_64+0x3b/0x90 [ 201.270445] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.270881] RIP: 0033:0x7f4b8743ee5d [ 201.271190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.272609] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.273214] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.273772] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.274338] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.274921] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.275497] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.276060] [ 201.276247] irq event stamp: 0 [ 201.276496] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.276993] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.277654] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.278308] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.278825] ---[ end trace 0000000000000000 ]--- [ 201.283534] ------------[ cut here ]------------ [ 201.284110] WARNING: CPU: 1 PID: 1915 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.285246] Modules linked in: [ 201.285634] CPU: 1 PID: 1915 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.286804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.288141] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.288728] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.290826] RSP: 0018:ffff888017bffbd0 EFLAGS: 00010246 [ 201.291455] RAX: 0000000000000000 RBX: ffff8880187548a8 RCX: 0000000000000000 [ 201.292261] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 201.293059] RBP: ffff888017bffbe8 R08: ffffed10030ea933 R09: ffffed10030ea933 [ 201.293862] R10: ffff888018754993 R11: ffffed10030ea932 R12: ffff888012e93000 [ 201.294705] R13: ffff8880187549e8 R14: ffff88801381a100 R15: 0000000000000000 [ 201.295531] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.296449] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.297109] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 201.297917] PKRU: 55555554 [ 201.298246] Call Trace: [ 201.298595] [ 201.298870] iommufd_access_destroy_object+0x65/0x170 [ 201.299491] iommufd_object_destroy_user+0x18e/0x220 [ 201.300080] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.300760] iommufd_access_destroy+0x43/0x70 [ 201.301292] iommufd_test_staccess_release+0x8d/0xd0 [ 201.301885] __fput+0x26d/0xa40 [ 201.302291] ____fput+0x1e/0x30 [ 201.302739] task_work_run+0x1a4/0x2d0 [ 201.303222] ? __pfx_task_work_run+0x10/0x10 [ 201.303739] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.304304] ? switch_task_namespaces+0xa9/0xe0 [ 201.304863] do_exit+0xb17/0x2ef0 [ 201.305272] ? lock_acquire+0x427/0x4c0 [ 201.305750] ? __pfx_lock_release+0x10/0x10 [ 201.306264] ? __kasan_check_write+0x18/0x20 [ 201.306835] ? do_raw_spin_lock+0x132/0x2a0 [ 201.307365] ? __pfx_do_exit+0x10/0x10 [ 201.307955] ? debug_smp_processor_id+0x20/0x30 [ 201.308377] ? rcu_is_watching+0x19/0xb0 [ 201.308732] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.309198] ? trace_hardirqs_on+0x26/0x120 [ 201.309588] do_group_exit+0xe0/0x2b0 [ 201.309924] __x64_sys_exit_group+0x47/0x50 [ 201.310295] do_syscall_64+0x3b/0x90 [ 201.310679] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.311158] RIP: 0033:0x7f4b87518a4d [ 201.311484] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.312019] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.312683] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.313313] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.313948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.314610] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.315260] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.315890] [ 201.316097] irq event stamp: 0 [ 201.316373] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.316922] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.317652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.318379] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.318962] ---[ end trace 0000000000000000 ]--- [ 201.319753] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 201.319836] ------------[ cut here ]------------ [ 201.322252] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 201.322663] WARNING: CPU: 1 PID: 1915 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.322694] Modules linked in: [ 201.325665] CPU: 1 PID: 1915 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.326482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.327599] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.328083] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.329773] RSP: 0018:ffff888017bffb78 EFLAGS: 00010246 [ 201.330278] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.330962] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 201.331642] RBP: ffff888017bffb98 R08: ffffed10030ea93e R09: ffffed10030ea93e [ 201.332322] R10: ffff8880187549ef R11: ffffed10030ea93d R12: ffff888018754a90 [ 201.333000] R13: ffff8880187548a8 R14: ffffffffffffffff R15: ffff888017bffc60 [ 201.333685] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.334444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.335020] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 201.335738] PKRU: 55555554 [ 201.336021] Call Trace: [ 201.336270] [ 201.336490] iommufd_ioas_destroy+0x53/0x70 [ 201.336917] iommufd_fops_release+0x1f7/0x370 [ 201.337349] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.337829] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.338303] ? write_comp_data+0x2f/0x90 [ 201.338736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.339242] __fput+0x26d/0xa40 [ 201.339579] ____fput+0x1e/0x30 [ 201.339911] task_work_run+0x1a4/0x2d0 [ 201.340320] ? __pfx_task_work_run+0x10/0x10 [ 201.340795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.341394] ? switch_task_namespaces+0xa9/0xe0 [ 201.341913] do_exit+0xb17/0x2ef0 [ 201.342286] ? lock_acquire+0x427/0x4c0 [ 201.342754] ? __pfx_lock_release+0x10/0x10 [ 201.343234] ? __kasan_check_write+0x18/0x20 [ 201.343705] ? do_raw_spin_lock+0x132/0x2a0 [ 201.344160] ? __pfx_do_exit+0x10/0x10 [ 201.344577] ? debug_smp_processor_id+0x20/0x30 [ 201.345066] ? rcu_is_watching+0x19/0xb0 [ 201.345487] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.345965] ? trace_hardirqs_on+0x26/0x120 [ 201.346426] do_group_exit+0xe0/0x2b0 [ 201.346859] __x64_sys_exit_group+0x47/0x50 [ 201.347323] do_syscall_64+0x3b/0x90 [ 201.347718] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.348255] RIP: 0033:0x7f4b87518a4d [ 201.348645] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.349291] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.350085] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.350865] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.351610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.352343] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.353082] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.353829] [ 201.354072] irq event stamp: 0 [ 201.354395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.355072] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.355961] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.356828] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.357500] ---[ end trace 0000000000000000 ]--- [ 201.365806] ------------[ cut here ]------------ [ 201.366676] WARNING: CPU: 0 PID: 1917 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.368124] Modules linked in: [ 201.368600] CPU: 0 PID: 1917 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.369818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.371503] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.372217] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.374789] RSP: 0018:ffff888016de7bb8 EFLAGS: 00010246 [ 201.375590] RAX: 0000000000000000 RBX: ffff888010b880a8 RCX: 0000000000000000 [ 201.376579] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 201.377573] RBP: ffff888016de7bd0 R08: ffffed1002171033 R09: ffffed1002171033 [ 201.378638] R10: ffff888010b88193 R11: ffffed1002171032 R12: ffff888010b0c800 [ 201.379668] R13: ffff888010b881e8 R14: ffffffff8352e670 R15: ffff888016de7e68 [ 201.381002] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 201.382130] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.383020] CR2: 00007f4b877410e8 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 201.384081] PKRU: 55555554 [ 201.384484] Call Trace: [ 201.384842] [ 201.385171] __iommufd_access_detach+0x1c2/0x2b0 [ 201.385868] iommufd_access_change_pt+0x149/0x270 [ 201.386646] iommufd_access_replace+0xb4/0x120 [ 201.387361] iommufd_test+0x3e5/0x37e0 [ 201.387928] ? lock_release+0x532/0x770 [ 201.388524] ? __might_fault+0x102/0x1b0 [ 201.389117] ? lock_acquire+0x427/0x4c0 [ 201.389697] ? __pfx_iommufd_test+0x10/0x10 [ 201.390296] ? __pfx_lock_release+0x10/0x10 [ 201.390997] ? __pfx_lock_acquire+0x10/0x10 [ 201.391675] ? write_comp_data+0x2f/0x90 [ 201.392283] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.392965] ? write_comp_data+0x2f/0x90 [ 201.393561] iommufd_fops_ioctl+0x37d/0x510 [ 201.394196] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.394988] ? write_comp_data+0x2f/0x90 [ 201.395622] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.396315] __x64_sys_ioctl+0x1a3/0x230 [ 201.396903] do_syscall_64+0x3b/0x90 [ 201.397450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.398188] RIP: 0033:0x7f4b8743ee5d [ 201.398803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.401326] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.402398] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.403470] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.404474] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.405472] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.406465] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.407571] [ 201.407931] irq event stamp: 0 [ 201.408381] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.409254] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.410384] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.411597] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.412464] ---[ end trace 0000000000000000 ]--- [ 201.416250] ------------[ cut here ]------------ [ 201.416823] WARNING: CPU: 1 PID: 1917 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.417875] Modules linked in: [ 201.418216] CPU: 1 PID: 1917 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.419807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.420984] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.421502] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.423677] RSP: 0018:ffff888016de7bd0 EFLAGS: 00010246 [ 201.424566] RAX: 0000000000000000 RBX: ffff888010b880a8 RCX: 0000000000000000 [ 201.425304] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 201.426037] RBP: ffff888016de7be8 R08: ffffed1002171033 R09: ffffed1002171033 [ 201.426833] R10: ffff888010b88193 R11: ffffed1002171032 R12: ffff888013b21400 [ 201.427675] R13: ffff888010b881e8 R14: ffff88800f5daa00 R15: 0000000000000000 [ 201.428694] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.429724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.430350] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 201.431156] PKRU: 55555554 [ 201.431463] Call Trace: [ 201.431739] [ 201.431985] iommufd_access_destroy_object+0x65/0x170 [ 201.432639] iommufd_object_destroy_user+0x18e/0x220 [ 201.433468] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.434100] iommufd_access_destroy+0x43/0x70 [ 201.434682] iommufd_test_staccess_release+0x8d/0xd0 [ 201.435275] __fput+0x26d/0xa40 [ 201.435636] ____fput+0x1e/0x30 [ 201.435991] task_work_run+0x1a4/0x2d0 [ 201.436413] ? __pfx_task_work_run+0x10/0x10 [ 201.437037] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.437746] ? switch_task_namespaces+0xa9/0xe0 [ 201.438343] do_exit+0xb17/0x2ef0 [ 201.438769] ? lock_acquire+0x427/0x4c0 [ 201.439216] ? __pfx_lock_release+0x10/0x10 [ 201.439675] ? __kasan_check_write+0x18/0x20 [ 201.440142] ? do_raw_spin_lock+0x132/0x2a0 [ 201.440600] ? __pfx_do_exit+0x10/0x10 [ 201.441021] ? debug_smp_processor_id+0x20/0x30 [ 201.441518] ? rcu_is_watching+0x19/0xb0 [ 201.442068] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.442809] ? trace_hardirqs_on+0x26/0x120 [ 201.443290] do_group_exit+0xe0/0x2b0 [ 201.443698] __x64_sys_exit_group+0x47/0x50 [ 201.444147] do_syscall_64+0x3b/0x90 [ 201.444546] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.445093] RIP: 0033:0x7f4b87518a4d [ 201.445484] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.446115] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.446941] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.447695] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.448437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.449187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.450058] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.451174] [ 201.451431] irq event stamp: 0 [ 201.451759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.452419] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.453280] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.454142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.454838] ---[ end trace 0000000000000000 ]--- [ 201.455821] ------------[ cut here ]------------ [ 201.456463] WARNING: CPU: 1 PID: 1917 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.457776] Modules linked in: [ 201.458118] CPU: 1 PID: 1917 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.459090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.460283] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.460835] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.463454] RSP: 0018:ffff888016de7b78 EFLAGS: 00010246 [ 201.464018] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.464757] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 201.465502] RBP: ffff888016de7b98 R08: ffffed100217103e R09: ffffed100217103e [ 201.466243] R10: ffff888010b881ef R11: ffffed100217103d R12: ffff888010b88290 [ 201.467023] R13: ffff888010b880a8 R14: ffffffffffffffff R15: ffff888016de7c60 [ 201.468019] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.469262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.469881] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 201.470667] PKRU: 55555554 [ 201.470979] Call Trace: [ 201.471254] [ 201.471493] iommufd_ioas_destroy+0x53/0x70 [ 201.471958] iommufd_fops_release+0x1f7/0x370 [ 201.472436] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.472957] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.473471] ? write_comp_data+0x2f/0x90 [ 201.474044] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.474829] __fput+0x26d/0xa40 [ 201.475189] ____fput+0x1e/0x30 [ 201.475535] task_work_run+0x1a4/0x2d0 [ 201.475944] ? __pfx_task_work_run+0x10/0x10 [ 201.476407] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.476911] ? switch_task_namespaces+0xa9/0xe0 [ 201.477404] do_exit+0xb17/0x2ef0 [ 201.477767] ? lock_acquire+0x427/0x4c0 [ 201.478186] ? __pfx_lock_release+0x10/0x10 [ 201.478677] ? __kasan_check_write+0x18/0x20 [ 201.479148] ? do_raw_spin_lock+0x132/0x2a0 [ 201.479596] ? __pfx_do_exit+0x10/0x10 [ 201.480068] ? debug_smp_processor_id+0x20/0x30 [ 201.480706] ? rcu_is_watching+0x19/0xb0 [ 201.481309] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.481794] ? trace_hardirqs_on+0x26/0x120 [ 201.482245] do_group_exit+0xe0/0x2b0 [ 201.482675] __x64_sys_exit_group+0x47/0x50 [ 201.483146] do_syscall_64+0x3b/0x90 [ 201.483541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.484088] RIP: 0033:0x7f4b87518a4d [ 201.484470] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.485107] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.486198] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.487225] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.487994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.488741] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.489479] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.490222] [ 201.490465] irq event stamp: 0 [ 201.490838] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.491732] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.492851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.493721] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.494374] ---[ end trace 0000000000000000 ]--- [ 201.500063] ------------[ cut here ]------------ [ 201.500688] WARNING: CPU: 1 PID: 1918 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.502237] Modules linked in: [ 201.502628] CPU: 1 PID: 1918 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.503563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.504742] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.505343] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.507578] RSP: 0018:ffff888016677bb8 EFLAGS: 00010246 [ 201.508139] RAX: 0000000000000000 RBX: ffff88800f6258a8 RCX: 0000000000000000 [ 201.508880] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 201.509735] RBP: ffff888016677bd0 R08: ffffed1001ec4b33 R09: ffffed1001ec4b33 [ 201.510749] R10: ffff88800f625993 R11: ffffed1001ec4b32 R12: ffff8880142a6800 [ 201.511515] R13: ffff88800f6259e8 R14: ffffffff8352e670 R15: ffff888016677e68 [ 201.512307] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.513153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.513770] CR2: 00007f4b877410e8 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 201.514819] PKRU: 55555554 [ 201.515263] Call Trace: [ 201.515544] [ 201.515785] __iommufd_access_detach+0x1c2/0x2b0 [ 201.516297] iommufd_access_change_pt+0x149/0x270 [ 201.516814] iommufd_access_replace+0xb4/0x120 [ 201.517303] iommufd_test+0x3e5/0x37e0 [ 201.517715] ? lock_release+0x532/0x770 [ 201.518154] ? __might_fault+0x102/0x1b0 [ 201.518643] ? lock_acquire+0x427/0x4c0 [ 201.519083] ? __pfx_iommufd_test+0x10/0x10 [ 201.519601] ? __pfx_lock_release+0x10/0x10 [ 201.520206] ? __pfx_lock_acquire+0x10/0x10 [ 201.520863] ? write_comp_data+0x2f/0x90 [ 201.521313] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.521833] ? write_comp_data+0x2f/0x90 [ 201.522270] iommufd_fops_ioctl+0x37d/0x510 [ 201.522788] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.523336] ? write_comp_data+0x2f/0x90 [ 201.523790] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.524314] __x64_sys_ioctl+0x1a3/0x230 [ 201.524917] do_syscall_64+0x3b/0x90 [ 201.525459] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.526114] RIP: 0033:0x7f4b8743ee5d [ 201.526585] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.528529] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.529345] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.530224] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.531336] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.532103] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.532867] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.533692] [ 201.533944] irq event stamp: 0 [ 201.534276] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.534999] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.536246] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.537294] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.537961] ---[ end trace 0000000000000000 ]--- [ 201.541406] ------------[ cut here ]------------ [ 201.542087] WARNING: CPU: 1 PID: 1918 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.543260] Modules linked in: [ 201.543611] CPU: 1 PID: 1918 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.544534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.545822] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.546624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.548597] RSP: 0018:ffff888016677bd0 EFLAGS: 00010246 [ 201.549165] RAX: 0000000000000000 RBX: ffff88800f6258a8 RCX: 0000000000000000 [ 201.549930] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 201.550842] RBP: ffff888016677be8 R08: ffffed1001ec4b33 R09: ffffed1001ec4b33 [ 201.551822] R10: ffff88800f625993 R11: ffffed1001ec4b32 R12: ffff88801422e000 [ 201.552578] R13: ffff88800f6259e8 R14: ffff8880143e0300 R15: 0000000000000000 [ 201.553336] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.554200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.554874] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 201.555655] PKRU: 55555554 [ 201.556015] Call Trace: [ 201.556378] [ 201.556745] iommufd_access_destroy_object+0x65/0x170 [ 201.557427] iommufd_object_destroy_user+0x18e/0x220 [ 201.557980] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.558669] iommufd_access_destroy+0x43/0x70 [ 201.559175] iommufd_test_staccess_release+0x8d/0xd0 [ 201.559724] __fput+0x26d/0xa40 [ 201.560092] ____fput+0x1e/0x30 [ 201.560451] task_work_run+0x1a4/0x2d0 [ 201.560873] ? __pfx_task_work_run+0x10/0x10 [ 201.561369] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.562091] ? switch_task_namespaces+0xa9/0xe0 [ 201.562799] do_exit+0xb17/0x2ef0 [ 201.563191] ? lock_acquire+0x427/0x4c0 [ 201.563629] ? __pfx_lock_release+0x10/0x10 [ 201.564094] ? __kasan_check_write+0x18/0x20 [ 201.564560] ? do_raw_spin_lock+0x132/0x2a0 [ 201.565102] ? __pfx_do_exit+0x10/0x10 [ 201.565530] ? debug_smp_processor_id+0x20/0x30 [ 201.566032] ? rcu_is_watching+0x19/0xb0 [ 201.566484] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.567195] ? trace_hardirqs_on+0x26/0x120 [ 201.567879] do_group_exit+0xe0/0x2b0 [ 201.568296] __x64_sys_exit_group+0x47/0x50 [ 201.568761] do_syscall_64+0x3b/0x90 [ 201.569174] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.569749] RIP: 0033:0x7f4b87518a4d [ 201.570150] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.570857] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.571702] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.572465] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.573516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.574314] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.575135] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.575910] [ 201.576163] irq event stamp: 0 [ 201.576504] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.577191] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.578325] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.579394] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.580071] ---[ end trace 0000000000000000 ]--- [ 201.581040] ------------[ cut here ]------------ [ 201.581554] WARNING: CPU: 1 PID: 1918 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.582754] Modules linked in: [ 201.583108] CPU: 1 PID: 1918 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.584146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.585487] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.586050] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.588077] RSP: 0018:ffff888016677b78 EFLAGS: 00010246 [ 201.588880] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.589669] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 201.590435] RBP: ffff888016677b98 R08: ffffed1001ec4b3e R09: ffffed1001ec4b3e [ 201.591257] R10: ffff88800f6259ef R11: ffffed1001ec4b3d R12: ffff88800f625a90 [ 201.592019] R13: ffff88800f6258a8 R14: ffffffffffffffff R15: ffff888016677c60 [ 201.592793] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.593996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.594667] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 201.595465] PKRU: 55555554 [ 201.595771] Call Trace: [ 201.596051] [ 201.596303] iommufd_ioas_destroy+0x53/0x70 [ 201.596783] iommufd_fops_release+0x1f7/0x370 [ 201.597361] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.598094] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.598663] ? write_comp_data+0x2f/0x90 [ 201.599150] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.599692] __fput+0x26d/0xa40 [ 201.600070] ____fput+0x1e/0x30 [ 201.600440] task_work_run+0x1a4/0x2d0 [ 201.600872] ? __pfx_task_work_run+0x10/0x10 [ 201.601363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.601894] ? switch_task_namespaces+0xa9/0xe0 [ 201.602631] do_exit+0xb17/0x2ef0 [ 201.603194] ? lock_acquire+0x427/0x4c0 [ 201.603642] ? __pfx_lock_release+0x10/0x10 [ 201.604114] ? __kasan_check_write+0x18/0x20 [ 201.604601] ? do_raw_spin_lock+0x132/0x2a0 [ 201.605075] ? __pfx_do_exit+0x10/0x10 [ 201.605522] ? debug_smp_processor_id+0x20/0x30 [ 201.606035] ? rcu_is_watching+0x19/0xb0 [ 201.606481] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.607054] ? trace_hardirqs_on+0x26/0x120 [ 201.607689] do_group_exit+0xe0/0x2b0 [ 201.608104] __x64_sys_exit_group+0x47/0x50 [ 201.608571] do_syscall_64+0x3b/0x90 [ 201.608987] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.609568] RIP: 0033:0x7f4b87518a4d [ 201.609975] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.610674] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.611663] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.612612] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.613376] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.614155] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.614949] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.615740] [ 201.616080] irq event stamp: 0 [ 201.616565] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.617389] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.618297] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.619242] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.619927] ---[ end trace 0000000000000000 ]--- [ 201.627525] ------------[ cut here ]------------ [ 201.628091] WARNING: CPU: 1 PID: 1919 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.629259] Modules linked in: [ 201.629611] CPU: 1 PID: 1919 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.630639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.632247] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.632800] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.634805] RSP: 0018:ffff888016ec7bb8 EFLAGS: 00010246 [ 201.635422] RAX: 0000000000000000 RBX: ffff88800f6720a8 RCX: 0000000000000000 [ 201.636342] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 201.637236] RBP: ffff888016ec7bd0 R08: ffffed1001ece433 R09: ffffed1001ece433 [ 201.638008] R10: ffff88800f672193 R11: ffffed1001ece432 R12: ffff888013dbb000 [ 201.638814] R13: ffff88800f6721e8 R14: ffffffff8352e670 R15: ffff888016ec7e68 [ 201.639598] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.640478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.641356] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 201.642130] PKRU: 55555554 [ 201.642440] Call Trace: [ 201.642751] [ 201.642999] __iommufd_access_detach+0x1c2/0x2b0 [ 201.643566] iommufd_access_change_pt+0x149/0x270 [ 201.644110] iommufd_access_replace+0xb4/0x120 [ 201.644630] iommufd_test+0x3e5/0x37e0 [ 201.645149] ? lock_release+0x532/0x770 [ 201.645785] ? __might_fault+0x102/0x1b0 [ 201.646241] ? lock_acquire+0x427/0x4c0 [ 201.646720] ? __pfx_iommufd_test+0x10/0x10 [ 201.647209] ? __pfx_lock_release+0x10/0x10 [ 201.647689] ? __pfx_lock_acquire+0x10/0x10 [ 201.648173] ? write_comp_data+0x2f/0x90 [ 201.648641] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.649213] ? write_comp_data+0x2f/0x90 [ 201.649826] iommufd_fops_ioctl+0x37d/0x510 [ 201.650406] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.650973] ? write_comp_data+0x2f/0x90 [ 201.651451] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.651984] __x64_sys_ioctl+0x1a3/0x230 [ 201.652450] do_syscall_64+0x3b/0x90 [ 201.652876] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.653457] RIP: 0033:0x7f4b8743ee5d [ 201.653927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.656180] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.657016] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.657791] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.658586] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.659579] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.660487] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.661341] [ 201.661601] irq event stamp: 0 [ 201.661944] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.662661] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.663588] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.664767] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.665459] ---[ end trace 0000000000000000 ]--- [ 201.670801] ------------[ cut here ]------------ [ 201.671396] WARNING: CPU: 1 PID: 1919 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.672648] Modules linked in: [ 201.673120] CPU: 1 PID: 1919 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.674063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.675358] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.675910] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.678260] RSP: 0018:ffff888016ec7bd0 EFLAGS: 00010246 [ 201.678897] RAX: 0000000000000000 RBX: ffff88800f6720a8 RCX: 0000000000000000 [ 201.679681] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 201.680549] RBP: ffff888016ec7be8 R08: ffffed1001ece433 R09: ffffed1001ece433 [ 201.681324] R10: ffff88800f672193 R11: ffffed1001ece432 R12: ffff8880142a7c00 [ 201.682328] R13: ffff88800f6721e8 R14: ffff8880218cf700 R15: 0000000000000000 [ 201.683238] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.684115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.684745] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 201.685523] PKRU: 55555554 [ 201.685835] Call Trace: [ 201.686117] [ 201.686369] iommufd_access_destroy_object+0x65/0x170 [ 201.687189] iommufd_object_destroy_user+0x18e/0x220 [ 201.687753] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.688385] iommufd_access_destroy+0x43/0x70 [ 201.688885] iommufd_test_staccess_release+0x8d/0xd0 [ 201.689456] __fput+0x26d/0xa40 [ 201.689843] ____fput+0x1e/0x30 [ 201.690218] task_work_run+0x1a4/0x2d0 [ 201.690747] ? __pfx_task_work_run+0x10/0x10 [ 201.691463] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.692010] ? switch_task_namespaces+0xa9/0xe0 [ 201.692536] do_exit+0xb17/0x2ef0 [ 201.692984] ? lock_acquire+0x427/0x4c0 [ 201.693437] ? __pfx_lock_release+0x10/0x10 [ 201.693918] ? __kasan_check_write+0x18/0x20 [ 201.694404] ? do_raw_spin_lock+0x132/0x2a0 [ 201.694903] ? __pfx_do_exit+0x10/0x10 [ 201.695491] ? debug_smp_processor_id+0x20/0x30 [ 201.696142] ? rcu_is_watching+0x19/0xb0 [ 201.696584] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.697086] ? trace_hardirqs_on+0x26/0x120 [ 201.697569] do_group_exit+0xe0/0x2b0 [ 201.697987] __x64_sys_exit_group+0x47/0x50 [ 201.698460] do_syscall_64+0x3b/0x90 [ 201.698905] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.699513] RIP: 0033:0x7f4b87518a4d [ 201.700046] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.700834] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.701655] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.702418] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.703217] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.704110] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.705047] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.705820] [ 201.706079] irq event stamp: 0 [ 201.706424] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.707137] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.708095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.709246] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.709937] ---[ end trace 0000000000000000 ]--- [ 201.713137] ------------[ cut here ]------------ [ 201.713685] WARNING: CPU: 1 PID: 1919 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.714826] Modules linked in: [ 201.715186] CPU: 1 PID: 1919 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.716264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.717656] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.718212] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.720219] RSP: 0018:ffff888016ec7b78 EFLAGS: 00010246 [ 201.721056] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.721834] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 201.722630] RBP: ffff888016ec7b98 R08: ffffed1001ece43e R09: ffffed1001ece43e [ 201.723416] R10: ffff88800f6721ef R11: ffffed1001ece43d R12: ffff88800f672290 [ 201.724184] R13: ffff88800f6720a8 R14: ffffffffffffffff R15: ffff888016ec7c60 [ 201.725281] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.726259] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.726913] CR2: 00007f82e2a98030 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 201.727692] PKRU: 55555554 [ 201.728001] Call Trace: [ 201.728279] [ 201.728531] iommufd_ioas_destroy+0x53/0x70 [ 201.729016] iommufd_fops_release+0x1f7/0x370 [ 201.729685] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.730271] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.730824] ? write_comp_data+0x2f/0x90 [ 201.731289] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.731829] __fput+0x26d/0xa40 [ 201.732205] ____fput+0x1e/0x30 [ 201.732577] task_work_run+0x1a4/0x2d0 [ 201.733023] ? __pfx_task_work_run+0x10/0x10 [ 201.733536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.734285] ? switch_task_namespaces+0xa9/0xe0 [ 201.734849] do_exit+0xb17/0x2ef0 [ 201.735250] ? lock_acquire+0x427/0x4c0 [ 201.735692] ? __pfx_lock_release+0x10/0x10 [ 201.736173] ? __kasan_check_write+0x18/0x20 [ 201.736659] ? do_raw_spin_lock+0x132/0x2a0 [ 201.737128] ? __pfx_do_exit+0x10/0x10 [ 201.737556] ? debug_smp_processor_id+0x20/0x30 [ 201.738059] ? rcu_is_watching+0x19/0xb0 [ 201.738550] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.739037] ? trace_hardirqs_on+0x26/0x120 [ 201.739545] do_group_exit+0xe0/0x2b0 [ 201.739965] __x64_sys_exit_group+0x47/0x50 [ 201.740427] do_syscall_64+0x3b/0x90 [ 201.740849] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.741507] RIP: 0033:0x7f4b87518a4d [ 201.742087] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.742849] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.743688] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.744456] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.745225] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.746111] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.747068] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.747858] [ 201.748112] irq event stamp: 0 [ 201.748450] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.749127] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.750046] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.751135] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.751985] ---[ end trace 0000000000000000 ]--- [ 201.758877] ------------[ cut here ]------------ [ 201.759458] WARNING: CPU: 1 PID: 1920 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.760839] Modules linked in: [ 201.761304] CPU: 1 PID: 1920 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.762230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.763486] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.764016] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.766232] RSP: 0018:ffff888016677bb8 EFLAGS: 00010246 [ 201.766826] RAX: 0000000000000000 RBX: ffff8880160990a8 RCX: 0000000000000000 [ 201.767596] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 201.768342] RBP: ffff888016677bd0 R08: ffffed1002c13233 R09: ffffed1002c13233 [ 201.769102] R10: ffff888016099193 R11: ffffed1002c13232 R12: ffff888013b23000 [ 201.770119] R13: ffff8880160991e8 R14: ffffffff8352e670 R15: ffff888016677e68 [ 201.770920] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.771807] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.772434] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 201.773191] PKRU: 55555554 [ 201.773496] Call Trace: [ 201.773811] [ 201.774143] __iommufd_access_detach+0x1c2/0x2b0 [ 201.774858] iommufd_access_change_pt+0x149/0x270 [ 201.775399] iommufd_access_replace+0xb4/0x120 [ 201.775897] iommufd_test+0x3e5/0x37e0 [ 201.776303] ? lock_release+0x532/0x770 [ 201.776754] ? __might_fault+0x102/0x1b0 [ 201.777189] ? lock_acquire+0x427/0x4c0 [ 201.777612] ? __pfx_iommufd_test+0x10/0x10 [ 201.778066] ? __pfx_lock_release+0x10/0x10 [ 201.778658] ? __pfx_lock_acquire+0x10/0x10 [ 201.779288] ? write_comp_data+0x2f/0x90 [ 201.779733] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.780252] ? write_comp_data+0x2f/0x90 [ 201.780690] iommufd_fops_ioctl+0x37d/0x510 [ 201.781150] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.781671] ? write_comp_data+0x2f/0x90 [ 201.782108] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.782673] __x64_sys_ioctl+0x1a3/0x230 [ 201.783129] do_syscall_64+0x3b/0x90 [ 201.783530] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.784201] RIP: 0033:0x7f4b8743ee5d [ 201.784729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.786815] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.787613] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.788349] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.789249] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.790275] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.791061] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.791821] [ 201.792063] irq event stamp: 0 [ 201.792390] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.793036] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.793874] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.794853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.795427] ---[ end trace 0000000000000000 ]--- [ 201.798610] ------------[ cut here ]------------ [ 201.799087] WARNING: CPU: 1 PID: 1920 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.800186] Modules linked in: [ 201.800488] CPU: 1 PID: 1920 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.801284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.802351] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.802956] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.804786] RSP: 0018:ffff888016677bd0 EFLAGS: 00010246 [ 201.805326] RAX: 0000000000000000 RBX: ffff8880160990a8 RCX: 0000000000000000 [ 201.806041] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 201.806920] RBP: ffff888016677be8 R08: ffffed1002c13233 R09: ffffed1002c13233 [ 201.807636] R10: ffff888016099193 R11: ffffed1002c13232 R12: ffff888013db9c00 [ 201.808346] R13: ffff8880160991e8 R14: ffff888012c78500 R15: 0000000000000000 [ 201.809052] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.809851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.810574] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 201.811301] PKRU: 55555554 [ 201.811586] Call Trace: [ 201.811843] [ 201.812071] iommufd_access_destroy_object+0x65/0x170 [ 201.812594] iommufd_object_destroy_user+0x18e/0x220 [ 201.813181] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.813809] iommufd_access_destroy+0x43/0x70 [ 201.814253] iommufd_test_staccess_release+0x8d/0xd0 [ 201.814784] __fput+0x26d/0xa40 [ 201.815140] ____fput+0x1e/0x30 [ 201.815552] task_work_run+0x1a4/0x2d0 [ 201.816001] ? __pfx_task_work_run+0x10/0x10 [ 201.816437] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.816920] ? switch_task_namespaces+0xa9/0xe0 [ 201.817426] do_exit+0xb17/0x2ef0 [ 201.817855] ? lock_acquire+0x427/0x4c0 [ 201.818260] ? __pfx_lock_release+0x10/0x10 [ 201.818717] ? __kasan_check_write+0x18/0x20 [ 201.819166] ? do_raw_spin_lock+0x132/0x2a0 [ 201.819596] ? __pfx_do_exit+0x10/0x10 [ 201.820057] ? debug_smp_processor_id+0x20/0x30 [ 201.820580] ? rcu_is_watching+0x19/0xb0 [ 201.821061] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.821513] ? trace_hardirqs_on+0x26/0x120 [ 201.821942] do_group_exit+0xe0/0x2b0 [ 201.822380] __x64_sys_exit_group+0x47/0x50 [ 201.822882] do_syscall_64+0x3b/0x90 [ 201.823279] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.823800] RIP: 0033:0x7f4b87518a4d [ 201.824169] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.824850] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.825655] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.826360] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.827227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.827930] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.828629] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.829387] [ 201.829669] irq event stamp: 0 [ 201.829982] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.830643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.831473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.832410] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.833007] ---[ end trace 0000000000000000 ]--- [ 201.833817] ------------[ cut here ]------------ [ 201.834314] WARNING: CPU: 1 PID: 1920 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.835328] Modules linked in: [ 201.835640] CPU: 1 PID: 1920 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.836575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.837636] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.838182] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.840031] RSP: 0018:ffff888016677b78 EFLAGS: 00010246 [ 201.840598] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.841275] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 201.841957] RBP: ffff888016677b98 R08: ffffed1002c1323e R09: ffffed1002c1323e [ 201.842786] R10: ffff8880160991ef R11: ffffed1002c1323d R12: ffff888016099290 [ 201.843483] R13: ffff8880160990a8 R14: ffffffffffffffff R15: ffff888016677c60 [ 201.844161] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.845048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.845602] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 201.846282] PKRU: 55555554 [ 201.846595] Call Trace: [ 201.846915] [ 201.847142] iommufd_ioas_destroy+0x53/0x70 [ 201.847576] iommufd_fops_release+0x1f7/0x370 [ 201.848012] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.848495] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.849001] ? write_comp_data+0x2f/0x90 [ 201.849481] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.849963] __fput+0x26d/0xa40 [ 201.850292] ____fput+0x1e/0x30 [ 201.850641] task_work_run+0x1a4/0x2d0 [ 201.851023] ? __pfx_task_work_run+0x10/0x10 [ 201.851526] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.852047] ? switch_task_namespaces+0xa9/0xe0 [ 201.852505] do_exit+0xb17/0x2ef0 [ 201.852842] ? lock_acquire+0x427/0x4c0 [ 201.853291] ? __pfx_lock_release+0x10/0x10 [ 201.853813] ? __kasan_check_write+0x18/0x20 [ 201.854235] ? do_raw_spin_lock+0x132/0x2a0 [ 201.854668] ? __pfx_do_exit+0x10/0x10 [ 201.855048] ? debug_smp_processor_id+0x20/0x30 [ 201.855510] ? rcu_is_watching+0x19/0xb0 [ 201.855960] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.856441] ? trace_hardirqs_on+0x26/0x120 [ 201.856859] do_group_exit+0xe0/0x2b0 [ 201.857222] __x64_sys_exit_group+0x47/0x50 [ 201.857627] do_syscall_64+0x3b/0x90 [ 201.858081] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.858617] RIP: 0033:0x7f4b87518a4d [ 201.858980] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.859575] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.860355] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.861093] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.861768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.862569] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.863276] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.863960] [ 201.864186] irq event stamp: 0 [ 201.864518] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.865207] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.866005] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.866928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.867547] ---[ end trace 0000000000000000 ]--- [ 201.871600] ------------[ cut here ]------------ [ 201.872109] WARNING: CPU: 1 PID: 1921 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.873167] Modules linked in: [ 201.873479] CPU: 1 PID: 1921 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.874303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.875537] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.876014] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.877859] RSP: 0018:ffff888016ec7bb8 EFLAGS: 00010246 [ 201.878368] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 201.879093] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 201.879847] RBP: ffff888016ec7bd0 R08: ffffed100208c133 R09: ffffed100208c133 [ 201.880530] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff8880129c6c00 [ 201.881223] R13: ffff8880104609e8 R14: ffffffff8352e670 R15: ffff888016ec7e68 [ 201.881986] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.882778] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.883352] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 201.884146] PKRU: 55555554 [ 201.884416] Call Trace: [ 201.884662] [ 201.884875] __iommufd_access_detach+0x1c2/0x2b0 [ 201.885439] iommufd_access_change_pt+0x149/0x270 [ 201.885990] iommufd_access_replace+0xb4/0x120 [ 201.886440] iommufd_test+0x3e5/0x37e0 [ 201.886843] ? lock_release+0x532/0x770 [ 201.887249] ? __might_fault+0x102/0x1b0 [ 201.887647] ? lock_acquire+0x427/0x4c0 [ 201.888095] ? __pfx_iommufd_test+0x10/0x10 [ 201.888578] ? __pfx_lock_release+0x10/0x10 [ 201.888999] ? __pfx_lock_acquire+0x10/0x10 [ 201.889417] ? write_comp_data+0x2f/0x90 [ 201.889821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.890381] ? write_comp_data+0x2f/0x90 [ 201.890817] iommufd_fops_ioctl+0x37d/0x510 [ 201.891414] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.892020] ? write_comp_data+0x2f/0x90 [ 201.892524] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 201.893140] __x64_sys_ioctl+0x1a3/0x230 [ 201.893772] do_syscall_64+0x3b/0x90 [ 201.894240] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.894990] RIP: 0033:0x7f4b8743ee5d [ 201.895461] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 201.897592] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 201.898492] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 201.899398] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 201.900237] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 201.901081] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 201.901923] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 201.902820] [ 201.903110] irq event stamp: 0 [ 201.903508] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.904255] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.905242] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.906222] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.907009] ---[ end trace 0000000000000000 ]--- [ 201.911696] ------------[ cut here ]------------ [ 201.912283] WARNING: CPU: 1 PID: 1921 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.913475] Modules linked in: [ 201.913861] CPU: 1 PID: 1921 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.914933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.916267] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.916863] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 201.919049] RSP: 0018:ffff888016ec7bd0 EFLAGS: 00010246 [ 201.919717] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 201.920540] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 201.921359] RBP: ffff888016ec7be8 R08: ffffed100208c133 R09: ffffed100208c133 [ 201.922172] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff888013b21c00 [ 201.923027] R13: ffff8880104609e8 R14: ffff888012de2300 R15: 0000000000000000 [ 201.923864] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.924765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.925416] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 201.926213] PKRU: 55555554 [ 201.926577] Call Trace: [ 201.926876] [ 201.927151] iommufd_access_destroy_object+0x65/0x170 [ 201.927744] iommufd_object_destroy_user+0x18e/0x220 [ 201.928325] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 201.928990] iommufd_access_destroy+0x43/0x70 [ 201.929520] iommufd_test_staccess_release+0x8d/0xd0 [ 201.930107] __fput+0x26d/0xa40 [ 201.930559] ____fput+0x1e/0x30 [ 201.930960] task_work_run+0x1a4/0x2d0 [ 201.931430] ? __pfx_task_work_run+0x10/0x10 [ 201.931940] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.932505] ? switch_task_namespaces+0xa9/0xe0 [ 201.933054] do_exit+0xb17/0x2ef0 [ 201.933453] ? lock_acquire+0x427/0x4c0 [ 201.933921] ? __pfx_lock_release+0x10/0x10 [ 201.934421] ? __kasan_check_write+0x18/0x20 [ 201.934968] ? do_raw_spin_lock+0x132/0x2a0 [ 201.935476] ? __pfx_do_exit+0x10/0x10 [ 201.935934] ? debug_smp_processor_id+0x20/0x30 [ 201.936469] ? rcu_is_watching+0x19/0xb0 [ 201.936934] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.937457] ? trace_hardirqs_on+0x26/0x120 [ 201.937956] do_group_exit+0xe0/0x2b0 [ 201.938393] __x64_sys_exit_group+0x47/0x50 [ 201.938915] do_syscall_64+0x3b/0x90 [ 201.939370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.939969] RIP: 0033:0x7f4b87518a4d [ 201.940395] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.941088] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.941936] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.942767] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.943585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.944380] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.945179] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.945993] [ 201.946264] irq event stamp: 0 [ 201.946658] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.947373] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.948299] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.949216] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.949915] ---[ end trace 0000000000000000 ]--- [ 201.951090] ------------[ cut here ]------------ [ 201.951624] WARNING: CPU: 1 PID: 1921 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 201.952740] Modules linked in: [ 201.953102] CPU: 1 PID: 1921 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.954056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.955333] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 201.955908] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 201.957885] RSP: 0018:ffff888016ec7b78 EFLAGS: 00010246 [ 201.958470] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 201.959288] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 201.960071] RBP: ffff888016ec7b98 R08: ffffed100208c13e R09: ffffed100208c13e [ 201.960853] R10: ffff8880104609ef R11: ffffed100208c13d R12: ffff888010460a90 [ 201.961634] R13: ffff8880104608a8 R14: ffffffffffffffff R15: ffff888016ec7c60 [ 201.962416] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 201.963347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.963991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 201.964780] PKRU: 55555554 [ 201.965097] Call Trace: [ 201.965388] [ 201.965647] iommufd_ioas_destroy+0x53/0x70 [ 201.966139] iommufd_fops_release+0x1f7/0x370 [ 201.966689] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.967259] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.967812] ? write_comp_data+0x2f/0x90 [ 201.968279] ? __pfx_iommufd_fops_release+0x10/0x10 [ 201.968838] __fput+0x26d/0xa40 [ 201.969230] ____fput+0x1e/0x30 [ 201.969614] task_work_run+0x1a4/0x2d0 [ 201.970061] ? __pfx_task_work_run+0x10/0x10 [ 201.970595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 201.971160] ? switch_task_namespaces+0xa9/0xe0 [ 201.971697] do_exit+0xb17/0x2ef0 [ 201.972088] ? lock_acquire+0x427/0x4c0 [ 201.972546] ? __pfx_lock_release+0x10/0x10 [ 201.973037] ? __kasan_check_write+0x18/0x20 [ 201.973534] ? do_raw_spin_lock+0x132/0x2a0 [ 201.974017] ? __pfx_do_exit+0x10/0x10 [ 201.974464] ? debug_smp_processor_id+0x20/0x30 [ 201.975019] ? rcu_is_watching+0x19/0xb0 [ 201.975498] ? _raw_spin_unlock_irq+0x2b/0x60 [ 201.976017] ? trace_hardirqs_on+0x26/0x120 [ 201.976509] do_group_exit+0xe0/0x2b0 [ 201.976938] __x64_sys_exit_group+0x47/0x50 [ 201.977421] do_syscall_64+0x3b/0x90 [ 201.977851] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 201.978430] RIP: 0033:0x7f4b87518a4d [ 201.978876] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 201.979737] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 201.980570] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 201.981343] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 201.982117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 201.982934] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 201.983727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 201.984513] [ 201.984776] irq event stamp: 0 [ 201.985127] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 201.985816] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 201.986751] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 201.987670] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 201.988361] ---[ end trace 0000000000000000 ]--- [ 201.993974] ------------[ cut here ]------------ [ 201.994499] WARNING: CPU: 1 PID: 1922 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 201.995894] Modules linked in: [ 201.996245] CPU: 1 PID: 1922 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 201.997164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 201.998342] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 201.998908] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.000825] RSP: 0018:ffff888012da7bb8 EFLAGS: 00010246 [ 202.001390] RAX: 0000000000000000 RBX: ffff888010b9f0a8 RCX: 0000000000000000 [ 202.002135] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 202.002917] RBP: ffff888012da7bd0 R08: ffffed1002173e33 R09: ffffed1002173e33 [ 202.003682] R10: ffff888010b9f193 R11: ffffed1002173e32 R12: ffff888012e90000 [ 202.004432] R13: ffff888010b9f1e8 R14: ffffffff8352e670 R15: ffff888012da7e68 [ 202.005181] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.006022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.006667] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 202.007435] PKRU: 55555554 [ 202.007742] Call Trace: [ 202.008021] [ 202.008269] __iommufd_access_detach+0x1c2/0x2b0 [ 202.008795] iommufd_access_change_pt+0x149/0x270 [ 202.009324] iommufd_access_replace+0xb4/0x120 [ 202.009828] iommufd_test+0x3e5/0x37e0 [ 202.010249] ? lock_release+0x532/0x770 [ 202.010722] ? __might_fault+0x102/0x1b0 [ 202.011183] ? lock_acquire+0x427/0x4c0 [ 202.011628] ? __pfx_iommufd_test+0x10/0x10 [ 202.012088] ? __pfx_lock_release+0x10/0x10 [ 202.012568] ? __pfx_lock_acquire+0x10/0x10 [ 202.013049] ? write_comp_data+0x2f/0x90 [ 202.013501] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.014031] ? write_comp_data+0x2f/0x90 [ 202.014483] iommufd_fops_ioctl+0x37d/0x510 [ 202.014995] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.015538] ? write_comp_data+0x2f/0x90 [ 202.015988] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.016510] __x64_sys_ioctl+0x1a3/0x230 [ 202.016959] do_syscall_64+0x3b/0x90 [ 202.017374] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.017935] RIP: 0033:0x7f4b8743ee5d [ 202.018336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.020107] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.020667] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.021184] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.021686] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.022200] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.022722] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.023253] [ 202.023420] irq event stamp: 0 [ 202.023646] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.024107] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.024701] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.025301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.025746] ---[ end trace 0000000000000000 ]--- [ 202.028410] ------------[ cut here ]------------ [ 202.028771] WARNING: CPU: 1 PID: 1922 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.029500] Modules linked in: [ 202.029730] CPU: 1 PID: 1922 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.030352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.031197] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.031559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.032876] RSP: 0018:ffff888012da7bd0 EFLAGS: 00010246 [ 202.033255] RAX: 0000000000000000 RBX: ffff888010b9f0a8 RCX: 0000000000000000 [ 202.033772] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 202.034280] RBP: ffff888012da7be8 R08: ffffed1002173e33 R09: ffffed1002173e33 [ 202.034806] R10: ffff888010b9f193 R11: ffffed1002173e32 R12: ffff8880129c7000 [ 202.035340] R13: ffff888010b9f1e8 R14: ffff88800f5da300 R15: 0000000000000000 [ 202.035849] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.036435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.036849] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.037371] PKRU: 55555554 [ 202.037573] Call Trace: [ 202.037757] [ 202.037919] iommufd_access_destroy_object+0x65/0x170 [ 202.038304] iommufd_object_destroy_user+0x18e/0x220 [ 202.038692] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.039114] iommufd_access_destroy+0x43/0x70 [ 202.039466] iommufd_test_staccess_release+0x8d/0xd0 [ 202.039838] __fput+0x26d/0xa40 [ 202.040089] ____fput+0x1e/0x30 [ 202.040347] task_work_run+0x1a4/0x2d0 [ 202.040641] ? __pfx_task_work_run+0x10/0x10 [ 202.040962] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.041334] ? switch_task_namespaces+0xa9/0xe0 [ 202.041681] do_exit+0xb17/0x2ef0 [ 202.041931] ? lock_acquire+0x427/0x4c0 [ 202.042224] ? __pfx_lock_release+0x10/0x10 [ 202.042574] ? __kasan_check_write+0x18/0x20 [ 202.042897] ? do_raw_spin_lock+0x132/0x2a0 [ 202.043217] ? __pfx_do_exit+0x10/0x10 [ 202.043524] ? debug_smp_processor_id+0x20/0x30 [ 202.043863] ? rcu_is_watching+0x19/0xb0 [ 202.044158] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.044488] ? trace_hardirqs_on+0x26/0x120 [ 202.044816] do_group_exit+0xe0/0x2b0 [ 202.045096] __x64_sys_exit_group+0x47/0x50 [ 202.045406] do_syscall_64+0x3b/0x90 [ 202.045697] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.046076] RIP: 0033:0x7f4b87518a4d [ 202.046344] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.046815] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.047374] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.047892] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.048395] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.048915] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.049424] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.049955] [ 202.050128] irq event stamp: 0 [ 202.050354] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.050844] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.051463] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.052062] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.052525] ---[ end trace 0000000000000000 ]--- [ 202.053225] ------------[ cut here ]------------ [ 202.053571] WARNING: CPU: 1 PID: 1922 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.054308] Modules linked in: [ 202.054576] CPU: 1 PID: 1922 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.055213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.056030] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.056402] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.057724] RSP: 0018:ffff888012da7b78 EFLAGS: 00010246 [ 202.058109] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.058678] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 202.059199] RBP: ffff888012da7b98 R08: ffffed1002173e3e R09: ffffed1002173e3e [ 202.059717] R10: ffff888010b9f1ef R11: ffffed1002173e3d R12: ffff888010b9f290 [ 202.060223] R13: ffff888010b9f0a8 R14: ffffffffffffffff R15: ffff888012da7c60 [ 202.060730] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.061327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.061754] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.062286] PKRU: 55555554 [ 202.062494] Call Trace: [ 202.062708] [ 202.062879] iommufd_ioas_destroy+0x53/0x70 [ 202.063231] iommufd_fops_release+0x1f7/0x370 [ 202.063571] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.063941] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.064321] ? write_comp_data+0x2f/0x90 [ 202.064631] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.064998] __fput+0x26d/0xa40 [ 202.065266] ____fput+0x1e/0x30 [ 202.065524] task_work_run+0x1a4/0x2d0 [ 202.065820] ? __pfx_task_work_run+0x10/0x10 [ 202.066146] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.066542] ? switch_task_namespaces+0xa9/0xe0 [ 202.066898] do_exit+0xb17/0x2ef0 [ 202.067166] ? lock_acquire+0x427/0x4c0 [ 202.067479] ? __pfx_lock_release+0x10/0x10 [ 202.067804] ? __kasan_check_write+0x18/0x20 [ 202.068132] ? do_raw_spin_lock+0x132/0x2a0 [ 202.068465] ? __pfx_do_exit+0x10/0x10 [ 202.068763] ? debug_smp_processor_id+0x20/0x30 [ 202.069108] ? rcu_is_watching+0x19/0xb0 [ 202.069414] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.069762] ? trace_hardirqs_on+0x26/0x120 [ 202.070085] do_group_exit+0xe0/0x2b0 [ 202.070367] __x64_sys_exit_group+0x47/0x50 [ 202.070717] do_syscall_64+0x3b/0x90 [ 202.071003] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.071399] RIP: 0033:0x7f4b87518a4d [ 202.071684] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.072131] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.072702] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.073221] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.073746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.074276] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.074820] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.075371] [ 202.075545] irq event stamp: 0 [ 202.075777] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.076248] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.076860] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.077480] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.077945] ---[ end trace 0000000000000000 ]--- [ 202.081694] ------------[ cut here ]------------ [ 202.082132] WARNING: CPU: 0 PID: 1923 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.083221] Modules linked in: [ 202.083498] CPU: 0 PID: 1923 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.084233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.085353] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.085775] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.087333] RSP: 0018:ffff888016ec7bb8 EFLAGS: 00010246 [ 202.087786] RAX: 0000000000000000 RBX: ffff888013ecc8a8 RCX: 0000000000000000 [ 202.088381] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 202.088975] RBP: ffff888016ec7bd0 R08: ffffed10027d9933 R09: ffffed10027d9933 [ 202.089568] R10: ffff888013ecc993 R11: ffffed10027d9932 R12: ffff88800ae92800 [ 202.090161] R13: ffff888013ecc9e8 R14: ffffffff8352e670 R15: ffff888016ec7e68 [ 202.090766] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 202.091447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.091936] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 202.092533] PKRU: 55555554 [ 202.092772] Call Trace: [ 202.092989] [ 202.093182] __iommufd_access_detach+0x1c2/0x2b0 [ 202.093592] iommufd_access_change_pt+0x149/0x270 [ 202.094005] iommufd_access_replace+0xb4/0x120 [ 202.094400] iommufd_test+0x3e5/0x37e0 [ 202.094753] ? lock_release+0x532/0x770 [ 202.095102] ? __might_fault+0x102/0x1b0 [ 202.095460] ? lock_acquire+0x427/0x4c0 [ 202.095802] ? __pfx_iommufd_test+0x10/0x10 [ 202.096165] ? __pfx_lock_release+0x10/0x10 [ 202.096535] ? __pfx_lock_acquire+0x10/0x10 [ 202.096905] ? write_comp_data+0x2f/0x90 [ 202.097258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.097672] ? write_comp_data+0x2f/0x90 [ 202.098019] iommufd_fops_ioctl+0x37d/0x510 [ 202.098384] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.098813] ? write_comp_data+0x2f/0x90 [ 202.099170] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.099582] __x64_sys_ioctl+0x1a3/0x230 [ 202.099937] do_syscall_64+0x3b/0x90 [ 202.100262] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.100710] RIP: 0033:0x7f4b8743ee5d [ 202.101030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.102573] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.103218] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.103819] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.104410] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.105004] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.105597] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.106197] [ 202.106391] irq event stamp: 0 [ 202.106680] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.107215] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.107921] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.108616] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.109219] ---[ end trace 0000000000000000 ]--- [ 202.112179] ------------[ cut here ]------------ [ 202.112591] WARNING: CPU: 0 PID: 1923 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.113485] Modules linked in: [ 202.113867] CPU: 0 PID: 1923 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.114614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.115713] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.116133] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.117810] RSP: 0018:ffff888016ec7bd0 EFLAGS: 00010246 [ 202.118258] RAX: 0000000000000000 RBX: ffff888013ecc8a8 RCX: 0000000000000000 [ 202.118905] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 202.119625] RBP: ffff888016ec7be8 R08: ffffed10027d9933 R09: ffffed10027d9933 [ 202.120229] R10: ffff888013ecc993 R11: ffffed10027d9932 R12: ffff888010b0e800 [ 202.120870] R13: ffff888013ecc9e8 R14: ffff888015acbc00 R15: 0000000000000000 [ 202.121573] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 202.122258] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.122900] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 202.123536] PKRU: 55555554 [ 202.123785] Call Trace: [ 202.124006] [ 202.124202] iommufd_access_destroy_object+0x65/0x170 [ 202.124804] iommufd_object_destroy_user+0x18e/0x220 [ 202.125252] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.125760] iommufd_access_destroy+0x43/0x70 [ 202.126203] iommufd_test_staccess_release+0x8d/0xd0 [ 202.126800] __fput+0x26d/0xa40 [ 202.127105] ____fput+0x1e/0x30 [ 202.127407] task_work_run+0x1a4/0x2d0 [ 202.127775] ? __pfx_task_work_run+0x10/0x10 [ 202.128280] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.128727] ? switch_task_namespaces+0xa9/0xe0 [ 202.129157] do_exit+0xb17/0x2ef0 [ 202.129473] ? lock_acquire+0x427/0x4c0 [ 202.129840] ? __pfx_lock_release+0x10/0x10 [ 202.130406] ? __kasan_check_write+0x18/0x20 [ 202.130821] ? do_raw_spin_lock+0x132/0x2a0 [ 202.131216] ? __pfx_do_exit+0x10/0x10 [ 202.131575] ? debug_smp_processor_id+0x20/0x30 [ 202.132006] ? rcu_is_watching+0x19/0xb0 [ 202.132520] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.132931] ? trace_hardirqs_on+0x26/0x120 [ 202.133315] do_group_exit+0xe0/0x2b0 [ 202.133653] __x64_sys_exit_group+0x47/0x50 [ 202.134161] do_syscall_64+0x3b/0x90 [ 202.134501] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.134998] RIP: 0033:0x7f4b87518a4d [ 202.135341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.136016] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.136682] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.137315] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.138044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.138698] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.139463] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.140091] [ 202.140297] irq event stamp: 0 [ 202.140577] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.141333] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.142062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.142934] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.143500] ---[ end trace 0000000000000000 ]--- [ 202.145538] ------------[ cut here ]------------ [ 202.146012] WARNING: CPU: 0 PID: 1923 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.147084] Modules linked in: [ 202.147396] CPU: 0 PID: 1923 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.148194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.149207] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.149671] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.151341] RSP: 0018:ffff888016ec7b78 EFLAGS: 00010246 [ 202.151825] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.152459] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 202.153096] RBP: ffff888016ec7b98 R08: ffffed10027d993e R09: ffffed10027d993e [ 202.153730] R10: ffff888013ecc9ef R11: ffffed10027d993d R12: ffff888013ecca90 [ 202.154369] R13: ffff888013ecc8a8 R14: ffffffffffffffff R15: ffff888016ec7c60 [ 202.155021] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 202.155773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.156295] CR2: 00007f82e2ad4000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 202.156937] PKRU: 55555554 [ 202.157195] Call Trace: [ 202.157428] [ 202.157635] iommufd_ioas_destroy+0x53/0x70 [ 202.158035] iommufd_fops_release+0x1f7/0x370 [ 202.158451] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.158919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.159388] ? write_comp_data+0x2f/0x90 [ 202.159763] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.160217] __fput+0x26d/0xa40 [ 202.160530] ____fput+0x1e/0x30 [ 202.160838] task_work_run+0x1a4/0x2d0 [ 202.161199] ? __pfx_task_work_run+0x10/0x10 [ 202.161601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.162041] ? switch_task_namespaces+0xa9/0xe0 [ 202.162471] do_exit+0xb17/0x2ef0 [ 202.162802] ? lock_acquire+0x427/0x4c0 [ 202.163191] ? __pfx_lock_release+0x10/0x10 [ 202.163590] ? __kasan_check_write+0x18/0x20 [ 202.163992] ? do_raw_spin_lock+0x132/0x2a0 [ 202.164382] ? __pfx_do_exit+0x10/0x10 [ 202.164741] ? debug_smp_processor_id+0x20/0x30 [ 202.165163] ? rcu_is_watching+0x19/0xb0 [ 202.165530] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.165944] ? trace_hardirqs_on+0x26/0x120 [ 202.166342] do_group_exit+0xe0/0x2b0 [ 202.166708] __x64_sys_exit_group+0x47/0x50 [ 202.167099] do_syscall_64+0x3b/0x90 [ 202.167455] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.167933] RIP: 0033:0x7f4b87518a4d [ 202.168268] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.168824] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.169501] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.170141] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.170794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.171443] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.172087] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.172742] [ 202.173040] irq event stamp: 0 [ 202.173330] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.173922] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.174691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.175451] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.176006] ---[ end trace 0000000000000000 ]--- [ 202.181786] ------------[ cut here ]------------ [ 202.182221] WARNING: CPU: 0 PID: 1924 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.183332] Modules linked in: [ 202.183621] CPU: 0 PID: 1924 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.184390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.185382] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.185825] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.187466] RSP: 0018:ffff88800eb5fbb8 EFLAGS: 00010246 [ 202.187935] RAX: 0000000000000000 RBX: ffff8880167700a8 RCX: 0000000000000000 [ 202.188563] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 202.189187] RBP: ffff88800eb5fbd0 R08: ffffed1002cee033 R09: ffffed1002cee033 [ 202.189812] R10: ffff888016770193 R11: ffffed1002cee032 R12: ffff888010e01800 [ 202.190428] R13: ffff8880167701e8 R14: ffffffff8352e670 R15: ffff88800eb5fe68 [ 202.191058] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 202.191758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.192263] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 202.192878] PKRU: 55555554 [ 202.193123] Call Trace: [ 202.193344] [ 202.193541] __iommufd_access_detach+0x1c2/0x2b0 [ 202.193963] iommufd_access_change_pt+0x149/0x270 [ 202.194390] iommufd_access_replace+0xb4/0x120 [ 202.194812] iommufd_test+0x3e5/0x37e0 [ 202.195158] ? lock_release+0x532/0x770 [ 202.195510] ? __might_fault+0x102/0x1b0 [ 202.195869] ? lock_acquire+0x427/0x4c0 [ 202.196223] ? __pfx_iommufd_test+0x10/0x10 [ 202.196598] ? __pfx_lock_release+0x10/0x10 [ 202.196977] ? __pfx_lock_acquire+0x10/0x10 [ 202.197372] ? write_comp_data+0x2f/0x90 [ 202.197734] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.198159] ? write_comp_data+0x2f/0x90 [ 202.198536] iommufd_fops_ioctl+0x37d/0x510 [ 202.198917] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.199579] ? write_comp_data+0x2f/0x90 [ 202.200061] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.200604] __x64_sys_ioctl+0x1a3/0x230 [ 202.201074] do_syscall_64+0x3b/0x90 [ 202.201508] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.202094] RIP: 0033:0x7f4b8743ee5d [ 202.202567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.204574] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.205408] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.206193] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.207023] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.207830] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.208625] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.209438] [ 202.209716] irq event stamp: 0 [ 202.210073] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.210812] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.211765] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.212699] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.213411] ---[ end trace 0000000000000000 ]--- [ 202.218179] ------------[ cut here ]------------ [ 202.218761] WARNING: CPU: 0 PID: 1924 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.219905] Modules linked in: [ 202.220322] CPU: 0 PID: 1924 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.221519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.222816] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.223690] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.225704] RSP: 0018:ffff88800eb5fbd0 EFLAGS: 00010246 [ 202.226698] RAX: 0000000000000000 RBX: ffff8880167700a8 RCX: 0000000000000000 [ 202.227515] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 202.228301] RBP: ffff88800eb5fbe8 R08: ffffed1002cee033 R09: ffffed1002cee033 [ 202.229157] R10: ffff888016770193 R11: ffffed1002cee032 R12: ffff88800ae93400 [ 202.230112] R13: ffff8880167701e8 R14: ffff888020f65300 R15: 0000000000000000 [ 202.230960] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 202.231927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.232788] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 202.233610] PKRU: 55555554 [ 202.233947] Call Trace: [ 202.234253] [ 202.234548] iommufd_access_destroy_object+0x65/0x170 [ 202.235250] iommufd_object_destroy_user+0x18e/0x220 [ 202.235992] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.236685] iommufd_access_destroy+0x43/0x70 [ 202.237232] iommufd_test_staccess_release+0x8d/0xd0 [ 202.237848] __fput+0x26d/0xa40 [ 202.238339] ____fput+0x1e/0x30 [ 202.238955] task_work_run+0x1a4/0x2d0 [ 202.239456] ? __pfx_task_work_run+0x10/0x10 [ 202.239995] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.240585] ? switch_task_namespaces+0xa9/0xe0 [ 202.241161] do_exit+0xb17/0x2ef0 [ 202.241644] ? lock_acquire+0x427/0x4c0 [ 202.242315] ? __pfx_lock_release+0x10/0x10 [ 202.242885] ? __kasan_check_write+0x18/0x20 [ 202.243428] ? do_raw_spin_lock+0x132/0x2a0 [ 202.243930] ? __pfx_do_exit+0x10/0x10 [ 202.244405] ? debug_smp_processor_id+0x20/0x30 [ 202.245199] ? rcu_is_watching+0x19/0xb0 [ 202.245694] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.246237] ? trace_hardirqs_on+0x26/0x120 [ 202.246779] do_group_exit+0xe0/0x2b0 [ 202.247259] __x64_sys_exit_group+0x47/0x50 [ 202.247809] do_syscall_64+0x3b/0x90 [ 202.248461] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.249109] RIP: 0033:0x7f4b87518a4d [ 202.249567] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.250300] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.251294] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.252350] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.253219] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.254084] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.255260] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.255967] [ 202.256185] irq event stamp: 0 [ 202.256485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.257078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.257944] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.258880] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.259494] ---[ end trace 0000000000000000 ]--- [ 202.261895] ------------[ cut here ]------------ [ 202.262363] WARNING: CPU: 0 PID: 1924 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.263394] Modules linked in: [ 202.263704] CPU: 0 PID: 1924 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.264557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.265819] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.266317] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.268168] RSP: 0018:ffff88800eb5fb78 EFLAGS: 00010246 [ 202.268775] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.269564] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 202.270279] RBP: ffff88800eb5fb98 R08: ffffed1002cee03e R09: ffffed1002cee03e [ 202.271021] R10: ffff8880167701ef R11: ffffed1002cee03d R12: ffff888016770290 [ 202.271830] R13: ffff8880167700a8 R14: ffffffffffffffff R15: ffff88800eb5fc60 [ 202.272649] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 202.273444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.274018] CR2: 00007f82e2ade000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 202.274755] PKRU: 55555554 [ 202.275129] Call Trace: [ 202.275543] [ 202.275771] iommufd_ioas_destroy+0x53/0x70 [ 202.276211] iommufd_fops_release+0x1f7/0x370 [ 202.276663] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.277167] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.277658] ? write_comp_data+0x2f/0x90 [ 202.278077] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.278819] __fput+0x26d/0xa40 [ 202.279185] ____fput+0x1e/0x30 [ 202.279527] task_work_run+0x1a4/0x2d0 [ 202.279923] ? __pfx_task_work_run+0x10/0x10 [ 202.280387] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.280899] ? switch_task_namespaces+0xa9/0xe0 [ 202.281397] do_exit+0xb17/0x2ef0 [ 202.281846] ? lock_acquire+0x427/0x4c0 [ 202.282430] ? __pfx_lock_release+0x10/0x10 [ 202.282928] ? __kasan_check_write+0x18/0x20 [ 202.283438] ? do_raw_spin_lock+0x132/0x2a0 [ 202.283901] ? __pfx_do_exit+0x10/0x10 [ 202.284326] ? debug_smp_processor_id+0x20/0x30 [ 202.284824] ? rcu_is_watching+0x19/0xb0 [ 202.285293] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.285964] ? trace_hardirqs_on+0x26/0x120 [ 202.286423] do_group_exit+0xe0/0x2b0 [ 202.286843] __x64_sys_exit_group+0x47/0x50 [ 202.287314] do_syscall_64+0x3b/0x90 [ 202.287721] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.288264] RIP: 0033:0x7f4b87518a4d [ 202.288648] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.289356] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.290298] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.291152] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.291884] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.292651] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.293567] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.294349] [ 202.294644] irq event stamp: 0 [ 202.294991] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.295719] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.296768] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.297845] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.298569] ---[ end trace 0000000000000000 ]--- [ 202.311662] ------------[ cut here ]------------ [ 202.312407] WARNING: CPU: 1 PID: 1925 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.314011] Modules linked in: [ 202.314454] CPU: 1 PID: 1925 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.315694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.317418] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.318102] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.320809] RSP: 0018:ffff88801438fbb8 EFLAGS: 00010246 [ 202.321555] RAX: 0000000000000000 RBX: ffff8880209ba0a8 RCX: 0000000000000000 [ 202.322763] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 202.323740] RBP: ffff88801438fbd0 R08: ffffed1004137433 R09: ffffed1004137433 [ 202.324488] R10: ffff8880209ba193 R11: ffffed1004137432 R12: ffff888014393c00 [ 202.325220] R13: ffff8880209ba1e8 R14: ffffffff8352e670 R15: ffff88801438fe68 [ 202.326000] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.327218] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.328079] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 202.328984] PKRU: 55555554 [ 202.329356] Call Trace: [ 202.329834] [ 202.330202] __iommufd_access_detach+0x1c2/0x2b0 [ 202.330906] iommufd_access_change_pt+0x149/0x270 [ 202.331763] iommufd_access_replace+0xb4/0x120 [ 202.332785] iommufd_test+0x3e5/0x37e0 [ 202.333337] ? lock_release+0x532/0x770 [ 202.333906] ? __might_fault+0x102/0x1b0 [ 202.334647] ? lock_acquire+0x427/0x4c0 [ 202.335279] ? __pfx_iommufd_test+0x10/0x10 [ 202.335884] ? __pfx_lock_release+0x10/0x10 [ 202.336513] ? __pfx_lock_acquire+0x10/0x10 [ 202.337141] ? write_comp_data+0x2f/0x90 [ 202.337717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.338385] ? write_comp_data+0x2f/0x90 [ 202.339048] iommufd_fops_ioctl+0x37d/0x510 [ 202.339700] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.340396] ? write_comp_data+0x2f/0x90 [ 202.341005] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.341869] __x64_sys_ioctl+0x1a3/0x230 [ 202.342456] do_syscall_64+0x3b/0x90 [ 202.343085] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.343862] RIP: 0033:0x7f4b8743ee5d [ 202.344603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.347344] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.348379] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.349462] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.350631] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.351617] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.352563] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.353537] [ 202.353875] irq event stamp: 0 [ 202.354314] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.355264] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.356392] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.357523] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.358383] ---[ end trace 0000000000000000 ]--- [ 202.363629] ------------[ cut here ]------------ [ 202.364176] WARNING: CPU: 1 PID: 1925 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.365266] Modules linked in: [ 202.365605] CPU: 1 PID: 1925 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.366571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.367758] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.368263] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.370110] RSP: 0018:ffff88801438fbd0 EFLAGS: 00010246 [ 202.370693] RAX: 0000000000000000 RBX: ffff8880209ba0a8 RCX: 0000000000000000 [ 202.371427] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 202.372143] RBP: ffff88801438fbe8 R08: ffffed1004137433 R09: ffffed1004137433 [ 202.372859] R10: ffff8880209ba193 R11: ffffed1004137432 R12: ffff888012e93000 [ 202.373580] R13: ffff8880209ba1e8 R14: ffff88800ca5a400 R15: 0000000000000000 [ 202.374305] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.375181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.375790] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.376513] PKRU: 55555554 [ 202.376800] Call Trace: [ 202.377060] [ 202.377294] iommufd_access_destroy_object+0x65/0x170 [ 202.377821] iommufd_object_destroy_user+0x18e/0x220 [ 202.378339] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.378967] iommufd_access_destroy+0x43/0x70 [ 202.379456] iommufd_test_staccess_release+0x8d/0xd0 [ 202.379983] __fput+0x26d/0xa40 [ 202.380337] ____fput+0x1e/0x30 [ 202.380678] task_work_run+0x1a4/0x2d0 [ 202.381090] ? __pfx_task_work_run+0x10/0x10 [ 202.381546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.382054] ? switch_task_namespaces+0xa9/0xe0 [ 202.382576] do_exit+0xb17/0x2ef0 [ 202.382946] ? lock_acquire+0x427/0x4c0 [ 202.383407] ? __pfx_lock_release+0x10/0x10 [ 202.383851] ? __kasan_check_write+0x18/0x20 [ 202.384305] ? do_raw_spin_lock+0x132/0x2a0 [ 202.384749] ? __pfx_do_exit+0x10/0x10 [ 202.385158] ? debug_smp_processor_id+0x20/0x30 [ 202.385638] ? rcu_is_watching+0x19/0xb0 [ 202.386066] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.386579] ? trace_hardirqs_on+0x26/0x120 [ 202.387047] do_group_exit+0xe0/0x2b0 [ 202.387444] __x64_sys_exit_group+0x47/0x50 [ 202.387899] do_syscall_64+0x3b/0x90 [ 202.388295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.388826] RIP: 0033:0x7f4b87518a4d [ 202.389204] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.389820] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.390624] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.391382] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.392117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.392837] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.393578] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.394317] [ 202.394616] irq event stamp: 0 [ 202.394937] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.395599] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.396446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.397350] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.397984] ---[ end trace 0000000000000000 ]--- [ 202.398879] ------------[ cut here ]------------ [ 202.399390] WARNING: CPU: 1 PID: 1925 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.400437] Modules linked in: [ 202.400769] CPU: 1 PID: 1925 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.401652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.402832] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.403392] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.405256] RSP: 0018:ffff88801438fb78 EFLAGS: 00010246 [ 202.405816] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.406595] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 202.407341] RBP: ffff88801438fb98 R08: ffffed100413743e R09: ffffed100413743e [ 202.408072] R10: ffff8880209ba1ef R11: ffffed100413743d R12: ffff8880209ba290 [ 202.408816] R13: ffff8880209ba0a8 R14: ffffffffffffffff R15: ffff88801438fc60 [ 202.409547] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.410379] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.411028] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.411774] PKRU: 55555554 [ 202.412069] Call Trace: [ 202.412333] [ 202.412569] iommufd_ioas_destroy+0x53/0x70 [ 202.413030] iommufd_fops_release+0x1f7/0x370 [ 202.413506] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.414025] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.414582] ? write_comp_data+0x2f/0x90 [ 202.415013] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.415557] __fput+0x26d/0xa40 [ 202.415922] ____fput+0x1e/0x30 [ 202.416273] task_work_run+0x1a4/0x2d0 [ 202.416684] ? __pfx_task_work_run+0x10/0x10 [ 202.417141] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.417648] ? switch_task_namespaces+0xa9/0xe0 [ 202.418144] do_exit+0xb17/0x2ef0 [ 202.418559] ? lock_acquire+0x427/0x4c0 [ 202.418979] ? __pfx_lock_release+0x10/0x10 [ 202.419452] ? __kasan_check_write+0x18/0x20 [ 202.419912] ? do_raw_spin_lock+0x132/0x2a0 [ 202.420358] ? __pfx_do_exit+0x10/0x10 [ 202.420768] ? debug_smp_processor_id+0x20/0x30 [ 202.421257] ? rcu_is_watching+0x19/0xb0 [ 202.421695] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.422180] ? trace_hardirqs_on+0x26/0x120 [ 202.422701] do_group_exit+0xe0/0x2b0 [ 202.423110] __x64_sys_exit_group+0x47/0x50 [ 202.423562] do_syscall_64+0x3b/0x90 [ 202.424013] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.424558] RIP: 0033:0x7f4b87518a4d [ 202.424964] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.425590] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.426368] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.427163] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.427903] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.428639] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.429413] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.430172] [ 202.430422] irq event stamp: 0 [ 202.430794] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.431469] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.432316] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.433164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.433819] ---[ end trace 0000000000000000 ]--- [ 202.438452] ------------[ cut here ]------------ [ 202.439090] WARNING: CPU: 1 PID: 1926 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.440165] Modules linked in: [ 202.440496] CPU: 1 PID: 1926 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.441371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.442710] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.443257] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.445133] RSP: 0018:ffff88800eb5fbb8 EFLAGS: 00010246 [ 202.445692] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 202.446429] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 202.447229] RBP: ffff88800eb5fbd0 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 202.447966] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff88800a726400 [ 202.448692] R13: ffff88801609d1e8 R14: ffffffff8352e670 R15: ffff88800eb5fe68 [ 202.449422] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.450250] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.450884] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 202.451641] PKRU: 55555554 [ 202.451938] Call Trace: [ 202.452202] [ 202.452447] __iommufd_access_detach+0x1c2/0x2b0 [ 202.452966] iommufd_access_change_pt+0x149/0x270 [ 202.453481] iommufd_access_replace+0xb4/0x120 [ 202.453974] iommufd_test+0x3e5/0x37e0 [ 202.454385] ? lock_release+0x532/0x770 [ 202.454874] ? __might_fault+0x102/0x1b0 [ 202.455328] ? lock_acquire+0x427/0x4c0 [ 202.455751] ? __pfx_iommufd_test+0x10/0x10 [ 202.456205] ? __pfx_lock_release+0x10/0x10 [ 202.456673] ? __pfx_lock_acquire+0x10/0x10 [ 202.457139] ? write_comp_data+0x2f/0x90 [ 202.457573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.458087] ? write_comp_data+0x2f/0x90 [ 202.458564] iommufd_fops_ioctl+0x37d/0x510 [ 202.459009] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.459528] ? write_comp_data+0x2f/0x90 [ 202.459953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.460458] __x64_sys_ioctl+0x1a3/0x230 [ 202.460896] do_syscall_64+0x3b/0x90 [ 202.461341] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.461882] RIP: 0033:0x7f4b8743ee5d [ 202.462263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.464181] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.464974] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.465694] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.466407] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.467187] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.467920] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.468666] [ 202.468907] irq event stamp: 0 [ 202.469235] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.469878] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.470774] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.471624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.472257] ---[ end trace 0000000000000000 ]--- [ 202.475564] ------------[ cut here ]------------ [ 202.476097] WARNING: CPU: 1 PID: 1926 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.477129] Modules linked in: [ 202.477459] CPU: 1 PID: 1926 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.478341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.479541] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.480047] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.481889] RSP: 0018:ffff88800eb5fbd0 EFLAGS: 00010246 [ 202.482432] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 202.483189] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 202.483926] RBP: ffff88800eb5fbe8 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 202.484657] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff888014392c00 [ 202.485394] R13: ffff88801609d1e8 R14: ffff888015bbf300 R15: 0000000000000000 [ 202.486116] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.486983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.487590] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.488312] PKRU: 55555554 [ 202.488604] Call Trace: [ 202.488865] [ 202.489095] iommufd_access_destroy_object+0x65/0x170 [ 202.489632] iommufd_object_destroy_user+0x18e/0x220 [ 202.490158] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.490784] iommufd_access_destroy+0x43/0x70 [ 202.491271] iommufd_test_staccess_release+0x8d/0xd0 [ 202.491815] __fput+0x26d/0xa40 [ 202.492180] ____fput+0x1e/0x30 [ 202.492532] task_work_run+0x1a4/0x2d0 [ 202.492977] ? __pfx_task_work_run+0x10/0x10 [ 202.493454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.493964] ? switch_task_namespaces+0xa9/0xe0 [ 202.494462] do_exit+0xb17/0x2ef0 [ 202.494864] ? lock_acquire+0x427/0x4c0 [ 202.495312] ? __pfx_lock_release+0x10/0x10 [ 202.495770] ? __kasan_check_write+0x18/0x20 [ 202.496232] ? do_raw_spin_lock+0x132/0x2a0 [ 202.496681] ? __pfx_do_exit+0x10/0x10 [ 202.497093] ? debug_smp_processor_id+0x20/0x30 [ 202.497582] ? rcu_is_watching+0x19/0xb0 [ 202.498009] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.498484] ? trace_hardirqs_on+0x26/0x120 [ 202.499015] do_group_exit+0xe0/0x2b0 [ 202.499427] __x64_sys_exit_group+0x47/0x50 [ 202.499873] do_syscall_64+0x3b/0x90 [ 202.500270] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.500821] RIP: 0033:0x7f4b87518a4d [ 202.501214] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.501846] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.502661] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.503412] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.504144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.504874] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.505610] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.506359] [ 202.506644] irq event stamp: 0 [ 202.506973] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.507657] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.508540] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.509422] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.510074] ---[ end trace 0000000000000000 ]--- [ 202.511021] ------------[ cut here ]------------ [ 202.511529] WARNING: CPU: 1 PID: 1926 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.512597] Modules linked in: [ 202.512931] CPU: 1 PID: 1926 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.513827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.515022] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.515568] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.517435] RSP: 0018:ffff88800eb5fb78 EFLAGS: 00010246 [ 202.517983] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.518741] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 202.519466] RBP: ffff88800eb5fb98 R08: ffffed1002c13a3e R09: ffffed1002c13a3e [ 202.520189] R10: ffff88801609d1ef R11: ffffed1002c13a3d R12: ffff88801609d290 [ 202.520909] R13: ffff88801609d0a8 R14: ffffffffffffffff R15: ffff88800eb5fc60 [ 202.521625] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.522424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.523032] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.523756] PKRU: 55555554 [ 202.524040] Call Trace: [ 202.524297] [ 202.524525] iommufd_ioas_destroy+0x53/0x70 [ 202.525013] iommufd_fops_release+0x1f7/0x370 [ 202.525473] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.525977] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.526472] ? write_comp_data+0x2f/0x90 [ 202.526925] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.527442] __fput+0x26d/0xa40 [ 202.527800] ____fput+0x1e/0x30 [ 202.528141] task_work_run+0x1a4/0x2d0 [ 202.528538] ? __pfx_task_work_run+0x10/0x10 [ 202.528995] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.529501] ? switch_task_namespaces+0xa9/0xe0 [ 202.529979] do_exit+0xb17/0x2ef0 [ 202.530333] ? lock_acquire+0x427/0x4c0 [ 202.530787] ? __pfx_lock_release+0x10/0x10 [ 202.531253] ? __kasan_check_write+0x18/0x20 [ 202.531710] ? do_raw_spin_lock+0x132/0x2a0 [ 202.532151] ? __pfx_do_exit+0x10/0x10 [ 202.532556] ? debug_smp_processor_id+0x20/0x30 [ 202.533043] ? rcu_is_watching+0x19/0xb0 [ 202.533460] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.533917] ? trace_hardirqs_on+0x26/0x120 [ 202.534359] do_group_exit+0xe0/0x2b0 [ 202.534789] __x64_sys_exit_group+0x47/0x50 [ 202.535241] do_syscall_64+0x3b/0x90 [ 202.535636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.536170] RIP: 0033:0x7f4b87518a4d [ 202.536554] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.537184] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.537961] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.538719] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.539445] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.540168] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.540884] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.541620] [ 202.541852] irq event stamp: 0 [ 202.542171] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.542845] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.543713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.544535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.545163] ---[ end trace 0000000000000000 ]--- [ 202.549686] ------------[ cut here ]------------ [ 202.550161] WARNING: CPU: 1 PID: 1927 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.551220] Modules linked in: [ 202.551524] CPU: 1 PID: 1927 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.552334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.553389] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.553863] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.555599] RSP: 0018:ffff88800f067bb8 EFLAGS: 00010246 [ 202.556104] RAX: 0000000000000000 RBX: ffff88800b8150a8 RCX: 0000000000000000 [ 202.556776] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 202.557495] RBP: ffff88800f067bd0 R08: ffffed1001702a33 R09: ffffed1001702a33 [ 202.558163] R10: ffff88800b815193 R11: ffffed1001702a32 R12: ffff888020955000 [ 202.558870] R13: ffff88800b8151e8 R14: ffffffff8352e670 R15: ffff88800f067e68 [ 202.559547] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.560302] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.560854] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 202.561530] PKRU: 55555554 [ 202.561801] Call Trace: [ 202.562042] [ 202.562256] __iommufd_access_detach+0x1c2/0x2b0 [ 202.562771] iommufd_access_change_pt+0x149/0x270 [ 202.563252] iommufd_access_replace+0xb4/0x120 [ 202.563697] iommufd_test+0x3e5/0x37e0 [ 202.564070] ? lock_release+0x532/0x770 [ 202.564459] ? __might_fault+0x102/0x1b0 [ 202.564851] ? lock_acquire+0x427/0x4c0 [ 202.565238] ? __pfx_iommufd_test+0x10/0x10 [ 202.565647] ? __pfx_lock_release+0x10/0x10 [ 202.566061] ? __pfx_lock_acquire+0x10/0x10 [ 202.566482] ? write_comp_data+0x2f/0x90 [ 202.566916] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.567400] ? write_comp_data+0x2f/0x90 [ 202.567799] iommufd_fops_ioctl+0x37d/0x510 [ 202.568219] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.568689] ? write_comp_data+0x2f/0x90 [ 202.569082] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.569542] __x64_sys_ioctl+0x1a3/0x230 [ 202.569938] do_syscall_64+0x3b/0x90 [ 202.570296] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.570825] RIP: 0033:0x7f4b8743ee5d [ 202.571185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.572891] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.573614] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.574283] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.574990] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.575683] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.576375] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.577110] [ 202.577351] irq event stamp: 0 [ 202.577675] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.578322] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.579236] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.580076] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.580719] ---[ end trace 0000000000000000 ]--- [ 202.584257] ------------[ cut here ]------------ [ 202.584788] WARNING: CPU: 1 PID: 1927 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.585818] Modules linked in: [ 202.586144] CPU: 1 PID: 1927 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.587086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.588250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.588766] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.590709] RSP: 0018:ffff88800f067bd0 EFLAGS: 00010246 [ 202.591276] RAX: 0000000000000000 RBX: ffff88800b8150a8 RCX: 0000000000000000 [ 202.591999] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 202.592812] RBP: ffff88800f067be8 R08: ffffed1001702a33 R09: ffffed1001702a33 [ 202.593537] R10: ffff88800b815193 R11: ffffed1001702a32 R12: ffff88800a727c00 [ 202.594255] R13: ffff88800b8151e8 R14: ffff88800fd4f700 R15: 0000000000000000 [ 202.595020] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.595861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.596454] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.597188] PKRU: 55555554 [ 202.597491] Call Trace: [ 202.597762] [ 202.598048] iommufd_access_destroy_object+0x65/0x170 [ 202.598797] iommufd_object_destroy_user+0x18e/0x220 [ 202.599538] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.600152] iommufd_access_destroy+0x43/0x70 [ 202.600629] iommufd_test_staccess_release+0x8d/0xd0 [ 202.601162] __fput+0x26d/0xa40 [ 202.601523] ____fput+0x1e/0x30 [ 202.601877] task_work_run+0x1a4/0x2d0 [ 202.602303] ? __pfx_task_work_run+0x10/0x10 [ 202.602928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.603667] ? switch_task_namespaces+0xa9/0xe0 [ 202.604169] do_exit+0xb17/0x2ef0 [ 202.604532] ? lock_acquire+0x427/0x4c0 [ 202.604952] ? __pfx_lock_release+0x10/0x10 [ 202.605402] ? __kasan_check_write+0x18/0x20 [ 202.605883] ? do_raw_spin_lock+0x132/0x2a0 [ 202.606337] ? __pfx_do_exit+0x10/0x10 [ 202.606818] ? debug_smp_processor_id+0x20/0x30 [ 202.607339] ? rcu_is_watching+0x19/0xb0 [ 202.607768] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.608272] ? trace_hardirqs_on+0x26/0x120 [ 202.608892] do_group_exit+0xe0/0x2b0 [ 202.609467] __x64_sys_exit_group+0x47/0x50 [ 202.609919] do_syscall_64+0x3b/0x90 [ 202.610313] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.610922] RIP: 0033:0x7f4b87518a4d [ 202.611314] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.611941] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.612741] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.613551] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.614622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.615369] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.616084] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.616822] [ 202.617069] irq event stamp: 0 [ 202.617392] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.618046] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.619249] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.620325] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.621039] ---[ end trace 0000000000000000 ]--- [ 202.621927] ------------[ cut here ]------------ [ 202.622413] WARNING: CPU: 1 PID: 1927 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.623538] Modules linked in: [ 202.623877] CPU: 1 PID: 1927 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.624965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.626360] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.626924] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.628829] RSP: 0018:ffff88800f067b78 EFLAGS: 00010246 [ 202.629475] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.630439] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 202.631517] RBP: ffff88800f067b98 R08: ffffed1001702a3e R09: ffffed1001702a3e [ 202.632265] R10: ffff88800b8151ef R11: ffffed1001702a3d R12: ffff88800b815290 [ 202.633007] R13: ffff88800b8150a8 R14: ffffffffffffffff R15: ffff88800f067c60 [ 202.633743] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.634629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.635264] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.636209] PKRU: 55555554 [ 202.636652] Call Trace: [ 202.637011] [ 202.637253] iommufd_ioas_destroy+0x53/0x70 [ 202.637722] iommufd_fops_release+0x1f7/0x370 [ 202.638211] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.638787] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.639350] ? write_comp_data+0x2f/0x90 [ 202.639792] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.640329] __fput+0x26d/0xa40 [ 202.640693] ____fput+0x1e/0x30 [ 202.641084] task_work_run+0x1a4/0x2d0 [ 202.641625] ? __pfx_task_work_run+0x10/0x10 [ 202.642296] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.642866] ? switch_task_namespaces+0xa9/0xe0 [ 202.643392] do_exit+0xb17/0x2ef0 [ 202.643768] ? lock_acquire+0x427/0x4c0 [ 202.644191] ? __pfx_lock_release+0x10/0x10 [ 202.644650] ? __kasan_check_write+0x18/0x20 [ 202.645132] ? do_raw_spin_lock+0x132/0x2a0 [ 202.645597] ? __pfx_do_exit+0x10/0x10 [ 202.646083] ? debug_smp_processor_id+0x20/0x30 [ 202.646815] ? rcu_is_watching+0x19/0xb0 [ 202.647264] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.647748] ? trace_hardirqs_on+0x26/0x120 [ 202.648205] do_group_exit+0xe0/0x2b0 [ 202.648628] __x64_sys_exit_group+0x47/0x50 [ 202.649076] do_syscall_64+0x3b/0x90 [ 202.649473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.650033] RIP: 0033:0x7f4b87518a4d [ 202.650419] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.651154] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.652226] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.653027] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.653772] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.654564] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.655337] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.656087] [ 202.656365] irq event stamp: 0 [ 202.656788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.657721] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.658659] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.659558] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.660211] ---[ end trace 0000000000000000 ]--- [ 202.664920] ------------[ cut here ]------------ [ 202.665569] WARNING: CPU: 1 PID: 1928 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.666950] Modules linked in: [ 202.667306] CPU: 1 PID: 1928 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.668224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.669399] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.669968] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.672469] RSP: 0018:ffff88800eb5fbb8 EFLAGS: 00010246 [ 202.673029] RAX: 0000000000000000 RBX: ffff8880143898a8 RCX: 0000000000000000 [ 202.673762] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 202.674541] RBP: ffff88800eb5fbd0 R08: ffffed1002871333 R09: ffffed1002871333 [ 202.675287] R10: ffff888014389993 R11: ffffed1002871332 R12: ffff88800f794000 [ 202.676190] R13: ffff8880143899e8 R14: ffffffff8352e670 R15: ffff88800eb5fe68 [ 202.677142] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.677977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.678633] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 202.679392] PKRU: 55555554 [ 202.679701] Call Trace: [ 202.679967] [ 202.680208] __iommufd_access_detach+0x1c2/0x2b0 [ 202.680875] iommufd_access_change_pt+0x149/0x270 [ 202.681597] iommufd_access_replace+0xb4/0x120 [ 202.682101] iommufd_test+0x3e5/0x37e0 [ 202.682563] ? lock_release+0x532/0x770 [ 202.682986] ? __might_fault+0x102/0x1b0 [ 202.683437] ? lock_acquire+0x427/0x4c0 [ 202.683863] ? __pfx_iommufd_test+0x10/0x10 [ 202.684322] ? __pfx_lock_release+0x10/0x10 [ 202.684790] ? __pfx_lock_acquire+0x10/0x10 [ 202.685346] ? write_comp_data+0x2f/0x90 [ 202.685931] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.686654] ? write_comp_data+0x2f/0x90 [ 202.687108] iommufd_fops_ioctl+0x37d/0x510 [ 202.687578] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.688093] ? write_comp_data+0x2f/0x90 [ 202.688529] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.689029] __x64_sys_ioctl+0x1a3/0x230 [ 202.689455] do_syscall_64+0x3b/0x90 [ 202.689854] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.690499] RIP: 0033:0x7f4b8743ee5d [ 202.691097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.693060] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.693861] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.694635] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.695437] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.696469] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.697252] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.698001] [ 202.698240] irq event stamp: 0 [ 202.698610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.699274] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.700109] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.701190] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.701852] ---[ end trace 0000000000000000 ]--- [ 202.705361] ------------[ cut here ]------------ [ 202.706010] WARNING: CPU: 1 PID: 1928 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.707241] Modules linked in: [ 202.707577] CPU: 1 PID: 1928 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.708469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.709696] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.710307] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.712247] RSP: 0018:ffff88800eb5fbd0 EFLAGS: 00010246 [ 202.712971] RAX: 0000000000000000 RBX: ffff8880143898a8 RCX: 0000000000000000 [ 202.713693] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 202.714418] RBP: ffff88800eb5fbe8 R08: ffffed1002871333 R09: ffffed1002871333 [ 202.715178] R10: ffff888014389993 R11: ffffed1002871332 R12: ffff888020954400 [ 202.715924] R13: ffff8880143899e8 R14: ffff88802186be00 R15: 0000000000000000 [ 202.716835] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.717719] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.718307] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 202.719207] PKRU: 55555554 [ 202.719613] Call Trace: [ 202.719874] [ 202.720108] iommufd_access_destroy_object+0x65/0x170 [ 202.720647] iommufd_object_destroy_user+0x18e/0x220 [ 202.721171] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.721786] iommufd_access_destroy+0x43/0x70 [ 202.722320] iommufd_test_staccess_release+0x8d/0xd0 [ 202.722980] __fput+0x26d/0xa40 [ 202.723339] ____fput+0x1e/0x30 [ 202.723686] task_work_run+0x1a4/0x2d0 [ 202.724095] ? __pfx_task_work_run+0x10/0x10 [ 202.724569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.725077] ? switch_task_namespaces+0xa9/0xe0 [ 202.725686] do_exit+0xb17/0x2ef0 [ 202.726141] ? lock_acquire+0x427/0x4c0 [ 202.726606] ? __pfx_lock_release+0x10/0x10 [ 202.727146] ? __kasan_check_write+0x18/0x20 [ 202.727743] ? do_raw_spin_lock+0x132/0x2a0 [ 202.728193] ? __pfx_do_exit+0x10/0x10 [ 202.728600] ? debug_smp_processor_id+0x20/0x30 [ 202.729075] ? rcu_is_watching+0x19/0xb0 [ 202.729498] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.730168] ? trace_hardirqs_on+0x26/0x120 [ 202.730652] do_group_exit+0xe0/0x2b0 [ 202.731058] __x64_sys_exit_group+0x47/0x50 [ 202.731509] do_syscall_64+0x3b/0x90 [ 202.731902] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.732435] RIP: 0033:0x7f4b87518a4d [ 202.732832] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.733641] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.734430] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.735225] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.735951] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.736868] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.737589] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.738323] [ 202.738609] irq event stamp: 0 [ 202.738931] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.739621] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.740577] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.741417] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.742072] ---[ end trace 0000000000000000 ]--- [ 202.743371] ------------[ cut here ]------------ [ 202.743867] WARNING: CPU: 1 PID: 1928 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.744912] Modules linked in: [ 202.745243] CPU: 1 PID: 1928 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.746326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.747587] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.748122] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.750239] RSP: 0018:ffff88800eb5fb78 EFLAGS: 00010246 [ 202.750823] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.751552] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 202.752275] RBP: ffff88800eb5fb98 R08: ffffed100287133e R09: ffffed100287133e [ 202.753159] R10: ffff8880143899ef R11: ffffed100287133d R12: ffff888014389a90 [ 202.753881] R13: ffff8880143898a8 R14: ffffffffffffffff R15: ffff88800eb5fc60 [ 202.754620] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.755440] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.756215] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 202.756922] PKRU: 55555554 [ 202.757207] Call Trace: [ 202.757478] [ 202.757708] iommufd_ioas_destroy+0x53/0x70 [ 202.758153] iommufd_fops_release+0x1f7/0x370 [ 202.758729] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.759345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.759851] ? write_comp_data+0x2f/0x90 [ 202.760265] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.760763] __fput+0x26d/0xa40 [ 202.761104] ____fput+0x1e/0x30 [ 202.761440] task_work_run+0x1a4/0x2d0 [ 202.761835] ? __pfx_task_work_run+0x10/0x10 [ 202.762290] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.762808] ? switch_task_namespaces+0xa9/0xe0 [ 202.763455] do_exit+0xb17/0x2ef0 [ 202.763986] ? lock_acquire+0x427/0x4c0 [ 202.764413] ? __pfx_lock_release+0x10/0x10 [ 202.764850] ? __kasan_check_write+0x18/0x20 [ 202.765299] ? do_raw_spin_lock+0x132/0x2a0 [ 202.765730] ? __pfx_do_exit+0x10/0x10 [ 202.766128] ? debug_smp_processor_id+0x20/0x30 [ 202.766600] ? rcu_is_watching+0x19/0xb0 [ 202.766989] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.767435] ? trace_hardirqs_on+0x26/0x120 [ 202.767852] do_group_exit+0xe0/0x2b0 [ 202.768232] __x64_sys_exit_group+0x47/0x50 [ 202.768750] do_syscall_64+0x3b/0x90 [ 202.769230] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.769716] RIP: 0033:0x7f4b87518a4d [ 202.770057] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.770648] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.771381] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.772040] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.772699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.773496] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.774254] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.774939] [ 202.775163] irq event stamp: 0 [ 202.775444] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.776012] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.776760] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.777624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.778281] ---[ end trace 0000000000000000 ]--- [ 202.782559] ------------[ cut here ]------------ [ 202.783056] WARNING: CPU: 1 PID: 1929 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.783951] Modules linked in: [ 202.784226] CPU: 1 PID: 1929 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.785109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.786054] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.786578] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.788206] RSP: 0018:ffff88800f067bb8 EFLAGS: 00010246 [ 202.788674] RAX: 0000000000000000 RBX: ffff8880149698a8 RCX: 0000000000000000 [ 202.789398] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 202.789995] RBP: ffff88800f067bd0 R08: ffffed100292d333 R09: ffffed100292d333 [ 202.790639] R10: ffff888014969993 R11: ffffed100292d332 R12: ffff88801341e800 [ 202.791348] R13: ffff8880149699e8 R14: ffffffff8352e670 R15: ffff88800f067e68 [ 202.791954] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.792636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.793278] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 202.793879] PKRU: 55555554 [ 202.794135] Call Trace: [ 202.794353] [ 202.794569] __iommufd_access_detach+0x1c2/0x2b0 [ 202.794988] iommufd_access_change_pt+0x149/0x270 [ 202.795555] iommufd_access_replace+0xb4/0x120 [ 202.795953] iommufd_test+0x3e5/0x37e0 [ 202.796302] ? lock_release+0x532/0x770 [ 202.796652] ? __might_fault+0x102/0x1b0 [ 202.797007] ? lock_acquire+0x427/0x4c0 [ 202.797434] ? __pfx_iommufd_test+0x10/0x10 [ 202.797847] ? __pfx_lock_release+0x10/0x10 [ 202.798220] ? __pfx_lock_acquire+0x10/0x10 [ 202.798625] ? write_comp_data+0x2f/0x90 [ 202.798986] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.799458] ? write_comp_data+0x2f/0x90 [ 202.799926] iommufd_fops_ioctl+0x37d/0x510 [ 202.800312] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.800733] ? write_comp_data+0x2f/0x90 [ 202.801087] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.801574] __x64_sys_ioctl+0x1a3/0x230 [ 202.802007] do_syscall_64+0x3b/0x90 [ 202.802337] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.802828] RIP: 0033:0x7f4b8743ee5d [ 202.803156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.804857] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.805506] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.806192] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.806928] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.807552] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.808154] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.808925] [ 202.809126] irq event stamp: 0 [ 202.809396] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.809930] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.810831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.811530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.811999] ---[ end trace 0000000000000000 ]--- [ 202.815110] ------------[ cut here ]------------ [ 202.815557] WARNING: CPU: 1 PID: 1929 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.816413] Modules linked in: [ 202.816762] CPU: 1 PID: 1929 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.817574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.818573] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.819070] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.820605] RSP: 0018:ffff88800f067bd0 EFLAGS: 00010246 [ 202.821219] RAX: 0000000000000000 RBX: ffff8880149698a8 RCX: 0000000000000000 [ 202.821817] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 202.822423] RBP: ffff88800f067be8 R08: ffffed100292d333 R09: ffffed100292d333 [ 202.823221] R10: ffff888014969993 R11: ffffed100292d332 R12: ffff88800f797000 [ 202.823818] R13: ffff8880149699e8 R14: ffff888020984f00 R15: 0000000000000000 [ 202.824420] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.825235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.825724] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 202.826322] PKRU: 55555554 [ 202.826582] Call Trace: [ 202.826800] [ 202.826992] iommufd_access_destroy_object+0x65/0x170 [ 202.827615] iommufd_object_destroy_user+0x18e/0x220 [ 202.828054] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.828558] iommufd_access_destroy+0x43/0x70 [ 202.828945] iommufd_test_staccess_release+0x8d/0xd0 [ 202.829526] __fput+0x26d/0xa40 [ 202.829820] ____fput+0x1e/0x30 [ 202.830118] task_work_run+0x1a4/0x2d0 [ 202.830463] ? __pfx_task_work_run+0x10/0x10 [ 202.830908] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.831511] ? switch_task_namespaces+0xa9/0xe0 [ 202.831920] do_exit+0xb17/0x2ef0 [ 202.832221] ? lock_acquire+0x427/0x4c0 [ 202.832594] ? __pfx_lock_release+0x10/0x10 [ 202.832975] ? __kasan_check_write+0x18/0x20 [ 202.833519] ? do_raw_spin_lock+0x132/0x2a0 [ 202.833895] ? __pfx_do_exit+0x10/0x10 [ 202.834233] ? debug_smp_processor_id+0x20/0x30 [ 202.834652] ? rcu_is_watching+0x19/0xb0 [ 202.835003] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.835508] ? trace_hardirqs_on+0x26/0x120 [ 202.835891] do_group_exit+0xe0/0x2b0 [ 202.836220] __x64_sys_exit_group+0x47/0x50 [ 202.836587] do_syscall_64+0x3b/0x90 [ 202.836924] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.837490] RIP: 0033:0x7f4b87518a4d [ 202.837812] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.838343] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.839001] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.839746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.840356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.840957] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.841560] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.842165] [ 202.842364] irq event stamp: 0 [ 202.842658] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.843190] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.843907] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.844616] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.845204] ---[ end trace 0000000000000000 ]--- [ 202.846020] ------------[ cut here ]------------ [ 202.846420] WARNING: CPU: 1 PID: 1929 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.847437] Modules linked in: [ 202.847713] CPU: 1 PID: 1929 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.848459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.849397] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.849829] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.851386] RSP: 0018:ffff88800f067b78 EFLAGS: 00010246 [ 202.851839] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.852447] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 202.853040] RBP: ffff88800f067b98 R08: ffffed100292d33e R09: ffffed100292d33e [ 202.853644] R10: ffff8880149699ef R11: ffffed100292d33d R12: ffff888014969a90 [ 202.854245] R13: ffff8880149698a8 R14: ffffffffffffffff R15: ffff88800f067c60 [ 202.854864] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.855554] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.856085] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 202.856822] PKRU: 55555554 [ 202.857064] Call Trace: [ 202.857282] [ 202.857477] iommufd_ioas_destroy+0x53/0x70 [ 202.857853] iommufd_fops_release+0x1f7/0x370 [ 202.858321] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.858846] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.859291] ? write_comp_data+0x2f/0x90 [ 202.859656] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.860089] __fput+0x26d/0xa40 [ 202.860390] ____fput+0x1e/0x30 [ 202.860732] task_work_run+0x1a4/0x2d0 [ 202.861182] ? __pfx_task_work_run+0x10/0x10 [ 202.861560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.861988] ? switch_task_namespaces+0xa9/0xe0 [ 202.862394] do_exit+0xb17/0x2ef0 [ 202.862719] ? lock_acquire+0x427/0x4c0 [ 202.863234] ? __pfx_lock_release+0x10/0x10 [ 202.863608] ? __kasan_check_write+0x18/0x20 [ 202.863985] ? do_raw_spin_lock+0x132/0x2a0 [ 202.864351] ? __pfx_do_exit+0x10/0x10 [ 202.864690] ? debug_smp_processor_id+0x20/0x30 [ 202.865089] ? rcu_is_watching+0x19/0xb0 [ 202.865609] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.866011] ? trace_hardirqs_on+0x26/0x120 [ 202.866386] do_group_exit+0xe0/0x2b0 [ 202.866736] __x64_sys_exit_group+0x47/0x50 [ 202.867098] do_syscall_64+0x3b/0x90 [ 202.867440] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.868018] RIP: 0033:0x7f4b87518a4d [ 202.868345] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.868852] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.869479] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.870228] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.870836] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.871445] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.872119] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.872787] [ 202.872988] irq event stamp: 0 [ 202.873250] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.873790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.874667] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.875353] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.875867] ---[ end trace 0000000000000000 ]--- [ 202.879561] ------------[ cut here ]------------ [ 202.879962] WARNING: CPU: 1 PID: 1930 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.880776] Modules linked in: [ 202.881031] CPU: 1 PID: 1930 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.881725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.882698] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.883091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.884547] RSP: 0018:ffff888015ad7bb8 EFLAGS: 00010246 [ 202.884968] RAX: 0000000000000000 RBX: ffff8880178190a8 RCX: 0000000000000000 [ 202.885543] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 202.886115] RBP: ffff888015ad7bd0 R08: ffffed1002f03233 R09: ffffed1002f03233 [ 202.886703] R10: ffff888017819193 R11: ffffed1002f03232 R12: ffff888014390800 [ 202.887287] R13: ffff8880178191e8 R14: ffffffff8352e670 R15: ffff888015ad7e68 [ 202.887854] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.888494] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.888952] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 202.889517] PKRU: 55555554 [ 202.889741] Call Trace: [ 202.889955] [ 202.890136] __iommufd_access_detach+0x1c2/0x2b0 [ 202.890544] iommufd_access_change_pt+0x149/0x270 [ 202.890948] iommufd_access_replace+0xb4/0x120 [ 202.891334] iommufd_test+0x3e5/0x37e0 [ 202.891647] ? lock_release+0x532/0x770 [ 202.891976] ? __might_fault+0x102/0x1b0 [ 202.892306] ? lock_acquire+0x427/0x4c0 [ 202.892640] ? __pfx_iommufd_test+0x10/0x10 [ 202.892982] ? __pfx_lock_release+0x10/0x10 [ 202.893336] ? __pfx_lock_acquire+0x10/0x10 [ 202.893690] ? write_comp_data+0x2f/0x90 [ 202.894032] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.894429] ? write_comp_data+0x2f/0x90 [ 202.894781] iommufd_fops_ioctl+0x37d/0x510 [ 202.895147] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.895543] ? write_comp_data+0x2f/0x90 [ 202.895887] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.896277] __x64_sys_ioctl+0x1a3/0x230 [ 202.896620] do_syscall_64+0x3b/0x90 [ 202.896932] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.897355] RIP: 0033:0x7f4b8743ee5d [ 202.897652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.899149] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.899760] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.900325] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.900898] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.901461] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.902038] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.902659] [ 202.902849] irq event stamp: 0 [ 202.903105] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.903615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.904280] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.904942] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.905445] ---[ end trace 0000000000000000 ]--- [ 202.908257] ------------[ cut here ]------------ [ 202.908659] WARNING: CPU: 1 PID: 1930 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.909484] Modules linked in: [ 202.909743] CPU: 1 PID: 1930 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.910412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.911308] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.911703] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.913100] RSP: 0018:ffff888015ad7bd0 EFLAGS: 00010246 [ 202.913513] RAX: 0000000000000000 RBX: ffff8880178190a8 RCX: 0000000000000000 [ 202.914049] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 202.914627] RBP: ffff888015ad7be8 R08: ffffed1002f03233 R09: ffffed1002f03233 [ 202.915174] R10: ffff888017819193 R11: ffffed1002f03232 R12: ffff88801341fc00 [ 202.915715] R13: ffff8880178191e8 R14: ffff888015acb400 R15: 0000000000000000 [ 202.916250] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.916865] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.917307] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.917855] PKRU: 55555554 [ 202.918070] Call Trace: [ 202.918276] [ 202.918448] iommufd_access_destroy_object+0x65/0x170 [ 202.918865] iommufd_object_destroy_user+0x18e/0x220 [ 202.919272] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 202.919723] iommufd_access_destroy+0x43/0x70 [ 202.920073] iommufd_test_staccess_release+0x8d/0xd0 [ 202.920467] __fput+0x26d/0xa40 [ 202.920732] ____fput+0x1e/0x30 [ 202.921001] task_work_run+0x1a4/0x2d0 [ 202.921306] ? __pfx_task_work_run+0x10/0x10 [ 202.921644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.922030] ? switch_task_namespaces+0xa9/0xe0 [ 202.922395] do_exit+0xb17/0x2ef0 [ 202.922683] ? lock_acquire+0x427/0x4c0 [ 202.923002] ? __pfx_lock_release+0x10/0x10 [ 202.923355] ? __kasan_check_write+0x18/0x20 [ 202.923710] ? do_raw_spin_lock+0x132/0x2a0 [ 202.924041] ? __pfx_do_exit+0x10/0x10 [ 202.924347] ? debug_smp_processor_id+0x20/0x30 [ 202.924713] ? rcu_is_watching+0x19/0xb0 [ 202.925025] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.925374] ? trace_hardirqs_on+0x26/0x120 [ 202.925708] do_group_exit+0xe0/0x2b0 [ 202.926000] __x64_sys_exit_group+0x47/0x50 [ 202.926328] do_syscall_64+0x3b/0x90 [ 202.926650] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.927055] RIP: 0033:0x7f4b87518a4d [ 202.927345] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.927821] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.928393] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.928934] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.929471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.930007] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.930561] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.931106] [ 202.931293] irq event stamp: 0 [ 202.931532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.932012] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.932660] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.933291] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.933769] ---[ end trace 0000000000000000 ]--- [ 202.934448] ------------[ cut here ]------------ [ 202.934842] WARNING: CPU: 1 PID: 1930 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 202.935631] Modules linked in: [ 202.935875] CPU: 1 PID: 1930 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.936536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.937387] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 202.937789] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 202.939205] RSP: 0018:ffff888015ad7b78 EFLAGS: 00010246 [ 202.939613] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 202.940155] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 202.940703] RBP: ffff888015ad7b98 R08: ffffed1002f0323e R09: ffffed1002f0323e [ 202.941280] R10: ffff8880178191ef R11: ffffed1002f0323d R12: ffff888017819290 [ 202.941818] R13: ffff8880178190a8 R14: ffffffffffffffff R15: ffff888015ad7c60 [ 202.942352] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.942967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.943421] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.943953] PKRU: 55555554 [ 202.944165] Call Trace: [ 202.944357] [ 202.944527] iommufd_ioas_destroy+0x53/0x70 [ 202.944858] iommufd_fops_release+0x1f7/0x370 [ 202.945196] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.945570] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.945945] ? write_comp_data+0x2f/0x90 [ 202.946252] ? __pfx_iommufd_fops_release+0x10/0x10 [ 202.946641] __fput+0x26d/0xa40 [ 202.946902] ____fput+0x1e/0x30 [ 202.947175] task_work_run+0x1a4/0x2d0 [ 202.947475] ? __pfx_task_work_run+0x10/0x10 [ 202.947808] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.948184] ? switch_task_namespaces+0xa9/0xe0 [ 202.948542] do_exit+0xb17/0x2ef0 [ 202.948809] ? lock_acquire+0x427/0x4c0 [ 202.949116] ? __pfx_lock_release+0x10/0x10 [ 202.949442] ? __kasan_check_write+0x18/0x20 [ 202.949777] ? do_raw_spin_lock+0x132/0x2a0 [ 202.950100] ? __pfx_do_exit+0x10/0x10 [ 202.950400] ? debug_smp_processor_id+0x20/0x30 [ 202.950776] ? rcu_is_watching+0x19/0xb0 [ 202.951081] ? _raw_spin_unlock_irq+0x2b/0x60 [ 202.951436] ? trace_hardirqs_on+0x26/0x120 [ 202.951768] do_group_exit+0xe0/0x2b0 [ 202.952053] __x64_sys_exit_group+0x47/0x50 [ 202.952382] do_syscall_64+0x3b/0x90 [ 202.952666] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.953059] RIP: 0033:0x7f4b87518a4d [ 202.953335] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 202.953801] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 202.954370] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 202.954927] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 202.955477] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 202.956004] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 202.956531] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 202.957068] [ 202.957245] irq event stamp: 0 [ 202.957482] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.957957] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.958596] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.959222] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.959696] ---[ end trace 0000000000000000 ]--- [ 202.963305] ------------[ cut here ]------------ [ 202.963677] WARNING: CPU: 1 PID: 1931 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.964429] Modules linked in: [ 202.964666] CPU: 1 PID: 1931 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.965313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.966141] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.966561] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.967923] RSP: 0018:ffff888014a67bb8 EFLAGS: 00010246 [ 202.968314] RAX: 0000000000000000 RBX: ffff88800eb5f0a8 RCX: 0000000000000000 [ 202.968838] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 202.969349] RBP: ffff888014a67bd0 R08: ffffed1001d6be33 R09: ffffed1001d6be33 [ 202.969867] R10: ffff88800eb5f193 R11: ffffed1001d6be32 R12: ffff888012e95400 [ 202.970384] R13: ffff88800eb5f1e8 R14: ffffffff8352e670 R15: ffff888014a67e68 [ 202.970918] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.971518] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.971935] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 202.972451] PKRU: 55555554 [ 202.972663] Call Trace: [ 202.972849] [ 202.973063] __iommufd_access_detach+0x1c2/0x2b0 [ 202.973420] iommufd_access_change_pt+0x149/0x270 [ 202.973788] iommufd_access_replace+0xb4/0x120 [ 202.974133] iommufd_test+0x3e5/0x37e0 [ 202.974418] ? lock_release+0x532/0x770 [ 202.974743] ? __might_fault+0x102/0x1b0 [ 202.975047] ? lock_acquire+0x427/0x4c0 [ 202.975357] ? __pfx_iommufd_test+0x10/0x10 [ 202.975682] ? __pfx_lock_release+0x10/0x10 [ 202.976004] ? __pfx_lock_acquire+0x10/0x10 [ 202.976328] ? write_comp_data+0x2f/0x90 [ 202.976638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 202.976997] ? write_comp_data+0x2f/0x90 [ 202.977313] iommufd_fops_ioctl+0x37d/0x510 [ 202.977634] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.977994] ? write_comp_data+0x2f/0x90 [ 202.978307] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 202.978682] __x64_sys_ioctl+0x1a3/0x230 [ 202.978988] do_syscall_64+0x3b/0x90 [ 202.979285] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 202.979669] RIP: 0033:0x7f4b8743ee5d [ 202.979939] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 202.981253] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 202.981798] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 202.982313] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 202.982840] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 202.983363] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 202.983881] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 202.984408] [ 202.984579] irq event stamp: 0 [ 202.984809] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 202.985267] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 202.985884] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 202.986486] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 202.986963] ---[ end trace 0000000000000000 ]--- [ 202.989564] ------------[ cut here ]------------ [ 202.989932] WARNING: CPU: 1 PID: 1931 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 202.990700] Modules linked in: [ 202.990938] CPU: 1 PID: 1931 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 202.991578] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 202.992390] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 202.992751] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 202.994070] RSP: 0018:ffff888014a67bd0 EFLAGS: 00010246 [ 202.994459] RAX: 0000000000000000 RBX: ffff88800eb5f0a8 RCX: 0000000000000000 [ 202.995000] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 202.995525] RBP: ffff888014a67be8 R08: ffffed1001d6be33 R09: ffffed1001d6be33 [ 202.996040] R10: ffff88800eb5f193 R11: ffffed1001d6be32 R12: ffff888014392000 [ 202.996563] R13: ffff88800eb5f1e8 R14: ffff888020862100 R15: 0000000000000000 [ 202.997077] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 202.997664] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.998088] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 202.998620] PKRU: 55555554 [ 202.998828] Call Trace: [ 202.999014] [ 202.999189] iommufd_access_destroy_object+0x65/0x170 [ 202.999568] iommufd_object_destroy_user+0x18e/0x220 [ 202.999950] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.000375] iommufd_access_destroy+0x43/0x70 [ 203.000710] iommufd_test_staccess_release+0x8d/0xd0 [ 203.001086] __fput+0x26d/0xa40 [ 203.001340] ____fput+0x1e/0x30 [ 203.001590] task_work_run+0x1a4/0x2d0 [ 203.001883] ? __pfx_task_work_run+0x10/0x10 [ 203.002208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.002583] ? switch_task_namespaces+0xa9/0xe0 [ 203.002934] do_exit+0xb17/0x2ef0 [ 203.003195] ? lock_acquire+0x427/0x4c0 [ 203.003497] ? __pfx_lock_release+0x10/0x10 [ 203.003811] ? __kasan_check_write+0x18/0x20 [ 203.004138] ? do_raw_spin_lock+0x132/0x2a0 [ 203.004448] ? __pfx_do_exit+0x10/0x10 [ 203.004734] ? debug_smp_processor_id+0x20/0x30 [ 203.005119] ? rcu_is_watching+0x19/0xb0 [ 203.005419] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.005747] ? trace_hardirqs_on+0x26/0x120 [ 203.006061] do_group_exit+0xe0/0x2b0 [ 203.006336] __x64_sys_exit_group+0x47/0x50 [ 203.006674] do_syscall_64+0x3b/0x90 [ 203.006948] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.007334] RIP: 0033:0x7f4b87518a4d [ 203.007601] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.008036] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.008572] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.009074] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.009587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.010092] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.010622] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.011144] [ 203.011313] irq event stamp: 0 [ 203.011538] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.011987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.012579] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.013183] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.013636] ---[ end trace 0000000000000000 ]--- [ 203.014277] ------------[ cut here ]------------ [ 203.014646] WARNING: CPU: 1 PID: 1931 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.015376] Modules linked in: [ 203.015604] CPU: 1 PID: 1931 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.016231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.017033] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.017399] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.018729] RSP: 0018:ffff888014a67b78 EFLAGS: 00010246 [ 203.019110] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.019632] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 203.020137] RBP: ffff888014a67b98 R08: ffffed1001d6be3e R09: ffffed1001d6be3e [ 203.020647] R10: ffff88800eb5f1ef R11: ffffed1001d6be3d R12: ffff88800eb5f290 [ 203.021153] R13: ffff88800eb5f0a8 R14: ffffffffffffffff R15: ffff888014a67c60 [ 203.021658] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 203.022232] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.022675] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 203.023201] PKRU: 55555554 [ 203.023403] Call Trace: [ 203.023586] [ 203.023758] iommufd_ioas_destroy+0x53/0x70 [ 203.024073] iommufd_fops_release+0x1f7/0x370 [ 203.024403] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.024768] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.025122] ? write_comp_data+0x2f/0x90 [ 203.025439] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.025797] __fput+0x26d/0xa40 [ 203.026047] ____fput+0x1e/0x30 [ 203.026291] task_work_run+0x1a4/0x2d0 [ 203.026603] ? __pfx_task_work_run+0x10/0x10 [ 203.026924] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.027296] ? switch_task_namespaces+0xa9/0xe0 [ 203.027639] do_exit+0xb17/0x2ef0 [ 203.027889] ? lock_acquire+0x427/0x4c0 [ 203.028182] ? __pfx_lock_release+0x10/0x10 [ 203.028500] ? __kasan_check_write+0x18/0x20 [ 203.028824] ? do_raw_spin_lock+0x132/0x2a0 [ 203.029136] ? __pfx_do_exit+0x10/0x10 [ 203.029425] ? debug_smp_processor_id+0x20/0x30 [ 203.029762] ? rcu_is_watching+0x19/0xb0 [ 203.030060] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.030388] ? trace_hardirqs_on+0x26/0x120 [ 203.030720] do_group_exit+0xe0/0x2b0 [ 203.031000] __x64_sys_exit_group+0x47/0x50 [ 203.031317] do_syscall_64+0x3b/0x90 [ 203.031592] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.031973] RIP: 0033:0x7f4b87518a4d [ 203.032241] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.032676] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.033215] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.033719] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.034224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.034750] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.035267] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.035778] [ 203.035948] irq event stamp: 0 [ 203.036177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.036624] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.037252] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.037846] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.038293] ---[ end trace 0000000000000000 ]--- [ 203.043392] ------------[ cut here ]------------ [ 203.043848] WARNING: CPU: 0 PID: 1932 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.044687] Modules linked in: [ 203.044953] CPU: 0 PID: 1932 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.045676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.046834] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.047258] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.048763] RSP: 0018:ffff88800f067bb8 EFLAGS: 00010246 [ 203.049201] RAX: 0000000000000000 RBX: ffff88800fb328a8 RCX: 0000000000000000 [ 203.049791] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 203.050377] RBP: ffff88800f067bd0 R08: ffffed1001f66533 R09: ffffed1001f66533 [ 203.050988] R10: ffff88800fb32993 R11: ffffed1001f66532 R12: ffff8880142a6800 [ 203.051586] R13: ffff88800fb329e8 R14: ffffffff8352e670 R15: ffff88800f067e68 [ 203.052175] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.052839] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.053325] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 203.053921] PKRU: 55555554 [ 203.054155] Call Trace: [ 203.054368] [ 203.054571] __iommufd_access_detach+0x1c2/0x2b0 [ 203.054980] iommufd_access_change_pt+0x149/0x270 [ 203.055397] iommufd_access_replace+0xb4/0x120 [ 203.055787] iommufd_test+0x3e5/0x37e0 [ 203.056113] ? lock_release+0x532/0x770 [ 203.056456] ? __might_fault+0x102/0x1b0 [ 203.056801] ? lock_acquire+0x427/0x4c0 [ 203.057144] ? __pfx_iommufd_test+0x10/0x10 [ 203.057502] ? __pfx_lock_release+0x10/0x10 [ 203.057872] ? __pfx_lock_acquire+0x10/0x10 [ 203.058248] ? write_comp_data+0x2f/0x90 [ 203.058620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.059032] ? write_comp_data+0x2f/0x90 [ 203.059389] iommufd_fops_ioctl+0x37d/0x510 [ 203.059753] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.060163] ? write_comp_data+0x2f/0x90 [ 203.060512] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.060918] __x64_sys_ioctl+0x1a3/0x230 [ 203.061268] do_syscall_64+0x3b/0x90 [ 203.061591] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.062034] RIP: 0033:0x7f4b8743ee5d [ 203.062351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.063895] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.064537] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.065128] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.065718] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.066308] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.066915] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.067531] [ 203.067732] irq event stamp: 0 [ 203.067995] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.068517] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.069214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.069907] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.070428] ---[ end trace 0000000000000000 ]--- [ 203.073344] ------------[ cut here ]------------ [ 203.073779] WARNING: CPU: 0 PID: 1932 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.074653] Modules linked in: [ 203.074921] CPU: 0 PID: 1932 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.075688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.076622] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.077038] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.078569] RSP: 0018:ffff88800f067bd0 EFLAGS: 00010246 [ 203.079014] RAX: 0000000000000000 RBX: ffff88800fb328a8 RCX: 0000000000000000 [ 203.079620] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 203.080210] RBP: ffff88800f067be8 R08: ffffed1001f66533 R09: ffffed1001f66533 [ 203.080802] R10: ffff88800fb32993 R11: ffffed1001f66532 R12: ffff888010e02800 [ 203.081391] R13: ffff88800fb329e8 R14: ffff888020f68b00 R15: 0000000000000000 [ 203.081981] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.082666] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.083158] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.083749] PKRU: 55555554 [ 203.083982] Call Trace: [ 203.084196] [ 203.084385] iommufd_access_destroy_object+0x65/0x170 [ 203.084820] iommufd_object_destroy_user+0x18e/0x220 [ 203.085251] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.085762] iommufd_access_destroy+0x43/0x70 [ 203.086145] iommufd_test_staccess_release+0x8d/0xd0 [ 203.086597] __fput+0x26d/0xa40 [ 203.086890] ____fput+0x1e/0x30 [ 203.087181] task_work_run+0x1a4/0x2d0 [ 203.087512] ? __pfx_task_work_run+0x10/0x10 [ 203.087883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.088293] ? switch_task_namespaces+0xa9/0xe0 [ 203.088690] do_exit+0xb17/0x2ef0 [ 203.088978] ? lock_acquire+0x427/0x4c0 [ 203.089319] ? __pfx_lock_release+0x10/0x10 [ 203.089684] ? __kasan_check_write+0x18/0x20 [ 203.090058] ? do_raw_spin_lock+0x132/0x2a0 [ 203.090423] ? __pfx_do_exit+0x10/0x10 [ 203.090777] ? debug_smp_processor_id+0x20/0x30 [ 203.091176] ? rcu_is_watching+0x19/0xb0 [ 203.091518] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.091900] ? trace_hardirqs_on+0x26/0x120 [ 203.092267] do_group_exit+0xe0/0x2b0 [ 203.092587] __x64_sys_exit_group+0x47/0x50 [ 203.092947] do_syscall_64+0x3b/0x90 [ 203.093265] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.093710] RIP: 0033:0x7f4b87518a4d [ 203.094024] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.094559] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.095199] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.095794] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.096384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.096976] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.097566] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.098164] [ 203.098359] irq event stamp: 0 [ 203.098648] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.099187] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.099886] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.100581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.101108] ---[ end trace 0000000000000000 ]--- [ 203.101838] ------------[ cut here ]------------ [ 203.102235] WARNING: CPU: 0 PID: 1932 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.103110] Modules linked in: [ 203.103392] CPU: 0 PID: 1932 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.104121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.105055] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.105484] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.107031] RSP: 0018:ffff88800f067b78 EFLAGS: 00010246 [ 203.107491] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.108080] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 203.108672] RBP: ffff88800f067b98 R08: ffffed1001f6653e R09: ffffed1001f6653e [ 203.109268] R10: ffff88800fb329ef R11: ffffed1001f6653d R12: ffff88800fb32a90 [ 203.109862] R13: ffff88800fb328a8 R14: ffffffffffffffff R15: ffff88800f067c60 [ 203.110454] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.111148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.111671] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.112271] PKRU: 55555554 [ 203.112517] Call Trace: [ 203.112799] [ 203.113118] iommufd_ioas_destroy+0x53/0x70 [ 203.113493] iommufd_fops_release+0x1f7/0x370 [ 203.113873] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.114297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.114845] ? write_comp_data+0x2f/0x90 [ 203.115204] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.115624] __fput+0x26d/0xa40 [ 203.115918] ____fput+0x1e/0x30 [ 203.116201] task_work_run+0x1a4/0x2d0 [ 203.116582] ? __pfx_task_work_run+0x10/0x10 [ 203.117043] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.117464] ? switch_task_namespaces+0xa9/0xe0 [ 203.117873] do_exit+0xb17/0x2ef0 [ 203.118178] ? lock_acquire+0x427/0x4c0 [ 203.118648] ? __pfx_lock_release+0x10/0x10 [ 203.119023] ? __kasan_check_write+0x18/0x20 [ 203.119409] ? do_raw_spin_lock+0x132/0x2a0 [ 203.119777] ? __pfx_do_exit+0x10/0x10 [ 203.120115] ? debug_smp_processor_id+0x20/0x30 [ 203.120514] ? rcu_is_watching+0x19/0xb0 [ 203.120987] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.121378] ? trace_hardirqs_on+0x26/0x120 [ 203.121752] do_group_exit+0xe0/0x2b0 [ 203.122077] __x64_sys_exit_group+0x47/0x50 [ 203.122454] do_syscall_64+0x3b/0x90 [ 203.122925] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.123568] RIP: 0033:0x7f4b87518a4d [ 203.123847] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.124286] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.124831] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.125336] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.125910] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.126562] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.127088] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.127627] [ 203.127801] irq event stamp: 0 [ 203.128034] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.128497] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.129169] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.129882] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.130341] ---[ end trace 0000000000000000 ]--- [ 203.134108] ------------[ cut here ]------------ [ 203.134469] WARNING: CPU: 0 PID: 1933 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.135307] Modules linked in: [ 203.135635] CPU: 0 PID: 1933 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.136266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.137075] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.137436] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.138787] RSP: 0018:ffff88801884fbb8 EFLAGS: 00010246 [ 203.139190] RAX: 0000000000000000 RBX: ffff88801054a8a8 RCX: 0000000000000000 [ 203.139713] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 203.140239] RBP: ffff88801884fbd0 R08: ffffed10020a9533 R09: ffffed10020a9533 [ 203.140762] R10: ffff88801054a993 R11: ffffed10020a9532 R12: ffff888010e05400 [ 203.141286] R13: ffff88801054a9e8 R14: ffffffff8352e670 R15: ffff88801884fe68 [ 203.141835] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.142426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.142868] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 203.143402] PKRU: 55555554 [ 203.143616] Call Trace: [ 203.143806] [ 203.143976] __iommufd_access_detach+0x1c2/0x2b0 [ 203.144341] iommufd_access_change_pt+0x149/0x270 [ 203.144712] iommufd_access_replace+0xb4/0x120 [ 203.145069] iommufd_test+0x3e5/0x37e0 [ 203.145359] ? lock_release+0x532/0x770 [ 203.145663] ? __might_fault+0x102/0x1b0 [ 203.145973] ? lock_acquire+0x427/0x4c0 [ 203.146278] ? __pfx_iommufd_test+0x10/0x10 [ 203.146619] ? __pfx_lock_release+0x10/0x10 [ 203.146967] ? __pfx_lock_acquire+0x10/0x10 [ 203.147310] ? write_comp_data+0x2f/0x90 [ 203.147626] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.147995] ? write_comp_data+0x2f/0x90 [ 203.148305] iommufd_fops_ioctl+0x37d/0x510 [ 203.148640] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.149016] ? write_comp_data+0x2f/0x90 [ 203.149336] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.149712] __x64_sys_ioctl+0x1a3/0x230 [ 203.150035] do_syscall_64+0x3b/0x90 [ 203.150332] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.150753] RIP: 0033:0x7f4b8743ee5d [ 203.151042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.152439] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.153014] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.153553] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.154093] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.154649] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.155195] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.155741] [ 203.155920] irq event stamp: 0 [ 203.156160] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.156637] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.157269] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.157896] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.158373] ---[ end trace 0000000000000000 ]--- [ 203.161296] ------------[ cut here ]------------ [ 203.161671] WARNING: CPU: 0 PID: 1933 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.162437] Modules linked in: [ 203.162711] CPU: 0 PID: 1933 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.163579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.164427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.164806] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.166280] RSP: 0018:ffff88801884fbd0 EFLAGS: 00010246 [ 203.166825] RAX: 0000000000000000 RBX: ffff88801054a8a8 RCX: 0000000000000000 [ 203.167372] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 203.167907] RBP: ffff88801884fbe8 R08: ffffed10020a9533 R09: ffffed10020a9533 [ 203.168446] R10: ffff88801054a993 R11: ffffed10020a9532 R12: ffff8880142a7c00 [ 203.168983] R13: ffff88801054a9e8 R14: ffff888020edb100 R15: 0000000000000000 [ 203.169558] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.170311] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.170770] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.171320] PKRU: 55555554 [ 203.171535] Call Trace: [ 203.171730] [ 203.171904] iommufd_access_destroy_object+0x65/0x170 [ 203.172300] iommufd_object_destroy_user+0x18e/0x220 [ 203.172690] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.173202] iommufd_access_destroy+0x43/0x70 [ 203.173670] iommufd_test_staccess_release+0x8d/0xd0 [ 203.174067] __fput+0x26d/0xa40 [ 203.174334] ____fput+0x1e/0x30 [ 203.174609] task_work_run+0x1a4/0x2d0 [ 203.174913] ? __pfx_task_work_run+0x10/0x10 [ 203.175264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.175647] ? switch_task_namespaces+0xa9/0xe0 [ 203.176015] do_exit+0xb17/0x2ef0 [ 203.176284] ? lock_acquire+0x427/0x4c0 [ 203.176597] ? __pfx_lock_release+0x10/0x10 [ 203.177092] ? __kasan_check_write+0x18/0x20 [ 203.177436] ? do_raw_spin_lock+0x132/0x2a0 [ 203.177767] ? __pfx_do_exit+0x10/0x10 [ 203.178073] ? debug_smp_processor_id+0x20/0x30 [ 203.178432] ? rcu_is_watching+0x19/0xb0 [ 203.178765] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.179126] ? trace_hardirqs_on+0x26/0x120 [ 203.179469] do_group_exit+0xe0/0x2b0 [ 203.179765] __x64_sys_exit_group+0x47/0x50 [ 203.180097] do_syscall_64+0x3b/0x90 [ 203.180423] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.180950] RIP: 0033:0x7f4b87518a4d [ 203.181236] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.181701] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.182277] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.182831] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.183393] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.183933] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.184647] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.185197] [ 203.185377] irq event stamp: 0 [ 203.185618] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.186099] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.186758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.187400] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.188059] ---[ end trace 0000000000000000 ]--- [ 203.188735] ------------[ cut here ]------------ [ 203.189095] WARNING: CPU: 0 PID: 1933 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.189917] Modules linked in: [ 203.190181] CPU: 0 PID: 1933 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.191105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.192017] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.192433] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.193917] RSP: 0018:ffff88801884fb78 EFLAGS: 00010246 [ 203.194499] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.195101] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 203.195681] RBP: ffff88801884fb98 R08: ffffed10020a953e R09: ffffed10020a953e [ 203.196250] R10: ffff88801054a9ef R11: ffffed10020a953d R12: ffff88801054aa90 [ 203.196817] R13: ffff88801054a8a8 R14: ffffffffffffffff R15: ffff88801884fc60 [ 203.197519] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.198274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.198764] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.199345] PKRU: 55555554 [ 203.199574] Call Trace: [ 203.199780] [ 203.199964] iommufd_ioas_destroy+0x53/0x70 [ 203.200319] iommufd_fops_release+0x1f7/0x370 [ 203.200687] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.201263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.201664] ? write_comp_data+0x2f/0x90 [ 203.202002] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.202407] __fput+0x26d/0xa40 [ 203.202722] ____fput+0x1e/0x30 [ 203.202996] task_work_run+0x1a4/0x2d0 [ 203.203332] ? __pfx_task_work_run+0x10/0x10 [ 203.203697] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.204096] ? switch_task_namespaces+0xa9/0xe0 [ 203.204485] do_exit+0xb17/0x2ef0 [ 203.204809] ? lock_acquire+0x427/0x4c0 [ 203.205280] ? __pfx_lock_release+0x10/0x10 [ 203.205635] ? __kasan_check_write+0x18/0x20 [ 203.205993] ? do_raw_spin_lock+0x132/0x2a0 [ 203.206342] ? __pfx_do_exit+0x10/0x10 [ 203.206685] ? debug_smp_processor_id+0x20/0x30 [ 203.207071] ? rcu_is_watching+0x19/0xb0 [ 203.207414] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.207786] ? trace_hardirqs_on+0x26/0x120 [ 203.208149] do_group_exit+0xe0/0x2b0 [ 203.208498] __x64_sys_exit_group+0x47/0x50 [ 203.209008] do_syscall_64+0x3b/0x90 [ 203.209331] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.209759] RIP: 0033:0x7f4b87518a4d [ 203.210062] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.210590] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.211229] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.211808] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.212473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.213163] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.213736] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.214312] [ 203.214531] irq event stamp: 0 [ 203.214788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.215312] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.216076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.216855] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.217360] ---[ end trace 0000000000000000 ]--- [ 203.222311] ------------[ cut here ]------------ [ 203.222829] WARNING: CPU: 0 PID: 1934 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.224021] Modules linked in: [ 203.224299] CPU: 0 PID: 1934 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.225038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.225987] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.226415] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.228203] RSP: 0018:ffff88800eeefbb8 EFLAGS: 00010246 [ 203.228660] RAX: 0000000000000000 RBX: ffff8880189f10a8 RCX: 0000000000000000 [ 203.229340] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 203.229945] RBP: ffff88800eeefbd0 R08: ffffed100313e233 R09: ffffed100313e233 [ 203.230567] R10: ffff8880189f1193 R11: ffffed100313e232 R12: ffff88800fd82800 [ 203.231186] R13: ffff8880189f11e8 R14: ffffffff8352e670 R15: ffff88800eeefe68 [ 203.231790] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.232473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.232966] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 203.233579] PKRU: 55555554 [ 203.233823] Call Trace: [ 203.234042] [ 203.234238] __iommufd_access_detach+0x1c2/0x2b0 [ 203.234689] iommufd_access_change_pt+0x149/0x270 [ 203.235121] iommufd_access_replace+0xb4/0x120 [ 203.235528] iommufd_test+0x3e5/0x37e0 [ 203.235865] ? lock_release+0x532/0x770 [ 203.236219] ? __might_fault+0x102/0x1b0 [ 203.236594] ? lock_acquire+0x427/0x4c0 [ 203.236968] ? __pfx_iommufd_test+0x10/0x10 [ 203.237362] ? __pfx_lock_release+0x10/0x10 [ 203.237759] ? __pfx_lock_acquire+0x10/0x10 [ 203.238157] ? write_comp_data+0x2f/0x90 [ 203.238556] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.239008] ? write_comp_data+0x2f/0x90 [ 203.239400] iommufd_fops_ioctl+0x37d/0x510 [ 203.239796] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.240245] ? write_comp_data+0x2f/0x90 [ 203.240628] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.241067] __x64_sys_ioctl+0x1a3/0x230 [ 203.241449] do_syscall_64+0x3b/0x90 [ 203.241800] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.242278] RIP: 0033:0x7f4b8743ee5d [ 203.242649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.244328] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.245018] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.245655] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.246297] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.246961] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.247626] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.248279] [ 203.248492] irq event stamp: 0 [ 203.248778] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.249346] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.250101] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.250876] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.251455] ---[ end trace 0000000000000000 ]--- [ 203.254749] ------------[ cut here ]------------ [ 203.255223] WARNING: CPU: 0 PID: 1934 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.256139] Modules linked in: [ 203.256435] CPU: 0 PID: 1934 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.257535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.258608] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.259075] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.260768] RSP: 0018:ffff88800eeefbd0 EFLAGS: 00010246 [ 203.261470] RAX: 0000000000000000 RBX: ffff8880189f10a8 RCX: 0000000000000000 [ 203.262279] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 203.262974] RBP: ffff88800eeefbe8 R08: ffffed100313e233 R09: ffffed100313e233 [ 203.263644] R10: ffff8880189f1193 R11: ffffed100313e232 R12: ffff888010e07400 [ 203.264298] R13: ffff8880189f11e8 R14: ffff8880209b7b00 R15: 0000000000000000 [ 203.264949] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.265780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.266592] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.267365] PKRU: 55555554 [ 203.267782] Call Trace: [ 203.268054] [ 203.268291] iommufd_access_destroy_object+0x65/0x170 [ 203.268777] iommufd_object_destroy_user+0x18e/0x220 [ 203.269256] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.269804] iommufd_access_destroy+0x43/0x70 [ 203.270234] iommufd_test_staccess_release+0x8d/0xd0 [ 203.270752] __fput+0x26d/0xa40 [ 203.271083] ____fput+0x1e/0x30 [ 203.271432] task_work_run+0x1a4/0x2d0 [ 203.271834] ? __pfx_task_work_run+0x10/0x10 [ 203.272443] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.272953] ? switch_task_namespaces+0xa9/0xe0 [ 203.273435] do_exit+0xb17/0x2ef0 [ 203.273791] ? lock_acquire+0x427/0x4c0 [ 203.274208] ? __pfx_lock_release+0x10/0x10 [ 203.274695] ? __kasan_check_write+0x18/0x20 [ 203.275161] ? do_raw_spin_lock+0x132/0x2a0 [ 203.275606] ? __pfx_do_exit+0x10/0x10 [ 203.276024] ? debug_smp_processor_id+0x20/0x30 [ 203.276505] ? rcu_is_watching+0x19/0xb0 [ 203.276921] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.277391] ? trace_hardirqs_on+0x26/0x120 [ 203.277841] do_group_exit+0xe0/0x2b0 [ 203.278228] __x64_sys_exit_group+0x47/0x50 [ 203.278696] do_syscall_64+0x3b/0x90 [ 203.279078] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.279635] RIP: 0033:0x7f4b87518a4d [ 203.280011] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.280632] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.281391] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.282110] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.282845] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.283563] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.284268] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.284988] [ 203.285225] irq event stamp: 0 [ 203.285548] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.286183] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.287061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.287919] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.288560] ---[ end trace 0000000000000000 ]--- [ 203.289983] ------------[ cut here ]------------ [ 203.290823] WARNING: CPU: 1 PID: 1934 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.292346] Modules linked in: [ 203.292785] CPU: 1 PID: 1934 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.293919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.295773] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.296806] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.299405] RSP: 0018:ffff88800eeefb78 EFLAGS: 00010246 [ 203.300107] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.301212] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 203.302249] RBP: ffff88800eeefb98 R08: ffffed100313e23e R09: ffffed100313e23e [ 203.303285] R10: ffff8880189f11ef R11: ffffed100313e23d R12: ffff8880189f1290 [ 203.304352] R13: ffff8880189f10a8 R14: ffffffffffffffff R15: ffff88800eeefc60 [ 203.305261] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 203.306672] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.307475] CR2: 00007f82e2b42000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 203.308627] PKRU: 55555554 [ 203.309012] Call Trace: [ 203.309360] [ 203.309663] iommufd_ioas_destroy+0x53/0x70 [ 203.310313] iommufd_fops_release+0x1f7/0x370 [ 203.311061] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.311751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.312435] ? write_comp_data+0x2f/0x90 [ 203.313126] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.313803] __fput+0x26d/0xa40 [ 203.314283] ____fput+0x1e/0x30 [ 203.314956] task_work_run+0x1a4/0x2d0 [ 203.315532] ? __pfx_task_work_run+0x10/0x10 [ 203.316124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.316825] ? switch_task_namespaces+0xa9/0xe0 [ 203.317593] do_exit+0xb17/0x2ef0 [ 203.318072] ? lock_acquire+0x427/0x4c0 [ 203.318708] ? __pfx_lock_release+0x10/0x10 [ 203.319526] ? __kasan_check_write+0x18/0x20 [ 203.320017] ? do_raw_spin_lock+0x132/0x2a0 [ 203.320472] ? __pfx_do_exit+0x10/0x10 [ 203.320892] ? debug_smp_processor_id+0x20/0x30 [ 203.321497] ? rcu_is_watching+0x19/0xb0 [ 203.322053] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.322594] ? trace_hardirqs_on+0x26/0x120 [ 203.323066] do_group_exit+0xe0/0x2b0 [ 203.323523] __x64_sys_exit_group+0x47/0x50 [ 203.324142] do_syscall_64+0x3b/0x90 [ 203.324555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.325118] RIP: 0033:0x7f4b87518a4d [ 203.325526] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.326369] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.327224] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.328006] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.328879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.329748] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.330566] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.331562] [ 203.331825] irq event stamp: 0 [ 203.332167] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.332849] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.333950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.334902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.335677] ---[ end trace 0000000000000000 ]--- [ 203.343400] ------------[ cut here ]------------ [ 203.343978] WARNING: CPU: 0 PID: 1935 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.345219] Modules linked in: [ 203.345568] CPU: 0 PID: 1935 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.346558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.347856] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.348680] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.350679] RSP: 0018:ffff8880244d7bb8 EFLAGS: 00010246 [ 203.351269] RAX: 0000000000000000 RBX: ffff888011f618a8 RCX: 0000000000000000 [ 203.352005] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 203.352875] RBP: ffff8880244d7bd0 R08: ffffed10023ec333 R09: ffffed10023ec333 [ 203.353859] R10: ffff888011f61993 R11: ffffed10023ec332 R12: ffff8880129c4000 [ 203.354806] R13: ffff888011f619e8 R14: ffffffff8352e670 R15: ffff8880244d7e68 [ 203.355548] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.356383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.357075] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 203.357906] PKRU: 55555554 [ 203.358286] Call Trace: [ 203.358817] [ 203.359057] __iommufd_access_detach+0x1c2/0x2b0 [ 203.359581] iommufd_access_change_pt+0x149/0x270 [ 203.360090] iommufd_access_replace+0xb4/0x120 [ 203.360581] iommufd_test+0x3e5/0x37e0 [ 203.360989] ? lock_release+0x532/0x770 [ 203.361419] ? __might_fault+0x102/0x1b0 [ 203.361861] ? lock_acquire+0x427/0x4c0 [ 203.362302] ? __pfx_iommufd_test+0x10/0x10 [ 203.362791] ? __pfx_lock_release+0x10/0x10 [ 203.363400] ? __pfx_lock_acquire+0x10/0x10 [ 203.363955] ? write_comp_data+0x2f/0x90 [ 203.364687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.365209] ? write_comp_data+0x2f/0x90 [ 203.365645] iommufd_fops_ioctl+0x37d/0x510 [ 203.366102] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.366655] ? write_comp_data+0x2f/0x90 [ 203.367094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.367615] __x64_sys_ioctl+0x1a3/0x230 [ 203.368056] do_syscall_64+0x3b/0x90 [ 203.368469] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.369130] RIP: 0033:0x7f4b8743ee5d [ 203.369651] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.371740] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.372546] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.373281] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.374015] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.374962] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.375843] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.376598] [ 203.376841] irq event stamp: 0 [ 203.377168] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.377819] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.378743] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.379709] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.380654] ---[ end trace 0000000000000000 ]--- [ 203.383964] ------------[ cut here ]------------ [ 203.384623] WARNING: CPU: 0 PID: 1935 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.385926] Modules linked in: [ 203.386266] CPU: 0 PID: 1935 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.387211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.388360] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.388886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.391311] RSP: 0018:ffff8880244d7bd0 EFLAGS: 00010246 [ 203.391857] RAX: 0000000000000000 RBX: ffff888011f618a8 RCX: 0000000000000000 [ 203.392576] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 203.393305] RBP: ffff8880244d7be8 R08: ffffed10023ec333 R09: ffffed10023ec333 [ 203.394038] R10: ffff888011f61993 R11: ffffed10023ec332 R12: ffff888012e93000 [ 203.394929] R13: ffff888011f619e8 R14: ffff88800f492d00 R15: 0000000000000000 [ 203.395843] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.396674] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.397271] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.398009] PKRU: 55555554 [ 203.398310] Call Trace: [ 203.398624] [ 203.398867] iommufd_access_destroy_object+0x65/0x170 [ 203.399424] iommufd_object_destroy_user+0x18e/0x220 [ 203.400072] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.400959] iommufd_access_destroy+0x43/0x70 [ 203.401441] iommufd_test_staccess_release+0x8d/0xd0 [ 203.402008] __fput+0x26d/0xa40 [ 203.402377] ____fput+0x1e/0x30 [ 203.402765] task_work_run+0x1a4/0x2d0 [ 203.403200] ? __pfx_task_work_run+0x10/0x10 [ 203.403657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.404163] ? switch_task_namespaces+0xa9/0xe0 [ 203.404673] do_exit+0xb17/0x2ef0 [ 203.405107] ? lock_acquire+0x427/0x4c0 [ 203.405661] ? __pfx_lock_release+0x10/0x10 [ 203.406279] ? __kasan_check_write+0x18/0x20 [ 203.406793] ? do_raw_spin_lock+0x132/0x2a0 [ 203.407281] ? __pfx_do_exit+0x10/0x10 [ 203.407695] ? debug_smp_processor_id+0x20/0x30 [ 203.408176] ? rcu_is_watching+0x19/0xb0 [ 203.408594] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.409073] ? trace_hardirqs_on+0x26/0x120 [ 203.409536] do_group_exit+0xe0/0x2b0 [ 203.409995] __x64_sys_exit_group+0x47/0x50 [ 203.410613] do_syscall_64+0x3b/0x90 [ 203.411200] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.411756] RIP: 0033:0x7f4b87518a4d [ 203.412150] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.412797] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.413591] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.414348] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.415168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.416147] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.417050] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.417803] [ 203.418048] irq event stamp: 0 [ 203.418375] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.419054] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.419932] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.420785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.421630] ---[ end trace 0000000000000000 ]--- [ 203.422802] ------------[ cut here ]------------ [ 203.423314] WARNING: CPU: 0 PID: 1935 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.424355] Modules linked in: [ 203.424689] CPU: 0 PID: 1935 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.425590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.426903] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.427592] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.429474] RSP: 0018:ffff8880244d7b78 EFLAGS: 00010246 [ 203.430021] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.430800] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 203.431753] RBP: ffff8880244d7b98 R08: ffffed10023ec33e R09: ffffed10023ec33e [ 203.432752] R10: ffff888011f619ef R11: ffffed10023ec33d R12: ffff888011f61a90 [ 203.433488] R13: ffff888011f618a8 R14: ffffffffffffffff R15: ffff8880244d7c60 [ 203.434218] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.435069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.435686] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.436655] PKRU: 55555554 [ 203.437161] Call Trace: [ 203.437433] [ 203.437668] iommufd_ioas_destroy+0x53/0x70 [ 203.438126] iommufd_fops_release+0x1f7/0x370 [ 203.438645] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.439189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.439707] ? write_comp_data+0x2f/0x90 [ 203.440140] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.440824] __fput+0x26d/0xa40 [ 203.441345] ____fput+0x1e/0x30 [ 203.441703] task_work_run+0x1a4/0x2d0 [ 203.442116] ? __pfx_task_work_run+0x10/0x10 [ 203.442595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.443100] ? switch_task_namespaces+0xa9/0xe0 [ 203.443612] do_exit+0xb17/0x2ef0 [ 203.443975] ? lock_acquire+0x427/0x4c0 [ 203.444403] ? __pfx_lock_release+0x10/0x10 [ 203.445008] ? __kasan_check_write+0x18/0x20 [ 203.445720] ? do_raw_spin_lock+0x132/0x2a0 [ 203.446174] ? __pfx_do_exit+0x10/0x10 [ 203.446610] ? debug_smp_processor_id+0x20/0x30 [ 203.447095] ? rcu_is_watching+0x19/0xb0 [ 203.447526] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.447992] ? trace_hardirqs_on+0x26/0x120 [ 203.448437] do_group_exit+0xe0/0x2b0 [ 203.448837] __x64_sys_exit_group+0x47/0x50 [ 203.449400] do_syscall_64+0x3b/0x90 [ 203.450011] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.450584] RIP: 0033:0x7f4b87518a4d [ 203.450969] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.451602] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.452380] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.453199] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.454117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.455139] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.455861] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.456589] [ 203.456836] irq event stamp: 0 [ 203.457164] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.457815] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.458934] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.459919] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.460567] ---[ end trace 0000000000000000 ]--- [ 203.470965] ------------[ cut here ]------------ [ 203.471517] WARNING: CPU: 0 PID: 1936 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.472560] Modules linked in: [ 203.472892] CPU: 0 PID: 1936 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.473880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.475327] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.475851] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.477727] RSP: 0018:ffff8880147ffbb8 EFLAGS: 00010246 [ 203.478291] RAX: 0000000000000000 RBX: ffff88800f4bc0a8 RCX: 0000000000000000 [ 203.479045] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 203.479796] RBP: ffff8880147ffbd0 R08: ffffed1001e97833 R09: ffffed1001e97833 [ 203.480532] R10: ffff88800f4bc193 R11: ffffed1001e97832 R12: ffff88800b9b4400 [ 203.481266] R13: ffff88800f4bc1e8 R14: ffffffff8352e670 R15: ffff8880147ffe68 [ 203.481999] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.482856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.483463] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 203.484198] PKRU: 55555554 [ 203.484486] Call Trace: [ 203.484747] [ 203.485061] __iommufd_access_detach+0x1c2/0x2b0 [ 203.485561] iommufd_access_change_pt+0x149/0x270 [ 203.486074] iommufd_access_replace+0xb4/0x120 [ 203.486577] iommufd_test+0x3e5/0x37e0 [ 203.486981] ? lock_release+0x532/0x770 [ 203.487425] ? __might_fault+0x102/0x1b0 [ 203.487856] ? lock_acquire+0x427/0x4c0 [ 203.488278] ? __pfx_iommufd_test+0x10/0x10 [ 203.488722] ? __pfx_lock_release+0x10/0x10 [ 203.489171] ? __pfx_lock_acquire+0x10/0x10 [ 203.489624] ? write_comp_data+0x2f/0x90 [ 203.490053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.490592] ? write_comp_data+0x2f/0x90 [ 203.491022] iommufd_fops_ioctl+0x37d/0x510 [ 203.491483] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.491995] ? write_comp_data+0x2f/0x90 [ 203.492417] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.492921] __x64_sys_ioctl+0x1a3/0x230 [ 203.493362] do_syscall_64+0x3b/0x90 [ 203.493768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.494326] RIP: 0033:0x7f4b8743ee5d [ 203.494752] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.496620] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.497383] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.498086] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.498828] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.499574] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.500290] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.501010] [ 203.501248] irq event stamp: 0 [ 203.501562] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.502193] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.503074] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.503949] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.504585] ---[ end trace 0000000000000000 ]--- [ 203.508361] ------------[ cut here ]------------ [ 203.508893] WARNING: CPU: 0 PID: 1936 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.510166] Modules linked in: [ 203.510720] CPU: 0 PID: 1936 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.511611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.512739] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.513237] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.515481] RSP: 0018:ffff8880147ffbd0 EFLAGS: 00010246 [ 203.516166] RAX: 0000000000000000 RBX: ffff88800f4bc0a8 RCX: 0000000000000000 [ 203.516877] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 203.517673] RBP: ffff8880147ffbe8 R08: ffffed1001e97833 R09: ffffed1001e97833 [ 203.518388] R10: ffff88800f4bc193 R11: ffffed1001e97832 R12: ffff8880129c4400 [ 203.519162] R13: ffff88800f4bc1e8 R14: ffff88802094ed00 R15: 0000000000000000 [ 203.519953] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.521131] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.521720] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.522437] PKRU: 55555554 [ 203.522784] Call Trace: [ 203.523048] [ 203.523297] iommufd_access_destroy_object+0x65/0x170 [ 203.523842] iommufd_object_destroy_user+0x18e/0x220 [ 203.524516] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.525450] iommufd_access_destroy+0x43/0x70 [ 203.525924] iommufd_test_staccess_release+0x8d/0xd0 [ 203.526453] __fput+0x26d/0xa40 [ 203.526846] ____fput+0x1e/0x30 [ 203.527213] task_work_run+0x1a4/0x2d0 [ 203.527622] ? __pfx_task_work_run+0x10/0x10 [ 203.528085] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.528678] ? switch_task_namespaces+0xa9/0xe0 [ 203.529457] do_exit+0xb17/0x2ef0 [ 203.529815] ? lock_acquire+0x427/0x4c0 [ 203.530228] ? __pfx_lock_release+0x10/0x10 [ 203.530703] ? __kasan_check_write+0x18/0x20 [ 203.531181] ? do_raw_spin_lock+0x132/0x2a0 [ 203.531636] ? __pfx_do_exit+0x10/0x10 [ 203.532055] ? debug_smp_processor_id+0x20/0x30 [ 203.532542] ? rcu_is_watching+0x19/0xb0 [ 203.533097] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.533770] ? trace_hardirqs_on+0x26/0x120 [ 203.534225] do_group_exit+0xe0/0x2b0 [ 203.534656] __x64_sys_exit_group+0x47/0x50 [ 203.535092] do_syscall_64+0x3b/0x90 [ 203.535514] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.536050] RIP: 0033:0x7f4b87518a4d [ 203.536462] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.537277] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.538210] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.538958] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.539691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.540415] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.541337] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.542250] [ 203.542492] irq event stamp: 0 [ 203.542838] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.543487] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.544344] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.545335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.546325] ---[ end trace 0000000000000000 ]--- [ 203.548818] ------------[ cut here ]------------ [ 203.549436] WARNING: CPU: 0 PID: 1936 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.550894] Modules linked in: [ 203.551260] CPU: 0 PID: 1936 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.552164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.553328] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.553867] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.555797] RSP: 0018:ffff8880147ffb78 EFLAGS: 00010246 [ 203.556356] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.557082] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 203.557811] RBP: ffff8880147ffb98 R08: ffffed1001e9783e R09: ffffed1001e9783e [ 203.558570] R10: ffff88800f4bc1ef R11: ffffed1001e9783d R12: ffff88800f4bc290 [ 203.559314] R13: ffff88800f4bc0a8 R14: ffffffffffffffff R15: ffff8880147ffc60 [ 203.560054] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.560884] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.561487] CR2: 00007f82e2b90000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 203.562228] PKRU: 55555554 [ 203.562554] Call Trace: [ 203.562829] [ 203.563069] iommufd_ioas_destroy+0x53/0x70 [ 203.563537] iommufd_fops_release+0x1f7/0x370 [ 203.564013] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.564538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.565051] ? write_comp_data+0x2f/0x90 [ 203.565481] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.565998] __fput+0x26d/0xa40 [ 203.566366] ____fput+0x1e/0x30 [ 203.566747] task_work_run+0x1a4/0x2d0 [ 203.567190] ? __pfx_task_work_run+0x10/0x10 [ 203.567651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.568160] ? switch_task_namespaces+0xa9/0xe0 [ 203.568658] do_exit+0xb17/0x2ef0 [ 203.569027] ? lock_acquire+0x427/0x4c0 [ 203.569447] ? __pfx_lock_release+0x10/0x10 [ 203.569903] ? __kasan_check_write+0x18/0x20 [ 203.570369] ? do_raw_spin_lock+0x132/0x2a0 [ 203.570848] ? __pfx_do_exit+0x10/0x10 [ 203.571282] ? debug_smp_processor_id+0x20/0x30 [ 203.571770] ? rcu_is_watching+0x19/0xb0 [ 203.572199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.572676] ? trace_hardirqs_on+0x26/0x120 [ 203.573131] do_group_exit+0xe0/0x2b0 [ 203.573532] __x64_sys_exit_group+0x47/0x50 [ 203.573981] do_syscall_64+0x3b/0x90 [ 203.574384] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.574958] RIP: 0033:0x7f4b87518a4d [ 203.575360] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.575997] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.576778] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.577515] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.578245] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.578996] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.579748] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.580490] [ 203.580737] irq event stamp: 0 [ 203.581129] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.581781] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.582679] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.583554] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.584202] ---[ end trace 0000000000000000 ]--- [ 203.589300] ------------[ cut here ]------------ [ 203.590004] WARNING: CPU: 0 PID: 1937 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.591241] Modules linked in: [ 203.591570] CPU: 0 PID: 1937 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.592430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.593543] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.594049] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.595907] RSP: 0018:ffff8880244d7bb8 EFLAGS: 00010246 [ 203.596448] RAX: 0000000000000000 RBX: ffff88801675e8a8 RCX: 0000000000000000 [ 203.597155] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 203.597858] RBP: ffff8880244d7bd0 R08: ffffed1002cebd33 R09: ffffed1002cebd33 [ 203.598601] R10: ffff88801675e993 R11: ffffed1002cebd32 R12: ffff88801890d000 [ 203.599332] R13: ffff88801675e9e8 R14: ffffffff8352e670 R15: ffff8880244d7e68 [ 203.600031] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.600828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.601404] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 203.602109] PKRU: 55555554 [ 203.602393] Call Trace: [ 203.602669] [ 203.602895] __iommufd_access_detach+0x1c2/0x2b0 [ 203.603397] iommufd_access_change_pt+0x149/0x270 [ 203.603886] iommufd_access_replace+0xb4/0x120 [ 203.604347] iommufd_test+0x3e5/0x37e0 [ 203.604735] ? lock_release+0x532/0x770 [ 203.605136] ? __might_fault+0x102/0x1b0 [ 203.605541] ? lock_acquire+0x427/0x4c0 [ 203.605943] ? __pfx_iommufd_test+0x10/0x10 [ 203.606367] ? __pfx_lock_release+0x10/0x10 [ 203.606817] ? __pfx_lock_acquire+0x10/0x10 [ 203.607265] ? write_comp_data+0x2f/0x90 [ 203.607685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.608180] ? write_comp_data+0x2f/0x90 [ 203.608595] iommufd_fops_ioctl+0x37d/0x510 [ 203.609028] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.609524] ? write_comp_data+0x2f/0x90 [ 203.609933] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.610417] __x64_sys_ioctl+0x1a3/0x230 [ 203.610851] do_syscall_64+0x3b/0x90 [ 203.611248] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.611736] RIP: 0033:0x7f4b8743ee5d [ 203.612076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.613818] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.614529] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.615200] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.615847] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.616495] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.617141] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.617797] [ 203.618011] irq event stamp: 0 [ 203.618296] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.618893] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.619672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.620434] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.621006] ---[ end trace 0000000000000000 ]--- [ 203.624451] ------------[ cut here ]------------ [ 203.624902] WARNING: CPU: 0 PID: 1937 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.625807] Modules linked in: [ 203.626158] CPU: 0 PID: 1937 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.627125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.628131] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.628575] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.630336] RSP: 0018:ffff8880244d7bd0 EFLAGS: 00010246 [ 203.630969] RAX: 0000000000000000 RBX: ffff88801675e8a8 RCX: 0000000000000000 [ 203.631632] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 203.632270] RBP: ffff8880244d7be8 R08: ffffed1002cebd33 R09: ffffed1002cebd33 [ 203.632906] R10: ffff88801675e993 R11: ffffed1002cebd32 R12: ffff888014392000 [ 203.633554] R13: ffff88801675e9e8 R14: ffff88801230fb00 R15: 0000000000000000 [ 203.634335] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.635326] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.635849] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.636495] PKRU: 55555554 [ 203.636751] Call Trace: [ 203.636984] [ 203.637187] iommufd_access_destroy_object+0x65/0x170 [ 203.637660] iommufd_object_destroy_user+0x18e/0x220 [ 203.638356] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.638911] iommufd_access_destroy+0x43/0x70 [ 203.639340] iommufd_test_staccess_release+0x8d/0xd0 [ 203.639805] __fput+0x26d/0xa40 [ 203.640123] ____fput+0x1e/0x30 [ 203.640436] task_work_run+0x1a4/0x2d0 [ 203.640831] ? __pfx_task_work_run+0x10/0x10 [ 203.641396] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.641843] ? switch_task_namespaces+0xa9/0xe0 [ 203.642280] do_exit+0xb17/0x2ef0 [ 203.642618] ? lock_acquire+0x427/0x4c0 [ 203.642986] ? __pfx_lock_release+0x10/0x10 [ 203.643391] ? __kasan_check_write+0x18/0x20 [ 203.643794] ? do_raw_spin_lock+0x132/0x2a0 [ 203.644386] ? __pfx_do_exit+0x10/0x10 [ 203.644751] ? debug_smp_processor_id+0x20/0x30 [ 203.645247] ? rcu_is_watching+0x19/0xb0 [ 203.645616] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.646030] ? trace_hardirqs_on+0x26/0x120 [ 203.646467] do_group_exit+0xe0/0x2b0 [ 203.646954] __x64_sys_exit_group+0x47/0x50 [ 203.647357] do_syscall_64+0x3b/0x90 [ 203.647704] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.648180] RIP: 0033:0x7f4b87518a4d [ 203.648516] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.649069] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.649749] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.650436] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.651308] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.651952] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.652595] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.653244] [ 203.653457] irq event stamp: 0 [ 203.653741] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.654361] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.655511] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.656339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.656961] ---[ end trace 0000000000000000 ]--- [ 203.657773] ------------[ cut here ]------------ [ 203.658259] WARNING: CPU: 0 PID: 1937 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.659478] Modules linked in: [ 203.659798] CPU: 0 PID: 1937 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.660657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.661760] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.662439] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.664271] RSP: 0018:ffff8880244d7b78 EFLAGS: 00010246 [ 203.664805] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.665507] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 203.666416] RBP: ffff8880244d7b98 R08: ffffed1002cebd3e R09: ffffed1002cebd3e [ 203.667154] R10: ffff88801675e9ef R11: ffffed1002cebd3d R12: ffff88801675ea90 [ 203.667869] R13: ffff88801675e8a8 R14: ffffffffffffffff R15: ffff8880244d7c60 [ 203.668575] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.669595] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.670173] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.670980] PKRU: 55555554 [ 203.671395] Call Trace: [ 203.671650] [ 203.671874] iommufd_ioas_destroy+0x53/0x70 [ 203.672312] iommufd_fops_release+0x1f7/0x370 [ 203.672761] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.673330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.673898] ? write_comp_data+0x2f/0x90 [ 203.674311] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.674841] __fput+0x26d/0xa40 [ 203.675205] ____fput+0x1e/0x30 [ 203.675613] task_work_run+0x1a4/0x2d0 [ 203.676156] ? __pfx_task_work_run+0x10/0x10 [ 203.676600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.677090] ? switch_task_namespaces+0xa9/0xe0 [ 203.677636] do_exit+0xb17/0x2ef0 [ 203.678126] ? lock_acquire+0x427/0x4c0 [ 203.678575] ? __pfx_lock_release+0x10/0x10 [ 203.679014] ? __kasan_check_write+0x18/0x20 [ 203.679476] ? do_raw_spin_lock+0x132/0x2a0 [ 203.680134] ? __pfx_do_exit+0x10/0x10 [ 203.680537] ? debug_smp_processor_id+0x20/0x30 [ 203.681007] ? rcu_is_watching+0x19/0xb0 [ 203.681419] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.681950] ? trace_hardirqs_on+0x26/0x120 [ 203.682573] do_group_exit+0xe0/0x2b0 [ 203.682964] __x64_sys_exit_group+0x47/0x50 [ 203.683404] do_syscall_64+0x3b/0x90 [ 203.683786] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.684390] RIP: 0033:0x7f4b87518a4d [ 203.684921] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.685537] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.686364] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.687281] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.687996] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.688766] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.689605] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.690318] [ 203.690636] irq event stamp: 0 [ 203.691080] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.691729] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.692554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.693534] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.694152] ---[ end trace 0000000000000000 ]--- [ 203.700208] ------------[ cut here ]------------ [ 203.700775] WARNING: CPU: 0 PID: 1938 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.701913] Modules linked in: [ 203.702228] CPU: 0 PID: 1938 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.703321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.704433] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.704925] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.706743] RSP: 0018:ffff888018287bb8 EFLAGS: 00010246 [ 203.707276] RAX: 0000000000000000 RBX: ffff888018ab78a8 RCX: 0000000000000000 [ 203.707975] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 203.708669] RBP: ffff888018287bd0 R08: ffffed1003156f33 R09: ffffed1003156f33 [ 203.709370] R10: ffff888018ab7993 R11: ffffed1003156f32 R12: ffff888020a8f800 [ 203.710070] R13: ffff888018ab79e8 R14: ffffffff8352e670 R15: ffff888018287e68 [ 203.710790] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.711584] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.712133] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 203.712810] PKRU: 55555554 [ 203.713082] Call Trace: [ 203.713331] [ 203.713549] __iommufd_access_detach+0x1c2/0x2b0 [ 203.714012] iommufd_access_change_pt+0x149/0x270 [ 203.714478] iommufd_access_replace+0xb4/0x120 [ 203.714947] iommufd_test+0x3e5/0x37e0 [ 203.715332] ? lock_release+0x532/0x770 [ 203.715728] ? __might_fault+0x102/0x1b0 [ 203.716120] ? lock_acquire+0x427/0x4c0 [ 203.716503] ? __pfx_iommufd_test+0x10/0x10 [ 203.716910] ? __pfx_lock_release+0x10/0x10 [ 203.717327] ? __pfx_lock_acquire+0x10/0x10 [ 203.717746] ? write_comp_data+0x2f/0x90 [ 203.718142] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.718632] ? write_comp_data+0x2f/0x90 [ 203.719030] iommufd_fops_ioctl+0x37d/0x510 [ 203.719460] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.719928] ? write_comp_data+0x2f/0x90 [ 203.720322] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.720789] __x64_sys_ioctl+0x1a3/0x230 [ 203.721190] do_syscall_64+0x3b/0x90 [ 203.721565] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.722085] RIP: 0033:0x7f4b8743ee5d [ 203.722442] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.724226] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.724963] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.725639] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.726318] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.727020] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.727716] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.728403] [ 203.728625] irq event stamp: 0 [ 203.728927] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.729523] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.730314] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.731139] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.731749] ---[ end trace 0000000000000000 ]--- [ 203.734925] ------------[ cut here ]------------ [ 203.735384] WARNING: CPU: 0 PID: 1938 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.736305] Modules linked in: [ 203.736667] CPU: 0 PID: 1938 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.737590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.738814] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.739281] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.741113] RSP: 0018:ffff888018287bd0 EFLAGS: 00010246 [ 203.741601] RAX: 0000000000000000 RBX: ffff888018ab78a8 RCX: 0000000000000000 [ 203.742243] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 203.743043] RBP: ffff888018287be8 R08: ffffed1003156f33 R09: ffffed1003156f33 [ 203.743696] R10: ffff888018ab7993 R11: ffffed1003156f32 R12: ffff88801890fc00 [ 203.744335] R13: ffff888018ab79e8 R14: ffff888020f68000 R15: 0000000000000000 [ 203.745139] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.745872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.746455] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.747240] PKRU: 55555554 [ 203.747504] Call Trace: [ 203.747736] [ 203.747943] iommufd_access_destroy_object+0x65/0x170 [ 203.748467] iommufd_object_destroy_user+0x18e/0x220 [ 203.749046] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.749587] iommufd_access_destroy+0x43/0x70 [ 203.750004] iommufd_test_staccess_release+0x8d/0xd0 [ 203.750641] __fput+0x26d/0xa40 [ 203.750959] ____fput+0x1e/0x30 [ 203.751280] task_work_run+0x1a4/0x2d0 [ 203.751650] ? __pfx_task_work_run+0x10/0x10 [ 203.752061] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.752660] ? switch_task_namespaces+0xa9/0xe0 [ 203.753094] do_exit+0xb17/0x2ef0 [ 203.753412] ? lock_acquire+0x427/0x4c0 [ 203.753797] ? __pfx_lock_release+0x10/0x10 [ 203.754321] ? __kasan_check_write+0x18/0x20 [ 203.754753] ? do_raw_spin_lock+0x132/0x2a0 [ 203.755160] ? __pfx_do_exit+0x10/0x10 [ 203.755530] ? debug_smp_processor_id+0x20/0x30 [ 203.755957] ? rcu_is_watching+0x19/0xb0 [ 203.756497] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.756925] ? trace_hardirqs_on+0x26/0x120 [ 203.757328] do_group_exit+0xe0/0x2b0 [ 203.757678] __x64_sys_exit_group+0x47/0x50 [ 203.758217] do_syscall_64+0x3b/0x90 [ 203.758599] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.759085] RIP: 0033:0x7f4b87518a4d [ 203.759436] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.760019] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.760844] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.761520] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.762343] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.763032] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.763710] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.764558] [ 203.764786] irq event stamp: 0 [ 203.765082] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.765717] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.766627] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.767417] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.768157] ---[ end trace 0000000000000000 ]--- [ 203.768932] ------------[ cut here ]------------ [ 203.769376] WARNING: CPU: 0 PID: 1938 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.770550] Modules linked in: [ 203.770867] CPU: 0 PID: 1938 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.771737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.772953] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.773457] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.775395] RSP: 0018:ffff888018287b78 EFLAGS: 00010246 [ 203.775912] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.776586] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 203.777261] RBP: ffff888018287b98 R08: ffffed1003156f3e R09: ffffed1003156f3e [ 203.777938] R10: ffff888018ab79ef R11: ffffed1003156f3d R12: ffff888018ab7a90 [ 203.778639] R13: ffff888018ab78a8 R14: ffffffffffffffff R15: ffff888018287c60 [ 203.779461] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.780412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.781093] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.781931] PKRU: 55555554 [ 203.782271] Call Trace: [ 203.782635] [ 203.782918] iommufd_ioas_destroy+0x53/0x70 [ 203.783469] iommufd_fops_release+0x1f7/0x370 [ 203.784016] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.784616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.785210] ? write_comp_data+0x2f/0x90 [ 203.785710] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.786311] __fput+0x26d/0xa40 [ 203.786770] ____fput+0x1e/0x30 [ 203.787250] task_work_run+0x1a4/0x2d0 [ 203.787605] ? __pfx_task_work_run+0x10/0x10 [ 203.787996] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.788418] ? switch_task_namespaces+0xa9/0xe0 [ 203.788828] do_exit+0xb17/0x2ef0 [ 203.789125] ? lock_acquire+0x427/0x4c0 [ 203.789475] ? __pfx_lock_release+0x10/0x10 [ 203.789850] ? __kasan_check_write+0x18/0x20 [ 203.790232] ? do_raw_spin_lock+0x132/0x2a0 [ 203.790650] ? __pfx_do_exit+0x10/0x10 [ 203.791000] ? debug_smp_processor_id+0x20/0x30 [ 203.791432] ? rcu_is_watching+0x19/0xb0 [ 203.791783] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.792178] ? trace_hardirqs_on+0x26/0x120 [ 203.792558] do_group_exit+0xe0/0x2b0 [ 203.792888] __x64_sys_exit_group+0x47/0x50 [ 203.793259] do_syscall_64+0x3b/0x90 [ 203.793588] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.794041] RIP: 0033:0x7f4b87518a4d [ 203.794363] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.794907] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.795593] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.796201] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.796812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.797418] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.798024] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.798668] [ 203.798874] irq event stamp: 0 [ 203.799158] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.799697] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.800376] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.801048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.801553] ---[ end trace 0000000000000000 ]--- [ 203.805540] ------------[ cut here ]------------ [ 203.805961] WARNING: CPU: 0 PID: 1939 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.807039] Modules linked in: [ 203.807312] CPU: 0 PID: 1939 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.808012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.808911] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.809311] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.810789] RSP: 0018:ffff88800e9cfbb8 EFLAGS: 00010246 [ 203.811228] RAX: 0000000000000000 RBX: ffff88800eb588a8 RCX: 0000000000000000 [ 203.811800] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 203.812374] RBP: ffff88800e9cfbd0 R08: ffffed1001d6b133 R09: ffffed1001d6b133 [ 203.812946] R10: ffff88800eb58993 R11: ffffed1001d6b132 R12: ffff888010b0c400 [ 203.813519] R13: ffff88800eb589e8 R14: ffffffff8352e670 R15: ffff88800e9cfe68 [ 203.814091] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.814750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.815228] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 203.815804] PKRU: 55555554 [ 203.816037] Call Trace: [ 203.816245] [ 203.816429] __iommufd_access_detach+0x1c2/0x2b0 [ 203.816828] iommufd_access_change_pt+0x149/0x270 [ 203.817225] iommufd_access_replace+0xb4/0x120 [ 203.817605] iommufd_test+0x3e5/0x37e0 [ 203.817919] ? lock_release+0x532/0x770 [ 203.818253] ? __might_fault+0x102/0x1b0 [ 203.818611] ? lock_acquire+0x427/0x4c0 [ 203.818946] ? __pfx_iommufd_test+0x10/0x10 [ 203.819314] ? __pfx_lock_release+0x10/0x10 [ 203.819675] ? __pfx_lock_acquire+0x10/0x10 [ 203.820034] ? write_comp_data+0x2f/0x90 [ 203.820373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.820776] ? write_comp_data+0x2f/0x90 [ 203.821117] iommufd_fops_ioctl+0x37d/0x510 [ 203.821474] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.821880] ? write_comp_data+0x2f/0x90 [ 203.822223] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.822641] __x64_sys_ioctl+0x1a3/0x230 [ 203.822984] do_syscall_64+0x3b/0x90 [ 203.823307] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.823736] RIP: 0033:0x7f4b8743ee5d [ 203.824038] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.825508] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.826126] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.826718] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.827304] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.827877] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.828449] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.829030] [ 203.829221] irq event stamp: 0 [ 203.829477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.829983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.830683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.831365] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.831877] ---[ end trace 0000000000000000 ]--- [ 203.834803] ------------[ cut here ]------------ [ 203.835227] WARNING: CPU: 0 PID: 1939 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.836042] Modules linked in: [ 203.836301] CPU: 0 PID: 1939 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.837073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.837973] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.838379] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.839880] RSP: 0018:ffff88800e9cfbd0 EFLAGS: 00010246 [ 203.840315] RAX: 0000000000000000 RBX: ffff88800eb588a8 RCX: 0000000000000000 [ 203.840886] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 203.841456] RBP: ffff88800e9cfbe8 R08: ffffed1001d6b133 R09: ffffed1001d6b133 [ 203.842027] R10: ffff88800eb58993 R11: ffffed1001d6b132 R12: ffff888020a8e800 [ 203.842623] R13: ffff88800eb589e8 R14: ffff88802094e700 R15: 0000000000000000 [ 203.843201] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.843847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.844315] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.844887] PKRU: 55555554 [ 203.845117] Call Trace: [ 203.845327] [ 203.845511] iommufd_access_destroy_object+0x65/0x170 [ 203.845935] iommufd_object_destroy_user+0x18e/0x220 [ 203.846351] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.846842] iommufd_access_destroy+0x43/0x70 [ 203.847221] iommufd_test_staccess_release+0x8d/0xd0 [ 203.847645] __fput+0x26d/0xa40 [ 203.847929] ____fput+0x1e/0x30 [ 203.848205] task_work_run+0x1a4/0x2d0 [ 203.848528] ? __pfx_task_work_run+0x10/0x10 [ 203.848890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.849290] ? switch_task_namespaces+0xa9/0xe0 [ 203.849682] do_exit+0xb17/0x2ef0 [ 203.849963] ? lock_acquire+0x427/0x4c0 [ 203.850293] ? __pfx_lock_release+0x10/0x10 [ 203.850668] ? __kasan_check_write+0x18/0x20 [ 203.851032] ? do_raw_spin_lock+0x132/0x2a0 [ 203.851389] ? __pfx_do_exit+0x10/0x10 [ 203.851715] ? debug_smp_processor_id+0x20/0x30 [ 203.852094] ? rcu_is_watching+0x19/0xb0 [ 203.852428] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.852800] ? trace_hardirqs_on+0x26/0x120 [ 203.853160] do_group_exit+0xe0/0x2b0 [ 203.853474] __x64_sys_exit_group+0x47/0x50 [ 203.853823] do_syscall_64+0x3b/0x90 [ 203.854134] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.854578] RIP: 0033:0x7f4b87518a4d [ 203.854884] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.855401] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.856009] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.856589] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.857164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.857739] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.858307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.858903] [ 203.859096] irq event stamp: 0 [ 203.859362] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.859877] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.860552] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.861226] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.861731] ---[ end trace 0000000000000000 ]--- [ 203.862449] ------------[ cut here ]------------ [ 203.862857] WARNING: CPU: 0 PID: 1939 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.863689] Modules linked in: [ 203.863952] CPU: 0 PID: 1939 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.864657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.865565] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.865978] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.867472] RSP: 0018:ffff88800e9cfb78 EFLAGS: 00010246 [ 203.867902] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.868471] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 203.869098] RBP: ffff88800e9cfb98 R08: ffffed1001d6b13e R09: ffffed1001d6b13e [ 203.869670] R10: ffff88800eb589ef R11: ffffed1001d6b13d R12: ffff88800eb58a90 [ 203.870240] R13: ffff88800eb588a8 R14: ffffffffffffffff R15: ffff88800e9cfc60 [ 203.870828] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.871482] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.871946] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.872518] PKRU: 55555554 [ 203.872748] Call Trace: [ 203.872956] [ 203.873139] iommufd_ioas_destroy+0x53/0x70 [ 203.873494] iommufd_fops_release+0x1f7/0x370 [ 203.873863] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.874270] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.874694] ? write_comp_data+0x2f/0x90 [ 203.875034] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.875454] __fput+0x26d/0xa40 [ 203.875738] ____fput+0x1e/0x30 [ 203.876013] task_work_run+0x1a4/0x2d0 [ 203.876334] ? __pfx_task_work_run+0x10/0x10 [ 203.876693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.877091] ? switch_task_namespaces+0xa9/0xe0 [ 203.877476] do_exit+0xb17/0x2ef0 [ 203.877757] ? lock_acquire+0x427/0x4c0 [ 203.878089] ? __pfx_lock_release+0x10/0x10 [ 203.878449] ? __kasan_check_write+0x18/0x20 [ 203.878828] ? do_raw_spin_lock+0x132/0x2a0 [ 203.879192] ? __pfx_do_exit+0x10/0x10 [ 203.879521] ? debug_smp_processor_id+0x20/0x30 [ 203.879904] ? rcu_is_watching+0x19/0xb0 [ 203.880236] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.880609] ? trace_hardirqs_on+0x26/0x120 [ 203.880954] do_group_exit+0xe0/0x2b0 [ 203.881257] __x64_sys_exit_group+0x47/0x50 [ 203.881594] do_syscall_64+0x3b/0x90 [ 203.881895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.882312] RIP: 0033:0x7f4b87518a4d [ 203.882622] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.883100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.883713] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.884266] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.884875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.885747] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.886303] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.886881] [ 203.887063] irq event stamp: 0 [ 203.887319] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.887822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.888611] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.889256] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.889746] ---[ end trace 0000000000000000 ]--- [ 203.893915] ------------[ cut here ]------------ [ 203.894302] WARNING: CPU: 0 PID: 1940 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.895322] Modules linked in: [ 203.895577] CPU: 0 PID: 1940 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.896261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.897137] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.897526] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.898955] RSP: 0018:ffff888015c57bb8 EFLAGS: 00010246 [ 203.899381] RAX: 0000000000000000 RBX: ffff8880128d68a8 RCX: 0000000000000000 [ 203.899934] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 203.900487] RBP: ffff888015c57bd0 R08: ffffed100251ad33 R09: ffffed100251ad33 [ 203.901114] R10: ffff8880128d6993 R11: ffffed100251ad32 R12: ffff888010c6c800 [ 203.901665] R13: ffff8880128d69e8 R14: ffffffff8352e670 R15: ffff888015c57e68 [ 203.902216] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.902853] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.903314] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 203.903871] PKRU: 55555554 [ 203.904093] Call Trace: [ 203.904292] [ 203.904468] __iommufd_access_detach+0x1c2/0x2b0 [ 203.904853] iommufd_access_change_pt+0x149/0x270 [ 203.905238] iommufd_access_replace+0xb4/0x120 [ 203.905604] iommufd_test+0x3e5/0x37e0 [ 203.905909] ? lock_release+0x532/0x770 [ 203.906226] ? __might_fault+0x102/0x1b0 [ 203.906565] ? lock_acquire+0x427/0x4c0 [ 203.906890] ? __pfx_iommufd_test+0x10/0x10 [ 203.907235] ? __pfx_lock_release+0x10/0x10 [ 203.907578] ? __pfx_lock_acquire+0x10/0x10 [ 203.907926] ? write_comp_data+0x2f/0x90 [ 203.908255] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.908642] ? write_comp_data+0x2f/0x90 [ 203.908970] iommufd_fops_ioctl+0x37d/0x510 [ 203.909313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.909702] ? write_comp_data+0x2f/0x90 [ 203.910032] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 203.910415] __x64_sys_ioctl+0x1a3/0x230 [ 203.910765] do_syscall_64+0x3b/0x90 [ 203.911070] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.911495] RIP: 0033:0x7f4b8743ee5d [ 203.911788] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 203.913203] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 203.913796] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 203.914350] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 203.914926] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 203.915502] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 203.916056] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 203.916616] [ 203.916802] irq event stamp: 0 [ 203.917050] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.917542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.918193] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.918863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.919371] ---[ end trace 0000000000000000 ]--- [ 203.922354] ------------[ cut here ]------------ [ 203.922797] WARNING: CPU: 0 PID: 1940 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.923645] Modules linked in: [ 203.924031] CPU: 0 PID: 1940 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.924716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.925588] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.925978] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.927603] RSP: 0018:ffff888015c57bd0 EFLAGS: 00010246 [ 203.928023] RAX: 0000000000000000 RBX: ffff8880128d68a8 RCX: 0000000000000000 [ 203.928575] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 203.929127] RBP: ffff888015c57be8 R08: ffffed100251ad33 R09: ffffed100251ad33 [ 203.929684] R10: ffff8880128d6993 R11: ffffed100251ad32 R12: ffff888010b0c000 [ 203.930291] R13: ffff8880128d69e8 R14: ffff88801381ab00 R15: 0000000000000000 [ 203.930970] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.931606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.932060] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.932617] PKRU: 55555554 [ 203.932838] Call Trace: [ 203.933098] [ 203.933277] iommufd_access_destroy_object+0x65/0x170 [ 203.933857] iommufd_object_destroy_user+0x18e/0x220 [ 203.934263] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 203.934753] iommufd_access_destroy+0x43/0x70 [ 203.935123] iommufd_test_staccess_release+0x8d/0xd0 [ 203.935535] __fput+0x26d/0xa40 [ 203.935810] ____fput+0x1e/0x30 [ 203.936077] task_work_run+0x1a4/0x2d0 [ 203.936393] ? __pfx_task_work_run+0x10/0x10 [ 203.936743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.937182] ? switch_task_namespaces+0xa9/0xe0 [ 203.937660] do_exit+0xb17/0x2ef0 [ 203.937937] ? lock_acquire+0x427/0x4c0 [ 203.938264] ? __pfx_lock_release+0x10/0x10 [ 203.938639] ? __kasan_check_write+0x18/0x20 [ 203.939003] ? do_raw_spin_lock+0x132/0x2a0 [ 203.939369] ? __pfx_do_exit+0x10/0x10 [ 203.939694] ? debug_smp_processor_id+0x20/0x30 [ 203.940076] ? rcu_is_watching+0x19/0xb0 [ 203.940411] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.940814] ? trace_hardirqs_on+0x26/0x120 [ 203.941332] do_group_exit+0xe0/0x2b0 [ 203.941649] __x64_sys_exit_group+0x47/0x50 [ 203.941997] do_syscall_64+0x3b/0x90 [ 203.942312] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.942766] RIP: 0033:0x7f4b87518a4d [ 203.943075] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.943580] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.944193] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.944960] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.945535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.946104] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.946704] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.947305] [ 203.947496] irq event stamp: 0 [ 203.947752] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.948337] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.949125] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.949802] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.950312] ---[ end trace 0000000000000000 ]--- [ 203.951043] ------------[ cut here ]------------ [ 203.951434] WARNING: CPU: 0 PID: 1940 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 203.952450] Modules linked in: [ 203.952712] CPU: 0 PID: 1940 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.953412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.954314] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 203.954754] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 203.956392] RSP: 0018:ffff888015c57b78 EFLAGS: 00010246 [ 203.956826] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 203.957396] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 203.957972] RBP: ffff888015c57b98 R08: ffffed100251ad3e R09: ffffed100251ad3e [ 203.958744] R10: ffff8880128d69ef R11: ffffed100251ad3d R12: ffff8880128d6a90 [ 203.959336] R13: ffff8880128d68a8 R14: ffffffffffffffff R15: ffff888015c57c60 [ 203.959911] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.960557] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.961024] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 203.961670] PKRU: 55555554 [ 203.961902] Call Trace: [ 203.962211] [ 203.962398] iommufd_ioas_destroy+0x53/0x70 [ 203.962773] iommufd_fops_release+0x1f7/0x370 [ 203.963153] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.963563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.963965] ? write_comp_data+0x2f/0x90 [ 203.964332] ? __pfx_iommufd_fops_release+0x10/0x10 [ 203.964891] __fput+0x26d/0xa40 [ 203.965226] ____fput+0x1e/0x30 [ 203.965505] task_work_run+0x1a4/0x2d0 [ 203.965832] ? __pfx_task_work_run+0x10/0x10 [ 203.966192] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.966612] ? switch_task_namespaces+0xa9/0xe0 [ 203.966999] do_exit+0xb17/0x2ef0 [ 203.967356] ? lock_acquire+0x427/0x4c0 [ 203.967806] ? __pfx_lock_release+0x10/0x10 [ 203.968160] ? __kasan_check_write+0x18/0x20 [ 203.968523] ? do_raw_spin_lock+0x132/0x2a0 [ 203.968873] ? __pfx_do_exit+0x10/0x10 [ 203.969198] ? debug_smp_processor_id+0x20/0x30 [ 203.969635] ? rcu_is_watching+0x19/0xb0 [ 203.970088] ? _raw_spin_unlock_irq+0x2b/0x60 [ 203.970462] ? trace_hardirqs_on+0x26/0x120 [ 203.970846] do_group_exit+0xe0/0x2b0 [ 203.971173] __x64_sys_exit_group+0x47/0x50 [ 203.971525] do_syscall_64+0x3b/0x90 [ 203.971838] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 203.972263] RIP: 0033:0x7f4b87518a4d [ 203.972563] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 203.973057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 203.973883] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 203.974452] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 203.975039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 203.975626] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 203.976196] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 203.976794] [ 203.977033] irq event stamp: 0 [ 203.977391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 203.977900] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 203.978611] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 203.979303] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 203.979811] ---[ end trace 0000000000000000 ]--- [ 203.983701] ------------[ cut here ]------------ [ 203.984101] WARNING: CPU: 0 PID: 1941 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 203.984922] Modules linked in: [ 203.985183] CPU: 0 PID: 1941 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 203.985883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 203.986986] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 203.987404] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 203.988866] RSP: 0018:ffff88800e9cfbb8 EFLAGS: 00010246 [ 203.989297] RAX: 0000000000000000 RBX: ffff88800f0630a8 RCX: 0000000000000000 [ 203.989876] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 203.990451] RBP: ffff88800e9cfbd0 R08: ffffed1001e0c633 R09: ffffed1001e0c633 [ 203.991051] R10: ffff88800f063193 R11: ffffed1001e0c632 R12: ffff88802081d800 [ 203.991635] R13: ffff88800f0631e8 R14: ffffffff8352e670 R15: ffff88800e9cfe68 [ 203.992206] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 203.992850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.993318] CR2: 00007f4b877410e8 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 203.993893] PKRU: 55555554 [ 203.994123] Call Trace: [ 203.994329] [ 203.994530] __iommufd_access_detach+0x1c2/0x2b0 [ 203.994926] iommufd_access_change_pt+0x149/0x270 [ 203.995342] iommufd_access_replace+0xb4/0x120 [ 203.995722] iommufd_test+0x3e5/0x37e0 [ 203.996037] ? lock_release+0x532/0x770 [ 203.996373] ? __might_fault+0x102/0x1b0 [ 203.996709] ? lock_acquire+0x427/0x4c0 [ 203.997103] ? __pfx_iommufd_test+0x10/0x10 [ 203.997457] ? __pfx_lock_release+0x10/0x10 [ 203.997825] ? __pfx_lock_acquire+0x10/0x10 [ 203.998198] ? write_comp_data+0x2f/0x90 [ 203.998576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 203.998998] ? write_comp_data+0x2f/0x90 [ 203.999360] iommufd_fops_ioctl+0x37d/0x510 [ 203.999728] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.000145] ? write_comp_data+0x2f/0x90 [ 204.000500] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.000909] __x64_sys_ioctl+0x1a3/0x230 [ 204.001263] do_syscall_64+0x3b/0x90 [ 204.001588] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.002030] RIP: 0033:0x7f4b8743ee5d [ 204.002341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.003890] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.004529] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.005123] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.005716] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.006310] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.006923] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.007536] [ 204.007735] irq event stamp: 0 [ 204.008000] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.008526] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.009230] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.009925] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.010453] ---[ end trace 0000000000000000 ]--- [ 204.013478] ------------[ cut here ]------------ [ 204.013908] WARNING: CPU: 0 PID: 1941 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.014795] Modules linked in: [ 204.015070] CPU: 0 PID: 1941 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.016030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.016972] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.017389] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.019360] RSP: 0018:ffff88800e9cfbd0 EFLAGS: 00010246 [ 204.019817] RAX: 0000000000000000 RBX: ffff88800f0630a8 RCX: 0000000000000000 [ 204.020415] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 204.021004] RBP: ffff88800e9cfbe8 R08: ffffed1001e0c633 R09: ffffed1001e0c633 [ 204.021599] R10: ffff88800f063193 R11: ffffed1001e0c632 R12: ffff888010c6ec00 [ 204.022194] R13: ffff88800f0631e8 R14: ffff88800fa29800 R15: 0000000000000000 [ 204.023000] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.023694] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.024182] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 204.024780] PKRU: 55555554 [ 204.025021] Call Trace: [ 204.025236] [ 204.025431] iommufd_access_destroy_object+0x65/0x170 [ 204.025909] iommufd_object_destroy_user+0x18e/0x220 [ 204.026494] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.027016] iommufd_access_destroy+0x43/0x70 [ 204.027424] iommufd_test_staccess_release+0x8d/0xd0 [ 204.027863] __fput+0x26d/0xa40 [ 204.028156] ____fput+0x1e/0x30 [ 204.028443] task_work_run+0x1a4/0x2d0 [ 204.028781] ? __pfx_task_work_run+0x10/0x10 [ 204.029235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.029741] ? switch_task_namespaces+0xa9/0xe0 [ 204.030266] do_exit+0xb17/0x2ef0 [ 204.030587] ? lock_acquire+0x427/0x4c0 [ 204.030936] ? __pfx_lock_release+0x10/0x10 [ 204.031312] ? __kasan_check_write+0x18/0x20 [ 204.031689] ? do_raw_spin_lock+0x132/0x2a0 [ 204.032058] ? __pfx_do_exit+0x10/0x10 [ 204.032394] ? debug_smp_processor_id+0x20/0x30 [ 204.032795] ? rcu_is_watching+0x19/0xb0 [ 204.033141] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.033622] ? trace_hardirqs_on+0x26/0x120 [ 204.034109] do_group_exit+0xe0/0x2b0 [ 204.034435] __x64_sys_exit_group+0x47/0x50 [ 204.034816] do_syscall_64+0x3b/0x90 [ 204.035146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.035590] RIP: 0033:0x7f4b87518a4d [ 204.035904] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.036420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.037058] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.037864] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.038465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.039082] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.039689] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.040291] [ 204.040495] irq event stamp: 0 [ 204.040763] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.041484] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.042200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.042930] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.043498] ---[ end trace 0000000000000000 ]--- [ 204.044250] ------------[ cut here ]------------ [ 204.044744] WARNING: CPU: 0 PID: 1941 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.045745] Modules linked in: [ 204.046024] CPU: 0 PID: 1941 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.046799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.047776] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.048297] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.049972] RSP: 0018:ffff88800e9cfb78 EFLAGS: 00010246 [ 204.050428] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.051058] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 204.051717] RBP: ffff88800e9cfb98 R08: ffffed1001e0c63e R09: ffffed1001e0c63e [ 204.052486] R10: ffff88800f0631ef R11: ffffed1001e0c63d R12: ffff88800f063290 [ 204.053095] R13: ffff88800f0630a8 R14: ffffffffffffffff R15: ffff88800e9cfc60 [ 204.053705] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.054393] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.054936] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 204.055725] PKRU: 55555554 [ 204.055969] Call Trace: [ 204.056187] [ 204.056384] iommufd_ioas_destroy+0x53/0x70 [ 204.056761] iommufd_fops_release+0x1f7/0x370 [ 204.057150] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.057580] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.058012] ? write_comp_data+0x2f/0x90 [ 204.058376] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.058928] __fput+0x26d/0xa40 [ 204.059348] ____fput+0x1e/0x30 [ 204.059641] task_work_run+0x1a4/0x2d0 [ 204.059986] ? __pfx_task_work_run+0x10/0x10 [ 204.060371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.060791] ? switch_task_namespaces+0xa9/0xe0 [ 204.061258] do_exit+0xb17/0x2ef0 [ 204.061555] ? lock_acquire+0x427/0x4c0 [ 204.061901] ? __pfx_lock_release+0x10/0x10 [ 204.062279] ? __kasan_check_write+0x18/0x20 [ 204.062767] ? do_raw_spin_lock+0x132/0x2a0 [ 204.063268] ? __pfx_do_exit+0x10/0x10 [ 204.063613] ? debug_smp_processor_id+0x20/0x30 [ 204.064014] ? rcu_is_watching+0x19/0xb0 [ 204.064366] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.064761] ? trace_hardirqs_on+0x26/0x120 [ 204.065146] do_group_exit+0xe0/0x2b0 [ 204.065474] __x64_sys_exit_group+0x47/0x50 [ 204.065844] do_syscall_64+0x3b/0x90 [ 204.066177] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.066849] RIP: 0033:0x7f4b87518a4d [ 204.067180] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.067707] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.068360] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.068970] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.069578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.070188] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.070826] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.071460] [ 204.071662] irq event stamp: 0 [ 204.071936] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.072479] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.073192] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.073902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.074442] ---[ end trace 0000000000000000 ]--- [ 204.081622] ------------[ cut here ]------------ [ 204.082266] WARNING: CPU: 1 PID: 1942 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.083669] Modules linked in: [ 204.084066] CPU: 1 PID: 1942 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.085216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.086636] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.087315] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.089563] RSP: 0018:ffff888024667bb8 EFLAGS: 00010246 [ 204.090194] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 204.091195] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 204.092036] RBP: ffff888024667bd0 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 204.092994] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff88800a724000 [ 204.093836] R13: ffff8880171ba9e8 R14: ffffffff8352e670 R15: ffff888024667e68 [ 204.094759] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.095776] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.096468] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 204.097467] PKRU: 55555554 [ 204.097811] Call Trace: [ 204.098119] [ 204.098395] __iommufd_access_detach+0x1c2/0x2b0 [ 204.099202] iommufd_access_change_pt+0x149/0x270 [ 204.099805] iommufd_access_replace+0xb4/0x120 [ 204.100370] iommufd_test+0x3e5/0x37e0 [ 204.100910] ? lock_release+0x532/0x770 [ 204.101490] ? __might_fault+0x102/0x1b0 [ 204.101991] ? lock_acquire+0x427/0x4c0 [ 204.102484] ? __pfx_iommufd_test+0x10/0x10 [ 204.103212] ? __pfx_lock_release+0x10/0x10 [ 204.103746] ? __pfx_lock_acquire+0x10/0x10 [ 204.104282] ? write_comp_data+0x2f/0x90 [ 204.104783] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.105372] ? write_comp_data+0x2f/0x90 [ 204.105942] iommufd_fops_ioctl+0x37d/0x510 [ 204.106585] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.107204] ? write_comp_data+0x2f/0x90 [ 204.107707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.108456] __x64_sys_ioctl+0x1a3/0x230 [ 204.108963] do_syscall_64+0x3b/0x90 [ 204.109426] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.110101] RIP: 0033:0x7f4b8743ee5d [ 204.110665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.112947] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.113846] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.114846] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.115705] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.116576] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.117470] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.118326] [ 204.118659] irq event stamp: 0 [ 204.119044] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.119803] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.120784] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.121760] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.122548] ---[ end trace 0000000000000000 ]--- [ 204.125871] ------------[ cut here ]------------ [ 204.126299] WARNING: CPU: 0 PID: 1942 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.127184] Modules linked in: [ 204.127445] CPU: 0 PID: 1942 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.128144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.129043] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.129443] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.130913] RSP: 0018:ffff888024667bd0 EFLAGS: 00010246 [ 204.131344] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 204.131907] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 204.132469] RBP: ffff888024667be8 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 204.133033] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff888012e94800 [ 204.133598] R13: ffff8880171ba9e8 R14: ffff88800fa76200 R15: 0000000000000000 [ 204.134167] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.134839] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.135327] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 204.135906] PKRU: 55555554 [ 204.136141] Call Trace: [ 204.136349] [ 204.136535] iommufd_access_destroy_object+0x65/0x170 [ 204.136958] iommufd_object_destroy_user+0x18e/0x220 [ 204.137379] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.137859] iommufd_access_destroy+0x43/0x70 [ 204.138234] iommufd_test_staccess_release+0x8d/0xd0 [ 204.138677] __fput+0x26d/0xa40 [ 204.138966] ____fput+0x1e/0x30 [ 204.139270] task_work_run+0x1a4/0x2d0 [ 204.139603] ? __pfx_task_work_run+0x10/0x10 [ 204.139969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.140378] ? switch_task_namespaces+0xa9/0xe0 [ 204.140771] do_exit+0xb17/0x2ef0 [ 204.141053] ? lock_acquire+0x427/0x4c0 [ 204.141383] ? __pfx_lock_release+0x10/0x10 [ 204.141744] ? __kasan_check_write+0x18/0x20 [ 204.142104] ? do_raw_spin_lock+0x132/0x2a0 [ 204.142455] ? __pfx_do_exit+0x10/0x10 [ 204.142803] ? debug_smp_processor_id+0x20/0x30 [ 204.143195] ? rcu_is_watching+0x19/0xb0 [ 204.143538] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.143917] ? trace_hardirqs_on+0x26/0x120 [ 204.144278] do_group_exit+0xe0/0x2b0 [ 204.144597] __x64_sys_exit_group+0x47/0x50 [ 204.145359] do_syscall_64+0x3b/0x90 [ 204.145677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.146098] RIP: 0033:0x7f4b87518a4d [ 204.146395] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.146953] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.147605] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.148200] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.148805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.149403] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.150012] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.150653] [ 204.150858] irq event stamp: 0 [ 204.151147] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.151692] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.152418] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.153132] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.153674] ---[ end trace 0000000000000000 ]--- [ 204.154869] ------------[ cut here ]------------ [ 204.155300] WARNING: CPU: 0 PID: 1942 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.156183] Modules linked in: [ 204.156465] CPU: 0 PID: 1942 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.157297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.158458] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.158935] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.160517] RSP: 0018:ffff888024667b78 EFLAGS: 00010246 [ 204.161222] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.161836] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 204.162447] RBP: ffff888024667b98 R08: ffffed1002e3753e R09: ffffed1002e3753e [ 204.163079] R10: ffff8880171ba9ef R11: ffffed1002e3753d R12: ffff8880171baa90 [ 204.163741] R13: ffff8880171ba8a8 R14: ffffffffffffffff R15: ffff888024667c60 [ 204.164537] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.165235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.165739] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 204.166426] PKRU: 55555554 [ 204.166881] Call Trace: [ 204.167135] [ 204.167344] iommufd_ioas_destroy+0x53/0x70 [ 204.167751] iommufd_fops_release+0x1f7/0x370 [ 204.168171] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.168629] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.169082] ? write_comp_data+0x2f/0x90 [ 204.169499] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.170163] __fput+0x26d/0xa40 [ 204.170499] ____fput+0x1e/0x30 [ 204.170848] task_work_run+0x1a4/0x2d0 [ 204.171244] ? __pfx_task_work_run+0x10/0x10 [ 204.171666] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.172122] ? switch_task_namespaces+0xa9/0xe0 [ 204.172559] do_exit+0xb17/0x2ef0 [ 204.172879] ? lock_acquire+0x427/0x4c0 [ 204.173370] ? __pfx_lock_release+0x10/0x10 [ 204.173944] ? __kasan_check_write+0x18/0x20 [ 204.174353] ? do_raw_spin_lock+0x132/0x2a0 [ 204.174775] ? __pfx_do_exit+0x10/0x10 [ 204.175163] ? debug_smp_processor_id+0x20/0x30 [ 204.175594] ? rcu_is_watching+0x19/0xb0 [ 204.175969] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.176531] ? trace_hardirqs_on+0x26/0x120 [ 204.177245] do_group_exit+0xe0/0x2b0 [ 204.177607] __x64_sys_exit_group+0x47/0x50 [ 204.177998] do_syscall_64+0x3b/0x90 [ 204.178348] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.178878] RIP: 0033:0x7f4b87518a4d [ 204.179658] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.180240] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.180932] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.181585] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.182727] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.183404] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.184066] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.184736] [ 204.184951] irq event stamp: 0 [ 204.185423] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.186175] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.186979] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.187767] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.188352] ---[ end trace 0000000000000000 ]--- [ 204.193241] ------------[ cut here ]------------ [ 204.193756] WARNING: CPU: 0 PID: 1943 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.194787] Modules linked in: [ 204.195100] CPU: 0 PID: 1943 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.195933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.196979] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.197452] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.199339] RSP: 0018:ffff888017007bb8 EFLAGS: 00010246 [ 204.199894] RAX: 0000000000000000 RBX: ffff888010b7e8a8 RCX: 0000000000000000 [ 204.200617] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 204.201333] RBP: ffff888017007bd0 R08: ffffed100216fd33 R09: ffffed100216fd33 [ 204.202054] R10: ffff888010b7e993 R11: ffffed100216fd32 R12: ffff88801341f400 [ 204.202799] R13: ffff888010b7e9e8 R14: ffffffff8352e670 R15: ffff888017007e68 [ 204.203563] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.204380] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.204985] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 204.205722] PKRU: 55555554 [ 204.206022] Call Trace: [ 204.206296] [ 204.206563] __iommufd_access_detach+0x1c2/0x2b0 [ 204.207076] iommufd_access_change_pt+0x149/0x270 [ 204.207608] iommufd_access_replace+0xb4/0x120 [ 204.208097] iommufd_test+0x3e5/0x37e0 [ 204.208506] ? lock_release+0x532/0x770 [ 204.208926] ? __might_fault+0x102/0x1b0 [ 204.209353] ? lock_acquire+0x427/0x4c0 [ 204.209774] ? __pfx_iommufd_test+0x10/0x10 [ 204.210214] ? __pfx_lock_release+0x10/0x10 [ 204.210710] ? __pfx_lock_acquire+0x10/0x10 [ 204.211193] ? write_comp_data+0x2f/0x90 [ 204.211630] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.212139] ? write_comp_data+0x2f/0x90 [ 204.212570] iommufd_fops_ioctl+0x37d/0x510 [ 204.213025] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.213544] ? write_comp_data+0x2f/0x90 [ 204.213973] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.214467] __x64_sys_ioctl+0x1a3/0x230 [ 204.214932] do_syscall_64+0x3b/0x90 [ 204.215348] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.215894] RIP: 0033:0x7f4b8743ee5d [ 204.216276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.218146] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.218970] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.219724] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.220452] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.221262] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.222014] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.222796] [ 204.223044] irq event stamp: 0 [ 204.223389] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.224041] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.224898] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.225752] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.226392] ---[ end trace 0000000000000000 ]--- [ 204.229588] ------------[ cut here ]------------ [ 204.230104] WARNING: CPU: 0 PID: 1943 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.231175] Modules linked in: [ 204.231507] CPU: 0 PID: 1943 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.232398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.233533] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.234041] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.235939] RSP: 0018:ffff888017007bd0 EFLAGS: 00010246 [ 204.236491] RAX: 0000000000000000 RBX: ffff888010b7e8a8 RCX: 0000000000000000 [ 204.237211] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 204.237937] RBP: ffff888017007be8 R08: ffffed100216fd33 R09: ffffed100216fd33 [ 204.238694] R10: ffff888010b7e993 R11: ffffed100216fd32 R12: ffff88802081d000 [ 204.239437] R13: ffff888010b7e9e8 R14: ffff888021855900 R15: 0000000000000000 [ 204.240171] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.241019] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.241621] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 204.242348] PKRU: 55555554 [ 204.242674] Call Trace: [ 204.242947] [ 204.243200] iommufd_access_destroy_object+0x65/0x170 [ 204.243732] iommufd_object_destroy_user+0x18e/0x220 [ 204.244262] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.244870] iommufd_access_destroy+0x43/0x70 [ 204.245351] iommufd_test_staccess_release+0x8d/0xd0 [ 204.245884] __fput+0x26d/0xa40 [ 204.246247] ____fput+0x1e/0x30 [ 204.246635] task_work_run+0x1a4/0x2d0 [ 204.247047] ? __pfx_task_work_run+0x10/0x10 [ 204.247515] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.248024] ? switch_task_namespaces+0xa9/0xe0 [ 204.248515] do_exit+0xb17/0x2ef0 [ 204.248871] ? lock_acquire+0x427/0x4c0 [ 204.249281] ? __pfx_lock_release+0x10/0x10 [ 204.249727] ? __kasan_check_write+0x18/0x20 [ 204.250188] ? do_raw_spin_lock+0x132/0x2a0 [ 204.250669] ? __pfx_do_exit+0x10/0x10 [ 204.251089] ? debug_smp_processor_id+0x20/0x30 [ 204.251596] ? rcu_is_watching+0x19/0xb0 [ 204.252016] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.252491] ? trace_hardirqs_on+0x26/0x120 [ 204.253032] do_group_exit+0xe0/0x2b0 [ 204.253434] __x64_sys_exit_group+0x47/0x50 [ 204.253881] do_syscall_64+0x3b/0x90 [ 204.254282] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.254858] RIP: 0033:0x7f4b87518a4d [ 204.255261] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.255897] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.256682] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.257416] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.258141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.258893] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.259639] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.260388] [ 204.260638] irq event stamp: 0 [ 204.260965] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.261605] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.262460] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.263364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.264004] ---[ end trace 0000000000000000 ]--- [ 204.264872] ------------[ cut here ]------------ [ 204.265353] WARNING: CPU: 0 PID: 1943 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.266398] Modules linked in: [ 204.266756] CPU: 0 PID: 1943 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.267675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.268827] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.269357] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.271266] RSP: 0018:ffff888017007b78 EFLAGS: 00010246 [ 204.271833] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.272564] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 204.273286] RBP: ffff888017007b98 R08: ffffed100216fd3e R09: ffffed100216fd3e [ 204.274010] R10: ffff888010b7e9ef R11: ffffed100216fd3d R12: ffff888010b7ea90 [ 204.274769] R13: ffff888010b7e8a8 R14: ffffffffffffffff R15: ffff888017007c60 [ 204.275527] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.276355] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.276955] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 204.277689] PKRU: 55555554 [ 204.277986] Call Trace: [ 204.278249] [ 204.278490] iommufd_ioas_destroy+0x53/0x70 [ 204.278978] iommufd_fops_release+0x1f7/0x370 [ 204.279472] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.279995] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.280508] ? write_comp_data+0x2f/0x90 [ 204.280928] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.281433] __fput+0x26d/0xa40 [ 204.281788] ____fput+0x1e/0x30 [ 204.282132] task_work_run+0x1a4/0x2d0 [ 204.282568] ? __pfx_task_work_run+0x10/0x10 [ 204.283035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.283560] ? switch_task_namespaces+0xa9/0xe0 [ 204.284043] do_exit+0xb17/0x2ef0 [ 204.284397] ? lock_acquire+0x427/0x4c0 [ 204.284812] ? __pfx_lock_release+0x10/0x10 [ 204.285324] ? __kasan_check_write+0x18/0x20 [ 204.285782] ? do_raw_spin_lock+0x132/0x2a0 [ 204.286282] ? __pfx_do_exit+0x10/0x10 [ 204.286716] ? debug_smp_processor_id+0x20/0x30 [ 204.287207] ? rcu_is_watching+0x19/0xb0 [ 204.287641] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.288115] ? trace_hardirqs_on+0x26/0x120 [ 204.288571] do_group_exit+0xe0/0x2b0 [ 204.288973] __x64_sys_exit_group+0x47/0x50 [ 204.289416] do_syscall_64+0x3b/0x90 [ 204.289817] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.290365] RIP: 0033:0x7f4b87518a4d [ 204.290783] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.291420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.292202] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.292923] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.293643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.294366] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.295064] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.295772] [ 204.296001] irq event stamp: 0 [ 204.296298] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.296885] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.297671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.298450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.299068] ---[ end trace 0000000000000000 ]--- [ 204.303777] ------------[ cut here ]------------ [ 204.304268] WARNING: CPU: 0 PID: 1944 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.305199] Modules linked in: [ 204.305497] CPU: 0 PID: 1944 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.306300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.307405] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.307873] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.309579] RSP: 0018:ffff888015e97bb8 EFLAGS: 00010246 [ 204.310071] RAX: 0000000000000000 RBX: ffff8880143a08a8 RCX: 0000000000000000 [ 204.310755] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 204.311438] RBP: ffff888015e97bd0 R08: ffffed1002874133 R09: ffffed1002874133 [ 204.312109] R10: ffff8880143a0993 R11: ffffed1002874132 R12: ffff888013b21c00 [ 204.312783] R13: ffff8880143a09e8 R14: ffffffff8352e670 R15: ffff888015e97e68 [ 204.313457] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.314205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.314767] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 204.315460] PKRU: 55555554 [ 204.315729] Call Trace: [ 204.315968] [ 204.316181] __iommufd_access_detach+0x1c2/0x2b0 [ 204.316643] iommufd_access_change_pt+0x149/0x270 [ 204.317160] iommufd_access_replace+0xb4/0x120 [ 204.317605] iommufd_test+0x3e5/0x37e0 [ 204.317979] ? lock_release+0x532/0x770 [ 204.318371] ? __might_fault+0x102/0x1b0 [ 204.318784] ? lock_acquire+0x427/0x4c0 [ 204.319180] ? __pfx_iommufd_test+0x10/0x10 [ 204.319586] ? __pfx_lock_release+0x10/0x10 [ 204.319996] ? __pfx_lock_acquire+0x10/0x10 [ 204.320411] ? write_comp_data+0x2f/0x90 [ 204.320809] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.321274] ? write_comp_data+0x2f/0x90 [ 204.321672] iommufd_fops_ioctl+0x37d/0x510 [ 204.322090] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.322604] ? write_comp_data+0x2f/0x90 [ 204.322997] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.323465] __x64_sys_ioctl+0x1a3/0x230 [ 204.323855] do_syscall_64+0x3b/0x90 [ 204.324215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.324706] RIP: 0033:0x7f4b8743ee5d [ 204.325056] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.326771] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.327494] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.328159] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.328827] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.329495] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.330158] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.330863] [ 204.331084] irq event stamp: 0 [ 204.331406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.331992] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.332780] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.333573] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.334156] ---[ end trace 0000000000000000 ]--- [ 204.337240] ------------[ cut here ]------------ [ 204.337717] WARNING: CPU: 0 PID: 1944 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.338689] Modules linked in: [ 204.338993] CPU: 0 PID: 1944 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.339812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.340854] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.341317] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.343027] RSP: 0018:ffff888015e97bd0 EFLAGS: 00010246 [ 204.343544] RAX: 0000000000000000 RBX: ffff8880143a08a8 RCX: 0000000000000000 [ 204.344203] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 204.344869] RBP: ffff888015e97be8 R08: ffffed1002874133 R09: ffffed1002874133 [ 204.345532] R10: ffff8880143a0993 R11: ffffed1002874132 R12: ffff88801341d800 [ 204.346194] R13: ffff8880143a09e8 R14: ffff88800f19ea00 R15: 0000000000000000 [ 204.346882] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.347646] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.348188] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 204.348861] PKRU: 55555554 [ 204.349192] Call Trace: [ 204.349435] [ 204.349650] iommufd_access_destroy_object+0x65/0x170 [ 204.350144] iommufd_object_destroy_user+0x18e/0x220 [ 204.350649] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.351205] iommufd_access_destroy+0x43/0x70 [ 204.351636] iommufd_test_staccess_release+0x8d/0xd0 [ 204.352121] __fput+0x26d/0xa40 [ 204.352446] ____fput+0x1e/0x30 [ 204.352766] task_work_run+0x1a4/0x2d0 [ 204.353144] ? __pfx_task_work_run+0x10/0x10 [ 204.353565] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.354036] ? switch_task_namespaces+0xa9/0xe0 [ 204.354492] do_exit+0xb17/0x2ef0 [ 204.354845] ? lock_acquire+0x427/0x4c0 [ 204.355244] ? __pfx_lock_release+0x10/0x10 [ 204.355659] ? __kasan_check_write+0x18/0x20 [ 204.356077] ? do_raw_spin_lock+0x132/0x2a0 [ 204.356488] ? __pfx_do_exit+0x10/0x10 [ 204.356876] ? debug_smp_processor_id+0x20/0x30 [ 204.357322] ? rcu_is_watching+0x19/0xb0 [ 204.357708] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.358140] ? trace_hardirqs_on+0x26/0x120 [ 204.358572] do_group_exit+0xe0/0x2b0 [ 204.358933] __x64_sys_exit_group+0x47/0x50 [ 204.359356] do_syscall_64+0x3b/0x90 [ 204.359717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.360208] RIP: 0033:0x7f4b87518a4d [ 204.360558] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.361139] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.361853] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.362549] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.363238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.363905] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.364571] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.365245] [ 204.365471] irq event stamp: 0 [ 204.365766] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.366354] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.367170] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.367959] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.368567] ---[ end trace 0000000000000000 ]--- [ 204.369378] ------------[ cut here ]------------ [ 204.369821] WARNING: CPU: 0 PID: 1944 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.370802] Modules linked in: [ 204.371109] CPU: 0 PID: 1944 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.371945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.372998] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.373482] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.375207] RSP: 0018:ffff888015e97b78 EFLAGS: 00010246 [ 204.375711] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.376369] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 204.377034] RBP: ffff888015e97b98 R08: ffffed100287413e R09: ffffed100287413e [ 204.377695] R10: ffff8880143a09ef R11: ffffed100287413d R12: ffff8880143a0a90 [ 204.378360] R13: ffff8880143a08a8 R14: ffffffffffffffff R15: ffff888015e97c60 [ 204.379044] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.379810] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.380346] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 204.381077] PKRU: 55555554 [ 204.381349] Call Trace: [ 204.381590] [ 204.381800] iommufd_ioas_destroy+0x53/0x70 [ 204.382213] iommufd_fops_release+0x1f7/0x370 [ 204.382665] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.383028] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 204.383145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.385746] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 204.386158] ? write_comp_data+0x2f/0x90 [ 204.388375] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.388860] __fput+0x26d/0xa40 [ 204.389194] ____fput+0x1e/0x30 [ 204.389522] task_work_run+0x1a4/0x2d0 [ 204.389910] ? __pfx_task_work_run+0x10/0x10 [ 204.390339] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.390847] ? switch_task_namespaces+0xa9/0xe0 [ 204.391366] do_exit+0xb17/0x2ef0 [ 204.391736] ? lock_acquire+0x427/0x4c0 [ 204.392159] ? __pfx_lock_release+0x10/0x10 [ 204.392742] ? __kasan_check_write+0x18/0x20 [ 204.393201] ? do_raw_spin_lock+0x132/0x2a0 [ 204.393645] ? __pfx_do_exit+0x10/0x10 [ 204.394055] ? debug_smp_processor_id+0x20/0x30 [ 204.394569] ? rcu_is_watching+0x19/0xb0 [ 204.394985] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.395469] ? trace_hardirqs_on+0x26/0x120 [ 204.395913] do_group_exit+0xe0/0x2b0 [ 204.396304] __x64_sys_exit_group+0x47/0x50 [ 204.396738] do_syscall_64+0x3b/0x90 [ 204.397123] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.397653] RIP: 0033:0x7f4b87518a4d [ 204.398029] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.398671] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.399450] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.400177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.400908] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.401626] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.402342] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.403094] [ 204.403351] irq event stamp: 0 [ 204.403668] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.404307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.405145] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.405999] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.406668] ---[ end trace 0000000000000000 ]--- [ 204.417633] ------------[ cut here ]------------ [ 204.418203] WARNING: CPU: 0 PID: 1946 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.419354] Modules linked in: [ 204.419682] CPU: 0 PID: 1946 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.420567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.421702] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.422211] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.424118] RSP: 0018:ffff888015ebfbb8 EFLAGS: 00010246 [ 204.424669] RAX: 0000000000000000 RBX: ffff888015b110a8 RCX: 0000000000000000 [ 204.425384] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 204.426105] RBP: ffff888015ebfbd0 R08: ffffed1002b62233 R09: ffffed1002b62233 [ 204.426862] R10: ffff888015b11193 R11: ffffed1002b62232 R12: ffff888010825400 [ 204.427615] R13: ffff888015b111e8 R14: ffffffff8352e670 R15: ffff888015ebfe68 [ 204.428332] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 204.429147] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.429730] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 204.430460] PKRU: 55555554 [ 204.430796] Call Trace: [ 204.431058] [ 204.431300] __iommufd_access_detach+0x1c2/0x2b0 [ 204.431810] iommufd_access_change_pt+0x149/0x270 [ 204.432306] iommufd_access_replace+0xb4/0x120 [ 204.432778] iommufd_test+0x3e5/0x37e0 [ 204.433180] ? lock_release+0x532/0x770 [ 204.433595] ? __might_fault+0x102/0x1b0 [ 204.434022] ? lock_acquire+0x427/0x4c0 [ 204.434440] ? __pfx_iommufd_test+0x10/0x10 [ 204.434920] ? __pfx_lock_release+0x10/0x10 [ 204.435387] ? __pfx_lock_acquire+0x10/0x10 [ 204.435841] ? write_comp_data+0x2f/0x90 [ 204.436273] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.436771] ? write_comp_data+0x2f/0x90 [ 204.437191] iommufd_fops_ioctl+0x37d/0x510 [ 204.437644] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.438161] ? write_comp_data+0x2f/0x90 [ 204.438653] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.439166] __x64_sys_ioctl+0x1a3/0x230 [ 204.439590] do_syscall_64+0x3b/0x90 [ 204.439984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.440528] RIP: 0033:0x7f4b8743ee5d [ 204.440910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.442782] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.443575] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.444298] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.445102] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.445823] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.446578] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.447317] [ 204.447561] irq event stamp: 0 [ 204.447889] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.448550] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.449394] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.450255] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.450936] ---[ end trace 0000000000000000 ]--- [ 204.456100] ------------[ cut here ]------------ [ 204.456796] WARNING: CPU: 1 PID: 1946 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.458112] Modules linked in: [ 204.458634] CPU: 1 PID: 1946 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.459810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.461303] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.461998] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.464535] RSP: 0018:ffff888015ebfbd0 EFLAGS: 00010246 [ 204.465288] RAX: 0000000000000000 RBX: ffff888015b110a8 RCX: 0000000000000000 [ 204.466273] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 204.467338] RBP: ffff888015ebfbe8 R08: ffffed1002b62233 R09: ffffed1002b62233 [ 204.468544] R10: ffff888015b11193 R11: ffffed1002b62232 R12: ffff888013b22c00 [ 204.469616] R13: ffff888015b111e8 R14: ffff888013cc1a00 R15: 0000000000000000 [ 204.470639] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.471820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.472717] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.473629] PKRU: 55555554 [ 204.474056] Call Trace: [ 204.474671] [ 204.474989] iommufd_access_destroy_object+0x65/0x170 [ 204.475697] iommufd_object_destroy_user+0x18e/0x220 [ 204.476386] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.477408] iommufd_access_destroy+0x43/0x70 [ 204.478019] iommufd_test_staccess_release+0x8d/0xd0 [ 204.478807] __fput+0x26d/0xa40 [ 204.479322] ____fput+0x1e/0x30 [ 204.480004] task_work_run+0x1a4/0x2d0 [ 204.480555] ? __pfx_task_work_run+0x10/0x10 [ 204.481164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.481933] ? switch_task_namespaces+0xa9/0xe0 [ 204.482767] do_exit+0xb17/0x2ef0 [ 204.483291] ? lock_acquire+0x427/0x4c0 [ 204.483849] ? __pfx_lock_release+0x10/0x10 [ 204.484491] ? __kasan_check_write+0x18/0x20 [ 204.485182] ? do_raw_spin_lock+0x132/0x2a0 [ 204.485762] ? __pfx_do_exit+0x10/0x10 [ 204.486306] ? debug_smp_processor_id+0x20/0x30 [ 204.487138] ? rcu_is_watching+0x19/0xb0 [ 204.487772] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.488409] ? trace_hardirqs_on+0x26/0x120 [ 204.488995] do_group_exit+0xe0/0x2b0 [ 204.489509] __x64_sys_exit_group+0x47/0x50 [ 204.490268] do_syscall_64+0x3b/0x90 [ 204.490859] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.491607] RIP: 0033:0x7f4b87518a4d [ 204.492117] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.493098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.494100] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.495333] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.496289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.497268] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.498354] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.499431] [ 204.499940] irq event stamp: 0 [ 204.500380] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.501242] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.502625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.503745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.504783] ---[ end trace 0000000000000000 ]--- [ 204.506340] ------------[ cut here ]------------ [ 204.507214] WARNING: CPU: 1 PID: 1946 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.508537] Modules linked in: [ 204.508988] CPU: 1 PID: 1946 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.510362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.512029] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.512758] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.515396] RSP: 0018:ffff888015ebfb78 EFLAGS: 00010246 [ 204.516079] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.517070] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 204.518082] RBP: ffff888015ebfb98 R08: ffffed1002b6223e R09: ffffed1002b6223e [ 204.519049] R10: ffff888015b111ef R11: ffffed1002b6223d R12: ffff888015b11290 [ 204.520162] R13: ffff888015b110a8 R14: ffffffffffffffff R15: ffff888015ebfc60 [ 204.521087] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.522315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.523099] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.524024] PKRU: 55555554 [ 204.524471] Call Trace: [ 204.524906] [ 204.525209] iommufd_ioas_destroy+0x53/0x70 [ 204.525786] iommufd_fops_release+0x1f7/0x370 [ 204.526385] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.527408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.527923] ? write_comp_data+0x2f/0x90 [ 204.528333] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.528829] __fput+0x26d/0xa40 [ 204.529169] ____fput+0x1e/0x30 [ 204.529910] task_work_run+0x1a4/0x2d0 [ 204.530323] ? __pfx_task_work_run+0x10/0x10 [ 204.530830] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.531363] ? switch_task_namespaces+0xa9/0xe0 [ 204.531836] do_exit+0xb17/0x2ef0 [ 204.532347] ? lock_acquire+0x427/0x4c0 [ 204.532869] ? __pfx_lock_release+0x10/0x10 [ 204.533299] ? __kasan_check_write+0x18/0x20 [ 204.533733] ? do_raw_spin_lock+0x132/0x2a0 [ 204.534156] ? __pfx_do_exit+0x10/0x10 [ 204.534722] ? debug_smp_processor_id+0x20/0x30 [ 204.535211] ? rcu_is_watching+0x19/0xb0 [ 204.535617] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.536071] ? trace_hardirqs_on+0x26/0x120 [ 204.536507] do_group_exit+0xe0/0x2b0 [ 204.536917] __x64_sys_exit_group+0x47/0x50 [ 204.537530] do_syscall_64+0x3b/0x90 [ 204.537912] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.538437] RIP: 0033:0x7f4b87518a4d [ 204.538838] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.539464] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.540453] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.541148] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.541849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.542813] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.543529] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.544234] [ 204.544463] irq event stamp: 0 [ 204.544863] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.545593] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.546419] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.547493] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.548127] ---[ end trace 0000000000000000 ]--- [ 204.553299] ------------[ cut here ]------------ [ 204.553816] WARNING: CPU: 1 PID: 1947 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.555090] Modules linked in: [ 204.555428] CPU: 1 PID: 1947 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.556281] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.557610] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.558104] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.560158] RSP: 0018:ffff88800fac7bb8 EFLAGS: 00010246 [ 204.560686] RAX: 0000000000000000 RBX: ffff88801479b0a8 RCX: 0000000000000000 [ 204.561382] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 204.562281] RBP: ffff88800fac7bd0 R08: ffffed10028f3633 R09: ffffed10028f3633 [ 204.563006] R10: ffff88801479b193 R11: ffffed10028f3632 R12: ffff88800f10a400 [ 204.563720] R13: ffff88801479b1e8 R14: ffffffff8352e670 R15: ffff88800fac7e68 [ 204.564495] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.565412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.565979] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 204.566758] PKRU: 55555554 [ 204.567204] Call Trace: [ 204.567458] [ 204.567684] __iommufd_access_detach+0x1c2/0x2b0 [ 204.568169] iommufd_access_change_pt+0x149/0x270 [ 204.568658] iommufd_access_replace+0xb4/0x120 [ 204.569120] iommufd_test+0x3e5/0x37e0 [ 204.569618] ? lock_release+0x532/0x770 [ 204.570172] ? __might_fault+0x102/0x1b0 [ 204.570620] ? lock_acquire+0x427/0x4c0 [ 204.571031] ? __pfx_iommufd_test+0x10/0x10 [ 204.571479] ? __pfx_lock_release+0x10/0x10 [ 204.571933] ? __pfx_lock_acquire+0x10/0x10 [ 204.572556] ? write_comp_data+0x2f/0x90 [ 204.572970] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.573459] ? write_comp_data+0x2f/0x90 [ 204.573875] iommufd_fops_ioctl+0x37d/0x510 [ 204.574369] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.575028] ? write_comp_data+0x2f/0x90 [ 204.575453] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.575935] __x64_sys_ioctl+0x1a3/0x230 [ 204.576351] do_syscall_64+0x3b/0x90 [ 204.576737] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.577436] RIP: 0033:0x7f4b8743ee5d [ 204.577804] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.579879] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.580636] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.581333] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.582212] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.582944] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.583660] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.584436] [ 204.584804] irq event stamp: 0 [ 204.585121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.585743] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.586675] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.587635] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.588246] ---[ end trace 0000000000000000 ]--- [ 204.591816] ------------[ cut here ]------------ [ 204.592294] WARNING: CPU: 1 PID: 1947 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.593362] Modules linked in: [ 204.593670] CPU: 1 PID: 1947 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.594450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.595732] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.596191] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.597941] RSP: 0018:ffff88800fac7bd0 EFLAGS: 00010246 [ 204.598427] RAX: 0000000000000000 RBX: ffff88801479b0a8 RCX: 0000000000000000 [ 204.599091] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 204.599744] RBP: ffff88800fac7be8 R08: ffffed10028f3633 R09: ffffed10028f3633 [ 204.600517] R10: ffff88801479b193 R11: ffffed10028f3632 R12: ffff88800a727c00 [ 204.601159] R13: ffff88801479b1e8 R14: ffff88800ca5aa00 R15: 0000000000000000 [ 204.601799] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.602697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.603241] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.603891] PKRU: 55555554 [ 204.604157] Call Trace: [ 204.604459] [ 204.604751] iommufd_access_destroy_object+0x65/0x170 [ 204.605228] iommufd_object_destroy_user+0x18e/0x220 [ 204.605701] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.606233] iommufd_access_destroy+0x43/0x70 [ 204.606719] iommufd_test_staccess_release+0x8d/0xd0 [ 204.607265] __fput+0x26d/0xa40 [ 204.607587] ____fput+0x1e/0x30 [ 204.607903] task_work_run+0x1a4/0x2d0 [ 204.608276] ? __pfx_task_work_run+0x10/0x10 [ 204.608694] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.609156] ? switch_task_namespaces+0xa9/0xe0 [ 204.609690] do_exit+0xb17/0x2ef0 [ 204.610072] ? lock_acquire+0x427/0x4c0 [ 204.610451] ? __pfx_lock_release+0x10/0x10 [ 204.610887] ? __kasan_check_write+0x18/0x20 [ 204.611310] ? do_raw_spin_lock+0x132/0x2a0 [ 204.611702] ? __pfx_do_exit+0x10/0x10 [ 204.612189] ? debug_smp_processor_id+0x20/0x30 [ 204.612619] ? rcu_is_watching+0x19/0xb0 [ 204.612991] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.613409] ? trace_hardirqs_on+0x26/0x120 [ 204.613823] do_group_exit+0xe0/0x2b0 [ 204.614286] __x64_sys_exit_group+0x47/0x50 [ 204.614705] do_syscall_64+0x3b/0x90 [ 204.615055] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.615545] RIP: 0033:0x7f4b87518a4d [ 204.615890] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.616549] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.617282] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.617930] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.618724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.619387] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.620029] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.620681] [ 204.620996] irq event stamp: 0 [ 204.621337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.621912] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.622711] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.623611] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.624185] ---[ end trace 0000000000000000 ]--- [ 204.624991] ------------[ cut here ]------------ [ 204.625430] WARNING: CPU: 1 PID: 1947 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.626357] Modules linked in: [ 204.626720] CPU: 1 PID: 1947 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.627534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.628548] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.629016] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.630722] RSP: 0018:ffff88800fac7b78 EFLAGS: 00010246 [ 204.631222] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.631863] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 204.632508] RBP: ffff88800fac7b98 R08: ffffed10028f363e R09: ffffed10028f363e [ 204.633152] R10: ffff88801479b1ef R11: ffffed10028f363d R12: ffff88801479b290 [ 204.633801] R13: ffff88801479b0a8 R14: ffffffffffffffff R15: ffff88800fac7c60 [ 204.634445] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.635229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.635768] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.636476] PKRU: 55555554 [ 204.636865] Call Trace: [ 204.637107] [ 204.637319] iommufd_ioas_destroy+0x53/0x70 [ 204.637727] iommufd_fops_release+0x1f7/0x370 [ 204.638148] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.638647] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.639113] ? write_comp_data+0x2f/0x90 [ 204.639661] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.640130] __fput+0x26d/0xa40 [ 204.640456] ____fput+0x1e/0x30 [ 204.640773] task_work_run+0x1a4/0x2d0 [ 204.641141] ? __pfx_task_work_run+0x10/0x10 [ 204.641620] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.642132] ? switch_task_namespaces+0xa9/0xe0 [ 204.642600] do_exit+0xb17/0x2ef0 [ 204.642921] ? lock_acquire+0x427/0x4c0 [ 204.643300] ? __pfx_lock_release+0x10/0x10 [ 204.643699] ? __kasan_check_write+0x18/0x20 [ 204.644100] ? do_raw_spin_lock+0x132/0x2a0 [ 204.644490] ? __pfx_do_exit+0x10/0x10 [ 204.644852] ? debug_smp_processor_id+0x20/0x30 [ 204.645278] ? rcu_is_watching+0x19/0xb0 [ 204.645648] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.646060] ? trace_hardirqs_on+0x26/0x120 [ 204.646448] do_group_exit+0xe0/0x2b0 [ 204.646815] __x64_sys_exit_group+0x47/0x50 [ 204.647209] do_syscall_64+0x3b/0x90 [ 204.647548] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.648022] RIP: 0033:0x7f4b87518a4d [ 204.648361] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.648909] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.649581] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.650208] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.650865] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.651503] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.652138] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.652764] [ 204.652962] irq event stamp: 0 [ 204.653227] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.653767] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.654470] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.655201] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.655739] ---[ end trace 0000000000000000 ]--- [ 204.659844] ------------[ cut here ]------------ [ 204.660282] WARNING: CPU: 1 PID: 1948 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.661131] Modules linked in: [ 204.661400] CPU: 1 PID: 1948 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.662121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.663078] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.663508] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.665020] RSP: 0018:ffff8880161dfbb8 EFLAGS: 00010246 [ 204.665466] RAX: 0000000000000000 RBX: ffff8880163720a8 RCX: 0000000000000000 [ 204.666056] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 204.666664] RBP: ffff8880161dfbd0 R08: ffffed1002c6e433 R09: ffffed1002c6e433 [ 204.667268] R10: ffff888016372193 R11: ffffed1002c6e432 R12: ffff888013b15c00 [ 204.667862] R13: ffff8880163721e8 R14: ffffffff8352e670 R15: ffff8880161dfe68 [ 204.668470] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.669143] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.669632] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 204.670237] PKRU: 55555554 [ 204.670475] Call Trace: [ 204.670709] [ 204.670900] __iommufd_access_detach+0x1c2/0x2b0 [ 204.671327] iommufd_access_change_pt+0x149/0x270 [ 204.671744] iommufd_access_replace+0xb4/0x120 [ 204.672137] iommufd_test+0x3e5/0x37e0 [ 204.672463] ? lock_release+0x532/0x770 [ 204.672808] ? __might_fault+0x102/0x1b0 [ 204.673157] ? lock_acquire+0x427/0x4c0 [ 204.673496] ? __pfx_iommufd_test+0x10/0x10 [ 204.673837] ? __pfx_lock_release+0x10/0x10 [ 204.674186] ? __pfx_lock_acquire+0x10/0x10 [ 204.674558] ? write_comp_data+0x2f/0x90 [ 204.674892] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.675298] ? write_comp_data+0x2f/0x90 [ 204.675633] iommufd_fops_ioctl+0x37d/0x510 [ 204.675982] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.676377] ? write_comp_data+0x2f/0x90 [ 204.676711] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.677106] __x64_sys_ioctl+0x1a3/0x230 [ 204.677439] do_syscall_64+0x3b/0x90 [ 204.677743] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.678162] RIP: 0033:0x7f4b8743ee5d [ 204.678461] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.679927] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.680529] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.681088] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.681647] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.682207] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.682791] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.683368] [ 204.683554] irq event stamp: 0 [ 204.683810] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.684307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.684971] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.685627] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.686122] ---[ end trace 0000000000000000 ]--- [ 204.688933] ------------[ cut here ]------------ [ 204.689336] WARNING: CPU: 1 PID: 1948 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.690134] Modules linked in: [ 204.690389] CPU: 1 PID: 1948 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.691101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.691998] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.692391] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.693826] RSP: 0018:ffff8880161dfbd0 EFLAGS: 00010246 [ 204.694243] RAX: 0000000000000000 RBX: ffff8880163720a8 RCX: 0000000000000000 [ 204.694823] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 204.695403] RBP: ffff8880161dfbe8 R08: ffffed1002c6e433 R09: ffffed1002c6e433 [ 204.695967] R10: ffff888016372193 R11: ffffed1002c6e432 R12: ffff88800f108800 [ 204.696524] R13: ffff8880163721e8 R14: ffff888015bbbd00 R15: 0000000000000000 [ 204.697082] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.697709] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.698168] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.698749] PKRU: 55555554 [ 204.698974] Call Trace: [ 204.699188] [ 204.699366] iommufd_access_destroy_object+0x65/0x170 [ 204.699773] iommufd_object_destroy_user+0x18e/0x220 [ 204.700172] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.700626] iommufd_access_destroy+0x43/0x70 [ 204.700981] iommufd_test_staccess_release+0x8d/0xd0 [ 204.701383] __fput+0x26d/0xa40 [ 204.701654] ____fput+0x1e/0x30 [ 204.701918] task_work_run+0x1a4/0x2d0 [ 204.702226] ? __pfx_task_work_run+0x10/0x10 [ 204.702592] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.702974] ? switch_task_namespaces+0xa9/0xe0 [ 204.703355] do_exit+0xb17/0x2ef0 [ 204.703626] ? lock_acquire+0x427/0x4c0 [ 204.703945] ? __pfx_lock_release+0x10/0x10 [ 204.704283] ? __kasan_check_write+0x18/0x20 [ 204.704629] ? do_raw_spin_lock+0x132/0x2a0 [ 204.704963] ? __pfx_do_exit+0x10/0x10 [ 204.705274] ? debug_smp_processor_id+0x20/0x30 [ 204.705637] ? rcu_is_watching+0x19/0xb0 [ 204.705954] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.706311] ? trace_hardirqs_on+0x26/0x120 [ 204.706664] do_group_exit+0xe0/0x2b0 [ 204.706961] __x64_sys_exit_group+0x47/0x50 [ 204.707302] do_syscall_64+0x3b/0x90 [ 204.707609] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.708023] RIP: 0033:0x7f4b87518a4d [ 204.708316] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.708789] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.709371] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.709918] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.710464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.711028] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.711583] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.712136] [ 204.712316] irq event stamp: 0 [ 204.712559] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.713040] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.713682] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.714322] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.714830] ---[ end trace 0000000000000000 ]--- [ 204.715526] ------------[ cut here ]------------ [ 204.715888] WARNING: CPU: 1 PID: 1948 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.716671] Modules linked in: [ 204.716920] CPU: 1 PID: 1948 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.717593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.718454] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.718876] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.720292] RSP: 0018:ffff8880161dfb78 EFLAGS: 00010246 [ 204.720705] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.721250] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 204.721793] RBP: ffff8880161dfb98 R08: ffffed1002c6e43e R09: ffffed1002c6e43e [ 204.722333] R10: ffff8880163721ef R11: ffffed1002c6e43d R12: ffff888016372290 [ 204.722900] R13: ffff8880163720a8 R14: ffffffffffffffff R15: ffff8880161dfc60 [ 204.723452] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.724066] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.724509] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.725054] PKRU: 55555554 [ 204.725272] Call Trace: [ 204.725468] [ 204.725646] iommufd_ioas_destroy+0x53/0x70 [ 204.725983] iommufd_fops_release+0x1f7/0x370 [ 204.726335] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.726742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.727132] ? write_comp_data+0x2f/0x90 [ 204.727445] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.727834] __fput+0x26d/0xa40 [ 204.728101] ____fput+0x1e/0x30 [ 204.728366] task_work_run+0x1a4/0x2d0 [ 204.728674] ? __pfx_task_work_run+0x10/0x10 [ 204.729011] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.729382] ? switch_task_namespaces+0xa9/0xe0 [ 204.729742] do_exit+0xb17/0x2ef0 [ 204.730003] ? lock_acquire+0x427/0x4c0 [ 204.730321] ? __pfx_lock_release+0x10/0x10 [ 204.730677] ? __kasan_check_write+0x18/0x20 [ 204.731016] ? do_raw_spin_lock+0x132/0x2a0 [ 204.731360] ? __pfx_do_exit+0x10/0x10 [ 204.731664] ? debug_smp_processor_id+0x20/0x30 [ 204.732021] ? rcu_is_watching+0x19/0xb0 [ 204.732335] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.732686] ? trace_hardirqs_on+0x26/0x120 [ 204.733021] do_group_exit+0xe0/0x2b0 [ 204.733313] __x64_sys_exit_group+0x47/0x50 [ 204.733640] do_syscall_64+0x3b/0x90 [ 204.733932] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.734330] RIP: 0033:0x7f4b87518a4d [ 204.734634] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.735096] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.735674] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.736205] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.736741] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.737280] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.737814] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.738354] [ 204.738549] irq event stamp: 0 [ 204.738790] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.739272] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.739904] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.740530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.741003] ---[ end trace 0000000000000000 ]--- [ 204.744809] ------------[ cut here ]------------ [ 204.745178] WARNING: CPU: 1 PID: 1949 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.745935] Modules linked in: [ 204.746176] CPU: 1 PID: 1949 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.746862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.747712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.748085] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.749443] RSP: 0018:ffff888017b8fbb8 EFLAGS: 00010246 [ 204.749845] RAX: 0000000000000000 RBX: ffff8880171b88a8 RCX: 0000000000000000 [ 204.750380] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 204.750927] RBP: ffff888017b8fbd0 R08: ffffed1002e37133 R09: ffffed1002e37133 [ 204.751470] R10: ffff8880171b8993 R11: ffffed1002e37132 R12: ffff88802081c400 [ 204.752003] R13: ffff8880171b89e8 R14: ffffffff8352e670 R15: ffff888017b8fe68 [ 204.752538] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.753145] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.753583] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 204.754132] PKRU: 55555554 [ 204.754346] Call Trace: [ 204.754559] [ 204.754732] __iommufd_access_detach+0x1c2/0x2b0 [ 204.755105] iommufd_access_change_pt+0x149/0x270 [ 204.755496] iommufd_access_replace+0xb4/0x120 [ 204.755853] iommufd_test+0x3e5/0x37e0 [ 204.756150] ? lock_release+0x532/0x770 [ 204.756462] ? __might_fault+0x102/0x1b0 [ 204.756781] ? lock_acquire+0x427/0x4c0 [ 204.757093] ? __pfx_iommufd_test+0x10/0x10 [ 204.757422] ? __pfx_lock_release+0x10/0x10 [ 204.757757] ? __pfx_lock_acquire+0x10/0x10 [ 204.758095] ? write_comp_data+0x2f/0x90 [ 204.758414] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.758810] ? write_comp_data+0x2f/0x90 [ 204.759139] iommufd_fops_ioctl+0x37d/0x510 [ 204.759473] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.759849] ? write_comp_data+0x2f/0x90 [ 204.760166] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.760535] __x64_sys_ioctl+0x1a3/0x230 [ 204.760853] do_syscall_64+0x3b/0x90 [ 204.761143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.761542] RIP: 0033:0x7f4b8743ee5d [ 204.761825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.763222] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.763803] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.764339] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.764876] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.765409] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.765940] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.766485] [ 204.766685] irq event stamp: 0 [ 204.766924] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.767407] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.768036] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.768664] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.769136] ---[ end trace 0000000000000000 ]--- [ 204.771895] ------------[ cut here ]------------ [ 204.772279] WARNING: CPU: 1 PID: 1949 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.773038] Modules linked in: [ 204.773283] CPU: 1 PID: 1949 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.773933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.774801] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.775189] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.776548] RSP: 0018:ffff888017b8fbd0 EFLAGS: 00010246 [ 204.776947] RAX: 0000000000000000 RBX: ffff8880171b88a8 RCX: 0000000000000000 [ 204.777478] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 204.778009] RBP: ffff888017b8fbe8 R08: ffffed1002e37133 R09: ffffed1002e37133 [ 204.778559] R10: ffff8880171b8993 R11: ffffed1002e37132 R12: ffff888013b16800 [ 204.779091] R13: ffff8880171b89e8 R14: ffff8880123ec800 R15: 0000000000000000 [ 204.779637] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.780238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.780673] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.781207] PKRU: 55555554 [ 204.781420] Call Trace: [ 204.781614] [ 204.781789] iommufd_access_destroy_object+0x65/0x170 [ 204.782185] iommufd_object_destroy_user+0x18e/0x220 [ 204.782590] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.783036] iommufd_access_destroy+0x43/0x70 [ 204.783397] iommufd_test_staccess_release+0x8d/0xd0 [ 204.783789] __fput+0x26d/0xa40 [ 204.784055] ____fput+0x1e/0x30 [ 204.784314] task_work_run+0x1a4/0x2d0 [ 204.784618] ? __pfx_task_work_run+0x10/0x10 [ 204.784958] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.785336] ? switch_task_namespaces+0xa9/0xe0 [ 204.785699] do_exit+0xb17/0x2ef0 [ 204.785963] ? lock_acquire+0x427/0x4c0 [ 204.786271] ? __pfx_lock_release+0x10/0x10 [ 204.786631] ? __kasan_check_write+0x18/0x20 [ 204.786970] ? do_raw_spin_lock+0x132/0x2a0 [ 204.787308] ? __pfx_do_exit+0x10/0x10 [ 204.787614] ? debug_smp_processor_id+0x20/0x30 [ 204.787968] ? rcu_is_watching+0x19/0xb0 [ 204.788277] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.788624] ? trace_hardirqs_on+0x26/0x120 [ 204.788955] do_group_exit+0xe0/0x2b0 [ 204.789242] __x64_sys_exit_group+0x47/0x50 [ 204.789566] do_syscall_64+0x3b/0x90 [ 204.789854] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.790250] RIP: 0033:0x7f4b87518a4d [ 204.790548] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.791011] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.791595] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.792127] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.792657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.793189] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.793721] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.794259] [ 204.794437] irq event stamp: 0 [ 204.794696] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.795179] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.795803] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.796426] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.796895] ---[ end trace 0000000000000000 ]--- [ 204.797570] ------------[ cut here ]------------ [ 204.797921] WARNING: CPU: 1 PID: 1949 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.798699] Modules linked in: [ 204.798943] CPU: 1 PID: 1949 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.799607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.800448] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.800839] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.802198] RSP: 0018:ffff888017b8fb78 EFLAGS: 00010246 [ 204.802619] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.803159] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 204.803691] RBP: ffff888017b8fb98 R08: ffffed1002e3713e R09: ffffed1002e3713e [ 204.804229] R10: ffff8880171b89ef R11: ffffed1002e3713d R12: ffff8880171b8a90 [ 204.804761] R13: ffff8880171b88a8 R14: ffffffffffffffff R15: ffff888017b8fc60 [ 204.805296] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.805894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.806326] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.806873] PKRU: 55555554 [ 204.807091] Call Trace: [ 204.807290] [ 204.807462] iommufd_ioas_destroy+0x53/0x70 [ 204.807792] iommufd_fops_release+0x1f7/0x370 [ 204.808137] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.808516] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.808890] ? write_comp_data+0x2f/0x90 [ 204.809208] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.809589] __fput+0x26d/0xa40 [ 204.809849] ____fput+0x1e/0x30 [ 204.810105] task_work_run+0x1a4/0x2d0 [ 204.810405] ? __pfx_task_work_run+0x10/0x10 [ 204.810760] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.811142] ? switch_task_namespaces+0xa9/0xe0 [ 204.811508] do_exit+0xb17/0x2ef0 [ 204.811773] ? lock_acquire+0x427/0x4c0 [ 204.812082] ? __pfx_lock_release+0x10/0x10 [ 204.812416] ? __kasan_check_write+0x18/0x20 [ 204.812751] ? do_raw_spin_lock+0x132/0x2a0 [ 204.813080] ? __pfx_do_exit+0x10/0x10 [ 204.813386] ? debug_smp_processor_id+0x20/0x30 [ 204.813746] ? rcu_is_watching+0x19/0xb0 [ 204.814058] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.814403] ? trace_hardirqs_on+0x26/0x120 [ 204.814754] do_group_exit+0xe0/0x2b0 [ 204.815044] __x64_sys_exit_group+0x47/0x50 [ 204.815377] do_syscall_64+0x3b/0x90 [ 204.815673] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.816074] RIP: 0033:0x7f4b87518a4d [ 204.816358] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.816816] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.817388] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.817917] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.818444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.818992] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.819535] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.820074] [ 204.820249] irq event stamp: 0 [ 204.820486] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.820958] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.821585] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.822207] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.822698] ---[ end trace 0000000000000000 ]--- [ 204.827269] ------------[ cut here ]------------ [ 204.827648] WARNING: CPU: 1 PID: 1950 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.828406] Modules linked in: [ 204.828649] CPU: 1 PID: 1950 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.829300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.830132] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.830709] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.832072] RSP: 0018:ffff88800fac7bb8 EFLAGS: 00010246 [ 204.832468] RAX: 0000000000000000 RBX: ffff888017a438a8 RCX: 0000000000000000 [ 204.832998] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 204.833527] RBP: ffff88800fac7bd0 R08: ffffed1002f48733 R09: ffffed1002f48733 [ 204.834053] R10: ffff888017a43993 R11: ffffed1002f48732 R12: ffff888010b0dc00 [ 204.834605] R13: ffff888017a439e8 R14: ffffffff8352e670 R15: ffff88800fac7e68 [ 204.835136] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.835730] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.836164] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 204.836699] PKRU: 55555554 [ 204.836911] Call Trace: [ 204.837104] [ 204.837273] __iommufd_access_detach+0x1c2/0x2b0 [ 204.837644] iommufd_access_change_pt+0x149/0x270 [ 204.838016] iommufd_access_replace+0xb4/0x120 [ 204.838373] iommufd_test+0x3e5/0x37e0 [ 204.838687] ? lock_release+0x532/0x770 [ 204.838998] ? __might_fault+0x102/0x1b0 [ 204.839319] ? lock_acquire+0x427/0x4c0 [ 204.839629] ? __pfx_iommufd_test+0x10/0x10 [ 204.839952] ? __pfx_lock_release+0x10/0x10 [ 204.840284] ? __pfx_lock_acquire+0x10/0x10 [ 204.840619] ? write_comp_data+0x2f/0x90 [ 204.840936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.841306] ? write_comp_data+0x2f/0x90 [ 204.841621] iommufd_fops_ioctl+0x37d/0x510 [ 204.841950] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.842322] ? write_comp_data+0x2f/0x90 [ 204.842653] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.843020] __x64_sys_ioctl+0x1a3/0x230 [ 204.843347] do_syscall_64+0x3b/0x90 [ 204.843641] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.844039] RIP: 0033:0x7f4b8743ee5d [ 204.844318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.845675] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.846241] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.846788] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.847334] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.847866] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.848400] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.848944] [ 204.849124] irq event stamp: 0 [ 204.849368] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.849846] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.850474] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.851133] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.851611] ---[ end trace 0000000000000000 ]--- [ 204.854311] ------------[ cut here ]------------ [ 204.854723] WARNING: CPU: 1 PID: 1950 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.855485] Modules linked in: [ 204.855726] CPU: 1 PID: 1950 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.856378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.857217] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.857591] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.858967] RSP: 0018:ffff88800fac7bd0 EFLAGS: 00010246 [ 204.859376] RAX: 0000000000000000 RBX: ffff888017a438a8 RCX: 0000000000000000 [ 204.859911] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 204.860442] RBP: ffff88800fac7be8 R08: ffffed1002f48733 R09: ffffed1002f48733 [ 204.860978] R10: ffff888017a43993 R11: ffffed1002f48732 R12: ffff88800fcb1800 [ 204.861511] R13: ffff888017a439e8 R14: ffff888020804400 R15: 0000000000000000 [ 204.862042] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.862666] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.863104] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.863645] PKRU: 55555554 [ 204.863859] Call Trace: [ 204.864051] [ 204.864222] iommufd_access_destroy_object+0x65/0x170 [ 204.864616] iommufd_object_destroy_user+0x18e/0x220 [ 204.865005] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.865448] iommufd_access_destroy+0x43/0x70 [ 204.865795] iommufd_test_staccess_release+0x8d/0xd0 [ 204.866187] __fput+0x26d/0xa40 [ 204.866452] ____fput+0x1e/0x30 [ 204.866741] task_work_run+0x1a4/0x2d0 [ 204.867046] ? __pfx_task_work_run+0x10/0x10 [ 204.867391] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.867766] ? switch_task_namespaces+0xa9/0xe0 [ 204.868128] do_exit+0xb17/0x2ef0 [ 204.868392] ? lock_acquire+0x427/0x4c0 [ 204.868701] ? __pfx_lock_release+0x10/0x10 [ 204.869038] ? __kasan_check_write+0x18/0x20 [ 204.869377] ? do_raw_spin_lock+0x132/0x2a0 [ 204.869705] ? __pfx_do_exit+0x10/0x10 [ 204.870009] ? debug_smp_processor_id+0x20/0x30 [ 204.870363] ? rcu_is_watching+0x19/0xb0 [ 204.870694] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.871045] ? trace_hardirqs_on+0x26/0x120 [ 204.871385] do_group_exit+0xe0/0x2b0 [ 204.871675] __x64_sys_exit_group+0x47/0x50 [ 204.871998] do_syscall_64+0x3b/0x90 [ 204.872287] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.872682] RIP: 0033:0x7f4b87518a4d [ 204.872962] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.873420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.873985] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.874543] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.875084] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.875638] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.876176] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.876724] [ 204.876903] irq event stamp: 0 [ 204.877142] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.877618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.878249] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.878901] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.879391] ---[ end trace 0000000000000000 ]--- [ 204.880076] ------------[ cut here ]------------ [ 204.880429] WARNING: CPU: 1 PID: 1950 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.881200] Modules linked in: [ 204.881448] CPU: 1 PID: 1950 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.882091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.882972] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.883381] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.884756] RSP: 0018:ffff88800fac7b78 EFLAGS: 00010246 [ 204.885159] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.885692] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 204.886231] RBP: ffff88800fac7b98 R08: ffffed1002f4873e R09: ffffed1002f4873e [ 204.886976] R10: ffff888017a439ef R11: ffffed1002f4873d R12: ffff888017a43a90 [ 204.887529] R13: ffff888017a438a8 R14: ffffffffffffffff R15: ffff88800fac7c60 [ 204.888071] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.888673] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.889107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 204.889642] PKRU: 55555554 [ 204.889856] Call Trace: [ 204.890048] [ 204.890219] iommufd_ioas_destroy+0x53/0x70 [ 204.890578] iommufd_fops_release+0x1f7/0x370 [ 204.890928] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.891319] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.891695] ? write_comp_data+0x2f/0x90 [ 204.892015] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.892396] __fput+0x26d/0xa40 [ 204.892660] ____fput+0x1e/0x30 [ 204.892921] task_work_run+0x1a4/0x2d0 [ 204.893374] ? __pfx_task_work_run+0x10/0x10 [ 204.894061] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.894442] ? switch_task_namespaces+0xa9/0xe0 [ 204.894843] do_exit+0xb17/0x2ef0 [ 204.895105] ? lock_acquire+0x427/0x4c0 [ 204.895425] ? __pfx_lock_release+0x10/0x10 [ 204.895752] ? __kasan_check_write+0x18/0x20 [ 204.896087] ? do_raw_spin_lock+0x132/0x2a0 [ 204.896413] ? __pfx_do_exit+0x10/0x10 [ 204.896717] ? debug_smp_processor_id+0x20/0x30 [ 204.897214] ? rcu_is_watching+0x19/0xb0 [ 204.897525] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.897867] ? trace_hardirqs_on+0x26/0x120 [ 204.898197] do_group_exit+0xe0/0x2b0 [ 204.898483] __x64_sys_exit_group+0x47/0x50 [ 204.898825] do_syscall_64+0x3b/0x90 [ 204.899126] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.899526] RIP: 0033:0x7f4b87518a4d [ 204.899811] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.900391] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.900962] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.901494] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.902024] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.902578] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.903110] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.903661] [ 204.903837] irq event stamp: 0 [ 204.904076] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.904549] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.905299] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.905929] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.906400] ---[ end trace 0000000000000000 ]--- [ 204.909955] ------------[ cut here ]------------ [ 204.910348] WARNING: CPU: 1 PID: 1951 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.911177] Modules linked in: [ 204.911430] CPU: 1 PID: 1951 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.912099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.913082] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.913470] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.914935] RSP: 0018:ffff888017b8fbb8 EFLAGS: 00010246 [ 204.915416] RAX: 0000000000000000 RBX: ffff888015b350a8 RCX: 0000000000000000 [ 204.916018] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 204.916563] RBP: ffff888017b8fbd0 R08: ffffed1002b66a33 R09: ffffed1002b66a33 [ 204.917105] R10: ffff888015b35193 R11: ffffed1002b66a32 R12: ffff888018b88800 [ 204.917652] R13: ffff888015b351e8 R14: ffffffff8352e670 R15: ffff888017b8fe68 [ 204.918310] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.918951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.919416] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 204.919972] PKRU: 55555554 [ 204.920192] Call Trace: [ 204.920393] [ 204.920571] __iommufd_access_detach+0x1c2/0x2b0 [ 204.920950] iommufd_access_change_pt+0x149/0x270 [ 204.921470] iommufd_access_replace+0xb4/0x120 [ 204.921833] iommufd_test+0x3e5/0x37e0 [ 204.922135] ? lock_release+0x532/0x770 [ 204.922452] ? __might_fault+0x102/0x1b0 [ 204.922808] ? lock_acquire+0x427/0x4c0 [ 204.923135] ? __pfx_iommufd_test+0x10/0x10 [ 204.923471] ? __pfx_lock_release+0x10/0x10 [ 204.923813] ? __pfx_lock_acquire+0x10/0x10 [ 204.924153] ? write_comp_data+0x2f/0x90 [ 204.924480] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.924911] ? write_comp_data+0x2f/0x90 [ 204.925309] iommufd_fops_ioctl+0x37d/0x510 [ 204.925652] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.926034] ? write_comp_data+0x2f/0x90 [ 204.926364] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 204.926766] __x64_sys_ioctl+0x1a3/0x230 [ 204.927097] do_syscall_64+0x3b/0x90 [ 204.927406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.927814] RIP: 0033:0x7f4b8743ee5d [ 204.928102] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 204.929605] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 204.930190] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 204.930764] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 204.931321] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 204.931893] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 204.932517] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 204.933071] [ 204.933257] irq event stamp: 0 [ 204.933499] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.933982] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.934655] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.935340] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.935902] ---[ end trace 0000000000000000 ]--- [ 204.938884] ------------[ cut here ]------------ [ 204.939296] WARNING: CPU: 1 PID: 1951 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 204.940087] Modules linked in: [ 204.940336] CPU: 1 PID: 1951 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.941025] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.941959] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 204.942405] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 204.943880] RSP: 0018:ffff888017b8fbd0 EFLAGS: 00010246 [ 204.944309] RAX: 0000000000000000 RBX: ffff888015b350a8 RCX: 0000000000000000 [ 204.944879] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 204.945453] RBP: ffff888017b8fbe8 R08: ffffed1002b66a33 R09: ffffed1002b66a33 [ 204.946146] R10: ffff888015b35193 R11: ffffed1002b66a32 R12: ffff888010b0cc00 [ 204.946748] R13: ffff888015b351e8 R14: ffff88800f492b00 R15: 0000000000000000 [ 204.947330] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.947967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.948426] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 204.948999] PKRU: 55555554 [ 204.949305] Call Trace: [ 204.949570] [ 204.949755] iommufd_access_destroy_object+0x65/0x170 [ 204.950172] iommufd_object_destroy_user+0x18e/0x220 [ 204.950618] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 204.951090] iommufd_access_destroy+0x43/0x70 [ 204.951470] iommufd_test_staccess_release+0x8d/0xd0 [ 204.951886] __fput+0x26d/0xa40 [ 204.952165] ____fput+0x1e/0x30 [ 204.952437] task_work_run+0x1a4/0x2d0 [ 204.952758] ? __pfx_task_work_run+0x10/0x10 [ 204.953242] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.953640] ? switch_task_namespaces+0xa9/0xe0 [ 204.954023] do_exit+0xb17/0x2ef0 [ 204.954304] ? lock_acquire+0x427/0x4c0 [ 204.954662] ? __pfx_lock_release+0x10/0x10 [ 204.955021] ? __kasan_check_write+0x18/0x20 [ 204.955396] ? do_raw_spin_lock+0x132/0x2a0 [ 204.955748] ? __pfx_do_exit+0x10/0x10 [ 204.956075] ? debug_smp_processor_id+0x20/0x30 [ 204.956455] ? rcu_is_watching+0x19/0xb0 [ 204.956896] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.957267] ? trace_hardirqs_on+0x26/0x120 [ 204.957618] do_group_exit+0xe0/0x2b0 [ 204.957925] __x64_sys_exit_group+0x47/0x50 [ 204.958269] do_syscall_64+0x3b/0x90 [ 204.958605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.959027] RIP: 0033:0x7f4b87518a4d [ 204.959334] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.959820] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.960452] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.961114] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.961678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.962248] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.962837] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.963429] [ 204.963618] irq event stamp: 0 [ 204.963868] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.964494] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.965159] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.965819] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.966319] ---[ end trace 0000000000000000 ]--- [ 204.967079] ------------[ cut here ]------------ [ 204.967467] WARNING: CPU: 1 PID: 1951 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 204.968399] Modules linked in: [ 204.968658] CPU: 1 PID: 1951 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 204.969348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 204.970242] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 204.970741] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 204.972243] RSP: 0018:ffff888017b8fb78 EFLAGS: 00010246 [ 204.972669] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 204.973236] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 204.973800] RBP: ffff888017b8fb98 R08: ffffed1002b66a3e R09: ffffed1002b66a3e [ 204.974495] R10: ffff888015b351ef R11: ffffed1002b66a3d R12: ffff888015b35290 [ 204.975090] R13: ffff888015b350a8 R14: ffffffffffffffff R15: ffff888017b8fc60 [ 204.975672] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 204.976305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.976769] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 204.977346] PKRU: 55555554 [ 204.977648] Call Trace: [ 204.977911] [ 204.978095] iommufd_ioas_destroy+0x53/0x70 [ 204.978449] iommufd_fops_release+0x1f7/0x370 [ 204.978848] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.979259] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.979660] ? write_comp_data+0x2f/0x90 [ 204.979997] ? __pfx_iommufd_fops_release+0x10/0x10 [ 204.980401] __fput+0x26d/0xa40 [ 204.980679] ____fput+0x1e/0x30 [ 204.980952] task_work_run+0x1a4/0x2d0 [ 204.981328] ? __pfx_task_work_run+0x10/0x10 [ 204.981734] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 204.982126] ? switch_task_namespaces+0xa9/0xe0 [ 204.982536] do_exit+0xb17/0x2ef0 [ 204.982815] ? lock_acquire+0x427/0x4c0 [ 204.983152] ? __pfx_lock_release+0x10/0x10 [ 204.983504] ? __kasan_check_write+0x18/0x20 [ 204.983861] ? do_raw_spin_lock+0x132/0x2a0 [ 204.984212] ? __pfx_do_exit+0x10/0x10 [ 204.984536] ? debug_smp_processor_id+0x20/0x30 [ 204.984915] ? rcu_is_watching+0x19/0xb0 [ 204.985364] ? _raw_spin_unlock_irq+0x2b/0x60 [ 204.985733] ? trace_hardirqs_on+0x26/0x120 [ 204.986085] do_group_exit+0xe0/0x2b0 [ 204.986392] __x64_sys_exit_group+0x47/0x50 [ 204.986768] do_syscall_64+0x3b/0x90 [ 204.987078] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 204.987514] RIP: 0033:0x7f4b87518a4d [ 204.987814] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 204.988302] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 204.988990] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 204.989604] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 204.990169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 204.990760] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 204.991337] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 204.991909] [ 204.992097] irq event stamp: 0 [ 204.992386] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 204.992986] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 204.993676] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 204.994367] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 204.994931] ---[ end trace 0000000000000000 ]--- [ 204.999664] ------------[ cut here ]------------ [ 205.000103] WARNING: CPU: 1 PID: 1952 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.000940] Modules linked in: [ 205.001206] CPU: 1 PID: 1952 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.001968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.003085] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.003518] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.005011] RSP: 0018:ffff88800fac7bb8 EFLAGS: 00010246 [ 205.005461] RAX: 0000000000000000 RBX: ffff888023ff10a8 RCX: 0000000000000000 [ 205.006153] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 205.006823] RBP: ffff88800fac7bd0 R08: ffffed10047fe233 R09: ffffed10047fe233 [ 205.007429] R10: ffff888023ff1193 R11: ffffed10047fe232 R12: ffff888020e6a800 [ 205.008030] R13: ffff888023ff11e8 R14: ffffffff8352e670 R15: ffff88800fac7e68 [ 205.008625] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.009311] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.009967] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 205.010600] PKRU: 55555554 [ 205.010842] Call Trace: [ 205.011058] [ 205.011261] __iommufd_access_detach+0x1c2/0x2b0 [ 205.011677] iommufd_access_change_pt+0x149/0x270 [ 205.012092] iommufd_access_replace+0xb4/0x120 [ 205.012493] iommufd_test+0x3e5/0x37e0 [ 205.012822] ? lock_release+0x532/0x770 [ 205.013169] ? __might_fault+0x102/0x1b0 [ 205.013588] ? lock_acquire+0x427/0x4c0 [ 205.014021] ? __pfx_iommufd_test+0x10/0x10 [ 205.014391] ? __pfx_lock_release+0x10/0x10 [ 205.014801] ? __pfx_lock_acquire+0x10/0x10 [ 205.015201] ? write_comp_data+0x2f/0x90 [ 205.015559] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.015975] ? write_comp_data+0x2f/0x90 [ 205.016325] iommufd_fops_ioctl+0x37d/0x510 [ 205.016695] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.017117] ? write_comp_data+0x2f/0x90 [ 205.017501] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.018068] __x64_sys_ioctl+0x1a3/0x230 [ 205.018433] do_syscall_64+0x3b/0x90 [ 205.018800] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.019260] RIP: 0033:0x7f4b8743ee5d [ 205.019581] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.021110] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.021855] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.022592] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.023216] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.023834] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.024452] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.025089] [ 205.025294] irq event stamp: 0 [ 205.025561] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.026096] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.026870] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.027600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.028379] ---[ end trace 0000000000000000 ]--- [ 205.031588] ------------[ cut here ]------------ [ 205.032028] WARNING: CPU: 1 PID: 1952 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.033084] Modules linked in: [ 205.033362] CPU: 1 PID: 1952 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.034098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.035110] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.035577] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.037514] RSP: 0018:ffff88800fac7bd0 EFLAGS: 00010246 [ 205.037991] RAX: 0000000000000000 RBX: ffff888023ff10a8 RCX: 0000000000000000 [ 205.038658] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 205.039307] RBP: ffff88800fac7be8 R08: ffffed10047fe233 R09: ffffed10047fe233 [ 205.039937] R10: ffff888023ff1193 R11: ffffed10047fe232 R12: ffff888018b8ac00 [ 205.040572] R13: ffff888023ff11e8 R14: ffff8880178e1900 R15: 0000000000000000 [ 205.041478] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.042190] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.042738] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 205.043387] PKRU: 55555554 [ 205.043642] Call Trace: [ 205.043872] [ 205.044076] iommufd_access_destroy_object+0x65/0x170 [ 205.044552] iommufd_object_destroy_user+0x18e/0x220 [ 205.045024] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.045767] iommufd_access_destroy+0x43/0x70 [ 205.046183] iommufd_test_staccess_release+0x8d/0xd0 [ 205.046686] __fput+0x26d/0xa40 [ 205.047012] ____fput+0x1e/0x30 [ 205.047336] task_work_run+0x1a4/0x2d0 [ 205.047710] ? __pfx_task_work_run+0x10/0x10 [ 205.048124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.048580] ? switch_task_namespaces+0xa9/0xe0 [ 205.049025] do_exit+0xb17/0x2ef0 [ 205.049347] ? lock_acquire+0x427/0x4c0 [ 205.049830] ? __pfx_lock_release+0x10/0x10 [ 205.050419] ? __kasan_check_write+0x18/0x20 [ 205.050886] ? do_raw_spin_lock+0x132/0x2a0 [ 205.051298] ? __pfx_do_exit+0x10/0x10 [ 205.051673] ? debug_smp_processor_id+0x20/0x30 [ 205.052122] ? rcu_is_watching+0x19/0xb0 [ 205.052503] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.052928] ? trace_hardirqs_on+0x26/0x120 [ 205.053334] do_group_exit+0xe0/0x2b0 [ 205.053688] __x64_sys_exit_group+0x47/0x50 [ 205.054090] do_syscall_64+0x3b/0x90 [ 205.054577] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.055243] RIP: 0033:0x7f4b87518a4d [ 205.055589] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.056150] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.056837] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.057490] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.058147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.058843] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.059530] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.060390] [ 205.060604] irq event stamp: 0 [ 205.060891] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.061463] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.062224] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.063036] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.063684] ---[ end trace 0000000000000000 ]--- [ 205.064693] ------------[ cut here ]------------ [ 205.065184] WARNING: CPU: 1 PID: 1952 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.066233] Modules linked in: [ 205.066605] CPU: 1 PID: 1952 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.067500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.068635] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.069330] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.071409] RSP: 0018:ffff88800fac7b78 EFLAGS: 00010246 [ 205.071948] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.072646] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 205.073342] RBP: ffff88800fac7b98 R08: ffffed10047fe23e R09: ffffed10047fe23e [ 205.074107] R10: ffff888023ff11ef R11: ffffed10047fe23d R12: ffff888023ff1290 [ 205.075177] R13: ffff888023ff10a8 R14: ffffffffffffffff R15: ffff88800fac7c60 [ 205.075886] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.076685] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.077253] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 205.077951] PKRU: 55555554 [ 205.078229] Call Trace: [ 205.078487] [ 205.078763] iommufd_ioas_destroy+0x53/0x70 [ 205.079236] iommufd_fops_release+0x1f7/0x370 [ 205.079751] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.080459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.081174] ? write_comp_data+0x2f/0x90 [ 205.081600] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.082107] __fput+0x26d/0xa40 [ 205.082465] ____fput+0x1e/0x30 [ 205.082856] task_work_run+0x1a4/0x2d0 [ 205.083274] ? __pfx_task_work_run+0x10/0x10 [ 205.083721] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.084207] ? switch_task_namespaces+0xa9/0xe0 [ 205.084687] do_exit+0xb17/0x2ef0 [ 205.085043] ? lock_acquire+0x427/0x4c0 [ 205.085543] ? __pfx_lock_release+0x10/0x10 [ 205.086122] ? __kasan_check_write+0x18/0x20 [ 205.086776] ? do_raw_spin_lock+0x132/0x2a0 [ 205.087234] ? __pfx_do_exit+0x10/0x10 [ 205.087631] ? debug_smp_processor_id+0x20/0x30 [ 205.088094] ? rcu_is_watching+0x19/0xb0 [ 205.088499] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.088956] ? trace_hardirqs_on+0x26/0x120 [ 205.089394] do_group_exit+0xe0/0x2b0 [ 205.089775] __x64_sys_exit_group+0x47/0x50 [ 205.090198] do_syscall_64+0x3b/0x90 [ 205.090622] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.091160] RIP: 0033:0x7f4b87518a4d [ 205.091533] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.092245] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.093335] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.094046] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.094783] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.095502] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.096211] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.096922] [ 205.097156] irq event stamp: 0 [ 205.097571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.098471] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.099371] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.100206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.100830] ---[ end trace 0000000000000000 ]--- [ 205.106179] ------------[ cut here ]------------ [ 205.106825] WARNING: CPU: 1 PID: 1953 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.108472] Modules linked in: [ 205.108911] CPU: 1 PID: 1953 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.110053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.111966] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.112661] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.115100] RSP: 0018:ffff888017b8fbb8 EFLAGS: 00010246 [ 205.116281] RAX: 0000000000000000 RBX: ffff8880143a30a8 RCX: 0000000000000000 [ 205.117211] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 205.118149] RBP: ffff888017b8fbd0 R08: ffffed1002874633 R09: ffffed1002874633 [ 205.119204] R10: ffff8880143a3193 R11: ffffed1002874632 R12: ffff888012e93c00 [ 205.120258] R13: ffff8880143a31e8 R14: ffffffff8352e670 R15: ffff888017b8fe68 [ 205.121302] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.122356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.123220] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 205.124243] PKRU: 55555554 [ 205.124761] Call Trace: [ 205.125114] [ 205.125432] __iommufd_access_detach+0x1c2/0x2b0 [ 205.126107] iommufd_access_change_pt+0x149/0x270 [ 205.126849] iommufd_access_replace+0xb4/0x120 [ 205.127531] iommufd_test+0x3e5/0x37e0 [ 205.128072] ? lock_release+0x532/0x770 [ 205.128994] ? __might_fault+0x102/0x1b0 [ 205.129575] ? lock_acquire+0x427/0x4c0 [ 205.130134] ? __pfx_iommufd_test+0x10/0x10 [ 205.130813] ? __pfx_lock_release+0x10/0x10 [ 205.131447] ? __pfx_lock_acquire+0x10/0x10 [ 205.132055] ? write_comp_data+0x2f/0x90 [ 205.132756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.133534] ? write_comp_data+0x2f/0x90 [ 205.134108] iommufd_fops_ioctl+0x37d/0x510 [ 205.134770] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.135451] ? write_comp_data+0x2f/0x90 [ 205.136002] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.136653] __x64_sys_ioctl+0x1a3/0x230 [ 205.137451] do_syscall_64+0x3b/0x90 [ 205.137985] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.138789] RIP: 0033:0x7f4b8743ee5d [ 205.139341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.141972] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.143065] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.144044] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.145001] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.146143] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.147189] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.148175] [ 205.148498] irq event stamp: 0 [ 205.148931] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.149994] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.151212] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.152314] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.153151] ---[ end trace 0000000000000000 ]--- [ 205.159080] ------------[ cut here ]------------ [ 205.159791] WARNING: CPU: 1 PID: 1953 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.161187] Modules linked in: [ 205.161737] CPU: 1 PID: 1953 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.163173] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.164712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.165406] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.168176] RSP: 0018:ffff888017b8fbd0 EFLAGS: 00010246 [ 205.168922] RAX: 0000000000000000 RBX: ffff8880143a30a8 RCX: 0000000000000000 [ 205.169891] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 205.171073] RBP: ffff888017b8fbe8 R08: ffffed1002874633 R09: ffffed1002874633 [ 205.172033] R10: ffff8880143a3193 R11: ffffed1002874632 R12: ffff888020e6bc00 [ 205.172958] R13: ffff8880143a31e8 R14: ffff88800f19ec00 R15: 0000000000000000 [ 205.173888] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.175234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.176001] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 205.176935] PKRU: 55555554 [ 205.177308] Call Trace: [ 205.177646] [ 205.177954] iommufd_access_destroy_object+0x65/0x170 [ 205.178773] iommufd_object_destroy_user+0x18e/0x220 [ 205.179559] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.180337] iommufd_access_destroy+0x43/0x70 [ 205.180941] iommufd_test_staccess_release+0x8d/0xd0 [ 205.181641] __fput+0x26d/0xa40 [ 205.182116] ____fput+0x1e/0x30 [ 205.182657] task_work_run+0x1a4/0x2d0 [ 205.183437] ? __pfx_task_work_run+0x10/0x10 [ 205.184034] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.184686] ? switch_task_namespaces+0xa9/0xe0 [ 205.185314] do_exit+0xb17/0x2ef0 [ 205.185777] ? lock_acquire+0x427/0x4c0 [ 205.186314] ? __pfx_lock_release+0x10/0x10 [ 205.186986] ? __kasan_check_write+0x18/0x20 [ 205.187803] ? do_raw_spin_lock+0x132/0x2a0 [ 205.188392] ? __pfx_do_exit+0x10/0x10 [ 205.188936] ? debug_smp_processor_id+0x20/0x30 [ 205.189634] ? rcu_is_watching+0x19/0xb0 [ 205.190199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.191035] ? trace_hardirqs_on+0x26/0x120 [ 205.191747] do_group_exit+0xe0/0x2b0 [ 205.192384] __x64_sys_exit_group+0x47/0x50 [ 205.192972] do_syscall_64+0x3b/0x90 [ 205.193500] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.194189] RIP: 0033:0x7f4b87518a4d [ 205.194733] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.195561] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.196781] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.197767] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.198787] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.199968] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.200927] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.201897] [ 205.202228] irq event stamp: 0 [ 205.202720] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.203775] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.204886] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.206004] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.207175] ---[ end trace 0000000000000000 ]--- [ 205.210658] ------------[ cut here ]------------ [ 205.211372] WARNING: CPU: 1 PID: 1953 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.212738] Modules linked in: [ 205.213188] CPU: 1 PID: 1953 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.214750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.216274] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.216982] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.219655] RSP: 0018:ffff888017b8fb78 EFLAGS: 00010246 [ 205.220387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.221355] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 205.222619] RBP: ffff888017b8fb98 R08: ffffed100287463e R09: ffffed100287463e [ 205.223597] R10: ffff8880143a31ef R11: ffffed100287463d R12: ffff8880143a3290 [ 205.224542] R13: ffff8880143a30a8 R14: ffffffffffffffff R15: ffff888017b8fc60 [ 205.225500] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.226864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.227676] CR2: 00007f82e2eb8000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 205.228630] PKRU: 55555554 [ 205.229014] Call Trace: [ 205.229366] [ 205.229686] iommufd_ioas_destroy+0x53/0x70 [ 205.230466] iommufd_fops_release+0x1f7/0x370 [ 205.231195] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.231878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.232561] ? write_comp_data+0x2f/0x90 [ 205.233138] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.233814] __fput+0x26d/0xa40 [ 205.234461] ____fput+0x1e/0x30 [ 205.235039] task_work_run+0x1a4/0x2d0 [ 205.235633] ? __pfx_task_work_run+0x10/0x10 [ 205.236245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.236908] ? switch_task_namespaces+0xa9/0xe0 [ 205.237552] do_exit+0xb17/0x2ef0 [ 205.238027] ? lock_acquire+0x427/0x4c0 [ 205.238867] ? __pfx_lock_release+0x10/0x10 [ 205.239503] ? __kasan_check_write+0x18/0x20 [ 205.240118] ? do_raw_spin_lock+0x132/0x2a0 [ 205.240721] ? __pfx_do_exit+0x10/0x10 [ 205.241285] ? debug_smp_processor_id+0x20/0x30 [ 205.241939] ? rcu_is_watching+0x19/0xb0 [ 205.242659] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.243375] ? trace_hardirqs_on+0x26/0x120 [ 205.243973] do_group_exit+0xe0/0x2b0 [ 205.244507] __x64_sys_exit_group+0x47/0x50 [ 205.245105] do_syscall_64+0x3b/0x90 [ 205.245649] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.246371] RIP: 0033:0x7f4b87518a4d [ 205.247071] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.248006] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.249029] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.249986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.251069] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.252116] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.253067] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.254037] [ 205.254376] irq event stamp: 0 [ 205.254913] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.255882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.256997] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.258110] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.259151] ---[ end trace 0000000000000000 ]--- [ 205.264595] ------------[ cut here ]------------ [ 205.265131] WARNING: CPU: 1 PID: 1954 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.266145] Modules linked in: [ 205.266476] CPU: 1 PID: 1954 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.267629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.268776] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.269280] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.271387] RSP: 0018:ffff88800fac7bb8 EFLAGS: 00010246 [ 205.271934] RAX: 0000000000000000 RBX: ffff88800f0610a8 RCX: 0000000000000000 [ 205.272660] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 205.273376] RBP: ffff88800fac7bd0 R08: ffffed1001e0c233 R09: ffffed1001e0c233 [ 205.274267] R10: ffff88800f061193 R11: ffffed1001e0c232 R12: ffff88800a727c00 [ 205.275014] R13: ffff88800f0611e8 R14: ffffffff8352e670 R15: ffff88800fac7e68 [ 205.275760] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.276584] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.277168] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 205.277895] PKRU: 55555554 [ 205.278292] Call Trace: [ 205.278671] [ 205.279023] __iommufd_access_detach+0x1c2/0x2b0 [ 205.279561] iommufd_access_change_pt+0x149/0x270 [ 205.280070] iommufd_access_replace+0xb4/0x120 [ 205.280546] iommufd_test+0x3e5/0x37e0 [ 205.280950] ? lock_release+0x532/0x770 [ 205.281372] ? __might_fault+0x102/0x1b0 [ 205.281799] ? lock_acquire+0x427/0x4c0 [ 205.282223] ? __pfx_iommufd_test+0x10/0x10 [ 205.282713] ? __pfx_lock_release+0x10/0x10 [ 205.283183] ? __pfx_lock_acquire+0x10/0x10 [ 205.283670] ? write_comp_data+0x2f/0x90 [ 205.284241] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.284938] ? write_comp_data+0x2f/0x90 [ 205.285372] iommufd_fops_ioctl+0x37d/0x510 [ 205.285824] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.286333] ? write_comp_data+0x2f/0x90 [ 205.286807] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.287330] __x64_sys_ioctl+0x1a3/0x230 [ 205.287760] do_syscall_64+0x3b/0x90 [ 205.288152] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.288690] RIP: 0033:0x7f4b8743ee5d [ 205.289215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.291577] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.292380] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.293109] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.293832] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.294637] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.295696] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.296448] [ 205.296695] irq event stamp: 0 [ 205.297021] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.297660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.298555] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.299424] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.300129] ---[ end trace 0000000000000000 ]--- [ 205.303747] ------------[ cut here ]------------ [ 205.304285] WARNING: CPU: 1 PID: 1954 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.305584] Modules linked in: [ 205.306037] CPU: 1 PID: 1954 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.306995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.308147] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.308651] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.310807] RSP: 0018:ffff88800fac7bd0 EFLAGS: 00010246 [ 205.311578] RAX: 0000000000000000 RBX: ffff88800f0610a8 RCX: 0000000000000000 [ 205.312329] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 205.313053] RBP: ffff88800fac7be8 R08: ffffed1001e0c233 R09: ffffed1001e0c233 [ 205.313774] R10: ffff88800f061193 R11: ffffed1001e0c232 R12: ffff888012e91c00 [ 205.314493] R13: ffff88800f0611e8 R14: ffff8880218db700 R15: 0000000000000000 [ 205.315276] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.316259] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.317090] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 205.318033] PKRU: 55555554 [ 205.318322] Call Trace: [ 205.318632] [ 205.318871] iommufd_access_destroy_object+0x65/0x170 [ 205.319430] iommufd_object_destroy_user+0x18e/0x220 [ 205.319956] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.320551] iommufd_access_destroy+0x43/0x70 [ 205.321021] iommufd_test_staccess_release+0x8d/0xd0 [ 205.321547] __fput+0x26d/0xa40 [ 205.322025] ____fput+0x1e/0x30 [ 205.322556] task_work_run+0x1a4/0x2d0 [ 205.323101] ? __pfx_task_work_run+0x10/0x10 [ 205.323594] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.324104] ? switch_task_namespaces+0xa9/0xe0 [ 205.324595] do_exit+0xb17/0x2ef0 [ 205.324954] ? lock_acquire+0x427/0x4c0 [ 205.325410] ? __pfx_lock_release+0x10/0x10 [ 205.325873] ? __kasan_check_write+0x18/0x20 [ 205.326331] ? do_raw_spin_lock+0x132/0x2a0 [ 205.326867] ? __pfx_do_exit+0x10/0x10 [ 205.327492] ? debug_smp_processor_id+0x20/0x30 [ 205.327986] ? rcu_is_watching+0x19/0xb0 [ 205.328405] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.328870] ? trace_hardirqs_on+0x26/0x120 [ 205.329315] do_group_exit+0xe0/0x2b0 [ 205.329702] __x64_sys_exit_group+0x47/0x50 [ 205.330134] do_syscall_64+0x3b/0x90 [ 205.330568] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.331112] RIP: 0033:0x7f4b87518a4d [ 205.331524] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.332269] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.333337] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.334065] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.334832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.335585] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.336307] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.337042] [ 205.337371] irq event stamp: 0 [ 205.337800] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.338697] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.339569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.340421] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.341064] ---[ end trace 0000000000000000 ]--- [ 205.342052] ------------[ cut here ]------------ [ 205.342782] WARNING: CPU: 1 PID: 1954 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.344059] Modules linked in: [ 205.344399] CPU: 1 PID: 1954 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.345295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.346460] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.347051] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.349567] RSP: 0018:ffff88800fac7b78 EFLAGS: 00010246 [ 205.350127] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.350884] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 205.351615] RBP: ffff88800fac7b98 R08: ffffed1001e0c23e R09: ffffed1001e0c23e [ 205.352336] R10: ffff88800f0611ef R11: ffffed1001e0c23d R12: ffff88800f061290 [ 205.353186] R13: ffff88800f0610a8 R14: ffffffffffffffff R15: ffff88800fac7c60 [ 205.354207] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.355060] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.355680] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 205.356407] PKRU: 55555554 [ 205.356708] Call Trace: [ 205.356975] [ 205.357265] iommufd_ioas_destroy+0x53/0x70 [ 205.357868] iommufd_fops_release+0x1f7/0x370 [ 205.358540] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.359055] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.359574] ? write_comp_data+0x2f/0x90 [ 205.360003] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.360522] __fput+0x26d/0xa40 [ 205.360880] ____fput+0x1e/0x30 [ 205.361228] task_work_run+0x1a4/0x2d0 [ 205.361699] ? __pfx_task_work_run+0x10/0x10 [ 205.362353] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.362895] ? switch_task_namespaces+0xa9/0xe0 [ 205.363394] do_exit+0xb17/0x2ef0 [ 205.363754] ? lock_acquire+0x427/0x4c0 [ 205.364176] ? __pfx_lock_release+0x10/0x10 [ 205.364625] ? __kasan_check_write+0x18/0x20 [ 205.365088] ? do_raw_spin_lock+0x132/0x2a0 [ 205.365623] ? __pfx_do_exit+0x10/0x10 [ 205.366160] ? debug_smp_processor_id+0x20/0x30 [ 205.366840] ? rcu_is_watching+0x19/0xb0 [ 205.367283] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.367758] ? trace_hardirqs_on+0x26/0x120 [ 205.368211] do_group_exit+0xe0/0x2b0 [ 205.368606] __x64_sys_exit_group+0x47/0x50 [ 205.369054] do_syscall_64+0x3b/0x90 [ 205.369453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.370092] RIP: 0033:0x7f4b87518a4d [ 205.370643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.371545] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.372322] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.373047] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.373767] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.374491] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.375488] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.376495] [ 205.376735] irq event stamp: 0 [ 205.377059] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.377708] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.378587] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.379508] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.380381] ---[ end trace 0000000000000000 ]--- [ 205.387984] ------------[ cut here ]------------ [ 205.388962] WARNING: CPU: 1 PID: 1955 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.389977] Modules linked in: [ 205.390294] CPU: 1 PID: 1955 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.391277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.392575] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.393642] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.395539] RSP: 0018:ffff888017b8fbb8 EFLAGS: 00010246 [ 205.396066] RAX: 0000000000000000 RBX: ffff8880171bd0a8 RCX: 0000000000000000 [ 205.396915] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 205.398190] RBP: ffff888017b8fbd0 R08: ffffed1002e37a33 R09: ffffed1002e37a33 [ 205.398972] R10: ffff8880171bd193 R11: ffffed1002e37a32 R12: ffff888014581000 [ 205.399710] R13: ffff8880171bd1e8 R14: ffffffff8352e670 R15: ffff888017b8fe68 [ 205.400409] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.401278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.402064] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 205.403019] PKRU: 55555554 [ 205.403324] Call Trace: [ 205.403580] [ 205.403808] __iommufd_access_detach+0x1c2/0x2b0 [ 205.404293] iommufd_access_change_pt+0x149/0x270 [ 205.404784] iommufd_access_replace+0xb4/0x120 [ 205.405251] iommufd_test+0x3e5/0x37e0 [ 205.405642] ? lock_release+0x532/0x770 [ 205.406192] ? __might_fault+0x102/0x1b0 [ 205.406769] ? lock_acquire+0x427/0x4c0 [ 205.407315] ? __pfx_iommufd_test+0x10/0x10 [ 205.407747] ? __pfx_lock_release+0x10/0x10 [ 205.408190] ? __pfx_lock_acquire+0x10/0x10 [ 205.408639] ? write_comp_data+0x2f/0x90 [ 205.409059] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.409552] ? write_comp_data+0x2f/0x90 [ 205.409968] iommufd_fops_ioctl+0x37d/0x510 [ 205.410492] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.411254] ? write_comp_data+0x2f/0x90 [ 205.411681] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.412169] __x64_sys_ioctl+0x1a3/0x230 [ 205.412594] do_syscall_64+0x3b/0x90 [ 205.412983] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.413508] RIP: 0033:0x7f4b8743ee5d [ 205.413891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.415779] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.416536] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.417253] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.418136] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.419209] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.419943] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.420654] [ 205.420885] irq event stamp: 0 [ 205.421198] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.421834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.422711] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.423554] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.424367] ---[ end trace 0000000000000000 ]--- [ 205.427811] ------------[ cut here ]------------ [ 205.428320] WARNING: CPU: 1 PID: 1955 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.429405] Modules linked in: [ 205.429855] CPU: 1 PID: 1955 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.431198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.432311] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.432798] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.434619] RSP: 0018:ffff888017b8fbd0 EFLAGS: 00010246 [ 205.435158] RAX: 0000000000000000 RBX: ffff8880171bd0a8 RCX: 0000000000000000 [ 205.436096] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 205.437061] RBP: ffff888017b8fbe8 R08: ffffed1002e37a33 R09: ffffed1002e37a33 [ 205.437765] R10: ffff8880171bd193 R11: ffffed1002e37a32 R12: ffff88800a724400 [ 205.438470] R13: ffff8880171bd1e8 R14: ffff8880135c1d00 R15: 0000000000000000 [ 205.439224] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.440024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.440596] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 205.441299] PKRU: 55555554 [ 205.441637] Call Trace: [ 205.441972] [ 205.442276] iommufd_access_destroy_object+0x65/0x170 [ 205.442937] iommufd_object_destroy_user+0x18e/0x220 [ 205.443457] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.444037] iommufd_access_destroy+0x43/0x70 [ 205.444494] iommufd_test_staccess_release+0x8d/0xd0 [ 205.445012] __fput+0x26d/0xa40 [ 205.445363] ____fput+0x1e/0x30 [ 205.445706] task_work_run+0x1a4/0x2d0 [ 205.446104] ? __pfx_task_work_run+0x10/0x10 [ 205.446569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.447063] ? switch_task_namespaces+0xa9/0xe0 [ 205.447578] do_exit+0xb17/0x2ef0 [ 205.447973] ? lock_acquire+0x427/0x4c0 [ 205.448522] ? __pfx_lock_release+0x10/0x10 [ 205.449130] ? __kasan_check_write+0x18/0x20 [ 205.449575] ? do_raw_spin_lock+0x132/0x2a0 [ 205.450016] ? __pfx_do_exit+0x10/0x10 [ 205.450420] ? debug_smp_processor_id+0x20/0x30 [ 205.450930] ? rcu_is_watching+0x19/0xb0 [ 205.451373] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.451836] ? trace_hardirqs_on+0x26/0x120 [ 205.452279] do_group_exit+0xe0/0x2b0 [ 205.452666] __x64_sys_exit_group+0x47/0x50 [ 205.453098] do_syscall_64+0x3b/0x90 [ 205.453551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.454247] RIP: 0033:0x7f4b87518a4d [ 205.454850] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.455489] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.456250] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.456956] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.457668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.458378] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.459279] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.460283] [ 205.460529] irq event stamp: 0 [ 205.460843] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.461468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.462304] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.463181] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.463838] ---[ end trace 0000000000000000 ]--- [ 205.464693] ------------[ cut here ]------------ [ 205.465356] WARNING: CPU: 1 PID: 1955 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.466367] Modules linked in: [ 205.466733] CPU: 1 PID: 1955 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.467627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.468758] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.469293] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.471848] RSP: 0018:ffff888017b8fb78 EFLAGS: 00010246 [ 205.472388] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.473084] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 205.473781] RBP: ffff888017b8fb98 R08: ffffed1002e37a3e R09: ffffed1002e37a3e [ 205.474483] R10: ffff8880171bd1ef R11: ffffed1002e37a3d R12: ffff8880171bd290 [ 205.475239] R13: ffff8880171bd0a8 R14: ffffffffffffffff R15: ffff888017b8fc60 [ 205.476174] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.477251] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.477830] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 205.478576] PKRU: 55555554 [ 205.478859] Call Trace: [ 205.479114] [ 205.479357] iommufd_ioas_destroy+0x53/0x70 [ 205.479797] iommufd_fops_release+0x1f7/0x370 [ 205.480249] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.480754] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.481249] ? write_comp_data+0x2f/0x90 [ 205.481797] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.482544] __fput+0x26d/0xa40 [ 205.482888] ____fput+0x1e/0x30 [ 205.483242] task_work_run+0x1a4/0x2d0 [ 205.483637] ? __pfx_task_work_run+0x10/0x10 [ 205.484076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.484559] ? switch_task_namespaces+0xa9/0xe0 [ 205.485030] do_exit+0xb17/0x2ef0 [ 205.485376] ? lock_acquire+0x427/0x4c0 [ 205.485782] ? __pfx_lock_release+0x10/0x10 [ 205.486225] ? __kasan_check_write+0x18/0x20 [ 205.486868] ? do_raw_spin_lock+0x132/0x2a0 [ 205.487523] ? __pfx_do_exit+0x10/0x10 [ 205.487934] ? debug_smp_processor_id+0x20/0x30 [ 205.488407] ? rcu_is_watching+0x19/0xb0 [ 205.488816] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.489273] ? trace_hardirqs_on+0x26/0x120 [ 205.489708] do_group_exit+0xe0/0x2b0 [ 205.490090] __x64_sys_exit_group+0x47/0x50 [ 205.490560] do_syscall_64+0x3b/0x90 [ 205.490942] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.491483] RIP: 0033:0x7f4b87518a4d [ 205.491896] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.492705] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.493739] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.494425] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.495149] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.495847] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.496552] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.497336] [ 205.497652] irq event stamp: 0 [ 205.498115] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.498769] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.499597] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.500417] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.501054] ---[ end trace 0000000000000000 ]--- [ 205.506276] ------------[ cut here ]------------ [ 205.506907] WARNING: CPU: 1 PID: 1956 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.507936] Modules linked in: [ 205.508258] CPU: 1 PID: 1956 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.509117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.510218] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.510747] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.512538] RSP: 0018:ffff88800fac7bb8 EFLAGS: 00010246 [ 205.513061] RAX: 0000000000000000 RBX: ffff888011f3d8a8 RCX: 0000000000000000 [ 205.513761] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 205.514462] RBP: ffff88800fac7bd0 R08: ffffed10023e7b33 R09: ffffed10023e7b33 [ 205.515202] R10: ffff888011f3d993 R11: ffffed10023e7b32 R12: ffff88800b9b7000 [ 205.515902] R13: ffff888011f3d9e8 R14: ffffffff8352e670 R15: ffff88800fac7e68 [ 205.516608] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.517394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.517961] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 205.518685] PKRU: 55555554 [ 205.518964] Call Trace: [ 205.519227] [ 205.519434] __iommufd_access_detach+0x1c2/0x2b0 [ 205.519885] iommufd_access_change_pt+0x149/0x270 [ 205.520339] iommufd_access_replace+0xb4/0x120 [ 205.520773] iommufd_test+0x3e5/0x37e0 [ 205.521130] ? lock_release+0x532/0x770 [ 205.521503] ? __might_fault+0x102/0x1b0 [ 205.521880] ? lock_acquire+0x427/0x4c0 [ 205.522253] ? __pfx_iommufd_test+0x10/0x10 [ 205.522672] ? __pfx_lock_release+0x10/0x10 [ 205.523075] ? __pfx_lock_acquire+0x10/0x10 [ 205.523494] ? write_comp_data+0x2f/0x90 [ 205.523876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.524326] ? write_comp_data+0x2f/0x90 [ 205.524713] iommufd_fops_ioctl+0x37d/0x510 [ 205.525110] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.525561] ? write_comp_data+0x2f/0x90 [ 205.525942] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.526386] __x64_sys_ioctl+0x1a3/0x230 [ 205.526791] do_syscall_64+0x3b/0x90 [ 205.527149] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.527627] RIP: 0033:0x7f4b8743ee5d [ 205.527962] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.529585] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.530264] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.530923] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.531545] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.532146] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.532750] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.533381] [ 205.533582] irq event stamp: 0 [ 205.533855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.534389] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.535140] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.535850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.536384] ---[ end trace 0000000000000000 ]--- [ 205.541681] ------------[ cut here ]------------ [ 205.542296] WARNING: CPU: 0 PID: 1956 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.543598] Modules linked in: [ 205.543990] CPU: 0 PID: 1956 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.544964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.546231] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.546834] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.548916] RSP: 0018:ffff88800fac7bd0 EFLAGS: 00010246 [ 205.549530] RAX: 0000000000000000 RBX: ffff888011f3d8a8 RCX: 0000000000000000 [ 205.550345] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 205.551208] RBP: ffff88800fac7be8 R08: ffffed10023e7b33 R09: ffffed10023e7b33 [ 205.552031] R10: ffff888011f3d993 R11: ffffed10023e7b32 R12: ffff888014583400 [ 205.552850] R13: ffff888011f3d9e8 R14: ffff88800f503e00 R15: 0000000000000000 [ 205.553667] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 205.554615] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.555300] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 205.556096] PKRU: 55555554 [ 205.556427] Call Trace: [ 205.556728] [ 205.557002] iommufd_access_destroy_object+0x65/0x170 [ 205.557608] iommufd_object_destroy_user+0x18e/0x220 [ 205.558213] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.558941] iommufd_access_destroy+0x43/0x70 [ 205.559492] iommufd_test_staccess_release+0x8d/0xd0 [ 205.560074] __fput+0x26d/0xa40 [ 205.560472] ____fput+0x1e/0x30 [ 205.560856] task_work_run+0x1a4/0x2d0 [ 205.561307] ? __pfx_task_work_run+0x10/0x10 [ 205.561824] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.562390] ? switch_task_namespaces+0xa9/0xe0 [ 205.562966] do_exit+0xb17/0x2ef0 [ 205.563381] ? lock_acquire+0x427/0x4c0 [ 205.563854] ? __pfx_lock_release+0x10/0x10 [ 205.564363] ? __kasan_check_write+0x18/0x20 [ 205.564876] ? do_raw_spin_lock+0x132/0x2a0 [ 205.565376] ? __pfx_do_exit+0x10/0x10 [ 205.565824] ? debug_smp_processor_id+0x20/0x30 [ 205.566347] ? rcu_is_watching+0x19/0xb0 [ 205.566826] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.567349] ? trace_hardirqs_on+0x26/0x120 [ 205.567840] do_group_exit+0xe0/0x2b0 [ 205.568270] __x64_sys_exit_group+0x47/0x50 [ 205.568751] do_syscall_64+0x3b/0x90 [ 205.569180] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.569764] RIP: 0033:0x7f4b87518a4d [ 205.570179] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.570879] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.571722] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.572504] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.573282] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.574059] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.574855] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.575655] [ 205.575916] irq event stamp: 0 [ 205.576265] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.576948] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.577849] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.578775] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.579467] ---[ end trace 0000000000000000 ]--- [ 205.580586] ------------[ cut here ]------------ [ 205.581103] WARNING: CPU: 0 PID: 1956 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.582200] Modules linked in: [ 205.582598] CPU: 0 PID: 1956 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.583556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.584761] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.585320] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.587354] RSP: 0018:ffff88800fac7b78 EFLAGS: 00010246 [ 205.587935] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.588700] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 205.589463] RBP: ffff88800fac7b98 R08: ffffed10023e7b3e R09: ffffed10023e7b3e [ 205.590228] R10: ffff888011f3d9ef R11: ffffed10023e7b3d R12: ffff888011f3da90 [ 205.591016] R13: ffff888011f3d8a8 R14: ffffffffffffffff R15: ffff88800fac7c60 [ 205.591804] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 205.592680] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.593322] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 205.594108] PKRU: 55555554 [ 205.594431] Call Trace: [ 205.594759] [ 205.595023] iommufd_ioas_destroy+0x53/0x70 [ 205.595527] iommufd_fops_release+0x1f7/0x370 [ 205.596040] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.596597] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.597153] ? write_comp_data+0x2f/0x90 [ 205.597621] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.598176] __fput+0x26d/0xa40 [ 205.598599] ____fput+0x1e/0x30 [ 205.598993] task_work_run+0x1a4/0x2d0 [ 205.599457] ? __pfx_task_work_run+0x10/0x10 [ 205.599956] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.600505] ? switch_task_namespaces+0xa9/0xe0 [ 205.601038] do_exit+0xb17/0x2ef0 [ 205.601436] ? lock_acquire+0x427/0x4c0 [ 205.601895] ? __pfx_lock_release+0x10/0x10 [ 205.602390] ? __kasan_check_write+0x18/0x20 [ 205.602923] ? do_raw_spin_lock+0x132/0x2a0 [ 205.603426] ? __pfx_do_exit+0x10/0x10 [ 205.603868] ? debug_smp_processor_id+0x20/0x30 [ 205.604379] ? rcu_is_watching+0x19/0xb0 [ 205.604824] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.605321] ? trace_hardirqs_on+0x26/0x120 [ 205.605801] do_group_exit+0xe0/0x2b0 [ 205.606220] __x64_sys_exit_group+0x47/0x50 [ 205.606715] do_syscall_64+0x3b/0x90 [ 205.607149] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.607715] RIP: 0033:0x7f4b87518a4d [ 205.608108] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.608746] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.609532] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.610270] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.611029] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.611778] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.612516] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.613264] [ 205.613515] irq event stamp: 0 [ 205.613847] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.614499] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.615396] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.616256] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.616907] ---[ end trace 0000000000000000 ]--- [ 205.622994] ------------[ cut here ]------------ [ 205.623521] WARNING: CPU: 0 PID: 1957 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.624556] Modules linked in: [ 205.624892] CPU: 0 PID: 1957 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.625786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.626970] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.627500] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.629357] RSP: 0018:ffff88801716fbb8 EFLAGS: 00010246 [ 205.629906] RAX: 0000000000000000 RBX: ffff888016d9a0a8 RCX: 0000000000000000 [ 205.630662] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 205.631406] RBP: ffff88801716fbd0 R08: ffffed1002db3433 R09: ffffed1002db3433 [ 205.632137] R10: ffff888016d9a193 R11: ffffed1002db3432 R12: ffff888013dbb400 [ 205.632868] R13: ffff888016d9a1e8 R14: ffffffff8352e670 R15: ffff88801716fe68 [ 205.633599] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 205.634423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.635043] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 205.635796] PKRU: 55555554 [ 205.636096] Call Trace: [ 205.636365] [ 205.636606] __iommufd_access_detach+0x1c2/0x2b0 [ 205.637120] iommufd_access_change_pt+0x149/0x270 [ 205.637638] iommufd_access_replace+0xb4/0x120 [ 205.638130] iommufd_test+0x3e5/0x37e0 [ 205.638565] ? lock_release+0x532/0x770 [ 205.639000] ? __might_fault+0x102/0x1b0 [ 205.639447] ? lock_acquire+0x427/0x4c0 [ 205.639881] ? __pfx_iommufd_test+0x10/0x10 [ 205.640332] ? __pfx_lock_release+0x10/0x10 [ 205.640794] ? __pfx_lock_acquire+0x10/0x10 [ 205.641259] ? write_comp_data+0x2f/0x90 [ 205.641701] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.642217] ? write_comp_data+0x2f/0x90 [ 205.642682] iommufd_fops_ioctl+0x37d/0x510 [ 205.643153] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.643671] ? write_comp_data+0x2f/0x90 [ 205.644112] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.644622] __x64_sys_ioctl+0x1a3/0x230 [ 205.645065] do_syscall_64+0x3b/0x90 [ 205.645471] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.646021] RIP: 0033:0x7f4b8743ee5d [ 205.646413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.648293] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.649076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.649807] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.650563] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.651308] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.652040] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.652784] [ 205.653032] irq event stamp: 0 [ 205.653363] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.654012] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.654894] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.655762] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.656409] ---[ end trace 0000000000000000 ]--- [ 205.660483] ------------[ cut here ]------------ [ 205.660986] WARNING: CPU: 0 PID: 1957 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.662021] Modules linked in: [ 205.662358] CPU: 0 PID: 1957 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.663328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.664113] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.664466] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.665701] RSP: 0018:ffff88801716fbd0 EFLAGS: 00010246 [ 205.666060] RAX: 0000000000000000 RBX: ffff888016d9a0a8 RCX: 0000000000000000 [ 205.666557] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 205.667043] RBP: ffff88801716fbe8 R08: ffffed1002db3433 R09: ffffed1002db3433 [ 205.667539] R10: ffff888016d9a193 R11: ffffed1002db3432 R12: ffff888010824000 [ 205.668024] R13: ffff888016d9a1e8 R14: ffff88800fceb900 R15: 0000000000000000 [ 205.668507] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 205.669053] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.669449] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 205.669935] PKRU: 55555554 [ 205.670130] Call Trace: [ 205.670307] [ 205.670465] iommufd_access_destroy_object+0x65/0x170 [ 205.670842] iommufd_object_destroy_user+0x18e/0x220 [ 205.671206] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.671609] iommufd_access_destroy+0x43/0x70 [ 205.671931] iommufd_test_staccess_release+0x8d/0xd0 [ 205.672286] __fput+0x26d/0xa40 [ 205.672527] ____fput+0x1e/0x30 [ 205.672764] task_work_run+0x1a4/0x2d0 [ 205.673041] ? __pfx_task_work_run+0x10/0x10 [ 205.673370] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.673870] ? switch_task_namespaces+0xa9/0xe0 [ 205.674204] do_exit+0xb17/0x2ef0 [ 205.674445] ? lock_acquire+0x427/0x4c0 [ 205.674754] ? __pfx_lock_release+0x10/0x10 [ 205.675060] ? __kasan_check_write+0x18/0x20 [ 205.675388] ? do_raw_spin_lock+0x132/0x2a0 [ 205.675688] ? __pfx_do_exit+0x10/0x10 [ 205.675964] ? debug_smp_processor_id+0x20/0x30 [ 205.676290] ? rcu_is_watching+0x19/0xb0 [ 205.676572] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.676948] ? trace_hardirqs_on+0x26/0x120 [ 205.677339] do_group_exit+0xe0/0x2b0 [ 205.677606] __x64_sys_exit_group+0x47/0x50 [ 205.677903] do_syscall_64+0x3b/0x90 [ 205.678169] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.678557] RIP: 0033:0x7f4b87518a4d [ 205.678817] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.679243] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.679769] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.680274] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.680883] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.681384] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.681884] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.682393] [ 205.682582] irq event stamp: 0 [ 205.682810] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.683265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.684001] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.684594] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.685037] ---[ end trace 0000000000000000 ]--- [ 205.685683] ------------[ cut here ]------------ [ 205.686023] WARNING: CPU: 0 PID: 1957 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.686903] Modules linked in: [ 205.687147] CPU: 0 PID: 1957 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.687831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.688618] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.688983] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.690407] RSP: 0018:ffff88801716fb78 EFLAGS: 00010246 [ 205.690822] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.691354] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 205.691854] RBP: ffff88801716fb98 R08: ffffed1002db343e R09: ffffed1002db343e [ 205.692358] R10: ffff888016d9a1ef R11: ffffed1002db343d R12: ffff888016d9a290 [ 205.693041] R13: ffff888016d9a0a8 R14: ffffffffffffffff R15: ffff88801716fc60 [ 205.693542] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 205.694107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.694536] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 205.695030] PKRU: 55555554 [ 205.695241] Call Trace: [ 205.695422] [ 205.695583] iommufd_ioas_destroy+0x53/0x70 [ 205.695947] iommufd_fops_release+0x1f7/0x370 [ 205.696356] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.696712] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.697057] ? write_comp_data+0x2f/0x90 [ 205.697368] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.697730] __fput+0x26d/0xa40 [ 205.697979] ____fput+0x1e/0x30 [ 205.698224] task_work_run+0x1a4/0x2d0 [ 205.698561] ? __pfx_task_work_run+0x10/0x10 [ 205.698965] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.699323] ? switch_task_namespaces+0xa9/0xe0 [ 205.699673] do_exit+0xb17/0x2ef0 [ 205.699925] ? lock_acquire+0x427/0x4c0 [ 205.700221] ? __pfx_lock_release+0x10/0x10 [ 205.700539] ? __kasan_check_write+0x18/0x20 [ 205.700858] ? do_raw_spin_lock+0x132/0x2a0 [ 205.701172] ? __pfx_do_exit+0x10/0x10 [ 205.701460] ? debug_smp_processor_id+0x20/0x30 [ 205.701797] ? rcu_is_watching+0x19/0xb0 [ 205.702129] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.702585] ? trace_hardirqs_on+0x26/0x120 [ 205.702905] do_group_exit+0xe0/0x2b0 [ 205.703203] __x64_sys_exit_group+0x47/0x50 [ 205.703516] do_syscall_64+0x3b/0x90 [ 205.703794] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.704170] RIP: 0033:0x7f4b87518a4d [ 205.704439] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.704877] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.705433] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.706077] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.706605] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.707121] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.707625] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.708138] [ 205.708305] irq event stamp: 0 [ 205.708535] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.709127] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.709729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.710324] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.710788] ---[ end trace 0000000000000000 ]--- [ 205.716825] ------------[ cut here ]------------ [ 205.717362] WARNING: CPU: 1 PID: 1958 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.718613] Modules linked in: [ 205.718976] CPU: 1 PID: 1958 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.719960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.721194] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.721816] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.723859] RSP: 0018:ffff888016f67bb8 EFLAGS: 00010246 [ 205.724428] RAX: 0000000000000000 RBX: ffff888018b550a8 RCX: 0000000000000000 [ 205.725271] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 205.726019] RBP: ffff888016f67bd0 R08: ffffed100316aa33 R09: ffffed100316aa33 [ 205.726869] R10: ffff888018b55193 R11: ffffed100316aa32 R12: ffff8880218e1800 [ 205.727642] R13: ffff888018b551e8 R14: ffffffff8352e670 R15: ffff888016f67e68 [ 205.728485] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.729333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.729995] CR2: 00007f4b877410e8 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 205.730825] PKRU: 55555554 [ 205.731162] Call Trace: [ 205.731447] [ 205.731751] __iommufd_access_detach+0x1c2/0x2b0 [ 205.732338] iommufd_access_change_pt+0x149/0x270 [ 205.732889] iommufd_access_replace+0xb4/0x120 [ 205.733458] iommufd_test+0x3e5/0x37e0 [ 205.733946] ? lock_release+0x532/0x770 [ 205.734404] ? __might_fault+0x102/0x1b0 [ 205.734898] ? lock_acquire+0x427/0x4c0 [ 205.735461] ? __pfx_iommufd_test+0x10/0x10 [ 205.735939] ? __pfx_lock_release+0x10/0x10 [ 205.736426] ? __pfx_lock_acquire+0x10/0x10 [ 205.737013] ? write_comp_data+0x2f/0x90 [ 205.737484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.738034] ? write_comp_data+0x2f/0x90 [ 205.738584] iommufd_fops_ioctl+0x37d/0x510 [ 205.739143] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.739705] ? write_comp_data+0x2f/0x90 [ 205.740192] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.740791] __x64_sys_ioctl+0x1a3/0x230 [ 205.741268] do_syscall_64+0x3b/0x90 [ 205.741705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.742401] RIP: 0033:0x7f4b8743ee5d [ 205.742852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.744940] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.745882] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.746702] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.747499] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.748283] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.749177] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.749973] [ 205.750247] irq event stamp: 0 [ 205.750714] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.751428] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.752404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.753372] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.754113] ---[ end trace 0000000000000000 ]--- [ 205.758897] ------------[ cut here ]------------ [ 205.759470] WARNING: CPU: 1 PID: 1958 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.760457] Modules linked in: [ 205.760735] CPU: 1 PID: 1958 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.761513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.762482] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.763188] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.764769] RSP: 0018:ffff888016f67bd0 EFLAGS: 00010246 [ 205.765231] RAX: 0000000000000000 RBX: ffff888018b550a8 RCX: 0000000000000000 [ 205.765850] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 205.766487] RBP: ffff888016f67be8 R08: ffffed100316aa33 R09: ffffed100316aa33 [ 205.767131] R10: ffff888018b55193 R11: ffffed100316aa32 R12: ffff88800b9b5c00 [ 205.767758] R13: ffff888018b551e8 R14: ffff8880209b7000 R15: 0000000000000000 [ 205.768374] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.769070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.769570] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 205.770189] PKRU: 55555554 [ 205.770434] Call Trace: [ 205.770676] [ 205.770877] iommufd_access_destroy_object+0x65/0x170 [ 205.771361] iommufd_object_destroy_user+0x18e/0x220 [ 205.771807] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.772318] iommufd_access_destroy+0x43/0x70 [ 205.772716] iommufd_test_staccess_release+0x8d/0xd0 [ 205.773167] __fput+0x26d/0xa40 [ 205.773471] ____fput+0x1e/0x30 [ 205.773764] task_work_run+0x1a4/0x2d0 [ 205.774112] ? __pfx_task_work_run+0x10/0x10 [ 205.774523] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.774956] ? switch_task_namespaces+0xa9/0xe0 [ 205.775392] do_exit+0xb17/0x2ef0 [ 205.775703] ? lock_acquire+0x427/0x4c0 [ 205.776059] ? __pfx_lock_release+0x10/0x10 [ 205.776440] ? __kasan_check_write+0x18/0x20 [ 205.776833] ? do_raw_spin_lock+0x132/0x2a0 [ 205.777213] ? __pfx_do_exit+0x10/0x10 [ 205.777563] ? debug_smp_processor_id+0x20/0x30 [ 205.777971] ? rcu_is_watching+0x19/0xb0 [ 205.778327] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.778753] ? trace_hardirqs_on+0x26/0x120 [ 205.779148] do_group_exit+0xe0/0x2b0 [ 205.779487] __x64_sys_exit_group+0x47/0x50 [ 205.779867] do_syscall_64+0x3b/0x90 [ 205.780208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.780672] RIP: 0033:0x7f4b87518a4d [ 205.781002] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.781541] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.782196] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.782837] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.783466] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.784085] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.784705] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.785327] [ 205.785550] irq event stamp: 0 [ 205.785826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.786373] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.787128] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.787856] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.788402] ---[ end trace 0000000000000000 ]--- [ 205.789136] ------------[ cut here ]------------ [ 205.789546] WARNING: CPU: 1 PID: 1958 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.790434] Modules linked in: [ 205.790748] CPU: 1 PID: 1958 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.791522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.792500] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.792948] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.794556] RSP: 0018:ffff888016f67b78 EFLAGS: 00010246 [ 205.795022] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.795669] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 205.796283] RBP: ffff888016f67b98 R08: ffffed100316aa3e R09: ffffed100316aa3e [ 205.796900] R10: ffff888018b551ef R11: ffffed100316aa3d R12: ffff888018b55290 [ 205.797518] R13: ffff888018b550a8 R14: ffffffffffffffff R15: ffff888016f67c60 [ 205.798135] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.798850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.799368] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 205.799988] PKRU: 55555554 [ 205.800236] Call Trace: [ 205.800459] [ 205.800658] iommufd_ioas_destroy+0x53/0x70 [ 205.801039] iommufd_fops_release+0x1f7/0x370 [ 205.801437] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.801874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.802307] ? write_comp_data+0x2f/0x90 [ 205.802690] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.803137] __fput+0x26d/0xa40 [ 205.803442] ____fput+0x1e/0x30 [ 205.803735] task_work_run+0x1a4/0x2d0 [ 205.804079] ? __pfx_task_work_run+0x10/0x10 [ 205.804466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.804893] ? switch_task_namespaces+0xa9/0xe0 [ 205.805313] do_exit+0xb17/0x2ef0 [ 205.805617] ? lock_acquire+0x427/0x4c0 [ 205.805972] ? __pfx_lock_release+0x10/0x10 [ 205.806355] ? __kasan_check_write+0x18/0x20 [ 205.806763] ? do_raw_spin_lock+0x132/0x2a0 [ 205.807152] ? __pfx_do_exit+0x10/0x10 [ 205.807503] ? debug_smp_processor_id+0x20/0x30 [ 205.807912] ? rcu_is_watching+0x19/0xb0 [ 205.808269] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.808667] ? trace_hardirqs_on+0x26/0x120 [ 205.809048] do_group_exit+0xe0/0x2b0 [ 205.809404] __x64_sys_exit_group+0x47/0x50 [ 205.809780] do_syscall_64+0x3b/0x90 [ 205.810120] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.810603] RIP: 0033:0x7f4b87518a4d [ 205.810933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.811476] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.812130] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.812744] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.813371] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.813987] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.814620] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.815250] [ 205.815453] irq event stamp: 0 [ 205.815730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.816280] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.817003] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.817719] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.818262] ---[ end trace 0000000000000000 ]--- [ 205.822018] ------------[ cut here ]------------ [ 205.822452] WARNING: CPU: 1 PID: 1959 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.823364] Modules linked in: [ 205.823640] CPU: 1 PID: 1959 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.824385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.825372] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.825796] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.827390] RSP: 0018:ffff8880143afbb8 EFLAGS: 00010246 [ 205.827847] RAX: 0000000000000000 RBX: ffff888016de00a8 RCX: 0000000000000000 [ 205.828453] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 205.829059] RBP: ffff8880143afbd0 R08: ffffed1002dbc033 R09: ffffed1002dbc033 [ 205.829668] R10: ffff888016de0193 R11: ffffed1002dbc032 R12: ffff888020fedc00 [ 205.830274] R13: ffff888016de01e8 R14: ffffffff8352e670 R15: ffff8880143afe68 [ 205.830901] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.831602] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.832097] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 205.832706] PKRU: 55555554 [ 205.832947] Call Trace: [ 205.833167] [ 205.833362] __iommufd_access_detach+0x1c2/0x2b0 [ 205.833782] iommufd_access_change_pt+0x149/0x270 [ 205.834204] iommufd_access_replace+0xb4/0x120 [ 205.834619] iommufd_test+0x3e5/0x37e0 [ 205.834958] ? lock_release+0x532/0x770 [ 205.835320] ? __might_fault+0x102/0x1b0 [ 205.835680] ? lock_acquire+0x427/0x4c0 [ 205.836032] ? __pfx_iommufd_test+0x10/0x10 [ 205.836402] ? __pfx_lock_release+0x10/0x10 [ 205.836782] ? __pfx_lock_acquire+0x10/0x10 [ 205.837162] ? write_comp_data+0x2f/0x90 [ 205.837524] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.837946] ? write_comp_data+0x2f/0x90 [ 205.838311] iommufd_fops_ioctl+0x37d/0x510 [ 205.838707] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.839145] ? write_comp_data+0x2f/0x90 [ 205.839507] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.839926] __x64_sys_ioctl+0x1a3/0x230 [ 205.840284] do_syscall_64+0x3b/0x90 [ 205.840639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.841095] RIP: 0033:0x7f4b8743ee5d [ 205.841419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.843027] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.843696] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.844307] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.844921] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.845534] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.846144] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.846781] [ 205.846987] irq event stamp: 0 [ 205.847266] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.847808] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.848512] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.849209] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.849741] ---[ end trace 0000000000000000 ]--- [ 205.852401] ------------[ cut here ]------------ [ 205.852832] WARNING: CPU: 1 PID: 1959 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.853680] Modules linked in: [ 205.853948] CPU: 1 PID: 1959 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.854865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.855823] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.856238] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.857765] RSP: 0018:ffff8880143afbd0 EFLAGS: 00010246 [ 205.858206] RAX: 0000000000000000 RBX: ffff888016de00a8 RCX: 0000000000000000 [ 205.858814] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 205.859454] RBP: ffff8880143afbe8 R08: ffffed1002dbc033 R09: ffffed1002dbc033 [ 205.860049] R10: ffff888016de0193 R11: ffffed1002dbc032 R12: ffff8880218e1000 [ 205.860643] R13: ffff888016de01e8 R14: ffff888020806300 R15: 0000000000000000 [ 205.861233] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.861900] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.862387] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 205.862998] PKRU: 55555554 [ 205.863242] Call Trace: [ 205.863459] [ 205.863652] iommufd_access_destroy_object+0x65/0x170 [ 205.864086] iommufd_object_destroy_user+0x18e/0x220 [ 205.864518] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.865009] iommufd_access_destroy+0x43/0x70 [ 205.865388] iommufd_test_staccess_release+0x8d/0xd0 [ 205.865816] __fput+0x26d/0xa40 [ 205.866104] ____fput+0x1e/0x30 [ 205.866385] task_work_run+0x1a4/0x2d0 [ 205.866728] ? __pfx_task_work_run+0x10/0x10 [ 205.867098] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.867515] ? switch_task_namespaces+0xa9/0xe0 [ 205.867909] do_exit+0xb17/0x2ef0 [ 205.868196] ? lock_acquire+0x427/0x4c0 [ 205.868534] ? __pfx_lock_release+0x10/0x10 [ 205.868899] ? __kasan_check_write+0x18/0x20 [ 205.869270] ? do_raw_spin_lock+0x132/0x2a0 [ 205.869631] ? __pfx_do_exit+0x10/0x10 [ 205.869960] ? debug_smp_processor_id+0x20/0x30 [ 205.870347] ? rcu_is_watching+0x19/0xb0 [ 205.870701] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.871081] ? trace_hardirqs_on+0x26/0x120 [ 205.871454] do_group_exit+0xe0/0x2b0 [ 205.871775] __x64_sys_exit_group+0x47/0x50 [ 205.872130] do_syscall_64+0x3b/0x90 [ 205.872447] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.872883] RIP: 0033:0x7f4b87518a4d [ 205.873192] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.873702] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.874324] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.874927] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.875523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.876115] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.876700] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.877294] [ 205.877487] irq event stamp: 0 [ 205.877748] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.878265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.879000] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.879700] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.880219] ---[ end trace 0000000000000000 ]--- [ 205.880916] ------------[ cut here ]------------ [ 205.881305] WARNING: CPU: 1 PID: 1959 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.882135] Modules linked in: [ 205.882395] CPU: 1 PID: 1959 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.883145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.884070] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.884496] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.885978] RSP: 0018:ffff8880143afb78 EFLAGS: 00010246 [ 205.886420] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.887017] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 205.887621] RBP: ffff8880143afb98 R08: ffffed1002dbc03e R09: ffffed1002dbc03e [ 205.888193] R10: ffff888016de01ef R11: ffffed1002dbc03d R12: ffff888016de0290 [ 205.888763] R13: ffff888016de00a8 R14: ffffffffffffffff R15: ffff8880143afc60 [ 205.889332] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.889976] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.890445] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 205.891036] PKRU: 55555554 [ 205.891269] Call Trace: [ 205.891478] [ 205.891661] iommufd_ioas_destroy+0x53/0x70 [ 205.892016] iommufd_fops_release+0x1f7/0x370 [ 205.892387] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.892789] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.893188] ? write_comp_data+0x2f/0x90 [ 205.893527] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.893930] __fput+0x26d/0xa40 [ 205.894210] ____fput+0x1e/0x30 [ 205.894482] task_work_run+0x1a4/0x2d0 [ 205.894826] ? __pfx_task_work_run+0x10/0x10 [ 205.895206] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.895609] ? switch_task_namespaces+0xa9/0xe0 [ 205.895994] do_exit+0xb17/0x2ef0 [ 205.896277] ? lock_acquire+0x427/0x4c0 [ 205.896609] ? __pfx_lock_release+0x10/0x10 [ 205.896962] ? __kasan_check_write+0x18/0x20 [ 205.897323] ? do_raw_spin_lock+0x132/0x2a0 [ 205.897671] ? __pfx_do_exit+0x10/0x10 [ 205.897995] ? debug_smp_processor_id+0x20/0x30 [ 205.898373] ? rcu_is_watching+0x19/0xb0 [ 205.898719] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.899089] ? trace_hardirqs_on+0x26/0x120 [ 205.899451] do_group_exit+0xe0/0x2b0 [ 205.899765] __x64_sys_exit_group+0x47/0x50 [ 205.900114] do_syscall_64+0x3b/0x90 [ 205.900427] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.900859] RIP: 0033:0x7f4b87518a4d [ 205.901166] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.901664] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.902275] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.902872] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.903456] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.904028] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.904604] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.905183] [ 205.905373] irq event stamp: 0 [ 205.905630] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.906141] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.906842] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.907520] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.908025] ---[ end trace 0000000000000000 ]--- [ 205.911838] ------------[ cut here ]------------ [ 205.912239] WARNING: CPU: 1 PID: 1960 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.913054] Modules linked in: [ 205.913313] CPU: 1 PID: 1960 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.914009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.914975] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.915383] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.916842] RSP: 0018:ffff888021b0fbb8 EFLAGS: 00010246 [ 205.917270] RAX: 0000000000000000 RBX: ffff88801818e0a8 RCX: 0000000000000000 [ 205.917837] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 205.918402] RBP: ffff888021b0fbd0 R08: ffffed1003031c33 R09: ffffed1003031c33 [ 205.918985] R10: ffff88801818e193 R11: ffffed1003031c32 R12: ffff888014113400 [ 205.919562] R13: ffff88801818e1e8 R14: ffffffff8352e670 R15: ffff888021b0fe68 [ 205.920132] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.920777] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.921243] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 205.921817] PKRU: 55555554 [ 205.922044] Call Trace: [ 205.922254] [ 205.922437] __iommufd_access_detach+0x1c2/0x2b0 [ 205.922844] iommufd_access_change_pt+0x149/0x270 [ 205.923255] iommufd_access_replace+0xb4/0x120 [ 205.923636] iommufd_test+0x3e5/0x37e0 [ 205.923952] ? lock_release+0x532/0x770 [ 205.924283] ? __might_fault+0x102/0x1b0 [ 205.924616] ? lock_acquire+0x427/0x4c0 [ 205.924944] ? __pfx_iommufd_test+0x10/0x10 [ 205.925290] ? __pfx_lock_release+0x10/0x10 [ 205.925647] ? __pfx_lock_acquire+0x10/0x10 [ 205.926003] ? write_comp_data+0x2f/0x90 [ 205.926338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.926747] ? write_comp_data+0x2f/0x90 [ 205.927085] iommufd_fops_ioctl+0x37d/0x510 [ 205.927446] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.927849] ? write_comp_data+0x2f/0x90 [ 205.928210] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 205.928729] __x64_sys_ioctl+0x1a3/0x230 [ 205.929071] do_syscall_64+0x3b/0x90 [ 205.929382] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.929810] RIP: 0033:0x7f4b8743ee5d [ 205.930136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 205.931683] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 205.932373] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 205.932948] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 205.933535] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 205.934167] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 205.934770] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 205.935364] [ 205.935556] irq event stamp: 0 [ 205.935854] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.936416] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.937100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.937830] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.938378] ---[ end trace 0000000000000000 ]--- [ 205.941022] ------------[ cut here ]------------ [ 205.941516] WARNING: CPU: 1 PID: 1960 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 205.942355] Modules linked in: [ 205.942649] CPU: 1 PID: 1960 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.943482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.944415] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 205.944841] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 205.946420] RSP: 0018:ffff888021b0fbd0 EFLAGS: 00010246 [ 205.946980] RAX: 0000000000000000 RBX: ffff88801818e0a8 RCX: 0000000000000000 [ 205.947584] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 205.948175] RBP: ffff888021b0fbe8 R08: ffffed1003031c33 R09: ffffed1003031c33 [ 205.948807] R10: ffff88801818e193 R11: ffffed1003031c32 R12: ffff888020fecc00 [ 205.949449] R13: ffff88801818e1e8 R14: ffff8880135c1900 R15: 0000000000000000 [ 205.950040] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.950811] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.951307] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 205.951912] PKRU: 55555554 [ 205.952153] Call Trace: [ 205.952390] [ 205.952635] iommufd_access_destroy_object+0x65/0x170 [ 205.953082] iommufd_object_destroy_user+0x18e/0x220 [ 205.953515] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 205.954010] iommufd_access_destroy+0x43/0x70 [ 205.954486] iommufd_test_staccess_release+0x8d/0xd0 [ 205.954959] __fput+0x26d/0xa40 [ 205.955263] ____fput+0x1e/0x30 [ 205.955551] task_work_run+0x1a4/0x2d0 [ 205.955890] ? __pfx_task_work_run+0x10/0x10 [ 205.956310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.956815] ? switch_task_namespaces+0xa9/0xe0 [ 205.957222] do_exit+0xb17/0x2ef0 [ 205.957516] ? lock_acquire+0x427/0x4c0 [ 205.957862] ? __pfx_lock_release+0x10/0x10 [ 205.958311] ? __kasan_check_write+0x18/0x20 [ 205.958767] ? do_raw_spin_lock+0x132/0x2a0 [ 205.959144] ? __pfx_do_exit+0x10/0x10 [ 205.959484] ? debug_smp_processor_id+0x20/0x30 [ 205.959889] ? rcu_is_watching+0x19/0xb0 [ 205.960268] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.960771] ? trace_hardirqs_on+0x26/0x120 [ 205.961151] do_group_exit+0xe0/0x2b0 [ 205.961487] __x64_sys_exit_group+0x47/0x50 [ 205.961858] do_syscall_64+0x3b/0x90 [ 205.962272] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.962765] RIP: 0033:0x7f4b87518a4d [ 205.963090] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.963635] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.964364] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.965038] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.965649] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.966382] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.967012] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.967642] [ 205.967846] irq event stamp: 0 [ 205.968143] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 205.968784] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 205.969504] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 205.970377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 205.970953] ---[ end trace 0000000000000000 ]--- [ 205.971725] ------------[ cut here ]------------ [ 205.972167] WARNING: CPU: 1 PID: 1960 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 205.973158] Modules linked in: [ 205.973440] CPU: 1 PID: 1960 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 205.974294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 205.975376] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 205.975839] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 205.977548] RSP: 0018:ffff888021b0fb78 EFLAGS: 00010246 [ 205.978043] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 205.978755] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 205.979397] RBP: ffff888021b0fb98 R08: ffffed1003031c3e R09: ffffed1003031c3e [ 205.980024] R10: ffff88801818e1ef R11: ffffed1003031c3d R12: ffff88801818e290 [ 205.980764] R13: ffff88801818e0a8 R14: ffffffffffffffff R15: ffff888021b0fc60 [ 205.981390] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 205.982110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.982716] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 205.983359] PKRU: 55555554 [ 205.983608] Call Trace: [ 205.983835] [ 205.984039] iommufd_ioas_destroy+0x53/0x70 [ 205.984533] iommufd_fops_release+0x1f7/0x370 [ 205.984934] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.985374] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.985812] ? write_comp_data+0x2f/0x90 [ 205.986284] ? __pfx_iommufd_fops_release+0x10/0x10 [ 205.986754] __fput+0x26d/0xa40 [ 205.987061] ____fput+0x1e/0x30 [ 205.987368] task_work_run+0x1a4/0x2d0 [ 205.987716] ? __pfx_task_work_run+0x10/0x10 [ 205.988110] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 205.988650] ? switch_task_namespaces+0xa9/0xe0 [ 205.989078] do_exit+0xb17/0x2ef0 [ 205.989385] ? lock_acquire+0x427/0x4c0 [ 205.989745] ? __pfx_lock_release+0x10/0x10 [ 205.990159] ? __kasan_check_write+0x18/0x20 [ 205.990629] ? do_raw_spin_lock+0x132/0x2a0 [ 205.991016] ? __pfx_do_exit+0x10/0x10 [ 205.991378] ? debug_smp_processor_id+0x20/0x30 [ 205.991790] ? rcu_is_watching+0x19/0xb0 [ 205.992152] ? _raw_spin_unlock_irq+0x2b/0x60 [ 205.992650] ? trace_hardirqs_on+0x26/0x120 [ 205.993041] do_group_exit+0xe0/0x2b0 [ 205.993381] __x64_sys_exit_group+0x47/0x50 [ 205.993764] do_syscall_64+0x3b/0x90 [ 205.994129] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 205.994695] RIP: 0033:0x7f4b87518a4d [ 205.995029] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 205.995598] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 205.996298] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 205.997047] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 205.997699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 205.998444] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 205.999139] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 205.999801] [ 206.000015] irq event stamp: 0 [ 206.000305] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.001000] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.001764] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.002609] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.003265] ---[ end trace 0000000000000000 ]--- [ 206.008241] ------------[ cut here ]------------ [ 206.008711] WARNING: CPU: 1 PID: 1961 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.009739] Modules linked in: [ 206.010031] CPU: 1 PID: 1961 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.010852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.011999] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.012454] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.014234] RSP: 0018:ffff88801496fbb8 EFLAGS: 00010246 [ 206.014749] RAX: 0000000000000000 RBX: ffff88800b9fe8a8 RCX: 0000000000000000 [ 206.015464] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 206.016169] RBP: ffff88801496fbd0 R08: ffffed100173fd33 R09: ffffed100173fd33 [ 206.016812] R10: ffff88800b9fe993 R11: ffffed100173fd32 R12: ffff88800ae91800 [ 206.017580] R13: ffff88800b9fe9e8 R14: ffffffff8352e670 R15: ffff88801496fe68 [ 206.018225] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.018986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.019571] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 206.020283] PKRU: 55555554 [ 206.020540] Call Trace: [ 206.020775] [ 206.020981] __iommufd_access_detach+0x1c2/0x2b0 [ 206.021462] iommufd_access_change_pt+0x149/0x270 [ 206.021976] iommufd_access_replace+0xb4/0x120 [ 206.022404] iommufd_test+0x3e5/0x37e0 [ 206.022791] ? lock_release+0x532/0x770 [ 206.023179] ? __might_fault+0x102/0x1b0 [ 206.023553] ? lock_acquire+0x427/0x4c0 [ 206.023922] ? __pfx_iommufd_test+0x10/0x10 [ 206.024313] ? __pfx_lock_release+0x10/0x10 [ 206.024715] ? __pfx_lock_acquire+0x10/0x10 [ 206.025113] ? write_comp_data+0x2f/0x90 [ 206.025493] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.025943] ? write_comp_data+0x2f/0x90 [ 206.026324] iommufd_fops_ioctl+0x37d/0x510 [ 206.026751] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.027214] ? write_comp_data+0x2f/0x90 [ 206.027592] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.028035] __x64_sys_ioctl+0x1a3/0x230 [ 206.028412] do_syscall_64+0x3b/0x90 [ 206.028764] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.029244] RIP: 0033:0x7f4b8743ee5d [ 206.029584] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.031268] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.031965] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.032610] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.033259] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.033901] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.034564] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.035325] [ 206.035521] irq event stamp: 0 [ 206.035776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.036281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.036951] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.037616] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.038118] ---[ end trace 0000000000000000 ]--- [ 206.040979] ------------[ cut here ]------------ [ 206.041379] WARNING: CPU: 1 PID: 1961 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.042196] Modules linked in: [ 206.042453] CPU: 1 PID: 1961 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.043188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.044114] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.044513] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.045971] RSP: 0018:ffff88801496fbd0 EFLAGS: 00010246 [ 206.046404] RAX: 0000000000000000 RBX: ffff88800b9fe8a8 RCX: 0000000000000000 [ 206.046988] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 206.047563] RBP: ffff88801496fbe8 R08: ffffed100173fd33 R09: ffffed100173fd33 [ 206.048126] R10: ffff88800b9fe993 R11: ffffed100173fd32 R12: ffff888014111800 [ 206.048686] R13: ffff88800b9fe9e8 R14: ffff888012de2e00 R15: 0000000000000000 [ 206.049247] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.049888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.050352] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 206.050960] PKRU: 55555554 [ 206.051200] Call Trace: [ 206.051408] [ 206.051590] iommufd_access_destroy_object+0x65/0x170 [ 206.052005] iommufd_object_destroy_user+0x18e/0x220 [ 206.052441] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.052916] iommufd_access_destroy+0x43/0x70 [ 206.053285] iommufd_test_staccess_release+0x8d/0xd0 [ 206.053696] __fput+0x26d/0xa40 [ 206.053973] ____fput+0x1e/0x30 [ 206.054248] task_work_run+0x1a4/0x2d0 [ 206.054586] ? __pfx_task_work_run+0x10/0x10 [ 206.054941] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.055347] ? switch_task_namespaces+0xa9/0xe0 [ 206.055737] do_exit+0xb17/0x2ef0 [ 206.056020] ? lock_acquire+0x427/0x4c0 [ 206.056351] ? __pfx_lock_release+0x10/0x10 [ 206.056704] ? __kasan_check_write+0x18/0x20 [ 206.057068] ? do_raw_spin_lock+0x132/0x2a0 [ 206.057419] ? __pfx_do_exit+0x10/0x10 [ 206.057747] ? debug_smp_processor_id+0x20/0x30 [ 206.058127] ? rcu_is_watching+0x19/0xb0 [ 206.058458] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.058847] ? trace_hardirqs_on+0x26/0x120 [ 206.059213] do_group_exit+0xe0/0x2b0 [ 206.059514] __x64_sys_exit_group+0x47/0x50 [ 206.059853] do_syscall_64+0x3b/0x90 [ 206.060151] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.060558] RIP: 0033:0x7f4b87518a4d [ 206.060846] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.061318] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.061902] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.062452] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.063028] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.063599] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.064147] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.064705] [ 206.064888] irq event stamp: 0 [ 206.065132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.065615] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.066256] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.066916] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.067405] ---[ end trace 0000000000000000 ]--- [ 206.068130] ------------[ cut here ]------------ [ 206.068499] WARNING: CPU: 1 PID: 1961 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.069282] Modules linked in: [ 206.069533] CPU: 1 PID: 1961 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.070203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.071093] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.071503] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.072892] RSP: 0018:ffff88801496fb78 EFLAGS: 00010246 [ 206.073294] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.073838] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 206.074384] RBP: ffff88801496fb98 R08: ffffed100173fd3e R09: ffffed100173fd3e [ 206.074954] R10: ffff88800b9fe9ef R11: ffffed100173fd3d R12: ffff88800b9fea90 [ 206.075509] R13: ffff88800b9fe8a8 R14: ffffffffffffffff R15: ffff88801496fc60 [ 206.076060] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.076678] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.077129] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 206.077681] PKRU: 55555554 [ 206.077906] Call Trace: [ 206.078106] [ 206.078286] iommufd_ioas_destroy+0x53/0x70 [ 206.078654] iommufd_fops_release+0x1f7/0x370 [ 206.079057] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.079473] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.079866] ? write_comp_data+0x2f/0x90 [ 206.080193] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.080589] __fput+0x26d/0xa40 [ 206.080865] ____fput+0x1e/0x30 [ 206.081133] task_work_run+0x1a4/0x2d0 [ 206.081449] ? __pfx_task_work_run+0x10/0x10 [ 206.081802] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.082191] ? switch_task_namespaces+0xa9/0xe0 [ 206.082594] do_exit+0xb17/0x2ef0 [ 206.082872] ? lock_acquire+0x427/0x4c0 [ 206.083205] ? __pfx_lock_release+0x10/0x10 [ 206.083553] ? __kasan_check_write+0x18/0x20 [ 206.083903] ? do_raw_spin_lock+0x132/0x2a0 [ 206.084244] ? __pfx_do_exit+0x10/0x10 [ 206.084559] ? debug_smp_processor_id+0x20/0x30 [ 206.084927] ? rcu_is_watching+0x19/0xb0 [ 206.085249] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.085607] ? trace_hardirqs_on+0x26/0x120 [ 206.085955] do_group_exit+0xe0/0x2b0 [ 206.086262] __x64_sys_exit_group+0x47/0x50 [ 206.086622] do_syscall_64+0x3b/0x90 [ 206.086923] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.087349] RIP: 0033:0x7f4b87518a4d [ 206.087647] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.088128] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.088718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.089270] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.089824] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.090378] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.090955] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.091529] [ 206.091713] irq event stamp: 0 [ 206.091960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.092450] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.093100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.093759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.094269] ---[ end trace 0000000000000000 ]--- [ 206.098309] ------------[ cut here ]------------ [ 206.099041] WARNING: CPU: 0 PID: 1962 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.099980] Modules linked in: [ 206.100273] CPU: 0 PID: 1962 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.101068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.102095] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.102590] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.104274] RSP: 0018:ffff8880143afbb8 EFLAGS: 00010246 [ 206.104766] RAX: 0000000000000000 RBX: ffff88801781d8a8 RCX: 0000000000000000 [ 206.105414] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 206.106062] RBP: ffff8880143afbd0 R08: ffffed1002f03b33 R09: ffffed1002f03b33 [ 206.106733] R10: ffff88801781d993 R11: ffffed1002f03b32 R12: ffff888012e95000 [ 206.107408] R13: ffff88801781d9e8 R14: ffffffff8352e670 R15: ffff8880143afe68 [ 206.108055] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.108790] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.109319] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 206.109971] PKRU: 55555554 [ 206.110229] Call Trace: [ 206.110464] [ 206.110693] __iommufd_access_detach+0x1c2/0x2b0 [ 206.111152] iommufd_access_change_pt+0x149/0x270 [ 206.111609] iommufd_access_replace+0xb4/0x120 [ 206.112037] iommufd_test+0x3e5/0x37e0 [ 206.112395] ? lock_release+0x532/0x770 [ 206.112773] ? __might_fault+0x102/0x1b0 [ 206.113160] ? lock_acquire+0x427/0x4c0 [ 206.113538] ? __pfx_iommufd_test+0x10/0x10 [ 206.113937] ? __pfx_lock_release+0x10/0x10 [ 206.114348] ? __pfx_lock_acquire+0x10/0x10 [ 206.114779] ? write_comp_data+0x2f/0x90 [ 206.115179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.115629] ? write_comp_data+0x2f/0x90 [ 206.116009] iommufd_fops_ioctl+0x37d/0x510 [ 206.116411] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.116867] ? write_comp_data+0x2f/0x90 [ 206.117257] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.117707] __x64_sys_ioctl+0x1a3/0x230 [ 206.118096] do_syscall_64+0x3b/0x90 [ 206.118452] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.118960] RIP: 0033:0x7f4b8743ee5d [ 206.119316] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.120973] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.121667] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.122319] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.123002] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.123677] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.124331] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.124992] [ 206.125207] irq event stamp: 0 [ 206.125496] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.126072] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.126851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.127628] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.128205] ---[ end trace 0000000000000000 ]--- [ 206.131232] ------------[ cut here ]------------ [ 206.131716] WARNING: CPU: 0 PID: 1962 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.132676] Modules linked in: [ 206.132973] CPU: 0 PID: 1962 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.133786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.134881] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.135380] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.137125] RSP: 0018:ffff8880143afbd0 EFLAGS: 00010246 [ 206.137633] RAX: 0000000000000000 RBX: ffff88801781d8a8 RCX: 0000000000000000 [ 206.138311] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 206.139163] RBP: ffff8880143afbe8 R08: ffffed1002f03b33 R09: ffffed1002f03b33 [ 206.139851] R10: ffff88801781d993 R11: ffffed1002f03b32 R12: ffff888013dba000 [ 206.140533] R13: ffff88801781d9e8 R14: ffff8880104c0100 R15: 0000000000000000 [ 206.141219] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.141993] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.142579] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.143278] PKRU: 55555554 [ 206.143553] Call Trace: [ 206.143797] [ 206.144014] iommufd_access_destroy_object+0x65/0x170 [ 206.144520] iommufd_object_destroy_user+0x18e/0x220 [ 206.145023] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.145590] iommufd_access_destroy+0x43/0x70 [ 206.146028] iommufd_test_staccess_release+0x8d/0xd0 [ 206.146564] __fput+0x26d/0xa40 [ 206.146904] ____fput+0x1e/0x30 [ 206.147241] task_work_run+0x1a4/0x2d0 [ 206.147629] ? __pfx_task_work_run+0x10/0x10 [ 206.148056] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.148535] ? switch_task_namespaces+0xa9/0xe0 [ 206.148995] do_exit+0xb17/0x2ef0 [ 206.149328] ? lock_acquire+0x427/0x4c0 [ 206.149723] ? __pfx_lock_release+0x10/0x10 [ 206.150148] ? __kasan_check_write+0x18/0x20 [ 206.150611] ? do_raw_spin_lock+0x132/0x2a0 [ 206.151035] ? __pfx_do_exit+0x10/0x10 [ 206.151425] ? debug_smp_processor_id+0x20/0x30 [ 206.151878] ? rcu_is_watching+0x19/0xb0 [ 206.152275] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.152713] ? trace_hardirqs_on+0x26/0x120 [ 206.153131] do_group_exit+0xe0/0x2b0 [ 206.153498] __x64_sys_exit_group+0x47/0x50 [ 206.153909] do_syscall_64+0x3b/0x90 [ 206.154277] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.154809] RIP: 0033:0x7f4b87518a4d [ 206.155180] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.155773] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.156502] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.157180] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.157858] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.158563] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.159260] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.159949] [ 206.160173] irq event stamp: 0 [ 206.160485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.161097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.161910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.162734] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.163363] ---[ end trace 0000000000000000 ]--- [ 206.164152] ------------[ cut here ]------------ [ 206.164610] WARNING: CPU: 0 PID: 1962 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.165586] Modules linked in: [ 206.165897] CPU: 0 PID: 1962 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.166751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.167855] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.168359] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.170110] RSP: 0018:ffff8880143afb78 EFLAGS: 00010246 [ 206.170665] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.171355] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 206.172036] RBP: ffff8880143afb98 R08: ffffed1002f03b3e R09: ffffed1002f03b3e [ 206.172719] R10: ffff88801781d9ef R11: ffffed1002f03b3d R12: ffff88801781da90 [ 206.173406] R13: ffff88801781d8a8 R14: ffffffffffffffff R15: ffff8880143afc60 [ 206.174090] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.174886] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.175472] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.176155] PKRU: 55555554 [ 206.176430] Call Trace: [ 206.176677] [ 206.176899] iommufd_ioas_destroy+0x53/0x70 [ 206.177326] iommufd_fops_release+0x1f7/0x370 [ 206.177768] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.178251] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.178754] ? write_comp_data+0x2f/0x90 [ 206.179171] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.179658] __fput+0x26d/0xa40 [ 206.179988] ____fput+0x1e/0x30 [ 206.180312] task_work_run+0x1a4/0x2d0 [ 206.180694] ? __pfx_task_work_run+0x10/0x10 [ 206.181124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.181602] ? switch_task_namespaces+0xa9/0xe0 [ 206.182058] do_exit+0xb17/0x2ef0 [ 206.182389] ? lock_acquire+0x427/0x4c0 [ 206.182800] ? __pfx_lock_release+0x10/0x10 [ 206.183235] ? __kasan_check_write+0x18/0x20 [ 206.183665] ? do_raw_spin_lock+0x132/0x2a0 [ 206.184083] ? __pfx_do_exit+0x10/0x10 [ 206.184467] ? debug_smp_processor_id+0x20/0x30 [ 206.184923] ? rcu_is_watching+0x19/0xb0 [ 206.185319] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.185757] ? trace_hardirqs_on+0x26/0x120 [ 206.186182] do_group_exit+0xe0/0x2b0 [ 206.186588] __x64_sys_exit_group+0x47/0x50 [ 206.187012] do_syscall_64+0x3b/0x90 [ 206.187395] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.187905] RIP: 0033:0x7f4b87518a4d [ 206.188267] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.188870] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.189886] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.190614] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.191311] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.191992] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.192700] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.193549] [ 206.193782] irq event stamp: 0 [ 206.194084] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.194732] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.195556] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.196355] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.196981] ---[ end trace 0000000000000000 ]--- [ 206.201410] ------------[ cut here ]------------ [ 206.201918] WARNING: CPU: 0 PID: 1963 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.203012] Modules linked in: [ 206.203568] CPU: 0 PID: 1963 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.204964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.206359] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.207058] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.208884] RSP: 0018:ffff888017187bb8 EFLAGS: 00010246 [ 206.209391] RAX: 0000000000000000 RBX: ffff8880147848a8 RCX: 0000000000000000 [ 206.210054] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 206.210760] RBP: ffff888017187bd0 R08: ffffed10028f0933 R09: ffffed10028f0933 [ 206.211436] R10: ffff888014784993 R11: ffffed10028f0932 R12: ffff888010573800 [ 206.212103] R13: ffff8880147849e8 R14: ffffffff8352e670 R15: ffff888017187e68 [ 206.212769] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.213518] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.214059] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 206.214750] PKRU: 55555554 [ 206.215025] Call Trace: [ 206.215282] [ 206.215502] __iommufd_access_detach+0x1c2/0x2b0 [ 206.215970] iommufd_access_change_pt+0x149/0x270 [ 206.216443] iommufd_access_replace+0xb4/0x120 [ 206.216889] iommufd_test+0x3e5/0x37e0 [ 206.217260] ? lock_release+0x532/0x770 [ 206.217656] ? __might_fault+0x102/0x1b0 [ 206.218055] ? lock_acquire+0x427/0x4c0 [ 206.218446] ? __pfx_iommufd_test+0x10/0x10 [ 206.218882] ? __pfx_lock_release+0x10/0x10 [ 206.219323] ? __pfx_lock_acquire+0x10/0x10 [ 206.219754] ? write_comp_data+0x2f/0x90 [ 206.220152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.220618] ? write_comp_data+0x2f/0x90 [ 206.221011] iommufd_fops_ioctl+0x37d/0x510 [ 206.221420] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.221887] ? write_comp_data+0x2f/0x90 [ 206.222281] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.222770] __x64_sys_ioctl+0x1a3/0x230 [ 206.223203] do_syscall_64+0x3b/0x90 [ 206.223569] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.224072] RIP: 0033:0x7f4b8743ee5d [ 206.224439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.226155] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.226901] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.227584] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.228258] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.228929] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.229604] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.230279] [ 206.230497] irq event stamp: 0 [ 206.230817] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.231430] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.232211] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.232991] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.233591] ---[ end trace 0000000000000000 ]--- [ 206.237177] ------------[ cut here ]------------ [ 206.237855] WARNING: CPU: 0 PID: 1963 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.238917] Modules linked in: [ 206.239264] CPU: 0 PID: 1963 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.240153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.241615] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.242138] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.244273] RSP: 0018:ffff888017187bd0 EFLAGS: 00010246 [ 206.244828] RAX: 0000000000000000 RBX: ffff8880147848a8 RCX: 0000000000000000 [ 206.245558] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 206.246308] RBP: ffff888017187be8 R08: ffffed10028f0933 R09: ffffed10028f0933 [ 206.247242] R10: ffff888014784993 R11: ffffed10028f0932 R12: ffff888012e95c00 [ 206.247964] R13: ffff8880147849e8 R14: ffff88800f503a00 R15: 0000000000000000 [ 206.248697] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.249777] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.250371] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.251200] PKRU: 55555554 [ 206.251510] Call Trace: [ 206.251770] [ 206.252000] iommufd_access_destroy_object+0x65/0x170 [ 206.252646] iommufd_object_destroy_user+0x18e/0x220 [ 206.253331] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.253928] iommufd_access_destroy+0x43/0x70 [ 206.254397] iommufd_test_staccess_release+0x8d/0xd0 [ 206.254954] __fput+0x26d/0xa40 [ 206.255345] ____fput+0x1e/0x30 [ 206.255693] task_work_run+0x1a4/0x2d0 [ 206.256097] ? __pfx_task_work_run+0x10/0x10 [ 206.256719] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.257384] ? switch_task_namespaces+0xa9/0xe0 [ 206.257866] do_exit+0xb17/0x2ef0 [ 206.258225] ? lock_acquire+0x427/0x4c0 [ 206.258683] ? __pfx_lock_release+0x10/0x10 [ 206.259143] ? __kasan_check_write+0x18/0x20 [ 206.259607] ? do_raw_spin_lock+0x132/0x2a0 [ 206.260053] ? __pfx_do_exit+0x10/0x10 [ 206.260464] ? debug_smp_processor_id+0x20/0x30 [ 206.260968] ? rcu_is_watching+0x19/0xb0 [ 206.261504] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.262224] ? trace_hardirqs_on+0x26/0x120 [ 206.262705] do_group_exit+0xe0/0x2b0 [ 206.263101] __x64_sys_exit_group+0x47/0x50 [ 206.263549] do_syscall_64+0x3b/0x90 [ 206.263941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.264468] RIP: 0033:0x7f4b87518a4d [ 206.264835] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.265444] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.266344] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.267449] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.268166] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.268884] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.269644] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.270366] [ 206.270638] irq event stamp: 0 [ 206.270959] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.271620] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.272726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.273757] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.274408] ---[ end trace 0000000000000000 ]--- [ 206.275331] ------------[ cut here ]------------ [ 206.275839] WARNING: CPU: 0 PID: 1963 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.276886] Modules linked in: [ 206.277211] CPU: 0 PID: 1963 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.278392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.279766] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.280299] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.282190] RSP: 0018:ffff888017187b78 EFLAGS: 00010246 [ 206.282961] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.283827] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 206.284551] RBP: ffff888017187b98 R08: ffffed10028f093e R09: ffffed10028f093e [ 206.285269] R10: ffff8880147849ef R11: ffffed10028f093d R12: ffff888014784a90 [ 206.285989] R13: ffff8880147848a8 R14: ffffffffffffffff R15: ffff888017187c60 [ 206.286842] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.287998] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.288584] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.289304] PKRU: 55555554 [ 206.289595] Call Trace: [ 206.289858] [ 206.290085] iommufd_ioas_destroy+0x53/0x70 [ 206.290552] iommufd_fops_release+0x1f7/0x370 [ 206.291082] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.291869] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.292371] ? write_comp_data+0x2f/0x90 [ 206.292799] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.293318] __fput+0x26d/0xa40 [ 206.293667] ____fput+0x1e/0x30 [ 206.294010] task_work_run+0x1a4/0x2d0 [ 206.294423] ? __pfx_task_work_run+0x10/0x10 [ 206.294892] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.295582] ? switch_task_namespaces+0xa9/0xe0 [ 206.296304] do_exit+0xb17/0x2ef0 [ 206.296664] ? lock_acquire+0x427/0x4c0 [ 206.297083] ? __pfx_lock_release+0x10/0x10 [ 206.297536] ? __kasan_check_write+0x18/0x20 [ 206.297989] ? do_raw_spin_lock+0x132/0x2a0 [ 206.298443] ? __pfx_do_exit+0x10/0x10 [ 206.298871] ? debug_smp_processor_id+0x20/0x30 [ 206.299446] ? rcu_is_watching+0x19/0xb0 [ 206.299991] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.300598] ? trace_hardirqs_on+0x26/0x120 [ 206.301093] do_group_exit+0xe0/0x2b0 [ 206.301477] __x64_sys_exit_group+0x47/0x50 [ 206.301917] do_syscall_64+0x3b/0x90 [ 206.302298] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.302841] RIP: 0033:0x7f4b87518a4d [ 206.303231] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.303986] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.305074] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.305780] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.306479] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.307207] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.307945] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.308880] [ 206.309272] irq event stamp: 0 [ 206.309587] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.310209] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.311055] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.311902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.312595] ---[ end trace 0000000000000000 ]--- [ 206.319706] ------------[ cut here ]------------ [ 206.320216] WARNING: CPU: 0 PID: 1964 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.321217] Modules linked in: [ 206.321588] CPU: 0 PID: 1964 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.322886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.324021] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.324511] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.326358] RSP: 0018:ffff8880162f7bb8 EFLAGS: 00010246 [ 206.327098] RAX: 0000000000000000 RBX: ffff88801867f8a8 RCX: 0000000000000000 [ 206.327767] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 206.328423] RBP: ffff8880162f7bd0 R08: ffffed10030cff33 R09: ffffed10030cff33 [ 206.329073] R10: ffff88801867f993 R11: ffffed10030cff32 R12: ffff88802081fc00 [ 206.329726] R13: ffff88801867f9e8 R14: ffffffff8352e670 R15: ffff8880162f7e68 [ 206.330590] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.331464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.331996] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 206.332654] PKRU: 55555554 [ 206.332924] Call Trace: [ 206.333206] [ 206.333418] __iommufd_access_detach+0x1c2/0x2b0 [ 206.333970] iommufd_access_change_pt+0x149/0x270 [ 206.334580] iommufd_access_replace+0xb4/0x120 [ 206.335016] iommufd_test+0x3e5/0x37e0 [ 206.335384] ? lock_release+0x532/0x770 [ 206.335770] ? __might_fault+0x102/0x1b0 [ 206.336156] ? lock_acquire+0x427/0x4c0 [ 206.336541] ? __pfx_iommufd_test+0x10/0x10 [ 206.336944] ? __pfx_lock_release+0x10/0x10 [ 206.337483] ? __pfx_lock_acquire+0x10/0x10 [ 206.338039] ? write_comp_data+0x2f/0x90 [ 206.338428] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.338908] ? write_comp_data+0x2f/0x90 [ 206.339302] iommufd_fops_ioctl+0x37d/0x510 [ 206.339705] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.340165] ? write_comp_data+0x2f/0x90 [ 206.340553] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.341152] __x64_sys_ioctl+0x1a3/0x230 [ 206.341655] do_syscall_64+0x3b/0x90 [ 206.342020] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.342499] RIP: 0033:0x7f4b8743ee5d [ 206.342863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.344699] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.345532] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.346187] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.346850] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.347529] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.348363] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.349160] [ 206.349381] irq event stamp: 0 [ 206.349668] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.350239] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.351021] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.351954] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.352703] ---[ end trace 0000000000000000 ]--- [ 206.357529] ------------[ cut here ]------------ [ 206.358099] WARNING: CPU: 0 PID: 1964 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.359085] Modules linked in: [ 206.359390] CPU: 0 PID: 1964 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.360397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.361400] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.361849] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.363490] RSP: 0018:ffff8880162f7bd0 EFLAGS: 00010246 [ 206.363961] RAX: 0000000000000000 RBX: ffff88801867f8a8 RCX: 0000000000000000 [ 206.364589] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 206.365263] RBP: ffff8880162f7be8 R08: ffffed10030cff33 R09: ffffed10030cff33 [ 206.365894] R10: ffff88801867f993 R11: ffffed10030cff32 R12: ffff888010572800 [ 206.366547] R13: ffff88801867f9e8 R14: ffff888014603e00 R15: 0000000000000000 [ 206.367166] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.367840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.368330] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.368929] PKRU: 55555554 [ 206.369170] Call Trace: [ 206.369387] [ 206.369580] iommufd_access_destroy_object+0x65/0x170 [ 206.370019] iommufd_object_destroy_user+0x18e/0x220 [ 206.370451] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.370960] iommufd_access_destroy+0x43/0x70 [ 206.371361] iommufd_test_staccess_release+0x8d/0xd0 [ 206.371799] __fput+0x26d/0xa40 [ 206.372092] ____fput+0x1e/0x30 [ 206.372379] task_work_run+0x1a4/0x2d0 [ 206.372720] ? __pfx_task_work_run+0x10/0x10 [ 206.373095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.373509] ? switch_task_namespaces+0xa9/0xe0 [ 206.373911] do_exit+0xb17/0x2ef0 [ 206.374207] ? lock_acquire+0x427/0x4c0 [ 206.374570] ? __pfx_lock_release+0x10/0x10 [ 206.374942] ? __kasan_check_write+0x18/0x20 [ 206.375328] ? do_raw_spin_lock+0x132/0x2a0 [ 206.375694] ? __pfx_do_exit+0x10/0x10 [ 206.376029] ? debug_smp_processor_id+0x20/0x30 [ 206.376425] ? rcu_is_watching+0x19/0xb0 [ 206.376772] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.377159] ? trace_hardirqs_on+0x26/0x120 [ 206.377528] do_group_exit+0xe0/0x2b0 [ 206.377849] __x64_sys_exit_group+0x47/0x50 [ 206.378207] do_syscall_64+0x3b/0x90 [ 206.378542] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.378986] RIP: 0033:0x7f4b87518a4d [ 206.379319] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.379834] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.380473] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.381041] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.381604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.382169] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.382750] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.383332] [ 206.383519] irq event stamp: 0 [ 206.383770] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.384266] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.384922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.385581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.386079] ---[ end trace 0000000000000000 ]--- [ 206.386964] ------------[ cut here ]------------ [ 206.387480] WARNING: CPU: 0 PID: 1964 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.388295] Modules linked in: [ 206.388554] CPU: 0 PID: 1964 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.389394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.390292] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.390877] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.392487] RSP: 0018:ffff8880162f7b78 EFLAGS: 00010246 [ 206.392925] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.393607] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 206.394172] RBP: ffff8880162f7b98 R08: ffffed10030cff3e R09: ffffed10030cff3e [ 206.394768] R10: ffff88801867f9ef R11: ffffed10030cff3d R12: ffff88801867fa90 [ 206.395450] R13: ffff88801867f8a8 R14: ffffffffffffffff R15: ffff8880162f7c60 [ 206.396016] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.396654] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.397276] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.397842] PKRU: 55555554 [ 206.398069] Call Trace: [ 206.398273] [ 206.398473] iommufd_ioas_destroy+0x53/0x70 [ 206.398966] iommufd_fops_release+0x1f7/0x370 [ 206.399341] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.399744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.400142] ? write_comp_data+0x2f/0x90 [ 206.400479] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.401021] __fput+0x26d/0xa40 [ 206.401302] ____fput+0x1e/0x30 [ 206.401574] task_work_run+0x1a4/0x2d0 [ 206.401892] ? __pfx_task_work_run+0x10/0x10 [ 206.402250] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.402780] ? switch_task_namespaces+0xa9/0xe0 [ 206.403173] do_exit+0xb17/0x2ef0 [ 206.403455] ? lock_acquire+0x427/0x4c0 [ 206.403786] ? __pfx_lock_release+0x10/0x10 [ 206.404139] ? __kasan_check_write+0x18/0x20 [ 206.404503] ? do_raw_spin_lock+0x132/0x2a0 [ 206.404852] ? __pfx_do_exit+0x10/0x10 [ 206.405173] ? debug_smp_processor_id+0x20/0x30 [ 206.405553] ? rcu_is_watching+0x19/0xb0 [ 206.405880] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.406245] ? trace_hardirqs_on+0x26/0x120 [ 206.406615] do_group_exit+0xe0/0x2b0 [ 206.406925] __x64_sys_exit_group+0x47/0x50 [ 206.407279] do_syscall_64+0x3b/0x90 [ 206.407587] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.408003] RIP: 0033:0x7f4b87518a4d [ 206.408298] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.408789] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.409388] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.409956] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.410542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.411110] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.411689] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.412259] [ 206.412444] irq event stamp: 0 [ 206.412695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.413193] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.413855] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.414535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.415036] ---[ end trace 0000000000000000 ]--- [ 206.420993] ------------[ cut here ]------------ [ 206.421389] WARNING: CPU: 0 PID: 1965 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.422286] Modules linked in: [ 206.422580] CPU: 0 PID: 1965 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.423264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.424244] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.424628] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.426016] RSP: 0018:ffff88801794fbb8 EFLAGS: 00010246 [ 206.426427] RAX: 0000000000000000 RBX: ffff888018a0f0a8 RCX: 0000000000000000 [ 206.426989] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 206.427549] RBP: ffff88801794fbd0 R08: ffffed1003141e33 R09: ffffed1003141e33 [ 206.428093] R10: ffff888018a0f193 R11: ffffed1003141e32 R12: ffff888013642000 [ 206.428639] R13: ffff888018a0f1e8 R14: ffffffff8352e670 R15: ffff88801794fe68 [ 206.429231] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.429847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.430289] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 206.430849] PKRU: 55555554 [ 206.431069] Call Trace: [ 206.431273] [ 206.431448] __iommufd_access_detach+0x1c2/0x2b0 [ 206.431818] iommufd_access_change_pt+0x149/0x270 [ 206.432193] iommufd_access_replace+0xb4/0x120 [ 206.432551] iommufd_test+0x3e5/0x37e0 [ 206.432847] ? lock_release+0x532/0x770 [ 206.433159] ? __might_fault+0x102/0x1b0 [ 206.433474] ? lock_acquire+0x427/0x4c0 [ 206.433784] ? __pfx_iommufd_test+0x10/0x10 [ 206.434109] ? __pfx_lock_release+0x10/0x10 [ 206.434444] ? __pfx_lock_acquire+0x10/0x10 [ 206.434811] ? write_comp_data+0x2f/0x90 [ 206.435136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.435511] ? write_comp_data+0x2f/0x90 [ 206.435828] iommufd_fops_ioctl+0x37d/0x510 [ 206.436160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.436534] ? write_comp_data+0x2f/0x90 [ 206.436851] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.437219] __x64_sys_ioctl+0x1a3/0x230 [ 206.437537] do_syscall_64+0x3b/0x90 [ 206.437828] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.438229] RIP: 0033:0x7f4b8743ee5d [ 206.438525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.439900] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.440471] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.441004] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.441538] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.442071] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.442621] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.443183] [ 206.443363] irq event stamp: 0 [ 206.443603] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.444064] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.444678] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.445291] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.445753] ---[ end trace 0000000000000000 ]--- [ 206.448673] ------------[ cut here ]------------ [ 206.449128] WARNING: CPU: 0 PID: 1965 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.449875] Modules linked in: [ 206.450113] CPU: 0 PID: 1965 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.450928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.451763] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.452129] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.453610] RSP: 0018:ffff88801794fbd0 EFLAGS: 00010246 [ 206.454060] RAX: 0000000000000000 RBX: ffff888018a0f0a8 RCX: 0000000000000000 [ 206.454680] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 206.455215] RBP: ffff88801794fbe8 R08: ffffed1003141e33 R09: ffffed1003141e33 [ 206.455738] R10: ffff888018a0f193 R11: ffffed1003141e32 R12: ffff88802081d400 [ 206.456389] R13: ffff888018a0f1e8 R14: ffff888020980700 R15: 0000000000000000 [ 206.456910] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.457539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.458049] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.458596] PKRU: 55555554 [ 206.458807] Call Trace: [ 206.458996] [ 206.459172] iommufd_access_destroy_object+0x65/0x170 [ 206.459618] iommufd_object_destroy_user+0x18e/0x220 [ 206.460059] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.460496] iommufd_access_destroy+0x43/0x70 [ 206.460844] iommufd_test_staccess_release+0x8d/0xd0 [ 206.461335] __fput+0x26d/0xa40 [ 206.461679] ____fput+0x1e/0x30 [ 206.461937] task_work_run+0x1a4/0x2d0 [ 206.462237] ? __pfx_task_work_run+0x10/0x10 [ 206.462594] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.462967] ? switch_task_namespaces+0xa9/0xe0 [ 206.463472] do_exit+0xb17/0x2ef0 [ 206.463733] ? lock_acquire+0x427/0x4c0 [ 206.464040] ? __pfx_lock_release+0x10/0x10 [ 206.464374] ? __kasan_check_write+0x18/0x20 [ 206.464708] ? do_raw_spin_lock+0x132/0x2a0 [ 206.465087] ? __pfx_do_exit+0x10/0x10 [ 206.465469] ? debug_smp_processor_id+0x20/0x30 [ 206.465816] ? rcu_is_watching+0x19/0xb0 [ 206.466123] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.466483] ? trace_hardirqs_on+0x26/0x120 [ 206.466923] do_group_exit+0xe0/0x2b0 [ 206.467219] __x64_sys_exit_group+0x47/0x50 [ 206.467541] do_syscall_64+0x3b/0x90 [ 206.467827] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.468218] RIP: 0033:0x7f4b87518a4d [ 206.468496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.469083] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.469645] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.470190] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.470842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.471381] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.471953] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.472568] [ 206.472746] irq event stamp: 0 [ 206.472981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.473445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.474197] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.474829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.475356] ---[ end trace 0000000000000000 ]--- [ 206.476691] ------------[ cut here ]------------ [ 206.477106] WARNING: CPU: 0 PID: 1965 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.477969] Modules linked in: [ 206.478211] CPU: 0 PID: 1965 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.479001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.479846] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.480232] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.481578] RSP: 0018:ffff88801794fb78 EFLAGS: 00010246 [ 206.481969] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.482499] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 206.483048] RBP: ffff88801794fb98 R08: ffffed1003141e3e R09: ffffed1003141e3e [ 206.483603] R10: ffff888018a0f1ef R11: ffffed1003141e3d R12: ffff888018a0f290 [ 206.484126] R13: ffff888018a0f0a8 R14: ffffffffffffffff R15: ffff88801794fc60 [ 206.484648] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.485237] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.485662] CR2: 00007f82e2f8e0a8 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 206.486186] PKRU: 55555554 [ 206.486399] Call Trace: [ 206.486629] [ 206.486801] iommufd_ioas_destroy+0x53/0x70 [ 206.487137] iommufd_fops_release+0x1f7/0x370 [ 206.487484] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.487855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.488222] ? write_comp_data+0x2f/0x90 [ 206.488535] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.488906] __fput+0x26d/0xa40 [ 206.489164] ____fput+0x1e/0x30 [ 206.489422] task_work_run+0x1a4/0x2d0 [ 206.489719] ? __pfx_task_work_run+0x10/0x10 [ 206.490051] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.490418] ? switch_task_namespaces+0xa9/0xe0 [ 206.490791] do_exit+0xb17/0x2ef0 [ 206.491051] ? lock_acquire+0x427/0x4c0 [ 206.491362] ? __pfx_lock_release+0x10/0x10 [ 206.491689] ? __kasan_check_write+0x18/0x20 [ 206.492019] ? do_raw_spin_lock+0x132/0x2a0 [ 206.492341] ? __pfx_do_exit+0x10/0x10 [ 206.492638] ? debug_smp_processor_id+0x20/0x30 [ 206.493036] ? rcu_is_watching+0x19/0xb0 [ 206.493340] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.493679] ? trace_hardirqs_on+0x26/0x120 [ 206.494003] do_group_exit+0xe0/0x2b0 [ 206.494287] __x64_sys_exit_group+0x47/0x50 [ 206.494621] do_syscall_64+0x3b/0x90 [ 206.494909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.495308] RIP: 0033:0x7f4b87518a4d [ 206.495587] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.496039] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.496599] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.497122] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.497644] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.498166] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.498702] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.499243] [ 206.499419] irq event stamp: 0 [ 206.499653] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.500117] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.500738] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.501354] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.501819] ---[ end trace 0000000000000000 ]--- [ 206.505915] ------------[ cut here ]------------ [ 206.506344] WARNING: CPU: 1 PID: 1966 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.507271] Modules linked in: [ 206.507517] CPU: 1 PID: 1966 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.508178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.509152] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.509531] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.511030] RSP: 0018:ffff888014ab7bb8 EFLAGS: 00010246 [ 206.511442] RAX: 0000000000000000 RBX: ffff888018b510a8 RCX: 0000000000000000 [ 206.512026] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 206.512611] RBP: ffff888014ab7bd0 R08: ffffed100316a233 R09: ffffed100316a233 [ 206.513151] R10: ffff888018b51193 R11: ffffed100316a232 R12: ffff88800b9b7c00 [ 206.513743] R13: ffff888018b511e8 R14: ffffffff8352e670 R15: ffff888014ab7e68 [ 206.514326] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.514956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.515412] CR2: 00007f4b877410e8 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 206.516054] PKRU: 55555554 [ 206.516271] Call Trace: [ 206.516466] [ 206.516639] __iommufd_access_detach+0x1c2/0x2b0 [ 206.517014] iommufd_access_change_pt+0x149/0x270 [ 206.517430] iommufd_access_replace+0xb4/0x120 [ 206.517833] iommufd_test+0x3e5/0x37e0 [ 206.518131] ? lock_release+0x532/0x770 [ 206.518446] ? __might_fault+0x102/0x1b0 [ 206.518785] ? lock_acquire+0x427/0x4c0 [ 206.519101] ? __pfx_iommufd_test+0x10/0x10 [ 206.519492] ? __pfx_lock_release+0x10/0x10 [ 206.519875] ? __pfx_lock_acquire+0x10/0x10 [ 206.520214] ? write_comp_data+0x2f/0x90 [ 206.520539] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.520933] ? write_comp_data+0x2f/0x90 [ 206.521354] iommufd_fops_ioctl+0x37d/0x510 [ 206.521689] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.522068] ? write_comp_data+0x2f/0x90 [ 206.522391] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.522821] __x64_sys_ioctl+0x1a3/0x230 [ 206.523199] do_syscall_64+0x3b/0x90 [ 206.523497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.523899] RIP: 0033:0x7f4b8743ee5d [ 206.524189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.525704] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.526282] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.526946] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.527493] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.528032] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.528605] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.529222] [ 206.529401] irq event stamp: 0 [ 206.529642] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.530121] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.530863] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.531503] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.531982] ---[ end trace 0000000000000000 ]--- [ 206.535108] ------------[ cut here ]------------ [ 206.535514] WARNING: CPU: 1 PID: 1966 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.536409] Modules linked in: [ 206.536659] CPU: 1 PID: 1966 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.537331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.538192] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.538647] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.540053] RSP: 0018:ffff888014ab7bd0 EFLAGS: 00010246 [ 206.540464] RAX: 0000000000000000 RBX: ffff888018b510a8 RCX: 0000000000000000 [ 206.541005] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 206.541547] RBP: ffff888014ab7be8 R08: ffffed100316a233 R09: ffffed100316a233 [ 206.542091] R10: ffff888018b51193 R11: ffffed100316a232 R12: ffff88800ae93400 [ 206.542656] R13: ffff888018b511e8 R14: ffff88800f19c800 R15: 0000000000000000 [ 206.543213] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.543825] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.544271] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 206.544820] PKRU: 55555554 [ 206.545038] Call Trace: [ 206.545235] [ 206.545410] iommufd_access_destroy_object+0x65/0x170 [ 206.545812] iommufd_object_destroy_user+0x18e/0x220 [ 206.546208] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.546681] iommufd_access_destroy+0x43/0x70 [ 206.547040] iommufd_test_staccess_release+0x8d/0xd0 [ 206.547446] __fput+0x26d/0xa40 [ 206.547720] ____fput+0x1e/0x30 [ 206.547987] task_work_run+0x1a4/0x2d0 [ 206.548298] ? __pfx_task_work_run+0x10/0x10 [ 206.548646] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.549028] ? switch_task_namespaces+0xa9/0xe0 [ 206.549400] do_exit+0xb17/0x2ef0 [ 206.549670] ? lock_acquire+0x427/0x4c0 [ 206.549986] ? __pfx_lock_release+0x10/0x10 [ 206.550324] ? __kasan_check_write+0x18/0x20 [ 206.550685] ? do_raw_spin_lock+0x132/0x2a0 [ 206.551022] ? __pfx_do_exit+0x10/0x10 [ 206.551340] ? debug_smp_processor_id+0x20/0x30 [ 206.551706] ? rcu_is_watching+0x19/0xb0 [ 206.552024] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.552382] ? trace_hardirqs_on+0x26/0x120 [ 206.552725] do_group_exit+0xe0/0x2b0 [ 206.553024] __x64_sys_exit_group+0x47/0x50 [ 206.553360] do_syscall_64+0x3b/0x90 [ 206.553657] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.554065] RIP: 0033:0x7f4b87518a4d [ 206.554354] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.554851] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.555440] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.555986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.556532] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.557077] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.557622] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.558178] [ 206.558361] irq event stamp: 0 [ 206.558626] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.559119] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.559765] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.560414] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.560899] ---[ end trace 0000000000000000 ]--- [ 206.561595] ------------[ cut here ]------------ [ 206.561956] WARNING: CPU: 1 PID: 1966 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.562770] Modules linked in: [ 206.563021] CPU: 1 PID: 1966 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.563695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.564558] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.564953] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.566328] RSP: 0018:ffff888014ab7b78 EFLAGS: 00010246 [ 206.566746] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.567288] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 206.567822] RBP: ffff888014ab7b98 R08: ffffed100316a23e R09: ffffed100316a23e [ 206.568351] R10: ffff888018b511ef R11: ffffed100316a23d R12: ffff888018b51290 [ 206.568881] R13: ffff888018b510a8 R14: ffffffffffffffff R15: ffff888014ab7c60 [ 206.569412] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.570012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.570446] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 206.571001] PKRU: 55555554 [ 206.571225] Call Trace: [ 206.571418] [ 206.571593] iommufd_ioas_destroy+0x53/0x70 [ 206.571923] iommufd_fops_release+0x1f7/0x370 [ 206.572270] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.572652] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.573029] ? write_comp_data+0x2f/0x90 [ 206.573345] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.573726] __fput+0x26d/0xa40 [ 206.573990] ____fput+0x1e/0x30 [ 206.574252] task_work_run+0x1a4/0x2d0 [ 206.574574] ? __pfx_task_work_run+0x10/0x10 [ 206.574915] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.575301] ? switch_task_namespaces+0xa9/0xe0 [ 206.575666] do_exit+0xb17/0x2ef0 [ 206.575931] ? lock_acquire+0x427/0x4c0 [ 206.576241] ? __pfx_lock_release+0x10/0x10 [ 206.576578] ? __kasan_check_write+0x18/0x20 [ 206.576916] ? do_raw_spin_lock+0x132/0x2a0 [ 206.577245] ? __pfx_do_exit+0x10/0x10 [ 206.577550] ? debug_smp_processor_id+0x20/0x30 [ 206.577905] ? rcu_is_watching+0x19/0xb0 [ 206.578215] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.578589] ? trace_hardirqs_on+0x26/0x120 [ 206.578923] do_group_exit+0xe0/0x2b0 [ 206.579225] __x64_sys_exit_group+0x47/0x50 [ 206.579554] do_syscall_64+0x3b/0x90 [ 206.579845] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.580244] RIP: 0033:0x7f4b87518a4d [ 206.580527] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.580988] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.581561] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.582094] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.582648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.583191] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.583727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.584268] [ 206.584446] irq event stamp: 0 [ 206.584685] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.585162] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.585793] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.586419] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.586911] ---[ end trace 0000000000000000 ]--- [ 206.590570] ------------[ cut here ]------------ [ 206.590948] WARNING: CPU: 1 PID: 1967 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.591711] Modules linked in: [ 206.591948] CPU: 1 PID: 1967 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.592590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.593426] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.593801] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.595359] RSP: 0018:ffff88801722fbb8 EFLAGS: 00010246 [ 206.595761] RAX: 0000000000000000 RBX: ffff8880143a28a8 RCX: 0000000000000000 [ 206.596294] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 206.596828] RBP: ffff88801722fbd0 R08: ffffed1002874533 R09: ffffed1002874533 [ 206.597359] R10: ffff8880143a2993 R11: ffffed1002874532 R12: ffff888014391c00 [ 206.597893] R13: ffff8880143a29e8 R14: ffffffff8352e670 R15: ffff88801722fe68 [ 206.598429] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.599063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.599509] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 206.600042] PKRU: 55555554 [ 206.600256] Call Trace: [ 206.600448] [ 206.600617] __iommufd_access_detach+0x1c2/0x2b0 [ 206.600991] iommufd_access_change_pt+0x149/0x270 [ 206.601364] iommufd_access_replace+0xb4/0x120 [ 206.601723] iommufd_test+0x3e5/0x37e0 [ 206.602019] ? lock_release+0x532/0x770 [ 206.602329] ? __might_fault+0x102/0x1b0 [ 206.602660] ? lock_acquire+0x427/0x4c0 [ 206.602972] ? __pfx_iommufd_test+0x10/0x10 [ 206.603310] ? __pfx_lock_release+0x10/0x10 [ 206.603647] ? __pfx_lock_acquire+0x10/0x10 [ 206.603986] ? write_comp_data+0x2f/0x90 [ 206.604309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.604681] ? write_comp_data+0x2f/0x90 [ 206.604999] iommufd_fops_ioctl+0x37d/0x510 [ 206.605330] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.605703] ? write_comp_data+0x2f/0x90 [ 206.606020] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.606386] __x64_sys_ioctl+0x1a3/0x230 [ 206.606725] do_syscall_64+0x3b/0x90 [ 206.607019] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.607428] RIP: 0033:0x7f4b8743ee5d [ 206.607712] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.609072] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.609643] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.610177] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.610727] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.611270] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.611805] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.612343] [ 206.612520] irq event stamp: 0 [ 206.612757] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.613228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.613858] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.614481] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.614972] ---[ end trace 0000000000000000 ]--- [ 206.617667] ------------[ cut here ]------------ [ 206.618045] WARNING: CPU: 1 PID: 1967 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.618834] Modules linked in: [ 206.619077] CPU: 1 PID: 1967 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.619742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.620581] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.620957] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.622316] RSP: 0018:ffff88801722fbd0 EFLAGS: 00010246 [ 206.622739] RAX: 0000000000000000 RBX: ffff8880143a28a8 RCX: 0000000000000000 [ 206.623280] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 206.623813] RBP: ffff88801722fbe8 R08: ffffed1002874533 R09: ffffed1002874533 [ 206.624345] R10: ffff8880143a2993 R11: ffffed1002874532 R12: ffff88800b9b6800 [ 206.624874] R13: ffff8880143a29e8 R14: ffff8880104c0700 R15: 0000000000000000 [ 206.625406] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.626006] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.626439] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 206.626995] PKRU: 55555554 [ 206.627215] Call Trace: [ 206.627409] [ 206.627581] iommufd_access_destroy_object+0x65/0x170 [ 206.627972] iommufd_object_destroy_user+0x18e/0x220 [ 206.628357] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.628800] iommufd_access_destroy+0x43/0x70 [ 206.629149] iommufd_test_staccess_release+0x8d/0xd0 [ 206.629535] __fput+0x26d/0xa40 [ 206.629788] ____fput+0x1e/0x30 [ 206.630038] task_work_run+0x1a4/0x2d0 [ 206.630332] ? __pfx_task_work_run+0x10/0x10 [ 206.630680] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.631050] ? switch_task_namespaces+0xa9/0xe0 [ 206.631415] do_exit+0xb17/0x2ef0 [ 206.631678] ? lock_acquire+0x427/0x4c0 [ 206.631986] ? __pfx_lock_release+0x10/0x10 [ 206.632314] ? __kasan_check_write+0x18/0x20 [ 206.632648] ? do_raw_spin_lock+0x132/0x2a0 [ 206.632969] ? __pfx_do_exit+0x10/0x10 [ 206.633267] ? debug_smp_processor_id+0x20/0x30 [ 206.633614] ? rcu_is_watching+0x19/0xb0 [ 206.633913] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.634246] ? trace_hardirqs_on+0x26/0x120 [ 206.634586] do_group_exit+0xe0/0x2b0 [ 206.634868] __x64_sys_exit_group+0x47/0x50 [ 206.635199] do_syscall_64+0x3b/0x90 [ 206.635489] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.635884] RIP: 0033:0x7f4b87518a4d [ 206.636159] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.636613] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.637172] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.637698] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.638220] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.638765] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.639301] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.639831] [ 206.640005] irq event stamp: 0 [ 206.640239] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.640705] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.641322] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.641935] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.642396] ---[ end trace 0000000000000000 ]--- [ 206.643070] ------------[ cut here ]------------ [ 206.643425] WARNING: CPU: 1 PID: 1967 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.644173] Modules linked in: [ 206.644411] CPU: 1 PID: 1967 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.645052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.645874] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.646256] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.647617] RSP: 0018:ffff88801722fb78 EFLAGS: 00010246 [ 206.648016] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.648538] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 206.649058] RBP: ffff88801722fb98 R08: ffffed100287453e R09: ffffed100287453e [ 206.649579] R10: ffff8880143a29ef R11: ffffed100287453d R12: ffff8880143a2a90 [ 206.650101] R13: ffff8880143a28a8 R14: ffffffffffffffff R15: ffff88801722fc60 [ 206.650648] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.651244] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.651674] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 206.652196] PKRU: 55555554 [ 206.652405] Call Trace: [ 206.652595] [ 206.652763] iommufd_ioas_destroy+0x53/0x70 [ 206.653089] iommufd_fops_release+0x1f7/0x370 [ 206.653429] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.653801] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.654168] ? write_comp_data+0x2f/0x90 [ 206.654477] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.654869] __fput+0x26d/0xa40 [ 206.655137] ____fput+0x1e/0x30 [ 206.655395] task_work_run+0x1a4/0x2d0 [ 206.655692] ? __pfx_task_work_run+0x10/0x10 [ 206.656019] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.656381] ? switch_task_namespaces+0xa9/0xe0 [ 206.656735] do_exit+0xb17/0x2ef0 [ 206.656988] ? lock_acquire+0x427/0x4c0 [ 206.657287] ? __pfx_lock_release+0x10/0x10 [ 206.657605] ? __kasan_check_write+0x18/0x20 [ 206.657925] ? do_raw_spin_lock+0x132/0x2a0 [ 206.658242] ? __pfx_do_exit+0x10/0x10 [ 206.658552] ? debug_smp_processor_id+0x20/0x30 [ 206.658894] ? rcu_is_watching+0x19/0xb0 [ 206.659198] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.659537] ? trace_hardirqs_on+0x26/0x120 [ 206.659856] do_group_exit+0xe0/0x2b0 [ 206.660137] __x64_sys_exit_group+0x47/0x50 [ 206.660447] do_syscall_64+0x3b/0x90 [ 206.660725] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.661105] RIP: 0033:0x7f4b87518a4d [ 206.661372] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.661814] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.662356] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.662881] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.663402] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.663914] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.664424] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.664945] [ 206.665115] irq event stamp: 0 [ 206.665347] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.665799] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.666405] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.667028] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.667492] ---[ end trace 0000000000000000 ]--- [ 206.671446] ------------[ cut here ]------------ [ 206.671811] WARNING: CPU: 1 PID: 1968 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.672540] Modules linked in: [ 206.672770] CPU: 1 PID: 1968 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.673398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.674202] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.674606] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.675924] RSP: 0018:ffff8880181ffbb8 EFLAGS: 00010246 [ 206.676306] RAX: 0000000000000000 RBX: ffff888010b7e0a8 RCX: 0000000000000000 [ 206.676815] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 206.677324] RBP: ffff8880181ffbd0 R08: ffffed100216fc33 R09: ffffed100216fc33 [ 206.677833] R10: ffff888010b7e193 R11: ffffed100216fc32 R12: ffff888010826000 [ 206.678335] R13: ffff888010b7e1e8 R14: ffffffff8352e670 R15: ffff8880181ffe68 [ 206.678853] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.679425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.679834] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 206.680336] PKRU: 55555554 [ 206.680540] Call Trace: [ 206.680724] [ 206.680888] __iommufd_access_detach+0x1c2/0x2b0 [ 206.681242] iommufd_access_change_pt+0x149/0x270 [ 206.681602] iommufd_access_replace+0xb4/0x120 [ 206.681945] iommufd_test+0x3e5/0x37e0 [ 206.682225] ? lock_release+0x532/0x770 [ 206.682540] ? __might_fault+0x102/0x1b0 [ 206.682841] ? lock_acquire+0x427/0x4c0 [ 206.683149] ? __pfx_iommufd_test+0x10/0x10 [ 206.683455] ? __pfx_lock_release+0x10/0x10 [ 206.683773] ? __pfx_lock_acquire+0x10/0x10 [ 206.684096] ? write_comp_data+0x2f/0x90 [ 206.684399] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.684757] ? write_comp_data+0x2f/0x90 [ 206.685061] iommufd_fops_ioctl+0x37d/0x510 [ 206.685379] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.685737] ? write_comp_data+0x2f/0x90 [ 206.686040] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.686391] __x64_sys_ioctl+0x1a3/0x230 [ 206.686712] do_syscall_64+0x3b/0x90 [ 206.686994] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.687386] RIP: 0033:0x7f4b8743ee5d [ 206.687662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.688972] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.689522] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.690034] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.690567] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.691081] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.691603] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.692122] [ 206.692292] irq event stamp: 0 [ 206.692520] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.692974] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.693579] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.694164] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.694623] ---[ end trace 0000000000000000 ]--- [ 206.697240] ------------[ cut here ]------------ [ 206.697609] WARNING: CPU: 1 PID: 1968 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.698337] Modules linked in: [ 206.698593] CPU: 1 PID: 1968 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.699227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.700034] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.700393] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.701694] RSP: 0018:ffff8880181ffbd0 EFLAGS: 00010246 [ 206.702074] RAX: 0000000000000000 RBX: ffff888010b7e0a8 RCX: 0000000000000000 [ 206.702599] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 206.703112] RBP: ffff8880181ffbe8 R08: ffffed100216fc33 R09: ffffed100216fc33 [ 206.703638] R10: ffff888010b7e193 R11: ffffed100216fc32 R12: ffff888014393000 [ 206.704296] R13: ffff888010b7e1e8 R14: ffff88800f503900 R15: 0000000000000000 [ 206.704816] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.705393] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.705812] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 206.706331] PKRU: 55555554 [ 206.706589] Call Trace: [ 206.706844] [ 206.707012] iommufd_access_destroy_object+0x65/0x170 [ 206.707402] iommufd_object_destroy_user+0x18e/0x220 [ 206.707779] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.708208] iommufd_access_destroy+0x43/0x70 [ 206.708542] iommufd_test_staccess_release+0x8d/0xd0 [ 206.708922] __fput+0x26d/0xa40 [ 206.709222] ____fput+0x1e/0x30 [ 206.709516] task_work_run+0x1a4/0x2d0 [ 206.709809] ? __pfx_task_work_run+0x10/0x10 [ 206.710134] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.710495] ? switch_task_namespaces+0xa9/0xe0 [ 206.710874] do_exit+0xb17/0x2ef0 [ 206.711137] ? lock_acquire+0x427/0x4c0 [ 206.711442] ? __pfx_lock_release+0x10/0x10 [ 206.711769] ? __kasan_check_write+0x18/0x20 [ 206.712213] ? do_raw_spin_lock+0x132/0x2a0 [ 206.712536] ? __pfx_do_exit+0x10/0x10 [ 206.712830] ? debug_smp_processor_id+0x20/0x30 [ 206.713174] ? rcu_is_watching+0x19/0xb0 [ 206.713477] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.713835] ? trace_hardirqs_on+0x26/0x120 [ 206.714232] do_group_exit+0xe0/0x2b0 [ 206.714536] __x64_sys_exit_group+0x47/0x50 [ 206.714852] do_syscall_64+0x3b/0x90 [ 206.715139] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.715522] RIP: 0033:0x7f4b87518a4d [ 206.715842] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.716341] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.716890] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.717426] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.718010] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.718542] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.719057] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.719687] [ 206.719860] irq event stamp: 0 [ 206.720090] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.720549] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.721207] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.721872] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.722332] ---[ end trace 0000000000000000 ]--- [ 206.723009] ------------[ cut here ]------------ [ 206.723360] WARNING: CPU: 1 PID: 1968 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.724096] Modules linked in: [ 206.724330] CPU: 1 PID: 1968 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.725048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.725858] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.726237] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.727682] RSP: 0018:ffff8880181ffb78 EFLAGS: 00010246 [ 206.728073] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.728688] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 206.729203] RBP: ffff8880181ffb98 R08: ffffed100216fc3e R09: ffffed100216fc3e [ 206.729713] R10: ffff888010b7e1ef R11: ffffed100216fc3d R12: ffff888010b7e290 [ 206.730327] R13: ffff888010b7e0a8 R14: ffffffffffffffff R15: ffff8880181ffc60 [ 206.730858] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.731451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.731873] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 206.732490] PKRU: 55555554 [ 206.732698] Call Trace: [ 206.732885] [ 206.733051] iommufd_ioas_destroy+0x53/0x70 [ 206.733377] iommufd_fops_release+0x1f7/0x370 [ 206.733747] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.734194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.734576] ? write_comp_data+0x2f/0x90 [ 206.734883] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.735254] __fput+0x26d/0xa40 [ 206.735519] ____fput+0x1e/0x30 [ 206.735827] task_work_run+0x1a4/0x2d0 [ 206.736223] ? __pfx_task_work_run+0x10/0x10 [ 206.736557] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.736924] ? switch_task_namespaces+0xa9/0xe0 [ 206.737281] do_exit+0xb17/0x2ef0 [ 206.737594] ? lock_acquire+0x427/0x4c0 [ 206.737988] ? __pfx_lock_release+0x10/0x10 [ 206.738319] ? __kasan_check_write+0x18/0x20 [ 206.738674] ? do_raw_spin_lock+0x132/0x2a0 [ 206.738998] ? __pfx_do_exit+0x10/0x10 [ 206.739302] ? debug_smp_processor_id+0x20/0x30 [ 206.739716] ? rcu_is_watching+0x19/0xb0 [ 206.740104] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.740449] ? trace_hardirqs_on+0x26/0x120 [ 206.740778] do_group_exit+0xe0/0x2b0 [ 206.741069] __x64_sys_exit_group+0x47/0x50 [ 206.741430] do_syscall_64+0x3b/0x90 [ 206.741796] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.742188] RIP: 0033:0x7f4b87518a4d [ 206.742467] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.742946] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.743562] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.744180] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.744707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.745297] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.745899] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.746430] [ 206.746626] irq event stamp: 0 [ 206.746863] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.747391] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.748091] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.748706] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.749275] ---[ end trace 0000000000000000 ]--- [ 206.753651] ------------[ cut here ]------------ [ 206.754080] WARNING: CPU: 1 PID: 1969 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.754973] Modules linked in: [ 206.755229] CPU: 1 PID: 1969 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.755885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.756835] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.757211] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.758725] RSP: 0018:ffff888014ab7bb8 EFLAGS: 00010246 [ 206.759243] RAX: 0000000000000000 RBX: ffff888020ae70a8 RCX: 0000000000000000 [ 206.759779] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 206.760315] RBP: ffff888014ab7bd0 R08: ffffed100415ce33 R09: ffffed100415ce33 [ 206.760951] R10: ffff888020ae7193 R11: ffffed100415ce32 R12: ffff888013db8000 [ 206.761494] R13: ffff888020ae71e8 R14: ffffffff8352e670 R15: ffff888014ab7e68 [ 206.762040] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.762789] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.763250] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 206.763802] PKRU: 55555554 [ 206.764024] Call Trace: [ 206.764285] [ 206.764522] __iommufd_access_detach+0x1c2/0x2b0 [ 206.764903] iommufd_access_change_pt+0x149/0x270 [ 206.765288] iommufd_access_replace+0xb4/0x120 [ 206.765654] iommufd_test+0x3e5/0x37e0 [ 206.766020] ? lock_release+0x532/0x770 [ 206.766405] ? __might_fault+0x102/0x1b0 [ 206.766750] ? lock_acquire+0x427/0x4c0 [ 206.767072] ? __pfx_iommufd_test+0x10/0x10 [ 206.767413] ? __pfx_lock_release+0x10/0x10 [ 206.767756] ? __pfx_lock_acquire+0x10/0x10 [ 206.768166] ? write_comp_data+0x2f/0x90 [ 206.768557] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.768943] ? write_comp_data+0x2f/0x90 [ 206.769269] iommufd_fops_ioctl+0x37d/0x510 [ 206.769612] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.770113] ? write_comp_data+0x2f/0x90 [ 206.770442] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.770850] __x64_sys_ioctl+0x1a3/0x230 [ 206.771186] do_syscall_64+0x3b/0x90 [ 206.771486] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.771917] RIP: 0033:0x7f4b8743ee5d [ 206.772299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.773745] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.774394] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.774967] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.775533] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.776204] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.776754] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.777314] [ 206.777546] irq event stamp: 0 [ 206.777869] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.778355] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.779027] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.779805] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.780294] ---[ end trace 0000000000000000 ]--- [ 206.783376] ------------[ cut here ]------------ [ 206.783773] WARNING: CPU: 1 PID: 1969 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.784580] Modules linked in: [ 206.784922] CPU: 1 PID: 1969 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.785590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.786550] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.786993] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.788445] RSP: 0018:ffff888014ab7bd0 EFLAGS: 00010246 [ 206.788925] RAX: 0000000000000000 RBX: ffff888020ae70a8 RCX: 0000000000000000 [ 206.789469] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 206.790033] RBP: ffff888014ab7be8 R08: ffffed100415ce33 R09: ffffed100415ce33 [ 206.790740] R10: ffff888020ae7193 R11: ffffed100415ce32 R12: ffff888010825400 [ 206.791302] R13: ffff888020ae71e8 R14: ffff888018b85a00 R15: 0000000000000000 [ 206.791849] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.792532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.793043] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 206.793596] PKRU: 55555554 [ 206.793820] Call Trace: [ 206.794022] [ 206.794257] iommufd_access_destroy_object+0x65/0x170 [ 206.794750] iommufd_object_destroy_user+0x18e/0x220 [ 206.795172] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.795641] iommufd_access_destroy+0x43/0x70 [ 206.796021] iommufd_test_staccess_release+0x8d/0xd0 [ 206.796577] __fput+0x26d/0xa40 [ 206.796865] ____fput+0x1e/0x30 [ 206.797145] task_work_run+0x1a4/0x2d0 [ 206.797472] ? __pfx_task_work_run+0x10/0x10 [ 206.797838] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.798354] ? switch_task_namespaces+0xa9/0xe0 [ 206.798772] do_exit+0xb17/0x2ef0 [ 206.799063] ? lock_acquire+0x427/0x4c0 [ 206.799410] ? __pfx_lock_release+0x10/0x10 [ 206.799777] ? __kasan_check_write+0x18/0x20 [ 206.800144] ? do_raw_spin_lock+0x132/0x2a0 [ 206.800579] ? __pfx_do_exit+0x10/0x10 [ 206.800987] ? debug_smp_processor_id+0x20/0x30 [ 206.801370] ? rcu_is_watching+0x19/0xb0 [ 206.801708] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.802085] ? trace_hardirqs_on+0x26/0x120 [ 206.802538] do_group_exit+0xe0/0x2b0 [ 206.802917] __x64_sys_exit_group+0x47/0x50 [ 206.803281] do_syscall_64+0x3b/0x90 [ 206.803597] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.804028] RIP: 0033:0x7f4b87518a4d [ 206.804331] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.804979] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.805597] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.806174] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.806900] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.807484] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.808059] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.808699] [ 206.808949] irq event stamp: 0 [ 206.809209] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.809725] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.810418] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.811227] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.811744] ---[ end trace 0000000000000000 ]--- [ 206.812489] ------------[ cut here ]------------ [ 206.812989] WARNING: CPU: 1 PID: 1969 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.813831] Modules linked in: [ 206.814096] CPU: 1 PID: 1969 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.814949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.815875] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.816298] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.817892] RSP: 0018:ffff888014ab7b78 EFLAGS: 00010246 [ 206.818326] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.818928] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 206.819512] RBP: ffff888014ab7b98 R08: ffffed100415ce3e R09: ffffed100415ce3e [ 206.820088] R10: ffff888020ae71ef R11: ffffed100415ce3d R12: ffff888020ae7290 [ 206.820659] R13: ffff888020ae70a8 R14: ffffffffffffffff R15: ffff888014ab7c60 [ 206.821227] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.821873] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.822341] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 206.822938] PKRU: 55555554 [ 206.823176] Call Trace: [ 206.823386] [ 206.823575] iommufd_ioas_destroy+0x53/0x70 [ 206.823934] iommufd_fops_release+0x1f7/0x370 [ 206.824308] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.824715] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.825117] ? write_comp_data+0x2f/0x90 [ 206.825456] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.825869] __fput+0x26d/0xa40 [ 206.826152] ____fput+0x1e/0x30 [ 206.826429] task_work_run+0x1a4/0x2d0 [ 206.826775] ? __pfx_task_work_run+0x10/0x10 [ 206.827146] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.827549] ? switch_task_namespaces+0xa9/0xe0 [ 206.827940] do_exit+0xb17/0x2ef0 [ 206.828225] ? lock_acquire+0x427/0x4c0 [ 206.828557] ? __pfx_lock_release+0x10/0x10 [ 206.828915] ? __kasan_check_write+0x18/0x20 [ 206.829275] ? do_raw_spin_lock+0x132/0x2a0 [ 206.829625] ? __pfx_do_exit+0x10/0x10 [ 206.829949] ? debug_smp_processor_id+0x20/0x30 [ 206.830327] ? rcu_is_watching+0x19/0xb0 [ 206.830675] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.831050] ? trace_hardirqs_on+0x26/0x120 [ 206.831416] do_group_exit+0xe0/0x2b0 [ 206.831728] __x64_sys_exit_group+0x47/0x50 [ 206.832076] do_syscall_64+0x3b/0x90 [ 206.832388] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.832814] RIP: 0033:0x7f4b87518a4d [ 206.833119] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.833616] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.834229] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.834820] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.835397] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.835966] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.836535] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.837117] [ 206.837307] irq event stamp: 0 [ 206.837562] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.838066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.838764] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.839448] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.839957] ---[ end trace 0000000000000000 ]--- [ 206.844699] ------------[ cut here ]------------ [ 206.845095] WARNING: CPU: 1 PID: 1970 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.845881] Modules linked in: [ 206.846128] CPU: 1 PID: 1970 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.846995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.847860] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.848240] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.849627] RSP: 0018:ffff8880244d7bb8 EFLAGS: 00010246 [ 206.850035] RAX: 0000000000000000 RBX: ffff888023f018a8 RCX: 0000000000000000 [ 206.850599] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 206.851149] RBP: ffff8880244d7bd0 R08: ffffed10047e0333 R09: ffffed10047e0333 [ 206.851696] R10: ffff888023f01993 R11: ffffed10047e0332 R12: ffff888012c05c00 [ 206.852240] R13: ffff888023f019e8 R14: ffffffff8352e670 R15: ffff8880244d7e68 [ 206.852784] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.853400] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.853847] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 206.854395] PKRU: 55555554 [ 206.854632] Call Trace: [ 206.854831] [ 206.855006] __iommufd_access_detach+0x1c2/0x2b0 [ 206.855390] iommufd_access_change_pt+0x149/0x270 [ 206.855771] iommufd_access_replace+0xb4/0x120 [ 206.856132] iommufd_test+0x3e5/0x37e0 [ 206.856432] ? lock_release+0x532/0x770 [ 206.856751] ? __might_fault+0x102/0x1b0 [ 206.857070] ? lock_acquire+0x427/0x4c0 [ 206.857387] ? __pfx_iommufd_test+0x10/0x10 [ 206.857716] ? __pfx_lock_release+0x10/0x10 [ 206.858057] ? __pfx_lock_acquire+0x10/0x10 [ 206.858399] ? write_comp_data+0x2f/0x90 [ 206.858738] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.859129] ? write_comp_data+0x2f/0x90 [ 206.859454] iommufd_fops_ioctl+0x37d/0x510 [ 206.859798] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.860178] ? write_comp_data+0x2f/0x90 [ 206.860501] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.860876] __x64_sys_ioctl+0x1a3/0x230 [ 206.861201] do_syscall_64+0x3b/0x90 [ 206.861497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.861901] RIP: 0033:0x7f4b8743ee5d [ 206.862188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.863606] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.864182] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.864719] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.865253] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.865789] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.866332] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.866889] [ 206.867066] irq event stamp: 0 [ 206.867315] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.867788] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.868412] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.869034] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.869503] ---[ end trace 0000000000000000 ]--- [ 206.872226] ------------[ cut here ]------------ [ 206.872604] WARNING: CPU: 1 PID: 1970 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.873359] Modules linked in: [ 206.873604] CPU: 1 PID: 1970 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.874257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.875128] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.875510] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.876872] RSP: 0018:ffff8880244d7bd0 EFLAGS: 00010246 [ 206.877276] RAX: 0000000000000000 RBX: ffff888023f018a8 RCX: 0000000000000000 [ 206.877807] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 206.878338] RBP: ffff8880244d7be8 R08: ffffed10047e0333 R09: ffffed10047e0333 [ 206.878888] R10: ffff888023f01993 R11: ffffed10047e0332 R12: ffff888013dbb000 [ 206.879429] R13: ffff888023f019e8 R14: ffff88802080c000 R15: 0000000000000000 [ 206.879959] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.880560] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.880993] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 206.881524] PKRU: 55555554 [ 206.881737] Call Trace: [ 206.881930] [ 206.882100] iommufd_access_destroy_object+0x65/0x170 [ 206.882495] iommufd_object_destroy_user+0x18e/0x220 [ 206.882901] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.883347] iommufd_access_destroy+0x43/0x70 [ 206.883695] iommufd_test_staccess_release+0x8d/0xd0 [ 206.884080] __fput+0x26d/0xa40 [ 206.884339] ____fput+0x1e/0x30 [ 206.884592] task_work_run+0x1a4/0x2d0 [ 206.884890] ? __pfx_task_work_run+0x10/0x10 [ 206.885220] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.885589] ? switch_task_namespaces+0xa9/0xe0 [ 206.885942] do_exit+0xb17/0x2ef0 [ 206.886202] ? lock_acquire+0x427/0x4c0 [ 206.886526] ? __pfx_lock_release+0x10/0x10 [ 206.886856] ? __kasan_check_write+0x18/0x20 [ 206.887196] ? do_raw_spin_lock+0x132/0x2a0 [ 206.887520] ? __pfx_do_exit+0x10/0x10 [ 206.887815] ? debug_smp_processor_id+0x20/0x30 [ 206.888158] ? rcu_is_watching+0x19/0xb0 [ 206.888461] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.888806] ? trace_hardirqs_on+0x26/0x120 [ 206.889134] do_group_exit+0xe0/0x2b0 [ 206.889420] __x64_sys_exit_group+0x47/0x50 [ 206.889740] do_syscall_64+0x3b/0x90 [ 206.890025] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.890417] RIP: 0033:0x7f4b87518a4d [ 206.890716] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.891193] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.891754] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.892281] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.892809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.893333] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.893857] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.894376] [ 206.894569] irq event stamp: 0 [ 206.894805] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.895280] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.895897] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.896509] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.896976] ---[ end trace 0000000000000000 ]--- [ 206.897633] ------------[ cut here ]------------ [ 206.897978] WARNING: CPU: 1 PID: 1970 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.898754] Modules linked in: [ 206.898994] CPU: 1 PID: 1970 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.899648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.900475] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.900857] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.902188] RSP: 0018:ffff8880244d7b78 EFLAGS: 00010246 [ 206.902599] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.903123] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 206.903645] RBP: ffff8880244d7b98 R08: ffffed10047e033e R09: ffffed10047e033e [ 206.904170] R10: ffff888023f019ef R11: ffffed10047e033d R12: ffff888023f01a90 [ 206.904693] R13: ffff888023f018a8 R14: ffffffffffffffff R15: ffff8880244d7c60 [ 206.905214] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 206.905798] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.906218] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 206.906756] PKRU: 55555554 [ 206.906968] Call Trace: [ 206.907160] [ 206.907327] iommufd_ioas_destroy+0x53/0x70 [ 206.907647] iommufd_fops_release+0x1f7/0x370 [ 206.907980] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.908346] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.908706] ? write_comp_data+0x2f/0x90 [ 206.909011] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.909376] __fput+0x26d/0xa40 [ 206.909629] ____fput+0x1e/0x30 [ 206.909877] task_work_run+0x1a4/0x2d0 [ 206.910168] ? __pfx_task_work_run+0x10/0x10 [ 206.910492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.910869] ? switch_task_namespaces+0xa9/0xe0 [ 206.911224] do_exit+0xb17/0x2ef0 [ 206.911481] ? lock_acquire+0x427/0x4c0 [ 206.911778] ? __pfx_lock_release+0x10/0x10 [ 206.912099] ? __kasan_check_write+0x18/0x20 [ 206.912423] ? do_raw_spin_lock+0x132/0x2a0 [ 206.912739] ? __pfx_do_exit+0x10/0x10 [ 206.913030] ? debug_smp_processor_id+0x20/0x30 [ 206.913372] ? rcu_is_watching+0x19/0xb0 [ 206.913669] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.914001] ? trace_hardirqs_on+0x26/0x120 [ 206.914321] do_group_exit+0xe0/0x2b0 [ 206.914622] __x64_sys_exit_group+0x47/0x50 [ 206.914936] do_syscall_64+0x3b/0x90 [ 206.915222] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.915603] RIP: 0033:0x7f4b87518a4d [ 206.915873] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.916314] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.916860] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.917369] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.917879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.918391] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.918922] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.919449] [ 206.919619] irq event stamp: 0 [ 206.919848] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.920299] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.920899] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.921498] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.921950] ---[ end trace 0000000000000000 ]--- [ 206.925642] ------------[ cut here ]------------ [ 206.926016] WARNING: CPU: 0 PID: 1971 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.926778] Modules linked in: [ 206.927009] CPU: 0 PID: 1971 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.927646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.928447] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.928804] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.930099] RSP: 0018:ffff8880181ffbb8 EFLAGS: 00010246 [ 206.930477] RAX: 0000000000000000 RBX: ffff88801794f8a8 RCX: 0000000000000000 [ 206.930998] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 206.931511] RBP: ffff8880181ffbd0 R08: ffffed1002f29f33 R09: ffffed1002f29f33 [ 206.932017] R10: ffff88801794f993 R11: ffffed1002f29f32 R12: ffff888020956c00 [ 206.932523] R13: ffff88801794f9e8 R14: ffffffff8352e670 R15: ffff8880181ffe68 [ 206.933028] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.933602] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.934013] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 206.934536] PKRU: 55555554 [ 206.934741] Call Trace: [ 206.934924] [ 206.935086] __iommufd_access_detach+0x1c2/0x2b0 [ 206.935444] iommufd_access_change_pt+0x149/0x270 [ 206.935800] iommufd_access_replace+0xb4/0x120 [ 206.936131] iommufd_test+0x3e5/0x37e0 [ 206.936406] ? lock_release+0x532/0x770 [ 206.936695] ? __might_fault+0x102/0x1b0 [ 206.936985] ? lock_acquire+0x427/0x4c0 [ 206.937269] ? __pfx_iommufd_test+0x10/0x10 [ 206.937566] ? __pfx_lock_release+0x10/0x10 [ 206.937875] ? __pfx_lock_acquire+0x10/0x10 [ 206.938187] ? write_comp_data+0x2f/0x90 [ 206.938481] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.938838] ? write_comp_data+0x2f/0x90 [ 206.939134] iommufd_fops_ioctl+0x37d/0x510 [ 206.939440] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.939785] ? write_comp_data+0x2f/0x90 [ 206.940081] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 206.940422] __x64_sys_ioctl+0x1a3/0x230 [ 206.940718] do_syscall_64+0x3b/0x90 [ 206.941037] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.941407] RIP: 0033:0x7f4b8743ee5d [ 206.941664] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 206.942930] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 206.943464] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 206.943957] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 206.944447] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 206.944929] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 206.945410] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 206.945901] [ 206.946062] irq event stamp: 0 [ 206.946277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.946720] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.947295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.947865] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.948294] ---[ end trace 0000000000000000 ]--- [ 206.950804] ------------[ cut here ]------------ [ 206.951148] WARNING: CPU: 0 PID: 1971 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 206.951842] Modules linked in: [ 206.952063] CPU: 0 PID: 1971 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.952662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.953427] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 206.953771] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 206.955262] RSP: 0018:ffff8880181ffbd0 EFLAGS: 00010246 [ 206.955642] RAX: 0000000000000000 RBX: ffff88801794f8a8 RCX: 0000000000000000 [ 206.956131] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 206.956624] RBP: ffff8880181ffbe8 R08: ffffed1002f29f33 R09: ffffed1002f29f33 [ 206.957113] R10: ffff88801794f993 R11: ffffed1002f29f32 R12: ffff888013640800 [ 206.957614] R13: ffff88801794f9e8 R14: ffff88800f5da400 R15: 0000000000000000 [ 206.958109] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.958682] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.959088] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.959589] PKRU: 55555554 [ 206.959788] Call Trace: [ 206.959968] [ 206.960127] iommufd_access_destroy_object+0x65/0x170 [ 206.960490] iommufd_object_destroy_user+0x18e/0x220 [ 206.960845] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 206.961252] iommufd_access_destroy+0x43/0x70 [ 206.961576] iommufd_test_staccess_release+0x8d/0xd0 [ 206.961935] __fput+0x26d/0xa40 [ 206.962180] ____fput+0x1e/0x30 [ 206.962421] task_work_run+0x1a4/0x2d0 [ 206.962714] ? __pfx_task_work_run+0x10/0x10 [ 206.963029] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.963385] ? switch_task_namespaces+0xa9/0xe0 [ 206.963721] do_exit+0xb17/0x2ef0 [ 206.963966] ? lock_acquire+0x427/0x4c0 [ 206.964259] ? __pfx_lock_release+0x10/0x10 [ 206.964651] ? __kasan_check_write+0x18/0x20 [ 206.965130] ? do_raw_spin_lock+0x132/0x2a0 [ 206.965438] ? __pfx_do_exit+0x10/0x10 [ 206.965717] ? debug_smp_processor_id+0x20/0x30 [ 206.966042] ? rcu_is_watching+0x19/0xb0 [ 206.966327] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.966679] ? trace_hardirqs_on+0x26/0x120 [ 206.966993] do_group_exit+0xe0/0x2b0 [ 206.967283] __x64_sys_exit_group+0x47/0x50 [ 206.967586] do_syscall_64+0x3b/0x90 [ 206.967858] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.968229] RIP: 0033:0x7f4b87518a4d [ 206.968500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.968938] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.969481] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.969987] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.970498] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.971033] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.971550] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 206.972068] [ 206.972240] irq event stamp: 0 [ 206.972468] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 206.972916] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 206.973553] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 206.974153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 206.974625] ---[ end trace 0000000000000000 ]--- [ 206.975548] ------------[ cut here ]------------ [ 206.975891] WARNING: CPU: 0 PID: 1971 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 206.976614] Modules linked in: [ 206.976867] CPU: 0 PID: 1971 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 206.977645] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 206.978440] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 206.979011] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 206.980319] RSP: 0018:ffff8880181ffb78 EFLAGS: 00010246 [ 206.980703] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 206.981389] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 206.981909] RBP: ffff8880181ffb98 R08: ffffed1002f29f3e R09: ffffed1002f29f3e [ 206.982427] R10: ffff88801794f9ef R11: ffffed1002f29f3d R12: ffff88801794fa90 [ 206.983127] R13: ffff88801794f8a8 R14: ffffffffffffffff R15: ffff8880181ffc60 [ 206.983649] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 206.984233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.984747] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 206.985368] PKRU: 55555554 [ 206.985580] Call Trace: [ 206.985771] [ 206.985940] iommufd_ioas_destroy+0x53/0x70 [ 206.986314] iommufd_fops_release+0x1f7/0x370 [ 206.986787] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.987187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.987559] ? write_comp_data+0x2f/0x90 [ 206.987873] ? __pfx_iommufd_fops_release+0x10/0x10 [ 206.988252] __fput+0x26d/0xa40 [ 206.988603] ____fput+0x1e/0x30 [ 206.988952] task_work_run+0x1a4/0x2d0 [ 206.989256] ? __pfx_task_work_run+0x10/0x10 [ 206.989591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 206.989963] ? switch_task_namespaces+0xa9/0xe0 [ 206.990531] do_exit+0xb17/0x2ef0 [ 206.990809] ? lock_acquire+0x427/0x4c0 [ 206.991133] ? __pfx_lock_release+0x10/0x10 [ 206.991477] ? __kasan_check_write+0x18/0x20 [ 206.991822] ? do_raw_spin_lock+0x132/0x2a0 [ 206.992157] ? __pfx_do_exit+0x10/0x10 [ 206.992572] ? debug_smp_processor_id+0x20/0x30 [ 206.993049] ? rcu_is_watching+0x19/0xb0 [ 206.993368] ? _raw_spin_unlock_irq+0x2b/0x60 [ 206.993723] ? trace_hardirqs_on+0x26/0x120 [ 206.994067] do_group_exit+0xe0/0x2b0 [ 206.994560] __x64_sys_exit_group+0x47/0x50 [ 206.994965] do_syscall_64+0x3b/0x90 [ 206.995279] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 206.995686] RIP: 0033:0x7f4b87518a4d [ 206.995974] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 206.996533] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 206.997222] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 206.997764] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 206.998495] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 206.999065] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 206.999624] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.000188] [ 207.000442] irq event stamp: 0 [ 207.000794] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.001295] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.001963] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.002837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.003357] ---[ end trace 0000000000000000 ]--- [ 207.007331] ------------[ cut here ]------------ [ 207.007746] WARNING: CPU: 0 PID: 1972 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.008755] Modules linked in: [ 207.009015] CPU: 0 PID: 1972 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.009810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.010823] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.011248] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.012720] RSP: 0018:ffff888012bd7bb8 EFLAGS: 00010246 [ 207.013170] RAX: 0000000000000000 RBX: ffff8880159a00a8 RCX: 0000000000000000 [ 207.013765] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 207.014360] RBP: ffff888012bd7bd0 R08: ffffed1002b34033 R09: ffffed1002b34033 [ 207.014979] R10: ffff8880159a0193 R11: ffffed1002b34032 R12: ffff888010e03400 [ 207.015591] R13: ffff8880159a01e8 R14: ffffffff8352e670 R15: ffff888012bd7e68 [ 207.016184] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.016854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.017345] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 207.017933] PKRU: 55555554 [ 207.018169] Call Trace: [ 207.018382] [ 207.018594] __iommufd_access_detach+0x1c2/0x2b0 [ 207.019010] iommufd_access_change_pt+0x149/0x270 [ 207.019436] iommufd_access_replace+0xb4/0x120 [ 207.019834] iommufd_test+0x3e5/0x37e0 [ 207.020165] ? lock_release+0x532/0x770 [ 207.020517] ? __might_fault+0x102/0x1b0 [ 207.020876] ? lock_acquire+0x427/0x4c0 [ 207.021225] ? __pfx_iommufd_test+0x10/0x10 [ 207.021589] ? __pfx_lock_release+0x10/0x10 [ 207.021962] ? __pfx_lock_acquire+0x10/0x10 [ 207.022336] ? write_comp_data+0x2f/0x90 [ 207.022714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.023147] ? write_comp_data+0x2f/0x90 [ 207.023509] iommufd_fops_ioctl+0x37d/0x510 [ 207.023882] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.024311] ? write_comp_data+0x2f/0x90 [ 207.024670] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.025082] __x64_sys_ioctl+0x1a3/0x230 [ 207.025439] do_syscall_64+0x3b/0x90 [ 207.025768] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.026216] RIP: 0033:0x7f4b8743ee5d [ 207.026558] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.028106] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.028769] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.029380] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.029996] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.030627] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.031253] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.031875] [ 207.032081] irq event stamp: 0 [ 207.032349] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.032881] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.033583] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.034283] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.034834] ---[ end trace 0000000000000000 ]--- [ 207.038045] ------------[ cut here ]------------ [ 207.038466] WARNING: CPU: 0 PID: 1972 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.039370] Modules linked in: [ 207.039647] CPU: 0 PID: 1972 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.040633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.041577] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.042059] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.043845] RSP: 0018:ffff888012bd7bd0 EFLAGS: 00010246 [ 207.044306] RAX: 0000000000000000 RBX: ffff8880159a00a8 RCX: 0000000000000000 [ 207.045122] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 207.045729] RBP: ffff888012bd7be8 R08: ffffed1002b34033 R09: ffffed1002b34033 [ 207.046382] R10: ffff8880159a0193 R11: ffffed1002b34032 R12: ffff888020956000 [ 207.047191] R13: ffff8880159a01e8 R14: ffff88800fa76800 R15: 0000000000000000 [ 207.047801] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.048489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.049218] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 207.049825] PKRU: 55555554 [ 207.050070] Call Trace: [ 207.050290] [ 207.050490] iommufd_access_destroy_object+0x65/0x170 [ 207.051191] iommufd_object_destroy_user+0x18e/0x220 [ 207.051632] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.052134] iommufd_access_destroy+0x43/0x70 [ 207.052532] iommufd_test_staccess_release+0x8d/0xd0 [ 207.053097] __fput+0x26d/0xa40 [ 207.053523] ____fput+0x1e/0x30 [ 207.053821] task_work_run+0x1a4/0x2d0 [ 207.054167] ? __pfx_task_work_run+0x10/0x10 [ 207.054582] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.055097] ? switch_task_namespaces+0xa9/0xe0 [ 207.055637] do_exit+0xb17/0x2ef0 [ 207.055944] ? lock_acquire+0x427/0x4c0 [ 207.056298] ? __pfx_lock_release+0x10/0x10 [ 207.056708] ? __kasan_check_write+0x18/0x20 [ 207.057212] ? do_raw_spin_lock+0x132/0x2a0 [ 207.057759] ? __pfx_do_exit+0x10/0x10 [ 207.058123] ? debug_smp_processor_id+0x20/0x30 [ 207.058565] ? rcu_is_watching+0x19/0xb0 [ 207.058979] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.059553] ? trace_hardirqs_on+0x26/0x120 [ 207.059954] do_group_exit+0xe0/0x2b0 [ 207.060304] __x64_sys_exit_group+0x47/0x50 [ 207.060699] do_syscall_64+0x3b/0x90 [ 207.061134] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.061752] RIP: 0033:0x7f4b87518a4d [ 207.062097] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.062668] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.063649] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.064290] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.064927] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.065790] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.066446] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.067165] [ 207.067550] irq event stamp: 0 [ 207.067846] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.068433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.069340] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.070276] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.070888] ---[ end trace 0000000000000000 ]--- [ 207.073309] ------------[ cut here ]------------ [ 207.074011] WARNING: CPU: 0 PID: 1972 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.074996] Modules linked in: [ 207.075332] CPU: 0 PID: 1972 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.076359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.077403] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.077980] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.079917] RSP: 0018:ffff888012bd7b78 EFLAGS: 00010246 [ 207.080463] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.081169] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 207.081885] RBP: ffff888012bd7b98 R08: ffffed1002b3403e R09: ffffed1002b3403e [ 207.082618] R10: ffff8880159a01ef R11: ffffed1002b3403d R12: ffff8880159a0290 [ 207.083341] R13: ffff8880159a00a8 R14: ffffffffffffffff R15: ffff888012bd7c60 [ 207.084048] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.084854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.085445] CR2: 00007f82e2fd3000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 207.086160] PKRU: 55555554 [ 207.086447] Call Trace: [ 207.086742] [ 207.086978] iommufd_ioas_destroy+0x53/0x70 [ 207.087440] iommufd_fops_release+0x1f7/0x370 [ 207.087901] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.088406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.088907] ? write_comp_data+0x2f/0x90 [ 207.089324] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.089822] __fput+0x26d/0xa40 [ 207.090169] ____fput+0x1e/0x30 [ 207.090550] task_work_run+0x1a4/0x2d0 [ 207.090958] ? __pfx_task_work_run+0x10/0x10 [ 207.091429] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.091930] ? switch_task_namespaces+0xa9/0xe0 [ 207.092409] do_exit+0xb17/0x2ef0 [ 207.092761] ? lock_acquire+0x427/0x4c0 [ 207.093175] ? __pfx_lock_release+0x10/0x10 [ 207.093619] ? __kasan_check_write+0x18/0x20 [ 207.094068] ? do_raw_spin_lock+0x132/0x2a0 [ 207.094537] ? __pfx_do_exit+0x10/0x10 [ 207.094946] ? debug_smp_processor_id+0x20/0x30 [ 207.095435] ? rcu_is_watching+0x19/0xb0 [ 207.095852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.096318] ? trace_hardirqs_on+0x26/0x120 [ 207.096757] do_group_exit+0xe0/0x2b0 [ 207.097138] __x64_sys_exit_group+0x47/0x50 [ 207.097576] do_syscall_64+0x3b/0x90 [ 207.097973] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.098560] RIP: 0033:0x7f4b87518a4d [ 207.098944] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.099584] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.100346] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.101114] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.101823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.102553] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.103277] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.103996] [ 207.104233] irq event stamp: 0 [ 207.104554] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.105182] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.106024] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.106891] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.107547] ---[ end trace 0000000000000000 ]--- [ 207.113112] ------------[ cut here ]------------ [ 207.113613] WARNING: CPU: 0 PID: 1973 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.114781] Modules linked in: [ 207.115268] CPU: 0 PID: 1973 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.116151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.117269] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.117808] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.119818] RSP: 0018:ffff88800b5e7bb8 EFLAGS: 00010246 [ 207.120375] RAX: 0000000000000000 RBX: ffff88800b8148a8 RCX: 0000000000000000 [ 207.121144] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 207.122075] RBP: ffff88800b5e7bd0 R08: ffffed1001702933 R09: ffffed1001702933 [ 207.122816] R10: ffff88800b814993 R11: ffffed1001702932 R12: ffff888010825c00 [ 207.123545] R13: ffff88800b8149e8 R14: ffffffff8352e670 R15: ffff88800b5e7e68 [ 207.124287] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.125311] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.125897] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 207.126679] PKRU: 55555554 [ 207.126978] Call Trace: [ 207.127257] [ 207.127522] __iommufd_access_detach+0x1c2/0x2b0 [ 207.128252] iommufd_access_change_pt+0x149/0x270 [ 207.128752] iommufd_access_replace+0xb4/0x120 [ 207.129222] iommufd_test+0x3e5/0x37e0 [ 207.129616] ? lock_release+0x532/0x770 [ 207.130053] ? __might_fault+0x102/0x1b0 [ 207.130740] ? lock_acquire+0x427/0x4c0 [ 207.131171] ? __pfx_iommufd_test+0x10/0x10 [ 207.131604] ? __pfx_lock_release+0x10/0x10 [ 207.132041] ? __pfx_lock_acquire+0x10/0x10 [ 207.132484] ? write_comp_data+0x2f/0x90 [ 207.132910] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.133560] ? write_comp_data+0x2f/0x90 [ 207.134181] iommufd_fops_ioctl+0x37d/0x510 [ 207.134667] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.135188] ? write_comp_data+0x2f/0x90 [ 207.135615] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.136112] __x64_sys_ioctl+0x1a3/0x230 [ 207.136561] do_syscall_64+0x3b/0x90 [ 207.137182] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.137722] RIP: 0033:0x7f4b8743ee5d [ 207.138103] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.140168] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.140939] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.141647] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.142370] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.143347] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.144064] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.144789] [ 207.145025] irq event stamp: 0 [ 207.145345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.146088] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.147035] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.147902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.148553] ---[ end trace 0000000000000000 ]--- [ 207.152100] ------------[ cut here ]------------ [ 207.152613] WARNING: CPU: 0 PID: 1973 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.153622] Modules linked in: [ 207.153943] CPU: 0 PID: 1973 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.155068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.156223] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.156726] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.158616] RSP: 0018:ffff88800b5e7bd0 EFLAGS: 00010246 [ 207.159189] RAX: 0000000000000000 RBX: ffff88800b8148a8 RCX: 0000000000000000 [ 207.159914] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 207.160640] RBP: ffff88800b5e7be8 R08: ffffed1001702933 R09: ffffed1001702933 [ 207.161383] R10: ffff88800b814993 R11: ffffed1001702932 R12: ffff888010e03000 [ 207.162114] R13: ffff88800b8149e8 R14: ffff88800f503c00 R15: 0000000000000000 [ 207.162879] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.163721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.164316] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 207.165124] PKRU: 55555554 [ 207.165422] Call Trace: [ 207.165690] [ 207.165931] iommufd_access_destroy_object+0x65/0x170 [ 207.166477] iommufd_object_destroy_user+0x18e/0x220 [ 207.167060] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.167670] iommufd_access_destroy+0x43/0x70 [ 207.168147] iommufd_test_staccess_release+0x8d/0xd0 [ 207.168682] __fput+0x26d/0xa40 [ 207.169043] ____fput+0x1e/0x30 [ 207.169390] task_work_run+0x1a4/0x2d0 [ 207.169808] ? __pfx_task_work_run+0x10/0x10 [ 207.170268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.170813] ? switch_task_namespaces+0xa9/0xe0 [ 207.171330] do_exit+0xb17/0x2ef0 [ 207.171694] ? lock_acquire+0x427/0x4c0 [ 207.172115] ? __pfx_lock_release+0x10/0x10 [ 207.172566] ? __kasan_check_write+0x18/0x20 [ 207.173019] ? do_raw_spin_lock+0x132/0x2a0 [ 207.173459] ? __pfx_do_exit+0x10/0x10 [ 207.173863] ? debug_smp_processor_id+0x20/0x30 [ 207.174341] ? rcu_is_watching+0x19/0xb0 [ 207.174788] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.175276] ? trace_hardirqs_on+0x26/0x120 [ 207.175730] do_group_exit+0xe0/0x2b0 [ 207.176123] __x64_sys_exit_group+0x47/0x50 [ 207.176557] do_syscall_64+0x3b/0x90 [ 207.176945] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.177484] RIP: 0033:0x7f4b87518a4d [ 207.177865] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.178491] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.179327] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.180057] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.180777] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.181492] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.182222] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.182990] [ 207.183242] irq event stamp: 0 [ 207.183570] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.184219] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.185073] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.185917] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.186588] ---[ end trace 0000000000000000 ]--- [ 207.187967] ------------[ cut here ]------------ [ 207.188700] WARNING: CPU: 1 PID: 1973 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.190230] Modules linked in: [ 207.191082] CPU: 1 PID: 1973 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.192283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.194097] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.194856] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.197538] RSP: 0018:ffff88800b5e7b78 EFLAGS: 00010246 [ 207.198310] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.199305] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 207.200399] RBP: ffff88800b5e7b98 R08: ffffed100170293e R09: ffffed100170293e [ 207.201325] R10: ffff88800b8149ef R11: ffffed100170293d R12: ffff88800b814a90 [ 207.202419] R13: ffff88800b8148a8 R14: ffffffffffffffff R15: ffff88800b5e7c60 [ 207.203399] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.204579] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.205340] CR2: 00007f82e2fdd000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 207.206347] PKRU: 55555554 [ 207.206816] Call Trace: [ 207.207175] [ 207.207482] iommufd_ioas_destroy+0x53/0x70 [ 207.208063] iommufd_fops_release+0x1f7/0x370 [ 207.208819] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.209482] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.210138] ? write_comp_data+0x2f/0x90 [ 207.210824] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.211555] __fput+0x26d/0xa40 [ 207.212018] ____fput+0x1e/0x30 [ 207.212475] task_work_run+0x1a4/0x2d0 [ 207.213005] ? __pfx_task_work_run+0x10/0x10 [ 207.213595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.214245] ? switch_task_namespaces+0xa9/0xe0 [ 207.214928] do_exit+0xb17/0x2ef0 [ 207.215411] ? lock_acquire+0x427/0x4c0 [ 207.215952] ? __pfx_lock_release+0x10/0x10 [ 207.216529] ? __kasan_check_write+0x18/0x20 [ 207.217117] ? do_raw_spin_lock+0x132/0x2a0 [ 207.217685] ? __pfx_do_exit+0x10/0x10 [ 207.218211] ? debug_smp_processor_id+0x20/0x30 [ 207.218872] ? rcu_is_watching+0x19/0xb0 [ 207.219431] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.220076] ? trace_hardirqs_on+0x26/0x120 [ 207.220776] do_group_exit+0xe0/0x2b0 [ 207.221286] __x64_sys_exit_group+0x47/0x50 [ 207.221851] do_syscall_64+0x3b/0x90 [ 207.222421] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.223242] RIP: 0033:0x7f4b87518a4d [ 207.223745] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.224547] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.225689] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.226656] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.227736] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.228665] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.229635] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.230709] [ 207.230896] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 207.231029] irq event stamp: 0 [ 207.233115] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 207.233465] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.235700] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.236786] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.237865] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.238731] ---[ end trace 0000000000000000 ]--- [ 207.245689] ------------[ cut here ]------------ [ 207.246368] WARNING: CPU: 1 PID: 1974 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.247834] Modules linked in: [ 207.248268] CPU: 1 PID: 1974 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.249396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.250878] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.251547] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.253883] RSP: 0018:ffff888016687bb8 EFLAGS: 00010246 [ 207.254621] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 207.255562] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 207.256481] RBP: ffff888016687bd0 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 207.257403] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff88801226ec00 [ 207.258323] R13: ffff88801609b1e8 R14: ffffffff8352e670 R15: ffff888016687e68 [ 207.259330] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.260371] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.261123] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 207.262043] PKRU: 55555554 [ 207.262414] Call Trace: [ 207.262799] [ 207.263108] __iommufd_access_detach+0x1c2/0x2b0 [ 207.263771] iommufd_access_change_pt+0x149/0x270 [ 207.264418] iommufd_access_replace+0xb4/0x120 [ 207.265035] iommufd_test+0x3e5/0x37e0 [ 207.265547] ? lock_release+0x532/0x770 [ 207.266088] ? __might_fault+0x102/0x1b0 [ 207.266676] ? lock_acquire+0x427/0x4c0 [ 207.267251] ? __pfx_iommufd_test+0x10/0x10 [ 207.267836] ? __pfx_lock_release+0x10/0x10 [ 207.268434] ? __pfx_lock_acquire+0x10/0x10 [ 207.269036] ? write_comp_data+0x2f/0x90 [ 207.269618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.270307] ? write_comp_data+0x2f/0x90 [ 207.270945] iommufd_fops_ioctl+0x37d/0x510 [ 207.271588] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.272277] ? write_comp_data+0x2f/0x90 [ 207.272866] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.273772] __x64_sys_ioctl+0x1a3/0x230 [ 207.274366] do_syscall_64+0x3b/0x90 [ 207.274991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.275758] RIP: 0033:0x7f4b8743ee5d [ 207.276277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.278947] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.279983] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.280944] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.281899] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.282934] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.283921] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.284998] [ 207.285442] irq event stamp: 0 [ 207.285878] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.286801] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.288148] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.289254] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.290297] ---[ end trace 0000000000000000 ]--- [ 207.295569] ------------[ cut here ]------------ [ 207.296241] WARNING: CPU: 1 PID: 1974 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.297542] Modules linked in: [ 207.297985] CPU: 1 PID: 1974 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.299288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.300764] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.301426] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.303835] RSP: 0018:ffff888016687bd0 EFLAGS: 00010246 [ 207.304557] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 207.305509] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 207.306461] RBP: ffff888016687be8 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 207.307487] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff888012c05800 [ 207.308416] R13: ffff88801609b1e8 R14: ffff888020c43400 R15: 0000000000000000 [ 207.309359] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.310397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.311252] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.312192] PKRU: 55555554 [ 207.312583] Call Trace: [ 207.312932] [ 207.313242] iommufd_access_destroy_object+0x65/0x170 [ 207.313928] iommufd_object_destroy_user+0x18e/0x220 [ 207.314661] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.315477] iommufd_access_destroy+0x43/0x70 [ 207.316095] iommufd_test_staccess_release+0x8d/0xd0 [ 207.316781] __fput+0x26d/0xa40 [ 207.317251] ____fput+0x1e/0x30 [ 207.317707] task_work_run+0x1a4/0x2d0 [ 207.318233] ? __pfx_task_work_run+0x10/0x10 [ 207.318876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.319566] ? switch_task_namespaces+0xa9/0xe0 [ 207.320202] do_exit+0xb17/0x2ef0 [ 207.320672] ? lock_acquire+0x427/0x4c0 [ 207.321211] ? __pfx_lock_release+0x10/0x10 [ 207.321788] ? __kasan_check_write+0x18/0x20 [ 207.322379] ? do_raw_spin_lock+0x132/0x2a0 [ 207.323015] ? __pfx_do_exit+0x10/0x10 [ 207.323610] ? debug_smp_processor_id+0x20/0x30 [ 207.324029] ? rcu_is_watching+0x19/0xb0 [ 207.324377] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.324767] ? trace_hardirqs_on+0x26/0x120 [ 207.325142] do_group_exit+0xe0/0x2b0 [ 207.325469] __x64_sys_exit_group+0x47/0x50 [ 207.325833] do_syscall_64+0x3b/0x90 [ 207.326161] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.326659] RIP: 0033:0x7f4b87518a4d [ 207.326982] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.327594] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.328359] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.329070] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.329787] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.330499] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.331272] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.332002] [ 207.332242] irq event stamp: 0 [ 207.332560] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.333193] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.334026] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.334888] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.335543] ---[ end trace 0000000000000000 ]--- [ 207.336402] ------------[ cut here ]------------ [ 207.336885] WARNING: CPU: 1 PID: 1974 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.337909] Modules linked in: [ 207.338237] CPU: 1 PID: 1974 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.339163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.340298] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.340823] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.342680] RSP: 0018:ffff888016687b78 EFLAGS: 00010246 [ 207.343228] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.343940] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 207.344662] RBP: ffff888016687b98 R08: ffffed1002c1363e R09: ffffed1002c1363e [ 207.345380] R10: ffff88801609b1ef R11: ffffed1002c1363d R12: ffff88801609b290 [ 207.346089] R13: ffff88801609b0a8 R14: ffffffffffffffff R15: ffff888016687c60 [ 207.346823] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.347652] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.348233] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.348898] PKRU: 55555554 [ 207.349162] Call Trace: [ 207.349404] [ 207.349614] iommufd_ioas_destroy+0x53/0x70 [ 207.350022] iommufd_fops_release+0x1f7/0x370 [ 207.350440] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.350947] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.351414] ? write_comp_data+0x2f/0x90 [ 207.351788] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.352251] __fput+0x26d/0xa40 [ 207.352568] ____fput+0x1e/0x30 [ 207.352881] task_work_run+0x1a4/0x2d0 [ 207.353251] ? __pfx_task_work_run+0x10/0x10 [ 207.353659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.354110] ? switch_task_namespaces+0xa9/0xe0 [ 207.354569] do_exit+0xb17/0x2ef0 [ 207.354891] ? lock_acquire+0x427/0x4c0 [ 207.355284] ? __pfx_lock_release+0x10/0x10 [ 207.355689] ? __kasan_check_write+0x18/0x20 [ 207.356096] ? do_raw_spin_lock+0x132/0x2a0 [ 207.356490] ? __pfx_do_exit+0x10/0x10 [ 207.356861] ? debug_smp_processor_id+0x20/0x30 [ 207.357285] ? rcu_is_watching+0x19/0xb0 [ 207.357657] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.358072] ? trace_hardirqs_on+0x26/0x120 [ 207.358476] do_group_exit+0xe0/0x2b0 [ 207.358846] __x64_sys_exit_group+0x47/0x50 [ 207.359251] do_syscall_64+0x3b/0x90 [ 207.359604] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.360081] RIP: 0033:0x7f4b87518a4d [ 207.360422] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.360971] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.361648] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.362287] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.362947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.363598] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.364215] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.364825] [ 207.365023] irq event stamp: 0 [ 207.365291] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.365831] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.366557] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.367271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.367808] ---[ end trace 0000000000000000 ]--- [ 207.372139] ------------[ cut here ]------------ [ 207.372572] WARNING: CPU: 1 PID: 1976 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.373429] Modules linked in: [ 207.373699] CPU: 1 PID: 1976 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.374437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.375428] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.375847] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.377381] RSP: 0018:ffff8880182afbb8 EFLAGS: 00010246 [ 207.377832] RAX: 0000000000000000 RBX: ffff88800cb970a8 RCX: 0000000000000000 [ 207.378430] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 207.379047] RBP: ffff8880182afbd0 R08: ffffed1001972e33 R09: ffffed1001972e33 [ 207.379660] R10: ffff88800cb97193 R11: ffffed1001972e32 R12: ffff888020e68800 [ 207.380262] R13: ffff88800cb971e8 R14: ffffffff8352e670 R15: ffff8880182afe68 [ 207.380863] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.381539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.382029] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 207.382656] PKRU: 55555554 [ 207.382899] Call Trace: [ 207.383127] [ 207.383327] __iommufd_access_detach+0x1c2/0x2b0 [ 207.383742] iommufd_access_change_pt+0x149/0x270 [ 207.384161] iommufd_access_replace+0xb4/0x120 [ 207.384557] iommufd_test+0x3e5/0x37e0 [ 207.384887] ? lock_release+0x532/0x770 [ 207.385230] ? __might_fault+0x102/0x1b0 [ 207.385578] ? lock_acquire+0x427/0x4c0 [ 207.385918] ? __pfx_iommufd_test+0x10/0x10 [ 207.386281] ? __pfx_lock_release+0x10/0x10 [ 207.386675] ? __pfx_lock_acquire+0x10/0x10 [ 207.387037] ? write_comp_data+0x2f/0x90 [ 207.387386] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.387786] ? write_comp_data+0x2f/0x90 [ 207.388125] iommufd_fops_ioctl+0x37d/0x510 [ 207.388476] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.388875] ? write_comp_data+0x2f/0x90 [ 207.389206] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.389599] __x64_sys_ioctl+0x1a3/0x230 [ 207.389940] do_syscall_64+0x3b/0x90 [ 207.390250] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.390700] RIP: 0033:0x7f4b8743ee5d [ 207.391003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.392458] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.393067] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.393637] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.394205] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.394796] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.395374] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.395951] [ 207.396138] irq event stamp: 0 [ 207.396390] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.396891] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.397564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.398227] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.398754] ---[ end trace 0000000000000000 ]--- [ 207.401532] ------------[ cut here ]------------ [ 207.401935] WARNING: CPU: 1 PID: 1976 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.402775] Modules linked in: [ 207.403035] CPU: 1 PID: 1976 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.403742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.404636] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.405032] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.406477] RSP: 0018:ffff8880182afbd0 EFLAGS: 00010246 [ 207.406922] RAX: 0000000000000000 RBX: ffff88800cb970a8 RCX: 0000000000000000 [ 207.407495] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 207.408061] RBP: ffff8880182afbe8 R08: ffffed1001972e33 R09: ffffed1001972e33 [ 207.408628] R10: ffff88800cb97193 R11: ffffed1001972e32 R12: ffff88801226f000 [ 207.409191] R13: ffff88800cb971e8 R14: ffff8880218cad00 R15: 0000000000000000 [ 207.409758] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.410401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.410892] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.411475] PKRU: 55555554 [ 207.411702] Call Trace: [ 207.411906] [ 207.412088] iommufd_access_destroy_object+0x65/0x170 [ 207.412510] iommufd_object_destroy_user+0x18e/0x220 [ 207.412922] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.413392] iommufd_access_destroy+0x43/0x70 [ 207.413763] iommufd_test_staccess_release+0x8d/0xd0 [ 207.414179] __fput+0x26d/0xa40 [ 207.414459] ____fput+0x1e/0x30 [ 207.414753] task_work_run+0x1a4/0x2d0 [ 207.415076] ? __pfx_task_work_run+0x10/0x10 [ 207.415444] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.415842] ? switch_task_namespaces+0xa9/0xe0 [ 207.416225] do_exit+0xb17/0x2ef0 [ 207.416506] ? lock_acquire+0x427/0x4c0 [ 207.416837] ? __pfx_lock_release+0x10/0x10 [ 207.417190] ? __kasan_check_write+0x18/0x20 [ 207.417546] ? do_raw_spin_lock+0x132/0x2a0 [ 207.417901] ? __pfx_do_exit+0x10/0x10 [ 207.418223] ? debug_smp_processor_id+0x20/0x30 [ 207.418622] ? rcu_is_watching+0x19/0xb0 [ 207.418951] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.419329] ? trace_hardirqs_on+0x26/0x120 [ 207.419684] do_group_exit+0xe0/0x2b0 [ 207.419994] __x64_sys_exit_group+0x47/0x50 [ 207.420339] do_syscall_64+0x3b/0x90 [ 207.420648] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.421068] RIP: 0033:0x7f4b87518a4d [ 207.421370] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.421864] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.422469] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.423058] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.423633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.424201] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.424770] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.425345] [ 207.425534] irq event stamp: 0 [ 207.425788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.426290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.426975] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.427649] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.428149] ---[ end trace 0000000000000000 ]--- [ 207.428852] ------------[ cut here ]------------ [ 207.429227] WARNING: CPU: 1 PID: 1976 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.430035] Modules linked in: [ 207.430291] CPU: 1 PID: 1976 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.431010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.431913] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.432327] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.433783] RSP: 0018:ffff8880182afb78 EFLAGS: 00010246 [ 207.434215] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.434799] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 207.435357] RBP: ffff8880182afb98 R08: ffffed1001972e3e R09: ffffed1001972e3e [ 207.435908] R10: ffff88800cb971ef R11: ffffed1001972e3d R12: ffff88800cb97290 [ 207.436458] R13: ffff88800cb970a8 R14: ffffffffffffffff R15: ffff8880182afc60 [ 207.437012] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.437634] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.438088] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.438667] PKRU: 55555554 [ 207.438888] Call Trace: [ 207.439090] [ 207.439278] iommufd_ioas_destroy+0x53/0x70 [ 207.439627] iommufd_fops_release+0x1f7/0x370 [ 207.439984] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.440385] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.440775] ? write_comp_data+0x2f/0x90 [ 207.441100] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.441494] __fput+0x26d/0xa40 [ 207.441767] ____fput+0x1e/0x30 [ 207.442035] task_work_run+0x1a4/0x2d0 [ 207.442350] ? __pfx_task_work_run+0x10/0x10 [ 207.442723] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.443108] ? switch_task_namespaces+0xa9/0xe0 [ 207.443491] do_exit+0xb17/0x2ef0 [ 207.443770] ? lock_acquire+0x427/0x4c0 [ 207.444093] ? __pfx_lock_release+0x10/0x10 [ 207.444435] ? __kasan_check_write+0x18/0x20 [ 207.444783] ? do_raw_spin_lock+0x132/0x2a0 [ 207.445122] ? __pfx_do_exit+0x10/0x10 [ 207.445439] ? debug_smp_processor_id+0x20/0x30 [ 207.445806] ? rcu_is_watching+0x19/0xb0 [ 207.446126] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.446484] ? trace_hardirqs_on+0x26/0x120 [ 207.446855] do_group_exit+0xe0/0x2b0 [ 207.447167] __x64_sys_exit_group+0x47/0x50 [ 207.447507] do_syscall_64+0x3b/0x90 [ 207.447805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.448214] RIP: 0033:0x7f4b87518a4d [ 207.448510] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.448985] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.449569] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.450117] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.450684] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.451239] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.451784] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.452340] [ 207.452520] irq event stamp: 0 [ 207.452761] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.453242] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.453878] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.454538] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.455020] ---[ end trace 0000000000000000 ]--- [ 207.459622] ------------[ cut here ]------------ [ 207.460013] WARNING: CPU: 1 PID: 1977 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.460784] Modules linked in: [ 207.461031] CPU: 1 PID: 1977 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.461697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.462765] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.463159] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.464544] RSP: 0018:ffff888013697bb8 EFLAGS: 00010246 [ 207.464951] RAX: 0000000000000000 RBX: ffff88800efb38a8 RCX: 0000000000000000 [ 207.465492] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 207.466031] RBP: ffff888013697bd0 R08: ffffed1001df6733 R09: ffffed1001df6733 [ 207.466600] R10: ffff88800efb3993 R11: ffffed1001df6732 R12: ffff888014111800 [ 207.467153] R13: ffff88800efb39e8 R14: ffffffff8352e670 R15: ffff888013697e68 [ 207.467697] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.468307] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.468750] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 207.469296] PKRU: 55555554 [ 207.469515] Call Trace: [ 207.469712] [ 207.469886] __iommufd_access_detach+0x1c2/0x2b0 [ 207.470264] iommufd_access_change_pt+0x149/0x270 [ 207.470675] iommufd_access_replace+0xb4/0x120 [ 207.471038] iommufd_test+0x3e5/0x37e0 [ 207.471353] ? lock_release+0x532/0x770 [ 207.471672] ? __might_fault+0x102/0x1b0 [ 207.471994] ? lock_acquire+0x427/0x4c0 [ 207.472312] ? __pfx_iommufd_test+0x10/0x10 [ 207.472643] ? __pfx_lock_release+0x10/0x10 [ 207.472983] ? __pfx_lock_acquire+0x10/0x10 [ 207.473328] ? write_comp_data+0x2f/0x90 [ 207.473651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.474028] ? write_comp_data+0x2f/0x90 [ 207.474353] iommufd_fops_ioctl+0x37d/0x510 [ 207.474722] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.475105] ? write_comp_data+0x2f/0x90 [ 207.475444] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.475824] __x64_sys_ioctl+0x1a3/0x230 [ 207.476150] do_syscall_64+0x3b/0x90 [ 207.476453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.477144] RIP: 0033:0x7f4b8743ee5d [ 207.477441] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.478861] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.479496] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.480108] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.480655] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.481199] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.481747] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.482425] [ 207.482623] irq event stamp: 0 [ 207.482867] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.483364] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.484012] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.484659] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.485175] ---[ end trace 0000000000000000 ]--- [ 207.488000] ------------[ cut here ]------------ [ 207.488396] WARNING: CPU: 1 PID: 1977 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.489174] Modules linked in: [ 207.489424] CPU: 1 PID: 1977 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.490204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.491094] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.491491] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.492997] RSP: 0018:ffff888013697bd0 EFLAGS: 00010246 [ 207.493409] RAX: 0000000000000000 RBX: ffff88800efb38a8 RCX: 0000000000000000 [ 207.493954] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 207.494499] RBP: ffff888013697be8 R08: ffffed1001df6733 R09: ffffed1001df6733 [ 207.495099] R10: ffff88800efb3993 R11: ffffed1001df6732 R12: ffff888020e6ac00 [ 207.495726] R13: ffff88800efb39e8 R14: ffff888012c78700 R15: 0000000000000000 [ 207.496274] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.496892] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.497340] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.497983] PKRU: 55555554 [ 207.498204] Call Trace: [ 207.498408] [ 207.498606] iommufd_access_destroy_object+0x65/0x170 [ 207.499017] iommufd_object_destroy_user+0x18e/0x220 [ 207.499430] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.499886] iommufd_access_destroy+0x43/0x70 [ 207.500245] iommufd_test_staccess_release+0x8d/0xd0 [ 207.500652] __fput+0x26d/0xa40 [ 207.500963] ____fput+0x1e/0x30 [ 207.501325] task_work_run+0x1a4/0x2d0 [ 207.501638] ? __pfx_task_work_run+0x10/0x10 [ 207.501989] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.502376] ? switch_task_namespaces+0xa9/0xe0 [ 207.502778] do_exit+0xb17/0x2ef0 [ 207.503051] ? lock_acquire+0x427/0x4c0 [ 207.503379] ? __pfx_lock_release+0x10/0x10 [ 207.503720] ? __kasan_check_write+0x18/0x20 [ 207.504065] ? do_raw_spin_lock+0x132/0x2a0 [ 207.504403] ? __pfx_do_exit+0x10/0x10 [ 207.504718] ? debug_smp_processor_id+0x20/0x30 [ 207.505162] ? rcu_is_watching+0x19/0xb0 [ 207.505557] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.505915] ? trace_hardirqs_on+0x26/0x120 [ 207.506256] do_group_exit+0xe0/0x2b0 [ 207.506580] __x64_sys_exit_group+0x47/0x50 [ 207.506917] do_syscall_64+0x3b/0x90 [ 207.507223] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.507631] RIP: 0033:0x7f4b87518a4d [ 207.507919] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.508391] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.509097] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.509642] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.510187] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.510755] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.511314] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.511871] [ 207.512065] irq event stamp: 0 [ 207.512369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.512908] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.513562] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.514217] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.514741] ---[ end trace 0000000000000000 ]--- [ 207.515438] ------------[ cut here ]------------ [ 207.515824] WARNING: CPU: 1 PID: 1977 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.516753] Modules linked in: [ 207.517012] CPU: 1 PID: 1977 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.517720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.518660] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.519085] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.520700] RSP: 0018:ffff888013697b78 EFLAGS: 00010246 [ 207.521134] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.521708] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 207.522284] RBP: ffff888013697b98 R08: ffffed1001df673e R09: ffffed1001df673e [ 207.523012] R10: ffff88800efb39ef R11: ffffed1001df673d R12: ffff88800efb3a90 [ 207.523601] R13: ffff88800efb38a8 R14: ffffffffffffffff R15: ffff888013697c60 [ 207.524179] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.524836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.525304] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.525882] PKRU: 55555554 [ 207.526150] Call Trace: [ 207.526403] [ 207.526679] iommufd_ioas_destroy+0x53/0x70 [ 207.527042] iommufd_fops_release+0x1f7/0x370 [ 207.527423] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.527834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.528240] ? write_comp_data+0x2f/0x90 [ 207.528580] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.528989] __fput+0x26d/0xa40 [ 207.529275] ____fput+0x1e/0x30 [ 207.529555] task_work_run+0x1a4/0x2d0 [ 207.529947] ? __pfx_task_work_run+0x10/0x10 [ 207.530384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.530832] ? switch_task_namespaces+0xa9/0xe0 [ 207.531241] do_exit+0xb17/0x2ef0 [ 207.531534] ? lock_acquire+0x427/0x4c0 [ 207.531868] ? __pfx_lock_release+0x10/0x10 [ 207.532224] ? __kasan_check_write+0x18/0x20 [ 207.532587] ? do_raw_spin_lock+0x132/0x2a0 [ 207.532938] ? __pfx_do_exit+0x10/0x10 [ 207.533268] ? debug_smp_processor_id+0x20/0x30 [ 207.533728] ? rcu_is_watching+0x19/0xb0 [ 207.534133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.534537] ? trace_hardirqs_on+0x26/0x120 [ 207.534902] do_group_exit+0xe0/0x2b0 [ 207.535237] __x64_sys_exit_group+0x47/0x50 [ 207.535591] do_syscall_64+0x3b/0x90 [ 207.535904] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.536332] RIP: 0033:0x7f4b87518a4d [ 207.536634] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.537133] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.537901] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.538475] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.539078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.539666] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.540252] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.540838] [ 207.541031] irq event stamp: 0 [ 207.541316] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.541945] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.542653] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.543338] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.543849] ---[ end trace 0000000000000000 ]--- [ 207.547542] ------------[ cut here ]------------ [ 207.547998] WARNING: CPU: 1 PID: 1978 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.548940] Modules linked in: [ 207.549202] CPU: 1 PID: 1978 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.549908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.550893] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.551317] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.552934] RSP: 0018:ffff888016687bb8 EFLAGS: 00010246 [ 207.553366] RAX: 0000000000000000 RBX: ffff8880179480a8 RCX: 0000000000000000 [ 207.553943] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 207.554549] RBP: ffff888016687bd0 R08: ffffed1002f29033 R09: ffffed1002f29033 [ 207.555136] R10: ffff888017948193 R11: ffffed1002f29032 R12: ffff888010e00c00 [ 207.555845] R13: ffff8880179481e8 R14: ffffffff8352e670 R15: ffff888016687e68 [ 207.556422] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.557072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.557539] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 207.558113] PKRU: 55555554 [ 207.558408] Call Trace: [ 207.558717] [ 207.558904] __iommufd_access_detach+0x1c2/0x2b0 [ 207.559312] iommufd_access_change_pt+0x149/0x270 [ 207.559714] iommufd_access_replace+0xb4/0x120 [ 207.560097] iommufd_test+0x3e5/0x37e0 [ 207.560416] ? lock_release+0x532/0x770 [ 207.560753] ? __might_fault+0x102/0x1b0 [ 207.561093] ? lock_acquire+0x427/0x4c0 [ 207.561428] ? __pfx_iommufd_test+0x10/0x10 [ 207.561781] ? __pfx_lock_release+0x10/0x10 [ 207.562258] ? __pfx_lock_acquire+0x10/0x10 [ 207.562653] ? write_comp_data+0x2f/0x90 [ 207.562993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.563399] ? write_comp_data+0x2f/0x90 [ 207.563744] iommufd_fops_ioctl+0x37d/0x510 [ 207.564106] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.564514] ? write_comp_data+0x2f/0x90 [ 207.564860] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.565271] __x64_sys_ioctl+0x1a3/0x230 [ 207.565644] do_syscall_64+0x3b/0x90 [ 207.566063] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.566499] RIP: 0033:0x7f4b8743ee5d [ 207.566832] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.568313] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.568930] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.569584] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.570224] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.570823] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.571408] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.571999] [ 207.572190] irq event stamp: 0 [ 207.572449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.573089] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.573773] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.574447] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.574983] ---[ end trace 0000000000000000 ]--- [ 207.578087] ------------[ cut here ]------------ [ 207.578498] WARNING: CPU: 1 PID: 1978 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.579360] Modules linked in: [ 207.579624] CPU: 1 PID: 1978 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.580472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.581396] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.581802] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.583408] RSP: 0018:ffff888016687bd0 EFLAGS: 00010246 [ 207.583898] RAX: 0000000000000000 RBX: ffff8880179480a8 RCX: 0000000000000000 [ 207.584474] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 207.585049] RBP: ffff888016687be8 R08: ffffed1002f29033 R09: ffffed1002f29033 [ 207.585626] R10: ffff888017948193 R11: ffffed1002f29032 R12: ffff8880218e3400 [ 207.586204] R13: ffff8880179481e8 R14: ffff888012de2d00 R15: 0000000000000000 [ 207.586934] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.587596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.588069] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 207.588647] PKRU: 55555554 [ 207.588879] Call Trace: [ 207.589091] [ 207.589276] iommufd_access_destroy_object+0x65/0x170 [ 207.589703] iommufd_object_destroy_user+0x18e/0x220 [ 207.590261] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.590765] iommufd_access_destroy+0x43/0x70 [ 207.591149] iommufd_test_staccess_release+0x8d/0xd0 [ 207.591573] __fput+0x26d/0xa40 [ 207.591859] ____fput+0x1e/0x30 [ 207.592142] task_work_run+0x1a4/0x2d0 [ 207.592473] ? __pfx_task_work_run+0x10/0x10 [ 207.592840] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.593246] ? switch_task_namespaces+0xa9/0xe0 [ 207.593730] do_exit+0xb17/0x2ef0 [ 207.594092] ? lock_acquire+0x427/0x4c0 [ 207.594431] ? __pfx_lock_release+0x10/0x10 [ 207.594818] ? __kasan_check_write+0x18/0x20 [ 207.595199] ? do_raw_spin_lock+0x132/0x2a0 [ 207.595561] ? __pfx_do_exit+0x10/0x10 [ 207.595889] ? debug_smp_processor_id+0x20/0x30 [ 207.596275] ? rcu_is_watching+0x19/0xb0 [ 207.596614] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.596991] ? trace_hardirqs_on+0x26/0x120 [ 207.597399] do_group_exit+0xe0/0x2b0 [ 207.597772] __x64_sys_exit_group+0x47/0x50 [ 207.598124] do_syscall_64+0x3b/0x90 [ 207.598439] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.598896] RIP: 0033:0x7f4b87518a4d [ 207.599216] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.599717] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.600333] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.600995] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.601638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.602219] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.602827] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.603426] [ 207.603642] irq event stamp: 0 [ 207.604002] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.604517] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.605195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.605871] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.606531] ---[ end trace 0000000000000000 ]--- [ 207.607282] ------------[ cut here ]------------ [ 207.607668] WARNING: CPU: 1 PID: 1978 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.608504] Modules linked in: [ 207.608786] CPU: 1 PID: 1978 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.609600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.610548] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.610971] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.612585] RSP: 0018:ffff888016687b78 EFLAGS: 00010246 [ 207.613017] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.613602] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 207.614253] RBP: ffff888016687b98 R08: ffffed1002f2903e R09: ffffed1002f2903e [ 207.614927] R10: ffff8880179481ef R11: ffffed1002f2903d R12: ffff888017948290 [ 207.615515] R13: ffff8880179480a8 R14: ffffffffffffffff R15: ffff888016687c60 [ 207.616096] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.616780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.617428] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 207.618040] PKRU: 55555554 [ 207.618289] Call Trace: [ 207.618537] [ 207.618733] iommufd_ioas_destroy+0x53/0x70 [ 207.619112] iommufd_fops_release+0x1f7/0x370 [ 207.619517] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.620008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.620496] ? write_comp_data+0x2f/0x90 [ 207.620853] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.621285] __fput+0x26d/0xa40 [ 207.621585] ____fput+0x1e/0x30 [ 207.621877] task_work_run+0x1a4/0x2d0 [ 207.622219] ? __pfx_task_work_run+0x10/0x10 [ 207.622713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.623237] ? switch_task_namespaces+0xa9/0xe0 [ 207.623647] do_exit+0xb17/0x2ef0 [ 207.623945] ? lock_acquire+0x427/0x4c0 [ 207.624295] ? __pfx_lock_release+0x10/0x10 [ 207.624671] ? __kasan_check_write+0x18/0x20 [ 207.625053] ? do_raw_spin_lock+0x132/0x2a0 [ 207.625425] ? __pfx_do_exit+0x10/0x10 [ 207.625832] ? debug_smp_processor_id+0x20/0x30 [ 207.626281] ? rcu_is_watching+0x19/0xb0 [ 207.626659] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.627050] ? trace_hardirqs_on+0x26/0x120 [ 207.627436] do_group_exit+0xe0/0x2b0 [ 207.627770] __x64_sys_exit_group+0x47/0x50 [ 207.628140] do_syscall_64+0x3b/0x90 [ 207.628506] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.629035] RIP: 0033:0x7f4b87518a4d [ 207.629362] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.629897] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.630578] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.631201] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.631988] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.632613] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.633225] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.633845] [ 207.634108] irq event stamp: 0 [ 207.634488] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.635072] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.636066] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.637402] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.638154] ---[ end trace 0000000000000000 ]--- [ 207.645832] ------------[ cut here ]------------ [ 207.646489] WARNING: CPU: 1 PID: 1979 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.647825] Modules linked in: [ 207.648213] CPU: 1 PID: 1979 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.649361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.650771] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.651455] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.653782] RSP: 0018:ffff888013697bb8 EFLAGS: 00010246 [ 207.654428] RAX: 0000000000000000 RBX: ffff8880104670a8 RCX: 0000000000000000 [ 207.655484] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 207.656345] RBP: ffff888013697bd0 R08: ffffed100208ce33 R09: ffffed100208ce33 [ 207.657330] R10: ffff888010467193 R11: ffffed100208ce32 R12: ffff888014581000 [ 207.658188] R13: ffff8880104671e8 R14: ffffffff8352e670 R15: ffff888013697e68 [ 207.659134] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.660188] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.660893] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 207.661901] PKRU: 55555554 [ 207.662252] Call Trace: [ 207.662640] [ 207.662934] __iommufd_access_detach+0x1c2/0x2b0 [ 207.663659] iommufd_access_change_pt+0x149/0x270 [ 207.664277] iommufd_access_replace+0xb4/0x120 [ 207.664862] iommufd_test+0x3e5/0x37e0 [ 207.665422] ? lock_release+0x532/0x770 [ 207.666009] ? __might_fault+0x102/0x1b0 [ 207.666579] ? lock_acquire+0x427/0x4c0 [ 207.667084] ? __pfx_iommufd_test+0x10/0x10 [ 207.667738] ? __pfx_lock_release+0x10/0x10 [ 207.668278] ? __pfx_lock_acquire+0x10/0x10 [ 207.668813] ? write_comp_data+0x2f/0x90 [ 207.669531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.670123] ? write_comp_data+0x2f/0x90 [ 207.670675] iommufd_fops_ioctl+0x37d/0x510 [ 207.671226] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.671807] ? write_comp_data+0x2f/0x90 [ 207.672298] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.672855] __x64_sys_ioctl+0x1a3/0x230 [ 207.673351] do_syscall_64+0x3b/0x90 [ 207.673805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.674415] RIP: 0033:0x7f4b8743ee5d [ 207.674899] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.676960] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.677835] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.678692] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.679526] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.680336] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.681150] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.681973] [ 207.682255] irq event stamp: 0 [ 207.682671] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.683416] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.684373] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.685313] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.686021] ---[ end trace 0000000000000000 ]--- [ 207.690467] ------------[ cut here ]------------ [ 207.691082] WARNING: CPU: 1 PID: 1979 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.692232] Modules linked in: [ 207.692602] CPU: 1 PID: 1979 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.693575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.694954] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.695548] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.697536] RSP: 0018:ffff888013697bd0 EFLAGS: 00010246 [ 207.698127] RAX: 0000000000000000 RBX: ffff8880104670a8 RCX: 0000000000000000 [ 207.698947] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 207.699752] RBP: ffff888013697be8 R08: ffffed100208ce33 R09: ffffed100208ce33 [ 207.700537] R10: ffff888010467193 R11: ffffed100208ce32 R12: ffff888010e01800 [ 207.701319] R13: ffff8880104671e8 R14: ffff88800f5da500 R15: 0000000000000000 [ 207.702107] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.703017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.703661] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.704426] PKRU: 55555554 [ 207.704741] Call Trace: [ 207.705023] [ 207.705274] iommufd_access_destroy_object+0x65/0x170 [ 207.705841] iommufd_object_destroy_user+0x18e/0x220 [ 207.706406] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.707079] iommufd_access_destroy+0x43/0x70 [ 207.707610] iommufd_test_staccess_release+0x8d/0xd0 [ 207.708180] __fput+0x26d/0xa40 [ 207.708569] ____fput+0x1e/0x30 [ 207.708944] task_work_run+0x1a4/0x2d0 [ 207.709379] ? __pfx_task_work_run+0x10/0x10 [ 207.709870] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.710410] ? switch_task_namespaces+0xa9/0xe0 [ 207.710973] do_exit+0xb17/0x2ef0 [ 207.711376] ? lock_acquire+0x427/0x4c0 [ 207.711821] ? __pfx_lock_release+0x10/0x10 [ 207.712298] ? __kasan_check_write+0x18/0x20 [ 207.712780] ? do_raw_spin_lock+0x132/0x2a0 [ 207.713249] ? __pfx_do_exit+0x10/0x10 [ 207.713688] ? debug_smp_processor_id+0x20/0x30 [ 207.714195] ? rcu_is_watching+0x19/0xb0 [ 207.714675] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.715188] ? trace_hardirqs_on+0x26/0x120 [ 207.715667] do_group_exit+0xe0/0x2b0 [ 207.716086] __x64_sys_exit_group+0x47/0x50 [ 207.716549] do_syscall_64+0x3b/0x90 [ 207.716956] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.717499] RIP: 0033:0x7f4b87518a4d [ 207.717891] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.718564] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.719367] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.720108] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.720848] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.721586] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.722325] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.723133] [ 207.723393] irq event stamp: 0 [ 207.723729] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.724385] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.725259] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.726123] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.726811] ---[ end trace 0000000000000000 ]--- [ 207.727887] ------------[ cut here ]------------ [ 207.728380] WARNING: CPU: 1 PID: 1979 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.729439] Modules linked in: [ 207.729779] CPU: 1 PID: 1979 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.730720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.731726] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.732102] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.733380] RSP: 0018:ffff888013697b78 EFLAGS: 00010246 [ 207.733750] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.734251] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 207.734784] RBP: ffff888013697b98 R08: ffffed100208ce3e R09: ffffed100208ce3e [ 207.735353] R10: ffff8880104671ef R11: ffffed100208ce3d R12: ffff888010467290 [ 207.735848] R13: ffff8880104670a8 R14: ffffffffffffffff R15: ffff888013697c60 [ 207.736341] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.736903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.737304] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.737806] PKRU: 55555554 [ 207.738005] Call Trace: [ 207.738184] [ 207.738345] iommufd_ioas_destroy+0x53/0x70 [ 207.738680] iommufd_fops_release+0x1f7/0x370 [ 207.739102] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.739593] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.740070] ? write_comp_data+0x2f/0x90 [ 207.740478] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.741024] __fput+0x26d/0xa40 [ 207.741333] ____fput+0x1e/0x30 [ 207.741682] task_work_run+0x1a4/0x2d0 [ 207.742090] ? __pfx_task_work_run+0x10/0x10 [ 207.742552] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.743025] ? switch_task_namespaces+0xa9/0xe0 [ 207.743496] do_exit+0xb17/0x2ef0 [ 207.743828] ? lock_acquire+0x427/0x4c0 [ 207.744201] ? __pfx_lock_release+0x10/0x10 [ 207.744627] ? __kasan_check_write+0x18/0x20 [ 207.745083] ? do_raw_spin_lock+0x132/0x2a0 [ 207.745510] ? __pfx_do_exit+0x10/0x10 [ 207.745897] ? debug_smp_processor_id+0x20/0x30 [ 207.746347] ? rcu_is_watching+0x19/0xb0 [ 207.746750] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.747223] ? trace_hardirqs_on+0x26/0x120 [ 207.747646] do_group_exit+0xe0/0x2b0 [ 207.748014] __x64_sys_exit_group+0x47/0x50 [ 207.748431] do_syscall_64+0x3b/0x90 [ 207.748805] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.749302] RIP: 0033:0x7f4b87518a4d [ 207.749687] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.750262] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.751004] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.751693] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.752404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.753080] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.753764] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.754445] [ 207.754741] irq event stamp: 0 [ 207.755041] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.755673] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.756478] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.757301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.757904] ---[ end trace 0000000000000000 ]--- [ 207.763665] ------------[ cut here ]------------ [ 207.764167] WARNING: CPU: 1 PID: 1980 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.765151] Modules linked in: [ 207.765468] CPU: 1 PID: 1980 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.766309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.767476] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.767955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.769682] RSP: 0018:ffff888016687bb8 EFLAGS: 00010246 [ 207.770218] RAX: 0000000000000000 RBX: ffff88801609c8a8 RCX: 0000000000000000 [ 207.770933] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 207.771617] RBP: ffff888016687bd0 R08: ffffed1002c13933 R09: ffffed1002c13933 [ 207.772344] R10: ffff88801609c993 R11: ffffed1002c13932 R12: ffff88801226d800 [ 207.773100] R13: ffff88801609c9e8 R14: ffffffff8352e670 R15: ffff888016687e68 [ 207.773791] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.774601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.775154] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 207.775745] PKRU: 55555554 [ 207.775958] Call Trace: [ 207.776147] [ 207.776356] __iommufd_access_detach+0x1c2/0x2b0 [ 207.776952] iommufd_access_change_pt+0x149/0x270 [ 207.777322] iommufd_access_replace+0xb4/0x120 [ 207.777670] iommufd_test+0x3e5/0x37e0 [ 207.777960] ? lock_release+0x532/0x770 [ 207.778374] ? __might_fault+0x102/0x1b0 [ 207.778716] ? lock_acquire+0x427/0x4c0 [ 207.779023] ? __pfx_iommufd_test+0x10/0x10 [ 207.779358] ? __pfx_lock_release+0x10/0x10 [ 207.779687] ? __pfx_lock_acquire+0x10/0x10 [ 207.780017] ? write_comp_data+0x2f/0x90 [ 207.780330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.780696] ? write_comp_data+0x2f/0x90 [ 207.781009] iommufd_fops_ioctl+0x37d/0x510 [ 207.781334] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.781705] ? write_comp_data+0x2f/0x90 [ 207.782017] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.782381] __x64_sys_ioctl+0x1a3/0x230 [ 207.782711] do_syscall_64+0x3b/0x90 [ 207.782999] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.783396] RIP: 0033:0x7f4b8743ee5d [ 207.783677] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.785019] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.785578] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.786100] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.786638] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.787169] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.787699] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.788233] [ 207.788407] irq event stamp: 0 [ 207.788641] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.789106] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.789721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.790335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.790811] ---[ end trace 0000000000000000 ]--- [ 207.793521] ------------[ cut here ]------------ [ 207.793899] WARNING: CPU: 1 PID: 1980 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.794670] Modules linked in: [ 207.794909] CPU: 1 PID: 1980 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.795560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.796394] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.796761] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.798101] RSP: 0018:ffff888016687bd0 EFLAGS: 00010246 [ 207.798493] RAX: 0000000000000000 RBX: ffff88801609c8a8 RCX: 0000000000000000 [ 207.799036] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 207.799565] RBP: ffff888016687be8 R08: ffffed1002c13933 R09: ffffed1002c13933 [ 207.800086] R10: ffff88801609c993 R11: ffffed1002c13932 R12: ffff888013b16800 [ 207.800607] R13: ffff88801609c9e8 R14: ffff8880103c9600 R15: 0000000000000000 [ 207.801129] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.801720] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.802146] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.802687] PKRU: 55555554 [ 207.802896] Call Trace: [ 207.803086] [ 207.803261] iommufd_access_destroy_object+0x65/0x170 [ 207.803647] iommufd_object_destroy_user+0x18e/0x220 [ 207.804028] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.804465] iommufd_access_destroy+0x43/0x70 [ 207.804809] iommufd_test_staccess_release+0x8d/0xd0 [ 207.805198] __fput+0x26d/0xa40 [ 207.805458] ____fput+0x1e/0x30 [ 207.805712] task_work_run+0x1a4/0x2d0 [ 207.806010] ? __pfx_task_work_run+0x10/0x10 [ 207.806342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.806728] ? switch_task_namespaces+0xa9/0xe0 [ 207.807087] do_exit+0xb17/0x2ef0 [ 207.807352] ? lock_acquire+0x427/0x4c0 [ 207.807658] ? __pfx_lock_release+0x10/0x10 [ 207.807984] ? __kasan_check_write+0x18/0x20 [ 207.808316] ? do_raw_spin_lock+0x132/0x2a0 [ 207.808636] ? __pfx_do_exit+0x10/0x10 [ 207.808933] ? debug_smp_processor_id+0x20/0x30 [ 207.809280] ? rcu_is_watching+0x19/0xb0 [ 207.809587] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.809931] ? trace_hardirqs_on+0x26/0x120 [ 207.810256] do_group_exit+0xe0/0x2b0 [ 207.810554] __x64_sys_exit_group+0x47/0x50 [ 207.810875] do_syscall_64+0x3b/0x90 [ 207.811168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.811563] RIP: 0033:0x7f4b87518a4d [ 207.811839] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.812295] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.812854] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.813380] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.813904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.814427] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.814965] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.815503] [ 207.815677] irq event stamp: 0 [ 207.815910] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.816363] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.816965] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.817565] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.818018] ---[ end trace 0000000000000000 ]--- [ 207.818690] ------------[ cut here ]------------ [ 207.819035] WARNING: CPU: 1 PID: 1980 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.819782] Modules linked in: [ 207.820016] CPU: 1 PID: 1980 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.820649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.821463] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.821834] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.823170] RSP: 0018:ffff888016687b78 EFLAGS: 00010246 [ 207.823557] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.824072] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 207.824586] RBP: ffff888016687b98 R08: ffffed1002c1393e R09: ffffed1002c1393e [ 207.825099] R10: ffff88801609c9ef R11: ffffed1002c1393d R12: ffff88801609ca90 [ 207.825613] R13: ffff88801609c8a8 R14: ffffffffffffffff R15: ffff888016687c60 [ 207.826126] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 207.826722] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.827149] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 207.827668] PKRU: 55555554 [ 207.827873] Call Trace: [ 207.828059] [ 207.828224] iommufd_ioas_destroy+0x53/0x70 [ 207.828544] iommufd_fops_release+0x1f7/0x370 [ 207.828878] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.829244] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.829609] ? write_comp_data+0x2f/0x90 [ 207.829915] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.830280] __fput+0x26d/0xa40 [ 207.830548] ____fput+0x1e/0x30 [ 207.830801] task_work_run+0x1a4/0x2d0 [ 207.831094] ? __pfx_task_work_run+0x10/0x10 [ 207.831423] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.831783] ? switch_task_namespaces+0xa9/0xe0 [ 207.832131] do_exit+0xb17/0x2ef0 [ 207.832385] ? lock_acquire+0x427/0x4c0 [ 207.832685] ? __pfx_lock_release+0x10/0x10 [ 207.833007] ? __kasan_check_write+0x18/0x20 [ 207.833330] ? do_raw_spin_lock+0x132/0x2a0 [ 207.833645] ? __pfx_do_exit+0x10/0x10 [ 207.833937] ? debug_smp_processor_id+0x20/0x30 [ 207.834279] ? rcu_is_watching+0x19/0xb0 [ 207.834589] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.834925] ? trace_hardirqs_on+0x26/0x120 [ 207.835252] do_group_exit+0xe0/0x2b0 [ 207.835534] __x64_sys_exit_group+0x47/0x50 [ 207.835848] do_syscall_64+0x3b/0x90 [ 207.836128] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.836510] RIP: 0033:0x7f4b87518a4d [ 207.836781] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.837228] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.837776] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.838292] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.838818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.839339] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.839855] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.840370] [ 207.840537] irq event stamp: 0 [ 207.840763] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.841212] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.841806] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.842398] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.842860] ---[ end trace 0000000000000000 ]--- [ 207.847940] ------------[ cut here ]------------ [ 207.848477] WARNING: CPU: 0 PID: 1981 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.849537] Modules linked in: [ 207.849878] CPU: 0 PID: 1981 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.851079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.852250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.852771] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.854657] RSP: 0018:ffff888013697bb8 EFLAGS: 00010246 [ 207.855224] RAX: 0000000000000000 RBX: ffff8880147980a8 RCX: 0000000000000000 [ 207.855958] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 207.856692] RBP: ffff888013697bd0 R08: ffffed10028f3033 R09: ffffed10028f3033 [ 207.857423] R10: ffff888014798193 R11: ffffed10028f3032 R12: ffff888012c04800 [ 207.858158] R13: ffff8880147981e8 R14: ffffffff8352e670 R15: ffff888013697e68 [ 207.858917] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.859759] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.860361] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 207.861097] PKRU: 55555554 [ 207.861395] Call Trace: [ 207.861666] [ 207.861908] __iommufd_access_detach+0x1c2/0x2b0 [ 207.862426] iommufd_access_change_pt+0x149/0x270 [ 207.862977] iommufd_access_replace+0xb4/0x120 [ 207.863483] iommufd_test+0x3e5/0x37e0 [ 207.863895] ? lock_release+0x532/0x770 [ 207.864326] ? __might_fault+0x102/0x1b0 [ 207.864764] ? lock_acquire+0x427/0x4c0 [ 207.865193] ? __pfx_iommufd_test+0x10/0x10 [ 207.865646] ? __pfx_lock_release+0x10/0x10 [ 207.866109] ? __pfx_lock_acquire+0x10/0x10 [ 207.866601] ? write_comp_data+0x2f/0x90 [ 207.867047] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.867578] ? write_comp_data+0x2f/0x90 [ 207.868020] iommufd_fops_ioctl+0x37d/0x510 [ 207.868479] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.868998] ? write_comp_data+0x2f/0x90 [ 207.869440] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.869949] __x64_sys_ioctl+0x1a3/0x230 [ 207.870391] do_syscall_64+0x3b/0x90 [ 207.870827] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.871390] RIP: 0033:0x7f4b8743ee5d [ 207.871786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.873641] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.874429] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.875281] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.875782] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.876278] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.876771] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.877277] [ 207.877442] irq event stamp: 0 [ 207.877663] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.878097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.878687] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.879271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.879709] ---[ end trace 0000000000000000 ]--- [ 207.882261] ------------[ cut here ]------------ [ 207.882617] WARNING: CPU: 0 PID: 1981 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.883327] Modules linked in: [ 207.883551] CPU: 0 PID: 1981 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.884156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.884931] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.885280] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.886547] RSP: 0018:ffff888013697bd0 EFLAGS: 00010246 [ 207.886917] RAX: 0000000000000000 RBX: ffff8880147980a8 RCX: 0000000000000000 [ 207.887413] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 207.887905] RBP: ffff888013697be8 R08: ffffed10028f3033 R09: ffffed10028f3033 [ 207.888404] R10: ffff888014798193 R11: ffffed10028f3032 R12: ffff888010827400 [ 207.888905] R13: ffff8880147981e8 R14: ffff888013d63a00 R15: 0000000000000000 [ 207.889408] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.889971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.890380] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 207.890900] PKRU: 55555554 [ 207.891104] Call Trace: [ 207.891298] [ 207.891463] iommufd_access_destroy_object+0x65/0x170 [ 207.891833] iommufd_object_destroy_user+0x18e/0x220 [ 207.892205] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.892620] iommufd_access_destroy+0x43/0x70 [ 207.892947] iommufd_test_staccess_release+0x8d/0xd0 [ 207.893315] __fput+0x26d/0xa40 [ 207.893567] ____fput+0x1e/0x30 [ 207.893810] task_work_run+0x1a4/0x2d0 [ 207.894092] ? __pfx_task_work_run+0x10/0x10 [ 207.894407] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.894773] ? switch_task_namespaces+0xa9/0xe0 [ 207.895119] do_exit+0xb17/0x2ef0 [ 207.895368] ? lock_acquire+0x427/0x4c0 [ 207.895659] ? __pfx_lock_release+0x10/0x10 [ 207.895972] ? __kasan_check_write+0x18/0x20 [ 207.896288] ? do_raw_spin_lock+0x132/0x2a0 [ 207.896596] ? __pfx_do_exit+0x10/0x10 [ 207.896881] ? debug_smp_processor_id+0x20/0x30 [ 207.897210] ? rcu_is_watching+0x19/0xb0 [ 207.897497] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.897819] ? trace_hardirqs_on+0x26/0x120 [ 207.898128] do_group_exit+0xe0/0x2b0 [ 207.898399] __x64_sys_exit_group+0x47/0x50 [ 207.898727] do_syscall_64+0x3b/0x90 [ 207.898999] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.899374] RIP: 0033:0x7f4b87518a4d [ 207.899639] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.900068] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.900597] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.901092] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.901587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.902089] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.902606] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.903118] [ 207.903287] irq event stamp: 0 [ 207.903513] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.903958] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.904556] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.905146] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.905591] ---[ end trace 0000000000000000 ]--- [ 207.906223] ------------[ cut here ]------------ [ 207.906589] WARNING: CPU: 0 PID: 1981 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.907341] Modules linked in: [ 207.907576] CPU: 0 PID: 1981 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.908205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.909018] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.909391] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 207.910714] RSP: 0018:ffff888013697b78 EFLAGS: 00010246 [ 207.911103] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 207.911623] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 207.912130] RBP: ffff888013697b98 R08: ffffed10028f303e R09: ffffed10028f303e [ 207.912644] R10: ffff8880147981ef R11: ffffed10028f303d R12: ffff888014798290 [ 207.913154] R13: ffff8880147980a8 R14: ffffffffffffffff R15: ffff888013697c60 [ 207.913670] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.914267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.914713] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 207.915244] PKRU: 55555554 [ 207.915455] Call Trace: [ 207.915644] [ 207.915813] iommufd_ioas_destroy+0x53/0x70 [ 207.916136] iommufd_fops_release+0x1f7/0x370 [ 207.916474] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.916850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.917220] ? write_comp_data+0x2f/0x90 [ 207.917539] ? __pfx_iommufd_fops_release+0x10/0x10 [ 207.917915] __fput+0x26d/0xa40 [ 207.918174] ____fput+0x1e/0x30 [ 207.918425] task_work_run+0x1a4/0x2d0 [ 207.918739] ? __pfx_task_work_run+0x10/0x10 [ 207.919071] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.919454] ? switch_task_namespaces+0xa9/0xe0 [ 207.919809] do_exit+0xb17/0x2ef0 [ 207.920068] ? lock_acquire+0x427/0x4c0 [ 207.920372] ? __pfx_lock_release+0x10/0x10 [ 207.920699] ? __kasan_check_write+0x18/0x20 [ 207.921031] ? do_raw_spin_lock+0x132/0x2a0 [ 207.921357] ? __pfx_do_exit+0x10/0x10 [ 207.921655] ? debug_smp_processor_id+0x20/0x30 [ 207.922011] ? rcu_is_watching+0x19/0xb0 [ 207.922321] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.922688] ? trace_hardirqs_on+0x26/0x120 [ 207.923022] do_group_exit+0xe0/0x2b0 [ 207.923322] __x64_sys_exit_group+0x47/0x50 [ 207.923655] do_syscall_64+0x3b/0x90 [ 207.923952] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.924352] RIP: 0033:0x7f4b87518a4d [ 207.924632] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.925094] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.925661] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.926194] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.926751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.927305] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.927851] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.928400] [ 207.928581] irq event stamp: 0 [ 207.928823] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.929301] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.929940] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.930596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.931081] ---[ end trace 0000000000000000 ]--- [ 207.935864] ------------[ cut here ]------------ [ 207.936265] WARNING: CPU: 0 PID: 1982 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.937049] Modules linked in: [ 207.937298] CPU: 0 PID: 1982 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.937974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.938890] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.939289] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.940701] RSP: 0018:ffff888016d1fbb8 EFLAGS: 00010246 [ 207.941116] RAX: 0000000000000000 RBX: ffff888023c8a8a8 RCX: 0000000000000000 [ 207.941667] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 207.942214] RBP: ffff888016d1fbd0 R08: ffffed1004791533 R09: ffffed1004791533 [ 207.942793] R10: ffff888023c8a993 R11: ffffed1004791532 R12: ffff88801341f000 [ 207.943357] R13: ffff888023c8a9e8 R14: ffffffff8352e670 R15: ffff888016d1fe68 [ 207.943912] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.944535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.944984] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 207.945539] PKRU: 55555554 [ 207.945762] Call Trace: [ 207.945964] [ 207.946142] __iommufd_access_detach+0x1c2/0x2b0 [ 207.946543] iommufd_access_change_pt+0x149/0x270 [ 207.946934] iommufd_access_replace+0xb4/0x120 [ 207.947315] iommufd_test+0x3e5/0x37e0 [ 207.947626] ? lock_release+0x532/0x770 [ 207.947971] ? __might_fault+0x102/0x1b0 [ 207.948323] ? lock_acquire+0x427/0x4c0 [ 207.948672] ? __pfx_iommufd_test+0x10/0x10 [ 207.949040] ? __pfx_lock_release+0x10/0x10 [ 207.949414] ? __pfx_lock_acquire+0x10/0x10 [ 207.949783] ? write_comp_data+0x2f/0x90 [ 207.950136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.950579] ? write_comp_data+0x2f/0x90 [ 207.950932] iommufd_fops_ioctl+0x37d/0x510 [ 207.951305] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.951718] ? write_comp_data+0x2f/0x90 [ 207.952065] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 207.952472] __x64_sys_ioctl+0x1a3/0x230 [ 207.952825] do_syscall_64+0x3b/0x90 [ 207.953144] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.953579] RIP: 0033:0x7f4b8743ee5d [ 207.953890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 207.955426] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 207.956058] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 207.956641] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 207.957224] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 207.957807] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 207.958389] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 207.959009] [ 207.959211] irq event stamp: 0 [ 207.959473] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.959992] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.960681] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.961367] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.961884] ---[ end trace 0000000000000000 ]--- [ 207.964768] ------------[ cut here ]------------ [ 207.965198] WARNING: CPU: 0 PID: 1982 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 207.966068] Modules linked in: [ 207.966346] CPU: 0 PID: 1982 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.967359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.968328] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 207.968758] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 207.970317] RSP: 0018:ffff888016d1fbd0 EFLAGS: 00010246 [ 207.970811] RAX: 0000000000000000 RBX: ffff888023c8a8a8 RCX: 0000000000000000 [ 207.971449] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 207.972071] RBP: ffff888016d1fbe8 R08: ffffed1004791533 R09: ffffed1004791533 [ 207.972693] R10: ffff888023c8a993 R11: ffffed1004791532 R12: ffff888012c06c00 [ 207.973313] R13: ffff888023c8a9e8 R14: ffff88801663f500 R15: 0000000000000000 [ 207.973937] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 207.974672] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 207.975185] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 207.975810] PKRU: 55555554 [ 207.976062] Call Trace: [ 207.976289] [ 207.976490] iommufd_access_destroy_object+0x65/0x170 [ 207.976954] iommufd_object_destroy_user+0x18e/0x220 [ 207.977401] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 207.977913] iommufd_access_destroy+0x43/0x70 [ 207.978315] iommufd_test_staccess_release+0x8d/0xd0 [ 207.978802] __fput+0x26d/0xa40 [ 207.979121] ____fput+0x1e/0x30 [ 207.979427] task_work_run+0x1a4/0x2d0 [ 207.979788] ? __pfx_task_work_run+0x10/0x10 [ 207.980179] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 207.980614] ? switch_task_namespaces+0xa9/0xe0 [ 207.981039] do_exit+0xb17/0x2ef0 [ 207.981352] ? lock_acquire+0x427/0x4c0 [ 207.981713] ? __pfx_lock_release+0x10/0x10 [ 207.982100] ? __kasan_check_write+0x18/0x20 [ 207.982497] ? do_raw_spin_lock+0x132/0x2a0 [ 207.982926] ? __pfx_do_exit+0x10/0x10 [ 207.983295] ? debug_smp_processor_id+0x20/0x30 [ 207.983713] ? rcu_is_watching+0x19/0xb0 [ 207.984078] ? _raw_spin_unlock_irq+0x2b/0x60 [ 207.984484] ? trace_hardirqs_on+0x26/0x120 [ 207.984872] do_group_exit+0xe0/0x2b0 [ 207.985212] __x64_sys_exit_group+0x47/0x50 [ 207.985591] do_syscall_64+0x3b/0x90 [ 207.985925] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 207.986382] RIP: 0033:0x7f4b87518a4d [ 207.986749] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 207.987303] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 207.987975] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 207.988596] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 207.989218] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 207.989833] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 207.990469] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 207.991174] [ 207.991398] irq event stamp: 0 [ 207.991694] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 207.992281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 207.993058] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 207.993829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 207.994413] ---[ end trace 0000000000000000 ]--- [ 207.995465] ------------[ cut here ]------------ [ 207.995911] WARNING: CPU: 0 PID: 1982 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 207.996846] Modules linked in: [ 207.997151] CPU: 0 PID: 1982 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 207.997950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 207.999419] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 207.999899] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.001533] RSP: 0018:ffff888016d1fb78 EFLAGS: 00010246 [ 208.002014] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.002685] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 208.003348] RBP: ffff888016d1fb98 R08: ffffed100479153e R09: ffffed100479153e [ 208.003996] R10: ffff888023c8a9ef R11: ffffed100479153d R12: ffff888023c8aa90 [ 208.004649] R13: ffff888023c8a8a8 R14: ffffffffffffffff R15: ffff888016d1fc60 [ 208.005312] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.006056] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.006639] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 208.007316] PKRU: 55555554 [ 208.007584] Call Trace: [ 208.007822] [ 208.008032] iommufd_ioas_destroy+0x53/0x70 [ 208.008445] iommufd_fops_release+0x1f7/0x370 [ 208.008874] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.009339] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.009802] ? write_comp_data+0x2f/0x90 [ 208.010192] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.010705] __fput+0x26d/0xa40 [ 208.011046] ____fput+0x1e/0x30 [ 208.011386] task_work_run+0x1a4/0x2d0 [ 208.011764] ? __pfx_task_work_run+0x10/0x10 [ 208.012188] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.012647] ? switch_task_namespaces+0xa9/0xe0 [ 208.013095] do_exit+0xb17/0x2ef0 [ 208.013428] ? lock_acquire+0x427/0x4c0 [ 208.013814] ? __pfx_lock_release+0x10/0x10 [ 208.014230] ? __kasan_check_write+0x18/0x20 [ 208.014695] ? do_raw_spin_lock+0x132/0x2a0 [ 208.015109] ? __pfx_do_exit+0x10/0x10 [ 208.015503] ? debug_smp_processor_id+0x20/0x30 [ 208.015949] ? rcu_is_watching+0x19/0xb0 [ 208.016332] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.016767] ? trace_hardirqs_on+0x26/0x120 [ 208.017185] do_group_exit+0xe0/0x2b0 [ 208.017549] __x64_sys_exit_group+0x47/0x50 [ 208.017958] do_syscall_64+0x3b/0x90 [ 208.018322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.018846] RIP: 0033:0x7f4b87518a4d [ 208.019205] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.019790] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.020504] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.021179] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.021840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.022497] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.023196] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.023875] [ 208.024096] irq event stamp: 0 [ 208.024402] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.024988] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.025777] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.026593] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.027195] ---[ end trace 0000000000000000 ]--- [ 208.032293] ------------[ cut here ]------------ [ 208.032767] WARNING: CPU: 0 PID: 1983 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.033720] Modules linked in: [ 208.034021] CPU: 0 PID: 1983 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.034892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.035993] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.036710] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.038439] RSP: 0018:ffff888013697bb8 EFLAGS: 00010246 [ 208.039016] RAX: 0000000000000000 RBX: ffff888023ebe8a8 RCX: 0000000000000000 [ 208.039706] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 208.040515] RBP: ffff888013697bd0 R08: ffffed10047d7d33 R09: ffffed10047d7d33 [ 208.041339] R10: ffff888023ebe993 R11: ffffed10047d7d32 R12: ffff888013642800 [ 208.042022] R13: ffff888023ebe9e8 R14: ffffffff8352e670 R15: ffff888013697e68 [ 208.042739] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.043526] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.044079] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 208.045027] PKRU: 55555554 [ 208.045312] Call Trace: [ 208.045578] [ 208.045816] __iommufd_access_detach+0x1c2/0x2b0 [ 208.046330] iommufd_access_change_pt+0x149/0x270 [ 208.046889] iommufd_access_replace+0xb4/0x120 [ 208.047396] iommufd_test+0x3e5/0x37e0 [ 208.047808] ? lock_release+0x532/0x770 [ 208.048236] ? __might_fault+0x102/0x1b0 [ 208.048719] ? lock_acquire+0x427/0x4c0 [ 208.049433] ? __pfx_iommufd_test+0x10/0x10 [ 208.049891] ? __pfx_lock_release+0x10/0x10 [ 208.050350] ? __pfx_lock_acquire+0x10/0x10 [ 208.050851] ? write_comp_data+0x2f/0x90 [ 208.051298] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.051807] ? write_comp_data+0x2f/0x90 [ 208.052245] iommufd_fops_ioctl+0x37d/0x510 [ 208.052719] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.053277] ? write_comp_data+0x2f/0x90 [ 208.053854] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.054564] __x64_sys_ioctl+0x1a3/0x230 [ 208.055005] do_syscall_64+0x3b/0x90 [ 208.055421] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.055964] RIP: 0033:0x7f4b8743ee5d [ 208.056353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 208.058403] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 208.059588] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 208.060323] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 208.061057] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 208.061787] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 208.062555] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 208.063316] [ 208.063790] irq event stamp: 0 [ 208.064320] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.064972] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.065828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.066751] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.067422] ---[ end trace 0000000000000000 ]--- [ 208.070964] ------------[ cut here ]------------ [ 208.071539] WARNING: CPU: 0 PID: 1983 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.072955] Modules linked in: [ 208.073459] CPU: 0 PID: 1983 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.074360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.075643] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.076186] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.078598] RSP: 0018:ffff888013697bd0 EFLAGS: 00010246 [ 208.079168] RAX: 0000000000000000 RBX: ffff888023ebe8a8 RCX: 0000000000000000 [ 208.079901] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 208.080646] RBP: ffff888013697be8 R08: ffffed10047d7d33 R09: ffffed10047d7d33 [ 208.081409] R10: ffff888023ebe993 R11: ffffed10047d7d32 R12: ffff88801341d000 [ 208.082166] R13: ffff888023ebe9e8 R14: ffff88800f188800 R15: 0000000000000000 [ 208.082955] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.083813] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.084420] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 208.085162] PKRU: 55555554 [ 208.085463] Call Trace: [ 208.085727] [ 208.085963] iommufd_access_destroy_object+0x65/0x170 [ 208.086546] iommufd_object_destroy_user+0x18e/0x220 [ 208.087084] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 208.087697] iommufd_access_destroy+0x43/0x70 [ 208.088178] iommufd_test_staccess_release+0x8d/0xd0 [ 208.088715] __fput+0x26d/0xa40 [ 208.089078] ____fput+0x1e/0x30 [ 208.089432] task_work_run+0x1a4/0x2d0 [ 208.089850] ? __pfx_task_work_run+0x10/0x10 [ 208.090317] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.090876] ? switch_task_namespaces+0xa9/0xe0 [ 208.091384] do_exit+0xb17/0x2ef0 [ 208.091751] ? lock_acquire+0x427/0x4c0 [ 208.092178] ? __pfx_lock_release+0x10/0x10 [ 208.092635] ? __kasan_check_write+0x18/0x20 [ 208.093106] ? do_raw_spin_lock+0x132/0x2a0 [ 208.093560] ? __pfx_do_exit+0x10/0x10 [ 208.093969] ? debug_smp_processor_id+0x20/0x30 [ 208.094456] ? rcu_is_watching+0x19/0xb0 [ 208.094927] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.095427] ? trace_hardirqs_on+0x26/0x120 [ 208.095891] do_group_exit+0xe0/0x2b0 [ 208.096291] __x64_sys_exit_group+0x47/0x50 [ 208.096740] do_syscall_64+0x3b/0x90 [ 208.097143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.097714] RIP: 0033:0x7f4b87518a4d [ 208.098119] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.098815] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.099623] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.100367] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.101107] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.101852] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.102648] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.103443] [ 208.103699] irq event stamp: 0 [ 208.104047] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.104716] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.105605] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.106480] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.107197] ---[ end trace 0000000000000000 ]--- [ 208.108609] ------------[ cut here ]------------ [ 208.109318] WARNING: CPU: 1 PID: 1983 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 208.110858] Modules linked in: [ 208.111554] CPU: 1 PID: 1983 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.112740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.114632] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 208.115376] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.117995] RSP: 0018:ffff888013697b78 EFLAGS: 00010246 [ 208.118955] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.119939] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 208.121012] RBP: ffff888013697b98 R08: ffffed10047d7d3e R09: ffffed10047d7d3e [ 208.122049] R10: ffff888023ebe9ef R11: ffffed10047d7d3d R12: ffff888023ebea90 [ 208.123078] R13: ffff888023ebe8a8 R14: ffffffffffffffff R15: ffff888013697c60 [ 208.124277] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.125370] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.126329] CR2: 00007f82e2ae4000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 208.127355] PKRU: 55555554 [ 208.127750] Call Trace: [ 208.128106] [ 208.128528] iommufd_ioas_destroy+0x53/0x70 [ 208.129263] iommufd_fops_release+0x1f7/0x370 [ 208.129894] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.130625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.131494] ? write_comp_data+0x2f/0x90 [ 208.132066] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.132755] __fput+0x26d/0xa40 [ 208.133345] ____fput+0x1e/0x30 [ 208.133923] task_work_run+0x1a4/0x2d0 [ 208.134474] ? __pfx_task_work_run+0x10/0x10 [ 208.135159] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.135841] ? switch_task_namespaces+0xa9/0xe0 [ 208.136504] do_exit+0xb17/0x2ef0 [ 208.137094] ? lock_acquire+0x427/0x4c0 [ 208.137772] ? __pfx_lock_release+0x10/0x10 [ 208.138373] ? __kasan_check_write+0x18/0x20 [ 208.139054] ? do_raw_spin_lock+0x132/0x2a0 [ 208.139702] ? __pfx_do_exit+0x10/0x10 [ 208.140392] ? debug_smp_processor_id+0x20/0x30 [ 208.141039] ? rcu_is_watching+0x19/0xb0 [ 208.141608] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.142340] ? trace_hardirqs_on+0x26/0x120 [ 208.143051] do_group_exit+0xe0/0x2b0 [ 208.143614] __x64_sys_exit_group+0x47/0x50 [ 208.144210] do_syscall_64+0x3b/0x90 [ 208.144740] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.145649] RIP: 0033:0x7f4b87518a4d [ 208.146165] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.147070] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.148351] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.149320] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.150389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.151533] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.152507] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.153684] [ 208.154008] irq event stamp: 0 [ 208.154444] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.155458] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.156658] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.157851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.158869] ---[ end trace 0000000000000000 ]--- [ 208.167543] ------------[ cut here ]------------ [ 208.168245] WARNING: CPU: 1 PID: 1984 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.169821] Modules linked in: [ 208.170264] CPU: 1 PID: 1984 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.171559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.173254] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.173939] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.176621] RSP: 0018:ffff88800fb6fbb8 EFLAGS: 00010246 [ 208.177484] RAX: 0000000000000000 RBX: ffff88800ea278a8 RCX: 0000000000000000 [ 208.178446] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 208.179669] RBP: ffff88800fb6fbd0 R08: ffffed1001d44f33 R09: ffffed1001d44f33 [ 208.180606] R10: ffff88800ea27993 R11: ffffed1001d44f32 R12: ffff888020fec400 [ 208.181567] R13: ffff88800ea279e8 R14: ffffffff8352e670 R15: ffff88800fb6fe68 [ 208.182709] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.183790] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.184753] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 208.185688] PKRU: 55555554 [ 208.186072] Call Trace: [ 208.186415] [ 208.186816] __iommufd_access_detach+0x1c2/0x2b0 [ 208.187593] iommufd_access_change_pt+0x149/0x270 [ 208.188258] iommufd_access_replace+0xb4/0x120 [ 208.188889] iommufd_test+0x3e5/0x37e0 [ 208.189611] ? lock_release+0x532/0x770 [ 208.190176] ? __might_fault+0x102/0x1b0 [ 208.190823] ? lock_acquire+0x427/0x4c0 [ 208.191467] ? __pfx_iommufd_test+0x10/0x10 [ 208.192192] ? __pfx_lock_release+0x10/0x10 [ 208.192856] ? __pfx_lock_acquire+0x10/0x10 [ 208.193469] ? write_comp_data+0x2f/0x90 [ 208.194054] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.194985] ? write_comp_data+0x2f/0x90 [ 208.195606] iommufd_fops_ioctl+0x37d/0x510 [ 208.196220] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.197002] ? write_comp_data+0x2f/0x90 [ 208.197704] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.198373] __x64_sys_ioctl+0x1a3/0x230 [ 208.199020] do_syscall_64+0x3b/0x90 [ 208.199715] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.200560] RIP: 0033:0x7f4b8743ee5d [ 208.201090] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 208.203826] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 208.205073] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 208.206009] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 208.207096] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 208.208168] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 208.209102] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 208.210249] [ 208.210620] irq event stamp: 0 [ 208.211047] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.211896] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.213213] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.214312] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.215440] ---[ end trace 0000000000000000 ]--- [ 208.220878] ------------[ cut here ]------------ [ 208.221552] WARNING: CPU: 1 PID: 1984 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.223177] Modules linked in: [ 208.223635] CPU: 1 PID: 1984 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.224942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.226595] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.227311] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.230075] RSP: 0018:ffff88800fb6fbd0 EFLAGS: 00010246 [ 208.231076] RAX: 0000000000000000 RBX: ffff88800ea278a8 RCX: 0000000000000000 [ 208.232099] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 208.233287] RBP: ffff88800fb6fbe8 R08: ffffed1001d44f33 R09: ffffed1001d44f33 [ 208.234267] R10: ffff88800ea27993 R11: ffffed1001d44f32 R12: ffff88801226c400 [ 208.235513] R13: ffff88800ea279e8 R14: ffff888012c78c00 R15: 0000000000000000 [ 208.236483] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.237582] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.238631] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 208.239632] PKRU: 55555554 [ 208.240027] Call Trace: [ 208.240388] [ 208.240836] iommufd_access_destroy_object+0x65/0x170 [ 208.241655] iommufd_object_destroy_user+0x18e/0x220 [ 208.242363] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 208.243366] iommufd_access_destroy+0x43/0x70 [ 208.244043] iommufd_test_staccess_release+0x8d/0xd0 [ 208.244756] __fput+0x26d/0xa40 [ 208.245263] ____fput+0x1e/0x30 [ 208.245873] task_work_run+0x1a4/0x2d0 [ 208.246424] ? __pfx_task_work_run+0x10/0x10 [ 208.247077] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.247876] ? switch_task_namespaces+0xa9/0xe0 [ 208.248632] do_exit+0xb17/0x2ef0 [ 208.249120] ? lock_acquire+0x427/0x4c0 [ 208.249686] ? __pfx_lock_release+0x10/0x10 [ 208.250397] ? __kasan_check_write+0x18/0x20 [ 208.251152] ? do_raw_spin_lock+0x132/0x2a0 [ 208.251767] ? __pfx_do_exit+0x10/0x10 [ 208.252319] ? debug_smp_processor_id+0x20/0x30 [ 208.253012] ? rcu_is_watching+0x19/0xb0 [ 208.253698] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.254330] ? trace_hardirqs_on+0x26/0x120 [ 208.254981] do_group_exit+0xe0/0x2b0 [ 208.255567] __x64_sys_exit_group+0x47/0x50 [ 208.256357] do_syscall_64+0x3b/0x90 [ 208.256884] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.257605] RIP: 0033:0x7f4b87518a4d [ 208.258115] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.259002] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.260109] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.261225] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.262191] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.263221] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.264369] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.265355] [ 208.265681] irq event stamp: 0 [ 208.266119] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.267022] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.268182] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.269337] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.270200] ---[ end trace 0000000000000000 ]--- [ 208.271896] ------------[ cut here ]------------ [ 208.272776] WARNING: CPU: 1 PID: 1984 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 208.274180] Modules linked in: [ 208.274814] CPU: 1 PID: 1984 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.276039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.277849] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 208.278740] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.281360] RSP: 0018:ffff88800fb6fb78 EFLAGS: 00010246 [ 208.282092] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.283185] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 208.284244] RBP: ffff88800fb6fb98 R08: ffffed1001d44f3e R09: ffffed1001d44f3e [ 208.285214] R10: ffff88800ea279ef R11: ffffed1001d44f3d R12: ffff88800ea27a90 [ 208.286178] R13: ffff88800ea278a8 R14: ffffffffffffffff R15: ffff88800fb6fc60 [ 208.287222] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.288484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.289278] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 208.290252] PKRU: 55555554 [ 208.290714] Call Trace: [ 208.291070] [ 208.291411] iommufd_ioas_destroy+0x53/0x70 [ 208.292070] iommufd_fops_release+0x1f7/0x370 [ 208.292834] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.293524] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.294202] ? write_comp_data+0x2f/0x90 [ 208.294842] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.295562] __fput+0x26d/0xa40 [ 208.296046] ____fput+0x1e/0x30 [ 208.296516] task_work_run+0x1a4/0x2d0 [ 208.297242] ? __pfx_task_work_run+0x10/0x10 [ 208.297859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.298600] ? switch_task_namespaces+0xa9/0xe0 [ 208.299282] do_exit+0xb17/0x2ef0 [ 208.299765] ? lock_acquire+0x427/0x4c0 [ 208.300327] ? __pfx_lock_release+0x10/0x10 [ 208.300932] ? __kasan_check_write+0x18/0x20 [ 208.301766] ? do_raw_spin_lock+0x132/0x2a0 [ 208.302363] ? __pfx_do_exit+0x10/0x10 [ 208.302973] ? debug_smp_processor_id+0x20/0x30 [ 208.303640] ? rcu_is_watching+0x19/0xb0 [ 208.304206] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.304832] ? trace_hardirqs_on+0x26/0x120 [ 208.305468] do_group_exit+0xe0/0x2b0 [ 208.306132] __x64_sys_exit_group+0x47/0x50 [ 208.306782] do_syscall_64+0x3b/0x90 [ 208.307332] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.308045] RIP: 0033:0x7f4b87518a4d [ 208.308550] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.309596] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.310677] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.311656] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.312712] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.313761] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.314778] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.315780] [ 208.316103] irq event stamp: 0 [ 208.316538] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.317395] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.318612] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.319767] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.320617] ---[ end trace 0000000000000000 ]--- [ 208.327754] ------------[ cut here ]------------ [ 208.328431] WARNING: CPU: 1 PID: 1985 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.329796] Modules linked in: [ 208.330235] CPU: 1 PID: 1985 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.331490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.332999] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.333673] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.336170] RSP: 0018:ffff8880103f7bb8 EFLAGS: 00010246 [ 208.336894] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 208.337852] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 208.338848] RBP: ffff8880103f7bd0 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 208.339821] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff888014582c00 [ 208.340782] R13: ffff888017a461e8 R14: ffffffff8352e670 R15: ffff8880103f7e68 [ 208.341740] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.342858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.343659] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 208.344621] PKRU: 55555554 [ 208.345003] Call Trace: [ 208.345343] [ 208.345648] __iommufd_access_detach+0x1c2/0x2b0 [ 208.346295] iommufd_access_change_pt+0x149/0x270 [ 208.347012] iommufd_access_replace+0xb4/0x120 [ 208.347677] iommufd_test+0x3e5/0x37e0 [ 208.348210] ? lock_release+0x532/0x770 [ 208.348764] ? __might_fault+0x102/0x1b0 [ 208.349305] ? lock_acquire+0x427/0x4c0 [ 208.349852] ? __pfx_iommufd_test+0x10/0x10 [ 208.350420] ? __pfx_lock_release+0x10/0x10 [ 208.351056] ? __pfx_lock_acquire+0x10/0x10 [ 208.351699] ? write_comp_data+0x2f/0x90 [ 208.352273] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.352928] ? write_comp_data+0x2f/0x90 [ 208.353484] iommufd_fops_ioctl+0x37d/0x510 [ 208.354063] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.354789] ? write_comp_data+0x2f/0x90 [ 208.355396] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.356049] __x64_sys_ioctl+0x1a3/0x230 [ 208.356608] do_syscall_64+0x3b/0x90 [ 208.357103] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.357775] RIP: 0033:0x7f4b8743ee5d [ 208.358254] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 208.360577] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 208.361542] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 208.362440] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 208.363380] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 208.364279] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 208.365147] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 208.366022] [ 208.366326] irq event stamp: 0 [ 208.366760] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.367587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.368608] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.369615] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.370380] ---[ end trace 0000000000000000 ]--- [ 208.375073] ------------[ cut here ]------------ [ 208.375677] WARNING: CPU: 1 PID: 1985 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.376872] Modules linked in: [ 208.377260] CPU: 1 PID: 1985 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.378289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.379671] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.380280] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.382418] RSP: 0018:ffff8880103f7bd0 EFLAGS: 00010246 [ 208.383085] RAX: 0000000000000000 RBX: ffff888017a460a8 RCX: 0000000000000000 [ 208.383958] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 208.384808] RBP: ffff8880103f7be8 R08: ffffed1002f48c33 R09: ffffed1002f48c33 [ 208.385648] R10: ffff888017a46193 R11: ffffed1002f48c32 R12: ffff888020fec000 [ 208.386494] R13: ffff888017a461e8 R14: ffff888018b85300 R15: 0000000000000000 [ 208.387411] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.388339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.389007] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 208.389827] PKRU: 55555554 [ 208.390158] Call Trace: [ 208.390460] [ 208.390759] iommufd_access_destroy_object+0x65/0x170 [ 208.391395] iommufd_object_destroy_user+0x18e/0x220 [ 208.391998] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 208.392665] iommufd_access_destroy+0x43/0x70 [ 208.393190] iommufd_test_staccess_release+0x8d/0xd0 [ 208.393779] __fput+0x26d/0xa40 [ 208.394179] ____fput+0x1e/0x30 [ 208.394610] task_work_run+0x1a4/0x2d0 [ 208.395073] ? __pfx_task_work_run+0x10/0x10 [ 208.395599] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.396164] ? switch_task_namespaces+0xa9/0xe0 [ 208.396710] do_exit+0xb17/0x2ef0 [ 208.397109] ? lock_acquire+0x427/0x4c0 [ 208.397576] ? __pfx_lock_release+0x10/0x10 [ 208.398077] ? __kasan_check_write+0x18/0x20 [ 208.398621] ? do_raw_spin_lock+0x132/0x2a0 [ 208.399129] ? __pfx_do_exit+0x10/0x10 [ 208.399590] ? debug_smp_processor_id+0x20/0x30 [ 208.400125] ? rcu_is_watching+0x19/0xb0 [ 208.400591] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.401117] ? trace_hardirqs_on+0x26/0x120 [ 208.401616] do_group_exit+0xe0/0x2b0 [ 208.402055] __x64_sys_exit_group+0x47/0x50 [ 208.402579] do_syscall_64+0x3b/0x90 [ 208.403020] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.403629] RIP: 0033:0x7f4b87518a4d [ 208.404054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.404746] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.405594] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.406394] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.407279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.407861] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.408433] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.409014] [ 208.409203] irq event stamp: 0 [ 208.409457] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.409969] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.410660] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.411343] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.411851] ---[ end trace 0000000000000000 ]--- [ 208.412574] ------------[ cut here ]------------ [ 208.412950] WARNING: CPU: 1 PID: 1985 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 208.413770] Modules linked in: [ 208.414032] CPU: 1 PID: 1985 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.414757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.415681] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 208.416100] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.417566] RSP: 0018:ffff8880103f7b78 EFLAGS: 00010246 [ 208.417996] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.418586] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 208.419173] RBP: ffff8880103f7b98 R08: ffffed1002f48c3e R09: ffffed1002f48c3e [ 208.419749] R10: ffff888017a461ef R11: ffffed1002f48c3d R12: ffff888017a46290 [ 208.420324] R13: ffff888017a460a8 R14: ffffffffffffffff R15: ffff8880103f7c60 [ 208.420901] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.421546] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.422013] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 208.422617] PKRU: 55555554 [ 208.422849] Call Trace: [ 208.423059] [ 208.423249] iommufd_ioas_destroy+0x53/0x70 [ 208.423608] iommufd_fops_release+0x1f7/0x370 [ 208.423980] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.424388] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.424796] ? write_comp_data+0x2f/0x90 [ 208.425133] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.425540] __fput+0x26d/0xa40 [ 208.425824] ____fput+0x1e/0x30 [ 208.426101] task_work_run+0x1a4/0x2d0 [ 208.426426] ? __pfx_task_work_run+0x10/0x10 [ 208.426795] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.427192] ? switch_task_namespaces+0xa9/0xe0 [ 208.427574] do_exit+0xb17/0x2ef0 [ 208.427848] ? lock_acquire+0x427/0x4c0 [ 208.428169] ? __pfx_lock_release+0x10/0x10 [ 208.428513] ? __kasan_check_write+0x18/0x20 [ 208.428864] ? do_raw_spin_lock+0x132/0x2a0 [ 208.429205] ? __pfx_do_exit+0x10/0x10 [ 208.429523] ? debug_smp_processor_id+0x20/0x30 [ 208.429893] ? rcu_is_watching+0x19/0xb0 [ 208.430217] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.430603] ? trace_hardirqs_on+0x26/0x120 [ 208.430953] do_group_exit+0xe0/0x2b0 [ 208.431264] __x64_sys_exit_group+0x47/0x50 [ 208.431603] do_syscall_64+0x3b/0x90 [ 208.431906] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.432323] RIP: 0033:0x7f4b87518a4d [ 208.432617] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.433098] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.433694] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.434254] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.434829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.435395] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.435951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.436511] [ 208.436695] irq event stamp: 0 [ 208.436943] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.437440] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.438092] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.438757] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.439255] ---[ end trace 0000000000000000 ]--- [ 208.443553] ------------[ cut here ]------------ [ 208.443953] WARNING: CPU: 1 PID: 1986 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.444731] Modules linked in: [ 208.444977] CPU: 1 PID: 1986 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.445647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.446669] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.447053] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.448460] RSP: 0018:ffff888018a17bb8 EFLAGS: 00010246 [ 208.448867] RAX: 0000000000000000 RBX: ffff88800b9fb8a8 RCX: 0000000000000000 [ 208.449411] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 208.449959] RBP: ffff888018a17bd0 R08: ffffed100173f733 R09: ffffed100173f733 [ 208.450531] R10: ffff88800b9fb993 R11: ffffed100173f732 R12: ffff88800b9b5c00 [ 208.451080] R13: ffff88800b9fb9e8 R14: ffffffff8352e670 R15: ffff888018a17e68 [ 208.451633] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.452248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.452696] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 208.453245] PKRU: 55555554 [ 208.453463] Call Trace: [ 208.453661] [ 208.453834] __iommufd_access_detach+0x1c2/0x2b0 [ 208.454213] iommufd_access_change_pt+0x149/0x270 [ 208.454614] iommufd_access_replace+0xb4/0x120 [ 208.454980] iommufd_test+0x3e5/0x37e0 [ 208.455291] ? lock_release+0x532/0x770 [ 208.455611] ? __might_fault+0x102/0x1b0 [ 208.455931] ? lock_acquire+0x427/0x4c0 [ 208.456248] ? __pfx_iommufd_test+0x10/0x10 [ 208.456583] ? __pfx_lock_release+0x10/0x10 [ 208.456925] ? __pfx_lock_acquire+0x10/0x10 [ 208.457266] ? write_comp_data+0x2f/0x90 [ 208.457590] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.457972] ? write_comp_data+0x2f/0x90 [ 208.458297] iommufd_fops_ioctl+0x37d/0x510 [ 208.458653] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.459044] ? write_comp_data+0x2f/0x90 [ 208.459379] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.459765] __x64_sys_ioctl+0x1a3/0x230 [ 208.460088] do_syscall_64+0x3b/0x90 [ 208.460387] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.460797] RIP: 0033:0x7f4b8743ee5d [ 208.461087] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 208.462494] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 208.463098] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 208.463649] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 208.464199] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 208.464744] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 208.465291] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 208.465849] [ 208.466030] irq event stamp: 0 [ 208.466274] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.466776] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.467429] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.468068] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.468551] ---[ end trace 0000000000000000 ]--- [ 208.471280] ------------[ cut here ]------------ [ 208.471675] WARNING: CPU: 1 PID: 1986 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.472452] Modules linked in: [ 208.472700] CPU: 1 PID: 1986 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.473368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.474231] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.474686] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.476098] RSP: 0018:ffff888018a17bd0 EFLAGS: 00010246 [ 208.476510] RAX: 0000000000000000 RBX: ffff88800b9fb8a8 RCX: 0000000000000000 [ 208.477059] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 208.477603] RBP: ffff888018a17be8 R08: ffffed100173f733 R09: ffffed100173f733 [ 208.478150] R10: ffff88800b9fb993 R11: ffffed100173f732 R12: ffff888014580800 [ 208.478719] R13: ffff88800b9fb9e8 R14: ffff88800f19c500 R15: 0000000000000000 [ 208.479274] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.479892] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.480341] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 208.480886] PKRU: 55555554 [ 208.481104] Call Trace: [ 208.481301] [ 208.481476] iommufd_access_destroy_object+0x65/0x170 [ 208.481880] iommufd_object_destroy_user+0x18e/0x220 [ 208.482277] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 208.482748] iommufd_access_destroy+0x43/0x70 [ 208.483105] iommufd_test_staccess_release+0x8d/0xd0 [ 208.483518] __fput+0x26d/0xa40 [ 208.483789] ____fput+0x1e/0x30 [ 208.484055] task_work_run+0x1a4/0x2d0 [ 208.484368] ? __pfx_task_work_run+0x10/0x10 [ 208.484714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.485098] ? switch_task_namespaces+0xa9/0xe0 [ 208.485467] do_exit+0xb17/0x2ef0 [ 208.485739] ? lock_acquire+0x427/0x4c0 [ 208.486055] ? __pfx_lock_release+0x10/0x10 [ 208.486398] ? __kasan_check_write+0x18/0x20 [ 208.486770] ? do_raw_spin_lock+0x132/0x2a0 [ 208.487109] ? __pfx_do_exit+0x10/0x10 [ 208.487432] ? debug_smp_processor_id+0x20/0x30 [ 208.487805] ? rcu_is_watching+0x19/0xb0 [ 208.488123] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.488479] ? trace_hardirqs_on+0x26/0x120 [ 208.488819] do_group_exit+0xe0/0x2b0 [ 208.489116] __x64_sys_exit_group+0x47/0x50 [ 208.489451] do_syscall_64+0x3b/0x90 [ 208.489747] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.490153] RIP: 0033:0x7f4b87518a4d [ 208.490440] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.490933] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.491526] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.492074] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.492620] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.493166] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.493713] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.494266] [ 208.494447] irq event stamp: 0 [ 208.494716] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.495210] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.495859] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.496508] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.496991] ---[ end trace 0000000000000000 ]--- [ 208.497673] ------------[ cut here ]------------ [ 208.498034] WARNING: CPU: 1 PID: 1986 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 208.498837] Modules linked in: [ 208.499089] CPU: 1 PID: 1986 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.499769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.500634] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 208.501032] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.502430] RSP: 0018:ffff888018a17b78 EFLAGS: 00010246 [ 208.502859] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.503419] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 208.503967] RBP: ffff888018a17b98 R08: ffffed100173f73e R09: ffffed100173f73e [ 208.504521] R10: ffff88800b9fb9ef R11: ffffed100173f73d R12: ffff88800b9fba90 [ 208.505068] R13: ffff88800b9fb8a8 R14: ffffffffffffffff R15: ffff888018a17c60 [ 208.505618] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.506245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.506712] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 208.507272] PKRU: 55555554 [ 208.507492] Call Trace: [ 208.507693] [ 208.507871] iommufd_ioas_destroy+0x53/0x70 [ 208.508212] iommufd_fops_release+0x1f7/0x370 [ 208.508568] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.508958] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.509342] ? write_comp_data+0x2f/0x90 [ 208.509667] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.510057] __fput+0x26d/0xa40 [ 208.510329] ____fput+0x1e/0x30 [ 208.510619] task_work_run+0x1a4/0x2d0 [ 208.510930] ? __pfx_task_work_run+0x10/0x10 [ 208.511285] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.511673] ? switch_task_namespaces+0xa9/0xe0 [ 208.512049] do_exit+0xb17/0x2ef0 [ 208.512320] ? lock_acquire+0x427/0x4c0 [ 208.512639] ? __pfx_lock_release+0x10/0x10 [ 208.512979] ? __kasan_check_write+0x18/0x20 [ 208.513327] ? do_raw_spin_lock+0x132/0x2a0 [ 208.513665] ? __pfx_do_exit+0x10/0x10 [ 208.513976] ? debug_smp_processor_id+0x20/0x30 [ 208.514343] ? rcu_is_watching+0x19/0xb0 [ 208.514682] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.515040] ? trace_hardirqs_on+0x26/0x120 [ 208.515391] do_group_exit+0xe0/0x2b0 [ 208.515691] __x64_sys_exit_group+0x47/0x50 [ 208.516023] do_syscall_64+0x3b/0x90 [ 208.516320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.516727] RIP: 0033:0x7f4b87518a4d [ 208.517016] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.517491] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.518076] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.518648] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.519205] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.519758] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.520305] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.520859] [ 208.521041] irq event stamp: 0 [ 208.521288] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.521772] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.522418] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.523088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.523581] ---[ end trace 0000000000000000 ]--- [ 208.527356] ------------[ cut here ]------------ [ 208.527764] WARNING: CPU: 1 PID: 1987 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.528552] Modules linked in: [ 208.528801] CPU: 1 PID: 1987 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.529740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.530680] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.531068] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.532471] RSP: 0018:ffff8880103f7bb8 EFLAGS: 00010246 [ 208.532879] RAX: 0000000000000000 RBX: ffff8880144978a8 RCX: 0000000000000000 [ 208.533542] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 208.534085] RBP: ffff8880103f7bd0 R08: ffffed1002892f33 R09: ffffed1002892f33 [ 208.534656] R10: ffff888014497993 R11: ffffed1002892f32 R12: ffff888010c08400 [ 208.535209] R13: ffff8880144979e8 R14: ffffffff8352e670 R15: ffff8880103f7e68 [ 208.535754] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.536404] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.536935] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 208.537486] PKRU: 55555554 [ 208.537703] Call Trace: [ 208.537899] [ 208.538075] __iommufd_access_detach+0x1c2/0x2b0 [ 208.538451] iommufd_access_change_pt+0x149/0x270 [ 208.538854] iommufd_access_replace+0xb4/0x120 [ 208.539228] iommufd_test+0x3e5/0x37e0 [ 208.539536] ? lock_release+0x532/0x770 [ 208.539855] ? __might_fault+0x102/0x1b0 [ 208.540247] ? lock_acquire+0x427/0x4c0 [ 208.540611] ? __pfx_iommufd_test+0x10/0x10 [ 208.540952] ? __pfx_lock_release+0x10/0x10 [ 208.541291] ? __pfx_lock_acquire+0x10/0x10 [ 208.541634] ? write_comp_data+0x2f/0x90 [ 208.541958] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.542336] ? write_comp_data+0x2f/0x90 [ 208.542683] iommufd_fops_ioctl+0x37d/0x510 [ 208.543023] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.543413] ? write_comp_data+0x2f/0x90 [ 208.543772] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.544223] __x64_sys_ioctl+0x1a3/0x230 [ 208.544551] do_syscall_64+0x3b/0x90 [ 208.544847] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.545254] RIP: 0033:0x7f4b8743ee5d [ 208.545543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 208.547059] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 208.547655] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 208.548209] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 208.548764] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 208.549311] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 208.549860] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 208.550561] [ 208.550746] irq event stamp: 0 [ 208.550993] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.551493] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.552139] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.552782] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.553268] ---[ end trace 0000000000000000 ]--- [ 208.556313] ------------[ cut here ]------------ [ 208.556713] WARNING: CPU: 1 PID: 1987 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.557623] Modules linked in: [ 208.557872] CPU: 1 PID: 1987 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.558568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.559444] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.559830] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.561354] RSP: 0018:ffff8880103f7bd0 EFLAGS: 00010246 [ 208.561764] RAX: 0000000000000000 RBX: ffff8880144978a8 RCX: 0000000000000000 [ 208.562312] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 208.562893] RBP: ffff8880103f7be8 R08: ffffed1002892f33 R09: ffffed1002892f33 [ 208.563455] R10: ffff888014497993 R11: ffffed1002892f32 R12: ffff88800b9b4400 [ 208.564004] R13: ffff8880144979e8 R14: ffff8880178e1600 R15: 0000000000000000 [ 208.564668] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.565288] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.565737] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 208.566286] PKRU: 55555554 [ 208.566539] Call Trace: [ 208.566739] [ 208.566919] iommufd_access_destroy_object+0x65/0x170 [ 208.567333] iommufd_object_destroy_user+0x18e/0x220 [ 208.567772] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 208.568285] iommufd_access_destroy+0x43/0x70 [ 208.568643] iommufd_test_staccess_release+0x8d/0xd0 [ 208.569045] __fput+0x26d/0xa40 [ 208.569317] ____fput+0x1e/0x30 [ 208.569581] task_work_run+0x1a4/0x2d0 [ 208.569894] ? __pfx_task_work_run+0x10/0x10 [ 208.570241] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.570719] ? switch_task_namespaces+0xa9/0xe0 [ 208.571110] do_exit+0xb17/0x2ef0 [ 208.571389] ? lock_acquire+0x427/0x4c0 [ 208.571708] ? __pfx_lock_release+0x10/0x10 [ 208.572048] ? __kasan_check_write+0x18/0x20 [ 208.572395] ? do_raw_spin_lock+0x132/0x2a0 [ 208.572729] ? __pfx_do_exit+0x10/0x10 [ 208.573038] ? debug_smp_processor_id+0x20/0x30 [ 208.573402] ? rcu_is_watching+0x19/0xb0 [ 208.573722] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.574097] ? trace_hardirqs_on+0x26/0x120 [ 208.574557] do_group_exit+0xe0/0x2b0 [ 208.574858] __x64_sys_exit_group+0x47/0x50 [ 208.575202] do_syscall_64+0x3b/0x90 [ 208.575502] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.575911] RIP: 0033:0x7f4b87518a4d [ 208.576197] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.576672] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.577258] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.577877] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.578463] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.579030] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.579584] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.580141] [ 208.580322] irq event stamp: 0 [ 208.580568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.581066] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.581863] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.582557] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.583074] ---[ end trace 0000000000000000 ]--- [ 208.583830] ------------[ cut here ]------------ [ 208.584216] WARNING: CPU: 1 PID: 1987 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 208.585217] Modules linked in: [ 208.585485] CPU: 1 PID: 1987 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.586191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.587162] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 208.587591] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.589215] RSP: 0018:ffff8880103f7b78 EFLAGS: 00010246 [ 208.589652] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.590224] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 208.590880] RBP: ffff8880103f7b98 R08: ffffed1002892f3e R09: ffffed1002892f3e [ 208.591471] R10: ffff8880144979ef R11: ffffed1002892f3d R12: ffff888014497a90 [ 208.592127] R13: ffff8880144978a8 R14: ffffffffffffffff R15: ffff8880103f7c60 [ 208.592749] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.593401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.593872] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 208.594450] PKRU: 55555554 [ 208.594706] Call Trace: [ 208.594918] [ 208.595103] iommufd_ioas_destroy+0x53/0x70 [ 208.595507] iommufd_fops_release+0x1f7/0x370 [ 208.595964] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.596376] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.596784] ? write_comp_data+0x2f/0x90 [ 208.597124] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.597538] __fput+0x26d/0xa40 [ 208.597824] ____fput+0x1e/0x30 [ 208.598102] task_work_run+0x1a4/0x2d0 [ 208.598481] ? __pfx_task_work_run+0x10/0x10 [ 208.598949] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.599360] ? switch_task_namespaces+0xa9/0xe0 [ 208.599752] do_exit+0xb17/0x2ef0 [ 208.600036] ? lock_acquire+0x427/0x4c0 [ 208.600367] ? __pfx_lock_release+0x10/0x10 [ 208.600724] ? __kasan_check_write+0x18/0x20 [ 208.601089] ? do_raw_spin_lock+0x132/0x2a0 [ 208.601447] ? __pfx_do_exit+0x10/0x10 [ 208.601776] ? debug_smp_processor_id+0x20/0x30 [ 208.602192] ? rcu_is_watching+0x19/0xb0 [ 208.602637] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.603015] ? trace_hardirqs_on+0x26/0x120 [ 208.603381] do_group_exit+0xe0/0x2b0 [ 208.603695] __x64_sys_exit_group+0x47/0x50 [ 208.604044] do_syscall_64+0x3b/0x90 [ 208.604360] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.604788] RIP: 0033:0x7f4b87518a4d [ 208.605090] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.605594] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.606335] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.606937] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.607525] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.608112] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.608703] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.609290] [ 208.609484] irq event stamp: 0 [ 208.609812] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.610398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.611112] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.611802] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.612318] ---[ end trace 0000000000000000 ]--- [ 208.619445] ------------[ cut here ]------------ [ 208.620030] WARNING: CPU: 0 PID: 1988 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.621407] Modules linked in: [ 208.621993] CPU: 0 PID: 1988 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.623092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.624610] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.625183] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.627271] RSP: 0018:ffff888018a17bb8 EFLAGS: 00010246 [ 208.627886] RAX: 0000000000000000 RBX: ffff888023c890a8 RCX: 0000000000000000 [ 208.628684] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 208.629478] RBP: ffff888018a17bd0 R08: ffffed1004791233 R09: ffffed1004791233 [ 208.630271] R10: ffff888023c89193 R11: ffffed1004791232 R12: ffff888013b23400 [ 208.631101] R13: ffff888023c891e8 R14: ffffffff8352e670 R15: ffff888018a17e68 [ 208.631923] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.632820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.633470] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 208.634267] PKRU: 55555554 [ 208.634625] Call Trace: [ 208.634923] [ 208.635202] __iommufd_access_detach+0x1c2/0x2b0 [ 208.635766] iommufd_access_change_pt+0x149/0x270 [ 208.636330] iommufd_access_replace+0xb4/0x120 [ 208.636868] iommufd_test+0x3e5/0x37e0 [ 208.637317] ? lock_release+0x532/0x770 [ 208.637788] ? __might_fault+0x102/0x1b0 [ 208.638264] ? lock_acquire+0x427/0x4c0 [ 208.638772] ? __pfx_iommufd_test+0x10/0x10 [ 208.639295] ? __pfx_lock_release+0x10/0x10 [ 208.639799] ? __pfx_lock_acquire+0x10/0x10 [ 208.640304] ? write_comp_data+0x2f/0x90 [ 208.640780] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.641342] ? write_comp_data+0x2f/0x90 [ 208.641819] iommufd_fops_ioctl+0x37d/0x510 [ 208.642315] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.642930] ? write_comp_data+0x2f/0x90 [ 208.643428] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.643980] __x64_sys_ioctl+0x1a3/0x230 [ 208.644460] do_syscall_64+0x3b/0x90 [ 208.644904] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.645504] RIP: 0033:0x7f4b8743ee5d [ 208.645934] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 208.647996] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 208.648858] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 208.649663] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 208.650461] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 208.651304] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 208.652111] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 208.652922] [ 208.653193] irq event stamp: 0 [ 208.653552] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.654256] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.655230] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.656163] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.656866] ---[ end trace 0000000000000000 ]--- [ 208.662035] ------------[ cut here ]------------ [ 208.662613] WARNING: CPU: 0 PID: 1988 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.663972] Modules linked in: [ 208.664347] CPU: 0 PID: 1988 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.665527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.666818] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.667605] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.669838] RSP: 0018:ffff888018a17bd0 EFLAGS: 00010246 [ 208.670445] RAX: 0000000000000000 RBX: ffff888023c890a8 RCX: 0000000000000000 [ 208.671477] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 208.672282] RBP: ffff888018a17be8 R08: ffffed1004791233 R09: ffffed1004791233 [ 208.673295] R10: ffff888023c89193 R11: ffffed1004791232 R12: ffff888013642c00 [ 208.674098] R13: ffff888023c891e8 R14: ffff888015ac3300 R15: 0000000000000000 [ 208.675161] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.676068] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.676925] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 208.677729] PKRU: 55555554 [ 208.678055] Call Trace: [ 208.678405] [ 208.678856] iommufd_access_destroy_object+0x65/0x170 [ 208.679473] iommufd_object_destroy_user+0x18e/0x220 [ 208.680060] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 208.680933] iommufd_access_destroy+0x43/0x70 [ 208.681469] iommufd_test_staccess_release+0x8d/0xd0 [ 208.682091] __fput+0x26d/0xa40 [ 208.682671] ____fput+0x1e/0x30 [ 208.683072] task_work_run+0x1a4/0x2d0 [ 208.683544] ? __pfx_task_work_run+0x10/0x10 [ 208.684091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.684807] ? switch_task_namespaces+0xa9/0xe0 [ 208.685367] do_exit+0xb17/0x2ef0 [ 208.685791] ? lock_acquire+0x427/0x4c0 [ 208.686418] ? __pfx_lock_release+0x10/0x10 [ 208.686963] ? __kasan_check_write+0x18/0x20 [ 208.687497] ? do_raw_spin_lock+0x132/0x2a0 [ 208.688043] ? __pfx_do_exit+0x10/0x10 [ 208.688661] ? debug_smp_processor_id+0x20/0x30 [ 208.689209] ? rcu_is_watching+0x19/0xb0 [ 208.689719] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.690406] ? trace_hardirqs_on+0x26/0x120 [ 208.690957] do_group_exit+0xe0/0x2b0 [ 208.691422] __x64_sys_exit_group+0x47/0x50 [ 208.692124] do_syscall_64+0x3b/0x90 [ 208.692570] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.693170] RIP: 0033:0x7f4b87518a4d [ 208.693650] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.694461] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.695538] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.696344] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.697167] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.698082] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.698943] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.699883] [ 208.700161] irq event stamp: 0 [ 208.700525] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.701411] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.702364] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.703531] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.704257] ---[ end trace 0000000000000000 ]--- [ 208.705511] ------------[ cut here ]------------ [ 208.706050] WARNING: CPU: 0 PID: 1988 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 208.707429] Modules linked in: [ 208.707804] CPU: 0 PID: 1988 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.708960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.710220] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 208.710998] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.713216] RSP: 0018:ffff888018a17b78 EFLAGS: 00010246 [ 208.713825] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.714831] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 208.715649] RBP: ffff888018a17b98 R08: ffffed100479123e R09: ffffed100479123e [ 208.716613] R10: ffff888023c891ef R11: ffffed100479123d R12: ffff888023c89290 [ 208.717418] R13: ffff888023c890a8 R14: ffffffffffffffff R15: ffff888018a17c60 [ 208.718396] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.719358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.720197] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 208.721005] PKRU: 55555554 [ 208.721332] Call Trace: [ 208.721628] [ 208.721890] iommufd_ioas_destroy+0x53/0x70 [ 208.722394] iommufd_fops_release+0x1f7/0x370 [ 208.722957] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.723560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.724128] ? write_comp_data+0x2f/0x90 [ 208.724605] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.725177] __fput+0x26d/0xa40 [ 208.725578] ____fput+0x1e/0x30 [ 208.725972] task_work_run+0x1a4/0x2d0 [ 208.726427] ? __pfx_task_work_run+0x10/0x10 [ 208.726976] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.727562] ? switch_task_namespaces+0xa9/0xe0 [ 208.728117] do_exit+0xb17/0x2ef0 [ 208.728521] ? lock_acquire+0x427/0x4c0 [ 208.728989] ? __pfx_lock_release+0x10/0x10 [ 208.729492] ? __kasan_check_write+0x18/0x20 [ 208.729999] ? do_raw_spin_lock+0x132/0x2a0 [ 208.730492] ? __pfx_do_exit+0x10/0x10 [ 208.731023] ? debug_smp_processor_id+0x20/0x30 [ 208.731574] ? rcu_is_watching+0x19/0xb0 [ 208.732042] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.732568] ? trace_hardirqs_on+0x26/0x120 [ 208.733063] do_group_exit+0xe0/0x2b0 [ 208.733501] __x64_sys_exit_group+0x47/0x50 [ 208.733990] do_syscall_64+0x3b/0x90 [ 208.734430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.735073] RIP: 0033:0x7f4b87518a4d [ 208.735521] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.736210] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.737058] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.737858] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.738694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.739512] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.740313] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.741122] [ 208.741394] irq event stamp: 0 [ 208.741753] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.742458] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.743439] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.744377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.745084] ---[ end trace 0000000000000000 ]--- [ 208.749551] ------------[ cut here ]------------ [ 208.750025] WARNING: CPU: 0 PID: 1989 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.750984] Modules linked in: [ 208.751290] CPU: 0 PID: 1989 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.752076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.753083] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.753532] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.755382] RSP: 0018:ffff888012f4fbb8 EFLAGS: 00010246 [ 208.755863] RAX: 0000000000000000 RBX: ffff8880159a18a8 RCX: 0000000000000000 [ 208.756499] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 208.757131] RBP: ffff888012f4fbd0 R08: ffffed1002b34333 R09: ffffed1002b34333 [ 208.757773] R10: ffff8880159a1993 R11: ffffed1002b34332 R12: ffff88801890f400 [ 208.758420] R13: ffff8880159a19e8 R14: ffffffff8352e670 R15: ffff888012f4fe68 [ 208.759077] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.759802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.760318] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 208.760949] PKRU: 55555554 [ 208.761197] Call Trace: [ 208.761424] [ 208.761628] __iommufd_access_detach+0x1c2/0x2b0 [ 208.762061] iommufd_access_change_pt+0x149/0x270 [ 208.762498] iommufd_access_replace+0xb4/0x120 [ 208.762940] iommufd_test+0x3e5/0x37e0 [ 208.763296] ? lock_release+0x532/0x770 [ 208.763662] ? __might_fault+0x102/0x1b0 [ 208.764028] ? lock_acquire+0x427/0x4c0 [ 208.764386] ? __pfx_iommufd_test+0x10/0x10 [ 208.764763] ? __pfx_lock_release+0x10/0x10 [ 208.765218] ? __pfx_lock_acquire+0x10/0x10 [ 208.765605] ? write_comp_data+0x2f/0x90 [ 208.765969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.766393] ? write_comp_data+0x2f/0x90 [ 208.766782] iommufd_fops_ioctl+0x37d/0x510 [ 208.767174] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.767606] ? write_comp_data+0x2f/0x90 [ 208.767968] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.768393] __x64_sys_ioctl+0x1a3/0x230 [ 208.768760] do_syscall_64+0x3b/0x90 [ 208.769091] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.769548] RIP: 0033:0x7f4b8743ee5d [ 208.769872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 208.771495] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 208.772157] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 208.772772] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 208.773385] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 208.774003] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 208.774640] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 208.775272] [ 208.775479] irq event stamp: 0 [ 208.775756] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.776298] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.777017] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.777738] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.778279] ---[ end trace 0000000000000000 ]--- [ 208.781359] ------------[ cut here ]------------ [ 208.781805] WARNING: CPU: 0 PID: 1989 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.782723] Modules linked in: [ 208.783005] CPU: 0 PID: 1989 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.783866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.784980] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.785435] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.787215] RSP: 0018:ffff888012f4fbd0 EFLAGS: 00010246 [ 208.787689] RAX: 0000000000000000 RBX: ffff8880159a18a8 RCX: 0000000000000000 [ 208.788453] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 208.789076] RBP: ffff888012f4fbe8 R08: ffffed1002b34333 R09: ffffed1002b34333 [ 208.789741] R10: ffff8880159a1993 R11: ffffed1002b34332 R12: ffff888013b21000 [ 208.790444] R13: ffff8880159a19e8 R14: ffff8880218ca100 R15: 0000000000000000 [ 208.791087] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.791953] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.792460] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 208.793090] PKRU: 55555554 [ 208.793455] Call Trace: [ 208.793677] [ 208.793872] iommufd_access_destroy_object+0x65/0x170 [ 208.794326] iommufd_object_destroy_user+0x18e/0x220 [ 208.794817] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 208.795423] iommufd_access_destroy+0x43/0x70 [ 208.795825] iommufd_test_staccess_release+0x8d/0xd0 [ 208.796287] __fput+0x26d/0xa40 [ 208.796594] ____fput+0x1e/0x30 [ 208.797098] task_work_run+0x1a4/0x2d0 [ 208.797451] ? __pfx_task_work_run+0x10/0x10 [ 208.797842] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.798288] ? switch_task_namespaces+0xa9/0xe0 [ 208.798818] do_exit+0xb17/0x2ef0 [ 208.799133] ? lock_acquire+0x427/0x4c0 [ 208.799497] ? __pfx_lock_release+0x10/0x10 [ 208.799881] ? __kasan_check_write+0x18/0x20 [ 208.800288] ? do_raw_spin_lock+0x132/0x2a0 [ 208.800789] ? __pfx_do_exit+0x10/0x10 [ 208.801137] ? debug_smp_processor_id+0x20/0x30 [ 208.801557] ? rcu_is_watching+0x19/0xb0 [ 208.801933] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.802430] ? trace_hardirqs_on+0x26/0x120 [ 208.802835] do_group_exit+0xe0/0x2b0 [ 208.803190] __x64_sys_exit_group+0x47/0x50 [ 208.803599] do_syscall_64+0x3b/0x90 [ 208.804041] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.804505] RIP: 0033:0x7f4b87518a4d [ 208.804833] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.805513] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.806185] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.806836] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.807484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.808125] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.808770] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.809427] [ 208.809643] irq event stamp: 0 [ 208.809930] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.810499] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.811312] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.812077] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.812649] ---[ end trace 0000000000000000 ]--- [ 208.813406] ------------[ cut here ]------------ [ 208.813839] WARNING: CPU: 0 PID: 1989 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 208.814808] Modules linked in: [ 208.815109] CPU: 0 PID: 1989 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.815916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.816934] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 208.817400] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.819297] RSP: 0018:ffff888012f4fb78 EFLAGS: 00010246 [ 208.819794] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.820438] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 208.821082] RBP: ffff888012f4fb98 R08: ffffed1002b3433e R09: ffffed1002b3433e [ 208.821724] R10: ffff8880159a19ef R11: ffffed1002b3433d R12: ffff8880159a1a90 [ 208.822367] R13: ffff8880159a18a8 R14: ffffffffffffffff R15: ffff888012f4fc60 [ 208.823045] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 208.823786] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.824310] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 208.824957] PKRU: 55555554 [ 208.825215] Call Trace: [ 208.825451] [ 208.825661] iommufd_ioas_destroy+0x53/0x70 [ 208.826063] iommufd_fops_release+0x1f7/0x370 [ 208.826484] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.826973] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.827439] ? write_comp_data+0x2f/0x90 [ 208.827824] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.828284] __fput+0x26d/0xa40 [ 208.828604] ____fput+0x1e/0x30 [ 208.828920] task_work_run+0x1a4/0x2d0 [ 208.829353] ? __pfx_task_work_run+0x10/0x10 [ 208.829766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.830225] ? switch_task_namespaces+0xa9/0xe0 [ 208.830719] do_exit+0xb17/0x2ef0 [ 208.831056] ? lock_acquire+0x427/0x4c0 [ 208.831458] ? __pfx_lock_release+0x10/0x10 [ 208.831874] ? __kasan_check_write+0x18/0x20 [ 208.832292] ? do_raw_spin_lock+0x132/0x2a0 [ 208.832700] ? __pfx_do_exit+0x10/0x10 [ 208.833072] ? debug_smp_processor_id+0x20/0x30 [ 208.833511] ? rcu_is_watching+0x19/0xb0 [ 208.833898] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.834329] ? trace_hardirqs_on+0x26/0x120 [ 208.834810] do_group_exit+0xe0/0x2b0 [ 208.835192] __x64_sys_exit_group+0x47/0x50 [ 208.835600] do_syscall_64+0x3b/0x90 [ 208.835964] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.836454] RIP: 0033:0x7f4b87518a4d [ 208.836801] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.837371] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.838080] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.838765] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.839447] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.840107] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.840770] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.841441] [ 208.841666] irq event stamp: 0 [ 208.841963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.842588] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.843410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.844203] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.844810] ---[ end trace 0000000000000000 ]--- [ 208.851707] ------------[ cut here ]------------ [ 208.852326] WARNING: CPU: 1 PID: 1990 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.853526] Modules linked in: [ 208.853916] CPU: 1 PID: 1990 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.855025] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.856372] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.856968] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.859161] RSP: 0018:ffff888013a57bb8 EFLAGS: 00010246 [ 208.859806] RAX: 0000000000000000 RBX: ffff888011d9d0a8 RCX: 0000000000000000 [ 208.860646] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 208.861480] RBP: ffff888013a57bd0 R08: ffffed10023b3a33 R09: ffffed10023b3a33 [ 208.862317] R10: ffff888011d9d193 R11: ffffed10023b3a32 R12: ffff888014583c00 [ 208.863215] R13: ffff888011d9d1e8 R14: ffffffff8352e670 R15: ffff888013a57e68 [ 208.864062] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.865005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.865693] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 208.866574] PKRU: 55555554 [ 208.866917] Call Trace: [ 208.867245] [ 208.867524] __iommufd_access_detach+0x1c2/0x2b0 [ 208.868111] iommufd_access_change_pt+0x149/0x270 [ 208.868705] iommufd_access_replace+0xb4/0x120 [ 208.869271] iommufd_test+0x3e5/0x37e0 [ 208.869742] ? lock_release+0x532/0x770 [ 208.870239] ? __might_fault+0x102/0x1b0 [ 208.870780] ? lock_acquire+0x427/0x4c0 [ 208.871289] ? __pfx_iommufd_test+0x10/0x10 [ 208.871806] ? __pfx_lock_release+0x10/0x10 [ 208.872333] ? __pfx_lock_acquire+0x10/0x10 [ 208.872865] ? write_comp_data+0x2f/0x90 [ 208.873371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.873961] ? write_comp_data+0x2f/0x90 [ 208.874465] iommufd_fops_ioctl+0x37d/0x510 [ 208.875036] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.875652] ? write_comp_data+0x2f/0x90 [ 208.876160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 208.876746] __x64_sys_ioctl+0x1a3/0x230 [ 208.877251] do_syscall_64+0x3b/0x90 [ 208.877717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.878349] RIP: 0033:0x7f4b8743ee5d [ 208.878840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 208.880989] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 208.881897] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 208.882780] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 208.883634] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 208.884475] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 208.885315] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 208.886167] [ 208.886452] irq event stamp: 0 [ 208.886865] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.887633] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.888630] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.889626] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.890388] ---[ end trace 0000000000000000 ]--- [ 208.895074] ------------[ cut here ]------------ [ 208.895680] WARNING: CPU: 1 PID: 1990 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.896874] Modules linked in: [ 208.897261] CPU: 1 PID: 1990 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.898296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.899692] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.900296] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.902438] RSP: 0018:ffff888013a57bd0 EFLAGS: 00010246 [ 208.903137] RAX: 0000000000000000 RBX: ffff888011d9d0a8 RCX: 0000000000000000 [ 208.903989] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 208.904831] RBP: ffff888013a57be8 R08: ffffed10023b3a33 R09: ffffed10023b3a33 [ 208.905672] R10: ffff888011d9d193 R11: ffffed10023b3a32 R12: ffff888010c0bc00 [ 208.906557] R13: ffff888011d9d1e8 R14: ffff88802094e200 R15: 0000000000000000 [ 208.907418] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.908378] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.909073] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 208.909919] PKRU: 55555554 [ 208.910262] Call Trace: [ 208.910621] [ 208.910907] iommufd_access_destroy_object+0x65/0x170 [ 208.911553] iommufd_object_destroy_user+0x18e/0x220 [ 208.912173] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 208.912881] iommufd_access_destroy+0x43/0x70 [ 208.913440] iommufd_test_staccess_release+0x8d/0xd0 [ 208.914062] __fput+0x26d/0xa40 [ 208.914483] ____fput+0x1e/0x30 [ 208.914946] task_work_run+0x1a4/0x2d0 [ 208.915448] ? __pfx_task_work_run+0x10/0x10 [ 208.915987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.916581] ? switch_task_namespaces+0xa9/0xe0 [ 208.917157] do_exit+0xb17/0x2ef0 [ 208.917576] ? lock_acquire+0x427/0x4c0 [ 208.918068] ? __pfx_lock_release+0x10/0x10 [ 208.918640] ? __kasan_check_write+0x18/0x20 [ 208.919192] ? do_raw_spin_lock+0x132/0x2a0 [ 208.919714] ? __pfx_do_exit+0x10/0x10 [ 208.920199] ? debug_smp_processor_id+0x20/0x30 [ 208.920761] ? rcu_is_watching+0x19/0xb0 [ 208.921255] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.921814] ? trace_hardirqs_on+0x26/0x120 [ 208.922346] do_group_exit+0xe0/0x2b0 [ 208.922851] __x64_sys_exit_group+0x47/0x50 [ 208.923385] do_syscall_64+0x3b/0x90 [ 208.923846] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.924479] RIP: 0033:0x7f4b87518a4d [ 208.924931] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.925680] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.926657] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.927546] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.928415] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.929278] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.930145] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.931059] [ 208.931366] irq event stamp: 0 [ 208.931760] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.932528] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.933549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.934597] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.935386] ---[ end trace 0000000000000000 ]--- [ 208.936630] ------------[ cut here ]------------ [ 208.937214] WARNING: CPU: 1 PID: 1990 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 208.938452] Modules linked in: [ 208.938912] CPU: 1 PID: 1990 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.939995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.941352] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 208.941982] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 208.944243] RSP: 0018:ffff888013a57b78 EFLAGS: 00010246 [ 208.944901] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 208.945767] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 208.946679] RBP: ffff888013a57b98 R08: ffffed10023b3a3e R09: ffffed10023b3a3e [ 208.947569] R10: ffff888011d9d1ef R11: ffffed10023b3a3d R12: ffff888011d9d290 [ 208.948434] R13: ffff888011d9d0a8 R14: ffffffffffffffff R15: ffff888013a57c60 [ 208.949305] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.950282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.951034] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 208.951923] PKRU: 55555554 [ 208.952274] Call Trace: [ 208.952592] [ 208.952879] iommufd_ioas_destroy+0x53/0x70 [ 208.953419] iommufd_fops_release+0x1f7/0x370 [ 208.953985] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.954653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.955295] ? write_comp_data+0x2f/0x90 [ 208.955812] ? __pfx_iommufd_fops_release+0x10/0x10 [ 208.956429] __fput+0x26d/0xa40 [ 208.956861] ____fput+0x1e/0x30 [ 208.957282] task_work_run+0x1a4/0x2d0 [ 208.957776] ? __pfx_task_work_run+0x10/0x10 [ 208.958328] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 208.958983] ? switch_task_namespaces+0xa9/0xe0 [ 208.959601] do_exit+0xb17/0x2ef0 [ 208.960039] ? lock_acquire+0x427/0x4c0 [ 208.960547] ? __pfx_lock_release+0x10/0x10 [ 208.961086] ? __kasan_check_write+0x18/0x20 [ 208.961632] ? do_raw_spin_lock+0x132/0x2a0 [ 208.962173] ? __pfx_do_exit+0x10/0x10 [ 208.962747] ? debug_smp_processor_id+0x20/0x30 [ 208.963364] ? rcu_is_watching+0x19/0xb0 [ 208.963888] ? _raw_spin_unlock_irq+0x2b/0x60 [ 208.964478] ? trace_hardirqs_on+0x26/0x120 [ 208.965037] do_group_exit+0xe0/0x2b0 [ 208.965527] __x64_sys_exit_group+0x47/0x50 [ 208.966077] do_syscall_64+0x3b/0x90 [ 208.966620] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 208.967310] RIP: 0033:0x7f4b87518a4d [ 208.967791] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 208.968565] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 208.969516] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 208.970411] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 208.971372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 208.972290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 208.973196] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 208.974112] [ 208.974422] irq event stamp: 0 [ 208.974882] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 208.975704] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 208.976756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 208.977799] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 208.978637] ---[ end trace 0000000000000000 ]--- [ 208.985313] ------------[ cut here ]------------ [ 208.985980] WARNING: CPU: 1 PID: 1991 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 208.987369] Modules linked in: [ 208.987791] CPU: 1 PID: 1991 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 208.988889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 208.990298] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 208.990987] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 208.993272] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 208.993951] RAX: 0000000000000000 RBX: ffff88801840f8a8 RCX: 0000000000000000 [ 208.994886] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 208.995797] RBP: ffff8880135e7bd0 R08: ffffed1003081f33 R09: ffffed1003081f33 [ 208.996688] R10: ffff88801840f993 R11: ffffed1003081f32 R12: ffff88801422f400 [ 208.997579] R13: ffff88801840f9e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 208.998471] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 208.999539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.000275] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 209.001173] PKRU: 55555554 [ 209.001535] Call Trace: [ 209.001863] [ 209.002158] __iommufd_access_detach+0x1c2/0x2b0 [ 209.002824] iommufd_access_change_pt+0x149/0x270 [ 209.003471] iommufd_access_replace+0xb4/0x120 [ 209.004072] iommufd_test+0x3e5/0x37e0 [ 209.004569] ? lock_release+0x532/0x770 [ 209.005092] ? __might_fault+0x102/0x1b0 [ 209.005622] ? lock_acquire+0x427/0x4c0 [ 209.006144] ? __pfx_iommufd_test+0x10/0x10 [ 209.006728] ? __pfx_lock_release+0x10/0x10 [ 209.007308] ? __pfx_lock_acquire+0x10/0x10 [ 209.007873] ? write_comp_data+0x2f/0x90 [ 209.008409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.009039] ? write_comp_data+0x2f/0x90 [ 209.009581] iommufd_fops_ioctl+0x37d/0x510 [ 209.010146] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.010830] ? write_comp_data+0x2f/0x90 [ 209.011392] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.012014] __x64_sys_ioctl+0x1a3/0x230 [ 209.012554] do_syscall_64+0x3b/0x90 [ 209.013051] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.013728] RIP: 0033:0x7f4b8743ee5d [ 209.014213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.016554] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.017517] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.018405] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.019348] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.020237] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.021123] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.022031] [ 209.022331] irq event stamp: 0 [ 209.022787] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.023603] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.024653] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.025701] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.026492] ---[ end trace 0000000000000000 ]--- [ 209.031393] ------------[ cut here ]------------ [ 209.032021] WARNING: CPU: 1 PID: 1991 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.033280] Modules linked in: [ 209.033694] CPU: 1 PID: 1991 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.034934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.036368] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.037004] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.039351] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 209.040035] RAX: 0000000000000000 RBX: ffff88801840f8a8 RCX: 0000000000000000 [ 209.041151] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 209.042237] RBP: ffff8880135e7be8 R08: ffffed1003081f33 R09: ffffed1003081f33 [ 209.043244] R10: ffff88801840f993 R11: ffffed1003081f32 R12: ffff888014583800 [ 209.044140] R13: ffff88801840f9e8 R14: ffff888020f65500 R15: 0000000000000000 [ 209.045375] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.046385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.047413] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.048319] PKRU: 55555554 [ 209.048681] Call Trace: [ 209.049009] [ 209.049305] iommufd_access_destroy_object+0x65/0x170 [ 209.050071] iommufd_object_destroy_user+0x18e/0x220 [ 209.050867] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.051643] iommufd_access_destroy+0x43/0x70 [ 209.052229] iommufd_test_staccess_release+0x8d/0xd0 [ 209.052887] __fput+0x26d/0xa40 [ 209.053572] ____fput+0x1e/0x30 [ 209.054011] task_work_run+0x1a4/0x2d0 [ 209.054571] ? __pfx_task_work_run+0x10/0x10 [ 209.055165] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.055790] ? switch_task_namespaces+0xa9/0xe0 [ 209.056484] do_exit+0xb17/0x2ef0 [ 209.056973] ? lock_acquire+0x427/0x4c0 [ 209.057495] ? __pfx_lock_release+0x10/0x10 [ 209.058058] ? __kasan_check_write+0x18/0x20 [ 209.058701] ? do_raw_spin_lock+0x132/0x2a0 [ 209.059284] ? __pfx_do_exit+0x10/0x10 [ 209.060002] ? debug_smp_processor_id+0x20/0x30 [ 209.060599] ? rcu_is_watching+0x19/0xb0 [ 209.061121] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.061707] ? trace_hardirqs_on+0x26/0x120 [ 209.062302] do_group_exit+0xe0/0x2b0 [ 209.063025] __x64_sys_exit_group+0x47/0x50 [ 209.063630] do_syscall_64+0x3b/0x90 [ 209.064140] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.064834] RIP: 0033:0x7f4b87518a4d [ 209.065330] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.066387] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.067450] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.068386] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.069468] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.070476] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.071477] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.072443] [ 209.072911] irq event stamp: 0 [ 209.073417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.074235] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.075428] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.076793] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.077613] ---[ end trace 0000000000000000 ]--- [ 209.079062] ------------[ cut here ]------------ [ 209.080019] WARNING: CPU: 1 PID: 1991 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.081346] Modules linked in: [ 209.081775] CPU: 1 PID: 1991 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.083620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.085085] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.085768] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.088514] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 209.089273] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.090646] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 209.091628] RBP: ffff8880135e7b98 R08: ffffed1003081f3e R09: ffffed1003081f3e [ 209.092896] R10: ffff88801840f9ef R11: ffffed1003081f3d R12: ffff88801840fa90 [ 209.094014] R13: ffff88801840f8a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 209.095024] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.096509] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.097279] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.098200] PKRU: 55555554 [ 209.098640] Call Trace: [ 209.099488] [ 209.099814] iommufd_ioas_destroy+0x53/0x70 [ 209.100392] iommufd_fops_release+0x1f7/0x370 [ 209.100989] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.101999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.102748] ? write_comp_data+0x2f/0x90 [ 209.103319] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.103979] __fput+0x26d/0xa40 [ 209.104493] ____fput+0x1e/0x30 [ 209.105366] task_work_run+0x1a4/0x2d0 [ 209.105941] ? __pfx_task_work_run+0x10/0x10 [ 209.106613] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.107314] ? switch_task_namespaces+0xa9/0xe0 [ 209.108394] do_exit+0xb17/0x2ef0 [ 209.108904] ? lock_acquire+0x427/0x4c0 [ 209.109460] ? __pfx_lock_release+0x10/0x10 [ 209.110055] ? __kasan_check_write+0x18/0x20 [ 209.110773] ? do_raw_spin_lock+0x132/0x2a0 [ 209.111677] ? __pfx_do_exit+0x10/0x10 [ 209.112254] ? debug_smp_processor_id+0x20/0x30 [ 209.112894] ? rcu_is_watching+0x19/0xb0 [ 209.113450] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.114633] ? trace_hardirqs_on+0x26/0x120 [ 209.115269] do_group_exit+0xe0/0x2b0 [ 209.115775] __x64_sys_exit_group+0x47/0x50 [ 209.116336] do_syscall_64+0x3b/0x90 [ 209.117397] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.118122] RIP: 0033:0x7f4b87518a4d [ 209.118682] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.119625] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.120836] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.121793] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.122831] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.123903] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.124830] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.125817] [ 209.126303] irq event stamp: 0 [ 209.126771] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.127614] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.128703] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.129812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.130695] ---[ end trace 0000000000000000 ]--- [ 209.137533] ------------[ cut here ]------------ [ 209.138202] WARNING: CPU: 1 PID: 1992 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.139609] Modules linked in: [ 209.140043] CPU: 1 PID: 1992 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.141514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.143061] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.143755] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.146357] RSP: 0018:ffff888015b2fbb8 EFLAGS: 00010246 [ 209.147110] RAX: 0000000000000000 RBX: ffff8880129230a8 RCX: 0000000000000000 [ 209.148290] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 209.149212] RBP: ffff888015b2fbd0 R08: ffffed1002524633 R09: ffffed1002524633 [ 209.150131] R10: ffff888012923193 R11: ffffed1002524632 R12: ffff888018b88400 [ 209.151399] R13: ffff8880129231e8 R14: ffffffff8352e670 R15: ffff888015b2fe68 [ 209.152334] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.153377] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.154173] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 209.155315] PKRU: 55555554 [ 209.155696] Call Trace: [ 209.156039] [ 209.156348] __iommufd_access_detach+0x1c2/0x2b0 [ 209.156992] iommufd_access_change_pt+0x149/0x270 [ 209.157689] iommufd_access_replace+0xb4/0x120 [ 209.158474] iommufd_test+0x3e5/0x37e0 [ 209.159050] ? lock_release+0x532/0x770 [ 209.159620] ? __might_fault+0x102/0x1b0 [ 209.160172] ? lock_acquire+0x427/0x4c0 [ 209.160732] ? __pfx_iommufd_test+0x10/0x10 [ 209.161470] ? __pfx_lock_release+0x10/0x10 [ 209.162051] ? __pfx_lock_acquire+0x10/0x10 [ 209.162684] ? write_comp_data+0x2f/0x90 [ 209.163281] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.163962] ? write_comp_data+0x2f/0x90 [ 209.164577] iommufd_fops_ioctl+0x37d/0x510 [ 209.165276] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.165926] ? write_comp_data+0x2f/0x90 [ 209.166476] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.167195] __x64_sys_ioctl+0x1a3/0x230 [ 209.167770] do_syscall_64+0x3b/0x90 [ 209.168435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.169149] RIP: 0033:0x7f4b8743ee5d [ 209.169662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.172329] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.173327] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.174314] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.175506] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.176443] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.177408] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.178630] [ 209.178957] irq event stamp: 0 [ 209.179405] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.180241] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.181669] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.182827] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.183670] ---[ end trace 0000000000000000 ]--- [ 209.188594] ------------[ cut here ]------------ [ 209.189359] WARNING: CPU: 1 PID: 1992 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.190835] Modules linked in: [ 209.191299] CPU: 1 PID: 1992 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.192555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.194092] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.194795] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.197359] RSP: 0018:ffff888015b2fbd0 EFLAGS: 00010246 [ 209.198054] RAX: 0000000000000000 RBX: ffff8880129230a8 RCX: 0000000000000000 [ 209.199241] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 209.200172] RBP: ffff888015b2fbe8 R08: ffffed1002524633 R09: ffffed1002524633 [ 209.201103] R10: ffff888012923193 R11: ffffed1002524632 R12: ffff88801422c000 [ 209.202032] R13: ffff8880129231e8 R14: ffff888018b81b00 R15: 0000000000000000 [ 209.203049] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.204158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.204941] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.205898] PKRU: 55555554 [ 209.206285] Call Trace: [ 209.206679] [ 209.207000] iommufd_access_destroy_object+0x65/0x170 [ 209.207721] iommufd_object_destroy_user+0x18e/0x220 [ 209.208416] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.209189] iommufd_access_destroy+0x43/0x70 [ 209.209800] iommufd_test_staccess_release+0x8d/0xd0 [ 209.210482] __fput+0x26d/0xa40 [ 209.210993] ____fput+0x1e/0x30 [ 209.211504] task_work_run+0x1a4/0x2d0 [ 209.212060] ? __pfx_task_work_run+0x10/0x10 [ 209.212666] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.213330] ? switch_task_namespaces+0xa9/0xe0 [ 209.213986] do_exit+0xb17/0x2ef0 [ 209.214467] ? lock_acquire+0x427/0x4c0 [ 209.215077] ? __pfx_lock_release+0x10/0x10 [ 209.215702] ? __kasan_check_write+0x18/0x20 [ 209.216312] ? do_raw_spin_lock+0x132/0x2a0 [ 209.216885] ? __pfx_do_exit+0x10/0x10 [ 209.217412] ? debug_smp_processor_id+0x20/0x30 [ 209.218034] ? rcu_is_watching+0x19/0xb0 [ 209.218621] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.219247] ? trace_hardirqs_on+0x26/0x120 [ 209.219849] do_group_exit+0xe0/0x2b0 [ 209.220359] __x64_sys_exit_group+0x47/0x50 [ 209.220929] do_syscall_64+0x3b/0x90 [ 209.221440] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.222131] RIP: 0033:0x7f4b87518a4d [ 209.222685] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.223529] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.224523] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.225477] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.226431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.227449] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.228409] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.229384] [ 209.229706] irq event stamp: 0 [ 209.230135] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.231028] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.232175] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.233292] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.234139] ---[ end trace 0000000000000000 ]--- [ 209.235605] ------------[ cut here ]------------ [ 209.236239] WARNING: CPU: 1 PID: 1992 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.237562] Modules linked in: [ 209.237989] CPU: 1 PID: 1992 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.239186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.240693] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.241388] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.243849] RSP: 0018:ffff888015b2fb78 EFLAGS: 00010246 [ 209.244548] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.245471] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 209.246393] RBP: ffff888015b2fb98 R08: ffffed100252463e R09: ffffed100252463e [ 209.247496] R10: ffff8880129231ef R11: ffffed100252463d R12: ffff888012923290 [ 209.248232] R13: ffff8880129230a8 R14: ffffffffffffffff R15: ffff888015b2fc60 [ 209.248944] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.249741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.250317] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.251059] PKRU: 55555554 [ 209.251370] Call Trace: [ 209.251630] [ 209.251858] iommufd_ioas_destroy+0x53/0x70 [ 209.252307] iommufd_fops_release+0x1f7/0x370 [ 209.252764] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.253267] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.253763] ? write_comp_data+0x2f/0x90 [ 209.254178] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.254715] __fput+0x26d/0xa40 [ 209.255062] ____fput+0x1e/0x30 [ 209.255413] task_work_run+0x1a4/0x2d0 [ 209.255799] ? __pfx_task_work_run+0x10/0x10 [ 209.256211] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.256672] ? switch_task_namespaces+0xa9/0xe0 [ 209.257116] do_exit+0xb17/0x2ef0 [ 209.257438] ? lock_acquire+0x427/0x4c0 [ 209.257818] ? __pfx_lock_release+0x10/0x10 [ 209.258224] ? __kasan_check_write+0x18/0x20 [ 209.258658] ? do_raw_spin_lock+0x132/0x2a0 [ 209.259061] ? __pfx_do_exit+0x10/0x10 [ 209.259451] ? debug_smp_processor_id+0x20/0x30 [ 209.259889] ? rcu_is_watching+0x19/0xb0 [ 209.260268] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.260692] ? trace_hardirqs_on+0x26/0x120 [ 209.261101] do_group_exit+0xe0/0x2b0 [ 209.261457] __x64_sys_exit_group+0x47/0x50 [ 209.261856] do_syscall_64+0x3b/0x90 [ 209.262212] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.262734] RIP: 0033:0x7f4b87518a4d [ 209.263081] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.263660] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.264363] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.265027] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.265688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.266342] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.267031] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.267719] [ 209.267938] irq event stamp: 0 [ 209.268230] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.268813] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.269585] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.270352] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.270960] ---[ end trace 0000000000000000 ]--- [ 209.276501] ------------[ cut here ]------------ [ 209.276984] WARNING: CPU: 1 PID: 1993 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.277900] Modules linked in: [ 209.278191] CPU: 1 PID: 1993 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.279035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.280072] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.280526] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.282177] RSP: 0018:ffff88800f577bb8 EFLAGS: 00010246 [ 209.282658] RAX: 0000000000000000 RBX: ffff8880167680a8 RCX: 0000000000000000 [ 209.283297] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 209.283905] RBP: ffff88800f577bd0 R08: ffffed1002ced033 R09: ffffed1002ced033 [ 209.284512] R10: ffff888016768193 R11: ffffed1002ced032 R12: ffff888014142000 [ 209.285122] R13: ffff8880167681e8 R14: ffffffff8352e670 R15: ffff88800f577e68 [ 209.285733] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.286417] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.286934] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 209.287565] PKRU: 55555554 [ 209.287809] Call Trace: [ 209.288030] [ 209.288225] __iommufd_access_detach+0x1c2/0x2b0 [ 209.288646] iommufd_access_change_pt+0x149/0x270 [ 209.289072] iommufd_access_replace+0xb4/0x120 [ 209.289478] iommufd_test+0x3e5/0x37e0 [ 209.289823] ? lock_release+0x532/0x770 [ 209.290179] ? __might_fault+0x102/0x1b0 [ 209.290565] ? lock_acquire+0x427/0x4c0 [ 209.290920] ? __pfx_iommufd_test+0x10/0x10 [ 209.291298] ? __pfx_lock_release+0x10/0x10 [ 209.291679] ? __pfx_lock_acquire+0x10/0x10 [ 209.292063] ? write_comp_data+0x2f/0x90 [ 209.292425] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.292852] ? write_comp_data+0x2f/0x90 [ 209.293214] iommufd_fops_ioctl+0x37d/0x510 [ 209.293592] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.294016] ? write_comp_data+0x2f/0x90 [ 209.294376] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.294831] __x64_sys_ioctl+0x1a3/0x230 [ 209.295207] do_syscall_64+0x3b/0x90 [ 209.295540] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.295996] RIP: 0033:0x7f4b8743ee5d [ 209.296325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.298246] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.298941] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.299564] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.300169] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.300778] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.301481] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.302180] [ 209.302385] irq event stamp: 0 [ 209.302676] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.303228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.303946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.304660] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.305246] ---[ end trace 0000000000000000 ]--- [ 209.308298] ------------[ cut here ]------------ [ 209.308733] WARNING: CPU: 1 PID: 1993 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.309687] Modules linked in: [ 209.310043] CPU: 1 PID: 1993 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.310827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.311804] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.312237] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.313964] RSP: 0018:ffff88800f577bd0 EFLAGS: 00010246 [ 209.314421] RAX: 0000000000000000 RBX: ffff8880167680a8 RCX: 0000000000000000 [ 209.315051] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 209.315674] RBP: ffff88800f577be8 R08: ffffed1002ced033 R09: ffffed1002ced033 [ 209.316284] R10: ffff888016768193 R11: ffffed1002ced032 R12: ffff888018b88000 [ 209.316900] R13: ffff8880167681e8 R14: ffff88800f1df700 R15: 0000000000000000 [ 209.317684] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.318370] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.318890] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.319517] PKRU: 55555554 [ 209.319762] Call Trace: [ 209.319998] [ 209.320193] iommufd_access_destroy_object+0x65/0x170 [ 209.320647] iommufd_object_destroy_user+0x18e/0x220 [ 209.321153] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.321743] iommufd_access_destroy+0x43/0x70 [ 209.322144] iommufd_test_staccess_release+0x8d/0xd0 [ 209.322626] __fput+0x26d/0xa40 [ 209.322929] ____fput+0x1e/0x30 [ 209.323231] task_work_run+0x1a4/0x2d0 [ 209.323579] ? __pfx_task_work_run+0x10/0x10 [ 209.323962] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.324389] ? switch_task_namespaces+0xa9/0xe0 [ 209.324809] do_exit+0xb17/0x2ef0 [ 209.325191] ? lock_acquire+0x427/0x4c0 [ 209.325648] ? __pfx_lock_release+0x10/0x10 [ 209.326029] ? __kasan_check_write+0x18/0x20 [ 209.326412] ? do_raw_spin_lock+0x132/0x2a0 [ 209.326828] ? __pfx_do_exit+0x10/0x10 [ 209.327183] ? debug_smp_processor_id+0x20/0x30 [ 209.327592] ? rcu_is_watching+0x19/0xb0 [ 209.327952] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.328351] ? trace_hardirqs_on+0x26/0x120 [ 209.328851] do_group_exit+0xe0/0x2b0 [ 209.329260] __x64_sys_exit_group+0x47/0x50 [ 209.329634] do_syscall_64+0x3b/0x90 [ 209.329966] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.330422] RIP: 0033:0x7f4b87518a4d [ 209.330853] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.331454] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.332113] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.332726] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.333491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.334105] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.334742] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.335412] [ 209.335662] irq event stamp: 0 [ 209.336003] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.336545] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.337266] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.338131] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.338702] ---[ end trace 0000000000000000 ]--- [ 209.339463] ------------[ cut here ]------------ [ 209.339956] WARNING: CPU: 1 PID: 1993 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.340904] Modules linked in: [ 209.341178] CPU: 1 PID: 1993 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.342008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.343050] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.343511] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.345231] RSP: 0018:ffff88800f577b78 EFLAGS: 00010246 [ 209.345693] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.346435] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 209.347070] RBP: ffff88800f577b98 R08: ffffed1002ced03e R09: ffffed1002ced03e [ 209.347697] R10: ffff8880167681ef R11: ffffed1002ced03d R12: ffff888016768290 [ 209.348346] R13: ffff8880167680a8 R14: ffffffffffffffff R15: ffff88800f577c60 [ 209.349067] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.349760] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.350276] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.351026] PKRU: 55555554 [ 209.351286] Call Trace: [ 209.351509] [ 209.351706] iommufd_ioas_destroy+0x53/0x70 [ 209.352088] iommufd_fops_release+0x1f7/0x370 [ 209.352488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.353077] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.353510] ? write_comp_data+0x2f/0x90 [ 209.353871] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.354309] __fput+0x26d/0xa40 [ 209.354718] ____fput+0x1e/0x30 [ 209.355063] task_work_run+0x1a4/0x2d0 [ 209.355421] ? __pfx_task_work_run+0x10/0x10 [ 209.355811] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.356237] ? switch_task_namespaces+0xa9/0xe0 [ 209.356652] do_exit+0xb17/0x2ef0 [ 209.356998] ? lock_acquire+0x427/0x4c0 [ 209.357431] ? __pfx_lock_release+0x10/0x10 [ 209.357812] ? __kasan_check_write+0x18/0x20 [ 209.358201] ? do_raw_spin_lock+0x132/0x2a0 [ 209.358613] ? __pfx_do_exit+0x10/0x10 [ 209.358968] ? debug_smp_processor_id+0x20/0x30 [ 209.359471] ? rcu_is_watching+0x19/0xb0 [ 209.359903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.360302] ? trace_hardirqs_on+0x26/0x120 [ 209.360683] do_group_exit+0xe0/0x2b0 [ 209.361016] __x64_sys_exit_group+0x47/0x50 [ 209.361470] do_syscall_64+0x3b/0x90 [ 209.361865] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.362318] RIP: 0033:0x7f4b87518a4d [ 209.362664] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.363203] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.363942] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.364621] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.365235] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.365930] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.366644] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.367278] [ 209.367483] irq event stamp: 0 [ 209.367759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.368463] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.369181] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.369921] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.370596] ---[ end trace 0000000000000000 ]--- [ 209.374874] ------------[ cut here ]------------ [ 209.375342] WARNING: CPU: 1 PID: 1994 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.376208] Modules linked in: [ 209.376484] CPU: 1 PID: 1994 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.377225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.378180] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.378632] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.380178] RSP: 0018:ffff888023c8fbb8 EFLAGS: 00010246 [ 209.380624] RAX: 0000000000000000 RBX: ffff8880146808a8 RCX: 0000000000000000 [ 209.381219] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 209.381812] RBP: ffff888023c8fbd0 R08: ffffed10028d0133 R09: ffffed10028d0133 [ 209.382407] R10: ffff888014680993 R11: ffffed10028d0132 R12: ffff888013b23000 [ 209.383026] R13: ffff8880146809e8 R14: ffffffff8352e670 R15: ffff888023c8fe68 [ 209.383630] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.384289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.384769] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 209.385355] PKRU: 55555554 [ 209.385591] Call Trace: [ 209.385796] [ 209.385977] __iommufd_access_detach+0x1c2/0x2b0 [ 209.386367] iommufd_access_change_pt+0x149/0x270 [ 209.386778] iommufd_access_replace+0xb4/0x120 [ 209.387165] iommufd_test+0x3e5/0x37e0 [ 209.387475] ? lock_release+0x532/0x770 [ 209.387801] ? __might_fault+0x102/0x1b0 [ 209.388133] ? lock_acquire+0x427/0x4c0 [ 209.388458] ? __pfx_iommufd_test+0x10/0x10 [ 209.388799] ? __pfx_lock_release+0x10/0x10 [ 209.389149] ? __pfx_lock_acquire+0x10/0x10 [ 209.389503] ? write_comp_data+0x2f/0x90 [ 209.389837] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.390245] ? write_comp_data+0x2f/0x90 [ 209.390594] iommufd_fops_ioctl+0x37d/0x510 [ 209.390944] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.391347] ? write_comp_data+0x2f/0x90 [ 209.391684] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.392071] __x64_sys_ioctl+0x1a3/0x230 [ 209.392408] do_syscall_64+0x3b/0x90 [ 209.392715] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.393133] RIP: 0033:0x7f4b8743ee5d [ 209.393430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.394888] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.395497] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.396060] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.396627] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.397191] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.397754] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.398322] [ 209.398529] irq event stamp: 0 [ 209.398785] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.399319] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.399979] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.400641] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.401138] ---[ end trace 0000000000000000 ]--- [ 209.403924] ------------[ cut here ]------------ [ 209.404324] WARNING: CPU: 1 PID: 1994 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.405126] Modules linked in: [ 209.405380] CPU: 1 PID: 1994 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.406074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.406982] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.407393] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.408833] RSP: 0018:ffff888023c8fbd0 EFLAGS: 00010246 [ 209.409253] RAX: 0000000000000000 RBX: ffff8880146808a8 RCX: 0000000000000000 [ 209.409816] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 209.410371] RBP: ffff888023c8fbe8 R08: ffffed10028d0133 R09: ffffed10028d0133 [ 209.410934] R10: ffff888014680993 R11: ffffed10028d0132 R12: ffff888014143800 [ 209.411491] R13: ffff8880146809e8 R14: ffff8880178e1800 R15: 0000000000000000 [ 209.412037] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.412655] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.413100] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.413648] PKRU: 55555554 [ 209.413866] Call Trace: [ 209.414067] [ 209.414244] iommufd_access_destroy_object+0x65/0x170 [ 209.414663] iommufd_object_destroy_user+0x18e/0x220 [ 209.415062] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.415521] iommufd_access_destroy+0x43/0x70 [ 209.415878] iommufd_test_staccess_release+0x8d/0xd0 [ 209.416279] __fput+0x26d/0xa40 [ 209.416544] ____fput+0x1e/0x30 [ 209.416807] task_work_run+0x1a4/0x2d0 [ 209.417111] ? __pfx_task_work_run+0x10/0x10 [ 209.417449] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.417823] ? switch_task_namespaces+0xa9/0xe0 [ 209.418186] do_exit+0xb17/0x2ef0 [ 209.418451] ? lock_acquire+0x427/0x4c0 [ 209.418775] ? __pfx_lock_release+0x10/0x10 [ 209.419112] ? __kasan_check_write+0x18/0x20 [ 209.419458] ? do_raw_spin_lock+0x132/0x2a0 [ 209.419789] ? __pfx_do_exit+0x10/0x10 [ 209.420093] ? debug_smp_processor_id+0x20/0x30 [ 209.420451] ? rcu_is_watching+0x19/0xb0 [ 209.420763] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.421111] ? trace_hardirqs_on+0x26/0x120 [ 209.421447] do_group_exit+0xe0/0x2b0 [ 209.421739] __x64_sys_exit_group+0x47/0x50 [ 209.422066] do_syscall_64+0x3b/0x90 [ 209.422356] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.422771] RIP: 0033:0x7f4b87518a4d [ 209.423055] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.423527] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.424101] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.424639] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.425176] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.425717] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.426257] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.426820] [ 209.427000] irq event stamp: 0 [ 209.427248] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.427728] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.428367] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.429002] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.429478] ---[ end trace 0000000000000000 ]--- [ 209.430140] ------------[ cut here ]------------ [ 209.430496] WARNING: CPU: 1 PID: 1994 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.431300] Modules linked in: [ 209.431543] CPU: 1 PID: 1994 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.432204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.433052] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.433445] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.434841] RSP: 0018:ffff888023c8fb78 EFLAGS: 00010246 [ 209.435255] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.435794] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 209.436329] RBP: ffff888023c8fb98 R08: ffffed10028d013e R09: ffffed10028d013e [ 209.436869] R10: ffff8880146809ef R11: ffffed10028d013d R12: ffff888014680a90 [ 209.437417] R13: ffff8880146808a8 R14: ffffffffffffffff R15: ffff888023c8fc60 [ 209.437958] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.438585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.439027] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.439576] PKRU: 55555554 [ 209.439787] Call Trace: [ 209.439977] [ 209.440147] iommufd_ioas_destroy+0x53/0x70 [ 209.440476] iommufd_fops_release+0x1f7/0x370 [ 209.440815] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.441189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.441561] ? write_comp_data+0x2f/0x90 [ 209.441873] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.442249] __fput+0x26d/0xa40 [ 209.442531] ____fput+0x1e/0x30 [ 209.442786] task_work_run+0x1a4/0x2d0 [ 209.443085] ? __pfx_task_work_run+0x10/0x10 [ 209.443425] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.443794] ? switch_task_namespaces+0xa9/0xe0 [ 209.444154] do_exit+0xb17/0x2ef0 [ 209.444415] ? lock_acquire+0x427/0x4c0 [ 209.444720] ? __pfx_lock_release+0x10/0x10 [ 209.445048] ? __kasan_check_write+0x18/0x20 [ 209.445379] ? do_raw_spin_lock+0x132/0x2a0 [ 209.445700] ? __pfx_do_exit+0x10/0x10 [ 209.446000] ? debug_smp_processor_id+0x20/0x30 [ 209.446354] ? rcu_is_watching+0x19/0xb0 [ 209.446679] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.447025] ? trace_hardirqs_on+0x26/0x120 [ 209.447363] do_group_exit+0xe0/0x2b0 [ 209.447652] __x64_sys_exit_group+0x47/0x50 [ 209.447976] do_syscall_64+0x3b/0x90 [ 209.448263] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.448653] RIP: 0033:0x7f4b87518a4d [ 209.448931] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.449393] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.449956] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.450480] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.451027] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.451561] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.452087] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.452618] [ 209.452792] irq event stamp: 0 [ 209.453028] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.453493] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.454110] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.454749] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.455232] ---[ end trace 0000000000000000 ]--- [ 209.459198] ------------[ cut here ]------------ [ 209.459573] WARNING: CPU: 1 PID: 1995 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.460323] Modules linked in: [ 209.460562] CPU: 1 PID: 1995 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.461210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.462035] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.462397] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.463759] RSP: 0018:ffff888015817bb8 EFLAGS: 00010246 [ 209.464152] RAX: 0000000000000000 RBX: ffff888018a5a8a8 RCX: 0000000000000000 [ 209.464670] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 209.465186] RBP: ffff888015817bd0 R08: ffffed100314b533 R09: ffffed100314b533 [ 209.465709] R10: ffff888018a5a993 R11: ffffed100314b532 R12: ffff888014583000 [ 209.466226] R13: ffff888018a5a9e8 R14: ffffffff8352e670 R15: ffff888015817e68 [ 209.466759] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.467350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.467773] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 209.468291] PKRU: 55555554 [ 209.468500] Call Trace: [ 209.468688] [ 209.468854] __iommufd_access_detach+0x1c2/0x2b0 [ 209.469213] iommufd_access_change_pt+0x149/0x270 [ 209.469575] iommufd_access_replace+0xb4/0x120 [ 209.469919] iommufd_test+0x3e5/0x37e0 [ 209.470207] ? lock_release+0x532/0x770 [ 209.470530] ? __might_fault+0x102/0x1b0 [ 209.470835] ? lock_acquire+0x427/0x4c0 [ 209.471143] ? __pfx_iommufd_test+0x10/0x10 [ 209.471458] ? __pfx_lock_release+0x10/0x10 [ 209.471779] ? __pfx_lock_acquire+0x10/0x10 [ 209.472102] ? write_comp_data+0x2f/0x90 [ 209.472408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.472768] ? write_comp_data+0x2f/0x90 [ 209.473074] iommufd_fops_ioctl+0x37d/0x510 [ 209.473393] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.473754] ? write_comp_data+0x2f/0x90 [ 209.474062] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.474418] __x64_sys_ioctl+0x1a3/0x230 [ 209.474736] do_syscall_64+0x3b/0x90 [ 209.475017] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.475406] RIP: 0033:0x7f4b8743ee5d [ 209.475675] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.476975] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.477519] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.478025] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.478554] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.479066] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.479581] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.480094] [ 209.480263] irq event stamp: 0 [ 209.480491] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.480943] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.481539] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.482130] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.482593] ---[ end trace 0000000000000000 ]--- [ 209.485163] ------------[ cut here ]------------ [ 209.485518] WARNING: CPU: 1 PID: 1995 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.486239] Modules linked in: [ 209.486470] CPU: 1 PID: 1995 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.487130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.487936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.488292] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.489591] RSP: 0018:ffff888015817bd0 EFLAGS: 00010246 [ 209.489972] RAX: 0000000000000000 RBX: ffff888018a5a8a8 RCX: 0000000000000000 [ 209.490479] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 209.491006] RBP: ffff888015817be8 R08: ffffed100314b533 R09: ffffed100314b533 [ 209.491520] R10: ffff888018a5a993 R11: ffffed100314b532 R12: ffff888013b21c00 [ 209.492030] R13: ffff888018a5a9e8 R14: ffff8880123ec200 R15: 0000000000000000 [ 209.492544] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.493119] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.493540] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.494052] PKRU: 55555554 [ 209.494255] Call Trace: [ 209.494439] [ 209.494625] iommufd_access_destroy_object+0x65/0x170 [ 209.495004] iommufd_object_destroy_user+0x18e/0x220 [ 209.495381] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.495806] iommufd_access_destroy+0x43/0x70 [ 209.496144] iommufd_test_staccess_release+0x8d/0xd0 [ 209.496520] __fput+0x26d/0xa40 [ 209.496772] ____fput+0x1e/0x30 [ 209.497016] task_work_run+0x1a4/0x2d0 [ 209.497304] ? __pfx_task_work_run+0x10/0x10 [ 209.497626] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.497983] ? switch_task_namespaces+0xa9/0xe0 [ 209.498328] do_exit+0xb17/0x2ef0 [ 209.498598] ? lock_acquire+0x427/0x4c0 [ 209.498896] ? __pfx_lock_release+0x10/0x10 [ 209.499220] ? __kasan_check_write+0x18/0x20 [ 209.499545] ? do_raw_spin_lock+0x132/0x2a0 [ 209.499858] ? __pfx_do_exit+0x10/0x10 [ 209.500147] ? debug_smp_processor_id+0x20/0x30 [ 209.500485] ? rcu_is_watching+0x19/0xb0 [ 209.500779] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.501111] ? trace_hardirqs_on+0x26/0x120 [ 209.501431] do_group_exit+0xe0/0x2b0 [ 209.501710] __x64_sys_exit_group+0x47/0x50 [ 209.502019] do_syscall_64+0x3b/0x90 [ 209.502300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.502703] RIP: 0033:0x7f4b87518a4d [ 209.502975] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.503421] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.503969] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.504474] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.504979] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.505497] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.506002] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.506541] [ 209.506713] irq event stamp: 0 [ 209.506939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.507400] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.507997] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.508597] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.509048] ---[ end trace 0000000000000000 ]--- [ 209.509685] ------------[ cut here ]------------ [ 209.510021] WARNING: CPU: 1 PID: 1995 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.510770] Modules linked in: [ 209.511003] CPU: 1 PID: 1995 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.511635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.512438] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.512816] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.514115] RSP: 0018:ffff888015817b78 EFLAGS: 00010246 [ 209.514500] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.515033] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 209.515552] RBP: ffff888015817b98 R08: ffffed100314b53e R09: ffffed100314b53e [ 209.516061] R10: ffff888018a5a9ef R11: ffffed100314b53d R12: ffff888018a5aa90 [ 209.516573] R13: ffff888018a5a8a8 R14: ffffffffffffffff R15: ffff888015817c60 [ 209.517081] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.517652] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.518064] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.518595] PKRU: 55555554 [ 209.518800] Call Trace: [ 209.518984] [ 209.519154] iommufd_ioas_destroy+0x53/0x70 [ 209.519480] iommufd_fops_release+0x1f7/0x370 [ 209.519809] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.520170] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.520526] ? write_comp_data+0x2f/0x90 [ 209.520829] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.521189] __fput+0x26d/0xa40 [ 209.521444] ____fput+0x1e/0x30 [ 209.521694] task_work_run+0x1a4/0x2d0 [ 209.521982] ? __pfx_task_work_run+0x10/0x10 [ 209.522304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.522682] ? switch_task_namespaces+0xa9/0xe0 [ 209.523032] do_exit+0xb17/0x2ef0 [ 209.523293] ? lock_acquire+0x427/0x4c0 [ 209.523590] ? __pfx_lock_release+0x10/0x10 [ 209.523907] ? __kasan_check_write+0x18/0x20 [ 209.524230] ? do_raw_spin_lock+0x132/0x2a0 [ 209.524544] ? __pfx_do_exit+0x10/0x10 [ 209.524833] ? debug_smp_processor_id+0x20/0x30 [ 209.525172] ? rcu_is_watching+0x19/0xb0 [ 209.525469] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.525799] ? trace_hardirqs_on+0x26/0x120 [ 209.526116] do_group_exit+0xe0/0x2b0 [ 209.526392] __x64_sys_exit_group+0x47/0x50 [ 209.526718] do_syscall_64+0x3b/0x90 [ 209.526997] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.527386] RIP: 0033:0x7f4b87518a4d [ 209.527654] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.528090] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.528633] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.529136] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.529640] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.530143] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.530669] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.531192] [ 209.531360] irq event stamp: 0 [ 209.531585] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.532035] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.532628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.533225] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.533670] ---[ end trace 0000000000000000 ]--- [ 209.537171] ------------[ cut here ]------------ [ 209.537554] WARNING: CPU: 0 PID: 1996 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.538290] Modules linked in: [ 209.538749] CPU: 0 PID: 1996 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.539394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.540200] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.540561] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.541868] RSP: 0018:ffff888023cffbb8 EFLAGS: 00010246 [ 209.542254] RAX: 0000000000000000 RBX: ffff888023eba8a8 RCX: 0000000000000000 [ 209.542783] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 209.543305] RBP: ffff888023cffbd0 R08: ffffed10047d7533 R09: ffffed10047d7533 [ 209.543818] R10: ffff888023eba993 R11: ffffed10047d7532 R12: ffff8880142a7c00 [ 209.544331] R13: ffff888023eba9e8 R14: ffffffff8352e670 R15: ffff888023cffe68 [ 209.544842] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 209.545418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.545835] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 209.546354] PKRU: 55555554 [ 209.546578] Call Trace: [ 209.546766] [ 209.546931] __iommufd_access_detach+0x1c2/0x2b0 [ 209.547301] iommufd_access_change_pt+0x149/0x270 [ 209.547662] iommufd_access_replace+0xb4/0x120 [ 209.548006] iommufd_test+0x3e5/0x37e0 [ 209.548291] ? lock_release+0x532/0x770 [ 209.548595] ? __might_fault+0x102/0x1b0 [ 209.548902] ? lock_acquire+0x427/0x4c0 [ 209.549212] ? __pfx_iommufd_test+0x10/0x10 [ 209.549529] ? __pfx_lock_release+0x10/0x10 [ 209.549853] ? __pfx_lock_acquire+0x10/0x10 [ 209.550177] ? write_comp_data+0x2f/0x90 [ 209.550483] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.550869] ? write_comp_data+0x2f/0x90 [ 209.551190] iommufd_fops_ioctl+0x37d/0x510 [ 209.551512] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.551875] ? write_comp_data+0x2f/0x90 [ 209.552186] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.552544] __x64_sys_ioctl+0x1a3/0x230 [ 209.552852] do_syscall_64+0x3b/0x90 [ 209.553133] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.553518] RIP: 0033:0x7f4b8743ee5d [ 209.553791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.555124] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.555679] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.556207] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.556728] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.557635] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.558161] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.558715] [ 209.558887] irq event stamp: 0 [ 209.559132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.559590] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.560193] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.560793] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.561246] ---[ end trace 0000000000000000 ]--- [ 209.564105] ------------[ cut here ]------------ [ 209.564467] WARNING: CPU: 0 PID: 1996 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.565302] Modules linked in: [ 209.565636] CPU: 0 PID: 1996 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.566274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.567110] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.567480] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.568946] RSP: 0018:ffff888023cffbd0 EFLAGS: 00010246 [ 209.569334] RAX: 0000000000000000 RBX: ffff888023eba8a8 RCX: 0000000000000000 [ 209.569862] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 209.570386] RBP: ffff888023cffbe8 R08: ffffed10047d7533 R09: ffffed10047d7533 [ 209.570931] R10: ffff888023eba993 R11: ffffed10047d7532 R12: ffff88801890fc00 [ 209.571473] R13: ffff888023eba9e8 R14: ffff88802080cb00 R15: 0000000000000000 [ 209.572068] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 209.572759] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.573189] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 209.573720] PKRU: 55555554 [ 209.573934] Call Trace: [ 209.574125] [ 209.574296] iommufd_access_destroy_object+0x65/0x170 [ 209.574707] iommufd_object_destroy_user+0x18e/0x220 [ 209.575256] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.575697] iommufd_access_destroy+0x43/0x70 [ 209.576042] iommufd_test_staccess_release+0x8d/0xd0 [ 209.576430] __fput+0x26d/0xa40 [ 209.576691] ____fput+0x1e/0x30 [ 209.576947] task_work_run+0x1a4/0x2d0 [ 209.577249] ? __pfx_task_work_run+0x10/0x10 [ 209.577585] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.577956] ? switch_task_namespaces+0xa9/0xe0 [ 209.578361] do_exit+0xb17/0x2ef0 [ 209.578732] ? lock_acquire+0x427/0x4c0 [ 209.579042] ? __pfx_lock_release+0x10/0x10 [ 209.579381] ? __kasan_check_write+0x18/0x20 [ 209.579716] ? do_raw_spin_lock+0x132/0x2a0 [ 209.580040] ? __pfx_do_exit+0x10/0x10 [ 209.580340] ? debug_smp_processor_id+0x20/0x30 [ 209.580688] ? rcu_is_watching+0x19/0xb0 [ 209.580991] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.581334] ? trace_hardirqs_on+0x26/0x120 [ 209.581661] do_group_exit+0xe0/0x2b0 [ 209.582093] __x64_sys_exit_group+0x47/0x50 [ 209.582419] do_syscall_64+0x3b/0x90 [ 209.582729] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.583150] RIP: 0033:0x7f4b87518a4d [ 209.583434] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.583897] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.584468] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.585004] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.585700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.586234] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.586783] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.587336] [ 209.587515] irq event stamp: 0 [ 209.587753] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.588227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.589011] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.589644] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.590119] ---[ end trace 0000000000000000 ]--- [ 209.590830] ------------[ cut here ]------------ [ 209.591204] WARNING: CPU: 0 PID: 1996 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.592015] Modules linked in: [ 209.592381] CPU: 0 PID: 1996 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.593041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.593888] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.594276] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.596032] RSP: 0018:ffff888023cffb78 EFLAGS: 00010246 [ 209.596439] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.596968] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 209.597500] RBP: ffff888023cffb98 R08: ffffed10047d753e R09: ffffed10047d753e [ 209.598032] R10: ffff888023eba9ef R11: ffffed10047d753d R12: ffff888023ebaa90 [ 209.598714] R13: ffff888023eba8a8 R14: ffffffffffffffff R15: ffff888023cffc60 [ 209.599256] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 209.599860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.600296] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 209.600829] PKRU: 55555554 [ 209.601043] Call Trace: [ 209.601237] [ 209.601412] iommufd_ioas_destroy+0x53/0x70 [ 209.601745] iommufd_fops_release+0x1f7/0x370 [ 209.602092] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.602479] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.602883] ? write_comp_data+0x2f/0x90 [ 209.603217] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.603607] __fput+0x26d/0xa40 [ 209.603875] ____fput+0x1e/0x30 [ 209.604140] task_work_run+0x1a4/0x2d0 [ 209.604452] ? __pfx_task_work_run+0x10/0x10 [ 209.604800] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.605182] ? switch_task_namespaces+0xa9/0xe0 [ 209.605554] do_exit+0xb17/0x2ef0 [ 209.605825] ? lock_acquire+0x427/0x4c0 [ 209.606142] ? __pfx_lock_release+0x10/0x10 [ 209.606485] ? __kasan_check_write+0x18/0x20 [ 209.606849] ? do_raw_spin_lock+0x132/0x2a0 [ 209.607196] ? __pfx_do_exit+0x10/0x10 [ 209.607509] ? debug_smp_processor_id+0x20/0x30 [ 209.607878] ? rcu_is_watching+0x19/0xb0 [ 209.608199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.608556] ? trace_hardirqs_on+0x26/0x120 [ 209.608905] do_group_exit+0xe0/0x2b0 [ 209.609208] __x64_sys_exit_group+0x47/0x50 [ 209.609542] do_syscall_64+0x3b/0x90 [ 209.609842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.610251] RIP: 0033:0x7f4b87518a4d [ 209.610561] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.611039] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.611639] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.612188] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.612739] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.613284] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.613833] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.614391] [ 209.614591] irq event stamp: 0 [ 209.614840] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.615338] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.615988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.616636] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.617121] ---[ end trace 0000000000000000 ]--- [ 209.621791] ------------[ cut here ]------------ [ 209.622174] WARNING: CPU: 0 PID: 1997 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.622994] Modules linked in: [ 209.623263] CPU: 0 PID: 1997 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.623940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.624916] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.625396] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.626844] RSP: 0018:ffff888023cbfbb8 EFLAGS: 00010246 [ 209.627273] RAX: 0000000000000000 RBX: ffff8880149c68a8 RCX: 0000000000000000 [ 209.627825] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 209.628549] RBP: ffff888023cbfbd0 R08: ffffed1002938d33 R09: ffffed1002938d33 [ 209.629095] R10: ffff8880149c6993 R11: ffffed1002938d32 R12: ffff888012c04400 [ 209.629642] R13: ffff8880149c69e8 R14: ffffffff8352e670 R15: ffff888023cbfe68 [ 209.630190] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 209.630859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.631438] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 209.631993] PKRU: 55555554 [ 209.632214] Call Trace: [ 209.632414] [ 209.632592] __iommufd_access_detach+0x1c2/0x2b0 [ 209.632976] iommufd_access_change_pt+0x149/0x270 [ 209.633361] iommufd_access_replace+0xb4/0x120 [ 209.633734] iommufd_test+0x3e5/0x37e0 [ 209.634061] ? lock_release+0x532/0x770 [ 209.634548] ? __might_fault+0x102/0x1b0 [ 209.634878] ? lock_acquire+0x427/0x4c0 [ 209.635205] ? __pfx_iommufd_test+0x10/0x10 [ 209.635544] ? __pfx_lock_release+0x10/0x10 [ 209.635886] ? __pfx_lock_acquire+0x10/0x10 [ 209.636237] ? write_comp_data+0x2f/0x90 [ 209.636567] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.636951] ? write_comp_data+0x2f/0x90 [ 209.637282] iommufd_fops_ioctl+0x37d/0x510 [ 209.637703] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.638191] ? write_comp_data+0x2f/0x90 [ 209.638556] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.638943] __x64_sys_ioctl+0x1a3/0x230 [ 209.639283] do_syscall_64+0x3b/0x90 [ 209.639587] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.639999] RIP: 0033:0x7f4b8743ee5d [ 209.640291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.641878] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.642470] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.643042] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.643605] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.644160] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.644872] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.645430] [ 209.645613] irq event stamp: 0 [ 209.645857] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.646342] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.647014] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.647846] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.648341] ---[ end trace 0000000000000000 ]--- [ 209.651301] ------------[ cut here ]------------ [ 209.651685] WARNING: CPU: 0 PID: 1997 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.652477] Modules linked in: [ 209.652726] CPU: 0 PID: 1997 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.653473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.654440] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.654889] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.656303] RSP: 0018:ffff888023cbfbd0 EFLAGS: 00010246 [ 209.656793] RAX: 0000000000000000 RBX: ffff8880149c68a8 RCX: 0000000000000000 [ 209.657419] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 209.657968] RBP: ffff888023cbfbe8 R08: ffffed1002938d33 R09: ffffed1002938d33 [ 209.658551] R10: ffff8880149c6993 R11: ffffed1002938d32 R12: ffff8880142a5400 [ 209.659105] R13: ffff8880149c69e8 R14: ffff888020806000 R15: 0000000000000000 [ 209.659672] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 209.660306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.660766] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 209.661347] PKRU: 55555554 [ 209.661584] Call Trace: [ 209.661795] [ 209.661983] iommufd_access_destroy_object+0x65/0x170 [ 209.662426] iommufd_object_destroy_user+0x18e/0x220 [ 209.662874] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.663373] iommufd_access_destroy+0x43/0x70 [ 209.663751] iommufd_test_staccess_release+0x8d/0xd0 [ 209.664178] __fput+0x26d/0xa40 [ 209.664462] ____fput+0x1e/0x30 [ 209.664740] task_work_run+0x1a4/0x2d0 [ 209.665070] ? __pfx_task_work_run+0x10/0x10 [ 209.665435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.665839] ? switch_task_namespaces+0xa9/0xe0 [ 209.666232] do_exit+0xb17/0x2ef0 [ 209.666535] ? lock_acquire+0x427/0x4c0 [ 209.666871] ? __pfx_lock_release+0x10/0x10 [ 209.667238] ? __kasan_check_write+0x18/0x20 [ 209.667607] ? do_raw_spin_lock+0x132/0x2a0 [ 209.667960] ? __pfx_do_exit+0x10/0x10 [ 209.668288] ? debug_smp_processor_id+0x20/0x30 [ 209.668673] ? rcu_is_watching+0x19/0xb0 [ 209.669007] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.669384] ? trace_hardirqs_on+0x26/0x120 [ 209.669743] do_group_exit+0xe0/0x2b0 [ 209.670058] __x64_sys_exit_group+0x47/0x50 [ 209.670411] do_syscall_64+0x3b/0x90 [ 209.670748] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.671189] RIP: 0033:0x7f4b87518a4d [ 209.671497] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.672003] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.672620] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.673194] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.673771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.674343] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.674927] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.675516] [ 209.675709] irq event stamp: 0 [ 209.675968] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.676484] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.677165] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.677837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.678344] ---[ end trace 0000000000000000 ]--- [ 209.679384] ------------[ cut here ]------------ [ 209.679897] WARNING: CPU: 1 PID: 1997 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.680823] Modules linked in: [ 209.681146] CPU: 1 PID: 1997 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.682028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.683092] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.683650] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.685410] RSP: 0018:ffff888023cbfb78 EFLAGS: 00010246 [ 209.685899] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.686557] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 209.687312] RBP: ffff888023cbfb98 R08: ffffed1002938d3e R09: ffffed1002938d3e [ 209.687958] R10: ffff8880149c69ef R11: ffffed1002938d3d R12: ffff8880149c6a90 [ 209.688598] R13: ffff8880149c68a8 R14: ffffffffffffffff R15: ffff888023cbfc60 [ 209.689353] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.690077] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.690664] CR2: 00007f82e2ba9000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 209.691376] PKRU: 55555554 [ 209.691636] Call Trace: [ 209.691868] [ 209.692072] iommufd_ioas_destroy+0x53/0x70 [ 209.692518] iommufd_fops_release+0x1f7/0x370 [ 209.693067] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.693525] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.693976] ? write_comp_data+0x2f/0x90 [ 209.694400] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.694934] __fput+0x26d/0xa40 [ 209.695265] ____fput+0x1e/0x30 [ 209.695657] task_work_run+0x1a4/0x2d0 [ 209.696031] ? __pfx_task_work_run+0x10/0x10 [ 209.696501] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.696985] ? switch_task_namespaces+0xa9/0xe0 [ 209.697424] do_exit+0xb17/0x2ef0 [ 209.697755] ? lock_acquire+0x427/0x4c0 [ 209.698156] ? __pfx_lock_release+0x10/0x10 [ 209.698633] ? __kasan_check_write+0x18/0x20 [ 209.699055] ? do_raw_spin_lock+0x132/0x2a0 [ 209.699458] ? __pfx_do_exit+0x10/0x10 [ 209.699824] ? debug_smp_processor_id+0x20/0x30 [ 209.700354] ? rcu_is_watching+0x19/0xb0 [ 209.700729] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.701145] ? trace_hardirqs_on+0x26/0x120 [ 209.701540] do_group_exit+0xe0/0x2b0 [ 209.701946] __x64_sys_exit_group+0x47/0x50 [ 209.702383] do_syscall_64+0x3b/0x90 [ 209.702758] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.703244] RIP: 0033:0x7f4b87518a4d [ 209.703590] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.704252] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.704942] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.705645] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.706338] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.707011] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.707783] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.708437] [ 209.708652] irq event stamp: 0 [ 209.708938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.709630] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.710387] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.711175] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.711744] ---[ end trace 0000000000000000 ]--- [ 209.716600] ------------[ cut here ]------------ [ 209.717153] WARNING: CPU: 1 PID: 1998 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.718067] Modules linked in: [ 209.718380] CPU: 1 PID: 1998 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.719341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.720360] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.720874] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.722617] RSP: 0018:ffff88801884fbb8 EFLAGS: 00010246 [ 209.723178] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 209.723823] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 209.724466] RBP: ffff88801884fbd0 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 209.725309] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff88801226c800 [ 209.725949] R13: ffff888011f649e8 R14: ffffffff8352e670 R15: ffff88801884fe68 [ 209.726669] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.727465] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.727998] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 209.728676] PKRU: 55555554 [ 209.729017] Call Trace: [ 209.729252] [ 209.729461] __iommufd_access_detach+0x1c2/0x2b0 [ 209.729907] iommufd_access_change_pt+0x149/0x270 [ 209.730357] iommufd_access_replace+0xb4/0x120 [ 209.730943] iommufd_test+0x3e5/0x37e0 [ 209.731313] ? lock_release+0x532/0x770 [ 209.731689] ? __might_fault+0x102/0x1b0 [ 209.732065] ? lock_acquire+0x427/0x4c0 [ 209.732441] ? __pfx_iommufd_test+0x10/0x10 [ 209.732894] ? __pfx_lock_release+0x10/0x10 [ 209.733355] ? __pfx_lock_acquire+0x10/0x10 [ 209.733759] ? write_comp_data+0x2f/0x90 [ 209.734137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.734619] ? write_comp_data+0x2f/0x90 [ 209.735047] iommufd_fops_ioctl+0x37d/0x510 [ 209.735561] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.736021] ? write_comp_data+0x2f/0x90 [ 209.736410] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.736896] __x64_sys_ioctl+0x1a3/0x230 [ 209.737365] do_syscall_64+0x3b/0x90 [ 209.737730] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.738230] RIP: 0033:0x7f4b8743ee5d [ 209.738611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.740449] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.741156] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.741949] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.742630] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.743312] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.744100] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.744769] [ 209.744994] irq event stamp: 0 [ 209.745294] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.746039] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.746843] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.747643] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.748368] ---[ end trace 0000000000000000 ]--- [ 209.751430] ------------[ cut here ]------------ [ 209.751996] WARNING: CPU: 1 PID: 1998 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.753078] Modules linked in: [ 209.753387] CPU: 1 PID: 1998 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.754386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.755516] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.756005] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.757947] RSP: 0018:ffff88801884fbd0 EFLAGS: 00010246 [ 209.758618] RAX: 0000000000000000 RBX: ffff888011f648a8 RCX: 0000000000000000 [ 209.759315] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 209.759996] RBP: ffff88801884fbe8 R08: ffffed10023ec933 R09: ffffed10023ec933 [ 209.760779] R10: ffff888011f64993 R11: ffffed10023ec932 R12: ffff888014583800 [ 209.761470] R13: ffff888011f649e8 R14: ffff8880149bd200 R15: 0000000000000000 [ 209.762148] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.763126] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.763696] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 209.764379] PKRU: 55555554 [ 209.764652] Call Trace: [ 209.764978] [ 209.765245] iommufd_access_destroy_object+0x65/0x170 [ 209.765746] iommufd_object_destroy_user+0x18e/0x220 [ 209.766246] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.766860] iommufd_access_destroy+0x43/0x70 [ 209.767470] iommufd_test_staccess_release+0x8d/0xd0 [ 209.767987] __fput+0x26d/0xa40 [ 209.768334] ____fput+0x1e/0x30 [ 209.768673] task_work_run+0x1a4/0x2d0 [ 209.769073] ? __pfx_task_work_run+0x10/0x10 [ 209.769607] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.770187] ? switch_task_namespaces+0xa9/0xe0 [ 209.770694] do_exit+0xb17/0x2ef0 [ 209.771047] ? lock_acquire+0x427/0x4c0 [ 209.771463] ? __pfx_lock_release+0x10/0x10 [ 209.771902] ? __kasan_check_write+0x18/0x20 [ 209.772433] ? do_raw_spin_lock+0x132/0x2a0 [ 209.772933] ? __pfx_do_exit+0x10/0x10 [ 209.773332] ? debug_smp_processor_id+0x20/0x30 [ 209.773801] ? rcu_is_watching+0x19/0xb0 [ 209.774223] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.774825] ? trace_hardirqs_on+0x26/0x120 [ 209.775300] do_group_exit+0xe0/0x2b0 [ 209.775691] __x64_sys_exit_group+0x47/0x50 [ 209.776115] do_syscall_64+0x3b/0x90 [ 209.776497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.777179] RIP: 0033:0x7f4b87518a4d [ 209.777555] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.778163] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.778987] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.779918] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.780654] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.781425] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.782264] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.783044] [ 209.783305] irq event stamp: 0 [ 209.783637] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.784431] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.785291] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.786428] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.787127] ---[ end trace 0000000000000000 ]--- [ 209.788028] ------------[ cut here ]------------ [ 209.788557] WARNING: CPU: 1 PID: 1998 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.789750] Modules linked in: [ 209.790115] CPU: 1 PID: 1998 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.791321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.792547] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.793110] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.795320] RSP: 0018:ffff88801884fb78 EFLAGS: 00010246 [ 209.795912] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.796674] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 209.797434] RBP: ffff88801884fb98 R08: ffffed10023ec93e R09: ffffed10023ec93e [ 209.798195] R10: ffff888011f649ef R11: ffffed10023ec93d R12: ffff888011f64a90 [ 209.798992] R13: ffff888011f648a8 R14: ffffffffffffffff R15: ffff88801884fc60 [ 209.799800] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.800676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.801309] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 209.802086] PKRU: 55555554 [ 209.802401] Call Trace: [ 209.802713] [ 209.802967] iommufd_ioas_destroy+0x53/0x70 [ 209.803466] iommufd_fops_release+0x1f7/0x370 [ 209.803958] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.804503] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.805041] ? write_comp_data+0x2f/0x90 [ 209.805492] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.806037] __fput+0x26d/0xa40 [ 209.806419] ____fput+0x1e/0x30 [ 209.806827] task_work_run+0x1a4/0x2d0 [ 209.807281] ? __pfx_task_work_run+0x10/0x10 [ 209.807772] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.808314] ? switch_task_namespaces+0xa9/0xe0 [ 209.808843] do_exit+0xb17/0x2ef0 [ 209.809226] ? lock_acquire+0x427/0x4c0 [ 209.809673] ? __pfx_lock_release+0x10/0x10 [ 209.810157] ? __kasan_check_write+0x18/0x20 [ 209.810683] ? do_raw_spin_lock+0x132/0x2a0 [ 209.811180] ? __pfx_do_exit+0x10/0x10 [ 209.811634] ? debug_smp_processor_id+0x20/0x30 [ 209.812223] ? rcu_is_watching+0x19/0xb0 [ 209.812824] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.813332] ? trace_hardirqs_on+0x26/0x120 [ 209.813823] do_group_exit+0xe0/0x2b0 [ 209.814250] __x64_sys_exit_group+0x47/0x50 [ 209.814775] do_syscall_64+0x3b/0x90 [ 209.815305] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.815950] RIP: 0033:0x7f4b87518a4d [ 209.816360] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.817044] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.818061] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.818874] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.819671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.820729] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.821549] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.822328] [ 209.822624] irq event stamp: 0 [ 209.822970] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.823670] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.824580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.825482] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.826166] ---[ end trace 0000000000000000 ]--- [ 209.831478] ------------[ cut here ]------------ [ 209.832057] WARNING: CPU: 1 PID: 1999 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.833143] Modules linked in: [ 209.833488] CPU: 1 PID: 1999 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.834423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.835907] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.836457] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.838359] RSP: 0018:ffff888018457bb8 EFLAGS: 00010246 [ 209.838952] RAX: 0000000000000000 RBX: ffff88802192b0a8 RCX: 0000000000000000 [ 209.839723] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 209.840461] RBP: ffff888018457bd0 R08: ffffed1004325633 R09: ffffed1004325633 [ 209.841197] R10: ffff88802192b193 R11: ffffed1004325632 R12: ffff88800a726000 [ 209.841946] R13: ffff88802192b1e8 R14: ffffffff8352e670 R15: ffff888018457e68 [ 209.842720] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.843564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.844166] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 209.844902] PKRU: 55555554 [ 209.845191] Call Trace: [ 209.845455] [ 209.845692] __iommufd_access_detach+0x1c2/0x2b0 [ 209.846201] iommufd_access_change_pt+0x149/0x270 [ 209.846747] iommufd_access_replace+0xb4/0x120 [ 209.847247] iommufd_test+0x3e5/0x37e0 [ 209.847655] ? lock_release+0x532/0x770 [ 209.848076] ? __might_fault+0x102/0x1b0 [ 209.848503] ? lock_acquire+0x427/0x4c0 [ 209.848921] ? __pfx_iommufd_test+0x10/0x10 [ 209.849368] ? __pfx_lock_release+0x10/0x10 [ 209.849823] ? __pfx_lock_acquire+0x10/0x10 [ 209.850288] ? write_comp_data+0x2f/0x90 [ 209.850756] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.851280] ? write_comp_data+0x2f/0x90 [ 209.851723] iommufd_fops_ioctl+0x37d/0x510 [ 209.852188] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.852710] ? write_comp_data+0x2f/0x90 [ 209.853220] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.853723] __x64_sys_ioctl+0x1a3/0x230 [ 209.854160] do_syscall_64+0x3b/0x90 [ 209.854606] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.855170] RIP: 0033:0x7f4b8743ee5d [ 209.855559] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.857422] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.858203] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.858965] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.859714] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.860449] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.861188] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.861932] [ 209.862176] irq event stamp: 0 [ 209.862539] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.863214] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.864089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.864967] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.865624] ---[ end trace 0000000000000000 ]--- [ 209.868812] ------------[ cut here ]------------ [ 209.869342] WARNING: CPU: 1 PID: 1999 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.870381] Modules linked in: [ 209.870748] CPU: 1 PID: 1999 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.871672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.872832] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.873349] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.875267] RSP: 0018:ffff888018457bd0 EFLAGS: 00010246 [ 209.875828] RAX: 0000000000000000 RBX: ffff88802192b0a8 RCX: 0000000000000000 [ 209.876564] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 209.877300] RBP: ffff888018457be8 R08: ffffed1004325633 R09: ffffed1004325633 [ 209.878022] R10: ffff88802192b193 R11: ffffed1004325632 R12: ffff88801226ec00 [ 209.878782] R13: ffff88802192b1e8 R14: ffff88800f19e200 R15: 0000000000000000 [ 209.879515] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.880344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.880940] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.881671] PKRU: 55555554 [ 209.881971] Call Trace: [ 209.882239] [ 209.882480] iommufd_access_destroy_object+0x65/0x170 [ 209.883056] iommufd_object_destroy_user+0x18e/0x220 [ 209.883595] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 209.884192] iommufd_access_destroy+0x43/0x70 [ 209.884668] iommufd_test_staccess_release+0x8d/0xd0 [ 209.885286] __fput+0x26d/0xa40 [ 209.885641] ____fput+0x1e/0x30 [ 209.885995] task_work_run+0x1a4/0x2d0 [ 209.886407] ? __pfx_task_work_run+0x10/0x10 [ 209.886910] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.887445] ? switch_task_namespaces+0xa9/0xe0 [ 209.887958] do_exit+0xb17/0x2ef0 [ 209.888322] ? lock_acquire+0x427/0x4c0 [ 209.888743] ? __pfx_lock_release+0x10/0x10 [ 209.889203] ? __kasan_check_write+0x18/0x20 [ 209.889669] ? do_raw_spin_lock+0x132/0x2a0 [ 209.890129] ? __pfx_do_exit+0x10/0x10 [ 209.890590] ? debug_smp_processor_id+0x20/0x30 [ 209.891097] ? rcu_is_watching+0x19/0xb0 [ 209.891546] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.892026] ? trace_hardirqs_on+0x26/0x120 [ 209.892494] do_group_exit+0xe0/0x2b0 [ 209.892900] __x64_sys_exit_group+0x47/0x50 [ 209.893347] do_syscall_64+0x3b/0x90 [ 209.893742] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.894285] RIP: 0033:0x7f4b87518a4d [ 209.894711] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.895363] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.896158] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.896908] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.897649] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.898382] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.899184] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.899949] [ 209.900197] irq event stamp: 0 [ 209.900523] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.901177] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.902041] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.902935] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.903620] ---[ end trace 0000000000000000 ]--- [ 209.904488] ------------[ cut here ]------------ [ 209.904980] WARNING: CPU: 1 PID: 1999 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 209.906036] Modules linked in: [ 209.906371] CPU: 1 PID: 1999 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.907318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.908479] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 209.909009] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 209.910911] RSP: 0018:ffff888018457b78 EFLAGS: 00010246 [ 209.911490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 209.912218] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 209.912952] RBP: ffff888018457b98 R08: ffffed100432563e R09: ffffed100432563e [ 209.913681] R10: ffff88802192b1ef R11: ffffed100432563d R12: ffff88802192b290 [ 209.914409] R13: ffff88802192b0a8 R14: ffffffffffffffff R15: ffff888018457c60 [ 209.915209] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.916051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.916671] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.917470] PKRU: 55555554 [ 209.917764] Call Trace: [ 209.918026] [ 209.918260] iommufd_ioas_destroy+0x53/0x70 [ 209.918743] iommufd_fops_release+0x1f7/0x370 [ 209.919219] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.919739] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.920245] ? write_comp_data+0x2f/0x90 [ 209.920680] ? __pfx_iommufd_fops_release+0x10/0x10 [ 209.921201] __fput+0x26d/0xa40 [ 209.921564] ____fput+0x1e/0x30 [ 209.921931] task_work_run+0x1a4/0x2d0 [ 209.922350] ? __pfx_task_work_run+0x10/0x10 [ 209.922850] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.923381] ? switch_task_namespaces+0xa9/0xe0 [ 209.923881] do_exit+0xb17/0x2ef0 [ 209.924242] ? lock_acquire+0x427/0x4c0 [ 209.924666] ? __pfx_lock_release+0x10/0x10 [ 209.925124] ? __kasan_check_write+0x18/0x20 [ 209.925581] ? do_raw_spin_lock+0x132/0x2a0 [ 209.926037] ? __pfx_do_exit+0x10/0x10 [ 209.926459] ? debug_smp_processor_id+0x20/0x30 [ 209.926990] ? rcu_is_watching+0x19/0xb0 [ 209.927439] ? _raw_spin_unlock_irq+0x2b/0x60 [ 209.927917] ? trace_hardirqs_on+0x26/0x120 [ 209.928373] do_group_exit+0xe0/0x2b0 [ 209.928775] __x64_sys_exit_group+0x47/0x50 [ 209.929222] do_syscall_64+0x3b/0x90 [ 209.929629] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.930172] RIP: 0033:0x7f4b87518a4d [ 209.930598] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 209.931259] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 209.932041] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 209.932776] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 209.933513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 209.934253] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 209.935023] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 209.935797] [ 209.936041] irq event stamp: 0 [ 209.936367] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.937010] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.937866] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.938750] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.939420] ---[ end trace 0000000000000000 ]--- [ 209.944853] ------------[ cut here ]------------ [ 209.945432] WARNING: CPU: 1 PID: 2000 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.946604] Modules linked in: [ 209.946958] CPU: 1 PID: 2000 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.947918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.949225] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.949772] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.951813] RSP: 0018:ffff888017197bb8 EFLAGS: 00010246 [ 209.952403] RAX: 0000000000000000 RBX: ffff888023cbf8a8 RCX: 0000000000000000 [ 209.953175] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 209.953964] RBP: ffff888017197bd0 R08: ffffed1004797f33 R09: ffffed1004797f33 [ 209.954765] R10: ffff888023cbf993 R11: ffffed1004797f32 R12: ffff88800ae91800 [ 209.955561] R13: ffff888023cbf9e8 R14: ffffffff8352e670 R15: ffff888017197e68 [ 209.956342] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.957224] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.957854] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 209.958671] PKRU: 55555554 [ 209.958988] Call Trace: [ 209.959280] [ 209.959528] __iommufd_access_detach+0x1c2/0x2b0 [ 209.960063] iommufd_access_change_pt+0x149/0x270 [ 209.960597] iommufd_access_replace+0xb4/0x120 [ 209.961103] iommufd_test+0x3e5/0x37e0 [ 209.961526] ? lock_release+0x532/0x770 [ 209.961979] ? __might_fault+0x102/0x1b0 [ 209.962446] ? lock_acquire+0x427/0x4c0 [ 209.962947] ? __pfx_iommufd_test+0x10/0x10 [ 209.963438] ? __pfx_lock_release+0x10/0x10 [ 209.963915] ? __pfx_lock_acquire+0x10/0x10 [ 209.964395] ? write_comp_data+0x2f/0x90 [ 209.964848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 209.965388] ? write_comp_data+0x2f/0x90 [ 209.965839] iommufd_fops_ioctl+0x37d/0x510 [ 209.966311] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.966872] ? write_comp_data+0x2f/0x90 [ 209.967364] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 209.967892] __x64_sys_ioctl+0x1a3/0x230 [ 209.968351] do_syscall_64+0x3b/0x90 [ 209.968772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 209.969344] RIP: 0033:0x7f4b8743ee5d [ 209.969756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 209.971799] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 209.972641] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 209.973413] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 209.974194] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 209.975009] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 209.975816] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 209.976596] [ 209.976850] irq event stamp: 0 [ 209.977192] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 209.977873] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 209.978799] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 209.979729] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 209.980409] ---[ end trace 0000000000000000 ]--- [ 209.983707] ------------[ cut here ]------------ [ 209.984262] WARNING: CPU: 1 PID: 2000 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 209.985367] Modules linked in: [ 209.985712] CPU: 1 PID: 2000 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 209.986693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 209.987926] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 209.988467] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 209.990448] RSP: 0018:ffff888017197bd0 EFLAGS: 00010246 [ 209.991059] RAX: 0000000000000000 RBX: ffff888023cbf8a8 RCX: 0000000000000000 [ 209.991847] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 209.992761] RBP: ffff888017197be8 R08: ffffed1004797f33 R09: ffffed1004797f33 [ 209.993508] R10: ffff888023cbf993 R11: ffffed1004797f32 R12: ffff88800a724000 [ 209.994296] R13: ffff888023cbf9e8 R14: ffff88800af28000 R15: 0000000000000000 [ 209.995083] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 209.995960] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.996579] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 209.997343] PKRU: 55555554 [ 209.997648] Call Trace: [ 209.997924] [ 209.998163] iommufd_access_destroy_object+0x65/0x170 [ 209.998761] iommufd_object_destroy_user+0x18e/0x220 [ 209.999375] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.000010] iommufd_access_destroy+0x43/0x70 [ 210.000505] iommufd_test_staccess_release+0x8d/0xd0 [ 210.001064] __fput+0x26d/0xa40 [ 210.001443] ____fput+0x1e/0x30 [ 210.001807] task_work_run+0x1a4/0x2d0 [ 210.002237] ? __pfx_task_work_run+0x10/0x10 [ 210.002749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.003293] ? switch_task_namespaces+0xa9/0xe0 [ 210.003801] do_exit+0xb17/0x2ef0 [ 210.004170] ? lock_acquire+0x427/0x4c0 [ 210.004604] ? __pfx_lock_release+0x10/0x10 [ 210.005077] ? __kasan_check_write+0x18/0x20 [ 210.005566] ? do_raw_spin_lock+0x132/0x2a0 [ 210.006038] ? __pfx_do_exit+0x10/0x10 [ 210.006476] ? debug_smp_processor_id+0x20/0x30 [ 210.007026] ? rcu_is_watching+0x19/0xb0 [ 210.007492] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.007989] ? trace_hardirqs_on+0x26/0x120 [ 210.008469] do_group_exit+0xe0/0x2b0 [ 210.008883] __x64_sys_exit_group+0x47/0x50 [ 210.009349] do_syscall_64+0x3b/0x90 [ 210.009767] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.010338] RIP: 0033:0x7f4b87518a4d [ 210.010775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.011466] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.012287] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.013142] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.013927] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.014743] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.015543] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.016307] [ 210.016559] irq event stamp: 0 [ 210.016896] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.017587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.018547] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.019481] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.020157] ---[ end trace 0000000000000000 ]--- [ 210.021046] ------------[ cut here ]------------ [ 210.021569] WARNING: CPU: 1 PID: 2000 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.022716] Modules linked in: [ 210.023072] CPU: 1 PID: 2000 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.024031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.025245] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.025803] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.027822] RSP: 0018:ffff888017197b78 EFLAGS: 00010246 [ 210.028421] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.029310] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 210.030080] RBP: ffff888017197b98 R08: ffffed1004797f3e R09: ffffed1004797f3e [ 210.030881] R10: ffff888023cbf9ef R11: ffffed1004797f3d R12: ffff888023cbfa90 [ 210.031677] R13: ffff888023cbf8a8 R14: ffffffffffffffff R15: ffff888017197c60 [ 210.032444] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.033318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.033942] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.034764] PKRU: 55555554 [ 210.035079] Call Trace: [ 210.035368] [ 210.035613] iommufd_ioas_destroy+0x53/0x70 [ 210.036097] iommufd_fops_release+0x1f7/0x370 [ 210.036594] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.037135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.037679] ? write_comp_data+0x2f/0x90 [ 210.038131] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.038705] __fput+0x26d/0xa40 [ 210.039079] ____fput+0x1e/0x30 [ 210.039458] task_work_run+0x1a4/0x2d0 [ 210.039883] ? __pfx_task_work_run+0x10/0x10 [ 210.040368] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.040903] ? switch_task_namespaces+0xa9/0xe0 [ 210.041414] do_exit+0xb17/0x2ef0 [ 210.041793] ? lock_acquire+0x427/0x4c0 [ 210.042236] ? __pfx_lock_release+0x10/0x10 [ 210.042741] ? __kasan_check_write+0x18/0x20 [ 210.043258] ? do_raw_spin_lock+0x132/0x2a0 [ 210.043733] ? __pfx_do_exit+0x10/0x10 [ 210.044165] ? debug_smp_processor_id+0x20/0x30 [ 210.044671] ? rcu_is_watching+0x19/0xb0 [ 210.045171] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.045661] ? trace_hardirqs_on+0x26/0x120 [ 210.046125] do_group_exit+0xe0/0x2b0 [ 210.046567] __x64_sys_exit_group+0x47/0x50 [ 210.047033] do_syscall_64+0x3b/0x90 [ 210.047453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.048010] RIP: 0033:0x7f4b87518a4d [ 210.048413] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.049067] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.049892] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.050707] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.051497] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.052247] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.053004] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.053764] [ 210.054015] irq event stamp: 0 [ 210.054350] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.055051] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.055954] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.056844] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.057515] ---[ end trace 0000000000000000 ]--- [ 210.063077] ------------[ cut here ]------------ [ 210.063671] WARNING: CPU: 1 PID: 2001 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.064750] Modules linked in: [ 210.065099] CPU: 1 PID: 2001 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.066029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.067342] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.067892] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.069839] RSP: 0018:ffff88801629fbb8 EFLAGS: 00010246 [ 210.070408] RAX: 0000000000000000 RBX: ffff88800f3af0a8 RCX: 0000000000000000 [ 210.071222] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 210.072010] RBP: ffff88801629fbd0 R08: ffffed1001e75e33 R09: ffffed1001e75e33 [ 210.072777] R10: ffff88800f3af193 R11: ffffed1001e75e32 R12: ffff888012e90000 [ 210.073536] R13: ffff88800f3af1e8 R14: ffffffff8352e670 R15: ffff88801629fe68 [ 210.074304] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.075348] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.076038] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 210.076805] PKRU: 55555554 [ 210.077199] Call Trace: [ 210.077478] [ 210.077721] __iommufd_access_detach+0x1c2/0x2b0 [ 210.078244] iommufd_access_change_pt+0x149/0x270 [ 210.079026] iommufd_access_replace+0xb4/0x120 [ 210.079560] iommufd_test+0x3e5/0x37e0 [ 210.079983] ? lock_release+0x532/0x770 [ 210.080421] ? __might_fault+0x102/0x1b0 [ 210.080865] ? lock_acquire+0x427/0x4c0 [ 210.081307] ? __pfx_iommufd_test+0x10/0x10 [ 210.081779] ? __pfx_lock_release+0x10/0x10 [ 210.082248] ? __pfx_lock_acquire+0x10/0x10 [ 210.082761] ? write_comp_data+0x2f/0x90 [ 210.083353] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.084023] ? write_comp_data+0x2f/0x90 [ 210.084478] iommufd_fops_ioctl+0x37d/0x510 [ 210.084949] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.085474] ? write_comp_data+0x2f/0x90 [ 210.085920] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.086450] __x64_sys_ioctl+0x1a3/0x230 [ 210.086947] do_syscall_64+0x3b/0x90 [ 210.087382] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.088074] RIP: 0033:0x7f4b8743ee5d [ 210.088568] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.090584] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.091442] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.092452] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.093222] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.093986] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.094793] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.095667] [ 210.095987] irq event stamp: 0 [ 210.096427] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.097109] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.098022] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.098960] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.099902] ---[ end trace 0000000000000000 ]--- [ 210.103233] ------------[ cut here ]------------ [ 210.103798] WARNING: CPU: 1 PID: 2001 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.105118] Modules linked in: [ 210.105487] CPU: 1 PID: 2001 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.106416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.107673] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.108217] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.110481] RSP: 0018:ffff88801629fbd0 EFLAGS: 00010246 [ 210.111106] RAX: 0000000000000000 RBX: ffff88800f3af0a8 RCX: 0000000000000000 [ 210.111895] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 210.112775] RBP: ffff88801629fbe8 R08: ffffed1001e75e33 R09: ffffed1001e75e33 [ 210.113609] R10: ffff88800f3af193 R11: ffffed1001e75e32 R12: ffff88800ae90000 [ 210.114400] R13: ffff88800f3af1e8 R14: ffff8880122eae00 R15: 0000000000000000 [ 210.115297] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.116206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.117054] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.117843] PKRU: 55555554 [ 210.118167] Call Trace: [ 210.118451] [ 210.118755] iommufd_access_destroy_object+0x65/0x170 [ 210.119357] iommufd_object_destroy_user+0x18e/0x220 [ 210.119933] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.120674] iommufd_access_destroy+0x43/0x70 [ 210.121294] iommufd_test_staccess_release+0x8d/0xd0 [ 210.121882] __fput+0x26d/0xa40 [ 210.122278] ____fput+0x1e/0x30 [ 210.122706] task_work_run+0x1a4/0x2d0 [ 210.123164] ? __pfx_task_work_run+0x10/0x10 [ 210.123670] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.124221] ? switch_task_namespaces+0xa9/0xe0 [ 210.124762] do_exit+0xb17/0x2ef0 [ 210.125283] ? lock_acquire+0x427/0x4c0 [ 210.125845] ? __pfx_lock_release+0x10/0x10 [ 210.126338] ? __kasan_check_write+0x18/0x20 [ 210.126890] ? do_raw_spin_lock+0x132/0x2a0 [ 210.127422] ? __pfx_do_exit+0x10/0x10 [ 210.127878] ? debug_smp_processor_id+0x20/0x30 [ 210.128409] ? rcu_is_watching+0x19/0xb0 [ 210.128872] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.129472] ? trace_hardirqs_on+0x26/0x120 [ 210.130073] do_group_exit+0xe0/0x2b0 [ 210.130501] __x64_sys_exit_group+0x47/0x50 [ 210.131031] do_syscall_64+0x3b/0x90 [ 210.131479] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.132071] RIP: 0033:0x7f4b87518a4d [ 210.132486] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.133176] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.134219] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.135049] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.135868] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.136675] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.137471] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.138499] [ 210.138804] irq event stamp: 0 [ 210.139170] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.139872] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.140796] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.141808] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.142773] ---[ end trace 0000000000000000 ]--- [ 210.143706] ------------[ cut here ]------------ [ 210.144239] WARNING: CPU: 1 PID: 2001 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.145592] Modules linked in: [ 210.145964] CPU: 1 PID: 2001 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.146984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.148510] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.149093] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.151379] RSP: 0018:ffff88801629fb78 EFLAGS: 00010246 [ 210.151992] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.152785] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 210.153783] RBP: ffff88801629fb98 R08: ffffed1001e75e3e R09: ffffed1001e75e3e [ 210.154609] R10: ffff88800f3af1ef R11: ffffed1001e75e3d R12: ffff88800f3af290 [ 210.155426] R13: ffff88800f3af0a8 R14: ffffffffffffffff R15: ffff88801629fc60 [ 210.156337] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.157353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.158005] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.158962] PKRU: 55555554 [ 210.159402] Call Trace: [ 210.159692] [ 210.159950] iommufd_ioas_destroy+0x53/0x70 [ 210.160438] iommufd_fops_release+0x1f7/0x370 [ 210.160940] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.161535] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.162215] ? write_comp_data+0x2f/0x90 [ 210.162730] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.163305] __fput+0x26d/0xa40 [ 210.163691] ____fput+0x1e/0x30 [ 210.164071] task_work_run+0x1a4/0x2d0 [ 210.164628] ? __pfx_task_work_run+0x10/0x10 [ 210.165255] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.165814] ? switch_task_namespaces+0xa9/0xe0 [ 210.166347] do_exit+0xb17/0x2ef0 [ 210.166778] ? lock_acquire+0x427/0x4c0 [ 210.167494] ? __pfx_lock_release+0x10/0x10 [ 210.167990] ? __kasan_check_write+0x18/0x20 [ 210.168488] ? do_raw_spin_lock+0x132/0x2a0 [ 210.168972] ? __pfx_do_exit+0x10/0x10 [ 210.169424] ? debug_smp_processor_id+0x20/0x30 [ 210.170054] ? rcu_is_watching+0x19/0xb0 [ 210.170658] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.171190] ? trace_hardirqs_on+0x26/0x120 [ 210.171682] do_group_exit+0xe0/0x2b0 [ 210.172109] __x64_sys_exit_group+0x47/0x50 [ 210.172617] do_syscall_64+0x3b/0x90 [ 210.173294] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.173890] RIP: 0033:0x7f4b87518a4d [ 210.174312] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.175073] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.176449] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.177390] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.178316] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.179386] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.180775] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.181765] [ 210.182096] irq event stamp: 0 [ 210.182598] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.183495] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.184899] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.185988] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.186883] ---[ end trace 0000000000000000 ]--- [ 210.193816] ------------[ cut here ]------------ [ 210.194600] WARNING: CPU: 1 PID: 2002 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.196037] Modules linked in: [ 210.196466] CPU: 1 PID: 2002 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.197770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.199328] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.200107] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.202781] RSP: 0018:ffff888014bf7bb8 EFLAGS: 00010246 [ 210.203523] RAX: 0000000000000000 RBX: ffff888023ea10a8 RCX: 0000000000000000 [ 210.204479] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 210.205608] RBP: ffff888014bf7bd0 R08: ffffed10047d4233 R09: ffffed10047d4233 [ 210.206634] R10: ffff888023ea1193 R11: ffffed10047d4232 R12: ffff888014111800 [ 210.207721] R13: ffff888023ea11e8 R14: ffffffff8352e670 R15: ffff888014bf7e68 [ 210.208743] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.209846] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.210791] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 210.211776] PKRU: 55555554 [ 210.212165] Call Trace: [ 210.212522] [ 210.212981] __iommufd_access_detach+0x1c2/0x2b0 [ 210.213657] iommufd_access_change_pt+0x149/0x270 [ 210.214330] iommufd_access_replace+0xb4/0x120 [ 210.215064] iommufd_test+0x3e5/0x37e0 [ 210.215682] ? lock_release+0x532/0x770 [ 210.216243] ? __might_fault+0x102/0x1b0 [ 210.216809] ? lock_acquire+0x427/0x4c0 [ 210.217366] ? __pfx_iommufd_test+0x10/0x10 [ 210.218134] ? __pfx_lock_release+0x10/0x10 [ 210.218783] ? __pfx_lock_acquire+0x10/0x10 [ 210.219411] ? write_comp_data+0x2f/0x90 [ 210.219984] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.220765] ? write_comp_data+0x2f/0x90 [ 210.221472] iommufd_fops_ioctl+0x37d/0x510 [ 210.222070] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.222797] ? write_comp_data+0x2f/0x90 [ 210.223418] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.224244] __x64_sys_ioctl+0x1a3/0x230 [ 210.224816] do_syscall_64+0x3b/0x90 [ 210.225346] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.226267] RIP: 0033:0x7f4b8743ee5d [ 210.226834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.229520] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.230596] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.231684] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.232771] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.233730] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.234947] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.235951] [ 210.236278] irq event stamp: 0 [ 210.236786] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.237754] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.238935] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.240291] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.241139] ---[ end trace 0000000000000000 ]--- [ 210.246268] ------------[ cut here ]------------ [ 210.247391] WARNING: CPU: 1 PID: 2002 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.248855] Modules linked in: [ 210.249301] CPU: 1 PID: 2002 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.250755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.252300] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.253207] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.255923] RSP: 0018:ffff888014bf7bd0 EFLAGS: 00010246 [ 210.256650] RAX: 0000000000000000 RBX: ffff888023ea10a8 RCX: 0000000000000000 [ 210.257641] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 210.258815] RBP: ffff888014bf7be8 R08: ffffed10047d4233 R09: ffffed10047d4233 [ 210.259792] R10: ffff888023ea1193 R11: ffffed10047d4232 R12: ffff888012e93800 [ 210.260972] R13: ffff888023ea11e8 R14: ffff88800f979e00 R15: 0000000000000000 [ 210.261906] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.263072] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.263973] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.264937] PKRU: 55555554 [ 210.265324] Call Trace: [ 210.265734] [ 210.266194] iommufd_access_destroy_object+0x65/0x170 [ 210.266971] iommufd_object_destroy_user+0x18e/0x220 [ 210.267695] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.268490] iommufd_access_destroy+0x43/0x70 [ 210.269112] iommufd_test_staccess_release+0x8d/0xd0 [ 210.269820] __fput+0x26d/0xa40 [ 210.270303] ____fput+0x1e/0x30 [ 210.270830] task_work_run+0x1a4/0x2d0 [ 210.271410] ? __pfx_task_work_run+0x10/0x10 [ 210.272025] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.272701] ? switch_task_namespaces+0xa9/0xe0 [ 210.273360] do_exit+0xb17/0x2ef0 [ 210.273840] ? lock_acquire+0x427/0x4c0 [ 210.274401] ? __pfx_lock_release+0x10/0x10 [ 210.275053] ? __kasan_check_write+0x18/0x20 [ 210.275688] ? do_raw_spin_lock+0x132/0x2a0 [ 210.276286] ? __pfx_do_exit+0x10/0x10 [ 210.276830] ? debug_smp_processor_id+0x20/0x30 [ 210.277467] ? rcu_is_watching+0x19/0xb0 [ 210.278024] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.278691] ? trace_hardirqs_on+0x26/0x120 [ 210.279313] do_group_exit+0xe0/0x2b0 [ 210.279837] __x64_sys_exit_group+0x47/0x50 [ 210.280422] do_syscall_64+0x3b/0x90 [ 210.280944] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.281657] RIP: 0033:0x7f4b87518a4d [ 210.282166] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.283023] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.284054] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.285021] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.285984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.287000] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.287981] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.288931] [ 210.289245] irq event stamp: 0 [ 210.289663] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.290482] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.291665] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.292580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.293256] ---[ end trace 0000000000000000 ]--- [ 210.294159] ------------[ cut here ]------------ [ 210.294738] WARNING: CPU: 1 PID: 2002 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.295872] Modules linked in: [ 210.296233] CPU: 1 PID: 2002 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.297183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.298405] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.299000] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.301068] RSP: 0018:ffff888014bf7b78 EFLAGS: 00010246 [ 210.301666] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.302450] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 210.303290] RBP: ffff888014bf7b98 R08: ffffed10047d423e R09: ffffed10047d423e [ 210.304035] R10: ffff888023ea11ef R11: ffffed10047d423d R12: ffff888023ea1290 [ 210.304774] R13: ffff888023ea10a8 R14: ffffffffffffffff R15: ffff888014bf7c60 [ 210.305516] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.306347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.307002] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.307756] PKRU: 55555554 [ 210.308056] Call Trace: [ 210.308335] [ 210.308581] iommufd_ioas_destroy+0x53/0x70 [ 210.309038] iommufd_fops_release+0x1f7/0x370 [ 210.309524] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.310080] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.310710] ? write_comp_data+0x2f/0x90 [ 210.311196] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.311735] __fput+0x26d/0xa40 [ 210.312116] ____fput+0x1e/0x30 [ 210.312484] task_work_run+0x1a4/0x2d0 [ 210.312915] ? __pfx_task_work_run+0x10/0x10 [ 210.313397] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.313923] ? switch_task_namespaces+0xa9/0xe0 [ 210.314430] do_exit+0xb17/0x2ef0 [ 210.314857] ? lock_acquire+0x427/0x4c0 [ 210.315306] ? __pfx_lock_release+0x10/0x10 [ 210.315771] ? __kasan_check_write+0x18/0x20 [ 210.316264] ? do_raw_spin_lock+0x132/0x2a0 [ 210.316764] ? __pfx_do_exit+0x10/0x10 [ 210.317225] ? debug_smp_processor_id+0x20/0x30 [ 210.317763] ? rcu_is_watching+0x19/0xb0 [ 210.318237] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.318824] ? trace_hardirqs_on+0x26/0x120 [ 210.319353] do_group_exit+0xe0/0x2b0 [ 210.319783] __x64_sys_exit_group+0x47/0x50 [ 210.320253] do_syscall_64+0x3b/0x90 [ 210.320680] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.321253] RIP: 0033:0x7f4b87518a4d [ 210.321673] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.322352] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.323254] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.324031] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.324800] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.325579] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.326345] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.327202] [ 210.327468] irq event stamp: 0 [ 210.327819] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.328500] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.329404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.330313] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.331049] ---[ end trace 0000000000000000 ]--- [ 210.335617] ------------[ cut here ]------------ [ 210.336213] WARNING: CPU: 1 PID: 2003 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.337311] Modules linked in: [ 210.337656] CPU: 1 PID: 2003 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.338712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.340114] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.340664] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.342683] RSP: 0018:ffff88801629fbb8 EFLAGS: 00010246 [ 210.343281] RAX: 0000000000000000 RBX: ffff88800cb9c8a8 RCX: 0000000000000000 [ 210.344269] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 210.345045] RBP: ffff88801629fbd0 R08: ffffed1001973933 R09: ffffed1001973933 [ 210.345813] R10: ffff88800cb9c993 R11: ffffed1001973932 R12: ffff888014443c00 [ 210.346626] R13: ffff88800cb9c9e8 R14: ffffffff8352e670 R15: ffff88801629fe68 [ 210.347413] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.348468] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.349102] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 210.349873] PKRU: 55555554 [ 210.350182] Call Trace: [ 210.350460] [ 210.350749] __iommufd_access_detach+0x1c2/0x2b0 [ 210.350984] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 210.351324] iommufd_access_change_pt+0x149/0x270 [ 210.354017] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 210.354556] iommufd_access_replace+0xb4/0x120 [ 210.354588] iommufd_test+0x3e5/0x37e0 [ 210.357356] ? lock_release+0x532/0x770 [ 210.357804] ? __might_fault+0x102/0x1b0 [ 210.358254] ? lock_acquire+0x427/0x4c0 [ 210.358732] ? __pfx_iommufd_test+0x10/0x10 [ 210.359214] ? __pfx_lock_release+0x10/0x10 [ 210.359692] ? __pfx_lock_acquire+0x10/0x10 [ 210.360173] ? write_comp_data+0x2f/0x90 [ 210.360624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.361156] ? write_comp_data+0x2f/0x90 [ 210.361606] iommufd_fops_ioctl+0x37d/0x510 [ 210.362080] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.362644] ? write_comp_data+0x2f/0x90 [ 210.363108] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.364146] __x64_sys_ioctl+0x1a3/0x230 [ 210.364720] do_syscall_64+0x3b/0x90 [ 210.365226] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.365914] RIP: 0033:0x7f4b8743ee5d [ 210.366410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.369082] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.370078] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.371027] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.371975] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.372912] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.373849] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.374834] [ 210.375168] irq event stamp: 0 [ 210.375600] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.376429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.377522] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.378897] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.379735] ---[ end trace 0000000000000000 ]--- [ 210.391373] ------------[ cut here ]------------ [ 210.392049] WARNING: CPU: 1 PID: 2003 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.393364] Modules linked in: [ 210.393789] CPU: 1 PID: 2003 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.394981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.396460] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.397106] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.399739] RSP: 0018:ffff88801629fbd0 EFLAGS: 00010246 [ 210.400465] RAX: 0000000000000000 RBX: ffff88800cb9c8a8 RCX: 0000000000000000 [ 210.401636] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 210.402632] RBP: ffff88801629fbe8 R08: ffffed1001973933 R09: ffffed1001973933 [ 210.403589] R10: ffff88800cb9c993 R11: ffffed1001973932 R12: ffff888014111000 [ 210.404731] R13: ffff88800cb9c9e8 R14: ffff8880135c1000 R15: 0000000000000000 [ 210.405685] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.406793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.407591] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 210.408545] PKRU: 55555554 [ 210.408922] Call Trace: [ 210.409260] [ 210.409564] iommufd_access_destroy_object+0x65/0x170 [ 210.410268] iommufd_object_destroy_user+0x18e/0x220 [ 210.411029] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.411834] iommufd_access_destroy+0x43/0x70 [ 210.412460] iommufd_test_staccess_release+0x8d/0xd0 [ 210.413169] __fput+0x26d/0xa40 [ 210.413646] ____fput+0x1e/0x30 [ 210.414110] task_work_run+0x1a4/0x2d0 [ 210.414735] ? __pfx_task_work_run+0x10/0x10 [ 210.415364] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.416038] ? switch_task_namespaces+0xa9/0xe0 [ 210.416689] do_exit+0xb17/0x2ef0 [ 210.417163] ? lock_acquire+0x427/0x4c0 [ 210.417716] ? __pfx_lock_release+0x10/0x10 [ 210.418315] ? __kasan_check_write+0x18/0x20 [ 210.419234] ? do_raw_spin_lock+0x132/0x2a0 [ 210.419830] ? __pfx_do_exit+0x10/0x10 [ 210.420377] ? debug_smp_processor_id+0x20/0x30 [ 210.421015] ? rcu_is_watching+0x19/0xb0 [ 210.421573] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.422199] ? trace_hardirqs_on+0x26/0x120 [ 210.423034] do_group_exit+0xe0/0x2b0 [ 210.423568] __x64_sys_exit_group+0x47/0x50 [ 210.424136] do_syscall_64+0x3b/0x90 [ 210.424657] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.425371] RIP: 0033:0x7f4b87518a4d [ 210.425878] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.426716] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.427704] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.428638] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.429579] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.430568] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.431545] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.432514] [ 210.432833] irq event stamp: 0 [ 210.433265] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.434110] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.435268] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.436380] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.437215] ---[ end trace 0000000000000000 ]--- [ 210.440764] ------------[ cut here ]------------ [ 210.441468] WARNING: CPU: 1 PID: 2003 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.443186] Modules linked in: [ 210.443610] CPU: 1 PID: 2003 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.444747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.446199] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.446902] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.449319] RSP: 0018:ffff88801629fb78 EFLAGS: 00010246 [ 210.450035] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.451017] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 210.451981] RBP: ffff88801629fb98 R08: ffffed100197393e R09: ffffed100197393e [ 210.453130] R10: ffff88800cb9c9ef R11: ffffed100197393d R12: ffff88800cb9ca90 [ 210.454082] R13: ffff88800cb9c8a8 R14: ffffffffffffffff R15: ffff88801629fc60 [ 210.455101] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.456326] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.457107] CR2: 00007f82e2e76000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 210.458255] PKRU: 55555554 [ 210.458676] Call Trace: [ 210.459032] [ 210.459359] iommufd_ioas_destroy+0x53/0x70 [ 210.459959] iommufd_fops_release+0x1f7/0x370 [ 210.460589] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.461277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.462148] ? write_comp_data+0x2f/0x90 [ 210.462749] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.463456] __fput+0x26d/0xa40 [ 210.463974] ____fput+0x1e/0x30 [ 210.464521] task_work_run+0x1a4/0x2d0 [ 210.465057] ? __pfx_task_work_run+0x10/0x10 [ 210.465658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.466478] ? switch_task_namespaces+0xa9/0xe0 [ 210.467193] do_exit+0xb17/0x2ef0 [ 210.467679] ? lock_acquire+0x427/0x4c0 [ 210.468242] ? __pfx_lock_release+0x10/0x10 [ 210.468848] ? __kasan_check_write+0x18/0x20 [ 210.469464] ? do_raw_spin_lock+0x132/0x2a0 [ 210.470063] ? __pfx_do_exit+0x10/0x10 [ 210.470667] ? debug_smp_processor_id+0x20/0x30 [ 210.471334] ? rcu_is_watching+0x19/0xb0 [ 210.471905] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.472539] ? trace_hardirqs_on+0x26/0x120 [ 210.473146] do_group_exit+0xe0/0x2b0 [ 210.473681] __x64_sys_exit_group+0x47/0x50 [ 210.474277] do_syscall_64+0x3b/0x90 [ 210.474851] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.475592] RIP: 0033:0x7f4b87518a4d [ 210.476110] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.476935] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.477938] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.478952] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.479925] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.480872] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.481813] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.482808] [ 210.483153] irq event stamp: 0 [ 210.483592] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.484451] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.485553] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.486689] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.487538] ---[ end trace 0000000000000000 ]--- [ 210.495237] ------------[ cut here ]------------ [ 210.495913] WARNING: CPU: 1 PID: 2005 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.497243] Modules linked in: [ 210.497681] CPU: 1 PID: 2005 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.499040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.500541] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.501200] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.503630] RSP: 0018:ffff88800f0efbb8 EFLAGS: 00010246 [ 210.504334] RAX: 0000000000000000 RBX: ffff888015d290a8 RCX: 0000000000000000 [ 210.505245] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 210.506172] RBP: ffff88800f0efbd0 R08: ffffed1002ba5233 R09: ffffed1002ba5233 [ 210.507146] R10: ffff888015d29193 R11: ffffed1002ba5232 R12: ffff88800ae93400 [ 210.508088] R13: ffff888015d291e8 R14: ffffffff8352e670 R15: ffff88800f0efe68 [ 210.509025] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.510082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.510876] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 210.511836] PKRU: 55555554 [ 210.512213] Call Trace: [ 210.512547] [ 210.512844] __iommufd_access_detach+0x1c2/0x2b0 [ 210.513474] iommufd_access_change_pt+0x149/0x270 [ 210.514094] iommufd_access_replace+0xb4/0x120 [ 210.514732] iommufd_test+0x3e5/0x37e0 [ 210.515248] ? lock_release+0x532/0x770 [ 210.515778] ? __might_fault+0x102/0x1b0 [ 210.516312] ? lock_acquire+0x427/0x4c0 [ 210.516837] ? __pfx_iommufd_test+0x10/0x10 [ 210.517388] ? __pfx_lock_release+0x10/0x10 [ 210.517953] ? __pfx_lock_acquire+0x10/0x10 [ 210.518554] ? write_comp_data+0x2f/0x90 [ 210.519096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.519743] ? write_comp_data+0x2f/0x90 [ 210.520277] iommufd_fops_ioctl+0x37d/0x510 [ 210.520820] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.521432] ? write_comp_data+0x2f/0x90 [ 210.521953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.522594] __x64_sys_ioctl+0x1a3/0x230 [ 210.523085] do_syscall_64+0x3b/0x90 [ 210.523570] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.524202] RIP: 0033:0x7f4b8743ee5d [ 210.524643] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.526776] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.527673] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.528499] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.529322] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.530148] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.531003] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.531866] [ 210.532150] irq event stamp: 0 [ 210.532529] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.533272] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.534256] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.535267] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.536014] ---[ end trace 0000000000000000 ]--- [ 210.540507] ------------[ cut here ]------------ [ 210.541064] WARNING: CPU: 1 PID: 2005 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.542193] Modules linked in: [ 210.542592] CPU: 1 PID: 2005 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.543573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.544809] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.545361] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.547400] RSP: 0018:ffff88800f0efbd0 EFLAGS: 00010246 [ 210.547992] RAX: 0000000000000000 RBX: ffff888015d290a8 RCX: 0000000000000000 [ 210.548780] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 210.549564] RBP: ffff88800f0efbe8 R08: ffffed1002ba5233 R09: ffffed1002ba5233 [ 210.550350] R10: ffff888015d29193 R11: ffffed1002ba5232 R12: ffff888014441400 [ 210.551173] R13: ffff888015d291e8 R14: ffff888012c78100 R15: 0000000000000000 [ 210.551963] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.552849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.553537] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.554323] PKRU: 55555554 [ 210.554668] Call Trace: [ 210.554961] [ 210.555231] iommufd_access_destroy_object+0x65/0x170 [ 210.555809] iommufd_object_destroy_user+0x18e/0x220 [ 210.556383] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.557036] iommufd_access_destroy+0x43/0x70 [ 210.557555] iommufd_test_staccess_release+0x8d/0xd0 [ 210.558127] __fput+0x26d/0xa40 [ 210.558544] ____fput+0x1e/0x30 [ 210.558929] task_work_run+0x1a4/0x2d0 [ 210.559384] ? __pfx_task_work_run+0x10/0x10 [ 210.559880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.560428] ? switch_task_namespaces+0xa9/0xe0 [ 210.560958] do_exit+0xb17/0x2ef0 [ 210.561347] ? lock_acquire+0x427/0x4c0 [ 210.561805] ? __pfx_lock_release+0x10/0x10 [ 210.562291] ? __kasan_check_write+0x18/0x20 [ 210.562809] ? do_raw_spin_lock+0x132/0x2a0 [ 210.563306] ? __pfx_do_exit+0x10/0x10 [ 210.563750] ? debug_smp_processor_id+0x20/0x30 [ 210.564268] ? rcu_is_watching+0x19/0xb0 [ 210.564720] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.565226] ? trace_hardirqs_on+0x26/0x120 [ 210.565711] do_group_exit+0xe0/0x2b0 [ 210.566136] __x64_sys_exit_group+0x47/0x50 [ 210.566636] do_syscall_64+0x3b/0x90 [ 210.567065] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.567661] RIP: 0033:0x7f4b87518a4d [ 210.568073] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.568743] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.569577] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.570350] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.571157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.571934] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.572708] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.573495] [ 210.573755] irq event stamp: 0 [ 210.574106] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.574821] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.575636] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.576308] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.576790] ---[ end trace 0000000000000000 ]--- [ 210.577798] ------------[ cut here ]------------ [ 210.578346] WARNING: CPU: 1 PID: 2005 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.579520] Modules linked in: [ 210.579884] CPU: 1 PID: 2005 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.580839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.582059] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.582661] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.584658] RSP: 0018:ffff88800f0efb78 EFLAGS: 00010246 [ 210.585246] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.586022] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 210.586832] RBP: ffff88800f0efb98 R08: ffffed1002ba523e R09: ffffed1002ba523e [ 210.587628] R10: ffff888015d291ef R11: ffffed1002ba523d R12: ffff888015d29290 [ 210.588410] R13: ffff888015d290a8 R14: ffffffffffffffff R15: ffff88800f0efc60 [ 210.589189] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.590065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.590741] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.591547] PKRU: 55555554 [ 210.591868] Call Trace: [ 210.592157] [ 210.592420] iommufd_ioas_destroy+0x53/0x70 [ 210.593150] iommufd_fops_release+0x1f7/0x370 [ 210.593669] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.594231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.594956] ? write_comp_data+0x2f/0x90 [ 210.595446] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.596007] __fput+0x26d/0xa40 [ 210.596493] ____fput+0x1e/0x30 [ 210.596884] task_work_run+0x1a4/0x2d0 [ 210.597334] ? __pfx_task_work_run+0x10/0x10 [ 210.597833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.598468] ? switch_task_namespaces+0xa9/0xe0 [ 210.599040] do_exit+0xb17/0x2ef0 [ 210.599450] ? lock_acquire+0x427/0x4c0 [ 210.599909] ? __pfx_lock_release+0x10/0x10 [ 210.600498] ? __kasan_check_write+0x18/0x20 [ 210.600997] ? do_raw_spin_lock+0x132/0x2a0 [ 210.601484] ? __pfx_do_exit+0x10/0x10 [ 210.602009] ? debug_smp_processor_id+0x20/0x30 [ 210.602584] ? rcu_is_watching+0x19/0xb0 [ 210.603048] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.603506] ? trace_hardirqs_on+0x26/0x120 [ 210.603880] do_group_exit+0xe0/0x2b0 [ 210.604252] __x64_sys_exit_group+0x47/0x50 [ 210.604591] do_syscall_64+0x3b/0x90 [ 210.604885] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.605296] RIP: 0033:0x7f4b87518a4d [ 210.605619] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.606175] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.606810] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.607381] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.608038] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.608588] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.609148] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.609816] [ 210.610001] irq event stamp: 0 [ 210.610245] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.610765] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.611421] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.612170] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.612663] ---[ end trace 0000000000000000 ]--- [ 210.616463] ------------[ cut here ]------------ [ 210.616965] WARNING: CPU: 1 PID: 2006 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.617782] Modules linked in: [ 210.618035] CPU: 1 PID: 2006 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.618912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.619825] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.620220] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.621808] RSP: 0018:ffff888014bf7bb8 EFLAGS: 00010246 [ 210.622362] RAX: 0000000000000000 RBX: ffff8880165368a8 RCX: 0000000000000000 [ 210.622976] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 210.623553] RBP: ffff888014bf7bd0 R08: ffffed1002ca6d33 R09: ffffed1002ca6d33 [ 210.624158] R10: ffff888016536993 R11: ffffed1002ca6d32 R12: ffff888013a08800 [ 210.624788] R13: ffff8880165369e8 R14: ffffffff8352e670 R15: ffff888014bf7e68 [ 210.625414] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.626178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.626665] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 210.627261] PKRU: 55555554 [ 210.627484] Call Trace: [ 210.627687] [ 210.627894] __iommufd_access_detach+0x1c2/0x2b0 [ 210.628378] iommufd_access_change_pt+0x149/0x270 [ 210.628767] iommufd_access_replace+0xb4/0x120 [ 210.629152] iommufd_test+0x3e5/0x37e0 [ 210.629483] ? lock_release+0x532/0x770 [ 210.629898] ? __might_fault+0x102/0x1b0 [ 210.630247] ? lock_acquire+0x427/0x4c0 [ 210.630614] ? __pfx_iommufd_test+0x10/0x10 [ 210.630963] ? __pfx_lock_release+0x10/0x10 [ 210.631348] ? __pfx_lock_acquire+0x10/0x10 [ 210.631734] ? write_comp_data+0x2f/0x90 [ 210.632180] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.632599] ? write_comp_data+0x2f/0x90 [ 210.632932] iommufd_fops_ioctl+0x37d/0x510 [ 210.633307] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.633818] ? write_comp_data+0x2f/0x90 [ 210.634158] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.634619] __x64_sys_ioctl+0x1a3/0x230 [ 210.634983] do_syscall_64+0x3b/0x90 [ 210.635318] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.635789] RIP: 0033:0x7f4b8743ee5d [ 210.636199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.637832] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.638473] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.639111] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.639708] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.640400] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.640989] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.641635] [ 210.641890] irq event stamp: 0 [ 210.642164] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.642724] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.643460] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.644292] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.644823] ---[ end trace 0000000000000000 ]--- [ 210.647755] ------------[ cut here ]------------ [ 210.648173] WARNING: CPU: 1 PID: 2006 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.649019] Modules linked in: [ 210.649279] CPU: 1 PID: 2006 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.650007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.651200] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.651620] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.653130] RSP: 0018:ffff888014bf7bd0 EFLAGS: 00010246 [ 210.653561] RAX: 0000000000000000 RBX: ffff8880165368a8 RCX: 0000000000000000 [ 210.654161] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 210.654775] RBP: ffff888014bf7be8 R08: ffffed1002ca6d33 R09: ffffed1002ca6d33 [ 210.655385] R10: ffff888016536993 R11: ffffed1002ca6d32 R12: ffff88800ae91800 [ 210.655971] R13: ffff8880165369e8 R14: ffff88800f5cbc00 R15: 0000000000000000 [ 210.656569] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.657235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.657716] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.658306] PKRU: 55555554 [ 210.658571] Call Trace: [ 210.658780] [ 210.658965] iommufd_access_destroy_object+0x65/0x170 [ 210.659414] iommufd_object_destroy_user+0x18e/0x220 [ 210.659840] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.660335] iommufd_access_destroy+0x43/0x70 [ 210.660719] iommufd_test_staccess_release+0x8d/0xd0 [ 210.661142] __fput+0x26d/0xa40 [ 210.661446] ____fput+0x1e/0x30 [ 210.661731] task_work_run+0x1a4/0x2d0 [ 210.662056] ? __pfx_task_work_run+0x10/0x10 [ 210.662435] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.662871] ? switch_task_namespaces+0xa9/0xe0 [ 210.663266] do_exit+0xb17/0x2ef0 [ 210.663570] ? lock_acquire+0x427/0x4c0 [ 210.663910] ? __pfx_lock_release+0x10/0x10 [ 210.664263] ? __kasan_check_write+0x18/0x20 [ 210.664661] ? do_raw_spin_lock+0x132/0x2a0 [ 210.665021] ? __pfx_do_exit+0x10/0x10 [ 210.665344] ? debug_smp_processor_id+0x20/0x30 [ 210.665743] ? rcu_is_watching+0x19/0xb0 [ 210.666081] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.666454] ? trace_hardirqs_on+0x26/0x120 [ 210.666850] do_group_exit+0xe0/0x2b0 [ 210.667182] __x64_sys_exit_group+0x47/0x50 [ 210.667533] do_syscall_64+0x3b/0x90 [ 210.667939] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.668360] RIP: 0033:0x7f4b87518a4d [ 210.668664] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.669157] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.669761] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.670336] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.670936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.671524] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.672097] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.672676] [ 210.672865] irq event stamp: 0 [ 210.673118] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.673626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.674295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.674991] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.675507] ---[ end trace 0000000000000000 ]--- [ 210.676215] ------------[ cut here ]------------ [ 210.676597] WARNING: CPU: 1 PID: 2006 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.677410] Modules linked in: [ 210.677668] CPU: 1 PID: 2006 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.678364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.679290] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.679707] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.681156] RSP: 0018:ffff888014bf7b78 EFLAGS: 00010246 [ 210.681582] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.682151] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 210.682742] RBP: ffff888014bf7b98 R08: ffffed1002ca6d3e R09: ffffed1002ca6d3e [ 210.683320] R10: ffff8880165369ef R11: ffffed1002ca6d3d R12: ffff888016536a90 [ 210.683890] R13: ffff8880165368a8 R14: ffffffffffffffff R15: ffff888014bf7c60 [ 210.684481] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.685135] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.685602] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.686183] PKRU: 55555554 [ 210.686413] Call Trace: [ 210.686647] [ 210.686836] iommufd_ioas_destroy+0x53/0x70 [ 210.687207] iommufd_fops_release+0x1f7/0x370 [ 210.687585] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.687990] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.688389] ? write_comp_data+0x2f/0x90 [ 210.688737] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.689150] __fput+0x26d/0xa40 [ 210.689430] ____fput+0x1e/0x30 [ 210.689710] task_work_run+0x1a4/0x2d0 [ 210.690037] ? __pfx_task_work_run+0x10/0x10 [ 210.690403] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.690831] ? switch_task_namespaces+0xa9/0xe0 [ 210.691245] do_exit+0xb17/0x2ef0 [ 210.691527] ? lock_acquire+0x427/0x4c0 [ 210.691865] ? __pfx_lock_release+0x10/0x10 [ 210.692226] ? __kasan_check_write+0x18/0x20 [ 210.692596] ? do_raw_spin_lock+0x132/0x2a0 [ 210.692956] ? __pfx_do_exit+0x10/0x10 [ 210.693293] ? debug_smp_processor_id+0x20/0x30 [ 210.693683] ? rcu_is_watching+0x19/0xb0 [ 210.694018] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.694396] ? trace_hardirqs_on+0x26/0x120 [ 210.694788] do_group_exit+0xe0/0x2b0 [ 210.695106] __x64_sys_exit_group+0x47/0x50 [ 210.695472] do_syscall_64+0x3b/0x90 [ 210.695784] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.696210] RIP: 0033:0x7f4b87518a4d [ 210.696530] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.697027] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.697642] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.698225] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.698813] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.699400] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.699984] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.700569] [ 210.700758] irq event stamp: 0 [ 210.701017] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.701523] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.702172] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.702851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.703361] ---[ end trace 0000000000000000 ]--- [ 210.707754] ------------[ cut here ]------------ [ 210.708170] WARNING: CPU: 1 PID: 2007 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.708963] Modules linked in: [ 210.709215] CPU: 1 PID: 2007 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.709889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.710778] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.711182] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.712593] RSP: 0018:ffff888013867bb8 EFLAGS: 00010246 [ 210.713004] RAX: 0000000000000000 RBX: ffff888010b798a8 RCX: 0000000000000000 [ 210.713567] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 210.714118] RBP: ffff888013867bd0 R08: ffffed100216f333 R09: ffffed100216f333 [ 210.714688] R10: ffff888010b79993 R11: ffffed100216f332 R12: ffff888013d4f000 [ 210.715250] R13: ffff888010b799e8 R14: ffffffff8352e670 R15: ffff888013867e68 [ 210.715794] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.716420] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.716876] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 210.717437] PKRU: 55555554 [ 210.717656] Call Trace: [ 210.717859] [ 210.718035] __iommufd_access_detach+0x1c2/0x2b0 [ 210.718423] iommufd_access_change_pt+0x149/0x270 [ 210.718832] iommufd_access_replace+0xb4/0x120 [ 210.719218] iommufd_test+0x3e5/0x37e0 [ 210.719533] ? lock_release+0x532/0x770 [ 210.719861] ? __might_fault+0x102/0x1b0 [ 210.720186] ? lock_acquire+0x427/0x4c0 [ 210.720508] ? __pfx_iommufd_test+0x10/0x10 [ 210.720849] ? __pfx_lock_release+0x10/0x10 [ 210.721200] ? __pfx_lock_acquire+0x10/0x10 [ 210.721549] ? write_comp_data+0x2f/0x90 [ 210.721881] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.722261] ? write_comp_data+0x2f/0x90 [ 210.722622] iommufd_fops_ioctl+0x37d/0x510 [ 210.722965] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.723359] ? write_comp_data+0x2f/0x90 [ 210.723683] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.724060] __x64_sys_ioctl+0x1a3/0x230 [ 210.724388] do_syscall_64+0x3b/0x90 [ 210.724690] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.725095] RIP: 0033:0x7f4b8743ee5d [ 210.725384] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.726793] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.727385] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.727941] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.728487] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.729031] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.729576] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.730133] [ 210.730317] irq event stamp: 0 [ 210.730575] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.731067] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.731719] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.732365] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.732850] ---[ end trace 0000000000000000 ]--- [ 210.735561] ------------[ cut here ]------------ [ 210.735953] WARNING: CPU: 1 PID: 2007 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.736729] Modules linked in: [ 210.736975] CPU: 1 PID: 2007 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.737649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.738535] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.738929] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.740339] RSP: 0018:ffff888013867bd0 EFLAGS: 00010246 [ 210.740746] RAX: 0000000000000000 RBX: ffff888010b798a8 RCX: 0000000000000000 [ 210.741292] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 210.741833] RBP: ffff888013867be8 R08: ffffed100216f333 R09: ffffed100216f333 [ 210.742384] R10: ffff888010b79993 R11: ffffed100216f332 R12: ffff888013a0ac00 [ 210.742956] R13: ffff888010b799e8 R14: ffff88800ace4700 R15: 0000000000000000 [ 210.743511] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.744125] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.744570] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.745119] PKRU: 55555554 [ 210.745335] Call Trace: [ 210.745533] [ 210.745709] iommufd_access_destroy_object+0x65/0x170 [ 210.746112] iommufd_object_destroy_user+0x18e/0x220 [ 210.746531] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.746983] iommufd_access_destroy+0x43/0x70 [ 210.747354] iommufd_test_staccess_release+0x8d/0xd0 [ 210.747747] __fput+0x26d/0xa40 [ 210.748011] ____fput+0x1e/0x30 [ 210.748268] task_work_run+0x1a4/0x2d0 [ 210.748577] ? __pfx_task_work_run+0x10/0x10 [ 210.748917] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.749294] ? switch_task_namespaces+0xa9/0xe0 [ 210.749654] do_exit+0xb17/0x2ef0 [ 210.749917] ? lock_acquire+0x427/0x4c0 [ 210.750230] ? __pfx_lock_release+0x10/0x10 [ 210.750579] ? __kasan_check_write+0x18/0x20 [ 210.750920] ? do_raw_spin_lock+0x132/0x2a0 [ 210.751257] ? __pfx_do_exit+0x10/0x10 [ 210.751566] ? debug_smp_processor_id+0x20/0x30 [ 210.751923] ? rcu_is_watching+0x19/0xb0 [ 210.752233] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.752582] ? trace_hardirqs_on+0x26/0x120 [ 210.752914] do_group_exit+0xe0/0x2b0 [ 210.753204] __x64_sys_exit_group+0x47/0x50 [ 210.753532] do_syscall_64+0x3b/0x90 [ 210.753820] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.754221] RIP: 0033:0x7f4b87518a4d [ 210.754534] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.754997] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.755578] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.756116] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.756649] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.757187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.757720] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.758268] [ 210.758449] irq event stamp: 0 [ 210.758706] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.759193] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.759824] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.760451] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.760922] ---[ end trace 0000000000000000 ]--- [ 210.761605] ------------[ cut here ]------------ [ 210.761961] WARNING: CPU: 1 PID: 2007 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.762747] Modules linked in: [ 210.762995] CPU: 1 PID: 2007 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.763659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.764484] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.764866] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.766197] RSP: 0018:ffff888013867b78 EFLAGS: 00010246 [ 210.766607] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.767137] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 210.767659] RBP: ffff888013867b98 R08: ffffed100216f33e R09: ffffed100216f33e [ 210.768182] R10: ffff888010b799ef R11: ffffed100216f33d R12: ffff888010b79a90 [ 210.768710] R13: ffff888010b798a8 R14: ffffffffffffffff R15: ffff888013867c60 [ 210.769229] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.769814] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.770238] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.770777] PKRU: 55555554 [ 210.770989] Call Trace: [ 210.771189] [ 210.771363] iommufd_ioas_destroy+0x53/0x70 [ 210.771693] iommufd_fops_release+0x1f7/0x370 [ 210.772036] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.772414] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.772785] ? write_comp_data+0x2f/0x90 [ 210.773095] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.773469] __fput+0x26d/0xa40 [ 210.773726] ____fput+0x1e/0x30 [ 210.773979] task_work_run+0x1a4/0x2d0 [ 210.774273] ? __pfx_task_work_run+0x10/0x10 [ 210.774631] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.775005] ? switch_task_namespaces+0xa9/0xe0 [ 210.775375] do_exit+0xb17/0x2ef0 [ 210.775636] ? lock_acquire+0x427/0x4c0 [ 210.775934] ? __pfx_lock_release+0x10/0x10 [ 210.776252] ? __kasan_check_write+0x18/0x20 [ 210.776578] ? do_raw_spin_lock+0x132/0x2a0 [ 210.776895] ? __pfx_do_exit+0x10/0x10 [ 210.777186] ? debug_smp_processor_id+0x20/0x30 [ 210.777527] ? rcu_is_watching+0x19/0xb0 [ 210.777824] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.778157] ? trace_hardirqs_on+0x26/0x120 [ 210.778480] do_group_exit+0xe0/0x2b0 [ 210.778779] __x64_sys_exit_group+0x47/0x50 [ 210.779099] do_syscall_64+0x3b/0x90 [ 210.779394] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.779777] RIP: 0033:0x7f4b87518a4d [ 210.780050] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.780495] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.781045] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.781558] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.782070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.782599] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.783123] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.783646] [ 210.783817] irq event stamp: 0 [ 210.784046] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.784504] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.785108] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.785717] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.786172] ---[ end trace 0000000000000000 ]--- [ 210.789936] ------------[ cut here ]------------ [ 210.790312] WARNING: CPU: 1 PID: 2008 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.791094] Modules linked in: [ 210.791343] CPU: 1 PID: 2008 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.791973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.792781] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.793140] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.794442] RSP: 0018:ffff888015fbfbb8 EFLAGS: 00010246 [ 210.794940] RAX: 0000000000000000 RBX: ffff888018aa98a8 RCX: 0000000000000000 [ 210.795467] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 210.795989] RBP: ffff888015fbfbd0 R08: ffffed1003155333 R09: ffffed1003155333 [ 210.796506] R10: ffff888018aa9993 R11: ffffed1003155332 R12: ffff88801493f800 [ 210.797017] R13: ffff888018aa99e8 R14: ffffffff8352e670 R15: ffff888015fbfe68 [ 210.797534] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.798116] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.798553] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 210.799071] PKRU: 55555554 [ 210.799283] Call Trace: [ 210.799470] [ 210.799636] __iommufd_access_detach+0x1c2/0x2b0 [ 210.799994] iommufd_access_change_pt+0x149/0x270 [ 210.800351] iommufd_access_replace+0xb4/0x120 [ 210.800686] iommufd_test+0x3e5/0x37e0 [ 210.800963] ? lock_release+0x532/0x770 [ 210.801254] ? __might_fault+0x102/0x1b0 [ 210.801549] ? lock_acquire+0x427/0x4c0 [ 210.801841] ? __pfx_iommufd_test+0x10/0x10 [ 210.802147] ? __pfx_lock_release+0x10/0x10 [ 210.802458] ? __pfx_lock_acquire+0x10/0x10 [ 210.802792] ? write_comp_data+0x2f/0x90 [ 210.803090] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.803455] ? write_comp_data+0x2f/0x90 [ 210.803754] iommufd_fops_ioctl+0x37d/0x510 [ 210.804066] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.804419] ? write_comp_data+0x2f/0x90 [ 210.804715] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.805062] __x64_sys_ioctl+0x1a3/0x230 [ 210.805364] do_syscall_64+0x3b/0x90 [ 210.805636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.806009] RIP: 0033:0x7f4b8743ee5d [ 210.806277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.807592] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.808133] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.808637] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.809141] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.809644] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.810147] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.810677] [ 210.810847] irq event stamp: 0 [ 210.811071] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.811529] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.812125] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.812712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.813160] ---[ end trace 0000000000000000 ]--- [ 210.815761] ------------[ cut here ]------------ [ 210.816130] WARNING: CPU: 1 PID: 2008 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.816844] Modules linked in: [ 210.817072] CPU: 1 PID: 2008 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.817687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.818481] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.818853] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.820149] RSP: 0018:ffff888015fbfbd0 EFLAGS: 00010246 [ 210.820526] RAX: 0000000000000000 RBX: ffff888018aa98a8 RCX: 0000000000000000 [ 210.821025] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 210.821524] RBP: ffff888015fbfbe8 R08: ffffed1003155333 R09: ffffed1003155333 [ 210.822024] R10: ffff888018aa9993 R11: ffffed1003155332 R12: ffff888013d4dc00 [ 210.822548] R13: ffff888018aa99e8 R14: ffff888014951500 R15: 0000000000000000 [ 210.823052] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.823630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.824044] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.824550] PKRU: 55555554 [ 210.824754] Call Trace: [ 210.824936] [ 210.825098] iommufd_access_destroy_object+0x65/0x170 [ 210.825469] iommufd_object_destroy_user+0x18e/0x220 [ 210.825837] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.826258] iommufd_access_destroy+0x43/0x70 [ 210.826615] iommufd_test_staccess_release+0x8d/0xd0 [ 210.826990] __fput+0x26d/0xa40 [ 210.827250] ____fput+0x1e/0x30 [ 210.827495] task_work_run+0x1a4/0x2d0 [ 210.827781] ? __pfx_task_work_run+0x10/0x10 [ 210.828100] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.828453] ? switch_task_namespaces+0xa9/0xe0 [ 210.828798] do_exit+0xb17/0x2ef0 [ 210.829047] ? lock_acquire+0x427/0x4c0 [ 210.829339] ? __pfx_lock_release+0x10/0x10 [ 210.829655] ? __kasan_check_write+0x18/0x20 [ 210.829973] ? do_raw_spin_lock+0x132/0x2a0 [ 210.830283] ? __pfx_do_exit+0x10/0x10 [ 210.830589] ? debug_smp_processor_id+0x20/0x30 [ 210.830928] ? rcu_is_watching+0x19/0xb0 [ 210.831229] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.831562] ? trace_hardirqs_on+0x26/0x120 [ 210.831877] do_group_exit+0xe0/0x2b0 [ 210.832150] __x64_sys_exit_group+0x47/0x50 [ 210.832456] do_syscall_64+0x3b/0x90 [ 210.832730] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.833104] RIP: 0033:0x7f4b87518a4d [ 210.833369] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.833807] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.834345] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.834868] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.835382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.835886] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.836388] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.836907] [ 210.837078] irq event stamp: 0 [ 210.837305] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.837760] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.838348] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.838965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.839433] ---[ end trace 0000000000000000 ]--- [ 210.840080] ------------[ cut here ]------------ [ 210.840424] WARNING: CPU: 1 PID: 2008 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.841158] Modules linked in: [ 210.841390] CPU: 1 PID: 2008 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.842018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.842845] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.843233] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.844528] RSP: 0018:ffff888015fbfb78 EFLAGS: 00010246 [ 210.844916] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.845429] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 210.845938] RBP: ffff888015fbfb98 R08: ffffed100315533e R09: ffffed100315533e [ 210.846453] R10: ffff888018aa99ef R11: ffffed100315533d R12: ffff888018aa9a90 [ 210.846976] R13: ffff888018aa98a8 R14: ffffffffffffffff R15: ffff888015fbfc60 [ 210.847498] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.848073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.848493] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 210.849007] PKRU: 55555554 [ 210.849213] Call Trace: [ 210.849399] [ 210.849565] iommufd_ioas_destroy+0x53/0x70 [ 210.849886] iommufd_fops_release+0x1f7/0x370 [ 210.850220] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.850609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.850975] ? write_comp_data+0x2f/0x90 [ 210.851290] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.851659] __fput+0x26d/0xa40 [ 210.851913] ____fput+0x1e/0x30 [ 210.852161] task_work_run+0x1a4/0x2d0 [ 210.852455] ? __pfx_task_work_run+0x10/0x10 [ 210.852780] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.853141] ? switch_task_namespaces+0xa9/0xe0 [ 210.853490] do_exit+0xb17/0x2ef0 [ 210.853744] ? lock_acquire+0x427/0x4c0 [ 210.854043] ? __pfx_lock_release+0x10/0x10 [ 210.854365] ? __kasan_check_write+0x18/0x20 [ 210.854710] ? do_raw_spin_lock+0x132/0x2a0 [ 210.855029] ? __pfx_do_exit+0x10/0x10 [ 210.855328] ? debug_smp_processor_id+0x20/0x30 [ 210.855672] ? rcu_is_watching+0x19/0xb0 [ 210.855968] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.856302] ? trace_hardirqs_on+0x26/0x120 [ 210.856625] do_group_exit+0xe0/0x2b0 [ 210.856903] __x64_sys_exit_group+0x47/0x50 [ 210.857216] do_syscall_64+0x3b/0x90 [ 210.857497] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.857883] RIP: 0033:0x7f4b87518a4d [ 210.858151] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.858613] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.859172] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.859689] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.860350] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.860873] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.861389] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.861917] [ 210.862127] irq event stamp: 0 [ 210.862421] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.862904] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.863532] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.864267] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.864733] ---[ end trace 0000000000000000 ]--- [ 210.868614] ------------[ cut here ]------------ [ 210.869089] WARNING: CPU: 1 PID: 2009 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.869838] Modules linked in: [ 210.870071] CPU: 1 PID: 2009 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.870846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.871677] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.872041] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.873462] RSP: 0018:ffff888011c3fbb8 EFLAGS: 00010246 [ 210.873860] RAX: 0000000000000000 RBX: ffff8880165570a8 RCX: 0000000000000000 [ 210.874438] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 210.875015] RBP: ffff888011c3fbd0 R08: ffffed1002caae33 R09: ffffed1002caae33 [ 210.875551] R10: ffff888016557193 R11: ffffed1002caae32 R12: ffff88800f070000 [ 210.876102] R13: ffff8880165571e8 R14: ffffffff8352e670 R15: ffff888011c3fe68 [ 210.876696] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.877290] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.877738] CR2: 00007f4b877410e8 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 210.878342] PKRU: 55555554 [ 210.878569] Call Trace: [ 210.878761] [ 210.878930] __iommufd_access_detach+0x1c2/0x2b0 [ 210.879301] iommufd_access_change_pt+0x149/0x270 [ 210.879783] iommufd_access_replace+0xb4/0x120 [ 210.880134] iommufd_test+0x3e5/0x37e0 [ 210.880430] ? lock_release+0x532/0x770 [ 210.880737] ? __might_fault+0x102/0x1b0 [ 210.881049] ? lock_acquire+0x427/0x4c0 [ 210.881412] ? __pfx_iommufd_test+0x10/0x10 [ 210.881792] ? __pfx_lock_release+0x10/0x10 [ 210.882119] ? __pfx_lock_acquire+0x10/0x10 [ 210.882449] ? write_comp_data+0x2f/0x90 [ 210.882781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.883221] ? write_comp_data+0x2f/0x90 [ 210.883586] iommufd_fops_ioctl+0x37d/0x510 [ 210.883915] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.884291] ? write_comp_data+0x2f/0x90 [ 210.884613] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.885042] __x64_sys_ioctl+0x1a3/0x230 [ 210.885425] do_syscall_64+0x3b/0x90 [ 210.885721] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.886119] RIP: 0033:0x7f4b8743ee5d [ 210.886402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.887913] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.888504] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.889184] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.889731] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.890279] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.890960] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.891533] [ 210.891718] irq event stamp: 0 [ 210.891960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.892507] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.893210] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.893844] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.894438] ---[ end trace 0000000000000000 ]--- [ 210.899034] ------------[ cut here ]------------ [ 210.899459] WARNING: CPU: 1 PID: 2009 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.900398] Modules linked in: [ 210.900655] CPU: 1 PID: 2009 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.901358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.902403] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.902878] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.904490] RSP: 0018:ffff888011c3fbd0 EFLAGS: 00010246 [ 210.904931] RAX: 0000000000000000 RBX: ffff8880165570a8 RCX: 0000000000000000 [ 210.905506] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 210.906235] RBP: ffff888011c3fbe8 R08: ffffed1002caae33 R09: ffffed1002caae33 [ 210.906838] R10: ffff888016557193 R11: ffffed1002caae32 R12: ffff88801493e800 [ 210.907418] R13: ffff8880165571e8 R14: ffff88800fa31b00 R15: 0000000000000000 [ 210.908143] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.908794] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.909266] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 210.909983] PKRU: 55555554 [ 210.910215] Call Trace: [ 210.910422] [ 210.910618] iommufd_access_destroy_object+0x65/0x170 [ 210.911040] iommufd_object_destroy_user+0x18e/0x220 [ 210.911509] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 210.912077] iommufd_access_destroy+0x43/0x70 [ 210.912457] iommufd_test_staccess_release+0x8d/0xd0 [ 210.912878] __fput+0x26d/0xa40 [ 210.913160] ____fput+0x1e/0x30 [ 210.913505] task_work_run+0x1a4/0x2d0 [ 210.913905] ? __pfx_task_work_run+0x10/0x10 [ 210.914266] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.914709] ? switch_task_namespaces+0xa9/0xe0 [ 210.915111] do_exit+0xb17/0x2ef0 [ 210.915491] ? lock_acquire+0x427/0x4c0 [ 210.915901] ? __pfx_lock_release+0x10/0x10 [ 210.916272] ? __kasan_check_write+0x18/0x20 [ 210.916650] ? do_raw_spin_lock+0x132/0x2a0 [ 210.917021] ? __pfx_do_exit+0x10/0x10 [ 210.917504] ? debug_smp_processor_id+0x20/0x30 [ 210.917905] ? rcu_is_watching+0x19/0xb0 [ 210.918251] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.918658] ? trace_hardirqs_on+0x26/0x120 [ 210.919031] do_group_exit+0xe0/0x2b0 [ 210.919366] __x64_sys_exit_group+0x47/0x50 [ 210.919733] do_syscall_64+0x3b/0x90 [ 210.920055] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.920526] RIP: 0033:0x7f4b87518a4d [ 210.920961] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.921477] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.922123] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.922914] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.923544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.924148] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.924755] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.925527] [ 210.925729] irq event stamp: 0 [ 210.926002] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.926574] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.927323] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.928157] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.928690] ---[ end trace 0000000000000000 ]--- [ 210.929521] ------------[ cut here ]------------ [ 210.929991] WARNING: CPU: 1 PID: 2009 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 210.930935] Modules linked in: [ 210.931224] CPU: 1 PID: 2009 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.932122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.933065] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 210.933539] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 210.935217] RSP: 0018:ffff888011c3fb78 EFLAGS: 00010246 [ 210.935674] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 210.936427] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 210.937038] RBP: ffff888011c3fb98 R08: ffffed1002caae3e R09: ffffed1002caae3e [ 210.937669] R10: ffff8880165571ef R11: ffffed1002caae3d R12: ffff888016557290 [ 210.938473] R13: ffff8880165570a8 R14: ffffffffffffffff R15: ffff888011c3fc60 [ 210.939159] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.939897] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.940422] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 210.941221] PKRU: 55555554 [ 210.941481] Call Trace: [ 210.941714] [ 210.941923] iommufd_ioas_destroy+0x53/0x70 [ 210.942328] iommufd_fops_release+0x1f7/0x370 [ 210.942845] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.943409] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.943862] ? write_comp_data+0x2f/0x90 [ 210.944237] ? __pfx_iommufd_fops_release+0x10/0x10 [ 210.944694] __fput+0x26d/0xa40 [ 210.945015] ____fput+0x1e/0x30 [ 210.945396] task_work_run+0x1a4/0x2d0 [ 210.945856] ? __pfx_task_work_run+0x10/0x10 [ 210.946261] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.946742] ? switch_task_namespaces+0xa9/0xe0 [ 210.947194] do_exit+0xb17/0x2ef0 [ 210.947517] ? lock_acquire+0x427/0x4c0 [ 210.947977] ? __pfx_lock_release+0x10/0x10 [ 210.948475] ? __kasan_check_write+0x18/0x20 [ 210.948880] ? do_raw_spin_lock+0x132/0x2a0 [ 210.949274] ? __pfx_do_exit+0x10/0x10 [ 210.949637] ? debug_smp_processor_id+0x20/0x30 [ 210.950235] ? rcu_is_watching+0x19/0xb0 [ 210.950651] ? _raw_spin_unlock_irq+0x2b/0x60 [ 210.951081] ? trace_hardirqs_on+0x26/0x120 [ 210.951505] do_group_exit+0xe0/0x2b0 [ 210.951861] __x64_sys_exit_group+0x47/0x50 [ 210.952259] do_syscall_64+0x3b/0x90 [ 210.952710] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.953275] RIP: 0033:0x7f4b87518a4d [ 210.953620] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 210.954177] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 210.955084] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 210.955743] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 210.956388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 210.957067] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 210.957854] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 210.958545] [ 210.958764] irq event stamp: 0 [ 210.959055] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 210.959745] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 210.960597] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 210.961359] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 210.962134] ---[ end trace 0000000000000000 ]--- [ 210.967235] ------------[ cut here ]------------ [ 210.967728] WARNING: CPU: 1 PID: 2010 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 210.968756] Modules linked in: [ 210.969143] CPU: 1 PID: 2010 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 210.969941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 210.971186] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 210.971817] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 210.973630] RSP: 0018:ffff888015fbfbb8 EFLAGS: 00010246 [ 210.974404] RAX: 0000000000000000 RBX: ffff8880187388a8 RCX: 0000000000000000 [ 210.975167] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 210.975888] RBP: ffff888015fbfbd0 R08: ffffed10030e7133 R09: ffffed10030e7133 [ 210.976707] R10: ffff888018738993 R11: ffffed10030e7132 R12: ffff88800fcb3c00 [ 210.977532] R13: ffff8880187389e8 R14: ffffffff8352e670 R15: ffff888015fbfe68 [ 210.978253] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 210.979236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.979877] CR2: 00007f4b877410e8 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 210.980603] PKRU: 55555554 [ 210.980888] Call Trace: [ 210.981148] [ 210.981379] __iommufd_access_detach+0x1c2/0x2b0 [ 210.982063] iommufd_access_change_pt+0x149/0x270 [ 210.982593] iommufd_access_replace+0xb4/0x120 [ 210.983076] iommufd_test+0x3e5/0x37e0 [ 210.983498] ? lock_release+0x532/0x770 [ 210.983918] ? __might_fault+0x102/0x1b0 [ 210.984446] ? lock_acquire+0x427/0x4c0 [ 210.984995] ? __pfx_iommufd_test+0x10/0x10 [ 210.985442] ? __pfx_lock_release+0x10/0x10 [ 210.985894] ? __pfx_lock_acquire+0x10/0x10 [ 210.986348] ? write_comp_data+0x2f/0x90 [ 210.986919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 210.987481] ? write_comp_data+0x2f/0x90 [ 210.987917] iommufd_fops_ioctl+0x37d/0x510 [ 210.988363] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.988877] ? write_comp_data+0x2f/0x90 [ 210.989315] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.990024] __x64_sys_ioctl+0x1a3/0x230 [ 210.990467] do_syscall_64+0x3b/0x90 [ 210.990916] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 210.991490] RIP: 0033:0x7f4b8743ee5d [ 210.991883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 210.993967] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 210.994838] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 210.995701] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.996414] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 210.997132] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 210.998073] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 210.998847] [ 210.999086] irq event stamp: 0 [ 210.999421] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.000057] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.001095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.001939] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.002673] ---[ end trace 0000000000000000 ]--- [ 211.006070] ------------[ cut here ]------------ [ 211.006615] WARNING: CPU: 1 PID: 2010 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.007756] Modules linked in: [ 211.008197] CPU: 1 PID: 2010 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.009063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.010354] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.010899] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.012734] RSP: 0018:ffff888015fbfbd0 EFLAGS: 00010246 [ 211.013267] RAX: 0000000000000000 RBX: ffff8880187388a8 RCX: 0000000000000000 [ 211.013984] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 211.014743] RBP: ffff888015fbfbe8 R08: ffffed10030e7133 R09: ffffed10030e7133 [ 211.015499] R10: ffff888018738993 R11: ffffed10030e7132 R12: ffff88800f073000 [ 211.016216] R13: ffff8880187389e8 R14: ffff888018b9a400 R15: 0000000000000000 [ 211.016933] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.017747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.018342] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 211.019130] PKRU: 55555554 [ 211.019435] Call Trace: [ 211.019698] [ 211.019933] iommufd_access_destroy_object+0x65/0x170 [ 211.020464] iommufd_object_destroy_user+0x18e/0x220 [ 211.020984] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.021578] iommufd_access_destroy+0x43/0x70 [ 211.022045] iommufd_test_staccess_release+0x8d/0xd0 [ 211.022597] __fput+0x26d/0xa40 [ 211.022958] ____fput+0x1e/0x30 [ 211.023325] task_work_run+0x1a4/0x2d0 [ 211.023731] ? __pfx_task_work_run+0x10/0x10 [ 211.024188] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.024693] ? switch_task_namespaces+0xa9/0xe0 [ 211.025185] do_exit+0xb17/0x2ef0 [ 211.025540] ? lock_acquire+0x427/0x4c0 [ 211.025954] ? __pfx_lock_release+0x10/0x10 [ 211.026401] ? __kasan_check_write+0x18/0x20 [ 211.026895] ? do_raw_spin_lock+0x132/0x2a0 [ 211.027359] ? __pfx_do_exit+0x10/0x10 [ 211.027767] ? debug_smp_processor_id+0x20/0x30 [ 211.028239] ? rcu_is_watching+0x19/0xb0 [ 211.028651] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.029120] ? trace_hardirqs_on+0x26/0x120 [ 211.029560] do_group_exit+0xe0/0x2b0 [ 211.029945] __x64_sys_exit_group+0x47/0x50 [ 211.030382] do_syscall_64+0x3b/0x90 [ 211.030808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.031367] RIP: 0033:0x7f4b87518a4d [ 211.031758] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.032392] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.033169] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.033899] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.034670] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.035416] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.036134] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.036872] [ 211.037118] irq event stamp: 0 [ 211.037441] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.038073] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.038937] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.039785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.040409] ---[ end trace 0000000000000000 ]--- [ 211.041256] ------------[ cut here ]------------ [ 211.041724] WARNING: CPU: 1 PID: 2010 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.042800] Modules linked in: [ 211.043139] CPU: 1 PID: 2010 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.044004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.045106] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.045611] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.047489] RSP: 0018:ffff888015fbfb78 EFLAGS: 00010246 [ 211.048026] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.048737] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 211.049456] RBP: ffff888015fbfb98 R08: ffffed10030e713e R09: ffffed10030e713e [ 211.050196] R10: ffff8880187389ef R11: ffffed10030e713d R12: ffff888018738a90 [ 211.050961] R13: ffff8880187388a8 R14: ffffffffffffffff R15: ffff888015fbfc60 [ 211.051711] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.052519] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.053103] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 211.053818] PKRU: 55555554 [ 211.054107] Call Trace: [ 211.054368] [ 211.054635] iommufd_ioas_destroy+0x53/0x70 [ 211.055093] iommufd_fops_release+0x1f7/0x370 [ 211.055532] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.056002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.056465] ? write_comp_data+0x2f/0x90 [ 211.056853] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.057321] __fput+0x26d/0xa40 [ 211.057644] ____fput+0x1e/0x30 [ 211.057960] task_work_run+0x1a4/0x2d0 [ 211.058333] ? __pfx_task_work_run+0x10/0x10 [ 211.058789] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.059273] ? switch_task_namespaces+0xa9/0xe0 [ 211.059730] do_exit+0xb17/0x2ef0 [ 211.060064] ? lock_acquire+0x427/0x4c0 [ 211.060452] ? __pfx_lock_release+0x10/0x10 [ 211.060861] ? __kasan_check_write+0x18/0x20 [ 211.061278] ? do_raw_spin_lock+0x132/0x2a0 [ 211.061682] ? __pfx_do_exit+0x10/0x10 [ 211.062057] ? debug_smp_processor_id+0x20/0x30 [ 211.062498] ? rcu_is_watching+0x19/0xb0 [ 211.062923] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.063377] ? trace_hardirqs_on+0x26/0x120 [ 211.063790] do_group_exit+0xe0/0x2b0 [ 211.064145] __x64_sys_exit_group+0x47/0x50 [ 211.064546] do_syscall_64+0x3b/0x90 [ 211.064908] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.065399] RIP: 0033:0x7f4b87518a4d [ 211.065745] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.066315] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.067046] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.067725] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.068391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.069050] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.069710] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.070394] [ 211.070648] irq event stamp: 0 [ 211.070941] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.071538] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.072312] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.073081] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.073668] ---[ end trace 0000000000000000 ]--- [ 211.078890] ------------[ cut here ]------------ [ 211.079397] WARNING: CPU: 1 PID: 2011 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.080317] Modules linked in: [ 211.080606] CPU: 1 PID: 2011 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.081395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.082402] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.082889] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.084556] RSP: 0018:ffff888023e87bb8 EFLAGS: 00010246 [ 211.085038] RAX: 0000000000000000 RBX: ffff8880160c80a8 RCX: 0000000000000000 [ 211.085682] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 211.086327] RBP: ffff888023e87bd0 R08: ffffed1002c19033 R09: ffffed1002c19033 [ 211.087002] R10: ffff8880160c8193 R11: ffffed1002c19032 R12: ffff888010c08400 [ 211.087669] R13: ffff8880160c81e8 R14: ffffffff8352e670 R15: ffff888023e87e68 [ 211.088321] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.089055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.089582] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ee0 [ 211.090229] PKRU: 55555554 [ 211.090488] Call Trace: [ 211.090755] [ 211.090966] __iommufd_access_detach+0x1c2/0x2b0 [ 211.091442] iommufd_access_change_pt+0x149/0x270 [ 211.091897] iommufd_access_replace+0xb4/0x120 [ 211.092332] iommufd_test+0x3e5/0x37e0 [ 211.092695] ? lock_release+0x532/0x770 [ 211.093069] ? __might_fault+0x102/0x1b0 [ 211.093448] ? lock_acquire+0x427/0x4c0 [ 211.093826] ? __pfx_iommufd_test+0x10/0x10 [ 211.094232] ? __pfx_lock_release+0x10/0x10 [ 211.094674] ? __pfx_lock_acquire+0x10/0x10 [ 211.095085] ? write_comp_data+0x2f/0x90 [ 211.095485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.095946] ? write_comp_data+0x2f/0x90 [ 211.096340] iommufd_fops_ioctl+0x37d/0x510 [ 211.096744] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.097200] ? write_comp_data+0x2f/0x90 [ 211.097591] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.098036] __x64_sys_ioctl+0x1a3/0x230 [ 211.098425] do_syscall_64+0x3b/0x90 [ 211.098815] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.099313] RIP: 0033:0x7f4b8743ee5d [ 211.099654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.101316] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.102015] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.102717] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.103398] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.104065] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.104712] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.105372] [ 211.105593] irq event stamp: 0 [ 211.105881] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.106470] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.107318] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.108080] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.108662] ---[ end trace 0000000000000000 ]--- [ 211.111663] ------------[ cut here ]------------ [ 211.112134] WARNING: CPU: 1 PID: 2011 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.113058] Modules linked in: [ 211.113356] CPU: 1 PID: 2011 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.114164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.115233] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.115697] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.117612] RSP: 0018:ffff888023e87bd0 EFLAGS: 00010246 [ 211.118106] RAX: 0000000000000000 RBX: ffff8880160c80a8 RCX: 0000000000000000 [ 211.118785] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 211.119662] RBP: ffff888023e87be8 R08: ffffed1002c19033 R09: ffffed1002c19033 [ 211.120324] R10: ffff8880160c8193 R11: ffffed1002c19032 R12: ffff88800fcb1c00 [ 211.120977] R13: ffff8880160c81e8 R14: ffff88800fd4f500 R15: 0000000000000000 [ 211.121650] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.122562] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.123106] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.123786] PKRU: 55555554 [ 211.124095] Call Trace: [ 211.124457] [ 211.124677] iommufd_access_destroy_object+0x65/0x170 [ 211.125168] iommufd_object_destroy_user+0x18e/0x220 [ 211.125649] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.126198] iommufd_access_destroy+0x43/0x70 [ 211.126828] iommufd_test_staccess_release+0x8d/0xd0 [ 211.127344] __fput+0x26d/0xa40 [ 211.127673] ____fput+0x1e/0x30 [ 211.127998] task_work_run+0x1a4/0x2d0 [ 211.128370] ? __pfx_task_work_run+0x10/0x10 [ 211.128782] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.129339] ? switch_task_namespaces+0xa9/0xe0 [ 211.129847] do_exit+0xb17/0x2ef0 [ 211.130184] ? lock_acquire+0x427/0x4c0 [ 211.130598] ? __pfx_lock_release+0x10/0x10 [ 211.131014] ? __kasan_check_write+0x18/0x20 [ 211.131445] ? do_raw_spin_lock+0x132/0x2a0 [ 211.131946] ? __pfx_do_exit+0x10/0x10 [ 211.132420] ? debug_smp_processor_id+0x20/0x30 [ 211.132870] ? rcu_is_watching+0x19/0xb0 [ 211.133263] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.133703] ? trace_hardirqs_on+0x26/0x120 [ 211.134215] do_group_exit+0xe0/0x2b0 [ 211.134720] __x64_sys_exit_group+0x47/0x50 [ 211.135158] do_syscall_64+0x3b/0x90 [ 211.135525] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.136027] RIP: 0033:0x7f4b87518a4d [ 211.136384] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.137062] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.137883] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.138614] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.139306] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.140191] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.140868] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.141549] [ 211.141868] irq event stamp: 0 [ 211.142272] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.142907] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.143757] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.144725] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.145492] ---[ end trace 0000000000000000 ]--- [ 211.146365] ------------[ cut here ]------------ [ 211.146916] WARNING: CPU: 1 PID: 2011 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.148193] Modules linked in: [ 211.148528] CPU: 1 PID: 2011 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.149423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.150858] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.151420] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.153518] RSP: 0018:ffff888023e87b78 EFLAGS: 00010246 [ 211.154065] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.154836] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 211.155803] RBP: ffff888023e87b98 R08: ffffed1002c1903e R09: ffffed1002c1903e [ 211.156538] R10: ffff8880160c81ef R11: ffffed1002c1903d R12: ffff8880160c8290 [ 211.157276] R13: ffff8880160c80a8 R14: ffffffffffffffff R15: ffff888023e87c60 [ 211.158245] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.159104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.159729] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.160486] PKRU: 55555554 [ 211.160940] Call Trace: [ 211.161216] [ 211.161450] iommufd_ioas_destroy+0x53/0x70 [ 211.161899] iommufd_fops_release+0x1f7/0x370 [ 211.162367] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.163009] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.163670] ? write_comp_data+0x2f/0x90 [ 211.164101] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.164619] __fput+0x26d/0xa40 [ 211.164972] ____fput+0x1e/0x30 [ 211.165330] task_work_run+0x1a4/0x2d0 [ 211.165784] ? __pfx_task_work_run+0x10/0x10 [ 211.166401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.166950] ? switch_task_namespaces+0xa9/0xe0 [ 211.167469] do_exit+0xb17/0x2ef0 [ 211.167829] ? lock_acquire+0x427/0x4c0 [ 211.168257] ? __pfx_lock_release+0x10/0x10 [ 211.168920] ? __kasan_check_write+0x18/0x20 [ 211.169391] ? do_raw_spin_lock+0x132/0x2a0 [ 211.169833] ? __pfx_do_exit+0x10/0x10 [ 211.170242] ? debug_smp_processor_id+0x20/0x30 [ 211.170790] ? rcu_is_watching+0x19/0xb0 [ 211.171416] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.171897] ? trace_hardirqs_on+0x26/0x120 [ 211.172355] do_group_exit+0xe0/0x2b0 [ 211.172754] __x64_sys_exit_group+0x47/0x50 [ 211.173197] do_syscall_64+0x3b/0x90 [ 211.173647] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.174353] RIP: 0033:0x7f4b87518a4d [ 211.174781] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.175435] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.176228] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.177175] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.177902] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.178673] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.179543] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.180418] [ 211.180664] irq event stamp: 0 [ 211.180997] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.181661] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.182791] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.183693] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.184363] ---[ end trace 0000000000000000 ]--- [ 211.189011] ------------[ cut here ]------------ [ 211.189613] WARNING: CPU: 1 PID: 2012 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.190904] Modules linked in: [ 211.191275] CPU: 1 PID: 2012 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.192182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.193356] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.193876] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.195807] RSP: 0018:ffff888011c3fbb8 EFLAGS: 00010246 [ 211.196370] RAX: 0000000000000000 RBX: ffff888011de18a8 RCX: 0000000000000000 [ 211.197127] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 211.197873] RBP: ffff888011c3fbd0 R08: ffffed10023bc333 R09: ffffed10023bc333 [ 211.198652] R10: ffff888011de1993 R11: ffffed10023bc332 R12: ffff888014583400 [ 211.199412] R13: ffff888011de19e8 R14: ffffffff8352e670 R15: ffff888011c3fe68 [ 211.200161] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.200996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.201600] CR2: 00007f4b877410e8 CR3: 0000000014268000 CR4: 0000000000750ee0 [ 211.202342] PKRU: 55555554 [ 211.202676] Call Trace: [ 211.202955] [ 211.203202] __iommufd_access_detach+0x1c2/0x2b0 [ 211.203727] iommufd_access_change_pt+0x149/0x270 [ 211.204241] iommufd_access_replace+0xb4/0x120 [ 211.204736] iommufd_test+0x3e5/0x37e0 [ 211.205146] ? lock_release+0x532/0x770 [ 211.205574] ? __might_fault+0x102/0x1b0 [ 211.206005] ? lock_acquire+0x427/0x4c0 [ 211.206432] ? __pfx_iommufd_test+0x10/0x10 [ 211.206926] ? __pfx_lock_release+0x10/0x10 [ 211.207406] ? __pfx_lock_acquire+0x10/0x10 [ 211.207877] ? write_comp_data+0x2f/0x90 [ 211.208317] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.208840] ? write_comp_data+0x2f/0x90 [ 211.209276] iommufd_fops_ioctl+0x37d/0x510 [ 211.209733] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.210244] ? write_comp_data+0x2f/0x90 [ 211.210712] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.211239] __x64_sys_ioctl+0x1a3/0x230 [ 211.211689] do_syscall_64+0x3b/0x90 [ 211.212090] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.212639] RIP: 0033:0x7f4b8743ee5d [ 211.213026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.214943] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.215756] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.216498] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.217239] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.217988] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.218752] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.219469] [ 211.219681] irq event stamp: 0 [ 211.219960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.220602] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.221473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.222331] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.223012] ---[ end trace 0000000000000000 ]--- [ 211.226257] ------------[ cut here ]------------ [ 211.226836] WARNING: CPU: 1 PID: 2012 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.227919] Modules linked in: [ 211.228252] CPU: 1 PID: 2012 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.229158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.230312] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.231154] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.233064] RSP: 0018:ffff888011c3fbd0 EFLAGS: 00010246 [ 211.233643] RAX: 0000000000000000 RBX: ffff888011de18a8 RCX: 0000000000000000 [ 211.234388] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 211.235189] RBP: ffff888011c3fbe8 R08: ffffed10023bc333 R09: ffffed10023bc333 [ 211.235943] R10: ffff888011de1993 R11: ffffed10023bc332 R12: ffff888010c0bc00 [ 211.236681] R13: ffff888011de19e8 R14: ffff88800f5cbd00 R15: 0000000000000000 [ 211.237423] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.238271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.238897] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.239655] PKRU: 55555554 [ 211.239950] Call Trace: [ 211.240218] [ 211.240461] iommufd_access_destroy_object+0x65/0x170 [ 211.241002] iommufd_object_destroy_user+0x18e/0x220 [ 211.241538] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.242173] iommufd_access_destroy+0x43/0x70 [ 211.242709] iommufd_test_staccess_release+0x8d/0xd0 [ 211.243287] __fput+0x26d/0xa40 [ 211.243652] ____fput+0x1e/0x30 [ 211.244013] task_work_run+0x1a4/0x2d0 [ 211.244424] ? __pfx_task_work_run+0x10/0x10 [ 211.244890] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.245405] ? switch_task_namespaces+0xa9/0xe0 [ 211.245898] do_exit+0xb17/0x2ef0 [ 211.246271] ? lock_acquire+0x427/0x4c0 [ 211.246741] ? __pfx_lock_release+0x10/0x10 [ 211.247222] ? __kasan_check_write+0x18/0x20 [ 211.247687] ? do_raw_spin_lock+0x132/0x2a0 [ 211.248151] ? __pfx_do_exit+0x10/0x10 [ 211.248571] ? debug_smp_processor_id+0x20/0x30 [ 211.249067] ? rcu_is_watching+0x19/0xb0 [ 211.249498] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.249981] ? trace_hardirqs_on+0x26/0x120 [ 211.250450] do_group_exit+0xe0/0x2b0 [ 211.250901] __x64_sys_exit_group+0x47/0x50 [ 211.251384] do_syscall_64+0x3b/0x90 [ 211.251791] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.252345] RIP: 0033:0x7f4b87518a4d [ 211.252740] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.253377] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.254171] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.254939] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.255700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.256435] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.257172] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.257923] [ 211.258165] irq event stamp: 0 [ 211.258494] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.259192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.260047] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.260900] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.261540] ---[ end trace 0000000000000000 ]--- [ 211.262390] ------------[ cut here ]------------ [ 211.262915] WARNING: CPU: 1 PID: 2012 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.263975] Modules linked in: [ 211.264308] CPU: 1 PID: 2012 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.265191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.266350] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.266924] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.268800] RSP: 0018:ffff888011c3fb78 EFLAGS: 00010246 [ 211.269353] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.270078] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 211.270844] RBP: ffff888011c3fb98 R08: ffffed10023bc33e R09: ffffed10023bc33e [ 211.271594] R10: ffff888011de19ef R11: ffffed10023bc33d R12: ffff888011de1a90 [ 211.272329] R13: ffff888011de18a8 R14: ffffffffffffffff R15: ffff888011c3fc60 [ 211.273053] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.273858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.274457] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.275227] PKRU: 55555554 [ 211.275534] Call Trace: [ 211.275805] [ 211.276046] iommufd_ioas_destroy+0x53/0x70 [ 211.276513] iommufd_fops_release+0x1f7/0x370 [ 211.276982] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.277490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.277993] ? write_comp_data+0x2f/0x90 [ 211.278418] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.278964] __fput+0x26d/0xa40 [ 211.279340] ____fput+0x1e/0x30 [ 211.279687] task_work_run+0x1a4/0x2d0 [ 211.280103] ? __pfx_task_work_run+0x10/0x10 [ 211.280574] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.281088] ? switch_task_namespaces+0xa9/0xe0 [ 211.281583] do_exit+0xb17/0x2ef0 [ 211.281936] ? lock_acquire+0x427/0x4c0 [ 211.282357] ? __pfx_lock_release+0x10/0x10 [ 211.282828] ? __kasan_check_write+0x18/0x20 [ 211.283310] ? do_raw_spin_lock+0x132/0x2a0 [ 211.283759] ? __pfx_do_exit+0x10/0x10 [ 211.284161] ? debug_smp_processor_id+0x20/0x30 [ 211.284643] ? rcu_is_watching+0x19/0xb0 [ 211.285063] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.285530] ? trace_hardirqs_on+0x26/0x120 [ 211.285980] do_group_exit+0xe0/0x2b0 [ 211.286382] __x64_sys_exit_group+0x47/0x50 [ 211.286858] do_syscall_64+0x3b/0x90 [ 211.287278] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.287815] RIP: 0033:0x7f4b87518a4d [ 211.288197] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.288823] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.289601] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.290324] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.291096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.291886] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.292615] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.293358] [ 211.293600] irq event stamp: 0 [ 211.293924] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.294561] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.295355] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.296124] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.296712] ---[ end trace 0000000000000000 ]--- [ 211.300878] ------------[ cut here ]------------ [ 211.301356] WARNING: CPU: 1 PID: 2013 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.302287] Modules linked in: [ 211.302796] CPU: 1 PID: 2013 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.303636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.304693] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.305173] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.306895] RSP: 0018:ffff8880181a7bb8 EFLAGS: 00010246 [ 211.307413] RAX: 0000000000000000 RBX: ffff88800cb958a8 RCX: 0000000000000000 [ 211.308070] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 211.308734] RBP: ffff8880181a7bd0 R08: ffffed1001972b33 R09: ffffed1001972b33 [ 211.309402] R10: ffff88800cb95993 R11: ffffed1001972b32 R12: ffff88801404dc00 [ 211.310064] R13: ffff88800cb959e8 R14: ffffffff8352e670 R15: ffff8880181a7e68 [ 211.310770] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.311540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.312088] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 211.312759] PKRU: 55555554 [ 211.313022] Call Trace: [ 211.313256] [ 211.313470] __iommufd_access_detach+0x1c2/0x2b0 [ 211.313937] iommufd_access_change_pt+0x149/0x270 [ 211.314400] iommufd_access_replace+0xb4/0x120 [ 211.314869] iommufd_test+0x3e5/0x37e0 [ 211.315257] ? lock_release+0x532/0x770 [ 211.315643] ? __might_fault+0x102/0x1b0 [ 211.316038] ? lock_acquire+0x427/0x4c0 [ 211.316426] ? __pfx_iommufd_test+0x10/0x10 [ 211.316826] ? __pfx_lock_release+0x10/0x10 [ 211.317242] ? __pfx_lock_acquire+0x10/0x10 [ 211.317662] ? write_comp_data+0x2f/0x90 [ 211.318062] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.318553] ? write_comp_data+0x2f/0x90 [ 211.318955] iommufd_fops_ioctl+0x37d/0x510 [ 211.319387] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.319854] ? write_comp_data+0x2f/0x90 [ 211.320252] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.320711] __x64_sys_ioctl+0x1a3/0x230 [ 211.321110] do_syscall_64+0x3b/0x90 [ 211.321482] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.321988] RIP: 0033:0x7f4b8743ee5d [ 211.322343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.324076] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.324812] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.325484] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.326144] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.326826] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.327489] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.328165] [ 211.328384] irq event stamp: 0 [ 211.328684] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.329272] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.330053] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.330859] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.331473] ---[ end trace 0000000000000000 ]--- [ 211.334579] ------------[ cut here ]------------ [ 211.335051] WARNING: CPU: 1 PID: 2013 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.336004] Modules linked in: [ 211.336305] CPU: 1 PID: 2013 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.337123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.338149] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.338642] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.340336] RSP: 0018:ffff8880181a7bd0 EFLAGS: 00010246 [ 211.340833] RAX: 0000000000000000 RBX: ffff88800cb958a8 RCX: 0000000000000000 [ 211.341485] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 211.342126] RBP: ffff8880181a7be8 R08: ffffed1001972b33 R09: ffffed1001972b33 [ 211.342799] R10: ffff88800cb95993 R11: ffffed1001972b32 R12: ffff888014580400 [ 211.343473] R13: ffff88800cb959e8 R14: ffff888012194900 R15: 0000000000000000 [ 211.344118] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.344859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.345394] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.346051] PKRU: 55555554 [ 211.346313] Call Trace: [ 211.346594] [ 211.346814] iommufd_access_destroy_object+0x65/0x170 [ 211.347317] iommufd_object_destroy_user+0x18e/0x220 [ 211.347785] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.348323] iommufd_access_destroy+0x43/0x70 [ 211.348753] iommufd_test_staccess_release+0x8d/0xd0 [ 211.349240] __fput+0x26d/0xa40 [ 211.349560] ____fput+0x1e/0x30 [ 211.349872] task_work_run+0x1a4/0x2d0 [ 211.350235] ? __pfx_task_work_run+0x10/0x10 [ 211.350681] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.351165] ? switch_task_namespaces+0xa9/0xe0 [ 211.351616] do_exit+0xb17/0x2ef0 [ 211.351940] ? lock_acquire+0x427/0x4c0 [ 211.352312] ? __pfx_lock_release+0x10/0x10 [ 211.352725] ? __kasan_check_write+0x18/0x20 [ 211.353137] ? do_raw_spin_lock+0x132/0x2a0 [ 211.353536] ? __pfx_do_exit+0x10/0x10 [ 211.353910] ? debug_smp_processor_id+0x20/0x30 [ 211.354349] ? rcu_is_watching+0x19/0xb0 [ 211.354760] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.355237] ? trace_hardirqs_on+0x26/0x120 [ 211.355651] do_group_exit+0xe0/0x2b0 [ 211.356008] __x64_sys_exit_group+0x47/0x50 [ 211.356410] do_syscall_64+0x3b/0x90 [ 211.356761] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.357242] RIP: 0033:0x7f4b87518a4d [ 211.357584] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.358152] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.358878] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.359555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.360213] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.360857] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.361516] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.362182] [ 211.362402] irq event stamp: 0 [ 211.362723] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.363326] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.364095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.364869] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.365452] ---[ end trace 0000000000000000 ]--- [ 211.366247] ------------[ cut here ]------------ [ 211.366707] WARNING: CPU: 1 PID: 2013 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.367667] Modules linked in: [ 211.367970] CPU: 1 PID: 2013 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.368766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.369795] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.370275] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.371997] RSP: 0018:ffff8880181a7b78 EFLAGS: 00010246 [ 211.372502] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.373172] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 211.373819] RBP: ffff8880181a7b98 R08: ffffed1001972b3e R09: ffffed1001972b3e [ 211.374479] R10: ffff88800cb959ef R11: ffffed1001972b3d R12: ffff88800cb95a90 [ 211.375383] R13: ffff88800cb958a8 R14: ffffffffffffffff R15: ffff8880181a7c60 [ 211.376056] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.376786] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.377319] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.377980] PKRU: 55555554 [ 211.378244] Call Trace: [ 211.378484] [ 211.378715] iommufd_ioas_destroy+0x53/0x70 [ 211.379214] iommufd_fops_release+0x1f7/0x370 [ 211.379772] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.380395] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.380865] ? write_comp_data+0x2f/0x90 [ 211.381257] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.381722] __fput+0x26d/0xa40 [ 211.382040] ____fput+0x1e/0x30 [ 211.382354] task_work_run+0x1a4/0x2d0 [ 211.382753] ? __pfx_task_work_run+0x10/0x10 [ 211.383185] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.383649] ? switch_task_namespaces+0xa9/0xe0 [ 211.384098] do_exit+0xb17/0x2ef0 [ 211.384426] ? lock_acquire+0x427/0x4c0 [ 211.384809] ? __pfx_lock_release+0x10/0x10 [ 211.385214] ? __kasan_check_write+0x18/0x20 [ 211.385767] ? do_raw_spin_lock+0x132/0x2a0 [ 211.386271] ? __pfx_do_exit+0x10/0x10 [ 211.386682] ? debug_smp_processor_id+0x20/0x30 [ 211.387115] ? rcu_is_watching+0x19/0xb0 [ 211.387513] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.387941] ? trace_hardirqs_on+0x26/0x120 [ 211.388355] do_group_exit+0xe0/0x2b0 [ 211.388718] __x64_sys_exit_group+0x47/0x50 [ 211.389126] do_syscall_64+0x3b/0x90 [ 211.389485] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.389973] RIP: 0033:0x7f4b87518a4d [ 211.390383] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.391201] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.391938] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.392590] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.393252] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.393907] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.394601] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.395278] [ 211.395563] irq event stamp: 0 [ 211.395960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.396682] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.397446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.398205] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.398807] ---[ end trace 0000000000000000 ]--- [ 211.403106] ------------[ cut here ]------------ [ 211.403642] WARNING: CPU: 1 PID: 2014 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.404879] Modules linked in: [ 211.405275] CPU: 1 PID: 2014 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.406081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.407240] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.407715] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.409433] RSP: 0018:ffff888023e87bb8 EFLAGS: 00010246 [ 211.410073] RAX: 0000000000000000 RBX: ffff8880180ca8a8 RCX: 0000000000000000 [ 211.410911] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 211.411585] RBP: ffff888023e87bd0 R08: ffffed1003019533 R09: ffffed1003019533 [ 211.412241] R10: ffff8880180ca993 R11: ffffed1003019532 R12: ffff8880189c8c00 [ 211.412897] R13: ffff8880180ca9e8 R14: ffffffff8352e670 R15: ffff888023e87e68 [ 211.413557] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.414481] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.415233] CR2: 00007f4b877410e8 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 211.415902] PKRU: 55555554 [ 211.416171] Call Trace: [ 211.416411] [ 211.416624] __iommufd_access_detach+0x1c2/0x2b0 [ 211.417086] iommufd_access_change_pt+0x149/0x270 [ 211.417541] iommufd_access_replace+0xb4/0x120 [ 211.417977] iommufd_test+0x3e5/0x37e0 [ 211.418350] ? lock_release+0x532/0x770 [ 211.418887] ? __might_fault+0x102/0x1b0 [ 211.419423] ? lock_acquire+0x427/0x4c0 [ 211.419806] ? __pfx_iommufd_test+0x10/0x10 [ 211.420208] ? __pfx_lock_release+0x10/0x10 [ 211.420623] ? __pfx_lock_acquire+0x10/0x10 [ 211.421041] ? write_comp_data+0x2f/0x90 [ 211.421431] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.421899] ? write_comp_data+0x2f/0x90 [ 211.422303] iommufd_fops_ioctl+0x37d/0x510 [ 211.422770] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.423255] ? write_comp_data+0x2f/0x90 [ 211.423639] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.424227] __x64_sys_ioctl+0x1a3/0x230 [ 211.424788] do_syscall_64+0x3b/0x90 [ 211.425149] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.425646] RIP: 0033:0x7f4b8743ee5d [ 211.426009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.427982] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.429059] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.429801] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.430567] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.431322] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.432048] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.432799] [ 211.433127] irq event stamp: 0 [ 211.433572] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.434444] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.435370] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.436230] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.436872] ---[ end trace 0000000000000000 ]--- [ 211.440480] ------------[ cut here ]------------ [ 211.441027] WARNING: CPU: 1 PID: 2014 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.442058] Modules linked in: [ 211.442387] CPU: 1 PID: 2014 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.443672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.445094] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.445619] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.447543] RSP: 0018:ffff888023e87bd0 EFLAGS: 00010246 [ 211.448098] RAX: 0000000000000000 RBX: ffff8880180ca8a8 RCX: 0000000000000000 [ 211.448899] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 211.449907] RBP: ffff888023e87be8 R08: ffffed1003019533 R09: ffffed1003019533 [ 211.450901] R10: ffff8880180ca993 R11: ffffed1003019532 R12: ffff88801404cc00 [ 211.451676] R13: ffff8880180ca9e8 R14: ffff88801024f900 R15: 0000000000000000 [ 211.452420] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.453255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.453872] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 211.454890] PKRU: 55555554 [ 211.455365] Call Trace: [ 211.455699] [ 211.455939] iommufd_access_destroy_object+0x65/0x170 [ 211.456487] iommufd_object_destroy_user+0x18e/0x220 [ 211.457026] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.457637] iommufd_access_destroy+0x43/0x70 [ 211.458119] iommufd_test_staccess_release+0x8d/0xd0 [ 211.458704] __fput+0x26d/0xa40 [ 211.459069] ____fput+0x1e/0x30 [ 211.459450] task_work_run+0x1a4/0x2d0 [ 211.459874] ? __pfx_task_work_run+0x10/0x10 [ 211.460454] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.461144] ? switch_task_namespaces+0xa9/0xe0 [ 211.461857] do_exit+0xb17/0x2ef0 [ 211.462228] ? lock_acquire+0x427/0x4c0 [ 211.462705] ? __pfx_lock_release+0x10/0x10 [ 211.463185] ? __kasan_check_write+0x18/0x20 [ 211.463651] ? do_raw_spin_lock+0x132/0x2a0 [ 211.464107] ? __pfx_do_exit+0x10/0x10 [ 211.464519] ? debug_smp_processor_id+0x20/0x30 [ 211.465017] ? rcu_is_watching+0x19/0xb0 [ 211.465446] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.466050] ? trace_hardirqs_on+0x26/0x120 [ 211.466780] do_group_exit+0xe0/0x2b0 [ 211.467207] __x64_sys_exit_group+0x47/0x50 [ 211.467663] do_syscall_64+0x3b/0x90 [ 211.468066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.468612] RIP: 0033:0x7f4b87518a4d [ 211.469006] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.469642] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.470482] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.471558] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.472303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.473051] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.473800] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.474581] [ 211.474830] irq event stamp: 0 [ 211.475173] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.475886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.477084] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.477953] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.478641] ---[ end trace 0000000000000000 ]--- [ 211.479571] ------------[ cut here ]------------ [ 211.480076] WARNING: CPU: 1 PID: 2014 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.481317] Modules linked in: [ 211.481771] CPU: 1 PID: 2014 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.482959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.484144] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.484681] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.486855] RSP: 0018:ffff888023e87b78 EFLAGS: 00010246 [ 211.487650] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.488401] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 211.489137] RBP: ffff888023e87b98 R08: ffffed100301953e R09: ffffed100301953e [ 211.489873] R10: ffff8880180ca9ef R11: ffffed100301953d R12: ffff8880180caa90 [ 211.490646] R13: ffff8880180ca8a8 R14: ffffffffffffffff R15: ffff888023e87c60 [ 211.491410] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.492467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.493320] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 211.494072] PKRU: 55555554 [ 211.494365] Call Trace: [ 211.494699] [ 211.494942] iommufd_ioas_destroy+0x53/0x70 [ 211.495434] iommufd_fops_release+0x1f7/0x370 [ 211.495912] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.496437] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.496960] ? write_comp_data+0x2f/0x90 [ 211.497450] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.498144] __fput+0x26d/0xa40 [ 211.498689] ____fput+0x1e/0x30 [ 211.499044] task_work_run+0x1a4/0x2d0 [ 211.499472] ? __pfx_task_work_run+0x10/0x10 [ 211.499935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.500443] ? switch_task_namespaces+0xa9/0xe0 [ 211.500936] do_exit+0xb17/0x2ef0 [ 211.501297] ? lock_acquire+0x427/0x4c0 [ 211.501719] ? __pfx_lock_release+0x10/0x10 [ 211.502176] ? __kasan_check_write+0x18/0x20 [ 211.502806] ? do_raw_spin_lock+0x132/0x2a0 [ 211.503461] ? __pfx_do_exit+0x10/0x10 [ 211.503932] ? debug_smp_processor_id+0x20/0x30 [ 211.504415] ? rcu_is_watching+0x19/0xb0 [ 211.504835] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.505309] ? trace_hardirqs_on+0x26/0x120 [ 211.505766] do_group_exit+0xe0/0x2b0 [ 211.506167] __x64_sys_exit_group+0x47/0x50 [ 211.506640] do_syscall_64+0x3b/0x90 [ 211.507037] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.507592] RIP: 0033:0x7f4b87518a4d [ 211.508052] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.508897] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.509875] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.510644] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.511409] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.512126] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.512854] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.513733] [ 211.514054] irq event stamp: 0 [ 211.514568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.515220] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.516061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.516894] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.517527] ---[ end trace 0000000000000000 ]--- [ 211.525371] ------------[ cut here ]------------ [ 211.526040] WARNING: CPU: 0 PID: 2015 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.527558] Modules linked in: [ 211.527983] CPU: 0 PID: 2015 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.529084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.530491] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.531208] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.533483] RSP: 0018:ffff8880181a7bb8 EFLAGS: 00010246 [ 211.534159] RAX: 0000000000000000 RBX: ffff888012f5f0a8 RCX: 0000000000000000 [ 211.535101] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 211.536023] RBP: ffff8880181a7bd0 R08: ffffed10025ebe33 R09: ffffed10025ebe33 [ 211.536922] R10: ffff888012f5f193 R11: ffffed10025ebe32 R12: ffff8880143ea800 [ 211.537795] R13: ffff888012f5f1e8 R14: ffffffff8352e670 R15: ffff8880181a7e68 [ 211.538704] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 211.539701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.540412] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ef0 [ 211.541281] PKRU: 55555554 [ 211.541632] Call Trace: [ 211.541950] [ 211.542230] __iommufd_access_detach+0x1c2/0x2b0 [ 211.542856] iommufd_access_change_pt+0x149/0x270 [ 211.543473] iommufd_access_replace+0xb4/0x120 [ 211.544039] iommufd_test+0x3e5/0x37e0 [ 211.544512] ? lock_release+0x532/0x770 [ 211.545008] ? __might_fault+0x102/0x1b0 [ 211.545504] ? lock_acquire+0x427/0x4c0 [ 211.545994] ? __pfx_iommufd_test+0x10/0x10 [ 211.546543] ? __pfx_lock_release+0x10/0x10 [ 211.547079] ? __pfx_lock_acquire+0x10/0x10 [ 211.547628] ? write_comp_data+0x2f/0x90 [ 211.548142] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.548748] ? write_comp_data+0x2f/0x90 [ 211.549262] iommufd_fops_ioctl+0x37d/0x510 [ 211.549788] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.550382] ? write_comp_data+0x2f/0x90 [ 211.550927] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.551537] __x64_sys_ioctl+0x1a3/0x230 [ 211.552046] do_syscall_64+0x3b/0x90 [ 211.552507] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.553136] RIP: 0033:0x7f4b8743ee5d [ 211.553589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.555772] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.556681] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.557513] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.558308] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.559143] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.559952] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.560561] [ 211.560754] irq event stamp: 0 [ 211.561014] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.561528] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.562212] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.562928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.563459] ---[ end trace 0000000000000000 ]--- [ 211.566979] ------------[ cut here ]------------ [ 211.567396] WARNING: CPU: 0 PID: 2015 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.568651] Modules linked in: [ 211.568925] CPU: 0 PID: 2015 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.569654] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.570790] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.571227] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.572908] RSP: 0018:ffff8880181a7bd0 EFLAGS: 00010246 [ 211.573347] RAX: 0000000000000000 RBX: ffff888012f5f0a8 RCX: 0000000000000000 [ 211.574102] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 211.574708] RBP: ffff8880181a7be8 R08: ffffed10025ebe33 R09: ffffed10025ebe33 [ 211.575302] R10: ffff888012f5f193 R11: ffffed10025ebe32 R12: ffff888012c07c00 [ 211.575961] R13: ffff888012f5f1e8 R14: ffff888014b93300 R15: 0000000000000000 [ 211.576645] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 211.577321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.577971] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 211.578610] PKRU: 55555554 [ 211.578852] Call Trace: [ 211.579066] [ 211.579263] iommufd_access_destroy_object+0x65/0x170 [ 211.579698] iommufd_object_destroy_user+0x18e/0x220 [ 211.580305] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.580795] iommufd_access_destroy+0x43/0x70 [ 211.581181] iommufd_test_staccess_release+0x8d/0xd0 [ 211.581689] __fput+0x26d/0xa40 [ 211.582068] ____fput+0x1e/0x30 [ 211.582355] task_work_run+0x1a4/0x2d0 [ 211.582710] ? __pfx_task_work_run+0x10/0x10 [ 211.583083] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.583504] ? switch_task_namespaces+0xa9/0xe0 [ 211.583982] do_exit+0xb17/0x2ef0 [ 211.584339] ? lock_acquire+0x427/0x4c0 [ 211.584678] ? __pfx_lock_release+0x10/0x10 [ 211.585045] ? __kasan_check_write+0x18/0x20 [ 211.585418] ? do_raw_spin_lock+0x132/0x2a0 [ 211.585950] ? __pfx_do_exit+0x10/0x10 [ 211.586286] ? debug_smp_processor_id+0x20/0x30 [ 211.586695] ? rcu_is_watching+0x19/0xb0 [ 211.587039] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.587427] ? trace_hardirqs_on+0x26/0x120 [ 211.587870] do_group_exit+0xe0/0x2b0 [ 211.588291] __x64_sys_exit_group+0x47/0x50 [ 211.588650] do_syscall_64+0x3b/0x90 [ 211.588971] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.589410] RIP: 0033:0x7f4b87518a4d [ 211.589889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.590411] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.591090] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.591755] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.592528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.593151] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.593967] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.594626] [ 211.594843] irq event stamp: 0 [ 211.595121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.595699] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.596598] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.597338] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.598073] ---[ end trace 0000000000000000 ]--- [ 211.598888] ------------[ cut here ]------------ [ 211.599319] WARNING: CPU: 0 PID: 2015 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.600433] Modules linked in: [ 211.600723] CPU: 0 PID: 2015 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.601490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.602701] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.603176] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.604984] RSP: 0018:ffff8880181a7b78 EFLAGS: 00010246 [ 211.605459] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.606270] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 211.606925] RBP: ffff8880181a7b98 R08: ffffed10025ebe3e R09: ffffed10025ebe3e [ 211.607567] R10: ffff888012f5f1ef R11: ffffed10025ebe3d R12: ffff888012f5f290 [ 211.608238] R13: ffff888012f5f0a8 R14: ffffffffffffffff R15: ffff8880181a7c60 [ 211.609020] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 211.609730] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.610409] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 211.611060] PKRU: 55555554 [ 211.611319] Call Trace: [ 211.611546] [ 211.611746] iommufd_ioas_destroy+0x53/0x70 [ 211.612144] iommufd_fops_release+0x1f7/0x370 [ 211.612733] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.613189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.613633] ? write_comp_data+0x2f/0x90 [ 211.614002] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.614649] __fput+0x26d/0xa40 [ 211.614960] ____fput+0x1e/0x30 [ 211.615279] task_work_run+0x1a4/0x2d0 [ 211.615634] ? __pfx_task_work_run+0x10/0x10 [ 211.616032] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.616528] ? switch_task_namespaces+0xa9/0xe0 [ 211.617055] do_exit+0xb17/0x2ef0 [ 211.617370] ? lock_acquire+0x427/0x4c0 [ 211.617732] ? __pfx_lock_release+0x10/0x10 [ 211.618122] ? __kasan_check_write+0x18/0x20 [ 211.618705] ? do_raw_spin_lock+0x132/0x2a0 [ 211.619092] ? __pfx_do_exit+0x10/0x10 [ 211.619464] ? debug_smp_processor_id+0x20/0x30 [ 211.619893] ? rcu_is_watching+0x19/0xb0 [ 211.620257] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.620663] ? trace_hardirqs_on+0x26/0x120 [ 211.621240] do_group_exit+0xe0/0x2b0 [ 211.621580] __x64_sys_exit_group+0x47/0x50 [ 211.621964] do_syscall_64+0x3b/0x90 [ 211.622304] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.622825] RIP: 0033:0x7f4b87518a4d [ 211.623267] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.623810] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.624483] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.625194] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.625931] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.626581] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.627275] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.628046] [ 211.628257] irq event stamp: 0 [ 211.628533] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.629130] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.630004] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.630764] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.631391] ---[ end trace 0000000000000000 ]--- [ 211.636128] ------------[ cut here ]------------ [ 211.636567] WARNING: CPU: 0 PID: 2016 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.637505] Modules linked in: [ 211.637908] CPU: 0 PID: 2016 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.638761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.639767] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.640208] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.641834] RSP: 0018:ffff888015b8fbb8 EFLAGS: 00010246 [ 211.642309] RAX: 0000000000000000 RBX: ffff88801609d8a8 RCX: 0000000000000000 [ 211.642954] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 211.643590] RBP: ffff888015b8fbd0 R08: ffffed1002c13b33 R09: ffffed1002c13b33 [ 211.644209] R10: ffff88801609d993 R11: ffffed1002c13b32 R12: ffff888010c0b400 [ 211.644823] R13: ffff88801609d9e8 R14: ffffffff8352e670 R15: ffff888015b8fe68 [ 211.645454] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 211.646148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.646672] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 211.647307] PKRU: 55555554 [ 211.647557] Call Trace: [ 211.647781] [ 211.647977] __iommufd_access_detach+0x1c2/0x2b0 [ 211.648402] iommufd_access_change_pt+0x149/0x270 [ 211.648832] iommufd_access_replace+0xb4/0x120 [ 211.649244] iommufd_test+0x3e5/0x37e0 [ 211.649582] ? lock_release+0x532/0x770 [ 211.649944] ? __might_fault+0x102/0x1b0 [ 211.650310] ? lock_acquire+0x427/0x4c0 [ 211.650681] ? __pfx_iommufd_test+0x10/0x10 [ 211.651060] ? __pfx_lock_release+0x10/0x10 [ 211.651451] ? __pfx_lock_acquire+0x10/0x10 [ 211.651835] ? write_comp_data+0x2f/0x90 [ 211.652198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.652627] ? write_comp_data+0x2f/0x90 [ 211.652987] iommufd_fops_ioctl+0x37d/0x510 [ 211.653372] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.653805] ? write_comp_data+0x2f/0x90 [ 211.654170] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.654627] __x64_sys_ioctl+0x1a3/0x230 [ 211.654995] do_syscall_64+0x3b/0x90 [ 211.655338] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.655796] RIP: 0033:0x7f4b8743ee5d [ 211.656118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.657692] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.658350] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.658988] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.659621] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.660234] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.660850] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.661475] [ 211.661678] irq event stamp: 0 [ 211.661954] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.662498] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.663249] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.663980] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.664519] ---[ end trace 0000000000000000 ]--- [ 211.668035] ------------[ cut here ]------------ [ 211.668507] WARNING: CPU: 1 PID: 2016 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.669378] Modules linked in: [ 211.669657] CPU: 1 PID: 2016 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.670416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.671530] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.671960] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.673539] RSP: 0018:ffff888015b8fbd0 EFLAGS: 00010246 [ 211.673998] RAX: 0000000000000000 RBX: ffff88801609d8a8 RCX: 0000000000000000 [ 211.674633] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 211.675266] RBP: ffff888015b8fbe8 R08: ffffed1002c13b33 R09: ffffed1002c13b33 [ 211.675890] R10: ffff88801609d993 R11: ffffed1002c13b32 R12: ffff8880143ebc00 [ 211.676510] R13: ffff88801609d9e8 R14: ffff88800fd4fd00 R15: 0000000000000000 [ 211.677128] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.677816] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.678314] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.678951] PKRU: 55555554 [ 211.679215] Call Trace: [ 211.679447] [ 211.679650] iommufd_access_destroy_object+0x65/0x170 [ 211.680102] iommufd_object_destroy_user+0x18e/0x220 [ 211.680550] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.681056] iommufd_access_destroy+0x43/0x70 [ 211.681464] iommufd_test_staccess_release+0x8d/0xd0 [ 211.681918] __fput+0x26d/0xa40 [ 211.682220] ____fput+0x1e/0x30 [ 211.682535] task_work_run+0x1a4/0x2d0 [ 211.682890] ? __pfx_task_work_run+0x10/0x10 [ 211.683275] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.683686] ? switch_task_namespaces+0xa9/0xe0 [ 211.684067] do_exit+0xb17/0x2ef0 [ 211.684346] ? lock_acquire+0x427/0x4c0 [ 211.684675] ? __pfx_lock_release+0x10/0x10 [ 211.685024] ? __kasan_check_write+0x18/0x20 [ 211.685381] ? do_raw_spin_lock+0x132/0x2a0 [ 211.685729] ? __pfx_do_exit+0x10/0x10 [ 211.686059] ? debug_smp_processor_id+0x20/0x30 [ 211.686438] ? rcu_is_watching+0x19/0xb0 [ 211.686797] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.687180] ? trace_hardirqs_on+0x26/0x120 [ 211.687541] do_group_exit+0xe0/0x2b0 [ 211.687846] __x64_sys_exit_group+0x47/0x50 [ 211.688187] do_syscall_64+0x3b/0x90 [ 211.688506] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.688926] RIP: 0033:0x7f4b87518a4d [ 211.689223] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.689726] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.690356] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.690955] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.691549] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.692123] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.692688] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.693269] [ 211.693460] irq event stamp: 0 [ 211.693711] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.694220] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.694922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.695608] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.696103] ---[ end trace 0000000000000000 ]--- [ 211.696829] ------------[ cut here ]------------ [ 211.697209] WARNING: CPU: 1 PID: 2016 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.698038] Modules linked in: [ 211.698296] CPU: 1 PID: 2016 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.699024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.699939] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.700349] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.701797] RSP: 0018:ffff888015b8fb78 EFLAGS: 00010246 [ 211.702227] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.702822] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 211.703402] RBP: ffff888015b8fb98 R08: ffffed1002c13b3e R09: ffffed1002c13b3e [ 211.703965] R10: ffff88801609d9ef R11: ffffed1002c13b3d R12: ffff88801609da90 [ 211.704528] R13: ffff88801609d8a8 R14: ffffffffffffffff R15: ffff888015b8fc60 [ 211.705102] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.705741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.706213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.706802] PKRU: 55555554 [ 211.707038] Call Trace: [ 211.707259] [ 211.707446] iommufd_ioas_destroy+0x53/0x70 [ 211.707806] iommufd_fops_release+0x1f7/0x370 [ 211.708171] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.708584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.708984] ? write_comp_data+0x2f/0x90 [ 211.709320] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.709742] __fput+0x26d/0xa40 [ 211.710022] ____fput+0x1e/0x30 [ 211.710293] task_work_run+0x1a4/0x2d0 [ 211.710644] ? __pfx_task_work_run+0x10/0x10 [ 211.711006] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.711411] ? switch_task_namespaces+0xa9/0xe0 [ 211.711801] do_exit+0xb17/0x2ef0 [ 211.712081] ? lock_acquire+0x427/0x4c0 [ 211.712415] ? __pfx_lock_release+0x10/0x10 [ 211.712771] ? __kasan_check_write+0x18/0x20 [ 211.713134] ? do_raw_spin_lock+0x132/0x2a0 [ 211.713485] ? __pfx_do_exit+0x10/0x10 [ 211.713805] ? debug_smp_processor_id+0x20/0x30 [ 211.714178] ? rcu_is_watching+0x19/0xb0 [ 211.714535] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.714905] ? trace_hardirqs_on+0x26/0x120 [ 211.715281] do_group_exit+0xe0/0x2b0 [ 211.715588] __x64_sys_exit_group+0x47/0x50 [ 211.715941] do_syscall_64+0x3b/0x90 [ 211.716249] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.716675] RIP: 0033:0x7f4b87518a4d [ 211.716978] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.717473] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.718077] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.718675] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.719265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.719833] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.720400] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.720979] [ 211.721164] irq event stamp: 0 [ 211.721409] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.721890] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.722557] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.723211] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.723716] ---[ end trace 0000000000000000 ]--- [ 211.727683] ------------[ cut here ]------------ [ 211.728096] WARNING: CPU: 1 PID: 2017 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.728876] Modules linked in: [ 211.729123] CPU: 1 PID: 2017 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.729810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.730700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.731090] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.732516] RSP: 0018:ffff888011f4fbb8 EFLAGS: 00010246 [ 211.732921] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 211.733483] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 211.734033] RBP: ffff888011f4fbd0 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 211.734603] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff88801422ec00 [ 211.735168] R13: ffff8880104669e8 R14: ffffffff8352e670 R15: ffff888011f4fe68 [ 211.735725] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.736353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.736798] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ee0 [ 211.737340] PKRU: 55555554 [ 211.737563] Call Trace: [ 211.737755] [ 211.737928] __iommufd_access_detach+0x1c2/0x2b0 [ 211.738306] iommufd_access_change_pt+0x149/0x270 [ 211.738707] iommufd_access_replace+0xb4/0x120 [ 211.739079] iommufd_test+0x3e5/0x37e0 [ 211.739399] ? lock_release+0x532/0x770 [ 211.739713] ? __might_fault+0x102/0x1b0 [ 211.740040] ? lock_acquire+0x427/0x4c0 [ 211.740358] ? __pfx_iommufd_test+0x10/0x10 [ 211.740695] ? __pfx_lock_release+0x10/0x10 [ 211.741031] ? __pfx_lock_acquire+0x10/0x10 [ 211.741380] ? write_comp_data+0x2f/0x90 [ 211.741702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.742085] ? write_comp_data+0x2f/0x90 [ 211.742411] iommufd_fops_ioctl+0x37d/0x510 [ 211.742772] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.743181] ? write_comp_data+0x2f/0x90 [ 211.743507] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.743886] __x64_sys_ioctl+0x1a3/0x230 [ 211.744209] do_syscall_64+0x3b/0x90 [ 211.744515] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.744920] RIP: 0033:0x7f4b8743ee5d [ 211.745208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.746634] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.747237] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.747784] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.748323] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.748870] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.749425] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.749975] [ 211.750162] irq event stamp: 0 [ 211.750405] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.750923] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.751579] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.752228] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.752713] ---[ end trace 0000000000000000 ]--- [ 211.755484] ------------[ cut here ]------------ [ 211.755873] WARNING: CPU: 1 PID: 2017 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.756657] Modules linked in: [ 211.756903] CPU: 1 PID: 2017 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.757598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.758458] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.758868] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.760280] RSP: 0018:ffff888011f4fbd0 EFLAGS: 00010246 [ 211.760695] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 211.761254] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 211.761801] RBP: ffff888011f4fbe8 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 211.762349] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff8880189ca400 [ 211.762917] R13: ffff8880104669e8 R14: ffff8880143ffa00 R15: 0000000000000000 [ 211.763470] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.764089] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.764548] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.765105] PKRU: 55555554 [ 211.765325] Call Trace: [ 211.765525] [ 211.765699] iommufd_access_destroy_object+0x65/0x170 [ 211.766103] iommufd_object_destroy_user+0x18e/0x220 [ 211.766526] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.766989] iommufd_access_destroy+0x43/0x70 [ 211.767365] iommufd_test_staccess_release+0x8d/0xd0 [ 211.767772] __fput+0x26d/0xa40 [ 211.768042] ____fput+0x1e/0x30 [ 211.768306] task_work_run+0x1a4/0x2d0 [ 211.768615] ? __pfx_task_work_run+0x10/0x10 [ 211.768972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.769356] ? switch_task_namespaces+0xa9/0xe0 [ 211.769737] do_exit+0xb17/0x2ef0 [ 211.770011] ? lock_acquire+0x427/0x4c0 [ 211.770327] ? __pfx_lock_release+0x10/0x10 [ 211.770704] ? __kasan_check_write+0x18/0x20 [ 211.771054] ? do_raw_spin_lock+0x132/0x2a0 [ 211.771403] ? __pfx_do_exit+0x10/0x10 [ 211.771713] ? debug_smp_processor_id+0x20/0x30 [ 211.772077] ? rcu_is_watching+0x19/0xb0 [ 211.772402] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.772754] ? trace_hardirqs_on+0x26/0x120 [ 211.773096] do_group_exit+0xe0/0x2b0 [ 211.773395] __x64_sys_exit_group+0x47/0x50 [ 211.773727] do_syscall_64+0x3b/0x90 [ 211.774031] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.774438] RIP: 0033:0x7f4b87518a4d [ 211.774754] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.775241] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.775833] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.776378] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.776916] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.777464] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.778007] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.778579] [ 211.778762] irq event stamp: 0 [ 211.779015] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.779508] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.780149] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.780795] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.781274] ---[ end trace 0000000000000000 ]--- [ 211.781962] ------------[ cut here ]------------ [ 211.782322] WARNING: CPU: 1 PID: 2017 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.783162] Modules linked in: [ 211.783411] CPU: 1 PID: 2017 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.784093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.784960] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.785361] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.786787] RSP: 0018:ffff888011f4fb78 EFLAGS: 00010246 [ 211.787213] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.787756] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 211.788301] RBP: ffff888011f4fb98 R08: ffffed100208cd3e R09: ffffed100208cd3e [ 211.788837] R10: ffff8880104669ef R11: ffffed100208cd3d R12: ffff888010466a90 [ 211.789376] R13: ffff8880104668a8 R14: ffffffffffffffff R15: ffff888011f4fc60 [ 211.789908] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.790536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.790974] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.791529] PKRU: 55555554 [ 211.791743] Call Trace: [ 211.791944] [ 211.792115] iommufd_ioas_destroy+0x53/0x70 [ 211.792451] iommufd_fops_release+0x1f7/0x370 [ 211.792796] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.793174] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.793549] ? write_comp_data+0x2f/0x90 [ 211.793866] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.794242] __fput+0x26d/0xa40 [ 211.794525] ____fput+0x1e/0x30 [ 211.794783] task_work_run+0x1a4/0x2d0 [ 211.795093] ? __pfx_task_work_run+0x10/0x10 [ 211.795444] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.795813] ? switch_task_namespaces+0xa9/0xe0 [ 211.796166] do_exit+0xb17/0x2ef0 [ 211.796426] ? lock_acquire+0x427/0x4c0 [ 211.796733] ? __pfx_lock_release+0x10/0x10 [ 211.797067] ? __kasan_check_write+0x18/0x20 [ 211.797400] ? do_raw_spin_lock+0x132/0x2a0 [ 211.797736] ? __pfx_do_exit+0x10/0x10 [ 211.798037] ? debug_smp_processor_id+0x20/0x30 [ 211.798400] ? rcu_is_watching+0x19/0xb0 [ 211.798733] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.799085] ? trace_hardirqs_on+0x26/0x120 [ 211.799437] do_group_exit+0xe0/0x2b0 [ 211.799721] __x64_sys_exit_group+0x47/0x50 [ 211.800041] do_syscall_64+0x3b/0x90 [ 211.800323] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.800724] RIP: 0033:0x7f4b87518a4d [ 211.801013] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.801484] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.802044] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.802594] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.803144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.803682] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.804217] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.804764] [ 211.804939] irq event stamp: 0 [ 211.805180] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.805660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.806291] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.806943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.807433] ---[ end trace 0000000000000000 ]--- [ 211.812098] ------------[ cut here ]------------ [ 211.812493] WARNING: CPU: 1 PID: 2018 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.813252] Modules linked in: [ 211.813493] CPU: 1 PID: 2018 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.814149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.815159] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.815545] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.816902] RSP: 0018:ffff8880181a7bb8 EFLAGS: 00010246 [ 211.817296] RAX: 0000000000000000 RBX: ffff888011d508a8 RCX: 0000000000000000 [ 211.817832] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 211.818363] RBP: ffff8880181a7bd0 R08: ffffed10023aa133 R09: ffffed10023aa133 [ 211.818898] R10: ffff888011d50993 R11: ffffed10023aa132 R12: ffff88801226f400 [ 211.819434] R13: ffff888011d509e8 R14: ffffffff8352e670 R15: ffff8880181a7e68 [ 211.819956] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.820546] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.820975] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 211.821498] PKRU: 55555554 [ 211.821707] Call Trace: [ 211.821896] [ 211.822062] __iommufd_access_detach+0x1c2/0x2b0 [ 211.822423] iommufd_access_change_pt+0x149/0x270 [ 211.822807] iommufd_access_replace+0xb4/0x120 [ 211.823166] iommufd_test+0x3e5/0x37e0 [ 211.823458] ? lock_release+0x532/0x770 [ 211.823775] ? __might_fault+0x102/0x1b0 [ 211.824082] ? lock_acquire+0x427/0x4c0 [ 211.824388] ? __pfx_iommufd_test+0x10/0x10 [ 211.824715] ? __pfx_lock_release+0x10/0x10 [ 211.825043] ? __pfx_lock_acquire+0x10/0x10 [ 211.825375] ? write_comp_data+0x2f/0x90 [ 211.825685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.826049] ? write_comp_data+0x2f/0x90 [ 211.826371] iommufd_fops_ioctl+0x37d/0x510 [ 211.826712] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.827085] ? write_comp_data+0x2f/0x90 [ 211.827421] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.827782] __x64_sys_ioctl+0x1a3/0x230 [ 211.828092] do_syscall_64+0x3b/0x90 [ 211.828383] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.828771] RIP: 0033:0x7f4b8743ee5d [ 211.829056] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.830401] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.831001] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.831544] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.832067] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.832598] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.833124] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.833654] [ 211.833827] irq event stamp: 0 [ 211.834062] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.834550] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.835178] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.835791] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.836256] ---[ end trace 0000000000000000 ]--- [ 211.838923] ------------[ cut here ]------------ [ 211.839316] WARNING: CPU: 1 PID: 2018 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.840069] Modules linked in: [ 211.840305] CPU: 1 PID: 2018 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.840947] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.841778] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.842147] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.843743] RSP: 0018:ffff8880181a7bd0 EFLAGS: 00010246 [ 211.844147] RAX: 0000000000000000 RBX: ffff888011d508a8 RCX: 0000000000000000 [ 211.844677] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 211.845204] RBP: ffff8880181a7be8 R08: ffffed10023aa133 R09: ffffed10023aa133 [ 211.845726] R10: ffff888011d50993 R11: ffffed10023aa132 R12: ffff88801422d400 [ 211.846248] R13: ffff888011d509e8 R14: ffff88801024f300 R15: 0000000000000000 [ 211.846798] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.847412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.847839] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.848372] PKRU: 55555554 [ 211.848584] Call Trace: [ 211.848773] [ 211.848941] iommufd_access_destroy_object+0x65/0x170 [ 211.849336] iommufd_object_destroy_user+0x18e/0x220 [ 211.849720] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.850154] iommufd_access_destroy+0x43/0x70 [ 211.850494] iommufd_test_staccess_release+0x8d/0xd0 [ 211.850902] __fput+0x26d/0xa40 [ 211.851174] ____fput+0x1e/0x30 [ 211.851429] task_work_run+0x1a4/0x2d0 [ 211.851725] ? __pfx_task_work_run+0x10/0x10 [ 211.852060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.852426] ? switch_task_namespaces+0xa9/0xe0 [ 211.852789] do_exit+0xb17/0x2ef0 [ 211.853049] ? lock_acquire+0x427/0x4c0 [ 211.853363] ? __pfx_lock_release+0x10/0x10 [ 211.853691] ? __kasan_check_write+0x18/0x20 [ 211.854023] ? do_raw_spin_lock+0x132/0x2a0 [ 211.854346] ? __pfx_do_exit+0x10/0x10 [ 211.854671] ? debug_smp_processor_id+0x20/0x30 [ 211.855024] ? rcu_is_watching+0x19/0xb0 [ 211.855350] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.855695] ? trace_hardirqs_on+0x26/0x120 [ 211.856029] do_group_exit+0xe0/0x2b0 [ 211.856313] __x64_sys_exit_group+0x47/0x50 [ 211.856640] do_syscall_64+0x3b/0x90 [ 211.856925] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.857315] RIP: 0033:0x7f4b87518a4d [ 211.857598] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.858051] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.858642] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.859183] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.859716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.860236] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.860760] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.861290] [ 211.861466] irq event stamp: 0 [ 211.861698] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.862166] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.862810] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.863442] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.863907] ---[ end trace 0000000000000000 ]--- [ 211.864577] ------------[ cut here ]------------ [ 211.864927] WARNING: CPU: 1 PID: 2018 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.865677] Modules linked in: [ 211.865916] CPU: 1 PID: 2018 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.866581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.867437] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.867819] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.869169] RSP: 0018:ffff8880181a7b78 EFLAGS: 00010246 [ 211.869573] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.870097] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 211.870664] RBP: ffff8880181a7b98 R08: ffffed10023aa13e R09: ffffed10023aa13e [ 211.871205] R10: ffff888011d509ef R11: ffffed10023aa13d R12: ffff888011d50a90 [ 211.871735] R13: ffff888011d508a8 R14: ffffffffffffffff R15: ffff8880181a7c60 [ 211.872284] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.872891] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.873329] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 211.873868] PKRU: 55555554 [ 211.874078] Call Trace: [ 211.874268] [ 211.874447] iommufd_ioas_destroy+0x53/0x70 [ 211.874809] iommufd_fops_release+0x1f7/0x370 [ 211.875177] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.875569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.875946] ? write_comp_data+0x2f/0x90 [ 211.876270] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.876654] __fput+0x26d/0xa40 [ 211.876928] ____fput+0x1e/0x30 [ 211.877188] task_work_run+0x1a4/0x2d0 [ 211.877508] ? __pfx_task_work_run+0x10/0x10 [ 211.877851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.878235] ? switch_task_namespaces+0xa9/0xe0 [ 211.878635] do_exit+0xb17/0x2ef0 [ 211.878900] ? lock_acquire+0x427/0x4c0 [ 211.879223] ? __pfx_lock_release+0x10/0x10 [ 211.879552] ? __kasan_check_write+0x18/0x20 [ 211.879892] ? do_raw_spin_lock+0x132/0x2a0 [ 211.880232] ? __pfx_do_exit+0x10/0x10 [ 211.880538] ? debug_smp_processor_id+0x20/0x30 [ 211.880896] ? rcu_is_watching+0x19/0xb0 [ 211.881220] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.881577] ? trace_hardirqs_on+0x26/0x120 [ 211.881940] do_group_exit+0xe0/0x2b0 [ 211.882240] __x64_sys_exit_group+0x47/0x50 [ 211.882605] do_syscall_64+0x3b/0x90 [ 211.882907] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.883330] RIP: 0033:0x7f4b87518a4d [ 211.883618] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.884095] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.884683] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.885231] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.885776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.886330] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.886921] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.887509] [ 211.887696] irq event stamp: 0 [ 211.887953] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.888478] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.889261] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.889917] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.890434] ---[ end trace 0000000000000000 ]--- [ 211.894120] ------------[ cut here ]------------ [ 211.894662] WARNING: CPU: 1 PID: 2019 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.895466] Modules linked in: [ 211.895716] CPU: 1 PID: 2019 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.896463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.897375] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.897762] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.899360] RSP: 0018:ffff888011f4fbb8 EFLAGS: 00010246 [ 211.899781] RAX: 0000000000000000 RBX: ffff888016d8d8a8 RCX: 0000000000000000 [ 211.900445] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 211.901003] RBP: ffff888011f4fbd0 R08: ffffed1002db1b33 R09: ffffed1002db1b33 [ 211.901549] R10: ffff888016d8d993 R11: ffffed1002db1b32 R12: ffff888020d70000 [ 211.902174] R13: ffff888016d8d9e8 R14: ffffffff8352e670 R15: ffff888011f4fe68 [ 211.902798] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.903445] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.903912] CR2: 00007f4b877410e8 CR3: 0000000012ffa000 CR4: 0000000000750ee0 [ 211.904604] PKRU: 55555554 [ 211.904836] Call Trace: [ 211.905040] [ 211.905222] __iommufd_access_detach+0x1c2/0x2b0 [ 211.905614] iommufd_access_change_pt+0x149/0x270 [ 211.906025] iommufd_access_replace+0xb4/0x120 [ 211.906488] iommufd_test+0x3e5/0x37e0 [ 211.906829] ? lock_release+0x532/0x770 [ 211.907164] ? __might_fault+0x102/0x1b0 [ 211.907493] ? lock_acquire+0x427/0x4c0 [ 211.907825] ? __pfx_iommufd_test+0x10/0x10 [ 211.908194] ? __pfx_lock_release+0x10/0x10 [ 211.908660] ? __pfx_lock_acquire+0x10/0x10 [ 211.909020] ? write_comp_data+0x2f/0x90 [ 211.909371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.909775] ? write_comp_data+0x2f/0x90 [ 211.910192] iommufd_fops_ioctl+0x37d/0x510 [ 211.910623] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.911026] ? write_comp_data+0x2f/0x90 [ 211.911392] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 211.911785] __x64_sys_ioctl+0x1a3/0x230 [ 211.912122] do_syscall_64+0x3b/0x90 [ 211.912470] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.912975] RIP: 0033:0x7f4b8743ee5d [ 211.913279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 211.914890] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 211.915512] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 211.916091] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 211.916767] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 211.917342] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 211.917916] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 211.918600] [ 211.918862] irq event stamp: 0 [ 211.919130] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.919635] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.920302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.921104] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.921609] ---[ end trace 0000000000000000 ]--- [ 211.924708] ------------[ cut here ]------------ [ 211.925240] WARNING: CPU: 1 PID: 2019 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 211.926069] Modules linked in: [ 211.926326] CPU: 1 PID: 2019 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.927194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.928107] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 211.928511] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 211.930091] RSP: 0018:ffff888011f4fbd0 EFLAGS: 00010246 [ 211.930560] RAX: 0000000000000000 RBX: ffff888016d8d8a8 RCX: 0000000000000000 [ 211.931308] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 211.931914] RBP: ffff888011f4fbe8 R08: ffffed1002db1b33 R09: ffffed1002db1b33 [ 211.932514] R10: ffff888016d8d993 R11: ffffed1002db1b32 R12: ffff88801226fc00 [ 211.933248] R13: ffff888016d8d9e8 R14: ffff888015bb8700 R15: 0000000000000000 [ 211.933861] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.934570] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.935096] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 211.935824] PKRU: 55555554 [ 211.936068] Call Trace: [ 211.936286] [ 211.936479] iommufd_access_destroy_object+0x65/0x170 [ 211.936937] iommufd_object_destroy_user+0x18e/0x220 [ 211.937526] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 211.938048] iommufd_access_destroy+0x43/0x70 [ 211.938445] iommufd_test_staccess_release+0x8d/0xd0 [ 211.938930] __fput+0x26d/0xa40 [ 211.939263] ____fput+0x1e/0x30 [ 211.939610] task_work_run+0x1a4/0x2d0 [ 211.940017] ? __pfx_task_work_run+0x10/0x10 [ 211.940405] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.940835] ? switch_task_namespaces+0xa9/0xe0 [ 211.941254] do_exit+0xb17/0x2ef0 [ 211.941610] ? lock_acquire+0x427/0x4c0 [ 211.942043] ? __pfx_lock_release+0x10/0x10 [ 211.942449] ? __kasan_check_write+0x18/0x20 [ 211.942882] ? do_raw_spin_lock+0x132/0x2a0 [ 211.943295] ? __pfx_do_exit+0x10/0x10 [ 211.943658] ? debug_smp_processor_id+0x20/0x30 [ 211.944088] ? rcu_is_watching+0x19/0xb0 [ 211.944526] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.944935] ? trace_hardirqs_on+0x26/0x120 [ 211.945327] do_group_exit+0xe0/0x2b0 [ 211.945662] __x64_sys_exit_group+0x47/0x50 [ 211.946075] do_syscall_64+0x3b/0x90 [ 211.946491] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.946994] RIP: 0033:0x7f4b87518a4d [ 211.947324] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.947849] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.948638] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.949259] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.949885] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.950709] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.951381] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.952040] [ 211.952255] irq event stamp: 0 [ 211.952559] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.953301] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.954080] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.954889] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.955646] ---[ end trace 0000000000000000 ]--- [ 211.956497] ------------[ cut here ]------------ [ 211.956944] WARNING: CPU: 1 PID: 2019 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 211.958050] Modules linked in: [ 211.958348] CPU: 1 PID: 2019 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 211.959259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 211.960490] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 211.960978] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 211.962833] RSP: 0018:ffff888011f4fb78 EFLAGS: 00010246 [ 211.963359] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.964019] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 211.964774] RBP: ffff888011f4fb98 R08: ffffed1002db1b3e R09: ffffed1002db1b3e [ 211.965515] R10: ffff888016d8d9ef R11: ffffed1002db1b3d R12: ffff888016d8da90 [ 211.966190] R13: ffff888016d8d8a8 R14: ffffffffffffffff R15: ffff888011f4fc60 [ 211.967113] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 211.967893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.968429] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 211.969128] PKRU: 55555554 [ 211.969559] Call Trace: [ 211.969809] [ 211.970023] iommufd_ioas_destroy+0x53/0x70 [ 211.970450] iommufd_fops_release+0x1f7/0x370 [ 211.970931] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.971453] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.972028] ? write_comp_data+0x2f/0x90 [ 211.972540] ? __pfx_iommufd_fops_release+0x10/0x10 [ 211.973050] __fput+0x26d/0xa40 [ 211.973408] ____fput+0x1e/0x30 [ 211.973765] task_work_run+0x1a4/0x2d0 [ 211.974404] ? __pfx_task_work_run+0x10/0x10 [ 211.974913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 211.975442] ? switch_task_namespaces+0xa9/0xe0 [ 211.975949] do_exit+0xb17/0x2ef0 [ 211.976310] ? lock_acquire+0x427/0x4c0 [ 211.976793] ? __pfx_lock_release+0x10/0x10 [ 211.977423] ? __kasan_check_write+0x18/0x20 [ 211.977900] ? do_raw_spin_lock+0x132/0x2a0 [ 211.978363] ? __pfx_do_exit+0x10/0x10 [ 211.978827] ? debug_smp_processor_id+0x20/0x30 [ 211.979363] ? rcu_is_watching+0x19/0xb0 [ 211.979929] ? _raw_spin_unlock_irq+0x2b/0x60 [ 211.980493] ? trace_hardirqs_on+0x26/0x120 [ 211.980956] do_group_exit+0xe0/0x2b0 [ 211.981353] __x64_sys_exit_group+0x47/0x50 [ 211.981823] do_syscall_64+0x3b/0x90 [ 211.982349] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 211.983002] RIP: 0033:0x7f4b87518a4d [ 211.983409] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 211.984051] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 211.984899] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 211.985732] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 211.986449] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 211.987376] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 211.988215] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 211.988969] [ 211.989213] irq event stamp: 0 [ 211.989540] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 211.990388] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 211.991301] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 211.992193] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 211.993046] ---[ end trace 0000000000000000 ]--- [ 211.998573] ------------[ cut here ]------------ [ 211.999092] WARNING: CPU: 0 PID: 2020 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.000142] Modules linked in: [ 212.000602] CPU: 0 PID: 2020 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.001560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.002751] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.003291] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.005150] RSP: 0018:ffff8880181a7bb8 EFLAGS: 00010246 [ 212.005694] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 212.006413] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 212.007182] RBP: ffff8880181a7bd0 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 212.007917] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff88800f4d0400 [ 212.008637] R13: ffff888017a471e8 R14: ffffffff8352e670 R15: ffff8880181a7e68 [ 212.009358] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.010170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.010786] CR2: 0000000020000140 CR3: 0000000012ffa000 CR4: 0000000000750ef0 [ 212.011533] PKRU: 55555554 [ 212.011831] Call Trace: [ 212.012101] [ 212.012348] __iommufd_access_detach+0x1c2/0x2b0 [ 212.012858] iommufd_access_change_pt+0x149/0x270 [ 212.013366] iommufd_access_replace+0xb4/0x120 [ 212.013853] iommufd_test+0x3e5/0x37e0 [ 212.014265] ? lock_release+0x532/0x770 [ 212.014716] ? __might_fault+0x102/0x1b0 [ 212.015159] ? lock_acquire+0x427/0x4c0 [ 212.015581] ? __pfx_iommufd_test+0x10/0x10 [ 212.016033] ? __pfx_lock_release+0x10/0x10 [ 212.016485] ? __pfx_lock_acquire+0x10/0x10 [ 212.016950] ? write_comp_data+0x2f/0x90 [ 212.017380] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.017889] ? write_comp_data+0x2f/0x90 [ 212.018328] iommufd_fops_ioctl+0x37d/0x510 [ 212.018807] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.019333] ? write_comp_data+0x2f/0x90 [ 212.019765] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.020265] __x64_sys_ioctl+0x1a3/0x230 [ 212.020701] do_syscall_64+0x3b/0x90 [ 212.021092] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.021625] RIP: 0033:0x7f4b8743ee5d [ 212.022001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.023877] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.024663] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.025388] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.026107] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.026848] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.027589] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.028320] [ 212.028559] irq event stamp: 0 [ 212.028881] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.029520] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.030383] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.031275] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.031942] ---[ end trace 0000000000000000 ]--- [ 212.035476] ------------[ cut here ]------------ [ 212.036126] WARNING: CPU: 0 PID: 2020 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.037241] Modules linked in: [ 212.037571] CPU: 0 PID: 2020 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.038718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.039885] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.040402] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.042265] RSP: 0018:ffff8880181a7bd0 EFLAGS: 00010246 [ 212.042846] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 212.043596] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 212.044324] RBP: ffff8880181a7be8 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 212.045059] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff888010c0a800 [ 212.045789] R13: ffff888017a471e8 R14: ffff88800ca5a500 R15: 0000000000000000 [ 212.046542] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.047393] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.047992] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.048731] PKRU: 55555554 [ 212.049025] Call Trace: [ 212.049287] [ 212.049527] iommufd_access_destroy_object+0x65/0x170 [ 212.050068] iommufd_object_destroy_user+0x18e/0x220 [ 212.050633] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.051252] iommufd_access_destroy+0x43/0x70 [ 212.051724] iommufd_test_staccess_release+0x8d/0xd0 [ 212.052259] __fput+0x26d/0xa40 [ 212.052615] ____fput+0x1e/0x30 [ 212.052965] task_work_run+0x1a4/0x2d0 [ 212.053382] ? __pfx_task_work_run+0x10/0x10 [ 212.053836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.054340] ? switch_task_namespaces+0xa9/0xe0 [ 212.054863] do_exit+0xb17/0x2ef0 [ 212.055235] ? lock_acquire+0x427/0x4c0 [ 212.055661] ? __pfx_lock_release+0x10/0x10 [ 212.056118] ? __kasan_check_write+0x18/0x20 [ 212.056581] ? do_raw_spin_lock+0x132/0x2a0 [ 212.057034] ? __pfx_do_exit+0x10/0x10 [ 212.057443] ? debug_smp_processor_id+0x20/0x30 [ 212.057936] ? rcu_is_watching+0x19/0xb0 [ 212.058373] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.058879] ? trace_hardirqs_on+0x26/0x120 [ 212.059348] do_group_exit+0xe0/0x2b0 [ 212.059750] __x64_sys_exit_group+0x47/0x50 [ 212.060200] do_syscall_64+0x3b/0x90 [ 212.060602] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.061143] RIP: 0033:0x7f4b87518a4d [ 212.061524] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.062155] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.062965] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.063707] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.064443] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.065174] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.065895] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.066663] [ 212.066916] irq event stamp: 0 [ 212.067254] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.067897] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.068755] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.069607] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.070251] ---[ end trace 0000000000000000 ]--- [ 212.071270] ------------[ cut here ]------------ [ 212.072069] WARNING: CPU: 0 PID: 2020 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.073128] Modules linked in: [ 212.073465] CPU: 0 PID: 2020 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.074475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.075867] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.076422] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.078573] RSP: 0018:ffff8880181a7b78 EFLAGS: 00010246 [ 212.079148] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.079995] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 212.080843] RBP: ffff8880181a7b98 R08: ffffed1002f48e3e R09: ffffed1002f48e3e [ 212.081576] R10: ffff888017a471ef R11: ffffed1002f48e3d R12: ffff888017a47290 [ 212.082308] R13: ffff888017a470a8 R14: ffffffffffffffff R15: ffff8880181a7c60 [ 212.083068] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.083911] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.084508] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.085245] PKRU: 55555554 [ 212.085533] Call Trace: [ 212.085802] [ 212.086037] iommufd_ioas_destroy+0x53/0x70 [ 212.086493] iommufd_fops_release+0x1f7/0x370 [ 212.086998] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.087533] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.088043] ? write_comp_data+0x2f/0x90 [ 212.088490] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.089006] __fput+0x26d/0xa40 [ 212.089363] ____fput+0x1e/0x30 [ 212.089715] task_work_run+0x1a4/0x2d0 [ 212.090123] ? __pfx_task_work_run+0x10/0x10 [ 212.090612] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.091132] ? switch_task_namespaces+0xa9/0xe0 [ 212.091635] do_exit+0xb17/0x2ef0 [ 212.091997] ? lock_acquire+0x427/0x4c0 [ 212.092412] ? __pfx_lock_release+0x10/0x10 [ 212.092861] ? __kasan_check_write+0x18/0x20 [ 212.093320] ? do_raw_spin_lock+0x132/0x2a0 [ 212.093761] ? __pfx_do_exit+0x10/0x10 [ 212.094174] ? debug_smp_processor_id+0x20/0x30 [ 212.094686] ? rcu_is_watching+0x19/0xb0 [ 212.095114] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.095591] ? trace_hardirqs_on+0x26/0x120 [ 212.096044] do_group_exit+0xe0/0x2b0 [ 212.096440] __x64_sys_exit_group+0x47/0x50 [ 212.096887] do_syscall_64+0x3b/0x90 [ 212.097277] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.097813] RIP: 0033:0x7f4b87518a4d [ 212.098199] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.098860] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.099670] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.100397] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.101128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.101846] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.102593] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.103334] [ 212.103572] irq event stamp: 0 [ 212.103889] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.104531] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.105377] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.106217] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.106895] ---[ end trace 0000000000000000 ]--- [ 212.114615] ------------[ cut here ]------------ [ 212.115161] WARNING: CPU: 0 PID: 2021 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.116521] Modules linked in: [ 212.116863] CPU: 0 PID: 2021 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.117796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.119202] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.119730] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.121630] RSP: 0018:ffff888011f4fbb8 EFLAGS: 00010246 [ 212.122185] RAX: 0000000000000000 RBX: ffff88800b8108a8 RCX: 0000000000000000 [ 212.122954] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 212.123700] RBP: ffff888011f4fbd0 R08: ffffed1001702133 R09: ffffed1001702133 [ 212.124435] R10: ffff88800b810993 R11: ffffed1001702132 R12: ffff888012c05000 [ 212.125175] R13: ffff88800b8109e8 R14: ffffffff8352e670 R15: ffff888011f4fe68 [ 212.125913] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.126770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.127390] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ef0 [ 212.128136] PKRU: 55555554 [ 212.128428] Call Trace: [ 212.128695] [ 212.128934] __iommufd_access_detach+0x1c2/0x2b0 [ 212.129445] iommufd_access_change_pt+0x149/0x270 [ 212.129958] iommufd_access_replace+0xb4/0x120 [ 212.130445] iommufd_test+0x3e5/0x37e0 [ 212.130877] ? lock_release+0x532/0x770 [ 212.131322] ? __might_fault+0x102/0x1b0 [ 212.131768] ? lock_acquire+0x427/0x4c0 [ 212.132198] ? __pfx_iommufd_test+0x10/0x10 [ 212.132644] ? __pfx_lock_release+0x10/0x10 [ 212.133106] ? __pfx_lock_acquire+0x10/0x10 [ 212.133565] ? write_comp_data+0x2f/0x90 [ 212.134000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.134535] ? write_comp_data+0x2f/0x90 [ 212.134969] iommufd_fops_ioctl+0x37d/0x510 [ 212.135435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.135933] ? write_comp_data+0x2f/0x90 [ 212.136362] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.136871] __x64_sys_ioctl+0x1a3/0x230 [ 212.137297] do_syscall_64+0x3b/0x90 [ 212.137694] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.138223] RIP: 0033:0x7f4b8743ee5d [ 212.138629] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.140482] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.141268] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.141997] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.142744] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.143502] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.144230] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.144959] [ 212.145204] irq event stamp: 0 [ 212.145532] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.146186] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.147061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.147932] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.148573] ---[ end trace 0000000000000000 ]--- [ 212.152110] ------------[ cut here ]------------ [ 212.152778] WARNING: CPU: 0 PID: 2021 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.153811] Modules linked in: [ 212.154200] CPU: 0 PID: 2021 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.155337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.156483] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.157136] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.159195] RSP: 0018:ffff888011f4fbd0 EFLAGS: 00010246 [ 212.160020] RAX: 0000000000000000 RBX: ffff88800b8108a8 RCX: 0000000000000000 [ 212.160759] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 212.161495] RBP: ffff888011f4fbe8 R08: ffffed1001702133 R09: ffffed1001702133 [ 212.162489] R10: ffff88800b810993 R11: ffffed1001702132 R12: ffff88800f4d0000 [ 212.163282] R13: ffff88800b8109e8 R14: ffff888010928000 R15: 0000000000000000 [ 212.164025] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.165153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.165763] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.166554] PKRU: 55555554 [ 212.166859] Call Trace: [ 212.167167] [ 212.167495] iommufd_access_destroy_object+0x65/0x170 [ 212.168209] iommufd_object_destroy_user+0x18e/0x220 [ 212.168762] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.169396] iommufd_access_destroy+0x43/0x70 [ 212.170335] iommufd_test_staccess_release+0x8d/0xd0 [ 212.170932] __fput+0x26d/0xa40 [ 212.171322] ____fput+0x1e/0x30 [ 212.171681] task_work_run+0x1a4/0x2d0 [ 212.172100] ? __pfx_task_work_run+0x10/0x10 [ 212.172876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.173406] ? switch_task_namespaces+0xa9/0xe0 [ 212.173927] do_exit+0xb17/0x2ef0 [ 212.174309] ? lock_acquire+0x427/0x4c0 [ 212.174825] ? __pfx_lock_release+0x10/0x10 [ 212.175507] ? __kasan_check_write+0x18/0x20 [ 212.175988] ? do_raw_spin_lock+0x132/0x2a0 [ 212.176450] ? __pfx_do_exit+0x10/0x10 [ 212.176884] ? debug_smp_processor_id+0x20/0x30 [ 212.177441] ? rcu_is_watching+0x19/0xb0 [ 212.178096] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.178628] ? trace_hardirqs_on+0x26/0x120 [ 212.179108] do_group_exit+0xe0/0x2b0 [ 212.179541] __x64_sys_exit_group+0x47/0x50 [ 212.180009] do_syscall_64+0x3b/0x90 [ 212.180695] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.181260] RIP: 0033:0x7f4b87518a4d [ 212.181655] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.182310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.183441] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.184202] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.184974] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.186042] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.186838] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.187632] [ 212.187908] irq event stamp: 0 [ 212.188491] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.189159] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.190045] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.191245] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.191912] ---[ end trace 0000000000000000 ]--- [ 212.192808] ------------[ cut here ]------------ [ 212.193601] WARNING: CPU: 0 PID: 2021 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.194708] Modules linked in: [ 212.195054] CPU: 0 PID: 2021 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.196296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.197495] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.198173] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.200321] RSP: 0018:ffff888011f4fb78 EFLAGS: 00010246 [ 212.201026] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.201937] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 212.202714] RBP: ffff888011f4fb98 R08: ffffed100170213e R09: ffffed100170213e [ 212.203748] R10: ffff88800b8109ef R11: ffffed100170213d R12: ffff88800b810a90 [ 212.204500] R13: ffff88800b8108a8 R14: ffffffffffffffff R15: ffff888011f4fc60 [ 212.205246] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.206392] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.207047] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.207818] PKRU: 55555554 [ 212.208123] Call Trace: [ 212.208534] [ 212.208948] iommufd_ioas_destroy+0x53/0x70 [ 212.209419] iommufd_fops_release+0x1f7/0x370 [ 212.209907] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.210440] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.211262] ? write_comp_data+0x2f/0x90 [ 212.211734] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.212286] __fput+0x26d/0xa40 [ 212.212658] ____fput+0x1e/0x30 [ 212.213024] task_work_run+0x1a4/0x2d0 [ 212.213582] ? __pfx_task_work_run+0x10/0x10 [ 212.214229] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.214792] ? switch_task_namespaces+0xa9/0xe0 [ 212.215328] do_exit+0xb17/0x2ef0 [ 212.215703] ? lock_acquire+0x427/0x4c0 [ 212.216220] ? __pfx_lock_release+0x10/0x10 [ 212.216876] ? __kasan_check_write+0x18/0x20 [ 212.217363] ? do_raw_spin_lock+0x132/0x2a0 [ 212.217832] ? __pfx_do_exit+0x10/0x10 [ 212.218259] ? debug_smp_processor_id+0x20/0x30 [ 212.219089] ? rcu_is_watching+0x19/0xb0 [ 212.219555] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.220049] ? trace_hardirqs_on+0x26/0x120 [ 212.220522] do_group_exit+0xe0/0x2b0 [ 212.220933] __x64_sys_exit_group+0x47/0x50 [ 212.221532] do_syscall_64+0x3b/0x90 [ 212.222110] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.222704] RIP: 0033:0x7f4b87518a4d [ 212.223121] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.223803] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.224946] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.225717] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.226577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.227525] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.228277] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.229052] [ 212.229447] irq event stamp: 0 [ 212.229929] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.230629] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.231549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.232756] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.233441] ---[ end trace 0000000000000000 ]--- [ 212.238464] ------------[ cut here ]------------ [ 212.239276] WARNING: CPU: 0 PID: 2022 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.240361] Modules linked in: [ 212.240707] CPU: 0 PID: 2022 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.241648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.242893] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.243458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.245398] RSP: 0018:ffff8880181a7bb8 EFLAGS: 00010246 [ 212.245963] RAX: 0000000000000000 RBX: ffff8880218c60a8 RCX: 0000000000000000 [ 212.246730] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 212.247510] RBP: ffff8880181a7bd0 R08: ffffed1004318c33 R09: ffffed1004318c33 [ 212.248274] R10: ffff8880218c6193 R11: ffffed1004318c32 R12: ffff888012e96400 [ 212.249040] R13: ffff8880218c61e8 R14: ffffffff8352e670 R15: ffff8880181a7e68 [ 212.249800] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.250673] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.251296] CR2: 0000000020000140 CR3: 0000000020d3c000 CR4: 0000000000750ef0 [ 212.252044] PKRU: 55555554 [ 212.252342] Call Trace: [ 212.252616] [ 212.252859] __iommufd_access_detach+0x1c2/0x2b0 [ 212.253378] iommufd_access_change_pt+0x149/0x270 [ 212.253894] iommufd_access_replace+0xb4/0x120 [ 212.254391] iommufd_test+0x3e5/0x37e0 [ 212.254833] ? lock_release+0x532/0x770 [ 212.255284] ? __might_fault+0x102/0x1b0 [ 212.255728] ? lock_acquire+0x427/0x4c0 [ 212.256164] ? __pfx_iommufd_test+0x10/0x10 [ 212.256621] ? __pfx_lock_release+0x10/0x10 [ 212.257090] ? __pfx_lock_acquire+0x10/0x10 [ 212.257555] ? write_comp_data+0x2f/0x90 [ 212.257998] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.258535] ? write_comp_data+0x2f/0x90 [ 212.258981] iommufd_fops_ioctl+0x37d/0x510 [ 212.259475] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.259991] ? write_comp_data+0x2f/0x90 [ 212.260435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.260946] __x64_sys_ioctl+0x1a3/0x230 [ 212.261387] do_syscall_64+0x3b/0x90 [ 212.261800] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.262357] RIP: 0033:0x7f4b8743ee5d [ 212.262766] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.264685] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.265491] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.266218] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.266972] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.267729] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.268460] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.269220] [ 212.269471] irq event stamp: 0 [ 212.269796] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.270446] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.271350] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.272206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.272865] ---[ end trace 0000000000000000 ]--- [ 212.276755] ------------[ cut here ]------------ [ 212.277585] WARNING: CPU: 0 PID: 2022 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.278664] Modules linked in: [ 212.278996] CPU: 0 PID: 2022 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.280195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.281371] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.281905] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.284111] RSP: 0018:ffff8880181a7bd0 EFLAGS: 00010246 [ 212.284706] RAX: 0000000000000000 RBX: ffff8880218c60a8 RCX: 0000000000000000 [ 212.285651] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 212.286375] RBP: ffff8880181a7be8 R08: ffffed1004318c33 R09: ffffed1004318c33 [ 212.287276] R10: ffff8880218c6193 R11: ffffed1004318c32 R12: ffff888012c04400 [ 212.288160] R13: ffff8880218c61e8 R14: ffff888013a7d400 R15: 0000000000000000 [ 212.288914] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.290048] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.290682] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.291450] PKRU: 55555554 [ 212.291743] Call Trace: [ 212.292012] [ 212.292303] iommufd_access_destroy_object+0x65/0x170 [ 212.293080] iommufd_object_destroy_user+0x18e/0x220 [ 212.293615] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.294223] iommufd_access_destroy+0x43/0x70 [ 212.295006] iommufd_test_staccess_release+0x8d/0xd0 [ 212.295560] __fput+0x26d/0xa40 [ 212.295922] ____fput+0x1e/0x30 [ 212.296282] task_work_run+0x1a4/0x2d0 [ 212.296706] ? __pfx_task_work_run+0x10/0x10 [ 212.297183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.297697] ? switch_task_namespaces+0xa9/0xe0 [ 212.298192] do_exit+0xb17/0x2ef0 [ 212.298587] ? lock_acquire+0x427/0x4c0 [ 212.299020] ? __pfx_lock_release+0x10/0x10 [ 212.299497] ? __kasan_check_write+0x18/0x20 [ 212.299953] ? do_raw_spin_lock+0x132/0x2a0 [ 212.300395] ? __pfx_do_exit+0x10/0x10 [ 212.300813] ? debug_smp_processor_id+0x20/0x30 [ 212.301310] ? rcu_is_watching+0x19/0xb0 [ 212.301733] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.302223] ? trace_hardirqs_on+0x26/0x120 [ 212.302707] do_group_exit+0xe0/0x2b0 [ 212.303124] __x64_sys_exit_group+0x47/0x50 [ 212.303576] do_syscall_64+0x3b/0x90 [ 212.303971] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.304514] RIP: 0033:0x7f4b87518a4d [ 212.304911] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.305555] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.306316] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.307063] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.307792] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.308507] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.309221] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.309947] [ 212.310185] irq event stamp: 0 [ 212.310531] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.311187] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.312032] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.312868] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.313505] ---[ end trace 0000000000000000 ]--- [ 212.314436] ------------[ cut here ]------------ [ 212.315144] WARNING: CPU: 0 PID: 2022 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.316189] Modules linked in: [ 212.316516] CPU: 0 PID: 2022 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.317855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.319060] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.319617] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.321775] RSP: 0018:ffff8880181a7b78 EFLAGS: 00010246 [ 212.322586] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.323341] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 212.324063] RBP: ffff8880181a7b98 R08: ffffed1004318c3e R09: ffffed1004318c3e [ 212.325040] R10: ffff8880218c61ef R11: ffffed1004318c3d R12: ffff8880218c6290 [ 212.325739] R13: ffff8880218c60a8 R14: ffffffffffffffff R15: ffff8880181a7c60 [ 212.326423] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.327418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.327974] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.328652] PKRU: 55555554 [ 212.328922] Call Trace: [ 212.329185] [ 212.329471] iommufd_ioas_destroy+0x53/0x70 [ 212.329984] iommufd_fops_release+0x1f7/0x370 [ 212.330418] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.330919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.331404] ? write_comp_data+0x2f/0x90 [ 212.331907] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.332489] __fput+0x26d/0xa40 [ 212.332819] ____fput+0x1e/0x30 [ 212.333149] task_work_run+0x1a4/0x2d0 [ 212.333527] ? __pfx_task_work_run+0x10/0x10 [ 212.334053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.334658] ? switch_task_namespaces+0xa9/0xe0 [ 212.335127] do_exit+0xb17/0x2ef0 [ 212.335465] ? lock_acquire+0x427/0x4c0 [ 212.335856] ? __pfx_lock_release+0x10/0x10 [ 212.336276] ? __kasan_check_write+0x18/0x20 [ 212.336899] ? do_raw_spin_lock+0x132/0x2a0 [ 212.337320] ? __pfx_do_exit+0x10/0x10 [ 212.337703] ? debug_smp_processor_id+0x20/0x30 [ 212.338154] ? rcu_is_watching+0x19/0xb0 [ 212.338570] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.339009] ? trace_hardirqs_on+0x26/0x120 [ 212.339439] do_group_exit+0xe0/0x2b0 [ 212.339806] __x64_sys_exit_group+0x47/0x50 [ 212.340221] do_syscall_64+0x3b/0x90 [ 212.340583] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.341077] RIP: 0033:0x7f4b87518a4d [ 212.341432] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.342007] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.342743] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.343435] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.344103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.344776] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.345443] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.346137] [ 212.346361] irq event stamp: 0 [ 212.346682] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.347303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.348089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.348869] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.349456] ---[ end trace 0000000000000000 ]--- [ 212.354446] ------------[ cut here ]------------ [ 212.355184] WARNING: CPU: 0 PID: 2023 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.356125] Modules linked in: [ 212.356425] CPU: 0 PID: 2023 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.357232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.358270] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.358781] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.360415] RSP: 0018:ffff88800fb5fbb8 EFLAGS: 00010246 [ 212.360880] RAX: 0000000000000000 RBX: ffff8880165538a8 RCX: 0000000000000000 [ 212.361506] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 212.362125] RBP: ffff88800fb5fbd0 R08: ffffed1002caa733 R09: ffffed1002caa733 [ 212.362767] R10: ffff888016553993 R11: ffffed1002caa732 R12: ffff888010e03c00 [ 212.363402] R13: ffff8880165539e8 R14: ffffffff8352e670 R15: ffff88800fb5fe68 [ 212.364030] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.364735] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.365243] CR2: 0000000020000140 CR3: 0000000014268000 CR4: 0000000000750ef0 [ 212.365867] PKRU: 55555554 [ 212.366115] Call Trace: [ 212.366343] [ 212.366567] __iommufd_access_detach+0x1c2/0x2b0 [ 212.367005] iommufd_access_change_pt+0x149/0x270 [ 212.367445] iommufd_access_replace+0xb4/0x120 [ 212.367861] iommufd_test+0x3e5/0x37e0 [ 212.368208] ? lock_release+0x532/0x770 [ 212.368577] ? __might_fault+0x102/0x1b0 [ 212.368945] ? lock_acquire+0x427/0x4c0 [ 212.369310] ? __pfx_iommufd_test+0x10/0x10 [ 212.369690] ? __pfx_lock_release+0x10/0x10 [ 212.370082] ? __pfx_lock_acquire+0x10/0x10 [ 212.370480] ? write_comp_data+0x2f/0x90 [ 212.370881] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.371324] ? write_comp_data+0x2f/0x90 [ 212.371693] iommufd_fops_ioctl+0x37d/0x510 [ 212.372078] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.372511] ? write_comp_data+0x2f/0x90 [ 212.372884] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.373314] __x64_sys_ioctl+0x1a3/0x230 [ 212.373684] do_syscall_64+0x3b/0x90 [ 212.374020] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.374479] RIP: 0033:0x7f4b8743ee5d [ 212.374842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.376446] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.377118] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.377741] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.378363] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.379004] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.379635] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.380265] [ 212.380470] irq event stamp: 0 [ 212.380746] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.381297] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.382028] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.382781] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.383353] ---[ end trace 0000000000000000 ]--- [ 212.386259] ------------[ cut here ]------------ [ 212.386718] WARNING: CPU: 0 PID: 2023 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.387572] Modules linked in: [ 212.387842] CPU: 0 PID: 2023 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.388559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.389481] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.389892] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.391413] RSP: 0018:ffff88800fb5fbd0 EFLAGS: 00010246 [ 212.391858] RAX: 0000000000000000 RBX: ffff8880165538a8 RCX: 0000000000000000 [ 212.392450] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 212.393037] RBP: ffff88800fb5fbe8 R08: ffffed1002caa733 R09: ffffed1002caa733 [ 212.393625] R10: ffff888016553993 R11: ffffed1002caa732 R12: ffff888012e94400 [ 212.394211] R13: ffff8880165539e8 R14: ffff888013d36200 R15: 0000000000000000 [ 212.394814] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.395490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.395969] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.396564] PKRU: 55555554 [ 212.396800] Call Trace: [ 212.397015] [ 212.397205] iommufd_access_destroy_object+0x65/0x170 [ 212.397640] iommufd_object_destroy_user+0x18e/0x220 [ 212.398069] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.398576] iommufd_access_destroy+0x43/0x70 [ 212.398966] iommufd_test_staccess_release+0x8d/0xd0 [ 212.399412] __fput+0x26d/0xa40 [ 212.399710] ____fput+0x1e/0x30 [ 212.400096] task_work_run+0x1a4/0x2d0 [ 212.400783] ? __pfx_task_work_run+0x10/0x10 [ 212.401162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.401570] ? switch_task_namespaces+0xa9/0xe0 [ 212.401965] do_exit+0xb17/0x2ef0 [ 212.402409] ? lock_acquire+0x427/0x4c0 [ 212.402779] ? __pfx_lock_release+0x10/0x10 [ 212.403159] ? __kasan_check_write+0x18/0x20 [ 212.403529] ? do_raw_spin_lock+0x132/0x2a0 [ 212.403888] ? __pfx_do_exit+0x10/0x10 [ 212.404220] ? debug_smp_processor_id+0x20/0x30 [ 212.404779] ? rcu_is_watching+0x19/0xb0 [ 212.405122] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.405505] ? trace_hardirqs_on+0x26/0x120 [ 212.405871] do_group_exit+0xe0/0x2b0 [ 212.406226] __x64_sys_exit_group+0x47/0x50 [ 212.406712] do_syscall_64+0x3b/0x90 [ 212.407032] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.407481] RIP: 0033:0x7f4b87518a4d [ 212.407795] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.408310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.409090] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.409678] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.410343] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.411049] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.411653] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.412255] [ 212.412597] irq event stamp: 0 [ 212.412860] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.413385] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.414079] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.414932] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.415465] ---[ end trace 0000000000000000 ]--- [ 212.416208] ------------[ cut here ]------------ [ 212.416770] WARNING: CPU: 0 PID: 2023 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.417612] Modules linked in: [ 212.417880] CPU: 0 PID: 2023 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.418783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.419720] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.420149] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.421648] RSP: 0018:ffff88800fb5fb78 EFLAGS: 00010246 [ 212.422087] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.422694] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 212.423291] RBP: ffff88800fb5fb98 R08: ffffed1002caa73e R09: ffffed1002caa73e [ 212.423885] R10: ffff8880165539ef R11: ffffed1002caa73d R12: ffff888016553a90 [ 212.424472] R13: ffff8880165538a8 R14: ffffffffffffffff R15: ffff88800fb5fc60 [ 212.425059] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.425719] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.426193] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.426803] PKRU: 55555554 [ 212.427044] Call Trace: [ 212.427265] [ 212.427455] iommufd_ioas_destroy+0x53/0x70 [ 212.427818] iommufd_fops_release+0x1f7/0x370 [ 212.428195] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.428614] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.429028] ? write_comp_data+0x2f/0x90 [ 212.429375] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.429792] __fput+0x26d/0xa40 [ 212.430084] ____fput+0x1e/0x30 [ 212.430365] task_work_run+0x1a4/0x2d0 [ 212.430716] ? __pfx_task_work_run+0x10/0x10 [ 212.431088] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.431508] ? switch_task_namespaces+0xa9/0xe0 [ 212.431906] do_exit+0xb17/0x2ef0 [ 212.432196] ? lock_acquire+0x427/0x4c0 [ 212.432538] ? __pfx_lock_release+0x10/0x10 [ 212.432901] ? __kasan_check_write+0x18/0x20 [ 212.433271] ? do_raw_spin_lock+0x132/0x2a0 [ 212.433636] ? __pfx_do_exit+0x10/0x10 [ 212.433968] ? debug_smp_processor_id+0x20/0x30 [ 212.434361] ? rcu_is_watching+0x19/0xb0 [ 212.434721] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.435105] ? trace_hardirqs_on+0x26/0x120 [ 212.435479] do_group_exit+0xe0/0x2b0 [ 212.435796] __x64_sys_exit_group+0x47/0x50 [ 212.436151] do_syscall_64+0x3b/0x90 [ 212.436468] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.436900] RIP: 0033:0x7f4b87518a4d [ 212.437208] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.437714] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.438340] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.438947] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.439547] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.440132] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.440719] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.441310] [ 212.441506] irq event stamp: 0 [ 212.441767] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.442290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.442996] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.443699] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.444222] ---[ end trace 0000000000000000 ]--- [ 212.448392] ------------[ cut here ]------------ [ 212.449099] WARNING: CPU: 1 PID: 2024 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.449925] Modules linked in: [ 212.450184] CPU: 1 PID: 2024 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.451084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.452009] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.452436] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.454008] RSP: 0018:ffff888018347bb8 EFLAGS: 00010246 [ 212.454561] RAX: 0000000000000000 RBX: ffff88802448a8a8 RCX: 0000000000000000 [ 212.455138] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 212.455706] RBP: ffff888018347bd0 R08: ffffed1004891533 R09: ffffed1004891533 [ 212.456368] R10: ffff88802448a993 R11: ffffed1004891532 R12: ffff888012e91000 [ 212.456986] R13: ffff88802448a9e8 R14: ffffffff8352e670 R15: ffff888018347e68 [ 212.457562] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 212.458313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.458809] CR2: 00007f4b877410e8 CR3: 0000000020d7e000 CR4: 0000000000750ee0 [ 212.459403] PKRU: 55555554 [ 212.459641] Call Trace: [ 212.459855] [ 212.460043] __iommufd_access_detach+0x1c2/0x2b0 [ 212.460568] iommufd_access_change_pt+0x149/0x270 [ 212.460964] iommufd_access_replace+0xb4/0x120 [ 212.461339] iommufd_test+0x3e5/0x37e0 [ 212.461656] ? lock_release+0x532/0x770 [ 212.462066] ? __might_fault+0x102/0x1b0 [ 212.462458] ? lock_acquire+0x427/0x4c0 [ 212.462809] ? __pfx_iommufd_test+0x10/0x10 [ 212.463182] ? __pfx_lock_release+0x10/0x10 [ 212.463550] ? __pfx_lock_acquire+0x10/0x10 [ 212.463916] ? write_comp_data+0x2f/0x90 [ 212.464259] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.464664] ? write_comp_data+0x2f/0x90 [ 212.465000] iommufd_fops_ioctl+0x37d/0x510 [ 212.465352] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.465749] ? write_comp_data+0x2f/0x90 [ 212.466086] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.466475] __x64_sys_ioctl+0x1a3/0x230 [ 212.466837] do_syscall_64+0x3b/0x90 [ 212.467161] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.467589] RIP: 0033:0x7f4b8743ee5d [ 212.467891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.469352] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.469971] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.470566] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.471154] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.471718] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.472279] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.472866] [ 212.473058] irq event stamp: 0 [ 212.473315] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.473825] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.474501] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.475215] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.475716] ---[ end trace 0000000000000000 ]--- [ 212.478965] ------------[ cut here ]------------ [ 212.479378] WARNING: CPU: 0 PID: 2024 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.480232] Modules linked in: [ 212.480502] CPU: 0 PID: 2024 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.481240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.482164] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.482782] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.484292] RSP: 0018:ffff888018347bd0 EFLAGS: 00010246 [ 212.484735] RAX: 0000000000000000 RBX: ffff88802448a8a8 RCX: 0000000000000000 [ 212.485310] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 212.485882] RBP: ffff888018347be8 R08: ffffed1004891533 R09: ffffed1004891533 [ 212.486458] R10: ffff88802448a993 R11: ffffed1004891532 R12: ffff888020d70800 [ 212.487056] R13: ffff88802448a9e8 R14: ffff88802097bd00 R15: 0000000000000000 [ 212.487648] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.488304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.488777] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 212.489359] PKRU: 55555554 [ 212.489592] Call Trace: [ 212.489801] [ 212.489986] iommufd_access_destroy_object+0x65/0x170 [ 212.490411] iommufd_object_destroy_user+0x18e/0x220 [ 212.490852] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.491342] iommufd_access_destroy+0x43/0x70 [ 212.491717] iommufd_test_staccess_release+0x8d/0xd0 [ 212.492140] __fput+0x26d/0xa40 [ 212.492424] ____fput+0x1e/0x30 [ 212.492704] task_work_run+0x1a4/0x2d0 [ 212.493032] ? __pfx_task_work_run+0x10/0x10 [ 212.493402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.493809] ? switch_task_namespaces+0xa9/0xe0 [ 212.494223] do_exit+0xb17/0x2ef0 [ 212.494539] ? lock_acquire+0x427/0x4c0 [ 212.494879] ? __pfx_lock_release+0x10/0x10 [ 212.495259] ? __kasan_check_write+0x18/0x20 [ 212.495626] ? do_raw_spin_lock+0x132/0x2a0 [ 212.495985] ? __pfx_do_exit+0x10/0x10 [ 212.496317] ? debug_smp_processor_id+0x20/0x30 [ 212.496703] ? rcu_is_watching+0x19/0xb0 [ 212.497037] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.497416] ? trace_hardirqs_on+0x26/0x120 [ 212.497774] do_group_exit+0xe0/0x2b0 [ 212.498089] __x64_sys_exit_group+0x47/0x50 [ 212.498442] do_syscall_64+0x3b/0x90 [ 212.498784] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.499232] RIP: 0033:0x7f4b87518a4d [ 212.499539] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.500041] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.500661] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.501237] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.501813] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.502387] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.502980] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.503577] [ 212.503769] irq event stamp: 0 [ 212.504031] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.504551] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.505250] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.505927] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.506441] ---[ end trace 0000000000000000 ]--- [ 212.507190] ------------[ cut here ]------------ [ 212.507588] WARNING: CPU: 0 PID: 2024 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.508429] Modules linked in: [ 212.508697] CPU: 0 PID: 2024 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.509410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.510327] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.510776] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.512267] RSP: 0018:ffff888018347b78 EFLAGS: 00010246 [ 212.512702] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.513278] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 212.513859] RBP: ffff888018347b98 R08: ffffed100489153e R09: ffffed100489153e [ 212.514441] R10: ffff88802448a9ef R11: ffffed100489153d R12: ffff88802448aa90 [ 212.515093] R13: ffff88802448a8a8 R14: ffffffffffffffff R15: ffff888018347c60 [ 212.515686] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.516337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.516816] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 212.517397] PKRU: 55555554 [ 212.517629] Call Trace: [ 212.517840] [ 212.518025] iommufd_ioas_destroy+0x53/0x70 [ 212.518389] iommufd_fops_release+0x1f7/0x370 [ 212.518782] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.519208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.519619] ? write_comp_data+0x2f/0x90 [ 212.519964] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.520389] __fput+0x26d/0xa40 [ 212.520672] ____fput+0x1e/0x30 [ 212.520944] task_work_run+0x1a4/0x2d0 [ 212.521266] ? __pfx_task_work_run+0x10/0x10 [ 212.521625] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.522019] ? switch_task_namespaces+0xa9/0xe0 [ 212.522403] do_exit+0xb17/0x2ef0 [ 212.522699] ? lock_acquire+0x427/0x4c0 [ 212.523033] ? __pfx_lock_release+0x10/0x10 [ 212.523393] ? __kasan_check_write+0x18/0x20 [ 212.523749] ? do_raw_spin_lock+0x132/0x2a0 [ 212.524097] ? __pfx_do_exit+0x10/0x10 [ 212.524419] ? debug_smp_processor_id+0x20/0x30 [ 212.524796] ? rcu_is_watching+0x19/0xb0 [ 212.525120] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.525484] ? trace_hardirqs_on+0x26/0x120 [ 212.525836] do_group_exit+0xe0/0x2b0 [ 212.526142] __x64_sys_exit_group+0x47/0x50 [ 212.526485] do_syscall_64+0x3b/0x90 [ 212.526809] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.527243] RIP: 0033:0x7f4b87518a4d [ 212.527542] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.528029] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.528627] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.529188] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.529747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.530311] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.530887] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.531462] [ 212.531649] irq event stamp: 0 [ 212.531901] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.532401] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.533062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.533718] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.534214] ---[ end trace 0000000000000000 ]--- [ 212.538381] ------------[ cut here ]------------ [ 212.538871] WARNING: CPU: 0 PID: 2025 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.539682] Modules linked in: [ 212.539936] CPU: 0 PID: 2025 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.540617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.541495] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.541885] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.543340] RSP: 0018:ffff88800fb5fbb8 EFLAGS: 00010246 [ 212.543761] RAX: 0000000000000000 RBX: ffff888011e518a8 RCX: 0000000000000000 [ 212.544317] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 212.544873] RBP: ffff88800fb5fbd0 R08: ffffed10023ca333 R09: ffffed10023ca333 [ 212.545426] R10: ffff888011e51993 R11: ffffed10023ca332 R12: ffff88800f072c00 [ 212.545981] R13: ffff888011e519e8 R14: ffffffff8352e670 R15: ffff88800fb5fe68 [ 212.546555] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.547197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.547651] CR2: 0000000020000140 CR3: 0000000020d7e000 CR4: 0000000000750ef0 [ 212.548212] PKRU: 55555554 [ 212.548441] Call Trace: [ 212.548645] [ 212.548825] __iommufd_access_detach+0x1c2/0x2b0 [ 212.549216] iommufd_access_change_pt+0x149/0x270 [ 212.549609] iommufd_access_replace+0xb4/0x120 [ 212.549982] iommufd_test+0x3e5/0x37e0 [ 212.550291] ? lock_release+0x532/0x770 [ 212.550633] ? __might_fault+0x102/0x1b0 [ 212.550965] ? lock_acquire+0x427/0x4c0 [ 212.551297] ? __pfx_iommufd_test+0x10/0x10 [ 212.551642] ? __pfx_lock_release+0x10/0x10 [ 212.551989] ? __pfx_lock_acquire+0x10/0x10 [ 212.552338] ? write_comp_data+0x2f/0x90 [ 212.552667] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.553055] ? write_comp_data+0x2f/0x90 [ 212.553385] iommufd_fops_ioctl+0x37d/0x510 [ 212.553730] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.554116] ? write_comp_data+0x2f/0x90 [ 212.554451] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.554851] __x64_sys_ioctl+0x1a3/0x230 [ 212.555191] do_syscall_64+0x3b/0x90 [ 212.555496] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.555910] RIP: 0033:0x7f4b8743ee5d [ 212.556202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.557623] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.558216] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.558786] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.559358] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.559917] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.560485] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.561052] [ 212.561235] irq event stamp: 0 [ 212.561485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.561980] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.562651] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.563316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.563809] ---[ end trace 0000000000000000 ]--- [ 212.566560] ------------[ cut here ]------------ [ 212.566960] WARNING: CPU: 0 PID: 2025 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.567757] Modules linked in: [ 212.568010] CPU: 0 PID: 2025 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.568690] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.569563] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.569950] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.571387] RSP: 0018:ffff88800fb5fbd0 EFLAGS: 00010246 [ 212.571808] RAX: 0000000000000000 RBX: ffff888011e518a8 RCX: 0000000000000000 [ 212.572364] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 212.572916] RBP: ffff88800fb5fbe8 R08: ffffed10023ca333 R09: ffffed10023ca333 [ 212.573473] R10: ffff888011e51993 R11: ffffed10023ca332 R12: ffff888010e02800 [ 212.574027] R13: ffff888011e519e8 R14: ffff888012f91a00 R15: 0000000000000000 [ 212.574595] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.575226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.575678] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.576235] PKRU: 55555554 [ 212.576457] Call Trace: [ 212.576657] [ 212.576835] iommufd_access_destroy_object+0x65/0x170 [ 212.577243] iommufd_object_destroy_user+0x18e/0x220 [ 212.577646] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.578106] iommufd_access_destroy+0x43/0x70 [ 212.578467] iommufd_test_staccess_release+0x8d/0xd0 [ 212.578884] __fput+0x26d/0xa40 [ 212.579167] ____fput+0x1e/0x30 [ 212.579435] task_work_run+0x1a4/0x2d0 [ 212.579750] ? __pfx_task_work_run+0x10/0x10 [ 212.580101] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.580489] ? switch_task_namespaces+0xa9/0xe0 [ 212.580866] do_exit+0xb17/0x2ef0 [ 212.581143] ? lock_acquire+0x427/0x4c0 [ 212.581468] ? __pfx_lock_release+0x10/0x10 [ 212.581817] ? __kasan_check_write+0x18/0x20 [ 212.582176] ? do_raw_spin_lock+0x132/0x2a0 [ 212.582540] ? __pfx_do_exit+0x10/0x10 [ 212.582857] ? debug_smp_processor_id+0x20/0x30 [ 212.583232] ? rcu_is_watching+0x19/0xb0 [ 212.583557] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.583922] ? trace_hardirqs_on+0x26/0x120 [ 212.584267] do_group_exit+0xe0/0x2b0 [ 212.584568] __x64_sys_exit_group+0x47/0x50 [ 212.584907] do_syscall_64+0x3b/0x90 [ 212.585209] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.585620] RIP: 0033:0x7f4b87518a4d [ 212.585914] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.586395] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.587014] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.587587] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.588147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.588706] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.589255] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.589807] [ 212.589991] irq event stamp: 0 [ 212.590236] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.590735] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.591383] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.592019] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.592498] ---[ end trace 0000000000000000 ]--- [ 212.593182] ------------[ cut here ]------------ [ 212.593545] WARNING: CPU: 0 PID: 2025 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.594317] Modules linked in: [ 212.594576] CPU: 0 PID: 2025 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.595247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.596102] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.596495] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.597896] RSP: 0018:ffff88800fb5fb78 EFLAGS: 00010246 [ 212.598302] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.598863] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 212.599420] RBP: ffff88800fb5fb98 R08: ffffed10023ca33e R09: ffffed10023ca33e [ 212.599962] R10: ffff888011e519ef R11: ffffed10023ca33d R12: ffff888011e51a90 [ 212.600505] R13: ffff888011e518a8 R14: ffffffffffffffff R15: ffff88800fb5fc60 [ 212.601047] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.601659] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.602105] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.602664] PKRU: 55555554 [ 212.602882] Call Trace: [ 212.603081] [ 212.603261] iommufd_ioas_destroy+0x53/0x70 [ 212.603602] iommufd_fops_release+0x1f7/0x370 [ 212.603957] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.604350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.604738] ? write_comp_data+0x2f/0x90 [ 212.605067] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.605457] __fput+0x26d/0xa40 [ 212.605726] ____fput+0x1e/0x30 [ 212.605988] task_work_run+0x1a4/0x2d0 [ 212.606298] ? __pfx_task_work_run+0x10/0x10 [ 212.606663] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.607046] ? switch_task_namespaces+0xa9/0xe0 [ 212.607427] do_exit+0xb17/0x2ef0 [ 212.607697] ? lock_acquire+0x427/0x4c0 [ 212.608015] ? __pfx_lock_release+0x10/0x10 [ 212.608359] ? __kasan_check_write+0x18/0x20 [ 212.608704] ? do_raw_spin_lock+0x132/0x2a0 [ 212.609037] ? __pfx_do_exit+0x10/0x10 [ 212.609347] ? debug_smp_processor_id+0x20/0x30 [ 212.609706] ? rcu_is_watching+0x19/0xb0 [ 212.610024] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.610379] ? trace_hardirqs_on+0x26/0x120 [ 212.610731] do_group_exit+0xe0/0x2b0 [ 212.611029] __x64_sys_exit_group+0x47/0x50 [ 212.611367] do_syscall_64+0x3b/0x90 [ 212.611668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.612079] RIP: 0033:0x7f4b87518a4d [ 212.612369] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.612839] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.613423] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.613969] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.614529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.615076] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.615629] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.616188] [ 212.616371] irq event stamp: 0 [ 212.616614] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.617095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.617736] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.618374] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.618874] ---[ end trace 0000000000000000 ]--- [ 212.623619] ------------[ cut here ]------------ [ 212.624020] WARNING: CPU: 0 PID: 2026 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.624793] Modules linked in: [ 212.625039] CPU: 0 PID: 2026 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.625703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.626573] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.626957] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.628353] RSP: 0018:ffff88801209fbb8 EFLAGS: 00010246 [ 212.628758] RAX: 0000000000000000 RBX: ffff8880163578a8 RCX: 0000000000000000 [ 212.629295] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 212.629835] RBP: ffff88801209fbd0 R08: ffffed1002c6af33 R09: ffffed1002c6af33 [ 212.630377] R10: ffff888016357993 R11: ffffed1002c6af32 R12: ffff888020a6a400 [ 212.630936] R13: ffff8880163579e8 R14: ffffffff8352e670 R15: ffff88801209fe68 [ 212.631489] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.632098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.632538] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 212.633075] PKRU: 55555554 [ 212.633291] Call Trace: [ 212.633485] [ 212.633658] __iommufd_access_detach+0x1c2/0x2b0 [ 212.634033] iommufd_access_change_pt+0x149/0x270 [ 212.634414] iommufd_access_replace+0xb4/0x120 [ 212.634793] iommufd_test+0x3e5/0x37e0 [ 212.635092] ? lock_release+0x532/0x770 [ 212.635420] ? __might_fault+0x102/0x1b0 [ 212.635739] ? lock_acquire+0x427/0x4c0 [ 212.636054] ? __pfx_iommufd_test+0x10/0x10 [ 212.636379] ? __pfx_lock_release+0x10/0x10 [ 212.636714] ? __pfx_lock_acquire+0x10/0x10 [ 212.637052] ? write_comp_data+0x2f/0x90 [ 212.637378] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.637753] ? write_comp_data+0x2f/0x90 [ 212.638072] iommufd_fops_ioctl+0x37d/0x510 [ 212.638404] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.638797] ? write_comp_data+0x2f/0x90 [ 212.639126] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.639501] __x64_sys_ioctl+0x1a3/0x230 [ 212.639825] do_syscall_64+0x3b/0x90 [ 212.640119] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.640524] RIP: 0033:0x7f4b8743ee5d [ 212.640812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.642184] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.642786] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.643333] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.643868] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.644402] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.644941] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.645484] [ 212.645663] irq event stamp: 0 [ 212.645902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.646378] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.647022] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.647663] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.648138] ---[ end trace 0000000000000000 ]--- [ 212.650881] ------------[ cut here ]------------ [ 212.651283] WARNING: CPU: 0 PID: 2026 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.652050] Modules linked in: [ 212.652296] CPU: 0 PID: 2026 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.652956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.653805] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.654182] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.655594] RSP: 0018:ffff88801209fbd0 EFLAGS: 00010246 [ 212.656003] RAX: 0000000000000000 RBX: ffff8880163578a8 RCX: 0000000000000000 [ 212.656546] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 212.657091] RBP: ffff88801209fbe8 R08: ffffed1002c6af33 R09: ffffed1002c6af33 [ 212.658059] R10: ffff888016357993 R11: ffffed1002c6af32 R12: ffff88800f072000 [ 212.658642] R13: ffff8880163579e8 R14: ffff888012c78a00 R15: 0000000000000000 [ 212.659198] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.659802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.660302] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.660921] PKRU: 55555554 [ 212.661140] Call Trace: [ 212.661334] [ 212.661510] iommufd_access_destroy_object+0x65/0x170 [ 212.662036] iommufd_object_destroy_user+0x18e/0x220 [ 212.662432] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.662898] iommufd_access_destroy+0x43/0x70 [ 212.663261] iommufd_test_staccess_release+0x8d/0xd0 [ 212.663659] __fput+0x26d/0xa40 [ 212.663956] ____fput+0x1e/0x30 [ 212.664317] task_work_run+0x1a4/0x2d0 [ 212.664629] ? __pfx_task_work_run+0x10/0x10 [ 212.664976] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.665359] ? switch_task_namespaces+0xa9/0xe0 [ 212.665792] do_exit+0xb17/0x2ef0 [ 212.666123] ? lock_acquire+0x427/0x4c0 [ 212.666439] ? __pfx_lock_release+0x10/0x10 [ 212.666797] ? __kasan_check_write+0x18/0x20 [ 212.667149] ? do_raw_spin_lock+0x132/0x2a0 [ 212.667482] ? __pfx_do_exit+0x10/0x10 [ 212.667863] ? debug_smp_processor_id+0x20/0x30 [ 212.668315] ? rcu_is_watching+0x19/0xb0 [ 212.668641] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.669004] ? trace_hardirqs_on+0x26/0x120 [ 212.669348] do_group_exit+0xe0/0x2b0 [ 212.669717] __x64_sys_exit_group+0x47/0x50 [ 212.670128] do_syscall_64+0x3b/0x90 [ 212.670435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.670867] RIP: 0033:0x7f4b87518a4d [ 212.671172] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.671675] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.672397] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.672949] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.673570] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.674203] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.674776] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.675352] [ 212.675603] irq event stamp: 0 [ 212.675929] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.676420] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.677071] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.677876] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.678369] ---[ end trace 0000000000000000 ]--- [ 212.679081] ------------[ cut here ]------------ [ 212.679610] WARNING: CPU: 0 PID: 2026 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.680410] Modules linked in: [ 212.680665] CPU: 0 PID: 2026 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.681500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.682374] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.682824] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.684414] RSP: 0018:ffff88801209fb78 EFLAGS: 00010246 [ 212.684898] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.685594] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 212.686175] RBP: ffff88801209fb98 R08: ffffed1002c6af3e R09: ffffed1002c6af3e [ 212.686832] R10: ffff8880163579ef R11: ffffed1002c6af3d R12: ffff888016357a90 [ 212.687567] R13: ffff8880163578a8 R14: ffffffffffffffff R15: ffff88801209fc60 [ 212.688152] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.688806] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.689282] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.689865] PKRU: 55555554 [ 212.690098] Call Trace: [ 212.690307] [ 212.690497] iommufd_ioas_destroy+0x53/0x70 [ 212.690886] iommufd_fops_release+0x1f7/0x370 [ 212.691276] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.691692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.692106] ? write_comp_data+0x2f/0x90 [ 212.692452] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.692862] __fput+0x26d/0xa40 [ 212.693145] ____fput+0x1e/0x30 [ 212.693425] task_work_run+0x1a4/0x2d0 [ 212.693750] ? __pfx_task_work_run+0x10/0x10 [ 212.694117] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.694540] ? switch_task_namespaces+0xa9/0xe0 [ 212.694936] do_exit+0xb17/0x2ef0 [ 212.695229] ? lock_acquire+0x427/0x4c0 [ 212.695569] ? __pfx_lock_release+0x10/0x10 [ 212.695932] ? __kasan_check_write+0x18/0x20 [ 212.696293] ? do_raw_spin_lock+0x132/0x2a0 [ 212.696647] ? __pfx_do_exit+0x10/0x10 [ 212.696982] ? debug_smp_processor_id+0x20/0x30 [ 212.697368] ? rcu_is_watching+0x19/0xb0 [ 212.697703] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.698084] ? trace_hardirqs_on+0x26/0x120 [ 212.698448] do_group_exit+0xe0/0x2b0 [ 212.698780] __x64_sys_exit_group+0x47/0x50 [ 212.699150] do_syscall_64+0x3b/0x90 [ 212.699470] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.699902] RIP: 0033:0x7f4b87518a4d [ 212.700207] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.700724] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.701344] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.701922] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.702499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.703134] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.703719] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.704309] [ 212.704506] irq event stamp: 0 [ 212.704766] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.705290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.705981] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.706678] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.707203] ---[ end trace 0000000000000000 ]--- [ 212.713690] ------------[ cut here ]------------ [ 212.714130] WARNING: CPU: 1 PID: 2027 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.715160] Modules linked in: [ 212.715428] CPU: 1 PID: 2027 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.716139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.717211] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.717624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.719327] RSP: 0018:ffff888013607bb8 EFLAGS: 00010246 [ 212.719770] RAX: 0000000000000000 RBX: ffff888017a458a8 RCX: 0000000000000000 [ 212.720341] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 212.720990] RBP: ffff888013607bd0 R08: ffffed1002f48b33 R09: ffffed1002f48b33 [ 212.721623] R10: ffff888017a45993 R11: ffffed1002f48b32 R12: ffff888013b15000 [ 212.722194] R13: ffff888017a459e8 R14: ffffffff8352e670 R15: ffff888013607e68 [ 212.722825] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 212.723594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.724065] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 212.724657] PKRU: 55555554 [ 212.724905] Call Trace: [ 212.725190] [ 212.725482] __iommufd_access_detach+0x1c2/0x2b0 [ 212.725909] iommufd_access_change_pt+0x149/0x270 [ 212.726336] iommufd_access_replace+0xb4/0x120 [ 212.726774] iommufd_test+0x3e5/0x37e0 [ 212.727136] ? lock_release+0x532/0x770 [ 212.727540] ? __might_fault+0x102/0x1b0 [ 212.728026] ? lock_acquire+0x427/0x4c0 [ 212.728390] ? __pfx_iommufd_test+0x10/0x10 [ 212.728775] ? __pfx_lock_release+0x10/0x10 [ 212.729169] ? __pfx_lock_acquire+0x10/0x10 [ 212.729603] ? write_comp_data+0x2f/0x90 [ 212.730095] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.730568] ? write_comp_data+0x2f/0x90 [ 212.730938] iommufd_fops_ioctl+0x37d/0x510 [ 212.731338] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.731777] ? write_comp_data+0x2f/0x90 [ 212.732303] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.732730] __x64_sys_ioctl+0x1a3/0x230 [ 212.733097] do_syscall_64+0x3b/0x90 [ 212.733434] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.733897] RIP: 0033:0x7f4b8743ee5d [ 212.734398] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.736043] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.736868] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.737488] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.738102] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.738894] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.739520] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.740149] [ 212.740355] irq event stamp: 0 [ 212.740633] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.741363] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.742094] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.742867] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.743633] ---[ end trace 0000000000000000 ]--- [ 212.746806] ------------[ cut here ]------------ [ 212.747304] WARNING: CPU: 1 PID: 2027 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.748450] Modules linked in: [ 212.748753] CPU: 1 PID: 2027 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.749592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.750841] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.751324] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.753188] RSP: 0018:ffff888013607bd0 EFLAGS: 00010246 [ 212.753689] RAX: 0000000000000000 RBX: ffff888017a458a8 RCX: 0000000000000000 [ 212.754455] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 212.755289] RBP: ffff888013607be8 R08: ffffed1002f48b33 R09: ffffed1002f48b33 [ 212.755958] R10: ffff888017a45993 R11: ffffed1002f48b32 R12: ffff888012e92400 [ 212.756626] R13: ffff888017a459e8 R14: ffff888020908a00 R15: 0000000000000000 [ 212.757477] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 212.758230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.758810] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 212.759686] PKRU: 55555554 [ 212.759953] Call Trace: [ 212.760197] [ 212.760410] iommufd_access_destroy_object+0x65/0x170 [ 212.760903] iommufd_object_destroy_user+0x18e/0x220 [ 212.761435] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.762111] iommufd_access_destroy+0x43/0x70 [ 212.762581] iommufd_test_staccess_release+0x8d/0xd0 [ 212.763070] __fput+0x26d/0xa40 [ 212.763417] ____fput+0x1e/0x30 [ 212.763739] task_work_run+0x1a4/0x2d0 [ 212.764291] ? __pfx_task_work_run+0x10/0x10 [ 212.764716] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.765194] ? switch_task_namespaces+0xa9/0xe0 [ 212.765656] do_exit+0xb17/0x2ef0 [ 212.766015] ? lock_acquire+0x427/0x4c0 [ 212.766557] ? __pfx_lock_release+0x10/0x10 [ 212.766975] ? __kasan_check_write+0x18/0x20 [ 212.767415] ? do_raw_spin_lock+0x132/0x2a0 [ 212.767822] ? __pfx_do_exit+0x10/0x10 [ 212.768199] ? debug_smp_processor_id+0x20/0x30 [ 212.768714] ? rcu_is_watching+0x19/0xb0 [ 212.769180] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.769619] ? trace_hardirqs_on+0x26/0x120 [ 212.770040] do_group_exit+0xe0/0x2b0 [ 212.770401] __x64_sys_exit_group+0x47/0x50 [ 212.771004] do_syscall_64+0x3b/0x90 [ 212.771382] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.771874] RIP: 0033:0x7f4b87518a4d [ 212.772221] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.772794] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.773669] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.774326] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.775016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.775740] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.776551] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.777232] [ 212.777458] irq event stamp: 0 [ 212.777757] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.778563] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.779364] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.780156] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.780968] ---[ end trace 0000000000000000 ]--- [ 212.782054] ------------[ cut here ]------------ [ 212.782545] WARNING: CPU: 1 PID: 2027 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.783702] Modules linked in: [ 212.784008] CPU: 1 PID: 2027 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.784826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.786054] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.786612] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.788501] RSP: 0018:ffff888013607b78 EFLAGS: 00010246 [ 212.789001] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.789659] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 212.790548] RBP: ffff888013607b98 R08: ffffed1002f48b3e R09: ffffed1002f48b3e [ 212.791238] R10: ffff888017a459ef R11: ffffed1002f48b3d R12: ffff888017a45a90 [ 212.791911] R13: ffff888017a458a8 R14: ffffffffffffffff R15: ffff888013607c60 [ 212.792671] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 212.793520] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.794065] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 212.794776] PKRU: 55555554 [ 212.795184] Call Trace: [ 212.795424] [ 212.795647] iommufd_ioas_destroy+0x53/0x70 [ 212.796068] iommufd_fops_release+0x1f7/0x370 [ 212.796499] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.796976] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.797611] ? write_comp_data+0x2f/0x90 [ 212.798011] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.798488] __fput+0x26d/0xa40 [ 212.798852] ____fput+0x1e/0x30 [ 212.799188] task_work_run+0x1a4/0x2d0 [ 212.799566] ? __pfx_task_work_run+0x10/0x10 [ 212.800164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.800669] ? switch_task_namespaces+0xa9/0xe0 [ 212.801150] do_exit+0xb17/0x2ef0 [ 212.801507] ? lock_acquire+0x427/0x4c0 [ 212.801965] ? __pfx_lock_release+0x10/0x10 [ 212.802472] ? __kasan_check_write+0x18/0x20 [ 212.802953] ? do_raw_spin_lock+0x132/0x2a0 [ 212.803409] ? __pfx_do_exit+0x10/0x10 [ 212.803817] ? debug_smp_processor_id+0x20/0x30 [ 212.804293] ? rcu_is_watching+0x19/0xb0 [ 212.804838] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.805276] ? trace_hardirqs_on+0x26/0x120 [ 212.805697] do_group_exit+0xe0/0x2b0 [ 212.806059] __x64_sys_exit_group+0x47/0x50 [ 212.806539] do_syscall_64+0x3b/0x90 [ 212.807051] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.807747] RIP: 0033:0x7f4b87518a4d [ 212.808099] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.808679] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.809389] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.810230] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.810927] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.811609] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.812337] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.813121] [ 212.813344] irq event stamp: 0 [ 212.813641] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.814230] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.815247] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.816050] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.816636] ---[ end trace 0000000000000000 ]--- [ 212.821889] ------------[ cut here ]------------ [ 212.822396] WARNING: CPU: 1 PID: 2028 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.823578] Modules linked in: [ 212.823875] CPU: 1 PID: 2028 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.824670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.825889] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.826353] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.828265] RSP: 0018:ffff888023e37bb8 EFLAGS: 00010246 [ 212.828767] RAX: 0000000000000000 RBX: ffff888015d2b8a8 RCX: 0000000000000000 [ 212.829428] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 212.830267] RBP: ffff888023e37bd0 R08: ffffed1002ba5733 R09: ffffed1002ba5733 [ 212.830956] R10: ffff888015d2b993 R11: ffffed1002ba5732 R12: ffff888010e03c00 [ 212.831637] R13: ffff888015d2b9e8 R14: ffffffff8352e670 R15: ffff888023e37e68 [ 212.832381] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 212.833259] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.833809] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 212.834469] PKRU: 55555554 [ 212.834761] Call Trace: [ 212.835003] [ 212.835235] __iommufd_access_detach+0x1c2/0x2b0 [ 212.835709] iommufd_access_change_pt+0x149/0x270 [ 212.836171] iommufd_access_replace+0xb4/0x120 [ 212.836618] iommufd_test+0x3e5/0x37e0 [ 212.836991] ? lock_release+0x532/0x770 [ 212.837383] ? __might_fault+0x102/0x1b0 [ 212.837790] ? lock_acquire+0x427/0x4c0 [ 212.838185] ? __pfx_iommufd_test+0x10/0x10 [ 212.838632] ? __pfx_lock_release+0x10/0x10 [ 212.839052] ? __pfx_lock_acquire+0x10/0x10 [ 212.839486] ? write_comp_data+0x2f/0x90 [ 212.839874] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.840326] ? write_comp_data+0x2f/0x90 [ 212.840729] iommufd_fops_ioctl+0x37d/0x510 [ 212.841152] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.841622] ? write_comp_data+0x2f/0x90 [ 212.842004] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.842456] __x64_sys_ioctl+0x1a3/0x230 [ 212.842871] do_syscall_64+0x3b/0x90 [ 212.843255] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.843759] RIP: 0033:0x7f4b8743ee5d [ 212.844111] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.845825] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.846563] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.847250] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.847917] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.848578] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.849234] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.849903] [ 212.850122] irq event stamp: 0 [ 212.850420] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.851032] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.851831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.852602] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.853191] ---[ end trace 0000000000000000 ]--- [ 212.856341] ------------[ cut here ]------------ [ 212.856807] WARNING: CPU: 1 PID: 2028 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.857739] Modules linked in: [ 212.858035] CPU: 1 PID: 2028 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.858942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.859998] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.860468] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.862168] RSP: 0018:ffff888023e37bd0 EFLAGS: 00010246 [ 212.862694] RAX: 0000000000000000 RBX: ffff888015d2b8a8 RCX: 0000000000000000 [ 212.863363] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 212.864018] RBP: ffff888023e37be8 R08: ffffed1002ba5733 R09: ffffed1002ba5733 [ 212.864685] R10: ffff888015d2b993 R11: ffffed1002ba5732 R12: ffff888013b17000 [ 212.865354] R13: ffff888015d2b9e8 R14: ffff88801024fb00 R15: 0000000000000000 [ 212.866021] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 212.866794] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.867355] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 212.868025] PKRU: 55555554 [ 212.868296] Call Trace: [ 212.868543] [ 212.868756] iommufd_access_destroy_object+0x65/0x170 [ 212.869248] iommufd_object_destroy_user+0x18e/0x220 [ 212.869725] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.870273] iommufd_access_destroy+0x43/0x70 [ 212.870727] iommufd_test_staccess_release+0x8d/0xd0 [ 212.871220] __fput+0x26d/0xa40 [ 212.871547] ____fput+0x1e/0x30 [ 212.871871] task_work_run+0x1a4/0x2d0 [ 212.872248] ? __pfx_task_work_run+0x10/0x10 [ 212.872670] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.873137] ? switch_task_namespaces+0xa9/0xe0 [ 212.873587] do_exit+0xb17/0x2ef0 [ 212.873914] ? lock_acquire+0x427/0x4c0 [ 212.874299] ? __pfx_lock_release+0x10/0x10 [ 212.874738] ? __kasan_check_write+0x18/0x20 [ 212.875172] ? do_raw_spin_lock+0x132/0x2a0 [ 212.875588] ? __pfx_do_exit+0x10/0x10 [ 212.875958] ? debug_smp_processor_id+0x20/0x30 [ 212.876394] ? rcu_is_watching+0x19/0xb0 [ 212.876776] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.877194] ? trace_hardirqs_on+0x26/0x120 [ 212.877603] do_group_exit+0xe0/0x2b0 [ 212.877959] __x64_sys_exit_group+0x47/0x50 [ 212.878360] do_syscall_64+0x3b/0x90 [ 212.878741] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.879233] RIP: 0033:0x7f4b87518a4d [ 212.879576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.880143] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.880838] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.881493] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.882147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.882829] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.883483] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.884133] [ 212.884347] irq event stamp: 0 [ 212.884640] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.885231] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.886001] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.886800] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.887398] ---[ end trace 0000000000000000 ]--- [ 212.888294] ------------[ cut here ]------------ [ 212.888784] WARNING: CPU: 0 PID: 2028 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 212.889734] Modules linked in: [ 212.890033] CPU: 0 PID: 2028 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.890929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.891992] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 212.892474] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 212.894170] RSP: 0018:ffff888023e37b78 EFLAGS: 00010246 [ 212.894709] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 212.895389] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 212.896058] RBP: ffff888023e37b98 R08: ffffed1002ba573e R09: ffffed1002ba573e [ 212.896727] R10: ffff888015d2b9ef R11: ffffed1002ba573d R12: ffff888015d2ba90 [ 212.897384] R13: ffff888015d2b8a8 R14: ffffffffffffffff R15: ffff888023e37c60 [ 212.898044] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.898820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.899384] CR2: 00007f82e2fbc010 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 212.900044] PKRU: 55555554 [ 212.900311] Call Trace: [ 212.900554] [ 212.900766] iommufd_ioas_destroy+0x53/0x70 [ 212.901171] iommufd_fops_release+0x1f7/0x370 [ 212.901598] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.902065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.902548] ? write_comp_data+0x2f/0x90 [ 212.902938] ? __pfx_iommufd_fops_release+0x10/0x10 [ 212.903408] __fput+0x26d/0xa40 [ 212.903737] ____fput+0x1e/0x30 [ 212.904056] task_work_run+0x1a4/0x2d0 [ 212.904434] ? __pfx_task_work_run+0x10/0x10 [ 212.904857] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.905319] ? switch_task_namespaces+0xa9/0xe0 [ 212.905792] do_exit+0xb17/0x2ef0 [ 212.906118] ? lock_acquire+0x427/0x4c0 [ 212.906497] ? __pfx_lock_release+0x10/0x10 [ 212.906934] ? __kasan_check_write+0x18/0x20 [ 212.907367] ? do_raw_spin_lock+0x132/0x2a0 [ 212.907772] ? __pfx_do_exit+0x10/0x10 [ 212.908144] ? debug_smp_processor_id+0x20/0x30 [ 212.908598] ? rcu_is_watching+0x19/0xb0 [ 212.908979] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.909412] ? trace_hardirqs_on+0x26/0x120 [ 212.909827] do_group_exit+0xe0/0x2b0 [ 212.910189] __x64_sys_exit_group+0x47/0x50 [ 212.910622] do_syscall_64+0x3b/0x90 [ 212.910990] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.911496] RIP: 0033:0x7f4b87518a4d [ 212.911856] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.912438] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.913695] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.914361] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.915062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.915748] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.916408] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.917083] [ 212.917308] irq event stamp: 0 [ 212.917607] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.918193] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.918999] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.919793] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.920379] ---[ end trace 0000000000000000 ]--- [ 212.926479] ------------[ cut here ]------------ [ 212.926987] WARNING: CPU: 0 PID: 2029 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.928172] Modules linked in: [ 212.928479] CPU: 0 PID: 2029 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.929545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.930640] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.931133] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.933110] RSP: 0018:ffff88801876fbb8 EFLAGS: 00010246 [ 212.933861] RAX: 0000000000000000 RBX: ffff8880165328a8 RCX: 0000000000000000 [ 212.934561] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 212.935253] RBP: ffff88801876fbd0 R08: ffffed1002ca6533 R09: ffffed1002ca6533 [ 212.936163] R10: ffff888016532993 R11: ffffed1002ca6532 R12: ffff8880129c4800 [ 212.936908] R13: ffff8880165329e8 R14: ffffffff8352e670 R15: ffff88801876fe68 [ 212.937693] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.938781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.939421] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 212.940305] PKRU: 55555554 [ 212.940762] Call Trace: [ 212.941031] [ 212.941267] __iommufd_access_detach+0x1c2/0x2b0 [ 212.941785] iommufd_access_change_pt+0x149/0x270 [ 212.942301] iommufd_access_replace+0xb4/0x120 [ 212.942878] iommufd_test+0x3e5/0x37e0 [ 212.943478] ? lock_release+0x532/0x770 [ 212.943914] ? __might_fault+0x102/0x1b0 [ 212.944350] ? lock_acquire+0x427/0x4c0 [ 212.944782] ? __pfx_iommufd_test+0x10/0x10 [ 212.945251] ? __pfx_lock_release+0x10/0x10 [ 212.945836] ? __pfx_lock_acquire+0x10/0x10 [ 212.946483] ? write_comp_data+0x2f/0x90 [ 212.946969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.947493] ? write_comp_data+0x2f/0x90 [ 212.947989] iommufd_fops_ioctl+0x37d/0x510 [ 212.948636] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.949164] ? write_comp_data+0x2f/0x90 [ 212.949599] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 212.950174] __x64_sys_ioctl+0x1a3/0x230 [ 212.950828] do_syscall_64+0x3b/0x90 [ 212.951255] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.951813] RIP: 0033:0x7f4b8743ee5d [ 212.952210] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 212.954473] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 212.955332] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 212.956058] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 212.956785] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 212.957517] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 212.958245] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 212.959002] [ 212.959263] irq event stamp: 0 [ 212.959593] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.960244] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.961110] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.961974] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 212.962657] ---[ end trace 0000000000000000 ]--- [ 212.965876] ------------[ cut here ]------------ [ 212.966406] WARNING: CPU: 0 PID: 2029 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 212.967512] Modules linked in: [ 212.967854] CPU: 0 PID: 2029 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 212.968751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 212.969907] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 212.970421] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 212.972334] RSP: 0018:ffff88801876fbd0 EFLAGS: 00010246 [ 212.972893] RAX: 0000000000000000 RBX: ffff8880165328a8 RCX: 0000000000000000 [ 212.973636] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 212.974367] RBP: ffff88801876fbe8 R08: ffffed1002ca6533 R09: ffffed1002ca6533 [ 212.975138] R10: ffff888016532993 R11: ffffed1002ca6532 R12: ffff888020a68800 [ 212.975885] R13: ffff8880165329e8 R14: ffff888021841800 R15: 0000000000000000 [ 212.976618] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 212.977453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 212.978064] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 212.978841] PKRU: 55555554 [ 212.979153] Call Trace: [ 212.979427] [ 212.979663] iommufd_access_destroy_object+0x65/0x170 [ 212.980206] iommufd_object_destroy_user+0x18e/0x220 [ 212.980739] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 212.981340] iommufd_access_destroy+0x43/0x70 [ 212.981813] iommufd_test_staccess_release+0x8d/0xd0 [ 212.982343] __fput+0x26d/0xa40 [ 212.982730] ____fput+0x1e/0x30 [ 212.983088] task_work_run+0x1a4/0x2d0 [ 212.983517] ? __pfx_task_work_run+0x10/0x10 [ 212.983983] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 212.984498] ? switch_task_namespaces+0xa9/0xe0 [ 212.984996] do_exit+0xb17/0x2ef0 [ 212.985357] ? lock_acquire+0x427/0x4c0 [ 212.985772] ? __pfx_lock_release+0x10/0x10 [ 212.986223] ? __kasan_check_write+0x18/0x20 [ 212.986706] ? do_raw_spin_lock+0x132/0x2a0 [ 212.987166] ? __pfx_do_exit+0x10/0x10 [ 212.987588] ? debug_smp_processor_id+0x20/0x30 [ 212.988074] ? rcu_is_watching+0x19/0xb0 [ 212.988512] ? _raw_spin_unlock_irq+0x2b/0x60 [ 212.988994] ? trace_hardirqs_on+0x26/0x120 [ 212.989454] do_group_exit+0xe0/0x2b0 [ 212.989854] __x64_sys_exit_group+0x47/0x50 [ 212.990302] do_syscall_64+0x3b/0x90 [ 212.990730] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 212.991305] RIP: 0033:0x7f4b87518a4d [ 212.991711] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 212.992356] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 212.993148] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 212.993889] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 212.994655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 212.995420] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 212.996152] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 212.996886] [ 212.997125] irq event stamp: 0 [ 212.997446] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 212.998088] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 212.998958] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 212.999833] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.000482] ---[ end trace 0000000000000000 ]--- [ 213.001346] ------------[ cut here ]------------ [ 213.001827] WARNING: CPU: 0 PID: 2029 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.002913] Modules linked in: [ 213.003273] CPU: 0 PID: 2029 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.004176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.005346] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.005882] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.007778] RSP: 0018:ffff88801876fb78 EFLAGS: 00010246 [ 213.008326] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.009041] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 213.009758] RBP: ffff88801876fb98 R08: ffffed1002ca653e R09: ffffed1002ca653e [ 213.010485] R10: ffff8880165329ef R11: ffffed1002ca653d R12: ffff888016532a90 [ 213.011237] R13: ffff8880165328a8 R14: ffffffffffffffff R15: ffff88801876fc60 [ 213.011958] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.012766] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.013358] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 213.014078] PKRU: 55555554 [ 213.014370] Call Trace: [ 213.014648] [ 213.014881] iommufd_ioas_destroy+0x53/0x70 [ 213.015350] iommufd_fops_release+0x1f7/0x370 [ 213.015815] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.016336] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.016848] ? write_comp_data+0x2f/0x90 [ 213.017278] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.017798] __fput+0x26d/0xa40 [ 213.018159] ____fput+0x1e/0x30 [ 213.018542] task_work_run+0x1a4/0x2d0 [ 213.018950] ? __pfx_task_work_run+0x10/0x10 [ 213.019448] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.019965] ? switch_task_namespaces+0xa9/0xe0 [ 213.020467] do_exit+0xb17/0x2ef0 [ 213.020844] ? lock_acquire+0x427/0x4c0 [ 213.021265] ? __pfx_lock_release+0x10/0x10 [ 213.021711] ? __kasan_check_write+0x18/0x20 [ 213.022174] ? do_raw_spin_lock+0x132/0x2a0 [ 213.022668] ? __pfx_do_exit+0x10/0x10 [ 213.023082] ? debug_smp_processor_id+0x20/0x30 [ 213.023576] ? rcu_is_watching+0x19/0xb0 [ 213.023992] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.024465] ? trace_hardirqs_on+0x26/0x120 [ 213.024916] do_group_exit+0xe0/0x2b0 [ 213.025305] __x64_sys_exit_group+0x47/0x50 [ 213.025748] do_syscall_64+0x3b/0x90 [ 213.026146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.026699] RIP: 0033:0x7f4b87518a4d [ 213.027085] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.027734] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.028514] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.029234] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.029952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.030636] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.031348] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.032012] [ 213.032230] irq event stamp: 0 [ 213.032523] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.033103] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.033869] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.034650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.035246] ---[ end trace 0000000000000000 ]--- [ 213.040671] ------------[ cut here ]------------ [ 213.041180] WARNING: CPU: 0 PID: 2030 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.042120] Modules linked in: [ 213.042418] CPU: 0 PID: 2030 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.043516] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.044552] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.045010] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.046691] RSP: 0018:ffff888016fbfbb8 EFLAGS: 00010246 [ 213.047194] RAX: 0000000000000000 RBX: ffff8880104758a8 RCX: 0000000000000000 [ 213.047841] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 213.048485] RBP: ffff888016fbfbd0 R08: ffffed100208eb33 R09: ffffed100208eb33 [ 213.049135] R10: ffff888010475993 R11: ffffed100208eb32 R12: ffff888014392000 [ 213.049779] R13: ffff8880104759e8 R14: ffffffff8352e670 R15: ffff888016fbfe68 [ 213.050414] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.051157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.051680] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 213.052321] PKRU: 55555554 [ 213.052574] Call Trace: [ 213.052805] [ 213.053010] __iommufd_access_detach+0x1c2/0x2b0 [ 213.053453] iommufd_access_change_pt+0x149/0x270 [ 213.053900] iommufd_access_replace+0xb4/0x120 [ 213.054321] iommufd_test+0x3e5/0x37e0 [ 213.054688] ? lock_release+0x532/0x770 [ 213.055059] ? __might_fault+0x102/0x1b0 [ 213.055464] ? lock_acquire+0x427/0x4c0 [ 213.055837] ? __pfx_iommufd_test+0x10/0x10 [ 213.056225] ? __pfx_lock_release+0x10/0x10 [ 213.056620] ? __pfx_lock_acquire+0x10/0x10 [ 213.057024] ? write_comp_data+0x2f/0x90 [ 213.057402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.057850] ? write_comp_data+0x2f/0x90 [ 213.058230] iommufd_fops_ioctl+0x37d/0x510 [ 213.058663] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.059126] ? write_comp_data+0x2f/0x90 [ 213.059510] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.059949] __x64_sys_ioctl+0x1a3/0x230 [ 213.060327] do_syscall_64+0x3b/0x90 [ 213.060679] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.061157] RIP: 0033:0x7f4b8743ee5d [ 213.061498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.063167] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.063861] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.064503] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.065115] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.065720] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.066327] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.066971] [ 213.067189] irq event stamp: 0 [ 213.067464] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.068001] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.068717] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.069424] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.069963] ---[ end trace 0000000000000000 ]--- [ 213.072970] ------------[ cut here ]------------ [ 213.073408] WARNING: CPU: 0 PID: 2030 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.074274] Modules linked in: [ 213.074608] CPU: 0 PID: 2030 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.075364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.076323] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.076751] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.078303] RSP: 0018:ffff888016fbfbd0 EFLAGS: 00010246 [ 213.078785] RAX: 0000000000000000 RBX: ffff8880104758a8 RCX: 0000000000000000 [ 213.079412] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 213.080024] RBP: ffff888016fbfbe8 R08: ffffed100208eb33 R09: ffffed100208eb33 [ 213.080628] R10: ffff888010475993 R11: ffffed100208eb32 R12: ffff8880129c6400 [ 213.081239] R13: ffff8880104759e8 R14: ffff888013807300 R15: 0000000000000000 [ 213.081848] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.082558] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.083062] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 213.083687] PKRU: 55555554 [ 213.083932] Call Trace: [ 213.084155] [ 213.084354] iommufd_access_destroy_object+0x65/0x170 [ 213.084815] iommufd_object_destroy_user+0x18e/0x220 [ 213.085262] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.085768] iommufd_access_destroy+0x43/0x70 [ 213.086166] iommufd_test_staccess_release+0x8d/0xd0 [ 213.086635] __fput+0x26d/0xa40 [ 213.086939] ____fput+0x1e/0x30 [ 213.087243] task_work_run+0x1a4/0x2d0 [ 213.087594] ? __pfx_task_work_run+0x10/0x10 [ 213.087979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.088416] ? switch_task_namespaces+0xa9/0xe0 [ 213.088830] do_exit+0xb17/0x2ef0 [ 213.089132] ? lock_acquire+0x427/0x4c0 [ 213.089485] ? __pfx_lock_release+0x10/0x10 [ 213.089866] ? __kasan_check_write+0x18/0x20 [ 213.090250] ? do_raw_spin_lock+0x132/0x2a0 [ 213.090647] ? __pfx_do_exit+0x10/0x10 [ 213.090996] ? debug_smp_processor_id+0x20/0x30 [ 213.091410] ? rcu_is_watching+0x19/0xb0 [ 213.091763] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.092159] ? trace_hardirqs_on+0x26/0x120 [ 213.092542] do_group_exit+0xe0/0x2b0 [ 213.092877] __x64_sys_exit_group+0x47/0x50 [ 213.093249] do_syscall_64+0x3b/0x90 [ 213.093582] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.094035] RIP: 0033:0x7f4b87518a4d [ 213.094358] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.094906] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.095579] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.096191] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.096806] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.097414] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.098017] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.098650] [ 213.098854] irq event stamp: 0 [ 213.099142] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.099681] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.100403] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.101113] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.101656] ---[ end trace 0000000000000000 ]--- [ 213.102436] ------------[ cut here ]------------ [ 213.102870] WARNING: CPU: 0 PID: 2030 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.103765] Modules linked in: [ 213.104046] CPU: 0 PID: 2030 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.104794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.105756] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.106205] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.107823] RSP: 0018:ffff888016fbfb78 EFLAGS: 00010246 [ 213.108295] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.108908] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 213.109520] RBP: ffff888016fbfb98 R08: ffffed100208eb3e R09: ffffed100208eb3e [ 213.110130] R10: ffff8880104759ef R11: ffffed100208eb3d R12: ffff888010475a90 [ 213.110758] R13: ffff8880104758a8 R14: ffffffffffffffff R15: ffff888016fbfc60 [ 213.111383] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.112079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.112587] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 213.113201] PKRU: 55555554 [ 213.113451] Call Trace: [ 213.113675] [ 213.113874] iommufd_ioas_destroy+0x53/0x70 [ 213.114256] iommufd_fops_release+0x1f7/0x370 [ 213.114674] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.115110] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.115543] ? write_comp_data+0x2f/0x90 [ 213.115901] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.116334] __fput+0x26d/0xa40 [ 213.116638] ____fput+0x1e/0x30 [ 213.116930] task_work_run+0x1a4/0x2d0 [ 213.117276] ? __pfx_task_work_run+0x10/0x10 [ 213.117660] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.118086] ? switch_task_namespaces+0xa9/0xe0 [ 213.118498] do_exit+0xb17/0x2ef0 [ 213.118824] ? lock_acquire+0x427/0x4c0 [ 213.119189] ? __pfx_lock_release+0x10/0x10 [ 213.119572] ? __kasan_check_write+0x18/0x20 [ 213.119959] ? do_raw_spin_lock+0x132/0x2a0 [ 213.120330] ? __pfx_do_exit+0x10/0x10 [ 213.120675] ? debug_smp_processor_id+0x20/0x30 [ 213.121083] ? rcu_is_watching+0x19/0xb0 [ 213.121437] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.121835] ? trace_hardirqs_on+0x26/0x120 [ 213.122214] do_group_exit+0xe0/0x2b0 [ 213.122589] __x64_sys_exit_group+0x47/0x50 [ 213.122969] do_syscall_64+0x3b/0x90 [ 213.123312] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.123771] RIP: 0033:0x7f4b87518a4d [ 213.124098] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.124630] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.125278] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.125886] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.126492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.127141] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.127750] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.128366] [ 213.128567] irq event stamp: 0 [ 213.128836] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.129376] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.130088] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.130828] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.131371] ---[ end trace 0000000000000000 ]--- [ 213.136164] ------------[ cut here ]------------ [ 213.136627] WARNING: CPU: 0 PID: 2031 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.137490] Modules linked in: [ 213.137764] CPU: 0 PID: 2031 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.138543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.139517] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.139925] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.141403] RSP: 0018:ffff888015f57bb8 EFLAGS: 00010246 [ 213.141839] RAX: 0000000000000000 RBX: ffff8880171338a8 RCX: 0000000000000000 [ 213.142417] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 213.143015] RBP: ffff888015f57bd0 R08: ffffed1002e26733 R09: ffffed1002e26733 [ 213.143609] R10: ffff888017133993 R11: ffffed1002e26732 R12: ffff888012c05c00 [ 213.144195] R13: ffff8880171339e8 R14: ffffffff8352e670 R15: ffff888015f57e68 [ 213.144776] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.145429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.145902] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 213.146485] PKRU: 55555554 [ 213.146739] Call Trace: [ 213.146952] [ 213.147149] __iommufd_access_detach+0x1c2/0x2b0 [ 213.147558] iommufd_access_change_pt+0x149/0x270 [ 213.147963] iommufd_access_replace+0xb4/0x120 [ 213.148350] iommufd_test+0x3e5/0x37e0 [ 213.148671] ? lock_release+0x532/0x770 [ 213.149007] ? __might_fault+0x102/0x1b0 [ 213.149351] ? lock_acquire+0x427/0x4c0 [ 213.149686] ? __pfx_iommufd_test+0x10/0x10 [ 213.150039] ? __pfx_lock_release+0x10/0x10 [ 213.150400] ? __pfx_lock_acquire+0x10/0x10 [ 213.150782] ? write_comp_data+0x2f/0x90 [ 213.151138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.151548] ? write_comp_data+0x2f/0x90 [ 213.151891] iommufd_fops_ioctl+0x37d/0x510 [ 213.152252] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.152660] ? write_comp_data+0x2f/0x90 [ 213.153003] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.153400] __x64_sys_ioctl+0x1a3/0x230 [ 213.153755] do_syscall_64+0x3b/0x90 [ 213.154080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.154547] RIP: 0033:0x7f4b8743ee5d [ 213.154870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.156351] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.156965] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.157585] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.158201] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.158833] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.159471] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.160084] [ 213.160286] irq event stamp: 0 [ 213.160562] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.161095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.161799] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.162499] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.163055] ---[ end trace 0000000000000000 ]--- [ 213.165903] ------------[ cut here ]------------ [ 213.166326] WARNING: CPU: 0 PID: 2031 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.167216] Modules linked in: [ 213.167490] CPU: 0 PID: 2031 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.168232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.169183] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.170137] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.171899] RSP: 0018:ffff888015f57bd0 EFLAGS: 00010246 [ 213.172567] RAX: 0000000000000000 RBX: ffff8880171338a8 RCX: 0000000000000000 [ 213.173176] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 213.173967] RBP: ffff888015f57be8 R08: ffffed1002e26733 R09: ffffed1002e26733 [ 213.174601] R10: ffff888017133993 R11: ffffed1002e26732 R12: ffff888014391c00 [ 213.175229] R13: ffff8880171339e8 R14: ffff888020984200 R15: 0000000000000000 [ 213.175879] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.176706] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.177208] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 213.177823] PKRU: 55555554 [ 213.178220] Call Trace: [ 213.178443] [ 213.178662] iommufd_access_destroy_object+0x65/0x170 [ 213.179125] iommufd_object_destroy_user+0x18e/0x220 [ 213.179575] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.180132] iommufd_access_destroy+0x43/0x70 [ 213.180631] iommufd_test_staccess_release+0x8d/0xd0 [ 213.181087] __fput+0x26d/0xa40 [ 213.181395] ____fput+0x1e/0x30 [ 213.181697] task_work_run+0x1a4/0x2d0 [ 213.182240] ? __pfx_task_work_run+0x10/0x10 [ 213.182657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.183091] ? switch_task_namespaces+0xa9/0xe0 [ 213.183521] do_exit+0xb17/0x2ef0 [ 213.183828] ? lock_acquire+0x427/0x4c0 [ 213.184238] ? __pfx_lock_release+0x10/0x10 [ 213.184744] ? __kasan_check_write+0x18/0x20 [ 213.185139] ? do_raw_spin_lock+0x132/0x2a0 [ 213.185518] ? __pfx_do_exit+0x10/0x10 [ 213.185866] ? debug_smp_processor_id+0x20/0x30 [ 213.186452] ? rcu_is_watching+0x19/0xb0 [ 213.186848] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.187254] ? trace_hardirqs_on+0x26/0x120 [ 213.187641] do_group_exit+0xe0/0x2b0 [ 213.187980] __x64_sys_exit_group+0x47/0x50 [ 213.188445] do_syscall_64+0x3b/0x90 [ 213.188872] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.189335] RIP: 0033:0x7f4b87518a4d [ 213.189665] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.190259] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.191043] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.191680] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.192293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.193085] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.193699] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.194412] [ 213.194726] irq event stamp: 0 [ 213.195007] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.195568] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.196301] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.197240] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.197789] ---[ end trace 0000000000000000 ]--- [ 213.198652] ------------[ cut here ]------------ [ 213.199066] WARNING: CPU: 0 PID: 2031 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.199969] Modules linked in: [ 213.200250] CPU: 0 PID: 2031 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.201207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.202187] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.202832] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.204436] RSP: 0018:ffff888015f57b78 EFLAGS: 00010246 [ 213.205081] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.205695] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 213.206338] RBP: ffff888015f57b98 R08: ffffed1002e2673e R09: ffffed1002e2673e [ 213.207128] R10: ffff8880171339ef R11: ffffed1002e2673d R12: ffff888017133a90 [ 213.207752] R13: ffff8880171338a8 R14: ffffffffffffffff R15: ffff888015f57c60 [ 213.208369] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.209266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.209779] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 213.210450] PKRU: 55555554 [ 213.210840] Call Trace: [ 213.211067] [ 213.211272] iommufd_ioas_destroy+0x53/0x70 [ 213.211660] iommufd_fops_release+0x1f7/0x370 [ 213.212061] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.212503] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.213111] ? write_comp_data+0x2f/0x90 [ 213.213488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.213929] __fput+0x26d/0xa40 [ 213.214236] ____fput+0x1e/0x30 [ 213.214646] task_work_run+0x1a4/0x2d0 [ 213.215089] ? __pfx_task_work_run+0x10/0x10 [ 213.215498] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.215929] ? switch_task_namespaces+0xa9/0xe0 [ 213.216349] do_exit+0xb17/0x2ef0 [ 213.216658] ? lock_acquire+0x427/0x4c0 [ 213.217196] ? __pfx_lock_release+0x10/0x10 [ 213.217583] ? __kasan_check_write+0x18/0x20 [ 213.217973] ? do_raw_spin_lock+0x132/0x2a0 [ 213.218357] ? __pfx_do_exit+0x10/0x10 [ 213.218888] ? debug_smp_processor_id+0x20/0x30 [ 213.219310] ? rcu_is_watching+0x19/0xb0 [ 213.219673] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.220076] ? trace_hardirqs_on+0x26/0x120 [ 213.220457] do_group_exit+0xe0/0x2b0 [ 213.220816] __x64_sys_exit_group+0x47/0x50 [ 213.221336] do_syscall_64+0x3b/0x90 [ 213.221681] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.222142] RIP: 0033:0x7f4b87518a4d [ 213.222468] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.223215] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.223878] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.224497] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.225289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.225904] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.226545] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.227268] [ 213.227562] irq event stamp: 0 [ 213.227835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.228379] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.229288] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.230019] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.230589] ---[ end trace 0000000000000000 ]--- [ 213.236570] ------------[ cut here ]------------ [ 213.237086] WARNING: CPU: 0 PID: 2032 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.238042] Modules linked in: [ 213.238319] CPU: 0 PID: 2032 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.239203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.240238] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.240672] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.242217] RSP: 0018:ffff888015fafbb8 EFLAGS: 00010246 [ 213.242696] RAX: 0000000000000000 RBX: ffff888023f780a8 RCX: 0000000000000000 [ 213.243315] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 213.243921] RBP: ffff888015fafbd0 R08: ffffed10047ef033 R09: ffffed10047ef033 [ 213.244525] R10: ffff888023f78193 R11: ffffed10047ef032 R12: ffff888013b22800 [ 213.245137] R13: ffff888023f781e8 R14: ffffffff8352e670 R15: ffff888015fafe68 [ 213.245742] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.246425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.246944] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 213.247569] PKRU: 55555554 [ 213.247812] Call Trace: [ 213.248029] [ 213.248224] __iommufd_access_detach+0x1c2/0x2b0 [ 213.248651] iommufd_access_change_pt+0x149/0x270 [ 213.249078] iommufd_access_replace+0xb4/0x120 [ 213.249477] iommufd_test+0x3e5/0x37e0 [ 213.249820] ? lock_release+0x532/0x770 [ 213.250172] ? __might_fault+0x102/0x1b0 [ 213.250551] ? lock_acquire+0x427/0x4c0 [ 213.250911] ? __pfx_iommufd_test+0x10/0x10 [ 213.251293] ? __pfx_lock_release+0x10/0x10 [ 213.251672] ? __pfx_lock_acquire+0x10/0x10 [ 213.252052] ? write_comp_data+0x2f/0x90 [ 213.252413] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.252836] ? write_comp_data+0x2f/0x90 [ 213.253196] iommufd_fops_ioctl+0x37d/0x510 [ 213.253579] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.253999] ? write_comp_data+0x2f/0x90 [ 213.254359] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.254795] __x64_sys_ioctl+0x1a3/0x230 [ 213.255160] do_syscall_64+0x3b/0x90 [ 213.255492] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.255946] RIP: 0033:0x7f4b8743ee5d [ 213.256262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.257805] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.258450] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.259072] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.259424] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 213.259707] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.261455] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 213.262039] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.263881] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.264505] [ 213.264710] irq event stamp: 0 [ 213.264982] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.265532] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.266243] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.266972] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.267502] ---[ end trace 0000000000000000 ]--- [ 213.270785] ------------[ cut here ]------------ [ 213.271195] WARNING: CPU: 0 PID: 2032 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.272022] Modules linked in: [ 213.272293] CPU: 0 PID: 2032 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.273203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.274192] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.274624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.276135] RSP: 0018:ffff888015fafbd0 EFLAGS: 00010246 [ 213.276577] RAX: 0000000000000000 RBX: ffff888023f780a8 RCX: 0000000000000000 [ 213.277172] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 213.277861] RBP: ffff888015fafbe8 R08: ffffed10047ef033 R09: ffffed10047ef033 [ 213.278443] R10: ffff888023f78193 R11: ffffed10047ef032 R12: ffff888012c04c00 [ 213.279043] R13: ffff888023f781e8 R14: ffff8880123ecb00 R15: 0000000000000000 [ 213.279638] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.280295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.280767] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 213.281356] PKRU: 55555554 [ 213.281589] Call Trace: [ 213.281799] [ 213.281985] iommufd_access_destroy_object+0x65/0x170 [ 213.282412] iommufd_object_destroy_user+0x18e/0x220 [ 213.282857] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.283351] iommufd_access_destroy+0x43/0x70 [ 213.283732] iommufd_test_staccess_release+0x8d/0xd0 [ 213.284159] __fput+0x26d/0xa40 [ 213.284447] ____fput+0x1e/0x30 [ 213.284726] task_work_run+0x1a4/0x2d0 [ 213.285056] ? __pfx_task_work_run+0x10/0x10 [ 213.285425] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.285832] ? switch_task_namespaces+0xa9/0xe0 [ 213.286241] do_exit+0xb17/0x2ef0 [ 213.286550] ? lock_acquire+0x427/0x4c0 [ 213.286887] ? __pfx_lock_release+0x10/0x10 [ 213.287256] ? __kasan_check_write+0x18/0x20 [ 213.287624] ? do_raw_spin_lock+0x132/0x2a0 [ 213.287982] ? __pfx_do_exit+0x10/0x10 [ 213.288321] ? debug_smp_processor_id+0x20/0x30 [ 213.288717] ? rcu_is_watching+0x19/0xb0 [ 213.289067] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.289460] ? trace_hardirqs_on+0x26/0x120 [ 213.289841] do_group_exit+0xe0/0x2b0 [ 213.290173] __x64_sys_exit_group+0x47/0x50 [ 213.290563] do_syscall_64+0x3b/0x90 [ 213.290891] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.291361] RIP: 0033:0x7f4b87518a4d [ 213.291693] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.292221] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.292873] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.293488] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.294096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.294736] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.295354] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.295972] [ 213.296171] irq event stamp: 0 [ 213.296442] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.296977] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.297692] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.298400] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.298964] ---[ end trace 0000000000000000 ]--- [ 213.300105] ------------[ cut here ]------------ [ 213.300609] WARNING: CPU: 0 PID: 2032 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.301478] Modules linked in: [ 213.301764] CPU: 0 PID: 2032 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.302550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.303540] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.303990] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.305555] RSP: 0018:ffff888015fafb78 EFLAGS: 00010246 [ 213.306020] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.306678] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 213.307305] RBP: ffff888015fafb98 R08: ffffed10047ef03e R09: ffffed10047ef03e [ 213.307928] R10: ffff888023f781ef R11: ffffed10047ef03d R12: ffff888023f78290 [ 213.308543] R13: ffff888023f780a8 R14: ffffffffffffffff R15: ffff888015fafc60 [ 213.309159] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 213.309851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.310349] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 213.310982] PKRU: 55555554 [ 213.311249] Call Trace: [ 213.311474] [ 213.311675] iommufd_ioas_destroy+0x53/0x70 [ 213.312060] iommufd_fops_release+0x1f7/0x370 [ 213.312457] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.312898] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.313330] ? write_comp_data+0x2f/0x90 [ 213.313693] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.314132] __fput+0x26d/0xa40 [ 213.314433] ____fput+0x1e/0x30 [ 213.314745] task_work_run+0x1a4/0x2d0 [ 213.315095] ? __pfx_task_work_run+0x10/0x10 [ 213.315497] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.315931] ? switch_task_namespaces+0xa9/0xe0 [ 213.316348] do_exit+0xb17/0x2ef0 [ 213.316653] ? lock_acquire+0x427/0x4c0 [ 213.317015] ? __pfx_lock_release+0x10/0x10 [ 213.317402] ? __kasan_check_write+0x18/0x20 [ 213.317790] ? do_raw_spin_lock+0x132/0x2a0 [ 213.318167] ? __pfx_do_exit+0x10/0x10 [ 213.318530] ? debug_smp_processor_id+0x20/0x30 [ 213.318940] ? rcu_is_watching+0x19/0xb0 [ 213.319304] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.319706] ? trace_hardirqs_on+0x26/0x120 [ 213.320091] do_group_exit+0xe0/0x2b0 [ 213.320423] __x64_sys_exit_group+0x47/0x50 [ 213.320800] do_syscall_64+0x3b/0x90 [ 213.321133] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.321591] RIP: 0033:0x7f4b87518a4d [ 213.321916] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.322447] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.323126] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.323751] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.324369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.324981] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.325595] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.326216] [ 213.326423] irq event stamp: 0 [ 213.326716] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.327275] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.328001] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.328721] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.329263] ---[ end trace 0000000000000000 ]--- [ 213.336888] ------------[ cut here ]------------ [ 213.337529] WARNING: CPU: 1 PID: 2034 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.338946] Modules linked in: [ 213.339366] CPU: 1 PID: 2034 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.340570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.341923] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.342707] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.344625] RSP: 0018:ffff888017b4fbb8 EFLAGS: 00010246 [ 213.345085] RAX: 0000000000000000 RBX: ffff88800f6268a8 RCX: 0000000000000000 [ 213.345692] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 213.346430] RBP: ffff888017b4fbd0 R08: ffffed1001ec4d33 R09: ffffed1001ec4d33 [ 213.347082] R10: ffff88800f626993 R11: ffffed1001ec4d32 R12: ffff888010c0ac00 [ 213.347700] R13: ffff88800f6269e8 R14: ffffffff8352e670 R15: ffff888017b4fe68 [ 213.348385] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.349131] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.349628] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 213.350310] PKRU: 55555554 [ 213.350628] Call Trace: [ 213.350849] [ 213.351043] __iommufd_access_detach+0x1c2/0x2b0 [ 213.351471] iommufd_access_change_pt+0x149/0x270 [ 213.351897] iommufd_access_replace+0xb4/0x120 [ 213.352301] iommufd_test+0x3e5/0x37e0 [ 213.352762] ? lock_release+0x532/0x770 [ 213.353113] ? __might_fault+0x102/0x1b0 [ 213.353467] ? lock_acquire+0x427/0x4c0 [ 213.353821] ? __pfx_iommufd_test+0x10/0x10 [ 213.354207] ? __pfx_lock_release+0x10/0x10 [ 213.354723] ? __pfx_lock_acquire+0x10/0x10 [ 213.355111] ? write_comp_data+0x2f/0x90 [ 213.355485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.355912] ? write_comp_data+0x2f/0x90 [ 213.356275] iommufd_fops_ioctl+0x37d/0x510 [ 213.356713] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.357199] ? write_comp_data+0x2f/0x90 [ 213.357564] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.357981] __x64_sys_ioctl+0x1a3/0x230 [ 213.358345] do_syscall_64+0x3b/0x90 [ 213.358733] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.359255] RIP: 0033:0x7f4b8743ee5d [ 213.359581] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.361219] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.361932] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.362561] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.363210] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.363912] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.364520] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.365174] [ 213.365448] irq event stamp: 0 [ 213.365718] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.366255] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.366998] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.367729] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.368271] ---[ end trace 0000000000000000 ]--- [ 213.371265] ------------[ cut here ]------------ [ 213.371700] WARNING: CPU: 1 PID: 2034 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.372557] Modules linked in: [ 213.372830] CPU: 1 PID: 2034 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.373645] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.374667] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.375082] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.376611] RSP: 0018:ffff888017b4fbd0 EFLAGS: 00010246 [ 213.377055] RAX: 0000000000000000 RBX: ffff88800f6268a8 RCX: 0000000000000000 [ 213.377657] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 213.378248] RBP: ffff888017b4fbe8 R08: ffffed1001ec4d33 R09: ffffed1001ec4d33 [ 213.378857] R10: ffff88800f626993 R11: ffffed1001ec4d32 R12: ffff888010e01800 [ 213.379473] R13: ffff88800f6269e8 R14: ffff888012f91200 R15: 0000000000000000 [ 213.380073] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.380743] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.381222] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.381817] PKRU: 55555554 [ 213.382055] Call Trace: [ 213.382270] [ 213.382461] iommufd_access_destroy_object+0x65/0x170 [ 213.382919] iommufd_object_destroy_user+0x18e/0x220 [ 213.383361] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.383861] iommufd_access_destroy+0x43/0x70 [ 213.384248] iommufd_test_staccess_release+0x8d/0xd0 [ 213.384684] __fput+0x26d/0xa40 [ 213.384975] ____fput+0x1e/0x30 [ 213.385266] task_work_run+0x1a4/0x2d0 [ 213.385604] ? __pfx_task_work_run+0x10/0x10 [ 213.385983] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.386400] ? switch_task_namespaces+0xa9/0xe0 [ 213.386835] do_exit+0xb17/0x2ef0 [ 213.387139] ? lock_acquire+0x427/0x4c0 [ 213.387490] ? __pfx_lock_release+0x10/0x10 [ 213.387871] ? __kasan_check_write+0x18/0x20 [ 213.388251] ? do_raw_spin_lock+0x132/0x2a0 [ 213.388620] ? __pfx_do_exit+0x10/0x10 [ 213.388961] ? debug_smp_processor_id+0x20/0x30 [ 213.389359] ? rcu_is_watching+0x19/0xb0 [ 213.389708] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.390093] ? trace_hardirqs_on+0x26/0x120 [ 213.390465] do_group_exit+0xe0/0x2b0 [ 213.390814] __x64_sys_exit_group+0x47/0x50 [ 213.391203] do_syscall_64+0x3b/0x90 [ 213.391529] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.391981] RIP: 0033:0x7f4b87518a4d [ 213.392406] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.393012] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.393667] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.394320] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.395012] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.395634] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.396235] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.396994] [ 213.397199] irq event stamp: 0 [ 213.397469] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.398011] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.398829] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.399600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.400130] ---[ end trace 0000000000000000 ]--- [ 213.400855] ------------[ cut here ]------------ [ 213.401387] WARNING: CPU: 1 PID: 2034 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.402247] Modules linked in: [ 213.402563] CPU: 1 PID: 2034 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.403431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.404381] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.404816] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.406562] RSP: 0018:ffff888017b4fb78 EFLAGS: 00010246 [ 213.407014] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.407752] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 213.408349] RBP: ffff888017b4fb98 R08: ffffed1001ec4d3e R09: ffffed1001ec4d3e [ 213.408952] R10: ffff88800f6269ef R11: ffffed1001ec4d3d R12: ffff88800f626a90 [ 213.409705] R13: ffff88800f6268a8 R14: ffffffffffffffff R15: ffff888017b4fc60 [ 213.410307] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.411009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.411534] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.412236] PKRU: 55555554 [ 213.412480] Call Trace: [ 213.412699] [ 213.412893] iommufd_ioas_destroy+0x53/0x70 [ 213.413271] iommufd_fops_release+0x1f7/0x370 [ 213.413804] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.414234] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.414702] ? write_comp_data+0x2f/0x90 [ 213.415061] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.415502] __fput+0x26d/0xa40 [ 213.415851] ____fput+0x1e/0x30 [ 213.416189] task_work_run+0x1a4/0x2d0 [ 213.416528] ? __pfx_task_work_run+0x10/0x10 [ 213.416911] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.417328] ? switch_task_namespaces+0xa9/0xe0 [ 213.417752] do_exit+0xb17/0x2ef0 [ 213.418107] ? lock_acquire+0x427/0x4c0 [ 213.418437] ? __pfx_lock_release+0x10/0x10 [ 213.418822] ? __kasan_check_write+0x18/0x20 [ 213.419191] ? do_raw_spin_lock+0x132/0x2a0 [ 213.419545] ? __pfx_do_exit+0x10/0x10 [ 213.419876] ? debug_smp_processor_id+0x20/0x30 [ 213.420359] ? rcu_is_watching+0x19/0xb0 [ 213.420692] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.421063] ? trace_hardirqs_on+0x26/0x120 [ 213.421425] do_group_exit+0xe0/0x2b0 [ 213.421742] __x64_sys_exit_group+0x47/0x50 [ 213.422213] do_syscall_64+0x3b/0x90 [ 213.422551] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.422986] RIP: 0033:0x7f4b87518a4d [ 213.423309] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.423809] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.424549] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.425123] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.425692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.426389] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.426985] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.427586] [ 213.427780] irq event stamp: 0 [ 213.428036] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.428667] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.429340] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.430010] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.430660] ---[ end trace 0000000000000000 ]--- [ 213.435822] ------------[ cut here ]------------ [ 213.436244] WARNING: CPU: 1 PID: 2035 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.437187] Modules linked in: [ 213.437499] CPU: 1 PID: 2035 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.438203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.439252] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.439675] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.441222] RSP: 0018:ffff888020ff7bb8 EFLAGS: 00010246 [ 213.441701] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 213.442268] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 213.442870] RBP: ffff888020ff7bd0 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 213.443575] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff888013d4fc00 [ 213.444153] R13: ffff88801587a9e8 R14: ffffffff8352e670 R15: ffff888020ff7e68 [ 213.444731] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.445495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.445965] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 213.446566] PKRU: 55555554 [ 213.446802] Call Trace: [ 213.447013] [ 213.447211] __iommufd_access_detach+0x1c2/0x2b0 [ 213.447729] iommufd_access_change_pt+0x149/0x270 [ 213.448134] iommufd_access_replace+0xb4/0x120 [ 213.448519] iommufd_test+0x3e5/0x37e0 [ 213.448846] ? lock_release+0x532/0x770 [ 213.449185] ? __might_fault+0x102/0x1b0 [ 213.449639] ? lock_acquire+0x427/0x4c0 [ 213.449975] ? __pfx_iommufd_test+0x10/0x10 [ 213.450326] ? __pfx_lock_release+0x10/0x10 [ 213.450715] ? __pfx_lock_acquire+0x10/0x10 [ 213.451080] ? write_comp_data+0x2f/0x90 [ 213.451445] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.452009] ? write_comp_data+0x2f/0x90 [ 213.452366] iommufd_fops_ioctl+0x37d/0x510 [ 213.452744] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.453166] ? write_comp_data+0x2f/0x90 [ 213.453544] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.454063] __x64_sys_ioctl+0x1a3/0x230 [ 213.454424] do_syscall_64+0x3b/0x90 [ 213.454784] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.455254] RIP: 0033:0x7f4b8743ee5d [ 213.455574] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.457246] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.457896] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.458710] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.459324] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.459932] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.460685] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.461395] [ 213.461595] irq event stamp: 0 [ 213.461867] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.462462] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.463292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.464011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.464553] ---[ end trace 0000000000000000 ]--- [ 213.467600] ------------[ cut here ]------------ [ 213.468041] WARNING: CPU: 1 PID: 2035 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.468916] Modules linked in: [ 213.469253] CPU: 1 PID: 2035 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.470002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.471006] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.471453] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.473002] RSP: 0018:ffff888020ff7bd0 EFLAGS: 00010246 [ 213.473458] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 213.474061] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 213.474687] RBP: ffff888020ff7be8 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 213.475302] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff888010c0b800 [ 213.475910] R13: ffff88801587a9e8 R14: ffff888020908300 R15: 0000000000000000 [ 213.476524] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.477210] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.477704] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.478316] PKRU: 55555554 [ 213.478583] Call Trace: [ 213.478805] [ 213.479002] iommufd_access_destroy_object+0x65/0x170 [ 213.479470] iommufd_object_destroy_user+0x18e/0x220 [ 213.479913] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.480431] iommufd_access_destroy+0x43/0x70 [ 213.480823] iommufd_test_staccess_release+0x8d/0xd0 [ 213.481283] __fput+0x26d/0xa40 [ 213.481583] ____fput+0x1e/0x30 [ 213.481879] task_work_run+0x1a4/0x2d0 [ 213.482226] ? __pfx_task_work_run+0x10/0x10 [ 213.482632] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.483061] ? switch_task_namespaces+0xa9/0xe0 [ 213.483485] do_exit+0xb17/0x2ef0 [ 213.483793] ? lock_acquire+0x427/0x4c0 [ 213.484160] ? __pfx_lock_release+0x10/0x10 [ 213.484549] ? __kasan_check_write+0x18/0x20 [ 213.484935] ? do_raw_spin_lock+0x132/0x2a0 [ 213.485313] ? __pfx_do_exit+0x10/0x10 [ 213.485655] ? debug_smp_processor_id+0x20/0x30 [ 213.486056] ? rcu_is_watching+0x19/0xb0 [ 213.486409] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.486823] ? trace_hardirqs_on+0x26/0x120 [ 213.487212] do_group_exit+0xe0/0x2b0 [ 213.487542] __x64_sys_exit_group+0x47/0x50 [ 213.487911] do_syscall_64+0x3b/0x90 [ 213.488239] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.488691] RIP: 0033:0x7f4b87518a4d [ 213.489008] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.489531] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.490175] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.490799] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.491414] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.492023] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.492622] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.493230] [ 213.493430] irq event stamp: 0 [ 213.493695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.494223] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.494949] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.495663] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.496193] ---[ end trace 0000000000000000 ]--- [ 213.496919] ------------[ cut here ]------------ [ 213.497316] WARNING: CPU: 1 PID: 2035 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.498190] Modules linked in: [ 213.498461] CPU: 1 PID: 2035 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.499235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.500193] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.500633] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.502225] RSP: 0018:ffff888020ff7b78 EFLAGS: 00010246 [ 213.502708] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.503321] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 213.503918] RBP: ffff888020ff7b98 R08: ffffed1002b0f53e R09: ffffed1002b0f53e [ 213.504527] R10: ffff88801587a9ef R11: ffffed1002b0f53d R12: ffff88801587aa90 [ 213.505128] R13: ffff88801587a8a8 R14: ffffffffffffffff R15: ffff888020ff7c60 [ 213.505726] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.506407] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.506922] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.507542] PKRU: 55555554 [ 213.507785] Call Trace: [ 213.508003] [ 213.508195] iommufd_ioas_destroy+0x53/0x70 [ 213.508569] iommufd_fops_release+0x1f7/0x370 [ 213.508954] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.509379] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.509798] ? write_comp_data+0x2f/0x90 [ 213.510150] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.510597] __fput+0x26d/0xa40 [ 213.510891] ____fput+0x1e/0x30 [ 213.511193] task_work_run+0x1a4/0x2d0 [ 213.511539] ? __pfx_task_work_run+0x10/0x10 [ 213.511920] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.512352] ? switch_task_namespaces+0xa9/0xe0 [ 213.513005] do_exit+0xb17/0x2ef0 [ 213.513315] ? lock_acquire+0x427/0x4c0 [ 213.513666] ? __pfx_lock_release+0x10/0x10 [ 213.514046] ? __kasan_check_write+0x18/0x20 [ 213.514430] ? do_raw_spin_lock+0x132/0x2a0 [ 213.514871] ? __pfx_do_exit+0x10/0x10 [ 213.515304] ? debug_smp_processor_id+0x20/0x30 [ 213.515710] ? rcu_is_watching+0x19/0xb0 [ 213.516058] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.516450] ? trace_hardirqs_on+0x26/0x120 [ 213.516828] do_group_exit+0xe0/0x2b0 [ 213.517173] __x64_sys_exit_group+0x47/0x50 [ 213.517687] do_syscall_64+0x3b/0x90 [ 213.518015] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.518465] RIP: 0033:0x7f4b87518a4d [ 213.518813] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.519356] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.520169] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.520776] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.521378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.522137] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.522767] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.523393] [ 213.523597] irq event stamp: 0 [ 213.523890] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.524547] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.525256] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.526042] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.526697] ---[ end trace 0000000000000000 ]--- [ 213.531834] ------------[ cut here ]------------ [ 213.532287] WARNING: CPU: 1 PID: 2036 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.533379] Modules linked in: [ 213.533651] CPU: 1 PID: 2036 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.534391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.535597] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.536028] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.537728] RSP: 0018:ffff888020affbb8 EFLAGS: 00010246 [ 213.538185] RAX: 0000000000000000 RBX: ffff88800a7810a8 RCX: 0000000000000000 [ 213.538809] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 213.539554] RBP: ffff888020affbd0 R08: ffffed10014f0233 R09: ffffed10014f0233 [ 213.540174] R10: ffff88800a781193 R11: ffffed10014f0232 R12: ffff888014581000 [ 213.540774] R13: ffff88800a7811e8 R14: ffffffff8352e670 R15: ffff888020affe68 [ 213.541380] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.542055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.542581] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 213.543205] PKRU: 55555554 [ 213.543450] Call Trace: [ 213.543666] [ 213.543860] __iommufd_access_detach+0x1c2/0x2b0 [ 213.544280] iommufd_access_change_pt+0x149/0x270 [ 213.544702] iommufd_access_replace+0xb4/0x120 [ 213.545099] iommufd_test+0x3e5/0x37e0 [ 213.545429] ? lock_release+0x532/0x770 [ 213.545782] ? __might_fault+0x102/0x1b0 [ 213.546138] ? lock_acquire+0x427/0x4c0 [ 213.546487] ? __pfx_iommufd_test+0x10/0x10 [ 213.546886] ? __pfx_lock_release+0x10/0x10 [ 213.547270] ? __pfx_lock_acquire+0x10/0x10 [ 213.547651] ? write_comp_data+0x2f/0x90 [ 213.548010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.548431] ? write_comp_data+0x2f/0x90 [ 213.548785] iommufd_fops_ioctl+0x37d/0x510 [ 213.549162] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.549582] ? write_comp_data+0x2f/0x90 [ 213.549935] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.550343] __x64_sys_ioctl+0x1a3/0x230 [ 213.550737] do_syscall_64+0x3b/0x90 [ 213.551066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.551532] RIP: 0033:0x7f4b8743ee5d [ 213.551850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.553389] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.554030] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.554660] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.555286] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.555893] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.556499] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.557110] [ 213.557311] irq event stamp: 0 [ 213.557581] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.558115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.558853] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.559559] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.560071] ---[ end trace 0000000000000000 ]--- [ 213.562967] ------------[ cut here ]------------ [ 213.563385] WARNING: CPU: 1 PID: 2036 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.564204] Modules linked in: [ 213.564464] CPU: 1 PID: 2036 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.565226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.566125] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.566552] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.568032] RSP: 0018:ffff888020affbd0 EFLAGS: 00010246 [ 213.568462] RAX: 0000000000000000 RBX: ffff88800a7810a8 RCX: 0000000000000000 [ 213.569037] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 213.569605] RBP: ffff888020affbe8 R08: ffffed10014f0233 R09: ffffed10014f0233 [ 213.570176] R10: ffff88800a781193 R11: ffffed10014f0232 R12: ffff888013d4d400 [ 213.570779] R13: ffff88800a7811e8 R14: ffff888020814c00 R15: 0000000000000000 [ 213.571369] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.572017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.572489] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.573065] PKRU: 55555554 [ 213.573297] Call Trace: [ 213.573504] [ 213.573690] iommufd_access_destroy_object+0x65/0x170 [ 213.574116] iommufd_object_destroy_user+0x18e/0x220 [ 213.574558] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.575034] iommufd_access_destroy+0x43/0x70 [ 213.575420] iommufd_test_staccess_release+0x8d/0xd0 [ 213.575843] __fput+0x26d/0xa40 [ 213.576126] ____fput+0x1e/0x30 [ 213.576402] task_work_run+0x1a4/0x2d0 [ 213.576730] ? __pfx_task_work_run+0x10/0x10 [ 213.577092] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.577492] ? switch_task_namespaces+0xa9/0xe0 [ 213.577887] do_exit+0xb17/0x2ef0 [ 213.578170] ? lock_acquire+0x427/0x4c0 [ 213.578528] ? __pfx_lock_release+0x10/0x10 [ 213.578886] ? __kasan_check_write+0x18/0x20 [ 213.579270] ? do_raw_spin_lock+0x132/0x2a0 [ 213.579641] ? __pfx_do_exit+0x10/0x10 [ 213.579984] ? debug_smp_processor_id+0x20/0x30 [ 213.580389] ? rcu_is_watching+0x19/0xb0 [ 213.580734] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.581127] ? trace_hardirqs_on+0x26/0x120 [ 213.581513] do_group_exit+0xe0/0x2b0 [ 213.581840] __x64_sys_exit_group+0x47/0x50 [ 213.582210] do_syscall_64+0x3b/0x90 [ 213.582559] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.583010] RIP: 0033:0x7f4b87518a4d [ 213.583340] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.583860] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.584526] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.585126] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.585729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.586325] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.586942] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.587556] [ 213.587757] irq event stamp: 0 [ 213.588024] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.588554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.589253] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.589975] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.590526] ---[ end trace 0000000000000000 ]--- [ 213.591272] ------------[ cut here ]------------ [ 213.591674] WARNING: CPU: 1 PID: 2036 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.592531] Modules linked in: [ 213.592806] CPU: 1 PID: 2036 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.593558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.594500] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.594965] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.596501] RSP: 0018:ffff888020affb78 EFLAGS: 00010246 [ 213.597007] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.597603] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 213.598197] RBP: ffff888020affb98 R08: ffffed10014f023e R09: ffffed10014f023e [ 213.598818] R10: ffff88800a7811ef R11: ffffed10014f023d R12: ffff88800a781290 [ 213.599433] R13: ffff88800a7810a8 R14: ffffffffffffffff R15: ffff888020affc60 [ 213.600029] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.600699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.601184] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.601782] PKRU: 55555554 [ 213.602022] Call Trace: [ 213.602239] [ 213.602434] iommufd_ioas_destroy+0x53/0x70 [ 213.602829] iommufd_fops_release+0x1f7/0x370 [ 213.603225] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.603651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.604067] ? write_comp_data+0x2f/0x90 [ 213.604419] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.604844] __fput+0x26d/0xa40 [ 213.605139] ____fput+0x1e/0x30 [ 213.605427] task_work_run+0x1a4/0x2d0 [ 213.605764] ? __pfx_task_work_run+0x10/0x10 [ 213.606141] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.606579] ? switch_task_namespaces+0xa9/0xe0 [ 213.606988] do_exit+0xb17/0x2ef0 [ 213.607300] ? lock_acquire+0x427/0x4c0 [ 213.607648] ? __pfx_lock_release+0x10/0x10 [ 213.608018] ? __kasan_check_write+0x18/0x20 [ 213.608398] ? do_raw_spin_lock+0x132/0x2a0 [ 213.608773] ? __pfx_do_exit+0x10/0x10 [ 213.609111] ? debug_smp_processor_id+0x20/0x30 [ 213.609509] ? rcu_is_watching+0x19/0xb0 [ 213.609854] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.610244] ? trace_hardirqs_on+0x26/0x120 [ 213.610638] do_group_exit+0xe0/0x2b0 [ 213.610966] __x64_sys_exit_group+0x47/0x50 [ 213.611339] do_syscall_64+0x3b/0x90 [ 213.611668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.612110] RIP: 0033:0x7f4b87518a4d [ 213.612426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.612947] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.613592] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.614195] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.614820] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.615450] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.616053] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.616660] [ 213.616863] irq event stamp: 0 [ 213.617130] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.617660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.618366] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.619089] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.619630] ---[ end trace 0000000000000000 ]--- [ 213.624472] ------------[ cut here ]------------ [ 213.624912] WARNING: CPU: 1 PID: 2037 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.625758] Modules linked in: [ 213.626027] CPU: 1 PID: 2037 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.626959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.627894] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.628305] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.629877] RSP: 0018:ffff888015ad7bb8 EFLAGS: 00010246 [ 213.630313] RAX: 0000000000000000 RBX: ffff88801855f8a8 RCX: 0000000000000000 [ 213.630920] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 213.631518] RBP: ffff888015ad7bd0 R08: ffffed10030abf33 R09: ffffed10030abf33 [ 213.632104] R10: ffff88801855f993 R11: ffffed10030abf32 R12: ffff88801341d400 [ 213.632688] R13: ffff88801855f9e8 R14: ffffffff8352e670 R15: ffff888015ad7e68 [ 213.633273] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.633933] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.634411] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ee0 [ 213.635017] PKRU: 55555554 [ 213.635258] Call Trace: [ 213.635470] [ 213.635660] __iommufd_access_detach+0x1c2/0x2b0 [ 213.636071] iommufd_access_change_pt+0x149/0x270 [ 213.636483] iommufd_access_replace+0xb4/0x120 [ 213.636875] iommufd_test+0x3e5/0x37e0 [ 213.637198] ? lock_release+0x532/0x770 [ 213.637538] ? __might_fault+0x102/0x1b0 [ 213.637885] ? lock_acquire+0x427/0x4c0 [ 213.638225] ? __pfx_iommufd_test+0x10/0x10 [ 213.638598] ? __pfx_lock_release+0x10/0x10 [ 213.638966] ? __pfx_lock_acquire+0x10/0x10 [ 213.639342] ? write_comp_data+0x2f/0x90 [ 213.639691] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.640100] ? write_comp_data+0x2f/0x90 [ 213.640444] iommufd_fops_ioctl+0x37d/0x510 [ 213.640808] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.641217] ? write_comp_data+0x2f/0x90 [ 213.641567] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.641972] __x64_sys_ioctl+0x1a3/0x230 [ 213.642323] do_syscall_64+0x3b/0x90 [ 213.642671] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.643105] RIP: 0033:0x7f4b8743ee5d [ 213.643434] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.644939] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.645566] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.646151] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.646759] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.647354] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.647944] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.648541] [ 213.648736] irq event stamp: 0 [ 213.649001] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.649525] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.650217] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.650928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.651469] ---[ end trace 0000000000000000 ]--- [ 213.654208] ------------[ cut here ]------------ [ 213.654657] WARNING: CPU: 1 PID: 2037 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.655518] Modules linked in: [ 213.655787] CPU: 1 PID: 2037 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.656507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.657442] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.657857] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.659392] RSP: 0018:ffff888015ad7bd0 EFLAGS: 00010246 [ 213.659834] RAX: 0000000000000000 RBX: ffff88801855f8a8 RCX: 0000000000000000 [ 213.660420] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 213.661081] RBP: ffff888015ad7be8 R08: ffffed10030abf33 R09: ffffed10030abf33 [ 213.661676] R10: ffff88801855f993 R11: ffffed10030abf32 R12: ffff888014583400 [ 213.662263] R13: ffff88801855f9e8 R14: ffff8880218cfa00 R15: 0000000000000000 [ 213.662876] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.663550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.664027] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.664616] PKRU: 55555554 [ 213.664850] Call Trace: [ 213.665067] [ 213.665255] iommufd_access_destroy_object+0x65/0x170 [ 213.665689] iommufd_object_destroy_user+0x18e/0x220 [ 213.666113] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.666623] iommufd_access_destroy+0x43/0x70 [ 213.667008] iommufd_test_staccess_release+0x8d/0xd0 [ 213.667444] __fput+0x26d/0xa40 [ 213.667736] ____fput+0x1e/0x30 [ 213.668021] task_work_run+0x1a4/0x2d0 [ 213.668354] ? __pfx_task_work_run+0x10/0x10 [ 213.668724] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.669137] ? switch_task_namespaces+0xa9/0xe0 [ 213.669537] do_exit+0xb17/0x2ef0 [ 213.669833] ? lock_acquire+0x427/0x4c0 [ 213.670175] ? __pfx_lock_release+0x10/0x10 [ 213.670568] ? __kasan_check_write+0x18/0x20 [ 213.670947] ? do_raw_spin_lock+0x132/0x2a0 [ 213.671315] ? __pfx_do_exit+0x10/0x10 [ 213.671649] ? debug_smp_processor_id+0x20/0x30 [ 213.672039] ? rcu_is_watching+0x19/0xb0 [ 213.672382] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.672763] ? trace_hardirqs_on+0x26/0x120 [ 213.673131] do_group_exit+0xe0/0x2b0 [ 213.673449] __x64_sys_exit_group+0x47/0x50 [ 213.673810] do_syscall_64+0x3b/0x90 [ 213.674129] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.674591] RIP: 0033:0x7f4b87518a4d [ 213.674908] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.675431] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.676058] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.676648] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.677239] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.677830] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.678419] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.679047] [ 213.679268] irq event stamp: 0 [ 213.679531] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.680054] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.680746] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.681432] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.681944] ---[ end trace 0000000000000000 ]--- [ 213.682706] ------------[ cut here ]------------ [ 213.683098] WARNING: CPU: 1 PID: 2037 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.683951] Modules linked in: [ 213.684221] CPU: 1 PID: 2037 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.684939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.685863] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.686292] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.687857] RSP: 0018:ffff888015ad7b78 EFLAGS: 00010246 [ 213.688306] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.688895] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 213.689480] RBP: ffff888015ad7b98 R08: ffffed10030abf3e R09: ffffed10030abf3e [ 213.690069] R10: ffff88801855f9ef R11: ffffed10030abf3d R12: ffff88801855fa90 [ 213.690686] R13: ffff88801855f8a8 R14: ffffffffffffffff R15: ffff888015ad7c60 [ 213.691291] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.691957] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.692437] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.693083] PKRU: 55555554 [ 213.693321] Call Trace: [ 213.693536] [ 213.693725] iommufd_ioas_destroy+0x53/0x70 [ 213.694094] iommufd_fops_release+0x1f7/0x370 [ 213.694481] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.694934] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.695368] ? write_comp_data+0x2f/0x90 [ 213.695726] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.696149] __fput+0x26d/0xa40 [ 213.696440] ____fput+0x1e/0x30 [ 213.696726] task_work_run+0x1a4/0x2d0 [ 213.697061] ? __pfx_task_work_run+0x10/0x10 [ 213.697434] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.697849] ? switch_task_namespaces+0xa9/0xe0 [ 213.698248] do_exit+0xb17/0x2ef0 [ 213.698590] ? lock_acquire+0x427/0x4c0 [ 213.698944] ? __pfx_lock_release+0x10/0x10 [ 213.699340] ? __kasan_check_write+0x18/0x20 [ 213.699718] ? do_raw_spin_lock+0x132/0x2a0 [ 213.700080] ? __pfx_do_exit+0x10/0x10 [ 213.700423] ? debug_smp_processor_id+0x20/0x30 [ 213.700823] ? rcu_is_watching+0x19/0xb0 [ 213.701169] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.701554] ? trace_hardirqs_on+0x26/0x120 [ 213.701922] do_group_exit+0xe0/0x2b0 [ 213.702248] __x64_sys_exit_group+0x47/0x50 [ 213.702660] do_syscall_64+0x3b/0x90 [ 213.702987] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.703502] RIP: 0033:0x7f4b87518a4d [ 213.703815] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.704324] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.704956] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.705547] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.706137] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.706756] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.707368] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.707968] [ 213.708165] irq event stamp: 0 [ 213.708428] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.708956] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.709651] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.710343] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.710901] ---[ end trace 0000000000000000 ]--- [ 213.715254] ------------[ cut here ]------------ [ 213.715706] WARNING: CPU: 1 PID: 2038 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.716545] Modules linked in: [ 213.716812] CPU: 1 PID: 2038 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.717537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.718466] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.719098] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.720627] RSP: 0018:ffff8880137c7bb8 EFLAGS: 00010246 [ 213.721074] RAX: 0000000000000000 RBX: ffff88801865d8a8 RCX: 0000000000000000 [ 213.721665] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 213.722254] RBP: ffff8880137c7bd0 R08: ffffed10030cbb33 R09: ffffed10030cbb33 [ 213.722875] R10: ffff88801865d993 R11: ffffed10030cbb32 R12: ffff888018708c00 [ 213.723477] R13: ffff88801865d9e8 R14: ffffffff8352e670 R15: ffff8880137c7e68 [ 213.724072] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.724738] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.725288] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 213.725880] PKRU: 55555554 [ 213.726124] Call Trace: [ 213.726343] [ 213.726572] __iommufd_access_detach+0x1c2/0x2b0 [ 213.726995] iommufd_access_change_pt+0x149/0x270 [ 213.727425] iommufd_access_replace+0xb4/0x120 [ 213.727818] iommufd_test+0x3e5/0x37e0 [ 213.728140] ? lock_release+0x532/0x770 [ 213.728486] ? __might_fault+0x102/0x1b0 [ 213.728837] ? lock_acquire+0x427/0x4c0 [ 213.729179] ? __pfx_iommufd_test+0x10/0x10 [ 213.729540] ? __pfx_lock_release+0x10/0x10 [ 213.729907] ? __pfx_lock_acquire+0x10/0x10 [ 213.730279] ? write_comp_data+0x2f/0x90 [ 213.730681] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.731099] ? write_comp_data+0x2f/0x90 [ 213.731454] iommufd_fops_ioctl+0x37d/0x510 [ 213.731819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.732237] ? write_comp_data+0x2f/0x90 [ 213.732589] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.733002] __x64_sys_ioctl+0x1a3/0x230 [ 213.733362] do_syscall_64+0x3b/0x90 [ 213.733687] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.734139] RIP: 0033:0x7f4b8743ee5d [ 213.734457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.735989] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.736588] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.737142] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.737691] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.738241] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.738816] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.739395] [ 213.739584] irq event stamp: 0 [ 213.739839] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.740318] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.740962] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.741612] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.742111] ---[ end trace 0000000000000000 ]--- [ 213.744918] ------------[ cut here ]------------ [ 213.745337] WARNING: CPU: 1 PID: 2038 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.746156] Modules linked in: [ 213.746425] CPU: 1 PID: 2038 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.747210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.748126] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.748539] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.750015] RSP: 0018:ffff8880137c7bd0 EFLAGS: 00010246 [ 213.750453] RAX: 0000000000000000 RBX: ffff88801865d8a8 RCX: 0000000000000000 [ 213.751061] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 213.751664] RBP: ffff8880137c7be8 R08: ffffed10030cbb33 R09: ffffed10030cbb33 [ 213.752237] R10: ffff88801865d993 R11: ffffed10030cbb32 R12: ffff88801341e400 [ 213.752809] R13: ffff88801865d9e8 R14: ffff888013dea200 R15: 0000000000000000 [ 213.753385] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.754037] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.754539] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.755127] PKRU: 55555554 [ 213.755365] Call Trace: [ 213.755576] [ 213.755762] iommufd_access_destroy_object+0x65/0x170 [ 213.756189] iommufd_object_destroy_user+0x18e/0x220 [ 213.756615] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.757151] iommufd_access_destroy+0x43/0x70 [ 213.757540] iommufd_test_staccess_release+0x8d/0xd0 [ 213.757985] __fput+0x26d/0xa40 [ 213.758283] ____fput+0x1e/0x30 [ 213.758613] task_work_run+0x1a4/0x2d0 [ 213.758961] ? __pfx_task_work_run+0x10/0x10 [ 213.759350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.759783] ? switch_task_namespaces+0xa9/0xe0 [ 213.760199] do_exit+0xb17/0x2ef0 [ 213.760500] ? lock_acquire+0x427/0x4c0 [ 213.760858] ? __pfx_lock_release+0x10/0x10 [ 213.761245] ? __kasan_check_write+0x18/0x20 [ 213.761639] ? do_raw_spin_lock+0x132/0x2a0 [ 213.762023] ? __pfx_do_exit+0x10/0x10 [ 213.762375] ? debug_smp_processor_id+0x20/0x30 [ 213.762823] ? rcu_is_watching+0x19/0xb0 [ 213.763199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.763605] ? trace_hardirqs_on+0x26/0x120 [ 213.763988] do_group_exit+0xe0/0x2b0 [ 213.764324] __x64_sys_exit_group+0x47/0x50 [ 213.764701] do_syscall_64+0x3b/0x90 [ 213.765040] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.765501] RIP: 0033:0x7f4b87518a4d [ 213.765828] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.766376] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.767076] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.767710] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.768335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.768957] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.769581] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.770327] [ 213.770708] irq event stamp: 0 [ 213.770988] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.771551] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.772283] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.773009] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.773609] ---[ end trace 0000000000000000 ]--- [ 213.774596] ------------[ cut here ]------------ [ 213.775039] WARNING: CPU: 1 PID: 2038 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.776014] Modules linked in: [ 213.776314] CPU: 1 PID: 2038 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.777125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.778256] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.779025] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.780710] RSP: 0018:ffff8880137c7b78 EFLAGS: 00010246 [ 213.781206] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.781861] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 213.782677] RBP: ffff8880137c7b98 R08: ffffed10030cbb3e R09: ffffed10030cbb3e [ 213.783544] R10: ffff88801865d9ef R11: ffffed10030cbb3d R12: ffff88801865da90 [ 213.784226] R13: ffff88801865d8a8 R14: ffffffffffffffff R15: ffff8880137c7c60 [ 213.784903] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.785667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.786217] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.786991] PKRU: 55555554 [ 213.787431] Call Trace: [ 213.787745] [ 213.787968] iommufd_ioas_destroy+0x53/0x70 [ 213.788384] iommufd_fops_release+0x1f7/0x370 [ 213.788811] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.789336] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.789800] ? write_comp_data+0x2f/0x90 [ 213.790187] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.790711] __fput+0x26d/0xa40 [ 213.791069] ____fput+0x1e/0x30 [ 213.791451] task_work_run+0x1a4/0x2d0 [ 213.791870] ? __pfx_task_work_run+0x10/0x10 [ 213.792478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.793283] ? switch_task_namespaces+0xa9/0xe0 [ 213.793791] do_exit+0xb17/0x2ef0 [ 213.794152] ? lock_acquire+0x427/0x4c0 [ 213.794628] ? __pfx_lock_release+0x10/0x10 [ 213.795127] ? __kasan_check_write+0x18/0x20 [ 213.795606] ? do_raw_spin_lock+0x132/0x2a0 [ 213.796063] ? __pfx_do_exit+0x10/0x10 [ 213.796490] ? debug_smp_processor_id+0x20/0x30 [ 213.797122] ? rcu_is_watching+0x19/0xb0 [ 213.797712] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.798195] ? trace_hardirqs_on+0x26/0x120 [ 213.798700] do_group_exit+0xe0/0x2b0 [ 213.799107] __x64_sys_exit_group+0x47/0x50 [ 213.799578] do_syscall_64+0x3b/0x90 [ 213.800096] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.800789] RIP: 0033:0x7f4b87518a4d [ 213.801190] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.801829] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.802967] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.803727] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.804469] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.805332] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.806226] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.806997] [ 213.807273] irq event stamp: 0 [ 213.807608] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.808514] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.809384] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.810259] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.811249] ---[ end trace 0000000000000000 ]--- [ 213.815617] ------------[ cut here ]------------ [ 213.816185] WARNING: CPU: 1 PID: 2039 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.817238] Modules linked in: [ 213.817656] CPU: 1 PID: 2039 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.818746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.819936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.820552] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.822672] RSP: 0018:ffff888015ad7bb8 EFLAGS: 00010246 [ 213.823523] RAX: 0000000000000000 RBX: ffff88801059a8a8 RCX: 0000000000000000 [ 213.824268] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 213.824998] RBP: ffff888015ad7bd0 R08: ffffed10020b3533 R09: ffffed10020b3533 [ 213.825854] R10: ffff88801059a993 R11: ffffed10020b3532 R12: ffff88800f13d000 [ 213.826783] R13: ffff88801059a9e8 R14: ffffffff8352e670 R15: ffff888015ad7e68 [ 213.827552] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.828427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.829196] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 213.829949] PKRU: 55555554 [ 213.830253] Call Trace: [ 213.830570] [ 213.830814] __iommufd_access_detach+0x1c2/0x2b0 [ 213.831591] iommufd_access_change_pt+0x149/0x270 [ 213.832116] iommufd_access_replace+0xb4/0x120 [ 213.832611] iommufd_test+0x3e5/0x37e0 [ 213.833023] ? lock_release+0x532/0x770 [ 213.833485] ? __might_fault+0x102/0x1b0 [ 213.834075] ? lock_acquire+0x427/0x4c0 [ 213.834545] ? __pfx_iommufd_test+0x10/0x10 [ 213.835010] ? __pfx_lock_release+0x10/0x10 [ 213.835488] ? __pfx_lock_acquire+0x10/0x10 [ 213.835956] ? write_comp_data+0x2f/0x90 [ 213.836521] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.837161] ? write_comp_data+0x2f/0x90 [ 213.837606] iommufd_fops_ioctl+0x37d/0x510 [ 213.838072] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.838633] ? write_comp_data+0x2f/0x90 [ 213.839301] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.839818] __x64_sys_ioctl+0x1a3/0x230 [ 213.840264] do_syscall_64+0x3b/0x90 [ 213.840682] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.841243] RIP: 0033:0x7f4b8743ee5d [ 213.841772] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.843882] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.844871] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.845624] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.846377] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.847393] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.848152] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.848923] [ 213.849177] irq event stamp: 0 [ 213.849542] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.850395] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.851317] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.852227] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.853124] ---[ end trace 0000000000000000 ]--- [ 213.856596] ------------[ cut here ]------------ [ 213.857184] WARNING: CPU: 1 PID: 2039 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.858354] Modules linked in: [ 213.858775] CPU: 1 PID: 2039 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.859692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.861098] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.861621] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.863795] RSP: 0018:ffff888015ad7bd0 EFLAGS: 00010246 [ 213.864361] RAX: 0000000000000000 RBX: ffff88801059a8a8 RCX: 0000000000000000 [ 213.865141] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 213.866074] RBP: ffff888015ad7be8 R08: ffffed10020b3533 R09: ffffed10020b3533 [ 213.866852] R10: ffff88801059a993 R11: ffffed10020b3532 R12: ffff88801870a400 [ 213.867615] R13: ffff88801059a9e8 R14: ffff8880149bdf00 R15: 0000000000000000 [ 213.868599] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.869447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.870064] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 213.871086] PKRU: 55555554 [ 213.871427] Call Trace: [ 213.871700] [ 213.871939] iommufd_access_destroy_object+0x65/0x170 [ 213.872489] iommufd_object_destroy_user+0x18e/0x220 [ 213.873059] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.873843] iommufd_access_destroy+0x43/0x70 [ 213.874338] iommufd_test_staccess_release+0x8d/0xd0 [ 213.874916] __fput+0x26d/0xa40 [ 213.875297] ____fput+0x1e/0x30 [ 213.875663] task_work_run+0x1a4/0x2d0 [ 213.876199] ? __pfx_task_work_run+0x10/0x10 [ 213.876781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.877306] ? switch_task_namespaces+0xa9/0xe0 [ 213.877809] do_exit+0xb17/0x2ef0 [ 213.878199] ? lock_acquire+0x427/0x4c0 [ 213.878831] ? __pfx_lock_release+0x10/0x10 [ 213.879321] ? __kasan_check_write+0x18/0x20 [ 213.879798] ? do_raw_spin_lock+0x132/0x2a0 [ 213.880256] ? __pfx_do_exit+0x10/0x10 [ 213.880685] ? debug_smp_processor_id+0x20/0x30 [ 213.881304] ? rcu_is_watching+0x19/0xb0 [ 213.881850] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.882341] ? trace_hardirqs_on+0x26/0x120 [ 213.882841] do_group_exit+0xe0/0x2b0 [ 213.883280] __x64_sys_exit_group+0x47/0x50 [ 213.883743] do_syscall_64+0x3b/0x90 [ 213.884291] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.884905] RIP: 0033:0x7f4b87518a4d [ 213.885386] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.886028] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.887090] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.887870] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.888613] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.889506] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.890363] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.891158] [ 213.891421] irq event stamp: 0 [ 213.891765] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.892652] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.893520] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.894455] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.895309] ---[ end trace 0000000000000000 ]--- [ 213.896505] ------------[ cut here ]------------ [ 213.897017] WARNING: CPU: 1 PID: 2039 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 213.898329] Modules linked in: [ 213.898715] CPU: 1 PID: 2039 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.899648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.901062] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 213.901610] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 213.903788] RSP: 0018:ffff888015ad7b78 EFLAGS: 00010246 [ 213.904370] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 213.905120] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 213.906111] RBP: ffff888015ad7b98 R08: ffffed10020b353e R09: ffffed10020b353e [ 213.906898] R10: ffff88801059a9ef R11: ffffed10020b353d R12: ffff88801059aa90 [ 213.907665] R13: ffff88801059a8a8 R14: ffffffffffffffff R15: ffff888015ad7c60 [ 213.908535] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.909491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.910102] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 213.911098] PKRU: 55555554 [ 213.911416] Call Trace: [ 213.911689] [ 213.911933] iommufd_ioas_destroy+0x53/0x70 [ 213.912405] iommufd_fops_release+0x1f7/0x370 [ 213.912881] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.913499] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.914120] ? write_comp_data+0x2f/0x90 [ 213.914602] ? __pfx_iommufd_fops_release+0x10/0x10 [ 213.915159] __fput+0x26d/0xa40 [ 213.915523] ____fput+0x1e/0x30 [ 213.915885] task_work_run+0x1a4/0x2d0 [ 213.916427] ? __pfx_task_work_run+0x10/0x10 [ 213.917073] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.917599] ? switch_task_namespaces+0xa9/0xe0 [ 213.918119] do_exit+0xb17/0x2ef0 [ 213.918496] ? lock_acquire+0x427/0x4c0 [ 213.918970] ? __pfx_lock_release+0x10/0x10 [ 213.919531] ? __kasan_check_write+0x18/0x20 [ 213.920106] ? do_raw_spin_lock+0x132/0x2a0 [ 213.920564] ? __pfx_do_exit+0x10/0x10 [ 213.920995] ? debug_smp_processor_id+0x20/0x30 [ 213.921491] ? rcu_is_watching+0x19/0xb0 [ 213.922041] ? _raw_spin_unlock_irq+0x2b/0x60 [ 213.922657] ? trace_hardirqs_on+0x26/0x120 [ 213.923127] do_group_exit+0xe0/0x2b0 [ 213.923542] __x64_sys_exit_group+0x47/0x50 [ 213.923997] do_syscall_64+0x3b/0x90 [ 213.924407] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.925152] RIP: 0033:0x7f4b87518a4d [ 213.925552] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 213.926200] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 213.927051] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 213.927947] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 213.928701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 213.929439] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 213.930368] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 213.931168] [ 213.931421] irq event stamp: 0 [ 213.931751] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.932411] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.933544] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.934423] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.935177] ---[ end trace 0000000000000000 ]--- [ 213.940565] ------------[ cut here ]------------ [ 213.941125] WARNING: CPU: 1 PID: 2040 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.942258] Modules linked in: [ 213.942765] CPU: 1 PID: 2040 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.943681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.944908] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.945585] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.947783] RSP: 0018:ffff8880137c7bb8 EFLAGS: 00010246 [ 213.948353] RAX: 0000000000000000 RBX: ffff888020f940a8 RCX: 0000000000000000 [ 213.949181] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 213.949988] RBP: ffff8880137c7bd0 R08: ffffed10041f2833 R09: ffffed10041f2833 [ 213.950935] R10: ffff888020f94193 R11: ffffed10041f2832 R12: ffff88800fcb3400 [ 213.951692] R13: ffff888020f941e8 R14: ffffffff8352e670 R15: ffff8880137c7e68 [ 213.952439] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.953521] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.954121] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 213.954933] PKRU: 55555554 [ 213.955448] Call Trace: [ 213.955733] [ 213.955972] __iommufd_access_detach+0x1c2/0x2b0 [ 213.956484] iommufd_access_change_pt+0x149/0x270 [ 213.956989] iommufd_access_replace+0xb4/0x120 [ 213.957470] iommufd_test+0x3e5/0x37e0 [ 213.958097] ? lock_release+0x532/0x770 [ 213.958550] ? __might_fault+0x102/0x1b0 [ 213.958979] ? lock_acquire+0x427/0x4c0 [ 213.959420] ? __pfx_iommufd_test+0x10/0x10 [ 213.959871] ? __pfx_lock_release+0x10/0x10 [ 213.960331] ? __pfx_lock_acquire+0x10/0x10 [ 213.961021] ? write_comp_data+0x2f/0x90 [ 213.961463] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.961979] ? write_comp_data+0x2f/0x90 [ 213.962419] iommufd_fops_ioctl+0x37d/0x510 [ 213.962903] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.963655] ? write_comp_data+0x2f/0x90 [ 213.964089] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 213.964586] __x64_sys_ioctl+0x1a3/0x230 [ 213.965020] do_syscall_64+0x3b/0x90 [ 213.965416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 213.966077] RIP: 0033:0x7f4b8743ee5d [ 213.966602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 213.968457] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 213.969480] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 213.970216] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 213.970987] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 213.971737] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 213.972478] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 213.973222] [ 213.973469] irq event stamp: 0 [ 213.973795] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 213.974445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 213.975346] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 213.976206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 213.976864] ---[ end trace 0000000000000000 ]--- [ 213.980191] ------------[ cut here ]------------ [ 213.980723] WARNING: CPU: 1 PID: 2040 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 213.981848] Modules linked in: [ 213.982184] CPU: 1 PID: 2040 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 213.983225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 213.984390] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 213.984902] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 213.986873] RSP: 0018:ffff8880137c7bd0 EFLAGS: 00010246 [ 213.987436] RAX: 0000000000000000 RBX: ffff888020f940a8 RCX: 0000000000000000 [ 213.988166] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 213.988900] RBP: ffff8880137c7be8 R08: ffffed10041f2833 R09: ffffed10041f2833 [ 213.989636] R10: ffff888020f94193 R11: ffffed10041f2832 R12: ffff88800f13c400 [ 213.990371] R13: ffff888020f941e8 R14: ffff88800fd5f800 R15: 0000000000000000 [ 213.991154] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 213.991979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 213.992578] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 213.993304] PKRU: 55555554 [ 213.993597] Call Trace: [ 213.993864] [ 213.994095] iommufd_access_destroy_object+0x65/0x170 [ 213.994651] iommufd_object_destroy_user+0x18e/0x220 [ 213.995198] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 213.995804] iommufd_access_destroy+0x43/0x70 [ 213.996273] iommufd_test_staccess_release+0x8d/0xd0 [ 213.996794] __fput+0x26d/0xa40 [ 213.997142] ____fput+0x1e/0x30 [ 213.997482] task_work_run+0x1a4/0x2d0 [ 213.997884] ? __pfx_task_work_run+0x10/0x10 [ 213.998340] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 213.998871] ? switch_task_namespaces+0xa9/0xe0 [ 213.999394] do_exit+0xb17/0x2ef0 [ 213.999742] ? lock_acquire+0x427/0x4c0 [ 214.000158] ? __pfx_lock_release+0x10/0x10 [ 214.000619] ? __kasan_check_write+0x18/0x20 [ 214.001073] ? do_raw_spin_lock+0x132/0x2a0 [ 214.001517] ? __pfx_do_exit+0x10/0x10 [ 214.001926] ? debug_smp_processor_id+0x20/0x30 [ 214.002404] ? rcu_is_watching+0x19/0xb0 [ 214.002849] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.003331] ? trace_hardirqs_on+0x26/0x120 [ 214.003787] do_group_exit+0xe0/0x2b0 [ 214.004180] __x64_sys_exit_group+0x47/0x50 [ 214.004586] do_syscall_64+0x3b/0x90 [ 214.004951] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.005451] RIP: 0033:0x7f4b87518a4d [ 214.005802] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.006380] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.007113] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.007792] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.008459] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.009125] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.009800] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.010478] [ 214.010723] irq event stamp: 0 [ 214.011023] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.011622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.012414] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.013282] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.013880] ---[ end trace 0000000000000000 ]--- [ 214.014891] ------------[ cut here ]------------ [ 214.015357] WARNING: CPU: 1 PID: 2040 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.016313] Modules linked in: [ 214.016623] CPU: 1 PID: 2040 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.017442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.018483] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.018993] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.020652] RSP: 0018:ffff8880137c7b78 EFLAGS: 00010246 [ 214.021135] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.021773] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 214.022415] RBP: ffff8880137c7b98 R08: ffffed10041f283e R09: ffffed10041f283e [ 214.023097] R10: ffff888020f941ef R11: ffffed10041f283d R12: ffff888020f94290 [ 214.023762] R13: ffff888020f940a8 R14: ffffffffffffffff R15: ffff8880137c7c60 [ 214.024395] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 214.025079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.025571] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 214.026173] PKRU: 55555554 [ 214.026413] Call Trace: [ 214.026651] [ 214.026846] iommufd_ioas_destroy+0x53/0x70 [ 214.027237] iommufd_fops_release+0x1f7/0x370 [ 214.027645] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.028196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.028733] ? write_comp_data+0x2f/0x90 [ 214.029097] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.029533] __fput+0x26d/0xa40 [ 214.029838] ____fput+0x1e/0x30 [ 214.030169] task_work_run+0x1a4/0x2d0 [ 214.030637] ? __pfx_task_work_run+0x10/0x10 [ 214.031023] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.031472] ? switch_task_namespaces+0xa9/0xe0 [ 214.031887] do_exit+0xb17/0x2ef0 [ 214.032190] ? lock_acquire+0x427/0x4c0 [ 214.032572] ? __pfx_lock_release+0x10/0x10 [ 214.033068] ? __kasan_check_write+0x18/0x20 [ 214.033460] ? do_raw_spin_lock+0x132/0x2a0 [ 214.033836] ? __pfx_do_exit+0x10/0x10 [ 214.034181] ? debug_smp_processor_id+0x20/0x30 [ 214.034652] ? rcu_is_watching+0x19/0xb0 [ 214.035074] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.035484] ? trace_hardirqs_on+0x26/0x120 [ 214.035866] do_group_exit+0xe0/0x2b0 [ 214.036197] __x64_sys_exit_group+0x47/0x50 [ 214.036569] do_syscall_64+0x3b/0x90 [ 214.036901] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.037507] RIP: 0033:0x7f4b87518a4d [ 214.037826] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.038354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.039029] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.039791] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.040405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.041014] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.041721] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.042409] [ 214.042636] irq event stamp: 0 [ 214.042909] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.043471] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.044333] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.045108] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.045654] ---[ end trace 0000000000000000 ]--- [ 214.049647] ------------[ cut here ]------------ [ 214.050195] WARNING: CPU: 1 PID: 2041 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.051168] Modules linked in: [ 214.051447] CPU: 1 PID: 2041 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.052205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.053312] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.053745] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.055612] RSP: 0018:ffff888015ad7bb8 EFLAGS: 00010246 [ 214.056074] RAX: 0000000000000000 RBX: ffff888020b610a8 RCX: 0000000000000000 [ 214.056685] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 214.057444] RBP: ffff888015ad7bd0 R08: ffffed100416c233 R09: ffffed100416c233 [ 214.058106] R10: ffff888020b61193 R11: ffffed100416c232 R12: ffff88801422f000 [ 214.058748] R13: ffff888020b611e8 R14: ffffffff8352e670 R15: ffff888015ad7e68 [ 214.059373] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 214.060058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.060553] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 214.061158] PKRU: 55555554 [ 214.061401] Call Trace: [ 214.061620] [ 214.061815] __iommufd_access_detach+0x1c2/0x2b0 [ 214.062239] iommufd_access_change_pt+0x149/0x270 [ 214.062685] iommufd_access_replace+0xb4/0x120 [ 214.063090] iommufd_test+0x3e5/0x37e0 [ 214.063444] ? lock_release+0x532/0x770 [ 214.063795] ? __might_fault+0x102/0x1b0 [ 214.064150] ? lock_acquire+0x427/0x4c0 [ 214.064502] ? __pfx_iommufd_test+0x10/0x10 [ 214.064872] ? __pfx_lock_release+0x10/0x10 [ 214.065257] ? __pfx_lock_acquire+0x10/0x10 [ 214.065639] ? write_comp_data+0x2f/0x90 [ 214.066010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.066434] ? write_comp_data+0x2f/0x90 [ 214.066823] iommufd_fops_ioctl+0x37d/0x510 [ 214.067234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.067665] ? write_comp_data+0x2f/0x90 [ 214.068032] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.068450] __x64_sys_ioctl+0x1a3/0x230 [ 214.068819] do_syscall_64+0x3b/0x90 [ 214.069152] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.069607] RIP: 0033:0x7f4b8743ee5d [ 214.069933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.071524] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.072180] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.072788] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.073397] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.074009] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.074643] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.075316] [ 214.075521] irq event stamp: 0 [ 214.075794] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.076338] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.077117] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.077827] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.078360] ---[ end trace 0000000000000000 ]--- [ 214.081750] ------------[ cut here ]------------ [ 214.082211] WARNING: CPU: 0 PID: 2041 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.083394] Modules linked in: [ 214.083675] CPU: 0 PID: 2041 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.084417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.085367] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.085793] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.087359] RSP: 0018:ffff888015ad7bd0 EFLAGS: 00010246 [ 214.087804] RAX: 0000000000000000 RBX: ffff888020b610a8 RCX: 0000000000000000 [ 214.088384] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 214.088953] RBP: ffff888015ad7be8 R08: ffffed100416c233 R09: ffffed100416c233 [ 214.089520] R10: ffff888020b61193 R11: ffffed100416c232 R12: ffff88800fcb3c00 [ 214.090094] R13: ffff888020b611e8 R14: ffff8880104c0500 R15: 0000000000000000 [ 214.090682] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.091343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.091812] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.092387] PKRU: 55555554 [ 214.092620] Call Trace: [ 214.092829] [ 214.093014] iommufd_access_destroy_object+0x65/0x170 [ 214.093438] iommufd_object_destroy_user+0x18e/0x220 [ 214.093852] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.094328] iommufd_access_destroy+0x43/0x70 [ 214.094726] iommufd_test_staccess_release+0x8d/0xd0 [ 214.095159] __fput+0x26d/0xa40 [ 214.095442] ____fput+0x1e/0x30 [ 214.095716] task_work_run+0x1a4/0x2d0 [ 214.096039] ? __pfx_task_work_run+0x10/0x10 [ 214.096400] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.096806] ? switch_task_namespaces+0xa9/0xe0 [ 214.097199] do_exit+0xb17/0x2ef0 [ 214.097487] ? lock_acquire+0x427/0x4c0 [ 214.097822] ? __pfx_lock_release+0x10/0x10 [ 214.098182] ? __kasan_check_write+0x18/0x20 [ 214.098570] ? do_raw_spin_lock+0x132/0x2a0 [ 214.098926] ? __pfx_do_exit+0x10/0x10 [ 214.099269] ? debug_smp_processor_id+0x20/0x30 [ 214.099652] ? rcu_is_watching+0x19/0xb0 [ 214.099984] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.100356] ? trace_hardirqs_on+0x26/0x120 [ 214.100708] do_group_exit+0xe0/0x2b0 [ 214.101013] __x64_sys_exit_group+0x47/0x50 [ 214.101356] do_syscall_64+0x3b/0x90 [ 214.101672] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.102097] RIP: 0033:0x7f4b87518a4d [ 214.102398] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.102908] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.103551] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.104121] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.104695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.105270] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.105844] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.106423] [ 214.106631] irq event stamp: 0 [ 214.106887] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.107402] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.108062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.108731] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.109240] ---[ end trace 0000000000000000 ]--- [ 214.110009] ------------[ cut here ]------------ [ 214.110395] WARNING: CPU: 0 PID: 2041 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.111272] Modules linked in: [ 214.111536] CPU: 0 PID: 2041 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.112237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.113154] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.113575] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.115056] RSP: 0018:ffff888015ad7b78 EFLAGS: 00010246 [ 214.115496] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.116055] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 214.116623] RBP: ffff888015ad7b98 R08: ffffed100416c23e R09: ffffed100416c23e [ 214.117193] R10: ffff888020b611ef R11: ffffed100416c23d R12: ffff888020b61290 [ 214.117762] R13: ffff888020b610a8 R14: ffffffffffffffff R15: ffff888015ad7c60 [ 214.118333] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.118996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.119480] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.120058] PKRU: 55555554 [ 214.120290] Call Trace: [ 214.120496] [ 214.120680] iommufd_ioas_destroy+0x53/0x70 [ 214.121034] iommufd_fops_release+0x1f7/0x370 [ 214.121404] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.121809] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.122218] ? write_comp_data+0x2f/0x90 [ 214.122574] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.122987] __fput+0x26d/0xa40 [ 214.123277] ____fput+0x1e/0x30 [ 214.123560] task_work_run+0x1a4/0x2d0 [ 214.123885] ? __pfx_task_work_run+0x10/0x10 [ 214.124245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.124647] ? switch_task_namespaces+0xa9/0xe0 [ 214.125037] do_exit+0xb17/0x2ef0 [ 214.125324] ? lock_acquire+0x427/0x4c0 [ 214.125656] ? __pfx_lock_release+0x10/0x10 [ 214.126012] ? __kasan_check_write+0x18/0x20 [ 214.126368] ? do_raw_spin_lock+0x132/0x2a0 [ 214.126731] ? __pfx_do_exit+0x10/0x10 [ 214.127058] ? debug_smp_processor_id+0x20/0x30 [ 214.127466] ? rcu_is_watching+0x19/0xb0 [ 214.127799] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.128170] ? trace_hardirqs_on+0x26/0x120 [ 214.128527] do_group_exit+0xe0/0x2b0 [ 214.128844] __x64_sys_exit_group+0x47/0x50 [ 214.129200] do_syscall_64+0x3b/0x90 [ 214.129522] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.129951] RIP: 0033:0x7f4b87518a4d [ 214.130258] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.130776] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.131406] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.131984] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.132556] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.133124] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.133693] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.134273] [ 214.134465] irq event stamp: 0 [ 214.134735] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.135256] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.135930] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.136602] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.137109] ---[ end trace 0000000000000000 ]--- [ 214.141746] ------------[ cut here ]------------ [ 214.142161] WARNING: CPU: 1 PID: 2042 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.143129] Modules linked in: [ 214.143383] CPU: 1 PID: 2042 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.144056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.144917] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.145300] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.146714] RSP: 0018:ffff8880162d7bb8 EFLAGS: 00010246 [ 214.147130] RAX: 0000000000000000 RBX: ffff888011d9d8a8 RCX: 0000000000000000 [ 214.147677] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 214.148224] RBP: ffff8880162d7bd0 R08: ffffed10023b3b33 R09: ffffed10023b3b33 [ 214.148771] R10: ffff888011d9d993 R11: ffffed10023b3b32 R12: ffff888013d4d400 [ 214.149321] R13: ffff888011d9d9e8 R14: ffffffff8352e670 R15: ffff8880162d7e68 [ 214.149872] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 214.150489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.150956] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ee0 [ 214.151518] PKRU: 55555554 [ 214.151738] Call Trace: [ 214.151937] [ 214.152112] __iommufd_access_detach+0x1c2/0x2b0 [ 214.152492] iommufd_access_change_pt+0x149/0x270 [ 214.152874] iommufd_access_replace+0xb4/0x120 [ 214.153234] iommufd_test+0x3e5/0x37e0 [ 214.153538] ? lock_release+0x532/0x770 [ 214.153859] ? __might_fault+0x102/0x1b0 [ 214.154184] ? lock_acquire+0x427/0x4c0 [ 214.154524] ? __pfx_iommufd_test+0x10/0x10 [ 214.154862] ? __pfx_lock_release+0x10/0x10 [ 214.155216] ? __pfx_lock_acquire+0x10/0x10 [ 214.155561] ? write_comp_data+0x2f/0x90 [ 214.155887] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.156274] ? write_comp_data+0x2f/0x90 [ 214.156603] iommufd_fops_ioctl+0x37d/0x510 [ 214.156943] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.157327] ? write_comp_data+0x2f/0x90 [ 214.157650] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.158028] __x64_sys_ioctl+0x1a3/0x230 [ 214.158355] do_syscall_64+0x3b/0x90 [ 214.158678] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.159089] RIP: 0033:0x7f4b8743ee5d [ 214.159398] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.160802] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.161390] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.161939] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.162491] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.163063] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.163625] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.164191] [ 214.164375] irq event stamp: 0 [ 214.164621] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.165107] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.165755] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.166400] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.166907] ---[ end trace 0000000000000000 ]--- [ 214.169600] ------------[ cut here ]------------ [ 214.169988] WARNING: CPU: 1 PID: 2042 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.170797] Modules linked in: [ 214.171050] CPU: 1 PID: 2042 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.171736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.172606] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.173054] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.174458] RSP: 0018:ffff8880162d7bd0 EFLAGS: 00010246 [ 214.174896] RAX: 0000000000000000 RBX: ffff888011d9d8a8 RCX: 0000000000000000 [ 214.175455] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 214.176007] RBP: ffff8880162d7be8 R08: ffffed10023b3b33 R09: ffffed10023b3b33 [ 214.176558] R10: ffff888011d9d993 R11: ffffed10023b3b32 R12: ffff88801422cc00 [ 214.177108] R13: ffff888011d9d9e8 R14: ffff888013701000 R15: 0000000000000000 [ 214.177660] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 214.178279] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.178746] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 214.179304] PKRU: 55555554 [ 214.179523] Call Trace: [ 214.179725] [ 214.179901] iommufd_access_destroy_object+0x65/0x170 [ 214.180311] iommufd_object_destroy_user+0x18e/0x220 [ 214.180710] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.181164] iommufd_access_destroy+0x43/0x70 [ 214.181521] iommufd_test_staccess_release+0x8d/0xd0 [ 214.181925] __fput+0x26d/0xa40 [ 214.182196] ____fput+0x1e/0x30 [ 214.182461] task_work_run+0x1a4/0x2d0 [ 214.182792] ? __pfx_task_work_run+0x10/0x10 [ 214.183149] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.183538] ? switch_task_namespaces+0xa9/0xe0 [ 214.183915] do_exit+0xb17/0x2ef0 [ 214.184188] ? lock_acquire+0x427/0x4c0 [ 214.184503] ? __pfx_lock_release+0x10/0x10 [ 214.184843] ? __kasan_check_write+0x18/0x20 [ 214.185188] ? do_raw_spin_lock+0x132/0x2a0 [ 214.185525] ? __pfx_do_exit+0x10/0x10 [ 214.185838] ? debug_smp_processor_id+0x20/0x30 [ 214.186205] ? rcu_is_watching+0x19/0xb0 [ 214.186545] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.186904] ? trace_hardirqs_on+0x26/0x120 [ 214.187256] do_group_exit+0xe0/0x2b0 [ 214.187553] __x64_sys_exit_group+0x47/0x50 [ 214.187888] do_syscall_64+0x3b/0x90 [ 214.188185] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.188594] RIP: 0033:0x7f4b87518a4d [ 214.188882] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.189356] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.189939] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.190492] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.191064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.191638] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.192190] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.192750] [ 214.192934] irq event stamp: 0 [ 214.193181] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.193670] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.194322] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.194987] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.195480] ---[ end trace 0000000000000000 ]--- [ 214.196168] ------------[ cut here ]------------ [ 214.196537] WARNING: CPU: 1 PID: 2042 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.197328] Modules linked in: [ 214.197580] CPU: 1 PID: 2042 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.198260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.199164] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.199577] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.200982] RSP: 0018:ffff8880162d7b78 EFLAGS: 00010246 [ 214.201393] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.201940] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 214.202488] RBP: ffff8880162d7b98 R08: ffffed10023b3b3e R09: ffffed10023b3b3e [ 214.203049] R10: ffff888011d9d9ef R11: ffffed10023b3b3d R12: ffff888011d9da90 [ 214.203603] R13: ffff888011d9d8a8 R14: ffffffffffffffff R15: ffff8880162d7c60 [ 214.204155] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 214.204775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.205282] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 214.205832] PKRU: 55555554 [ 214.206052] Call Trace: [ 214.206250] [ 214.206429] iommufd_ioas_destroy+0x53/0x70 [ 214.206791] iommufd_fops_release+0x1f7/0x370 [ 214.207155] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.207548] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.207937] ? write_comp_data+0x2f/0x90 [ 214.208261] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.208650] __fput+0x26d/0xa40 [ 214.208924] ____fput+0x1e/0x30 [ 214.209188] task_work_run+0x1a4/0x2d0 [ 214.209499] ? __pfx_task_work_run+0x10/0x10 [ 214.209846] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.210229] ? switch_task_namespaces+0xa9/0xe0 [ 214.210620] do_exit+0xb17/0x2ef0 [ 214.210897] ? lock_acquire+0x427/0x4c0 [ 214.211224] ? __pfx_lock_release+0x10/0x10 [ 214.211569] ? __kasan_check_write+0x18/0x20 [ 214.211916] ? do_raw_spin_lock+0x132/0x2a0 [ 214.212258] ? __pfx_do_exit+0x10/0x10 [ 214.212569] ? debug_smp_processor_id+0x20/0x30 [ 214.212933] ? rcu_is_watching+0x19/0xb0 [ 214.213250] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.213610] ? trace_hardirqs_on+0x26/0x120 [ 214.213951] do_group_exit+0xe0/0x2b0 [ 214.214247] __x64_sys_exit_group+0x47/0x50 [ 214.214608] do_syscall_64+0x3b/0x90 [ 214.214909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.215331] RIP: 0033:0x7f4b87518a4d [ 214.215626] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.216100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.216687] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.217239] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.217788] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.218339] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.218910] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.219477] [ 214.219660] irq event stamp: 0 [ 214.219907] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.220394] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.221042] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.221689] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.222178] ---[ end trace 0000000000000000 ]--- [ 214.225818] ------------[ cut here ]------------ [ 214.226239] WARNING: CPU: 0 PID: 2043 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.227086] Modules linked in: [ 214.227352] CPU: 0 PID: 2043 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.228018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.228876] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.229258] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.230676] RSP: 0018:ffff8880137c7bb8 EFLAGS: 00010246 [ 214.231087] RAX: 0000000000000000 RBX: ffff8880181250a8 RCX: 0000000000000000 [ 214.231639] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 214.232183] RBP: ffff8880137c7bd0 R08: ffffed1003024a33 R09: ffffed1003024a33 [ 214.232727] R10: ffff888018125193 R11: ffffed1003024a32 R12: ffff88800a727c00 [ 214.233272] R13: ffff8880181251e8 R14: ffffffff8352e670 R15: ffff8880137c7e68 [ 214.233818] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.234437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.234897] CR2: 0000000020000140 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 214.235450] PKRU: 55555554 [ 214.235663] Call Trace: [ 214.235856] [ 214.236026] __iommufd_access_detach+0x1c2/0x2b0 [ 214.236394] iommufd_access_change_pt+0x149/0x270 [ 214.236765] iommufd_access_replace+0xb4/0x120 [ 214.237119] iommufd_test+0x3e5/0x37e0 [ 214.237412] ? lock_release+0x532/0x770 [ 214.237720] ? __might_fault+0x102/0x1b0 [ 214.238033] ? lock_acquire+0x427/0x4c0 [ 214.238344] ? __pfx_iommufd_test+0x10/0x10 [ 214.238686] ? __pfx_lock_release+0x10/0x10 [ 214.239025] ? __pfx_lock_acquire+0x10/0x10 [ 214.239370] ? write_comp_data+0x2f/0x90 [ 214.239687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.240061] ? write_comp_data+0x2f/0x90 [ 214.240378] iommufd_fops_ioctl+0x37d/0x510 [ 214.240710] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.241081] ? write_comp_data+0x2f/0x90 [ 214.241398] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.241763] __x64_sys_ioctl+0x1a3/0x230 [ 214.242079] do_syscall_64+0x3b/0x90 [ 214.242373] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.242785] RIP: 0033:0x7f4b8743ee5d [ 214.243067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.244433] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.245000] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.245530] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.246058] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.246604] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.247143] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.247678] [ 214.247856] irq event stamp: 0 [ 214.248095] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.248564] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.249187] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.249807] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.250273] ---[ end trace 0000000000000000 ]--- [ 214.252997] ------------[ cut here ]------------ [ 214.253376] WARNING: CPU: 0 PID: 2043 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.254138] Modules linked in: [ 214.254378] CPU: 0 PID: 2043 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.255057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.255909] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.256282] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.257645] RSP: 0018:ffff8880137c7bd0 EFLAGS: 00010246 [ 214.258041] RAX: 0000000000000000 RBX: ffff8880181250a8 RCX: 0000000000000000 [ 214.258622] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 214.259159] RBP: ffff8880137c7be8 R08: ffffed1003024a33 R09: ffffed1003024a33 [ 214.259692] R10: ffff888018125193 R11: ffffed1003024a32 R12: ffff888013b21400 [ 214.260225] R13: ffff8880181251e8 R14: ffff888010928800 R15: 0000000000000000 [ 214.260757] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.261354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.261783] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.262315] PKRU: 55555554 [ 214.262540] Call Trace: [ 214.262733] [ 214.262905] iommufd_access_destroy_object+0x65/0x170 [ 214.263311] iommufd_object_destroy_user+0x18e/0x220 [ 214.263696] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.264136] iommufd_access_destroy+0x43/0x70 [ 214.264482] iommufd_test_staccess_release+0x8d/0xd0 [ 214.264872] __fput+0x26d/0xa40 [ 214.265134] ____fput+0x1e/0x30 [ 214.265390] task_work_run+0x1a4/0x2d0 [ 214.265690] ? __pfx_task_work_run+0x10/0x10 [ 214.266026] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.266397] ? switch_task_namespaces+0xa9/0xe0 [ 214.266772] do_exit+0xb17/0x2ef0 [ 214.267038] ? lock_acquire+0x427/0x4c0 [ 214.267355] ? __pfx_lock_release+0x10/0x10 [ 214.267687] ? __kasan_check_write+0x18/0x20 [ 214.268023] ? do_raw_spin_lock+0x132/0x2a0 [ 214.268349] ? __pfx_do_exit+0x10/0x10 [ 214.268650] ? debug_smp_processor_id+0x20/0x30 [ 214.269005] ? rcu_is_watching+0x19/0xb0 [ 214.269311] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.269653] ? trace_hardirqs_on+0x26/0x120 [ 214.269984] do_group_exit+0xe0/0x2b0 [ 214.270271] __x64_sys_exit_group+0x47/0x50 [ 214.270609] do_syscall_64+0x3b/0x90 [ 214.270898] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.271298] RIP: 0033:0x7f4b87518a4d [ 214.271573] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.272030] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.272600] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.273126] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.273658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.274183] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.274730] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.275278] [ 214.275458] irq event stamp: 0 [ 214.275695] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.276164] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.276790] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.277416] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.277885] ---[ end trace 0000000000000000 ]--- [ 214.278586] ------------[ cut here ]------------ [ 214.278944] WARNING: CPU: 0 PID: 2043 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.279723] Modules linked in: [ 214.279982] CPU: 0 PID: 2043 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.280644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.281490] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.281875] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.283257] RSP: 0018:ffff8880137c7b78 EFLAGS: 00010246 [ 214.283667] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.284209] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 214.285313] RBP: ffff8880137c7b98 R08: ffffed1003024a3e R09: ffffed1003024a3e [ 214.286127] R10: ffff8880181251ef R11: ffffed1003024a3d R12: ffff888018125290 [ 214.287123] R13: ffff8880181250a8 R14: ffffffffffffffff R15: ffff8880137c7c60 [ 214.287954] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.288937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.289622] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.290543] PKRU: 55555554 [ 214.290869] Call Trace: [ 214.291164] [ 214.291459] iommufd_ioas_destroy+0x53/0x70 [ 214.292048] iommufd_fops_release+0x1f7/0x370 [ 214.292552] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.293250] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.293802] ? write_comp_data+0x2f/0x90 [ 214.294263] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.294974] __fput+0x26d/0xa40 [ 214.295383] ____fput+0x1e/0x30 [ 214.295768] task_work_run+0x1a4/0x2d0 [ 214.296213] ? __pfx_task_work_run+0x10/0x10 [ 214.296713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.297268] ? switch_task_namespaces+0xa9/0xe0 [ 214.297801] do_exit+0xb17/0x2ef0 [ 214.298192] ? lock_acquire+0x427/0x4c0 [ 214.298680] ? __pfx_lock_release+0x10/0x10 [ 214.299189] ? __kasan_check_write+0x18/0x20 [ 214.299681] ? do_raw_spin_lock+0x132/0x2a0 [ 214.300158] ? __pfx_do_exit+0x10/0x10 [ 214.300600] ? debug_smp_processor_id+0x20/0x30 [ 214.301116] ? rcu_is_watching+0x19/0xb0 [ 214.301570] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.302075] ? trace_hardirqs_on+0x26/0x120 [ 214.302591] do_group_exit+0xe0/0x2b0 [ 214.303020] __x64_sys_exit_group+0x47/0x50 [ 214.303507] do_syscall_64+0x3b/0x90 [ 214.303934] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.304515] RIP: 0033:0x7f4b87518a4d [ 214.304928] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.305597] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.306425] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.307239] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.308011] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.308768] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.309513] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.310280] [ 214.310563] irq event stamp: 0 [ 214.310909] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.311586] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.312467] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.313372] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.314059] ---[ end trace 0000000000000000 ]--- [ 214.320479] ------------[ cut here ]------------ [ 214.321004] WARNING: CPU: 0 PID: 2044 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.322231] Modules linked in: [ 214.322668] CPU: 0 PID: 2044 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.323742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.324949] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.325492] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.327479] RSP: 0018:ffff888015ad7bb8 EFLAGS: 00010246 [ 214.328062] RAX: 0000000000000000 RBX: ffff88801010c0a8 RCX: 0000000000000000 [ 214.328827] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 214.329593] RBP: ffff888015ad7bd0 R08: ffffed1002021833 R09: ffffed1002021833 [ 214.330358] R10: ffff88801010c193 R11: ffffed1002021832 R12: ffff88800fe6bc00 [ 214.331165] R13: ffff88801010c1e8 R14: ffffffff8352e670 R15: ffff888015ad7e68 [ 214.331939] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.332801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.333428] CR2: 00007f4b877410e8 CR3: 0000000015e5a000 CR4: 0000000000750ef0 [ 214.334196] PKRU: 55555554 [ 214.334536] Call Trace: [ 214.334825] [ 214.335078] __iommufd_access_detach+0x1c2/0x2b0 [ 214.335628] iommufd_access_change_pt+0x149/0x270 [ 214.336173] iommufd_access_replace+0xb4/0x120 [ 214.336695] iommufd_test+0x3e5/0x37e0 [ 214.337125] ? lock_release+0x532/0x770 [ 214.337565] ? __might_fault+0x102/0x1b0 [ 214.338008] ? lock_acquire+0x427/0x4c0 [ 214.338446] ? __pfx_iommufd_test+0x10/0x10 [ 214.338934] ? __pfx_lock_release+0x10/0x10 [ 214.339431] ? __pfx_lock_acquire+0x10/0x10 [ 214.339920] ? write_comp_data+0x2f/0x90 [ 214.340379] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.340918] ? write_comp_data+0x2f/0x90 [ 214.341379] iommufd_fops_ioctl+0x37d/0x510 [ 214.341859] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.342403] ? write_comp_data+0x2f/0x90 [ 214.342890] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.343432] __x64_sys_ioctl+0x1a3/0x230 [ 214.343895] do_syscall_64+0x3b/0x90 [ 214.344321] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.344896] RIP: 0033:0x7f4b8743ee5d [ 214.345307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.347298] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.348122] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.348891] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.349655] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.350420] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.351220] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.352005] [ 214.352265] irq event stamp: 0 [ 214.352610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.353290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.354188] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.355109] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.355705] ---[ end trace 0000000000000000 ]--- [ 214.358986] ------------[ cut here ]------------ [ 214.359343] WARNING: CPU: 0 PID: 2044 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.360057] Modules linked in: [ 214.360535] CPU: 0 PID: 2044 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.361168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.362088] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.362445] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.363909] RSP: 0018:ffff888015ad7bd0 EFLAGS: 00010246 [ 214.364289] RAX: 0000000000000000 RBX: ffff88801010c0a8 RCX: 0000000000000000 [ 214.364788] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 214.365341] RBP: ffff888015ad7be8 R08: ffffed1002021833 R09: ffffed1002021833 [ 214.365928] R10: ffff88801010c193 R11: ffffed1002021832 R12: ffff88800a724400 [ 214.366436] R13: ffff88801010c1e8 R14: ffff888012870e00 R15: 0000000000000000 [ 214.367019] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.368028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.368657] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.369555] PKRU: 55555554 [ 214.369866] Call Trace: [ 214.370144] [ 214.370574] iommufd_access_destroy_object+0x65/0x170 [ 214.371185] iommufd_object_destroy_user+0x18e/0x220 [ 214.371588] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.372053] iommufd_access_destroy+0x43/0x70 [ 214.372474] iommufd_test_staccess_release+0x8d/0xd0 [ 214.372854] __fput+0x26d/0xa40 [ 214.373112] ____fput+0x1e/0x30 [ 214.373364] task_work_run+0x1a4/0x2d0 [ 214.373779] ? __pfx_task_work_run+0x10/0x10 [ 214.374110] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.374477] ? switch_task_namespaces+0xa9/0xe0 [ 214.374852] do_exit+0xb17/0x2ef0 [ 214.375112] ? lock_acquire+0x427/0x4c0 [ 214.375426] ? __pfx_lock_release+0x10/0x10 [ 214.375896] ? __kasan_check_write+0x18/0x20 [ 214.376229] ? do_raw_spin_lock+0x132/0x2a0 [ 214.376554] ? __pfx_do_exit+0x10/0x10 [ 214.376844] ? debug_smp_processor_id+0x20/0x30 [ 214.377238] ? rcu_is_watching+0x19/0xb0 [ 214.377608] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.377944] ? trace_hardirqs_on+0x26/0x120 [ 214.378262] do_group_exit+0xe0/0x2b0 [ 214.378566] __x64_sys_exit_group+0x47/0x50 [ 214.378879] do_syscall_64+0x3b/0x90 [ 214.379220] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.379672] RIP: 0033:0x7f4b87518a4d [ 214.379954] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.380415] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.381119] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.381646] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.382183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.382835] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.383378] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.383917] [ 214.384093] irq event stamp: 0 [ 214.384379] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.384933] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.385555] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.386289] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.386777] ---[ end trace 0000000000000000 ]--- [ 214.387450] ------------[ cut here ]------------ [ 214.387854] WARNING: CPU: 0 PID: 2044 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.388693] Modules linked in: [ 214.388939] CPU: 0 PID: 2044 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.389724] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.390580] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.390973] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.392476] RSP: 0018:ffff888015ad7b78 EFLAGS: 00010246 [ 214.392904] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.393538] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 214.394073] RBP: ffff888015ad7b98 R08: ffffed100202183e R09: ffffed100202183e [ 214.394703] R10: ffff88801010c1ef R11: ffffed100202183d R12: ffff88801010c290 [ 214.395356] R13: ffff88801010c0a8 R14: ffffffffffffffff R15: ffff888015ad7c60 [ 214.395908] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.396574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.397107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.397658] PKRU: 55555554 [ 214.397877] Call Trace: [ 214.398073] [ 214.398282] iommufd_ioas_destroy+0x53/0x70 [ 214.398737] iommufd_fops_release+0x1f7/0x370 [ 214.399093] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.399492] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.399878] ? write_comp_data+0x2f/0x90 [ 214.400219] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.400747] __fput+0x26d/0xa40 [ 214.401019] ____fput+0x1e/0x30 [ 214.401288] task_work_run+0x1a4/0x2d0 [ 214.401600] ? __pfx_task_work_run+0x10/0x10 [ 214.402013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.402490] ? switch_task_namespaces+0xa9/0xe0 [ 214.402890] do_exit+0xb17/0x2ef0 [ 214.403171] ? lock_acquire+0x427/0x4c0 [ 214.403491] ? __pfx_lock_release+0x10/0x10 [ 214.403834] ? __kasan_check_write+0x18/0x20 [ 214.404241] ? do_raw_spin_lock+0x132/0x2a0 [ 214.404671] ? __pfx_do_exit+0x10/0x10 [ 214.404986] ? debug_smp_processor_id+0x20/0x30 [ 214.405350] ? rcu_is_watching+0x19/0xb0 [ 214.405685] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.406167] ? trace_hardirqs_on+0x26/0x120 [ 214.406534] do_group_exit+0xe0/0x2b0 [ 214.406836] __x64_sys_exit_group+0x47/0x50 [ 214.407176] do_syscall_64+0x3b/0x90 [ 214.407477] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.407919] RIP: 0033:0x7f4b87518a4d [ 214.408318] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.408789] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.409375] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.410105] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.410692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.411282] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.412009] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.412589] [ 214.412773] irq event stamp: 0 [ 214.413024] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.413675] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.414340] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.415038] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.415692] ---[ end trace 0000000000000000 ]--- [ 214.420753] ------------[ cut here ]------------ [ 214.421219] WARNING: CPU: 0 PID: 2045 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.422096] Modules linked in: [ 214.422349] CPU: 0 PID: 2045 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.423216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.424112] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.424509] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.425962] RSP: 0018:ffff888023e87bb8 EFLAGS: 00010246 [ 214.426390] RAX: 0000000000000000 RBX: ffff8880161dc8a8 RCX: 0000000000000000 [ 214.426978] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 214.427551] RBP: ffff888023e87bd0 R08: ffffed1002c3b933 R09: ffffed1002c3b933 [ 214.428113] R10: ffff8880161dc993 R11: ffffed1002c3b932 R12: ffff88800f4d2000 [ 214.428680] R13: ffff8880161dc9e8 R14: ffffffff8352e670 R15: ffff888023e87e68 [ 214.429257] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.429902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.430369] CR2: 0000000020000140 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 214.430958] PKRU: 55555554 [ 214.431202] Call Trace: [ 214.431411] [ 214.431598] __iommufd_access_detach+0x1c2/0x2b0 [ 214.431996] iommufd_access_change_pt+0x149/0x270 [ 214.432396] iommufd_access_replace+0xb4/0x120 [ 214.432777] iommufd_test+0x3e5/0x37e0 [ 214.433093] ? lock_release+0x532/0x770 [ 214.433424] ? __might_fault+0x102/0x1b0 [ 214.433760] ? lock_acquire+0x427/0x4c0 [ 214.434105] ? __pfx_iommufd_test+0x10/0x10 [ 214.434452] ? __pfx_lock_release+0x10/0x10 [ 214.434830] ? __pfx_lock_acquire+0x10/0x10 [ 214.435200] ? write_comp_data+0x2f/0x90 [ 214.435541] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.435935] ? write_comp_data+0x2f/0x90 [ 214.436266] iommufd_fops_ioctl+0x37d/0x510 [ 214.436617] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.437014] ? write_comp_data+0x2f/0x90 [ 214.437348] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.437743] __x64_sys_ioctl+0x1a3/0x230 [ 214.438080] do_syscall_64+0x3b/0x90 [ 214.438385] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.438826] RIP: 0033:0x7f4b8743ee5d [ 214.439143] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.440597] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.441200] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.441775] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.442339] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.442929] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.443526] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.444098] [ 214.444284] irq event stamp: 0 [ 214.444534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.445032] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.445691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.446347] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.446858] ---[ end trace 0000000000000000 ]--- [ 214.449962] ------------[ cut here ]------------ [ 214.450347] WARNING: CPU: 0 PID: 2045 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.451188] Modules linked in: [ 214.451445] CPU: 0 PID: 2045 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.452297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.453182] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.453575] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.455201] RSP: 0018:ffff888023e87bd0 EFLAGS: 00010246 [ 214.455624] RAX: 0000000000000000 RBX: ffff8880161dc8a8 RCX: 0000000000000000 [ 214.456340] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 214.456911] RBP: ffff888023e87be8 R08: ffffed1002c3b933 R09: ffffed1002c3b933 [ 214.457490] R10: ffff8880161dc993 R11: ffffed1002c3b932 R12: ffff88800fe69400 [ 214.458170] R13: ffff8880161dc9e8 R14: ffff88800f995200 R15: 0000000000000000 [ 214.458743] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.459390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.460007] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.460569] PKRU: 55555554 [ 214.460809] Call Trace: [ 214.461016] [ 214.461195] iommufd_access_destroy_object+0x65/0x170 [ 214.461788] iommufd_object_destroy_user+0x18e/0x220 [ 214.462202] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.462693] iommufd_access_destroy+0x43/0x70 [ 214.463078] iommufd_test_staccess_release+0x8d/0xd0 [ 214.463540] __fput+0x26d/0xa40 [ 214.463928] ____fput+0x1e/0x30 [ 214.464205] task_work_run+0x1a4/0x2d0 [ 214.464525] ? __pfx_task_work_run+0x10/0x10 [ 214.464883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.465338] ? switch_task_namespaces+0xa9/0xe0 [ 214.465814] do_exit+0xb17/0x2ef0 [ 214.466097] ? lock_acquire+0x427/0x4c0 [ 214.466426] ? __pfx_lock_release+0x10/0x10 [ 214.466797] ? __kasan_check_write+0x18/0x20 [ 214.467169] ? do_raw_spin_lock+0x132/0x2a0 [ 214.467596] ? __pfx_do_exit+0x10/0x10 [ 214.468009] ? debug_smp_processor_id+0x20/0x30 [ 214.468390] ? rcu_is_watching+0x19/0xb0 [ 214.468714] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.469099] ? trace_hardirqs_on+0x26/0x120 [ 214.469576] do_group_exit+0xe0/0x2b0 [ 214.469887] __x64_sys_exit_group+0x47/0x50 [ 214.470230] do_syscall_64+0x3b/0x90 [ 214.470553] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.470974] RIP: 0033:0x7f4b87518a4d [ 214.471341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.471927] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.472530] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.473261] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.473824] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.474383] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.475122] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.475708] [ 214.475896] irq event stamp: 0 [ 214.476147] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.476670] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.477463] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.478122] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.478792] ---[ end trace 0000000000000000 ]--- [ 214.479497] ------------[ cut here ]------------ [ 214.479872] WARNING: CPU: 0 PID: 2045 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.480846] Modules linked in: [ 214.481103] CPU: 0 PID: 2045 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.481799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.482873] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.483301] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.484922] RSP: 0018:ffff888023e87b78 EFLAGS: 00010246 [ 214.485347] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.485916] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 214.486623] RBP: ffff888023e87b98 R08: ffffed1002c3b93e R09: ffffed1002c3b93e [ 214.487197] R10: ffff8880161dc9ef R11: ffffed1002c3b93d R12: ffff8880161dca90 [ 214.487763] R13: ffff8880161dc8a8 R14: ffffffffffffffff R15: ffff888023e87c60 [ 214.488507] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.489145] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.489603] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.490325] PKRU: 55555554 [ 214.490581] Call Trace: [ 214.490785] [ 214.490966] iommufd_ioas_destroy+0x53/0x70 [ 214.491333] iommufd_fops_release+0x1f7/0x370 [ 214.491712] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.492307] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.492723] ? write_comp_data+0x2f/0x90 [ 214.493074] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.493486] __fput+0x26d/0xa40 [ 214.493851] ____fput+0x1e/0x30 [ 214.494232] task_work_run+0x1a4/0x2d0 [ 214.494587] ? __pfx_task_work_run+0x10/0x10 [ 214.494965] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.495393] ? switch_task_namespaces+0xa9/0xe0 [ 214.495792] do_exit+0xb17/0x2ef0 [ 214.496264] ? lock_acquire+0x427/0x4c0 [ 214.496608] ? __pfx_lock_release+0x10/0x10 [ 214.496975] ? __kasan_check_write+0x18/0x20 [ 214.497349] ? do_raw_spin_lock+0x132/0x2a0 [ 214.497753] ? __pfx_do_exit+0x10/0x10 [ 214.498205] ? debug_smp_processor_id+0x20/0x30 [ 214.498618] ? rcu_is_watching+0x19/0xb0 [ 214.498962] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.499361] ? trace_hardirqs_on+0x26/0x120 [ 214.499741] do_group_exit+0xe0/0x2b0 [ 214.500146] __x64_sys_exit_group+0x47/0x50 [ 214.500591] do_syscall_64+0x3b/0x90 [ 214.500914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.501357] RIP: 0033:0x7f4b87518a4d [ 214.501692] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.502359] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.503020] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.503629] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.504400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.505002] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.505594] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.506375] [ 214.506607] irq event stamp: 0 [ 214.506871] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.507411] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.508295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.508999] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.509527] ---[ end trace 0000000000000000 ]--- [ 214.514680] ------------[ cut here ]------------ [ 214.515102] WARNING: CPU: 0 PID: 2046 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.515969] Modules linked in: [ 214.516238] CPU: 0 PID: 2046 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.516974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.517903] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.518316] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.519922] RSP: 0018:ffff888015ad7bb8 EFLAGS: 00010246 [ 214.520367] RAX: 0000000000000000 RBX: ffff888015d2a8a8 RCX: 0000000000000000 [ 214.520961] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 214.521559] RBP: ffff888015ad7bd0 R08: ffffed1002ba5533 R09: ffffed1002ba5533 [ 214.522160] R10: ffff888015d2a993 R11: ffffed1002ba5532 R12: ffff888018709400 [ 214.522773] R13: ffff888015d2a9e8 R14: ffffffff8352e670 R15: ffff888015ad7e68 [ 214.523392] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.524083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.524573] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 214.525187] PKRU: 55555554 [ 214.525429] Call Trace: [ 214.525649] [ 214.525844] __iommufd_access_detach+0x1c2/0x2b0 [ 214.526266] iommufd_access_change_pt+0x149/0x270 [ 214.526703] iommufd_access_replace+0xb4/0x120 [ 214.527104] iommufd_test+0x3e5/0x37e0 [ 214.527452] ? lock_release+0x532/0x770 [ 214.527797] ? __might_fault+0x102/0x1b0 [ 214.528144] ? lock_acquire+0x427/0x4c0 [ 214.528496] ? __pfx_iommufd_test+0x10/0x10 [ 214.528863] ? __pfx_lock_release+0x10/0x10 [ 214.529248] ? __pfx_lock_acquire+0x10/0x10 [ 214.529626] ? write_comp_data+0x2f/0x90 [ 214.529981] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.530395] ? write_comp_data+0x2f/0x90 [ 214.530773] iommufd_fops_ioctl+0x37d/0x510 [ 214.531153] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.531581] ? write_comp_data+0x2f/0x90 [ 214.531943] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.532361] __x64_sys_ioctl+0x1a3/0x230 [ 214.532715] do_syscall_64+0x3b/0x90 [ 214.533055] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.533498] RIP: 0033:0x7f4b8743ee5d [ 214.533815] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.535385] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.536052] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.536660] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.537264] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.537862] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.538459] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.539095] [ 214.539306] irq event stamp: 0 [ 214.539581] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.540120] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.540838] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.541552] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.542091] ---[ end trace 0000000000000000 ]--- [ 214.545537] ------------[ cut here ]------------ [ 214.546090] WARNING: CPU: 0 PID: 2046 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.547112] Modules linked in: [ 214.547405] CPU: 0 PID: 2046 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.548221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.549266] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.549694] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.551432] RSP: 0018:ffff888015ad7bd0 EFLAGS: 00010246 [ 214.551889] RAX: 0000000000000000 RBX: ffff888015d2a8a8 RCX: 0000000000000000 [ 214.552665] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 214.553268] RBP: ffff888015ad7be8 R08: ffffed1002ba5533 R09: ffffed1002ba5533 [ 214.553901] R10: ffff888015d2a993 R11: ffffed1002ba5532 R12: ffff88800f4d3800 [ 214.554643] R13: ffff888015d2a9e8 R14: ffff8880137a7800 R15: 0000000000000000 [ 214.555275] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.555988] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.556622] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.557226] PKRU: 55555554 [ 214.557464] Call Trace: [ 214.557681] [ 214.557886] iommufd_access_destroy_object+0x65/0x170 [ 214.558331] iommufd_object_destroy_user+0x18e/0x220 [ 214.558794] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.559315] iommufd_access_destroy+0x43/0x70 [ 214.559708] iommufd_test_staccess_release+0x8d/0xd0 [ 214.560151] __fput+0x26d/0xa40 [ 214.560447] ____fput+0x1e/0x30 [ 214.560738] task_work_run+0x1a4/0x2d0 [ 214.561081] ? __pfx_task_work_run+0x10/0x10 [ 214.561462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.561884] ? switch_task_namespaces+0xa9/0xe0 [ 214.562292] do_exit+0xb17/0x2ef0 [ 214.562607] ? lock_acquire+0x427/0x4c0 [ 214.562961] ? __pfx_lock_release+0x10/0x10 [ 214.563346] ? __kasan_check_write+0x18/0x20 [ 214.563721] ? do_raw_spin_lock+0x132/0x2a0 [ 214.564096] ? __pfx_do_exit+0x10/0x10 [ 214.564438] ? debug_smp_processor_id+0x20/0x30 [ 214.564838] ? rcu_is_watching+0x19/0xb0 [ 214.565185] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.565573] ? trace_hardirqs_on+0x26/0x120 [ 214.565947] do_group_exit+0xe0/0x2b0 [ 214.566272] __x64_sys_exit_group+0x47/0x50 [ 214.566658] do_syscall_64+0x3b/0x90 [ 214.566989] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.567447] RIP: 0033:0x7f4b87518a4d [ 214.567768] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.568289] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.568932] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.569552] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.570141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.570746] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.571344] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.571917] [ 214.572103] irq event stamp: 0 [ 214.572355] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.572849] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.573520] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.574194] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.574715] ---[ end trace 0000000000000000 ]--- [ 214.575455] ------------[ cut here ]------------ [ 214.575831] WARNING: CPU: 0 PID: 2046 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.576642] Modules linked in: [ 214.576902] CPU: 0 PID: 2046 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.577604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.578536] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.578959] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.580431] RSP: 0018:ffff888015ad7b78 EFLAGS: 00010246 [ 214.580853] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.581408] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 214.581975] RBP: ffff888015ad7b98 R08: ffffed1002ba553e R09: ffffed1002ba553e [ 214.582560] R10: ffff888015d2a9ef R11: ffffed1002ba553d R12: ffff888015d2aa90 [ 214.583140] R13: ffff888015d2a8a8 R14: ffffffffffffffff R15: ffff888015ad7c60 [ 214.583720] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.584369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.584837] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.585412] PKRU: 55555554 [ 214.585643] Call Trace: [ 214.585848] [ 214.586031] iommufd_ioas_destroy+0x53/0x70 [ 214.586393] iommufd_fops_release+0x1f7/0x370 [ 214.586785] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.587215] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.587620] ? write_comp_data+0x2f/0x90 [ 214.587959] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.588367] __fput+0x26d/0xa40 [ 214.588650] ____fput+0x1e/0x30 [ 214.588929] task_work_run+0x1a4/0x2d0 [ 214.589256] ? __pfx_task_work_run+0x10/0x10 [ 214.589623] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.590027] ? switch_task_namespaces+0xa9/0xe0 [ 214.590416] do_exit+0xb17/0x2ef0 [ 214.590718] ? lock_acquire+0x427/0x4c0 [ 214.591056] ? __pfx_lock_release+0x10/0x10 [ 214.591428] ? __kasan_check_write+0x18/0x20 [ 214.591795] ? do_raw_spin_lock+0x132/0x2a0 [ 214.592152] ? __pfx_do_exit+0x10/0x10 [ 214.592480] ? debug_smp_processor_id+0x20/0x30 [ 214.592863] ? rcu_is_watching+0x19/0xb0 [ 214.593196] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.593570] ? trace_hardirqs_on+0x26/0x120 [ 214.593928] do_group_exit+0xe0/0x2b0 [ 214.594245] __x64_sys_exit_group+0x47/0x50 [ 214.594627] do_syscall_64+0x3b/0x90 [ 214.594945] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.595388] RIP: 0033:0x7f4b87518a4d [ 214.595690] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.596185] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.596795] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.597366] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.597938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.598531] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.599108] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.599697] [ 214.599890] irq event stamp: 0 [ 214.600153] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.600663] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.601356] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.602027] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.602560] ---[ end trace 0000000000000000 ]--- [ 214.607081] ------------[ cut here ]------------ [ 214.607540] WARNING: CPU: 0 PID: 2047 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.608358] Modules linked in: [ 214.608619] CPU: 0 PID: 2047 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.609323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.610228] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.610869] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.612354] RSP: 0018:ffff888023f4fbb8 EFLAGS: 00010246 [ 214.612788] RAX: 0000000000000000 RBX: ffff88801609d8a8 RCX: 0000000000000000 [ 214.613368] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 214.613945] RBP: ffff888023f4fbd0 R08: ffffed1002c13b33 R09: ffffed1002c13b33 [ 214.614547] R10: ffff88801609d993 R11: ffffed1002c13b32 R12: ffff888012e95800 [ 214.615140] R13: ffff88801609d9e8 R14: ffffffff8352e670 R15: ffff888023f4fe68 [ 214.615710] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.616344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.616807] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 214.617389] PKRU: 55555554 [ 214.617630] Call Trace: [ 214.617840] [ 214.618025] __iommufd_access_detach+0x1c2/0x2b0 [ 214.618436] iommufd_access_change_pt+0x149/0x270 [ 214.618875] iommufd_access_replace+0xb4/0x120 [ 214.619260] iommufd_test+0x3e5/0x37e0 [ 214.619581] ? lock_release+0x532/0x770 [ 214.619912] ? __might_fault+0x102/0x1b0 [ 214.620246] ? lock_acquire+0x427/0x4c0 [ 214.620578] ? __pfx_iommufd_test+0x10/0x10 [ 214.620928] ? __pfx_lock_release+0x10/0x10 [ 214.621285] ? __pfx_lock_acquire+0x10/0x10 [ 214.621645] ? write_comp_data+0x2f/0x90 [ 214.621984] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.622385] ? write_comp_data+0x2f/0x90 [ 214.622753] iommufd_fops_ioctl+0x37d/0x510 [ 214.623108] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.623520] ? write_comp_data+0x2f/0x90 [ 214.623859] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.624254] __x64_sys_ioctl+0x1a3/0x230 [ 214.624604] do_syscall_64+0x3b/0x90 [ 214.624926] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.625359] RIP: 0033:0x7f4b8743ee5d [ 214.625660] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.627193] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.627844] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.628430] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.629033] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.629650] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.630249] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.630902] [ 214.631111] irq event stamp: 0 [ 214.631393] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.631939] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.632657] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.633363] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.633906] ---[ end trace 0000000000000000 ]--- [ 214.636849] ------------[ cut here ]------------ [ 214.637286] WARNING: CPU: 0 PID: 2047 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.638178] Modules linked in: [ 214.638463] CPU: 0 PID: 2047 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.639317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.640285] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.640710] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.642264] RSP: 0018:ffff888023f4fbd0 EFLAGS: 00010246 [ 214.642750] RAX: 0000000000000000 RBX: ffff88801609d8a8 RCX: 0000000000000000 [ 214.643421] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 214.644075] RBP: ffff888023f4fbe8 R08: ffffed1002c13b33 R09: ffffed1002c13b33 [ 214.644722] R10: ffff88801609d993 R11: ffffed1002c13b32 R12: ffff88801870b400 [ 214.645361] R13: ffff88801609d9e8 R14: ffff88800b1d8800 R15: 0000000000000000 [ 214.646008] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.646773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.647312] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.647949] PKRU: 55555554 [ 214.648209] Call Trace: [ 214.648443] [ 214.648649] iommufd_access_destroy_object+0x65/0x170 [ 214.649139] iommufd_object_destroy_user+0x18e/0x220 [ 214.649614] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.650158] iommufd_access_destroy+0x43/0x70 [ 214.650626] iommufd_test_staccess_release+0x8d/0xd0 [ 214.651133] __fput+0x26d/0xa40 [ 214.651464] ____fput+0x1e/0x30 [ 214.651776] task_work_run+0x1a4/0x2d0 [ 214.652137] ? __pfx_task_work_run+0x10/0x10 [ 214.652541] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.652994] ? switch_task_namespaces+0xa9/0xe0 [ 214.653429] do_exit+0xb17/0x2ef0 [ 214.653758] ? lock_acquire+0x427/0x4c0 [ 214.654141] ? __pfx_lock_release+0x10/0x10 [ 214.654586] ? __kasan_check_write+0x18/0x20 [ 214.655006] ? do_raw_spin_lock+0x132/0x2a0 [ 214.655430] ? __pfx_do_exit+0x10/0x10 [ 214.655804] ? debug_smp_processor_id+0x20/0x30 [ 214.656240] ? rcu_is_watching+0x19/0xb0 [ 214.656627] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.657056] ? trace_hardirqs_on+0x26/0x120 [ 214.657471] do_group_exit+0xe0/0x2b0 [ 214.657841] __x64_sys_exit_group+0x47/0x50 [ 214.658246] do_syscall_64+0x3b/0x90 [ 214.658639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.659125] RIP: 0033:0x7f4b87518a4d [ 214.659478] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.660058] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.660752] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.661399] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.662046] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.662754] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.663431] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.664098] [ 214.664319] irq event stamp: 0 [ 214.664616] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.665207] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.665986] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.666795] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.667389] ---[ end trace 0000000000000000 ]--- [ 214.668203] ------------[ cut here ]------------ [ 214.668646] WARNING: CPU: 0 PID: 2047 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.669585] Modules linked in: [ 214.669887] CPU: 0 PID: 2047 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.670726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.671787] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.672278] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.674053] RSP: 0018:ffff888023f4fb78 EFLAGS: 00010246 [ 214.674642] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.675374] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 214.676085] RBP: ffff888023f4fb98 R08: ffffed1002c13b3e R09: ffffed1002c13b3e [ 214.676799] R10: ffff88801609d9ef R11: ffffed1002c13b3d R12: ffff88801609da90 [ 214.677518] R13: ffff88801609d8a8 R14: ffffffffffffffff R15: ffff888023f4fc60 [ 214.678229] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.679094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.679700] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.680418] PKRU: 55555554 [ 214.680713] Call Trace: [ 214.680983] [ 214.681213] iommufd_ioas_destroy+0x53/0x70 [ 214.681665] iommufd_fops_release+0x1f7/0x370 [ 214.682136] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.682691] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.683214] ? write_comp_data+0x2f/0x90 [ 214.683637] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.684143] __fput+0x26d/0xa40 [ 214.684495] ____fput+0x1e/0x30 [ 214.684847] task_work_run+0x1a4/0x2d0 [ 214.685259] ? __pfx_task_work_run+0x10/0x10 [ 214.685705] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.686199] ? switch_task_namespaces+0xa9/0xe0 [ 214.686703] do_exit+0xb17/0x2ef0 [ 214.687056] ? lock_acquire+0x427/0x4c0 [ 214.687495] ? __pfx_lock_release+0x10/0x10 [ 214.687944] ? __kasan_check_write+0x18/0x20 [ 214.688399] ? do_raw_spin_lock+0x132/0x2a0 [ 214.688838] ? __pfx_do_exit+0x10/0x10 [ 214.689248] ? debug_smp_processor_id+0x20/0x30 [ 214.689723] ? rcu_is_watching+0x19/0xb0 [ 214.690134] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.690642] ? trace_hardirqs_on+0x26/0x120 [ 214.691088] do_group_exit+0xe0/0x2b0 [ 214.691492] __x64_sys_exit_group+0x47/0x50 [ 214.691928] do_syscall_64+0x3b/0x90 [ 214.692317] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.692852] RIP: 0033:0x7f4b87518a4d [ 214.693232] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.693852] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.694662] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.695407] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.696120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.696828] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.697538] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.698282] [ 214.698565] irq event stamp: 0 [ 214.698884] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.699528] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.700365] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.701194] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.701827] ---[ end trace 0000000000000000 ]--- [ 214.708430] ------------[ cut here ]------------ [ 214.709119] WARNING: CPU: 0 PID: 2048 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.710444] Modules linked in: [ 214.711321] CPU: 0 PID: 2048 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.712476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.713936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.714672] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.717053] RSP: 0018:ffff88800ea27bb8 EFLAGS: 00010246 [ 214.717755] RAX: 0000000000000000 RBX: ffff88800f3a88a8 RCX: 0000000000000000 [ 214.718728] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 214.719679] RBP: ffff88800ea27bd0 R08: ffffed1001e75133 R09: ffffed1001e75133 [ 214.720616] R10: ffff88800f3a8993 R11: ffffed1001e75132 R12: ffff8880189ca000 [ 214.721546] R13: ffff88800f3a89e8 R14: ffffffff8352e670 R15: ffff88800ea27e68 [ 214.722477] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.723585] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.724346] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 214.725277] PKRU: 55555554 [ 214.725654] Call Trace: [ 214.725998] [ 214.726308] __iommufd_access_detach+0x1c2/0x2b0 [ 214.727030] iommufd_access_change_pt+0x149/0x270 [ 214.727708] iommufd_access_replace+0xb4/0x120 [ 214.728338] iommufd_test+0x3e5/0x37e0 [ 214.728860] ? lock_release+0x532/0x770 [ 214.729406] ? __might_fault+0x102/0x1b0 [ 214.729957] ? lock_acquire+0x427/0x4c0 [ 214.730500] ? __pfx_iommufd_test+0x10/0x10 [ 214.731142] ? __pfx_lock_release+0x10/0x10 [ 214.731727] ? __pfx_lock_acquire+0x10/0x10 [ 214.732316] ? write_comp_data+0x2f/0x90 [ 214.732869] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.733520] ? write_comp_data+0x2f/0x90 [ 214.734077] iommufd_fops_ioctl+0x37d/0x510 [ 214.734704] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.735372] ? write_comp_data+0x2f/0x90 [ 214.735924] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.736564] __x64_sys_ioctl+0x1a3/0x230 [ 214.737120] do_syscall_64+0x3b/0x90 [ 214.737631] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.738326] RIP: 0033:0x7f4b8743ee5d [ 214.738862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.741245] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.742246] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.743225] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.744164] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.745088] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.746017] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.747002] [ 214.747334] irq event stamp: 0 [ 214.747756] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.748583] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.749674] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.750802] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.751659] ---[ end trace 0000000000000000 ]--- [ 214.756553] ------------[ cut here ]------------ [ 214.757217] WARNING: CPU: 0 PID: 2048 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.758594] Modules linked in: [ 214.759030] CPU: 0 PID: 2048 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.760175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.761637] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.762291] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.764711] RSP: 0018:ffff88800ea27bd0 EFLAGS: 00010246 [ 214.765417] RAX: 0000000000000000 RBX: ffff88800f3a88a8 RCX: 0000000000000000 [ 214.766340] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 214.767296] RBP: ffff88800ea27be8 R08: ffffed1001e75133 R09: ffffed1001e75133 [ 214.768222] R10: ffff88800f3a8993 R11: ffffed1001e75132 R12: ffff888012e94000 [ 214.769143] R13: ffff88800f3a89e8 R14: ffff888020a71800 R15: 0000000000000000 [ 214.770063] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.771140] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.771902] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.772829] PKRU: 55555554 [ 214.773201] Call Trace: [ 214.773541] [ 214.773845] iommufd_access_destroy_object+0x65/0x170 [ 214.774572] iommufd_object_destroy_user+0x18e/0x220 [ 214.775269] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.776038] iommufd_access_destroy+0x43/0x70 [ 214.776649] iommufd_test_staccess_release+0x8d/0xd0 [ 214.777327] __fput+0x26d/0xa40 [ 214.777788] ____fput+0x1e/0x30 [ 214.778241] task_work_run+0x1a4/0x2d0 [ 214.778811] ? __pfx_task_work_run+0x10/0x10 [ 214.779422] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.780077] ? switch_task_namespaces+0xa9/0xe0 [ 214.780706] do_exit+0xb17/0x2ef0 [ 214.781168] ? lock_acquire+0x427/0x4c0 [ 214.781711] ? __pfx_lock_release+0x10/0x10 [ 214.782292] ? __kasan_check_write+0x18/0x20 [ 214.782923] ? do_raw_spin_lock+0x132/0x2a0 [ 214.783520] ? __pfx_do_exit+0x10/0x10 [ 214.784048] ? debug_smp_processor_id+0x20/0x30 [ 214.784668] ? rcu_is_watching+0x19/0xb0 [ 214.785206] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.785808] ? trace_hardirqs_on+0x26/0x120 [ 214.786389] do_group_exit+0xe0/0x2b0 [ 214.786958] __x64_sys_exit_group+0x47/0x50 [ 214.787555] do_syscall_64+0x3b/0x90 [ 214.788066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.788756] RIP: 0033:0x7f4b87518a4d [ 214.789249] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.790047] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.791078] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.792035] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.792963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.793888] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.794848] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.795817] [ 214.796130] irq event stamp: 0 [ 214.796547] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.797363] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.798453] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.799592] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.800422] ---[ end trace 0000000000000000 ]--- [ 214.801735] ------------[ cut here ]------------ [ 214.802941] WARNING: CPU: 0 PID: 2048 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.804310] Modules linked in: [ 214.805159] CPU: 0 PID: 2048 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.806309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.808170] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.808862] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.811606] RSP: 0018:ffff88800ea27b78 EFLAGS: 00010246 [ 214.812599] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.813531] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 214.814802] RBP: ffff88800ea27b98 R08: ffffed1001e7513e R09: ffffed1001e7513e [ 214.815758] R10: ffff88800f3a89ef R11: ffffed1001e7513d R12: ffff88800f3a8a90 [ 214.816737] R13: ffff88800f3a88a8 R14: ffffffffffffffff R15: ffff88800ea27c60 [ 214.817880] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.819084] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.820052] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.820992] PKRU: 55555554 [ 214.821370] Call Trace: [ 214.822006] [ 214.822313] iommufd_ioas_destroy+0x53/0x70 [ 214.822949] iommufd_fops_release+0x1f7/0x370 [ 214.823577] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.824532] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.825197] ? write_comp_data+0x2f/0x90 [ 214.825755] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.826739] __fput+0x26d/0xa40 [ 214.827224] ____fput+0x1e/0x30 [ 214.827682] task_work_run+0x1a4/0x2d0 [ 214.828212] ? __pfx_task_work_run+0x10/0x10 [ 214.829075] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.829744] ? switch_task_namespaces+0xa9/0xe0 [ 214.830379] do_exit+0xb17/0x2ef0 [ 214.830880] ? lock_acquire+0x427/0x4c0 [ 214.831704] ? __pfx_lock_release+0x10/0x10 [ 214.832293] ? __kasan_check_write+0x18/0x20 [ 214.832887] ? do_raw_spin_lock+0x132/0x2a0 [ 214.833746] ? __pfx_do_exit+0x10/0x10 [ 214.834284] ? debug_smp_processor_id+0x20/0x30 [ 214.834944] ? rcu_is_watching+0x19/0xb0 [ 214.835503] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.836394] ? trace_hardirqs_on+0x26/0x120 [ 214.836980] do_group_exit+0xe0/0x2b0 [ 214.837491] __x64_sys_exit_group+0x47/0x50 [ 214.838153] do_syscall_64+0x3b/0x90 [ 214.838857] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.839566] RIP: 0033:0x7f4b87518a4d [ 214.840063] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.841114] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.842105] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.843374] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.844308] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.845535] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.846470] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.847720] [ 214.848039] irq event stamp: 0 [ 214.848454] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.849274] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.850360] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.851490] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.852317] ---[ end trace 0000000000000000 ]--- [ 214.860808] ------------[ cut here ]------------ [ 214.861662] WARNING: CPU: 0 PID: 2049 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.863218] Modules linked in: [ 214.863984] CPU: 0 PID: 2049 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.865130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.866910] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.867602] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.870246] RSP: 0018:ffff888016d1fbb8 EFLAGS: 00010246 [ 214.871473] RAX: 0000000000000000 RBX: ffff8880181248a8 RCX: 0000000000000000 [ 214.872245] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 214.872975] RBP: ffff888016d1fbd0 R08: ffffed1003024933 R09: ffffed1003024933 [ 214.874206] R10: ffff888018124993 R11: ffffed1003024932 R12: ffff88800a724000 [ 214.874990] R13: ffff8880181249e8 R14: ffffffff8352e670 R15: ffff888016d1fe68 [ 214.875880] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.876822] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.877503] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 214.878457] PKRU: 55555554 [ 214.878779] Call Trace: [ 214.879044] [ 214.879300] __iommufd_access_detach+0x1c2/0x2b0 [ 214.879810] iommufd_access_change_pt+0x149/0x270 [ 214.880318] iommufd_access_replace+0xb4/0x120 [ 214.881035] iommufd_test+0x3e5/0x37e0 [ 214.881443] ? lock_release+0x532/0x770 [ 214.881873] ? __might_fault+0x102/0x1b0 [ 214.882305] ? lock_acquire+0x427/0x4c0 [ 214.882836] ? __pfx_iommufd_test+0x10/0x10 [ 214.883423] ? __pfx_lock_release+0x10/0x10 [ 214.883875] ? __pfx_lock_acquire+0x10/0x10 [ 214.884334] ? write_comp_data+0x2f/0x90 [ 214.884771] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.885348] ? write_comp_data+0x2f/0x90 [ 214.885921] iommufd_fops_ioctl+0x37d/0x510 [ 214.886380] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.886924] ? write_comp_data+0x2f/0x90 [ 214.887381] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.888016] __x64_sys_ioctl+0x1a3/0x230 [ 214.888579] do_syscall_64+0x3b/0x90 [ 214.888988] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.889539] RIP: 0033:0x7f4b8743ee5d [ 214.890009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.892150] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.893167] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.893918] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.894693] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.895692] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.896437] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 214.897192] [ 214.897564] irq event stamp: 0 [ 214.898015] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.898716] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.899626] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.900748] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.901414] ---[ end trace 0000000000000000 ]--- [ 214.904950] ------------[ cut here ]------------ [ 214.905457] WARNING: CPU: 0 PID: 2049 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.906682] Modules linked in: [ 214.907152] CPU: 0 PID: 2049 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.908056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.909315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.909845] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.911789] RSP: 0018:ffff888016d1fbd0 EFLAGS: 00010246 [ 214.912353] RAX: 0000000000000000 RBX: ffff8880181248a8 RCX: 0000000000000000 [ 214.913093] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 214.913822] RBP: ffff888016d1fbe8 R08: ffffed1003024933 R09: ffffed1003024933 [ 214.914575] R10: ffff888018124993 R11: ffffed1003024932 R12: ffff8880189cb800 [ 214.915323] R13: ffff8880181249e8 R14: ffff8880122ea600 R15: 0000000000000000 [ 214.916062] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.916890] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.917491] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.918179] PKRU: 55555554 [ 214.918449] Call Trace: [ 214.918712] [ 214.918932] iommufd_access_destroy_object+0x65/0x170 [ 214.919438] iommufd_object_destroy_user+0x18e/0x220 [ 214.919928] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 214.920485] iommufd_access_destroy+0x43/0x70 [ 214.920992] iommufd_test_staccess_release+0x8d/0xd0 [ 214.921488] __fput+0x26d/0xa40 [ 214.921819] ____fput+0x1e/0x30 [ 214.922142] task_work_run+0x1a4/0x2d0 [ 214.922546] ? __pfx_task_work_run+0x10/0x10 [ 214.922976] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.923478] ? switch_task_namespaces+0xa9/0xe0 [ 214.923934] do_exit+0xb17/0x2ef0 [ 214.924266] ? lock_acquire+0x427/0x4c0 [ 214.924655] ? __pfx_lock_release+0x10/0x10 [ 214.925078] ? __kasan_check_write+0x18/0x20 [ 214.925504] ? do_raw_spin_lock+0x132/0x2a0 [ 214.925919] ? __pfx_do_exit+0x10/0x10 [ 214.926304] ? debug_smp_processor_id+0x20/0x30 [ 214.926779] ? rcu_is_watching+0x19/0xb0 [ 214.927187] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.927627] ? trace_hardirqs_on+0x26/0x120 [ 214.928050] do_group_exit+0xe0/0x2b0 [ 214.928416] __x64_sys_exit_group+0x47/0x50 [ 214.928817] do_syscall_64+0x3b/0x90 [ 214.929170] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.929656] RIP: 0033:0x7f4b87518a4d [ 214.930001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.930588] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.931298] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.931952] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.932615] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.933270] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.933931] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.934623] [ 214.934844] irq event stamp: 0 [ 214.935149] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.935732] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.936479] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.937199] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.937741] ---[ end trace 0000000000000000 ]--- [ 214.938988] ------------[ cut here ]------------ [ 214.939426] WARNING: CPU: 0 PID: 2049 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 214.940328] Modules linked in: [ 214.940608] CPU: 0 PID: 2049 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.941423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.942664] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 214.943124] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 214.944882] RSP: 0018:ffff888016d1fb78 EFLAGS: 00010246 [ 214.945349] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 214.946034] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 214.946759] RBP: ffff888016d1fb98 R08: ffffed100302493e R09: ffffed100302493e [ 214.947385] R10: ffff8880181249ef R11: ffffed100302493d R12: ffff888018124a90 [ 214.948001] R13: ffff8880181248a8 R14: ffffffffffffffff R15: ffff888016d1fc60 [ 214.948794] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.949504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.950077] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 214.950806] PKRU: 55555554 [ 214.951065] Call Trace: [ 214.951299] [ 214.951496] iommufd_ioas_destroy+0x53/0x70 [ 214.951881] iommufd_fops_release+0x1f7/0x370 [ 214.952334] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.952869] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.953306] ? write_comp_data+0x2f/0x90 [ 214.953670] ? __pfx_iommufd_fops_release+0x10/0x10 [ 214.954139] __fput+0x26d/0xa40 [ 214.954588] ____fput+0x1e/0x30 [ 214.954888] task_work_run+0x1a4/0x2d0 [ 214.955258] ? __pfx_task_work_run+0x10/0x10 [ 214.955651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.956087] ? switch_task_namespaces+0xa9/0xe0 [ 214.956607] do_exit+0xb17/0x2ef0 [ 214.957018] ? lock_acquire+0x427/0x4c0 [ 214.957379] ? __pfx_lock_release+0x10/0x10 [ 214.957766] ? __kasan_check_write+0x18/0x20 [ 214.958159] ? do_raw_spin_lock+0x132/0x2a0 [ 214.958738] ? __pfx_do_exit+0x10/0x10 [ 214.959088] ? debug_smp_processor_id+0x20/0x30 [ 214.959511] ? rcu_is_watching+0x19/0xb0 [ 214.959872] ? _raw_spin_unlock_irq+0x2b/0x60 [ 214.960272] ? trace_hardirqs_on+0x26/0x120 [ 214.960712] do_group_exit+0xe0/0x2b0 [ 214.961161] __x64_sys_exit_group+0x47/0x50 [ 214.961541] do_syscall_64+0x3b/0x90 [ 214.961874] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.962334] RIP: 0033:0x7f4b87518a4d [ 214.962766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 214.963382] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 214.964050] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 214.964671] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 214.965485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 214.966106] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 214.966743] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 214.967429] [ 214.967775] irq event stamp: 0 [ 214.968050] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 214.968602] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 214.969389] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 214.970208] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 214.970776] ---[ end trace 0000000000000000 ]--- [ 214.974868] ------------[ cut here ]------------ [ 214.975509] WARNING: CPU: 0 PID: 2050 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 214.976387] Modules linked in: [ 214.976665] CPU: 0 PID: 2050 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 214.977583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 214.978576] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 214.979009] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 214.980593] RSP: 0018:ffff88800ea27bb8 EFLAGS: 00010246 [ 214.981049] RAX: 0000000000000000 RBX: ffff88801781a0a8 RCX: 0000000000000000 [ 214.981661] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 214.982271] RBP: ffff88800ea27bd0 R08: ffffed1002f03433 R09: ffffed1002f03433 [ 214.982921] R10: ffff88801781a193 R11: ffffed1002f03432 R12: ffff88801341cc00 [ 214.983551] R13: ffff88801781a1e8 R14: ffffffff8352e670 R15: ffff88800ea27e68 [ 214.984169] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 214.984865] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 214.985364] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 214.985983] PKRU: 55555554 [ 214.986235] Call Trace: [ 214.986457] [ 214.986669] __iommufd_access_detach+0x1c2/0x2b0 [ 214.987099] iommufd_access_change_pt+0x149/0x270 [ 214.987552] iommufd_access_replace+0xb4/0x120 [ 214.987959] iommufd_test+0x3e5/0x37e0 [ 214.988299] ? lock_release+0x532/0x770 [ 214.988654] ? __might_fault+0x102/0x1b0 [ 214.989014] ? lock_acquire+0x427/0x4c0 [ 214.989369] ? __pfx_iommufd_test+0x10/0x10 [ 214.989744] ? __pfx_lock_release+0x10/0x10 [ 214.990124] ? __pfx_lock_acquire+0x10/0x10 [ 214.990537] ? write_comp_data+0x2f/0x90 [ 214.990910] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 214.991345] ? write_comp_data+0x2f/0x90 [ 214.991711] iommufd_fops_ioctl+0x37d/0x510 [ 214.992089] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.992515] ? write_comp_data+0x2f/0x90 [ 214.992876] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 214.993296] __x64_sys_ioctl+0x1a3/0x230 [ 214.993656] do_syscall_64+0x3b/0x90 [ 214.993989] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 214.994446] RIP: 0033:0x7f4b8743ee5d [ 214.994787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 214.996372] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 214.997028] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 214.997645] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 214.998260] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 214.998894] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 214.999522] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.000144] [ 215.000345] irq event stamp: 0 [ 215.000618] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.001163] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.001883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.002616] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.003169] ---[ end trace 0000000000000000 ]--- [ 215.006087] ------------[ cut here ]------------ [ 215.006494] WARNING: CPU: 0 PID: 2050 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.007360] Modules linked in: [ 215.007626] CPU: 0 PID: 2050 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.008334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.009238] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.009641] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.011206] RSP: 0018:ffff88800ea27bd0 EFLAGS: 00010246 [ 215.011644] RAX: 0000000000000000 RBX: ffff88801781a0a8 RCX: 0000000000000000 [ 215.012220] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 215.012801] RBP: ffff88800ea27be8 R08: ffffed1002f03433 R09: ffffed1002f03433 [ 215.013377] R10: ffff88801781a193 R11: ffffed1002f03432 R12: ffff88800a727c00 [ 215.013964] R13: ffff88801781a1e8 R14: ffff88802097bd00 R15: 0000000000000000 [ 215.014564] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.015217] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.015676] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.016253] PKRU: 55555554 [ 215.016481] Call Trace: [ 215.016693] [ 215.016882] iommufd_access_destroy_object+0x65/0x170 [ 215.017312] iommufd_object_destroy_user+0x18e/0x220 [ 215.017731] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.018207] iommufd_access_destroy+0x43/0x70 [ 215.018598] iommufd_test_staccess_release+0x8d/0xd0 [ 215.019022] __fput+0x26d/0xa40 [ 215.019327] ____fput+0x1e/0x30 [ 215.019608] task_work_run+0x1a4/0x2d0 [ 215.019936] ? __pfx_task_work_run+0x10/0x10 [ 215.020303] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.020709] ? switch_task_namespaces+0xa9/0xe0 [ 215.021098] do_exit+0xb17/0x2ef0 [ 215.021382] ? lock_acquire+0x427/0x4c0 [ 215.021716] ? __pfx_lock_release+0x10/0x10 [ 215.022075] ? __kasan_check_write+0x18/0x20 [ 215.022438] ? do_raw_spin_lock+0x132/0x2a0 [ 215.022820] ? __pfx_do_exit+0x10/0x10 [ 215.023162] ? debug_smp_processor_id+0x20/0x30 [ 215.023554] ? rcu_is_watching+0x19/0xb0 [ 215.023891] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.024271] ? trace_hardirqs_on+0x26/0x120 [ 215.024635] do_group_exit+0xe0/0x2b0 [ 215.024949] __x64_sys_exit_group+0x47/0x50 [ 215.025301] do_syscall_64+0x3b/0x90 [ 215.025618] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.026048] RIP: 0033:0x7f4b87518a4d [ 215.026352] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.026873] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.027501] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.028080] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.028660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.029239] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.029814] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.030402] [ 215.030612] irq event stamp: 0 [ 215.030873] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.031395] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.032076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.032757] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.033277] ---[ end trace 0000000000000000 ]--- [ 215.034001] ------------[ cut here ]------------ [ 215.034391] WARNING: CPU: 0 PID: 2050 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.035271] Modules linked in: [ 215.035540] CPU: 0 PID: 2050 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.036250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.037218] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.037640] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.039302] RSP: 0018:ffff88800ea27b78 EFLAGS: 00010246 [ 215.039733] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.040293] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 215.040851] RBP: ffff88800ea27b98 R08: ffffed1002f0343e R09: ffffed1002f0343e [ 215.041408] R10: ffff88801781a1ef R11: ffffed1002f0343d R12: ffff88801781a290 [ 215.041968] R13: ffff88801781a0a8 R14: ffffffffffffffff R15: ffff88800ea27c60 [ 215.042544] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.043187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.043646] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.044205] PKRU: 55555554 [ 215.044431] Call Trace: [ 215.044633] [ 215.044812] iommufd_ioas_destroy+0x53/0x70 [ 215.045160] iommufd_fops_release+0x1f7/0x370 [ 215.045529] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.045928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.046324] ? write_comp_data+0x2f/0x90 [ 215.046678] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.047079] __fput+0x26d/0xa40 [ 215.047363] ____fput+0x1e/0x30 [ 215.047635] task_work_run+0x1a4/0x2d0 [ 215.047954] ? __pfx_task_work_run+0x10/0x10 [ 215.048308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.048699] ? switch_task_namespaces+0xa9/0xe0 [ 215.049081] do_exit+0xb17/0x2ef0 [ 215.049357] ? lock_acquire+0x427/0x4c0 [ 215.049684] ? __pfx_lock_release+0x10/0x10 [ 215.050038] ? __kasan_check_write+0x18/0x20 [ 215.050393] ? do_raw_spin_lock+0x132/0x2a0 [ 215.050750] ? __pfx_do_exit+0x10/0x10 [ 215.051070] ? debug_smp_processor_id+0x20/0x30 [ 215.051466] ? rcu_is_watching+0x19/0xb0 [ 215.051786] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.052143] ? trace_hardirqs_on+0x26/0x120 [ 215.052486] do_group_exit+0xe0/0x2b0 [ 215.052783] __x64_sys_exit_group+0x47/0x50 [ 215.053117] do_syscall_64+0x3b/0x90 [ 215.053414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.053825] RIP: 0033:0x7f4b87518a4d [ 215.054115] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.054607] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.055210] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.055758] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.056310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.056860] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.057412] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.057968] [ 215.058151] irq event stamp: 0 [ 215.058395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.058901] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.059561] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.060259] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.060938] ---[ end trace 0000000000000000 ]--- [ 215.065361] ------------[ cut here ]------------ [ 215.065900] WARNING: CPU: 0 PID: 2051 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.066725] Modules linked in: [ 215.066977] CPU: 0 PID: 2051 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.067819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.068687] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.069131] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.070720] RSP: 0018:ffff888016d1fbb8 EFLAGS: 00010246 [ 215.071149] RAX: 0000000000000000 RBX: ffff8880162cc0a8 RCX: 0000000000000000 [ 215.071697] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 215.072244] RBP: ffff888016d1fbd0 R08: ffffed1002c59833 R09: ffffed1002c59833 [ 215.072791] R10: ffff8880162cc193 R11: ffffed1002c59832 R12: ffff888013b14400 [ 215.073339] R13: ffff8880162cc1e8 R14: ffffffff8352e670 R15: ffff888016d1fe68 [ 215.073895] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.074529] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.074976] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 215.075536] PKRU: 55555554 [ 215.075757] Call Trace: [ 215.075955] [ 215.076131] __iommufd_access_detach+0x1c2/0x2b0 [ 215.076513] iommufd_access_change_pt+0x149/0x270 [ 215.076900] iommufd_access_replace+0xb4/0x120 [ 215.077270] iommufd_test+0x3e5/0x37e0 [ 215.077577] ? lock_release+0x532/0x770 [ 215.077897] ? __might_fault+0x102/0x1b0 [ 215.078221] ? lock_acquire+0x427/0x4c0 [ 215.078557] ? __pfx_iommufd_test+0x10/0x10 [ 215.078895] ? __pfx_lock_release+0x10/0x10 [ 215.079245] ? __pfx_lock_acquire+0x10/0x10 [ 215.079590] ? write_comp_data+0x2f/0x90 [ 215.079913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.080295] ? write_comp_data+0x2f/0x90 [ 215.080622] iommufd_fops_ioctl+0x37d/0x510 [ 215.080962] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.081346] ? write_comp_data+0x2f/0x90 [ 215.081676] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.082053] __x64_sys_ioctl+0x1a3/0x230 [ 215.082378] do_syscall_64+0x3b/0x90 [ 215.082694] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.083105] RIP: 0033:0x7f4b8743ee5d [ 215.083414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.084880] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.085466] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.086013] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.086573] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.087131] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.087683] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.088240] [ 215.088421] irq event stamp: 0 [ 215.088667] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.089152] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.089800] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.090443] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.090953] ---[ end trace 0000000000000000 ]--- [ 215.093889] ------------[ cut here ]------------ [ 215.094267] WARNING: CPU: 0 PID: 2051 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.095083] Modules linked in: [ 215.095347] CPU: 0 PID: 2051 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.096196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.097075] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.097528] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.099040] RSP: 0018:ffff888016d1fbd0 EFLAGS: 00010246 [ 215.099619] RAX: 0000000000000000 RBX: ffff8880162cc0a8 RCX: 0000000000000000 [ 215.100169] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 215.100717] RBP: ffff888016d1fbe8 R08: ffffed1002c59833 R09: ffffed1002c59833 [ 215.101484] R10: ffff8880162cc193 R11: ffffed1002c59832 R12: ffff88801341c800 [ 215.102036] R13: ffff8880162cc1e8 R14: ffff88801202da00 R15: 0000000000000000 [ 215.102608] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.103400] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.103850] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.104404] PKRU: 55555554 [ 215.104627] Call Trace: [ 215.104844] [ 215.105139] iommufd_access_destroy_object+0x65/0x170 [ 215.105555] iommufd_object_destroy_user+0x18e/0x220 [ 215.105961] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.106422] iommufd_access_destroy+0x43/0x70 [ 215.106947] iommufd_test_staccess_release+0x8d/0xd0 [ 215.107373] __fput+0x26d/0xa40 [ 215.107648] ____fput+0x1e/0x30 [ 215.107920] task_work_run+0x1a4/0x2d0 [ 215.108235] ? __pfx_task_work_run+0x10/0x10 [ 215.108590] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.109126] ? switch_task_namespaces+0xa9/0xe0 [ 215.109508] do_exit+0xb17/0x2ef0 [ 215.109790] ? lock_acquire+0x427/0x4c0 [ 215.110112] ? __pfx_lock_release+0x10/0x10 [ 215.110464] ? __kasan_check_write+0x18/0x20 [ 215.110988] ? do_raw_spin_lock+0x132/0x2a0 [ 215.111345] ? __pfx_do_exit+0x10/0x10 [ 215.111662] ? debug_smp_processor_id+0x20/0x30 [ 215.112029] ? rcu_is_watching+0x19/0xb0 [ 215.112356] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.112717] ? trace_hardirqs_on+0x26/0x120 [ 215.113218] do_group_exit+0xe0/0x2b0 [ 215.113520] __x64_sys_exit_group+0x47/0x50 [ 215.113860] do_syscall_64+0x3b/0x90 [ 215.114168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.114677] RIP: 0033:0x7f4b87518a4d [ 215.115092] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.115614] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.116238] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.116880] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.117578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.118165] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.118946] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.119553] [ 215.119748] irq event stamp: 0 [ 215.120006] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.120699] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.121390] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.122074] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.122781] ---[ end trace 0000000000000000 ]--- [ 215.124014] ------------[ cut here ]------------ [ 215.124571] WARNING: CPU: 0 PID: 2051 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.125425] Modules linked in: [ 215.125694] CPU: 0 PID: 2051 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.126591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.127521] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.127950] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.129431] RSP: 0018:ffff888016d1fb78 EFLAGS: 00010246 [ 215.129865] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.130440] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 215.131037] RBP: ffff888016d1fb98 R08: ffffed1002c5983e R09: ffffed1002c5983e [ 215.131629] R10: ffff8880162cc1ef R11: ffffed1002c5983d R12: ffff8880162cc290 [ 215.132209] R13: ffff8880162cc0a8 R14: ffffffffffffffff R15: ffff888016d1fc60 [ 215.132788] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.133496] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.133977] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 215.134583] PKRU: 55555554 [ 215.134821] Call Trace: [ 215.135041] [ 215.135238] iommufd_ioas_destroy+0x53/0x70 [ 215.135600] iommufd_fops_release+0x1f7/0x370 [ 215.135972] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.136376] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.136779] ? write_comp_data+0x2f/0x90 [ 215.137116] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.137521] __fput+0x26d/0xa40 [ 215.137805] ____fput+0x1e/0x30 [ 215.138084] task_work_run+0x1a4/0x2d0 [ 215.138407] ? __pfx_task_work_run+0x10/0x10 [ 215.138783] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.139192] ? switch_task_namespaces+0xa9/0xe0 [ 215.139586] do_exit+0xb17/0x2ef0 [ 215.139872] ? lock_acquire+0x427/0x4c0 [ 215.140205] ? __pfx_lock_release+0x10/0x10 [ 215.140566] ? __kasan_check_write+0x18/0x20 [ 215.140925] ? do_raw_spin_lock+0x132/0x2a0 [ 215.141278] ? __pfx_do_exit+0x10/0x10 [ 215.141603] ? debug_smp_processor_id+0x20/0x30 [ 215.141984] ? rcu_is_watching+0x19/0xb0 [ 215.142324] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.142715] ? trace_hardirqs_on+0x26/0x120 [ 215.143076] do_group_exit+0xe0/0x2b0 [ 215.143401] __x64_sys_exit_group+0x47/0x50 [ 215.143752] do_syscall_64+0x3b/0x90 [ 215.144063] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.144496] RIP: 0033:0x7f4b87518a4d [ 215.144800] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.145297] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.145918] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.146496] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.147101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.147691] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.148268] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.148846] [ 215.149037] irq event stamp: 0 [ 215.149292] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.149799] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.150474] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.151171] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.151683] ---[ end trace 0000000000000000 ]--- [ 215.156158] ------------[ cut here ]------------ [ 215.156799] WARNING: CPU: 1 PID: 2052 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.157640] Modules linked in: [ 215.157943] CPU: 1 PID: 2052 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.158945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.159885] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.160425] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.162022] RSP: 0018:ffff88801662fbb8 EFLAGS: 00010246 [ 215.162462] RAX: 0000000000000000 RBX: ffff8880146cd8a8 RCX: 0000000000000000 [ 215.163060] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 215.163725] RBP: ffff88801662fbd0 R08: ffffed10028d9b33 R09: ffffed10028d9b33 [ 215.164380] R10: ffff8880146cd993 R11: ffffed10028d9b32 R12: ffff88801870b400 [ 215.164970] R13: ffff8880146cd9e8 R14: ffffffff8352e670 R15: ffff88801662fe68 [ 215.165598] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 215.166341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.166853] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 215.167507] PKRU: 55555554 [ 215.167803] Call Trace: [ 215.168017] [ 215.168210] __iommufd_access_detach+0x1c2/0x2b0 [ 215.168617] iommufd_access_change_pt+0x149/0x270 [ 215.169028] iommufd_access_replace+0xb4/0x120 [ 215.169491] iommufd_test+0x3e5/0x37e0 [ 215.169857] ? lock_release+0x532/0x770 [ 215.170205] ? __might_fault+0x102/0x1b0 [ 215.170572] ? lock_acquire+0x427/0x4c0 [ 215.170911] ? __pfx_iommufd_test+0x10/0x10 [ 215.171280] ? __pfx_lock_release+0x10/0x10 [ 215.171643] ? __pfx_lock_acquire+0x10/0x10 [ 215.172014] ? write_comp_data+0x2f/0x90 [ 215.172363] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.172764] ? write_comp_data+0x2f/0x90 [ 215.173106] iommufd_fops_ioctl+0x37d/0x510 [ 215.173465] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.173864] ? write_comp_data+0x2f/0x90 [ 215.174201] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.174617] __x64_sys_ioctl+0x1a3/0x230 [ 215.174958] do_syscall_64+0x3b/0x90 [ 215.175288] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.175723] RIP: 0033:0x7f4b8743ee5d [ 215.176033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.177501] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.178128] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.178731] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.179326] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.179911] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.180490] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.181084] [ 215.181278] irq event stamp: 0 [ 215.181541] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.182048] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.182758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.183451] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.183967] ---[ end trace 0000000000000000 ]--- [ 215.187011] ------------[ cut here ]------------ [ 215.187461] WARNING: CPU: 0 PID: 2052 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.188289] Modules linked in: [ 215.188550] CPU: 0 PID: 2052 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.189258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.190160] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.190631] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.192107] RSP: 0018:ffff88801662fbd0 EFLAGS: 00010246 [ 215.192533] RAX: 0000000000000000 RBX: ffff8880146cd8a8 RCX: 0000000000000000 [ 215.193105] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 215.193686] RBP: ffff88801662fbe8 R08: ffffed10028d9b33 R09: ffffed10028d9b33 [ 215.194256] R10: ffff8880146cd993 R11: ffffed10028d9b32 R12: ffff888013d4d400 [ 215.194840] R13: ffff8880146cd9e8 R14: ffff888012cdce00 R15: 0000000000000000 [ 215.195419] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.196069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.196540] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 215.197192] PKRU: 55555554 [ 215.197426] Call Trace: [ 215.197636] [ 215.197819] iommufd_access_destroy_object+0x65/0x170 [ 215.198242] iommufd_object_destroy_user+0x18e/0x220 [ 215.198681] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.199168] iommufd_access_destroy+0x43/0x70 [ 215.199542] iommufd_test_staccess_release+0x8d/0xd0 [ 215.199962] __fput+0x26d/0xa40 [ 215.200248] ____fput+0x1e/0x30 [ 215.200526] task_work_run+0x1a4/0x2d0 [ 215.200855] ? __pfx_task_work_run+0x10/0x10 [ 215.201214] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.201615] ? switch_task_namespaces+0xa9/0xe0 [ 215.202004] do_exit+0xb17/0x2ef0 [ 215.202293] ? lock_acquire+0x427/0x4c0 [ 215.202647] ? __pfx_lock_release+0x10/0x10 [ 215.203006] ? __kasan_check_write+0x18/0x20 [ 215.203381] ? do_raw_spin_lock+0x132/0x2a0 [ 215.203736] ? __pfx_do_exit+0x10/0x10 [ 215.204060] ? debug_smp_processor_id+0x20/0x30 [ 215.204441] ? rcu_is_watching+0x19/0xb0 [ 215.204777] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.205151] ? trace_hardirqs_on+0x26/0x120 [ 215.205506] do_group_exit+0xe0/0x2b0 [ 215.205818] __x64_sys_exit_group+0x47/0x50 [ 215.206172] do_syscall_64+0x3b/0x90 [ 215.206487] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.206940] RIP: 0033:0x7f4b87518a4d [ 215.207259] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.207755] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.208372] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.208951] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.209522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.210097] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.210690] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.211298] [ 215.211488] irq event stamp: 0 [ 215.211743] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.212247] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.212923] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.213598] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.214107] ---[ end trace 0000000000000000 ]--- [ 215.215043] ------------[ cut here ]------------ [ 215.215438] WARNING: CPU: 0 PID: 2052 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.216266] Modules linked in: [ 215.216525] CPU: 0 PID: 2052 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.217239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.218144] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.218590] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.220067] RSP: 0018:ffff88801662fb78 EFLAGS: 00010246 [ 215.220500] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.221057] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 215.221612] RBP: ffff88801662fb98 R08: ffffed10028d9b3e R09: ffffed10028d9b3e [ 215.222174] R10: ffff8880146cd9ef R11: ffffed10028d9b3d R12: ffff8880146cda90 [ 215.222744] R13: ffff8880146cd8a8 R14: ffffffffffffffff R15: ffff88801662fc60 [ 215.223304] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.223923] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.224377] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 215.224933] PKRU: 55555554 [ 215.225156] Call Trace: [ 215.225357] [ 215.225535] iommufd_ioas_destroy+0x53/0x70 [ 215.225882] iommufd_fops_release+0x1f7/0x370 [ 215.226242] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.226657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.227046] ? write_comp_data+0x2f/0x90 [ 215.227379] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.227782] __fput+0x26d/0xa40 [ 215.228056] ____fput+0x1e/0x30 [ 215.228325] task_work_run+0x1a4/0x2d0 [ 215.228642] ? __pfx_task_work_run+0x10/0x10 [ 215.229065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.229452] ? switch_task_namespaces+0xa9/0xe0 [ 215.229831] do_exit+0xb17/0x2ef0 [ 215.230104] ? lock_acquire+0x427/0x4c0 [ 215.230425] ? __pfx_lock_release+0x10/0x10 [ 215.230791] ? __kasan_check_write+0x18/0x20 [ 215.231152] ? do_raw_spin_lock+0x132/0x2a0 [ 215.231495] ? __pfx_do_exit+0x10/0x10 [ 215.231809] ? debug_smp_processor_id+0x20/0x30 [ 215.232177] ? rcu_is_watching+0x19/0xb0 [ 215.232496] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.232855] ? trace_hardirqs_on+0x26/0x120 [ 215.233200] do_group_exit+0xe0/0x2b0 [ 215.233504] __x64_sys_exit_group+0x47/0x50 [ 215.233842] do_syscall_64+0x3b/0x90 [ 215.234140] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.234575] RIP: 0033:0x7f4b87518a4d [ 215.234869] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.235364] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.235952] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.236506] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.237054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.237603] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.238152] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.238727] [ 215.238914] irq event stamp: 0 [ 215.239165] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.239640] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.240284] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.240920] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.241407] ---[ end trace 0000000000000000 ]--- [ 215.245068] ------------[ cut here ]------------ [ 215.245454] WARNING: CPU: 0 PID: 2053 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.246226] Modules linked in: [ 215.246471] CPU: 0 PID: 2053 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.247182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.248039] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.248419] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.249805] RSP: 0018:ffff888023cffbb8 EFLAGS: 00010246 [ 215.250213] RAX: 0000000000000000 RBX: ffff8880245658a8 RCX: 0000000000000000 [ 215.250797] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 215.251350] RBP: ffff888023cffbd0 R08: ffffed10048acb33 R09: ffffed10048acb33 [ 215.251899] R10: ffff888024565993 R11: ffffed10048acb32 R12: ffff888014610000 [ 215.252444] R13: ffff8880245659e8 R14: ffffffff8352e670 R15: ffff888023cffe68 [ 215.252988] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.253603] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.254048] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 215.254624] PKRU: 55555554 [ 215.254849] Call Trace: [ 215.255045] [ 215.255227] __iommufd_access_detach+0x1c2/0x2b0 [ 215.255607] iommufd_access_change_pt+0x149/0x270 [ 215.255986] iommufd_access_replace+0xb4/0x120 [ 215.256347] iommufd_test+0x3e5/0x37e0 [ 215.256646] ? lock_release+0x532/0x770 [ 215.256962] ? __might_fault+0x102/0x1b0 [ 215.257287] ? lock_acquire+0x427/0x4c0 [ 215.257601] ? __pfx_iommufd_test+0x10/0x10 [ 215.257931] ? __pfx_lock_release+0x10/0x10 [ 215.258268] ? __pfx_lock_acquire+0x10/0x10 [ 215.258633] ? write_comp_data+0x2f/0x90 [ 215.258960] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.259358] ? write_comp_data+0x2f/0x90 [ 215.259681] iommufd_fops_ioctl+0x37d/0x510 [ 215.260017] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.260395] ? write_comp_data+0x2f/0x90 [ 215.260721] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.261168] __x64_sys_ioctl+0x1a3/0x230 [ 215.261494] do_syscall_64+0x3b/0x90 [ 215.261789] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.262195] RIP: 0033:0x7f4b8743ee5d [ 215.262482] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.263905] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.264493] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.265035] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.265575] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.266116] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.266674] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.267235] [ 215.267417] irq event stamp: 0 [ 215.267659] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.268140] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.268780] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.269417] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.269894] ---[ end trace 0000000000000000 ]--- [ 215.272601] ------------[ cut here ]------------ [ 215.272997] WARNING: CPU: 0 PID: 2053 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.273772] Modules linked in: [ 215.274021] CPU: 0 PID: 2053 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.274710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.275593] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.275978] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.277367] RSP: 0018:ffff888023cffbd0 EFLAGS: 00010246 [ 215.277771] RAX: 0000000000000000 RBX: ffff8880245658a8 RCX: 0000000000000000 [ 215.278312] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 215.278869] RBP: ffff888023cffbe8 R08: ffffed10048acb33 R09: ffffed10048acb33 [ 215.279418] R10: ffff888024565993 R11: ffffed10048acb32 R12: ffff888013b15800 [ 215.279963] R13: ffff8880245659e8 R14: ffff8880149b9a00 R15: 0000000000000000 [ 215.280507] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.281124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.281567] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.282111] PKRU: 55555554 [ 215.282328] Call Trace: [ 215.282546] [ 215.282724] iommufd_access_destroy_object+0x65/0x170 [ 215.283135] iommufd_object_destroy_user+0x18e/0x220 [ 215.283530] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.283980] iommufd_access_destroy+0x43/0x70 [ 215.284335] iommufd_test_staccess_release+0x8d/0xd0 [ 215.284810] __fput+0x26d/0xa40 [ 215.285080] ____fput+0x1e/0x30 [ 215.285347] task_work_run+0x1a4/0x2d0 [ 215.285657] ? __pfx_task_work_run+0x10/0x10 [ 215.286001] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.286386] ? switch_task_namespaces+0xa9/0xe0 [ 215.286779] do_exit+0xb17/0x2ef0 [ 215.287050] ? lock_acquire+0x427/0x4c0 [ 215.287370] ? __pfx_lock_release+0x10/0x10 [ 215.287707] ? __kasan_check_write+0x18/0x20 [ 215.288049] ? do_raw_spin_lock+0x132/0x2a0 [ 215.288382] ? __pfx_do_exit+0x10/0x10 [ 215.288697] ? debug_smp_processor_id+0x20/0x30 [ 215.289062] ? rcu_is_watching+0x19/0xb0 [ 215.289382] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.289735] ? trace_hardirqs_on+0x26/0x120 [ 215.290077] do_group_exit+0xe0/0x2b0 [ 215.290378] __x64_sys_exit_group+0x47/0x50 [ 215.290732] do_syscall_64+0x3b/0x90 [ 215.291027] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.291437] RIP: 0033:0x7f4b87518a4d [ 215.291728] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.292198] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.292776] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.293353] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.293895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.294440] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.295001] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.295563] [ 215.295746] irq event stamp: 0 [ 215.295990] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.296470] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.297110] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.297745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.298223] ---[ end trace 0000000000000000 ]--- [ 215.298918] ------------[ cut here ]------------ [ 215.299303] WARNING: CPU: 0 PID: 2053 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.300083] Modules linked in: [ 215.300332] CPU: 0 PID: 2053 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.300998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.301849] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.302243] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.303650] RSP: 0018:ffff888023cffb78 EFLAGS: 00010246 [ 215.304059] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.304605] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 215.305151] RBP: ffff888023cffb98 R08: ffffed10048acb3e R09: ffffed10048acb3e [ 215.305695] R10: ffff8880245659ef R11: ffffed10048acb3d R12: ffff888024565a90 [ 215.306240] R13: ffff8880245658a8 R14: ffffffffffffffff R15: ffff888023cffc60 [ 215.306808] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.307435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.307882] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.308432] PKRU: 55555554 [ 215.308650] Call Trace: [ 215.308846] [ 215.309021] iommufd_ioas_destroy+0x53/0x70 [ 215.309363] iommufd_fops_release+0x1f7/0x370 [ 215.309718] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.310106] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.310486] ? write_comp_data+0x2f/0x90 [ 215.310827] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.311222] __fput+0x26d/0xa40 [ 215.311492] ____fput+0x1e/0x30 [ 215.311754] task_work_run+0x1a4/0x2d0 [ 215.312060] ? __pfx_task_work_run+0x10/0x10 [ 215.312401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.312779] ? switch_task_namespaces+0xa9/0xe0 [ 215.313147] do_exit+0xb17/0x2ef0 [ 215.313415] ? lock_acquire+0x427/0x4c0 [ 215.313730] ? __pfx_lock_release+0x10/0x10 [ 215.314067] ? __kasan_check_write+0x18/0x20 [ 215.314410] ? do_raw_spin_lock+0x132/0x2a0 [ 215.314762] ? __pfx_do_exit+0x10/0x10 [ 215.315076] ? debug_smp_processor_id+0x20/0x30 [ 215.315449] ? rcu_is_watching+0x19/0xb0 [ 215.315771] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.316128] ? trace_hardirqs_on+0x26/0x120 [ 215.316469] do_group_exit+0xe0/0x2b0 [ 215.316767] __x64_sys_exit_group+0x47/0x50 [ 215.317101] do_syscall_64+0x3b/0x90 [ 215.317399] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.317870] RIP: 0033:0x7f4b87518a4d [ 215.318575] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.319055] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.319650] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.320194] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.320740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.321282] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.321994] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.322565] [ 215.322746] irq event stamp: 0 [ 215.322989] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.324209] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.325489] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.326423] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.327352] ---[ end trace 0000000000000000 ]--- [ 215.334255] ------------[ cut here ]------------ [ 215.334832] WARNING: CPU: 0 PID: 2054 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.336031] Modules linked in: [ 215.336534] CPU: 0 PID: 2054 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.337506] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.338962] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.339541] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.341719] RSP: 0018:ffff88801662fbb8 EFLAGS: 00010246 [ 215.342317] RAX: 0000000000000000 RBX: ffff8880209cd8a8 RCX: 0000000000000000 [ 215.343320] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 215.344118] RBP: ffff88801662fbd0 R08: ffffed1004139b33 R09: ffffed1004139b33 [ 215.344906] R10: ffff8880209cd993 R11: ffffed1004139b32 R12: ffff888014111400 [ 215.345851] R13: ffff8880209cd9e8 R14: ffffffff8352e670 R15: ffff88801662fe68 [ 215.346678] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.347762] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.348418] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 215.349212] PKRU: 55555554 [ 215.349549] Call Trace: [ 215.349984] [ 215.350249] __iommufd_access_detach+0x1c2/0x2b0 [ 215.350842] iommufd_access_change_pt+0x149/0x270 [ 215.351421] iommufd_access_replace+0xb4/0x120 [ 215.351975] iommufd_test+0x3e5/0x37e0 [ 215.352562] ? lock_release+0x532/0x770 [ 215.353031] ? __might_fault+0x102/0x1b0 [ 215.353499] ? lock_acquire+0x427/0x4c0 [ 215.353986] ? __pfx_iommufd_test+0x10/0x10 [ 215.354641] ? __pfx_lock_release+0x10/0x10 [ 215.355151] ? __pfx_lock_acquire+0x10/0x10 [ 215.355656] ? write_comp_data+0x2f/0x90 [ 215.356127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.356864] ? write_comp_data+0x2f/0x90 [ 215.357344] iommufd_fops_ioctl+0x37d/0x510 [ 215.357837] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.358399] ? write_comp_data+0x2f/0x90 [ 215.359051] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.359749] __x64_sys_ioctl+0x1a3/0x230 [ 215.360234] do_syscall_64+0x3b/0x90 [ 215.360673] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.361263] RIP: 0033:0x7f4b8743ee5d [ 215.361684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.363733] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.364583] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.365369] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.366157] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.366974] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.367783] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.368591] [ 215.368858] irq event stamp: 0 [ 215.369214] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.369912] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.370873] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.371818] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.372521] ---[ end trace 0000000000000000 ]--- [ 215.377210] ------------[ cut here ]------------ [ 215.377961] WARNING: CPU: 0 PID: 2054 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.379692] Modules linked in: [ 215.380069] CPU: 0 PID: 2054 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.381105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.382483] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.383296] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.385465] RSP: 0018:ffff88801662fbd0 EFLAGS: 00010246 [ 215.386061] RAX: 0000000000000000 RBX: ffff8880209cd8a8 RCX: 0000000000000000 [ 215.387048] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 215.387733] RBP: ffff88801662fbe8 R08: ffffed1004139b33 R09: ffffed1004139b33 [ 215.388499] R10: ffff8880209cd993 R11: ffffed1004139b32 R12: ffff888014613000 [ 215.389331] R13: ffff8880209cd9e8 R14: ffff8880100bb100 R15: 0000000000000000 [ 215.390063] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.390997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.391607] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.392349] PKRU: 55555554 [ 215.392641] Call Trace: [ 215.392907] [ 215.393129] iommufd_access_destroy_object+0x65/0x170 [ 215.393821] iommufd_object_destroy_user+0x18e/0x220 [ 215.394365] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.394993] iommufd_access_destroy+0x43/0x70 [ 215.395578] iommufd_test_staccess_release+0x8d/0xd0 [ 215.396519] __fput+0x26d/0xa40 [ 215.396927] ____fput+0x1e/0x30 [ 215.397318] task_work_run+0x1a4/0x2d0 [ 215.397961] ? __pfx_task_work_run+0x10/0x10 [ 215.398478] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.399081] ? switch_task_namespaces+0xa9/0xe0 [ 215.399697] do_exit+0xb17/0x2ef0 [ 215.400218] ? lock_acquire+0x427/0x4c0 [ 215.400685] ? __pfx_lock_release+0x10/0x10 [ 215.401192] ? __kasan_check_write+0x18/0x20 [ 215.401834] ? do_raw_spin_lock+0x132/0x2a0 [ 215.402334] ? __pfx_do_exit+0x10/0x10 [ 215.402826] ? debug_smp_processor_id+0x20/0x30 [ 215.403432] ? rcu_is_watching+0x19/0xb0 [ 215.404007] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.404530] ? trace_hardirqs_on+0x26/0x120 [ 215.405083] do_group_exit+0xe0/0x2b0 [ 215.405629] __x64_sys_exit_group+0x47/0x50 [ 215.406120] do_syscall_64+0x3b/0x90 [ 215.406609] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.407335] RIP: 0033:0x7f4b87518a4d [ 215.407762] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.408448] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.409478] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.410307] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.411287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.411870] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.412848] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.413662] [ 215.413960] irq event stamp: 0 [ 215.414465] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.415225] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.416328] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.417260] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.418145] ---[ end trace 0000000000000000 ]--- [ 215.419332] ------------[ cut here ]------------ [ 215.420049] WARNING: CPU: 0 PID: 2054 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.421187] Modules linked in: [ 215.421722] CPU: 0 PID: 2054 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.422735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.424174] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.424763] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.426804] RSP: 0018:ffff88801662fb78 EFLAGS: 00010246 [ 215.427424] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.428214] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 215.429004] RBP: ffff88801662fb98 R08: ffffed1004139b3e R09: ffffed1004139b3e [ 215.429796] R10: ffff8880209cd9ef R11: ffffed1004139b3d R12: ffff8880209cda90 [ 215.430631] R13: ffff8880209cd8a8 R14: ffffffffffffffff R15: ffff88801662fc60 [ 215.431442] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.432333] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.432981] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.433778] PKRU: 55555554 [ 215.434099] Call Trace: [ 215.434393] [ 215.434688] iommufd_ioas_destroy+0x53/0x70 [ 215.435203] iommufd_fops_release+0x1f7/0x370 [ 215.435721] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.436291] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.436850] ? write_comp_data+0x2f/0x90 [ 215.437326] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.437893] __fput+0x26d/0xa40 [ 215.438291] ____fput+0x1e/0x30 [ 215.438713] task_work_run+0x1a4/0x2d0 [ 215.439186] ? __pfx_task_work_run+0x10/0x10 [ 215.439691] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.440246] ? switch_task_namespaces+0xa9/0xe0 [ 215.440787] do_exit+0xb17/0x2ef0 [ 215.441185] ? lock_acquire+0x427/0x4c0 [ 215.441646] ? __pfx_lock_release+0x10/0x10 [ 215.442140] ? __kasan_check_write+0x18/0x20 [ 215.442675] ? do_raw_spin_lock+0x132/0x2a0 [ 215.443182] ? __pfx_do_exit+0x10/0x10 [ 215.443635] ? debug_smp_processor_id+0x20/0x30 [ 215.444163] ? rcu_is_watching+0x19/0xb0 [ 215.444623] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.445140] ? trace_hardirqs_on+0x26/0x120 [ 215.445635] do_group_exit+0xe0/0x2b0 [ 215.446069] __x64_sys_exit_group+0x47/0x50 [ 215.446590] do_syscall_64+0x3b/0x90 [ 215.447030] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.447635] RIP: 0033:0x7f4b87518a4d [ 215.448055] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.448735] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.449576] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.450365] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.451339] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.451939] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.452499] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.453138] [ 215.453323] irq event stamp: 0 [ 215.453571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.454067] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.454735] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.455392] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.455883] ---[ end trace 0000000000000000 ]--- [ 215.460436] ------------[ cut here ]------------ [ 215.460826] WARNING: CPU: 0 PID: 2055 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.461616] Modules linked in: [ 215.461872] CPU: 0 PID: 2055 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.462636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.463546] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.463944] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.465370] RSP: 0018:ffff88802448fbb8 EFLAGS: 00010246 [ 215.465790] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 215.466347] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 215.466927] RBP: ffff88802448fbd0 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 215.467505] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff88801422c800 [ 215.468062] R13: ffff8880158789e8 R14: ffffffff8352e670 R15: ffff88802448fe68 [ 215.468621] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.469248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.469699] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 215.470258] PKRU: 55555554 [ 215.470487] Call Trace: [ 215.470707] [ 215.470890] __iommufd_access_detach+0x1c2/0x2b0 [ 215.471300] iommufd_access_change_pt+0x149/0x270 [ 215.471689] iommufd_access_replace+0xb4/0x120 [ 215.472062] iommufd_test+0x3e5/0x37e0 [ 215.472369] ? lock_release+0x532/0x770 [ 215.472694] ? __might_fault+0x102/0x1b0 [ 215.473023] ? lock_acquire+0x427/0x4c0 [ 215.473348] ? __pfx_iommufd_test+0x10/0x10 [ 215.473690] ? __pfx_lock_release+0x10/0x10 [ 215.474035] ? __pfx_lock_acquire+0x10/0x10 [ 215.474388] ? write_comp_data+0x2f/0x90 [ 215.474745] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.475159] ? write_comp_data+0x2f/0x90 [ 215.475497] iommufd_fops_ioctl+0x37d/0x510 [ 215.475845] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.476239] ? write_comp_data+0x2f/0x90 [ 215.476570] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.476958] __x64_sys_ioctl+0x1a3/0x230 [ 215.477294] do_syscall_64+0x3b/0x90 [ 215.477601] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.478015] RIP: 0033:0x7f4b8743ee5d [ 215.478309] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.479751] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.480356] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.480914] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.481475] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.482048] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.482632] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.483218] [ 215.483396] irq event stamp: 0 [ 215.483636] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.484128] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.484785] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.485520] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.486029] ---[ end trace 0000000000000000 ]--- [ 215.488880] ------------[ cut here ]------------ [ 215.489295] WARNING: CPU: 0 PID: 2055 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.490124] Modules linked in: [ 215.490389] CPU: 0 PID: 2055 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.491322] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.492250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.492671] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.494166] RSP: 0018:ffff88802448fbd0 EFLAGS: 00010246 [ 215.494630] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 215.495226] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 215.495814] RBP: ffff88802448fbe8 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 215.496397] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff888014113400 [ 215.496977] R13: ffff8880158789e8 R14: ffff888015bbf900 R15: 0000000000000000 [ 215.497560] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.498222] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.498725] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.499329] PKRU: 55555554 [ 215.499567] Call Trace: [ 215.499781] [ 215.499969] iommufd_access_destroy_object+0x65/0x170 [ 215.500407] iommufd_object_destroy_user+0x18e/0x220 [ 215.500833] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.501320] iommufd_access_destroy+0x43/0x70 [ 215.501729] iommufd_test_staccess_release+0x8d/0xd0 [ 215.502172] __fput+0x26d/0xa40 [ 215.502470] ____fput+0x1e/0x30 [ 215.502782] task_work_run+0x1a4/0x2d0 [ 215.503138] ? __pfx_task_work_run+0x10/0x10 [ 215.503520] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.503940] ? switch_task_namespaces+0xa9/0xe0 [ 215.504343] do_exit+0xb17/0x2ef0 [ 215.504637] ? lock_acquire+0x427/0x4c0 [ 215.504984] ? __pfx_lock_release+0x10/0x10 [ 215.505355] ? __kasan_check_write+0x18/0x20 [ 215.505730] ? do_raw_spin_lock+0x132/0x2a0 [ 215.506097] ? __pfx_do_exit+0x10/0x10 [ 215.506436] ? debug_smp_processor_id+0x20/0x30 [ 215.506854] ? rcu_is_watching+0x19/0xb0 [ 215.507218] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.507619] ? trace_hardirqs_on+0x26/0x120 [ 215.507995] do_group_exit+0xe0/0x2b0 [ 215.508320] __x64_sys_exit_group+0x47/0x50 [ 215.508685] do_syscall_64+0x3b/0x90 [ 215.509010] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.509451] RIP: 0033:0x7f4b87518a4d [ 215.509772] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.510298] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.510966] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.511584] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.512192] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.512798] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.513414] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.514032] [ 215.514239] irq event stamp: 0 [ 215.514537] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.515091] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.515819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.516533] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.517131] ---[ end trace 0000000000000000 ]--- [ 215.517881] ------------[ cut here ]------------ [ 215.518289] WARNING: CPU: 0 PID: 2055 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.519199] Modules linked in: [ 215.519485] CPU: 0 PID: 2055 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.520238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.521203] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.521658] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.523243] RSP: 0018:ffff88802448fb78 EFLAGS: 00010246 [ 215.523709] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.524313] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 215.524925] RBP: ffff88802448fb98 R08: ffffed1002b0f13e R09: ffffed1002b0f13e [ 215.525532] R10: ffff8880158789ef R11: ffffed1002b0f13d R12: ffff888015878a90 [ 215.526139] R13: ffff8880158788a8 R14: ffffffffffffffff R15: ffff88802448fc60 [ 215.526762] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.527467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.527963] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.528568] PKRU: 55555554 [ 215.528809] Call Trace: [ 215.529028] [ 215.529225] iommufd_ioas_destroy+0x53/0x70 [ 215.529605] iommufd_fops_release+0x1f7/0x370 [ 215.529993] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.530427] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.530871] ? write_comp_data+0x2f/0x90 [ 215.531240] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.531679] __fput+0x26d/0xa40 [ 215.531985] ____fput+0x1e/0x30 [ 215.532289] task_work_run+0x1a4/0x2d0 [ 215.532645] ? __pfx_task_work_run+0x10/0x10 [ 215.533041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.533481] ? switch_task_namespaces+0xa9/0xe0 [ 215.533903] do_exit+0xb17/0x2ef0 [ 215.534214] ? lock_acquire+0x427/0x4c0 [ 215.534602] ? __pfx_lock_release+0x10/0x10 [ 215.534999] ? __kasan_check_write+0x18/0x20 [ 215.535417] ? do_raw_spin_lock+0x132/0x2a0 [ 215.535800] ? __pfx_do_exit+0x10/0x10 [ 215.536153] ? debug_smp_processor_id+0x20/0x30 [ 215.536572] ? rcu_is_watching+0x19/0xb0 [ 215.536940] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.537347] ? trace_hardirqs_on+0x26/0x120 [ 215.537743] do_group_exit+0xe0/0x2b0 [ 215.538088] __x64_sys_exit_group+0x47/0x50 [ 215.538478] do_syscall_64+0x3b/0x90 [ 215.538849] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.539315] RIP: 0033:0x7f4b87518a4d [ 215.539643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.540177] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.540839] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.541461] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.542077] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.542717] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.543362] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.543997] [ 215.544205] irq event stamp: 0 [ 215.544487] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.545042] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.545780] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.546531] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.547089] ---[ end trace 0000000000000000 ]--- [ 215.551900] ------------[ cut here ]------------ [ 215.552355] WARNING: CPU: 0 PID: 2056 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.553217] Modules linked in: [ 215.553495] CPU: 0 PID: 2056 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.554236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.555235] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.555668] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.557207] RSP: 0018:ffff888017007bb8 EFLAGS: 00010246 [ 215.557664] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 215.558271] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 215.558902] RBP: ffff888017007bd0 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 215.559531] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff888014581800 [ 215.560137] R13: ffff88800b8161e8 R14: ffffffff8352e670 R15: ffff888017007e68 [ 215.560741] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.561422] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.561914] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 215.562546] PKRU: 55555554 [ 215.562791] Call Trace: [ 215.563011] [ 215.563217] __iommufd_access_detach+0x1c2/0x2b0 [ 215.563642] iommufd_access_change_pt+0x149/0x270 [ 215.564069] iommufd_access_replace+0xb4/0x120 [ 215.564473] iommufd_test+0x3e5/0x37e0 [ 215.564813] ? lock_release+0x532/0x770 [ 215.565170] ? __might_fault+0x102/0x1b0 [ 215.565533] ? lock_acquire+0x427/0x4c0 [ 215.565895] ? __pfx_iommufd_test+0x10/0x10 [ 215.566270] ? __pfx_lock_release+0x10/0x10 [ 215.566700] ? __pfx_lock_acquire+0x10/0x10 [ 215.567091] ? write_comp_data+0x2f/0x90 [ 215.567469] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.567904] ? write_comp_data+0x2f/0x90 [ 215.568267] iommufd_fops_ioctl+0x37d/0x510 [ 215.568653] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.569081] ? write_comp_data+0x2f/0x90 [ 215.569454] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.569876] __x64_sys_ioctl+0x1a3/0x230 [ 215.570241] do_syscall_64+0x3b/0x90 [ 215.570597] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.571056] RIP: 0033:0x7f4b8743ee5d [ 215.571393] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.573563] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.574462] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.575355] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.576582] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.577438] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.578276] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.579311] [ 215.579753] irq event stamp: 0 [ 215.580150] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.580912] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.581917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.583394] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.583998] ---[ end trace 0000000000000000 ]--- [ 215.587110] ------------[ cut here ]------------ [ 215.587921] WARNING: CPU: 0 PID: 2056 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.588841] Modules linked in: [ 215.589131] CPU: 0 PID: 2056 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.590136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.591202] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.591664] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.593545] RSP: 0018:ffff888017007bd0 EFLAGS: 00010246 [ 215.594241] RAX: 0000000000000000 RBX: ffff88800b8160a8 RCX: 0000000000000000 [ 215.594906] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 215.595595] RBP: ffff888017007be8 R08: ffffed1001702c33 R09: ffffed1001702c33 [ 215.596365] R10: ffff88800b816193 R11: ffffed1001702c32 R12: ffff88801422e800 [ 215.597130] R13: ffff88800b8161e8 R14: ffff888020980800 R15: 0000000000000000 [ 215.597801] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.598801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.599367] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.600040] PKRU: 55555554 [ 215.600309] Call Trace: [ 215.600574] [ 215.600871] iommufd_access_destroy_object+0x65/0x170 [ 215.601467] iommufd_object_destroy_user+0x18e/0x220 [ 215.601961] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.602553] iommufd_access_destroy+0x43/0x70 [ 215.602993] iommufd_test_staccess_release+0x8d/0xd0 [ 215.603728] __fput+0x26d/0xa40 [ 215.604061] ____fput+0x1e/0x30 [ 215.604382] task_work_run+0x1a4/0x2d0 [ 215.604763] ? __pfx_task_work_run+0x10/0x10 [ 215.605218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.605867] ? switch_task_namespaces+0xa9/0xe0 [ 215.606325] do_exit+0xb17/0x2ef0 [ 215.606679] ? lock_acquire+0x427/0x4c0 [ 215.607067] ? __pfx_lock_release+0x10/0x10 [ 215.607506] ? __kasan_check_write+0x18/0x20 [ 215.608157] ? do_raw_spin_lock+0x132/0x2a0 [ 215.608572] ? __pfx_do_exit+0x10/0x10 [ 215.608954] ? debug_smp_processor_id+0x20/0x30 [ 215.609421] ? rcu_is_watching+0x19/0xb0 [ 215.610329] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.611095] ? trace_hardirqs_on+0x26/0x120 [ 215.611758] do_group_exit+0xe0/0x2b0 [ 215.612293] __x64_sys_exit_group+0x47/0x50 [ 215.613369] do_syscall_64+0x3b/0x90 [ 215.613922] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.614703] RIP: 0033:0x7f4b87518a4d [ 215.615533] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.616362] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.617442] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.618663] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.619642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.620901] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.621857] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.623213] [ 215.623560] irq event stamp: 0 [ 215.623988] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.624935] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.626230] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.627710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.628540] ---[ end trace 0000000000000000 ]--- [ 215.630048] ------------[ cut here ]------------ [ 215.630740] WARNING: CPU: 0 PID: 2056 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.632218] Modules linked in: [ 215.632852] CPU: 0 PID: 2056 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.633999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.635852] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.636622] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.639276] RSP: 0018:ffff888017007b78 EFLAGS: 00010246 [ 215.640292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.641224] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 215.642285] RBP: ffff888017007b98 R08: ffffed1001702c3e R09: ffffed1001702c3e [ 215.643527] R10: ffff88800b8161ef R11: ffffed1001702c3d R12: ffff88800b816290 [ 215.644476] R13: ffff88800b8160a8 R14: ffffffffffffffff R15: ffff888017007c60 [ 215.645750] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.646888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.648025] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.648987] PKRU: 55555554 [ 215.649382] Call Trace: [ 215.649828] [ 215.650348] iommufd_ioas_destroy+0x53/0x70 [ 215.651020] iommufd_fops_release+0x1f7/0x370 [ 215.651678] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.652457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.653340] ? write_comp_data+0x2f/0x90 [ 215.653929] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.654776] __fput+0x26d/0xa40 [ 215.655494] ____fput+0x1e/0x30 [ 215.655977] task_work_run+0x1a4/0x2d0 [ 215.656516] ? __pfx_task_work_run+0x10/0x10 [ 215.657119] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.658049] ? switch_task_namespaces+0xa9/0xe0 [ 215.658778] do_exit+0xb17/0x2ef0 [ 215.659300] ? lock_acquire+0x427/0x4c0 [ 215.659922] ? __pfx_lock_release+0x10/0x10 [ 215.660729] ? __kasan_check_write+0x18/0x20 [ 215.661351] ? do_raw_spin_lock+0x132/0x2a0 [ 215.661981] ? __pfx_do_exit+0x10/0x10 [ 215.662825] ? debug_smp_processor_id+0x20/0x30 [ 215.663506] ? rcu_is_watching+0x19/0xb0 [ 215.664077] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.664840] ? trace_hardirqs_on+0x26/0x120 [ 215.665616] do_group_exit+0xe0/0x2b0 [ 215.666149] __x64_sys_exit_group+0x47/0x50 [ 215.666787] do_syscall_64+0x3b/0x90 [ 215.667352] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.668069] RIP: 0033:0x7f4b87518a4d [ 215.668585] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.669417] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.670431] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.671508] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.672469] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.673414] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.674366] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.675415] [ 215.675752] irq event stamp: 0 [ 215.676175] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.677019] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.678150] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.679339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.680141] ---[ end trace 0000000000000000 ]--- [ 215.687087] ------------[ cut here ]------------ [ 215.687762] WARNING: CPU: 0 PID: 2057 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.688735] Modules linked in: [ 215.689041] CPU: 0 PID: 2057 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.689881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.691237] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.691736] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.693489] RSP: 0018:ffff888017bbfbb8 EFLAGS: 00010246 [ 215.694009] RAX: 0000000000000000 RBX: ffff888010b7f0a8 RCX: 0000000000000000 [ 215.694718] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 215.695415] RBP: ffff888017bbfbd0 R08: ffffed100216fe33 R09: ffffed100216fe33 [ 215.696094] R10: ffff888010b7f193 R11: ffffed100216fe32 R12: ffff88800fcb3c00 [ 215.696775] R13: ffff888010b7f1e8 R14: ffffffff8352e670 R15: ffff888017bbfe68 [ 215.697463] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.698237] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.698831] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 215.699530] PKRU: 55555554 [ 215.699808] Call Trace: [ 215.700052] [ 215.700272] __iommufd_access_detach+0x1c2/0x2b0 [ 215.700750] iommufd_access_change_pt+0x149/0x270 [ 215.701231] iommufd_access_replace+0xb4/0x120 [ 215.701689] iommufd_test+0x3e5/0x37e0 [ 215.702071] ? lock_release+0x532/0x770 [ 215.702468] ? __might_fault+0x102/0x1b0 [ 215.702897] ? lock_acquire+0x427/0x4c0 [ 215.703314] ? __pfx_iommufd_test+0x10/0x10 [ 215.703733] ? __pfx_lock_release+0x10/0x10 [ 215.704160] ? __pfx_lock_acquire+0x10/0x10 [ 215.704597] ? write_comp_data+0x2f/0x90 [ 215.705002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.705482] ? write_comp_data+0x2f/0x90 [ 215.705887] iommufd_fops_ioctl+0x37d/0x510 [ 215.706315] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.706914] ? write_comp_data+0x2f/0x90 [ 215.707340] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.707819] __x64_sys_ioctl+0x1a3/0x230 [ 215.708224] do_syscall_64+0x3b/0x90 [ 215.708596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.709142] RIP: 0033:0x7f4b8743ee5d [ 215.709502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.711293] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.712039] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.712730] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.713410] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.714089] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.714796] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.715501] [ 215.715730] irq event stamp: 0 [ 215.716035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.716641] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.717455] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.718262] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.718901] ---[ end trace 0000000000000000 ]--- [ 215.721999] ------------[ cut here ]------------ [ 215.722490] WARNING: CPU: 0 PID: 2057 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.723532] Modules linked in: [ 215.723848] CPU: 0 PID: 2057 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.724683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.725760] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.726246] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.728035] RSP: 0018:ffff888017bbfbd0 EFLAGS: 00010246 [ 215.728556] RAX: 0000000000000000 RBX: ffff888010b7f0a8 RCX: 0000000000000000 [ 215.729242] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 215.729922] RBP: ffff888017bbfbe8 R08: ffffed100216fe33 R09: ffffed100216fe33 [ 215.730627] R10: ffff888010b7f193 R11: ffffed100216fe32 R12: ffff888014580c00 [ 215.731325] R13: ffff888010b7f1e8 R14: ffff88800f188900 R15: 0000000000000000 [ 215.732010] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.732781] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.733339] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.734022] PKRU: 55555554 [ 215.734300] Call Trace: [ 215.734570] [ 215.734792] iommufd_access_destroy_object+0x65/0x170 [ 215.735317] iommufd_object_destroy_user+0x18e/0x220 [ 215.735815] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.736388] iommufd_access_destroy+0x43/0x70 [ 215.736840] iommufd_test_staccess_release+0x8d/0xd0 [ 215.737339] __fput+0x26d/0xa40 [ 215.737682] ____fput+0x1e/0x30 [ 215.738013] task_work_run+0x1a4/0x2d0 [ 215.738400] ? __pfx_task_work_run+0x10/0x10 [ 215.738858] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.739358] ? switch_task_namespaces+0xa9/0xe0 [ 215.739830] do_exit+0xb17/0x2ef0 [ 215.740185] ? lock_acquire+0x427/0x4c0 [ 215.740587] ? __pfx_lock_release+0x10/0x10 [ 215.741078] ? __kasan_check_write+0x18/0x20 [ 215.741516] ? do_raw_spin_lock+0x132/0x2a0 [ 215.741937] ? __pfx_do_exit+0x10/0x10 [ 215.742327] ? debug_smp_processor_id+0x20/0x30 [ 215.742809] ? rcu_is_watching+0x19/0xb0 [ 215.743229] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.743683] ? trace_hardirqs_on+0x26/0x120 [ 215.744113] do_group_exit+0xe0/0x2b0 [ 215.744480] __x64_sys_exit_group+0x47/0x50 [ 215.744900] do_syscall_64+0x3b/0x90 [ 215.745275] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.745786] RIP: 0033:0x7f4b87518a4d [ 215.746151] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.746779] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.747525] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.748210] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.748892] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.749567] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.750243] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.750960] [ 215.751203] irq event stamp: 0 [ 215.751512] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.752115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.752910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.753697] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.754300] ---[ end trace 0000000000000000 ]--- [ 215.755181] ------------[ cut here ]------------ [ 215.755652] WARNING: CPU: 0 PID: 2057 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.756629] Modules linked in: [ 215.756938] CPU: 0 PID: 2057 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.757771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.758880] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.759410] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.761162] RSP: 0018:ffff888017bbfb78 EFLAGS: 00010246 [ 215.761675] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.762354] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 215.763060] RBP: ffff888017bbfb98 R08: ffffed100216fe3e R09: ffffed100216fe3e [ 215.763760] R10: ffff888010b7f1ef R11: ffffed100216fe3d R12: ffff888010b7f290 [ 215.764439] R13: ffff888010b7f0a8 R14: ffffffffffffffff R15: ffff888017bbfc60 [ 215.765118] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.765893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.766452] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.767168] PKRU: 55555554 [ 215.767454] Call Trace: [ 215.767706] [ 215.767926] iommufd_ioas_destroy+0x53/0x70 [ 215.768351] iommufd_fops_release+0x1f7/0x370 [ 215.768793] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.769279] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.769759] ? write_comp_data+0x2f/0x90 [ 215.770159] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.770661] __fput+0x26d/0xa40 [ 215.771000] ____fput+0x1e/0x30 [ 215.771342] task_work_run+0x1a4/0x2d0 [ 215.771734] ? __pfx_task_work_run+0x10/0x10 [ 215.772165] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.772642] ? switch_task_namespaces+0xa9/0xe0 [ 215.773168] do_exit+0xb17/0x2ef0 [ 215.773506] ? lock_acquire+0x427/0x4c0 [ 215.773896] ? __pfx_lock_release+0x10/0x10 [ 215.774323] ? __kasan_check_write+0x18/0x20 [ 215.774799] ? do_raw_spin_lock+0x132/0x2a0 [ 215.775238] ? __pfx_do_exit+0x10/0x10 [ 215.775626] ? debug_smp_processor_id+0x20/0x30 [ 215.776075] ? rcu_is_watching+0x19/0xb0 [ 215.776471] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.776917] ? trace_hardirqs_on+0x26/0x120 [ 215.777343] do_group_exit+0xe0/0x2b0 [ 215.777717] __x64_sys_exit_group+0x47/0x50 [ 215.778132] do_syscall_64+0x3b/0x90 [ 215.778526] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.779043] RIP: 0033:0x7f4b87518a4d [ 215.779410] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.779998] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.780724] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.781412] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.782091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.782799] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.783511] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.784207] [ 215.784437] irq event stamp: 0 [ 215.784745] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.785366] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.786171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.786994] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.787618] ---[ end trace 0000000000000000 ]--- [ 215.793039] ------------[ cut here ]------------ [ 215.793556] WARNING: CPU: 0 PID: 2058 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.794569] Modules linked in: [ 215.794879] CPU: 0 PID: 2058 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.795729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.796798] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.797271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.799024] RSP: 0018:ffff888011d57bb8 EFLAGS: 00010246 [ 215.799550] RAX: 0000000000000000 RBX: ffff8880180cd0a8 RCX: 0000000000000000 [ 215.800228] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 215.800910] RBP: ffff888011d57bd0 R08: ffffed1003019a33 R09: ffffed1003019a33 [ 215.801594] R10: ffff8880180cd193 R11: ffffed1003019a32 R12: ffff888020954800 [ 215.802279] R13: ffff8880180cd1e8 R14: ffffffff8352e670 R15: ffff888011d57e68 [ 215.802986] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.803777] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.804331] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 215.805091] PKRU: 55555554 [ 215.805367] Call Trace: [ 215.805611] [ 215.805827] __iommufd_access_detach+0x1c2/0x2b0 [ 215.806299] iommufd_access_change_pt+0x149/0x270 [ 215.806789] iommufd_access_replace+0xb4/0x120 [ 215.807252] iommufd_test+0x3e5/0x37e0 [ 215.807627] ? lock_release+0x532/0x770 [ 215.808018] ? __might_fault+0x102/0x1b0 [ 215.808417] ? lock_acquire+0x427/0x4c0 [ 215.808811] ? __pfx_iommufd_test+0x10/0x10 [ 215.809223] ? __pfx_lock_release+0x10/0x10 [ 215.809640] ? __pfx_lock_acquire+0x10/0x10 [ 215.810059] ? write_comp_data+0x2f/0x90 [ 215.810459] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.810947] ? write_comp_data+0x2f/0x90 [ 215.811366] iommufd_fops_ioctl+0x37d/0x510 [ 215.811788] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.812260] ? write_comp_data+0x2f/0x90 [ 215.812669] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.813143] __x64_sys_ioctl+0x1a3/0x230 [ 215.813545] do_syscall_64+0x3b/0x90 [ 215.813913] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.814418] RIP: 0033:0x7f4b8743ee5d [ 215.814788] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.816483] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.817191] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.817859] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.818536] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.819217] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.819880] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.820554] [ 215.820776] irq event stamp: 0 [ 215.821070] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.821651] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.822417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.823225] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.823818] ---[ end trace 0000000000000000 ]--- [ 215.826809] ------------[ cut here ]------------ [ 215.827281] WARNING: CPU: 0 PID: 2058 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.828228] Modules linked in: [ 215.828528] CPU: 0 PID: 2058 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.829333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.830375] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.830866] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.832827] RSP: 0018:ffff888011d57bd0 EFLAGS: 00010246 [ 215.833786] RAX: 0000000000000000 RBX: ffff8880180cd0a8 RCX: 0000000000000000 [ 215.834734] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 215.835780] RBP: ffff888011d57be8 R08: ffffed1003019a33 R09: ffffed1003019a33 [ 215.836690] R10: ffff8880180cd193 R11: ffffed1003019a32 R12: ffff88800fcb1c00 [ 215.837832] R13: ffff8880180cd1e8 R14: ffff88801381a500 R15: 0000000000000000 [ 215.838757] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.840002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.840725] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.841691] PKRU: 55555554 [ 215.842168] Call Trace: [ 215.842489] [ 215.842818] iommufd_access_destroy_object+0x65/0x170 [ 215.843487] iommufd_object_destroy_user+0x18e/0x220 [ 215.844344] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.845085] iommufd_access_destroy+0x43/0x70 [ 215.845527] iommufd_test_staccess_release+0x8d/0xd0 [ 215.846297] __fput+0x26d/0xa40 [ 215.846658] ____fput+0x1e/0x30 [ 215.846969] task_work_run+0x1a4/0x2d0 [ 215.847366] ? __pfx_task_work_run+0x10/0x10 [ 215.847775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.848292] ? switch_task_namespaces+0xa9/0xe0 [ 215.848894] do_exit+0xb17/0x2ef0 [ 215.849220] ? lock_acquire+0x427/0x4c0 [ 215.849595] ? __pfx_lock_release+0x10/0x10 [ 215.850001] ? __kasan_check_write+0x18/0x20 [ 215.850558] ? do_raw_spin_lock+0x132/0x2a0 [ 215.851092] ? __pfx_do_exit+0x10/0x10 [ 215.851478] ? debug_smp_processor_id+0x20/0x30 [ 215.851926] ? rcu_is_watching+0x19/0xb0 [ 215.852309] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.852739] ? trace_hardirqs_on+0x26/0x120 [ 215.853360] do_group_exit+0xe0/0x2b0 [ 215.853716] __x64_sys_exit_group+0x47/0x50 [ 215.854113] do_syscall_64+0x3b/0x90 [ 215.854468] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.855032] RIP: 0033:0x7f4b87518a4d [ 215.855558] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.856119] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.856807] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.857555] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.858341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.859014] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.859748] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.860612] [ 215.860833] irq event stamp: 0 [ 215.861121] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.861718] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.862682] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.863450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.864034] ---[ end trace 0000000000000000 ]--- [ 215.865193] ------------[ cut here ]------------ [ 215.865660] WARNING: CPU: 0 PID: 2058 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.866771] Modules linked in: [ 215.867209] CPU: 0 PID: 2058 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.868037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.869205] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.869815] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.871961] RSP: 0018:ffff888011d57b78 EFLAGS: 00010246 [ 215.872484] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.873160] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 215.873930] RBP: ffff888011d57b98 R08: ffffed1003019a3e R09: ffffed1003019a3e [ 215.874745] R10: ffff8880180cd1ef R11: ffffed1003019a3d R12: ffff8880180cd290 [ 215.875425] R13: ffff8880180cd0a8 R14: ffffffffffffffff R15: ffff888011d57c60 [ 215.876128] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.877057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.877602] CR2: 00007f4b875fca50 CR3: 0000000014928000 CR4: 0000000000750ef0 [ 215.878373] PKRU: 55555554 [ 215.878789] Call Trace: [ 215.879037] [ 215.879267] iommufd_ioas_destroy+0x53/0x70 [ 215.879692] iommufd_fops_release+0x1f7/0x370 [ 215.880123] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.880678] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.881356] ? write_comp_data+0x2f/0x90 [ 215.881792] ? __pfx_iommufd_fops_release+0x10/0x10 [ 215.882311] __fput+0x26d/0xa40 [ 215.882703] ____fput+0x1e/0x30 [ 215.883315] task_work_run+0x1a4/0x2d0 [ 215.883735] ? __pfx_task_work_run+0x10/0x10 [ 215.884196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.884701] ? switch_task_namespaces+0xa9/0xe0 [ 215.885205] do_exit+0xb17/0x2ef0 [ 215.885679] ? lock_acquire+0x427/0x4c0 [ 215.886262] ? __pfx_lock_release+0x10/0x10 [ 215.886745] ? __kasan_check_write+0x18/0x20 [ 215.887239] ? do_raw_spin_lock+0x132/0x2a0 [ 215.887696] ? __pfx_do_exit+0x10/0x10 [ 215.888232] ? debug_smp_processor_id+0x20/0x30 [ 215.888860] ? rcu_is_watching+0x19/0xb0 [ 215.889284] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.889767] ? trace_hardirqs_on+0x26/0x120 [ 215.890323] do_group_exit+0xe0/0x2b0 [ 215.890873] __x64_sys_exit_group+0x47/0x50 [ 215.891335] do_syscall_64+0x3b/0x90 [ 215.891730] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.892283] RIP: 0033:0x7f4b87518a4d [ 215.892673] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.893596] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.894389] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.895162] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.896159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.896892] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.897618] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.898641] [ 215.898888] irq event stamp: 0 [ 215.899225] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.899873] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.901013] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.901872] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.902554] ---[ end trace 0000000000000000 ]--- [ 215.909312] ------------[ cut here ]------------ [ 215.909828] WARNING: CPU: 0 PID: 2059 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.911501] Modules linked in: [ 215.911849] CPU: 0 PID: 2059 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.912761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.913928] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.914446] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.916404] RSP: 0018:ffff88801845fbb8 EFLAGS: 00010246 [ 215.916964] RAX: 0000000000000000 RBX: ffff88800f3730a8 RCX: 0000000000000000 [ 215.917717] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 215.918455] RBP: ffff88801845fbd0 R08: ffffed1001e6e633 R09: ffffed1001e6e633 [ 215.919220] R10: ffff88800f373193 R11: ffffed1001e6e632 R12: ffff888013bc7000 [ 215.919963] R13: ffff88800f3731e8 R14: ffffffff8352e670 R15: ffff88801845fe68 [ 215.920713] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.921554] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.922166] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 215.922946] PKRU: 55555554 [ 215.923276] Call Trace: [ 215.923546] [ 215.923782] __iommufd_access_detach+0x1c2/0x2b0 [ 215.924288] iommufd_access_change_pt+0x149/0x270 [ 215.924799] iommufd_access_replace+0xb4/0x120 [ 215.925283] iommufd_test+0x3e5/0x37e0 [ 215.925694] ? lock_release+0x532/0x770 [ 215.926144] ? __might_fault+0x102/0x1b0 [ 215.926603] ? lock_acquire+0x427/0x4c0 [ 215.927035] ? __pfx_iommufd_test+0x10/0x10 [ 215.927503] ? __pfx_lock_release+0x10/0x10 [ 215.927961] ? __pfx_lock_acquire+0x10/0x10 [ 215.928432] ? write_comp_data+0x2f/0x90 [ 215.928866] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.929373] ? write_comp_data+0x2f/0x90 [ 215.929812] iommufd_fops_ioctl+0x37d/0x510 [ 215.930269] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.930825] ? write_comp_data+0x2f/0x90 [ 215.931292] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 215.931804] __x64_sys_ioctl+0x1a3/0x230 [ 215.932238] do_syscall_64+0x3b/0x90 [ 215.932636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.933181] RIP: 0033:0x7f4b8743ee5d [ 215.933571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 215.935481] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 215.936271] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 215.937002] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 215.937752] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 215.938498] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 215.939272] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 215.940005] [ 215.940250] irq event stamp: 0 [ 215.940579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.941236] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.942094] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.942992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.943655] ---[ end trace 0000000000000000 ]--- [ 215.947432] ------------[ cut here ]------------ [ 215.947952] WARNING: CPU: 0 PID: 2059 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 215.949322] Modules linked in: [ 215.949657] CPU: 0 PID: 2059 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.950587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.951753] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 215.952267] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 215.954417] RSP: 0018:ffff88801845fbd0 EFLAGS: 00010246 [ 215.954999] RAX: 0000000000000000 RBX: ffff88800f3730a8 RCX: 0000000000000000 [ 215.955751] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 215.956497] RBP: ffff88801845fbe8 R08: ffffed1001e6e633 R09: ffffed1001e6e633 [ 215.957484] R10: ffff88800f373193 R11: ffffed1001e6e632 R12: ffff888020956c00 [ 215.958242] R13: ffff88800f3731e8 R14: ffff88800fd68600 R15: 0000000000000000 [ 215.959032] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.959906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.960590] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 215.961521] PKRU: 55555554 [ 215.961829] Call Trace: [ 215.962101] [ 215.962340] iommufd_access_destroy_object+0x65/0x170 [ 215.962916] iommufd_object_destroy_user+0x18e/0x220 [ 215.963488] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 215.964166] iommufd_access_destroy+0x43/0x70 [ 215.964898] iommufd_test_staccess_release+0x8d/0xd0 [ 215.965458] __fput+0x26d/0xa40 [ 215.965846] ____fput+0x1e/0x30 [ 215.966210] task_work_run+0x1a4/0x2d0 [ 215.966806] ? __pfx_task_work_run+0x10/0x10 [ 215.967462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 215.967995] ? switch_task_namespaces+0xa9/0xe0 [ 215.968501] do_exit+0xb17/0x2ef0 [ 215.968869] ? lock_acquire+0x427/0x4c0 [ 215.969341] ? __pfx_lock_release+0x10/0x10 [ 215.970026] ? __kasan_check_write+0x18/0x20 [ 215.970553] ? do_raw_spin_lock+0x132/0x2a0 [ 215.971024] ? __pfx_do_exit+0x10/0x10 [ 215.971466] ? debug_smp_processor_id+0x20/0x30 [ 215.972006] ? rcu_is_watching+0x19/0xb0 [ 215.972672] ? _raw_spin_unlock_irq+0x2b/0x60 [ 215.973160] ? trace_hardirqs_on+0x26/0x120 [ 215.973631] do_group_exit+0xe0/0x2b0 [ 215.974050] __x64_sys_exit_group+0x47/0x50 [ 215.974796] do_syscall_64+0x3b/0x90 [ 215.975231] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 215.975796] RIP: 0033:0x7f4b87518a4d [ 215.976194] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 215.976854] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 215.977946] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 215.978737] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 215.979510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 215.980552] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 215.981319] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 215.982190] [ 215.982646] irq event stamp: 0 [ 215.982986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 215.983673] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 215.984551] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 215.985707] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 215.986380] ---[ end trace 0000000000000000 ]--- [ 215.987346] ------------[ cut here ]------------ [ 215.987862] WARNING: CPU: 0 PID: 2059 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 215.988949] Modules linked in: [ 215.989295] CPU: 0 PID: 2059 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 215.990224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 215.991447] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 215.992011] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 215.993944] RSP: 0018:ffff88801845fb78 EFLAGS: 00010246 [ 215.994547] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 215.995333] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 215.996092] RBP: ffff88801845fb98 R08: ffffed1001e6e63e R09: ffffed1001e6e63e [ 215.996853] R10: ffff88800f3731ef R11: ffffed1001e6e63d R12: ffff88800f373290 [ 215.997628] R13: ffff88800f3730a8 R14: ffffffffffffffff R15: ffff88801845fc60 [ 215.998372] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 215.999262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 215.999883] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.000634] PKRU: 55555554 [ 216.000932] Call Trace: [ 216.001212] [ 216.001457] iommufd_ioas_destroy+0x53/0x70 [ 216.001918] iommufd_fops_release+0x1f7/0x370 [ 216.002404] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.002981] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.003537] ? write_comp_data+0x2f/0x90 [ 216.003991] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.004528] __fput+0x26d/0xa40 [ 216.004896] ____fput+0x1e/0x30 [ 216.005251] task_work_run+0x1a4/0x2d0 [ 216.005672] ? __pfx_task_work_run+0x10/0x10 [ 216.006152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.006706] ? switch_task_namespaces+0xa9/0xe0 [ 216.007233] do_exit+0xb17/0x2ef0 [ 216.007603] ? lock_acquire+0x427/0x4c0 [ 216.008031] ? __pfx_lock_release+0x10/0x10 [ 216.008502] ? __kasan_check_write+0x18/0x20 [ 216.008976] ? do_raw_spin_lock+0x132/0x2a0 [ 216.009439] ? __pfx_do_exit+0x10/0x10 [ 216.009854] ? debug_smp_processor_id+0x20/0x30 [ 216.010351] ? rcu_is_watching+0x19/0xb0 [ 216.010828] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.011342] ? trace_hardirqs_on+0x26/0x120 [ 216.011817] do_group_exit+0xe0/0x2b0 [ 216.012240] __x64_sys_exit_group+0x47/0x50 [ 216.012702] do_syscall_64+0x3b/0x90 [ 216.013104] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.013657] RIP: 0033:0x7f4b87518a4d [ 216.014055] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.014736] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.015567] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.016324] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.017080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.017851] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.018653] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.019450] [ 216.019702] irq event stamp: 0 [ 216.020039] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.020709] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.021593] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.022478] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.023178] ---[ end trace 0000000000000000 ]--- [ 216.027997] ------------[ cut here ]------------ [ 216.028556] WARNING: CPU: 0 PID: 2060 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.029621] Modules linked in: [ 216.029968] CPU: 0 PID: 2060 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.030934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.032125] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.032634] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.034538] RSP: 0018:ffff888018747bb8 EFLAGS: 00010246 [ 216.035095] RAX: 0000000000000000 RBX: ffff8880140d10a8 RCX: 0000000000000000 [ 216.035840] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 216.036568] RBP: ffff888018747bd0 R08: ffffed100281a233 R09: ffffed100281a233 [ 216.037298] R10: ffff8880140d1193 R11: ffffed100281a232 R12: ffff888014140000 [ 216.038030] R13: ffff8880140d11e8 R14: ffffffff8352e670 R15: ffff888018747e68 [ 216.038791] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.039649] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.040247] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 216.040979] PKRU: 55555554 [ 216.041274] Call Trace: [ 216.041543] [ 216.041780] __iommufd_access_detach+0x1c2/0x2b0 [ 216.042288] iommufd_access_change_pt+0x149/0x270 [ 216.042823] iommufd_access_replace+0xb4/0x120 [ 216.043324] iommufd_test+0x3e5/0x37e0 [ 216.043735] ? lock_release+0x532/0x770 [ 216.044164] ? __might_fault+0x102/0x1b0 [ 216.044596] ? lock_acquire+0x427/0x4c0 [ 216.045021] ? __pfx_iommufd_test+0x10/0x10 [ 216.045476] ? __pfx_lock_release+0x10/0x10 [ 216.045929] ? __pfx_lock_acquire+0x10/0x10 [ 216.046387] ? write_comp_data+0x2f/0x90 [ 216.046845] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.047365] ? write_comp_data+0x2f/0x90 [ 216.047798] iommufd_fops_ioctl+0x37d/0x510 [ 216.048249] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.048770] ? write_comp_data+0x2f/0x90 [ 216.049196] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.049698] __x64_sys_ioctl+0x1a3/0x230 [ 216.050147] do_syscall_64+0x3b/0x90 [ 216.050575] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.051131] RIP: 0033:0x7f4b8743ee5d [ 216.051519] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.053411] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.054212] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.054985] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.055736] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.056466] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.057198] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.057934] [ 216.058176] irq event stamp: 0 [ 216.058529] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.059193] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.060056] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.060924] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.061578] ---[ end trace 0000000000000000 ]--- [ 216.064829] ------------[ cut here ]------------ [ 216.065356] WARNING: CPU: 0 PID: 2060 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.066400] Modules linked in: [ 216.066849] CPU: 0 PID: 2060 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.067752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.068816] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.069289] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.071034] RSP: 0018:ffff888018747bd0 EFLAGS: 00010246 [ 216.071564] RAX: 0000000000000000 RBX: ffff8880140d10a8 RCX: 0000000000000000 [ 216.072245] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 216.072919] RBP: ffff888018747be8 R08: ffffed100281a233 R09: ffffed100281a233 [ 216.073588] R10: ffff8880140d1193 R11: ffffed100281a232 R12: ffff888013bc5c00 [ 216.074262] R13: ffff8880140d11e8 R14: ffff888013d63100 R15: 0000000000000000 [ 216.074978] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.075786] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.076339] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.077032] PKRU: 55555554 [ 216.077307] Call Trace: [ 216.077554] [ 216.077772] iommufd_access_destroy_object+0x65/0x170 [ 216.078273] iommufd_object_destroy_user+0x18e/0x220 [ 216.078784] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.079357] iommufd_access_destroy+0x43/0x70 [ 216.079802] iommufd_test_staccess_release+0x8d/0xd0 [ 216.080302] __fput+0x26d/0xa40 [ 216.080641] ____fput+0x1e/0x30 [ 216.080967] task_work_run+0x1a4/0x2d0 [ 216.081354] ? __pfx_task_work_run+0x10/0x10 [ 216.081782] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.082251] ? switch_task_namespaces+0xa9/0xe0 [ 216.082735] do_exit+0xb17/0x2ef0 [ 216.083086] ? lock_acquire+0x427/0x4c0 [ 216.083490] ? __pfx_lock_release+0x10/0x10 [ 216.083912] ? __kasan_check_write+0x18/0x20 [ 216.084336] ? do_raw_spin_lock+0x132/0x2a0 [ 216.084751] ? __pfx_do_exit+0x10/0x10 [ 216.085135] ? debug_smp_processor_id+0x20/0x30 [ 216.085583] ? rcu_is_watching+0x19/0xb0 [ 216.085977] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.086416] ? trace_hardirqs_on+0x26/0x120 [ 216.086861] do_group_exit+0xe0/0x2b0 [ 216.087244] __x64_sys_exit_group+0x47/0x50 [ 216.087668] do_syscall_64+0x3b/0x90 [ 216.088039] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.088545] RIP: 0033:0x7f4b87518a4d [ 216.088907] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.089488] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.090207] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.090908] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.091601] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.092290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.093035] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.093929] [ 216.094159] irq event stamp: 0 [ 216.094461] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.095095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.095919] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.096714] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.097311] ---[ end trace 0000000000000000 ]--- [ 216.098374] ------------[ cut here ]------------ [ 216.099008] WARNING: CPU: 0 PID: 2060 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.099992] Modules linked in: [ 216.100299] CPU: 0 PID: 2060 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.101442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.102551] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.103140] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.105037] RSP: 0018:ffff888018747b78 EFLAGS: 00010246 [ 216.105756] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.106443] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 216.107171] RBP: ffff888018747b98 R08: ffffed100281a23e R09: ffffed100281a23e [ 216.107960] R10: ffff8880140d11ef R11: ffffed100281a23d R12: ffff8880140d1290 [ 216.108773] R13: ffff8880140d10a8 R14: ffffffffffffffff R15: ffff888018747c60 [ 216.109458] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.110464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.111047] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.111744] PKRU: 55555554 [ 216.112019] Call Trace: [ 216.112275] [ 216.112590] iommufd_ioas_destroy+0x53/0x70 [ 216.113149] iommufd_fops_release+0x1f7/0x370 [ 216.113595] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.114076] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.114639] ? write_comp_data+0x2f/0x90 [ 216.115187] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.115679] __fput+0x26d/0xa40 [ 216.116018] ____fput+0x1e/0x30 [ 216.116355] task_work_run+0x1a4/0x2d0 [ 216.116746] ? __pfx_task_work_run+0x10/0x10 [ 216.117286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.117896] ? switch_task_namespaces+0xa9/0xe0 [ 216.118369] do_exit+0xb17/0x2ef0 [ 216.118743] ? lock_acquire+0x427/0x4c0 [ 216.119159] ? __pfx_lock_release+0x10/0x10 [ 216.119640] ? __kasan_check_write+0x18/0x20 [ 216.120164] ? do_raw_spin_lock+0x132/0x2a0 [ 216.120586] ? __pfx_do_exit+0x10/0x10 [ 216.120978] ? debug_smp_processor_id+0x20/0x30 [ 216.121435] ? rcu_is_watching+0x19/0xb0 [ 216.122021] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.122478] ? trace_hardirqs_on+0x26/0x120 [ 216.122952] do_group_exit+0xe0/0x2b0 [ 216.123327] __x64_sys_exit_group+0x47/0x50 [ 216.123744] do_syscall_64+0x3b/0x90 [ 216.124217] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.124828] RIP: 0033:0x7f4b87518a4d [ 216.125187] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.125777] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.126731] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.127428] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.128113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.129010] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.129698] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.130425] [ 216.130735] irq event stamp: 0 [ 216.131256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.131914] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.132785] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.133903] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.134606] ---[ end trace 0000000000000000 ]--- [ 216.139381] ------------[ cut here ]------------ [ 216.140000] WARNING: CPU: 0 PID: 2061 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.141218] Modules linked in: [ 216.141568] CPU: 0 PID: 2061 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.142790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.144010] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.144550] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.146462] RSP: 0018:ffff88801845fbb8 EFLAGS: 00010246 [ 216.147050] RAX: 0000000000000000 RBX: ffff88800cb928a8 RCX: 0000000000000000 [ 216.147815] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 216.148566] RBP: ffff88801845fbd0 R08: ffffed1001972533 R09: ffffed1001972533 [ 216.149309] R10: ffff88800cb92993 R11: ffffed1001972532 R12: ffff888014583c00 [ 216.150047] R13: ffff88800cb929e8 R14: ffffffff8352e670 R15: ffff88801845fe68 [ 216.150819] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.151677] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.152286] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 216.153042] PKRU: 55555554 [ 216.153347] Call Trace: [ 216.153627] [ 216.153869] __iommufd_access_detach+0x1c2/0x2b0 [ 216.154393] iommufd_access_change_pt+0x149/0x270 [ 216.154952] iommufd_access_replace+0xb4/0x120 [ 216.155462] iommufd_test+0x3e5/0x37e0 [ 216.155877] ? lock_release+0x532/0x770 [ 216.156321] ? __might_fault+0x102/0x1b0 [ 216.156778] ? lock_acquire+0x427/0x4c0 [ 216.157225] ? __pfx_iommufd_test+0x10/0x10 [ 216.157681] ? __pfx_lock_release+0x10/0x10 [ 216.158140] ? __pfx_lock_acquire+0x10/0x10 [ 216.158637] ? write_comp_data+0x2f/0x90 [ 216.159078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.159603] ? write_comp_data+0x2f/0x90 [ 216.160040] iommufd_fops_ioctl+0x37d/0x510 [ 216.160496] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.161020] ? write_comp_data+0x2f/0x90 [ 216.161462] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.161976] __x64_sys_ioctl+0x1a3/0x230 [ 216.162416] do_syscall_64+0x3b/0x90 [ 216.162852] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.163424] RIP: 0033:0x7f4b8743ee5d [ 216.163824] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.165753] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.166591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.167352] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.168095] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.168845] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.169592] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.170353] [ 216.170631] irq event stamp: 0 [ 216.170980] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.171674] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.172571] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.173441] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.174100] ---[ end trace 0000000000000000 ]--- [ 216.177617] ------------[ cut here ]------------ [ 216.178127] WARNING: CPU: 0 PID: 2061 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.179319] Modules linked in: [ 216.179663] CPU: 0 PID: 2061 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.180839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.181991] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.182501] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.184642] RSP: 0018:ffff88801845fbd0 EFLAGS: 00010246 [ 216.185147] RAX: 0000000000000000 RBX: ffff88800cb928a8 RCX: 0000000000000000 [ 216.185810] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 216.186475] RBP: ffff88801845fbe8 R08: ffffed1001972533 R09: ffffed1001972533 [ 216.187395] R10: ffff88800cb92993 R11: ffffed1001972532 R12: ffff888014143000 [ 216.188069] R13: ffff88800cb929e8 R14: ffff888012860f00 R15: 0000000000000000 [ 216.188738] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.189736] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.190283] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.190972] PKRU: 55555554 [ 216.191146] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5462 of 7281 items, 4194304 file size, 767 bytes per hash table item), suggesting rotation. [ 216.191252] Call Trace: [ 216.191258] [ 216.193158] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 216.193386] iommufd_access_destroy_object+0x65/0x170 [ 216.195416] iommufd_object_destroy_user+0x18e/0x220 [ 216.195907] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.196461] iommufd_access_destroy+0x43/0x70 [ 216.196900] iommufd_test_staccess_release+0x8d/0xd0 [ 216.197391] __fput+0x26d/0xa40 [ 216.197727] ____fput+0x1e/0x30 [ 216.198053] task_work_run+0x1a4/0x2d0 [ 216.198438] ? __pfx_task_work_run+0x10/0x10 [ 216.199010] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.199666] ? switch_task_namespaces+0xa9/0xe0 [ 216.200137] do_exit+0xb17/0x2ef0 [ 216.200472] ? lock_acquire+0x427/0x4c0 [ 216.200867] ? __pfx_lock_release+0x10/0x10 [ 216.201508] ? __kasan_check_write+0x18/0x20 [ 216.201938] ? do_raw_spin_lock+0x132/0x2a0 [ 216.202361] ? __pfx_do_exit+0x10/0x10 [ 216.202767] ? debug_smp_processor_id+0x20/0x30 [ 216.203223] ? rcu_is_watching+0x19/0xb0 [ 216.203619] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.204053] ? trace_hardirqs_on+0x26/0x120 [ 216.204479] do_group_exit+0xe0/0x2b0 [ 216.204844] __x64_sys_exit_group+0x47/0x50 [ 216.205257] do_syscall_64+0x3b/0x90 [ 216.205622] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.206120] RIP: 0033:0x7f4b87518a4d [ 216.206474] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.207088] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.207824] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.208760] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.209446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.210220] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.211041] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.211748] [ 216.211975] irq event stamp: 0 [ 216.212277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.212872] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.213668] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.214463] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.215090] ---[ end trace 0000000000000000 ]--- [ 216.216065] ------------[ cut here ]------------ [ 216.216526] WARNING: CPU: 0 PID: 2061 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.217488] Modules linked in: [ 216.217805] CPU: 0 PID: 2061 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.218673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.219745] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.220229] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.221944] RSP: 0018:ffff88801845fb78 EFLAGS: 00010246 [ 216.222456] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.223162] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 216.223834] RBP: ffff88801845fb98 R08: ffffed100197253e R09: ffffed100197253e [ 216.224503] R10: ffff88800cb929ef R11: ffffed100197253d R12: ffff88800cb92a90 [ 216.225178] R13: ffff88800cb928a8 R14: ffffffffffffffff R15: ffff88801845fc60 [ 216.225846] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.226637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.227203] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.227876] PKRU: 55555554 [ 216.228150] Call Trace: [ 216.228398] [ 216.228615] iommufd_ioas_destroy+0x53/0x70 [ 216.229031] iommufd_fops_release+0x1f7/0x370 [ 216.229469] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.229942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.230416] ? write_comp_data+0x2f/0x90 [ 216.230858] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.231297] __fput+0x26d/0xa40 [ 216.231623] ____fput+0x1e/0x30 [ 216.231962] task_work_run+0x1a4/0x2d0 [ 216.232341] ? __pfx_task_work_run+0x10/0x10 [ 216.232764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.233234] ? switch_task_namespaces+0xa9/0xe0 [ 216.233683] do_exit+0xb17/0x2ef0 [ 216.234012] ? lock_acquire+0x427/0x4c0 [ 216.234398] ? __pfx_lock_release+0x10/0x10 [ 216.234847] ? __kasan_check_write+0x18/0x20 [ 216.235287] ? do_raw_spin_lock+0x132/0x2a0 [ 216.235697] ? __pfx_do_exit+0x10/0x10 [ 216.236075] ? debug_smp_processor_id+0x20/0x30 [ 216.236516] ? rcu_is_watching+0x19/0xb0 [ 216.236902] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.237335] ? trace_hardirqs_on+0x26/0x120 [ 216.237751] do_group_exit+0xe0/0x2b0 [ 216.238111] __x64_sys_exit_group+0x47/0x50 [ 216.238551] do_syscall_64+0x3b/0x90 [ 216.238918] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.239441] RIP: 0033:0x7f4b87518a4d [ 216.239795] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.240366] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.241081] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.241744] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.242405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.243098] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.243785] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.244464] [ 216.244688] irq event stamp: 0 [ 216.244987] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.245575] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.246360] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.247170] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.247765] ---[ end trace 0000000000000000 ]--- [ 216.252181] ------------[ cut here ]------------ [ 216.252673] WARNING: CPU: 0 PID: 2063 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.253617] Modules linked in: [ 216.253918] CPU: 0 PID: 2063 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.255247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.256317] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.256791] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.258543] RSP: 0018:ffff88800fc47bb8 EFLAGS: 00010246 [ 216.259060] RAX: 0000000000000000 RBX: ffff888023cfe0a8 RCX: 0000000000000000 [ 216.259802] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 216.260533] RBP: ffff88800fc47bd0 R08: ffffed100479fc33 R09: ffffed100479fc33 [ 216.261261] R10: ffff888023cfe193 R11: ffffed100479fc32 R12: ffff888010e03400 [ 216.261999] R13: ffff888023cfe1e8 R14: ffffffff8352e670 R15: ffff88800fc47e68 [ 216.262748] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.263588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.264182] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 216.264906] PKRU: 55555554 [ 216.265195] Call Trace: [ 216.265455] [ 216.265689] __iommufd_access_detach+0x1c2/0x2b0 [ 216.266192] iommufd_access_change_pt+0x149/0x270 [ 216.266725] iommufd_access_replace+0xb4/0x120 [ 216.267215] iommufd_test+0x3e5/0x37e0 [ 216.267619] ? lock_release+0x532/0x770 [ 216.268047] ? __might_fault+0x102/0x1b0 [ 216.268468] ? lock_acquire+0x427/0x4c0 [ 216.268888] ? __pfx_iommufd_test+0x10/0x10 [ 216.269332] ? __pfx_lock_release+0x10/0x10 [ 216.269786] ? __pfx_lock_acquire+0x10/0x10 [ 216.270236] ? write_comp_data+0x2f/0x90 [ 216.270692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.271235] ? write_comp_data+0x2f/0x90 [ 216.271672] iommufd_fops_ioctl+0x37d/0x510 [ 216.272126] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.272658] ? write_comp_data+0x2f/0x90 [ 216.273095] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.273598] __x64_sys_ioctl+0x1a3/0x230 [ 216.274034] do_syscall_64+0x3b/0x90 [ 216.274428] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.274995] RIP: 0033:0x7f4b8743ee5d [ 216.275406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.277250] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.278016] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.278755] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.279490] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.280204] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.280938] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.281669] [ 216.281907] irq event stamp: 0 [ 216.282228] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.282896] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.283752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.284590] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.285233] ---[ end trace 0000000000000000 ]--- [ 216.290362] ------------[ cut here ]------------ [ 216.291359] WARNING: CPU: 1 PID: 2063 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.292650] Modules linked in: [ 216.293129] CPU: 1 PID: 2063 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.294342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.296044] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.296698] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.299345] RSP: 0018:ffff88800fc47bd0 EFLAGS: 00010246 [ 216.300032] RAX: 0000000000000000 RBX: ffff888023cfe0a8 RCX: 0000000000000000 [ 216.301145] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 216.302059] RBP: ffff88800fc47be8 R08: ffffed100479fc33 R09: ffffed100479fc33 [ 216.303258] R10: ffff888023cfe193 R11: ffffed100479fc32 R12: ffff888014581c00 [ 216.304157] R13: ffff888023cfe1e8 R14: ffff8880149bd400 R15: 0000000000000000 [ 216.305174] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 216.306271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.307061] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 216.308164] PKRU: 55555554 [ 216.308467] Call Trace: [ 216.308741] [ 216.308980] iommufd_access_destroy_object+0x65/0x170 [ 216.309509] iommufd_object_destroy_user+0x18e/0x220 [ 216.310206] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.310866] iommufd_access_destroy+0x43/0x70 [ 216.311360] iommufd_test_staccess_release+0x8d/0xd0 [ 216.311884] __fput+0x26d/0xa40 [ 216.312342] ____fput+0x1e/0x30 [ 216.312775] task_work_run+0x1a4/0x2d0 [ 216.313251] ? __pfx_task_work_run+0x10/0x10 [ 216.313710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.314212] ? switch_task_namespaces+0xa9/0xe0 [ 216.314946] do_exit+0xb17/0x2ef0 [ 216.315331] ? lock_acquire+0x427/0x4c0 [ 216.315743] ? __pfx_lock_release+0x10/0x10 [ 216.316197] ? __kasan_check_write+0x18/0x20 [ 216.316647] ? do_raw_spin_lock+0x132/0x2a0 [ 216.317109] ? __pfx_do_exit+0x10/0x10 [ 216.317512] ? debug_smp_processor_id+0x20/0x30 [ 216.318111] ? rcu_is_watching+0x19/0xb0 [ 216.318672] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.319167] ? trace_hardirqs_on+0x26/0x120 [ 216.319614] do_group_exit+0xe0/0x2b0 [ 216.320002] __x64_sys_exit_group+0x47/0x50 [ 216.320680] do_syscall_64+0x3b/0x90 [ 216.321074] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.321608] RIP: 0033:0x7f4b87518a4d [ 216.321981] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.322831] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.323624] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.324337] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.325333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.326075] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.326839] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.327797] [ 216.328038] irq event stamp: 0 [ 216.328364] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.329023] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.330076] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.330975] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.331647] ---[ end trace 0000000000000000 ]--- [ 216.332605] ------------[ cut here ]------------ [ 216.333110] WARNING: CPU: 1 PID: 2063 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.334140] Modules linked in: [ 216.334480] CPU: 1 PID: 2063 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.335722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.336855] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.337331] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.339061] RSP: 0018:ffff88800fc47b78 EFLAGS: 00010246 [ 216.339571] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.340240] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 216.340923] RBP: ffff88800fc47b98 R08: ffffed100479fc3e R09: ffffed100479fc3e [ 216.341581] R10: ffff888023cfe1ef R11: ffffed100479fc3d R12: ffff888023cfe290 [ 216.342237] R13: ffff888023cfe0a8 R14: ffffffffffffffff R15: ffff88800fc47c60 [ 216.342919] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 216.343675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.344224] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 216.344890] PKRU: 55555554 [ 216.345168] Call Trace: [ 216.345409] [ 216.345616] iommufd_ioas_destroy+0x53/0x70 [ 216.346021] iommufd_fops_release+0x1f7/0x370 [ 216.346450] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.346951] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.347684] ? write_comp_data+0x2f/0x90 [ 216.348233] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.348874] __fput+0x26d/0xa40 [ 216.349635] ____fput+0x1e/0x30 [ 216.350069] task_work_run+0x1a4/0x2d0 [ 216.350635] ? __pfx_task_work_run+0x10/0x10 [ 216.351210] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.351824] ? switch_task_namespaces+0xa9/0xe0 [ 216.352596] do_exit+0xb17/0x2ef0 [ 216.353041] ? lock_acquire+0x427/0x4c0 [ 216.353557] ? __pfx_lock_release+0x10/0x10 [ 216.354140] ? __kasan_check_write+0x18/0x20 [ 216.354836] ? do_raw_spin_lock+0x132/0x2a0 [ 216.355404] ? __pfx_do_exit+0x10/0x10 [ 216.355904] ? debug_smp_processor_id+0x20/0x30 [ 216.356486] ? rcu_is_watching+0x19/0xb0 [ 216.357117] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.357687] ? trace_hardirqs_on+0x26/0x120 [ 216.358234] do_group_exit+0xe0/0x2b0 [ 216.358847] __x64_sys_exit_group+0x47/0x50 [ 216.359417] do_syscall_64+0x3b/0x90 [ 216.359896] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.360545] RIP: 0033:0x7f4b87518a4d [ 216.361041] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.361892] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.362870] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.363905] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.364769] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.365628] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.366490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.367435] [ 216.367730] irq event stamp: 0 [ 216.368118] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.368867] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.369851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.370868] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.371632] ---[ end trace 0000000000000000 ]--- [ 216.377766] ------------[ cut here ]------------ [ 216.378361] WARNING: CPU: 1 PID: 2064 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.379561] Modules linked in: [ 216.379853] CPU: 1 PID: 2064 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.380610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.381585] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.382020] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.383632] RSP: 0018:ffff888010897bb8 EFLAGS: 00010246 [ 216.384103] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 216.384711] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 216.385315] RBP: ffff888010897bd0 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 216.385899] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff888013df1400 [ 216.386486] R13: ffff888011f621e8 R14: ffffffff8352e670 R15: ffff888010897e68 [ 216.387093] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 216.387766] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.388234] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 216.388822] PKRU: 55555554 [ 216.389057] Call Trace: [ 216.389271] [ 216.389461] __iommufd_access_detach+0x1c2/0x2b0 [ 216.389867] iommufd_access_change_pt+0x149/0x270 [ 216.390273] iommufd_access_replace+0xb4/0x120 [ 216.390677] iommufd_test+0x3e5/0x37e0 [ 216.391002] ? lock_release+0x532/0x770 [ 216.391352] ? __might_fault+0x102/0x1b0 [ 216.391694] ? lock_acquire+0x427/0x4c0 [ 216.392030] ? __pfx_iommufd_test+0x10/0x10 [ 216.392383] ? __pfx_lock_release+0x10/0x10 [ 216.392751] ? __pfx_lock_acquire+0x10/0x10 [ 216.393121] ? write_comp_data+0x2f/0x90 [ 216.393464] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.393863] ? write_comp_data+0x2f/0x90 [ 216.394200] iommufd_fops_ioctl+0x37d/0x510 [ 216.394576] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.394984] ? write_comp_data+0x2f/0x90 [ 216.395341] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.395745] __x64_sys_ioctl+0x1a3/0x230 [ 216.396092] do_syscall_64+0x3b/0x90 [ 216.396410] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.396837] RIP: 0033:0x7f4b8743ee5d [ 216.397142] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.398648] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.399283] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.399861] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.400432] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.401005] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.401583] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.402171] [ 216.402363] irq event stamp: 0 [ 216.402643] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.403171] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.403850] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.404523] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.405031] ---[ end trace 0000000000000000 ]--- [ 216.407881] ------------[ cut here ]------------ [ 216.408293] WARNING: CPU: 1 PID: 2064 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.409106] Modules linked in: [ 216.409365] CPU: 1 PID: 2064 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.410048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.410937] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.411340] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.412752] RSP: 0018:ffff888010897bd0 EFLAGS: 00010246 [ 216.413167] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 216.413717] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 216.414272] RBP: ffff888010897be8 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 216.414837] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff888018709800 [ 216.415394] R13: ffff888011f621e8 R14: ffff888020a71100 R15: 0000000000000000 [ 216.415936] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 216.416549] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.416997] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 216.417546] PKRU: 55555554 [ 216.417762] Call Trace: [ 216.417957] [ 216.418134] iommufd_access_destroy_object+0x65/0x170 [ 216.418576] iommufd_object_destroy_user+0x18e/0x220 [ 216.418975] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.419435] iommufd_access_destroy+0x43/0x70 [ 216.419790] iommufd_test_staccess_release+0x8d/0xd0 [ 216.420188] __fput+0x26d/0xa40 [ 216.420459] ____fput+0x1e/0x30 [ 216.420723] task_work_run+0x1a4/0x2d0 [ 216.421030] ? __pfx_task_work_run+0x10/0x10 [ 216.421371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.421754] ? switch_task_namespaces+0xa9/0xe0 [ 216.422122] do_exit+0xb17/0x2ef0 [ 216.422391] ? lock_acquire+0x427/0x4c0 [ 216.422725] ? __pfx_lock_release+0x10/0x10 [ 216.423069] ? __kasan_check_write+0x18/0x20 [ 216.423426] ? do_raw_spin_lock+0x132/0x2a0 [ 216.423762] ? __pfx_do_exit+0x10/0x10 [ 216.424069] ? debug_smp_processor_id+0x20/0x30 [ 216.424429] ? rcu_is_watching+0x19/0xb0 [ 216.424745] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.425096] ? trace_hardirqs_on+0x26/0x120 [ 216.425437] do_group_exit+0xe0/0x2b0 [ 216.425730] __x64_sys_exit_group+0x47/0x50 [ 216.426058] do_syscall_64+0x3b/0x90 [ 216.426352] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.426774] RIP: 0033:0x7f4b87518a4d [ 216.427063] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.427550] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.428137] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.428684] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.429229] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.429772] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.430315] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.430907] [ 216.431096] irq event stamp: 0 [ 216.431355] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.431856] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.432507] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.433153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.433664] ---[ end trace 0000000000000000 ]--- [ 216.434352] ------------[ cut here ]------------ [ 216.434747] WARNING: CPU: 1 PID: 2064 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.435561] Modules linked in: [ 216.435816] CPU: 1 PID: 2064 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.436489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.437367] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.437772] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.439217] RSP: 0018:ffff888010897b78 EFLAGS: 00010246 [ 216.439641] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.440186] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 216.440749] RBP: ffff888010897b98 R08: ffffed10023ec43e R09: ffffed10023ec43e [ 216.441313] R10: ffff888011f621ef R11: ffffed10023ec43d R12: ffff888011f62290 [ 216.441868] R13: ffff888011f620a8 R14: ffffffffffffffff R15: ffff888010897c60 [ 216.442417] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 216.443069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.443538] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 216.444098] PKRU: 55555554 [ 216.444322] Call Trace: [ 216.444526] [ 216.444707] iommufd_ioas_destroy+0x53/0x70 [ 216.445484] iommufd_fops_release+0x1f7/0x370 [ 216.445852] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.446247] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.446682] ? write_comp_data+0x2f/0x90 [ 216.447013] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.447421] __fput+0x26d/0xa40 [ 216.447695] ____fput+0x1e/0x30 [ 216.447961] task_work_run+0x1a4/0x2d0 [ 216.448276] ? __pfx_task_work_run+0x10/0x10 [ 216.448629] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.449021] ? switch_task_namespaces+0xa9/0xe0 [ 216.449548] do_exit+0xb17/0x2ef0 [ 216.449829] ? lock_acquire+0x427/0x4c0 [ 216.450155] ? __pfx_lock_release+0x10/0x10 [ 216.450547] ? __kasan_check_write+0x18/0x20 [ 216.450900] ? do_raw_spin_lock+0x132/0x2a0 [ 216.451253] ? __pfx_do_exit+0x10/0x10 [ 216.451577] ? debug_smp_processor_id+0x20/0x30 [ 216.451956] ? rcu_is_watching+0x19/0xb0 [ 216.452289] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.452663] ? trace_hardirqs_on+0x26/0x120 [ 216.453020] do_group_exit+0xe0/0x2b0 [ 216.453329] __x64_sys_exit_group+0x47/0x50 [ 216.453767] do_syscall_64+0x3b/0x90 [ 216.454179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.454636] RIP: 0033:0x7f4b87518a4d [ 216.454939] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.455446] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.456059] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.456631] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.457203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.457774] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.458540] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.459138] [ 216.459340] irq event stamp: 0 [ 216.459601] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.460122] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.460837] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.461617] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.462125] ---[ end trace 0000000000000000 ]--- [ 216.465867] ------------[ cut here ]------------ [ 216.466320] WARNING: CPU: 1 PID: 2065 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.467386] Modules linked in: [ 216.467662] CPU: 1 PID: 2065 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.468396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.469514] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.469953] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.471741] RSP: 0018:ffff8880189dfbb8 EFLAGS: 00010246 [ 216.472209] RAX: 0000000000000000 RBX: ffff888011de28a8 RCX: 0000000000000000 [ 216.472818] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 216.473464] RBP: ffff8880189dfbd0 R08: ffffed10023bc533 R09: ffffed10023bc533 [ 216.474164] R10: ffff888011de2993 R11: ffffed10023bc532 R12: ffff888012a1f400 [ 216.474801] R13: ffff888011de29e8 R14: ffffffff8352e670 R15: ffff8880189dfe68 [ 216.475434] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 216.476273] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.476774] CR2: 00007f4b877410e8 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 216.477389] PKRU: 55555554 [ 216.477639] Call Trace: [ 216.477908] [ 216.478171] __iommufd_access_detach+0x1c2/0x2b0 [ 216.478630] iommufd_access_change_pt+0x149/0x270 [ 216.479058] iommufd_access_replace+0xb4/0x120 [ 216.479469] iommufd_test+0x3e5/0x37e0 [ 216.479803] ? lock_release+0x532/0x770 [ 216.480197] ? __might_fault+0x102/0x1b0 [ 216.480623] ? lock_acquire+0x427/0x4c0 [ 216.480976] ? __pfx_iommufd_test+0x10/0x10 [ 216.481345] ? __pfx_lock_release+0x10/0x10 [ 216.481722] ? __pfx_lock_acquire+0x10/0x10 [ 216.482155] ? write_comp_data+0x2f/0x90 [ 216.482591] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.483047] ? write_comp_data+0x2f/0x90 [ 216.483447] iommufd_fops_ioctl+0x37d/0x510 [ 216.483850] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.484309] ? write_comp_data+0x2f/0x90 [ 216.484789] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.485316] __x64_sys_ioctl+0x1a3/0x230 [ 216.485696] do_syscall_64+0x3b/0x90 [ 216.486048] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.486578] RIP: 0033:0x7f4b8743ee5d [ 216.486973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.488712] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.489603] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.490262] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.490934] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.491695] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.492465] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.493131] [ 216.493350] irq event stamp: 0 [ 216.493676] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.494501] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.495300] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.496051] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.496841] ---[ end trace 0000000000000000 ]--- [ 216.500075] ------------[ cut here ]------------ [ 216.500562] WARNING: CPU: 1 PID: 2065 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.501735] Modules linked in: [ 216.502040] CPU: 1 PID: 2065 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.502948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.504186] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.504721] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.506653] RSP: 0018:ffff8880189dfbd0 EFLAGS: 00010246 [ 216.507181] RAX: 0000000000000000 RBX: ffff888011de28a8 RCX: 0000000000000000 [ 216.507843] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 216.508505] RBP: ffff8880189dfbe8 R08: ffffed10023bc533 R09: ffffed10023bc533 [ 216.509159] R10: ffff888011de2993 R11: ffffed10023bc532 R12: ffff888013df3400 [ 216.509823] R13: ffff888011de29e8 R14: ffff888012116900 R15: 0000000000000000 [ 216.510490] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 216.511290] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.511835] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 216.512498] PKRU: 55555554 [ 216.512764] Call Trace: [ 216.513001] [ 216.513211] iommufd_access_destroy_object+0x65/0x170 [ 216.513699] iommufd_object_destroy_user+0x18e/0x220 [ 216.514177] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.514749] iommufd_access_destroy+0x43/0x70 [ 216.515200] iommufd_test_staccess_release+0x8d/0xd0 [ 216.515687] __fput+0x26d/0xa40 [ 216.516013] ____fput+0x1e/0x30 [ 216.516333] task_work_run+0x1a4/0x2d0 [ 216.516705] ? __pfx_task_work_run+0x10/0x10 [ 216.517122] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.517587] ? switch_task_namespaces+0xa9/0xe0 [ 216.518031] do_exit+0xb17/0x2ef0 [ 216.518357] ? lock_acquire+0x427/0x4c0 [ 216.518771] ? __pfx_lock_release+0x10/0x10 [ 216.519199] ? __kasan_check_write+0x18/0x20 [ 216.519624] ? do_raw_spin_lock+0x132/0x2a0 [ 216.520030] ? __pfx_do_exit+0x10/0x10 [ 216.520406] ? debug_smp_processor_id+0x20/0x30 [ 216.520846] ? rcu_is_watching+0x19/0xb0 [ 216.521226] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.521651] ? trace_hardirqs_on+0x26/0x120 [ 216.522058] do_group_exit+0xe0/0x2b0 [ 216.522416] __x64_sys_exit_group+0x47/0x50 [ 216.522850] do_syscall_64+0x3b/0x90 [ 216.523229] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.523733] RIP: 0033:0x7f4b87518a4d [ 216.524087] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.524660] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.525363] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.526019] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.526711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.527383] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.528049] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.528724] [ 216.528947] irq event stamp: 0 [ 216.529243] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.529823] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.530622] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.531407] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.531998] ---[ end trace 0000000000000000 ]--- [ 216.533349] ------------[ cut here ]------------ [ 216.534036] WARNING: CPU: 0 PID: 2065 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.535512] Modules linked in: [ 216.535945] CPU: 0 PID: 2065 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.537023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.538420] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.539155] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.541394] RSP: 0018:ffff8880189dfb78 EFLAGS: 00010246 [ 216.542072] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.543018] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 216.543956] RBP: ffff8880189dfb98 R08: ffffed10023bc53e R09: ffffed10023bc53e [ 216.544852] R10: ffff888011de29ef R11: ffffed10023bc53d R12: ffff888011de2a90 [ 216.545744] R13: ffff888011de28a8 R14: ffffffffffffffff R15: ffff8880189dfc60 [ 216.546693] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.547736] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.548470] CR2: 00007f82e2e9b000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 216.549377] PKRU: 55555554 [ 216.549752] Call Trace: [ 216.550087] [ 216.550388] iommufd_ioas_destroy+0x53/0x70 [ 216.551008] iommufd_fops_release+0x1f7/0x370 [ 216.551635] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.552289] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.552935] ? write_comp_data+0x2f/0x90 [ 216.553482] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.554135] __fput+0x26d/0xa40 [ 216.554640] ____fput+0x1e/0x30 [ 216.555251] task_work_run+0x1a4/0x2d0 [ 216.555621] ? __pfx_task_work_run+0x10/0x10 [ 216.556018] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.556458] ? switch_task_namespaces+0xa9/0xe0 [ 216.556893] do_exit+0xb17/0x2ef0 [ 216.557209] ? lock_acquire+0x427/0x4c0 [ 216.557578] ? __pfx_lock_release+0x10/0x10 [ 216.557977] ? __kasan_check_write+0x18/0x20 [ 216.558383] ? do_raw_spin_lock+0x132/0x2a0 [ 216.558816] ? __pfx_do_exit+0x10/0x10 [ 216.559199] ? debug_smp_processor_id+0x20/0x30 [ 216.559632] ? rcu_is_watching+0x19/0xb0 [ 216.560007] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.560438] ? trace_hardirqs_on+0x26/0x120 [ 216.560841] do_group_exit+0xe0/0x2b0 [ 216.561190] __x64_sys_exit_group+0x47/0x50 [ 216.561580] do_syscall_64+0x3b/0x90 [ 216.561933] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.562411] RIP: 0033:0x7f4b87518a4d [ 216.562780] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.563366] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.564056] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.564706] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.565356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.566002] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.566677] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.567366] [ 216.567596] irq event stamp: 0 [ 216.567886] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.568469] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.569248] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.570031] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.570650] ---[ end trace 0000000000000000 ]--- [ 216.575157] ------------[ cut here ]------------ [ 216.575661] WARNING: CPU: 0 PID: 2066 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.576583] Modules linked in: [ 216.576882] CPU: 0 PID: 2066 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.577671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.578729] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.579208] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.580861] RSP: 0018:ffff8880208a7bb8 EFLAGS: 00010246 [ 216.581352] RAX: 0000000000000000 RBX: ffff88801813f8a8 RCX: 0000000000000000 [ 216.582006] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 216.582684] RBP: ffff8880208a7bd0 R08: ffffed1003027f33 R09: ffffed1003027f33 [ 216.583366] R10: ffff88801813f993 R11: ffffed1003027f32 R12: ffff88800f134000 [ 216.584029] R13: ffff88801813f9e8 R14: ffffffff8352e670 R15: ffff8880208a7e68 [ 216.584689] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.585427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.585970] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 216.586668] PKRU: 55555554 [ 216.586938] Call Trace: [ 216.587208] [ 216.587423] __iommufd_access_detach+0x1c2/0x2b0 [ 216.587875] iommufd_access_change_pt+0x149/0x270 [ 216.588332] iommufd_access_replace+0xb4/0x120 [ 216.588774] iommufd_test+0x3e5/0x37e0 [ 216.589140] ? lock_release+0x532/0x770 [ 216.589524] ? __might_fault+0x102/0x1b0 [ 216.589906] ? lock_acquire+0x427/0x4c0 [ 216.590282] ? __pfx_iommufd_test+0x10/0x10 [ 216.590711] ? __pfx_lock_release+0x10/0x10 [ 216.591135] ? __pfx_lock_acquire+0x10/0x10 [ 216.591550] ? write_comp_data+0x2f/0x90 [ 216.591937] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.592394] ? write_comp_data+0x2f/0x90 [ 216.592797] iommufd_fops_ioctl+0x37d/0x510 [ 216.593213] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.593664] ? write_comp_data+0x2f/0x90 [ 216.594060] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.594559] __x64_sys_ioctl+0x1a3/0x230 [ 216.594960] do_syscall_64+0x3b/0x90 [ 216.595334] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.595819] RIP: 0033:0x7f4b8743ee5d [ 216.596162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.597825] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.598550] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.599217] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.599867] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.600526] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.601197] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.601872] [ 216.602100] irq event stamp: 0 [ 216.602408] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.603054] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.603865] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.604639] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.605232] ---[ end trace 0000000000000000 ]--- [ 216.608357] ------------[ cut here ]------------ [ 216.608836] WARNING: CPU: 0 PID: 2066 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.609793] Modules linked in: [ 216.610091] CPU: 0 PID: 2066 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.610922] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.611986] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.612452] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.614217] RSP: 0018:ffff8880208a7bd0 EFLAGS: 00010246 [ 216.614798] RAX: 0000000000000000 RBX: ffff88801813f8a8 RCX: 0000000000000000 [ 216.615528] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 216.616243] RBP: ffff8880208a7be8 R08: ffffed1003027f33 R09: ffffed1003027f33 [ 216.616960] R10: ffff88801813f993 R11: ffffed1003027f32 R12: ffff888010e03000 [ 216.617699] R13: ffff88801813f9e8 R14: ffff888012bf7a00 R15: 0000000000000000 [ 216.618423] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.619282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.619879] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.620613] PKRU: 55555554 [ 216.620907] Call Trace: [ 216.621175] [ 216.621402] iommufd_access_destroy_object+0x65/0x170 [ 216.621932] iommufd_object_destroy_user+0x18e/0x220 [ 216.622474] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.623091] iommufd_access_destroy+0x43/0x70 [ 216.623580] iommufd_test_staccess_release+0x8d/0xd0 [ 216.624108] __fput+0x26d/0xa40 [ 216.624460] ____fput+0x1e/0x30 [ 216.624799] task_work_run+0x1a4/0x2d0 [ 216.625199] ? __pfx_task_work_run+0x10/0x10 [ 216.625659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.626171] ? switch_task_namespaces+0xa9/0xe0 [ 216.626681] do_exit+0xb17/0x2ef0 [ 216.627034] ? lock_acquire+0x427/0x4c0 [ 216.627469] ? __pfx_lock_release+0x10/0x10 [ 216.627910] ? __kasan_check_write+0x18/0x20 [ 216.628357] ? do_raw_spin_lock+0x132/0x2a0 [ 216.628791] ? __pfx_do_exit+0x10/0x10 [ 216.629197] ? debug_smp_processor_id+0x20/0x30 [ 216.629677] ? rcu_is_watching+0x19/0xb0 [ 216.630086] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.630586] ? trace_hardirqs_on+0x26/0x120 [ 216.631032] do_group_exit+0xe0/0x2b0 [ 216.631445] __x64_sys_exit_group+0x47/0x50 [ 216.631883] do_syscall_64+0x3b/0x90 [ 216.632277] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.632809] RIP: 0033:0x7f4b87518a4d [ 216.633190] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.633816] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.634611] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.635341] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.636057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.636784] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.637525] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.638257] [ 216.638495] irq event stamp: 0 [ 216.638856] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.639532] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.640384] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.641246] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.641889] ---[ end trace 0000000000000000 ]--- [ 216.642802] ------------[ cut here ]------------ [ 216.643308] WARNING: CPU: 0 PID: 2066 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.644337] Modules linked in: [ 216.644668] CPU: 0 PID: 2066 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.645550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.646732] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.647289] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.649164] RSP: 0018:ffff8880208a7b78 EFLAGS: 00010246 [ 216.649715] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.650441] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 216.651199] RBP: ffff8880208a7b98 R08: ffffed1003027f3e R09: ffffed1003027f3e [ 216.651921] R10: ffff88801813f9ef R11: ffffed1003027f3d R12: ffff88801813fa90 [ 216.652648] R13: ffff88801813f8a8 R14: ffffffffffffffff R15: ffff8880208a7c60 [ 216.653368] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.654175] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.654787] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.655525] PKRU: 55555554 [ 216.655811] Call Trace: [ 216.656071] [ 216.656303] iommufd_ioas_destroy+0x53/0x70 [ 216.656765] iommufd_fops_release+0x1f7/0x370 [ 216.657225] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.657731] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.658238] ? write_comp_data+0x2f/0x90 [ 216.658692] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.659220] __fput+0x26d/0xa40 [ 216.659581] ____fput+0x1e/0x30 [ 216.659929] task_work_run+0x1a4/0x2d0 [ 216.660340] ? __pfx_task_work_run+0x10/0x10 [ 216.660800] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.661300] ? switch_task_namespaces+0xa9/0xe0 [ 216.661796] do_exit+0xb17/0x2ef0 [ 216.662160] ? lock_acquire+0x427/0x4c0 [ 216.662600] ? __pfx_lock_release+0x10/0x10 [ 216.663050] ? __kasan_check_write+0x18/0x20 [ 216.663537] ? do_raw_spin_lock+0x132/0x2a0 [ 216.663974] ? __pfx_do_exit+0x10/0x10 [ 216.664383] ? debug_smp_processor_id+0x20/0x30 [ 216.664862] ? rcu_is_watching+0x19/0xb0 [ 216.665285] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.665764] ? trace_hardirqs_on+0x26/0x120 [ 216.666218] do_group_exit+0xe0/0x2b0 [ 216.666643] __x64_sys_exit_group+0x47/0x50 [ 216.667088] do_syscall_64+0x3b/0x90 [ 216.667502] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.668035] RIP: 0033:0x7f4b87518a4d [ 216.668426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.669060] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.669838] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.670598] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.671344] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.672056] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.672771] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.673500] [ 216.673745] irq event stamp: 0 [ 216.674069] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.674741] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.675624] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.676468] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.677111] ---[ end trace 0000000000000000 ]--- [ 216.681805] ------------[ cut here ]------------ [ 216.682350] WARNING: CPU: 0 PID: 2067 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.683676] Modules linked in: [ 216.684013] CPU: 0 PID: 2067 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.684889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.686026] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.686581] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.688473] RSP: 0018:ffff8880184c7bb8 EFLAGS: 00010246 [ 216.689014] RAX: 0000000000000000 RBX: ffff88801496e0a8 RCX: 0000000000000000 [ 216.689727] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 216.690450] RBP: ffff8880184c7bd0 R08: ffffed100292dc33 R09: ffffed100292dc33 [ 216.691208] R10: ffff88801496e193 R11: ffffed100292dc32 R12: ffff888013bc7c00 [ 216.691950] R13: ffff88801496e1e8 R14: ffffffff8352e670 R15: ffff8880184c7e68 [ 216.692679] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.693514] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.694102] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ef0 [ 216.694860] PKRU: 55555554 [ 216.695171] Call Trace: [ 216.695436] [ 216.695671] __iommufd_access_detach+0x1c2/0x2b0 [ 216.696172] iommufd_access_change_pt+0x149/0x270 [ 216.696675] iommufd_access_replace+0xb4/0x120 [ 216.697147] iommufd_test+0x3e5/0x37e0 [ 216.697537] ? lock_release+0x532/0x770 [ 216.697952] ? __might_fault+0x102/0x1b0 [ 216.698373] ? lock_acquire+0x427/0x4c0 [ 216.698815] ? __pfx_iommufd_test+0x10/0x10 [ 216.699285] ? __pfx_lock_release+0x10/0x10 [ 216.699740] ? __pfx_lock_acquire+0x10/0x10 [ 216.700202] ? write_comp_data+0x2f/0x90 [ 216.700645] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.701152] ? write_comp_data+0x2f/0x90 [ 216.701580] iommufd_fops_ioctl+0x37d/0x510 [ 216.702032] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.702571] ? write_comp_data+0x2f/0x90 [ 216.703167] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.704291] __x64_sys_ioctl+0x1a3/0x230 [ 216.704742] do_syscall_64+0x3b/0x90 [ 216.705132] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.705673] RIP: 0033:0x7f4b8743ee5d [ 216.706055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.708022] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.709053] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.710119] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.710888] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.711610] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.712317] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.713047] [ 216.713281] irq event stamp: 0 [ 216.713595] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.714349] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.715466] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.716306] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.716936] ---[ end trace 0000000000000000 ]--- [ 216.720321] ------------[ cut here ]------------ [ 216.720814] WARNING: CPU: 0 PID: 2067 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.721839] Modules linked in: [ 216.722167] CPU: 0 PID: 2067 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.723226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.724524] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.725039] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.726922] RSP: 0018:ffff8880184c7bd0 EFLAGS: 00010246 [ 216.727500] RAX: 0000000000000000 RBX: ffff88801496e0a8 RCX: 0000000000000000 [ 216.728391] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 216.729437] RBP: ffff8880184c7be8 R08: ffffed100292dc33 R09: ffffed100292dc33 [ 216.730174] R10: ffff88801496e193 R11: ffffed100292dc32 R12: ffff88800f137000 [ 216.730935] R13: ffff88801496e1e8 R14: ffff888012cdc100 R15: 0000000000000000 [ 216.731685] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.732501] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.733103] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.734028] PKRU: 55555554 [ 216.734433] Call Trace: [ 216.734942] [ 216.735206] iommufd_access_destroy_object+0x65/0x170 [ 216.735742] iommufd_object_destroy_user+0x18e/0x220 [ 216.736265] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.736864] iommufd_access_destroy+0x43/0x70 [ 216.737345] iommufd_test_staccess_release+0x8d/0xd0 [ 216.737876] __fput+0x26d/0xa40 [ 216.738242] ____fput+0x1e/0x30 [ 216.738667] task_work_run+0x1a4/0x2d0 [ 216.739257] ? __pfx_task_work_run+0x10/0x10 [ 216.739841] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.740346] ? switch_task_namespaces+0xa9/0xe0 [ 216.740840] do_exit+0xb17/0x2ef0 [ 216.741198] ? lock_acquire+0x427/0x4c0 [ 216.741621] ? __pfx_lock_release+0x10/0x10 [ 216.742069] ? __kasan_check_write+0x18/0x20 [ 216.742575] ? do_raw_spin_lock+0x132/0x2a0 [ 216.743115] ? __pfx_do_exit+0x10/0x10 [ 216.743710] ? debug_smp_processor_id+0x20/0x30 [ 216.744194] ? rcu_is_watching+0x19/0xb0 [ 216.744602] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.745081] ? trace_hardirqs_on+0x26/0x120 [ 216.745533] do_group_exit+0xe0/0x2b0 [ 216.745926] __x64_sys_exit_group+0x47/0x50 [ 216.746414] do_syscall_64+0x3b/0x90 [ 216.746947] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.747652] RIP: 0033:0x7f4b87518a4d [ 216.748045] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.748674] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.749461] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.750202] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.751228] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.752092] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.752821] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.753557] [ 216.753801] irq event stamp: 0 [ 216.754127] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.754853] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.755876] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.756729] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.757376] ---[ end trace 0000000000000000 ]--- [ 216.759847] ------------[ cut here ]------------ [ 216.760353] WARNING: CPU: 0 PID: 2067 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.761387] Modules linked in: [ 216.761715] CPU: 0 PID: 2067 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.763003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.764247] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.764774] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.766637] RSP: 0018:ffff8880184c7b78 EFLAGS: 00010246 [ 216.767204] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.767924] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 216.768634] RBP: ffff8880184c7b98 R08: ffffed100292dc3e R09: ffffed100292dc3e [ 216.769352] R10: ffff88801496e1ef R11: ffffed100292dc3d R12: ffff88801496e290 [ 216.770071] R13: ffff88801496e0a8 R14: ffffffffffffffff R15: ffff8880184c7c60 [ 216.770817] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.771657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.772251] CR2: 00007f82e2eaf000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 216.772973] PKRU: 55555554 [ 216.773261] Call Trace: [ 216.773521] [ 216.773753] iommufd_ioas_destroy+0x53/0x70 [ 216.774209] iommufd_fops_release+0x1f7/0x370 [ 216.774697] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.775221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.775725] ? write_comp_data+0x2f/0x90 [ 216.776145] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.776654] __fput+0x26d/0xa40 [ 216.777010] ____fput+0x1e/0x30 [ 216.777360] task_work_run+0x1a4/0x2d0 [ 216.777767] ? __pfx_task_work_run+0x10/0x10 [ 216.778217] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.778744] ? switch_task_namespaces+0xa9/0xe0 [ 216.779251] do_exit+0xb17/0x2ef0 [ 216.779609] ? lock_acquire+0x427/0x4c0 [ 216.780026] ? __pfx_lock_release+0x10/0x10 [ 216.780476] ? __kasan_check_write+0x18/0x20 [ 216.780932] ? do_raw_spin_lock+0x132/0x2a0 [ 216.781377] ? __pfx_do_exit+0x10/0x10 [ 216.781783] ? debug_smp_processor_id+0x20/0x30 [ 216.782270] ? rcu_is_watching+0x19/0xb0 [ 216.782718] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.783198] ? trace_hardirqs_on+0x26/0x120 [ 216.783637] do_group_exit+0xe0/0x2b0 [ 216.784030] __x64_sys_exit_group+0x47/0x50 [ 216.784453] do_syscall_64+0x3b/0x90 [ 216.784840] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.785355] RIP: 0033:0x7f4b87518a4d [ 216.785728] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.786338] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.787149] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.787874] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.788573] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.789278] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.789979] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.790712] [ 216.790943] irq event stamp: 0 [ 216.791273] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.791894] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.792729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.793533] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.794104] ---[ end trace 0000000000000000 ]--- [ 216.801473] ------------[ cut here ]------------ [ 216.801983] WARNING: CPU: 0 PID: 2068 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.803422] Modules linked in: [ 216.803724] CPU: 0 PID: 2068 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.804617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.805707] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.806162] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.807874] RSP: 0018:ffff88800f3afbb8 EFLAGS: 00010246 [ 216.808360] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 216.808997] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 216.809632] RBP: ffff88800f3afbd0 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 216.810269] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff88800f257000 [ 216.810912] R13: ffff8880158789e8 R14: ffffffff8352e670 R15: ffff88800f3afe68 [ 216.811565] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.812285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.812812] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ef0 [ 216.813459] PKRU: 55555554 [ 216.813713] Call Trace: [ 216.813941] [ 216.814146] __iommufd_access_detach+0x1c2/0x2b0 [ 216.814601] iommufd_access_change_pt+0x149/0x270 [ 216.815045] iommufd_access_replace+0xb4/0x120 [ 216.815449] iommufd_test+0x3e5/0x37e0 [ 216.815782] ? lock_release+0x532/0x770 [ 216.816131] ? __might_fault+0x102/0x1b0 [ 216.816486] ? lock_acquire+0x427/0x4c0 [ 216.816834] ? __pfx_iommufd_test+0x10/0x10 [ 216.817199] ? __pfx_lock_release+0x10/0x10 [ 216.817573] ? __pfx_lock_acquire+0x10/0x10 [ 216.817949] ? write_comp_data+0x2f/0x90 [ 216.818304] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.818737] ? write_comp_data+0x2f/0x90 [ 216.819096] iommufd_fops_ioctl+0x37d/0x510 [ 216.819481] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.819902] ? write_comp_data+0x2f/0x90 [ 216.820259] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.820669] __x64_sys_ioctl+0x1a3/0x230 [ 216.821020] do_syscall_64+0x3b/0x90 [ 216.821341] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.821788] RIP: 0033:0x7f4b8743ee5d [ 216.822107] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.823654] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.824292] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.824881] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.825471] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.826056] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.826659] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.827267] [ 216.827463] irq event stamp: 0 [ 216.827730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.828255] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.828916] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.829584] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.830075] ---[ end trace 0000000000000000 ]--- [ 216.833187] ------------[ cut here ]------------ [ 216.833572] WARNING: CPU: 0 PID: 2068 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.834370] Modules linked in: [ 216.834805] CPU: 0 PID: 2068 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.835615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.836495] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.836954] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.838489] RSP: 0018:ffff88800f3afbd0 EFLAGS: 00010246 [ 216.838996] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 216.839640] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 216.840197] RBP: ffff88800f3afbe8 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 216.840822] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff888013bc5400 [ 216.841449] R13: ffff8880158789e8 R14: ffff888018b86d00 R15: 0000000000000000 [ 216.842007] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.842791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.843257] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.843818] PKRU: 55555554 [ 216.844084] Call Trace: [ 216.844319] [ 216.844589] iommufd_access_destroy_object+0x65/0x170 [ 216.845003] iommufd_object_destroy_user+0x18e/0x220 [ 216.845412] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.845944] iommufd_access_destroy+0x43/0x70 [ 216.846374] iommufd_test_staccess_release+0x8d/0xd0 [ 216.846799] __fput+0x26d/0xa40 [ 216.847077] ____fput+0x1e/0x30 [ 216.847359] task_work_run+0x1a4/0x2d0 [ 216.847808] ? __pfx_task_work_run+0x10/0x10 [ 216.848166] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.848562] ? switch_task_namespaces+0xa9/0xe0 [ 216.848941] do_exit+0xb17/0x2ef0 [ 216.849281] ? lock_acquire+0x427/0x4c0 [ 216.849685] ? __pfx_lock_release+0x10/0x10 [ 216.850038] ? __kasan_check_write+0x18/0x20 [ 216.850391] ? do_raw_spin_lock+0x132/0x2a0 [ 216.850746] ? __pfx_do_exit+0x10/0x10 [ 216.851135] ? debug_smp_processor_id+0x20/0x30 [ 216.851585] ? rcu_is_watching+0x19/0xb0 [ 216.851913] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.852282] ? trace_hardirqs_on+0x26/0x120 [ 216.852678] do_group_exit+0xe0/0x2b0 [ 216.853074] __x64_sys_exit_group+0x47/0x50 [ 216.853428] do_syscall_64+0x3b/0x90 [ 216.853736] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.854155] RIP: 0033:0x7f4b87518a4d [ 216.854529] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.855092] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.855709] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.856434] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.857000] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.857559] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.858268] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.858872] [ 216.859062] irq event stamp: 0 [ 216.859326] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.859981] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.860644] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.861377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.861959] ---[ end trace 0000000000000000 ]--- [ 216.864300] ------------[ cut here ]------------ [ 216.864724] WARNING: CPU: 0 PID: 2068 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.865649] Modules linked in: [ 216.865905] CPU: 0 PID: 2068 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.866787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.867690] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.868100] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.869545] RSP: 0018:ffff88800f3afb78 EFLAGS: 00010246 [ 216.869965] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.870541] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 216.871103] RBP: ffff88800f3afb98 R08: ffffed1002b0f13e R09: ffffed1002b0f13e [ 216.871671] R10: ffff8880158789ef R11: ffffed1002b0f13d R12: ffff888015878a90 [ 216.872230] R13: ffff8880158788a8 R14: ffffffffffffffff R15: ffff88800f3afc60 [ 216.872786] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.873414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.873870] CR2: 00007f82e2ecc000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 216.874430] PKRU: 55555554 [ 216.874670] Call Trace: [ 216.874876] [ 216.875058] iommufd_ioas_destroy+0x53/0x70 [ 216.875422] iommufd_fops_release+0x1f7/0x370 [ 216.875785] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.876184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.876577] ? write_comp_data+0x2f/0x90 [ 216.876908] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.877304] __fput+0x26d/0xa40 [ 216.877580] ____fput+0x1e/0x30 [ 216.877851] task_work_run+0x1a4/0x2d0 [ 216.878168] ? __pfx_task_work_run+0x10/0x10 [ 216.878536] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.878930] ? switch_task_namespaces+0xa9/0xe0 [ 216.879317] do_exit+0xb17/0x2ef0 [ 216.879595] ? lock_acquire+0x427/0x4c0 [ 216.879921] ? __pfx_lock_release+0x10/0x10 [ 216.880270] ? __kasan_check_write+0x18/0x20 [ 216.880622] ? do_raw_spin_lock+0x132/0x2a0 [ 216.880970] ? __pfx_do_exit+0x10/0x10 [ 216.881286] ? debug_smp_processor_id+0x20/0x30 [ 216.881657] ? rcu_is_watching+0x19/0xb0 [ 216.881983] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.882348] ? trace_hardirqs_on+0x26/0x120 [ 216.882712] do_group_exit+0xe0/0x2b0 [ 216.883024] __x64_sys_exit_group+0x47/0x50 [ 216.883377] do_syscall_64+0x3b/0x90 [ 216.883682] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.884085] RIP: 0033:0x7f4b87518a4d [ 216.884375] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.884850] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.885430] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.885976] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.886537] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.887083] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.887642] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.888193] [ 216.888372] irq event stamp: 0 [ 216.888613] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.889096] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.889744] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.890399] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.890895] ---[ end trace 0000000000000000 ]--- [ 216.895712] ------------[ cut here ]------------ [ 216.896170] WARNING: CPU: 0 PID: 2069 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.897022] Modules linked in: [ 216.897269] CPU: 0 PID: 2069 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.898072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.898956] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.899356] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.900875] RSP: 0018:ffff8880188d7bb8 EFLAGS: 00010246 [ 216.901284] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 216.901953] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 216.902497] RBP: ffff8880188d7bd0 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 216.903067] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff8880129c6800 [ 216.903758] R13: ffff8880178189e8 R14: ffffffff8352e670 R15: ffff8880188d7e68 [ 216.904300] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.904936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.905477] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 216.906021] PKRU: 55555554 [ 216.906241] Call Trace: [ 216.906440] [ 216.906677] __iommufd_access_detach+0x1c2/0x2b0 [ 216.907146] iommufd_access_change_pt+0x149/0x270 [ 216.907533] iommufd_access_replace+0xb4/0x120 [ 216.907898] iommufd_test+0x3e5/0x37e0 [ 216.908200] ? lock_release+0x532/0x770 [ 216.908539] ? __might_fault+0x102/0x1b0 [ 216.908978] ? lock_acquire+0x427/0x4c0 [ 216.909298] ? __pfx_iommufd_test+0x10/0x10 [ 216.909635] ? __pfx_lock_release+0x10/0x10 [ 216.909980] ? __pfx_lock_acquire+0x10/0x10 [ 216.910391] ? write_comp_data+0x2f/0x90 [ 216.910805] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.911200] ? write_comp_data+0x2f/0x90 [ 216.911527] iommufd_fops_ioctl+0x37d/0x510 [ 216.911867] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.912251] ? write_comp_data+0x2f/0x90 [ 216.912713] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 216.913088] __x64_sys_ioctl+0x1a3/0x230 [ 216.913411] do_syscall_64+0x3b/0x90 [ 216.913709] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.914175] RIP: 0033:0x7f4b8743ee5d [ 216.914560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 216.915968] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 216.916697] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 216.917241] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 216.917785] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 216.918459] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 216.919027] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 216.919614] [ 216.919826] irq event stamp: 0 [ 216.920148] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.920635] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.921329] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.922048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.922545] ---[ end trace 0000000000000000 ]--- [ 216.926079] ------------[ cut here ]------------ [ 216.926560] WARNING: CPU: 0 PID: 2069 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.927350] Modules linked in: [ 216.927660] CPU: 0 PID: 2069 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.928391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.929244] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.929625] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.931029] RSP: 0018:ffff8880188d7bd0 EFLAGS: 00010246 [ 216.931453] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 216.931999] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 216.932544] RBP: ffff8880188d7be8 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 216.933087] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff88800f255c00 [ 216.933631] R13: ffff8880178189e8 R14: ffff8880141d8b00 R15: 0000000000000000 [ 216.934175] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.934805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.935266] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.935809] PKRU: 55555554 [ 216.936027] Call Trace: [ 216.936240] [ 216.936412] iommufd_access_destroy_object+0x65/0x170 [ 216.936807] iommufd_object_destroy_user+0x18e/0x220 [ 216.937195] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 216.937640] iommufd_access_destroy+0x43/0x70 [ 216.937988] iommufd_test_staccess_release+0x8d/0xd0 [ 216.938380] __fput+0x26d/0xa40 [ 216.938664] ____fput+0x1e/0x30 [ 216.938924] task_work_run+0x1a4/0x2d0 [ 216.939238] ? __pfx_task_work_run+0x10/0x10 [ 216.939584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.939966] ? switch_task_namespaces+0xa9/0xe0 [ 216.940339] do_exit+0xb17/0x2ef0 [ 216.940601] ? lock_acquire+0x427/0x4c0 [ 216.940917] ? __pfx_lock_release+0x10/0x10 [ 216.941264] ? __kasan_check_write+0x18/0x20 [ 216.941603] ? do_raw_spin_lock+0x132/0x2a0 [ 216.941930] ? __pfx_do_exit+0x10/0x10 [ 216.942237] ? debug_smp_processor_id+0x20/0x30 [ 216.942611] ? rcu_is_watching+0x19/0xb0 [ 216.942925] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.943285] ? trace_hardirqs_on+0x26/0x120 [ 216.943620] do_group_exit+0xe0/0x2b0 [ 216.943914] __x64_sys_exit_group+0x47/0x50 [ 216.944241] do_syscall_64+0x3b/0x90 [ 216.944533] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.944935] RIP: 0033:0x7f4b87518a4d [ 216.945225] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.945695] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.946265] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.946817] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.947367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.947904] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.948443] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.948989] [ 216.949169] irq event stamp: 0 [ 216.949410] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.949888] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.950535] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.951170] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.951646] ---[ end trace 0000000000000000 ]--- [ 216.952376] ------------[ cut here ]------------ [ 216.952927] WARNING: CPU: 0 PID: 2069 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 216.953698] Modules linked in: [ 216.953941] CPU: 0 PID: 2069 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.954739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.955598] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 216.955987] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 216.957525] RSP: 0018:ffff8880188d7b78 EFLAGS: 00010246 [ 216.957928] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 216.958461] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 216.959024] RBP: ffff8880188d7b98 R08: ffffed1002f0313e R09: ffffed1002f0313e [ 216.959573] R10: ffff8880178189ef R11: ffffed1002f0313d R12: ffff888017818a90 [ 216.960264] R13: ffff8880178188a8 R14: ffffffffffffffff R15: ffff8880188d7c60 [ 216.960807] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.961412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.961847] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 216.962386] PKRU: 55555554 [ 216.962619] Call Trace: [ 216.962885] [ 216.963142] iommufd_ioas_destroy+0x53/0x70 [ 216.963477] iommufd_fops_release+0x1f7/0x370 [ 216.963825] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.964208] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.964584] ? write_comp_data+0x2f/0x90 [ 216.964899] ? __pfx_iommufd_fops_release+0x10/0x10 [ 216.965278] __fput+0x26d/0xa40 [ 216.965541] ____fput+0x1e/0x30 [ 216.965801] task_work_run+0x1a4/0x2d0 [ 216.966106] ? __pfx_task_work_run+0x10/0x10 [ 216.966544] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.966975] ? switch_task_namespaces+0xa9/0xe0 [ 216.967351] do_exit+0xb17/0x2ef0 [ 216.967619] ? lock_acquire+0x427/0x4c0 [ 216.967940] ? __pfx_lock_release+0x10/0x10 [ 216.968276] ? __kasan_check_write+0x18/0x20 [ 216.968614] ? do_raw_spin_lock+0x132/0x2a0 [ 216.968944] ? __pfx_do_exit+0x10/0x10 [ 216.969246] ? debug_smp_processor_id+0x20/0x30 [ 216.969600] ? rcu_is_watching+0x19/0xb0 [ 216.969983] ? _raw_spin_unlock_irq+0x2b/0x60 [ 216.970484] ? trace_hardirqs_on+0x26/0x120 [ 216.970850] do_group_exit+0xe0/0x2b0 [ 216.971158] __x64_sys_exit_group+0x47/0x50 [ 216.971487] do_syscall_64+0x3b/0x90 [ 216.971781] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 216.972181] RIP: 0033:0x7f4b87518a4d [ 216.972468] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 216.972933] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 216.973551] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 216.974242] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 216.974800] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 216.975348] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 216.975885] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 216.976427] [ 216.976608] irq event stamp: 0 [ 216.976851] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 216.977546] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 216.978179] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 216.978848] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 216.979339] ---[ end trace 0000000000000000 ]--- [ 216.984324] ------------[ cut here ]------------ [ 216.984903] WARNING: CPU: 0 PID: 2070 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 216.985662] Modules linked in: [ 216.985905] CPU: 0 PID: 2070 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 216.986633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 216.987501] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 216.987934] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 216.989596] RSP: 0018:ffff8880128d7bb8 EFLAGS: 00010246 [ 216.990005] RAX: 0000000000000000 RBX: ffff8880147058a8 RCX: 0000000000000000 [ 216.990576] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 216.991131] RBP: ffff8880128d7bd0 R08: ffffed10028e0b33 R09: ffffed10028e0b33 [ 216.991670] R10: ffff888014705993 R11: ffffed10028e0b32 R12: ffff88801226dc00 [ 216.992206] R13: ffff8880147059e8 R14: ffffffff8352e670 R15: ffff8880128d7e68 [ 216.992748] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 216.993360] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 216.993798] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ef0 [ 216.994353] PKRU: 55555554 [ 216.994591] Call Trace: [ 216.994791] [ 216.994968] __iommufd_access_detach+0x1c2/0x2b0 [ 216.995358] iommufd_access_change_pt+0x149/0x270 [ 216.995739] iommufd_access_replace+0xb4/0x120 [ 216.996103] iommufd_test+0x3e5/0x37e0 [ 216.996403] ? lock_release+0x532/0x770 [ 216.996722] ? __might_fault+0x102/0x1b0 [ 216.997063] ? lock_acquire+0x427/0x4c0 [ 216.997379] ? __pfx_iommufd_test+0x10/0x10 [ 216.997713] ? __pfx_lock_release+0x10/0x10 [ 216.998054] ? __pfx_lock_acquire+0x10/0x10 [ 216.998395] ? write_comp_data+0x2f/0x90 [ 216.998735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 216.999113] ? write_comp_data+0x2f/0x90 [ 216.999442] iommufd_fops_ioctl+0x37d/0x510 [ 216.999780] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.000162] ? write_comp_data+0x2f/0x90 [ 217.000486] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.000860] __x64_sys_ioctl+0x1a3/0x230 [ 217.001183] do_syscall_64+0x3b/0x90 [ 217.001480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.001887] RIP: 0033:0x7f4b8743ee5d [ 217.002176] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.003601] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.004183] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.004725] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.005264] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.005805] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.006349] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.006917] [ 217.007098] irq event stamp: 0 [ 217.007357] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.007840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.008476] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.009110] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.009590] ---[ end trace 0000000000000000 ]--- [ 217.012689] ------------[ cut here ]------------ [ 217.013068] WARNING: CPU: 0 PID: 2070 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.013838] Modules linked in: [ 217.014190] CPU: 0 PID: 2070 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.015066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.015936] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.016320] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.018108] RSP: 0018:ffff8880128d7bd0 EFLAGS: 00010246 [ 217.018749] RAX: 0000000000000000 RBX: ffff8880147058a8 RCX: 0000000000000000 [ 217.019314] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 217.019860] RBP: ffff8880128d7be8 R08: ffffed10028e0b33 R09: ffffed10028e0b33 [ 217.020497] R10: ffff888014705993 R11: ffffed10028e0b32 R12: ffff8880129c7800 [ 217.021202] R13: ffff8880147059e8 R14: ffff8880149bde00 R15: 0000000000000000 [ 217.021738] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.022497] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.022973] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.023529] PKRU: 55555554 [ 217.023749] Call Trace: [ 217.023945] [ 217.024144] iommufd_access_destroy_object+0x65/0x170 [ 217.024679] iommufd_object_destroy_user+0x18e/0x220 [ 217.025086] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.025542] iommufd_access_destroy+0x43/0x70 [ 217.025959] iommufd_test_staccess_release+0x8d/0xd0 [ 217.026468] __fput+0x26d/0xa40 [ 217.026759] ____fput+0x1e/0x30 [ 217.027025] task_work_run+0x1a4/0x2d0 [ 217.027346] ? __pfx_task_work_run+0x10/0x10 [ 217.027695] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.028146] ? switch_task_namespaces+0xa9/0xe0 [ 217.028583] do_exit+0xb17/0x2ef0 [ 217.028853] ? lock_acquire+0x427/0x4c0 [ 217.029181] ? __pfx_lock_release+0x10/0x10 [ 217.029533] ? __kasan_check_write+0x18/0x20 [ 217.029958] ? do_raw_spin_lock+0x132/0x2a0 [ 217.030418] ? __pfx_do_exit+0x10/0x10 [ 217.030758] ? debug_smp_processor_id+0x20/0x30 [ 217.031154] ? rcu_is_watching+0x19/0xb0 [ 217.031486] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.031875] ? trace_hardirqs_on+0x26/0x120 [ 217.032358] do_group_exit+0xe0/0x2b0 [ 217.032667] __x64_sys_exit_group+0x47/0x50 [ 217.033012] do_syscall_64+0x3b/0x90 [ 217.033324] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.033814] RIP: 0033:0x7f4b87518a4d [ 217.034244] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.034751] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.035371] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.036125] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.036698] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.037263] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.037992] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.038582] [ 217.038770] irq event stamp: 0 [ 217.039020] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.039545] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.040331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.040992] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.041640] ---[ end trace 0000000000000000 ]--- [ 217.042345] ------------[ cut here ]------------ [ 217.042743] WARNING: CPU: 0 PID: 2070 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.043639] Modules linked in: [ 217.043987] CPU: 0 PID: 2070 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.044678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.045734] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.046146] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.047763] RSP: 0018:ffff8880128d7b78 EFLAGS: 00010246 [ 217.048188] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.048750] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 217.049459] RBP: ffff8880128d7b98 R08: ffffed10028e0b3e R09: ffffed10028e0b3e [ 217.050034] R10: ffff8880147059ef R11: ffffed10028e0b3d R12: ffff888014705a90 [ 217.050614] R13: ffff8880147058a8 R14: ffffffffffffffff R15: ffff8880128d7c60 [ 217.051194] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.051831] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.052290] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.052867] PKRU: 55555554 [ 217.053094] Call Trace: [ 217.053298] [ 217.053479] iommufd_ioas_destroy+0x53/0x70 [ 217.053827] iommufd_fops_release+0x1f7/0x370 [ 217.054190] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.054616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.055013] ? write_comp_data+0x2f/0x90 [ 217.055360] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.055770] __fput+0x26d/0xa40 [ 217.056047] ____fput+0x1e/0x30 [ 217.056318] task_work_run+0x1a4/0x2d0 [ 217.056634] ? __pfx_task_work_run+0x10/0x10 [ 217.056997] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.057391] ? switch_task_namespaces+0xa9/0xe0 [ 217.057780] do_exit+0xb17/0x2ef0 [ 217.058061] ? lock_acquire+0x427/0x4c0 [ 217.058389] ? __pfx_lock_release+0x10/0x10 [ 217.058774] ? __kasan_check_write+0x18/0x20 [ 217.059153] ? do_raw_spin_lock+0x132/0x2a0 [ 217.059499] ? __pfx_do_exit+0x10/0x10 [ 217.059820] ? debug_smp_processor_id+0x20/0x30 [ 217.060194] ? rcu_is_watching+0x19/0xb0 [ 217.060522] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.060890] ? trace_hardirqs_on+0x26/0x120 [ 217.061237] do_group_exit+0xe0/0x2b0 [ 217.061541] __x64_sys_exit_group+0x47/0x50 [ 217.061880] do_syscall_64+0x3b/0x90 [ 217.062184] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.062616] RIP: 0033:0x7f4b87518a4d [ 217.062914] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.063414] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.064010] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.064573] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.065131] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.065693] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.066249] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.066850] [ 217.067040] irq event stamp: 0 [ 217.067303] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.067803] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.068463] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.069122] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.069618] ---[ end trace 0000000000000000 ]--- [ 217.074065] ------------[ cut here ]------------ [ 217.074467] WARNING: CPU: 0 PID: 2071 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.075326] Modules linked in: [ 217.075585] CPU: 0 PID: 2071 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.076274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.077159] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.077555] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.079175] RSP: 0018:ffff888023e87bb8 EFLAGS: 00010246 [ 217.079596] RAX: 0000000000000000 RBX: ffff888012a7d8a8 RCX: 0000000000000000 [ 217.080154] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 217.080712] RBP: ffff888023e87bd0 R08: ffffed100254fb33 R09: ffffed100254fb33 [ 217.081272] R10: ffff888012a7d993 R11: ffffed100254fb32 R12: ffff888014141c00 [ 217.081845] R13: ffff888012a7d9e8 R14: ffffffff8352e670 R15: ffff888023e87e68 [ 217.082406] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.083057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.083527] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 217.084085] PKRU: 55555554 [ 217.084309] Call Trace: [ 217.084511] [ 217.084691] __iommufd_access_detach+0x1c2/0x2b0 [ 217.085082] iommufd_access_change_pt+0x149/0x270 [ 217.085475] iommufd_access_replace+0xb4/0x120 [ 217.085852] iommufd_test+0x3e5/0x37e0 [ 217.086164] ? lock_release+0x532/0x770 [ 217.086490] ? __might_fault+0x102/0x1b0 [ 217.086842] ? lock_acquire+0x427/0x4c0 [ 217.087179] ? __pfx_iommufd_test+0x10/0x10 [ 217.087520] ? __pfx_lock_release+0x10/0x10 [ 217.087870] ? __pfx_lock_acquire+0x10/0x10 [ 217.088222] ? write_comp_data+0x2f/0x90 [ 217.088554] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.088942] ? write_comp_data+0x2f/0x90 [ 217.089268] iommufd_fops_ioctl+0x37d/0x510 [ 217.089612] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.090003] ? write_comp_data+0x2f/0x90 [ 217.090335] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.090736] __x64_sys_ioctl+0x1a3/0x230 [ 217.091073] do_syscall_64+0x3b/0x90 [ 217.091390] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.091807] RIP: 0033:0x7f4b8743ee5d [ 217.092107] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.093533] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.094128] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.094698] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.095272] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.095830] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.096394] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.096967] [ 217.097156] irq event stamp: 0 [ 217.097411] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.097925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.098606] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.099287] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.099798] ---[ end trace 0000000000000000 ]--- [ 217.102577] ------------[ cut here ]------------ [ 217.102981] WARNING: CPU: 0 PID: 2071 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.103793] Modules linked in: [ 217.104049] CPU: 0 PID: 2071 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.104737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.105620] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.106014] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.107478] RSP: 0018:ffff888023e87bd0 EFLAGS: 00010246 [ 217.107904] RAX: 0000000000000000 RBX: ffff888012a7d8a8 RCX: 0000000000000000 [ 217.108462] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 217.109021] RBP: ffff888023e87be8 R08: ffffed100254fb33 R09: ffffed100254fb33 [ 217.109577] R10: ffff888012a7d993 R11: ffffed100254fb32 R12: ffff88801226f400 [ 217.110133] R13: ffff888012a7d9e8 R14: ffff888011f1f800 R15: 0000000000000000 [ 217.110709] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.111354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.111811] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.112358] PKRU: 55555554 [ 217.112577] Call Trace: [ 217.112775] [ 217.112949] iommufd_access_destroy_object+0x65/0x170 [ 217.113349] iommufd_object_destroy_user+0x18e/0x220 [ 217.113746] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.114196] iommufd_access_destroy+0x43/0x70 [ 217.114571] iommufd_test_staccess_release+0x8d/0xd0 [ 217.114973] __fput+0x26d/0xa40 [ 217.115252] ____fput+0x1e/0x30 [ 217.115516] task_work_run+0x1a4/0x2d0 [ 217.115825] ? __pfx_task_work_run+0x10/0x10 [ 217.116171] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.116552] ? switch_task_namespaces+0xa9/0xe0 [ 217.116921] do_exit+0xb17/0x2ef0 [ 217.117192] ? lock_acquire+0x427/0x4c0 [ 217.117508] ? __pfx_lock_release+0x10/0x10 [ 217.117846] ? __kasan_check_write+0x18/0x20 [ 217.118186] ? do_raw_spin_lock+0x132/0x2a0 [ 217.118538] ? __pfx_do_exit+0x10/0x10 [ 217.118854] ? debug_smp_processor_id+0x20/0x30 [ 217.119226] ? rcu_is_watching+0x19/0xb0 [ 217.119546] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.119897] ? trace_hardirqs_on+0x26/0x120 [ 217.120232] do_group_exit+0xe0/0x2b0 [ 217.120523] __x64_sys_exit_group+0x47/0x50 [ 217.120852] do_syscall_64+0x3b/0x90 [ 217.121142] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.121539] RIP: 0033:0x7f4b87518a4d [ 217.121818] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.122279] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.122861] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.123414] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.123951] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.124487] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.125024] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.125564] [ 217.125742] irq event stamp: 0 [ 217.125978] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.126449] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.127105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.127767] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.128248] ---[ end trace 0000000000000000 ]--- [ 217.128919] ------------[ cut here ]------------ [ 217.129273] WARNING: CPU: 0 PID: 2071 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.130039] Modules linked in: [ 217.130284] CPU: 0 PID: 2071 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.130961] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.131815] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.132201] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.133596] RSP: 0018:ffff888023e87b78 EFLAGS: 00010246 [ 217.133995] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.134540] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 217.135076] RBP: ffff888023e87b98 R08: ffffed100254fb3e R09: ffffed100254fb3e [ 217.135619] R10: ffff888012a7d9ef R11: ffffed100254fb3d R12: ffff888012a7da90 [ 217.136151] R13: ffff888012a7d8a8 R14: ffffffffffffffff R15: ffff888023e87c60 [ 217.136682] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.137283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.137720] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.138255] PKRU: 55555554 [ 217.138469] Call Trace: [ 217.138679] [ 217.138854] iommufd_ioas_destroy+0x53/0x70 [ 217.139197] iommufd_fops_release+0x1f7/0x370 [ 217.139541] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.139919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.140294] ? write_comp_data+0x2f/0x90 [ 217.140610] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.140988] __fput+0x26d/0xa40 [ 217.141252] ____fput+0x1e/0x30 [ 217.141508] task_work_run+0x1a4/0x2d0 [ 217.141813] ? __pfx_task_work_run+0x10/0x10 [ 217.142152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.142539] ? switch_task_namespaces+0xa9/0xe0 [ 217.142906] do_exit+0xb17/0x2ef0 [ 217.143184] ? lock_acquire+0x427/0x4c0 [ 217.143500] ? __pfx_lock_release+0x10/0x10 [ 217.143832] ? __kasan_check_write+0x18/0x20 [ 217.144170] ? do_raw_spin_lock+0x132/0x2a0 [ 217.144501] ? __pfx_do_exit+0x10/0x10 [ 217.144809] ? debug_smp_processor_id+0x20/0x30 [ 217.145168] ? rcu_is_watching+0x19/0xb0 [ 217.145480] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.145829] ? trace_hardirqs_on+0x26/0x120 [ 217.146165] do_group_exit+0xe0/0x2b0 [ 217.146457] __x64_sys_exit_group+0x47/0x50 [ 217.146799] do_syscall_64+0x3b/0x90 [ 217.147095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.147508] RIP: 0033:0x7f4b87518a4d [ 217.147790] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.148251] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.148821] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.149358] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.149895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.150436] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.150982] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.151534] [ 217.151712] irq event stamp: 0 [ 217.151947] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.152422] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.153051] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.153680] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.154149] ---[ end trace 0000000000000000 ]--- [ 217.158663] ------------[ cut here ]------------ [ 217.159047] WARNING: CPU: 0 PID: 2072 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.159806] Modules linked in: [ 217.160041] CPU: 0 PID: 2072 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.160676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.161492] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.161857] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.163212] RSP: 0018:ffff8880180cfbb8 EFLAGS: 00010246 [ 217.163606] RAX: 0000000000000000 RBX: ffff888018b550a8 RCX: 0000000000000000 [ 217.164123] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 217.164644] RBP: ffff8880180cfbd0 R08: ffffed100316aa33 R09: ffffed100316aa33 [ 217.165159] R10: ffff888018b55193 R11: ffffed100316aa32 R12: ffff888020fefc00 [ 217.165677] R13: ffff888018b551e8 R14: ffffffff8352e670 R15: ffff8880180cfe68 [ 217.166194] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.166793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.167227] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 217.167751] PKRU: 55555554 [ 217.167959] Call Trace: [ 217.168145] [ 217.168311] __iommufd_access_detach+0x1c2/0x2b0 [ 217.168678] iommufd_access_change_pt+0x149/0x270 [ 217.169042] iommufd_access_replace+0xb4/0x120 [ 217.169394] iommufd_test+0x3e5/0x37e0 [ 217.169684] ? lock_release+0x532/0x770 [ 217.169989] ? __might_fault+0x102/0x1b0 [ 217.170297] ? lock_acquire+0x427/0x4c0 [ 217.170612] ? __pfx_iommufd_test+0x10/0x10 [ 217.170931] ? __pfx_lock_release+0x10/0x10 [ 217.171267] ? __pfx_lock_acquire+0x10/0x10 [ 217.171595] ? write_comp_data+0x2f/0x90 [ 217.171905] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.172269] ? write_comp_data+0x2f/0x90 [ 217.172578] iommufd_fops_ioctl+0x37d/0x510 [ 217.172899] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.173265] ? write_comp_data+0x2f/0x90 [ 217.173572] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.173930] __x64_sys_ioctl+0x1a3/0x230 [ 217.174240] do_syscall_64+0x3b/0x90 [ 217.174541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.174932] RIP: 0033:0x7f4b8743ee5d [ 217.175216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.176548] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.177117] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.177640] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.178160] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.178697] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.179229] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.179756] [ 217.179928] irq event stamp: 0 [ 217.180159] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.180623] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.181242] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.181856] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.182316] ---[ end trace 0000000000000000 ]--- [ 217.184998] ------------[ cut here ]------------ [ 217.185378] WARNING: CPU: 0 PID: 2072 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.186124] Modules linked in: [ 217.186364] CPU: 0 PID: 2072 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.187027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.187867] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.188235] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.189566] RSP: 0018:ffff8880180cfbd0 EFLAGS: 00010246 [ 217.189959] RAX: 0000000000000000 RBX: ffff888018b550a8 RCX: 0000000000000000 [ 217.190480] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 217.191023] RBP: ffff8880180cfbe8 R08: ffffed100316aa33 R09: ffffed100316aa33 [ 217.191568] R10: ffff888018b55193 R11: ffffed100316aa32 R12: ffff888014140c00 [ 217.192089] R13: ffff888018b551e8 R14: ffff8880149b9500 R15: 0000000000000000 [ 217.192610] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.193202] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.193627] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.194145] PKRU: 55555554 [ 217.194353] Call Trace: [ 217.194557] [ 217.194727] iommufd_access_destroy_object+0x65/0x170 [ 217.195113] iommufd_object_destroy_user+0x18e/0x220 [ 217.195499] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.195930] iommufd_access_destroy+0x43/0x70 [ 217.196267] iommufd_test_staccess_release+0x8d/0xd0 [ 217.196646] __fput+0x26d/0xa40 [ 217.196906] ____fput+0x1e/0x30 [ 217.197158] task_work_run+0x1a4/0x2d0 [ 217.197451] ? __pfx_task_work_run+0x10/0x10 [ 217.197779] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.198149] ? switch_task_namespaces+0xa9/0xe0 [ 217.198523] do_exit+0xb17/0x2ef0 [ 217.198784] ? lock_acquire+0x427/0x4c0 [ 217.199093] ? __pfx_lock_release+0x10/0x10 [ 217.199438] ? __kasan_check_write+0x18/0x20 [ 217.199773] ? do_raw_spin_lock+0x132/0x2a0 [ 217.200091] ? __pfx_do_exit+0x10/0x10 [ 217.200393] ? debug_smp_processor_id+0x20/0x30 [ 217.200740] ? rcu_is_watching+0x19/0xb0 [ 217.201042] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.201382] ? trace_hardirqs_on+0x26/0x120 [ 217.201709] do_group_exit+0xe0/0x2b0 [ 217.201996] __x64_sys_exit_group+0x47/0x50 [ 217.202312] do_syscall_64+0x3b/0x90 [ 217.202614] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.203006] RIP: 0033:0x7f4b87518a4d [ 217.203299] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.203750] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.204308] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.204826] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.205355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.205874] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.206393] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.206935] [ 217.207111] irq event stamp: 0 [ 217.207357] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.207817] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.208437] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.209048] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.209507] ---[ end trace 0000000000000000 ]--- [ 217.210165] ------------[ cut here ]------------ [ 217.210530] WARNING: CPU: 0 PID: 2072 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.211294] Modules linked in: [ 217.211544] CPU: 0 PID: 2072 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.212627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.213508] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.213964] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.215456] RSP: 0018:ffff8880180cfb78 EFLAGS: 00010246 [ 217.215845] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.216365] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 217.217003] RBP: ffff8880180cfb98 R08: ffffed100316aa3e R09: ffffed100316aa3e [ 217.217523] R10: ffff888018b551ef R11: ffffed100316aa3d R12: ffff888018b55290 [ 217.218040] R13: ffff888018b550a8 R14: ffffffffffffffff R15: ffff8880180cfc60 [ 217.218579] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.219313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.219748] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.220292] PKRU: 55555554 [ 217.220514] Call Trace: [ 217.220817] [ 217.220990] iommufd_ioas_destroy+0x53/0x70 [ 217.221319] iommufd_fops_release+0x1f7/0x370 [ 217.221663] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.222041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.222552] ? write_comp_data+0x2f/0x90 [ 217.222866] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.223243] __fput+0x26d/0xa40 [ 217.223502] ____fput+0x1e/0x30 [ 217.223770] task_work_run+0x1a4/0x2d0 [ 217.224088] ? __pfx_task_work_run+0x10/0x10 [ 217.224525] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.224892] ? switch_task_namespaces+0xa9/0xe0 [ 217.225253] do_exit+0xb17/0x2ef0 [ 217.225516] ? lock_acquire+0x427/0x4c0 [ 217.225953] ? __pfx_lock_release+0x10/0x10 [ 217.226284] ? __kasan_check_write+0x18/0x20 [ 217.226635] ? do_raw_spin_lock+0x132/0x2a0 [ 217.226958] ? __pfx_do_exit+0x10/0x10 [ 217.227270] ? debug_smp_processor_id+0x20/0x30 [ 217.227620] ? rcu_is_watching+0x19/0xb0 [ 217.228064] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.228410] ? trace_hardirqs_on+0x26/0x120 [ 217.228742] do_group_exit+0xe0/0x2b0 [ 217.229028] __x64_sys_exit_group+0x47/0x50 [ 217.229354] do_syscall_64+0x3b/0x90 [ 217.229780] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.230178] RIP: 0033:0x7f4b87518a4d [ 217.230460] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.230938] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.231563] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.232184] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.232718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.233314] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.233931] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.234481] [ 217.234679] irq event stamp: 0 [ 217.234921] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.235556] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.236199] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.236874] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.237422] ---[ end trace 0000000000000000 ]--- [ 217.241776] ------------[ cut here ]------------ [ 217.242298] WARNING: CPU: 0 PID: 2073 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.243151] Modules linked in: [ 217.243397] CPU: 0 PID: 2073 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.244179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.245058] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.245443] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.246865] RSP: 0018:ffff8880128d7bb8 EFLAGS: 00010246 [ 217.247306] RAX: 0000000000000000 RBX: ffff888015eb88a8 RCX: 0000000000000000 [ 217.247877] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 217.248446] RBP: ffff8880128d7bd0 R08: ffffed1002bd7133 R09: ffffed1002bd7133 [ 217.249021] R10: ffff888015eb8993 R11: ffffed1002bd7132 R12: ffff88800f9f5400 [ 217.249582] R13: ffff888015eb89e8 R14: ffffffff8352e670 R15: ffff8880128d7e68 [ 217.250142] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.250791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.251268] CR2: 00007f4b877410e8 CR3: 00000000104d2000 CR4: 0000000000750ef0 [ 217.251832] PKRU: 55555554 [ 217.252067] Call Trace: [ 217.252273] [ 217.252453] __iommufd_access_detach+0x1c2/0x2b0 [ 217.252844] iommufd_access_change_pt+0x149/0x270 [ 217.253237] iommufd_access_replace+0xb4/0x120 [ 217.253611] iommufd_test+0x3e5/0x37e0 [ 217.253918] ? lock_release+0x532/0x770 [ 217.254243] ? __might_fault+0x102/0x1b0 [ 217.254586] ? lock_acquire+0x427/0x4c0 [ 217.254915] ? __pfx_iommufd_test+0x10/0x10 [ 217.255272] ? __pfx_lock_release+0x10/0x10 [ 217.255622] ? __pfx_lock_acquire+0x10/0x10 [ 217.255977] ? write_comp_data+0x2f/0x90 [ 217.256309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.256698] ? write_comp_data+0x2f/0x90 [ 217.257031] iommufd_fops_ioctl+0x37d/0x510 [ 217.257376] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.257768] ? write_comp_data+0x2f/0x90 [ 217.258100] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.258485] __x64_sys_ioctl+0x1a3/0x230 [ 217.258839] do_syscall_64+0x3b/0x90 [ 217.259155] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.259572] RIP: 0033:0x7f4b8743ee5d [ 217.259870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.261307] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.261911] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.262472] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.263054] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.263629] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.264188] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.264758] [ 217.264946] irq event stamp: 0 [ 217.265193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.265690] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.266364] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.267038] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.267555] ---[ end trace 0000000000000000 ]--- [ 217.270768] ------------[ cut here ]------------ [ 217.271182] WARNING: CPU: 0 PID: 2073 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.271982] Modules linked in: [ 217.272242] CPU: 0 PID: 2073 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.273103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.273987] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.274562] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.276011] RSP: 0018:ffff8880128d7bd0 EFLAGS: 00010246 [ 217.276590] RAX: 0000000000000000 RBX: ffff888015eb88a8 RCX: 0000000000000000 [ 217.277159] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 217.277722] RBP: ffff8880128d7be8 R08: ffffed1002bd7133 R09: ffffed1002bd7133 [ 217.278432] R10: ffff888015eb8993 R11: ffffed1002bd7132 R12: ffff888020fed400 [ 217.279024] R13: ffff888015eb89e8 R14: ffff88801227de00 R15: 0000000000000000 [ 217.279614] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.280320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.280871] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.281433] PKRU: 55555554 [ 217.281660] Call Trace: [ 217.281898] [ 217.282153] iommufd_access_destroy_object+0x65/0x170 [ 217.282601] iommufd_object_destroy_user+0x18e/0x220 [ 217.283022] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.283505] iommufd_access_destroy+0x43/0x70 [ 217.283894] iommufd_test_staccess_release+0x8d/0xd0 [ 217.284422] __fput+0x26d/0xa40 [ 217.284701] ____fput+0x1e/0x30 [ 217.284971] task_work_run+0x1a4/0x2d0 [ 217.285289] ? __pfx_task_work_run+0x10/0x10 [ 217.285696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.286165] ? switch_task_namespaces+0xa9/0xe0 [ 217.286577] do_exit+0xb17/0x2ef0 [ 217.286864] ? lock_acquire+0x427/0x4c0 [ 217.287211] ? __pfx_lock_release+0x10/0x10 [ 217.287564] ? __kasan_check_write+0x18/0x20 [ 217.287990] ? do_raw_spin_lock+0x132/0x2a0 [ 217.288408] ? __pfx_do_exit+0x10/0x10 [ 217.288728] ? debug_smp_processor_id+0x20/0x30 [ 217.289107] ? rcu_is_watching+0x19/0xb0 [ 217.289440] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.289957] ? trace_hardirqs_on+0x26/0x120 [ 217.290312] do_group_exit+0xe0/0x2b0 [ 217.290638] __x64_sys_exit_group+0x47/0x50 [ 217.290983] do_syscall_64+0x3b/0x90 [ 217.291303] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.291759] RIP: 0033:0x7f4b87518a4d [ 217.292176] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.292669] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.293274] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.293986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.294566] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.295147] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.295869] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.296444] [ 217.296634] irq event stamp: 0 [ 217.296889] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.297466] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.298181] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.298861] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.299407] ---[ end trace 0000000000000000 ]--- [ 217.300219] ------------[ cut here ]------------ [ 217.300594] WARNING: CPU: 0 PID: 2073 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.301544] Modules linked in: [ 217.301808] CPU: 0 PID: 2073 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.302534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.303590] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.304009] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.305596] RSP: 0018:ffff8880128d7b78 EFLAGS: 00010246 [ 217.306022] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.306618] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 217.307302] RBP: ffff8880128d7b98 R08: ffffed1002bd713e R09: ffffed1002bd713e [ 217.307848] R10: ffff888015eb89ef R11: ffffed1002bd713d R12: ffff888015eb8a90 [ 217.308402] R13: ffff888015eb88a8 R14: ffffffffffffffff R15: ffff8880128d7c60 [ 217.309148] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.309799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.310269] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.311038] PKRU: 55555554 [ 217.311287] Call Trace: [ 217.311501] [ 217.311694] iommufd_ioas_destroy+0x53/0x70 [ 217.312069] iommufd_fops_release+0x1f7/0x370 [ 217.312530] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.313054] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.313467] ? write_comp_data+0x2f/0x90 [ 217.313813] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.314296] __fput+0x26d/0xa40 [ 217.314692] ____fput+0x1e/0x30 [ 217.314981] task_work_run+0x1a4/0x2d0 [ 217.315339] ? __pfx_task_work_run+0x10/0x10 [ 217.315725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.316233] ? switch_task_namespaces+0xa9/0xe0 [ 217.316749] do_exit+0xb17/0x2ef0 [ 217.317051] ? lock_acquire+0x427/0x4c0 [ 217.317403] ? __pfx_lock_release+0x10/0x10 [ 217.317785] ? __kasan_check_write+0x18/0x20 [ 217.318355] ? do_raw_spin_lock+0x132/0x2a0 [ 217.318745] ? __pfx_do_exit+0x10/0x10 [ 217.319093] ? debug_smp_processor_id+0x20/0x30 [ 217.319514] ? rcu_is_watching+0x19/0xb0 [ 217.319920] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.320438] ? trace_hardirqs_on+0x26/0x120 [ 217.320820] do_group_exit+0xe0/0x2b0 [ 217.321157] __x64_sys_exit_group+0x47/0x50 [ 217.321541] do_syscall_64+0x3b/0x90 [ 217.321957] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.322560] RIP: 0033:0x7f4b87518a4d [ 217.322886] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.323422] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.324309] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.324921] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.325531] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.326345] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.326990] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.327627] [ 217.327875] irq event stamp: 0 [ 217.328296] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.328841] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.329571] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.330579] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.331172] ---[ end trace 0000000000000000 ]--- [ 217.336129] ------------[ cut here ]------------ [ 217.336598] WARNING: CPU: 0 PID: 2074 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.337495] Modules linked in: [ 217.337784] CPU: 0 PID: 2074 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.338618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.339662] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.340115] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.341776] RSP: 0018:ffff888016fbfbb8 EFLAGS: 00010246 [ 217.342254] RAX: 0000000000000000 RBX: ffff88801299f0a8 RCX: 0000000000000000 [ 217.342911] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 217.343584] RBP: ffff888016fbfbd0 R08: ffffed1002533e33 R09: ffffed1002533e33 [ 217.344222] R10: ffff88801299f193 R11: ffffed1002533e32 R12: ffff88801422ec00 [ 217.344860] R13: ffff88801299f1e8 R14: ffffffff8352e670 R15: ffff888016fbfe68 [ 217.345489] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.346206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.346740] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 217.347393] PKRU: 55555554 [ 217.347653] Call Trace: [ 217.347882] [ 217.348089] __iommufd_access_detach+0x1c2/0x2b0 [ 217.348537] iommufd_access_change_pt+0x149/0x270 [ 217.348985] iommufd_access_replace+0xb4/0x120 [ 217.349403] iommufd_test+0x3e5/0x37e0 [ 217.349753] ? lock_release+0x532/0x770 [ 217.350117] ? __might_fault+0x102/0x1b0 [ 217.350491] ? lock_acquire+0x427/0x4c0 [ 217.350896] ? __pfx_iommufd_test+0x10/0x10 [ 217.351303] ? __pfx_lock_release+0x10/0x10 [ 217.351697] ? __pfx_lock_acquire+0x10/0x10 [ 217.352099] ? write_comp_data+0x2f/0x90 [ 217.352474] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.352920] ? write_comp_data+0x2f/0x90 [ 217.353299] iommufd_fops_ioctl+0x37d/0x510 [ 217.353704] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.354146] ? write_comp_data+0x2f/0x90 [ 217.354568] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.355019] __x64_sys_ioctl+0x1a3/0x230 [ 217.355418] do_syscall_64+0x3b/0x90 [ 217.355777] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.356259] RIP: 0033:0x7f4b8743ee5d [ 217.356600] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.358259] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.358981] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.359640] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.360283] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.360923] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.361571] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.362232] [ 217.362448] irq event stamp: 0 [ 217.362762] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.363356] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.364117] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.364873] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.365449] ---[ end trace 0000000000000000 ]--- [ 217.368538] ------------[ cut here ]------------ [ 217.369002] WARNING: CPU: 0 PID: 2074 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.369933] Modules linked in: [ 217.370224] CPU: 0 PID: 2074 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.371323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.372372] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.372829] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.374474] RSP: 0018:ffff888016fbfbd0 EFLAGS: 00010246 [ 217.374986] RAX: 0000000000000000 RBX: ffff88801299f0a8 RCX: 0000000000000000 [ 217.375655] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 217.376302] RBP: ffff888016fbfbe8 R08: ffffed1002533e33 R09: ffffed1002533e33 [ 217.376951] R10: ffff88801299f193 R11: ffffed1002533e32 R12: ffff88800f9f7400 [ 217.377597] R13: ffff88801299f1e8 R14: ffff888020f6a000 R15: 0000000000000000 [ 217.378242] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.378991] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.379546] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.380200] PKRU: 55555554 [ 217.380460] Call Trace: [ 217.380693] [ 217.380901] iommufd_access_destroy_object+0x65/0x170 [ 217.381386] iommufd_object_destroy_user+0x18e/0x220 [ 217.381867] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.382413] iommufd_access_destroy+0x43/0x70 [ 217.382859] iommufd_test_staccess_release+0x8d/0xd0 [ 217.383347] __fput+0x26d/0xa40 [ 217.383666] ____fput+0x1e/0x30 [ 217.383976] task_work_run+0x1a4/0x2d0 [ 217.384341] ? __pfx_task_work_run+0x10/0x10 [ 217.384754] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.385214] ? switch_task_namespaces+0xa9/0xe0 [ 217.385663] do_exit+0xb17/0x2ef0 [ 217.385981] ? lock_acquire+0x427/0x4c0 [ 217.386353] ? __pfx_lock_release+0x10/0x10 [ 217.386791] ? __kasan_check_write+0x18/0x20 [ 217.387227] ? do_raw_spin_lock+0x132/0x2a0 [ 217.387632] ? __pfx_do_exit+0x10/0x10 [ 217.387999] ? debug_smp_processor_id+0x20/0x30 [ 217.388435] ? rcu_is_watching+0x19/0xb0 [ 217.388810] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.389234] ? trace_hardirqs_on+0x26/0x120 [ 217.389638] do_group_exit+0xe0/0x2b0 [ 217.389988] __x64_sys_exit_group+0x47/0x50 [ 217.390381] do_syscall_64+0x3b/0x90 [ 217.390759] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.391259] RIP: 0033:0x7f4b87518a4d [ 217.391600] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.392166] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.392862] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.393501] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.394148] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.394813] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.395479] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.396138] [ 217.396357] irq event stamp: 0 [ 217.396646] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.397224] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.397990] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.398772] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.399364] ---[ end trace 0000000000000000 ]--- [ 217.400154] ------------[ cut here ]------------ [ 217.400583] WARNING: CPU: 0 PID: 2074 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.401514] Modules linked in: [ 217.401815] CPU: 0 PID: 2074 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.402648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.403695] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.404174] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.405829] RSP: 0018:ffff888016fbfb78 EFLAGS: 00010246 [ 217.406316] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.406993] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 217.407666] RBP: ffff888016fbfb98 R08: ffffed1002533e3e R09: ffffed1002533e3e [ 217.408312] R10: ffff88801299f1ef R11: ffffed1002533e3d R12: ffff88801299f290 [ 217.408969] R13: ffff88801299f0a8 R14: ffffffffffffffff R15: ffff888016fbfc60 [ 217.409622] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.410360] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.410915] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.411592] PKRU: 55555554 [ 217.411856] Call Trace: [ 217.412092] [ 217.412298] iommufd_ioas_destroy+0x53/0x70 [ 217.412714] iommufd_fops_release+0x1f7/0x370 [ 217.413128] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.413584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.414034] ? write_comp_data+0x2f/0x90 [ 217.414418] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.414894] __fput+0x26d/0xa40 [ 217.415221] ____fput+0x1e/0x30 [ 217.415533] task_work_run+0x1a4/0x2d0 [ 217.415899] ? __pfx_task_work_run+0x10/0x10 [ 217.416314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.416768] ? switch_task_namespaces+0xa9/0xe0 [ 217.417213] do_exit+0xb17/0x2ef0 [ 217.417539] ? lock_acquire+0x427/0x4c0 [ 217.417919] ? __pfx_lock_release+0x10/0x10 [ 217.418328] ? __kasan_check_write+0x18/0x20 [ 217.418763] ? do_raw_spin_lock+0x132/0x2a0 [ 217.419188] ? __pfx_do_exit+0x10/0x10 [ 217.419559] ? debug_smp_processor_id+0x20/0x30 [ 217.419986] ? rcu_is_watching+0x19/0xb0 [ 217.420357] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.420777] ? trace_hardirqs_on+0x26/0x120 [ 217.421184] do_group_exit+0xe0/0x2b0 [ 217.421534] __x64_sys_exit_group+0x47/0x50 [ 217.421935] do_syscall_64+0x3b/0x90 [ 217.422289] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.422797] RIP: 0033:0x7f4b87518a4d [ 217.423156] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.423717] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.424413] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.425064] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.425715] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.426362] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.427034] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.427713] [ 217.427931] irq event stamp: 0 [ 217.428220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.428805] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.429566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.430337] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.430930] ---[ end trace 0000000000000000 ]--- [ 217.435460] ------------[ cut here ]------------ [ 217.435933] WARNING: CPU: 0 PID: 2075 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.436851] Modules linked in: [ 217.437143] CPU: 0 PID: 2075 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.437929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.438995] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.439468] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.441132] RSP: 0018:ffff888017b8fbb8 EFLAGS: 00010246 [ 217.441620] RAX: 0000000000000000 RBX: ffff8880165300a8 RCX: 0000000000000000 [ 217.442262] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 217.442931] RBP: ffff888017b8fbd0 R08: ffffed1002ca6033 R09: ffffed1002ca6033 [ 217.443590] R10: ffff888016530193 R11: ffffed1002ca6032 R12: ffff888013b22800 [ 217.444236] R13: ffff8880165301e8 R14: ffffffff8352e670 R15: ffff888017b8fe68 [ 217.444878] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.445601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.446126] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 217.446803] PKRU: 55555554 [ 217.447070] Call Trace: [ 217.447317] [ 217.447527] __iommufd_access_detach+0x1c2/0x2b0 [ 217.447978] iommufd_access_change_pt+0x149/0x270 [ 217.448433] iommufd_access_replace+0xb4/0x120 [ 217.448865] iommufd_test+0x3e5/0x37e0 [ 217.449220] ? lock_release+0x532/0x770 [ 217.449592] ? __might_fault+0x102/0x1b0 [ 217.449969] ? lock_acquire+0x427/0x4c0 [ 217.450343] ? __pfx_iommufd_test+0x10/0x10 [ 217.450766] ? __pfx_lock_release+0x10/0x10 [ 217.451191] ? __pfx_lock_acquire+0x10/0x10 [ 217.451596] ? write_comp_data+0x2f/0x90 [ 217.451978] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.452439] ? write_comp_data+0x2f/0x90 [ 217.452826] iommufd_fops_ioctl+0x37d/0x510 [ 217.453227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.453678] ? write_comp_data+0x2f/0x90 [ 217.454070] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.454536] __x64_sys_ioctl+0x1a3/0x230 [ 217.454920] do_syscall_64+0x3b/0x90 [ 217.455293] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.455771] RIP: 0033:0x7f4b8743ee5d [ 217.456112] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.457758] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.458458] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.459139] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.459794] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.460435] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.461083] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.461729] [ 217.461944] irq event stamp: 0 [ 217.462231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.462835] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.463629] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.464384] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.464955] ---[ end trace 0000000000000000 ]--- [ 217.468004] ------------[ cut here ]------------ [ 217.468462] WARNING: CPU: 0 PID: 2075 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.469373] Modules linked in: [ 217.469664] CPU: 0 PID: 2075 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.470454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.471712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.472177] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.474184] RSP: 0018:ffff888017b8fbd0 EFLAGS: 00010246 [ 217.474702] RAX: 0000000000000000 RBX: ffff8880165300a8 RCX: 0000000000000000 [ 217.475485] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 217.476270] RBP: ffff888017b8fbe8 R08: ffffed1002ca6033 R09: ffffed1002ca6033 [ 217.476910] R10: ffff888016530193 R11: ffffed1002ca6032 R12: ffff88801422d400 [ 217.477749] R13: ffff8880165301e8 R14: ffff888012bf7500 R15: 0000000000000000 [ 217.478386] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.479151] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.479892] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.480536] PKRU: 55555554 [ 217.480793] Call Trace: [ 217.481025] [ 217.481231] iommufd_access_destroy_object+0x65/0x170 [ 217.481770] iommufd_object_destroy_user+0x18e/0x220 [ 217.482368] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.482919] iommufd_access_destroy+0x43/0x70 [ 217.483352] iommufd_test_staccess_release+0x8d/0xd0 [ 217.483846] __fput+0x26d/0xa40 [ 217.484270] ____fput+0x1e/0x30 [ 217.484711] task_work_run+0x1a4/0x2d0 [ 217.485084] ? __pfx_task_work_run+0x10/0x10 [ 217.485502] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.485958] ? switch_task_namespaces+0xa9/0xe0 [ 217.486671] do_exit+0xb17/0x2ef0 [ 217.486993] ? lock_acquire+0x427/0x4c0 [ 217.487385] ? __pfx_lock_release+0x10/0x10 [ 217.487791] ? __kasan_check_write+0x18/0x20 [ 217.488196] ? do_raw_spin_lock+0x132/0x2a0 [ 217.488692] ? __pfx_do_exit+0x10/0x10 [ 217.489229] ? debug_smp_processor_id+0x20/0x30 [ 217.489688] ? rcu_is_watching+0x19/0xb0 [ 217.490092] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.490571] ? trace_hardirqs_on+0x26/0x120 [ 217.491282] do_group_exit+0xe0/0x2b0 [ 217.491671] __x64_sys_exit_group+0x47/0x50 [ 217.492095] do_syscall_64+0x3b/0x90 [ 217.492461] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.492980] RIP: 0033:0x7f4b87518a4d [ 217.493584] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.494181] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.494944] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.495761] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.496600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.497311] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.498309] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.499069] [ 217.499324] irq event stamp: 0 [ 217.499644] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.500352] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.501327] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.502140] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.503009] ---[ end trace 0000000000000000 ]--- [ 217.503903] ------------[ cut here ]------------ [ 217.504383] WARNING: CPU: 0 PID: 2075 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.505647] Modules linked in: [ 217.505966] CPU: 0 PID: 2075 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.506925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.508206] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.508733] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.510857] RSP: 0018:ffff888017b8fb78 EFLAGS: 00010246 [ 217.511426] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.512398] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 217.513123] RBP: ffff888017b8fb98 R08: ffffed1002ca603e R09: ffffed1002ca603e [ 217.514088] R10: ffff8880165301ef R11: ffffed1002ca603d R12: ffff888016530290 [ 217.514820] R13: ffff8880165300a8 R14: ffffffffffffffff R15: ffff888017b8fc60 [ 217.515556] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.516610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.517185] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.517909] PKRU: 55555554 [ 217.518266] Call Trace: [ 217.518736] [ 217.518972] iommufd_ioas_destroy+0x53/0x70 [ 217.519428] iommufd_fops_release+0x1f7/0x370 [ 217.519888] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.520394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.521149] ? write_comp_data+0x2f/0x90 [ 217.521582] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.522088] __fput+0x26d/0xa40 [ 217.522436] ____fput+0x1e/0x30 [ 217.522909] task_work_run+0x1a4/0x2d0 [ 217.523481] ? __pfx_task_work_run+0x10/0x10 [ 217.523928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.524449] ? switch_task_namespaces+0xa9/0xe0 [ 217.524937] do_exit+0xb17/0x2ef0 [ 217.525291] ? lock_acquire+0x427/0x4c0 [ 217.525822] ? __pfx_lock_release+0x10/0x10 [ 217.526430] ? __kasan_check_write+0x18/0x20 [ 217.526923] ? do_raw_spin_lock+0x132/0x2a0 [ 217.527373] ? __pfx_do_exit+0x10/0x10 [ 217.527784] ? debug_smp_processor_id+0x20/0x30 [ 217.528370] ? rcu_is_watching+0x19/0xb0 [ 217.528940] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.529404] ? trace_hardirqs_on+0x26/0x120 [ 217.529848] do_group_exit+0xe0/0x2b0 [ 217.530282] __x64_sys_exit_group+0x47/0x50 [ 217.530945] do_syscall_64+0x3b/0x90 [ 217.531353] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.531893] RIP: 0033:0x7f4b87518a4d [ 217.532271] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.532964] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.533926] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.534682] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.535678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.536405] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.537135] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.538152] [ 217.538400] irq event stamp: 0 [ 217.538752] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.539416] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.540514] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.541367] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.542036] ---[ end trace 0000000000000000 ]--- [ 217.547916] ------------[ cut here ]------------ [ 217.548425] WARNING: CPU: 0 PID: 2076 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.549753] Modules linked in: [ 217.550080] CPU: 0 PID: 2076 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.551255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.552395] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.552907] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.554779] RSP: 0018:ffff888016fbfbb8 EFLAGS: 00010246 [ 217.555338] RAX: 0000000000000000 RBX: ffff888011f600a8 RCX: 0000000000000000 [ 217.556072] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 217.556790] RBP: ffff888016fbfbd0 R08: ffffed10023ec033 R09: ffffed10023ec033 [ 217.557510] R10: ffff888011f60193 R11: ffffed10023ec032 R12: ffff888014392000 [ 217.558237] R13: ffff888011f601e8 R14: ffffffff8352e670 R15: ffff888016fbfe68 [ 217.558964] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.559777] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.560366] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 217.561090] PKRU: 55555554 [ 217.561369] Call Trace: [ 217.561625] [ 217.561852] __iommufd_access_detach+0x1c2/0x2b0 [ 217.562354] iommufd_access_change_pt+0x149/0x270 [ 217.562879] iommufd_access_replace+0xb4/0x120 [ 217.563373] iommufd_test+0x3e5/0x37e0 [ 217.563769] ? lock_release+0x532/0x770 [ 217.564181] ? __might_fault+0x102/0x1b0 [ 217.564603] ? lock_acquire+0x427/0x4c0 [ 217.565020] ? __pfx_iommufd_test+0x10/0x10 [ 217.565454] ? __pfx_lock_release+0x10/0x10 [ 217.565894] ? __pfx_lock_acquire+0x10/0x10 [ 217.566333] ? write_comp_data+0x2f/0x90 [ 217.566778] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.567288] ? write_comp_data+0x2f/0x90 [ 217.567705] iommufd_fops_ioctl+0x37d/0x510 [ 217.568149] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.568647] ? write_comp_data+0x2f/0x90 [ 217.569063] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.569559] __x64_sys_ioctl+0x1a3/0x230 [ 217.569987] do_syscall_64+0x3b/0x90 [ 217.570372] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.570930] RIP: 0033:0x7f4b8743ee5d [ 217.571322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.573144] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.573920] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.574655] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.575386] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.576102] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.576820] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.577548] [ 217.577790] irq event stamp: 0 [ 217.578113] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.578764] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.579616] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.580450] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.581081] ---[ end trace 0000000000000000 ]--- [ 217.584742] ------------[ cut here ]------------ [ 217.585350] WARNING: CPU: 0 PID: 2076 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.586565] Modules linked in: [ 217.586895] CPU: 0 PID: 2076 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.587860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.589167] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.589681] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.591845] RSP: 0018:ffff888016fbfbd0 EFLAGS: 00010246 [ 217.592395] RAX: 0000000000000000 RBX: ffff888011f600a8 RCX: 0000000000000000 [ 217.593403] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 217.594146] RBP: ffff888016fbfbe8 R08: ffffed10023ec033 R09: ffffed10023ec033 [ 217.595007] R10: ffff888011f60193 R11: ffffed10023ec032 R12: ffff888013b23800 [ 217.595901] R13: ffff888011f601e8 R14: ffff888014957500 R15: 0000000000000000 [ 217.596624] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.597555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.598313] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.599072] PKRU: 55555554 [ 217.599381] Call Trace: [ 217.599651] [ 217.599973] iommufd_access_destroy_object+0x65/0x170 [ 217.600686] iommufd_object_destroy_user+0x18e/0x220 [ 217.601230] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.601838] iommufd_access_destroy+0x43/0x70 [ 217.602624] iommufd_test_staccess_release+0x8d/0xd0 [ 217.603187] __fput+0x26d/0xa40 [ 217.603545] ____fput+0x1e/0x30 [ 217.603895] task_work_run+0x1a4/0x2d0 [ 217.604303] ? __pfx_task_work_run+0x10/0x10 [ 217.604823] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.605559] ? switch_task_namespaces+0xa9/0xe0 [ 217.606062] do_exit+0xb17/0x2ef0 [ 217.606424] ? lock_acquire+0x427/0x4c0 [ 217.606888] ? __pfx_lock_release+0x10/0x10 [ 217.607380] ? __kasan_check_write+0x18/0x20 [ 217.608103] ? do_raw_spin_lock+0x132/0x2a0 [ 217.608562] ? __pfx_do_exit+0x10/0x10 [ 217.608974] ? debug_smp_processor_id+0x20/0x30 [ 217.609454] ? rcu_is_watching+0x19/0xb0 [ 217.609985] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.610622] ? trace_hardirqs_on+0x26/0x120 [ 217.611080] do_group_exit+0xe0/0x2b0 [ 217.611495] __x64_sys_exit_group+0x47/0x50 [ 217.611938] do_syscall_64+0x3b/0x90 [ 217.612413] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.613136] RIP: 0033:0x7f4b87518a4d [ 217.613523] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.614159] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.615282] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.616021] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.616753] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.617727] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.618446] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.619217] [ 217.619459] irq event stamp: 0 [ 217.619783] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.620432] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.621302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.622154] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.622812] ---[ end trace 0000000000000000 ]--- [ 217.623692] ------------[ cut here ]------------ [ 217.624158] WARNING: CPU: 0 PID: 2076 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.625161] Modules linked in: [ 217.625482] CPU: 0 PID: 2076 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.626332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.627493] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.628011] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.629828] RSP: 0018:ffff888016fbfb78 EFLAGS: 00010246 [ 217.630360] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.631079] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 217.631800] RBP: ffff888016fbfb98 R08: ffffed10023ec03e R09: ffffed10023ec03e [ 217.632507] R10: ffff888011f601ef R11: ffffed10023ec03d R12: ffff888011f60290 [ 217.633211] R13: ffff888011f600a8 R14: ffffffffffffffff R15: ffff888016fbfc60 [ 217.633918] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.634740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.635332] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.636044] PKRU: 55555554 [ 217.636327] Call Trace: [ 217.636587] [ 217.636818] iommufd_ioas_destroy+0x53/0x70 [ 217.637261] iommufd_fops_release+0x1f7/0x370 [ 217.637731] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.638238] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.638784] ? write_comp_data+0x2f/0x90 [ 217.639220] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.639725] __fput+0x26d/0xa40 [ 217.640072] ____fput+0x1e/0x30 [ 217.640413] task_work_run+0x1a4/0x2d0 [ 217.640813] ? __pfx_task_work_run+0x10/0x10 [ 217.641261] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.641757] ? switch_task_namespaces+0xa9/0xe0 [ 217.642234] do_exit+0xb17/0x2ef0 [ 217.642614] ? lock_acquire+0x427/0x4c0 [ 217.643026] ? __pfx_lock_release+0x10/0x10 [ 217.643486] ? __kasan_check_write+0x18/0x20 [ 217.643934] ? do_raw_spin_lock+0x132/0x2a0 [ 217.644369] ? __pfx_do_exit+0x10/0x10 [ 217.644774] ? debug_smp_processor_id+0x20/0x30 [ 217.645244] ? rcu_is_watching+0x19/0xb0 [ 217.645652] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.646101] ? trace_hardirqs_on+0x26/0x120 [ 217.646569] do_group_exit+0xe0/0x2b0 [ 217.646957] __x64_sys_exit_group+0x47/0x50 [ 217.647416] do_syscall_64+0x3b/0x90 [ 217.647801] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.648331] RIP: 0033:0x7f4b87518a4d [ 217.648710] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.649309] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.650058] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.650791] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.651512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.652218] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.652922] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.653638] [ 217.653870] irq event stamp: 0 [ 217.654186] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.654847] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.655698] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.656530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.657158] ---[ end trace 0000000000000000 ]--- [ 217.661924] ------------[ cut here ]------------ [ 217.662447] WARNING: CPU: 0 PID: 2077 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.663526] Modules linked in: [ 217.663844] CPU: 0 PID: 2077 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.664689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.665791] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.666283] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.668095] RSP: 0018:ffff8880163b7bb8 EFLAGS: 00010246 [ 217.668622] RAX: 0000000000000000 RBX: ffff888023e840a8 RCX: 0000000000000000 [ 217.669316] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 217.670016] RBP: ffff8880163b7bd0 R08: ffffed10047d0833 R09: ffffed10047d0833 [ 217.670747] R10: ffff888023e84193 R11: ffffed10047d0832 R12: ffff888010825c00 [ 217.671472] R13: ffff888023e841e8 R14: ffffffff8352e670 R15: ffff8880163b7e68 [ 217.672179] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.672979] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.673554] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ef0 [ 217.674260] PKRU: 55555554 [ 217.674567] Call Trace: [ 217.674825] [ 217.675049] __iommufd_access_detach+0x1c2/0x2b0 [ 217.675552] iommufd_access_change_pt+0x149/0x270 [ 217.676036] iommufd_access_replace+0xb4/0x120 [ 217.676504] iommufd_test+0x3e5/0x37e0 [ 217.676896] ? lock_release+0x532/0x770 [ 217.677304] ? __might_fault+0x102/0x1b0 [ 217.677712] ? lock_acquire+0x427/0x4c0 [ 217.678112] ? __pfx_iommufd_test+0x10/0x10 [ 217.678566] ? __pfx_lock_release+0x10/0x10 [ 217.679003] ? __pfx_lock_acquire+0x10/0x10 [ 217.679462] ? write_comp_data+0x2f/0x90 [ 217.679886] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.680376] ? write_comp_data+0x2f/0x90 [ 217.680806] iommufd_fops_ioctl+0x37d/0x510 [ 217.681242] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.681717] ? write_comp_data+0x2f/0x90 [ 217.682121] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.682621] __x64_sys_ioctl+0x1a3/0x230 [ 217.683024] do_syscall_64+0x3b/0x90 [ 217.683409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.683917] RIP: 0033:0x7f4b8743ee5d [ 217.684276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.686025] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.686791] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.687504] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.688193] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.688874] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.689560] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.690256] [ 217.690483] irq event stamp: 0 [ 217.690818] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.691436] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.692234] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.693025] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.693622] ---[ end trace 0000000000000000 ]--- [ 217.696791] ------------[ cut here ]------------ [ 217.697290] WARNING: CPU: 0 PID: 2077 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.698257] Modules linked in: [ 217.698830] CPU: 0 PID: 2077 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.699686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.700769] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.701250] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.703013] RSP: 0018:ffff8880163b7bd0 EFLAGS: 00010246 [ 217.703544] RAX: 0000000000000000 RBX: ffff888023e840a8 RCX: 0000000000000000 [ 217.704226] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 217.704902] RBP: ffff8880163b7be8 R08: ffffed10047d0833 R09: ffffed10047d0833 [ 217.705578] R10: ffff888023e84193 R11: ffffed10047d0832 R12: ffff88800b9b4400 [ 217.706253] R13: ffff888023e841e8 R14: ffff8880104c0700 R15: 0000000000000000 [ 217.706956] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.707719] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.708230] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.708871] PKRU: 55555554 [ 217.709121] Call Trace: [ 217.709352] [ 217.709553] iommufd_access_destroy_object+0x65/0x170 [ 217.710017] iommufd_object_destroy_user+0x18e/0x220 [ 217.710475] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.711015] iommufd_access_destroy+0x43/0x70 [ 217.711442] iommufd_test_staccess_release+0x8d/0xd0 [ 217.711905] __fput+0x26d/0xa40 [ 217.712218] ____fput+0x1e/0x30 [ 217.712519] task_work_run+0x1a4/0x2d0 [ 217.712876] ? __pfx_task_work_run+0x10/0x10 [ 217.713277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.713725] ? switch_task_namespaces+0xa9/0xe0 [ 217.714154] do_exit+0xb17/0x2ef0 [ 217.714474] ? lock_acquire+0x427/0x4c0 [ 217.714877] ? __pfx_lock_release+0x10/0x10 [ 217.715287] ? __kasan_check_write+0x18/0x20 [ 217.715689] ? do_raw_spin_lock+0x132/0x2a0 [ 217.716075] ? __pfx_do_exit+0x10/0x10 [ 217.716434] ? debug_smp_processor_id+0x20/0x30 [ 217.716852] ? rcu_is_watching+0x19/0xb0 [ 217.717219] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.717633] ? trace_hardirqs_on+0x26/0x120 [ 217.718024] do_group_exit+0xe0/0x2b0 [ 217.718365] __x64_sys_exit_group+0x47/0x50 [ 217.718772] do_syscall_64+0x3b/0x90 [ 217.719125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.719602] RIP: 0033:0x7f4b87518a4d [ 217.719938] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.720483] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.721161] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.721791] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.722422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.723081] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.723730] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.724371] [ 217.724580] irq event stamp: 0 [ 217.724862] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.725422] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.726163] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.726930] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.727506] ---[ end trace 0000000000000000 ]--- [ 217.728295] ------------[ cut here ]------------ [ 217.728717] WARNING: CPU: 0 PID: 2077 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.729621] Modules linked in: [ 217.729908] CPU: 0 PID: 2077 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.730714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.731734] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.732196] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.734239] RSP: 0018:ffff8880163b7b78 EFLAGS: 00010246 [ 217.734748] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.735388] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 217.736016] RBP: ffff8880163b7b98 R08: ffffed10047d083e R09: ffffed10047d083e [ 217.736643] R10: ffff888023e841ef R11: ffffed10047d083d R12: ffff888023e84290 [ 217.737371] R13: ffff888023e840a8 R14: ffffffffffffffff R15: ffff8880163b7c60 [ 217.738227] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.738968] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.739498] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.740145] PKRU: 55555554 [ 217.740407] Call Trace: [ 217.740630] [ 217.740834] iommufd_ioas_destroy+0x53/0x70 [ 217.741224] iommufd_fops_release+0x1f7/0x370 [ 217.741649] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.742251] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.742851] ? write_comp_data+0x2f/0x90 [ 217.743234] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.743677] __fput+0x26d/0xa40 [ 217.743984] ____fput+0x1e/0x30 [ 217.744299] task_work_run+0x1a4/0x2d0 [ 217.744655] ? __pfx_task_work_run+0x10/0x10 [ 217.745053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.745493] ? switch_task_namespaces+0xa9/0xe0 [ 217.745920] do_exit+0xb17/0x2ef0 [ 217.746272] ? lock_acquire+0x427/0x4c0 [ 217.746884] ? __pfx_lock_release+0x10/0x10 [ 217.747290] ? __kasan_check_write+0x18/0x20 [ 217.747686] ? do_raw_spin_lock+0x132/0x2a0 [ 217.748069] ? __pfx_do_exit+0x10/0x10 [ 217.748425] ? debug_smp_processor_id+0x20/0x30 [ 217.748840] ? rcu_is_watching+0x19/0xb0 [ 217.749201] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.749606] ? trace_hardirqs_on+0x26/0x120 [ 217.749994] do_group_exit+0xe0/0x2b0 [ 217.750376] __x64_sys_exit_group+0x47/0x50 [ 217.750863] do_syscall_64+0x3b/0x90 [ 217.751354] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.751821] RIP: 0033:0x7f4b87518a4d [ 217.752153] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.752692] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.753358] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.753982] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.754654] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.755496] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.756124] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.756754] [ 217.756962] irq event stamp: 0 [ 217.757240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.757793] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.758673] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.759553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.760110] ---[ end trace 0000000000000000 ]--- [ 217.764186] ------------[ cut here ]------------ [ 217.764630] WARNING: CPU: 0 PID: 2078 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.765570] Modules linked in: [ 217.766010] CPU: 0 PID: 2078 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.766814] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.767796] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.768224] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.770005] RSP: 0018:ffff888016fbfbb8 EFLAGS: 00010246 [ 217.770655] RAX: 0000000000000000 RBX: ffff888012daf0a8 RCX: 0000000000000000 [ 217.771266] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 217.771846] RBP: ffff888016fbfbd0 R08: ffffed10025b5e33 R09: ffffed10025b5e33 [ 217.772428] R10: ffff888012daf193 R11: ffffed10025b5e32 R12: ffff888018b8a000 [ 217.773007] R13: ffff888012daf1e8 R14: ffffffff8352e670 R15: ffff888016fbfe68 [ 217.773774] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.774431] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.774922] CR2: 00007f4b877410e8 CR3: 0000000013d5e000 CR4: 0000000000750ef0 [ 217.775519] PKRU: 55555554 [ 217.775754] Call Trace: [ 217.775964] [ 217.776150] __iommufd_access_detach+0x1c2/0x2b0 [ 217.776554] iommufd_access_change_pt+0x149/0x270 [ 217.777016] iommufd_access_replace+0xb4/0x120 [ 217.777527] iommufd_test+0x3e5/0x37e0 [ 217.777850] ? lock_release+0x532/0x770 [ 217.778189] ? __might_fault+0x102/0x1b0 [ 217.778551] ? lock_acquire+0x427/0x4c0 [ 217.778888] ? __pfx_iommufd_test+0x10/0x10 [ 217.779254] ? __pfx_lock_release+0x10/0x10 [ 217.779619] ? __pfx_lock_acquire+0x10/0x10 [ 217.779982] ? write_comp_data+0x2f/0x90 [ 217.780329] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.780794] ? write_comp_data+0x2f/0x90 [ 217.781257] iommufd_fops_ioctl+0x37d/0x510 [ 217.781617] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.782021] ? write_comp_data+0x2f/0x90 [ 217.782367] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.782794] __x64_sys_ioctl+0x1a3/0x230 [ 217.783155] do_syscall_64+0x3b/0x90 [ 217.783478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.783913] RIP: 0033:0x7f4b8743ee5d [ 217.784220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.785911] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.786578] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.787178] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.787796] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.788601] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.789188] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.789778] [ 217.789974] irq event stamp: 0 [ 217.790233] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.790777] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.791502] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.792361] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.792876] ---[ end trace 0000000000000000 ]--- [ 217.796004] ------------[ cut here ]------------ [ 217.796417] WARNING: CPU: 0 PID: 2078 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.797261] Modules linked in: [ 217.797527] CPU: 0 PID: 2078 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.798315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.799443] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.799855] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.801347] RSP: 0018:ffff888016fbfbd0 EFLAGS: 00010246 [ 217.801790] RAX: 0000000000000000 RBX: ffff888012daf0a8 RCX: 0000000000000000 [ 217.802374] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 217.802981] RBP: ffff888016fbfbe8 R08: ffffed10025b5e33 R09: ffffed10025b5e33 [ 217.803590] R10: ffff888012daf193 R11: ffffed10025b5e32 R12: ffff888010824c00 [ 217.804177] R13: ffff888012daf1e8 R14: ffff88800fd8ba00 R15: 0000000000000000 [ 217.804764] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.805423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.805901] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 217.806486] PKRU: 55555554 [ 217.806739] Call Trace: [ 217.806955] [ 217.807159] iommufd_access_destroy_object+0x65/0x170 [ 217.807596] iommufd_object_destroy_user+0x18e/0x220 [ 217.808033] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.808528] iommufd_access_destroy+0x43/0x70 [ 217.808919] iommufd_test_staccess_release+0x8d/0xd0 [ 217.809353] __fput+0x26d/0xa40 [ 217.809640] ____fput+0x1e/0x30 [ 217.809921] task_work_run+0x1a4/0x2d0 [ 217.810252] ? __pfx_task_work_run+0x10/0x10 [ 217.810650] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.811065] ? switch_task_namespaces+0xa9/0xe0 [ 217.811477] do_exit+0xb17/0x2ef0 [ 217.811768] ? lock_acquire+0x427/0x4c0 [ 217.812107] ? __pfx_lock_release+0x10/0x10 [ 217.812475] ? __kasan_check_write+0x18/0x20 [ 217.812843] ? do_raw_spin_lock+0x132/0x2a0 [ 217.813202] ? __pfx_do_exit+0x10/0x10 [ 217.813533] ? debug_smp_processor_id+0x20/0x30 [ 217.813917] ? rcu_is_watching+0x19/0xb0 [ 217.814256] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.814659] ? trace_hardirqs_on+0x26/0x120 [ 217.815024] do_group_exit+0xe0/0x2b0 [ 217.815354] __x64_sys_exit_group+0x47/0x50 [ 217.815712] do_syscall_64+0x3b/0x90 [ 217.816028] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.816462] RIP: 0033:0x7f4b87518a4d [ 217.816771] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.817276] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.817899] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.818486] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.819108] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.819717] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.820303] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.820901] [ 217.821097] irq event stamp: 0 [ 217.821360] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.821884] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.822607] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.823310] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.823827] ---[ end trace 0000000000000000 ]--- [ 217.824853] ------------[ cut here ]------------ [ 217.825414] WARNING: CPU: 0 PID: 2078 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.826261] Modules linked in: [ 217.826556] CPU: 0 PID: 2078 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.827286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.828213] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.828640] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.830363] RSP: 0018:ffff888016fbfb78 EFLAGS: 00010246 [ 217.830829] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.831420] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 217.832003] RBP: ffff888016fbfb98 R08: ffffed10025b5e3e R09: ffffed10025b5e3e [ 217.832625] R10: ffff888012daf1ef R11: ffffed10025b5e3d R12: ffff888012daf290 [ 217.833364] R13: ffff888012daf0a8 R14: ffffffffffffffff R15: ffff888016fbfc60 [ 217.833953] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.834637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.835122] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 217.835714] PKRU: 55555554 [ 217.835950] Call Trace: [ 217.836162] [ 217.836441] iommufd_ioas_destroy+0x53/0x70 [ 217.836932] iommufd_fops_release+0x1f7/0x370 [ 217.837313] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.837732] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.838148] ? write_comp_data+0x2f/0x90 [ 217.838494] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.838945] __fput+0x26d/0xa40 [ 217.839249] ____fput+0x1e/0x30 [ 217.839538] task_work_run+0x1a4/0x2d0 [ 217.839873] ? __pfx_task_work_run+0x10/0x10 [ 217.840243] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.840861] ? switch_task_namespaces+0xa9/0xe0 [ 217.841275] do_exit+0xb17/0x2ef0 [ 217.841566] ? lock_acquire+0x427/0x4c0 [ 217.841906] ? __pfx_lock_release+0x10/0x10 [ 217.842275] ? __kasan_check_write+0x18/0x20 [ 217.842666] ? do_raw_spin_lock+0x132/0x2a0 [ 217.843028] ? __pfx_do_exit+0x10/0x10 [ 217.843378] ? debug_smp_processor_id+0x20/0x30 [ 217.843768] ? rcu_is_watching+0x19/0xb0 [ 217.844106] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.844588] ? trace_hardirqs_on+0x26/0x120 [ 217.845070] do_group_exit+0xe0/0x2b0 [ 217.845389] __x64_sys_exit_group+0x47/0x50 [ 217.845750] do_syscall_64+0x3b/0x90 [ 217.846069] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.846540] RIP: 0033:0x7f4b87518a4d [ 217.846855] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.847381] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.848013] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.848712] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.849398] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.849988] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.850599] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.851206] [ 217.851402] irq event stamp: 0 [ 217.851666] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.852292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.853098] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.853785] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.854311] ---[ end trace 0000000000000000 ]--- [ 217.859823] ------------[ cut here ]------------ [ 217.860473] WARNING: CPU: 0 PID: 2079 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.861272] Modules linked in: [ 217.861523] CPU: 0 PID: 2079 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.862208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.863309] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.863702] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.865139] RSP: 0018:ffff8880147ffbb8 EFLAGS: 00010246 [ 217.865554] RAX: 0000000000000000 RBX: ffff88801669f0a8 RCX: 0000000000000000 [ 217.866105] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 217.866672] RBP: ffff8880147ffbd0 R08: ffffed1002cd3e33 R09: ffffed1002cd3e33 [ 217.867239] R10: ffff88801669f193 R11: ffffed1002cd3e32 R12: ffff88802081fc00 [ 217.867796] R13: ffff88801669f1e8 R14: ffffffff8352e670 R15: ffff8880147ffe68 [ 217.868351] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.868983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.869440] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 217.870006] PKRU: 55555554 [ 217.870231] Call Trace: [ 217.870435] [ 217.870637] __iommufd_access_detach+0x1c2/0x2b0 [ 217.871029] iommufd_access_change_pt+0x149/0x270 [ 217.871444] iommufd_access_replace+0xb4/0x120 [ 217.871818] iommufd_test+0x3e5/0x37e0 [ 217.872124] ? lock_release+0x532/0x770 [ 217.872444] ? __might_fault+0x102/0x1b0 [ 217.872770] ? lock_acquire+0x427/0x4c0 [ 217.873092] ? __pfx_iommufd_test+0x10/0x10 [ 217.873428] ? __pfx_lock_release+0x10/0x10 [ 217.873771] ? __pfx_lock_acquire+0x10/0x10 [ 217.874123] ? write_comp_data+0x2f/0x90 [ 217.874450] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.874855] ? write_comp_data+0x2f/0x90 [ 217.875197] iommufd_fops_ioctl+0x37d/0x510 [ 217.875541] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.875928] ? write_comp_data+0x2f/0x90 [ 217.876256] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.876637] __x64_sys_ioctl+0x1a3/0x230 [ 217.876968] do_syscall_64+0x3b/0x90 [ 217.877269] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.877680] RIP: 0033:0x7f4b8743ee5d [ 217.877972] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.879422] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.880018] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.880574] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.881125] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.881674] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.882232] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.882823] [ 217.883011] irq event stamp: 0 [ 217.883272] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.883770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.884417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.885069] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.885562] ---[ end trace 0000000000000000 ]--- [ 217.888524] ------------[ cut here ]------------ [ 217.888908] WARNING: CPU: 0 PID: 2079 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.889697] Modules linked in: [ 217.889997] CPU: 0 PID: 2079 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.890894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.891784] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.892173] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.893616] RSP: 0018:ffff8880147ffbd0 EFLAGS: 00010246 [ 217.894191] RAX: 0000000000000000 RBX: ffff88801669f0a8 RCX: 0000000000000000 [ 217.894763] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 217.895326] RBP: ffff8880147ffbe8 R08: ffffed1002cd3e33 R09: ffffed1002cd3e33 [ 217.895874] R10: ffff88801669f193 R11: ffffed1002cd3e32 R12: ffff888018b8b800 [ 217.896426] R13: ffff88801669f1e8 R14: ffff88800fd75100 R15: 0000000000000000 [ 217.896998] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.897774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.898224] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.898797] PKRU: 55555554 [ 217.899020] Call Trace: [ 217.899239] [ 217.899417] iommufd_access_destroy_object+0x65/0x170 [ 217.899829] iommufd_object_destroy_user+0x18e/0x220 [ 217.900231] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.900687] iommufd_access_destroy+0x43/0x70 [ 217.901144] iommufd_test_staccess_release+0x8d/0xd0 [ 217.901671] __fput+0x26d/0xa40 [ 217.901950] ____fput+0x1e/0x30 [ 217.902216] task_work_run+0x1a4/0x2d0 [ 217.902547] ? __pfx_task_work_run+0x10/0x10 [ 217.902898] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.903301] ? switch_task_namespaces+0xa9/0xe0 [ 217.903678] do_exit+0xb17/0x2ef0 [ 217.903958] ? lock_acquire+0x427/0x4c0 [ 217.904283] ? __pfx_lock_release+0x10/0x10 [ 217.904630] ? __kasan_check_write+0x18/0x20 [ 217.905076] ? do_raw_spin_lock+0x132/0x2a0 [ 217.905533] ? __pfx_do_exit+0x10/0x10 [ 217.905851] ? debug_smp_processor_id+0x20/0x30 [ 217.906218] ? rcu_is_watching+0x19/0xb0 [ 217.906559] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.906920] ? trace_hardirqs_on+0x26/0x120 [ 217.907281] do_group_exit+0xe0/0x2b0 [ 217.907582] __x64_sys_exit_group+0x47/0x50 [ 217.907918] do_syscall_64+0x3b/0x90 [ 217.908218] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.908705] RIP: 0033:0x7f4b87518a4d [ 217.909119] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.909596] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.910182] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.910756] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.911322] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.911874] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.912620] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.913177] [ 217.913361] irq event stamp: 0 [ 217.913609] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.914103] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.914781] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.915445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.916026] ---[ end trace 0000000000000000 ]--- [ 217.916830] ------------[ cut here ]------------ [ 217.917203] WARNING: CPU: 0 PID: 2079 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 217.917999] Modules linked in: [ 217.918257] CPU: 0 PID: 2079 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.919002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.920042] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 217.920450] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 217.921861] RSP: 0018:ffff8880147ffb78 EFLAGS: 00010246 [ 217.922278] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 217.923029] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 217.923598] RBP: ffff8880147ffb98 R08: ffffed1002cd3e3e R09: ffffed1002cd3e3e [ 217.924151] R10: ffff88801669f1ef R11: ffffed1002cd3e3d R12: ffff88801669f290 [ 217.924699] R13: ffff88801669f0a8 R14: ffffffffffffffff R15: ffff8880147ffc60 [ 217.925252] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.925905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.926524] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.927107] PKRU: 55555554 [ 217.927358] Call Trace: [ 217.927566] [ 217.927751] iommufd_ioas_destroy+0x53/0x70 [ 217.928109] iommufd_fops_release+0x1f7/0x370 [ 217.928486] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.928895] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.929343] ? write_comp_data+0x2f/0x90 [ 217.929842] ? __pfx_iommufd_fops_release+0x10/0x10 [ 217.930254] __fput+0x26d/0xa40 [ 217.930560] ____fput+0x1e/0x30 [ 217.930838] task_work_run+0x1a4/0x2d0 [ 217.931172] ? __pfx_task_work_run+0x10/0x10 [ 217.931538] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.931940] ? switch_task_namespaces+0xa9/0xe0 [ 217.932334] do_exit+0xb17/0x2ef0 [ 217.932623] ? lock_acquire+0x427/0x4c0 [ 217.932969] ? __pfx_lock_release+0x10/0x10 [ 217.933425] ? __kasan_check_write+0x18/0x20 [ 217.933904] ? do_raw_spin_lock+0x132/0x2a0 [ 217.934261] ? __pfx_do_exit+0x10/0x10 [ 217.934620] ? debug_smp_processor_id+0x20/0x30 [ 217.935005] ? rcu_is_watching+0x19/0xb0 [ 217.935351] ? _raw_spin_unlock_irq+0x2b/0x60 [ 217.935731] ? trace_hardirqs_on+0x26/0x120 [ 217.936088] do_group_exit+0xe0/0x2b0 [ 217.936402] __x64_sys_exit_group+0x47/0x50 [ 217.936752] do_syscall_64+0x3b/0x90 [ 217.937125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.937693] RIP: 0033:0x7f4b87518a4d [ 217.938002] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 217.938499] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 217.939158] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 217.939733] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 217.940312] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 217.940934] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 217.941679] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 217.942272] [ 217.942465] irq event stamp: 0 [ 217.942759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.943296] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.943996] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.944730] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.945412] ---[ end trace 0000000000000000 ]--- [ 217.950121] ------------[ cut here ]------------ [ 217.950613] WARNING: CPU: 0 PID: 2080 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.951622] Modules linked in: [ 217.951889] CPU: 0 PID: 2080 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.952606] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.953527] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.954023] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.955679] RSP: 0018:ffff888016fbfbb8 EFLAGS: 00010246 [ 217.956124] RAX: 0000000000000000 RBX: ffff88800f0d38a8 RCX: 0000000000000000 [ 217.956709] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 217.957293] RBP: ffff888016fbfbd0 R08: ffffed1001e1a733 R09: ffffed1001e1a733 [ 217.957879] R10: ffff88800f0d3993 R11: ffffed1001e1a732 R12: ffff888014580400 [ 217.958462] R13: ffff88800f0d39e8 R14: ffffffff8352e670 R15: ffff888016fbfe68 [ 217.959068] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.959746] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.960224] CR2: 00007f4b877410e8 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 217.960810] PKRU: 55555554 [ 217.961043] Call Trace: [ 217.961261] [ 217.961449] __iommufd_access_detach+0x1c2/0x2b0 [ 217.961859] iommufd_access_change_pt+0x149/0x270 [ 217.962268] iommufd_access_replace+0xb4/0x120 [ 217.962679] iommufd_test+0x3e5/0x37e0 [ 217.963006] ? lock_release+0x532/0x770 [ 217.963359] ? __might_fault+0x102/0x1b0 [ 217.963704] ? lock_acquire+0x427/0x4c0 [ 217.964044] ? __pfx_iommufd_test+0x10/0x10 [ 217.964399] ? __pfx_lock_release+0x10/0x10 [ 217.964766] ? __pfx_lock_acquire+0x10/0x10 [ 217.965141] ? write_comp_data+0x2f/0x90 [ 217.965487] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.965895] ? write_comp_data+0x2f/0x90 [ 217.966243] iommufd_fops_ioctl+0x37d/0x510 [ 217.966633] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.967043] ? write_comp_data+0x2f/0x90 [ 217.967401] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 217.967824] __x64_sys_ioctl+0x1a3/0x230 [ 217.968170] do_syscall_64+0x3b/0x90 [ 217.968492] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 217.968925] RIP: 0033:0x7f4b8743ee5d [ 217.969233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 217.970746] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 217.971379] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 217.971962] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 217.972544] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 217.973127] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 217.973713] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 217.974314] [ 217.974529] irq event stamp: 0 [ 217.974794] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 217.975319] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 217.976004] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 217.976692] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 217.977212] ---[ end trace 0000000000000000 ]--- [ 217.980433] ------------[ cut here ]------------ [ 217.980845] WARNING: CPU: 0 PID: 2080 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 217.981676] Modules linked in: [ 217.981942] CPU: 0 PID: 2080 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 217.982914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 217.983861] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 217.984275] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 217.985765] RSP: 0018:ffff888016fbfbd0 EFLAGS: 00010246 [ 217.986401] RAX: 0000000000000000 RBX: ffff88800f0d38a8 RCX: 0000000000000000 [ 217.987012] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 217.987614] RBP: ffff888016fbfbe8 R08: ffffed1001e1a733 R09: ffffed1001e1a733 [ 217.988202] R10: ffff88800f0d3993 R11: ffffed1001e1a732 R12: ffff88802081d400 [ 217.988790] R13: ffff88800f0d39e8 R14: ffff88801227da00 R15: 0000000000000000 [ 217.989389] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 217.990293] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 217.990792] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 217.991394] PKRU: 55555554 [ 217.991633] Call Trace: [ 217.991855] [ 217.992046] iommufd_access_destroy_object+0x65/0x170 [ 217.992488] iommufd_object_destroy_user+0x18e/0x220 [ 217.992915] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 217.993442] iommufd_access_destroy+0x43/0x70 [ 217.994011] iommufd_test_staccess_release+0x8d/0xd0 [ 217.994440] __fput+0x26d/0xa40 [ 217.994761] ____fput+0x1e/0x30 [ 217.995047] task_work_run+0x1a4/0x2d0 [ 217.995388] ? __pfx_task_work_run+0x10/0x10 [ 217.995762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 217.996171] ? switch_task_namespaces+0xa9/0xe0 [ 217.996571] do_exit+0xb17/0x2ef0 [ 217.996862] ? lock_acquire+0x427/0x4c0 [ 217.997202] ? __pfx_lock_release+0x10/0x10 [ 217.997655] ? __kasan_check_write+0x18/0x20 [ 217.998157] ? do_raw_spin_lock+0x132/0x2a0 [ 217.998547] ? __pfx_do_exit+0x10/0x10 [ 217.998884] ? debug_smp_processor_id+0x20/0x30 [ 217.999288] ? rcu_is_watching+0x19/0xb0 [ 217.999630] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.000014] ? trace_hardirqs_on+0x26/0x120 [ 218.000377] do_group_exit+0xe0/0x2b0 [ 218.000697] __x64_sys_exit_group+0x47/0x50 [ 218.001054] do_syscall_64+0x3b/0x90 [ 218.001460] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.002012] RIP: 0033:0x7f4b87518a4d [ 218.002328] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.002863] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.003503] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.004087] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.004671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.005352] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.006056] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.006667] [ 218.006863] irq event stamp: 0 [ 218.007136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.007664] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.008352] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.009152] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.009798] ---[ end trace 0000000000000000 ]--- [ 218.010545] ------------[ cut here ]------------ [ 218.010941] WARNING: CPU: 0 PID: 2080 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.011794] Modules linked in: [ 218.012063] CPU: 0 PID: 2080 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.012789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.013942] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.014375] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.015904] RSP: 0018:ffff888016fbfb78 EFLAGS: 00010246 [ 218.016349] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.017152] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 218.017737] RBP: ffff888016fbfb98 R08: ffffed1001e1a73e R09: ffffed1001e1a73e [ 218.018324] R10: ffff88800f0d39ef R11: ffffed1001e1a73d R12: ffff88800f0d3a90 [ 218.018937] R13: ffff88800f0d38a8 R14: ffffffffffffffff R15: ffff888016fbfc60 [ 218.019537] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.020204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.020867] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.021452] PKRU: 55555554 [ 218.021688] Call Trace: [ 218.021899] [ 218.022088] iommufd_ioas_destroy+0x53/0x70 [ 218.022455] iommufd_fops_release+0x1f7/0x370 [ 218.022853] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.023298] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.023715] ? write_comp_data+0x2f/0x90 [ 218.024062] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.024706] __fput+0x26d/0xa40 [ 218.024995] ____fput+0x1e/0x30 [ 218.025275] task_work_run+0x1a4/0x2d0 [ 218.025607] ? __pfx_task_work_run+0x10/0x10 [ 218.025979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.026387] ? switch_task_namespaces+0xa9/0xe0 [ 218.026808] do_exit+0xb17/0x2ef0 [ 218.027098] ? lock_acquire+0x427/0x4c0 [ 218.027450] ? __pfx_lock_release+0x10/0x10 [ 218.027814] ? __kasan_check_write+0x18/0x20 [ 218.028390] ? do_raw_spin_lock+0x132/0x2a0 [ 218.028751] ? __pfx_do_exit+0x10/0x10 [ 218.029083] ? debug_smp_processor_id+0x20/0x30 [ 218.029474] ? rcu_is_watching+0x19/0xb0 [ 218.029812] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.030188] ? trace_hardirqs_on+0x26/0x120 [ 218.030582] do_group_exit+0xe0/0x2b0 [ 218.030904] __x64_sys_exit_group+0x47/0x50 [ 218.031281] do_syscall_64+0x3b/0x90 [ 218.031605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.032240] RIP: 0033:0x7f4b87518a4d [ 218.032550] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.033064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.033694] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.034283] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.034937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.035686] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.036278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.036869] [ 218.037063] irq event stamp: 0 [ 218.037323] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.037842] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.038598] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.039452] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.039979] ---[ end trace 0000000000000000 ]--- [ 218.044075] ------------[ cut here ]------------ [ 218.044504] WARNING: CPU: 0 PID: 2081 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.045364] Modules linked in: [ 218.045805] CPU: 0 PID: 2081 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.046554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.047488] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.047912] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.049614] RSP: 0018:ffff8880147ffbb8 EFLAGS: 00010246 [ 218.050063] RAX: 0000000000000000 RBX: ffff88801781b8a8 RCX: 0000000000000000 [ 218.050893] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 218.051515] RBP: ffff8880147ffbd0 R08: ffffed1002f03733 R09: ffffed1002f03733 [ 218.052112] R10: ffff88801781b993 R11: ffffed1002f03732 R12: ffff888012e92400 [ 218.052723] R13: ffff88801781b9e8 R14: ffffffff8352e670 R15: ffff8880147ffe68 [ 218.053330] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.054007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.054494] CR2: 00007f4b877410e8 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 218.055137] PKRU: 55555554 [ 218.055379] Call Trace: [ 218.055596] [ 218.055787] __iommufd_access_detach+0x1c2/0x2b0 [ 218.056199] iommufd_access_change_pt+0x149/0x270 [ 218.056613] iommufd_access_replace+0xb4/0x120 [ 218.057009] iommufd_test+0x3e5/0x37e0 [ 218.057339] ? lock_release+0x532/0x770 [ 218.057680] ? __might_fault+0x102/0x1b0 [ 218.058026] ? lock_acquire+0x427/0x4c0 [ 218.058370] ? __pfx_iommufd_test+0x10/0x10 [ 218.058745] ? __pfx_lock_release+0x10/0x10 [ 218.059126] ? __pfx_lock_acquire+0x10/0x10 [ 218.059485] ? write_comp_data+0x2f/0x90 [ 218.059819] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.060209] ? write_comp_data+0x2f/0x90 [ 218.060540] iommufd_fops_ioctl+0x37d/0x510 [ 218.060888] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.061280] ? write_comp_data+0x2f/0x90 [ 218.061614] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.061999] __x64_sys_ioctl+0x1a3/0x230 [ 218.062331] do_syscall_64+0x3b/0x90 [ 218.062656] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.063075] RIP: 0033:0x7f4b8743ee5d [ 218.063383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.064820] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.065424] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.065993] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.066575] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.067150] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.067707] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.068276] [ 218.068468] irq event stamp: 0 [ 218.068721] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.069218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.069894] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.070580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.071081] ---[ end trace 0000000000000000 ]--- [ 218.074132] ------------[ cut here ]------------ [ 218.074550] WARNING: CPU: 0 PID: 2081 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.075369] Modules linked in: [ 218.075623] CPU: 0 PID: 2081 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.076518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.077430] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.077899] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.079716] RSP: 0018:ffff8880147ffbd0 EFLAGS: 00010246 [ 218.080211] RAX: 0000000000000000 RBX: ffff88801781b8a8 RCX: 0000000000000000 [ 218.080887] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 218.081451] RBP: ffff8880147ffbe8 R08: ffffed1002f03733 R09: ffffed1002f03733 [ 218.082188] R10: ffff88801781b993 R11: ffffed1002f03732 R12: ffff888014582000 [ 218.082769] R13: ffff88801781b9e8 R14: ffff88802094e800 R15: 0000000000000000 [ 218.083351] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.084063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.084631] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.085196] PKRU: 55555554 [ 218.085422] Call Trace: [ 218.085689] [ 218.085962] iommufd_access_destroy_object+0x65/0x170 [ 218.086381] iommufd_object_destroy_user+0x18e/0x220 [ 218.086821] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.087315] iommufd_access_destroy+0x43/0x70 [ 218.087739] iommufd_test_staccess_release+0x8d/0xd0 [ 218.088273] __fput+0x26d/0xa40 [ 218.088562] ____fput+0x1e/0x30 [ 218.088834] task_work_run+0x1a4/0x2d0 [ 218.089154] ? __pfx_task_work_run+0x10/0x10 [ 218.089581] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.090066] ? switch_task_namespaces+0xa9/0xe0 [ 218.090450] do_exit+0xb17/0x2ef0 [ 218.090750] ? lock_acquire+0x427/0x4c0 [ 218.091081] ? __pfx_lock_release+0x10/0x10 [ 218.091443] ? __kasan_check_write+0x18/0x20 [ 218.091879] ? do_raw_spin_lock+0x132/0x2a0 [ 218.092301] ? __pfx_do_exit+0x10/0x10 [ 218.092618] ? debug_smp_processor_id+0x20/0x30 [ 218.092991] ? rcu_is_watching+0x19/0xb0 [ 218.093364] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.093831] ? trace_hardirqs_on+0x26/0x120 [ 218.094188] do_group_exit+0xe0/0x2b0 [ 218.094492] __x64_sys_exit_group+0x47/0x50 [ 218.094860] do_syscall_64+0x3b/0x90 [ 218.095180] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.095669] RIP: 0033:0x7f4b87518a4d [ 218.096046] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.096535] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.097146] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.097853] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.098421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.099038] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.099724] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.100302] [ 218.100491] irq event stamp: 0 [ 218.100745] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.101318] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.102062] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.102753] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.103386] ---[ end trace 0000000000000000 ]--- [ 218.104091] ------------[ cut here ]------------ [ 218.104484] WARNING: CPU: 0 PID: 2081 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.105531] Modules linked in: [ 218.105804] CPU: 0 PID: 2081 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.106541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.107482] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.107910] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.109406] RSP: 0018:ffff8880147ffb78 EFLAGS: 00010246 [ 218.109840] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.110420] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 218.111016] RBP: ffff8880147ffb98 R08: ffffed1002f0373e R09: ffffed1002f0373e [ 218.111610] R10: ffff88801781b9ef R11: ffffed1002f0373d R12: ffff88801781ba90 [ 218.112193] R13: ffff88801781b8a8 R14: ffffffffffffffff R15: ffff8880147ffc60 [ 218.112776] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.113435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.113915] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.114495] PKRU: 55555554 [ 218.114749] Call Trace: [ 218.114961] [ 218.115173] iommufd_ioas_destroy+0x53/0x70 [ 218.115547] iommufd_fops_release+0x1f7/0x370 [ 218.115932] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.116345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.116761] ? write_comp_data+0x2f/0x90 [ 218.117107] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.117518] __fput+0x26d/0xa40 [ 218.117805] ____fput+0x1e/0x30 [ 218.118087] task_work_run+0x1a4/0x2d0 [ 218.118414] ? __pfx_task_work_run+0x10/0x10 [ 218.118807] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.119235] ? switch_task_namespaces+0xa9/0xe0 [ 218.119631] do_exit+0xb17/0x2ef0 [ 218.119918] ? lock_acquire+0x427/0x4c0 [ 218.120260] ? __pfx_lock_release+0x10/0x10 [ 218.120623] ? __kasan_check_write+0x18/0x20 [ 218.120995] ? do_raw_spin_lock+0x132/0x2a0 [ 218.121361] ? __pfx_do_exit+0x10/0x10 [ 218.121694] ? debug_smp_processor_id+0x20/0x30 [ 218.122081] ? rcu_is_watching+0x19/0xb0 [ 218.122420] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.122816] ? trace_hardirqs_on+0x26/0x120 [ 218.123195] do_group_exit+0xe0/0x2b0 [ 218.123514] __x64_sys_exit_group+0x47/0x50 [ 218.123870] do_syscall_64+0x3b/0x90 [ 218.124189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.124624] RIP: 0033:0x7f4b87518a4d [ 218.124933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.125437] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.126060] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.126659] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.127257] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.127846] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.128434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.129021] [ 218.129214] irq event stamp: 0 [ 218.129474] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.129990] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.130709] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.131406] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.131911] ---[ end trace 0000000000000000 ]--- [ 218.135757] ------------[ cut here ]------------ [ 218.136172] WARNING: CPU: 0 PID: 2082 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.136969] Modules linked in: [ 218.137225] CPU: 0 PID: 2082 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.137908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.138972] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.139378] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.140809] RSP: 0018:ffff888018087bb8 EFLAGS: 00010246 [ 218.141229] RAX: 0000000000000000 RBX: ffff88800b8140a8 RCX: 0000000000000000 [ 218.141789] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 218.142346] RBP: ffff888018087bd0 R08: ffffed1001702833 R09: ffffed1001702833 [ 218.142923] R10: ffff88800b814193 R11: ffffed1001702832 R12: ffff888010e03c00 [ 218.143495] R13: ffff88800b8141e8 R14: ffffffff8352e670 R15: ffff888018087e68 [ 218.144054] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.144687] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.145144] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 218.145716] PKRU: 55555554 [ 218.145941] Call Trace: [ 218.146145] [ 218.146325] __iommufd_access_detach+0x1c2/0x2b0 [ 218.146732] iommufd_access_change_pt+0x149/0x270 [ 218.147135] iommufd_access_replace+0xb4/0x120 [ 218.147508] iommufd_test+0x3e5/0x37e0 [ 218.147819] ? lock_release+0x532/0x770 [ 218.148149] ? __might_fault+0x102/0x1b0 [ 218.148481] ? lock_acquire+0x427/0x4c0 [ 218.148806] ? __pfx_iommufd_test+0x10/0x10 [ 218.149145] ? __pfx_lock_release+0x10/0x10 [ 218.149496] ? __pfx_lock_acquire+0x10/0x10 [ 218.149847] ? write_comp_data+0x2f/0x90 [ 218.150185] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.150597] ? write_comp_data+0x2f/0x90 [ 218.150930] iommufd_fops_ioctl+0x37d/0x510 [ 218.151301] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.151697] ? write_comp_data+0x2f/0x90 [ 218.152027] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.152414] __x64_sys_ioctl+0x1a3/0x230 [ 218.152752] do_syscall_64+0x3b/0x90 [ 218.153063] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.153476] RIP: 0033:0x7f4b8743ee5d [ 218.153774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.155228] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.155846] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.156408] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.156975] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.157531] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.158088] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.158669] [ 218.158857] irq event stamp: 0 [ 218.159109] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.159634] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.160299] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.160954] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.161461] ---[ end trace 0000000000000000 ]--- [ 218.164216] ------------[ cut here ]------------ [ 218.164600] WARNING: CPU: 0 PID: 2082 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.165370] Modules linked in: [ 218.165616] CPU: 0 PID: 2082 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.166281] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.167167] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.167551] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.168934] RSP: 0018:ffff888018087bd0 EFLAGS: 00010246 [ 218.169340] RAX: 0000000000000000 RBX: ffff88800b8140a8 RCX: 0000000000000000 [ 218.169880] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 218.170423] RBP: ffff888018087be8 R08: ffffed1001702833 R09: ffffed1001702833 [ 218.170980] R10: ffff88800b814193 R11: ffffed1001702832 R12: ffff888012e90c00 [ 218.171532] R13: ffff88800b8141e8 R14: ffff888020a44600 R15: 0000000000000000 [ 218.172076] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.172688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.173131] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.173675] PKRU: 55555554 [ 218.173895] Call Trace: [ 218.174091] [ 218.174262] iommufd_access_destroy_object+0x65/0x170 [ 218.174671] iommufd_object_destroy_user+0x18e/0x220 [ 218.175063] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.175516] iommufd_access_destroy+0x43/0x70 [ 218.175868] iommufd_test_staccess_release+0x8d/0xd0 [ 218.176263] __fput+0x26d/0xa40 [ 218.176528] ____fput+0x1e/0x30 [ 218.176785] task_work_run+0x1a4/0x2d0 [ 218.177086] ? __pfx_task_work_run+0x10/0x10 [ 218.177426] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.177804] ? switch_task_namespaces+0xa9/0xe0 [ 218.178167] do_exit+0xb17/0x2ef0 [ 218.178434] ? lock_acquire+0x427/0x4c0 [ 218.178762] ? __pfx_lock_release+0x10/0x10 [ 218.179097] ? __kasan_check_write+0x18/0x20 [ 218.179445] ? do_raw_spin_lock+0x132/0x2a0 [ 218.179774] ? __pfx_do_exit+0x10/0x10 [ 218.180077] ? debug_smp_processor_id+0x20/0x30 [ 218.180434] ? rcu_is_watching+0x19/0xb0 [ 218.180747] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.181097] ? trace_hardirqs_on+0x26/0x120 [ 218.181430] do_group_exit+0xe0/0x2b0 [ 218.181719] __x64_sys_exit_group+0x47/0x50 [ 218.182045] do_syscall_64+0x3b/0x90 [ 218.182336] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.182754] RIP: 0033:0x7f4b87518a4d [ 218.183037] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.183515] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.184083] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.184617] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.185150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.185684] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.186214] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.186776] [ 218.186960] irq event stamp: 0 [ 218.187208] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.187679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.188308] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.188937] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.189415] ---[ end trace 0000000000000000 ]--- [ 218.190097] ------------[ cut here ]------------ [ 218.190458] WARNING: CPU: 0 PID: 2082 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.191256] Modules linked in: [ 218.191504] CPU: 0 PID: 2082 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.192165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.193017] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.193408] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.194815] RSP: 0018:ffff888018087b78 EFLAGS: 00010246 [ 218.195232] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.195763] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 218.196297] RBP: ffff888018087b98 R08: ffffed100170283e R09: ffffed100170283e [ 218.196841] R10: ffff88800b8141ef R11: ffffed100170283d R12: ffff88800b814290 [ 218.197375] R13: ffff88800b8140a8 R14: ffffffffffffffff R15: ffff888018087c60 [ 218.197913] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.198544] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.198984] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.199530] PKRU: 55555554 [ 218.199743] Call Trace: [ 218.199938] [ 218.200108] iommufd_ioas_destroy+0x53/0x70 [ 218.200443] iommufd_fops_release+0x1f7/0x370 [ 218.200799] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.201181] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.201557] ? write_comp_data+0x2f/0x90 [ 218.201878] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.202260] __fput+0x26d/0xa40 [ 218.202543] ____fput+0x1e/0x30 [ 218.202804] task_work_run+0x1a4/0x2d0 [ 218.203109] ? __pfx_task_work_run+0x10/0x10 [ 218.203458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.203836] ? switch_task_namespaces+0xa9/0xe0 [ 218.204207] do_exit+0xb17/0x2ef0 [ 218.204472] ? lock_acquire+0x427/0x4c0 [ 218.204792] ? __pfx_lock_release+0x10/0x10 [ 218.205134] ? __kasan_check_write+0x18/0x20 [ 218.205478] ? do_raw_spin_lock+0x132/0x2a0 [ 218.205810] ? __pfx_do_exit+0x10/0x10 [ 218.206120] ? debug_smp_processor_id+0x20/0x30 [ 218.206491] ? rcu_is_watching+0x19/0xb0 [ 218.206846] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.207214] ? trace_hardirqs_on+0x26/0x120 [ 218.207551] do_group_exit+0xe0/0x2b0 [ 218.207844] __x64_sys_exit_group+0x47/0x50 [ 218.208175] do_syscall_64+0x3b/0x90 [ 218.208473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.208872] RIP: 0033:0x7f4b87518a4d [ 218.209158] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.209621] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.210191] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.210747] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.211298] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.211834] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.212370] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.212916] [ 218.213097] irq event stamp: 0 [ 218.213339] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.213813] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.214441] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.215088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.215580] ---[ end trace 0000000000000000 ]--- [ 218.219382] ------------[ cut here ]------------ [ 218.219766] WARNING: CPU: 0 PID: 2083 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.220533] Modules linked in: [ 218.220782] CPU: 0 PID: 2083 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.221465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.222353] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.222827] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.224291] RSP: 0018:ffff88800ea4fbb8 EFLAGS: 00010246 [ 218.224716] RAX: 0000000000000000 RBX: ffff888010b7c8a8 RCX: 0000000000000000 [ 218.225287] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 218.225854] RBP: ffff88800ea4fbd0 R08: ffffed100216f933 R09: ffffed100216f933 [ 218.226419] R10: ffff888010b7c993 R11: ffffed100216f932 R12: ffff888010827000 [ 218.227027] R13: ffff888010b7c9e8 R14: ffffffff8352e670 R15: ffff88800ea4fe68 [ 218.227620] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.228264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.228730] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 218.229300] PKRU: 55555554 [ 218.229528] Call Trace: [ 218.229733] [ 218.229918] __iommufd_access_detach+0x1c2/0x2b0 [ 218.230320] iommufd_access_change_pt+0x149/0x270 [ 218.230752] iommufd_access_replace+0xb4/0x120 [ 218.231146] iommufd_test+0x3e5/0x37e0 [ 218.231464] ? lock_release+0x532/0x770 [ 218.231797] ? __might_fault+0x102/0x1b0 [ 218.232126] ? lock_acquire+0x427/0x4c0 [ 218.232453] ? __pfx_iommufd_test+0x10/0x10 [ 218.232810] ? __pfx_lock_release+0x10/0x10 [ 218.233177] ? __pfx_lock_acquire+0x10/0x10 [ 218.233541] ? write_comp_data+0x2f/0x90 [ 218.233880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.234279] ? write_comp_data+0x2f/0x90 [ 218.234646] iommufd_fops_ioctl+0x37d/0x510 [ 218.235009] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.235446] ? write_comp_data+0x2f/0x90 [ 218.235800] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.236213] __x64_sys_ioctl+0x1a3/0x230 [ 218.236568] do_syscall_64+0x3b/0x90 [ 218.236895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.237341] RIP: 0033:0x7f4b8743ee5d [ 218.237669] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.239267] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.239922] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.240524] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.241132] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.241732] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.242339] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.242977] [ 218.243193] irq event stamp: 0 [ 218.243464] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.244000] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.244709] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.245417] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.245958] ---[ end trace 0000000000000000 ]--- [ 218.248896] ------------[ cut here ]------------ [ 218.249333] WARNING: CPU: 0 PID: 2083 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.250485] Modules linked in: [ 218.250807] CPU: 0 PID: 2083 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.251576] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.252572] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.253067] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.254947] RSP: 0018:ffff88800ea4fbd0 EFLAGS: 00010246 [ 218.255442] RAX: 0000000000000000 RBX: ffff888010b7c8a8 RCX: 0000000000000000 [ 218.256084] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 218.256717] RBP: ffff88800ea4fbe8 R08: ffffed100216f933 R09: ffffed100216f933 [ 218.257351] R10: ffff888010b7c993 R11: ffffed100216f932 R12: ffff888010e02800 [ 218.258168] R13: ffff888010b7c9e8 R14: ffff88800fd8be00 R15: 0000000000000000 [ 218.258959] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.259692] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.260213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.260863] PKRU: 55555554 [ 218.261118] Call Trace: [ 218.261348] [ 218.261552] iommufd_access_destroy_object+0x65/0x170 [ 218.262076] iommufd_object_destroy_user+0x18e/0x220 [ 218.262808] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.263345] iommufd_access_destroy+0x43/0x70 [ 218.263758] iommufd_test_staccess_release+0x8d/0xd0 [ 218.264224] __fput+0x26d/0xa40 [ 218.264546] ____fput+0x1e/0x30 [ 218.264859] task_work_run+0x1a4/0x2d0 [ 218.265234] ? __pfx_task_work_run+0x10/0x10 [ 218.265656] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.266099] ? switch_task_namespaces+0xa9/0xe0 [ 218.266639] do_exit+0xb17/0x2ef0 [ 218.267148] ? lock_acquire+0x427/0x4c0 [ 218.267524] ? __pfx_lock_release+0x10/0x10 [ 218.267922] ? __kasan_check_write+0x18/0x20 [ 218.268328] ? do_raw_spin_lock+0x132/0x2a0 [ 218.268729] ? __pfx_do_exit+0x10/0x10 [ 218.269092] ? debug_smp_processor_id+0x20/0x30 [ 218.269519] ? rcu_is_watching+0x19/0xb0 [ 218.269893] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.270309] ? trace_hardirqs_on+0x26/0x120 [ 218.270736] do_group_exit+0xe0/0x2b0 [ 218.271166] __x64_sys_exit_group+0x47/0x50 [ 218.271794] do_syscall_64+0x3b/0x90 [ 218.272244] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.272729] RIP: 0033:0x7f4b87518a4d [ 218.273077] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.273757] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.274433] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.275108] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.275770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.276418] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.277075] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.277743] [ 218.277958] irq event stamp: 0 [ 218.278250] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.278862] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.279652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.280411] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.280981] ---[ end trace 0000000000000000 ]--- [ 218.282181] ------------[ cut here ]------------ [ 218.282751] WARNING: CPU: 0 PID: 2083 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.283714] Modules linked in: [ 218.284013] CPU: 0 PID: 2083 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.284801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.285827] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.286299] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.288033] RSP: 0018:ffff88800ea4fb78 EFLAGS: 00010246 [ 218.288525] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.289172] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 218.289819] RBP: ffff88800ea4fb98 R08: ffffed100216f93e R09: ffffed100216f93e [ 218.290460] R10: ffff888010b7c9ef R11: ffffed100216f93d R12: ffff888010b7ca90 [ 218.291162] R13: ffff888010b7c8a8 R14: ffffffffffffffff R15: ffff88800ea4fc60 [ 218.291819] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.292547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.293071] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.293718] PKRU: 55555554 [ 218.293977] Call Trace: [ 218.294209] [ 218.294412] iommufd_ioas_destroy+0x53/0x70 [ 218.294831] iommufd_fops_release+0x1f7/0x370 [ 218.295265] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.295721] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.296172] ? write_comp_data+0x2f/0x90 [ 218.296553] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.297016] __fput+0x26d/0xa40 [ 218.297338] ____fput+0x1e/0x30 [ 218.297649] task_work_run+0x1a4/0x2d0 [ 218.298014] ? __pfx_task_work_run+0x10/0x10 [ 218.298424] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.298898] ? switch_task_namespaces+0xa9/0xe0 [ 218.299355] do_exit+0xb17/0x2ef0 [ 218.299679] ? lock_acquire+0x427/0x4c0 [ 218.300053] ? __pfx_lock_release+0x10/0x10 [ 218.300450] ? __kasan_check_write+0x18/0x20 [ 218.300858] ? do_raw_spin_lock+0x132/0x2a0 [ 218.301261] ? __pfx_do_exit+0x10/0x10 [ 218.301633] ? debug_smp_processor_id+0x20/0x30 [ 218.302065] ? rcu_is_watching+0x19/0xb0 [ 218.302444] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.302899] ? trace_hardirqs_on+0x26/0x120 [ 218.303335] do_group_exit+0xe0/0x2b0 [ 218.303692] __x64_sys_exit_group+0x47/0x50 [ 218.304081] do_syscall_64+0x3b/0x90 [ 218.304432] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.304918] RIP: 0033:0x7f4b87518a4d [ 218.305267] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.305833] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.306546] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.307218] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.307864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.308510] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.309148] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.309803] [ 218.310018] irq event stamp: 0 [ 218.310307] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.310903] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.311681] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.312440] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.313003] ---[ end trace 0000000000000000 ]--- [ 218.317404] ------------[ cut here ]------------ [ 218.318024] WARNING: CPU: 1 PID: 2084 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.318991] Modules linked in: [ 218.319298] CPU: 1 PID: 2084 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.320303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.321339] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.321842] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.323669] RSP: 0018:ffff888018087bb8 EFLAGS: 00010246 [ 218.324206] RAX: 0000000000000000 RBX: ffff888015ad38a8 RCX: 0000000000000000 [ 218.324993] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 218.325647] RBP: ffff888018087bd0 R08: ffffed1002b5a733 R09: ffffed1002b5a733 [ 218.326392] R10: ffff888015ad3993 R11: ffffed1002b5a732 R12: ffff888018b89800 [ 218.327168] R13: ffff888015ad39e8 R14: ffffffff8352e670 R15: ffff888018087e68 [ 218.327819] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.328612] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.329196] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 218.329816] PKRU: 55555554 [ 218.330064] Call Trace: [ 218.330289] [ 218.330549] __iommufd_access_detach+0x1c2/0x2b0 [ 218.331065] iommufd_access_change_pt+0x149/0x270 [ 218.331507] iommufd_access_replace+0xb4/0x120 [ 218.331919] iommufd_test+0x3e5/0x37e0 [ 218.332262] ? lock_release+0x532/0x770 [ 218.332619] ? __might_fault+0x102/0x1b0 [ 218.333099] ? lock_acquire+0x427/0x4c0 [ 218.333500] ? __pfx_iommufd_test+0x10/0x10 [ 218.333875] ? __pfx_lock_release+0x10/0x10 [ 218.334260] ? __pfx_lock_acquire+0x10/0x10 [ 218.334667] ? write_comp_data+0x2f/0x90 [ 218.335033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.335627] ? write_comp_data+0x2f/0x90 [ 218.335996] iommufd_fops_ioctl+0x37d/0x510 [ 218.336378] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.336809] ? write_comp_data+0x2f/0x90 [ 218.337210] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.337739] __x64_sys_ioctl+0x1a3/0x230 [ 218.338107] do_syscall_64+0x3b/0x90 [ 218.338443] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.338934] RIP: 0033:0x7f4b8743ee5d [ 218.339273] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.341010] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.341755] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.342451] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.343097] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.343751] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.344492] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.345119] [ 218.345323] irq event stamp: 0 [ 218.345599] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.346310] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.347060] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.347797] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.348508] ---[ end trace 0000000000000000 ]--- [ 218.351664] ------------[ cut here ]------------ [ 218.352181] WARNING: CPU: 1 PID: 2084 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.353147] Modules linked in: [ 218.353428] CPU: 1 PID: 2084 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.354328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.355346] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.355781] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.357525] RSP: 0018:ffff888018087bd0 EFLAGS: 00010246 [ 218.357986] RAX: 0000000000000000 RBX: ffff888015ad38a8 RCX: 0000000000000000 [ 218.358787] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 218.359414] RBP: ffff888018087be8 R08: ffffed1002b5a733 R09: ffffed1002b5a733 [ 218.360031] R10: ffff888015ad3993 R11: ffffed1002b5a732 R12: ffff888012a1ec00 [ 218.360726] R13: ffff888015ad39e8 R14: ffff888012c78200 R15: 0000000000000000 [ 218.361400] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.362095] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.362680] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 218.363376] PKRU: 55555554 [ 218.363623] Call Trace: [ 218.363844] [ 218.364041] iommufd_access_destroy_object+0x65/0x170 [ 218.364500] iommufd_object_destroy_user+0x18e/0x220 [ 218.365049] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.365650] iommufd_access_destroy+0x43/0x70 [ 218.366049] iommufd_test_staccess_release+0x8d/0xd0 [ 218.366497] __fput+0x26d/0xa40 [ 218.366832] ____fput+0x1e/0x30 [ 218.367141] task_work_run+0x1a4/0x2d0 [ 218.367580] ? __pfx_task_work_run+0x10/0x10 [ 218.368059] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.368509] ? switch_task_namespaces+0xa9/0xe0 [ 218.368938] do_exit+0xb17/0x2ef0 [ 218.369244] ? lock_acquire+0x427/0x4c0 [ 218.369687] ? __pfx_lock_release+0x10/0x10 [ 218.370156] ? __kasan_check_write+0x18/0x20 [ 218.370581] ? do_raw_spin_lock+0x132/0x2a0 [ 218.370970] ? __pfx_do_exit+0x10/0x10 [ 218.371330] ? debug_smp_processor_id+0x20/0x30 [ 218.371744] ? rcu_is_watching+0x19/0xb0 [ 218.372190] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.372685] ? trace_hardirqs_on+0x26/0x120 [ 218.373073] do_group_exit+0xe0/0x2b0 [ 218.373412] __x64_sys_exit_group+0x47/0x50 [ 218.373793] do_syscall_64+0x3b/0x90 [ 218.374215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.374783] RIP: 0033:0x7f4b87518a4d [ 218.375114] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.375669] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.376340] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.377140] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.377762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.378386] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.379191] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.379825] [ 218.380032] irq event stamp: 0 [ 218.380307] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.380937] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.381757] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.382489] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.383091] ---[ end trace 0000000000000000 ]--- [ 218.384017] ------------[ cut here ]------------ [ 218.384434] WARNING: CPU: 1 PID: 2084 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.385410] Modules linked in: [ 218.385781] CPU: 1 PID: 2084 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.386597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.387628] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.388203] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.389874] RSP: 0018:ffff888018087b78 EFLAGS: 00010246 [ 218.390434] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.391089] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 218.391652] RBP: ffff888018087b98 R08: ffffed1002b5a73e R09: ffffed1002b5a73e [ 218.392398] R10: ffff888015ad39ef R11: ffffed1002b5a73d R12: ffff888015ad3a90 [ 218.393011] R13: ffff888015ad38a8 R14: ffffffffffffffff R15: ffff888018087c60 [ 218.393628] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.394539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.395050] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 218.395682] PKRU: 55555554 [ 218.395932] Call Trace: [ 218.396155] [ 218.396435] iommufd_ioas_destroy+0x53/0x70 [ 218.396906] iommufd_fops_release+0x1f7/0x370 [ 218.397364] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.397802] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.398259] ? write_comp_data+0x2f/0x90 [ 218.398795] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.399249] __fput+0x26d/0xa40 [ 218.399555] ____fput+0x1e/0x30 [ 218.399854] task_work_run+0x1a4/0x2d0 [ 218.400210] ? __pfx_task_work_run+0x10/0x10 [ 218.400606] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.401188] ? switch_task_namespaces+0xa9/0xe0 [ 218.401617] do_exit+0xb17/0x2ef0 [ 218.401927] ? lock_acquire+0x427/0x4c0 [ 218.402290] ? __pfx_lock_release+0x10/0x10 [ 218.402704] ? __kasan_check_write+0x18/0x20 [ 218.403269] ? do_raw_spin_lock+0x132/0x2a0 [ 218.403652] ? __pfx_do_exit+0x10/0x10 [ 218.404001] ? debug_smp_processor_id+0x20/0x30 [ 218.404418] ? rcu_is_watching+0x19/0xb0 [ 218.404775] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.405217] ? trace_hardirqs_on+0x26/0x120 [ 218.405723] do_group_exit+0xe0/0x2b0 [ 218.406065] __x64_sys_exit_group+0x47/0x50 [ 218.406445] do_syscall_64+0x3b/0x90 [ 218.406837] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.407318] RIP: 0033:0x7f4b87518a4d [ 218.407733] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.408357] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.409029] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.409706] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.410424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.411077] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.411726] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.412527] [ 218.412738] irq event stamp: 0 [ 218.413012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.413597] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.414598] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.415397] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.415986] ---[ end trace 0000000000000000 ]--- [ 218.421308] ------------[ cut here ]------------ [ 218.421815] WARNING: CPU: 1 PID: 2085 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.422807] Modules linked in: [ 218.423251] CPU: 1 PID: 2085 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.424058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.425146] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.425707] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.427539] RSP: 0018:ffff88800ea4fbb8 EFLAGS: 00010246 [ 218.428068] RAX: 0000000000000000 RBX: ffff888011e0b8a8 RCX: 0000000000000000 [ 218.428739] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 218.429532] RBP: ffff88800ea4fbd0 R08: ffffed10023c1733 R09: ffffed10023c1733 [ 218.430358] R10: ffff888011e0b993 R11: ffffed10023c1732 R12: ffff888013b66c00 [ 218.431084] R13: ffff888011e0b9e8 R14: ffffffff8352e670 R15: ffff88800ea4fe68 [ 218.431786] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.432550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.433110] CR2: 00007f4b877410e8 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 218.433781] PKRU: 55555554 [ 218.434051] Call Trace: [ 218.434297] [ 218.434543] __iommufd_access_detach+0x1c2/0x2b0 [ 218.435009] iommufd_access_change_pt+0x149/0x270 [ 218.435486] iommufd_access_replace+0xb4/0x120 [ 218.435935] iommufd_test+0x3e5/0x37e0 [ 218.436311] ? lock_release+0x532/0x770 [ 218.436705] ? __might_fault+0x102/0x1b0 [ 218.437096] ? lock_acquire+0x427/0x4c0 [ 218.437488] ? __pfx_iommufd_test+0x10/0x10 [ 218.437897] ? __pfx_lock_release+0x10/0x10 [ 218.438318] ? __pfx_lock_acquire+0x10/0x10 [ 218.438777] ? write_comp_data+0x2f/0x90 [ 218.439198] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.439673] ? write_comp_data+0x2f/0x90 [ 218.440071] iommufd_fops_ioctl+0x37d/0x510 [ 218.440490] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.440954] ? write_comp_data+0x2f/0x90 [ 218.441348] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.441807] __x64_sys_ioctl+0x1a3/0x230 [ 218.442205] do_syscall_64+0x3b/0x90 [ 218.442603] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.443110] RIP: 0033:0x7f4b8743ee5d [ 218.443476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.445182] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.445906] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.446609] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.447306] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.447974] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.448641] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.449311] [ 218.449536] irq event stamp: 0 [ 218.449829] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.450414] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.451217] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.451998] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.452581] ---[ end trace 0000000000000000 ]--- [ 218.455804] ------------[ cut here ]------------ [ 218.456288] WARNING: CPU: 1 PID: 2085 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.457255] Modules linked in: [ 218.457554] CPU: 1 PID: 2085 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.458376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.459475] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.459953] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.461743] RSP: 0018:ffff88800ea4fbd0 EFLAGS: 00010246 [ 218.462244] RAX: 0000000000000000 RBX: ffff888011e0b8a8 RCX: 0000000000000000 [ 218.463021] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 218.463707] RBP: ffff88800ea4fbe8 R08: ffffed10023c1733 R09: ffffed10023c1733 [ 218.464382] R10: ffff888011e0b993 R11: ffffed10023c1732 R12: ffff888018b89000 [ 218.465044] R13: ffff888011e0b9e8 R14: ffff88800fd75a00 R15: 0000000000000000 [ 218.465705] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.466467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.467059] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 218.467745] PKRU: 55555554 [ 218.468019] Call Trace: [ 218.468261] [ 218.468475] iommufd_access_destroy_object+0x65/0x170 [ 218.468969] iommufd_object_destroy_user+0x18e/0x220 [ 218.469457] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.470007] iommufd_access_destroy+0x43/0x70 [ 218.470439] iommufd_test_staccess_release+0x8d/0xd0 [ 218.470955] __fput+0x26d/0xa40 [ 218.471292] ____fput+0x1e/0x30 [ 218.471614] task_work_run+0x1a4/0x2d0 [ 218.471991] ? __pfx_task_work_run+0x10/0x10 [ 218.472411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.472868] ? switch_task_namespaces+0xa9/0xe0 [ 218.473309] do_exit+0xb17/0x2ef0 [ 218.473641] ? lock_acquire+0x427/0x4c0 [ 218.474025] ? __pfx_lock_release+0x10/0x10 [ 218.474438] ? __kasan_check_write+0x18/0x20 [ 218.474875] ? do_raw_spin_lock+0x132/0x2a0 [ 218.475288] ? __pfx_do_exit+0x10/0x10 [ 218.475663] ? debug_smp_processor_id+0x20/0x30 [ 218.476091] ? rcu_is_watching+0x19/0xb0 [ 218.476461] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.476876] ? trace_hardirqs_on+0x26/0x120 [ 218.477274] do_group_exit+0xe0/0x2b0 [ 218.477623] __x64_sys_exit_group+0x47/0x50 [ 218.478012] do_syscall_64+0x3b/0x90 [ 218.478358] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.478854] RIP: 0033:0x7f4b87518a4d [ 218.479217] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.479781] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.480472] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.481116] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.481738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.482350] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.482977] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.483601] [ 218.483806] irq event stamp: 0 [ 218.484078] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.484618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.485329] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.486041] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.486601] ---[ end trace 0000000000000000 ]--- [ 218.487347] ------------[ cut here ]------------ [ 218.487748] WARNING: CPU: 1 PID: 2085 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.488619] Modules linked in: [ 218.488896] CPU: 1 PID: 2085 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.489646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.490630] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.491074] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.492634] RSP: 0018:ffff88800ea4fb78 EFLAGS: 00010246 [ 218.493145] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.493746] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 218.494352] RBP: ffff88800ea4fb98 R08: ffffed10023c173e R09: ffffed10023c173e [ 218.494987] R10: ffff888011e0b9ef R11: ffffed10023c173d R12: ffff888011e0ba90 [ 218.495604] R13: ffff888011e0b8a8 R14: ffffffffffffffff R15: ffff88800ea4fc60 [ 218.496223] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.496901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.497400] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 218.498003] PKRU: 55555554 [ 218.498244] Call Trace: [ 218.498463] [ 218.498677] iommufd_ioas_destroy+0x53/0x70 [ 218.499054] iommufd_fops_release+0x1f7/0x370 [ 218.499455] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.499886] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.500311] ? write_comp_data+0x2f/0x90 [ 218.500653] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.501060] __fput+0x26d/0xa40 [ 218.501340] ____fput+0x1e/0x30 [ 218.501615] task_work_run+0x1a4/0x2d0 [ 218.501934] ? __pfx_task_work_run+0x10/0x10 [ 218.502290] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.502706] ? switch_task_namespaces+0xa9/0xe0 [ 218.503095] do_exit+0xb17/0x2ef0 [ 218.503387] ? lock_acquire+0x427/0x4c0 [ 218.503721] ? __pfx_lock_release+0x10/0x10 [ 218.504079] ? __kasan_check_write+0x18/0x20 [ 218.504441] ? do_raw_spin_lock+0x132/0x2a0 [ 218.504791] ? __pfx_do_exit+0x10/0x10 [ 218.505112] ? debug_smp_processor_id+0x20/0x30 [ 218.505490] ? rcu_is_watching+0x19/0xb0 [ 218.505826] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.506197] ? trace_hardirqs_on+0x26/0x120 [ 218.506571] do_group_exit+0xe0/0x2b0 [ 218.506979] __x64_sys_exit_group+0x47/0x50 [ 218.507334] do_syscall_64+0x3b/0x90 [ 218.507644] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.508068] RIP: 0033:0x7f4b87518a4d [ 218.508370] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.508861] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.509472] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.510054] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.510861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.511458] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.512043] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.512637] [ 218.512865] irq event stamp: 0 [ 218.513206] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.513714] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.514381] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.515076] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.515663] ---[ end trace 0000000000000000 ]--- [ 218.520713] ------------[ cut here ]------------ [ 218.521114] WARNING: CPU: 1 PID: 2086 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.522047] Modules linked in: [ 218.522305] CPU: 1 PID: 2086 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.523141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.524176] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.524577] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.526207] RSP: 0018:ffff888017357bb8 EFLAGS: 00010246 [ 218.526659] RAX: 0000000000000000 RBX: ffff88801299d8a8 RCX: 0000000000000000 [ 218.527242] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 218.527947] RBP: ffff888017357bd0 R08: ffffed1002533b33 R09: ffffed1002533b33 [ 218.528522] R10: ffff88801299d993 R11: ffffed1002533b32 R12: ffff88801341fc00 [ 218.529099] R13: ffff88801299d9e8 R14: ffffffff8352e670 R15: ffff888017357e68 [ 218.529794] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.530448] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.530941] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 218.531552] PKRU: 55555554 [ 218.531894] Call Trace: [ 218.532102] [ 218.532286] __iommufd_access_detach+0x1c2/0x2b0 [ 218.532684] iommufd_access_change_pt+0x149/0x270 [ 218.533115] iommufd_access_replace+0xb4/0x120 [ 218.533563] iommufd_test+0x3e5/0x37e0 [ 218.533934] ? lock_release+0x532/0x770 [ 218.534265] ? __might_fault+0x102/0x1b0 [ 218.534626] ? lock_acquire+0x427/0x4c0 [ 218.534961] ? __pfx_iommufd_test+0x10/0x10 [ 218.535315] ? __pfx_lock_release+0x10/0x10 [ 218.535726] ? __pfx_lock_acquire+0x10/0x10 [ 218.536145] ? write_comp_data+0x2f/0x90 [ 218.536486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.536885] ? write_comp_data+0x2f/0x90 [ 218.537229] iommufd_fops_ioctl+0x37d/0x510 [ 218.537648] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.538112] ? write_comp_data+0x2f/0x90 [ 218.538451] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.538891] __x64_sys_ioctl+0x1a3/0x230 [ 218.539247] do_syscall_64+0x3b/0x90 [ 218.539561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.540128] RIP: 0033:0x7f4b8743ee5d [ 218.540435] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.542006] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.542651] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.543245] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.543892] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.544539] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.545116] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.545763] [ 218.546028] irq event stamp: 0 [ 218.546286] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.546825] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.547515] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.548339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.548846] ---[ end trace 0000000000000000 ]--- [ 218.551648] ------------[ cut here ]------------ [ 218.552121] WARNING: CPU: 1 PID: 2086 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.552937] Modules linked in: [ 218.553197] CPU: 1 PID: 2086 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.553895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.554822] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.555230] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.556689] RSP: 0018:ffff888017357bd0 EFLAGS: 00010246 [ 218.557175] RAX: 0000000000000000 RBX: ffff88801299d8a8 RCX: 0000000000000000 [ 218.557750] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 218.558318] RBP: ffff888017357be8 R08: ffffed1002533b33 R09: ffffed1002533b33 [ 218.558906] R10: ffff88801299d993 R11: ffffed1002533b32 R12: ffff88800fcb3c00 [ 218.559496] R13: ffff88801299d9e8 R14: ffff8880138eb000 R15: 0000000000000000 [ 218.560071] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.560712] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.561175] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 218.561747] PKRU: 55555554 [ 218.561979] Call Trace: [ 218.562185] [ 218.562370] iommufd_access_destroy_object+0x65/0x170 [ 218.562814] iommufd_object_destroy_user+0x18e/0x220 [ 218.563247] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.563718] iommufd_access_destroy+0x43/0x70 [ 218.564089] iommufd_test_staccess_release+0x8d/0xd0 [ 218.564507] __fput+0x26d/0xa40 [ 218.564791] ____fput+0x1e/0x30 [ 218.565067] task_work_run+0x1a4/0x2d0 [ 218.565389] ? __pfx_task_work_run+0x10/0x10 [ 218.565749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.566149] ? switch_task_namespaces+0xa9/0xe0 [ 218.566555] do_exit+0xb17/0x2ef0 [ 218.566843] ? lock_acquire+0x427/0x4c0 [ 218.567187] ? __pfx_lock_release+0x10/0x10 [ 218.567548] ? __kasan_check_write+0x18/0x20 [ 218.567910] ? do_raw_spin_lock+0x132/0x2a0 [ 218.568256] ? __pfx_do_exit+0x10/0x10 [ 218.568578] ? debug_smp_processor_id+0x20/0x30 [ 218.568960] ? rcu_is_watching+0x19/0xb0 [ 218.569290] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.569662] ? trace_hardirqs_on+0x26/0x120 [ 218.570018] do_group_exit+0xe0/0x2b0 [ 218.570328] __x64_sys_exit_group+0x47/0x50 [ 218.570708] do_syscall_64+0x3b/0x90 [ 218.571021] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.571451] RIP: 0033:0x7f4b87518a4d [ 218.571753] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.572243] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.572849] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.573416] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.573991] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.574584] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.575184] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.575769] [ 218.575962] irq event stamp: 0 [ 218.576218] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.576724] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.577399] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.578076] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.578611] ---[ end trace 0000000000000000 ]--- [ 218.579330] ------------[ cut here ]------------ [ 218.579702] WARNING: CPU: 1 PID: 2086 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.580495] Modules linked in: [ 218.580749] CPU: 1 PID: 2086 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.581427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.582300] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.582731] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.584154] RSP: 0018:ffff888017357b78 EFLAGS: 00010246 [ 218.584580] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.585136] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 218.585694] RBP: ffff888017357b98 R08: ffffed1002533b3e R09: ffffed1002533b3e [ 218.586251] R10: ffff88801299d9ef R11: ffffed1002533b3d R12: ffff88801299da90 [ 218.586828] R13: ffff88801299d8a8 R14: ffffffffffffffff R15: ffff888017357c60 [ 218.587387] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 218.588014] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.588471] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 218.589083] PKRU: 55555554 [ 218.589303] Call Trace: [ 218.589501] [ 218.589679] iommufd_ioas_destroy+0x53/0x70 [ 218.590024] iommufd_fops_release+0x1f7/0x370 [ 218.590385] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.590802] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.591201] ? write_comp_data+0x2f/0x90 [ 218.591527] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.591914] __fput+0x26d/0xa40 [ 218.592183] ____fput+0x1e/0x30 [ 218.592450] task_work_run+0x1a4/0x2d0 [ 218.592758] ? __pfx_task_work_run+0x10/0x10 [ 218.593099] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.593477] ? switch_task_namespaces+0xa9/0xe0 [ 218.593846] do_exit+0xb17/0x2ef0 [ 218.594115] ? lock_acquire+0x427/0x4c0 [ 218.594430] ? __pfx_lock_release+0x10/0x10 [ 218.594789] ? __kasan_check_write+0x18/0x20 [ 218.595143] ? do_raw_spin_lock+0x132/0x2a0 [ 218.595481] ? __pfx_do_exit+0x10/0x10 [ 218.595789] ? debug_smp_processor_id+0x20/0x30 [ 218.596154] ? rcu_is_watching+0x19/0xb0 [ 218.596469] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.596822] ? trace_hardirqs_on+0x26/0x120 [ 218.597164] do_group_exit+0xe0/0x2b0 [ 218.597460] __x64_sys_exit_group+0x47/0x50 [ 218.597791] do_syscall_64+0x3b/0x90 [ 218.598086] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.598488] RIP: 0033:0x7f4b87518a4d [ 218.598799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.599279] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.599859] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.600408] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.600956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.601501] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.602044] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.602615] [ 218.602801] irq event stamp: 0 [ 218.603046] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.603536] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.604176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.604814] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.605296] ---[ end trace 0000000000000000 ]--- [ 218.609172] ------------[ cut here ]------------ [ 218.609584] WARNING: CPU: 0 PID: 2087 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.610369] Modules linked in: [ 218.610851] CPU: 0 PID: 2087 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.611542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.612413] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.612800] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.614207] RSP: 0018:ffff8880184c7bb8 EFLAGS: 00010246 [ 218.614637] RAX: 0000000000000000 RBX: ffff8880104628a8 RCX: 0000000000000000 [ 218.615192] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 218.615743] RBP: ffff8880184c7bd0 R08: ffffed100208c533 R09: ffffed100208c533 [ 218.616295] R10: ffff888010462993 R11: ffffed100208c532 R12: ffff888010c08800 [ 218.616845] R13: ffff8880104629e8 R14: ffffffff8352e670 R15: ffff8880184c7e68 [ 218.617391] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.618007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.618451] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 218.619014] PKRU: 55555554 [ 218.619245] Call Trace: [ 218.619445] [ 218.619624] __iommufd_access_detach+0x1c2/0x2b0 [ 218.620010] iommufd_access_change_pt+0x149/0x270 [ 218.620398] iommufd_access_replace+0xb4/0x120 [ 218.620764] iommufd_test+0x3e5/0x37e0 [ 218.621074] ? lock_release+0x532/0x770 [ 218.621395] ? __might_fault+0x102/0x1b0 [ 218.621717] ? lock_acquire+0x427/0x4c0 [ 218.622037] ? __pfx_iommufd_test+0x10/0x10 [ 218.622373] ? __pfx_lock_release+0x10/0x10 [ 218.622735] ? __pfx_lock_acquire+0x10/0x10 [ 218.623085] ? write_comp_data+0x2f/0x90 [ 218.623417] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.623803] ? write_comp_data+0x2f/0x90 [ 218.624130] iommufd_fops_ioctl+0x37d/0x510 [ 218.624473] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.624860] ? write_comp_data+0x2f/0x90 [ 218.625185] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.625568] __x64_sys_ioctl+0x1a3/0x230 [ 218.625897] do_syscall_64+0x3b/0x90 [ 218.626199] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.626626] RIP: 0033:0x7f4b8743ee5d [ 218.626918] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.628334] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.628925] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.629474] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.630025] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.630594] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.631155] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.631719] [ 218.631901] irq event stamp: 0 [ 218.632147] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.632639] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.633277] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.633907] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.634389] ---[ end trace 0000000000000000 ]--- [ 218.637167] ------------[ cut here ]------------ [ 218.637553] WARNING: CPU: 0 PID: 2087 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.638315] Modules linked in: [ 218.638603] CPU: 0 PID: 2087 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.639270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.640116] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.640495] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.641859] RSP: 0018:ffff8880184c7bd0 EFLAGS: 00010246 [ 218.642260] RAX: 0000000000000000 RBX: ffff8880104628a8 RCX: 0000000000000000 [ 218.642815] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 218.643360] RBP: ffff8880184c7be8 R08: ffffed100208c533 R09: ffffed100208c533 [ 218.643895] R10: ffff888010462993 R11: ffffed100208c532 R12: ffff888010824c00 [ 218.644434] R13: ffff8880104629e8 R14: ffff888020a72900 R15: 0000000000000000 [ 218.644972] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.645576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.646013] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.646567] PKRU: 55555554 [ 218.646783] Call Trace: [ 218.646979] [ 218.647159] iommufd_access_destroy_object+0x65/0x170 [ 218.647555] iommufd_object_destroy_user+0x18e/0x220 [ 218.647944] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.648392] iommufd_access_destroy+0x43/0x70 [ 218.648745] iommufd_test_staccess_release+0x8d/0xd0 [ 218.649137] __fput+0x26d/0xa40 [ 218.649407] ____fput+0x1e/0x30 [ 218.649667] task_work_run+0x1a4/0x2d0 [ 218.649969] ? __pfx_task_work_run+0x10/0x10 [ 218.650308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.650701] ? switch_task_namespaces+0xa9/0xe0 [ 218.651070] do_exit+0xb17/0x2ef0 [ 218.651343] ? lock_acquire+0x427/0x4c0 [ 218.651653] ? __pfx_lock_release+0x10/0x10 [ 218.651989] ? __kasan_check_write+0x18/0x20 [ 218.652327] ? do_raw_spin_lock+0x132/0x2a0 [ 218.652658] ? __pfx_do_exit+0x10/0x10 [ 218.652963] ? debug_smp_processor_id+0x20/0x30 [ 218.653325] ? rcu_is_watching+0x19/0xb0 [ 218.653636] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.653984] ? trace_hardirqs_on+0x26/0x120 [ 218.654322] do_group_exit+0xe0/0x2b0 [ 218.654638] __x64_sys_exit_group+0x47/0x50 [ 218.654968] do_syscall_64+0x3b/0x90 [ 218.655267] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.655668] RIP: 0033:0x7f4b87518a4d [ 218.655950] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.656416] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.656988] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.657519] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.658051] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.658607] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.659153] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.659700] [ 218.659878] irq event stamp: 0 [ 218.660117] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.660591] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.661215] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.661842] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.662314] ---[ end trace 0000000000000000 ]--- [ 218.663010] ------------[ cut here ]------------ [ 218.663372] WARNING: CPU: 0 PID: 2087 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.664137] Modules linked in: [ 218.664381] CPU: 0 PID: 2087 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.665038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.665878] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.666265] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.667657] RSP: 0018:ffff8880184c7b78 EFLAGS: 00010246 [ 218.668058] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.668592] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 218.669125] RBP: ffff8880184c7b98 R08: ffffed100208c53e R09: ffffed100208c53e [ 218.669657] R10: ffff8880104629ef R11: ffffed100208c53d R12: ffff888010462a90 [ 218.670189] R13: ffff8880104628a8 R14: ffffffffffffffff R15: ffff8880184c7c60 [ 218.670740] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.671348] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.671779] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.672322] PKRU: 55555554 [ 218.672541] Call Trace: [ 218.672739] [ 218.672909] iommufd_ioas_destroy+0x53/0x70 [ 218.673240] iommufd_fops_release+0x1f7/0x370 [ 218.673587] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.673965] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.674338] ? write_comp_data+0x2f/0x90 [ 218.674674] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.675057] __fput+0x26d/0xa40 [ 218.675324] ____fput+0x1e/0x30 [ 218.675581] task_work_run+0x1a4/0x2d0 [ 218.675887] ? __pfx_task_work_run+0x10/0x10 [ 218.676230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.676606] ? switch_task_namespaces+0xa9/0xe0 [ 218.676973] do_exit+0xb17/0x2ef0 [ 218.677238] ? lock_acquire+0x427/0x4c0 [ 218.677548] ? __pfx_lock_release+0x10/0x10 [ 218.677880] ? __kasan_check_write+0x18/0x20 [ 218.678220] ? do_raw_spin_lock+0x132/0x2a0 [ 218.678578] ? __pfx_do_exit+0x10/0x10 [ 218.678884] ? debug_smp_processor_id+0x20/0x30 [ 218.679248] ? rcu_is_watching+0x19/0xb0 [ 218.679564] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.679916] ? trace_hardirqs_on+0x26/0x120 [ 218.680251] do_group_exit+0xe0/0x2b0 [ 218.680544] __x64_sys_exit_group+0x47/0x50 [ 218.680873] do_syscall_64+0x3b/0x90 [ 218.681165] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.681568] RIP: 0033:0x7f4b87518a4d [ 218.681857] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.682324] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.682921] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.683463] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.683995] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.684524] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.685062] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.685610] [ 218.685784] irq event stamp: 0 [ 218.686020] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.686489] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.687144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.687774] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.688240] ---[ end trace 0000000000000000 ]--- [ 218.692417] ------------[ cut here ]------------ [ 218.692801] WARNING: CPU: 0 PID: 2088 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.693550] Modules linked in: [ 218.693787] CPU: 0 PID: 2088 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.694433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.695507] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.695879] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.697249] RSP: 0018:ffff888014ae7bb8 EFLAGS: 00010246 [ 218.697645] RAX: 0000000000000000 RBX: ffff888015fe30a8 RCX: 0000000000000000 [ 218.698171] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 218.698717] RBP: ffff888014ae7bd0 R08: ffffed1002bfc633 R09: ffffed1002bfc633 [ 218.699252] R10: ffff888015fe3193 R11: ffffed1002bfc632 R12: ffff88800f256400 [ 218.699783] R13: ffff888015fe31e8 R14: ffffffff8352e670 R15: ffff888014ae7e68 [ 218.700307] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.700899] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.701336] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 218.701867] PKRU: 55555554 [ 218.702082] Call Trace: [ 218.702277] [ 218.702450] __iommufd_access_detach+0x1c2/0x2b0 [ 218.702839] iommufd_access_change_pt+0x149/0x270 [ 218.703216] iommufd_access_replace+0xb4/0x120 [ 218.703574] iommufd_test+0x3e5/0x37e0 [ 218.703871] ? lock_release+0x532/0x770 [ 218.704179] ? __might_fault+0x102/0x1b0 [ 218.704490] ? lock_acquire+0x427/0x4c0 [ 218.704797] ? __pfx_iommufd_test+0x10/0x10 [ 218.705120] ? __pfx_lock_release+0x10/0x10 [ 218.705449] ? __pfx_lock_acquire+0x10/0x10 [ 218.705785] ? write_comp_data+0x2f/0x90 [ 218.706098] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.706466] ? write_comp_data+0x2f/0x90 [ 218.706803] iommufd_fops_ioctl+0x37d/0x510 [ 218.707149] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.707520] ? write_comp_data+0x2f/0x90 [ 218.707833] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.708197] __x64_sys_ioctl+0x1a3/0x230 [ 218.708509] do_syscall_64+0x3b/0x90 [ 218.708800] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.709195] RIP: 0033:0x7f4b8743ee5d [ 218.709475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.710847] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.711425] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.711953] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.712480] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.713005] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.713539] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.714076] [ 218.714251] irq event stamp: 0 [ 218.714486] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.714976] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.715606] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.716230] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.716697] ---[ end trace 0000000000000000 ]--- [ 218.719624] ------------[ cut here ]------------ [ 218.720014] WARNING: CPU: 0 PID: 2088 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.720766] Modules linked in: [ 218.721006] CPU: 0 PID: 2088 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.721652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.722482] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.722875] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.724228] RSP: 0018:ffff888014ae7bd0 EFLAGS: 00010246 [ 218.724626] RAX: 0000000000000000 RBX: ffff888015fe30a8 RCX: 0000000000000000 [ 218.725153] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 218.725680] RBP: ffff888014ae7be8 R08: ffffed1002bfc633 R09: ffffed1002bfc633 [ 218.726208] R10: ffff888015fe3193 R11: ffffed1002bfc632 R12: ffff888010c09c00 [ 218.726753] R13: ffff888015fe31e8 R14: ffff888013eb4500 R15: 0000000000000000 [ 218.727288] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.727885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.728318] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.728846] PKRU: 55555554 [ 218.729057] Call Trace: [ 218.729248] [ 218.729420] iommufd_access_destroy_object+0x65/0x170 [ 218.729810] iommufd_object_destroy_user+0x18e/0x220 [ 218.730198] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.730654] iommufd_access_destroy+0x43/0x70 [ 218.731004] iommufd_test_staccess_release+0x8d/0xd0 [ 218.731399] __fput+0x26d/0xa40 [ 218.731664] ____fput+0x1e/0x30 [ 218.731920] task_work_run+0x1a4/0x2d0 [ 218.732221] ? __pfx_task_work_run+0x10/0x10 [ 218.732562] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.732933] ? switch_task_namespaces+0xa9/0xe0 [ 218.733292] do_exit+0xb17/0x2ef0 [ 218.733556] ? lock_acquire+0x427/0x4c0 [ 218.733863] ? __pfx_lock_release+0x10/0x10 [ 218.734192] ? __kasan_check_write+0x18/0x20 [ 218.734547] ? do_raw_spin_lock+0x132/0x2a0 [ 218.734877] ? __pfx_do_exit+0x10/0x10 [ 218.735187] ? debug_smp_processor_id+0x20/0x30 [ 218.735544] ? rcu_is_watching+0x19/0xb0 [ 218.735851] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.736193] ? trace_hardirqs_on+0x26/0x120 [ 218.736528] do_group_exit+0xe0/0x2b0 [ 218.736825] __x64_sys_exit_group+0x47/0x50 [ 218.737147] do_syscall_64+0x3b/0x90 [ 218.737434] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.737830] RIP: 0033:0x7f4b87518a4d [ 218.738115] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.738596] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.739171] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.739701] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.740226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.740754] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.741278] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.741811] [ 218.741987] irq event stamp: 0 [ 218.742221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.742703] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.743327] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.743948] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.744413] ---[ end trace 0000000000000000 ]--- [ 218.745078] ------------[ cut here ]------------ [ 218.745428] WARNING: CPU: 0 PID: 2088 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.746184] Modules linked in: [ 218.746423] CPU: 0 PID: 2088 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.747082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.747925] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.748310] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.749658] RSP: 0018:ffff888014ae7b78 EFLAGS: 00010246 [ 218.750054] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.750599] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 218.751132] RBP: ffff888014ae7b98 R08: ffffed1002bfc63e R09: ffffed1002bfc63e [ 218.751661] R10: ffff888015fe31ef R11: ffffed1002bfc63d R12: ffff888015fe3290 [ 218.752188] R13: ffff888015fe30a8 R14: ffffffffffffffff R15: ffff888014ae7c60 [ 218.752714] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.753310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.753745] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.754281] PKRU: 55555554 [ 218.754494] Call Trace: [ 218.754705] [ 218.754878] iommufd_ioas_destroy+0x53/0x70 [ 218.755215] iommufd_fops_release+0x1f7/0x370 [ 218.755559] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.755936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.756318] ? write_comp_data+0x2f/0x90 [ 218.756637] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.757014] __fput+0x26d/0xa40 [ 218.757274] ____fput+0x1e/0x30 [ 218.757528] task_work_run+0x1a4/0x2d0 [ 218.757828] ? __pfx_task_work_run+0x10/0x10 [ 218.758162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.758550] ? switch_task_namespaces+0xa9/0xe0 [ 218.758913] do_exit+0xb17/0x2ef0 [ 218.759188] ? lock_acquire+0x427/0x4c0 [ 218.759494] ? __pfx_lock_release+0x10/0x10 [ 218.759822] ? __kasan_check_write+0x18/0x20 [ 218.760158] ? do_raw_spin_lock+0x132/0x2a0 [ 218.760485] ? __pfx_do_exit+0x10/0x10 [ 218.760784] ? debug_smp_processor_id+0x20/0x30 [ 218.761133] ? rcu_is_watching+0x19/0xb0 [ 218.761439] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.761785] ? trace_hardirqs_on+0x26/0x120 [ 218.762113] do_group_exit+0xe0/0x2b0 [ 218.762399] __x64_sys_exit_group+0x47/0x50 [ 218.762735] do_syscall_64+0x3b/0x90 [ 218.763025] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.763430] RIP: 0033:0x7f4b87518a4d [ 218.763717] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.764598] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.765166] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.765719] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.766431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.766985] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.767524] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.768197] [ 218.768373] irq event stamp: 0 [ 218.768610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.769079] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.769827] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.770445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.770944] ---[ end trace 0000000000000000 ]--- [ 218.775697] ------------[ cut here ]------------ [ 218.776216] WARNING: CPU: 0 PID: 2089 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.776988] Modules linked in: [ 218.777230] CPU: 0 PID: 2089 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.778020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.778892] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.779293] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.780779] RSP: 0018:ffff8880184c7bb8 EFLAGS: 00010246 [ 218.781306] RAX: 0000000000000000 RBX: ffff88800ed6f8a8 RCX: 0000000000000000 [ 218.781857] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 218.782411] RBP: ffff8880184c7bd0 R08: ffffed1001dadf33 R09: ffffed1001dadf33 [ 218.783090] R10: ffff88800ed6f993 R11: ffffed1001dadf32 R12: ffff888013e27000 [ 218.783696] R13: ffff88800ed6f9e8 R14: ffffffff8352e670 R15: ffff8880184c7e68 [ 218.784249] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.784871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.785319] CR2: 00007f4b877410e8 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 218.785873] PKRU: 55555554 [ 218.786094] Call Trace: [ 218.786296] [ 218.786476] __iommufd_access_detach+0x1c2/0x2b0 [ 218.786890] iommufd_access_change_pt+0x149/0x270 [ 218.787287] iommufd_access_replace+0xb4/0x120 [ 218.787654] iommufd_test+0x3e5/0x37e0 [ 218.787958] ? lock_release+0x532/0x770 [ 218.788277] ? __might_fault+0x102/0x1b0 [ 218.788604] ? lock_acquire+0x427/0x4c0 [ 218.788925] ? __pfx_iommufd_test+0x10/0x10 [ 218.789265] ? __pfx_lock_release+0x10/0x10 [ 218.789613] ? __pfx_lock_acquire+0x10/0x10 [ 218.789959] ? write_comp_data+0x2f/0x90 [ 218.790286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.790686] ? write_comp_data+0x2f/0x90 [ 218.791015] iommufd_fops_ioctl+0x37d/0x510 [ 218.791363] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.791749] ? write_comp_data+0x2f/0x90 [ 218.792076] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.792454] __x64_sys_ioctl+0x1a3/0x230 [ 218.792782] do_syscall_64+0x3b/0x90 [ 218.793083] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.793493] RIP: 0033:0x7f4b8743ee5d [ 218.793785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.795207] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.795807] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.796359] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.796910] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.797459] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.798014] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.798595] [ 218.798779] irq event stamp: 0 [ 218.799026] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.799523] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.800172] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.800818] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.801309] ---[ end trace 0000000000000000 ]--- [ 218.804351] ------------[ cut here ]------------ [ 218.804735] WARNING: CPU: 0 PID: 2089 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.805522] Modules linked in: [ 218.805832] CPU: 0 PID: 2089 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.806593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.807477] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.808014] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.809557] RSP: 0018:ffff8880184c7bd0 EFLAGS: 00010246 [ 218.809976] RAX: 0000000000000000 RBX: ffff88800ed6f8a8 RCX: 0000000000000000 [ 218.810543] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 218.811166] RBP: ffff8880184c7be8 R08: ffffed1001dadf33 R09: ffffed1001dadf33 [ 218.811809] R10: ffff88800ed6f993 R11: ffffed1001dadf32 R12: ffff88800f254800 [ 218.812359] R13: ffff88800ed6f9e8 R14: ffff888020df3600 R15: 0000000000000000 [ 218.813045] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.813670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.814122] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.814827] PKRU: 55555554 [ 218.815050] Call Trace: [ 218.815262] [ 218.815439] iommufd_access_destroy_object+0x65/0x170 [ 218.815849] iommufd_object_destroy_user+0x18e/0x220 [ 218.816253] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.816872] iommufd_access_destroy+0x43/0x70 [ 218.817241] iommufd_test_staccess_release+0x8d/0xd0 [ 218.817653] __fput+0x26d/0xa40 [ 218.817934] ____fput+0x1e/0x30 [ 218.818270] task_work_run+0x1a4/0x2d0 [ 218.818687] ? __pfx_task_work_run+0x10/0x10 [ 218.819065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.819482] ? switch_task_namespaces+0xa9/0xe0 [ 218.819875] do_exit+0xb17/0x2ef0 [ 218.820166] ? lock_acquire+0x427/0x4c0 [ 218.820676] ? __pfx_lock_release+0x10/0x10 [ 218.821041] ? __kasan_check_write+0x18/0x20 [ 218.821415] ? do_raw_spin_lock+0x132/0x2a0 [ 218.821775] ? __pfx_do_exit+0x10/0x10 [ 218.822157] ? debug_smp_processor_id+0x20/0x30 [ 218.822644] ? rcu_is_watching+0x19/0xb0 [ 218.822983] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.823371] ? trace_hardirqs_on+0x26/0x120 [ 218.823742] do_group_exit+0xe0/0x2b0 [ 218.824062] __x64_sys_exit_group+0x47/0x50 [ 218.824493] do_syscall_64+0x3b/0x90 [ 218.824910] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.825342] RIP: 0033:0x7f4b87518a4d [ 218.825648] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.826201] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.826923] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.827523] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.828106] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.828846] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.829425] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.830041] [ 218.830323] irq event stamp: 0 [ 218.830598] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.831119] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.831820] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.832660] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.833177] ---[ end trace 0000000000000000 ]--- [ 218.833955] ------------[ cut here ]------------ [ 218.834344] WARNING: CPU: 0 PID: 2089 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.835223] Modules linked in: [ 218.835491] CPU: 0 PID: 2089 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.836370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.837291] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.837867] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.839534] RSP: 0018:ffff8880184c7b78 EFLAGS: 00010246 [ 218.839975] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.840553] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 218.841170] RBP: ffff8880184c7b98 R08: ffffed1001dadf3e R09: ffffed1001dadf3e [ 218.841860] R10: ffff88800ed6f9ef R11: ffffed1001dadf3d R12: ffff88800ed6fa90 [ 218.842439] R13: ffff88800ed6f8a8 R14: ffffffffffffffff R15: ffff8880184c7c60 [ 218.843212] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.843868] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.844356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.844987] PKRU: 55555554 [ 218.845322] Call Trace: [ 218.845535] [ 218.845719] iommufd_ioas_destroy+0x53/0x70 [ 218.846081] iommufd_fops_release+0x1f7/0x370 [ 218.846457] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.847029] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.847442] ? write_comp_data+0x2f/0x90 [ 218.847790] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.848208] __fput+0x26d/0xa40 [ 218.848499] ____fput+0x1e/0x30 [ 218.848835] task_work_run+0x1a4/0x2d0 [ 218.849253] ? __pfx_task_work_run+0x10/0x10 [ 218.849636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.850059] ? switch_task_namespaces+0xa9/0xe0 [ 218.850547] do_exit+0xb17/0x2ef0 [ 218.850934] ? lock_acquire+0x427/0x4c0 [ 218.851296] ? __pfx_lock_release+0x10/0x10 [ 218.851677] ? __kasan_check_write+0x18/0x20 [ 218.852062] ? do_raw_spin_lock+0x132/0x2a0 [ 218.852442] ? __pfx_do_exit+0x10/0x10 [ 218.852963] ? debug_smp_processor_id+0x20/0x30 [ 218.853371] ? rcu_is_watching+0x19/0xb0 [ 218.853729] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.854121] ? trace_hardirqs_on+0x26/0x120 [ 218.854666] do_group_exit+0xe0/0x2b0 [ 218.855001] __x64_sys_exit_group+0x47/0x50 [ 218.855380] do_syscall_64+0x3b/0x90 [ 218.855717] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.856178] RIP: 0033:0x7f4b87518a4d [ 218.856658] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.857191] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.857855] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.858665] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.859301] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.859960] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.860696] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.861329] [ 218.861539] irq event stamp: 0 [ 218.861887] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.862554] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.863295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.864191] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.864741] ---[ end trace 0000000000000000 ]--- [ 218.870158] ------------[ cut here ]------------ [ 218.870620] WARNING: CPU: 0 PID: 2090 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.871692] Modules linked in: [ 218.871974] CPU: 0 PID: 2090 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.872732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.873870] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.874304] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.876071] RSP: 0018:ffff8880103f7bb8 EFLAGS: 00010246 [ 218.876547] RAX: 0000000000000000 RBX: ffff888014ae10a8 RCX: 0000000000000000 [ 218.877167] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 218.877781] RBP: ffff8880103f7bd0 R08: ffffed100295c233 R09: ffffed100295c233 [ 218.878395] R10: ffff888014ae1193 R11: ffffed100295c232 R12: ffff888013db8400 [ 218.879028] R13: ffff888014ae11e8 R14: ffffffff8352e670 R15: ffff8880103f7e68 [ 218.879658] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.880356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.880860] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 218.881479] PKRU: 55555554 [ 218.881725] Call Trace: [ 218.881946] [ 218.882144] __iommufd_access_detach+0x1c2/0x2b0 [ 218.882591] iommufd_access_change_pt+0x149/0x270 [ 218.883022] iommufd_access_replace+0xb4/0x120 [ 218.883440] iommufd_test+0x3e5/0x37e0 [ 218.883785] ? lock_release+0x532/0x770 [ 218.884138] ? __might_fault+0x102/0x1b0 [ 218.884497] ? lock_acquire+0x427/0x4c0 [ 218.884849] ? __pfx_iommufd_test+0x10/0x10 [ 218.885219] ? __pfx_lock_release+0x10/0x10 [ 218.885601] ? __pfx_lock_acquire+0x10/0x10 [ 218.885984] ? write_comp_data+0x2f/0x90 [ 218.886343] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.886788] ? write_comp_data+0x2f/0x90 [ 218.887159] iommufd_fops_ioctl+0x37d/0x510 [ 218.887541] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.887966] ? write_comp_data+0x2f/0x90 [ 218.888325] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.888741] __x64_sys_ioctl+0x1a3/0x230 [ 218.889101] do_syscall_64+0x3b/0x90 [ 218.889433] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.889885] RIP: 0033:0x7f4b8743ee5d [ 218.890206] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 218.891801] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 218.892464] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 218.893074] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 218.893678] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 218.894281] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 218.894915] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 218.895540] [ 218.895743] irq event stamp: 0 [ 218.896012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.896551] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.897261] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.897968] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.898527] ---[ end trace 0000000000000000 ]--- [ 218.901867] ------------[ cut here ]------------ [ 218.902292] WARNING: CPU: 0 PID: 2090 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.903199] Modules linked in: [ 218.903477] CPU: 0 PID: 2090 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.904397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.905358] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.905843] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.907515] RSP: 0018:ffff8880103f7bd0 EFLAGS: 00010246 [ 218.908049] RAX: 0000000000000000 RBX: ffff888014ae10a8 RCX: 0000000000000000 [ 218.908749] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 218.909360] RBP: ffff8880103f7be8 R08: ffffed100295c233 R09: ffffed100295c233 [ 218.910044] R10: ffff888014ae1193 R11: ffffed100295c232 R12: ffff888013e25c00 [ 218.910768] R13: ffff888014ae11e8 R14: ffff8880103c6100 R15: 0000000000000000 [ 218.911380] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.912146] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.912737] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.913350] PKRU: 55555554 [ 218.913596] Call Trace: [ 218.913855] [ 218.914172] iommufd_access_destroy_object+0x65/0x170 [ 218.914653] iommufd_object_destroy_user+0x18e/0x220 [ 218.915097] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 218.915612] iommufd_access_destroy+0x43/0x70 [ 218.916058] iommufd_test_staccess_release+0x8d/0xd0 [ 218.916628] __fput+0x26d/0xa40 [ 218.916928] ____fput+0x1e/0x30 [ 218.917220] task_work_run+0x1a4/0x2d0 [ 218.917564] ? __pfx_task_work_run+0x10/0x10 [ 218.918027] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.918575] ? switch_task_namespaces+0xa9/0xe0 [ 218.918992] do_exit+0xb17/0x2ef0 [ 218.919300] ? lock_acquire+0x427/0x4c0 [ 218.919650] ? __pfx_lock_release+0x10/0x10 [ 218.920105] ? __kasan_check_write+0x18/0x20 [ 218.920590] ? do_raw_spin_lock+0x132/0x2a0 [ 218.920965] ? __pfx_do_exit+0x10/0x10 [ 218.921314] ? debug_smp_processor_id+0x20/0x30 [ 218.921739] ? rcu_is_watching+0x19/0xb0 [ 218.922224] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.922645] ? trace_hardirqs_on+0x26/0x120 [ 218.923028] do_group_exit+0xe0/0x2b0 [ 218.923372] __x64_sys_exit_group+0x47/0x50 [ 218.923747] do_syscall_64+0x3b/0x90 [ 218.924154] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.924708] RIP: 0033:0x7f4b87518a4d [ 218.925033] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.925559] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.926388] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.927026] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.927108] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 218.927650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.927659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.929443] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 218.930031] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.932485] [ 218.932685] irq event stamp: 0 [ 218.932953] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.933493] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.934208] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.934940] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.935572] ---[ end trace 0000000000000000 ]--- [ 218.936827] ------------[ cut here ]------------ [ 218.937241] WARNING: CPU: 0 PID: 2090 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 218.938114] Modules linked in: [ 218.938392] CPU: 0 PID: 2090 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.939360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.940333] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 218.940780] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 218.942333] RSP: 0018:ffff8880103f7b78 EFLAGS: 00010246 [ 218.942811] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 218.943598] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 218.944206] RBP: ffff8880103f7b98 R08: ffffed100295c23e R09: ffffed100295c23e [ 218.944815] R10: ffff888014ae11ef R11: ffffed100295c23d R12: ffff888014ae1290 [ 218.945422] R13: ffff888014ae10a8 R14: ffffffffffffffff R15: ffff8880103f7c60 [ 218.946031] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.946741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.947425] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 218.948037] PKRU: 55555554 [ 218.948281] Call Trace: [ 218.948505] [ 218.948699] iommufd_ioas_destroy+0x53/0x70 [ 218.949111] iommufd_fops_release+0x1f7/0x370 [ 218.949641] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.950079] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.950527] ? write_comp_data+0x2f/0x90 [ 218.950894] ? __pfx_iommufd_fops_release+0x10/0x10 [ 218.951408] __fput+0x26d/0xa40 [ 218.951803] ____fput+0x1e/0x30 [ 218.952100] task_work_run+0x1a4/0x2d0 [ 218.952446] ? __pfx_task_work_run+0x10/0x10 [ 218.952832] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.953336] ? switch_task_namespaces+0xa9/0xe0 [ 218.953828] do_exit+0xb17/0x2ef0 [ 218.954131] ? lock_acquire+0x427/0x4c0 [ 218.954482] ? __pfx_lock_release+0x10/0x10 [ 218.954882] ? __kasan_check_write+0x18/0x20 [ 218.955327] ? do_raw_spin_lock+0x132/0x2a0 [ 218.955795] ? __pfx_do_exit+0x10/0x10 [ 218.956142] ? debug_smp_processor_id+0x20/0x30 [ 218.956547] ? rcu_is_watching+0x19/0xb0 [ 218.956903] ? _raw_spin_unlock_irq+0x2b/0x60 [ 218.957297] ? trace_hardirqs_on+0x26/0x120 [ 218.957675] do_group_exit+0xe0/0x2b0 [ 218.958006] __x64_sys_exit_group+0x47/0x50 [ 218.958380] do_syscall_64+0x3b/0x90 [ 218.958745] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 218.959210] RIP: 0033:0x7f4b87518a4d [ 218.959537] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 218.960071] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.960740] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 218.961352] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 218.961965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 218.962602] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 218.963232] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 218.963848] [ 218.964049] irq event stamp: 0 [ 218.964318] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 218.964857] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 218.965574] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 218.966282] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 218.966838] ---[ end trace 0000000000000000 ]--- [ 218.981393] ------------[ cut here ]------------ [ 218.981820] WARNING: CPU: 0 PID: 2092 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 218.982894] Modules linked in: [ 218.983186] CPU: 0 PID: 2092 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 218.983939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 218.985072] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 218.985506] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 218.987295] RSP: 0018:ffff88800baffbb8 EFLAGS: 00010246 [ 218.987766] RAX: 0000000000000000 RBX: ffff88802465c8a8 RCX: 0000000000000000 [ 218.988396] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 218.989007] RBP: ffff88800baffbd0 R08: ffffed10048cb933 R09: ffffed10048cb933 [ 218.989615] R10: ffff88802465c993 R11: ffffed10048cb932 R12: ffff888018b8a800 [ 218.990225] R13: ffff88802465c9e8 R14: ffffffff8352e670 R15: ffff88800baffe68 [ 218.990845] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 218.991545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.992044] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 218.992666] PKRU: 55555554 [ 218.992912] Call Trace: [ 218.993134] [ 218.993332] __iommufd_access_detach+0x1c2/0x2b0 [ 218.993759] iommufd_access_change_pt+0x149/0x270 [ 218.994184] iommufd_access_replace+0xb4/0x120 [ 218.994601] iommufd_test+0x3e5/0x37e0 [ 218.994940] ? lock_release+0x532/0x770 [ 218.995307] ? __might_fault+0x102/0x1b0 [ 218.995672] ? lock_acquire+0x427/0x4c0 [ 218.996029] ? __pfx_iommufd_test+0x10/0x10 [ 218.996401] ? __pfx_lock_release+0x10/0x10 [ 218.996777] ? __pfx_lock_acquire+0x10/0x10 [ 218.997160] ? write_comp_data+0x2f/0x90 [ 218.997522] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 218.997947] ? write_comp_data+0x2f/0x90 [ 218.998307] iommufd_fops_ioctl+0x37d/0x510 [ 218.998702] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.999134] ? write_comp_data+0x2f/0x90 [ 218.999493] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 218.999912] __x64_sys_ioctl+0x1a3/0x230 [ 219.000274] do_syscall_64+0x3b/0x90 [ 219.000608] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.001061] RIP: 0033:0x7f4b8743ee5d [ 219.001384] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.002962] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.003624] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.004231] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.004852] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.005467] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.006082] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.006726] [ 219.006934] irq event stamp: 0 [ 219.007220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.007764] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.008486] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.009203] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.009758] ---[ end trace 0000000000000000 ]--- [ 219.012802] ------------[ cut here ]------------ [ 219.013242] WARNING: CPU: 0 PID: 2092 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.014127] Modules linked in: [ 219.014405] CPU: 0 PID: 2092 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.015188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.016160] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.016590] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.018156] RSP: 0018:ffff88800baffbd0 EFLAGS: 00010246 [ 219.018639] RAX: 0000000000000000 RBX: ffff88802465c8a8 RCX: 0000000000000000 [ 219.019266] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 219.019872] RBP: ffff88800baffbe8 R08: ffffed10048cb933 R09: ffffed10048cb933 [ 219.020575] R10: ffff88802465c993 R11: ffffed10048cb932 R12: ffff888013db8000 [ 219.021324] R13: ffff88802465c9e8 R14: ffff8880103b9f00 R15: 0000000000000000 [ 219.021931] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.022776] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.023287] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.023898] PKRU: 55555554 [ 219.024141] Call Trace: [ 219.024437] [ 219.024707] iommufd_access_destroy_object+0x65/0x170 [ 219.025154] iommufd_object_destroy_user+0x18e/0x220 [ 219.025591] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.026238] iommufd_access_destroy+0x43/0x70 [ 219.026654] iommufd_test_staccess_release+0x8d/0xd0 [ 219.027097] __fput+0x26d/0xa40 [ 219.027403] ____fput+0x1e/0x30 [ 219.027697] task_work_run+0x1a4/0x2d0 [ 219.028068] ? __pfx_task_work_run+0x10/0x10 [ 219.028560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.028988] ? switch_task_namespaces+0xa9/0xe0 [ 219.029400] do_exit+0xb17/0x2ef0 [ 219.029700] ? lock_acquire+0x427/0x4c0 [ 219.030189] ? __pfx_lock_release+0x10/0x10 [ 219.030582] ? __kasan_check_write+0x18/0x20 [ 219.030966] ? do_raw_spin_lock+0x132/0x2a0 [ 219.031358] ? __pfx_do_exit+0x10/0x10 [ 219.031705] ? debug_smp_processor_id+0x20/0x30 [ 219.032272] ? rcu_is_watching+0x19/0xb0 [ 219.032625] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.033019] ? trace_hardirqs_on+0x26/0x120 [ 219.033398] do_group_exit+0xe0/0x2b0 [ 219.033744] __x64_sys_exit_group+0x47/0x50 [ 219.034244] do_syscall_64+0x3b/0x90 [ 219.034588] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.035040] RIP: 0033:0x7f4b87518a4d [ 219.035366] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.035920] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.036713] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.037317] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.038083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.038709] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.039323] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.039935] [ 219.040138] irq event stamp: 0 [ 219.040411] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.040951] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.041657] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.042359] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.042912] ---[ end trace 0000000000000000 ]--- [ 219.043662] ------------[ cut here ]------------ [ 219.044062] WARNING: CPU: 0 PID: 2092 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.044923] Modules linked in: [ 219.045197] CPU: 0 PID: 2092 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.045935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.046917] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.047369] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.048918] RSP: 0018:ffff88800baffb78 EFLAGS: 00010246 [ 219.049370] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.049967] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 219.050595] RBP: ffff88800baffb98 R08: ffffed10048cb93e R09: ffffed10048cb93e [ 219.051212] R10: ffff88802465c9ef R11: ffffed10048cb93d R12: ffff88802465ca90 [ 219.051829] R13: ffff88802465c8a8 R14: ffffffffffffffff R15: ffff88800baffc60 [ 219.052437] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.053124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.053616] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.054218] PKRU: 55555554 [ 219.054463] Call Trace: [ 219.054703] [ 219.054901] iommufd_ioas_destroy+0x53/0x70 [ 219.055286] iommufd_fops_release+0x1f7/0x370 [ 219.055678] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.056107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.056532] ? write_comp_data+0x2f/0x90 [ 219.056890] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.057323] __fput+0x26d/0xa40 [ 219.057618] ____fput+0x1e/0x30 [ 219.057910] task_work_run+0x1a4/0x2d0 [ 219.058251] ? __pfx_task_work_run+0x10/0x10 [ 219.058659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.059083] ? switch_task_namespaces+0xa9/0xe0 [ 219.059499] do_exit+0xb17/0x2ef0 [ 219.059798] ? lock_acquire+0x427/0x4c0 [ 219.060148] ? __pfx_lock_release+0x10/0x10 [ 219.060523] ? __kasan_check_write+0x18/0x20 [ 219.060901] ? do_raw_spin_lock+0x132/0x2a0 [ 219.061269] ? __pfx_do_exit+0x10/0x10 [ 219.061628] ? debug_smp_processor_id+0x20/0x30 [ 219.062026] ? rcu_is_watching+0x19/0xb0 [ 219.062376] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.062782] ? trace_hardirqs_on+0x26/0x120 [ 219.063173] do_group_exit+0xe0/0x2b0 [ 219.063500] __x64_sys_exit_group+0x47/0x50 [ 219.063868] do_syscall_64+0x3b/0x90 [ 219.064196] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.064640] RIP: 0033:0x7f4b87518a4d [ 219.064957] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.065480] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.066126] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.066735] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.067324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.067901] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.068480] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.069066] [ 219.069256] irq event stamp: 0 [ 219.069519] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.070030] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.070726] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.071421] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.071935] ---[ end trace 0000000000000000 ]--- [ 219.076039] ------------[ cut here ]------------ [ 219.076457] WARNING: CPU: 0 PID: 2093 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.077280] Modules linked in: [ 219.077547] CPU: 0 PID: 2093 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.078255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.079215] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.079622] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.081101] RSP: 0018:ffff88800f157bb8 EFLAGS: 00010246 [ 219.081533] RAX: 0000000000000000 RBX: ffff8880178190a8 RCX: 0000000000000000 [ 219.082111] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 219.082868] RBP: ffff88800f157bd0 R08: ffffed1002f03233 R09: ffffed1002f03233 [ 219.083460] R10: ffff888017819193 R11: ffffed1002f03232 R12: ffff888010e00000 [ 219.084041] R13: ffff8880178191e8 R14: ffffffff8352e670 R15: ffff88800f157e68 [ 219.084622] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.085274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.085747] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 219.086332] PKRU: 55555554 [ 219.086582] Call Trace: [ 219.086796] [ 219.086983] __iommufd_access_detach+0x1c2/0x2b0 [ 219.087400] iommufd_access_change_pt+0x149/0x270 [ 219.087808] iommufd_access_replace+0xb4/0x120 [ 219.088191] iommufd_test+0x3e5/0x37e0 [ 219.088511] ? lock_release+0x532/0x770 [ 219.088848] ? __might_fault+0x102/0x1b0 [ 219.089187] ? lock_acquire+0x427/0x4c0 [ 219.089524] ? __pfx_iommufd_test+0x10/0x10 [ 219.089880] ? __pfx_lock_release+0x10/0x10 [ 219.090244] ? __pfx_lock_acquire+0x10/0x10 [ 219.090624] ? write_comp_data+0x2f/0x90 [ 219.090972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.091381] ? write_comp_data+0x2f/0x90 [ 219.091723] iommufd_fops_ioctl+0x37d/0x510 [ 219.092082] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.092487] ? write_comp_data+0x2f/0x90 [ 219.092829] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.093225] __x64_sys_ioctl+0x1a3/0x230 [ 219.093569] do_syscall_64+0x3b/0x90 [ 219.093883] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.094312] RIP: 0033:0x7f4b8743ee5d [ 219.094634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.096094] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.096695] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.097254] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.097811] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.098370] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.098947] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.099520] [ 219.099705] irq event stamp: 0 [ 219.099956] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.100451] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.101111] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.101770] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.102269] ---[ end trace 0000000000000000 ]--- [ 219.104972] ------------[ cut here ]------------ [ 219.105359] WARNING: CPU: 0 PID: 2093 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.106148] Modules linked in: [ 219.106399] CPU: 0 PID: 2093 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.107112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.108005] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.108390] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.109793] RSP: 0018:ffff88800f157bd0 EFLAGS: 00010246 [ 219.110205] RAX: 0000000000000000 RBX: ffff8880178190a8 RCX: 0000000000000000 [ 219.110766] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 219.111326] RBP: ffff88800f157be8 R08: ffffed1002f03233 R09: ffffed1002f03233 [ 219.111876] R10: ffff888017819193 R11: ffffed1002f03232 R12: ffff888018b8bc00 [ 219.112426] R13: ffff8880178191e8 R14: ffff88800fd75400 R15: 0000000000000000 [ 219.112977] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.113600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.114050] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.114643] PKRU: 55555554 [ 219.114871] Call Trace: [ 219.115081] [ 219.115273] iommufd_access_destroy_object+0x65/0x170 [ 219.115687] iommufd_object_destroy_user+0x18e/0x220 [ 219.116091] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.116557] iommufd_access_destroy+0x43/0x70 [ 219.116926] iommufd_test_staccess_release+0x8d/0xd0 [ 219.117332] __fput+0x26d/0xa40 [ 219.117611] ____fput+0x1e/0x30 [ 219.117880] task_work_run+0x1a4/0x2d0 [ 219.118198] ? __pfx_task_work_run+0x10/0x10 [ 219.118573] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.118967] ? switch_task_namespaces+0xa9/0xe0 [ 219.119354] do_exit+0xb17/0x2ef0 [ 219.119629] ? lock_acquire+0x427/0x4c0 [ 219.119951] ? __pfx_lock_release+0x10/0x10 [ 219.120295] ? __kasan_check_write+0x18/0x20 [ 219.120647] ? do_raw_spin_lock+0x132/0x2a0 [ 219.120987] ? __pfx_do_exit+0x10/0x10 [ 219.121300] ? debug_smp_processor_id+0x20/0x30 [ 219.121667] ? rcu_is_watching+0x19/0xb0 [ 219.121991] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.122352] ? trace_hardirqs_on+0x26/0x120 [ 219.122709] do_group_exit+0xe0/0x2b0 [ 219.123013] __x64_sys_exit_group+0x47/0x50 [ 219.123361] do_syscall_64+0x3b/0x90 [ 219.123663] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.124072] RIP: 0033:0x7f4b87518a4d [ 219.124367] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.124843] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.125431] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.125989] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.126558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.127121] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.127680] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.128244] [ 219.128427] irq event stamp: 0 [ 219.128674] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.129165] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.129829] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.130480] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.131000] ---[ end trace 0000000000000000 ]--- [ 219.131713] ------------[ cut here ]------------ [ 219.132083] WARNING: CPU: 0 PID: 2093 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.132890] Modules linked in: [ 219.133150] CPU: 0 PID: 2093 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.133842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.134759] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.135185] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.136630] RSP: 0018:ffff88800f157b78 EFLAGS: 00010246 [ 219.137053] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.137619] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 219.138185] RBP: ffff88800f157b98 R08: ffffed1002f0323e R09: ffffed1002f0323e [ 219.138769] R10: ffff8880178191ef R11: ffffed1002f0323d R12: ffff888017819290 [ 219.139351] R13: ffff8880178190a8 R14: ffffffffffffffff R15: ffff88800f157c60 [ 219.139936] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.140599] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.141081] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.141669] PKRU: 55555554 [ 219.141904] Call Trace: [ 219.142118] [ 219.142308] iommufd_ioas_destroy+0x53/0x70 [ 219.142690] iommufd_fops_release+0x1f7/0x370 [ 219.143073] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.143494] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.143905] ? write_comp_data+0x2f/0x90 [ 219.144249] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.144666] __fput+0x26d/0xa40 [ 219.144957] ____fput+0x1e/0x30 [ 219.145237] task_work_run+0x1a4/0x2d0 [ 219.145569] ? __pfx_task_work_run+0x10/0x10 [ 219.145939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.146347] ? switch_task_namespaces+0xa9/0xe0 [ 219.146766] do_exit+0xb17/0x2ef0 [ 219.147059] ? lock_acquire+0x427/0x4c0 [ 219.147407] ? __pfx_lock_release+0x10/0x10 [ 219.147771] ? __kasan_check_write+0x18/0x20 [ 219.148140] ? do_raw_spin_lock+0x132/0x2a0 [ 219.148504] ? __pfx_do_exit+0x10/0x10 [ 219.148837] ? debug_smp_processor_id+0x20/0x30 [ 219.149223] ? rcu_is_watching+0x19/0xb0 [ 219.149564] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.149952] ? trace_hardirqs_on+0x26/0x120 [ 219.150332] do_group_exit+0xe0/0x2b0 [ 219.150680] __x64_sys_exit_group+0x47/0x50 [ 219.151043] do_syscall_64+0x3b/0x90 [ 219.151370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.151808] RIP: 0033:0x7f4b87518a4d [ 219.152123] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.152638] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.153265] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.153844] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.154429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.155037] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.155631] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.156221] [ 219.156413] irq event stamp: 0 [ 219.156670] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.157192] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.157879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.158570] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.159089] ---[ end trace 0000000000000000 ]--- [ 219.163511] ------------[ cut here ]------------ [ 219.163922] WARNING: CPU: 0 PID: 2094 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.164744] Modules linked in: [ 219.165009] CPU: 0 PID: 2094 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.165718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.166688] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.167100] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.168596] RSP: 0018:ffff888021957bb8 EFLAGS: 00010246 [ 219.169036] RAX: 0000000000000000 RBX: ffff88801619b0a8 RCX: 0000000000000000 [ 219.169615] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 219.170207] RBP: ffff888021957bd0 R08: ffffed1002c33633 R09: ffffed1002c33633 [ 219.170810] R10: ffff88801619b193 R11: ffffed1002c33632 R12: ffff888010826000 [ 219.171411] R13: ffff88801619b1e8 R14: ffffffff8352e670 R15: ffff888021957e68 [ 219.172004] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.172666] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.173141] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 219.173725] PKRU: 55555554 [ 219.173963] Call Trace: [ 219.174176] [ 219.174364] __iommufd_access_detach+0x1c2/0x2b0 [ 219.174790] iommufd_access_change_pt+0x149/0x270 [ 219.175214] iommufd_access_replace+0xb4/0x120 [ 219.175603] iommufd_test+0x3e5/0x37e0 [ 219.175924] ? lock_release+0x532/0x770 [ 219.176262] ? __might_fault+0x102/0x1b0 [ 219.176604] ? lock_acquire+0x427/0x4c0 [ 219.176944] ? __pfx_iommufd_test+0x10/0x10 [ 219.177299] ? __pfx_lock_release+0x10/0x10 [ 219.177667] ? __pfx_lock_acquire+0x10/0x10 [ 219.178039] ? write_comp_data+0x2f/0x90 [ 219.178400] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.178847] ? write_comp_data+0x2f/0x90 [ 219.179224] iommufd_fops_ioctl+0x37d/0x510 [ 219.179609] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.180043] ? write_comp_data+0x2f/0x90 [ 219.180414] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.180847] __x64_sys_ioctl+0x1a3/0x230 [ 219.181313] do_syscall_64+0x3b/0x90 [ 219.181795] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.182251] RIP: 0033:0x7f4b8743ee5d [ 219.182600] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.184401] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.185076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.185895] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.186547] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.187182] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.187997] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.188623] [ 219.188830] irq event stamp: 0 [ 219.189109] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.189867] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.190632] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.191382] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.192122] ---[ end trace 0000000000000000 ]--- [ 219.195113] ------------[ cut here ]------------ [ 219.195673] WARNING: CPU: 0 PID: 2094 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.196727] Modules linked in: [ 219.197026] CPU: 0 PID: 2094 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.198011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.199072] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.199548] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.201461] RSP: 0018:ffff888021957bd0 EFLAGS: 00010246 [ 219.202138] RAX: 0000000000000000 RBX: ffff88801619b0a8 RCX: 0000000000000000 [ 219.202824] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 219.203515] RBP: ffff888021957be8 R08: ffffed1002c33633 R09: ffffed1002c33633 [ 219.204448] R10: ffff88801619b193 R11: ffffed1002c33632 R12: ffff888010e02000 [ 219.205124] R13: ffff88801619b1e8 R14: ffff888010d0f200 R15: 0000000000000000 [ 219.205798] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.206810] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.207369] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.208038] PKRU: 55555554 [ 219.208327] Call Trace: [ 219.208740] [ 219.208954] iommufd_access_destroy_object+0x65/0x170 [ 219.209453] iommufd_object_destroy_user+0x18e/0x220 [ 219.209940] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.210596] iommufd_access_destroy+0x43/0x70 [ 219.211171] iommufd_test_staccess_release+0x8d/0xd0 [ 219.211663] __fput+0x26d/0xa40 [ 219.211991] ____fput+0x1e/0x30 [ 219.212315] task_work_run+0x1a4/0x2d0 [ 219.212696] ? __pfx_task_work_run+0x10/0x10 [ 219.213326] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.213793] ? switch_task_namespaces+0xa9/0xe0 [ 219.214254] do_exit+0xb17/0x2ef0 [ 219.214642] ? lock_acquire+0x427/0x4c0 [ 219.215170] ? __pfx_lock_release+0x10/0x10 [ 219.215759] ? __kasan_check_write+0x18/0x20 [ 219.216217] ? do_raw_spin_lock+0x132/0x2a0 [ 219.216668] ? __pfx_do_exit+0x10/0x10 [ 219.217207] ? debug_smp_processor_id+0x20/0x30 [ 219.217876] ? rcu_is_watching+0x19/0xb0 [ 219.218307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.218797] ? trace_hardirqs_on+0x26/0x120 [ 219.219338] do_group_exit+0xe0/0x2b0 [ 219.219894] __x64_sys_exit_group+0x47/0x50 [ 219.220349] do_syscall_64+0x3b/0x90 [ 219.220746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.221324] RIP: 0033:0x7f4b87518a4d [ 219.221940] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.222600] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.223400] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.224380] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.225113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.225948] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.226846] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.227609] [ 219.227864] irq event stamp: 0 [ 219.228199] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.228858] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.229731] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.230623] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.231276] ---[ end trace 0000000000000000 ]--- [ 219.232130] ------------[ cut here ]------------ [ 219.232836] WARNING: CPU: 0 PID: 2094 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.234012] Modules linked in: [ 219.234346] CPU: 0 PID: 2094 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.235294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.236445] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.236982] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.239223] RSP: 0018:ffff888021957b78 EFLAGS: 00010246 [ 219.239778] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.240533] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 219.241294] RBP: ffff888021957b98 R08: ffffed1002c3363e R09: ffffed1002c3363e [ 219.242280] R10: ffff88801619b1ef R11: ffffed1002c3363d R12: ffff88801619b290 [ 219.243255] R13: ffff88801619b0a8 R14: ffffffffffffffff R15: ffff888021957c60 [ 219.243996] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.244832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.245417] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.246241] PKRU: 55555554 [ 219.246822] Call Trace: [ 219.247097] [ 219.247343] iommufd_ioas_destroy+0x53/0x70 [ 219.247804] iommufd_fops_release+0x1f7/0x370 [ 219.248278] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.248805] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.249323] ? write_comp_data+0x2f/0x90 [ 219.249758] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.250285] __fput+0x26d/0xa40 [ 219.250694] ____fput+0x1e/0x30 [ 219.251178] task_work_run+0x1a4/0x2d0 [ 219.251778] ? __pfx_task_work_run+0x10/0x10 [ 219.252245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.252760] ? switch_task_namespaces+0xa9/0xe0 [ 219.253271] do_exit+0xb17/0x2ef0 [ 219.253654] ? lock_acquire+0x427/0x4c0 [ 219.254093] ? __pfx_lock_release+0x10/0x10 [ 219.254603] ? __kasan_check_write+0x18/0x20 [ 219.255076] ? do_raw_spin_lock+0x132/0x2a0 [ 219.255550] ? __pfx_do_exit+0x10/0x10 [ 219.255979] ? debug_smp_processor_id+0x20/0x30 [ 219.256785] ? rcu_is_watching+0x19/0xb0 [ 219.257218] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.257696] ? trace_hardirqs_on+0x26/0x120 [ 219.258149] do_group_exit+0xe0/0x2b0 [ 219.258599] __x64_sys_exit_group+0x47/0x50 [ 219.259057] do_syscall_64+0x3b/0x90 [ 219.259472] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.260032] RIP: 0033:0x7f4b87518a4d [ 219.260423] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.261229] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.262194] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.262972] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.263739] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.264486] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.265263] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.266401] [ 219.266705] irq event stamp: 0 [ 219.267048] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.267743] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.268643] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.269523] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.270203] ---[ end trace 0000000000000000 ]--- [ 219.276138] ------------[ cut here ]------------ [ 219.276687] WARNING: CPU: 0 PID: 2095 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.278125] Modules linked in: [ 219.278463] CPU: 0 PID: 2095 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.279475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.280671] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.281213] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.283506] RSP: 0018:ffff888012edfbb8 EFLAGS: 00010246 [ 219.284091] RAX: 0000000000000000 RBX: ffff88800bafc0a8 RCX: 0000000000000000 [ 219.284855] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 219.285632] RBP: ffff888012edfbd0 R08: ffffed100175f833 R09: ffffed100175f833 [ 219.286411] R10: ffff88800bafc193 R11: ffffed100175f832 R12: ffff888012e95800 [ 219.287237] R13: ffff88800bafc1e8 R14: ffffffff8352e670 R15: ffff888012edfe68 [ 219.288015] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.288868] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.289479] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 219.290221] PKRU: 55555554 [ 219.290552] Call Trace: [ 219.290835] [ 219.291080] __iommufd_access_detach+0x1c2/0x2b0 [ 219.291628] iommufd_access_change_pt+0x149/0x270 [ 219.292155] iommufd_access_replace+0xb4/0x120 [ 219.292658] iommufd_test+0x3e5/0x37e0 [ 219.293070] ? lock_release+0x532/0x770 [ 219.293502] ? __might_fault+0x102/0x1b0 [ 219.293942] ? lock_acquire+0x427/0x4c0 [ 219.294374] ? __pfx_iommufd_test+0x10/0x10 [ 219.294888] ? __pfx_lock_release+0x10/0x10 [ 219.295377] ? __pfx_lock_acquire+0x10/0x10 [ 219.295850] ? write_comp_data+0x2f/0x90 [ 219.296294] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.296818] ? write_comp_data+0x2f/0x90 [ 219.297260] iommufd_fops_ioctl+0x37d/0x510 [ 219.297725] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.298248] ? write_comp_data+0x2f/0x90 [ 219.298730] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.299269] __x64_sys_ioctl+0x1a3/0x230 [ 219.299717] do_syscall_64+0x3b/0x90 [ 219.300128] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.300687] RIP: 0033:0x7f4b8743ee5d [ 219.301080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.303039] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.303865] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.304616] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.305377] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.306150] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.306942] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.307736] [ 219.307984] irq event stamp: 0 [ 219.308318] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.308983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.309883] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.310816] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.311530] ---[ end trace 0000000000000000 ]--- [ 219.315059] ------------[ cut here ]------------ [ 219.315615] WARNING: CPU: 0 PID: 2095 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.316724] Modules linked in: [ 219.317196] CPU: 0 PID: 2095 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.318273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.319528] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.320069] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.322305] RSP: 0018:ffff888012edfbd0 EFLAGS: 00010246 [ 219.322906] RAX: 0000000000000000 RBX: ffff88800bafc0a8 RCX: 0000000000000000 [ 219.323677] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 219.324432] RBP: ffff888012edfbe8 R08: ffffed100175f833 R09: ffffed100175f833 [ 219.325199] R10: ffff88800bafc193 R11: ffffed100175f832 R12: ffff888010825400 [ 219.326240] R13: ffff88800bafc1e8 R14: ffff888018b83400 R15: 0000000000000000 [ 219.327019] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.327895] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.328728] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.329492] PKRU: 55555554 [ 219.329797] Call Trace: [ 219.330070] [ 219.330344] iommufd_access_destroy_object+0x65/0x170 [ 219.331131] iommufd_object_destroy_user+0x18e/0x220 [ 219.331690] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.332328] iommufd_access_destroy+0x43/0x70 [ 219.332831] iommufd_test_staccess_release+0x8d/0xd0 [ 219.333643] __fput+0x26d/0xa40 [ 219.334017] ____fput+0x1e/0x30 [ 219.334385] task_work_run+0x1a4/0x2d0 [ 219.334835] ? __pfx_task_work_run+0x10/0x10 [ 219.335331] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.335925] ? switch_task_namespaces+0xa9/0xe0 [ 219.336566] do_exit+0xb17/0x2ef0 [ 219.336944] ? lock_acquire+0x427/0x4c0 [ 219.337391] ? __pfx_lock_release+0x10/0x10 [ 219.337862] ? __kasan_check_write+0x18/0x20 [ 219.338605] ? do_raw_spin_lock+0x132/0x2a0 [ 219.339080] ? __pfx_do_exit+0x10/0x10 [ 219.339521] ? debug_smp_processor_id+0x20/0x30 [ 219.340025] ? rcu_is_watching+0x19/0xb0 [ 219.340465] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.341199] ? trace_hardirqs_on+0x26/0x120 [ 219.341673] do_group_exit+0xe0/0x2b0 [ 219.342086] __x64_sys_exit_group+0x47/0x50 [ 219.342576] do_syscall_64+0x3b/0x90 [ 219.342985] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.343687] RIP: 0033:0x7f4b87518a4d [ 219.344239] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.344903] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.345754] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.346751] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.347528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.348286] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.349322] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.350099] [ 219.350359] irq event stamp: 0 [ 219.350731] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.351672] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.352566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.353453] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.354364] ---[ end trace 0000000000000000 ]--- [ 219.355311] ------------[ cut here ]------------ [ 219.355826] WARNING: CPU: 0 PID: 2095 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.357162] Modules linked in: [ 219.357516] CPU: 0 PID: 2095 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.358461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.359974] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.360545] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.362748] RSP: 0018:ffff888012edfb78 EFLAGS: 00010246 [ 219.363359] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.364130] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 219.364894] RBP: ffff888012edfb98 R08: ffffed100175f83e R09: ffffed100175f83e [ 219.365657] R10: ffff88800bafc1ef R11: ffffed100175f83d R12: ffff88800bafc290 [ 219.366423] R13: ffff88800bafc0a8 R14: ffffffffffffffff R15: ffff888012edfc60 [ 219.367230] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.368088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.368714] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.369486] PKRU: 55555554 [ 219.369798] Call Trace: [ 219.370079] [ 219.370327] iommufd_ioas_destroy+0x53/0x70 [ 219.370832] iommufd_fops_release+0x1f7/0x370 [ 219.371365] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.371901] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.372440] ? write_comp_data+0x2f/0x90 [ 219.372894] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.373437] __fput+0x26d/0xa40 [ 219.373812] ____fput+0x1e/0x30 [ 219.374174] task_work_run+0x1a4/0x2d0 [ 219.374634] ? __pfx_task_work_run+0x10/0x10 [ 219.375134] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.375677] ? switch_task_namespaces+0xa9/0xe0 [ 219.376200] do_exit+0xb17/0x2ef0 [ 219.376578] ? lock_acquire+0x427/0x4c0 [ 219.377019] ? __pfx_lock_release+0x10/0x10 [ 219.377492] ? __kasan_check_write+0x18/0x20 [ 219.377973] ? do_raw_spin_lock+0x132/0x2a0 [ 219.378447] ? __pfx_do_exit+0x10/0x10 [ 219.378916] ? debug_smp_processor_id+0x20/0x30 [ 219.379438] ? rcu_is_watching+0x19/0xb0 [ 219.379877] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.380368] ? trace_hardirqs_on+0x26/0x120 [ 219.380844] do_group_exit+0xe0/0x2b0 [ 219.381259] __x64_sys_exit_group+0x47/0x50 [ 219.381722] do_syscall_64+0x3b/0x90 [ 219.382131] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.382731] RIP: 0033:0x7f4b87518a4d [ 219.383149] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.383810] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.384629] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.385415] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.386181] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.386984] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.387781] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.388570] [ 219.388830] irq event stamp: 0 [ 219.389174] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.389862] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.390809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.391734] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.392405] ---[ end trace 0000000000000000 ]--- [ 219.397766] ------------[ cut here ]------------ [ 219.398779] WARNING: CPU: 1 PID: 2096 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.399905] Modules linked in: [ 219.400250] CPU: 1 PID: 2096 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.401403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.402668] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.403426] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.405582] RSP: 0018:ffff888016fa7bb8 EFLAGS: 00010246 [ 219.406162] RAX: 0000000000000000 RBX: ffff888016cd58a8 RCX: 0000000000000000 [ 219.406956] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 219.407863] RBP: ffff888016fa7bd0 R08: ffffed1002d9ab33 R09: ffffed1002d9ab33 [ 219.408734] R10: ffff888016cd5993 R11: ffffed1002d9ab32 R12: ffff88800fcb1800 [ 219.409515] R13: ffff888016cd59e8 R14: ffffffff8352e670 R15: ffff888016fa7e68 [ 219.410500] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 219.411414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.412046] CR2: 00007f82e2aa7050 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 219.412816] PKRU: 55555554 [ 219.413123] Call Trace: [ 219.413400] [ 219.413651] __iommufd_access_detach+0x1c2/0x2b0 [ 219.414179] iommufd_access_change_pt+0x149/0x270 [ 219.414755] iommufd_access_replace+0xb4/0x120 [ 219.415289] iommufd_test+0x3e5/0x37e0 [ 219.415707] ? lock_release+0x532/0x770 [ 219.416143] ? __might_fault+0x102/0x1b0 [ 219.416586] ? lock_acquire+0x427/0x4c0 [ 219.417024] ? __pfx_iommufd_test+0x10/0x10 [ 219.417483] ? __pfx_lock_release+0x10/0x10 [ 219.417954] ? __pfx_lock_acquire+0x10/0x10 [ 219.418423] ? write_comp_data+0x2f/0x90 [ 219.418893] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.419432] ? write_comp_data+0x2f/0x90 [ 219.419875] iommufd_fops_ioctl+0x37d/0x510 [ 219.420337] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.420856] ? write_comp_data+0x2f/0x90 [ 219.421296] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.421807] __x64_sys_ioctl+0x1a3/0x230 [ 219.422245] do_syscall_64+0x3b/0x90 [ 219.422692] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.423255] RIP: 0033:0x7f4b8743ee5d [ 219.423650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.425565] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.426389] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.427196] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.427951] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.428690] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.429449] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.430209] [ 219.430461] irq event stamp: 0 [ 219.430826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.431508] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.432393] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.433264] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.433969] ---[ end trace 0000000000000000 ]--- [ 219.437679] ------------[ cut here ]------------ [ 219.438225] WARNING: CPU: 1 PID: 2096 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.439479] Modules linked in: [ 219.439898] CPU: 1 PID: 2096 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.440809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.442006] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.442754] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.444677] RSP: 0018:ffff888016fa7bd0 EFLAGS: 00010246 [ 219.445508] RAX: 0000000000000000 RBX: ffff888016cd58a8 RCX: 0000000000000000 [ 219.446267] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 219.447067] RBP: ffff888016fa7be8 R08: ffffed1002d9ab33 R09: ffffed1002d9ab33 [ 219.447964] R10: ffff888016cd5993 R11: ffffed1002d9ab32 R12: ffff88801341c800 [ 219.448853] R13: ffff888016cd59e8 R14: ffff888020df5300 R15: 0000000000000000 [ 219.449595] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 219.450682] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.451319] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 219.452080] PKRU: 55555554 [ 219.452387] Call Trace: [ 219.452665] [ 219.453008] iommufd_access_destroy_object+0x65/0x170 [ 219.453699] iommufd_object_destroy_user+0x18e/0x220 [ 219.454250] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.454899] iommufd_access_destroy+0x43/0x70 [ 219.455401] iommufd_test_staccess_release+0x8d/0xd0 [ 219.455946] __fput+0x26d/0xa40 [ 219.456315] ____fput+0x1e/0x30 [ 219.456680] task_work_run+0x1a4/0x2d0 [ 219.457119] ? __pfx_task_work_run+0x10/0x10 [ 219.457604] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.458142] ? switch_task_namespaces+0xa9/0xe0 [ 219.458686] do_exit+0xb17/0x2ef0 [ 219.459063] ? lock_acquire+0x427/0x4c0 [ 219.459524] ? __pfx_lock_release+0x10/0x10 [ 219.460004] ? __kasan_check_write+0x18/0x20 [ 219.460491] ? do_raw_spin_lock+0x132/0x2a0 [ 219.460956] ? __pfx_do_exit+0x10/0x10 [ 219.461389] ? debug_smp_processor_id+0x20/0x30 [ 219.461881] ? rcu_is_watching+0x19/0xb0 [ 219.462327] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.462852] ? trace_hardirqs_on+0x26/0x120 [ 219.463327] do_group_exit+0xe0/0x2b0 [ 219.463732] __x64_sys_exit_group+0x47/0x50 [ 219.464189] do_syscall_64+0x3b/0x90 [ 219.464597] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.465146] RIP: 0033:0x7f4b87518a4d [ 219.465542] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.466193] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.467032] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.467800] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.468542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.469299] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.470049] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.470848] [ 219.471109] irq event stamp: 0 [ 219.471451] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.472119] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.472989] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.473858] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.474543] ---[ end trace 0000000000000000 ]--- [ 219.475439] ------------[ cut here ]------------ [ 219.475929] WARNING: CPU: 1 PID: 2096 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.476990] Modules linked in: [ 219.477331] CPU: 1 PID: 2096 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.478250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.479495] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.480054] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.481956] RSP: 0018:ffff888016fa7b78 EFLAGS: 00010246 [ 219.482545] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.483304] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 219.484039] RBP: ffff888016fa7b98 R08: ffffed1002d9ab3e R09: ffffed1002d9ab3e [ 219.484776] R10: ffff888016cd59ef R11: ffffed1002d9ab3d R12: ffff888016cd5a90 [ 219.485513] R13: ffff888016cd58a8 R14: ffffffffffffffff R15: ffff888016fa7c60 [ 219.486252] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 219.487130] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.487743] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 219.488477] PKRU: 55555554 [ 219.488777] Call Trace: [ 219.489043] [ 219.489282] iommufd_ioas_destroy+0x53/0x70 [ 219.489742] iommufd_fops_release+0x1f7/0x370 [ 219.490218] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.490762] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.491285] ? write_comp_data+0x2f/0x90 [ 219.491714] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.492239] __fput+0x26d/0xa40 [ 219.492604] ____fput+0x1e/0x30 [ 219.492956] task_work_run+0x1a4/0x2d0 [ 219.493373] ? __pfx_task_work_run+0x10/0x10 [ 219.493841] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.494360] ? switch_task_namespaces+0xa9/0xe0 [ 219.494899] do_exit+0xb17/0x2ef0 [ 219.495276] ? lock_acquire+0x427/0x4c0 [ 219.495702] ? __pfx_lock_release+0x10/0x10 [ 219.496159] ? __kasan_check_write+0x18/0x20 [ 219.496616] ? do_raw_spin_lock+0x132/0x2a0 [ 219.497065] ? __pfx_do_exit+0x10/0x10 [ 219.497478] ? debug_smp_processor_id+0x20/0x30 [ 219.497964] ? rcu_is_watching+0x19/0xb0 [ 219.498385] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.498889] ? trace_hardirqs_on+0x26/0x120 [ 219.499363] do_group_exit+0xe0/0x2b0 [ 219.499761] __x64_sys_exit_group+0x47/0x50 [ 219.500208] do_syscall_64+0x3b/0x90 [ 219.500608] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.501153] RIP: 0033:0x7f4b87518a4d [ 219.501548] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.502184] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.503031] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.503796] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.504546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.505289] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.506016] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.506794] [ 219.507047] irq event stamp: 0 [ 219.507394] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.508044] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.508908] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.509771] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.510429] ---[ end trace 0000000000000000 ]--- [ 219.514893] ------------[ cut here ]------------ [ 219.515485] WARNING: CPU: 0 PID: 2097 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.516538] Modules linked in: [ 219.516873] CPU: 0 PID: 2097 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.517783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.519038] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.519595] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.521504] RSP: 0018:ffff888013847bb8 EFLAGS: 00010246 [ 219.522068] RAX: 0000000000000000 RBX: ffff88800f3718a8 RCX: 0000000000000000 [ 219.523096] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 219.523861] RBP: ffff888013847bd0 R08: ffffed1001e6e333 R09: ffffed1001e6e333 [ 219.524603] R10: ffff88800f371993 R11: ffffed1001e6e332 R12: ffff888013dba400 [ 219.525343] R13: ffff88800f3719e8 R14: ffffffff8352e670 R15: ffff888013847e68 [ 219.526098] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.526988] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.527625] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 219.528371] PKRU: 55555554 [ 219.528670] Call Trace: [ 219.528941] [ 219.529180] __iommufd_access_detach+0x1c2/0x2b0 [ 219.529701] iommufd_access_change_pt+0x149/0x270 [ 219.530221] iommufd_access_replace+0xb4/0x120 [ 219.530745] iommufd_test+0x3e5/0x37e0 [ 219.531172] ? lock_release+0x532/0x770 [ 219.531602] ? __might_fault+0x102/0x1b0 [ 219.532044] ? lock_acquire+0x427/0x4c0 [ 219.532471] ? __pfx_iommufd_test+0x10/0x10 [ 219.532917] ? __pfx_lock_release+0x10/0x10 [ 219.533373] ? __pfx_lock_acquire+0x10/0x10 [ 219.533834] ? write_comp_data+0x2f/0x90 [ 219.534270] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.534814] ? write_comp_data+0x2f/0x90 [ 219.535268] iommufd_fops_ioctl+0x37d/0x510 [ 219.535725] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.536240] ? write_comp_data+0x2f/0x90 [ 219.536673] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.537183] __x64_sys_ioctl+0x1a3/0x230 [ 219.537619] do_syscall_64+0x3b/0x90 [ 219.538019] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.538591] RIP: 0033:0x7f4b8743ee5d [ 219.538983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.540897] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.541689] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.542424] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.543183] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.543929] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.544666] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.545409] [ 219.545652] irq event stamp: 0 [ 219.545976] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.546653] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.547535] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.548396] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.549047] ---[ end trace 0000000000000000 ]--- [ 219.552308] ------------[ cut here ]------------ [ 219.552832] WARNING: CPU: 0 PID: 2097 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.553889] Modules linked in: [ 219.554226] CPU: 0 PID: 2097 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.555171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.556346] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.556864] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.558746] RSP: 0018:ffff888013847bd0 EFLAGS: 00010246 [ 219.559311] RAX: 0000000000000000 RBX: ffff88800f3718a8 RCX: 0000000000000000 [ 219.560050] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 219.560791] RBP: ffff888013847be8 R08: ffffed1001e6e333 R09: ffffed1001e6e333 [ 219.561540] R10: ffff88800f371993 R11: ffffed1001e6e332 R12: ffff8880129c7400 [ 219.562270] R13: ffff88800f3719e8 R14: ffff88800fd75e00 R15: 0000000000000000 [ 219.563031] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.563877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.564474] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.565209] PKRU: 55555554 [ 219.565498] Call Trace: [ 219.565763] [ 219.565997] iommufd_access_destroy_object+0x65/0x170 [ 219.566551] iommufd_object_destroy_user+0x18e/0x220 [ 219.567081] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.567689] iommufd_access_destroy+0x43/0x70 [ 219.568161] iommufd_test_staccess_release+0x8d/0xd0 [ 219.568707] __fput+0x26d/0xa40 [ 219.569070] ____fput+0x1e/0x30 [ 219.569430] task_work_run+0x1a4/0x2d0 [ 219.569848] ? __pfx_task_work_run+0x10/0x10 [ 219.570318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.570878] ? switch_task_namespaces+0xa9/0xe0 [ 219.571407] do_exit+0xb17/0x2ef0 [ 219.571775] ? lock_acquire+0x427/0x4c0 [ 219.572211] ? __pfx_lock_release+0x10/0x10 [ 219.572668] ? __kasan_check_write+0x18/0x20 [ 219.573145] ? do_raw_spin_lock+0x132/0x2a0 [ 219.573595] ? __pfx_do_exit+0x10/0x10 [ 219.574012] ? debug_smp_processor_id+0x20/0x30 [ 219.574497] ? rcu_is_watching+0x19/0xb0 [ 219.574956] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.575453] ? trace_hardirqs_on+0x26/0x120 [ 219.575909] do_group_exit+0xe0/0x2b0 [ 219.576304] __x64_sys_exit_group+0x47/0x50 [ 219.576751] do_syscall_64+0x3b/0x90 [ 219.577143] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.577680] RIP: 0033:0x7f4b87518a4d [ 219.578063] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.578737] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.579564] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.580308] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.581045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.581777] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.582539] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.583310] [ 219.583553] irq event stamp: 0 [ 219.583876] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.584528] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.585402] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.586261] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.586940] ---[ end trace 0000000000000000 ]--- [ 219.587823] ------------[ cut here ]------------ [ 219.588315] WARNING: CPU: 0 PID: 2097 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.589359] Modules linked in: [ 219.589694] CPU: 0 PID: 2097 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.590608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.591789] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.592332] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.594221] RSP: 0018:ffff888013847b78 EFLAGS: 00010246 [ 219.594821] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.595576] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 219.596309] RBP: ffff888013847b98 R08: ffffed1001e6e33e R09: ffffed1001e6e33e [ 219.597047] R10: ffff88800f3719ef R11: ffffed1001e6e33d R12: ffff88800f371a90 [ 219.597777] R13: ffff88800f3718a8 R14: ffffffffffffffff R15: ffff888013847c60 [ 219.598543] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.599397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.599996] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.600728] PKRU: 55555554 [ 219.601028] Call Trace: [ 219.601301] [ 219.601538] iommufd_ioas_destroy+0x53/0x70 [ 219.602003] iommufd_fops_release+0x1f7/0x370 [ 219.602488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.603053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.603592] ? write_comp_data+0x2f/0x90 [ 219.604024] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.604545] __fput+0x26d/0xa40 [ 219.604909] ____fput+0x1e/0x30 [ 219.605257] task_work_run+0x1a4/0x2d0 [ 219.605674] ? __pfx_task_work_run+0x10/0x10 [ 219.606140] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.606676] ? switch_task_namespaces+0xa9/0xe0 [ 219.607193] do_exit+0xb17/0x2ef0 [ 219.607555] ? lock_acquire+0x427/0x4c0 [ 219.607976] ? __pfx_lock_release+0x10/0x10 [ 219.608428] ? __kasan_check_write+0x18/0x20 [ 219.608893] ? do_raw_spin_lock+0x132/0x2a0 [ 219.609347] ? __pfx_do_exit+0x10/0x10 [ 219.609760] ? debug_smp_processor_id+0x20/0x30 [ 219.610246] ? rcu_is_watching+0x19/0xb0 [ 219.610695] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.611189] ? trace_hardirqs_on+0x26/0x120 [ 219.611641] do_group_exit+0xe0/0x2b0 [ 219.612034] __x64_sys_exit_group+0x47/0x50 [ 219.612478] do_syscall_64+0x3b/0x90 [ 219.612867] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.613428] RIP: 0033:0x7f4b87518a4d [ 219.613826] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.614457] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.615277] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.616022] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.616762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.617500] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.618235] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.619016] [ 219.619280] irq event stamp: 0 [ 219.619619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.620274] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.621152] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.622012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.622687] ---[ end trace 0000000000000000 ]--- [ 219.627693] ------------[ cut here ]------------ [ 219.628255] WARNING: CPU: 0 PID: 2098 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.629286] Modules linked in: [ 219.629618] CPU: 0 PID: 2098 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.630465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.631580] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.632058] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.633769] RSP: 0018:ffff888011df7bb8 EFLAGS: 00010246 [ 219.634271] RAX: 0000000000000000 RBX: ffff888017b530a8 RCX: 0000000000000000 [ 219.634966] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 219.635655] RBP: ffff888011df7bd0 R08: ffffed1002f6a633 R09: ffffed1002f6a633 [ 219.636332] R10: ffff888017b53193 R11: ffffed1002f6a632 R12: ffff888010c49000 [ 219.637007] R13: ffff888017b531e8 R14: ffffffff8352e670 R15: ffff888011df7e68 [ 219.637682] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.638447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.639019] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ef0 [ 219.639706] PKRU: 55555554 [ 219.639974] Call Trace: [ 219.640220] [ 219.640439] __iommufd_access_detach+0x1c2/0x2b0 [ 219.640916] iommufd_access_change_pt+0x149/0x270 [ 219.641384] iommufd_access_replace+0xb4/0x120 [ 219.641835] iommufd_test+0x3e5/0x37e0 [ 219.642206] ? lock_release+0x532/0x770 [ 219.642625] ? __might_fault+0x102/0x1b0 [ 219.643038] ? lock_acquire+0x427/0x4c0 [ 219.643445] ? __pfx_iommufd_test+0x10/0x10 [ 219.643859] ? __pfx_lock_release+0x10/0x10 [ 219.644280] ? __pfx_lock_acquire+0x10/0x10 [ 219.644700] ? write_comp_data+0x2f/0x90 [ 219.645096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.645565] ? write_comp_data+0x2f/0x90 [ 219.645966] iommufd_fops_ioctl+0x37d/0x510 [ 219.646381] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.646882] ? write_comp_data+0x2f/0x90 [ 219.647300] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.647762] __x64_sys_ioctl+0x1a3/0x230 [ 219.648159] do_syscall_64+0x3b/0x90 [ 219.648520] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.649021] RIP: 0033:0x7f4b8743ee5d [ 219.649376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.651113] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.651854] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.652525] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.653193] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.653876] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.654583] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.655285] [ 219.655509] irq event stamp: 0 [ 219.655808] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.656400] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.657190] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.657974] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.658600] ---[ end trace 0000000000000000 ]--- [ 219.661664] ------------[ cut here ]------------ [ 219.662136] WARNING: CPU: 0 PID: 2098 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.663129] Modules linked in: [ 219.663441] CPU: 0 PID: 2098 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.664263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.665317] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.665787] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.667536] RSP: 0018:ffff888011df7bd0 EFLAGS: 00010246 [ 219.668048] RAX: 0000000000000000 RBX: ffff888017b530a8 RCX: 0000000000000000 [ 219.668721] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 219.669389] RBP: ffff888011df7be8 R08: ffffed1002f6a633 R09: ffffed1002f6a633 [ 219.670058] R10: ffff888017b53193 R11: ffffed1002f6a632 R12: ffff888013db8800 [ 219.670748] R13: ffff888017b531e8 R14: ffff888020976e00 R15: 0000000000000000 [ 219.671443] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.672204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.672754] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.673433] PKRU: 55555554 [ 219.673704] Call Trace: [ 219.673956] [ 219.674178] iommufd_access_destroy_object+0x65/0x170 [ 219.674722] iommufd_object_destroy_user+0x18e/0x220 [ 219.675223] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.675788] iommufd_access_destroy+0x43/0x70 [ 219.676224] iommufd_test_staccess_release+0x8d/0xd0 [ 219.676715] __fput+0x26d/0xa40 [ 219.677049] ____fput+0x1e/0x30 [ 219.677375] task_work_run+0x1a4/0x2d0 [ 219.677752] ? __pfx_task_work_run+0x10/0x10 [ 219.678181] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.678676] ? switch_task_namespaces+0xa9/0xe0 [ 219.679138] do_exit+0xb17/0x2ef0 [ 219.679468] ? lock_acquire+0x427/0x4c0 [ 219.679863] ? __pfx_lock_release+0x10/0x10 [ 219.680277] ? __kasan_check_write+0x18/0x20 [ 219.680697] ? do_raw_spin_lock+0x132/0x2a0 [ 219.681111] ? __pfx_do_exit+0x10/0x10 [ 219.681493] ? debug_smp_processor_id+0x20/0x30 [ 219.681943] ? rcu_is_watching+0x19/0xb0 [ 219.682333] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.682794] ? trace_hardirqs_on+0x26/0x120 [ 219.683224] do_group_exit+0xe0/0x2b0 [ 219.683593] __x64_sys_exit_group+0x47/0x50 [ 219.684004] do_syscall_64+0x3b/0x90 [ 219.684367] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.684870] RIP: 0033:0x7f4b87518a4d [ 219.685223] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.685810] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.686556] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.687245] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.687924] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.688607] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.689293] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.689992] [ 219.690221] irq event stamp: 0 [ 219.690580] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.691199] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.692006] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.692810] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.693423] ---[ end trace 0000000000000000 ]--- [ 219.694822] ------------[ cut here ]------------ [ 219.695313] WARNING: CPU: 0 PID: 2098 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.696350] Modules linked in: [ 219.696684] CPU: 0 PID: 2098 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.697582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.699500] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.700056] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.701931] RSP: 0018:ffff888011df7b78 EFLAGS: 00010246 [ 219.702483] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.703345] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 219.704266] RBP: ffff888011df7b98 R08: ffffed1002f6a63e R09: ffffed1002f6a63e [ 219.705002] R10: ffff888017b531ef R11: ffffed1002f6a63d R12: ffff888017b53290 [ 219.705733] R13: ffff888017b530a8 R14: ffffffffffffffff R15: ffff888011df7c60 [ 219.706469] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.707344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.708300] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.709040] PKRU: 55555554 [ 219.709338] Call Trace: [ 219.709604] [ 219.709838] iommufd_ioas_destroy+0x53/0x70 [ 219.710298] iommufd_fops_release+0x1f7/0x370 [ 219.710799] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.711342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.711858] ? write_comp_data+0x2f/0x90 [ 219.712287] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.712880] __fput+0x26d/0xa40 [ 219.713353] ____fput+0x1e/0x30 [ 219.713871] task_work_run+0x1a4/0x2d0 [ 219.714289] ? __pfx_task_work_run+0x10/0x10 [ 219.714773] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.715300] ? switch_task_namespaces+0xa9/0xe0 [ 219.715808] do_exit+0xb17/0x2ef0 [ 219.716174] ? lock_acquire+0x427/0x4c0 [ 219.716597] ? __pfx_lock_release+0x10/0x10 [ 219.717053] ? __kasan_check_write+0x18/0x20 [ 219.717520] ? do_raw_spin_lock+0x132/0x2a0 [ 219.718074] ? __pfx_do_exit+0x10/0x10 [ 219.718769] ? debug_smp_processor_id+0x20/0x30 [ 219.719286] ? rcu_is_watching+0x19/0xb0 [ 219.719713] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.720192] ? trace_hardirqs_on+0x26/0x120 [ 219.720651] do_group_exit+0xe0/0x2b0 [ 219.721056] __x64_sys_exit_group+0x47/0x50 [ 219.721511] do_syscall_64+0x3b/0x90 [ 219.721915] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.722584] RIP: 0033:0x7f4b87518a4d [ 219.723232] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.723869] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.724654] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.725399] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.726144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.726930] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.727929] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.728841] [ 219.729087] irq event stamp: 0 [ 219.729412] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.730074] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.730987] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.731863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.732905] ---[ end trace 0000000000000000 ]--- [ 219.739023] ------------[ cut here ]------------ [ 219.739580] WARNING: CPU: 0 PID: 2099 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.740625] Modules linked in: [ 219.740961] CPU: 0 PID: 2099 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.742576] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.743780] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.744299] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.746755] RSP: 0018:ffff88801483fbb8 EFLAGS: 00010246 [ 219.747321] RAX: 0000000000000000 RBX: ffff8880182960a8 RCX: 0000000000000000 [ 219.748048] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 219.748776] RBP: ffff88801483fbd0 R08: ffffed1003052c33 R09: ffffed1003052c33 [ 219.749509] R10: ffff888018296193 R11: ffffed1003052c32 R12: ffff888010e05000 [ 219.750255] R13: ffff8880182961e8 R14: ffffffff8352e670 R15: ffff88801483fe68 [ 219.751032] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.751894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.752496] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ef0 [ 219.753237] PKRU: 55555554 [ 219.753535] Call Trace: [ 219.753800] [ 219.754037] __iommufd_access_detach+0x1c2/0x2b0 [ 219.754572] iommufd_access_change_pt+0x149/0x270 [ 219.755091] iommufd_access_replace+0xb4/0x120 [ 219.755598] iommufd_test+0x3e5/0x37e0 [ 219.756006] ? lock_release+0x532/0x770 [ 219.756426] ? __might_fault+0x102/0x1b0 [ 219.756858] ? lock_acquire+0x427/0x4c0 [ 219.757280] ? __pfx_iommufd_test+0x10/0x10 [ 219.757736] ? __pfx_lock_release+0x10/0x10 [ 219.758195] ? __pfx_lock_acquire+0x10/0x10 [ 219.758692] ? write_comp_data+0x2f/0x90 [ 219.759133] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.759645] ? write_comp_data+0x2f/0x90 [ 219.760075] iommufd_fops_ioctl+0x37d/0x510 [ 219.760530] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.761053] ? write_comp_data+0x2f/0x90 [ 219.761491] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.762010] __x64_sys_ioctl+0x1a3/0x230 [ 219.762448] do_syscall_64+0x3b/0x90 [ 219.762889] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.763452] RIP: 0033:0x7f4b8743ee5d [ 219.763850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.765739] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.766568] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.767320] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.768067] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.768808] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.769543] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.770286] [ 219.770568] irq event stamp: 0 [ 219.770896] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.771575] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.772446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.773316] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.773972] ---[ end trace 0000000000000000 ]--- [ 219.777539] ------------[ cut here ]------------ [ 219.778063] WARNING: CPU: 0 PID: 2099 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.779661] Modules linked in: [ 219.780003] CPU: 0 PID: 2099 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.780900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.782048] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.782593] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.784773] RSP: 0018:ffff88801483fbd0 EFLAGS: 00010246 [ 219.785317] RAX: 0000000000000000 RBX: ffff8880182960a8 RCX: 0000000000000000 [ 219.786041] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 219.786809] RBP: ffff88801483fbe8 R08: ffffed1003052c33 R09: ffffed1003052c33 [ 219.787556] R10: ffff888018296193 R11: ffffed1003052c32 R12: ffff888010c48400 [ 219.788468] R13: ffff8880182961e8 R14: ffff8880103c4400 R15: 0000000000000000 [ 219.789339] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.790158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.790782] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.791517] PKRU: 55555554 [ 219.791808] Call Trace: [ 219.792073] [ 219.792357] iommufd_access_destroy_object+0x65/0x170 [ 219.793096] iommufd_object_destroy_user+0x18e/0x220 [ 219.793643] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.794242] iommufd_access_destroy+0x43/0x70 [ 219.794744] iommufd_test_staccess_release+0x8d/0xd0 [ 219.795285] __fput+0x26d/0xa40 [ 219.795647] ____fput+0x1e/0x30 [ 219.796001] task_work_run+0x1a4/0x2d0 [ 219.796409] ? __pfx_task_work_run+0x10/0x10 [ 219.796919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.797661] ? switch_task_namespaces+0xa9/0xe0 [ 219.798151] do_exit+0xb17/0x2ef0 [ 219.798548] ? lock_acquire+0x427/0x4c0 [ 219.798969] ? __pfx_lock_release+0x10/0x10 [ 219.799438] ? __kasan_check_write+0x18/0x20 [ 219.799898] ? do_raw_spin_lock+0x132/0x2a0 [ 219.800342] ? __pfx_do_exit+0x10/0x10 [ 219.800756] ? debug_smp_processor_id+0x20/0x30 [ 219.801340] ? rcu_is_watching+0x19/0xb0 [ 219.802006] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.802484] ? trace_hardirqs_on+0x26/0x120 [ 219.802978] do_group_exit+0xe0/0x2b0 [ 219.803390] __x64_sys_exit_group+0x47/0x50 [ 219.803832] do_syscall_64+0x3b/0x90 [ 219.804225] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.804775] RIP: 0033:0x7f4b87518a4d [ 219.805166] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.806013] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.806997] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.807751] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.808485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.809230] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.810275] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.811033] [ 219.811292] irq event stamp: 0 [ 219.811617] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.812266] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.813217] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.814333] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.815009] ---[ end trace 0000000000000000 ]--- [ 219.816642] ------------[ cut here ]------------ [ 219.817240] WARNING: CPU: 0 PID: 2099 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.818547] Modules linked in: [ 219.818887] CPU: 0 PID: 2099 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.819801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.821277] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.821936] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.823830] RSP: 0018:ffff88801483fb78 EFLAGS: 00010246 [ 219.824383] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.825111] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 219.825844] RBP: ffff88801483fb98 R08: ffffed1003052c3e R09: ffffed1003052c3e [ 219.826600] R10: ffff8880182961ef R11: ffffed1003052c3d R12: ffff888018296290 [ 219.827346] R13: ffff8880182960a8 R14: ffffffffffffffff R15: ffff88801483fc60 [ 219.828078] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.828902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.829498] CR2: 00007f82e2adf000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 219.830233] PKRU: 55555554 [ 219.830556] Call Trace: [ 219.830821] [ 219.831065] iommufd_ioas_destroy+0x53/0x70 [ 219.831544] iommufd_fops_release+0x1f7/0x370 [ 219.832020] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.832542] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.833051] ? write_comp_data+0x2f/0x90 [ 219.833482] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.834007] __fput+0x26d/0xa40 [ 219.834361] ____fput+0x1e/0x30 [ 219.834756] task_work_run+0x1a4/0x2d0 [ 219.835185] ? __pfx_task_work_run+0x10/0x10 [ 219.835652] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.836163] ? switch_task_namespaces+0xa9/0xe0 [ 219.836662] do_exit+0xb17/0x2ef0 [ 219.837023] ? lock_acquire+0x427/0x4c0 [ 219.837454] ? __pfx_lock_release+0x10/0x10 [ 219.837914] ? __kasan_check_write+0x18/0x20 [ 219.838381] ? do_raw_spin_lock+0x132/0x2a0 [ 219.838882] ? __pfx_do_exit+0x10/0x10 [ 219.839313] ? debug_smp_processor_id+0x20/0x30 [ 219.839800] ? rcu_is_watching+0x19/0xb0 [ 219.840226] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.840698] ? trace_hardirqs_on+0x26/0x120 [ 219.841160] do_group_exit+0xe0/0x2b0 [ 219.841559] __x64_sys_exit_group+0x47/0x50 [ 219.842005] do_syscall_64+0x3b/0x90 [ 219.842402] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.842983] RIP: 0033:0x7f4b87518a4d [ 219.843390] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.844023] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.844800] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.845533] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.846266] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.847036] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.847779] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.848530] [ 219.848773] irq event stamp: 0 [ 219.849103] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.849759] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.850650] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.851523] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.852174] ---[ end trace 0000000000000000 ]--- [ 219.857578] ------------[ cut here ]------------ [ 219.858431] WARNING: CPU: 0 PID: 2100 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.859543] Modules linked in: [ 219.859871] CPU: 0 PID: 2100 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.860763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.862720] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.863268] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.865121] RSP: 0018:ffff888011df7bb8 EFLAGS: 00010246 [ 219.865665] RAX: 0000000000000000 RBX: ffff888012edd0a8 RCX: 0000000000000000 [ 219.866398] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 219.867178] RBP: ffff888011df7bd0 R08: ffffed10025dba33 R09: ffffed10025dba33 [ 219.867912] R10: ffff888012edd193 R11: ffffed10025dba32 R12: ffff88800f108400 [ 219.868642] R13: ffff888012edd1e8 R14: ffffffff8352e670 R15: ffff888011df7e68 [ 219.869374] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.870197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.870819] CR2: 00007f4b877410e8 CR3: 000000001452e000 CR4: 0000000000750ef0 [ 219.871570] PKRU: 55555554 [ 219.871862] Call Trace: [ 219.872126] [ 219.872357] __iommufd_access_detach+0x1c2/0x2b0 [ 219.872859] iommufd_access_change_pt+0x149/0x270 [ 219.873367] iommufd_access_replace+0xb4/0x120 [ 219.873858] iommufd_test+0x3e5/0x37e0 [ 219.874265] ? lock_release+0x532/0x770 [ 219.874728] ? __might_fault+0x102/0x1b0 [ 219.875180] ? lock_acquire+0x427/0x4c0 [ 219.875603] ? __pfx_iommufd_test+0x10/0x10 [ 219.876049] ? __pfx_lock_release+0x10/0x10 [ 219.876500] ? __pfx_lock_acquire+0x10/0x10 [ 219.876956] ? write_comp_data+0x2f/0x90 [ 219.877391] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.877907] ? write_comp_data+0x2f/0x90 [ 219.878341] iommufd_fops_ioctl+0x37d/0x510 [ 219.878829] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.879350] ? write_comp_data+0x2f/0x90 [ 219.879786] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 219.880290] __x64_sys_ioctl+0x1a3/0x230 [ 219.880726] do_syscall_64+0x3b/0x90 [ 219.881126] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.881670] RIP: 0033:0x7f4b8743ee5d [ 219.882062] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 219.884005] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 219.884809] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 219.885562] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 219.886308] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 219.887091] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 219.887856] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 219.888610] [ 219.888853] irq event stamp: 0 [ 219.889183] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.889840] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.890762] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.891650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.892307] ---[ end trace 0000000000000000 ]--- [ 219.896121] ------------[ cut here ]------------ [ 219.896646] WARNING: CPU: 0 PID: 2100 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.897783] Modules linked in: [ 219.898240] CPU: 0 PID: 2100 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.899470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.900639] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.901161] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.903662] RSP: 0018:ffff888011df7bd0 EFLAGS: 00010246 [ 219.904223] RAX: 0000000000000000 RBX: ffff888012edd0a8 RCX: 0000000000000000 [ 219.904959] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 219.906309] RBP: ffff888011df7be8 R08: ffffed10025dba33 R09: ffffed10025dba33 [ 219.907089] R10: ffff888012edd193 R11: ffffed10025dba32 R12: ffff888010e04400 [ 219.907855] R13: ffff888012edd1e8 R14: ffff88801208c900 R15: 0000000000000000 [ 219.908591] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.909430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.910415] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.911214] PKRU: 55555554 [ 219.911506] Call Trace: [ 219.911775] [ 219.912011] iommufd_access_destroy_object+0x65/0x170 [ 219.912556] iommufd_object_destroy_user+0x18e/0x220 [ 219.913095] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 219.913709] iommufd_access_destroy+0x43/0x70 [ 219.914294] iommufd_test_staccess_release+0x8d/0xd0 [ 219.915490] __fput+0x26d/0xa40 [ 219.915993] ____fput+0x1e/0x30 [ 219.916461] task_work_run+0x1a4/0x2d0 [ 219.917002] ? __pfx_task_work_run+0x10/0x10 [ 219.917597] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.918260] ? switch_task_namespaces+0xa9/0xe0 [ 219.919216] do_exit+0xb17/0x2ef0 [ 219.919990] ? lock_acquire+0x427/0x4c0 [ 219.920581] ? __pfx_lock_release+0x10/0x10 [ 219.921175] ? __kasan_check_write+0x18/0x20 [ 219.921764] ? do_raw_spin_lock+0x132/0x2a0 [ 219.922337] ? __pfx_do_exit+0x10/0x10 [ 219.922939] ? debug_smp_processor_id+0x20/0x30 [ 219.923650] ? rcu_is_watching+0x19/0xb0 [ 219.924671] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.925310] ? trace_hardirqs_on+0x26/0x120 [ 219.925900] do_group_exit+0xe0/0x2b0 [ 219.926410] __x64_sys_exit_group+0x47/0x50 [ 219.927060] do_syscall_64+0x3b/0x90 [ 219.928080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.928811] RIP: 0033:0x7f4b87518a4d [ 219.929316] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.930118] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.931202] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.932456] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.933413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.934351] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.935396] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.936679] [ 219.936939] irq event stamp: 0 [ 219.937268] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.937920] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.938833] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.939732] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.940608] ---[ end trace 0000000000000000 ]--- [ 219.941968] ------------[ cut here ]------------ [ 219.942463] WARNING: CPU: 0 PID: 2100 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 219.943551] Modules linked in: [ 219.943885] CPU: 0 PID: 2100 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.944940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.946600] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 219.947151] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 219.949031] RSP: 0018:ffff888011df7b78 EFLAGS: 00010246 [ 219.949785] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 219.950939] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 219.951706] RBP: ffff888011df7b98 R08: ffffed10025dba3e R09: ffffed10025dba3e [ 219.952437] R10: ffff888012edd1ef R11: ffffed10025dba3d R12: ffff888012edd290 [ 219.953172] R13: ffff888012edd0a8 R14: ffffffffffffffff R15: ffff888011df7c60 [ 219.954627] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 219.955492] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 219.956088] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 219.956818] PKRU: 55555554 [ 219.957110] Call Trace: [ 219.957378] [ 219.957681] iommufd_ioas_destroy+0x53/0x70 [ 219.958743] iommufd_fops_release+0x1f7/0x370 [ 219.959251] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.959764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.960273] ? write_comp_data+0x2f/0x90 [ 219.960701] ? __pfx_iommufd_fops_release+0x10/0x10 [ 219.961275] __fput+0x26d/0xa40 [ 219.961755] ____fput+0x1e/0x30 [ 219.962632] task_work_run+0x1a4/0x2d0 [ 219.963060] ? __pfx_task_work_run+0x10/0x10 [ 219.963544] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 219.964050] ? switch_task_namespaces+0xa9/0xe0 [ 219.964540] do_exit+0xb17/0x2ef0 [ 219.964899] ? lock_acquire+0x427/0x4c0 [ 219.965417] ? __pfx_lock_release+0x10/0x10 [ 219.966411] ? __kasan_check_write+0x18/0x20 [ 219.966921] ? do_raw_spin_lock+0x132/0x2a0 [ 219.967400] ? __pfx_do_exit+0x10/0x10 [ 219.967810] ? debug_smp_processor_id+0x20/0x30 [ 219.968293] ? rcu_is_watching+0x19/0xb0 [ 219.968717] ? _raw_spin_unlock_irq+0x2b/0x60 [ 219.969227] ? trace_hardirqs_on+0x26/0x120 [ 219.970030] do_group_exit+0xe0/0x2b0 [ 219.970431] __x64_sys_exit_group+0x47/0x50 [ 219.970900] do_syscall_64+0x3b/0x90 [ 219.971317] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 219.971863] RIP: 0033:0x7f4b87518a4d [ 219.972249] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 219.972889] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 219.973972] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 219.974886] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 219.975639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 219.976374] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 219.977147] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 219.978175] [ 219.978426] irq event stamp: 0 [ 219.978802] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 219.979497] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 219.980368] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 219.981502] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 219.982309] ---[ end trace 0000000000000000 ]--- [ 219.989450] ------------[ cut here ]------------ [ 219.990712] WARNING: CPU: 0 PID: 2101 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 219.991784] Modules linked in: [ 219.992116] CPU: 0 PID: 2101 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 219.993010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 219.994315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 219.995163] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 219.997031] RSP: 0018:ffff888020d0fbb8 EFLAGS: 00010246 [ 219.997586] RAX: 0000000000000000 RBX: ffff888010b9d8a8 RCX: 0000000000000000 [ 219.998324] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 219.999103] RBP: ffff888020d0fbd0 R08: ffffed1002173b33 R09: ffffed1002173b33 [ 219.999856] R10: ffff888010b9d993 R11: ffffed1002173b32 R12: ffff888012e94c00 [ 220.000587] R13: ffff888010b9d9e8 R14: ffffffff8352e670 R15: ffff888020d0fe68 [ 220.001318] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.002162] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.002788] CR2: 0000000020000140 CR3: 00000000148a4000 CR4: 0000000000750ef0 [ 220.003547] PKRU: 55555554 [ 220.003840] Call Trace: [ 220.004103] [ 220.004342] __iommufd_access_detach+0x1c2/0x2b0 [ 220.004854] iommufd_access_change_pt+0x149/0x270 [ 220.005362] iommufd_access_replace+0xb4/0x120 [ 220.005843] iommufd_test+0x3e5/0x37e0 [ 220.006247] ? lock_release+0x532/0x770 [ 220.006704] ? __might_fault+0x102/0x1b0 [ 220.007152] ? lock_acquire+0x427/0x4c0 [ 220.007574] ? __pfx_iommufd_test+0x10/0x10 [ 220.008021] ? __pfx_lock_release+0x10/0x10 [ 220.008480] ? __pfx_lock_acquire+0x10/0x10 [ 220.008946] ? write_comp_data+0x2f/0x90 [ 220.009379] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.009892] ? write_comp_data+0x2f/0x90 [ 220.010328] iommufd_fops_ioctl+0x37d/0x510 [ 220.010832] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.011374] ? write_comp_data+0x2f/0x90 [ 220.011810] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.012322] __x64_sys_ioctl+0x1a3/0x230 [ 220.012755] do_syscall_64+0x3b/0x90 [ 220.013152] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.013704] RIP: 0033:0x7f4b8743ee5d [ 220.014096] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.016044] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.016852] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.017584] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.018337] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.019109] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.019862] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.020625] [ 220.020866] irq event stamp: 0 [ 220.021196] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.021847] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.022744] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.023630] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.024281] ---[ end trace 0000000000000000 ]--- [ 220.028017] ------------[ cut here ]------------ [ 220.028538] WARNING: CPU: 0 PID: 2101 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.029707] Modules linked in: [ 220.030344] CPU: 0 PID: 2101 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.031586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.032753] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.033270] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.035642] RSP: 0018:ffff888020d0fbd0 EFLAGS: 00010246 [ 220.036200] RAX: 0000000000000000 RBX: ffff888010b9d8a8 RCX: 0000000000000000 [ 220.036926] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 220.037656] RBP: ffff888020d0fbe8 R08: ffffed1002173b33 R09: ffffed1002173b33 [ 220.038383] R10: ffff888010b9d993 R11: ffffed1002173b32 R12: ffff88800f108000 [ 220.039158] R13: ffff888010b9d9e8 R14: ffff88800f9e5a00 R15: 0000000000000000 [ 220.039906] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.040739] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.041338] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 220.042077] PKRU: 55555554 [ 220.042369] Call Trace: [ 220.042667] [ 220.042909] iommufd_access_destroy_object+0x65/0x170 [ 220.043468] iommufd_object_destroy_user+0x18e/0x220 [ 220.044007] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.044623] iommufd_access_destroy+0x43/0x70 [ 220.045103] iommufd_test_staccess_release+0x8d/0xd0 [ 220.045645] __fput+0x26d/0xa40 [ 220.046002] ____fput+0x1e/0x30 [ 220.046357] task_work_run+0x1a4/0x2d0 [ 220.046809] ? __pfx_task_work_run+0x10/0x10 [ 220.047303] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.047835] ? switch_task_namespaces+0xa9/0xe0 [ 220.048338] do_exit+0xb17/0x2ef0 [ 220.048710] ? lock_acquire+0x427/0x4c0 [ 220.049136] ? __pfx_lock_release+0x10/0x10 [ 220.049593] ? __kasan_check_write+0x18/0x20 [ 220.050058] ? do_raw_spin_lock+0x132/0x2a0 [ 220.050540] ? __pfx_do_exit+0x10/0x10 [ 220.050958] ? debug_smp_processor_id+0x20/0x30 [ 220.051474] ? rcu_is_watching+0x19/0xb0 [ 220.051912] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.052404] ? trace_hardirqs_on+0x26/0x120 [ 220.052868] do_group_exit+0xe0/0x2b0 [ 220.053273] __x64_sys_exit_group+0x47/0x50 [ 220.053725] do_syscall_64+0x3b/0x90 [ 220.054126] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.054718] RIP: 0033:0x7f4b87518a4d [ 220.055114] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.055769] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.056567] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.057311] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.058057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.058831] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.059588] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.060340] [ 220.060584] irq event stamp: 0 [ 220.060912] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.061576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.062444] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.063371] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.064035] ---[ end trace 0000000000000000 ]--- [ 220.065146] ------------[ cut here ]------------ [ 220.066168] WARNING: CPU: 0 PID: 2101 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.067377] Modules linked in: [ 220.067712] CPU: 0 PID: 2101 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.068601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.069883] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.070962] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.072865] RSP: 0018:ffff888020d0fb78 EFLAGS: 00010246 [ 220.073408] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.074134] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 220.074893] RBP: ffff888020d0fb98 R08: ffffed1002173b3e R09: ffffed1002173b3e [ 220.075639] R10: ffff888010b9d9ef R11: ffffed1002173b3d R12: ffff888010b9da90 [ 220.076376] R13: ffff888010b9d8a8 R14: ffffffffffffffff R15: ffff888020d0fc60 [ 220.077104] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.077932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.078550] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 220.079310] PKRU: 55555554 [ 220.079607] Call Trace: [ 220.079872] [ 220.080109] iommufd_ioas_destroy+0x53/0x70 [ 220.080563] iommufd_fops_release+0x1f7/0x370 [ 220.081030] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.081546] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.082056] ? write_comp_data+0x2f/0x90 [ 220.082491] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.083062] __fput+0x26d/0xa40 [ 220.083446] ____fput+0x1e/0x30 [ 220.083801] task_work_run+0x1a4/0x2d0 [ 220.084217] ? __pfx_task_work_run+0x10/0x10 [ 220.084680] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.085190] ? switch_task_namespaces+0xa9/0xe0 [ 220.085684] do_exit+0xb17/0x2ef0 [ 220.086051] ? lock_acquire+0x427/0x4c0 [ 220.086479] ? __pfx_lock_release+0x10/0x10 [ 220.086971] ? __kasan_check_write+0x18/0x20 [ 220.087451] ? do_raw_spin_lock+0x132/0x2a0 [ 220.087898] ? __pfx_do_exit+0x10/0x10 [ 220.088313] ? debug_smp_processor_id+0x20/0x30 [ 220.088801] ? rcu_is_watching+0x19/0xb0 [ 220.089223] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.089695] ? trace_hardirqs_on+0x26/0x120 [ 220.090135] do_group_exit+0xe0/0x2b0 [ 220.090552] __x64_sys_exit_group+0x47/0x50 [ 220.090998] do_syscall_64+0x3b/0x90 [ 220.091405] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.091950] RIP: 0033:0x7f4b87518a4d [ 220.092339] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.092978] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.093768] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.094500] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.095265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.095998] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.096729] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.097467] [ 220.097710] irq event stamp: 0 [ 220.098035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.098700] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.099563] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.100421] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.101072] ---[ end trace 0000000000000000 ]--- [ 220.108388] ------------[ cut here ]------------ [ 220.109274] WARNING: CPU: 1 PID: 2102 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.110328] Modules linked in: [ 220.110721] CPU: 1 PID: 2102 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.112059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.113213] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.113826] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.115848] RSP: 0018:ffff888011df7bb8 EFLAGS: 00010246 [ 220.116476] RAX: 0000000000000000 RBX: ffff888015d280a8 RCX: 0000000000000000 [ 220.117304] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 220.118016] RBP: ffff888011df7bd0 R08: ffffed1002ba5033 R09: ffffed1002ba5033 [ 220.118863] R10: ffff888015d28193 R11: ffffed1002ba5032 R12: ffff88801226d400 [ 220.119694] R13: ffff888015d281e8 R14: ffffffff8352e670 R15: ffff888011df7e68 [ 220.120411] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.121264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.122013] CR2: 0000000020000140 CR3: 00000000148a4000 CR4: 0000000000750ee0 [ 220.122759] PKRU: 55555554 [ 220.123048] Call Trace: [ 220.123323] [ 220.123561] __iommufd_access_detach+0x1c2/0x2b0 [ 220.124276] iommufd_access_change_pt+0x149/0x270 [ 220.124775] iommufd_access_replace+0xb4/0x120 [ 220.125250] iommufd_test+0x3e5/0x37e0 [ 220.125644] ? lock_release+0x532/0x770 [ 220.126132] ? __might_fault+0x102/0x1b0 [ 220.126706] ? lock_acquire+0x427/0x4c0 [ 220.127128] ? __pfx_iommufd_test+0x10/0x10 [ 220.127574] ? __pfx_lock_release+0x10/0x10 [ 220.128023] ? __pfx_lock_acquire+0x10/0x10 [ 220.128471] ? write_comp_data+0x2f/0x90 [ 220.129003] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.129566] ? write_comp_data+0x2f/0x90 [ 220.129990] iommufd_fops_ioctl+0x37d/0x510 [ 220.130430] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.130987] ? write_comp_data+0x2f/0x90 [ 220.131568] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.132064] __x64_sys_ioctl+0x1a3/0x230 [ 220.132491] do_syscall_64+0x3b/0x90 [ 220.132880] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.133427] RIP: 0033:0x7f4b8743ee5d [ 220.133924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.135954] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.136933] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.137648] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.138365] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.139335] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.140061] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.140790] [ 220.141032] irq event stamp: 0 [ 220.141451] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.142194] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.143081] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.144056] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.144796] ---[ end trace 0000000000000000 ]--- [ 220.148099] ------------[ cut here ]------------ [ 220.148822] WARNING: CPU: 1 PID: 2102 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.149849] Modules linked in: [ 220.150176] CPU: 1 PID: 2102 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.151354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.152526] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.153034] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.155158] RSP: 0018:ffff888011df7bd0 EFLAGS: 00010246 [ 220.155828] RAX: 0000000000000000 RBX: ffff888015d280a8 RCX: 0000000000000000 [ 220.156665] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 220.157392] RBP: ffff888011df7be8 R08: ffffed1002ba5033 R09: ffffed1002ba5033 [ 220.158208] R10: ffff888015d28193 R11: ffffed1002ba5032 R12: ffff88800fcb1c00 [ 220.159049] R13: ffff888015d281e8 R14: ffff888012152a00 R15: 0000000000000000 [ 220.159791] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.160621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.161361] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.162078] PKRU: 55555554 [ 220.162371] Call Trace: [ 220.162689] [ 220.162923] iommufd_access_destroy_object+0x65/0x170 [ 220.163576] iommufd_object_destroy_user+0x18e/0x220 [ 220.164187] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.164790] iommufd_access_destroy+0x43/0x70 [ 220.165256] iommufd_test_staccess_release+0x8d/0xd0 [ 220.165971] __fput+0x26d/0xa40 [ 220.166327] ____fput+0x1e/0x30 [ 220.166706] task_work_run+0x1a4/0x2d0 [ 220.167127] ? __pfx_task_work_run+0x10/0x10 [ 220.167575] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.168078] ? switch_task_namespaces+0xa9/0xe0 [ 220.168748] do_exit+0xb17/0x2ef0 [ 220.169099] ? lock_acquire+0x427/0x4c0 [ 220.169519] ? __pfx_lock_release+0x10/0x10 [ 220.169968] ? __kasan_check_write+0x18/0x20 [ 220.170465] ? do_raw_spin_lock+0x132/0x2a0 [ 220.171063] ? __pfx_do_exit+0x10/0x10 [ 220.171483] ? debug_smp_processor_id+0x20/0x30 [ 220.171960] ? rcu_is_watching+0x19/0xb0 [ 220.172380] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.172837] ? trace_hardirqs_on+0x26/0x120 [ 220.173389] do_group_exit+0xe0/0x2b0 [ 220.173852] __x64_sys_exit_group+0x47/0x50 [ 220.174298] do_syscall_64+0x3b/0x90 [ 220.174727] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.175267] RIP: 0033:0x7f4b87518a4d [ 220.175649] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.176482] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.177263] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.177986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.178995] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.179742] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.180457] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.181378] [ 220.181617] irq event stamp: 0 [ 220.181940] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.182594] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.183490] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.184425] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.185073] ---[ end trace 0000000000000000 ]--- [ 220.185955] ------------[ cut here ]------------ [ 220.186438] WARNING: CPU: 1 PID: 2102 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.187509] Modules linked in: [ 220.187833] CPU: 1 PID: 2102 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.188919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.190047] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.190714] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.192544] RSP: 0018:ffff888011df7b78 EFLAGS: 00010246 [ 220.193208] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.193981] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 220.194720] RBP: ffff888011df7b98 R08: ffffed1002ba503e R09: ffffed1002ba503e [ 220.195558] R10: ffff888015d281ef R11: ffffed1002ba503d R12: ffff888015d28290 [ 220.196296] R13: ffff888015d280a8 R14: ffffffffffffffff R15: ffff888011df7c60 [ 220.196969] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.197884] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.198426] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.199136] PKRU: 55555554 [ 220.199413] Call Trace: [ 220.199656] [ 220.199910] iommufd_ioas_destroy+0x53/0x70 [ 220.200429] iommufd_fops_release+0x1f7/0x370 [ 220.200859] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.201333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.201798] ? write_comp_data+0x2f/0x90 [ 220.202345] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.202846] __fput+0x26d/0xa40 [ 220.203194] ____fput+0x1e/0x30 [ 220.203516] task_work_run+0x1a4/0x2d0 [ 220.203897] ? __pfx_task_work_run+0x10/0x10 [ 220.204329] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.204981] ? switch_task_namespaces+0xa9/0xe0 [ 220.205435] do_exit+0xb17/0x2ef0 [ 220.205768] ? lock_acquire+0x427/0x4c0 [ 220.206150] ? __pfx_lock_release+0x10/0x10 [ 220.206655] ? __kasan_check_write+0x18/0x20 [ 220.207150] ? do_raw_spin_lock+0x132/0x2a0 [ 220.207563] ? __pfx_do_exit+0x10/0x10 [ 220.207947] ? debug_smp_processor_id+0x20/0x30 [ 220.208387] ? rcu_is_watching+0x19/0xb0 [ 220.208770] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.209300] ? trace_hardirqs_on+0x26/0x120 [ 220.209780] do_group_exit+0xe0/0x2b0 [ 220.210150] __x64_sys_exit_group+0x47/0x50 [ 220.210587] do_syscall_64+0x3b/0x90 [ 220.210955] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.211455] RIP: 0033:0x7f4b87518a4d [ 220.211947] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.212520] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.213227] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.214047] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.214750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.215428] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.216146] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.216899] [ 220.217118] irq event stamp: 0 [ 220.217413] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.218009] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.218978] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.219789] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.220385] ---[ end trace 0000000000000000 ]--- [ 220.225930] ------------[ cut here ]------------ [ 220.226403] WARNING: CPU: 0 PID: 2103 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.227385] Modules linked in: [ 220.227751] CPU: 0 PID: 2103 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.228676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.229825] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.230346] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.232111] RSP: 0018:ffff88801439fbb8 EFLAGS: 00010246 [ 220.232830] RAX: 0000000000000000 RBX: ffff8880184c40a8 RCX: 0000000000000000 [ 220.233492] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 220.234163] RBP: ffff88801439fbd0 R08: ffffed1003098833 R09: ffffed1003098833 [ 220.234866] R10: ffff8880184c4193 R11: ffffed1003098832 R12: ffff888013db9400 [ 220.235539] R13: ffff8880184c41e8 R14: ffffffff8352e670 R15: ffff88801439fe68 [ 220.236196] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.236921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.237443] CR2: 00007f4b877410e8 CR3: 000000001452e000 CR4: 0000000000750ef0 [ 220.238083] PKRU: 55555554 [ 220.238342] Call Trace: [ 220.238602] [ 220.238819] __iommufd_access_detach+0x1c2/0x2b0 [ 220.239276] iommufd_access_change_pt+0x149/0x270 [ 220.239699] iommufd_access_replace+0xb4/0x120 [ 220.240120] iommufd_test+0x3e5/0x37e0 [ 220.240477] ? lock_release+0x532/0x770 [ 220.240859] ? __might_fault+0x102/0x1b0 [ 220.241228] ? lock_acquire+0x427/0x4c0 [ 220.241578] ? __pfx_iommufd_test+0x10/0x10 [ 220.241949] ? __pfx_lock_release+0x10/0x10 [ 220.242325] ? __pfx_lock_acquire+0x10/0x10 [ 220.242728] ? write_comp_data+0x2f/0x90 [ 220.243091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.243527] ? write_comp_data+0x2f/0x90 [ 220.243890] iommufd_fops_ioctl+0x37d/0x510 [ 220.244268] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.244689] ? write_comp_data+0x2f/0x90 [ 220.245045] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.245463] __x64_sys_ioctl+0x1a3/0x230 [ 220.245825] do_syscall_64+0x3b/0x90 [ 220.246157] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.246623] RIP: 0033:0x7f4b8743ee5d [ 220.246947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.248495] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.249149] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.249757] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.250362] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.250994] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.251618] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.252237] [ 220.252438] irq event stamp: 0 [ 220.252709] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.253248] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.253964] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.254702] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.255251] ---[ end trace 0000000000000000 ]--- [ 220.258435] ------------[ cut here ]------------ [ 220.259157] WARNING: CPU: 0 PID: 2103 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.260159] Modules linked in: [ 220.260519] CPU: 0 PID: 2103 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.261262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.262223] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.262669] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.264235] RSP: 0018:ffff88801439fbd0 EFLAGS: 00010246 [ 220.264692] RAX: 0000000000000000 RBX: ffff8880184c40a8 RCX: 0000000000000000 [ 220.265302] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 220.265911] RBP: ffff88801439fbe8 R08: ffffed1003098833 R09: ffffed1003098833 [ 220.266537] R10: ffff8880184c4193 R11: ffffed1003098832 R12: ffff888012e96400 [ 220.267160] R13: ffff8880184c41e8 R14: ffff888018b86700 R15: 0000000000000000 [ 220.267773] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.268462] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.268960] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 220.269571] PKRU: 55555554 [ 220.269815] Call Trace: [ 220.270036] [ 220.270233] iommufd_access_destroy_object+0x65/0x170 [ 220.270711] iommufd_object_destroy_user+0x18e/0x220 [ 220.271166] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.271676] iommufd_access_destroy+0x43/0x70 [ 220.272076] iommufd_test_staccess_release+0x8d/0xd0 [ 220.272533] __fput+0x26d/0xa40 [ 220.272838] ____fput+0x1e/0x30 [ 220.273129] task_work_run+0x1a4/0x2d0 [ 220.273477] ? __pfx_task_work_run+0x10/0x10 [ 220.273865] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.274289] ? switch_task_namespaces+0xa9/0xe0 [ 220.274723] do_exit+0xb17/0x2ef0 [ 220.275025] ? lock_acquire+0x427/0x4c0 [ 220.275395] ? __pfx_lock_release+0x10/0x10 [ 220.275774] ? __kasan_check_write+0x18/0x20 [ 220.276160] ? do_raw_spin_lock+0x132/0x2a0 [ 220.276537] ? __pfx_do_exit+0x10/0x10 [ 220.276880] ? debug_smp_processor_id+0x20/0x30 [ 220.277284] ? rcu_is_watching+0x19/0xb0 [ 220.277634] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.278030] ? trace_hardirqs_on+0x26/0x120 [ 220.278407] do_group_exit+0xe0/0x2b0 [ 220.278760] __x64_sys_exit_group+0x47/0x50 [ 220.279139] do_syscall_64+0x3b/0x90 [ 220.279476] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.279934] RIP: 0033:0x7f4b87518a4d [ 220.280261] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.280793] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.281446] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.282080] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.282704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.283383] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.283985] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.284571] [ 220.284764] irq event stamp: 0 [ 220.285024] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.285539] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.286224] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.286928] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.287468] ---[ end trace 0000000000000000 ]--- [ 220.288330] ------------[ cut here ]------------ [ 220.288899] WARNING: CPU: 1 PID: 2103 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.289844] Modules linked in: [ 220.290143] CPU: 1 PID: 2103 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.291107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.292166] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.292733] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.294528] RSP: 0018:ffff88801439fb78 EFLAGS: 00010246 [ 220.295027] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.295706] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 220.296452] RBP: ffff88801439fb98 R08: ffffed100309883e R09: ffffed100309883e [ 220.297115] R10: ffff8880184c41ef R11: ffffed100309883d R12: ffff8880184c4290 [ 220.297787] R13: ffff8880184c40a8 R14: ffffffffffffffff R15: ffff88801439fc60 [ 220.298551] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.299305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.299926] CR2: 00007f82e2b06018 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 220.300595] PKRU: 55555554 [ 220.300859] Call Trace: [ 220.301098] [ 220.301310] iommufd_ioas_destroy+0x53/0x70 [ 220.301803] iommufd_fops_release+0x1f7/0x370 [ 220.302228] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.302721] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.303189] ? write_comp_data+0x2f/0x90 [ 220.303677] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.304150] __fput+0x26d/0xa40 [ 220.304473] ____fput+0x1e/0x30 [ 220.304792] task_work_run+0x1a4/0x2d0 [ 220.305187] ? __pfx_task_work_run+0x10/0x10 [ 220.305653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.306113] ? switch_task_namespaces+0xa9/0xe0 [ 220.306581] do_exit+0xb17/0x2ef0 [ 220.306934] ? lock_acquire+0x427/0x4c0 [ 220.307360] ? __pfx_lock_release+0x10/0x10 [ 220.307769] ? __kasan_check_write+0x18/0x20 [ 220.308181] ? do_raw_spin_lock+0x132/0x2a0 [ 220.308596] ? __pfx_do_exit+0x10/0x10 [ 220.309043] ? debug_smp_processor_id+0x20/0x30 [ 220.309483] ? rcu_is_watching+0x19/0xb0 [ 220.309866] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.310299] ? trace_hardirqs_on+0x26/0x120 [ 220.310729] do_group_exit+0xe0/0x2b0 [ 220.311087] __x64_sys_exit_group+0x47/0x50 [ 220.311493] do_syscall_64+0x3b/0x90 [ 220.311849] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.312338] RIP: 0033:0x7f4b87518a4d [ 220.312682] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.313250] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.313950] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.314630] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.315298] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.315955] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.316611] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.317276] [ 220.317490] irq event stamp: 0 [ 220.317782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.318360] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.319162] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.319931] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.320510] ---[ end trace 0000000000000000 ]--- [ 220.325526] ------------[ cut here ]------------ [ 220.326004] WARNING: CPU: 1 PID: 2104 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.327136] Modules linked in: [ 220.327439] CPU: 1 PID: 2104 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.328240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.329272] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.329730] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.331425] RSP: 0018:ffff8880170e7bb8 EFLAGS: 00010246 [ 220.331909] RAX: 0000000000000000 RBX: ffff88801893d8a8 RCX: 0000000000000000 [ 220.332546] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 220.333183] RBP: ffff8880170e7bd0 R08: ffffed1003127b33 R09: ffffed1003127b33 [ 220.333818] R10: ffff88801893d993 R11: ffffed1003127b32 R12: ffff888010e03400 [ 220.334456] R13: ffff88801893d9e8 R14: ffffffff8352e670 R15: ffff8880170e7e68 [ 220.335114] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.335847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.336365] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ee0 [ 220.337005] PKRU: 55555554 [ 220.337256] Call Trace: [ 220.337484] [ 220.337689] __iommufd_access_detach+0x1c2/0x2b0 [ 220.338128] iommufd_access_change_pt+0x149/0x270 [ 220.338591] iommufd_access_replace+0xb4/0x120 [ 220.339021] iommufd_test+0x3e5/0x37e0 [ 220.339395] ? lock_release+0x532/0x770 [ 220.339774] ? __might_fault+0x102/0x1b0 [ 220.340156] ? lock_acquire+0x427/0x4c0 [ 220.340530] ? __pfx_iommufd_test+0x10/0x10 [ 220.340927] ? __pfx_lock_release+0x10/0x10 [ 220.341340] ? __pfx_lock_acquire+0x10/0x10 [ 220.341751] ? write_comp_data+0x2f/0x90 [ 220.342136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.342621] ? write_comp_data+0x2f/0x90 [ 220.343011] iommufd_fops_ioctl+0x37d/0x510 [ 220.343424] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.343884] ? write_comp_data+0x2f/0x90 [ 220.344266] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.344703] __x64_sys_ioctl+0x1a3/0x230 [ 220.345082] do_syscall_64+0x3b/0x90 [ 220.345426] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.345910] RIP: 0033:0x7f4b8743ee5d [ 220.346256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.347868] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.348492] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.349076] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.349653] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.350221] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.350806] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.351397] [ 220.351587] irq event stamp: 0 [ 220.351845] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.352357] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.353024] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.353688] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.354174] ---[ end trace 0000000000000000 ]--- [ 220.356956] ------------[ cut here ]------------ [ 220.357365] WARNING: CPU: 1 PID: 2104 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.358163] Modules linked in: [ 220.358419] CPU: 1 PID: 2104 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.359143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.360030] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.360427] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.361837] RSP: 0018:ffff8880170e7bd0 EFLAGS: 00010246 [ 220.362256] RAX: 0000000000000000 RBX: ffff88801893d8a8 RCX: 0000000000000000 [ 220.362831] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 220.363388] RBP: ffff8880170e7be8 R08: ffffed1003127b33 R09: ffffed1003127b33 [ 220.363927] R10: ffff88801893d993 R11: ffffed1003127b32 R12: ffff88801226c800 [ 220.364468] R13: ffff88801893d9e8 R14: ffff888011d6dd00 R15: 0000000000000000 [ 220.365017] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.365645] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.366087] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.366646] PKRU: 55555554 [ 220.366865] Call Trace: [ 220.367062] [ 220.367243] iommufd_access_destroy_object+0x65/0x170 [ 220.367643] iommufd_object_destroy_user+0x18e/0x220 [ 220.368044] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.368497] iommufd_access_destroy+0x43/0x70 [ 220.368850] iommufd_test_staccess_release+0x8d/0xd0 [ 220.369244] __fput+0x26d/0xa40 [ 220.369515] ____fput+0x1e/0x30 [ 220.369783] task_work_run+0x1a4/0x2d0 [ 220.370095] ? __pfx_task_work_run+0x10/0x10 [ 220.370445] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.370861] ? switch_task_namespaces+0xa9/0xe0 [ 220.371269] do_exit+0xb17/0x2ef0 [ 220.371593] ? lock_acquire+0x427/0x4c0 [ 220.371917] ? __pfx_lock_release+0x10/0x10 [ 220.372259] ? __kasan_check_write+0x18/0x20 [ 220.372602] ? do_raw_spin_lock+0x132/0x2a0 [ 220.372934] ? __pfx_do_exit+0x10/0x10 [ 220.373246] ? debug_smp_processor_id+0x20/0x30 [ 220.373612] ? rcu_is_watching+0x19/0xb0 [ 220.373931] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.374291] ? trace_hardirqs_on+0x26/0x120 [ 220.374655] do_group_exit+0xe0/0x2b0 [ 220.374959] __x64_sys_exit_group+0x47/0x50 [ 220.375302] do_syscall_64+0x3b/0x90 [ 220.375605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.376015] RIP: 0033:0x7f4b87518a4d [ 220.376304] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.376779] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.377360] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.377910] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.378468] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.379044] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.379609] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.380169] [ 220.380354] irq event stamp: 0 [ 220.380600] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.381091] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.381739] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.382386] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.382883] ---[ end trace 0000000000000000 ]--- [ 220.383573] ------------[ cut here ]------------ [ 220.383939] WARNING: CPU: 1 PID: 2104 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.384731] Modules linked in: [ 220.384983] CPU: 1 PID: 2104 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.385657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.386531] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.386929] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.388340] RSP: 0018:ffff8880170e7b78 EFLAGS: 00010246 [ 220.388756] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.389305] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 220.389857] RBP: ffff8880170e7b98 R08: ffffed1003127b3e R09: ffffed1003127b3e [ 220.390413] R10: ffff88801893d9ef R11: ffffed1003127b3d R12: ffff88801893da90 [ 220.390985] R13: ffff88801893d8a8 R14: ffffffffffffffff R15: ffff8880170e7c60 [ 220.391543] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.392171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.392617] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.393160] PKRU: 55555554 [ 220.393377] Call Trace: [ 220.393574] [ 220.393753] iommufd_ioas_destroy+0x53/0x70 [ 220.394091] iommufd_fops_release+0x1f7/0x370 [ 220.394444] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.394851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.395240] ? write_comp_data+0x2f/0x90 [ 220.395565] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.395956] __fput+0x26d/0xa40 [ 220.396229] ____fput+0x1e/0x30 [ 220.396498] task_work_run+0x1a4/0x2d0 [ 220.396809] ? __pfx_task_work_run+0x10/0x10 [ 220.397154] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.397535] ? switch_task_namespaces+0xa9/0xe0 [ 220.397901] do_exit+0xb17/0x2ef0 [ 220.398172] ? lock_acquire+0x427/0x4c0 [ 220.398492] ? __pfx_lock_release+0x10/0x10 [ 220.398867] ? __kasan_check_write+0x18/0x20 [ 220.399221] ? do_raw_spin_lock+0x132/0x2a0 [ 220.399555] ? __pfx_do_exit+0x10/0x10 [ 220.399863] ? debug_smp_processor_id+0x20/0x30 [ 220.400224] ? rcu_is_watching+0x19/0xb0 [ 220.400541] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.400892] ? trace_hardirqs_on+0x26/0x120 [ 220.401228] do_group_exit+0xe0/0x2b0 [ 220.401519] __x64_sys_exit_group+0x47/0x50 [ 220.401848] do_syscall_64+0x3b/0x90 [ 220.402145] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.402567] RIP: 0033:0x7f4b87518a4d [ 220.402856] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.403328] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.403909] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.404455] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.405008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.405567] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.406112] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.406694] [ 220.406879] irq event stamp: 0 [ 220.407135] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.407621] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.408265] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.408912] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.409396] ---[ end trace 0000000000000000 ]--- [ 220.413807] ------------[ cut here ]------------ [ 220.414205] WARNING: CPU: 1 PID: 2105 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.414997] Modules linked in: [ 220.415252] CPU: 1 PID: 2105 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.415899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.416732] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.417106] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.418476] RSP: 0018:ffff888024527bb8 EFLAGS: 00010246 [ 220.418939] RAX: 0000000000000000 RBX: ffff8880104658a8 RCX: 0000000000000000 [ 220.419479] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 220.420005] RBP: ffff888024527bd0 R08: ffffed100208cb33 R09: ffffed100208cb33 [ 220.420534] R10: ffff888010465993 R11: ffffed100208cb32 R12: ffff888013e25400 [ 220.421062] R13: ffff8880104659e8 R14: ffffffff8352e670 R15: ffff888024527e68 [ 220.421591] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.422189] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.422643] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 220.423180] PKRU: 55555554 [ 220.423393] Call Trace: [ 220.423585] [ 220.423755] __iommufd_access_detach+0x1c2/0x2b0 [ 220.424121] iommufd_access_change_pt+0x149/0x270 [ 220.424491] iommufd_access_replace+0xb4/0x120 [ 220.424844] iommufd_test+0x3e5/0x37e0 [ 220.425138] ? lock_release+0x532/0x770 [ 220.425448] ? __might_fault+0x102/0x1b0 [ 220.425761] ? lock_acquire+0x427/0x4c0 [ 220.426067] ? __pfx_iommufd_test+0x10/0x10 [ 220.426390] ? __pfx_lock_release+0x10/0x10 [ 220.426739] ? __pfx_lock_acquire+0x10/0x10 [ 220.427074] ? write_comp_data+0x2f/0x90 [ 220.427392] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.427772] ? write_comp_data+0x2f/0x90 [ 220.428095] iommufd_fops_ioctl+0x37d/0x510 [ 220.428430] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.428808] ? write_comp_data+0x2f/0x90 [ 220.429129] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.429505] __x64_sys_ioctl+0x1a3/0x230 [ 220.429828] do_syscall_64+0x3b/0x90 [ 220.430125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.430544] RIP: 0033:0x7f4b8743ee5d [ 220.430829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.432224] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.432802] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.433340] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.433873] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.434407] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.434962] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.435519] [ 220.435699] irq event stamp: 0 [ 220.435939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.436416] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.437052] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.437682] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.438155] ---[ end trace 0000000000000000 ]--- [ 220.440996] ------------[ cut here ]------------ [ 220.441379] WARNING: CPU: 1 PID: 2105 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.442140] Modules linked in: [ 220.442384] CPU: 1 PID: 2105 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.443069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.443908] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.444282] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.445664] RSP: 0018:ffff888024527bd0 EFLAGS: 00010246 [ 220.446064] RAX: 0000000000000000 RBX: ffff8880104658a8 RCX: 0000000000000000 [ 220.446617] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 220.447156] RBP: ffff888024527be8 R08: ffffed100208cb33 R09: ffffed100208cb33 [ 220.447685] R10: ffff888010465993 R11: ffffed100208cb32 R12: ffff888010e03000 [ 220.448213] R13: ffff8880104659e8 R14: ffff888018b83600 R15: 0000000000000000 [ 220.448743] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.449339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.449778] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.450315] PKRU: 55555554 [ 220.450550] Call Trace: [ 220.450747] [ 220.450919] iommufd_access_destroy_object+0x65/0x170 [ 220.451314] iommufd_object_destroy_user+0x18e/0x220 [ 220.451703] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.452142] iommufd_access_destroy+0x43/0x70 [ 220.452491] iommufd_test_staccess_release+0x8d/0xd0 [ 220.452879] __fput+0x26d/0xa40 [ 220.453140] ____fput+0x1e/0x30 [ 220.453400] task_work_run+0x1a4/0x2d0 [ 220.453704] ? __pfx_task_work_run+0x10/0x10 [ 220.454046] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.454421] ? switch_task_namespaces+0xa9/0xe0 [ 220.454806] do_exit+0xb17/0x2ef0 [ 220.455075] ? lock_acquire+0x427/0x4c0 [ 220.455394] ? __pfx_lock_release+0x10/0x10 [ 220.455732] ? __kasan_check_write+0x18/0x20 [ 220.456077] ? do_raw_spin_lock+0x132/0x2a0 [ 220.456410] ? __pfx_do_exit+0x10/0x10 [ 220.456721] ? debug_smp_processor_id+0x20/0x30 [ 220.457081] ? rcu_is_watching+0x19/0xb0 [ 220.457394] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.457746] ? trace_hardirqs_on+0x26/0x120 [ 220.458076] do_group_exit+0xe0/0x2b0 [ 220.458365] __x64_sys_exit_group+0x47/0x50 [ 220.458710] do_syscall_64+0x3b/0x90 [ 220.459003] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.459410] RIP: 0033:0x7f4b87518a4d [ 220.459704] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.460545] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.461128] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.461668] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.462273] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.462912] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.463473] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.464086] [ 220.464333] irq event stamp: 0 [ 220.464579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.465068] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.465741] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.466464] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.466974] ---[ end trace 0000000000000000 ]--- [ 220.467679] ------------[ cut here ]------------ [ 220.468064] WARNING: CPU: 1 PID: 2105 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.468921] Modules linked in: [ 220.469173] CPU: 1 PID: 2105 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.469845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.470827] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.471231] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.472732] RSP: 0018:ffff888024527b78 EFLAGS: 00010246 [ 220.473143] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.473729] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 220.474335] RBP: ffff888024527b98 R08: ffffed100208cb3e R09: ffffed100208cb3e [ 220.474925] R10: ffff8880104659ef R11: ffffed100208cb3d R12: ffff888010465a90 [ 220.475493] R13: ffff8880104658a8 R14: ffffffffffffffff R15: ffff888024527c60 [ 220.476186] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.476831] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.477297] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.477982] PKRU: 55555554 [ 220.478215] Call Trace: [ 220.478420] [ 220.478626] iommufd_ioas_destroy+0x53/0x70 [ 220.478979] iommufd_fops_release+0x1f7/0x370 [ 220.479355] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.479788] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.480267] ? write_comp_data+0x2f/0x90 [ 220.480610] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.481016] __fput+0x26d/0xa40 [ 220.481300] ____fput+0x1e/0x30 [ 220.481600] task_work_run+0x1a4/0x2d0 [ 220.481998] ? __pfx_task_work_run+0x10/0x10 [ 220.482361] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.482787] ? switch_task_namespaces+0xa9/0xe0 [ 220.483179] do_exit+0xb17/0x2ef0 [ 220.483467] ? lock_acquire+0x427/0x4c0 [ 220.483797] ? __pfx_lock_release+0x10/0x10 [ 220.484257] ? __kasan_check_write+0x18/0x20 [ 220.484616] ? do_raw_spin_lock+0x132/0x2a0 [ 220.484967] ? __pfx_do_exit+0x10/0x10 [ 220.485289] ? debug_smp_processor_id+0x20/0x30 [ 220.485685] ? rcu_is_watching+0x19/0xb0 [ 220.486107] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.486477] ? trace_hardirqs_on+0x26/0x120 [ 220.486853] do_group_exit+0xe0/0x2b0 [ 220.487177] __x64_sys_exit_group+0x47/0x50 [ 220.487540] do_syscall_64+0x3b/0x90 [ 220.487871] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.488435] RIP: 0033:0x7f4b87518a4d [ 220.488755] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.489260] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.489913] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.490601] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.491211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.491800] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.492505] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.493103] [ 220.493302] irq event stamp: 0 [ 220.493562] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.494084] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.494905] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.495613] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.496134] ---[ end trace 0000000000000000 ]--- [ 220.499995] ------------[ cut here ]------------ [ 220.500432] WARNING: CPU: 1 PID: 2106 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.501431] Modules linked in: [ 220.501707] CPU: 1 PID: 2106 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.502455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.503618] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.504067] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.505769] RSP: 0018:ffff88801478fbb8 EFLAGS: 00010246 [ 220.506259] RAX: 0000000000000000 RBX: ffff8880209ed8a8 RCX: 0000000000000000 [ 220.506914] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 220.507569] RBP: ffff88801478fbd0 R08: ffffed100413db33 R09: ffffed100413db33 [ 220.508329] R10: ffff8880209ed993 R11: ffffed100413db32 R12: ffff888020e6a000 [ 220.508954] R13: ffff8880209ed9e8 R14: ffffffff8352e670 R15: ffff88801478fe68 [ 220.509578] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.510406] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.510943] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 220.511584] PKRU: 55555554 [ 220.511840] Call Trace: [ 220.512071] [ 220.512310] __iommufd_access_detach+0x1c2/0x2b0 [ 220.512913] iommufd_access_change_pt+0x149/0x270 [ 220.513397] iommufd_access_replace+0xb4/0x120 [ 220.513859] iommufd_test+0x3e5/0x37e0 [ 220.514242] ? lock_release+0x532/0x770 [ 220.514807] ? __might_fault+0x102/0x1b0 [ 220.515233] ? lock_acquire+0x427/0x4c0 [ 220.515640] ? __pfx_iommufd_test+0x10/0x10 [ 220.516069] ? __pfx_lock_release+0x10/0x10 [ 220.516527] ? __pfx_lock_acquire+0x10/0x10 [ 220.517054] ? write_comp_data+0x2f/0x90 [ 220.517576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.518079] ? write_comp_data+0x2f/0x90 [ 220.518545] iommufd_fops_ioctl+0x37d/0x510 [ 220.518994] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.519574] ? write_comp_data+0x2f/0x90 [ 220.520085] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.520580] __x64_sys_ioctl+0x1a3/0x230 [ 220.521009] do_syscall_64+0x3b/0x90 [ 220.521406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.522083] RIP: 0033:0x7f4b8743ee5d [ 220.522466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.524508] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.525283] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.525995] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.526905] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.527663] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.528411] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.529313] [ 220.529563] irq event stamp: 0 [ 220.529892] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.530583] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.531534] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.532482] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.533138] ---[ end trace 0000000000000000 ]--- [ 220.536361] ------------[ cut here ]------------ [ 220.537032] WARNING: CPU: 1 PID: 2106 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.538126] Modules linked in: [ 220.538786] CPU: 1 PID: 2106 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.539769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.540995] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.541656] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.543844] RSP: 0018:ffff88801478fbd0 EFLAGS: 00010246 [ 220.544542] RAX: 0000000000000000 RBX: ffff8880209ed8a8 RCX: 0000000000000000 [ 220.545318] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 220.546079] RBP: ffff88801478fbe8 R08: ffffed100413db33 R09: ffffed100413db33 [ 220.547081] R10: ffff8880209ed993 R11: ffffed100413db32 R12: ffff888013e27400 [ 220.547888] R13: ffff8880209ed9e8 R14: ffff8880103c4800 R15: 0000000000000000 [ 220.548678] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.549758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.550400] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.551238] PKRU: 55555554 [ 220.551557] Call Trace: [ 220.551863] [ 220.552240] iommufd_access_destroy_object+0x65/0x170 [ 220.552818] iommufd_object_destroy_user+0x18e/0x220 [ 220.553371] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.554010] iommufd_access_destroy+0x43/0x70 [ 220.554719] iommufd_test_staccess_release+0x8d/0xd0 [ 220.555311] __fput+0x26d/0xa40 [ 220.555687] ____fput+0x1e/0x30 [ 220.556058] task_work_run+0x1a4/0x2d0 [ 220.556493] ? __pfx_task_work_run+0x10/0x10 [ 220.557038] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.557702] ? switch_task_namespaces+0xa9/0xe0 [ 220.558229] do_exit+0xb17/0x2ef0 [ 220.558685] ? lock_acquire+0x427/0x4c0 [ 220.559157] ? __pfx_lock_release+0x10/0x10 [ 220.559644] ? __kasan_check_write+0x18/0x20 [ 220.560320] ? do_raw_spin_lock+0x132/0x2a0 [ 220.560801] ? __pfx_do_exit+0x10/0x10 [ 220.561243] ? debug_smp_processor_id+0x20/0x30 [ 220.561763] ? rcu_is_watching+0x19/0xb0 [ 220.562316] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.562959] ? trace_hardirqs_on+0x26/0x120 [ 220.563463] do_group_exit+0xe0/0x2b0 [ 220.563884] __x64_sys_exit_group+0x47/0x50 [ 220.564355] do_syscall_64+0x3b/0x90 [ 220.564797] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.565514] RIP: 0033:0x7f4b87518a4d [ 220.565926] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.566638] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.567531] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.568439] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.569219] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.570185] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.570998] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.571809] [ 220.572067] irq event stamp: 0 [ 220.572443] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.573272] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.574199] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.575404] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.576129] ---[ end trace 0000000000000000 ]--- [ 220.577140] ------------[ cut here ]------------ [ 220.577782] WARNING: CPU: 1 PID: 2106 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.579153] Modules linked in: [ 220.579529] CPU: 1 PID: 2106 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.580711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.581990] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.582666] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.584721] RSP: 0018:ffff88801478fb78 EFLAGS: 00010246 [ 220.585306] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.586085] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 220.586911] RBP: ffff88801478fb98 R08: ffffed100413db3e R09: ffffed100413db3e [ 220.587715] R10: ffff8880209ed9ef R11: ffffed100413db3d R12: ffff8880209eda90 [ 220.588498] R13: ffff8880209ed8a8 R14: ffffffffffffffff R15: ffff88801478fc60 [ 220.589283] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.590168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.590854] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 220.591673] PKRU: 55555554 [ 220.591992] Call Trace: [ 220.592276] [ 220.592526] iommufd_ioas_destroy+0x53/0x70 [ 220.593014] iommufd_fops_release+0x1f7/0x370 [ 220.593521] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.594071] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.594651] ? write_comp_data+0x2f/0x90 [ 220.595132] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.595697] __fput+0x26d/0xa40 [ 220.596082] ____fput+0x1e/0x30 [ 220.596464] task_work_run+0x1a4/0x2d0 [ 220.596907] ? __pfx_task_work_run+0x10/0x10 [ 220.597402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.597957] ? switch_task_namespaces+0xa9/0xe0 [ 220.598485] do_exit+0xb17/0x2ef0 [ 220.598917] ? lock_acquire+0x427/0x4c0 [ 220.599384] ? __pfx_lock_release+0x10/0x10 [ 220.599877] ? __kasan_check_write+0x18/0x20 [ 220.600385] ? do_raw_spin_lock+0x132/0x2a0 [ 220.600887] ? __pfx_do_exit+0x10/0x10 [ 220.601333] ? debug_smp_processor_id+0x20/0x30 [ 220.601850] ? rcu_is_watching+0x19/0xb0 [ 220.602305] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.602848] ? trace_hardirqs_on+0x26/0x120 [ 220.603362] do_group_exit+0xe0/0x2b0 [ 220.603792] __x64_sys_exit_group+0x47/0x50 [ 220.604270] do_syscall_64+0x3b/0x90 [ 220.604698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.605276] RIP: 0033:0x7f4b87518a4d [ 220.605691] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.606374] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.607270] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.608069] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.608860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.609650] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.610439] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.611296] [ 220.611568] irq event stamp: 0 [ 220.611925] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.612622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.613534] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.614443] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.615182] ---[ end trace 0000000000000000 ]--- [ 220.620291] ------------[ cut here ]------------ [ 220.620871] WARNING: CPU: 1 PID: 2107 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.621961] Modules linked in: [ 220.622310] CPU: 1 PID: 2107 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.623492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.624729] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.625274] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.627294] RSP: 0018:ffff88801855fbb8 EFLAGS: 00010246 [ 220.627884] RAX: 0000000000000000 RBX: ffff888015d2a0a8 RCX: 0000000000000000 [ 220.628660] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 220.629431] RBP: ffff88801855fbd0 R08: ffffed1002ba5433 R09: ffffed1002ba5433 [ 220.630211] R10: ffff888015d2a193 R11: ffffed1002ba5432 R12: ffff88801422c400 [ 220.631014] R13: ffff888015d2a1e8 R14: ffffffff8352e670 R15: ffff88801855fe68 [ 220.631806] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.632698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.633335] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 220.634119] PKRU: 55555554 [ 220.634456] Call Trace: [ 220.634762] [ 220.635012] __iommufd_access_detach+0x1c2/0x2b0 [ 220.635567] iommufd_access_change_pt+0x149/0x270 [ 220.636097] iommufd_access_replace+0xb4/0x120 [ 220.636605] iommufd_test+0x3e5/0x37e0 [ 220.637032] ? lock_release+0x532/0x770 [ 220.637481] ? __might_fault+0x102/0x1b0 [ 220.637935] ? lock_acquire+0x427/0x4c0 [ 220.638380] ? __pfx_iommufd_test+0x10/0x10 [ 220.638879] ? __pfx_lock_release+0x10/0x10 [ 220.639377] ? __pfx_lock_acquire+0x10/0x10 [ 220.639857] ? write_comp_data+0x2f/0x90 [ 220.640310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.640834] ? write_comp_data+0x2f/0x90 [ 220.641283] iommufd_fops_ioctl+0x37d/0x510 [ 220.641749] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.642269] ? write_comp_data+0x2f/0x90 [ 220.642739] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.643285] __x64_sys_ioctl+0x1a3/0x230 [ 220.643736] do_syscall_64+0x3b/0x90 [ 220.644152] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.644716] RIP: 0033:0x7f4b8743ee5d [ 220.645122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.647148] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.647989] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.648765] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.649535] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.650301] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.651100] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.651908] [ 220.652171] irq event stamp: 0 [ 220.652517] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.653206] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.654111] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.655052] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.655769] ---[ end trace 0000000000000000 ]--- [ 220.658995] ------------[ cut here ]------------ [ 220.659565] WARNING: CPU: 1 PID: 2107 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.660652] Modules linked in: [ 220.661001] CPU: 1 PID: 2107 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.661943] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.663219] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.663777] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.665753] RSP: 0018:ffff88801855fbd0 EFLAGS: 00010246 [ 220.666332] RAX: 0000000000000000 RBX: ffff888015d2a0a8 RCX: 0000000000000000 [ 220.667147] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 220.667935] RBP: ffff88801855fbe8 R08: ffffed1002ba5433 R09: ffffed1002ba5433 [ 220.668710] R10: ffff888015d2a193 R11: ffffed1002ba5432 R12: ffff888020e6b800 [ 220.669479] R13: ffff888015d2a1e8 R14: ffff888014474f00 R15: 0000000000000000 [ 220.670256] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.671163] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.671805] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.672583] PKRU: 55555554 [ 220.672889] Call Trace: [ 220.673164] [ 220.673411] iommufd_access_destroy_object+0x65/0x170 [ 220.673977] iommufd_object_destroy_user+0x18e/0x220 [ 220.674567] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.675227] iommufd_access_destroy+0x43/0x70 [ 220.675727] iommufd_test_staccess_release+0x8d/0xd0 [ 220.676298] __fput+0x26d/0xa40 [ 220.676678] ____fput+0x1e/0x30 [ 220.677049] task_work_run+0x1a4/0x2d0 [ 220.677475] ? __pfx_task_work_run+0x10/0x10 [ 220.677954] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.678487] ? switch_task_namespaces+0xa9/0xe0 [ 220.679022] do_exit+0xb17/0x2ef0 [ 220.679394] ? lock_acquire+0x427/0x4c0 [ 220.679817] ? __pfx_lock_release+0x10/0x10 [ 220.680261] ? __kasan_check_write+0x18/0x20 [ 220.680718] ? do_raw_spin_lock+0x132/0x2a0 [ 220.681167] ? __pfx_do_exit+0x10/0x10 [ 220.681579] ? debug_smp_processor_id+0x20/0x30 [ 220.682065] ? rcu_is_watching+0x19/0xb0 [ 220.682487] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.683005] ? trace_hardirqs_on+0x26/0x120 [ 220.683477] do_group_exit+0xe0/0x2b0 [ 220.683871] __x64_sys_exit_group+0x47/0x50 [ 220.684324] do_syscall_64+0x3b/0x90 [ 220.684726] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.685274] RIP: 0033:0x7f4b87518a4d [ 220.685658] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.686289] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.687103] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.687855] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.688586] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.689322] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.690056] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.690842] [ 220.691091] irq event stamp: 0 [ 220.691438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.692090] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.692950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.693804] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.694453] ---[ end trace 0000000000000000 ]--- [ 220.695365] ------------[ cut here ]------------ [ 220.695859] WARNING: CPU: 1 PID: 2107 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.696912] Modules linked in: [ 220.697243] CPU: 1 PID: 2107 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.698155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.699366] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.699901] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.701794] RSP: 0018:ffff88801855fb78 EFLAGS: 00010246 [ 220.702347] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.703110] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 220.703861] RBP: ffff88801855fb98 R08: ffffed1002ba543e R09: ffffed1002ba543e [ 220.704595] R10: ffff888015d2a1ef R11: ffffed1002ba543d R12: ffff888015d2a290 [ 220.705325] R13: ffff888015d2a0a8 R14: ffffffffffffffff R15: ffff88801855fc60 [ 220.706054] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.706920] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.707553] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 220.708283] PKRU: 55555554 [ 220.708571] Call Trace: [ 220.708835] [ 220.709068] iommufd_ioas_destroy+0x53/0x70 [ 220.709524] iommufd_fops_release+0x1f7/0x370 [ 220.709999] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.710549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.711066] ? write_comp_data+0x2f/0x90 [ 220.711505] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.712024] __fput+0x26d/0xa40 [ 220.712380] ____fput+0x1e/0x30 [ 220.712738] task_work_run+0x1a4/0x2d0 [ 220.713145] ? __pfx_task_work_run+0x10/0x10 [ 220.713600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.714113] ? switch_task_namespaces+0xa9/0xe0 [ 220.714637] do_exit+0xb17/0x2ef0 [ 220.715008] ? lock_acquire+0x427/0x4c0 [ 220.715443] ? __pfx_lock_release+0x10/0x10 [ 220.715893] ? __kasan_check_write+0x18/0x20 [ 220.716352] ? do_raw_spin_lock+0x132/0x2a0 [ 220.716803] ? __pfx_do_exit+0x10/0x10 [ 220.717213] ? debug_smp_processor_id+0x20/0x30 [ 220.717695] ? rcu_is_watching+0x19/0xb0 [ 220.718115] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.718618] ? trace_hardirqs_on+0x26/0x120 [ 220.719088] do_group_exit+0xe0/0x2b0 [ 220.719507] __x64_sys_exit_group+0x47/0x50 [ 220.719962] do_syscall_64+0x3b/0x90 [ 220.720359] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.720970] RIP: 0033:0x7f4b87518a4d [ 220.721563] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.722204] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.723028] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.723957] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.724709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.725452] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.726361] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.727212] [ 220.727459] irq event stamp: 0 [ 220.727759] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.728361] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.729299] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.730102] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.730788] ---[ end trace 0000000000000000 ]--- [ 220.735531] ------------[ cut here ]------------ [ 220.736203] WARNING: CPU: 1 PID: 2108 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.737245] Modules linked in: [ 220.737635] CPU: 1 PID: 2108 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.738677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.739850] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.740381] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.742382] RSP: 0018:ffff88801711fbb8 EFLAGS: 00010246 [ 220.743186] RAX: 0000000000000000 RBX: ffff888020f210a8 RCX: 0000000000000000 [ 220.743919] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 220.744647] RBP: ffff88801711fbd0 R08: ffffed10041e4233 R09: ffffed10041e4233 [ 220.745402] R10: ffff888020f21193 R11: ffffed10041e4232 R12: ffff88800f9f7800 [ 220.746268] R13: ffff888020f211e8 R14: ffffffff8352e670 R15: ffff88801711fe68 [ 220.747031] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.747904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.748655] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 220.749380] PKRU: 55555554 [ 220.749718] Call Trace: [ 220.750038] [ 220.750354] __iommufd_access_detach+0x1c2/0x2b0 [ 220.751019] iommufd_access_change_pt+0x149/0x270 [ 220.751555] iommufd_access_replace+0xb4/0x120 [ 220.752034] iommufd_test+0x3e5/0x37e0 [ 220.752434] ? lock_release+0x532/0x770 [ 220.752873] ? __might_fault+0x102/0x1b0 [ 220.753432] ? lock_acquire+0x427/0x4c0 [ 220.753852] ? __pfx_iommufd_test+0x10/0x10 [ 220.754296] ? __pfx_lock_release+0x10/0x10 [ 220.754777] ? __pfx_lock_acquire+0x10/0x10 [ 220.755241] ? write_comp_data+0x2f/0x90 [ 220.755771] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.756302] ? write_comp_data+0x2f/0x90 [ 220.756731] iommufd_fops_ioctl+0x37d/0x510 [ 220.757175] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.757701] ? write_comp_data+0x2f/0x90 [ 220.758249] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.758783] __x64_sys_ioctl+0x1a3/0x230 [ 220.759228] do_syscall_64+0x3b/0x90 [ 220.759622] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.760157] RIP: 0033:0x7f4b8743ee5d [ 220.760715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.762672] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.763529] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.764255] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.764987] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.765907] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.766669] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.767433] [ 220.767732] irq event stamp: 0 [ 220.768176] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.768832] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.769694] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.770905] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.771681] ---[ end trace 0000000000000000 ]--- [ 220.776653] ------------[ cut here ]------------ [ 220.777491] WARNING: CPU: 1 PID: 2108 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.778974] Modules linked in: [ 220.779386] CPU: 1 PID: 2108 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.780707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.782366] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.783115] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.785279] RSP: 0018:ffff88801711fbd0 EFLAGS: 00010246 [ 220.785842] RAX: 0000000000000000 RBX: ffff888020f210a8 RCX: 0000000000000000 [ 220.786621] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 220.787600] RBP: ffff88801711fbe8 R08: ffffed10041e4233 R09: ffffed10041e4233 [ 220.788352] R10: ffff888020f21193 R11: ffffed10041e4232 R12: ffff88801422ec00 [ 220.789108] R13: ffff888020f211e8 R14: ffff88800f02de00 R15: 0000000000000000 [ 220.790040] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.790927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.791556] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 220.792305] PKRU: 55555554 [ 220.792599] Call Trace: [ 220.792863] [ 220.793097] iommufd_access_destroy_object+0x65/0x170 [ 220.793638] iommufd_object_destroy_user+0x18e/0x220 [ 220.794169] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.794797] iommufd_access_destroy+0x43/0x70 [ 220.795298] iommufd_test_staccess_release+0x8d/0xd0 [ 220.795844] __fput+0x26d/0xa40 [ 220.796213] ____fput+0x1e/0x30 [ 220.796568] task_work_run+0x1a4/0x2d0 [ 220.796980] ? __pfx_task_work_run+0x10/0x10 [ 220.797441] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.797956] ? switch_task_namespaces+0xa9/0xe0 [ 220.798453] do_exit+0xb17/0x2ef0 [ 220.798852] ? lock_acquire+0x427/0x4c0 [ 220.799308] ? __pfx_lock_release+0x10/0x10 [ 220.799769] ? __kasan_check_write+0x18/0x20 [ 220.800241] ? do_raw_spin_lock+0x132/0x2a0 [ 220.800704] ? __pfx_do_exit+0x10/0x10 [ 220.801139] ? debug_smp_processor_id+0x20/0x30 [ 220.801635] ? rcu_is_watching+0x19/0xb0 [ 220.802055] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.802566] ? trace_hardirqs_on+0x26/0x120 [ 220.803037] do_group_exit+0xe0/0x2b0 [ 220.803457] __x64_sys_exit_group+0x47/0x50 [ 220.803916] do_syscall_64+0x3b/0x90 [ 220.804317] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.804866] RIP: 0033:0x7f4b87518a4d [ 220.805257] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.805894] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.806722] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.807493] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.808234] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.808971] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.809705] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.810457] [ 220.810735] irq event stamp: 0 [ 220.811070] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.811743] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.812613] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.813468] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.814122] ---[ end trace 0000000000000000 ]--- [ 220.815103] ------------[ cut here ]------------ [ 220.815677] WARNING: CPU: 0 PID: 2108 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.816714] Modules linked in: [ 220.817037] CPU: 0 PID: 2108 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.817924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.819178] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.819719] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.821580] RSP: 0018:ffff88801711fb78 EFLAGS: 00010246 [ 220.822128] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.822887] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 220.823637] RBP: ffff88801711fb98 R08: ffffed10041e423e R09: ffffed10041e423e [ 220.824367] R10: ffff888020f211ef R11: ffffed10041e423d R12: ffff888020f21290 [ 220.825088] R13: ffff888020f210a8 R14: ffffffffffffffff R15: ffff88801711fc60 [ 220.825810] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.826653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.827261] CR2: 00007f82e2b39030 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 220.827993] PKRU: 55555554 [ 220.828302] Call Trace: [ 220.828566] [ 220.828800] iommufd_ioas_destroy+0x53/0x70 [ 220.829256] iommufd_fops_release+0x1f7/0x370 [ 220.829736] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.830260] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.830801] ? write_comp_data+0x2f/0x90 [ 220.831251] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.831771] __fput+0x26d/0xa40 [ 220.832129] ____fput+0x1e/0x30 [ 220.832474] task_work_run+0x1a4/0x2d0 [ 220.832891] ? __pfx_task_work_run+0x10/0x10 [ 220.833349] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.833861] ? switch_task_namespaces+0xa9/0xe0 [ 220.834359] do_exit+0xb17/0x2ef0 [ 220.834741] ? lock_acquire+0x427/0x4c0 [ 220.835179] ? __pfx_lock_release+0x10/0x10 [ 220.835638] ? __kasan_check_write+0x18/0x20 [ 220.836091] ? do_raw_spin_lock+0x132/0x2a0 [ 220.836541] ? __pfx_do_exit+0x10/0x10 [ 220.836945] ? debug_smp_processor_id+0x20/0x30 [ 220.837428] ? rcu_is_watching+0x19/0xb0 [ 220.837850] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.838319] ? trace_hardirqs_on+0x26/0x120 [ 220.838791] do_group_exit+0xe0/0x2b0 [ 220.839191] __x64_sys_exit_group+0x47/0x50 [ 220.839602] do_syscall_64+0x3b/0x90 [ 220.839965] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.840461] RIP: 0033:0x7f4b87518a4d [ 220.840818] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.841394] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.842103] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.842798] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.843492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.844160] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.844831] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.845500] [ 220.845720] irq event stamp: 0 [ 220.846023] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.846644] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.847446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.848235] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.848834] ---[ end trace 0000000000000000 ]--- [ 220.853230] ------------[ cut here ]------------ [ 220.853733] WARNING: CPU: 0 PID: 2109 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.854715] Modules linked in: [ 220.855020] CPU: 0 PID: 2109 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.855851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.856906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.857374] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.859101] RSP: 0018:ffff888016677bb8 EFLAGS: 00010246 [ 220.859617] RAX: 0000000000000000 RBX: ffff888012bd40a8 RCX: 0000000000000000 [ 220.860290] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 220.860953] RBP: ffff888016677bd0 R08: ffffed100257a833 R09: ffffed100257a833 [ 220.861627] R10: ffff888012bd4193 R11: ffffed100257a832 R12: ffff8880142a5400 [ 220.862293] R13: ffff888012bd41e8 R14: ffffffff8352e670 R15: ffff888016677e68 [ 220.862973] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.863750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.864297] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 220.864975] PKRU: 55555554 [ 220.865239] Call Trace: [ 220.865488] [ 220.865703] __iommufd_access_detach+0x1c2/0x2b0 [ 220.866177] iommufd_access_change_pt+0x149/0x270 [ 220.866664] iommufd_access_replace+0xb4/0x120 [ 220.867130] iommufd_test+0x3e5/0x37e0 [ 220.867495] ? lock_release+0x532/0x770 [ 220.867884] ? __might_fault+0x102/0x1b0 [ 220.868273] ? lock_acquire+0x427/0x4c0 [ 220.868667] ? __pfx_iommufd_test+0x10/0x10 [ 220.869073] ? __pfx_lock_release+0x10/0x10 [ 220.869482] ? __pfx_lock_acquire+0x10/0x10 [ 220.869895] ? write_comp_data+0x2f/0x90 [ 220.870286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.870766] ? write_comp_data+0x2f/0x90 [ 220.871174] iommufd_fops_ioctl+0x37d/0x510 [ 220.871589] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.872062] ? write_comp_data+0x2f/0x90 [ 220.872457] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.872919] __x64_sys_ioctl+0x1a3/0x230 [ 220.873311] do_syscall_64+0x3b/0x90 [ 220.873674] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.874176] RIP: 0033:0x7f4b8743ee5d [ 220.874556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.876278] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.876990] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.877663] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.878324] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.879012] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.879703] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.880366] [ 220.880585] irq event stamp: 0 [ 220.880878] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.881458] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.882245] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.883030] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.883626] ---[ end trace 0000000000000000 ]--- [ 220.886721] ------------[ cut here ]------------ [ 220.887214] WARNING: CPU: 0 PID: 2109 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.888155] Modules linked in: [ 220.888455] CPU: 0 PID: 2109 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.889272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.890312] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.890808] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.892520] RSP: 0018:ffff888016677bd0 EFLAGS: 00010246 [ 220.893022] RAX: 0000000000000000 RBX: ffff888012bd40a8 RCX: 0000000000000000 [ 220.893684] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 220.894346] RBP: ffff888016677be8 R08: ffffed100257a833 R09: ffffed100257a833 [ 220.895027] R10: ffff888012bd4193 R11: ffffed100257a832 R12: ffff888013db8800 [ 220.895706] R13: ffff888012bd41e8 R14: ffff88801344b700 R15: 0000000000000000 [ 220.896359] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.897101] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.897625] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 220.898287] PKRU: 55555554 [ 220.898568] Call Trace: [ 220.898815] [ 220.899027] iommufd_access_destroy_object+0x65/0x170 [ 220.899519] iommufd_object_destroy_user+0x18e/0x220 [ 220.899998] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.900538] iommufd_access_destroy+0x43/0x70 [ 220.900975] iommufd_test_staccess_release+0x8d/0xd0 [ 220.901457] __fput+0x26d/0xa40 [ 220.901782] ____fput+0x1e/0x30 [ 220.902094] task_work_run+0x1a4/0x2d0 [ 220.902464] ? __pfx_task_work_run+0x10/0x10 [ 220.902906] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.903386] ? switch_task_namespaces+0xa9/0xe0 [ 220.903829] do_exit+0xb17/0x2ef0 [ 220.904154] ? lock_acquire+0x427/0x4c0 [ 220.904537] ? __pfx_lock_release+0x10/0x10 [ 220.904950] ? __kasan_check_write+0x18/0x20 [ 220.905368] ? do_raw_spin_lock+0x132/0x2a0 [ 220.905769] ? __pfx_do_exit+0x10/0x10 [ 220.906137] ? debug_smp_processor_id+0x20/0x30 [ 220.906615] ? rcu_is_watching+0x19/0xb0 [ 220.907006] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.907450] ? trace_hardirqs_on+0x26/0x120 [ 220.907850] do_group_exit+0xe0/0x2b0 [ 220.908209] __x64_sys_exit_group+0x47/0x50 [ 220.908609] do_syscall_64+0x3b/0x90 [ 220.908959] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.909438] RIP: 0033:0x7f4b87518a4d [ 220.909785] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.910347] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.911071] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.911751] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.912406] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.913062] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.913716] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.914379] [ 220.914625] irq event stamp: 0 [ 220.914919] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.915513] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.916279] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.917050] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.917627] ---[ end trace 0000000000000000 ]--- [ 220.918420] ------------[ cut here ]------------ [ 220.918889] WARNING: CPU: 0 PID: 2109 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 220.919846] Modules linked in: [ 220.920147] CPU: 0 PID: 2109 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.920954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.921990] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 220.922438] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 220.924051] RSP: 0018:ffff888016677b78 EFLAGS: 00010246 [ 220.924514] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 220.925134] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 220.925749] RBP: ffff888016677b98 R08: ffffed100257a83e R09: ffffed100257a83e [ 220.926364] R10: ffff888012bd41ef R11: ffffed100257a83d R12: ffff888012bd4290 [ 220.926995] R13: ffff888012bd40a8 R14: ffffffffffffffff R15: ffff888016677c60 [ 220.927618] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.928305] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.928806] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 220.929417] PKRU: 55555554 [ 220.929663] Call Trace: [ 220.929884] [ 220.930079] iommufd_ioas_destroy+0x53/0x70 [ 220.930458] iommufd_fops_release+0x1f7/0x370 [ 220.930875] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.931314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.931741] ? write_comp_data+0x2f/0x90 [ 220.932106] ? __pfx_iommufd_fops_release+0x10/0x10 [ 220.932545] __fput+0x26d/0xa40 [ 220.932847] ____fput+0x1e/0x30 [ 220.933141] task_work_run+0x1a4/0x2d0 [ 220.933492] ? __pfx_task_work_run+0x10/0x10 [ 220.933880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.934308] ? switch_task_namespaces+0xa9/0xe0 [ 220.934725] do_exit+0xb17/0x2ef0 [ 220.935013] ? lock_acquire+0x427/0x4c0 [ 220.935357] ? __pfx_lock_release+0x10/0x10 [ 220.935718] ? __kasan_check_write+0x18/0x20 [ 220.936085] ? do_raw_spin_lock+0x132/0x2a0 [ 220.936441] ? __pfx_do_exit+0x10/0x10 [ 220.936767] ? debug_smp_processor_id+0x20/0x30 [ 220.937154] ? rcu_is_watching+0x19/0xb0 [ 220.937488] ? _raw_spin_unlock_irq+0x2b/0x60 [ 220.937860] ? trace_hardirqs_on+0x26/0x120 [ 220.938221] do_group_exit+0xe0/0x2b0 [ 220.938556] __x64_sys_exit_group+0x47/0x50 [ 220.938919] do_syscall_64+0x3b/0x90 [ 220.939246] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.939677] RIP: 0033:0x7f4b87518a4d [ 220.939977] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 220.940478] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 220.941100] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 220.941676] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 220.942257] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 220.942853] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 220.943440] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 220.944028] [ 220.944216] irq event stamp: 0 [ 220.944477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.944990] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.945672] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.946353] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.946874] ---[ end trace 0000000000000000 ]--- [ 220.951653] ------------[ cut here ]------------ [ 220.952069] WARNING: CPU: 0 PID: 2110 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.952870] Modules linked in: [ 220.953127] CPU: 0 PID: 2110 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.953814] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.954898] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.955313] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.956733] RSP: 0018:ffff88800f627bb8 EFLAGS: 00010246 [ 220.957153] RAX: 0000000000000000 RBX: ffff888017a9c0a8 RCX: 0000000000000000 [ 220.957711] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 220.958265] RBP: ffff88800f627bd0 R08: ffffed1002f53833 R09: ffffed1002f53833 [ 220.958839] R10: ffff888017a9c193 R11: ffffed1002f53832 R12: ffff88800ef57c00 [ 220.959414] R13: ffff888017a9c1e8 R14: ffffffff8352e670 R15: ffff88800f627e68 [ 220.959967] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 220.960588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.961036] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 220.961592] PKRU: 55555554 [ 220.961814] Call Trace: [ 220.962010] [ 220.962192] __iommufd_access_detach+0x1c2/0x2b0 [ 220.962608] iommufd_access_change_pt+0x149/0x270 [ 220.962998] iommufd_access_replace+0xb4/0x120 [ 220.963370] iommufd_test+0x3e5/0x37e0 [ 220.963670] ? lock_release+0x532/0x770 [ 220.963997] ? __might_fault+0x102/0x1b0 [ 220.964327] ? lock_acquire+0x427/0x4c0 [ 220.964644] ? __pfx_iommufd_test+0x10/0x10 [ 220.964984] ? __pfx_lock_release+0x10/0x10 [ 220.965324] ? __pfx_lock_acquire+0x10/0x10 [ 220.965667] ? write_comp_data+0x2f/0x90 [ 220.965989] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.966365] ? write_comp_data+0x2f/0x90 [ 220.966722] iommufd_fops_ioctl+0x37d/0x510 [ 220.967070] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.967465] ? write_comp_data+0x2f/0x90 [ 220.967790] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 220.968172] __x64_sys_ioctl+0x1a3/0x230 [ 220.968503] do_syscall_64+0x3b/0x90 [ 220.968802] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 220.969207] RIP: 0033:0x7f4b8743ee5d [ 220.969494] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 220.970920] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 220.971521] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 220.972082] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 220.972633] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 220.973161] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 220.973693] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 220.974235] [ 220.974414] irq event stamp: 0 [ 220.974669] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 220.975148] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 220.975784] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 220.976415] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 220.976890] ---[ end trace 0000000000000000 ]--- [ 220.982147] ------------[ cut here ]------------ [ 220.982731] WARNING: CPU: 1 PID: 2110 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 220.983787] Modules linked in: [ 220.984134] CPU: 1 PID: 2110 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 220.984915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 220.986109] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 220.986645] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 220.988525] RSP: 0018:ffff88800f627bd0 EFLAGS: 00010246 [ 220.989114] RAX: 0000000000000000 RBX: ffff888017a9c0a8 RCX: 0000000000000000 [ 220.989872] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 220.990475] RBP: ffff88800f627be8 R08: ffffed1002f53833 R09: ffffed1002f53833 [ 220.991182] R10: ffff888017a9c193 R11: ffffed1002f53832 R12: ffff8880142a7400 [ 220.991731] R13: ffff888017a9c1e8 R14: ffff888012152300 R15: 0000000000000000 [ 220.992276] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 220.993011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.993457] CR2: 00007f82e2b82000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 220.993997] PKRU: 55555554 [ 220.994212] Call Trace: [ 220.994477] [ 220.994673] iommufd_access_destroy_object+0x65/0x170 [ 220.995073] iommufd_object_destroy_user+0x18e/0x220 [ 220.995484] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 220.995948] iommufd_access_destroy+0x43/0x70 [ 220.996365] iommufd_test_staccess_release+0x8d/0xd0 [ 220.996765] __fput+0x26d/0xa40 [ 220.997038] ____fput+0x1e/0x30 [ 220.997305] task_work_run+0x1a4/0x2d0 [ 220.997628] ? __pfx_task_work_run+0x10/0x10 [ 220.998036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 220.998416] ? switch_task_namespaces+0xa9/0xe0 [ 220.998806] do_exit+0xb17/0x2ef0 [ 220.999078] ? lock_acquire+0x427/0x4c0 [ 220.999425] ? __pfx_lock_release+0x10/0x10 [ 220.999817] ? __kasan_check_write+0x18/0x20 [ 221.000163] ? do_raw_spin_lock+0x132/0x2a0 [ 221.000501] ? __pfx_do_exit+0x10/0x10 [ 221.000814] ? debug_smp_processor_id+0x20/0x30 [ 221.001227] ? rcu_is_watching+0x19/0xb0 [ 221.001579] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.001934] ? trace_hardirqs_on+0x26/0x120 [ 221.002277] do_group_exit+0xe0/0x2b0 [ 221.002594] __x64_sys_exit_group+0x47/0x50 [ 221.002950] do_syscall_64+0x3b/0x90 [ 221.003311] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.003722] RIP: 0033:0x7f4b87518a4d [ 221.004015] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.004489] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.005178] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.005735] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.006290] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.006965] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.007549] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.008114] [ 221.008321] irq event stamp: 0 [ 221.008638] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.009136] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.009793] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.010563] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.011060] ---[ end trace 0000000000000000 ]--- [ 221.013727] ------------[ cut here ]------------ [ 221.014115] WARNING: CPU: 1 PID: 2110 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.014951] Modules linked in: [ 221.015248] CPU: 1 PID: 2110 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.016020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.016905] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.017419] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.018952] RSP: 0018:ffff88800f627b78 EFLAGS: 00010246 [ 221.019455] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.020048] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 221.020632] RBP: ffff88800f627b98 R08: ffffed1002f5383e R09: ffffed1002f5383e [ 221.021313] R10: ffff888017a9c1ef R11: ffffed1002f5383d R12: ffff888017a9c290 [ 221.021921] R13: ffff888017a9c0a8 R14: ffffffffffffffff R15: ffff88800f627c60 [ 221.022582] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.023675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.024185] CR2: 00007f82e2b85000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 221.024888] PKRU: 55555554 [ 221.025384] Call Trace: [ 221.025688] [ 221.025952] iommufd_ioas_destroy+0x53/0x70 [ 221.026456] iommufd_fops_release+0x1f7/0x370 [ 221.027065] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.027703] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.028274] ? write_comp_data+0x2f/0x90 [ 221.028754] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.029433] __fput+0x26d/0xa40 [ 221.029839] ____fput+0x1e/0x30 [ 221.030234] task_work_run+0x1a4/0x2d0 [ 221.030735] ? __pfx_task_work_run+0x10/0x10 [ 221.031362] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.031931] ? switch_task_namespaces+0xa9/0xe0 [ 221.032483] do_exit+0xb17/0x2ef0 [ 221.032903] ? lock_acquire+0x427/0x4c0 [ 221.033449] ? __pfx_lock_release+0x10/0x10 [ 221.033958] ? __kasan_check_write+0x18/0x20 [ 221.034474] ? do_raw_spin_lock+0x132/0x2a0 [ 221.035104] ? __pfx_do_exit+0x10/0x10 [ 221.035585] ? debug_smp_processor_id+0x20/0x30 [ 221.036124] ? rcu_is_watching+0x19/0xb0 [ 221.036595] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.037216] ? trace_hardirqs_on+0x26/0x120 [ 221.037755] do_group_exit+0xe0/0x2b0 [ 221.038281] __x64_sys_exit_group+0x47/0x50 [ 221.038880] do_syscall_64+0x3b/0x90 [ 221.039377] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.039987] RIP: 0033:0x7f4b87518a4d [ 221.040419] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.041207] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.042111] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.043460] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.044302] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.045401] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.046257] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.047286] [ 221.047577] irq event stamp: 0 [ 221.047950] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.048686] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.049765] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.050797] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.051672] ---[ end trace 0000000000000000 ]--- [ 221.058393] ------------[ cut here ]------------ [ 221.059056] WARNING: CPU: 1 PID: 2111 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.060404] Modules linked in: [ 221.060805] CPU: 1 PID: 2111 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.061963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.063402] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.064044] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.066296] RSP: 0018:ffff888023e17bb8 EFLAGS: 00010246 [ 221.067044] RAX: 0000000000000000 RBX: ffff88801781d0a8 RCX: 0000000000000000 [ 221.067920] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 221.068777] RBP: ffff888023e17bd0 R08: ffffed1002f03a33 R09: ffffed1002f03a33 [ 221.069630] R10: ffff88801781d193 R11: ffffed1002f03a32 R12: ffff888010824800 [ 221.070475] R13: ffff88801781d1e8 R14: ffffffff8352e670 R15: ffff888023e17e68 [ 221.071396] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.072356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.073050] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 221.073901] PKRU: 55555554 [ 221.074244] Call Trace: [ 221.074597] [ 221.074881] __iommufd_access_detach+0x1c2/0x2b0 [ 221.075490] iommufd_access_change_pt+0x149/0x270 [ 221.076089] iommufd_access_replace+0xb4/0x120 [ 221.076657] iommufd_test+0x3e5/0x37e0 [ 221.077128] ? lock_release+0x532/0x770 [ 221.077624] ? __might_fault+0x102/0x1b0 [ 221.078125] ? lock_acquire+0x427/0x4c0 [ 221.078663] ? __pfx_iommufd_test+0x10/0x10 [ 221.079198] ? __pfx_lock_release+0x10/0x10 [ 221.079733] ? __pfx_lock_acquire+0x10/0x10 [ 221.080269] ? write_comp_data+0x2f/0x90 [ 221.080781] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.081381] ? write_comp_data+0x2f/0x90 [ 221.081890] iommufd_fops_ioctl+0x37d/0x510 [ 221.082423] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.083067] ? write_comp_data+0x2f/0x90 [ 221.083594] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.084183] __x64_sys_ioctl+0x1a3/0x230 [ 221.084691] do_syscall_64+0x3b/0x90 [ 221.085159] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.085793] RIP: 0033:0x7f4b8743ee5d [ 221.086245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.088456] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.089366] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.090210] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.091088] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.091947] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.092790] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.093634] [ 221.093912] irq event stamp: 0 [ 221.094283] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.095054] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.096037] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.096996] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.097710] ---[ end trace 0000000000000000 ]--- [ 221.101957] ------------[ cut here ]------------ [ 221.102459] WARNING: CPU: 1 PID: 2111 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.103568] Modules linked in: [ 221.103878] CPU: 1 PID: 2111 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.104704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.105767] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.106242] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.108238] RSP: 0018:ffff888023e17bd0 EFLAGS: 00010246 [ 221.108746] RAX: 0000000000000000 RBX: ffff88801781d0a8 RCX: 0000000000000000 [ 221.109415] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 221.110080] RBP: ffff888023e17be8 R08: ffffed1002f03a33 R09: ffffed1002f03a33 [ 221.111024] R10: ffff88801781d193 R11: ffffed1002f03a32 R12: ffff88800f9f6800 [ 221.111782] R13: ffff88801781d1e8 R14: ffff8880138eb600 R15: 0000000000000000 [ 221.112448] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.113187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.113740] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 221.114426] PKRU: 55555554 [ 221.114726] Call Trace: [ 221.114986] [ 221.115209] iommufd_access_destroy_object+0x65/0x170 [ 221.115704] iommufd_object_destroy_user+0x18e/0x220 [ 221.116463] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.117025] iommufd_access_destroy+0x43/0x70 [ 221.117642] iommufd_test_staccess_release+0x8d/0xd0 [ 221.118136] __fput+0x26d/0xa40 [ 221.118459] ____fput+0x1e/0x30 [ 221.118806] task_work_run+0x1a4/0x2d0 [ 221.119201] ? __pfx_task_work_run+0x10/0x10 [ 221.119632] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.120275] ? switch_task_namespaces+0xa9/0xe0 [ 221.120764] do_exit+0xb17/0x2ef0 [ 221.121086] ? lock_acquire+0x427/0x4c0 [ 221.121463] ? __pfx_lock_release+0x10/0x10 [ 221.121936] ? __kasan_check_write+0x18/0x20 [ 221.122400] ? do_raw_spin_lock+0x132/0x2a0 [ 221.122893] ? __pfx_do_exit+0x10/0x10 [ 221.123335] ? debug_smp_processor_id+0x20/0x30 [ 221.123855] ? rcu_is_watching+0x19/0xb0 [ 221.124273] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.124737] ? trace_hardirqs_on+0x26/0x120 [ 221.125207] do_group_exit+0xe0/0x2b0 [ 221.125606] __x64_sys_exit_group+0x47/0x50 [ 221.126065] do_syscall_64+0x3b/0x90 [ 221.126453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.127001] RIP: 0033:0x7f4b87518a4d [ 221.127364] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.128025] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.128772] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.129426] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.130079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.130756] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.131424] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.132091] [ 221.132308] irq event stamp: 0 [ 221.132604] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.133185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.133951] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.134744] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.135364] ---[ end trace 0000000000000000 ]--- [ 221.136128] ------------[ cut here ]------------ [ 221.136565] WARNING: CPU: 1 PID: 2111 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.137507] Modules linked in: [ 221.137818] CPU: 1 PID: 2111 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.138644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.139696] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.140176] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.141848] RSP: 0018:ffff888023e17b78 EFLAGS: 00010246 [ 221.142337] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.143011] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 221.143678] RBP: ffff888023e17b98 R08: ffffed1002f03a3e R09: ffffed1002f03a3e [ 221.144330] R10: ffff88801781d1ef R11: ffffed1002f03a3d R12: ffff88801781d290 [ 221.144983] R13: ffff88801781d0a8 R14: ffffffffffffffff R15: ffff888023e17c60 [ 221.145639] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.146383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.146941] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 221.147603] PKRU: 55555554 [ 221.147866] Call Trace: [ 221.148102] [ 221.148312] iommufd_ioas_destroy+0x53/0x70 [ 221.148714] iommufd_fops_release+0x1f7/0x370 [ 221.149137] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.149598] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.150047] ? write_comp_data+0x2f/0x90 [ 221.150438] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.150924] __fput+0x26d/0xa40 [ 221.151255] ____fput+0x1e/0x30 [ 221.151573] task_work_run+0x1a4/0x2d0 [ 221.151939] ? __pfx_task_work_run+0x10/0x10 [ 221.152351] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.152805] ? switch_task_namespaces+0xa9/0xe0 [ 221.153247] do_exit+0xb17/0x2ef0 [ 221.153572] ? lock_acquire+0x427/0x4c0 [ 221.153953] ? __pfx_lock_release+0x10/0x10 [ 221.154355] ? __kasan_check_write+0x18/0x20 [ 221.154797] ? do_raw_spin_lock+0x132/0x2a0 [ 221.155204] ? __pfx_do_exit+0x10/0x10 [ 221.155567] ? debug_smp_processor_id+0x20/0x30 [ 221.155989] ? rcu_is_watching+0x19/0xb0 [ 221.156352] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.156758] ? trace_hardirqs_on+0x26/0x120 [ 221.157147] do_group_exit+0xe0/0x2b0 [ 221.157487] __x64_sys_exit_group+0x47/0x50 [ 221.157889] do_syscall_64+0x3b/0x90 [ 221.158237] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.158742] RIP: 0033:0x7f4b87518a4d [ 221.159090] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.159661] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.160356] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.161007] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.161665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.162316] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.162983] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.163641] [ 221.163844] irq event stamp: 0 [ 221.164116] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.164660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.165376] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.166097] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.166666] ---[ end trace 0000000000000000 ]--- [ 221.171031] ------------[ cut here ]------------ [ 221.171479] WARNING: CPU: 1 PID: 2112 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.172351] Modules linked in: [ 221.172627] CPU: 1 PID: 2112 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.173381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.174373] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.174842] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.176428] RSP: 0018:ffff88801632fbb8 EFLAGS: 00010246 [ 221.176889] RAX: 0000000000000000 RBX: ffff888010e728a8 RCX: 0000000000000000 [ 221.177501] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 221.178118] RBP: ffff88801632fbd0 R08: ffffed10021ce533 R09: ffffed10021ce533 [ 221.178749] R10: ffff888010e72993 R11: ffffed10021ce532 R12: ffff888014582c00 [ 221.179377] R13: ffff888010e729e8 R14: ffffffff8352e670 R15: ffff88801632fe68 [ 221.179994] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.180688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.181191] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 221.181811] PKRU: 55555554 [ 221.182056] Call Trace: [ 221.182280] [ 221.182484] __iommufd_access_detach+0x1c2/0x2b0 [ 221.182952] iommufd_access_change_pt+0x149/0x270 [ 221.183394] iommufd_access_replace+0xb4/0x120 [ 221.183805] iommufd_test+0x3e5/0x37e0 [ 221.184142] ? lock_release+0x532/0x770 [ 221.184496] ? __might_fault+0x102/0x1b0 [ 221.184855] ? lock_acquire+0x427/0x4c0 [ 221.185206] ? __pfx_iommufd_test+0x10/0x10 [ 221.185582] ? __pfx_lock_release+0x10/0x10 [ 221.185968] ? __pfx_lock_acquire+0x10/0x10 [ 221.186352] ? write_comp_data+0x2f/0x90 [ 221.186743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.187185] ? write_comp_data+0x2f/0x90 [ 221.187549] iommufd_fops_ioctl+0x37d/0x510 [ 221.187929] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.188360] ? write_comp_data+0x2f/0x90 [ 221.188721] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.189143] __x64_sys_ioctl+0x1a3/0x230 [ 221.189509] do_syscall_64+0x3b/0x90 [ 221.189841] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.190302] RIP: 0033:0x7f4b8743ee5d [ 221.190651] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.192239] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.192900] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.193518] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.194131] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.194762] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.195392] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.196014] [ 221.196217] irq event stamp: 0 [ 221.196493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.197041] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.197764] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.198483] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.199061] ---[ end trace 0000000000000000 ]--- [ 221.201775] ------------[ cut here ]------------ [ 221.202216] WARNING: CPU: 1 PID: 2112 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.203130] Modules linked in: [ 221.203414] CPU: 1 PID: 2112 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.204169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.205144] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.205579] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.207189] RSP: 0018:ffff88801632fbd0 EFLAGS: 00010246 [ 221.207655] RAX: 0000000000000000 RBX: ffff888010e728a8 RCX: 0000000000000000 [ 221.208270] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 221.208884] RBP: ffff88801632fbe8 R08: ffffed10021ce533 R09: ffffed10021ce533 [ 221.209499] R10: ffff888010e72993 R11: ffffed10021ce532 R12: ffff888010826000 [ 221.210116] R13: ffff888010e729e8 R14: ffff888011d6d000 R15: 0000000000000000 [ 221.210750] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.211454] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.211954] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 221.212576] PKRU: 55555554 [ 221.212823] Call Trace: [ 221.213049] [ 221.213244] iommufd_access_destroy_object+0x65/0x170 [ 221.213695] iommufd_object_destroy_user+0x18e/0x220 [ 221.214140] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.214675] iommufd_access_destroy+0x43/0x70 [ 221.215076] iommufd_test_staccess_release+0x8d/0xd0 [ 221.215535] __fput+0x26d/0xa40 [ 221.215838] ____fput+0x1e/0x30 [ 221.216132] task_work_run+0x1a4/0x2d0 [ 221.216476] ? __pfx_task_work_run+0x10/0x10 [ 221.216862] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.217291] ? switch_task_namespaces+0xa9/0xe0 [ 221.217704] do_exit+0xb17/0x2ef0 [ 221.218010] ? lock_acquire+0x427/0x4c0 [ 221.218366] ? __pfx_lock_release+0x10/0x10 [ 221.218771] ? __kasan_check_write+0x18/0x20 [ 221.219171] ? do_raw_spin_lock+0x132/0x2a0 [ 221.219549] ? __pfx_do_exit+0x10/0x10 [ 221.219898] ? debug_smp_processor_id+0x20/0x30 [ 221.220307] ? rcu_is_watching+0x19/0xb0 [ 221.220664] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.221063] ? trace_hardirqs_on+0x26/0x120 [ 221.221442] do_group_exit+0xe0/0x2b0 [ 221.221778] __x64_sys_exit_group+0x47/0x50 [ 221.222157] do_syscall_64+0x3b/0x90 [ 221.222494] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.222992] RIP: 0033:0x7f4b87518a4d [ 221.223326] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.223859] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.224517] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.225131] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.225744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.226357] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.226995] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.227633] [ 221.227833] irq event stamp: 0 [ 221.228105] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.228647] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.229367] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.230081] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.230645] ---[ end trace 0000000000000000 ]--- [ 221.231368] ------------[ cut here ]------------ [ 221.231773] WARNING: CPU: 1 PID: 2112 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.232645] Modules linked in: [ 221.232922] CPU: 1 PID: 2112 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.233668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.234652] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.235100] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.236669] RSP: 0018:ffff88801632fb78 EFLAGS: 00010246 [ 221.237127] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.237736] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 221.238345] RBP: ffff88801632fb98 R08: ffffed10021ce53e R09: ffffed10021ce53e [ 221.238976] R10: ffff888010e729ef R11: ffffed10021ce53d R12: ffff888010e72a90 [ 221.239593] R13: ffff888010e728a8 R14: ffffffffffffffff R15: ffff88801632fc60 [ 221.240198] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.240881] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.241376] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 221.241985] PKRU: 55555554 [ 221.242227] Call Trace: [ 221.242446] [ 221.242662] iommufd_ioas_destroy+0x53/0x70 [ 221.243042] iommufd_fops_release+0x1f7/0x370 [ 221.243444] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.243878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.244306] ? write_comp_data+0x2f/0x90 [ 221.244665] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.245096] __fput+0x26d/0xa40 [ 221.245398] ____fput+0x1e/0x30 [ 221.245689] task_work_run+0x1a4/0x2d0 [ 221.246029] ? __pfx_task_work_run+0x10/0x10 [ 221.246415] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.246861] ? switch_task_namespaces+0xa9/0xe0 [ 221.247285] do_exit+0xb17/0x2ef0 [ 221.247590] ? lock_acquire+0x427/0x4c0 [ 221.247942] ? __pfx_lock_release+0x10/0x10 [ 221.248317] ? __kasan_check_write+0x18/0x20 [ 221.248700] ? do_raw_spin_lock+0x132/0x2a0 [ 221.249071] ? __pfx_do_exit+0x10/0x10 [ 221.249413] ? debug_smp_processor_id+0x20/0x30 [ 221.249812] ? rcu_is_watching+0x19/0xb0 [ 221.250160] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.250577] ? trace_hardirqs_on+0x26/0x120 [ 221.250961] do_group_exit+0xe0/0x2b0 [ 221.251303] __x64_sys_exit_group+0x47/0x50 [ 221.251677] do_syscall_64+0x3b/0x90 [ 221.252010] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.252467] RIP: 0033:0x7f4b87518a4d [ 221.252793] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.253322] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.253977] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.254614] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.255238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.255848] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.256460] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.257071] [ 221.257274] irq event stamp: 0 [ 221.257550] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.258092] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.258828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.259556] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.260096] ---[ end trace 0000000000000000 ]--- [ 221.264623] ------------[ cut here ]------------ [ 221.265071] WARNING: CPU: 1 PID: 2113 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.266058] Modules linked in: [ 221.266336] CPU: 1 PID: 2113 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.267294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.268382] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.268828] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.270538] RSP: 0018:ffff8880162cfbb8 EFLAGS: 00010246 [ 221.271005] RAX: 0000000000000000 RBX: ffff888016fa50a8 RCX: 0000000000000000 [ 221.271657] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 221.272345] RBP: ffff8880162cfbd0 R08: ffffed1002df4a33 R09: ffffed1002df4a33 [ 221.272970] R10: ffff888016fa5193 R11: ffffed1002df4a32 R12: ffff88800f137c00 [ 221.273681] R13: ffff888016fa51e8 R14: ffffffff8352e670 R15: ffff8880162cfe68 [ 221.274307] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.275058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.275621] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 221.276283] PKRU: 55555554 [ 221.276531] Call Trace: [ 221.276757] [ 221.276960] __iommufd_access_detach+0x1c2/0x2b0 [ 221.277470] iommufd_access_change_pt+0x149/0x270 [ 221.277909] iommufd_access_replace+0xb4/0x120 [ 221.278325] iommufd_test+0x3e5/0x37e0 [ 221.278698] ? lock_release+0x532/0x770 [ 221.279065] ? __might_fault+0x102/0x1b0 [ 221.279492] ? lock_acquire+0x427/0x4c0 [ 221.279892] ? __pfx_iommufd_test+0x10/0x10 [ 221.280274] ? __pfx_lock_release+0x10/0x10 [ 221.280669] ? __pfx_lock_acquire+0x10/0x10 [ 221.281076] ? write_comp_data+0x2f/0x90 [ 221.281497] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.281931] ? write_comp_data+0x2f/0x90 [ 221.282299] iommufd_fops_ioctl+0x37d/0x510 [ 221.282722] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.283223] ? write_comp_data+0x2f/0x90 [ 221.283594] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.284025] __x64_sys_ioctl+0x1a3/0x230 [ 221.284395] do_syscall_64+0x3b/0x90 [ 221.284746] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.285273] RIP: 0033:0x7f4b8743ee5d [ 221.285604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.287309] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.287985] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.288696] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.289322] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.289950] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.290670] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.291328] [ 221.291538] irq event stamp: 0 [ 221.291821] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.292476] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.293223] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.294051] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.294633] ---[ end trace 0000000000000000 ]--- [ 221.297505] ------------[ cut here ]------------ [ 221.298021] WARNING: CPU: 1 PID: 2113 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.298949] Modules linked in: [ 221.299319] CPU: 1 PID: 2113 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.300097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.301141] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.301625] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.303430] RSP: 0018:ffff8880162cfbd0 EFLAGS: 00010246 [ 221.303908] RAX: 0000000000000000 RBX: ffff888016fa50a8 RCX: 0000000000000000 [ 221.304542] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 221.305262] RBP: ffff8880162cfbe8 R08: ffffed1002df4a33 R09: ffffed1002df4a33 [ 221.305895] R10: ffff888016fa5193 R11: ffffed1002df4a32 R12: ffff888014580000 [ 221.306550] R13: ffff888016fa51e8 R14: ffff88800f0b2d00 R15: 0000000000000000 [ 221.307293] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.308008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.308528] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 221.309249] PKRU: 55555554 [ 221.309513] Call Trace: [ 221.309747] [ 221.309955] iommufd_access_destroy_object+0x65/0x170 [ 221.310452] iommufd_object_destroy_user+0x18e/0x220 [ 221.310999] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.311549] iommufd_access_destroy+0x43/0x70 [ 221.311971] iommufd_test_staccess_release+0x8d/0xd0 [ 221.312450] __fput+0x26d/0xa40 [ 221.312866] ____fput+0x1e/0x30 [ 221.313184] task_work_run+0x1a4/0x2d0 [ 221.313556] ? __pfx_task_work_run+0x10/0x10 [ 221.313972] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.314467] ? switch_task_namespaces+0xa9/0xe0 [ 221.314989] do_exit+0xb17/0x2ef0 [ 221.315308] ? lock_acquire+0x427/0x4c0 [ 221.315651] ? __pfx_lock_release+0x10/0x10 [ 221.316018] ? __kasan_check_write+0x18/0x20 [ 221.316389] ? do_raw_spin_lock+0x132/0x2a0 [ 221.316857] ? __pfx_do_exit+0x10/0x10 [ 221.317193] ? debug_smp_processor_id+0x20/0x30 [ 221.317583] ? rcu_is_watching+0x19/0xb0 [ 221.317921] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.318306] ? trace_hardirqs_on+0x26/0x120 [ 221.318815] do_group_exit+0xe0/0x2b0 [ 221.319147] __x64_sys_exit_group+0x47/0x50 [ 221.319502] do_syscall_64+0x3b/0x90 [ 221.319815] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.320255] RIP: 0033:0x7f4b87518a4d [ 221.320567] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.321187] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.321814] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.322413] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.323107] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.323701] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.324285] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.324982] [ 221.325177] irq event stamp: 0 [ 221.325438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.325961] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.326789] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.327530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.328054] ---[ end trace 0000000000000000 ]--- [ 221.328904] ------------[ cut here ]------------ [ 221.329303] WARNING: CPU: 1 PID: 2113 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.330151] Modules linked in: [ 221.330490] CPU: 1 PID: 2113 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.331296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.332221] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.332715] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.334275] RSP: 0018:ffff8880162cfb78 EFLAGS: 00010246 [ 221.334814] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.335412] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 221.335992] RBP: ffff8880162cfb98 R08: ffffed1002df4a3e R09: ffffed1002df4a3e [ 221.336679] R10: ffff888016fa51ef R11: ffffed1002df4a3d R12: ffff888016fa5290 [ 221.337264] R13: ffff888016fa50a8 R14: ffffffffffffffff R15: ffff8880162cfc60 [ 221.337843] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.338628] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.339105] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 221.339705] PKRU: 55555554 [ 221.339940] Call Trace: [ 221.340166] [ 221.340431] iommufd_ioas_destroy+0x53/0x70 [ 221.340804] iommufd_fops_release+0x1f7/0x370 [ 221.341199] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.341636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.342121] ? write_comp_data+0x2f/0x90 [ 221.342563] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.342993] __fput+0x26d/0xa40 [ 221.343303] ____fput+0x1e/0x30 [ 221.343592] task_work_run+0x1a4/0x2d0 [ 221.343941] ? __pfx_task_work_run+0x10/0x10 [ 221.344406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.344905] ? switch_task_namespaces+0xa9/0xe0 [ 221.345314] do_exit+0xb17/0x2ef0 [ 221.345613] ? lock_acquire+0x427/0x4c0 [ 221.345963] ? __pfx_lock_release+0x10/0x10 [ 221.346441] ? __kasan_check_write+0x18/0x20 [ 221.346848] ? do_raw_spin_lock+0x132/0x2a0 [ 221.347231] ? __pfx_do_exit+0x10/0x10 [ 221.347579] ? debug_smp_processor_id+0x20/0x30 [ 221.347981] ? rcu_is_watching+0x19/0xb0 [ 221.348368] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.348864] ? trace_hardirqs_on+0x26/0x120 [ 221.349240] do_group_exit+0xe0/0x2b0 [ 221.349570] __x64_sys_exit_group+0x47/0x50 [ 221.349939] do_syscall_64+0x3b/0x90 [ 221.350343] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.350884] RIP: 0033:0x7f4b87518a4d [ 221.351215] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.351740] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.352414] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.353123] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.353735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.354419] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.355152] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.355788] [ 221.355993] irq event stamp: 0 [ 221.356267] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.356970] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.357700] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.358498] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.359162] ---[ end trace 0000000000000000 ]--- [ 221.364216] ------------[ cut here ]------------ [ 221.364666] WARNING: CPU: 0 PID: 2114 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.365539] Modules linked in: [ 221.365813] CPU: 0 PID: 2114 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.366579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.367544] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.367970] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.369511] RSP: 0018:ffff88801632fbb8 EFLAGS: 00010246 [ 221.369967] RAX: 0000000000000000 RBX: ffff88800b9fd8a8 RCX: 0000000000000000 [ 221.370606] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 221.371227] RBP: ffff88801632fbd0 R08: ffffed100173fb33 R09: ffffed100173fb33 [ 221.371833] R10: ffff88800b9fd993 R11: ffffed100173fb32 R12: ffff888014143c00 [ 221.372436] R13: ffff88800b9fd9e8 R14: ffffffff8352e670 R15: ffff88801632fe68 [ 221.373041] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.373721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.374211] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 221.374849] PKRU: 55555554 [ 221.375101] Call Trace: [ 221.375331] [ 221.375527] __iommufd_access_detach+0x1c2/0x2b0 [ 221.375947] iommufd_access_change_pt+0x149/0x270 [ 221.376368] iommufd_access_replace+0xb4/0x120 [ 221.376777] iommufd_test+0x3e5/0x37e0 [ 221.377110] ? lock_release+0x532/0x770 [ 221.377464] ? __might_fault+0x102/0x1b0 [ 221.377818] ? lock_acquire+0x427/0x4c0 [ 221.378174] ? __pfx_iommufd_test+0x10/0x10 [ 221.378561] ? __pfx_lock_release+0x10/0x10 [ 221.378938] ? __pfx_lock_acquire+0x10/0x10 [ 221.379328] ? write_comp_data+0x2f/0x90 [ 221.379689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.380113] ? write_comp_data+0x2f/0x90 [ 221.380472] iommufd_fops_ioctl+0x37d/0x510 [ 221.380847] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.381268] ? write_comp_data+0x2f/0x90 [ 221.381630] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.382051] __x64_sys_ioctl+0x1a3/0x230 [ 221.382414] do_syscall_64+0x3b/0x90 [ 221.382767] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.383231] RIP: 0033:0x7f4b8743ee5d [ 221.383562] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.385116] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.385766] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.386370] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.386995] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.387592] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.388173] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.388757] [ 221.388950] irq event stamp: 0 [ 221.389205] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.389718] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.390400] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.391091] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.391615] ---[ end trace 0000000000000000 ]--- [ 221.394379] ------------[ cut here ]------------ [ 221.394818] WARNING: CPU: 0 PID: 2114 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.395654] Modules linked in: [ 221.395918] CPU: 0 PID: 2114 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.396627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.397553] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.397965] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.399498] RSP: 0018:ffff88801632fbd0 EFLAGS: 00010246 [ 221.399946] RAX: 0000000000000000 RBX: ffff88800b9fd8a8 RCX: 0000000000000000 [ 221.400532] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 221.401115] RBP: ffff88801632fbe8 R08: ffffed100173fb33 R09: ffffed100173fb33 [ 221.401694] R10: ffff88800b9fd993 R11: ffffed100173fb32 R12: ffff88800ef55000 [ 221.402270] R13: ffff88800b9fd9e8 R14: ffff888013813800 R15: 0000000000000000 [ 221.402865] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.403532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.404018] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 221.404620] PKRU: 55555554 [ 221.404878] Call Trace: [ 221.405102] [ 221.405299] iommufd_access_destroy_object+0x65/0x170 [ 221.405751] iommufd_object_destroy_user+0x18e/0x220 [ 221.406203] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.406743] iommufd_access_destroy+0x43/0x70 [ 221.407159] iommufd_test_staccess_release+0x8d/0xd0 [ 221.407619] __fput+0x26d/0xa40 [ 221.407924] ____fput+0x1e/0x30 [ 221.408216] task_work_run+0x1a4/0x2d0 [ 221.408568] ? __pfx_task_work_run+0x10/0x10 [ 221.408959] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.409397] ? switch_task_namespaces+0xa9/0xe0 [ 221.409817] do_exit+0xb17/0x2ef0 [ 221.410123] ? lock_acquire+0x427/0x4c0 [ 221.410479] ? __pfx_lock_release+0x10/0x10 [ 221.410897] ? __kasan_check_write+0x18/0x20 [ 221.411297] ? do_raw_spin_lock+0x132/0x2a0 [ 221.411678] ? __pfx_do_exit+0x10/0x10 [ 221.412027] ? debug_smp_processor_id+0x20/0x30 [ 221.412435] ? rcu_is_watching+0x19/0xb0 [ 221.412794] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.413190] ? trace_hardirqs_on+0x26/0x120 [ 221.413581] do_group_exit+0xe0/0x2b0 [ 221.413917] __x64_sys_exit_group+0x47/0x50 [ 221.414299] do_syscall_64+0x3b/0x90 [ 221.414665] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.415143] RIP: 0033:0x7f4b87518a4d [ 221.415471] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.416007] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.416674] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.417310] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.417932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.418576] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.419215] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.419854] [ 221.420064] irq event stamp: 0 [ 221.420345] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.420896] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.421636] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.422359] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.422933] ---[ end trace 0000000000000000 ]--- [ 221.423697] ------------[ cut here ]------------ [ 221.424107] WARNING: CPU: 0 PID: 2114 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.424992] Modules linked in: [ 221.425275] CPU: 0 PID: 2114 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.426038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.427033] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.427498] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.429074] RSP: 0018:ffff88801632fb78 EFLAGS: 00010246 [ 221.429539] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.430148] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 221.430816] RBP: ffff88801632fb98 R08: ffffed100173fb3e R09: ffffed100173fb3e [ 221.431500] R10: ffff88800b9fd9ef R11: ffffed100173fb3d R12: ffff88800b9fda90 [ 221.432156] R13: ffff88800b9fd8a8 R14: ffffffffffffffff R15: ffff88801632fc60 [ 221.432804] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.433537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.434075] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 221.434778] PKRU: 55555554 [ 221.435050] Call Trace: [ 221.435303] [ 221.435516] iommufd_ioas_destroy+0x53/0x70 [ 221.435924] iommufd_fops_release+0x1f7/0x370 [ 221.436344] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.436803] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.437255] ? write_comp_data+0x2f/0x90 [ 221.437635] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.438093] __fput+0x26d/0xa40 [ 221.438414] ____fput+0x1e/0x30 [ 221.438745] task_work_run+0x1a4/0x2d0 [ 221.439122] ? __pfx_task_work_run+0x10/0x10 [ 221.439539] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.439995] ? switch_task_namespaces+0xa9/0xe0 [ 221.440435] do_exit+0xb17/0x2ef0 [ 221.440757] ? lock_acquire+0x427/0x4c0 [ 221.441130] ? __pfx_lock_release+0x10/0x10 [ 221.441538] ? __kasan_check_write+0x18/0x20 [ 221.441956] ? do_raw_spin_lock+0x132/0x2a0 [ 221.442363] ? __pfx_do_exit+0x10/0x10 [ 221.442759] ? debug_smp_processor_id+0x20/0x30 [ 221.443206] ? rcu_is_watching+0x19/0xb0 [ 221.443584] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.444006] ? trace_hardirqs_on+0x26/0x120 [ 221.444416] do_group_exit+0xe0/0x2b0 [ 221.444771] __x64_sys_exit_group+0x47/0x50 [ 221.445165] do_syscall_64+0x3b/0x90 [ 221.445516] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.446009] RIP: 0033:0x7f4b87518a4d [ 221.446354] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.446949] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.447656] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.448312] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.448967] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.449622] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.450276] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.450961] [ 221.451194] irq event stamp: 0 [ 221.451491] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.452073] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.452844] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.453608] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.454190] ---[ end trace 0000000000000000 ]--- [ 221.458337] ------------[ cut here ]------------ [ 221.458947] WARNING: CPU: 1 PID: 2115 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.459911] Modules linked in: [ 221.460211] CPU: 1 PID: 2115 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.461012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.462052] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.462562] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.464275] RSP: 0018:ffff888018097bb8 EFLAGS: 00010246 [ 221.464773] RAX: 0000000000000000 RBX: ffff888021b760a8 RCX: 0000000000000000 [ 221.465443] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 221.466100] RBP: ffff888018097bd0 R08: ffffed100436ec33 R09: ffffed100436ec33 [ 221.466797] R10: ffff888021b76193 R11: ffffed100436ec32 R12: ffff888013b16000 [ 221.467496] R13: ffff888021b761e8 R14: ffffffff8352e670 R15: ffff888018097e68 [ 221.468151] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.468901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.469444] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 221.470104] PKRU: 55555554 [ 221.470373] Call Trace: [ 221.470642] [ 221.470858] __iommufd_access_detach+0x1c2/0x2b0 [ 221.471329] iommufd_access_change_pt+0x149/0x270 [ 221.471794] iommufd_access_replace+0xb4/0x120 [ 221.472228] iommufd_test+0x3e5/0x37e0 [ 221.472592] ? lock_release+0x532/0x770 [ 221.472989] ? __might_fault+0x102/0x1b0 [ 221.473379] ? lock_acquire+0x427/0x4c0 [ 221.473779] ? __pfx_iommufd_test+0x10/0x10 [ 221.474184] ? __pfx_lock_release+0x10/0x10 [ 221.474641] ? __pfx_lock_acquire+0x10/0x10 [ 221.475059] ? write_comp_data+0x2f/0x90 [ 221.475470] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.475932] ? write_comp_data+0x2f/0x90 [ 221.476314] iommufd_fops_ioctl+0x37d/0x510 [ 221.476718] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.477175] ? write_comp_data+0x2f/0x90 [ 221.477560] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.478008] __x64_sys_ioctl+0x1a3/0x230 [ 221.478414] do_syscall_64+0x3b/0x90 [ 221.478802] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.479306] RIP: 0033:0x7f4b8743ee5d [ 221.479648] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.481329] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.482035] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.482709] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.483390] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.484066] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.484734] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.485400] [ 221.485629] irq event stamp: 0 [ 221.485917] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.486494] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.487321] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.488103] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.488675] ---[ end trace 0000000000000000 ]--- [ 221.491676] ------------[ cut here ]------------ [ 221.492149] WARNING: CPU: 1 PID: 2115 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.493063] Modules linked in: [ 221.493351] CPU: 1 PID: 2115 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.494157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.495244] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.495699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.497388] RSP: 0018:ffff888018097bd0 EFLAGS: 00010246 [ 221.497889] RAX: 0000000000000000 RBX: ffff888021b760a8 RCX: 0000000000000000 [ 221.498563] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 221.499224] RBP: ffff888018097be8 R08: ffffed100436ec33 R09: ffffed100436ec33 [ 221.499879] R10: ffff888021b76193 R11: ffffed100436ec32 R12: ffff88800f135400 [ 221.500542] R13: ffff888021b761e8 R14: ffff888012899100 R15: 0000000000000000 [ 221.501200] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.501937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.502474] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 221.503168] PKRU: 55555554 [ 221.503434] Call Trace: [ 221.503667] [ 221.503875] iommufd_access_destroy_object+0x65/0x170 [ 221.504351] iommufd_object_destroy_user+0x18e/0x220 [ 221.504826] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.505363] iommufd_access_destroy+0x43/0x70 [ 221.505784] iommufd_test_staccess_release+0x8d/0xd0 [ 221.506258] __fput+0x26d/0xa40 [ 221.506597] ____fput+0x1e/0x30 [ 221.506904] task_work_run+0x1a4/0x2d0 [ 221.507282] ? __pfx_task_work_run+0x10/0x10 [ 221.507692] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.508164] ? switch_task_namespaces+0xa9/0xe0 [ 221.508606] do_exit+0xb17/0x2ef0 [ 221.508937] ? lock_acquire+0x427/0x4c0 [ 221.509322] ? __pfx_lock_release+0x10/0x10 [ 221.509720] ? __kasan_check_write+0x18/0x20 [ 221.510123] ? do_raw_spin_lock+0x132/0x2a0 [ 221.510542] ? __pfx_do_exit+0x10/0x10 [ 221.510909] ? debug_smp_processor_id+0x20/0x30 [ 221.511369] ? rcu_is_watching+0x19/0xb0 [ 221.511754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.512183] ? trace_hardirqs_on+0x26/0x120 [ 221.512588] do_group_exit+0xe0/0x2b0 [ 221.512949] __x64_sys_exit_group+0x47/0x50 [ 221.513348] do_syscall_64+0x3b/0x90 [ 221.513698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.514189] RIP: 0033:0x7f4b87518a4d [ 221.514576] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.515163] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.515856] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.516506] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.517168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.517810] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.518463] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.519154] [ 221.519380] irq event stamp: 0 [ 221.519665] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.520236] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.521004] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.521769] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.522340] ---[ end trace 0000000000000000 ]--- [ 221.523180] ------------[ cut here ]------------ [ 221.523632] WARNING: CPU: 1 PID: 2115 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.525143] Modules linked in: [ 221.525447] CPU: 1 PID: 2115 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.526253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.527582] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.528069] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.529902] RSP: 0018:ffff888018097b78 EFLAGS: 00010246 [ 221.530397] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.531079] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 221.531775] RBP: ffff888018097b98 R08: ffffed100436ec3e R09: ffffed100436ec3e [ 221.532543] R10: ffff888021b761ef R11: ffffed100436ec3d R12: ffff888021b76290 [ 221.533207] R13: ffff888021b760a8 R14: ffffffffffffffff R15: ffff888018097c60 [ 221.533955] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.534814] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.535364] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 221.536042] PKRU: 55555554 [ 221.536400] Call Trace: [ 221.536751] [ 221.536973] iommufd_ioas_destroy+0x53/0x70 [ 221.537397] iommufd_fops_release+0x1f7/0x370 [ 221.537835] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.538346] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.538999] ? write_comp_data+0x2f/0x90 [ 221.539417] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.539895] __fput+0x26d/0xa40 [ 221.540229] ____fput+0x1e/0x30 [ 221.540560] task_work_run+0x1a4/0x2d0 [ 221.540996] ? __pfx_task_work_run+0x10/0x10 [ 221.541529] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.542002] ? switch_task_namespaces+0xa9/0xe0 [ 221.542460] do_exit+0xb17/0x2ef0 [ 221.542829] ? lock_acquire+0x427/0x4c0 [ 221.543239] ? __pfx_lock_release+0x10/0x10 [ 221.543818] ? __kasan_check_write+0x18/0x20 [ 221.544247] ? do_raw_spin_lock+0x132/0x2a0 [ 221.544665] ? __pfx_do_exit+0x10/0x10 [ 221.545049] ? debug_smp_processor_id+0x20/0x30 [ 221.545520] ? rcu_is_watching+0x19/0xb0 [ 221.546164] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.546689] ? trace_hardirqs_on+0x26/0x120 [ 221.547155] do_group_exit+0xe0/0x2b0 [ 221.547550] __x64_sys_exit_group+0x47/0x50 [ 221.547999] do_syscall_64+0x3b/0x90 [ 221.548397] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.549139] RIP: 0033:0x7f4b87518a4d [ 221.549528] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.550156] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.551069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.551957] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.552689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.553420] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.554375] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.555207] [ 221.555460] irq event stamp: 0 [ 221.555788] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.556646] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.557502] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.558363] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.559292] ---[ end trace 0000000000000000 ]--- [ 221.563728] ------------[ cut here ]------------ [ 221.564317] WARNING: CPU: 1 PID: 2116 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.565479] Modules linked in: [ 221.565808] CPU: 1 PID: 2116 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.566955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.568124] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.568635] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.570850] RSP: 0018:ffff888016567bb8 EFLAGS: 00010246 [ 221.571436] RAX: 0000000000000000 RBX: ffff88800f3710a8 RCX: 0000000000000000 [ 221.572308] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 221.573173] RBP: ffff888016567bd0 R08: ffffed1001e6e233 R09: ffffed1001e6e233 [ 221.573927] R10: ffff88800f371193 R11: ffffed1001e6e232 R12: ffff888010e04800 [ 221.574942] R13: ffff88800f3711e8 R14: ffffffff8352e670 R15: ffff888016567e68 [ 221.575735] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.576586] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.577268] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 221.578179] PKRU: 55555554 [ 221.578482] Call Trace: [ 221.578796] [ 221.579045] __iommufd_access_detach+0x1c2/0x2b0 [ 221.579578] iommufd_access_change_pt+0x149/0x270 [ 221.580164] iommufd_access_replace+0xb4/0x120 [ 221.580817] iommufd_test+0x3e5/0x37e0 [ 221.581238] ? lock_release+0x532/0x770 [ 221.581677] ? __might_fault+0x102/0x1b0 [ 221.582138] ? lock_acquire+0x427/0x4c0 [ 221.582685] ? __pfx_iommufd_test+0x10/0x10 [ 221.583279] ? __pfx_lock_release+0x10/0x10 [ 221.583767] ? __pfx_lock_acquire+0x10/0x10 [ 221.584243] ? write_comp_data+0x2f/0x90 [ 221.584691] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.585220] ? write_comp_data+0x2f/0x90 [ 221.585885] iommufd_fops_ioctl+0x37d/0x510 [ 221.586353] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.586923] ? write_comp_data+0x2f/0x90 [ 221.587398] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.587915] __x64_sys_ioctl+0x1a3/0x230 [ 221.588474] do_syscall_64+0x3b/0x90 [ 221.589003] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.589576] RIP: 0033:0x7f4b8743ee5d [ 221.589972] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.592209] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.593048] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.593917] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.594779] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.595544] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.596354] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.597268] [ 221.597527] irq event stamp: 0 [ 221.597862] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.598584] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.599708] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.600591] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.601274] ---[ end trace 0000000000000000 ]--- [ 221.604910] ------------[ cut here ]------------ [ 221.605463] WARNING: CPU: 1 PID: 2116 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.606872] Modules linked in: [ 221.607239] CPU: 1 PID: 2116 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.608165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.609382] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.610086] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.612217] RSP: 0018:ffff888016567bd0 EFLAGS: 00010246 [ 221.612816] RAX: 0000000000000000 RBX: ffff88800f3710a8 RCX: 0000000000000000 [ 221.613565] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 221.614372] RBP: ffff888016567be8 R08: ffffed1001e6e233 R09: ffffed1001e6e233 [ 221.615334] R10: ffff88800f371193 R11: ffffed1001e6e232 R12: ffff888013b15400 [ 221.616078] R13: ffff88800f3711e8 R14: ffff888014474800 R15: 0000000000000000 [ 221.616866] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 221.617911] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.618561] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 221.619348] PKRU: 55555554 [ 221.619708] Call Trace: [ 221.620158] [ 221.620407] iommufd_access_destroy_object+0x65/0x170 [ 221.620979] iommufd_object_destroy_user+0x18e/0x220 [ 221.621531] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.622174] iommufd_access_destroy+0x43/0x70 [ 221.622870] iommufd_test_staccess_release+0x8d/0xd0 [ 221.623453] __fput+0x26d/0xa40 [ 221.623829] ____fput+0x1e/0x30 [ 221.624194] task_work_run+0x1a4/0x2d0 [ 221.624639] ? __pfx_task_work_run+0x10/0x10 [ 221.625172] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.625818] ? switch_task_namespaces+0xa9/0xe0 [ 221.626327] do_exit+0xb17/0x2ef0 [ 221.626737] ? lock_acquire+0x427/0x4c0 [ 221.627188] ? __pfx_lock_release+0x10/0x10 [ 221.627653] ? __kasan_check_write+0x18/0x20 [ 221.628296] ? do_raw_spin_lock+0x132/0x2a0 [ 221.628763] ? __pfx_do_exit+0x10/0x10 [ 221.629213] ? debug_smp_processor_id+0x20/0x30 [ 221.629733] ? rcu_is_watching+0x19/0xb0 [ 221.630209] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.630887] ? trace_hardirqs_on+0x26/0x120 [ 221.631375] do_group_exit+0xe0/0x2b0 [ 221.631792] __x64_sys_exit_group+0x47/0x50 [ 221.632263] do_syscall_64+0x3b/0x90 [ 221.632677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.633478] RIP: 0033:0x7f4b87518a4d [ 221.633872] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.634558] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.635386] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.636323] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.637100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.637874] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.638898] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.639709] [ 221.639961] irq event stamp: 0 [ 221.640296] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.641090] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.642120] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.643066] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.643764] ---[ end trace 0000000000000000 ]--- [ 221.644823] ------------[ cut here ]------------ [ 221.645376] WARNING: CPU: 0 PID: 2116 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.646413] Modules linked in: [ 221.646827] CPU: 0 PID: 2116 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.647744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.648893] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.649418] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.651329] RSP: 0018:ffff888016567b78 EFLAGS: 00010246 [ 221.651886] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.652619] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 221.653350] RBP: ffff888016567b98 R08: ffffed1001e6e23e R09: ffffed1001e6e23e [ 221.654080] R10: ffff88800f3711ef R11: ffffed1001e6e23d R12: ffff88800f371290 [ 221.654842] R13: ffff88800f3710a8 R14: ffffffffffffffff R15: ffff888016567c60 [ 221.655590] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.656416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.657020] CR2: 00007ff8de66d038 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 221.657764] PKRU: 55555554 [ 221.658069] Call Trace: [ 221.658354] [ 221.658645] iommufd_ioas_destroy+0x53/0x70 [ 221.659134] iommufd_fops_release+0x1f7/0x370 [ 221.659612] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.660136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.660655] ? write_comp_data+0x2f/0x90 [ 221.661090] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.661612] __fput+0x26d/0xa40 [ 221.661973] ____fput+0x1e/0x30 [ 221.662324] task_work_run+0x1a4/0x2d0 [ 221.662772] ? __pfx_task_work_run+0x10/0x10 [ 221.663258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.663774] ? switch_task_namespaces+0xa9/0xe0 [ 221.664271] do_exit+0xb17/0x2ef0 [ 221.664632] ? lock_acquire+0x427/0x4c0 [ 221.665054] ? __pfx_lock_release+0x10/0x10 [ 221.665505] ? __kasan_check_write+0x18/0x20 [ 221.665969] ? do_raw_spin_lock+0x132/0x2a0 [ 221.666412] ? __pfx_do_exit+0x10/0x10 [ 221.666857] ? debug_smp_processor_id+0x20/0x30 [ 221.667353] ? rcu_is_watching+0x19/0xb0 [ 221.667773] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.668250] ? trace_hardirqs_on+0x26/0x120 [ 221.668704] do_group_exit+0xe0/0x2b0 [ 221.669114] __x64_sys_exit_group+0x47/0x50 [ 221.669564] do_syscall_64+0x3b/0x90 [ 221.669961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.670543] RIP: 0033:0x7f4b87518a4d [ 221.670937] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.671587] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.672372] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.673104] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.673839] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.674600] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.675337] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.676086] [ 221.676335] irq event stamp: 0 [ 221.676664] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.677313] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.678177] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.679060] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.679720] ---[ end trace 0000000000000000 ]--- [ 221.684808] ------------[ cut here ]------------ [ 221.685361] WARNING: CPU: 0 PID: 2117 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.686396] Modules linked in: [ 221.686785] CPU: 0 PID: 2117 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.687710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.688882] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.689406] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.691312] RSP: 0018:ffff888018097bb8 EFLAGS: 00010246 [ 221.691869] RAX: 0000000000000000 RBX: ffff888023f4e0a8 RCX: 0000000000000000 [ 221.692601] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 221.693345] RBP: ffff888018097bd0 R08: ffffed10047e9c33 R09: ffffed10047e9c33 [ 221.694117] R10: ffff888023f4e193 R11: ffffed10047e9c32 R12: ffff88800f9f5c00 [ 221.694878] R13: ffff888023f4e1e8 R14: ffffffff8352e670 R15: ffff888018097e68 [ 221.695630] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.696460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.697058] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 221.697824] PKRU: 55555554 [ 221.698127] Call Trace: [ 221.698392] [ 221.698658] __iommufd_access_detach+0x1c2/0x2b0 [ 221.699181] iommufd_access_change_pt+0x149/0x270 [ 221.699699] iommufd_access_replace+0xb4/0x120 [ 221.700185] iommufd_test+0x3e5/0x37e0 [ 221.700588] ? lock_release+0x532/0x770 [ 221.701006] ? __might_fault+0x102/0x1b0 [ 221.701430] ? lock_acquire+0x427/0x4c0 [ 221.701845] ? __pfx_iommufd_test+0x10/0x10 [ 221.702284] ? __pfx_lock_release+0x10/0x10 [ 221.702768] ? __pfx_lock_acquire+0x10/0x10 [ 221.703247] ? write_comp_data+0x2f/0x90 [ 221.703678] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.704186] ? write_comp_data+0x2f/0x90 [ 221.704616] iommufd_fops_ioctl+0x37d/0x510 [ 221.705084] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.705601] ? write_comp_data+0x2f/0x90 [ 221.706038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.706612] __x64_sys_ioctl+0x1a3/0x230 [ 221.707064] do_syscall_64+0x3b/0x90 [ 221.707480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.708019] RIP: 0033:0x7f4b8743ee5d [ 221.708403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.710261] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.711067] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.711808] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.712535] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.713262] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.713986] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.714750] [ 221.715002] irq event stamp: 0 [ 221.715341] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.715987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.716846] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.717695] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.718337] ---[ end trace 0000000000000000 ]--- [ 221.721600] ------------[ cut here ]------------ [ 221.722128] WARNING: CPU: 0 PID: 2117 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.723212] Modules linked in: [ 221.723553] CPU: 0 PID: 2117 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.724449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.725583] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.726089] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.728004] RSP: 0018:ffff888018097bd0 EFLAGS: 00010246 [ 221.728549] RAX: 0000000000000000 RBX: ffff888023f4e0a8 RCX: 0000000000000000 [ 221.729263] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 221.729983] RBP: ffff888018097be8 R08: ffffed10047e9c33 R09: ffffed10047e9c33 [ 221.730718] R10: ffff888023f4e193 R11: ffffed10047e9c32 R12: ffff888014141400 [ 221.731461] R13: ffff888023f4e1e8 R14: ffff888021867900 R15: 0000000000000000 [ 221.732185] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.733006] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.733602] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 221.734328] PKRU: 55555554 [ 221.734649] Call Trace: [ 221.734914] [ 221.735164] iommufd_access_destroy_object+0x65/0x170 [ 221.735709] iommufd_object_destroy_user+0x18e/0x220 [ 221.736243] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.736855] iommufd_access_destroy+0x43/0x70 [ 221.737354] iommufd_test_staccess_release+0x8d/0xd0 [ 221.737890] __fput+0x26d/0xa40 [ 221.738247] ____fput+0x1e/0x30 [ 221.738637] task_work_run+0x1a4/0x2d0 [ 221.739054] ? __pfx_task_work_run+0x10/0x10 [ 221.739540] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.740049] ? switch_task_namespaces+0xa9/0xe0 [ 221.740540] do_exit+0xb17/0x2ef0 [ 221.740899] ? lock_acquire+0x427/0x4c0 [ 221.741323] ? __pfx_lock_release+0x10/0x10 [ 221.741765] ? __kasan_check_write+0x18/0x20 [ 221.742225] ? do_raw_spin_lock+0x132/0x2a0 [ 221.742693] ? __pfx_do_exit+0x10/0x10 [ 221.743107] ? debug_smp_processor_id+0x20/0x30 [ 221.743603] ? rcu_is_watching+0x19/0xb0 [ 221.744020] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.744490] ? trace_hardirqs_on+0x26/0x120 [ 221.744938] do_group_exit+0xe0/0x2b0 [ 221.745340] __x64_sys_exit_group+0x47/0x50 [ 221.745792] do_syscall_64+0x3b/0x90 [ 221.746182] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.746752] RIP: 0033:0x7f4b87518a4d [ 221.747146] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.747776] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.748544] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.749268] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.749990] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.750739] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.751474] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.752197] [ 221.752437] irq event stamp: 0 [ 221.752764] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.753403] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.754246] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.755105] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.755761] ---[ end trace 0000000000000000 ]--- [ 221.756639] ------------[ cut here ]------------ [ 221.757127] WARNING: CPU: 0 PID: 2117 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.758154] Modules linked in: [ 221.758486] CPU: 0 PID: 2117 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.759433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.760573] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.761105] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.763001] RSP: 0018:ffff888018097b78 EFLAGS: 00010246 [ 221.763568] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.764286] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 221.765010] RBP: ffff888018097b98 R08: ffffed10047e9c3e R09: ffffed10047e9c3e [ 221.765735] R10: ffff888023f4e1ef R11: ffffed10047e9c3d R12: ffff888023f4e290 [ 221.766471] R13: ffff888023f4e0a8 R14: ffffffffffffffff R15: ffff888018097c60 [ 221.767237] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.768060] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.768647] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 221.769366] PKRU: 55555554 [ 221.769649] Call Trace: [ 221.769907] [ 221.770139] iommufd_ioas_destroy+0x53/0x70 [ 221.770612] iommufd_fops_release+0x1f7/0x370 [ 221.771084] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.771602] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.772111] ? write_comp_data+0x2f/0x90 [ 221.772540] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.773058] __fput+0x26d/0xa40 [ 221.773409] ____fput+0x1e/0x30 [ 221.773755] task_work_run+0x1a4/0x2d0 [ 221.774168] ? __pfx_task_work_run+0x10/0x10 [ 221.774653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.775176] ? switch_task_namespaces+0xa9/0xe0 [ 221.775666] do_exit+0xb17/0x2ef0 [ 221.776018] ? lock_acquire+0x427/0x4c0 [ 221.776447] ? __pfx_lock_release+0x10/0x10 [ 221.776912] ? __kasan_check_write+0x18/0x20 [ 221.777370] ? do_raw_spin_lock+0x132/0x2a0 [ 221.777820] ? __pfx_do_exit+0x10/0x10 [ 221.778229] ? debug_smp_processor_id+0x20/0x30 [ 221.778751] ? rcu_is_watching+0x19/0xb0 [ 221.779195] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.779664] ? trace_hardirqs_on+0x26/0x120 [ 221.780118] do_group_exit+0xe0/0x2b0 [ 221.780516] __x64_sys_exit_group+0x47/0x50 [ 221.780957] do_syscall_64+0x3b/0x90 [ 221.781349] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.781882] RIP: 0033:0x7f4b87518a4d [ 221.782261] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.782909] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.783712] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.784445] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.785181] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.786275] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.787042] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.787798] [ 221.788041] irq event stamp: 0 [ 221.788619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.789263] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.790129] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.791292] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.791939] ---[ end trace 0000000000000000 ]--- [ 221.796589] ------------[ cut here ]------------ [ 221.797118] WARNING: CPU: 0 PID: 2118 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.798410] Modules linked in: [ 221.798820] CPU: 0 PID: 2118 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.799729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.801113] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.801628] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.803520] RSP: 0018:ffff88800ea27bb8 EFLAGS: 00010246 [ 221.804076] RAX: 0000000000000000 RBX: ffff888011d530a8 RCX: 0000000000000000 [ 221.804793] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 221.805507] RBP: ffff88800ea27bd0 R08: ffffed10023aa633 R09: ffffed10023aa633 [ 221.806229] R10: ffff888011d53193 R11: ffffed10023aa632 R12: ffff88802081ec00 [ 221.806964] R13: ffff888011d531e8 R14: ffffffff8352e670 R15: ffff88800ea27e68 [ 221.807714] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.808537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.809125] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 221.809847] PKRU: 55555554 [ 221.810135] Call Trace: [ 221.810392] [ 221.810642] __iommufd_access_detach+0x1c2/0x2b0 [ 221.811155] iommufd_access_change_pt+0x149/0x270 [ 221.811651] iommufd_access_replace+0xb4/0x120 [ 221.812122] iommufd_test+0x3e5/0x37e0 [ 221.812515] ? lock_release+0x532/0x770 [ 221.812934] ? __might_fault+0x102/0x1b0 [ 221.813357] ? lock_acquire+0x427/0x4c0 [ 221.813781] ? __pfx_iommufd_test+0x10/0x10 [ 221.814217] ? __pfx_lock_release+0x10/0x10 [ 221.814694] ? __pfx_lock_acquire+0x10/0x10 [ 221.815168] ? write_comp_data+0x2f/0x90 [ 221.815595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.816095] ? write_comp_data+0x2f/0x90 [ 221.816517] iommufd_fops_ioctl+0x37d/0x510 [ 221.816957] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.817455] ? write_comp_data+0x2f/0x90 [ 221.817874] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.818364] __x64_sys_ioctl+0x1a3/0x230 [ 221.818813] do_syscall_64+0x3b/0x90 [ 221.819208] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.819746] RIP: 0033:0x7f4b8743ee5d [ 221.820126] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.821957] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.822756] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.823487] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.824205] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.824927] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.825642] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.826364] [ 221.826633] irq event stamp: 0 [ 221.826957] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.827613] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.828466] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.829320] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.829961] ---[ end trace 0000000000000000 ]--- [ 221.833497] ------------[ cut here ]------------ [ 221.834215] WARNING: CPU: 0 PID: 2118 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.835360] Modules linked in: [ 221.835692] CPU: 0 PID: 2118 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.836696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.838003] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.838533] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.840654] RSP: 0018:ffff88800ea27bd0 EFLAGS: 00010246 [ 221.841225] RAX: 0000000000000000 RBX: ffff888011d530a8 RCX: 0000000000000000 [ 221.842197] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 221.842943] RBP: ffff88800ea27be8 R08: ffffed10023aa633 R09: ffffed10023aa633 [ 221.843674] R10: ffff888011d53193 R11: ffffed10023aa632 R12: ffff88800f9f4c00 [ 221.844714] R13: ffff888011d531e8 R14: ffff888020c36200 R15: 0000000000000000 [ 221.845438] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.846528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.847127] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 221.847850] PKRU: 55555554 [ 221.848141] Call Trace: [ 221.848405] [ 221.848738] iommufd_access_destroy_object+0x65/0x170 [ 221.849418] iommufd_object_destroy_user+0x18e/0x220 [ 221.849938] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.850562] iommufd_access_destroy+0x43/0x70 [ 221.851034] iommufd_test_staccess_release+0x8d/0xd0 [ 221.851836] __fput+0x26d/0xa40 [ 221.852188] ____fput+0x1e/0x30 [ 221.852533] task_work_run+0x1a4/0x2d0 [ 221.852943] ? __pfx_task_work_run+0x10/0x10 [ 221.853456] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.854118] ? switch_task_namespaces+0xa9/0xe0 [ 221.854639] do_exit+0xb17/0x2ef0 [ 221.854994] ? lock_acquire+0x427/0x4c0 [ 221.855432] ? __pfx_lock_release+0x10/0x10 [ 221.855881] ? __kasan_check_write+0x18/0x20 [ 221.856544] ? do_raw_spin_lock+0x132/0x2a0 [ 221.856985] ? __pfx_do_exit+0x10/0x10 [ 221.857392] ? debug_smp_processor_id+0x20/0x30 [ 221.857869] ? rcu_is_watching+0x19/0xb0 [ 221.858391] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.858948] ? trace_hardirqs_on+0x26/0x120 [ 221.859414] do_group_exit+0xe0/0x2b0 [ 221.859811] __x64_sys_exit_group+0x47/0x50 [ 221.860248] do_syscall_64+0x3b/0x90 [ 221.860638] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.861383] RIP: 0033:0x7f4b87518a4d [ 221.861765] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.862392] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.863323] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.864163] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.864889] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.865661] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.866582] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.867332] [ 221.867574] irq event stamp: 0 [ 221.867895] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.868821] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.869671] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.870786] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.871439] ---[ end trace 0000000000000000 ]--- [ 221.872281] ------------[ cut here ]------------ [ 221.872762] WARNING: CPU: 0 PID: 2118 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.874022] Modules linked in: [ 221.874357] CPU: 0 PID: 2118 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.875478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.876610] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.877135] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.879220] RSP: 0018:ffff88800ea27b78 EFLAGS: 00010246 [ 221.879771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.880690] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 221.881410] RBP: ffff88800ea27b98 R08: ffffed10023aa63e R09: ffffed10023aa63e [ 221.882150] R10: ffff888011d531ef R11: ffffed10023aa63d R12: ffff888011d53290 [ 221.883083] R13: ffff888011d530a8 R14: ffffffffffffffff R15: ffff88800ea27c60 [ 221.883814] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.884632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.885439] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 221.886165] PKRU: 55555554 [ 221.886453] Call Trace: [ 221.886740] [ 221.886973] iommufd_ioas_destroy+0x53/0x70 [ 221.887528] iommufd_fops_release+0x1f7/0x370 [ 221.888102] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.888613] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.889123] ? write_comp_data+0x2f/0x90 [ 221.889627] ? __pfx_iommufd_fops_release+0x10/0x10 [ 221.890247] __fput+0x26d/0xa40 [ 221.890622] ____fput+0x1e/0x30 [ 221.890973] task_work_run+0x1a4/0x2d0 [ 221.891392] ? __pfx_task_work_run+0x10/0x10 [ 221.891848] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.892589] ? switch_task_namespaces+0xa9/0xe0 [ 221.893080] do_exit+0xb17/0x2ef0 [ 221.893432] ? lock_acquire+0x427/0x4c0 [ 221.893845] ? __pfx_lock_release+0x10/0x10 [ 221.894352] ? __kasan_check_write+0x18/0x20 [ 221.894956] ? do_raw_spin_lock+0x132/0x2a0 [ 221.895414] ? __pfx_do_exit+0x10/0x10 [ 221.895826] ? debug_smp_processor_id+0x20/0x30 [ 221.896305] ? rcu_is_watching+0x19/0xb0 [ 221.896726] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.897436] ? trace_hardirqs_on+0x26/0x120 [ 221.897893] do_group_exit+0xe0/0x2b0 [ 221.898281] __x64_sys_exit_group+0x47/0x50 [ 221.898743] do_syscall_64+0x3b/0x90 [ 221.899146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.899758] RIP: 0033:0x7f4b87518a4d [ 221.900276] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.900903] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.901675] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.902698] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.903429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.904149] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.905107] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.905832] [ 221.906073] irq event stamp: 0 [ 221.906392] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.907277] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.908144] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.909004] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.909875] ---[ end trace 0000000000000000 ]--- [ 221.915577] ------------[ cut here ]------------ [ 221.916114] WARNING: CPU: 0 PID: 2119 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.917133] Modules linked in: [ 221.917456] CPU: 0 PID: 2119 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.918335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.919730] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.920247] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.922096] RSP: 0018:ffff8880179afbb8 EFLAGS: 00010246 [ 221.922652] RAX: 0000000000000000 RBX: ffff888010b9a0a8 RCX: 0000000000000000 [ 221.923387] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 221.924109] RBP: ffff8880179afbd0 R08: ffffed1002173433 R09: ffffed1002173433 [ 221.924830] R10: ffff888010b9a193 R11: ffffed1002173432 R12: ffff888010825c00 [ 221.925550] R13: ffff888010b9a1e8 R14: ffffffff8352e670 R15: ffff8880179afe68 [ 221.926286] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.927129] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.927729] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 221.928449] PKRU: 55555554 [ 221.928740] Call Trace: [ 221.929000] [ 221.929227] __iommufd_access_detach+0x1c2/0x2b0 [ 221.929727] iommufd_access_change_pt+0x149/0x270 [ 221.930254] iommufd_access_replace+0xb4/0x120 [ 221.930755] iommufd_test+0x3e5/0x37e0 [ 221.931169] ? lock_release+0x532/0x770 [ 221.931585] ? __might_fault+0x102/0x1b0 [ 221.932008] ? lock_acquire+0x427/0x4c0 [ 221.932424] ? __pfx_iommufd_test+0x10/0x10 [ 221.932858] ? __pfx_lock_release+0x10/0x10 [ 221.933302] ? __pfx_lock_acquire+0x10/0x10 [ 221.933754] ? write_comp_data+0x2f/0x90 [ 221.934173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.934695] ? write_comp_data+0x2f/0x90 [ 221.935140] iommufd_fops_ioctl+0x37d/0x510 [ 221.935596] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.936095] ? write_comp_data+0x2f/0x90 [ 221.936520] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 221.937016] __x64_sys_ioctl+0x1a3/0x230 [ 221.937450] do_syscall_64+0x3b/0x90 [ 221.937841] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.938377] RIP: 0033:0x7f4b8743ee5d [ 221.938783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 221.940648] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 221.941416] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 221.942132] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 221.942878] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 221.943623] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 221.944345] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 221.945076] [ 221.945315] irq event stamp: 0 [ 221.945638] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.946281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.947180] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.948036] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.948679] ---[ end trace 0000000000000000 ]--- [ 221.951878] ------------[ cut here ]------------ [ 221.952401] WARNING: CPU: 0 PID: 2119 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 221.953423] Modules linked in: [ 221.953748] CPU: 0 PID: 2119 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.954659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.955806] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 221.956313] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 221.958155] RSP: 0018:ffff8880179afbd0 EFLAGS: 00010246 [ 221.958714] RAX: 0000000000000000 RBX: ffff888010b9a0a8 RCX: 0000000000000000 [ 221.959455] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 221.960171] RBP: ffff8880179afbe8 R08: ffffed1002173433 R09: ffffed1002173433 [ 221.960889] R10: ffff888010b9a193 R11: ffffed1002173432 R12: ffff88802081e000 [ 221.961608] R13: ffff888010b9a1e8 R14: ffff88800fa79800 R15: 0000000000000000 [ 221.962325] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.963165] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.963721] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 221.964406] PKRU: 55555554 [ 221.964675] Call Trace: [ 221.964917] [ 221.965131] iommufd_access_destroy_object+0x65/0x170 [ 221.965627] iommufd_object_destroy_user+0x18e/0x220 [ 221.966111] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 221.966683] iommufd_access_destroy+0x43/0x70 [ 221.967124] iommufd_test_staccess_release+0x8d/0xd0 [ 221.967614] __fput+0x26d/0xa40 [ 221.967940] ____fput+0x1e/0x30 [ 221.968265] task_work_run+0x1a4/0x2d0 [ 221.968646] ? __pfx_task_work_run+0x10/0x10 [ 221.969066] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 221.969538] ? switch_task_namespaces+0xa9/0xe0 [ 221.969984] do_exit+0xb17/0x2ef0 [ 221.970311] ? lock_acquire+0x427/0x4c0 [ 221.970714] ? __pfx_lock_release+0x10/0x10 [ 221.971146] ? __kasan_check_write+0x18/0x20 [ 221.971571] ? do_raw_spin_lock+0x132/0x2a0 [ 221.971987] ? __pfx_do_exit+0x10/0x10 [ 221.972362] ? debug_smp_processor_id+0x20/0x30 [ 221.972805] ? rcu_is_watching+0x19/0xb0 [ 221.973191] ? _raw_spin_unlock_irq+0x2b/0x60 [ 221.973618] ? trace_hardirqs_on+0x26/0x120 [ 221.974035] do_group_exit+0xe0/0x2b0 [ 221.974394] __x64_sys_exit_group+0x47/0x50 [ 221.974830] do_syscall_64+0x3b/0x90 [ 221.975211] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 221.975715] RIP: 0033:0x7f4b87518a4d [ 221.976069] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 221.976653] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 221.977374] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 221.978034] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 221.978717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 221.979396] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 221.980060] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 221.980725] [ 221.980943] irq event stamp: 0 [ 221.981242] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 221.981831] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 221.982635] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 221.982945] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 221.983436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 221.985384] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 221.985925] ---[ end trace 0000000000000000 ]--- [ 221.988069] ------------[ cut here ]------------ [ 221.988511] WARNING: CPU: 0 PID: 2119 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 221.989463] Modules linked in: [ 221.989769] CPU: 0 PID: 2119 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 221.990617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 221.991677] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 221.992174] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 221.993861] RSP: 0018:ffff8880179afb78 EFLAGS: 00010246 [ 221.994361] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 221.995055] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 221.995740] RBP: ffff8880179afb98 R08: ffffed100217343e R09: ffffed100217343e [ 221.996410] R10: ffff888010b9a1ef R11: ffffed100217343d R12: ffff888010b9a290 [ 221.997074] R13: ffff888010b9a0a8 R14: ffffffffffffffff R15: ffff8880179afc60 [ 221.997737] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 221.998487] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.999057] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 221.999729] PKRU: 55555554 [ 221.999997] Call Trace: [ 222.000245] [ 222.000468] iommufd_ioas_destroy+0x53/0x70 [ 222.000891] iommufd_fops_release+0x1f7/0x370 [ 222.001323] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.001798] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.002268] ? write_comp_data+0x2f/0x90 [ 222.002697] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.003189] __fput+0x26d/0xa40 [ 222.003521] ____fput+0x1e/0x30 [ 222.003844] task_work_run+0x1a4/0x2d0 [ 222.004220] ? __pfx_task_work_run+0x10/0x10 [ 222.004641] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.005112] ? switch_task_namespaces+0xa9/0xe0 [ 222.005572] do_exit+0xb17/0x2ef0 [ 222.005904] ? lock_acquire+0x427/0x4c0 [ 222.006289] ? __pfx_lock_release+0x10/0x10 [ 222.006731] ? __kasan_check_write+0x18/0x20 [ 222.007159] ? do_raw_spin_lock+0x132/0x2a0 [ 222.007573] ? __pfx_do_exit+0x10/0x10 [ 222.007949] ? debug_smp_processor_id+0x20/0x30 [ 222.008394] ? rcu_is_watching+0x19/0xb0 [ 222.008791] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.009224] ? trace_hardirqs_on+0x26/0x120 [ 222.009648] do_group_exit+0xe0/0x2b0 [ 222.010016] __x64_sys_exit_group+0x47/0x50 [ 222.010424] do_syscall_64+0x3b/0x90 [ 222.010808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.011321] RIP: 0033:0x7f4b87518a4d [ 222.011678] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.012263] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.012974] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.013643] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.014310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.015006] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.015681] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.016353] [ 222.016580] irq event stamp: 0 [ 222.016874] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.017461] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.018247] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.019063] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.019673] ---[ end trace 0000000000000000 ]--- [ 222.028415] ------------[ cut here ]------------ [ 222.028955] WARNING: CPU: 0 PID: 2121 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.030246] Modules linked in: [ 222.030627] CPU: 0 PID: 2121 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.031535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.032899] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.033411] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.035545] RSP: 0018:ffff888018097bb8 EFLAGS: 00010246 [ 222.036100] RAX: 0000000000000000 RBX: ffff8880179648a8 RCX: 0000000000000000 [ 222.036833] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 222.037563] RBP: ffff888018097bd0 R08: ffffed1002f2c933 R09: ffffed1002f2c933 [ 222.038283] R10: ffff888017964993 R11: ffffed1002f2c932 R12: ffff88801341f000 [ 222.039038] R13: ffff8880179649e8 R14: ffffffff8352e670 R15: ffff888018097e68 [ 222.039806] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.040636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.041225] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 222.041952] PKRU: 55555554 [ 222.042243] Call Trace: [ 222.042504] [ 222.042769] __iommufd_access_detach+0x1c2/0x2b0 [ 222.043290] iommufd_access_change_pt+0x149/0x270 [ 222.043796] iommufd_access_replace+0xb4/0x120 [ 222.044277] iommufd_test+0x3e5/0x37e0 [ 222.044677] ? lock_release+0x532/0x770 [ 222.045100] ? __might_fault+0x102/0x1b0 [ 222.045523] ? lock_acquire+0x427/0x4c0 [ 222.045945] ? __pfx_iommufd_test+0x10/0x10 [ 222.046381] ? __pfx_lock_release+0x10/0x10 [ 222.046858] ? __pfx_lock_acquire+0x10/0x10 [ 222.047341] ? write_comp_data+0x2f/0x90 [ 222.047766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.048268] ? write_comp_data+0x2f/0x90 [ 222.048695] iommufd_fops_ioctl+0x37d/0x510 [ 222.049140] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.049642] ? write_comp_data+0x2f/0x90 [ 222.050063] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.050577] __x64_sys_ioctl+0x1a3/0x230 [ 222.051003] do_syscall_64+0x3b/0x90 [ 222.051409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.051943] RIP: 0033:0x7f4b8743ee5d [ 222.052326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.054179] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.054997] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.055746] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.056473] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.057188] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.057909] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.058668] [ 222.058915] irq event stamp: 0 [ 222.059260] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.059898] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.060756] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.061601] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.062244] ---[ end trace 0000000000000000 ]--- [ 222.065781] ------------[ cut here ]------------ [ 222.066608] WARNING: CPU: 0 PID: 2121 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.067685] Modules linked in: [ 222.068015] CPU: 0 PID: 2121 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.069171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.070320] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.070867] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.073020] RSP: 0018:ffff888018097bd0 EFLAGS: 00010246 [ 222.073572] RAX: 0000000000000000 RBX: ffff8880179648a8 RCX: 0000000000000000 [ 222.074587] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 222.075332] RBP: ffff888018097be8 R08: ffffed1002f2c933 R09: ffffed1002f2c933 [ 222.076064] R10: ffff888017964993 R11: ffffed1002f2c932 R12: ffff888014391c00 [ 222.077088] R13: ffff8880179649e8 R14: ffff888012899200 R15: 0000000000000000 [ 222.077822] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.078704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.079479] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.080227] PKRU: 55555554 [ 222.080523] Call Trace: [ 222.080785] [ 222.081015] iommufd_access_destroy_object+0x65/0x170 [ 222.081823] iommufd_object_destroy_user+0x18e/0x220 [ 222.082358] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 222.082989] iommufd_access_destroy+0x43/0x70 [ 222.083489] iommufd_test_staccess_release+0x8d/0xd0 [ 222.084020] __fput+0x26d/0xa40 [ 222.084656] ____fput+0x1e/0x30 [ 222.085009] task_work_run+0x1a4/0x2d0 [ 222.085424] ? __pfx_task_work_run+0x10/0x10 [ 222.085885] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.086414] ? switch_task_namespaces+0xa9/0xe0 [ 222.087141] do_exit+0xb17/0x2ef0 [ 222.087516] ? lock_acquire+0x427/0x4c0 [ 222.087940] ? __pfx_lock_release+0x10/0x10 [ 222.088406] ? __kasan_check_write+0x18/0x20 [ 222.088864] ? do_raw_spin_lock+0x132/0x2a0 [ 222.089417] ? __pfx_do_exit+0x10/0x10 [ 222.089940] ? debug_smp_processor_id+0x20/0x30 [ 222.090429] ? rcu_is_watching+0x19/0xb0 [ 222.090891] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.091385] ? trace_hardirqs_on+0x26/0x120 [ 222.091900] do_group_exit+0xe0/0x2b0 [ 222.092504] __x64_sys_exit_group+0x47/0x50 [ 222.092947] do_syscall_64+0x3b/0x90 [ 222.093345] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.093889] RIP: 0033:0x7f4b87518a4d [ 222.094481] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.095162] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.095958] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.096759] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.097675] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.098410] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.099321] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.100163] [ 222.100410] irq event stamp: 0 [ 222.100742] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.101397] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.102495] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.103402] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.104059] ---[ end trace 0000000000000000 ]--- [ 222.105151] ------------[ cut here ]------------ [ 222.105646] WARNING: CPU: 0 PID: 2121 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 222.106858] Modules linked in: [ 222.107314] CPU: 0 PID: 2121 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.108229] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.109504] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 222.110176] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 222.112334] RSP: 0018:ffff888018097b78 EFLAGS: 00010246 [ 222.112900] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 222.113648] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 222.114465] RBP: ffff888018097b98 R08: ffffed1002f2c93e R09: ffffed1002f2c93e [ 222.115397] R10: ffff8880179649ef R11: ffffed1002f2c93d R12: ffff888017964a90 [ 222.116143] R13: ffff8880179648a8 R14: ffffffffffffffff R15: ffff888018097c60 [ 222.116900] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.117976] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.118617] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.119395] PKRU: 55555554 [ 222.119712] Call Trace: [ 222.120173] [ 222.120407] iommufd_ioas_destroy+0x53/0x70 [ 222.120866] iommufd_fops_release+0x1f7/0x370 [ 222.121340] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.121902] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.122631] ? write_comp_data+0x2f/0x90 [ 222.123084] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.123634] __fput+0x26d/0xa40 [ 222.124001] ____fput+0x1e/0x30 [ 222.124361] task_work_run+0x1a4/0x2d0 [ 222.124791] ? __pfx_task_work_run+0x10/0x10 [ 222.125265] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.125788] ? switch_task_namespaces+0xa9/0xe0 [ 222.126285] do_exit+0xb17/0x2ef0 [ 222.126682] ? lock_acquire+0x427/0x4c0 [ 222.127114] ? __pfx_lock_release+0x10/0x10 [ 222.127581] ? __kasan_check_write+0x18/0x20 [ 222.128048] ? do_raw_spin_lock+0x132/0x2a0 [ 222.128505] ? __pfx_do_exit+0x10/0x10 [ 222.128927] ? debug_smp_processor_id+0x20/0x30 [ 222.129418] ? rcu_is_watching+0x19/0xb0 [ 222.129842] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.130318] ? trace_hardirqs_on+0x26/0x120 [ 222.130804] do_group_exit+0xe0/0x2b0 [ 222.131222] __x64_sys_exit_group+0x47/0x50 [ 222.131677] do_syscall_64+0x3b/0x90 [ 222.132078] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.132628] RIP: 0033:0x7f4b87518a4d [ 222.133025] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.133655] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.134434] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.135196] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.135945] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.136686] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.137421] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.138160] [ 222.138401] irq event stamp: 0 [ 222.138755] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.139436] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.140310] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.141173] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.141821] ---[ end trace 0000000000000000 ]--- [ 222.147022] ------------[ cut here ]------------ [ 222.147568] WARNING: CPU: 0 PID: 2122 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.148868] Modules linked in: [ 222.149202] CPU: 0 PID: 2122 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.150105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.151515] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.152043] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.153924] RSP: 0018:ffff888018297bb8 EFLAGS: 00010246 [ 222.154478] RAX: 0000000000000000 RBX: ffff888015d2f0a8 RCX: 0000000000000000 [ 222.155255] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 222.155994] RBP: ffff888018297bd0 R08: ffffed1002ba5e33 R09: ffffed1002ba5e33 [ 222.156725] R10: ffff888015d2f193 R11: ffffed1002ba5e32 R12: ffff88800ae92000 [ 222.157454] R13: ffff888015d2f1e8 R14: ffffffff8352e670 R15: ffff888018297e68 [ 222.158180] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.159042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.159659] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 222.160393] PKRU: 55555554 [ 222.160684] Call Trace: [ 222.160949] [ 222.161184] __iommufd_access_detach+0x1c2/0x2b0 [ 222.161682] iommufd_access_change_pt+0x149/0x270 [ 222.162180] iommufd_access_replace+0xb4/0x120 [ 222.162676] iommufd_test+0x3e5/0x37e0 [ 222.163084] ? lock_release+0x532/0x770 [ 222.163514] ? __might_fault+0x102/0x1b0 [ 222.163933] ? lock_acquire+0x427/0x4c0 [ 222.164349] ? __pfx_iommufd_test+0x10/0x10 [ 222.164787] ? __pfx_lock_release+0x10/0x10 [ 222.165237] ? __pfx_lock_acquire+0x10/0x10 [ 222.165684] ? write_comp_data+0x2f/0x90 [ 222.166108] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.166642] ? write_comp_data+0x2f/0x90 [ 222.167069] iommufd_fops_ioctl+0x37d/0x510 [ 222.167522] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.168021] ? write_comp_data+0x2f/0x90 [ 222.168445] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.168941] __x64_sys_ioctl+0x1a3/0x230 [ 222.169369] do_syscall_64+0x3b/0x90 [ 222.169760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.170302] RIP: 0033:0x7f4b8743ee5d [ 222.170707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.172570] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.173345] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.174061] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.174802] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.175533] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.176250] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.176971] [ 222.177189] irq event stamp: 0 [ 222.177486] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.178072] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.178879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.179658] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.180243] ---[ end trace 0000000000000000 ]--- [ 222.183500] ------------[ cut here ]------------ [ 222.184152] WARNING: CPU: 0 PID: 2122 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.185089] Modules linked in: [ 222.185390] CPU: 0 PID: 2122 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.186391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.187676] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.188151] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.190063] RSP: 0018:ffff888018297bd0 EFLAGS: 00010246 [ 222.190634] RAX: 0000000000000000 RBX: ffff888015d2f0a8 RCX: 0000000000000000 [ 222.191422] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 222.192094] RBP: ffff888018297be8 R08: ffffed1002ba5e33 R09: ffffed1002ba5e33 [ 222.192759] R10: ffff888015d2f193 R11: ffffed1002ba5e32 R12: ffff88801341d000 [ 222.193622] R13: ffff888015d2f1e8 R14: ffff8880102f8500 R15: 0000000000000000 [ 222.194292] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.195166] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.195796] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.196463] PKRU: 55555554 [ 222.196736] Call Trace: [ 222.196985] [ 222.197207] iommufd_access_destroy_object+0x65/0x170 [ 222.197893] iommufd_object_destroy_user+0x18e/0x220 [ 222.198380] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 222.198952] iommufd_access_destroy+0x43/0x70 [ 222.199407] iommufd_test_staccess_release+0x8d/0xd0 [ 222.199952] __fput+0x26d/0xa40 [ 222.200408] ____fput+0x1e/0x30 [ 222.200729] task_work_run+0x1a4/0x2d0 [ 222.201104] ? __pfx_task_work_run+0x10/0x10 [ 222.201524] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.202081] ? switch_task_namespaces+0xa9/0xe0 [ 222.202623] do_exit+0xb17/0x2ef0 [ 222.202956] ? lock_acquire+0x427/0x4c0 [ 222.203354] ? __pfx_lock_release+0x10/0x10 [ 222.203769] ? __kasan_check_write+0x18/0x20 [ 222.204198] ? do_raw_spin_lock+0x132/0x2a0 [ 222.204809] ? __pfx_do_exit+0x10/0x10 [ 222.205193] ? debug_smp_processor_id+0x20/0x30 [ 222.205634] ? rcu_is_watching+0x19/0xb0 [ 222.206021] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.206461] ? trace_hardirqs_on+0x26/0x120 [ 222.206909] do_group_exit+0xe0/0x2b0 [ 222.207295] __x64_sys_exit_group+0x47/0x50 [ 222.207706] do_syscall_64+0x3b/0x90 [ 222.208167] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.208781] RIP: 0033:0x7f4b87518a4d [ 222.209132] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.209706] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.210411] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.211111] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.211781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.212451] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.213108] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.213781] [ 222.214003] irq event stamp: 0 [ 222.214301] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.214917] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.215719] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.216493] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.217078] ---[ end trace 0000000000000000 ]--- [ 222.217889] ------------[ cut here ]------------ [ 222.218339] WARNING: CPU: 0 PID: 2122 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 222.219324] Modules linked in: [ 222.219636] CPU: 0 PID: 2122 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.220453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.221515] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 222.221994] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 222.223737] RSP: 0018:ffff888018297b78 EFLAGS: 00010246 [ 222.224239] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 222.224897] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 222.225551] RBP: ffff888018297b98 R08: ffffed1002ba5e3e R09: ffffed1002ba5e3e [ 222.226207] R10: ffff888015d2f1ef R11: ffffed1002ba5e3d R12: ffff888015d2f290 [ 222.226880] R13: ffff888015d2f0a8 R14: ffffffffffffffff R15: ffff888018297c60 [ 222.227554] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.228299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.228842] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.229502] PKRU: 55555554 [ 222.229766] Call Trace: [ 222.230005] [ 222.230222] iommufd_ioas_destroy+0x53/0x70 [ 222.230661] iommufd_fops_release+0x1f7/0x370 [ 222.231086] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.231569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.232029] ? write_comp_data+0x2f/0x90 [ 222.232415] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.232880] __fput+0x26d/0xa40 [ 222.233204] ____fput+0x1e/0x30 [ 222.233523] task_work_run+0x1a4/0x2d0 [ 222.233898] ? __pfx_task_work_run+0x10/0x10 [ 222.234309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.234787] ? switch_task_namespaces+0xa9/0xe0 [ 222.235246] do_exit+0xb17/0x2ef0 [ 222.235581] ? lock_acquire+0x427/0x4c0 [ 222.235968] ? __pfx_lock_release+0x10/0x10 [ 222.236388] ? __kasan_check_write+0x18/0x20 [ 222.236844] ? do_raw_spin_lock+0x132/0x2a0 [ 222.237473] ? __pfx_do_exit+0x10/0x10 [ 222.237859] ? debug_smp_processor_id+0x20/0x30 [ 222.238303] ? rcu_is_watching+0x19/0xb0 [ 222.238717] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.239161] ? trace_hardirqs_on+0x26/0x120 [ 222.239577] do_group_exit+0xe0/0x2b0 [ 222.239937] __x64_sys_exit_group+0x47/0x50 [ 222.240341] do_syscall_64+0x3b/0x90 [ 222.240739] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.241421] RIP: 0033:0x7f4b87518a4d [ 222.241775] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.242352] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.243082] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.243753] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.244417] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.245288] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.245951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.246647] [ 222.246868] irq event stamp: 0 [ 222.247172] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.247760] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.248784] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.249567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.250158] ---[ end trace 0000000000000000 ]--- [ 222.254446] ------------[ cut here ]------------ [ 222.254962] WARNING: CPU: 0 PID: 2123 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.256126] Modules linked in: [ 222.256431] CPU: 0 PID: 2123 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.257244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.258484] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.259029] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.260915] RSP: 0018:ffff8880179afbb8 EFLAGS: 00010246 [ 222.261409] RAX: 0000000000000000 RBX: ffff888017a9f8a8 RCX: 0000000000000000 [ 222.262065] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 222.262744] RBP: ffff8880179afbd0 R08: ffffed1002f53f33 R09: ffffed1002f53f33 [ 222.263417] R10: ffff888017a9f993 R11: ffffed1002f53f32 R12: ffff88800fcb2800 [ 222.264076] R13: ffff888017a9f9e8 R14: ffffffff8352e670 R15: ffff8880179afe68 [ 222.264732] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.265489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.266024] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 222.266722] PKRU: 55555554 [ 222.267007] Call Trace: [ 222.267256] [ 222.267468] __iommufd_access_detach+0x1c2/0x2b0 [ 222.267929] iommufd_access_change_pt+0x149/0x270 [ 222.268388] iommufd_access_replace+0xb4/0x120 [ 222.268826] iommufd_test+0x3e5/0x37e0 [ 222.269196] ? lock_release+0x532/0x770 [ 222.269580] ? __might_fault+0x102/0x1b0 [ 222.269967] ? lock_acquire+0x427/0x4c0 [ 222.270347] ? __pfx_iommufd_test+0x10/0x10 [ 222.270770] ? __pfx_lock_release+0x10/0x10 [ 222.271192] ? __pfx_lock_acquire+0x10/0x10 [ 222.271615] ? write_comp_data+0x2f/0x90 [ 222.272008] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.272457] ? write_comp_data+0x2f/0x90 [ 222.272849] iommufd_fops_ioctl+0x37d/0x510 [ 222.273256] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.273719] ? write_comp_data+0x2f/0x90 [ 222.274109] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.274587] __x64_sys_ioctl+0x1a3/0x230 [ 222.274981] do_syscall_64+0x3b/0x90 [ 222.275350] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.275839] RIP: 0033:0x7f4b8743ee5d [ 222.276183] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.277873] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.278611] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.279276] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.279935] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.280589] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.281243] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.281915] [ 222.282134] irq event stamp: 0 [ 222.282426] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.283030] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.283813] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.284580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.285161] ---[ end trace 0000000000000000 ]--- [ 222.288511] ------------[ cut here ]------------ [ 222.288992] WARNING: CPU: 0 PID: 2123 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.289927] Modules linked in: [ 222.290224] CPU: 0 PID: 2123 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.291052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.292104] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.292555] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.294204] RSP: 0018:ffff8880179afbd0 EFLAGS: 00010246 [ 222.294704] RAX: 0000000000000000 RBX: ffff888017a9f8a8 RCX: 0000000000000000 [ 222.295373] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 222.296014] RBP: ffff8880179afbe8 R08: ffffed1002f53f33 R09: ffffed1002f53f33 [ 222.296661] R10: ffff888017a9f993 R11: ffffed1002f53f32 R12: ffff88800ae90400 [ 222.297303] R13: ffff888017a9f9e8 R14: ffff888021867500 R15: 0000000000000000 [ 222.297946] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.298688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.299212] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.299824] PKRU: 55555554 [ 222.300067] Call Trace: [ 222.300287] [ 222.300483] iommufd_access_destroy_object+0x65/0x170 [ 222.300936] iommufd_object_destroy_user+0x18e/0x220 [ 222.301378] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 222.301883] iommufd_access_destroy+0x43/0x70 [ 222.302278] iommufd_test_staccess_release+0x8d/0xd0 [ 222.302737] __fput+0x26d/0xa40 [ 222.303039] ____fput+0x1e/0x30 [ 222.303340] task_work_run+0x1a4/0x2d0 [ 222.303683] ? __pfx_task_work_run+0x10/0x10 [ 222.304072] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.304501] ? switch_task_namespaces+0xa9/0xe0 [ 222.304919] do_exit+0xb17/0x2ef0 [ 222.305224] ? lock_acquire+0x427/0x4c0 [ 222.305581] ? __pfx_lock_release+0x10/0x10 [ 222.305962] ? __kasan_check_write+0x18/0x20 [ 222.306347] ? do_raw_spin_lock+0x132/0x2a0 [ 222.306748] ? __pfx_do_exit+0x10/0x10 [ 222.307099] ? debug_smp_processor_id+0x20/0x30 [ 222.307519] ? rcu_is_watching+0x19/0xb0 [ 222.307871] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.308273] ? trace_hardirqs_on+0x26/0x120 [ 222.308654] do_group_exit+0xe0/0x2b0 [ 222.308986] __x64_sys_exit_group+0x47/0x50 [ 222.309360] do_syscall_64+0x3b/0x90 [ 222.309693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.310148] RIP: 0033:0x7f4b87518a4d [ 222.310470] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.311019] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.311686] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.312291] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.312906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.313511] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.314118] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.314761] [ 222.314967] irq event stamp: 0 [ 222.315249] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.315788] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.316506] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.317217] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.317757] ---[ end trace 0000000000000000 ]--- [ 222.318500] ------------[ cut here ]------------ [ 222.318934] WARNING: CPU: 0 PID: 2123 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 222.319826] Modules linked in: [ 222.320102] CPU: 0 PID: 2123 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.320851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.321809] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 222.322253] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 222.323833] RSP: 0018:ffff8880179afb78 EFLAGS: 00010246 [ 222.324288] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 222.324883] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 222.325483] RBP: ffff8880179afb98 R08: ffffed1002f53f3e R09: ffffed1002f53f3e [ 222.326084] R10: ffff888017a9f9ef R11: ffffed1002f53f3d R12: ffff888017a9fa90 [ 222.326705] R13: ffff888017a9f8a8 R14: ffffffffffffffff R15: ffff8880179afc60 [ 222.327323] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.328005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.328494] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.329095] PKRU: 55555554 [ 222.329333] Call Trace: [ 222.329547] [ 222.329739] iommufd_ioas_destroy+0x53/0x70 [ 222.330109] iommufd_fops_release+0x1f7/0x370 [ 222.330498] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.330955] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.331388] ? write_comp_data+0x2f/0x90 [ 222.331743] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.332172] __fput+0x26d/0xa40 [ 222.332471] ____fput+0x1e/0x30 [ 222.332763] task_work_run+0x1a4/0x2d0 [ 222.333101] ? __pfx_task_work_run+0x10/0x10 [ 222.333480] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.333895] ? switch_task_namespaces+0xa9/0xe0 [ 222.334303] do_exit+0xb17/0x2ef0 [ 222.334619] ? lock_acquire+0x427/0x4c0 [ 222.334966] ? __pfx_lock_release+0x10/0x10 [ 222.335344] ? __kasan_check_write+0x18/0x20 [ 222.335722] ? do_raw_spin_lock+0x132/0x2a0 [ 222.336091] ? __pfx_do_exit+0x10/0x10 [ 222.336431] ? debug_smp_processor_id+0x20/0x30 [ 222.336833] ? rcu_is_watching+0x19/0xb0 [ 222.337188] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.337584] ? trace_hardirqs_on+0x26/0x120 [ 222.337958] do_group_exit+0xe0/0x2b0 [ 222.338287] __x64_sys_exit_group+0x47/0x50 [ 222.338681] do_syscall_64+0x3b/0x90 [ 222.339010] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.339464] RIP: 0033:0x7f4b87518a4d [ 222.339781] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.340298] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.340938] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.341538] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.342136] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.342763] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.343381] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.343988] [ 222.344186] irq event stamp: 0 [ 222.344452] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.344984] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.345689] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.346401] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.346951] ---[ end trace 0000000000000000 ]--- [ 222.351321] ------------[ cut here ]------------ [ 222.351760] WARNING: CPU: 0 PID: 2124 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.352613] Modules linked in: [ 222.352885] CPU: 0 PID: 2124 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.353627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.354609] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.355027] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.356572] RSP: 0018:ffff8880172a7bb8 EFLAGS: 00010246 [ 222.357025] RAX: 0000000000000000 RBX: ffff888011de78a8 RCX: 0000000000000000 [ 222.357625] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 222.358224] RBP: ffff8880172a7bd0 R08: ffffed10023bcf33 R09: ffffed10023bcf33 [ 222.358837] R10: ffff888011de7993 R11: ffffed10023bcf32 R12: ffff88800f9f4c00 [ 222.359446] R13: ffff888011de79e8 R14: ffffffff8352e670 R15: ffff8880172a7e68 [ 222.360051] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.360727] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.361216] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 222.361822] PKRU: 55555554 [ 222.362064] Call Trace: [ 222.362281] [ 222.362475] __iommufd_access_detach+0x1c2/0x2b0 [ 222.362915] iommufd_access_change_pt+0x149/0x270 [ 222.363347] iommufd_access_replace+0xb4/0x120 [ 222.363745] iommufd_test+0x3e5/0x37e0 [ 222.364078] ? lock_release+0x532/0x770 [ 222.364427] ? __might_fault+0x102/0x1b0 [ 222.364780] ? lock_acquire+0x427/0x4c0 [ 222.365126] ? __pfx_iommufd_test+0x10/0x10 [ 222.365490] ? __pfx_lock_release+0x10/0x10 [ 222.365860] ? __pfx_lock_acquire+0x10/0x10 [ 222.366236] ? write_comp_data+0x2f/0x90 [ 222.366616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.367041] ? write_comp_data+0x2f/0x90 [ 222.367413] iommufd_fops_ioctl+0x37d/0x510 [ 222.367783] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.368199] ? write_comp_data+0x2f/0x90 [ 222.368556] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.368967] __x64_sys_ioctl+0x1a3/0x230 [ 222.369325] do_syscall_64+0x3b/0x90 [ 222.369660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.370112] RIP: 0033:0x7f4b8743ee5d [ 222.370432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.372027] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.372680] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.373280] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.373877] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.374476] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.375109] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.375728] [ 222.375930] irq event stamp: 0 [ 222.376196] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.376727] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.377427] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.378119] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.378658] ---[ end trace 0000000000000000 ]--- [ 222.381439] ------------[ cut here ]------------ [ 222.381869] WARNING: CPU: 0 PID: 2124 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.382747] Modules linked in: [ 222.383021] CPU: 0 PID: 2124 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.383760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.384693] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.385111] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.386648] RSP: 0018:ffff8880172a7bd0 EFLAGS: 00010246 [ 222.387095] RAX: 0000000000000000 RBX: ffff888011de78a8 RCX: 0000000000000000 [ 222.387691] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 222.388277] RBP: ffff8880172a7be8 R08: ffffed10023bcf33 R09: ffffed10023bcf33 [ 222.388875] R10: ffff888011de7993 R11: ffffed10023bcf32 R12: ffff88800fcb3000 [ 222.389464] R13: ffff888011de79e8 R14: ffff88800fd67900 R15: 0000000000000000 [ 222.390052] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.390736] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.391227] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.391832] PKRU: 55555554 [ 222.392068] Call Trace: [ 222.392294] [ 222.392487] iommufd_access_destroy_object+0x65/0x170 [ 222.392923] iommufd_object_destroy_user+0x18e/0x220 [ 222.393353] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 222.393844] iommufd_access_destroy+0x43/0x70 [ 222.394227] iommufd_test_staccess_release+0x8d/0xd0 [ 222.394680] __fput+0x26d/0xa40 [ 222.394973] ____fput+0x1e/0x30 [ 222.395269] task_work_run+0x1a4/0x2d0 [ 222.395604] ? __pfx_task_work_run+0x10/0x10 [ 222.395975] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.396391] ? switch_task_namespaces+0xa9/0xe0 [ 222.396790] do_exit+0xb17/0x2ef0 [ 222.397084] ? lock_acquire+0x427/0x4c0 [ 222.397425] ? __pfx_lock_release+0x10/0x10 [ 222.397794] ? __kasan_check_write+0x18/0x20 [ 222.398167] ? do_raw_spin_lock+0x132/0x2a0 [ 222.398562] ? __pfx_do_exit+0x10/0x10 [ 222.398905] ? debug_smp_processor_id+0x20/0x30 [ 222.399304] ? rcu_is_watching+0x19/0xb0 [ 222.399642] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.400024] ? trace_hardirqs_on+0x26/0x120 [ 222.400392] do_group_exit+0xe0/0x2b0 [ 222.400711] __x64_sys_exit_group+0x47/0x50 [ 222.401069] do_syscall_64+0x3b/0x90 [ 222.401389] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.401826] RIP: 0033:0x7f4b87518a4d [ 222.402136] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.402679] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.403333] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.403927] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.404516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.405105] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.405691] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.406289] [ 222.406485] irq event stamp: 0 [ 222.406765] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.407294] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.407988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.408681] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.409202] ---[ end trace 0000000000000000 ]--- [ 222.409925] ------------[ cut here ]------------ [ 222.410318] WARNING: CPU: 0 PID: 2124 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 222.411199] Modules linked in: [ 222.411475] CPU: 0 PID: 2124 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.412215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.413151] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 222.413579] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 222.415108] RSP: 0018:ffff8880172a7b78 EFLAGS: 00010246 [ 222.415565] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 222.416152] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 222.416744] RBP: ffff8880172a7b98 R08: ffffed10023bcf3e R09: ffffed10023bcf3e [ 222.417344] R10: ffff888011de79ef R11: ffffed10023bcf3d R12: ffff888011de7a90 [ 222.417941] R13: ffff888011de78a8 R14: ffffffffffffffff R15: ffff8880172a7c60 [ 222.418563] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.419247] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.419726] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.420322] PKRU: 55555554 [ 222.420558] Call Trace: [ 222.420776] [ 222.420976] iommufd_ioas_destroy+0x53/0x70 [ 222.421350] iommufd_fops_release+0x1f7/0x370 [ 222.421726] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.422150] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.422592] ? write_comp_data+0x2f/0x90 [ 222.422952] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.423393] __fput+0x26d/0xa40 [ 222.423697] ____fput+0x1e/0x30 [ 222.423990] task_work_run+0x1a4/0x2d0 [ 222.424334] ? __pfx_task_work_run+0x10/0x10 [ 222.424740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.425182] ? switch_task_namespaces+0xa9/0xe0 [ 222.425599] do_exit+0xb17/0x2ef0 [ 222.425895] ? lock_acquire+0x427/0x4c0 [ 222.426247] ? __pfx_lock_release+0x10/0x10 [ 222.426651] ? __kasan_check_write+0x18/0x20 [ 222.427035] ? do_raw_spin_lock+0x132/0x2a0 [ 222.427414] ? __pfx_do_exit+0x10/0x10 [ 222.427752] ? debug_smp_processor_id+0x20/0x30 [ 222.428146] ? rcu_is_watching+0x19/0xb0 [ 222.428493] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.428890] ? trace_hardirqs_on+0x26/0x120 [ 222.429264] do_group_exit+0xe0/0x2b0 [ 222.429594] __x64_sys_exit_group+0x47/0x50 [ 222.429964] do_syscall_64+0x3b/0x90 [ 222.430296] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.430764] RIP: 0033:0x7f4b87518a4d [ 222.431084] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.431622] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.432263] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.432872] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.433464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.434059] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.434688] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.435301] [ 222.435491] irq event stamp: 0 [ 222.435738] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.436235] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.436888] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.437535] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.438024] ---[ end trace 0000000000000000 ]--- [ 222.442716] ------------[ cut here ]------------ [ 222.443127] WARNING: CPU: 0 PID: 2125 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.443925] Modules linked in: [ 222.444184] CPU: 0 PID: 2125 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.444879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.445751] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.446145] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.448259] RSP: 0018:ffff88800f77fbb8 EFLAGS: 00010246 [ 222.448858] RAX: 0000000000000000 RBX: ffff8880104658a8 RCX: 0000000000000000 [ 222.449637] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 222.450417] RBP: ffff88800f77fbd0 R08: ffffed100208cb33 R09: ffffed100208cb33 [ 222.451258] R10: ffff888010465993 R11: ffffed100208cb32 R12: ffff888010573000 [ 222.452075] R13: ffff8880104659e8 R14: ffffffff8352e670 R15: ffff88800f77fe68 [ 222.452891] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.453808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.454477] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ef0 [ 222.455332] PKRU: 55555554 [ 222.455668] Call Trace: [ 222.455967] [ 222.456236] __iommufd_access_detach+0x1c2/0x2b0 [ 222.456812] iommufd_access_change_pt+0x149/0x270 [ 222.457388] iommufd_access_replace+0xb4/0x120 [ 222.457933] iommufd_test+0x3e5/0x37e0 [ 222.458388] ? lock_release+0x532/0x770 [ 222.458894] ? __might_fault+0x102/0x1b0 [ 222.459391] ? lock_acquire+0x427/0x4c0 [ 222.459869] ? __pfx_iommufd_test+0x10/0x10 [ 222.460367] ? __pfx_lock_release+0x10/0x10 [ 222.460878] ? __pfx_lock_acquire+0x10/0x10 [ 222.461392] ? write_comp_data+0x2f/0x90 [ 222.461880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.462453] ? write_comp_data+0x2f/0x90 [ 222.462984] iommufd_fops_ioctl+0x37d/0x510 [ 222.463626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.464058] ? write_comp_data+0x2f/0x90 [ 222.464412] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.464821] __x64_sys_ioctl+0x1a3/0x230 [ 222.465175] do_syscall_64+0x3b/0x90 [ 222.465499] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.465943] RIP: 0033:0x7f4b8743ee5d [ 222.466259] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.467863] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.468511] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.469111] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.469720] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.470323] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.470946] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.471557] [ 222.471749] irq event stamp: 0 [ 222.472009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.472524] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.473206] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.473890] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.474414] ---[ end trace 0000000000000000 ]--- [ 222.477260] ------------[ cut here ]------------ [ 222.477678] WARNING: CPU: 0 PID: 2125 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.478538] Modules linked in: [ 222.478809] CPU: 0 PID: 2125 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.479534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.480453] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.480867] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.482363] RSP: 0018:ffff88800f77fbd0 EFLAGS: 00010246 [ 222.482825] RAX: 0000000000000000 RBX: ffff8880104658a8 RCX: 0000000000000000 [ 222.483428] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 222.484014] RBP: ffff88800f77fbe8 R08: ffffed100208cb33 R09: ffffed100208cb33 [ 222.484598] R10: ffff888010465993 R11: ffffed100208cb32 R12: ffff88800f9f6400 [ 222.485185] R13: ffff8880104659e8 R14: ffff88800fd1ea00 R15: 0000000000000000 [ 222.485774] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.486447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.486966] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.487581] PKRU: 55555554 [ 222.487817] Call Trace: [ 222.488029] [ 222.488219] iommufd_access_destroy_object+0x65/0x170 [ 222.488653] iommufd_object_destroy_user+0x18e/0x220 [ 222.489077] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 222.489561] iommufd_access_destroy+0x43/0x70 [ 222.489946] iommufd_test_staccess_release+0x8d/0xd0 [ 222.490376] __fput+0x26d/0xa40 [ 222.490687] ____fput+0x1e/0x30 [ 222.490974] task_work_run+0x1a4/0x2d0 [ 222.491320] ? __pfx_task_work_run+0x10/0x10 [ 222.491698] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.492114] ? switch_task_namespaces+0xa9/0xe0 [ 222.492514] do_exit+0xb17/0x2ef0 [ 222.492805] ? lock_acquire+0x427/0x4c0 [ 222.493145] ? __pfx_lock_release+0x10/0x10 [ 222.493534] ? __kasan_check_write+0x18/0x20 [ 222.494467] ? do_raw_spin_lock+0x132/0x2a0 [ 222.494876] ? __pfx_do_exit+0x10/0x10 [ 222.495236] ? debug_smp_processor_id+0x20/0x30 [ 222.495637] ? rcu_is_watching+0x19/0xb0 [ 222.495990] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.496383] ? trace_hardirqs_on+0x26/0x120 [ 222.496760] do_group_exit+0xe0/0x2b0 [ 222.497480] __x64_sys_exit_group+0x47/0x50 [ 222.498022] do_syscall_64+0x3b/0x90 [ 222.498493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.499202] RIP: 0033:0x7f4b87518a4d [ 222.499670] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.500429] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.501745] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.502675] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.503575] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.504845] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.505702] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.506619] [ 222.506925] irq event stamp: 0 [ 222.507335] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.508201] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.509352] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.510364] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.511214] ---[ end trace 0000000000000000 ]--- [ 222.512570] ------------[ cut here ]------------ [ 222.513149] WARNING: CPU: 0 PID: 2125 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 222.514364] Modules linked in: [ 222.514804] CPU: 0 PID: 2125 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.516156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.517548] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 222.518207] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 222.520735] RSP: 0018:ffff88800f77fb78 EFLAGS: 00010246 [ 222.521410] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 222.522295] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 222.523522] RBP: ffff88800f77fb98 R08: ffffed100208cb3e R09: ffffed100208cb3e [ 222.524411] R10: ffff8880104659ef R11: ffffed100208cb3d R12: ffff888010465a90 [ 222.525290] R13: ffff8880104658a8 R14: ffffffffffffffff R15: ffff88800f77fc60 [ 222.526195] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.527478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.528228] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.529140] PKRU: 55555554 [ 222.529509] Call Trace: [ 222.529850] [ 222.530406] iommufd_ioas_destroy+0x53/0x70 [ 222.531047] iommufd_fops_release+0x1f7/0x370 [ 222.531676] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.532330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.532973] ? write_comp_data+0x2f/0x90 [ 222.533516] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.534233] __fput+0x26d/0xa40 [ 222.534917] ____fput+0x1e/0x30 [ 222.535430] task_work_run+0x1a4/0x2d0 [ 222.535978] ? __pfx_task_work_run+0x10/0x10 [ 222.536585] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.537252] ? switch_task_namespaces+0xa9/0xe0 [ 222.537913] do_exit+0xb17/0x2ef0 [ 222.538701] ? lock_acquire+0x427/0x4c0 [ 222.539296] ? __pfx_lock_release+0x10/0x10 [ 222.539898] ? __kasan_check_write+0x18/0x20 [ 222.540510] ? do_raw_spin_lock+0x132/0x2a0 [ 222.541091] ? __pfx_do_exit+0x10/0x10 [ 222.541628] ? debug_smp_processor_id+0x20/0x30 [ 222.542276] ? rcu_is_watching+0x19/0xb0 [ 222.543266] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.543910] ? trace_hardirqs_on+0x26/0x120 [ 222.544488] do_group_exit+0xe0/0x2b0 [ 222.545000] __x64_sys_exit_group+0x47/0x50 [ 222.545570] do_syscall_64+0x3b/0x90 [ 222.546083] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.546852] RIP: 0033:0x7f4b87518a4d [ 222.547382] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.548535] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.549517] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.550415] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.551387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.552559] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.553466] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.554379] [ 222.554717] irq event stamp: 0 [ 222.555149] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.556167] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.557223] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.558277] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.559398] ---[ end trace 0000000000000000 ]--- [ 222.568597] ------------[ cut here ]------------ [ 222.569305] WARNING: CPU: 0 PID: 2126 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.571016] Modules linked in: [ 222.571497] CPU: 0 PID: 2126 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.572662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.574157] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.574922] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.577333] RSP: 0018:ffff8880179afbb8 EFLAGS: 00010246 [ 222.578038] RAX: 0000000000000000 RBX: ffff888017a158a8 RCX: 0000000000000000 [ 222.579023] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 222.579986] RBP: ffff8880179afbd0 R08: ffffed1002f42b33 R09: ffffed1002f42b33 [ 222.580930] R10: ffff888017a15993 R11: ffffed1002f42b32 R12: ffff888020fed000 [ 222.581867] R13: ffff888017a159e8 R14: ffffffff8352e670 R15: ffff8880179afe68 [ 222.582863] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.583964] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.584738] CR2: 00007f4b877410e8 CR3: 0000000020e2e000 CR4: 0000000000750ef0 [ 222.585681] PKRU: 55555554 [ 222.586065] Call Trace: [ 222.586423] [ 222.586801] __iommufd_access_detach+0x1c2/0x2b0 [ 222.587494] iommufd_access_change_pt+0x149/0x270 [ 222.588157] iommufd_access_replace+0xb4/0x120 [ 222.588787] iommufd_test+0x3e5/0x37e0 [ 222.589320] ? lock_release+0x532/0x770 [ 222.589882] ? __might_fault+0x102/0x1b0 [ 222.590448] ? lock_acquire+0x427/0x4c0 [ 222.591073] ? __pfx_iommufd_test+0x10/0x10 [ 222.591720] ? __pfx_lock_release+0x10/0x10 [ 222.592336] ? __pfx_lock_acquire+0x10/0x10 [ 222.592946] ? write_comp_data+0x2f/0x90 [ 222.593505] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.594172] ? write_comp_data+0x2f/0x90 [ 222.594795] iommufd_fops_ioctl+0x37d/0x510 [ 222.595411] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.596076] ? write_comp_data+0x2f/0x90 [ 222.596648] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.597299] __x64_sys_ioctl+0x1a3/0x230 [ 222.597862] do_syscall_64+0x3b/0x90 [ 222.598379] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.599172] RIP: 0033:0x7f4b8743ee5d [ 222.599704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.602174] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.603286] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.604260] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.605230] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.606200] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.607246] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.608255] [ 222.608588] irq event stamp: 0 [ 222.609031] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.609891] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.611094] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.612266] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.613130] ---[ end trace 0000000000000000 ]--- [ 222.619145] ------------[ cut here ]------------ [ 222.619823] WARNING: CPU: 0 PID: 2126 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.621203] Modules linked in: [ 222.621648] CPU: 0 PID: 2126 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.623279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.624814] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.625495] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.628342] RSP: 0018:ffff8880179afbd0 EFLAGS: 00010246 [ 222.629106] RAX: 0000000000000000 RBX: ffff888017a158a8 RCX: 0000000000000000 [ 222.630085] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 222.631430] RBP: ffff8880179afbe8 R08: ffffed1002f42b33 R09: ffffed1002f42b33 [ 222.632411] R10: ffff888017a15993 R11: ffffed1002f42b32 R12: ffff888010571c00 [ 222.633383] R13: ffff888017a159e8 R14: ffff888012fddf00 R15: 0000000000000000 [ 222.634354] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.635880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.636666] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.637641] PKRU: 55555554 [ 222.638033] Call Trace: [ 222.638388] [ 222.638757] iommufd_access_destroy_object+0x65/0x170 [ 222.639502] iommufd_object_destroy_user+0x18e/0x220 [ 222.640515] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 222.641333] iommufd_access_destroy+0x43/0x70 [ 222.641976] iommufd_test_staccess_release+0x8d/0xd0 [ 222.642762] __fput+0x26d/0xa40 [ 222.643268] ____fput+0x1e/0x30 [ 222.643728] task_work_run+0x1a4/0x2d0 [ 222.644393] ? __pfx_task_work_run+0x10/0x10 [ 222.645162] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.645851] ? switch_task_namespaces+0xa9/0xe0 [ 222.646578] do_exit+0xb17/0x2ef0 [ 222.647067] ? lock_acquire+0x427/0x4c0 [ 222.647660] ? __pfx_lock_release+0x10/0x10 [ 222.648305] ? __kasan_check_write+0x18/0x20 [ 222.649159] ? do_raw_spin_lock+0x132/0x2a0 [ 222.649771] ? __pfx_do_exit+0x10/0x10 [ 222.650331] ? debug_smp_processor_id+0x20/0x30 [ 222.651057] ? rcu_is_watching+0x19/0xb0 [ 222.651670] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.652310] ? trace_hardirqs_on+0x26/0x120 [ 222.653236] do_group_exit+0xe0/0x2b0 [ 222.653778] __x64_sys_exit_group+0x47/0x50 [ 222.654376] do_syscall_64+0x3b/0x90 [ 222.654969] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.655731] RIP: 0033:0x7f4b87518a4d [ 222.656259] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.657387] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.658435] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.659491] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.660467] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.661763] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.662793] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.663814] [ 222.664144] irq event stamp: 0 [ 222.664571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.665683] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.666897] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.668078] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.668941] ---[ end trace 0000000000000000 ]--- [ 222.670688] ------------[ cut here ]------------ [ 222.671386] WARNING: CPU: 0 PID: 2126 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 222.672787] Modules linked in: [ 222.673240] CPU: 0 PID: 2126 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.674836] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.676386] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 222.677093] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 222.679899] RSP: 0018:ffff8880179afb78 EFLAGS: 00010246 [ 222.680633] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 222.681856] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 222.682890] RBP: ffff8880179afb98 R08: ffffed1002f42b3e R09: ffffed1002f42b3e [ 222.683878] R10: ffff888017a159ef R11: ffffed1002f42b3d R12: ffff888017a15a90 [ 222.684851] R13: ffff888017a158a8 R14: ffffffffffffffff R15: ffff8880179afc60 [ 222.686084] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.687235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.688032] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.689306] PKRU: 55555554 [ 222.689707] Call Trace: [ 222.690063] [ 222.690383] iommufd_ioas_destroy+0x53/0x70 [ 222.691030] iommufd_fops_release+0x1f7/0x370 [ 222.691687] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.692383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.693366] ? write_comp_data+0x2f/0x90 [ 222.693952] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.694684] __fput+0x26d/0xa40 [ 222.695201] ____fput+0x1e/0x30 [ 222.695795] task_work_run+0x1a4/0x2d0 [ 222.696481] ? __pfx_task_work_run+0x10/0x10 [ 222.697099] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.697778] ? switch_task_namespaces+0xa9/0xe0 [ 222.698443] do_exit+0xb17/0x2ef0 [ 222.699017] ? lock_acquire+0x427/0x4c0 [ 222.699783] ? __pfx_lock_release+0x10/0x10 [ 222.700398] ? __kasan_check_write+0x18/0x20 [ 222.701015] ? do_raw_spin_lock+0x132/0x2a0 [ 222.701616] ? __pfx_do_exit+0x10/0x10 [ 222.702430] ? debug_smp_processor_id+0x20/0x30 [ 222.703142] ? rcu_is_watching+0x19/0xb0 [ 222.703718] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.704350] ? trace_hardirqs_on+0x26/0x120 [ 222.704985] do_group_exit+0xe0/0x2b0 [ 222.705734] __x64_sys_exit_group+0x47/0x50 [ 222.706336] do_syscall_64+0x3b/0x90 [ 222.706899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.707648] RIP: 0033:0x7f4b87518a4d [ 222.708168] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.709305] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.710350] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.711389] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.712437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.713603] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.714616] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.715628] [ 222.715985] irq event stamp: 0 [ 222.716674] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.717540] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.718714] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.719973] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.721009] ---[ end trace 0000000000000000 ]--- [ 222.732715] ------------[ cut here ]------------ [ 222.733411] WARNING: CPU: 0 PID: 2127 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.735273] Modules linked in: [ 222.735735] CPU: 0 PID: 2127 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.736920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.738447] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.739217] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.741674] RSP: 0018:ffff88801885fbb8 EFLAGS: 00010246 [ 222.742408] RAX: 0000000000000000 RBX: ffff8880245a38a8 RCX: 0000000000000000 [ 222.743453] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 222.744424] RBP: ffff88801885fbd0 R08: ffffed10048b4733 R09: ffffed10048b4733 [ 222.745400] R10: ffff8880245a3993 R11: ffffed10048b4732 R12: ffff888012a1d400 [ 222.746375] R13: ffff8880245a39e8 R14: ffffffff8352e670 R15: ffff88801885fe68 [ 222.747535] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.748484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.749225] CR2: 00007f4b877410e8 CR3: 0000000020e2e000 CR4: 0000000000750ef0 [ 222.750128] PKRU: 55555554 [ 222.750490] Call Trace: [ 222.750891] [ 222.751221] __iommufd_access_detach+0x1c2/0x2b0 [ 222.751878] iommufd_access_change_pt+0x149/0x270 [ 222.752509] iommufd_access_replace+0xb4/0x120 [ 222.753131] iommufd_test+0x3e5/0x37e0 [ 222.753637] ? lock_release+0x532/0x770 [ 222.754173] ? __might_fault+0x102/0x1b0 [ 222.754778] ? lock_acquire+0x427/0x4c0 [ 222.755346] ? __pfx_iommufd_test+0x10/0x10 [ 222.755913] ? __pfx_lock_release+0x10/0x10 [ 222.756473] ? __pfx_lock_acquire+0x10/0x10 [ 222.757066] ? write_comp_data+0x2f/0x90 [ 222.757600] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.758218] ? write_comp_data+0x2f/0x90 [ 222.758826] iommufd_fops_ioctl+0x37d/0x510 [ 222.759430] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.760078] ? write_comp_data+0x2f/0x90 [ 222.760623] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.761245] __x64_sys_ioctl+0x1a3/0x230 [ 222.761799] do_syscall_64+0x3b/0x90 [ 222.762295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.763012] RIP: 0033:0x7f4b8743ee5d [ 222.763788] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.766204] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.767319] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.768289] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.769256] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.770218] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.771244] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.772233] [ 222.772561] irq event stamp: 0 [ 222.772995] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.773849] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.774992] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.776120] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.776969] ---[ end trace 0000000000000000 ]--- [ 222.783147] ------------[ cut here ]------------ [ 222.784105] WARNING: CPU: 0 PID: 2127 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.785522] Modules linked in: [ 222.786194] CPU: 0 PID: 2127 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.787487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.789241] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.789913] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.792700] RSP: 0018:ffff88801885fbd0 EFLAGS: 00010246 [ 222.793682] RAX: 0000000000000000 RBX: ffff8880245a38a8 RCX: 0000000000000000 [ 222.794669] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 222.795675] RBP: ffff88801885fbe8 R08: ffffed10048b4733 R09: ffffed10048b4733 [ 222.796769] R10: ffff8880245a3993 R11: ffffed10048b4732 R12: ffff888020fec400 [ 222.797746] R13: ffff8880245a39e8 R14: ffff888010f94100 R15: 0000000000000000 [ 222.798924] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.799992] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.801083] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.802041] PKRU: 55555554 [ 222.802453] Call Trace: [ 222.803091] [ 222.803510] iommufd_access_destroy_object+0x65/0x170 [ 222.804062] iommufd_object_destroy_user+0x18e/0x220 [ 222.804595] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 222.805701] iommufd_access_destroy+0x43/0x70 [ 222.806179] iommufd_test_staccess_release+0x8d/0xd0 [ 222.806747] __fput+0x26d/0xa40 [ 222.807100] ____fput+0x1e/0x30 [ 222.807472] task_work_run+0x1a4/0x2d0 [ 222.808175] ? __pfx_task_work_run+0x10/0x10 [ 222.808646] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.809148] ? switch_task_namespaces+0xa9/0xe0 [ 222.809645] do_exit+0xb17/0x2ef0 [ 222.810123] ? lock_acquire+0x427/0x4c0 [ 222.810649] ? __pfx_lock_release+0x10/0x10 [ 222.811102] ? __kasan_check_write+0x18/0x20 [ 222.811576] ? do_raw_spin_lock+0x132/0x2a0 [ 222.812023] ? __pfx_do_exit+0x10/0x10 [ 222.812446] ? debug_smp_processor_id+0x20/0x30 [ 222.813189] ? rcu_is_watching+0x19/0xb0 [ 222.813629] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.814111] ? trace_hardirqs_on+0x26/0x120 [ 222.814603] do_group_exit+0xe0/0x2b0 [ 222.815012] __x64_sys_exit_group+0x47/0x50 [ 222.815719] do_syscall_64+0x3b/0x90 [ 222.816117] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.816666] RIP: 0033:0x7f4b87518a4d [ 222.817055] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.817912] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.818739] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.819500] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.820330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.821189] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.821939] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.822963] [ 222.823225] irq event stamp: 0 [ 222.823557] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.824232] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.825147] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.826194] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.826901] ---[ end trace 0000000000000000 ]--- [ 222.827932] ------------[ cut here ]------------ [ 222.828426] WARNING: CPU: 0 PID: 2127 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 222.829497] Modules linked in: [ 222.829842] CPU: 0 PID: 2127 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.831050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.832252] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 222.832857] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 222.834967] RSP: 0018:ffff88801885fb78 EFLAGS: 00010246 [ 222.835593] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 222.836514] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 222.837269] RBP: ffff88801885fb98 R08: ffffed10048b473e R09: ffffed10048b473e [ 222.838237] R10: ffff8880245a39ef R11: ffffed10048b473d R12: ffff8880245a3a90 [ 222.839020] R13: ffff8880245a38a8 R14: ffffffffffffffff R15: ffff88801885fc60 [ 222.839777] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.840749] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.841463] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 222.842199] PKRU: 55555554 [ 222.842497] Call Trace: [ 222.842878] [ 222.843225] iommufd_ioas_destroy+0x53/0x70 [ 222.843686] iommufd_fops_release+0x1f7/0x370 [ 222.844155] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.844668] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.845236] ? write_comp_data+0x2f/0x90 [ 222.845825] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.846369] __fput+0x26d/0xa40 [ 222.846789] ____fput+0x1e/0x30 [ 222.847152] task_work_run+0x1a4/0x2d0 [ 222.847623] ? __pfx_task_work_run+0x10/0x10 [ 222.848217] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.848727] ? switch_task_namespaces+0xa9/0xe0 [ 222.849221] do_exit+0xb17/0x2ef0 [ 222.849587] ? lock_acquire+0x427/0x4c0 [ 222.850003] ? __pfx_lock_release+0x10/0x10 [ 222.850452] ? __kasan_check_write+0x18/0x20 [ 222.850949] ? do_raw_spin_lock+0x132/0x2a0 [ 222.851409] ? __pfx_do_exit+0x10/0x10 [ 222.851822] ? debug_smp_processor_id+0x20/0x30 [ 222.852299] ? rcu_is_watching+0x19/0xb0 [ 222.852717] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.853187] ? trace_hardirqs_on+0x26/0x120 [ 222.853645] do_group_exit+0xe0/0x2b0 [ 222.854041] __x64_sys_exit_group+0x47/0x50 [ 222.854483] do_syscall_64+0x3b/0x90 [ 222.854901] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.855448] RIP: 0033:0x7f4b87518a4d [ 222.855833] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.856465] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.857242] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.857971] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.858723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.859464] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.860188] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.860926] [ 222.861166] irq event stamp: 0 [ 222.861492] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.862132] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.863018] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.863869] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.864499] ---[ end trace 0000000000000000 ]--- [ 222.869028] ------------[ cut here ]------------ [ 222.869562] WARNING: CPU: 0 PID: 2128 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.870675] Modules linked in: [ 222.871003] CPU: 0 PID: 2128 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.871850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.872903] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.873367] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.875097] RSP: 0018:ffff888018657bb8 EFLAGS: 00010246 [ 222.875614] RAX: 0000000000000000 RBX: ffff888015d2c8a8 RCX: 0000000000000000 [ 222.876269] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 222.876933] RBP: ffff888018657bd0 R08: ffffed1002ba5933 R09: ffffed1002ba5933 [ 222.877592] R10: ffff888015d2c993 R11: ffffed1002ba5932 R12: ffff88801422f400 [ 222.878255] R13: ffff888015d2c9e8 R14: ffffffff8352e670 R15: ffff888018657e68 [ 222.878943] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.879724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.880269] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ef0 [ 222.880930] PKRU: 55555554 [ 222.881192] Call Trace: [ 222.881430] [ 222.881641] __iommufd_access_detach+0x1c2/0x2b0 [ 222.882093] iommufd_access_change_pt+0x149/0x270 [ 222.882567] iommufd_access_replace+0xb4/0x120 [ 222.883006] iommufd_test+0x3e5/0x37e0 [ 222.883390] ? lock_release+0x532/0x770 [ 222.883773] ? __might_fault+0x102/0x1b0 [ 222.884161] ? lock_acquire+0x427/0x4c0 [ 222.884536] ? __pfx_iommufd_test+0x10/0x10 [ 222.884940] ? __pfx_lock_release+0x10/0x10 [ 222.885350] ? __pfx_lock_acquire+0x10/0x10 [ 222.885756] ? write_comp_data+0x2f/0x90 [ 222.886137] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.886601] ? write_comp_data+0x2f/0x90 [ 222.886983] iommufd_fops_ioctl+0x37d/0x510 [ 222.887394] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.887845] ? write_comp_data+0x2f/0x90 [ 222.888226] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.888665] __x64_sys_ioctl+0x1a3/0x230 [ 222.889051] do_syscall_64+0x3b/0x90 [ 222.889403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.889882] RIP: 0033:0x7f4b8743ee5d [ 222.890224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.891849] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.892510] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.893125] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.893738] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.894366] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.895004] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.895642] [ 222.895846] irq event stamp: 0 [ 222.896118] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.896660] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.897378] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.898110] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.898682] ---[ end trace 0000000000000000 ]--- [ 222.901795] ------------[ cut here ]------------ [ 222.902255] WARNING: CPU: 1 PID: 2128 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.903243] Modules linked in: [ 222.903521] CPU: 1 PID: 2128 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.904275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.905228] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.905649] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.907240] RSP: 0018:ffff888018657bd0 EFLAGS: 00010246 [ 222.907687] RAX: 0000000000000000 RBX: ffff888015d2c8a8 RCX: 0000000000000000 [ 222.908280] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 222.908864] RBP: ffff888018657be8 R08: ffffed1002ba5933 R09: ffffed1002ba5933 [ 222.909443] R10: ffff888015d2c993 R11: ffffed1002ba5932 R12: ffff888012e90c00 [ 222.910005] R13: ffff888015d2c9e8 R14: ffff88800fd7b200 R15: 0000000000000000 [ 222.910602] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 222.911257] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.911729] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 222.912295] PKRU: 55555554 [ 222.912534] Call Trace: [ 222.912738] [ 222.912920] iommufd_access_destroy_object+0x65/0x170 [ 222.913334] iommufd_object_destroy_user+0x18e/0x220 [ 222.913755] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 222.914232] iommufd_access_destroy+0x43/0x70 [ 222.914633] iommufd_test_staccess_release+0x8d/0xd0 [ 222.915051] __fput+0x26d/0xa40 [ 222.915340] ____fput+0x1e/0x30 [ 222.915622] task_work_run+0x1a4/0x2d0 [ 222.915957] ? __pfx_task_work_run+0x10/0x10 [ 222.916314] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.916731] ? switch_task_namespaces+0xa9/0xe0 [ 222.917117] do_exit+0xb17/0x2ef0 [ 222.917394] ? lock_acquire+0x427/0x4c0 [ 222.917722] ? __pfx_lock_release+0x10/0x10 [ 222.918086] ? __kasan_check_write+0x18/0x20 [ 222.918444] ? do_raw_spin_lock+0x132/0x2a0 [ 222.918814] ? __pfx_do_exit+0x10/0x10 [ 222.919169] ? debug_smp_processor_id+0x20/0x30 [ 222.919546] ? rcu_is_watching+0x19/0xb0 [ 222.919876] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.920259] ? trace_hardirqs_on+0x26/0x120 [ 222.920615] do_group_exit+0xe0/0x2b0 [ 222.920922] __x64_sys_exit_group+0x47/0x50 [ 222.921279] do_syscall_64+0x3b/0x90 [ 222.921585] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.922005] RIP: 0033:0x7f4b87518a4d [ 222.922320] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.922839] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.923471] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.924038] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.924613] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.925176] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.925755] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.926338] [ 222.926565] irq event stamp: 0 [ 222.926824] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.927340] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.928024] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.928707] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.929206] ---[ end trace 0000000000000000 ]--- [ 222.930054] ------------[ cut here ]------------ [ 222.930496] WARNING: CPU: 0 PID: 2128 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 222.931371] Modules linked in: [ 222.931634] CPU: 0 PID: 2128 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.932345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.933264] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 222.933685] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 222.935236] RSP: 0018:ffff888018657b78 EFLAGS: 00010246 [ 222.935678] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 222.936257] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 222.936840] RBP: ffff888018657b98 R08: ffffed1002ba593e R09: ffffed1002ba593e [ 222.937419] R10: ffff888015d2c9ef R11: ffffed1002ba593d R12: ffff888015d2ca90 [ 222.937997] R13: ffff888015d2c8a8 R14: ffffffffffffffff R15: ffff888018657c60 [ 222.938597] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 222.939264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.939738] CR2: 00007f82e2ede010 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 222.940317] PKRU: 55555554 [ 222.940549] Call Trace: [ 222.940758] [ 222.940948] iommufd_ioas_destroy+0x53/0x70 [ 222.941316] iommufd_fops_release+0x1f7/0x370 [ 222.941691] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.942102] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.942532] ? write_comp_data+0x2f/0x90 [ 222.942882] ? __pfx_iommufd_fops_release+0x10/0x10 [ 222.943307] __fput+0x26d/0xa40 [ 222.943594] ____fput+0x1e/0x30 [ 222.943876] task_work_run+0x1a4/0x2d0 [ 222.944207] ? __pfx_task_work_run+0x10/0x10 [ 222.944580] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.944991] ? switch_task_namespaces+0xa9/0xe0 [ 222.945386] do_exit+0xb17/0x2ef0 [ 222.945674] ? lock_acquire+0x427/0x4c0 [ 222.946012] ? __pfx_lock_release+0x10/0x10 [ 222.946373] ? __kasan_check_write+0x18/0x20 [ 222.946759] ? do_raw_spin_lock+0x132/0x2a0 [ 222.947129] ? __pfx_do_exit+0x10/0x10 [ 222.947464] ? debug_smp_processor_id+0x20/0x30 [ 222.947851] ? rcu_is_watching+0x19/0xb0 [ 222.948190] ? _raw_spin_unlock_irq+0x2b/0x60 [ 222.948569] ? trace_hardirqs_on+0x26/0x120 [ 222.948934] do_group_exit+0xe0/0x2b0 [ 222.949250] __x64_sys_exit_group+0x47/0x50 [ 222.949605] do_syscall_64+0x3b/0x90 [ 222.949918] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.950351] RIP: 0033:0x7f4b87518a4d [ 222.950679] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 222.951192] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 222.951813] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 222.952400] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 222.952984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 222.953574] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 222.954155] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 222.954769] [ 222.954970] irq event stamp: 0 [ 222.955241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.955758] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.956442] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.957125] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.957645] ---[ end trace 0000000000000000 ]--- [ 222.961386] ------------[ cut here ]------------ [ 222.961807] WARNING: CPU: 1 PID: 2129 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.962747] Modules linked in: [ 222.963000] CPU: 1 PID: 2129 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.963697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.964573] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.964964] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.966376] RSP: 0018:ffff88801885fbb8 EFLAGS: 00010246 [ 222.966835] RAX: 0000000000000000 RBX: ffff88800cb900a8 RCX: 0000000000000000 [ 222.967395] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 222.967951] RBP: ffff88801885fbd0 R08: ffffed1001972033 R09: ffffed1001972033 [ 222.968498] R10: ffff88800cb90193 R11: ffffed1001972032 R12: ffff888010e00000 [ 222.969048] R13: ffff88800cb901e8 R14: ffffffff8352e670 R15: ffff88801885fe68 [ 222.969595] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 222.970217] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 222.970692] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 222.971279] PKRU: 55555554 [ 222.971501] Call Trace: [ 222.971701] [ 222.971876] __iommufd_access_detach+0x1c2/0x2b0 [ 222.972268] iommufd_access_change_pt+0x149/0x270 [ 222.972659] iommufd_access_replace+0xb4/0x120 [ 222.973032] iommufd_test+0x3e5/0x37e0 [ 222.973337] ? lock_release+0x532/0x770 [ 222.973652] ? __might_fault+0x102/0x1b0 [ 222.973980] ? lock_acquire+0x427/0x4c0 [ 222.974296] ? __pfx_iommufd_test+0x10/0x10 [ 222.974657] ? __pfx_lock_release+0x10/0x10 [ 222.975001] ? __pfx_lock_acquire+0x10/0x10 [ 222.975363] ? write_comp_data+0x2f/0x90 [ 222.975683] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 222.976062] ? write_comp_data+0x2f/0x90 [ 222.976392] iommufd_fops_ioctl+0x37d/0x510 [ 222.976731] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.977109] ? write_comp_data+0x2f/0x90 [ 222.977433] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 222.977807] __x64_sys_ioctl+0x1a3/0x230 [ 222.978124] do_syscall_64+0x3b/0x90 [ 222.978414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 222.978835] RIP: 0033:0x7f4b8743ee5d [ 222.979127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 222.980501] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 222.981077] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 222.981608] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 222.982140] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 222.982713] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 222.983435] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 222.983982] [ 222.984158] irq event stamp: 0 [ 222.984397] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 222.984880] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 222.985515] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 222.986153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 222.986659] ---[ end trace 0000000000000000 ]--- [ 222.989364] ------------[ cut here ]------------ [ 222.989747] WARNING: CPU: 1 PID: 2129 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 222.990683] Modules linked in: [ 222.991053] CPU: 1 PID: 2129 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 222.992024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 222.993252] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 222.993797] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 222.995821] RSP: 0018:ffff88801885fbd0 EFLAGS: 00010246 [ 222.996410] RAX: 0000000000000000 RBX: ffff88800cb900a8 RCX: 0000000000000000 [ 222.997187] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 222.997964] RBP: ffff88801885fbe8 R08: ffffed1001972033 R09: ffffed1001972033 [ 222.998765] R10: ffff88800cb90193 R11: ffffed1001972032 R12: ffff888010e06000 [ 222.999566] R13: ffff88800cb901e8 R14: ffff888011d6d300 R15: 0000000000000000 [ 223.000340] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.001212] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.001847] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.002654] PKRU: 55555554 [ 223.002972] Call Trace: [ 223.003268] [ 223.003529] iommufd_access_destroy_object+0x65/0x170 [ 223.004106] iommufd_object_destroy_user+0x18e/0x220 [ 223.004674] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.005323] iommufd_access_destroy+0x43/0x70 [ 223.005834] iommufd_test_staccess_release+0x8d/0xd0 [ 223.006406] __fput+0x26d/0xa40 [ 223.006827] ____fput+0x1e/0x30 [ 223.007227] task_work_run+0x1a4/0x2d0 [ 223.007680] ? __pfx_task_work_run+0x10/0x10 [ 223.008178] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.008743] ? switch_task_namespaces+0xa9/0xe0 [ 223.009493] do_exit+0xb17/0x2ef0 [ 223.009888] ? lock_acquire+0x427/0x4c0 [ 223.010353] ? __pfx_lock_release+0x10/0x10 [ 223.010895] ? __kasan_check_write+0x18/0x20 [ 223.011460] ? do_raw_spin_lock+0x132/0x2a0 [ 223.011928] ? __pfx_do_exit+0x10/0x10 [ 223.012372] ? debug_smp_processor_id+0x20/0x30 [ 223.012912] ? rcu_is_watching+0x19/0xb0 [ 223.013427] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.013922] ? trace_hardirqs_on+0x26/0x120 [ 223.014395] do_group_exit+0xe0/0x2b0 [ 223.014933] __x64_sys_exit_group+0x47/0x50 [ 223.015414] do_syscall_64+0x3b/0x90 [ 223.015843] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.016427] RIP: 0033:0x7f4b87518a4d [ 223.016919] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.017574] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.018397] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.019273] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.020062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.020929] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.021684] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.022568] [ 223.022825] irq event stamp: 0 [ 223.023182] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.023871] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.024864] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.025776] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.026652] ---[ end trace 0000000000000000 ]--- [ 223.027767] ------------[ cut here ]------------ [ 223.028403] WARNING: CPU: 1 PID: 2129 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.029514] Modules linked in: [ 223.029926] CPU: 1 PID: 2129 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.030978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.032336] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.032900] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.035046] RSP: 0018:ffff88801885fb78 EFLAGS: 00010246 [ 223.035668] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.036524] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 223.037302] RBP: ffff88801885fb98 R08: ffffed100197203e R09: ffffed100197203e [ 223.038186] R10: ffff88800cb901ef R11: ffffed100197203d R12: ffff88800cb90290 [ 223.038994] R13: ffff88800cb900a8 R14: ffffffffffffffff R15: ffff88801885fc60 [ 223.039893] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.040764] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.041427] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.042293] PKRU: 55555554 [ 223.042674] Call Trace: [ 223.042969] [ 223.043243] iommufd_ioas_destroy+0x53/0x70 [ 223.043859] iommufd_fops_release+0x1f7/0x370 [ 223.044372] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.044935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.045623] ? write_comp_data+0x2f/0x90 [ 223.046096] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.046702] __fput+0x26d/0xa40 [ 223.047103] ____fput+0x1e/0x30 [ 223.047536] task_work_run+0x1a4/0x2d0 [ 223.048072] ? __pfx_task_work_run+0x10/0x10 [ 223.048576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.049130] ? switch_task_namespaces+0xa9/0xe0 [ 223.049797] do_exit+0xb17/0x2ef0 [ 223.050191] ? lock_acquire+0x427/0x4c0 [ 223.050693] ? __pfx_lock_release+0x10/0x10 [ 223.051204] ? __kasan_check_write+0x18/0x20 [ 223.051811] ? do_raw_spin_lock+0x132/0x2a0 [ 223.052300] ? __pfx_do_exit+0x10/0x10 [ 223.052751] ? debug_smp_processor_id+0x20/0x30 [ 223.053279] ? rcu_is_watching+0x19/0xb0 [ 223.053836] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.054353] ? trace_hardirqs_on+0x26/0x120 [ 223.054886] do_group_exit+0xe0/0x2b0 [ 223.055333] __x64_sys_exit_group+0x47/0x50 [ 223.055919] do_syscall_64+0x3b/0x90 [ 223.056350] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.056939] RIP: 0033:0x7f4b87518a4d [ 223.057375] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.058128] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.059002] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.059924] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.060711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.061552] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.062379] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.063238] [ 223.063575] irq event stamp: 0 [ 223.063932] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.064630] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.065665] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.066620] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.067344] ---[ end trace 0000000000000000 ]--- [ 223.073537] ------------[ cut here ]------------ [ 223.074089] WARNING: CPU: 1 PID: 2130 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.075337] Modules linked in: [ 223.075824] CPU: 1 PID: 2130 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.076785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.078111] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.078699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.080796] RSP: 0018:ffff888018127bb8 EFLAGS: 00010246 [ 223.081443] RAX: 0000000000000000 RBX: ffff8880171bc8a8 RCX: 0000000000000000 [ 223.082273] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 223.083104] RBP: ffff888018127bd0 R08: ffffed1002e37933 R09: ffffed1002e37933 [ 223.083966] R10: ffff8880171bc993 R11: ffffed1002e37932 R12: ffff88800b9b7000 [ 223.084738] R13: ffff8880171bc9e8 R14: ffffffff8352e670 R15: ffff888018127e68 [ 223.085525] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.086408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.087088] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 223.087726] PKRU: 55555554 [ 223.087953] Call Trace: [ 223.088153] [ 223.088330] __iommufd_access_detach+0x1c2/0x2b0 [ 223.088712] iommufd_access_change_pt+0x149/0x270 [ 223.089094] iommufd_access_replace+0xb4/0x120 [ 223.089458] iommufd_test+0x3e5/0x37e0 [ 223.089761] ? lock_release+0x532/0x770 [ 223.090079] ? __might_fault+0x102/0x1b0 [ 223.090402] ? lock_acquire+0x427/0x4c0 [ 223.090762] ? __pfx_iommufd_test+0x10/0x10 [ 223.091098] ? __pfx_lock_release+0x10/0x10 [ 223.091454] ? __pfx_lock_acquire+0x10/0x10 [ 223.091802] ? write_comp_data+0x2f/0x90 [ 223.092127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.092511] ? write_comp_data+0x2f/0x90 [ 223.092835] iommufd_fops_ioctl+0x37d/0x510 [ 223.093175] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.093559] ? write_comp_data+0x2f/0x90 [ 223.093886] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.094263] __x64_sys_ioctl+0x1a3/0x230 [ 223.094609] do_syscall_64+0x3b/0x90 [ 223.094914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.095335] RIP: 0033:0x7f4b8743ee5d [ 223.095633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.097036] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.097622] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.098172] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.098741] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.099305] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.099856] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.100416] [ 223.100598] irq event stamp: 0 [ 223.100849] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.101340] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.101998] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.102671] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.103168] ---[ end trace 0000000000000000 ]--- [ 223.106021] ------------[ cut here ]------------ [ 223.106420] WARNING: CPU: 1 PID: 2130 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.107255] Modules linked in: [ 223.107507] CPU: 1 PID: 2130 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.108185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.109047] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.109433] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.110859] RSP: 0018:ffff888018127bd0 EFLAGS: 00010246 [ 223.111285] RAX: 0000000000000000 RBX: ffff8880171bc8a8 RCX: 0000000000000000 [ 223.111835] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 223.112384] RBP: ffff888018127be8 R08: ffffed1002e37933 R09: ffffed1002e37933 [ 223.112931] R10: ffff8880171bc993 R11: ffffed1002e37932 R12: ffff888010e02000 [ 223.113481] R13: ffff8880171bc9e8 R14: ffff888021819200 R15: 0000000000000000 [ 223.114031] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.114668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.115135] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.115702] PKRU: 55555554 [ 223.115925] Call Trace: [ 223.116128] [ 223.116307] iommufd_access_destroy_object+0x65/0x170 [ 223.116714] iommufd_object_destroy_user+0x18e/0x220 [ 223.117113] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.117571] iommufd_access_destroy+0x43/0x70 [ 223.117931] iommufd_test_staccess_release+0x8d/0xd0 [ 223.118338] __fput+0x26d/0xa40 [ 223.118630] ____fput+0x1e/0x30 [ 223.118900] task_work_run+0x1a4/0x2d0 [ 223.119223] ? __pfx_task_work_run+0x10/0x10 [ 223.119580] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.119968] ? switch_task_namespaces+0xa9/0xe0 [ 223.120344] do_exit+0xb17/0x2ef0 [ 223.120624] ? lock_acquire+0x427/0x4c0 [ 223.120950] ? __pfx_lock_release+0x10/0x10 [ 223.121293] ? __kasan_check_write+0x18/0x20 [ 223.121640] ? do_raw_spin_lock+0x132/0x2a0 [ 223.121977] ? __pfx_do_exit+0x10/0x10 [ 223.122287] ? debug_smp_processor_id+0x20/0x30 [ 223.122676] ? rcu_is_watching+0x19/0xb0 [ 223.123000] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.123371] ? trace_hardirqs_on+0x26/0x120 [ 223.123718] do_group_exit+0xe0/0x2b0 [ 223.124016] __x64_sys_exit_group+0x47/0x50 [ 223.124352] do_syscall_64+0x3b/0x90 [ 223.124653] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.125066] RIP: 0033:0x7f4b87518a4d [ 223.125353] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.125830] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.126414] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.126990] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.127554] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.128106] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.128660] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.129221] [ 223.129404] irq event stamp: 0 [ 223.129651] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.130140] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.130809] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.131467] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.131960] ---[ end trace 0000000000000000 ]--- [ 223.132652] ------------[ cut here ]------------ [ 223.133020] WARNING: CPU: 1 PID: 2130 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.133822] Modules linked in: [ 223.134073] CPU: 1 PID: 2130 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.134779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.135673] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.136076] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.137485] RSP: 0018:ffff888018127b78 EFLAGS: 00010246 [ 223.137900] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.138450] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 223.139027] RBP: ffff888018127b98 R08: ffffed1002e3793e R09: ffffed1002e3793e [ 223.139593] R10: ffff8880171bc9ef R11: ffffed1002e3793d R12: ffff8880171bca90 [ 223.140148] R13: ffff8880171bc8a8 R14: ffffffffffffffff R15: ffff888018127c60 [ 223.140702] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.141334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.141787] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.142347] PKRU: 55555554 [ 223.142587] Call Trace: [ 223.142785] [ 223.142959] iommufd_ioas_destroy+0x53/0x70 [ 223.143306] iommufd_fops_release+0x1f7/0x370 [ 223.143662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.144048] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.144428] ? write_comp_data+0x2f/0x90 [ 223.144748] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.145131] __fput+0x26d/0xa40 [ 223.145397] ____fput+0x1e/0x30 [ 223.145658] task_work_run+0x1a4/0x2d0 [ 223.145962] ? __pfx_task_work_run+0x10/0x10 [ 223.146300] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.146698] ? switch_task_namespaces+0xa9/0xe0 [ 223.147068] do_exit+0xb17/0x2ef0 [ 223.147347] ? lock_acquire+0x427/0x4c0 [ 223.147662] ? __pfx_lock_release+0x10/0x10 [ 223.147999] ? __kasan_check_write+0x18/0x20 [ 223.148339] ? do_raw_spin_lock+0x132/0x2a0 [ 223.148674] ? __pfx_do_exit+0x10/0x10 [ 223.148985] ? debug_smp_processor_id+0x20/0x30 [ 223.149347] ? rcu_is_watching+0x19/0xb0 [ 223.149667] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.150018] ? trace_hardirqs_on+0x26/0x120 [ 223.150360] do_group_exit+0xe0/0x2b0 [ 223.150679] __x64_sys_exit_group+0x47/0x50 [ 223.151013] do_syscall_64+0x3b/0x90 [ 223.151320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.151722] RIP: 0033:0x7f4b87518a4d [ 223.152008] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.152476] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.153059] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.153600] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.154135] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.154696] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.155251] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.155795] [ 223.155973] irq event stamp: 0 [ 223.156214] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.156689] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.157322] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.157950] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.158435] ---[ end trace 0000000000000000 ]--- [ 223.162189] ------------[ cut here ]------------ [ 223.162636] WARNING: CPU: 0 PID: 2131 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.163411] Modules linked in: [ 223.163666] CPU: 0 PID: 2131 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.164330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.165190] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.165566] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.167004] RSP: 0018:ffff88801885fbb8 EFLAGS: 00010246 [ 223.167417] RAX: 0000000000000000 RBX: ffff888014bea8a8 RCX: 0000000000000000 [ 223.167963] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 223.168504] RBP: ffff88801885fbd0 R08: ffffed100297d533 R09: ffffed100297d533 [ 223.169051] R10: ffff888014bea993 R11: ffffed100297d532 R12: ffff888010571400 [ 223.169590] R13: ffff888014bea9e8 R14: ffffffff8352e670 R15: ffff88801885fe68 [ 223.170139] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 223.170762] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.171217] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 223.171761] PKRU: 55555554 [ 223.171975] Call Trace: [ 223.172180] [ 223.172354] __iommufd_access_detach+0x1c2/0x2b0 [ 223.172724] iommufd_access_change_pt+0x149/0x270 [ 223.173102] iommufd_access_replace+0xb4/0x120 [ 223.173471] iommufd_test+0x3e5/0x37e0 [ 223.173766] ? lock_release+0x532/0x770 [ 223.174081] ? __might_fault+0x102/0x1b0 [ 223.174408] ? lock_acquire+0x427/0x4c0 [ 223.174732] ? __pfx_iommufd_test+0x10/0x10 [ 223.175061] ? __pfx_lock_release+0x10/0x10 [ 223.175412] ? __pfx_lock_acquire+0x10/0x10 [ 223.175754] ? write_comp_data+0x2f/0x90 [ 223.176068] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.176459] ? write_comp_data+0x2f/0x90 [ 223.176778] iommufd_fops_ioctl+0x37d/0x510 [ 223.177110] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.177503] ? write_comp_data+0x2f/0x90 [ 223.177826] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.178197] __x64_sys_ioctl+0x1a3/0x230 [ 223.178549] do_syscall_64+0x3b/0x90 [ 223.178844] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.179247] RIP: 0033:0x7f4b8743ee5d [ 223.179530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.180898] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.181464] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.182003] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.182548] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.183084] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.183621] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.184165] [ 223.184339] irq event stamp: 0 [ 223.184573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.185049] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.185669] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.186296] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.186780] ---[ end trace 0000000000000000 ]--- [ 223.189462] ------------[ cut here ]------------ [ 223.189833] WARNING: CPU: 0 PID: 2131 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.190640] Modules linked in: [ 223.190931] CPU: 0 PID: 2131 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.191614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.192450] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.192829] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.194185] RSP: 0018:ffff88801885fbd0 EFLAGS: 00010246 [ 223.194647] RAX: 0000000000000000 RBX: ffff888014bea8a8 RCX: 0000000000000000 [ 223.195249] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 223.195783] RBP: ffff88801885fbe8 R08: ffffed100297d533 R09: ffffed100297d533 [ 223.196307] R10: ffff888014bea993 R11: ffffed100297d532 R12: ffff88801422c000 [ 223.196843] R13: ffff888014bea9e8 R14: ffff88800b591b00 R15: 0000000000000000 [ 223.197375] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 223.197978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.198412] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 223.198972] PKRU: 55555554 [ 223.199259] Call Trace: [ 223.199474] [ 223.199652] iommufd_access_destroy_object+0x65/0x170 [ 223.200042] iommufd_object_destroy_user+0x18e/0x220 [ 223.200426] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.200875] iommufd_access_destroy+0x43/0x70 [ 223.201219] iommufd_test_staccess_release+0x8d/0xd0 [ 223.201607] __fput+0x26d/0xa40 [ 223.201880] ____fput+0x1e/0x30 [ 223.202135] task_work_run+0x1a4/0x2d0 [ 223.202438] ? __pfx_task_work_run+0x10/0x10 [ 223.202798] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.203317] ? switch_task_namespaces+0xa9/0xe0 [ 223.203690] do_exit+0xb17/0x2ef0 [ 223.203954] ? lock_acquire+0x427/0x4c0 [ 223.204259] ? __pfx_lock_release+0x10/0x10 [ 223.204586] ? __kasan_check_write+0x18/0x20 [ 223.204913] ? do_raw_spin_lock+0x132/0x2a0 [ 223.205234] ? __pfx_do_exit+0x10/0x10 [ 223.205528] ? debug_smp_processor_id+0x20/0x30 [ 223.205871] ? rcu_is_watching+0x19/0xb0 [ 223.206171] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.206541] ? trace_hardirqs_on+0x26/0x120 [ 223.206869] do_group_exit+0xe0/0x2b0 [ 223.207159] __x64_sys_exit_group+0x47/0x50 [ 223.207481] do_syscall_64+0x3b/0x90 [ 223.207762] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.208151] RIP: 0033:0x7f4b87518a4d [ 223.208429] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.208879] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.209433] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.209955] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.210480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.211035] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.211568] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.212104] [ 223.212278] irq event stamp: 0 [ 223.212513] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.212978] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.213591] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.214199] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.214686] ---[ end trace 0000000000000000 ]--- [ 223.215369] ------------[ cut here ]------------ [ 223.215719] WARNING: CPU: 0 PID: 2131 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.216474] Modules linked in: [ 223.216713] CPU: 0 PID: 2131 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.217351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.218171] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.218573] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.219922] RSP: 0018:ffff88801885fb78 EFLAGS: 00010246 [ 223.220318] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.220839] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 223.221361] RBP: ffff88801885fb98 R08: ffffed100297d53e R09: ffffed100297d53e [ 223.221886] R10: ffff888014bea9ef R11: ffffed100297d53d R12: ffff888014beaa90 [ 223.222410] R13: ffff888014bea8a8 R14: ffffffffffffffff R15: ffff88801885fc60 [ 223.223165] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 223.223758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.224180] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 223.224702] PKRU: 55555554 [ 223.224911] Call Trace: [ 223.225100] [ 223.225266] iommufd_ioas_destroy+0x53/0x70 [ 223.225593] iommufd_fops_release+0x1f7/0x370 [ 223.225929] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.226300] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.226683] ? write_comp_data+0x2f/0x90 [ 223.226997] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.227375] __fput+0x26d/0xa40 [ 223.227633] ____fput+0x1e/0x30 [ 223.227888] task_work_run+0x1a4/0x2d0 [ 223.228181] ? __pfx_task_work_run+0x10/0x10 [ 223.228509] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.228873] ? switch_task_namespaces+0xa9/0xe0 [ 223.229227] do_exit+0xb17/0x2ef0 [ 223.229487] ? lock_acquire+0x427/0x4c0 [ 223.229789] ? __pfx_lock_release+0x10/0x10 [ 223.230115] ? __kasan_check_write+0x18/0x20 [ 223.230442] ? do_raw_spin_lock+0x132/0x2a0 [ 223.230779] ? __pfx_do_exit+0x10/0x10 [ 223.231077] ? debug_smp_processor_id+0x20/0x30 [ 223.231435] ? rcu_is_watching+0x19/0xb0 [ 223.231739] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.232077] ? trace_hardirqs_on+0x26/0x120 [ 223.232401] do_group_exit+0xe0/0x2b0 [ 223.232684] __x64_sys_exit_group+0x47/0x50 [ 223.233000] do_syscall_64+0x3b/0x90 [ 223.233281] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.233669] RIP: 0033:0x7f4b87518a4d [ 223.233942] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.234393] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.234969] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.235503] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.236023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.236552] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.237073] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.237599] [ 223.237773] irq event stamp: 0 [ 223.238007] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.238467] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.239099] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.239725] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.240188] ---[ end trace 0000000000000000 ]--- [ 223.244046] ------------[ cut here ]------------ [ 223.244430] WARNING: CPU: 0 PID: 2132 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.245173] Modules linked in: [ 223.245409] CPU: 0 PID: 2132 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.246053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.246895] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.247271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.248596] RSP: 0018:ffff88800f707bb8 EFLAGS: 00010246 [ 223.248989] RAX: 0000000000000000 RBX: ffff8880162ce8a8 RCX: 0000000000000000 [ 223.249509] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 223.250030] RBP: ffff88800f707bd0 R08: ffffed1002c59d33 R09: ffffed1002c59d33 [ 223.250565] R10: ffff8880162ce993 R11: ffffed1002c59d32 R12: ffff888020a8e400 [ 223.251089] R13: ffff8880162ce9e8 R14: ffffffff8352e670 R15: ffff88800f707e68 [ 223.251626] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 223.252219] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.252641] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ef0 [ 223.253163] PKRU: 55555554 [ 223.253373] Call Trace: [ 223.253562] [ 223.253730] __iommufd_access_detach+0x1c2/0x2b0 [ 223.254092] iommufd_access_change_pt+0x149/0x270 [ 223.254456] iommufd_access_replace+0xb4/0x120 [ 223.254820] iommufd_test+0x3e5/0x37e0 [ 223.255112] ? lock_release+0x532/0x770 [ 223.255427] ? __might_fault+0x102/0x1b0 [ 223.255734] ? lock_acquire+0x427/0x4c0 [ 223.256034] ? __pfx_iommufd_test+0x10/0x10 [ 223.256349] ? __pfx_lock_release+0x10/0x10 [ 223.256679] ? __pfx_lock_acquire+0x10/0x10 [ 223.257006] ? write_comp_data+0x2f/0x90 [ 223.257318] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.257680] ? write_comp_data+0x2f/0x90 [ 223.257988] iommufd_fops_ioctl+0x37d/0x510 [ 223.258310] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.258689] ? write_comp_data+0x2f/0x90 [ 223.259002] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.259376] __x64_sys_ioctl+0x1a3/0x230 [ 223.259688] do_syscall_64+0x3b/0x90 [ 223.259973] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.260361] RIP: 0033:0x7f4b8743ee5d [ 223.260640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.261972] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.262556] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.263089] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.263633] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.264368] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.264894] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.265447] [ 223.265730] irq event stamp: 0 [ 223.265963] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.266425] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.267075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.267850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.268323] ---[ end trace 0000000000000000 ]--- [ 223.271188] ------------[ cut here ]------------ [ 223.271573] WARNING: CPU: 0 PID: 2132 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.272343] Modules linked in: [ 223.272588] CPU: 0 PID: 2132 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.273247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.274105] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.274487] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.276016] RSP: 0018:ffff88800f707bd0 EFLAGS: 00010246 [ 223.276421] RAX: 0000000000000000 RBX: ffff8880162ce8a8 RCX: 0000000000000000 [ 223.276964] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 223.277507] RBP: ffff88800f707be8 R08: ffffed1002c59d33 R09: ffffed1002c59d33 [ 223.278049] R10: ffff8880162ce993 R11: ffffed1002c59d32 R12: ffff888010573400 [ 223.278621] R13: ffff8880162ce9e8 R14: ffff88800f03b500 R15: 0000000000000000 [ 223.279176] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 223.279796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.280246] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 223.280794] PKRU: 55555554 [ 223.281013] Call Trace: [ 223.281212] [ 223.281387] iommufd_access_destroy_object+0x65/0x170 [ 223.281789] iommufd_object_destroy_user+0x18e/0x220 [ 223.282187] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.282652] iommufd_access_destroy+0x43/0x70 [ 223.283016] iommufd_test_staccess_release+0x8d/0xd0 [ 223.283424] __fput+0x26d/0xa40 [ 223.283693] ____fput+0x1e/0x30 [ 223.283955] task_work_run+0x1a4/0x2d0 [ 223.284262] ? __pfx_task_work_run+0x10/0x10 [ 223.284605] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.284985] ? switch_task_namespaces+0xa9/0xe0 [ 223.285351] do_exit+0xb17/0x2ef0 [ 223.285618] ? lock_acquire+0x427/0x4c0 [ 223.285933] ? __pfx_lock_release+0x10/0x10 [ 223.286271] ? __kasan_check_write+0x18/0x20 [ 223.286638] ? do_raw_spin_lock+0x132/0x2a0 [ 223.286974] ? __pfx_do_exit+0x10/0x10 [ 223.287298] ? debug_smp_processor_id+0x20/0x30 [ 223.287662] ? rcu_is_watching+0x19/0xb0 [ 223.287977] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.288333] ? trace_hardirqs_on+0x26/0x120 [ 223.288671] do_group_exit+0xe0/0x2b0 [ 223.288977] __x64_sys_exit_group+0x47/0x50 [ 223.289314] do_syscall_64+0x3b/0x90 [ 223.289611] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.290017] RIP: 0033:0x7f4b87518a4d [ 223.290304] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.290788] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.291385] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.291924] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.292456] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.292989] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.293528] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.294081] [ 223.294263] irq event stamp: 0 [ 223.294522] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.295007] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.295644] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.296280] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.296764] ---[ end trace 0000000000000000 ]--- [ 223.297801] ------------[ cut here ]------------ [ 223.298169] WARNING: CPU: 0 PID: 2132 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.299037] Modules linked in: [ 223.299305] CPU: 0 PID: 2132 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.299975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.300833] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.301229] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.302689] RSP: 0018:ffff88800f707b78 EFLAGS: 00010246 [ 223.303104] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.303659] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 223.304204] RBP: ffff88800f707b98 R08: ffffed1002c59d3e R09: ffffed1002c59d3e [ 223.304746] R10: ffff8880162ce9ef R11: ffffed1002c59d3d R12: ffff8880162cea90 [ 223.305293] R13: ffff8880162ce8a8 R14: ffffffffffffffff R15: ffff88800f707c60 [ 223.305845] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 223.306458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.306920] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 223.307477] PKRU: 55555554 [ 223.307700] Call Trace: [ 223.307898] [ 223.308074] iommufd_ioas_destroy+0x53/0x70 [ 223.308416] iommufd_fops_release+0x1f7/0x370 [ 223.308769] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.309156] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.309540] ? write_comp_data+0x2f/0x90 [ 223.309865] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.310251] __fput+0x26d/0xa40 [ 223.310537] ____fput+0x1e/0x30 [ 223.310803] task_work_run+0x1a4/0x2d0 [ 223.311115] ? __pfx_task_work_run+0x10/0x10 [ 223.311472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.311855] ? switch_task_namespaces+0xa9/0xe0 [ 223.312232] do_exit+0xb17/0x2ef0 [ 223.312508] ? lock_acquire+0x427/0x4c0 [ 223.312825] ? __pfx_lock_release+0x10/0x10 [ 223.313164] ? __kasan_check_write+0x18/0x20 [ 223.313506] ? do_raw_spin_lock+0x132/0x2a0 [ 223.313843] ? __pfx_do_exit+0x10/0x10 [ 223.314155] ? debug_smp_processor_id+0x20/0x30 [ 223.314542] ? rcu_is_watching+0x19/0xb0 [ 223.314860] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.315232] ? trace_hardirqs_on+0x26/0x120 [ 223.315577] do_group_exit+0xe0/0x2b0 [ 223.315875] __x64_sys_exit_group+0x47/0x50 [ 223.316212] do_syscall_64+0x3b/0x90 [ 223.316511] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.316918] RIP: 0033:0x7f4b87518a4d [ 223.317207] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.317678] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.318259] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.318819] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.319380] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.319926] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.320476] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.321028] [ 223.321210] irq event stamp: 0 [ 223.321452] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.321935] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.322591] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.323237] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.323711] ---[ end trace 0000000000000000 ]--- [ 223.328641] ------------[ cut here ]------------ [ 223.329034] WARNING: CPU: 1 PID: 2133 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.329894] Modules linked in: [ 223.330202] CPU: 1 PID: 2133 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.330899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.331901] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.332286] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.333810] RSP: 0018:ffff888012aafbb8 EFLAGS: 00010246 [ 223.334228] RAX: 0000000000000000 RBX: ffff888017a168a8 RCX: 0000000000000000 [ 223.334800] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 223.335487] RBP: ffff888012aafbd0 R08: ffffed1002f42d33 R09: ffffed1002f42d33 [ 223.336040] R10: ffff888017a16993 R11: ffffed1002f42d32 R12: ffff888013e25800 [ 223.336593] R13: ffff888017a169e8 R14: ffffffff8352e670 R15: ffff888012aafe68 [ 223.337269] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.337902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.338354] CR2: 00007f4b877410e8 CR3: 000000001452e000 CR4: 0000000000750ee0 [ 223.338988] PKRU: 55555554 [ 223.339260] Call Trace: [ 223.339461] [ 223.339641] __iommufd_access_detach+0x1c2/0x2b0 [ 223.340028] iommufd_access_change_pt+0x149/0x270 [ 223.340417] iommufd_access_replace+0xb4/0x120 [ 223.340882] iommufd_test+0x3e5/0x37e0 [ 223.341188] ? lock_release+0x532/0x770 [ 223.341516] ? __might_fault+0x102/0x1b0 [ 223.341843] ? lock_acquire+0x427/0x4c0 [ 223.342170] ? __pfx_iommufd_test+0x10/0x10 [ 223.342597] ? __pfx_lock_release+0x10/0x10 [ 223.342994] ? __pfx_lock_acquire+0x10/0x10 [ 223.343352] ? write_comp_data+0x2f/0x90 [ 223.343691] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.344081] ? write_comp_data+0x2f/0x90 [ 223.344537] iommufd_fops_ioctl+0x37d/0x510 [ 223.344882] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.345267] ? write_comp_data+0x2f/0x90 [ 223.345593] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.345998] __x64_sys_ioctl+0x1a3/0x230 [ 223.346386] do_syscall_64+0x3b/0x90 [ 223.346704] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.347125] RIP: 0033:0x7f4b8743ee5d [ 223.347419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.348944] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.349554] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.350193] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.350770] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.351350] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.351995] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.352561] [ 223.352747] irq event stamp: 0 [ 223.352994] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.353602] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.354249] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.354943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.355527] ---[ end trace 0000000000000000 ]--- [ 223.359781] ------------[ cut here ]------------ [ 223.360207] WARNING: CPU: 1 PID: 2133 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.361063] Modules linked in: [ 223.361312] CPU: 1 PID: 2133 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.362016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.362991] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.363390] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.364905] RSP: 0018:ffff888012aafbd0 EFLAGS: 00010246 [ 223.365318] RAX: 0000000000000000 RBX: ffff888017a168a8 RCX: 0000000000000000 [ 223.365985] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 223.366554] RBP: ffff888012aafbe8 R08: ffffed1002f42d33 R09: ffffed1002f42d33 [ 223.367111] R10: ffff888017a16993 R11: ffffed1002f42d32 R12: ffff88800b9b5c00 [ 223.367772] R13: ffff888017a169e8 R14: ffff88800fd1e600 R15: 0000000000000000 [ 223.368329] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.368954] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.369516] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 223.370078] PKRU: 55555554 [ 223.370302] Call Trace: [ 223.370528] [ 223.370708] iommufd_access_destroy_object+0x65/0x170 [ 223.371196] iommufd_object_destroy_user+0x18e/0x220 [ 223.371608] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.372066] iommufd_access_destroy+0x43/0x70 [ 223.372430] iommufd_test_staccess_release+0x8d/0xd0 [ 223.372890] __fput+0x26d/0xa40 [ 223.373199] ____fput+0x1e/0x30 [ 223.373467] task_work_run+0x1a4/0x2d0 [ 223.373787] ? __pfx_task_work_run+0x10/0x10 [ 223.374143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.374583] ? switch_task_namespaces+0xa9/0xe0 [ 223.375010] do_exit+0xb17/0x2ef0 [ 223.375302] ? lock_acquire+0x427/0x4c0 [ 223.375635] ? __pfx_lock_release+0x10/0x10 [ 223.375984] ? __kasan_check_write+0x18/0x20 [ 223.376357] ? do_raw_spin_lock+0x132/0x2a0 [ 223.376781] ? __pfx_do_exit+0x10/0x10 [ 223.377102] ? debug_smp_processor_id+0x20/0x30 [ 223.377480] ? rcu_is_watching+0x19/0xb0 [ 223.377809] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.378197] ? trace_hardirqs_on+0x26/0x120 [ 223.378630] do_group_exit+0xe0/0x2b0 [ 223.378942] __x64_sys_exit_group+0x47/0x50 [ 223.379303] do_syscall_64+0x3b/0x90 [ 223.379621] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.380081] RIP: 0033:0x7f4b87518a4d [ 223.380472] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.380982] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.381610] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.382330] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.382941] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.383542] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.384292] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.384889] [ 223.385083] irq event stamp: 0 [ 223.385344] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.385939] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.386682] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.387382] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.388049] ---[ end trace 0000000000000000 ]--- [ 223.390469] ------------[ cut here ]------------ [ 223.390920] WARNING: CPU: 1 PID: 2133 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.391922] Modules linked in: [ 223.392192] CPU: 1 PID: 2133 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.392949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.394091] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.394571] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.396323] RSP: 0018:ffff888012aafb78 EFLAGS: 00010246 [ 223.396798] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.397426] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 223.398205] RBP: ffff888012aafb98 R08: ffffed1002f42d3e R09: ffffed1002f42d3e [ 223.398852] R10: ffff888017a169ef R11: ffffed1002f42d3d R12: ffff888017a16a90 [ 223.399490] R13: ffff888017a168a8 R14: ffffffffffffffff R15: ffff888012aafc60 [ 223.400265] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.400970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.401494] CR2: 00007f82e2f100b8 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 223.402292] PKRU: 55555554 [ 223.402567] Call Trace: [ 223.402800] [ 223.403010] iommufd_ioas_destroy+0x53/0x70 [ 223.403426] iommufd_fops_release+0x1f7/0x370 [ 223.403844] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.404466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.404914] ? write_comp_data+0x2f/0x90 [ 223.405300] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.405747] __fput+0x26d/0xa40 [ 223.406142] ____fput+0x1e/0x30 [ 223.406536] task_work_run+0x1a4/0x2d0 [ 223.406893] ? __pfx_task_work_run+0x10/0x10 [ 223.407310] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.407753] ? switch_task_namespaces+0xa9/0xe0 [ 223.408262] do_exit+0xb17/0x2ef0 [ 223.408640] ? lock_acquire+0x427/0x4c0 [ 223.409019] ? __pfx_lock_release+0x10/0x10 [ 223.409418] ? __kasan_check_write+0x18/0x20 [ 223.409818] ? do_raw_spin_lock+0x132/0x2a0 [ 223.410291] ? __pfx_do_exit+0x10/0x10 [ 223.410743] ? debug_smp_processor_id+0x20/0x30 [ 223.411201] ? rcu_is_watching+0x19/0xb0 [ 223.411594] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.412031] ? trace_hardirqs_on+0x26/0x120 [ 223.412603] do_group_exit+0xe0/0x2b0 [ 223.412975] __x64_sys_exit_group+0x47/0x50 [ 223.413388] do_syscall_64+0x3b/0x90 [ 223.413753] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.414255] RIP: 0033:0x7f4b87518a4d [ 223.414774] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.415367] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.416088] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.416914] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.417595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.418273] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.419106] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.419799] [ 223.420028] irq event stamp: 0 [ 223.420327] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.420962] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.421838] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.422640] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.423386] ---[ end trace 0000000000000000 ]--- [ 223.429963] ------------[ cut here ]------------ [ 223.430466] WARNING: CPU: 1 PID: 2134 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.431483] Modules linked in: [ 223.431789] CPU: 1 PID: 2134 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.432904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.433965] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.434585] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.436337] RSP: 0018:ffff88801885fbb8 EFLAGS: 00010246 [ 223.436992] RAX: 0000000000000000 RBX: ffff888020f9f8a8 RCX: 0000000000000000 [ 223.437661] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 223.438342] RBP: ffff88801885fbd0 R08: ffffed10041f3f33 R09: ffffed10041f3f33 [ 223.439265] R10: ffff888020f9f993 R11: ffffed10041f3f32 R12: ffff88801422ec00 [ 223.439958] R13: ffff888020f9f9e8 R14: ffffffff8352e670 R15: ffff88801885fe68 [ 223.440643] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.441594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.442149] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 223.442856] PKRU: 55555554 [ 223.443185] Call Trace: [ 223.443562] [ 223.443786] __iommufd_access_detach+0x1c2/0x2b0 [ 223.444259] iommufd_access_change_pt+0x149/0x270 [ 223.444731] iommufd_access_replace+0xb4/0x120 [ 223.445209] iommufd_test+0x3e5/0x37e0 [ 223.445772] ? lock_release+0x532/0x770 [ 223.446204] ? __might_fault+0x102/0x1b0 [ 223.446680] ? lock_acquire+0x427/0x4c0 [ 223.447136] ? __pfx_iommufd_test+0x10/0x10 [ 223.447597] ? __pfx_lock_release+0x10/0x10 [ 223.448056] ? __pfx_lock_acquire+0x10/0x10 [ 223.448515] ? write_comp_data+0x2f/0x90 [ 223.448948] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.449459] ? write_comp_data+0x2f/0x90 [ 223.449896] iommufd_fops_ioctl+0x37d/0x510 [ 223.450349] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.450928] ? write_comp_data+0x2f/0x90 [ 223.451389] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.451900] __x64_sys_ioctl+0x1a3/0x230 [ 223.452345] do_syscall_64+0x3b/0x90 [ 223.452764] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.453323] RIP: 0033:0x7f4b8743ee5d [ 223.453718] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.455630] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.456416] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.457140] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.457864] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.458618] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.459354] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.460092] [ 223.460331] irq event stamp: 0 [ 223.460657] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.461302] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.462163] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.463054] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.463732] ---[ end trace 0000000000000000 ]--- [ 223.466991] ------------[ cut here ]------------ [ 223.467537] WARNING: CPU: 1 PID: 2134 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.468557] Modules linked in: [ 223.468887] CPU: 1 PID: 2134 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.469780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.470967] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.471497] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.473339] RSP: 0018:ffff88801885fbd0 EFLAGS: 00010246 [ 223.473884] RAX: 0000000000000000 RBX: ffff888020f9f8a8 RCX: 0000000000000000 [ 223.474639] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 223.475373] RBP: ffff88801885fbe8 R08: ffffed10041f3f33 R09: ffffed10041f3f33 [ 223.476099] R10: ffff888020f9f993 R11: ffffed10041f3f32 R12: ffff888012a1f400 [ 223.476830] R13: ffff888020f9f9e8 R14: ffff88800f284c00 R15: 0000000000000000 [ 223.477557] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.478370] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.478994] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.479749] PKRU: 55555554 [ 223.480045] Call Trace: [ 223.480307] [ 223.480539] iommufd_access_destroy_object+0x65/0x170 [ 223.481082] iommufd_object_destroy_user+0x18e/0x220 [ 223.481613] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.482214] iommufd_access_destroy+0x43/0x70 [ 223.482723] iommufd_test_staccess_release+0x8d/0xd0 [ 223.483269] __fput+0x26d/0xa40 [ 223.483630] ____fput+0x1e/0x30 [ 223.483975] task_work_run+0x1a4/0x2d0 [ 223.484379] ? __pfx_task_work_run+0x10/0x10 [ 223.484833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.485334] ? switch_task_namespaces+0xa9/0xe0 [ 223.485823] do_exit+0xb17/0x2ef0 [ 223.486185] ? lock_acquire+0x427/0x4c0 [ 223.486636] ? __pfx_lock_release+0x10/0x10 [ 223.487092] ? __kasan_check_write+0x18/0x20 [ 223.487561] ? do_raw_spin_lock+0x132/0x2a0 [ 223.488004] ? __pfx_do_exit+0x10/0x10 [ 223.488419] ? debug_smp_processor_id+0x20/0x30 [ 223.488898] ? rcu_is_watching+0x19/0xb0 [ 223.489315] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.489781] ? trace_hardirqs_on+0x26/0x120 [ 223.490227] do_group_exit+0xe0/0x2b0 [ 223.490654] __x64_sys_exit_group+0x47/0x50 [ 223.491099] do_syscall_64+0x3b/0x90 [ 223.491506] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.492039] RIP: 0033:0x7f4b87518a4d [ 223.492419] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.493051] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.493833] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.494599] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.495344] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.496063] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.496785] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.497520] [ 223.497769] irq event stamp: 0 [ 223.498098] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.498780] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.499653] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.500509] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.501162] ---[ end trace 0000000000000000 ]--- [ 223.502028] ------------[ cut here ]------------ [ 223.502559] WARNING: CPU: 1 PID: 2134 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.503631] Modules linked in: [ 223.503971] CPU: 1 PID: 2134 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.504868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.506024] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.506586] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.508473] RSP: 0018:ffff88801885fb78 EFLAGS: 00010246 [ 223.509018] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.509735] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 223.510449] RBP: ffff88801885fb98 R08: ffffed10041f3f3e R09: ffffed10041f3f3e [ 223.511192] R10: ffff888020f9f9ef R11: ffffed10041f3f3d R12: ffff888020f9fa90 [ 223.511861] R13: ffff888020f9f8a8 R14: ffffffffffffffff R15: ffff88801885fc60 [ 223.512529] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.513281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.513833] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.514499] PKRU: 55555554 [ 223.514792] Call Trace: [ 223.515036] [ 223.515259] iommufd_ioas_destroy+0x53/0x70 [ 223.515675] iommufd_fops_release+0x1f7/0x370 [ 223.516106] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.516582] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.517052] ? write_comp_data+0x2f/0x90 [ 223.517445] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.517923] __fput+0x26d/0xa40 [ 223.518255] ____fput+0x1e/0x30 [ 223.518602] task_work_run+0x1a4/0x2d0 [ 223.518982] ? __pfx_task_work_run+0x10/0x10 [ 223.519421] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.519905] ? switch_task_namespaces+0xa9/0xe0 [ 223.520577] do_exit+0xb17/0x2ef0 [ 223.520917] ? lock_acquire+0x427/0x4c0 [ 223.521307] ? __pfx_lock_release+0x10/0x10 [ 223.521718] ? __kasan_check_write+0x18/0x20 [ 223.522134] ? do_raw_spin_lock+0x132/0x2a0 [ 223.522761] ? __pfx_do_exit+0x10/0x10 [ 223.523158] ? debug_smp_processor_id+0x20/0x30 [ 223.523612] ? rcu_is_watching+0x19/0xb0 [ 223.524012] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.524446] ? trace_hardirqs_on+0x26/0x120 [ 223.524960] do_group_exit+0xe0/0x2b0 [ 223.525373] __x64_sys_exit_group+0x47/0x50 [ 223.525783] do_syscall_64+0x3b/0x90 [ 223.526150] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.526685] RIP: 0033:0x7f4b87518a4d [ 223.527036] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.527673] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.528505] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.529169] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.529887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.530701] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.531372] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.532046] [ 223.532301] irq event stamp: 0 [ 223.532727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.533317] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.534093] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.535090] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.535704] ---[ end trace 0000000000000000 ]--- [ 223.539711] ------------[ cut here ]------------ [ 223.540213] WARNING: CPU: 1 PID: 2135 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.541201] Modules linked in: [ 223.541632] CPU: 1 PID: 2135 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.542449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.543681] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.544226] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.545980] RSP: 0018:ffff888012aafbb8 EFLAGS: 00010246 [ 223.546631] RAX: 0000000000000000 RBX: ffff88800b8128a8 RCX: 0000000000000000 [ 223.547320] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 223.547991] RBP: ffff888012aafbd0 R08: ffffed1001702533 R09: ffffed1001702533 [ 223.548846] R10: ffff88800b812993 R11: ffffed1001702532 R12: ffff888010c0a400 [ 223.549534] R13: ffff88800b8129e8 R14: ffffffff8352e670 R15: ffff888012aafe68 [ 223.550206] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.551191] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.551750] CR2: 00007f4b877410e8 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 223.552432] PKRU: 55555554 [ 223.552704] Call Trace: [ 223.552949] [ 223.553215] __iommufd_access_detach+0x1c2/0x2b0 [ 223.553782] iommufd_access_change_pt+0x149/0x270 [ 223.554252] iommufd_access_replace+0xb4/0x120 [ 223.554745] iommufd_test+0x3e5/0x37e0 [ 223.555139] ? lock_release+0x532/0x770 [ 223.555532] ? __might_fault+0x102/0x1b0 [ 223.555935] ? lock_acquire+0x427/0x4c0 [ 223.556426] ? __pfx_iommufd_test+0x10/0x10 [ 223.556909] ? __pfx_lock_release+0x10/0x10 [ 223.557329] ? __pfx_lock_acquire+0x10/0x10 [ 223.557756] ? write_comp_data+0x2f/0x90 [ 223.558154] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.558760] ? write_comp_data+0x2f/0x90 [ 223.559241] iommufd_fops_ioctl+0x37d/0x510 [ 223.559661] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.560126] ? write_comp_data+0x2f/0x90 [ 223.560534] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.561011] __x64_sys_ioctl+0x1a3/0x230 [ 223.561635] do_syscall_64+0x3b/0x90 [ 223.562042] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.562628] RIP: 0033:0x7f4b8743ee5d [ 223.563015] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.565149] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.565936] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.566926] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.567685] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.568415] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.569353] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.570105] [ 223.570355] irq event stamp: 0 [ 223.570722] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.571398] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.572489] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.573349] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.574014] ---[ end trace 0000000000000000 ]--- [ 223.577668] ------------[ cut here ]------------ [ 223.578192] WARNING: CPU: 1 PID: 2135 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.579288] Modules linked in: [ 223.579624] CPU: 1 PID: 2135 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.580512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.581660] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.582175] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.584094] RSP: 0018:ffff888012aafbd0 EFLAGS: 00010246 [ 223.584652] RAX: 0000000000000000 RBX: ffff88800b8128a8 RCX: 0000000000000000 [ 223.585378] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 223.586103] RBP: ffff888012aafbe8 R08: ffffed1001702533 R09: ffffed1001702533 [ 223.586860] R10: ffff88800b812993 R11: ffffed1001702532 R12: ffff88801422cc00 [ 223.587603] R13: ffff88800b8129e8 R14: ffff888010f94400 R15: 0000000000000000 [ 223.588329] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.589149] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.589744] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 223.590481] PKRU: 55555554 [ 223.590812] Call Trace: [ 223.591077] [ 223.591330] iommufd_access_destroy_object+0x65/0x170 [ 223.591871] iommufd_object_destroy_user+0x18e/0x220 [ 223.592386] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.592985] iommufd_access_destroy+0x43/0x70 [ 223.593459] iommufd_test_staccess_release+0x8d/0xd0 [ 223.593993] __fput+0x26d/0xa40 [ 223.594352] ____fput+0x1e/0x30 [ 223.594735] task_work_run+0x1a4/0x2d0 [ 223.595158] ? __pfx_task_work_run+0x10/0x10 [ 223.595618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.596128] ? switch_task_namespaces+0xa9/0xe0 [ 223.596624] do_exit+0xb17/0x2ef0 [ 223.596984] ? lock_acquire+0x427/0x4c0 [ 223.597400] ? __pfx_lock_release+0x10/0x10 [ 223.597855] ? __kasan_check_write+0x18/0x20 [ 223.598312] ? do_raw_spin_lock+0x132/0x2a0 [ 223.598795] ? __pfx_do_exit+0x10/0x10 [ 223.599234] ? debug_smp_processor_id+0x20/0x30 [ 223.599718] ? rcu_is_watching+0x19/0xb0 [ 223.600141] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.600615] ? trace_hardirqs_on+0x26/0x120 [ 223.601069] do_group_exit+0xe0/0x2b0 [ 223.601467] __x64_sys_exit_group+0x47/0x50 [ 223.601915] do_syscall_64+0x3b/0x90 [ 223.602316] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.602894] RIP: 0033:0x7f4b87518a4d [ 223.603297] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.603933] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.604718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.605453] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.606181] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.606947] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.607695] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.608430] [ 223.608676] irq event stamp: 0 [ 223.609003] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.609652] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.610539] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.611419] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.612077] ---[ end trace 0000000000000000 ]--- [ 223.612942] ------------[ cut here ]------------ [ 223.613445] WARNING: CPU: 1 PID: 2135 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.614500] Modules linked in: [ 223.614894] CPU: 1 PID: 2135 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.615801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.616944] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.617480] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.619378] RSP: 0018:ffff888012aafb78 EFLAGS: 00010246 [ 223.619937] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.620662] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 223.621386] RBP: ffff888012aafb98 R08: ffffed100170253e R09: ffffed100170253e [ 223.622108] R10: ffff88800b8129ef R11: ffffed100170253d R12: ffff88800b812a90 [ 223.622862] R13: ffff88800b8128a8 R14: ffffffffffffffff R15: ffff888012aafc60 [ 223.623605] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.624431] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.625036] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 223.625776] PKRU: 55555554 [ 223.626068] Call Trace: [ 223.626332] [ 223.626599] iommufd_ioas_destroy+0x53/0x70 [ 223.627058] iommufd_fops_release+0x1f7/0x370 [ 223.627547] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.628065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.628585] ? write_comp_data+0x2f/0x90 [ 223.629009] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.629530] __fput+0x26d/0xa40 [ 223.629889] ____fput+0x1e/0x30 [ 223.630237] task_work_run+0x1a4/0x2d0 [ 223.630703] ? __pfx_task_work_run+0x10/0x10 [ 223.631189] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.631702] ? switch_task_namespaces+0xa9/0xe0 [ 223.632202] do_exit+0xb17/0x2ef0 [ 223.632556] ? lock_acquire+0x427/0x4c0 [ 223.632984] ? __pfx_lock_release+0x10/0x10 [ 223.633438] ? __kasan_check_write+0x18/0x20 [ 223.633893] ? do_raw_spin_lock+0x132/0x2a0 [ 223.634334] ? __pfx_do_exit+0x10/0x10 [ 223.634788] ? debug_smp_processor_id+0x20/0x30 [ 223.635300] ? rcu_is_watching+0x19/0xb0 [ 223.635717] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.636183] ? trace_hardirqs_on+0x26/0x120 [ 223.636635] do_group_exit+0xe0/0x2b0 [ 223.637029] __x64_sys_exit_group+0x47/0x50 [ 223.637475] do_syscall_64+0x3b/0x90 [ 223.637863] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.638397] RIP: 0033:0x7f4b87518a4d [ 223.638806] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.639427] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.640074] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.640687] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.641295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.641897] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.642498] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.643156] [ 223.643389] irq event stamp: 0 [ 223.643698] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.644327] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.645184] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.646019] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.646680] ---[ end trace 0000000000000000 ]--- [ 223.651462] ------------[ cut here ]------------ [ 223.651985] WARNING: CPU: 1 PID: 2136 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.652994] Modules linked in: [ 223.653315] CPU: 1 PID: 2136 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.654179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.655546] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.656059] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.657885] RSP: 0018:ffff888016377bb8 EFLAGS: 00010246 [ 223.658419] RAX: 0000000000000000 RBX: ffff88801781a0a8 RCX: 0000000000000000 [ 223.659168] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 223.659884] RBP: ffff888016377bd0 R08: ffffed1002f03433 R09: ffffed1002f03433 [ 223.660595] R10: ffff88801781a193 R11: ffffed1002f03432 R12: ffff888010826400 [ 223.661304] R13: ffff88801781a1e8 R14: ffffffff8352e670 R15: ffff888016377e68 [ 223.662014] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.662842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.663441] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 223.664160] PKRU: 55555554 [ 223.664446] Call Trace: [ 223.664714] [ 223.664943] __iommufd_access_detach+0x1c2/0x2b0 [ 223.665432] iommufd_access_change_pt+0x149/0x270 [ 223.665924] iommufd_access_replace+0xb4/0x120 [ 223.666388] iommufd_test+0x3e5/0x37e0 [ 223.666806] ? lock_release+0x532/0x770 [ 223.667227] ? __might_fault+0x102/0x1b0 [ 223.667642] ? lock_acquire+0x427/0x4c0 [ 223.668051] ? __pfx_iommufd_test+0x10/0x10 [ 223.668482] ? __pfx_lock_release+0x10/0x10 [ 223.668896] ? __pfx_lock_acquire+0x10/0x10 [ 223.669307] ? write_comp_data+0x2f/0x90 [ 223.669693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.670147] ? write_comp_data+0x2f/0x90 [ 223.670557] iommufd_fops_ioctl+0x37d/0x510 [ 223.670966] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.671432] ? write_comp_data+0x2f/0x90 [ 223.671820] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.672271] __x64_sys_ioctl+0x1a3/0x230 [ 223.672657] do_syscall_64+0x3b/0x90 [ 223.673015] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.673502] RIP: 0033:0x7f4b8743ee5d [ 223.673845] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.675557] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.676258] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.676914] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.677569] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.678219] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.678894] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.679559] [ 223.679772] irq event stamp: 0 [ 223.680057] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.680630] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.681386] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.682139] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.682693] ---[ end trace 0000000000000000 ]--- [ 223.685585] ------------[ cut here ]------------ [ 223.686019] WARNING: CPU: 1 PID: 2136 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.686917] Modules linked in: [ 223.687210] CPU: 1 PID: 2136 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.687956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.688912] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.689337] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.690907] RSP: 0018:ffff888016377bd0 EFLAGS: 00010246 [ 223.691403] RAX: 0000000000000000 RBX: ffff88801781a0a8 RCX: 0000000000000000 [ 223.692012] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 223.692613] RBP: ffff888016377be8 R08: ffffed1002f03433 R09: ffffed1002f03433 [ 223.693219] R10: ffff88801781a193 R11: ffffed1002f03432 R12: ffff888010c08000 [ 223.693825] R13: ffff88801781a1e8 R14: ffff888018b99100 R15: 0000000000000000 [ 223.694438] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.695160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.695664] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.696274] PKRU: 55555554 [ 223.696515] Call Trace: [ 223.696734] [ 223.696927] iommufd_access_destroy_object+0x65/0x170 [ 223.697375] iommufd_object_destroy_user+0x18e/0x220 [ 223.697817] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.698320] iommufd_access_destroy+0x43/0x70 [ 223.698743] iommufd_test_staccess_release+0x8d/0xd0 [ 223.699202] __fput+0x26d/0xa40 [ 223.699502] ____fput+0x1e/0x30 [ 223.699794] task_work_run+0x1a4/0x2d0 [ 223.700136] ? __pfx_task_work_run+0x10/0x10 [ 223.700514] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.700930] ? switch_task_namespaces+0xa9/0xe0 [ 223.701335] do_exit+0xb17/0x2ef0 [ 223.701657] ? lock_acquire+0x427/0x4c0 [ 223.702001] ? __pfx_lock_release+0x10/0x10 [ 223.702378] ? __kasan_check_write+0x18/0x20 [ 223.702758] ? do_raw_spin_lock+0x132/0x2a0 [ 223.703109] ? __pfx_do_exit+0x10/0x10 [ 223.703443] ? debug_smp_processor_id+0x20/0x30 [ 223.703822] ? rcu_is_watching+0x19/0xb0 [ 223.704157] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.704531] ? trace_hardirqs_on+0x26/0x120 [ 223.704893] do_group_exit+0xe0/0x2b0 [ 223.705207] __x64_sys_exit_group+0x47/0x50 [ 223.705555] do_syscall_64+0x3b/0x90 [ 223.705864] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.706293] RIP: 0033:0x7f4b87518a4d [ 223.706612] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.707112] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.707734] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.708304] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.708872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.709443] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.710018] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.710617] [ 223.710807] irq event stamp: 0 [ 223.711061] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.711579] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.712249] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.712923] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.713432] ---[ end trace 0000000000000000 ]--- [ 223.714138] ------------[ cut here ]------------ [ 223.714537] WARNING: CPU: 1 PID: 2136 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.715370] Modules linked in: [ 223.715631] CPU: 1 PID: 2136 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.716335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.717244] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.717661] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.719152] RSP: 0018:ffff888016377b78 EFLAGS: 00010246 [ 223.719587] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.720157] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 223.720727] RBP: ffff888016377b98 R08: ffffed1002f0343e R09: ffffed1002f0343e [ 223.721296] R10: ffff88801781a1ef R11: ffffed1002f0343d R12: ffff88801781a290 [ 223.721868] R13: ffff88801781a0a8 R14: ffffffffffffffff R15: ffff888016377c60 [ 223.722443] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.723106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.723584] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.724157] PKRU: 55555554 [ 223.724385] Call Trace: [ 223.724595] [ 223.724779] iommufd_ioas_destroy+0x53/0x70 [ 223.725136] iommufd_fops_release+0x1f7/0x370 [ 223.725505] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.725911] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.726313] ? write_comp_data+0x2f/0x90 [ 223.726671] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.727081] __fput+0x26d/0xa40 [ 223.727367] ____fput+0x1e/0x30 [ 223.727637] task_work_run+0x1a4/0x2d0 [ 223.727951] ? __pfx_task_work_run+0x10/0x10 [ 223.728299] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.728686] ? switch_task_namespaces+0xa9/0xe0 [ 223.729063] do_exit+0xb17/0x2ef0 [ 223.729336] ? lock_acquire+0x427/0x4c0 [ 223.729656] ? __pfx_lock_release+0x10/0x10 [ 223.729999] ? __kasan_check_write+0x18/0x20 [ 223.730349] ? do_raw_spin_lock+0x132/0x2a0 [ 223.730709] ? __pfx_do_exit+0x10/0x10 [ 223.731025] ? debug_smp_processor_id+0x20/0x30 [ 223.731397] ? rcu_is_watching+0x19/0xb0 [ 223.731712] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.732064] ? trace_hardirqs_on+0x26/0x120 [ 223.732406] do_group_exit+0xe0/0x2b0 [ 223.732703] __x64_sys_exit_group+0x47/0x50 [ 223.733032] do_syscall_64+0x3b/0x90 [ 223.733326] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.733730] RIP: 0033:0x7f4b87518a4d [ 223.734017] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.734501] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.735109] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.735659] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.736199] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.736744] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.737290] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.737842] [ 223.738022] irq event stamp: 0 [ 223.738265] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.738766] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.739415] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.740052] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.740533] ---[ end trace 0000000000000000 ]--- [ 223.745004] ------------[ cut here ]------------ [ 223.745380] WARNING: CPU: 1 PID: 2137 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.746133] Modules linked in: [ 223.746374] CPU: 1 PID: 2137 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.747072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.747917] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.748287] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.749640] RSP: 0018:ffff88800f0d7bb8 EFLAGS: 00010246 [ 223.750036] RAX: 0000000000000000 RBX: ffff8880136058a8 RCX: 0000000000000000 [ 223.750579] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 223.751110] RBP: ffff88800f0d7bd0 R08: ffffed10026c0b33 R09: ffffed10026c0b33 [ 223.751651] R10: ffff888013605993 R11: ffffed10026c0b32 R12: ffff888013b14800 [ 223.752182] R13: ffff8880136059e8 R14: ffffffff8352e670 R15: ffff88800f0d7e68 [ 223.752717] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.753321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.753756] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 223.754293] PKRU: 55555554 [ 223.754531] Call Trace: [ 223.754726] [ 223.754897] __iommufd_access_detach+0x1c2/0x2b0 [ 223.755274] iommufd_access_change_pt+0x149/0x270 [ 223.755647] iommufd_access_replace+0xb4/0x120 [ 223.756002] iommufd_test+0x3e5/0x37e0 [ 223.756296] ? lock_release+0x532/0x770 [ 223.756608] ? __might_fault+0x102/0x1b0 [ 223.756921] ? lock_acquire+0x427/0x4c0 [ 223.757232] ? __pfx_iommufd_test+0x10/0x10 [ 223.757559] ? __pfx_lock_release+0x10/0x10 [ 223.757893] ? __pfx_lock_acquire+0x10/0x10 [ 223.758225] ? write_comp_data+0x2f/0x90 [ 223.758563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.758938] ? write_comp_data+0x2f/0x90 [ 223.759265] iommufd_fops_ioctl+0x37d/0x510 [ 223.759594] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.759969] ? write_comp_data+0x2f/0x90 [ 223.760289] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.760657] __x64_sys_ioctl+0x1a3/0x230 [ 223.760974] do_syscall_64+0x3b/0x90 [ 223.761264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.761662] RIP: 0033:0x7f4b8743ee5d [ 223.761944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.763331] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.763903] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.764437] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.764969] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.765504] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.766036] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.766598] [ 223.766778] irq event stamp: 0 [ 223.767015] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.767494] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.768121] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.768745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.769216] ---[ end trace 0000000000000000 ]--- [ 223.771900] ------------[ cut here ]------------ [ 223.772289] WARNING: CPU: 1 PID: 2137 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.773049] Modules linked in: [ 223.773291] CPU: 1 PID: 2137 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.773944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.774803] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.775186] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.776551] RSP: 0018:ffff88800f0d7bd0 EFLAGS: 00010246 [ 223.776949] RAX: 0000000000000000 RBX: ffff8880136058a8 RCX: 0000000000000000 [ 223.777481] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 223.778013] RBP: ffff88800f0d7be8 R08: ffffed10026c0b33 R09: ffffed10026c0b33 [ 223.778564] R10: ffff888013605993 R11: ffffed10026c0b32 R12: ffff888010824800 [ 223.779103] R13: ffff8880136059e8 R14: ffff888013d37800 R15: 0000000000000000 [ 223.779656] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.780633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.781074] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.781608] PKRU: 55555554 [ 223.781821] Call Trace: [ 223.782044] [ 223.782261] iommufd_access_destroy_object+0x65/0x170 [ 223.782771] iommufd_object_destroy_user+0x18e/0x220 [ 223.783171] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.783613] iommufd_access_destroy+0x43/0x70 [ 223.784006] iommufd_test_staccess_release+0x8d/0xd0 [ 223.784452] __fput+0x26d/0xa40 [ 223.784716] ____fput+0x1e/0x30 [ 223.784974] task_work_run+0x1a4/0x2d0 [ 223.785278] ? __pfx_task_work_run+0x10/0x10 [ 223.785618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.786106] ? switch_task_namespaces+0xa9/0xe0 [ 223.786471] do_exit+0xb17/0x2ef0 [ 223.786757] ? lock_acquire+0x427/0x4c0 [ 223.787067] ? __pfx_lock_release+0x10/0x10 [ 223.787409] ? __kasan_check_write+0x18/0x20 [ 223.787748] ? do_raw_spin_lock+0x132/0x2a0 [ 223.788079] ? __pfx_do_exit+0x10/0x10 [ 223.788499] ? debug_smp_processor_id+0x20/0x30 [ 223.788860] ? rcu_is_watching+0x19/0xb0 [ 223.789172] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.789522] ? trace_hardirqs_on+0x26/0x120 [ 223.789857] do_group_exit+0xe0/0x2b0 [ 223.790170] __x64_sys_exit_group+0x47/0x50 [ 223.790597] do_syscall_64+0x3b/0x90 [ 223.790889] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.791297] RIP: 0033:0x7f4b87518a4d [ 223.791581] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.792043] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.792729] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.793266] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.793804] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.794446] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.795006] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.795569] [ 223.795750] irq event stamp: 0 [ 223.795989] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.796587] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.797219] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.797865] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.798434] ---[ end trace 0000000000000000 ]--- [ 223.799160] ------------[ cut here ]------------ [ 223.799518] WARNING: CPU: 1 PID: 2137 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.800410] Modules linked in: [ 223.800659] CPU: 1 PID: 2137 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.801318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.802273] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.802691] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.804188] RSP: 0018:ffff88800f0d7b78 EFLAGS: 00010246 [ 223.804590] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.805128] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 223.805727] RBP: ffff88800f0d7b98 R08: ffffed10026c0b3e R09: ffffed10026c0b3e [ 223.806315] R10: ffff8880136059ef R11: ffffed10026c0b3d R12: ffff888013605a90 [ 223.806869] R13: ffff8880136058a8 R14: ffffffffffffffff R15: ffff88800f0d7c60 [ 223.807388] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.808092] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.808528] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.809061] PKRU: 55555554 [ 223.809276] Call Trace: [ 223.809502] [ 223.809748] iommufd_ioas_destroy+0x53/0x70 [ 223.810083] iommufd_fops_release+0x1f7/0x370 [ 223.810430] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.810830] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.811212] ? write_comp_data+0x2f/0x90 [ 223.811562] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.811998] __fput+0x26d/0xa40 [ 223.812260] ____fput+0x1e/0x30 [ 223.812518] task_work_run+0x1a4/0x2d0 [ 223.812820] ? __pfx_task_work_run+0x10/0x10 [ 223.813158] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.813652] ? switch_task_namespaces+0xa9/0xe0 [ 223.814015] do_exit+0xb17/0x2ef0 [ 223.814280] ? lock_acquire+0x427/0x4c0 [ 223.814620] ? __pfx_lock_release+0x10/0x10 [ 223.814954] ? __kasan_check_write+0x18/0x20 [ 223.815301] ? do_raw_spin_lock+0x132/0x2a0 [ 223.815765] ? __pfx_do_exit+0x10/0x10 [ 223.816069] ? debug_smp_processor_id+0x20/0x30 [ 223.816426] ? rcu_is_watching+0x19/0xb0 [ 223.816733] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.817077] ? trace_hardirqs_on+0x26/0x120 [ 223.817534] do_group_exit+0xe0/0x2b0 [ 223.817824] __x64_sys_exit_group+0x47/0x50 [ 223.818154] do_syscall_64+0x3b/0x90 [ 223.818445] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.818860] RIP: 0033:0x7f4b87518a4d [ 223.819149] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.819768] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.820340] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.820870] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.821465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.822070] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.822619] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.823163] [ 223.823397] irq event stamp: 0 [ 223.823717] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.824193] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.824819] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.825567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.826035] ---[ end trace 0000000000000000 ]--- [ 223.829424] ------------[ cut here ]------------ [ 223.829799] WARNING: CPU: 1 PID: 2138 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.830708] Modules linked in: [ 223.830948] CPU: 1 PID: 2138 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.831596] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.832467] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.832894] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.834340] RSP: 0018:ffff888012aafbb8 EFLAGS: 00010246 [ 223.834757] RAX: 0000000000000000 RBX: ffff888012f5d0a8 RCX: 0000000000000000 [ 223.835288] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 223.835809] RBP: ffff888012aafbd0 R08: ffffed10025eba33 R09: ffffed10025eba33 [ 223.836445] R10: ffff888012f5d193 R11: ffffed10025eba32 R12: ffff888010c6cc00 [ 223.836968] R13: ffff888012f5d1e8 R14: ffffffff8352e670 R15: ffff888012aafe68 [ 223.837491] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.838191] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.838642] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 223.839175] PKRU: 55555554 [ 223.839385] Call Trace: [ 223.839576] [ 223.839779] __iommufd_access_detach+0x1c2/0x2b0 [ 223.840202] iommufd_access_change_pt+0x149/0x270 [ 223.840568] iommufd_access_replace+0xb4/0x120 [ 223.840919] iommufd_test+0x3e5/0x37e0 [ 223.841213] ? lock_release+0x532/0x770 [ 223.841570] ? __might_fault+0x102/0x1b0 [ 223.841937] ? lock_acquire+0x427/0x4c0 [ 223.842243] ? __pfx_iommufd_test+0x10/0x10 [ 223.842579] ? __pfx_lock_release+0x10/0x10 [ 223.842906] ? __pfx_lock_acquire+0x10/0x10 [ 223.843247] ? write_comp_data+0x2f/0x90 [ 223.843589] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.844022] ? write_comp_data+0x2f/0x90 [ 223.844332] iommufd_fops_ioctl+0x37d/0x510 [ 223.844657] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.845024] ? write_comp_data+0x2f/0x90 [ 223.845435] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.845799] __x64_sys_ioctl+0x1a3/0x230 [ 223.846111] do_syscall_64+0x3b/0x90 [ 223.846398] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.846807] RIP: 0033:0x7f4b8743ee5d [ 223.847197] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.848535] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.849150] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.849731] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.850255] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.850857] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.851429] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.851960] [ 223.852135] irq event stamp: 0 [ 223.852369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.852891] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.853542] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.854153] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.854752] ---[ end trace 0000000000000000 ]--- [ 223.857623] ------------[ cut here ]------------ [ 223.858033] WARNING: CPU: 1 PID: 2138 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.858916] Modules linked in: [ 223.859165] CPU: 1 PID: 2138 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.859809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.860748] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.861116] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.862588] RSP: 0018:ffff888012aafbd0 EFLAGS: 00010246 [ 223.862981] RAX: 0000000000000000 RBX: ffff888012f5d0a8 RCX: 0000000000000000 [ 223.863512] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 223.864060] RBP: ffff888012aafbe8 R08: ffffed10025eba33 R09: ffffed10025eba33 [ 223.864657] R10: ffff888012f5d193 R11: ffffed10025eba32 R12: ffff888013b14400 [ 223.865180] R13: ffff888012f5d1e8 R14: ffff888020c36800 R15: 0000000000000000 [ 223.865726] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.866383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.866828] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 223.867359] PKRU: 55555554 [ 223.867582] Call Trace: [ 223.867850] [ 223.868024] iommufd_access_destroy_object+0x65/0x170 [ 223.868412] iommufd_object_destroy_user+0x18e/0x220 [ 223.868791] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.869246] iommufd_access_destroy+0x43/0x70 [ 223.869672] iommufd_test_staccess_release+0x8d/0xd0 [ 223.870058] __fput+0x26d/0xa40 [ 223.870317] ____fput+0x1e/0x30 [ 223.870587] task_work_run+0x1a4/0x2d0 [ 223.870886] ? __pfx_task_work_run+0x10/0x10 [ 223.871224] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.871706] ? switch_task_namespaces+0xa9/0xe0 [ 223.872063] do_exit+0xb17/0x2ef0 [ 223.872323] ? lock_acquire+0x427/0x4c0 [ 223.872624] ? __pfx_lock_release+0x10/0x10 [ 223.872951] ? __kasan_check_write+0x18/0x20 [ 223.873393] ? do_raw_spin_lock+0x132/0x2a0 [ 223.873716] ? __pfx_do_exit+0x10/0x10 [ 223.874012] ? debug_smp_processor_id+0x20/0x30 [ 223.874365] ? rcu_is_watching+0x19/0xb0 [ 223.874688] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.875030] ? trace_hardirqs_on+0x26/0x120 [ 223.875460] do_group_exit+0xe0/0x2b0 [ 223.875744] __x64_sys_exit_group+0x47/0x50 [ 223.876061] do_syscall_64+0x3b/0x90 [ 223.876349] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.876742] RIP: 0033:0x7f4b87518a4d [ 223.877131] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.877581] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.878140] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.878798] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.879334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.879862] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.880386] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.881037] [ 223.881212] irq event stamp: 0 [ 223.881447] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.881913] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.882600] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.883271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.883735] ---[ end trace 0000000000000000 ]--- [ 223.884415] ------------[ cut here ]------------ [ 223.884870] WARNING: CPU: 1 PID: 2138 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.885627] Modules linked in: [ 223.885864] CPU: 1 PID: 2138 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.886649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.887489] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.887872] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.889337] RSP: 0018:ffff888012aafb78 EFLAGS: 00010246 [ 223.889734] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.890255] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 223.890802] RBP: ffff888012aafb98 R08: ffffed10025eba3e R09: ffffed10025eba3e [ 223.891334] R10: ffff888012f5d1ef R11: ffffed10025eba3d R12: ffff888012f5d290 [ 223.891859] R13: ffff888012f5d0a8 R14: ffffffffffffffff R15: ffff888012aafc60 [ 223.892378] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.892967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.893394] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 223.893917] PKRU: 55555554 [ 223.894129] Call Trace: [ 223.894321] [ 223.894488] iommufd_ioas_destroy+0x53/0x70 [ 223.894838] iommufd_fops_release+0x1f7/0x370 [ 223.895186] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.895559] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.895926] ? write_comp_data+0x2f/0x90 [ 223.896240] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.896613] __fput+0x26d/0xa40 [ 223.896871] ____fput+0x1e/0x30 [ 223.897124] task_work_run+0x1a4/0x2d0 [ 223.897418] ? __pfx_task_work_run+0x10/0x10 [ 223.897743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.898103] ? switch_task_namespaces+0xa9/0xe0 [ 223.898457] do_exit+0xb17/0x2ef0 [ 223.898732] ? lock_acquire+0x427/0x4c0 [ 223.899035] ? __pfx_lock_release+0x10/0x10 [ 223.899367] ? __kasan_check_write+0x18/0x20 [ 223.899696] ? do_raw_spin_lock+0x132/0x2a0 [ 223.900015] ? __pfx_do_exit+0x10/0x10 [ 223.900310] ? debug_smp_processor_id+0x20/0x30 [ 223.900658] ? rcu_is_watching+0x19/0xb0 [ 223.900960] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.901298] ? trace_hardirqs_on+0x26/0x120 [ 223.901626] do_group_exit+0xe0/0x2b0 [ 223.901907] __x64_sys_exit_group+0x47/0x50 [ 223.902227] do_syscall_64+0x3b/0x90 [ 223.902537] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.902926] RIP: 0033:0x7f4b87518a4d [ 223.903206] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.903657] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.904207] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.904725] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.905241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.905758] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.906276] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.906825] [ 223.907000] irq event stamp: 0 [ 223.907240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.907699] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.908306] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.908909] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.909369] ---[ end trace 0000000000000000 ]--- [ 223.913210] ------------[ cut here ]------------ [ 223.913587] WARNING: CPU: 1 PID: 2139 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.914335] Modules linked in: [ 223.914648] CPU: 1 PID: 2139 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.915298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.916112] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.916484] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.917806] RSP: 0018:ffff88800f81fbb8 EFLAGS: 00010246 [ 223.918192] RAX: 0000000000000000 RBX: ffff8880147fd8a8 RCX: 0000000000000000 [ 223.918727] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 223.919252] RBP: ffff88800f81fbd0 R08: ffffed10028ffb33 R09: ffffed10028ffb33 [ 223.919770] R10: ffff8880147fd993 R11: ffffed10028ffb32 R12: ffff888014390400 [ 223.920285] R13: ffff8880147fd9e8 R14: ffffffff8352e670 R15: ffff88800f81fe68 [ 223.920802] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.921384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.921805] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 223.922326] PKRU: 55555554 [ 223.922548] Call Trace: [ 223.922737] [ 223.922903] __iommufd_access_detach+0x1c2/0x2b0 [ 223.923267] iommufd_access_change_pt+0x149/0x270 [ 223.923631] iommufd_access_replace+0xb4/0x120 [ 223.923975] iommufd_test+0x3e5/0x37e0 [ 223.924261] ? lock_release+0x532/0x770 [ 223.924561] ? __might_fault+0x102/0x1b0 [ 223.924867] ? lock_acquire+0x427/0x4c0 [ 223.925169] ? __pfx_iommufd_test+0x10/0x10 [ 223.925483] ? __pfx_lock_release+0x10/0x10 [ 223.925805] ? __pfx_lock_acquire+0x10/0x10 [ 223.926132] ? write_comp_data+0x2f/0x90 [ 223.926437] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.926815] ? write_comp_data+0x2f/0x90 [ 223.927137] iommufd_fops_ioctl+0x37d/0x510 [ 223.927465] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.927828] ? write_comp_data+0x2f/0x90 [ 223.928135] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 223.928492] __x64_sys_ioctl+0x1a3/0x230 [ 223.928799] do_syscall_64+0x3b/0x90 [ 223.929080] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.929466] RIP: 0033:0x7f4b8743ee5d [ 223.929739] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 223.931075] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 223.931633] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 223.932148] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 223.932669] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 223.933185] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 223.933702] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 223.934228] [ 223.934399] irq event stamp: 0 [ 223.934645] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.935105] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.935708] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.936298] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.936743] ---[ end trace 0000000000000000 ]--- [ 223.939429] ------------[ cut here ]------------ [ 223.939798] WARNING: CPU: 1 PID: 2139 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.940517] Modules linked in: [ 223.940746] CPU: 1 PID: 2139 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.941367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.942164] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.942536] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.943836] RSP: 0018:ffff88800f81fbd0 EFLAGS: 00010246 [ 223.944213] RAX: 0000000000000000 RBX: ffff8880147fd8a8 RCX: 0000000000000000 [ 223.944716] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 223.945217] RBP: ffff88800f81fbe8 R08: ffffed10028ffb33 R09: ffffed10028ffb33 [ 223.945724] R10: ffff8880147fd993 R11: ffffed10028ffb32 R12: ffff888010c6e400 [ 223.946228] R13: ffff8880147fd9e8 R14: ffff888012fddf00 R15: 0000000000000000 [ 223.946750] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.947327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.947740] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.948245] PKRU: 55555554 [ 223.948448] Call Trace: [ 223.948633] [ 223.948795] iommufd_access_destroy_object+0x65/0x170 [ 223.949167] iommufd_object_destroy_user+0x18e/0x220 [ 223.949541] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 223.949961] iommufd_access_destroy+0x43/0x70 [ 223.950294] iommufd_test_staccess_release+0x8d/0xd0 [ 223.950679] __fput+0x26d/0xa40 [ 223.950930] ____fput+0x1e/0x30 [ 223.951180] task_work_run+0x1a4/0x2d0 [ 223.951467] ? __pfx_task_work_run+0x10/0x10 [ 223.951789] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.952144] ? switch_task_namespaces+0xa9/0xe0 [ 223.952488] do_exit+0xb17/0x2ef0 [ 223.952738] ? lock_acquire+0x427/0x4c0 [ 223.953033] ? __pfx_lock_release+0x10/0x10 [ 223.953349] ? __kasan_check_write+0x18/0x20 [ 223.953669] ? do_raw_spin_lock+0x132/0x2a0 [ 223.953980] ? __pfx_do_exit+0x10/0x10 [ 223.954268] ? debug_smp_processor_id+0x20/0x30 [ 223.954622] ? rcu_is_watching+0x19/0xb0 [ 223.954918] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.955259] ? trace_hardirqs_on+0x26/0x120 [ 223.955576] do_group_exit+0xe0/0x2b0 [ 223.955852] __x64_sys_exit_group+0x47/0x50 [ 223.956161] do_syscall_64+0x3b/0x90 [ 223.956438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.956815] RIP: 0033:0x7f4b87518a4d [ 223.957080] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.957522] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.958062] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.958589] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.959099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.959613] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.960120] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.960630] [ 223.960798] irq event stamp: 0 [ 223.961025] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.961475] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.962070] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.962678] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.963135] ---[ end trace 0000000000000000 ]--- [ 223.963772] ------------[ cut here ]------------ [ 223.964107] WARNING: CPU: 1 PID: 2139 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 223.964832] Modules linked in: [ 223.965061] CPU: 1 PID: 2139 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.965688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.966489] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 223.966878] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 223.968176] RSP: 0018:ffff88800f81fb78 EFLAGS: 00010246 [ 223.968555] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 223.969059] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 223.969571] RBP: ffff88800f81fb98 R08: ffffed10028ffb3e R09: ffffed10028ffb3e [ 223.970078] R10: ffff8880147fd9ef R11: ffffed10028ffb3d R12: ffff8880147fda90 [ 223.970606] R13: ffff8880147fd8a8 R14: ffffffffffffffff R15: ffff88800f81fc60 [ 223.971115] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 223.971691] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.972107] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 223.972617] PKRU: 55555554 [ 223.972822] Call Trace: [ 223.973006] [ 223.973170] iommufd_ioas_destroy+0x53/0x70 [ 223.973487] iommufd_fops_release+0x1f7/0x370 [ 223.973815] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.974175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.974545] ? write_comp_data+0x2f/0x90 [ 223.974871] ? __pfx_iommufd_fops_release+0x10/0x10 [ 223.975240] __fput+0x26d/0xa40 [ 223.975494] ____fput+0x1e/0x30 [ 223.975742] task_work_run+0x1a4/0x2d0 [ 223.976030] ? __pfx_task_work_run+0x10/0x10 [ 223.976350] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 223.976706] ? switch_task_namespaces+0xa9/0xe0 [ 223.977048] do_exit+0xb17/0x2ef0 [ 223.977299] ? lock_acquire+0x427/0x4c0 [ 223.977593] ? __pfx_lock_release+0x10/0x10 [ 223.977907] ? __kasan_check_write+0x18/0x20 [ 223.978226] ? do_raw_spin_lock+0x132/0x2a0 [ 223.978555] ? __pfx_do_exit+0x10/0x10 [ 223.978843] ? debug_smp_processor_id+0x20/0x30 [ 223.979187] ? rcu_is_watching+0x19/0xb0 [ 223.979483] ? _raw_spin_unlock_irq+0x2b/0x60 [ 223.979812] ? trace_hardirqs_on+0x26/0x120 [ 223.980127] do_group_exit+0xe0/0x2b0 [ 223.980401] __x64_sys_exit_group+0x47/0x50 [ 223.980708] do_syscall_64+0x3b/0x90 [ 223.980984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 223.981376] RIP: 0033:0x7f4b87518a4d [ 223.981643] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 223.982079] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 223.982635] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 223.983151] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 223.983656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 223.984162] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 223.984670] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 223.985182] [ 223.985354] irq event stamp: 0 [ 223.985579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 223.986028] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 223.986638] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 223.987241] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 223.987692] ---[ end trace 0000000000000000 ]--- [ 223.992320] ------------[ cut here ]------------ [ 223.992677] WARNING: CPU: 1 PID: 2140 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 223.993396] Modules linked in: [ 223.993625] CPU: 1 PID: 2140 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 223.994246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 223.995055] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 223.995418] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 223.996704] RSP: 0018:ffff88801855fbb8 EFLAGS: 00010246 [ 223.997079] RAX: 0000000000000000 RBX: ffff888012c1a0a8 RCX: 0000000000000000 [ 223.997582] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 223.998085] RBP: ffff88801855fbd0 R08: ffffed1002583433 R09: ffffed1002583433 [ 223.998607] R10: ffff888012c1a193 R11: ffffed1002583432 R12: ffff88800f9f6800 [ 223.999112] R13: ffff888012c1a1e8 R14: ffffffff8352e670 R15: ffff88801855fe68 [ 223.999623] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.000191] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.000602] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 224.001107] PKRU: 55555554 [ 224.001309] Call Trace: [ 224.001495] [ 224.001658] __iommufd_access_detach+0x1c2/0x2b0 [ 224.002008] iommufd_access_change_pt+0x149/0x270 [ 224.002364] iommufd_access_replace+0xb4/0x120 [ 224.002714] iommufd_test+0x3e5/0x37e0 [ 224.002994] ? lock_release+0x532/0x770 [ 224.003297] ? __might_fault+0x102/0x1b0 [ 224.003595] ? lock_acquire+0x427/0x4c0 [ 224.003889] ? __pfx_iommufd_test+0x10/0x10 [ 224.004196] ? __pfx_lock_release+0x10/0x10 [ 224.004512] ? __pfx_lock_acquire+0x10/0x10 [ 224.004828] ? write_comp_data+0x2f/0x90 [ 224.005128] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.005481] ? write_comp_data+0x2f/0x90 [ 224.005780] iommufd_fops_ioctl+0x37d/0x510 [ 224.006094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.006448] ? write_comp_data+0x2f/0x90 [ 224.006765] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.007114] __x64_sys_ioctl+0x1a3/0x230 [ 224.007424] do_syscall_64+0x3b/0x90 [ 224.007706] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.008081] RIP: 0033:0x7f4b8743ee5d [ 224.008346] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.009639] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.010177] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.010696] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.011210] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.011720] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.012228] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.012739] [ 224.012907] irq event stamp: 0 [ 224.013132] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.013579] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.014173] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.014783] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.015237] ---[ end trace 0000000000000000 ]--- [ 224.017765] ------------[ cut here ]------------ [ 224.018107] WARNING: CPU: 1 PID: 2140 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.018838] Modules linked in: [ 224.019065] CPU: 1 PID: 2140 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.019687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.020473] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.020824] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.022094] RSP: 0018:ffff88801855fbd0 EFLAGS: 00010246 [ 224.022465] RAX: 0000000000000000 RBX: ffff888012c1a0a8 RCX: 0000000000000000 [ 224.022976] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 224.023469] RBP: ffff88801855fbe8 R08: ffffed1002583433 R09: ffffed1002583433 [ 224.023956] R10: ffff888012c1a193 R11: ffffed1002583432 R12: ffff888014391000 [ 224.024444] R13: ffff888012c1a1e8 R14: ffff8880143cfb00 R15: 0000000000000000 [ 224.024933] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.025484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.025881] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 224.026371] PKRU: 55555554 [ 224.026584] Call Trace: [ 224.026761] [ 224.026919] iommufd_access_destroy_object+0x65/0x170 [ 224.027286] iommufd_object_destroy_user+0x18e/0x220 [ 224.027645] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.028050] iommufd_access_destroy+0x43/0x70 [ 224.028370] iommufd_test_staccess_release+0x8d/0xd0 [ 224.028727] __fput+0x26d/0xa40 [ 224.028968] ____fput+0x1e/0x30 [ 224.029205] task_work_run+0x1a4/0x2d0 [ 224.029483] ? __pfx_task_work_run+0x10/0x10 [ 224.029791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.030134] ? switch_task_namespaces+0xa9/0xe0 [ 224.030464] do_exit+0xb17/0x2ef0 [ 224.030730] ? lock_acquire+0x427/0x4c0 [ 224.031014] ? __pfx_lock_release+0x10/0x10 [ 224.031323] ? __kasan_check_write+0x18/0x20 [ 224.031635] ? do_raw_spin_lock+0x132/0x2a0 [ 224.031935] ? __pfx_do_exit+0x10/0x10 [ 224.032213] ? debug_smp_processor_id+0x20/0x30 [ 224.032539] ? rcu_is_watching+0x19/0xb0 [ 224.032821] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.033139] ? trace_hardirqs_on+0x26/0x120 [ 224.033443] do_group_exit+0xe0/0x2b0 [ 224.033710] __x64_sys_exit_group+0x47/0x50 [ 224.034008] do_syscall_64+0x3b/0x90 [ 224.034274] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.034664] RIP: 0033:0x7f4b87518a4d [ 224.034922] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.035352] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.035872] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.036360] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.036847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.037334] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.037819] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.038313] [ 224.038474] irq event stamp: 0 [ 224.038706] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.039144] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.039740] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.040469] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.040905] ---[ end trace 0000000000000000 ]--- [ 224.041536] ------------[ cut here ]------------ [ 224.041904] WARNING: CPU: 1 PID: 2140 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.042771] Modules linked in: [ 224.042998] CPU: 1 PID: 2140 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.043634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.044481] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.044838] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.046187] RSP: 0018:ffff88801855fb78 EFLAGS: 00010246 [ 224.046746] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.047247] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 224.047787] RBP: ffff88801855fb98 R08: ffffed100258343e R09: ffffed100258343e [ 224.048320] R10: ffff888012c1a1ef R11: ffffed100258343d R12: ffff888012c1a290 [ 224.048813] R13: ffff888012c1a0a8 R14: ffffffffffffffff R15: ffff88801855fc60 [ 224.049390] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.049948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.050351] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 224.050896] PKRU: 55555554 [ 224.051141] Call Trace: [ 224.051320] [ 224.051479] iommufd_ioas_destroy+0x53/0x70 [ 224.051784] iommufd_fops_release+0x1f7/0x370 [ 224.052102] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.052456] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.052827] ? write_comp_data+0x2f/0x90 [ 224.053182] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.053537] __fput+0x26d/0xa40 [ 224.053780] ____fput+0x1e/0x30 [ 224.054021] task_work_run+0x1a4/0x2d0 [ 224.054301] ? __pfx_task_work_run+0x10/0x10 [ 224.054711] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.055057] ? switch_task_namespaces+0xa9/0xe0 [ 224.055399] do_exit+0xb17/0x2ef0 [ 224.055644] ? lock_acquire+0x427/0x4c0 [ 224.055931] ? __pfx_lock_release+0x10/0x10 [ 224.056239] ? __kasan_check_write+0x18/0x20 [ 224.056635] ? do_raw_spin_lock+0x132/0x2a0 [ 224.056943] ? __pfx_do_exit+0x10/0x10 [ 224.057225] ? debug_smp_processor_id+0x20/0x30 [ 224.057555] ? rcu_is_watching+0x19/0xb0 [ 224.057841] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.058250] ? trace_hardirqs_on+0x26/0x120 [ 224.058583] do_group_exit+0xe0/0x2b0 [ 224.058852] __x64_sys_exit_group+0x47/0x50 [ 224.059162] do_syscall_64+0x3b/0x90 [ 224.059433] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.059803] RIP: 0033:0x7f4b87518a4d [ 224.060100] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.060572] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.061106] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.061610] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.062204] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.062728] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.063239] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.063785] [ 224.064007] irq event stamp: 0 [ 224.064231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.064674] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.065266] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.065955] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.066399] ---[ end trace 0000000000000000 ]--- [ 224.069689] ------------[ cut here ]------------ [ 224.070053] WARNING: CPU: 1 PID: 2141 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.070923] Modules linked in: [ 224.071166] CPU: 1 PID: 2141 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.071796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.072693] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.073053] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.074465] RSP: 0018:ffff88800f81fbb8 EFLAGS: 00010246 [ 224.074912] RAX: 0000000000000000 RBX: ffff888023f428a8 RCX: 0000000000000000 [ 224.075435] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 224.075950] RBP: ffff88800f81fbd0 R08: ffffed10047e8533 R09: ffffed10047e8533 [ 224.076551] R10: ffff888023f42993 R11: ffffed10047e8532 R12: ffff88800ef56c00 [ 224.077060] R13: ffff888023f429e8 R14: ffffffff8352e670 R15: ffff88800f81fe68 [ 224.077572] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.078248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.078687] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 224.079213] PKRU: 55555554 [ 224.079419] Call Trace: [ 224.079604] [ 224.079793] __iommufd_access_detach+0x1c2/0x2b0 [ 224.080197] iommufd_access_change_pt+0x149/0x270 [ 224.080557] iommufd_access_replace+0xb4/0x120 [ 224.080900] iommufd_test+0x3e5/0x37e0 [ 224.081185] ? lock_release+0x532/0x770 [ 224.081539] ? __might_fault+0x102/0x1b0 [ 224.081891] ? lock_acquire+0x427/0x4c0 [ 224.082189] ? __pfx_iommufd_test+0x10/0x10 [ 224.082525] ? __pfx_lock_release+0x10/0x10 [ 224.082847] ? __pfx_lock_acquire+0x10/0x10 [ 224.083179] ? write_comp_data+0x2f/0x90 [ 224.083510] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.083935] ? write_comp_data+0x2f/0x90 [ 224.084244] iommufd_fops_ioctl+0x37d/0x510 [ 224.084568] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.084928] ? write_comp_data+0x2f/0x90 [ 224.085263] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.085685] __x64_sys_ioctl+0x1a3/0x230 [ 224.085994] do_syscall_64+0x3b/0x90 [ 224.086283] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.086701] RIP: 0033:0x7f4b8743ee5d [ 224.086985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.088449] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.089035] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.089639] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.090165] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.090712] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.091335] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.091873] [ 224.092049] irq event stamp: 0 [ 224.092283] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.092781] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.093468] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.094088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.094635] ---[ end trace 0000000000000000 ]--- [ 224.097546] ------------[ cut here ]------------ [ 224.097942] WARNING: CPU: 1 PID: 2141 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.098844] Modules linked in: [ 224.099089] CPU: 1 PID: 2141 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.099758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.100715] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.101091] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.102595] RSP: 0018:ffff88800f81fbd0 EFLAGS: 00010246 [ 224.103001] RAX: 0000000000000000 RBX: ffff888023f428a8 RCX: 0000000000000000 [ 224.103550] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 224.104084] RBP: ffff88800f81fbe8 R08: ffffed10047e8533 R09: ffffed10047e8533 [ 224.104683] R10: ffff888023f42993 R11: ffffed10047e8532 R12: ffff88800f9f7c00 [ 224.105294] R13: ffff888023f429e8 R14: ffff888020df3700 R15: 0000000000000000 [ 224.105845] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.106599] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.107048] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 224.107610] PKRU: 55555554 [ 224.107837] Call Trace: [ 224.108038] [ 224.108216] iommufd_access_destroy_object+0x65/0x170 [ 224.108751] iommufd_object_destroy_user+0x18e/0x220 [ 224.109151] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.109605] iommufd_access_destroy+0x43/0x70 [ 224.109963] iommufd_test_staccess_release+0x8d/0xd0 [ 224.110473] __fput+0x26d/0xa40 [ 224.110771] ____fput+0x1e/0x30 [ 224.111039] task_work_run+0x1a4/0x2d0 [ 224.111360] ? __pfx_task_work_run+0x10/0x10 [ 224.111710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.112098] ? switch_task_namespaces+0xa9/0xe0 [ 224.112587] do_exit+0xb17/0x2ef0 [ 224.112864] ? lock_acquire+0x427/0x4c0 [ 224.113185] ? __pfx_lock_release+0x10/0x10 [ 224.113526] ? __kasan_check_write+0x18/0x20 [ 224.113876] ? do_raw_spin_lock+0x132/0x2a0 [ 224.114277] ? __pfx_do_exit+0x10/0x10 [ 224.114649] ? debug_smp_processor_id+0x20/0x30 [ 224.115018] ? rcu_is_watching+0x19/0xb0 [ 224.115359] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.115718] ? trace_hardirqs_on+0x26/0x120 [ 224.116060] do_group_exit+0xe0/0x2b0 [ 224.116425] __x64_sys_exit_group+0x47/0x50 [ 224.116828] do_syscall_64+0x3b/0x90 [ 224.117128] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.117540] RIP: 0033:0x7f4b87518a4d [ 224.117832] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.118425] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.119036] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.119598] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.120149] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.120832] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.121381] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.121938] [ 224.122170] irq event stamp: 0 [ 224.122477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.122987] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.123650] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.124414] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.124906] ---[ end trace 0000000000000000 ]--- [ 224.125611] ------------[ cut here ]------------ [ 224.126042] WARNING: CPU: 1 PID: 2141 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.126923] Modules linked in: [ 224.127190] CPU: 1 PID: 2141 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.127866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.128856] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.129260] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.130804] RSP: 0018:ffff88800f81fb78 EFLAGS: 00010246 [ 224.131227] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.131778] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 224.132462] RBP: ffff88800f81fb98 R08: ffffed10047e853e R09: ffffed10047e853e [ 224.133009] R10: ffff888023f429ef R11: ffffed10047e853d R12: ffff888023f42a90 [ 224.133556] R13: ffff888023f428a8 R14: ffffffffffffffff R15: ffff88800f81fc60 [ 224.134228] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.134874] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.135333] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 224.135931] PKRU: 55555554 [ 224.136220] Call Trace: [ 224.136419] [ 224.136598] iommufd_ioas_destroy+0x53/0x70 [ 224.136940] iommufd_fops_release+0x1f7/0x370 [ 224.137292] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.137746] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.138190] ? write_comp_data+0x2f/0x90 [ 224.138536] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.138936] __fput+0x26d/0xa40 [ 224.139215] ____fput+0x1e/0x30 [ 224.139483] task_work_run+0x1a4/0x2d0 [ 224.139814] ? __pfx_task_work_run+0x10/0x10 [ 224.140264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.140650] ? switch_task_namespaces+0xa9/0xe0 [ 224.141022] do_exit+0xb17/0x2ef0 [ 224.141298] ? lock_acquire+0x427/0x4c0 [ 224.141618] ? __pfx_lock_release+0x10/0x10 [ 224.141958] ? __kasan_check_write+0x18/0x20 [ 224.142304] ? do_raw_spin_lock+0x132/0x2a0 [ 224.142662] ? __pfx_do_exit+0x10/0x10 [ 224.142976] ? debug_smp_processor_id+0x20/0x30 [ 224.143348] ? rcu_is_watching+0x19/0xb0 [ 224.143667] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.144024] ? trace_hardirqs_on+0x26/0x120 [ 224.144368] do_group_exit+0xe0/0x2b0 [ 224.144666] __x64_sys_exit_group+0x47/0x50 [ 224.144999] do_syscall_64+0x3b/0x90 [ 224.145297] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.145709] RIP: 0033:0x7f4b87518a4d [ 224.145995] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.146468] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.147078] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.147640] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.148190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.148741] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.149288] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.149838] [ 224.150017] irq event stamp: 0 [ 224.150258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.150757] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.151410] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.152045] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.152526] ---[ end trace 0000000000000000 ]--- [ 224.156101] ------------[ cut here ]------------ [ 224.156493] WARNING: CPU: 1 PID: 2142 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.157272] Modules linked in: [ 224.157518] CPU: 1 PID: 2142 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.158176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.159099] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.159489] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.160864] RSP: 0018:ffff888014697bb8 EFLAGS: 00010246 [ 224.161265] RAX: 0000000000000000 RBX: ffff88800b9ff0a8 RCX: 0000000000000000 [ 224.161805] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 224.162341] RBP: ffff888014697bd0 R08: ffffed100173fe33 R09: ffffed100173fe33 [ 224.162902] R10: ffff88800b9ff193 R11: ffffed100173fe32 R12: ffff888010827000 [ 224.163448] R13: ffff88800b9ff1e8 R14: ffffffff8352e670 R15: ffff888014697e68 [ 224.163988] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.164596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.165035] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 224.165573] PKRU: 55555554 [ 224.165790] Call Trace: [ 224.165984] [ 224.166159] __iommufd_access_detach+0x1c2/0x2b0 [ 224.166550] iommufd_access_change_pt+0x149/0x270 [ 224.166931] iommufd_access_replace+0xb4/0x120 [ 224.167294] iommufd_test+0x3e5/0x37e0 [ 224.167591] ? lock_release+0x532/0x770 [ 224.167904] ? __might_fault+0x102/0x1b0 [ 224.168220] ? lock_acquire+0x427/0x4c0 [ 224.168534] ? __pfx_iommufd_test+0x10/0x10 [ 224.168863] ? __pfx_lock_release+0x10/0x10 [ 224.169201] ? __pfx_lock_acquire+0x10/0x10 [ 224.169541] ? write_comp_data+0x2f/0x90 [ 224.169861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.170236] ? write_comp_data+0x2f/0x90 [ 224.170572] iommufd_fops_ioctl+0x37d/0x510 [ 224.170913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.171300] ? write_comp_data+0x2f/0x90 [ 224.171624] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.171994] __x64_sys_ioctl+0x1a3/0x230 [ 224.172314] do_syscall_64+0x3b/0x90 [ 224.172606] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.173010] RIP: 0033:0x7f4b8743ee5d [ 224.173302] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.174697] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.175289] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.175829] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.176380] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.176923] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.177462] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.178009] [ 224.178189] irq event stamp: 0 [ 224.178429] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.178925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.179596] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.180232] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.180711] ---[ end trace 0000000000000000 ]--- [ 224.183496] ------------[ cut here ]------------ [ 224.183892] WARNING: CPU: 1 PID: 2142 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.184661] Modules linked in: [ 224.184908] CPU: 1 PID: 2142 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.185569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.186405] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.186794] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.188150] RSP: 0018:ffff888014697bd0 EFLAGS: 00010246 [ 224.188546] RAX: 0000000000000000 RBX: ffff88800b9ff0a8 RCX: 0000000000000000 [ 224.189067] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 224.189599] RBP: ffff888014697be8 R08: ffffed100173fe33 R09: ffffed100173fe33 [ 224.190124] R10: ffff88800b9ff193 R11: ffffed100173fe32 R12: ffff88800ef56000 [ 224.190668] R13: ffff88800b9ff1e8 R14: ffff888021819000 R15: 0000000000000000 [ 224.191201] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.191796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.192225] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 224.192755] PKRU: 55555554 [ 224.192965] Call Trace: [ 224.193156] [ 224.193328] iommufd_access_destroy_object+0x65/0x170 [ 224.193719] iommufd_object_destroy_user+0x18e/0x220 [ 224.194100] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.194577] iommufd_access_destroy+0x43/0x70 [ 224.194925] iommufd_test_staccess_release+0x8d/0xd0 [ 224.195320] __fput+0x26d/0xa40 [ 224.195581] ____fput+0x1e/0x30 [ 224.195836] task_work_run+0x1a4/0x2d0 [ 224.196133] ? __pfx_task_work_run+0x10/0x10 [ 224.196466] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.196837] ? switch_task_namespaces+0xa9/0xe0 [ 224.197192] do_exit+0xb17/0x2ef0 [ 224.197451] ? lock_acquire+0x427/0x4c0 [ 224.197755] ? __pfx_lock_release+0x10/0x10 [ 224.198081] ? __kasan_check_write+0x18/0x20 [ 224.198415] ? do_raw_spin_lock+0x132/0x2a0 [ 224.198760] ? __pfx_do_exit+0x10/0x10 [ 224.199059] ? debug_smp_processor_id+0x20/0x30 [ 224.199418] ? rcu_is_watching+0x19/0xb0 [ 224.199725] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.200070] ? trace_hardirqs_on+0x26/0x120 [ 224.200400] do_group_exit+0xe0/0x2b0 [ 224.200691] __x64_sys_exit_group+0x47/0x50 [ 224.201014] do_syscall_64+0x3b/0x90 [ 224.201300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.201695] RIP: 0033:0x7f4b87518a4d [ 224.201973] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.202430] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.203008] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.203536] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.204055] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.204573] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.205092] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.205619] [ 224.205790] irq event stamp: 0 [ 224.206021] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.206484] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.207113] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.207735] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.208200] ---[ end trace 0000000000000000 ]--- [ 224.208863] ------------[ cut here ]------------ [ 224.209208] WARNING: CPU: 1 PID: 2142 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.209951] Modules linked in: [ 224.210185] CPU: 1 PID: 2142 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.210852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.211682] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.212059] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.213383] RSP: 0018:ffff888014697b78 EFLAGS: 00010246 [ 224.213769] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.214285] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 224.214823] RBP: ffff888014697b98 R08: ffffed100173fe3e R09: ffffed100173fe3e [ 224.215349] R10: ffff88800b9ff1ef R11: ffffed100173fe3d R12: ffff88800b9ff290 [ 224.215868] R13: ffff88800b9ff0a8 R14: ffffffffffffffff R15: ffff888014697c60 [ 224.216388] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.216971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.217394] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 224.217913] PKRU: 55555554 [ 224.218122] Call Trace: [ 224.218308] [ 224.218476] iommufd_ioas_destroy+0x53/0x70 [ 224.218816] iommufd_fops_release+0x1f7/0x370 [ 224.219160] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.219531] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.219896] ? write_comp_data+0x2f/0x90 [ 224.220202] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.220570] __fput+0x26d/0xa40 [ 224.220829] ____fput+0x1e/0x30 [ 224.221080] task_work_run+0x1a4/0x2d0 [ 224.221377] ? __pfx_task_work_run+0x10/0x10 [ 224.221706] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.222070] ? switch_task_namespaces+0xa9/0xe0 [ 224.222426] do_exit+0xb17/0x2ef0 [ 224.222705] ? lock_acquire+0x427/0x4c0 [ 224.223008] ? __pfx_lock_release+0x10/0x10 [ 224.223337] ? __kasan_check_write+0x18/0x20 [ 224.223667] ? do_raw_spin_lock+0x132/0x2a0 [ 224.223986] ? __pfx_do_exit+0x10/0x10 [ 224.224281] ? debug_smp_processor_id+0x20/0x30 [ 224.224630] ? rcu_is_watching+0x19/0xb0 [ 224.224934] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.225273] ? trace_hardirqs_on+0x26/0x120 [ 224.225601] do_group_exit+0xe0/0x2b0 [ 224.225887] __x64_sys_exit_group+0x47/0x50 [ 224.226207] do_syscall_64+0x3b/0x90 [ 224.226492] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.226904] RIP: 0033:0x7f4b87518a4d [ 224.227191] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.227648] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.228203] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.228727] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.229248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.229774] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.230297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.230841] [ 224.231017] irq event stamp: 0 [ 224.231255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.231723] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.232332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.232939] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.233401] ---[ end trace 0000000000000000 ]--- [ 224.237799] ------------[ cut here ]------------ [ 224.238184] WARNING: CPU: 1 PID: 2143 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.239005] Modules linked in: [ 224.239264] CPU: 1 PID: 2143 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.239903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.240722] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.241086] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.242416] RSP: 0018:ffff88800ea27bb8 EFLAGS: 00010246 [ 224.242824] RAX: 0000000000000000 RBX: ffff8880186558a8 RCX: 0000000000000000 [ 224.243353] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 224.243875] RBP: ffff88800ea27bd0 R08: ffffed10030cab33 R09: ffffed10030cab33 [ 224.244394] R10: ffff888018655993 R11: ffffed10030cab32 R12: ffff888010572c00 [ 224.244913] R13: ffff8880186559e8 R14: ffffffff8352e670 R15: ffff88800ea27e68 [ 224.245434] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.246021] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.246446] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 224.246987] PKRU: 55555554 [ 224.247208] Call Trace: [ 224.247397] [ 224.247570] __iommufd_access_detach+0x1c2/0x2b0 [ 224.247936] iommufd_access_change_pt+0x149/0x270 [ 224.248328] iommufd_access_replace+0xb4/0x120 [ 224.248676] iommufd_test+0x3e5/0x37e0 [ 224.248964] ? lock_release+0x532/0x770 [ 224.249267] ? __might_fault+0x102/0x1b0 [ 224.249573] ? lock_acquire+0x427/0x4c0 [ 224.249877] ? __pfx_iommufd_test+0x10/0x10 [ 224.250200] ? __pfx_lock_release+0x10/0x10 [ 224.250537] ? __pfx_lock_acquire+0x10/0x10 [ 224.250859] ? write_comp_data+0x2f/0x90 [ 224.251183] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.251543] ? write_comp_data+0x2f/0x90 [ 224.251847] iommufd_fops_ioctl+0x37d/0x510 [ 224.252167] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.252525] ? write_comp_data+0x2f/0x90 [ 224.252831] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.253185] __x64_sys_ioctl+0x1a3/0x230 [ 224.253490] do_syscall_64+0x3b/0x90 [ 224.253774] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.254155] RIP: 0033:0x7f4b8743ee5d [ 224.254426] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.255764] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.256314] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.256829] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.257341] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.257856] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.258376] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.258918] [ 224.259087] irq event stamp: 0 [ 224.259325] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.259782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.260386] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.260988] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.261445] ---[ end trace 0000000000000000 ]--- [ 224.264208] ------------[ cut here ]------------ [ 224.264593] WARNING: CPU: 1 PID: 2143 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.265325] Modules linked in: [ 224.265559] CPU: 1 PID: 2143 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.266186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.267020] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.267396] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.268714] RSP: 0018:ffff88800ea27bd0 EFLAGS: 00010246 [ 224.269109] RAX: 0000000000000000 RBX: ffff8880186558a8 RCX: 0000000000000000 [ 224.269641] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 224.270165] RBP: ffff88800ea27be8 R08: ffffed10030cab33 R09: ffffed10030cab33 [ 224.270712] R10: ffff888018655993 R11: ffffed10030cab32 R12: ffff888010824400 [ 224.271245] R13: ffff8880186559e8 R14: ffff88800fd1e100 R15: 0000000000000000 [ 224.271777] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.272371] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.272806] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 224.273333] PKRU: 55555554 [ 224.273544] Call Trace: [ 224.273735] [ 224.273905] iommufd_access_destroy_object+0x65/0x170 [ 224.274294] iommufd_object_destroy_user+0x18e/0x220 [ 224.274698] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.275145] iommufd_access_destroy+0x43/0x70 [ 224.275501] iommufd_test_staccess_release+0x8d/0xd0 [ 224.275896] __fput+0x26d/0xa40 [ 224.276164] ____fput+0x1e/0x30 [ 224.276421] task_work_run+0x1a4/0x2d0 [ 224.276728] ? __pfx_task_work_run+0x10/0x10 [ 224.277067] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.277451] ? switch_task_namespaces+0xa9/0xe0 [ 224.277815] do_exit+0xb17/0x2ef0 [ 224.278079] ? lock_acquire+0x427/0x4c0 [ 224.278394] ? __pfx_lock_release+0x10/0x10 [ 224.278752] ? __kasan_check_write+0x18/0x20 [ 224.279093] ? do_raw_spin_lock+0x132/0x2a0 [ 224.279445] ? __pfx_do_exit+0x10/0x10 [ 224.279760] ? debug_smp_processor_id+0x20/0x30 [ 224.280127] ? rcu_is_watching+0x19/0xb0 [ 224.280446] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.280816] ? trace_hardirqs_on+0x26/0x120 [ 224.281160] do_group_exit+0xe0/0x2b0 [ 224.281461] __x64_sys_exit_group+0x47/0x50 [ 224.281797] do_syscall_64+0x3b/0x90 [ 224.282098] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.282538] RIP: 0033:0x7f4b87518a4d [ 224.282830] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.283329] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.283921] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.284477] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.285030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.285581] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.286131] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.286719] [ 224.286907] irq event stamp: 0 [ 224.287165] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.287658] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.288317] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.288969] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.289456] ---[ end trace 0000000000000000 ]--- [ 224.290141] ------------[ cut here ]------------ [ 224.290542] WARNING: CPU: 1 PID: 2143 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.291360] Modules linked in: [ 224.291616] CPU: 1 PID: 2143 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.292310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.293223] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.293646] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.295187] RSP: 0018:ffff88800ea27b78 EFLAGS: 00010246 [ 224.295631] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.296209] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 224.296796] RBP: ffff88800ea27b98 R08: ffffed10030cab3e R09: ffffed10030cab3e [ 224.297796] R10: ffff8880186559ef R11: ffffed10030cab3d R12: ffff888018655a90 [ 224.298372] R13: ffff8880186558a8 R14: ffffffffffffffff R15: ffff88800ea27c60 [ 224.298977] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.299642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.300110] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 224.300692] PKRU: 55555554 [ 224.300972] Call Trace: [ 224.301228] [ 224.301467] iommufd_ioas_destroy+0x53/0x70 [ 224.301822] iommufd_fops_release+0x1f7/0x370 [ 224.302191] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.302643] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.303053] ? write_comp_data+0x2f/0x90 [ 224.303410] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.303828] __fput+0x26d/0xa40 [ 224.304112] ____fput+0x1e/0x30 [ 224.304393] task_work_run+0x1a4/0x2d0 [ 224.304722] ? __pfx_task_work_run+0x10/0x10 [ 224.305096] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.305642] ? switch_task_namespaces+0xa9/0xe0 [ 224.306038] do_exit+0xb17/0x2ef0 [ 224.306330] ? lock_acquire+0x427/0x4c0 [ 224.306725] ? __pfx_lock_release+0x10/0x10 [ 224.307110] ? __kasan_check_write+0x18/0x20 [ 224.307516] ? do_raw_spin_lock+0x132/0x2a0 [ 224.307897] ? __pfx_do_exit+0x10/0x10 [ 224.308248] ? debug_smp_processor_id+0x20/0x30 [ 224.308656] ? rcu_is_watching+0x19/0xb0 [ 224.309017] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.309574] ? trace_hardirqs_on+0x26/0x120 [ 224.309966] do_group_exit+0xe0/0x2b0 [ 224.310304] __x64_sys_exit_group+0x47/0x50 [ 224.310719] do_syscall_64+0x3b/0x90 [ 224.311057] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.311529] RIP: 0033:0x7f4b87518a4d [ 224.311857] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.312395] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.313053] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.313843] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.314466] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.315127] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.315754] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.316386] [ 224.316591] irq event stamp: 0 [ 224.316867] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.317557] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.318284] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.319064] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.319629] ---[ end trace 0000000000000000 ]--- [ 224.325080] ------------[ cut here ]------------ [ 224.325788] WARNING: CPU: 1 PID: 2144 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.327112] Modules linked in: [ 224.327570] CPU: 1 PID: 2144 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.328635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.330280] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.330966] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.333217] RSP: 0018:ffff888012f5fbb8 EFLAGS: 00010246 [ 224.334180] RAX: 0000000000000000 RBX: ffff888010b9f0a8 RCX: 0000000000000000 [ 224.335113] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 224.336020] RBP: ffff888012f5fbd0 R08: ffffed1002173e33 R09: ffffed1002173e33 [ 224.336900] R10: ffff888010b9f193 R11: ffffed1002173e32 R12: ffff88800ae91800 [ 224.337873] R13: ffff888010b9f1e8 R14: ffffffff8352e670 R15: ffff888012f5fe68 [ 224.338836] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.339857] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.340569] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 224.341520] PKRU: 55555554 [ 224.341954] Call Trace: [ 224.342279] [ 224.342607] __iommufd_access_detach+0x1c2/0x2b0 [ 224.343263] iommufd_access_change_pt+0x149/0x270 [ 224.343885] iommufd_access_replace+0xb4/0x120 [ 224.344469] iommufd_test+0x3e5/0x37e0 [ 224.344967] ? lock_release+0x532/0x770 [ 224.345640] ? __might_fault+0x102/0x1b0 [ 224.346170] ? lock_acquire+0x427/0x4c0 [ 224.346742] ? __pfx_iommufd_test+0x10/0x10 [ 224.347307] ? __pfx_lock_release+0x10/0x10 [ 224.347863] ? __pfx_lock_acquire+0x10/0x10 [ 224.348418] ? write_comp_data+0x2f/0x90 [ 224.348950] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.349671] ? write_comp_data+0x2f/0x90 [ 224.350258] iommufd_fops_ioctl+0x37d/0x510 [ 224.350858] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.351506] ? write_comp_data+0x2f/0x90 [ 224.352038] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.352648] __x64_sys_ioctl+0x1a3/0x230 [ 224.353180] do_syscall_64+0x3b/0x90 [ 224.353757] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.354555] RIP: 0033:0x7f4b8743ee5d [ 224.355044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.357291] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.358424] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.359375] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.360262] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.361139] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.362205] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.363184] [ 224.363519] irq event stamp: 0 [ 224.363934] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.364748] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.365943] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.367203] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.368034] ---[ end trace 0000000000000000 ]--- [ 224.372846] ------------[ cut here ]------------ [ 224.373614] WARNING: CPU: 1 PID: 2144 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.375062] Modules linked in: [ 224.375665] CPU: 1 PID: 2144 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.376558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.377877] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.378869] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.381219] RSP: 0018:ffff888012f5fbd0 EFLAGS: 00010246 [ 224.381959] RAX: 0000000000000000 RBX: ffff888010b9f0a8 RCX: 0000000000000000 [ 224.383085] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 224.384048] RBP: ffff888012f5fbe8 R08: ffffed1002173e33 R09: ffffed1002173e33 [ 224.384965] R10: ffff888010b9f193 R11: ffffed1002173e32 R12: ffff888010572000 [ 224.385925] R13: ffff888010b9f1e8 R14: ffff888020e04e00 R15: 0000000000000000 [ 224.387062] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.388127] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.388874] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 224.389820] PKRU: 55555554 [ 224.390368] Call Trace: [ 224.390755] [ 224.391066] iommufd_access_destroy_object+0x65/0x170 [ 224.391868] iommufd_object_destroy_user+0x18e/0x220 [ 224.392399] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.392985] iommufd_access_destroy+0x43/0x70 [ 224.393445] iommufd_test_staccess_release+0x8d/0xd0 [ 224.394018] __fput+0x26d/0xa40 [ 224.394680] ____fput+0x1e/0x30 [ 224.395206] task_work_run+0x1a4/0x2d0 [ 224.395739] ? __pfx_task_work_run+0x10/0x10 [ 224.396334] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.396983] ? switch_task_namespaces+0xa9/0xe0 [ 224.397603] do_exit+0xb17/0x2ef0 [ 224.398055] ? lock_acquire+0x427/0x4c0 [ 224.398702] ? __pfx_lock_release+0x10/0x10 [ 224.399432] ? __kasan_check_write+0x18/0x20 [ 224.400031] ? do_raw_spin_lock+0x132/0x2a0 [ 224.400610] ? __pfx_do_exit+0x10/0x10 [ 224.401134] ? debug_smp_processor_id+0x20/0x30 [ 224.401745] ? rcu_is_watching+0x19/0xb0 [ 224.402274] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.403019] ? trace_hardirqs_on+0x26/0x120 [ 224.403805] do_group_exit+0xe0/0x2b0 [ 224.404324] __x64_sys_exit_group+0x47/0x50 [ 224.404895] do_syscall_64+0x3b/0x90 [ 224.405391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.406064] RIP: 0033:0x7f4b87518a4d [ 224.406630] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.407549] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.408652] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.409565] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.410465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.411600] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.412568] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.413496] [ 224.413811] irq event stamp: 0 [ 224.414218] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.415095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.416368] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.417442] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.418251] ---[ end trace 0000000000000000 ]--- [ 224.419623] ------------[ cut here ]------------ [ 224.420416] WARNING: CPU: 1 PID: 2144 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.421714] Modules linked in: [ 224.422133] CPU: 1 PID: 2144 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.423366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.424956] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.425634] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.428224] RSP: 0018:ffff888012f5fb78 EFLAGS: 00010246 [ 224.428927] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.429831] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 224.430785] RBP: ffff888012f5fb98 R08: ffffed1002173e3e R09: ffffed1002173e3e [ 224.431777] R10: ffff888010b9f1ef R11: ffffed1002173e3d R12: ffff888010b9f290 [ 224.432877] R13: ffff888010b9f0a8 R14: ffffffffffffffff R15: ffff888012f5fc60 [ 224.433789] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 224.434866] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.435829] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 224.437090] PKRU: 55555554 [ 224.437473] Call Trace: [ 224.437805] [ 224.438102] iommufd_ioas_destroy+0x53/0x70 [ 224.438759] iommufd_fops_release+0x1f7/0x370 [ 224.439409] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.440175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.441021] ? write_comp_data+0x2f/0x90 [ 224.441583] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.442236] __fput+0x26d/0xa40 [ 224.442751] ____fput+0x1e/0x30 [ 224.443248] task_work_run+0x1a4/0x2d0 [ 224.443783] ? __pfx_task_work_run+0x10/0x10 [ 224.444408] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.445352] ? switch_task_namespaces+0xa9/0xe0 [ 224.445987] do_exit+0xb17/0x2ef0 [ 224.446442] ? lock_acquire+0x427/0x4c0 [ 224.447029] ? __pfx_lock_release+0x10/0x10 [ 224.447647] ? __kasan_check_write+0x18/0x20 [ 224.448244] ? do_raw_spin_lock+0x132/0x2a0 [ 224.448971] ? __pfx_do_exit+0x10/0x10 [ 224.449587] ? debug_smp_processor_id+0x20/0x30 [ 224.450204] ? rcu_is_watching+0x19/0xb0 [ 224.450785] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.451423] ? trace_hardirqs_on+0x26/0x120 [ 224.451996] do_group_exit+0xe0/0x2b0 [ 224.452505] __x64_sys_exit_group+0x47/0x50 [ 224.453168] do_syscall_64+0x3b/0x90 [ 224.453712] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.454405] RIP: 0033:0x7f4b87518a4d [ 224.454933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.455848] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.456618] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.457450] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.458740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.459704] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.460617] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.461629] [ 224.462226] irq event stamp: 0 [ 224.462702] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.463558] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.464620] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.465786] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.466788] ---[ end trace 0000000000000000 ]--- [ 224.478052] ------------[ cut here ]------------ [ 224.478798] WARNING: CPU: 0 PID: 2145 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.480583] Modules linked in: [ 224.481034] CPU: 0 PID: 2145 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.482555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.484111] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.485105] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.487925] RSP: 0018:ffff8880219d7bb8 EFLAGS: 00010246 [ 224.488662] RAX: 0000000000000000 RBX: ffff88801419f0a8 RCX: 0000000000000000 [ 224.489779] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 224.490925] RBP: ffff8880219d7bd0 R08: ffffed1002833e33 R09: ffffed1002833e33 [ 224.491920] R10: ffff88801419f193 R11: ffffed1002833e32 R12: ffff888013e27800 [ 224.493164] R13: ffff88801419f1e8 R14: ffffffff8352e670 R15: ffff8880219d7e68 [ 224.494195] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.495525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.496322] CR2: 00007f4b877410e8 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 224.497575] PKRU: 55555554 [ 224.497975] Call Trace: [ 224.498333] [ 224.498721] __iommufd_access_detach+0x1c2/0x2b0 [ 224.499490] iommufd_access_change_pt+0x149/0x270 [ 224.500339] iommufd_access_replace+0xb4/0x120 [ 224.501002] iommufd_test+0x3e5/0x37e0 [ 224.501543] ? lock_release+0x532/0x770 [ 224.502404] ? __might_fault+0x102/0x1b0 [ 224.503026] ? lock_acquire+0x427/0x4c0 [ 224.503618] ? __pfx_iommufd_test+0x10/0x10 [ 224.504207] ? __pfx_lock_release+0x10/0x10 [ 224.505092] ? __pfx_lock_acquire+0x10/0x10 [ 224.505710] ? write_comp_data+0x2f/0x90 [ 224.506285] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.507181] ? write_comp_data+0x2f/0x90 [ 224.507918] iommufd_fops_ioctl+0x37d/0x510 [ 224.508531] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.509210] ? write_comp_data+0x2f/0x90 [ 224.509786] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.510453] __x64_sys_ioctl+0x1a3/0x230 [ 224.511075] do_syscall_64+0x3b/0x90 [ 224.511637] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.512358] RIP: 0033:0x7f4b8743ee5d [ 224.512876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.515391] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.516427] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.517397] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.518366] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.519390] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.520366] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.521350] [ 224.521675] irq event stamp: 0 [ 224.522112] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.523011] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.524170] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.525299] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.526155] ---[ end trace 0000000000000000 ]--- [ 224.531231] ------------[ cut here ]------------ [ 224.531918] WARNING: CPU: 0 PID: 2145 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.533288] Modules linked in: [ 224.533730] CPU: 0 PID: 2145 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.534955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.536479] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.537139] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.539570] RSP: 0018:ffff8880219d7bd0 EFLAGS: 00010246 [ 224.540280] RAX: 0000000000000000 RBX: ffff88801419f0a8 RCX: 0000000000000000 [ 224.541209] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 224.542143] RBP: ffff8880219d7be8 R08: ffffed1002833e33 R09: ffffed1002833e33 [ 224.543105] R10: ffff88801419f193 R11: ffffed1002833e32 R12: ffff888020a8fc00 [ 224.544060] R13: ffff88801419f1e8 R14: ffff888018b94300 R15: 0000000000000000 [ 224.544993] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.546044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.546836] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.547788] PKRU: 55555554 [ 224.548167] Call Trace: [ 224.548515] [ 224.548829] iommufd_access_destroy_object+0x65/0x170 [ 224.549527] iommufd_object_destroy_user+0x18e/0x220 [ 224.550186] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.550967] iommufd_access_destroy+0x43/0x70 [ 224.551580] iommufd_test_staccess_release+0x8d/0xd0 [ 224.552242] __fput+0x26d/0xa40 [ 224.552689] ____fput+0x1e/0x30 [ 224.553130] task_work_run+0x1a4/0x2d0 [ 224.553644] ? __pfx_task_work_run+0x10/0x10 [ 224.554218] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.554880] ? switch_task_namespaces+0xa9/0xe0 [ 224.555509] do_exit+0xb17/0x2ef0 [ 224.555959] ? lock_acquire+0x427/0x4c0 [ 224.556661] ? __pfx_lock_release+0x10/0x10 [ 224.557435] ? __kasan_check_write+0x18/0x20 [ 224.558017] ? do_raw_spin_lock+0x132/0x2a0 [ 224.558734] ? __pfx_do_exit+0x10/0x10 [ 224.559364] ? debug_smp_processor_id+0x20/0x30 [ 224.559973] ? rcu_is_watching+0x19/0xb0 [ 224.560496] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.561323] ? trace_hardirqs_on+0x26/0x120 [ 224.561902] do_group_exit+0xe0/0x2b0 [ 224.562411] __x64_sys_exit_group+0x47/0x50 [ 224.563177] do_syscall_64+0x3b/0x90 [ 224.563820] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.564520] RIP: 0033:0x7f4b87518a4d [ 224.565012] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.566064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.567098] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.568289] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.569223] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.570380] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.571338] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.572494] [ 224.572802] irq event stamp: 0 [ 224.573203] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.573997] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.575082] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.576151] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.576948] ---[ end trace 0000000000000000 ]--- [ 224.578191] ------------[ cut here ]------------ [ 224.578803] WARNING: CPU: 0 PID: 2145 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.580069] Modules linked in: [ 224.580473] CPU: 0 PID: 2145 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.581543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.582945] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.583592] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.585824] RSP: 0018:ffff8880219d7b78 EFLAGS: 00010246 [ 224.586477] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.587385] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 224.588265] RBP: ffff8880219d7b98 R08: ffffed1002833e3e R09: ffffed1002833e3e [ 224.589141] R10: ffff88801419f1ef R11: ffffed1002833e3d R12: ffff88801419f290 [ 224.590018] R13: ffff88801419f0a8 R14: ffffffffffffffff R15: ffff8880219d7c60 [ 224.590932] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.591936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.592658] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.593501] PKRU: 55555554 [ 224.593837] Call Trace: [ 224.594143] [ 224.594418] iommufd_ioas_destroy+0x53/0x70 [ 224.594960] iommufd_fops_release+0x1f7/0x370 [ 224.595486] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.595925] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.596332] ? write_comp_data+0x2f/0x90 [ 224.596681] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.597096] __fput+0x26d/0xa40 [ 224.597386] ____fput+0x1e/0x30 [ 224.597663] task_work_run+0x1a4/0x2d0 [ 224.597989] ? __pfx_task_work_run+0x10/0x10 [ 224.598362] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.598808] ? switch_task_namespaces+0xa9/0xe0 [ 224.599232] do_exit+0xb17/0x2ef0 [ 224.599525] ? lock_acquire+0x427/0x4c0 [ 224.599864] ? __pfx_lock_release+0x10/0x10 [ 224.600219] ? __kasan_check_write+0x18/0x20 [ 224.600588] ? do_raw_spin_lock+0x132/0x2a0 [ 224.600942] ? __pfx_do_exit+0x10/0x10 [ 224.601264] ? debug_smp_processor_id+0x20/0x30 [ 224.601632] ? rcu_is_watching+0x19/0xb0 [ 224.601953] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.602313] ? trace_hardirqs_on+0x26/0x120 [ 224.602672] do_group_exit+0xe0/0x2b0 [ 224.602975] __x64_sys_exit_group+0x47/0x50 [ 224.603334] do_syscall_64+0x3b/0x90 [ 224.603639] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.604053] RIP: 0033:0x7f4b87518a4d [ 224.604344] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.604807] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.605401] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.605944] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.606488] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.607053] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.607617] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.608175] [ 224.608356] irq event stamp: 0 [ 224.608601] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.609093] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.609738] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.610378] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.610874] ---[ end trace 0000000000000000 ]--- [ 224.615262] ------------[ cut here ]------------ [ 224.615657] WARNING: CPU: 0 PID: 2146 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.616428] Modules linked in: [ 224.616679] CPU: 0 PID: 2146 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.617345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.618199] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.618745] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.620163] RSP: 0018:ffff88801803fbb8 EFLAGS: 00010246 [ 224.620575] RAX: 0000000000000000 RBX: ffff8880104638a8 RCX: 0000000000000000 [ 224.621115] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 224.621656] RBP: ffff88801803fbd0 R08: ffffed100208c733 R09: ffffed100208c733 [ 224.622201] R10: ffff888010463993 R11: ffffed100208c732 R12: ffff88800a724c00 [ 224.622779] R13: ffff8880104639e8 R14: ffffffff8352e670 R15: ffff88801803fe68 [ 224.623338] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.623956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.624403] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 224.624954] PKRU: 55555554 [ 224.625176] Call Trace: [ 224.625373] [ 224.625551] __iommufd_access_detach+0x1c2/0x2b0 [ 224.625927] iommufd_access_change_pt+0x149/0x270 [ 224.626309] iommufd_access_replace+0xb4/0x120 [ 224.626698] iommufd_test+0x3e5/0x37e0 [ 224.627001] ? lock_release+0x532/0x770 [ 224.627326] ? __might_fault+0x102/0x1b0 [ 224.627654] ? lock_acquire+0x427/0x4c0 [ 224.627967] ? __pfx_iommufd_test+0x10/0x10 [ 224.628300] ? __pfx_lock_release+0x10/0x10 [ 224.628638] ? __pfx_lock_acquire+0x10/0x10 [ 224.628979] ? write_comp_data+0x2f/0x90 [ 224.629297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.629675] ? write_comp_data+0x2f/0x90 [ 224.630000] iommufd_fops_ioctl+0x37d/0x510 [ 224.630344] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.630752] ? write_comp_data+0x2f/0x90 [ 224.631073] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.631461] __x64_sys_ioctl+0x1a3/0x230 [ 224.631788] do_syscall_64+0x3b/0x90 [ 224.632082] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.632488] RIP: 0033:0x7f4b8743ee5d [ 224.632773] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.634126] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.634711] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.635248] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.635771] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.636293] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.636824] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.637357] [ 224.637530] irq event stamp: 0 [ 224.637764] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.638236] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.638870] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.639519] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.639985] ---[ end trace 0000000000000000 ]--- [ 224.642703] ------------[ cut here ]------------ [ 224.643081] WARNING: CPU: 0 PID: 2146 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.643833] Modules linked in: [ 224.644073] CPU: 0 PID: 2146 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.644735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.645569] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.645941] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.647297] RSP: 0018:ffff88801803fbd0 EFLAGS: 00010246 [ 224.647688] RAX: 0000000000000000 RBX: ffff8880104638a8 RCX: 0000000000000000 [ 224.648209] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 224.648733] RBP: ffff88801803fbe8 R08: ffffed100208c733 R09: ffffed100208c733 [ 224.649250] R10: ffff888010463993 R11: ffffed100208c732 R12: ffff888013e26800 [ 224.649770] R13: ffff8880104639e8 R14: ffff888012866c00 R15: 0000000000000000 [ 224.650287] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.650899] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.651330] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.651851] PKRU: 55555554 [ 224.652065] Call Trace: [ 224.652254] [ 224.652423] iommufd_access_destroy_object+0x65/0x170 [ 224.652804] iommufd_object_destroy_user+0x18e/0x220 [ 224.653178] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.653609] iommufd_access_destroy+0x43/0x70 [ 224.653947] iommufd_test_staccess_release+0x8d/0xd0 [ 224.654329] __fput+0x26d/0xa40 [ 224.654602] ____fput+0x1e/0x30 [ 224.654857] task_work_run+0x1a4/0x2d0 [ 224.655165] ? __pfx_task_work_run+0x10/0x10 [ 224.655500] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.655867] ? switch_task_namespaces+0xa9/0xe0 [ 224.656230] do_exit+0xb17/0x2ef0 [ 224.656491] ? lock_acquire+0x427/0x4c0 [ 224.656796] ? __pfx_lock_release+0x10/0x10 [ 224.657122] ? __kasan_check_write+0x18/0x20 [ 224.657450] ? do_raw_spin_lock+0x132/0x2a0 [ 224.657773] ? __pfx_do_exit+0x10/0x10 [ 224.658072] ? debug_smp_processor_id+0x20/0x30 [ 224.658421] ? rcu_is_watching+0x19/0xb0 [ 224.658739] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.659078] ? trace_hardirqs_on+0x26/0x120 [ 224.659410] do_group_exit+0xe0/0x2b0 [ 224.659695] __x64_sys_exit_group+0x47/0x50 [ 224.660014] do_syscall_64+0x3b/0x90 [ 224.660299] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.660692] RIP: 0033:0x7f4b87518a4d [ 224.660969] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.661420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.661984] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.662501] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.663041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.663579] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.664105] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.664636] [ 224.664806] irq event stamp: 0 [ 224.665037] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.665506] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.666123] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.666751] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.667224] ---[ end trace 0000000000000000 ]--- [ 224.667894] ------------[ cut here ]------------ [ 224.668236] WARNING: CPU: 0 PID: 2146 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.668988] Modules linked in: [ 224.669223] CPU: 0 PID: 2146 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.669872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.670721] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.671102] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.672455] RSP: 0018:ffff88801803fb78 EFLAGS: 00010246 [ 224.672846] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.673367] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 224.673887] RBP: ffff88801803fb98 R08: ffffed100208c73e R09: ffffed100208c73e [ 224.674411] R10: ffff8880104639ef R11: ffffed100208c73d R12: ffff888010463a90 [ 224.674954] R13: ffff8880104638a8 R14: ffffffffffffffff R15: ffff88801803fc60 [ 224.675501] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.676090] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.676519] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.677035] PKRU: 55555554 [ 224.677241] Call Trace: [ 224.677435] [ 224.677605] iommufd_ioas_destroy+0x53/0x70 [ 224.677928] iommufd_fops_release+0x1f7/0x370 [ 224.678266] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.678653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.679021] ? write_comp_data+0x2f/0x90 [ 224.679337] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.679709] __fput+0x26d/0xa40 [ 224.679967] ____fput+0x1e/0x30 [ 224.680216] task_work_run+0x1a4/0x2d0 [ 224.680508] ? __pfx_task_work_run+0x10/0x10 [ 224.680831] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.681192] ? switch_task_namespaces+0xa9/0xe0 [ 224.681543] do_exit+0xb17/0x2ef0 [ 224.681794] ? lock_acquire+0x427/0x4c0 [ 224.682090] ? __pfx_lock_release+0x10/0x10 [ 224.682407] ? __kasan_check_write+0x18/0x20 [ 224.682737] ? do_raw_spin_lock+0x132/0x2a0 [ 224.683049] ? __pfx_do_exit+0x10/0x10 [ 224.683344] ? debug_smp_processor_id+0x20/0x30 [ 224.683689] ? rcu_is_watching+0x19/0xb0 [ 224.683982] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.684309] ? trace_hardirqs_on+0x26/0x120 [ 224.684623] do_group_exit+0xe0/0x2b0 [ 224.684898] __x64_sys_exit_group+0x47/0x50 [ 224.685209] do_syscall_64+0x3b/0x90 [ 224.685491] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.685873] RIP: 0033:0x7f4b87518a4d [ 224.686144] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.686601] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.687146] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.687657] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.688163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.688668] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.689172] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.689701] [ 224.689876] irq event stamp: 0 [ 224.690105] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.690573] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.691179] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.691789] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.692236] ---[ end trace 0000000000000000 ]--- [ 224.696430] ------------[ cut here ]------------ [ 224.696800] WARNING: CPU: 0 PID: 2147 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.697521] Modules linked in: [ 224.697748] CPU: 0 PID: 2147 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.698385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.699279] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.699642] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.700963] RSP: 0018:ffff88800ff0fbb8 EFLAGS: 00010246 [ 224.701351] RAX: 0000000000000000 RBX: ffff888020ea80a8 RCX: 0000000000000000 [ 224.701866] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 224.702379] RBP: ffff88800ff0fbd0 R08: ffffed10041d5033 R09: ffffed10041d5033 [ 224.702909] R10: ffff888020ea8193 R11: ffffed10041d5032 R12: ffff888013b64400 [ 224.703444] R13: ffff888020ea81e8 R14: ffffffff8352e670 R15: ffff88800ff0fe68 [ 224.703964] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.704542] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.704963] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 224.705474] PKRU: 55555554 [ 224.705683] Call Trace: [ 224.705871] [ 224.706043] __iommufd_access_detach+0x1c2/0x2b0 [ 224.706403] iommufd_access_change_pt+0x149/0x270 [ 224.706783] iommufd_access_replace+0xb4/0x120 [ 224.707140] iommufd_test+0x3e5/0x37e0 [ 224.707432] ? lock_release+0x532/0x770 [ 224.707736] ? __might_fault+0x102/0x1b0 [ 224.708038] ? lock_acquire+0x427/0x4c0 [ 224.708338] ? __pfx_iommufd_test+0x10/0x10 [ 224.708660] ? __pfx_lock_release+0x10/0x10 [ 224.708986] ? __pfx_lock_acquire+0x10/0x10 [ 224.709311] ? write_comp_data+0x2f/0x90 [ 224.709618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.709981] ? write_comp_data+0x2f/0x90 [ 224.710286] iommufd_fops_ioctl+0x37d/0x510 [ 224.710624] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.710989] ? write_comp_data+0x2f/0x90 [ 224.711306] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.711662] __x64_sys_ioctl+0x1a3/0x230 [ 224.711973] do_syscall_64+0x3b/0x90 [ 224.712254] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.712641] RIP: 0033:0x7f4b8743ee5d [ 224.712913] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.714228] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.714798] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.715321] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.715836] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.716363] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.716878] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.717400] [ 224.717569] irq event stamp: 0 [ 224.717798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.718252] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.718877] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.719492] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.719951] ---[ end trace 0000000000000000 ]--- [ 224.722610] ------------[ cut here ]------------ [ 224.722973] WARNING: CPU: 0 PID: 2147 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.723724] Modules linked in: [ 224.723965] CPU: 0 PID: 2147 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.724607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.725430] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.725793] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.727158] RSP: 0018:ffff88800ff0fbd0 EFLAGS: 00010246 [ 224.727594] RAX: 0000000000000000 RBX: ffff888020ea80a8 RCX: 0000000000000000 [ 224.728131] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 224.728654] RBP: ffff88800ff0fbe8 R08: ffffed10041d5033 R09: ffffed10041d5033 [ 224.729169] R10: ffff888020ea8193 R11: ffffed10041d5032 R12: ffff88800a727400 [ 224.729683] R13: ffff888020ea81e8 R14: ffff888013dd1a00 R15: 0000000000000000 [ 224.730198] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.730805] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.731243] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.731761] PKRU: 55555554 [ 224.731969] Call Trace: [ 224.732157] [ 224.732325] iommufd_access_destroy_object+0x65/0x170 [ 224.732707] iommufd_object_destroy_user+0x18e/0x220 [ 224.733105] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.733536] iommufd_access_destroy+0x43/0x70 [ 224.733874] iommufd_test_staccess_release+0x8d/0xd0 [ 224.734253] __fput+0x26d/0xa40 [ 224.734526] ____fput+0x1e/0x30 [ 224.734779] task_work_run+0x1a4/0x2d0 [ 224.735073] ? __pfx_task_work_run+0x10/0x10 [ 224.735411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.735774] ? switch_task_namespaces+0xa9/0xe0 [ 224.736129] do_exit+0xb17/0x2ef0 [ 224.736386] ? lock_acquire+0x427/0x4c0 [ 224.736689] ? __pfx_lock_release+0x10/0x10 [ 224.737028] ? __kasan_check_write+0x18/0x20 [ 224.737355] ? do_raw_spin_lock+0x132/0x2a0 [ 224.737677] ? __pfx_do_exit+0x10/0x10 [ 224.737972] ? debug_smp_processor_id+0x20/0x30 [ 224.738318] ? rcu_is_watching+0x19/0xb0 [ 224.738642] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.738983] ? trace_hardirqs_on+0x26/0x120 [ 224.739318] do_group_exit+0xe0/0x2b0 [ 224.739603] __x64_sys_exit_group+0x47/0x50 [ 224.739921] do_syscall_64+0x3b/0x90 [ 224.740202] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.740590] RIP: 0033:0x7f4b87518a4d [ 224.740865] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.741311] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.741862] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.742384] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.742919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.743460] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.743978] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.744502] [ 224.744673] irq event stamp: 0 [ 224.744908] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.745367] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.745972] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.746596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.747055] ---[ end trace 0000000000000000 ]--- [ 224.747729] ------------[ cut here ]------------ [ 224.748080] WARNING: CPU: 0 PID: 2147 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.748821] Modules linked in: [ 224.749058] CPU: 0 PID: 2147 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.749699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.750553] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.750936] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.752264] RSP: 0018:ffff88800ff0fb78 EFLAGS: 00010246 [ 224.752650] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.753165] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 224.753679] RBP: ffff88800ff0fb98 R08: ffffed10041d503e R09: ffffed10041d503e [ 224.754194] R10: ffff888020ea81ef R11: ffffed10041d503d R12: ffff888020ea8290 [ 224.754733] R13: ffff888020ea80a8 R14: ffffffffffffffff R15: ffff88800ff0fc60 [ 224.755271] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.755864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.756296] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.756824] PKRU: 55555554 [ 224.757035] Call Trace: [ 224.757226] [ 224.757396] iommufd_ioas_destroy+0x53/0x70 [ 224.757725] iommufd_fops_release+0x1f7/0x370 [ 224.758068] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.758443] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.758827] ? write_comp_data+0x2f/0x90 [ 224.759146] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.759522] __fput+0x26d/0xa40 [ 224.759785] ____fput+0x1e/0x30 [ 224.760040] task_work_run+0x1a4/0x2d0 [ 224.760337] ? __pfx_task_work_run+0x10/0x10 [ 224.760671] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.761038] ? switch_task_namespaces+0xa9/0xe0 [ 224.761410] do_exit+0xb17/0x2ef0 [ 224.761672] ? lock_acquire+0x427/0x4c0 [ 224.761980] ? __pfx_lock_release+0x10/0x10 [ 224.762308] ? __kasan_check_write+0x18/0x20 [ 224.762658] ? do_raw_spin_lock+0x132/0x2a0 [ 224.762986] ? __pfx_do_exit+0x10/0x10 [ 224.763297] ? debug_smp_processor_id+0x20/0x30 [ 224.763652] ? rcu_is_watching+0x19/0xb0 [ 224.763960] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.764303] ? trace_hardirqs_on+0x26/0x120 [ 224.764636] do_group_exit+0xe0/0x2b0 [ 224.764925] __x64_sys_exit_group+0x47/0x50 [ 224.765247] do_syscall_64+0x3b/0x90 [ 224.765533] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.765929] RIP: 0033:0x7f4b87518a4d [ 224.766213] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.766692] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.767272] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.767803] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.768333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.768865] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.769396] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.769931] [ 224.770106] irq event stamp: 0 [ 224.770343] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.770839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.771480] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.772102] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.772573] ---[ end trace 0000000000000000 ]--- [ 224.777325] ------------[ cut here ]------------ [ 224.777707] WARNING: CPU: 0 PID: 2148 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.778454] Modules linked in: [ 224.778893] CPU: 0 PID: 2148 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.779556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.780384] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.780758] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.782096] RSP: 0018:ffff888018207bb8 EFLAGS: 00010246 [ 224.782493] RAX: 0000000000000000 RBX: ffff88800ff670a8 RCX: 0000000000000000 [ 224.783222] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 224.783746] RBP: ffff888018207bd0 R08: ffffed1001fece33 R09: ffffed1001fece33 [ 224.784273] R10: ffff88800ff67193 R11: ffffed1001fece32 R12: ffff888018b89c00 [ 224.784798] R13: ffff88800ff671e8 R14: ffffffff8352e670 R15: ffff888018207e68 [ 224.785325] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.785918] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.786348] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 224.786904] PKRU: 55555554 [ 224.787124] Call Trace: [ 224.787324] [ 224.787495] __iommufd_access_detach+0x1c2/0x2b0 [ 224.787863] iommufd_access_change_pt+0x149/0x270 [ 224.788233] iommufd_access_replace+0xb4/0x120 [ 224.788588] iommufd_test+0x3e5/0x37e0 [ 224.788882] ? lock_release+0x532/0x770 [ 224.789189] ? __might_fault+0x102/0x1b0 [ 224.789499] ? lock_acquire+0x427/0x4c0 [ 224.789807] ? __pfx_iommufd_test+0x10/0x10 [ 224.790127] ? __pfx_lock_release+0x10/0x10 [ 224.790460] ? __pfx_lock_acquire+0x10/0x10 [ 224.790811] ? write_comp_data+0x2f/0x90 [ 224.791132] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.791504] ? write_comp_data+0x2f/0x90 [ 224.791817] iommufd_fops_ioctl+0x37d/0x510 [ 224.792145] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.792513] ? write_comp_data+0x2f/0x90 [ 224.792826] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.793187] __x64_sys_ioctl+0x1a3/0x230 [ 224.793503] do_syscall_64+0x3b/0x90 [ 224.793793] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.794184] RIP: 0033:0x7f4b8743ee5d [ 224.794464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.795833] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.796400] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.796926] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.797453] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.797982] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.798533] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.799070] [ 224.799255] irq event stamp: 0 [ 224.799490] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.799957] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.800580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.801197] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.801663] ---[ end trace 0000000000000000 ]--- [ 224.804335] ------------[ cut here ]------------ [ 224.804717] WARNING: CPU: 0 PID: 2148 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.805463] Modules linked in: [ 224.805704] CPU: 0 PID: 2148 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.806347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.807221] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.807592] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.808934] RSP: 0018:ffff888018207bd0 EFLAGS: 00010246 [ 224.809330] RAX: 0000000000000000 RBX: ffff88800ff670a8 RCX: 0000000000000000 [ 224.809858] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 224.810383] RBP: ffff888018207be8 R08: ffffed1001fece33 R09: ffffed1001fece33 [ 224.810933] R10: ffff88800ff67193 R11: ffffed1001fece32 R12: ffff888013b64000 [ 224.811473] R13: ffff88800ff671e8 R14: ffff888013444200 R15: 0000000000000000 [ 224.811999] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.812625] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.813527] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.814068] PKRU: 55555554 [ 224.814280] Call Trace: [ 224.814472] [ 224.814663] iommufd_access_destroy_object+0x65/0x170 [ 224.815056] iommufd_object_destroy_user+0x18e/0x220 [ 224.815458] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.815931] iommufd_access_destroy+0x43/0x70 [ 224.816440] iommufd_test_staccess_release+0x8d/0xd0 [ 224.816840] __fput+0x26d/0xa40 [ 224.817109] ____fput+0x1e/0x30 [ 224.817370] task_work_run+0x1a4/0x2d0 [ 224.817675] ? __pfx_task_work_run+0x10/0x10 [ 224.818013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.818387] ? switch_task_namespaces+0xa9/0xe0 [ 224.818765] do_exit+0xb17/0x2ef0 [ 224.819030] ? lock_acquire+0x427/0x4c0 [ 224.819349] ? __pfx_lock_release+0x10/0x10 [ 224.819682] ? __kasan_check_write+0x18/0x20 [ 224.820019] ? do_raw_spin_lock+0x132/0x2a0 [ 224.820449] ? __pfx_do_exit+0x10/0x10 [ 224.820836] ? debug_smp_processor_id+0x20/0x30 [ 224.821197] ? rcu_is_watching+0x19/0xb0 [ 224.821509] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.821859] ? trace_hardirqs_on+0x26/0x120 [ 224.822195] do_group_exit+0xe0/0x2b0 [ 224.822495] __x64_sys_exit_group+0x47/0x50 [ 224.822850] do_syscall_64+0x3b/0x90 [ 224.823151] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.823558] RIP: 0033:0x7f4b87518a4d [ 224.823933] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.824489] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.825066] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.825604] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.826141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.826799] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.827437] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.827989] [ 224.828167] irq event stamp: 0 [ 224.828405] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.828886] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.829524] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.830265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.830858] ---[ end trace 0000000000000000 ]--- [ 224.831554] ------------[ cut here ]------------ [ 224.831918] WARNING: CPU: 0 PID: 2148 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.832694] Modules linked in: [ 224.832942] CPU: 0 PID: 2148 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.833706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.834684] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.835084] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.836472] RSP: 0018:ffff888018207b78 EFLAGS: 00010246 [ 224.836992] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.837645] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 224.838202] RBP: ffff888018207b98 R08: ffffed1001fece3e R09: ffffed1001fece3e [ 224.838772] R10: ffff88800ff671ef R11: ffffed1001fece3d R12: ffff88800ff67290 [ 224.839339] R13: ffff88800ff670a8 R14: ffffffffffffffff R15: ffff888018207c60 [ 224.839895] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.840734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.841188] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.841748] PKRU: 55555554 [ 224.841970] Call Trace: [ 224.842172] [ 224.842351] iommufd_ioas_destroy+0x53/0x70 [ 224.842716] iommufd_fops_release+0x1f7/0x370 [ 224.843027] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 224.843074] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.845354] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 224.845680] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.847621] ? write_comp_data+0x2f/0x90 [ 224.847949] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.848342] __fput+0x26d/0xa40 [ 224.848617] ____fput+0x1e/0x30 [ 224.848886] task_work_run+0x1a4/0x2d0 [ 224.849199] ? __pfx_task_work_run+0x10/0x10 [ 224.849548] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.849932] ? switch_task_namespaces+0xa9/0xe0 [ 224.850306] do_exit+0xb17/0x2ef0 [ 224.850590] ? lock_acquire+0x427/0x4c0 [ 224.850912] ? __pfx_lock_release+0x10/0x10 [ 224.851389] ? __kasan_check_write+0x18/0x20 [ 224.851857] ? do_raw_spin_lock+0x132/0x2a0 [ 224.852202] ? __pfx_do_exit+0x10/0x10 [ 224.852520] ? debug_smp_processor_id+0x20/0x30 [ 224.852891] ? rcu_is_watching+0x19/0xb0 [ 224.853213] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.853573] ? trace_hardirqs_on+0x26/0x120 [ 224.853917] do_group_exit+0xe0/0x2b0 [ 224.854326] __x64_sys_exit_group+0x47/0x50 [ 224.854769] do_syscall_64+0x3b/0x90 [ 224.855072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.855489] RIP: 0033:0x7f4b87518a4d [ 224.855783] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.856265] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.856857] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.857414] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.857965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.858546] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.859104] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.859676] [ 224.859862] irq event stamp: 0 [ 224.860110] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.860812] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.861469] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.862124] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.862637] ---[ end trace 0000000000000000 ]--- [ 224.876419] ------------[ cut here ]------------ [ 224.876819] WARNING: CPU: 0 PID: 2150 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.877607] Modules linked in: [ 224.877858] CPU: 0 PID: 2150 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.878726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.879613] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.880003] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.881673] RSP: 0018:ffff888021b77bb8 EFLAGS: 00010246 [ 224.882092] RAX: 0000000000000000 RBX: ffff8880146ea0a8 RCX: 0000000000000000 [ 224.882663] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 224.883224] RBP: ffff888021b77bd0 R08: ffffed10028dd433 R09: ffffed10028dd433 [ 224.883780] R10: ffff8880146ea193 R11: ffffed10028dd432 R12: ffff888017b95c00 [ 224.884443] R13: ffff8880146ea1e8 R14: ffffffff8352e670 R15: ffff888021b77e68 [ 224.885089] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.885720] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.886175] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 224.886755] PKRU: 55555554 [ 224.886982] Call Trace: [ 224.887192] [ 224.887371] __iommufd_access_detach+0x1c2/0x2b0 [ 224.887864] iommufd_access_change_pt+0x149/0x270 [ 224.888348] iommufd_access_replace+0xb4/0x120 [ 224.888719] iommufd_test+0x3e5/0x37e0 [ 224.889025] ? lock_release+0x532/0x770 [ 224.889348] ? __might_fault+0x102/0x1b0 [ 224.889676] ? lock_acquire+0x427/0x4c0 [ 224.889998] ? __pfx_iommufd_test+0x10/0x10 [ 224.890339] ? __pfx_lock_release+0x10/0x10 [ 224.890717] ? __pfx_lock_acquire+0x10/0x10 [ 224.891255] ? write_comp_data+0x2f/0x90 [ 224.891592] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.891981] ? write_comp_data+0x2f/0x90 [ 224.892309] iommufd_fops_ioctl+0x37d/0x510 [ 224.892654] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.893038] ? write_comp_data+0x2f/0x90 [ 224.893365] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.893748] __x64_sys_ioctl+0x1a3/0x230 [ 224.894078] do_syscall_64+0x3b/0x90 [ 224.894426] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.894977] RIP: 0033:0x7f4b8743ee5d [ 224.895281] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.896697] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.897290] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.897847] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.898600] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.899166] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.899722] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.900287] [ 224.900472] irq event stamp: 0 [ 224.900722] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.901213] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.901863] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.902538] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.903034] ---[ end trace 0000000000000000 ]--- [ 224.905784] ------------[ cut here ]------------ [ 224.906176] WARNING: CPU: 0 PID: 2150 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.907002] Modules linked in: [ 224.907268] CPU: 0 PID: 2150 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.908187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.909064] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.909456] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.911111] RSP: 0018:ffff888021b77bd0 EFLAGS: 00010246 [ 224.911537] RAX: 0000000000000000 RBX: ffff8880146ea0a8 RCX: 0000000000000000 [ 224.912090] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 224.912647] RBP: ffff888021b77be8 R08: ffffed10028dd433 R09: ffffed10028dd433 [ 224.913201] R10: ffff8880146ea193 R11: ffffed10028dd432 R12: ffff888018b88c00 [ 224.913754] R13: ffff8880146ea1e8 R14: ffff888020c53600 R15: 0000000000000000 [ 224.914309] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.914959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.915429] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 224.915990] PKRU: 55555554 [ 224.916327] Call Trace: [ 224.916630] [ 224.916812] iommufd_access_destroy_object+0x65/0x170 [ 224.917225] iommufd_object_destroy_user+0x18e/0x220 [ 224.917631] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 224.918095] iommufd_access_destroy+0x43/0x70 [ 224.918456] iommufd_test_staccess_release+0x8d/0xd0 [ 224.918893] __fput+0x26d/0xa40 [ 224.919176] ____fput+0x1e/0x30 [ 224.919445] task_work_run+0x1a4/0x2d0 [ 224.919762] ? __pfx_task_work_run+0x10/0x10 [ 224.920117] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.920508] ? switch_task_namespaces+0xa9/0xe0 [ 224.920885] do_exit+0xb17/0x2ef0 [ 224.921160] ? lock_acquire+0x427/0x4c0 [ 224.921481] ? __pfx_lock_release+0x10/0x10 [ 224.921827] ? __kasan_check_write+0x18/0x20 [ 224.922179] ? do_raw_spin_lock+0x132/0x2a0 [ 224.922539] ? __pfx_do_exit+0x10/0x10 [ 224.922856] ? debug_smp_processor_id+0x20/0x30 [ 224.923240] ? rcu_is_watching+0x19/0xb0 [ 224.923575] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.923948] ? trace_hardirqs_on+0x26/0x120 [ 224.924309] do_group_exit+0xe0/0x2b0 [ 224.924718] __x64_sys_exit_group+0x47/0x50 [ 224.925176] do_syscall_64+0x3b/0x90 [ 224.925490] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.925913] RIP: 0033:0x7f4b87518a4d [ 224.926213] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.926717] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.927503] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.928074] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.928641] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.929216] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.929801] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.930391] [ 224.930605] irq event stamp: 0 [ 224.930867] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.931393] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.932085] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.932989] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.933507] ---[ end trace 0000000000000000 ]--- [ 224.935784] ------------[ cut here ]------------ [ 224.936192] WARNING: CPU: 0 PID: 2150 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 224.937119] Modules linked in: [ 224.937500] CPU: 0 PID: 2150 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.938209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.939193] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 224.939629] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 224.941237] RSP: 0018:ffff888021b77b78 EFLAGS: 00010246 [ 224.941675] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 224.942253] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 224.942843] RBP: ffff888021b77b98 R08: ffffed10028dd43e R09: ffffed10028dd43e [ 224.943429] R10: ffff8880146ea1ef R11: ffffed10028dd43d R12: ffff8880146ea290 [ 224.944007] R13: ffff8880146ea0a8 R14: ffffffffffffffff R15: ffff888021b77c60 [ 224.944583] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.945232] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.945701] CR2: 00007f82e2a7c000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 224.946281] PKRU: 55555554 [ 224.946528] Call Trace: [ 224.946739] [ 224.946927] iommufd_ioas_destroy+0x53/0x70 [ 224.947300] iommufd_fops_release+0x1f7/0x370 [ 224.947673] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.948084] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.948493] ? write_comp_data+0x2f/0x90 [ 224.948836] ? __pfx_iommufd_fops_release+0x10/0x10 [ 224.949246] __fput+0x26d/0xa40 [ 224.949532] ____fput+0x1e/0x30 [ 224.949811] task_work_run+0x1a4/0x2d0 [ 224.950137] ? __pfx_task_work_run+0x10/0x10 [ 224.950506] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.950924] ? switch_task_namespaces+0xa9/0xe0 [ 224.951325] do_exit+0xb17/0x2ef0 [ 224.951612] ? lock_acquire+0x427/0x4c0 [ 224.951944] ? __pfx_lock_release+0x10/0x10 [ 224.952300] ? __kasan_check_write+0x18/0x20 [ 224.952663] ? do_raw_spin_lock+0x132/0x2a0 [ 224.953016] ? __pfx_do_exit+0x10/0x10 [ 224.953341] ? debug_smp_processor_id+0x20/0x30 [ 224.953723] ? rcu_is_watching+0x19/0xb0 [ 224.954055] ? _raw_spin_unlock_irq+0x2b/0x60 [ 224.954432] ? trace_hardirqs_on+0x26/0x120 [ 224.954803] do_group_exit+0xe0/0x2b0 [ 224.955121] __x64_sys_exit_group+0x47/0x50 [ 224.955477] do_syscall_64+0x3b/0x90 [ 224.955790] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.956217] RIP: 0033:0x7f4b87518a4d [ 224.956520] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 224.957021] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 224.957635] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 224.958207] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 224.958793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 224.959374] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 224.959951] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 224.960537] [ 224.960730] irq event stamp: 0 [ 224.960986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.961500] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.962178] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.962878] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.963405] ---[ end trace 0000000000000000 ]--- [ 224.967713] ------------[ cut here ]------------ [ 224.968117] WARNING: CPU: 0 PID: 2151 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 224.969050] Modules linked in: [ 224.969403] CPU: 0 PID: 2151 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 224.970111] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 224.971045] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 224.971492] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 224.973111] RSP: 0018:ffff888017a9fbb8 EFLAGS: 00010246 [ 224.973542] RAX: 0000000000000000 RBX: ffff88800cb910a8 RCX: 0000000000000000 [ 224.974221] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 224.974897] RBP: ffff888017a9fbd0 R08: ffffed1001972233 R09: ffffed1001972233 [ 224.975494] R10: ffff88800cb91193 R11: ffffed1001972232 R12: ffff88801226f800 [ 224.976073] R13: ffff88800cb911e8 R14: ffffffff8352e670 R15: ffff888017a9fe68 [ 224.976652] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 224.977301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 224.978007] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 224.978620] PKRU: 55555554 [ 224.978858] Call Trace: [ 224.979066] [ 224.979262] __iommufd_access_detach+0x1c2/0x2b0 [ 224.979670] iommufd_access_change_pt+0x149/0x270 [ 224.980076] iommufd_access_replace+0xb4/0x120 [ 224.980465] iommufd_test+0x3e5/0x37e0 [ 224.980787] ? lock_release+0x532/0x770 [ 224.981137] ? __might_fault+0x102/0x1b0 [ 224.981600] ? lock_acquire+0x427/0x4c0 [ 224.982037] ? __pfx_iommufd_test+0x10/0x10 [ 224.982392] ? __pfx_lock_release+0x10/0x10 [ 224.982776] ? __pfx_lock_acquire+0x10/0x10 [ 224.983149] ? write_comp_data+0x2f/0x90 [ 224.983497] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 224.983902] ? write_comp_data+0x2f/0x90 [ 224.984247] iommufd_fops_ioctl+0x37d/0x510 [ 224.984604] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.985008] ? write_comp_data+0x2f/0x90 [ 224.985465] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 224.985978] __x64_sys_ioctl+0x1a3/0x230 [ 224.986323] do_syscall_64+0x3b/0x90 [ 224.986660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 224.987091] RIP: 0033:0x7f4b8743ee5d [ 224.987412] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 224.988885] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 224.989713] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 224.990289] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 224.990886] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 224.991478] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 224.992055] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 224.992676] [ 224.992929] irq event stamp: 0 [ 224.993286] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 224.993808] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 224.994493] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 224.995220] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 224.995737] ---[ end trace 0000000000000000 ]--- [ 224.999159] ------------[ cut here ]------------ [ 224.999566] WARNING: CPU: 0 PID: 2151 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.000545] Modules linked in: [ 225.000807] CPU: 0 PID: 2151 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.001513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.002496] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.003087] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.004565] RSP: 0018:ffff888017a9fbd0 EFLAGS: 00010246 [ 225.005001] RAX: 0000000000000000 RBX: ffff88800cb910a8 RCX: 0000000000000000 [ 225.005725] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 225.006301] RBP: ffff888017a9fbe8 R08: ffffed1001972233 R09: ffffed1001972233 [ 225.006899] R10: ffff88800cb91193 R11: ffffed1001972232 R12: ffff888017b94c00 [ 225.007490] R13: ffff88800cb911e8 R14: ffff88801239da00 R15: 0000000000000000 [ 225.008223] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.008876] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.009353] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 225.009935] PKRU: 55555554 [ 225.010203] Call Trace: [ 225.010571] [ 225.010759] iommufd_access_destroy_object+0x65/0x170 [ 225.011206] iommufd_object_destroy_user+0x18e/0x220 [ 225.011629] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.012105] iommufd_access_destroy+0x43/0x70 [ 225.012479] iommufd_test_staccess_release+0x8d/0xd0 [ 225.012942] __fput+0x26d/0xa40 [ 225.013329] ____fput+0x1e/0x30 [ 225.013609] task_work_run+0x1a4/0x2d0 [ 225.013939] ? __pfx_task_work_run+0x10/0x10 [ 225.014306] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.014729] ? switch_task_namespaces+0xa9/0xe0 [ 225.015127] do_exit+0xb17/0x2ef0 [ 225.015419] ? lock_acquire+0x427/0x4c0 [ 225.015827] ? __pfx_lock_release+0x10/0x10 [ 225.016300] ? __kasan_check_write+0x18/0x20 [ 225.016666] ? do_raw_spin_lock+0x132/0x2a0 [ 225.017020] ? __pfx_do_exit+0x10/0x10 [ 225.017352] ? debug_smp_processor_id+0x20/0x30 [ 225.017740] ? rcu_is_watching+0x19/0xb0 [ 225.018117] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.018615] ? trace_hardirqs_on+0x26/0x120 [ 225.018978] do_group_exit+0xe0/0x2b0 [ 225.019307] __x64_sys_exit_group+0x47/0x50 [ 225.019664] do_syscall_64+0x3b/0x90 [ 225.019978] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.020414] RIP: 0033:0x7f4b87518a4d [ 225.020719] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.021294] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.022011] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.022606] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.023192] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.023770] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.024358] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.025015] [ 225.025328] irq event stamp: 0 [ 225.025596] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.026124] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.026853] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.027649] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.028307] ---[ end trace 0000000000000000 ]--- [ 225.029127] ------------[ cut here ]------------ [ 225.029541] WARNING: CPU: 0 PID: 2151 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.030617] Modules linked in: [ 225.030895] CPU: 0 PID: 2151 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.031652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.032646] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.033186] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.034884] RSP: 0018:ffff888017a9fb78 EFLAGS: 00010246 [ 225.035353] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.036038] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 225.036776] RBP: ffff888017a9fb98 R08: ffffed100197223e R09: ffffed100197223e [ 225.037386] R10: ffff88800cb911ef R11: ffffed100197223d R12: ffff88800cb91290 [ 225.038001] R13: ffff88800cb910a8 R14: ffffffffffffffff R15: ffff888017a9fc60 [ 225.038660] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.039368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.039873] CR2: 00007f4b875fca50 CR3: 00000000141f6000 CR4: 0000000000750ef0 [ 225.040691] PKRU: 55555554 [ 225.040937] Call Trace: [ 225.041160] [ 225.041357] iommufd_ioas_destroy+0x53/0x70 [ 225.041742] iommufd_fops_release+0x1f7/0x370 [ 225.042140] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.042593] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.043020] ? write_comp_data+0x2f/0x90 [ 225.043394] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.043833] __fput+0x26d/0xa40 [ 225.044136] ____fput+0x1e/0x30 [ 225.044435] task_work_run+0x1a4/0x2d0 [ 225.044785] ? __pfx_task_work_run+0x10/0x10 [ 225.045173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.045600] ? switch_task_namespaces+0xa9/0xe0 [ 225.046010] do_exit+0xb17/0x2ef0 [ 225.046311] ? lock_acquire+0x427/0x4c0 [ 225.046683] ? __pfx_lock_release+0x10/0x10 [ 225.047075] ? __kasan_check_write+0x18/0x20 [ 225.047470] ? do_raw_spin_lock+0x132/0x2a0 [ 225.047847] ? __pfx_do_exit+0x10/0x10 [ 225.048191] ? debug_smp_processor_id+0x20/0x30 [ 225.048600] ? rcu_is_watching+0x19/0xb0 [ 225.048959] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.049360] ? trace_hardirqs_on+0x26/0x120 [ 225.049741] do_group_exit+0xe0/0x2b0 [ 225.050071] __x64_sys_exit_group+0x47/0x50 [ 225.050439] do_syscall_64+0x3b/0x90 [ 225.050788] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.051253] RIP: 0033:0x7f4b87518a4d [ 225.051575] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.052100] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.052750] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.053366] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.053974] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.054600] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.055217] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.055833] [ 225.056037] irq event stamp: 0 [ 225.056311] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.056850] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.057575] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.058294] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.058864] ---[ end trace 0000000000000000 ]--- [ 225.066051] ------------[ cut here ]------------ [ 225.066500] WARNING: CPU: 0 PID: 2152 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.067456] Modules linked in: [ 225.067733] CPU: 0 PID: 2152 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.068483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.069448] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.069879] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.071911] RSP: 0018:ffff888016fa7bb8 EFLAGS: 00010246 [ 225.072378] RAX: 0000000000000000 RBX: ffff888010b9c8a8 RCX: 0000000000000000 [ 225.072990] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 225.073605] RBP: ffff888016fa7bd0 R08: ffffed1002173933 R09: ffffed1002173933 [ 225.074222] R10: ffff888010b9c993 R11: ffffed1002173932 R12: ffff88801890c800 [ 225.074862] R13: ffff888010b9c9e8 R14: ffffffff8352e670 R15: ffff888016fa7e68 [ 225.075493] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.076187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.076693] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 225.077312] PKRU: 55555554 [ 225.077559] Call Trace: [ 225.077782] [ 225.077983] __iommufd_access_detach+0x1c2/0x2b0 [ 225.078410] iommufd_access_change_pt+0x149/0x270 [ 225.078857] iommufd_access_replace+0xb4/0x120 [ 225.079281] iommufd_test+0x3e5/0x37e0 [ 225.079624] ? lock_release+0x532/0x770 [ 225.079975] ? __might_fault+0x102/0x1b0 [ 225.080332] ? lock_acquire+0x427/0x4c0 [ 225.080683] ? __pfx_iommufd_test+0x10/0x10 [ 225.081052] ? __pfx_lock_release+0x10/0x10 [ 225.081432] ? __pfx_lock_acquire+0x10/0x10 [ 225.081799] ? write_comp_data+0x2f/0x90 [ 225.082145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.082579] ? write_comp_data+0x2f/0x90 [ 225.082926] iommufd_fops_ioctl+0x37d/0x510 [ 225.083300] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.083710] ? write_comp_data+0x2f/0x90 [ 225.084053] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.084455] __x64_sys_ioctl+0x1a3/0x230 [ 225.084803] do_syscall_64+0x3b/0x90 [ 225.085118] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.085548] RIP: 0033:0x7f4b8743ee5d [ 225.085859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.087369] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.087998] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.088586] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.089165] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.089748] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.090330] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.090938] [ 225.091139] irq event stamp: 0 [ 225.091406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.091924] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.092606] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.093290] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.093806] ---[ end trace 0000000000000000 ]--- [ 225.096886] ------------[ cut here ]------------ [ 225.097285] WARNING: CPU: 0 PID: 2152 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.098099] Modules linked in: [ 225.098361] CPU: 0 PID: 2152 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.099307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.100224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.100637] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.102136] RSP: 0018:ffff888016fa7bd0 EFLAGS: 00010246 [ 225.102751] RAX: 0000000000000000 RBX: ffff888010b9c8a8 RCX: 0000000000000000 [ 225.103336] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 225.103912] RBP: ffff888016fa7be8 R08: ffffed1002173933 R09: ffffed1002173933 [ 225.104486] R10: ffff888010b9c993 R11: ffffed1002173932 R12: ffff88801226d000 [ 225.105058] R13: ffff888010b9c9e8 R14: ffff888012b8f900 R15: 0000000000000000 [ 225.105714] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.106471] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.106961] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 225.107553] PKRU: 55555554 [ 225.107785] Call Trace: [ 225.107992] [ 225.108177] iommufd_access_destroy_object+0x65/0x170 [ 225.108602] iommufd_object_destroy_user+0x18e/0x220 [ 225.109051] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.109666] iommufd_access_destroy+0x43/0x70 [ 225.110044] iommufd_test_staccess_release+0x8d/0xd0 [ 225.110465] __fput+0x26d/0xa40 [ 225.110769] ____fput+0x1e/0x30 [ 225.111048] task_work_run+0x1a4/0x2d0 [ 225.111383] ? __pfx_task_work_run+0x10/0x10 [ 225.111764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.112175] ? switch_task_namespaces+0xa9/0xe0 [ 225.112568] do_exit+0xb17/0x2ef0 [ 225.112885] ? lock_acquire+0x427/0x4c0 [ 225.113367] ? __pfx_lock_release+0x10/0x10 [ 225.113728] ? __kasan_check_write+0x18/0x20 [ 225.114089] ? do_raw_spin_lock+0x132/0x2a0 [ 225.114444] ? __pfx_do_exit+0x10/0x10 [ 225.114792] ? debug_smp_processor_id+0x20/0x30 [ 225.115188] ? rcu_is_watching+0x19/0xb0 [ 225.115528] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.115907] ? trace_hardirqs_on+0x26/0x120 [ 225.116434] do_group_exit+0xe0/0x2b0 [ 225.116749] __x64_sys_exit_group+0x47/0x50 [ 225.117095] do_syscall_64+0x3b/0x90 [ 225.117414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.117846] RIP: 0033:0x7f4b87518a4d [ 225.118150] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.118670] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.119493] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.120076] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.120651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.121223] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.121813] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.122595] [ 225.122792] irq event stamp: 0 [ 225.123055] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.123586] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.124288] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.124981] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.125705] ---[ end trace 0000000000000000 ]--- [ 225.127450] ------------[ cut here ]------------ [ 225.127858] WARNING: CPU: 0 PID: 2152 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.128746] Modules linked in: [ 225.129147] CPU: 0 PID: 2152 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.129864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.130805] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.131240] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.132895] RSP: 0018:ffff888016fa7b78 EFLAGS: 00010246 [ 225.133338] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.133920] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 225.134523] RBP: ffff888016fa7b98 R08: ffffed100217393e R09: ffffed100217393e [ 225.135106] R10: ffff888010b9c9ef R11: ffffed100217393d R12: ffff888010b9ca90 [ 225.135884] R13: ffff888010b9c8a8 R14: ffffffffffffffff R15: ffff888016fa7c60 [ 225.136475] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.137158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.137662] CR2: 00007f82e2a97008 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 225.138291] PKRU: 55555554 [ 225.138626] Call Trace: [ 225.138981] [ 225.139192] iommufd_ioas_destroy+0x53/0x70 [ 225.139573] iommufd_fops_release+0x1f7/0x370 [ 225.139969] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.140401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.140830] ? write_comp_data+0x2f/0x90 [ 225.141200] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.141670] __fput+0x26d/0xa40 [ 225.142140] ____fput+0x1e/0x30 [ 225.142444] task_work_run+0x1a4/0x2d0 [ 225.142822] ? __pfx_task_work_run+0x10/0x10 [ 225.143233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.143669] ? switch_task_namespaces+0xa9/0xe0 [ 225.144099] do_exit+0xb17/0x2ef0 [ 225.144408] ? lock_acquire+0x427/0x4c0 [ 225.144773] ? __pfx_lock_release+0x10/0x10 [ 225.145230] ? __kasan_check_write+0x18/0x20 [ 225.145755] ? do_raw_spin_lock+0x132/0x2a0 [ 225.146138] ? __pfx_do_exit+0x10/0x10 [ 225.146489] ? debug_smp_processor_id+0x20/0x30 [ 225.146929] ? rcu_is_watching+0x19/0xb0 [ 225.147301] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.147707] ? trace_hardirqs_on+0x26/0x120 [ 225.148093] do_group_exit+0xe0/0x2b0 [ 225.148483] __x64_sys_exit_group+0x47/0x50 [ 225.149014] do_syscall_64+0x3b/0x90 [ 225.149362] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.149820] RIP: 0033:0x7f4b87518a4d [ 225.150150] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.150706] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.151378] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.152088] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.152835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.153455] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.154069] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.154713] [ 225.154919] irq event stamp: 0 [ 225.155204] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.155973] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.156750] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.157516] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.158097] ---[ end trace 0000000000000000 ]--- [ 225.164181] ------------[ cut here ]------------ [ 225.164658] WARNING: CPU: 0 PID: 2153 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.165621] Modules linked in: [ 225.166128] CPU: 0 PID: 2153 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.167016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.168065] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.168535] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.170419] RSP: 0018:ffff8880162ffbb8 EFLAGS: 00010246 [ 225.170947] RAX: 0000000000000000 RBX: ffff888011c978a8 RCX: 0000000000000000 [ 225.171612] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 225.172264] RBP: ffff8880162ffbd0 R08: ffffed1002392f33 R09: ffffed1002392f33 [ 225.172917] R10: ffff888011c97993 R11: ffffed1002392f32 R12: ffff888014391c00 [ 225.173573] R13: ffff888011c979e8 R14: ffffffff8352e670 R15: ffff8880162ffe68 [ 225.174233] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.175009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.175558] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 225.176233] PKRU: 55555554 [ 225.176502] Call Trace: [ 225.176742] [ 225.176958] __iommufd_access_detach+0x1c2/0x2b0 [ 225.177433] iommufd_access_change_pt+0x149/0x270 [ 225.177898] iommufd_access_replace+0xb4/0x120 [ 225.178340] iommufd_test+0x3e5/0x37e0 [ 225.178732] ? lock_release+0x532/0x770 [ 225.179125] ? __might_fault+0x102/0x1b0 [ 225.179518] ? lock_acquire+0x427/0x4c0 [ 225.179904] ? __pfx_iommufd_test+0x10/0x10 [ 225.180307] ? __pfx_lock_release+0x10/0x10 [ 225.180721] ? __pfx_lock_acquire+0x10/0x10 [ 225.181137] ? write_comp_data+0x2f/0x90 [ 225.181533] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.182000] ? write_comp_data+0x2f/0x90 [ 225.182392] iommufd_fops_ioctl+0x37d/0x510 [ 225.182830] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.183304] ? write_comp_data+0x2f/0x90 [ 225.183703] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.184177] __x64_sys_ioctl+0x1a3/0x230 [ 225.184578] do_syscall_64+0x3b/0x90 [ 225.184947] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.185439] RIP: 0033:0x7f4b8743ee5d [ 225.185793] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.187524] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.188252] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.188917] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.189584] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.190243] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.190935] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.191620] [ 225.191845] irq event stamp: 0 [ 225.192141] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.192729] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.193512] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.194282] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.194895] ---[ end trace 0000000000000000 ]--- [ 225.198331] ------------[ cut here ]------------ [ 225.199094] WARNING: CPU: 0 PID: 2153 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.200387] Modules linked in: [ 225.200694] CPU: 0 PID: 2153 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.201512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.202583] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.203059] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.205047] RSP: 0018:ffff8880162ffbd0 EFLAGS: 00010246 [ 225.205550] RAX: 0000000000000000 RBX: ffff888011c978a8 RCX: 0000000000000000 [ 225.206212] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 225.206914] RBP: ffff8880162ffbe8 R08: ffffed1002392f33 R09: ffffed1002392f33 [ 225.207600] R10: ffff888011c97993 R11: ffffed1002392f32 R12: ffff88801890f400 [ 225.208511] R13: ffff888011c979e8 R14: ffff8880143fda00 R15: 0000000000000000 [ 225.209215] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.210025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.210644] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 225.211405] PKRU: 55555554 [ 225.211703] Call Trace: [ 225.211966] [ 225.212273] iommufd_access_destroy_object+0x65/0x170 [ 225.213089] iommufd_object_destroy_user+0x18e/0x220 [ 225.213617] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.214217] iommufd_access_destroy+0x43/0x70 [ 225.214724] iommufd_test_staccess_release+0x8d/0xd0 [ 225.215278] __fput+0x26d/0xa40 [ 225.215640] ____fput+0x1e/0x30 [ 225.215988] task_work_run+0x1a4/0x2d0 [ 225.216398] ? __pfx_task_work_run+0x10/0x10 [ 225.216910] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.217574] ? switch_task_namespaces+0xa9/0xe0 [ 225.218236] do_exit+0xb17/0x2ef0 [ 225.218619] ? lock_acquire+0x427/0x4c0 [ 225.219038] ? __pfx_lock_release+0x10/0x10 [ 225.219499] ? __kasan_check_write+0x18/0x20 [ 225.219950] ? do_raw_spin_lock+0x132/0x2a0 [ 225.220392] ? __pfx_do_exit+0x10/0x10 [ 225.220801] ? debug_smp_processor_id+0x20/0x30 [ 225.221288] ? rcu_is_watching+0x19/0xb0 [ 225.221734] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.222378] ? trace_hardirqs_on+0x26/0x120 [ 225.223060] do_group_exit+0xe0/0x2b0 [ 225.223472] __x64_sys_exit_group+0x47/0x50 [ 225.223920] do_syscall_64+0x3b/0x90 [ 225.224322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.224861] RIP: 0033:0x7f4b87518a4d [ 225.225244] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.225871] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.226839] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.227829] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.228557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.229281] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.230017] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.230796] [ 225.231103] irq event stamp: 0 [ 225.231576] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.232384] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.233235] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.234076] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.234755] ---[ end trace 0000000000000000 ]--- [ 225.236094] ------------[ cut here ]------------ [ 225.236590] WARNING: CPU: 0 PID: 2153 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.237626] Modules linked in: [ 225.237963] CPU: 0 PID: 2153 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.238903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.240294] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.240945] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.242809] RSP: 0018:ffff8880162ffb78 EFLAGS: 00010246 [ 225.243372] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.244227] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 225.245120] RBP: ffff8880162ffb98 R08: ffffed1002392f3e R09: ffffed1002392f3e [ 225.245839] R10: ffff888011c979ef R11: ffffed1002392f3d R12: ffff888011c97a90 [ 225.246586] R13: ffff888011c978a8 R14: ffffffffffffffff R15: ffff8880162ffc60 [ 225.247321] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.248342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.249182] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 225.249907] PKRU: 55555554 [ 225.250200] Call Trace: [ 225.250460] [ 225.250715] iommufd_ioas_destroy+0x53/0x70 [ 225.251184] iommufd_fops_release+0x1f7/0x370 [ 225.251662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.252319] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.253081] ? write_comp_data+0x2f/0x90 [ 225.253522] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.254038] __fput+0x26d/0xa40 [ 225.254394] ____fput+0x1e/0x30 [ 225.254774] task_work_run+0x1a4/0x2d0 [ 225.255207] ? __pfx_task_work_run+0x10/0x10 [ 225.255670] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.256237] ? switch_task_namespaces+0xa9/0xe0 [ 225.257029] do_exit+0xb17/0x2ef0 [ 225.257390] ? lock_acquire+0x427/0x4c0 [ 225.257810] ? __pfx_lock_release+0x10/0x10 [ 225.258265] ? __kasan_check_write+0x18/0x20 [ 225.258742] ? do_raw_spin_lock+0x132/0x2a0 [ 225.259187] ? __pfx_do_exit+0x10/0x10 [ 225.259602] ? debug_smp_processor_id+0x20/0x30 [ 225.260168] ? rcu_is_watching+0x19/0xb0 [ 225.260724] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.261360] ? trace_hardirqs_on+0x26/0x120 [ 225.261814] do_group_exit+0xe0/0x2b0 [ 225.262209] __x64_sys_exit_group+0x47/0x50 [ 225.262676] do_syscall_64+0x3b/0x90 [ 225.263066] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.263618] RIP: 0033:0x7f4b87518a4d [ 225.264014] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.264851] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.265911] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.266670] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.267405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.268136] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.268992] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.270045] [ 225.270289] irq event stamp: 0 [ 225.270640] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.271291] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.272139] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.273064] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.273906] ---[ end trace 0000000000000000 ]--- [ 225.281780] ------------[ cut here ]------------ [ 225.282415] WARNING: CPU: 0 PID: 2154 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.283697] Modules linked in: [ 225.284029] CPU: 0 PID: 2154 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.284913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.286054] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.286596] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.288454] RSP: 0018:ffff888015817bb8 EFLAGS: 00010246 [ 225.288990] RAX: 0000000000000000 RBX: ffff888012e058a8 RCX: 0000000000000000 [ 225.289702] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 225.290417] RBP: ffff888015817bd0 R08: ffffed10025c0b33 R09: ffffed10025c0b33 [ 225.291185] R10: ffff888012e05993 R11: ffffed10025c0b32 R12: ffff888017b97000 [ 225.291917] R13: ffff888012e059e8 R14: ffffffff8352e670 R15: ffff888015817e68 [ 225.292642] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.293473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.294079] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 225.294853] PKRU: 55555554 [ 225.295158] Call Trace: [ 225.295419] [ 225.295650] __iommufd_access_detach+0x1c2/0x2b0 [ 225.296151] iommufd_access_change_pt+0x149/0x270 [ 225.296647] iommufd_access_replace+0xb4/0x120 [ 225.297119] iommufd_test+0x3e5/0x37e0 [ 225.297513] ? lock_release+0x532/0x770 [ 225.297930] ? __might_fault+0x102/0x1b0 [ 225.298352] ? lock_acquire+0x427/0x4c0 [ 225.298784] ? __pfx_iommufd_test+0x10/0x10 [ 225.299227] ? __pfx_lock_release+0x10/0x10 [ 225.299671] ? __pfx_lock_acquire+0x10/0x10 [ 225.300116] ? write_comp_data+0x2f/0x90 [ 225.300537] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.301031] ? write_comp_data+0x2f/0x90 [ 225.301449] iommufd_fops_ioctl+0x37d/0x510 [ 225.301890] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.302387] ? write_comp_data+0x2f/0x90 [ 225.302842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.303356] __x64_sys_ioctl+0x1a3/0x230 [ 225.303786] do_syscall_64+0x3b/0x90 [ 225.304178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.304716] RIP: 0033:0x7f4b8743ee5d [ 225.305093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.306963] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.307772] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.308492] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.309216] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.309952] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.310718] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.311461] [ 225.311688] irq event stamp: 0 [ 225.312007] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.312636] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.313473] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.314320] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.314978] ---[ end trace 0000000000000000 ]--- [ 225.318732] ------------[ cut here ]------------ [ 225.319275] WARNING: CPU: 0 PID: 2154 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.320298] Modules linked in: [ 225.320737] CPU: 0 PID: 2154 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.321916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.323094] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.323619] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.325502] RSP: 0018:ffff888015817bd0 EFLAGS: 00010246 [ 225.326201] RAX: 0000000000000000 RBX: ffff888012e058a8 RCX: 0000000000000000 [ 225.327096] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 225.327832] RBP: ffff888015817be8 R08: ffffed10025c0b33 R09: ffffed10025c0b33 [ 225.328554] R10: ffff888012e05993 R11: ffffed10025c0b32 R12: ffff888014393000 [ 225.329273] R13: ffff888012e059e8 R14: ffff88800bd3dc00 R15: 0000000000000000 [ 225.329988] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.331025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.331826] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 225.332563] PKRU: 55555554 [ 225.332856] Call Trace: [ 225.333117] [ 225.333345] iommufd_access_destroy_object+0x65/0x170 [ 225.333881] iommufd_object_destroy_user+0x18e/0x220 [ 225.334399] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.335037] iommufd_access_destroy+0x43/0x70 [ 225.335522] iommufd_test_staccess_release+0x8d/0xd0 [ 225.336049] __fput+0x26d/0xa40 [ 225.336400] ____fput+0x1e/0x30 [ 225.336860] task_work_run+0x1a4/0x2d0 [ 225.337504] ? __pfx_task_work_run+0x10/0x10 [ 225.337959] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.338463] ? switch_task_namespaces+0xa9/0xe0 [ 225.338975] do_exit+0xb17/0x2ef0 [ 225.339350] ? lock_acquire+0x427/0x4c0 [ 225.339776] ? __pfx_lock_release+0x10/0x10 [ 225.340227] ? __kasan_check_write+0x18/0x20 [ 225.340680] ? do_raw_spin_lock+0x132/0x2a0 [ 225.341119] ? __pfx_do_exit+0x10/0x10 [ 225.341569] ? debug_smp_processor_id+0x20/0x30 [ 225.342189] ? rcu_is_watching+0x19/0xb0 [ 225.342759] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.343243] ? trace_hardirqs_on+0x26/0x120 [ 225.343693] do_group_exit+0xe0/0x2b0 [ 225.344082] __x64_sys_exit_group+0x47/0x50 [ 225.344520] do_syscall_64+0x3b/0x90 [ 225.344911] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.345449] RIP: 0033:0x7f4b87518a4d [ 225.345827] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.346455] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.347266] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.347988] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.348711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.349433] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.350144] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.350899] [ 225.351150] irq event stamp: 0 [ 225.351477] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.352120] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.352970] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.353816] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.354457] ---[ end trace 0000000000000000 ]--- [ 225.355435] ------------[ cut here ]------------ [ 225.356001] WARNING: CPU: 0 PID: 2154 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.357351] Modules linked in: [ 225.357680] CPU: 0 PID: 2154 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.358600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.359750] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.360270] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.362641] RSP: 0018:ffff888015817b78 EFLAGS: 00010246 [ 225.363195] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.363913] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 225.364631] RBP: ffff888015817b98 R08: ffffed10025c0b3e R09: ffffed10025c0b3e [ 225.365346] R10: ffff888012e059ef R11: ffffed10025c0b3d R12: ffff888012e05a90 [ 225.366114] R13: ffff888012e058a8 R14: ffffffffffffffff R15: ffff888015817c60 [ 225.367114] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.368089] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.368678] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 225.369403] PKRU: 55555554 [ 225.369690] Call Trace: [ 225.369947] [ 225.370178] iommufd_ioas_destroy+0x53/0x70 [ 225.370660] iommufd_fops_release+0x1f7/0x370 [ 225.371131] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.371653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.372186] ? write_comp_data+0x2f/0x90 [ 225.372754] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.373416] __fput+0x26d/0xa40 [ 225.373775] ____fput+0x1e/0x30 [ 225.374121] task_work_run+0x1a4/0x2d0 [ 225.374559] ? __pfx_task_work_run+0x10/0x10 [ 225.375020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.375539] ? switch_task_namespaces+0xa9/0xe0 [ 225.376033] do_exit+0xb17/0x2ef0 [ 225.376399] ? lock_acquire+0x427/0x4c0 [ 225.376820] ? __pfx_lock_release+0x10/0x10 [ 225.377320] ? __kasan_check_write+0x18/0x20 [ 225.377904] ? do_raw_spin_lock+0x132/0x2a0 [ 225.378619] ? __pfx_do_exit+0x10/0x10 [ 225.379035] ? debug_smp_processor_id+0x20/0x30 [ 225.379543] ? rcu_is_watching+0x19/0xb0 [ 225.379975] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.380437] ? trace_hardirqs_on+0x26/0x120 [ 225.380879] do_group_exit+0xe0/0x2b0 [ 225.381270] __x64_sys_exit_group+0x47/0x50 [ 225.381704] do_syscall_64+0x3b/0x90 [ 225.382094] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.382663] RIP: 0033:0x7f4b87518a4d [ 225.383046] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.383698] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.384753] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.385632] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.386346] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.387085] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.387822] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.388552] [ 225.388790] irq event stamp: 0 [ 225.389187] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.390132] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.391006] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.391861] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.392505] ---[ end trace 0000000000000000 ]--- [ 225.397507] ------------[ cut here ]------------ [ 225.398032] WARNING: CPU: 0 PID: 2155 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.399161] Modules linked in: [ 225.399493] CPU: 0 PID: 2155 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.400375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.401756] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.402349] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.404214] RSP: 0018:ffff8880162ffbb8 EFLAGS: 00010246 [ 225.404763] RAX: 0000000000000000 RBX: ffff88801608d0a8 RCX: 0000000000000000 [ 225.405485] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 225.406211] RBP: ffff8880162ffbd0 R08: ffffed1002c11a33 R09: ffffed1002c11a33 [ 225.406955] R10: ffff88801608d193 R11: ffffed1002c11a32 R12: ffff888017066c00 [ 225.407690] R13: ffff88801608d1e8 R14: ffffffff8352e670 R15: ffff8880162ffe68 [ 225.408412] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.409248] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.409859] CR2: 00007f4b877410e8 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 225.410632] PKRU: 55555554 [ 225.410937] Call Trace: [ 225.411217] [ 225.411453] __iommufd_access_detach+0x1c2/0x2b0 [ 225.411967] iommufd_access_change_pt+0x149/0x270 [ 225.412491] iommufd_access_replace+0xb4/0x120 [ 225.412984] iommufd_test+0x3e5/0x37e0 [ 225.413397] ? lock_release+0x532/0x770 [ 225.413828] ? __might_fault+0x102/0x1b0 [ 225.414259] ? lock_acquire+0x427/0x4c0 [ 225.414712] ? __pfx_iommufd_test+0x10/0x10 [ 225.415166] ? __pfx_lock_release+0x10/0x10 [ 225.415627] ? __pfx_lock_acquire+0x10/0x10 [ 225.416085] ? write_comp_data+0x2f/0x90 [ 225.416512] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.417028] ? write_comp_data+0x2f/0x90 [ 225.417472] iommufd_fops_ioctl+0x37d/0x510 [ 225.417932] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.418447] ? write_comp_data+0x2f/0x90 [ 225.418896] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.419413] __x64_sys_ioctl+0x1a3/0x230 [ 225.419859] do_syscall_64+0x3b/0x90 [ 225.420264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.420817] RIP: 0033:0x7f4b8743ee5d [ 225.421212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.423114] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.423938] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.424686] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.425421] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.426160] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.426929] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.427702] [ 225.427948] irq event stamp: 0 [ 225.428279] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.428932] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.429796] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.430681] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.431357] ---[ end trace 0000000000000000 ]--- [ 225.435110] ------------[ cut here ]------------ [ 225.435670] WARNING: CPU: 0 PID: 2155 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.436831] Modules linked in: [ 225.437290] CPU: 0 PID: 2155 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.438371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.439599] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.440120] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.442292] RSP: 0018:ffff8880162ffbd0 EFLAGS: 00010246 [ 225.443008] RAX: 0000000000000000 RBX: ffff88801608d0a8 RCX: 0000000000000000 [ 225.443768] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 225.444504] RBP: ffff8880162ffbe8 R08: ffffed1002c11a33 R09: ffffed1002c11a33 [ 225.445245] R10: ffff88801608d193 R11: ffffed1002c11a32 R12: ffff888017b95c00 [ 225.445976] R13: ffff88801608d1e8 R14: ffff888020c53e00 R15: 0000000000000000 [ 225.446758] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 225.447620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.448222] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 225.448974] PKRU: 55555554 [ 225.449277] Call Trace: [ 225.449548] [ 225.449786] iommufd_access_destroy_object+0x65/0x170 [ 225.450334] iommufd_object_destroy_user+0x18e/0x220 [ 225.450896] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.451512] iommufd_access_destroy+0x43/0x70 [ 225.451998] iommufd_test_staccess_release+0x8d/0xd0 [ 225.452538] __fput+0x26d/0xa40 [ 225.452903] ____fput+0x1e/0x30 [ 225.453254] task_work_run+0x1a4/0x2d0 [ 225.453664] ? __pfx_task_work_run+0x10/0x10 [ 225.454130] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.454675] ? switch_task_namespaces+0xa9/0xe0 [ 225.455199] do_exit+0xb17/0x2ef0 [ 225.455572] ? lock_acquire+0x427/0x4c0 [ 225.456001] ? __pfx_lock_release+0x10/0x10 [ 225.456461] ? __kasan_check_write+0x18/0x20 [ 225.456926] ? do_raw_spin_lock+0x132/0x2a0 [ 225.457371] ? __pfx_do_exit+0x10/0x10 [ 225.457786] ? debug_smp_processor_id+0x20/0x30 [ 225.458279] ? rcu_is_watching+0x19/0xb0 [ 225.458728] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.459211] ? trace_hardirqs_on+0x26/0x120 [ 225.459670] do_group_exit+0xe0/0x2b0 [ 225.460079] __x64_sys_exit_group+0x47/0x50 [ 225.460529] do_syscall_64+0x3b/0x90 [ 225.460927] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.461466] RIP: 0033:0x7f4b87518a4d [ 225.461855] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.462494] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.463316] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.464064] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.464809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.465559] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.466304] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.467099] [ 225.467372] irq event stamp: 0 [ 225.467709] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.468367] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.469260] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.470138] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.470821] ---[ end trace 0000000000000000 ]--- [ 225.472173] ------------[ cut here ]------------ [ 225.472892] WARNING: CPU: 1 PID: 2155 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.474298] Modules linked in: [ 225.474960] CPU: 1 PID: 2155 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.476154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.477796] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.478474] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.481091] RSP: 0018:ffff8880162ffb78 EFLAGS: 00010246 [ 225.481797] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.482902] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 225.483852] RBP: ffff8880162ffb98 R08: ffffed1002c11a3e R09: ffffed1002c11a3e [ 225.484924] R10: ffff88801608d1ef R11: ffffed1002c11a3d R12: ffff88801608d290 [ 225.485854] R13: ffff88801608d0a8 R14: ffffffffffffffff R15: ffff8880162ffc60 [ 225.486997] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.488068] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.488835] CR2: 00007f82e2ab6030 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 225.489944] PKRU: 55555554 [ 225.490323] Call Trace: [ 225.490707] [ 225.491016] iommufd_ioas_destroy+0x53/0x70 [ 225.491727] iommufd_fops_release+0x1f7/0x370 [ 225.492403] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.493064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.493744] ? write_comp_data+0x2f/0x90 [ 225.494418] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.495160] __fput+0x26d/0xa40 [ 225.495641] ____fput+0x1e/0x30 [ 225.496142] task_work_run+0x1a4/0x2d0 [ 225.496762] ? __pfx_task_work_run+0x10/0x10 [ 225.497353] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.498014] ? switch_task_namespaces+0xa9/0xe0 [ 225.498880] do_exit+0xb17/0x2ef0 [ 225.499386] ? lock_acquire+0x427/0x4c0 [ 225.499946] ? __pfx_lock_release+0x10/0x10 [ 225.500543] ? __kasan_check_write+0x18/0x20 [ 225.501313] ? do_raw_spin_lock+0x132/0x2a0 [ 225.501904] ? __pfx_do_exit+0x10/0x10 [ 225.502450] ? debug_smp_processor_id+0x20/0x30 [ 225.503138] ? rcu_is_watching+0x19/0xb0 [ 225.503854] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.504468] ? trace_hardirqs_on+0x26/0x120 [ 225.505049] do_group_exit+0xe0/0x2b0 [ 225.505559] __x64_sys_exit_group+0x47/0x50 [ 225.506126] do_syscall_64+0x3b/0x90 [ 225.506709] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.507499] RIP: 0033:0x7f4b87518a4d [ 225.508110] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.508944] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.510039] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.511102] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.512049] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.513158] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.514085] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.515197] [ 225.515580] irq event stamp: 0 [ 225.516000] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.516845] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.518106] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.519292] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.520157] ---[ end trace 0000000000000000 ]--- [ 225.528709] ------------[ cut here ]------------ [ 225.529529] WARNING: CPU: 1 PID: 2156 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.531140] Modules linked in: [ 225.531593] CPU: 1 PID: 2156 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.532963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.534466] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.535375] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.538007] RSP: 0018:ffff888011df7bb8 EFLAGS: 00010246 [ 225.538764] RAX: 0000000000000000 RBX: ffff88800ff0f0a8 RCX: 0000000000000000 [ 225.539732] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 225.540877] RBP: ffff888011df7bd0 R08: ffffed1001fe1e33 R09: ffffed1001fe1e33 [ 225.541813] R10: ffff88800ff0f193 R11: ffffed1001fe1e32 R12: ffff888010e01000 [ 225.543002] R13: ffff88800ff0f1e8 R14: ffffffff8352e670 R15: ffff888011df7e68 [ 225.543993] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.545194] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.546044] CR2: 00007f4b877410e8 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 225.547036] PKRU: 55555554 [ 225.547442] Call Trace: [ 225.547897] [ 225.548302] __iommufd_access_detach+0x1c2/0x2b0 [ 225.548982] iommufd_access_change_pt+0x149/0x270 [ 225.549661] iommufd_access_replace+0xb4/0x120 [ 225.550472] iommufd_test+0x3e5/0x37e0 [ 225.551084] ? lock_release+0x532/0x770 [ 225.551679] ? __might_fault+0x102/0x1b0 [ 225.552232] ? lock_acquire+0x427/0x4c0 [ 225.552882] ? __pfx_iommufd_test+0x10/0x10 [ 225.553547] ? __pfx_lock_release+0x10/0x10 [ 225.554154] ? __pfx_lock_acquire+0x10/0x10 [ 225.554824] ? write_comp_data+0x2f/0x90 [ 225.555447] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.556208] ? write_comp_data+0x2f/0x90 [ 225.556775] iommufd_fops_ioctl+0x37d/0x510 [ 225.557373] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.558152] ? write_comp_data+0x2f/0x90 [ 225.558842] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.559520] __x64_sys_ioctl+0x1a3/0x230 [ 225.560074] do_syscall_64+0x3b/0x90 [ 225.560628] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.561418] RIP: 0033:0x7f4b8743ee5d [ 225.561914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.564543] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.565576] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.566741] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.567705] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.568755] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.569782] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.570811] [ 225.571226] irq event stamp: 0 [ 225.571652] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.572493] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.573808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.574988] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.575857] ---[ end trace 0000000000000000 ]--- [ 225.581712] ------------[ cut here ]------------ [ 225.582396] WARNING: CPU: 1 PID: 2156 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.584040] Modules linked in: [ 225.584494] CPU: 1 PID: 2156 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.585767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.587406] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.588190] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.590942] RSP: 0018:ffff888011df7bd0 EFLAGS: 00010246 [ 225.591692] RAX: 0000000000000000 RBX: ffff88800ff0f0a8 RCX: 0000000000000000 [ 225.592653] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 225.593794] RBP: ffff888011df7be8 R08: ffffed1001fe1e33 R09: ffffed1001fe1e33 [ 225.594787] R10: ffff88800ff0f193 R11: ffffed1001fe1e32 R12: ffff88800ae90400 [ 225.595850] R13: ffff88800ff0f1e8 R14: ffff888018b99800 R15: 0000000000000000 [ 225.596890] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.598056] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.598963] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 225.599949] PKRU: 55555554 [ 225.600341] Call Trace: [ 225.600694] [ 225.601008] iommufd_access_destroy_object+0x65/0x170 [ 225.601724] iommufd_object_destroy_user+0x18e/0x220 [ 225.602424] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.603371] iommufd_access_destroy+0x43/0x70 [ 225.603976] iommufd_test_staccess_release+0x8d/0xd0 [ 225.604669] __fput+0x26d/0xa40 [ 225.605108] ____fput+0x1e/0x30 [ 225.605602] task_work_run+0x1a4/0x2d0 [ 225.606241] ? __pfx_task_work_run+0x10/0x10 [ 225.606839] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.607480] ? switch_task_namespaces+0xa9/0xe0 [ 225.607993] do_exit+0xb17/0x2ef0 [ 225.608350] ? lock_acquire+0x427/0x4c0 [ 225.608775] ? __pfx_lock_release+0x10/0x10 [ 225.609222] ? __kasan_check_write+0x18/0x20 [ 225.609686] ? do_raw_spin_lock+0x132/0x2a0 [ 225.610129] ? __pfx_do_exit+0x10/0x10 [ 225.610578] ? debug_smp_processor_id+0x20/0x30 [ 225.611176] ? rcu_is_watching+0x19/0xb0 [ 225.611606] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.612082] ? trace_hardirqs_on+0x26/0x120 [ 225.612530] do_group_exit+0xe0/0x2b0 [ 225.612934] __x64_sys_exit_group+0x47/0x50 [ 225.613378] do_syscall_64+0x3b/0x90 [ 225.613778] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.614329] RIP: 0033:0x7f4b87518a4d [ 225.614753] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.615526] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.616302] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.617018] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.617736] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.618464] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.619235] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.620036] [ 225.620277] irq event stamp: 0 [ 225.620605] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.621242] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.622089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.622977] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.623699] ---[ end trace 0000000000000000 ]--- [ 225.624561] ------------[ cut here ]------------ [ 225.625051] WARNING: CPU: 1 PID: 2156 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.626085] Modules linked in: [ 225.626412] CPU: 1 PID: 2156 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.627388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.628609] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.629141] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.631016] RSP: 0018:ffff888011df7b78 EFLAGS: 00010246 [ 225.631619] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.632345] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 225.633060] RBP: ffff888011df7b98 R08: ffffed1001fe1e3e R09: ffffed1001fe1e3e [ 225.633777] R10: ffff88800ff0f1ef R11: ffffed1001fe1e3d R12: ffff88800ff0f290 [ 225.634498] R13: ffff88800ff0f0a8 R14: ffffffffffffffff R15: ffff888011df7c60 [ 225.635360] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.636181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.636735] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 225.637395] PKRU: 55555554 [ 225.637668] Call Trace: [ 225.637907] [ 225.638117] iommufd_ioas_destroy+0x53/0x70 [ 225.638563] iommufd_fops_release+0x1f7/0x370 [ 225.639091] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.639576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.640051] ? write_comp_data+0x2f/0x90 [ 225.640442] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.640917] __fput+0x26d/0xa40 [ 225.641242] ____fput+0x1e/0x30 [ 225.641560] task_work_run+0x1a4/0x2d0 [ 225.641931] ? __pfx_task_work_run+0x10/0x10 [ 225.642354] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.642849] ? switch_task_namespaces+0xa9/0xe0 [ 225.643431] do_exit+0xb17/0x2ef0 [ 225.643759] ? lock_acquire+0x427/0x4c0 [ 225.644139] ? __pfx_lock_release+0x10/0x10 [ 225.644559] ? __kasan_check_write+0x18/0x20 [ 225.644969] ? do_raw_spin_lock+0x132/0x2a0 [ 225.645364] ? __pfx_do_exit+0x10/0x10 [ 225.645736] ? debug_smp_processor_id+0x20/0x30 [ 225.646162] ? rcu_is_watching+0x19/0xb0 [ 225.646565] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.647077] ? trace_hardirqs_on+0x26/0x120 [ 225.647504] do_group_exit+0xe0/0x2b0 [ 225.647852] __x64_sys_exit_group+0x47/0x50 [ 225.648257] do_syscall_64+0x3b/0x90 [ 225.648606] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.649090] RIP: 0033:0x7f4b87518a4d [ 225.649439] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.649966] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.650657] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.651390] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.652000] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.652616] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.653224] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.653852] [ 225.654053] irq event stamp: 0 [ 225.654327] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.654906] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.655977] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.656977] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.657723] ---[ end trace 0000000000000000 ]--- [ 225.664246] ------------[ cut here ]------------ [ 225.664815] WARNING: CPU: 1 PID: 2157 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.665946] Modules linked in: [ 225.666311] CPU: 1 PID: 2157 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.667661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.668922] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.669485] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.671556] RSP: 0018:ffff8880172dfbb8 EFLAGS: 00010246 [ 225.672159] RAX: 0000000000000000 RBX: ffff888011d9d8a8 RCX: 0000000000000000 [ 225.672955] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 225.673751] RBP: ffff8880172dfbd0 R08: ffffed10023b3b33 R09: ffffed10023b3b33 [ 225.674574] R10: ffff888011d9d993 R11: ffffed10023b3b32 R12: ffff888014581800 [ 225.675382] R13: ffff888011d9d9e8 R14: ffffffff8352e670 R15: ffff8880172dfe68 [ 225.676179] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.677073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.677722] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 225.678565] PKRU: 55555554 [ 225.678892] Call Trace: [ 225.679193] [ 225.679452] __iommufd_access_detach+0x1c2/0x2b0 [ 225.680000] iommufd_access_change_pt+0x149/0x270 [ 225.680554] iommufd_access_replace+0xb4/0x120 [ 225.681080] iommufd_test+0x3e5/0x37e0 [ 225.681517] ? lock_release+0x532/0x770 [ 225.681976] ? __might_fault+0x102/0x1b0 [ 225.682442] ? lock_acquire+0x427/0x4c0 [ 225.682933] ? __pfx_iommufd_test+0x10/0x10 [ 225.683427] ? __pfx_lock_release+0x10/0x10 [ 225.683922] ? __pfx_lock_acquire+0x10/0x10 [ 225.684416] ? write_comp_data+0x2f/0x90 [ 225.684884] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.685432] ? write_comp_data+0x2f/0x90 [ 225.685899] iommufd_fops_ioctl+0x37d/0x510 [ 225.686386] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.686968] ? write_comp_data+0x2f/0x90 [ 225.687448] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.687991] __x64_sys_ioctl+0x1a3/0x230 [ 225.688463] do_syscall_64+0x3b/0x90 [ 225.688893] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.689474] RIP: 0033:0x7f4b8743ee5d [ 225.689885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.691879] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.692708] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.693479] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.694251] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.695059] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.695853] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.696638] [ 225.696891] irq event stamp: 0 [ 225.697230] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.697896] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.698805] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.699692] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.700358] ---[ end trace 0000000000000000 ]--- [ 225.704561] ------------[ cut here ]------------ [ 225.705089] WARNING: CPU: 1 PID: 2157 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.706148] Modules linked in: [ 225.706487] CPU: 1 PID: 2157 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.707444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.708609] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.709131] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.711033] RSP: 0018:ffff8880172dfbd0 EFLAGS: 00010246 [ 225.711573] RAX: 0000000000000000 RBX: ffff888011d9d8a8 RCX: 0000000000000000 [ 225.712101] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 225.712622] RBP: ffff8880172dfbe8 R08: ffffed10023b3b33 R09: ffffed10023b3b33 [ 225.713139] R10: ffff888011d9d993 R11: ffffed10023b3b32 R12: ffff888010e01400 [ 225.713661] R13: ffff888011d9d9e8 R14: ffff88801239d300 R15: 0000000000000000 [ 225.714180] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.714792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.715230] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 225.715745] PKRU: 55555554 [ 225.715951] Call Trace: [ 225.716135] [ 225.716303] iommufd_access_destroy_object+0x65/0x170 [ 225.716682] iommufd_object_destroy_user+0x18e/0x220 [ 225.717056] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.717481] iommufd_access_destroy+0x43/0x70 [ 225.717814] iommufd_test_staccess_release+0x8d/0xd0 [ 225.718190] __fput+0x26d/0xa40 [ 225.718444] ____fput+0x1e/0x30 [ 225.718709] task_work_run+0x1a4/0x2d0 [ 225.719005] ? __pfx_task_work_run+0x10/0x10 [ 225.719346] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.719708] ? switch_task_namespaces+0xa9/0xe0 [ 225.720057] do_exit+0xb17/0x2ef0 [ 225.720311] ? lock_acquire+0x427/0x4c0 [ 225.720612] ? __pfx_lock_release+0x10/0x10 [ 225.720933] ? __kasan_check_write+0x18/0x20 [ 225.721257] ? do_raw_spin_lock+0x132/0x2a0 [ 225.721574] ? __pfx_do_exit+0x10/0x10 [ 225.721871] ? debug_smp_processor_id+0x20/0x30 [ 225.722214] ? rcu_is_watching+0x19/0xb0 [ 225.722532] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.722871] ? trace_hardirqs_on+0x26/0x120 [ 225.723205] do_group_exit+0xe0/0x2b0 [ 225.723486] __x64_sys_exit_group+0x47/0x50 [ 225.723800] do_syscall_64+0x3b/0x90 [ 225.724082] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.724464] RIP: 0033:0x7f4b87518a4d [ 225.724736] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.725180] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.725729] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.726247] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.726776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.727303] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.727816] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.728336] [ 225.728506] irq event stamp: 0 [ 225.728735] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.729189] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.729795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.730395] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.730863] ---[ end trace 0000000000000000 ]--- [ 225.731532] ------------[ cut here ]------------ [ 225.731877] WARNING: CPU: 1 PID: 2157 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.732618] Modules linked in: [ 225.732862] CPU: 1 PID: 2157 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.733504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.734311] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.734704] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.736031] RSP: 0018:ffff8880172dfb78 EFLAGS: 00010246 [ 225.736420] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.736933] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 225.737449] RBP: ffff8880172dfb98 R08: ffffed10023b3b3e R09: ffffed10023b3b3e [ 225.737966] R10: ffff888011d9d9ef R11: ffffed10023b3b3d R12: ffff888011d9da90 [ 225.738479] R13: ffff888011d9d8a8 R14: ffffffffffffffff R15: ffff8880172dfc60 [ 225.739013] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.739601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.740025] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 225.740553] PKRU: 55555554 [ 225.740764] Call Trace: [ 225.740951] [ 225.741116] iommufd_ioas_destroy+0x53/0x70 [ 225.741439] iommufd_fops_release+0x1f7/0x370 [ 225.741774] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.742142] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.742525] ? write_comp_data+0x2f/0x90 [ 225.742833] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.743222] __fput+0x26d/0xa40 [ 225.743500] ____fput+0x1e/0x30 [ 225.743751] task_work_run+0x1a4/0x2d0 [ 225.744043] ? __pfx_task_work_run+0x10/0x10 [ 225.744373] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.744737] ? switch_task_namespaces+0xa9/0xe0 [ 225.745091] do_exit+0xb17/0x2ef0 [ 225.745350] ? lock_acquire+0x427/0x4c0 [ 225.745653] ? __pfx_lock_release+0x10/0x10 [ 225.745974] ? __kasan_check_write+0x18/0x20 [ 225.746300] ? do_raw_spin_lock+0x132/0x2a0 [ 225.746639] ? __pfx_do_exit+0x10/0x10 [ 225.746942] ? debug_smp_processor_id+0x20/0x30 [ 225.747303] ? rcu_is_watching+0x19/0xb0 [ 225.747609] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.747949] ? trace_hardirqs_on+0x26/0x120 [ 225.748271] do_group_exit+0xe0/0x2b0 [ 225.748551] __x64_sys_exit_group+0x47/0x50 [ 225.748867] do_syscall_64+0x3b/0x90 [ 225.749149] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.749533] RIP: 0033:0x7f4b87518a4d [ 225.749805] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.750249] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.750815] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.751353] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.751873] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.752390] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.752903] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.753423] [ 225.753595] irq event stamp: 0 [ 225.753826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.754281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.754911] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.755530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.755987] ---[ end trace 0000000000000000 ]--- [ 225.760232] ------------[ cut here ]------------ [ 225.760616] WARNING: CPU: 1 PID: 2158 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.761350] Modules linked in: [ 225.761582] CPU: 1 PID: 2158 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.762212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.763065] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.763439] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.764753] RSP: 0018:ffff8880208a7bb8 EFLAGS: 00010246 [ 225.765140] RAX: 0000000000000000 RBX: ffff8880171be8a8 RCX: 0000000000000000 [ 225.765653] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 225.766164] RBP: ffff8880208a7bd0 R08: ffffed1002e37d33 R09: ffffed1002e37d33 [ 225.766696] R10: ffff8880171be993 R11: ffffed1002e37d32 R12: ffff888013b20800 [ 225.767221] R13: ffff8880171be9e8 R14: ffffffff8352e670 R15: ffff8880208a7e68 [ 225.767737] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.768320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.768745] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 225.769265] PKRU: 55555554 [ 225.769471] Call Trace: [ 225.769658] [ 225.769825] __iommufd_access_detach+0x1c2/0x2b0 [ 225.770185] iommufd_access_change_pt+0x149/0x270 [ 225.770567] iommufd_access_replace+0xb4/0x120 [ 225.770914] iommufd_test+0x3e5/0x37e0 [ 225.771211] ? lock_release+0x532/0x770 [ 225.771516] ? __might_fault+0x102/0x1b0 [ 225.771825] ? lock_acquire+0x427/0x4c0 [ 225.772129] ? __pfx_iommufd_test+0x10/0x10 [ 225.772445] ? __pfx_lock_release+0x10/0x10 [ 225.772768] ? __pfx_lock_acquire+0x10/0x10 [ 225.773092] ? write_comp_data+0x2f/0x90 [ 225.773402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.773761] ? write_comp_data+0x2f/0x90 [ 225.774071] iommufd_fops_ioctl+0x37d/0x510 [ 225.774394] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.774773] ? write_comp_data+0x2f/0x90 [ 225.775084] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.775461] __x64_sys_ioctl+0x1a3/0x230 [ 225.775770] do_syscall_64+0x3b/0x90 [ 225.776054] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.776436] RIP: 0033:0x7f4b8743ee5d [ 225.776709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.778025] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.778591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.779111] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.779639] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.780154] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.780669] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.781195] [ 225.781367] irq event stamp: 0 [ 225.781598] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.782053] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.782683] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.783298] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.783756] ---[ end trace 0000000000000000 ]--- [ 225.786366] ------------[ cut here ]------------ [ 225.786756] WARNING: CPU: 1 PID: 2158 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.787506] Modules linked in: [ 225.787740] CPU: 1 PID: 2158 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.788373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.789180] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.789546] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.790899] RSP: 0018:ffff8880208a7bd0 EFLAGS: 00010246 [ 225.791294] RAX: 0000000000000000 RBX: ffff8880171be8a8 RCX: 0000000000000000 [ 225.791808] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 225.792322] RBP: ffff8880208a7be8 R08: ffffed1002e37d33 R09: ffffed1002e37d33 [ 225.792837] R10: ffff8880171be993 R11: ffffed1002e37d32 R12: ffff888014580c00 [ 225.793353] R13: ffff8880171be9e8 R14: ffff88802185c900 R15: 0000000000000000 [ 225.793867] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.794446] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.794879] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 225.795404] PKRU: 55555554 [ 225.795610] Call Trace: [ 225.795797] [ 225.795962] iommufd_access_destroy_object+0x65/0x170 [ 225.796339] iommufd_object_destroy_user+0x18e/0x220 [ 225.796714] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.797141] iommufd_access_destroy+0x43/0x70 [ 225.797477] iommufd_test_staccess_release+0x8d/0xd0 [ 225.797855] __fput+0x26d/0xa40 [ 225.798111] ____fput+0x1e/0x30 [ 225.798359] task_work_run+0x1a4/0x2d0 [ 225.798666] ? __pfx_task_work_run+0x10/0x10 [ 225.798993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.799364] ? switch_task_namespaces+0xa9/0xe0 [ 225.799713] do_exit+0xb17/0x2ef0 [ 225.799967] ? lock_acquire+0x427/0x4c0 [ 225.800268] ? __pfx_lock_release+0x10/0x10 [ 225.800592] ? __kasan_check_write+0x18/0x20 [ 225.800918] ? do_raw_spin_lock+0x132/0x2a0 [ 225.801235] ? __pfx_do_exit+0x10/0x10 [ 225.801527] ? debug_smp_processor_id+0x20/0x30 [ 225.801883] ? rcu_is_watching+0x19/0xb0 [ 225.802181] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.802535] ? trace_hardirqs_on+0x26/0x120 [ 225.802860] do_group_exit+0xe0/0x2b0 [ 225.803147] __x64_sys_exit_group+0x47/0x50 [ 225.803469] do_syscall_64+0x3b/0x90 [ 225.803751] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.804135] RIP: 0033:0x7f4b87518a4d [ 225.804408] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.804854] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.805401] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.805917] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.806433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.806963] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.807491] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.808017] [ 225.808189] irq event stamp: 0 [ 225.808425] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.808880] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.809489] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.810092] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.810570] ---[ end trace 0000000000000000 ]--- [ 225.811235] ------------[ cut here ]------------ [ 225.811583] WARNING: CPU: 1 PID: 2158 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.812320] Modules linked in: [ 225.812556] CPU: 1 PID: 2158 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.813188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.814002] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.814377] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.815728] RSP: 0018:ffff8880208a7b78 EFLAGS: 00010246 [ 225.816119] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.816633] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 225.817148] RBP: ffff8880208a7b98 R08: ffffed1002e37d3e R09: ffffed1002e37d3e [ 225.817659] R10: ffff8880171be9ef R11: ffffed1002e37d3d R12: ffff8880171bea90 [ 225.818175] R13: ffff8880171be8a8 R14: ffffffffffffffff R15: ffff8880208a7c60 [ 225.818709] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.819295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.819720] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 225.820235] PKRU: 55555554 [ 225.820443] Call Trace: [ 225.820629] [ 225.820797] iommufd_ioas_destroy+0x53/0x70 [ 225.821118] iommufd_fops_release+0x1f7/0x370 [ 225.821452] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.821821] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.822185] ? write_comp_data+0x2f/0x90 [ 225.822493] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.822890] __fput+0x26d/0xa40 [ 225.823158] ____fput+0x1e/0x30 [ 225.823410] task_work_run+0x1a4/0x2d0 [ 225.823704] ? __pfx_task_work_run+0x10/0x10 [ 225.824043] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.824406] ? switch_task_namespaces+0xa9/0xe0 [ 225.824757] do_exit+0xb17/0x2ef0 [ 225.825016] ? lock_acquire+0x427/0x4c0 [ 225.825314] ? __pfx_lock_release+0x10/0x10 [ 225.825635] ? __kasan_check_write+0x18/0x20 [ 225.825958] ? do_raw_spin_lock+0x132/0x2a0 [ 225.826275] ? __pfx_do_exit+0x10/0x10 [ 225.826584] ? debug_smp_processor_id+0x20/0x30 [ 225.826928] ? rcu_is_watching+0x19/0xb0 [ 225.827235] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.827574] ? trace_hardirqs_on+0x26/0x120 [ 225.827896] do_group_exit+0xe0/0x2b0 [ 225.828177] __x64_sys_exit_group+0x47/0x50 [ 225.828492] do_syscall_64+0x3b/0x90 [ 225.828772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.829153] RIP: 0033:0x7f4b87518a4d [ 225.829424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.829867] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.830415] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.830941] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.831466] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.831978] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.832489] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.833009] [ 225.833179] irq event stamp: 0 [ 225.833407] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.833861] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.834460] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.835075] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.835535] ---[ end trace 0000000000000000 ]--- [ 225.840232] ------------[ cut here ]------------ [ 225.840596] WARNING: CPU: 1 PID: 2159 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.841302] Modules linked in: [ 225.841529] CPU: 1 PID: 2159 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.842133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.843101] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.843461] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.844719] RSP: 0018:ffff88801672fbb8 EFLAGS: 00010246 [ 225.845089] RAX: 0000000000000000 RBX: ffff8880167bb8a8 RCX: 0000000000000000 [ 225.845581] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 225.846064] RBP: ffff88801672fbd0 R08: ffffed1002cf7733 R09: ffffed1002cf7733 [ 225.846562] R10: ffff8880167bb993 R11: ffffed1002cf7732 R12: ffff888010c4ac00 [ 225.847046] R13: ffff8880167bb9e8 R14: ffffffff8352e670 R15: ffff88801672fe68 [ 225.847537] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.848083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.848475] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 225.848959] PKRU: 55555554 [ 225.849152] Call Trace: [ 225.849329] [ 225.849484] __iommufd_access_detach+0x1c2/0x2b0 [ 225.849824] iommufd_access_change_pt+0x149/0x270 [ 225.850168] iommufd_access_replace+0xb4/0x120 [ 225.850496] iommufd_test+0x3e5/0x37e0 [ 225.850782] ? lock_release+0x532/0x770 [ 225.851064] ? __might_fault+0x102/0x1b0 [ 225.851358] ? lock_acquire+0x427/0x4c0 [ 225.851639] ? __pfx_iommufd_test+0x10/0x10 [ 225.851938] ? __pfx_lock_release+0x10/0x10 [ 225.852246] ? __pfx_lock_acquire+0x10/0x10 [ 225.852559] ? write_comp_data+0x2f/0x90 [ 225.852851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.853190] ? write_comp_data+0x2f/0x90 [ 225.853484] iommufd_fops_ioctl+0x37d/0x510 [ 225.853788] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.854125] ? write_comp_data+0x2f/0x90 [ 225.854411] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.854759] __x64_sys_ioctl+0x1a3/0x230 [ 225.855049] do_syscall_64+0x3b/0x90 [ 225.855320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.855682] RIP: 0033:0x7f4b8743ee5d [ 225.855937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.857170] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.857690] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.858181] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.858687] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.859187] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.859682] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.860173] [ 225.860334] irq event stamp: 0 [ 225.860564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.860999] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.861814] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.862420] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.862884] ---[ end trace 0000000000000000 ]--- [ 225.865362] ------------[ cut here ]------------ [ 225.865750] WARNING: CPU: 1 PID: 2159 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.866443] Modules linked in: [ 225.866687] CPU: 1 PID: 2159 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.867296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.868163] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.868516] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.869777] RSP: 0018:ffff88801672fbd0 EFLAGS: 00010246 [ 225.870140] RAX: 0000000000000000 RBX: ffff8880167bb8a8 RCX: 0000000000000000 [ 225.870727] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 225.871237] RBP: ffff88801672fbe8 R08: ffffed1002cf7733 R09: ffffed1002cf7733 [ 225.871738] R10: ffff8880167bb993 R11: ffffed1002cf7732 R12: ffff888013b23000 [ 225.872234] R13: ffff8880167bb9e8 R14: ffff888013eb4800 R15: 0000000000000000 [ 225.872737] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.873287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.873780] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 225.874269] PKRU: 55555554 [ 225.874463] Call Trace: [ 225.874669] [ 225.874830] iommufd_access_destroy_object+0x65/0x170 [ 225.875204] iommufd_object_destroy_user+0x18e/0x220 [ 225.875569] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.875974] iommufd_access_destroy+0x43/0x70 [ 225.876290] iommufd_test_staccess_release+0x8d/0xd0 [ 225.876648] __fput+0x26d/0xa40 [ 225.876890] ____fput+0x1e/0x30 [ 225.877168] task_work_run+0x1a4/0x2d0 [ 225.877479] ? __pfx_task_work_run+0x10/0x10 [ 225.877789] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.878130] ? switch_task_namespaces+0xa9/0xe0 [ 225.878464] do_exit+0xb17/0x2ef0 [ 225.878730] ? lock_acquire+0x427/0x4c0 [ 225.879016] ? __pfx_lock_release+0x10/0x10 [ 225.879330] ? __kasan_check_write+0x18/0x20 [ 225.879645] ? do_raw_spin_lock+0x132/0x2a0 [ 225.879951] ? __pfx_do_exit+0x10/0x10 [ 225.880236] ? debug_smp_processor_id+0x20/0x30 [ 225.880639] ? rcu_is_watching+0x19/0xb0 [ 225.880937] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.881256] ? trace_hardirqs_on+0x26/0x120 [ 225.881560] do_group_exit+0xe0/0x2b0 [ 225.881826] __x64_sys_exit_group+0x47/0x50 [ 225.882122] do_syscall_64+0x3b/0x90 [ 225.882386] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.882768] RIP: 0033:0x7f4b87518a4d [ 225.883027] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.883456] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.884000] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.884549] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.885031] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.885516] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.886004] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.886502] [ 225.886683] irq event stamp: 0 [ 225.886899] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.887406] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.888035] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.888609] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.889040] ---[ end trace 0000000000000000 ]--- [ 225.889664] ------------[ cut here ]------------ [ 225.890012] WARNING: CPU: 1 PID: 2159 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.890816] Modules linked in: [ 225.891037] CPU: 1 PID: 2159 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.891645] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.892412] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.892773] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.894133] RSP: 0018:ffff88801672fb78 EFLAGS: 00010246 [ 225.894500] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.895010] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 225.895514] RBP: ffff88801672fb98 R08: ffffed1002cf773e R09: ffffed1002cf773e [ 225.896002] R10: ffff8880167bb9ef R11: ffffed1002cf773d R12: ffff8880167bba90 [ 225.896537] R13: ffff8880167bb8a8 R14: ffffffffffffffff R15: ffff88801672fc60 [ 225.897069] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.897616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.898011] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 225.898500] PKRU: 55555554 [ 225.898717] Call Trace: [ 225.898893] [ 225.899050] iommufd_ioas_destroy+0x53/0x70 [ 225.899359] iommufd_fops_release+0x1f7/0x370 [ 225.899675] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.900125] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.900469] ? write_comp_data+0x2f/0x90 [ 225.900760] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.901107] __fput+0x26d/0xa40 [ 225.901351] ____fput+0x1e/0x30 [ 225.901588] task_work_run+0x1a4/0x2d0 [ 225.901864] ? __pfx_task_work_run+0x10/0x10 [ 225.902176] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.902569] ? switch_task_namespaces+0xa9/0xe0 [ 225.902967] do_exit+0xb17/0x2ef0 [ 225.903222] ? lock_acquire+0x427/0x4c0 [ 225.903516] ? __pfx_lock_release+0x10/0x10 [ 225.903825] ? __kasan_check_write+0x18/0x20 [ 225.904133] ? do_raw_spin_lock+0x132/0x2a0 [ 225.904436] ? __pfx_do_exit+0x10/0x10 [ 225.904715] ? debug_smp_processor_id+0x20/0x30 [ 225.905039] ? rcu_is_watching+0x19/0xb0 [ 225.905324] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.905640] ? trace_hardirqs_on+0x26/0x120 [ 225.905944] do_group_exit+0xe0/0x2b0 [ 225.906254] __x64_sys_exit_group+0x47/0x50 [ 225.906599] do_syscall_64+0x3b/0x90 [ 225.906865] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.907239] RIP: 0033:0x7f4b87518a4d [ 225.907499] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.907925] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.908454] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.908943] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.909460] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.909989] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.910478] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.910987] [ 225.911156] irq event stamp: 0 [ 225.911376] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.911809] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.912377] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.913001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.913485] ---[ end trace 0000000000000000 ]--- [ 225.917629] ------------[ cut here ]------------ [ 225.918039] WARNING: CPU: 1 PID: 2160 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.918770] Modules linked in: [ 225.918994] CPU: 1 PID: 2160 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.919602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.920365] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.920787] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.922029] RSP: 0018:ffff88800e9cfbb8 EFLAGS: 00010246 [ 225.922392] RAX: 0000000000000000 RBX: ffff888020ead0a8 RCX: 0000000000000000 [ 225.922928] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 225.923462] RBP: ffff88800e9cfbd0 R08: ffffed10041d5a33 R09: ffffed10041d5a33 [ 225.923950] R10: ffff888020ead193 R11: ffffed10041d5a32 R12: ffff888012e93800 [ 225.924435] R13: ffff888020ead1e8 R14: ffffffff8352e670 R15: ffff88800e9cfe68 [ 225.924965] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.925587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.926000] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 225.926516] PKRU: 55555554 [ 225.926722] Call Trace: [ 225.926902] [ 225.927062] __iommufd_access_detach+0x1c2/0x2b0 [ 225.927498] iommufd_access_change_pt+0x149/0x270 [ 225.927846] iommufd_access_replace+0xb4/0x120 [ 225.928174] iommufd_test+0x3e5/0x37e0 [ 225.928450] ? lock_release+0x532/0x770 [ 225.928747] ? __might_fault+0x102/0x1b0 [ 225.929047] ? lock_acquire+0x427/0x4c0 [ 225.929369] ? __pfx_iommufd_test+0x10/0x10 [ 225.929727] ? __pfx_lock_release+0x10/0x10 [ 225.930038] ? __pfx_lock_acquire+0x10/0x10 [ 225.930351] ? write_comp_data+0x2f/0x90 [ 225.930659] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.931006] ? write_comp_data+0x2f/0x90 [ 225.931314] iommufd_fops_ioctl+0x37d/0x510 [ 225.931676] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.932063] ? write_comp_data+0x2f/0x90 [ 225.932360] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 225.932706] __x64_sys_ioctl+0x1a3/0x230 [ 225.933002] do_syscall_64+0x3b/0x90 [ 225.933278] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.933676] RIP: 0033:0x7f4b8743ee5d [ 225.933986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 225.935285] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 225.935851] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 225.936417] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 225.936925] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 225.937430] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 225.937933] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 225.938548] [ 225.938718] irq event stamp: 0 [ 225.938944] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.939397] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.939993] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.940642] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.941115] ---[ end trace 0000000000000000 ]--- [ 225.945093] ------------[ cut here ]------------ [ 225.945458] WARNING: CPU: 1 PID: 2160 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 225.946224] Modules linked in: [ 225.946573] CPU: 1 PID: 2160 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.947206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.948009] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 225.948453] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 225.949753] RSP: 0018:ffff88800e9cfbd0 EFLAGS: 00010246 [ 225.950218] RAX: 0000000000000000 RBX: ffff888020ead0a8 RCX: 0000000000000000 [ 225.950750] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 225.951272] RBP: ffff88800e9cfbe8 R08: ffffed10041d5a33 R09: ffffed10041d5a33 [ 225.951876] R10: ffff888020ead193 R11: ffffed10041d5a32 R12: ffff888010c4a000 [ 225.952394] R13: ffff888020ead1e8 R14: ffff888020a66d00 R15: 0000000000000000 [ 225.952910] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.953586] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.954013] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 225.954546] PKRU: 55555554 [ 225.954762] Call Trace: [ 225.954993] [ 225.955221] iommufd_access_destroy_object+0x65/0x170 [ 225.955612] iommufd_object_destroy_user+0x18e/0x220 [ 225.955997] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 225.956437] iommufd_access_destroy+0x43/0x70 [ 225.956866] iommufd_test_staccess_release+0x8d/0xd0 [ 225.957259] __fput+0x26d/0xa40 [ 225.957525] ____fput+0x1e/0x30 [ 225.957781] task_work_run+0x1a4/0x2d0 [ 225.958081] ? __pfx_task_work_run+0x10/0x10 [ 225.958465] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.958892] ? switch_task_namespaces+0xa9/0xe0 [ 225.959266] do_exit+0xb17/0x2ef0 [ 225.959535] ? lock_acquire+0x427/0x4c0 [ 225.959844] ? __pfx_lock_release+0x10/0x10 [ 225.960230] ? __kasan_check_write+0x18/0x20 [ 225.960606] ? do_raw_spin_lock+0x132/0x2a0 [ 225.960932] ? __pfx_do_exit+0x10/0x10 [ 225.961235] ? debug_smp_processor_id+0x20/0x30 [ 225.961593] ? rcu_is_watching+0x19/0xb0 [ 225.961957] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.962348] ? trace_hardirqs_on+0x26/0x120 [ 225.962696] do_group_exit+0xe0/0x2b0 [ 225.962985] __x64_sys_exit_group+0x47/0x50 [ 225.963319] do_syscall_64+0x3b/0x90 [ 225.963663] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.964142] RIP: 0033:0x7f4b87518a4d [ 225.964421] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.964880] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.965568] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.966097] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.966647] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.967286] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.967816] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.968357] [ 225.968536] irq event stamp: 0 [ 225.968825] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.969344] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.969969] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.970690] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 225.971166] ---[ end trace 0000000000000000 ]--- [ 225.973647] ------------[ cut here ]------------ [ 225.974071] WARNING: CPU: 1 PID: 2160 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 225.974892] Modules linked in: [ 225.975148] CPU: 1 PID: 2160 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 225.975912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 225.976756] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 225.977175] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 225.978624] RSP: 0018:ffff88800e9cfb78 EFLAGS: 00010246 [ 225.979084] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 225.979693] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 225.980229] RBP: ffff88800e9cfb98 R08: ffffed10041d5a3e R09: ffffed10041d5a3e [ 225.980771] R10: ffff888020ead1ef R11: ffffed10041d5a3d R12: ffff888020ead290 [ 225.981408] R13: ffff888020ead0a8 R14: ffffffffffffffff R15: ffff88800e9cfc60 [ 225.981943] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 225.982572] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.983069] CR2: 00007f82e2ac1000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 225.983656] PKRU: 55555554 [ 225.983872] Call Trace: [ 225.984068] [ 225.984241] iommufd_ioas_destroy+0x53/0x70 [ 225.984579] iommufd_fops_release+0x1f7/0x370 [ 225.984985] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.985419] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.985801] ? write_comp_data+0x2f/0x90 [ 225.986122] ? __pfx_iommufd_fops_release+0x10/0x10 [ 225.986530] __fput+0x26d/0xa40 [ 225.986799] ____fput+0x1e/0x30 [ 225.987060] task_work_run+0x1a4/0x2d0 [ 225.987377] ? __pfx_task_work_run+0x10/0x10 [ 225.987718] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 225.988093] ? switch_task_namespaces+0xa9/0xe0 [ 225.988460] do_exit+0xb17/0x2ef0 [ 225.988739] ? lock_acquire+0x427/0x4c0 [ 225.989123] ? __pfx_lock_release+0x10/0x10 [ 225.989470] ? __kasan_check_write+0x18/0x20 [ 225.989807] ? do_raw_spin_lock+0x132/0x2a0 [ 225.990139] ? __pfx_do_exit+0x10/0x10 [ 225.990446] ? debug_smp_processor_id+0x20/0x30 [ 225.990826] ? rcu_is_watching+0x19/0xb0 [ 225.991151] ? _raw_spin_unlock_irq+0x2b/0x60 [ 225.991502] ? trace_hardirqs_on+0x26/0x120 [ 225.991838] do_group_exit+0xe0/0x2b0 [ 225.992132] __x64_sys_exit_group+0x47/0x50 [ 225.992462] do_syscall_64+0x3b/0x90 [ 225.992778] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 225.993246] RIP: 0033:0x7f4b87518a4d [ 225.993531] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 225.993992] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 225.994584] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 225.995125] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 225.995665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 225.996213] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 225.996831] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 225.997361] [ 225.997537] irq event stamp: 0 [ 225.997774] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 225.998240] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 225.998991] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 225.999635] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.000111] ---[ end trace 0000000000000000 ]--- [ 226.004593] ------------[ cut here ]------------ [ 226.004970] WARNING: CPU: 1 PID: 2161 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.005734] Modules linked in: [ 226.006085] CPU: 1 PID: 2161 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.006783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.007637] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.008018] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.009547] RSP: 0018:ffff888020dbfbb8 EFLAGS: 00010246 [ 226.009950] RAX: 0000000000000000 RBX: ffff8880178990a8 RCX: 0000000000000000 [ 226.010490] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 226.011055] RBP: ffff888020dbfbd0 R08: ffffed1002f13233 R09: ffffed1002f13233 [ 226.011654] R10: ffff888017899193 R11: ffffed1002f13232 R12: ffff888010e02400 [ 226.012283] R13: ffff8880178991e8 R14: ffffffff8352e670 R15: ffff888020dbfe68 [ 226.012825] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.013432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.013876] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 226.014479] PKRU: 55555554 [ 226.014818] Call Trace: [ 226.015018] [ 226.015200] __iommufd_access_detach+0x1c2/0x2b0 [ 226.015581] iommufd_access_change_pt+0x149/0x270 [ 226.015961] iommufd_access_replace+0xb4/0x120 [ 226.016324] iommufd_test+0x3e5/0x37e0 [ 226.016663] ? lock_release+0x532/0x770 [ 226.017096] ? __might_fault+0x102/0x1b0 [ 226.017421] ? lock_acquire+0x427/0x4c0 [ 226.017741] ? __pfx_iommufd_test+0x10/0x10 [ 226.018074] ? __pfx_lock_release+0x10/0x10 [ 226.018434] ? __pfx_lock_acquire+0x10/0x10 [ 226.018907] ? write_comp_data+0x2f/0x90 [ 226.019245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.019632] ? write_comp_data+0x2f/0x90 [ 226.019960] iommufd_fops_ioctl+0x37d/0x510 [ 226.020300] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.020733] ? write_comp_data+0x2f/0x90 [ 226.021146] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.021526] __x64_sys_ioctl+0x1a3/0x230 [ 226.021854] do_syscall_64+0x3b/0x90 [ 226.022158] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.022658] RIP: 0033:0x7f4b8743ee5d [ 226.023052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.024462] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.025233] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.025787] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.026342] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.027081] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.027649] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.028208] [ 226.028391] irq event stamp: 0 [ 226.028698] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.029294] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.029943] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.030682] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.031259] ---[ end trace 0000000000000000 ]--- [ 226.033988] ------------[ cut here ]------------ [ 226.034445] WARNING: CPU: 1 PID: 2161 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.035344] Modules linked in: [ 226.035599] CPU: 1 PID: 2161 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.036336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.037275] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.037662] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.039223] RSP: 0018:ffff888020dbfbd0 EFLAGS: 00010246 [ 226.039641] RAX: 0000000000000000 RBX: ffff8880178990a8 RCX: 0000000000000000 [ 226.040250] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 226.040842] RBP: ffff888020dbfbe8 R08: ffffed1002f13233 R09: ffffed1002f13233 [ 226.041391] R10: ffff888017899193 R11: ffffed1002f13232 R12: ffff888012e92000 [ 226.041995] R13: ffff8880178991e8 R14: ffff8880141d8500 R15: 0000000000000000 [ 226.042634] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.043267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.043720] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 226.044411] PKRU: 55555554 [ 226.044633] Call Trace: [ 226.044833] [ 226.045007] iommufd_access_destroy_object+0x65/0x170 [ 226.045417] iommufd_object_destroy_user+0x18e/0x220 [ 226.045883] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.046381] iommufd_access_destroy+0x43/0x70 [ 226.046770] iommufd_test_staccess_release+0x8d/0xd0 [ 226.047192] __fput+0x26d/0xa40 [ 226.047476] ____fput+0x1e/0x30 [ 226.047747] task_work_run+0x1a4/0x2d0 [ 226.048124] ? __pfx_task_work_run+0x10/0x10 [ 226.048526] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.048921] ? switch_task_namespaces+0xa9/0xe0 [ 226.049303] do_exit+0xb17/0x2ef0 [ 226.049584] ? lock_acquire+0x427/0x4c0 [ 226.049962] ? __pfx_lock_release+0x10/0x10 [ 226.050388] ? __kasan_check_write+0x18/0x20 [ 226.050774] ? do_raw_spin_lock+0x132/0x2a0 [ 226.051131] ? __pfx_do_exit+0x10/0x10 [ 226.051455] ? debug_smp_processor_id+0x20/0x30 [ 226.051858] ? rcu_is_watching+0x19/0xb0 [ 226.052312] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.052693] ? trace_hardirqs_on+0x26/0x120 [ 226.053053] do_group_exit+0xe0/0x2b0 [ 226.053367] __x64_sys_exit_group+0x47/0x50 [ 226.053753] do_syscall_64+0x3b/0x90 [ 226.054176] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.054634] RIP: 0033:0x7f4b87518a4d [ 226.054944] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.055454] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.056140] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.056805] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.057384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.058023] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.058701] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.059299] [ 226.059488] irq event stamp: 0 [ 226.059752] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.060316] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.061067] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.061737] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.062349] ---[ end trace 0000000000000000 ]--- [ 226.063114] ------------[ cut here ]------------ [ 226.063514] WARNING: CPU: 1 PID: 2161 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.064408] Modules linked in: [ 226.064753] CPU: 1 PID: 2161 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.065448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.066356] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.066814] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.068298] RSP: 0018:ffff888020dbfb78 EFLAGS: 00010246 [ 226.068728] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.069292] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 226.069858] RBP: ffff888020dbfb98 R08: ffffed1002f1323e R09: ffffed1002f1323e [ 226.070423] R10: ffff8880178991ef R11: ffffed1002f1323d R12: ffff888017899290 [ 226.071016] R13: ffff8880178990a8 R14: ffffffffffffffff R15: ffff888020dbfc60 [ 226.071598] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.072239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.072701] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 226.073277] PKRU: 55555554 [ 226.073507] Call Trace: [ 226.073713] [ 226.073899] iommufd_ioas_destroy+0x53/0x70 [ 226.074252] iommufd_fops_release+0x1f7/0x370 [ 226.074641] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.075044] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.075447] ? write_comp_data+0x2f/0x90 [ 226.075783] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.076185] __fput+0x26d/0xa40 [ 226.076465] ____fput+0x1e/0x30 [ 226.076740] task_work_run+0x1a4/0x2d0 [ 226.077061] ? __pfx_task_work_run+0x10/0x10 [ 226.077427] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.077820] ? switch_task_namespaces+0xa9/0xe0 [ 226.078203] do_exit+0xb17/0x2ef0 [ 226.078486] ? lock_acquire+0x427/0x4c0 [ 226.078844] ? __pfx_lock_release+0x10/0x10 [ 226.079238] ? __kasan_check_write+0x18/0x20 [ 226.079599] ? do_raw_spin_lock+0x132/0x2a0 [ 226.079946] ? __pfx_do_exit+0x10/0x10 [ 226.080270] ? debug_smp_processor_id+0x20/0x30 [ 226.080646] ? rcu_is_watching+0x19/0xb0 [ 226.080975] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.081342] ? trace_hardirqs_on+0x26/0x120 [ 226.081695] do_group_exit+0xe0/0x2b0 [ 226.082001] __x64_sys_exit_group+0x47/0x50 [ 226.082347] do_syscall_64+0x3b/0x90 [ 226.082677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.083099] RIP: 0033:0x7f4b87518a4d [ 226.083409] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.083901] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.084506] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.085074] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.085645] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.086209] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.086796] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.087387] [ 226.087574] irq event stamp: 0 [ 226.087825] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.088324] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.088986] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.089653] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.090151] ---[ end trace 0000000000000000 ]--- [ 226.095563] ------------[ cut here ]------------ [ 226.096137] WARNING: CPU: 0 PID: 2162 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.097259] Modules linked in: [ 226.097624] CPU: 0 PID: 2162 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.099044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.100310] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.100870] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.102898] RSP: 0018:ffff88801672fbb8 EFLAGS: 00010246 [ 226.103510] RAX: 0000000000000000 RBX: ffff888011d9d8a8 RCX: 0000000000000000 [ 226.104294] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 226.105077] RBP: ffff88801672fbd0 R08: ffffed10023b3b33 R09: ffffed10023b3b33 [ 226.105863] R10: ffff888011d9d993 R11: ffffed10023b3b32 R12: ffff88800fcb2000 [ 226.106681] R13: ffff888011d9d9e8 R14: ffffffff8352e670 R15: ffff88801672fe68 [ 226.107485] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.108366] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.109007] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 226.109791] PKRU: 55555554 [ 226.110112] Call Trace: [ 226.110405] [ 226.110699] __iommufd_access_detach+0x1c2/0x2b0 [ 226.111273] iommufd_access_change_pt+0x149/0x270 [ 226.111830] iommufd_access_replace+0xb4/0x120 [ 226.112359] iommufd_test+0x3e5/0x37e0 [ 226.112798] ? lock_release+0x532/0x770 [ 226.113259] ? __might_fault+0x102/0x1b0 [ 226.113725] ? lock_acquire+0x427/0x4c0 [ 226.114185] ? __pfx_iommufd_test+0x10/0x10 [ 226.114703] ? __pfx_lock_release+0x10/0x10 [ 226.115318] ? __pfx_lock_acquire+0x10/0x10 [ 226.115674] ? write_comp_data+0x2f/0x90 [ 226.115994] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.116370] ? write_comp_data+0x2f/0x90 [ 226.116693] iommufd_fops_ioctl+0x37d/0x510 [ 226.117027] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.117404] ? write_comp_data+0x2f/0x90 [ 226.117725] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.118095] __x64_sys_ioctl+0x1a3/0x230 [ 226.118415] do_syscall_64+0x3b/0x90 [ 226.118734] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.119150] RIP: 0033:0x7f4b8743ee5d [ 226.119438] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.120820] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.121489] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.122143] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.122705] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.123254] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.123793] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.124340] [ 226.124518] irq event stamp: 0 [ 226.124763] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.125243] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.125879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.126529] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.127008] ---[ end trace 0000000000000000 ]--- [ 226.130197] ------------[ cut here ]------------ [ 226.130602] WARNING: CPU: 0 PID: 2162 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.131391] Modules linked in: [ 226.131638] CPU: 0 PID: 2162 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.132390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.133357] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.133741] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.135146] RSP: 0018:ffff88801672fbd0 EFLAGS: 00010246 [ 226.135555] RAX: 0000000000000000 RBX: ffff888011d9d8a8 RCX: 0000000000000000 [ 226.136269] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 226.136809] RBP: ffff88801672fbe8 R08: ffffed10023b3b33 R09: ffffed10023b3b33 [ 226.137346] R10: ffff888011d9d993 R11: ffffed10023b3b32 R12: ffff888017066c00 [ 226.137884] R13: ffff888011d9d9e8 R14: ffff88801344b500 R15: 0000000000000000 [ 226.138420] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.139229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.139671] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.140211] PKRU: 55555554 [ 226.140426] Call Trace: [ 226.140621] [ 226.140793] iommufd_access_destroy_object+0x65/0x170 [ 226.141190] iommufd_object_destroy_user+0x18e/0x220 [ 226.141584] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.142073] iommufd_access_destroy+0x43/0x70 [ 226.142573] iommufd_test_staccess_release+0x8d/0xd0 [ 226.142973] __fput+0x26d/0xa40 [ 226.143252] ____fput+0x1e/0x30 [ 226.143515] task_work_run+0x1a4/0x2d0 [ 226.143822] ? __pfx_task_work_run+0x10/0x10 [ 226.144164] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.144543] ? switch_task_namespaces+0xa9/0xe0 [ 226.144910] do_exit+0xb17/0x2ef0 [ 226.145177] ? lock_acquire+0x427/0x4c0 [ 226.145560] ? __pfx_lock_release+0x10/0x10 [ 226.146010] ? __kasan_check_write+0x18/0x20 [ 226.146352] ? do_raw_spin_lock+0x132/0x2a0 [ 226.146707] ? __pfx_do_exit+0x10/0x10 [ 226.147017] ? debug_smp_processor_id+0x20/0x30 [ 226.147404] ? rcu_is_watching+0x19/0xb0 [ 226.147719] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.148070] ? trace_hardirqs_on+0x26/0x120 [ 226.148408] do_group_exit+0xe0/0x2b0 [ 226.148702] __x64_sys_exit_group+0x47/0x50 [ 226.149031] do_syscall_64+0x3b/0x90 [ 226.149394] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.149916] RIP: 0033:0x7f4b87518a4d [ 226.150203] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.150700] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.151291] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.151831] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.152370] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.152980] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.153621] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.154169] [ 226.154348] irq event stamp: 0 [ 226.154610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.155095] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.155739] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.156449] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.157002] ---[ end trace 0000000000000000 ]--- [ 226.157684] ------------[ cut here ]------------ [ 226.158044] WARNING: CPU: 0 PID: 2162 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.158840] Modules linked in: [ 226.159089] CPU: 0 PID: 2162 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.159801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.160786] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.161184] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.162623] RSP: 0018:ffff88801672fb78 EFLAGS: 00010246 [ 226.163146] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.163689] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 226.164229] RBP: ffff88801672fb98 R08: ffffed10023b3b3e R09: ffffed10023b3b3e [ 226.164766] R10: ffff888011d9d9ef R11: ffffed10023b3b3d R12: ffff888011d9da90 [ 226.165308] R13: ffff888011d9d8a8 R14: ffffffffffffffff R15: ffff88801672fc60 [ 226.165878] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.166645] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.167093] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.167646] PKRU: 55555554 [ 226.167864] Call Trace: [ 226.168058] [ 226.168233] iommufd_ioas_destroy+0x53/0x70 [ 226.168572] iommufd_fops_release+0x1f7/0x370 [ 226.168925] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.169388] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.169847] ? write_comp_data+0x2f/0x90 [ 226.170168] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.170576] __fput+0x26d/0xa40 [ 226.170844] ____fput+0x1e/0x30 [ 226.171105] task_work_run+0x1a4/0x2d0 [ 226.171419] ? __pfx_task_work_run+0x10/0x10 [ 226.171765] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.172141] ? switch_task_namespaces+0xa9/0xe0 [ 226.172512] do_exit+0xb17/0x2ef0 [ 226.172782] ? lock_acquire+0x427/0x4c0 [ 226.173169] ? __pfx_lock_release+0x10/0x10 [ 226.173591] ? __kasan_check_write+0x18/0x20 [ 226.173933] ? do_raw_spin_lock+0x132/0x2a0 [ 226.174263] ? __pfx_do_exit+0x10/0x10 [ 226.174594] ? debug_smp_processor_id+0x20/0x30 [ 226.174955] ? rcu_is_watching+0x19/0xb0 [ 226.175283] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.175639] ? trace_hardirqs_on+0x26/0x120 [ 226.175980] do_group_exit+0xe0/0x2b0 [ 226.176278] __x64_sys_exit_group+0x47/0x50 [ 226.176607] do_syscall_64+0x3b/0x90 [ 226.177072] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.177476] RIP: 0033:0x7f4b87518a4d [ 226.177760] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.178225] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.178816] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.179366] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.179906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.180464] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.181139] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.181691] [ 226.181873] irq event stamp: 0 [ 226.182113] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.182609] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.183257] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.183891] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.184525] ---[ end trace 0000000000000000 ]--- [ 226.190009] ------------[ cut here ]------------ [ 226.190383] WARNING: CPU: 0 PID: 2163 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.191202] Modules linked in: [ 226.191450] CPU: 0 PID: 2163 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.192112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.193126] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.193508] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.194948] RSP: 0018:ffff888015b8fbb8 EFLAGS: 00010246 [ 226.195373] RAX: 0000000000000000 RBX: ffff8880171bd0a8 RCX: 0000000000000000 [ 226.196057] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 226.196603] RBP: ffff888015b8fbd0 R08: ffffed1002e37a33 R09: ffffed1002e37a33 [ 226.197142] R10: ffff8880171bd193 R11: ffffed1002e37a32 R12: ffff888010c0b800 [ 226.197678] R13: ffff8880171bd1e8 R14: ffffffff8352e670 R15: ffff888015b8fe68 [ 226.198221] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.198851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.199305] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 226.199856] PKRU: 55555554 [ 226.200077] Call Trace: [ 226.200279] [ 226.200455] __iommufd_access_detach+0x1c2/0x2b0 [ 226.200840] iommufd_access_change_pt+0x149/0x270 [ 226.201225] iommufd_access_replace+0xb4/0x120 [ 226.201593] iommufd_test+0x3e5/0x37e0 [ 226.201900] ? lock_release+0x532/0x770 [ 226.202222] ? __might_fault+0x102/0x1b0 [ 226.202565] ? lock_acquire+0x427/0x4c0 [ 226.202891] ? __pfx_iommufd_test+0x10/0x10 [ 226.203238] ? __pfx_lock_release+0x10/0x10 [ 226.203582] ? __pfx_lock_acquire+0x10/0x10 [ 226.203926] ? write_comp_data+0x2f/0x90 [ 226.204253] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.204639] ? write_comp_data+0x2f/0x90 [ 226.204965] iommufd_fops_ioctl+0x37d/0x510 [ 226.205306] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.205694] ? write_comp_data+0x2f/0x90 [ 226.206020] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.206398] __x64_sys_ioctl+0x1a3/0x230 [ 226.206741] do_syscall_64+0x3b/0x90 [ 226.207042] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.207465] RIP: 0033:0x7f4b8743ee5d [ 226.207759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.209166] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.209755] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.210304] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.210875] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.211443] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.211998] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.212563] [ 226.212744] irq event stamp: 0 [ 226.212988] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.213473] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.214126] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.214795] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.215289] ---[ end trace 0000000000000000 ]--- [ 226.218259] ------------[ cut here ]------------ [ 226.218751] WARNING: CPU: 0 PID: 2163 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.219581] Modules linked in: [ 226.219892] CPU: 0 PID: 2163 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.220760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.221643] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.222045] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.223747] RSP: 0018:ffff888015b8fbd0 EFLAGS: 00010246 [ 226.224186] RAX: 0000000000000000 RBX: ffff8880171bd0a8 RCX: 0000000000000000 [ 226.224758] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 226.225328] RBP: ffff888015b8fbe8 R08: ffffed1002e37a33 R09: ffffed1002e37a33 [ 226.225894] R10: ffff8880171bd193 R11: ffffed1002e37a32 R12: ffff88800fcb1400 [ 226.226453] R13: ffff8880171bd1e8 R14: ffff88801239d300 R15: 0000000000000000 [ 226.227239] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.227886] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.228355] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.228928] PKRU: 55555554 [ 226.229156] Call Trace: [ 226.229363] [ 226.229542] iommufd_access_destroy_object+0x65/0x170 [ 226.229960] iommufd_object_destroy_user+0x18e/0x220 [ 226.230430] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.231047] iommufd_access_destroy+0x43/0x70 [ 226.231433] iommufd_test_staccess_release+0x8d/0xd0 [ 226.231852] __fput+0x26d/0xa40 [ 226.232136] ____fput+0x1e/0x30 [ 226.232411] task_work_run+0x1a4/0x2d0 [ 226.232737] ? __pfx_task_work_run+0x10/0x10 [ 226.233091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.233484] ? switch_task_namespaces+0xa9/0xe0 [ 226.233872] do_exit+0xb17/0x2ef0 [ 226.234192] ? lock_acquire+0x427/0x4c0 [ 226.234736] ? __pfx_lock_release+0x10/0x10 [ 226.235098] ? __kasan_check_write+0x18/0x20 [ 226.235486] ? do_raw_spin_lock+0x132/0x2a0 [ 226.235855] ? __pfx_do_exit+0x10/0x10 [ 226.236192] ? debug_smp_processor_id+0x20/0x30 [ 226.236585] ? rcu_is_watching+0x19/0xb0 [ 226.236925] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.237306] ? trace_hardirqs_on+0x26/0x120 [ 226.237671] do_group_exit+0xe0/0x2b0 [ 226.237999] __x64_sys_exit_group+0x47/0x50 [ 226.238464] do_syscall_64+0x3b/0x90 [ 226.238933] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.239390] RIP: 0033:0x7f4b87518a4d [ 226.239706] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.240220] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.240882] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.241497] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.242103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.242961] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.243581] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.244194] [ 226.244399] irq event stamp: 0 [ 226.244670] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.245204] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.245913] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.246850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.247399] ---[ end trace 0000000000000000 ]--- [ 226.248146] ------------[ cut here ]------------ [ 226.248546] WARNING: CPU: 0 PID: 2163 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.249413] Modules linked in: [ 226.249690] CPU: 0 PID: 2163 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.250681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.251652] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.252093] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.253645] RSP: 0018:ffff888015b8fb78 EFLAGS: 00010246 [ 226.254196] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.254941] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 226.255578] RBP: ffff888015b8fb98 R08: ffffed1002e37a3e R09: ffffed1002e37a3e [ 226.256189] R10: ffff8880171bd1ef R11: ffffed1002e37a3d R12: ffff8880171bd290 [ 226.256798] R13: ffff8880171bd0a8 R14: ffffffffffffffff R15: ffff888015b8fc60 [ 226.257400] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.258178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.258842] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.259504] PKRU: 55555554 [ 226.259761] Call Trace: [ 226.259989] [ 226.260192] iommufd_ioas_destroy+0x53/0x70 [ 226.260591] iommufd_fops_release+0x1f7/0x370 [ 226.261006] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.261470] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.261925] ? write_comp_data+0x2f/0x90 [ 226.262423] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.263102] __fput+0x26d/0xa40 [ 226.263439] ____fput+0x1e/0x30 [ 226.263747] task_work_run+0x1a4/0x2d0 [ 226.264108] ? __pfx_task_work_run+0x10/0x10 [ 226.264512] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.264955] ? switch_task_namespaces+0xa9/0xe0 [ 226.265389] do_exit+0xb17/0x2ef0 [ 226.265711] ? lock_acquire+0x427/0x4c0 [ 226.266092] ? __pfx_lock_release+0x10/0x10 [ 226.266494] ? __kasan_check_write+0x18/0x20 [ 226.267072] ? do_raw_spin_lock+0x132/0x2a0 [ 226.267631] ? __pfx_do_exit+0x10/0x10 [ 226.267997] ? debug_smp_processor_id+0x20/0x30 [ 226.268425] ? rcu_is_watching+0x19/0xb0 [ 226.268798] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.269207] ? trace_hardirqs_on+0x26/0x120 [ 226.269602] do_group_exit+0xe0/0x2b0 [ 226.269949] __x64_sys_exit_group+0x47/0x50 [ 226.270337] do_syscall_64+0x3b/0x90 [ 226.270720] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.271216] RIP: 0033:0x7f4b87518a4d [ 226.271560] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.272407] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.273090] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.273731] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.274379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.275105] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.275828] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.276697] [ 226.276913] irq event stamp: 0 [ 226.277200] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.277773] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.278576] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.279360] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.280082] ---[ end trace 0000000000000000 ]--- [ 226.285736] ------------[ cut here ]------------ [ 226.286215] WARNING: CPU: 0 PID: 2164 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.287238] Modules linked in: [ 226.287537] CPU: 0 PID: 2164 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.288340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.289365] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.289819] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.291750] RSP: 0018:ffff888024567bb8 EFLAGS: 00010246 [ 226.292243] RAX: 0000000000000000 RBX: ffff88800f7658a8 RCX: 0000000000000000 [ 226.292888] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 226.293533] RBP: ffff888024567bd0 R08: ffffed1001eecb33 R09: ffffed1001eecb33 [ 226.294179] R10: ffff88800f765993 R11: ffffed1001eecb32 R12: ffff88800a726800 [ 226.294870] R13: ffff88800f7659e8 R14: ffffffff8352e670 R15: ffff888024567e68 [ 226.295529] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.296264] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.296795] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 226.297449] PKRU: 55555554 [ 226.297714] Call Trace: [ 226.297951] [ 226.298165] __iommufd_access_detach+0x1c2/0x2b0 [ 226.298646] iommufd_access_change_pt+0x149/0x270 [ 226.299097] iommufd_access_replace+0xb4/0x120 [ 226.299558] iommufd_test+0x3e5/0x37e0 [ 226.299916] ? lock_release+0x532/0x770 [ 226.300293] ? __might_fault+0x102/0x1b0 [ 226.300675] ? lock_acquire+0x427/0x4c0 [ 226.301048] ? __pfx_iommufd_test+0x10/0x10 [ 226.301443] ? __pfx_lock_release+0x10/0x10 [ 226.301850] ? __pfx_lock_acquire+0x10/0x10 [ 226.302259] ? write_comp_data+0x2f/0x90 [ 226.302669] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.303135] ? write_comp_data+0x2f/0x90 [ 226.303528] iommufd_fops_ioctl+0x37d/0x510 [ 226.303934] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.304385] ? write_comp_data+0x2f/0x90 [ 226.304772] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.305218] __x64_sys_ioctl+0x1a3/0x230 [ 226.305600] do_syscall_64+0x3b/0x90 [ 226.305950] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.306432] RIP: 0033:0x7f4b8743ee5d [ 226.306801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.308491] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.309191] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.309843] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.310489] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.311200] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.311854] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.312517] [ 226.312732] irq event stamp: 0 [ 226.313022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.313600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.314362] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.315159] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.315755] ---[ end trace 0000000000000000 ]--- [ 226.318914] ------------[ cut here ]------------ [ 226.319410] WARNING: CPU: 0 PID: 2164 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.320327] Modules linked in: [ 226.320621] CPU: 0 PID: 2164 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.321415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.322433] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.322920] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.324591] RSP: 0018:ffff888024567bd0 EFLAGS: 00010246 [ 226.325078] RAX: 0000000000000000 RBX: ffff88800f7658a8 RCX: 0000000000000000 [ 226.325725] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 226.326373] RBP: ffff888024567be8 R08: ffffed1001eecb33 R09: ffffed1001eecb33 [ 226.327054] R10: ffff88800f765993 R11: ffffed1001eecb32 R12: ffff888010c08400 [ 226.327726] R13: ffff88800f7659e8 R14: ffff88800ca5a300 R15: 0000000000000000 [ 226.328385] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.329120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.329653] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.330302] PKRU: 55555554 [ 226.330600] Call Trace: [ 226.330840] [ 226.331051] iommufd_access_destroy_object+0x65/0x170 [ 226.331549] iommufd_object_destroy_user+0x18e/0x220 [ 226.332024] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.332561] iommufd_access_destroy+0x43/0x70 [ 226.332982] iommufd_test_staccess_release+0x8d/0xd0 [ 226.333453] __fput+0x26d/0xa40 [ 226.333775] ____fput+0x1e/0x30 [ 226.334087] task_work_run+0x1a4/0x2d0 [ 226.334452] ? __pfx_task_work_run+0x10/0x10 [ 226.334896] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.335362] ? switch_task_namespaces+0xa9/0xe0 [ 226.335796] do_exit+0xb17/0x2ef0 [ 226.336117] ? lock_acquire+0x427/0x4c0 [ 226.336489] ? __pfx_lock_release+0x10/0x10 [ 226.336892] ? __kasan_check_write+0x18/0x20 [ 226.337299] ? do_raw_spin_lock+0x132/0x2a0 [ 226.337695] ? __pfx_do_exit+0x10/0x10 [ 226.338057] ? debug_smp_processor_id+0x20/0x30 [ 226.338485] ? rcu_is_watching+0x19/0xb0 [ 226.338885] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.339318] ? trace_hardirqs_on+0x26/0x120 [ 226.339718] do_group_exit+0xe0/0x2b0 [ 226.340068] __x64_sys_exit_group+0x47/0x50 [ 226.340460] do_syscall_64+0x3b/0x90 [ 226.340820] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.341302] RIP: 0033:0x7f4b87518a4d [ 226.341639] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.342195] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.342899] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.343568] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.344219] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.344864] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.345510] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.346163] [ 226.346379] irq event stamp: 0 [ 226.346690] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.347269] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.348033] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.348791] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.349360] ---[ end trace 0000000000000000 ]--- [ 226.350188] ------------[ cut here ]------------ [ 226.350641] WARNING: CPU: 0 PID: 2164 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.351587] Modules linked in: [ 226.351879] CPU: 0 PID: 2164 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.352675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.353693] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.354160] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.355860] RSP: 0018:ffff888024567b78 EFLAGS: 00010246 [ 226.356347] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.356993] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 226.357637] RBP: ffff888024567b98 R08: ffffed1001eecb3e R09: ffffed1001eecb3e [ 226.358280] R10: ffff88800f7659ef R11: ffffed1001eecb3d R12: ffff88800f765a90 [ 226.358937] R13: ffff88800f7658a8 R14: ffffffffffffffff R15: ffff888024567c60 [ 226.359595] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.360324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.360856] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.361502] PKRU: 55555554 [ 226.361759] Call Trace: [ 226.361990] [ 226.362196] iommufd_ioas_destroy+0x53/0x70 [ 226.362617] iommufd_fops_release+0x1f7/0x370 [ 226.363034] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.363507] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.363959] ? write_comp_data+0x2f/0x90 [ 226.364339] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.364797] __fput+0x26d/0xa40 [ 226.365114] ____fput+0x1e/0x30 [ 226.365427] task_work_run+0x1a4/0x2d0 [ 226.365793] ? __pfx_task_work_run+0x10/0x10 [ 226.366200] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.366672] ? switch_task_namespaces+0xa9/0xe0 [ 226.367107] do_exit+0xb17/0x2ef0 [ 226.367528] ? lock_acquire+0x427/0x4c0 [ 226.367917] ? __pfx_lock_release+0x10/0x10 [ 226.368334] ? __kasan_check_write+0x18/0x20 [ 226.368765] ? do_raw_spin_lock+0x132/0x2a0 [ 226.369173] ? __pfx_do_exit+0x10/0x10 [ 226.369548] ? debug_smp_processor_id+0x20/0x30 [ 226.369989] ? rcu_is_watching+0x19/0xb0 [ 226.370378] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.370854] ? trace_hardirqs_on+0x26/0x120 [ 226.371284] do_group_exit+0xe0/0x2b0 [ 226.371649] __x64_sys_exit_group+0x47/0x50 [ 226.372057] do_syscall_64+0x3b/0x90 [ 226.372416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.372906] RIP: 0033:0x7f4b87518a4d [ 226.373248] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.373816] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.374552] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.375230] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.375900] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.376580] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.377916] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.378649] [ 226.378871] irq event stamp: 0 [ 226.379190] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.379775] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.380552] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.381628] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.382231] ---[ end trace 0000000000000000 ]--- [ 226.386500] ------------[ cut here ]------------ [ 226.387019] WARNING: CPU: 0 PID: 2165 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.387983] Modules linked in: [ 226.388364] CPU: 0 PID: 2165 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.389345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.390396] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.390905] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.392690] RSP: 0018:ffff888015b8fbb8 EFLAGS: 00010246 [ 226.393331] RAX: 0000000000000000 RBX: ffff888010a4e0a8 RCX: 0000000000000000 [ 226.394107] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 226.394795] RBP: ffff888015b8fbd0 R08: ffffed1002149c33 R09: ffffed1002149c33 [ 226.395485] R10: ffff888010a4e193 R11: ffffed1002149c32 R12: ffff888010c6c400 [ 226.396154] R13: ffff888010a4e1e8 R14: ffffffff8352e670 R15: ffff888015b8fe68 [ 226.396906] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.397989] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.398577] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 226.399272] PKRU: 55555554 [ 226.399542] Call Trace: [ 226.399785] [ 226.400000] __iommufd_access_detach+0x1c2/0x2b0 [ 226.400467] iommufd_access_change_pt+0x149/0x270 [ 226.400939] iommufd_access_replace+0xb4/0x120 [ 226.401498] iommufd_test+0x3e5/0x37e0 [ 226.402042] ? lock_release+0x532/0x770 [ 226.402438] ? __might_fault+0x102/0x1b0 [ 226.402869] ? lock_acquire+0x427/0x4c0 [ 226.403281] ? __pfx_iommufd_test+0x10/0x10 [ 226.403693] ? __pfx_lock_release+0x10/0x10 [ 226.404115] ? __pfx_lock_acquire+0x10/0x10 [ 226.404537] ? write_comp_data+0x2f/0x90 [ 226.404941] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.405414] ? write_comp_data+0x2f/0x90 [ 226.405939] iommufd_fops_ioctl+0x37d/0x510 [ 226.406594] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.407069] ? write_comp_data+0x2f/0x90 [ 226.407482] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.407944] __x64_sys_ioctl+0x1a3/0x230 [ 226.408340] do_syscall_64+0x3b/0x90 [ 226.408709] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.409211] RIP: 0033:0x7f4b8743ee5d [ 226.409627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.411674] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.412405] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.413075] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.413748] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.414773] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.415456] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.416140] [ 226.416360] irq event stamp: 0 [ 226.416658] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.417260] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.418214] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.419216] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.419822] ---[ end trace 0000000000000000 ]--- [ 226.423279] ------------[ cut here ]------------ [ 226.423772] WARNING: CPU: 0 PID: 2165 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.424736] Modules linked in: [ 226.425040] CPU: 0 PID: 2165 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.426038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.427336] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.427827] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.429539] RSP: 0018:ffff888015b8fbd0 EFLAGS: 00010246 [ 226.430050] RAX: 0000000000000000 RBX: ffff888010a4e0a8 RCX: 0000000000000000 [ 226.430761] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 226.431464] RBP: ffff888015b8fbe8 R08: ffffed1002149c33 R09: ffffed1002149c33 [ 226.432139] R10: ffff888010a4e193 R11: ffffed1002149c32 R12: ffff88800a725c00 [ 226.432813] R13: ffff888010a4e1e8 R14: ffff888011d6da00 R15: 0000000000000000 [ 226.433489] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.434245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.434823] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 226.435515] PKRU: 55555554 [ 226.435786] Call Trace: [ 226.436030] [ 226.436248] iommufd_access_destroy_object+0x65/0x170 [ 226.436748] iommufd_object_destroy_user+0x18e/0x220 [ 226.437237] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.437791] iommufd_access_destroy+0x43/0x70 [ 226.438229] iommufd_test_staccess_release+0x8d/0xd0 [ 226.438759] __fput+0x26d/0xa40 [ 226.439090] ____fput+0x1e/0x30 [ 226.439424] task_work_run+0x1a4/0x2d0 [ 226.439808] ? __pfx_task_work_run+0x10/0x10 [ 226.440230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.440694] ? switch_task_namespaces+0xa9/0xe0 [ 226.441148] do_exit+0xb17/0x2ef0 [ 226.441479] ? lock_acquire+0x427/0x4c0 [ 226.441874] ? __pfx_lock_release+0x10/0x10 [ 226.442296] ? __kasan_check_write+0x18/0x20 [ 226.442759] ? do_raw_spin_lock+0x132/0x2a0 [ 226.443185] ? __pfx_do_exit+0x10/0x10 [ 226.443568] ? debug_smp_processor_id+0x20/0x30 [ 226.444010] ? rcu_is_watching+0x19/0xb0 [ 226.444399] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.444837] ? trace_hardirqs_on+0x26/0x120 [ 226.445252] do_group_exit+0xe0/0x2b0 [ 226.445620] __x64_sys_exit_group+0x47/0x50 [ 226.446027] do_syscall_64+0x3b/0x90 [ 226.446391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.446919] RIP: 0033:0x7f4b87518a4d [ 226.447288] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.447864] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.448581] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.449250] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.449915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.450605] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.451284] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.451970] [ 226.452192] irq event stamp: 0 [ 226.452490] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.453083] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.453862] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.454668] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.455277] ---[ end trace 0000000000000000 ]--- [ 226.456356] ------------[ cut here ]------------ [ 226.456987] WARNING: CPU: 0 PID: 2165 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.457963] Modules linked in: [ 226.458276] CPU: 0 PID: 2165 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.459321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.460395] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.461011] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.462941] RSP: 0018:ffff888015b8fb78 EFLAGS: 00010246 [ 226.463480] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.464154] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 226.464885] RBP: ffff888015b8fb98 R08: ffffed1002149c3e R09: ffffed1002149c3e [ 226.465816] R10: ffff888010a4e1ef R11: ffffed1002149c3d R12: ffff888010a4e290 [ 226.466483] R13: ffff888010a4e0a8 R14: ffffffffffffffff R15: ffff888015b8fc60 [ 226.467193] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.467943] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.468493] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 226.469166] PKRU: 55555554 [ 226.469434] Call Trace: [ 226.469676] [ 226.469939] iommufd_ioas_destroy+0x53/0x70 [ 226.470604] iommufd_fops_release+0x1f7/0x370 [ 226.471037] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.471517] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.471981] ? write_comp_data+0x2f/0x90 [ 226.472371] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.472846] __fput+0x26d/0xa40 [ 226.473175] ____fput+0x1e/0x30 [ 226.473496] task_work_run+0x1a4/0x2d0 [ 226.473874] ? __pfx_task_work_run+0x10/0x10 [ 226.474332] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.475041] ? switch_task_namespaces+0xa9/0xe0 [ 226.475507] do_exit+0xb17/0x2ef0 [ 226.475839] ? lock_acquire+0x427/0x4c0 [ 226.476227] ? __pfx_lock_release+0x10/0x10 [ 226.476642] ? __kasan_check_write+0x18/0x20 [ 226.477056] ? do_raw_spin_lock+0x132/0x2a0 [ 226.477458] ? __pfx_do_exit+0x10/0x10 [ 226.477835] ? debug_smp_processor_id+0x20/0x30 [ 226.478284] ? rcu_is_watching+0x19/0xb0 [ 226.478695] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.479139] ? trace_hardirqs_on+0x26/0x120 [ 226.479554] do_group_exit+0xe0/0x2b0 [ 226.479913] __x64_sys_exit_group+0x47/0x50 [ 226.480418] do_syscall_64+0x3b/0x90 [ 226.480907] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.481552] RIP: 0033:0x7f4b87518a4d [ 226.481906] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.482482] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.483239] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.483906] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.484568] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.485233] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.486038] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.486961] [ 226.487199] irq event stamp: 0 [ 226.487492] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.488082] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.488870] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.489638] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.490223] ---[ end trace 0000000000000000 ]--- [ 226.495223] ------------[ cut here ]------------ [ 226.495830] WARNING: CPU: 0 PID: 2166 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.496947] Modules linked in: [ 226.497254] CPU: 0 PID: 2166 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.498071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.499185] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.499654] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.501568] RSP: 0018:ffff8880182afbb8 EFLAGS: 00010246 [ 226.502064] RAX: 0000000000000000 RBX: ffff8880187740a8 RCX: 0000000000000000 [ 226.502751] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 226.503434] RBP: ffff8880182afbd0 R08: ffffed10030ee833 R09: ffffed10030ee833 [ 226.504096] R10: ffff888018774193 R11: ffffed10030ee832 R12: ffff888012a1d800 [ 226.504758] R13: ffff8880187741e8 R14: ffffffff8352e670 R15: ffff8880182afe68 [ 226.505413] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.506160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.506725] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 226.507402] PKRU: 55555554 [ 226.507662] Call Trace: [ 226.507899] [ 226.508106] __iommufd_access_detach+0x1c2/0x2b0 [ 226.508565] iommufd_access_change_pt+0x149/0x270 [ 226.509032] iommufd_access_replace+0xb4/0x120 [ 226.509472] iommufd_test+0x3e5/0x37e0 [ 226.509840] ? lock_release+0x532/0x770 [ 226.510224] ? __might_fault+0x102/0x1b0 [ 226.510633] ? lock_acquire+0x427/0x4c0 [ 226.511010] ? __pfx_iommufd_test+0x10/0x10 [ 226.511441] ? __pfx_lock_release+0x10/0x10 [ 226.511852] ? __pfx_lock_acquire+0x10/0x10 [ 226.512261] ? write_comp_data+0x2f/0x90 [ 226.512651] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.513119] ? write_comp_data+0x2f/0x90 [ 226.513516] iommufd_fops_ioctl+0x37d/0x510 [ 226.513930] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.514399] ? write_comp_data+0x2f/0x90 [ 226.514815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.515282] __x64_sys_ioctl+0x1a3/0x230 [ 226.515680] do_syscall_64+0x3b/0x90 [ 226.516048] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.516546] RIP: 0033:0x7f4b8743ee5d [ 226.516901] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.518631] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.519356] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.520010] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.520670] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.521330] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.521996] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.522684] [ 226.522906] irq event stamp: 0 [ 226.523212] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.523807] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.524589] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.525370] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.525959] ---[ end trace 0000000000000000 ]--- [ 226.529368] ------------[ cut here ]------------ [ 226.529823] WARNING: CPU: 0 PID: 2166 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.530854] Modules linked in: [ 226.531171] CPU: 0 PID: 2166 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.532106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.533361] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.533831] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.535770] RSP: 0018:ffff8880182afbd0 EFLAGS: 00010246 [ 226.536269] RAX: 0000000000000000 RBX: ffff8880187740a8 RCX: 0000000000000000 [ 226.536926] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 226.537584] RBP: ffff8880182afbe8 R08: ffffed10030ee833 R09: ffffed10030ee833 [ 226.538244] R10: ffff888018774193 R11: ffffed10030ee832 R12: ffff888010c6c000 [ 226.539011] R13: ffff8880187741e8 R14: ffff88800fd8b100 R15: 0000000000000000 [ 226.539800] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.540537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.541072] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.541728] PKRU: 55555554 [ 226.541990] Call Trace: [ 226.542226] [ 226.542441] iommufd_access_destroy_object+0x65/0x170 [ 226.543092] iommufd_object_destroy_user+0x18e/0x220 [ 226.543684] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.544225] iommufd_access_destroy+0x43/0x70 [ 226.544649] iommufd_test_staccess_release+0x8d/0xd0 [ 226.545128] __fput+0x26d/0xa40 [ 226.545450] ____fput+0x1e/0x30 [ 226.545765] task_work_run+0x1a4/0x2d0 [ 226.546136] ? __pfx_task_work_run+0x10/0x10 [ 226.546578] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.547186] ? switch_task_namespaces+0xa9/0xe0 [ 226.547766] do_exit+0xb17/0x2ef0 [ 226.548089] ? lock_acquire+0x427/0x4c0 [ 226.548471] ? __pfx_lock_release+0x10/0x10 [ 226.548878] ? __kasan_check_write+0x18/0x20 [ 226.549292] ? do_raw_spin_lock+0x132/0x2a0 [ 226.549692] ? __pfx_do_exit+0x10/0x10 [ 226.550065] ? debug_smp_processor_id+0x20/0x30 [ 226.550535] ? rcu_is_watching+0x19/0xb0 [ 226.550918] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.551476] ? trace_hardirqs_on+0x26/0x120 [ 226.552038] do_group_exit+0xe0/0x2b0 [ 226.552400] __x64_sys_exit_group+0x47/0x50 [ 226.552798] do_syscall_64+0x3b/0x90 [ 226.553156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.553645] RIP: 0033:0x7f4b87518a4d [ 226.553991] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.554593] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.555527] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.556184] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.556837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.557480] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.558291] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.558943] [ 226.559164] irq event stamp: 0 [ 226.559438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.559988] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.560713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.561643] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.562187] ---[ end trace 0000000000000000 ]--- [ 226.563891] ------------[ cut here ]------------ [ 226.564515] WARNING: CPU: 0 PID: 2166 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.565409] Modules linked in: [ 226.565691] CPU: 0 PID: 2166 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.566448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.567606] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.568055] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.569635] RSP: 0018:ffff8880182afb78 EFLAGS: 00010246 [ 226.570103] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.570744] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 226.571378] RBP: ffff8880182afb98 R08: ffffed10030ee83e R09: ffffed10030ee83e [ 226.572000] R10: ffff8880187741ef R11: ffffed10030ee83d R12: ffff888018774290 [ 226.572613] R13: ffff8880187740a8 R14: ffffffffffffffff R15: ffff8880182afc60 [ 226.573234] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.573927] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.574426] CR2: 00007f82e2b37000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 226.575061] PKRU: 55555554 [ 226.575323] Call Trace: [ 226.575554] [ 226.575753] iommufd_ioas_destroy+0x53/0x70 [ 226.576138] iommufd_fops_release+0x1f7/0x370 [ 226.576535] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.576971] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.577401] ? write_comp_data+0x2f/0x90 [ 226.577768] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.578208] __fput+0x26d/0xa40 [ 226.578531] ____fput+0x1e/0x30 [ 226.578831] task_work_run+0x1a4/0x2d0 [ 226.579186] ? __pfx_task_work_run+0x10/0x10 [ 226.579577] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.580004] ? switch_task_namespaces+0xa9/0xe0 [ 226.580420] do_exit+0xb17/0x2ef0 [ 226.580724] ? lock_acquire+0x427/0x4c0 [ 226.581081] ? __pfx_lock_release+0x10/0x10 [ 226.581464] ? __kasan_check_write+0x18/0x20 [ 226.581850] ? do_raw_spin_lock+0x132/0x2a0 [ 226.582226] ? __pfx_do_exit+0x10/0x10 [ 226.582592] ? debug_smp_processor_id+0x20/0x30 [ 226.583002] ? rcu_is_watching+0x19/0xb0 [ 226.583375] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.583779] ? trace_hardirqs_on+0x26/0x120 [ 226.584161] do_group_exit+0xe0/0x2b0 [ 226.584496] __x64_sys_exit_group+0x47/0x50 [ 226.584873] do_syscall_64+0x3b/0x90 [ 226.585209] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.585681] RIP: 0033:0x7f4b87518a4d [ 226.586007] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.586560] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.587228] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.587846] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.588465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.589076] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.589691] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.590312] [ 226.590536] irq event stamp: 0 [ 226.590813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.591375] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.592095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.592815] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.593357] ---[ end trace 0000000000000000 ]--- [ 226.600544] ------------[ cut here ]------------ [ 226.601123] WARNING: CPU: 1 PID: 2167 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.602570] Modules linked in: [ 226.602949] CPU: 1 PID: 2167 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.603975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.605435] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.606324] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.608581] RSP: 0018:ffff888015a77bb8 EFLAGS: 00010246 [ 226.609208] RAX: 0000000000000000 RBX: ffff8880165f60a8 RCX: 0000000000000000 [ 226.610187] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 226.611023] RBP: ffff888015a77bd0 R08: ffffed1002cbec33 R09: ffffed1002cbec33 [ 226.611943] R10: ffff8880165f6193 R11: ffffed1002cbec32 R12: ffff88800fcb3400 [ 226.612746] R13: ffff8880165f61e8 R14: ffffffff8352e670 R15: ffff888015a77e68 [ 226.613646] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.614593] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.615369] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 226.616178] PKRU: 55555554 [ 226.616504] Call Trace: [ 226.616811] [ 226.617139] __iommufd_access_detach+0x1c2/0x2b0 [ 226.617706] iommufd_access_change_pt+0x149/0x270 [ 226.618270] iommufd_access_replace+0xb4/0x120 [ 226.618903] iommufd_test+0x3e5/0x37e0 [ 226.619374] ? lock_release+0x532/0x770 [ 226.619842] ? __might_fault+0x102/0x1b0 [ 226.620318] ? lock_acquire+0x427/0x4c0 [ 226.620875] ? __pfx_iommufd_test+0x10/0x10 [ 226.621363] ? __pfx_lock_release+0x10/0x10 [ 226.621864] ? __pfx_lock_acquire+0x10/0x10 [ 226.622432] ? write_comp_data+0x2f/0x90 [ 226.622964] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.623545] ? write_comp_data+0x2f/0x90 [ 226.624048] iommufd_fops_ioctl+0x37d/0x510 [ 226.624604] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.625168] ? write_comp_data+0x2f/0x90 [ 226.625649] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.626209] __x64_sys_ioctl+0x1a3/0x230 [ 226.626796] do_syscall_64+0x3b/0x90 [ 226.627265] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.627868] RIP: 0033:0x7f4b8743ee5d [ 226.628299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.630326] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.631237] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.632043] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.632845] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.633647] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.634443] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.635373] [ 226.635629] irq event stamp: 0 [ 226.635967] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.636770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.637542] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.638354] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.639178] ---[ end trace 0000000000000000 ]--- [ 226.643455] ------------[ cut here ]------------ [ 226.643984] WARNING: CPU: 1 PID: 2167 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.645163] Modules linked in: [ 226.645500] CPU: 1 PID: 2167 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.646440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.647769] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.648320] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.650152] RSP: 0018:ffff888015a77bd0 EFLAGS: 00010246 [ 226.650741] RAX: 0000000000000000 RBX: ffff8880165f60a8 RCX: 0000000000000000 [ 226.651508] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 226.652211] RBP: ffff888015a77be8 R08: ffffed1002cbec33 R09: ffffed1002cbec33 [ 226.652928] R10: ffff8880165f6193 R11: ffffed1002cbec32 R12: ffff888010e01400 [ 226.653631] R13: ffff8880165f61e8 R14: ffff8880138eb100 R15: 0000000000000000 [ 226.654346] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.655207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.655783] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 226.656503] PKRU: 55555554 [ 226.656793] Call Trace: [ 226.657058] [ 226.657301] iommufd_access_destroy_object+0x65/0x170 [ 226.657822] iommufd_object_destroy_user+0x18e/0x220 [ 226.658354] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.658975] iommufd_access_destroy+0x43/0x70 [ 226.659476] iommufd_test_staccess_release+0x8d/0xd0 [ 226.660004] __fput+0x26d/0xa40 [ 226.660334] ____fput+0x1e/0x30 [ 226.660602] task_work_run+0x1a4/0x2d0 [ 226.660961] ? __pfx_task_work_run+0x10/0x10 [ 226.661323] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.661709] ? switch_task_namespaces+0xa9/0xe0 [ 226.662127] do_exit+0xb17/0x2ef0 [ 226.662410] ? lock_acquire+0x427/0x4c0 [ 226.662756] ? __pfx_lock_release+0x10/0x10 [ 226.663183] ? __kasan_check_write+0x18/0x20 [ 226.663633] ? do_raw_spin_lock+0x132/0x2a0 [ 226.664075] ? __pfx_do_exit+0x10/0x10 [ 226.664486] ? debug_smp_processor_id+0x20/0x30 [ 226.664976] ? rcu_is_watching+0x19/0xb0 [ 226.665395] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.665855] ? trace_hardirqs_on+0x26/0x120 [ 226.666317] do_group_exit+0xe0/0x2b0 [ 226.666759] __x64_sys_exit_group+0x47/0x50 [ 226.667235] do_syscall_64+0x3b/0x90 [ 226.667632] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.668165] RIP: 0033:0x7f4b87518a4d [ 226.668552] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.669162] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.669901] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.670636] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.671506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.672283] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.673058] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.673846] [ 226.674109] irq event stamp: 0 [ 226.674461] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.675218] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.676142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.677049] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.677737] ---[ end trace 0000000000000000 ]--- [ 226.678904] ------------[ cut here ]------------ [ 226.679485] WARNING: CPU: 1 PID: 2167 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.680256] Modules linked in: [ 226.680499] CPU: 1 PID: 2167 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.681158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.682003] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.682391] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.683796] RSP: 0018:ffff888015a77b78 EFLAGS: 00010246 [ 226.684193] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.684723] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 226.685247] RBP: ffff888015a77b98 R08: ffffed1002cbec3e R09: ffffed1002cbec3e [ 226.685779] R10: ffff8880165f61ef R11: ffffed1002cbec3d R12: ffff8880165f6290 [ 226.686305] R13: ffff8880165f60a8 R14: ffffffffffffffff R15: ffff888015a77c60 [ 226.686849] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.687454] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.687883] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 226.688412] PKRU: 55555554 [ 226.688625] Call Trace: [ 226.688818] [ 226.688990] iommufd_ioas_destroy+0x53/0x70 [ 226.689319] iommufd_fops_release+0x1f7/0x370 [ 226.689662] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.690039] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.690411] ? write_comp_data+0x2f/0x90 [ 226.690739] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.691126] __fput+0x26d/0xa40 [ 226.691394] ____fput+0x1e/0x30 [ 226.691653] task_work_run+0x1a4/0x2d0 [ 226.691953] ? __pfx_task_work_run+0x10/0x10 [ 226.692286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.692659] ? switch_task_namespaces+0xa9/0xe0 [ 226.693017] do_exit+0xb17/0x2ef0 [ 226.693278] ? lock_acquire+0x427/0x4c0 [ 226.693587] ? __pfx_lock_release+0x10/0x10 [ 226.693917] ? __kasan_check_write+0x18/0x20 [ 226.694254] ? do_raw_spin_lock+0x132/0x2a0 [ 226.694596] ? __pfx_do_exit+0x10/0x10 [ 226.694902] ? debug_smp_processor_id+0x20/0x30 [ 226.695266] ? rcu_is_watching+0x19/0xb0 [ 226.695572] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.695915] ? trace_hardirqs_on+0x26/0x120 [ 226.696248] do_group_exit+0xe0/0x2b0 [ 226.696536] __x64_sys_exit_group+0x47/0x50 [ 226.696859] do_syscall_64+0x3b/0x90 [ 226.697146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.697540] RIP: 0033:0x7f4b87518a4d [ 226.697823] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.698282] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.698866] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.699408] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.699937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.700466] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.700995] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.701533] [ 226.701710] irq event stamp: 0 [ 226.701945] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.702411] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.703056] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.703687] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.704157] ---[ end trace 0000000000000000 ]--- [ 226.708259] ------------[ cut here ]------------ [ 226.708637] WARNING: CPU: 1 PID: 2168 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.709383] Modules linked in: [ 226.709621] CPU: 1 PID: 2168 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.710261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.711282] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.711652] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.712989] RSP: 0018:ffff888016fa7bb8 EFLAGS: 00010246 [ 226.713379] RAX: 0000000000000000 RBX: ffff88801781b0a8 RCX: 0000000000000000 [ 226.713902] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 226.714423] RBP: ffff888016fa7bd0 R08: ffffed1002f03633 R09: ffffed1002f03633 [ 226.714965] R10: ffff88801781b193 R11: ffffed1002f03632 R12: ffff88801341dc00 [ 226.715501] R13: ffff88801781b1e8 R14: ffffffff8352e670 R15: ffff888016fa7e68 [ 226.716029] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.716620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.717047] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 226.717572] PKRU: 55555554 [ 226.717783] Call Trace: [ 226.717974] [ 226.718144] __iommufd_access_detach+0x1c2/0x2b0 [ 226.718527] iommufd_access_change_pt+0x149/0x270 [ 226.718897] iommufd_access_replace+0xb4/0x120 [ 226.719261] iommufd_test+0x3e5/0x37e0 [ 226.719555] ? lock_release+0x532/0x770 [ 226.719863] ? __might_fault+0x102/0x1b0 [ 226.720173] ? lock_acquire+0x427/0x4c0 [ 226.720478] ? __pfx_iommufd_test+0x10/0x10 [ 226.720796] ? __pfx_lock_release+0x10/0x10 [ 226.721122] ? __pfx_lock_acquire+0x10/0x10 [ 226.721452] ? write_comp_data+0x2f/0x90 [ 226.721764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.722132] ? write_comp_data+0x2f/0x90 [ 226.722445] iommufd_fops_ioctl+0x37d/0x510 [ 226.722787] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.723167] ? write_comp_data+0x2f/0x90 [ 226.723481] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.723844] __x64_sys_ioctl+0x1a3/0x230 [ 226.724159] do_syscall_64+0x3b/0x90 [ 226.724450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.724843] RIP: 0033:0x7f4b8743ee5d [ 226.725122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.726468] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.727055] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.727592] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.728117] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.728644] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.729170] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.729712] [ 226.729888] irq event stamp: 0 [ 226.730123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.730606] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.731233] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.731853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.732316] ---[ end trace 0000000000000000 ]--- [ 226.734994] ------------[ cut here ]------------ [ 226.735387] WARNING: CPU: 1 PID: 2168 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.736136] Modules linked in: [ 226.736377] CPU: 1 PID: 2168 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.737019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.737847] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.738216] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.739606] RSP: 0018:ffff888016fa7bd0 EFLAGS: 00010246 [ 226.740000] RAX: 0000000000000000 RBX: ffff88801781b0a8 RCX: 0000000000000000 [ 226.740524] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 226.741045] RBP: ffff888016fa7be8 R08: ffffed1002f03633 R09: ffffed1002f03633 [ 226.741571] R10: ffff88801781b193 R11: ffffed1002f03632 R12: ffff88800fcb3c00 [ 226.742094] R13: ffff88801781b1e8 R14: ffff888010d0fa00 R15: 0000000000000000 [ 226.742637] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.743239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.743667] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 226.744195] PKRU: 55555554 [ 226.744406] Call Trace: [ 226.744598] [ 226.744768] iommufd_access_destroy_object+0x65/0x170 [ 226.745156] iommufd_object_destroy_user+0x18e/0x220 [ 226.745540] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.745974] iommufd_access_destroy+0x43/0x70 [ 226.746315] iommufd_test_staccess_release+0x8d/0xd0 [ 226.746716] __fput+0x26d/0xa40 [ 226.746977] ____fput+0x1e/0x30 [ 226.747240] task_work_run+0x1a4/0x2d0 [ 226.747539] ? __pfx_task_work_run+0x10/0x10 [ 226.747873] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.748240] ? switch_task_namespaces+0xa9/0xe0 [ 226.748597] do_exit+0xb17/0x2ef0 [ 226.748856] ? lock_acquire+0x427/0x4c0 [ 226.749159] ? __pfx_lock_release+0x10/0x10 [ 226.749484] ? __kasan_check_write+0x18/0x20 [ 226.749816] ? do_raw_spin_lock+0x132/0x2a0 [ 226.750138] ? __pfx_do_exit+0x10/0x10 [ 226.750436] ? debug_smp_processor_id+0x20/0x30 [ 226.750801] ? rcu_is_watching+0x19/0xb0 [ 226.751105] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.751455] ? trace_hardirqs_on+0x26/0x120 [ 226.751782] do_group_exit+0xe0/0x2b0 [ 226.752065] __x64_sys_exit_group+0x47/0x50 [ 226.752384] do_syscall_64+0x3b/0x90 [ 226.752669] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.753060] RIP: 0033:0x7f4b87518a4d [ 226.753341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.753796] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.754356] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.754894] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.755424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.755943] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.756463] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.756994] [ 226.757167] irq event stamp: 0 [ 226.757400] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.757866] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.758486] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.759124] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.759592] ---[ end trace 0000000000000000 ]--- [ 226.760256] ------------[ cut here ]------------ [ 226.760603] WARNING: CPU: 1 PID: 2168 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.761350] Modules linked in: [ 226.761586] CPU: 1 PID: 2168 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.762233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.763077] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.763470] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.764814] RSP: 0018:ffff888016fa7b78 EFLAGS: 00010246 [ 226.765207] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.765729] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 226.766251] RBP: ffff888016fa7b98 R08: ffffed1002f0363e R09: ffffed1002f0363e [ 226.766788] R10: ffff88801781b1ef R11: ffffed1002f0363d R12: ffff88801781b290 [ 226.767320] R13: ffff88801781b0a8 R14: ffffffffffffffff R15: ffff888016fa7c60 [ 226.767844] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.768435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.768864] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 226.769389] PKRU: 55555554 [ 226.769598] Call Trace: [ 226.769789] [ 226.769957] iommufd_ioas_destroy+0x53/0x70 [ 226.770283] iommufd_fops_release+0x1f7/0x370 [ 226.770640] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.771014] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.771391] ? write_comp_data+0x2f/0x90 [ 226.771701] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.772073] __fput+0x26d/0xa40 [ 226.772331] ____fput+0x1e/0x30 [ 226.772584] task_work_run+0x1a4/0x2d0 [ 226.772882] ? __pfx_task_work_run+0x10/0x10 [ 226.773213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.773578] ? switch_task_namespaces+0xa9/0xe0 [ 226.773934] do_exit+0xb17/0x2ef0 [ 226.774194] ? lock_acquire+0x427/0x4c0 [ 226.774497] ? __pfx_lock_release+0x10/0x10 [ 226.774842] ? __kasan_check_write+0x18/0x20 [ 226.775189] ? do_raw_spin_lock+0x132/0x2a0 [ 226.775516] ? __pfx_do_exit+0x10/0x10 [ 226.775815] ? debug_smp_processor_id+0x20/0x30 [ 226.776165] ? rcu_is_watching+0x19/0xb0 [ 226.776471] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.776813] ? trace_hardirqs_on+0x26/0x120 [ 226.777140] do_group_exit+0xe0/0x2b0 [ 226.777425] __x64_sys_exit_group+0x47/0x50 [ 226.777744] do_syscall_64+0x3b/0x90 [ 226.778029] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.778429] RIP: 0033:0x7f4b87518a4d [ 226.778728] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.779185] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.779744] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.780270] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.780796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.781322] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.781852] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.782381] [ 226.782571] irq event stamp: 0 [ 226.782806] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.783279] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.783894] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.784508] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.784969] ---[ end trace 0000000000000000 ]--- [ 226.789408] ------------[ cut here ]------------ [ 226.789783] WARNING: CPU: 1 PID: 2169 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.790622] Modules linked in: [ 226.790863] CPU: 1 PID: 2169 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.791519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.792346] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.792713] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.794056] RSP: 0018:ffff888013867bb8 EFLAGS: 00010246 [ 226.794456] RAX: 0000000000000000 RBX: ffff8880158820a8 RCX: 0000000000000000 [ 226.794996] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 226.795524] RBP: ffff888013867bd0 R08: ffffed1002b10433 R09: ffffed1002b10433 [ 226.796050] R10: ffff888015882193 R11: ffffed1002b10432 R12: ffff888013e27400 [ 226.796576] R13: ffff8880158821e8 R14: ffffffff8352e670 R15: ffff888013867e68 [ 226.797102] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 226.797696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.798125] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 226.798667] PKRU: 55555554 [ 226.798881] Call Trace: [ 226.799073] [ 226.799252] __iommufd_access_detach+0x1c2/0x2b0 [ 226.799618] iommufd_access_change_pt+0x149/0x270 [ 226.799991] iommufd_access_replace+0xb4/0x120 [ 226.800343] iommufd_test+0x3e5/0x37e0 [ 226.800635] ? lock_release+0x532/0x770 [ 226.800939] ? __might_fault+0x102/0x1b0 [ 226.801249] ? lock_acquire+0x427/0x4c0 [ 226.801556] ? __pfx_iommufd_test+0x10/0x10 [ 226.801876] ? __pfx_lock_release+0x10/0x10 [ 226.802204] ? __pfx_lock_acquire+0x10/0x10 [ 226.802559] ? write_comp_data+0x2f/0x90 [ 226.802872] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.803245] ? write_comp_data+0x2f/0x90 [ 226.803562] iommufd_fops_ioctl+0x37d/0x510 [ 226.803891] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.804259] ? write_comp_data+0x2f/0x90 [ 226.804572] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.804936] __x64_sys_ioctl+0x1a3/0x230 [ 226.805249] do_syscall_64+0x3b/0x90 [ 226.805536] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.805928] RIP: 0033:0x7f4b8743ee5d [ 226.806204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.807579] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.808146] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.808670] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.809197] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.809724] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.810252] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.810811] [ 226.810987] irq event stamp: 0 [ 226.811229] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.811701] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.812323] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.812939] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.813406] ---[ end trace 0000000000000000 ]--- [ 226.816927] ------------[ cut here ]------------ [ 226.817337] WARNING: CPU: 0 PID: 2169 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.818087] Modules linked in: [ 226.818325] CPU: 0 PID: 2169 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.818992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.819834] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.820202] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.821546] RSP: 0018:ffff888013867bd0 EFLAGS: 00010246 [ 226.821939] RAX: 0000000000000000 RBX: ffff8880158820a8 RCX: 0000000000000000 [ 226.822465] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 226.823025] RBP: ffff888013867be8 R08: ffffed1002b10433 R09: ffffed1002b10433 [ 226.823559] R10: ffff888015882193 R11: ffffed1002b10432 R12: ffff88801341e000 [ 226.824085] R13: ffff8880158821e8 R14: ffff8880122c0200 R15: 0000000000000000 [ 226.824616] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.825211] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.825642] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 226.826168] PKRU: 55555554 [ 226.826377] Call Trace: [ 226.826590] [ 226.826765] iommufd_access_destroy_object+0x65/0x170 [ 226.827165] iommufd_object_destroy_user+0x18e/0x220 [ 226.827551] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.828000] iommufd_access_destroy+0x43/0x70 [ 226.828349] iommufd_test_staccess_release+0x8d/0xd0 [ 226.828740] __fput+0x26d/0xa40 [ 226.829004] ____fput+0x1e/0x30 [ 226.829261] task_work_run+0x1a4/0x2d0 [ 226.829561] ? __pfx_task_work_run+0x10/0x10 [ 226.829895] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.830264] ? switch_task_namespaces+0xa9/0xe0 [ 226.830642] do_exit+0xb17/0x2ef0 [ 226.830905] ? lock_acquire+0x427/0x4c0 [ 226.831222] ? __pfx_lock_release+0x10/0x10 [ 226.831552] ? __kasan_check_write+0x18/0x20 [ 226.831884] ? do_raw_spin_lock+0x132/0x2a0 [ 226.832210] ? __pfx_do_exit+0x10/0x10 [ 226.832510] ? debug_smp_processor_id+0x20/0x30 [ 226.832862] ? rcu_is_watching+0x19/0xb0 [ 226.833167] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.833509] ? trace_hardirqs_on+0x26/0x120 [ 226.833837] do_group_exit+0xe0/0x2b0 [ 226.834123] __x64_sys_exit_group+0x47/0x50 [ 226.834442] do_syscall_64+0x3b/0x90 [ 226.834749] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.835154] RIP: 0033:0x7f4b87518a4d [ 226.835434] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.835889] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.836449] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.836974] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.837501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.838030] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.838578] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.839121] [ 226.839306] irq event stamp: 0 [ 226.839541] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.840008] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.840623] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.841237] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.841702] ---[ end trace 0000000000000000 ]--- [ 226.842368] ------------[ cut here ]------------ [ 226.842733] WARNING: CPU: 0 PID: 2169 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.843499] Modules linked in: [ 226.843742] CPU: 0 PID: 2169 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.844391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.845239] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.845625] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.846983] RSP: 0018:ffff888013867b78 EFLAGS: 00010246 [ 226.847388] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.847913] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 226.848437] RBP: ffff888013867b98 R08: ffffed1002b1043e R09: ffffed1002b1043e [ 226.848964] R10: ffff8880158821ef R11: ffffed1002b1043d R12: ffff888015882290 [ 226.849490] R13: ffff8880158820a8 R14: ffffffffffffffff R15: ffff888013867c60 [ 226.850015] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.850626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.851058] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 226.851599] PKRU: 55555554 [ 226.851811] Call Trace: [ 226.852005] [ 226.852177] iommufd_ioas_destroy+0x53/0x70 [ 226.852507] iommufd_fops_release+0x1f7/0x370 [ 226.852847] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.853221] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.853592] ? write_comp_data+0x2f/0x90 [ 226.853903] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.854276] __fput+0x26d/0xa40 [ 226.854558] ____fput+0x1e/0x30 [ 226.854814] task_work_run+0x1a4/0x2d0 [ 226.855112] ? __pfx_task_work_run+0x10/0x10 [ 226.855457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.855826] ? switch_task_namespaces+0xa9/0xe0 [ 226.856183] do_exit+0xb17/0x2ef0 [ 226.856444] ? lock_acquire+0x427/0x4c0 [ 226.856749] ? __pfx_lock_release+0x10/0x10 [ 226.857077] ? __kasan_check_write+0x18/0x20 [ 226.857411] ? do_raw_spin_lock+0x132/0x2a0 [ 226.857735] ? __pfx_do_exit+0x10/0x10 [ 226.858035] ? debug_smp_processor_id+0x20/0x30 [ 226.858385] ? rcu_is_watching+0x19/0xb0 [ 226.858707] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.859052] ? trace_hardirqs_on+0x26/0x120 [ 226.859391] do_group_exit+0xe0/0x2b0 [ 226.859677] __x64_sys_exit_group+0x47/0x50 [ 226.859997] do_syscall_64+0x3b/0x90 [ 226.860283] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.860678] RIP: 0033:0x7f4b87518a4d [ 226.860954] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.861407] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.861966] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.862490] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.863027] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.863566] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.864095] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.864627] [ 226.864800] irq event stamp: 0 [ 226.865035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.865500] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.866115] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.866745] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.867223] ---[ end trace 0000000000000000 ]--- [ 226.871459] ------------[ cut here ]------------ [ 226.871842] WARNING: CPU: 0 PID: 2170 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.872589] Modules linked in: [ 226.872827] CPU: 0 PID: 2170 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.873470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.874296] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.874689] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.876042] RSP: 0018:ffff888016fa7bb8 EFLAGS: 00010246 [ 226.876434] RAX: 0000000000000000 RBX: ffff88800fb278a8 RCX: 0000000000000000 [ 226.876970] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 226.877492] RBP: ffff888016fa7bd0 R08: ffffed1001f64f33 R09: ffffed1001f64f33 [ 226.878014] R10: ffff88800fb27993 R11: ffffed1001f64f32 R12: ffff888013da7800 [ 226.878557] R13: ffff88800fb279e8 R14: ffffffff8352e670 R15: ffff888016fa7e68 [ 226.879083] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.879683] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.880119] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 226.880649] PKRU: 55555554 [ 226.880860] Call Trace: [ 226.881051] [ 226.881220] __iommufd_access_detach+0x1c2/0x2b0 [ 226.881588] iommufd_access_change_pt+0x149/0x270 [ 226.881958] iommufd_access_replace+0xb4/0x120 [ 226.882311] iommufd_test+0x3e5/0x37e0 [ 226.882616] ? lock_release+0x532/0x770 [ 226.882924] ? __might_fault+0x102/0x1b0 [ 226.883247] ? lock_acquire+0x427/0x4c0 [ 226.883554] ? __pfx_iommufd_test+0x10/0x10 [ 226.883875] ? __pfx_lock_release+0x10/0x10 [ 226.884202] ? __pfx_lock_acquire+0x10/0x10 [ 226.884534] ? write_comp_data+0x2f/0x90 [ 226.884845] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.885212] ? write_comp_data+0x2f/0x90 [ 226.885527] iommufd_fops_ioctl+0x37d/0x510 [ 226.885857] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.886231] ? write_comp_data+0x2f/0x90 [ 226.886562] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.886930] __x64_sys_ioctl+0x1a3/0x230 [ 226.887252] do_syscall_64+0x3b/0x90 [ 226.887543] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.887935] RIP: 0033:0x7f4b8743ee5d [ 226.888215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.889562] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.890127] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.890670] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.891222] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.891761] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.892291] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.892835] [ 226.893017] irq event stamp: 0 [ 226.893566] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.894045] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.894697] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.895342] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.895958] ---[ end trace 0000000000000000 ]--- [ 226.898709] ------------[ cut here ]------------ [ 226.899068] WARNING: CPU: 0 PID: 2170 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.899828] Modules linked in: [ 226.900066] CPU: 0 PID: 2170 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.900841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.901676] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.902049] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.903731] RSP: 0018:ffff888016fa7bd0 EFLAGS: 00010246 [ 226.904135] RAX: 0000000000000000 RBX: ffff88800fb278a8 RCX: 0000000000000000 [ 226.904671] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 226.905209] RBP: ffff888016fa7be8 R08: ffffed1001f64f33 R09: ffffed1001f64f33 [ 226.905887] R10: ffff88800fb27993 R11: ffffed1001f64f32 R12: ffff888012a1d000 [ 226.906426] R13: ffff88800fb279e8 R14: ffff88802185cf00 R15: 0000000000000000 [ 226.906988] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.907609] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.908070] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.908749] PKRU: 55555554 [ 226.908964] Call Trace: [ 226.909158] [ 226.909329] iommufd_access_destroy_object+0x65/0x170 [ 226.909726] iommufd_object_destroy_user+0x18e/0x220 [ 226.910116] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 226.910643] iommufd_access_destroy+0x43/0x70 [ 226.911110] iommufd_test_staccess_release+0x8d/0xd0 [ 226.911528] __fput+0x26d/0xa40 [ 226.911800] ____fput+0x1e/0x30 [ 226.912068] task_work_run+0x1a4/0x2d0 [ 226.912381] ? __pfx_task_work_run+0x10/0x10 [ 226.912729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.913176] ? switch_task_namespaces+0xa9/0xe0 [ 226.913665] do_exit+0xb17/0x2ef0 [ 226.913938] ? lock_acquire+0x427/0x4c0 [ 226.914257] ? __pfx_lock_release+0x10/0x10 [ 226.914617] ? __kasan_check_write+0x18/0x20 [ 226.914965] ? do_raw_spin_lock+0x132/0x2a0 [ 226.915310] ? __pfx_do_exit+0x10/0x10 [ 226.915632] ? debug_smp_processor_id+0x20/0x30 [ 226.916062] ? rcu_is_watching+0x19/0xb0 [ 226.916493] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.916861] ? trace_hardirqs_on+0x26/0x120 [ 226.917209] do_group_exit+0xe0/0x2b0 [ 226.917512] __x64_sys_exit_group+0x47/0x50 [ 226.917853] do_syscall_64+0x3b/0x90 [ 226.918217] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.918747] RIP: 0033:0x7f4b87518a4d [ 226.919042] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.919534] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.920123] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.920673] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.921381] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.921935] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.922488] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.923069] [ 226.923267] irq event stamp: 0 [ 226.923513] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.924175] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.924828] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.925476] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.925990] ---[ end trace 0000000000000000 ]--- [ 226.926836] ------------[ cut here ]------------ [ 226.927221] WARNING: CPU: 0 PID: 2170 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 226.928015] Modules linked in: [ 226.928269] CPU: 0 PID: 2170 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.929100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.929970] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 226.930376] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 226.931963] RSP: 0018:ffff888016fa7b78 EFLAGS: 00010246 [ 226.932379] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.932927] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 226.933481] RBP: ffff888016fa7b98 R08: ffffed1001f64f3e R09: ffffed1001f64f3e [ 226.934184] R10: ffff88800fb279ef R11: ffffed1001f64f3d R12: ffff88800fb27a90 [ 226.934749] R13: ffff88800fb278a8 R14: ffffffffffffffff R15: ffff888016fa7c60 [ 226.935321] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.935944] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.936460] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 226.937108] PKRU: 55555554 [ 226.937334] Call Trace: [ 226.937536] [ 226.937715] iommufd_ioas_destroy+0x53/0x70 [ 226.938066] iommufd_fops_release+0x1f7/0x370 [ 226.938429] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.938974] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.939386] ? write_comp_data+0x2f/0x90 [ 226.939730] ? __pfx_iommufd_fops_release+0x10/0x10 [ 226.940147] __fput+0x26d/0xa40 [ 226.940435] ____fput+0x1e/0x30 [ 226.940714] task_work_run+0x1a4/0x2d0 [ 226.941035] ? __pfx_task_work_run+0x10/0x10 [ 226.941400] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.941876] ? switch_task_namespaces+0xa9/0xe0 [ 226.942375] do_exit+0xb17/0x2ef0 [ 226.942682] ? lock_acquire+0x427/0x4c0 [ 226.943014] ? __pfx_lock_release+0x10/0x10 [ 226.943385] ? __kasan_check_write+0x18/0x20 [ 226.943755] ? do_raw_spin_lock+0x132/0x2a0 [ 226.944110] ? __pfx_do_exit+0x10/0x10 [ 226.944450] ? debug_smp_processor_id+0x20/0x30 [ 226.944975] ? rcu_is_watching+0x19/0xb0 [ 226.945312] ? _raw_spin_unlock_irq+0x2b/0x60 [ 226.945683] ? trace_hardirqs_on+0x26/0x120 [ 226.946045] do_group_exit+0xe0/0x2b0 [ 226.946357] __x64_sys_exit_group+0x47/0x50 [ 226.946718] do_syscall_64+0x3b/0x90 [ 226.947192] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.947620] RIP: 0033:0x7f4b87518a4d [ 226.947924] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 226.948418] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 226.949022] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 226.949596] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 226.950315] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 226.950908] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 226.951505] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 226.952082] [ 226.952271] irq event stamp: 0 [ 226.952597] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.953210] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.953889] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.954600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.955130] ---[ end trace 0000000000000000 ]--- [ 226.960936] ------------[ cut here ]------------ [ 226.961340] WARNING: CPU: 0 PID: 2171 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.962326] Modules linked in: [ 226.962759] CPU: 0 PID: 2171 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.963488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.964476] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.964979] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.966455] RSP: 0018:ffff8880219f7bb8 EFLAGS: 00010246 [ 226.966980] RAX: 0000000000000000 RBX: ffff8880171bb0a8 RCX: 0000000000000000 [ 226.967636] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 226.968207] RBP: ffff8880219f7bd0 R08: ffffed1002e37633 R09: ffffed1002e37633 [ 226.968772] R10: ffff8880171bb193 R11: ffffed1002e37632 R12: ffff888010c6cc00 [ 226.969335] R13: ffff8880171bb1e8 R14: ffffffff8352e670 R15: ffff8880219f7e68 [ 226.970061] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 226.970734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.971222] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 226.971803] PKRU: 55555554 [ 226.972033] Call Trace: [ 226.972312] [ 226.972591] __iommufd_access_detach+0x1c2/0x2b0 [ 226.972986] iommufd_access_change_pt+0x149/0x270 [ 226.973386] iommufd_access_replace+0xb4/0x120 [ 226.973768] iommufd_test+0x3e5/0x37e0 [ 226.974086] ? lock_release+0x532/0x770 [ 226.974415] ? __might_fault+0x102/0x1b0 [ 226.974901] ? lock_acquire+0x427/0x4c0 [ 226.975245] ? __pfx_iommufd_test+0x10/0x10 [ 226.975593] ? __pfx_lock_release+0x10/0x10 [ 226.975957] ? __pfx_lock_acquire+0x10/0x10 [ 226.976321] ? write_comp_data+0x2f/0x90 [ 226.976658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 226.977053] ? write_comp_data+0x2f/0x90 [ 226.977391] iommufd_fops_ioctl+0x37d/0x510 [ 226.977913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.978313] ? write_comp_data+0x2f/0x90 [ 226.978684] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 226.979081] __x64_sys_ioctl+0x1a3/0x230 [ 226.979432] do_syscall_64+0x3b/0x90 [ 226.979776] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 226.980319] RIP: 0033:0x7f4b8743ee5d [ 226.980623] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 226.982100] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 226.982830] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 226.983430] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 226.984001] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 226.984570] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 226.985188] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 226.985948] [ 226.986138] irq event stamp: 0 [ 226.986391] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 226.986906] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 226.987604] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 226.988276] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 226.988965] ---[ end trace 0000000000000000 ]--- [ 226.992737] ------------[ cut here ]------------ [ 226.993133] WARNING: CPU: 0 PID: 2171 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 226.994103] Modules linked in: [ 226.994366] CPU: 0 PID: 2171 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 226.995113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 226.996025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 226.996510] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 226.998060] RSP: 0018:ffff8880219f7bd0 EFLAGS: 00010246 [ 226.998489] RAX: 0000000000000000 RBX: ffff8880171bb0a8 RCX: 0000000000000000 [ 226.999074] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 226.999655] RBP: ffff8880219f7be8 R08: ffffed1002e37633 R09: ffffed1002e37633 [ 227.000220] R10: ffff8880171bb193 R11: ffffed1002e37632 R12: ffff888013da6800 [ 227.000786] R13: ffff8880171bb1e8 R14: ffff888012245c00 R15: 0000000000000000 [ 227.001351] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.001987] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.002446] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 227.003026] PKRU: 55555554 [ 227.003270] Call Trace: [ 227.003479] [ 227.003665] iommufd_access_destroy_object+0x65/0x170 [ 227.004092] iommufd_object_destroy_user+0x18e/0x220 [ 227.004510] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.004977] iommufd_access_destroy+0x43/0x70 [ 227.005345] iommufd_test_staccess_release+0x8d/0xd0 [ 227.005758] __fput+0x26d/0xa40 [ 227.006035] ____fput+0x1e/0x30 [ 227.006307] task_work_run+0x1a4/0x2d0 [ 227.006646] ? __pfx_task_work_run+0x10/0x10 [ 227.007006] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.007414] ? switch_task_namespaces+0xa9/0xe0 [ 227.007803] do_exit+0xb17/0x2ef0 [ 227.008086] ? lock_acquire+0x427/0x4c0 [ 227.008420] ? __pfx_lock_release+0x10/0x10 [ 227.008775] ? __kasan_check_write+0x18/0x20 [ 227.009130] ? do_raw_spin_lock+0x132/0x2a0 [ 227.009477] ? __pfx_do_exit+0x10/0x10 [ 227.009795] ? debug_smp_processor_id+0x20/0x30 [ 227.010169] ? rcu_is_watching+0x19/0xb0 [ 227.010494] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.010881] ? trace_hardirqs_on+0x26/0x120 [ 227.011245] do_group_exit+0xe0/0x2b0 [ 227.011552] __x64_sys_exit_group+0x47/0x50 [ 227.011894] do_syscall_64+0x3b/0x90 [ 227.012201] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.012621] RIP: 0033:0x7f4b87518a4d [ 227.012918] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.013407] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.014007] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.014598] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.015172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.015736] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.016296] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.016876] [ 227.017069] irq event stamp: 0 [ 227.017326] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.017833] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.018495] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.019188] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.019688] ---[ end trace 0000000000000000 ]--- [ 227.020984] ------------[ cut here ]------------ [ 227.021372] WARNING: CPU: 0 PID: 2171 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.022200] Modules linked in: [ 227.022463] CPU: 0 PID: 2171 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.023432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.024328] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.024745] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.026356] RSP: 0018:ffff8880219f7b78 EFLAGS: 00010246 [ 227.026798] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.027384] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 227.027958] RBP: ffff8880219f7b98 R08: ffffed1002e3763e R09: ffffed1002e3763e [ 227.028683] R10: ffff8880171bb1ef R11: ffffed1002e3763d R12: ffff8880171bb290 [ 227.029260] R13: ffff8880171bb0a8 R14: ffffffffffffffff R15: ffff8880219f7c60 [ 227.029837] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.030500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.031099] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 227.031688] PKRU: 55555554 [ 227.031934] Call Trace: [ 227.032141] [ 227.032327] iommufd_ioas_destroy+0x53/0x70 [ 227.032686] iommufd_fops_release+0x1f7/0x370 [ 227.033049] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.033604] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.034001] ? write_comp_data+0x2f/0x90 [ 227.034333] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.034752] __fput+0x26d/0xa40 [ 227.035031] ____fput+0x1e/0x30 [ 227.035318] task_work_run+0x1a4/0x2d0 [ 227.035640] ? __pfx_task_work_run+0x10/0x10 [ 227.036000] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.036400] ? switch_task_namespaces+0xa9/0xe0 [ 227.036873] do_exit+0xb17/0x2ef0 [ 227.037271] ? lock_acquire+0x427/0x4c0 [ 227.037606] ? __pfx_lock_release+0x10/0x10 [ 227.037958] ? __kasan_check_write+0x18/0x20 [ 227.038312] ? do_raw_spin_lock+0x132/0x2a0 [ 227.038676] ? __pfx_do_exit+0x10/0x10 [ 227.038997] ? debug_smp_processor_id+0x20/0x30 [ 227.039393] ? rcu_is_watching+0x19/0xb0 [ 227.039723] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.040094] ? trace_hardirqs_on+0x26/0x120 [ 227.040471] do_group_exit+0xe0/0x2b0 [ 227.040911] __x64_sys_exit_group+0x47/0x50 [ 227.041256] do_syscall_64+0x3b/0x90 [ 227.041561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.041983] RIP: 0033:0x7f4b87518a4d [ 227.042281] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.042788] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.043403] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.043970] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.044715] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.045286] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.045861] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.046441] [ 227.046651] irq event stamp: 0 [ 227.046911] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.047427] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.048272] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.048939] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.049453] ---[ end trace 0000000000000000 ]--- [ 227.053254] ------------[ cut here ]------------ [ 227.053655] WARNING: CPU: 0 PID: 2172 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.054672] Modules linked in: [ 227.054932] CPU: 0 PID: 2172 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.055641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.056529] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.056925] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.058392] RSP: 0018:ffff888016fa7bb8 EFLAGS: 00010246 [ 227.058846] RAX: 0000000000000000 RBX: ffff888014b760a8 RCX: 0000000000000000 [ 227.059439] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 227.060015] RBP: ffff888016fa7bd0 R08: ffffed100296ec33 R09: ffffed100296ec33 [ 227.060591] R10: ffff888014b76193 R11: ffffed100296ec32 R12: ffff888010c49800 [ 227.061165] R13: ffff888014b761e8 R14: ffffffff8352e670 R15: ffff888016fa7e68 [ 227.061735] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.062368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.062840] CR2: 00007f4b877410e8 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 227.063419] PKRU: 55555554 [ 227.063645] Call Trace: [ 227.063851] [ 227.064034] __iommufd_access_detach+0x1c2/0x2b0 [ 227.064428] iommufd_access_change_pt+0x149/0x270 [ 227.064829] iommufd_access_replace+0xb4/0x120 [ 227.065213] iommufd_test+0x3e5/0x37e0 [ 227.065533] ? lock_release+0x532/0x770 [ 227.065865] ? __might_fault+0x102/0x1b0 [ 227.066197] ? lock_acquire+0x427/0x4c0 [ 227.066538] ? __pfx_iommufd_test+0x10/0x10 [ 227.066882] ? __pfx_lock_release+0x10/0x10 [ 227.067246] ? __pfx_lock_acquire+0x10/0x10 [ 227.067607] ? write_comp_data+0x2f/0x90 [ 227.067943] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.068339] ? write_comp_data+0x2f/0x90 [ 227.068681] iommufd_fops_ioctl+0x37d/0x510 [ 227.069031] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.069425] ? write_comp_data+0x2f/0x90 [ 227.069761] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.070174] __x64_sys_ioctl+0x1a3/0x230 [ 227.070534] do_syscall_64+0x3b/0x90 [ 227.070845] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.071275] RIP: 0033:0x7f4b8743ee5d [ 227.071574] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.073028] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.073646] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.074214] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.074798] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.075377] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.075946] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.076520] [ 227.076704] irq event stamp: 0 [ 227.076951] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.077445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.078108] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.078787] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.079294] ---[ end trace 0000000000000000 ]--- [ 227.082319] ------------[ cut here ]------------ [ 227.082802] WARNING: CPU: 0 PID: 2172 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.083626] Modules linked in: [ 227.083883] CPU: 0 PID: 2172 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.084750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.085638] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.086034] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.087648] RSP: 0018:ffff888016fa7bd0 EFLAGS: 00010246 [ 227.088068] RAX: 0000000000000000 RBX: ffff888014b760a8 RCX: 0000000000000000 [ 227.088629] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 227.089259] RBP: ffff888016fa7be8 R08: ffffed100296ec33 R09: ffffed100296ec33 [ 227.089911] R10: ffff888014b76193 R11: ffffed100296ec32 R12: ffff888010c6e400 [ 227.090464] R13: ffff888014b761e8 R14: ffff88800fa03e00 R15: 0000000000000000 [ 227.091042] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.091711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.092293] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 227.092862] PKRU: 55555554 [ 227.093087] Call Trace: [ 227.093289] [ 227.093467] iommufd_access_destroy_object+0x65/0x170 [ 227.093873] iommufd_object_destroy_user+0x18e/0x220 [ 227.094340] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.094889] iommufd_access_destroy+0x43/0x70 [ 227.095267] iommufd_test_staccess_release+0x8d/0xd0 [ 227.095682] __fput+0x26d/0xa40 [ 227.095962] ____fput+0x1e/0x30 [ 227.096234] task_work_run+0x1a4/0x2d0 [ 227.096557] ? __pfx_task_work_run+0x10/0x10 [ 227.096954] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.097470] ? switch_task_namespaces+0xa9/0xe0 [ 227.097849] do_exit+0xb17/0x2ef0 [ 227.098121] ? lock_acquire+0x427/0x4c0 [ 227.098440] ? __pfx_lock_release+0x10/0x10 [ 227.098807] ? __kasan_check_write+0x18/0x20 [ 227.099180] ? do_raw_spin_lock+0x132/0x2a0 [ 227.099530] ? __pfx_do_exit+0x10/0x10 [ 227.099906] ? debug_smp_processor_id+0x20/0x30 [ 227.100376] ? rcu_is_watching+0x19/0xb0 [ 227.100704] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.101070] ? trace_hardirqs_on+0x26/0x120 [ 227.101424] do_group_exit+0xe0/0x2b0 [ 227.101733] __x64_sys_exit_group+0x47/0x50 [ 227.102113] do_syscall_64+0x3b/0x90 [ 227.102541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.102970] RIP: 0033:0x7f4b87518a4d [ 227.103276] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.103764] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.104354] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.104906] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.105484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.106209] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.106797] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.107381] [ 227.107568] irq event stamp: 0 [ 227.107819] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.108327] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.108998] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.109835] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.110340] ---[ end trace 0000000000000000 ]--- [ 227.111089] ------------[ cut here ]------------ [ 227.111482] WARNING: CPU: 0 PID: 2172 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.112287] Modules linked in: [ 227.112548] CPU: 0 PID: 2172 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.113432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.114331] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.114777] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.116237] RSP: 0018:ffff888016fa7b78 EFLAGS: 00010246 [ 227.116719] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.117408] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 227.117972] RBP: ffff888016fa7b98 R08: ffffed100296ec3e R09: ffffed100296ec3e [ 227.118575] R10: ffff888014b761ef R11: ffffed100296ec3d R12: ffff888014b76290 [ 227.119173] R13: ffff888014b760a8 R14: ffffffffffffffff R15: ffff888016fa7c60 [ 227.119759] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.120610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.121099] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 227.121709] PKRU: 55555554 [ 227.121950] Call Trace: [ 227.122165] [ 227.122354] iommufd_ioas_destroy+0x53/0x70 [ 227.122757] iommufd_fops_release+0x1f7/0x370 [ 227.123150] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.123575] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.124012] ? write_comp_data+0x2f/0x90 [ 227.124517] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.124948] __fput+0x26d/0xa40 [ 227.125243] ____fput+0x1e/0x30 [ 227.125529] task_work_run+0x1a4/0x2d0 [ 227.125863] ? __pfx_task_work_run+0x10/0x10 [ 227.126237] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.126683] ? switch_task_namespaces+0xa9/0xe0 [ 227.127087] do_exit+0xb17/0x2ef0 [ 227.127390] ? lock_acquire+0x427/0x4c0 [ 227.127738] ? __pfx_lock_release+0x10/0x10 [ 227.128199] ? __kasan_check_write+0x18/0x20 [ 227.128651] ? do_raw_spin_lock+0x132/0x2a0 [ 227.129016] ? __pfx_do_exit+0x10/0x10 [ 227.129357] ? debug_smp_processor_id+0x20/0x30 [ 227.129750] ? rcu_is_watching+0x19/0xb0 [ 227.130104] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.130537] ? trace_hardirqs_on+0x26/0x120 [ 227.130926] do_group_exit+0xe0/0x2b0 [ 227.131282] __x64_sys_exit_group+0x47/0x50 [ 227.131670] do_syscall_64+0x3b/0x90 [ 227.132023] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.132713] RIP: 0033:0x7f4b87518a4d [ 227.133047] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.133586] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.134259] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.134923] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.135755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.136394] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.137032] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.137686] [ 227.137895] irq event stamp: 0 [ 227.138366] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.138949] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.139713] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.140474] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.141225] ---[ end trace 0000000000000000 ]--- [ 227.146083] ------------[ cut here ]------------ [ 227.146574] WARNING: CPU: 0 PID: 2173 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.147523] Modules linked in: [ 227.147962] CPU: 0 PID: 2173 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.148741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.149773] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.150458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.152232] RSP: 0018:ffff888021ab7bb8 EFLAGS: 00010246 [ 227.152812] RAX: 0000000000000000 RBX: ffff88801609d8a8 RCX: 0000000000000000 [ 227.153644] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 227.154315] RBP: ffff888021ab7bd0 R08: ffffed1002c13b33 R09: ffffed1002c13b33 [ 227.155003] R10: ffff88801609d993 R11: ffffed1002c13b32 R12: ffff888012e90c00 [ 227.155781] R13: ffff88801609d9e8 R14: ffffffff8352e670 R15: ffff888021ab7e68 [ 227.156556] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.157297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.157831] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 227.158484] PKRU: 55555554 [ 227.158827] Call Trace: [ 227.159159] [ 227.159481] __iommufd_access_detach+0x1c2/0x2b0 [ 227.159938] iommufd_access_change_pt+0x149/0x270 [ 227.160408] iommufd_access_replace+0xb4/0x120 [ 227.160843] iommufd_test+0x3e5/0x37e0 [ 227.161209] ? lock_release+0x532/0x770 [ 227.161593] ? __might_fault+0x102/0x1b0 [ 227.161981] ? lock_acquire+0x427/0x4c0 [ 227.162369] ? __pfx_iommufd_test+0x10/0x10 [ 227.162806] ? __pfx_lock_release+0x10/0x10 [ 227.163233] ? __pfx_lock_acquire+0x10/0x10 [ 227.163646] ? write_comp_data+0x2f/0x90 [ 227.164036] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.164490] ? write_comp_data+0x2f/0x90 [ 227.164894] iommufd_fops_ioctl+0x37d/0x510 [ 227.165313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.165764] ? write_comp_data+0x2f/0x90 [ 227.166152] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.166631] __x64_sys_ioctl+0x1a3/0x230 [ 227.167037] do_syscall_64+0x3b/0x90 [ 227.167424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.167922] RIP: 0033:0x7f4b8743ee5d [ 227.168269] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.169968] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.170720] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.171418] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.172083] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.172771] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.173458] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.174141] [ 227.174368] irq event stamp: 0 [ 227.174694] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.175309] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.176101] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.176902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.177499] ---[ end trace 0000000000000000 ]--- [ 227.181067] ------------[ cut here ]------------ [ 227.181587] WARNING: CPU: 0 PID: 2173 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.182766] Modules linked in: [ 227.183076] CPU: 0 PID: 2173 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.183926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.185221] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.185701] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.187521] RSP: 0018:ffff888021ab7bd0 EFLAGS: 00010246 [ 227.188210] RAX: 0000000000000000 RBX: ffff88801609d8a8 RCX: 0000000000000000 [ 227.188898] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 227.189577] RBP: ffff888021ab7be8 R08: ffffed1002c13b33 R09: ffffed1002c13b33 [ 227.190254] R10: ffff88801609d993 R11: ffffed1002c13b32 R12: ffff888010c49000 [ 227.191225] R13: ffff88801609d9e8 R14: ffff8880143d8d00 R15: 0000000000000000 [ 227.191899] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.192708] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.193306] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 227.194324] PKRU: 55555554 [ 227.194646] Call Trace: [ 227.194912] [ 227.195166] iommufd_access_destroy_object+0x65/0x170 [ 227.195710] iommufd_object_destroy_user+0x18e/0x220 [ 227.196244] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.197120] iommufd_access_destroy+0x43/0x70 [ 227.197602] iommufd_test_staccess_release+0x8d/0xd0 [ 227.198137] __fput+0x26d/0xa40 [ 227.198527] ____fput+0x1e/0x30 [ 227.198886] task_work_run+0x1a4/0x2d0 [ 227.199350] ? __pfx_task_work_run+0x10/0x10 [ 227.200032] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.200566] ? switch_task_namespaces+0xa9/0xe0 [ 227.201067] do_exit+0xb17/0x2ef0 [ 227.201436] ? lock_acquire+0x427/0x4c0 [ 227.201855] ? __pfx_lock_release+0x10/0x10 [ 227.202610] ? __kasan_check_write+0x18/0x20 [ 227.203066] ? do_raw_spin_lock+0x132/0x2a0 [ 227.203531] ? __pfx_do_exit+0x10/0x10 [ 227.203955] ? debug_smp_processor_id+0x20/0x30 [ 227.204455] ? rcu_is_watching+0x19/0xb0 [ 227.204971] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.205580] ? trace_hardirqs_on+0x26/0x120 [ 227.206038] do_group_exit+0xe0/0x2b0 [ 227.206439] __x64_sys_exit_group+0x47/0x50 [ 227.206919] do_syscall_64+0x3b/0x90 [ 227.207335] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.208129] RIP: 0033:0x7f4b87518a4d [ 227.208537] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.209184] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.209964] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.210974] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.211713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.212425] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.213224] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.214153] [ 227.214400] irq event stamp: 0 [ 227.214742] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.215417] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.216273] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.217411] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.218237] ---[ end trace 0000000000000000 ]--- [ 227.220780] ------------[ cut here ]------------ [ 227.221300] WARNING: CPU: 0 PID: 2173 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.222562] Modules linked in: [ 227.223082] CPU: 0 PID: 2173 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.223981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.225102] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.225630] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.227954] RSP: 0018:ffff888021ab7b78 EFLAGS: 00010246 [ 227.228497] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.229205] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 227.229920] RBP: ffff888021ab7b98 R08: ffffed1002c13b3e R09: ffffed1002c13b3e [ 227.230655] R10: ffff88801609d9ef R11: ffffed1002c13b3d R12: ffff88801609da90 [ 227.231409] R13: ffff88801609d8a8 R14: ffffffffffffffff R15: ffff888021ab7c60 [ 227.232128] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.232941] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.233521] CR2: 00007f82e2bb6000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 227.234238] PKRU: 55555554 [ 227.234552] Call Trace: [ 227.234816] [ 227.235046] iommufd_ioas_destroy+0x53/0x70 [ 227.235513] iommufd_fops_release+0x1f7/0x370 [ 227.235973] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.236482] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.236982] ? write_comp_data+0x2f/0x90 [ 227.237408] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.237917] __fput+0x26d/0xa40 [ 227.238266] ____fput+0x1e/0x30 [ 227.238634] task_work_run+0x1a4/0x2d0 [ 227.239038] ? __pfx_task_work_run+0x10/0x10 [ 227.239489] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.239945] ? switch_task_namespaces+0xa9/0xe0 [ 227.240386] do_exit+0xb17/0x2ef0 [ 227.240712] ? lock_acquire+0x427/0x4c0 [ 227.241092] ? __pfx_lock_release+0x10/0x10 [ 227.241498] ? __kasan_check_write+0x18/0x20 [ 227.241912] ? do_raw_spin_lock+0x132/0x2a0 [ 227.242327] ? __pfx_do_exit+0x10/0x10 [ 227.242729] ? debug_smp_processor_id+0x20/0x30 [ 227.243182] ? rcu_is_watching+0x19/0xb0 [ 227.243565] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.243991] ? trace_hardirqs_on+0x26/0x120 [ 227.244395] do_group_exit+0xe0/0x2b0 [ 227.244752] __x64_sys_exit_group+0x47/0x50 [ 227.245151] do_syscall_64+0x3b/0x90 [ 227.245504] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.245997] RIP: 0033:0x7f4b87518a4d [ 227.246342] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.246928] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.247651] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.248313] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.248975] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.249636] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.250297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.250993] [ 227.251235] irq event stamp: 0 [ 227.251534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.252122] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.252902] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.253675] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.254252] ---[ end trace 0000000000000000 ]--- [ 227.261574] ------------[ cut here ]------------ [ 227.262247] WARNING: CPU: 1 PID: 2174 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.263697] Modules linked in: [ 227.264177] CPU: 1 PID: 2174 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.265247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.266810] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.267458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.269901] RSP: 0018:ffff88800f79fbb8 EFLAGS: 00010246 [ 227.270668] RAX: 0000000000000000 RBX: ffff888011d9c8a8 RCX: 0000000000000000 [ 227.271563] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 227.272599] RBP: ffff88800f79fbd0 R08: ffffed10023b3933 R09: ffffed10023b3933 [ 227.273480] R10: ffff888011d9c993 R11: ffffed10023b3932 R12: ffff888010e07c00 [ 227.274608] R13: ffff888011d9c9e8 R14: ffffffff8352e670 R15: ffff88800f79fe68 [ 227.275530] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.276729] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.277452] CR2: 00007f4b877410e8 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 227.278362] PKRU: 55555554 [ 227.278899] Call Trace: [ 227.279258] [ 227.279552] __iommufd_access_detach+0x1c2/0x2b0 [ 227.280170] iommufd_access_change_pt+0x149/0x270 [ 227.280990] iommufd_access_replace+0xb4/0x120 [ 227.281592] iommufd_test+0x3e5/0x37e0 [ 227.282092] ? lock_release+0x532/0x770 [ 227.282699] ? __might_fault+0x102/0x1b0 [ 227.283343] ? lock_acquire+0x427/0x4c0 [ 227.283873] ? __pfx_iommufd_test+0x10/0x10 [ 227.284425] ? __pfx_lock_release+0x10/0x10 [ 227.285069] ? __pfx_lock_acquire+0x10/0x10 [ 227.285641] ? write_comp_data+0x2f/0x90 [ 227.286157] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.286831] ? write_comp_data+0x2f/0x90 [ 227.287462] iommufd_fops_ioctl+0x37d/0x510 [ 227.288011] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.288619] ? write_comp_data+0x2f/0x90 [ 227.289312] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.289910] __x64_sys_ioctl+0x1a3/0x230 [ 227.290425] do_syscall_64+0x3b/0x90 [ 227.290942] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.291787] RIP: 0033:0x7f4b8743ee5d [ 227.292257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.294498] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.295591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.296469] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.297511] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.298378] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.299415] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.300359] [ 227.300654] irq event stamp: 0 [ 227.301046] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.302011] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.303090] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.304183] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.305014] ---[ end trace 0000000000000000 ]--- [ 227.310329] ------------[ cut here ]------------ [ 227.311017] WARNING: CPU: 1 PID: 2174 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.312320] Modules linked in: [ 227.312753] CPU: 1 PID: 2174 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.313873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.315395] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.316060] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.318375] RSP: 0018:ffff88800f79fbd0 EFLAGS: 00010246 [ 227.319156] RAX: 0000000000000000 RBX: ffff888011d9c8a8 RCX: 0000000000000000 [ 227.320082] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 227.320991] RBP: ffff88800f79fbe8 R08: ffffed10023b3933 R09: ffffed10023b3933 [ 227.321901] R10: ffff888011d9c993 R11: ffffed10023b3932 R12: ffff888013e25400 [ 227.322877] R13: ffff888011d9c9e8 R14: ffff88802084d300 R15: 0000000000000000 [ 227.323738] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.324501] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.325050] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.325711] PKRU: 55555554 [ 227.325976] Call Trace: [ 227.326213] [ 227.326424] iommufd_access_destroy_object+0x65/0x170 [ 227.326948] iommufd_object_destroy_user+0x18e/0x220 [ 227.327462] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.328010] iommufd_access_destroy+0x43/0x70 [ 227.328444] iommufd_test_staccess_release+0x8d/0xd0 [ 227.328931] __fput+0x26d/0xa40 [ 227.329253] ____fput+0x1e/0x30 [ 227.329574] task_work_run+0x1a4/0x2d0 [ 227.329954] ? __pfx_task_work_run+0x10/0x10 [ 227.330372] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.330862] ? switch_task_namespaces+0xa9/0xe0 [ 227.331330] do_exit+0xb17/0x2ef0 [ 227.331659] ? lock_acquire+0x427/0x4c0 [ 227.332043] ? __pfx_lock_release+0x10/0x10 [ 227.332459] ? __kasan_check_write+0x18/0x20 [ 227.332878] ? do_raw_spin_lock+0x132/0x2a0 [ 227.333284] ? __pfx_do_exit+0x10/0x10 [ 227.333668] ? debug_smp_processor_id+0x20/0x30 [ 227.334114] ? rcu_is_watching+0x19/0xb0 [ 227.334542] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.334985] ? trace_hardirqs_on+0x26/0x120 [ 227.335425] do_group_exit+0xe0/0x2b0 [ 227.335790] __x64_sys_exit_group+0x47/0x50 [ 227.336197] do_syscall_64+0x3b/0x90 [ 227.336555] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.337052] RIP: 0033:0x7f4b87518a4d [ 227.337413] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.337990] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.338736] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.339437] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.340117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.340796] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.341461] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.342140] [ 227.342367] irq event stamp: 0 [ 227.342691] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.343300] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.344090] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.344878] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.345467] ---[ end trace 0000000000000000 ]--- [ 227.346292] ------------[ cut here ]------------ [ 227.346789] WARNING: CPU: 1 PID: 2174 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.347770] Modules linked in: [ 227.348075] CPU: 1 PID: 2174 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.348897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.349961] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.350452] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.352390] RSP: 0018:ffff88800f79fb78 EFLAGS: 00010246 [ 227.352897] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.353560] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 227.354228] RBP: ffff88800f79fb98 R08: ffffed10023b393e R09: ffffed10023b393e [ 227.354918] R10: ffff888011d9c9ef R11: ffffed10023b393d R12: ffff888011d9ca90 [ 227.355599] R13: ffff888011d9c8a8 R14: ffffffffffffffff R15: ffff88800f79fc60 [ 227.356267] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.357020] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.357575] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.358255] PKRU: 55555554 [ 227.358550] Call Trace: [ 227.358796] [ 227.359012] iommufd_ioas_destroy+0x53/0x70 [ 227.359442] iommufd_fops_release+0x1f7/0x370 [ 227.359872] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.360341] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.360805] ? write_comp_data+0x2f/0x90 [ 227.361197] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.361666] __fput+0x26d/0xa40 [ 227.361993] ____fput+0x1e/0x30 [ 227.362311] task_work_run+0x1a4/0x2d0 [ 227.362723] ? __pfx_task_work_run+0x10/0x10 [ 227.363153] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.363613] ? switch_task_namespaces+0xa9/0xe0 [ 227.364066] do_exit+0xb17/0x2ef0 [ 227.364402] ? lock_acquire+0x427/0x4c0 [ 227.364794] ? __pfx_lock_release+0x10/0x10 [ 227.365213] ? __kasan_check_write+0x18/0x20 [ 227.365631] ? do_raw_spin_lock+0x132/0x2a0 [ 227.366042] ? __pfx_do_exit+0x10/0x10 [ 227.366417] ? debug_smp_processor_id+0x20/0x30 [ 227.366875] ? rcu_is_watching+0x19/0xb0 [ 227.367291] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.367721] ? trace_hardirqs_on+0x26/0x120 [ 227.368131] do_group_exit+0xe0/0x2b0 [ 227.368491] __x64_sys_exit_group+0x47/0x50 [ 227.368888] do_syscall_64+0x3b/0x90 [ 227.369247] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.369736] RIP: 0033:0x7f4b87518a4d [ 227.370078] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.370669] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.371409] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.372064] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.372725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.373379] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.374034] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.374723] [ 227.374944] irq event stamp: 0 [ 227.375256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.375847] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.376629] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.377397] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.377977] ---[ end trace 0000000000000000 ]--- [ 227.383298] ------------[ cut here ]------------ [ 227.383794] WARNING: CPU: 1 PID: 2175 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.384735] Modules linked in: [ 227.385029] CPU: 1 PID: 2175 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.385831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.386917] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.387405] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.389072] RSP: 0018:ffff888015ddfbb8 EFLAGS: 00010246 [ 227.389562] RAX: 0000000000000000 RBX: ffff8880244ef0a8 RCX: 0000000000000000 [ 227.390220] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 227.390896] RBP: ffff888015ddfbd0 R08: ffffed100489de33 R09: ffffed100489de33 [ 227.391569] R10: ffff8880244ef193 R11: ffffed100489de32 R12: ffff88800ae93800 [ 227.392234] R13: ffff8880244ef1e8 R14: ffffffff8352e670 R15: ffff888015ddfe68 [ 227.392894] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.393637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.394185] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 227.394870] PKRU: 55555554 [ 227.395146] Call Trace: [ 227.395386] [ 227.395595] __iommufd_access_detach+0x1c2/0x2b0 [ 227.396046] iommufd_access_change_pt+0x149/0x270 [ 227.396505] iommufd_access_replace+0xb4/0x120 [ 227.396939] iommufd_test+0x3e5/0x37e0 [ 227.397299] ? lock_release+0x532/0x770 [ 227.397678] ? __might_fault+0x102/0x1b0 [ 227.398057] ? lock_acquire+0x427/0x4c0 [ 227.398431] ? __pfx_iommufd_test+0x10/0x10 [ 227.398850] ? __pfx_lock_release+0x10/0x10 [ 227.399271] ? __pfx_lock_acquire+0x10/0x10 [ 227.399686] ? write_comp_data+0x2f/0x90 [ 227.400078] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.400530] ? write_comp_data+0x2f/0x90 [ 227.400919] iommufd_fops_ioctl+0x37d/0x510 [ 227.401330] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.401792] ? write_comp_data+0x2f/0x90 [ 227.402189] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.402669] __x64_sys_ioctl+0x1a3/0x230 [ 227.403060] do_syscall_64+0x3b/0x90 [ 227.403450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.403942] RIP: 0033:0x7f4b8743ee5d [ 227.404289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.405966] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.406689] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.407360] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.408016] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.408676] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.409337] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.409998] [ 227.410217] irq event stamp: 0 [ 227.410536] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.411146] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.411925] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.412763] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.413414] ---[ end trace 0000000000000000 ]--- [ 227.416421] ------------[ cut here ]------------ [ 227.416898] WARNING: CPU: 1 PID: 2175 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.417852] Modules linked in: [ 227.418134] CPU: 1 PID: 2175 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.418952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.420090] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.420526] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.422223] RSP: 0018:ffff888015ddfbd0 EFLAGS: 00010246 [ 227.422724] RAX: 0000000000000000 RBX: ffff8880244ef0a8 RCX: 0000000000000000 [ 227.423359] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 227.424102] RBP: ffff888015ddfbe8 R08: ffffed100489de33 R09: ffffed100489de33 [ 227.424718] R10: ffff8880244ef193 R11: ffffed100489de32 R12: ffff888010e05400 [ 227.425333] R13: ffff8880244ef1e8 R14: ffff888012245500 R15: 0000000000000000 [ 227.426100] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.426832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.427354] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.427982] PKRU: 55555554 [ 227.428334] Call Trace: [ 227.428643] [ 227.428854] iommufd_access_destroy_object+0x65/0x170 [ 227.429340] iommufd_object_destroy_user+0x18e/0x220 [ 227.429816] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.430454] iommufd_access_destroy+0x43/0x70 [ 227.430972] iommufd_test_staccess_release+0x8d/0xd0 [ 227.431474] __fput+0x26d/0xa40 [ 227.431805] ____fput+0x1e/0x30 [ 227.432124] task_work_run+0x1a4/0x2d0 [ 227.432497] ? __pfx_task_work_run+0x10/0x10 [ 227.433015] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.433507] ? switch_task_namespaces+0xa9/0xe0 [ 227.433953] do_exit+0xb17/0x2ef0 [ 227.434284] ? lock_acquire+0x427/0x4c0 [ 227.434693] ? __pfx_lock_release+0x10/0x10 [ 227.435105] ? __kasan_check_write+0x18/0x20 [ 227.435687] ? do_raw_spin_lock+0x132/0x2a0 [ 227.436091] ? __pfx_do_exit+0x10/0x10 [ 227.436461] ? debug_smp_processor_id+0x20/0x30 [ 227.436902] ? rcu_is_watching+0x19/0xb0 [ 227.437293] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.437843] ? trace_hardirqs_on+0x26/0x120 [ 227.438250] do_group_exit+0xe0/0x2b0 [ 227.438634] __x64_sys_exit_group+0x47/0x50 [ 227.439038] do_syscall_64+0x3b/0x90 [ 227.439409] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.439990] RIP: 0033:0x7f4b87518a4d [ 227.440403] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.440973] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.441680] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.442481] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.443188] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.443850] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.444650] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.445317] [ 227.445540] irq event stamp: 0 [ 227.445833] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.446489] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.447382] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.448161] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.448787] ---[ end trace 0000000000000000 ]--- [ 227.449686] ------------[ cut here ]------------ [ 227.450130] WARNING: CPU: 1 PID: 2175 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.451219] Modules linked in: [ 227.451593] CPU: 1 PID: 2175 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.452395] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.453476] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.454047] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.455898] RSP: 0018:ffff888015ddfb78 EFLAGS: 00010246 [ 227.456402] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.457057] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 227.457749] RBP: ffff888015ddfb98 R08: ffffed100489de3e R09: ffffed100489de3e [ 227.458574] R10: ffff8880244ef1ef R11: ffffed100489de3d R12: ffff8880244ef290 [ 227.459260] R13: ffff8880244ef0a8 R14: ffffffffffffffff R15: ffff888015ddfc60 [ 227.459935] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.460844] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.461389] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.462061] PKRU: 55555554 [ 227.462355] Call Trace: [ 227.462728] [ 227.462950] iommufd_ioas_destroy+0x53/0x70 [ 227.463386] iommufd_fops_release+0x1f7/0x370 [ 227.463819] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.464295] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.464767] ? write_comp_data+0x2f/0x90 [ 227.465295] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.465780] __fput+0x26d/0xa40 [ 227.466110] ____fput+0x1e/0x30 [ 227.466435] task_work_run+0x1a4/0x2d0 [ 227.466850] ? __pfx_task_work_run+0x10/0x10 [ 227.467300] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.467912] ? switch_task_namespaces+0xa9/0xe0 [ 227.468366] do_exit+0xb17/0x2ef0 [ 227.468699] ? lock_acquire+0x427/0x4c0 [ 227.469093] ? __pfx_lock_release+0x10/0x10 [ 227.469507] ? __kasan_check_write+0x18/0x20 [ 227.470065] ? do_raw_spin_lock+0x132/0x2a0 [ 227.470487] ? __pfx_do_exit+0x10/0x10 [ 227.470903] ? debug_smp_processor_id+0x20/0x30 [ 227.471366] ? rcu_is_watching+0x19/0xb0 [ 227.471749] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.472215] ? trace_hardirqs_on+0x26/0x120 [ 227.472741] do_group_exit+0xe0/0x2b0 [ 227.473106] __x64_sys_exit_group+0x47/0x50 [ 227.473509] do_syscall_64+0x3b/0x90 [ 227.473869] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.474363] RIP: 0033:0x7f4b87518a4d [ 227.474739] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.475323] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.476033] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.476699] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.477366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.478027] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.478717] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.479402] [ 227.479623] irq event stamp: 0 [ 227.479916] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.480503] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.481289] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.482071] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.482683] ---[ end trace 0000000000000000 ]--- [ 227.487113] ------------[ cut here ]------------ [ 227.487652] WARNING: CPU: 1 PID: 2176 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.488585] Modules linked in: [ 227.488883] CPU: 1 PID: 2176 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.489709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.490824] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.491307] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.492986] RSP: 0018:ffff88801624fbb8 EFLAGS: 00010246 [ 227.493479] RAX: 0000000000000000 RBX: ffff88800b9f80a8 RCX: 0000000000000000 [ 227.494143] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 227.494807] RBP: ffff88801624fbd0 R08: ffffed100173f033 R09: ffffed100173f033 [ 227.495472] R10: ffff88800b9f8193 R11: ffffed100173f032 R12: ffff8880129c7000 [ 227.496130] R13: ffff88800b9f81e8 R14: ffffffff8352e670 R15: ffff88801624fe68 [ 227.496777] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.497510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.498039] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 227.498721] PKRU: 55555554 [ 227.498985] Call Trace: [ 227.499244] [ 227.499452] __iommufd_access_detach+0x1c2/0x2b0 [ 227.499892] iommufd_access_change_pt+0x149/0x270 [ 227.500318] iommufd_access_replace+0xb4/0x120 [ 227.500727] iommufd_test+0x3e5/0x37e0 [ 227.501063] ? lock_release+0x532/0x770 [ 227.501419] ? __might_fault+0x102/0x1b0 [ 227.501780] ? lock_acquire+0x427/0x4c0 [ 227.502131] ? __pfx_iommufd_test+0x10/0x10 [ 227.502500] ? __pfx_lock_release+0x10/0x10 [ 227.502902] ? __pfx_lock_acquire+0x10/0x10 [ 227.503295] ? write_comp_data+0x2f/0x90 [ 227.503658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.504090] ? write_comp_data+0x2f/0x90 [ 227.504455] iommufd_fops_ioctl+0x37d/0x510 [ 227.504833] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.505262] ? write_comp_data+0x2f/0x90 [ 227.505626] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.506045] __x64_sys_ioctl+0x1a3/0x230 [ 227.506410] do_syscall_64+0x3b/0x90 [ 227.506767] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.507237] RIP: 0033:0x7f4b8743ee5d [ 227.507563] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.509130] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.509784] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.510393] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.511027] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.511649] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.512256] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.512874] [ 227.513078] irq event stamp: 0 [ 227.513351] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.513901] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.514637] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.515362] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.515914] ---[ end trace 0000000000000000 ]--- [ 227.518859] ------------[ cut here ]------------ [ 227.519308] WARNING: CPU: 1 PID: 2176 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.520178] Modules linked in: [ 227.520458] CPU: 1 PID: 2176 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.521204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.522101] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.522498] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.523997] RSP: 0018:ffff88801624fbd0 EFLAGS: 00010246 [ 227.524426] RAX: 0000000000000000 RBX: ffff88800b9f80a8 RCX: 0000000000000000 [ 227.525000] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 227.525573] RBP: ffff88801624fbe8 R08: ffffed100173f033 R09: ffffed100173f033 [ 227.526147] R10: ffff88800b9f8193 R11: ffffed100173f032 R12: ffff88800ae92000 [ 227.526739] R13: ffff88800b9f81e8 R14: ffff8880104c0100 R15: 0000000000000000 [ 227.527326] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.527975] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.528445] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.529022] PKRU: 55555554 [ 227.529253] Call Trace: [ 227.529461] [ 227.529644] iommufd_access_destroy_object+0x65/0x170 [ 227.530064] iommufd_object_destroy_user+0x18e/0x220 [ 227.530478] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.530976] iommufd_access_destroy+0x43/0x70 [ 227.531367] iommufd_test_staccess_release+0x8d/0xd0 [ 227.531787] __fput+0x26d/0xa40 [ 227.532071] ____fput+0x1e/0x30 [ 227.532349] task_work_run+0x1a4/0x2d0 [ 227.532672] ? __pfx_task_work_run+0x10/0x10 [ 227.533035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.533438] ? switch_task_namespaces+0xa9/0xe0 [ 227.533830] do_exit+0xb17/0x2ef0 [ 227.534113] ? lock_acquire+0x427/0x4c0 [ 227.534446] ? __pfx_lock_release+0x10/0x10 [ 227.534821] ? __kasan_check_write+0x18/0x20 [ 227.535198] ? do_raw_spin_lock+0x132/0x2a0 [ 227.535557] ? __pfx_do_exit+0x10/0x10 [ 227.535890] ? debug_smp_processor_id+0x20/0x30 [ 227.536281] ? rcu_is_watching+0x19/0xb0 [ 227.536617] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.536995] ? trace_hardirqs_on+0x26/0x120 [ 227.537362] do_group_exit+0xe0/0x2b0 [ 227.537679] __x64_sys_exit_group+0x47/0x50 [ 227.538029] do_syscall_64+0x3b/0x90 [ 227.538343] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.538793] RIP: 0033:0x7f4b87518a4d [ 227.539098] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.539609] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.540223] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.540796] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.541369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.541939] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.542539] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.543131] [ 227.543320] irq event stamp: 0 [ 227.543575] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.544082] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.544758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.545427] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.545939] ---[ end trace 0000000000000000 ]--- [ 227.546690] ------------[ cut here ]------------ [ 227.547072] WARNING: CPU: 1 PID: 2176 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.547906] Modules linked in: [ 227.548172] CPU: 1 PID: 2176 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.548860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.549761] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.550181] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.551871] RSP: 0018:ffff88801624fb78 EFLAGS: 00010246 [ 227.552308] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.552878] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 227.553448] RBP: ffff88801624fb98 R08: ffffed100173f03e R09: ffffed100173f03e [ 227.554020] R10: ffff88800b9f81ef R11: ffffed100173f03d R12: ffff88800b9f8290 [ 227.554607] R13: ffff88800b9f80a8 R14: ffffffffffffffff R15: ffff88801624fc60 [ 227.555180] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.555813] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.556270] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.556842] PKRU: 55555554 [ 227.557071] Call Trace: [ 227.557277] [ 227.557463] iommufd_ioas_destroy+0x53/0x70 [ 227.557817] iommufd_fops_release+0x1f7/0x370 [ 227.558187] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.558617] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.559017] ? write_comp_data+0x2f/0x90 [ 227.559365] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.559772] __fput+0x26d/0xa40 [ 227.560054] ____fput+0x1e/0x30 [ 227.560330] task_work_run+0x1a4/0x2d0 [ 227.560653] ? __pfx_task_work_run+0x10/0x10 [ 227.561013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.561415] ? switch_task_namespaces+0xa9/0xe0 [ 227.561800] do_exit+0xb17/0x2ef0 [ 227.562080] ? lock_acquire+0x427/0x4c0 [ 227.562411] ? __pfx_lock_release+0x10/0x10 [ 227.562790] ? __kasan_check_write+0x18/0x20 [ 227.563177] ? do_raw_spin_lock+0x132/0x2a0 [ 227.563530] ? __pfx_do_exit+0x10/0x10 [ 227.563853] ? debug_smp_processor_id+0x20/0x30 [ 227.564222] ? rcu_is_watching+0x19/0xb0 [ 227.564547] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.564905] ? trace_hardirqs_on+0x26/0x120 [ 227.565251] do_group_exit+0xe0/0x2b0 [ 227.565551] __x64_sys_exit_group+0x47/0x50 [ 227.565890] do_syscall_64+0x3b/0x90 [ 227.566189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.566617] RIP: 0033:0x7f4b87518a4d [ 227.566911] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.567408] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.568006] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.568561] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.569114] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.569673] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.570227] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.570817] [ 227.571005] irq event stamp: 0 [ 227.571263] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.571756] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.572407] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.573043] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.573525] ---[ end trace 0000000000000000 ]--- [ 227.577550] ------------[ cut here ]------------ [ 227.577943] WARNING: CPU: 1 PID: 2177 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.578813] Modules linked in: [ 227.579065] CPU: 1 PID: 2177 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.579759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.580617] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.581002] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.582410] RSP: 0018:ffff88800f767bb8 EFLAGS: 00010246 [ 227.582846] RAX: 0000000000000000 RBX: ffff888015ddc0a8 RCX: 0000000000000000 [ 227.583405] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 227.583954] RBP: ffff88800f767bd0 R08: ffffed1002bbb833 R09: ffffed1002bbb833 [ 227.584508] R10: ffff888015ddc193 R11: ffffed1002bbb832 R12: ffff88800fd80800 [ 227.585062] R13: ffff888015ddc1e8 R14: ffffffff8352e670 R15: ffff88800f767e68 [ 227.585612] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.586236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.586711] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 227.587285] PKRU: 55555554 [ 227.587508] Call Trace: [ 227.587711] [ 227.587891] __iommufd_access_detach+0x1c2/0x2b0 [ 227.588278] iommufd_access_change_pt+0x149/0x270 [ 227.588682] iommufd_access_replace+0xb4/0x120 [ 227.589052] iommufd_test+0x3e5/0x37e0 [ 227.589358] ? lock_release+0x532/0x770 [ 227.589678] ? __might_fault+0x102/0x1b0 [ 227.590000] ? lock_acquire+0x427/0x4c0 [ 227.590319] ? __pfx_iommufd_test+0x10/0x10 [ 227.590673] ? __pfx_lock_release+0x10/0x10 [ 227.591018] ? __pfx_lock_acquire+0x10/0x10 [ 227.591373] ? write_comp_data+0x2f/0x90 [ 227.591701] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.592084] ? write_comp_data+0x2f/0x90 [ 227.592410] iommufd_fops_ioctl+0x37d/0x510 [ 227.592747] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.593134] ? write_comp_data+0x2f/0x90 [ 227.593456] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.593832] __x64_sys_ioctl+0x1a3/0x230 [ 227.594157] do_syscall_64+0x3b/0x90 [ 227.594455] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.594879] RIP: 0033:0x7f4b8743ee5d [ 227.595173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.596575] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.597162] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.597710] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.598252] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.598816] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.599372] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.599925] [ 227.600108] irq event stamp: 0 [ 227.600354] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.600835] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.601475] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.602114] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.602619] ---[ end trace 0000000000000000 ]--- [ 227.605473] ------------[ cut here ]------------ [ 227.605867] WARNING: CPU: 1 PID: 2177 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.606672] Modules linked in: [ 227.606923] CPU: 1 PID: 2177 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.607607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.608460] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.608841] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.610224] RSP: 0018:ffff88800f767bd0 EFLAGS: 00010246 [ 227.610652] RAX: 0000000000000000 RBX: ffff888015ddc0a8 RCX: 0000000000000000 [ 227.611205] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 227.611748] RBP: ffff88800f767be8 R08: ffffed1002bbb833 R09: ffffed1002bbb833 [ 227.612290] R10: ffff888015ddc193 R11: ffffed1002bbb832 R12: ffff8880129c7400 [ 227.612838] R13: ffff888015ddc1e8 R14: ffff888012152500 R15: 0000000000000000 [ 227.613374] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.613986] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.614430] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.614996] PKRU: 55555554 [ 227.615228] Call Trace: [ 227.615429] [ 227.615616] iommufd_access_destroy_object+0x65/0x170 [ 227.616029] iommufd_object_destroy_user+0x18e/0x220 [ 227.616424] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.616876] iommufd_access_destroy+0x43/0x70 [ 227.617230] iommufd_test_staccess_release+0x8d/0xd0 [ 227.617625] __fput+0x26d/0xa40 [ 227.617893] ____fput+0x1e/0x30 [ 227.618156] task_work_run+0x1a4/0x2d0 [ 227.618464] ? __pfx_task_work_run+0x10/0x10 [ 227.618829] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.619218] ? switch_task_namespaces+0xa9/0xe0 [ 227.619593] do_exit+0xb17/0x2ef0 [ 227.619863] ? lock_acquire+0x427/0x4c0 [ 227.620184] ? __pfx_lock_release+0x10/0x10 [ 227.620528] ? __kasan_check_write+0x18/0x20 [ 227.620873] ? do_raw_spin_lock+0x132/0x2a0 [ 227.621214] ? __pfx_do_exit+0x10/0x10 [ 227.621524] ? debug_smp_processor_id+0x20/0x30 [ 227.621887] ? rcu_is_watching+0x19/0xb0 [ 227.622206] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.622582] ? trace_hardirqs_on+0x26/0x120 [ 227.622927] do_group_exit+0xe0/0x2b0 [ 227.623237] __x64_sys_exit_group+0x47/0x50 [ 227.623570] do_syscall_64+0x3b/0x90 [ 227.623865] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.624270] RIP: 0033:0x7f4b87518a4d [ 227.624555] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.625022] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.625605] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.626150] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.626721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.627287] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.627836] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.628385] [ 227.628568] irq event stamp: 0 [ 227.628809] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.629291] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.629932] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.630588] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.631070] ---[ end trace 0000000000000000 ]--- [ 227.631764] ------------[ cut here ]------------ [ 227.632126] WARNING: CPU: 1 PID: 2177 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.632901] Modules linked in: [ 227.633148] CPU: 1 PID: 2177 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.633819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.634702] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.635098] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.636497] RSP: 0018:ffff88800f767b78 EFLAGS: 00010246 [ 227.636911] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.637460] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 227.638004] RBP: ffff88800f767b98 R08: ffffed1002bbb83e R09: ffffed1002bbb83e [ 227.638577] R10: ffff888015ddc1ef R11: ffffed1002bbb83d R12: ffff888015ddc290 [ 227.639128] R13: ffff888015ddc0a8 R14: ffffffffffffffff R15: ffff88800f767c60 [ 227.639673] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.640292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.640732] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.641274] PKRU: 55555554 [ 227.641493] Call Trace: [ 227.641693] [ 227.641870] iommufd_ioas_destroy+0x53/0x70 [ 227.642209] iommufd_fops_release+0x1f7/0x370 [ 227.642586] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.642974] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.643365] ? write_comp_data+0x2f/0x90 [ 227.643686] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.644071] __fput+0x26d/0xa40 [ 227.644341] ____fput+0x1e/0x30 [ 227.644602] task_work_run+0x1a4/0x2d0 [ 227.644910] ? __pfx_task_work_run+0x10/0x10 [ 227.645252] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.645636] ? switch_task_namespaces+0xa9/0xe0 [ 227.646003] do_exit+0xb17/0x2ef0 [ 227.646272] ? lock_acquire+0x427/0x4c0 [ 227.646606] ? __pfx_lock_release+0x10/0x10 [ 227.646948] ? __kasan_check_write+0x18/0x20 [ 227.647311] ? do_raw_spin_lock+0x132/0x2a0 [ 227.647651] ? __pfx_do_exit+0x10/0x10 [ 227.647962] ? debug_smp_processor_id+0x20/0x30 [ 227.648326] ? rcu_is_watching+0x19/0xb0 [ 227.648643] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.648997] ? trace_hardirqs_on+0x26/0x120 [ 227.649336] do_group_exit+0xe0/0x2b0 [ 227.649632] __x64_sys_exit_group+0x47/0x50 [ 227.649963] do_syscall_64+0x3b/0x90 [ 227.650257] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.650684] RIP: 0033:0x7f4b87518a4d [ 227.650973] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.651125] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 227.651450] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.653251] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 227.653793] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.655579] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.656120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.656659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.657197] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.657746] [ 227.657924] irq event stamp: 0 [ 227.658165] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.658658] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.659302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.659936] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.660413] ---[ end trace 0000000000000000 ]--- [ 227.664229] ------------[ cut here ]------------ [ 227.664667] WARNING: CPU: 0 PID: 2178 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.665547] Modules linked in: [ 227.665828] CPU: 0 PID: 2178 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.666609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.667588] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.668018] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.669595] RSP: 0018:ffff888016307bb8 EFLAGS: 00010246 [ 227.670052] RAX: 0000000000000000 RBX: ffff88800eacb8a8 RCX: 0000000000000000 [ 227.670697] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 227.671321] RBP: ffff888016307bd0 R08: ffffed1001d59733 R09: ffffed1001d59733 [ 227.671934] R10: ffff88800eacb993 R11: ffffed1001d59732 R12: ffff888018afd000 [ 227.672545] R13: ffff88800eacb9e8 R14: ffffffff8352e670 R15: ffff888016307e68 [ 227.673162] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.673856] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.674359] CR2: 00007f4b877410e8 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 227.675002] PKRU: 55555554 [ 227.675263] Call Trace: [ 227.675490] [ 227.675689] __iommufd_access_detach+0x1c2/0x2b0 [ 227.676115] iommufd_access_change_pt+0x149/0x270 [ 227.676543] iommufd_access_replace+0xb4/0x120 [ 227.677019] iommufd_test+0x3e5/0x37e0 [ 227.677358] ? lock_release+0x532/0x770 [ 227.677710] ? __might_fault+0x102/0x1b0 [ 227.678067] ? lock_acquire+0x427/0x4c0 [ 227.678421] ? __pfx_iommufd_test+0x10/0x10 [ 227.678821] ? __pfx_lock_release+0x10/0x10 [ 227.679215] ? __pfx_lock_acquire+0x10/0x10 [ 227.679604] ? write_comp_data+0x2f/0x90 [ 227.679969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.680397] ? write_comp_data+0x2f/0x90 [ 227.680759] iommufd_fops_ioctl+0x37d/0x510 [ 227.681140] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.681576] ? write_comp_data+0x2f/0x90 [ 227.681944] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.682371] __x64_sys_ioctl+0x1a3/0x230 [ 227.682759] do_syscall_64+0x3b/0x90 [ 227.683097] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.683567] RIP: 0033:0x7f4b8743ee5d [ 227.683893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.685467] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.686127] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.686768] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.687389] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.688007] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.688625] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.689247] [ 227.689454] irq event stamp: 0 [ 227.689727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.690270] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.691011] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.691740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.692286] ---[ end trace 0000000000000000 ]--- [ 227.696922] ------------[ cut here ]------------ [ 227.697332] WARNING: CPU: 1 PID: 2178 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.698106] Modules linked in: [ 227.698352] CPU: 1 PID: 2178 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.699201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.700056] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.700439] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.701969] RSP: 0018:ffff888016307bd0 EFLAGS: 00010246 [ 227.702379] RAX: 0000000000000000 RBX: ffff88800eacb8a8 RCX: 0000000000000000 [ 227.702935] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 227.703506] RBP: ffff888016307be8 R08: ffffed1001d59733 R09: ffffed1001d59733 [ 227.704176] R10: ffff88800eacb993 R11: ffffed1001d59732 R12: ffff888012e92800 [ 227.704718] R13: ffff88800eacb9e8 R14: ffff888013dd1f00 R15: 0000000000000000 [ 227.705264] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.705904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.706424] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 227.706987] PKRU: 55555554 [ 227.707220] Call Trace: [ 227.707418] [ 227.707593] iommufd_access_destroy_object+0x65/0x170 [ 227.707995] iommufd_object_destroy_user+0x18e/0x220 [ 227.708439] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.708948] iommufd_access_destroy+0x43/0x70 [ 227.709315] iommufd_test_staccess_release+0x8d/0xd0 [ 227.709734] __fput+0x26d/0xa40 [ 227.710017] ____fput+0x1e/0x30 [ 227.710294] task_work_run+0x1a4/0x2d0 [ 227.710639] ? __pfx_task_work_run+0x10/0x10 [ 227.711071] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.711526] ? switch_task_namespaces+0xa9/0xe0 [ 227.711913] do_exit+0xb17/0x2ef0 [ 227.712198] ? lock_acquire+0x427/0x4c0 [ 227.712530] ? __pfx_lock_release+0x10/0x10 [ 227.712882] ? __kasan_check_write+0x18/0x20 [ 227.713243] ? do_raw_spin_lock+0x132/0x2a0 [ 227.713700] ? __pfx_do_exit+0x10/0x10 [ 227.714024] ? debug_smp_processor_id+0x20/0x30 [ 227.714399] ? rcu_is_watching+0x19/0xb0 [ 227.714744] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.715113] ? trace_hardirqs_on+0x26/0x120 [ 227.715481] do_group_exit+0xe0/0x2b0 [ 227.715810] __x64_sys_exit_group+0x47/0x50 [ 227.716209] do_syscall_64+0x3b/0x90 [ 227.716538] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.716960] RIP: 0033:0x7f4b87518a4d [ 227.717257] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.717748] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.718433] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.719074] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.719660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.720230] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.720799] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.721380] [ 227.721594] irq event stamp: 0 [ 227.721912] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.722475] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.723183] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.723843] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.724340] ---[ end trace 0000000000000000 ]--- [ 227.726871] ------------[ cut here ]------------ [ 227.727302] WARNING: CPU: 1 PID: 2178 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.728121] Modules linked in: [ 227.728387] CPU: 1 PID: 2178 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.729217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.730115] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.730588] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.732152] RSP: 0018:ffff888016307b78 EFLAGS: 00010246 [ 227.732577] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.733145] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 227.733714] RBP: ffff888016307b98 R08: ffffed1001d5973e R09: ffffed1001d5973e [ 227.734284] R10: ffff88800eacb9ef R11: ffffed1001d5973d R12: ffff88800eacba90 [ 227.734865] R13: ffff88800eacb8a8 R14: ffffffffffffffff R15: ffff888016307c60 [ 227.735569] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 227.736215] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.736684] CR2: 00007f82e2e7a2e0 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 227.737256] PKRU: 55555554 [ 227.737487] Call Trace: [ 227.737694] [ 227.737878] iommufd_ioas_destroy+0x53/0x70 [ 227.738315] iommufd_fops_release+0x1f7/0x370 [ 227.738766] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.739187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.739598] ? write_comp_data+0x2f/0x90 [ 227.739946] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.740358] __fput+0x26d/0xa40 [ 227.740644] ____fput+0x1e/0x30 [ 227.740934] task_work_run+0x1a4/0x2d0 [ 227.741262] ? __pfx_task_work_run+0x10/0x10 [ 227.741744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.742223] ? switch_task_namespaces+0xa9/0xe0 [ 227.742635] do_exit+0xb17/0x2ef0 [ 227.742924] ? lock_acquire+0x427/0x4c0 [ 227.743268] ? __pfx_lock_release+0x10/0x10 [ 227.743624] ? __kasan_check_write+0x18/0x20 [ 227.743986] ? do_raw_spin_lock+0x132/0x2a0 [ 227.744345] ? __pfx_do_exit+0x10/0x10 [ 227.744672] ? debug_smp_processor_id+0x20/0x30 [ 227.745172] ? rcu_is_watching+0x19/0xb0 [ 227.745506] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.745879] ? trace_hardirqs_on+0x26/0x120 [ 227.746235] do_group_exit+0xe0/0x2b0 [ 227.746567] __x64_sys_exit_group+0x47/0x50 [ 227.746919] do_syscall_64+0x3b/0x90 [ 227.747249] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.747680] RIP: 0033:0x7f4b87518a4d [ 227.748012] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.748636] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.749252] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.749825] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.750403] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.750998] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.751741] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.752327] [ 227.752520] irq event stamp: 0 [ 227.752776] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.753281] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.753954] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.754777] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.755316] ---[ end trace 0000000000000000 ]--- [ 227.763946] ------------[ cut here ]------------ [ 227.764740] WARNING: CPU: 0 PID: 2180 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.765950] Modules linked in: [ 227.766476] CPU: 0 PID: 2180 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.767528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.768727] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.769176] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.771016] RSP: 0018:ffff88800e967bb8 EFLAGS: 00010246 [ 227.771539] RAX: 0000000000000000 RBX: ffff8880181718a8 RCX: 0000000000000000 [ 227.772318] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 227.773016] RBP: ffff88800e967bd0 R08: ffffed100302e333 R09: ffffed100302e333 [ 227.773809] R10: ffff888018171993 R11: ffffed100302e332 R12: ffff888012e91800 [ 227.774453] R13: ffff8880181719e8 R14: ffffffff8352e670 R15: ffff88800e967e68 [ 227.775214] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.776080] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.776621] CR2: 00007f4b877410e8 CR3: 0000000013f92000 CR4: 0000000000750ef0 [ 227.777461] PKRU: 55555554 [ 227.777726] Call Trace: [ 227.777963] [ 227.778171] __iommufd_access_detach+0x1c2/0x2b0 [ 227.778653] iommufd_access_change_pt+0x149/0x270 [ 227.779114] iommufd_access_replace+0xb4/0x120 [ 227.779754] iommufd_test+0x3e5/0x37e0 [ 227.780121] ? lock_release+0x532/0x770 [ 227.780503] ? __might_fault+0x102/0x1b0 [ 227.780888] ? lock_acquire+0x427/0x4c0 [ 227.781345] ? __pfx_iommufd_test+0x10/0x10 [ 227.781874] ? __pfx_lock_release+0x10/0x10 [ 227.782306] ? __pfx_lock_acquire+0x10/0x10 [ 227.782758] ? write_comp_data+0x2f/0x90 [ 227.783172] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.783823] ? write_comp_data+0x2f/0x90 [ 227.784222] iommufd_fops_ioctl+0x37d/0x510 [ 227.784643] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.785134] ? write_comp_data+0x2f/0x90 [ 227.785693] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.786164] __x64_sys_ioctl+0x1a3/0x230 [ 227.786589] do_syscall_64+0x3b/0x90 [ 227.786957] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.787533] RIP: 0033:0x7f4b8743ee5d [ 227.788047] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.789987] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.790738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.791502] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.792299] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.792973] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.793817] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.794532] [ 227.794759] irq event stamp: 0 [ 227.795063] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.795736] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.796648] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.797621] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.798219] ---[ end trace 0000000000000000 ]--- [ 227.801384] ------------[ cut here ]------------ [ 227.801973] WARNING: CPU: 0 PID: 2180 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.802964] Modules linked in: [ 227.803306] CPU: 0 PID: 2180 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.804284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.805593] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.806067] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.808005] RSP: 0018:ffff88800e967bd0 EFLAGS: 00010246 [ 227.808514] RAX: 0000000000000000 RBX: ffff8880181718a8 RCX: 0000000000000000 [ 227.809185] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 227.809860] RBP: ffff88800e967be8 R08: ffffed100302e333 R09: ffffed100302e333 [ 227.810550] R10: ffff888018171993 R11: ffffed100302e332 R12: ffff888018afc000 [ 227.811230] R13: ffff8880181719e8 R14: ffff888013eb4c00 R15: 0000000000000000 [ 227.811901] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.812663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.813206] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 227.813899] PKRU: 55555554 [ 227.814165] Call Trace: [ 227.814407] [ 227.814638] iommufd_access_destroy_object+0x65/0x170 [ 227.815153] iommufd_object_destroy_user+0x18e/0x220 [ 227.815648] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.816225] iommufd_access_destroy+0x43/0x70 [ 227.816671] iommufd_test_staccess_release+0x8d/0xd0 [ 227.817163] __fput+0x26d/0xa40 [ 227.817497] ____fput+0x1e/0x30 [ 227.817820] task_work_run+0x1a4/0x2d0 [ 227.818198] ? __pfx_task_work_run+0x10/0x10 [ 227.818647] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.819147] ? switch_task_namespaces+0xa9/0xe0 [ 227.819609] do_exit+0xb17/0x2ef0 [ 227.819939] ? lock_acquire+0x427/0x4c0 [ 227.820328] ? __pfx_lock_release+0x10/0x10 [ 227.820750] ? __kasan_check_write+0x18/0x20 [ 227.821176] ? do_raw_spin_lock+0x132/0x2a0 [ 227.821587] ? __pfx_do_exit+0x10/0x10 [ 227.821963] ? debug_smp_processor_id+0x20/0x30 [ 227.822409] ? rcu_is_watching+0x19/0xb0 [ 227.822819] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.823266] ? trace_hardirqs_on+0x26/0x120 [ 227.823686] do_group_exit+0xe0/0x2b0 [ 227.824053] __x64_sys_exit_group+0x47/0x50 [ 227.824465] do_syscall_64+0x3b/0x90 [ 227.824828] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.825327] RIP: 0033:0x7f4b87518a4d [ 227.825686] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.826272] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.827009] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.827691] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.828361] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.829032] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.829706] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.830390] [ 227.830637] irq event stamp: 0 [ 227.830939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.831545] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.832332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.833136] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.833728] ---[ end trace 0000000000000000 ]--- [ 227.834650] ------------[ cut here ]------------ [ 227.835308] WARNING: CPU: 0 PID: 2180 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.836284] Modules linked in: [ 227.836593] CPU: 0 PID: 2180 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.837717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.838987] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.839510] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.841432] RSP: 0018:ffff88800e967b78 EFLAGS: 00010246 [ 227.842128] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.842826] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 227.843518] RBP: ffff88800e967b98 R08: ffffed100302e33e R09: ffffed100302e33e [ 227.844384] R10: ffff8880181719ef R11: ffffed100302e33d R12: ffff888018171a90 [ 227.845059] R13: ffff8880181718a8 R14: ffffffffffffffff R15: ffff88800e967c60 [ 227.845766] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.846721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.847285] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 227.847979] PKRU: 55555554 [ 227.848430] Call Trace: [ 227.848676] [ 227.848892] iommufd_ioas_destroy+0x53/0x70 [ 227.849321] iommufd_fops_release+0x1f7/0x370 [ 227.849758] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.850302] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.850933] ? write_comp_data+0x2f/0x90 [ 227.851342] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.851821] __fput+0x26d/0xa40 [ 227.852150] ____fput+0x1e/0x30 [ 227.852494] task_work_run+0x1a4/0x2d0 [ 227.853034] ? __pfx_task_work_run+0x10/0x10 [ 227.853458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.853928] ? switch_task_namespaces+0xa9/0xe0 [ 227.854391] do_exit+0xb17/0x2ef0 [ 227.854969] ? lock_acquire+0x427/0x4c0 [ 227.855379] ? __pfx_lock_release+0x10/0x10 [ 227.855795] ? __kasan_check_write+0x18/0x20 [ 227.856219] ? do_raw_spin_lock+0x132/0x2a0 [ 227.856633] ? __pfx_do_exit+0x10/0x10 [ 227.857208] ? debug_smp_processor_id+0x20/0x30 [ 227.857668] ? rcu_is_watching+0x19/0xb0 [ 227.858056] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.858495] ? trace_hardirqs_on+0x26/0x120 [ 227.858941] do_group_exit+0xe0/0x2b0 [ 227.859490] __x64_sys_exit_group+0x47/0x50 [ 227.859907] do_syscall_64+0x3b/0x90 [ 227.860270] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.860770] RIP: 0033:0x7f4b87518a4d [ 227.861194] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.861873] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.862618] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.863340] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.864132] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.864808] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.865642] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.866325] [ 227.866580] irq event stamp: 0 [ 227.866888] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.867542] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.868450] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.869346] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.870060] ---[ end trace 0000000000000000 ]--- [ 227.875010] ------------[ cut here ]------------ [ 227.875698] WARNING: CPU: 0 PID: 2181 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.877182] Modules linked in: [ 227.877586] CPU: 0 PID: 2181 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.879056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.880693] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.881304] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.883725] RSP: 0018:ffff8880123dfbb8 EFLAGS: 00010246 [ 227.884568] RAX: 0000000000000000 RBX: ffff888011d9c0a8 RCX: 0000000000000000 [ 227.885418] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 227.886472] RBP: ffff8880123dfbd0 R08: ffffed10023b3833 R09: ffffed10023b3833 [ 227.887385] R10: ffff888011d9c193 R11: ffffed10023b3832 R12: ffff888013e25000 [ 227.888456] R13: ffff888011d9c1e8 R14: ffffffff8352e670 R15: ffff8880123dfe68 [ 227.889305] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.890455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.891206] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 227.892056] PKRU: 55555554 [ 227.892400] Call Trace: [ 227.892711] [ 227.892988] __iommufd_access_detach+0x1c2/0x2b0 [ 227.893582] iommufd_access_change_pt+0x149/0x270 [ 227.894181] iommufd_access_replace+0xb4/0x120 [ 227.894785] iommufd_test+0x3e5/0x37e0 [ 227.895274] ? lock_release+0x532/0x770 [ 227.895768] ? __might_fault+0x102/0x1b0 [ 227.896267] ? lock_acquire+0x427/0x4c0 [ 227.896761] ? __pfx_iommufd_test+0x10/0x10 [ 227.897275] ? __pfx_lock_release+0x10/0x10 [ 227.897807] ? __pfx_lock_acquire+0x10/0x10 [ 227.898339] ? write_comp_data+0x2f/0x90 [ 227.898928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.899562] ? write_comp_data+0x2f/0x90 [ 227.900072] iommufd_fops_ioctl+0x37d/0x510 [ 227.900595] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.901182] ? write_comp_data+0x2f/0x90 [ 227.901685] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 227.902267] __x64_sys_ioctl+0x1a3/0x230 [ 227.902812] do_syscall_64+0x3b/0x90 [ 227.903290] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.903925] RIP: 0033:0x7f4b8743ee5d [ 227.904429] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 227.906666] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 227.907751] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 227.908563] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 227.909560] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 227.910369] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 227.911217] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 227.912040] [ 227.912311] irq event stamp: 0 [ 227.912671] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.913378] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.914316] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.915295] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.916006] ---[ end trace 0000000000000000 ]--- [ 227.920466] ------------[ cut here ]------------ [ 227.921021] WARNING: CPU: 0 PID: 2181 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.922153] Modules linked in: [ 227.922600] CPU: 0 PID: 2181 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.923601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.924856] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.925426] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.927498] RSP: 0018:ffff8880123dfbd0 EFLAGS: 00010246 [ 227.928105] RAX: 0000000000000000 RBX: ffff888011d9c0a8 RCX: 0000000000000000 [ 227.928897] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 227.929695] RBP: ffff8880123dfbe8 R08: ffffed10023b3833 R09: ffffed10023b3833 [ 227.930489] R10: ffff888011d9c193 R11: ffffed10023b3832 R12: ffff888012e93000 [ 227.931348] R13: ffff888011d9c1e8 R14: ffff888013dd1d00 R15: 0000000000000000 [ 227.932156] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.933065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.933728] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 227.934591] PKRU: 55555554 [ 227.934928] Call Trace: [ 227.935231] [ 227.935490] iommufd_access_destroy_object+0x65/0x170 [ 227.936074] iommufd_object_destroy_user+0x18e/0x220 [ 227.936647] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 227.937300] iommufd_access_destroy+0x43/0x70 [ 227.937819] iommufd_test_staccess_release+0x8d/0xd0 [ 227.938400] __fput+0x26d/0xa40 [ 227.938827] ____fput+0x1e/0x30 [ 227.939233] task_work_run+0x1a4/0x2d0 [ 227.939683] ? __pfx_task_work_run+0x10/0x10 [ 227.940184] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.940739] ? switch_task_namespaces+0xa9/0xe0 [ 227.941277] do_exit+0xb17/0x2ef0 [ 227.941667] ? lock_acquire+0x427/0x4c0 [ 227.942126] ? __pfx_lock_release+0x10/0x10 [ 227.942650] ? __kasan_check_write+0x18/0x20 [ 227.943167] ? do_raw_spin_lock+0x132/0x2a0 [ 227.943654] ? __pfx_do_exit+0x10/0x10 [ 227.944103] ? debug_smp_processor_id+0x20/0x30 [ 227.944627] ? rcu_is_watching+0x19/0xb0 [ 227.945085] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.945600] ? trace_hardirqs_on+0x26/0x120 [ 227.946091] do_group_exit+0xe0/0x2b0 [ 227.946552] __x64_sys_exit_group+0x47/0x50 [ 227.947039] do_syscall_64+0x3b/0x90 [ 227.947483] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.948071] RIP: 0033:0x7f4b87518a4d [ 227.948489] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.949167] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.949999] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.950810] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.951610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.952393] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.953177] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.953977] [ 227.954244] irq event stamp: 0 [ 227.954623] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.955323] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.956227] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.957133] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.957819] ---[ end trace 0000000000000000 ]--- [ 227.958974] ------------[ cut here ]------------ [ 227.959508] WARNING: CPU: 0 PID: 2181 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 227.960612] Modules linked in: [ 227.960968] CPU: 0 PID: 2181 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.961915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.963167] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 227.963740] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 227.965701] RSP: 0018:ffff8880123dfb78 EFLAGS: 00010246 [ 227.966285] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.967086] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 227.967871] RBP: ffff8880123dfb98 R08: ffffed10023b383e R09: ffffed10023b383e [ 227.968646] R10: ffff888011d9c1ef R11: ffffed10023b383d R12: ffff888011d9c290 [ 227.969418] R13: ffff888011d9c0a8 R14: ffffffffffffffff R15: ffff8880123dfc60 [ 227.970190] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 227.971085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.971667] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 227.972282] PKRU: 55555554 [ 227.972522] Call Trace: [ 227.972739] [ 227.972934] iommufd_ioas_destroy+0x53/0x70 [ 227.973308] iommufd_fops_release+0x1f7/0x370 [ 227.973697] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.974124] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.974575] ? write_comp_data+0x2f/0x90 [ 227.974931] ? __pfx_iommufd_fops_release+0x10/0x10 [ 227.975368] __fput+0x26d/0xa40 [ 227.975665] ____fput+0x1e/0x30 [ 227.975952] task_work_run+0x1a4/0x2d0 [ 227.976291] ? __pfx_task_work_run+0x10/0x10 [ 227.976671] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 227.977091] ? switch_task_namespaces+0xa9/0xe0 [ 227.977507] do_exit+0xb17/0x2ef0 [ 227.977806] ? lock_acquire+0x427/0x4c0 [ 227.978157] ? __pfx_lock_release+0x10/0x10 [ 227.978550] ? __kasan_check_write+0x18/0x20 [ 227.978937] ? do_raw_spin_lock+0x132/0x2a0 [ 227.979317] ? __pfx_do_exit+0x10/0x10 [ 227.979660] ? debug_smp_processor_id+0x20/0x30 [ 227.980064] ? rcu_is_watching+0x19/0xb0 [ 227.980415] ? _raw_spin_unlock_irq+0x2b/0x60 [ 227.980811] ? trace_hardirqs_on+0x26/0x120 [ 227.981186] do_group_exit+0xe0/0x2b0 [ 227.981521] __x64_sys_exit_group+0x47/0x50 [ 227.981889] do_syscall_64+0x3b/0x90 [ 227.982220] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 227.982690] RIP: 0033:0x7f4b87518a4d [ 227.983011] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 227.983554] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 227.984207] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 227.984818] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 227.985416] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 227.986018] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 227.986657] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 227.987280] [ 227.987480] irq event stamp: 0 [ 227.987748] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 227.988279] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 227.988983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 227.989683] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 227.990213] ---[ end trace 0000000000000000 ]--- [ 227.993739] ------------[ cut here ]------------ [ 227.994114] WARNING: CPU: 1 PID: 2182 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 227.994911] Modules linked in: [ 227.995155] CPU: 1 PID: 2182 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 227.995775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 227.996574] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 227.996929] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 227.998214] RSP: 0018:ffff88800e967bb8 EFLAGS: 00010246 [ 227.998614] RAX: 0000000000000000 RBX: ffff8880171bd8a8 RCX: 0000000000000000 [ 227.999132] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 227.999640] RBP: ffff88800e967bd0 R08: ffffed1002e37b33 R09: ffffed1002e37b33 [ 228.000145] R10: ffff8880171bd993 R11: ffffed1002e37b32 R12: ffff888010c09400 [ 228.000649] R13: ffff8880171bd9e8 R14: ffffffff8352e670 R15: ffff88800e967e68 [ 228.001157] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 228.001728] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.002144] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 228.002674] PKRU: 55555554 [ 228.002877] Call Trace: [ 228.003061] [ 228.003232] __iommufd_access_detach+0x1c2/0x2b0 [ 228.003585] iommufd_access_change_pt+0x149/0x270 [ 228.003938] iommufd_access_replace+0xb4/0x120 [ 228.004276] iommufd_test+0x3e5/0x37e0 [ 228.004556] ? lock_release+0x532/0x770 [ 228.004852] ? __might_fault+0x102/0x1b0 [ 228.005151] ? lock_acquire+0x427/0x4c0 [ 228.005446] ? __pfx_iommufd_test+0x10/0x10 [ 228.005754] ? __pfx_lock_release+0x10/0x10 [ 228.006071] ? __pfx_lock_acquire+0x10/0x10 [ 228.006390] ? write_comp_data+0x2f/0x90 [ 228.006713] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.007075] ? write_comp_data+0x2f/0x90 [ 228.007390] iommufd_fops_ioctl+0x37d/0x510 [ 228.007708] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.008067] ? write_comp_data+0x2f/0x90 [ 228.008369] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.008724] __x64_sys_ioctl+0x1a3/0x230 [ 228.009035] do_syscall_64+0x3b/0x90 [ 228.009315] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.009698] RIP: 0033:0x7f4b8743ee5d [ 228.009968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.011351] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.011911] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.012446] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.012963] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.013473] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.013982] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.014533] [ 228.014709] irq event stamp: 0 [ 228.014937] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.015409] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.016023] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.016637] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.017102] ---[ end trace 0000000000000000 ]--- [ 228.019934] ------------[ cut here ]------------ [ 228.020310] WARNING: CPU: 1 PID: 2182 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.021049] Modules linked in: [ 228.021285] CPU: 1 PID: 2182 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.021929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.023004] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.023391] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.024719] RSP: 0018:ffff88800e967bd0 EFLAGS: 00010246 [ 228.025111] RAX: 0000000000000000 RBX: ffff8880171bd8a8 RCX: 0000000000000000 [ 228.025631] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 228.026160] RBP: ffff88800e967be8 R08: ffffed1002e37b33 R09: ffffed1002e37b33 [ 228.026710] R10: ffff8880171bd993 R11: ffffed1002e37b32 R12: ffff88800fd80000 [ 228.027245] R13: ffff8880171bd9e8 R14: ffff88802086af00 R15: 0000000000000000 [ 228.027777] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 228.028378] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.028815] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 228.029347] PKRU: 55555554 [ 228.029560] Call Trace: [ 228.029753] [ 228.029925] iommufd_access_destroy_object+0x65/0x170 [ 228.030320] iommufd_object_destroy_user+0x18e/0x220 [ 228.030744] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.031204] iommufd_access_destroy+0x43/0x70 [ 228.031557] iommufd_test_staccess_release+0x8d/0xd0 [ 228.031962] __fput+0x26d/0xa40 [ 228.032233] ____fput+0x1e/0x30 [ 228.032500] task_work_run+0x1a4/0x2d0 [ 228.032811] ? __pfx_task_work_run+0x10/0x10 [ 228.033156] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.033534] ? switch_task_namespaces+0xa9/0xe0 [ 228.033902] do_exit+0xb17/0x2ef0 [ 228.034171] ? lock_acquire+0x427/0x4c0 [ 228.034487] ? __pfx_lock_release+0x10/0x10 [ 228.034852] ? __kasan_check_write+0x18/0x20 [ 228.035209] ? do_raw_spin_lock+0x132/0x2a0 [ 228.035545] ? __pfx_do_exit+0x10/0x10 [ 228.035859] ? debug_smp_processor_id+0x20/0x30 [ 228.036226] ? rcu_is_watching+0x19/0xb0 [ 228.036549] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.036906] ? trace_hardirqs_on+0x26/0x120 [ 228.037248] do_group_exit+0xe0/0x2b0 [ 228.037550] __x64_sys_exit_group+0x47/0x50 [ 228.037885] do_syscall_64+0x3b/0x90 [ 228.038179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.038606] RIP: 0033:0x7f4b87518a4d [ 228.038894] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.039380] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.039967] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.040516] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.041064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.041608] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.042151] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.042723] [ 228.042908] irq event stamp: 0 [ 228.043164] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.043656] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.044297] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.044942] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.045424] ---[ end trace 0000000000000000 ]--- [ 228.046485] ------------[ cut here ]------------ [ 228.047145] WARNING: CPU: 0 PID: 2182 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.048300] Modules linked in: [ 228.048678] CPU: 0 PID: 2182 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.049654] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.051005] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.051611] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.053624] RSP: 0018:ffff88800e967b78 EFLAGS: 00010246 [ 228.054222] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.055059] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 228.055876] RBP: ffff88800e967b98 R08: ffffed1002e37b3e R09: ffffed1002e37b3e [ 228.056674] R10: ffff8880171bd9ef R11: ffffed1002e37b3d R12: ffff8880171bda90 [ 228.057471] R13: ffff8880171bd8a8 R14: ffffffffffffffff R15: ffff88800e967c60 [ 228.058269] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.059221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.059875] CR2: 00007f82e2e9f000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 228.060677] PKRU: 55555554 [ 228.061000] Call Trace: [ 228.061293] [ 228.061556] iommufd_ioas_destroy+0x53/0x70 [ 228.062058] iommufd_fops_release+0x1f7/0x370 [ 228.062627] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.063241] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.063805] ? write_comp_data+0x2f/0x90 [ 228.064281] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.064852] __fput+0x26d/0xa40 [ 228.065250] ____fput+0x1e/0x30 [ 228.065641] task_work_run+0x1a4/0x2d0 [ 228.066097] ? __pfx_task_work_run+0x10/0x10 [ 228.066654] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.067250] ? switch_task_namespaces+0xa9/0xe0 [ 228.067813] do_exit+0xb17/0x2ef0 [ 228.068225] ? lock_acquire+0x427/0x4c0 [ 228.068706] ? __pfx_lock_release+0x10/0x10 [ 228.069221] ? __kasan_check_write+0x18/0x20 [ 228.069741] ? do_raw_spin_lock+0x132/0x2a0 [ 228.070247] ? __pfx_do_exit+0x10/0x10 [ 228.070753] ? debug_smp_processor_id+0x20/0x30 [ 228.071326] ? rcu_is_watching+0x19/0xb0 [ 228.071823] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.072383] ? trace_hardirqs_on+0x26/0x120 [ 228.072920] do_group_exit+0xe0/0x2b0 [ 228.073390] __x64_sys_exit_group+0x47/0x50 [ 228.073913] do_syscall_64+0x3b/0x90 [ 228.074378] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.075048] RIP: 0033:0x7f4b87518a4d [ 228.075514] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.076228] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.077112] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.077953] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.078827] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.079690] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.080517] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.081338] [ 228.081613] irq event stamp: 0 [ 228.081974] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.082724] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.083687] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.084627] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.085349] ---[ end trace 0000000000000000 ]--- [ 228.092141] ------------[ cut here ]------------ [ 228.092718] WARNING: CPU: 0 PID: 2183 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.093850] Modules linked in: [ 228.094229] CPU: 0 PID: 2183 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.095301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.096568] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.097134] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.099232] RSP: 0018:ffff888015ee7bb8 EFLAGS: 00010246 [ 228.099857] RAX: 0000000000000000 RBX: ffff888020d0b0a8 RCX: 0000000000000000 [ 228.100666] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 228.101458] RBP: ffff888015ee7bd0 R08: ffffed10041a1633 R09: ffffed10041a1633 [ 228.102255] R10: ffff888020d0b193 R11: ffffed10041a1632 R12: ffff888013b17400 [ 228.103101] R13: ffff888020d0b1e8 R14: ffffffff8352e670 R15: ffff888015ee7e68 [ 228.103944] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.104864] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.105548] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 228.106384] PKRU: 55555554 [ 228.106757] Call Trace: [ 228.107070] [ 228.107363] __iommufd_access_detach+0x1c2/0x2b0 [ 228.107964] iommufd_access_change_pt+0x149/0x270 [ 228.108573] iommufd_access_replace+0xb4/0x120 [ 228.109148] iommufd_test+0x3e5/0x37e0 [ 228.109634] ? lock_release+0x532/0x770 [ 228.110146] ? __might_fault+0x102/0x1b0 [ 228.110710] ? lock_acquire+0x427/0x4c0 [ 228.111241] ? __pfx_iommufd_test+0x10/0x10 [ 228.111772] ? __pfx_lock_release+0x10/0x10 [ 228.112318] ? __pfx_lock_acquire+0x10/0x10 [ 228.112870] ? write_comp_data+0x2f/0x90 [ 228.113393] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.114004] ? write_comp_data+0x2f/0x90 [ 228.114576] iommufd_fops_ioctl+0x37d/0x510 [ 228.115142] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.115756] ? write_comp_data+0x2f/0x90 [ 228.116275] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.116872] __x64_sys_ioctl+0x1a3/0x230 [ 228.117386] do_syscall_64+0x3b/0x90 [ 228.117864] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.118558] RIP: 0033:0x7f4b8743ee5d [ 228.119027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.121188] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.122105] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.123005] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.123888] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.124743] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.125600] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.126470] [ 228.126805] irq event stamp: 0 [ 228.127214] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.127969] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.128971] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.129980] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.130784] ---[ end trace 0000000000000000 ]--- [ 228.135535] ------------[ cut here ]------------ [ 228.136138] WARNING: CPU: 0 PID: 2183 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.137349] Modules linked in: [ 228.137754] CPU: 0 PID: 2183 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.138856] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.140225] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.140847] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.143078] RSP: 0018:ffff888015ee7bd0 EFLAGS: 00010246 [ 228.143749] RAX: 0000000000000000 RBX: ffff888020d0b0a8 RCX: 0000000000000000 [ 228.144598] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 228.145452] RBP: ffff888015ee7be8 R08: ffffed10041a1633 R09: ffffed10041a1633 [ 228.146313] R10: ffff888020d0b193 R11: ffffed10041a1632 R12: ffff888013e24400 [ 228.147231] R13: ffff888020d0b1e8 R14: ffff888020813000 R15: 0000000000000000 [ 228.148087] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.149044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.149742] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.150637] PKRU: 55555554 [ 228.151000] Call Trace: [ 228.151348] [ 228.151633] iommufd_access_destroy_object+0x65/0x170 [ 228.152268] iommufd_object_destroy_user+0x18e/0x220 [ 228.152896] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.153621] iommufd_access_destroy+0x43/0x70 [ 228.154195] iommufd_test_staccess_release+0x8d/0xd0 [ 228.154876] __fput+0x26d/0xa40 [ 228.155332] ____fput+0x1e/0x30 [ 228.155751] task_work_run+0x1a4/0x2d0 [ 228.156242] ? __pfx_task_work_run+0x10/0x10 [ 228.156800] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.157402] ? switch_task_namespaces+0xa9/0xe0 [ 228.157983] do_exit+0xb17/0x2ef0 [ 228.158409] ? lock_acquire+0x427/0x4c0 [ 228.158949] ? __pfx_lock_release+0x10/0x10 [ 228.159522] ? __kasan_check_write+0x18/0x20 [ 228.160073] ? do_raw_spin_lock+0x132/0x2a0 [ 228.160611] ? __pfx_do_exit+0x10/0x10 [ 228.161296] ? debug_smp_processor_id+0x20/0x30 [ 228.162123] ? rcu_is_watching+0x19/0xb0 [ 228.162698] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.163674] ? trace_hardirqs_on+0x26/0x120 [ 228.164224] do_group_exit+0xe0/0x2b0 [ 228.164703] __x64_sys_exit_group+0x47/0x50 [ 228.165468] do_syscall_64+0x3b/0x90 [ 228.165945] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.166611] RIP: 0033:0x7f4b87518a4d [ 228.167062] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.168044] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.168956] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.170075] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.170990] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.172103] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.172964] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.174075] [ 228.174380] irq event stamp: 0 [ 228.174811] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.175594] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.176829] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.178077] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.178884] ---[ end trace 0000000000000000 ]--- [ 228.180253] ------------[ cut here ]------------ [ 228.180840] WARNING: CPU: 0 PID: 2183 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.182293] Modules linked in: [ 228.182755] CPU: 0 PID: 2183 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.183866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.185390] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.186304] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.188890] RSP: 0018:ffff888015ee7b78 EFLAGS: 00010246 [ 228.189567] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.190757] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 228.191656] RBP: ffff888015ee7b98 R08: ffffed10041a163e R09: ffffed10041a163e [ 228.192795] R10: ffff888020d0b1ef R11: ffffed10041a163d R12: ffff888020d0b290 [ 228.193675] R13: ffff888020d0b0a8 R14: ffffffffffffffff R15: ffff888015ee7c60 [ 228.194861] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.195884] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.196625] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.197804] PKRU: 55555554 [ 228.198183] Call Trace: [ 228.198571] [ 228.198877] iommufd_ioas_destroy+0x53/0x70 [ 228.199746] iommufd_fops_release+0x1f7/0x370 [ 228.200354] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.201019] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.201927] ? write_comp_data+0x2f/0x90 [ 228.202494] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.203265] __fput+0x26d/0xa40 [ 228.204004] ____fput+0x1e/0x30 [ 228.204471] task_work_run+0x1a4/0x2d0 [ 228.204998] ? __pfx_task_work_run+0x10/0x10 [ 228.205607] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.206456] ? switch_task_namespaces+0xa9/0xe0 [ 228.207180] do_exit+0xb17/0x2ef0 [ 228.207644] ? lock_acquire+0x427/0x4c0 [ 228.208267] ? __pfx_lock_release+0x10/0x10 [ 228.208974] ? __kasan_check_write+0x18/0x20 [ 228.209566] ? do_raw_spin_lock+0x132/0x2a0 [ 228.210170] ? __pfx_do_exit+0x10/0x10 [ 228.210974] ? debug_smp_processor_id+0x20/0x30 [ 228.211615] ? rcu_is_watching+0x19/0xb0 [ 228.212143] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.212831] ? trace_hardirqs_on+0x26/0x120 [ 228.213592] do_group_exit+0xe0/0x2b0 [ 228.214116] __x64_sys_exit_group+0x47/0x50 [ 228.214811] do_syscall_64+0x3b/0x90 [ 228.215517] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.216204] RIP: 0033:0x7f4b87518a4d [ 228.216684] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.217737] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.218777] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.219863] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.220995] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.222280] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.223339] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.224369] [ 228.224897] irq event stamp: 0 [ 228.225337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.226176] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.227679] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.228845] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.229914] ---[ end trace 0000000000000000 ]--- [ 228.237623] ------------[ cut here ]------------ [ 228.238669] WARNING: CPU: 0 PID: 2184 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.240054] Modules linked in: [ 228.240593] CPU: 0 PID: 2184 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.241853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.243434] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.244115] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.246482] RSP: 0018:ffff888023dafbb8 EFLAGS: 00010246 [ 228.247297] RAX: 0000000000000000 RBX: ffff8880208a20a8 RCX: 0000000000000000 [ 228.248236] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 228.249181] RBP: ffff888023dafbd0 R08: ffffed1004114433 R09: ffffed1004114433 [ 228.250128] R10: ffff8880208a2193 R11: ffffed1004114432 R12: ffff88801341e000 [ 228.251163] R13: ffff8880208a21e8 R14: ffffffff8352e670 R15: ffff888023dafe68 [ 228.252123] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.253183] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.253951] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ef0 [ 228.254955] PKRU: 55555554 [ 228.255407] Call Trace: [ 228.255758] [ 228.256068] __iommufd_access_detach+0x1c2/0x2b0 [ 228.256733] iommufd_access_change_pt+0x149/0x270 [ 228.257401] iommufd_access_replace+0xb4/0x120 [ 228.258030] iommufd_test+0x3e5/0x37e0 [ 228.258615] ? lock_release+0x532/0x770 [ 228.259209] ? __might_fault+0x102/0x1b0 [ 228.259779] ? lock_acquire+0x427/0x4c0 [ 228.260336] ? __pfx_iommufd_test+0x10/0x10 [ 228.260915] ? __pfx_lock_release+0x10/0x10 [ 228.261507] ? __pfx_lock_acquire+0x10/0x10 [ 228.262093] ? write_comp_data+0x2f/0x90 [ 228.262707] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.263404] ? write_comp_data+0x2f/0x90 [ 228.263973] iommufd_fops_ioctl+0x37d/0x510 [ 228.264571] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.265237] ? write_comp_data+0x2f/0x90 [ 228.265806] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.266467] __x64_sys_ioctl+0x1a3/0x230 [ 228.267111] do_syscall_64+0x3b/0x90 [ 228.267670] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.268376] RIP: 0033:0x7f4b8743ee5d [ 228.268867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.271225] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.272190] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.273083] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.273968] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.274894] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.275807] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.276714] [ 228.277015] irq event stamp: 0 [ 228.277416] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.278203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.279300] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.280348] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.281135] ---[ end trace 0000000000000000 ]--- [ 228.285454] ------------[ cut here ]------------ [ 228.285945] WARNING: CPU: 1 PID: 2184 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.287010] Modules linked in: [ 228.287336] CPU: 1 PID: 2184 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.288165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.289515] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.290072] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.292273] RSP: 0018:ffff888023dafbd0 EFLAGS: 00010246 [ 228.292784] RAX: 0000000000000000 RBX: ffff8880208a20a8 RCX: 0000000000000000 [ 228.293454] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 228.294308] RBP: ffff888023dafbe8 R08: ffffed1004114433 R09: ffffed1004114433 [ 228.295008] R10: ffff8880208a2193 R11: ffffed1004114432 R12: ffff888013b15000 [ 228.295701] R13: ffff8880208a21e8 R14: ffff88801227dc00 R15: 0000000000000000 [ 228.296370] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 228.297122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.297676] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 228.298412] PKRU: 55555554 [ 228.298810] Call Trace: [ 228.299171] [ 228.299397] iommufd_access_destroy_object+0x65/0x170 [ 228.299894] iommufd_object_destroy_user+0x18e/0x220 [ 228.300377] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.300928] iommufd_access_destroy+0x43/0x70 [ 228.301368] iommufd_test_staccess_release+0x8d/0xd0 [ 228.301863] __fput+0x26d/0xa40 [ 228.302279] ____fput+0x1e/0x30 [ 228.302763] task_work_run+0x1a4/0x2d0 [ 228.303160] ? __pfx_task_work_run+0x10/0x10 [ 228.303590] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.304069] ? switch_task_namespaces+0xa9/0xe0 [ 228.304526] do_exit+0xb17/0x2ef0 [ 228.304857] ? lock_acquire+0x427/0x4c0 [ 228.305248] ? __pfx_lock_release+0x10/0x10 [ 228.305712] ? __kasan_check_write+0x18/0x20 [ 228.306270] ? do_raw_spin_lock+0x132/0x2a0 [ 228.306810] ? __pfx_do_exit+0x10/0x10 [ 228.307207] ? debug_smp_processor_id+0x20/0x30 [ 228.307655] ? rcu_is_watching+0x19/0xb0 [ 228.308050] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.308493] ? trace_hardirqs_on+0x26/0x120 [ 228.308913] do_group_exit+0xe0/0x2b0 [ 228.309288] __x64_sys_exit_group+0x47/0x50 [ 228.309705] do_syscall_64+0x3b/0x90 [ 228.310199] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.310864] RIP: 0033:0x7f4b87518a4d [ 228.311236] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.311816] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.312540] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.313216] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.313996] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.314876] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.315574] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.316325] [ 228.316567] irq event stamp: 0 [ 228.316899] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.317562] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.318745] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.319829] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.320485] ---[ end trace 0000000000000000 ]--- [ 228.323382] ------------[ cut here ]------------ [ 228.323896] WARNING: CPU: 1 PID: 2184 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.324943] Modules linked in: [ 228.325280] CPU: 1 PID: 2184 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.326174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.327752] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.328504] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.330383] RSP: 0018:ffff888023dafb78 EFLAGS: 00010246 [ 228.330969] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.331747] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 228.332741] RBP: ffff888023dafb98 R08: ffffed100411443e R09: ffffed100411443e [ 228.333691] R10: ffff8880208a21ef R11: ffffed100411443d R12: ffff8880208a2290 [ 228.334421] R13: ffff8880208a20a8 R14: ffffffffffffffff R15: ffff888023dafc60 [ 228.335197] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 228.336020] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.336653] CR2: 00007f82e2eb4000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 228.337638] PKRU: 55555554 [ 228.338047] Call Trace: [ 228.338361] [ 228.338623] iommufd_ioas_destroy+0x53/0x70 [ 228.339076] iommufd_fops_release+0x1f7/0x370 [ 228.339581] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.340102] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.340623] ? write_comp_data+0x2f/0x90 [ 228.341065] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.341594] __fput+0x26d/0xa40 [ 228.342054] ____fput+0x1e/0x30 [ 228.342579] task_work_run+0x1a4/0x2d0 [ 228.343182] ? __pfx_task_work_run+0x10/0x10 [ 228.343641] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.344152] ? switch_task_namespaces+0xa9/0xe0 [ 228.344644] do_exit+0xb17/0x2ef0 [ 228.345006] ? lock_acquire+0x427/0x4c0 [ 228.345437] ? __pfx_lock_release+0x10/0x10 [ 228.345885] ? __kasan_check_write+0x18/0x20 [ 228.346353] ? do_raw_spin_lock+0x132/0x2a0 [ 228.346960] ? __pfx_do_exit+0x10/0x10 [ 228.347592] ? debug_smp_processor_id+0x20/0x30 [ 228.348154] ? rcu_is_watching+0x19/0xb0 [ 228.348594] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.349073] ? trace_hardirqs_on+0x26/0x120 [ 228.349537] do_group_exit+0xe0/0x2b0 [ 228.349936] __x64_sys_exit_group+0x47/0x50 [ 228.350382] do_syscall_64+0x3b/0x90 [ 228.350817] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.351407] RIP: 0033:0x7f4b87518a4d [ 228.351915] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.352832] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.353681] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.354416] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.355200] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.355941] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.356713] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.357699] [ 228.358043] irq event stamp: 0 [ 228.358482] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.359181] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.360044] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.360924] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.361588] ---[ end trace 0000000000000000 ]--- [ 228.368204] ------------[ cut here ]------------ [ 228.368771] WARNING: CPU: 1 PID: 2185 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.369805] Modules linked in: [ 228.370252] CPU: 1 PID: 2185 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.371506] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.372651] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.373175] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.375387] RSP: 0018:ffff888011e17bb8 EFLAGS: 00010246 [ 228.376133] RAX: 0000000000000000 RBX: ffff8880187708a8 RCX: 0000000000000000 [ 228.376873] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 228.377606] RBP: ffff888011e17bd0 R08: ffffed10030ee133 R09: ffffed10030ee133 [ 228.378343] R10: ffff888018770993 R11: ffffed10030ee132 R12: ffff888012e93c00 [ 228.379106] R13: ffff8880187709e8 R14: ffffffff8352e670 R15: ffff888011e17e68 [ 228.380099] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 228.381095] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.381696] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 228.382436] PKRU: 55555554 [ 228.382768] Call Trace: [ 228.383036] [ 228.383288] __iommufd_access_detach+0x1c2/0x2b0 [ 228.383804] iommufd_access_change_pt+0x149/0x270 [ 228.384439] iommufd_access_replace+0xb4/0x120 [ 228.385132] iommufd_test+0x3e5/0x37e0 [ 228.385558] ? lock_release+0x532/0x770 [ 228.385988] ? __might_fault+0x102/0x1b0 [ 228.386414] ? lock_acquire+0x427/0x4c0 [ 228.386863] ? __pfx_iommufd_test+0x10/0x10 [ 228.387339] ? __pfx_lock_release+0x10/0x10 [ 228.387799] ? __pfx_lock_acquire+0x10/0x10 [ 228.388251] ? write_comp_data+0x2f/0x90 [ 228.388834] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.389534] ? write_comp_data+0x2f/0x90 [ 228.390154] iommufd_fops_ioctl+0x37d/0x510 [ 228.390650] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.391169] ? write_comp_data+0x2f/0x90 [ 228.391601] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.392101] __x64_sys_ioctl+0x1a3/0x230 [ 228.392543] do_syscall_64+0x3b/0x90 [ 228.392945] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.393571] RIP: 0033:0x7f4b8743ee5d [ 228.394072] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.396213] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.397009] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.397740] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.398736] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.399695] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.400435] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.401172] [ 228.401426] irq event stamp: 0 [ 228.401757] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.402410] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.403515] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.404581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.405226] ---[ end trace 0000000000000000 ]--- [ 228.411530] ------------[ cut here ]------------ [ 228.412178] WARNING: CPU: 0 PID: 2185 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.413768] Modules linked in: [ 228.414208] CPU: 0 PID: 2185 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.415428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.417167] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.417869] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.420475] RSP: 0018:ffff888011e17bd0 EFLAGS: 00010246 [ 228.421446] RAX: 0000000000000000 RBX: ffff8880187708a8 RCX: 0000000000000000 [ 228.422384] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 228.423498] RBP: ffff888011e17be8 R08: ffffed10030ee133 R09: ffffed10030ee133 [ 228.424571] R10: ffff888018770993 R11: ffffed10030ee132 R12: ffff888010c08800 [ 228.425507] R13: ffff8880187709e8 R14: ffff88800ca5a300 R15: 0000000000000000 [ 228.426434] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.427554] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.428213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.428926] PKRU: 55555554 [ 228.429207] Call Trace: [ 228.429463] [ 228.429689] iommufd_access_destroy_object+0x65/0x170 [ 228.430218] iommufd_object_destroy_user+0x18e/0x220 [ 228.430767] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.431448] iommufd_access_destroy+0x43/0x70 [ 228.431904] iommufd_test_staccess_release+0x8d/0xd0 [ 228.432425] __fput+0x26d/0xa40 [ 228.432771] ____fput+0x1e/0x30 [ 228.433106] task_work_run+0x1a4/0x2d0 [ 228.433510] ? __pfx_task_work_run+0x10/0x10 [ 228.433954] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.434452] ? switch_task_namespaces+0xa9/0xe0 [ 228.434969] do_exit+0xb17/0x2ef0 [ 228.435421] ? lock_acquire+0x427/0x4c0 [ 228.435867] ? __pfx_lock_release+0x10/0x10 [ 228.436304] ? __kasan_check_write+0x18/0x20 [ 228.436750] ? do_raw_spin_lock+0x132/0x2a0 [ 228.437170] ? __pfx_do_exit+0x10/0x10 [ 228.437573] ? debug_smp_processor_id+0x20/0x30 [ 228.438044] ? rcu_is_watching+0x19/0xb0 [ 228.438459] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.438979] ? trace_hardirqs_on+0x26/0x120 [ 228.439525] do_group_exit+0xe0/0x2b0 [ 228.439944] __x64_sys_exit_group+0x47/0x50 [ 228.440380] do_syscall_64+0x3b/0x90 [ 228.440761] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.441289] RIP: 0033:0x7f4b87518a4d [ 228.441664] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.442281] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.443071] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.443884] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.444598] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.445303] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.446010] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.446769] [ 228.447059] irq event stamp: 0 [ 228.447395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.448014] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.448843] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.449682] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.450305] ---[ end trace 0000000000000000 ]--- [ 228.451335] ------------[ cut here ]------------ [ 228.451793] WARNING: CPU: 0 PID: 2185 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.452725] Modules linked in: [ 228.453026] CPU: 0 PID: 2185 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.453828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.454903] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.455574] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.457436] RSP: 0018:ffff888011e17b78 EFLAGS: 00010246 [ 228.457973] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.458782] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 228.459521] RBP: ffff888011e17b98 R08: ffffed10030ee13e R09: ffffed10030ee13e [ 228.460247] R10: ffff8880187709ef R11: ffffed10030ee13d R12: ffff888018770a90 [ 228.460968] R13: ffff8880187708a8 R14: ffffffffffffffff R15: ffff888011e17c60 [ 228.461695] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.462535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.463136] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.463850] PKRU: 55555554 [ 228.464131] Call Trace: [ 228.464387] [ 228.464614] iommufd_ioas_destroy+0x53/0x70 [ 228.465053] iommufd_fops_release+0x1f7/0x370 [ 228.465511] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.466003] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.466488] ? write_comp_data+0x2f/0x90 [ 228.466920] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.467420] __fput+0x26d/0xa40 [ 228.467756] ____fput+0x1e/0x30 [ 228.468084] task_work_run+0x1a4/0x2d0 [ 228.468473] ? __pfx_task_work_run+0x10/0x10 [ 228.468906] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.469385] ? switch_task_namespaces+0xa9/0xe0 [ 228.469851] do_exit+0xb17/0x2ef0 [ 228.470181] ? lock_acquire+0x427/0x4c0 [ 228.470582] ? __pfx_lock_release+0x10/0x10 [ 228.471002] ? __kasan_check_write+0x18/0x20 [ 228.471431] ? do_raw_spin_lock+0x132/0x2a0 [ 228.471848] ? __pfx_do_exit+0x10/0x10 [ 228.472221] ? debug_smp_processor_id+0x20/0x30 [ 228.472665] ? rcu_is_watching+0x19/0xb0 [ 228.473052] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.473487] ? trace_hardirqs_on+0x26/0x120 [ 228.473901] do_group_exit+0xe0/0x2b0 [ 228.474263] __x64_sys_exit_group+0x47/0x50 [ 228.474686] do_syscall_64+0x3b/0x90 [ 228.475053] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.475602] RIP: 0033:0x7f4b87518a4d [ 228.475923] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.476443] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.477078] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.477678] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.478272] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.478911] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.479607] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.480224] [ 228.480421] irq event stamp: 0 [ 228.480689] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.481228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.481939] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.482664] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.483285] ---[ end trace 0000000000000000 ]--- [ 228.487395] ------------[ cut here ]------------ [ 228.487830] WARNING: CPU: 0 PID: 2186 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.488696] Modules linked in: [ 228.488975] CPU: 0 PID: 2186 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.489707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.491092] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.491538] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.492990] RSP: 0018:ffff888012edfbb8 EFLAGS: 00010246 [ 228.493426] RAX: 0000000000000000 RBX: ffff888010b7b8a8 RCX: 0000000000000000 [ 228.494002] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 228.494611] RBP: ffff888012edfbd0 R08: ffffed100216f733 R09: ffffed100216f733 [ 228.495265] R10: ffff888010b7b993 R11: ffffed100216f732 R12: ffff888014580800 [ 228.495847] R13: ffff888010b7b9e8 R14: ffffffff8352e670 R15: ffff888012edfe68 [ 228.496415] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.497065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.497531] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ef0 [ 228.498098] PKRU: 55555554 [ 228.498324] Call Trace: [ 228.498554] [ 228.498782] __iommufd_access_detach+0x1c2/0x2b0 [ 228.499238] iommufd_access_change_pt+0x149/0x270 [ 228.499636] iommufd_access_replace+0xb4/0x120 [ 228.500013] iommufd_test+0x3e5/0x37e0 [ 228.500336] ? lock_release+0x532/0x770 [ 228.500669] ? __might_fault+0x102/0x1b0 [ 228.501005] ? lock_acquire+0x427/0x4c0 [ 228.501351] ? __pfx_iommufd_test+0x10/0x10 [ 228.501694] ? __pfx_lock_release+0x10/0x10 [ 228.502043] ? __pfx_lock_acquire+0x10/0x10 [ 228.502402] ? write_comp_data+0x2f/0x90 [ 228.502771] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.503287] ? write_comp_data+0x2f/0x90 [ 228.503627] iommufd_fops_ioctl+0x37d/0x510 [ 228.503973] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.504374] ? write_comp_data+0x2f/0x90 [ 228.504711] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.505099] __x64_sys_ioctl+0x1a3/0x230 [ 228.505445] do_syscall_64+0x3b/0x90 [ 228.505760] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.506195] RIP: 0033:0x7f4b8743ee5d [ 228.506501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.508113] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.508734] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.509300] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.509876] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.510446] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.511042] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.511686] [ 228.511878] irq event stamp: 0 [ 228.512142] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.512651] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.513318] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.513978] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.514487] ---[ end trace 0000000000000000 ]--- [ 228.517522] ------------[ cut here ]------------ [ 228.517927] WARNING: CPU: 0 PID: 2186 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.518779] Modules linked in: [ 228.519079] CPU: 0 PID: 2186 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.519787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.520678] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.521080] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.522586] RSP: 0018:ffff888012edfbd0 EFLAGS: 00010246 [ 228.523113] RAX: 0000000000000000 RBX: ffff888010b7b8a8 RCX: 0000000000000000 [ 228.523705] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 228.524282] RBP: ffff888012edfbe8 R08: ffffed100216f733 R09: ffffed100216f733 [ 228.524853] R10: ffff888010b7b993 R11: ffffed100216f732 R12: ffff88801341f400 [ 228.525425] R13: ffff888010b7b9e8 R14: ffff888011d6d200 R15: 0000000000000000 [ 228.525989] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.526669] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.527220] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.527802] PKRU: 55555554 [ 228.528031] Call Trace: [ 228.528238] [ 228.528435] iommufd_access_destroy_object+0x65/0x170 [ 228.528846] iommufd_object_destroy_user+0x18e/0x220 [ 228.529252] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.529725] iommufd_access_destroy+0x43/0x70 [ 228.530088] iommufd_test_staccess_release+0x8d/0xd0 [ 228.530499] __fput+0x26d/0xa40 [ 228.530877] ____fput+0x1e/0x30 [ 228.531204] task_work_run+0x1a4/0x2d0 [ 228.531523] ? __pfx_task_work_run+0x10/0x10 [ 228.531893] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.532293] ? switch_task_namespaces+0xa9/0xe0 [ 228.532674] do_exit+0xb17/0x2ef0 [ 228.532956] ? lock_acquire+0x427/0x4c0 [ 228.533276] ? __pfx_lock_release+0x10/0x10 [ 228.533622] ? __kasan_check_write+0x18/0x20 [ 228.533980] ? do_raw_spin_lock+0x132/0x2a0 [ 228.534322] ? __pfx_do_exit+0x10/0x10 [ 228.534666] ? debug_smp_processor_id+0x20/0x30 [ 228.535157] ? rcu_is_watching+0x19/0xb0 [ 228.535488] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.535858] ? trace_hardirqs_on+0x26/0x120 [ 228.536217] do_group_exit+0xe0/0x2b0 [ 228.536532] __x64_sys_exit_group+0x47/0x50 [ 228.536871] do_syscall_64+0x3b/0x90 [ 228.537175] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.537598] RIP: 0033:0x7f4b87518a4d [ 228.537889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.538377] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.539005] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.539920] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.540739] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.541537] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.542333] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.543219] [ 228.543504] irq event stamp: 0 [ 228.543876] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.544604] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.545539] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.546490] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.547262] ---[ end trace 0000000000000000 ]--- [ 228.548450] ------------[ cut here ]------------ [ 228.549003] WARNING: CPU: 0 PID: 2186 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.550133] Modules linked in: [ 228.550499] CPU: 0 PID: 2186 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.551679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.552588] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.552995] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.554421] RSP: 0018:ffff888012edfb78 EFLAGS: 00010246 [ 228.554882] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.555469] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 228.556037] RBP: ffff888012edfb98 R08: ffffed100216f73e R09: ffffed100216f73e [ 228.556601] R10: ffff888010b7b9ef R11: ffffed100216f73d R12: ffff888010b7ba90 [ 228.557160] R13: ffff888010b7b8a8 R14: ffffffffffffffff R15: ffff888012edfc60 [ 228.557723] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.558352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.558830] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.559405] PKRU: 55555554 [ 228.559632] Call Trace: [ 228.559835] [ 228.560015] iommufd_ioas_destroy+0x53/0x70 [ 228.560363] iommufd_fops_release+0x1f7/0x370 [ 228.560725] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.561119] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.561510] ? write_comp_data+0x2f/0x90 [ 228.561843] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.562241] __fput+0x26d/0xa40 [ 228.562533] ____fput+0x1e/0x30 [ 228.562805] task_work_run+0x1a4/0x2d0 [ 228.563131] ? __pfx_task_work_run+0x10/0x10 [ 228.563498] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.563893] ? switch_task_namespaces+0xa9/0xe0 [ 228.564278] do_exit+0xb17/0x2ef0 [ 228.564556] ? lock_acquire+0x427/0x4c0 [ 228.564880] ? __pfx_lock_release+0x10/0x10 [ 228.565227] ? __kasan_check_write+0x18/0x20 [ 228.565580] ? do_raw_spin_lock+0x132/0x2a0 [ 228.565921] ? __pfx_do_exit+0x10/0x10 [ 228.566237] ? debug_smp_processor_id+0x20/0x30 [ 228.566645] ? rcu_is_watching+0x19/0xb0 [ 228.566970] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.567344] ? trace_hardirqs_on+0x26/0x120 [ 228.567693] do_group_exit+0xe0/0x2b0 [ 228.568003] __x64_sys_exit_group+0x47/0x50 [ 228.568343] do_syscall_64+0x3b/0x90 [ 228.568645] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.569062] RIP: 0033:0x7f4b87518a4d [ 228.569357] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.569836] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.570421] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.570986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.571558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.572132] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.572697] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.573264] [ 228.573451] irq event stamp: 0 [ 228.573699] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.574194] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.574872] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.575540] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.576031] ---[ end trace 0000000000000000 ]--- [ 228.580752] ------------[ cut here ]------------ [ 228.581164] WARNING: CPU: 0 PID: 2187 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.581949] Modules linked in: [ 228.582198] CPU: 0 PID: 2187 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.583052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.583935] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.584326] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.585729] RSP: 0018:ffff8880163efbb8 EFLAGS: 00010246 [ 228.586144] RAX: 0000000000000000 RBX: ffff88801732f0a8 RCX: 0000000000000000 [ 228.586716] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 228.587280] RBP: ffff8880163efbd0 R08: ffffed1002e65e33 R09: ffffed1002e65e33 [ 228.587834] R10: ffff88801732f193 R11: ffffed1002e65e32 R12: ffff888012978400 [ 228.588383] R13: ffff88801732f1e8 R14: ffffffff8352e670 R15: ffff8880163efe68 [ 228.588934] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.589556] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.590019] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ef0 [ 228.590597] PKRU: 55555554 [ 228.590823] Call Trace: [ 228.591024] [ 228.591214] __iommufd_access_detach+0x1c2/0x2b0 [ 228.591601] iommufd_access_change_pt+0x149/0x270 [ 228.591990] iommufd_access_replace+0xb4/0x120 [ 228.592361] iommufd_test+0x3e5/0x37e0 [ 228.592667] ? lock_release+0x532/0x770 [ 228.592989] ? __might_fault+0x102/0x1b0 [ 228.593319] ? lock_acquire+0x427/0x4c0 [ 228.593642] ? __pfx_iommufd_test+0x10/0x10 [ 228.593981] ? __pfx_lock_release+0x10/0x10 [ 228.594329] ? __pfx_lock_acquire+0x10/0x10 [ 228.594701] ? write_comp_data+0x2f/0x90 [ 228.595035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.595434] ? write_comp_data+0x2f/0x90 [ 228.595761] iommufd_fops_ioctl+0x37d/0x510 [ 228.596105] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.596491] ? write_comp_data+0x2f/0x90 [ 228.596820] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.597198] __x64_sys_ioctl+0x1a3/0x230 [ 228.597526] do_syscall_64+0x3b/0x90 [ 228.597827] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.598235] RIP: 0033:0x7f4b8743ee5d [ 228.598550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.599983] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.600581] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.601146] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.601708] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.602267] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.602849] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.603433] [ 228.603623] irq event stamp: 0 [ 228.603872] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.604367] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.605061] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.605743] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.606254] ---[ end trace 0000000000000000 ]--- [ 228.609100] ------------[ cut here ]------------ [ 228.609517] WARNING: CPU: 0 PID: 2187 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.610333] Modules linked in: [ 228.610624] CPU: 0 PID: 2187 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.611345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.612246] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.612649] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.614097] RSP: 0018:ffff8880163efbd0 EFLAGS: 00010246 [ 228.614545] RAX: 0000000000000000 RBX: ffff88801732f0a8 RCX: 0000000000000000 [ 228.615124] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 228.615696] RBP: ffff8880163efbe8 R08: ffffed1002e65e33 R09: ffffed1002e65e33 [ 228.616265] R10: ffff88801732f193 R11: ffffed1002e65e32 R12: ffff888014581c00 [ 228.616838] R13: ffff88801732f1e8 R14: ffff888012860f00 R15: 0000000000000000 [ 228.617419] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.618074] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.618567] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.619173] PKRU: 55555554 [ 228.619408] Call Trace: [ 228.619622] [ 228.619810] iommufd_access_destroy_object+0x65/0x170 [ 228.620237] iommufd_object_destroy_user+0x18e/0x220 [ 228.620657] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.621130] iommufd_access_destroy+0x43/0x70 [ 228.621499] iommufd_test_staccess_release+0x8d/0xd0 [ 228.621915] __fput+0x26d/0xa40 [ 228.622196] ____fput+0x1e/0x30 [ 228.622474] task_work_run+0x1a4/0x2d0 [ 228.622821] ? __pfx_task_work_run+0x10/0x10 [ 228.623191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.623596] ? switch_task_namespaces+0xa9/0xe0 [ 228.623987] do_exit+0xb17/0x2ef0 [ 228.624271] ? lock_acquire+0x427/0x4c0 [ 228.624611] ? __pfx_lock_release+0x10/0x10 [ 228.624960] ? __kasan_check_write+0x18/0x20 [ 228.625314] ? do_raw_spin_lock+0x132/0x2a0 [ 228.625664] ? __pfx_do_exit+0x10/0x10 [ 228.625982] ? debug_smp_processor_id+0x20/0x30 [ 228.626358] ? rcu_is_watching+0x19/0xb0 [ 228.626700] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.627075] ? trace_hardirqs_on+0x26/0x120 [ 228.627444] do_group_exit+0xe0/0x2b0 [ 228.627756] __x64_sys_exit_group+0x47/0x50 [ 228.628101] do_syscall_64+0x3b/0x90 [ 228.628408] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.628830] RIP: 0033:0x7f4b87518a4d [ 228.629129] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.629617] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.630221] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.630808] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.631394] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.631972] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.632550] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.633131] [ 228.633317] irq event stamp: 0 [ 228.633568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.634076] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.634775] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.635457] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.635963] ---[ end trace 0000000000000000 ]--- [ 228.636675] ------------[ cut here ]------------ [ 228.637066] WARNING: CPU: 0 PID: 2187 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.637883] Modules linked in: [ 228.638140] CPU: 0 PID: 2187 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.638869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.639798] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.640224] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.641700] RSP: 0018:ffff8880163efb78 EFLAGS: 00010246 [ 228.642128] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.642713] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 228.643291] RBP: ffff8880163efb98 R08: ffffed1002e65e3e R09: ffffed1002e65e3e [ 228.643859] R10: ffff88801732f1ef R11: ffffed1002e65e3d R12: ffff88801732f290 [ 228.644432] R13: ffff88801732f0a8 R14: ffffffffffffffff R15: ffff8880163efc60 [ 228.645003] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.645650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.646122] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.646726] PKRU: 55555554 [ 228.646962] Call Trace: [ 228.647183] [ 228.647370] iommufd_ioas_destroy+0x53/0x70 [ 228.647737] iommufd_fops_release+0x1f7/0x370 [ 228.648113] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.648527] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.648925] ? write_comp_data+0x2f/0x90 [ 228.649259] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.649667] __fput+0x26d/0xa40 [ 228.649953] ____fput+0x1e/0x30 [ 228.650229] task_work_run+0x1a4/0x2d0 [ 228.650574] ? __pfx_task_work_run+0x10/0x10 [ 228.650937] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.651362] ? switch_task_namespaces+0xa9/0xe0 [ 228.651754] do_exit+0xb17/0x2ef0 [ 228.652035] ? lock_acquire+0x427/0x4c0 [ 228.652366] ? __pfx_lock_release+0x10/0x10 [ 228.652723] ? __kasan_check_write+0x18/0x20 [ 228.653087] ? do_raw_spin_lock+0x132/0x2a0 [ 228.653446] ? __pfx_do_exit+0x10/0x10 [ 228.653766] ? debug_smp_processor_id+0x20/0x30 [ 228.654145] ? rcu_is_watching+0x19/0xb0 [ 228.654477] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.654875] ? trace_hardirqs_on+0x26/0x120 [ 228.655253] do_group_exit+0xe0/0x2b0 [ 228.655573] __x64_sys_exit_group+0x47/0x50 [ 228.655920] do_syscall_64+0x3b/0x90 [ 228.656234] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.656664] RIP: 0033:0x7f4b87518a4d [ 228.656970] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.657470] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.658086] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.658686] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.659282] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.659864] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.660448] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.661044] [ 228.661236] irq event stamp: 0 [ 228.661496] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.662009] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.662706] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.663389] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.663889] ---[ end trace 0000000000000000 ]--- [ 228.668624] ------------[ cut here ]------------ [ 228.669064] WARNING: CPU: 0 PID: 2188 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.669848] Modules linked in: [ 228.670094] CPU: 0 PID: 2188 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.670818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.671698] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.672083] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.673479] RSP: 0018:ffff88800e80fbb8 EFLAGS: 00010246 [ 228.673888] RAX: 0000000000000000 RBX: ffff88800f1c18a8 RCX: 0000000000000000 [ 228.674433] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 228.674998] RBP: ffff88800e80fbd0 R08: ffffed1001e38333 R09: ffffed1001e38333 [ 228.675559] R10: ffff88800f1c1993 R11: ffffed1001e38332 R12: ffff888013f45000 [ 228.676110] R13: ffff88800f1c19e8 R14: ffffffff8352e670 R15: ffff88800e80fe68 [ 228.676849] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.677734] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.678194] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ef0 [ 228.678766] PKRU: 55555554 [ 228.679056] Call Trace: [ 228.679356] [ 228.679532] __iommufd_access_detach+0x1c2/0x2b0 [ 228.679912] iommufd_access_change_pt+0x149/0x270 [ 228.680297] iommufd_access_replace+0xb4/0x120 [ 228.680664] iommufd_test+0x3e5/0x37e0 [ 228.680966] ? lock_release+0x532/0x770 [ 228.681352] ? __might_fault+0x102/0x1b0 [ 228.681782] ? lock_acquire+0x427/0x4c0 [ 228.682103] ? __pfx_iommufd_test+0x10/0x10 [ 228.682436] ? __pfx_lock_release+0x10/0x10 [ 228.682789] ? __pfx_lock_acquire+0x10/0x10 [ 228.683152] ? write_comp_data+0x2f/0x90 [ 228.683476] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.683859] ? write_comp_data+0x2f/0x90 [ 228.684252] iommufd_fops_ioctl+0x37d/0x510 [ 228.684704] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.685091] ? write_comp_data+0x2f/0x90 [ 228.685416] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.685792] __x64_sys_ioctl+0x1a3/0x230 [ 228.686116] do_syscall_64+0x3b/0x90 [ 228.686414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.686921] RIP: 0033:0x7f4b8743ee5d [ 228.687311] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.688720] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.689346] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.690001] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.690565] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.691112] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.691674] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.692383] [ 228.692568] irq event stamp: 0 [ 228.692812] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.693297] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.693939] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.694732] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.695231] ---[ end trace 0000000000000000 ]--- [ 228.698031] ------------[ cut here ]------------ [ 228.698475] WARNING: CPU: 0 PID: 2188 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.699370] Modules linked in: [ 228.699621] CPU: 0 PID: 2188 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.700293] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.701318] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.701708] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.703280] RSP: 0018:ffff88800e80fbd0 EFLAGS: 00010246 [ 228.703693] RAX: 0000000000000000 RBX: ffff88800f1c18a8 RCX: 0000000000000000 [ 228.704268] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 228.704926] RBP: ffff88800e80fbe8 R08: ffffed1001e38333 R09: ffffed1001e38333 [ 228.705477] R10: ffff88800f1c1993 R11: ffffed1001e38332 R12: ffff888012978000 [ 228.706160] R13: ffff88800f1c19e8 R14: ffff888020a3ba00 R15: 0000000000000000 [ 228.706725] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.707352] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.707865] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.708507] PKRU: 55555554 [ 228.708731] Call Trace: [ 228.708933] [ 228.709115] iommufd_access_destroy_object+0x65/0x170 [ 228.709589] iommufd_object_destroy_user+0x18e/0x220 [ 228.710077] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.710558] iommufd_access_destroy+0x43/0x70 [ 228.710923] iommufd_test_staccess_release+0x8d/0xd0 [ 228.711364] __fput+0x26d/0xa40 [ 228.711776] ____fput+0x1e/0x30 [ 228.712050] task_work_run+0x1a4/0x2d0 [ 228.712368] ? __pfx_task_work_run+0x10/0x10 [ 228.712725] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.713152] ? switch_task_namespaces+0xa9/0xe0 [ 228.713620] do_exit+0xb17/0x2ef0 [ 228.713894] ? lock_acquire+0x427/0x4c0 [ 228.714214] ? __pfx_lock_release+0x10/0x10 [ 228.714572] ? __kasan_check_write+0x18/0x20 [ 228.714924] ? do_raw_spin_lock+0x132/0x2a0 [ 228.715329] ? __pfx_do_exit+0x10/0x10 [ 228.715731] ? debug_smp_processor_id+0x20/0x30 [ 228.716103] ? rcu_is_watching+0x19/0xb0 [ 228.716426] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.716824] ? trace_hardirqs_on+0x26/0x120 [ 228.717250] do_group_exit+0xe0/0x2b0 [ 228.717552] __x64_sys_exit_group+0x47/0x50 [ 228.717891] do_syscall_64+0x3b/0x90 [ 228.718189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.718675] RIP: 0033:0x7f4b87518a4d [ 228.719048] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.719531] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.720116] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.720733] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.721380] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.721935] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.722645] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.723239] [ 228.723428] irq event stamp: 0 [ 228.723685] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.724221] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.725009] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.725692] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.726382] ---[ end trace 0000000000000000 ]--- [ 228.727106] ------------[ cut here ]------------ [ 228.727498] WARNING: CPU: 0 PID: 2188 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.728493] Modules linked in: [ 228.728755] CPU: 0 PID: 2188 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.729491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.730538] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.730960] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.732628] RSP: 0018:ffff88800e80fb78 EFLAGS: 00010246 [ 228.733053] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.733793] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 228.734369] RBP: ffff88800e80fb98 R08: ffffed1001e3833e R09: ffffed1001e3833e [ 228.735003] R10: ffff88800f1c19ef R11: ffffed1001e3833d R12: ffff88800f1c1a90 [ 228.735688] R13: ffff88800f1c18a8 R14: ffffffffffffffff R15: ffff88800e80fc60 [ 228.736262] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.736973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.737518] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.738091] PKRU: 55555554 [ 228.738321] Call Trace: [ 228.738591] [ 228.738779] iommufd_ioas_destroy+0x53/0x70 [ 228.739257] iommufd_fops_release+0x1f7/0x370 [ 228.739632] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.740040] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.740592] ? write_comp_data+0x2f/0x90 [ 228.740933] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.741342] __fput+0x26d/0xa40 [ 228.741630] ____fput+0x1e/0x30 [ 228.741936] task_work_run+0x1a4/0x2d0 [ 228.742392] ? __pfx_task_work_run+0x10/0x10 [ 228.742774] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.743191] ? switch_task_namespaces+0xa9/0xe0 [ 228.743595] do_exit+0xb17/0x2ef0 [ 228.744012] ? lock_acquire+0x427/0x4c0 [ 228.744349] ? __pfx_lock_release+0x10/0x10 [ 228.744706] ? __kasan_check_write+0x18/0x20 [ 228.745069] ? do_raw_spin_lock+0x132/0x2a0 [ 228.745576] ? __pfx_do_exit+0x10/0x10 [ 228.745908] ? debug_smp_processor_id+0x20/0x30 [ 228.746293] ? rcu_is_watching+0x19/0xb0 [ 228.746641] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.747056] ? trace_hardirqs_on+0x26/0x120 [ 228.747536] do_group_exit+0xe0/0x2b0 [ 228.747856] __x64_sys_exit_group+0x47/0x50 [ 228.748209] do_syscall_64+0x3b/0x90 [ 228.748523] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.749111] RIP: 0033:0x7f4b87518a4d [ 228.749415] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.749913] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.750615] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.751304] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.751881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.752603] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.753182] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.753766] [ 228.754012] irq event stamp: 0 [ 228.754357] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.754882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.755609] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.756388] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.756897] ---[ end trace 0000000000000000 ]--- [ 228.762375] ------------[ cut here ]------------ [ 228.762943] WARNING: CPU: 0 PID: 2189 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.763782] Modules linked in: [ 228.764040] CPU: 0 PID: 2189 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.764736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.765637] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.766038] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.767541] RSP: 0018:ffff888012edfbb8 EFLAGS: 00010246 [ 228.767977] RAX: 0000000000000000 RBX: ffff8880162480a8 RCX: 0000000000000000 [ 228.768553] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 228.769117] RBP: ffff888012edfbd0 R08: ffffed1002c49033 R09: ffffed1002c49033 [ 228.769681] R10: ffff888016248193 R11: ffffed1002c49032 R12: ffff888013b21000 [ 228.770226] R13: ffff8880162481e8 R14: ffffffff8352e670 R15: ffff888012edfe68 [ 228.770784] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.771411] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.771856] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ef0 [ 228.772405] PKRU: 55555554 [ 228.772623] Call Trace: [ 228.772822] [ 228.772999] __iommufd_access_detach+0x1c2/0x2b0 [ 228.773380] iommufd_access_change_pt+0x149/0x270 [ 228.773762] iommufd_access_replace+0xb4/0x120 [ 228.774125] iommufd_test+0x3e5/0x37e0 [ 228.774433] ? lock_release+0x532/0x770 [ 228.774772] ? __might_fault+0x102/0x1b0 [ 228.775096] ? lock_acquire+0x427/0x4c0 [ 228.775426] ? __pfx_iommufd_test+0x10/0x10 [ 228.775763] ? __pfx_lock_release+0x10/0x10 [ 228.776103] ? __pfx_lock_acquire+0x10/0x10 [ 228.776449] ? write_comp_data+0x2f/0x90 [ 228.776768] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.777146] ? write_comp_data+0x2f/0x90 [ 228.777468] iommufd_fops_ioctl+0x37d/0x510 [ 228.777801] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.778176] ? write_comp_data+0x2f/0x90 [ 228.778497] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.778889] __x64_sys_ioctl+0x1a3/0x230 [ 228.779229] do_syscall_64+0x3b/0x90 [ 228.779523] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.779930] RIP: 0033:0x7f4b8743ee5d [ 228.780213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.781597] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.782177] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.782732] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.783282] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.783820] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.784368] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.784924] [ 228.785107] irq event stamp: 0 [ 228.785351] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.785835] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.786468] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.787124] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.787612] ---[ end trace 0000000000000000 ]--- [ 228.791067] ------------[ cut here ]------------ [ 228.791469] WARNING: CPU: 0 PID: 2189 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.792432] Modules linked in: [ 228.792682] CPU: 0 PID: 2189 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.793355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.794367] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.794806] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.796361] RSP: 0018:ffff888012edfbd0 EFLAGS: 00010246 [ 228.796771] RAX: 0000000000000000 RBX: ffff8880162480a8 RCX: 0000000000000000 [ 228.797322] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 228.797872] RBP: ffff888012edfbe8 R08: ffffed1002c49033 R09: ffffed1002c49033 [ 228.798420] R10: ffff888016248193 R11: ffffed1002c49032 R12: ffff888013f44400 [ 228.798991] R13: ffff8880162481e8 R14: ffff88800fa09400 R15: 0000000000000000 [ 228.799558] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.800176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.800625] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.801187] PKRU: 55555554 [ 228.801405] Call Trace: [ 228.801607] [ 228.801786] iommufd_access_destroy_object+0x65/0x170 [ 228.802195] iommufd_object_destroy_user+0x18e/0x220 [ 228.802613] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.803066] iommufd_access_destroy+0x43/0x70 [ 228.803430] iommufd_test_staccess_release+0x8d/0xd0 [ 228.803832] __fput+0x26d/0xa40 [ 228.804120] ____fput+0x1e/0x30 [ 228.804386] task_work_run+0x1a4/0x2d0 [ 228.804699] ? __pfx_task_work_run+0x10/0x10 [ 228.805046] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.805432] ? switch_task_namespaces+0xa9/0xe0 [ 228.805805] do_exit+0xb17/0x2ef0 [ 228.806075] ? lock_acquire+0x427/0x4c0 [ 228.806396] ? __pfx_lock_release+0x10/0x10 [ 228.806757] ? __kasan_check_write+0x18/0x20 [ 228.807102] ? do_raw_spin_lock+0x132/0x2a0 [ 228.807448] ? __pfx_do_exit+0x10/0x10 [ 228.807768] ? debug_smp_processor_id+0x20/0x30 [ 228.808144] ? rcu_is_watching+0x19/0xb0 [ 228.808460] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.808821] ? trace_hardirqs_on+0x26/0x120 [ 228.809164] do_group_exit+0xe0/0x2b0 [ 228.809462] __x64_sys_exit_group+0x47/0x50 [ 228.809792] do_syscall_64+0x3b/0x90 [ 228.810089] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.810492] RIP: 0033:0x7f4b87518a4d [ 228.810801] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.811293] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.811880] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.812436] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.812985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.813538] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.814078] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.814655] [ 228.814838] irq event stamp: 0 [ 228.815082] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.815582] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.816218] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.816850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.817324] ---[ end trace 0000000000000000 ]--- [ 228.818122] ------------[ cut here ]------------ [ 228.818788] WARNING: CPU: 0 PID: 2189 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.819588] Modules linked in: [ 228.819843] CPU: 0 PID: 2189 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.820686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.821556] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.821958] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.823575] RSP: 0018:ffff888012edfb78 EFLAGS: 00010246 [ 228.824008] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.824699] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 228.825253] RBP: ffff888012edfb98 R08: ffffed1002c4903e R09: ffffed1002c4903e [ 228.825873] R10: ffff8880162481ef R11: ffffed1002c4903d R12: ffff888016248290 [ 228.826537] R13: ffff8880162480a8 R14: ffffffffffffffff R15: ffff888012edfc60 [ 228.827091] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.827784] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.828337] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.828888] PKRU: 55555554 [ 228.829107] Call Trace: [ 228.829350] [ 228.829621] iommufd_ioas_destroy+0x53/0x70 [ 228.829966] iommufd_fops_release+0x1f7/0x370 [ 228.830320] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.830728] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.831114] ? write_comp_data+0x2f/0x90 [ 228.831608] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.832008] __fput+0x26d/0xa40 [ 228.832280] ____fput+0x1e/0x30 [ 228.832553] task_work_run+0x1a4/0x2d0 [ 228.832871] ? __pfx_task_work_run+0x10/0x10 [ 228.833383] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.833768] ? switch_task_namespaces+0xa9/0xe0 [ 228.834141] do_exit+0xb17/0x2ef0 [ 228.834417] ? lock_acquire+0x427/0x4c0 [ 228.834817] ? __pfx_lock_release+0x10/0x10 [ 228.835267] ? __kasan_check_write+0x18/0x20 [ 228.835625] ? do_raw_spin_lock+0x132/0x2a0 [ 228.835968] ? __pfx_do_exit+0x10/0x10 [ 228.836283] ? debug_smp_processor_id+0x20/0x30 [ 228.836690] ? rcu_is_watching+0x19/0xb0 [ 228.837133] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.837510] ? trace_hardirqs_on+0x26/0x120 [ 228.837865] do_group_exit+0xe0/0x2b0 [ 228.838168] __x64_sys_exit_group+0x47/0x50 [ 228.838681] do_syscall_64+0x3b/0x90 [ 228.838981] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.839400] RIP: 0033:0x7f4b87518a4d [ 228.839695] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.840167] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.840908] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.841455] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.842068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.842716] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.843271] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.843851] [ 228.844148] irq event stamp: 0 [ 228.844395] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.844882] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.845590] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.846324] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.846825] ---[ end trace 0000000000000000 ]--- [ 228.850639] ------------[ cut here ]------------ [ 228.851042] WARNING: CPU: 0 PID: 2190 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.851953] Modules linked in: [ 228.852202] CPU: 0 PID: 2190 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.852944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.853875] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.854270] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.855843] RSP: 0018:ffff888010f37bb8 EFLAGS: 00010246 [ 228.856282] RAX: 0000000000000000 RBX: ffff888015ebe0a8 RCX: 0000000000000000 [ 228.856941] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 228.857489] RBP: ffff888010f37bd0 R08: ffffed1002bd7c33 R09: ffffed1002bd7c33 [ 228.858095] R10: ffff888015ebe193 R11: ffffed1002bd7c32 R12: ffff888010c56400 [ 228.858738] R13: ffff888015ebe1e8 R14: ffffffff8352e670 R15: ffff888010f37e68 [ 228.859304] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.859982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.860518] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ef0 [ 228.861067] PKRU: 55555554 [ 228.861287] Call Trace: [ 228.861511] [ 228.861711] __iommufd_access_detach+0x1c2/0x2b0 [ 228.862171] iommufd_access_change_pt+0x149/0x270 [ 228.862573] iommufd_access_replace+0xb4/0x120 [ 228.862939] iommufd_test+0x3e5/0x37e0 [ 228.863252] ? lock_release+0x532/0x770 [ 228.863631] ? __might_fault+0x102/0x1b0 [ 228.864041] ? lock_acquire+0x427/0x4c0 [ 228.864362] ? __pfx_iommufd_test+0x10/0x10 [ 228.864697] ? __pfx_lock_release+0x10/0x10 [ 228.865068] ? __pfx_lock_acquire+0x10/0x10 [ 228.865511] ? write_comp_data+0x2f/0x90 [ 228.865835] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.866215] ? write_comp_data+0x2f/0x90 [ 228.866578] iommufd_fops_ioctl+0x37d/0x510 [ 228.867006] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.867397] ? write_comp_data+0x2f/0x90 [ 228.867725] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.868103] __x64_sys_ioctl+0x1a3/0x230 [ 228.868431] do_syscall_64+0x3b/0x90 [ 228.868877] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.869290] RIP: 0033:0x7f4b8743ee5d [ 228.869581] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.871172] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.871770] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.872469] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.873019] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.873608] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.874250] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.874822] [ 228.875007] irq event stamp: 0 [ 228.875319] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.875903] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.876561] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.877201] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.877690] ---[ end trace 0000000000000000 ]--- [ 228.880444] ------------[ cut here ]------------ [ 228.880840] WARNING: CPU: 0 PID: 2190 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.881610] Modules linked in: [ 228.881851] CPU: 0 PID: 2190 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.882563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.883425] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.883802] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.885169] RSP: 0018:ffff888010f37bd0 EFLAGS: 00010246 [ 228.885570] RAX: 0000000000000000 RBX: ffff888015ebe0a8 RCX: 0000000000000000 [ 228.886094] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 228.886632] RBP: ffff888010f37be8 R08: ffffed1002bd7c33 R09: ffffed1002bd7c33 [ 228.887165] R10: ffff888015ebe193 R11: ffffed1002bd7c32 R12: ffff888013b21800 [ 228.887690] R13: ffff888015ebe1e8 R14: ffff888013dd1b00 R15: 0000000000000000 [ 228.888213] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.888804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.889233] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.889760] PKRU: 55555554 [ 228.889969] Call Trace: [ 228.890157] [ 228.890325] iommufd_access_destroy_object+0x65/0x170 [ 228.890725] iommufd_object_destroy_user+0x18e/0x220 [ 228.891108] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.891555] iommufd_access_destroy+0x43/0x70 [ 228.891897] iommufd_test_staccess_release+0x8d/0xd0 [ 228.892282] __fput+0x26d/0xa40 [ 228.892543] ____fput+0x1e/0x30 [ 228.892793] task_work_run+0x1a4/0x2d0 [ 228.893081] ? __pfx_task_work_run+0x10/0x10 [ 228.893407] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.893768] ? switch_task_namespaces+0xa9/0xe0 [ 228.894118] do_exit+0xb17/0x2ef0 [ 228.894374] ? lock_acquire+0x427/0x4c0 [ 228.894686] ? __pfx_lock_release+0x10/0x10 [ 228.895011] ? __kasan_check_write+0x18/0x20 [ 228.895353] ? do_raw_spin_lock+0x132/0x2a0 [ 228.895671] ? __pfx_do_exit+0x10/0x10 [ 228.895964] ? debug_smp_processor_id+0x20/0x30 [ 228.896310] ? rcu_is_watching+0x19/0xb0 [ 228.896612] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.896946] ? trace_hardirqs_on+0x26/0x120 [ 228.897267] do_group_exit+0xe0/0x2b0 [ 228.897546] __x64_sys_exit_group+0x47/0x50 [ 228.897868] do_syscall_64+0x3b/0x90 [ 228.898147] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.898545] RIP: 0033:0x7f4b87518a4d [ 228.898817] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.899273] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.899821] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.900334] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.900846] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.901363] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.901876] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.902397] [ 228.902583] irq event stamp: 0 [ 228.902813] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.903277] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.903879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.904482] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.904935] ---[ end trace 0000000000000000 ]--- [ 228.905577] ------------[ cut here ]------------ [ 228.905911] WARNING: CPU: 0 PID: 2190 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.906649] Modules linked in: [ 228.906879] CPU: 0 PID: 2190 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.907514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.908316] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.908686] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.909981] RSP: 0018:ffff888010f37b78 EFLAGS: 00010246 [ 228.910372] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.910901] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 228.911434] RBP: ffff888010f37b98 R08: ffffed1002bd7c3e R09: ffffed1002bd7c3e [ 228.911949] R10: ffff888015ebe1ef R11: ffffed1002bd7c3d R12: ffff888015ebe290 [ 228.912464] R13: ffff888015ebe0a8 R14: ffffffffffffffff R15: ffff888010f37c60 [ 228.912981] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.913570] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.913992] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.914526] PKRU: 55555554 [ 228.914733] Call Trace: [ 228.914922] [ 228.915090] iommufd_ioas_destroy+0x53/0x70 [ 228.915420] iommufd_fops_release+0x1f7/0x370 [ 228.915756] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.916125] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.916488] ? write_comp_data+0x2f/0x90 [ 228.916794] ? __pfx_iommufd_fops_release+0x10/0x10 [ 228.917161] __fput+0x26d/0xa40 [ 228.917416] ____fput+0x1e/0x30 [ 228.917665] task_work_run+0x1a4/0x2d0 [ 228.917956] ? __pfx_task_work_run+0x10/0x10 [ 228.918287] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.918675] ? switch_task_namespaces+0xa9/0xe0 [ 228.919027] do_exit+0xb17/0x2ef0 [ 228.919299] ? lock_acquire+0x427/0x4c0 [ 228.919599] ? __pfx_lock_release+0x10/0x10 [ 228.919920] ? __kasan_check_write+0x18/0x20 [ 228.920246] ? do_raw_spin_lock+0x132/0x2a0 [ 228.920570] ? __pfx_do_exit+0x10/0x10 [ 228.920866] ? debug_smp_processor_id+0x20/0x30 [ 228.921210] ? rcu_is_watching+0x19/0xb0 [ 228.921512] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.921848] ? trace_hardirqs_on+0x26/0x120 [ 228.922168] do_group_exit+0xe0/0x2b0 [ 228.922448] __x64_sys_exit_group+0x47/0x50 [ 228.922778] do_syscall_64+0x3b/0x90 [ 228.923060] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.923463] RIP: 0033:0x7f4b87518a4d [ 228.923741] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.924190] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.924742] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.925271] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.925785] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.926301] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.926851] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.927405] [ 228.927582] irq event stamp: 0 [ 228.927823] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.928290] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.928917] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.929529] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.929990] ---[ end trace 0000000000000000 ]--- [ 228.933554] ------------[ cut here ]------------ [ 228.933924] WARNING: CPU: 0 PID: 2191 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.934718] Modules linked in: [ 228.934956] CPU: 0 PID: 2191 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.935608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.936426] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.936793] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.938347] RSP: 0018:ffff888012edfbb8 EFLAGS: 00010246 [ 228.938777] RAX: 0000000000000000 RBX: ffff8880187718a8 RCX: 0000000000000000 [ 228.939323] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 228.939862] RBP: ffff888012edfbd0 R08: ffffed10030ee333 R09: ffffed10030ee333 [ 228.940392] R10: ffff888018771993 R11: ffffed10030ee332 R12: ffff888012e94800 [ 228.940926] R13: ffff8880187719e8 R14: ffffffff8352e670 R15: ffff888012edfe68 [ 228.941540] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.942241] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.942710] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ef0 [ 228.943257] PKRU: 55555554 [ 228.943476] Call Trace: [ 228.943673] [ 228.943855] __iommufd_access_detach+0x1c2/0x2b0 [ 228.944239] iommufd_access_change_pt+0x149/0x270 [ 228.944621] iommufd_access_replace+0xb4/0x120 [ 228.945057] iommufd_test+0x3e5/0x37e0 [ 228.945471] ? lock_release+0x532/0x770 [ 228.945793] ? __might_fault+0x102/0x1b0 [ 228.946113] ? lock_acquire+0x427/0x4c0 [ 228.946434] ? __pfx_iommufd_test+0x10/0x10 [ 228.946796] ? __pfx_lock_release+0x10/0x10 [ 228.947156] ? __pfx_lock_acquire+0x10/0x10 [ 228.947509] ? write_comp_data+0x2f/0x90 [ 228.947843] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.948232] ? write_comp_data+0x2f/0x90 [ 228.948561] iommufd_fops_ioctl+0x37d/0x510 [ 228.948940] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.949483] ? write_comp_data+0x2f/0x90 [ 228.949819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 228.950205] __x64_sys_ioctl+0x1a3/0x230 [ 228.950565] do_syscall_64+0x3b/0x90 [ 228.950872] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.951296] RIP: 0033:0x7f4b8743ee5d [ 228.951589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 228.953204] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 228.953803] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 228.954366] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 228.954959] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 228.955530] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 228.956110] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 228.956826] [ 228.957008] irq event stamp: 0 [ 228.957254] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.957766] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.958462] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.959218] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.959894] ---[ end trace 0000000000000000 ]--- [ 228.962904] ------------[ cut here ]------------ [ 228.963524] WARNING: CPU: 0 PID: 2191 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 228.964343] Modules linked in: [ 228.964604] CPU: 0 PID: 2191 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.965306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.966306] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 228.966827] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 228.968327] RSP: 0018:ffff888012edfbd0 EFLAGS: 00010246 [ 228.968760] RAX: 0000000000000000 RBX: ffff8880187718a8 RCX: 0000000000000000 [ 228.969331] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 228.969904] RBP: ffff888012edfbe8 R08: ffffed10030ee333 R09: ffffed10030ee333 [ 228.970479] R10: ffff888018771993 R11: ffffed10030ee332 R12: ffff888010c54800 [ 228.971086] R13: ffff8880187719e8 R14: ffff888020845900 R15: 0000000000000000 [ 228.971695] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 228.972364] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.972845] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 228.973439] PKRU: 55555554 [ 228.973678] Call Trace: [ 228.973890] [ 228.974079] iommufd_access_destroy_object+0x65/0x170 [ 228.974534] iommufd_object_destroy_user+0x18e/0x220 [ 228.974964] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 228.975465] iommufd_access_destroy+0x43/0x70 [ 228.975843] iommufd_test_staccess_release+0x8d/0xd0 [ 228.976267] __fput+0x26d/0xa40 [ 228.976559] ____fput+0x1e/0x30 [ 228.976852] task_work_run+0x1a4/0x2d0 [ 228.977193] ? __pfx_task_work_run+0x10/0x10 [ 228.977576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 228.977999] ? switch_task_namespaces+0xa9/0xe0 [ 228.978406] do_exit+0xb17/0x2ef0 [ 228.978724] ? lock_acquire+0x427/0x4c0 [ 228.979070] ? __pfx_lock_release+0x10/0x10 [ 228.979454] ? __kasan_check_write+0x18/0x20 [ 228.979838] ? do_raw_spin_lock+0x132/0x2a0 [ 228.980209] ? __pfx_do_exit+0x10/0x10 [ 228.980555] ? debug_smp_processor_id+0x20/0x30 [ 228.980964] ? rcu_is_watching+0x19/0xb0 [ 228.981321] ? _raw_spin_unlock_irq+0x2b/0x60 [ 228.981721] ? trace_hardirqs_on+0x26/0x120 [ 228.982096] do_group_exit+0xe0/0x2b0 [ 228.982424] __x64_sys_exit_group+0x47/0x50 [ 228.982813] do_syscall_64+0x3b/0x90 [ 228.983155] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 228.983615] RIP: 0033:0x7f4b87518a4d [ 228.983939] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 228.984475] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 228.985125] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 228.985731] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 228.986350] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 228.986976] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 228.987603] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 228.988229] [ 228.988433] irq event stamp: 0 [ 228.988707] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 228.989256] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 228.989988] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 228.990740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 228.991302] ---[ end trace 0000000000000000 ]--- [ 228.992185] ------------[ cut here ]------------ [ 228.992807] WARNING: CPU: 0 PID: 2191 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 228.993702] Modules linked in: [ 228.993988] CPU: 0 PID: 2191 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 228.994789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 228.995794] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 228.996249] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 228.998047] RSP: 0018:ffff888012edfb78 EFLAGS: 00010246 [ 228.998697] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 228.999341] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 228.999970] RBP: ffff888012edfb98 R08: ffffed10030ee33e R09: ffffed10030ee33e [ 229.000850] R10: ffff8880187719ef R11: ffffed10030ee33d R12: ffff888018771a90 [ 229.001475] R13: ffff8880187718a8 R14: ffffffffffffffff R15: ffff888012edfc60 [ 229.002101] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 229.002832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.003371] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 229.004000] PKRU: 55555554 [ 229.004300] Call Trace: [ 229.004694] [ 229.004896] iommufd_ioas_destroy+0x53/0x70 [ 229.005286] iommufd_fops_release+0x1f7/0x370 [ 229.005692] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.006135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.006607] ? write_comp_data+0x2f/0x90 [ 229.007004] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.007490] __fput+0x26d/0xa40 [ 229.007817] ____fput+0x1e/0x30 [ 229.008136] task_work_run+0x1a4/0x2d0 [ 229.008575] ? __pfx_task_work_run+0x10/0x10 [ 229.009248] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.009720] ? switch_task_namespaces+0xa9/0xe0 [ 229.010173] do_exit+0xb17/0x2ef0 [ 229.010536] ? lock_acquire+0x427/0x4c0 [ 229.010921] ? __pfx_lock_release+0x10/0x10 [ 229.011349] ? __kasan_check_write+0x18/0x20 [ 229.011772] ? do_raw_spin_lock+0x132/0x2a0 [ 229.012183] ? __pfx_do_exit+0x10/0x10 [ 229.012558] ? debug_smp_processor_id+0x20/0x30 [ 229.013082] ? rcu_is_watching+0x19/0xb0 [ 229.013589] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.014171] ? trace_hardirqs_on+0x26/0x120 [ 229.014615] do_group_exit+0xe0/0x2b0 [ 229.014974] __x64_sys_exit_group+0x47/0x50 [ 229.015391] do_syscall_64+0x3b/0x90 [ 229.015756] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.016259] RIP: 0033:0x7f4b87518a4d [ 229.016609] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.017182] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.018039] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.018977] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.019673] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.020346] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.021021] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.021705] [ 229.021929] irq event stamp: 0 [ 229.022232] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.023021] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.023983] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.024774] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.025368] ---[ end trace 0000000000000000 ]--- [ 229.033788] ------------[ cut here ]------------ [ 229.034442] WARNING: CPU: 1 PID: 2192 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.035959] Modules linked in: [ 229.036474] CPU: 1 PID: 2192 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.037589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.039329] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.039840] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.041877] RSP: 0018:ffff888016d6fbb8 EFLAGS: 00010246 [ 229.042429] RAX: 0000000000000000 RBX: ffff88801781b8a8 RCX: 0000000000000000 [ 229.043377] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 229.044125] RBP: ffff888016d6fbd0 R08: ffffed1002f03733 R09: ffffed1002f03733 [ 229.044859] R10: ffff88801781b993 R11: ffffed1002f03732 R12: ffff88801341c800 [ 229.045745] R13: ffff88801781b9e8 R14: ffffffff8352e670 R15: ffff888016d6fe68 [ 229.046475] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.047369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.048121] CR2: 00007f4b877410e8 CR3: 00000000148a4000 CR4: 0000000000750ee0 [ 229.049027] PKRU: 55555554 [ 229.049340] Call Trace: [ 229.049616] [ 229.049863] __iommufd_access_detach+0x1c2/0x2b0 [ 229.050488] iommufd_access_change_pt+0x149/0x270 [ 229.051193] iommufd_access_replace+0xb4/0x120 [ 229.051713] iommufd_test+0x3e5/0x37e0 [ 229.052139] ? lock_release+0x532/0x770 [ 229.052584] ? __might_fault+0x102/0x1b0 [ 229.053176] ? lock_acquire+0x427/0x4c0 [ 229.053681] ? __pfx_iommufd_test+0x10/0x10 [ 229.054152] ? __pfx_lock_release+0x10/0x10 [ 229.054672] ? __pfx_lock_acquire+0x10/0x10 [ 229.055181] ? write_comp_data+0x2f/0x90 [ 229.055684] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.056355] ? write_comp_data+0x2f/0x90 [ 229.056820] iommufd_fops_ioctl+0x37d/0x510 [ 229.057304] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.057850] ? write_comp_data+0x2f/0x90 [ 229.058497] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.059111] __x64_sys_ioctl+0x1a3/0x230 [ 229.059587] do_syscall_64+0x3b/0x90 [ 229.060004] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.060612] RIP: 0033:0x7f4b8743ee5d [ 229.061212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.063408] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.064313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.065089] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.065975] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.066913] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.067723] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.068517] [ 229.068856] irq event stamp: 0 [ 229.069309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.069990] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.070941] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.071872] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.072556] ---[ end trace 0000000000000000 ]--- [ 229.075870] ------------[ cut here ]------------ [ 229.076432] WARNING: CPU: 1 PID: 2192 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.077540] Modules linked in: [ 229.077891] CPU: 1 PID: 2192 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.078897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.080148] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.080691] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.082684] RSP: 0018:ffff888016d6fbd0 EFLAGS: 00010246 [ 229.083281] RAX: 0000000000000000 RBX: ffff88801781b8a8 RCX: 0000000000000000 [ 229.084052] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 229.084828] RBP: ffff888016d6fbe8 R08: ffffed1002f03733 R09: ffffed1002f03733 [ 229.085686] R10: ffff88801781b993 R11: ffffed1002f03732 R12: ffff888012e92800 [ 229.086452] R13: ffff88801781b9e8 R14: ffff888018b83600 R15: 0000000000000000 [ 229.087286] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.088161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.088784] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.089544] PKRU: 55555554 [ 229.089854] Call Trace: [ 229.090137] [ 229.090387] iommufd_access_destroy_object+0x65/0x170 [ 229.090990] iommufd_object_destroy_user+0x18e/0x220 [ 229.091576] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.092213] iommufd_access_destroy+0x43/0x70 [ 229.092711] iommufd_test_staccess_release+0x8d/0xd0 [ 229.093271] __fput+0x26d/0xa40 [ 229.093652] ____fput+0x1e/0x30 [ 229.094029] task_work_run+0x1a4/0x2d0 [ 229.094458] ? __pfx_task_work_run+0x10/0x10 [ 229.094980] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.095540] ? switch_task_namespaces+0xa9/0xe0 [ 229.096059] do_exit+0xb17/0x2ef0 [ 229.096438] ? lock_acquire+0x427/0x4c0 [ 229.096885] ? __pfx_lock_release+0x10/0x10 [ 229.097362] ? __kasan_check_write+0x18/0x20 [ 229.097844] ? do_raw_spin_lock+0x132/0x2a0 [ 229.098314] ? __pfx_do_exit+0x10/0x10 [ 229.098784] ? debug_smp_processor_id+0x20/0x30 [ 229.099504] ? rcu_is_watching+0x19/0xb0 [ 229.100059] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.100665] ? trace_hardirqs_on+0x26/0x120 [ 229.101243] do_group_exit+0xe0/0x2b0 [ 229.101760] __x64_sys_exit_group+0x47/0x50 [ 229.102331] do_syscall_64+0x3b/0x90 [ 229.102930] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.103677] RIP: 0033:0x7f4b87518a4d [ 229.104181] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.104995] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.105981] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.106962] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.107915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.108845] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.109766] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.110756] [ 229.111077] irq event stamp: 0 [ 229.111516] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.112340] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.113428] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.114547] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.115392] ---[ end trace 0000000000000000 ]--- [ 229.116702] ------------[ cut here ]------------ [ 229.117327] WARNING: CPU: 1 PID: 2192 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.118704] Modules linked in: [ 229.119163] CPU: 1 PID: 2192 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.120299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.121745] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.122412] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.124816] RSP: 0018:ffff888016d6fb78 EFLAGS: 00010246 [ 229.125514] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.126425] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 229.127384] RBP: ffff888016d6fb98 R08: ffffed1002f0373e R09: ffffed1002f0373e [ 229.128316] R10: ffff88801781b9ef R11: ffffed1002f0373d R12: ffff88801781ba90 [ 229.129246] R13: ffff88801781b8a8 R14: ffffffffffffffff R15: ffff888016d6fc60 [ 229.130174] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.131403] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.132054] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.132823] PKRU: 55555554 [ 229.133131] Call Trace: [ 229.133407] [ 229.133651] iommufd_ioas_destroy+0x53/0x70 [ 229.134131] iommufd_fops_release+0x1f7/0x370 [ 229.134659] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.135233] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.135779] ? write_comp_data+0x2f/0x90 [ 229.136229] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.136776] __fput+0x26d/0xa40 [ 229.137150] ____fput+0x1e/0x30 [ 229.137524] task_work_run+0x1a4/0x2d0 [ 229.137964] ? __pfx_task_work_run+0x10/0x10 [ 229.138457] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.139072] ? switch_task_namespaces+0xa9/0xe0 [ 229.139624] do_exit+0xb17/0x2ef0 [ 229.140008] ? lock_acquire+0x427/0x4c0 [ 229.140460] ? __pfx_lock_release+0x10/0x10 [ 229.140944] ? __kasan_check_write+0x18/0x20 [ 229.141427] ? do_raw_spin_lock+0x132/0x2a0 [ 229.141912] ? __pfx_do_exit+0x10/0x10 [ 229.142370] ? debug_smp_processor_id+0x20/0x30 [ 229.142946] ? rcu_is_watching+0x19/0xb0 [ 229.143420] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.143920] ? trace_hardirqs_on+0x26/0x120 [ 229.144392] do_group_exit+0xe0/0x2b0 [ 229.144814] __x64_sys_exit_group+0x47/0x50 [ 229.145293] do_syscall_64+0x3b/0x90 [ 229.145704] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.146277] RIP: 0033:0x7f4b87518a4d [ 229.146717] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.147404] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.148212] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.149052] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.149818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.150611] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.151567] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.152518] [ 229.152833] irq event stamp: 0 [ 229.153247] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.154072] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.155268] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.156372] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.157200] ---[ end trace 0000000000000000 ]--- [ 229.165090] ------------[ cut here ]------------ [ 229.165770] WARNING: CPU: 1 PID: 2193 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.167417] Modules linked in: [ 229.167862] CPU: 1 PID: 2193 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.168996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.170449] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.171213] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.173573] RSP: 0018:ffff888012edfbb8 EFLAGS: 00010246 [ 229.174270] RAX: 0000000000000000 RBX: ffff88801834e0a8 RCX: 0000000000000000 [ 229.175279] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 229.176213] RBP: ffff888012edfbd0 R08: ffffed1003069c33 R09: ffffed1003069c33 [ 229.177141] R10: ffff88801834e193 R11: ffffed1003069c32 R12: ffff88801890c800 [ 229.178061] R13: ffff88801834e1e8 R14: ffffffff8352e670 R15: ffff888012edfe68 [ 229.179027] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.180104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.180858] CR2: 0000000020000140 CR3: 000000001452e000 CR4: 0000000000750ee0 [ 229.181772] PKRU: 55555554 [ 229.182145] Call Trace: [ 229.182485] [ 229.182837] __iommufd_access_detach+0x1c2/0x2b0 [ 229.183519] iommufd_access_change_pt+0x149/0x270 [ 229.184170] iommufd_access_replace+0xb4/0x120 [ 229.184790] iommufd_test+0x3e5/0x37e0 [ 229.185305] ? lock_release+0x532/0x770 [ 229.185846] ? __might_fault+0x102/0x1b0 [ 229.186402] ? lock_acquire+0x427/0x4c0 [ 229.187004] ? __pfx_iommufd_test+0x10/0x10 [ 229.187608] ? __pfx_lock_release+0x10/0x10 [ 229.188190] ? __pfx_lock_acquire+0x10/0x10 [ 229.188772] ? write_comp_data+0x2f/0x90 [ 229.189321] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.189961] ? write_comp_data+0x2f/0x90 [ 229.190561] iommufd_fops_ioctl+0x37d/0x510 [ 229.191160] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.191819] ? write_comp_data+0x2f/0x90 [ 229.192616] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.193260] __x64_sys_ioctl+0x1a3/0x230 [ 229.193816] do_syscall_64+0x3b/0x90 [ 229.194326] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.195282] RIP: 0033:0x7f4b8743ee5d [ 229.195790] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.198375] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.199452] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.200597] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.201527] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.202456] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.203623] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.204578] [ 229.204896] irq event stamp: 0 [ 229.205369] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.206292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.207465] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.208813] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.209679] ---[ end trace 0000000000000000 ]--- [ 229.214989] ------------[ cut here ]------------ [ 229.215931] WARNING: CPU: 1 PID: 2193 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.217307] Modules linked in: [ 229.217787] CPU: 1 PID: 2193 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.219174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.220728] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.221534] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.224236] RSP: 0018:ffff888012edfbd0 EFLAGS: 00010246 [ 229.224975] RAX: 0000000000000000 RBX: ffff88801834e0a8 RCX: 0000000000000000 [ 229.226031] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 229.227138] RBP: ffff888012edfbe8 R08: ffffed1003069c33 R09: ffffed1003069c33 [ 229.228107] R10: ffff88801834e193 R11: ffffed1003069c32 R12: ffff88801341f800 [ 229.229261] R13: ffff88801834e1e8 R14: ffff88800fe7ab00 R15: 0000000000000000 [ 229.230223] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.231580] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.232373] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.233332] PKRU: 55555554 [ 229.233760] Call Trace: [ 229.234240] [ 229.234611] iommufd_access_destroy_object+0x65/0x170 [ 229.235340] iommufd_object_destroy_user+0x18e/0x220 [ 229.236039] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.237033] iommufd_access_destroy+0x43/0x70 [ 229.237665] iommufd_test_staccess_release+0x8d/0xd0 [ 229.238372] __fput+0x26d/0xa40 [ 229.238907] ____fput+0x1e/0x30 [ 229.239540] task_work_run+0x1a4/0x2d0 [ 229.240091] ? __pfx_task_work_run+0x10/0x10 [ 229.240704] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.241378] ? switch_task_namespaces+0xa9/0xe0 [ 229.242161] do_exit+0xb17/0x2ef0 [ 229.242775] ? lock_acquire+0x427/0x4c0 [ 229.243357] ? __pfx_lock_release+0x10/0x10 [ 229.243959] ? __kasan_check_write+0x18/0x20 [ 229.244570] ? do_raw_spin_lock+0x132/0x2a0 [ 229.245353] ? __pfx_do_exit+0x10/0x10 [ 229.245902] ? debug_smp_processor_id+0x20/0x30 [ 229.246599] ? rcu_is_watching+0x19/0xb0 [ 229.247194] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.248026] ? trace_hardirqs_on+0x26/0x120 [ 229.248621] do_group_exit+0xe0/0x2b0 [ 229.249148] __x64_sys_exit_group+0x47/0x50 [ 229.249739] do_syscall_64+0x3b/0x90 [ 229.250266] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.251059] RIP: 0033:0x7f4b87518a4d [ 229.251613] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.252465] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.253490] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.254443] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.255489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.256456] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.257411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.258389] [ 229.258753] irq event stamp: 0 [ 229.259208] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.260058] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.261186] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.262314] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.263242] ---[ end trace 0000000000000000 ]--- [ 229.264619] ------------[ cut here ]------------ [ 229.265275] WARNING: CPU: 1 PID: 2193 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.266691] Modules linked in: [ 229.267158] CPU: 1 PID: 2193 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.268214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.269371] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.269900] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.271859] RSP: 0018:ffff888012edfb78 EFLAGS: 00010246 [ 229.272502] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.273237] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 229.273991] RBP: ffff888012edfb98 R08: ffffed1003069c3e R09: ffffed1003069c3e [ 229.274787] R10: ffff88801834e1ef R11: ffffed1003069c3d R12: ffff88801834e290 [ 229.275617] R13: ffff88801834e0a8 R14: ffffffffffffffff R15: ffff888012edfc60 [ 229.276355] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.277190] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.277795] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.278595] PKRU: 55555554 [ 229.278954] Call Trace: [ 229.279268] [ 229.279511] iommufd_ioas_destroy+0x53/0x70 [ 229.279975] iommufd_fops_release+0x1f7/0x370 [ 229.280465] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.280987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.281511] ? write_comp_data+0x2f/0x90 [ 229.281939] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.282464] __fput+0x26d/0xa40 [ 229.282873] ____fput+0x1e/0x30 [ 229.283329] task_work_run+0x1a4/0x2d0 [ 229.283780] ? __pfx_task_work_run+0x10/0x10 [ 229.284248] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.284769] ? switch_task_namespaces+0xa9/0xe0 [ 229.285269] do_exit+0xb17/0x2ef0 [ 229.285635] ? lock_acquire+0x427/0x4c0 [ 229.286059] ? __pfx_lock_release+0x10/0x10 [ 229.286547] ? __kasan_check_write+0x18/0x20 [ 229.287104] ? do_raw_spin_lock+0x132/0x2a0 [ 229.287573] ? __pfx_do_exit+0x10/0x10 [ 229.287986] ? debug_smp_processor_id+0x20/0x30 [ 229.288484] ? rcu_is_watching+0x19/0xb0 [ 229.288908] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.289399] ? trace_hardirqs_on+0x26/0x120 [ 229.289852] do_group_exit+0xe0/0x2b0 [ 229.290252] __x64_sys_exit_group+0x47/0x50 [ 229.290744] do_syscall_64+0x3b/0x90 [ 229.291251] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.291816] RIP: 0033:0x7f4b87518a4d [ 229.292205] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.292844] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.293630] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.294362] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.295156] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.295975] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.296706] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.297461] [ 229.297705] irq event stamp: 0 [ 229.298035] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.298715] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.299684] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.300578] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.301223] ---[ end trace 0000000000000000 ]--- [ 229.306254] ------------[ cut here ]------------ [ 229.307143] WARNING: CPU: 1 PID: 2194 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.308167] Modules linked in: [ 229.308490] CPU: 1 PID: 2194 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.309370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.310499] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.311150] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.313007] RSP: 0018:ffff8880182dfbb8 EFLAGS: 00010246 [ 229.313555] RAX: 0000000000000000 RBX: ffff88800fe4c0a8 RCX: 0000000000000000 [ 229.314270] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 229.315030] RBP: ffff8880182dfbd0 R08: ffffed1001fc9833 R09: ffffed1001fc9833 [ 229.316183] R10: ffff88800fe4c193 R11: ffffed1001fc9832 R12: ffff888012a1d400 [ 229.317127] R13: ffff88800fe4c1e8 R14: ffffffff8352e670 R15: ffff8880182dfe68 [ 229.318058] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.319234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.320028] CR2: 0000000020000140 CR3: 0000000020e2e000 CR4: 0000000000750ee0 [ 229.320991] PKRU: 55555554 [ 229.321387] Call Trace: [ 229.321736] [ 229.322054] __iommufd_access_detach+0x1c2/0x2b0 [ 229.322788] iommufd_access_change_pt+0x149/0x270 [ 229.323502] iommufd_access_replace+0xb4/0x120 [ 229.324149] iommufd_test+0x3e5/0x37e0 [ 229.324687] ? lock_release+0x532/0x770 [ 229.325250] ? __might_fault+0x102/0x1b0 [ 229.325827] ? lock_acquire+0x427/0x4c0 [ 229.326405] ? __pfx_iommufd_test+0x10/0x10 [ 229.327057] ? __pfx_lock_release+0x10/0x10 [ 229.327705] ? __pfx_lock_acquire+0x10/0x10 [ 229.328320] ? write_comp_data+0x2f/0x90 [ 229.328892] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.329532] ? write_comp_data+0x2f/0x90 [ 229.330080] iommufd_fops_ioctl+0x37d/0x510 [ 229.330715] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.331401] ? write_comp_data+0x2f/0x90 [ 229.331953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.332590] __x64_sys_ioctl+0x1a3/0x230 [ 229.333141] do_syscall_64+0x3b/0x90 [ 229.333649] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.334331] RIP: 0033:0x7f4b8743ee5d [ 229.334876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.337181] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.338156] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.339137] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.340049] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.340958] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.341864] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.342842] [ 229.343195] irq event stamp: 0 [ 229.343619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.344423] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.345490] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.346608] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.347523] ---[ end trace 0000000000000000 ]--- [ 229.350756] ------------[ cut here ]------------ [ 229.351281] WARNING: CPU: 1 PID: 2194 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.352234] Modules linked in: [ 229.352533] CPU: 1 PID: 2194 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.353350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.354402] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.355010] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.356835] RSP: 0018:ffff8880182dfbd0 EFLAGS: 00010246 [ 229.357347] RAX: 0000000000000000 RBX: ffff88800fe4c0a8 RCX: 0000000000000000 [ 229.358007] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 229.358710] RBP: ffff8880182dfbe8 R08: ffffed1001fc9833 R09: ffffed1001fc9833 [ 229.359457] R10: ffff88800fe4c193 R11: ffffed1001fc9832 R12: ffff888012978c00 [ 229.360138] R13: ffff88800fe4c1e8 R14: ffff88800f03b600 R15: 0000000000000000 [ 229.360814] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.361563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.362108] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.362815] PKRU: 55555554 [ 229.363160] Call Trace: [ 229.363424] [ 229.363636] iommufd_access_destroy_object+0x65/0x170 [ 229.364138] iommufd_object_destroy_user+0x18e/0x220 [ 229.364624] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.365181] iommufd_access_destroy+0x43/0x70 [ 229.365613] iommufd_test_staccess_release+0x8d/0xd0 [ 229.366110] __fput+0x26d/0xa40 [ 229.366433] ____fput+0x1e/0x30 [ 229.366792] task_work_run+0x1a4/0x2d0 [ 229.367268] ? __pfx_task_work_run+0x10/0x10 [ 229.367744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.368212] ? switch_task_namespaces+0xa9/0xe0 [ 229.368678] do_exit+0xb17/0x2ef0 [ 229.369007] ? lock_acquire+0x427/0x4c0 [ 229.369394] ? __pfx_lock_release+0x10/0x10 [ 229.369827] ? __kasan_check_write+0x18/0x20 [ 229.370240] ? do_raw_spin_lock+0x132/0x2a0 [ 229.370692] ? __pfx_do_exit+0x10/0x10 [ 229.371206] ? debug_smp_processor_id+0x20/0x30 [ 229.371651] ? rcu_is_watching+0x19/0xb0 [ 229.372045] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.372474] ? trace_hardirqs_on+0x26/0x120 [ 229.372901] do_group_exit+0xe0/0x2b0 [ 229.373262] __x64_sys_exit_group+0x47/0x50 [ 229.373672] do_syscall_64+0x3b/0x90 [ 229.374048] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.374584] RIP: 0033:0x7f4b87518a4d [ 229.375017] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.375658] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.376380] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.377042] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.377722] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.378387] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.379097] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.379870] [ 229.380093] irq event stamp: 0 [ 229.380399] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.380999] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.381804] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.382612] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.383297] ---[ end trace 0000000000000000 ]--- [ 229.384143] ------------[ cut here ]------------ [ 229.384594] WARNING: CPU: 1 PID: 2194 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.385560] Modules linked in: [ 229.385868] CPU: 1 PID: 2194 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.386746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.387923] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.388412] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.390118] RSP: 0018:ffff8880182dfb78 EFLAGS: 00010246 [ 229.390676] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.391411] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 229.392085] RBP: ffff8880182dfb98 R08: ffffed1001fc983e R09: ffffed1001fc983e [ 229.392753] R10: ffff88800fe4c1ef R11: ffffed1001fc983d R12: ffff88800fe4c290 [ 229.393422] R13: ffff88800fe4c0a8 R14: ffffffffffffffff R15: ffff8880182dfc60 [ 229.394100] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.394888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.395536] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.396200] PKRU: 55555554 [ 229.396487] Call Trace: [ 229.396730] [ 229.396944] iommufd_ioas_destroy+0x53/0x70 [ 229.397362] iommufd_fops_release+0x1f7/0x370 [ 229.397800] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.398268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.398782] ? write_comp_data+0x2f/0x90 [ 229.399470] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.400134] __fput+0x26d/0xa40 [ 229.400597] ____fput+0x1e/0x30 [ 229.401048] task_work_run+0x1a4/0x2d0 [ 229.401567] ? __pfx_task_work_run+0x10/0x10 [ 229.402147] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.402857] ? switch_task_namespaces+0xa9/0xe0 [ 229.403517] do_exit+0xb17/0x2ef0 [ 229.403982] ? lock_acquire+0x427/0x4c0 [ 229.404519] ? __pfx_lock_release+0x10/0x10 [ 229.405107] ? __kasan_check_write+0x18/0x20 [ 229.405698] ? do_raw_spin_lock+0x132/0x2a0 [ 229.406276] ? __pfx_do_exit+0x10/0x10 [ 229.406874] ? debug_smp_processor_id+0x20/0x30 [ 229.407521] ? rcu_is_watching+0x19/0xb0 [ 229.408062] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.408668] ? trace_hardirqs_on+0x26/0x120 [ 229.409247] do_group_exit+0xe0/0x2b0 [ 229.409756] __x64_sys_exit_group+0x47/0x50 [ 229.410322] do_syscall_64+0x3b/0x90 [ 229.410869] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.411595] RIP: 0033:0x7f4b87518a4d [ 229.412094] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.412882] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.413845] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.414797] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.415728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.416633] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.417546] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.418470] [ 229.418831] irq event stamp: 0 [ 229.419258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.420037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.421089] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.422122] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.422953] ---[ end trace 0000000000000000 ]--- [ 229.429967] ------------[ cut here ]------------ [ 229.430602] WARNING: CPU: 1 PID: 2195 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.431807] Modules linked in: [ 229.432192] CPU: 1 PID: 2195 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.433220] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.434580] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.435193] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.437332] RSP: 0018:ffff888023f87bb8 EFLAGS: 00010246 [ 229.437966] RAX: 0000000000000000 RBX: ffff88800af3b0a8 RCX: 0000000000000000 [ 229.438842] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 229.439702] RBP: ffff888023f87bd0 R08: ffffed10015e7633 R09: ffffed10015e7633 [ 229.440538] R10: ffff88800af3b193 R11: ffffed10015e7632 R12: ffff888018b88000 [ 229.441380] R13: ffff88800af3b1e8 R14: ffffffff8352e670 R15: ffff888023f87e68 [ 229.442222] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.443218] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.443910] CR2: 0000000020000140 CR3: 0000000020f38000 CR4: 0000000000750ee0 [ 229.444751] PKRU: 55555554 [ 229.445091] Call Trace: [ 229.445400] [ 229.445676] __iommufd_access_detach+0x1c2/0x2b0 [ 229.446263] iommufd_access_change_pt+0x149/0x270 [ 229.446896] iommufd_access_replace+0xb4/0x120 [ 229.447477] iommufd_test+0x3e5/0x37e0 [ 229.447951] ? lock_release+0x532/0x770 [ 229.448442] ? __might_fault+0x102/0x1b0 [ 229.448941] ? lock_acquire+0x427/0x4c0 [ 229.449435] ? __pfx_iommufd_test+0x10/0x10 [ 229.449948] ? __pfx_lock_release+0x10/0x10 [ 229.450475] ? __pfx_lock_acquire+0x10/0x10 [ 229.451062] ? write_comp_data+0x2f/0x90 [ 229.451584] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.452488] ? write_comp_data+0x2f/0x90 [ 229.452981] iommufd_fops_ioctl+0x37d/0x510 [ 229.453492] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.454071] ? write_comp_data+0x2f/0x90 [ 229.454976] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.455566] __x64_sys_ioctl+0x1a3/0x230 [ 229.456070] do_syscall_64+0x3b/0x90 [ 229.456613] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.457331] RIP: 0033:0x7f4b8743ee5d [ 229.457766] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.460061] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.460965] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.461897] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.462745] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.463711] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.464524] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.465418] [ 229.465749] irq event stamp: 0 [ 229.466116] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.466877] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.467987] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.468965] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.469846] ---[ end trace 0000000000000000 ]--- [ 229.474229] ------------[ cut here ]------------ [ 229.474834] WARNING: CPU: 1 PID: 2195 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.476122] Modules linked in: [ 229.476501] CPU: 1 PID: 2195 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.477566] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.478950] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.479551] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.481884] RSP: 0018:ffff888023f87bd0 EFLAGS: 00010246 [ 229.482561] RAX: 0000000000000000 RBX: ffff88800af3b0a8 RCX: 0000000000000000 [ 229.483421] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 229.484381] RBP: ffff888023f87be8 R08: ffffed10015e7633 R09: ffffed10015e7633 [ 229.485217] R10: ffff88800af3b193 R11: ffffed10015e7632 R12: ffff888012a1f400 [ 229.486169] R13: ffff88800af3b1e8 R14: ffff88800f747a00 R15: 0000000000000000 [ 229.487052] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.488036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.488803] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.489636] PKRU: 55555554 [ 229.490020] Call Trace: [ 229.490398] [ 229.490727] iommufd_access_destroy_object+0x65/0x170 [ 229.491373] iommufd_object_destroy_user+0x18e/0x220 [ 229.491990] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.492791] iommufd_access_destroy+0x43/0x70 [ 229.493346] iommufd_test_staccess_release+0x8d/0xd0 [ 229.493989] __fput+0x26d/0xa40 [ 229.494488] ____fput+0x1e/0x30 [ 229.494961] task_work_run+0x1a4/0x2d0 [ 229.495463] ? __pfx_task_work_run+0x10/0x10 [ 229.495988] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.496681] ? switch_task_namespaces+0xa9/0xe0 [ 229.497245] do_exit+0xb17/0x2ef0 [ 229.497659] ? lock_acquire+0x427/0x4c0 [ 229.498207] ? __pfx_lock_release+0x10/0x10 [ 229.498818] ? __kasan_check_write+0x18/0x20 [ 229.499390] ? do_raw_spin_lock+0x132/0x2a0 [ 229.499792] ? __pfx_do_exit+0x10/0x10 [ 229.500154] ? debug_smp_processor_id+0x20/0x30 [ 229.500696] ? rcu_is_watching+0x19/0xb0 [ 229.501142] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.501555] ? trace_hardirqs_on+0x26/0x120 [ 229.501953] do_group_exit+0xe0/0x2b0 [ 229.502349] __x64_sys_exit_group+0x47/0x50 [ 229.502825] do_syscall_64+0x3b/0x90 [ 229.503178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.503661] RIP: 0033:0x7f4b87518a4d [ 229.503997] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.504622] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.505357] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.505997] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.506772] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.507431] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.508071] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.508785] [ 229.509053] irq event stamp: 0 [ 229.509339] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.509911] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.510772] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.511553] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.512124] ---[ end trace 0000000000000000 ]--- [ 229.512890] ------------[ cut here ]------------ [ 229.513321] WARNING: CPU: 1 PID: 2195 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.514247] Modules linked in: [ 229.514607] CPU: 1 PID: 2195 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.515453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.516474] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.517057] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.518829] RSP: 0018:ffff888023f87b78 EFLAGS: 00010246 [ 229.519339] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.519980] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 229.520646] RBP: ffff888023f87b98 R08: ffffed10015e763e R09: ffffed10015e763e [ 229.521380] R10: ffff88800af3b1ef R11: ffffed10015e763d R12: ffff88800af3b290 [ 229.522023] R13: ffff88800af3b0a8 R14: ffffffffffffffff R15: ffff888023f87c60 [ 229.522743] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.523526] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.524049] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.524711] PKRU: 55555554 [ 229.525048] Call Trace: [ 229.525279] [ 229.525481] iommufd_ioas_destroy+0x53/0x70 [ 229.525880] iommufd_fops_release+0x1f7/0x370 [ 229.526292] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.526864] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.527321] ? write_comp_data+0x2f/0x90 [ 229.527701] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.528157] __fput+0x26d/0xa40 [ 229.528470] ____fput+0x1e/0x30 [ 229.528834] task_work_run+0x1a4/0x2d0 [ 229.529249] ? __pfx_task_work_run+0x10/0x10 [ 229.529657] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.530098] ? switch_task_namespaces+0xa9/0xe0 [ 229.530568] do_exit+0xb17/0x2ef0 [ 229.530950] ? lock_acquire+0x427/0x4c0 [ 229.531330] ? __pfx_lock_release+0x10/0x10 [ 229.531730] ? __kasan_check_write+0x18/0x20 [ 229.532136] ? do_raw_spin_lock+0x132/0x2a0 [ 229.532527] ? __pfx_do_exit+0x10/0x10 [ 229.533019] ? debug_smp_processor_id+0x20/0x30 [ 229.533477] ? rcu_is_watching+0x19/0xb0 [ 229.533847] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.534262] ? trace_hardirqs_on+0x26/0x120 [ 229.534681] do_group_exit+0xe0/0x2b0 [ 229.535030] __x64_sys_exit_group+0x47/0x50 [ 229.535424] do_syscall_64+0x3b/0x90 [ 229.535769] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.536246] RIP: 0033:0x7f4b87518a4d [ 229.536585] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.537138] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.537828] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.538465] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.539135] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.539776] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.540410] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.541056] [ 229.541266] irq event stamp: 0 [ 229.541553] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.542122] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.542904] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.543659] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.544223] ---[ end trace 0000000000000000 ]--- [ 229.548452] ------------[ cut here ]------------ [ 229.548894] WARNING: CPU: 1 PID: 2196 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.549769] Modules linked in: [ 229.550045] CPU: 1 PID: 2196 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.550837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.551822] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.552251] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.553849] RSP: 0018:ffff88800e967bb8 EFLAGS: 00010246 [ 229.554310] RAX: 0000000000000000 RBX: ffff8880104600a8 RCX: 0000000000000000 [ 229.554944] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 229.555569] RBP: ffff88800e967bd0 R08: ffffed100208c033 R09: ffffed100208c033 [ 229.556187] R10: ffff888010460193 R11: ffffed100208c032 R12: ffff88801226c800 [ 229.556803] R13: ffff8880104601e8 R14: ffffffff8352e670 R15: ffff88800e967e68 [ 229.557417] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.558112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.558637] CR2: 0000000020000140 CR3: 0000000013f8c000 CR4: 0000000000750ee0 [ 229.559267] PKRU: 55555554 [ 229.559512] Call Trace: [ 229.559733] [ 229.559931] __iommufd_access_detach+0x1c2/0x2b0 [ 229.560359] iommufd_access_change_pt+0x149/0x270 [ 229.560787] iommufd_access_replace+0xb4/0x120 [ 229.561194] iommufd_test+0x3e5/0x37e0 [ 229.561532] ? lock_release+0x532/0x770 [ 229.561885] ? __might_fault+0x102/0x1b0 [ 229.562244] ? lock_acquire+0x427/0x4c0 [ 229.562622] ? __pfx_iommufd_test+0x10/0x10 [ 229.563001] ? __pfx_lock_release+0x10/0x10 [ 229.563399] ? __pfx_lock_acquire+0x10/0x10 [ 229.563790] ? write_comp_data+0x2f/0x90 [ 229.564154] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.564581] ? write_comp_data+0x2f/0x90 [ 229.565001] iommufd_fops_ioctl+0x37d/0x510 [ 229.565379] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.565804] ? write_comp_data+0x2f/0x90 [ 229.566165] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.566612] __x64_sys_ioctl+0x1a3/0x230 [ 229.566979] do_syscall_64+0x3b/0x90 [ 229.567323] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.567787] RIP: 0033:0x7f4b8743ee5d [ 229.568113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.569692] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.570352] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.570995] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.571626] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.572250] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.572873] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.573492] [ 229.573697] irq event stamp: 0 [ 229.573976] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.574546] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.575267] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.575983] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.576521] ---[ end trace 0000000000000000 ]--- [ 229.579281] ------------[ cut here ]------------ [ 229.579721] WARNING: CPU: 1 PID: 2196 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.580586] Modules linked in: [ 229.580859] CPU: 1 PID: 2196 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.581601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.582588] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.583016] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.584593] RSP: 0018:ffff88800e967bd0 EFLAGS: 00010246 [ 229.585045] RAX: 0000000000000000 RBX: ffff8880104600a8 RCX: 0000000000000000 [ 229.585654] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 229.586260] RBP: ffff88800e967be8 R08: ffffed100208c033 R09: ffffed100208c033 [ 229.586884] R10: ffff888010460193 R11: ffffed100208c032 R12: ffff888018b8b000 [ 229.587502] R13: ffff8880104601e8 R14: ffff88800fd8bc00 R15: 0000000000000000 [ 229.588110] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.588796] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.589293] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.589907] PKRU: 55555554 [ 229.590147] Call Trace: [ 229.590366] [ 229.590580] iommufd_access_destroy_object+0x65/0x170 [ 229.591025] iommufd_object_destroy_user+0x18e/0x220 [ 229.591488] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.591994] iommufd_access_destroy+0x43/0x70 [ 229.592386] iommufd_test_staccess_release+0x8d/0xd0 [ 229.592829] __fput+0x26d/0xa40 [ 229.593128] ____fput+0x1e/0x30 [ 229.593420] task_work_run+0x1a4/0x2d0 [ 229.593760] ? __pfx_task_work_run+0x10/0x10 [ 229.594138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.594584] ? switch_task_namespaces+0xa9/0xe0 [ 229.594995] do_exit+0xb17/0x2ef0 [ 229.595303] ? lock_acquire+0x427/0x4c0 [ 229.595655] ? __pfx_lock_release+0x10/0x10 [ 229.596035] ? __kasan_check_write+0x18/0x20 [ 229.596418] ? do_raw_spin_lock+0x132/0x2a0 [ 229.596786] ? __pfx_do_exit+0x10/0x10 [ 229.597186] ? debug_smp_processor_id+0x20/0x30 [ 229.597592] ? rcu_is_watching+0x19/0xb0 [ 229.597940] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.598331] ? trace_hardirqs_on+0x26/0x120 [ 229.598743] do_group_exit+0xe0/0x2b0 [ 229.599075] __x64_sys_exit_group+0x47/0x50 [ 229.599454] do_syscall_64+0x3b/0x90 [ 229.599785] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.600237] RIP: 0033:0x7f4b87518a4d [ 229.600558] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.601083] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.601728] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.602323] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.602950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.603569] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.604176] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.604795] [ 229.604994] irq event stamp: 0 [ 229.605267] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.605797] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.606490] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.607213] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.607735] ---[ end trace 0000000000000000 ]--- [ 229.608455] ------------[ cut here ]------------ [ 229.608858] WARNING: CPU: 1 PID: 2196 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.609732] Modules linked in: [ 229.610010] CPU: 1 PID: 2196 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.610780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.611764] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.612205] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.613744] RSP: 0018:ffff88800e967b78 EFLAGS: 00010246 [ 229.614186] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.614795] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 229.615403] RBP: ffff88800e967b98 R08: ffffed100208c03e R09: ffffed100208c03e [ 229.616000] R10: ffff8880104601ef R11: ffffed100208c03d R12: ffff888010460290 [ 229.616597] R13: ffff8880104600a8 R14: ffffffffffffffff R15: ffff88800e967c60 [ 229.617191] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.617855] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.618336] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.618958] PKRU: 55555554 [ 229.619207] Call Trace: [ 229.619426] [ 229.619616] iommufd_ioas_destroy+0x53/0x70 [ 229.619983] iommufd_fops_release+0x1f7/0x370 [ 229.620366] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.620794] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.621214] ? write_comp_data+0x2f/0x90 [ 229.621575] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.621996] __fput+0x26d/0xa40 [ 229.622289] ____fput+0x1e/0x30 [ 229.622595] task_work_run+0x1a4/0x2d0 [ 229.622941] ? __pfx_task_work_run+0x10/0x10 [ 229.623335] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.623763] ? switch_task_namespaces+0xa9/0xe0 [ 229.624172] do_exit+0xb17/0x2ef0 [ 229.624473] ? lock_acquire+0x427/0x4c0 [ 229.624819] ? __pfx_lock_release+0x10/0x10 [ 229.625185] ? __kasan_check_write+0x18/0x20 [ 229.625559] ? do_raw_spin_lock+0x132/0x2a0 [ 229.625922] ? __pfx_do_exit+0x10/0x10 [ 229.626263] ? debug_smp_processor_id+0x20/0x30 [ 229.626688] ? rcu_is_watching+0x19/0xb0 [ 229.627042] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.627444] ? trace_hardirqs_on+0x26/0x120 [ 229.627813] do_group_exit+0xe0/0x2b0 [ 229.628135] __x64_sys_exit_group+0x47/0x50 [ 229.628498] do_syscall_64+0x3b/0x90 [ 229.628821] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.629332] RIP: 0033:0x7f4b87518a4d [ 229.629649] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.630163] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.630815] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.631420] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.632015] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.632609] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.633200] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.633797] [ 229.633996] irq event stamp: 0 [ 229.634266] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.634823] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.635547] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.636265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.636795] ---[ end trace 0000000000000000 ]--- [ 229.642814] ------------[ cut here ]------------ [ 229.643381] WARNING: CPU: 1 PID: 2197 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.644474] Modules linked in: [ 229.644835] CPU: 1 PID: 2197 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.645786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.647042] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.647615] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.649570] RSP: 0018:ffff8880164dfbb8 EFLAGS: 00010246 [ 229.650155] RAX: 0000000000000000 RBX: ffff88801587f8a8 RCX: 0000000000000000 [ 229.650962] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 229.651751] RBP: ffff8880164dfbd0 R08: ffffed1002b0ff33 R09: ffffed1002b0ff33 [ 229.652530] R10: ffff88801587f993 R11: ffffed1002b0ff32 R12: ffff888013da5800 [ 229.653308] R13: ffff88801587f9e8 R14: ffffffff8352e670 R15: ffff8880164dfe68 [ 229.654087] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.654993] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.655644] CR2: 0000000020000140 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 229.656422] PKRU: 55555554 [ 229.656741] Call Trace: [ 229.657030] [ 229.657288] __iommufd_access_detach+0x1c2/0x2b0 [ 229.657832] iommufd_access_change_pt+0x149/0x270 [ 229.658391] iommufd_access_replace+0xb4/0x120 [ 229.658961] iommufd_test+0x3e5/0x37e0 [ 229.659418] ? lock_release+0x532/0x770 [ 229.659881] ? __might_fault+0x102/0x1b0 [ 229.660345] ? lock_acquire+0x427/0x4c0 [ 229.660805] ? __pfx_iommufd_test+0x10/0x10 [ 229.661289] ? __pfx_lock_release+0x10/0x10 [ 229.661767] ? __pfx_lock_acquire+0x10/0x10 [ 229.662252] ? write_comp_data+0x2f/0x90 [ 229.662743] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.663359] ? write_comp_data+0x2f/0x90 [ 229.663693] iommufd_fops_ioctl+0x37d/0x510 [ 229.664011] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.664368] ? write_comp_data+0x2f/0x90 [ 229.664668] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.665014] __x64_sys_ioctl+0x1a3/0x230 [ 229.665314] do_syscall_64+0x3b/0x90 [ 229.665589] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.665964] RIP: 0033:0x7f4b8743ee5d [ 229.666229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.667550] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.668088] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.668590] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.669093] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.669594] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.670095] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.670616] [ 229.670786] irq event stamp: 0 [ 229.671012] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.671468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.672057] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.672645] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.673091] ---[ end trace 0000000000000000 ]--- [ 229.675724] ------------[ cut here ]------------ [ 229.676074] WARNING: CPU: 1 PID: 2197 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.676790] Modules linked in: [ 229.677020] CPU: 1 PID: 2197 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.677637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.678432] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.678808] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.680098] RSP: 0018:ffff8880164dfbd0 EFLAGS: 00010246 [ 229.680473] RAX: 0000000000000000 RBX: ffff88801587f8a8 RCX: 0000000000000000 [ 229.680977] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 229.681482] RBP: ffff8880164dfbe8 R08: ffffed1002b0ff33 R09: ffffed1002b0ff33 [ 229.681985] R10: ffff88801587f993 R11: ffffed1002b0ff32 R12: ffff88801226ec00 [ 229.682491] R13: ffff88801587f9e8 R14: ffff88800fa03800 R15: 0000000000000000 [ 229.683013] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.683589] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.683994] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.684492] PKRU: 55555554 [ 229.684689] Call Trace: [ 229.684873] [ 229.685036] iommufd_access_destroy_object+0x65/0x170 [ 229.685407] iommufd_object_destroy_user+0x18e/0x220 [ 229.685776] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.686188] iommufd_access_destroy+0x43/0x70 [ 229.686527] iommufd_test_staccess_release+0x8d/0xd0 [ 229.686893] __fput+0x26d/0xa40 [ 229.687148] ____fput+0x1e/0x30 [ 229.687392] task_work_run+0x1a4/0x2d0 [ 229.687679] ? __pfx_task_work_run+0x10/0x10 [ 229.687998] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.688355] ? switch_task_namespaces+0xa9/0xe0 [ 229.688699] do_exit+0xb17/0x2ef0 [ 229.688949] ? lock_acquire+0x427/0x4c0 [ 229.689243] ? __pfx_lock_release+0x10/0x10 [ 229.689559] ? __kasan_check_write+0x18/0x20 [ 229.689879] ? do_raw_spin_lock+0x132/0x2a0 [ 229.690191] ? __pfx_do_exit+0x10/0x10 [ 229.690475] ? debug_smp_processor_id+0x20/0x30 [ 229.690826] ? rcu_is_watching+0x19/0xb0 [ 229.691114] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.691446] ? trace_hardirqs_on+0x26/0x120 [ 229.691755] do_group_exit+0xe0/0x2b0 [ 229.692027] __x64_sys_exit_group+0x47/0x50 [ 229.692329] do_syscall_64+0x3b/0x90 [ 229.692600] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.692968] RIP: 0033:0x7f4b87518a4d [ 229.693231] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.693660] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.694188] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.694703] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.695209] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.695705] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.696201] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.696705] [ 229.696871] irq event stamp: 0 [ 229.697093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.697535] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.698118] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.698720] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.699167] ---[ end trace 0000000000000000 ]--- [ 229.699810] ------------[ cut here ]------------ [ 229.700141] WARNING: CPU: 1 PID: 2197 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.700853] Modules linked in: [ 229.701082] CPU: 1 PID: 2197 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.701709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.702489] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.702875] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.704151] RSP: 0018:ffff8880164dfb78 EFLAGS: 00010246 [ 229.704527] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.705023] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 229.705519] RBP: ffff8880164dfb98 R08: ffffed1002b0ff3e R09: ffffed1002b0ff3e [ 229.706013] R10: ffff88801587f9ef R11: ffffed1002b0ff3d R12: ffff88801587fa90 [ 229.706526] R13: ffff88801587f8a8 R14: ffffffffffffffff R15: ffff8880164dfc60 [ 229.707025] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.707597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.708006] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 229.708513] PKRU: 55555554 [ 229.708717] Call Trace: [ 229.708900] [ 229.709060] iommufd_ioas_destroy+0x53/0x70 [ 229.709371] iommufd_fops_release+0x1f7/0x370 [ 229.709690] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.710041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.710392] ? write_comp_data+0x2f/0x90 [ 229.710705] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.711059] __fput+0x26d/0xa40 [ 229.711322] ____fput+0x1e/0x30 [ 229.711568] task_work_run+0x1a4/0x2d0 [ 229.711854] ? __pfx_task_work_run+0x10/0x10 [ 229.712175] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.712864] ? switch_task_namespaces+0xa9/0xe0 [ 229.713213] do_exit+0xb17/0x2ef0 [ 229.713461] ? lock_acquire+0x427/0x4c0 [ 229.713750] ? __pfx_lock_release+0x10/0x10 [ 229.714061] ? __kasan_check_write+0x18/0x20 [ 229.714375] ? do_raw_spin_lock+0x132/0x2a0 [ 229.714709] ? __pfx_do_exit+0x10/0x10 [ 229.715045] ? debug_smp_processor_id+0x20/0x30 [ 229.715435] ? rcu_is_watching+0x19/0xb0 [ 229.715721] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.716043] ? trace_hardirqs_on+0x26/0x120 [ 229.716354] do_group_exit+0xe0/0x2b0 [ 229.716623] __x64_sys_exit_group+0x47/0x50 [ 229.716926] do_syscall_64+0x3b/0x90 [ 229.717226] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.717642] RIP: 0033:0x7f4b87518a4d [ 229.717902] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.718329] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.718881] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.719384] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.719879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.720395] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.720960] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.721474] [ 229.721641] irq event stamp: 0 [ 229.721864] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.722304] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.723000] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.723598] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.724037] ---[ end trace 0000000000000000 ]--- [ 229.727380] ------------[ cut here ]------------ [ 229.727736] WARNING: CPU: 1 PID: 2198 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.728452] Modules linked in: [ 229.728678] CPU: 1 PID: 2198 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.729337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.730158] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.730529] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.731811] RSP: 0018:ffff888023f87bb8 EFLAGS: 00010246 [ 229.732238] RAX: 0000000000000000 RBX: ffff888012a7e0a8 RCX: 0000000000000000 [ 229.732770] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 229.733264] RBP: ffff888023f87bd0 R08: ffffed100254fc33 R09: ffffed100254fc33 [ 229.733761] R10: ffff888012a7e193 R11: ffffed100254fc32 R12: ffff888017065400 [ 229.734265] R13: ffff888012a7e1e8 R14: ffffffff8352e670 R15: ffff888023f87e68 [ 229.734866] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.735436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.735845] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 229.736342] PKRU: 55555554 [ 229.736542] Call Trace: [ 229.736722] [ 229.736881] __iommufd_access_detach+0x1c2/0x2b0 [ 229.737226] iommufd_access_change_pt+0x149/0x270 [ 229.737676] iommufd_access_replace+0xb4/0x120 [ 229.738029] iommufd_test+0x3e5/0x37e0 [ 229.738304] ? lock_release+0x532/0x770 [ 229.738612] ? __might_fault+0x102/0x1b0 [ 229.738904] ? lock_acquire+0x427/0x4c0 [ 229.739205] ? __pfx_iommufd_test+0x10/0x10 [ 229.739514] ? __pfx_lock_release+0x10/0x10 [ 229.739830] ? __pfx_lock_acquire+0x10/0x10 [ 229.740142] ? write_comp_data+0x2f/0x90 [ 229.740437] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.740786] ? write_comp_data+0x2f/0x90 [ 229.741091] iommufd_fops_ioctl+0x37d/0x510 [ 229.741489] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.741837] ? write_comp_data+0x2f/0x90 [ 229.742136] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.742480] __x64_sys_ioctl+0x1a3/0x230 [ 229.742814] do_syscall_64+0x3b/0x90 [ 229.743091] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.743485] RIP: 0033:0x7f4b8743ee5d [ 229.743755] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.745138] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.745691] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.746193] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.746736] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.747257] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.747765] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.748379] [ 229.748548] irq event stamp: 0 [ 229.748773] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.749224] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.749829] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.750436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.750976] ---[ end trace 0000000000000000 ]--- [ 229.753762] ------------[ cut here ]------------ [ 229.754124] WARNING: CPU: 1 PID: 2198 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.755004] Modules linked in: [ 229.755251] CPU: 1 PID: 2198 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.755884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.756697] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.757062] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.758476] RSP: 0018:ffff888023f87bd0 EFLAGS: 00010246 [ 229.758937] RAX: 0000000000000000 RBX: ffff888012a7e0a8 RCX: 0000000000000000 [ 229.759469] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 229.759983] RBP: ffff888023f87be8 R08: ffffed100254fc33 R09: ffffed100254fc33 [ 229.760501] R10: ffff888012a7e193 R11: ffffed100254fc32 R12: ffff888013da5000 [ 229.761019] R13: ffff888012a7e1e8 R14: ffff888010d0f800 R15: 0000000000000000 [ 229.761639] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.762226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.762680] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 229.763212] PKRU: 55555554 [ 229.763418] Call Trace: [ 229.763616] [ 229.763786] iommufd_access_destroy_object+0x65/0x170 [ 229.764176] iommufd_object_destroy_user+0x18e/0x220 [ 229.764595] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.765111] iommufd_access_destroy+0x43/0x70 [ 229.765461] iommufd_test_staccess_release+0x8d/0xd0 [ 229.765849] __fput+0x26d/0xa40 [ 229.766110] ____fput+0x1e/0x30 [ 229.766366] task_work_run+0x1a4/0x2d0 [ 229.766692] ? __pfx_task_work_run+0x10/0x10 [ 229.767030] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.767413] ? switch_task_namespaces+0xa9/0xe0 [ 229.767775] do_exit+0xb17/0x2ef0 [ 229.768037] ? lock_acquire+0x427/0x4c0 [ 229.768448] ? __pfx_lock_release+0x10/0x10 [ 229.768784] ? __kasan_check_write+0x18/0x20 [ 229.769117] ? do_raw_spin_lock+0x132/0x2a0 [ 229.769441] ? __pfx_do_exit+0x10/0x10 [ 229.769741] ? debug_smp_processor_id+0x20/0x30 [ 229.770094] ? rcu_is_watching+0x19/0xb0 [ 229.770400] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.770774] ? trace_hardirqs_on+0x26/0x120 [ 229.771108] do_group_exit+0xe0/0x2b0 [ 229.771408] __x64_sys_exit_group+0x47/0x50 [ 229.771738] do_syscall_64+0x3b/0x90 [ 229.772088] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.772544] RIP: 0033:0x7f4b87518a4d [ 229.772821] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.773278] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.773840] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.774368] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.774989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.775582] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.776111] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.776651] [ 229.776829] irq event stamp: 0 [ 229.777064] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.777531] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.778164] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.778939] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.779427] ---[ end trace 0000000000000000 ]--- [ 229.780426] ------------[ cut here ]------------ [ 229.780796] WARNING: CPU: 1 PID: 2198 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.781578] Modules linked in: [ 229.781858] CPU: 1 PID: 2198 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.782626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.783477] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.783870] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.785234] RSP: 0018:ffff888023f87b78 EFLAGS: 00010246 [ 229.785696] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.786289] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 229.786849] RBP: ffff888023f87b98 R08: ffffed100254fc3e R09: ffffed100254fc3e [ 229.787397] R10: ffff888012a7e1ef R11: ffffed100254fc3d R12: ffff888012a7e290 [ 229.787930] R13: ffff888012a7e0a8 R14: ffffffffffffffff R15: ffff888023f87c60 [ 229.788470] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.789134] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.789634] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 229.790175] PKRU: 55555554 [ 229.790390] Call Trace: [ 229.790615] [ 229.790791] iommufd_ioas_destroy+0x53/0x70 [ 229.791134] iommufd_fops_release+0x1f7/0x370 [ 229.791493] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.791888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.792276] ? write_comp_data+0x2f/0x90 [ 229.792676] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.793133] __fput+0x26d/0xa40 [ 229.793409] ____fput+0x1e/0x30 [ 229.793676] task_work_run+0x1a4/0x2d0 [ 229.793988] ? __pfx_task_work_run+0x10/0x10 [ 229.794339] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.794754] ? switch_task_namespaces+0xa9/0xe0 [ 229.795141] do_exit+0xb17/0x2ef0 [ 229.795416] ? lock_acquire+0x427/0x4c0 [ 229.795735] ? __pfx_lock_release+0x10/0x10 [ 229.796078] ? __kasan_check_write+0x18/0x20 [ 229.796506] ? do_raw_spin_lock+0x132/0x2a0 [ 229.796902] ? __pfx_do_exit+0x10/0x10 [ 229.797216] ? debug_smp_processor_id+0x20/0x30 [ 229.797583] ? rcu_is_watching+0x19/0xb0 [ 229.797902] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.798271] ? trace_hardirqs_on+0x26/0x120 [ 229.798644] do_group_exit+0xe0/0x2b0 [ 229.798948] __x64_sys_exit_group+0x47/0x50 [ 229.799297] do_syscall_64+0x3b/0x90 [ 229.799599] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.800045] RIP: 0033:0x7f4b87518a4d [ 229.800403] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.800879] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.801469] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.802016] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.802592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.803164] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.803824] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.804385] [ 229.804571] irq event stamp: 0 [ 229.804820] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.805316] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.805963] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.806776] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.807281] ---[ end trace 0000000000000000 ]--- [ 229.811910] ------------[ cut here ]------------ [ 229.812320] WARNING: CPU: 1 PID: 2199 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.813236] Modules linked in: [ 229.813489] CPU: 1 PID: 2199 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.814162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.815054] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.815458] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.817013] RSP: 0018:ffff8880164dfbb8 EFLAGS: 00010246 [ 229.817430] RAX: 0000000000000000 RBX: ffff88800f1c08a8 RCX: 0000000000000000 [ 229.817978] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 229.818549] RBP: ffff8880164dfbd0 R08: ffffed1001e38133 R09: ffffed1001e38133 [ 229.819103] R10: ffff88800f1c0993 R11: ffffed1001e38132 R12: ffff888014b94000 [ 229.819709] R13: ffff88800f1c09e8 R14: ffffffff8352e670 R15: ffff8880164dfe68 [ 229.820369] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.820994] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.821447] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 229.821999] PKRU: 55555554 [ 229.822223] Call Trace: [ 229.822426] [ 229.822640] __iommufd_access_detach+0x1c2/0x2b0 [ 229.823133] iommufd_access_change_pt+0x149/0x270 [ 229.823533] iommufd_access_replace+0xb4/0x120 [ 229.823899] iommufd_test+0x3e5/0x37e0 [ 229.824204] ? lock_release+0x532/0x770 [ 229.824524] ? __might_fault+0x102/0x1b0 [ 229.824853] ? lock_acquire+0x427/0x4c0 [ 229.825177] ? __pfx_iommufd_test+0x10/0x10 [ 229.825521] ? __pfx_lock_release+0x10/0x10 [ 229.825942] ? __pfx_lock_acquire+0x10/0x10 [ 229.826347] ? write_comp_data+0x2f/0x90 [ 229.826702] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.827091] ? write_comp_data+0x2f/0x90 [ 229.827431] iommufd_fops_ioctl+0x37d/0x510 [ 229.827775] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.828164] ? write_comp_data+0x2f/0x90 [ 229.828491] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.828984] __x64_sys_ioctl+0x1a3/0x230 [ 229.829318] do_syscall_64+0x3b/0x90 [ 229.829621] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.830032] RIP: 0033:0x7f4b8743ee5d [ 229.830325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.831878] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.832477] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.833027] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.833577] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.834259] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.834835] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.835414] [ 229.835608] irq event stamp: 0 [ 229.835869] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.836387] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.837213] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.837884] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.838385] ---[ end trace 0000000000000000 ]--- [ 229.841354] ------------[ cut here ]------------ [ 229.841776] WARNING: CPU: 1 PID: 2199 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.842636] Modules linked in: [ 229.842901] CPU: 1 PID: 2199 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.843670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.844649] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.845057] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.846715] RSP: 0018:ffff8880164dfbd0 EFLAGS: 00010246 [ 229.847160] RAX: 0000000000000000 RBX: ffff88800f1c08a8 RCX: 0000000000000000 [ 229.847735] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 229.848314] RBP: ffff8880164dfbe8 R08: ffffed1001e38133 R09: ffffed1001e38133 [ 229.848884] R10: ffff88800f1c0993 R11: ffffed1001e38132 R12: ffff888017067400 [ 229.849569] R13: ffff88800f1c09e8 R14: ffff888018b83200 R15: 0000000000000000 [ 229.850151] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.850827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.851318] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 229.851935] PKRU: 55555554 [ 229.852224] Call Trace: [ 229.852433] [ 229.852617] iommufd_access_destroy_object+0x65/0x170 [ 229.853036] iommufd_object_destroy_user+0x18e/0x220 [ 229.853455] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.853933] iommufd_access_destroy+0x43/0x70 [ 229.854338] iommufd_test_staccess_release+0x8d/0xd0 [ 229.854865] __fput+0x26d/0xa40 [ 229.855165] ____fput+0x1e/0x30 [ 229.855442] task_work_run+0x1a4/0x2d0 [ 229.855768] ? __pfx_task_work_run+0x10/0x10 [ 229.856126] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.856527] ? switch_task_namespaces+0xa9/0xe0 [ 229.856914] do_exit+0xb17/0x2ef0 [ 229.857196] ? lock_acquire+0x427/0x4c0 [ 229.857626] ? __pfx_lock_release+0x10/0x10 [ 229.857983] ? __kasan_check_write+0x18/0x20 [ 229.858346] ? do_raw_spin_lock+0x132/0x2a0 [ 229.858721] ? __pfx_do_exit+0x10/0x10 [ 229.859048] ? debug_smp_processor_id+0x20/0x30 [ 229.859437] ? rcu_is_watching+0x19/0xb0 [ 229.859769] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.860145] ? trace_hardirqs_on+0x26/0x120 [ 229.860618] do_group_exit+0xe0/0x2b0 [ 229.860936] __x64_sys_exit_group+0x47/0x50 [ 229.861291] do_syscall_64+0x3b/0x90 [ 229.861607] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.862031] RIP: 0033:0x7f4b87518a4d [ 229.862334] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.862918] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.863591] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.864173] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.864752] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.865331] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.866026] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.866639] [ 229.866832] irq event stamp: 0 [ 229.867084] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.867607] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.868286] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.869088] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.869598] ---[ end trace 0000000000000000 ]--- [ 229.870431] ------------[ cut here ]------------ [ 229.871010] WARNING: CPU: 1 PID: 2199 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.871940] Modules linked in: [ 229.872243] CPU: 1 PID: 2199 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.872944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.873856] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.874335] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.875861] RSP: 0018:ffff8880164dfb78 EFLAGS: 00010246 [ 229.876298] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.876878] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 229.877573] RBP: ffff8880164dfb98 R08: ffffed1001e3813e R09: ffffed1001e3813e [ 229.878151] R10: ffff88800f1c09ef R11: ffffed1001e3813d R12: ffff88800f1c0a90 [ 229.878752] R13: ffff88800f1c08a8 R14: ffffffffffffffff R15: ffff8880164dfc60 [ 229.879339] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.880046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.880551] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 229.881120] PKRU: 55555554 [ 229.881349] Call Trace: [ 229.881554] [ 229.881737] iommufd_ioas_destroy+0x53/0x70 [ 229.882106] iommufd_fops_release+0x1f7/0x370 [ 229.882590] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.883001] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.883424] ? write_comp_data+0x2f/0x90 [ 229.883760] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.884162] __fput+0x26d/0xa40 [ 229.884451] ____fput+0x1e/0x30 [ 229.884730] task_work_run+0x1a4/0x2d0 [ 229.885099] ? __pfx_task_work_run+0x10/0x10 [ 229.885530] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.885942] ? switch_task_namespaces+0xa9/0xe0 [ 229.886338] do_exit+0xb17/0x2ef0 [ 229.886657] ? lock_acquire+0x427/0x4c0 [ 229.887005] ? __pfx_lock_release+0x10/0x10 [ 229.887386] ? __kasan_check_write+0x18/0x20 [ 229.887763] ? do_raw_spin_lock+0x132/0x2a0 [ 229.888126] ? __pfx_do_exit+0x10/0x10 [ 229.888466] ? debug_smp_processor_id+0x20/0x30 [ 229.888962] ? rcu_is_watching+0x19/0xb0 [ 229.889350] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.889733] ? trace_hardirqs_on+0x26/0x120 [ 229.890103] do_group_exit+0xe0/0x2b0 [ 229.890430] __x64_sys_exit_group+0x47/0x50 [ 229.890827] do_syscall_64+0x3b/0x90 [ 229.891164] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.891611] RIP: 0033:0x7f4b87518a4d [ 229.891928] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.892453] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.893319] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.893924] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.894553] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.895171] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.895776] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.896386] [ 229.896640] irq event stamp: 0 [ 229.897041] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.897579] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.898275] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.899008] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.899562] ---[ end trace 0000000000000000 ]--- [ 229.904276] ------------[ cut here ]------------ [ 229.904724] WARNING: CPU: 1 PID: 2200 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.905587] Modules linked in: [ 229.905859] CPU: 1 PID: 2200 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.906624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.907687] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.908169] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.909688] RSP: 0018:ffff888023f87bb8 EFLAGS: 00010246 [ 229.910130] RAX: 0000000000000000 RBX: ffff888010b7a0a8 RCX: 0000000000000000 [ 229.910802] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 229.911525] RBP: ffff888023f87bd0 R08: ffffed100216f433 R09: ffffed100216f433 [ 229.912140] R10: ffff888010b7a193 R11: ffffed100216f432 R12: ffff888012e91000 [ 229.912753] R13: ffff888010b7a1e8 R14: ffffffff8352e670 R15: ffff888023f87e68 [ 229.913368] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.914069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.914858] CR2: 00007f4b877410e8 CR3: 0000000020fba000 CR4: 0000000000750ee0 [ 229.915556] PKRU: 55555554 [ 229.915822] Call Trace: [ 229.916066] [ 229.916281] __iommufd_access_detach+0x1c2/0x2b0 [ 229.916743] iommufd_access_change_pt+0x149/0x270 [ 229.917286] iommufd_access_replace+0xb4/0x120 [ 229.917739] iommufd_test+0x3e5/0x37e0 [ 229.918116] ? lock_release+0x532/0x770 [ 229.918695] ? __might_fault+0x102/0x1b0 [ 229.919093] ? lock_acquire+0x427/0x4c0 [ 229.919500] ? __pfx_iommufd_test+0x10/0x10 [ 229.919915] ? __pfx_lock_release+0x10/0x10 [ 229.920335] ? __pfx_lock_acquire+0x10/0x10 [ 229.920761] ? write_comp_data+0x2f/0x90 [ 229.921159] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.921628] ? write_comp_data+0x2f/0x90 [ 229.922029] iommufd_fops_ioctl+0x37d/0x510 [ 229.922549] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.923100] ? write_comp_data+0x2f/0x90 [ 229.923511] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 229.923982] __x64_sys_ioctl+0x1a3/0x230 [ 229.924384] do_syscall_64+0x3b/0x90 [ 229.924759] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.925265] RIP: 0033:0x7f4b8743ee5d [ 229.925624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 229.927588] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 229.928321] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 229.928995] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 229.929672] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 229.930398] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 229.931222] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 229.931914] [ 229.932138] irq event stamp: 0 [ 229.932438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.933037] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.933833] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.934828] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.935450] ---[ end trace 0000000000000000 ]--- [ 229.938472] ------------[ cut here ]------------ [ 229.939014] WARNING: CPU: 1 PID: 2200 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 229.940022] Modules linked in: [ 229.940344] CPU: 1 PID: 2200 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.941196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.942471] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 229.943050] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 229.944861] RSP: 0018:ffff888023f87bd0 EFLAGS: 00010246 [ 229.945397] RAX: 0000000000000000 RBX: ffff888010b7a0a8 RCX: 0000000000000000 [ 229.946145] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 229.947045] RBP: ffff888023f87be8 R08: ffffed100216f433 R09: ffffed100216f433 [ 229.947765] R10: ffff888010b7a193 R11: ffffed100216f432 R12: ffff888014b97000 [ 229.948466] R13: ffff888010b7a1e8 R14: ffff8880100bb900 R15: 0000000000000000 [ 229.949235] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.950079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.950830] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 229.951561] PKRU: 55555554 [ 229.951845] Call Trace: [ 229.952099] [ 229.952325] iommufd_access_destroy_object+0x65/0x170 [ 229.952845] iommufd_object_destroy_user+0x18e/0x220 [ 229.953769] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 229.954603] iommufd_access_destroy+0x43/0x70 [ 229.955237] iommufd_test_staccess_release+0x8d/0xd0 [ 229.956197] __fput+0x26d/0xa40 [ 229.956660] ____fput+0x1e/0x30 [ 229.957113] task_work_run+0x1a4/0x2d0 [ 229.957630] ? __pfx_task_work_run+0x10/0x10 [ 229.958458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.959184] ? switch_task_namespaces+0xa9/0xe0 [ 229.959804] do_exit+0xb17/0x2ef0 [ 229.960253] ? lock_acquire+0x427/0x4c0 [ 229.960951] ? __pfx_lock_release+0x10/0x10 [ 229.961517] ? __kasan_check_write+0x18/0x20 [ 229.962085] ? do_raw_spin_lock+0x132/0x2a0 [ 229.962723] ? __pfx_do_exit+0x10/0x10 [ 229.963342] ? debug_smp_processor_id+0x20/0x30 [ 229.963955] ? rcu_is_watching+0x19/0xb0 [ 229.964500] ? _raw_spin_unlock_irq+0x2b/0x60 [ 229.965096] ? trace_hardirqs_on+0x26/0x120 [ 229.965662] do_group_exit+0xe0/0x2b0 [ 229.966161] __x64_sys_exit_group+0x47/0x50 [ 229.966788] do_syscall_64+0x3b/0x90 [ 229.967338] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 229.968046] RIP: 0033:0x7f4b87518a4d [ 229.968553] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 229.969354] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 229.970314] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 229.971322] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 229.972249] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 229.973373] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 229.974289] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 229.975355] [ 229.975755] irq event stamp: 0 [ 229.976168] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 229.976988] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 229.978063] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 229.979214] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 229.980031] ---[ end trace 0000000000000000 ]--- [ 229.981457] ------------[ cut here ]------------ [ 229.982083] WARNING: CPU: 1 PID: 2200 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 229.983796] Modules linked in: [ 229.984236] CPU: 1 PID: 2200 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 229.985338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 229.986839] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 229.987552] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 229.989845] RSP: 0018:ffff888023f87b78 EFLAGS: 00010246 [ 229.990594] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 229.991528] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 229.992438] RBP: ffff888023f87b98 R08: ffffed100216f43e R09: ffffed100216f43e [ 229.993350] R10: ffff888010b7a1ef R11: ffffed100216f43d R12: ffff888010b7a290 [ 229.994258] R13: ffff888010b7a0a8 R14: ffffffffffffffff R15: ffff888023f87c60 [ 229.995323] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 229.996082] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 229.996615] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 229.997269] PKRU: 55555554 [ 229.997530] Call Trace: [ 229.997767] [ 229.997978] iommufd_ioas_destroy+0x53/0x70 [ 229.998387] iommufd_fops_release+0x1f7/0x370 [ 229.998832] ? __pfx_iommufd_fops_release+0x10/0x10 [ 229.999315] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 229.999774] ? write_comp_data+0x2f/0x90 [ 230.000161] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.000628] __fput+0x26d/0xa40 [ 230.000953] ____fput+0x1e/0x30 [ 230.001274] task_work_run+0x1a4/0x2d0 [ 230.001649] ? __pfx_task_work_run+0x10/0x10 [ 230.002074] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.002572] ? switch_task_namespaces+0xa9/0xe0 [ 230.003027] do_exit+0xb17/0x2ef0 [ 230.003382] ? lock_acquire+0x427/0x4c0 [ 230.003772] ? __pfx_lock_release+0x10/0x10 [ 230.004183] ? __kasan_check_write+0x18/0x20 [ 230.004604] ? do_raw_spin_lock+0x132/0x2a0 [ 230.005014] ? __pfx_do_exit+0x10/0x10 [ 230.005393] ? debug_smp_processor_id+0x20/0x30 [ 230.005841] ? rcu_is_watching+0x19/0xb0 [ 230.006223] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.006692] ? trace_hardirqs_on+0x26/0x120 [ 230.007106] do_group_exit+0xe0/0x2b0 [ 230.007489] __x64_sys_exit_group+0x47/0x50 [ 230.007895] do_syscall_64+0x3b/0x90 [ 230.008257] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.008749] RIP: 0033:0x7f4b87518a4d [ 230.009100] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.009669] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.010374] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.011071] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.011759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.012426] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.013089] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.013758] [ 230.013980] irq event stamp: 0 [ 230.014277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.014894] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.015694] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.016479] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.017095] ---[ end trace 0000000000000000 ]--- [ 230.021646] ------------[ cut here ]------------ [ 230.022206] WARNING: CPU: 0 PID: 2201 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.023530] Modules linked in: [ 230.023866] CPU: 0 PID: 2201 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.024761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.025906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.026406] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.028473] RSP: 0018:ffff8880143a7bb8 EFLAGS: 00010246 [ 230.029036] RAX: 0000000000000000 RBX: ffff888010ff30a8 RCX: 0000000000000000 [ 230.029773] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 230.030540] RBP: ffff8880143a7bd0 R08: ffffed10021fe633 R09: ffffed10021fe633 [ 230.031301] R10: ffff888010ff3193 R11: ffffed10021fe632 R12: ffff88800b9b5c00 [ 230.032034] R13: ffff888010ff31e8 R14: ffffffff8352e670 R15: ffff8880143a7e68 [ 230.032768] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 230.033601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.034200] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ef0 [ 230.034971] PKRU: 55555554 [ 230.035284] Call Trace: [ 230.035555] [ 230.035795] __iommufd_access_detach+0x1c2/0x2b0 [ 230.036296] iommufd_access_change_pt+0x149/0x270 [ 230.036801] iommufd_access_replace+0xb4/0x120 [ 230.037287] iommufd_test+0x3e5/0x37e0 [ 230.037690] ? lock_release+0x532/0x770 [ 230.038111] ? __might_fault+0x102/0x1b0 [ 230.038563] ? lock_acquire+0x427/0x4c0 [ 230.038989] ? __pfx_iommufd_test+0x10/0x10 [ 230.039443] ? __pfx_lock_release+0x10/0x10 [ 230.039896] ? __pfx_lock_acquire+0x10/0x10 [ 230.040352] ? write_comp_data+0x2f/0x90 [ 230.040788] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.041299] ? write_comp_data+0x2f/0x90 [ 230.041740] iommufd_fops_ioctl+0x37d/0x510 [ 230.042197] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.042728] ? write_comp_data+0x2f/0x90 [ 230.043183] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.043688] __x64_sys_ioctl+0x1a3/0x230 [ 230.044125] do_syscall_64+0x3b/0x90 [ 230.044530] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.045152] RIP: 0033:0x7f4b8743ee5d [ 230.045545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 230.047727] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 230.048711] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 230.049619] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 230.050589] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 230.051532] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 230.052436] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 230.053360] [ 230.053680] irq event stamp: 0 [ 230.054090] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.054941] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.056034] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.057096] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.057911] ---[ end trace 0000000000000000 ]--- [ 230.062914] ------------[ cut here ]------------ [ 230.063578] WARNING: CPU: 0 PID: 2201 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.064848] Modules linked in: [ 230.065278] CPU: 0 PID: 2201 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.066390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.067910] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.068574] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.070909] RSP: 0018:ffff8880143a7bd0 EFLAGS: 00010246 [ 230.071622] RAX: 0000000000000000 RBX: ffff888010ff30a8 RCX: 0000000000000000 [ 230.072361] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 230.073089] RBP: ffff8880143a7be8 R08: ffffed10021fe633 R09: ffffed10021fe633 [ 230.073816] R10: ffff888010ff3193 R11: ffffed10021fe632 R12: ffff888012e96400 [ 230.074592] R13: ffff888010ff31e8 R14: ffff888011eff600 R15: 0000000000000000 [ 230.075339] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 230.076159] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.076754] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 230.077563] PKRU: 55555554 [ 230.077852] Call Trace: [ 230.078117] [ 230.078349] iommufd_access_destroy_object+0x65/0x170 [ 230.078920] iommufd_object_destroy_user+0x18e/0x220 [ 230.079469] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 230.080086] iommufd_access_destroy+0x43/0x70 [ 230.080564] iommufd_test_staccess_release+0x8d/0xd0 [ 230.081105] __fput+0x26d/0xa40 [ 230.081466] ____fput+0x1e/0x30 [ 230.081815] task_work_run+0x1a4/0x2d0 [ 230.082232] ? __pfx_task_work_run+0x10/0x10 [ 230.082760] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.083287] ? switch_task_namespaces+0xa9/0xe0 [ 230.083782] do_exit+0xb17/0x2ef0 [ 230.084137] ? lock_acquire+0x427/0x4c0 [ 230.084561] ? __pfx_lock_release+0x10/0x10 [ 230.085020] ? __kasan_check_write+0x18/0x20 [ 230.085489] ? do_raw_spin_lock+0x132/0x2a0 [ 230.085941] ? __pfx_do_exit+0x10/0x10 [ 230.086356] ? debug_smp_processor_id+0x20/0x30 [ 230.086873] ? rcu_is_watching+0x19/0xb0 [ 230.087316] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.087799] ? trace_hardirqs_on+0x26/0x120 [ 230.088251] do_group_exit+0xe0/0x2b0 [ 230.088649] __x64_sys_exit_group+0x47/0x50 [ 230.089099] do_syscall_64+0x3b/0x90 [ 230.089493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.090026] RIP: 0033:0x7f4b87518a4d [ 230.090409] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.091068] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.091861] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.092585] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.093305] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.094040] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.094811] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.095586] [ 230.095832] irq event stamp: 0 [ 230.096152] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.096790] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.097637] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.098485] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.099170] ---[ end trace 0000000000000000 ]--- [ 230.100025] ------------[ cut here ]------------ [ 230.100523] WARNING: CPU: 0 PID: 2201 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 230.101589] Modules linked in: [ 230.101923] CPU: 0 PID: 2201 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.102852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.104024] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 230.104558] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 230.106423] RSP: 0018:ffff8880143a7b78 EFLAGS: 00010246 [ 230.107190] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 230.107930] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 230.108662] RBP: ffff8880143a7b98 R08: ffffed10021fe63e R09: ffffed10021fe63e [ 230.109463] R10: ffff888010ff31ef R11: ffffed10021fe63d R12: ffff888010ff3290 [ 230.110207] R13: ffff888010ff30a8 R14: ffffffffffffffff R15: ffff8880143a7c60 [ 230.110982] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 230.111830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.112432] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 230.113168] PKRU: 55555554 [ 230.113461] Call Trace: [ 230.113727] [ 230.113961] iommufd_ioas_destroy+0x53/0x70 [ 230.114419] iommufd_fops_release+0x1f7/0x370 [ 230.114916] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.115458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.115974] ? write_comp_data+0x2f/0x90 [ 230.116401] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.116927] __fput+0x26d/0xa40 [ 230.117293] ____fput+0x1e/0x30 [ 230.117644] task_work_run+0x1a4/0x2d0 [ 230.118055] ? __pfx_task_work_run+0x10/0x10 [ 230.118539] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.119039] ? switch_task_namespaces+0xa9/0xe0 [ 230.119536] do_exit+0xb17/0x2ef0 [ 230.119890] ? lock_acquire+0x427/0x4c0 [ 230.120305] ? __pfx_lock_release+0x10/0x10 [ 230.120763] ? __kasan_check_write+0x18/0x20 [ 230.121220] ? do_raw_spin_lock+0x132/0x2a0 [ 230.121671] ? __pfx_do_exit+0x10/0x10 [ 230.122084] ? debug_smp_processor_id+0x20/0x30 [ 230.122632] ? rcu_is_watching+0x19/0xb0 [ 230.123052] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.123528] ? trace_hardirqs_on+0x26/0x120 [ 230.123974] do_group_exit+0xe0/0x2b0 [ 230.124362] __x64_sys_exit_group+0x47/0x50 [ 230.124798] do_syscall_64+0x3b/0x90 [ 230.125183] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.125715] RIP: 0033:0x7f4b87518a4d [ 230.126092] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.126748] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.127544] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.128261] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.128979] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.129706] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.130429] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.131210] [ 230.131453] irq event stamp: 0 [ 230.131775] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.132406] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.133258] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.134141] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.134854] ---[ end trace 0000000000000000 ]--- [ 230.141216] ------------[ cut here ]------------ [ 230.141935] WARNING: CPU: 1 PID: 2202 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.143666] Modules linked in: [ 230.144155] CPU: 1 PID: 2202 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.145330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.146884] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.147621] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.149998] RSP: 0018:ffff888017a17bb8 EFLAGS: 00010246 [ 230.150777] RAX: 0000000000000000 RBX: ffff888015eba8a8 RCX: 0000000000000000 [ 230.151755] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 230.152709] RBP: ffff888017a17bd0 R08: ffffed1002bd7533 R09: ffffed1002bd7533 [ 230.153678] R10: ffff888015eba993 R11: ffffed1002bd7532 R12: ffff888020fee800 [ 230.154702] R13: ffff888015eba9e8 R14: ffffffff8352e670 R15: ffff888017a17e68 [ 230.155700] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.156775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.157549] CR2: 0000000020000140 CR3: 0000000013c28000 CR4: 0000000000750ee0 [ 230.158495] PKRU: 55555554 [ 230.158974] Call Trace: [ 230.159363] [ 230.159695] __iommufd_access_detach+0x1c2/0x2b0 [ 230.160390] iommufd_access_change_pt+0x149/0x270 [ 230.161089] iommufd_access_replace+0xb4/0x120 [ 230.161738] iommufd_test+0x3e5/0x37e0 [ 230.162269] ? lock_release+0x532/0x770 [ 230.162908] ? __might_fault+0x102/0x1b0 [ 230.163521] ? lock_acquire+0x427/0x4c0 [ 230.164089] ? __pfx_iommufd_test+0x10/0x10 [ 230.164659] ? __pfx_lock_release+0x10/0x10 [ 230.165243] ? __pfx_lock_acquire+0x10/0x10 [ 230.165846] ? write_comp_data+0x2f/0x90 [ 230.166416] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.167160] ? write_comp_data+0x2f/0x90 [ 230.167739] iommufd_fops_ioctl+0x37d/0x510 [ 230.168327] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.169001] ? write_comp_data+0x2f/0x90 [ 230.169579] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.170228] __x64_sys_ioctl+0x1a3/0x230 [ 230.170867] do_syscall_64+0x3b/0x90 [ 230.171438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.172149] RIP: 0033:0x7f4b8743ee5d [ 230.172656] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 230.175103] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 230.176144] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 230.177097] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 230.178060] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 230.179091] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 230.180070] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 230.181038] [ 230.181378] irq event stamp: 0 [ 230.181798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.182698] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.183842] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.184953] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.185784] ---[ end trace 0000000000000000 ]--- [ 230.190959] ------------[ cut here ]------------ [ 230.191679] WARNING: CPU: 1 PID: 2202 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.193026] Modules linked in: [ 230.193492] CPU: 1 PID: 2202 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.194791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.196321] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.197008] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.199511] RSP: 0018:ffff888017a17bd0 EFLAGS: 00010246 [ 230.200246] RAX: 0000000000000000 RBX: ffff888015eba8a8 RCX: 0000000000000000 [ 230.201209] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 230.202154] RBP: ffff888017a17be8 R08: ffffed1002bd7533 R09: ffffed1002bd7533 [ 230.203191] R10: ffff888015eba993 R11: ffffed1002bd7532 R12: ffff888012e92400 [ 230.204159] R13: ffff888015eba9e8 R14: ffff88800fd8bf00 R15: 0000000000000000 [ 230.205128] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.206200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.207045] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 230.208025] PKRU: 55555554 [ 230.208548] Call Trace: [ 230.208933] [ 230.209243] iommufd_access_destroy_object+0x65/0x170 [ 230.209940] iommufd_object_destroy_user+0x18e/0x220 [ 230.210679] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 230.211500] iommufd_access_destroy+0x43/0x70 [ 230.212132] iommufd_test_staccess_release+0x8d/0xd0 [ 230.212827] __fput+0x26d/0xa40 [ 230.213299] ____fput+0x1e/0x30 [ 230.213762] task_work_run+0x1a4/0x2d0 [ 230.214302] ? __pfx_task_work_run+0x10/0x10 [ 230.214952] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.215672] ? switch_task_namespaces+0xa9/0xe0 [ 230.216324] do_exit+0xb17/0x2ef0 [ 230.216791] ? lock_acquire+0x427/0x4c0 [ 230.217337] ? __pfx_lock_release+0x10/0x10 [ 230.217920] ? __kasan_check_write+0x18/0x20 [ 230.218564] ? do_raw_spin_lock+0x132/0x2a0 [ 230.219190] ? __pfx_do_exit+0x10/0x10 [ 230.219732] ? debug_smp_processor_id+0x20/0x30 [ 230.220360] ? rcu_is_watching+0x19/0xb0 [ 230.220908] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.221520] ? trace_hardirqs_on+0x26/0x120 [ 230.222114] do_group_exit+0xe0/0x2b0 [ 230.222686] __x64_sys_exit_group+0x47/0x50 [ 230.223305] do_syscall_64+0x3b/0x90 [ 230.223824] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.224518] RIP: 0033:0x7f4b87518a4d [ 230.225013] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.225822] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.226854] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.227834] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.228774] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.229781] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.230981] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.231974] [ 230.232296] irq event stamp: 0 [ 230.232717] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.233600] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.234909] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.236070] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.236912] ---[ end trace 0000000000000000 ]--- [ 230.238236] ------------[ cut here ]------------ [ 230.239049] WARNING: CPU: 1 PID: 2202 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 230.240432] Modules linked in: [ 230.240874] CPU: 1 PID: 2202 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.242028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.244012] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 230.244728] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 230.247419] RSP: 0018:ffff888017a17b78 EFLAGS: 00010246 [ 230.248152] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 230.249091] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 230.250041] RBP: ffff888017a17b98 R08: ffffed1002bd753e R09: ffffed1002bd753e [ 230.251304] R10: ffff888015eba9ef R11: ffffed1002bd753d R12: ffff888015ebaa90 [ 230.252263] R13: ffff888015eba8a8 R14: ffffffffffffffff R15: ffff888017a17c60 [ 230.253216] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.254280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.255389] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 230.256350] PKRU: 55555554 [ 230.256755] Call Trace: [ 230.257117] [ 230.257441] iommufd_ioas_destroy+0x53/0x70 [ 230.258040] iommufd_fops_release+0x1f7/0x370 [ 230.258727] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.259462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.260171] ? write_comp_data+0x2f/0x90 [ 230.260876] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.261540] __fput+0x26d/0xa40 [ 230.262000] ____fput+0x1e/0x30 [ 230.262451] task_work_run+0x1a4/0x2d0 [ 230.263053] ? __pfx_task_work_run+0x10/0x10 [ 230.263841] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.264497] ? switch_task_namespaces+0xa9/0xe0 [ 230.265129] do_exit+0xb17/0x2ef0 [ 230.265595] ? lock_acquire+0x427/0x4c0 [ 230.266139] ? __pfx_lock_release+0x10/0x10 [ 230.266989] ? __kasan_check_write+0x18/0x20 [ 230.267613] ? do_raw_spin_lock+0x132/0x2a0 [ 230.268184] ? __pfx_do_exit+0x10/0x10 [ 230.268713] ? debug_smp_processor_id+0x20/0x30 [ 230.269328] ? rcu_is_watching+0x19/0xb0 [ 230.269870] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.270715] ? trace_hardirqs_on+0x26/0x120 [ 230.271328] do_group_exit+0xe0/0x2b0 [ 230.271836] __x64_sys_exit_group+0x47/0x50 [ 230.272407] do_syscall_64+0x3b/0x90 [ 230.272920] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.273731] RIP: 0033:0x7f4b87518a4d [ 230.274279] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.275155] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.276159] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.277196] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.278243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.279275] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.280212] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.281263] [ 230.281680] irq event stamp: 0 [ 230.282097] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.282959] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.284080] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.285370] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.286190] ---[ end trace 0000000000000000 ]--- [ 230.293610] ------------[ cut here ]------------ [ 230.294296] WARNING: CPU: 1 PID: 2203 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.296201] Modules linked in: [ 230.296645] CPU: 1 PID: 2203 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.297791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.299600] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.300288] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.302967] RSP: 0018:ffff88800bc4fbb8 EFLAGS: 00010246 [ 230.303706] RAX: 0000000000000000 RBX: ffff888010b9d8a8 RCX: 0000000000000000 [ 230.304676] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 230.305639] RBP: ffff88800bc4fbd0 R08: ffffed1002173b33 R09: ffffed1002173b33 [ 230.306673] R10: ffff888010b9d993 R11: ffffed1002173b32 R12: ffff888017065400 [ 230.307885] R13: ffff888010b9d9e8 R14: ffffffff8352e670 R15: ffff88800bc4fe68 [ 230.308862] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.309951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.310793] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 230.311905] PKRU: 55555554 [ 230.312413] Call Trace: [ 230.312757] [ 230.313058] __iommufd_access_detach+0x1c2/0x2b0 [ 230.313713] iommufd_access_change_pt+0x149/0x270 [ 230.314394] iommufd_access_replace+0xb4/0x120 [ 230.315109] iommufd_test+0x3e5/0x37e0 [ 230.315875] ? lock_release+0x532/0x770 [ 230.316442] ? __might_fault+0x102/0x1b0 [ 230.317014] ? lock_acquire+0x427/0x4c0 [ 230.317568] ? __pfx_iommufd_test+0x10/0x10 [ 230.318159] ? __pfx_lock_release+0x10/0x10 [ 230.318821] ? __pfx_lock_acquire+0x10/0x10 [ 230.319452] ? write_comp_data+0x2f/0x90 [ 230.320021] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.320697] ? write_comp_data+0x2f/0x90 [ 230.321660] iommufd_fops_ioctl+0x37d/0x510 [ 230.322301] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.323059] ? write_comp_data+0x2f/0x90 [ 230.323661] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.324310] __x64_sys_ioctl+0x1a3/0x230 [ 230.324875] do_syscall_64+0x3b/0x90 [ 230.325391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.326098] RIP: 0033:0x7f4b8743ee5d [ 230.326885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 230.329367] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 230.330371] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 230.331618] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 230.332591] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 230.333554] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 230.334577] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 230.335601] [ 230.335931] irq event stamp: 0 [ 230.336493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.337468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.338646] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.339900] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.340876] ---[ end trace 0000000000000000 ]--- [ 230.346377] ------------[ cut here ]------------ [ 230.347135] WARNING: CPU: 1 PID: 2203 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.348716] Modules linked in: [ 230.349161] CPU: 1 PID: 2203 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.350320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.352134] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.352834] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.355568] RSP: 0018:ffff88800bc4fbd0 EFLAGS: 00010246 [ 230.356293] RAX: 0000000000000000 RBX: ffff888010b9d8a8 RCX: 0000000000000000 [ 230.357367] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 230.358414] RBP: ffff88800bc4fbe8 R08: ffffed1002173b33 R09: ffffed1002173b33 [ 230.359393] R10: ffff888010b9d993 R11: ffffed1002173b32 R12: ffff888020fefc00 [ 230.360456] R13: ffff888010b9d9e8 R14: ffff88800fa1fd00 R15: 0000000000000000 [ 230.361528] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.362657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.363489] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 230.364597] PKRU: 55555554 [ 230.364998] Call Trace: [ 230.365353] [ 230.365673] iommufd_access_destroy_object+0x65/0x170 [ 230.366419] iommufd_object_destroy_user+0x18e/0x220 [ 230.367333] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 230.368138] iommufd_access_destroy+0x43/0x70 [ 230.368767] iommufd_test_staccess_release+0x8d/0xd0 [ 230.369472] __fput+0x26d/0xa40 [ 230.370164] ____fput+0x1e/0x30 [ 230.370698] task_work_run+0x1a4/0x2d0 [ 230.371316] ? __pfx_task_work_run+0x10/0x10 [ 230.371936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.372611] ? switch_task_namespaces+0xa9/0xe0 [ 230.373481] do_exit+0xb17/0x2ef0 [ 230.373961] ? lock_acquire+0x427/0x4c0 [ 230.374587] ? __pfx_lock_release+0x10/0x10 [ 230.375191] ? __kasan_check_write+0x18/0x20 [ 230.375784] ? do_raw_spin_lock+0x132/0x2a0 [ 230.376470] ? __pfx_do_exit+0x10/0x10 [ 230.377105] ? debug_smp_processor_id+0x20/0x30 [ 230.377726] ? rcu_is_watching+0x19/0xb0 [ 230.378266] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.379008] ? trace_hardirqs_on+0x26/0x120 [ 230.379730] do_group_exit+0xe0/0x2b0 [ 230.380239] __x64_sys_exit_group+0x47/0x50 [ 230.380808] do_syscall_64+0x3b/0x90 [ 230.381316] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.382049] RIP: 0033:0x7f4b87518a4d [ 230.382753] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.383580] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.384569] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.385705] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.386686] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.387656] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.388808] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.389750] [ 230.390066] irq event stamp: 0 [ 230.390486] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.391431] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.392651] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.393753] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.394885] ---[ end trace 0000000000000000 ]--- [ 230.396339] ------------[ cut here ]------------ [ 230.397033] WARNING: CPU: 1 PID: 2203 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 230.398638] Modules linked in: [ 230.399081] CPU: 1 PID: 2203 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.400251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.401905] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 230.402666] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 230.405305] RSP: 0018:ffff88800bc4fb78 EFLAGS: 00010246 [ 230.406008] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 230.407006] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 230.407968] RBP: ffff88800bc4fb98 R08: ffffed1002173b3e R09: ffffed1002173b3e [ 230.409149] R10: ffff888010b9d9ef R11: ffffed1002173b3d R12: ffff888010b9da90 [ 230.410075] R13: ffff888010b9d8a8 R14: ffffffffffffffff R15: ffff88800bc4fc60 [ 230.411064] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.412145] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.412966] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 230.414084] PKRU: 55555554 [ 230.414462] Call Trace: [ 230.414865] [ 230.415201] iommufd_ioas_destroy+0x53/0x70 [ 230.415792] iommufd_fops_release+0x1f7/0x370 [ 230.416401] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.417068] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.417802] ? write_comp_data+0x2f/0x90 [ 230.418461] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.419192] __fput+0x26d/0xa40 [ 230.419669] ____fput+0x1e/0x30 [ 230.420127] task_work_run+0x1a4/0x2d0 [ 230.420661] ? __pfx_task_work_run+0x10/0x10 [ 230.421259] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.421909] ? switch_task_namespaces+0xa9/0xe0 [ 230.422783] do_exit+0xb17/0x2ef0 [ 230.423263] ? lock_acquire+0x427/0x4c0 [ 230.423793] ? __pfx_lock_release+0x10/0x10 [ 230.424356] ? __kasan_check_write+0x18/0x20 [ 230.424926] ? do_raw_spin_lock+0x132/0x2a0 [ 230.425481] ? __pfx_do_exit+0x10/0x10 [ 230.425994] ? debug_smp_processor_id+0x20/0x30 [ 230.426675] ? rcu_is_watching+0x19/0xb0 [ 230.427390] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.427985] ? trace_hardirqs_on+0x26/0x120 [ 230.428553] do_group_exit+0xe0/0x2b0 [ 230.429046] __x64_sys_exit_group+0x47/0x50 [ 230.429601] do_syscall_64+0x3b/0x90 [ 230.430098] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.430836] RIP: 0033:0x7f4b87518a4d [ 230.431340] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.432125] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.433252] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.434155] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.435128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.436048] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.437157] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.438079] [ 230.438391] irq event stamp: 0 [ 230.438855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.439733] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.440881] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.441938] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.442869] ---[ end trace 0000000000000000 ]--- [ 230.449788] ------------[ cut here ]------------ [ 230.450428] WARNING: CPU: 1 PID: 2204 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.451785] Modules linked in: [ 230.452210] CPU: 1 PID: 2204 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.453314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.454770] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.455438] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.457725] RSP: 0018:ffff88801632fbb8 EFLAGS: 00010246 [ 230.458405] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 230.459392] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 230.460320] RBP: ffff88801632fbd0 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 230.461222] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff888010e00400 [ 230.462115] R13: ffff88801609b1e8 R14: ffffffff8352e670 R15: ffff88801632fe68 [ 230.463053] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.464096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.464840] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 230.465747] PKRU: 55555554 [ 230.466118] Call Trace: [ 230.466450] [ 230.466789] __iommufd_access_detach+0x1c2/0x2b0 [ 230.467462] iommufd_access_change_pt+0x149/0x270 [ 230.468102] iommufd_access_replace+0xb4/0x120 [ 230.468706] iommufd_test+0x3e5/0x37e0 [ 230.469208] ? lock_release+0x532/0x770 [ 230.469735] ? __might_fault+0x102/0x1b0 [ 230.470274] ? lock_acquire+0x427/0x4c0 [ 230.470846] ? __pfx_iommufd_test+0x10/0x10 [ 230.471447] ? __pfx_lock_release+0x10/0x10 [ 230.472024] ? __pfx_lock_acquire+0x10/0x10 [ 230.472598] ? write_comp_data+0x2f/0x90 [ 230.473139] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.473776] ? write_comp_data+0x2f/0x90 [ 230.474319] iommufd_fops_ioctl+0x37d/0x510 [ 230.474941] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.475609] ? write_comp_data+0x2f/0x90 [ 230.476155] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.476789] __x64_sys_ioctl+0x1a3/0x230 [ 230.477335] do_syscall_64+0x3b/0x90 [ 230.477838] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.478568] RIP: 0033:0x7f4b8743ee5d [ 230.479061] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 230.481386] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 230.482357] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 230.483354] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 230.484274] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 230.485184] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 230.486091] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 230.487090] [ 230.487425] irq event stamp: 0 [ 230.487837] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.488643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.489922] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.491047] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.491957] ---[ end trace 0000000000000000 ]--- [ 230.496954] ------------[ cut here ]------------ [ 230.497595] WARNING: CPU: 1 PID: 2204 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.499090] Modules linked in: [ 230.499535] CPU: 1 PID: 2204 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.500652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.502253] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.502948] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.505284] RSP: 0018:ffff88801632fbd0 EFLAGS: 00010246 [ 230.505966] RAX: 0000000000000000 RBX: ffff88801609b0a8 RCX: 0000000000000000 [ 230.506919] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 230.507840] RBP: ffff88801632fbe8 R08: ffffed1002c13633 R09: ffffed1002c13633 [ 230.508747] R10: ffff88801609b193 R11: ffffed1002c13632 R12: ffff888017067400 [ 230.509652] R13: ffff88801609b1e8 R14: ffff8880100bbc00 R15: 0000000000000000 [ 230.510621] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.511678] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.512425] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 230.513347] PKRU: 55555554 [ 230.513723] Call Trace: [ 230.514057] [ 230.514357] iommufd_access_destroy_object+0x65/0x170 [ 230.515090] iommufd_object_destroy_user+0x18e/0x220 [ 230.515781] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 230.516534] iommufd_access_destroy+0x43/0x70 [ 230.517129] iommufd_test_staccess_release+0x8d/0xd0 [ 230.517796] __fput+0x26d/0xa40 [ 230.518244] ____fput+0x1e/0x30 [ 230.518740] task_work_run+0x1a4/0x2d0 [ 230.519289] ? __pfx_task_work_run+0x10/0x10 [ 230.519869] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.520507] ? switch_task_namespaces+0xa9/0xe0 [ 230.521127] do_exit+0xb17/0x2ef0 [ 230.521583] ? lock_acquire+0x427/0x4c0 [ 230.522114] ? __pfx_lock_release+0x10/0x10 [ 230.522734] ? __kasan_check_write+0x18/0x20 [ 230.523343] ? do_raw_spin_lock+0x132/0x2a0 [ 230.523944] ? __pfx_do_exit+0x10/0x10 [ 230.524465] ? debug_smp_processor_id+0x20/0x30 [ 230.525069] ? rcu_is_watching+0x19/0xb0 [ 230.525598] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.526195] ? trace_hardirqs_on+0x26/0x120 [ 230.526818] do_group_exit+0xe0/0x2b0 [ 230.527350] __x64_sys_exit_group+0x47/0x50 [ 230.527902] do_syscall_64+0x3b/0x90 [ 230.528400] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.529094] RIP: 0033:0x7f4b87518a4d [ 230.529603] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.530423] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.531531] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.532485] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.533436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.534378] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.535391] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.536359] [ 230.536684] irq event stamp: 0 [ 230.537110] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.537952] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.539135] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.540253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.541097] ---[ end trace 0000000000000000 ]--- [ 230.542429] ------------[ cut here ]------------ [ 230.543156] WARNING: CPU: 1 PID: 2204 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 230.544539] Modules linked in: [ 230.544978] CPU: 1 PID: 2204 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.546146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.547751] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 230.548461] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 230.550955] RSP: 0018:ffff88801632fb78 EFLAGS: 00010246 [ 230.551706] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 230.552663] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 230.553610] RBP: ffff88801632fb98 R08: ffffed1002c1363e R09: ffffed1002c1363e [ 230.554622] R10: ffff88801609b1ef R11: ffffed1002c1363d R12: ffff88801609b290 [ 230.555609] R13: ffff88801609b0a8 R14: ffffffffffffffff R15: ffff88801632fc60 [ 230.556562] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.557631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.558406] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 230.559456] PKRU: 55555554 [ 230.559851] Call Trace: [ 230.560209] [ 230.560525] iommufd_ioas_destroy+0x53/0x70 [ 230.561130] iommufd_fops_release+0x1f7/0x370 [ 230.561759] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.562444] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.563203] ? write_comp_data+0x2f/0x90 [ 230.563792] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.564471] __fput+0x26d/0xa40 [ 230.564941] ____fput+0x1e/0x30 [ 230.565412] task_work_run+0x1a4/0x2d0 [ 230.565956] ? __pfx_task_work_run+0x10/0x10 [ 230.566628] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.567354] ? switch_task_namespaces+0xa9/0xe0 [ 230.568029] do_exit+0xb17/0x2ef0 [ 230.568524] ? lock_acquire+0x427/0x4c0 [ 230.569098] ? __pfx_lock_release+0x10/0x10 [ 230.569724] ? __kasan_check_write+0x18/0x20 [ 230.570346] ? do_raw_spin_lock+0x132/0x2a0 [ 230.571027] ? __pfx_do_exit+0x10/0x10 [ 230.571630] ? debug_smp_processor_id+0x20/0x30 [ 230.572296] ? rcu_is_watching+0x19/0xb0 [ 230.572872] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.573516] ? trace_hardirqs_on+0x26/0x120 [ 230.574132] do_group_exit+0xe0/0x2b0 [ 230.574744] __x64_sys_exit_group+0x47/0x50 [ 230.575376] do_syscall_64+0x3b/0x90 [ 230.575916] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.576653] RIP: 0033:0x7f4b87518a4d [ 230.577198] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.578054] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.579196] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.580205] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.581233] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.582220] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.583308] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.584322] [ 230.584699] irq event stamp: 0 [ 230.585159] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.586035] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.587297] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.588460] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.589335] ---[ end trace 0000000000000000 ]--- [ 230.596989] ------------[ cut here ]------------ [ 230.597703] WARNING: CPU: 1 PID: 2205 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.599601] Modules linked in: [ 230.600084] CPU: 1 PID: 2205 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.601287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.602902] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.603639] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.606151] RSP: 0018:ffff888010dc7bb8 EFLAGS: 00010246 [ 230.606967] RAX: 0000000000000000 RBX: ffff888010b7b8a8 RCX: 0000000000000000 [ 230.607982] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 230.608969] RBP: ffff888010dc7bd0 R08: ffffed100216f733 R09: ffffed100216f733 [ 230.609954] R10: ffff888010b7b993 R11: ffffed100216f732 R12: ffff88801341d800 [ 230.611006] R13: ffff888010b7b9e8 R14: ffffffff8352e670 R15: ffff888010dc7e68 [ 230.612043] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.613204] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.614012] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 230.615086] PKRU: 55555554 [ 230.615528] Call Trace: [ 230.615894] [ 230.616223] __iommufd_access_detach+0x1c2/0x2b0 [ 230.616913] iommufd_access_change_pt+0x149/0x270 [ 230.617605] iommufd_access_replace+0xb4/0x120 [ 230.618263] iommufd_test+0x3e5/0x37e0 [ 230.618881] ? lock_release+0x532/0x770 [ 230.619489] ? __might_fault+0x102/0x1b0 [ 230.620072] ? lock_acquire+0x427/0x4c0 [ 230.620646] ? __pfx_iommufd_test+0x10/0x10 [ 230.621250] ? __pfx_lock_release+0x10/0x10 [ 230.621872] ? __pfx_lock_acquire+0x10/0x10 [ 230.622489] ? write_comp_data+0x2f/0x90 [ 230.623219] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.623920] ? write_comp_data+0x2f/0x90 [ 230.624507] iommufd_fops_ioctl+0x37d/0x510 [ 230.625121] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.625813] ? write_comp_data+0x2f/0x90 [ 230.626407] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.627190] __x64_sys_ioctl+0x1a3/0x230 [ 230.627812] do_syscall_64+0x3b/0x90 [ 230.628370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.629121] RIP: 0033:0x7f4b8743ee5d [ 230.629660] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 230.632375] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 230.633479] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 230.634560] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 230.635606] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 230.636623] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 230.637638] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 230.638754] [ 230.639114] irq event stamp: 0 [ 230.639598] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.640504] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.641702] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.642972] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.643906] ---[ end trace 0000000000000000 ]--- [ 230.649116] ------------[ cut here ]------------ [ 230.649836] WARNING: CPU: 1 PID: 2205 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.651434] Modules linked in: [ 230.651915] CPU: 1 PID: 2205 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.653174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.654842] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.655590] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.658153] RSP: 0018:ffff888010dc7bd0 EFLAGS: 00010246 [ 230.658985] RAX: 0000000000000000 RBX: ffff888010b7b8a8 RCX: 0000000000000000 [ 230.660044] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 230.661059] RBP: ffff888010dc7be8 R08: ffffed100216f733 R09: ffffed100216f733 [ 230.662061] R10: ffff888010b7b993 R11: ffffed100216f732 R12: ffff888010e00800 [ 230.663143] R13: ffff888010b7b9e8 R14: ffff888010a93200 R15: 0000000000000000 [ 230.664159] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.665307] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.666135] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 230.667246] PKRU: 55555554 [ 230.667676] Call Trace: [ 230.668054] [ 230.668387] iommufd_access_destroy_object+0x65/0x170 [ 230.669144] iommufd_object_destroy_user+0x18e/0x220 [ 230.669865] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 230.670760] iommufd_access_destroy+0x43/0x70 [ 230.671467] iommufd_test_staccess_release+0x8d/0xd0 [ 230.672219] __fput+0x26d/0xa40 [ 230.672710] ____fput+0x1e/0x30 [ 230.673188] task_work_run+0x1a4/0x2d0 [ 230.673752] ? __pfx_task_work_run+0x10/0x10 [ 230.674377] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.675170] ? switch_task_namespaces+0xa9/0xe0 [ 230.675870] do_exit+0xb17/0x2ef0 [ 230.676382] ? lock_acquire+0x427/0x4c0 [ 230.676983] ? __pfx_lock_release+0x10/0x10 [ 230.677608] ? __kasan_check_write+0x18/0x20 [ 230.678242] ? do_raw_spin_lock+0x132/0x2a0 [ 230.678950] ? __pfx_do_exit+0x10/0x10 [ 230.679573] ? debug_smp_processor_id+0x20/0x30 [ 230.680250] ? rcu_is_watching+0x19/0xb0 [ 230.680832] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.681480] ? trace_hardirqs_on+0x26/0x120 [ 230.682106] do_group_exit+0xe0/0x2b0 [ 230.682732] __x64_sys_exit_group+0x47/0x50 [ 230.683381] do_syscall_64+0x3b/0x90 [ 230.683938] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.684698] RIP: 0033:0x7f4b87518a4d [ 230.685235] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.686094] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.687220] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.688248] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.689278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.690316] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.691445] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.692492] [ 230.692840] irq event stamp: 0 [ 230.693299] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.694202] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.695489] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.696711] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.697624] ---[ end trace 0000000000000000 ]--- [ 230.699185] ------------[ cut here ]------------ [ 230.699891] WARNING: CPU: 1 PID: 2205 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 230.701352] Modules linked in: [ 230.701819] CPU: 1 PID: 2205 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.703151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.704775] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 230.705530] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 230.708156] RSP: 0018:ffff888010dc7b78 EFLAGS: 00010246 [ 230.708929] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 230.709956] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 230.711061] RBP: ffff888010dc7b98 R08: ffffed100216f73e R09: ffffed100216f73e [ 230.712125] R10: ffff888010b7b9ef R11: ffffed100216f73d R12: ffff888010b7ba90 [ 230.713147] R13: ffff888010b7b8a8 R14: ffffffffffffffff R15: ffff888010dc7c60 [ 230.714175] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.715423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.716264] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 230.717293] PKRU: 55555554 [ 230.717712] Call Trace: [ 230.718089] [ 230.718424] iommufd_ioas_destroy+0x53/0x70 [ 230.719152] iommufd_fops_release+0x1f7/0x370 [ 230.719834] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.720559] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.721271] ? write_comp_data+0x2f/0x90 [ 230.721874] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.722658] __fput+0x26d/0xa40 [ 230.723196] ____fput+0x1e/0x30 [ 230.723690] task_work_run+0x1a4/0x2d0 [ 230.724269] ? __pfx_task_work_run+0x10/0x10 [ 230.724916] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.725625] ? switch_task_namespaces+0xa9/0xe0 [ 230.726318] do_exit+0xb17/0x2ef0 [ 230.726890] ? lock_acquire+0x427/0x4c0 [ 230.727519] ? __pfx_lock_release+0x10/0x10 [ 230.728156] ? __kasan_check_write+0x18/0x20 [ 230.728806] ? do_raw_spin_lock+0x132/0x2a0 [ 230.729435] ? __pfx_do_exit+0x10/0x10 [ 230.730016] ? debug_smp_processor_id+0x20/0x30 [ 230.730772] ? rcu_is_watching+0x19/0xb0 [ 230.731398] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.732065] ? trace_hardirqs_on+0x26/0x120 [ 230.732704] do_group_exit+0xe0/0x2b0 [ 230.733259] __x64_sys_exit_group+0x47/0x50 [ 230.733879] do_syscall_64+0x3b/0x90 [ 230.734430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.735270] RIP: 0033:0x7f4b87518a4d [ 230.735824] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.736727] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.737816] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.738921] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.739985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.741014] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.742034] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.743153] [ 230.743518] irq event stamp: 0 [ 230.743981] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.744887] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.746345] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.747721] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.748591] ---[ end trace 0000000000000000 ]--- [ 230.756752] ------------[ cut here ]------------ [ 230.757486] WARNING: CPU: 1 PID: 2206 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.759232] Modules linked in: [ 230.759686] CPU: 1 PID: 2206 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.760872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.762714] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.763431] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.766073] RSP: 0018:ffff88801632fbb8 EFLAGS: 00010246 [ 230.766857] RAX: 0000000000000000 RBX: ffff888023dad8a8 RCX: 0000000000000000 [ 230.767850] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 230.768767] RBP: ffff88801632fbd0 R08: ffffed10047b5b33 R09: ffffed10047b5b33 [ 230.769915] R10: ffff888023dad993 R11: ffffed10047b5b32 R12: ffff88800f9f7800 [ 230.770948] R13: ffff888023dad9e8 R14: ffffffff8352e670 R15: ffff88801632fe68 [ 230.771916] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.773047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.773973] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 230.774994] PKRU: 55555554 [ 230.775408] Call Trace: [ 230.775766] [ 230.776082] __iommufd_access_detach+0x1c2/0x2b0 [ 230.776811] iommufd_access_change_pt+0x149/0x270 [ 230.777602] iommufd_access_replace+0xb4/0x120 [ 230.778245] iommufd_test+0x3e5/0x37e0 [ 230.778835] ? lock_release+0x532/0x770 [ 230.779414] ? __might_fault+0x102/0x1b0 [ 230.779980] ? lock_acquire+0x427/0x4c0 [ 230.780610] ? __pfx_iommufd_test+0x10/0x10 [ 230.781290] ? __pfx_lock_release+0x10/0x10 [ 230.781894] ? __pfx_lock_acquire+0x10/0x10 [ 230.782501] ? write_comp_data+0x2f/0x90 [ 230.783146] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.783829] ? write_comp_data+0x2f/0x90 [ 230.784608] iommufd_fops_ioctl+0x37d/0x510 [ 230.785208] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.785887] ? write_comp_data+0x2f/0x90 [ 230.786459] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.787203] __x64_sys_ioctl+0x1a3/0x230 [ 230.787838] do_syscall_64+0x3b/0x90 [ 230.788489] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.789204] RIP: 0033:0x7f4b8743ee5d [ 230.789715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 230.792425] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 230.793453] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 230.794416] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 230.795666] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 230.796630] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 230.797588] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 230.798619] [ 230.799139] irq event stamp: 0 [ 230.799580] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.800440] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.801581] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.802976] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.803858] ---[ end trace 0000000000000000 ]--- [ 230.813109] ------------[ cut here ]------------ [ 230.814049] WARNING: CPU: 1 PID: 2206 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.815649] Modules linked in: [ 230.816122] CPU: 1 PID: 2206 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.817405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.819097] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.819818] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.822489] RSP: 0018:ffff88801632fbd0 EFLAGS: 00010246 [ 230.823296] RAX: 0000000000000000 RBX: ffff888023dad8a8 RCX: 0000000000000000 [ 230.824263] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 230.825426] RBP: ffff88801632fbe8 R08: ffffed10047b5b33 R09: ffffed10047b5b33 [ 230.826390] R10: ffff888023dad993 R11: ffffed10047b5b32 R12: ffff88801341f000 [ 230.827429] R13: ffff888023dad9e8 R14: ffff888010d0fa00 R15: 0000000000000000 [ 230.828444] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.829700] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.830491] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 230.831541] PKRU: 55555554 [ 230.831933] Call Trace: [ 230.832363] [ 230.832819] iommufd_access_destroy_object+0x65/0x170 [ 230.833544] iommufd_object_destroy_user+0x18e/0x220 [ 230.834254] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 230.835135] iommufd_access_destroy+0x43/0x70 [ 230.835778] iommufd_test_staccess_release+0x8d/0xd0 [ 230.836596] __fput+0x26d/0xa40 [ 230.837198] ____fput+0x1e/0x30 [ 230.837668] task_work_run+0x1a4/0x2d0 [ 230.838218] ? __pfx_task_work_run+0x10/0x10 [ 230.838883] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.839595] ? switch_task_namespaces+0xa9/0xe0 [ 230.840361] do_exit+0xb17/0x2ef0 [ 230.840951] ? lock_acquire+0x427/0x4c0 [ 230.841508] ? __pfx_lock_release+0x10/0x10 [ 230.842107] ? __kasan_check_write+0x18/0x20 [ 230.842883] ? do_raw_spin_lock+0x132/0x2a0 [ 230.843567] ? __pfx_do_exit+0x10/0x10 [ 230.844120] ? debug_smp_processor_id+0x20/0x30 [ 230.844765] ? rcu_is_watching+0x19/0xb0 [ 230.845441] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.846158] ? trace_hardirqs_on+0x26/0x120 [ 230.846805] do_group_exit+0xe0/0x2b0 [ 230.847363] __x64_sys_exit_group+0x47/0x50 [ 230.848073] do_syscall_64+0x3b/0x90 [ 230.848699] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.849423] RIP: 0033:0x7f4b87518a4d [ 230.849938] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.851026] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.852089] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.853177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.854222] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.855242] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.856381] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.857358] [ 230.857682] irq event stamp: 0 [ 230.858283] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.859201] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.860386] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.861580] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.862442] ---[ end trace 0000000000000000 ]--- [ 230.864085] ------------[ cut here ]------------ [ 230.864757] WARNING: CPU: 1 PID: 2206 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 230.866129] Modules linked in: [ 230.866627] CPU: 1 PID: 2206 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.867834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.869357] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 230.870062] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 230.873127] RSP: 0018:ffff88801632fb78 EFLAGS: 00010246 [ 230.873883] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 230.874908] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 230.875894] RBP: ffff88801632fb98 R08: ffffed10047b5b3e R09: ffffed10047b5b3e [ 230.876861] R10: ffff888023dad9ef R11: ffffed10047b5b3d R12: ffff888023dada90 [ 230.877826] R13: ffff888023dad8a8 R14: ffffffffffffffff R15: ffff88801632fc60 [ 230.878846] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.879959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.880754] CR2: 00007f4b875fca50 CR3: 0000000014928000 CR4: 0000000000750ee0 [ 230.881737] PKRU: 55555554 [ 230.882138] Call Trace: [ 230.882496] [ 230.882883] iommufd_ioas_destroy+0x53/0x70 [ 230.883508] iommufd_fops_release+0x1f7/0x370 [ 230.884138] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.884831] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.885511] ? write_comp_data+0x2f/0x90 [ 230.886087] ? __pfx_iommufd_fops_release+0x10/0x10 [ 230.886834] __fput+0x26d/0xa40 [ 230.887354] ____fput+0x1e/0x30 [ 230.887826] task_work_run+0x1a4/0x2d0 [ 230.888380] ? __pfx_task_work_run+0x10/0x10 [ 230.888995] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.889673] ? switch_task_namespaces+0xa9/0xe0 [ 230.890328] do_exit+0xb17/0x2ef0 [ 230.890852] ? lock_acquire+0x427/0x4c0 [ 230.891423] ? __pfx_lock_release+0x10/0x10 [ 230.892024] ? __kasan_check_write+0x18/0x20 [ 230.892634] ? do_raw_spin_lock+0x132/0x2a0 [ 230.893228] ? __pfx_do_exit+0x10/0x10 [ 230.893777] ? debug_smp_processor_id+0x20/0x30 [ 230.894422] ? rcu_is_watching+0x19/0xb0 [ 230.895030] ? _raw_spin_unlock_irq+0x2b/0x60 [ 230.895683] ? trace_hardirqs_on+0x26/0x120 [ 230.896299] do_group_exit+0xe0/0x2b0 [ 230.896842] __x64_sys_exit_group+0x47/0x50 [ 230.897434] do_syscall_64+0x3b/0x90 [ 230.897970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.898751] RIP: 0033:0x7f4b87518a4d [ 230.899290] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 230.900129] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 230.901155] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 230.902088] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 230.903099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 230.904086] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 230.905056] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 230.906039] [ 230.906369] irq event stamp: 0 [ 230.906859] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.907748] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.908892] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.910016] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.910940] ---[ end trace 0000000000000000 ]--- [ 230.917983] ------------[ cut here ]------------ [ 230.918721] WARNING: CPU: 1 PID: 2207 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.920117] Modules linked in: [ 230.920562] CPU: 1 PID: 2207 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.921735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.923274] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.923955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.926371] RSP: 0018:ffff888014697bb8 EFLAGS: 00010246 [ 230.927139] RAX: 0000000000000000 RBX: ffff8880123dc0a8 RCX: 0000000000000000 [ 230.928110] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 230.929045] RBP: ffff888014697bd0 R08: ffffed100247b833 R09: ffffed100247b833 [ 230.929998] R10: ffff8880123dc193 R11: ffffed100247b832 R12: ffff88800f10a400 [ 230.930996] R13: ffff8880123dc1e8 R14: ffffffff8352e670 R15: ffff888014697e68 [ 230.931338] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5462 of 7281 items, 4194304 file size, 767 bytes per hash table item), suggesting rotation. [ 230.931979] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.934090] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 230.935184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.935206] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 230.938376] PKRU: 55555554 [ 230.938803] Call Trace: [ 230.939181] [ 230.939503] __iommufd_access_detach+0x1c2/0x2b0 [ 230.940165] iommufd_access_change_pt+0x149/0x270 [ 230.940835] iommufd_access_replace+0xb4/0x120 [ 230.941478] iommufd_test+0x3e5/0x37e0 [ 230.942018] ? lock_release+0x532/0x770 [ 230.942633] ? __might_fault+0x102/0x1b0 [ 230.943236] ? lock_acquire+0x427/0x4c0 [ 230.943786] ? __pfx_iommufd_test+0x10/0x10 [ 230.944360] ? __pfx_lock_release+0x10/0x10 [ 230.944957] ? __pfx_lock_acquire+0x10/0x10 [ 230.945564] ? write_comp_data+0x2f/0x90 [ 230.946126] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.946842] ? write_comp_data+0x2f/0x90 [ 230.947422] iommufd_fops_ioctl+0x37d/0x510 [ 230.948009] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.948668] ? write_comp_data+0x2f/0x90 [ 230.949224] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 230.949871] __x64_sys_ioctl+0x1a3/0x230 [ 230.950432] do_syscall_64+0x3b/0x90 [ 230.950998] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 230.951724] RIP: 0033:0x7f4b8743ee5d [ 230.952224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 230.954646] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 230.955674] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 230.956612] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 230.957546] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 230.958485] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 230.959518] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 230.960475] [ 230.960792] irq event stamp: 0 [ 230.961211] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 230.962038] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 230.963219] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 230.964319] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 230.965146] ---[ end trace 0000000000000000 ]--- [ 230.970073] ------------[ cut here ]------------ [ 230.970844] WARNING: CPU: 1 PID: 2207 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 230.972196] Modules linked in: [ 230.972626] CPU: 1 PID: 2207 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 230.973766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 230.975327] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 230.975998] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 230.978408] RSP: 0018:ffff888014697bd0 EFLAGS: 00010246 [ 230.979201] RAX: 0000000000000000 RBX: ffff8880123dc0a8 RCX: 0000000000000000 [ 230.980179] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 230.981144] RBP: ffff888014697be8 R08: ffffed100247b833 R09: ffffed100247b833 [ 230.982106] R10: ffff8880123dc193 R11: ffffed100247b832 R12: ffff88800f9f6800 [ 230.983137] R13: ffff8880123dc1e8 R14: ffff8880149b9700 R15: 0000000000000000 [ 230.984110] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 230.985452] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 230.986240] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 230.987285] PKRU: 55555554 [ 230.987684] Call Trace: [ 230.988064] [ 230.988522] iommufd_access_destroy_object+0x65/0x170 [ 230.989247] iommufd_object_destroy_user+0x18e/0x220 [ 230.989962] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 230.991023] iommufd_access_destroy+0x43/0x70 [ 230.991687] iommufd_test_staccess_release+0x8d/0xd0 [ 230.992396] __fput+0x26d/0xa40 [ 230.992835] ____fput+0x1e/0x30 [ 230.993340] task_work_run+0x1a4/0x2d0 [ 230.993995] ? __pfx_task_work_run+0x10/0x10 [ 230.994687] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 230.995398] ? switch_task_namespaces+0xa9/0xe0 [ 230.996066] do_exit+0xb17/0x2ef0 [ 230.996747] ? lock_acquire+0x427/0x4c0 [ 230.997307] ? __pfx_lock_release+0x10/0x10 [ 230.997888] ? __kasan_check_write+0x18/0x20 [ 230.998497] ? do_raw_spin_lock+0x132/0x2a0 [ 230.999363] ? __pfx_do_exit+0x10/0x10 [ 230.999914] ? debug_smp_processor_id+0x20/0x30 [ 231.000544] ? rcu_is_watching+0x19/0xb0 [ 231.001089] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.001815] ? trace_hardirqs_on+0x26/0x120 [ 231.002497] do_group_exit+0xe0/0x2b0 [ 231.003094] __x64_sys_exit_group+0x47/0x50 [ 231.003717] do_syscall_64+0x3b/0x90 [ 231.004246] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.005166] RIP: 0033:0x7f4b87518a4d [ 231.005679] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.006585] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.007849] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.008817] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.009812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.010951] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.011943] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.013118] [ 231.013450] irq event stamp: 0 [ 231.013884] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.014812] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.016177] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.017312] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.018277] ---[ end trace 0000000000000000 ]--- [ 231.019834] ------------[ cut here ]------------ [ 231.020479] WARNING: CPU: 1 PID: 2207 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 231.022074] Modules linked in: [ 231.022596] CPU: 1 PID: 2207 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.023862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.025462] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 231.026222] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 231.028994] RSP: 0018:ffff888014697b78 EFLAGS: 00010246 [ 231.029711] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 231.030684] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 231.031794] RBP: ffff888014697b98 R08: ffffed100247b83e R09: ffffed100247b83e [ 231.032860] R10: ffff8880123dc1ef R11: ffffed100247b83d R12: ffff8880123dc290 [ 231.033829] R13: ffff8880123dc0a8 R14: ffffffffffffffff R15: ffff888014697c60 [ 231.035032] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 231.036114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.036909] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 231.037991] PKRU: 55555554 [ 231.038369] Call Trace: [ 231.038772] [ 231.039090] iommufd_ioas_destroy+0x53/0x70 [ 231.039794] iommufd_fops_release+0x1f7/0x370 [ 231.040478] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.041144] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.041805] ? write_comp_data+0x2f/0x90 [ 231.042638] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.043506] __fput+0x26d/0xa40 [ 231.044184] ____fput+0x1e/0x30 [ 231.044663] task_work_run+0x1a4/0x2d0 [ 231.045213] ? __pfx_task_work_run+0x10/0x10 [ 231.045861] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.046750] ? switch_task_namespaces+0xa9/0xe0 [ 231.047442] do_exit+0xb17/0x2ef0 [ 231.047928] ? lock_acquire+0x427/0x4c0 [ 231.048467] ? __pfx_lock_release+0x10/0x10 [ 231.049229] ? __kasan_check_write+0x18/0x20 [ 231.049819] ? do_raw_spin_lock+0x132/0x2a0 [ 231.050397] ? __pfx_do_exit+0x10/0x10 [ 231.051026] ? debug_smp_processor_id+0x20/0x30 [ 231.051770] ? rcu_is_watching+0x19/0xb0 [ 231.052343] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.052967] ? trace_hardirqs_on+0x26/0x120 [ 231.053551] do_group_exit+0xe0/0x2b0 [ 231.054264] __x64_sys_exit_group+0x47/0x50 [ 231.054916] do_syscall_64+0x3b/0x90 [ 231.055462] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.056178] RIP: 0033:0x7f4b87518a4d [ 231.056807] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.057741] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.058820] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.059986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.060923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.061856] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.063082] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.064102] [ 231.064434] irq event stamp: 0 [ 231.064869] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.065726] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.066908] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.068037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.068898] ---[ end trace 0000000000000000 ]--- [ 231.076123] ------------[ cut here ]------------ [ 231.076840] WARNING: CPU: 1 PID: 2209 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.078211] Modules linked in: [ 231.078830] CPU: 1 PID: 2209 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.080038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.081562] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.082243] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.084800] RSP: 0018:ffff88801496fbb8 EFLAGS: 00010246 [ 231.085554] RAX: 0000000000000000 RBX: ffff88800e9620a8 RCX: 0000000000000000 [ 231.086501] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 231.087536] RBP: ffff88801496fbd0 R08: ffffed1001d2c433 R09: ffffed1001d2c433 [ 231.088509] R10: ffff88800e962193 R11: ffffed1001d2c432 R12: ffff888013cf8000 [ 231.089487] R13: ffff88800e9621e8 R14: ffffffff8352e670 R15: ffff88801496fe68 [ 231.090447] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 231.091582] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.092354] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 231.093296] PKRU: 55555554 [ 231.093675] Call Trace: [ 231.094019] [ 231.094325] __iommufd_access_detach+0x1c2/0x2b0 [ 231.095026] iommufd_access_change_pt+0x149/0x270 [ 231.095708] iommufd_access_replace+0xb4/0x120 [ 231.096331] iommufd_test+0x3e5/0x37e0 [ 231.096849] ? lock_release+0x532/0x770 [ 231.097392] ? __might_fault+0x102/0x1b0 [ 231.097940] ? lock_acquire+0x427/0x4c0 [ 231.098482] ? __pfx_iommufd_test+0x10/0x10 [ 231.099102] ? __pfx_lock_release+0x10/0x10 [ 231.099708] ? __pfx_lock_acquire+0x10/0x10 [ 231.100292] ? write_comp_data+0x2f/0x90 [ 231.100847] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.101498] ? write_comp_data+0x2f/0x90 [ 231.102050] iommufd_fops_ioctl+0x37d/0x510 [ 231.102672] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.103348] ? write_comp_data+0x2f/0x90 [ 231.103909] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.104561] __x64_sys_ioctl+0x1a3/0x230 [ 231.105127] do_syscall_64+0x3b/0x90 [ 231.105644] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.106341] RIP: 0033:0x7f4b8743ee5d [ 231.106901] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 231.109295] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 231.110287] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 231.111280] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 231.112216] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 231.113152] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 231.114084] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 231.115085] [ 231.115427] irq event stamp: 0 [ 231.115852] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.116683] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.117776] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.118918] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.119783] ---[ end trace 0000000000000000 ]--- [ 231.126034] ------------[ cut here ]------------ [ 231.126804] WARNING: CPU: 0 PID: 2209 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.128141] Modules linked in: [ 231.128570] CPU: 0 PID: 2209 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.129707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.131347] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.132014] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.134364] RSP: 0018:ffff88801496fbd0 EFLAGS: 00010246 [ 231.135103] RAX: 0000000000000000 RBX: ffff88800e9620a8 RCX: 0000000000000000 [ 231.136060] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 231.137000] RBP: ffff88801496fbe8 R08: ffffed1001d2c433 R09: ffffed1001d2c433 [ 231.137927] R10: ffff88800e962193 R11: ffffed1001d2c432 R12: ffff88800f108800 [ 231.138925] R13: ffff88800e9621e8 R14: ffff88800fd7bb00 R15: 0000000000000000 [ 231.139877] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.140923] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.141680] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 231.142655] PKRU: 55555554 [ 231.143033] Call Trace: [ 231.143390] [ 231.143698] iommufd_access_destroy_object+0x65/0x170 [ 231.144377] iommufd_object_destroy_user+0x18e/0x220 [ 231.145053] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 231.145823] iommufd_access_destroy+0x43/0x70 [ 231.146433] iommufd_test_staccess_release+0x8d/0xd0 [ 231.147170] __fput+0x26d/0xa40 [ 231.147651] ____fput+0x1e/0x30 [ 231.148119] task_work_run+0x1a4/0x2d0 [ 231.148655] ? __pfx_task_work_run+0x10/0x10 [ 231.149246] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.149899] ? switch_task_namespaces+0xa9/0xe0 [ 231.150588] do_exit+0xb17/0x2ef0 [ 231.151058] ? lock_acquire+0x427/0x4c0 [ 231.151618] ? __pfx_lock_release+0x10/0x10 [ 231.152196] ? __kasan_check_write+0x18/0x20 [ 231.152784] ? do_raw_spin_lock+0x132/0x2a0 [ 231.153355] ? __pfx_do_exit+0x10/0x10 [ 231.153891] ? debug_smp_processor_id+0x20/0x30 [ 231.154574] ? rcu_is_watching+0x19/0xb0 [ 231.155150] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.155771] ? trace_hardirqs_on+0x26/0x120 [ 231.156351] do_group_exit+0xe0/0x2b0 [ 231.156863] __x64_sys_exit_group+0x47/0x50 [ 231.157430] do_syscall_64+0x3b/0x90 [ 231.157941] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.158681] RIP: 0033:0x7f4b87518a4d [ 231.159192] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.159999] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.160988] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.161913] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.162883] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.163832] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.164763] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.165703] [ 231.166015] irq event stamp: 0 [ 231.166433] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.167301] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.168392] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.169470] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.170284] ---[ end trace 0000000000000000 ]--- [ 231.171725] ------------[ cut here ]------------ [ 231.172359] WARNING: CPU: 0 PID: 2209 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 231.173679] Modules linked in: [ 231.174105] CPU: 0 PID: 2209 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.175539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.176748] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 231.177280] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 231.179188] RSP: 0018:ffff88801496fb78 EFLAGS: 00010246 [ 231.179744] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 231.180468] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 231.181197] RBP: ffff88801496fb98 R08: ffffed1001d2c43e R09: ffffed1001d2c43e [ 231.181927] R10: ffff88800e9621ef R11: ffffed1001d2c43d R12: ffff88800e962290 [ 231.182677] R13: ffff88800e9620a8 R14: ffffffffffffffff R15: ffff88801496fc60 [ 231.183431] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.184267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.184875] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 231.186175] PKRU: 55555554 [ 231.186480] Call Trace: [ 231.186797] [ 231.187029] iommufd_ioas_destroy+0x53/0x70 [ 231.187511] iommufd_fops_release+0x1f7/0x370 [ 231.187981] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.188511] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.189020] ? write_comp_data+0x2f/0x90 [ 231.189455] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.189982] __fput+0x26d/0xa40 [ 231.190395] ____fput+0x1e/0x30 [ 231.190939] task_work_run+0x1a4/0x2d0 [ 231.191461] ? __pfx_task_work_run+0x10/0x10 [ 231.191927] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.192440] ? switch_task_namespaces+0xa9/0xe0 [ 231.192937] do_exit+0xb17/0x2ef0 [ 231.193302] ? lock_acquire+0x427/0x4c0 [ 231.193724] ? __pfx_lock_release+0x10/0x10 [ 231.194178] ? __kasan_check_write+0x18/0x20 [ 231.194669] ? do_raw_spin_lock+0x132/0x2a0 [ 231.195137] ? __pfx_do_exit+0x10/0x10 [ 231.195558] ? debug_smp_processor_id+0x20/0x30 [ 231.196051] ? rcu_is_watching+0x19/0xb0 [ 231.196599] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.197331] ? trace_hardirqs_on+0x26/0x120 [ 231.197801] do_group_exit+0xe0/0x2b0 [ 231.198204] __x64_sys_exit_group+0x47/0x50 [ 231.198697] do_syscall_64+0x3b/0x90 [ 231.199100] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.199669] RIP: 0033:0x7f4b87518a4d [ 231.200064] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.200709] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.201835] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.202628] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.203401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.204152] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.204891] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.205653] [ 231.205975] irq event stamp: 0 [ 231.206575] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.207241] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.208119] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.208980] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.209629] ---[ end trace 0000000000000000 ]--- [ 231.215478] ------------[ cut here ]------------ [ 231.216128] WARNING: CPU: 0 PID: 2210 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.217400] Modules linked in: [ 231.217738] CPU: 0 PID: 2210 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.218691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.219885] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.220501] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.222674] RSP: 0018:ffff8880167e7bb8 EFLAGS: 00010246 [ 231.223256] RAX: 0000000000000000 RBX: ffff888012b2e0a8 RCX: 0000000000000000 [ 231.224006] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 231.224750] RBP: ffff8880167e7bd0 R08: ffffed1002565c33 R09: ffffed1002565c33 [ 231.225605] R10: ffff888012b2e193 R11: ffffed1002565c32 R12: ffff888014580000 [ 231.226601] R13: ffff888012b2e1e8 R14: ffffffff8352e670 R15: ffff8880167e7e68 [ 231.227365] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.228208] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.228816] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ef0 [ 231.229651] PKRU: 55555554 [ 231.229951] Call Trace: [ 231.230219] [ 231.230538] __iommufd_access_detach+0x1c2/0x2b0 [ 231.231275] iommufd_access_change_pt+0x149/0x270 [ 231.231809] iommufd_access_replace+0xb4/0x120 [ 231.232316] iommufd_test+0x3e5/0x37e0 [ 231.232733] ? lock_release+0x532/0x770 [ 231.233171] ? __might_fault+0x102/0x1b0 [ 231.233613] ? lock_acquire+0x427/0x4c0 [ 231.234050] ? __pfx_iommufd_test+0x10/0x10 [ 231.234568] ? __pfx_lock_release+0x10/0x10 [ 231.235044] ? __pfx_lock_acquire+0x10/0x10 [ 231.235594] ? write_comp_data+0x2f/0x90 [ 231.236295] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.236827] ? write_comp_data+0x2f/0x90 [ 231.237274] iommufd_fops_ioctl+0x37d/0x510 [ 231.237737] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.238264] ? write_comp_data+0x2f/0x90 [ 231.238744] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.239325] __x64_sys_ioctl+0x1a3/0x230 [ 231.239992] do_syscall_64+0x3b/0x90 [ 231.240405] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.240972] RIP: 0033:0x7f4b8743ee5d [ 231.241374] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 231.243405] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 231.244415] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 231.245183] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 231.245956] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 231.246725] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 231.247558] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 231.248561] [ 231.248827] irq event stamp: 0 [ 231.249162] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.249834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.250744] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.251700] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.252657] ---[ end trace 0000000000000000 ]--- [ 231.257295] ------------[ cut here ]------------ [ 231.257820] WARNING: CPU: 0 PID: 2210 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.258958] Modules linked in: [ 231.259318] CPU: 0 PID: 2210 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.260518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.261785] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.262324] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.264488] RSP: 0018:ffff8880167e7bd0 EFLAGS: 00010246 [ 231.265174] RAX: 0000000000000000 RBX: ffff888012b2e0a8 RCX: 0000000000000000 [ 231.265948] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 231.266728] RBP: ffff8880167e7be8 R08: ffffed1002565c33 R09: ffffed1002565c33 [ 231.267498] R10: ffff888012b2e193 R11: ffffed1002565c32 R12: ffff88800b9b7c00 [ 231.268386] R13: ffff888012b2e1e8 R14: ffff88800fa03400 R15: 0000000000000000 [ 231.269414] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.270270] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.270913] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 231.271685] PKRU: 55555554 [ 231.271994] Call Trace: [ 231.272272] [ 231.272600] iommufd_access_destroy_object+0x65/0x170 [ 231.273402] iommufd_object_destroy_user+0x18e/0x220 [ 231.273964] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 231.274647] iommufd_access_destroy+0x43/0x70 [ 231.275152] iommufd_test_staccess_release+0x8d/0xd0 [ 231.275712] __fput+0x26d/0xa40 [ 231.276091] ____fput+0x1e/0x30 [ 231.276471] task_work_run+0x1a4/0x2d0 [ 231.277201] ? __pfx_task_work_run+0x10/0x10 [ 231.277685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.278218] ? switch_task_namespaces+0xa9/0xe0 [ 231.278755] do_exit+0xb17/0x2ef0 [ 231.279157] ? lock_acquire+0x427/0x4c0 [ 231.279591] ? __pfx_lock_release+0x10/0x10 [ 231.280055] ? __kasan_check_write+0x18/0x20 [ 231.280587] ? do_raw_spin_lock+0x132/0x2a0 [ 231.281278] ? __pfx_do_exit+0x10/0x10 [ 231.281732] ? debug_smp_processor_id+0x20/0x30 [ 231.282241] ? rcu_is_watching+0x19/0xb0 [ 231.282709] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.283206] ? trace_hardirqs_on+0x26/0x120 [ 231.283672] do_group_exit+0xe0/0x2b0 [ 231.284087] __x64_sys_exit_group+0x47/0x50 [ 231.284657] do_syscall_64+0x3b/0x90 [ 231.285252] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.285823] RIP: 0033:0x7f4b87518a4d [ 231.286242] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.286932] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.287767] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.288638] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.289706] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.290471] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.291268] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.292054] [ 231.292307] irq event stamp: 0 [ 231.292642] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.293397] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.294284] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.295213] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.295885] ---[ end trace 0000000000000000 ]--- [ 231.296792] ------------[ cut here ]------------ [ 231.297292] WARNING: CPU: 0 PID: 2210 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 231.298391] Modules linked in: [ 231.298785] CPU: 0 PID: 2210 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.299740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.300963] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 231.301516] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 231.303618] RSP: 0018:ffff8880167e7b78 EFLAGS: 00010246 [ 231.304201] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 231.304952] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 231.305699] RBP: ffff8880167e7b98 R08: ffffed1002565c3e R09: ffffed1002565c3e [ 231.306458] R10: ffff888012b2e1ef R11: ffffed1002565c3d R12: ffff888012b2e290 [ 231.307253] R13: ffff888012b2e0a8 R14: ffffffffffffffff R15: ffff8880167e7c60 [ 231.308043] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.308911] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.309528] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 231.310326] PKRU: 55555554 [ 231.310680] Call Trace: [ 231.310956] [ 231.311223] iommufd_ioas_destroy+0x53/0x70 [ 231.311695] iommufd_fops_release+0x1f7/0x370 [ 231.312190] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.312735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.313266] ? write_comp_data+0x2f/0x90 [ 231.313711] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.314245] __fput+0x26d/0xa40 [ 231.314665] ____fput+0x1e/0x30 [ 231.315050] task_work_run+0x1a4/0x2d0 [ 231.315496] ? __pfx_task_work_run+0x10/0x10 [ 231.315970] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.316486] ? switch_task_namespaces+0xa9/0xe0 [ 231.316999] do_exit+0xb17/0x2ef0 [ 231.317379] ? lock_acquire+0x427/0x4c0 [ 231.317812] ? __pfx_lock_release+0x10/0x10 [ 231.318280] ? __kasan_check_write+0x18/0x20 [ 231.318783] ? do_raw_spin_lock+0x132/0x2a0 [ 231.319271] ? __pfx_do_exit+0x10/0x10 [ 231.319702] ? debug_smp_processor_id+0x20/0x30 [ 231.320216] ? rcu_is_watching+0x19/0xb0 [ 231.320662] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.321151] ? trace_hardirqs_on+0x26/0x120 [ 231.321620] do_group_exit+0xe0/0x2b0 [ 231.322026] __x64_sys_exit_group+0x47/0x50 [ 231.322484] do_syscall_64+0x3b/0x90 [ 231.322925] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.323504] RIP: 0033:0x7f4b87518a4d [ 231.323906] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.324575] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.325462] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.326224] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.327022] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.328032] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.328789] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.329552] [ 231.329808] irq event stamp: 0 [ 231.330141] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.330845] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.331767] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.332644] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.333326] ---[ end trace 0000000000000000 ]--- [ 231.339269] ------------[ cut here ]------------ [ 231.339839] WARNING: CPU: 0 PID: 2211 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.340900] Modules linked in: [ 231.341244] CPU: 0 PID: 2211 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.342159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.343443] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.343991] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.345909] RSP: 0018:ffff88800fb7fbb8 EFLAGS: 00010246 [ 231.346480] RAX: 0000000000000000 RBX: ffff8880165348a8 RCX: 0000000000000000 [ 231.347265] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 231.348014] RBP: ffff88800fb7fbd0 R08: ffffed1002ca6933 R09: ffffed1002ca6933 [ 231.348750] R10: ffff888016534993 R11: ffffed1002ca6932 R12: ffff88801422f400 [ 231.349493] R13: ffff8880165349e8 R14: ffffffff8352e670 R15: ffff88800fb7fe68 [ 231.350232] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.351085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.351706] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 231.352445] PKRU: 55555554 [ 231.352742] Call Trace: [ 231.353011] [ 231.353247] __iommufd_access_detach+0x1c2/0x2b0 [ 231.353753] iommufd_access_change_pt+0x149/0x270 [ 231.354268] iommufd_access_replace+0xb4/0x120 [ 231.354777] iommufd_test+0x3e5/0x37e0 [ 231.355195] ? lock_release+0x532/0x770 [ 231.355626] ? __might_fault+0x102/0x1b0 [ 231.356055] ? lock_acquire+0x427/0x4c0 [ 231.356475] ? __pfx_iommufd_test+0x10/0x10 [ 231.356925] ? __pfx_lock_release+0x10/0x10 [ 231.357454] ? __pfx_lock_acquire+0x10/0x10 [ 231.357917] ? write_comp_data+0x2f/0x90 [ 231.358351] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.358888] ? write_comp_data+0x2f/0x90 [ 231.359346] iommufd_fops_ioctl+0x37d/0x510 [ 231.359802] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.360318] ? write_comp_data+0x2f/0x90 [ 231.360749] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.361255] __x64_sys_ioctl+0x1a3/0x230 [ 231.361687] do_syscall_64+0x3b/0x90 [ 231.362084] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.362651] RIP: 0033:0x7f4b8743ee5d [ 231.363041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 231.364953] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 231.365754] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 231.366496] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 231.367281] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 231.368017] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 231.368747] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 231.369486] [ 231.369727] irq event stamp: 0 [ 231.370056] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.370723] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.371598] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.372464] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.373124] ---[ end trace 0000000000000000 ]--- [ 231.376445] ------------[ cut here ]------------ [ 231.376977] WARNING: CPU: 0 PID: 2211 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.378010] Modules linked in: [ 231.378345] CPU: 0 PID: 2211 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.379284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.380442] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.380955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.382857] RSP: 0018:ffff88800fb7fbd0 EFLAGS: 00010246 [ 231.383429] RAX: 0000000000000000 RBX: ffff8880165348a8 RCX: 0000000000000000 [ 231.384154] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 231.384883] RBP: ffff88800fb7fbe8 R08: ffffed1002ca6933 R09: ffffed1002ca6933 [ 231.385608] R10: ffff888016534993 R11: ffffed1002ca6932 R12: ffff888014581000 [ 231.386346] R13: ffff8880165349e8 R14: ffff88800fa2f500 R15: 0000000000000000 [ 231.387109] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.387956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.388560] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 231.389354] PKRU: 55555554 [ 231.389649] Call Trace: [ 231.389913] [ 231.390152] iommufd_access_destroy_object+0x65/0x170 [ 231.390733] iommufd_object_destroy_user+0x18e/0x220 [ 231.391281] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 231.391888] iommufd_access_destroy+0x43/0x70 [ 231.392363] iommufd_test_staccess_release+0x8d/0xd0 [ 231.392914] __fput+0x26d/0xa40 [ 231.393283] ____fput+0x1e/0x30 [ 231.393638] task_work_run+0x1a4/0x2d0 [ 231.394056] ? __pfx_task_work_run+0x10/0x10 [ 231.394560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.395072] ? switch_task_namespaces+0xa9/0xe0 [ 231.395586] do_exit+0xb17/0x2ef0 [ 231.395946] ? lock_acquire+0x427/0x4c0 [ 231.396364] ? __pfx_lock_release+0x10/0x10 [ 231.396825] ? __kasan_check_write+0x18/0x20 [ 231.397281] ? do_raw_spin_lock+0x132/0x2a0 [ 231.397735] ? __pfx_do_exit+0x10/0x10 [ 231.398148] ? debug_smp_processor_id+0x20/0x30 [ 231.398653] ? rcu_is_watching+0x19/0xb0 [ 231.399078] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.399565] ? trace_hardirqs_on+0x26/0x120 [ 231.400029] do_group_exit+0xe0/0x2b0 [ 231.400437] __x64_sys_exit_group+0x47/0x50 [ 231.400885] do_syscall_64+0x3b/0x90 [ 231.401279] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.401826] RIP: 0033:0x7f4b87518a4d [ 231.402212] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.402877] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.403691] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.404424] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.405164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.405906] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.406683] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.407476] [ 231.407720] irq event stamp: 0 [ 231.408050] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.408704] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.409566] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.410422] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.411103] ---[ end trace 0000000000000000 ]--- [ 231.411996] ------------[ cut here ]------------ [ 231.412500] WARNING: CPU: 0 PID: 2211 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 231.413560] Modules linked in: [ 231.413898] CPU: 0 PID: 2211 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.414840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.416034] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 231.416574] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 231.418461] RSP: 0018:ffff88800fb7fb78 EFLAGS: 00010246 [ 231.419036] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 231.419787] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 231.420517] RBP: ffff88800fb7fb98 R08: ffffed1002ca693e R09: ffffed1002ca693e [ 231.421300] R10: ffff8880165349ef R11: ffffed1002ca693d R12: ffff888016534a90 [ 231.422034] R13: ffff8880165348a8 R14: ffffffffffffffff R15: ffff88800fb7fc60 [ 231.422787] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.423632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.424236] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 231.424983] PKRU: 55555554 [ 231.425286] Call Trace: [ 231.425555] [ 231.425794] iommufd_ioas_destroy+0x53/0x70 [ 231.426253] iommufd_fops_release+0x1f7/0x370 [ 231.426756] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.427293] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.427806] ? write_comp_data+0x2f/0x90 [ 231.428241] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.428773] __fput+0x26d/0xa40 [ 231.429136] ____fput+0x1e/0x30 [ 231.429486] task_work_run+0x1a4/0x2d0 [ 231.429901] ? __pfx_task_work_run+0x10/0x10 [ 231.430371] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.430913] ? switch_task_namespaces+0xa9/0xe0 [ 231.431425] do_exit+0xb17/0x2ef0 [ 231.431793] ? lock_acquire+0x427/0x4c0 [ 231.432217] ? __pfx_lock_release+0x10/0x10 [ 231.432669] ? __kasan_check_write+0x18/0x20 [ 231.433131] ? do_raw_spin_lock+0x132/0x2a0 [ 231.433588] ? __pfx_do_exit+0x10/0x10 [ 231.434010] ? debug_smp_processor_id+0x20/0x30 [ 231.434497] ? rcu_is_watching+0x19/0xb0 [ 231.434948] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.435441] ? trace_hardirqs_on+0x26/0x120 [ 231.435903] do_group_exit+0xe0/0x2b0 [ 231.436297] __x64_sys_exit_group+0x47/0x50 [ 231.436746] do_syscall_64+0x3b/0x90 [ 231.437142] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.437692] RIP: 0033:0x7f4b87518a4d [ 231.438082] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.438744] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.439571] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.440312] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.441052] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.441784] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.442540] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.443459] [ 231.443969] irq event stamp: 0 [ 231.444686] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.445356] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.446228] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.447171] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.447836] ---[ end trace 0000000000000000 ]--- [ 231.452667] ------------[ cut here ]------------ [ 231.453531] WARNING: CPU: 0 PID: 2212 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.454622] Modules linked in: [ 231.454950] CPU: 0 PID: 2212 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.455862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.457025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.457597] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.459885] RSP: 0018:ffff8880167e7bb8 EFLAGS: 00010246 [ 231.460453] RAX: 0000000000000000 RBX: ffff88801496b0a8 RCX: 0000000000000000 [ 231.461193] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 231.461936] RBP: ffff8880167e7bd0 R08: ffffed100292d633 R09: ffffed100292d633 [ 231.462813] R10: ffff88801496b193 R11: ffffed100292d632 R12: ffff888013b67000 [ 231.463831] R13: ffff88801496b1e8 R14: ffffffff8352e670 R15: ffff8880167e7e68 [ 231.464571] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.465399] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.465993] CR2: 00007f4b877410e8 CR3: 000000001412a000 CR4: 0000000000750ef0 [ 231.466770] PKRU: 55555554 [ 231.467071] Call Trace: [ 231.467352] [ 231.467589] __iommufd_access_detach+0x1c2/0x2b0 [ 231.468245] iommufd_access_change_pt+0x149/0x270 [ 231.468970] iommufd_access_replace+0xb4/0x120 [ 231.469463] iommufd_test+0x3e5/0x37e0 [ 231.469871] ? lock_release+0x532/0x770 [ 231.470300] ? __might_fault+0x102/0x1b0 [ 231.470759] ? lock_acquire+0x427/0x4c0 [ 231.471213] ? __pfx_iommufd_test+0x10/0x10 [ 231.471662] ? __pfx_lock_release+0x10/0x10 [ 231.472120] ? __pfx_lock_acquire+0x10/0x10 [ 231.472583] ? write_comp_data+0x2f/0x90 [ 231.473168] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.473954] ? write_comp_data+0x2f/0x90 [ 231.474397] iommufd_fops_ioctl+0x37d/0x510 [ 231.474892] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.475436] ? write_comp_data+0x2f/0x90 [ 231.475875] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.476383] __x64_sys_ioctl+0x1a3/0x230 [ 231.476819] do_syscall_64+0x3b/0x90 [ 231.477215] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.477764] RIP: 0033:0x7f4b8743ee5d [ 231.478273] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 231.480612] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 231.481423] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 231.482161] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 231.482940] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 231.483698] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 231.484666] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 231.485652] [ 231.485900] irq event stamp: 0 [ 231.486228] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.486910] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.487792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.488667] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.489500] ---[ end trace 0000000000000000 ]--- [ 231.493257] ------------[ cut here ]------------ [ 231.493811] WARNING: CPU: 0 PID: 2212 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.495425] Modules linked in: [ 231.495769] CPU: 0 PID: 2212 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.496680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.497848] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.498368] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.500300] RSP: 0018:ffff8880167e7bd0 EFLAGS: 00010246 [ 231.500861] RAX: 0000000000000000 RBX: ffff88801496b0a8 RCX: 0000000000000000 [ 231.501601] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 231.502340] RBP: ffff8880167e7be8 R08: ffffed100292d633 R09: ffffed100292d633 [ 231.503106] R10: ffff88801496b193 R11: ffffed100292d632 R12: ffff88801422c000 [ 231.503869] R13: ffff88801496b1e8 R14: ffff888012deee00 R15: 0000000000000000 [ 231.504632] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.505485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.506111] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 231.506903] PKRU: 55555554 [ 231.507221] Call Trace: [ 231.507505] [ 231.507750] iommufd_access_destroy_object+0x65/0x170 [ 231.508306] iommufd_object_destroy_user+0x18e/0x220 [ 231.508864] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 231.509497] iommufd_access_destroy+0x43/0x70 [ 231.509996] iommufd_test_staccess_release+0x8d/0xd0 [ 231.510592] __fput+0x26d/0xa40 [ 231.510970] ____fput+0x1e/0x30 [ 231.511348] task_work_run+0x1a4/0x2d0 [ 231.511781] ? __pfx_task_work_run+0x10/0x10 [ 231.512263] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.512793] ? switch_task_namespaces+0xa9/0xe0 [ 231.513312] do_exit+0xb17/0x2ef0 [ 231.513691] ? lock_acquire+0x427/0x4c0 [ 231.514134] ? __pfx_lock_release+0x10/0x10 [ 231.514635] ? __kasan_check_write+0x18/0x20 [ 231.515125] ? do_raw_spin_lock+0x132/0x2a0 [ 231.515602] ? __pfx_do_exit+0x10/0x10 [ 231.516036] ? debug_smp_processor_id+0x20/0x30 [ 231.516540] ? rcu_is_watching+0x19/0xb0 [ 231.517032] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.517528] ? trace_hardirqs_on+0x26/0x120 [ 231.518014] do_group_exit+0xe0/0x2b0 [ 231.518441] __x64_sys_exit_group+0x47/0x50 [ 231.518956] do_syscall_64+0x3b/0x90 [ 231.519393] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.519958] RIP: 0033:0x7f4b87518a4d [ 231.520359] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.521014] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.521827] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.522626] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.523410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.524169] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.524930] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.525701] [ 231.525956] irq event stamp: 0 [ 231.526299] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.527005] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.527920] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.528823] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.529512] ---[ end trace 0000000000000000 ]--- [ 231.530689] ------------[ cut here ]------------ [ 231.531473] WARNING: CPU: 0 PID: 2212 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 231.532568] Modules linked in: [ 231.532924] CPU: 0 PID: 2212 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.533848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.535095] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 231.535676] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 231.538183] RSP: 0018:ffff8880167e7b78 EFLAGS: 00010246 [ 231.538819] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 231.539610] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 231.540375] RBP: ffff8880167e7b98 R08: ffffed100292d63e R09: ffffed100292d63e [ 231.541149] R10: ffff88801496b1ef R11: ffffed100292d63d R12: ffff88801496b290 [ 231.542375] R13: ffff88801496b0a8 R14: ffffffffffffffff R15: ffff8880167e7c60 [ 231.543213] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.544083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.544714] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 231.545491] PKRU: 55555554 [ 231.545805] Call Trace: [ 231.546087] [ 231.546367] iommufd_ioas_destroy+0x53/0x70 [ 231.547198] iommufd_fops_release+0x1f7/0x370 [ 231.547703] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.548253] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.548800] ? write_comp_data+0x2f/0x90 [ 231.549303] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.549844] __fput+0x26d/0xa40 [ 231.550217] ____fput+0x1e/0x30 [ 231.550634] task_work_run+0x1a4/0x2d0 [ 231.551068] ? __pfx_task_work_run+0x10/0x10 [ 231.551578] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.552171] ? switch_task_namespaces+0xa9/0xe0 [ 231.552845] do_exit+0xb17/0x2ef0 [ 231.553403] ? lock_acquire+0x427/0x4c0 [ 231.553845] ? __pfx_lock_release+0x10/0x10 [ 231.554318] ? __kasan_check_write+0x18/0x20 [ 231.554848] ? do_raw_spin_lock+0x132/0x2a0 [ 231.555357] ? __pfx_do_exit+0x10/0x10 [ 231.555799] ? debug_smp_processor_id+0x20/0x30 [ 231.556303] ? rcu_is_watching+0x19/0xb0 [ 231.556749] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.557245] ? trace_hardirqs_on+0x26/0x120 [ 231.557877] do_group_exit+0xe0/0x2b0 [ 231.558490] __x64_sys_exit_group+0x47/0x50 [ 231.558991] do_syscall_64+0x3b/0x90 [ 231.559424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.559988] RIP: 0033:0x7f4b87518a4d [ 231.560389] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.561046] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.561858] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.562806] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.563811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.564578] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.565340] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.566111] [ 231.566366] irq event stamp: 0 [ 231.566749] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.567454] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.568505] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.569668] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.570345] ---[ end trace 0000000000000000 ]--- [ 231.576513] ------------[ cut here ]------------ [ 231.577073] WARNING: CPU: 0 PID: 2213 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.578245] Modules linked in: [ 231.578973] CPU: 0 PID: 2213 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.579940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.581201] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.581732] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.583710] RSP: 0018:ffff888012edfbb8 EFLAGS: 00010246 [ 231.584280] RAX: 0000000000000000 RBX: ffff888016ef10a8 RCX: 0000000000000000 [ 231.585027] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 231.585776] RBP: ffff888012edfbd0 R08: ffffed1002dde233 R09: ffffed1002dde233 [ 231.586569] R10: ffff888016ef1193 R11: ffffed1002dde232 R12: ffff88800f796800 [ 231.587362] R13: ffff888016ef11e8 R14: ffffffff8352e670 R15: ffff888012edfe68 [ 231.588110] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.588974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.589596] CR2: 00007f4b877410e8 CR3: 00000000144ea000 CR4: 0000000000750ef0 [ 231.590365] PKRU: 55555554 [ 231.590703] Call Trace: [ 231.590982] [ 231.591239] __iommufd_access_detach+0x1c2/0x2b0 [ 231.591781] iommufd_access_change_pt+0x149/0x270 [ 231.592323] iommufd_access_replace+0xb4/0x120 [ 231.592832] iommufd_test+0x3e5/0x37e0 [ 231.593258] ? lock_release+0x532/0x770 [ 231.593694] ? __might_fault+0x102/0x1b0 [ 231.594143] ? lock_acquire+0x427/0x4c0 [ 231.594613] ? __pfx_iommufd_test+0x10/0x10 [ 231.595073] ? __pfx_lock_release+0x10/0x10 [ 231.595585] ? __pfx_lock_acquire+0x10/0x10 [ 231.596071] ? write_comp_data+0x2f/0x90 [ 231.596524] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.597053] ? write_comp_data+0x2f/0x90 [ 231.597504] iommufd_fops_ioctl+0x37d/0x510 [ 231.597983] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.598548] ? write_comp_data+0x2f/0x90 [ 231.598997] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.599535] __x64_sys_ioctl+0x1a3/0x230 [ 231.599985] do_syscall_64+0x3b/0x90 [ 231.600401] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.600954] RIP: 0033:0x7f4b8743ee5d [ 231.601349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 231.603334] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 231.604145] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 231.604897] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 231.605652] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 231.606403] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 231.607199] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 231.607966] [ 231.608215] irq event stamp: 0 [ 231.608553] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.609234] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.610136] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.611058] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.611750] ---[ end trace 0000000000000000 ]--- [ 231.615599] ------------[ cut here ]------------ [ 231.616126] WARNING: CPU: 0 PID: 2213 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.617195] Modules linked in: [ 231.617666] CPU: 0 PID: 2213 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.618842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.620070] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.620613] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.622614] RSP: 0018:ffff888012edfbd0 EFLAGS: 00010246 [ 231.623218] RAX: 0000000000000000 RBX: ffff888016ef10a8 RCX: 0000000000000000 [ 231.623995] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 231.624760] RBP: ffff888012edfbe8 R08: ffffed1002dde233 R09: ffffed1002dde233 [ 231.625534] R10: ffff888016ef1193 R11: ffffed1002dde232 R12: ffff888013b65c00 [ 231.626319] R13: ffff888016ef11e8 R14: ffff888012cdc400 R15: 0000000000000000 [ 231.627167] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.628033] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.628659] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 231.629436] PKRU: 55555554 [ 231.629747] Call Trace: [ 231.630025] [ 231.630278] iommufd_access_destroy_object+0x65/0x170 [ 231.630874] iommufd_object_destroy_user+0x18e/0x220 [ 231.631452] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 231.632096] iommufd_access_destroy+0x43/0x70 [ 231.632601] iommufd_test_staccess_release+0x8d/0xd0 [ 231.633175] __fput+0x26d/0xa40 [ 231.633563] ____fput+0x1e/0x30 [ 231.633937] task_work_run+0x1a4/0x2d0 [ 231.634377] ? __pfx_task_work_run+0x10/0x10 [ 231.634896] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.635457] ? switch_task_namespaces+0xa9/0xe0 [ 231.635970] do_exit+0xb17/0x2ef0 [ 231.636341] ? lock_acquire+0x427/0x4c0 [ 231.636776] ? __pfx_lock_release+0x10/0x10 [ 231.637285] ? __kasan_check_write+0x18/0x20 [ 231.637746] ? do_raw_spin_lock+0x132/0x2a0 [ 231.638198] ? __pfx_do_exit+0x10/0x10 [ 231.638640] ? debug_smp_processor_id+0x20/0x30 [ 231.639140] ? rcu_is_watching+0x19/0xb0 [ 231.639563] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.640040] ? trace_hardirqs_on+0x26/0x120 [ 231.640499] do_group_exit+0xe0/0x2b0 [ 231.640906] __x64_sys_exit_group+0x47/0x50 [ 231.641350] do_syscall_64+0x3b/0x90 [ 231.641752] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.642300] RIP: 0033:0x7f4b87518a4d [ 231.642713] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.643369] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.644169] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.644911] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.645692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.646423] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.647215] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.647984] [ 231.648233] irq event stamp: 0 [ 231.648568] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.649229] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.650102] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.651001] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.651687] ---[ end trace 0000000000000000 ]--- [ 231.652643] ------------[ cut here ]------------ [ 231.653290] WARNING: CPU: 0 PID: 2213 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 231.654576] Modules linked in: [ 231.654927] CPU: 0 PID: 2213 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.655870] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.657050] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 231.657592] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 231.660076] RSP: 0018:ffff888012edfb78 EFLAGS: 00010246 [ 231.660656] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 231.661409] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 231.662159] RBP: ffff888012edfb98 R08: ffffed1002dde23e R09: ffffed1002dde23e [ 231.662934] R10: ffff888016ef11ef R11: ffffed1002dde23d R12: ffff888016ef1290 [ 231.663717] R13: ffff888016ef10a8 R14: ffffffffffffffff R15: ffff888012edfc60 [ 231.664487] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 231.665363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.665978] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 231.666772] PKRU: 55555554 [ 231.667076] Call Trace: [ 231.667363] [ 231.667607] iommufd_ioas_destroy+0x53/0x70 [ 231.668083] iommufd_fops_release+0x1f7/0x370 [ 231.668571] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.669111] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.669647] ? write_comp_data+0x2f/0x90 [ 231.670094] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.670665] __fput+0x26d/0xa40 [ 231.671043] ____fput+0x1e/0x30 [ 231.671425] task_work_run+0x1a4/0x2d0 [ 231.671856] ? __pfx_task_work_run+0x10/0x10 [ 231.672353] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.672876] ? switch_task_namespaces+0xa9/0xe0 [ 231.673391] do_exit+0xb17/0x2ef0 [ 231.673775] ? lock_acquire+0x427/0x4c0 [ 231.674212] ? __pfx_lock_release+0x10/0x10 [ 231.674721] ? __kasan_check_write+0x18/0x20 [ 231.675218] ? do_raw_spin_lock+0x132/0x2a0 [ 231.675691] ? __pfx_do_exit+0x10/0x10 [ 231.676120] ? debug_smp_processor_id+0x20/0x30 [ 231.676621] ? rcu_is_watching+0x19/0xb0 [ 231.677113] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.677595] ? trace_hardirqs_on+0x26/0x120 [ 231.678066] do_group_exit+0xe0/0x2b0 [ 231.678479] __x64_sys_exit_group+0x47/0x50 [ 231.678965] do_syscall_64+0x3b/0x90 [ 231.679383] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.679946] RIP: 0033:0x7f4b87518a4d [ 231.680341] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.680985] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.681786] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.682562] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.683320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.684064] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.684817] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.685575] [ 231.685819] irq event stamp: 0 [ 231.686152] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.686845] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.687757] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.688650] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.689316] ---[ end trace 0000000000000000 ]--- [ 231.698246] ------------[ cut here ]------------ [ 231.699024] WARNING: CPU: 1 PID: 2214 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.700772] Modules linked in: [ 231.701239] CPU: 1 PID: 2214 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.702899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.704681] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.705555] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.708340] RSP: 0018:ffff8880143a7bb8 EFLAGS: 00010246 [ 231.709077] RAX: 0000000000000000 RBX: ffff8880186520a8 RCX: 0000000000000000 [ 231.710254] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 231.711326] RBP: ffff8880143a7bd0 R08: ffffed10030ca433 R09: ffffed10030ca433 [ 231.712495] R10: ffff888018652193 R11: ffffed10030ca432 R12: ffff888012e94400 [ 231.713504] R13: ffff8880186521e8 R14: ffffffff8352e670 R15: ffff8880143a7e68 [ 231.714666] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 231.715815] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.716627] CR2: 0000000020000140 CR3: 0000000013f92000 CR4: 0000000000750ee0 [ 231.717795] PKRU: 55555554 [ 231.718204] Call Trace: [ 231.718633] [ 231.718973] __iommufd_access_detach+0x1c2/0x2b0 [ 231.719709] iommufd_access_change_pt+0x149/0x270 [ 231.720534] iommufd_access_replace+0xb4/0x120 [ 231.721238] iommufd_test+0x3e5/0x37e0 [ 231.721807] ? lock_release+0x532/0x770 [ 231.722396] ? __might_fault+0x102/0x1b0 [ 231.723301] ? lock_acquire+0x427/0x4c0 [ 231.723902] ? __pfx_iommufd_test+0x10/0x10 [ 231.724523] ? __pfx_lock_release+0x10/0x10 [ 231.725156] ? __pfx_lock_acquire+0x10/0x10 [ 231.725921] ? write_comp_data+0x2f/0x90 [ 231.726676] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.727423] ? write_comp_data+0x2f/0x90 [ 231.728040] iommufd_fops_ioctl+0x37d/0x510 [ 231.728795] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.729576] ? write_comp_data+0x2f/0x90 [ 231.730195] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.730972] __x64_sys_ioctl+0x1a3/0x230 [ 231.731672] do_syscall_64+0x3b/0x90 [ 231.732243] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.733000] RIP: 0033:0x7f4b8743ee5d [ 231.733544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 231.736411] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 231.737566] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 231.738654] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 231.739905] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 231.740908] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 231.742015] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 231.743213] [ 231.743572] irq event stamp: 0 [ 231.744019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.745091] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.746266] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.747702] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.748596] ---[ end trace 0000000000000000 ]--- [ 231.754255] ------------[ cut here ]------------ [ 231.755075] WARNING: CPU: 1 PID: 2214 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.756681] Modules linked in: [ 231.757142] CPU: 1 PID: 2214 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.758628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.760230] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.761189] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.764019] RSP: 0018:ffff8880143a7bd0 EFLAGS: 00010246 [ 231.764788] RAX: 0000000000000000 RBX: ffff8880186520a8 RCX: 0000000000000000 [ 231.765796] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 231.767078] RBP: ffff8880143a7be8 R08: ffffed10030ca433 R09: ffffed10030ca433 [ 231.768130] R10: ffff888018652193 R11: ffffed10030ca432 R12: ffff88800b9b4400 [ 231.769237] R13: ffff8880186521e8 R14: ffff888010a93800 R15: 0000000000000000 [ 231.770299] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 231.771592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.772542] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 231.773563] PKRU: 55555554 [ 231.773974] Call Trace: [ 231.774399] [ 231.774946] iommufd_access_destroy_object+0x65/0x170 [ 231.775736] iommufd_object_destroy_user+0x18e/0x220 [ 231.776478] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 231.777415] iommufd_access_destroy+0x43/0x70 [ 231.778258] iommufd_test_staccess_release+0x8d/0xd0 [ 231.779083] __fput+0x26d/0xa40 [ 231.779633] ____fput+0x1e/0x30 [ 231.780249] task_work_run+0x1a4/0x2d0 [ 231.780983] ? __pfx_task_work_run+0x10/0x10 [ 231.781624] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.782327] ? switch_task_namespaces+0xa9/0xe0 [ 231.783334] do_exit+0xb17/0x2ef0 [ 231.783848] ? lock_acquire+0x427/0x4c0 [ 231.784435] ? __pfx_lock_release+0x10/0x10 [ 231.785070] ? __kasan_check_write+0x18/0x20 [ 231.785840] ? do_raw_spin_lock+0x132/0x2a0 [ 231.786703] ? __pfx_do_exit+0x10/0x10 [ 231.787316] ? debug_smp_processor_id+0x20/0x30 [ 231.788002] ? rcu_is_watching+0x19/0xb0 [ 231.788701] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.789454] ? trace_hardirqs_on+0x26/0x120 [ 231.790090] do_group_exit+0xe0/0x2b0 [ 231.790721] __x64_sys_exit_group+0x47/0x50 [ 231.791432] do_syscall_64+0x3b/0x90 [ 231.792086] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.792840] RIP: 0033:0x7f4b87518a4d [ 231.793379] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.794426] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.795584] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.796599] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.797761] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.798849] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.800086] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.801097] [ 231.801443] irq event stamp: 0 [ 231.801891] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.803025] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.804229] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.805575] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.806458] ---[ end trace 0000000000000000 ]--- [ 231.807983] ------------[ cut here ]------------ [ 231.808731] WARNING: CPU: 1 PID: 2214 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 231.810262] Modules linked in: [ 231.810908] CPU: 1 PID: 2214 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.812156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.813921] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 231.814733] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 231.817454] RSP: 0018:ffff8880143a7b78 EFLAGS: 00010246 [ 231.818301] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 231.819452] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 231.820426] RBP: ffff8880143a7b98 R08: ffffed10030ca43e R09: ffffed10030ca43e [ 231.821600] R10: ffff8880186521ef R11: ffffed10030ca43d R12: ffff888018652290 [ 231.822612] R13: ffff8880186520a8 R14: ffffffffffffffff R15: ffff8880143a7c60 [ 231.823640] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 231.824859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.825657] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 231.826679] PKRU: 55555554 [ 231.827077] Call Trace: [ 231.827446] [ 231.827763] iommufd_ioas_destroy+0x53/0x70 [ 231.828371] iommufd_fops_release+0x1f7/0x370 [ 231.828996] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.829683] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.830362] ? write_comp_data+0x2f/0x90 [ 231.830984] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.831699] __fput+0x26d/0xa40 [ 231.832182] ____fput+0x1e/0x30 [ 231.832655] task_work_run+0x1a4/0x2d0 [ 231.833210] ? __pfx_task_work_run+0x10/0x10 [ 231.833828] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.834573] ? switch_task_namespaces+0xa9/0xe0 [ 231.835266] do_exit+0xb17/0x2ef0 [ 231.835753] ? lock_acquire+0x427/0x4c0 [ 231.836323] ? __pfx_lock_release+0x10/0x10 [ 231.836926] ? __kasan_check_write+0x18/0x20 [ 231.837537] ? do_raw_spin_lock+0x132/0x2a0 [ 231.838132] ? __pfx_do_exit+0x10/0x10 [ 231.838735] ? debug_smp_processor_id+0x20/0x30 [ 231.839401] ? rcu_is_watching+0x19/0xb0 [ 231.839965] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.840599] ? trace_hardirqs_on+0x26/0x120 [ 231.841204] do_group_exit+0xe0/0x2b0 [ 231.841733] __x64_sys_exit_group+0x47/0x50 [ 231.842325] do_syscall_64+0x3b/0x90 [ 231.842901] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.843643] RIP: 0033:0x7f4b87518a4d [ 231.844158] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.844995] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.846022] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.847037] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.848020] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.848991] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.849959] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.850986] [ 231.851328] irq event stamp: 0 [ 231.851766] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.852621] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.853748] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.854964] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.855832] ---[ end trace 0000000000000000 ]--- [ 231.862567] ------------[ cut here ]------------ [ 231.863248] WARNING: CPU: 1 PID: 2215 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.864579] Modules linked in: [ 231.865008] CPU: 1 PID: 2215 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.866159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.867712] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.868385] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.870806] RSP: 0018:ffff88800f767bb8 EFLAGS: 00010246 [ 231.871555] RAX: 0000000000000000 RBX: ffff888017a130a8 RCX: 0000000000000000 [ 231.872521] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 231.873455] RBP: ffff88800f767bd0 R08: ffffed1002f42633 R09: ffffed1002f42633 [ 231.874389] R10: ffff888017a13193 R11: ffffed1002f42632 R12: ffff888013cfa800 [ 231.875381] R13: ffff888017a131e8 R14: ffffffff8352e670 R15: ffff88800f767e68 [ 231.876332] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 231.877389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.878155] CR2: 0000000020000140 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 231.879157] PKRU: 55555554 [ 231.879561] Call Trace: [ 231.879918] [ 231.880238] __iommufd_access_detach+0x1c2/0x2b0 [ 231.880913] iommufd_access_change_pt+0x149/0x270 [ 231.881575] iommufd_access_replace+0xb4/0x120 [ 231.882206] iommufd_test+0x3e5/0x37e0 [ 231.882773] ? lock_release+0x532/0x770 [ 231.883351] ? __might_fault+0x102/0x1b0 [ 231.883912] ? lock_acquire+0x427/0x4c0 [ 231.884460] ? __pfx_iommufd_test+0x10/0x10 [ 231.885032] ? __pfx_lock_release+0x10/0x10 [ 231.885622] ? __pfx_lock_acquire+0x10/0x10 [ 231.886232] ? write_comp_data+0x2f/0x90 [ 231.886853] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.887542] ? write_comp_data+0x2f/0x90 [ 231.888104] iommufd_fops_ioctl+0x37d/0x510 [ 231.888686] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.889342] ? write_comp_data+0x2f/0x90 [ 231.889898] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 231.890590] __x64_sys_ioctl+0x1a3/0x230 [ 231.891175] do_syscall_64+0x3b/0x90 [ 231.891697] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.892410] RIP: 0033:0x7f4b8743ee5d [ 231.892917] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 231.895363] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 231.896361] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 231.897327] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 231.898270] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 231.899277] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 231.900245] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 231.901211] [ 231.901534] irq event stamp: 0 [ 231.901966] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.902865] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.904024] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.905147] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.905999] ---[ end trace 0000000000000000 ]--- [ 231.911143] ------------[ cut here ]------------ [ 231.911830] WARNING: CPU: 1 PID: 2215 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 231.913189] Modules linked in: [ 231.913631] CPU: 1 PID: 2215 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.915286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.916802] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 231.917479] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 231.919975] RSP: 0018:ffff88800f767bd0 EFLAGS: 00010246 [ 231.920704] RAX: 0000000000000000 RBX: ffff888017a130a8 RCX: 0000000000000000 [ 231.921660] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 231.922661] RBP: ffff88800f767be8 R08: ffffed1002f42633 R09: ffffed1002f42633 [ 231.923645] R10: ffff888017a13193 R11: ffffed1002f42632 R12: ffff888012e96c00 [ 231.924607] R13: ffff888017a131e8 R14: ffff88802185ca00 R15: 0000000000000000 [ 231.925570] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 231.926694] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.927502] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 231.928467] PKRU: 55555554 [ 231.928855] Call Trace: [ 231.929207] [ 231.929525] iommufd_access_destroy_object+0x65/0x170 [ 231.930232] iommufd_object_destroy_user+0x18e/0x220 [ 231.930981] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 231.931800] iommufd_access_destroy+0x43/0x70 [ 231.932432] iommufd_test_staccess_release+0x8d/0xd0 [ 231.933125] __fput+0x26d/0xa40 [ 231.933605] ____fput+0x1e/0x30 [ 231.934073] task_work_run+0x1a4/0x2d0 [ 231.934667] ? __pfx_task_work_run+0x10/0x10 [ 231.935298] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.935974] ? switch_task_namespaces+0xa9/0xe0 [ 231.936627] do_exit+0xb17/0x2ef0 [ 231.937105] ? lock_acquire+0x427/0x4c0 [ 231.937666] ? __pfx_lock_release+0x10/0x10 [ 231.938267] ? __kasan_check_write+0x18/0x20 [ 231.938928] ? do_raw_spin_lock+0x132/0x2a0 [ 231.939549] ? __pfx_do_exit+0x10/0x10 [ 231.940100] ? debug_smp_processor_id+0x20/0x30 [ 231.940743] ? rcu_is_watching+0x19/0xb0 [ 231.941307] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.941935] ? trace_hardirqs_on+0x26/0x120 [ 231.942585] do_group_exit+0xe0/0x2b0 [ 231.943130] __x64_sys_exit_group+0x47/0x50 [ 231.943729] do_syscall_64+0x3b/0x90 [ 231.944256] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.944974] RIP: 0033:0x7f4b87518a4d [ 231.945487] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.946319] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.947417] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.948379] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.949337] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.950290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.951316] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.952292] [ 231.952620] irq event stamp: 0 [ 231.953053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 231.953902] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 231.955096] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 231.956248] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 231.957096] ---[ end trace 0000000000000000 ]--- [ 231.958445] ------------[ cut here ]------------ [ 231.959137] WARNING: CPU: 1 PID: 2215 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 231.960472] Modules linked in: [ 231.960900] CPU: 1 PID: 2215 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 231.962040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 231.963564] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 231.964245] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 231.966623] RSP: 0018:ffff88800f767b78 EFLAGS: 00010246 [ 231.967336] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 231.968269] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 231.969199] RBP: ffff88800f767b98 R08: ffffed1002f4263e R09: ffffed1002f4263e [ 231.970126] R10: ffff888017a131ef R11: ffffed1002f4263d R12: ffff888017a13290 [ 231.971097] R13: ffff888017a130a8 R14: ffffffffffffffff R15: ffff88800f767c60 [ 231.972045] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 231.973093] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.973857] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 231.974827] PKRU: 55555554 [ 231.975228] Call Trace: [ 231.975572] [ 231.975878] iommufd_ioas_destroy+0x53/0x70 [ 231.976456] iommufd_fops_release+0x1f7/0x370 [ 231.977150] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.977919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.978611] ? write_comp_data+0x2f/0x90 [ 231.979192] ? __pfx_iommufd_fops_release+0x10/0x10 [ 231.979860] __fput+0x26d/0xa40 [ 231.980368] ____fput+0x1e/0x30 [ 231.980935] task_work_run+0x1a4/0x2d0 [ 231.981468] ? __pfx_task_work_run+0x10/0x10 [ 231.982062] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 231.982750] ? switch_task_namespaces+0xa9/0xe0 [ 231.983516] do_exit+0xb17/0x2ef0 [ 231.984079] ? lock_acquire+0x427/0x4c0 [ 231.984618] ? __pfx_lock_release+0x10/0x10 [ 231.985198] ? __kasan_check_write+0x18/0x20 [ 231.985784] ? do_raw_spin_lock+0x132/0x2a0 [ 231.986360] ? __pfx_do_exit+0x10/0x10 [ 231.986961] ? debug_smp_processor_id+0x20/0x30 [ 231.987826] ? rcu_is_watching+0x19/0xb0 [ 231.988401] ? _raw_spin_unlock_irq+0x2b/0x60 [ 231.989039] ? trace_hardirqs_on+0x26/0x120 [ 231.989643] do_group_exit+0xe0/0x2b0 [ 231.990161] __x64_sys_exit_group+0x47/0x50 [ 231.990783] do_syscall_64+0x3b/0x90 [ 231.991342] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 231.992067] RIP: 0033:0x7f4b87518a4d [ 231.992636] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 231.993619] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 231.994687] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 231.995678] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 231.996629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 231.997805] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 231.998816] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 231.999824] [ 232.000158] irq event stamp: 0 [ 232.000586] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.001544] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.002839] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.003995] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.004837] ---[ end trace 0000000000000000 ]--- [ 232.012317] ------------[ cut here ]------------ [ 232.013045] WARNING: CPU: 1 PID: 2216 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.014717] Modules linked in: [ 232.015214] CPU: 1 PID: 2216 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.016366] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.017978] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.018869] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.021336] RSP: 0018:ffff8880143a7bb8 EFLAGS: 00010246 [ 232.022107] RAX: 0000000000000000 RBX: ffff888012b2a0a8 RCX: 0000000000000000 [ 232.023488] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 232.024512] RBP: ffff8880143a7bd0 R08: ffffed1002565433 R09: ffffed1002565433 [ 232.025489] R10: ffff888012b2a193 R11: ffffed1002565432 R12: ffff888014580800 [ 232.026879] R13: ffff888012b2a1e8 R14: ffffffff8352e670 R15: ffff8880143a7e68 [ 232.027857] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.028925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.029700] CR2: 00007f4b877410e8 CR3: 00000000144ea000 CR4: 0000000000750ee0 [ 232.031096] PKRU: 55555554 [ 232.031528] Call Trace: [ 232.031880] [ 232.032189] __iommufd_access_detach+0x1c2/0x2b0 [ 232.032852] iommufd_access_change_pt+0x149/0x270 [ 232.033518] iommufd_access_replace+0xb4/0x120 [ 232.034155] iommufd_test+0x3e5/0x37e0 [ 232.034988] ? lock_release+0x532/0x770 [ 232.035610] ? __might_fault+0x102/0x1b0 [ 232.036190] ? lock_acquire+0x427/0x4c0 [ 232.036759] ? __pfx_iommufd_test+0x10/0x10 [ 232.037352] ? __pfx_lock_release+0x10/0x10 [ 232.038159] ? __pfx_lock_acquire+0x10/0x10 [ 232.038824] ? write_comp_data+0x2f/0x90 [ 232.039405] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.040069] ? write_comp_data+0x2f/0x90 [ 232.040789] iommufd_fops_ioctl+0x37d/0x510 [ 232.041376] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.042038] ? write_comp_data+0x2f/0x90 [ 232.042784] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.043513] __x64_sys_ioctl+0x1a3/0x230 [ 232.044079] do_syscall_64+0x3b/0x90 [ 232.044594] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.045352] RIP: 0033:0x7f4b8743ee5d [ 232.045923] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 232.048527] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 232.049535] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 232.050650] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 232.051603] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 232.052549] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 232.053661] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 232.054686] [ 232.055009] irq event stamp: 0 [ 232.055555] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.056456] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.057559] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.058853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.059710] ---[ end trace 0000000000000000 ]--- [ 232.065284] ------------[ cut here ]------------ [ 232.065973] WARNING: CPU: 1 PID: 2216 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.067435] Modules linked in: [ 232.067877] CPU: 1 PID: 2216 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.069023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.070493] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.071228] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.073623] RSP: 0018:ffff8880143a7bd0 EFLAGS: 00010246 [ 232.074350] RAX: 0000000000000000 RBX: ffff888012b2a0a8 RCX: 0000000000000000 [ 232.075385] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 232.076368] RBP: ffff8880143a7be8 R08: ffffed1002565433 R09: ffffed1002565433 [ 232.077339] R10: ffff888012b2a193 R11: ffffed1002565432 R12: ffff888013cfbc00 [ 232.078304] R13: ffff888012b2a1e8 R14: ffff888010d0f300 R15: 0000000000000000 [ 232.079399] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.080280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.080883] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 232.081623] PKRU: 55555554 [ 232.081919] Call Trace: [ 232.082187] [ 232.082428] iommufd_access_destroy_object+0x65/0x170 [ 232.083007] iommufd_object_destroy_user+0x18e/0x220 [ 232.083553] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 232.084153] iommufd_access_destroy+0x43/0x70 [ 232.084625] iommufd_test_staccess_release+0x8d/0xd0 [ 232.085156] __fput+0x26d/0xa40 [ 232.085514] ____fput+0x1e/0x30 [ 232.085867] task_work_run+0x1a4/0x2d0 [ 232.086282] ? __pfx_task_work_run+0x10/0x10 [ 232.086779] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.087303] ? switch_task_namespaces+0xa9/0xe0 [ 232.087798] do_exit+0xb17/0x2ef0 [ 232.088164] ? lock_acquire+0x427/0x4c0 [ 232.088587] ? __pfx_lock_release+0x10/0x10 [ 232.089040] ? __kasan_check_write+0x18/0x20 [ 232.089507] ? do_raw_spin_lock+0x132/0x2a0 [ 232.089955] ? __pfx_do_exit+0x10/0x10 [ 232.090365] ? debug_smp_processor_id+0x20/0x30 [ 232.090875] ? rcu_is_watching+0x19/0xb0 [ 232.091314] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.091793] ? trace_hardirqs_on+0x26/0x120 [ 232.092243] do_group_exit+0xe0/0x2b0 [ 232.092639] __x64_sys_exit_group+0x47/0x50 [ 232.093160] do_syscall_64+0x3b/0x90 [ 232.093552] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.094093] RIP: 0033:0x7f4b87518a4d [ 232.094485] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.095161] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.095949] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.096675] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.097418] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.098147] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.098906] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.099659] [ 232.099898] irq event stamp: 0 [ 232.100221] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.100873] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.101729] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.102612] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.103288] ---[ end trace 0000000000000000 ]--- [ 232.104185] ------------[ cut here ]------------ [ 232.104685] WARNING: CPU: 1 PID: 2216 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 232.105740] Modules linked in: [ 232.106082] CPU: 1 PID: 2216 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.107037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.108242] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 232.108779] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 232.110891] RSP: 0018:ffff8880143a7b78 EFLAGS: 00010246 [ 232.111463] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 232.112189] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 232.112925] RBP: ffff8880143a7b98 R08: ffffed100256543e R09: ffffed100256543e [ 232.113660] R10: ffff888012b2a1ef R11: ffffed100256543d R12: ffff888012b2a290 [ 232.114387] R13: ffff888012b2a0a8 R14: ffffffffffffffff R15: ffff8880143a7c60 [ 232.115157] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.116007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.116612] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 232.117345] PKRU: 55555554 [ 232.117637] Call Trace: [ 232.117906] [ 232.118145] iommufd_ioas_destroy+0x53/0x70 [ 232.118634] iommufd_fops_release+0x1f7/0x370 [ 232.119100] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.119644] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.120158] ? write_comp_data+0x2f/0x90 [ 232.120588] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.121107] __fput+0x26d/0xa40 [ 232.121467] ____fput+0x1e/0x30 [ 232.121821] task_work_run+0x1a4/0x2d0 [ 232.122238] ? __pfx_task_work_run+0x10/0x10 [ 232.122744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.123288] ? switch_task_namespaces+0xa9/0xe0 [ 232.123798] do_exit+0xb17/0x2ef0 [ 232.124170] ? lock_acquire+0x427/0x4c0 [ 232.124593] ? __pfx_lock_release+0x10/0x10 [ 232.125127] ? __kasan_check_write+0x18/0x20 [ 232.125588] ? do_raw_spin_lock+0x132/0x2a0 [ 232.126039] ? __pfx_do_exit+0x10/0x10 [ 232.126451] ? debug_smp_processor_id+0x20/0x30 [ 232.126986] ? rcu_is_watching+0x19/0xb0 [ 232.127430] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.127912] ? trace_hardirqs_on+0x26/0x120 [ 232.128369] do_group_exit+0xe0/0x2b0 [ 232.128765] __x64_sys_exit_group+0x47/0x50 [ 232.129208] do_syscall_64+0x3b/0x90 [ 232.129609] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.130148] RIP: 0033:0x7f4b87518a4d [ 232.130583] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.131238] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.132016] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.132746] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.133476] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.134201] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.134961] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.135715] [ 232.135957] irq event stamp: 0 [ 232.136284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.136933] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.137786] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.138670] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.139349] ---[ end trace 0000000000000000 ]--- [ 232.144910] ------------[ cut here ]------------ [ 232.145475] WARNING: CPU: 1 PID: 2217 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.146586] Modules linked in: [ 232.146920] CPU: 1 PID: 2217 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.147855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.149027] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.149558] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.151508] RSP: 0018:ffff888015cffbb8 EFLAGS: 00010246 [ 232.152079] RAX: 0000000000000000 RBX: ffff8880165310a8 RCX: 0000000000000000 [ 232.152816] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 232.153570] RBP: ffff888015cffbd0 R08: ffffed1002ca6233 R09: ffffed1002ca6233 [ 232.154318] R10: ffff888016531193 R11: ffffed1002ca6232 R12: ffff888010e01c00 [ 232.155090] R13: ffff8880165311e8 R14: ffffffff8352e670 R15: ffff888015cffe68 [ 232.155863] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.156697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.157387] CR2: 0000000020000140 CR3: 000000001412a000 CR4: 0000000000750ee0 [ 232.158127] PKRU: 55555554 [ 232.158423] Call Trace: [ 232.158731] [ 232.158969] __iommufd_access_detach+0x1c2/0x2b0 [ 232.159498] iommufd_access_change_pt+0x149/0x270 [ 232.160020] iommufd_access_replace+0xb4/0x120 [ 232.160518] iommufd_test+0x3e5/0x37e0 [ 232.160927] ? lock_release+0x532/0x770 [ 232.161355] ? __might_fault+0x102/0x1b0 [ 232.161786] ? lock_acquire+0x427/0x4c0 [ 232.162212] ? __pfx_iommufd_test+0x10/0x10 [ 232.162708] ? __pfx_lock_release+0x10/0x10 [ 232.163193] ? __pfx_lock_acquire+0x10/0x10 [ 232.163659] ? write_comp_data+0x2f/0x90 [ 232.164099] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.164615] ? write_comp_data+0x2f/0x90 [ 232.165059] iommufd_fops_ioctl+0x37d/0x510 [ 232.165526] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.166036] ? write_comp_data+0x2f/0x90 [ 232.166469] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.167011] __x64_sys_ioctl+0x1a3/0x230 [ 232.167458] do_syscall_64+0x3b/0x90 [ 232.167861] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.168415] RIP: 0033:0x7f4b8743ee5d [ 232.168805] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 232.170736] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 232.171562] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 232.172308] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 232.173053] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 232.173791] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 232.174561] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 232.175343] [ 232.175594] irq event stamp: 0 [ 232.175938] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.176598] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.177464] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.178323] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.179006] ---[ end trace 0000000000000000 ]--- [ 232.182312] ------------[ cut here ]------------ [ 232.182879] WARNING: CPU: 1 PID: 2217 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.183947] Modules linked in: [ 232.184283] CPU: 1 PID: 2217 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.185184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.186363] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.186938] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.188843] RSP: 0018:ffff888015cffbd0 EFLAGS: 00010246 [ 232.189487] RAX: 0000000000000000 RBX: ffff8880165310a8 RCX: 0000000000000000 [ 232.190230] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 232.191005] RBP: ffff888015cffbe8 R08: ffffed1002ca6233 R09: ffffed1002ca6233 [ 232.191767] R10: ffff888016531193 R11: ffffed1002ca6232 R12: ffff888014581c00 [ 232.192511] R13: ffff8880165311e8 R14: ffff88801344b800 R15: 0000000000000000 [ 232.193262] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.194092] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.194717] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.195472] PKRU: 55555554 [ 232.195768] Call Trace: [ 232.196036] [ 232.196274] iommufd_access_destroy_object+0x65/0x170 [ 232.196820] iommufd_object_destroy_user+0x18e/0x220 [ 232.197357] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 232.197983] iommufd_access_destroy+0x43/0x70 [ 232.198467] iommufd_test_staccess_release+0x8d/0xd0 [ 232.199036] __fput+0x26d/0xa40 [ 232.199413] ____fput+0x1e/0x30 [ 232.199767] task_work_run+0x1a4/0x2d0 [ 232.200189] ? __pfx_task_work_run+0x10/0x10 [ 232.200658] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.201173] ? switch_task_namespaces+0xa9/0xe0 [ 232.201680] do_exit+0xb17/0x2ef0 [ 232.202042] ? lock_acquire+0x427/0x4c0 [ 232.202464] ? __pfx_lock_release+0x10/0x10 [ 232.202946] ? __kasan_check_write+0x18/0x20 [ 232.203441] ? do_raw_spin_lock+0x132/0x2a0 [ 232.203906] ? __pfx_do_exit+0x10/0x10 [ 232.204325] ? debug_smp_processor_id+0x20/0x30 [ 232.204812] ? rcu_is_watching+0x19/0xb0 [ 232.205261] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.205749] ? trace_hardirqs_on+0x26/0x120 [ 232.206219] do_group_exit+0xe0/0x2b0 [ 232.206658] __x64_sys_exit_group+0x47/0x50 [ 232.207112] do_syscall_64+0x3b/0x90 [ 232.207526] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.208072] RIP: 0033:0x7f4b87518a4d [ 232.208456] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.209095] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.209890] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.210653] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.211409] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.212163] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.212918] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.213682] [ 232.213939] irq event stamp: 0 [ 232.214274] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.214980] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.215869] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.216739] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.217397] ---[ end trace 0000000000000000 ]--- [ 232.218300] ------------[ cut here ]------------ [ 232.218837] WARNING: CPU: 1 PID: 2217 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 232.219947] Modules linked in: [ 232.220291] CPU: 1 PID: 2217 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.221269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.222443] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 232.223027] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 232.224942] RSP: 0018:ffff888015cffb78 EFLAGS: 00010246 [ 232.225500] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 232.226237] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 232.227003] RBP: ffff888015cffb98 R08: ffffed1002ca623e R09: ffffed1002ca623e [ 232.227768] R10: ffff8880165311ef R11: ffffed1002ca623d R12: ffff888016531290 [ 232.228505] R13: ffff8880165310a8 R14: ffffffffffffffff R15: ffff888015cffc60 [ 232.229245] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.230078] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.230708] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.231472] PKRU: 55555554 [ 232.231773] Call Trace: [ 232.232044] [ 232.232285] iommufd_ioas_destroy+0x53/0x70 [ 232.232746] iommufd_fops_release+0x1f7/0x370 [ 232.233212] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.233729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.234244] ? write_comp_data+0x2f/0x90 [ 232.234719] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.235278] __fput+0x26d/0xa40 [ 232.235641] ____fput+0x1e/0x30 [ 232.235995] task_work_run+0x1a4/0x2d0 [ 232.236417] ? __pfx_task_work_run+0x10/0x10 [ 232.236888] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.237569] ? switch_task_namespaces+0xa9/0xe0 [ 232.238281] do_exit+0xb17/0x2ef0 [ 232.238685] ? lock_acquire+0x427/0x4c0 [ 232.239107] ? __pfx_lock_release+0x10/0x10 [ 232.239574] ? __kasan_check_write+0x18/0x20 [ 232.240034] ? do_raw_spin_lock+0x132/0x2a0 [ 232.240483] ? __pfx_do_exit+0x10/0x10 [ 232.240911] ? debug_smp_processor_id+0x20/0x30 [ 232.241414] ? rcu_is_watching+0x19/0xb0 [ 232.241929] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.242565] ? trace_hardirqs_on+0x26/0x120 [ 232.243192] do_group_exit+0xe0/0x2b0 [ 232.243605] __x64_sys_exit_group+0x47/0x50 [ 232.244058] do_syscall_64+0x3b/0x90 [ 232.244452] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.245000] RIP: 0033:0x7f4b87518a4d [ 232.245395] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.246037] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.246878] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.247620] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.248350] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.249129] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.250171] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.250941] [ 232.251194] irq event stamp: 0 [ 232.251520] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.252177] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.253095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.253953] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.254654] ---[ end trace 0000000000000000 ]--- [ 232.260465] ------------[ cut here ]------------ [ 232.261003] WARNING: CPU: 1 PID: 2218 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.262394] Modules linked in: [ 232.262906] CPU: 1 PID: 2218 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.263815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.264974] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.265498] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.267446] RSP: 0018:ffff888021abfbb8 EFLAGS: 00010246 [ 232.268015] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 232.268975] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 232.270027] RBP: ffff888021abfbd0 R08: ffffed1001702333 R09: ffffed1001702333 [ 232.270797] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff888017066800 [ 232.271549] R13: ffff88800b8119e8 R14: ffffffff8352e670 R15: ffff888021abfe68 [ 232.272290] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.273120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.273719] CR2: 0000000020000140 CR3: 0000000020f3c000 CR4: 0000000000750ee0 [ 232.274445] PKRU: 55555554 [ 232.274887] Call Trace: [ 232.275273] [ 232.275520] __iommufd_access_detach+0x1c2/0x2b0 [ 232.276199] iommufd_access_change_pt+0x149/0x270 [ 232.276711] iommufd_access_replace+0xb4/0x120 [ 232.277196] iommufd_test+0x3e5/0x37e0 [ 232.277607] ? lock_release+0x532/0x770 [ 232.278026] ? __might_fault+0x102/0x1b0 [ 232.278452] ? lock_acquire+0x427/0x4c0 [ 232.278901] ? __pfx_iommufd_test+0x10/0x10 [ 232.279359] ? __pfx_lock_release+0x10/0x10 [ 232.279814] ? __pfx_lock_acquire+0x10/0x10 [ 232.280275] ? write_comp_data+0x2f/0x90 [ 232.280707] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.281208] ? write_comp_data+0x2f/0x90 [ 232.281639] iommufd_fops_ioctl+0x37d/0x510 [ 232.282135] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.282888] ? write_comp_data+0x2f/0x90 [ 232.283495] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.284000] __x64_sys_ioctl+0x1a3/0x230 [ 232.284437] do_syscall_64+0x3b/0x90 [ 232.284838] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.285464] RIP: 0033:0x7f4b8743ee5d [ 232.285852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 232.287783] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 232.288570] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 232.289413] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 232.290464] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 232.291240] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 232.291973] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 232.292710] [ 232.292954] irq event stamp: 0 [ 232.293279] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.293925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.294811] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.296044] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.296695] ---[ end trace 0000000000000000 ]--- [ 232.299931] ------------[ cut here ]------------ [ 232.300561] WARNING: CPU: 1 PID: 2218 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.301826] Modules linked in: [ 232.302168] CPU: 1 PID: 2218 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.303106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.304282] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.304801] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.307055] RSP: 0018:ffff888021abfbd0 EFLAGS: 00010246 [ 232.307626] RAX: 0000000000000000 RBX: ffff88800b8118a8 RCX: 0000000000000000 [ 232.308362] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 232.309106] RBP: ffff888021abfbe8 R08: ffffed1001702333 R09: ffffed1001702333 [ 232.309843] R10: ffff88800b811993 R11: ffffed1001702332 R12: ffff888010e03c00 [ 232.310674] R13: ffff88800b8119e8 R14: ffff88800f03bc00 R15: 0000000000000000 [ 232.311628] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.312454] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.313055] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.313800] PKRU: 55555554 [ 232.314098] Call Trace: [ 232.314368] [ 232.314640] iommufd_access_destroy_object+0x65/0x170 [ 232.315210] iommufd_object_destroy_user+0x18e/0x220 [ 232.315741] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 232.316352] iommufd_access_destroy+0x43/0x70 [ 232.316903] iommufd_test_staccess_release+0x8d/0xd0 [ 232.317711] __fput+0x26d/0xa40 [ 232.318079] ____fput+0x1e/0x30 [ 232.318442] task_work_run+0x1a4/0x2d0 [ 232.318903] ? __pfx_task_work_run+0x10/0x10 [ 232.319386] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.319908] ? switch_task_namespaces+0xa9/0xe0 [ 232.320404] do_exit+0xb17/0x2ef0 [ 232.320773] ? lock_acquire+0x427/0x4c0 [ 232.321205] ? __pfx_lock_release+0x10/0x10 [ 232.321666] ? __kasan_check_write+0x18/0x20 [ 232.322249] ? do_raw_spin_lock+0x132/0x2a0 [ 232.322940] ? __pfx_do_exit+0x10/0x10 [ 232.323382] ? debug_smp_processor_id+0x20/0x30 [ 232.323890] ? rcu_is_watching+0x19/0xb0 [ 232.324322] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.324799] ? trace_hardirqs_on+0x26/0x120 [ 232.325258] do_group_exit+0xe0/0x2b0 [ 232.325663] __x64_sys_exit_group+0x47/0x50 [ 232.326111] do_syscall_64+0x3b/0x90 [ 232.326553] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.327105] RIP: 0033:0x7f4b87518a4d [ 232.327513] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.328284] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.329173] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.329941] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.330738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.331522] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.332491] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.333248] [ 232.333495] irq event stamp: 0 [ 232.333824] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.334485] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.335527] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.336497] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.337158] ---[ end trace 0000000000000000 ]--- [ 232.338036] ------------[ cut here ]------------ [ 232.338692] WARNING: CPU: 1 PID: 2218 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 232.339806] Modules linked in: [ 232.340147] CPU: 1 PID: 2218 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.341062] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.342363] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 232.343002] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 232.344950] RSP: 0018:ffff888021abfb78 EFLAGS: 00010246 [ 232.345510] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 232.346251] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 232.347032] RBP: ffff888021abfb98 R08: ffffed100170233e R09: ffffed100170233e [ 232.347858] R10: ffff88800b8119ef R11: ffffed100170233d R12: ffff88800b811a90 [ 232.348868] R13: ffff88800b8118a8 R14: ffffffffffffffff R15: ffff888021abfc60 [ 232.349686] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.350573] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.351207] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.351961] PKRU: 55555554 [ 232.352261] Call Trace: [ 232.352534] [ 232.352804] iommufd_ioas_destroy+0x53/0x70 [ 232.353432] iommufd_fops_release+0x1f7/0x370 [ 232.354083] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.354653] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.355200] ? write_comp_data+0x2f/0x90 [ 232.355642] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.356176] __fput+0x26d/0xa40 [ 232.356539] ____fput+0x1e/0x30 [ 232.356895] task_work_run+0x1a4/0x2d0 [ 232.357310] ? __pfx_task_work_run+0x10/0x10 [ 232.357772] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.358288] ? switch_task_namespaces+0xa9/0xe0 [ 232.358980] do_exit+0xb17/0x2ef0 [ 232.359518] ? lock_acquire+0x427/0x4c0 [ 232.359949] ? __pfx_lock_release+0x10/0x10 [ 232.360412] ? __kasan_check_write+0x18/0x20 [ 232.360879] ? do_raw_spin_lock+0x132/0x2a0 [ 232.361339] ? __pfx_do_exit+0x10/0x10 [ 232.361773] ? debug_smp_processor_id+0x20/0x30 [ 232.362277] ? rcu_is_watching+0x19/0xb0 [ 232.362754] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.363269] ? trace_hardirqs_on+0x26/0x120 [ 232.363737] do_group_exit+0xe0/0x2b0 [ 232.364142] __x64_sys_exit_group+0x47/0x50 [ 232.364592] do_syscall_64+0x3b/0x90 [ 232.365125] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.365943] RIP: 0033:0x7f4b87518a4d [ 232.366344] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.367045] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.367856] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.368615] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.369363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.370108] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.371110] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.372011] [ 232.372260] irq event stamp: 0 [ 232.372591] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.373255] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.374141] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.375055] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.375734] ---[ end trace 0000000000000000 ]--- [ 232.381493] ------------[ cut here ]------------ [ 232.382149] WARNING: CPU: 1 PID: 2219 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.383717] Modules linked in: [ 232.384070] CPU: 1 PID: 2219 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.384984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.386157] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.386715] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.388930] RSP: 0018:ffff888012d87bb8 EFLAGS: 00010246 [ 232.389496] RAX: 0000000000000000 RBX: ffff8880143a18a8 RCX: 0000000000000000 [ 232.390230] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 232.391005] RBP: ffff888012d87bd0 R08: ffffed1002874333 R09: ffffed1002874333 [ 232.391754] R10: ffff8880143a1993 R11: ffffed1002874332 R12: ffff8880142a5c00 [ 232.392501] R13: ffff8880143a19e8 R14: ffffffff8352e670 R15: ffff888012d87e68 [ 232.393453] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.394424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.395104] CR2: 0000000020000140 CR3: 0000000013d5e000 CR4: 0000000000750ee0 [ 232.395881] PKRU: 55555554 [ 232.396178] Call Trace: [ 232.396445] [ 232.396682] __iommufd_access_detach+0x1c2/0x2b0 [ 232.397198] iommufd_access_change_pt+0x149/0x270 [ 232.397715] iommufd_access_replace+0xb4/0x120 [ 232.398340] iommufd_test+0x3e5/0x37e0 [ 232.398991] ? lock_release+0x532/0x770 [ 232.399440] ? __might_fault+0x102/0x1b0 [ 232.399879] ? lock_acquire+0x427/0x4c0 [ 232.400307] ? __pfx_iommufd_test+0x10/0x10 [ 232.400762] ? __pfx_lock_release+0x10/0x10 [ 232.401226] ? __pfx_lock_acquire+0x10/0x10 [ 232.401686] ? write_comp_data+0x2f/0x90 [ 232.402118] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.402662] ? write_comp_data+0x2f/0x90 [ 232.403094] iommufd_fops_ioctl+0x37d/0x510 [ 232.403575] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.404107] ? write_comp_data+0x2f/0x90 [ 232.404703] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.405431] __x64_sys_ioctl+0x1a3/0x230 [ 232.405871] do_syscall_64+0x3b/0x90 [ 232.406275] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.406869] RIP: 0033:0x7f4b8743ee5d [ 232.407275] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 232.409196] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 232.410083] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 232.411219] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 232.411974] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 232.412721] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 232.413547] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 232.414306] [ 232.414600] irq event stamp: 0 [ 232.414935] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.415619] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.416736] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.417774] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.418433] ---[ end trace 0000000000000000 ]--- [ 232.421714] ------------[ cut here ]------------ [ 232.422329] WARNING: CPU: 1 PID: 2219 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.423472] Modules linked in: [ 232.423815] CPU: 1 PID: 2219 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.424725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.425915] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.426672] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.428718] RSP: 0018:ffff888012d87bd0 EFLAGS: 00010246 [ 232.429291] RAX: 0000000000000000 RBX: ffff8880143a18a8 RCX: 0000000000000000 [ 232.430037] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 232.430815] RBP: ffff888012d87be8 R08: ffffed1002874333 R09: ffffed1002874333 [ 232.431917] R10: ffff8880143a1993 R11: ffffed1002874332 R12: ffff888017067c00 [ 232.432692] R13: ffff8880143a19e8 R14: ffff888018b99400 R15: 0000000000000000 [ 232.433444] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.434283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.434928] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.435688] PKRU: 55555554 [ 232.435988] Call Trace: [ 232.436257] [ 232.436494] iommufd_access_destroy_object+0x65/0x170 [ 232.437180] iommufd_object_destroy_user+0x18e/0x220 [ 232.437901] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 232.438561] iommufd_access_destroy+0x43/0x70 [ 232.439053] iommufd_test_staccess_release+0x8d/0xd0 [ 232.439607] __fput+0x26d/0xa40 [ 232.439980] ____fput+0x1e/0x30 [ 232.440340] task_work_run+0x1a4/0x2d0 [ 232.440765] ? __pfx_task_work_run+0x10/0x10 [ 232.441245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.441766] ? switch_task_namespaces+0xa9/0xe0 [ 232.442278] do_exit+0xb17/0x2ef0 [ 232.442769] ? lock_acquire+0x427/0x4c0 [ 232.443421] ? __pfx_lock_release+0x10/0x10 [ 232.443890] ? __kasan_check_write+0x18/0x20 [ 232.444365] ? do_raw_spin_lock+0x132/0x2a0 [ 232.444820] ? __pfx_do_exit+0x10/0x10 [ 232.445304] ? debug_smp_processor_id+0x20/0x30 [ 232.445795] ? rcu_is_watching+0x19/0xb0 [ 232.446224] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.446746] ? trace_hardirqs_on+0x26/0x120 [ 232.447225] do_group_exit+0xe0/0x2b0 [ 232.447630] __x64_sys_exit_group+0x47/0x50 [ 232.448081] do_syscall_64+0x3b/0x90 [ 232.448480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.449234] RIP: 0033:0x7f4b87518a4d [ 232.449791] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.450433] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.451287] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.452029] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.452764] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.453501] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.454407] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.455363] [ 232.455620] irq event stamp: 0 [ 232.455955] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.456618] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.457491] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.458360] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.459083] ---[ end trace 0000000000000000 ]--- [ 232.460251] ------------[ cut here ]------------ [ 232.460758] WARNING: CPU: 1 PID: 2219 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 232.461836] Modules linked in: [ 232.462181] CPU: 1 PID: 2219 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.463152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.464348] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 232.465045] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 232.467172] RSP: 0018:ffff888012d87b78 EFLAGS: 00010246 [ 232.467736] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 232.468473] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 232.469221] RBP: ffff888012d87b98 R08: ffffed100287433e R09: ffffed100287433e [ 232.470094] R10: ffff8880143a19ef R11: ffffed100287433d R12: ffff8880143a1a90 [ 232.471101] R13: ffff8880143a18a8 R14: ffffffffffffffff R15: ffff888012d87c60 [ 232.471868] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.472718] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.473325] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.474079] PKRU: 55555554 [ 232.474387] Call Trace: [ 232.474707] [ 232.474950] iommufd_ioas_destroy+0x53/0x70 [ 232.475458] iommufd_fops_release+0x1f7/0x370 [ 232.476094] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.476757] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.477345] ? write_comp_data+0x2f/0x90 [ 232.477793] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.478330] __fput+0x26d/0xa40 [ 232.478733] ____fput+0x1e/0x30 [ 232.479091] task_work_run+0x1a4/0x2d0 [ 232.479525] ? __pfx_task_work_run+0x10/0x10 [ 232.479993] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.480509] ? switch_task_namespaces+0xa9/0xe0 [ 232.481013] do_exit+0xb17/0x2ef0 [ 232.481533] ? lock_acquire+0x427/0x4c0 [ 232.482166] ? __pfx_lock_release+0x10/0x10 [ 232.482664] ? __kasan_check_write+0x18/0x20 [ 232.483148] ? do_raw_spin_lock+0x132/0x2a0 [ 232.483611] ? __pfx_do_exit+0x10/0x10 [ 232.484033] ? debug_smp_processor_id+0x20/0x30 [ 232.484528] ? rcu_is_watching+0x19/0xb0 [ 232.484955] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.485433] ? trace_hardirqs_on+0x26/0x120 [ 232.485900] do_group_exit+0xe0/0x2b0 [ 232.486374] __x64_sys_exit_group+0x47/0x50 [ 232.487112] do_syscall_64+0x3b/0x90 [ 232.487541] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.488091] RIP: 0033:0x7f4b87518a4d [ 232.488482] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.489123] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.489922] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.490700] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.491476] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.492397] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.493362] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.494124] [ 232.494378] irq event stamp: 0 [ 232.494746] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.495434] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.496331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.497211] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.498025] ---[ end trace 0000000000000000 ]--- [ 232.505793] ------------[ cut here ]------------ [ 232.506377] WARNING: CPU: 0 PID: 2220 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.507817] Modules linked in: [ 232.508182] CPU: 0 PID: 2220 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.509137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.510378] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.510965] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.512989] RSP: 0018:ffff888014737bb8 EFLAGS: 00010246 [ 232.513576] RAX: 0000000000000000 RBX: ffff8880245ea8a8 RCX: 0000000000000000 [ 232.514358] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 232.515171] RBP: ffff888014737bd0 R08: ffffed10048bd533 R09: ffffed10048bd533 [ 232.515952] R10: ffff8880245ea993 R11: ffffed10048bd532 R12: ffff888020fecc00 [ 232.516741] R13: ffff8880245ea9e8 R14: ffffffff8352e670 R15: ffff888014737e68 [ 232.517520] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 232.518397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.519080] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ef0 [ 232.519890] PKRU: 55555554 [ 232.520206] Call Trace: [ 232.520492] [ 232.520743] __iommufd_access_detach+0x1c2/0x2b0 [ 232.521285] iommufd_access_change_pt+0x149/0x270 [ 232.521820] iommufd_access_replace+0xb4/0x120 [ 232.522326] iommufd_test+0x3e5/0x37e0 [ 232.522790] ? lock_release+0x532/0x770 [ 232.523269] ? __might_fault+0x102/0x1b0 [ 232.523730] ? lock_acquire+0x427/0x4c0 [ 232.524176] ? __pfx_iommufd_test+0x10/0x10 [ 232.524647] ? __pfx_lock_release+0x10/0x10 [ 232.525131] ? __pfx_lock_acquire+0x10/0x10 [ 232.525617] ? write_comp_data+0x2f/0x90 [ 232.526073] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.526647] ? write_comp_data+0x2f/0x90 [ 232.527110] iommufd_fops_ioctl+0x37d/0x510 [ 232.527610] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.528146] ? write_comp_data+0x2f/0x90 [ 232.528613] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.529159] __x64_sys_ioctl+0x1a3/0x230 [ 232.529632] do_syscall_64+0x3b/0x90 [ 232.530048] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.530664] RIP: 0033:0x7f4b8743ee5d [ 232.531089] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 232.533104] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 232.533943] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 232.534757] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 232.535549] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 232.536338] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 232.537114] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 232.537898] [ 232.538152] irq event stamp: 0 [ 232.538534] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.539254] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.540173] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.541084] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.541770] ---[ end trace 0000000000000000 ]--- [ 232.547386] ------------[ cut here ]------------ [ 232.547997] WARNING: CPU: 0 PID: 2220 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.549344] Modules linked in: [ 232.549704] CPU: 0 PID: 2220 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.550937] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.552202] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.552762] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.554808] RSP: 0018:ffff888014737bd0 EFLAGS: 00010246 [ 232.555438] RAX: 0000000000000000 RBX: ffff8880245ea8a8 RCX: 0000000000000000 [ 232.556219] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 232.557002] RBP: ffff888014737be8 R08: ffffed10048bd533 R09: ffffed10048bd533 [ 232.557781] R10: ffff8880245ea993 R11: ffffed10048bd532 R12: ffff88800f797000 [ 232.558585] R13: ffff8880245ea9e8 R14: ffff888020a72a00 R15: 0000000000000000 [ 232.559384] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 232.560278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.560912] CR2: 00007f4b877410e8 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 232.561681] PKRU: 55555554 [ 232.561992] Call Trace: [ 232.562271] [ 232.562552] iommufd_access_destroy_object+0x65/0x170 [ 232.563136] iommufd_object_destroy_user+0x18e/0x220 [ 232.563697] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 232.564332] iommufd_access_destroy+0x43/0x70 [ 232.564827] iommufd_test_staccess_release+0x8d/0xd0 [ 232.565393] __fput+0x26d/0xa40 [ 232.565774] ____fput+0x1e/0x30 [ 232.566139] task_work_run+0x1a4/0x2d0 [ 232.566605] ? __pfx_task_work_run+0x10/0x10 [ 232.567092] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.567647] ? switch_task_namespaces+0xa9/0xe0 [ 232.568169] do_exit+0xb17/0x2ef0 [ 232.568548] ? lock_acquire+0x427/0x4c0 [ 232.568984] ? __pfx_lock_release+0x10/0x10 [ 232.569455] ? __kasan_check_write+0x18/0x20 [ 232.569931] ? do_raw_spin_lock+0x132/0x2a0 [ 232.570397] ? __pfx_do_exit+0x10/0x10 [ 232.570855] ? debug_smp_processor_id+0x20/0x30 [ 232.571402] ? rcu_is_watching+0x19/0xb0 [ 232.571852] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.572341] ? trace_hardirqs_on+0x26/0x120 [ 232.572815] do_group_exit+0xe0/0x2b0 [ 232.573229] __x64_sys_exit_group+0x47/0x50 [ 232.573692] do_syscall_64+0x3b/0x90 [ 232.574102] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.574691] RIP: 0033:0x7f4b87518a4d [ 232.575099] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.575770] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.576608] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.577374] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.578139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.578935] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.579718] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.580490] [ 232.580740] irq event stamp: 0 [ 232.581078] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.581757] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.582674] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.583576] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.584253] ---[ end trace 0000000000000000 ]--- [ 232.585219] ------------[ cut here ]------------ [ 232.585873] WARNING: CPU: 0 PID: 2220 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 232.586959] Modules linked in: [ 232.587314] CPU: 0 PID: 2220 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.588434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.589581] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 232.590318] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 232.592300] RSP: 0018:ffff888014737b78 EFLAGS: 00010246 [ 232.592965] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 232.593685] RDX: 0000000000000000 RSI: ffff8880173b4a00 RDI: 0000000000000002 [ 232.594476] RBP: ffff888014737b98 R08: ffffed10048bd53e R09: ffffed10048bd53e [ 232.595371] R10: ffff8880245ea9ef R11: ffffed10048bd53d R12: ffff8880245eaa90 [ 232.596093] R13: ffff8880245ea8a8 R14: ffffffffffffffff R15: ffff888014737c60 [ 232.596887] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 232.597830] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.598422] CR2: 00007f4b877410e8 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 232.599378] PKRU: 55555554 [ 232.599680] Call Trace: [ 232.599943] [ 232.600173] iommufd_ioas_destroy+0x53/0x70 [ 232.600623] iommufd_fops_release+0x1f7/0x370 [ 232.601121] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.601787] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.602294] ? write_comp_data+0x2f/0x90 [ 232.602744] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.603276] __fput+0x26d/0xa40 [ 232.603707] ____fput+0x1e/0x30 [ 232.604195] task_work_run+0x1a4/0x2d0 [ 232.604612] ? __pfx_task_work_run+0x10/0x10 [ 232.605071] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.605608] ? switch_task_namespaces+0xa9/0xe0 [ 232.606252] do_exit+0xb17/0x2ef0 [ 232.606645] ? lock_acquire+0x427/0x4c0 [ 232.607067] ? __pfx_lock_release+0x10/0x10 [ 232.607527] ? __kasan_check_write+0x18/0x20 [ 232.608013] ? do_raw_spin_lock+0x132/0x2a0 [ 232.608640] ? __pfx_do_exit+0x10/0x10 [ 232.609059] ? debug_smp_processor_id+0x20/0x30 [ 232.609545] ? rcu_is_watching+0x19/0xb0 [ 232.609967] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.610746] ? trace_hardirqs_on+0x26/0x120 [ 232.611259] do_group_exit+0xe0/0x2b0 [ 232.611683] __x64_sys_exit_group+0x47/0x50 [ 232.612148] do_syscall_64+0x3b/0x90 [ 232.612566] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.613393] RIP: 0033:0x7f4b87518a4d [ 232.613799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.614472] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.615355] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.616373] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.617140] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.618004] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.618952] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.619754] [ 232.620006] irq event stamp: 0 [ 232.620402] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.621231] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.622142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.623354] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.624041] ---[ end trace 0000000000000000 ]--- [ 232.628448] ------------[ cut here ]------------ [ 232.629182] WARNING: CPU: 1 PID: 2221 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.630206] Modules linked in: [ 232.630638] CPU: 1 PID: 2221 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.631745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.633081] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.633620] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.635758] RSP: 0018:ffff888015c37bb8 EFLAGS: 00010246 [ 232.636331] RAX: 0000000000000000 RBX: ffff8880145510a8 RCX: 0000000000000000 [ 232.637121] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 232.637856] RBP: ffff888015c37bd0 R08: ffffed10028aa233 R09: ffffed10028aa233 [ 232.638830] R10: ffff888014551193 R11: ffffed10028aa232 R12: ffff88800f109400 [ 232.639584] R13: ffff8880145511e8 R14: ffffffff8352e670 R15: ffff888015c37e68 [ 232.640318] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.641140] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.641745] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 232.642487] PKRU: 55555554 [ 232.642940] Call Trace: [ 232.643339] [ 232.643592] __iommufd_access_detach+0x1c2/0x2b0 [ 232.644103] iommufd_access_change_pt+0x149/0x270 [ 232.644612] iommufd_access_replace+0xb4/0x120 [ 232.645096] iommufd_test+0x3e5/0x37e0 [ 232.645504] ? lock_release+0x532/0x770 [ 232.645931] ? __might_fault+0x102/0x1b0 [ 232.646366] ? lock_acquire+0x427/0x4c0 [ 232.646850] ? __pfx_iommufd_test+0x10/0x10 [ 232.647331] ? __pfx_lock_release+0x10/0x10 [ 232.647790] ? __pfx_lock_acquire+0x10/0x10 [ 232.648251] ? write_comp_data+0x2f/0x90 [ 232.648752] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.649463] ? write_comp_data+0x2f/0x90 [ 232.650103] iommufd_fops_ioctl+0x37d/0x510 [ 232.650600] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.651111] ? write_comp_data+0x2f/0x90 [ 232.651558] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.652071] __x64_sys_ioctl+0x1a3/0x230 [ 232.652517] do_syscall_64+0x3b/0x90 [ 232.652923] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.653486] RIP: 0033:0x7f4b8743ee5d [ 232.653883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 232.656172] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 232.656983] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 232.657737] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 232.658494] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 232.659288] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 232.660104] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 232.661119] [ 232.661371] irq event stamp: 0 [ 232.661698] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.662359] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.663292] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.664161] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.664816] ---[ end trace 0000000000000000 ]--- [ 232.668502] ------------[ cut here ]------------ [ 232.669116] WARNING: CPU: 1 PID: 2221 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.670420] Modules linked in: [ 232.670971] CPU: 1 PID: 2221 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.671899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.673085] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.673616] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.675947] RSP: 0018:ffff888015c37bd0 EFLAGS: 00010246 [ 232.676524] RAX: 0000000000000000 RBX: ffff8880145510a8 RCX: 0000000000000000 [ 232.677275] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 232.678030] RBP: ffff888015c37be8 R08: ffffed10028aa233 R09: ffffed10028aa233 [ 232.678818] R10: ffff888014551193 R11: ffffed10028aa232 R12: ffff8880142a4c00 [ 232.679588] R13: ffff8880145511e8 R14: ffff888020e04700 R15: 0000000000000000 [ 232.680335] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.681432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.682220] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.683003] PKRU: 55555554 [ 232.683333] Call Trace: [ 232.683605] [ 232.683847] iommufd_access_destroy_object+0x65/0x170 [ 232.684398] iommufd_object_destroy_user+0x18e/0x220 [ 232.684938] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 232.685553] iommufd_access_destroy+0x43/0x70 [ 232.686037] iommufd_test_staccess_release+0x8d/0xd0 [ 232.686698] __fput+0x26d/0xa40 [ 232.687241] ____fput+0x1e/0x30 [ 232.687617] task_work_run+0x1a4/0x2d0 [ 232.688043] ? __pfx_task_work_run+0x10/0x10 [ 232.688514] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.689041] ? switch_task_namespaces+0xa9/0xe0 [ 232.689550] do_exit+0xb17/0x2ef0 [ 232.689915] ? lock_acquire+0x427/0x4c0 [ 232.690343] ? __pfx_lock_release+0x10/0x10 [ 232.690841] ? __kasan_check_write+0x18/0x20 [ 232.691325] ? do_raw_spin_lock+0x132/0x2a0 [ 232.691789] ? __pfx_do_exit+0x10/0x10 [ 232.692211] ? debug_smp_processor_id+0x20/0x30 [ 232.692934] ? rcu_is_watching+0x19/0xb0 [ 232.693385] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.693871] ? trace_hardirqs_on+0x26/0x120 [ 232.694341] do_group_exit+0xe0/0x2b0 [ 232.694783] __x64_sys_exit_group+0x47/0x50 [ 232.695266] do_syscall_64+0x3b/0x90 [ 232.695680] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.696453] RIP: 0033:0x7f4b87518a4d [ 232.696849] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.697503] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.698296] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.699151] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.700034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.700777] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.701600] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.702370] [ 232.702686] irq event stamp: 0 [ 232.703206] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.703874] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.704752] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.705624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.706393] ---[ end trace 0000000000000000 ]--- [ 232.707483] ------------[ cut here ]------------ [ 232.707989] WARNING: CPU: 1 PID: 2221 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 232.709072] Modules linked in: [ 232.709429] CPU: 1 PID: 2221 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.710601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.711816] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 232.712359] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 232.714297] RSP: 0018:ffff888015c37b78 EFLAGS: 00010246 [ 232.715169] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 232.715922] RDX: 0000000000000000 RSI: ffff888010060000 RDI: 0000000000000002 [ 232.716671] RBP: ffff888015c37b98 R08: ffffed10028aa23e R09: ffffed10028aa23e [ 232.717414] R10: ffff8880145511ef R11: ffffed10028aa23d R12: ffff888014551290 [ 232.718150] R13: ffff8880145510a8 R14: ffffffffffffffff R15: ffff888015c37c60 [ 232.718932] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.719789] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.720640] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.721528] PKRU: 55555554 [ 232.721828] Call Trace: [ 232.722104] [ 232.722344] iommufd_ioas_destroy+0x53/0x70 [ 232.722835] iommufd_fops_release+0x1f7/0x370 [ 232.723328] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.723864] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.724388] ? write_comp_data+0x2f/0x90 [ 232.724832] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.725408] __fput+0x26d/0xa40 [ 232.725913] ____fput+0x1e/0x30 [ 232.726437] task_work_run+0x1a4/0x2d0 [ 232.726907] ? __pfx_task_work_run+0x10/0x10 [ 232.727416] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.727944] ? switch_task_namespaces+0xa9/0xe0 [ 232.728453] do_exit+0xb17/0x2ef0 [ 232.728826] ? lock_acquire+0x427/0x4c0 [ 232.729261] ? __pfx_lock_release+0x10/0x10 [ 232.729738] ? __kasan_check_write+0x18/0x20 [ 232.730213] ? do_raw_spin_lock+0x132/0x2a0 [ 232.730817] ? __pfx_do_exit+0x10/0x10 [ 232.731410] ? debug_smp_processor_id+0x20/0x30 [ 232.731934] ? rcu_is_watching+0x19/0xb0 [ 232.732362] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.732838] ? trace_hardirqs_on+0x26/0x120 [ 232.733359] do_group_exit+0xe0/0x2b0 [ 232.733763] __x64_sys_exit_group+0x47/0x50 [ 232.734215] do_syscall_64+0x3b/0x90 [ 232.734644] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.735209] RIP: 0033:0x7f4b87518a4d [ 232.735604] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.736247] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.737342] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.738133] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.738921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.739689] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.740434] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.741193] [ 232.741437] irq event stamp: 0 [ 232.741826] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.742755] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.743644] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.744523] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.745198] ---[ end trace 0000000000000000 ]--- [ 232.749878] ------------[ cut here ]------------ [ 232.750441] WARNING: CPU: 1 PID: 2222 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.751595] Modules linked in: [ 232.752051] CPU: 1 PID: 2222 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.753234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.754417] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.754988] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.756922] RSP: 0018:ffff888016fa7bb8 EFLAGS: 00010246 [ 232.757604] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 232.758683] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 232.759444] RBP: ffff888016fa7bd0 R08: ffffed100173f833 R09: ffffed100173f833 [ 232.760197] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff88800b9b5c00 [ 232.760939] R13: ffff88800b9fc1e8 R14: ffffffff8352e670 R15: ffff888016fa7e68 [ 232.761679] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.762597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.763224] CR2: 0000000020000140 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 232.763990] PKRU: 55555554 [ 232.764305] Call Trace: [ 232.764599] [ 232.764841] __iommufd_access_detach+0x1c2/0x2b0 [ 232.765442] iommufd_access_change_pt+0x149/0x270 [ 232.765951] iommufd_access_replace+0xb4/0x120 [ 232.766440] iommufd_test+0x3e5/0x37e0 [ 232.766880] ? lock_release+0x532/0x770 [ 232.767323] ? __might_fault+0x102/0x1b0 [ 232.767759] ? lock_acquire+0x427/0x4c0 [ 232.768186] ? __pfx_iommufd_test+0x10/0x10 [ 232.768638] ? __pfx_lock_release+0x10/0x10 [ 232.769102] ? __pfx_lock_acquire+0x10/0x10 [ 232.769564] ? write_comp_data+0x2f/0x90 [ 232.769999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.770547] ? write_comp_data+0x2f/0x90 [ 232.770987] iommufd_fops_ioctl+0x37d/0x510 [ 232.771464] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.771989] ? write_comp_data+0x2f/0x90 [ 232.772440] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.772965] __x64_sys_ioctl+0x1a3/0x230 [ 232.773405] do_syscall_64+0x3b/0x90 [ 232.773812] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.774372] RIP: 0033:0x7f4b8743ee5d [ 232.774806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 232.776714] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 232.777509] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 232.778277] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 232.779071] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 232.779853] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 232.780592] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 232.781348] [ 232.781598] irq event stamp: 0 [ 232.781932] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.782633] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.783546] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.784458] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.785123] ---[ end trace 0000000000000000 ]--- [ 232.788501] ------------[ cut here ]------------ [ 232.789027] WARNING: CPU: 1 PID: 2222 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.790077] Modules linked in: [ 232.790414] CPU: 1 PID: 2222 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.791389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.792577] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.793104] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.795046] RSP: 0018:ffff888016fa7bd0 EFLAGS: 00010246 [ 232.795645] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 232.796412] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 232.797234] RBP: ffff888016fa7be8 R08: ffffed100173f833 R09: ffffed100173f833 [ 232.797981] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff88800f10b400 [ 232.798772] R13: ffff88800b9fc1e8 R14: ffff888012ded700 R15: 0000000000000000 [ 232.799546] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.800401] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.801014] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.801756] PKRU: 55555554 [ 232.802056] Call Trace: [ 232.802328] [ 232.802610] iommufd_access_destroy_object+0x65/0x170 [ 232.803183] iommufd_object_destroy_user+0x18e/0x220 [ 232.803727] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 232.804348] iommufd_access_destroy+0x43/0x70 [ 232.804848] iommufd_test_staccess_release+0x8d/0xd0 [ 232.805389] __fput+0x26d/0xa40 [ 232.805755] ____fput+0x1e/0x30 [ 232.806112] task_work_run+0x1a4/0x2d0 [ 232.806572] ? __pfx_task_work_run+0x10/0x10 [ 232.807042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.807572] ? switch_task_namespaces+0xa9/0xe0 [ 232.808070] do_exit+0xb17/0x2ef0 [ 232.808434] ? lock_acquire+0x427/0x4c0 [ 232.808869] ? __pfx_lock_release+0x10/0x10 [ 232.809343] ? __kasan_check_write+0x18/0x20 [ 232.809822] ? do_raw_spin_lock+0x132/0x2a0 [ 232.810281] ? __pfx_do_exit+0x10/0x10 [ 232.810735] ? debug_smp_processor_id+0x20/0x30 [ 232.811258] ? rcu_is_watching+0x19/0xb0 [ 232.811693] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.812173] ? trace_hardirqs_on+0x26/0x120 [ 232.812637] do_group_exit+0xe0/0x2b0 [ 232.813039] __x64_sys_exit_group+0x47/0x50 [ 232.813497] do_syscall_64+0x3b/0x90 [ 232.813916] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.814484] RIP: 0033:0x7f4b87518a4d [ 232.814917] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.815568] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.816360] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.817097] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.817845] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.818668] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.819435] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.820191] [ 232.820448] irq event stamp: 0 [ 232.820785] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.821445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.822310] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.823215] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.823876] ---[ end trace 0000000000000000 ]--- [ 232.824783] ------------[ cut here ]------------ [ 232.825294] WARNING: CPU: 1 PID: 2222 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 232.826362] Modules linked in: [ 232.826749] CPU: 1 PID: 2222 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.827681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.828859] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 232.829468] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 232.831439] RSP: 0018:ffff888016fa7b78 EFLAGS: 00010246 [ 232.832007] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 232.832747] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 232.833496] RBP: ffff888016fa7b98 R08: ffffed100173f83e R09: ffffed100173f83e [ 232.834245] R10: ffff88800b9fc1ef R11: ffffed100173f83d R12: ffff88800b9fc290 [ 232.835039] R13: ffff88800b9fc0a8 R14: ffffffffffffffff R15: ffff888016fa7c60 [ 232.835803] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.836645] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.837257] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.838007] PKRU: 55555554 [ 232.838311] Call Trace: [ 232.838630] [ 232.838872] iommufd_ioas_destroy+0x53/0x70 [ 232.839353] iommufd_fops_release+0x1f7/0x370 [ 232.839834] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.840370] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.840895] ? write_comp_data+0x2f/0x90 [ 232.841327] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.841856] __fput+0x26d/0xa40 [ 232.842219] ____fput+0x1e/0x30 [ 232.842617] task_work_run+0x1a4/0x2d0 [ 232.843044] ? __pfx_task_work_run+0x10/0x10 [ 232.843547] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.844070] ? switch_task_namespaces+0xa9/0xe0 [ 232.844604] do_exit+0xb17/0x2ef0 [ 232.844971] ? lock_acquire+0x427/0x4c0 [ 232.845396] ? __pfx_lock_release+0x10/0x10 [ 232.845857] ? __kasan_check_write+0x18/0x20 [ 232.846331] ? do_raw_spin_lock+0x132/0x2a0 [ 232.846824] ? __pfx_do_exit+0x10/0x10 [ 232.847252] ? debug_smp_processor_id+0x20/0x30 [ 232.847744] ? rcu_is_watching+0x19/0xb0 [ 232.848175] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.848672] ? trace_hardirqs_on+0x26/0x120 [ 232.849149] do_group_exit+0xe0/0x2b0 [ 232.849553] __x64_sys_exit_group+0x47/0x50 [ 232.850002] do_syscall_64+0x3b/0x90 [ 232.850412] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.850994] RIP: 0033:0x7f4b87518a4d [ 232.851409] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.852055] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.852849] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.853589] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.854334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.855134] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.855884] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.856636] [ 232.856882] irq event stamp: 0 [ 232.857216] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.857877] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.858806] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.859710] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.860391] ---[ end trace 0000000000000000 ]--- [ 232.866058] ------------[ cut here ]------------ [ 232.866679] WARNING: CPU: 1 PID: 2223 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.867755] Modules linked in: [ 232.868090] CPU: 1 PID: 2223 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.868990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.870153] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.870714] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.872637] RSP: 0018:ffff888010e57bb8 EFLAGS: 00010246 [ 232.873196] RAX: 0000000000000000 RBX: ffff8880103098a8 RCX: 0000000000000000 [ 232.873933] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 232.874704] RBP: ffff888010e57bd0 R08: ffffed1002061333 R09: ffffed1002061333 [ 232.875478] R10: ffff888010309993 R11: ffffed1002061332 R12: ffff888020a8d000 [ 232.876212] R13: ffff8880103099e8 R14: ffffffff8352e670 R15: ffff888010e57e68 [ 232.876949] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.877790] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.878395] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ee0 [ 232.879186] PKRU: 55555554 [ 232.879494] Call Trace: [ 232.879767] [ 232.880008] __iommufd_access_detach+0x1c2/0x2b0 [ 232.880530] iommufd_access_change_pt+0x149/0x270 [ 232.881049] iommufd_access_replace+0xb4/0x120 [ 232.881538] iommufd_test+0x3e5/0x37e0 [ 232.881947] ? lock_release+0x532/0x770 [ 232.882375] ? __might_fault+0x102/0x1b0 [ 232.882837] ? lock_acquire+0x427/0x4c0 [ 232.883283] ? __pfx_iommufd_test+0x10/0x10 [ 232.883734] ? __pfx_lock_release+0x10/0x10 [ 232.884196] ? __pfx_lock_acquire+0x10/0x10 [ 232.884662] ? write_comp_data+0x2f/0x90 [ 232.885100] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.885626] ? write_comp_data+0x2f/0x90 [ 232.886081] iommufd_fops_ioctl+0x37d/0x510 [ 232.886586] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.887107] ? write_comp_data+0x2f/0x90 [ 232.887569] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 232.888081] __x64_sys_ioctl+0x1a3/0x230 [ 232.888529] do_syscall_64+0x3b/0x90 [ 232.888934] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.889489] RIP: 0033:0x7f4b8743ee5d [ 232.889881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 232.891854] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 232.892658] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 232.893483] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 232.894221] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 232.894996] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 232.895749] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 232.896499] [ 232.896747] irq event stamp: 0 [ 232.897076] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.897739] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.898701] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.899594] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.900242] ---[ end trace 0000000000000000 ]--- [ 232.903667] ------------[ cut here ]------------ [ 232.904207] WARNING: CPU: 1 PID: 2223 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.905267] Modules linked in: [ 232.905608] CPU: 1 PID: 2223 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.906808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.908028] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.908560] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.910460] RSP: 0018:ffff888010e57bd0 EFLAGS: 00010246 [ 232.911059] RAX: 0000000000000000 RBX: ffff8880103098a8 RCX: 0000000000000000 [ 232.911812] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 232.912548] RBP: ffff888010e57be8 R08: ffffed1002061333 R09: ffffed1002061333 [ 232.913289] R10: ffff888010309993 R11: ffffed1002061332 R12: ffff888010e00800 [ 232.914027] R13: ffff8880103099e8 R14: ffff88801227d500 R15: 0000000000000000 [ 232.914803] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.915654] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.916259] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.916997] PKRU: 55555554 [ 232.917294] Call Trace: [ 232.917563] [ 232.917801] iommufd_access_destroy_object+0x65/0x170 [ 232.918353] iommufd_object_destroy_user+0x18e/0x220 [ 232.918931] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 232.919557] iommufd_access_destroy+0x43/0x70 [ 232.920037] iommufd_test_staccess_release+0x8d/0xd0 [ 232.920575] __fput+0x26d/0xa40 [ 232.920948] ____fput+0x1e/0x30 [ 232.921307] task_work_run+0x1a4/0x2d0 [ 232.921737] ? __pfx_task_work_run+0x10/0x10 [ 232.922215] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.922780] ? switch_task_namespaces+0xa9/0xe0 [ 232.923302] do_exit+0xb17/0x2ef0 [ 232.923668] ? lock_acquire+0x427/0x4c0 [ 232.924096] ? __pfx_lock_release+0x10/0x10 [ 232.924553] ? __kasan_check_write+0x18/0x20 [ 232.925111] ? do_raw_spin_lock+0x132/0x2a0 [ 232.925576] ? __pfx_do_exit+0x10/0x10 [ 232.925998] ? debug_smp_processor_id+0x20/0x30 [ 232.926487] ? rcu_is_watching+0x19/0xb0 [ 232.926957] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.927454] ? trace_hardirqs_on+0x26/0x120 [ 232.927918] do_group_exit+0xe0/0x2b0 [ 232.928320] __x64_sys_exit_group+0x47/0x50 [ 232.928778] do_syscall_64+0x3b/0x90 [ 232.929177] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.929724] RIP: 0033:0x7f4b87518a4d [ 232.930107] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.930779] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.931593] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.932328] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.933067] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.933807] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.934576] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.935355] [ 232.935604] irq event stamp: 0 [ 232.935933] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.936593] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.937465] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.938336] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.939029] ---[ end trace 0000000000000000 ]--- [ 232.939938] ------------[ cut here ]------------ [ 232.940429] WARNING: CPU: 1 PID: 2223 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 232.941489] Modules linked in: [ 232.941826] CPU: 1 PID: 2223 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.942763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.943987] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 232.944533] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 232.946431] RSP: 0018:ffff888010e57b78 EFLAGS: 00010246 [ 232.947036] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 232.947790] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 232.948530] RBP: ffff888010e57b98 R08: ffffed100206133e R09: ffffed100206133e [ 232.949267] R10: ffff8880103099ef R11: ffffed100206133d R12: ffff888010309a90 [ 232.950027] R13: ffff8880103098a8 R14: ffffffffffffffff R15: ffff888010e57c60 [ 232.950830] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 232.951688] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.952297] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 232.953046] PKRU: 55555554 [ 232.953342] Call Trace: [ 232.953608] [ 232.953846] iommufd_ioas_destroy+0x53/0x70 [ 232.954307] iommufd_fops_release+0x1f7/0x370 [ 232.954811] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.955359] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.955883] ? write_comp_data+0x2f/0x90 [ 232.956319] ? __pfx_iommufd_fops_release+0x10/0x10 [ 232.956848] __fput+0x26d/0xa40 [ 232.957278] ____fput+0x1e/0x30 [ 232.957635] task_work_run+0x1a4/0x2d0 [ 232.958058] ? __pfx_task_work_run+0x10/0x10 [ 232.958566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 232.959094] ? switch_task_namespaces+0xa9/0xe0 [ 232.959621] do_exit+0xb17/0x2ef0 [ 232.959983] ? lock_acquire+0x427/0x4c0 [ 232.960412] ? __pfx_lock_release+0x10/0x10 [ 232.960868] ? __kasan_check_write+0x18/0x20 [ 232.961323] ? do_raw_spin_lock+0x132/0x2a0 [ 232.961770] ? __pfx_do_exit+0x10/0x10 [ 232.962179] ? debug_smp_processor_id+0x20/0x30 [ 232.962697] ? rcu_is_watching+0x19/0xb0 [ 232.963115] ? _raw_spin_unlock_irq+0x2b/0x60 [ 232.963601] ? trace_hardirqs_on+0x26/0x120 [ 232.964054] do_group_exit+0xe0/0x2b0 [ 232.964456] __x64_sys_exit_group+0x47/0x50 [ 232.964901] do_syscall_64+0x3b/0x90 [ 232.965290] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 232.965829] RIP: 0033:0x7f4b87518a4d [ 232.966218] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 232.966873] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 232.967666] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 232.968396] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 232.969121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 232.969841] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 232.970590] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 232.971353] [ 232.971600] irq event stamp: 0 [ 232.971922] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 232.972570] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 232.973425] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 232.974283] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 232.974963] ---[ end trace 0000000000000000 ]--- [ 232.981516] ------------[ cut here ]------------ [ 232.982212] WARNING: CPU: 0 PID: 2224 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 232.983861] Modules linked in: [ 232.984302] CPU: 0 PID: 2224 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 232.985435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 232.987391] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 232.988067] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 232.990401] RSP: 0018:ffff888016fa7bb8 EFLAGS: 00010246 [ 232.991173] RAX: 0000000000000000 RBX: ffff888023c5b8a8 RCX: 0000000000000000 [ 232.992116] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 232.993043] RBP: ffff888016fa7bd0 R08: ffffed100478b733 R09: ffffed100478b733 [ 232.993964] R10: ffff888023c5b993 R11: ffffed100478b732 R12: ffff888010572c00 [ 232.994937] R13: ffff888023c5b9e8 R14: ffffffff8352e670 R15: ffff888016fa7e68 [ 232.995899] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 232.996941] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 232.997693] CR2: 0000000020000140 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 232.998650] PKRU: 55555554 [ 232.999016] Call Trace: [ 232.999355] [ 232.999650] __iommufd_access_detach+0x1c2/0x2b0 [ 233.000276] iommufd_access_change_pt+0x149/0x270 [ 233.000900] iommufd_access_replace+0xb4/0x120 [ 233.001497] iommufd_test+0x3e5/0x37e0 [ 233.002004] ? lock_release+0x532/0x770 [ 233.002579] ? __might_fault+0x102/0x1b0 [ 233.003131] ? lock_acquire+0x427/0x4c0 [ 233.003654] ? __pfx_iommufd_test+0x10/0x10 [ 233.004197] ? __pfx_lock_release+0x10/0x10 [ 233.004754] ? __pfx_lock_acquire+0x10/0x10 [ 233.005312] ? write_comp_data+0x2f/0x90 [ 233.005839] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.006466] ? write_comp_data+0x2f/0x90 [ 233.007049] iommufd_fops_ioctl+0x37d/0x510 [ 233.007627] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.008253] ? write_comp_data+0x2f/0x90 [ 233.008793] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.009703] __x64_sys_ioctl+0x1a3/0x230 [ 233.010243] do_syscall_64+0x3b/0x90 [ 233.010783] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.011490] RIP: 0033:0x7f4b8743ee5d [ 233.011969] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 233.014208] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 233.015207] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 233.016100] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 233.016985] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 233.017869] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 233.018793] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 233.019730] [ 233.020054] irq event stamp: 0 [ 233.020417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.021232] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.022428] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.023558] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.024367] ---[ end trace 0000000000000000 ]--- [ 233.029912] ------------[ cut here ]------------ [ 233.030598] WARNING: CPU: 0 PID: 2224 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.031825] Modules linked in: [ 233.032132] CPU: 0 PID: 2224 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.033076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.034276] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.034784] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.036487] RSP: 0018:ffff888016fa7bd0 EFLAGS: 00010246 [ 233.037102] RAX: 0000000000000000 RBX: ffff888023c5b8a8 RCX: 0000000000000000 [ 233.037943] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 233.038642] RBP: ffff888016fa7be8 R08: ffffed100478b733 R09: ffffed100478b733 [ 233.039330] R10: ffff888023c5b993 R11: ffffed100478b732 R12: ffff888020fee400 [ 233.040000] R13: ffff888023c5b9e8 R14: ffff888010f94400 R15: 0000000000000000 [ 233.040677] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 233.041606] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.042297] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 233.042994] PKRU: 55555554 [ 233.043288] Call Trace: [ 233.043534] [ 233.043750] iommufd_access_destroy_object+0x65/0x170 [ 233.044243] iommufd_object_destroy_user+0x18e/0x220 [ 233.044733] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 233.045308] iommufd_access_destroy+0x43/0x70 [ 233.045970] iommufd_test_staccess_release+0x8d/0xd0 [ 233.046464] __fput+0x26d/0xa40 [ 233.046831] ____fput+0x1e/0x30 [ 233.047159] task_work_run+0x1a4/0x2d0 [ 233.047539] ? __pfx_task_work_run+0x10/0x10 [ 233.047960] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.048424] ? switch_task_namespaces+0xa9/0xe0 [ 233.048870] do_exit+0xb17/0x2ef0 [ 233.049199] ? lock_acquire+0x427/0x4c0 [ 233.049640] ? __pfx_lock_release+0x10/0x10 [ 233.050255] ? __kasan_check_write+0x18/0x20 [ 233.050706] ? do_raw_spin_lock+0x132/0x2a0 [ 233.051162] ? __pfx_do_exit+0x10/0x10 [ 233.051585] ? debug_smp_processor_id+0x20/0x30 [ 233.052076] ? rcu_is_watching+0x19/0xb0 [ 233.052503] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.052976] ? trace_hardirqs_on+0x26/0x120 [ 233.053426] do_group_exit+0xe0/0x2b0 [ 233.053826] __x64_sys_exit_group+0x47/0x50 [ 233.054436] do_syscall_64+0x3b/0x90 [ 233.055142] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.055693] RIP: 0033:0x7f4b87518a4d [ 233.056080] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.056700] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.057466] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.058184] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.058988] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.059979] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.060898] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.061643] [ 233.061883] irq event stamp: 0 [ 233.062201] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.062891] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.063754] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.064851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.065689] ---[ end trace 0000000000000000 ]--- [ 233.067450] ------------[ cut here ]------------ [ 233.067957] WARNING: CPU: 0 PID: 2224 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 233.069222] Modules linked in: [ 233.069767] CPU: 0 PID: 2224 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.070689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.071826] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 233.072353] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 233.074831] RSP: 0018:ffff888016fa7b78 EFLAGS: 00010246 [ 233.075409] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 233.076139] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 233.076867] RBP: ffff888016fa7b98 R08: ffffed100478b73e R09: ffffed100478b73e [ 233.077606] R10: ffff888023c5b9ef R11: ffffed100478b73d R12: ffff888023c5ba90 [ 233.078341] R13: ffff888023c5b8a8 R14: ffffffffffffffff R15: ffff888016fa7c60 [ 233.079131] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 233.079955] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.080534] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 233.081262] PKRU: 55555554 [ 233.081557] Call Trace: [ 233.081816] [ 233.082049] iommufd_ioas_destroy+0x53/0x70 [ 233.082537] iommufd_fops_release+0x1f7/0x370 [ 233.083008] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.083545] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.084057] ? write_comp_data+0x2f/0x90 [ 233.084494] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.085018] __fput+0x26d/0xa40 [ 233.085379] ____fput+0x1e/0x30 [ 233.085727] task_work_run+0x1a4/0x2d0 [ 233.086137] ? __pfx_task_work_run+0x10/0x10 [ 233.086636] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.087168] ? switch_task_namespaces+0xa9/0xe0 [ 233.087665] do_exit+0xb17/0x2ef0 [ 233.088027] ? lock_acquire+0x427/0x4c0 [ 233.088450] ? __pfx_lock_release+0x10/0x10 [ 233.088904] ? __kasan_check_write+0x18/0x20 [ 233.089365] ? do_raw_spin_lock+0x132/0x2a0 [ 233.089814] ? __pfx_do_exit+0x10/0x10 [ 233.090221] ? debug_smp_processor_id+0x20/0x30 [ 233.090746] ? rcu_is_watching+0x19/0xb0 [ 233.091180] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.091668] ? trace_hardirqs_on+0x26/0x120 [ 233.092125] do_group_exit+0xe0/0x2b0 [ 233.092530] __x64_sys_exit_group+0x47/0x50 [ 233.092989] do_syscall_64+0x3b/0x90 [ 233.093392] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.093941] RIP: 0033:0x7f4b87518a4d [ 233.094332] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.095027] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.095838] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.096575] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.097316] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.098044] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.098813] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.099566] [ 233.099812] irq event stamp: 0 [ 233.100136] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.100797] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.101660] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.102557] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.103221] ---[ end trace 0000000000000000 ]--- [ 233.111908] ------------[ cut here ]------------ [ 233.112600] WARNING: CPU: 1 PID: 2225 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.114089] Modules linked in: [ 233.114654] CPU: 1 PID: 2225 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.115988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.117457] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.118263] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.120902] RSP: 0018:ffff888015de7bb8 EFLAGS: 00010246 [ 233.121619] RAX: 0000000000000000 RBX: ffff88801781a0a8 RCX: 0000000000000000 [ 233.122587] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 233.123732] RBP: ffff888015de7bd0 R08: ffffed1002f03433 R09: ffffed1002f03433 [ 233.124670] R10: ffff88801781a193 R11: ffffed1002f03432 R12: ffff88800ae92800 [ 233.125761] R13: ffff88801781a1e8 R14: ffffffff8352e670 R15: ffff888015de7e68 [ 233.126736] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.127902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.128734] CR2: 00007f4b877410e8 CR3: 000000000f1ee000 CR4: 0000000000750ee0 [ 233.129674] PKRU: 55555554 [ 233.130080] Call Trace: [ 233.130599] [ 233.130914] __iommufd_access_detach+0x1c2/0x2b0 [ 233.131588] iommufd_access_change_pt+0x149/0x270 [ 233.132246] iommufd_access_replace+0xb4/0x120 [ 233.132872] iommufd_test+0x3e5/0x37e0 [ 233.133510] ? lock_release+0x532/0x770 [ 233.134136] ? __might_fault+0x102/0x1b0 [ 233.134760] ? lock_acquire+0x427/0x4c0 [ 233.135322] ? __pfx_iommufd_test+0x10/0x10 [ 233.135892] ? __pfx_lock_release+0x10/0x10 [ 233.136644] ? __pfx_lock_acquire+0x10/0x10 [ 233.137237] ? write_comp_data+0x2f/0x90 [ 233.137794] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.138474] ? write_comp_data+0x2f/0x90 [ 233.139203] iommufd_fops_ioctl+0x37d/0x510 [ 233.139790] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.140446] ? write_comp_data+0x2f/0x90 [ 233.141019] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.141827] __x64_sys_ioctl+0x1a3/0x230 [ 233.142392] do_syscall_64+0x3b/0x90 [ 233.142965] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.143695] RIP: 0033:0x7f4b8743ee5d [ 233.144364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 233.147004] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 233.148042] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 233.149033] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 233.150051] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 233.151040] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 233.152168] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 233.153121] [ 233.153439] irq event stamp: 0 [ 233.153867] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.154972] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.156112] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.157306] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.158214] ---[ end trace 0000000000000000 ]--- [ 233.163516] ------------[ cut here ]------------ [ 233.164209] WARNING: CPU: 1 PID: 2225 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.165661] Modules linked in: [ 233.166099] CPU: 1 PID: 2225 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.167537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.169018] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.169863] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.172513] RSP: 0018:ffff888015de7bd0 EFLAGS: 00010246 [ 233.173233] RAX: 0000000000000000 RBX: ffff88801781a0a8 RCX: 0000000000000000 [ 233.174168] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 233.175364] RBP: ffff888015de7be8 R08: ffffed1002f03433 R09: ffffed1002f03433 [ 233.176309] R10: ffff88801781a193 R11: ffffed1002f03432 R12: ffff888020a8c400 [ 233.177347] R13: ffff88801781a1e8 R14: ffff88801495ed00 R15: 0000000000000000 [ 233.178343] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.179495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.180367] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 233.181306] PKRU: 55555554 [ 233.181685] Call Trace: [ 233.182065] [ 233.182486] iommufd_access_destroy_object+0x65/0x170 [ 233.183290] iommufd_object_destroy_user+0x18e/0x220 [ 233.183995] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 233.184884] iommufd_access_destroy+0x43/0x70 [ 233.185603] iommufd_test_staccess_release+0x8d/0xd0 [ 233.186323] __fput+0x26d/0xa40 [ 233.186875] ____fput+0x1e/0x30 [ 233.187381] task_work_run+0x1a4/0x2d0 [ 233.188108] ? __pfx_task_work_run+0x10/0x10 [ 233.188720] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.189397] ? switch_task_namespaces+0xa9/0xe0 [ 233.190098] do_exit+0xb17/0x2ef0 [ 233.190738] ? lock_acquire+0x427/0x4c0 [ 233.191336] ? __pfx_lock_release+0x10/0x10 [ 233.191938] ? __kasan_check_write+0x18/0x20 [ 233.192551] ? do_raw_spin_lock+0x132/0x2a0 [ 233.193287] ? __pfx_do_exit+0x10/0x10 [ 233.193843] ? debug_smp_processor_id+0x20/0x30 [ 233.194490] ? rcu_is_watching+0x19/0xb0 [ 233.195110] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.195924] ? trace_hardirqs_on+0x26/0x120 [ 233.196529] do_group_exit+0xe0/0x2b0 [ 233.197060] __x64_sys_exit_group+0x47/0x50 [ 233.197653] do_syscall_64+0x3b/0x90 [ 233.198322] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.199102] RIP: 0033:0x7f4b87518a4d [ 233.199650] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.200488] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.201675] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.202687] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.203751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.204781] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.205750] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.206940] [ 233.207287] irq event stamp: 0 [ 233.207722] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.208570] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.209851] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.211045] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.212117] ---[ end trace 0000000000000000 ]--- [ 233.213501] ------------[ cut here ]------------ [ 233.214144] WARNING: CPU: 1 PID: 2225 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 233.215806] Modules linked in: [ 233.216257] CPU: 1 PID: 2225 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.217536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.219252] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 233.219971] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 233.222743] RSP: 0018:ffff888015de7b78 EFLAGS: 00010246 [ 233.223495] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 233.224453] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 233.225593] RBP: ffff888015de7b98 R08: ffffed1002f0343e R09: ffffed1002f0343e [ 233.226644] R10: ffff88801781a1ef R11: ffffed1002f0343d R12: ffff88801781a290 [ 233.227679] R13: ffff88801781a0a8 R14: ffffffffffffffff R15: ffff888015de7c60 [ 233.228753] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.229860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.230832] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 233.231824] PKRU: 55555554 [ 233.232215] Call Trace: [ 233.232664] [ 233.233068] iommufd_ioas_destroy+0x53/0x70 [ 233.233674] iommufd_fops_release+0x1f7/0x370 [ 233.234299] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.235038] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.235740] ? write_comp_data+0x2f/0x90 [ 233.236316] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.237006] __fput+0x26d/0xa40 [ 233.237489] ____fput+0x1e/0x30 [ 233.237962] task_work_run+0x1a4/0x2d0 [ 233.238568] ? __pfx_task_work_run+0x10/0x10 [ 233.239199] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.239878] ? switch_task_namespaces+0xa9/0xe0 [ 233.240535] do_exit+0xb17/0x2ef0 [ 233.241018] ? lock_acquire+0x427/0x4c0 [ 233.241586] ? __pfx_lock_release+0x10/0x10 [ 233.242188] ? __kasan_check_write+0x18/0x20 [ 233.242854] ? do_raw_spin_lock+0x132/0x2a0 [ 233.243468] ? __pfx_do_exit+0x10/0x10 [ 233.244018] ? debug_smp_processor_id+0x20/0x30 [ 233.244659] ? rcu_is_watching+0x19/0xb0 [ 233.245222] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.245854] ? trace_hardirqs_on+0x26/0x120 [ 233.246454] do_group_exit+0xe0/0x2b0 [ 233.247056] __x64_sys_exit_group+0x47/0x50 [ 233.247667] do_syscall_64+0x3b/0x90 [ 233.248195] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.248911] RIP: 0033:0x7f4b87518a4d [ 233.249419] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.250248] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.251352] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.252318] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.253279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.254234] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.255260] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.256242] [ 233.256567] irq event stamp: 0 [ 233.257001] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.257863] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.259053] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.260201] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.261058] ---[ end trace 0000000000000000 ]--- [ 233.267075] ------------[ cut here ]------------ [ 233.267636] WARNING: CPU: 0 PID: 2226 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.268707] Modules linked in: [ 233.269048] CPU: 0 PID: 2226 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.270683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.271897] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.272425] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.274382] RSP: 0018:ffff88801395fbb8 EFLAGS: 00010246 [ 233.274996] RAX: 0000000000000000 RBX: ffff88800b8130a8 RCX: 0000000000000000 [ 233.275755] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 233.276505] RBP: ffff88801395fbd0 R08: ffffed1001702633 R09: ffffed1001702633 [ 233.277252] R10: ffff88800b813193 R11: ffffed1001702632 R12: ffff888010c09800 [ 233.278000] R13: ffff88800b8131e8 R14: ffffffff8352e670 R15: ffff88801395fe68 [ 233.278782] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 233.279722] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.280333] CR2: 00007f4b877410e8 CR3: 0000000020d78000 CR4: 0000000000750ef0 [ 233.281091] PKRU: 55555554 [ 233.281403] Call Trace: [ 233.281681] [ 233.281926] __iommufd_access_detach+0x1c2/0x2b0 [ 233.282462] iommufd_access_change_pt+0x149/0x270 [ 233.283051] iommufd_access_replace+0xb4/0x120 [ 233.283597] iommufd_test+0x3e5/0x37e0 [ 233.284021] ? lock_release+0x532/0x770 [ 233.284456] ? __might_fault+0x102/0x1b0 [ 233.284894] ? lock_acquire+0x427/0x4c0 [ 233.285321] ? __pfx_iommufd_test+0x10/0x10 [ 233.285775] ? __pfx_lock_release+0x10/0x10 [ 233.286239] ? __pfx_lock_acquire+0x10/0x10 [ 233.286740] ? write_comp_data+0x2f/0x90 [ 233.287213] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.287741] ? write_comp_data+0x2f/0x90 [ 233.288187] iommufd_fops_ioctl+0x37d/0x510 [ 233.288658] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.289178] ? write_comp_data+0x2f/0x90 [ 233.289622] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.290149] __x64_sys_ioctl+0x1a3/0x230 [ 233.290629] do_syscall_64+0x3b/0x90 [ 233.291038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.291616] RIP: 0033:0x7f4b8743ee5d [ 233.292018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 233.293971] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 233.294821] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 233.295587] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 233.296355] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 233.297102] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 233.297844] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 233.298646] [ 233.298899] irq event stamp: 0 [ 233.299251] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.299923] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.300803] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.301692] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.302366] ---[ end trace 0000000000000000 ]--- [ 233.307695] ------------[ cut here ]------------ [ 233.308506] WARNING: CPU: 1 PID: 2226 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.309943] Modules linked in: [ 233.310424] CPU: 1 PID: 2226 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.311613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.313004] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.313720] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.316238] RSP: 0018:ffff88801395fbd0 EFLAGS: 00010246 [ 233.316796] RAX: 0000000000000000 RBX: ffff88800b8130a8 RCX: 0000000000000000 [ 233.317532] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 233.318271] RBP: ffff88801395fbe8 R08: ffffed1001702633 R09: ffffed1001702633 [ 233.319071] R10: ffff88800b813193 R11: ffffed1001702632 R12: ffff888010572000 [ 233.319842] R13: ffff88800b8131e8 R14: ffff88800fe7de00 R15: 0000000000000000 [ 233.320767] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.321932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.322579] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 233.323332] PKRU: 55555554 [ 233.323631] Call Trace: [ 233.323902] [ 233.324154] iommufd_access_destroy_object+0x65/0x170 [ 233.324711] iommufd_object_destroy_user+0x18e/0x220 [ 233.325321] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 233.326181] iommufd_access_destroy+0x43/0x70 [ 233.326717] iommufd_test_staccess_release+0x8d/0xd0 [ 233.327285] __fput+0x26d/0xa40 [ 233.327668] ____fput+0x1e/0x30 [ 233.328027] task_work_run+0x1a4/0x2d0 [ 233.328458] ? __pfx_task_work_run+0x10/0x10 [ 233.328930] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.329519] ? switch_task_namespaces+0xa9/0xe0 [ 233.330244] do_exit+0xb17/0x2ef0 [ 233.330675] ? lock_acquire+0x427/0x4c0 [ 233.331099] ? __pfx_lock_release+0x10/0x10 [ 233.331574] ? __kasan_check_write+0x18/0x20 [ 233.332059] ? do_raw_spin_lock+0x132/0x2a0 [ 233.332515] ? __pfx_do_exit+0x10/0x10 [ 233.332947] ? debug_smp_processor_id+0x20/0x30 [ 233.333493] ? rcu_is_watching+0x19/0xb0 [ 233.334087] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.334813] ? trace_hardirqs_on+0x26/0x120 [ 233.335295] do_group_exit+0xe0/0x2b0 [ 233.335708] __x64_sys_exit_group+0x47/0x50 [ 233.336157] do_syscall_64+0x3b/0x90 [ 233.336564] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.337118] RIP: 0033:0x7f4b87518a4d [ 233.337527] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.338226] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.339363] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.340395] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.341137] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.341904] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.342691] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.343469] [ 233.343763] irq event stamp: 0 [ 233.344209] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.345167] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.346049] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.346960] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.347626] ---[ end trace 0000000000000000 ]--- [ 233.348540] ------------[ cut here ]------------ [ 233.349043] WARNING: CPU: 1 PID: 2226 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 233.350106] Modules linked in: [ 233.350446] CPU: 1 PID: 2226 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.351434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.352604] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 233.353144] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 233.355102] RSP: 0018:ffff88801395fb78 EFLAGS: 00010246 [ 233.355696] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 233.356437] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 233.357162] RBP: ffff88801395fb98 R08: ffffed100170263e R09: ffffed100170263e [ 233.357894] R10: ffff88800b8131ef R11: ffffed100170263d R12: ffff88800b813290 [ 233.358680] R13: ffff88800b8130a8 R14: ffffffffffffffff R15: ffff88801395fc60 [ 233.359440] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.360271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.360882] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 233.361618] PKRU: 55555554 [ 233.361915] Call Trace: [ 233.362186] [ 233.362422] iommufd_ioas_destroy+0x53/0x70 [ 233.362930] iommufd_fops_release+0x1f7/0x370 [ 233.363429] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.363957] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.364473] ? write_comp_data+0x2f/0x90 [ 233.364900] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.365426] __fput+0x26d/0xa40 [ 233.365782] ____fput+0x1e/0x30 [ 233.366137] task_work_run+0x1a4/0x2d0 [ 233.366597] ? __pfx_task_work_run+0x10/0x10 [ 233.367066] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.367595] ? switch_task_namespaces+0xa9/0xe0 [ 233.368097] do_exit+0xb17/0x2ef0 [ 233.368460] ? lock_acquire+0x427/0x4c0 [ 233.368879] ? __pfx_lock_release+0x10/0x10 [ 233.369350] ? __kasan_check_write+0x18/0x20 [ 233.369829] ? do_raw_spin_lock+0x132/0x2a0 [ 233.370314] ? __pfx_do_exit+0x10/0x10 [ 233.370821] ? debug_smp_processor_id+0x20/0x30 [ 233.371357] ? rcu_is_watching+0x19/0xb0 [ 233.371792] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.372273] ? trace_hardirqs_on+0x26/0x120 [ 233.372729] do_group_exit+0xe0/0x2b0 [ 233.373132] __x64_sys_exit_group+0x47/0x50 [ 233.373573] do_syscall_64+0x3b/0x90 [ 233.373964] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.374547] RIP: 0033:0x7f4b87518a4d [ 233.374936] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.375575] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.376353] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.377092] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.377835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.378626] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.379408] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.380157] [ 233.380403] irq event stamp: 0 [ 233.380726] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.381383] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.382252] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.383166] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.383834] ---[ end trace 0000000000000000 ]--- [ 233.389085] ------------[ cut here ]------------ [ 233.389637] WARNING: CPU: 1 PID: 2227 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.391042] Modules linked in: [ 233.391406] CPU: 1 PID: 2227 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.392321] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.393484] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.394003] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.395951] RSP: 0018:ffff888023d67bb8 EFLAGS: 00010246 [ 233.396525] RAX: 0000000000000000 RBX: ffff88800bafa8a8 RCX: 0000000000000000 [ 233.397269] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 233.398011] RBP: ffff888023d67bd0 R08: ffffed100175f533 R09: ffffed100175f533 [ 233.398792] R10: ffff88800bafa993 R11: ffffed100175f532 R12: ffff888012e94800 [ 233.399568] R13: ffff88800bafa9e8 R14: ffffffff8352e670 R15: ffff888023d67e68 [ 233.400308] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.401150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.401750] CR2: 0000000020000140 CR3: 00000000104d2000 CR4: 0000000000750ee0 [ 233.402491] PKRU: 55555554 [ 233.402848] Call Trace: [ 233.403124] [ 233.403370] __iommufd_access_detach+0x1c2/0x2b0 [ 233.403882] iommufd_access_change_pt+0x149/0x270 [ 233.404392] iommufd_access_replace+0xb4/0x120 [ 233.404872] iommufd_test+0x3e5/0x37e0 [ 233.405280] ? lock_release+0x532/0x770 [ 233.405712] ? __might_fault+0x102/0x1b0 [ 233.406141] ? lock_acquire+0x427/0x4c0 [ 233.406619] ? __pfx_iommufd_test+0x10/0x10 [ 233.407072] ? __pfx_lock_release+0x10/0x10 [ 233.407551] ? __pfx_lock_acquire+0x10/0x10 [ 233.408009] ? write_comp_data+0x2f/0x90 [ 233.408442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.408952] ? write_comp_data+0x2f/0x90 [ 233.409396] iommufd_fops_ioctl+0x37d/0x510 [ 233.409876] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.410396] ? write_comp_data+0x2f/0x90 [ 233.410880] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.411397] __x64_sys_ioctl+0x1a3/0x230 [ 233.411845] do_syscall_64+0x3b/0x90 [ 233.412251] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.412807] RIP: 0033:0x7f4b8743ee5d [ 233.413208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 233.415188] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 233.415994] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 233.416746] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 233.417486] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 233.418227] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 233.419010] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 233.419780] [ 233.420024] irq event stamp: 0 [ 233.420352] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.421007] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.421879] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.422817] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.423492] ---[ end trace 0000000000000000 ]--- [ 233.426910] ------------[ cut here ]------------ [ 233.427465] WARNING: CPU: 1 PID: 2227 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.428516] Modules linked in: [ 233.428857] CPU: 1 PID: 2227 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.429754] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.430960] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.431494] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.433398] RSP: 0018:ffff888023d67bd0 EFLAGS: 00010246 [ 233.433959] RAX: 0000000000000000 RBX: ffff88800bafa8a8 RCX: 0000000000000000 [ 233.434747] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 233.435507] RBP: ffff888023d67be8 R08: ffffed100175f533 R09: ffffed100175f533 [ 233.436255] R10: ffff88800bafa993 R11: ffffed100175f532 R12: ffff88800ae91800 [ 233.436995] R13: ffff88800bafa9e8 R14: ffff888014474400 R15: 0000000000000000 [ 233.437735] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.438637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.439249] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 233.439991] PKRU: 55555554 [ 233.440297] Call Trace: [ 233.440562] [ 233.440799] iommufd_access_destroy_object+0x65/0x170 [ 233.441353] iommufd_object_destroy_user+0x18e/0x220 [ 233.441885] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 233.442552] iommufd_access_destroy+0x43/0x70 [ 233.443031] iommufd_test_staccess_release+0x8d/0xd0 [ 233.443589] __fput+0x26d/0xa40 [ 233.443951] ____fput+0x1e/0x30 [ 233.444316] task_work_run+0x1a4/0x2d0 [ 233.444735] ? __pfx_task_work_run+0x10/0x10 [ 233.445206] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.445723] ? switch_task_namespaces+0xa9/0xe0 [ 233.446231] do_exit+0xb17/0x2ef0 [ 233.446642] ? lock_acquire+0x427/0x4c0 [ 233.447071] ? __pfx_lock_release+0x10/0x10 [ 233.447537] ? __kasan_check_write+0x18/0x20 [ 233.447997] ? do_raw_spin_lock+0x132/0x2a0 [ 233.448452] ? __pfx_do_exit+0x10/0x10 [ 233.448886] ? debug_smp_processor_id+0x20/0x30 [ 233.449374] ? rcu_is_watching+0x19/0xb0 [ 233.449807] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.450292] ? trace_hardirqs_on+0x26/0x120 [ 233.450832] do_group_exit+0xe0/0x2b0 [ 233.451268] __x64_sys_exit_group+0x47/0x50 [ 233.451715] do_syscall_64+0x3b/0x90 [ 233.452111] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.452660] RIP: 0033:0x7f4b87518a4d [ 233.453050] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.453681] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.454553] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.455330] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.456079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.456823] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.457564] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.458324] [ 233.458619] irq event stamp: 0 [ 233.458950] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.459629] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.460508] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.461381] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.462051] ---[ end trace 0000000000000000 ]--- [ 233.463033] ------------[ cut here ]------------ [ 233.463572] WARNING: CPU: 1 PID: 2227 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 233.464636] Modules linked in: [ 233.464973] CPU: 1 PID: 2227 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.465886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.467101] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 233.467666] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 233.469559] RSP: 0018:ffff888023d67b78 EFLAGS: 00010246 [ 233.470120] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 233.470902] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 233.471662] RBP: ffff888023d67b98 R08: ffffed100175f53e R09: ffffed100175f53e [ 233.472398] R10: ffff88800bafa9ef R11: ffffed100175f53d R12: ffff88800bafaa90 [ 233.473143] R13: ffff88800bafa8a8 R14: ffffffffffffffff R15: ffff888023d67c60 [ 233.473892] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.474783] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.475408] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 233.476143] PKRU: 55555554 [ 233.476450] Call Trace: [ 233.476717] [ 233.476956] iommufd_ioas_destroy+0x53/0x70 [ 233.477418] iommufd_fops_release+0x1f7/0x370 [ 233.477898] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.478420] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.478988] ? write_comp_data+0x2f/0x90 [ 233.479459] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.479985] __fput+0x26d/0xa40 [ 233.480354] ____fput+0x1e/0x30 [ 233.480710] task_work_run+0x1a4/0x2d0 [ 233.481125] ? __pfx_task_work_run+0x10/0x10 [ 233.481598] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.482106] ? switch_task_namespaces+0xa9/0xe0 [ 233.482650] do_exit+0xb17/0x2ef0 [ 233.483024] ? lock_acquire+0x427/0x4c0 [ 233.483472] ? __pfx_lock_release+0x10/0x10 [ 233.483923] ? __kasan_check_write+0x18/0x20 [ 233.484385] ? do_raw_spin_lock+0x132/0x2a0 [ 233.484832] ? __pfx_do_exit+0x10/0x10 [ 233.485262] ? debug_smp_processor_id+0x20/0x30 [ 233.485764] ? rcu_is_watching+0x19/0xb0 [ 233.486214] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.486747] ? trace_hardirqs_on+0x26/0x120 [ 233.487229] do_group_exit+0xe0/0x2b0 [ 233.487632] __x64_sys_exit_group+0x47/0x50 [ 233.488093] do_syscall_64+0x3b/0x90 [ 233.488485] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.489033] RIP: 0033:0x7f4b87518a4d [ 233.489421] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.490057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.490874] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.491659] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.492399] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.493131] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.493872] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.494664] [ 233.494910] irq event stamp: 0 [ 233.495255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.495900] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.496771] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.497628] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.498278] ---[ end trace 0000000000000000 ]--- [ 233.503949] ------------[ cut here ]------------ [ 233.504502] WARNING: CPU: 1 PID: 2228 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.505550] Modules linked in: [ 233.505881] CPU: 1 PID: 2228 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.506842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.508032] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.508561] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.510439] RSP: 0018:ffff8880219dfbb8 EFLAGS: 00010246 [ 233.511049] RAX: 0000000000000000 RBX: ffff888023ca38a8 RCX: 0000000000000000 [ 233.511812] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 233.512543] RBP: ffff8880219dfbd0 R08: ffffed1004794733 R09: ffffed1004794733 [ 233.513273] R10: ffff888023ca3993 R11: ffffed1004794732 R12: ffff888014392400 [ 233.513996] R13: ffff888023ca39e8 R14: ffffffff8352e670 R15: ffff8880219dfe68 [ 233.514754] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.515592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.516185] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 233.516915] PKRU: 55555554 [ 233.517212] Call Trace: [ 233.517478] [ 233.517719] __iommufd_access_detach+0x1c2/0x2b0 [ 233.518234] iommufd_access_change_pt+0x149/0x270 [ 233.518776] iommufd_access_replace+0xb4/0x120 [ 233.519282] iommufd_test+0x3e5/0x37e0 [ 233.519681] ? lock_release+0x532/0x770 [ 233.520119] ? __might_fault+0x102/0x1b0 [ 233.520563] ? lock_acquire+0x427/0x4c0 [ 233.520986] ? __pfx_iommufd_test+0x10/0x10 [ 233.521445] ? __pfx_lock_release+0x10/0x10 [ 233.521906] ? __pfx_lock_acquire+0x10/0x10 [ 233.522372] ? write_comp_data+0x2f/0x90 [ 233.522868] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.523400] ? write_comp_data+0x2f/0x90 [ 233.523845] iommufd_fops_ioctl+0x37d/0x510 [ 233.524304] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.524824] ? write_comp_data+0x2f/0x90 [ 233.525260] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.525763] __x64_sys_ioctl+0x1a3/0x230 [ 233.526206] do_syscall_64+0x3b/0x90 [ 233.526676] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.527276] RIP: 0033:0x7f4b8743ee5d [ 233.527694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 233.530315] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 233.531183] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 233.531917] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 233.532635] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 233.533383] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 233.534552] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 233.535334] [ 233.535574] irq event stamp: 0 [ 233.535905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.536552] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.537412] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.538279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.539079] ---[ end trace 0000000000000000 ]--- [ 233.542627] ------------[ cut here ]------------ [ 233.543191] WARNING: CPU: 1 PID: 2228 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.544509] Modules linked in: [ 233.544993] CPU: 1 PID: 2228 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.545911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.547140] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.547674] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.549901] RSP: 0018:ffff8880219dfbd0 EFLAGS: 00010246 [ 233.550700] RAX: 0000000000000000 RBX: ffff888023ca38a8 RCX: 0000000000000000 [ 233.551455] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 233.552199] RBP: ffff8880219dfbe8 R08: ffffed1004794733 R09: ffffed1004794733 [ 233.552939] R10: ffff888023ca3993 R11: ffffed1004794732 R12: ffff888012e97800 [ 233.553683] R13: ffff888023ca39e8 R14: ffff88800fa45500 R15: 0000000000000000 [ 233.554588] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.555651] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.556268] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 233.557012] PKRU: 55555554 [ 233.557314] Call Trace: [ 233.557582] [ 233.557824] iommufd_access_destroy_object+0x65/0x170 [ 233.558372] iommufd_object_destroy_user+0x18e/0x220 [ 233.559020] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 233.559870] iommufd_access_destroy+0x43/0x70 [ 233.560351] iommufd_test_staccess_release+0x8d/0xd0 [ 233.560897] __fput+0x26d/0xa40 [ 233.561262] ____fput+0x1e/0x30 [ 233.561614] task_work_run+0x1a4/0x2d0 [ 233.562043] ? __pfx_task_work_run+0x10/0x10 [ 233.562585] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.563114] ? switch_task_namespaces+0xa9/0xe0 [ 233.563658] do_exit+0xb17/0x2ef0 [ 233.564048] ? lock_acquire+0x427/0x4c0 [ 233.564670] ? __pfx_lock_release+0x10/0x10 [ 233.565405] ? __kasan_check_write+0x18/0x20 [ 233.566023] ? do_raw_spin_lock+0x132/0x2a0 [ 233.566669] ? __pfx_do_exit+0x10/0x10 [ 233.567257] ? debug_smp_processor_id+0x20/0x30 [ 233.567885] ? rcu_is_watching+0x19/0xb0 [ 233.568434] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.569129] ? trace_hardirqs_on+0x26/0x120 [ 233.569873] do_group_exit+0xe0/0x2b0 [ 233.570404] __x64_sys_exit_group+0x47/0x50 [ 233.571079] do_syscall_64+0x3b/0x90 [ 233.571647] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.572361] RIP: 0033:0x7f4b87518a4d [ 233.572867] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.573924] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.574986] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.575968] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.576909] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.578090] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.579087] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.580086] [ 233.580412] irq event stamp: 0 [ 233.580841] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.581892] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.583064] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.584216] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.585066] ---[ end trace 0000000000000000 ]--- [ 233.586810] ------------[ cut here ]------------ [ 233.587545] WARNING: CPU: 1 PID: 2228 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 233.588911] Modules linked in: [ 233.589361] CPU: 1 PID: 2228 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.590888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.592429] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 233.593106] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 233.595877] RSP: 0018:ffff8880219dfb78 EFLAGS: 00010246 [ 233.596574] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 233.597486] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 233.598450] RBP: ffff8880219dfb98 R08: ffffed100479473e R09: ffffed100479473e [ 233.599533] R10: ffff888023ca39ef R11: ffffed100479473d R12: ffff888023ca3a90 [ 233.600464] R13: ffff888023ca38a8 R14: ffffffffffffffff R15: ffff8880219dfc60 [ 233.601392] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.602439] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.603566] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 233.604487] PKRU: 55555554 [ 233.604856] Call Trace: [ 233.605196] [ 233.605493] iommufd_ioas_destroy+0x53/0x70 [ 233.606062] iommufd_fops_release+0x1f7/0x370 [ 233.606752] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.607486] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.608374] ? write_comp_data+0x2f/0x90 [ 233.608919] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.609584] __fput+0x26d/0xa40 [ 233.610034] ____fput+0x1e/0x30 [ 233.610476] task_work_run+0x1a4/0x2d0 [ 233.611077] ? __pfx_task_work_run+0x10/0x10 [ 233.611910] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.612712] ? switch_task_namespaces+0xa9/0xe0 [ 233.613367] do_exit+0xb17/0x2ef0 [ 233.613836] ? lock_acquire+0x427/0x4c0 [ 233.614383] ? __pfx_lock_release+0x10/0x10 [ 233.615067] ? __kasan_check_write+0x18/0x20 [ 233.615725] ? do_raw_spin_lock+0x132/0x2a0 [ 233.616529] ? __pfx_do_exit+0x10/0x10 [ 233.617057] ? debug_smp_processor_id+0x20/0x30 [ 233.617693] ? rcu_is_watching+0x19/0xb0 [ 233.618242] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.618927] ? trace_hardirqs_on+0x26/0x120 [ 233.619574] do_group_exit+0xe0/0x2b0 [ 233.620189] __x64_sys_exit_group+0x47/0x50 [ 233.620898] do_syscall_64+0x3b/0x90 [ 233.621442] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.622151] RIP: 0033:0x7f4b87518a4d [ 233.622715] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.623591] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.624804] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.625768] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.626776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.627763] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.628895] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.629870] [ 233.630201] irq event stamp: 0 [ 233.630678] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.631559] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.632795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.633941] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.634845] ---[ end trace 0000000000000000 ]--- [ 233.643479] ------------[ cut here ]------------ [ 233.644249] WARNING: CPU: 1 PID: 2229 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.645792] Modules linked in: [ 233.646261] CPU: 1 PID: 2229 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.647587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.649329] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.650046] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.652753] RSP: 0018:ffff888023d67bb8 EFLAGS: 00010246 [ 233.653580] RAX: 0000000000000000 RBX: ffff88801054e8a8 RCX: 0000000000000000 [ 233.654623] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 233.655654] RBP: ffff888023d67bd0 R08: ffffed10020a9d33 R09: ffffed10020a9d33 [ 233.656648] R10: ffff88801054e993 R11: ffffed10020a9d32 R12: ffff888013edbc00 [ 233.657836] R13: ffff88801054e9e8 R14: ffffffff8352e670 R15: ffff888023d67e68 [ 233.658874] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.660034] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.660845] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 233.662034] PKRU: 55555554 [ 233.662447] Call Trace: [ 233.662888] [ 233.663249] __iommufd_access_detach+0x1c2/0x2b0 [ 233.663932] iommufd_access_change_pt+0x149/0x270 [ 233.664621] iommufd_access_replace+0xb4/0x120 [ 233.665321] iommufd_test+0x3e5/0x37e0 [ 233.666014] ? lock_release+0x532/0x770 [ 233.666652] ? __might_fault+0x102/0x1b0 [ 233.667280] ? lock_acquire+0x427/0x4c0 [ 233.667859] ? __pfx_iommufd_test+0x10/0x10 [ 233.668459] ? __pfx_lock_release+0x10/0x10 [ 233.669064] ? __pfx_lock_acquire+0x10/0x10 [ 233.669770] ? write_comp_data+0x2f/0x90 [ 233.670472] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.671277] ? write_comp_data+0x2f/0x90 [ 233.671875] iommufd_fops_ioctl+0x37d/0x510 [ 233.672481] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.673165] ? write_comp_data+0x2f/0x90 [ 233.673761] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.674762] __x64_sys_ioctl+0x1a3/0x230 [ 233.675403] do_syscall_64+0x3b/0x90 [ 233.675956] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.676679] RIP: 0033:0x7f4b8743ee5d [ 233.677193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 233.679963] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 233.681028] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 233.682011] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 233.683301] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 233.684303] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 233.685292] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 233.686287] [ 233.686687] irq event stamp: 0 [ 233.687329] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.688212] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.689375] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.690591] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.691571] ---[ end trace 0000000000000000 ]--- [ 233.697252] ------------[ cut here ]------------ [ 233.697970] WARNING: CPU: 1 PID: 2229 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.699798] Modules linked in: [ 233.700294] CPU: 1 PID: 2229 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.701543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.703249] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.704106] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.706812] RSP: 0018:ffff888023d67bd0 EFLAGS: 00010246 [ 233.707643] RAX: 0000000000000000 RBX: ffff88801054e8a8 RCX: 0000000000000000 [ 233.708903] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 233.709934] RBP: ffff888023d67be8 R08: ffffed10020a9d33 R09: ffffed10020a9d33 [ 233.711009] R10: ffff88801054e993 R11: ffffed10020a9d32 R12: ffff888014390c00 [ 233.712078] R13: ffff88801054e9e8 R14: ffff88800f6d3300 R15: 0000000000000000 [ 233.713332] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.714486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.715429] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 233.716454] PKRU: 55555554 [ 233.716916] Call Trace: [ 233.717437] [ 233.717783] iommufd_access_destroy_object+0x65/0x170 [ 233.718608] iommufd_object_destroy_user+0x18e/0x220 [ 233.719393] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 233.720237] iommufd_access_destroy+0x43/0x70 [ 233.720912] iommufd_test_staccess_release+0x8d/0xd0 [ 233.721866] __fput+0x26d/0xa40 [ 233.722391] ____fput+0x1e/0x30 [ 233.722965] task_work_run+0x1a4/0x2d0 [ 233.723587] ? __pfx_task_work_run+0x10/0x10 [ 233.724240] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.724955] ? switch_task_namespaces+0xa9/0xe0 [ 233.725661] do_exit+0xb17/0x2ef0 [ 233.726362] ? lock_acquire+0x427/0x4c0 [ 233.727031] ? __pfx_lock_release+0x10/0x10 [ 233.727711] ? __kasan_check_write+0x18/0x20 [ 233.728357] ? do_raw_spin_lock+0x132/0x2a0 [ 233.728980] ? __pfx_do_exit+0x10/0x10 [ 233.729554] ? debug_smp_processor_id+0x20/0x30 [ 233.730232] ? rcu_is_watching+0x19/0xb0 [ 233.731114] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.731833] ? trace_hardirqs_on+0x26/0x120 [ 233.732482] do_group_exit+0xe0/0x2b0 [ 233.733043] __x64_sys_exit_group+0x47/0x50 [ 233.733659] do_syscall_64+0x3b/0x90 [ 233.734218] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.735153] RIP: 0033:0x7f4b87518a4d [ 233.735810] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.736675] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.737760] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.738845] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.739968] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.741116] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.742136] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.743258] [ 233.743621] irq event stamp: 0 [ 233.744087] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.745185] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.746378] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.747667] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.748650] ---[ end trace 0000000000000000 ]--- [ 233.750341] ------------[ cut here ]------------ [ 233.751210] WARNING: CPU: 1 PID: 2229 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 233.752681] Modules linked in: [ 233.753208] CPU: 1 PID: 2229 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.754640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.756265] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 233.757012] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 233.759793] RSP: 0018:ffff888023d67b78 EFLAGS: 00010246 [ 233.760565] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 233.761622] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 233.762782] RBP: ffff888023d67b98 R08: ffffed10020a9d3e R09: ffffed10020a9d3e [ 233.763838] R10: ffff88801054e9ef R11: ffffed10020a9d3d R12: ffff88801054ea90 [ 233.764846] R13: ffff88801054e8a8 R14: ffffffffffffffff R15: ffff888023d67c60 [ 233.765910] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.767227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.768064] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 233.769048] PKRU: 55555554 [ 233.769442] Call Trace: [ 233.769802] [ 233.770172] iommufd_ioas_destroy+0x53/0x70 [ 233.770922] iommufd_fops_release+0x1f7/0x370 [ 233.771606] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.772327] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.773029] ? write_comp_data+0x2f/0x90 [ 233.773622] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.774361] __fput+0x26d/0xa40 [ 233.775029] ____fput+0x1e/0x30 [ 233.775552] task_work_run+0x1a4/0x2d0 [ 233.776126] ? __pfx_task_work_run+0x10/0x10 [ 233.776766] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.777471] ? switch_task_namespaces+0xa9/0xe0 [ 233.778148] do_exit+0xb17/0x2ef0 [ 233.778773] ? lock_acquire+0x427/0x4c0 [ 233.779453] ? __pfx_lock_release+0x10/0x10 [ 233.780069] ? __kasan_check_write+0x18/0x20 [ 233.780712] ? do_raw_spin_lock+0x132/0x2a0 [ 233.781327] ? __pfx_do_exit+0x10/0x10 [ 233.781893] ? debug_smp_processor_id+0x20/0x30 [ 233.782624] ? rcu_is_watching+0x19/0xb0 [ 233.783264] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.784089] ? trace_hardirqs_on+0x26/0x120 [ 233.784713] do_group_exit+0xe0/0x2b0 [ 233.785247] __x64_sys_exit_group+0x47/0x50 [ 233.785833] do_syscall_64+0x3b/0x90 [ 233.786360] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.787265] RIP: 0033:0x7f4b87518a4d [ 233.787837] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.788507] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.789346] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.790131] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.790952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.791753] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.792513] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.793520] [ 233.793911] irq event stamp: 0 [ 233.794310] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.795027] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.795958] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.796853] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.797528] ---[ end trace 0000000000000000 ]--- [ 233.805285] ------------[ cut here ]------------ [ 233.806011] WARNING: CPU: 0 PID: 2230 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.807525] Modules linked in: [ 233.807999] CPU: 0 PID: 2230 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.809211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.810808] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.811559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.814026] RSP: 0018:ffff8880219dfbb8 EFLAGS: 00010246 [ 233.814862] RAX: 0000000000000000 RBX: ffff88801608d8a8 RCX: 0000000000000000 [ 233.815892] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 233.816898] RBP: ffff8880219dfbd0 R08: ffffed1002c11b33 R09: ffffed1002c11b33 [ 233.817880] R10: ffff88801608d993 R11: ffffed1002c11b32 R12: ffff888014582000 [ 233.818940] R13: ffff88801608d9e8 R14: ffffffff8352e670 R15: ffff8880219dfe68 [ 233.819959] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 233.821079] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.821891] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 233.822932] PKRU: 55555554 [ 233.823376] Call Trace: [ 233.823754] [ 233.824099] __iommufd_access_detach+0x1c2/0x2b0 [ 233.824796] iommufd_access_change_pt+0x149/0x270 [ 233.825495] iommufd_access_replace+0xb4/0x120 [ 233.826156] iommufd_test+0x3e5/0x37e0 [ 233.826763] ? lock_release+0x532/0x770 [ 233.827367] ? __might_fault+0x102/0x1b0 [ 233.827939] ? lock_acquire+0x427/0x4c0 [ 233.828518] ? __pfx_iommufd_test+0x10/0x10 [ 233.829130] ? __pfx_lock_release+0x10/0x10 [ 233.829752] ? __pfx_lock_acquire+0x10/0x10 [ 233.830370] ? write_comp_data+0x2f/0x90 [ 233.831013] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.831732] ? write_comp_data+0x2f/0x90 [ 233.832332] iommufd_fops_ioctl+0x37d/0x510 [ 233.832957] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.833655] ? write_comp_data+0x2f/0x90 [ 233.834242] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.834966] __x64_sys_ioctl+0x1a3/0x230 [ 233.835577] do_syscall_64+0x3b/0x90 [ 233.836119] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.836842] RIP: 0033:0x7f4b8743ee5d [ 233.837369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 233.839852] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 233.840886] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 233.841842] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 233.842851] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 233.843816] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 233.844740] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 233.845682] [ 233.846006] irq event stamp: 0 [ 233.846417] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.847300] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.848385] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.849463] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.850286] ---[ end trace 0000000000000000 ]--- [ 233.855096] ------------[ cut here ]------------ [ 233.855764] WARNING: CPU: 0 PID: 2230 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.857039] Modules linked in: [ 233.857453] CPU: 0 PID: 2230 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.858591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.860036] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.860668] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.862964] RSP: 0018:ffff8880219dfbd0 EFLAGS: 00010246 [ 233.863652] RAX: 0000000000000000 RBX: ffff88801608d8a8 RCX: 0000000000000000 [ 233.864549] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 233.865447] RBP: ffff8880219dfbe8 R08: ffffed1002c11b33 R09: ffffed1002c11b33 [ 233.866345] R10: ffff88801608d993 R11: ffffed1002c11b32 R12: ffff888010c08800 [ 233.867250] R13: ffff88801608d9e8 R14: ffff888013ee3b00 R15: 0000000000000000 [ 233.868113] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 233.869083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.869782] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 233.870672] PKRU: 55555554 [ 233.871027] Call Trace: [ 233.871365] [ 233.871655] iommufd_access_destroy_object+0x65/0x170 [ 233.872309] iommufd_object_destroy_user+0x18e/0x220 [ 233.872956] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 233.873693] iommufd_access_destroy+0x43/0x70 [ 233.874276] iommufd_test_staccess_release+0x8d/0xd0 [ 233.874959] __fput+0x26d/0xa40 [ 233.875419] ____fput+0x1e/0x30 [ 233.875857] task_work_run+0x1a4/0x2d0 [ 233.876366] ? __pfx_task_work_run+0x10/0x10 [ 233.876936] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.877563] ? switch_task_namespaces+0xa9/0xe0 [ 233.878171] do_exit+0xb17/0x2ef0 [ 233.878660] ? lock_acquire+0x427/0x4c0 [ 233.879202] ? __pfx_lock_release+0x10/0x10 [ 233.879760] ? __kasan_check_write+0x18/0x20 [ 233.880324] ? do_raw_spin_lock+0x132/0x2a0 [ 233.880872] ? __pfx_do_exit+0x10/0x10 [ 233.881381] ? debug_smp_processor_id+0x20/0x30 [ 233.881977] ? rcu_is_watching+0x19/0xb0 [ 233.882496] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.883112] ? trace_hardirqs_on+0x26/0x120 [ 233.883680] do_group_exit+0xe0/0x2b0 [ 233.884167] __x64_sys_exit_group+0x47/0x50 [ 233.884712] do_syscall_64+0x3b/0x90 [ 233.885205] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.885871] RIP: 0033:0x7f4b87518a4d [ 233.886343] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.887159] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.888117] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.889007] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.889887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.890801] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.891702] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.892608] [ 233.892908] irq event stamp: 0 [ 233.893309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.894093] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.895171] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.896215] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.897008] ---[ end trace 0000000000000000 ]--- [ 233.898265] ------------[ cut here ]------------ [ 233.898898] WARNING: CPU: 0 PID: 2230 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 233.900193] Modules linked in: [ 233.900605] CPU: 0 PID: 2230 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.901695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.903153] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 233.903815] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 233.906104] RSP: 0018:ffff8880219dfb78 EFLAGS: 00010246 [ 233.906850] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 233.907792] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 233.908697] RBP: ffff8880219dfb98 R08: ffffed1002c11b3e R09: ffffed1002c11b3e [ 233.909602] R10: ffff88801608d9ef R11: ffffed1002c11b3d R12: ffff88801608da90 [ 233.910557] R13: ffff88801608d8a8 R14: ffffffffffffffff R15: ffff8880219dfc60 [ 233.911492] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 233.912506] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.913251] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 233.914166] PKRU: 55555554 [ 233.914592] Call Trace: [ 233.914937] [ 233.915261] iommufd_ioas_destroy+0x53/0x70 [ 233.915832] iommufd_fops_release+0x1f7/0x370 [ 233.916433] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.917084] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.917723] ? write_comp_data+0x2f/0x90 [ 233.918256] ? __pfx_iommufd_fops_release+0x10/0x10 [ 233.918950] __fput+0x26d/0xa40 [ 233.919447] ____fput+0x1e/0x30 [ 233.919895] task_work_run+0x1a4/0x2d0 [ 233.920416] ? __pfx_task_work_run+0x10/0x10 [ 233.921002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.921658] ? switch_task_namespaces+0xa9/0xe0 [ 233.922289] do_exit+0xb17/0x2ef0 [ 233.922795] ? lock_acquire+0x427/0x4c0 [ 233.923351] ? __pfx_lock_release+0x10/0x10 [ 233.923919] ? __kasan_check_write+0x18/0x20 [ 233.924495] ? do_raw_spin_lock+0x132/0x2a0 [ 233.925058] ? __pfx_do_exit+0x10/0x10 [ 233.925563] ? debug_smp_processor_id+0x20/0x30 [ 233.926146] ? rcu_is_watching+0x19/0xb0 [ 233.926717] ? _raw_spin_unlock_irq+0x2b/0x60 [ 233.927337] ? trace_hardirqs_on+0x26/0x120 [ 233.927886] do_group_exit+0xe0/0x2b0 [ 233.928362] __x64_sys_exit_group+0x47/0x50 [ 233.928892] do_syscall_64+0x3b/0x90 [ 233.929370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.930016] RIP: 0033:0x7f4b87518a4d [ 233.930491] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 233.931321] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 233.932276] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 233.933172] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 233.934064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 233.934987] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 233.935908] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 233.936825] [ 233.937128] irq event stamp: 0 [ 233.937533] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.938331] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.939443] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.940485] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.941281] ---[ end trace 0000000000000000 ]--- [ 233.948136] ------------[ cut here ]------------ [ 233.948778] WARNING: CPU: 1 PID: 2231 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.949987] Modules linked in: [ 233.950385] CPU: 1 PID: 2231 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.951450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.952510] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.952974] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.954704] RSP: 0018:ffff8880171dfbb8 EFLAGS: 00010246 [ 233.955209] RAX: 0000000000000000 RBX: ffff8880165310a8 RCX: 0000000000000000 [ 233.955892] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 233.956553] RBP: ffff8880171dfbd0 R08: ffffed1002ca6233 R09: ffffed1002ca6233 [ 233.957215] R10: ffff888016531193 R11: ffffed1002ca6232 R12: ffff888010e07800 [ 233.957890] R13: ffff8880165311e8 R14: ffffffff8352e670 R15: ffff8880171dfe68 [ 233.958590] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.959360] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.959907] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 233.960569] PKRU: 55555554 [ 233.960839] Call Trace: [ 233.961087] [ 233.961301] __iommufd_access_detach+0x1c2/0x2b0 [ 233.961766] iommufd_access_change_pt+0x149/0x270 [ 233.962230] iommufd_access_replace+0xb4/0x120 [ 233.962699] iommufd_test+0x3e5/0x37e0 [ 233.963066] ? lock_release+0x532/0x770 [ 233.963462] ? __might_fault+0x102/0x1b0 [ 233.963854] ? lock_acquire+0x427/0x4c0 [ 233.964239] ? __pfx_iommufd_test+0x10/0x10 [ 233.964644] ? __pfx_lock_release+0x10/0x10 [ 233.965056] ? __pfx_lock_acquire+0x10/0x10 [ 233.965479] ? write_comp_data+0x2f/0x90 [ 233.965882] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 233.966346] ? write_comp_data+0x2f/0x90 [ 233.966769] iommufd_fops_ioctl+0x37d/0x510 [ 233.967198] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.967672] ? write_comp_data+0x2f/0x90 [ 233.968067] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 233.968531] __x64_sys_ioctl+0x1a3/0x230 [ 233.968927] do_syscall_64+0x3b/0x90 [ 233.969288] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 233.969787] RIP: 0033:0x7f4b8743ee5d [ 233.970145] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 233.971882] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 233.972671] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 233.973402] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 233.974121] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 233.974883] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 233.975625] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 233.976367] [ 233.976618] irq event stamp: 0 [ 233.976945] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 233.977590] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 233.978441] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 233.979330] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 233.979983] ---[ end trace 0000000000000000 ]--- [ 233.983257] ------------[ cut here ]------------ [ 233.983781] WARNING: CPU: 1 PID: 2231 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 233.984799] Modules linked in: [ 233.985127] CPU: 1 PID: 2231 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 233.986025] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 233.987282] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 233.987816] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 233.989688] RSP: 0018:ffff8880171dfbd0 EFLAGS: 00010246 [ 233.990238] RAX: 0000000000000000 RBX: ffff8880165310a8 RCX: 0000000000000000 [ 233.991012] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 233.991765] RBP: ffff8880171dfbe8 R08: ffffed1002ca6233 R09: ffffed1002ca6233 [ 233.992486] R10: ffff888016531193 R11: ffffed1002ca6232 R12: ffff888013ed9400 [ 233.993218] R13: ffff8880165311e8 R14: ffff888020edb400 R15: 0000000000000000 [ 233.993940] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 233.994812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.995417] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 233.996154] PKRU: 55555554 [ 233.996452] Call Trace: [ 233.996719] [ 233.996954] iommufd_access_destroy_object+0x65/0x170 [ 233.997491] iommufd_object_destroy_user+0x18e/0x220 [ 233.998017] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 233.998698] iommufd_access_destroy+0x43/0x70 [ 233.999193] iommufd_test_staccess_release+0x8d/0xd0 [ 233.999738] __fput+0x26d/0xa40 [ 234.000100] ____fput+0x1e/0x30 [ 234.000458] task_work_run+0x1a4/0x2d0 [ 234.000870] ? __pfx_task_work_run+0x10/0x10 [ 234.001331] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.001847] ? switch_task_namespaces+0xa9/0xe0 [ 234.002351] do_exit+0xb17/0x2ef0 [ 234.002768] ? lock_acquire+0x427/0x4c0 [ 234.003200] ? __pfx_lock_release+0x10/0x10 [ 234.003657] ? __kasan_check_write+0x18/0x20 [ 234.004117] ? do_raw_spin_lock+0x132/0x2a0 [ 234.004559] ? __pfx_do_exit+0x10/0x10 [ 234.004976] ? debug_smp_processor_id+0x20/0x30 [ 234.005471] ? rcu_is_watching+0x19/0xb0 [ 234.005915] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.006396] ? trace_hardirqs_on+0x26/0x120 [ 234.006913] do_group_exit+0xe0/0x2b0 [ 234.007324] __x64_sys_exit_group+0x47/0x50 [ 234.007767] do_syscall_64+0x3b/0x90 [ 234.008164] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.008703] RIP: 0033:0x7f4b87518a4d [ 234.009095] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.009729] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.010556] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.011303] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.012032] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.012765] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.013511] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.014277] [ 234.014571] irq event stamp: 0 [ 234.014905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.015578] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.016440] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.017301] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.017980] ---[ end trace 0000000000000000 ]--- [ 234.019129] ------------[ cut here ]------------ [ 234.019635] WARNING: CPU: 1 PID: 2231 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 234.020687] Modules linked in: [ 234.021024] CPU: 1 PID: 2231 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.021935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.023429] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 234.023978] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 234.025854] RSP: 0018:ffff8880171dfb78 EFLAGS: 00010246 [ 234.026416] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 234.027227] RDX: 0000000000000000 RSI: ffff888014ac8000 RDI: 0000000000000002 [ 234.027964] RBP: ffff8880171dfb98 R08: ffffed1002ca623e R09: ffffed1002ca623e [ 234.028691] R10: ffff8880165311ef R11: ffffed1002ca623d R12: ffff888016531290 [ 234.029423] R13: ffff8880165310a8 R14: ffffffffffffffff R15: ffff8880171dfc60 [ 234.030155] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.031036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.031660] CR2: 00007f4b875fca50 CR3: 0000000014000000 CR4: 0000000000750ee0 [ 234.032400] PKRU: 55555554 [ 234.032696] Call Trace: [ 234.032960] [ 234.033191] iommufd_ioas_destroy+0x53/0x70 [ 234.033645] iommufd_fops_release+0x1f7/0x370 [ 234.034130] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.034689] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.035212] ? write_comp_data+0x2f/0x90 [ 234.035655] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.036178] __fput+0x26d/0xa40 [ 234.036540] ____fput+0x1e/0x30 [ 234.036894] task_work_run+0x1a4/0x2d0 [ 234.037304] ? __pfx_task_work_run+0x10/0x10 [ 234.037775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.038285] ? switch_task_namespaces+0xa9/0xe0 [ 234.038829] do_exit+0xb17/0x2ef0 [ 234.039205] ? lock_acquire+0x427/0x4c0 [ 234.039633] ? __pfx_lock_release+0x10/0x10 [ 234.040090] ? __kasan_check_write+0x18/0x20 [ 234.040550] ? do_raw_spin_lock+0x132/0x2a0 [ 234.040997] ? __pfx_do_exit+0x10/0x10 [ 234.041405] ? debug_smp_processor_id+0x20/0x30 [ 234.041889] ? rcu_is_watching+0x19/0xb0 [ 234.042317] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.042838] ? trace_hardirqs_on+0x26/0x120 [ 234.043313] do_group_exit+0xe0/0x2b0 [ 234.043723] __x64_sys_exit_group+0x47/0x50 [ 234.044178] do_syscall_64+0x3b/0x90 [ 234.044585] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.045158] RIP: 0033:0x7f4b87518a4d [ 234.045555] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.046799] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.047624] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.048344] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.049068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.049796] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.051253] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.052021] [ 234.052262] irq event stamp: 0 [ 234.052591] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.053247] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.054113] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.055032] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.055704] ---[ end trace 0000000000000000 ]--- [ 234.060676] ------------[ cut here ]------------ [ 234.061354] WARNING: CPU: 1 PID: 2232 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.062412] Modules linked in: [ 234.062812] CPU: 1 PID: 2232 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.063752] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.065138] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.065802] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.067774] RSP: 0018:ffff888015b27bb8 EFLAGS: 00010246 [ 234.068347] RAX: 0000000000000000 RBX: ffff8880140698a8 RCX: 0000000000000000 [ 234.069173] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 234.070208] RBP: ffff888015b27bd0 R08: ffffed100280d333 R09: ffffed100280d333 [ 234.071000] R10: ffff888014069993 R11: ffffed100280d332 R12: ffff88800f137400 [ 234.071764] R13: ffff8880140699e8 R14: ffffffff8352e670 R15: ffff888015b27e68 [ 234.072514] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.073357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.074135] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 234.075225] PKRU: 55555554 [ 234.075535] Call Trace: [ 234.075815] [ 234.076062] __iommufd_access_detach+0x1c2/0x2b0 [ 234.076591] iommufd_access_change_pt+0x149/0x270 [ 234.077126] iommufd_access_replace+0xb4/0x120 [ 234.077629] iommufd_test+0x3e5/0x37e0 [ 234.078055] ? lock_release+0x532/0x770 [ 234.078594] ? __might_fault+0x102/0x1b0 [ 234.079250] ? lock_acquire+0x427/0x4c0 [ 234.079691] ? __pfx_iommufd_test+0x10/0x10 [ 234.080153] ? __pfx_lock_release+0x10/0x10 [ 234.080622] ? __pfx_lock_acquire+0x10/0x10 [ 234.081100] ? write_comp_data+0x2f/0x90 [ 234.081550] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.082070] ? write_comp_data+0x2f/0x90 [ 234.082550] iommufd_fops_ioctl+0x37d/0x510 [ 234.083022] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.083562] ? write_comp_data+0x2f/0x90 [ 234.084127] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.084770] __x64_sys_ioctl+0x1a3/0x230 [ 234.085221] do_syscall_64+0x3b/0x90 [ 234.085631] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.086182] RIP: 0033:0x7f4b8743ee5d [ 234.086628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 234.088733] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 234.089723] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 234.090475] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 234.091294] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 234.092051] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 234.092830] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 234.093919] [ 234.094172] irq event stamp: 0 [ 234.094564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.095244] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.096129] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.097014] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.097826] ---[ end trace 0000000000000000 ]--- [ 234.101531] ------------[ cut here ]------------ [ 234.102130] WARNING: CPU: 1 PID: 2232 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.103554] Modules linked in: [ 234.103908] CPU: 1 PID: 2232 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.104836] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.106025] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.106709] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.108822] RSP: 0018:ffff888015b27bd0 EFLAGS: 00010246 [ 234.109399] RAX: 0000000000000000 RBX: ffff8880140698a8 RCX: 0000000000000000 [ 234.110152] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 234.111025] RBP: ffff888015b27be8 R08: ffffed100280d333 R09: ffffed100280d333 [ 234.111947] R10: ffff888014069993 R11: ffffed100280d332 R12: ffff888010e06800 [ 234.112700] R13: ffff8880140699e8 R14: ffff888020df5600 R15: 0000000000000000 [ 234.113458] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.114307] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.114976] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 234.116057] PKRU: 55555554 [ 234.116369] Call Trace: [ 234.116647] [ 234.116893] iommufd_access_destroy_object+0x65/0x170 [ 234.117450] iommufd_object_destroy_user+0x18e/0x220 [ 234.117995] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 234.118677] iommufd_access_destroy+0x43/0x70 [ 234.119190] iommufd_test_staccess_release+0x8d/0xd0 [ 234.119760] __fput+0x26d/0xa40 [ 234.120188] ____fput+0x1e/0x30 [ 234.120740] task_work_run+0x1a4/0x2d0 [ 234.121185] ? __pfx_task_work_run+0x10/0x10 [ 234.121673] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.122199] ? switch_task_namespaces+0xa9/0xe0 [ 234.122772] do_exit+0xb17/0x2ef0 [ 234.123165] ? lock_acquire+0x427/0x4c0 [ 234.123603] ? __pfx_lock_release+0x10/0x10 [ 234.124078] ? __kasan_check_write+0x18/0x20 [ 234.124560] ? do_raw_spin_lock+0x132/0x2a0 [ 234.125188] ? __pfx_do_exit+0x10/0x10 [ 234.125750] ? debug_smp_processor_id+0x20/0x30 [ 234.126255] ? rcu_is_watching+0x19/0xb0 [ 234.126739] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.127245] ? trace_hardirqs_on+0x26/0x120 [ 234.127717] do_group_exit+0xe0/0x2b0 [ 234.128140] __x64_sys_exit_group+0x47/0x50 [ 234.128617] do_syscall_64+0x3b/0x90 [ 234.129051] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.129699] RIP: 0033:0x7f4b87518a4d [ 234.130324] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.131066] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.131896] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.132651] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.133426] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.134285] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.135297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.136064] [ 234.136315] irq event stamp: 0 [ 234.136657] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.137339] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.138301] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.139571] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.140253] ---[ end trace 0000000000000000 ]--- [ 234.141209] ------------[ cut here ]------------ [ 234.141713] WARNING: CPU: 1 PID: 2232 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 234.142858] Modules linked in: [ 234.143234] CPU: 1 PID: 2232 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.144459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.145661] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 234.146218] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 234.148441] RSP: 0018:ffff888015b27b78 EFLAGS: 00010246 [ 234.149216] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 234.149971] RDX: 0000000000000000 RSI: ffff888010282500 RDI: 0000000000000002 [ 234.150774] RBP: ffff888015b27b98 R08: ffffed100280d33e R09: ffffed100280d33e [ 234.151568] R10: ffff8880140699ef R11: ffffed100280d33d R12: ffff888014069a90 [ 234.152338] R13: ffff8880140698a8 R14: ffffffffffffffff R15: ffff888015b27c60 [ 234.153191] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.154220] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.154895] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 234.155681] PKRU: 55555554 [ 234.155983] Call Trace: [ 234.156254] [ 234.156499] iommufd_ioas_destroy+0x53/0x70 [ 234.156972] iommufd_fops_release+0x1f7/0x370 [ 234.157514] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.158282] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.158858] ? write_comp_data+0x2f/0x90 [ 234.159313] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.159845] __fput+0x26d/0xa40 [ 234.160217] ____fput+0x1e/0x30 [ 234.160581] task_work_run+0x1a4/0x2d0 [ 234.161016] ? __pfx_task_work_run+0x10/0x10 [ 234.161513] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.162117] ? switch_task_namespaces+0xa9/0xe0 [ 234.162935] do_exit+0xb17/0x2ef0 [ 234.163332] ? lock_acquire+0x427/0x4c0 [ 234.163781] ? __pfx_lock_release+0x10/0x10 [ 234.164252] ? __kasan_check_write+0x18/0x20 [ 234.164731] ? do_raw_spin_lock+0x132/0x2a0 [ 234.165186] ? __pfx_do_exit+0x10/0x10 [ 234.165612] ? debug_smp_processor_id+0x20/0x30 [ 234.166108] ? rcu_is_watching+0x19/0xb0 [ 234.166634] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.167338] ? trace_hardirqs_on+0x26/0x120 [ 234.167808] do_group_exit+0xe0/0x2b0 [ 234.168221] __x64_sys_exit_group+0x47/0x50 [ 234.168681] do_syscall_64+0x3b/0x90 [ 234.169085] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.169641] RIP: 0033:0x7f4b87518a4d [ 234.170042] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.170745] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.171639] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.172670] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.173413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.174162] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.174957] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.175745] [ 234.175996] irq event stamp: 0 [ 234.176334] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.177306] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.178197] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.179113] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.179792] ---[ end trace 0000000000000000 ]--- [ 234.185459] ------------[ cut here ]------------ [ 234.186030] WARNING: CPU: 1 PID: 2233 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.187390] Modules linked in: [ 234.187741] CPU: 1 PID: 2233 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.188667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.190127] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.190711] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.192942] RSP: 0018:ffff8880171dfbb8 EFLAGS: 00010246 [ 234.193521] RAX: 0000000000000000 RBX: ffff88800b8130a8 RCX: 0000000000000000 [ 234.194274] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 234.195303] RBP: ffff8880171dfbd0 R08: ffffed1001702633 R09: ffffed1001702633 [ 234.196077] R10: ffff88800b813193 R11: ffffed1001702632 R12: ffff8880129c4000 [ 234.196851] R13: ffff88800b8131e8 R14: ffffffff8352e670 R15: ffff8880171dfe68 [ 234.197836] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.198737] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.199371] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 234.200265] PKRU: 55555554 [ 234.200695] Call Trace: [ 234.200973] [ 234.201221] __iommufd_access_detach+0x1c2/0x2b0 [ 234.201746] iommufd_access_change_pt+0x149/0x270 [ 234.202272] iommufd_access_replace+0xb4/0x120 [ 234.203007] iommufd_test+0x3e5/0x37e0 [ 234.203447] ? lock_release+0x532/0x770 [ 234.203900] ? __might_fault+0x102/0x1b0 [ 234.204350] ? lock_acquire+0x427/0x4c0 [ 234.204790] ? __pfx_iommufd_test+0x10/0x10 [ 234.205367] ? __pfx_lock_release+0x10/0x10 [ 234.205958] ? __pfx_lock_acquire+0x10/0x10 [ 234.206432] ? write_comp_data+0x2f/0x90 [ 234.206942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.207489] ? write_comp_data+0x2f/0x90 [ 234.207975] iommufd_fops_ioctl+0x37d/0x510 [ 234.208604] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.209129] ? write_comp_data+0x2f/0x90 [ 234.209569] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.210085] __x64_sys_ioctl+0x1a3/0x230 [ 234.210779] do_syscall_64+0x3b/0x90 [ 234.211212] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.211781] RIP: 0033:0x7f4b8743ee5d [ 234.212179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 234.214375] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 234.215243] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 234.216132] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 234.216976] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 234.217751] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 234.218737] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 234.219524] [ 234.219779] irq event stamp: 0 [ 234.220126] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.220945] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.221984] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.222951] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.223783] ---[ end trace 0000000000000000 ]--- [ 234.227563] ------------[ cut here ]------------ [ 234.228146] WARNING: CPU: 1 PID: 2233 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.229515] Modules linked in: [ 234.229869] CPU: 1 PID: 2233 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.230891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.232367] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.232927] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.235170] RSP: 0018:ffff8880171dfbd0 EFLAGS: 00010246 [ 234.235770] RAX: 0000000000000000 RBX: ffff88800b8130a8 RCX: 0000000000000000 [ 234.236598] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 234.237547] RBP: ffff8880171dfbe8 R08: ffffed1001702633 R09: ffffed1001702633 [ 234.238341] R10: ffff88800b813193 R11: ffffed1001702632 R12: ffff88800f135800 [ 234.239292] R13: ffff88800b8131e8 R14: ffff8880218caf00 R15: 0000000000000000 [ 234.240204] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.241096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.241744] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 234.242816] PKRU: 55555554 [ 234.243140] Call Trace: [ 234.243426] [ 234.243680] iommufd_access_destroy_object+0x65/0x170 [ 234.244259] iommufd_object_destroy_user+0x18e/0x220 [ 234.245058] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 234.245853] iommufd_access_destroy+0x43/0x70 [ 234.246366] iommufd_test_staccess_release+0x8d/0xd0 [ 234.246988] __fput+0x26d/0xa40 [ 234.247409] ____fput+0x1e/0x30 [ 234.247794] task_work_run+0x1a4/0x2d0 [ 234.248431] ? __pfx_task_work_run+0x10/0x10 [ 234.248928] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.249476] ? switch_task_namespaces+0xa9/0xe0 [ 234.250009] do_exit+0xb17/0x2ef0 [ 234.250556] ? lock_acquire+0x427/0x4c0 [ 234.251145] ? __pfx_lock_release+0x10/0x10 [ 234.251651] ? __kasan_check_write+0x18/0x20 [ 234.252154] ? do_raw_spin_lock+0x132/0x2a0 [ 234.252632] ? __pfx_do_exit+0x10/0x10 [ 234.253076] ? debug_smp_processor_id+0x20/0x30 [ 234.253688] ? rcu_is_watching+0x19/0xb0 [ 234.254263] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.254819] ? trace_hardirqs_on+0x26/0x120 [ 234.255320] do_group_exit+0xe0/0x2b0 [ 234.255742] __x64_sys_exit_group+0x47/0x50 [ 234.256216] do_syscall_64+0x3b/0x90 [ 234.256705] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.257484] RIP: 0033:0x7f4b87518a4d [ 234.257917] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.258640] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.259509] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.260507] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.261297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.262078] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.263108] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.263940] [ 234.264198] irq event stamp: 0 [ 234.264550] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.265267] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.266447] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.267429] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.268145] ---[ end trace 0000000000000000 ]--- [ 234.269342] ------------[ cut here ]------------ [ 234.269861] WARNING: CPU: 1 PID: 2233 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 234.271225] Modules linked in: [ 234.271589] CPU: 1 PID: 2233 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.272546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.273986] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 234.274646] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 234.276652] RSP: 0018:ffff8880171dfb78 EFLAGS: 00010246 [ 234.277238] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 234.278012] RDX: 0000000000000000 RSI: ffff888010284a00 RDI: 0000000000000002 [ 234.278822] RBP: ffff8880171dfb98 R08: ffffed100170263e R09: ffffed100170263e [ 234.279615] R10: ffff88800b8131ef R11: ffffed100170263d R12: ffff88800b813290 [ 234.280394] R13: ffff88800b8130a8 R14: ffffffffffffffff R15: ffff8880171dfc60 [ 234.281164] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.282040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.282709] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 234.283516] PKRU: 55555554 [ 234.283829] Call Trace: [ 234.284110] [ 234.284363] iommufd_ioas_destroy+0x53/0x70 [ 234.284845] iommufd_fops_release+0x1f7/0x370 [ 234.285339] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.285891] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.286429] ? write_comp_data+0x2f/0x90 [ 234.286921] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.287488] __fput+0x26d/0xa40 [ 234.287878] ____fput+0x1e/0x30 [ 234.288266] task_work_run+0x1a4/0x2d0 [ 234.288717] ? __pfx_task_work_run+0x10/0x10 [ 234.289211] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.289758] ? switch_task_namespaces+0xa9/0xe0 [ 234.290293] do_exit+0xb17/0x2ef0 [ 234.290717] ? lock_acquire+0x427/0x4c0 [ 234.291197] ? __pfx_lock_release+0x10/0x10 [ 234.291685] ? __kasan_check_write+0x18/0x20 [ 234.292180] ? do_raw_spin_lock+0x132/0x2a0 [ 234.292668] ? __pfx_do_exit+0x10/0x10 [ 234.293107] ? debug_smp_processor_id+0x20/0x30 [ 234.293635] ? rcu_is_watching+0x19/0xb0 [ 234.294081] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.294615] ? trace_hardirqs_on+0x26/0x120 [ 234.295110] do_group_exit+0xe0/0x2b0 [ 234.295559] __x64_sys_exit_group+0x47/0x50 [ 234.296035] do_syscall_64+0x3b/0x90 [ 234.296458] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.297036] RIP: 0033:0x7f4b87518a4d [ 234.297455] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.298132] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.299004] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.299807] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.300579] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.301355] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.302129] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.302941] [ 234.303212] irq event stamp: 0 [ 234.303564] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.304265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.305195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.306381] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.307142] ---[ end trace 0000000000000000 ]--- [ 234.312856] ------------[ cut here ]------------ [ 234.313430] WARNING: CPU: 1 PID: 2234 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.314688] Modules linked in: [ 234.315188] CPU: 1 PID: 2234 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.316190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.317397] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.317935] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.320072] RSP: 0018:ffff8880219a7bb8 EFLAGS: 00010246 [ 234.320852] RAX: 0000000000000000 RBX: ffff88800cb940a8 RCX: 0000000000000000 [ 234.321613] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 234.322373] RBP: ffff8880219a7bd0 R08: ffffed1001972833 R09: ffffed1001972833 [ 234.323178] R10: ffff88800cb94193 R11: ffffed1001972832 R12: ffff88801341f000 [ 234.323943] R13: ffff88800cb941e8 R14: ffffffff8352e670 R15: ffff8880219a7e68 [ 234.324704] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.325770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.326688] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 234.327478] PKRU: 55555554 [ 234.327800] Call Trace: [ 234.328079] [ 234.328330] __iommufd_access_detach+0x1c2/0x2b0 [ 234.328861] iommufd_access_change_pt+0x149/0x270 [ 234.329391] iommufd_access_replace+0xb4/0x120 [ 234.329895] iommufd_test+0x3e5/0x37e0 [ 234.330359] ? lock_release+0x532/0x770 [ 234.331019] ? __might_fault+0x102/0x1b0 [ 234.331726] ? lock_acquire+0x427/0x4c0 [ 234.332170] ? __pfx_iommufd_test+0x10/0x10 [ 234.332634] ? __pfx_lock_release+0x10/0x10 [ 234.333113] ? __pfx_lock_acquire+0x10/0x10 [ 234.333575] ? write_comp_data+0x2f/0x90 [ 234.334018] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.334590] ? write_comp_data+0x2f/0x90 [ 234.335044] iommufd_fops_ioctl+0x37d/0x510 [ 234.335532] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.336047] ? write_comp_data+0x2f/0x90 [ 234.336643] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.337490] __x64_sys_ioctl+0x1a3/0x230 [ 234.338087] do_syscall_64+0x3b/0x90 [ 234.338693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.339440] RIP: 0033:0x7f4b8743ee5d [ 234.339843] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 234.341931] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 234.343111] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 234.343876] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 234.344617] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 234.345370] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 234.346128] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 234.347054] [ 234.347612] irq event stamp: 0 [ 234.348053] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.348896] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.350016] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.351185] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.352047] ---[ end trace 0000000000000000 ]--- [ 234.356996] ------------[ cut here ]------------ [ 234.357662] WARNING: CPU: 1 PID: 2234 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.359063] Modules linked in: [ 234.359536] CPU: 1 PID: 2234 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.360687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.362148] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.362852] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.365236] RSP: 0018:ffff8880219a7bd0 EFLAGS: 00010246 [ 234.365956] RAX: 0000000000000000 RBX: ffff88800cb940a8 RCX: 0000000000000000 [ 234.366935] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 234.367912] RBP: ffff8880219a7be8 R08: ffffed1001972833 R09: ffffed1001972833 [ 234.368856] R10: ffff88800cb94193 R11: ffffed1001972832 R12: ffff8880129c4400 [ 234.369790] R13: ffff88800cb941e8 R14: ffff88801495e200 R15: 0000000000000000 [ 234.370763] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.371847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.372623] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 234.373562] PKRU: 55555554 [ 234.373943] Call Trace: [ 234.374286] [ 234.374633] iommufd_access_destroy_object+0x65/0x170 [ 234.375371] iommufd_object_destroy_user+0x18e/0x220 [ 234.376059] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 234.376835] iommufd_access_destroy+0x43/0x70 [ 234.377448] iommufd_test_staccess_release+0x8d/0xd0 [ 234.378134] __fput+0x26d/0xa40 [ 234.378644] ____fput+0x1e/0x30 [ 234.379134] task_work_run+0x1a4/0x2d0 [ 234.379682] ? __pfx_task_work_run+0x10/0x10 [ 234.380277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.380932] ? switch_task_namespaces+0xa9/0xe0 [ 234.381566] do_exit+0xb17/0x2ef0 [ 234.382029] ? lock_acquire+0x427/0x4c0 [ 234.382609] ? __pfx_lock_release+0x10/0x10 [ 234.383228] ? __kasan_check_write+0x18/0x20 [ 234.383828] ? do_raw_spin_lock+0x132/0x2a0 [ 234.384406] ? __pfx_do_exit+0x10/0x10 [ 234.384940] ? debug_smp_processor_id+0x20/0x30 [ 234.385564] ? rcu_is_watching+0x19/0xb0 [ 234.386108] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.386758] ? trace_hardirqs_on+0x26/0x120 [ 234.387381] do_group_exit+0xe0/0x2b0 [ 234.387903] __x64_sys_exit_group+0x47/0x50 [ 234.388479] do_syscall_64+0x3b/0x90 [ 234.388991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.389691] RIP: 0033:0x7f4b87518a4d [ 234.390188] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.391039] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.392063] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.393028] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.393984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.395014] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.395947] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.396734] [ 234.396973] irq event stamp: 0 [ 234.397309] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.397983] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.398941] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.399847] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.400528] ---[ end trace 0000000000000000 ]--- [ 234.401459] ------------[ cut here ]------------ [ 234.401963] WARNING: CPU: 1 PID: 2234 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 234.403109] Modules linked in: [ 234.403482] CPU: 1 PID: 2234 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.404431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.405634] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 234.406183] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 234.408193] RSP: 0018:ffff8880219a7b78 EFLAGS: 00010246 [ 234.408790] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 234.409553] RDX: 0000000000000000 RSI: ffff888014aca500 RDI: 0000000000000002 [ 234.410310] RBP: ffff8880219a7b98 R08: ffffed100197283e R09: ffffed100197283e [ 234.411135] R10: ffff88800cb941ef R11: ffffed100197283d R12: ffff88800cb94290 [ 234.411894] R13: ffff88800cb940a8 R14: ffffffffffffffff R15: ffff8880219a7c60 [ 234.412653] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.413513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.414139] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 234.414968] PKRU: 55555554 [ 234.415284] Call Trace: [ 234.415560] [ 234.415800] iommufd_ioas_destroy+0x53/0x70 [ 234.416262] iommufd_fops_release+0x1f7/0x370 [ 234.416737] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.417264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.417774] ? write_comp_data+0x2f/0x90 [ 234.418213] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.418785] __fput+0x26d/0xa40 [ 234.419165] ____fput+0x1e/0x30 [ 234.419530] task_work_run+0x1a4/0x2d0 [ 234.419946] ? __pfx_task_work_run+0x10/0x10 [ 234.420404] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.420917] ? switch_task_namespaces+0xa9/0xe0 [ 234.421419] do_exit+0xb17/0x2ef0 [ 234.421787] ? lock_acquire+0x427/0x4c0 [ 234.422214] ? __pfx_lock_release+0x10/0x10 [ 234.422722] ? __kasan_check_write+0x18/0x20 [ 234.423211] ? do_raw_spin_lock+0x132/0x2a0 [ 234.423669] ? __pfx_do_exit+0x10/0x10 [ 234.424083] ? debug_smp_processor_id+0x20/0x30 [ 234.424575] ? rcu_is_watching+0x19/0xb0 [ 234.425011] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.425491] ? trace_hardirqs_on+0x26/0x120 [ 234.425958] do_group_exit+0xe0/0x2b0 [ 234.426364] __x64_sys_exit_group+0x47/0x50 [ 234.426861] do_syscall_64+0x3b/0x90 [ 234.427290] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.427852] RIP: 0033:0x7f4b87518a4d [ 234.428253] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.428893] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.429691] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.430441] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.431264] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.432027] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.432788] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.433554] [ 234.433806] irq event stamp: 0 [ 234.434144] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.434846] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.435746] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.436610] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.437275] ---[ end trace 0000000000000000 ]--- [ 234.442389] ------------[ cut here ]------------ [ 234.443149] WARNING: CPU: 1 PID: 2235 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.444240] Modules linked in: [ 234.444584] CPU: 1 PID: 2235 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.445525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.446798] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.447353] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.449327] RSP: 0018:ffff88801607fbb8 EFLAGS: 00010246 [ 234.449906] RAX: 0000000000000000 RBX: ffff888011d9c0a8 RCX: 0000000000000000 [ 234.450719] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 234.451512] RBP: ffff88801607fbd0 R08: ffffed10023b3833 R09: ffffed10023b3833 [ 234.452285] R10: ffff888011d9c193 R11: ffffed10023b3832 R12: ffff888013b22400 [ 234.453040] R13: ffff888011d9c1e8 R14: ffffffff8352e670 R15: ffff88801607fe68 [ 234.453815] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.454724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.455368] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 234.456122] PKRU: 55555554 [ 234.456424] Call Trace: [ 234.456695] [ 234.456937] __iommufd_access_detach+0x1c2/0x2b0 [ 234.457462] iommufd_access_change_pt+0x149/0x270 [ 234.457992] iommufd_access_replace+0xb4/0x120 [ 234.458550] iommufd_test+0x3e5/0x37e0 [ 234.458976] ? lock_release+0x532/0x770 [ 234.459426] ? __might_fault+0x102/0x1b0 [ 234.459864] ? lock_acquire+0x427/0x4c0 [ 234.460294] ? __pfx_iommufd_test+0x10/0x10 [ 234.460758] ? __pfx_lock_release+0x10/0x10 [ 234.461235] ? __pfx_lock_acquire+0x10/0x10 [ 234.461708] ? write_comp_data+0x2f/0x90 [ 234.462152] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.462716] ? write_comp_data+0x2f/0x90 [ 234.463194] iommufd_fops_ioctl+0x37d/0x510 [ 234.463668] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.464190] ? write_comp_data+0x2f/0x90 [ 234.464634] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.465159] __x64_sys_ioctl+0x1a3/0x230 [ 234.465608] do_syscall_64+0x3b/0x90 [ 234.466030] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.466640] RIP: 0033:0x7f4b8743ee5d [ 234.467042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 234.469012] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 234.469847] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 234.470669] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 234.471459] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 234.472235] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 234.472987] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 234.473753] [ 234.474000] irq event stamp: 0 [ 234.474337] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.475048] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.475965] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.476856] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.477536] ---[ end trace 0000000000000000 ]--- [ 234.481000] ------------[ cut here ]------------ [ 234.481547] WARNING: CPU: 1 PID: 2235 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.482856] Modules linked in: [ 234.483228] CPU: 1 PID: 2235 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.484159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.485361] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.485904] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.487911] RSP: 0018:ffff88801607fbd0 EFLAGS: 00010246 [ 234.488500] RAX: 0000000000000000 RBX: ffff888011d9c0a8 RCX: 0000000000000000 [ 234.489267] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 234.490035] RBP: ffff88801607fbe8 R08: ffffed10023b3833 R09: ffffed10023b3833 [ 234.490835] R10: ffff888011d9c193 R11: ffffed10023b3832 R12: ffff88801341d000 [ 234.491625] R13: ffff888011d9c1e8 R14: ffff88800fd32500 R15: 0000000000000000 [ 234.492404] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.493268] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.493912] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 234.494737] PKRU: 55555554 [ 234.495045] Call Trace: [ 234.495330] [ 234.495574] iommufd_access_destroy_object+0x65/0x170 [ 234.496143] iommufd_object_destroy_user+0x18e/0x220 [ 234.496706] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 234.497330] iommufd_access_destroy+0x43/0x70 [ 234.497830] iommufd_test_staccess_release+0x8d/0xd0 [ 234.498405] __fput+0x26d/0xa40 [ 234.498834] ____fput+0x1e/0x30 [ 234.499218] task_work_run+0x1a4/0x2d0 [ 234.499656] ? __pfx_task_work_run+0x10/0x10 [ 234.500138] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.500672] ? switch_task_namespaces+0xa9/0xe0 [ 234.501184] do_exit+0xb17/0x2ef0 [ 234.501556] ? lock_acquire+0x427/0x4c0 [ 234.501990] ? __pfx_lock_release+0x10/0x10 [ 234.502456] ? __kasan_check_write+0x18/0x20 [ 234.502998] ? do_raw_spin_lock+0x132/0x2a0 [ 234.503479] ? __pfx_do_exit+0x10/0x10 [ 234.503915] ? debug_smp_processor_id+0x20/0x30 [ 234.504424] ? rcu_is_watching+0x19/0xb0 [ 234.504873] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.505372] ? trace_hardirqs_on+0x26/0x120 [ 234.505845] do_group_exit+0xe0/0x2b0 [ 234.506250] __x64_sys_exit_group+0x47/0x50 [ 234.506771] do_syscall_64+0x3b/0x90 [ 234.507211] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.507777] RIP: 0033:0x7f4b87518a4d [ 234.508182] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.508841] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.509649] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.510412] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.511234] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.511999] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.512760] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.513533] [ 234.513787] irq event stamp: 0 [ 234.514119] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.514857] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.515792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.516726] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.517414] ---[ end trace 0000000000000000 ]--- [ 234.518334] ------------[ cut here ]------------ [ 234.518914] WARNING: CPU: 1 PID: 2235 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 234.520024] Modules linked in: [ 234.520379] CPU: 1 PID: 2235 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.521329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.522498] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 234.523093] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 234.525039] RSP: 0018:ffff88801607fb78 EFLAGS: 00010246 [ 234.525617] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 234.526378] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 234.527226] RBP: ffff88801607fb98 R08: ffffed10023b383e R09: ffffed10023b383e [ 234.528009] R10: ffff888011d9c1ef R11: ffffed10023b383d R12: ffff888011d9c290 [ 234.528772] R13: ffff888011d9c0a8 R14: ffffffffffffffff R15: ffff88801607fc60 [ 234.529543] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.530380] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.531030] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 234.531809] PKRU: 55555554 [ 234.532110] Call Trace: [ 234.532383] [ 234.532626] iommufd_ioas_destroy+0x53/0x70 [ 234.533100] iommufd_fops_release+0x1f7/0x370 [ 234.533580] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.534099] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.534663] ? write_comp_data+0x2f/0x90 [ 234.535099] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.535639] __fput+0x26d/0xa40 [ 234.536004] ____fput+0x1e/0x30 [ 234.536358] task_work_run+0x1a4/0x2d0 [ 234.536790] ? __pfx_task_work_run+0x10/0x10 [ 234.537269] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.537796] ? switch_task_namespaces+0xa9/0xe0 [ 234.538313] do_exit+0xb17/0x2ef0 [ 234.538749] ? lock_acquire+0x427/0x4c0 [ 234.539195] ? __pfx_lock_release+0x10/0x10 [ 234.539663] ? __kasan_check_write+0x18/0x20 [ 234.540131] ? do_raw_spin_lock+0x132/0x2a0 [ 234.540589] ? __pfx_do_exit+0x10/0x10 [ 234.541006] ? debug_smp_processor_id+0x20/0x30 [ 234.541499] ? rcu_is_watching+0x19/0xb0 [ 234.541932] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.542418] ? trace_hardirqs_on+0x26/0x120 [ 234.542926] do_group_exit+0xe0/0x2b0 [ 234.543348] __x64_sys_exit_group+0x47/0x50 [ 234.543810] do_syscall_64+0x3b/0x90 [ 234.544217] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.544772] RIP: 0033:0x7f4b87518a4d [ 234.545164] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.545810] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.546666] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.547432] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.548185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.548932] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.549678] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.550436] [ 234.550735] irq event stamp: 0 [ 234.551080] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.551770] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.552646] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.553525] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.554199] ---[ end trace 0000000000000000 ]--- [ 234.560884] ------------[ cut here ]------------ [ 234.561576] WARNING: CPU: 0 PID: 2236 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.563053] Modules linked in: [ 234.563520] CPU: 0 PID: 2236 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.565166] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.566692] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.567390] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.569760] RSP: 0018:ffff8880219a7bb8 EFLAGS: 00010246 [ 234.570464] RAX: 0000000000000000 RBX: ffff8880172088a8 RCX: 0000000000000000 [ 234.571468] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 234.572404] RBP: ffff8880219a7bd0 R08: ffffed1002e41133 R09: ffffed1002e41133 [ 234.573342] R10: ffff888017208993 R11: ffffed1002e41132 R12: ffff88800fcb2400 [ 234.574270] R13: ffff8880172089e8 R14: ffffffff8352e670 R15: ffff8880219a7e68 [ 234.575263] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 234.576318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.577078] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ef0 [ 234.578010] PKRU: 55555554 [ 234.578429] Call Trace: [ 234.578774] [ 234.579017] __iommufd_access_detach+0x1c2/0x2b0 [ 234.579548] iommufd_access_change_pt+0x149/0x270 [ 234.580052] iommufd_access_replace+0xb4/0x120 [ 234.580539] iommufd_test+0x3e5/0x37e0 [ 234.580942] ? lock_release+0x532/0x770 [ 234.581368] ? __might_fault+0x102/0x1b0 [ 234.581801] ? lock_acquire+0x427/0x4c0 [ 234.582229] ? __pfx_iommufd_test+0x10/0x10 [ 234.582715] ? __pfx_lock_release+0x10/0x10 [ 234.583188] ? __pfx_lock_acquire+0x10/0x10 [ 234.583644] ? write_comp_data+0x2f/0x90 [ 234.584086] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.584606] ? write_comp_data+0x2f/0x90 [ 234.585046] iommufd_fops_ioctl+0x37d/0x510 [ 234.585515] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.586043] ? write_comp_data+0x2f/0x90 [ 234.586489] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.586909] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 234.587052] __x64_sys_ioctl+0x1a3/0x230 [ 234.589767] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 234.590173] do_syscall_64+0x3b/0x90 [ 234.592450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.593012] RIP: 0033:0x7f4b8743ee5d [ 234.593400] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 234.595329] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 234.596124] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 234.596880] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 234.597643] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 234.598390] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 234.599200] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 234.599963] [ 234.600210] irq event stamp: 0 [ 234.600543] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.601206] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.602085] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.603011] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.603693] ---[ end trace 0000000000000000 ]--- [ 234.607650] ------------[ cut here ]------------ [ 234.608192] WARNING: CPU: 0 PID: 2236 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.609688] Modules linked in: [ 234.610031] CPU: 0 PID: 2236 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.610999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.612178] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.612710] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.615156] RSP: 0018:ffff8880219a7bd0 EFLAGS: 00010246 [ 234.615729] RAX: 0000000000000000 RBX: ffff8880172088a8 RCX: 0000000000000000 [ 234.616464] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 234.617209] RBP: ffff8880219a7be8 R08: ffffed1002e41133 R09: ffffed1002e41133 [ 234.617962] R10: ffff888017208993 R11: ffffed1002e41132 R12: ffff888014581000 [ 234.618740] R13: ffff8880172089e8 R14: ffff888013444f00 R15: 0000000000000000 [ 234.619507] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 234.620342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.620947] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 234.621708] PKRU: 55555554 [ 234.622016] Call Trace: [ 234.622288] [ 234.622574] iommufd_access_destroy_object+0x65/0x170 [ 234.623162] iommufd_object_destroy_user+0x18e/0x220 [ 234.623708] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 234.624319] iommufd_access_destroy+0x43/0x70 [ 234.624799] iommufd_test_staccess_release+0x8d/0xd0 [ 234.625342] __fput+0x26d/0xa40 [ 234.625706] ____fput+0x1e/0x30 [ 234.626059] task_work_run+0x1a4/0x2d0 [ 234.626473] ? __pfx_task_work_run+0x10/0x10 [ 234.626969] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.627509] ? switch_task_namespaces+0xa9/0xe0 [ 234.628015] do_exit+0xb17/0x2ef0 [ 234.628385] ? lock_acquire+0x427/0x4c0 [ 234.628823] ? __pfx_lock_release+0x10/0x10 [ 234.629303] ? __kasan_check_write+0x18/0x20 [ 234.629785] ? do_raw_spin_lock+0x132/0x2a0 [ 234.630246] ? __pfx_do_exit+0x10/0x10 [ 234.630725] ? debug_smp_processor_id+0x20/0x30 [ 234.631256] ? rcu_is_watching+0x19/0xb0 [ 234.631774] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.632458] ? trace_hardirqs_on+0x26/0x120 [ 234.633155] do_group_exit+0xe0/0x2b0 [ 234.633568] __x64_sys_exit_group+0x47/0x50 [ 234.634024] do_syscall_64+0x3b/0x90 [ 234.634433] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.635029] RIP: 0033:0x7f4b87518a4d [ 234.635446] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.636088] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.636881] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.637618] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.638360] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.639182] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.639932] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.640820] [ 234.641286] irq event stamp: 0 [ 234.641632] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.642315] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.643274] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.644170] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.644858] ---[ end trace 0000000000000000 ]--- [ 234.645957] ------------[ cut here ]------------ [ 234.646483] WARNING: CPU: 0 PID: 2236 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 234.647684] Modules linked in: [ 234.648041] CPU: 0 PID: 2236 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.648987] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.650581] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 234.651333] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 234.653299] RSP: 0018:ffff8880219a7b78 EFLAGS: 00010246 [ 234.653883] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 234.654690] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 234.655482] RBP: ffff8880219a7b98 R08: ffffed1002e4113e R09: ffffed1002e4113e [ 234.656254] R10: ffff8880172089ef R11: ffffed1002e4113d R12: ffff888017208a90 [ 234.657023] R13: ffff8880172088a8 R14: ffffffffffffffff R15: ffff8880219a7c60 [ 234.657794] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 234.658705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.659356] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 234.660127] PKRU: 55555554 [ 234.660436] Call Trace: [ 234.660715] [ 234.660966] iommufd_ioas_destroy+0x53/0x70 [ 234.661509] iommufd_fops_release+0x1f7/0x370 [ 234.662661] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.663419] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.664109] ? write_comp_data+0x2f/0x90 [ 234.664681] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.665363] __fput+0x26d/0xa40 [ 234.665839] ____fput+0x1e/0x30 [ 234.666307] task_work_run+0x1a4/0x2d0 [ 234.666908] ? __pfx_task_work_run+0x10/0x10 [ 234.667565] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.668252] ? switch_task_namespaces+0xa9/0xe0 [ 234.668914] do_exit+0xb17/0x2ef0 [ 234.669398] ? lock_acquire+0x427/0x4c0 [ 234.669965] ? __pfx_lock_release+0x10/0x10 [ 234.670621] ? __kasan_check_write+0x18/0x20 [ 234.671448] ? do_raw_spin_lock+0x132/0x2a0 [ 234.671942] ? __pfx_do_exit+0x10/0x10 [ 234.672363] ? debug_smp_processor_id+0x20/0x30 [ 234.672852] ? rcu_is_watching+0x19/0xb0 [ 234.673281] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.673753] ? trace_hardirqs_on+0x26/0x120 [ 234.674214] do_group_exit+0xe0/0x2b0 [ 234.674699] __x64_sys_exit_group+0x47/0x50 [ 234.675189] do_syscall_64+0x3b/0x90 [ 234.675596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.676166] RIP: 0033:0x7f4b87518a4d [ 234.676559] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.677204] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.678012] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.678811] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.679593] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.680359] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.681116] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.681887] [ 234.682146] irq event stamp: 0 [ 234.682485] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.683233] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.684143] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.685049] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.685729] ---[ end trace 0000000000000000 ]--- [ 234.697424] ------------[ cut here ]------------ [ 234.698370] WARNING: CPU: 1 PID: 2238 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.699850] Modules linked in: [ 234.700384] CPU: 1 PID: 2238 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.701645] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.703481] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.704169] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.706824] RSP: 0018:ffff888012e07bb8 EFLAGS: 00010246 [ 234.707569] RAX: 0000000000000000 RBX: ffff8880187f08a8 RCX: 0000000000000000 [ 234.708703] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 234.709671] RBP: ffff888012e07bd0 R08: ffffed10030fe133 R09: ffffed10030fe133 [ 234.710867] R10: ffff8880187f0993 R11: ffffed10030fe132 R12: ffff888020956400 [ 234.711854] R13: ffff8880187f09e8 R14: ffffffff8352e670 R15: ffff888012e07e68 [ 234.712825] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.714083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.714903] CR2: 00007f4b877410e8 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 234.715999] PKRU: 55555554 [ 234.716465] Call Trace: [ 234.716818] [ 234.717134] __iommufd_access_detach+0x1c2/0x2b0 [ 234.717806] iommufd_access_change_pt+0x149/0x270 [ 234.718693] iommufd_access_replace+0xb4/0x120 [ 234.719354] iommufd_test+0x3e5/0x37e0 [ 234.719890] ? lock_release+0x532/0x770 [ 234.720455] ? __might_fault+0x102/0x1b0 [ 234.721186] ? lock_acquire+0x427/0x4c0 [ 234.721749] ? __pfx_iommufd_test+0x10/0x10 [ 234.722338] ? __pfx_lock_release+0x10/0x10 [ 234.722981] ? __pfx_lock_acquire+0x10/0x10 [ 234.723760] ? write_comp_data+0x2f/0x90 [ 234.724338] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.725012] ? write_comp_data+0x2f/0x90 [ 234.725645] iommufd_fops_ioctl+0x37d/0x510 [ 234.726330] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.727045] ? write_comp_data+0x2f/0x90 [ 234.727683] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.728572] __x64_sys_ioctl+0x1a3/0x230 [ 234.729166] do_syscall_64+0x3b/0x90 [ 234.729693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.730446] RIP: 0033:0x7f4b8743ee5d [ 234.731115] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 234.733583] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 234.734832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 234.735834] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 234.736802] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 234.737958] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 234.738974] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 234.739966] [ 234.740431] irq event stamp: 0 [ 234.740868] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.741729] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.743092] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.744250] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.745109] ---[ end trace 0000000000000000 ]--- [ 234.750909] ------------[ cut here ]------------ [ 234.751630] WARNING: CPU: 1 PID: 2238 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.753210] Modules linked in: [ 234.753655] CPU: 1 PID: 2238 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.754909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.756630] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.757319] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.759872] RSP: 0018:ffff888012e07bd0 EFLAGS: 00010246 [ 234.760612] RAX: 0000000000000000 RBX: ffff8880187f08a8 RCX: 0000000000000000 [ 234.761576] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 234.762598] RBP: ffff888012e07be8 R08: ffffed10030fe133 R09: ffffed10030fe133 [ 234.763580] R10: ffff8880187f0993 R11: ffffed10030fe132 R12: ffff888013b22000 [ 234.764547] R13: ffff8880187f09e8 R14: ffff888010f94000 R15: 0000000000000000 [ 234.765511] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.766647] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.767470] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 234.768439] PKRU: 55555554 [ 234.768832] Call Trace: [ 234.769186] [ 234.769507] iommufd_access_destroy_object+0x65/0x170 [ 234.770225] iommufd_object_destroy_user+0x18e/0x220 [ 234.770986] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 234.771806] iommufd_access_destroy+0x43/0x70 [ 234.772442] iommufd_test_staccess_release+0x8d/0xd0 [ 234.773162] __fput+0x26d/0xa40 [ 234.773646] ____fput+0x1e/0x30 [ 234.774125] task_work_run+0x1a4/0x2d0 [ 234.774730] ? __pfx_task_work_run+0x10/0x10 [ 234.775372] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.776047] ? switch_task_namespaces+0xa9/0xe0 [ 234.776707] do_exit+0xb17/0x2ef0 [ 234.777190] ? lock_acquire+0x427/0x4c0 [ 234.777759] ? __pfx_lock_release+0x10/0x10 [ 234.778367] ? __kasan_check_write+0x18/0x20 [ 234.779053] ? do_raw_spin_lock+0x132/0x2a0 [ 234.779674] ? __pfx_do_exit+0x10/0x10 [ 234.780231] ? debug_smp_processor_id+0x20/0x30 [ 234.780877] ? rcu_is_watching+0x19/0xb0 [ 234.781441] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.782074] ? trace_hardirqs_on+0x26/0x120 [ 234.782726] do_group_exit+0xe0/0x2b0 [ 234.783283] __x64_sys_exit_group+0x47/0x50 [ 234.783875] do_syscall_64+0x3b/0x90 [ 234.784406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.785127] RIP: 0033:0x7f4b87518a4d [ 234.785766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.786746] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.787794] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.788950] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.789918] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.790945] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.792132] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.793166] [ 234.793509] irq event stamp: 0 [ 234.794020] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.795088] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.796314] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.797701] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.798661] ---[ end trace 0000000000000000 ]--- [ 234.800109] ------------[ cut here ]------------ [ 234.800794] WARNING: CPU: 1 PID: 2238 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 234.802408] Modules linked in: [ 234.802970] CPU: 1 PID: 2238 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.804237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.806023] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 234.806961] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 234.809794] RSP: 0018:ffff888012e07b78 EFLAGS: 00010246 [ 234.810634] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 234.811871] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 234.812892] RBP: ffff888012e07b98 R08: ffffed10030fe13e R09: ffffed10030fe13e [ 234.814028] R10: ffff8880187f09ef R11: ffffed10030fe13d R12: ffff8880187f0a90 [ 234.815206] R13: ffff8880187f08a8 R14: ffffffffffffffff R15: ffff888012e07c60 [ 234.816246] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.817594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.818424] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 234.819638] PKRU: 55555554 [ 234.820062] Call Trace: [ 234.820435] [ 234.820766] iommufd_ioas_destroy+0x53/0x70 [ 234.821396] iommufd_fops_release+0x1f7/0x370 [ 234.822062] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.822977] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.823723] ? write_comp_data+0x2f/0x90 [ 234.824327] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.825087] __fput+0x26d/0xa40 [ 234.825717] ____fput+0x1e/0x30 [ 234.826211] task_work_run+0x1a4/0x2d0 [ 234.826853] ? __pfx_task_work_run+0x10/0x10 [ 234.827528] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.828427] ? switch_task_namespaces+0xa9/0xe0 [ 234.829127] do_exit+0xb17/0x2ef0 [ 234.829650] ? lock_acquire+0x427/0x4c0 [ 234.830258] ? __pfx_lock_release+0x10/0x10 [ 234.831233] ? __kasan_check_write+0x18/0x20 [ 234.831911] ? do_raw_spin_lock+0x132/0x2a0 [ 234.832563] ? __pfx_do_exit+0x10/0x10 [ 234.833150] ? debug_smp_processor_id+0x20/0x30 [ 234.833961] ? rcu_is_watching+0x19/0xb0 [ 234.834688] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.835369] ? trace_hardirqs_on+0x26/0x120 [ 234.836004] do_group_exit+0xe0/0x2b0 [ 234.836599] __x64_sys_exit_group+0x47/0x50 [ 234.837380] do_syscall_64+0x3b/0x90 [ 234.837933] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.838743] RIP: 0033:0x7f4b87518a4d [ 234.839313] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.840412] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.841488] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.842674] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.843812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.844817] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.846028] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.847099] [ 234.847459] irq event stamp: 0 [ 234.847912] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.849015] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.850197] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.851677] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.852583] ---[ end trace 0000000000000000 ]--- [ 234.860315] ------------[ cut here ]------------ [ 234.861072] WARNING: CPU: 1 PID: 2239 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.862888] Modules linked in: [ 234.863393] CPU: 1 PID: 2239 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.864853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.866446] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.867477] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.870421] RSP: 0018:ffff888015b37bb8 EFLAGS: 00010246 [ 234.871254] RAX: 0000000000000000 RBX: ffff8880140698a8 RCX: 0000000000000000 [ 234.872216] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 234.873441] RBP: ffff888015b37bd0 R08: ffffed100280d333 R09: ffffed100280d333 [ 234.874407] R10: ffff888014069993 R11: ffffed100280d332 R12: ffff8880129c5400 [ 234.875577] R13: ffff8880140699e8 R14: ffffffff8352e670 R15: ffff888015b37e68 [ 234.876570] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 234.877665] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.878454] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 234.879487] PKRU: 55555554 [ 234.879889] Call Trace: [ 234.880248] [ 234.880572] __iommufd_access_detach+0x1c2/0x2b0 [ 234.881251] iommufd_access_change_pt+0x149/0x270 [ 234.881931] iommufd_access_replace+0xb4/0x120 [ 234.882636] iommufd_test+0x3e5/0x37e0 [ 234.883203] ? lock_release+0x532/0x770 [ 234.883778] ? __might_fault+0x102/0x1b0 [ 234.884350] ? lock_acquire+0x427/0x4c0 [ 234.884917] ? __pfx_iommufd_test+0x10/0x10 [ 234.885509] ? __pfx_lock_release+0x10/0x10 [ 234.886116] ? __pfx_lock_acquire+0x10/0x10 [ 234.886791] ? write_comp_data+0x2f/0x90 [ 234.887391] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.888069] ? write_comp_data+0x2f/0x90 [ 234.888648] iommufd_fops_ioctl+0x37d/0x510 [ 234.889250] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.889925] ? write_comp_data+0x2f/0x90 [ 234.890500] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.891244] __x64_sys_ioctl+0x1a3/0x230 [ 234.891839] do_syscall_64+0x3b/0x90 [ 234.892375] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.893102] RIP: 0033:0x7f4b8743ee5d [ 234.893623] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 234.896181] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 234.897223] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 234.898188] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 234.899226] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 234.900204] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 234.901168] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 234.902156] [ 234.902479] irq event stamp: 0 [ 234.902954] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.903812] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.904909] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.906004] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.906876] ---[ end trace 0000000000000000 ]--- [ 234.910684] ------------[ cut here ]------------ [ 234.911284] WARNING: CPU: 0 PID: 2239 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.912356] Modules linked in: [ 234.912696] CPU: 0 PID: 2239 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.913623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.914992] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.915550] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.917508] RSP: 0018:ffff888015b37bd0 EFLAGS: 00010246 [ 234.918081] RAX: 0000000000000000 RBX: ffff8880140698a8 RCX: 0000000000000000 [ 234.918900] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 234.919681] RBP: ffff888015b37be8 R08: ffffed100280d333 R09: ffffed100280d333 [ 234.920442] R10: ffff888014069993 R11: ffffed100280d332 R12: ffff888020954800 [ 234.921205] R13: ffff8880140699e8 R14: ffff88800fd15d00 R15: 0000000000000000 [ 234.921977] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 234.922877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.923517] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 234.924280] PKRU: 55555554 [ 234.924585] Call Trace: [ 234.924860] [ 234.925101] iommufd_access_destroy_object+0x65/0x170 [ 234.925662] iommufd_object_destroy_user+0x18e/0x220 [ 234.926227] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 234.926917] iommufd_access_destroy+0x43/0x70 [ 234.927435] iommufd_test_staccess_release+0x8d/0xd0 [ 234.927998] __fput+0x26d/0xa40 [ 234.928369] ____fput+0x1e/0x30 [ 234.928732] task_work_run+0x1a4/0x2d0 [ 234.929157] ? __pfx_task_work_run+0x10/0x10 [ 234.929633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.930153] ? switch_task_namespaces+0xa9/0xe0 [ 234.930719] do_exit+0xb17/0x2ef0 [ 234.931091] ? lock_acquire+0x427/0x4c0 [ 234.931535] ? __pfx_lock_release+0x10/0x10 [ 234.932008] ? __kasan_check_write+0x18/0x20 [ 234.932486] ? do_raw_spin_lock+0x132/0x2a0 [ 234.932951] ? __pfx_do_exit+0x10/0x10 [ 234.933378] ? debug_smp_processor_id+0x20/0x30 [ 234.933891] ? rcu_is_watching+0x19/0xb0 [ 234.934336] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.934875] ? trace_hardirqs_on+0x26/0x120 [ 234.935382] do_group_exit+0xe0/0x2b0 [ 234.935798] __x64_sys_exit_group+0x47/0x50 [ 234.936263] do_syscall_64+0x3b/0x90 [ 234.936684] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.937254] RIP: 0033:0x7f4b87518a4d [ 234.937655] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.938316] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.939180] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.939942] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.940696] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.941457] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.942228] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.943034] [ 234.943306] irq event stamp: 0 [ 234.943650] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.944338] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.945227] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.946123] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.946863] ---[ end trace 0000000000000000 ]--- [ 234.947819] ------------[ cut here ]------------ [ 234.948324] WARNING: CPU: 0 PID: 2239 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 234.949416] Modules linked in: [ 234.949766] CPU: 0 PID: 2239 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.950730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.951940] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 234.952497] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 234.954446] RSP: 0018:ffff888015b37b78 EFLAGS: 00010246 [ 234.955051] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 234.955834] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 234.956604] RBP: ffff888015b37b98 R08: ffffed100280d33e R09: ffffed100280d33e [ 234.957369] R10: ffff8880140699ef R11: ffffed100280d33d R12: ffff888014069a90 [ 234.958141] R13: ffff8880140698a8 R14: ffffffffffffffff R15: ffff888015b37c60 [ 234.958945] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 234.959829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 234.960452] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 234.961217] PKRU: 55555554 [ 234.961520] Call Trace: [ 234.961799] [ 234.962043] iommufd_ioas_destroy+0x53/0x70 [ 234.962566] iommufd_fops_release+0x1f7/0x370 [ 234.963053] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.963616] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.964146] ? write_comp_data+0x2f/0x90 [ 234.964608] ? __pfx_iommufd_fops_release+0x10/0x10 [ 234.965150] __fput+0x26d/0xa40 [ 234.965524] ____fput+0x1e/0x30 [ 234.965883] task_work_run+0x1a4/0x2d0 [ 234.966305] ? __pfx_task_work_run+0x10/0x10 [ 234.966818] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 234.967369] ? switch_task_namespaces+0xa9/0xe0 [ 234.967895] do_exit+0xb17/0x2ef0 [ 234.968268] ? lock_acquire+0x427/0x4c0 [ 234.968701] ? __pfx_lock_release+0x10/0x10 [ 234.969177] ? __kasan_check_write+0x18/0x20 [ 234.969656] ? do_raw_spin_lock+0x132/0x2a0 [ 234.970122] ? __pfx_do_exit+0x10/0x10 [ 234.970601] ? debug_smp_processor_id+0x20/0x30 [ 234.971105] ? rcu_is_watching+0x19/0xb0 [ 234.971570] ? _raw_spin_unlock_irq+0x2b/0x60 [ 234.972058] ? trace_hardirqs_on+0x26/0x120 [ 234.972529] do_group_exit+0xe0/0x2b0 [ 234.972943] __x64_sys_exit_group+0x47/0x50 [ 234.973404] do_syscall_64+0x3b/0x90 [ 234.973817] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 234.974383] RIP: 0033:0x7f4b87518a4d [ 234.974816] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 234.975489] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 234.976304] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 234.977061] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 234.977815] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 234.978603] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 234.979383] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 234.980148] [ 234.980406] irq event stamp: 0 [ 234.980752] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 234.981435] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 234.982322] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 234.983249] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 234.983919] ---[ end trace 0000000000000000 ]--- [ 234.989775] ------------[ cut here ]------------ [ 234.990365] WARNING: CPU: 0 PID: 2240 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 234.991650] Modules linked in: [ 234.992005] CPU: 0 PID: 2240 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 234.992950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 234.994144] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 234.994699] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 234.996656] RSP: 0018:ffff888012e07bb8 EFLAGS: 00010246 [ 234.997225] RAX: 0000000000000000 RBX: ffff888015a720a8 RCX: 0000000000000000 [ 234.997987] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 234.998777] RBP: ffff888012e07bd0 R08: ffffed1002b4e433 R09: ffffed1002b4e433 [ 234.999555] R10: ffff888015a72193 R11: ffffed1002b4e432 R12: ffff88800f134800 [ 235.000319] R13: ffff888015a721e8 R14: ffffffff8352e670 R15: ffff888012e07e68 [ 235.001082] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 235.001934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.002595] CR2: 0000000020000140 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 235.003379] PKRU: 55555554 [ 235.003690] Call Trace: [ 235.003960] [ 235.004203] __iommufd_access_detach+0x1c2/0x2b0 [ 235.004730] iommufd_access_change_pt+0x149/0x270 [ 235.005252] iommufd_access_replace+0xb4/0x120 [ 235.005749] iommufd_test+0x3e5/0x37e0 [ 235.006166] ? lock_release+0x532/0x770 [ 235.006635] ? __might_fault+0x102/0x1b0 [ 235.007082] ? lock_acquire+0x427/0x4c0 [ 235.007528] ? __pfx_iommufd_test+0x10/0x10 [ 235.007998] ? __pfx_lock_release+0x10/0x10 [ 235.008466] ? __pfx_lock_acquire+0x10/0x10 [ 235.008942] ? write_comp_data+0x2f/0x90 [ 235.009384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.009914] ? write_comp_data+0x2f/0x90 [ 235.010369] iommufd_fops_ioctl+0x37d/0x510 [ 235.010865] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.011407] ? write_comp_data+0x2f/0x90 [ 235.011864] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.012398] __x64_sys_ioctl+0x1a3/0x230 [ 235.012853] do_syscall_64+0x3b/0x90 [ 235.013267] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.013822] RIP: 0033:0x7f4b8743ee5d [ 235.014228] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 235.016245] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 235.017059] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 235.017818] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 235.018605] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 235.019385] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 235.020158] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 235.020938] [ 235.021192] irq event stamp: 0 [ 235.021530] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.022203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.023145] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.024044] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.024730] ---[ end trace 0000000000000000 ]--- [ 235.028163] ------------[ cut here ]------------ [ 235.028703] WARNING: CPU: 0 PID: 2240 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.029780] Modules linked in: [ 235.030122] CPU: 0 PID: 2240 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.031411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.032620] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.033154] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.035111] RSP: 0018:ffff888012e07bd0 EFLAGS: 00010246 [ 235.035719] RAX: 0000000000000000 RBX: ffff888015a720a8 RCX: 0000000000000000 [ 235.036493] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 235.037255] RBP: ffff888012e07be8 R08: ffffed1002b4e433 R09: ffffed1002b4e433 [ 235.038026] R10: ffff888015a72193 R11: ffffed1002b4e432 R12: ffff88800fcb1400 [ 235.038831] R13: ffff888015a721e8 R14: ffff88800f90b500 R15: 0000000000000000 [ 235.039611] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 235.040469] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.041087] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 235.041837] PKRU: 55555554 [ 235.042140] Call Trace: [ 235.042411] [ 235.042694] iommufd_access_destroy_object+0x65/0x170 [ 235.043301] iommufd_object_destroy_user+0x18e/0x220 [ 235.043857] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 235.044485] iommufd_access_destroy+0x43/0x70 [ 235.044985] iommufd_test_staccess_release+0x8d/0xd0 [ 235.045541] __fput+0x26d/0xa40 [ 235.045913] ____fput+0x1e/0x30 [ 235.046272] task_work_run+0x1a4/0x2d0 [ 235.046731] ? __pfx_task_work_run+0x10/0x10 [ 235.047211] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.047736] ? switch_task_namespaces+0xa9/0xe0 [ 235.048241] do_exit+0xb17/0x2ef0 [ 235.048618] ? lock_acquire+0x427/0x4c0 [ 235.049059] ? __pfx_lock_release+0x10/0x10 [ 235.049532] ? __kasan_check_write+0x18/0x20 [ 235.050016] ? do_raw_spin_lock+0x132/0x2a0 [ 235.050489] ? __pfx_do_exit+0x10/0x10 [ 235.050959] ? debug_smp_processor_id+0x20/0x30 [ 235.051486] ? rcu_is_watching+0x19/0xb0 [ 235.051927] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.052419] ? trace_hardirqs_on+0x26/0x120 [ 235.052890] do_group_exit+0xe0/0x2b0 [ 235.053298] __x64_sys_exit_group+0x47/0x50 [ 235.053756] do_syscall_64+0x3b/0x90 [ 235.054161] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.054750] RIP: 0033:0x7f4b87518a4d [ 235.055169] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.055832] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.056639] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.057398] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.058156] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.058955] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.059737] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.060513] [ 235.060766] irq event stamp: 0 [ 235.061120] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.061803] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.062739] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.063658] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.064331] ---[ end trace 0000000000000000 ]--- [ 235.065349] ------------[ cut here ]------------ [ 235.065861] WARNING: CPU: 0 PID: 2240 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 235.067070] Modules linked in: [ 235.067446] CPU: 0 PID: 2240 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.068397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.069590] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 235.070141] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 235.072132] RSP: 0018:ffff888012e07b78 EFLAGS: 00010246 [ 235.072702] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 235.073461] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 235.074219] RBP: ffff888012e07b98 R08: ffffed1002b4e43e R09: ffffed1002b4e43e [ 235.075045] R10: ffff888015a721ef R11: ffffed1002b4e43d R12: ffff888015a72290 [ 235.075807] R13: ffff888015a720a8 R14: ffffffffffffffff R15: ffff888012e07c60 [ 235.076561] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 235.077415] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.078035] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 235.078816] PKRU: 55555554 [ 235.079135] Call Trace: [ 235.079412] [ 235.079660] iommufd_ioas_destroy+0x53/0x70 [ 235.080141] iommufd_fops_release+0x1f7/0x370 [ 235.080626] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.081165] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.081694] ? write_comp_data+0x2f/0x90 [ 235.082139] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.082709] __fput+0x26d/0xa40 [ 235.083080] ____fput+0x1e/0x30 [ 235.083452] task_work_run+0x1a4/0x2d0 [ 235.083891] ? __pfx_task_work_run+0x10/0x10 [ 235.084368] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.084894] ? switch_task_namespaces+0xa9/0xe0 [ 235.085400] do_exit+0xb17/0x2ef0 [ 235.085780] ? lock_acquire+0x427/0x4c0 [ 235.086220] ? __pfx_lock_release+0x10/0x10 [ 235.086709] ? __kasan_check_write+0x18/0x20 [ 235.087216] ? do_raw_spin_lock+0x132/0x2a0 [ 235.087706] ? __pfx_do_exit+0x10/0x10 [ 235.088143] ? debug_smp_processor_id+0x20/0x30 [ 235.088657] ? rcu_is_watching+0x19/0xb0 [ 235.089101] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.089598] ? trace_hardirqs_on+0x26/0x120 [ 235.090070] do_group_exit+0xe0/0x2b0 [ 235.090489] __x64_sys_exit_group+0x47/0x50 [ 235.090988] do_syscall_64+0x3b/0x90 [ 235.091430] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.091998] RIP: 0033:0x7f4b87518a4d [ 235.092397] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.093065] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.093882] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.094669] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.095453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.096225] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.096985] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.097917] [ 235.098266] irq event stamp: 0 [ 235.098878] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.099577] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.100480] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.101373] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.102048] ---[ end trace 0000000000000000 ]--- [ 235.107616] ------------[ cut here ]------------ [ 235.108163] WARNING: CPU: 0 PID: 2241 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.109234] Modules linked in: [ 235.109576] CPU: 0 PID: 2241 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.110651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.111991] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.112539] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.114485] RSP: 0018:ffff888015b37bb8 EFLAGS: 00010246 [ 235.115115] RAX: 0000000000000000 RBX: ffff88800cb918a8 RCX: 0000000000000000 [ 235.115918] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 235.116681] RBP: ffff888015b37bd0 R08: ffffed1001972333 R09: ffffed1001972333 [ 235.117448] R10: ffff88800cb91993 R11: ffffed1001972332 R12: ffff888014393000 [ 235.118219] R13: ffff88800cb919e8 R14: ffffffff8352e670 R15: ffff888015b37e68 [ 235.119027] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 235.119914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.120541] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ef0 [ 235.121312] PKRU: 55555554 [ 235.121630] Call Trace: [ 235.121910] [ 235.122163] __iommufd_access_detach+0x1c2/0x2b0 [ 235.122753] iommufd_access_change_pt+0x149/0x270 [ 235.123306] iommufd_access_replace+0xb4/0x120 [ 235.123815] iommufd_test+0x3e5/0x37e0 [ 235.124247] ? lock_release+0x532/0x770 [ 235.124696] ? __might_fault+0x102/0x1b0 [ 235.125148] ? lock_acquire+0x427/0x4c0 [ 235.125583] ? __pfx_iommufd_test+0x10/0x10 [ 235.126047] ? __pfx_lock_release+0x10/0x10 [ 235.126558] ? __pfx_lock_acquire+0x10/0x10 [ 235.127037] ? write_comp_data+0x2f/0x90 [ 235.127503] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.128033] ? write_comp_data+0x2f/0x90 [ 235.128484] iommufd_fops_ioctl+0x37d/0x510 [ 235.128970] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.129509] ? write_comp_data+0x2f/0x90 [ 235.129963] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.130493] __x64_sys_ioctl+0x1a3/0x230 [ 235.130986] do_syscall_64+0x3b/0x90 [ 235.131424] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.131991] RIP: 0033:0x7f4b8743ee5d [ 235.132397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 235.134372] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 235.135243] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 235.136007] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 235.136772] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 235.137525] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 235.138274] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 235.139066] [ 235.139331] irq event stamp: 0 [ 235.139673] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.140350] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.141246] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.142141] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.142851] ---[ end trace 0000000000000000 ]--- [ 235.148857] ------------[ cut here ]------------ [ 235.149708] WARNING: CPU: 1 PID: 2241 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.151223] Modules linked in: [ 235.151874] CPU: 1 PID: 2241 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.153075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.154897] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.155632] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.158286] RSP: 0018:ffff888015b37bd0 EFLAGS: 00010246 [ 235.159102] RAX: 0000000000000000 RBX: ffff88800cb918a8 RCX: 0000000000000000 [ 235.160318] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 235.161290] RBP: ffff888015b37be8 R08: ffffed1001972333 R09: ffffed1001972333 [ 235.162297] R10: ffff88800cb91993 R11: ffffed1001972332 R12: ffff88800f136c00 [ 235.163523] R13: ffff88800cb919e8 R14: ffff888010f94800 R15: 0000000000000000 [ 235.164508] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.165804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.166671] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 235.167736] PKRU: 55555554 [ 235.168267] Call Trace: [ 235.168627] [ 235.168950] iommufd_access_destroy_object+0x65/0x170 [ 235.169680] iommufd_object_destroy_user+0x18e/0x220 [ 235.170689] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 235.171536] iommufd_access_destroy+0x43/0x70 [ 235.172178] iommufd_test_staccess_release+0x8d/0xd0 [ 235.172895] __fput+0x26d/0xa40 [ 235.173603] ____fput+0x1e/0x30 [ 235.174083] task_work_run+0x1a4/0x2d0 [ 235.174710] ? __pfx_task_work_run+0x10/0x10 [ 235.175358] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.176163] ? switch_task_namespaces+0xa9/0xe0 [ 235.176937] do_exit+0xb17/0x2ef0 [ 235.177421] ? lock_acquire+0x427/0x4c0 [ 235.177988] ? __pfx_lock_release+0x10/0x10 [ 235.178776] ? __kasan_check_write+0x18/0x20 [ 235.179423] ? do_raw_spin_lock+0x132/0x2a0 [ 235.180025] ? __pfx_do_exit+0x10/0x10 [ 235.180587] ? debug_smp_processor_id+0x20/0x30 [ 235.181310] ? rcu_is_watching+0x19/0xb0 [ 235.182000] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.182796] ? trace_hardirqs_on+0x26/0x120 [ 235.183435] do_group_exit+0xe0/0x2b0 [ 235.183969] __x64_sys_exit_group+0x47/0x50 [ 235.184783] do_syscall_64+0x3b/0x90 [ 235.185319] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.186048] RIP: 0033:0x7f4b87518a4d [ 235.186636] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.187726] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.188764] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.189810] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.190950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.191935] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.193116] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.194100] [ 235.194428] irq event stamp: 0 [ 235.194931] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.196031] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.197176] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.198582] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.199481] ---[ end trace 0000000000000000 ]--- [ 235.201059] ------------[ cut here ]------------ [ 235.201840] WARNING: CPU: 1 PID: 2241 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 235.203508] Modules linked in: [ 235.204004] CPU: 1 PID: 2241 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.205360] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.207106] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 235.207859] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 235.210603] RSP: 0018:ffff888015b37b78 EFLAGS: 00010246 [ 235.211352] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 235.212330] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 235.213485] RBP: ffff888015b37b98 R08: ffffed100197233e R09: ffffed100197233e [ 235.214472] R10: ffff88800cb919ef R11: ffffed100197233d R12: ffff88800cb91a90 [ 235.215771] R13: ffff88800cb918a8 R14: ffffffffffffffff R15: ffff888015b37c60 [ 235.216757] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.217861] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.218971] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 235.219970] PKRU: 55555554 [ 235.220369] Call Trace: [ 235.220735] [ 235.221106] iommufd_ioas_destroy+0x53/0x70 [ 235.221859] iommufd_fops_release+0x1f7/0x370 [ 235.222493] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.223293] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.224017] ? write_comp_data+0x2f/0x90 [ 235.224745] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.225441] __fput+0x26d/0xa40 [ 235.225930] ____fput+0x1e/0x30 [ 235.226443] task_work_run+0x1a4/0x2d0 [ 235.227262] ? __pfx_task_work_run+0x10/0x10 [ 235.227894] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.228582] ? switch_task_namespaces+0xa9/0xe0 [ 235.229291] do_exit+0xb17/0x2ef0 [ 235.229947] ? lock_acquire+0x427/0x4c0 [ 235.230599] ? __pfx_lock_release+0x10/0x10 [ 235.231241] ? __kasan_check_write+0x18/0x20 [ 235.231866] ? do_raw_spin_lock+0x132/0x2a0 [ 235.232586] ? __pfx_do_exit+0x10/0x10 [ 235.233214] ? debug_smp_processor_id+0x20/0x30 [ 235.233869] ? rcu_is_watching+0x19/0xb0 [ 235.234438] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.235391] ? trace_hardirqs_on+0x26/0x120 [ 235.236013] do_group_exit+0xe0/0x2b0 [ 235.236550] __x64_sys_exit_group+0x47/0x50 [ 235.237143] do_syscall_64+0x3b/0x90 [ 235.237677] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.238690] RIP: 0033:0x7f4b87518a4d [ 235.239234] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.240076] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.241341] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.242316] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.243384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.244524] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.245499] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.246776] [ 235.247110] irq event stamp: 0 [ 235.247570] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.248433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.249815] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.251030] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.251967] ---[ end trace 0000000000000000 ]--- [ 235.261065] ------------[ cut here ]------------ [ 235.261814] WARNING: CPU: 1 PID: 2242 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.263458] Modules linked in: [ 235.263911] CPU: 1 PID: 2242 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.265319] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.266919] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.267819] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.270572] RSP: 0018:ffff888013ac7bb8 EFLAGS: 00010246 [ 235.271330] RAX: 0000000000000000 RBX: ffff88801587b0a8 RCX: 0000000000000000 [ 235.272303] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 235.273486] RBP: ffff888013ac7bd0 R08: ffffed1002b0f633 R09: ffffed1002b0f633 [ 235.274463] R10: ffff88801587b193 R11: ffffed1002b0f632 R12: ffff888013b15400 [ 235.275571] R13: ffff88801587b1e8 R14: ffffffff8352e670 R15: ffff888013ac7e68 [ 235.276577] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.277671] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.278466] CR2: 00007f4b877410e8 CR3: 0000000014362000 CR4: 0000000000750ee0 [ 235.279521] PKRU: 55555554 [ 235.279919] Call Trace: [ 235.280277] [ 235.280602] __iommufd_access_detach+0x1c2/0x2b0 [ 235.281282] iommufd_access_change_pt+0x149/0x270 [ 235.281967] iommufd_access_replace+0xb4/0x120 [ 235.282681] iommufd_test+0x3e5/0x37e0 [ 235.283246] ? lock_release+0x532/0x770 [ 235.283815] ? __might_fault+0x102/0x1b0 [ 235.284395] ? lock_acquire+0x427/0x4c0 [ 235.284969] ? __pfx_iommufd_test+0x10/0x10 [ 235.285567] ? __pfx_lock_release+0x10/0x10 [ 235.286179] ? __pfx_lock_acquire+0x10/0x10 [ 235.286842] ? write_comp_data+0x2f/0x90 [ 235.287446] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.288127] ? write_comp_data+0x2f/0x90 [ 235.288708] iommufd_fops_ioctl+0x37d/0x510 [ 235.289310] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.289989] ? write_comp_data+0x2f/0x90 [ 235.290640] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.291338] __x64_sys_ioctl+0x1a3/0x230 [ 235.291921] do_syscall_64+0x3b/0x90 [ 235.292454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.293182] RIP: 0033:0x7f4b8743ee5d [ 235.293703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 235.296229] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 235.297274] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 235.298236] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 235.299244] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 235.300215] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 235.301180] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 235.302162] [ 235.302488] irq event stamp: 0 [ 235.303009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.303888] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.305018] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.306146] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.307058] ---[ end trace 0000000000000000 ]--- [ 235.312155] ------------[ cut here ]------------ [ 235.312836] WARNING: CPU: 1 PID: 2242 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.314181] Modules linked in: [ 235.314748] CPU: 1 PID: 2242 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.315944] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.317469] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.318151] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.320677] RSP: 0018:ffff888013ac7bd0 EFLAGS: 00010246 [ 235.321429] RAX: 0000000000000000 RBX: ffff88801587b0a8 RCX: 0000000000000000 [ 235.322396] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 235.323616] RBP: ffff888013ac7be8 R08: ffffed1002b0f633 R09: ffffed1002b0f633 [ 235.324343] R10: ffff88801587b193 R11: ffffed1002b0f632 R12: ffff8880129c6800 [ 235.325089] R13: ffff88801587b1e8 R14: ffff8880218cad00 R15: 0000000000000000 [ 235.325843] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.326736] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.327383] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 235.328144] PKRU: 55555554 [ 235.328449] Call Trace: [ 235.328726] [ 235.328970] iommufd_access_destroy_object+0x65/0x170 [ 235.329535] iommufd_object_destroy_user+0x18e/0x220 [ 235.330091] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 235.330768] iommufd_access_destroy+0x43/0x70 [ 235.331282] iommufd_test_staccess_release+0x8d/0xd0 [ 235.331842] __fput+0x26d/0xa40 [ 235.332216] ____fput+0x1e/0x30 [ 235.332588] task_work_run+0x1a4/0x2d0 [ 235.333023] ? __pfx_task_work_run+0x10/0x10 [ 235.333508] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.334036] ? switch_task_namespaces+0xa9/0xe0 [ 235.334585] do_exit+0xb17/0x2ef0 [ 235.334960] ? lock_acquire+0x427/0x4c0 [ 235.335403] ? __pfx_lock_release+0x10/0x10 [ 235.335872] ? __kasan_check_write+0x18/0x20 [ 235.336362] ? do_raw_spin_lock+0x132/0x2a0 [ 235.336840] ? __pfx_do_exit+0x10/0x10 [ 235.337268] ? debug_smp_processor_id+0x20/0x30 [ 235.337772] ? rcu_is_watching+0x19/0xb0 [ 235.338210] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.338743] ? trace_hardirqs_on+0x26/0x120 [ 235.339232] do_group_exit+0xe0/0x2b0 [ 235.339649] __x64_sys_exit_group+0x47/0x50 [ 235.340116] do_syscall_64+0x3b/0x90 [ 235.340523] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.341080] RIP: 0033:0x7f4b87518a4d [ 235.341478] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.342127] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.342985] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.343747] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.344504] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.345257] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.346009] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.346807] [ 235.347058] irq event stamp: 0 [ 235.347401] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.348070] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.348955] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.349833] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.350496] ---[ end trace 0000000000000000 ]--- [ 235.351472] ------------[ cut here ]------------ [ 235.351976] WARNING: CPU: 1 PID: 2242 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 235.353067] Modules linked in: [ 235.353411] CPU: 1 PID: 2242 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.354472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.356032] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 235.356581] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 235.358477] RSP: 0018:ffff888013ac7b78 EFLAGS: 00010246 [ 235.359099] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 235.360151] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 235.360929] RBP: ffff888013ac7b98 R08: ffffed1002b0f63e R09: ffffed1002b0f63e [ 235.361688] R10: ffff88801587b1ef R11: ffffed1002b0f63d R12: ffff88801587b290 [ 235.362437] R13: ffff88801587b0a8 R14: ffffffffffffffff R15: ffff888013ac7c60 [ 235.363239] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.364086] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.364702] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 235.365553] PKRU: 55555554 [ 235.365957] Call Trace: [ 235.366377] [ 235.366667] iommufd_ioas_destroy+0x53/0x70 [ 235.367140] iommufd_fops_release+0x1f7/0x370 [ 235.367619] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.368144] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.368659] ? write_comp_data+0x2f/0x90 [ 235.369095] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.369616] __fput+0x26d/0xa40 [ 235.369983] ____fput+0x1e/0x30 [ 235.370422] task_work_run+0x1a4/0x2d0 [ 235.371063] ? __pfx_task_work_run+0x10/0x10 [ 235.371747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.372275] ? switch_task_namespaces+0xa9/0xe0 [ 235.372778] do_exit+0xb17/0x2ef0 [ 235.373143] ? lock_acquire+0x427/0x4c0 [ 235.373587] ? __pfx_lock_release+0x10/0x10 [ 235.374072] ? __kasan_check_write+0x18/0x20 [ 235.374603] ? do_raw_spin_lock+0x132/0x2a0 [ 235.375058] ? __pfx_do_exit+0x10/0x10 [ 235.375495] ? debug_smp_processor_id+0x20/0x30 [ 235.375995] ? rcu_is_watching+0x19/0xb0 [ 235.376563] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.377254] ? trace_hardirqs_on+0x26/0x120 [ 235.377722] do_group_exit+0xe0/0x2b0 [ 235.378123] __x64_sys_exit_group+0x47/0x50 [ 235.378609] do_syscall_64+0x3b/0x90 [ 235.379006] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.379569] RIP: 0033:0x7f4b87518a4d [ 235.379971] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.380670] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.381765] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.382566] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.383324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.384065] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.384812] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.385735] [ 235.386061] irq event stamp: 0 [ 235.386574] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.387259] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.388140] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.389017] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.389705] ---[ end trace 0000000000000000 ]--- [ 235.395991] ------------[ cut here ]------------ [ 235.396543] WARNING: CPU: 1 PID: 2243 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.397581] Modules linked in: [ 235.397912] CPU: 1 PID: 2243 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.398881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.400468] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.401001] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.402933] RSP: 0018:ffff888010207bb8 EFLAGS: 00010246 [ 235.403519] RAX: 0000000000000000 RBX: ffff888015e738a8 RCX: 0000000000000000 [ 235.404352] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 235.405351] RBP: ffff888010207bd0 R08: ffffed1002bce733 R09: ffffed1002bce733 [ 235.406098] R10: ffff888015e73993 R11: ffffed1002bce732 R12: ffff888012e94400 [ 235.406872] R13: ffff888015e739e8 R14: ffffffff8352e670 R15: ffff888010207e68 [ 235.407638] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.408484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.409293] CR2: 0000000020000140 CR3: 0000000013bdc000 CR4: 0000000000750ee0 [ 235.410350] PKRU: 55555554 [ 235.410695] Call Trace: [ 235.410965] [ 235.411221] __iommufd_access_detach+0x1c2/0x2b0 [ 235.411737] iommufd_access_change_pt+0x149/0x270 [ 235.412253] iommufd_access_replace+0xb4/0x120 [ 235.412760] iommufd_test+0x3e5/0x37e0 [ 235.413177] ? lock_release+0x532/0x770 [ 235.413646] ? __might_fault+0x102/0x1b0 [ 235.414249] ? lock_acquire+0x427/0x4c0 [ 235.414842] ? __pfx_iommufd_test+0x10/0x10 [ 235.415314] ? __pfx_lock_release+0x10/0x10 [ 235.415769] ? __pfx_lock_acquire+0x10/0x10 [ 235.416228] ? write_comp_data+0x2f/0x90 [ 235.416661] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.417201] ? write_comp_data+0x2f/0x90 [ 235.417664] iommufd_fops_ioctl+0x37d/0x510 [ 235.418167] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.418923] ? write_comp_data+0x2f/0x90 [ 235.419397] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.419918] __x64_sys_ioctl+0x1a3/0x230 [ 235.420364] do_syscall_64+0x3b/0x90 [ 235.420773] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.421345] RIP: 0033:0x7f4b8743ee5d [ 235.421756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 235.424095] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 235.424909] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 235.425654] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 235.426408] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 235.427407] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 235.428339] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 235.429104] [ 235.429366] irq event stamp: 0 [ 235.429722] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.430418] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.431350] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.432225] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.432894] ---[ end trace 0000000000000000 ]--- [ 235.436309] ------------[ cut here ]------------ [ 235.436853] WARNING: CPU: 1 PID: 2243 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.437910] Modules linked in: [ 235.438251] CPU: 1 PID: 2243 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.439427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.440632] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.441166] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.443106] RSP: 0018:ffff888010207bd0 EFLAGS: 00010246 [ 235.443687] RAX: 0000000000000000 RBX: ffff888015e738a8 RCX: 0000000000000000 [ 235.444434] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 235.445200] RBP: ffff888010207be8 R08: ffffed1002bce733 R09: ffffed1002bce733 [ 235.445966] R10: ffff888015e73993 R11: ffffed1002bce732 R12: ffff888013b14800 [ 235.446762] R13: ffff888015e739e8 R14: ffff888021819800 R15: 0000000000000000 [ 235.447537] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.448387] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.449003] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 235.449750] PKRU: 55555554 [ 235.450047] Call Trace: [ 235.450319] [ 235.450625] iommufd_access_destroy_object+0x65/0x170 [ 235.451197] iommufd_object_destroy_user+0x18e/0x220 [ 235.451750] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 235.452373] iommufd_access_destroy+0x43/0x70 [ 235.452867] iommufd_test_staccess_release+0x8d/0xd0 [ 235.453428] __fput+0x26d/0xa40 [ 235.453804] ____fput+0x1e/0x30 [ 235.454174] task_work_run+0x1a4/0x2d0 [ 235.454655] ? __pfx_task_work_run+0x10/0x10 [ 235.455143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.455673] ? switch_task_namespaces+0xa9/0xe0 [ 235.456180] do_exit+0xb17/0x2ef0 [ 235.456550] ? lock_acquire+0x427/0x4c0 [ 235.456983] ? __pfx_lock_release+0x10/0x10 [ 235.457456] ? __kasan_check_write+0x18/0x20 [ 235.457964] ? do_raw_spin_lock+0x132/0x2a0 [ 235.458444] ? __pfx_do_exit+0x10/0x10 [ 235.458933] ? debug_smp_processor_id+0x20/0x30 [ 235.459448] ? rcu_is_watching+0x19/0xb0 [ 235.459885] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.460369] ? trace_hardirqs_on+0x26/0x120 [ 235.460836] do_group_exit+0xe0/0x2b0 [ 235.461244] __x64_sys_exit_group+0x47/0x50 [ 235.461703] do_syscall_64+0x3b/0x90 [ 235.462113] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.462736] RIP: 0033:0x7f4b87518a4d [ 235.463141] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.463797] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.464596] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.465346] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.466100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.466897] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.467660] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.468427] [ 235.468680] irq event stamp: 0 [ 235.469017] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.469682] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.470610] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.471512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.472189] ---[ end trace 0000000000000000 ]--- [ 235.473101] ------------[ cut here ]------------ [ 235.473619] WARNING: CPU: 1 PID: 2243 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 235.474825] Modules linked in: [ 235.475194] CPU: 1 PID: 2243 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.476117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.477305] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 235.477851] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 235.480000] RSP: 0018:ffff888010207b78 EFLAGS: 00010246 [ 235.480590] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 235.481333] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 235.482091] RBP: ffff888010207b98 R08: ffffed1002bce73e R09: ffffed1002bce73e [ 235.482869] R10: ffff888015e739ef R11: ffffed1002bce73d R12: ffff888015e73a90 [ 235.483631] R13: ffff888015e738a8 R14: ffffffffffffffff R15: ffff888010207c60 [ 235.484382] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.485231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.485845] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 235.486638] PKRU: 55555554 [ 235.486939] Call Trace: [ 235.487228] [ 235.487472] iommufd_ioas_destroy+0x53/0x70 [ 235.487940] iommufd_fops_release+0x1f7/0x370 [ 235.488424] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.488964] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.489484] ? write_comp_data+0x2f/0x90 [ 235.489935] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.490476] __fput+0x26d/0xa40 [ 235.490894] ____fput+0x1e/0x30 [ 235.491268] task_work_run+0x1a4/0x2d0 [ 235.491693] ? __pfx_task_work_run+0x10/0x10 [ 235.492165] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.492678] ? switch_task_namespaces+0xa9/0xe0 [ 235.493177] do_exit+0xb17/0x2ef0 [ 235.493550] ? lock_acquire+0x427/0x4c0 [ 235.493982] ? __pfx_lock_release+0x10/0x10 [ 235.494444] ? __kasan_check_write+0x18/0x20 [ 235.494950] ? do_raw_spin_lock+0x132/0x2a0 [ 235.495431] ? __pfx_do_exit+0x10/0x10 [ 235.495877] ? debug_smp_processor_id+0x20/0x30 [ 235.496392] ? rcu_is_watching+0x19/0xb0 [ 235.496836] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.497331] ? trace_hardirqs_on+0x26/0x120 [ 235.497803] do_group_exit+0xe0/0x2b0 [ 235.498219] __x64_sys_exit_group+0x47/0x50 [ 235.498734] do_syscall_64+0x3b/0x90 [ 235.499156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.499713] RIP: 0033:0x7f4b87518a4d [ 235.500106] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.500752] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.501564] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.502327] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.503142] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.503891] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.504637] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.505394] [ 235.505642] irq event stamp: 0 [ 235.505971] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.506675] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.507570] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.508464] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.509135] ---[ end trace 0000000000000000 ]--- [ 235.514787] ------------[ cut here ]------------ [ 235.515364] WARNING: CPU: 1 PID: 2244 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.516400] Modules linked in: [ 235.516740] CPU: 1 PID: 2244 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.517641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.518859] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.519386] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.521277] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 235.521840] RAX: 0000000000000000 RBX: ffff888020d9b0a8 RCX: 0000000000000000 [ 235.522613] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 235.523375] RBP: ffff8880135e7bd0 R08: ffffed10041b3633 R09: ffffed10041b3633 [ 235.524105] R10: ffff888020d9b193 R11: ffffed10041b3632 R12: ffff888020e6a000 [ 235.524845] R13: ffff888020d9b1e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 235.525578] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.526405] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.527056] CR2: 0000000020000140 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 235.527835] PKRU: 55555554 [ 235.528145] Call Trace: [ 235.528447] [ 235.528701] __iommufd_access_detach+0x1c2/0x2b0 [ 235.529236] iommufd_access_change_pt+0x149/0x270 [ 235.529758] iommufd_access_replace+0xb4/0x120 [ 235.530253] iommufd_test+0x3e5/0x37e0 [ 235.530742] ? lock_release+0x532/0x770 [ 235.531185] ? __might_fault+0x102/0x1b0 [ 235.531616] ? lock_acquire+0x427/0x4c0 [ 235.532045] ? __pfx_iommufd_test+0x10/0x10 [ 235.532490] ? __pfx_lock_release+0x10/0x10 [ 235.532954] ? __pfx_lock_acquire+0x10/0x10 [ 235.533413] ? write_comp_data+0x2f/0x90 [ 235.533847] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.534356] ? write_comp_data+0x2f/0x90 [ 235.534836] iommufd_fops_ioctl+0x37d/0x510 [ 235.535319] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.535842] ? write_comp_data+0x2f/0x90 [ 235.536288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.536792] __x64_sys_ioctl+0x1a3/0x230 [ 235.537226] do_syscall_64+0x3b/0x90 [ 235.537626] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.538177] RIP: 0033:0x7f4b8743ee5d [ 235.538635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 235.540534] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 235.541332] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 235.542075] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 235.542867] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 235.543618] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 235.544355] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 235.545105] [ 235.545351] irq event stamp: 0 [ 235.545691] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.546388] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.547331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.548210] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.548862] ---[ end trace 0000000000000000 ]--- [ 235.552207] ------------[ cut here ]------------ [ 235.552753] WARNING: CPU: 1 PID: 2244 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.553790] Modules linked in: [ 235.554124] CPU: 1 PID: 2244 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.555114] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.556289] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.556806] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.558718] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 235.559306] RAX: 0000000000000000 RBX: ffff888020d9b0a8 RCX: 0000000000000000 [ 235.560075] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 235.560815] RBP: ffff8880135e7be8 R08: ffffed10041b3633 R09: ffffed10041b3633 [ 235.561548] R10: ffff888020d9b193 R11: ffffed10041b3632 R12: ffff888012e96c00 [ 235.562293] R13: ffff888020d9b1e8 R14: ffff88801344b700 R15: 0000000000000000 [ 235.563090] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.563953] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.564555] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 235.565290] PKRU: 55555554 [ 235.565583] Call Trace: [ 235.565849] [ 235.566088] iommufd_access_destroy_object+0x65/0x170 [ 235.566680] iommufd_object_destroy_user+0x18e/0x220 [ 235.567266] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 235.567883] iommufd_access_destroy+0x43/0x70 [ 235.568384] iommufd_test_staccess_release+0x8d/0xd0 [ 235.568929] __fput+0x26d/0xa40 [ 235.569297] ____fput+0x1e/0x30 [ 235.569657] task_work_run+0x1a4/0x2d0 [ 235.570073] ? __pfx_task_work_run+0x10/0x10 [ 235.570602] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.571153] ? switch_task_namespaces+0xa9/0xe0 [ 235.571661] do_exit+0xb17/0x2ef0 [ 235.572031] ? lock_acquire+0x427/0x4c0 [ 235.572462] ? __pfx_lock_release+0x10/0x10 [ 235.572921] ? __kasan_check_write+0x18/0x20 [ 235.573386] ? do_raw_spin_lock+0x132/0x2a0 [ 235.573840] ? __pfx_do_exit+0x10/0x10 [ 235.574260] ? debug_smp_processor_id+0x20/0x30 [ 235.574803] ? rcu_is_watching+0x19/0xb0 [ 235.575255] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.575741] ? trace_hardirqs_on+0x26/0x120 [ 235.576215] do_group_exit+0xe0/0x2b0 [ 235.576617] __x64_sys_exit_group+0x47/0x50 [ 235.577066] do_syscall_64+0x3b/0x90 [ 235.577461] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.578005] RIP: 0033:0x7f4b87518a4d [ 235.578393] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.579114] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.579941] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.580684] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.581431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.582173] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.582967] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.583758] [ 235.584011] irq event stamp: 0 [ 235.584344] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.585011] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.585913] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.586827] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.587502] ---[ end trace 0000000000000000 ]--- [ 235.588392] ------------[ cut here ]------------ [ 235.588894] WARNING: CPU: 1 PID: 2244 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 235.589946] Modules linked in: [ 235.590282] CPU: 1 PID: 2244 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.591243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.592411] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 235.592945] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 235.594865] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 235.595446] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 235.596200] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 235.596969] RBP: ffff8880135e7b98 R08: ffffed10041b363e R09: ffffed10041b363e [ 235.597740] R10: ffff888020d9b1ef R11: ffffed10041b363d R12: ffff888020d9b290 [ 235.598485] R13: ffff888020d9b0a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 235.599342] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.600201] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.600812] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 235.601557] PKRU: 55555554 [ 235.601857] Call Trace: [ 235.602123] [ 235.602360] iommufd_ioas_destroy+0x53/0x70 [ 235.602873] iommufd_fops_release+0x1f7/0x370 [ 235.603373] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.603893] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.604403] ? write_comp_data+0x2f/0x90 [ 235.604835] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.605354] __fput+0x26d/0xa40 [ 235.605713] ____fput+0x1e/0x30 [ 235.606064] task_work_run+0x1a4/0x2d0 [ 235.606477] ? __pfx_task_work_run+0x10/0x10 [ 235.606981] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.607507] ? switch_task_namespaces+0xa9/0xe0 [ 235.608004] do_exit+0xb17/0x2ef0 [ 235.608368] ? lock_acquire+0x427/0x4c0 [ 235.608795] ? __pfx_lock_release+0x10/0x10 [ 235.609261] ? __kasan_check_write+0x18/0x20 [ 235.609730] ? do_raw_spin_lock+0x132/0x2a0 [ 235.610190] ? __pfx_do_exit+0x10/0x10 [ 235.610657] ? debug_smp_processor_id+0x20/0x30 [ 235.611169] ? rcu_is_watching+0x19/0xb0 [ 235.611600] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.612072] ? trace_hardirqs_on+0x26/0x120 [ 235.612531] do_group_exit+0xe0/0x2b0 [ 235.612945] __x64_sys_exit_group+0x47/0x50 [ 235.613611] do_syscall_64+0x3b/0x90 [ 235.614406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.615018] RIP: 0033:0x7f4b87518a4d [ 235.615422] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.616057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.616840] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.617824] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.618818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.619571] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.620301] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.621040] [ 235.621278] irq event stamp: 0 [ 235.621602] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.622261] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.623296] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.624323] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.624987] ---[ end trace 0000000000000000 ]--- [ 235.629505] ------------[ cut here ]------------ [ 235.630073] WARNING: CPU: 1 PID: 2245 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.631243] Modules linked in: [ 235.631584] CPU: 1 PID: 2245 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.632621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.634165] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.634738] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.636642] RSP: 0018:ffff888010207bb8 EFLAGS: 00010246 [ 235.637204] RAX: 0000000000000000 RBX: ffff8880181690a8 RCX: 0000000000000000 [ 235.638083] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 235.639201] RBP: ffff888010207bd0 R08: ffffed100302d233 R09: ffffed100302d233 [ 235.639940] R10: ffff888018169193 R11: ffffed100302d232 R12: ffff888014113400 [ 235.640676] R13: ffff8880181691e8 R14: ffffffff8352e670 R15: ffff888010207e68 [ 235.641412] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.642261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.642977] CR2: 00007f4b877410e8 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 235.644003] PKRU: 55555554 [ 235.644309] Call Trace: [ 235.644577] [ 235.644819] __iommufd_access_detach+0x1c2/0x2b0 [ 235.645333] iommufd_access_change_pt+0x149/0x270 [ 235.645844] iommufd_access_replace+0xb4/0x120 [ 235.646333] iommufd_test+0x3e5/0x37e0 [ 235.646789] ? lock_release+0x532/0x770 [ 235.647236] ? __might_fault+0x102/0x1b0 [ 235.647672] ? lock_acquire+0x427/0x4c0 [ 235.648154] ? __pfx_iommufd_test+0x10/0x10 [ 235.648739] ? __pfx_lock_release+0x10/0x10 [ 235.649402] ? __pfx_lock_acquire+0x10/0x10 [ 235.649865] ? write_comp_data+0x2f/0x90 [ 235.650297] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.650850] ? write_comp_data+0x2f/0x90 [ 235.651293] iommufd_fops_ioctl+0x37d/0x510 [ 235.651754] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.652274] ? write_comp_data+0x2f/0x90 [ 235.652739] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.653328] __x64_sys_ioctl+0x1a3/0x230 [ 235.653944] do_syscall_64+0x3b/0x90 [ 235.654604] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.655176] RIP: 0033:0x7f4b8743ee5d [ 235.655578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 235.657520] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 235.658327] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 235.659206] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 235.660182] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 235.660933] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 235.661681] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 235.662433] [ 235.662718] irq event stamp: 0 [ 235.663051] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.663737] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.664618] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.665799] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.666820] ---[ end trace 0000000000000000 ]--- [ 235.670410] ------------[ cut here ]------------ [ 235.671022] WARNING: CPU: 1 PID: 2245 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.672528] Modules linked in: [ 235.672870] CPU: 1 PID: 2245 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.673788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.675000] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.675555] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.677774] RSP: 0018:ffff888010207bd0 EFLAGS: 00010246 [ 235.678336] RAX: 0000000000000000 RBX: ffff8880181690a8 RCX: 0000000000000000 [ 235.679137] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 235.679895] RBP: ffff888010207be8 R08: ffffed100302d233 R09: ffffed100302d233 [ 235.680894] R10: ffff888018169193 R11: ffffed100302d232 R12: ffff888020e6b800 [ 235.681644] R13: ffff8880181691e8 R14: ffff888011d6dd00 R15: 0000000000000000 [ 235.682399] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.683513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.684152] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 235.684942] PKRU: 55555554 [ 235.685254] Call Trace: [ 235.685653] [ 235.686003] iommufd_access_destroy_object+0x65/0x170 [ 235.686601] iommufd_object_destroy_user+0x18e/0x220 [ 235.687177] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 235.687796] iommufd_access_destroy+0x43/0x70 [ 235.688316] iommufd_test_staccess_release+0x8d/0xd0 [ 235.689044] __fput+0x26d/0xa40 [ 235.689414] ____fput+0x1e/0x30 [ 235.689778] task_work_run+0x1a4/0x2d0 [ 235.690207] ? __pfx_task_work_run+0x10/0x10 [ 235.690722] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.691495] ? switch_task_namespaces+0xa9/0xe0 [ 235.692003] do_exit+0xb17/0x2ef0 [ 235.692381] ? lock_acquire+0x427/0x4c0 [ 235.692829] ? __pfx_lock_release+0x10/0x10 [ 235.693292] ? __kasan_check_write+0x18/0x20 [ 235.693766] ? do_raw_spin_lock+0x132/0x2a0 [ 235.694437] ? __pfx_do_exit+0x10/0x10 [ 235.694900] ? debug_smp_processor_id+0x20/0x30 [ 235.695413] ? rcu_is_watching+0x19/0xb0 [ 235.695845] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.696332] ? trace_hardirqs_on+0x26/0x120 [ 235.696858] do_group_exit+0xe0/0x2b0 [ 235.697427] __x64_sys_exit_group+0x47/0x50 [ 235.697883] do_syscall_64+0x3b/0x90 [ 235.698286] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.698880] RIP: 0033:0x7f4b87518a4d [ 235.699292] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.700165] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.701007] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.701773] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.702794] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.703571] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.704320] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.705097] [ 235.705464] irq event stamp: 0 [ 235.705919] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.706630] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.707536] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.708623] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.709296] ---[ end trace 0000000000000000 ]--- [ 235.710224] ------------[ cut here ]------------ [ 235.710882] WARNING: CPU: 1 PID: 2245 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 235.712028] Modules linked in: [ 235.712366] CPU: 1 PID: 2245 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.713285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.714713] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 235.715272] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 235.717400] RSP: 0018:ffff888010207b78 EFLAGS: 00010246 [ 235.717981] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 235.718844] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 235.719789] RBP: ffff888010207b98 R08: ffffed100302d23e R09: ffffed100302d23e [ 235.720539] R10: ffff8880181691ef R11: ffffed100302d23d R12: ffff888018169290 [ 235.721280] R13: ffff8880181690a8 R14: ffffffffffffffff R15: ffff888010207c60 [ 235.722271] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.723168] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.723786] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 235.724643] PKRU: 55555554 [ 235.725052] Call Trace: [ 235.725321] [ 235.725559] iommufd_ioas_destroy+0x53/0x70 [ 235.726026] iommufd_fops_release+0x1f7/0x370 [ 235.726569] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.727109] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.727874] ? write_comp_data+0x2f/0x90 [ 235.728317] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.728847] __fput+0x26d/0xa40 [ 235.729222] ____fput+0x1e/0x30 [ 235.729588] task_work_run+0x1a4/0x2d0 [ 235.730263] ? __pfx_task_work_run+0x10/0x10 [ 235.730791] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.731338] ? switch_task_namespaces+0xa9/0xe0 [ 235.731845] do_exit+0xb17/0x2ef0 [ 235.732213] ? lock_acquire+0x427/0x4c0 [ 235.732669] ? __pfx_lock_release+0x10/0x10 [ 235.733319] ? __kasan_check_write+0x18/0x20 [ 235.733794] ? do_raw_spin_lock+0x132/0x2a0 [ 235.734254] ? __pfx_do_exit+0x10/0x10 [ 235.734717] ? debug_smp_processor_id+0x20/0x30 [ 235.735230] ? rcu_is_watching+0x19/0xb0 [ 235.735779] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.736384] ? trace_hardirqs_on+0x26/0x120 [ 235.736849] do_group_exit+0xe0/0x2b0 [ 235.737252] __x64_sys_exit_group+0x47/0x50 [ 235.737706] do_syscall_64+0x3b/0x90 [ 235.738195] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.738892] RIP: 0033:0x7f4b87518a4d [ 235.739306] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.739953] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.740748] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.741717] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.742460] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.743259] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.744160] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.745010] [ 235.745259] irq event stamp: 0 [ 235.745597] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.746330] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.747404] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.748283] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.748949] ---[ end trace 0000000000000000 ]--- [ 235.754703] ------------[ cut here ]------------ [ 235.755278] WARNING: CPU: 1 PID: 2246 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.756338] Modules linked in: [ 235.756765] CPU: 1 PID: 2246 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.757853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.759169] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.759808] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.761756] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 235.762545] RAX: 0000000000000000 RBX: ffff8880161e60a8 RCX: 0000000000000000 [ 235.763313] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 235.764058] RBP: ffff8880135e7bd0 R08: ffffed1002c3cc33 R09: ffffed1002c3cc33 [ 235.765043] R10: ffff8880161e6193 R11: ffffed1002c3cc32 R12: ffff888014441c00 [ 235.765826] R13: ffff8880161e61e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 235.766641] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.767513] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.768376] CR2: 00007f4b877410e8 CR3: 000000001365c000 CR4: 0000000000750ee0 [ 235.769123] PKRU: 55555554 [ 235.769429] Call Trace: [ 235.769701] [ 235.769946] __iommufd_access_detach+0x1c2/0x2b0 [ 235.770738] iommufd_access_change_pt+0x149/0x270 [ 235.771272] iommufd_access_replace+0xb4/0x120 [ 235.771763] iommufd_test+0x3e5/0x37e0 [ 235.772184] ? lock_release+0x532/0x770 [ 235.772620] ? __might_fault+0x102/0x1b0 [ 235.773121] ? lock_acquire+0x427/0x4c0 [ 235.773707] ? __pfx_iommufd_test+0x10/0x10 [ 235.774171] ? __pfx_lock_release+0x10/0x10 [ 235.774680] ? __pfx_lock_acquire+0x10/0x10 [ 235.775177] ? write_comp_data+0x2f/0x90 [ 235.775622] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.776333] ? write_comp_data+0x2f/0x90 [ 235.776778] iommufd_fops_ioctl+0x37d/0x510 [ 235.777243] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.777764] ? write_comp_data+0x2f/0x90 [ 235.778245] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.779002] __x64_sys_ioctl+0x1a3/0x230 [ 235.779461] do_syscall_64+0x3b/0x90 [ 235.779864] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.780444] RIP: 0033:0x7f4b8743ee5d [ 235.780850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 235.783063] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 235.783887] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 235.784860] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 235.785644] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 235.786407] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 235.787467] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 235.788245] [ 235.788495] irq event stamp: 0 [ 235.788830] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.789687] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.790610] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.791530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.792279] ---[ end trace 0000000000000000 ]--- [ 235.796070] ------------[ cut here ]------------ [ 235.796630] WARNING: CPU: 1 PID: 2246 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.797923] Modules linked in: [ 235.798261] CPU: 1 PID: 2246 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.799299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.800695] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.801234] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.803268] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 235.803830] RAX: 0000000000000000 RBX: ffff8880161e60a8 RCX: 0000000000000000 [ 235.804570] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 235.805312] RBP: ffff8880135e7be8 R08: ffffed1002c3cc33 R09: ffffed1002c3cc33 [ 235.806056] R10: ffff8880161e6193 R11: ffffed1002c3cc32 R12: ffff888014111800 [ 235.806829] R13: ffff8880161e61e8 R14: ffff8880178e1000 R15: 0000000000000000 [ 235.807591] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.808428] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.809029] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 235.809782] PKRU: 55555554 [ 235.810109] Call Trace: [ 235.810389] [ 235.810667] iommufd_access_destroy_object+0x65/0x170 [ 235.811256] iommufd_object_destroy_user+0x18e/0x220 [ 235.811807] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 235.812428] iommufd_access_destroy+0x43/0x70 [ 235.812918] iommufd_test_staccess_release+0x8d/0xd0 [ 235.813461] __fput+0x26d/0xa40 [ 235.813826] ____fput+0x1e/0x30 [ 235.814184] task_work_run+0x1a4/0x2d0 [ 235.814645] ? __pfx_task_work_run+0x10/0x10 [ 235.815129] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.815656] ? switch_task_namespaces+0xa9/0xe0 [ 235.816166] do_exit+0xb17/0x2ef0 [ 235.816542] ? lock_acquire+0x427/0x4c0 [ 235.816979] ? __pfx_lock_release+0x10/0x10 [ 235.817449] ? __kasan_check_write+0x18/0x20 [ 235.817917] ? do_raw_spin_lock+0x132/0x2a0 [ 235.818367] ? __pfx_do_exit+0x10/0x10 [ 235.818819] ? debug_smp_processor_id+0x20/0x30 [ 235.819326] ? rcu_is_watching+0x19/0xb0 [ 235.819761] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.820233] ? trace_hardirqs_on+0x26/0x120 [ 235.820684] do_group_exit+0xe0/0x2b0 [ 235.821080] __x64_sys_exit_group+0x47/0x50 [ 235.821522] do_syscall_64+0x3b/0x90 [ 235.821914] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.822450] RIP: 0033:0x7f4b87518a4d [ 235.822872] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.823518] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.824305] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.825077] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.825812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.826574] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.827334] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.828083] [ 235.828329] irq event stamp: 0 [ 235.828655] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.829307] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.830177] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.831105] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.831779] ---[ end trace 0000000000000000 ]--- [ 235.832705] ------------[ cut here ]------------ [ 235.833210] WARNING: CPU: 1 PID: 2246 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 235.834257] Modules linked in: [ 235.834743] CPU: 1 PID: 2246 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.835672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.836852] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 235.837388] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 235.839288] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 235.839847] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 235.840589] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 235.841337] RBP: ffff8880135e7b98 R08: ffffed1002c3cc3e R09: ffffed1002c3cc3e [ 235.842088] R10: ffff8880161e61ef R11: ffffed1002c3cc3d R12: ffff8880161e6290 [ 235.842872] R13: ffff8880161e60a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 235.843640] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.844470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.845073] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 235.845800] PKRU: 55555554 [ 235.846092] Call Trace: [ 235.846360] [ 235.846626] iommufd_ioas_destroy+0x53/0x70 [ 235.847084] iommufd_fops_release+0x1f7/0x370 [ 235.847566] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.848087] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.848602] ? write_comp_data+0x2f/0x90 [ 235.849031] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.849551] __fput+0x26d/0xa40 [ 235.849914] ____fput+0x1e/0x30 [ 235.850265] task_work_run+0x1a4/0x2d0 [ 235.850719] ? __pfx_task_work_run+0x10/0x10 [ 235.851199] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.851712] ? switch_task_namespaces+0xa9/0xe0 [ 235.852208] do_exit+0xb17/0x2ef0 [ 235.852566] ? lock_acquire+0x427/0x4c0 [ 235.852988] ? __pfx_lock_release+0x10/0x10 [ 235.853464] ? __kasan_check_write+0x18/0x20 [ 235.853930] ? do_raw_spin_lock+0x132/0x2a0 [ 235.854382] ? __pfx_do_exit+0x10/0x10 [ 235.854833] ? debug_smp_processor_id+0x20/0x30 [ 235.855342] ? rcu_is_watching+0x19/0xb0 [ 235.855766] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.856239] ? trace_hardirqs_on+0x26/0x120 [ 235.856689] do_group_exit+0xe0/0x2b0 [ 235.857079] __x64_sys_exit_group+0x47/0x50 [ 235.857545] do_syscall_64+0x3b/0x90 [ 235.857961] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.858500] RIP: 0033:0x7f4b87518a4d [ 235.858922] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.859564] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.860333] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.861061] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.861773] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.862490] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.863262] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.863996] [ 235.864239] irq event stamp: 0 [ 235.864560] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.865207] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.866095] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.867021] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.867699] ---[ end trace 0000000000000000 ]--- [ 235.872760] ------------[ cut here ]------------ [ 235.873376] WARNING: CPU: 1 PID: 2247 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.875037] Modules linked in: [ 235.875404] CPU: 1 PID: 2247 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.876323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.877485] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.878005] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.880568] RSP: 0018:ffff888018097bb8 EFLAGS: 00010246 [ 235.881112] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 235.881830] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 235.882583] RBP: ffff888018097bd0 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 235.883349] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff88801341f800 [ 235.884073] R13: ffff8880171ba9e8 R14: ffffffff8352e670 R15: ffff888018097e68 [ 235.885017] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.886171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.886824] CR2: 0000000020000140 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 235.887569] PKRU: 55555554 [ 235.887857] Call Trace: [ 235.888115] [ 235.888349] __iommufd_access_detach+0x1c2/0x2b0 [ 235.888851] iommufd_access_change_pt+0x149/0x270 [ 235.889356] iommufd_access_replace+0xb4/0x120 [ 235.889837] iommufd_test+0x3e5/0x37e0 [ 235.890359] ? lock_release+0x532/0x770 [ 235.890990] ? __might_fault+0x102/0x1b0 [ 235.891595] ? lock_acquire+0x427/0x4c0 [ 235.892045] ? __pfx_iommufd_test+0x10/0x10 [ 235.892489] ? __pfx_lock_release+0x10/0x10 [ 235.892939] ? __pfx_lock_acquire+0x10/0x10 [ 235.893392] ? write_comp_data+0x2f/0x90 [ 235.893819] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.894314] ? write_comp_data+0x2f/0x90 [ 235.894781] iommufd_fops_ioctl+0x37d/0x510 [ 235.895250] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.895760] ? write_comp_data+0x2f/0x90 [ 235.896184] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 235.896813] __x64_sys_ioctl+0x1a3/0x230 [ 235.897470] do_syscall_64+0x3b/0x90 [ 235.897868] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.898411] RIP: 0033:0x7f4b8743ee5d [ 235.898845] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 235.900723] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 235.901594] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 235.902658] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 235.903407] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 235.904146] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 235.904882] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 235.905648] [ 235.905921] irq event stamp: 0 [ 235.906313] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.907263] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.908370] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.909249] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.909943] ---[ end trace 0000000000000000 ]--- [ 235.913337] ------------[ cut here ]------------ [ 235.913875] WARNING: CPU: 1 PID: 2247 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.915025] Modules linked in: [ 235.915383] CPU: 1 PID: 2247 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.916286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.917581] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 235.918364] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 235.920350] RSP: 0018:ffff888018097bd0 EFLAGS: 00010246 [ 235.920919] RAX: 0000000000000000 RBX: ffff8880171ba8a8 RCX: 0000000000000000 [ 235.921653] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 235.922468] RBP: ffff888018097be8 R08: ffffed1002e37533 R09: ffffed1002e37533 [ 235.923580] R10: ffff8880171ba993 R11: ffffed1002e37532 R12: ffff888014440c00 [ 235.924324] R13: ffff8880171ba9e8 R14: ffff888014983400 R15: 0000000000000000 [ 235.925056] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.925880] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.926476] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 235.927300] PKRU: 55555554 [ 235.927685] Call Trace: [ 235.928109] [ 235.928359] iommufd_access_destroy_object+0x65/0x170 [ 235.928940] iommufd_object_destroy_user+0x18e/0x220 [ 235.929481] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 235.930094] iommufd_access_destroy+0x43/0x70 [ 235.930616] iommufd_test_staccess_release+0x8d/0xd0 [ 235.931177] __fput+0x26d/0xa40 [ 235.931554] ____fput+0x1e/0x30 [ 235.931919] task_work_run+0x1a4/0x2d0 [ 235.932348] ? __pfx_task_work_run+0x10/0x10 [ 235.932899] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.933658] ? switch_task_namespaces+0xa9/0xe0 [ 235.934172] do_exit+0xb17/0x2ef0 [ 235.934587] ? lock_acquire+0x427/0x4c0 [ 235.935012] ? __pfx_lock_release+0x10/0x10 [ 235.935489] ? __kasan_check_write+0x18/0x20 [ 235.935959] ? do_raw_spin_lock+0x132/0x2a0 [ 235.936414] ? __pfx_do_exit+0x10/0x10 [ 235.936841] ? debug_smp_processor_id+0x20/0x30 [ 235.937336] ? rcu_is_watching+0x19/0xb0 [ 235.937855] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.938653] ? trace_hardirqs_on+0x26/0x120 [ 235.939131] do_group_exit+0xe0/0x2b0 [ 235.939532] __x64_sys_exit_group+0x47/0x50 [ 235.939987] do_syscall_64+0x3b/0x90 [ 235.940414] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.940967] RIP: 0033:0x7f4b87518a4d [ 235.941352] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.941993] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.943084] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.943994] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.944729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.945469] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.946199] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.946986] [ 235.947256] irq event stamp: 0 [ 235.947612] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.948585] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.949464] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.950326] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.951036] ---[ end trace 0000000000000000 ]--- [ 235.952061] ------------[ cut here ]------------ [ 235.952738] WARNING: CPU: 1 PID: 2247 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 235.954029] Modules linked in: [ 235.954365] CPU: 1 PID: 2247 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 235.955339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 235.956510] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 235.957075] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 235.959468] RSP: 0018:ffff888018097b78 EFLAGS: 00010246 [ 235.960034] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 235.960788] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 235.961538] RBP: ffff888018097b98 R08: ffffed1002e3753e R09: ffffed1002e3753e [ 235.962368] R10: ffff8880171ba9ef R11: ffffed1002e3753d R12: ffff8880171baa90 [ 235.963480] R13: ffff8880171ba8a8 R14: ffffffffffffffff R15: ffff888018097c60 [ 235.964241] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 235.965088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 235.965688] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 235.966441] PKRU: 55555554 [ 235.966815] Call Trace: [ 235.967097] [ 235.967364] iommufd_ioas_destroy+0x53/0x70 [ 235.967961] iommufd_fops_release+0x1f7/0x370 [ 235.968665] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.969199] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.969713] ? write_comp_data+0x2f/0x90 [ 235.970153] ? __pfx_iommufd_fops_release+0x10/0x10 [ 235.970742] __fput+0x26d/0xa40 [ 235.971138] ____fput+0x1e/0x30 [ 235.971511] task_work_run+0x1a4/0x2d0 [ 235.971962] ? __pfx_task_work_run+0x10/0x10 [ 235.972490] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 235.973267] ? switch_task_namespaces+0xa9/0xe0 [ 235.973774] do_exit+0xb17/0x2ef0 [ 235.974143] ? lock_acquire+0x427/0x4c0 [ 235.974632] ? __pfx_lock_release+0x10/0x10 [ 235.975097] ? __kasan_check_write+0x18/0x20 [ 235.975596] ? do_raw_spin_lock+0x132/0x2a0 [ 235.976048] ? __pfx_do_exit+0x10/0x10 [ 235.976470] ? debug_smp_processor_id+0x20/0x30 [ 235.976966] ? rcu_is_watching+0x19/0xb0 [ 235.977526] ? _raw_spin_unlock_irq+0x2b/0x60 [ 235.978199] ? trace_hardirqs_on+0x26/0x120 [ 235.978722] do_group_exit+0xe0/0x2b0 [ 235.979145] __x64_sys_exit_group+0x47/0x50 [ 235.979606] do_syscall_64+0x3b/0x90 [ 235.980011] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 235.980571] RIP: 0033:0x7f4b87518a4d [ 235.980991] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 235.981639] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 235.982651] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 235.983556] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 235.984313] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 235.985050] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 235.985793] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 235.986587] [ 235.986844] irq event stamp: 0 [ 235.987191] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 235.988063] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 235.989285] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 235.990159] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 235.990865] ---[ end trace 0000000000000000 ]--- [ 235.996787] ------------[ cut here ]------------ [ 235.997360] WARNING: CPU: 1 PID: 2248 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 235.998986] Modules linked in: [ 235.999358] CPU: 1 PID: 2248 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.000275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.001454] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.001982] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.004463] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 236.005032] RAX: 0000000000000000 RBX: ffff8880165348a8 RCX: 0000000000000000 [ 236.005774] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 236.006541] RBP: ffff8880135e7bd0 R08: ffffed1002ca6933 R09: ffffed1002ca6933 [ 236.007318] R10: ffff888016534993 R11: ffffed1002ca6932 R12: ffff888012e95000 [ 236.008086] R13: ffff8880165349e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 236.009138] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.010153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.010826] CR2: 00007f4b877410e8 CR3: 000000001413e000 CR4: 0000000000750ee0 [ 236.011601] PKRU: 55555554 [ 236.011903] Call Trace: [ 236.012172] [ 236.012412] __iommufd_access_detach+0x1c2/0x2b0 [ 236.012929] iommufd_access_change_pt+0x149/0x270 [ 236.013501] iommufd_access_replace+0xb4/0x120 [ 236.014196] iommufd_test+0x3e5/0x37e0 [ 236.014656] ? lock_release+0x532/0x770 [ 236.015086] ? __might_fault+0x102/0x1b0 [ 236.015540] ? lock_acquire+0x427/0x4c0 [ 236.015981] ? __pfx_iommufd_test+0x10/0x10 [ 236.016441] ? __pfx_lock_release+0x10/0x10 [ 236.016903] ? __pfx_lock_acquire+0x10/0x10 [ 236.017365] ? write_comp_data+0x2f/0x90 [ 236.017812] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.018450] ? write_comp_data+0x2f/0x90 [ 236.019151] iommufd_fops_ioctl+0x37d/0x510 [ 236.019630] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.020155] ? write_comp_data+0x2f/0x90 [ 236.020597] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.021108] __x64_sys_ioctl+0x1a3/0x230 [ 236.021545] do_syscall_64+0x3b/0x90 [ 236.021947] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.022544] RIP: 0033:0x7f4b8743ee5d [ 236.022943] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 236.025305] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 236.026144] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 236.026957] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 236.027732] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 236.028484] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 236.029559] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 236.030324] [ 236.030623] irq event stamp: 0 [ 236.030961] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.031642] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.032521] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.033509] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.034460] ---[ end trace 0000000000000000 ]--- [ 236.038097] ------------[ cut here ]------------ [ 236.038928] WARNING: CPU: 1 PID: 2248 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.040079] Modules linked in: [ 236.040423] CPU: 1 PID: 2248 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.041341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.042575] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.043247] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.045489] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 236.046061] RAX: 0000000000000000 RBX: ffff8880165348a8 RCX: 0000000000000000 [ 236.046868] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 236.047654] RBP: ffff8880135e7be8 R08: ffffed1002ca6933 R09: ffffed1002ca6933 [ 236.048454] R10: ffff888016534993 R11: ffffed1002ca6932 R12: ffff88801341e800 [ 236.049520] R13: ffff8880165349e8 R14: ffff888012245300 R15: 0000000000000000 [ 236.050291] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.051205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.051832] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 236.052596] PKRU: 55555554 [ 236.052903] Call Trace: [ 236.053177] [ 236.053421] iommufd_access_destroy_object+0x65/0x170 [ 236.053985] iommufd_object_destroy_user+0x18e/0x220 [ 236.054561] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 236.055189] iommufd_access_destroy+0x43/0x70 [ 236.055674] iommufd_test_staccess_release+0x8d/0xd0 [ 236.056227] __fput+0x26d/0xa40 [ 236.056600] ____fput+0x1e/0x30 [ 236.056972] task_work_run+0x1a4/0x2d0 [ 236.057430] ? __pfx_task_work_run+0x10/0x10 [ 236.057912] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.058450] ? switch_task_namespaces+0xa9/0xe0 [ 236.059025] do_exit+0xb17/0x2ef0 [ 236.059425] ? lock_acquire+0x427/0x4c0 [ 236.059859] ? __pfx_lock_release+0x10/0x10 [ 236.060324] ? __kasan_check_write+0x18/0x20 [ 236.060800] ? do_raw_spin_lock+0x132/0x2a0 [ 236.061266] ? __pfx_do_exit+0x10/0x10 [ 236.061697] ? debug_smp_processor_id+0x20/0x30 [ 236.062205] ? rcu_is_watching+0x19/0xb0 [ 236.062688] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.063199] ? trace_hardirqs_on+0x26/0x120 [ 236.063671] do_group_exit+0xe0/0x2b0 [ 236.064083] __x64_sys_exit_group+0x47/0x50 [ 236.064566] do_syscall_64+0x3b/0x90 [ 236.064975] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.065531] RIP: 0033:0x7f4b87518a4d [ 236.065932] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.066638] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.067473] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.068224] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.068979] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.069727] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.070474] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.071289] [ 236.071544] irq event stamp: 0 [ 236.071884] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.072557] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.073446] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.074349] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.075102] ---[ end trace 0000000000000000 ]--- [ 236.076042] ------------[ cut here ]------------ [ 236.076551] WARNING: CPU: 1 PID: 2248 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 236.077635] Modules linked in: [ 236.077977] CPU: 1 PID: 2248 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.078966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.080185] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 236.080739] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 236.082908] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 236.083496] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 236.084244] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 236.084999] RBP: ffff8880135e7b98 R08: ffffed1002ca693e R09: ffffed1002ca693e [ 236.085756] R10: ffff8880165349ef R11: ffffed1002ca693d R12: ffff888016534a90 [ 236.086564] R13: ffff8880165348a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 236.087332] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.088181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.088794] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 236.089572] PKRU: 55555554 [ 236.089877] Call Trace: [ 236.090146] [ 236.090384] iommufd_ioas_destroy+0x53/0x70 [ 236.090888] iommufd_fops_release+0x1f7/0x370 [ 236.091380] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.091921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.092454] ? write_comp_data+0x2f/0x90 [ 236.092900] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.093439] __fput+0x26d/0xa40 [ 236.093803] ____fput+0x1e/0x30 [ 236.094166] task_work_run+0x1a4/0x2d0 [ 236.094652] ? __pfx_task_work_run+0x10/0x10 [ 236.095147] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.095692] ? switch_task_namespaces+0xa9/0xe0 [ 236.096232] do_exit+0xb17/0x2ef0 [ 236.096627] ? lock_acquire+0x427/0x4c0 [ 236.097057] ? __pfx_lock_release+0x10/0x10 [ 236.097530] ? __kasan_check_write+0x18/0x20 [ 236.097998] ? do_raw_spin_lock+0x132/0x2a0 [ 236.098459] ? __pfx_do_exit+0x10/0x10 [ 236.098926] ? debug_smp_processor_id+0x20/0x30 [ 236.099440] ? rcu_is_watching+0x19/0xb0 [ 236.099887] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.100384] ? trace_hardirqs_on+0x26/0x120 [ 236.100860] do_group_exit+0xe0/0x2b0 [ 236.101276] __x64_sys_exit_group+0x47/0x50 [ 236.101758] do_syscall_64+0x3b/0x90 [ 236.102172] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.102772] RIP: 0033:0x7f4b87518a4d [ 236.103179] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.103837] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.104637] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.105386] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.106147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.106922] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.107681] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.108429] [ 236.108675] irq event stamp: 0 [ 236.109009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.109670] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.110570] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.111457] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.112124] ---[ end trace 0000000000000000 ]--- [ 236.117920] ------------[ cut here ]------------ [ 236.118473] WARNING: CPU: 1 PID: 2249 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.119640] Modules linked in: [ 236.119977] CPU: 1 PID: 2249 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.120885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.122055] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.122624] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.124529] RSP: 0018:ffff888016e2fbb8 EFLAGS: 00010246 [ 236.125083] RAX: 0000000000000000 RBX: ffff888011df68a8 RCX: 0000000000000000 [ 236.125818] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 236.126571] RBP: ffff888016e2fbd0 R08: ffffed10023bed33 R09: ffffed10023bed33 [ 236.127330] R10: ffff888011df6993 R11: ffffed10023bed32 R12: ffff88800fcb2c00 [ 236.128081] R13: ffff888011df69e8 R14: ffffffff8352e670 R15: ffff888016e2fe68 [ 236.128855] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.130093] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.130784] CR2: 0000000020000140 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 236.131570] PKRU: 55555554 [ 236.131872] Call Trace: [ 236.132146] [ 236.132387] __iommufd_access_detach+0x1c2/0x2b0 [ 236.132948] iommufd_access_change_pt+0x149/0x270 [ 236.133849] iommufd_access_replace+0xb4/0x120 [ 236.134619] iommufd_test+0x3e5/0x37e0 [ 236.135033] ? lock_release+0x532/0x770 [ 236.135495] ? __might_fault+0x102/0x1b0 [ 236.135932] ? lock_acquire+0x427/0x4c0 [ 236.136365] ? __pfx_iommufd_test+0x10/0x10 [ 236.136819] ? __pfx_lock_release+0x10/0x10 [ 236.137288] ? __pfx_lock_acquire+0x10/0x10 [ 236.137757] ? write_comp_data+0x2f/0x90 [ 236.138196] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.138768] ? write_comp_data+0x2f/0x90 [ 236.139226] iommufd_fops_ioctl+0x37d/0x510 [ 236.139753] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.140447] ? write_comp_data+0x2f/0x90 [ 236.141026] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.141550] __x64_sys_ioctl+0x1a3/0x230 [ 236.142001] do_syscall_64+0x3b/0x90 [ 236.142411] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.143014] RIP: 0033:0x7f4b8743ee5d [ 236.143440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 236.145702] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 236.146552] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 236.147321] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 236.148083] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 236.148851] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 236.149894] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 236.150725] [ 236.151007] irq event stamp: 0 [ 236.151356] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.152017] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.152893] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.153809] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.154761] ---[ end trace 0000000000000000 ]--- [ 236.158229] ------------[ cut here ]------------ [ 236.158819] WARNING: CPU: 1 PID: 2249 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.159954] Modules linked in: [ 236.160392] CPU: 1 PID: 2249 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.161616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.162857] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.163422] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.165481] RSP: 0018:ffff888016e2fbd0 EFLAGS: 00010246 [ 236.166300] RAX: 0000000000000000 RBX: ffff888011df68a8 RCX: 0000000000000000 [ 236.167099] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 236.167885] RBP: ffff888016e2fbe8 R08: ffffed10023bed33 R09: ffffed10023bed33 [ 236.168629] R10: ffff888011df6993 R11: ffffed10023bed32 R12: ffff888012e95c00 [ 236.169382] R13: ffff888011df69e8 R14: ffff8880181ba900 R15: 0000000000000000 [ 236.170214] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.171361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.171975] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.172721] PKRU: 55555554 [ 236.173021] Call Trace: [ 236.173293] [ 236.173536] iommufd_access_destroy_object+0x65/0x170 [ 236.174092] iommufd_object_destroy_user+0x18e/0x220 [ 236.174750] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 236.175588] iommufd_access_destroy+0x43/0x70 [ 236.176083] iommufd_test_staccess_release+0x8d/0xd0 [ 236.176634] __fput+0x26d/0xa40 [ 236.177002] ____fput+0x1e/0x30 [ 236.177364] task_work_run+0x1a4/0x2d0 [ 236.177788] ? __pfx_task_work_run+0x10/0x10 [ 236.178258] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.178820] ? switch_task_namespaces+0xa9/0xe0 [ 236.179372] do_exit+0xb17/0x2ef0 [ 236.179762] ? lock_acquire+0x427/0x4c0 [ 236.180257] ? __pfx_lock_release+0x10/0x10 [ 236.180952] ? __kasan_check_write+0x18/0x20 [ 236.181608] ? do_raw_spin_lock+0x132/0x2a0 [ 236.182080] ? __pfx_do_exit+0x10/0x10 [ 236.182604] ? debug_smp_processor_id+0x20/0x30 [ 236.183115] ? rcu_is_watching+0x19/0xb0 [ 236.183569] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.184052] ? trace_hardirqs_on+0x26/0x120 [ 236.184513] do_group_exit+0xe0/0x2b0 [ 236.184920] __x64_sys_exit_group+0x47/0x50 [ 236.185378] do_syscall_64+0x3b/0x90 [ 236.185877] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.186740] RIP: 0033:0x7f4b87518a4d [ 236.187172] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.187835] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.188659] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.189429] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.190186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.191040] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.192018] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.192783] [ 236.193044] irq event stamp: 0 [ 236.193385] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.194048] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.194979] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.195881] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.196778] ---[ end trace 0000000000000000 ]--- [ 236.197940] ------------[ cut here ]------------ [ 236.198483] WARNING: CPU: 1 PID: 2249 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 236.199823] Modules linked in: [ 236.200174] CPU: 1 PID: 2249 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.201167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.202815] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 236.203393] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 236.205306] RSP: 0018:ffff888016e2fb78 EFLAGS: 00010246 [ 236.205878] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 236.206895] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 236.207834] RBP: ffff888016e2fb98 R08: ffffed10023bed3e R09: ffffed10023bed3e [ 236.208592] R10: ffff888011df69ef R11: ffffed10023bed3d R12: ffff888011df6a90 [ 236.209334] R13: ffff888011df68a8 R14: ffffffffffffffff R15: ffff888016e2fc60 [ 236.210081] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.211019] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.211673] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.212691] PKRU: 55555554 [ 236.213161] Call Trace: [ 236.213494] [ 236.213740] iommufd_ioas_destroy+0x53/0x70 [ 236.214207] iommufd_fops_release+0x1f7/0x370 [ 236.214735] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.215281] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.215796] ? write_comp_data+0x2f/0x90 [ 236.216236] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.216777] __fput+0x26d/0xa40 [ 236.217156] ____fput+0x1e/0x30 [ 236.217616] task_work_run+0x1a4/0x2d0 [ 236.218303] ? __pfx_task_work_run+0x10/0x10 [ 236.218843] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.219381] ? switch_task_namespaces+0xa9/0xe0 [ 236.219888] do_exit+0xb17/0x2ef0 [ 236.220260] ? lock_acquire+0x427/0x4c0 [ 236.220694] ? __pfx_lock_release+0x10/0x10 [ 236.221170] ? __kasan_check_write+0x18/0x20 [ 236.221645] ? do_raw_spin_lock+0x132/0x2a0 [ 236.222113] ? __pfx_do_exit+0x10/0x10 [ 236.222608] ? debug_smp_processor_id+0x20/0x30 [ 236.223377] ? rcu_is_watching+0x19/0xb0 [ 236.223823] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.224341] ? trace_hardirqs_on+0x26/0x120 [ 236.224816] do_group_exit+0xe0/0x2b0 [ 236.225232] __x64_sys_exit_group+0x47/0x50 [ 236.225697] do_syscall_64+0x3b/0x90 [ 236.226104] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.226724] RIP: 0033:0x7f4b87518a4d [ 236.227147] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.227801] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.228745] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.229734] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.230493] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.231373] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.232128] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.232899] [ 236.233226] irq event stamp: 0 [ 236.233653] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.234657] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.235561] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.236435] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.237108] ---[ end trace 0000000000000000 ]--- [ 236.242692] ------------[ cut here ]------------ [ 236.243285] WARNING: CPU: 1 PID: 2250 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.244345] Modules linked in: [ 236.244687] CPU: 1 PID: 2250 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.245601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.247206] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.247834] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.249746] RSP: 0018:ffff8880135e7bb8 EFLAGS: 00010246 [ 236.250333] RAX: 0000000000000000 RBX: ffff888015dee8a8 RCX: 0000000000000000 [ 236.251361] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 236.252312] RBP: ffff8880135e7bd0 R08: ffffed1002bbdd33 R09: ffffed1002bbdd33 [ 236.253079] R10: ffff888015dee993 R11: ffffed1002bbdd32 R12: ffff888013b23800 [ 236.253839] R13: ffff888015dee9e8 R14: ffffffff8352e670 R15: ffff8880135e7e68 [ 236.254641] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.255711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.256583] CR2: 00007f4b877410e8 CR3: 000000000f7b4000 CR4: 0000000000750ee0 [ 236.257334] PKRU: 55555554 [ 236.257639] Call Trace: [ 236.257911] [ 236.258153] __iommufd_access_detach+0x1c2/0x2b0 [ 236.258718] iommufd_access_change_pt+0x149/0x270 [ 236.259270] iommufd_access_replace+0xb4/0x120 [ 236.259826] iommufd_test+0x3e5/0x37e0 [ 236.260363] ? lock_release+0x532/0x770 [ 236.260954] ? __might_fault+0x102/0x1b0 [ 236.261406] ? lock_acquire+0x427/0x4c0 [ 236.261848] ? __pfx_iommufd_test+0x10/0x10 [ 236.262313] ? __pfx_lock_release+0x10/0x10 [ 236.262820] ? __pfx_lock_acquire+0x10/0x10 [ 236.263312] ? write_comp_data+0x2f/0x90 [ 236.263769] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.264439] ? write_comp_data+0x2f/0x90 [ 236.265110] iommufd_fops_ioctl+0x37d/0x510 [ 236.265584] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.266113] ? write_comp_data+0x2f/0x90 [ 236.266603] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.267165] __x64_sys_ioctl+0x1a3/0x230 [ 236.267646] do_syscall_64+0x3b/0x90 [ 236.268100] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.268664] RIP: 0033:0x7f4b8743ee5d [ 236.269065] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 236.271170] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 236.271999] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 236.272764] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 236.273514] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 236.274269] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 236.275066] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 236.275845] [ 236.276095] irq event stamp: 0 [ 236.276429] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.277107] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.278014] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.278972] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.279679] ---[ end trace 0000000000000000 ]--- [ 236.283239] ------------[ cut here ]------------ [ 236.283816] WARNING: CPU: 1 PID: 2250 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.284889] Modules linked in: [ 236.285238] CPU: 1 PID: 2250 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.286163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.287550] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.288106] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.290029] RSP: 0018:ffff8880135e7bd0 EFLAGS: 00010246 [ 236.290627] RAX: 0000000000000000 RBX: ffff888015dee8a8 RCX: 0000000000000000 [ 236.291386] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 236.292146] RBP: ffff8880135e7be8 R08: ffffed1002bbdd33 R09: ffffed1002bbdd33 [ 236.292914] R10: ffff888015dee993 R11: ffffed1002bbdd32 R12: ffff88800fcb0800 [ 236.293674] R13: ffff888015dee9e8 R14: ffff88800fd32e00 R15: 0000000000000000 [ 236.294433] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.295360] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.295991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.296756] PKRU: 55555554 [ 236.297062] Call Trace: [ 236.297334] [ 236.297576] iommufd_access_destroy_object+0x65/0x170 [ 236.298135] iommufd_object_destroy_user+0x18e/0x220 [ 236.298741] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 236.299411] iommufd_access_destroy+0x43/0x70 [ 236.299918] iommufd_test_staccess_release+0x8d/0xd0 [ 236.300506] __fput+0x26d/0xa40 [ 236.300895] ____fput+0x1e/0x30 [ 236.301272] task_work_run+0x1a4/0x2d0 [ 236.301726] ? __pfx_task_work_run+0x10/0x10 [ 236.302209] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.302812] ? switch_task_namespaces+0xa9/0xe0 [ 236.303343] do_exit+0xb17/0x2ef0 [ 236.303724] ? lock_acquire+0x427/0x4c0 [ 236.304156] ? __pfx_lock_release+0x10/0x10 [ 236.304621] ? __kasan_check_write+0x18/0x20 [ 236.305104] ? do_raw_spin_lock+0x132/0x2a0 [ 236.305605] ? __pfx_do_exit+0x10/0x10 [ 236.306068] ? debug_smp_processor_id+0x20/0x30 [ 236.306690] ? rcu_is_watching+0x19/0xb0 [ 236.307158] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.307671] ? trace_hardirqs_on+0x26/0x120 [ 236.308151] do_group_exit+0xe0/0x2b0 [ 236.308573] __x64_sys_exit_group+0x47/0x50 [ 236.309044] do_syscall_64+0x3b/0x90 [ 236.309472] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.310059] RIP: 0033:0x7f4b87518a4d [ 236.310473] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.311233] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.312084] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.312864] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.313633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.314378] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.315210] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.315977] [ 236.316222] irq event stamp: 0 [ 236.316552] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.317228] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.318114] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.319038] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.319707] ---[ end trace 0000000000000000 ]--- [ 236.320611] ------------[ cut here ]------------ [ 236.321110] WARNING: CPU: 1 PID: 2250 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 236.322172] Modules linked in: [ 236.322580] CPU: 1 PID: 2250 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.323505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.324680] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 236.325227] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 236.327170] RSP: 0018:ffff8880135e7b78 EFLAGS: 00010246 [ 236.327726] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 236.328478] RDX: 0000000000000000 RSI: ffff888015862500 RDI: 0000000000000002 [ 236.329239] RBP: ffff8880135e7b98 R08: ffffed1002bbdd3e R09: ffffed1002bbdd3e [ 236.329974] R10: ffff888015dee9ef R11: ffffed1002bbdd3d R12: ffff888015deea90 [ 236.330751] R13: ffff888015dee8a8 R14: ffffffffffffffff R15: ffff8880135e7c60 [ 236.331520] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.332378] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.332991] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.333734] PKRU: 55555554 [ 236.334039] Call Trace: [ 236.334305] [ 236.334593] iommufd_ioas_destroy+0x53/0x70 [ 236.335052] iommufd_fops_release+0x1f7/0x370 [ 236.335544] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.336077] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.336597] ? write_comp_data+0x2f/0x90 [ 236.337035] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.337573] __fput+0x26d/0xa40 [ 236.337944] ____fput+0x1e/0x30 [ 236.338303] task_work_run+0x1a4/0x2d0 [ 236.338753] ? __pfx_task_work_run+0x10/0x10 [ 236.339231] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.339747] ? switch_task_namespaces+0xa9/0xe0 [ 236.340247] do_exit+0xb17/0x2ef0 [ 236.340608] ? lock_acquire+0x427/0x4c0 [ 236.341050] ? __pfx_lock_release+0x10/0x10 [ 236.341518] ? __kasan_check_write+0x18/0x20 [ 236.341989] ? do_raw_spin_lock+0x132/0x2a0 [ 236.342462] ? __pfx_do_exit+0x10/0x10 [ 236.342925] ? debug_smp_processor_id+0x20/0x30 [ 236.343433] ? rcu_is_watching+0x19/0xb0 [ 236.343867] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.344353] ? trace_hardirqs_on+0x26/0x120 [ 236.344818] do_group_exit+0xe0/0x2b0 [ 236.345222] __x64_sys_exit_group+0x47/0x50 [ 236.345663] do_syscall_64+0x3b/0x90 [ 236.346058] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.346626] RIP: 0033:0x7f4b87518a4d [ 236.347020] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.347687] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.348489] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.349236] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.349978] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.350766] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.351528] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.352297] [ 236.352546] irq event stamp: 0 [ 236.352879] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.353549] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.354417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.355338] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.355999] ---[ end trace 0000000000000000 ]--- [ 236.361324] ------------[ cut here ]------------ [ 236.361904] WARNING: CPU: 1 PID: 2251 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.363039] Modules linked in: [ 236.363395] CPU: 1 PID: 2251 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.364316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.365511] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.366053] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.368105] RSP: 0018:ffff88801625fbb8 EFLAGS: 00010246 [ 236.368710] RAX: 0000000000000000 RBX: ffff8880162cd8a8 RCX: 0000000000000000 [ 236.369470] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 236.370235] RBP: ffff88801625fbd0 R08: ffffed1002c59b33 R09: ffffed1002c59b33 [ 236.371018] R10: ffff8880162cd993 R11: ffffed1002c59b32 R12: ffff888020d73800 [ 236.371802] R13: ffff8880162cd9e8 R14: ffffffff8352e670 R15: ffff88801625fe68 [ 236.372553] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.373404] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.374030] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 236.374821] PKRU: 55555554 [ 236.375126] Call Trace: [ 236.375400] [ 236.375642] __iommufd_access_detach+0x1c2/0x2b0 [ 236.376178] iommufd_access_change_pt+0x149/0x270 [ 236.376747] iommufd_access_replace+0xb4/0x120 [ 236.377272] iommufd_test+0x3e5/0x37e0 [ 236.377713] ? lock_release+0x532/0x770 [ 236.378165] ? __might_fault+0x102/0x1b0 [ 236.378668] ? lock_acquire+0x427/0x4c0 [ 236.379280] ? __pfx_iommufd_test+0x10/0x10 [ 236.379952] ? __pfx_lock_release+0x10/0x10 [ 236.380558] ? __pfx_lock_acquire+0x10/0x10 [ 236.381161] ? write_comp_data+0x2f/0x90 [ 236.381717] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.382375] ? write_comp_data+0x2f/0x90 [ 236.383025] iommufd_fops_ioctl+0x37d/0x510 [ 236.383666] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.384365] ? write_comp_data+0x2f/0x90 [ 236.384952] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.385615] __x64_sys_ioctl+0x1a3/0x230 [ 236.386205] do_syscall_64+0x3b/0x90 [ 236.386808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.387575] RIP: 0033:0x7f4b8743ee5d [ 236.388104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 236.391165] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 236.392440] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 236.393411] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 236.394471] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 236.395611] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 236.396558] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 236.397772] [ 236.398108] irq event stamp: 0 [ 236.398614] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.399504] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.400846] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.401942] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.402940] ---[ end trace 0000000000000000 ]--- [ 236.406626] ------------[ cut here ]------------ [ 236.407191] WARNING: CPU: 1 PID: 2251 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.408375] Modules linked in: [ 236.408912] CPU: 1 PID: 2251 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.409846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.411093] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.411650] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.413755] RSP: 0018:ffff88801625fbd0 EFLAGS: 00010246 [ 236.414623] RAX: 0000000000000000 RBX: ffff8880162cd8a8 RCX: 0000000000000000 [ 236.415413] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 236.416190] RBP: ffff88801625fbe8 R08: ffffed1002c59b33 R09: ffffed1002c59b33 [ 236.416949] R10: ffff8880162cd993 R11: ffffed1002c59b32 R12: ffff888013b20c00 [ 236.417705] R13: ffff8880162cd9e8 R14: ffff88800fdde200 R15: 0000000000000000 [ 236.418599] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.419800] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.420429] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.421193] PKRU: 55555554 [ 236.421494] Call Trace: [ 236.421772] [ 236.422024] iommufd_access_destroy_object+0x65/0x170 [ 236.422683] iommufd_object_destroy_user+0x18e/0x220 [ 236.423261] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 236.423897] iommufd_access_destroy+0x43/0x70 [ 236.424480] iommufd_test_staccess_release+0x8d/0xd0 [ 236.425288] __fput+0x26d/0xa40 [ 236.425672] ____fput+0x1e/0x30 [ 236.426040] task_work_run+0x1a4/0x2d0 [ 236.426467] ? __pfx_task_work_run+0x10/0x10 [ 236.426999] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.427543] ? switch_task_namespaces+0xa9/0xe0 [ 236.428053] do_exit+0xb17/0x2ef0 [ 236.428426] ? lock_acquire+0x427/0x4c0 [ 236.428864] ? __pfx_lock_release+0x10/0x10 [ 236.429343] ? __kasan_check_write+0x18/0x20 [ 236.429938] ? do_raw_spin_lock+0x132/0x2a0 [ 236.430676] ? __pfx_do_exit+0x10/0x10 [ 236.431107] ? debug_smp_processor_id+0x20/0x30 [ 236.431619] ? rcu_is_watching+0x19/0xb0 [ 236.432055] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.432553] ? trace_hardirqs_on+0x26/0x120 [ 236.433022] do_group_exit+0xe0/0x2b0 [ 236.433432] __x64_sys_exit_group+0x47/0x50 [ 236.433888] do_syscall_64+0x3b/0x90 [ 236.434307] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.434977] RIP: 0033:0x7f4b87518a4d [ 236.435579] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.436233] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.437040] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.437783] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.438582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.439350] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.440135] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.441194] [ 236.441458] irq event stamp: 0 [ 236.441796] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.442469] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.443426] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.444331] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.444999] ---[ end trace 0000000000000000 ]--- [ 236.445970] ------------[ cut here ]------------ [ 236.446469] WARNING: CPU: 1 PID: 2251 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 236.447622] Modules linked in: [ 236.447973] CPU: 1 PID: 2251 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.448902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.450210] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 236.451066] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 236.452983] RSP: 0018:ffff88801625fb78 EFLAGS: 00010246 [ 236.453561] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 236.454417] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 236.455538] RBP: ffff88801625fb98 R08: ffffed1002c59b3e R09: ffffed1002c59b3e [ 236.456309] R10: ffff8880162cd9ef R11: ffffed1002c59b3d R12: ffff8880162cda90 [ 236.457069] R13: ffff8880162cd8a8 R14: ffffffffffffffff R15: ffff88801625fc60 [ 236.457817] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.458685] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.459498] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.460432] PKRU: 55555554 [ 236.460746] Call Trace: [ 236.461021] [ 236.461269] iommufd_ioas_destroy+0x53/0x70 [ 236.461751] iommufd_fops_release+0x1f7/0x370 [ 236.462247] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.462837] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.463465] ? write_comp_data+0x2f/0x90 [ 236.464070] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.464813] __fput+0x26d/0xa40 [ 236.465189] ____fput+0x1e/0x30 [ 236.465552] task_work_run+0x1a4/0x2d0 [ 236.465981] ? __pfx_task_work_run+0x10/0x10 [ 236.466460] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.467029] ? switch_task_namespaces+0xa9/0xe0 [ 236.467567] do_exit+0xb17/0x2ef0 [ 236.467939] ? lock_acquire+0x427/0x4c0 [ 236.468460] ? __pfx_lock_release+0x10/0x10 [ 236.469107] ? __kasan_check_write+0x18/0x20 [ 236.469788] ? do_raw_spin_lock+0x132/0x2a0 [ 236.470275] ? __pfx_do_exit+0x10/0x10 [ 236.470742] ? debug_smp_processor_id+0x20/0x30 [ 236.471262] ? rcu_is_watching+0x19/0xb0 [ 236.471714] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.472218] ? trace_hardirqs_on+0x26/0x120 [ 236.472697] do_group_exit+0xe0/0x2b0 [ 236.473117] __x64_sys_exit_group+0x47/0x50 [ 236.473719] do_syscall_64+0x3b/0x90 [ 236.474321] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.474944] RIP: 0033:0x7f4b87518a4d [ 236.475364] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.476031] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.476855] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.477716] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.478803] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.479592] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.480373] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.481162] [ 236.481429] irq event stamp: 0 [ 236.481770] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.482636] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.483833] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.484717] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.485380] ---[ end trace 0000000000000000 ]--- [ 236.492654] ------------[ cut here ]------------ [ 236.493197] WARNING: CPU: 1 PID: 2252 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.494252] Modules linked in: [ 236.494643] CPU: 1 PID: 2252 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.495573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.497065] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.497833] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.499774] RSP: 0018:ffff888015d07bb8 EFLAGS: 00010246 [ 236.500348] RAX: 0000000000000000 RBX: ffff88801609c0a8 RCX: 0000000000000000 [ 236.501123] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 236.502172] RBP: ffff888015d07bd0 R08: ffffed1002c13833 R09: ffffed1002c13833 [ 236.503008] R10: ffff88801609c193 R11: ffffed1002c13832 R12: ffff8880121c7c00 [ 236.503756] R13: ffff88801609c1e8 R14: ffffffff8352e670 R15: ffff888015d07e68 [ 236.504495] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.505370] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.506247] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 236.507040] PKRU: 55555554 [ 236.507344] Call Trace: [ 236.507609] [ 236.507845] __iommufd_access_detach+0x1c2/0x2b0 [ 236.508348] iommufd_access_change_pt+0x149/0x270 [ 236.508862] iommufd_access_replace+0xb4/0x120 [ 236.509364] iommufd_test+0x3e5/0x37e0 [ 236.509894] ? lock_release+0x532/0x770 [ 236.510576] ? __might_fault+0x102/0x1b0 [ 236.511022] ? lock_acquire+0x427/0x4c0 [ 236.511465] ? __pfx_iommufd_test+0x10/0x10 [ 236.511924] ? __pfx_lock_release+0x10/0x10 [ 236.512385] ? __pfx_lock_acquire+0x10/0x10 [ 236.512845] ? write_comp_data+0x2f/0x90 [ 236.513285] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.513809] ? write_comp_data+0x2f/0x90 [ 236.514402] iommufd_fops_ioctl+0x37d/0x510 [ 236.515094] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.515640] ? write_comp_data+0x2f/0x90 [ 236.516078] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.516599] __x64_sys_ioctl+0x1a3/0x230 [ 236.517037] do_syscall_64+0x3b/0x90 [ 236.517435] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.517981] RIP: 0033:0x7f4b8743ee5d [ 236.518399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 236.520698] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 236.521478] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 236.522211] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 236.522985] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 236.523965] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 236.524928] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 236.525673] [ 236.525916] irq event stamp: 0 [ 236.526239] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.526913] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.527815] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.528984] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.529732] ---[ end trace 0000000000000000 ]--- [ 236.535055] ------------[ cut here ]------------ [ 236.535621] WARNING: CPU: 1 PID: 2252 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.536646] Modules linked in: [ 236.537040] CPU: 1 PID: 2252 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.538264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.539480] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.539986] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.541993] RSP: 0018:ffff888015d07bd0 EFLAGS: 00010246 [ 236.542798] RAX: 0000000000000000 RBX: ffff88801609c0a8 RCX: 0000000000000000 [ 236.543546] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 236.544271] RBP: ffff888015d07be8 R08: ffffed1002c13833 R09: ffffed1002c13833 [ 236.545006] R10: ffff88801609c193 R11: ffffed1002c13832 R12: ffff888020d72800 [ 236.545744] R13: ffff88801609c1e8 R14: ffff88801227d400 R15: 0000000000000000 [ 236.546673] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.547803] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.548419] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.549157] PKRU: 55555554 [ 236.549451] Call Trace: [ 236.549715] [ 236.549964] iommufd_access_destroy_object+0x65/0x170 [ 236.550556] iommufd_object_destroy_user+0x18e/0x220 [ 236.551114] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 236.551899] iommufd_access_destroy+0x43/0x70 [ 236.552551] iommufd_test_staccess_release+0x8d/0xd0 [ 236.553081] __fput+0x26d/0xa40 [ 236.553437] ____fput+0x1e/0x30 [ 236.553785] task_work_run+0x1a4/0x2d0 [ 236.554194] ? __pfx_task_work_run+0x10/0x10 [ 236.554677] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.555197] ? switch_task_namespaces+0xa9/0xe0 [ 236.555692] do_exit+0xb17/0x2ef0 [ 236.556143] ? lock_acquire+0x427/0x4c0 [ 236.556738] ? __pfx_lock_release+0x10/0x10 [ 236.557196] ? __kasan_check_write+0x18/0x20 [ 236.557653] ? do_raw_spin_lock+0x132/0x2a0 [ 236.558094] ? __pfx_do_exit+0x10/0x10 [ 236.558502] ? debug_smp_processor_id+0x20/0x30 [ 236.559012] ? rcu_is_watching+0x19/0xb0 [ 236.559448] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.559960] ? trace_hardirqs_on+0x26/0x120 [ 236.560555] do_group_exit+0xe0/0x2b0 [ 236.561090] __x64_sys_exit_group+0x47/0x50 [ 236.561542] do_syscall_64+0x3b/0x90 [ 236.561932] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.562472] RIP: 0033:0x7f4b87518a4d [ 236.562892] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.563541] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.564375] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.565328] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.566329] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.567116] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.567868] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.568607] [ 236.568870] irq event stamp: 0 [ 236.569195] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.569834] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.570705] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.571556] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.572149] ---[ end trace 0000000000000000 ]--- [ 236.572970] ------------[ cut here ]------------ [ 236.573413] WARNING: CPU: 1 PID: 2252 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 236.574379] Modules linked in: [ 236.574730] CPU: 1 PID: 2252 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.575564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.576623] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 236.577107] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 236.579004] RSP: 0018:ffff888015d07b78 EFLAGS: 00010246 [ 236.579524] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 236.580183] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 236.580847] RBP: ffff888015d07b98 R08: ffffed1002c1383e R09: ffffed1002c1383e [ 236.581518] R10: ffff88801609c1ef R11: ffffed1002c1383d R12: ffff88801609c290 [ 236.582179] R13: ffff88801609c0a8 R14: ffffffffffffffff R15: ffff888015d07c60 [ 236.582873] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.583632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.584169] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.584831] PKRU: 55555554 [ 236.585095] Call Trace: [ 236.585336] [ 236.585553] iommufd_ioas_destroy+0x53/0x70 [ 236.585966] iommufd_fops_release+0x1f7/0x370 [ 236.586395] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.586889] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.587366] ? write_comp_data+0x2f/0x90 [ 236.587757] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.588231] __fput+0x26d/0xa40 [ 236.588560] ____fput+0x1e/0x30 [ 236.588879] task_work_run+0x1a4/0x2d0 [ 236.589252] ? __pfx_task_work_run+0x10/0x10 [ 236.589670] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.590130] ? switch_task_namespaces+0xa9/0xe0 [ 236.590608] do_exit+0xb17/0x2ef0 [ 236.590936] ? lock_acquire+0x427/0x4c0 [ 236.591333] ? __pfx_lock_release+0x10/0x10 [ 236.591734] ? __kasan_check_write+0x18/0x20 [ 236.592154] ? do_raw_spin_lock+0x132/0x2a0 [ 236.592565] ? __pfx_do_exit+0x10/0x10 [ 236.592944] ? debug_smp_processor_id+0x20/0x30 [ 236.593391] ? rcu_is_watching+0x19/0xb0 [ 236.593779] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.594211] ? trace_hardirqs_on+0x26/0x120 [ 236.594675] do_group_exit+0xe0/0x2b0 [ 236.595055] __x64_sys_exit_group+0x47/0x50 [ 236.595474] do_syscall_64+0x3b/0x90 [ 236.595846] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.596346] RIP: 0033:0x7f4b87518a4d [ 236.596703] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.597286] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.598009] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.598726] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.599424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.600104] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.600776] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.601457] [ 236.601684] irq event stamp: 0 [ 236.601982] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.602622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.603422] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.604207] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.604804] ---[ end trace 0000000000000000 ]--- [ 236.609874] ------------[ cut here ]------------ [ 236.610367] WARNING: CPU: 1 PID: 2253 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.611648] Modules linked in: [ 236.611954] CPU: 1 PID: 2253 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.612757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.613793] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.614256] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.615984] RSP: 0018:ffff888015bf7bb8 EFLAGS: 00010246 [ 236.616490] RAX: 0000000000000000 RBX: ffff888020ff20a8 RCX: 0000000000000000 [ 236.617159] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 236.617816] RBP: ffff888015bf7bd0 R08: ffffed10041fe433 R09: ffffed10041fe433 [ 236.618471] R10: ffff888020ff2193 R11: ffffed10041fe432 R12: ffff88801493d400 [ 236.619172] R13: ffff888020ff21e8 R14: ffffffff8352e670 R15: ffff888015bf7e68 [ 236.619842] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.620596] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.621148] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 236.621815] PKRU: 55555554 [ 236.622081] Call Trace: [ 236.622321] [ 236.622573] __iommufd_access_detach+0x1c2/0x2b0 [ 236.623031] iommufd_access_change_pt+0x149/0x270 [ 236.623512] iommufd_access_replace+0xb4/0x120 [ 236.623951] iommufd_test+0x3e5/0x37e0 [ 236.624319] ? lock_release+0x532/0x770 [ 236.624698] ? __might_fault+0x102/0x1b0 [ 236.625080] ? lock_acquire+0x427/0x4c0 [ 236.625471] ? __pfx_iommufd_test+0x10/0x10 [ 236.625878] ? __pfx_lock_release+0x10/0x10 [ 236.626292] ? __pfx_lock_acquire+0x10/0x10 [ 236.626736] ? write_comp_data+0x2f/0x90 [ 236.627144] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.627606] ? write_comp_data+0x2f/0x90 [ 236.628000] iommufd_fops_ioctl+0x37d/0x510 [ 236.628410] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.628873] ? write_comp_data+0x2f/0x90 [ 236.629265] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.629719] __x64_sys_ioctl+0x1a3/0x230 [ 236.630110] do_syscall_64+0x3b/0x90 [ 236.630480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.631011] RIP: 0033:0x7f4b8743ee5d [ 236.631375] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 236.633069] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 236.633780] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 236.634451] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 236.635161] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 236.635829] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 236.636508] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 236.637178] [ 236.637400] irq event stamp: 0 [ 236.637699] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.638287] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.639092] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.639886] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.640473] ---[ end trace 0000000000000000 ]--- [ 236.643684] ------------[ cut here ]------------ [ 236.644165] WARNING: CPU: 1 PID: 2253 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.645108] Modules linked in: [ 236.645407] CPU: 1 PID: 2253 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.646213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.647308] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.647784] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.649534] RSP: 0018:ffff888015bf7bd0 EFLAGS: 00010246 [ 236.650174] RAX: 0000000000000000 RBX: ffff888020ff20a8 RCX: 0000000000000000 [ 236.651225] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 236.651915] RBP: ffff888015bf7be8 R08: ffffed10041fe433 R09: ffffed10041fe433 [ 236.652596] R10: ffff888020ff2193 R11: ffffed10041fe432 R12: ffff8880121c5400 [ 236.653275] R13: ffff888020ff21e8 R14: ffff88801381aa00 R15: 0000000000000000 [ 236.653948] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.654950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.655514] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.656204] PKRU: 55555554 [ 236.656483] Call Trace: [ 236.656734] [ 236.656956] iommufd_access_destroy_object+0x65/0x170 [ 236.657462] iommufd_object_destroy_user+0x18e/0x220 [ 236.657952] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 236.658564] iommufd_access_destroy+0x43/0x70 [ 236.659014] iommufd_test_staccess_release+0x8d/0xd0 [ 236.659535] __fput+0x26d/0xa40 [ 236.659994] ____fput+0x1e/0x30 [ 236.660430] task_work_run+0x1a4/0x2d0 [ 236.660826] ? __pfx_task_work_run+0x10/0x10 [ 236.661262] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.661757] ? switch_task_namespaces+0xa9/0xe0 [ 236.662228] do_exit+0xb17/0x2ef0 [ 236.662597] ? lock_acquire+0x427/0x4c0 [ 236.662998] ? __pfx_lock_release+0x10/0x10 [ 236.663448] ? __kasan_check_write+0x18/0x20 [ 236.663919] ? do_raw_spin_lock+0x132/0x2a0 [ 236.664392] ? __pfx_do_exit+0x10/0x10 [ 236.664944] ? debug_smp_processor_id+0x20/0x30 [ 236.665596] ? rcu_is_watching+0x19/0xb0 [ 236.666039] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.666580] ? trace_hardirqs_on+0x26/0x120 [ 236.667054] do_group_exit+0xe0/0x2b0 [ 236.667489] __x64_sys_exit_group+0x47/0x50 [ 236.667956] do_syscall_64+0x3b/0x90 [ 236.668370] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.668938] RIP: 0033:0x7f4b87518a4d [ 236.669347] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.670051] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.671224] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.671975] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.672721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.673474] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.674241] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.675035] [ 236.675301] irq event stamp: 0 [ 236.675634] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.676380] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.677568] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.678435] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.679145] ---[ end trace 0000000000000000 ]--- [ 236.680047] ------------[ cut here ]------------ [ 236.680550] WARNING: CPU: 1 PID: 2253 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 236.681620] Modules linked in: [ 236.682075] CPU: 1 PID: 2253 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.683212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.684431] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 236.684973] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 236.686985] RSP: 0018:ffff888015bf7b78 EFLAGS: 00010246 [ 236.687751] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 236.688602] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 236.689350] RBP: ffff888015bf7b98 R08: ffffed10041fe43e R09: ffffed10041fe43e [ 236.690111] R10: ffff888020ff21ef R11: ffffed10041fe43d R12: ffff888020ff2290 [ 236.690905] R13: ffff888020ff20a8 R14: ffffffffffffffff R15: ffff888015bf7c60 [ 236.691669] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.692504] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.693213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 236.694251] PKRU: 55555554 [ 236.694581] Call Trace: [ 236.694848] [ 236.695084] iommufd_ioas_destroy+0x53/0x70 [ 236.695560] iommufd_fops_release+0x1f7/0x370 [ 236.696049] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.696581] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.697117] ? write_comp_data+0x2f/0x90 [ 236.697573] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.698100] __fput+0x26d/0xa40 [ 236.698649] ____fput+0x1e/0x30 [ 236.699162] task_work_run+0x1a4/0x2d0 [ 236.699596] ? __pfx_task_work_run+0x10/0x10 [ 236.700068] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.700587] ? switch_task_namespaces+0xa9/0xe0 [ 236.701091] do_exit+0xb17/0x2ef0 [ 236.701462] ? lock_acquire+0x427/0x4c0 [ 236.701888] ? __pfx_lock_release+0x10/0x10 [ 236.702356] ? __kasan_check_write+0x18/0x20 [ 236.702870] ? do_raw_spin_lock+0x132/0x2a0 [ 236.703348] ? __pfx_do_exit+0x10/0x10 [ 236.703782] ? debug_smp_processor_id+0x20/0x30 [ 236.704376] ? rcu_is_watching+0x19/0xb0 [ 236.704959] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.705541] ? trace_hardirqs_on+0x26/0x120 [ 236.706009] do_group_exit+0xe0/0x2b0 [ 236.706425] __x64_sys_exit_group+0x47/0x50 [ 236.706953] do_syscall_64+0x3b/0x90 [ 236.707399] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.707974] RIP: 0033:0x7f4b87518a4d [ 236.708384] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.709057] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.710072] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.711031] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.711810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.712579] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.713336] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.714123] [ 236.714381] irq event stamp: 0 [ 236.714934] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.715788] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.716692] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.717581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.718265] ---[ end trace 0000000000000000 ]--- [ 236.723862] ------------[ cut here ]------------ [ 236.724485] WARNING: CPU: 1 PID: 2254 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.725811] Modules linked in: [ 236.726155] CPU: 1 PID: 2254 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.727199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.728436] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.728976] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.731301] RSP: 0018:ffff888015d07bb8 EFLAGS: 00010246 [ 236.731887] RAX: 0000000000000000 RBX: ffff88800cb920a8 RCX: 0000000000000000 [ 236.732659] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 236.733436] RBP: ffff888015d07bd0 R08: ffffed1001972433 R09: ffffed1001972433 [ 236.734262] R10: ffff88800cb92193 R11: ffffed1001972432 R12: ffff888012e94c00 [ 236.735320] R13: ffff88800cb921e8 R14: ffffffff8352e670 R15: ffff888015d07e68 [ 236.736088] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.736959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.737585] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 236.738355] PKRU: 55555554 [ 236.738710] Call Trace: [ 236.738998] [ 236.739267] __iommufd_access_detach+0x1c2/0x2b0 [ 236.739989] iommufd_access_change_pt+0x149/0x270 [ 236.740627] iommufd_access_replace+0xb4/0x120 [ 236.741141] iommufd_test+0x3e5/0x37e0 [ 236.741561] ? lock_release+0x532/0x770 [ 236.741999] ? __might_fault+0x102/0x1b0 [ 236.742448] ? lock_acquire+0x427/0x4c0 [ 236.742940] ? __pfx_iommufd_test+0x10/0x10 [ 236.743425] ? __pfx_lock_release+0x10/0x10 [ 236.743904] ? __pfx_lock_acquire+0x10/0x10 [ 236.744393] ? write_comp_data+0x2f/0x90 [ 236.745033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.745657] ? write_comp_data+0x2f/0x90 [ 236.746119] iommufd_fops_ioctl+0x37d/0x510 [ 236.746645] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.747198] ? write_comp_data+0x2f/0x90 [ 236.747656] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.748193] __x64_sys_ioctl+0x1a3/0x230 [ 236.748656] do_syscall_64+0x3b/0x90 [ 236.749075] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.749772] RIP: 0033:0x7f4b8743ee5d [ 236.750322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 236.752346] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 236.753179] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 236.753959] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 236.754951] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 236.755873] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 236.756650] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 236.757431] [ 236.757686] irq event stamp: 0 [ 236.758031] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.758765] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.759693] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.760840] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.761517] ---[ end trace 0000000000000000 ]--- [ 236.765098] ------------[ cut here ]------------ [ 236.765677] WARNING: CPU: 1 PID: 2254 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.766876] Modules linked in: [ 236.767254] CPU: 1 PID: 2254 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.768192] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.769457] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.770190] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.772219] RSP: 0018:ffff888015d07bd0 EFLAGS: 00010246 [ 236.772804] RAX: 0000000000000000 RBX: ffff88800cb920a8 RCX: 0000000000000000 [ 236.773568] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 236.774486] RBP: ffff888015d07be8 R08: ffffed1001972433 R09: ffffed1001972433 [ 236.775380] R10: ffff88800cb92193 R11: ffffed1001972432 R12: ffff88801493f400 [ 236.776145] R13: ffff88800cb921e8 R14: ffff888020848900 R15: 0000000000000000 [ 236.776920] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.777791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.778416] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 236.779519] PKRU: 55555554 [ 236.779812] Call Trace: [ 236.780095] [ 236.780344] iommufd_access_destroy_object+0x65/0x170 [ 236.780922] iommufd_object_destroy_user+0x18e/0x220 [ 236.781488] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 236.782123] iommufd_access_destroy+0x43/0x70 [ 236.782668] iommufd_test_staccess_release+0x8d/0xd0 [ 236.783258] __fput+0x26d/0xa40 [ 236.783646] ____fput+0x1e/0x30 [ 236.784049] task_work_run+0x1a4/0x2d0 [ 236.784622] ? __pfx_task_work_run+0x10/0x10 [ 236.785230] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.785768] ? switch_task_namespaces+0xa9/0xe0 [ 236.786299] do_exit+0xb17/0x2ef0 [ 236.786717] ? lock_acquire+0x427/0x4c0 [ 236.787171] ? __pfx_lock_release+0x10/0x10 [ 236.787643] ? __kasan_check_write+0x18/0x20 [ 236.788118] ? do_raw_spin_lock+0x132/0x2a0 [ 236.788585] ? __pfx_do_exit+0x10/0x10 [ 236.789092] ? debug_smp_processor_id+0x20/0x30 [ 236.789792] ? rcu_is_watching+0x19/0xb0 [ 236.790240] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.790771] ? trace_hardirqs_on+0x26/0x120 [ 236.791246] do_group_exit+0xe0/0x2b0 [ 236.791656] __x64_sys_exit_group+0x47/0x50 [ 236.792124] do_syscall_64+0x3b/0x90 [ 236.792536] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.793107] RIP: 0033:0x7f4b87518a4d [ 236.793512] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.794425] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.795319] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.796096] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.796869] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.797646] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.798441] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.799565] [ 236.799830] irq event stamp: 0 [ 236.800177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.800872] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.801779] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.802723] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.803432] ---[ end trace 0000000000000000 ]--- [ 236.804635] ------------[ cut here ]------------ [ 236.805164] WARNING: CPU: 1 PID: 2254 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 236.806292] Modules linked in: [ 236.806700] CPU: 1 PID: 2254 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.807679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.808970] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 236.809750] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 236.811775] RSP: 0018:ffff888015d07b78 EFLAGS: 00010246 [ 236.812359] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 236.813122] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 236.814049] RBP: ffff888015d07b98 R08: ffffed100197243e R09: ffffed100197243e [ 236.814982] R10: ffff88800cb921ef R11: ffffed100197243d R12: ffff88800cb92290 [ 236.815777] R13: ffff88800cb920a8 R14: ffffffffffffffff R15: ffff888015d07c60 [ 236.816553] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.817432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.818066] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 236.819088] PKRU: 55555554 [ 236.819527] Call Trace: [ 236.819802] [ 236.820046] iommufd_ioas_destroy+0x53/0x70 [ 236.820533] iommufd_fops_release+0x1f7/0x370 [ 236.821028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.821569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.822097] ? write_comp_data+0x2f/0x90 [ 236.822590] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.823156] __fput+0x26d/0xa40 [ 236.823537] ____fput+0x1e/0x30 [ 236.823909] task_work_run+0x1a4/0x2d0 [ 236.824491] ? __pfx_task_work_run+0x10/0x10 [ 236.825115] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.825660] ? switch_task_namespaces+0xa9/0xe0 [ 236.826187] do_exit+0xb17/0x2ef0 [ 236.826620] ? lock_acquire+0x427/0x4c0 [ 236.827072] ? __pfx_lock_release+0x10/0x10 [ 236.827558] ? __kasan_check_write+0x18/0x20 [ 236.828040] ? do_raw_spin_lock+0x132/0x2a0 [ 236.828504] ? __pfx_do_exit+0x10/0x10 [ 236.828945] ? debug_smp_processor_id+0x20/0x30 [ 236.829546] ? rcu_is_watching+0x19/0xb0 [ 236.830183] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.830726] ? trace_hardirqs_on+0x26/0x120 [ 236.831210] do_group_exit+0xe0/0x2b0 [ 236.831627] __x64_sys_exit_group+0x47/0x50 [ 236.832099] do_syscall_64+0x3b/0x90 [ 236.832511] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.833079] RIP: 0033:0x7f4b87518a4d [ 236.833481] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.834136] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.835337] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.836107] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.836884] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.837659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.838423] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.839262] [ 236.839523] irq event stamp: 0 [ 236.839870] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.840688] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.841685] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.842624] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.843331] ---[ end trace 0000000000000000 ]--- [ 236.848761] ------------[ cut here ]------------ [ 236.849420] WARNING: CPU: 1 PID: 2255 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.850759] Modules linked in: [ 236.851097] CPU: 1 PID: 2255 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.852038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.853245] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.853779] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.856123] RSP: 0018:ffff888015bf7bb8 EFLAGS: 00010246 [ 236.856708] RAX: 0000000000000000 RBX: ffff888013ac08a8 RCX: 0000000000000000 [ 236.857480] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 236.858251] RBP: ffff888015bf7bd0 R08: ffffed1002758133 R09: ffffed1002758133 [ 236.859052] R10: ffff888013ac0993 R11: ffffed1002758132 R12: ffff888010826c00 [ 236.859885] R13: ffff888013ac09e8 R14: ffffffff8352e670 R15: ffff888015bf7e68 [ 236.860938] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.861812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.862433] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 236.863253] PKRU: 55555554 [ 236.863560] Call Trace: [ 236.863840] [ 236.864084] __iommufd_access_detach+0x1c2/0x2b0 [ 236.864619] iommufd_access_change_pt+0x149/0x270 [ 236.865335] iommufd_access_replace+0xb4/0x120 [ 236.865844] iommufd_test+0x3e5/0x37e0 [ 236.866273] ? lock_release+0x532/0x770 [ 236.866760] ? __might_fault+0x102/0x1b0 [ 236.867236] ? lock_acquire+0x427/0x4c0 [ 236.867686] ? __pfx_iommufd_test+0x10/0x10 [ 236.868148] ? __pfx_lock_release+0x10/0x10 [ 236.868620] ? __pfx_lock_acquire+0x10/0x10 [ 236.869094] ? write_comp_data+0x2f/0x90 [ 236.869563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.870345] ? write_comp_data+0x2f/0x90 [ 236.870849] iommufd_fops_ioctl+0x37d/0x510 [ 236.871354] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.871893] ? write_comp_data+0x2f/0x90 [ 236.872348] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 236.872878] __x64_sys_ioctl+0x1a3/0x230 [ 236.873336] do_syscall_64+0x3b/0x90 [ 236.873764] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.874361] RIP: 0033:0x7f4b8743ee5d [ 236.874980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 236.877043] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 236.877873] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 236.878696] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 236.879502] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 236.880500] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 236.881380] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 236.882167] [ 236.882423] irq event stamp: 0 [ 236.882818] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.883511] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.884415] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.885422] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.886327] ---[ end trace 0000000000000000 ]--- [ 236.890092] ------------[ cut here ]------------ [ 236.890829] WARNING: CPU: 1 PID: 2255 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.891950] Modules linked in: [ 236.892303] CPU: 1 PID: 2255 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.893251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.894480] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.895352] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.897321] RSP: 0018:ffff888015bf7bd0 EFLAGS: 00010246 [ 236.897900] RAX: 0000000000000000 RBX: ffff888013ac08a8 RCX: 0000000000000000 [ 236.898702] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 236.899476] RBP: ffff888015bf7be8 R08: ffffed1002758133 R09: ffffed1002758133 [ 236.900613] R10: ffff888013ac0993 R11: ffffed1002758132 R12: ffff888012e96400 [ 236.901393] R13: ffff888013ac09e8 R14: ffff888012245100 R15: 0000000000000000 [ 236.902160] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.903075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.903710] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 236.904511] PKRU: 55555554 [ 236.904906] Call Trace: [ 236.905290] [ 236.905606] iommufd_access_destroy_object+0x65/0x170 [ 236.906171] iommufd_object_destroy_user+0x18e/0x220 [ 236.906748] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 236.907383] iommufd_access_destroy+0x43/0x70 [ 236.907871] iommufd_test_staccess_release+0x8d/0xd0 [ 236.908418] __fput+0x26d/0xa40 [ 236.908788] ____fput+0x1e/0x30 [ 236.909150] task_work_run+0x1a4/0x2d0 [ 236.909579] ? __pfx_task_work_run+0x10/0x10 [ 236.910107] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.910896] ? switch_task_namespaces+0xa9/0xe0 [ 236.911417] do_exit+0xb17/0x2ef0 [ 236.911785] ? lock_acquire+0x427/0x4c0 [ 236.912218] ? __pfx_lock_release+0x10/0x10 [ 236.912691] ? __kasan_check_write+0x18/0x20 [ 236.913163] ? do_raw_spin_lock+0x132/0x2a0 [ 236.913624] ? __pfx_do_exit+0x10/0x10 [ 236.914053] ? debug_smp_processor_id+0x20/0x30 [ 236.914605] ? rcu_is_watching+0x19/0xb0 [ 236.915046] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.915550] ? trace_hardirqs_on+0x26/0x120 [ 236.916140] do_group_exit+0xe0/0x2b0 [ 236.916667] __x64_sys_exit_group+0x47/0x50 [ 236.917289] do_syscall_64+0x3b/0x90 [ 236.917703] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.918266] RIP: 0033:0x7f4b87518a4d [ 236.918709] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.919387] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.920193] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.920949] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.921855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.922881] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.923650] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.924397] [ 236.924647] irq event stamp: 0 [ 236.924988] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.925658] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.926651] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.927775] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.928446] ---[ end trace 0000000000000000 ]--- [ 236.929437] ------------[ cut here ]------------ [ 236.929950] WARNING: CPU: 1 PID: 2255 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 236.931094] Modules linked in: [ 236.931463] CPU: 1 PID: 2255 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.932455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.933940] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 236.934488] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 236.936457] RSP: 0018:ffff888015bf7b78 EFLAGS: 00010246 [ 236.937008] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 236.937822] RDX: 0000000000000000 RSI: ffff888011e40000 RDI: 0000000000000002 [ 236.938874] RBP: ffff888015bf7b98 R08: ffffed100275813e R09: ffffed100275813e [ 236.939634] R10: ffff888013ac09ef R11: ffffed100275813d R12: ffff888013ac0a90 [ 236.940377] R13: ffff888013ac08a8 R14: ffffffffffffffff R15: ffff888015bf7c60 [ 236.941114] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 236.941939] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.942646] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 236.943756] PKRU: 55555554 [ 236.944060] Call Trace: [ 236.944331] [ 236.944568] iommufd_ioas_destroy+0x53/0x70 [ 236.945040] iommufd_fops_release+0x1f7/0x370 [ 236.945524] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.946057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.946633] ? write_comp_data+0x2f/0x90 [ 236.947078] ? __pfx_iommufd_fops_release+0x10/0x10 [ 236.947629] __fput+0x26d/0xa40 [ 236.947992] ____fput+0x1e/0x30 [ 236.948344] task_work_run+0x1a4/0x2d0 [ 236.948843] ? __pfx_task_work_run+0x10/0x10 [ 236.949425] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 236.950109] ? switch_task_namespaces+0xa9/0xe0 [ 236.950659] do_exit+0xb17/0x2ef0 [ 236.951035] ? lock_acquire+0x427/0x4c0 [ 236.951490] ? __pfx_lock_release+0x10/0x10 [ 236.951949] ? __kasan_check_write+0x18/0x20 [ 236.952414] ? do_raw_spin_lock+0x132/0x2a0 [ 236.952865] ? __pfx_do_exit+0x10/0x10 [ 236.953283] ? debug_smp_processor_id+0x20/0x30 [ 236.953780] ? rcu_is_watching+0x19/0xb0 [ 236.954357] ? _raw_spin_unlock_irq+0x2b/0x60 [ 236.955070] ? trace_hardirqs_on+0x26/0x120 [ 236.955762] do_group_exit+0xe0/0x2b0 [ 236.956178] __x64_sys_exit_group+0x47/0x50 [ 236.956634] do_syscall_64+0x3b/0x90 [ 236.957038] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 236.957586] RIP: 0033:0x7f4b87518a4d [ 236.957976] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 236.958653] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 236.959471] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 236.960219] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 236.961104] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 236.962121] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 236.962909] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 236.963684] [ 236.963927] irq event stamp: 0 [ 236.964255] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 236.964910] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 236.965791] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 236.966943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 236.967848] ---[ end trace 0000000000000000 ]--- [ 236.978406] ------------[ cut here ]------------ [ 236.979179] WARNING: CPU: 0 PID: 2256 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 236.980579] Modules linked in: [ 236.981011] CPU: 0 PID: 2256 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 236.982156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 236.983700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 236.984386] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 236.986824] RSP: 0018:ffff8880178c7bb8 EFLAGS: 00010246 [ 236.987564] RAX: 0000000000000000 RBX: ffff8880187ee8a8 RCX: 0000000000000000 [ 236.988499] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 236.989432] RBP: ffff8880178c7bd0 R08: ffffed10030fdd33 R09: ffffed10030fdd33 [ 236.990361] R10: ffff8880187ee993 R11: ffffed10030fdd32 R12: ffff888013b23000 [ 236.991346] R13: ffff8880187ee9e8 R14: ffffffff8352e670 R15: ffff8880178c7e68 [ 236.992298] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 236.993365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 236.994131] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 236.995103] PKRU: 55555554 [ 236.995518] Call Trace: [ 236.995867] [ 236.996176] __iommufd_access_detach+0x1c2/0x2b0 [ 236.996841] iommufd_access_change_pt+0x149/0x270 [ 236.997501] iommufd_access_replace+0xb4/0x120 [ 236.998125] iommufd_test+0x3e5/0x37e0 [ 236.998693] ? lock_release+0x532/0x770 [ 236.999294] ? __might_fault+0x102/0x1b0 [ 236.999863] ? lock_acquire+0x427/0x4c0 [ 237.000411] ? __pfx_iommufd_test+0x10/0x10 [ 237.000986] ? __pfx_lock_release+0x10/0x10 [ 237.001569] ? __pfx_lock_acquire+0x10/0x10 [ 237.002161] ? write_comp_data+0x2f/0x90 [ 237.002761] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.003456] ? write_comp_data+0x2f/0x90 [ 237.004028] iommufd_fops_ioctl+0x37d/0x510 [ 237.004620] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.005277] ? write_comp_data+0x2f/0x90 [ 237.005836] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.006472] __x64_sys_ioctl+0x1a3/0x230 [ 237.007089] do_syscall_64+0x3b/0x90 [ 237.007651] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.008356] RIP: 0033:0x7f4b8743ee5d [ 237.008856] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 237.011284] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 237.012300] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 237.013242] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 237.014182] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 237.015166] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 237.016116] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 237.017071] [ 237.017388] irq event stamp: 0 [ 237.017809] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.018690] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.019836] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.020945] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.021777] ---[ end trace 0000000000000000 ]--- [ 237.026872] ------------[ cut here ]------------ [ 237.027562] WARNING: CPU: 0 PID: 2256 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.028896] Modules linked in: [ 237.029329] CPU: 0 PID: 2256 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.030477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.032026] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.032709] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.035137] RSP: 0018:ffff8880178c7bd0 EFLAGS: 00010246 [ 237.035868] RAX: 0000000000000000 RBX: ffff8880187ee8a8 RCX: 0000000000000000 [ 237.036798] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 237.037731] RBP: ffff8880178c7be8 R08: ffffed10030fdd33 R09: ffffed10030fdd33 [ 237.038700] R10: ffff8880187ee993 R11: ffffed10030fdd32 R12: ffff888014390c00 [ 237.039696] R13: ffff8880187ee9e8 R14: ffff88800fa22400 R15: 0000000000000000 [ 237.040643] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 237.041700] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.042461] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 237.043455] PKRU: 55555554 [ 237.043845] Call Trace: [ 237.044195] [ 237.044510] iommufd_access_destroy_object+0x65/0x170 [ 237.045210] iommufd_object_destroy_user+0x18e/0x220 [ 237.045892] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 237.046712] iommufd_access_destroy+0x43/0x70 [ 237.047371] iommufd_test_staccess_release+0x8d/0xd0 [ 237.048068] __fput+0x26d/0xa40 [ 237.048537] ____fput+0x1e/0x30 [ 237.048999] task_work_run+0x1a4/0x2d0 [ 237.049534] ? __pfx_task_work_run+0x10/0x10 [ 237.050130] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.050827] ? switch_task_namespaces+0xa9/0xe0 [ 237.051496] do_exit+0xb17/0x2ef0 [ 237.051975] ? lock_acquire+0x427/0x4c0 [ 237.052522] ? __pfx_lock_release+0x10/0x10 [ 237.053104] ? __kasan_check_write+0x18/0x20 [ 237.053698] ? do_raw_spin_lock+0x132/0x2a0 [ 237.054275] ? __pfx_do_exit+0x10/0x10 [ 237.054878] ? debug_smp_processor_id+0x20/0x30 [ 237.055556] ? rcu_is_watching+0x19/0xb0 [ 237.056116] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.056730] ? trace_hardirqs_on+0x26/0x120 [ 237.057316] do_group_exit+0xe0/0x2b0 [ 237.057830] __x64_sys_exit_group+0x47/0x50 [ 237.058403] do_syscall_64+0x3b/0x90 [ 237.058988] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.059728] RIP: 0033:0x7f4b87518a4d [ 237.060234] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.061050] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.062048] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.063023] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.064000] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.064942] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.065878] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.066871] [ 237.067225] irq event stamp: 0 [ 237.067654] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.068489] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.069588] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.070719] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.071602] ---[ end trace 0000000000000000 ]--- [ 237.072988] ------------[ cut here ]------------ [ 237.073625] WARNING: CPU: 0 PID: 2256 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 237.075037] Modules linked in: [ 237.075504] CPU: 0 PID: 2256 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.076655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.078124] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 237.078854] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 237.081278] RSP: 0018:ffff8880178c7b78 EFLAGS: 00010246 [ 237.081989] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 237.082952] RDX: 0000000000000000 RSI: ffff8880100d2500 RDI: 0000000000000002 [ 237.083921] RBP: ffff8880178c7b98 R08: ffffed10030fdd3e R09: ffffed10030fdd3e [ 237.084865] R10: ffff8880187ee9ef R11: ffffed10030fdd3d R12: ffff8880187eea90 [ 237.085804] R13: ffff8880187ee8a8 R14: ffffffffffffffff R15: ffff8880178c7c60 [ 237.086777] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 237.087876] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.088647] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 237.089586] PKRU: 55555554 [ 237.089968] Call Trace: [ 237.090313] [ 237.090658] iommufd_ioas_destroy+0x53/0x70 [ 237.091279] iommufd_fops_release+0x1f7/0x370 [ 237.091898] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.092570] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.093231] ? write_comp_data+0x2f/0x90 [ 237.093792] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.094458] __fput+0x26d/0xa40 [ 237.094959] ____fput+0x1e/0x30 [ 237.095455] task_work_run+0x1a4/0x2d0 [ 237.096016] ? __pfx_task_work_run+0x10/0x10 [ 237.096635] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.097296] ? switch_task_namespaces+0xa9/0xe0 [ 237.097937] do_exit+0xb17/0x2ef0 [ 237.098404] ? lock_acquire+0x427/0x4c0 [ 237.098990] ? __pfx_lock_release+0x10/0x10 [ 237.099610] ? __kasan_check_write+0x18/0x20 [ 237.100211] ? do_raw_spin_lock+0x132/0x2a0 [ 237.100791] ? __pfx_do_exit+0x10/0x10 [ 237.101323] ? debug_smp_processor_id+0x20/0x30 [ 237.101944] ? rcu_is_watching+0x19/0xb0 [ 237.102486] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.103188] ? trace_hardirqs_on+0x26/0x120 [ 237.103781] do_group_exit+0xe0/0x2b0 [ 237.104295] __x64_sys_exit_group+0x47/0x50 [ 237.104794] do_syscall_64+0x3b/0x90 [ 237.105274] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.105962] RIP: 0033:0x7f4b87518a4d [ 237.106460] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.107324] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.108336] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.109283] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.110214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.111201] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.112152] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.113103] [ 237.113419] irq event stamp: 0 [ 237.113842] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.114705] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.115832] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.116933] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.117757] ---[ end trace 0000000000000000 ]--- [ 237.126086] ------------[ cut here ]------------ [ 237.126782] WARNING: CPU: 0 PID: 2257 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.128121] Modules linked in: [ 237.128552] CPU: 0 PID: 2257 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.129689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.131218] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.131898] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.134288] RSP: 0018:ffff88800e8c7bb8 EFLAGS: 00010246 [ 237.135033] RAX: 0000000000000000 RBX: ffff8880209ec8a8 RCX: 0000000000000000 [ 237.135999] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 237.136942] RBP: ffff88800e8c7bd0 R08: ffffed100413d933 R09: ffffed100413d933 [ 237.137870] R10: ffff8880209ec993 R11: ffffed100413d932 R12: ffff88800a727000 [ 237.138844] R13: ffff8880209ec9e8 R14: ffffffff8352e670 R15: ffff88800e8c7e68 [ 237.139824] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 237.140881] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.141640] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 237.142612] PKRU: 55555554 [ 237.142998] Call Trace: [ 237.143358] [ 237.143663] __iommufd_access_detach+0x1c2/0x2b0 [ 237.144318] iommufd_access_change_pt+0x149/0x270 [ 237.144952] iommufd_access_replace+0xb4/0x120 [ 237.145575] iommufd_test+0x3e5/0x37e0 [ 237.146094] ? lock_release+0x532/0x770 [ 237.146677] ? __might_fault+0x102/0x1b0 [ 237.147253] ? lock_acquire+0x427/0x4c0 [ 237.147765] ? __pfx_iommufd_test+0x10/0x10 [ 237.148338] ? __pfx_lock_release+0x10/0x10 [ 237.148921] ? __pfx_lock_acquire+0x10/0x10 [ 237.149509] ? write_comp_data+0x2f/0x90 [ 237.150064] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.150755] ? write_comp_data+0x2f/0x90 [ 237.151346] iommufd_fops_ioctl+0x37d/0x510 [ 237.151939] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.152596] ? write_comp_data+0x2f/0x90 [ 237.153150] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.153797] __x64_sys_ioctl+0x1a3/0x230 [ 237.154355] do_syscall_64+0x3b/0x90 [ 237.154909] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.155646] RIP: 0033:0x7f4b8743ee5d [ 237.156149] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 237.158576] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 237.159607] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 237.160548] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 237.161482] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 237.162415] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 237.163422] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 237.164391] [ 237.164724] irq event stamp: 0 [ 237.165148] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.165998] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.167595] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.168715] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.169567] ---[ end trace 0000000000000000 ]--- [ 237.175200] ------------[ cut here ]------------ [ 237.175868] WARNING: CPU: 0 PID: 2257 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.177211] Modules linked in: [ 237.177657] CPU: 0 PID: 2257 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.179391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.180902] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.181594] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.184371] RSP: 0018:ffff88800e8c7bd0 EFLAGS: 00010246 [ 237.185098] RAX: 0000000000000000 RBX: ffff8880209ec8a8 RCX: 0000000000000000 [ 237.186128] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 237.187354] RBP: ffff88800e8c7be8 R08: ffffed100413d933 R09: ffffed100413d933 [ 237.188317] R10: ffff8880209ec993 R11: ffffed100413d932 R12: ffff888013b21400 [ 237.189267] R13: ffff8880209ec9e8 R14: ffff88800f08fe00 R15: 0000000000000000 [ 237.190330] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 237.191670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.192458] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 237.193415] PKRU: 55555554 [ 237.193816] Call Trace: [ 237.194276] [ 237.194815] iommufd_access_destroy_object+0x65/0x170 [ 237.195569] iommufd_object_destroy_user+0x18e/0x220 [ 237.196285] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 237.197078] iommufd_access_destroy+0x43/0x70 [ 237.197711] iommufd_test_staccess_release+0x8d/0xd0 [ 237.198763] __fput+0x26d/0xa40 [ 237.199286] ____fput+0x1e/0x30 [ 237.199761] task_work_run+0x1a4/0x2d0 [ 237.200303] ? __pfx_task_work_run+0x10/0x10 [ 237.200906] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.201569] ? switch_task_namespaces+0xa9/0xe0 [ 237.202225] do_exit+0xb17/0x2ef0 [ 237.203066] ? lock_acquire+0x427/0x4c0 [ 237.203659] ? __pfx_lock_release+0x10/0x10 [ 237.204261] ? __kasan_check_write+0x18/0x20 [ 237.204867] ? do_raw_spin_lock+0x132/0x2a0 [ 237.205449] ? __pfx_do_exit+0x10/0x10 [ 237.205986] ? debug_smp_processor_id+0x20/0x30 [ 237.206725] ? rcu_is_watching+0x19/0xb0 [ 237.207516] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.208169] ? trace_hardirqs_on+0x26/0x120 [ 237.208769] do_group_exit+0xe0/0x2b0 [ 237.209281] __x64_sys_exit_group+0x47/0x50 [ 237.209863] do_syscall_64+0x3b/0x90 [ 237.210392] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.211211] RIP: 0033:0x7f4b87518a4d [ 237.212016] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.212860] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.213882] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.214880] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.215981] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.217168] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.218131] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.219177] [ 237.219775] irq event stamp: 0 [ 237.220212] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.221056] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.222159] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.223625] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.224481] ---[ end trace 0000000000000000 ]--- [ 237.227159] ------------[ cut here ]------------ [ 237.227831] WARNING: CPU: 0 PID: 2257 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 237.229187] Modules linked in: [ 237.229631] CPU: 0 PID: 2257 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.231170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.232680] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 237.233391] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 237.235878] RSP: 0018:ffff88800e8c7b78 EFLAGS: 00010246 [ 237.236600] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 237.237532] RDX: 0000000000000000 RSI: ffff888017324a00 RDI: 0000000000000002 [ 237.238464] RBP: ffff88800e8c7b98 R08: ffffed100413d93e R09: ffffed100413d93e [ 237.239452] R10: ffff8880209ec9ef R11: ffffed100413d93d R12: ffff8880209eca90 [ 237.240396] R13: ffff8880209ec8a8 R14: ffffffffffffffff R15: ffff88800e8c7c60 [ 237.241332] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 237.242390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.243208] CR2: 00007f82e2f94018 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 237.244156] PKRU: 55555554 [ 237.244542] Call Trace: [ 237.244885] [ 237.245192] iommufd_ioas_destroy+0x53/0x70 [ 237.245780] iommufd_fops_release+0x1f7/0x370 [ 237.246386] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.247088] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.247816] ? write_comp_data+0x2f/0x90 [ 237.248378] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.249047] __fput+0x26d/0xa40 [ 237.249509] ____fput+0x1e/0x30 [ 237.249956] task_work_run+0x1a4/0x2d0 [ 237.250487] ? __pfx_task_work_run+0x10/0x10 [ 237.251155] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.251828] ? switch_task_namespaces+0xa9/0xe0 [ 237.252465] do_exit+0xb17/0x2ef0 [ 237.252927] ? lock_acquire+0x427/0x4c0 [ 237.253471] ? __pfx_lock_release+0x10/0x10 [ 237.254058] ? __kasan_check_write+0x18/0x20 [ 237.254697] ? do_raw_spin_lock+0x132/0x2a0 [ 237.255314] ? __pfx_do_exit+0x10/0x10 [ 237.255851] ? debug_smp_processor_id+0x20/0x30 [ 237.256481] ? rcu_is_watching+0x19/0xb0 [ 237.257030] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.257641] ? trace_hardirqs_on+0x26/0x120 [ 237.258225] do_group_exit+0xe0/0x2b0 [ 237.258782] __x64_sys_exit_group+0x47/0x50 [ 237.259397] do_syscall_64+0x3b/0x90 [ 237.259934] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.260638] RIP: 0033:0x7f4b87518a4d [ 237.261134] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.261947] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.262986] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.263974] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.264921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.265856] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.266829] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.267828] [ 237.268153] irq event stamp: 0 [ 237.268579] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.269413] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.270560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.271709] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.272551] ---[ end trace 0000000000000000 ]--- [ 237.280946] ------------[ cut here ]------------ [ 237.281687] WARNING: CPU: 1 PID: 2258 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.283535] Modules linked in: [ 237.283998] CPU: 1 PID: 2258 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.285158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.286988] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.287720] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.290135] RSP: 0018:ffff888018297bb8 EFLAGS: 00010246 [ 237.291104] RAX: 0000000000000000 RBX: ffff888015d0e8a8 RCX: 0000000000000000 [ 237.292103] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 237.293065] RBP: ffff888018297bd0 R08: ffffed1002ba1d33 R09: ffffed1002ba1d33 [ 237.294017] R10: ffff888015d0e993 R11: ffffed1002ba1d32 R12: ffff888020e6bc00 [ 237.295270] R13: ffff888015d0e9e8 R14: ffffffff8352e670 R15: ffff888018297e68 [ 237.296242] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.297314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.298082] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 237.299336] PKRU: 55555554 [ 237.299737] Call Trace: [ 237.300088] [ 237.300402] __iommufd_access_detach+0x1c2/0x2b0 [ 237.301070] iommufd_access_change_pt+0x149/0x270 [ 237.301732] iommufd_access_replace+0xb4/0x120 [ 237.302359] iommufd_test+0x3e5/0x37e0 [ 237.302958] ? lock_release+0x532/0x770 [ 237.303724] ? __might_fault+0x102/0x1b0 [ 237.304303] ? lock_acquire+0x427/0x4c0 [ 237.304861] ? __pfx_iommufd_test+0x10/0x10 [ 237.305438] ? __pfx_lock_release+0x10/0x10 [ 237.306026] ? __pfx_lock_acquire+0x10/0x10 [ 237.306694] ? write_comp_data+0x2f/0x90 [ 237.307342] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.308623] ? write_comp_data+0x2f/0x90 [ 237.309232] iommufd_fops_ioctl+0x37d/0x510 [ 237.309851] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.310594] ? write_comp_data+0x2f/0x90 [ 237.311257] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.311937] __x64_sys_ioctl+0x1a3/0x230 [ 237.312537] do_syscall_64+0x3b/0x90 [ 237.313224] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.314115] RIP: 0033:0x7f4b8743ee5d [ 237.314729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 237.317213] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 237.318454] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 237.319529] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 237.320514] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 237.321476] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 237.322624] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 237.323696] [ 237.324046] irq event stamp: 0 [ 237.324484] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.325345] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.326486] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.327775] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.328795] ---[ end trace 0000000000000000 ]--- [ 237.334402] ------------[ cut here ]------------ [ 237.335152] WARNING: CPU: 1 PID: 2258 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.336717] Modules linked in: [ 237.337174] CPU: 1 PID: 2258 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.338354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.339991] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.340823] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.343348] RSP: 0018:ffff888018297bd0 EFLAGS: 00010246 [ 237.344086] RAX: 0000000000000000 RBX: ffff888015d0e8a8 RCX: 0000000000000000 [ 237.345224] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 237.346200] RBP: ffff888018297be8 R08: ffffed1002ba1d33 R09: ffffed1002ba1d33 [ 237.347272] R10: ffff888015d0e993 R11: ffffed1002ba1d32 R12: ffff888010827000 [ 237.348256] R13: ffff888015d0e9e8 R14: ffff8880143bf900 R15: 0000000000000000 [ 237.349227] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.350576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.351437] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.352422] PKRU: 55555554 [ 237.352827] Call Trace: [ 237.353190] [ 237.353521] iommufd_access_destroy_object+0x65/0x170 [ 237.354317] iommufd_object_destroy_user+0x18e/0x220 [ 237.355250] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 237.356098] iommufd_access_destroy+0x43/0x70 [ 237.356755] iommufd_test_staccess_release+0x8d/0xd0 [ 237.357482] __fput+0x26d/0xa40 [ 237.357994] ____fput+0x1e/0x30 [ 237.358485] task_work_run+0x1a4/0x2d0 [ 237.359151] ? __pfx_task_work_run+0x10/0x10 [ 237.359858] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.360663] ? switch_task_namespaces+0xa9/0xe0 [ 237.361346] do_exit+0xb17/0x2ef0 [ 237.361849] ? lock_acquire+0x427/0x4c0 [ 237.362429] ? __pfx_lock_release+0x10/0x10 [ 237.363112] ? __kasan_check_write+0x18/0x20 [ 237.363786] ? do_raw_spin_lock+0x132/0x2a0 [ 237.364405] ? __pfx_do_exit+0x10/0x10 [ 237.365092] ? debug_smp_processor_id+0x20/0x30 [ 237.365813] ? rcu_is_watching+0x19/0xb0 [ 237.366401] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.367110] ? trace_hardirqs_on+0x26/0x120 [ 237.367770] do_group_exit+0xe0/0x2b0 [ 237.368315] __x64_sys_exit_group+0x47/0x50 [ 237.368916] do_syscall_64+0x3b/0x90 [ 237.369468] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.370497] RIP: 0033:0x7f4b87518a4d [ 237.371229] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.372067] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.373093] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.374039] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.375462] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.376391] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.377374] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.378378] [ 237.378808] irq event stamp: 0 [ 237.379321] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.380522] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.381662] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.382880] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.383804] ---[ end trace 0000000000000000 ]--- [ 237.385318] ------------[ cut here ]------------ [ 237.385993] WARNING: CPU: 1 PID: 2258 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 237.387521] Modules linked in: [ 237.388002] CPU: 1 PID: 2258 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.389455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.391070] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 237.391846] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 237.394498] RSP: 0018:ffff888018297b78 EFLAGS: 00010246 [ 237.395375] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 237.396346] RDX: 0000000000000000 RSI: ffff888017320000 RDI: 0000000000000002 [ 237.397320] RBP: ffff888018297b98 R08: ffffed1002ba1d3e R09: ffffed1002ba1d3e [ 237.398482] R10: ffff888015d0e9ef R11: ffffed1002ba1d3d R12: ffff888015d0ea90 [ 237.399560] R13: ffff888015d0e8a8 R14: ffffffffffffffff R15: ffff888018297c60 [ 237.400538] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.401625] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.402462] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.403676] PKRU: 55555554 [ 237.404104] Call Trace: [ 237.404474] [ 237.404802] iommufd_ioas_destroy+0x53/0x70 [ 237.405421] iommufd_fops_release+0x1f7/0x370 [ 237.406061] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.406833] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.407596] ? write_comp_data+0x2f/0x90 [ 237.408391] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.409102] __fput+0x26d/0xa40 [ 237.409610] ____fput+0x1e/0x30 [ 237.410099] task_work_run+0x1a4/0x2d0 [ 237.410723] ? __pfx_task_work_run+0x10/0x10 [ 237.411401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.412101] ? switch_task_namespaces+0xa9/0xe0 [ 237.412910] do_exit+0xb17/0x2ef0 [ 237.413511] ? lock_acquire+0x427/0x4c0 [ 237.414088] ? __pfx_lock_release+0x10/0x10 [ 237.414790] ? __kasan_check_write+0x18/0x20 [ 237.415480] ? do_raw_spin_lock+0x132/0x2a0 [ 237.416095] ? __pfx_do_exit+0x10/0x10 [ 237.416676] ? debug_smp_processor_id+0x20/0x30 [ 237.417433] ? rcu_is_watching+0x19/0xb0 [ 237.418135] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.418873] ? trace_hardirqs_on+0x26/0x120 [ 237.419545] do_group_exit+0xe0/0x2b0 [ 237.420096] __x64_sys_exit_group+0x47/0x50 [ 237.420699] do_syscall_64+0x3b/0x90 [ 237.421250] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.422035] RIP: 0033:0x7f4b87518a4d [ 237.422763] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.423673] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.424718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.425690] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.426743] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.427880] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.428935] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.429962] [ 237.430321] irq event stamp: 0 [ 237.430926] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.431833] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.432950] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.434047] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.434929] ---[ end trace 0000000000000000 ]--- [ 237.442184] ------------[ cut here ]------------ [ 237.442904] WARNING: CPU: 1 PID: 2259 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.444263] Modules linked in: [ 237.444699] CPU: 1 PID: 2259 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.445861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.447398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.448080] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.450478] RSP: 0018:ffff888021a47bb8 EFLAGS: 00010246 [ 237.451264] RAX: 0000000000000000 RBX: ffff8880167e20a8 RCX: 0000000000000000 [ 237.452211] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 237.453158] RBP: ffff888021a47bd0 R08: ffffed1002cfc433 R09: ffffed1002cfc433 [ 237.454099] R10: ffff8880167e2193 R11: ffffed1002cfc432 R12: ffff8880121c4c00 [ 237.455083] R13: ffff8880167e21e8 R14: ffffffff8352e670 R15: ffff888021a47e68 [ 237.456189] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.457254] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.458022] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 237.459030] PKRU: 55555554 [ 237.459446] Call Trace: [ 237.459802] [ 237.460113] __iommufd_access_detach+0x1c2/0x2b0 [ 237.460775] iommufd_access_change_pt+0x149/0x270 [ 237.461442] iommufd_access_replace+0xb4/0x120 [ 237.462078] iommufd_test+0x3e5/0x37e0 [ 237.462675] ? lock_release+0x532/0x770 [ 237.463275] ? __might_fault+0x102/0x1b0 [ 237.463836] ? lock_acquire+0x427/0x4c0 [ 237.464386] ? __pfx_iommufd_test+0x10/0x10 [ 237.464963] ? __pfx_lock_release+0x10/0x10 [ 237.465550] ? __pfx_lock_acquire+0x10/0x10 [ 237.466146] ? write_comp_data+0x2f/0x90 [ 237.466764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.467446] ? write_comp_data+0x2f/0x90 [ 237.468008] iommufd_fops_ioctl+0x37d/0x510 [ 237.468596] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.469256] ? write_comp_data+0x2f/0x90 [ 237.469819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.470473] __x64_sys_ioctl+0x1a3/0x230 [ 237.471078] do_syscall_64+0x3b/0x90 [ 237.471596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.472271] RIP: 0033:0x7f4b8743ee5d [ 237.472751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 237.475089] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 237.476067] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 237.476969] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 237.477869] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 237.478808] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 237.479717] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 237.480638] [ 237.480936] irq event stamp: 0 [ 237.481341] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.482134] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.483240] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.484294] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.485090] ---[ end trace 0000000000000000 ]--- [ 237.489941] ------------[ cut here ]------------ [ 237.490621] WARNING: CPU: 1 PID: 2259 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.491917] Modules linked in: [ 237.492330] CPU: 1 PID: 2259 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.493427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.494877] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.495529] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.497809] RSP: 0018:ffff888021a47bd0 EFLAGS: 00010246 [ 237.498482] RAX: 0000000000000000 RBX: ffff8880167e20a8 RCX: 0000000000000000 [ 237.499439] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 237.500336] RBP: ffff888021a47be8 R08: ffffed1002cfc433 R09: ffffed1002cfc433 [ 237.501233] R10: ffff8880167e2193 R11: ffffed1002cfc432 R12: ffff888020e69400 [ 237.502128] R13: ffff8880167e21e8 R14: ffff88800fe7a700 R15: 0000000000000000 [ 237.503053] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.504071] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.504804] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.505704] PKRU: 55555554 [ 237.506066] Call Trace: [ 237.506393] [ 237.506717] iommufd_access_destroy_object+0x65/0x170 [ 237.507397] iommufd_object_destroy_user+0x18e/0x220 [ 237.508050] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 237.508792] iommufd_access_destroy+0x43/0x70 [ 237.509379] iommufd_test_staccess_release+0x8d/0xd0 [ 237.510036] __fput+0x26d/0xa40 [ 237.510484] ____fput+0x1e/0x30 [ 237.510958] task_work_run+0x1a4/0x2d0 [ 237.511482] ? __pfx_task_work_run+0x10/0x10 [ 237.512053] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.512685] ? switch_task_namespaces+0xa9/0xe0 [ 237.513305] do_exit+0xb17/0x2ef0 [ 237.513763] ? lock_acquire+0x427/0x4c0 [ 237.514291] ? __pfx_lock_release+0x10/0x10 [ 237.514895] ? __kasan_check_write+0x18/0x20 [ 237.515492] ? do_raw_spin_lock+0x132/0x2a0 [ 237.516047] ? __pfx_do_exit+0x10/0x10 [ 237.516561] ? debug_smp_processor_id+0x20/0x30 [ 237.517159] ? rcu_is_watching+0x19/0xb0 [ 237.517678] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.518264] ? trace_hardirqs_on+0x26/0x120 [ 237.518859] do_group_exit+0xe0/0x2b0 [ 237.519367] __x64_sys_exit_group+0x47/0x50 [ 237.519919] do_syscall_64+0x3b/0x90 [ 237.520408] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.521076] RIP: 0033:0x7f4b87518a4d [ 237.521554] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.522330] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.523334] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.524233] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.525127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.526018] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.526942] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.527857] [ 237.528142] irq event stamp: 0 [ 237.528546] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.529336] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.530381] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.531484] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.532287] ---[ end trace 0000000000000000 ]--- [ 237.533559] ------------[ cut here ]------------ [ 237.534172] WARNING: CPU: 1 PID: 2259 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 237.535509] Modules linked in: [ 237.535930] CPU: 1 PID: 2259 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.537027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.538429] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 237.539133] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 237.541415] RSP: 0018:ffff888021a47b78 EFLAGS: 00010246 [ 237.542093] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 237.543015] RDX: 0000000000000000 RSI: ffff88801043ca00 RDI: 0000000000000002 [ 237.543921] RBP: ffff888021a47b98 R08: ffffed1002cfc43e R09: ffffed1002cfc43e [ 237.544815] R10: ffff8880167e21ef R11: ffffed1002cfc43d R12: ffff8880167e2290 [ 237.545711] R13: ffff8880167e20a8 R14: ffffffffffffffff R15: ffff888021a47c60 [ 237.546649] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.547724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.548487] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.549422] PKRU: 55555554 [ 237.549799] Call Trace: [ 237.550140] [ 237.550445] iommufd_ioas_destroy+0x53/0x70 [ 237.551072] iommufd_fops_release+0x1f7/0x370 [ 237.551709] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.552388] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.553044] ? write_comp_data+0x2f/0x90 [ 237.553596] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.554259] __fput+0x26d/0xa40 [ 237.554762] ____fput+0x1e/0x30 [ 237.555256] task_work_run+0x1a4/0x2d0 [ 237.555795] ? __pfx_task_work_run+0x10/0x10 [ 237.556386] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.557039] ? switch_task_namespaces+0xa9/0xe0 [ 237.557672] do_exit+0xb17/0x2ef0 [ 237.558133] ? lock_acquire+0x427/0x4c0 [ 237.558716] ? __pfx_lock_release+0x10/0x10 [ 237.559326] ? __kasan_check_write+0x18/0x20 [ 237.559924] ? do_raw_spin_lock+0x132/0x2a0 [ 237.560498] ? __pfx_do_exit+0x10/0x10 [ 237.561028] ? debug_smp_processor_id+0x20/0x30 [ 237.561649] ? rcu_is_watching+0x19/0xb0 [ 237.562199] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.562861] ? trace_hardirqs_on+0x26/0x120 [ 237.563485] do_group_exit+0xe0/0x2b0 [ 237.564003] __x64_sys_exit_group+0x47/0x50 [ 237.564573] do_syscall_64+0x3b/0x90 [ 237.565083] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.565776] RIP: 0033:0x7f4b87518a4d [ 237.566266] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.567112] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.568134] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.569070] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.569996] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.570963] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.571922] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.572872] [ 237.573183] irq event stamp: 0 [ 237.573602] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.574425] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.575597] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.576711] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.577545] ---[ end trace 0000000000000000 ]--- [ 237.585251] ------------[ cut here ]------------ [ 237.585949] WARNING: CPU: 1 PID: 2260 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.587426] Modules linked in: [ 237.587881] CPU: 1 PID: 2260 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.589030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.590472] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.591199] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.593560] RSP: 0018:ffff888015d07bb8 EFLAGS: 00010246 [ 237.594288] RAX: 0000000000000000 RBX: ffff888015d2c0a8 RCX: 0000000000000000 [ 237.595276] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 237.596220] RBP: ffff888015d07bd0 R08: ffffed1002ba5833 R09: ffffed1002ba5833 [ 237.597156] R10: ffff888015d2c193 R11: ffffed1002ba5832 R12: ffff88801226e800 [ 237.598085] R13: ffff888015d2c1e8 R14: ffffffff8352e670 R15: ffff888015d07e68 [ 237.599052] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.600139] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.600911] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 237.601841] PKRU: 55555554 [ 237.602217] Call Trace: [ 237.602605] [ 237.602921] __iommufd_access_detach+0x1c2/0x2b0 [ 237.603594] iommufd_access_change_pt+0x149/0x270 [ 237.604254] iommufd_access_replace+0xb4/0x120 [ 237.604885] iommufd_test+0x3e5/0x37e0 [ 237.605516] ? lock_release+0x532/0x770 [ 237.605965] ? __might_fault+0x102/0x1b0 [ 237.606395] ? lock_acquire+0x427/0x4c0 [ 237.606896] ? __pfx_iommufd_test+0x10/0x10 [ 237.607357] ? __pfx_lock_release+0x10/0x10 [ 237.607807] ? __pfx_lock_acquire+0x10/0x10 [ 237.608262] ? write_comp_data+0x2f/0x90 [ 237.608699] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.609206] ? write_comp_data+0x2f/0x90 [ 237.609650] iommufd_fops_ioctl+0x37d/0x510 [ 237.610111] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.610671] ? write_comp_data+0x2f/0x90 [ 237.611133] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.611662] __x64_sys_ioctl+0x1a3/0x230 [ 237.612109] do_syscall_64+0x3b/0x90 [ 237.612526] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.613095] RIP: 0033:0x7f4b8743ee5d [ 237.613496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 237.615497] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 237.616317] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 237.617079] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 237.617842] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 237.618634] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 237.619402] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 237.620169] [ 237.620419] irq event stamp: 0 [ 237.620758] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.621433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.622332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.623271] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.623964] ---[ end trace 0000000000000000 ]--- [ 237.627489] ------------[ cut here ]------------ [ 237.628041] WARNING: CPU: 1 PID: 2260 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.629214] Modules linked in: [ 237.629571] CPU: 1 PID: 2260 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.630558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.631784] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.632323] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.634293] RSP: 0018:ffff888015d07bd0 EFLAGS: 00010246 [ 237.634916] RAX: 0000000000000000 RBX: ffff888015d2c0a8 RCX: 0000000000000000 [ 237.635692] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 237.636454] RBP: ffff888015d07be8 R08: ffffed1002ba5833 R09: ffffed1002ba5833 [ 237.637221] R10: ffff888015d2c193 R11: ffffed1002ba5832 R12: ffff8880121c6400 [ 237.637998] R13: ffff888015d2c1e8 R14: ffff88801227da00 R15: 0000000000000000 [ 237.638819] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.639711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.640334] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.641102] PKRU: 55555554 [ 237.641406] Call Trace: [ 237.641681] [ 237.641932] iommufd_access_destroy_object+0x65/0x170 [ 237.642497] iommufd_object_destroy_user+0x18e/0x220 [ 237.643091] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 237.643734] iommufd_access_destroy+0x43/0x70 [ 237.644233] iommufd_test_staccess_release+0x8d/0xd0 [ 237.644800] __fput+0x26d/0xa40 [ 237.645166] ____fput+0x1e/0x30 [ 237.645532] task_work_run+0x1a4/0x2d0 [ 237.645961] ? __pfx_task_work_run+0x10/0x10 [ 237.646442] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.647006] ? switch_task_namespaces+0xa9/0xe0 [ 237.647550] do_exit+0xb17/0x2ef0 [ 237.647927] ? lock_acquire+0x427/0x4c0 [ 237.648372] ? __pfx_lock_release+0x10/0x10 [ 237.648846] ? __kasan_check_write+0x18/0x20 [ 237.649321] ? do_raw_spin_lock+0x132/0x2a0 [ 237.649784] ? __pfx_do_exit+0x10/0x10 [ 237.650213] ? debug_smp_processor_id+0x20/0x30 [ 237.650752] ? rcu_is_watching+0x19/0xb0 [ 237.651207] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.651713] ? trace_hardirqs_on+0x26/0x120 [ 237.652193] do_group_exit+0xe0/0x2b0 [ 237.652611] __x64_sys_exit_group+0x47/0x50 [ 237.653080] do_syscall_64+0x3b/0x90 [ 237.653491] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.654059] RIP: 0033:0x7f4b87518a4d [ 237.654458] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.655157] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.655982] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.656753] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.657515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.658272] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.659066] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.659863] [ 237.660120] irq event stamp: 0 [ 237.660464] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.661203] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.662094] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.663023] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.663713] ---[ end trace 0000000000000000 ]--- [ 237.664637] ------------[ cut here ]------------ [ 237.665157] WARNING: CPU: 1 PID: 2260 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 237.666249] Modules linked in: [ 237.666635] CPU: 1 PID: 2260 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.667599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.668809] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 237.669383] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 237.671387] RSP: 0018:ffff888015d07b78 EFLAGS: 00010246 [ 237.671970] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 237.672732] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 237.673499] RBP: ffff888015d07b98 R08: ffffed1002ba583e R09: ffffed1002ba583e [ 237.674263] R10: ffff888015d2c1ef R11: ffffed1002ba583d R12: ffff888015d2c290 [ 237.675064] R13: ffff888015d2c0a8 R14: ffffffffffffffff R15: ffff888015d07c60 [ 237.675845] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.676710] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.677337] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.678106] PKRU: 55555554 [ 237.678410] Call Trace: [ 237.678714] [ 237.678966] iommufd_ioas_destroy+0x53/0x70 [ 237.679471] iommufd_fops_release+0x1f7/0x370 [ 237.679959] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.680502] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.681036] ? write_comp_data+0x2f/0x90 [ 237.681488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.682117] __fput+0x26d/0xa40 [ 237.682701] ____fput+0x1e/0x30 [ 237.683076] task_work_run+0x1a4/0x2d0 [ 237.683528] ? __pfx_task_work_run+0x10/0x10 [ 237.684007] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.684541] ? switch_task_namespaces+0xa9/0xe0 [ 237.685065] do_exit+0xb17/0x2ef0 [ 237.685440] ? lock_acquire+0x427/0x4c0 [ 237.685887] ? __pfx_lock_release+0x10/0x10 [ 237.686406] ? __kasan_check_write+0x18/0x20 [ 237.687144] ? do_raw_spin_lock+0x132/0x2a0 [ 237.687616] ? __pfx_do_exit+0x10/0x10 [ 237.688045] ? debug_smp_processor_id+0x20/0x30 [ 237.688552] ? rcu_is_watching+0x19/0xb0 [ 237.689000] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.689492] ? trace_hardirqs_on+0x26/0x120 [ 237.689963] do_group_exit+0xe0/0x2b0 [ 237.690373] __x64_sys_exit_group+0x47/0x50 [ 237.690885] do_syscall_64+0x3b/0x90 [ 237.691320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.691891] RIP: 0033:0x7f4b87518a4d [ 237.692353] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.693255] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.694079] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.694894] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.695675] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.696445] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.697209] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.698085] [ 237.698501] irq event stamp: 0 [ 237.698902] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.699584] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.700457] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.701324] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.701978] ---[ end trace 0000000000000000 ]--- [ 237.707907] ------------[ cut here ]------------ [ 237.708969] WARNING: CPU: 1 PID: 2261 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.710018] Modules linked in: [ 237.710346] CPU: 1 PID: 2261 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.711550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.712716] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.713242] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.715458] RSP: 0018:ffff888016c07bb8 EFLAGS: 00010246 [ 237.716016] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 237.716751] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 237.717483] RBP: ffff888016c07bd0 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 237.718366] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff88802095f400 [ 237.719306] R13: ffff88801587c9e8 R14: ffffffff8352e670 R15: ffff888016c07e68 [ 237.720046] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.720872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.721473] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 237.722229] PKRU: 55555554 [ 237.722562] Call Trace: [ 237.722833] [ 237.723079] __iommufd_access_detach+0x1c2/0x2b0 [ 237.723763] iommufd_access_change_pt+0x149/0x270 [ 237.724445] iommufd_access_replace+0xb4/0x120 [ 237.725017] iommufd_test+0x3e5/0x37e0 [ 237.725426] ? lock_release+0x532/0x770 [ 237.725857] ? __might_fault+0x102/0x1b0 [ 237.726293] ? lock_acquire+0x427/0x4c0 [ 237.726777] ? __pfx_iommufd_test+0x10/0x10 [ 237.727252] ? __pfx_lock_release+0x10/0x10 [ 237.727714] ? __pfx_lock_acquire+0x10/0x10 [ 237.728176] ? write_comp_data+0x2f/0x90 [ 237.728610] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.729301] ? write_comp_data+0x2f/0x90 [ 237.729886] iommufd_fops_ioctl+0x37d/0x510 [ 237.730347] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.730894] ? write_comp_data+0x2f/0x90 [ 237.731349] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.731857] __x64_sys_ioctl+0x1a3/0x230 [ 237.732292] do_syscall_64+0x3b/0x90 [ 237.732691] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.733239] RIP: 0033:0x7f4b8743ee5d [ 237.733634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 237.735950] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 237.736758] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 237.737512] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 237.738291] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 237.739129] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 237.739892] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 237.740998] [ 237.741261] irq event stamp: 0 [ 237.741588] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.742244] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.743197] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.744139] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.744800] ---[ end trace 0000000000000000 ]--- [ 237.748173] ------------[ cut here ]------------ [ 237.748734] WARNING: CPU: 1 PID: 2261 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.749919] Modules linked in: [ 237.750402] CPU: 1 PID: 2261 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.751399] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.752589] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.753122] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.755262] RSP: 0018:ffff888016c07bd0 EFLAGS: 00010246 [ 237.755991] RAX: 0000000000000000 RBX: ffff88801587c8a8 RCX: 0000000000000000 [ 237.756726] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 237.757535] RBP: ffff888016c07be8 R08: ffffed1002b0f933 R09: ffffed1002b0f933 [ 237.758286] R10: ffff88801587c993 R11: ffffed1002b0f932 R12: ffff88801226e000 [ 237.759080] R13: ffff88801587c9e8 R14: ffff8880123b0b00 R15: 0000000000000000 [ 237.759850] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.760838] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.761666] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.762407] PKRU: 55555554 [ 237.762751] Call Trace: [ 237.763024] [ 237.763275] iommufd_access_destroy_object+0x65/0x170 [ 237.763815] iommufd_object_destroy_user+0x18e/0x220 [ 237.764371] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 237.765000] iommufd_access_destroy+0x43/0x70 [ 237.765504] iommufd_test_staccess_release+0x8d/0xd0 [ 237.766249] __fput+0x26d/0xa40 [ 237.766797] ____fput+0x1e/0x30 [ 237.767170] task_work_run+0x1a4/0x2d0 [ 237.767599] ? __pfx_task_work_run+0x10/0x10 [ 237.768080] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.768605] ? switch_task_namespaces+0xa9/0xe0 [ 237.769117] do_exit+0xb17/0x2ef0 [ 237.769497] ? lock_acquire+0x427/0x4c0 [ 237.769954] ? __pfx_lock_release+0x10/0x10 [ 237.770598] ? __kasan_check_write+0x18/0x20 [ 237.771089] ? do_raw_spin_lock+0x132/0x2a0 [ 237.771566] ? __pfx_do_exit+0x10/0x10 [ 237.772142] ? debug_smp_processor_id+0x20/0x30 [ 237.772804] ? rcu_is_watching+0x19/0xb0 [ 237.773242] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.773734] ? trace_hardirqs_on+0x26/0x120 [ 237.774209] do_group_exit+0xe0/0x2b0 [ 237.774679] __x64_sys_exit_group+0x47/0x50 [ 237.775176] do_syscall_64+0x3b/0x90 [ 237.775582] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.776145] RIP: 0033:0x7f4b87518a4d [ 237.776547] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.777339] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.778299] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.779126] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.779898] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.780656] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.781411] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.782300] [ 237.782729] irq event stamp: 0 [ 237.783066] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.783740] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.784628] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.785530] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.786214] ---[ end trace 0000000000000000 ]--- [ 237.787224] ------------[ cut here ]------------ [ 237.787797] WARNING: CPU: 1 PID: 2261 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 237.789228] Modules linked in: [ 237.789573] CPU: 1 PID: 2261 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.790546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.791756] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 237.792310] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 237.794741] RSP: 0018:ffff888016c07b78 EFLAGS: 00010246 [ 237.795333] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 237.796090] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 237.796851] RBP: ffff888016c07b98 R08: ffffed1002b0f93e R09: ffffed1002b0f93e [ 237.797608] R10: ffff88801587c9ef R11: ffffed1002b0f93d R12: ffff88801587ca90 [ 237.798423] R13: ffff88801587c8a8 R14: ffffffffffffffff R15: ffff888016c07c60 [ 237.799469] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.800340] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.800961] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.801724] PKRU: 55555554 [ 237.802028] Call Trace: [ 237.802310] [ 237.802603] iommufd_ioas_destroy+0x53/0x70 [ 237.803102] iommufd_fops_release+0x1f7/0x370 [ 237.803600] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.804134] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.804821] ? write_comp_data+0x2f/0x90 [ 237.805441] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.805977] __fput+0x26d/0xa40 [ 237.806359] ____fput+0x1e/0x30 [ 237.806767] task_work_run+0x1a4/0x2d0 [ 237.807220] ? __pfx_task_work_run+0x10/0x10 [ 237.807693] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.808214] ? switch_task_namespaces+0xa9/0xe0 [ 237.808719] do_exit+0xb17/0x2ef0 [ 237.809088] ? lock_acquire+0x427/0x4c0 [ 237.809521] ? __pfx_lock_release+0x10/0x10 [ 237.810093] ? __kasan_check_write+0x18/0x20 [ 237.810742] ? do_raw_spin_lock+0x132/0x2a0 [ 237.811211] ? __pfx_do_exit+0x10/0x10 [ 237.811635] ? debug_smp_processor_id+0x20/0x30 [ 237.812149] ? rcu_is_watching+0x19/0xb0 [ 237.812600] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.813095] ? trace_hardirqs_on+0x26/0x120 [ 237.813568] do_group_exit+0xe0/0x2b0 [ 237.813980] __x64_sys_exit_group+0x47/0x50 [ 237.814443] do_syscall_64+0x3b/0x90 [ 237.814991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.815730] RIP: 0033:0x7f4b87518a4d [ 237.816132] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.816787] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.817597] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.818364] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.819180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.819940] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.820759] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.821815] [ 237.822067] irq event stamp: 0 [ 237.822406] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.823112] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.824002] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.824888] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.825551] ---[ end trace 0000000000000000 ]--- [ 237.830596] ------------[ cut here ]------------ [ 237.831195] WARNING: CPU: 1 PID: 2262 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.832259] Modules linked in: [ 237.832602] CPU: 1 PID: 2262 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.833527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.835152] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.835687] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.837617] RSP: 0018:ffff888023e9fbb8 EFLAGS: 00010246 [ 237.838262] RAX: 0000000000000000 RBX: ffff88801406f0a8 RCX: 0000000000000000 [ 237.839336] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 237.840097] RBP: ffff888023e9fbd0 R08: ffffed100280de33 R09: ffffed100280de33 [ 237.840851] R10: ffff88801406f193 R11: ffffed100280de32 R12: ffff888014391800 [ 237.841610] R13: ffff88801406f1e8 R14: ffffffff8352e670 R15: ffff888023e9fe68 [ 237.842413] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.843617] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.844252] CR2: 00007f4b877410e8 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 237.845017] PKRU: 55555554 [ 237.845325] Call Trace: [ 237.845603] [ 237.845855] __iommufd_access_detach+0x1c2/0x2b0 [ 237.846388] iommufd_access_change_pt+0x149/0x270 [ 237.847098] iommufd_access_replace+0xb4/0x120 [ 237.847800] iommufd_test+0x3e5/0x37e0 [ 237.848223] ? lock_release+0x532/0x770 [ 237.848661] ? __might_fault+0x102/0x1b0 [ 237.849111] ? lock_acquire+0x427/0x4c0 [ 237.849556] ? __pfx_iommufd_test+0x10/0x10 [ 237.850024] ? __pfx_lock_release+0x10/0x10 [ 237.850501] ? __pfx_lock_acquire+0x10/0x10 [ 237.851147] ? write_comp_data+0x2f/0x90 [ 237.851802] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.852327] ? write_comp_data+0x2f/0x90 [ 237.852776] iommufd_fops_ioctl+0x37d/0x510 [ 237.853325] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.853855] ? write_comp_data+0x2f/0x90 [ 237.854313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.854933] __x64_sys_ioctl+0x1a3/0x230 [ 237.855613] do_syscall_64+0x3b/0x90 [ 237.856031] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.856586] RIP: 0033:0x7f4b8743ee5d [ 237.856987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 237.859255] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 237.860077] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 237.860836] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 237.861596] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 237.862357] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 237.863487] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 237.864257] [ 237.864508] irq event stamp: 0 [ 237.864846] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.865522] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.866415] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.867697] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.868376] ---[ end trace 0000000000000000 ]--- [ 237.873854] ------------[ cut here ]------------ [ 237.874442] WARNING: CPU: 1 PID: 2262 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.875913] Modules linked in: [ 237.876277] CPU: 1 PID: 2262 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.877247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.878494] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.879170] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.881402] RSP: 0018:ffff888023e9fbd0 EFLAGS: 00010246 [ 237.882000] RAX: 0000000000000000 RBX: ffff88801406f0a8 RCX: 0000000000000000 [ 237.882827] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 237.883879] RBP: ffff888023e9fbe8 R08: ffffed100280de33 R09: ffffed100280de33 [ 237.884657] R10: ffff88801406f193 R11: ffffed100280de32 R12: ffff88802095d800 [ 237.885527] R13: ffff88801406f1e8 R14: ffff888014b93c00 R15: 0000000000000000 [ 237.886314] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.887255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.888166] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 237.888960] PKRU: 55555554 [ 237.889283] Call Trace: [ 237.889573] [ 237.889835] iommufd_access_destroy_object+0x65/0x170 [ 237.890422] iommufd_object_destroy_user+0x18e/0x220 [ 237.891029] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 237.891919] iommufd_access_destroy+0x43/0x70 [ 237.892455] iommufd_test_staccess_release+0x8d/0xd0 [ 237.893036] __fput+0x26d/0xa40 [ 237.893426] ____fput+0x1e/0x30 [ 237.893816] task_work_run+0x1a4/0x2d0 [ 237.894272] ? __pfx_task_work_run+0x10/0x10 [ 237.894812] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.895380] ? switch_task_namespaces+0xa9/0xe0 [ 237.896182] do_exit+0xb17/0x2ef0 [ 237.896583] ? lock_acquire+0x427/0x4c0 [ 237.897040] ? __pfx_lock_release+0x10/0x10 [ 237.897529] ? __kasan_check_write+0x18/0x20 [ 237.898024] ? do_raw_spin_lock+0x132/0x2a0 [ 237.898539] ? __pfx_do_exit+0x10/0x10 [ 237.898989] ? debug_smp_processor_id+0x20/0x30 [ 237.899537] ? rcu_is_watching+0x19/0xb0 [ 237.900232] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.900753] ? trace_hardirqs_on+0x26/0x120 [ 237.901248] do_group_exit+0xe0/0x2b0 [ 237.901685] __x64_sys_exit_group+0x47/0x50 [ 237.902166] do_syscall_64+0x3b/0x90 [ 237.902635] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.903249] RIP: 0033:0x7f4b87518a4d [ 237.903824] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.904629] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.905470] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.906262] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.907097] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.908191] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.908986] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.909783] [ 237.910048] irq event stamp: 0 [ 237.910398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.911152] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.912332] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.913265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.913963] ---[ end trace 0000000000000000 ]--- [ 237.917213] ------------[ cut here ]------------ [ 237.917765] WARNING: CPU: 1 PID: 2262 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 237.919005] Modules linked in: [ 237.919389] CPU: 1 PID: 2262 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.920616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.921866] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 237.922449] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 237.924782] RSP: 0018:ffff888023e9fb78 EFLAGS: 00010246 [ 237.925382] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 237.926170] RDX: 0000000000000000 RSI: ffff8880105a0000 RDI: 0000000000000002 [ 237.926985] RBP: ffff888023e9fb98 R08: ffffed100280de3e R09: ffffed100280de3e [ 237.927799] R10: ffff88801406f1ef R11: ffffed100280de3d R12: ffff88801406f290 [ 237.928860] R13: ffff88801406f0a8 R14: ffffffffffffffff R15: ffff888023e9fc60 [ 237.929648] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 237.930576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.931237] CR2: 00007f82e2fc5000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 237.932079] PKRU: 55555554 [ 237.932596] Call Trace: [ 237.932883] [ 237.933138] iommufd_ioas_destroy+0x53/0x70 [ 237.933630] iommufd_fops_release+0x1f7/0x370 [ 237.934141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.934748] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.935328] ? write_comp_data+0x2f/0x90 [ 237.935796] ? __pfx_iommufd_fops_release+0x10/0x10 [ 237.936476] __fput+0x26d/0xa40 [ 237.937009] ____fput+0x1e/0x30 [ 237.937397] task_work_run+0x1a4/0x2d0 [ 237.937844] ? __pfx_task_work_run+0x10/0x10 [ 237.938345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.938940] ? switch_task_namespaces+0xa9/0xe0 [ 237.939486] do_exit+0xb17/0x2ef0 [ 237.939881] ? lock_acquire+0x427/0x4c0 [ 237.940424] ? __pfx_lock_release+0x10/0x10 [ 237.941090] ? __kasan_check_write+0x18/0x20 [ 237.941590] ? do_raw_spin_lock+0x132/0x2a0 [ 237.942068] ? __pfx_do_exit+0x10/0x10 [ 237.942555] ? debug_smp_processor_id+0x20/0x30 [ 237.943077] ? rcu_is_watching+0x19/0xb0 [ 237.943555] ? _raw_spin_unlock_irq+0x2b/0x60 [ 237.944071] ? trace_hardirqs_on+0x26/0x120 [ 237.944707] do_group_exit+0xe0/0x2b0 [ 237.945261] __x64_sys_exit_group+0x47/0x50 [ 237.945747] do_syscall_64+0x3b/0x90 [ 237.946179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.946801] RIP: 0033:0x7f4b87518a4d [ 237.947226] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 237.947909] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 237.948749] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 237.949597] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 237.950390] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 237.951250] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 237.952047] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 237.953191] [ 237.953448] irq event stamp: 0 [ 237.953789] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 237.954485] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 237.955470] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 237.956377] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 237.957153] ---[ end trace 0000000000000000 ]--- [ 237.965373] ------------[ cut here ]------------ [ 237.966048] WARNING: CPU: 0 PID: 2263 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 237.967770] Modules linked in: [ 237.968213] CPU: 0 PID: 2263 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 237.969467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 237.971198] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 237.971879] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 237.974257] RSP: 0018:ffff888016c07bb8 EFLAGS: 00010246 [ 237.975012] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 237.975970] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 237.976905] RBP: ffff888016c07bd0 R08: ffffed100208c133 R09: ffffed100208c133 [ 237.977840] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff8880129c4000 [ 237.978819] R13: ffff8880104609e8 R14: ffffffff8352e670 R15: ffff888016c07e68 [ 237.979778] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 237.980837] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 237.981608] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 237.982607] PKRU: 55555554 [ 237.982994] Call Trace: [ 237.983374] [ 237.983690] __iommufd_access_detach+0x1c2/0x2b0 [ 237.984363] iommufd_access_change_pt+0x149/0x270 [ 237.985031] iommufd_access_replace+0xb4/0x120 [ 237.985680] iommufd_test+0x3e5/0x37e0 [ 237.986218] ? lock_release+0x532/0x770 [ 237.986833] ? __might_fault+0x102/0x1b0 [ 237.987428] ? lock_acquire+0x427/0x4c0 [ 237.987989] ? __pfx_iommufd_test+0x10/0x10 [ 237.988577] ? __pfx_lock_release+0x10/0x10 [ 237.989174] ? __pfx_lock_acquire+0x10/0x10 [ 237.989777] ? write_comp_data+0x2f/0x90 [ 237.990348] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 237.991065] ? write_comp_data+0x2f/0x90 [ 237.991657] iommufd_fops_ioctl+0x37d/0x510 [ 237.992257] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.992930] ? write_comp_data+0x2f/0x90 [ 237.993499] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 237.994158] __x64_sys_ioctl+0x1a3/0x230 [ 237.994771] do_syscall_64+0x3b/0x90 [ 237.995316] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 237.996032] RIP: 0033:0x7f4b8743ee5d [ 237.996544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 237.998999] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 238.000038] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 238.000995] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 238.001944] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 238.002937] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 238.003893] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 238.004838] [ 238.005149] irq event stamp: 0 [ 238.005567] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.006386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.007516] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.008604] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.009422] ---[ end trace 0000000000000000 ]--- [ 238.014853] ------------[ cut here ]------------ [ 238.015527] WARNING: CPU: 0 PID: 2263 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.017124] Modules linked in: [ 238.017550] CPU: 0 PID: 2263 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.019014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.020464] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.021217] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.023807] RSP: 0018:ffff888016c07bd0 EFLAGS: 00010246 [ 238.024780] RAX: 0000000000000000 RBX: ffff8880104608a8 RCX: 0000000000000000 [ 238.025713] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 238.026776] RBP: ffff888016c07be8 R08: ffffed100208c133 R09: ffffed100208c133 [ 238.027919] R10: ffff888010460993 R11: ffffed100208c132 R12: ffff88800a725c00 [ 238.028860] R13: ffff8880104609e8 R14: ffff8880143ce500 R15: 0000000000000000 [ 238.030078] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 238.031198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.031965] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 238.033144] PKRU: 55555554 [ 238.033529] Call Trace: [ 238.033871] [ 238.034176] iommufd_access_destroy_object+0x65/0x170 [ 238.035181] iommufd_object_destroy_user+0x18e/0x220 [ 238.035866] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 238.036643] iommufd_access_destroy+0x43/0x70 [ 238.037546] iommufd_test_staccess_release+0x8d/0xd0 [ 238.038230] __fput+0x26d/0xa40 [ 238.038738] ____fput+0x1e/0x30 [ 238.039213] task_work_run+0x1a4/0x2d0 [ 238.040003] ? __pfx_task_work_run+0x10/0x10 [ 238.040598] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.041253] ? switch_task_namespaces+0xa9/0xe0 [ 238.041975] do_exit+0xb17/0x2ef0 [ 238.042601] ? lock_acquire+0x427/0x4c0 [ 238.043164] ? __pfx_lock_release+0x10/0x10 [ 238.043750] ? __kasan_check_write+0x18/0x20 [ 238.044388] ? do_raw_spin_lock+0x132/0x2a0 [ 238.045158] ? __pfx_do_exit+0x10/0x10 [ 238.045692] ? debug_smp_processor_id+0x20/0x30 [ 238.046321] ? rcu_is_watching+0x19/0xb0 [ 238.047215] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.047829] ? trace_hardirqs_on+0x26/0x120 [ 238.048410] do_group_exit+0xe0/0x2b0 [ 238.048920] __x64_sys_exit_group+0x47/0x50 [ 238.049594] do_syscall_64+0x3b/0x90 [ 238.050260] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.051023] RIP: 0033:0x7f4b87518a4d [ 238.051538] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.052618] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.053609] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.054585] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.055535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.056451] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.057361] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.058286] [ 238.058638] irq event stamp: 0 [ 238.059061] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.059894] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.060987] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.062076] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.062940] ---[ end trace 0000000000000000 ]--- [ 238.064318] ------------[ cut here ]------------ [ 238.064934] WARNING: CPU: 0 PID: 2263 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 238.066230] Modules linked in: [ 238.066745] CPU: 0 PID: 2263 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.067877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.069308] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 238.069974] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 238.072376] RSP: 0018:ffff888016c07b78 EFLAGS: 00010246 [ 238.073085] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 238.074011] RDX: 0000000000000000 RSI: ffff8880105a4a00 RDI: 0000000000000002 [ 238.074973] RBP: ffff888016c07b98 R08: ffffed100208c13e R09: ffffed100208c13e [ 238.075894] R10: ffff8880104609ef R11: ffffed100208c13d R12: ffff888010460a90 [ 238.076806] R13: ffff8880104608a8 R14: ffffffffffffffff R15: ffff888016c07c60 [ 238.077715] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 238.078773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.079544] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 238.080472] PKRU: 55555554 [ 238.080847] Call Trace: [ 238.081186] [ 238.081491] iommufd_ioas_destroy+0x53/0x70 [ 238.082067] iommufd_fops_release+0x1f7/0x370 [ 238.082707] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.083387] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.084042] ? write_comp_data+0x2f/0x90 [ 238.084596] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.085257] __fput+0x26d/0xa40 [ 238.085721] ____fput+0x1e/0x30 [ 238.086172] task_work_run+0x1a4/0x2d0 [ 238.086735] ? __pfx_task_work_run+0x10/0x10 [ 238.087356] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.088005] ? switch_task_namespaces+0xa9/0xe0 [ 238.088634] do_exit+0xb17/0x2ef0 [ 238.089095] ? lock_acquire+0x427/0x4c0 [ 238.089631] ? __pfx_lock_release+0x10/0x10 [ 238.090209] ? __kasan_check_write+0x18/0x20 [ 238.090831] ? do_raw_spin_lock+0x132/0x2a0 [ 238.091416] ? __pfx_do_exit+0x10/0x10 [ 238.091945] ? debug_smp_processor_id+0x20/0x30 [ 238.092563] ? rcu_is_watching+0x19/0xb0 [ 238.093101] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.093704] ? trace_hardirqs_on+0x26/0x120 [ 238.094283] do_group_exit+0xe0/0x2b0 [ 238.094867] __x64_sys_exit_group+0x47/0x50 [ 238.095458] do_syscall_64+0x3b/0x90 [ 238.095963] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.096652] RIP: 0033:0x7f4b87518a4d [ 238.097145] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.097944] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.098968] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.099890] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.100795] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.101695] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.102630] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.103574] [ 238.103880] irq event stamp: 0 [ 238.104290] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.105094] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.106148] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.107245] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.108053] ---[ end trace 0000000000000000 ]--- [ 238.113876] ------------[ cut here ]------------ [ 238.114463] WARNING: CPU: 1 PID: 2264 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.115903] Modules linked in: [ 238.116244] CPU: 1 PID: 2264 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.117163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.118340] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.118917] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.120866] RSP: 0018:ffff88801298fbb8 EFLAGS: 00010246 [ 238.121434] RAX: 0000000000000000 RBX: ffff8880173020a8 RCX: 0000000000000000 [ 238.122186] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 238.123008] RBP: ffff88801298fbd0 R08: ffffed1002e60433 R09: ffffed1002e60433 [ 238.123786] R10: ffff888017302193 R11: ffffed1002e60432 R12: ffff888010c0a800 [ 238.124539] R13: ffff8880173021e8 R14: ffffffff8352e670 R15: ffff88801298fe68 [ 238.125291] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.126135] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.126804] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 238.127584] PKRU: 55555554 [ 238.127893] Call Trace: [ 238.128164] [ 238.128411] __iommufd_access_detach+0x1c2/0x2b0 [ 238.128934] iommufd_access_change_pt+0x149/0x270 [ 238.129456] iommufd_access_replace+0xb4/0x120 [ 238.129952] iommufd_test+0x3e5/0x37e0 [ 238.130371] ? lock_release+0x532/0x770 [ 238.130860] ? __might_fault+0x102/0x1b0 [ 238.131321] ? lock_acquire+0x427/0x4c0 [ 238.131760] ? __pfx_iommufd_test+0x10/0x10 [ 238.132219] ? __pfx_lock_release+0x10/0x10 [ 238.132682] ? __pfx_lock_acquire+0x10/0x10 [ 238.133149] ? write_comp_data+0x2f/0x90 [ 238.133587] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.134109] ? write_comp_data+0x2f/0x90 [ 238.134598] iommufd_fops_ioctl+0x37d/0x510 [ 238.135074] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.135630] ? write_comp_data+0x2f/0x90 [ 238.136084] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.136616] __x64_sys_ioctl+0x1a3/0x230 [ 238.137067] do_syscall_64+0x3b/0x90 [ 238.137482] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.138056] RIP: 0033:0x7f4b8743ee5d [ 238.138463] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 238.140472] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 238.141341] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 238.142081] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 238.142856] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 238.143612] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 238.144352] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 238.145105] [ 238.145355] irq event stamp: 0 [ 238.145684] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.146349] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.147276] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.148144] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.148794] ---[ end trace 0000000000000000 ]--- [ 238.152324] ------------[ cut here ]------------ [ 238.152850] WARNING: CPU: 1 PID: 2264 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.153891] Modules linked in: [ 238.154221] CPU: 1 PID: 2264 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.155203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.156402] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.156922] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.158840] RSP: 0018:ffff88801298fbd0 EFLAGS: 00010246 [ 238.159428] RAX: 0000000000000000 RBX: ffff8880173020a8 RCX: 0000000000000000 [ 238.160166] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 238.160915] RBP: ffff88801298fbe8 R08: ffffed1002e60433 R09: ffffed1002e60433 [ 238.161667] R10: ffff888017302193 R11: ffffed1002e60432 R12: ffff888014393400 [ 238.162417] R13: ffff8880173021e8 R14: ffff888014b90d00 R15: 0000000000000000 [ 238.163254] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.164105] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.164705] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 238.165447] PKRU: 55555554 [ 238.165740] Call Trace: [ 238.166007] [ 238.166247] iommufd_access_destroy_object+0x65/0x170 [ 238.166832] iommufd_object_destroy_user+0x18e/0x220 [ 238.167388] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 238.168000] iommufd_access_destroy+0x43/0x70 [ 238.168479] iommufd_test_staccess_release+0x8d/0xd0 [ 238.169015] __fput+0x26d/0xa40 [ 238.169376] ____fput+0x1e/0x30 [ 238.169728] task_work_run+0x1a4/0x2d0 [ 238.170143] ? __pfx_task_work_run+0x10/0x10 [ 238.170662] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.171211] ? switch_task_namespaces+0xa9/0xe0 [ 238.171709] do_exit+0xb17/0x2ef0 [ 238.172070] ? lock_acquire+0x427/0x4c0 [ 238.172496] ? __pfx_lock_release+0x10/0x10 [ 238.172982] ? __kasan_check_write+0x18/0x20 [ 238.173459] ? do_raw_spin_lock+0x132/0x2a0 [ 238.173910] ? __pfx_do_exit+0x10/0x10 [ 238.174327] ? debug_smp_processor_id+0x20/0x30 [ 238.174862] ? rcu_is_watching+0x19/0xb0 [ 238.175305] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.175796] ? trace_hardirqs_on+0x26/0x120 [ 238.176258] do_group_exit+0xe0/0x2b0 [ 238.176654] __x64_sys_exit_group+0x47/0x50 [ 238.177101] do_syscall_64+0x3b/0x90 [ 238.177501] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.178046] RIP: 0033:0x7f4b87518a4d [ 238.178433] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.179116] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.179919] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.180659] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.181391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.182128] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.182910] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.183679] [ 238.183922] irq event stamp: 0 [ 238.184246] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.184894] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.185762] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.186658] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.187327] ---[ end trace 0000000000000000 ]--- [ 238.188210] ------------[ cut here ]------------ [ 238.188713] WARNING: CPU: 1 PID: 2264 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 238.189761] Modules linked in: [ 238.190096] CPU: 1 PID: 2264 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.191040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.192230] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 238.192763] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 238.194678] RSP: 0018:ffff88801298fb78 EFLAGS: 00010246 [ 238.195244] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 238.195976] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 238.196716] RBP: ffff88801298fb98 R08: ffffed1002e6043e R09: ffffed1002e6043e [ 238.197459] R10: ffff8880173021ef R11: ffffed1002e6043d R12: ffff888017302290 [ 238.198203] R13: ffff8880173020a8 R14: ffffffffffffffff R15: ffff88801298fc60 [ 238.198979] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.199820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.200421] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 238.201161] PKRU: 55555554 [ 238.201456] Call Trace: [ 238.201723] [ 238.201959] iommufd_ioas_destroy+0x53/0x70 [ 238.202413] iommufd_fops_release+0x1f7/0x370 [ 238.202922] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.203461] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.203989] ? write_comp_data+0x2f/0x90 [ 238.204424] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.204981] __fput+0x26d/0xa40 [ 238.205351] ____fput+0x1e/0x30 [ 238.205706] task_work_run+0x1a4/0x2d0 [ 238.206233] ? __pfx_task_work_run+0x10/0x10 [ 238.207014] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.207569] ? switch_task_namespaces+0xa9/0xe0 [ 238.208067] do_exit+0xb17/0x2ef0 [ 238.208431] ? lock_acquire+0x427/0x4c0 [ 238.208858] ? __pfx_lock_release+0x10/0x10 [ 238.209315] ? __kasan_check_write+0x18/0x20 [ 238.209782] ? do_raw_spin_lock+0x132/0x2a0 [ 238.210238] ? __pfx_do_exit+0x10/0x10 [ 238.210702] ? debug_smp_processor_id+0x20/0x30 [ 238.211204] ? rcu_is_watching+0x19/0xb0 [ 238.211639] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.212724] ? trace_hardirqs_on+0x26/0x120 [ 238.213196] do_group_exit+0xe0/0x2b0 [ 238.213597] __x64_sys_exit_group+0x47/0x50 [ 238.214047] do_syscall_64+0x3b/0x90 [ 238.214447] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.215065] RIP: 0033:0x7f4b87518a4d [ 238.215488] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.216135] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.217036] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.217994] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.218782] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.219549] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.220297] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.221053] [ 238.221363] irq event stamp: 0 [ 238.221905] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.222640] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.223557] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.224438] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.225119] ---[ end trace 0000000000000000 ]--- [ 238.229748] ------------[ cut here ]------------ [ 238.230393] WARNING: CPU: 1 PID: 2265 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.231527] Modules linked in: [ 238.231870] CPU: 1 PID: 2265 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.232794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.234175] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.234874] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.236818] RSP: 0018:ffff888012cafbb8 EFLAGS: 00010246 [ 238.237432] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 238.238197] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 238.239284] RBP: ffff888012cafbd0 R08: ffffed100173f833 R09: ffffed100173f833 [ 238.240035] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff88801226e800 [ 238.240769] R13: ffff88800b9fc1e8 R14: ffffffff8352e670 R15: ffff888012cafe68 [ 238.241504] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.242341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.243103] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 238.244132] PKRU: 55555554 [ 238.244435] Call Trace: [ 238.244711] [ 238.244950] __iommufd_access_detach+0x1c2/0x2b0 [ 238.245461] iommufd_access_change_pt+0x149/0x270 [ 238.245974] iommufd_access_replace+0xb4/0x120 [ 238.246467] iommufd_test+0x3e5/0x37e0 [ 238.246929] ? lock_release+0x532/0x770 [ 238.247381] ? __might_fault+0x102/0x1b0 [ 238.247824] ? lock_acquire+0x427/0x4c0 [ 238.248262] ? __pfx_iommufd_test+0x10/0x10 [ 238.248847] ? __pfx_lock_release+0x10/0x10 [ 238.249541] ? __pfx_lock_acquire+0x10/0x10 [ 238.250012] ? write_comp_data+0x2f/0x90 [ 238.250449] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.251031] ? write_comp_data+0x2f/0x90 [ 238.251490] iommufd_fops_ioctl+0x37d/0x510 [ 238.251953] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.252472] ? write_comp_data+0x2f/0x90 [ 238.252922] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.253439] __x64_sys_ioctl+0x1a3/0x230 [ 238.254020] do_syscall_64+0x3b/0x90 [ 238.254605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.255285] RIP: 0033:0x7f4b8743ee5d [ 238.255695] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 238.257645] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 238.258471] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 238.259531] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 238.260292] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 238.261057] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 238.261830] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 238.262662] [ 238.262925] irq event stamp: 0 [ 238.263275] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.264170] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.265189] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.266085] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.266814] ---[ end trace 0000000000000000 ]--- [ 238.270498] ------------[ cut here ]------------ [ 238.271156] WARNING: CPU: 1 PID: 2265 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.272334] Modules linked in: [ 238.272813] CPU: 1 PID: 2265 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.273953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.275305] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.275479] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 238.275857] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.278719] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 238.280609] RSP: 0018:ffff888012cafbd0 EFLAGS: 00010246 [ 238.283115] RAX: 0000000000000000 RBX: ffff88800b9fc0a8 RCX: 0000000000000000 [ 238.283889] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 238.284657] RBP: ffff888012cafbe8 R08: ffffed100173f833 R09: ffffed100173f833 [ 238.285417] R10: ffff88800b9fc193 R11: ffffed100173f832 R12: ffff888010c0b000 [ 238.286186] R13: ffff88800b9fc1e8 R14: ffff888020940500 R15: 0000000000000000 [ 238.287009] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.287930] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.288588] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 238.289712] PKRU: 55555554 [ 238.290029] Call Trace: [ 238.290313] [ 238.290603] iommufd_access_destroy_object+0x65/0x170 [ 238.291189] iommufd_object_destroy_user+0x18e/0x220 [ 238.291747] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 238.292382] iommufd_access_destroy+0x43/0x70 [ 238.292887] iommufd_test_staccess_release+0x8d/0xd0 [ 238.293601] __fput+0x26d/0xa40 [ 238.294157] ____fput+0x1e/0x30 [ 238.294568] task_work_run+0x1a4/0x2d0 [ 238.295002] ? __pfx_task_work_run+0x10/0x10 [ 238.295497] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.296037] ? switch_task_namespaces+0xa9/0xe0 [ 238.296557] do_exit+0xb17/0x2ef0 [ 238.296945] ? lock_acquire+0x427/0x4c0 [ 238.297394] ? __pfx_lock_release+0x10/0x10 [ 238.297873] ? __kasan_check_write+0x18/0x20 [ 238.298357] ? do_raw_spin_lock+0x132/0x2a0 [ 238.298867] ? __pfx_do_exit+0x10/0x10 [ 238.299323] ? debug_smp_processor_id+0x20/0x30 [ 238.299837] ? rcu_is_watching+0x19/0xb0 [ 238.300291] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.300801] ? trace_hardirqs_on+0x26/0x120 [ 238.301330] do_group_exit+0xe0/0x2b0 [ 238.301756] __x64_sys_exit_group+0x47/0x50 [ 238.302232] do_syscall_64+0x3b/0x90 [ 238.302693] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.303350] RIP: 0033:0x7f4b87518a4d [ 238.303889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.304793] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.305765] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.306581] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.307365] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.308151] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.308929] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.309970] [ 238.310370] irq event stamp: 0 [ 238.310794] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.311598] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.312784] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.313964] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.314673] ---[ end trace 0000000000000000 ]--- [ 238.347015] ------------[ cut here ]------------ [ 238.347576] WARNING: CPU: 1 PID: 2265 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 238.348689] Modules linked in: [ 238.349039] CPU: 1 PID: 2265 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.349975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.351311] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 238.351879] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 238.353810] RSP: 0018:ffff888012cafb78 EFLAGS: 00010246 [ 238.354387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 238.355224] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 238.355978] RBP: ffff888012cafb98 R08: ffffed100173f83e R09: ffffed100173f83e [ 238.356737] R10: ffff88800b9fc1ef R11: ffffed100173f83d R12: ffff88800b9fc290 [ 238.357512] R13: ffff88800b9fc0a8 R14: ffffffffffffffff R15: ffff888012cafc60 [ 238.358285] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.359235] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.359874] CR2: 00007f82e2a73000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 238.360655] PKRU: 55555554 [ 238.360966] Call Trace: [ 238.361245] [ 238.361490] iommufd_ioas_destroy+0x53/0x70 [ 238.361973] iommufd_fops_release+0x1f7/0x370 [ 238.362478] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.363071] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.363642] ? write_comp_data+0x2f/0x90 [ 238.364098] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.364644] __fput+0x26d/0xa40 [ 238.365079] ____fput+0x1e/0x30 [ 238.365452] task_work_run+0x1a4/0x2d0 [ 238.365887] ? __pfx_task_work_run+0x10/0x10 [ 238.366378] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.366964] ? switch_task_namespaces+0xa9/0xe0 [ 238.367513] do_exit+0xb17/0x2ef0 [ 238.367893] ? lock_acquire+0x427/0x4c0 [ 238.368341] ? __pfx_lock_release+0x10/0x10 [ 238.368825] ? __kasan_check_write+0x18/0x20 [ 238.369318] ? do_raw_spin_lock+0x132/0x2a0 [ 238.369787] ? __pfx_do_exit+0x10/0x10 [ 238.370222] ? debug_smp_processor_id+0x20/0x30 [ 238.370784] ? rcu_is_watching+0x19/0xb0 [ 238.371247] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.371747] ? trace_hardirqs_on+0x26/0x120 [ 238.372224] do_group_exit+0xe0/0x2b0 [ 238.372642] __x64_sys_exit_group+0x47/0x50 [ 238.373116] do_syscall_64+0x3b/0x90 [ 238.373535] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.374105] RIP: 0033:0x7f4b87518a4d [ 238.374575] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.375244] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.376054] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.376817] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.377577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.378338] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.379161] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.379950] [ 238.380239] irq event stamp: 0 [ 238.380699] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.381661] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.382601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.383539] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.384232] ---[ end trace 0000000000000000 ]--- [ 238.390154] ------------[ cut here ]------------ [ 238.390787] WARNING: CPU: 1 PID: 2267 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.391900] Modules linked in: [ 238.392246] CPU: 1 PID: 2267 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.393198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.394586] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.395284] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.397291] RSP: 0018:ffff88801483fbb8 EFLAGS: 00010246 [ 238.397867] RAX: 0000000000000000 RBX: ffff8880104670a8 RCX: 0000000000000000 [ 238.398683] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 238.399549] RBP: ffff88801483fbd0 R08: ffffed100208ce33 R09: ffffed100208ce33 [ 238.400626] R10: ffff888010467193 R11: ffffed100208ce32 R12: ffff88801422cc00 [ 238.401385] R13: ffff8880104671e8 R14: ffffffff8352e670 R15: ffff88801483fe68 [ 238.402156] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.403129] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.403783] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 238.404600] PKRU: 55555554 [ 238.405008] Call Trace: [ 238.405376] [ 238.405780] __iommufd_access_detach+0x1c2/0x2b0 [ 238.406321] iommufd_access_change_pt+0x149/0x270 [ 238.406910] iommufd_access_replace+0xb4/0x120 [ 238.407438] iommufd_test+0x3e5/0x37e0 [ 238.407874] ? lock_release+0x532/0x770 [ 238.408328] ? __might_fault+0x102/0x1b0 [ 238.408784] ? lock_acquire+0x427/0x4c0 [ 238.409239] ? __pfx_iommufd_test+0x10/0x10 [ 238.409717] ? __pfx_lock_release+0x10/0x10 [ 238.410366] ? __pfx_lock_acquire+0x10/0x10 [ 238.411080] ? write_comp_data+0x2f/0x90 [ 238.411563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.412101] ? write_comp_data+0x2f/0x90 [ 238.412560] iommufd_fops_ioctl+0x37d/0x510 [ 238.413037] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.413569] ? write_comp_data+0x2f/0x90 [ 238.414032] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.414608] __x64_sys_ioctl+0x1a3/0x230 [ 238.415242] do_syscall_64+0x3b/0x90 [ 238.415829] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.416396] RIP: 0033:0x7f4b8743ee5d [ 238.416803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 238.418810] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 238.419655] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 238.420615] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 238.421523] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 238.422287] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 238.423099] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 238.423894] [ 238.424155] irq event stamp: 0 [ 238.424498] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.425389] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.426488] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.427445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.428106] ---[ end trace 0000000000000000 ]--- [ 238.432083] ------------[ cut here ]------------ [ 238.432632] WARNING: CPU: 1 PID: 2267 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.433869] Modules linked in: [ 238.434386] CPU: 1 PID: 2267 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.435401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.436627] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.437181] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.439568] RSP: 0018:ffff88801483fbd0 EFLAGS: 00010246 [ 238.440152] RAX: 0000000000000000 RBX: ffff8880104670a8 RCX: 0000000000000000 [ 238.440917] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 238.441678] RBP: ffff88801483fbe8 R08: ffffed100208ce33 R09: ffffed100208ce33 [ 238.442482] R10: ffff888010467193 R11: ffffed100208ce32 R12: ffff88800b9b7c00 [ 238.443551] R13: ffff8880104671e8 R14: ffff888012cf9600 R15: 0000000000000000 [ 238.444445] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.445320] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.445949] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 238.446751] PKRU: 55555554 [ 238.447065] Call Trace: [ 238.447374] [ 238.447694] iommufd_access_destroy_object+0x65/0x170 [ 238.448454] iommufd_object_destroy_user+0x18e/0x220 [ 238.449013] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 238.449645] iommufd_access_destroy+0x43/0x70 [ 238.450143] iommufd_test_staccess_release+0x8d/0xd0 [ 238.450732] __fput+0x26d/0xa40 [ 238.451108] ____fput+0x1e/0x30 [ 238.451490] task_work_run+0x1a4/0x2d0 [ 238.451970] ? __pfx_task_work_run+0x10/0x10 [ 238.452609] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.453310] ? switch_task_namespaces+0xa9/0xe0 [ 238.453823] do_exit+0xb17/0x2ef0 [ 238.454194] ? lock_acquire+0x427/0x4c0 [ 238.454668] ? __pfx_lock_release+0x10/0x10 [ 238.455153] ? __kasan_check_write+0x18/0x20 [ 238.455642] ? do_raw_spin_lock+0x132/0x2a0 [ 238.456122] ? __pfx_do_exit+0x10/0x10 [ 238.456561] ? debug_smp_processor_id+0x20/0x30 [ 238.457228] ? rcu_is_watching+0x19/0xb0 [ 238.457842] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.458346] ? trace_hardirqs_on+0x26/0x120 [ 238.458865] do_group_exit+0xe0/0x2b0 [ 238.459292] __x64_sys_exit_group+0x47/0x50 [ 238.459757] do_syscall_64+0x3b/0x90 [ 238.460171] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.460726] RIP: 0033:0x7f4b87518a4d [ 238.461212] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.462050] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.463108] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.463889] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.464659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.465431] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.466205] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.467010] [ 238.467279] irq event stamp: 0 [ 238.467619] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.468295] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.469199] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.470092] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.470827] ---[ end trace 0000000000000000 ]--- [ 238.472033] ------------[ cut here ]------------ [ 238.472589] WARNING: CPU: 1 PID: 2267 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 238.474068] Modules linked in: [ 238.474425] CPU: 1 PID: 2267 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.475452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.476668] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 238.477235] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 238.479732] RSP: 0018:ffff88801483fb78 EFLAGS: 00010246 [ 238.480320] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 238.481089] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 238.481864] RBP: ffff88801483fb98 R08: ffffed100208ce3e R09: ffffed100208ce3e [ 238.482663] R10: ffff8880104671ef R11: ffffed100208ce3d R12: ffff888010467290 [ 238.483440] R13: ffff8880104670a8 R14: ffffffffffffffff R15: ffff88801483fc60 [ 238.484421] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.485425] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.486056] CR2: 00007f82e2a81000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 238.486862] PKRU: 55555554 [ 238.487190] Call Trace: [ 238.487472] [ 238.487727] iommufd_ioas_destroy+0x53/0x70 [ 238.488217] iommufd_fops_release+0x1f7/0x370 [ 238.488861] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.489549] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.490090] ? write_comp_data+0x2f/0x90 [ 238.490579] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.491138] __fput+0x26d/0xa40 [ 238.491529] ____fput+0x1e/0x30 [ 238.491907] task_work_run+0x1a4/0x2d0 [ 238.492346] ? __pfx_task_work_run+0x10/0x10 [ 238.492844] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.493533] ? switch_task_namespaces+0xa9/0xe0 [ 238.494263] do_exit+0xb17/0x2ef0 [ 238.494681] ? lock_acquire+0x427/0x4c0 [ 238.495137] ? __pfx_lock_release+0x10/0x10 [ 238.495620] ? __kasan_check_write+0x18/0x20 [ 238.496109] ? do_raw_spin_lock+0x132/0x2a0 [ 238.496576] ? __pfx_do_exit+0x10/0x10 [ 238.497012] ? debug_smp_processor_id+0x20/0x30 [ 238.497522] ? rcu_is_watching+0x19/0xb0 [ 238.497972] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.498586] ? trace_hardirqs_on+0x26/0x120 [ 238.499300] do_group_exit+0xe0/0x2b0 [ 238.499738] __x64_sys_exit_group+0x47/0x50 [ 238.500221] do_syscall_64+0x3b/0x90 [ 238.500652] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.501234] RIP: 0033:0x7f4b87518a4d [ 238.501648] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.502310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.503176] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.503944] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.504717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.505578] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.506347] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.507161] [ 238.507416] irq event stamp: 0 [ 238.507761] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.508447] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.509362] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.510265] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.510981] ---[ end trace 0000000000000000 ]--- [ 238.516752] ------------[ cut here ]------------ [ 238.517320] WARNING: CPU: 1 PID: 2268 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.518398] Modules linked in: [ 238.518787] CPU: 1 PID: 2268 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.519729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.520919] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.521452] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.523421] RSP: 0018:ffff888023c5fbb8 EFLAGS: 00010246 [ 238.524005] RAX: 0000000000000000 RBX: ffff888013ac60a8 RCX: 0000000000000000 [ 238.524769] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 238.525584] RBP: ffff888023c5fbd0 R08: ffffed1002758c33 R09: ffffed1002758c33 [ 238.526353] R10: ffff888013ac6193 R11: ffffed1002758c32 R12: ffff888013b22c00 [ 238.527183] R13: ffff888013ac61e8 R14: ffffffff8352e670 R15: ffff888023c5fe68 [ 238.527959] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.528833] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.529456] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 238.530225] PKRU: 55555554 [ 238.530574] Call Trace: [ 238.530963] [ 238.531350] __iommufd_access_detach+0x1c2/0x2b0 [ 238.532099] iommufd_access_change_pt+0x149/0x270 [ 238.532647] iommufd_access_replace+0xb4/0x120 [ 238.533175] iommufd_test+0x3e5/0x37e0 [ 238.533596] ? lock_release+0x532/0x770 [ 238.534037] ? __might_fault+0x102/0x1b0 [ 238.534489] ? lock_acquire+0x427/0x4c0 [ 238.534991] ? __pfx_iommufd_test+0x10/0x10 [ 238.535472] ? __pfx_lock_release+0x10/0x10 [ 238.535948] ? __pfx_lock_acquire+0x10/0x10 [ 238.536441] ? write_comp_data+0x2f/0x90 [ 238.536975] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.537552] ? write_comp_data+0x2f/0x90 [ 238.538004] iommufd_fops_ioctl+0x37d/0x510 [ 238.538480] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.539133] ? write_comp_data+0x2f/0x90 [ 238.539773] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.540355] __x64_sys_ioctl+0x1a3/0x230 [ 238.540811] do_syscall_64+0x3b/0x90 [ 238.541234] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.541810] RIP: 0033:0x7f4b8743ee5d [ 238.542222] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 238.544278] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 238.545108] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 238.546092] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 238.547135] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 238.547907] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 238.548665] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 238.549451] [ 238.549712] irq event stamp: 0 [ 238.550060] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.550819] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.551958] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.552878] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.553563] ---[ end trace 0000000000000000 ]--- [ 238.557109] ------------[ cut here ]------------ [ 238.557654] WARNING: CPU: 1 PID: 2268 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.558819] Modules linked in: [ 238.559192] CPU: 1 PID: 2268 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.560133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.561795] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.562357] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.564403] RSP: 0018:ffff888023c5fbd0 EFLAGS: 00010246 [ 238.564989] RAX: 0000000000000000 RBX: ffff888013ac60a8 RCX: 0000000000000000 [ 238.565787] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 238.566988] RBP: ffff888023c5fbe8 R08: ffffed1002758c33 R09: ffffed1002758c33 [ 238.567773] R10: ffff888013ac6193 R11: ffffed1002758c32 R12: ffff88801422d000 [ 238.568545] R13: ffff888013ac61e8 R14: ffff888012bfbf00 R15: 0000000000000000 [ 238.569312] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.570174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.570939] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 238.571995] PKRU: 55555554 [ 238.572307] Call Trace: [ 238.572594] [ 238.572847] iommufd_access_destroy_object+0x65/0x170 [ 238.573427] iommufd_object_destroy_user+0x18e/0x220 [ 238.573995] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 238.574692] iommufd_access_destroy+0x43/0x70 [ 238.575233] iommufd_test_staccess_release+0x8d/0xd0 [ 238.575802] __fput+0x26d/0xa40 [ 238.576313] ____fput+0x1e/0x30 [ 238.576947] task_work_run+0x1a4/0x2d0 [ 238.577379] ? __pfx_task_work_run+0x10/0x10 [ 238.577862] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.578399] ? switch_task_namespaces+0xa9/0xe0 [ 238.578978] do_exit+0xb17/0x2ef0 [ 238.579383] ? lock_acquire+0x427/0x4c0 [ 238.579844] ? __pfx_lock_release+0x10/0x10 [ 238.580333] ? __kasan_check_write+0x18/0x20 [ 238.580817] ? do_raw_spin_lock+0x132/0x2a0 [ 238.581849] ? __pfx_do_exit+0x10/0x10 [ 238.582302] ? debug_smp_processor_id+0x20/0x30 [ 238.582887] ? rcu_is_watching+0x19/0xb0 [ 238.583361] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.583861] ? trace_hardirqs_on+0x26/0x120 [ 238.584339] do_group_exit+0xe0/0x2b0 [ 238.584762] __x64_sys_exit_group+0x47/0x50 [ 238.585243] do_syscall_64+0x3b/0x90 [ 238.585758] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.586884] RIP: 0033:0x7f4b87518a4d [ 238.587331] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.588001] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.588823] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.589635] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.590449] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.591620] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.592392] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.593170] [ 238.593426] irq event stamp: 0 [ 238.593767] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.594448] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.595402] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.596712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.597404] ---[ end trace 0000000000000000 ]--- [ 238.598421] ------------[ cut here ]------------ [ 238.599027] WARNING: CPU: 1 PID: 2268 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 238.600158] Modules linked in: [ 238.600518] CPU: 1 PID: 2268 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.601498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.603104] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 238.603704] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 238.605669] RSP: 0018:ffff888023c5fb78 EFLAGS: 00010246 [ 238.606259] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 238.607513] RDX: 0000000000000000 RSI: ffff8880100d0000 RDI: 0000000000000002 [ 238.608547] RBP: ffff888023c5fb98 R08: ffffed1002758c3e R09: ffffed1002758c3e [ 238.609324] R10: ffff888013ac61ef R11: ffffed1002758c3d R12: ffff888013ac6290 [ 238.610092] R13: ffff888013ac60a8 R14: ffffffffffffffff R15: ffff888023c5fc60 [ 238.610927] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.611838] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.612600] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 238.613686] PKRU: 55555554 [ 238.613997] Call Trace: [ 238.614270] [ 238.614575] iommufd_ioas_destroy+0x53/0x70 [ 238.615136] iommufd_fops_release+0x1f7/0x370 [ 238.615629] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.616156] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.616701] ? write_comp_data+0x2f/0x90 [ 238.617178] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.617882] __fput+0x26d/0xa40 [ 238.618471] ____fput+0x1e/0x30 [ 238.618894] task_work_run+0x1a4/0x2d0 [ 238.619348] ? __pfx_task_work_run+0x10/0x10 [ 238.619831] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.620374] ? switch_task_namespaces+0xa9/0xe0 [ 238.620892] do_exit+0xb17/0x2ef0 [ 238.621322] ? lock_acquire+0x427/0x4c0 [ 238.621776] ? __pfx_lock_release+0x10/0x10 [ 238.622268] ? __kasan_check_write+0x18/0x20 [ 238.622851] ? do_raw_spin_lock+0x132/0x2a0 [ 238.623590] ? __pfx_do_exit+0x10/0x10 [ 238.624220] ? debug_smp_processor_id+0x20/0x30 [ 238.624736] ? rcu_is_watching+0x19/0xb0 [ 238.625173] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.625666] ? trace_hardirqs_on+0x26/0x120 [ 238.626144] do_group_exit+0xe0/0x2b0 [ 238.626620] __x64_sys_exit_group+0x47/0x50 [ 238.627087] do_syscall_64+0x3b/0x90 [ 238.627512] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.628083] RIP: 0033:0x7f4b87518a4d [ 238.628488] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.629330] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.630591] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.631393] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.632173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.632954] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.633733] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.634675] [ 238.635333] irq event stamp: 0 [ 238.635694] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.636389] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.637305] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.638225] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.638991] ---[ end trace 0000000000000000 ]--- [ 238.644937] ------------[ cut here ]------------ [ 238.645530] WARNING: CPU: 1 PID: 2269 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.646775] Modules linked in: [ 238.647154] CPU: 1 PID: 2269 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.648130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.650003] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.650636] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.652691] RSP: 0018:ffff888015d0fbb8 EFLAGS: 00010246 [ 238.653466] RAX: 0000000000000000 RBX: ffff888015b358a8 RCX: 0000000000000000 [ 238.654720] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 238.655520] RBP: ffff888015d0fbd0 R08: ffffed1002b66b33 R09: ffffed1002b66b33 [ 238.656303] R10: ffff888015b35993 R11: ffffed1002b66b32 R12: ffff88800fcb1400 [ 238.657084] R13: ffff888015b359e8 R14: ffffffff8352e670 R15: ffff888015d0fe68 [ 238.657866] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.658804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.659480] CR2: 00007f4b877410e8 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 238.660280] PKRU: 55555554 [ 238.660592] Call Trace: [ 238.660875] [ 238.661124] __iommufd_access_detach+0x1c2/0x2b0 [ 238.661668] iommufd_access_change_pt+0x149/0x270 [ 238.662209] iommufd_access_replace+0xb4/0x120 [ 238.662778] iommufd_test+0x3e5/0x37e0 [ 238.663221] ? lock_release+0x532/0x770 [ 238.663675] ? __might_fault+0x102/0x1b0 [ 238.664129] ? lock_acquire+0x427/0x4c0 [ 238.664582] ? __pfx_iommufd_test+0x10/0x10 [ 238.665058] ? __pfx_lock_release+0x10/0x10 [ 238.665545] ? __pfx_lock_acquire+0x10/0x10 [ 238.666031] ? write_comp_data+0x2f/0x90 [ 238.666494] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.667092] ? write_comp_data+0x2f/0x90 [ 238.667573] iommufd_fops_ioctl+0x37d/0x510 [ 238.668058] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.668594] ? write_comp_data+0x2f/0x90 [ 238.669055] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.669595] __x64_sys_ioctl+0x1a3/0x230 [ 238.670061] do_syscall_64+0x3b/0x90 [ 238.670488] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.671153] RIP: 0033:0x7f4b8743ee5d [ 238.671567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 238.673584] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 238.674423] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 238.675247] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 238.676002] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 238.676774] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 238.677543] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 238.678326] [ 238.678628] irq event stamp: 0 [ 238.678965] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.679661] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.680567] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.681470] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.682149] ---[ end trace 0000000000000000 ]--- [ 238.685900] ------------[ cut here ]------------ [ 238.686458] WARNING: CPU: 1 PID: 2269 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.687659] Modules linked in: [ 238.688009] CPU: 1 PID: 2269 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.688959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.690164] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.690735] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.692705] RSP: 0018:ffff888015d0fbd0 EFLAGS: 00010246 [ 238.693276] RAX: 0000000000000000 RBX: ffff888015b358a8 RCX: 0000000000000000 [ 238.694025] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 238.694820] RBP: ffff888015d0fbe8 R08: ffffed1002b66b33 R09: ffffed1002b66b33 [ 238.695594] R10: ffff888015b35993 R11: ffffed1002b66b32 R12: ffff888013b20000 [ 238.696346] R13: ffff888015b359e8 R14: ffff888018b85800 R15: 0000000000000000 [ 238.697124] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.697995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.698650] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 238.699412] PKRU: 55555554 [ 238.699716] Call Trace: [ 238.699993] [ 238.700240] iommufd_access_destroy_object+0x65/0x170 [ 238.700800] iommufd_object_destroy_user+0x18e/0x220 [ 238.701349] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 238.701988] iommufd_access_destroy+0x43/0x70 [ 238.702485] iommufd_test_staccess_release+0x8d/0xd0 [ 238.703084] __fput+0x26d/0xa40 [ 238.703485] ____fput+0x1e/0x30 [ 238.703856] task_work_run+0x1a4/0x2d0 [ 238.704277] ? __pfx_task_work_run+0x10/0x10 [ 238.704757] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.705286] ? switch_task_namespaces+0xa9/0xe0 [ 238.705798] do_exit+0xb17/0x2ef0 [ 238.706177] ? lock_acquire+0x427/0x4c0 [ 238.706660] ? __pfx_lock_release+0x10/0x10 [ 238.707137] ? __kasan_check_write+0x18/0x20 [ 238.707621] ? do_raw_spin_lock+0x132/0x2a0 [ 238.708100] ? __pfx_do_exit+0x10/0x10 [ 238.708545] ? debug_smp_processor_id+0x20/0x30 [ 238.709044] ? rcu_is_watching+0x19/0xb0 [ 238.709487] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.709971] ? trace_hardirqs_on+0x26/0x120 [ 238.710440] do_group_exit+0xe0/0x2b0 [ 238.710884] __x64_sys_exit_group+0x47/0x50 [ 238.711364] do_syscall_64+0x3b/0x90 [ 238.711772] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.712331] RIP: 0033:0x7f4b87518a4d [ 238.712728] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.713383] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.714201] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.714990] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.715751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.716499] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.717308] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.718089] [ 238.718347] irq event stamp: 0 [ 238.718715] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.719406] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.720324] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.721228] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.721901] ---[ end trace 0000000000000000 ]--- [ 238.722897] ------------[ cut here ]------------ [ 238.723417] WARNING: CPU: 1 PID: 2269 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 238.724501] Modules linked in: [ 238.724848] CPU: 1 PID: 2269 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.725762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.727022] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 238.727597] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 238.729538] RSP: 0018:ffff888015d0fb78 EFLAGS: 00010246 [ 238.730109] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 238.730886] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 238.731660] RBP: ffff888015d0fb98 R08: ffffed1002b66b3e R09: ffffed1002b66b3e [ 238.732438] R10: ffff888015b359ef R11: ffffed1002b66b3d R12: ffff888015b35a90 [ 238.733206] R13: ffff888015b358a8 R14: ffffffffffffffff R15: ffff888015d0fc60 [ 238.733966] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.734877] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.735549] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 238.736318] PKRU: 55555554 [ 238.736619] Call Trace: [ 238.736892] [ 238.737137] iommufd_ioas_destroy+0x53/0x70 [ 238.737601] iommufd_fops_release+0x1f7/0x370 [ 238.738088] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.738662] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.739197] ? write_comp_data+0x2f/0x90 [ 238.739643] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.740179] __fput+0x26d/0xa40 [ 238.740550] ____fput+0x1e/0x30 [ 238.740916] task_work_run+0x1a4/0x2d0 [ 238.741337] ? __pfx_task_work_run+0x10/0x10 [ 238.741810] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.742345] ? switch_task_namespaces+0xa9/0xe0 [ 238.742899] do_exit+0xb17/0x2ef0 [ 238.743296] ? lock_acquire+0x427/0x4c0 [ 238.743742] ? __pfx_lock_release+0x10/0x10 [ 238.744221] ? __kasan_check_write+0x18/0x20 [ 238.744707] ? do_raw_spin_lock+0x132/0x2a0 [ 238.745175] ? __pfx_do_exit+0x10/0x10 [ 238.745611] ? debug_smp_processor_id+0x20/0x30 [ 238.746113] ? rcu_is_watching+0x19/0xb0 [ 238.746609] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.747103] ? trace_hardirqs_on+0x26/0x120 [ 238.747591] do_group_exit+0xe0/0x2b0 [ 238.748012] __x64_sys_exit_group+0x47/0x50 [ 238.748472] do_syscall_64+0x3b/0x90 [ 238.748885] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.749512] RIP: 0033:0x7f4b87518a4d [ 238.749918] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.750628] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.751471] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.752241] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.753011] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.753771] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.754580] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.755364] [ 238.755628] irq event stamp: 0 [ 238.755978] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.756669] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.757564] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.758468] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.759208] ---[ end trace 0000000000000000 ]--- [ 238.764222] ------------[ cut here ]------------ [ 238.764800] WARNING: CPU: 1 PID: 2270 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.765902] Modules linked in: [ 238.766257] CPU: 1 PID: 2270 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.767593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.768846] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.769379] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.771357] RSP: 0018:ffff88801662fbb8 EFLAGS: 00010246 [ 238.771940] RAX: 0000000000000000 RBX: ffff88800e9648a8 RCX: 0000000000000000 [ 238.772700] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 238.773464] RBP: ffff88801662fbd0 R08: ffffed1001d2c933 R09: ffffed1001d2c933 [ 238.774230] R10: ffff88800e964993 R11: ffffed1001d2c932 R12: ffff88801341d400 [ 238.775058] R13: ffff88800e9649e8 R14: ffffffff8352e670 R15: ffff88801662fe68 [ 238.775837] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.776703] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.777333] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 238.778088] PKRU: 55555554 [ 238.778397] Call Trace: [ 238.778726] [ 238.778983] __iommufd_access_detach+0x1c2/0x2b0 [ 238.779548] iommufd_access_change_pt+0x149/0x270 [ 238.780099] iommufd_access_replace+0xb4/0x120 [ 238.780610] iommufd_test+0x3e5/0x37e0 [ 238.781079] ? lock_release+0x532/0x770 [ 238.781527] ? __might_fault+0x102/0x1b0 [ 238.781984] ? lock_acquire+0x427/0x4c0 [ 238.782428] ? __pfx_iommufd_test+0x10/0x10 [ 238.782944] ? __pfx_lock_release+0x10/0x10 [ 238.783439] ? __pfx_lock_acquire+0x10/0x10 [ 238.783910] ? write_comp_data+0x2f/0x90 [ 238.784361] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.784896] ? write_comp_data+0x2f/0x90 [ 238.785348] iommufd_fops_ioctl+0x37d/0x510 [ 238.785823] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.786405] ? write_comp_data+0x2f/0x90 [ 238.787251] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.787779] __x64_sys_ioctl+0x1a3/0x230 [ 238.788227] do_syscall_64+0x3b/0x90 [ 238.788636] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.789195] RIP: 0033:0x7f4b8743ee5d [ 238.789591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 238.791579] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 238.792588] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 238.793718] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 238.794482] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 238.795326] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 238.796099] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 238.796898] [ 238.797157] irq event stamp: 0 [ 238.797505] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.798359] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.799774] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.800681] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.801367] ---[ end trace 0000000000000000 ]--- [ 238.804865] ------------[ cut here ]------------ [ 238.805433] WARNING: CPU: 1 PID: 2270 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.806661] Modules linked in: [ 238.807014] CPU: 1 PID: 2270 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.807977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.809709] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.810262] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.812322] RSP: 0018:ffff88801662fbd0 EFLAGS: 00010246 [ 238.812904] RAX: 0000000000000000 RBX: ffff88800e9648a8 RCX: 0000000000000000 [ 238.813840] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 238.815002] RBP: ffff88801662fbe8 R08: ffffed1001d2c933 R09: ffffed1001d2c933 [ 238.815769] R10: ffff88800e964993 R11: ffffed1001d2c932 R12: ffff88800fcb3c00 [ 238.816524] R13: ffff88800e9649e8 R14: ffff88800f492600 R15: 0000000000000000 [ 238.817274] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.818133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.818983] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 238.820049] PKRU: 55555554 [ 238.820359] Call Trace: [ 238.820631] [ 238.820875] iommufd_access_destroy_object+0x65/0x170 [ 238.821435] iommufd_object_destroy_user+0x18e/0x220 [ 238.821987] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 238.822664] iommufd_access_destroy+0x43/0x70 [ 238.823174] iommufd_test_staccess_release+0x8d/0xd0 [ 238.823729] __fput+0x26d/0xa40 [ 238.824105] ____fput+0x1e/0x30 [ 238.824541] task_work_run+0x1a4/0x2d0 [ 238.825099] ? __pfx_task_work_run+0x10/0x10 [ 238.825814] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.826353] ? switch_task_namespaces+0xa9/0xe0 [ 238.826936] do_exit+0xb17/0x2ef0 [ 238.827343] ? lock_acquire+0x427/0x4c0 [ 238.827785] ? __pfx_lock_release+0x10/0x10 [ 238.828256] ? __kasan_check_write+0x18/0x20 [ 238.828738] ? do_raw_spin_lock+0x132/0x2a0 [ 238.829210] ? __pfx_do_exit+0x10/0x10 [ 238.829648] ? debug_smp_processor_id+0x20/0x30 [ 238.830256] ? rcu_is_watching+0x19/0xb0 [ 238.830943] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.831478] ? trace_hardirqs_on+0x26/0x120 [ 238.831956] do_group_exit+0xe0/0x2b0 [ 238.832367] __x64_sys_exit_group+0x47/0x50 [ 238.832837] do_syscall_64+0x3b/0x90 [ 238.833260] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.833824] RIP: 0033:0x7f4b87518a4d [ 238.834236] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.835027] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.836134] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.836921] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.837694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.838477] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.839309] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.840105] [ 238.840417] irq event stamp: 0 [ 238.840860] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.841806] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.842739] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.843656] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.844352] ---[ end trace 0000000000000000 ]--- [ 238.845426] ------------[ cut here ]------------ [ 238.846189] WARNING: CPU: 1 PID: 2270 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 238.847618] Modules linked in: [ 238.847992] CPU: 1 PID: 2270 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.848972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.850194] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 238.850922] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 238.853125] RSP: 0018:ffff88801662fb78 EFLAGS: 00010246 [ 238.853715] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 238.854481] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 238.855318] RBP: ffff88801662fb98 R08: ffffed1001d2c93e R09: ffffed1001d2c93e [ 238.856176] R10: ffff88800e9649ef R11: ffffed1001d2c93d R12: ffff88800e964a90 [ 238.857235] R13: ffff88800e9648a8 R14: ffffffffffffffff R15: ffff88801662fc60 [ 238.858013] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.858951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.859623] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 238.860403] PKRU: 55555554 [ 238.860712] Call Trace: [ 238.860990] [ 238.861328] iommufd_ioas_destroy+0x53/0x70 [ 238.862075] iommufd_fops_release+0x1f7/0x370 [ 238.862635] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.863190] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.863725] ? write_comp_data+0x2f/0x90 [ 238.864181] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.864724] __fput+0x26d/0xa40 [ 238.865098] ____fput+0x1e/0x30 [ 238.865474] task_work_run+0x1a4/0x2d0 [ 238.865974] ? __pfx_task_work_run+0x10/0x10 [ 238.866709] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.867249] ? switch_task_namespaces+0xa9/0xe0 [ 238.867760] do_exit+0xb17/0x2ef0 [ 238.868139] ? lock_acquire+0x427/0x4c0 [ 238.868581] ? __pfx_lock_release+0x10/0x10 [ 238.869061] ? __kasan_check_write+0x18/0x20 [ 238.869544] ? do_raw_spin_lock+0x132/0x2a0 [ 238.870018] ? __pfx_do_exit+0x10/0x10 [ 238.870455] ? debug_smp_processor_id+0x20/0x30 [ 238.871217] ? rcu_is_watching+0x19/0xb0 [ 238.871847] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.872342] ? trace_hardirqs_on+0x26/0x120 [ 238.872818] do_group_exit+0xe0/0x2b0 [ 238.873242] __x64_sys_exit_group+0x47/0x50 [ 238.873709] do_syscall_64+0x3b/0x90 [ 238.874128] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.874747] RIP: 0033:0x7f4b87518a4d [ 238.875173] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.875830] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.876734] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.877849] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.878666] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.879437] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.880204] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.880985] [ 238.881246] irq event stamp: 0 [ 238.881649] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.882638] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.883549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.884431] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.885101] ---[ end trace 0000000000000000 ]--- [ 238.891027] ------------[ cut here ]------------ [ 238.891628] WARNING: CPU: 1 PID: 2271 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.892706] Modules linked in: [ 238.893046] CPU: 1 PID: 2271 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.894044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.895693] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.896246] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.898218] RSP: 0018:ffff888015d0fbb8 EFLAGS: 00010246 [ 238.899027] RAX: 0000000000000000 RBX: ffff8880182dd0a8 RCX: 0000000000000000 [ 238.899996] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 238.900756] RBP: ffff888015d0fbd0 R08: ffffed100305ba33 R09: ffffed100305ba33 [ 238.901538] R10: ffff8880182dd193 R11: ffffed100305ba32 R12: ffff888013642800 [ 238.902318] R13: ffff8880182dd1e8 R14: ffffffff8352e670 R15: ffff888015d0fe68 [ 238.903259] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.904343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.904987] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 238.905770] PKRU: 55555554 [ 238.906091] Call Trace: [ 238.906382] [ 238.906675] __iommufd_access_detach+0x1c2/0x2b0 [ 238.907252] iommufd_access_change_pt+0x149/0x270 [ 238.908036] iommufd_access_replace+0xb4/0x120 [ 238.908556] iommufd_test+0x3e5/0x37e0 [ 238.909042] ? lock_release+0x532/0x770 [ 238.909493] ? __might_fault+0x102/0x1b0 [ 238.909950] ? lock_acquire+0x427/0x4c0 [ 238.910400] ? __pfx_iommufd_test+0x10/0x10 [ 238.910909] ? __pfx_lock_release+0x10/0x10 [ 238.911496] ? __pfx_lock_acquire+0x10/0x10 [ 238.912134] ? write_comp_data+0x2f/0x90 [ 238.912769] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.913308] ? write_comp_data+0x2f/0x90 [ 238.913765] iommufd_fops_ioctl+0x37d/0x510 [ 238.914238] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.914833] ? write_comp_data+0x2f/0x90 [ 238.915313] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 238.915860] __x64_sys_ioctl+0x1a3/0x230 [ 238.916477] do_syscall_64+0x3b/0x90 [ 238.917065] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.917648] RIP: 0033:0x7f4b8743ee5d [ 238.918058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 238.920052] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 238.921059] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 238.921980] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 238.922775] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 238.923546] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 238.924316] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 238.925226] [ 238.925583] irq event stamp: 0 [ 238.926113] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.926839] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.927778] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.928686] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.929389] ---[ end trace 0000000000000000 ]--- [ 238.935076] ------------[ cut here ]------------ [ 238.935673] WARNING: CPU: 1 PID: 2271 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 238.936743] Modules linked in: [ 238.937090] CPU: 1 PID: 2271 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.938364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.939805] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 238.940358] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 238.942438] RSP: 0018:ffff888015d0fbd0 EFLAGS: 00010246 [ 238.943349] RAX: 0000000000000000 RBX: ffff8880182dd0a8 RCX: 0000000000000000 [ 238.944112] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 238.944864] RBP: ffff888015d0fbe8 R08: ffffed100305ba33 R09: ffffed100305ba33 [ 238.945619] R10: ffff8880182dd193 R11: ffffed100305ba32 R12: ffff88801341e400 [ 238.946387] R13: ffff8880182dd1e8 R14: ffff88800fa09100 R15: 0000000000000000 [ 238.947412] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.948526] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.949154] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 238.949928] PKRU: 55555554 [ 238.950245] Call Trace: [ 238.950557] [ 238.950814] iommufd_access_destroy_object+0x65/0x170 [ 238.951422] iommufd_object_destroy_user+0x18e/0x220 [ 238.952212] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 238.952843] iommufd_access_destroy+0x43/0x70 [ 238.953342] iommufd_test_staccess_release+0x8d/0xd0 [ 238.953896] __fput+0x26d/0xa40 [ 238.954269] ____fput+0x1e/0x30 [ 238.954675] task_work_run+0x1a4/0x2d0 [ 238.955126] ? __pfx_task_work_run+0x10/0x10 [ 238.955747] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.956491] ? switch_task_namespaces+0xa9/0xe0 [ 238.957020] do_exit+0xb17/0x2ef0 [ 238.957400] ? lock_acquire+0x427/0x4c0 [ 238.957846] ? __pfx_lock_release+0x10/0x10 [ 238.958313] ? __kasan_check_write+0x18/0x20 [ 238.958829] ? do_raw_spin_lock+0x132/0x2a0 [ 238.959331] ? __pfx_do_exit+0x10/0x10 [ 238.959834] ? debug_smp_processor_id+0x20/0x30 [ 238.960532] ? rcu_is_watching+0x19/0xb0 [ 238.961186] ? _raw_spin_unlock_irq+0x2b/0x60 [ 238.961690] ? trace_hardirqs_on+0x26/0x120 [ 238.962159] do_group_exit+0xe0/0x2b0 [ 238.962613] __x64_sys_exit_group+0x47/0x50 [ 238.963084] do_syscall_64+0x3b/0x90 [ 238.963506] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 238.964064] RIP: 0033:0x7f4b87518a4d [ 238.964473] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 238.965135] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 238.965969] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 238.966789] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 238.967585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 238.968607] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 238.969563] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 238.970340] [ 238.970641] irq event stamp: 0 [ 238.970989] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 238.971678] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 238.972580] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 238.973852] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 238.974602] ---[ end trace 0000000000000000 ]--- [ 238.975598] ------------[ cut here ]------------ [ 238.976116] WARNING: CPU: 1 PID: 2271 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 238.977231] Modules linked in: [ 238.977594] CPU: 1 PID: 2271 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 238.978885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 238.980431] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 238.980995] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 238.983001] RSP: 0018:ffff888015d0fb78 EFLAGS: 00010246 [ 238.983590] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 238.984460] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 238.985519] RBP: ffff888015d0fb98 R08: ffffed100305ba3e R09: ffffed100305ba3e [ 238.986286] R10: ffff8880182dd1ef R11: ffffed100305ba3d R12: ffff8880182dd290 [ 238.987095] R13: ffff8880182dd0a8 R14: ffffffffffffffff R15: ffff888015d0fc60 [ 238.987878] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 238.988749] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 238.989413] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 238.990495] PKRU: 55555554 [ 238.990862] Call Trace: [ 238.991167] [ 238.991420] iommufd_ioas_destroy+0x53/0x70 [ 238.991898] iommufd_fops_release+0x1f7/0x370 [ 238.992393] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.992931] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.993464] ? write_comp_data+0x2f/0x90 [ 238.993910] ? __pfx_iommufd_fops_release+0x10/0x10 [ 238.994639] __fput+0x26d/0xa40 [ 238.995149] ____fput+0x1e/0x30 [ 238.995522] task_work_run+0x1a4/0x2d0 [ 238.995959] ? __pfx_task_work_run+0x10/0x10 [ 238.996447] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 238.996972] ? switch_task_namespaces+0xa9/0xe0 [ 238.997487] do_exit+0xb17/0x2ef0 [ 238.997862] ? lock_acquire+0x427/0x4c0 [ 238.998309] ? __pfx_lock_release+0x10/0x10 [ 238.998831] ? __kasan_check_write+0x18/0x20 [ 238.999327] ? do_raw_spin_lock+0x132/0x2a0 [ 238.999880] ? __pfx_do_exit+0x10/0x10 [ 239.000470] ? debug_smp_processor_id+0x20/0x30 [ 239.001180] ? rcu_is_watching+0x19/0xb0 [ 239.001618] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.002117] ? trace_hardirqs_on+0x26/0x120 [ 239.002669] do_group_exit+0xe0/0x2b0 [ 239.003096] __x64_sys_exit_group+0x47/0x50 [ 239.003575] do_syscall_64+0x3b/0x90 [ 239.003990] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.004554] RIP: 0033:0x7f4b87518a4d [ 239.005071] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.006004] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.006915] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.007716] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.008488] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.009258] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.010131] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.011169] [ 239.011435] irq event stamp: 0 [ 239.011779] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.012462] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.013380] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.014283] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.015249] ---[ end trace 0000000000000000 ]--- [ 239.026343] ------------[ cut here ]------------ [ 239.027198] WARNING: CPU: 0 PID: 2272 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.028578] Modules linked in: [ 239.029024] CPU: 0 PID: 2272 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.030206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.031796] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.032493] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.034971] RSP: 0018:ffff888020a0fbb8 EFLAGS: 00010246 [ 239.035721] RAX: 0000000000000000 RBX: ffff8880102078a8 RCX: 0000000000000000 [ 239.036683] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 239.037651] RBP: ffff888020a0fbd0 R08: ffffed1002040f33 R09: ffffed1002040f33 [ 239.038669] R10: ffff888010207993 R11: ffffed1002040f32 R12: ffff88800f135000 [ 239.039670] R13: ffff8880102079e8 R14: ffffffff8352e670 R15: ffff888020a0fe68 [ 239.040630] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.041721] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.042558] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 239.043556] PKRU: 55555554 [ 239.043947] Call Trace: [ 239.044298] [ 239.044614] __iommufd_access_detach+0x1c2/0x2b0 [ 239.045290] iommufd_access_change_pt+0x149/0x270 [ 239.046106] iommufd_access_replace+0xb4/0x120 [ 239.047011] iommufd_test+0x3e5/0x37e0 [ 239.047582] ? lock_release+0x532/0x770 [ 239.048147] ? __might_fault+0x102/0x1b0 [ 239.048720] ? lock_acquire+0x427/0x4c0 [ 239.049286] ? __pfx_iommufd_test+0x10/0x10 [ 239.049877] ? __pfx_lock_release+0x10/0x10 [ 239.050478] ? __pfx_lock_acquire+0x10/0x10 [ 239.051166] ? write_comp_data+0x2f/0x90 [ 239.051741] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.052415] ? write_comp_data+0x2f/0x90 [ 239.052986] iommufd_fops_ioctl+0x37d/0x510 [ 239.053588] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.054258] ? write_comp_data+0x2f/0x90 [ 239.054875] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.055566] __x64_sys_ioctl+0x1a3/0x230 [ 239.056145] do_syscall_64+0x3b/0x90 [ 239.056680] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.057398] RIP: 0033:0x7f4b8743ee5d [ 239.057916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 239.060433] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 239.061482] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 239.062440] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 239.063451] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 239.064419] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 239.065377] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 239.066345] [ 239.066706] irq event stamp: 0 [ 239.067150] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.068001] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.069119] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.070239] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.071156] ---[ end trace 0000000000000000 ]--- [ 239.075660] ------------[ cut here ]------------ [ 239.076224] WARNING: CPU: 1 PID: 2272 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.077316] Modules linked in: [ 239.077664] CPU: 1 PID: 2272 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.078924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.080302] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.080847] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.083048] RSP: 0018:ffff888020a0fbd0 EFLAGS: 00010246 [ 239.083794] RAX: 0000000000000000 RBX: ffff8880102078a8 RCX: 0000000000000000 [ 239.084580] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 239.085367] RBP: ffff888020a0fbe8 R08: ffffed1002040f33 R09: ffffed1002040f33 [ 239.086151] R10: ffff888010207993 R11: ffffed1002040f32 R12: ffff8880129c5800 [ 239.087125] R13: ffff8880102079e8 R14: ffff888014983e00 R15: 0000000000000000 [ 239.088018] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.088915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.089568] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 239.090372] PKRU: 55555554 [ 239.090728] Call Trace: [ 239.091016] [ 239.091287] iommufd_access_destroy_object+0x65/0x170 [ 239.091860] iommufd_object_destroy_user+0x18e/0x220 [ 239.092421] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 239.093068] iommufd_access_destroy+0x43/0x70 [ 239.093577] iommufd_test_staccess_release+0x8d/0xd0 [ 239.094155] __fput+0x26d/0xa40 [ 239.094591] ____fput+0x1e/0x30 [ 239.094975] task_work_run+0x1a4/0x2d0 [ 239.095429] ? __pfx_task_work_run+0x10/0x10 [ 239.095924] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.096468] ? switch_task_namespaces+0xa9/0xe0 [ 239.096989] do_exit+0xb17/0x2ef0 [ 239.097370] ? lock_acquire+0x427/0x4c0 [ 239.097829] ? __pfx_lock_release+0x10/0x10 [ 239.098310] ? __kasan_check_write+0x18/0x20 [ 239.098845] ? do_raw_spin_lock+0x132/0x2a0 [ 239.099335] ? __pfx_do_exit+0x10/0x10 [ 239.099787] ? debug_smp_processor_id+0x20/0x30 [ 239.100306] ? rcu_is_watching+0x19/0xb0 [ 239.100761] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.101324] ? trace_hardirqs_on+0x26/0x120 [ 239.101803] do_group_exit+0xe0/0x2b0 [ 239.102222] __x64_sys_exit_group+0x47/0x50 [ 239.102734] do_syscall_64+0x3b/0x90 [ 239.103178] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.103760] RIP: 0033:0x7f4b87518a4d [ 239.104168] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.104817] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.105620] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.106375] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.107170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.107926] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.108692] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.109471] [ 239.109724] irq event stamp: 0 [ 239.110058] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.110788] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.111721] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.112647] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.113336] ---[ end trace 0000000000000000 ]--- [ 239.114899] ------------[ cut here ]------------ [ 239.115637] WARNING: CPU: 0 PID: 2272 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 239.117016] Modules linked in: [ 239.117467] CPU: 0 PID: 2272 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.118791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.120337] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 239.121055] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 239.123617] RSP: 0018:ffff888020a0fb78 EFLAGS: 00010246 [ 239.124361] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 239.125331] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 239.126301] RBP: ffff888020a0fb98 R08: ffffed1002040f3e R09: ffffed1002040f3e [ 239.127301] R10: ffff8880102079ef R11: ffffed1002040f3d R12: ffff888010207a90 [ 239.128259] R13: ffff8880102078a8 R14: ffffffffffffffff R15: ffff888020a0fc60 [ 239.129228] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.130315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.131167] CR2: 00007f82e2acc000 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 239.132154] PKRU: 55555554 [ 239.132549] Call Trace: [ 239.132909] [ 239.133232] iommufd_ioas_destroy+0x53/0x70 [ 239.133843] iommufd_fops_release+0x1f7/0x370 [ 239.134479] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.135264] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.135945] ? write_comp_data+0x2f/0x90 [ 239.136519] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.137204] __fput+0x26d/0xa40 [ 239.137686] ____fput+0x1e/0x30 [ 239.138156] task_work_run+0x1a4/0x2d0 [ 239.138751] ? __pfx_task_work_run+0x10/0x10 [ 239.139375] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.140038] ? switch_task_namespaces+0xa9/0xe0 [ 239.140687] do_exit+0xb17/0x2ef0 [ 239.141167] ? lock_acquire+0x427/0x4c0 [ 239.141729] ? __pfx_lock_release+0x10/0x10 [ 239.142333] ? __kasan_check_write+0x18/0x20 [ 239.142986] ? do_raw_spin_lock+0x132/0x2a0 [ 239.143596] ? __pfx_do_exit+0x10/0x10 [ 239.144136] ? debug_smp_processor_id+0x20/0x30 [ 239.144776] ? rcu_is_watching+0x19/0xb0 [ 239.145318] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.145929] ? trace_hardirqs_on+0x26/0x120 [ 239.146558] do_group_exit+0xe0/0x2b0 [ 239.147085] __x64_sys_exit_group+0x47/0x50 [ 239.147699] do_syscall_64+0x3b/0x90 [ 239.148244] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.148984] RIP: 0033:0x7f4b87518a4d [ 239.149494] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.150301] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.151395] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.152385] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.153368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.154339] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.155380] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.156373] [ 239.156700] irq event stamp: 0 [ 239.157122] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.157950] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.159077] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.160190] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.161020] ---[ end trace 0000000000000000 ]--- [ 239.168832] ------------[ cut here ]------------ [ 239.169542] WARNING: CPU: 0 PID: 2273 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.170980] Modules linked in: [ 239.171459] CPU: 0 PID: 2273 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.172616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.174110] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.174856] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.177126] RSP: 0018:ffff888015b17bb8 EFLAGS: 00010246 [ 239.177705] RAX: 0000000000000000 RBX: ffff88800b8140a8 RCX: 0000000000000000 [ 239.178452] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 239.179276] RBP: ffff888015b17bd0 R08: ffffed1001702833 R09: ffffed1001702833 [ 239.180087] R10: ffff88800b814193 R11: ffffed1001702832 R12: ffff88801422c000 [ 239.180843] R13: ffff88800b8141e8 R14: ffffffff8352e670 R15: ffff888015b17e68 [ 239.181596] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.182446] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.183100] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 239.183936] PKRU: 55555554 [ 239.184249] Call Trace: [ 239.184527] [ 239.184771] __iommufd_access_detach+0x1c2/0x2b0 [ 239.185299] iommufd_access_change_pt+0x149/0x270 [ 239.185816] iommufd_access_replace+0xb4/0x120 [ 239.186333] iommufd_test+0x3e5/0x37e0 [ 239.186797] ? lock_release+0x532/0x770 [ 239.187346] ? __might_fault+0x102/0x1b0 [ 239.187790] ? lock_acquire+0x427/0x4c0 [ 239.188231] ? __pfx_iommufd_test+0x10/0x10 [ 239.188729] ? __pfx_lock_release+0x10/0x10 [ 239.189190] ? __pfx_lock_acquire+0x10/0x10 [ 239.189676] ? write_comp_data+0x2f/0x90 [ 239.190125] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.190697] ? write_comp_data+0x2f/0x90 [ 239.191266] iommufd_fops_ioctl+0x37d/0x510 [ 239.191746] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.192268] ? write_comp_data+0x2f/0x90 [ 239.192716] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.193251] __x64_sys_ioctl+0x1a3/0x230 [ 239.193699] do_syscall_64+0x3b/0x90 [ 239.194121] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.194723] RIP: 0033:0x7f4b8743ee5d [ 239.195228] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 239.197252] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 239.198092] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 239.198902] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 239.200031] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 239.200995] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 239.201947] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 239.202997] [ 239.203357] irq event stamp: 0 [ 239.203791] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.204643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.205764] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.206939] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.207833] ---[ end trace 0000000000000000 ]--- [ 239.212930] ------------[ cut here ]------------ [ 239.213615] WARNING: CPU: 0 PID: 2273 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.215022] Modules linked in: [ 239.215488] CPU: 0 PID: 2273 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.216649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.218143] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.218904] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.221329] RSP: 0018:ffff888015b17bd0 EFLAGS: 00010246 [ 239.222055] RAX: 0000000000000000 RBX: ffff88800b8140a8 RCX: 0000000000000000 [ 239.223089] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 239.224072] RBP: ffff888015b17be8 R08: ffffed1001702833 R09: ffffed1001702833 [ 239.225017] R10: ffff88800b814193 R11: ffffed1001702832 R12: ffff88800f134400 [ 239.225965] R13: ffff88800b8141e8 R14: ffff88800fa22000 R15: 0000000000000000 [ 239.226975] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.228075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.228859] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 239.229811] PKRU: 55555554 [ 239.230202] Call Trace: [ 239.230614] [ 239.230951] iommufd_access_destroy_object+0x65/0x170 [ 239.231691] iommufd_object_destroy_user+0x18e/0x220 [ 239.232394] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 239.233190] iommufd_access_destroy+0x43/0x70 [ 239.233821] iommufd_test_staccess_release+0x8d/0xd0 [ 239.234582] __fput+0x26d/0xa40 [ 239.235087] ____fput+0x1e/0x30 [ 239.235583] task_work_run+0x1a4/0x2d0 [ 239.236132] ? __pfx_task_work_run+0x10/0x10 [ 239.236744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.237418] ? switch_task_namespaces+0xa9/0xe0 [ 239.238076] do_exit+0xb17/0x2ef0 [ 239.238628] ? lock_acquire+0x427/0x4c0 [ 239.239237] ? __pfx_lock_release+0x10/0x10 [ 239.239839] ? __kasan_check_write+0x18/0x20 [ 239.240452] ? do_raw_spin_lock+0x132/0x2a0 [ 239.241050] ? __pfx_do_exit+0x10/0x10 [ 239.241609] ? debug_smp_processor_id+0x20/0x30 [ 239.242259] ? rcu_is_watching+0x19/0xb0 [ 239.242892] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.243556] ? trace_hardirqs_on+0x26/0x120 [ 239.244167] do_group_exit+0xe0/0x2b0 [ 239.244699] __x64_sys_exit_group+0x47/0x50 [ 239.245288] do_syscall_64+0x3b/0x90 [ 239.245822] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.246597] RIP: 0033:0x7f4b87518a4d [ 239.247141] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.247976] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.248987] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.249933] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.250952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.251919] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.252830] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.253765] [ 239.254086] irq event stamp: 0 [ 239.254560] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.255401] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.256478] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.257568] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.258375] ---[ end trace 0000000000000000 ]--- [ 239.259734] ------------[ cut here ]------------ [ 239.260351] WARNING: CPU: 0 PID: 2273 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 239.261640] Modules linked in: [ 239.262064] CPU: 0 PID: 2273 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.263259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.264684] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 239.265366] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 239.267740] RSP: 0018:ffff888015b17b78 EFLAGS: 00010246 [ 239.268434] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 239.269341] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 239.270246] RBP: ffff888015b17b98 R08: ffffed100170283e R09: ffffed100170283e [ 239.271230] R10: ffff88800b8141ef R11: ffffed100170283d R12: ffff88800b814290 [ 239.272155] R13: ffff88800b8140a8 R14: ffffffffffffffff R15: ffff888015b17c60 [ 239.273069] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.274091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.274918] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 239.275865] PKRU: 55555554 [ 239.276238] Call Trace: [ 239.276574] [ 239.276876] iommufd_ioas_destroy+0x53/0x70 [ 239.277456] iommufd_fops_release+0x1f7/0x370 [ 239.278066] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.278813] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.279499] ? write_comp_data+0x2f/0x90 [ 239.280052] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.280707] __fput+0x26d/0xa40 [ 239.281167] ____fput+0x1e/0x30 [ 239.281621] task_work_run+0x1a4/0x2d0 [ 239.282146] ? __pfx_task_work_run+0x10/0x10 [ 239.282786] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.283457] ? switch_task_namespaces+0xa9/0xe0 [ 239.284082] do_exit+0xb17/0x2ef0 [ 239.284543] ? lock_acquire+0x427/0x4c0 [ 239.285078] ? __pfx_lock_release+0x10/0x10 [ 239.285656] ? __kasan_check_write+0x18/0x20 [ 239.286243] ? do_raw_spin_lock+0x132/0x2a0 [ 239.286863] ? __pfx_do_exit+0x10/0x10 [ 239.287423] ? debug_smp_processor_id+0x20/0x30 [ 239.288038] ? rcu_is_watching+0x19/0xb0 [ 239.288577] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.289174] ? trace_hardirqs_on+0x26/0x120 [ 239.289741] do_group_exit+0xe0/0x2b0 [ 239.290245] __x64_sys_exit_group+0x47/0x50 [ 239.290856] do_syscall_64+0x3b/0x90 [ 239.291397] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.292089] RIP: 0033:0x7f4b87518a4d [ 239.292578] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.293365] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.294325] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.295291] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.296204] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.297111] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.298019] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.298996] [ 239.299342] irq event stamp: 0 [ 239.299752] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.300750] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.302026] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.303439] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.304255] ---[ end trace 0000000000000000 ]--- [ 239.312042] ------------[ cut here ]------------ [ 239.312711] WARNING: CPU: 0 PID: 2274 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.314255] Modules linked in: [ 239.314759] CPU: 0 PID: 2274 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.316128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.317556] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.318417] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.321102] RSP: 0018:ffff888010fc7bb8 EFLAGS: 00010246 [ 239.321797] RAX: 0000000000000000 RBX: ffff88801367e8a8 RCX: 0000000000000000 [ 239.322763] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 239.323710] RBP: ffff888010fc7bd0 R08: ffffed10026cfd33 R09: ffffed10026cfd33 [ 239.324627] R10: ffff88801367e993 R11: ffffed10026cfd32 R12: ffff888020e69c00 [ 239.325537] R13: ffff88801367e9e8 R14: ffffffff8352e670 R15: ffff888010fc7e68 [ 239.326446] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.327551] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.328309] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 239.329226] PKRU: 55555554 [ 239.329605] Call Trace: [ 239.329944] [ 239.330244] __iommufd_access_detach+0x1c2/0x2b0 [ 239.330939] iommufd_access_change_pt+0x149/0x270 [ 239.331626] iommufd_access_replace+0xb4/0x120 [ 239.332249] iommufd_test+0x3e5/0x37e0 [ 239.332767] ? lock_release+0x532/0x770 [ 239.333316] ? __might_fault+0x102/0x1b0 [ 239.333861] ? lock_acquire+0x427/0x4c0 [ 239.334396] ? __pfx_iommufd_test+0x10/0x10 [ 239.335000] ? __pfx_lock_release+0x10/0x10 [ 239.335610] ? __pfx_lock_acquire+0x10/0x10 [ 239.336196] ? write_comp_data+0x2f/0x90 [ 239.336746] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.337389] ? write_comp_data+0x2f/0x90 [ 239.337946] iommufd_fops_ioctl+0x37d/0x510 [ 239.338570] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.339243] ? write_comp_data+0x2f/0x90 [ 239.339791] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.340430] __x64_sys_ioctl+0x1a3/0x230 [ 239.340982] do_syscall_64+0x3b/0x90 [ 239.341480] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.342154] RIP: 0033:0x7f4b8743ee5d [ 239.342697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 239.345021] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 239.346001] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 239.346963] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 239.347893] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 239.348811] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 239.349724] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 239.350708] [ 239.351030] irq event stamp: 0 [ 239.351469] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.352284] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.353356] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.354422] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.355292] ---[ end trace 0000000000000000 ]--- [ 239.360706] ------------[ cut here ]------------ [ 239.361327] WARNING: CPU: 0 PID: 2274 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.362663] Modules linked in: [ 239.363082] CPU: 0 PID: 2274 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.364447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.366074] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.366774] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.369292] RSP: 0018:ffff888010fc7bd0 EFLAGS: 00010246 [ 239.370027] RAX: 0000000000000000 RBX: ffff88801367e8a8 RCX: 0000000000000000 [ 239.371150] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 239.372069] RBP: ffff888010fc7be8 R08: ffffed10026cfd33 R09: ffffed10026cfd33 [ 239.373277] R10: ffff88801367e993 R11: ffffed10026cfd32 R12: ffff88801422f000 [ 239.374220] R13: ffff88801367e9e8 R14: ffff888012cf9d00 R15: 0000000000000000 [ 239.375491] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.376550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.377416] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 239.378585] PKRU: 55555554 [ 239.378974] Call Trace: [ 239.379335] [ 239.379645] iommufd_access_destroy_object+0x65/0x170 [ 239.380585] iommufd_object_destroy_user+0x18e/0x220 [ 239.381274] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 239.382144] iommufd_access_destroy+0x43/0x70 [ 239.382975] iommufd_test_staccess_release+0x8d/0xd0 [ 239.383689] __fput+0x26d/0xa40 [ 239.384160] ____fput+0x1e/0x30 [ 239.384714] task_work_run+0x1a4/0x2d0 [ 239.385440] ? __pfx_task_work_run+0x10/0x10 [ 239.386044] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.386782] ? switch_task_namespaces+0xa9/0xe0 [ 239.387602] do_exit+0xb17/0x2ef0 [ 239.388076] ? lock_acquire+0x427/0x4c0 [ 239.388624] ? __pfx_lock_release+0x10/0x10 [ 239.389236] ? __kasan_check_write+0x18/0x20 [ 239.390037] ? do_raw_spin_lock+0x132/0x2a0 [ 239.390675] ? __pfx_do_exit+0x10/0x10 [ 239.391231] ? debug_smp_processor_id+0x20/0x30 [ 239.392140] ? rcu_is_watching+0x19/0xb0 [ 239.392691] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.393302] ? trace_hardirqs_on+0x26/0x120 [ 239.394160] do_group_exit+0xe0/0x2b0 [ 239.394706] __x64_sys_exit_group+0x47/0x50 [ 239.395297] do_syscall_64+0x3b/0x90 [ 239.395844] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.396730] RIP: 0033:0x7f4b87518a4d [ 239.397235] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.398076] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.399339] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.400309] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.401444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.402424] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.403630] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.404629] [ 239.405195] irq event stamp: 0 [ 239.405641] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.406541] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.407995] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.409151] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.410287] ---[ end trace 0000000000000000 ]--- [ 239.413833] ------------[ cut here ]------------ [ 239.414859] WARNING: CPU: 0 PID: 2274 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 239.416276] Modules linked in: [ 239.416729] CPU: 0 PID: 2274 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.417928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.419532] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 239.420266] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 239.422824] RSP: 0018:ffff888010fc7b78 EFLAGS: 00010246 [ 239.423597] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 239.424577] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 239.425559] RBP: ffff888010fc7b98 R08: ffffed10026cfd3e R09: ffffed10026cfd3e [ 239.426598] R10: ffff88801367e9ef R11: ffffed10026cfd3d R12: ffff88801367ea90 [ 239.427615] R13: ffff88801367e8a8 R14: ffffffffffffffff R15: ffff888010fc7c60 [ 239.428614] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.429723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.430602] CR2: 00007f82e2ae1000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 239.431618] PKRU: 55555554 [ 239.432018] Call Trace: [ 239.432380] [ 239.432706] iommufd_ioas_destroy+0x53/0x70 [ 239.433327] iommufd_fops_release+0x1f7/0x370 [ 239.433967] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.434758] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.435489] ? write_comp_data+0x2f/0x90 [ 239.436075] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.436777] __fput+0x26d/0xa40 [ 239.437267] ____fput+0x1e/0x30 [ 239.437744] task_work_run+0x1a4/0x2d0 [ 239.438303] ? __pfx_task_work_run+0x10/0x10 [ 239.438995] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.439723] ? switch_task_namespaces+0xa9/0xe0 [ 239.440396] do_exit+0xb17/0x2ef0 [ 239.440891] ? lock_acquire+0x427/0x4c0 [ 239.441463] ? __pfx_lock_release+0x10/0x10 [ 239.442078] ? __kasan_check_write+0x18/0x20 [ 239.442768] ? do_raw_spin_lock+0x132/0x2a0 [ 239.443414] ? __pfx_do_exit+0x10/0x10 [ 239.443983] ? debug_smp_processor_id+0x20/0x30 [ 239.444661] ? rcu_is_watching+0x19/0xb0 [ 239.445247] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.445895] ? trace_hardirqs_on+0x26/0x120 [ 239.446584] do_group_exit+0xe0/0x2b0 [ 239.447194] __x64_sys_exit_group+0x47/0x50 [ 239.447830] do_syscall_64+0x3b/0x90 [ 239.448387] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.449151] RIP: 0033:0x7f4b87518a4d [ 239.449696] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.450653] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.451796] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.452828] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.453850] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.454936] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.456009] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.457058] [ 239.457410] irq event stamp: 0 [ 239.457860] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.458806] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.460012] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.461183] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.462066] ---[ end trace 0000000000000000 ]--- [ 239.470228] ------------[ cut here ]------------ [ 239.471440] WARNING: CPU: 0 PID: 2275 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.473069] Modules linked in: [ 239.473513] CPU: 0 PID: 2275 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.474746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.476243] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.476920] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.479386] RSP: 0018:ffff888020a0fbb8 EFLAGS: 00010246 [ 239.480111] RAX: 0000000000000000 RBX: ffff88801356e0a8 RCX: 0000000000000000 [ 239.481053] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 239.481988] RBP: ffff888020a0fbd0 R08: ffffed10026adc33 R09: ffffed10026adc33 [ 239.482996] R10: ffff88801356e193 R11: ffffed10026adc32 R12: ffff88800a724400 [ 239.483978] R13: ffff88801356e1e8 R14: ffffffff8352e670 R15: ffff888020a0fe68 [ 239.484933] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.486002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.486857] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 239.487875] PKRU: 55555554 [ 239.488272] Call Trace: [ 239.488628] [ 239.488951] __iommufd_access_detach+0x1c2/0x2b0 [ 239.489624] iommufd_access_change_pt+0x149/0x270 [ 239.490287] iommufd_access_replace+0xb4/0x120 [ 239.490976] iommufd_test+0x3e5/0x37e0 [ 239.491539] ? lock_release+0x532/0x770 [ 239.492103] ? __might_fault+0x102/0x1b0 [ 239.492687] ? lock_acquire+0x427/0x4c0 [ 239.493264] ? __pfx_iommufd_test+0x10/0x10 [ 239.493874] ? __pfx_lock_release+0x10/0x10 [ 239.494477] ? __pfx_lock_acquire+0x10/0x10 [ 239.495165] ? write_comp_data+0x2f/0x90 [ 239.495730] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.496392] ? write_comp_data+0x2f/0x90 [ 239.496948] iommufd_fops_ioctl+0x37d/0x510 [ 239.497537] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.498195] ? write_comp_data+0x2f/0x90 [ 239.498819] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.499505] __x64_sys_ioctl+0x1a3/0x230 [ 239.500069] do_syscall_64+0x3b/0x90 [ 239.500585] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.501295] RIP: 0033:0x7f4b8743ee5d [ 239.501809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 239.504330] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 239.505372] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 239.506314] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 239.507339] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 239.508286] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 239.509226] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 239.510185] [ 239.510557] irq event stamp: 0 [ 239.510986] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.511841] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.512927] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.514023] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.514933] ---[ end trace 0000000000000000 ]--- [ 239.520727] ------------[ cut here ]------------ [ 239.521398] WARNING: CPU: 0 PID: 2275 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.522800] Modules linked in: [ 239.523275] CPU: 0 PID: 2275 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.524540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.526252] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.527003] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.529805] RSP: 0018:ffff888020a0fbd0 EFLAGS: 00010246 [ 239.530589] RAX: 0000000000000000 RBX: ffff88801356e0a8 RCX: 0000000000000000 [ 239.531573] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 239.532515] RBP: ffff888020a0fbe8 R08: ffffed10026adc33 R09: ffffed10026adc33 [ 239.533780] R10: ffff88801356e193 R11: ffffed10026adc32 R12: ffff888020e6b800 [ 239.534786] R13: ffff88801356e1e8 R14: ffff8880137a7d00 R15: 0000000000000000 [ 239.535752] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.536925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.537894] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 239.538901] PKRU: 55555554 [ 239.539312] Call Trace: [ 239.539663] [ 239.539976] iommufd_access_destroy_object+0x65/0x170 [ 239.540706] iommufd_object_destroy_user+0x18e/0x220 [ 239.541735] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 239.542620] iommufd_access_destroy+0x43/0x70 [ 239.543299] iommufd_test_staccess_release+0x8d/0xd0 [ 239.544020] __fput+0x26d/0xa40 [ 239.544507] ____fput+0x1e/0x30 [ 239.544986] task_work_run+0x1a4/0x2d0 [ 239.545868] ? __pfx_task_work_run+0x10/0x10 [ 239.546485] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.547240] ? switch_task_namespaces+0xa9/0xe0 [ 239.547889] do_exit+0xb17/0x2ef0 [ 239.548360] ? lock_acquire+0x427/0x4c0 [ 239.548908] ? __pfx_lock_release+0x10/0x10 [ 239.549502] ? __kasan_check_write+0x18/0x20 [ 239.550414] ? do_raw_spin_lock+0x132/0x2a0 [ 239.551049] ? __pfx_do_exit+0x10/0x10 [ 239.551624] ? debug_smp_processor_id+0x20/0x30 [ 239.552269] ? rcu_is_watching+0x19/0xb0 [ 239.552828] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.553459] ? trace_hardirqs_on+0x26/0x120 [ 239.554071] do_group_exit+0xe0/0x2b0 [ 239.554984] __x64_sys_exit_group+0x47/0x50 [ 239.555594] do_syscall_64+0x3b/0x90 [ 239.556118] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.556818] RIP: 0033:0x7f4b87518a4d [ 239.557325] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.558156] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.559616] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.560586] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.561556] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.562592] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.563623] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.564858] [ 239.565184] irq event stamp: 0 [ 239.565610] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.566446] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.567931] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.569060] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.569914] ---[ end trace 0000000000000000 ]--- [ 239.571358] ------------[ cut here ]------------ [ 239.572045] WARNING: CPU: 0 PID: 2275 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 239.573651] Modules linked in: [ 239.574091] CPU: 0 PID: 2275 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.575358] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.577164] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 239.577877] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 239.580469] RSP: 0018:ffff888020a0fb78 EFLAGS: 00010246 [ 239.581413] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 239.582379] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 239.583402] RBP: ffff888020a0fb98 R08: ffffed10026adc3e R09: ffffed10026adc3e [ 239.584350] R10: ffff88801356e1ef R11: ffffed10026adc3d R12: ffff88801356e290 [ 239.585621] R13: ffff88801356e0a8 R14: ffffffffffffffff R15: ffff888020a0fc60 [ 239.586608] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 239.587701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.588473] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 239.589780] PKRU: 55555554 [ 239.590184] Call Trace: [ 239.590603] [ 239.590929] iommufd_ioas_destroy+0x53/0x70 [ 239.591554] iommufd_fops_release+0x1f7/0x370 [ 239.592187] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.592880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.593627] ? write_comp_data+0x2f/0x90 [ 239.594431] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.595224] __fput+0x26d/0xa40 [ 239.595721] ____fput+0x1e/0x30 [ 239.596206] task_work_run+0x1a4/0x2d0 [ 239.596755] ? __pfx_task_work_run+0x10/0x10 [ 239.597375] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.598377] ? switch_task_namespaces+0xa9/0xe0 [ 239.599105] do_exit+0xb17/0x2ef0 [ 239.599611] ? lock_acquire+0x427/0x4c0 [ 239.600176] ? __pfx_lock_release+0x10/0x10 [ 239.600777] ? __kasan_check_write+0x18/0x20 [ 239.601383] ? do_raw_spin_lock+0x132/0x2a0 [ 239.601980] ? __pfx_do_exit+0x10/0x10 [ 239.602888] ? debug_smp_processor_id+0x20/0x30 [ 239.603553] ? rcu_is_watching+0x19/0xb0 [ 239.604121] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.604753] ? trace_hardirqs_on+0x26/0x120 [ 239.605359] do_group_exit+0xe0/0x2b0 [ 239.605897] __x64_sys_exit_group+0x47/0x50 [ 239.606493] do_syscall_64+0x3b/0x90 [ 239.607391] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.608115] RIP: 0033:0x7f4b87518a4d [ 239.608628] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.609462] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.610483] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.611536] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.612802] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.613740] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.614726] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.615711] [ 239.616313] irq event stamp: 0 [ 239.616748] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.617611] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.618861] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.620085] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.621256] ---[ end trace 0000000000000000 ]--- [ 239.629149] ------------[ cut here ]------------ [ 239.629896] WARNING: CPU: 1 PID: 2276 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.631466] Modules linked in: [ 239.631947] CPU: 1 PID: 2276 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.633200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.634920] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.635688] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.638266] RSP: 0018:ffff888012a7fbb8 EFLAGS: 00010246 [ 239.639104] RAX: 0000000000000000 RBX: ffff88801346c0a8 RCX: 0000000000000000 [ 239.640157] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 239.641173] RBP: ffff888012a7fbd0 R08: ffffed100268d833 R09: ffffed100268d833 [ 239.642192] R10: ffff88801346c193 R11: ffffed100268d832 R12: ffff88801226fc00 [ 239.643308] R13: ffff88801346c1e8 R14: ffffffff8352e670 R15: ffff888012a7fe68 [ 239.644350] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.645499] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.646328] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 239.647452] PKRU: 55555554 [ 239.647886] Call Trace: [ 239.648258] [ 239.648591] __iommufd_access_detach+0x1c2/0x2b0 [ 239.649298] iommufd_access_change_pt+0x149/0x270 [ 239.650004] iommufd_access_replace+0xb4/0x120 [ 239.650748] iommufd_test+0x3e5/0x37e0 [ 239.651353] ? lock_release+0x532/0x770 [ 239.651949] ? __might_fault+0x102/0x1b0 [ 239.652549] ? lock_acquire+0x427/0x4c0 [ 239.653153] ? __pfx_iommufd_test+0x10/0x10 [ 239.653776] ? __pfx_lock_release+0x10/0x10 [ 239.654409] ? __pfx_lock_acquire+0x10/0x10 [ 239.655137] ? write_comp_data+0x2f/0x90 [ 239.655758] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.656463] ? write_comp_data+0x2f/0x90 [ 239.657060] iommufd_fops_ioctl+0x37d/0x510 [ 239.657687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.658395] ? write_comp_data+0x2f/0x90 [ 239.659252] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.659947] __x64_sys_ioctl+0x1a3/0x230 [ 239.660524] do_syscall_64+0x3b/0x90 [ 239.661054] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.661776] RIP: 0033:0x7f4b8743ee5d [ 239.662291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 239.664851] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 239.665896] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 239.666913] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 239.667894] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 239.668860] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 239.669845] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 239.670892] [ 239.671237] irq event stamp: 0 [ 239.671670] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.672506] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.673616] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.674782] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.675652] ---[ end trace 0000000000000000 ]--- [ 239.680833] ------------[ cut here ]------------ [ 239.681516] WARNING: CPU: 1 PID: 2276 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.683337] Modules linked in: [ 239.683756] CPU: 1 PID: 2276 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.684906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.686420] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.687218] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.689686] RSP: 0018:ffff888012a7fbd0 EFLAGS: 00010246 [ 239.690417] RAX: 0000000000000000 RBX: ffff88801346c0a8 RCX: 0000000000000000 [ 239.691494] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 239.692466] RBP: ffff888012a7fbe8 R08: ffffed100268d833 R09: ffffed100268d833 [ 239.693458] R10: ffff88801346c193 R11: ffffed100268d832 R12: ffff888013641400 [ 239.694439] R13: ffff88801346c1e8 R14: ffff88801092b900 R15: 0000000000000000 [ 239.695510] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.696578] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.697360] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 239.698296] PKRU: 55555554 [ 239.698743] Call Trace: [ 239.699140] [ 239.699456] iommufd_access_destroy_object+0x65/0x170 [ 239.700160] iommufd_object_destroy_user+0x18e/0x220 [ 239.700858] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 239.701645] iommufd_access_destroy+0x43/0x70 [ 239.702264] iommufd_test_staccess_release+0x8d/0xd0 [ 239.702999] __fput+0x26d/0xa40 [ 239.703673] ____fput+0x1e/0x30 [ 239.704158] task_work_run+0x1a4/0x2d0 [ 239.704702] ? __pfx_task_work_run+0x10/0x10 [ 239.705308] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.705981] ? switch_task_namespaces+0xa9/0xe0 [ 239.706694] do_exit+0xb17/0x2ef0 [ 239.707234] ? lock_acquire+0x427/0x4c0 [ 239.707820] ? __pfx_lock_release+0x10/0x10 [ 239.708431] ? __kasan_check_write+0x18/0x20 [ 239.709040] ? do_raw_spin_lock+0x132/0x2a0 [ 239.709629] ? __pfx_do_exit+0x10/0x10 [ 239.710183] ? debug_smp_processor_id+0x20/0x30 [ 239.710896] ? rcu_is_watching+0x19/0xb0 [ 239.711526] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.712167] ? trace_hardirqs_on+0x26/0x120 [ 239.712776] do_group_exit+0xe0/0x2b0 [ 239.713300] __x64_sys_exit_group+0x47/0x50 [ 239.713880] do_syscall_64+0x3b/0x90 [ 239.714404] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.715261] RIP: 0033:0x7f4b87518a4d [ 239.715824] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.716628] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.717633] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.718666] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.719654] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.720617] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.721589] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.722645] [ 239.722982] irq event stamp: 0 [ 239.723444] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.724288] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.725407] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.726481] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.727562] ---[ end trace 0000000000000000 ]--- [ 239.728927] ------------[ cut here ]------------ [ 239.729438] WARNING: CPU: 1 PID: 2276 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 239.730494] Modules linked in: [ 239.730883] CPU: 1 PID: 2276 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.731811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.732999] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 239.733546] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 239.735697] RSP: 0018:ffff888012a7fb78 EFLAGS: 00010246 [ 239.736282] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 239.737023] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 239.737764] RBP: ffff888012a7fb98 R08: ffffed100268d83e R09: ffffed100268d83e [ 239.738557] R10: ffff88801346c1ef R11: ffffed100268d83d R12: ffff88801346c290 [ 239.739329] R13: ffff88801346c0a8 R14: ffffffffffffffff R15: ffff888012a7fc60 [ 239.740090] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.740935] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.741554] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 239.742310] PKRU: 55555554 [ 239.742666] Call Trace: [ 239.742940] [ 239.743192] iommufd_ioas_destroy+0x53/0x70 [ 239.743669] iommufd_fops_release+0x1f7/0x370 [ 239.744159] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.744699] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.745218] ? write_comp_data+0x2f/0x90 [ 239.745654] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.746185] __fput+0x26d/0xa40 [ 239.746604] ____fput+0x1e/0x30 [ 239.746975] task_work_run+0x1a4/0x2d0 [ 239.747411] ? __pfx_task_work_run+0x10/0x10 [ 239.747876] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.748402] ? switch_task_namespaces+0xa9/0xe0 [ 239.748921] do_exit+0xb17/0x2ef0 [ 239.749297] ? lock_acquire+0x427/0x4c0 [ 239.749733] ? __pfx_lock_release+0x10/0x10 [ 239.750202] ? __kasan_check_write+0x18/0x20 [ 239.750722] ? do_raw_spin_lock+0x132/0x2a0 [ 239.751205] ? __pfx_do_exit+0x10/0x10 [ 239.751633] ? debug_smp_processor_id+0x20/0x30 [ 239.752130] ? rcu_is_watching+0x19/0xb0 [ 239.752566] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.753052] ? trace_hardirqs_on+0x26/0x120 [ 239.753529] do_group_exit+0xe0/0x2b0 [ 239.753939] __x64_sys_exit_group+0x47/0x50 [ 239.754402] do_syscall_64+0x3b/0x90 [ 239.754858] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.755426] RIP: 0033:0x7f4b87518a4d [ 239.755827] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.756491] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.757291] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.758040] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.758842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.759623] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.760377] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.761144] [ 239.761392] irq event stamp: 0 [ 239.761730] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.762393] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.763342] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.764227] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.764904] ---[ end trace 0000000000000000 ]--- [ 239.770674] ------------[ cut here ]------------ [ 239.771276] WARNING: CPU: 1 PID: 2277 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.772352] Modules linked in: [ 239.772696] CPU: 1 PID: 2277 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.773615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.774926] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.775489] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.777435] RSP: 0018:ffff888016037bb8 EFLAGS: 00010246 [ 239.778005] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 239.778804] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 239.779579] RBP: ffff888016037bd0 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 239.780347] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff88800f135800 [ 239.781122] R13: ffff8880178189e8 R14: ffffffff8352e670 R15: ffff888016037e68 [ 239.781883] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.782786] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.783420] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 239.784179] PKRU: 55555554 [ 239.784479] Call Trace: [ 239.784756] [ 239.785003] __iommufd_access_detach+0x1c2/0x2b0 [ 239.785522] iommufd_access_change_pt+0x149/0x270 [ 239.786044] iommufd_access_replace+0xb4/0x120 [ 239.786583] iommufd_test+0x3e5/0x37e0 [ 239.787005] ? lock_release+0x532/0x770 [ 239.787465] ? __might_fault+0x102/0x1b0 [ 239.787907] ? lock_acquire+0x427/0x4c0 [ 239.788341] ? __pfx_iommufd_test+0x10/0x10 [ 239.788798] ? __pfx_lock_release+0x10/0x10 [ 239.789263] ? __pfx_lock_acquire+0x10/0x10 [ 239.789729] ? write_comp_data+0x2f/0x90 [ 239.790169] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.790743] ? write_comp_data+0x2f/0x90 [ 239.791212] iommufd_fops_ioctl+0x37d/0x510 [ 239.791687] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.792211] ? write_comp_data+0x2f/0x90 [ 239.792665] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.793184] __x64_sys_ioctl+0x1a3/0x230 [ 239.793629] do_syscall_64+0x3b/0x90 [ 239.794037] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.794646] RIP: 0033:0x7f4b8743ee5d [ 239.795051] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 239.796981] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 239.797797] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 239.798590] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 239.799352] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 239.800104] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 239.800856] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 239.801617] [ 239.801865] irq event stamp: 0 [ 239.802193] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.802906] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.803807] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.804695] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.805359] ---[ end trace 0000000000000000 ]--- [ 239.808673] ------------[ cut here ]------------ [ 239.809201] WARNING: CPU: 1 PID: 2277 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.810257] Modules linked in: [ 239.810657] CPU: 1 PID: 2277 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.811575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.812751] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.813286] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.816000] RSP: 0018:ffff888016037bd0 EFLAGS: 00010246 [ 239.816557] RAX: 0000000000000000 RBX: ffff8880178188a8 RCX: 0000000000000000 [ 239.817290] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 239.818025] RBP: ffff888016037be8 R08: ffffed1002f03133 R09: ffffed1002f03133 [ 239.818906] R10: ffff888017818993 R11: ffffed1002f03132 R12: ffff88801226f800 [ 239.820132] R13: ffff8880178189e8 R14: ffff88801381a900 R15: 0000000000000000 [ 239.820876] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.821704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.822304] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 239.823099] PKRU: 55555554 [ 239.823420] Call Trace: [ 239.823689] [ 239.823927] iommufd_access_destroy_object+0x65/0x170 [ 239.824545] iommufd_object_destroy_user+0x18e/0x220 [ 239.825286] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 239.825899] iommufd_access_destroy+0x43/0x70 [ 239.826380] iommufd_test_staccess_release+0x8d/0xd0 [ 239.826956] __fput+0x26d/0xa40 [ 239.827333] ____fput+0x1e/0x30 [ 239.827688] task_work_run+0x1a4/0x2d0 [ 239.828107] ? __pfx_task_work_run+0x10/0x10 [ 239.828580] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.829104] ? switch_task_namespaces+0xa9/0xe0 [ 239.829811] do_exit+0xb17/0x2ef0 [ 239.830317] ? lock_acquire+0x427/0x4c0 [ 239.830827] ? __pfx_lock_release+0x10/0x10 [ 239.831311] ? __kasan_check_write+0x18/0x20 [ 239.831784] ? do_raw_spin_lock+0x132/0x2a0 [ 239.832244] ? __pfx_do_exit+0x10/0x10 [ 239.832666] ? debug_smp_processor_id+0x20/0x30 [ 239.833163] ? rcu_is_watching+0x19/0xb0 [ 239.833599] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.834151] ? trace_hardirqs_on+0x26/0x120 [ 239.834880] do_group_exit+0xe0/0x2b0 [ 239.835305] __x64_sys_exit_group+0x47/0x50 [ 239.835780] do_syscall_64+0x3b/0x90 [ 239.836196] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.836758] RIP: 0033:0x7f4b87518a4d [ 239.837153] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.837807] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.838662] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.839484] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.840483] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.841245] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.842005] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.842838] [ 239.843103] irq event stamp: 0 [ 239.843455] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.844200] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.845295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.846173] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.846888] ---[ end trace 0000000000000000 ]--- [ 239.847812] ------------[ cut here ]------------ [ 239.848317] WARNING: CPU: 1 PID: 2277 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 239.849705] Modules linked in: [ 239.850061] CPU: 1 PID: 2277 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.851037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.852247] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 239.852800] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 239.855096] RSP: 0018:ffff888016037b78 EFLAGS: 00010246 [ 239.855686] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 239.856441] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 239.857193] RBP: ffff888016037b98 R08: ffffed1002f0313e R09: ffffed1002f0313e [ 239.858040] R10: ffff8880178189ef R11: ffffed1002f0313d R12: ffff888017818a90 [ 239.859047] R13: ffff8880178188a8 R14: ffffffffffffffff R15: ffff888016037c60 [ 239.859827] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.860685] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.861299] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 239.862058] PKRU: 55555554 [ 239.862376] Call Trace: [ 239.862758] [ 239.863072] iommufd_ioas_destroy+0x53/0x70 [ 239.863723] iommufd_fops_release+0x1f7/0x370 [ 239.864206] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.864749] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.865274] ? write_comp_data+0x2f/0x90 [ 239.865719] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.866256] __fput+0x26d/0xa40 [ 239.866668] ____fput+0x1e/0x30 [ 239.867029] task_work_run+0x1a4/0x2d0 [ 239.867464] ? __pfx_task_work_run+0x10/0x10 [ 239.867940] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.868626] ? switch_task_namespaces+0xa9/0xe0 [ 239.869279] do_exit+0xb17/0x2ef0 [ 239.869648] ? lock_acquire+0x427/0x4c0 [ 239.870078] ? __pfx_lock_release+0x10/0x10 [ 239.870579] ? __kasan_check_write+0x18/0x20 [ 239.871052] ? do_raw_spin_lock+0x132/0x2a0 [ 239.871530] ? __pfx_do_exit+0x10/0x10 [ 239.871958] ? debug_smp_processor_id+0x20/0x30 [ 239.872461] ? rcu_is_watching+0x19/0xb0 [ 239.872934] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.873563] ? trace_hardirqs_on+0x26/0x120 [ 239.874214] do_group_exit+0xe0/0x2b0 [ 239.874677] __x64_sys_exit_group+0x47/0x50 [ 239.875144] do_syscall_64+0x3b/0x90 [ 239.875550] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.876102] RIP: 0033:0x7f4b87518a4d [ 239.876500] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.877145] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.878035] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.879058] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.879826] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.880574] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.881322] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.882073] [ 239.882318] irq event stamp: 0 [ 239.882760] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.883734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.884625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.885512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.886186] ---[ end trace 0000000000000000 ]--- [ 239.892543] ------------[ cut here ]------------ [ 239.893310] WARNING: CPU: 1 PID: 2278 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.894905] Modules linked in: [ 239.895271] CPU: 1 PID: 2278 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.896164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.897315] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.897849] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.900417] RSP: 0018:ffff88801704fbb8 EFLAGS: 00010246 [ 239.900979] RAX: 0000000000000000 RBX: ffff8880142990a8 RCX: 0000000000000000 [ 239.901715] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 239.902464] RBP: ffff88801704fbd0 R08: ffffed1002853233 R09: ffffed1002853233 [ 239.903231] R10: ffff888014299193 R11: ffffed1002853232 R12: ffff88800f140800 [ 239.903972] R13: ffff8880142991e8 R14: ffffffff8352e670 R15: ffff88801704fe68 [ 239.904707] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.905717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.906653] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 239.907432] PKRU: 55555554 [ 239.907729] Call Trace: [ 239.907998] [ 239.908237] __iommufd_access_detach+0x1c2/0x2b0 [ 239.908750] iommufd_access_change_pt+0x149/0x270 [ 239.909264] iommufd_access_replace+0xb4/0x120 [ 239.909777] iommufd_test+0x3e5/0x37e0 [ 239.910192] ? lock_release+0x532/0x770 [ 239.910671] ? __might_fault+0x102/0x1b0 [ 239.911129] ? lock_acquire+0x427/0x4c0 [ 239.911571] ? __pfx_iommufd_test+0x10/0x10 [ 239.912090] ? __pfx_lock_release+0x10/0x10 [ 239.912696] ? __pfx_lock_acquire+0x10/0x10 [ 239.913398] ? write_comp_data+0x2f/0x90 [ 239.913851] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.914380] ? write_comp_data+0x2f/0x90 [ 239.914872] iommufd_fops_ioctl+0x37d/0x510 [ 239.915377] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.915901] ? write_comp_data+0x2f/0x90 [ 239.916345] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 239.916862] __x64_sys_ioctl+0x1a3/0x230 [ 239.917308] do_syscall_64+0x3b/0x90 [ 239.917729] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.918439] RIP: 0033:0x7f4b8743ee5d [ 239.919022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 239.921170] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 239.921983] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 239.922811] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 239.923578] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 239.924352] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 239.925275] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 239.926326] [ 239.926635] irq event stamp: 0 [ 239.926976] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.927662] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.928555] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.929437] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.930114] ---[ end trace 0000000000000000 ]--- [ 239.933585] ------------[ cut here ]------------ [ 239.934124] WARNING: CPU: 1 PID: 2278 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 239.935304] Modules linked in: [ 239.935672] CPU: 1 PID: 2278 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.936832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.938311] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 239.938886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 239.940867] RSP: 0018:ffff88801704fbd0 EFLAGS: 00010246 [ 239.941441] RAX: 0000000000000000 RBX: ffff8880142990a8 RCX: 0000000000000000 [ 239.942206] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 239.943241] RBP: ffff88801704fbe8 R08: ffffed1002853233 R09: ffffed1002853233 [ 239.944181] R10: ffff888014299193 R11: ffffed1002853232 R12: ffff88800f135000 [ 239.944940] R13: ffff8880142991e8 R14: ffff8880122bac00 R15: 0000000000000000 [ 239.945694] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.946577] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.947213] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 239.947969] PKRU: 55555554 [ 239.948274] Call Trace: [ 239.948554] [ 239.948804] iommufd_access_destroy_object+0x65/0x170 [ 239.949365] iommufd_object_destroy_user+0x18e/0x220 [ 239.950112] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 239.951189] iommufd_access_destroy+0x43/0x70 [ 239.951779] iommufd_test_staccess_release+0x8d/0xd0 [ 239.952401] __fput+0x26d/0xa40 [ 239.952822] ____fput+0x1e/0x30 [ 239.953233] task_work_run+0x1a4/0x2d0 [ 239.953699] ? __pfx_task_work_run+0x10/0x10 [ 239.954173] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.954747] ? switch_task_namespaces+0xa9/0xe0 [ 239.955277] do_exit+0xb17/0x2ef0 [ 239.955648] ? lock_acquire+0x427/0x4c0 [ 239.956083] ? __pfx_lock_release+0x10/0x10 [ 239.956553] ? __kasan_check_write+0x18/0x20 [ 239.957052] ? do_raw_spin_lock+0x132/0x2a0 [ 239.957671] ? __pfx_do_exit+0x10/0x10 [ 239.958331] ? debug_smp_processor_id+0x20/0x30 [ 239.958885] ? rcu_is_watching+0x19/0xb0 [ 239.959347] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.959830] ? trace_hardirqs_on+0x26/0x120 [ 239.960303] do_group_exit+0xe0/0x2b0 [ 239.960716] __x64_sys_exit_group+0x47/0x50 [ 239.961183] do_syscall_64+0x3b/0x90 [ 239.961589] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 239.962154] RIP: 0033:0x7f4b87518a4d [ 239.962612] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 239.963288] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 239.964307] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 239.965293] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 239.966053] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 239.966845] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 239.967606] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 239.968374] [ 239.968625] irq event stamp: 0 [ 239.968959] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 239.969742] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 239.970944] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 239.971851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 239.972518] ---[ end trace 0000000000000000 ]--- [ 239.973621] ------------[ cut here ]------------ [ 239.974125] WARNING: CPU: 1 PID: 2278 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 239.975244] Modules linked in: [ 239.975586] CPU: 1 PID: 2278 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 239.976601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 239.978259] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 239.978863] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 239.980812] RSP: 0018:ffff88801704fb78 EFLAGS: 00010246 [ 239.981369] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 239.982108] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 239.983074] RBP: ffff88801704fb98 R08: ffffed100285323e R09: ffffed100285323e [ 239.984052] R10: ffff8880142991ef R11: ffffed100285323d R12: ffff888014299290 [ 239.984806] R13: ffff8880142990a8 R14: ffffffffffffffff R15: ffff88801704fc60 [ 239.985551] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 239.986403] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.987040] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 239.987803] PKRU: 55555554 [ 239.988106] Call Trace: [ 239.988382] [ 239.989121] iommufd_ioas_destroy+0x53/0x70 [ 239.989609] iommufd_fops_release+0x1f7/0x370 [ 239.990091] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.990690] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.991248] ? write_comp_data+0x2f/0x90 [ 239.991693] ? __pfx_iommufd_fops_release+0x10/0x10 [ 239.992228] __fput+0x26d/0xa40 [ 239.992597] ____fput+0x1e/0x30 [ 239.992958] task_work_run+0x1a4/0x2d0 [ 239.993386] ? __pfx_task_work_run+0x10/0x10 [ 239.993905] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 239.994958] ? switch_task_namespaces+0xa9/0xe0 [ 239.995495] do_exit+0xb17/0x2ef0 [ 239.995857] ? lock_acquire+0x427/0x4c0 [ 239.996279] ? __pfx_lock_release+0x10/0x10 [ 239.996735] ? __kasan_check_write+0x18/0x20 [ 239.997239] ? do_raw_spin_lock+0x132/0x2a0 [ 239.997693] ? __pfx_do_exit+0x10/0x10 [ 239.998111] ? debug_smp_processor_id+0x20/0x30 [ 239.998645] ? rcu_is_watching+0x19/0xb0 [ 239.999075] ? _raw_spin_unlock_irq+0x2b/0x60 [ 239.999580] ? trace_hardirqs_on+0x26/0x120 [ 240.000045] do_group_exit+0xe0/0x2b0 [ 240.000589] __x64_sys_exit_group+0x47/0x50 [ 240.001229] do_syscall_64+0x3b/0x90 [ 240.001786] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.002349] RIP: 0033:0x7f4b87518a4d [ 240.002799] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.003470] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.004277] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.005038] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.005803] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.006883] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.007653] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.008425] [ 240.008677] irq event stamp: 0 [ 240.009015] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.009687] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.010806] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.011714] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.012403] ---[ end trace 0000000000000000 ]--- [ 240.018615] ------------[ cut here ]------------ [ 240.019211] WARNING: CPU: 1 PID: 2279 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.020591] Modules linked in: [ 240.020936] CPU: 1 PID: 2279 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.021863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.023109] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.023667] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.026058] RSP: 0018:ffff888016037bb8 EFLAGS: 00010246 [ 240.026699] RAX: 0000000000000000 RBX: ffff888012caa8a8 RCX: 0000000000000000 [ 240.027485] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 240.028229] RBP: ffff888016037bd0 R08: ffffed1002595533 R09: ffffed1002595533 [ 240.028992] R10: ffff888012caa993 R11: ffffed1002595532 R12: ffff88801404c800 [ 240.029959] R13: ffff888012caa9e8 R14: ffffffff8352e670 R15: ffff888016037e68 [ 240.030983] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.031852] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.032481] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 240.033229] PKRU: 55555554 [ 240.033536] Call Trace: [ 240.033814] [ 240.034070] __iommufd_access_detach+0x1c2/0x2b0 [ 240.034686] iommufd_access_change_pt+0x149/0x270 [ 240.035435] iommufd_access_replace+0xb4/0x120 [ 240.036129] iommufd_test+0x3e5/0x37e0 [ 240.036544] ? lock_release+0x532/0x770 [ 240.036983] ? __might_fault+0x102/0x1b0 [ 240.037427] ? lock_acquire+0x427/0x4c0 [ 240.037861] ? __pfx_iommufd_test+0x10/0x10 [ 240.038319] ? __pfx_lock_release+0x10/0x10 [ 240.038847] ? __pfx_lock_acquire+0x10/0x10 [ 240.039340] ? write_comp_data+0x2f/0x90 [ 240.039785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.040311] ? write_comp_data+0x2f/0x90 [ 240.040760] iommufd_fops_ioctl+0x37d/0x510 [ 240.041374] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.042108] ? write_comp_data+0x2f/0x90 [ 240.042640] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.043178] __x64_sys_ioctl+0x1a3/0x230 [ 240.043621] do_syscall_64+0x3b/0x90 [ 240.044018] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.044572] RIP: 0033:0x7f4b8743ee5d [ 240.044969] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 240.047345] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 240.048158] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 240.048909] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 240.049659] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 240.050414] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 240.051277] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 240.052389] [ 240.052655] irq event stamp: 0 [ 240.052991] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.053662] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.054633] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.055567] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.056241] ---[ end trace 0000000000000000 ]--- [ 240.059652] ------------[ cut here ]------------ [ 240.060199] WARNING: CPU: 1 PID: 2279 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.061449] Modules linked in: [ 240.061926] CPU: 1 PID: 2279 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.062903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.064090] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.064619] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.066777] RSP: 0018:ffff888016037bd0 EFLAGS: 00010246 [ 240.067573] RAX: 0000000000000000 RBX: ffff888012caa8a8 RCX: 0000000000000000 [ 240.068338] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 240.069090] RBP: ffff888016037be8 R08: ffffed1002595533 R09: ffffed1002595533 [ 240.069852] R10: ffff888012caa993 R11: ffffed1002595532 R12: ffff88800f142c00 [ 240.070665] R13: ffff888012caa9e8 R14: ffff88800fd17a00 R15: 0000000000000000 [ 240.071445] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.072308] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.073143] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 240.074191] PKRU: 55555554 [ 240.074563] Call Trace: [ 240.074847] [ 240.075091] iommufd_access_destroy_object+0x65/0x170 [ 240.075655] iommufd_object_destroy_user+0x18e/0x220 [ 240.076198] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 240.076816] iommufd_access_destroy+0x43/0x70 [ 240.077307] iommufd_test_staccess_release+0x8d/0xd0 [ 240.077857] __fput+0x26d/0xa40 [ 240.078236] ____fput+0x1e/0x30 [ 240.078735] task_work_run+0x1a4/0x2d0 [ 240.079318] ? __pfx_task_work_run+0x10/0x10 [ 240.079793] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.080308] ? switch_task_namespaces+0xa9/0xe0 [ 240.080826] do_exit+0xb17/0x2ef0 [ 240.081197] ? lock_acquire+0x427/0x4c0 [ 240.081629] ? __pfx_lock_release+0x10/0x10 [ 240.082101] ? __kasan_check_write+0x18/0x20 [ 240.082615] ? do_raw_spin_lock+0x132/0x2a0 [ 240.083074] ? __pfx_do_exit+0x10/0x10 [ 240.083502] ? debug_smp_processor_id+0x20/0x30 [ 240.084003] ? rcu_is_watching+0x19/0xb0 [ 240.084573] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.085235] ? trace_hardirqs_on+0x26/0x120 [ 240.085878] do_group_exit+0xe0/0x2b0 [ 240.086294] __x64_sys_exit_group+0x47/0x50 [ 240.086788] do_syscall_64+0x3b/0x90 [ 240.087203] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.087759] RIP: 0033:0x7f4b87518a4d [ 240.088158] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.088799] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.089613] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.090487] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.091564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.092339] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.093099] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.093872] [ 240.094122] irq event stamp: 0 [ 240.094460] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.095181] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.096077] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.097211] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.098114] ---[ end trace 0000000000000000 ]--- [ 240.099093] ------------[ cut here ]------------ [ 240.099612] WARNING: CPU: 1 PID: 2279 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 240.100689] Modules linked in: [ 240.101035] CPU: 1 PID: 2279 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.102015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.103713] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 240.104264] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 240.106211] RSP: 0018:ffff888016037b78 EFLAGS: 00010246 [ 240.106853] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 240.107840] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 240.108920] RBP: ffff888016037b98 R08: ffffed100259553e R09: ffffed100259553e [ 240.109687] R10: ffff888012caa9ef R11: ffffed100259553d R12: ffff888012caaa90 [ 240.110445] R13: ffff888012caa8a8 R14: ffffffffffffffff R15: ffff888016037c60 [ 240.111239] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.112094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.112776] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 240.113783] PKRU: 55555554 [ 240.114086] Call Trace: [ 240.114362] [ 240.114636] iommufd_ioas_destroy+0x53/0x70 [ 240.115107] iommufd_fops_release+0x1f7/0x370 [ 240.115603] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.116143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.116675] ? write_comp_data+0x2f/0x90 [ 240.117228] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.117982] __fput+0x26d/0xa40 [ 240.118361] ____fput+0x1e/0x30 [ 240.118768] task_work_run+0x1a4/0x2d0 [ 240.119212] ? __pfx_task_work_run+0x10/0x10 [ 240.119704] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.120253] ? switch_task_namespaces+0xa9/0xe0 [ 240.120775] do_exit+0xb17/0x2ef0 [ 240.121154] ? lock_acquire+0x427/0x4c0 [ 240.121612] ? __pfx_lock_release+0x10/0x10 [ 240.122258] ? __kasan_check_write+0x18/0x20 [ 240.122932] ? do_raw_spin_lock+0x132/0x2a0 [ 240.123409] ? __pfx_do_exit+0x10/0x10 [ 240.123839] ? debug_smp_processor_id+0x20/0x30 [ 240.124337] ? rcu_is_watching+0x19/0xb0 [ 240.124768] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.125263] ? trace_hardirqs_on+0x26/0x120 [ 240.125729] do_group_exit+0xe0/0x2b0 [ 240.126166] __x64_sys_exit_group+0x47/0x50 [ 240.126821] do_syscall_64+0x3b/0x90 [ 240.127401] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.127964] RIP: 0033:0x7f4b87518a4d [ 240.128360] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.129004] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.129804] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.130672] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.131558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.132306] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.133076] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.133843] [ 240.134100] irq event stamp: 0 [ 240.134483] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.135485] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.136424] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.137321] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.138000] ---[ end trace 0000000000000000 ]--- [ 240.145102] ------------[ cut here ]------------ [ 240.145674] WARNING: CPU: 1 PID: 2280 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.147147] Modules linked in: [ 240.147497] CPU: 1 PID: 2280 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.148427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.149641] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.150196] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.152593] RSP: 0018:ffff88801704fbb8 EFLAGS: 00010246 [ 240.153169] RAX: 0000000000000000 RBX: ffff88800cb920a8 RCX: 0000000000000000 [ 240.153914] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 240.154690] RBP: ffff88801704fbd0 R08: ffffed1001972433 R09: ffffed1001972433 [ 240.155679] R10: ffff88800cb92193 R11: ffffed1001972432 R12: ffff888010e01000 [ 240.156585] R13: ffff88800cb921e8 R14: ffffffff8352e670 R15: ffff88801704fe68 [ 240.157329] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.158161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.158827] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 240.159758] PKRU: 55555554 [ 240.160155] Call Trace: [ 240.160555] [ 240.160801] __iommufd_access_detach+0x1c2/0x2b0 [ 240.161318] iommufd_access_change_pt+0x149/0x270 [ 240.161837] iommufd_access_replace+0xb4/0x120 [ 240.162333] iommufd_test+0x3e5/0x37e0 [ 240.162781] ? lock_release+0x532/0x770 [ 240.163234] ? __might_fault+0x102/0x1b0 [ 240.163740] ? lock_acquire+0x427/0x4c0 [ 240.164308] ? __pfx_iommufd_test+0x10/0x10 [ 240.164951] ? __pfx_lock_release+0x10/0x10 [ 240.165416] ? __pfx_lock_acquire+0x10/0x10 [ 240.165885] ? write_comp_data+0x2f/0x90 [ 240.166334] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.166889] ? write_comp_data+0x2f/0x90 [ 240.167342] iommufd_fops_ioctl+0x37d/0x510 [ 240.167814] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.168421] ? write_comp_data+0x2f/0x90 [ 240.169000] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.169686] __x64_sys_ioctl+0x1a3/0x230 [ 240.170135] do_syscall_64+0x3b/0x90 [ 240.170596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.171183] RIP: 0033:0x7f4b8743ee5d [ 240.171589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 240.173769] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 240.174807] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 240.175562] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 240.176306] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 240.177059] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 240.177802] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 240.178654] [ 240.178909] irq event stamp: 0 [ 240.179250] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.179916] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.180795] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.181661] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.182322] ---[ end trace 0000000000000000 ]--- [ 240.185776] ------------[ cut here ]------------ [ 240.186327] WARNING: CPU: 1 PID: 2280 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.187532] Modules linked in: [ 240.187873] CPU: 1 PID: 2280 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.188775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.189937] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.190457] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.192409] RSP: 0018:ffff88801704fbd0 EFLAGS: 00010246 [ 240.192970] RAX: 0000000000000000 RBX: ffff88800cb920a8 RCX: 0000000000000000 [ 240.193725] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 240.194464] RBP: ffff88801704fbe8 R08: ffffed1001972433 R09: ffffed1001972433 [ 240.195262] R10: ffff88800cb92193 R11: ffffed1001972432 R12: ffff88801404ec00 [ 240.196007] R13: ffff88800cb921e8 R14: ffff88802099cd00 R15: 0000000000000000 [ 240.196748] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.197592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.198203] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 240.198997] PKRU: 55555554 [ 240.199310] Call Trace: [ 240.199583] [ 240.199822] iommufd_access_destroy_object+0x65/0x170 [ 240.200380] iommufd_object_destroy_user+0x18e/0x220 [ 240.200917] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 240.201537] iommufd_access_destroy+0x43/0x70 [ 240.202024] iommufd_test_staccess_release+0x8d/0xd0 [ 240.202610] __fput+0x26d/0xa40 [ 240.202979] ____fput+0x1e/0x30 [ 240.203345] task_work_run+0x1a4/0x2d0 [ 240.203769] ? __pfx_task_work_run+0x10/0x10 [ 240.204235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.204764] ? switch_task_namespaces+0xa9/0xe0 [ 240.205266] do_exit+0xb17/0x2ef0 [ 240.205633] ? lock_acquire+0x427/0x4c0 [ 240.206063] ? __pfx_lock_release+0x10/0x10 [ 240.206567] ? __kasan_check_write+0x18/0x20 [ 240.207040] ? do_raw_spin_lock+0x132/0x2a0 [ 240.207504] ? __pfx_do_exit+0x10/0x10 [ 240.207919] ? debug_smp_processor_id+0x20/0x30 [ 240.208412] ? rcu_is_watching+0x19/0xb0 [ 240.208841] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.209323] ? trace_hardirqs_on+0x26/0x120 [ 240.209792] do_group_exit+0xe0/0x2b0 [ 240.210199] __x64_sys_exit_group+0x47/0x50 [ 240.210702] do_syscall_64+0x3b/0x90 [ 240.211108] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.211669] RIP: 0033:0x7f4b87518a4d [ 240.212054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.212702] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.213506] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.214248] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.215035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.215790] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.216526] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.217277] [ 240.217521] irq event stamp: 0 [ 240.217856] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.218591] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.219483] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.220345] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.221006] ---[ end trace 0000000000000000 ]--- [ 240.221902] ------------[ cut here ]------------ [ 240.222399] WARNING: CPU: 1 PID: 2280 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 240.223523] Modules linked in: [ 240.223872] CPU: 1 PID: 2280 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.224779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.225949] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 240.226493] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 240.228458] RSP: 0018:ffff88801704fb78 EFLAGS: 00010246 [ 240.229038] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 240.229792] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 240.230582] RBP: ffff88801704fb98 R08: ffffed100197243e R09: ffffed100197243e [ 240.231347] R10: ffff88800cb921ef R11: ffffed100197243d R12: ffff88800cb92290 [ 240.232094] R13: ffff88800cb920a8 R14: ffffffffffffffff R15: ffff88801704fc60 [ 240.232827] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.233675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.234273] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 240.235059] PKRU: 55555554 [ 240.235369] Call Trace: [ 240.235638] [ 240.235880] iommufd_ioas_destroy+0x53/0x70 [ 240.236345] iommufd_fops_release+0x1f7/0x370 [ 240.236838] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.237361] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.237878] ? write_comp_data+0x2f/0x90 [ 240.238312] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.238887] __fput+0x26d/0xa40 [ 240.239273] ____fput+0x1e/0x30 [ 240.239632] task_work_run+0x1a4/0x2d0 [ 240.240055] ? __pfx_task_work_run+0x10/0x10 [ 240.240527] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.241040] ? switch_task_namespaces+0xa9/0xe0 [ 240.241544] do_exit+0xb17/0x2ef0 [ 240.241911] ? lock_acquire+0x427/0x4c0 [ 240.242348] ? __pfx_lock_release+0x10/0x10 [ 240.242852] ? __kasan_check_write+0x18/0x20 [ 240.243344] ? do_raw_spin_lock+0x132/0x2a0 [ 240.243799] ? __pfx_do_exit+0x10/0x10 [ 240.244215] ? debug_smp_processor_id+0x20/0x30 [ 240.244700] ? rcu_is_watching+0x19/0xb0 [ 240.245132] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.245622] ? trace_hardirqs_on+0x26/0x120 [ 240.246078] do_group_exit+0xe0/0x2b0 [ 240.246477] __x64_sys_exit_group+0x47/0x50 [ 240.246972] do_syscall_64+0x3b/0x90 [ 240.247395] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.247945] RIP: 0033:0x7f4b87518a4d [ 240.248340] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.248984] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.249778] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.250569] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.251328] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.252068] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.252837] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.253590] [ 240.253836] irq event stamp: 0 [ 240.254163] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.254859] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.255736] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.256600] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.257253] ---[ end trace 0000000000000000 ]--- [ 240.262109] ------------[ cut here ]------------ [ 240.262957] WARNING: CPU: 1 PID: 2281 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.264026] Modules linked in: [ 240.264360] CPU: 1 PID: 2281 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.265258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.266422] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.266993] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.268904] RSP: 0018:ffff888015a5fbb8 EFLAGS: 00010246 [ 240.269468] RAX: 0000000000000000 RBX: ffff88800f3710a8 RCX: 0000000000000000 [ 240.270218] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 240.271013] RBP: ffff888015a5fbd0 R08: ffffed1001e6e233 R09: ffffed1001e6e233 [ 240.271789] R10: ffff88800f371193 R11: ffffed1001e6e232 R12: ffff88801890d400 [ 240.272549] R13: ffff88800f3711e8 R14: ffffffff8352e670 R15: ffff888015a5fe68 [ 240.273291] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.274125] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.274768] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 240.275522] PKRU: 55555554 [ 240.275821] Call Trace: [ 240.276088] [ 240.276326] __iommufd_access_detach+0x1c2/0x2b0 [ 240.276841] iommufd_access_change_pt+0x149/0x270 [ 240.277351] iommufd_access_replace+0xb4/0x120 [ 240.277833] iommufd_test+0x3e5/0x37e0 [ 240.278237] ? lock_release+0x532/0x770 [ 240.278706] ? __might_fault+0x102/0x1b0 [ 240.279153] ? lock_acquire+0x427/0x4c0 [ 240.279581] ? __pfx_iommufd_test+0x10/0x10 [ 240.280038] ? __pfx_lock_release+0x10/0x10 [ 240.280505] ? __pfx_lock_acquire+0x10/0x10 [ 240.280973] ? write_comp_data+0x2f/0x90 [ 240.281405] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.281909] ? write_comp_data+0x2f/0x90 [ 240.282346] iommufd_fops_ioctl+0x37d/0x510 [ 240.282833] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.283357] ? write_comp_data+0x2f/0x90 [ 240.283795] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.284320] __x64_sys_ioctl+0x1a3/0x230 [ 240.284764] do_syscall_64+0x3b/0x90 [ 240.285196] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.285767] RIP: 0033:0x7f4b8743ee5d [ 240.286162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 240.288119] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 240.288927] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 240.289668] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 240.290419] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 240.291207] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 240.291951] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 240.292701] [ 240.292947] irq event stamp: 0 [ 240.293270] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.293925] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.294844] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.295740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.296403] ---[ end trace 0000000000000000 ]--- [ 240.299696] ------------[ cut here ]------------ [ 240.300232] WARNING: CPU: 1 PID: 2281 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.301289] Modules linked in: [ 240.301629] CPU: 1 PID: 2281 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.302558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.303754] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.304274] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.306184] RSP: 0018:ffff888015a5fbd0 EFLAGS: 00010246 [ 240.306800] RAX: 0000000000000000 RBX: ffff88800f3710a8 RCX: 0000000000000000 [ 240.307572] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 240.308310] RBP: ffff888015a5fbe8 R08: ffffed1001e6e233 R09: ffffed1001e6e233 [ 240.309050] R10: ffff88800f371193 R11: ffffed1001e6e232 R12: ffff888010e01400 [ 240.309784] R13: ffff88800f3711e8 R14: ffff88801287ec00 R15: 0000000000000000 [ 240.310554] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.311412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.312021] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 240.312763] PKRU: 55555554 [ 240.313062] Call Trace: [ 240.313334] [ 240.313575] iommufd_access_destroy_object+0x65/0x170 [ 240.314117] iommufd_object_destroy_user+0x18e/0x220 [ 240.314701] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 240.315336] iommufd_access_destroy+0x43/0x70 [ 240.315817] iommufd_test_staccess_release+0x8d/0xd0 [ 240.316359] __fput+0x26d/0xa40 [ 240.316722] ____fput+0x1e/0x30 [ 240.317084] task_work_run+0x1a4/0x2d0 [ 240.317498] ? __pfx_task_work_run+0x10/0x10 [ 240.317962] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.318480] ? switch_task_namespaces+0xa9/0xe0 [ 240.319018] do_exit+0xb17/0x2ef0 [ 240.319414] ? lock_acquire+0x427/0x4c0 [ 240.319860] ? __pfx_lock_release+0x10/0x10 [ 240.320326] ? __kasan_check_write+0x18/0x20 [ 240.320792] ? do_raw_spin_lock+0x132/0x2a0 [ 240.321244] ? __pfx_do_exit+0x10/0x10 [ 240.321655] ? debug_smp_processor_id+0x20/0x30 [ 240.322148] ? rcu_is_watching+0x19/0xb0 [ 240.322611] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.323090] ? trace_hardirqs_on+0x26/0x120 [ 240.323572] do_group_exit+0xe0/0x2b0 [ 240.323989] __x64_sys_exit_group+0x47/0x50 [ 240.324457] do_syscall_64+0x3b/0x90 [ 240.324861] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.325403] RIP: 0033:0x7f4b87518a4d [ 240.325796] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.326439] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.327294] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.328034] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.328776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.329512] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.330375] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.331406] [ 240.331663] irq event stamp: 0 [ 240.332009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.332679] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.333565] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.334436] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.335250] ---[ end trace 0000000000000000 ]--- [ 240.336418] ------------[ cut here ]------------ [ 240.336923] WARNING: CPU: 1 PID: 2281 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 240.337993] Modules linked in: [ 240.338336] CPU: 1 PID: 2281 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.339347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.340532] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 240.341086] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 240.343535] RSP: 0018:ffff888015a5fb78 EFLAGS: 00010246 [ 240.344107] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 240.344842] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 240.345574] RBP: ffff888015a5fb98 R08: ffffed1001e6e23e R09: ffffed1001e6e23e [ 240.346320] R10: ffff88800f3711ef R11: ffffed1001e6e23d R12: ffff88800f371290 [ 240.347198] R13: ffff88800f3710a8 R14: ffffffffffffffff R15: ffff888015a5fc60 [ 240.348207] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 240.349053] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.349658] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 240.350397] PKRU: 55555554 [ 240.350739] Call Trace: [ 240.351005] [ 240.351262] iommufd_ioas_destroy+0x53/0x70 [ 240.351740] iommufd_fops_release+0x1f7/0x370 [ 240.352238] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.352780] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.353448] ? write_comp_data+0x2f/0x90 [ 240.354065] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.354642] __fput+0x26d/0xa40 [ 240.355009] ____fput+0x1e/0x30 [ 240.355389] task_work_run+0x1a4/0x2d0 [ 240.355813] ? __pfx_task_work_run+0x10/0x10 [ 240.356284] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.356795] ? switch_task_namespaces+0xa9/0xe0 [ 240.357296] do_exit+0xb17/0x2ef0 [ 240.357662] ? lock_acquire+0x427/0x4c0 [ 240.358097] ? __pfx_lock_release+0x10/0x10 [ 240.358705] ? __kasan_check_write+0x18/0x20 [ 240.359427] ? do_raw_spin_lock+0x132/0x2a0 [ 240.359935] ? __pfx_do_exit+0x10/0x10 [ 240.360367] ? debug_smp_processor_id+0x20/0x30 [ 240.360855] ? rcu_is_watching+0x19/0xb0 [ 240.361279] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.361748] ? trace_hardirqs_on+0x26/0x120 [ 240.362201] do_group_exit+0xe0/0x2b0 [ 240.362681] __x64_sys_exit_group+0x47/0x50 [ 240.363152] do_syscall_64+0x3b/0x90 [ 240.363591] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.364164] RIP: 0033:0x7f4b87518a4d [ 240.364571] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.365366] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.366485] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.367277] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.368033] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.368779] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.369524] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.370281] [ 240.370576] irq event stamp: 0 [ 240.371022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.372016] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.372888] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.373758] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.374414] ---[ end trace 0000000000000000 ]--- [ 240.386053] ------------[ cut here ]------------ [ 240.386856] WARNING: CPU: 0 PID: 2282 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.388616] Modules linked in: [ 240.389092] CPU: 0 PID: 2282 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.390642] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.392251] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.393136] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.395721] RSP: 0018:ffff8880121cfbb8 EFLAGS: 00010246 [ 240.396458] RAX: 0000000000000000 RBX: ffff888021a6d8a8 RCX: 0000000000000000 [ 240.397401] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 240.398358] RBP: ffff8880121cfbd0 R08: ffffed100434db33 R09: ffffed100434db33 [ 240.399382] R10: ffff888021a6d993 R11: ffffed100434db32 R12: ffff88800fcb3000 [ 240.400338] R13: ffff888021a6d9e8 R14: ffffffff8352e670 R15: ffff8880121cfe68 [ 240.401283] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.402361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.403229] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 240.404200] PKRU: 55555554 [ 240.404588] Call Trace: [ 240.404933] [ 240.405245] __iommufd_access_detach+0x1c2/0x2b0 [ 240.405915] iommufd_access_change_pt+0x149/0x270 [ 240.406623] iommufd_access_replace+0xb4/0x120 [ 240.407276] iommufd_test+0x3e5/0x37e0 [ 240.407803] ? lock_release+0x532/0x770 [ 240.408353] ? __might_fault+0x102/0x1b0 [ 240.408914] ? lock_acquire+0x427/0x4c0 [ 240.409461] ? __pfx_iommufd_test+0x10/0x10 [ 240.410039] ? __pfx_lock_release+0x10/0x10 [ 240.410680] ? __pfx_lock_acquire+0x10/0x10 [ 240.411305] ? write_comp_data+0x2f/0x90 [ 240.411880] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.412569] ? write_comp_data+0x2f/0x90 [ 240.413164] iommufd_fops_ioctl+0x37d/0x510 [ 240.413789] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.414480] ? write_comp_data+0x2f/0x90 [ 240.415172] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.415851] __x64_sys_ioctl+0x1a3/0x230 [ 240.416438] do_syscall_64+0x3b/0x90 [ 240.416986] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.417724] RIP: 0033:0x7f4b8743ee5d [ 240.418249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 240.420784] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 240.421818] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 240.422857] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 240.423858] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 240.424823] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 240.425772] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 240.426791] [ 240.427148] irq event stamp: 0 [ 240.427571] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.428429] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.429545] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.430759] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.431663] ---[ end trace 0000000000000000 ]--- [ 240.437871] ------------[ cut here ]------------ [ 240.438610] WARNING: CPU: 0 PID: 2282 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.439976] Modules linked in: [ 240.440427] CPU: 0 PID: 2282 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.441930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.443558] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.444247] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.447031] RSP: 0018:ffff8880121cfbd0 EFLAGS: 00010246 [ 240.447776] RAX: 0000000000000000 RBX: ffff888021a6d8a8 RCX: 0000000000000000 [ 240.448697] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 240.449936] RBP: ffff8880121cfbe8 R08: ffffed100434db33 R09: ffffed100434db33 [ 240.450979] R10: ffff888021a6d993 R11: ffffed100434db32 R12: ffff88800a725c00 [ 240.451917] R13: ffff888021a6d9e8 R14: ffff888020940100 R15: 0000000000000000 [ 240.452870] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.454280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.455150] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 240.456120] PKRU: 55555554 [ 240.456506] Call Trace: [ 240.456855] [ 240.457166] iommufd_access_destroy_object+0x65/0x170 [ 240.458221] iommufd_object_destroy_user+0x18e/0x220 [ 240.458975] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 240.459776] iommufd_access_destroy+0x43/0x70 [ 240.460398] iommufd_test_staccess_release+0x8d/0xd0 [ 240.461090] __fput+0x26d/0xa40 [ 240.461561] ____fput+0x1e/0x30 [ 240.462070] task_work_run+0x1a4/0x2d0 [ 240.462948] ? __pfx_task_work_run+0x10/0x10 [ 240.463638] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.464315] ? switch_task_namespaces+0xa9/0xe0 [ 240.464962] do_exit+0xb17/0x2ef0 [ 240.465434] ? lock_acquire+0x427/0x4c0 [ 240.465989] ? __pfx_lock_release+0x10/0x10 [ 240.466977] ? __kasan_check_write+0x18/0x20 [ 240.467612] ? do_raw_spin_lock+0x132/0x2a0 [ 240.468203] ? __pfx_do_exit+0x10/0x10 [ 240.468741] ? debug_smp_processor_id+0x20/0x30 [ 240.469373] ? rcu_is_watching+0x19/0xb0 [ 240.469924] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.470717] ? trace_hardirqs_on+0x26/0x120 [ 240.471481] do_group_exit+0xe0/0x2b0 [ 240.472011] __x64_sys_exit_group+0x47/0x50 [ 240.472590] do_syscall_64+0x3b/0x90 [ 240.473105] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.473809] RIP: 0033:0x7f4b87518a4d [ 240.474312] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.475558] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.476580] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.477536] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.478485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.479561] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.480802] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.481768] [ 240.482089] irq event stamp: 0 [ 240.482574] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.483471] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.484924] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.486033] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.486929] ---[ end trace 0000000000000000 ]--- [ 240.488491] ------------[ cut here ]------------ [ 240.489122] WARNING: CPU: 0 PID: 2282 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 240.490474] Modules linked in: [ 240.490980] CPU: 0 PID: 2282 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.492513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.494032] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 240.494797] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 240.497567] RSP: 0018:ffff8880121cfb78 EFLAGS: 00010246 [ 240.498290] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 240.499321] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 240.500388] RBP: ffff8880121cfb98 R08: ffffed100434db3e R09: ffffed100434db3e [ 240.501548] R10: ffff888021a6d9ef R11: ffffed100434db3d R12: ffff888021a6da90 [ 240.502501] R13: ffff888021a6d8a8 R14: ffffffffffffffff R15: ffff8880121cfc60 [ 240.503564] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.504965] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.505769] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 240.506810] PKRU: 55555554 [ 240.507226] Call Trace: [ 240.507587] [ 240.507907] iommufd_ioas_destroy+0x53/0x70 [ 240.508853] iommufd_fops_release+0x1f7/0x370 [ 240.509502] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.510195] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.510937] ? write_comp_data+0x2f/0x90 [ 240.511545] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.512243] __fput+0x26d/0xa40 [ 240.512841] ____fput+0x1e/0x30 [ 240.513505] task_work_run+0x1a4/0x2d0 [ 240.514067] ? __pfx_task_work_run+0x10/0x10 [ 240.514750] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.515460] ? switch_task_namespaces+0xa9/0xe0 [ 240.516120] do_exit+0xb17/0x2ef0 [ 240.516607] ? lock_acquire+0x427/0x4c0 [ 240.517506] ? __pfx_lock_release+0x10/0x10 [ 240.518129] ? __kasan_check_write+0x18/0x20 [ 240.518811] ? do_raw_spin_lock+0x132/0x2a0 [ 240.519452] ? __pfx_do_exit+0x10/0x10 [ 240.520016] ? debug_smp_processor_id+0x20/0x30 [ 240.520667] ? rcu_is_watching+0x19/0xb0 [ 240.521317] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.522185] ? trace_hardirqs_on+0x26/0x120 [ 240.522875] do_group_exit+0xe0/0x2b0 [ 240.523440] __x64_sys_exit_group+0x47/0x50 [ 240.524038] do_syscall_64+0x3b/0x90 [ 240.524576] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.525355] RIP: 0033:0x7f4b87518a4d [ 240.526106] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.526993] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.528069] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.529053] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.530375] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.531477] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.532468] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.533465] [ 240.533897] irq event stamp: 0 [ 240.534647] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.535517] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.536666] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.537863] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.539060] ---[ end trace 0000000000000000 ]--- [ 240.547527] ------------[ cut here ]------------ [ 240.548281] WARNING: CPU: 0 PID: 2283 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.550009] Modules linked in: [ 240.550466] CPU: 0 PID: 2283 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.551841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.553582] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.554266] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.556839] RSP: 0018:ffff888018ae7bb8 EFLAGS: 00010246 [ 240.557590] RAX: 0000000000000000 RBX: ffff88801438b0a8 RCX: 0000000000000000 [ 240.558619] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 240.559634] RBP: ffff888018ae7bd0 R08: ffffed1002871633 R09: ffffed1002871633 [ 240.560623] R10: ffff88801438b193 R11: ffffed1002871632 R12: ffff888013642c00 [ 240.561601] R13: ffff88801438b1e8 R14: ffffffff8352e670 R15: ffff888018ae7e68 [ 240.562646] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.563794] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.564595] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 240.565574] PKRU: 55555554 [ 240.565971] Call Trace: [ 240.566331] [ 240.566728] __iommufd_access_detach+0x1c2/0x2b0 [ 240.567433] iommufd_access_change_pt+0x149/0x270 [ 240.568123] iommufd_access_replace+0xb4/0x120 [ 240.568778] iommufd_test+0x3e5/0x37e0 [ 240.569320] ? lock_release+0x532/0x770 [ 240.569892] ? __might_fault+0x102/0x1b0 [ 240.570474] ? lock_acquire+0x427/0x4c0 [ 240.571156] ? __pfx_iommufd_test+0x10/0x10 [ 240.571761] ? __pfx_lock_release+0x10/0x10 [ 240.572371] ? __pfx_lock_acquire+0x10/0x10 [ 240.572990] ? write_comp_data+0x2f/0x90 [ 240.573579] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.574263] ? write_comp_data+0x2f/0x90 [ 240.574912] iommufd_fops_ioctl+0x37d/0x510 [ 240.575550] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.576242] ? write_comp_data+0x2f/0x90 [ 240.576837] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.577516] __x64_sys_ioctl+0x1a3/0x230 [ 240.578109] do_syscall_64+0x3b/0x90 [ 240.578715] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.579496] RIP: 0033:0x7f4b8743ee5d [ 240.580018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 240.582485] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 240.583609] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 240.584595] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 240.585581] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 240.586636] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 240.587644] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 240.588640] [ 240.588971] irq event stamp: 0 [ 240.589412] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.590278] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.591487] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.592655] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.593528] ---[ end trace 0000000000000000 ]--- [ 240.599489] ------------[ cut here ]------------ [ 240.600548] WARNING: CPU: 0 PID: 2283 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.601939] Modules linked in: [ 240.602395] CPU: 0 PID: 2283 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.603815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.605526] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.606222] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.609162] RSP: 0018:ffff888018ae7bd0 EFLAGS: 00010246 [ 240.609910] RAX: 0000000000000000 RBX: ffff88801438b0a8 RCX: 0000000000000000 [ 240.610951] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 240.611950] RBP: ffff888018ae7be8 R08: ffffed1002871633 R09: ffffed1002871633 [ 240.613277] R10: ffff88801438b193 R11: ffffed1002871632 R12: ffff88800fcb0400 [ 240.614267] R13: ffff88801438b1e8 R14: ffff88801235bd00 R15: 0000000000000000 [ 240.615324] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.616555] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.617534] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 240.618569] PKRU: 55555554 [ 240.618969] Call Trace: [ 240.619355] [ 240.619675] iommufd_access_destroy_object+0x65/0x170 [ 240.620541] iommufd_object_destroy_user+0x18e/0x220 [ 240.621419] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 240.622238] iommufd_access_destroy+0x43/0x70 [ 240.622949] iommufd_test_staccess_release+0x8d/0xd0 [ 240.623690] __fput+0x26d/0xa40 [ 240.624168] ____fput+0x1e/0x30 [ 240.624957] task_work_run+0x1a4/0x2d0 [ 240.625525] ? __pfx_task_work_run+0x10/0x10 [ 240.626145] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.626889] ? switch_task_namespaces+0xa9/0xe0 [ 240.627566] do_exit+0xb17/0x2ef0 [ 240.628043] ? lock_acquire+0x427/0x4c0 [ 240.628704] ? __pfx_lock_release+0x10/0x10 [ 240.629533] ? __kasan_check_write+0x18/0x20 [ 240.630164] ? do_raw_spin_lock+0x132/0x2a0 [ 240.630830] ? __pfx_do_exit+0x10/0x10 [ 240.631426] ? debug_smp_processor_id+0x20/0x30 [ 240.632081] ? rcu_is_watching+0x19/0xb0 [ 240.632776] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.633611] ? trace_hardirqs_on+0x26/0x120 [ 240.634231] do_group_exit+0xe0/0x2b0 [ 240.634838] __x64_sys_exit_group+0x47/0x50 [ 240.635451] do_syscall_64+0x3b/0x90 [ 240.635991] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.636751] RIP: 0033:0x7f4b87518a4d [ 240.637541] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.638393] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.639528] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.640507] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.641873] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.642927] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.643939] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.644929] [ 240.645296] irq event stamp: 0 [ 240.646024] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.646958] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.648127] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.649264] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.650452] ---[ end trace 0000000000000000 ]--- [ 240.651877] ------------[ cut here ]------------ [ 240.652529] WARNING: CPU: 0 PID: 2283 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 240.654238] Modules linked in: [ 240.654756] CPU: 0 PID: 2283 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.655934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.657405] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 240.658421] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 240.660971] RSP: 0018:ffff888018ae7b78 EFLAGS: 00010246 [ 240.661748] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 240.663055] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 240.664059] RBP: ffff888018ae7b98 R08: ffffed100287163e R09: ffffed100287163e [ 240.665026] R10: ffff88801438b1ef R11: ffffed100287163d R12: ffff88801438b290 [ 240.666050] R13: ffff88801438b0a8 R14: ffffffffffffffff R15: ffff888018ae7c60 [ 240.667345] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.668420] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.669209] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 240.670298] PKRU: 55555554 [ 240.670943] Call Trace: [ 240.671326] [ 240.671647] iommufd_ioas_destroy+0x53/0x70 [ 240.672258] iommufd_fops_release+0x1f7/0x370 [ 240.672886] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.673556] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.674600] ? write_comp_data+0x2f/0x90 [ 240.675202] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.675902] __fput+0x26d/0xa40 [ 240.676384] ____fput+0x1e/0x30 [ 240.676858] task_work_run+0x1a4/0x2d0 [ 240.677405] ? __pfx_task_work_run+0x10/0x10 [ 240.678004] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.679032] ? switch_task_namespaces+0xa9/0xe0 [ 240.679725] do_exit+0xb17/0x2ef0 [ 240.680198] ? lock_acquire+0x427/0x4c0 [ 240.680744] ? __pfx_lock_release+0x10/0x10 [ 240.681325] ? __kasan_check_write+0x18/0x20 [ 240.681923] ? do_raw_spin_lock+0x132/0x2a0 [ 240.682647] ? __pfx_do_exit+0x10/0x10 [ 240.683433] ? debug_smp_processor_id+0x20/0x30 [ 240.684078] ? rcu_is_watching+0x19/0xb0 [ 240.684637] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.685268] ? trace_hardirqs_on+0x26/0x120 [ 240.685874] do_group_exit+0xe0/0x2b0 [ 240.686395] __x64_sys_exit_group+0x47/0x50 [ 240.687038] do_syscall_64+0x3b/0x90 [ 240.687605] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.688330] RIP: 0033:0x7f4b87518a4d [ 240.688859] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.689693] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.690766] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.691755] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.692731] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.693687] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.694721] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.695749] [ 240.696081] irq event stamp: 0 [ 240.696508] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.697348] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.698456] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.699684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.700542] ---[ end trace 0000000000000000 ]--- [ 240.708566] ------------[ cut here ]------------ [ 240.709258] WARNING: CPU: 0 PID: 2284 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.711098] Modules linked in: [ 240.711585] CPU: 0 PID: 2284 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.712782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.714316] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.715082] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.717567] RSP: 0018:ffff888015defbb8 EFLAGS: 00010246 [ 240.718304] RAX: 0000000000000000 RBX: ffff8880128d30a8 RCX: 0000000000000000 [ 240.719347] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 240.720333] RBP: ffff888015defbd0 R08: ffffed100251a633 R09: ffffed100251a633 [ 240.721327] R10: ffff8880128d3193 R11: ffffed100251a632 R12: ffff888010e01800 [ 240.722299] R13: ffff8880128d31e8 R14: ffffffff8352e670 R15: ffff888015defe68 [ 240.723359] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.724432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.725201] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 240.726149] PKRU: 55555554 [ 240.726585] Call Trace: [ 240.726949] [ 240.727288] __iommufd_access_detach+0x1c2/0x2b0 [ 240.727952] iommufd_access_change_pt+0x149/0x270 [ 240.728613] iommufd_access_replace+0xb4/0x120 [ 240.729251] iommufd_test+0x3e5/0x37e0 [ 240.729780] ? lock_release+0x532/0x770 [ 240.730344] ? __might_fault+0x102/0x1b0 [ 240.731015] ? lock_acquire+0x427/0x4c0 [ 240.731616] ? __pfx_iommufd_test+0x10/0x10 [ 240.732217] ? __pfx_lock_release+0x10/0x10 [ 240.732808] ? __pfx_lock_acquire+0x10/0x10 [ 240.733408] ? write_comp_data+0x2f/0x90 [ 240.733987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.734723] ? write_comp_data+0x2f/0x90 [ 240.735319] iommufd_fops_ioctl+0x37d/0x510 [ 240.735925] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.736609] ? write_comp_data+0x2f/0x90 [ 240.737187] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.737858] __x64_sys_ioctl+0x1a3/0x230 [ 240.738439] do_syscall_64+0x3b/0x90 [ 240.739047] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.739800] RIP: 0033:0x7f4b8743ee5d [ 240.740307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 240.742769] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 240.743820] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 240.744787] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 240.745733] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 240.746736] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 240.747730] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 240.748720] [ 240.749038] irq event stamp: 0 [ 240.749464] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.750299] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.751498] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.752640] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.753493] ---[ end trace 0000000000000000 ]--- [ 240.758772] ------------[ cut here ]------------ [ 240.759492] WARNING: CPU: 0 PID: 2284 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.760873] Modules linked in: [ 240.761318] CPU: 0 PID: 2284 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.762578] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.764134] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.764824] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.767349] RSP: 0018:ffff888015defbd0 EFLAGS: 00010246 [ 240.768092] RAX: 0000000000000000 RBX: ffff8880128d30a8 RCX: 0000000000000000 [ 240.769069] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 240.770038] RBP: ffff888015defbe8 R08: ffffed100251a633 R09: ffffed100251a633 [ 240.771055] R10: ffff8880128d3193 R11: ffffed100251a632 R12: ffff888013642000 [ 240.772053] R13: ffff8880128d31e8 R14: ffff888020f65f00 R15: 0000000000000000 [ 240.773033] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.774129] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.774975] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 240.775973] PKRU: 55555554 [ 240.776371] Call Trace: [ 240.776733] [ 240.777053] iommufd_access_destroy_object+0x65/0x170 [ 240.777783] iommufd_object_destroy_user+0x18e/0x220 [ 240.778613] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 240.779467] iommufd_access_destroy+0x43/0x70 [ 240.780115] iommufd_test_staccess_release+0x8d/0xd0 [ 240.780837] __fput+0x26d/0xa40 [ 240.781326] ____fput+0x1e/0x30 [ 240.781805] task_work_run+0x1a4/0x2d0 [ 240.782363] ? __pfx_task_work_run+0x10/0x10 [ 240.783035] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.783746] ? switch_task_namespaces+0xa9/0xe0 [ 240.784413] do_exit+0xb17/0x2ef0 [ 240.784900] ? lock_acquire+0x427/0x4c0 [ 240.785468] ? __pfx_lock_release+0x10/0x10 [ 240.786059] ? __kasan_check_write+0x18/0x20 [ 240.786712] ? do_raw_spin_lock+0x132/0x2a0 [ 240.787335] ? __pfx_do_exit+0x10/0x10 [ 240.787894] ? debug_smp_processor_id+0x20/0x30 [ 240.788548] ? rcu_is_watching+0x19/0xb0 [ 240.789115] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.789755] ? trace_hardirqs_on+0x26/0x120 [ 240.790366] do_group_exit+0xe0/0x2b0 [ 240.790979] __x64_sys_exit_group+0x47/0x50 [ 240.791610] do_syscall_64+0x3b/0x90 [ 240.792156] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.792905] RIP: 0033:0x7f4b87518a4d [ 240.793441] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.794297] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.795501] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.796537] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.797560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.798690] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.799737] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.800734] [ 240.801078] irq event stamp: 0 [ 240.801516] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.802383] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.803652] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.804799] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.805672] ---[ end trace 0000000000000000 ]--- [ 240.807252] ------------[ cut here ]------------ [ 240.807922] WARNING: CPU: 0 PID: 2284 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 240.809281] Modules linked in: [ 240.809730] CPU: 0 PID: 2284 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.811005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.812590] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 240.813307] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 240.815858] RSP: 0018:ffff888015defb78 EFLAGS: 00010246 [ 240.816605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 240.817566] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 240.818612] RBP: ffff888015defb98 R08: ffffed100251a63e R09: ffffed100251a63e [ 240.819644] R10: ffff8880128d31ef R11: ffffed100251a63d R12: ffff8880128d3290 [ 240.820620] R13: ffff8880128d30a8 R14: ffffffffffffffff R15: ffff888015defc60 [ 240.821604] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.822741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.823576] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 240.824535] PKRU: 55555554 [ 240.824920] Call Trace: [ 240.825265] [ 240.825581] iommufd_ioas_destroy+0x53/0x70 [ 240.826181] iommufd_fops_release+0x1f7/0x370 [ 240.826841] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.827569] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.828253] ? write_comp_data+0x2f/0x90 [ 240.828827] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.829511] __fput+0x26d/0xa40 [ 240.829993] ____fput+0x1e/0x30 [ 240.830465] task_work_run+0x1a4/0x2d0 [ 240.831087] ? __pfx_task_work_run+0x10/0x10 [ 240.831763] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.832453] ? switch_task_namespaces+0xa9/0xe0 [ 240.833117] do_exit+0xb17/0x2ef0 [ 240.833603] ? lock_acquire+0x427/0x4c0 [ 240.834159] ? __pfx_lock_release+0x10/0x10 [ 240.834799] ? __kasan_check_write+0x18/0x20 [ 240.835459] ? do_raw_spin_lock+0x132/0x2a0 [ 240.836053] ? __pfx_do_exit+0x10/0x10 [ 240.836605] ? debug_smp_processor_id+0x20/0x30 [ 240.837262] ? rcu_is_watching+0x19/0xb0 [ 240.837787] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.838382] ? trace_hardirqs_on+0x26/0x120 [ 240.839031] do_group_exit+0xe0/0x2b0 [ 240.839583] __x64_sys_exit_group+0x47/0x50 [ 240.840158] do_syscall_64+0x3b/0x90 [ 240.840668] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.841359] RIP: 0033:0x7f4b87518a4d [ 240.841851] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.842699] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.843708] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.844638] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.845621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.846940] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.847896] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.848838] [ 240.849153] irq event stamp: 0 [ 240.849573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.850760] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.851878] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.852957] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.853774] ---[ end trace 0000000000000000 ]--- [ 240.865216] ------------[ cut here ]------------ [ 240.865882] WARNING: CPU: 0 PID: 2285 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.867545] Modules linked in: [ 240.867981] CPU: 0 PID: 2285 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.869123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.870632] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.871316] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.873664] RSP: 0018:ffff88801877fbb8 EFLAGS: 00010246 [ 240.874377] RAX: 0000000000000000 RBX: ffff88800f3730a8 RCX: 0000000000000000 [ 240.875411] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 240.876368] RBP: ffff88801877fbd0 R08: ffffed1001e6e633 R09: ffffed1001e6e633 [ 240.877324] R10: ffff88800f373193 R11: ffffed1001e6e632 R12: ffff8880121c6000 [ 240.878266] R13: ffff88800f3731e8 R14: ffffffff8352e670 R15: ffff88801877fe68 [ 240.879292] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.880358] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.881132] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 240.882075] PKRU: 55555554 [ 240.882455] Call Trace: [ 240.882851] [ 240.883186] __iommufd_access_detach+0x1c2/0x2b0 [ 240.883854] iommufd_access_change_pt+0x149/0x270 [ 240.884515] iommufd_access_replace+0xb4/0x120 [ 240.885145] iommufd_test+0x3e5/0x37e0 [ 240.885666] ? lock_release+0x532/0x770 [ 240.886214] ? __might_fault+0x102/0x1b0 [ 240.886819] ? lock_acquire+0x427/0x4c0 [ 240.887394] ? __pfx_iommufd_test+0x10/0x10 [ 240.887971] ? __pfx_lock_release+0x10/0x10 [ 240.888564] ? __pfx_lock_acquire+0x10/0x10 [ 240.889163] ? write_comp_data+0x2f/0x90 [ 240.889726] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.890391] ? write_comp_data+0x2f/0x90 [ 240.891008] iommufd_fops_ioctl+0x37d/0x510 [ 240.891614] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.892281] ? write_comp_data+0x2f/0x90 [ 240.892846] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 240.893463] __x64_sys_ioctl+0x1a3/0x230 [ 240.894035] do_syscall_64+0x3b/0x90 [ 240.894596] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.895354] RIP: 0033:0x7f4b8743ee5d [ 240.895875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 240.898265] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 240.899348] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 240.900302] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 240.901247] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 240.902188] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 240.903182] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 240.904151] [ 240.904478] irq event stamp: 0 [ 240.904898] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.905732] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.906878] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.908021] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.908856] ---[ end trace 0000000000000000 ]--- [ 240.914258] ------------[ cut here ]------------ [ 240.915271] WARNING: CPU: 0 PID: 2285 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 240.916686] Modules linked in: [ 240.917150] CPU: 0 PID: 2285 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.918339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.920259] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 240.920975] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 240.923833] RSP: 0018:ffff88801877fbd0 EFLAGS: 00010246 [ 240.924580] RAX: 0000000000000000 RBX: ffff88800f3730a8 RCX: 0000000000000000 [ 240.925556] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 240.926583] RBP: ffff88801877fbe8 R08: ffffed1001e6e633 R09: ffffed1001e6e633 [ 240.927725] R10: ffff88800f373193 R11: ffffed1001e6e632 R12: ffff888010e03800 [ 240.928920] R13: ffff88800f3731e8 R14: ffff888014b90c00 R15: 0000000000000000 [ 240.929918] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.931064] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.932036] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 240.933186] PKRU: 55555554 [ 240.933606] Call Trace: [ 240.933967] [ 240.934285] iommufd_access_destroy_object+0x65/0x170 [ 240.935068] iommufd_object_destroy_user+0x18e/0x220 [ 240.935814] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 240.937064] iommufd_access_destroy+0x43/0x70 [ 240.937707] iommufd_test_staccess_release+0x8d/0xd0 [ 240.938401] __fput+0x26d/0xa40 [ 240.938964] ____fput+0x1e/0x30 [ 240.939462] task_work_run+0x1a4/0x2d0 [ 240.940014] ? __pfx_task_work_run+0x10/0x10 [ 240.940664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.941612] ? switch_task_namespaces+0xa9/0xe0 [ 240.942279] do_exit+0xb17/0x2ef0 [ 240.942825] ? lock_acquire+0x427/0x4c0 [ 240.943434] ? __pfx_lock_release+0x10/0x10 [ 240.944056] ? __kasan_check_write+0x18/0x20 [ 240.944669] ? do_raw_spin_lock+0x132/0x2a0 [ 240.945366] ? __pfx_do_exit+0x10/0x10 [ 240.946094] ? debug_smp_processor_id+0x20/0x30 [ 240.946788] ? rcu_is_watching+0x19/0xb0 [ 240.947377] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.947991] ? trace_hardirqs_on+0x26/0x120 [ 240.948577] do_group_exit+0xe0/0x2b0 [ 240.949095] __x64_sys_exit_group+0x47/0x50 [ 240.949967] do_syscall_64+0x3b/0x90 [ 240.950493] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 240.951260] RIP: 0033:0x7f4b87518a4d [ 240.951766] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 240.952577] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.953607] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 240.954867] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 240.955835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 240.956791] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 240.957854] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 240.959089] [ 240.959484] irq event stamp: 0 [ 240.959918] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 240.960767] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 240.962174] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 240.963333] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 240.964186] ---[ end trace 0000000000000000 ]--- [ 240.967179] ------------[ cut here ]------------ [ 240.967836] WARNING: CPU: 0 PID: 2285 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 240.969234] Modules linked in: [ 240.969908] CPU: 0 PID: 2285 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 240.971145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 240.972665] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 240.973669] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 240.976114] RSP: 0018:ffff88801877fb78 EFLAGS: 00010246 [ 240.976841] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 240.978082] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 240.979077] RBP: ffff88801877fb98 R08: ffffed1001e6e63e R09: ffffed1001e6e63e [ 240.980064] R10: ffff88800f3731ef R11: ffffed1001e6e63d R12: ffff88800f373290 [ 240.981322] R13: ffff88800f3730a8 R14: ffffffffffffffff R15: ffff88801877fc60 [ 240.982257] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 240.983354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 240.984111] CR2: 00007f82e2b87000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 240.985355] PKRU: 55555554 [ 240.985734] Call Trace: [ 240.986073] [ 240.986377] iommufd_ioas_destroy+0x53/0x70 [ 240.987011] iommufd_fops_release+0x1f7/0x370 [ 240.987639] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.988349] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.989226] ? write_comp_data+0x2f/0x90 [ 240.989794] ? __pfx_iommufd_fops_release+0x10/0x10 [ 240.990462] __fput+0x26d/0xa40 [ 240.990977] ____fput+0x1e/0x30 [ 240.991451] task_work_run+0x1a4/0x2d0 [ 240.992018] ? __pfx_task_work_run+0x10/0x10 [ 240.992896] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 240.993586] ? switch_task_namespaces+0xa9/0xe0 [ 240.994236] do_exit+0xb17/0x2ef0 [ 240.994742] ? lock_acquire+0x427/0x4c0 [ 240.995305] ? __pfx_lock_release+0x10/0x10 [ 240.995978] ? __kasan_check_write+0x18/0x20 [ 240.996755] ? do_raw_spin_lock+0x132/0x2a0 [ 240.997336] ? __pfx_do_exit+0x10/0x10 [ 240.997872] ? debug_smp_processor_id+0x20/0x30 [ 240.998497] ? rcu_is_watching+0x19/0xb0 [ 240.999090] ? _raw_spin_unlock_irq+0x2b/0x60 [ 240.999806] ? trace_hardirqs_on+0x26/0x120 [ 241.000587] do_group_exit+0xe0/0x2b0 [ 241.001106] __x64_sys_exit_group+0x47/0x50 [ 241.001672] do_syscall_64+0x3b/0x90 [ 241.002181] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.002914] RIP: 0033:0x7f4b87518a4d [ 241.003499] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.004561] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.005581] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.006572] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.007886] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.008855] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.009819] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.010868] [ 241.011218] irq event stamp: 0 [ 241.011659] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.012518] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.013647] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.014850] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.015743] ---[ end trace 0000000000000000 ]--- [ 241.024192] ------------[ cut here ]------------ [ 241.024893] WARNING: CPU: 0 PID: 2286 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.026249] Modules linked in: [ 241.026896] CPU: 0 PID: 2286 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.028206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.029670] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.030331] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.032864] RSP: 0018:ffff888023fbfbb8 EFLAGS: 00010246 [ 241.033602] RAX: 0000000000000000 RBX: ffff888020afe0a8 RCX: 0000000000000000 [ 241.034607] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 241.035584] RBP: ffff888023fbfbd0 R08: ffffed100415fc33 R09: ffffed100415fc33 [ 241.036547] R10: ffff888020afe193 R11: ffffed100415fc32 R12: ffff888014443800 [ 241.037511] R13: ffff888020afe1e8 R14: ffffffff8352e670 R15: ffff888023fbfe68 [ 241.038483] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 241.039613] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.040383] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 241.041317] PKRU: 55555554 [ 241.041697] Call Trace: [ 241.042043] [ 241.042352] __iommufd_access_detach+0x1c2/0x2b0 [ 241.043065] iommufd_access_change_pt+0x149/0x270 [ 241.043753] iommufd_access_replace+0xb4/0x120 [ 241.044386] iommufd_test+0x3e5/0x37e0 [ 241.044903] ? lock_release+0x532/0x770 [ 241.045449] ? __might_fault+0x102/0x1b0 [ 241.046002] ? lock_acquire+0x427/0x4c0 [ 241.046619] ? __pfx_iommufd_test+0x10/0x10 [ 241.047218] ? __pfx_lock_release+0x10/0x10 [ 241.047807] ? __pfx_lock_acquire+0x10/0x10 [ 241.048388] ? write_comp_data+0x2f/0x90 [ 241.048942] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.049588] ? write_comp_data+0x2f/0x90 [ 241.050143] iommufd_fops_ioctl+0x37d/0x510 [ 241.050768] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.051446] ? write_comp_data+0x2f/0x90 [ 241.052026] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.052682] __x64_sys_ioctl+0x1a3/0x230 [ 241.053240] do_syscall_64+0x3b/0x90 [ 241.053752] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.054447] RIP: 0033:0x7f4b8743ee5d [ 241.054987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 241.057360] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 241.058363] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 241.059415] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 241.060366] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 241.061330] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 241.062292] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 241.063314] [ 241.063639] irq event stamp: 0 [ 241.064067] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.064902] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.066003] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.067206] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.068090] ---[ end trace 0000000000000000 ]--- [ 241.073143] ------------[ cut here ]------------ [ 241.073816] WARNING: CPU: 0 PID: 2286 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.075215] Modules linked in: [ 241.075676] CPU: 0 PID: 2286 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.076854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.078318] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.079058] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.081452] RSP: 0018:ffff888023fbfbd0 EFLAGS: 00010246 [ 241.082161] RAX: 0000000000000000 RBX: ffff888020afe0a8 RCX: 0000000000000000 [ 241.083168] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 241.084123] RBP: ffff888023fbfbe8 R08: ffffed100415fc33 R09: ffffed100415fc33 [ 241.085056] R10: ffff888020afe193 R11: ffffed100415fc32 R12: ffff8880121c7800 [ 241.085984] R13: ffff888020afe1e8 R14: ffff88800fa09400 R15: 0000000000000000 [ 241.086995] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 241.088051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.088816] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 241.089764] PKRU: 55555554 [ 241.090155] Call Trace: [ 241.090564] [ 241.090893] iommufd_access_destroy_object+0x65/0x170 [ 241.091632] iommufd_object_destroy_user+0x18e/0x220 [ 241.092320] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 241.093095] iommufd_access_destroy+0x43/0x70 [ 241.093709] iommufd_test_staccess_release+0x8d/0xd0 [ 241.094398] __fput+0x26d/0xa40 [ 241.094934] ____fput+0x1e/0x30 [ 241.095415] task_work_run+0x1a4/0x2d0 [ 241.095952] ? __pfx_task_work_run+0x10/0x10 [ 241.096544] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.097198] ? switch_task_namespaces+0xa9/0xe0 [ 241.097826] do_exit+0xb17/0x2ef0 [ 241.098294] ? lock_acquire+0x427/0x4c0 [ 241.098890] ? __pfx_lock_release+0x10/0x10 [ 241.099499] ? __kasan_check_write+0x18/0x20 [ 241.100092] ? do_raw_spin_lock+0x132/0x2a0 [ 241.100667] ? __pfx_do_exit+0x10/0x10 [ 241.101197] ? debug_smp_processor_id+0x20/0x30 [ 241.101824] ? rcu_is_watching+0x19/0xb0 [ 241.102381] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.103045] ? trace_hardirqs_on+0x26/0x120 [ 241.103648] do_group_exit+0xe0/0x2b0 [ 241.104164] __x64_sys_exit_group+0x47/0x50 [ 241.104736] do_syscall_64+0x3b/0x90 [ 241.105248] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.106009] RIP: 0033:0x7f4b87518a4d [ 241.106939] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.107780] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.108778] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.109707] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.111018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.111987] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.112920] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.113862] [ 241.114179] irq event stamp: 0 [ 241.114683] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.115583] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.116915] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.118021] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.118917] ---[ end trace 0000000000000000 ]--- [ 241.120453] ------------[ cut here ]------------ [ 241.121087] WARNING: CPU: 0 PID: 2286 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 241.122426] Modules linked in: [ 241.122924] CPU: 0 PID: 2286 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.124370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.125835] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 241.126567] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 241.129236] RSP: 0018:ffff888023fbfb78 EFLAGS: 00010246 [ 241.129952] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 241.130940] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 241.131943] RBP: ffff888023fbfb98 R08: ffffed100415fc3e R09: ffffed100415fc3e [ 241.133099] R10: ffff888020afe1ef R11: ffffed100415fc3d R12: ffff888020afe290 [ 241.134036] R13: ffff888020afe0a8 R14: ffffffffffffffff R15: ffff888023fbfc60 [ 241.135024] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 241.136138] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.137271] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 241.138254] PKRU: 55555554 [ 241.138693] Call Trace: [ 241.139058] [ 241.139400] iommufd_ioas_destroy+0x53/0x70 [ 241.140038] iommufd_fops_release+0x1f7/0x370 [ 241.141087] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.141775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.142433] ? write_comp_data+0x2f/0x90 [ 241.143053] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.143744] __fput+0x26d/0xa40 [ 241.144212] ____fput+0x1e/0x30 [ 241.144673] task_work_run+0x1a4/0x2d0 [ 241.145287] ? __pfx_task_work_run+0x10/0x10 [ 241.146060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.146838] ? switch_task_namespaces+0xa9/0xe0 [ 241.147524] do_exit+0xb17/0x2ef0 [ 241.148000] ? lock_acquire+0x427/0x4c0 [ 241.148550] ? __pfx_lock_release+0x10/0x10 [ 241.149139] ? __kasan_check_write+0x18/0x20 [ 241.149744] ? do_raw_spin_lock+0x132/0x2a0 [ 241.150687] ? __pfx_do_exit+0x10/0x10 [ 241.151245] ? debug_smp_processor_id+0x20/0x30 [ 241.151879] ? rcu_is_watching+0x19/0xb0 [ 241.152431] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.153045] ? trace_hardirqs_on+0x26/0x120 [ 241.153632] do_group_exit+0xe0/0x2b0 [ 241.154147] __x64_sys_exit_group+0x47/0x50 [ 241.154867] do_syscall_64+0x3b/0x90 [ 241.155585] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.156296] RIP: 0033:0x7f4b87518a4d [ 241.156794] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.157606] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.158658] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.159616] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.160840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.161786] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.162779] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.163757] [ 241.164089] irq event stamp: 0 [ 241.164551] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.165643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.166831] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.167972] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.168835] ---[ end trace 0000000000000000 ]--- [ 241.176824] ------------[ cut here ]------------ [ 241.177734] WARNING: CPU: 1 PID: 2287 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.179210] Modules linked in: [ 241.179679] CPU: 1 PID: 2287 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.180939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.182622] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.183398] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.185875] RSP: 0018:ffff888015a5fbb8 EFLAGS: 00010246 [ 241.186670] RAX: 0000000000000000 RBX: ffff888011d9c0a8 RCX: 0000000000000000 [ 241.187701] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 241.188830] RBP: ffff888015a5fbd0 R08: ffffed10023b3833 R09: ffffed10023b3833 [ 241.189793] R10: ffff888011d9c193 R11: ffffed10023b3832 R12: ffff888013b20800 [ 241.191063] R13: ffff888011d9c1e8 R14: ffffffff8352e670 R15: ffff888015a5fe68 [ 241.192227] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.193291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.194228] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 241.195281] PKRU: 55555554 [ 241.195674] Call Trace: [ 241.196018] [ 241.196332] __iommufd_access_detach+0x1c2/0x2b0 [ 241.197134] iommufd_access_change_pt+0x149/0x270 [ 241.197791] iommufd_access_replace+0xb4/0x120 [ 241.198423] iommufd_test+0x3e5/0x37e0 [ 241.199102] ? lock_release+0x532/0x770 [ 241.199693] ? __might_fault+0x102/0x1b0 [ 241.200251] ? lock_acquire+0x427/0x4c0 [ 241.200798] ? __pfx_iommufd_test+0x10/0x10 [ 241.201366] ? __pfx_lock_release+0x10/0x10 [ 241.202116] ? __pfx_lock_acquire+0x10/0x10 [ 241.202762] ? write_comp_data+0x2f/0x90 [ 241.203345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.203995] ? write_comp_data+0x2f/0x90 [ 241.204645] iommufd_fops_ioctl+0x37d/0x510 [ 241.205294] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.205951] ? write_comp_data+0x2f/0x90 [ 241.206652] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.207330] __x64_sys_ioctl+0x1a3/0x230 [ 241.207889] do_syscall_64+0x3b/0x90 [ 241.208406] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.209103] RIP: 0033:0x7f4b8743ee5d [ 241.209602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 241.212024] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 241.213034] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 241.213965] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 241.214945] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 241.215929] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 241.216864] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 241.217810] [ 241.218122] irq event stamp: 0 [ 241.218595] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.219436] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.220530] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.221615] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.222440] ---[ end trace 0000000000000000 ]--- [ 241.227943] ------------[ cut here ]------------ [ 241.228590] WARNING: CPU: 1 PID: 2287 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.229928] Modules linked in: [ 241.230370] CPU: 1 PID: 2287 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.231665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.233189] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.233865] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.236321] RSP: 0018:ffff888015a5fbd0 EFLAGS: 00010246 [ 241.237048] RAX: 0000000000000000 RBX: ffff888011d9c0a8 RCX: 0000000000000000 [ 241.237982] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 241.238956] RBP: ffff888015a5fbe8 R08: ffffed10023b3833 R09: ffffed10023b3833 [ 241.239882] R10: ffff888011d9c193 R11: ffffed10023b3832 R12: ffff88801890f400 [ 241.240822] R13: ffff888011d9c1e8 R14: ffff88800fd8b300 R15: 0000000000000000 [ 241.241760] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.242862] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.243651] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 241.244597] PKRU: 55555554 [ 241.244978] Call Trace: [ 241.245323] [ 241.245634] iommufd_access_destroy_object+0x65/0x170 [ 241.246333] iommufd_object_destroy_user+0x18e/0x220 [ 241.247077] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 241.247903] iommufd_access_destroy+0x43/0x70 [ 241.248527] iommufd_test_staccess_release+0x8d/0xd0 [ 241.249220] __fput+0x26d/0xa40 [ 241.249689] ____fput+0x1e/0x30 [ 241.250153] task_work_run+0x1a4/0x2d0 [ 241.250780] ? __pfx_task_work_run+0x10/0x10 [ 241.251402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.252073] ? switch_task_namespaces+0xa9/0xe0 [ 241.252717] do_exit+0xb17/0x2ef0 [ 241.253189] ? lock_acquire+0x427/0x4c0 [ 241.253743] ? __pfx_lock_release+0x10/0x10 [ 241.254345] ? __kasan_check_write+0x18/0x20 [ 241.255038] ? do_raw_spin_lock+0x132/0x2a0 [ 241.255657] ? __pfx_do_exit+0x10/0x10 [ 241.256202] ? debug_smp_processor_id+0x20/0x30 [ 241.256832] ? rcu_is_watching+0x19/0xb0 [ 241.257396] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.258027] ? trace_hardirqs_on+0x26/0x120 [ 241.258686] do_group_exit+0xe0/0x2b0 [ 241.259237] __x64_sys_exit_group+0x47/0x50 [ 241.259832] do_syscall_64+0x3b/0x90 [ 241.260364] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.261087] RIP: 0033:0x7f4b87518a4d [ 241.261589] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.262406] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.263513] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.264460] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.265400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.266336] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.267404] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.268407] [ 241.268727] irq event stamp: 0 [ 241.269150] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.269985] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.271166] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.272307] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.273144] ---[ end trace 0000000000000000 ]--- [ 241.274586] ------------[ cut here ]------------ [ 241.275236] WARNING: CPU: 1 PID: 2287 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 241.276625] Modules linked in: [ 241.277072] CPU: 1 PID: 2287 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.278234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.279848] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 241.280561] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 241.283010] RSP: 0018:ffff888015a5fb78 EFLAGS: 00010246 [ 241.283749] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 241.284709] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 241.285657] RBP: ffff888015a5fb98 R08: ffffed10023b383e R09: ffffed10023b383e [ 241.286680] R10: ffff888011d9c1ef R11: ffffed10023b383d R12: ffff888011d9c290 [ 241.287658] R13: ffff888011d9c0a8 R14: ffffffffffffffff R15: ffff888015a5fc60 [ 241.288608] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.289667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.290437] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 241.291457] PKRU: 55555554 [ 241.291848] Call Trace: [ 241.292204] [ 241.292520] iommufd_ioas_destroy+0x53/0x70 [ 241.293114] iommufd_fops_release+0x1f7/0x370 [ 241.293722] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.294394] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.295153] ? write_comp_data+0x2f/0x90 [ 241.295724] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.296397] __fput+0x26d/0xa40 [ 241.296863] ____fput+0x1e/0x30 [ 241.297325] task_work_run+0x1a4/0x2d0 [ 241.297875] ? __pfx_task_work_run+0x10/0x10 [ 241.298473] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.299231] ? switch_task_namespaces+0xa9/0xe0 [ 241.299877] do_exit+0xb17/0x2ef0 [ 241.300354] ? lock_acquire+0x427/0x4c0 [ 241.300900] ? __pfx_lock_release+0x10/0x10 [ 241.301496] ? __kasan_check_write+0x18/0x20 [ 241.302095] ? do_raw_spin_lock+0x132/0x2a0 [ 241.302768] ? __pfx_do_exit+0x10/0x10 [ 241.303351] ? debug_smp_processor_id+0x20/0x30 [ 241.303982] ? rcu_is_watching+0x19/0xb0 [ 241.304527] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.305139] ? trace_hardirqs_on+0x26/0x120 [ 241.305726] do_group_exit+0xe0/0x2b0 [ 241.306251] __x64_sys_exit_group+0x47/0x50 [ 241.306913] do_syscall_64+0x3b/0x90 [ 241.307476] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.308177] RIP: 0033:0x7f4b87518a4d [ 241.308677] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.309488] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.310484] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.311570] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.312519] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.313459] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.314417] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.315443] [ 241.315775] irq event stamp: 0 [ 241.316210] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.317059] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.318168] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.319463] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.320140] ---[ end trace 0000000000000000 ]--- [ 241.325164] ------------[ cut here ]------------ [ 241.325731] WARNING: CPU: 1 PID: 2288 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.326849] Modules linked in: [ 241.327208] CPU: 1 PID: 2288 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.328128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.329309] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.329836] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.331806] RSP: 0018:ffff888023fbfbb8 EFLAGS: 00010246 [ 241.332396] RAX: 0000000000000000 RBX: ffff8880180a20a8 RCX: 0000000000000000 [ 241.333159] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 241.333911] RBP: ffff888023fbfbd0 R08: ffffed1003014433 R09: ffffed1003014433 [ 241.334699] R10: ffff8880180a2193 R11: ffffed1003014432 R12: ffff888014393c00 [ 241.335486] R13: ffff8880180a21e8 R14: ffffffff8352e670 R15: ffff888023fbfe68 [ 241.336242] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.337087] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.337707] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 241.338462] PKRU: 55555554 [ 241.338793] Call Trace: [ 241.339062] [ 241.339315] __iommufd_access_detach+0x1c2/0x2b0 [ 241.339848] iommufd_access_change_pt+0x149/0x270 [ 241.340374] iommufd_access_replace+0xb4/0x120 [ 241.340879] iommufd_test+0x3e5/0x37e0 [ 241.341379] ? lock_release+0x532/0x770 [ 241.341814] ? __might_fault+0x102/0x1b0 [ 241.342254] ? lock_acquire+0x427/0x4c0 [ 241.342745] ? __pfx_iommufd_test+0x10/0x10 [ 241.343212] ? __pfx_lock_release+0x10/0x10 [ 241.343692] ? __pfx_lock_acquire+0x10/0x10 [ 241.344161] ? write_comp_data+0x2f/0x90 [ 241.344601] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.345116] ? write_comp_data+0x2f/0x90 [ 241.345552] iommufd_fops_ioctl+0x37d/0x510 [ 241.346015] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.346566] ? write_comp_data+0x2f/0x90 [ 241.347007] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.347533] __x64_sys_ioctl+0x1a3/0x230 [ 241.347980] do_syscall_64+0x3b/0x90 [ 241.348386] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.348942] RIP: 0033:0x7f4b8743ee5d [ 241.349338] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 241.351304] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 241.352109] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 241.352857] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 241.353608] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 241.354355] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 241.355165] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 241.355932] [ 241.356184] irq event stamp: 0 [ 241.356518] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.357195] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.358105] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.359050] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.359759] ---[ end trace 0000000000000000 ]--- [ 241.363162] ------------[ cut here ]------------ [ 241.363699] WARNING: CPU: 1 PID: 2288 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.364870] Modules linked in: [ 241.365487] CPU: 1 PID: 2288 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.366848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.368446] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.369255] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.371904] RSP: 0018:ffff888023fbfbd0 EFLAGS: 00010246 [ 241.372475] RAX: 0000000000000000 RBX: ffff8880180a20a8 RCX: 0000000000000000 [ 241.373306] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 241.374278] RBP: ffff888023fbfbe8 R08: ffffed1003014433 R09: ffffed1003014433 [ 241.375593] R10: ffff8880180a2193 R11: ffffed1003014432 R12: ffff888013b23000 [ 241.376584] R13: ffff8880180a21e8 R14: ffff88800fe7a800 R15: 0000000000000000 [ 241.377546] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.378840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.379746] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 241.380715] PKRU: 55555554 [ 241.381115] Call Trace: [ 241.381472] [ 241.381870] iommufd_access_destroy_object+0x65/0x170 [ 241.382789] iommufd_object_destroy_user+0x18e/0x220 [ 241.383530] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 241.384338] iommufd_access_destroy+0x43/0x70 [ 241.385202] iommufd_test_staccess_release+0x8d/0xd0 [ 241.385936] __fput+0x26d/0xa40 [ 241.386435] ____fput+0x1e/0x30 [ 241.386986] task_work_run+0x1a4/0x2d0 [ 241.387623] ? __pfx_task_work_run+0x10/0x10 [ 241.388370] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.389059] ? switch_task_namespaces+0xa9/0xe0 [ 241.389718] do_exit+0xb17/0x2ef0 [ 241.390389] ? lock_acquire+0x427/0x4c0 [ 241.391037] ? __pfx_lock_release+0x10/0x10 [ 241.391690] ? __kasan_check_write+0x18/0x20 [ 241.392311] ? do_raw_spin_lock+0x132/0x2a0 [ 241.393128] ? __pfx_do_exit+0x10/0x10 [ 241.393689] ? debug_smp_processor_id+0x20/0x30 [ 241.394331] ? rcu_is_watching+0x19/0xb0 [ 241.394967] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.395816] ? trace_hardirqs_on+0x26/0x120 [ 241.396436] do_group_exit+0xe0/0x2b0 [ 241.396980] __x64_sys_exit_group+0x47/0x50 [ 241.397579] do_syscall_64+0x3b/0x90 [ 241.398320] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.399113] RIP: 0033:0x7f4b87518a4d [ 241.399682] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.400517] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.401751] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.402821] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.404058] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.405020] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.406018] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.407212] [ 241.407561] irq event stamp: 0 [ 241.407996] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.408960] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.410184] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.411623] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.412489] ---[ end trace 0000000000000000 ]--- [ 241.413848] ------------[ cut here ]------------ [ 241.414718] WARNING: CPU: 1 PID: 2288 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 241.416119] Modules linked in: [ 241.416676] CPU: 1 PID: 2288 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.417909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.419696] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 241.420428] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 241.423143] RSP: 0018:ffff888023fbfb78 EFLAGS: 00010246 [ 241.423882] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 241.425062] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 241.426020] RBP: ffff888023fbfb98 R08: ffffed100301443e R09: ffffed100301443e [ 241.427302] R10: ffff8880180a21ef R11: ffffed100301443d R12: ffff8880180a2290 [ 241.428273] R13: ffff8880180a20a8 R14: ffffffffffffffff R15: ffff888023fbfc60 [ 241.429246] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.430458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.431329] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 241.432495] PKRU: 55555554 [ 241.432884] Call Trace: [ 241.433234] [ 241.433541] iommufd_ioas_destroy+0x53/0x70 [ 241.434147] iommufd_fops_release+0x1f7/0x370 [ 241.434997] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.435719] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.436410] ? write_comp_data+0x2f/0x90 [ 241.437109] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.437903] __fput+0x26d/0xa40 [ 241.438397] ____fput+0x1e/0x30 [ 241.438937] task_work_run+0x1a4/0x2d0 [ 241.439528] ? __pfx_task_work_run+0x10/0x10 [ 241.440330] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.441022] ? switch_task_namespaces+0xa9/0xe0 [ 241.441695] do_exit+0xb17/0x2ef0 [ 241.442197] ? lock_acquire+0x427/0x4c0 [ 241.443056] ? __pfx_lock_release+0x10/0x10 [ 241.443710] ? __kasan_check_write+0x18/0x20 [ 241.444329] ? do_raw_spin_lock+0x132/0x2a0 [ 241.444935] ? __pfx_do_exit+0x10/0x10 [ 241.445698] ? debug_smp_processor_id+0x20/0x30 [ 241.446355] ? rcu_is_watching+0x19/0xb0 [ 241.446983] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.447652] ? trace_hardirqs_on+0x26/0x120 [ 241.448264] do_group_exit+0xe0/0x2b0 [ 241.448799] __x64_sys_exit_group+0x47/0x50 [ 241.449402] do_syscall_64+0x3b/0x90 [ 241.449948] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.450747] RIP: 0033:0x7f4b87518a4d [ 241.451298] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.452137] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.453171] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.454137] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.455212] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.456145] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.457108] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.458094] [ 241.458428] irq event stamp: 0 [ 241.458935] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.459829] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.460966] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.462094] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.463054] ---[ end trace 0000000000000000 ]--- [ 241.470451] ------------[ cut here ]------------ [ 241.471589] WARNING: CPU: 1 PID: 2289 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.472979] Modules linked in: [ 241.473436] CPU: 1 PID: 2289 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.474679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.476212] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.476909] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.479405] RSP: 0018:ffff888016e57bb8 EFLAGS: 00010246 [ 241.480139] RAX: 0000000000000000 RBX: ffff888010b790a8 RCX: 0000000000000000 [ 241.481097] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 241.482054] RBP: ffff888016e57bd0 R08: ffffed100216f233 R09: ffffed100216f233 [ 241.483071] R10: ffff888010b79193 R11: ffffed100216f232 R12: ffff8880121c5400 [ 241.484057] R13: ffff888010b791e8 R14: ffffffff8352e670 R15: ffff888016e57e68 [ 241.485009] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.486088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.486931] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 241.487926] PKRU: 55555554 [ 241.488334] Call Trace: [ 241.488697] [ 241.489010] __iommufd_access_detach+0x1c2/0x2b0 [ 241.489688] iommufd_access_change_pt+0x149/0x270 [ 241.490366] iommufd_access_replace+0xb4/0x120 [ 241.491074] iommufd_test+0x3e5/0x37e0 [ 241.491648] ? lock_release+0x532/0x770 [ 241.492211] ? __might_fault+0x102/0x1b0 [ 241.492782] ? lock_acquire+0x427/0x4c0 [ 241.493355] ? __pfx_iommufd_test+0x10/0x10 [ 241.493946] ? __pfx_lock_release+0x10/0x10 [ 241.494615] ? __pfx_lock_acquire+0x10/0x10 [ 241.495260] ? write_comp_data+0x2f/0x90 [ 241.495841] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.496522] ? write_comp_data+0x2f/0x90 [ 241.497094] iommufd_fops_ioctl+0x37d/0x510 [ 241.497692] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.498370] ? write_comp_data+0x2f/0x90 [ 241.499008] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.499725] __x64_sys_ioctl+0x1a3/0x230 [ 241.500321] do_syscall_64+0x3b/0x90 [ 241.500859] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.501578] RIP: 0033:0x7f4b8743ee5d [ 241.502096] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 241.504597] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 241.505625] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 241.506642] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 241.507611] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 241.508534] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 241.509452] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 241.510406] [ 241.510784] irq event stamp: 0 [ 241.511241] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.512084] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.513204] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.514289] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.515208] ---[ end trace 0000000000000000 ]--- [ 241.520222] ------------[ cut here ]------------ [ 241.520908] WARNING: CPU: 1 PID: 2289 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.522273] Modules linked in: [ 241.523219] CPU: 1 PID: 2289 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.524409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.525903] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.526653] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.529080] RSP: 0018:ffff888016e57bd0 EFLAGS: 00010246 [ 241.529781] RAX: 0000000000000000 RBX: ffff888010b790a8 RCX: 0000000000000000 [ 241.530782] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 241.531777] RBP: ffff888016e57be8 R08: ffffed100216f233 R09: ffffed100216f233 [ 241.532733] R10: ffff888010b79193 R11: ffffed100216f232 R12: ffff888014392c00 [ 241.533679] R13: ffff888010b791e8 R14: ffff88801381a000 R15: 0000000000000000 [ 241.534684] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.535788] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.536562] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 241.537507] PKRU: 55555554 [ 241.537890] Call Trace: [ 241.538235] [ 241.538593] iommufd_access_destroy_object+0x65/0x170 [ 241.539350] iommufd_object_destroy_user+0x18e/0x220 [ 241.540042] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 241.540819] iommufd_access_destroy+0x43/0x70 [ 241.541430] iommufd_test_staccess_release+0x8d/0xd0 [ 241.542121] __fput+0x26d/0xa40 [ 241.542639] ____fput+0x1e/0x30 [ 241.543109] task_work_run+0x1a4/0x2d0 [ 241.543680] ? __pfx_task_work_run+0x10/0x10 [ 241.544286] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.544979] ? switch_task_namespaces+0xa9/0xe0 [ 241.545623] do_exit+0xb17/0x2ef0 [ 241.546091] ? lock_acquire+0x427/0x4c0 [ 241.546682] ? __pfx_lock_release+0x10/0x10 [ 241.547306] ? __kasan_check_write+0x18/0x20 [ 241.547913] ? do_raw_spin_lock+0x132/0x2a0 [ 241.548492] ? __pfx_do_exit+0x10/0x10 [ 241.549026] ? debug_smp_processor_id+0x20/0x30 [ 241.549649] ? rcu_is_watching+0x19/0xb0 [ 241.550195] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.550849] ? trace_hardirqs_on+0x26/0x120 [ 241.551459] do_group_exit+0xe0/0x2b0 [ 241.551979] __x64_sys_exit_group+0x47/0x50 [ 241.552548] do_syscall_64+0x3b/0x90 [ 241.553062] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.553768] RIP: 0033:0x7f4b87518a4d [ 241.554266] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.555136] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.556148] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.557089] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.558018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.558989] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.559954] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.560917] [ 241.561235] irq event stamp: 0 [ 241.561654] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.562480] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.563663] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.564772] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.565603] ---[ end trace 0000000000000000 ]--- [ 241.566971] ------------[ cut here ]------------ [ 241.567628] WARNING: CPU: 1 PID: 2289 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 241.568958] Modules linked in: [ 241.569385] CPU: 1 PID: 2289 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.570745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.572273] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 241.572967] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 241.575390] RSP: 0018:ffff888016e57b78 EFLAGS: 00010246 [ 241.576109] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 241.577048] RDX: 0000000000000000 RSI: ffff88800f8b2500 RDI: 0000000000000002 [ 241.577983] RBP: ffff888016e57b98 R08: ffffed100216f23e R09: ffffed100216f23e [ 241.578950] R10: ffff888010b791ef R11: ffffed100216f23d R12: ffff888010b79290 [ 241.579919] R13: ffff888010b790a8 R14: ffffffffffffffff R15: ffff888016e57c60 [ 241.580855] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.581904] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.582708] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 241.583678] PKRU: 55555554 [ 241.584068] Call Trace: [ 241.584412] [ 241.584717] iommufd_ioas_destroy+0x53/0x70 [ 241.585310] iommufd_fops_release+0x1f7/0x370 [ 241.585916] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.586626] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.587323] ? write_comp_data+0x2f/0x90 [ 241.587887] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.588554] __fput+0x26d/0xa40 [ 241.589018] ____fput+0x1e/0x30 [ 241.589475] task_work_run+0x1a4/0x2d0 [ 241.590004] ? __pfx_task_work_run+0x10/0x10 [ 241.590637] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.591328] ? switch_task_namespaces+0xa9/0xe0 [ 241.591969] do_exit+0xb17/0x2ef0 [ 241.592433] ? lock_acquire+0x427/0x4c0 [ 241.592975] ? __pfx_lock_release+0x10/0x10 [ 241.593556] ? __kasan_check_write+0x18/0x20 [ 241.594145] ? do_raw_spin_lock+0x132/0x2a0 [ 241.594755] ? __pfx_do_exit+0x10/0x10 [ 241.595307] ? debug_smp_processor_id+0x20/0x30 [ 241.595941] ? rcu_is_watching+0x19/0xb0 [ 241.596486] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.597095] ? trace_hardirqs_on+0x26/0x120 [ 241.597682] do_group_exit+0xe0/0x2b0 [ 241.598190] __x64_sys_exit_group+0x47/0x50 [ 241.598813] do_syscall_64+0x3b/0x90 [ 241.599376] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.600083] RIP: 0033:0x7f4b87518a4d [ 241.600582] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.601391] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.602389] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.603388] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.604336] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.605282] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.606219] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.607253] [ 241.607583] irq event stamp: 0 [ 241.608009] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.608820] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.609893] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.610997] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.611845] ---[ end trace 0000000000000000 ]--- [ 241.619620] ------------[ cut here ]------------ [ 241.620306] WARNING: CPU: 0 PID: 2290 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.621618] Modules linked in: [ 241.622048] CPU: 0 PID: 2290 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.623604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.625125] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.626313] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.628821] RSP: 0018:ffff8880219dfbb8 EFLAGS: 00010246 [ 241.629964] RAX: 0000000000000000 RBX: ffff8880160990a8 RCX: 0000000000000000 [ 241.630968] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 241.631962] RBP: ffff8880219dfbd0 R08: ffffed1002c13233 R09: ffffed1002c13233 [ 241.632916] R10: ffff888016099193 R11: ffffed1002c13232 R12: ffff888014611400 [ 241.634215] R13: ffff8880160991e8 R14: ffffffff8352e670 R15: ffff8880219dfe68 [ 241.635297] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 241.636372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.637149] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 241.638422] PKRU: 55555554 [ 241.638865] Call Trace: [ 241.639256] [ 241.639566] __iommufd_access_detach+0x1c2/0x2b0 [ 241.640229] iommufd_access_change_pt+0x149/0x270 [ 241.640900] iommufd_access_replace+0xb4/0x120 [ 241.641577] iommufd_test+0x3e5/0x37e0 [ 241.642352] ? lock_release+0x532/0x770 [ 241.642970] ? __might_fault+0x102/0x1b0 [ 241.643573] ? lock_acquire+0x427/0x4c0 [ 241.644130] ? __pfx_iommufd_test+0x10/0x10 [ 241.644704] ? __pfx_lock_release+0x10/0x10 [ 241.645302] ? __pfx_lock_acquire+0x10/0x10 [ 241.646247] ? write_comp_data+0x2f/0x90 [ 241.646887] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.647604] ? write_comp_data+0x2f/0x90 [ 241.648175] iommufd_fops_ioctl+0x37d/0x510 [ 241.648758] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.649429] ? write_comp_data+0x2f/0x90 [ 241.650294] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.651026] __x64_sys_ioctl+0x1a3/0x230 [ 241.651633] do_syscall_64+0x3b/0x90 [ 241.652169] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.652876] RIP: 0033:0x7f4b8743ee5d [ 241.653381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 241.656186] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 241.657208] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 241.658201] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 241.659489] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 241.660452] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 241.661404] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 241.662738] [ 241.663069] irq event stamp: 0 [ 241.663528] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.664366] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.665478] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.666926] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.667806] ---[ end trace 0000000000000000 ]--- [ 241.673070] ------------[ cut here ]------------ [ 241.673793] WARNING: CPU: 0 PID: 2290 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.675497] Modules linked in: [ 241.675958] CPU: 0 PID: 2290 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.677119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.678971] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.679687] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.682387] RSP: 0018:ffff8880219dfbd0 EFLAGS: 00010246 [ 241.683193] RAX: 0000000000000000 RBX: ffff8880160990a8 RCX: 0000000000000000 [ 241.684158] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 241.685101] RBP: ffff8880219dfbe8 R08: ffffed1002c13233 R09: ffffed1002c13233 [ 241.686358] R10: ffff888016099193 R11: ffffed1002c13232 R12: ffff888014442800 [ 241.687407] R13: ffff8880160991e8 R14: ffff8880104c0700 R15: 0000000000000000 [ 241.688360] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 241.689458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.690544] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 241.691558] PKRU: 55555554 [ 241.691947] Call Trace: [ 241.692292] [ 241.692600] iommufd_access_destroy_object+0x65/0x170 [ 241.693612] iommufd_object_destroy_user+0x18e/0x220 [ 241.694313] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 241.695171] iommufd_access_destroy+0x43/0x70 [ 241.695814] iommufd_test_staccess_release+0x8d/0xd0 [ 241.696527] __fput+0x26d/0xa40 [ 241.697056] ____fput+0x1e/0x30 [ 241.697784] task_work_run+0x1a4/0x2d0 [ 241.698362] ? __pfx_task_work_run+0x10/0x10 [ 241.699020] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.699927] ? switch_task_namespaces+0xa9/0xe0 [ 241.700616] do_exit+0xb17/0x2ef0 [ 241.701649] ? lock_acquire+0x427/0x4c0 [ 241.702226] ? __pfx_lock_release+0x10/0x10 [ 241.702900] ? __kasan_check_write+0x18/0x20 [ 241.703540] ? do_raw_spin_lock+0x132/0x2a0 [ 241.704127] ? __pfx_do_exit+0x10/0x10 [ 241.705084] ? debug_smp_processor_id+0x20/0x30 [ 241.705733] ? rcu_is_watching+0x19/0xb0 [ 241.706295] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.706962] ? trace_hardirqs_on+0x26/0x120 [ 241.707599] do_group_exit+0xe0/0x2b0 [ 241.708618] __x64_sys_exit_group+0x47/0x50 [ 241.709209] do_syscall_64+0x3b/0x90 [ 241.709726] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.710432] RIP: 0033:0x7f4b87518a4d [ 241.711014] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.712188] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.713203] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.714164] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.715190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.716477] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.717421] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.718372] [ 241.718733] irq event stamp: 0 [ 241.719174] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.720324] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.721442] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.722601] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.723561] ---[ end trace 0000000000000000 ]--- [ 241.728862] ------------[ cut here ]------------ [ 241.729541] WARNING: CPU: 0 PID: 2290 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 241.731097] Modules linked in: [ 241.731801] CPU: 0 PID: 2290 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.732988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.734557] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 241.735287] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 241.737749] RSP: 0018:ffff8880219dfb78 EFLAGS: 00010246 [ 241.738477] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 241.739539] RDX: 0000000000000000 RSI: ffff888010a68000 RDI: 0000000000000002 [ 241.740519] RBP: ffff8880219dfb98 R08: ffffed1002c1323e R09: ffffed1002c1323e [ 241.741492] R10: ffff8880160991ef R11: ffffed1002c1323d R12: ffff888016099290 [ 241.742463] R13: ffff8880160990a8 R14: ffffffffffffffff R15: ffff8880219dfc60 [ 241.743515] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 241.744608] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.745402] CR2: 00007f82e2bba000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 241.746390] PKRU: 55555554 [ 241.746821] Call Trace: [ 241.747190] [ 241.747518] iommufd_ioas_destroy+0x53/0x70 [ 241.748124] iommufd_fops_release+0x1f7/0x370 [ 241.748750] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.749436] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.750115] ? write_comp_data+0x2f/0x90 [ 241.750733] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.751445] __fput+0x26d/0xa40 [ 241.751930] ____fput+0x1e/0x30 [ 241.752400] task_work_run+0x1a4/0x2d0 [ 241.752952] ? __pfx_task_work_run+0x10/0x10 [ 241.753563] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.754240] ? switch_task_namespaces+0xa9/0xe0 [ 241.754945] do_exit+0xb17/0x2ef0 [ 241.755445] ? lock_acquire+0x427/0x4c0 [ 241.756018] ? __pfx_lock_release+0x10/0x10 [ 241.756631] ? __kasan_check_write+0x18/0x20 [ 241.757259] ? do_raw_spin_lock+0x132/0x2a0 [ 241.757865] ? __pfx_do_exit+0x10/0x10 [ 241.758420] ? debug_smp_processor_id+0x20/0x30 [ 241.759146] ? rcu_is_watching+0x19/0xb0 [ 241.759718] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.760349] ? trace_hardirqs_on+0x26/0x120 [ 241.760953] do_group_exit+0xe0/0x2b0 [ 241.761484] __x64_sys_exit_group+0x47/0x50 [ 241.762069] do_syscall_64+0x3b/0x90 [ 241.762648] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.763378] RIP: 0033:0x7f4b87518a4d [ 241.763892] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.764726] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.765754] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.766764] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.767754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.768722] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.769684] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.770713] [ 241.771045] irq event stamp: 0 [ 241.771499] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.772357] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.773482] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.774642] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.775511] ---[ end trace 0000000000000000 ]--- [ 241.784597] ------------[ cut here ]------------ [ 241.785357] WARNING: CPU: 1 PID: 2291 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.787155] Modules linked in: [ 241.787628] CPU: 1 PID: 2291 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.788831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.790660] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.791383] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.793858] RSP: 0018:ffff888012a7fbb8 EFLAGS: 00010246 [ 241.794903] RAX: 0000000000000000 RBX: ffff8880219ad8a8 RCX: 0000000000000000 [ 241.795911] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 241.796881] RBP: ffff888012a7fbd0 R08: ffffed1004335b33 R09: ffffed1004335b33 [ 241.797847] R10: ffff8880219ad993 R11: ffffed1004335b32 R12: ffff888014440000 [ 241.799035] R13: ffff8880219ad9e8 R14: ffffffff8352e670 R15: ffff888012a7fe68 [ 241.800063] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.801158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.801948] CR2: 00007f4b877410e8 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 241.802998] PKRU: 55555554 [ 241.803574] Call Trace: [ 241.803941] [ 241.804268] __iommufd_access_detach+0x1c2/0x2b0 [ 241.804954] iommufd_access_change_pt+0x149/0x270 [ 241.805639] iommufd_access_replace+0xb4/0x120 [ 241.806293] iommufd_test+0x3e5/0x37e0 [ 241.806924] ? lock_release+0x532/0x770 [ 241.807514] ? __might_fault+0x102/0x1b0 [ 241.808207] ? lock_acquire+0x427/0x4c0 [ 241.808838] ? __pfx_iommufd_test+0x10/0x10 [ 241.809426] ? __pfx_lock_release+0x10/0x10 [ 241.810033] ? __pfx_lock_acquire+0x10/0x10 [ 241.810719] ? write_comp_data+0x2f/0x90 [ 241.811324] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.812003] ? write_comp_data+0x2f/0x90 [ 241.812643] iommufd_fops_ioctl+0x37d/0x510 [ 241.813350] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.814032] ? write_comp_data+0x2f/0x90 [ 241.814670] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.815357] __x64_sys_ioctl+0x1a3/0x230 [ 241.815943] do_syscall_64+0x3b/0x90 [ 241.816479] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.817398] RIP: 0033:0x7f4b8743ee5d [ 241.817974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 241.820557] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 241.821625] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 241.822777] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 241.823764] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 241.824717] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 241.825723] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 241.826910] [ 241.827304] irq event stamp: 0 [ 241.827748] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.828604] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.829731] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.831142] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.832008] ---[ end trace 0000000000000000 ]--- [ 241.837508] ------------[ cut here ]------------ [ 241.838196] WARNING: CPU: 1 PID: 2291 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.839909] Modules linked in: [ 241.840362] CPU: 1 PID: 2291 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.841560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.843136] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.843824] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.846343] RSP: 0018:ffff888012a7fbd0 EFLAGS: 00010246 [ 241.847164] RAX: 0000000000000000 RBX: ffff8880219ad8a8 RCX: 0000000000000000 [ 241.848141] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 241.849109] RBP: ffff888012a7fbe8 R08: ffffed1004335b33 R09: ffffed1004335b33 [ 241.850075] R10: ffff8880219ad993 R11: ffffed1004335b32 R12: ffff8880121c7800 [ 241.851096] R13: ffff8880219ad9e8 R14: ffff888020f65e00 R15: 0000000000000000 [ 241.852086] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.853177] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.853965] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 241.854991] PKRU: 55555554 [ 241.855395] Call Trace: [ 241.855755] [ 241.856074] iommufd_access_destroy_object+0x65/0x170 [ 241.856794] iommufd_object_destroy_user+0x18e/0x220 [ 241.857502] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 241.858309] iommufd_access_destroy+0x43/0x70 [ 241.859058] iommufd_test_staccess_release+0x8d/0xd0 [ 241.859814] __fput+0x26d/0xa40 [ 241.860300] ____fput+0x1e/0x30 [ 241.860771] task_work_run+0x1a4/0x2d0 [ 241.861327] ? __pfx_task_work_run+0x10/0x10 [ 241.861944] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.862680] ? switch_task_namespaces+0xa9/0xe0 [ 241.863376] do_exit+0xb17/0x2ef0 [ 241.863863] ? lock_acquire+0x427/0x4c0 [ 241.864427] ? __pfx_lock_release+0x10/0x10 [ 241.865030] ? __kasan_check_write+0x18/0x20 [ 241.865645] ? do_raw_spin_lock+0x132/0x2a0 [ 241.866248] ? __pfx_do_exit+0x10/0x10 [ 241.866853] ? debug_smp_processor_id+0x20/0x30 [ 241.867526] ? rcu_is_watching+0x19/0xb0 [ 241.868095] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.868726] ? trace_hardirqs_on+0x26/0x120 [ 241.869329] do_group_exit+0xe0/0x2b0 [ 241.869861] __x64_sys_exit_group+0x47/0x50 [ 241.870452] do_syscall_64+0x3b/0x90 [ 241.871035] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.871773] RIP: 0033:0x7f4b87518a4d [ 241.872288] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.873125] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.874155] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.875185] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.876155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.877120] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.878082] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.879143] [ 241.879484] irq event stamp: 0 [ 241.879928] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.880783] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.881910] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.883106] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.883985] ---[ end trace 0000000000000000 ]--- [ 241.885374] ------------[ cut here ]------------ [ 241.886303] WARNING: CPU: 1 PID: 2291 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 241.887773] Modules linked in: [ 241.888224] CPU: 1 PID: 2291 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.889432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.891297] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 241.892013] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 241.894486] RSP: 0018:ffff888012a7fb78 EFLAGS: 00010246 [ 241.895451] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 241.896428] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 241.897396] RBP: ffff888012a7fb98 R08: ffffed1004335b3e R09: ffffed1004335b3e [ 241.898364] R10: ffff8880219ad9ef R11: ffffed1004335b3d R12: ffff8880219ada90 [ 241.899579] R13: ffff8880219ad8a8 R14: ffffffffffffffff R15: ffff888012a7fc60 [ 241.900556] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.901649] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.902444] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 241.903704] PKRU: 55555554 [ 241.904107] Call Trace: [ 241.904470] [ 241.904794] iommufd_ioas_destroy+0x53/0x70 [ 241.905398] iommufd_fops_release+0x1f7/0x370 [ 241.906027] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.906763] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.907477] ? write_comp_data+0x2f/0x90 [ 241.908092] ? __pfx_iommufd_fops_release+0x10/0x10 [ 241.909023] __fput+0x26d/0xa40 [ 241.909523] ____fput+0x1e/0x30 [ 241.909996] task_work_run+0x1a4/0x2d0 [ 241.910631] ? __pfx_task_work_run+0x10/0x10 [ 241.911273] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.911961] ? switch_task_namespaces+0xa9/0xe0 [ 241.912644] do_exit+0xb17/0x2ef0 [ 241.913307] ? lock_acquire+0x427/0x4c0 [ 241.913876] ? __pfx_lock_release+0x10/0x10 [ 241.914484] ? __kasan_check_write+0x18/0x20 [ 241.915186] ? do_raw_spin_lock+0x132/0x2a0 [ 241.915793] ? __pfx_do_exit+0x10/0x10 [ 241.916357] ? debug_smp_processor_id+0x20/0x30 [ 241.917008] ? rcu_is_watching+0x19/0xb0 [ 241.917764] ? _raw_spin_unlock_irq+0x2b/0x60 [ 241.918402] ? trace_hardirqs_on+0x26/0x120 [ 241.919088] do_group_exit+0xe0/0x2b0 [ 241.919651] __x64_sys_exit_group+0x47/0x50 [ 241.920249] do_syscall_64+0x3b/0x90 [ 241.920778] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.921500] RIP: 0033:0x7f4b87518a4d [ 241.922219] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 241.923140] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 241.924189] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 241.925159] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 241.926156] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 241.927388] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 241.928368] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 241.929367] [ 241.929692] irq event stamp: 0 [ 241.930128] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.931233] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.932375] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.933512] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.934379] ---[ end trace 0000000000000000 ]--- [ 241.941837] ------------[ cut here ]------------ [ 241.942580] WARNING: CPU: 1 PID: 2292 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.943969] Modules linked in: [ 241.944413] CPU: 1 PID: 2292 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.945589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.947195] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.947891] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.950335] RSP: 0018:ffff888023f9fbb8 EFLAGS: 00010246 [ 241.951151] RAX: 0000000000000000 RBX: ffff8880163cd0a8 RCX: 0000000000000000 [ 241.952127] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 241.953085] RBP: ffff888023f9fbd0 R08: ffffed1002c79a33 R09: ffffed1002c79a33 [ 241.954042] R10: ffff8880163cd193 R11: ffffed1002c79a32 R12: ffff888013b16000 [ 241.955066] R13: ffff8880163cd1e8 R14: ffffffff8352e670 R15: ffff888023f9fe68 [ 241.956048] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 241.957138] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.957924] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 241.958952] PKRU: 55555554 [ 241.959362] Call Trace: [ 241.959719] [ 241.960035] __iommufd_access_detach+0x1c2/0x2b0 [ 241.960713] iommufd_access_change_pt+0x149/0x270 [ 241.961391] iommufd_access_replace+0xb4/0x120 [ 241.962031] iommufd_test+0x3e5/0x37e0 [ 241.962629] ? lock_release+0x532/0x770 [ 241.963229] ? __might_fault+0x102/0x1b0 [ 241.963800] ? lock_acquire+0x427/0x4c0 [ 241.964361] ? __pfx_iommufd_test+0x10/0x10 [ 241.964950] ? __pfx_lock_release+0x10/0x10 [ 241.965550] ? __pfx_lock_acquire+0x10/0x10 [ 241.966157] ? write_comp_data+0x2f/0x90 [ 241.966796] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 241.967493] ? write_comp_data+0x2f/0x90 [ 241.968070] iommufd_fops_ioctl+0x37d/0x510 [ 241.968666] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.969320] ? write_comp_data+0x2f/0x90 [ 241.969876] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 241.970582] __x64_sys_ioctl+0x1a3/0x230 [ 241.971156] do_syscall_64+0x3b/0x90 [ 241.971671] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 241.972365] RIP: 0033:0x7f4b8743ee5d [ 241.972862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 241.975278] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 241.976275] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 241.977205] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 241.978134] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 241.979110] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 241.980060] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 241.981006] [ 241.981319] irq event stamp: 0 [ 241.981738] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 241.982626] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 241.983739] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 241.984828] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 241.985654] ---[ end trace 0000000000000000 ]--- [ 241.990637] ------------[ cut here ]------------ [ 241.991312] WARNING: CPU: 1 PID: 2292 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 241.992630] Modules linked in: [ 241.993060] CPU: 1 PID: 2292 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 241.994185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 241.995756] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 241.996429] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 241.998901] RSP: 0018:ffff888023f9fbd0 EFLAGS: 00010246 [ 241.999636] RAX: 0000000000000000 RBX: ffff8880163cd0a8 RCX: 0000000000000000 [ 242.000580] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 242.001511] RBP: ffff888023f9fbe8 R08: ffffed1002c79a33 R09: ffffed1002c79a33 [ 242.002471] R10: ffff8880163cd193 R11: ffffed1002c79a32 R12: ffff888014443000 [ 242.003515] R13: ffff8880163cd1e8 R14: ffff88800fa09400 R15: 0000000000000000 [ 242.004461] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.005553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.006355] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 242.007396] PKRU: 55555554 [ 242.007786] Call Trace: [ 242.008146] [ 242.008467] iommufd_access_destroy_object+0x65/0x170 [ 242.009187] iommufd_object_destroy_user+0x18e/0x220 [ 242.009876] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 242.010736] iommufd_access_destroy+0x43/0x70 [ 242.011401] iommufd_test_staccess_release+0x8d/0xd0 [ 242.012104] __fput+0x26d/0xa40 [ 242.012581] ____fput+0x1e/0x30 [ 242.013058] task_work_run+0x1a4/0x2d0 [ 242.013616] ? __pfx_task_work_run+0x10/0x10 [ 242.014235] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.014978] ? switch_task_namespaces+0xa9/0xe0 [ 242.015670] do_exit+0xb17/0x2ef0 [ 242.016162] ? lock_acquire+0x427/0x4c0 [ 242.016729] ? __pfx_lock_release+0x10/0x10 [ 242.017313] ? __kasan_check_write+0x18/0x20 [ 242.017909] ? do_raw_spin_lock+0x132/0x2a0 [ 242.018589] ? __pfx_do_exit+0x10/0x10 [ 242.019164] ? debug_smp_processor_id+0x20/0x30 [ 242.019815] ? rcu_is_watching+0x19/0xb0 [ 242.020375] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.020989] ? trace_hardirqs_on+0x26/0x120 [ 242.021576] do_group_exit+0xe0/0x2b0 [ 242.022091] __x64_sys_exit_group+0x47/0x50 [ 242.022715] do_syscall_64+0x3b/0x90 [ 242.023246] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.023951] RIP: 0033:0x7f4b87518a4d [ 242.024450] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.025267] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.026268] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.027298] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.028245] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.029187] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.030125] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.031152] [ 242.031484] irq event stamp: 0 [ 242.031912] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.032739] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.033836] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.035049] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.035945] ---[ end trace 0000000000000000 ]--- [ 242.037321] ------------[ cut here ]------------ [ 242.037964] WARNING: CPU: 1 PID: 2292 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 242.039476] Modules linked in: [ 242.039923] CPU: 1 PID: 2292 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.041075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.042983] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 242.043705] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 242.046156] RSP: 0018:ffff888023f9fb78 EFLAGS: 00010246 [ 242.046962] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 242.047934] RDX: 0000000000000000 RSI: ffff888010a6ca00 RDI: 0000000000000002 [ 242.048903] RBP: ffff888023f9fb98 R08: ffffed1002c79a3e R09: ffffed1002c79a3e [ 242.049869] R10: ffff8880163cd1ef R11: ffffed1002c79a3d R12: ffff8880163cd290 [ 242.050940] R13: ffff8880163cd0a8 R14: ffffffffffffffff R15: ffff888023f9fc60 [ 242.051920] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.053001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.053794] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 242.054827] PKRU: 55555554 [ 242.055251] Call Trace: [ 242.055608] [ 242.055929] iommufd_ioas_destroy+0x53/0x70 [ 242.056533] iommufd_fops_release+0x1f7/0x370 [ 242.057164] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.057855] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.058636] ? write_comp_data+0x2f/0x90 [ 242.059239] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.059915] __fput+0x26d/0xa40 [ 242.060399] ____fput+0x1e/0x30 [ 242.060872] task_work_run+0x1a4/0x2d0 [ 242.061408] ? __pfx_task_work_run+0x10/0x10 [ 242.062012] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.062761] ? switch_task_namespaces+0xa9/0xe0 [ 242.063461] do_exit+0xb17/0x2ef0 [ 242.063953] ? lock_acquire+0x427/0x4c0 [ 242.064528] ? __pfx_lock_release+0x10/0x10 [ 242.065162] ? __kasan_check_write+0x18/0x20 [ 242.065798] ? do_raw_spin_lock+0x132/0x2a0 [ 242.066411] ? __pfx_do_exit+0x10/0x10 [ 242.067061] ? debug_smp_processor_id+0x20/0x30 [ 242.067738] ? rcu_is_watching+0x19/0xb0 [ 242.068285] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.068904] ? trace_hardirqs_on+0x26/0x120 [ 242.069509] do_group_exit+0xe0/0x2b0 [ 242.070044] __x64_sys_exit_group+0x47/0x50 [ 242.070683] do_syscall_64+0x3b/0x90 [ 242.071234] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.071958] RIP: 0033:0x7f4b87518a4d [ 242.072471] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.073310] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.074343] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.075395] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.076422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.077394] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.078358] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.079444] [ 242.079781] irq event stamp: 0 [ 242.080231] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.081079] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.082179] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.083392] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.084286] ---[ end trace 0000000000000000 ]--- [ 242.092829] ------------[ cut here ]------------ [ 242.093531] WARNING: CPU: 1 PID: 2293 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.095035] Modules linked in: [ 242.095536] CPU: 1 PID: 2293 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.096728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.098250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.099002] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.101486] RSP: 0018:ffff888023fbfbb8 EFLAGS: 00010246 [ 242.102216] RAX: 0000000000000000 RBX: ffff8880139588a8 RCX: 0000000000000000 [ 242.103278] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 242.104259] RBP: ffff888023fbfbd0 R08: ffffed100272b133 R09: ffffed100272b133 [ 242.105247] R10: ffff888013958993 R11: ffffed100272b132 R12: ffff88801890e800 [ 242.106212] R13: ffff8880139589e8 R14: ffffffff8352e670 R15: ffff888023fbfe68 [ 242.107223] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.108321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.109128] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 242.110111] PKRU: 55555554 [ 242.110580] Call Trace: [ 242.110940] [ 242.111287] __iommufd_access_detach+0x1c2/0x2b0 [ 242.111966] iommufd_access_change_pt+0x149/0x270 [ 242.112627] iommufd_access_replace+0xb4/0x120 [ 242.113249] iommufd_test+0x3e5/0x37e0 [ 242.113771] ? lock_release+0x532/0x770 [ 242.114316] ? __might_fault+0x102/0x1b0 [ 242.114925] ? lock_acquire+0x427/0x4c0 [ 242.115515] ? __pfx_iommufd_test+0x10/0x10 [ 242.116106] ? __pfx_lock_release+0x10/0x10 [ 242.116691] ? __pfx_lock_acquire+0x10/0x10 [ 242.117280] ? write_comp_data+0x2f/0x90 [ 242.117858] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.118586] ? write_comp_data+0x2f/0x90 [ 242.119188] iommufd_fops_ioctl+0x37d/0x510 [ 242.119792] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.120471] ? write_comp_data+0x2f/0x90 [ 242.121052] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.121725] __x64_sys_ioctl+0x1a3/0x230 [ 242.122306] do_syscall_64+0x3b/0x90 [ 242.122891] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.123635] RIP: 0033:0x7f4b8743ee5d [ 242.124158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 242.126674] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 242.127725] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 242.128704] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 242.129681] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 242.130717] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 242.131697] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 242.132684] [ 242.133012] irq event stamp: 0 [ 242.133449] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.134312] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.135522] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.136665] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.137535] ---[ end trace 0000000000000000 ]--- [ 242.142756] ------------[ cut here ]------------ [ 242.143461] WARNING: CPU: 1 PID: 2293 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.144838] Modules linked in: [ 242.145285] CPU: 1 PID: 2293 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.146927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.148504] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.149192] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.152019] RSP: 0018:ffff888023fbfbd0 EFLAGS: 00010246 [ 242.152761] RAX: 0000000000000000 RBX: ffff8880139588a8 RCX: 0000000000000000 [ 242.153736] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 242.154950] RBP: ffff888023fbfbe8 R08: ffffed100272b133 R09: ffffed100272b133 [ 242.155928] R10: ffff888013958993 R11: ffffed100272b132 R12: ffff888013b15400 [ 242.156895] R13: ffff8880139589e8 R14: ffff88801235b200 R15: 0000000000000000 [ 242.157859] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.159225] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.160024] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 242.161001] PKRU: 55555554 [ 242.161393] Call Trace: [ 242.161748] [ 242.162071] iommufd_access_destroy_object+0x65/0x170 [ 242.162871] iommufd_object_destroy_user+0x18e/0x220 [ 242.163720] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 242.164536] iommufd_access_destroy+0x43/0x70 [ 242.165170] iommufd_test_staccess_release+0x8d/0xd0 [ 242.165881] __fput+0x26d/0xa40 [ 242.166367] ____fput+0x1e/0x30 [ 242.166913] task_work_run+0x1a4/0x2d0 [ 242.167505] ? __pfx_task_work_run+0x10/0x10 [ 242.168303] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.168986] ? switch_task_namespaces+0xa9/0xe0 [ 242.169654] do_exit+0xb17/0x2ef0 [ 242.170146] ? lock_acquire+0x427/0x4c0 [ 242.170780] ? __pfx_lock_release+0x10/0x10 [ 242.171413] ? __kasan_check_write+0x18/0x20 [ 242.172034] ? do_raw_spin_lock+0x132/0x2a0 [ 242.172802] ? __pfx_do_exit+0x10/0x10 [ 242.173366] ? debug_smp_processor_id+0x20/0x30 [ 242.174019] ? rcu_is_watching+0x19/0xb0 [ 242.174645] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.175325] ? trace_hardirqs_on+0x26/0x120 [ 242.175948] do_group_exit+0xe0/0x2b0 [ 242.176491] __x64_sys_exit_group+0x47/0x50 [ 242.177212] do_syscall_64+0x3b/0x90 [ 242.177823] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.178626] RIP: 0033:0x7f4b87518a4d [ 242.179170] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.180031] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.181047] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.182186] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.183237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.184189] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.185162] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.186195] [ 242.186724] irq event stamp: 0 [ 242.187187] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.188057] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.189192] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.190327] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.191466] ---[ end trace 0000000000000000 ]--- [ 242.192852] ------------[ cut here ]------------ [ 242.193510] WARNING: CPU: 1 PID: 2293 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 242.194954] Modules linked in: [ 242.195587] CPU: 1 PID: 2293 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.196785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.198324] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 242.199095] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 242.201798] RSP: 0018:ffff888023fbfb78 EFLAGS: 00010246 [ 242.202586] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 242.203593] RDX: 0000000000000000 RSI: ffff8880105e4a00 RDI: 0000000000000002 [ 242.204776] RBP: ffff888023fbfb98 R08: ffffed100272b13e R09: ffffed100272b13e [ 242.205749] R10: ffff8880139589ef R11: ffffed100272b13d R12: ffff888013958a90 [ 242.206781] R13: ffff8880139588a8 R14: ffffffffffffffff R15: ffff888023fbfc60 [ 242.207772] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.209043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.209833] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 242.210903] PKRU: 55555554 [ 242.211323] Call Trace: [ 242.211683] [ 242.212006] iommufd_ioas_destroy+0x53/0x70 [ 242.212649] iommufd_fops_release+0x1f7/0x370 [ 242.213356] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.214050] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.214794] ? write_comp_data+0x2f/0x90 [ 242.215406] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.216102] __fput+0x26d/0xa40 [ 242.216587] ____fput+0x1e/0x30 [ 242.217097] task_work_run+0x1a4/0x2d0 [ 242.217791] ? __pfx_task_work_run+0x10/0x10 [ 242.218406] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.219157] ? switch_task_namespaces+0xa9/0xe0 [ 242.219833] do_exit+0xb17/0x2ef0 [ 242.220321] ? lock_acquire+0x427/0x4c0 [ 242.220887] ? __pfx_lock_release+0x10/0x10 [ 242.221537] ? __kasan_check_write+0x18/0x20 [ 242.222246] ? do_raw_spin_lock+0x132/0x2a0 [ 242.222902] ? __pfx_do_exit+0x10/0x10 [ 242.223482] ? debug_smp_processor_id+0x20/0x30 [ 242.224127] ? rcu_is_watching+0x19/0xb0 [ 242.224689] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.225318] ? trace_hardirqs_on+0x26/0x120 [ 242.226045] do_group_exit+0xe0/0x2b0 [ 242.226709] __x64_sys_exit_group+0x47/0x50 [ 242.227308] do_syscall_64+0x3b/0x90 [ 242.227824] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.228542] RIP: 0033:0x7f4b87518a4d [ 242.229054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.229892] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.231189] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.232169] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.233130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.234088] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.235184] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.236268] [ 242.236595] irq event stamp: 0 [ 242.237029] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.237879] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.239081] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.240445] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.241299] ---[ end trace 0000000000000000 ]--- [ 242.248852] ------------[ cut here ]------------ [ 242.249577] WARNING: CPU: 1 PID: 2294 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.251017] Modules linked in: [ 242.251491] CPU: 1 PID: 2294 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.252901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.254405] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.255150] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.257795] RSP: 0018:ffff888023f9fbb8 EFLAGS: 00010246 [ 242.258587] RAX: 0000000000000000 RBX: ffff88801030e0a8 RCX: 0000000000000000 [ 242.259575] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 242.260649] RBP: ffff888023f9fbd0 R08: ffffed1002061c33 R09: ffffed1002061c33 [ 242.261681] R10: ffff88801030e193 R11: ffffed1002061c32 R12: ffff88801226c800 [ 242.262717] R13: ffff88801030e1e8 R14: ffffffff8352e670 R15: ffff888023f9fe68 [ 242.263708] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.264799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.265793] CR2: 00007f4b877410e8 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 242.266850] PKRU: 55555554 [ 242.267274] Call Trace: [ 242.267633] [ 242.267955] __iommufd_access_detach+0x1c2/0x2b0 [ 242.268633] iommufd_access_change_pt+0x149/0x270 [ 242.269313] iommufd_access_replace+0xb4/0x120 [ 242.270080] iommufd_test+0x3e5/0x37e0 [ 242.270752] ? lock_release+0x532/0x770 [ 242.271342] ? __might_fault+0x102/0x1b0 [ 242.271914] ? lock_acquire+0x427/0x4c0 [ 242.272477] ? __pfx_iommufd_test+0x10/0x10 [ 242.273060] ? __pfx_lock_release+0x10/0x10 [ 242.273665] ? __pfx_lock_acquire+0x10/0x10 [ 242.274275] ? write_comp_data+0x2f/0x90 [ 242.275069] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.275771] ? write_comp_data+0x2f/0x90 [ 242.276349] iommufd_fops_ioctl+0x37d/0x510 [ 242.276949] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.277624] ? write_comp_data+0x2f/0x90 [ 242.278197] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.278920] __x64_sys_ioctl+0x1a3/0x230 [ 242.279665] do_syscall_64+0x3b/0x90 [ 242.280200] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.280925] RIP: 0033:0x7f4b8743ee5d [ 242.281438] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 242.284092] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 242.285109] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 242.285866] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 242.286648] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 242.287425] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 242.288175] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 242.289102] [ 242.289487] irq event stamp: 0 [ 242.289880] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.290596] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.291510] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.292402] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.293107] ---[ end trace 0000000000000000 ]--- [ 242.297320] ------------[ cut here ]------------ [ 242.298049] WARNING: CPU: 1 PID: 2294 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.299429] Modules linked in: [ 242.299787] CPU: 1 PID: 2294 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.300733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.301966] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.302640] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.304907] RSP: 0018:ffff888023f9fbd0 EFLAGS: 00010246 [ 242.305631] RAX: 0000000000000000 RBX: ffff88801030e0a8 RCX: 0000000000000000 [ 242.306667] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 242.307772] RBP: ffff888023f9fbe8 R08: ffffed1002061c33 R09: ffffed1002061c33 [ 242.308878] R10: ffff88801030e193 R11: ffffed1002061c32 R12: ffff88801890e400 [ 242.309852] R13: ffff88801030e1e8 R14: ffff88802099ce00 R15: 0000000000000000 [ 242.310887] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.312478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.313292] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 242.314278] PKRU: 55555554 [ 242.314768] Call Trace: [ 242.315161] [ 242.315491] iommufd_access_destroy_object+0x65/0x170 [ 242.316567] iommufd_object_destroy_user+0x18e/0x220 [ 242.317285] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 242.318091] iommufd_access_destroy+0x43/0x70 [ 242.318815] iommufd_test_staccess_release+0x8d/0xd0 [ 242.319565] __fput+0x26d/0xa40 [ 242.320116] ____fput+0x1e/0x30 [ 242.320782] task_work_run+0x1a4/0x2d0 [ 242.321345] ? __pfx_task_work_run+0x10/0x10 [ 242.321958] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.322723] ? switch_task_namespaces+0xa9/0xe0 [ 242.323431] do_exit+0xb17/0x2ef0 [ 242.323919] ? lock_acquire+0x427/0x4c0 [ 242.324675] ? __pfx_lock_release+0x10/0x10 [ 242.325286] ? __kasan_check_write+0x18/0x20 [ 242.325895] ? do_raw_spin_lock+0x132/0x2a0 [ 242.326485] ? __pfx_do_exit+0x10/0x10 [ 242.327149] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 242.327149] ? debug_smp_processor_id+0x20/0x30 [ 242.327188] ? rcu_is_watching+0x19/0xb0 [ 242.329897] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 242.330502] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.333600] ? trace_hardirqs_on+0x26/0x120 [ 242.334208] do_group_exit+0xe0/0x2b0 [ 242.334781] __x64_sys_exit_group+0x47/0x50 [ 242.335386] do_syscall_64+0x3b/0x90 [ 242.336032] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.336869] RIP: 0033:0x7f4b87518a4d [ 242.337388] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.338230] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.339368] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.340177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.340937] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.341666] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.342405] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.343224] [ 242.343469] irq event stamp: 0 [ 242.343798] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.344468] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.345362] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.346234] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.346924] ---[ end trace 0000000000000000 ]--- [ 242.347876] ------------[ cut here ]------------ [ 242.348376] WARNING: CPU: 1 PID: 2294 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 242.349467] Modules linked in: [ 242.349819] CPU: 1 PID: 2294 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.350784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.351990] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 242.352533] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 242.354454] RSP: 0018:ffff888023f9fb78 EFLAGS: 00010246 [ 242.355070] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 242.355827] RDX: 0000000000000000 RSI: ffff88800f4f4a00 RDI: 0000000000000002 [ 242.356582] RBP: ffff888023f9fb98 R08: ffffed1002061c3e R09: ffffed1002061c3e [ 242.357348] R10: ffff88801030e1ef R11: ffffed1002061c3d R12: ffff88801030e290 [ 242.358086] R13: ffff88801030e0a8 R14: ffffffffffffffff R15: ffff888023f9fc60 [ 242.358892] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.359765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.360372] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 242.361231] PKRU: 55555554 [ 242.361612] Call Trace: [ 242.361950] [ 242.362252] iommufd_ioas_destroy+0x53/0x70 [ 242.362912] iommufd_fops_release+0x1f7/0x370 [ 242.363579] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.364245] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.364895] ? write_comp_data+0x2f/0x90 [ 242.365447] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.366115] __fput+0x26d/0xa40 [ 242.366661] ____fput+0x1e/0x30 [ 242.367135] task_work_run+0x1a4/0x2d0 [ 242.367677] ? __pfx_task_work_run+0x10/0x10 [ 242.368275] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.368933] ? switch_task_namespaces+0xa9/0xe0 [ 242.369583] do_exit+0xb17/0x2ef0 [ 242.370051] ? lock_acquire+0x427/0x4c0 [ 242.370682] ? __pfx_lock_release+0x10/0x10 [ 242.371308] ? __kasan_check_write+0x18/0x20 [ 242.371909] ? do_raw_spin_lock+0x132/0x2a0 [ 242.372481] ? __pfx_do_exit+0x10/0x10 [ 242.373191] ? debug_smp_processor_id+0x20/0x30 [ 242.373947] ? rcu_is_watching+0x19/0xb0 [ 242.374475] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.375202] ? trace_hardirqs_on+0x26/0x120 [ 242.375672] do_group_exit+0xe0/0x2b0 [ 242.376074] __x64_sys_exit_group+0x47/0x50 [ 242.376522] do_syscall_64+0x3b/0x90 [ 242.376919] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.377471] RIP: 0033:0x7f4b87518a4d [ 242.377858] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.378561] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.379510] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.380378] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.381124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.381870] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.382655] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.383433] [ 242.383685] irq event stamp: 0 [ 242.384148] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.384910] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.385780] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.386711] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.387400] ---[ end trace 0000000000000000 ]--- [ 242.393105] ------------[ cut here ]------------ [ 242.393655] WARNING: CPU: 1 PID: 2296 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.394791] Modules linked in: [ 242.395207] CPU: 1 PID: 2296 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.396281] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.397481] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.398170] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.400235] RSP: 0018:ffff888016edfbb8 EFLAGS: 00010246 [ 242.400885] RAX: 0000000000000000 RBX: ffff8880104650a8 RCX: 0000000000000000 [ 242.401626] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 242.402364] RBP: ffff888016edfbd0 R08: ffffed100208ca33 R09: ffffed100208ca33 [ 242.403391] R10: ffff888010465193 R11: ffffed100208ca32 R12: ffff88801493c000 [ 242.404138] R13: ffff8880104651e8 R14: ffffffff8352e670 R15: ffff888016edfe68 [ 242.404890] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.405947] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.406593] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 242.407364] PKRU: 55555554 [ 242.407672] Call Trace: [ 242.407941] [ 242.408184] __iommufd_access_detach+0x1c2/0x2b0 [ 242.408942] iommufd_access_change_pt+0x149/0x270 [ 242.409460] iommufd_access_replace+0xb4/0x120 [ 242.409960] iommufd_test+0x3e5/0x37e0 [ 242.410374] ? lock_release+0x532/0x770 [ 242.410834] ? __might_fault+0x102/0x1b0 [ 242.411289] ? lock_acquire+0x427/0x4c0 [ 242.411719] ? __pfx_iommufd_test+0x10/0x10 [ 242.412163] ? __pfx_lock_release+0x10/0x10 [ 242.412621] ? __pfx_lock_acquire+0x10/0x10 [ 242.413080] ? write_comp_data+0x2f/0x90 [ 242.413509] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.414020] ? write_comp_data+0x2f/0x90 [ 242.414450] iommufd_fops_ioctl+0x37d/0x510 [ 242.414936] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.415465] ? write_comp_data+0x2f/0x90 [ 242.415899] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.416408] __x64_sys_ioctl+0x1a3/0x230 [ 242.416846] do_syscall_64+0x3b/0x90 [ 242.417253] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.417799] RIP: 0033:0x7f4b8743ee5d [ 242.418180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 242.420110] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 242.420906] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 242.421633] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 242.422375] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 242.423147] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 242.423888] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 242.424637] [ 242.424886] irq event stamp: 0 [ 242.425216] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.425867] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.426758] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.427623] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.428261] ---[ end trace 0000000000000000 ]--- [ 242.431535] ------------[ cut here ]------------ [ 242.432057] WARNING: CPU: 1 PID: 2296 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.433082] Modules linked in: [ 242.433405] CPU: 1 PID: 2296 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.434299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.435531] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.436047] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.437941] RSP: 0018:ffff888016edfbd0 EFLAGS: 00010246 [ 242.438499] RAX: 0000000000000000 RBX: ffff8880104650a8 RCX: 0000000000000000 [ 242.439288] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 242.440021] RBP: ffff888016edfbe8 R08: ffffed100208ca33 R09: ffffed100208ca33 [ 242.440755] R10: ffff888010465193 R11: ffffed100208ca32 R12: ffff88801226ec00 [ 242.441496] R13: ffff8880104651e8 R14: ffff88800ef8a500 R15: 0000000000000000 [ 242.442230] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.443083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.443705] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 242.444449] PKRU: 55555554 [ 242.444742] Call Trace: [ 242.445010] [ 242.445247] iommufd_access_destroy_object+0x65/0x170 [ 242.445786] iommufd_object_destroy_user+0x18e/0x220 [ 242.446315] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 242.446965] iommufd_access_destroy+0x43/0x70 [ 242.447462] iommufd_test_staccess_release+0x8d/0xd0 [ 242.448010] __fput+0x26d/0xa40 [ 242.448370] ____fput+0x1e/0x30 [ 242.448718] task_work_run+0x1a4/0x2d0 [ 242.449149] ? __pfx_task_work_run+0x10/0x10 [ 242.449607] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.450116] ? switch_task_namespaces+0xa9/0xe0 [ 242.450642] do_exit+0xb17/0x2ef0 [ 242.451011] ? lock_acquire+0x427/0x4c0 [ 242.451454] ? __pfx_lock_release+0x10/0x10 [ 242.451911] ? __kasan_check_write+0x18/0x20 [ 242.452378] ? do_raw_spin_lock+0x132/0x2a0 [ 242.452846] ? __pfx_do_exit+0x10/0x10 [ 242.453263] ? debug_smp_processor_id+0x20/0x30 [ 242.453756] ? rcu_is_watching+0x19/0xb0 [ 242.454179] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.454687] ? trace_hardirqs_on+0x26/0x120 [ 242.455160] do_group_exit+0xe0/0x2b0 [ 242.455565] __x64_sys_exit_group+0x47/0x50 [ 242.456015] do_syscall_64+0x3b/0x90 [ 242.456416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.456973] RIP: 0033:0x7f4b87518a4d [ 242.457367] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.458011] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.458840] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.459602] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.460340] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.461073] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.461807] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.462578] [ 242.462825] irq event stamp: 0 [ 242.463165] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.463823] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.464691] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.465555] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.466209] ---[ end trace 0000000000000000 ]--- [ 242.467133] ------------[ cut here ]------------ [ 242.467637] WARNING: CPU: 1 PID: 2296 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 242.468691] Modules linked in: [ 242.469033] CPU: 1 PID: 2296 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.469929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.471132] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 242.471682] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 242.473579] RSP: 0018:ffff888016edfb78 EFLAGS: 00010246 [ 242.474135] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 242.474905] RDX: 0000000000000000 RSI: ffff88800f8b4a00 RDI: 0000000000000002 [ 242.475667] RBP: ffff888016edfb98 R08: ffffed100208ca3e R09: ffffed100208ca3e [ 242.476410] R10: ffff8880104651ef R11: ffffed100208ca3d R12: ffff888010465290 [ 242.477152] R13: ffff8880104650a8 R14: ffffffffffffffff R15: ffff888016edfc60 [ 242.477891] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.478764] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.479413] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 242.480149] PKRU: 55555554 [ 242.480461] Call Trace: [ 242.480729] [ 242.480968] iommufd_ioas_destroy+0x53/0x70 [ 242.481423] iommufd_fops_release+0x1f7/0x370 [ 242.481899] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.482422] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.482962] ? write_comp_data+0x2f/0x90 [ 242.483416] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.483945] __fput+0x26d/0xa40 [ 242.484306] ____fput+0x1e/0x30 [ 242.484660] task_work_run+0x1a4/0x2d0 [ 242.485072] ? __pfx_task_work_run+0x10/0x10 [ 242.485543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.486054] ? switch_task_namespaces+0xa9/0xe0 [ 242.486589] do_exit+0xb17/0x2ef0 [ 242.486955] ? lock_acquire+0x427/0x4c0 [ 242.487400] ? __pfx_lock_release+0x10/0x10 [ 242.487853] ? __kasan_check_write+0x18/0x20 [ 242.488312] ? do_raw_spin_lock+0x132/0x2a0 [ 242.488762] ? __pfx_do_exit+0x10/0x10 [ 242.489170] ? debug_smp_processor_id+0x20/0x30 [ 242.489649] ? rcu_is_watching+0x19/0xb0 [ 242.490090] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.490599] ? trace_hardirqs_on+0x26/0x120 [ 242.491057] do_group_exit+0xe0/0x2b0 [ 242.491467] __x64_sys_exit_group+0x47/0x50 [ 242.491907] do_syscall_64+0x3b/0x90 [ 242.492304] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.492851] RIP: 0033:0x7f4b87518a4d [ 242.493236] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.493859] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.494668] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.495404] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.496141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.496865] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.497581] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.498308] [ 242.498575] irq event stamp: 0 [ 242.498904] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.499573] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.500421] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.501263] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.501891] ---[ end trace 0000000000000000 ]--- [ 242.505955] ------------[ cut here ]------------ [ 242.506492] WARNING: CPU: 1 PID: 2297 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.507640] Modules linked in: [ 242.507960] CPU: 1 PID: 2297 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.508831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.509958] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.510466] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.512447] RSP: 0018:ffff888015a5fbb8 EFLAGS: 00010246 [ 242.513005] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 242.513723] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 242.514438] RBP: ffff888015a5fbd0 R08: ffffed100173f333 R09: ffffed100173f333 [ 242.515191] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff888012e94c00 [ 242.515908] R13: ffff88800b9f99e8 R14: ffffffff8352e670 R15: ffff888015a5fe68 [ 242.516616] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.517422] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.518003] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 242.518750] PKRU: 55555554 [ 242.519037] Call Trace: [ 242.519317] [ 242.519544] __iommufd_access_detach+0x1c2/0x2b0 [ 242.520043] iommufd_access_change_pt+0x149/0x270 [ 242.520541] iommufd_access_replace+0xb4/0x120 [ 242.521009] iommufd_test+0x3e5/0x37e0 [ 242.521397] ? lock_release+0x532/0x770 [ 242.521812] ? __might_fault+0x102/0x1b0 [ 242.522236] ? lock_acquire+0x427/0x4c0 [ 242.522679] ? __pfx_iommufd_test+0x10/0x10 [ 242.523129] ? __pfx_lock_release+0x10/0x10 [ 242.523586] ? __pfx_lock_acquire+0x10/0x10 [ 242.524036] ? write_comp_data+0x2f/0x90 [ 242.524458] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.524952] ? write_comp_data+0x2f/0x90 [ 242.525384] iommufd_fops_ioctl+0x37d/0x510 [ 242.525833] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.526329] ? write_comp_data+0x2f/0x90 [ 242.526777] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.527282] __x64_sys_ioctl+0x1a3/0x230 [ 242.527708] do_syscall_64+0x3b/0x90 [ 242.528100] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.528629] RIP: 0033:0x7f4b8743ee5d [ 242.529006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 242.530908] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 242.531702] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 242.532420] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 242.533148] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 242.533871] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 242.534650] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 242.535397] [ 242.535638] irq event stamp: 0 [ 242.535954] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.536594] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.537443] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.538276] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.538956] ---[ end trace 0000000000000000 ]--- [ 242.542073] ------------[ cut here ]------------ [ 242.542648] WARNING: CPU: 1 PID: 2297 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.543697] Modules linked in: [ 242.544025] CPU: 1 PID: 2297 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.544907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.546030] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.546569] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.548411] RSP: 0018:ffff888015a5fbd0 EFLAGS: 00010246 [ 242.548943] RAX: 0000000000000000 RBX: ffff88800b9f98a8 RCX: 0000000000000000 [ 242.549673] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 242.550387] RBP: ffff888015a5fbe8 R08: ffffed100173f333 R09: ffffed100173f333 [ 242.551137] R10: ffff88800b9f9993 R11: ffffed100173f332 R12: ffff88801493f000 [ 242.551859] R13: ffff88800b9f99e8 R14: ffff88800fa09d00 R15: 0000000000000000 [ 242.552576] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.553389] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.553967] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 242.554716] PKRU: 55555554 [ 242.554999] Call Trace: [ 242.555265] [ 242.555497] iommufd_access_destroy_object+0x65/0x170 [ 242.556030] iommufd_object_destroy_user+0x18e/0x220 [ 242.556548] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 242.557146] iommufd_access_destroy+0x43/0x70 [ 242.557615] iommufd_test_staccess_release+0x8d/0xd0 [ 242.558145] __fput+0x26d/0xa40 [ 242.558498] ____fput+0x1e/0x30 [ 242.558878] task_work_run+0x1a4/0x2d0 [ 242.559291] ? __pfx_task_work_run+0x10/0x10 [ 242.559758] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.560269] ? switch_task_namespaces+0xa9/0xe0 [ 242.560759] do_exit+0xb17/0x2ef0 [ 242.561114] ? lock_acquire+0x427/0x4c0 [ 242.561533] ? __pfx_lock_release+0x10/0x10 [ 242.561980] ? __kasan_check_write+0x18/0x20 [ 242.562432] ? do_raw_spin_lock+0x132/0x2a0 [ 242.562913] ? __pfx_do_exit+0x10/0x10 [ 242.563362] ? debug_smp_processor_id+0x20/0x30 [ 242.563845] ? rcu_is_watching+0x19/0xb0 [ 242.564269] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.564748] ? trace_hardirqs_on+0x26/0x120 [ 242.565197] do_group_exit+0xe0/0x2b0 [ 242.565595] __x64_sys_exit_group+0x47/0x50 [ 242.566037] do_syscall_64+0x3b/0x90 [ 242.566436] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.567031] RIP: 0033:0x7f4b87518a4d [ 242.567432] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.568061] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.568840] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.569569] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.570301] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.571062] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.571812] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.572548] [ 242.572786] irq event stamp: 0 [ 242.573109] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.573751] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.574642] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.575507] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.576147] ---[ end trace 0000000000000000 ]--- [ 242.577031] ------------[ cut here ]------------ [ 242.577521] WARNING: CPU: 1 PID: 2297 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 242.578587] Modules linked in: [ 242.578916] CPU: 1 PID: 2297 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.579829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.580983] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 242.581520] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 242.584183] RSP: 0018:ffff888015a5fb78 EFLAGS: 00010246 [ 242.584749] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 242.585470] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 242.586195] RBP: ffff888015a5fb98 R08: ffffed100173f33e R09: ffffed100173f33e [ 242.586952] R10: ffff88800b9f99ef R11: ffffed100173f33d R12: ffff88800b9f9a90 [ 242.587785] R13: ffff88800b9f98a8 R14: ffffffffffffffff R15: ffff888015a5fc60 [ 242.588804] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.589639] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.590246] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 242.591028] PKRU: 55555554 [ 242.591334] Call Trace: [ 242.591595] [ 242.591833] iommufd_ioas_destroy+0x53/0x70 [ 242.592285] iommufd_fops_release+0x1f7/0x370 [ 242.592755] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.593277] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.593787] ? write_comp_data+0x2f/0x90 [ 242.594339] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.595103] __fput+0x26d/0xa40 [ 242.595484] ____fput+0x1e/0x30 [ 242.595845] task_work_run+0x1a4/0x2d0 [ 242.596259] ? __pfx_task_work_run+0x10/0x10 [ 242.596723] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.597234] ? switch_task_namespaces+0xa9/0xe0 [ 242.597735] do_exit+0xb17/0x2ef0 [ 242.598093] ? lock_acquire+0x427/0x4c0 [ 242.598563] ? __pfx_lock_release+0x10/0x10 [ 242.599014] ? __kasan_check_write+0x18/0x20 [ 242.599491] ? do_raw_spin_lock+0x132/0x2a0 [ 242.599945] ? __pfx_do_exit+0x10/0x10 [ 242.600470] ? debug_smp_processor_id+0x20/0x30 [ 242.601173] ? rcu_is_watching+0x19/0xb0 [ 242.601733] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.602207] ? trace_hardirqs_on+0x26/0x120 [ 242.602697] do_group_exit+0xe0/0x2b0 [ 242.603101] __x64_sys_exit_group+0x47/0x50 [ 242.603561] do_syscall_64+0x3b/0x90 [ 242.603953] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.604492] RIP: 0033:0x7f4b87518a4d [ 242.604875] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.605504] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.606393] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.607486] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.608213] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.608945] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.609680] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.610429] [ 242.610718] irq event stamp: 0 [ 242.611042] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.611741] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.612889] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.613908] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.614587] ---[ end trace 0000000000000000 ]--- [ 242.619448] ------------[ cut here ]------------ [ 242.620007] WARNING: CPU: 1 PID: 2298 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.621062] Modules linked in: [ 242.621495] CPU: 1 PID: 2298 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.622812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.624007] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.624534] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.626445] RSP: 0018:ffff888023f9fbb8 EFLAGS: 00010246 [ 242.627235] RAX: 0000000000000000 RBX: ffff88802457c8a8 RCX: 0000000000000000 [ 242.628178] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 242.628921] RBP: ffff888023f9fbd0 R08: ffffed10048af933 R09: ffffed10048af933 [ 242.629654] R10: ffff88802457c993 R11: ffffed10048af932 R12: ffff888013d4fc00 [ 242.630402] R13: ffff88802457c9e8 R14: ffffffff8352e670 R15: ffff888023f9fe68 [ 242.631216] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.632369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.632982] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 242.633730] PKRU: 55555554 [ 242.634035] Call Trace: [ 242.634314] [ 242.634591] __iommufd_access_detach+0x1c2/0x2b0 [ 242.635112] iommufd_access_change_pt+0x149/0x270 [ 242.635648] iommufd_access_replace+0xb4/0x120 [ 242.636287] iommufd_test+0x3e5/0x37e0 [ 242.636869] ? lock_release+0x532/0x770 [ 242.637298] ? __might_fault+0x102/0x1b0 [ 242.637727] ? lock_acquire+0x427/0x4c0 [ 242.638154] ? __pfx_iommufd_test+0x10/0x10 [ 242.638631] ? __pfx_lock_release+0x10/0x10 [ 242.639098] ? __pfx_lock_acquire+0x10/0x10 [ 242.639579] ? write_comp_data+0x2f/0x90 [ 242.640023] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.640649] ? write_comp_data+0x2f/0x90 [ 242.641260] iommufd_fops_ioctl+0x37d/0x510 [ 242.641898] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.642425] ? write_comp_data+0x2f/0x90 [ 242.642901] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.643423] __x64_sys_ioctl+0x1a3/0x230 [ 242.643861] do_syscall_64+0x3b/0x90 [ 242.644268] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.644821] RIP: 0033:0x7f4b8743ee5d [ 242.645211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 242.647160] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 242.647963] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 242.648882] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 242.649926] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 242.650705] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 242.651463] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 242.652213] [ 242.652457] irq event stamp: 0 [ 242.652787] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.653566] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.654788] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.655686] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.656342] ---[ end trace 0000000000000000 ]--- [ 242.660740] ------------[ cut here ]------------ [ 242.661308] WARNING: CPU: 1 PID: 2298 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.662354] Modules linked in: [ 242.662863] CPU: 1 PID: 2298 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.664024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.665199] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.665725] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.667819] RSP: 0018:ffff888023f9fbd0 EFLAGS: 00010246 [ 242.668507] RAX: 0000000000000000 RBX: ffff88802457c8a8 RCX: 0000000000000000 [ 242.669252] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 242.669988] RBP: ffff888023f9fbe8 R08: ffffed10048af933 R09: ffffed10048af933 [ 242.670761] R10: ffff88802457c993 R11: ffffed10048af932 R12: ffff888013b14800 [ 242.671536] R13: ffff88802457c9e8 R14: ffff8880218e9a00 R15: 0000000000000000 [ 242.672433] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.673538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.674151] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 242.674932] PKRU: 55555554 [ 242.675256] Call Trace: [ 242.675524] [ 242.675761] iommufd_access_destroy_object+0x65/0x170 [ 242.676316] iommufd_object_destroy_user+0x18e/0x220 [ 242.676931] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 242.677793] iommufd_access_destroy+0x43/0x70 [ 242.678275] iommufd_test_staccess_release+0x8d/0xd0 [ 242.678865] __fput+0x26d/0xa40 [ 242.679248] ____fput+0x1e/0x30 [ 242.679609] task_work_run+0x1a4/0x2d0 [ 242.680034] ? __pfx_task_work_run+0x10/0x10 [ 242.680499] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.681017] ? switch_task_namespaces+0xa9/0xe0 [ 242.681603] do_exit+0xb17/0x2ef0 [ 242.682137] ? lock_acquire+0x427/0x4c0 [ 242.682779] ? __pfx_lock_release+0x10/0x10 [ 242.683269] ? __kasan_check_write+0x18/0x20 [ 242.683743] ? do_raw_spin_lock+0x132/0x2a0 [ 242.684201] ? __pfx_do_exit+0x10/0x10 [ 242.684628] ? debug_smp_processor_id+0x20/0x30 [ 242.685124] ? rcu_is_watching+0x19/0xb0 [ 242.685556] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.686041] ? trace_hardirqs_on+0x26/0x120 [ 242.686663] do_group_exit+0xe0/0x2b0 [ 242.687265] __x64_sys_exit_group+0x47/0x50 [ 242.687738] do_syscall_64+0x3b/0x90 [ 242.688141] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.688689] RIP: 0033:0x7f4b87518a4d [ 242.689082] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.689733] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.690580] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.691583] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.692623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.693369] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.694109] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.694898] [ 242.695178] irq event stamp: 0 [ 242.695513] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.696244] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.697477] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.698372] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.699075] ---[ end trace 0000000000000000 ]--- [ 242.702159] ------------[ cut here ]------------ [ 242.702769] WARNING: CPU: 1 PID: 2298 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 242.703887] Modules linked in: [ 242.704236] CPU: 1 PID: 2298 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.705253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.706861] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 242.707442] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 242.709383] RSP: 0018:ffff888023f9fb78 EFLAGS: 00010246 [ 242.709974] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 242.711011] RDX: 0000000000000000 RSI: ffff88800f4f0000 RDI: 0000000000000002 [ 242.711958] RBP: ffff888023f9fb98 R08: ffffed10048af93e R09: ffffed10048af93e [ 242.712712] R10: ffff88802457c9ef R11: ffffed10048af93d R12: ffff88802457ca90 [ 242.713477] R13: ffff88802457c8a8 R14: ffffffffffffffff R15: ffff888023f9fc60 [ 242.714231] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.715147] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.716017] CR2: 00007f82e2e99000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 242.716907] PKRU: 55555554 [ 242.717218] Call Trace: [ 242.717493] [ 242.717736] iommufd_ioas_destroy+0x53/0x70 [ 242.718212] iommufd_fops_release+0x1f7/0x370 [ 242.718730] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.719287] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.719827] ? write_comp_data+0x2f/0x90 [ 242.720426] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.721168] __fput+0x26d/0xa40 [ 242.721599] ____fput+0x1e/0x30 [ 242.721971] task_work_run+0x1a4/0x2d0 [ 242.722402] ? __pfx_task_work_run+0x10/0x10 [ 242.722913] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.723455] ? switch_task_namespaces+0xa9/0xe0 [ 242.723966] do_exit+0xb17/0x2ef0 [ 242.724335] ? lock_acquire+0x427/0x4c0 [ 242.724781] ? __pfx_lock_release+0x10/0x10 [ 242.725380] ? __kasan_check_write+0x18/0x20 [ 242.726050] ? do_raw_spin_lock+0x132/0x2a0 [ 242.726717] ? __pfx_do_exit+0x10/0x10 [ 242.727168] ? debug_smp_processor_id+0x20/0x30 [ 242.727674] ? rcu_is_watching+0x19/0xb0 [ 242.728114] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.728610] ? trace_hardirqs_on+0x26/0x120 [ 242.729080] do_group_exit+0xe0/0x2b0 [ 242.729494] __x64_sys_exit_group+0x47/0x50 [ 242.729953] do_syscall_64+0x3b/0x90 [ 242.730425] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.731242] RIP: 0033:0x7f4b87518a4d [ 242.731780] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.732439] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.733254] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.734019] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.734818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.735694] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.736726] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.737509] [ 242.737763] irq event stamp: 0 [ 242.738103] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.738803] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.739714] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.740738] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.741666] ---[ end trace 0000000000000000 ]--- [ 242.749651] ------------[ cut here ]------------ [ 242.750224] WARNING: CPU: 1 PID: 2299 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.751386] Modules linked in: [ 242.751733] CPU: 1 PID: 2299 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.752653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.754083] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.754870] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.756844] RSP: 0018:ffff888018907bb8 EFLAGS: 00010246 [ 242.757422] RAX: 0000000000000000 RBX: ffff88800bd668a8 RCX: 0000000000000000 [ 242.758200] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 242.759210] RBP: ffff888018907bd0 R08: ffffed10017acd33 R09: ffffed10017acd33 [ 242.760142] R10: ffff88800bd66993 R11: ffffed10017acd32 R12: ffff88800f4d3400 [ 242.760893] R13: ffff88800bd669e8 R14: ffffffff8352e670 R15: ffff888018907e68 [ 242.761659] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.762535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.763193] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 242.764157] PKRU: 55555554 [ 242.764564] Call Trace: [ 242.764947] [ 242.765209] __iommufd_access_detach+0x1c2/0x2b0 [ 242.765730] iommufd_access_change_pt+0x149/0x270 [ 242.766257] iommufd_access_replace+0xb4/0x120 [ 242.766790] iommufd_test+0x3e5/0x37e0 [ 242.767228] ? lock_release+0x532/0x770 [ 242.767667] ? __might_fault+0x102/0x1b0 [ 242.768112] ? lock_acquire+0x427/0x4c0 [ 242.768695] ? __pfx_iommufd_test+0x10/0x10 [ 242.769328] ? __pfx_lock_release+0x10/0x10 [ 242.769802] ? __pfx_lock_acquire+0x10/0x10 [ 242.770278] ? write_comp_data+0x2f/0x90 [ 242.770771] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.771314] ? write_comp_data+0x2f/0x90 [ 242.771765] iommufd_fops_ioctl+0x37d/0x510 [ 242.772227] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.772838] ? write_comp_data+0x2f/0x90 [ 242.773452] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.774149] __x64_sys_ioctl+0x1a3/0x230 [ 242.774627] do_syscall_64+0x3b/0x90 [ 242.775042] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.775609] RIP: 0033:0x7f4b8743ee5d [ 242.776013] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 242.778070] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 242.779100] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 242.779897] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 242.780654] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 242.781407] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 242.782178] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 242.783232] [ 242.783591] irq event stamp: 0 [ 242.783920] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.784591] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.785482] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.786366] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.787063] ---[ end trace 0000000000000000 ]--- [ 242.792631] ------------[ cut here ]------------ [ 242.793209] WARNING: CPU: 1 PID: 2299 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.794270] Modules linked in: [ 242.794698] CPU: 1 PID: 2299 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.795709] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.797333] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.797867] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.799814] RSP: 0018:ffff888018907bd0 EFLAGS: 00010246 [ 242.800372] RAX: 0000000000000000 RBX: ffff88800bd668a8 RCX: 0000000000000000 [ 242.801244] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 242.802266] RBP: ffff888018907be8 R08: ffffed10017acd33 R09: ffffed10017acd33 [ 242.803037] R10: ffff88800bd66993 R11: ffffed10017acd32 R12: ffff888013d4d400 [ 242.803797] R13: ffff88800bd669e8 R14: ffff888013884200 R15: 0000000000000000 [ 242.804546] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.805388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.806106] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 242.807295] PKRU: 55555554 [ 242.807608] Call Trace: [ 242.807883] [ 242.808119] iommufd_access_destroy_object+0x65/0x170 [ 242.808669] iommufd_object_destroy_user+0x18e/0x220 [ 242.809204] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 242.809821] iommufd_access_destroy+0x43/0x70 [ 242.810308] iommufd_test_staccess_release+0x8d/0xd0 [ 242.810884] __fput+0x26d/0xa40 [ 242.811350] ____fput+0x1e/0x30 [ 242.811883] task_work_run+0x1a4/0x2d0 [ 242.812315] ? __pfx_task_work_run+0x10/0x10 [ 242.812798] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.813329] ? switch_task_namespaces+0xa9/0xe0 [ 242.813841] do_exit+0xb17/0x2ef0 [ 242.814219] ? lock_acquire+0x427/0x4c0 [ 242.814697] ? __pfx_lock_release+0x10/0x10 [ 242.815182] ? __kasan_check_write+0x18/0x20 [ 242.815758] ? do_raw_spin_lock+0x132/0x2a0 [ 242.816366] ? __pfx_do_exit+0x10/0x10 [ 242.816979] ? debug_smp_processor_id+0x20/0x30 [ 242.817497] ? rcu_is_watching+0x19/0xb0 [ 242.817951] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.818441] ? trace_hardirqs_on+0x26/0x120 [ 242.818951] do_group_exit+0xe0/0x2b0 [ 242.819391] __x64_sys_exit_group+0x47/0x50 [ 242.819856] do_syscall_64+0x3b/0x90 [ 242.820264] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.820964] RIP: 0033:0x7f4b87518a4d [ 242.821577] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.822226] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.823062] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.823832] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.824572] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.825407] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.826472] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.827284] [ 242.827536] irq event stamp: 0 [ 242.827873] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.828539] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.829417] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.830393] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.831366] ---[ end trace 0000000000000000 ]--- [ 242.834731] ------------[ cut here ]------------ [ 242.835314] WARNING: CPU: 1 PID: 2299 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 242.836470] Modules linked in: [ 242.836926] CPU: 1 PID: 2299 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.838178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.839460] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 242.840021] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 242.841930] RSP: 0018:ffff888018907b78 EFLAGS: 00010246 [ 242.842702] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 242.843772] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 242.844521] RBP: ffff888018907b98 R08: ffffed10017acd3e R09: ffffed10017acd3e [ 242.845264] R10: ffff88800bd669ef R11: ffffed10017acd3d R12: ffff88800bd66a90 [ 242.846021] R13: ffff88800bd668a8 R14: ffffffffffffffff R15: ffff888018907c60 [ 242.846805] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.847842] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.848732] CR2: 00007f82e2ea3000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 242.849484] PKRU: 55555554 [ 242.849796] Call Trace: [ 242.850068] [ 242.850316] iommufd_ioas_destroy+0x53/0x70 [ 242.850822] iommufd_fops_release+0x1f7/0x370 [ 242.851337] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.851869] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.852421] ? write_comp_data+0x2f/0x90 [ 242.853003] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.853752] __fput+0x26d/0xa40 [ 242.854126] ____fput+0x1e/0x30 [ 242.854491] task_work_run+0x1a4/0x2d0 [ 242.854946] ? __pfx_task_work_run+0x10/0x10 [ 242.855441] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.855962] ? switch_task_namespaces+0xa9/0xe0 [ 242.856463] do_exit+0xb17/0x2ef0 [ 242.856833] ? lock_acquire+0x427/0x4c0 [ 242.857273] ? __pfx_lock_release+0x10/0x10 [ 242.857744] ? __kasan_check_write+0x18/0x20 [ 242.858222] ? do_raw_spin_lock+0x132/0x2a0 [ 242.858726] ? __pfx_do_exit+0x10/0x10 [ 242.859167] ? debug_smp_processor_id+0x20/0x30 [ 242.859661] ? rcu_is_watching+0x19/0xb0 [ 242.860164] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.860813] ? trace_hardirqs_on+0x26/0x120 [ 242.861482] do_group_exit+0xe0/0x2b0 [ 242.861900] __x64_sys_exit_group+0x47/0x50 [ 242.862357] do_syscall_64+0x3b/0x90 [ 242.862812] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.863390] RIP: 0033:0x7f4b87518a4d [ 242.863784] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.864448] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.865250] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.866005] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.867065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.868048] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.868797] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.869614] [ 242.869863] irq event stamp: 0 [ 242.870196] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.870914] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.871822] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.872717] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.873613] ---[ end trace 0000000000000000 ]--- [ 242.879546] ------------[ cut here ]------------ [ 242.880122] WARNING: CPU: 1 PID: 2300 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.881168] Modules linked in: [ 242.881508] CPU: 1 PID: 2300 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.882482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.884224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.884769] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.886715] RSP: 0018:ffff888023f9fbb8 EFLAGS: 00010246 [ 242.887318] RAX: 0000000000000000 RBX: ffff88800b8110a8 RCX: 0000000000000000 [ 242.888071] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 242.888974] RBP: ffff888023f9fbd0 R08: ffffed1001702233 R09: ffffed1001702233 [ 242.890038] R10: ffff88800b811193 R11: ffffed1001702232 R12: ffff888014392c00 [ 242.890838] R13: ffff88800b8111e8 R14: ffffffff8352e670 R15: ffff888023f9fe68 [ 242.891604] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.892440] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.893055] CR2: 00007f4b877410e8 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 242.893825] PKRU: 55555554 [ 242.894185] Call Trace: [ 242.894604] [ 242.894959] __iommufd_access_detach+0x1c2/0x2b0 [ 242.895508] iommufd_access_change_pt+0x149/0x270 [ 242.896034] iommufd_access_replace+0xb4/0x120 [ 242.896533] iommufd_test+0x3e5/0x37e0 [ 242.896949] ? lock_release+0x532/0x770 [ 242.897383] ? __might_fault+0x102/0x1b0 [ 242.897814] ? lock_acquire+0x427/0x4c0 [ 242.898246] ? __pfx_iommufd_test+0x10/0x10 [ 242.898757] ? __pfx_lock_release+0x10/0x10 [ 242.899246] ? __pfx_lock_acquire+0x10/0x10 [ 242.899711] ? write_comp_data+0x2f/0x90 [ 242.900215] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.900938] ? write_comp_data+0x2f/0x90 [ 242.901568] iommufd_fops_ioctl+0x37d/0x510 [ 242.902043] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.902615] ? write_comp_data+0x2f/0x90 [ 242.903071] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 242.903601] __x64_sys_ioctl+0x1a3/0x230 [ 242.904052] do_syscall_64+0x3b/0x90 [ 242.904472] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.905027] RIP: 0033:0x7f4b8743ee5d [ 242.905424] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 242.908047] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 242.908873] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 242.909624] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 242.910368] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 242.911181] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 242.911939] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 242.912744] [ 242.913062] irq event stamp: 0 [ 242.913573] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.914316] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.915277] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.916167] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.916834] ---[ end trace 0000000000000000 ]--- [ 242.920395] ------------[ cut here ]------------ [ 242.920952] WARNING: CPU: 1 PID: 2300 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 242.922017] Modules linked in: [ 242.922474] CPU: 1 PID: 2300 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.923780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.925048] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 242.925573] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 242.927499] RSP: 0018:ffff888023f9fbd0 EFLAGS: 00010246 [ 242.928059] RAX: 0000000000000000 RBX: ffff88800b8110a8 RCX: 0000000000000000 [ 242.928888] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 242.929913] RBP: ffff888023f9fbe8 R08: ffffed1001702233 R09: ffffed1001702233 [ 242.930718] R10: ffff88800b811193 R11: ffffed1001702232 R12: ffff88800f4d1800 [ 242.931483] R13: ffff88800b8111e8 R14: ffff88800b1d8500 R15: 0000000000000000 [ 242.932227] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.933061] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.933764] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 242.934849] PKRU: 55555554 [ 242.935174] Call Trace: [ 242.935442] [ 242.935679] iommufd_access_destroy_object+0x65/0x170 [ 242.936228] iommufd_object_destroy_user+0x18e/0x220 [ 242.936767] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 242.937378] iommufd_access_destroy+0x43/0x70 [ 242.937858] iommufd_test_staccess_release+0x8d/0xd0 [ 242.938399] __fput+0x26d/0xa40 [ 242.938912] ____fput+0x1e/0x30 [ 242.939434] task_work_run+0x1a4/0x2d0 [ 242.939866] ? __pfx_task_work_run+0x10/0x10 [ 242.940333] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.940858] ? switch_task_namespaces+0xa9/0xe0 [ 242.941367] do_exit+0xb17/0x2ef0 [ 242.941736] ? lock_acquire+0x427/0x4c0 [ 242.942170] ? __pfx_lock_release+0x10/0x10 [ 242.942673] ? __kasan_check_write+0x18/0x20 [ 242.943162] ? do_raw_spin_lock+0x132/0x2a0 [ 242.943630] ? __pfx_do_exit+0x10/0x10 [ 242.944142] ? debug_smp_processor_id+0x20/0x30 [ 242.944853] ? rcu_is_watching+0x19/0xb0 [ 242.945291] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.945778] ? trace_hardirqs_on+0x26/0x120 [ 242.946238] do_group_exit+0xe0/0x2b0 [ 242.946684] __x64_sys_exit_group+0x47/0x50 [ 242.947165] do_syscall_64+0x3b/0x90 [ 242.947575] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.948133] RIP: 0033:0x7f4b87518a4d [ 242.948528] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.949373] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.950476] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.951300] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.952025] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.952755] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.953490] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.954410] [ 242.954776] irq event stamp: 0 [ 242.955256] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.955977] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.956844] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.957721] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.958379] ---[ end trace 0000000000000000 ]--- [ 242.959567] ------------[ cut here ]------------ [ 242.960341] WARNING: CPU: 1 PID: 2300 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 242.961407] Modules linked in: [ 242.961749] CPU: 1 PID: 2300 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 242.962712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 242.963910] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 242.964605] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 242.966987] RSP: 0018:ffff888023f9fb78 EFLAGS: 00010246 [ 242.967571] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 242.968330] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 242.969074] RBP: ffff888023f9fb98 R08: ffffed100170223e R09: ffffed100170223e [ 242.969817] R10: ffff88800b8111ef R11: ffffed100170223d R12: ffff88800b811290 [ 242.970818] R13: ffff88800b8110a8 R14: ffffffffffffffff R15: ffff888023f9fc60 [ 242.971751] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 242.972587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 242.973190] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 242.973940] PKRU: 55555554 [ 242.974242] Call Trace: [ 242.974572] [ 242.974816] iommufd_ioas_destroy+0x53/0x70 [ 242.975304] iommufd_fops_release+0x1f7/0x370 [ 242.975789] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.976467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.977192] ? write_comp_data+0x2f/0x90 [ 242.977631] ? __pfx_iommufd_fops_release+0x10/0x10 [ 242.978156] __fput+0x26d/0xa40 [ 242.978567] ____fput+0x1e/0x30 [ 242.978926] task_work_run+0x1a4/0x2d0 [ 242.979360] ? __pfx_task_work_run+0x10/0x10 [ 242.979826] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 242.980338] ? switch_task_namespaces+0xa9/0xe0 [ 242.980847] do_exit+0xb17/0x2ef0 [ 242.981300] ? lock_acquire+0x427/0x4c0 [ 242.981918] ? __pfx_lock_release+0x10/0x10 [ 242.982387] ? __kasan_check_write+0x18/0x20 [ 242.982899] ? do_raw_spin_lock+0x132/0x2a0 [ 242.983379] ? __pfx_do_exit+0x10/0x10 [ 242.983808] ? debug_smp_processor_id+0x20/0x30 [ 242.984314] ? rcu_is_watching+0x19/0xb0 [ 242.984742] ? _raw_spin_unlock_irq+0x2b/0x60 [ 242.985219] ? trace_hardirqs_on+0x26/0x120 [ 242.985683] do_group_exit+0xe0/0x2b0 [ 242.986092] __x64_sys_exit_group+0x47/0x50 [ 242.986716] do_syscall_64+0x3b/0x90 [ 242.987295] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 242.987855] RIP: 0033:0x7f4b87518a4d [ 242.988249] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 242.988898] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 242.989683] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 242.990422] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 242.991268] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 242.992297] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 242.993042] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 242.993789] [ 242.994042] irq event stamp: 0 [ 242.994375] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 242.995077] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 242.995967] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 242.996943] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 242.997862] ---[ end trace 0000000000000000 ]--- [ 243.008875] ------------[ cut here ]------------ [ 243.009578] WARNING: CPU: 0 PID: 2301 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.011060] Modules linked in: [ 243.011552] CPU: 0 PID: 2301 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.012738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.014257] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.015085] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.017567] RSP: 0018:ffff88801801fbb8 EFLAGS: 00010246 [ 243.018300] RAX: 0000000000000000 RBX: ffff888010b7c8a8 RCX: 0000000000000000 [ 243.019327] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 243.020303] RBP: ffff88801801fbd0 R08: ffffed100216f933 R09: ffffed100216f933 [ 243.021270] R10: ffff888010b7c993 R11: ffffed100216f932 R12: ffff88801226fc00 [ 243.022229] R13: ffff888010b7c9e8 R14: ffffffff8352e670 R15: ffff88801801fe68 [ 243.023265] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.024357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.025145] CR2: 00007f4b877410e8 CR3: 0000000015e5e000 CR4: 0000000000750ef0 [ 243.026111] PKRU: 55555554 [ 243.026550] Call Trace: [ 243.026914] [ 243.027252] __iommufd_access_detach+0x1c2/0x2b0 [ 243.027937] iommufd_access_change_pt+0x149/0x270 [ 243.028613] iommufd_access_replace+0xb4/0x120 [ 243.029260] iommufd_test+0x3e5/0x37e0 [ 243.029798] ? lock_release+0x532/0x770 [ 243.030362] ? __might_fault+0x102/0x1b0 [ 243.031005] ? lock_acquire+0x427/0x4c0 [ 243.031604] ? __pfx_iommufd_test+0x10/0x10 [ 243.032198] ? __pfx_lock_release+0x10/0x10 [ 243.032801] ? __pfx_lock_acquire+0x10/0x10 [ 243.033411] ? write_comp_data+0x2f/0x90 [ 243.033989] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.034718] ? write_comp_data+0x2f/0x90 [ 243.035303] iommufd_fops_ioctl+0x37d/0x510 [ 243.035887] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.036564] ? write_comp_data+0x2f/0x90 [ 243.037142] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.037815] __x64_sys_ioctl+0x1a3/0x230 [ 243.038396] do_syscall_64+0x3b/0x90 [ 243.038977] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.039744] RIP: 0033:0x7f4b8743ee5d [ 243.040259] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 243.042727] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 243.043763] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 243.044706] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 243.045655] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 243.046671] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 243.047663] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 243.048651] [ 243.048977] irq event stamp: 0 [ 243.049412] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.050269] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.051466] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.052581] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.053432] ---[ end trace 0000000000000000 ]--- [ 243.058446] ------------[ cut here ]------------ [ 243.059181] WARNING: CPU: 0 PID: 2301 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.060554] Modules linked in: [ 243.060997] CPU: 0 PID: 2301 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.062170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.063700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.064369] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.066778] RSP: 0018:ffff88801801fbd0 EFLAGS: 00010246 [ 243.067505] RAX: 0000000000000000 RBX: ffff888010b7c8a8 RCX: 0000000000000000 [ 243.068438] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 243.069371] RBP: ffff88801801fbe8 R08: ffffed100216f933 R09: ffffed100216f933 [ 243.070299] R10: ffff888010b7c993 R11: ffffed100216f932 R12: ffff888014612800 [ 243.071282] R13: ffff888010b7c9e8 R14: ffff88800ef76b00 R15: 0000000000000000 [ 243.072222] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.073269] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.074029] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.075023] PKRU: 55555554 [ 243.075439] Call Trace: [ 243.075783] [ 243.076090] iommufd_access_destroy_object+0x65/0x170 [ 243.076779] iommufd_object_destroy_user+0x18e/0x220 [ 243.077460] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 243.078229] iommufd_access_destroy+0x43/0x70 [ 243.078887] iommufd_test_staccess_release+0x8d/0xd0 [ 243.079599] __fput+0x26d/0xa40 [ 243.080061] ____fput+0x1e/0x30 [ 243.080516] task_work_run+0x1a4/0x2d0 [ 243.081047] ? __pfx_task_work_run+0x10/0x10 [ 243.081635] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.082279] ? switch_task_namespaces+0xa9/0xe0 [ 243.082934] do_exit+0xb17/0x2ef0 [ 243.083397] ? lock_acquire+0x427/0x4c0 [ 243.083922] ? __pfx_lock_release+0x10/0x10 [ 243.084482] ? __kasan_check_write+0x18/0x20 [ 243.085050] ? do_raw_spin_lock+0x132/0x2a0 [ 243.085602] ? __pfx_do_exit+0x10/0x10 [ 243.086113] ? debug_smp_processor_id+0x20/0x30 [ 243.086756] ? rcu_is_watching+0x19/0xb0 [ 243.087297] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.087886] ? trace_hardirqs_on+0x26/0x120 [ 243.088446] do_group_exit+0xe0/0x2b0 [ 243.088937] __x64_sys_exit_group+0x47/0x50 [ 243.089482] do_syscall_64+0x3b/0x90 [ 243.089974] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.090692] RIP: 0033:0x7f4b87518a4d [ 243.091192] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.091971] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.092923] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.093818] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.094749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.095668] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.096560] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.097470] [ 243.097773] irq event stamp: 0 [ 243.098179] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.099005] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.100071] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.101116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.101913] ---[ end trace 0000000000000000 ]--- [ 243.103286] ------------[ cut here ]------------ [ 243.103896] WARNING: CPU: 0 PID: 2301 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 243.105179] Modules linked in: [ 243.105589] CPU: 0 PID: 2301 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.106757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.108190] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 243.108843] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 243.111179] RSP: 0018:ffff88801801fb78 EFLAGS: 00010246 [ 243.111863] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 243.112756] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 243.113646] RBP: ffff88801801fb98 R08: ffffed100216f93e R09: ffffed100216f93e [ 243.114571] R10: ffff888010b7c9ef R11: ffffed100216f93d R12: ffff888010b7ca90 [ 243.115492] R13: ffff888010b7c8a8 R14: ffffffffffffffff R15: ffff88801801fc60 [ 243.116386] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.117761] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.118502] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.119564] PKRU: 55555554 [ 243.120106] Call Trace: [ 243.120443] [ 243.120740] iommufd_ioas_destroy+0x53/0x70 [ 243.121301] iommufd_fops_release+0x1f7/0x370 [ 243.121916] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.122785] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.123446] ? write_comp_data+0x2f/0x90 [ 243.123983] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.124894] __fput+0x26d/0xa40 [ 243.125350] ____fput+0x1e/0x30 [ 243.125786] task_work_run+0x1a4/0x2d0 [ 243.126299] ? __pfx_task_work_run+0x10/0x10 [ 243.127203] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.127847] ? switch_task_namespaces+0xa9/0xe0 [ 243.128464] do_exit+0xb17/0x2ef0 [ 243.128914] ? lock_acquire+0x427/0x4c0 [ 243.129703] ? __pfx_lock_release+0x10/0x10 [ 243.130273] ? __kasan_check_write+0x18/0x20 [ 243.130890] ? do_raw_spin_lock+0x132/0x2a0 [ 243.131474] ? __pfx_do_exit+0x10/0x10 [ 243.132246] ? debug_smp_processor_id+0x20/0x30 [ 243.132852] ? rcu_is_watching+0x19/0xb0 [ 243.133378] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.134047] ? trace_hardirqs_on+0x26/0x120 [ 243.134819] do_group_exit+0xe0/0x2b0 [ 243.135341] __x64_sys_exit_group+0x47/0x50 [ 243.135892] do_syscall_64+0x3b/0x90 [ 243.136483] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.137310] RIP: 0033:0x7f4b87518a4d [ 243.137792] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.138704] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.139834] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.140741] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.141893] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.142844] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.144007] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.144928] [ 243.145232] irq event stamp: 0 [ 243.145684] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.146683] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.147760] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.148812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.149606] ---[ end trace 0000000000000000 ]--- [ 243.159398] ------------[ cut here ]------------ [ 243.160048] WARNING: CPU: 0 PID: 2302 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.161329] Modules linked in: [ 243.161742] CPU: 0 PID: 2302 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.162897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.164339] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.164975] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.167292] RSP: 0018:ffff888023fb7bb8 EFLAGS: 00010246 [ 243.167974] RAX: 0000000000000000 RBX: ffff88800b9fc8a8 RCX: 0000000000000000 [ 243.168870] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 243.169765] RBP: ffff888023fb7bd0 R08: ffffed100173f933 R09: ffffed100173f933 [ 243.170702] R10: ffff88800b9fc993 R11: ffffed100173f932 R12: ffff8880129c5000 [ 243.171623] R13: ffff88800b9fc9e8 R14: ffffffff8352e670 R15: ffff888023fb7e68 [ 243.172517] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.173520] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.174251] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ef0 [ 243.175206] PKRU: 55555554 [ 243.175578] Call Trace: [ 243.175909] [ 243.176204] __iommufd_access_detach+0x1c2/0x2b0 [ 243.176834] iommufd_access_change_pt+0x149/0x270 [ 243.177467] iommufd_access_replace+0xb4/0x120 [ 243.178065] iommufd_test+0x3e5/0x37e0 [ 243.178623] ? lock_release+0x532/0x770 [ 243.179176] ? __might_fault+0x102/0x1b0 [ 243.179713] ? lock_acquire+0x427/0x4c0 [ 243.180240] ? __pfx_iommufd_test+0x10/0x10 [ 243.180794] ? __pfx_lock_release+0x10/0x10 [ 243.181355] ? __pfx_lock_acquire+0x10/0x10 [ 243.181920] ? write_comp_data+0x2f/0x90 [ 243.182451] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.183133] ? write_comp_data+0x2f/0x90 [ 243.183677] iommufd_fops_ioctl+0x37d/0x510 [ 243.184238] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.184876] ? write_comp_data+0x2f/0x90 [ 243.185428] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.186052] __x64_sys_ioctl+0x1a3/0x230 [ 243.186659] do_syscall_64+0x3b/0x90 [ 243.187179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.187852] RIP: 0033:0x7f4b8743ee5d [ 243.188330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 243.190692] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 243.191679] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 243.192583] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 243.193479] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 243.194372] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 243.195325] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 243.196246] [ 243.196548] irq event stamp: 0 [ 243.196953] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.197745] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.198833] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.199908] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.200706] ---[ end trace 0000000000000000 ]--- [ 243.205539] ------------[ cut here ]------------ [ 243.206170] WARNING: CPU: 0 PID: 2302 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.207529] Modules linked in: [ 243.207951] CPU: 0 PID: 2302 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.209049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.210456] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.211149] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.213439] RSP: 0018:ffff888023fb7bd0 EFLAGS: 00010246 [ 243.214115] RAX: 0000000000000000 RBX: ffff88800b9fc8a8 RCX: 0000000000000000 [ 243.215054] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 243.215972] RBP: ffff888023fb7be8 R08: ffffed100173f933 R09: ffffed100173f933 [ 243.216866] R10: ffff88800b9fc993 R11: ffffed100173f932 R12: ffff88801226f800 [ 243.217756] R13: ffff88800b9fc9e8 R14: ffff888012245c00 R15: 0000000000000000 [ 243.218690] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.219733] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.220468] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.221371] PKRU: 55555554 [ 243.221735] Call Trace: [ 243.222066] [ 243.222364] iommufd_access_destroy_object+0x65/0x170 [ 243.223082] iommufd_object_destroy_user+0x18e/0x220 [ 243.223767] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 243.224516] iommufd_access_destroy+0x43/0x70 [ 243.225106] iommufd_test_staccess_release+0x8d/0xd0 [ 243.225767] __fput+0x26d/0xa40 [ 243.226216] ____fput+0x1e/0x30 [ 243.226699] task_work_run+0x1a4/0x2d0 [ 243.227237] ? __pfx_task_work_run+0x10/0x10 [ 243.227811] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.228445] ? switch_task_namespaces+0xa9/0xe0 [ 243.229061] do_exit+0xb17/0x2ef0 [ 243.229513] ? lock_acquire+0x427/0x4c0 [ 243.230037] ? __pfx_lock_release+0x10/0x10 [ 243.230639] ? __kasan_check_write+0x18/0x20 [ 243.231235] ? do_raw_spin_lock+0x132/0x2a0 [ 243.231791] ? __pfx_do_exit+0x10/0x10 [ 243.232303] ? debug_smp_processor_id+0x20/0x30 [ 243.232903] ? rcu_is_watching+0x19/0xb0 [ 243.233426] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.234015] ? trace_hardirqs_on+0x26/0x120 [ 243.234626] do_group_exit+0xe0/0x2b0 [ 243.235144] __x64_sys_exit_group+0x47/0x50 [ 243.235701] do_syscall_64+0x3b/0x90 [ 243.236197] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.236872] RIP: 0033:0x7f4b87518a4d [ 243.237350] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.238130] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.239164] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.240081] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.240980] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.241875] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.242816] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.243751] [ 243.244056] irq event stamp: 0 [ 243.244461] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.245259] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.246311] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.247421] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.248226] ---[ end trace 0000000000000000 ]--- [ 243.249820] ------------[ cut here ]------------ [ 243.250462] WARNING: CPU: 1 PID: 2302 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 243.251776] Modules linked in: [ 243.252174] CPU: 1 PID: 2302 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.253209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.254695] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 243.255356] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 243.257558] RSP: 0018:ffff888023fb7b78 EFLAGS: 00010246 [ 243.258189] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 243.259107] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 243.260026] RBP: ffff888023fb7b98 R08: ffffed100173f93e R09: ffffed100173f93e [ 243.260885] R10: ffff88800b9fc9ef R11: ffffed100173f93d R12: ffff88800b9fca90 [ 243.261746] R13: ffff88800b9fc8a8 R14: ffffffffffffffff R15: ffff888023fb7c60 [ 243.262666] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 243.263635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.264184] CR2: 00007f82e2eba000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 243.264847] PKRU: 55555554 [ 243.265112] Call Trace: [ 243.265350] [ 243.265566] iommufd_ioas_destroy+0x53/0x70 [ 243.265988] iommufd_fops_release+0x1f7/0x370 [ 243.266417] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.266939] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.267429] ? write_comp_data+0x2f/0x90 [ 243.267828] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.268300] __fput+0x26d/0xa40 [ 243.268624] ____fput+0x1e/0x30 [ 243.268943] task_work_run+0x1a4/0x2d0 [ 243.269322] ? __pfx_task_work_run+0x10/0x10 [ 243.269744] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.270211] ? switch_task_namespaces+0xa9/0xe0 [ 243.270690] do_exit+0xb17/0x2ef0 [ 243.271020] ? lock_acquire+0x427/0x4c0 [ 243.271427] ? __pfx_lock_release+0x10/0x10 [ 243.271848] ? __kasan_check_write+0x18/0x20 [ 243.272271] ? do_raw_spin_lock+0x132/0x2a0 [ 243.272687] ? __pfx_do_exit+0x10/0x10 [ 243.273070] ? debug_smp_processor_id+0x20/0x30 [ 243.273511] ? rcu_is_watching+0x19/0xb0 [ 243.273897] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.274331] ? trace_hardirqs_on+0x26/0x120 [ 243.274785] do_group_exit+0xe0/0x2b0 [ 243.275166] __x64_sys_exit_group+0x47/0x50 [ 243.275578] do_syscall_64+0x3b/0x90 [ 243.275945] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.276443] RIP: 0033:0x7f4b87518a4d [ 243.276802] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.277388] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.278100] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.278809] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.279494] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.280160] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.280830] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.281509] [ 243.281731] irq event stamp: 0 [ 243.282037] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.282723] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.283601] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.284455] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.285102] ---[ end trace 0000000000000000 ]--- [ 243.290992] ------------[ cut here ]------------ [ 243.291652] WARNING: CPU: 0 PID: 2303 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.292869] Modules linked in: [ 243.293264] CPU: 0 PID: 2303 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.294323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.296080] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.296757] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.299146] RSP: 0018:ffff888016eefbb8 EFLAGS: 00010246 [ 243.299852] RAX: 0000000000000000 RBX: ffff88801810b0a8 RCX: 0000000000000000 [ 243.300784] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 243.301712] RBP: ffff888016eefbd0 R08: ffffed1003021633 R09: ffffed1003021633 [ 243.302671] R10: ffff88801810b193 R11: ffffed1003021632 R12: ffff88801404f000 [ 243.303616] R13: ffff88801810b1e8 R14: ffffffff8352e670 R15: ffff888016eefe68 [ 243.304546] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.305588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.306348] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ef0 [ 243.307367] PKRU: 55555554 [ 243.307746] Call Trace: [ 243.308090] [ 243.308401] __iommufd_access_detach+0x1c2/0x2b0 [ 243.309051] iommufd_access_change_pt+0x149/0x270 [ 243.309701] iommufd_access_replace+0xb4/0x120 [ 243.310321] iommufd_test+0x3e5/0x37e0 [ 243.310867] ? lock_release+0x532/0x770 [ 243.311581] ? __might_fault+0x102/0x1b0 [ 243.312033] ? lock_acquire+0x427/0x4c0 [ 243.312525] ? __pfx_iommufd_test+0x10/0x10 [ 243.313076] ? __pfx_lock_release+0x10/0x10 [ 243.313618] ? __pfx_lock_acquire+0x10/0x10 [ 243.314165] ? write_comp_data+0x2f/0x90 [ 243.314742] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.315385] ? write_comp_data+0x2f/0x90 [ 243.315906] iommufd_fops_ioctl+0x37d/0x510 [ 243.316459] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.317044] ? write_comp_data+0x2f/0x90 [ 243.317541] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.318109] __x64_sys_ioctl+0x1a3/0x230 [ 243.318640] do_syscall_64+0x3b/0x90 [ 243.319077] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.319728] RIP: 0033:0x7f4b8743ee5d [ 243.320150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 243.322106] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 243.322899] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 243.323862] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 243.324781] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 243.325694] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 243.326672] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 243.327548] [ 243.327776] irq event stamp: 0 [ 243.328058] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.328635] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.329392] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.330150] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.330779] ---[ end trace 0000000000000000 ]--- [ 243.335868] ------------[ cut here ]------------ [ 243.336512] WARNING: CPU: 0 PID: 2303 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.337800] Modules linked in: [ 243.338230] CPU: 0 PID: 2303 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.339418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.340842] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.341498] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.343851] RSP: 0018:ffff888016eefbd0 EFLAGS: 00010246 [ 243.344541] RAX: 0000000000000000 RBX: ffff88801810b0a8 RCX: 0000000000000000 [ 243.345448] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 243.346352] RBP: ffff888016eefbe8 R08: ffffed1003021633 R09: ffffed1003021633 [ 243.347319] R10: ffff88801810b193 R11: ffffed1003021632 R12: ffff8880129c7400 [ 243.348220] R13: ffff88801810b1e8 R14: ffff8880122bad00 R15: 0000000000000000 [ 243.349100] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.350087] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.350850] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.351693] PKRU: 55555554 [ 243.351959] Call Trace: [ 243.352192] [ 243.352404] iommufd_access_destroy_object+0x65/0x170 [ 243.352888] iommufd_object_destroy_user+0x18e/0x220 [ 243.353360] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 243.353899] iommufd_access_destroy+0x43/0x70 [ 243.354317] iommufd_test_staccess_release+0x8d/0xd0 [ 243.354838] __fput+0x26d/0xa40 [ 243.355394] ____fput+0x1e/0x30 [ 243.355857] task_work_run+0x1a4/0x2d0 [ 243.356375] ? __pfx_task_work_run+0x10/0x10 [ 243.356951] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.357580] ? switch_task_namespaces+0xa9/0xe0 [ 243.358193] do_exit+0xb17/0x2ef0 [ 243.358712] ? lock_acquire+0x427/0x4c0 [ 243.359286] ? __pfx_lock_release+0x10/0x10 [ 243.359847] ? __kasan_check_write+0x18/0x20 [ 243.360420] ? do_raw_spin_lock+0x132/0x2a0 [ 243.360978] ? __pfx_do_exit+0x10/0x10 [ 243.361498] ? debug_smp_processor_id+0x20/0x30 [ 243.362100] ? rcu_is_watching+0x19/0xb0 [ 243.362678] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.363298] ? trace_hardirqs_on+0x26/0x120 [ 243.363860] do_group_exit+0xe0/0x2b0 [ 243.364355] __x64_sys_exit_group+0x47/0x50 [ 243.364906] do_syscall_64+0x3b/0x90 [ 243.365403] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.366073] RIP: 0033:0x7f4b87518a4d [ 243.366605] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.367411] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.368353] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.369235] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.370118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.371051] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.371977] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.372888] [ 243.373691] irq event stamp: 0 [ 243.374258] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.375369] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.376415] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.377457] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.378385] ---[ end trace 0000000000000000 ]--- [ 243.380262] ------------[ cut here ]------------ [ 243.380992] WARNING: CPU: 0 PID: 2303 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 243.382256] Modules linked in: [ 243.382739] CPU: 0 PID: 2303 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.383835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.385205] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 243.385855] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 243.388182] RSP: 0018:ffff888016eefb78 EFLAGS: 00010246 [ 243.388859] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 243.389727] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 243.390639] RBP: ffff888016eefb98 R08: ffffed100302163e R09: ffffed100302163e [ 243.391542] R10: ffff88801810b1ef R11: ffffed100302163d R12: ffff88801810b290 [ 243.392418] R13: ffff88801810b0a8 R14: ffffffffffffffff R15: ffff888016eefc60 [ 243.393302] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.394293] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.395116] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.396326] PKRU: 55555554 [ 243.396761] Call Trace: [ 243.397212] [ 243.397501] iommufd_ioas_destroy+0x53/0x70 [ 243.398042] iommufd_fops_release+0x1f7/0x370 [ 243.398673] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.399579] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.400215] ? write_comp_data+0x2f/0x90 [ 243.400740] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.401464] __fput+0x26d/0xa40 [ 243.402094] ____fput+0x1e/0x30 [ 243.402589] task_work_run+0x1a4/0x2d0 [ 243.403106] ? __pfx_task_work_run+0x10/0x10 [ 243.403793] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.404545] ? switch_task_namespaces+0xa9/0xe0 [ 243.405148] do_exit+0xb17/0x2ef0 [ 243.405673] ? lock_acquire+0x427/0x4c0 [ 243.406341] ? __pfx_lock_release+0x10/0x10 [ 243.406966] ? __kasan_check_write+0x18/0x20 [ 243.407566] ? do_raw_spin_lock+0x132/0x2a0 [ 243.408351] ? __pfx_do_exit+0x10/0x10 [ 243.408874] ? debug_smp_processor_id+0x20/0x30 [ 243.409467] ? rcu_is_watching+0x19/0xb0 [ 243.410043] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.410819] ? trace_hardirqs_on+0x26/0x120 [ 243.411391] do_group_exit+0xe0/0x2b0 [ 243.411888] __x64_sys_exit_group+0x47/0x50 [ 243.412540] do_syscall_64+0x3b/0x90 [ 243.413192] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.413868] RIP: 0033:0x7f4b87518a4d [ 243.414424] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.415399] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.416344] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.417469] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.418355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.419596] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.420485] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.421665] [ 243.421975] irq event stamp: 0 [ 243.422370] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.423226] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.424492] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.425595] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.426608] ---[ end trace 0000000000000000 ]--- [ 243.433659] ------------[ cut here ]------------ [ 243.434560] WARNING: CPU: 0 PID: 2304 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.435853] Modules linked in: [ 243.436312] CPU: 0 PID: 2304 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.437522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.438970] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.439630] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.441848] RSP: 0018:ffff88800f687bb8 EFLAGS: 00010246 [ 243.442569] RAX: 0000000000000000 RBX: ffff8880160358a8 RCX: 0000000000000000 [ 243.443467] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 243.444350] RBP: ffff88800f687bd0 R08: ffffed1002c06b33 R09: ffffed1002c06b33 [ 243.445235] R10: ffff888016035993 R11: ffffed1002c06b32 R12: ffff8880121c4800 [ 243.446124] R13: ffff8880160359e8 R14: ffffffff8352e670 R15: ffff88800f687e68 [ 243.447059] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.448085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.448807] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ef0 [ 243.449699] PKRU: 55555554 [ 243.450062] Call Trace: [ 243.450382] [ 243.450718] __iommufd_access_detach+0x1c2/0x2b0 [ 243.451368] iommufd_access_change_pt+0x149/0x270 [ 243.451995] iommufd_access_replace+0xb4/0x120 [ 243.452593] iommufd_test+0x3e5/0x37e0 [ 243.453088] ? lock_release+0x532/0x770 [ 243.453611] ? __might_fault+0x102/0x1b0 [ 243.454123] ? lock_acquire+0x427/0x4c0 [ 243.454676] ? __pfx_iommufd_test+0x10/0x10 [ 243.455231] ? __pfx_lock_release+0x10/0x10 [ 243.455771] ? __pfx_lock_acquire+0x10/0x10 [ 243.456319] ? write_comp_data+0x2f/0x90 [ 243.456836] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.457454] ? write_comp_data+0x2f/0x90 [ 243.457967] iommufd_fops_ioctl+0x37d/0x510 [ 243.458545] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.459187] ? write_comp_data+0x2f/0x90 [ 243.459706] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.460302] __x64_sys_ioctl+0x1a3/0x230 [ 243.460820] do_syscall_64+0x3b/0x90 [ 243.461302] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.461942] RIP: 0033:0x7f4b8743ee5d [ 243.462398] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 243.464594] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 243.465511] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 243.466363] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 243.467278] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 243.468139] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 243.468997] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 243.469869] [ 243.470163] irq event stamp: 0 [ 243.470594] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.471380] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.472374] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.473345] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.474087] ---[ end trace 0000000000000000 ]--- [ 243.479325] ------------[ cut here ]------------ [ 243.479880] WARNING: CPU: 0 PID: 2304 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.481098] Modules linked in: [ 243.481612] CPU: 0 PID: 2304 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.482658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.484144] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.484728] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.487015] RSP: 0018:ffff88800f687bd0 EFLAGS: 00010246 [ 243.487830] RAX: 0000000000000000 RBX: ffff8880160358a8 RCX: 0000000000000000 [ 243.488644] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 243.489635] RBP: ffff88800f687be8 R08: ffffed1002c06b33 R09: ffffed1002c06b33 [ 243.490447] R10: ffff888016035993 R11: ffffed1002c06b32 R12: ffff88801404dc00 [ 243.491493] R13: ffff8880160359e8 R14: ffff88800f503900 R15: 0000000000000000 [ 243.492308] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.493222] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.493882] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.494734] PKRU: 55555554 [ 243.495071] Call Trace: [ 243.495383] [ 243.495653] iommufd_access_destroy_object+0x65/0x170 [ 243.496255] iommufd_object_destroy_user+0x18e/0x220 [ 243.496855] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 243.497537] iommufd_access_destroy+0x43/0x70 [ 243.498079] iommufd_test_staccess_release+0x8d/0xd0 [ 243.498726] __fput+0x26d/0xa40 [ 243.499160] ____fput+0x1e/0x30 [ 243.499559] task_work_run+0x1a4/0x2d0 [ 243.500019] ? __pfx_task_work_run+0x10/0x10 [ 243.500537] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.501115] ? switch_task_namespaces+0xa9/0xe0 [ 243.501672] do_exit+0xb17/0x2ef0 [ 243.502083] ? lock_acquire+0x427/0x4c0 [ 243.502598] ? __pfx_lock_release+0x10/0x10 [ 243.503115] ? __kasan_check_write+0x18/0x20 [ 243.503664] ? do_raw_spin_lock+0x132/0x2a0 [ 243.504171] ? __pfx_do_exit+0x10/0x10 [ 243.504637] ? debug_smp_processor_id+0x20/0x30 [ 243.505181] ? rcu_is_watching+0x19/0xb0 [ 243.505658] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.506193] ? trace_hardirqs_on+0x26/0x120 [ 243.506743] do_group_exit+0xe0/0x2b0 [ 243.507213] __x64_sys_exit_group+0x47/0x50 [ 243.507716] do_syscall_64+0x3b/0x90 [ 243.508172] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.508783] RIP: 0033:0x7f4b87518a4d [ 243.509214] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.509913] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.510809] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.511643] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.512451] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.513261] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.514074] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.514937] [ 243.515262] irq event stamp: 0 [ 243.515626] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.516344] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.517295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.518242] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.518996] ---[ end trace 0000000000000000 ]--- [ 243.520406] ------------[ cut here ]------------ [ 243.520951] WARNING: CPU: 0 PID: 2304 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 243.522181] Modules linked in: [ 243.522803] CPU: 0 PID: 2304 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.523816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.525308] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 243.525907] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 243.528189] RSP: 0018:ffff88800f687b78 EFLAGS: 00010246 [ 243.528979] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 243.529781] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 243.530805] RBP: ffff88800f687b98 R08: ffffed1002c06b3e R09: ffffed1002c06b3e [ 243.531619] R10: ffff8880160359ef R11: ffffed1002c06b3d R12: ffff888016035a90 [ 243.532620] R13: ffff8880160358a8 R14: ffffffffffffffff R15: ffff88800f687c60 [ 243.533435] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.534579] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.535263] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.536108] PKRU: 55555554 [ 243.536520] Call Trace: [ 243.536813] [ 243.537074] iommufd_ioas_destroy+0x53/0x70 [ 243.537576] iommufd_fops_release+0x1f7/0x370 [ 243.538099] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.538710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.539310] ? write_comp_data+0x2f/0x90 [ 243.539657] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.540046] __fput+0x26d/0xa40 [ 243.540317] ____fput+0x1e/0x30 [ 243.540584] task_work_run+0x1a4/0x2d0 [ 243.540905] ? __pfx_task_work_run+0x10/0x10 [ 243.541253] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.541639] ? switch_task_namespaces+0xa9/0xe0 [ 243.542033] do_exit+0xb17/0x2ef0 [ 243.542307] ? lock_acquire+0x427/0x4c0 [ 243.542654] ? __pfx_lock_release+0x10/0x10 [ 243.543093] ? __kasan_check_write+0x18/0x20 [ 243.543482] ? do_raw_spin_lock+0x132/0x2a0 [ 243.543816] ? __pfx_do_exit+0x10/0x10 [ 243.544125] ? debug_smp_processor_id+0x20/0x30 [ 243.544501] ? rcu_is_watching+0x19/0xb0 [ 243.544818] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.545175] ? trace_hardirqs_on+0x26/0x120 [ 243.545524] do_group_exit+0xe0/0x2b0 [ 243.545820] __x64_sys_exit_group+0x47/0x50 [ 243.546150] do_syscall_64+0x3b/0x90 [ 243.546454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.546889] RIP: 0033:0x7f4b87518a4d [ 243.547275] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.547778] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.548355] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.548903] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.549452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.549995] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.550551] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.551180] [ 243.551360] irq event stamp: 0 [ 243.551599] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.552083] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.552710] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.553347] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.553822] ---[ end trace 0000000000000000 ]--- [ 243.560058] ------------[ cut here ]------------ [ 243.560551] WARNING: CPU: 0 PID: 2305 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.561696] Modules linked in: [ 243.562022] CPU: 0 PID: 2305 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.562933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.564100] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.564549] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.566224] RSP: 0018:ffff88800fab7bb8 EFLAGS: 00010246 [ 243.566815] RAX: 0000000000000000 RBX: ffff88800f1c10a8 RCX: 0000000000000000 [ 243.567434] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 243.568044] RBP: ffff88800fab7bd0 R08: ffffed1001e38233 R09: ffffed1001e38233 [ 243.568784] R10: ffff88800f1c1193 R11: ffffed1001e38232 R12: ffff888013b21000 [ 243.569395] R13: ffff88800f1c11e8 R14: ffffffff8352e670 R15: ffff88800fab7e68 [ 243.570048] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.570828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.571335] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 243.571999] PKRU: 55555554 [ 243.572318] Call Trace: [ 243.572541] [ 243.572733] __iommufd_access_detach+0x1c2/0x2b0 [ 243.573151] iommufd_access_change_pt+0x149/0x270 [ 243.573598] iommufd_access_replace+0xb4/0x120 [ 243.574085] iommufd_test+0x3e5/0x37e0 [ 243.574424] ? lock_release+0x532/0x770 [ 243.574805] ? __might_fault+0x102/0x1b0 [ 243.575167] ? lock_acquire+0x427/0x4c0 [ 243.575525] ? __pfx_iommufd_test+0x10/0x10 [ 243.576028] ? __pfx_lock_release+0x10/0x10 [ 243.576407] ? __pfx_lock_acquire+0x10/0x10 [ 243.576792] ? write_comp_data+0x2f/0x90 [ 243.577153] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.577714] ? write_comp_data+0x2f/0x90 [ 243.578074] iommufd_fops_ioctl+0x37d/0x510 [ 243.578448] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.578897] ? write_comp_data+0x2f/0x90 [ 243.579393] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.579824] __x64_sys_ioctl+0x1a3/0x230 [ 243.580195] do_syscall_64+0x3b/0x90 [ 243.580532] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.580945] RIP: 0033:0x7f4b8743ee5d [ 243.581289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 243.582755] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 243.583407] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 243.583931] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 243.584454] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 243.585110] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 243.585638] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 243.586169] [ 243.586369] irq event stamp: 0 [ 243.586724] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.587194] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.587808] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.588483] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.589032] ---[ end trace 0000000000000000 ]--- [ 243.591646] ------------[ cut here ]------------ [ 243.592004] WARNING: CPU: 0 PID: 2305 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.592741] Modules linked in: [ 243.592976] CPU: 0 PID: 2305 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.593612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.594432] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.594827] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.596162] RSP: 0018:ffff88800fab7bd0 EFLAGS: 00010246 [ 243.596546] RAX: 0000000000000000 RBX: ffff88800f1c10a8 RCX: 0000000000000000 [ 243.597055] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 243.597563] RBP: ffff88800fab7be8 R08: ffffed1001e38233 R09: ffffed1001e38233 [ 243.598071] R10: ffff88800f1c1193 R11: ffffed1001e38232 R12: ffff8880121c6c00 [ 243.598609] R13: ffff88800f1c11e8 R14: ffff88800fdf4600 R15: 0000000000000000 [ 243.599126] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.599701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.600116] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.600627] PKRU: 55555554 [ 243.600833] Call Trace: [ 243.601017] [ 243.601180] iommufd_access_destroy_object+0x65/0x170 [ 243.601557] iommufd_object_destroy_user+0x18e/0x220 [ 243.601927] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 243.602351] iommufd_access_destroy+0x43/0x70 [ 243.602697] iommufd_test_staccess_release+0x8d/0xd0 [ 243.603074] __fput+0x26d/0xa40 [ 243.603333] ____fput+0x1e/0x30 [ 243.603580] task_work_run+0x1a4/0x2d0 [ 243.603869] ? __pfx_task_work_run+0x10/0x10 [ 243.604194] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.604554] ? switch_task_namespaces+0xa9/0xe0 [ 243.604899] do_exit+0xb17/0x2ef0 [ 243.605153] ? lock_acquire+0x427/0x4c0 [ 243.605449] ? __pfx_lock_release+0x10/0x10 [ 243.605769] ? __kasan_check_write+0x18/0x20 [ 243.606091] ? do_raw_spin_lock+0x132/0x2a0 [ 243.606406] ? __pfx_do_exit+0x10/0x10 [ 243.606710] ? debug_smp_processor_id+0x20/0x30 [ 243.607051] ? rcu_is_watching+0x19/0xb0 [ 243.607352] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.607687] ? trace_hardirqs_on+0x26/0x120 [ 243.608005] do_group_exit+0xe0/0x2b0 [ 243.608281] __x64_sys_exit_group+0x47/0x50 [ 243.608595] do_syscall_64+0x3b/0x90 [ 243.608874] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.609254] RIP: 0033:0x7f4b87518a4d [ 243.609526] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.609970] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.610527] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.611038] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.611557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.612069] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.612578] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.613094] [ 243.613263] irq event stamp: 0 [ 243.613492] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.613943] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.614554] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.615160] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.615617] ---[ end trace 0000000000000000 ]--- [ 243.616254] ------------[ cut here ]------------ [ 243.616591] WARNING: CPU: 0 PID: 2305 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 243.617318] Modules linked in: [ 243.617547] CPU: 0 PID: 2305 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.618174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.618989] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 243.619365] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 243.620673] RSP: 0018:ffff88800fab7b78 EFLAGS: 00010246 [ 243.621057] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 243.621563] RDX: 0000000000000000 RSI: ffff88800b80a500 RDI: 0000000000000002 [ 243.622072] RBP: ffff88800fab7b98 R08: ffffed1001e3823e R09: ffffed1001e3823e [ 243.622612] R10: ffff88800f1c11ef R11: ffffed1001e3823d R12: ffff88800f1c1290 [ 243.623125] R13: ffff88800f1c10a8 R14: ffffffffffffffff R15: ffff88800fab7c60 [ 243.623632] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.624203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.624611] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.625111] PKRU: 55555554 [ 243.625311] Call Trace: [ 243.625491] [ 243.625650] iommufd_ioas_destroy+0x53/0x70 [ 243.625959] iommufd_fops_release+0x1f7/0x370 [ 243.626281] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.626641] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.626987] ? write_comp_data+0x2f/0x90 [ 243.627288] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.627639] __fput+0x26d/0xa40 [ 243.627882] ____fput+0x1e/0x30 [ 243.628118] task_work_run+0x1a4/0x2d0 [ 243.628399] ? __pfx_task_work_run+0x10/0x10 [ 243.628710] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.629052] ? switch_task_namespaces+0xa9/0xe0 [ 243.629384] do_exit+0xb17/0x2ef0 [ 243.629627] ? lock_acquire+0x427/0x4c0 [ 243.629910] ? __pfx_lock_release+0x10/0x10 [ 243.630216] ? __kasan_check_write+0x18/0x20 [ 243.630539] ? do_raw_spin_lock+0x132/0x2a0 [ 243.630843] ? __pfx_do_exit+0x10/0x10 [ 243.631129] ? debug_smp_processor_id+0x20/0x30 [ 243.631467] ? rcu_is_watching+0x19/0xb0 [ 243.631757] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.632081] ? trace_hardirqs_on+0x26/0x120 [ 243.632390] do_group_exit+0xe0/0x2b0 [ 243.632705] __x64_sys_exit_group+0x47/0x50 [ 243.633139] do_syscall_64+0x3b/0x90 [ 243.633416] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.633803] RIP: 0033:0x7f4b87518a4d [ 243.634064] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.634625] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.635160] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.635653] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.636143] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.636755] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.637249] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.637751] [ 243.637963] irq event stamp: 0 [ 243.638247] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.638697] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.639277] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.639987] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.640427] ---[ end trace 0000000000000000 ]--- [ 243.644294] ------------[ cut here ]------------ [ 243.644636] WARNING: CPU: 0 PID: 2306 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.645577] Modules linked in: [ 243.645808] CPU: 0 PID: 2306 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.646442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.647441] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.647847] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.649658] RSP: 0018:ffff888016ebfbb8 EFLAGS: 00010246 [ 243.650155] RAX: 0000000000000000 RBX: ffff88801781c0a8 RCX: 0000000000000000 [ 243.651012] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 243.651685] RBP: ffff888016ebfbd0 R08: ffffed1002f03833 R09: ffffed1002f03833 [ 243.652492] R10: ffff88801781c193 R11: ffffed1002f03832 R12: ffff88800f4d0400 [ 243.653184] R13: ffff88801781c1e8 R14: ffffffff8352e670 R15: ffff888016ebfe68 [ 243.653897] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.654788] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.655356] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 243.656022] PKRU: 55555554 [ 243.656283] Call Trace: [ 243.656527] [ 243.656754] __iommufd_access_detach+0x1c2/0x2b0 [ 243.657233] iommufd_access_change_pt+0x149/0x270 [ 243.657714] iommufd_access_replace+0xb4/0x120 [ 243.658177] iommufd_test+0x3e5/0x37e0 [ 243.658579] ? lock_release+0x532/0x770 [ 243.658989] ? __might_fault+0x102/0x1b0 [ 243.659430] ? lock_acquire+0x427/0x4c0 [ 243.659817] ? __pfx_iommufd_test+0x10/0x10 [ 243.660198] ? __pfx_lock_release+0x10/0x10 [ 243.660524] ? __pfx_lock_acquire+0x10/0x10 [ 243.660853] ? write_comp_data+0x2f/0x90 [ 243.661161] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.661525] ? write_comp_data+0x2f/0x90 [ 243.661873] iommufd_fops_ioctl+0x37d/0x510 [ 243.662254] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.662776] ? write_comp_data+0x2f/0x90 [ 243.663193] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.663680] __x64_sys_ioctl+0x1a3/0x230 [ 243.664083] do_syscall_64+0x3b/0x90 [ 243.664410] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.664862] RIP: 0033:0x7f4b8743ee5d [ 243.665187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 243.666796] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 243.667676] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 243.668463] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 243.669243] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 243.670017] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 243.670838] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 243.671654] [ 243.671922] irq event stamp: 0 [ 243.672276] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.672966] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.673877] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.674819] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.675524] ---[ end trace 0000000000000000 ]--- [ 243.679852] ------------[ cut here ]------------ [ 243.680402] WARNING: CPU: 0 PID: 2306 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.681519] Modules linked in: [ 243.681882] CPU: 0 PID: 2306 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.683147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.684398] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.684955] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.686996] RSP: 0018:ffff888016ebfbd0 EFLAGS: 00010246 [ 243.687612] RAX: 0000000000000000 RBX: ffff88801781c0a8 RCX: 0000000000000000 [ 243.688402] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 243.689191] RBP: ffff888016ebfbe8 R08: ffffed1002f03833 R09: ffffed1002f03833 [ 243.689979] R10: ffff88801781c193 R11: ffffed1002f03832 R12: ffff888013b22000 [ 243.690796] R13: ffff88801781c1e8 R14: ffff888013884e00 R15: 0000000000000000 [ 243.691598] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.692479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.693119] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.693907] PKRU: 55555554 [ 243.694229] Call Trace: [ 243.694552] [ 243.694817] iommufd_access_destroy_object+0x65/0x170 [ 243.695415] iommufd_object_destroy_user+0x18e/0x220 [ 243.695993] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 243.696650] iommufd_access_destroy+0x43/0x70 [ 243.697168] iommufd_test_staccess_release+0x8d/0xd0 [ 243.697749] __fput+0x26d/0xa40 [ 243.698143] ____fput+0x1e/0x30 [ 243.698560] task_work_run+0x1a4/0x2d0 [ 243.699016] ? __pfx_task_work_run+0x10/0x10 [ 243.699537] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.700096] ? switch_task_namespaces+0xa9/0xe0 [ 243.700640] do_exit+0xb17/0x2ef0 [ 243.701036] ? lock_acquire+0x427/0x4c0 [ 243.701502] ? __pfx_lock_release+0x10/0x10 [ 243.701997] ? __kasan_check_write+0x18/0x20 [ 243.702498] ? do_raw_spin_lock+0x132/0x2a0 [ 243.703024] ? __pfx_do_exit+0x10/0x10 [ 243.703488] ? debug_smp_processor_id+0x20/0x30 [ 243.704016] ? rcu_is_watching+0x19/0xb0 [ 243.704478] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.704997] ? trace_hardirqs_on+0x26/0x120 [ 243.705494] do_group_exit+0xe0/0x2b0 [ 243.705937] __x64_sys_exit_group+0x47/0x50 [ 243.706430] do_syscall_64+0x3b/0x90 [ 243.706917] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.707544] RIP: 0033:0x7f4b87518a4d [ 243.707972] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.708665] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.709519] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.710322] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.711165] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.711973] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.712777] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.713590] [ 243.713860] irq event stamp: 0 [ 243.714220] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.714956] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.715904] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.716841] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.717549] ---[ end trace 0000000000000000 ]--- [ 243.718724] ------------[ cut here ]------------ [ 243.719281] WARNING: CPU: 0 PID: 2306 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 243.720424] Modules linked in: [ 243.720797] CPU: 0 PID: 2306 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.721776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.723229] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 243.723818] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 243.725854] RSP: 0018:ffff888016ebfb78 EFLAGS: 00010246 [ 243.726454] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 243.727399] RDX: 0000000000000000 RSI: ffff88800b808000 RDI: 0000000000000002 [ 243.728038] RBP: ffff888016ebfb98 R08: ffffed1002f0383e R09: ffffed1002f0383e [ 243.728610] R10: ffff88801781c1ef R11: ffffed1002f0383d R12: ffff88801781c290 [ 243.729190] R13: ffff88801781c0a8 R14: ffffffffffffffff R15: ffff888016ebfc60 [ 243.729758] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 243.730412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.730913] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 243.731844] PKRU: 55555554 [ 243.732184] Call Trace: [ 243.732485] [ 243.732758] iommufd_ioas_destroy+0x53/0x70 [ 243.733279] iommufd_fops_release+0x1f7/0x370 [ 243.733822] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.734411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.735066] ? write_comp_data+0x2f/0x90 [ 243.735601] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.736197] __fput+0x26d/0xa40 [ 243.736608] ____fput+0x1e/0x30 [ 243.737010] task_work_run+0x1a4/0x2d0 [ 243.737486] ? __pfx_task_work_run+0x10/0x10 [ 243.738016] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.738654] ? switch_task_namespaces+0xa9/0xe0 [ 243.739263] do_exit+0xb17/0x2ef0 [ 243.739700] ? lock_acquire+0x427/0x4c0 [ 243.740195] ? __pfx_lock_release+0x10/0x10 [ 243.740733] ? __kasan_check_write+0x18/0x20 [ 243.741276] ? do_raw_spin_lock+0x132/0x2a0 [ 243.741804] ? __pfx_do_exit+0x10/0x10 [ 243.742289] ? debug_smp_processor_id+0x20/0x30 [ 243.742892] ? rcu_is_watching+0x19/0xb0 [ 243.743416] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.743974] ? trace_hardirqs_on+0x26/0x120 [ 243.744501] do_group_exit+0xe0/0x2b0 [ 243.744967] __x64_sys_exit_group+0x47/0x50 [ 243.745478] do_syscall_64+0x3b/0x90 [ 243.745935] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.746609] RIP: 0033:0x7f4b87518a4d [ 243.747054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.747784] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.748663] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.749489] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.750317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.751230] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.752087] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.752957] [ 243.753261] irq event stamp: 0 [ 243.753651] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.754410] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.755472] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.756474] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.757231] ---[ end trace 0000000000000000 ]--- [ 243.761424] ------------[ cut here ]------------ [ 243.761888] WARNING: CPU: 1 PID: 2307 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.762987] Modules linked in: [ 243.763301] CPU: 1 PID: 2307 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.764071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.765061] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.765502] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.767163] RSP: 0018:ffff888020d97bb8 EFLAGS: 00010246 [ 243.767648] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 243.768275] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 243.768893] RBP: ffff888020d97bd0 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 243.769532] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff888010e03800 [ 243.770208] R13: ffff8880104669e8 R14: ffffffff8352e670 R15: ffff888020d97e68 [ 243.770910] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 243.771697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.772233] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 243.772906] PKRU: 55555554 [ 243.773170] Call Trace: [ 243.773411] [ 243.773637] __iommufd_access_detach+0x1c2/0x2b0 [ 243.774092] iommufd_access_change_pt+0x149/0x270 [ 243.774598] iommufd_access_replace+0xb4/0x120 [ 243.775045] iommufd_test+0x3e5/0x37e0 [ 243.775425] ? lock_release+0x532/0x770 [ 243.775810] ? __might_fault+0x102/0x1b0 [ 243.776196] ? lock_acquire+0x427/0x4c0 [ 243.776577] ? __pfx_iommufd_test+0x10/0x10 [ 243.776978] ? __pfx_lock_release+0x10/0x10 [ 243.777400] ? __pfx_lock_acquire+0x10/0x10 [ 243.777818] ? write_comp_data+0x2f/0x90 [ 243.778212] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.778731] ? write_comp_data+0x2f/0x90 [ 243.779134] iommufd_fops_ioctl+0x37d/0x510 [ 243.779543] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.779999] ? write_comp_data+0x2f/0x90 [ 243.780400] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.780864] __x64_sys_ioctl+0x1a3/0x230 [ 243.781280] do_syscall_64+0x3b/0x90 [ 243.781661] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.782162] RIP: 0033:0x7f4b8743ee5d [ 243.782569] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 243.784312] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 243.785019] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 243.785704] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 243.786392] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 243.787104] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 243.787801] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 243.788478] [ 243.788702] irq event stamp: 0 [ 243.789011] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.789608] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.790409] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.791248] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.791861] ---[ end trace 0000000000000000 ]--- [ 243.795067] ------------[ cut here ]------------ [ 243.795577] WARNING: CPU: 1 PID: 2307 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.796533] Modules linked in: [ 243.796830] CPU: 1 PID: 2307 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.797649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.798757] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.799251] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.800986] RSP: 0018:ffff888020d97bd0 EFLAGS: 00010246 [ 243.801497] RAX: 0000000000000000 RBX: ffff8880104668a8 RCX: 0000000000000000 [ 243.802166] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 243.802874] RBP: ffff888020d97be8 R08: ffffed100208cd33 R09: ffffed100208cd33 [ 243.803563] R10: ffff888010466993 R11: ffffed100208cd32 R12: ffff888014392c00 [ 243.804251] R13: ffff8880104669e8 R14: ffff888015a03900 R15: 0000000000000000 [ 243.804924] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 243.805697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.806249] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 243.806946] PKRU: 55555554 [ 243.807230] Call Trace: [ 243.807488] [ 243.807709] iommufd_access_destroy_object+0x65/0x170 [ 243.808215] iommufd_object_destroy_user+0x18e/0x220 [ 243.808699] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 243.809260] iommufd_access_destroy+0x43/0x70 [ 243.809693] iommufd_test_staccess_release+0x8d/0xd0 [ 243.810179] __fput+0x26d/0xa40 [ 243.810536] ____fput+0x1e/0x30 [ 243.810873] task_work_run+0x1a4/0x2d0 [ 243.811265] ? __pfx_task_work_run+0x10/0x10 [ 243.811695] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.812164] ? switch_task_namespaces+0xa9/0xe0 [ 243.812621] do_exit+0xb17/0x2ef0 [ 243.812951] ? lock_acquire+0x427/0x4c0 [ 243.813355] ? __pfx_lock_release+0x10/0x10 [ 243.813776] ? __kasan_check_write+0x18/0x20 [ 243.814193] ? do_raw_spin_lock+0x132/0x2a0 [ 243.814647] ? __pfx_do_exit+0x10/0x10 [ 243.815037] ? debug_smp_processor_id+0x20/0x30 [ 243.815500] ? rcu_is_watching+0x19/0xb0 [ 243.815904] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.816341] ? trace_hardirqs_on+0x26/0x120 [ 243.816760] do_group_exit+0xe0/0x2b0 [ 243.817127] __x64_sys_exit_group+0x47/0x50 [ 243.817535] do_syscall_64+0x3b/0x90 [ 243.817900] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.818417] RIP: 0033:0x7f4b87518a4d [ 243.818805] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.819410] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.820138] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.820806] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.821499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.822196] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.822907] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.823608] [ 243.823829] irq event stamp: 0 [ 243.824125] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.824740] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.825536] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.826335] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.826965] ---[ end trace 0000000000000000 ]--- [ 243.827833] ------------[ cut here ]------------ [ 243.828297] WARNING: CPU: 1 PID: 2307 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 243.829261] Modules linked in: [ 243.829570] CPU: 1 PID: 2307 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.830407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.831532] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 243.832024] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 243.833779] RSP: 0018:ffff888020d97b78 EFLAGS: 00010246 [ 243.834276] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 243.834976] RDX: 0000000000000000 RSI: ffff88801796a500 RDI: 0000000000000002 [ 243.835685] RBP: ffff888020d97b98 R08: ffffed100208cd3e R09: ffffed100208cd3e [ 243.836368] R10: ffff8880104669ef R11: ffffed100208cd3d R12: ffff888010466a90 [ 243.837042] R13: ffff8880104668a8 R14: ffffffffffffffff R15: ffff888020d97c60 [ 243.837728] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 243.838484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.839089] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 243.839780] PKRU: 55555554 [ 243.840047] Call Trace: [ 243.840288] [ 243.840509] iommufd_ioas_destroy+0x53/0x70 [ 243.840937] iommufd_fops_release+0x1f7/0x370 [ 243.841376] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.841859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.842326] ? write_comp_data+0x2f/0x90 [ 243.842765] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.843264] __fput+0x26d/0xa40 [ 243.843611] ____fput+0x1e/0x30 [ 243.843936] task_work_run+0x1a4/0x2d0 [ 243.844322] ? __pfx_task_work_run+0x10/0x10 [ 243.844741] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.845201] ? switch_task_namespaces+0xa9/0xe0 [ 243.845671] do_exit+0xb17/0x2ef0 [ 243.846037] ? lock_acquire+0x427/0x4c0 [ 243.846466] ? __pfx_lock_release+0x10/0x10 [ 243.846953] ? __kasan_check_write+0x18/0x20 [ 243.847439] ? do_raw_spin_lock+0x132/0x2a0 [ 243.847889] ? __pfx_do_exit+0x10/0x10 [ 243.848304] ? debug_smp_processor_id+0x20/0x30 [ 243.848784] ? rcu_is_watching+0x19/0xb0 [ 243.849211] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.849695] ? trace_hardirqs_on+0x26/0x120 [ 243.850139] do_group_exit+0xe0/0x2b0 [ 243.850556] __x64_sys_exit_group+0x47/0x50 [ 243.851000] do_syscall_64+0x3b/0x90 [ 243.851427] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.851970] RIP: 0033:0x7f4b87518a4d [ 243.852353] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.852978] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.853772] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.854502] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.855278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.856004] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.856730] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.857482] [ 243.857725] irq event stamp: 0 [ 243.858049] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.858734] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.859609] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.860462] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.861113] ---[ end trace 0000000000000000 ]--- [ 243.866401] ------------[ cut here ]------------ [ 243.867366] WARNING: CPU: 1 PID: 2308 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.868415] Modules linked in: [ 243.868747] CPU: 1 PID: 2308 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.869634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.870815] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.871345] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.873264] RSP: 0018:ffff88801347fbb8 EFLAGS: 00010246 [ 243.873822] RAX: 0000000000000000 RBX: ffff8880182900a8 RCX: 0000000000000000 [ 243.874585] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 243.875347] RBP: ffff88801347fbd0 R08: ffffed1003052033 R09: ffffed1003052033 [ 243.876075] R10: ffff888018290193 R11: ffffed1003052032 R12: ffff888014611400 [ 243.876811] R13: ffff8880182901e8 R14: ffffffff8352e670 R15: ffff88801347fe68 [ 243.877549] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 243.878398] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.879050] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 243.879800] PKRU: 55555554 [ 243.880093] Call Trace: [ 243.880354] [ 243.880585] __iommufd_access_detach+0x1c2/0x2b0 [ 243.881090] iommufd_access_change_pt+0x149/0x270 [ 243.881600] iommufd_access_replace+0xb4/0x120 [ 243.882084] iommufd_test+0x3e5/0x37e0 [ 243.882494] ? lock_release+0x532/0x770 [ 243.882963] ? __might_fault+0x102/0x1b0 [ 243.883416] ? lock_acquire+0x427/0x4c0 [ 243.883831] ? __pfx_iommufd_test+0x10/0x10 [ 243.884277] ? __pfx_lock_release+0x10/0x10 [ 243.884729] ? __pfx_lock_acquire+0x10/0x10 [ 243.885193] ? write_comp_data+0x2f/0x90 [ 243.885633] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.886150] ? write_comp_data+0x2f/0x90 [ 243.886626] iommufd_fops_ioctl+0x37d/0x510 [ 243.887078] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.887593] ? write_comp_data+0x2f/0x90 [ 243.888021] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 243.888530] __x64_sys_ioctl+0x1a3/0x230 [ 243.888969] do_syscall_64+0x3b/0x90 [ 243.889364] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.890050] RIP: 0033:0x7f4b8743ee5d [ 243.890605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 243.892718] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 243.893511] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 243.894256] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 243.895041] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 243.895800] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 243.896737] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 243.897790] [ 243.898036] irq event stamp: 0 [ 243.898363] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.899072] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.899947] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.900812] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.901517] ---[ end trace 0000000000000000 ]--- [ 243.905122] ------------[ cut here ]------------ [ 243.905664] WARNING: CPU: 1 PID: 2308 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.906892] Modules linked in: [ 243.907384] CPU: 1 PID: 2308 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.908301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.909468] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.909983] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 243.912181] RSP: 0018:ffff88801347fbd0 EFLAGS: 00010246 [ 243.912974] RAX: 0000000000000000 RBX: ffff8880182900a8 RCX: 0000000000000000 [ 243.913732] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 243.914467] RBP: ffff88801347fbe8 R08: ffffed1003052033 R09: ffffed1003052033 [ 243.915251] R10: ffff888018290193 R11: ffffed1003052032 R12: ffff888010e00400 [ 243.916003] R13: ffff8880182901e8 R14: ffff888021841500 R15: 0000000000000000 [ 243.916744] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 243.917725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.918606] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 243.919648] PKRU: 55555554 [ 243.919949] Call Trace: [ 243.920218] [ 243.920461] iommufd_access_destroy_object+0x65/0x170 [ 243.921015] iommufd_object_destroy_user+0x18e/0x220 [ 243.921552] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 243.922161] iommufd_access_destroy+0x43/0x70 [ 243.922698] iommufd_test_staccess_release+0x8d/0xd0 [ 243.923273] __fput+0x26d/0xa40 [ 243.923644] ____fput+0x1e/0x30 [ 243.924002] task_work_run+0x1a4/0x2d0 [ 243.924512] ? __pfx_task_work_run+0x10/0x10 [ 243.925118] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.925811] ? switch_task_namespaces+0xa9/0xe0 [ 243.926307] do_exit+0xb17/0x2ef0 [ 243.926751] ? lock_acquire+0x427/0x4c0 [ 243.927192] ? __pfx_lock_release+0x10/0x10 [ 243.927644] ? __kasan_check_write+0x18/0x20 [ 243.928099] ? do_raw_spin_lock+0x132/0x2a0 [ 243.928549] ? __pfx_do_exit+0x10/0x10 [ 243.928959] ? debug_smp_processor_id+0x20/0x30 [ 243.929451] ? rcu_is_watching+0x19/0xb0 [ 243.929946] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.930617] ? trace_hardirqs_on+0x26/0x120 [ 243.931210] do_group_exit+0xe0/0x2b0 [ 243.931618] __x64_sys_exit_group+0x47/0x50 [ 243.932071] do_syscall_64+0x3b/0x90 [ 243.932478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.933034] RIP: 0033:0x7f4b87518a4d [ 243.933419] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.934056] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.934908] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.935901] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.936948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.937699] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.938453] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.939268] [ 243.939524] irq event stamp: 0 [ 243.939855] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.940506] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.941381] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.942618] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.943559] ---[ end trace 0000000000000000 ]--- [ 243.944454] ------------[ cut here ]------------ [ 243.944946] WARNING: CPU: 1 PID: 2308 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 243.945993] Modules linked in: [ 243.946329] CPU: 1 PID: 2308 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.947291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.948596] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 243.949363] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 243.951338] RSP: 0018:ffff88801347fb78 EFLAGS: 00010246 [ 243.951899] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 243.952632] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 243.953438] RBP: ffff88801347fb98 R08: ffffed100305203e R09: ffffed100305203e [ 243.954426] R10: ffff8880182901ef R11: ffffed100305203d R12: ffff888018290290 [ 243.955462] R13: ffff8880182900a8 R14: ffffffffffffffff R15: ffff88801347fc60 [ 243.956208] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 243.957051] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.957650] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 243.958380] PKRU: 55555554 [ 243.958719] Call Trace: [ 243.958984] [ 243.959241] iommufd_ioas_destroy+0x53/0x70 [ 243.959766] iommufd_fops_release+0x1f7/0x370 [ 243.960430] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.961136] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.961647] ? write_comp_data+0x2f/0x90 [ 243.962080] ? __pfx_iommufd_fops_release+0x10/0x10 [ 243.962633] __fput+0x26d/0xa40 [ 243.963005] ____fput+0x1e/0x30 [ 243.963380] task_work_run+0x1a4/0x2d0 [ 243.963807] ? __pfx_task_work_run+0x10/0x10 [ 243.964285] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 243.964805] ? switch_task_namespaces+0xa9/0xe0 [ 243.965386] do_exit+0xb17/0x2ef0 [ 243.965872] ? lock_acquire+0x427/0x4c0 [ 243.966457] ? __pfx_lock_release+0x10/0x10 [ 243.966984] ? __kasan_check_write+0x18/0x20 [ 243.967476] ? do_raw_spin_lock+0x132/0x2a0 [ 243.967957] ? __pfx_do_exit+0x10/0x10 [ 243.968385] ? debug_smp_processor_id+0x20/0x30 [ 243.968873] ? rcu_is_watching+0x19/0xb0 [ 243.969306] ? _raw_spin_unlock_irq+0x2b/0x60 [ 243.969779] ? trace_hardirqs_on+0x26/0x120 [ 243.970244] do_group_exit+0xe0/0x2b0 [ 243.970711] __x64_sys_exit_group+0x47/0x50 [ 243.971321] do_syscall_64+0x3b/0x90 [ 243.971881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 243.972447] RIP: 0033:0x7f4b87518a4d [ 243.972857] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 243.973504] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 243.974293] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 243.975085] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 243.975864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 243.976672] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 243.977732] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 243.978583] [ 243.978841] irq event stamp: 0 [ 243.979200] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 243.979877] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 243.980763] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 243.981735] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 243.982718] ---[ end trace 0000000000000000 ]--- [ 243.991885] ------------[ cut here ]------------ [ 243.992935] WARNING: CPU: 0 PID: 2309 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 243.994328] Modules linked in: [ 243.995098] CPU: 0 PID: 2309 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 243.996265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 243.997753] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 243.998424] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.000889] RSP: 0018:ffff88801625fbb8 EFLAGS: 00010246 [ 244.001608] RAX: 0000000000000000 RBX: ffff888021a508a8 RCX: 0000000000000000 [ 244.002590] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 244.003565] RBP: ffff88801625fbd0 R08: ffffed100434a133 R09: ffffed100434a133 [ 244.004515] R10: ffff888021a50993 R11: ffffed100434a132 R12: ffff888013db8400 [ 244.005458] R13: ffff888021a509e8 R14: ffffffff8352e670 R15: ffff88801625fe68 [ 244.006402] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.007545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.008322] CR2: 00007f4b877410e8 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 244.009270] PKRU: 55555554 [ 244.009649] Call Trace: [ 244.009995] [ 244.010310] __iommufd_access_detach+0x1c2/0x2b0 [ 244.011017] iommufd_access_change_pt+0x149/0x270 [ 244.011710] iommufd_access_replace+0xb4/0x120 [ 244.012343] iommufd_test+0x3e5/0x37e0 [ 244.012871] ? lock_release+0x532/0x770 [ 244.013423] ? __might_fault+0x102/0x1b0 [ 244.013982] ? lock_acquire+0x427/0x4c0 [ 244.014578] ? __pfx_iommufd_test+0x10/0x10 [ 244.015181] ? __pfx_lock_release+0x10/0x10 [ 244.015794] ? __pfx_lock_acquire+0x10/0x10 [ 244.016412] ? write_comp_data+0x2f/0x90 [ 244.016989] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.017647] ? write_comp_data+0x2f/0x90 [ 244.018213] iommufd_fops_ioctl+0x37d/0x510 [ 244.018865] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.019556] ? write_comp_data+0x2f/0x90 [ 244.020125] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.020781] __x64_sys_ioctl+0x1a3/0x230 [ 244.021352] do_syscall_64+0x3b/0x90 [ 244.021887] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.022664] RIP: 0033:0x7f4b8743ee5d [ 244.023207] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 244.025655] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 244.026711] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 244.027708] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 244.028690] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 244.029656] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 244.030647] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 244.031642] [ 244.031962] irq event stamp: 0 [ 244.032387] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.033227] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.034331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.035576] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.036314] ---[ end trace 0000000000000000 ]--- [ 244.041116] ------------[ cut here ]------------ [ 244.041867] WARNING: CPU: 0 PID: 2309 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.043946] Modules linked in: [ 244.044591] CPU: 0 PID: 2309 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.045739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.047327] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.048015] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.050425] RSP: 0018:ffff88801625fbd0 EFLAGS: 00010246 [ 244.051214] RAX: 0000000000000000 RBX: ffff888021a508a8 RCX: 0000000000000000 [ 244.052182] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 244.053136] RBP: ffff88801625fbe8 R08: ffffed100434a133 R09: ffffed100434a133 [ 244.054084] R10: ffff888021a50993 R11: ffffed100434a132 R12: ffff88800f4d0000 [ 244.055082] R13: ffff888021a509e8 R14: ffff88800ef76c00 R15: 0000000000000000 [ 244.056059] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.057128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.057910] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.058925] PKRU: 55555554 [ 244.059333] Call Trace: [ 244.059684] [ 244.059997] iommufd_access_destroy_object+0x65/0x170 [ 244.060705] iommufd_object_destroy_user+0x18e/0x220 [ 244.061399] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 244.062187] iommufd_access_destroy+0x43/0x70 [ 244.062863] iommufd_test_staccess_release+0x8d/0xd0 [ 244.063588] __fput+0x26d/0xa40 [ 244.064062] ____fput+0x1e/0x30 [ 244.064526] task_work_run+0x1a4/0x2d0 [ 244.065065] ? __pfx_task_work_run+0x10/0x10 [ 244.065662] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.066322] ? switch_task_namespaces+0xa9/0xe0 [ 244.067015] do_exit+0xb17/0x2ef0 [ 244.067509] ? lock_acquire+0x427/0x4c0 [ 244.068063] ? __pfx_lock_release+0x10/0x10 [ 244.068646] ? __kasan_check_write+0x18/0x20 [ 244.069245] ? do_raw_spin_lock+0x132/0x2a0 [ 244.069825] ? __pfx_do_exit+0x10/0x10 [ 244.070364] ? debug_smp_processor_id+0x20/0x30 [ 244.071041] ? rcu_is_watching+0x19/0xb0 [ 244.071647] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.072155] ? trace_hardirqs_on+0x26/0x120 [ 244.072618] do_group_exit+0xe0/0x2b0 [ 244.073034] __x64_sys_exit_group+0x47/0x50 [ 244.073486] do_syscall_64+0x3b/0x90 [ 244.073888] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.074445] RIP: 0033:0x7f4b87518a4d [ 244.074889] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.075566] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.076375] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.077140] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.077928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.078724] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.079512] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.080282] [ 244.080536] irq event stamp: 0 [ 244.080879] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.081561] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.082470] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.083426] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.084109] ---[ end trace 0000000000000000 ]--- [ 244.085312] ------------[ cut here ]------------ [ 244.086024] WARNING: CPU: 0 PID: 2309 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 244.087241] Modules linked in: [ 244.087601] CPU: 0 PID: 2309 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.088540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.089756] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 244.090360] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 244.092588] RSP: 0018:ffff88801625fb78 EFLAGS: 00010246 [ 244.093179] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 244.093954] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 244.094808] RBP: ffff88801625fb98 R08: ffffed100434a13e R09: ffffed100434a13e [ 244.095645] R10: ffff888021a509ef R11: ffffed100434a13d R12: ffff888021a50a90 [ 244.096589] R13: ffff888021a508a8 R14: ffffffffffffffff R15: ffff88801625fc60 [ 244.097354] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.098234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.098912] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.099712] PKRU: 55555554 [ 244.100024] Call Trace: [ 244.100441] [ 244.100835] iommufd_ioas_destroy+0x53/0x70 [ 244.101318] iommufd_fops_release+0x1f7/0x370 [ 244.101803] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.102337] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.102901] ? write_comp_data+0x2f/0x90 [ 244.103364] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.103911] __fput+0x26d/0xa40 [ 244.104294] ____fput+0x1e/0x30 [ 244.104664] task_work_run+0x1a4/0x2d0 [ 244.105247] ? __pfx_task_work_run+0x10/0x10 [ 244.105878] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.106402] ? switch_task_namespaces+0xa9/0xe0 [ 244.106943] do_exit+0xb17/0x2ef0 [ 244.107334] ? lock_acquire+0x427/0x4c0 [ 244.107766] ? __pfx_lock_release+0x10/0x10 [ 244.108230] ? __kasan_check_write+0x18/0x20 [ 244.108700] ? do_raw_spin_lock+0x132/0x2a0 [ 244.109169] ? __pfx_do_exit+0x10/0x10 [ 244.109637] ? debug_smp_processor_id+0x20/0x30 [ 244.110365] ? rcu_is_watching+0x19/0xb0 [ 244.110845] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.111366] ? trace_hardirqs_on+0x26/0x120 [ 244.111854] do_group_exit+0xe0/0x2b0 [ 244.112278] __x64_sys_exit_group+0x47/0x50 [ 244.112753] do_syscall_64+0x3b/0x90 [ 244.113171] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.113738] RIP: 0033:0x7f4b87518a4d [ 244.114195] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.115159] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.115978] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.116738] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.117509] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.118266] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.119167] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.120108] [ 244.120357] irq event stamp: 0 [ 244.120689] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.121357] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.122248] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.123211] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.124167] ---[ end trace 0000000000000000 ]--- [ 244.131042] ------------[ cut here ]------------ [ 244.131624] WARNING: CPU: 0 PID: 2310 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.132874] Modules linked in: [ 244.133371] CPU: 0 PID: 2310 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.134343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.136044] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.137264] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.139848] RSP: 0018:ffff888015d0fbb8 EFLAGS: 00010246 [ 244.141095] RAX: 0000000000000000 RBX: ffff88800ed7a8a8 RCX: 0000000000000000 [ 244.142081] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 244.143146] RBP: ffff888015d0fbd0 R08: ffffed1001daf533 R09: ffffed1001daf533 [ 244.144135] R10: ffff88800ed7a993 R11: ffffed1001daf532 R12: ffff88801870b800 [ 244.145424] R13: ffff88800ed7a9e8 R14: ffffffff8352e670 R15: ffff888015d0fe68 [ 244.146409] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.147612] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.148601] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 244.149788] PKRU: 55555554 [ 244.150205] Call Trace: [ 244.150619] [ 244.150951] __iommufd_access_detach+0x1c2/0x2b0 [ 244.151670] iommufd_access_change_pt+0x149/0x270 [ 244.152733] iommufd_access_replace+0xb4/0x120 [ 244.153409] iommufd_test+0x3e5/0x37e0 [ 244.153960] ? lock_release+0x532/0x770 [ 244.154611] ? __might_fault+0x102/0x1b0 [ 244.155228] ? lock_acquire+0x427/0x4c0 [ 244.155930] ? __pfx_iommufd_test+0x10/0x10 [ 244.156748] ? __pfx_lock_release+0x10/0x10 [ 244.157374] ? __pfx_lock_acquire+0x10/0x10 [ 244.158003] ? write_comp_data+0x2f/0x90 [ 244.158664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.159565] ? write_comp_data+0x2f/0x90 [ 244.160387] iommufd_fops_ioctl+0x37d/0x510 [ 244.161032] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.161724] ? write_comp_data+0x2f/0x90 [ 244.162317] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.163189] __x64_sys_ioctl+0x1a3/0x230 [ 244.163931] do_syscall_64+0x3b/0x90 [ 244.164474] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.165195] RIP: 0033:0x7f4b8743ee5d [ 244.165720] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 244.168650] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 244.169699] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 244.171220] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 244.172060] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 244.172830] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 244.173638] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 244.174739] [ 244.174997] irq event stamp: 0 [ 244.175352] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.176038] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.176952] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.178162] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.178904] ---[ end trace 0000000000000000 ]--- [ 244.184461] ------------[ cut here ]------------ [ 244.185374] WARNING: CPU: 0 PID: 2310 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.186498] Modules linked in: [ 244.186910] CPU: 0 PID: 2310 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.187887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.189275] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.189961] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.192014] RSP: 0018:ffff888015d0fbd0 EFLAGS: 00010246 [ 244.192723] RAX: 0000000000000000 RBX: ffff88800ed7a8a8 RCX: 0000000000000000 [ 244.193683] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 244.194473] RBP: ffff888015d0fbe8 R08: ffffed1001daf533 R09: ffffed1001daf533 [ 244.195302] R10: ffff88800ed7a993 R11: ffffed1001daf532 R12: ffff888013db8000 [ 244.196180] R13: ffff88800ed7a9e8 R14: ffff88800fd1c000 R15: 0000000000000000 [ 244.197185] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.198090] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.198762] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 244.199575] PKRU: 55555554 [ 244.199900] Call Trace: [ 244.200305] [ 244.200734] iommufd_access_destroy_object+0x65/0x170 [ 244.201319] iommufd_object_destroy_user+0x18e/0x220 [ 244.201908] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 244.202599] iommufd_access_destroy+0x43/0x70 [ 244.203131] iommufd_test_staccess_release+0x8d/0xd0 [ 244.203727] __fput+0x26d/0xa40 [ 244.204220] ____fput+0x1e/0x30 [ 244.204749] task_work_run+0x1a4/0x2d0 [ 244.205211] ? __pfx_task_work_run+0x10/0x10 [ 244.205715] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.206276] ? switch_task_namespaces+0xa9/0xe0 [ 244.206846] do_exit+0xb17/0x2ef0 [ 244.207262] ? lock_acquire+0x427/0x4c0 [ 244.207822] ? __pfx_lock_release+0x10/0x10 [ 244.208485] ? __kasan_check_write+0x18/0x20 [ 244.208981] ? do_raw_spin_lock+0x132/0x2a0 [ 244.209465] ? __pfx_do_exit+0x10/0x10 [ 244.209913] ? debug_smp_processor_id+0x20/0x30 [ 244.210434] ? rcu_is_watching+0x19/0xb0 [ 244.210947] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.211703] ? trace_hardirqs_on+0x26/0x120 [ 244.212200] do_group_exit+0xe0/0x2b0 [ 244.212635] __x64_sys_exit_group+0x47/0x50 [ 244.213121] do_syscall_64+0x3b/0x90 [ 244.213552] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.214150] RIP: 0033:0x7f4b87518a4d [ 244.214695] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.215629] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.216512] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.217314] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.218101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.219235] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.220023] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.220818] [ 244.221086] irq event stamp: 0 [ 244.221438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.222139] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.223088] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.224026] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.224717] ---[ end trace 0000000000000000 ]--- [ 244.225724] ------------[ cut here ]------------ [ 244.226468] WARNING: CPU: 0 PID: 2310 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 244.227699] Modules linked in: [ 244.228078] CPU: 0 PID: 2310 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.229061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.230658] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 244.231259] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 244.233263] RSP: 0018:ffff888015d0fb78 EFLAGS: 00010246 [ 244.233897] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 244.234952] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 244.235775] RBP: ffff888015d0fb98 R08: ffffed1001daf53e R09: ffffed1001daf53e [ 244.236563] R10: ffff88800ed7a9ef R11: ffffed1001daf53d R12: ffff88800ed7aa90 [ 244.237348] R13: ffff88800ed7a8a8 R14: ffffffffffffffff R15: ffff888015d0fc60 [ 244.238270] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.239398] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.240052] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 244.240839] PKRU: 55555554 [ 244.241154] Call Trace: [ 244.241439] [ 244.241691] iommufd_ioas_destroy+0x53/0x70 [ 244.242477] iommufd_fops_release+0x1f7/0x370 [ 244.243016] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.243585] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.244137] ? write_comp_data+0x2f/0x90 [ 244.244612] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.245181] __fput+0x26d/0xa40 [ 244.245562] ____fput+0x1e/0x30 [ 244.245941] task_work_run+0x1a4/0x2d0 [ 244.246593] ? __pfx_task_work_run+0x10/0x10 [ 244.247241] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.247797] ? switch_task_namespaces+0xa9/0xe0 [ 244.248324] do_exit+0xb17/0x2ef0 [ 244.248701] ? lock_acquire+0x427/0x4c0 [ 244.249138] ? __pfx_lock_release+0x10/0x10 [ 244.249604] ? __kasan_check_write+0x18/0x20 [ 244.250093] ? do_raw_spin_lock+0x132/0x2a0 [ 244.250610] ? __pfx_do_exit+0x10/0x10 [ 244.251057] ? debug_smp_processor_id+0x20/0x30 [ 244.251593] ? rcu_is_watching+0x19/0xb0 [ 244.252049] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.252628] ? trace_hardirqs_on+0x26/0x120 [ 244.253355] do_group_exit+0xe0/0x2b0 [ 244.253794] __x64_sys_exit_group+0x47/0x50 [ 244.254267] do_syscall_64+0x3b/0x90 [ 244.254720] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.255312] RIP: 0033:0x7f4b87518a4d [ 244.255730] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.256420] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.257257] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.258406] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.259235] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.260017] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.260799] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.261588] [ 244.261844] irq event stamp: 0 [ 244.262248] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.263217] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.264143] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.265060] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.265759] ---[ end trace 0000000000000000 ]--- [ 244.270857] ------------[ cut here ]------------ [ 244.271644] WARNING: CPU: 0 PID: 2311 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.272755] Modules linked in: [ 244.273104] CPU: 0 PID: 2311 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.274115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.275650] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.276226] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.278262] RSP: 0018:ffff88801625fbb8 EFLAGS: 00010246 [ 244.278895] RAX: 0000000000000000 RBX: ffff888011d9a8a8 RCX: 0000000000000000 [ 244.279688] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 244.280466] RBP: ffff88801625fbd0 R08: ffffed10023b3533 R09: ffffed10023b3533 [ 244.281273] R10: ffff888011d9a993 R11: ffffed10023b3532 R12: ffff888013b21c00 [ 244.282080] R13: ffff888011d9a9e8 R14: ffffffff8352e670 R15: ffff88801625fe68 [ 244.282913] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.283838] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.284527] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 244.285338] PKRU: 55555554 [ 244.285658] Call Trace: [ 244.285951] [ 244.286207] __iommufd_access_detach+0x1c2/0x2b0 [ 244.286809] iommufd_access_change_pt+0x149/0x270 [ 244.287391] iommufd_access_replace+0xb4/0x120 [ 244.287922] iommufd_test+0x3e5/0x37e0 [ 244.288365] ? lock_release+0x532/0x770 [ 244.288828] ? __might_fault+0x102/0x1b0 [ 244.289301] ? lock_acquire+0x427/0x4c0 [ 244.289765] ? __pfx_iommufd_test+0x10/0x10 [ 244.290262] ? __pfx_lock_release+0x10/0x10 [ 244.290793] ? __pfx_lock_acquire+0x10/0x10 [ 244.291321] ? write_comp_data+0x2f/0x90 [ 244.291805] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.292364] ? write_comp_data+0x2f/0x90 [ 244.292845] iommufd_fops_ioctl+0x37d/0x510 [ 244.293337] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.293884] ? write_comp_data+0x2f/0x90 [ 244.294350] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.294941] __x64_sys_ioctl+0x1a3/0x230 [ 244.295434] do_syscall_64+0x3b/0x90 [ 244.295870] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.296458] RIP: 0033:0x7f4b8743ee5d [ 244.296876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 244.298975] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 244.299855] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 244.300654] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 244.301448] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 244.302245] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 244.303103] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 244.303948] [ 244.304218] irq event stamp: 0 [ 244.304567] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.305266] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.306195] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.307190] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.307908] ---[ end trace 0000000000000000 ]--- [ 244.311713] ------------[ cut here ]------------ [ 244.312270] WARNING: CPU: 0 PID: 2311 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.313438] Modules linked in: [ 244.313897] CPU: 0 PID: 2311 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.315081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.316342] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.316886] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.319224] RSP: 0018:ffff88801625fbd0 EFLAGS: 00010246 [ 244.319820] RAX: 0000000000000000 RBX: ffff888011d9a8a8 RCX: 0000000000000000 [ 244.320606] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 244.321407] RBP: ffff88801625fbe8 R08: ffffed10023b3533 R09: ffffed10023b3533 [ 244.322319] R10: ffff888011d9a993 R11: ffffed10023b3532 R12: ffff88801870a800 [ 244.323347] R13: ffff888011d9a9e8 R14: ffff88800f02da00 R15: 0000000000000000 [ 244.324144] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.325024] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.325669] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.326553] PKRU: 55555554 [ 244.327149] Call Trace: [ 244.327440] [ 244.327685] iommufd_access_destroy_object+0x65/0x170 [ 244.328263] iommufd_object_destroy_user+0x18e/0x220 [ 244.328824] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 244.329470] iommufd_access_destroy+0x43/0x70 [ 244.329987] iommufd_test_staccess_release+0x8d/0xd0 [ 244.330662] __fput+0x26d/0xa40 [ 244.331300] ____fput+0x1e/0x30 [ 244.331676] task_work_run+0x1a4/0x2d0 [ 244.332118] ? __pfx_task_work_run+0x10/0x10 [ 244.332627] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.333173] ? switch_task_namespaces+0xa9/0xe0 [ 244.333699] do_exit+0xb17/0x2ef0 [ 244.334083] ? lock_acquire+0x427/0x4c0 [ 244.334583] ? __pfx_lock_release+0x10/0x10 [ 244.335073] ? __kasan_check_write+0x18/0x20 [ 244.335632] ? do_raw_spin_lock+0x132/0x2a0 [ 244.336367] ? __pfx_do_exit+0x10/0x10 [ 244.336814] ? debug_smp_processor_id+0x20/0x30 [ 244.337334] ? rcu_is_watching+0x19/0xb0 [ 244.337792] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.338309] ? trace_hardirqs_on+0x26/0x120 [ 244.338847] do_group_exit+0xe0/0x2b0 [ 244.339299] __x64_sys_exit_group+0x47/0x50 [ 244.339784] do_syscall_64+0x3b/0x90 [ 244.340313] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.341076] RIP: 0033:0x7f4b87518a4d [ 244.341494] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.342173] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.343064] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.343992] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.344956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.345742] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.346560] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.347493] [ 244.347843] irq event stamp: 0 [ 244.348376] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.349062] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.349961] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.350902] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.351725] ---[ end trace 0000000000000000 ]--- [ 244.353758] ------------[ cut here ]------------ [ 244.354291] WARNING: CPU: 0 PID: 2311 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 244.355485] Modules linked in: [ 244.355838] CPU: 0 PID: 2311 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.357042] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.358441] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 244.359054] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 244.361144] RSP: 0018:ffff88801625fb78 EFLAGS: 00010246 [ 244.362001] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 244.362795] RDX: 0000000000000000 RSI: ffff888011f84a00 RDI: 0000000000000002 [ 244.363582] RBP: ffff88801625fb98 R08: ffffed10023b353e R09: ffffed10023b353e [ 244.364337] R10: ffff888011d9a9ef R11: ffffed10023b353d R12: ffff888011d9aa90 [ 244.365196] R13: ffff888011d9a8a8 R14: ffffffffffffffff R15: ffff88801625fc60 [ 244.366275] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.367203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.367838] CR2: 00007f82e2f30000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 244.368608] PKRU: 55555554 [ 244.368917] Call Trace: [ 244.369251] [ 244.369573] iommufd_ioas_destroy+0x53/0x70 [ 244.370258] iommufd_fops_release+0x1f7/0x370 [ 244.370799] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.371375] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.371930] ? write_comp_data+0x2f/0x90 [ 244.372386] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.372932] __fput+0x26d/0xa40 [ 244.373348] ____fput+0x1e/0x30 [ 244.373825] task_work_run+0x1a4/0x2d0 [ 244.374448] ? __pfx_task_work_run+0x10/0x10 [ 244.374968] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.375531] ? switch_task_namespaces+0xa9/0xe0 [ 244.376059] do_exit+0xb17/0x2ef0 [ 244.376444] ? lock_acquire+0x427/0x4c0 [ 244.376900] ? __pfx_lock_release+0x10/0x10 [ 244.377468] ? __kasan_check_write+0x18/0x20 [ 244.378151] ? do_raw_spin_lock+0x132/0x2a0 [ 244.378843] ? __pfx_do_exit+0x10/0x10 [ 244.379297] ? debug_smp_processor_id+0x20/0x30 [ 244.379809] ? rcu_is_watching+0x19/0xb0 [ 244.380249] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.380744] ? trace_hardirqs_on+0x26/0x120 [ 244.381228] do_group_exit+0xe0/0x2b0 [ 244.381755] __x64_sys_exit_group+0x47/0x50 [ 244.382382] do_syscall_64+0x3b/0x90 [ 244.382984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.383563] RIP: 0033:0x7f4b87518a4d [ 244.383965] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.384617] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.385459] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.386361] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.387455] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.388233] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.389000] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.389784] [ 244.390041] irq event stamp: 0 [ 244.390476] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.391414] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.392461] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.393337] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.393997] ---[ end trace 0000000000000000 ]--- [ 244.403065] ------------[ cut here ]------------ [ 244.403618] WARNING: CPU: 0 PID: 2312 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.404675] Modules linked in: [ 244.405011] CPU: 0 PID: 2312 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.406063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.407558] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.408088] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.409993] RSP: 0018:ffff888015d0fbb8 EFLAGS: 00010246 [ 244.410615] RAX: 0000000000000000 RBX: ffff8880165328a8 RCX: 0000000000000000 [ 244.411391] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 244.412133] RBP: ffff888015d0fbd0 R08: ffffed1002ca6533 R09: ffffed1002ca6533 [ 244.412880] R10: ffff888016532993 R11: ffffed1002ca6532 R12: ffff88801890d400 [ 244.413634] R13: ffff8880165329e8 R14: ffffffff8352e670 R15: ffff888015d0fe68 [ 244.414374] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.415281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.415902] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ef0 [ 244.416658] PKRU: 55555554 [ 244.416960] Call Trace: [ 244.417229] [ 244.417469] __iommufd_access_detach+0x1c2/0x2b0 [ 244.417986] iommufd_access_change_pt+0x149/0x270 [ 244.418540] iommufd_access_replace+0xb4/0x120 [ 244.419034] iommufd_test+0x3e5/0x37e0 [ 244.419472] ? lock_release+0x532/0x770 [ 244.419907] ? __might_fault+0x102/0x1b0 [ 244.420343] ? lock_acquire+0x427/0x4c0 [ 244.420767] ? __pfx_iommufd_test+0x10/0x10 [ 244.421228] ? __pfx_lock_release+0x10/0x10 [ 244.421693] ? __pfx_lock_acquire+0x10/0x10 [ 244.422161] ? write_comp_data+0x2f/0x90 [ 244.422631] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.423172] ? write_comp_data+0x2f/0x90 [ 244.423617] iommufd_fops_ioctl+0x37d/0x510 [ 244.424082] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.424622] ? write_comp_data+0x2f/0x90 [ 244.425066] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.425583] __x64_sys_ioctl+0x1a3/0x230 [ 244.426021] do_syscall_64+0x3b/0x90 [ 244.426425] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.427025] RIP: 0033:0x7f4b8743ee5d [ 244.427442] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 244.429345] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 244.430142] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 244.430919] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 244.431687] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 244.432428] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 244.433172] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 244.433929] [ 244.434174] irq event stamp: 0 [ 244.434500] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.435216] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.436082] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.436984] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.437654] ---[ end trace 0000000000000000 ]--- [ 244.441387] ------------[ cut here ]------------ [ 244.441894] WARNING: CPU: 0 PID: 2312 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.443156] Modules linked in: [ 244.443660] CPU: 0 PID: 2312 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.444765] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.445975] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.446559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.448588] RSP: 0018:ffff888015d0fbd0 EFLAGS: 00010246 [ 244.449334] RAX: 0000000000000000 RBX: ffff8880165328a8 RCX: 0000000000000000 [ 244.450297] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 244.451092] RBP: ffff888015d0fbe8 R08: ffffed1002ca6533 R09: ffffed1002ca6533 [ 244.451880] R10: ffff888016532993 R11: ffffed1002ca6532 R12: ffff888013b22c00 [ 244.452636] R13: ffff8880165329e8 R14: ffff8880218ebc00 R15: 0000000000000000 [ 244.453437] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.454760] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.455407] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.456165] PKRU: 55555554 [ 244.456467] Call Trace: [ 244.456745] [ 244.456987] iommufd_access_destroy_object+0x65/0x170 [ 244.457552] iommufd_object_destroy_user+0x18e/0x220 [ 244.458147] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 244.459002] iommufd_access_destroy+0x43/0x70 [ 244.459703] iommufd_test_staccess_release+0x8d/0xd0 [ 244.460264] __fput+0x26d/0xa40 [ 244.460631] ____fput+0x1e/0x30 [ 244.460994] task_work_run+0x1a4/0x2d0 [ 244.461423] ? __pfx_task_work_run+0x10/0x10 [ 244.461897] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.462434] ? switch_task_namespaces+0xa9/0xe0 [ 244.462986] do_exit+0xb17/0x2ef0 [ 244.463392] ? lock_acquire+0x427/0x4c0 [ 244.463832] ? __pfx_lock_release+0x10/0x10 [ 244.464447] ? __kasan_check_write+0x18/0x20 [ 244.465191] ? do_raw_spin_lock+0x132/0x2a0 [ 244.465660] ? __pfx_do_exit+0x10/0x10 [ 244.466090] ? debug_smp_processor_id+0x20/0x30 [ 244.466626] ? rcu_is_watching+0x19/0xb0 [ 244.467069] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.467587] ? trace_hardirqs_on+0x26/0x120 [ 244.468055] do_group_exit+0xe0/0x2b0 [ 244.468468] __x64_sys_exit_group+0x47/0x50 [ 244.469045] do_syscall_64+0x3b/0x90 [ 244.469585] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.470324] RIP: 0033:0x7f4b87518a4d [ 244.470754] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.471431] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.472234] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.472987] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.473814] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.474945] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.475720] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.476478] [ 244.476731] irq event stamp: 0 [ 244.477074] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.477743] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.478786] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.479873] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.480542] ---[ end trace 0000000000000000 ]--- [ 244.481434] ------------[ cut here ]------------ [ 244.481935] WARNING: CPU: 0 PID: 2312 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 244.483096] Modules linked in: [ 244.483727] CPU: 0 PID: 2312 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.484667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.485879] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 244.486427] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 244.489017] RSP: 0018:ffff888015d0fb78 EFLAGS: 00010246 [ 244.489616] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 244.490366] RDX: 0000000000000000 RSI: ffff888017142500 RDI: 0000000000000002 [ 244.491160] RBP: ffff888015d0fb98 R08: ffffed1002ca653e R09: ffffed1002ca653e [ 244.491959] R10: ffff8880165329ef R11: ffffed1002ca653d R12: ffff888016532a90 [ 244.492988] R13: ffff8880165328a8 R14: ffffffffffffffff R15: ffff888015d0fc60 [ 244.493938] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.494826] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.495456] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.496211] PKRU: 55555554 [ 244.496517] Call Trace: [ 244.496867] [ 244.497196] iommufd_ioas_destroy+0x53/0x70 [ 244.497831] iommufd_fops_release+0x1f7/0x370 [ 244.498322] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.498881] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.499436] ? write_comp_data+0x2f/0x90 [ 244.499905] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.500459] __fput+0x26d/0xa40 [ 244.500916] ____fput+0x1e/0x30 [ 244.501400] task_work_run+0x1a4/0x2d0 [ 244.502006] ? __pfx_task_work_run+0x10/0x10 [ 244.502547] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.503102] ? switch_task_namespaces+0xa9/0xe0 [ 244.503646] do_exit+0xb17/0x2ef0 [ 244.504027] ? lock_acquire+0x427/0x4c0 [ 244.504480] ? __pfx_lock_release+0x10/0x10 [ 244.504965] ? __kasan_check_write+0x18/0x20 [ 244.505568] ? do_raw_spin_lock+0x132/0x2a0 [ 244.506185] ? __pfx_do_exit+0x10/0x10 [ 244.506835] ? debug_smp_processor_id+0x20/0x30 [ 244.507369] ? rcu_is_watching+0x19/0xb0 [ 244.507811] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.508303] ? trace_hardirqs_on+0x26/0x120 [ 244.508780] do_group_exit+0xe0/0x2b0 [ 244.509205] __x64_sys_exit_group+0x47/0x50 [ 244.509716] do_syscall_64+0x3b/0x90 [ 244.510289] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.511051] RIP: 0033:0x7f4b87518a4d [ 244.511488] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.512144] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.512959] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.513782] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.514919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.515709] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.516473] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.517261] [ 244.517525] irq event stamp: 0 [ 244.517917] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.518924] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.519852] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.520782] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.521471] ---[ end trace 0000000000000000 ]--- [ 244.530952] ------------[ cut here ]------------ [ 244.531532] WARNING: CPU: 0 PID: 2313 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.532640] Modules linked in: [ 244.532988] CPU: 0 PID: 2313 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.533936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.535782] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.536345] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.538328] RSP: 0018:ffff88800f1c7bb8 EFLAGS: 00010246 [ 244.538955] RAX: 0000000000000000 RBX: ffff888011f600a8 RCX: 0000000000000000 [ 244.539752] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 244.540508] RBP: ffff88800f1c7bd0 R08: ffffed10023ec033 R09: ffffed10023ec033 [ 244.541282] R10: ffff888011f60193 R11: ffffed10023ec032 R12: ffff888010e01000 [ 244.542043] R13: ffff888011f601e8 R14: ffffffff8352e670 R15: ffff88800f1c7e68 [ 244.542858] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.543783] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.544410] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 244.545178] PKRU: 55555554 [ 244.545485] Call Trace: [ 244.545764] [ 244.546010] __iommufd_access_detach+0x1c2/0x2b0 [ 244.546599] iommufd_access_change_pt+0x149/0x270 [ 244.547160] iommufd_access_replace+0xb4/0x120 [ 244.547683] iommufd_test+0x3e5/0x37e0 [ 244.548138] ? lock_release+0x532/0x770 [ 244.548582] ? __might_fault+0x102/0x1b0 [ 244.549024] ? lock_acquire+0x427/0x4c0 [ 244.549467] ? __pfx_iommufd_test+0x10/0x10 [ 244.549936] ? __pfx_lock_release+0x10/0x10 [ 244.550410] ? __pfx_lock_acquire+0x10/0x10 [ 244.550932] ? write_comp_data+0x2f/0x90 [ 244.551411] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.551945] ? write_comp_data+0x2f/0x90 [ 244.552391] iommufd_fops_ioctl+0x37d/0x510 [ 244.552863] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.553407] ? write_comp_data+0x2f/0x90 [ 244.553871] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.554395] __x64_sys_ioctl+0x1a3/0x230 [ 244.554888] do_syscall_64+0x3b/0x90 [ 244.555323] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.555896] RIP: 0033:0x7f4b8743ee5d [ 244.556308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 244.558286] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 244.559177] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 244.559993] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 244.560765] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 244.561534] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 244.562292] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 244.563102] [ 244.563378] irq event stamp: 0 [ 244.563723] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.564394] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.565302] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.566204] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.566924] ---[ end trace 0000000000000000 ]--- [ 244.570970] ------------[ cut here ]------------ [ 244.571552] WARNING: CPU: 0 PID: 2313 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.572809] Modules linked in: [ 244.573276] CPU: 0 PID: 2313 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.574433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.575704] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.576250] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.578560] RSP: 0018:ffff88800f1c7bd0 EFLAGS: 00010246 [ 244.579369] RAX: 0000000000000000 RBX: ffff888011f600a8 RCX: 0000000000000000 [ 244.580144] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 244.580909] RBP: ffff88800f1c7be8 R08: ffffed10023ec033 R09: ffffed10023ec033 [ 244.581672] R10: ffff888011f60193 R11: ffffed10023ec032 R12: ffff88801890ec00 [ 244.582434] R13: ffff888011f601e8 R14: ffff888012245e00 R15: 0000000000000000 [ 244.583491] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.584550] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.585182] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.585947] PKRU: 55555554 [ 244.586257] Call Trace: [ 244.586571] [ 244.586820] iommufd_access_destroy_object+0x65/0x170 [ 244.587409] iommufd_object_destroy_user+0x18e/0x220 [ 244.587973] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 244.588790] iommufd_access_destroy+0x43/0x70 [ 244.589611] iommufd_test_staccess_release+0x8d/0xd0 [ 244.590176] __fput+0x26d/0xa40 [ 244.590587] ____fput+0x1e/0x30 [ 244.590955] task_work_run+0x1a4/0x2d0 [ 244.591409] ? __pfx_task_work_run+0x10/0x10 [ 244.591894] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.592429] ? switch_task_namespaces+0xa9/0xe0 [ 244.592952] do_exit+0xb17/0x2ef0 [ 244.593336] ? lock_acquire+0x427/0x4c0 [ 244.593937] ? __pfx_lock_release+0x10/0x10 [ 244.594637] ? __kasan_check_write+0x18/0x20 [ 244.595300] ? do_raw_spin_lock+0x132/0x2a0 [ 244.595781] ? __pfx_do_exit+0x10/0x10 [ 244.596214] ? debug_smp_processor_id+0x20/0x30 [ 244.596728] ? rcu_is_watching+0x19/0xb0 [ 244.597173] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.597685] ? trace_hardirqs_on+0x26/0x120 [ 244.598191] do_group_exit+0xe0/0x2b0 [ 244.598680] __x64_sys_exit_group+0x47/0x50 [ 244.599274] do_syscall_64+0x3b/0x90 [ 244.599833] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.600585] RIP: 0033:0x7f4b87518a4d [ 244.601001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.601665] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.602486] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.603349] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.604382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.605324] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.606090] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.606917] [ 244.607199] irq event stamp: 0 [ 244.607542] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.608225] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.609143] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.610281] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.611246] ---[ end trace 0000000000000000 ]--- [ 244.612693] ------------[ cut here ]------------ [ 244.613223] WARNING: CPU: 0 PID: 2313 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 244.614438] Modules linked in: [ 244.615099] CPU: 0 PID: 2313 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.616071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.617283] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 244.617861] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 244.619896] RSP: 0018:ffff88800f1c7b78 EFLAGS: 00010246 [ 244.620483] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 244.621250] RDX: 0000000000000000 RSI: ffff888011f82500 RDI: 0000000000000002 [ 244.622007] RBP: ffff88800f1c7b98 R08: ffffed10023ec03e R09: ffffed10023ec03e [ 244.622806] R10: ffff888011f601ef R11: ffffed10023ec03d R12: ffff888011f60290 [ 244.623599] R13: ffff888011f600a8 R14: ffffffffffffffff R15: ffff88800f1c7c60 [ 244.624374] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.625229] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.625850] CR2: 00007f82e2f44000 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 244.626664] PKRU: 55555554 [ 244.626978] Call Trace: [ 244.627280] [ 244.627526] iommufd_ioas_destroy+0x53/0x70 [ 244.628000] iommufd_fops_release+0x1f7/0x370 [ 244.628488] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.629022] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.629550] ? write_comp_data+0x2f/0x90 [ 244.629999] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.630588] __fput+0x26d/0xa40 [ 244.630967] ____fput+0x1e/0x30 [ 244.631356] task_work_run+0x1a4/0x2d0 [ 244.631784] ? __pfx_task_work_run+0x10/0x10 [ 244.632278] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.632819] ? switch_task_namespaces+0xa9/0xe0 [ 244.633338] do_exit+0xb17/0x2ef0 [ 244.633715] ? lock_acquire+0x427/0x4c0 [ 244.634152] ? __pfx_lock_release+0x10/0x10 [ 244.634670] ? __kasan_check_write+0x18/0x20 [ 244.635179] ? do_raw_spin_lock+0x132/0x2a0 [ 244.635653] ? __pfx_do_exit+0x10/0x10 [ 244.636084] ? debug_smp_processor_id+0x20/0x30 [ 244.636595] ? rcu_is_watching+0x19/0xb0 [ 244.637058] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.637568] ? trace_hardirqs_on+0x26/0x120 [ 244.638046] do_group_exit+0xe0/0x2b0 [ 244.638455] __x64_sys_exit_group+0x47/0x50 [ 244.638957] do_syscall_64+0x3b/0x90 [ 244.639395] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.639966] RIP: 0033:0x7f4b87518a4d [ 244.640373] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.641038] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.641848] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.642674] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.643478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.644239] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.645007] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.645786] [ 244.646053] irq event stamp: 0 [ 244.646401] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.647115] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.648028] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.648919] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.649583] ---[ end trace 0000000000000000 ]--- [ 244.655592] ------------[ cut here ]------------ [ 244.656318] WARNING: CPU: 0 PID: 2314 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.657791] Modules linked in: [ 244.658135] CPU: 0 PID: 2314 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.659100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.660332] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.660878] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.663415] RSP: 0018:ffff88801839fbb8 EFLAGS: 00010246 [ 244.663997] RAX: 0000000000000000 RBX: ffff8880182dd8a8 RCX: 0000000000000000 [ 244.664743] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 244.665502] RBP: ffff88801839fbd0 R08: ffffed100305bb33 R09: ffffed100305bb33 [ 244.666256] R10: ffff8880182dd993 R11: ffffed100305bb32 R12: ffff888013db8400 [ 244.667282] R13: ffff8880182dd9e8 R14: ffffffff8352e670 R15: ffff88801839fe68 [ 244.668230] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.669089] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.669703] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 244.670462] PKRU: 55555554 [ 244.670829] Call Trace: [ 244.671112] [ 244.671379] __iommufd_access_detach+0x1c2/0x2b0 [ 244.672032] iommufd_access_change_pt+0x149/0x270 [ 244.672897] iommufd_access_replace+0xb4/0x120 [ 244.673400] iommufd_test+0x3e5/0x37e0 [ 244.673824] ? lock_release+0x532/0x770 [ 244.674252] ? __might_fault+0x102/0x1b0 [ 244.674768] ? lock_acquire+0x427/0x4c0 [ 244.675231] ? __pfx_iommufd_test+0x10/0x10 [ 244.675687] ? __pfx_lock_release+0x10/0x10 [ 244.676152] ? __pfx_lock_acquire+0x10/0x10 [ 244.676632] ? write_comp_data+0x2f/0x90 [ 244.677205] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.677932] ? write_comp_data+0x2f/0x90 [ 244.678629] iommufd_fops_ioctl+0x37d/0x510 [ 244.679099] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.679649] ? write_comp_data+0x2f/0x90 [ 244.680093] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.680607] __x64_sys_ioctl+0x1a3/0x230 [ 244.681049] do_syscall_64+0x3b/0x90 [ 244.681454] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.682026] RIP: 0033:0x7f4b8743ee5d [ 244.682590] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 244.684785] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 244.685603] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 244.686359] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 244.687358] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 244.688304] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 244.689064] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 244.689848] [ 244.690111] irq event stamp: 0 [ 244.690453] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.691269] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.692339] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.693243] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.693915] ---[ end trace 0000000000000000 ]--- [ 244.698257] ------------[ cut here ]------------ [ 244.699041] WARNING: CPU: 0 PID: 2314 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.700344] Modules linked in: [ 244.700686] CPU: 0 PID: 2314 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.701610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.702917] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.703635] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.705583] RSP: 0018:ffff88801839fbd0 EFLAGS: 00010246 [ 244.706178] RAX: 0000000000000000 RBX: ffff8880182dd8a8 RCX: 0000000000000000 [ 244.707247] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 244.708508] RBP: ffff88801839fbe8 R08: ffffed100305bb33 R09: ffffed100305bb33 [ 244.709277] R10: ffff8880182dd993 R11: ffffed100305bb32 R12: ffff888010e01400 [ 244.710048] R13: ffff8880182dd9e8 R14: ffff888012b36900 R15: 0000000000000000 [ 244.710905] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.712299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.712936] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.713707] PKRU: 55555554 [ 244.714016] Call Trace: [ 244.714292] [ 244.714579] iommufd_access_destroy_object+0x65/0x170 [ 244.715243] iommufd_object_destroy_user+0x18e/0x220 [ 244.716273] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 244.716930] iommufd_access_destroy+0x43/0x70 [ 244.717430] iommufd_test_staccess_release+0x8d/0xd0 [ 244.717989] __fput+0x26d/0xa40 [ 244.718359] ____fput+0x1e/0x30 [ 244.718761] task_work_run+0x1a4/0x2d0 [ 244.719223] ? __pfx_task_work_run+0x10/0x10 [ 244.719807] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.720513] ? switch_task_namespaces+0xa9/0xe0 [ 244.721177] do_exit+0xb17/0x2ef0 [ 244.721560] ? lock_acquire+0x427/0x4c0 [ 244.721997] ? __pfx_lock_release+0x10/0x10 [ 244.722457] ? __kasan_check_write+0x18/0x20 [ 244.722947] ? do_raw_spin_lock+0x132/0x2a0 [ 244.723430] ? __pfx_do_exit+0x10/0x10 [ 244.723862] ? debug_smp_processor_id+0x20/0x30 [ 244.724373] ? rcu_is_watching+0x19/0xb0 [ 244.724808] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.725318] ? trace_hardirqs_on+0x26/0x120 [ 244.725804] do_group_exit+0xe0/0x2b0 [ 244.726216] __x64_sys_exit_group+0x47/0x50 [ 244.726713] do_syscall_64+0x3b/0x90 [ 244.727152] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.727729] RIP: 0033:0x7f4b87518a4d [ 244.728134] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.728801] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.729623] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.730385] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.731196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.731959] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.732718] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.733515] [ 244.733779] irq event stamp: 0 [ 244.734123] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.734991] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.736158] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.737057] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.737735] ---[ end trace 0000000000000000 ]--- [ 244.738985] ------------[ cut here ]------------ [ 244.739611] WARNING: CPU: 0 PID: 2314 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 244.741068] Modules linked in: [ 244.741423] CPU: 0 PID: 2314 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.742351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.743639] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 244.744311] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 244.746711] RSP: 0018:ffff88801839fb78 EFLAGS: 00010246 [ 244.747318] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 244.748089] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 244.748886] RBP: ffff88801839fb98 R08: ffffed100305bb3e R09: ffffed100305bb3e [ 244.750025] R10: ffff8880182dd9ef R11: ffffed100305bb3d R12: ffff8880182dda90 [ 244.750817] R13: ffff8880182dd8a8 R14: ffffffffffffffff R15: ffff88801839fc60 [ 244.751618] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.752514] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.753149] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 244.754137] PKRU: 55555554 [ 244.754608] Call Trace: [ 244.755093] [ 244.755358] iommufd_ioas_destroy+0x53/0x70 [ 244.755844] iommufd_fops_release+0x1f7/0x370 [ 244.756347] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.756892] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.757429] ? write_comp_data+0x2f/0x90 [ 244.757887] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.758543] __fput+0x26d/0xa40 [ 244.759032] ____fput+0x1e/0x30 [ 244.759578] task_work_run+0x1a4/0x2d0 [ 244.760012] ? __pfx_task_work_run+0x10/0x10 [ 244.760496] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.761026] ? switch_task_namespaces+0xa9/0xe0 [ 244.761542] do_exit+0xb17/0x2ef0 [ 244.761920] ? lock_acquire+0x427/0x4c0 [ 244.762363] ? __pfx_lock_release+0x10/0x10 [ 244.762895] ? __kasan_check_write+0x18/0x20 [ 244.763407] ? do_raw_spin_lock+0x132/0x2a0 [ 244.763891] ? __pfx_do_exit+0x10/0x10 [ 244.764329] ? debug_smp_processor_id+0x20/0x30 [ 244.764848] ? rcu_is_watching+0x19/0xb0 [ 244.765289] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.765782] ? trace_hardirqs_on+0x26/0x120 [ 244.766254] do_group_exit+0xe0/0x2b0 [ 244.766712] __x64_sys_exit_group+0x47/0x50 [ 244.767197] do_syscall_64+0x3b/0x90 [ 244.767610] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.768180] RIP: 0033:0x7f4b87518a4d [ 244.768593] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.769256] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.770079] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.770904] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.771685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.772447] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.773225] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.774016] [ 244.774269] irq event stamp: 0 [ 244.774667] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.775370] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.776264] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.777157] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.777840] ---[ end trace 0000000000000000 ]--- [ 244.784021] ------------[ cut here ]------------ [ 244.784648] WARNING: CPU: 0 PID: 2315 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.785727] Modules linked in: [ 244.786074] CPU: 0 PID: 2315 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.787103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.788333] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.788865] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.790866] RSP: 0018:ffff888015d97bb8 EFLAGS: 00010246 [ 244.791462] RAX: 0000000000000000 RBX: ffff8880147038a8 RCX: 0000000000000000 [ 244.792215] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 244.792984] RBP: ffff888015d97bd0 R08: ffffed10028e0733 R09: ffffed10028e0733 [ 244.793740] R10: ffff888014703993 R11: ffffed10028e0732 R12: ffff888014582000 [ 244.794497] R13: ffff8880147039e8 R14: ffffffff8352e670 R15: ffff888015d97e68 [ 244.795314] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.796176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.796799] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 244.797579] PKRU: 55555554 [ 244.797889] Call Trace: [ 244.798173] [ 244.798424] __iommufd_access_detach+0x1c2/0x2b0 [ 244.798994] iommufd_access_change_pt+0x149/0x270 [ 244.799548] iommufd_access_replace+0xb4/0x120 [ 244.800051] iommufd_test+0x3e5/0x37e0 [ 244.800477] ? lock_release+0x532/0x770 [ 244.800920] ? __might_fault+0x102/0x1b0 [ 244.801365] ? lock_acquire+0x427/0x4c0 [ 244.801805] ? __pfx_iommufd_test+0x10/0x10 [ 244.802275] ? __pfx_lock_release+0x10/0x10 [ 244.802787] ? __pfx_lock_acquire+0x10/0x10 [ 244.803281] ? write_comp_data+0x2f/0x90 [ 244.803735] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.804271] ? write_comp_data+0x2f/0x90 [ 244.804730] iommufd_fops_ioctl+0x37d/0x510 [ 244.805210] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.805742] ? write_comp_data+0x2f/0x90 [ 244.806196] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.806777] __x64_sys_ioctl+0x1a3/0x230 [ 244.807258] do_syscall_64+0x3b/0x90 [ 244.807676] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.808238] RIP: 0033:0x7f4b8743ee5d [ 244.808638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 244.810618] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 244.811444] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 244.812197] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 244.812943] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 244.813680] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 244.814431] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 244.815245] [ 244.815502] irq event stamp: 0 [ 244.815835] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.816536] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.817454] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.818339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.819048] ---[ end trace 0000000000000000 ]--- [ 244.822364] ------------[ cut here ]------------ [ 244.822958] WARNING: CPU: 0 PID: 2315 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.824042] Modules linked in: [ 244.824378] CPU: 0 PID: 2315 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.825294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.826478] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.827051] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.828990] RSP: 0018:ffff888015d97bd0 EFLAGS: 00010246 [ 244.829558] RAX: 0000000000000000 RBX: ffff8880147038a8 RCX: 0000000000000000 [ 244.830304] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 244.831115] RBP: ffff888015d97be8 R08: ffffed10028e0733 R09: ffffed10028e0733 [ 244.831892] R10: ffff888014703993 R11: ffffed10028e0732 R12: ffff888013db8000 [ 244.832650] R13: ffff8880147039e8 R14: ffff888012c78500 R15: 0000000000000000 [ 244.833400] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.834234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.834884] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.835656] PKRU: 55555554 [ 244.835962] Call Trace: [ 244.836238] [ 244.836480] iommufd_access_destroy_object+0x65/0x170 [ 244.837040] iommufd_object_destroy_user+0x18e/0x220 [ 244.837581] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 244.838194] iommufd_access_destroy+0x43/0x70 [ 244.838724] iommufd_test_staccess_release+0x8d/0xd0 [ 244.839300] __fput+0x26d/0xa40 [ 244.839675] ____fput+0x1e/0x30 [ 244.840034] task_work_run+0x1a4/0x2d0 [ 244.840452] ? __pfx_task_work_run+0x10/0x10 [ 244.840935] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.841467] ? switch_task_namespaces+0xa9/0xe0 [ 244.841985] do_exit+0xb17/0x2ef0 [ 244.842352] ? lock_acquire+0x427/0x4c0 [ 244.842835] ? __pfx_lock_release+0x10/0x10 [ 244.843329] ? __kasan_check_write+0x18/0x20 [ 244.843806] ? do_raw_spin_lock+0x132/0x2a0 [ 244.844266] ? __pfx_do_exit+0x10/0x10 [ 244.844684] ? debug_smp_processor_id+0x20/0x30 [ 244.845184] ? rcu_is_watching+0x19/0xb0 [ 244.845630] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.846121] ? trace_hardirqs_on+0x26/0x120 [ 244.846620] do_group_exit+0xe0/0x2b0 [ 244.847028] __x64_sys_exit_group+0x47/0x50 [ 244.847500] do_syscall_64+0x3b/0x90 [ 244.847899] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.848452] RIP: 0033:0x7f4b87518a4d [ 244.848853] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.849502] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.850299] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.851085] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.851857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.852609] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.853375] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.854139] [ 244.854392] irq event stamp: 0 [ 244.854771] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.855467] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.856351] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.857234] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.857898] ---[ end trace 0000000000000000 ]--- [ 244.858834] ------------[ cut here ]------------ [ 244.859351] WARNING: CPU: 0 PID: 2315 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 244.860418] Modules linked in: [ 244.860764] CPU: 0 PID: 2315 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.861717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.862957] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 244.863540] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 244.865471] RSP: 0018:ffff888015d97b78 EFLAGS: 00010246 [ 244.866042] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 244.866847] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 244.867625] RBP: ffff888015d97b98 R08: ffffed10028e073e R09: ffffed10028e073e [ 244.868382] R10: ffff8880147039ef R11: ffffed10028e073d R12: ffff888014703a90 [ 244.869140] R13: ffff8880147038a8 R14: ffffffffffffffff R15: ffff888015d97c60 [ 244.869896] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.870775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.871406] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.872159] PKRU: 55555554 [ 244.872457] Call Trace: [ 244.872731] [ 244.872971] iommufd_ioas_destroy+0x53/0x70 [ 244.873437] iommufd_fops_release+0x1f7/0x370 [ 244.873926] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.874470] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.875037] ? write_comp_data+0x2f/0x90 [ 244.875492] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.876024] __fput+0x26d/0xa40 [ 244.876400] ____fput+0x1e/0x30 [ 244.876765] task_work_run+0x1a4/0x2d0 [ 244.877187] ? __pfx_task_work_run+0x10/0x10 [ 244.877667] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.878187] ? switch_task_namespaces+0xa9/0xe0 [ 244.878773] do_exit+0xb17/0x2ef0 [ 244.879176] ? lock_acquire+0x427/0x4c0 [ 244.879612] ? __pfx_lock_release+0x10/0x10 [ 244.880079] ? __kasan_check_write+0x18/0x20 [ 244.880558] ? do_raw_spin_lock+0x132/0x2a0 [ 244.881025] ? __pfx_do_exit+0x10/0x10 [ 244.881453] ? debug_smp_processor_id+0x20/0x30 [ 244.881953] ? rcu_is_watching+0x19/0xb0 [ 244.882386] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.882918] ? trace_hardirqs_on+0x26/0x120 [ 244.883412] do_group_exit+0xe0/0x2b0 [ 244.883827] __x64_sys_exit_group+0x47/0x50 [ 244.884291] do_syscall_64+0x3b/0x90 [ 244.884703] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.885269] RIP: 0033:0x7f4b87518a4d [ 244.885661] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.886320] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.887201] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.887967] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.888717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.889465] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.890220] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.891057] [ 244.891326] irq event stamp: 0 [ 244.891666] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.892331] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.893211] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.894087] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.894801] ---[ end trace 0000000000000000 ]--- [ 244.900628] ------------[ cut here ]------------ [ 244.901214] WARNING: CPU: 0 PID: 2316 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.902270] Modules linked in: [ 244.902663] CPU: 0 PID: 2316 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.903609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.904797] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.905328] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.907302] RSP: 0018:ffff888018657bb8 EFLAGS: 00010246 [ 244.907884] RAX: 0000000000000000 RBX: ffff888014b0b8a8 RCX: 0000000000000000 [ 244.908641] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 244.909391] RBP: ffff888018657bd0 R08: ffffed1002961733 R09: ffffed1002961733 [ 244.910153] R10: ffff888014b0b993 R11: ffffed1002961732 R12: ffff888013bc6c00 [ 244.910947] R13: ffff888014b0b9e8 R14: ffffffff8352e670 R15: ffff888018657e68 [ 244.911718] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.912568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.913188] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 244.913940] PKRU: 55555554 [ 244.914241] Call Trace: [ 244.914554] [ 244.914799] __iommufd_access_detach+0x1c2/0x2b0 [ 244.915357] iommufd_access_change_pt+0x149/0x270 [ 244.915895] iommufd_access_replace+0xb4/0x120 [ 244.916399] iommufd_test+0x3e5/0x37e0 [ 244.916820] ? lock_release+0x532/0x770 [ 244.917260] ? __might_fault+0x102/0x1b0 [ 244.917703] ? lock_acquire+0x427/0x4c0 [ 244.918135] ? __pfx_iommufd_test+0x10/0x10 [ 244.918646] ? __pfx_lock_release+0x10/0x10 [ 244.919132] ? __pfx_lock_acquire+0x10/0x10 [ 244.919600] ? write_comp_data+0x2f/0x90 [ 244.920041] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.920565] ? write_comp_data+0x2f/0x90 [ 244.921008] iommufd_fops_ioctl+0x37d/0x510 [ 244.921469] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.921987] ? write_comp_data+0x2f/0x90 [ 244.922427] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 244.922989] __x64_sys_ioctl+0x1a3/0x230 [ 244.923466] do_syscall_64+0x3b/0x90 [ 244.923889] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.924449] RIP: 0033:0x7f4b8743ee5d [ 244.924847] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 244.926822] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 244.927650] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 244.928398] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 244.929152] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 244.929902] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 244.930697] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 244.931476] [ 244.931726] irq event stamp: 0 [ 244.932069] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.932744] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.933625] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.934548] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.935241] ---[ end trace 0000000000000000 ]--- [ 244.938561] ------------[ cut here ]------------ [ 244.939101] WARNING: CPU: 0 PID: 2316 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 244.940202] Modules linked in: [ 244.940541] CPU: 0 PID: 2316 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.941469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.942694] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 244.943251] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 244.945161] RSP: 0018:ffff888018657bd0 EFLAGS: 00010246 [ 244.945723] RAX: 0000000000000000 RBX: ffff888014b0b8a8 RCX: 0000000000000000 [ 244.946476] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 244.947300] RBP: ffff888018657be8 R08: ffffed1002961733 R09: ffffed1002961733 [ 244.948058] R10: ffff888014b0b993 R11: ffffed1002961732 R12: ffff888014582800 [ 244.948805] R13: ffff888014b0b9e8 R14: ffff88800f02d800 R15: 0000000000000000 [ 244.949567] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.950410] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.951080] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.951853] PKRU: 55555554 [ 244.952155] Call Trace: [ 244.952435] [ 244.952677] iommufd_access_destroy_object+0x65/0x170 [ 244.953229] iommufd_object_destroy_user+0x18e/0x220 [ 244.953770] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 244.954387] iommufd_access_destroy+0x43/0x70 [ 244.954920] iommufd_test_staccess_release+0x8d/0xd0 [ 244.955487] __fput+0x26d/0xa40 [ 244.955862] ____fput+0x1e/0x30 [ 244.956229] task_work_run+0x1a4/0x2d0 [ 244.956659] ? __pfx_task_work_run+0x10/0x10 [ 244.957143] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.957665] ? switch_task_namespaces+0xa9/0xe0 [ 244.958176] do_exit+0xb17/0x2ef0 [ 244.958595] ? lock_acquire+0x427/0x4c0 [ 244.959037] ? __pfx_lock_release+0x10/0x10 [ 244.959513] ? __kasan_check_write+0x18/0x20 [ 244.959982] ? do_raw_spin_lock+0x132/0x2a0 [ 244.960441] ? __pfx_do_exit+0x10/0x10 [ 244.960865] ? debug_smp_processor_id+0x20/0x30 [ 244.961362] ? rcu_is_watching+0x19/0xb0 [ 244.961794] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.962279] ? trace_hardirqs_on+0x26/0x120 [ 244.962784] do_group_exit+0xe0/0x2b0 [ 244.963212] __x64_sys_exit_group+0x47/0x50 [ 244.963672] do_syscall_64+0x3b/0x90 [ 244.964089] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 244.964652] RIP: 0033:0x7f4b87518a4d [ 244.965046] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 244.965696] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 244.966494] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 244.967311] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 244.968067] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 244.968817] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 244.969566] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 244.970341] [ 244.970649] irq event stamp: 0 [ 244.970983] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 244.971667] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 244.972539] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 244.973410] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 244.974069] ---[ end trace 0000000000000000 ]--- [ 244.975020] ------------[ cut here ]------------ [ 244.975539] WARNING: CPU: 0 PID: 2316 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 244.976611] Modules linked in: [ 244.976952] CPU: 0 PID: 2316 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 244.977867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 244.979089] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 244.979631] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 244.981551] RSP: 0018:ffff888018657b78 EFLAGS: 00010246 [ 244.982106] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 244.982908] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 244.983676] RBP: ffff888018657b98 R08: ffffed100296173e R09: ffffed100296173e [ 244.984429] R10: ffff888014b0b9ef R11: ffffed100296173d R12: ffff888014b0ba90 [ 244.985172] R13: ffff888014b0b8a8 R14: ffffffffffffffff R15: ffff888018657c60 [ 244.985924] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 244.986811] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 244.987446] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 244.988210] PKRU: 55555554 [ 244.988518] Call Trace: [ 244.988796] [ 244.989036] iommufd_ioas_destroy+0x53/0x70 [ 244.989508] iommufd_fops_release+0x1f7/0x370 [ 244.990007] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.990729] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.991505] ? write_comp_data+0x2f/0x90 [ 244.991957] ? __pfx_iommufd_fops_release+0x10/0x10 [ 244.992497] __fput+0x26d/0xa40 [ 244.992867] ____fput+0x1e/0x30 [ 244.993231] task_work_run+0x1a4/0x2d0 [ 244.993656] ? __pfx_task_work_run+0x10/0x10 [ 244.994135] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 244.994849] ? switch_task_namespaces+0xa9/0xe0 [ 244.995574] do_exit+0xb17/0x2ef0 [ 244.995969] ? lock_acquire+0x427/0x4c0 [ 244.996406] ? __pfx_lock_release+0x10/0x10 [ 244.996881] ? __kasan_check_write+0x18/0x20 [ 244.997357] ? do_raw_spin_lock+0x132/0x2a0 [ 244.997820] ? __pfx_do_exit+0x10/0x10 [ 244.998243] ? debug_smp_processor_id+0x20/0x30 [ 244.998779] ? rcu_is_watching+0x19/0xb0 [ 244.999241] ? _raw_spin_unlock_irq+0x2b/0x60 [ 244.999736] ? trace_hardirqs_on+0x26/0x120 [ 245.000279] do_group_exit+0xe0/0x2b0 [ 245.000823] __x64_sys_exit_group+0x47/0x50 [ 245.001483] do_syscall_64+0x3b/0x90 [ 245.001895] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.002454] RIP: 0033:0x7f4b87518a4d [ 245.002897] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.003561] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.004377] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.005237] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.006411] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.007226] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.007980] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.008740] [ 245.008987] irq event stamp: 0 [ 245.009319] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.010059] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.011282] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.012182] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.012851] ---[ end trace 0000000000000000 ]--- [ 245.019100] ------------[ cut here ]------------ [ 245.019663] WARNING: CPU: 0 PID: 2317 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.020735] Modules linked in: [ 245.021080] CPU: 0 PID: 2317 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.022094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.023714] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.024266] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.026238] RSP: 0018:ffff88800bf47bb8 EFLAGS: 00010246 [ 245.026859] RAX: 0000000000000000 RBX: ffff888016eec8a8 RCX: 0000000000000000 [ 245.027646] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 245.028420] RBP: ffff88800bf47bd0 R08: ffffed1002ddd933 R09: ffffed1002ddd933 [ 245.029198] R10: ffff888016eec993 R11: ffffed1002ddd932 R12: ffff88800f795c00 [ 245.029969] R13: ffff888016eec9e8 R14: ffffffff8352e670 R15: ffff88800bf47e68 [ 245.030789] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.031679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.032301] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 245.033079] PKRU: 55555554 [ 245.033382] Call Trace: [ 245.033662] [ 245.033910] __iommufd_access_detach+0x1c2/0x2b0 [ 245.034431] iommufd_access_change_pt+0x149/0x270 [ 245.035009] iommufd_access_replace+0xb4/0x120 [ 245.035532] iommufd_test+0x3e5/0x37e0 [ 245.035959] ? lock_release+0x532/0x770 [ 245.036400] ? __might_fault+0x102/0x1b0 [ 245.036846] ? lock_acquire+0x427/0x4c0 [ 245.037290] ? __pfx_iommufd_test+0x10/0x10 [ 245.037754] ? __pfx_lock_release+0x10/0x10 [ 245.038228] ? __pfx_lock_acquire+0x10/0x10 [ 245.038747] ? write_comp_data+0x2f/0x90 [ 245.039225] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.039763] ? write_comp_data+0x2f/0x90 [ 245.040210] iommufd_fops_ioctl+0x37d/0x510 [ 245.040677] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.041201] ? write_comp_data+0x2f/0x90 [ 245.041650] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.042172] __x64_sys_ioctl+0x1a3/0x230 [ 245.042677] do_syscall_64+0x3b/0x90 [ 245.043095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.043677] RIP: 0033:0x7f4b8743ee5d [ 245.044084] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 245.046040] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 245.046910] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 245.047698] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 245.048465] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 245.049236] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 245.049998] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 245.050812] [ 245.051070] irq event stamp: 0 [ 245.051426] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.052104] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.053013] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.053906] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.054634] ---[ end trace 0000000000000000 ]--- [ 245.058389] ------------[ cut here ]------------ [ 245.059050] WARNING: CPU: 0 PID: 2317 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.060268] Modules linked in: [ 245.060723] CPU: 0 PID: 2317 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.061866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.063127] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.063671] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.066054] RSP: 0018:ffff88800bf47bd0 EFLAGS: 00010246 [ 245.066680] RAX: 0000000000000000 RBX: ffff888016eec8a8 RCX: 0000000000000000 [ 245.067462] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 245.068234] RBP: ffff88800bf47be8 R08: ffffed1002ddd933 R09: ffffed1002ddd933 [ 245.069011] R10: ffff888016eec993 R11: ffffed1002ddd932 R12: ffff888010e04000 [ 245.069910] R13: ffff888016eec9e8 R14: ffff888012b9bc00 R15: 0000000000000000 [ 245.071067] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.071943] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.072569] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.073337] PKRU: 55555554 [ 245.073645] Call Trace: [ 245.073926] [ 245.074170] iommufd_access_destroy_object+0x65/0x170 [ 245.074909] iommufd_object_destroy_user+0x18e/0x220 [ 245.075672] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 245.076308] iommufd_access_destroy+0x43/0x70 [ 245.076805] iommufd_test_staccess_release+0x8d/0xd0 [ 245.077363] __fput+0x26d/0xa40 [ 245.077749] ____fput+0x1e/0x30 [ 245.078125] task_work_run+0x1a4/0x2d0 [ 245.078601] ? __pfx_task_work_run+0x10/0x10 [ 245.079093] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.079664] ? switch_task_namespaces+0xa9/0xe0 [ 245.080338] do_exit+0xb17/0x2ef0 [ 245.080867] ? lock_acquire+0x427/0x4c0 [ 245.081487] ? __pfx_lock_release+0x10/0x10 [ 245.081965] ? __kasan_check_write+0x18/0x20 [ 245.082446] ? do_raw_spin_lock+0x132/0x2a0 [ 245.082969] ? __pfx_do_exit+0x10/0x10 [ 245.083426] ? debug_smp_processor_id+0x20/0x30 [ 245.083940] ? rcu_is_watching+0x19/0xb0 [ 245.084381] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.084881] ? trace_hardirqs_on+0x26/0x120 [ 245.085508] do_group_exit+0xe0/0x2b0 [ 245.086056] __x64_sys_exit_group+0x47/0x50 [ 245.086704] do_syscall_64+0x3b/0x90 [ 245.087174] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.087748] RIP: 0033:0x7f4b87518a4d [ 245.088140] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.088797] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.089594] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.090343] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.091158] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.091918] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.092667] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.093440] [ 245.093689] irq event stamp: 0 [ 245.094017] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.094707] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.095605] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.096480] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.097137] ---[ end trace 0000000000000000 ]--- [ 245.098439] ------------[ cut here ]------------ [ 245.099270] WARNING: CPU: 1 PID: 2317 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 245.100663] Modules linked in: [ 245.101316] CPU: 1 PID: 2317 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.102500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.104289] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 245.104998] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 245.107693] RSP: 0018:ffff88800bf47b78 EFLAGS: 00010246 [ 245.108478] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 245.109555] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 245.110555] RBP: ffff88800bf47b98 R08: ffffed1002ddd93e R09: ffffed1002ddd93e [ 245.111744] R10: ffff888016eec9ef R11: ffffed1002ddd93d R12: ffff888016eeca90 [ 245.112709] R13: ffff888016eec8a8 R14: ffffffffffffffff R15: ffff88800bf47c60 [ 245.113864] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 245.114977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.115794] CR2: 00007f82e2fa5000 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 245.116957] PKRU: 55555554 [ 245.117343] Call Trace: [ 245.117697] [ 245.118012] iommufd_ioas_destroy+0x53/0x70 [ 245.118779] iommufd_fops_release+0x1f7/0x370 [ 245.119423] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.120109] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.120785] ? write_comp_data+0x2f/0x90 [ 245.121547] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.122230] __fput+0x26d/0xa40 [ 245.122739] ____fput+0x1e/0x30 [ 245.123238] task_work_run+0x1a4/0x2d0 [ 245.123970] ? __pfx_task_work_run+0x10/0x10 [ 245.124582] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.125256] ? switch_task_namespaces+0xa9/0xe0 [ 245.126024] do_exit+0xb17/0x2ef0 [ 245.126642] ? lock_acquire+0x427/0x4c0 [ 245.127222] ? __pfx_lock_release+0x10/0x10 [ 245.127825] ? __kasan_check_write+0x18/0x20 [ 245.128542] ? do_raw_spin_lock+0x132/0x2a0 [ 245.129235] ? __pfx_do_exit+0x10/0x10 [ 245.129782] ? debug_smp_processor_id+0x20/0x30 [ 245.130423] ? rcu_is_watching+0x19/0xb0 [ 245.131111] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.131800] ? trace_hardirqs_on+0x26/0x120 [ 245.132400] do_group_exit+0xe0/0x2b0 [ 245.132926] __x64_sys_exit_group+0x47/0x50 [ 245.133692] do_syscall_64+0x3b/0x90 [ 245.134219] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.134964] RIP: 0033:0x7f4b87518a4d [ 245.135496] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.136520] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.137538] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.138724] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.139699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.140725] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.141800] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.142807] [ 245.143257] irq event stamp: 0 [ 245.143784] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.144643] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.145970] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.147116] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.148032] ---[ end trace 0000000000000000 ]--- [ 245.158286] ------------[ cut here ]------------ [ 245.158999] WARNING: CPU: 0 PID: 2318 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.160155] Modules linked in: [ 245.160605] CPU: 0 PID: 2318 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.161664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.162861] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.163397] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.165293] RSP: 0018:ffff88800f687bb8 EFLAGS: 00010246 [ 245.165854] RAX: 0000000000000000 RBX: ffff8880171ba0a8 RCX: 0000000000000000 [ 245.166629] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 245.167381] RBP: ffff88800f687bd0 R08: ffffed1002e37433 R09: ffffed1002e37433 [ 245.168116] R10: ffff8880171ba193 R11: ffffed1002e37432 R12: ffff88801890d400 [ 245.168855] R13: ffff8880171ba1e8 R14: ffffffff8352e670 R15: ffff88800f687e68 [ 245.169587] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.170414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.171067] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 245.171850] PKRU: 55555554 [ 245.172146] Call Trace: [ 245.172412] [ 245.172650] __iommufd_access_detach+0x1c2/0x2b0 [ 245.173163] iommufd_access_change_pt+0x149/0x270 [ 245.173681] iommufd_access_replace+0xb4/0x120 [ 245.174185] iommufd_test+0x3e5/0x37e0 [ 245.174648] ? lock_release+0x532/0x770 [ 245.175085] ? __might_fault+0x102/0x1b0 [ 245.175523] ? lock_acquire+0x427/0x4c0 [ 245.175949] ? __pfx_iommufd_test+0x10/0x10 [ 245.176395] ? __pfx_lock_release+0x10/0x10 [ 245.176854] ? __pfx_lock_acquire+0x10/0x10 [ 245.177315] ? write_comp_data+0x2f/0x90 [ 245.177751] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.178255] ? write_comp_data+0x2f/0x90 [ 245.178737] iommufd_fops_ioctl+0x37d/0x510 [ 245.179208] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.179736] ? write_comp_data+0x2f/0x90 [ 245.180184] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.180701] __x64_sys_ioctl+0x1a3/0x230 [ 245.181135] do_syscall_64+0x3b/0x90 [ 245.181539] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.182091] RIP: 0033:0x7f4b8743ee5d [ 245.182480] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 245.184424] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 245.185220] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 245.185957] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 245.186726] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 245.187494] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 245.188232] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 245.188990] [ 245.189240] irq event stamp: 0 [ 245.189572] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.190229] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.191152] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.192027] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.192683] ---[ end trace 0000000000000000 ]--- [ 245.198360] ------------[ cut here ]------------ [ 245.199177] WARNING: CPU: 1 PID: 2318 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.200632] Modules linked in: [ 245.201071] CPU: 1 PID: 2318 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.202421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.204032] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.204823] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.207444] RSP: 0018:ffff88800f687bd0 EFLAGS: 00010246 [ 245.208155] RAX: 0000000000000000 RBX: ffff8880171ba0a8 RCX: 0000000000000000 [ 245.209305] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 245.210239] RBP: ffff88800f687be8 R08: ffffed1002e37433 R09: ffffed1002e37433 [ 245.211216] R10: ffff8880171ba193 R11: ffffed1002e37432 R12: ffff88800f794c00 [ 245.212316] R13: ffff8880171ba1e8 R14: ffff88801663f400 R15: 0000000000000000 [ 245.213247] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 245.214487] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.215318] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 245.216361] PKRU: 55555554 [ 245.216829] Call Trace: [ 245.217172] [ 245.217479] iommufd_access_destroy_object+0x65/0x170 [ 245.218168] iommufd_object_destroy_user+0x18e/0x220 [ 245.219095] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 245.219897] iommufd_access_destroy+0x43/0x70 [ 245.220516] iommufd_test_staccess_release+0x8d/0xd0 [ 245.221206] __fput+0x26d/0xa40 [ 245.221676] ____fput+0x1e/0x30 [ 245.222187] task_work_run+0x1a4/0x2d0 [ 245.222894] ? __pfx_task_work_run+0x10/0x10 [ 245.223500] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.224157] ? switch_task_namespaces+0xa9/0xe0 [ 245.224793] do_exit+0xb17/0x2ef0 [ 245.225445] ? lock_acquire+0x427/0x4c0 [ 245.225985] ? __pfx_lock_release+0x10/0x10 [ 245.226613] ? __kasan_check_write+0x18/0x20 [ 245.227229] ? do_raw_spin_lock+0x132/0x2a0 [ 245.227807] ? __pfx_do_exit+0x10/0x10 [ 245.228523] ? debug_smp_processor_id+0x20/0x30 [ 245.229145] ? rcu_is_watching+0x19/0xb0 [ 245.229688] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.230348] ? trace_hardirqs_on+0x26/0x120 [ 245.231093] do_group_exit+0xe0/0x2b0 [ 245.231628] __x64_sys_exit_group+0x47/0x50 [ 245.232196] do_syscall_64+0x3b/0x90 [ 245.232706] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.233608] RIP: 0033:0x7f4b87518a4d [ 245.234103] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.234960] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.236187] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.237120] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.238097] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.239258] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.240228] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.241417] [ 245.241742] irq event stamp: 0 [ 245.242177] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.243074] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.244448] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.245565] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.246568] ---[ end trace 0000000000000000 ]--- [ 245.248082] ------------[ cut here ]------------ [ 245.248774] WARNING: CPU: 1 PID: 2318 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 245.250367] Modules linked in: [ 245.250970] CPU: 1 PID: 2318 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.252389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.254107] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 245.254873] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 245.257550] RSP: 0018:ffff88800f687b78 EFLAGS: 00010246 [ 245.258465] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 245.259508] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 245.260491] RBP: ffff88800f687b98 R08: ffffed1002e3743e R09: ffffed1002e3743e [ 245.261683] R10: ffff8880171ba1ef R11: ffffed1002e3743d R12: ffff8880171ba290 [ 245.262702] R13: ffff8880171ba0a8 R14: ffffffffffffffff R15: ffff88800f687c60 [ 245.263820] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 245.264998] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.265788] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 245.267029] PKRU: 55555554 [ 245.267444] Call Trace: [ 245.267803] [ 245.268122] iommufd_ioas_destroy+0x53/0x70 [ 245.268728] iommufd_fops_release+0x1f7/0x370 [ 245.269586] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.270273] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.270993] ? write_comp_data+0x2f/0x90 [ 245.271592] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.272494] __fput+0x26d/0xa40 [ 245.272978] ____fput+0x1e/0x30 [ 245.273446] task_work_run+0x1a4/0x2d0 [ 245.273999] ? __pfx_task_work_run+0x10/0x10 [ 245.274871] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.275576] ? switch_task_namespaces+0xa9/0xe0 [ 245.276236] do_exit+0xb17/0x2ef0 [ 245.276720] ? lock_acquire+0x427/0x4c0 [ 245.277324] ? __pfx_lock_release+0x10/0x10 [ 245.278091] ? __kasan_check_write+0x18/0x20 [ 245.278753] ? do_raw_spin_lock+0x132/0x2a0 [ 245.279368] ? __pfx_do_exit+0x10/0x10 [ 245.279922] ? debug_smp_processor_id+0x20/0x30 [ 245.280569] ? rcu_is_watching+0x19/0xb0 [ 245.281130] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.281756] ? trace_hardirqs_on+0x26/0x120 [ 245.282363] do_group_exit+0xe0/0x2b0 [ 245.282939] __x64_sys_exit_group+0x47/0x50 [ 245.283548] do_syscall_64+0x3b/0x90 [ 245.284074] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.284793] RIP: 0033:0x7f4b87518a4d [ 245.285308] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.286140] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.287288] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.288095] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.288844] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.289581] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.290327] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.291133] [ 245.291398] irq event stamp: 0 [ 245.291743] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.292417] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.293295] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.294176] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.294874] ---[ end trace 0000000000000000 ]--- [ 245.300640] ------------[ cut here ]------------ [ 245.301203] WARNING: CPU: 1 PID: 2319 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.302257] Modules linked in: [ 245.302671] CPU: 1 PID: 2319 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.303607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.304784] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.305323] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.307296] RSP: 0018:ffff8880143a7bb8 EFLAGS: 00010246 [ 245.307871] RAX: 0000000000000000 RBX: ffff88800cb930a8 RCX: 0000000000000000 [ 245.308628] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 245.309379] RBP: ffff8880143a7bd0 R08: ffffed1001972633 R09: ffffed1001972633 [ 245.310125] R10: ffff88800cb93193 R11: ffffed1001972632 R12: ffff888014391400 [ 245.310916] R13: ffff88800cb931e8 R14: ffffffff8352e670 R15: ffff8880143a7e68 [ 245.311680] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 245.312523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.313136] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 245.313897] PKRU: 55555554 [ 245.314198] Call Trace: [ 245.314470] [ 245.314746] __iommufd_access_detach+0x1c2/0x2b0 [ 245.315305] iommufd_access_change_pt+0x149/0x270 [ 245.315832] iommufd_access_replace+0xb4/0x120 [ 245.316332] iommufd_test+0x3e5/0x37e0 [ 245.316745] ? lock_release+0x532/0x770 [ 245.317182] ? __might_fault+0x102/0x1b0 [ 245.317636] ? lock_acquire+0x427/0x4c0 [ 245.318075] ? __pfx_iommufd_test+0x10/0x10 [ 245.318581] ? __pfx_lock_release+0x10/0x10 [ 245.319062] ? __pfx_lock_acquire+0x10/0x10 [ 245.319544] ? write_comp_data+0x2f/0x90 [ 245.319979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.320499] ? write_comp_data+0x2f/0x90 [ 245.320939] iommufd_fops_ioctl+0x37d/0x510 [ 245.321403] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.321933] ? write_comp_data+0x2f/0x90 [ 245.322373] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.322918] __x64_sys_ioctl+0x1a3/0x230 [ 245.323378] do_syscall_64+0x3b/0x90 [ 245.323789] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.324342] RIP: 0033:0x7f4b8743ee5d [ 245.324742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 245.326709] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 245.327566] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 245.328337] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 245.329087] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 245.329835] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 245.330647] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 245.331432] [ 245.331681] irq event stamp: 0 [ 245.332019] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.332681] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.333560] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.334442] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.335165] ---[ end trace 0000000000000000 ]--- [ 245.338599] ------------[ cut here ]------------ [ 245.339162] WARNING: CPU: 1 PID: 2319 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.340247] Modules linked in: [ 245.340586] CPU: 1 PID: 2319 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.341494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.342700] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.343242] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.345144] RSP: 0018:ffff8880143a7bd0 EFLAGS: 00010246 [ 245.345705] RAX: 0000000000000000 RBX: ffff88800cb930a8 RCX: 0000000000000000 [ 245.346455] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 245.347250] RBP: ffff8880143a7be8 R08: ffffed1001972633 R09: ffffed1001972633 [ 245.348013] R10: ffff88800cb93193 R11: ffffed1001972632 R12: ffff888014613400 [ 245.348763] R13: ffff88800cb931e8 R14: ffff888012fb6d00 R15: 0000000000000000 [ 245.349510] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 245.350353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.351000] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 245.351779] PKRU: 55555554 [ 245.352086] Call Trace: [ 245.352362] [ 245.352604] iommufd_access_destroy_object+0x65/0x170 [ 245.353163] iommufd_object_destroy_user+0x18e/0x220 [ 245.353711] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 245.354338] iommufd_access_destroy+0x43/0x70 [ 245.354867] iommufd_test_staccess_release+0x8d/0xd0 [ 245.355434] __fput+0x26d/0xa40 [ 245.355810] ____fput+0x1e/0x30 [ 245.356171] task_work_run+0x1a4/0x2d0 [ 245.356596] ? __pfx_task_work_run+0x10/0x10 [ 245.357067] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.357600] ? switch_task_namespaces+0xa9/0xe0 [ 245.358102] do_exit+0xb17/0x2ef0 [ 245.358461] ? lock_acquire+0x427/0x4c0 [ 245.358917] ? __pfx_lock_release+0x10/0x10 [ 245.359390] ? __kasan_check_write+0x18/0x20 [ 245.359867] ? do_raw_spin_lock+0x132/0x2a0 [ 245.360325] ? __pfx_do_exit+0x10/0x10 [ 245.360747] ? debug_smp_processor_id+0x20/0x30 [ 245.361247] ? rcu_is_watching+0x19/0xb0 [ 245.361674] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.362153] ? trace_hardirqs_on+0x26/0x120 [ 245.362669] do_group_exit+0xe0/0x2b0 [ 245.363078] __x64_sys_exit_group+0x47/0x50 [ 245.363840] do_syscall_64+0x3b/0x90 [ 245.364371] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.365069] RIP: 0033:0x7f4b87518a4d [ 245.365564] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.366369] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.367431] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.368375] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.369309] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.370246] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.371241] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.372204] [ 245.372532] irq event stamp: 0 [ 245.372955] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.373782] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.374908] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.376040] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.376871] ---[ end trace 0000000000000000 ]--- [ 245.378182] ------------[ cut here ]------------ [ 245.378852] WARNING: CPU: 1 PID: 2319 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 245.380225] Modules linked in: [ 245.380660] CPU: 1 PID: 2319 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.381812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.383417] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 245.384149] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 245.386648] RSP: 0018:ffff8880143a7b78 EFLAGS: 00010246 [ 245.387414] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 245.388387] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 245.389352] RBP: ffff8880143a7b98 R08: ffffed100197263e R09: ffffed100197263e [ 245.390324] R10: ffff88800cb931ef R11: ffffed100197263d R12: ffff88800cb93290 [ 245.391346] R13: ffff88800cb930a8 R14: ffffffffffffffff R15: ffff8880143a7c60 [ 245.392318] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 245.393412] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.394201] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 245.395229] PKRU: 55555554 [ 245.395636] Call Trace: [ 245.395998] [ 245.396311] iommufd_ioas_destroy+0x53/0x70 [ 245.396922] iommufd_fops_release+0x1f7/0x370 [ 245.397554] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.398242] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.398957] ? write_comp_data+0x2f/0x90 [ 245.399571] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.400273] __fput+0x26d/0xa40 [ 245.400760] ____fput+0x1e/0x30 [ 245.401232] task_work_run+0x1a4/0x2d0 [ 245.401786] ? __pfx_task_work_run+0x10/0x10 [ 245.402399] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.403114] ? switch_task_namespaces+0xa9/0xe0 [ 245.403798] do_exit+0xb17/0x2ef0 [ 245.404287] ? lock_acquire+0x427/0x4c0 [ 245.404848] ? __pfx_lock_release+0x10/0x10 [ 245.405453] ? __kasan_check_write+0x18/0x20 [ 245.406069] ? do_raw_spin_lock+0x132/0x2a0 [ 245.406723] ? __pfx_do_exit+0x10/0x10 [ 245.407333] ? debug_smp_processor_id+0x20/0x30 [ 245.407994] ? rcu_is_watching+0x19/0xb0 [ 245.408560] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.409191] ? trace_hardirqs_on+0x26/0x120 [ 245.409798] do_group_exit+0xe0/0x2b0 [ 245.410330] __x64_sys_exit_group+0x47/0x50 [ 245.410960] do_syscall_64+0x3b/0x90 [ 245.411524] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.412255] RIP: 0033:0x7f4b87518a4d [ 245.412769] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.413609] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.414668] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.415685] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.416660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.417627] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.418628] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.419650] [ 245.419980] irq event stamp: 0 [ 245.420418] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.421276] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.422412] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.423596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.424469] ---[ end trace 0000000000000000 ]--- [ 245.432385] ------------[ cut here ]------------ [ 245.433070] WARNING: CPU: 1 PID: 2320 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.434391] Modules linked in: [ 245.434966] CPU: 1 PID: 2320 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.436170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.437636] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.438296] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.440709] RSP: 0018:ffff88800af3fbb8 EFLAGS: 00010246 [ 245.441433] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 245.442364] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 245.443361] RBP: ffff88800af3fbd0 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 245.444309] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff88801226d000 [ 245.445248] R13: ffff888011f621e8 R14: ffffffff8352e670 R15: ffff88800af3fe68 [ 245.446177] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 245.447267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.448037] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 245.448977] PKRU: 55555554 [ 245.449358] Call Trace: [ 245.449701] [ 245.450003] __iommufd_access_detach+0x1c2/0x2b0 [ 245.450704] iommufd_access_change_pt+0x149/0x270 [ 245.451409] iommufd_access_replace+0xb4/0x120 [ 245.452039] iommufd_test+0x3e5/0x37e0 [ 245.452558] ? lock_release+0x532/0x770 [ 245.453100] ? __might_fault+0x102/0x1b0 [ 245.453648] ? lock_acquire+0x427/0x4c0 [ 245.454188] ? __pfx_iommufd_test+0x10/0x10 [ 245.454795] ? __pfx_lock_release+0x10/0x10 [ 245.455409] ? __pfx_lock_acquire+0x10/0x10 [ 245.456005] ? write_comp_data+0x2f/0x90 [ 245.456559] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.457206] ? write_comp_data+0x2f/0x90 [ 245.457758] iommufd_fops_ioctl+0x37d/0x510 [ 245.458335] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.459021] ? write_comp_data+0x2f/0x90 [ 245.459611] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.460266] __x64_sys_ioctl+0x1a3/0x230 [ 245.460825] do_syscall_64+0x3b/0x90 [ 245.461338] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.462030] RIP: 0033:0x7f4b8743ee5d [ 245.462566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 245.464971] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 245.465974] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 245.466940] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 245.467897] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 245.468829] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 245.469758] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 245.470733] [ 245.471055] irq event stamp: 0 [ 245.471504] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.472333] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.473427] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.474549] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.475414] ---[ end trace 0000000000000000 ]--- [ 245.480600] ------------[ cut here ]------------ [ 245.481288] WARNING: CPU: 0 PID: 2320 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.482866] Modules linked in: [ 245.483337] CPU: 0 PID: 2320 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.484477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.485933] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.486773] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.489161] RSP: 0018:ffff88800af3fbd0 EFLAGS: 00010246 [ 245.489867] RAX: 0000000000000000 RBX: ffff888011f620a8 RCX: 0000000000000000 [ 245.490833] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 245.491797] RBP: ffff88800af3fbe8 R08: ffffed10023ec433 R09: ffffed10023ec433 [ 245.492731] R10: ffff888011f62193 R11: ffffed10023ec432 R12: ffff888014392800 [ 245.493655] R13: ffff888011f621e8 R14: ffff8880218eb600 R15: 0000000000000000 [ 245.494617] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.495705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.496467] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.497395] PKRU: 55555554 [ 245.497770] Call Trace: [ 245.498109] [ 245.498417] iommufd_access_destroy_object+0x65/0x170 [ 245.499167] iommufd_object_destroy_user+0x18e/0x220 [ 245.499862] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 245.500638] iommufd_access_destroy+0x43/0x70 [ 245.501247] iommufd_test_staccess_release+0x8d/0xd0 [ 245.501924] __fput+0x26d/0xa40 [ 245.502385] ____fput+0x1e/0x30 [ 245.502881] task_work_run+0x1a4/0x2d0 [ 245.503450] ? __pfx_task_work_run+0x10/0x10 [ 245.504065] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.504733] ? switch_task_namespaces+0xa9/0xe0 [ 245.505373] do_exit+0xb17/0x2ef0 [ 245.505856] ? lock_acquire+0x427/0x4c0 [ 245.506790] ? __pfx_lock_release+0x10/0x10 [ 245.507419] ? __kasan_check_write+0x18/0x20 [ 245.508014] ? do_raw_spin_lock+0x132/0x2a0 [ 245.508589] ? __pfx_do_exit+0x10/0x10 [ 245.509127] ? debug_smp_processor_id+0x20/0x30 [ 245.510032] ? rcu_is_watching+0x19/0xb0 [ 245.510631] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.511292] ? trace_hardirqs_on+0x26/0x120 [ 245.511888] do_group_exit+0xe0/0x2b0 [ 245.512397] __x64_sys_exit_group+0x47/0x50 [ 245.512965] do_syscall_64+0x3b/0x90 [ 245.513484] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.514293] RIP: 0033:0x7f4b87518a4d [ 245.515096] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.516000] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.517027] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.517986] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.519086] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.520306] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.521289] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.522269] [ 245.522693] irq event stamp: 0 [ 245.523204] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.524383] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.525531] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.526712] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.527619] ---[ end trace 0000000000000000 ]--- [ 245.529312] ------------[ cut here ]------------ [ 245.529993] WARNING: CPU: 0 PID: 2320 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 245.531506] Modules linked in: [ 245.531987] CPU: 0 PID: 2320 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.533502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.535332] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 245.536080] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 245.538920] RSP: 0018:ffff88800af3fb78 EFLAGS: 00010246 [ 245.539714] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 245.540677] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 245.541753] RBP: ffff88800af3fb98 R08: ffffed10023ec43e R09: ffffed10023ec43e [ 245.542978] R10: ffff888011f621ef R11: ffffed10023ec43d R12: ffff888011f62290 [ 245.543980] R13: ffff888011f620a8 R14: ffffffffffffffff R15: ffff88800af3fc60 [ 245.544945] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.546135] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.547246] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.548225] PKRU: 55555554 [ 245.548627] Call Trace: [ 245.548989] [ 245.549328] iommufd_ioas_destroy+0x53/0x70 [ 245.550240] iommufd_fops_release+0x1f7/0x370 [ 245.550942] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.551688] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.552370] ? write_comp_data+0x2f/0x90 [ 245.552956] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.553718] __fput+0x26d/0xa40 [ 245.554442] ____fput+0x1e/0x30 [ 245.554990] task_work_run+0x1a4/0x2d0 [ 245.555591] ? __pfx_task_work_run+0x10/0x10 [ 245.556220] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.556905] ? switch_task_namespaces+0xa9/0xe0 [ 245.557608] do_exit+0xb17/0x2ef0 [ 245.558334] ? lock_acquire+0x427/0x4c0 [ 245.559007] ? __pfx_lock_release+0x10/0x10 [ 245.559661] ? __kasan_check_write+0x18/0x20 [ 245.560288] ? do_raw_spin_lock+0x132/0x2a0 [ 245.560895] ? __pfx_do_exit+0x10/0x10 [ 245.561478] ? debug_smp_processor_id+0x20/0x30 [ 245.562443] ? rcu_is_watching+0x19/0xb0 [ 245.563076] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.563746] ? trace_hardirqs_on+0x26/0x120 [ 245.564363] do_group_exit+0xe0/0x2b0 [ 245.564901] __x64_sys_exit_group+0x47/0x50 [ 245.565501] do_syscall_64+0x3b/0x90 [ 245.566168] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.567171] RIP: 0033:0x7f4b87518a4d [ 245.567714] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.568540] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.569556] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.570822] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.571819] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.572782] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.574057] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.575093] [ 245.575464] irq event stamp: 0 [ 245.575898] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.576750] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.578179] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.579407] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.580274] ---[ end trace 0000000000000000 ]--- [ 245.589921] ------------[ cut here ]------------ [ 245.590639] WARNING: CPU: 0 PID: 2321 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.591727] Modules linked in: [ 245.592063] CPU: 0 PID: 2321 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.592989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.594627] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.595189] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.597116] RSP: 0018:ffff8880182afbb8 EFLAGS: 00010246 [ 245.597802] RAX: 0000000000000000 RBX: ffff88800ff098a8 RCX: 0000000000000000 [ 245.598709] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 245.599487] RBP: ffff8880182afbd0 R08: ffffed1001fe1333 R09: ffffed1001fe1333 [ 245.600243] R10: ffff88800ff09993 R11: ffffed1001fe1332 R12: ffff88801341d000 [ 245.601004] R13: ffff88800ff099e8 R14: ffffffff8352e670 R15: ffff8880182afe68 [ 245.601770] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.602670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.603298] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 245.604069] PKRU: 55555554 [ 245.604387] Call Trace: [ 245.604666] [ 245.604908] __iommufd_access_detach+0x1c2/0x2b0 [ 245.605426] iommufd_access_change_pt+0x149/0x270 [ 245.605946] iommufd_access_replace+0xb4/0x120 [ 245.606439] iommufd_test+0x3e5/0x37e0 [ 245.606903] ? lock_release+0x532/0x770 [ 245.607356] ? __might_fault+0x102/0x1b0 [ 245.607800] ? lock_acquire+0x427/0x4c0 [ 245.608233] ? __pfx_iommufd_test+0x10/0x10 [ 245.608689] ? __pfx_lock_release+0x10/0x10 [ 245.609157] ? __pfx_lock_acquire+0x10/0x10 [ 245.609640] ? write_comp_data+0x2f/0x90 [ 245.610097] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.610670] ? write_comp_data+0x2f/0x90 [ 245.611132] iommufd_fops_ioctl+0x37d/0x510 [ 245.611601] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.612128] ? write_comp_data+0x2f/0x90 [ 245.612569] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.613079] __x64_sys_ioctl+0x1a3/0x230 [ 245.613524] do_syscall_64+0x3b/0x90 [ 245.613921] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.614466] RIP: 0033:0x7f4b8743ee5d [ 245.614898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 245.616790] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 245.617584] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 245.618325] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 245.619089] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 245.619842] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 245.620592] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 245.621348] [ 245.621594] irq event stamp: 0 [ 245.621927] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.622621] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.623497] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.624353] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.625001] ---[ end trace 0000000000000000 ]--- [ 245.628734] ------------[ cut here ]------------ [ 245.629265] WARNING: CPU: 0 PID: 2321 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.630443] Modules linked in: [ 245.631044] CPU: 0 PID: 2321 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.631968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.633129] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.633651] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.635805] RSP: 0018:ffff8880182afbd0 EFLAGS: 00010246 [ 245.636505] RAX: 0000000000000000 RBX: ffff88800ff098a8 RCX: 0000000000000000 [ 245.637244] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 245.637978] RBP: ffff8880182afbe8 R08: ffffed1001fe1333 R09: ffffed1001fe1333 [ 245.638744] R10: ffff88800ff09993 R11: ffffed1001fe1332 R12: ffff88801890ec00 [ 245.639503] R13: ffff88800ff099e8 R14: ffff888012245d00 R15: 0000000000000000 [ 245.640237] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.641319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.642124] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.642907] PKRU: 55555554 [ 245.643225] Call Trace: [ 245.643498] [ 245.643734] iommufd_access_destroy_object+0x65/0x170 [ 245.644274] iommufd_object_destroy_user+0x18e/0x220 [ 245.644803] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 245.645413] iommufd_access_destroy+0x43/0x70 [ 245.646003] iommufd_test_staccess_release+0x8d/0xd0 [ 245.646868] __fput+0x26d/0xa40 [ 245.647263] ____fput+0x1e/0x30 [ 245.647620] task_work_run+0x1a4/0x2d0 [ 245.648041] ? __pfx_task_work_run+0x10/0x10 [ 245.648506] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.649022] ? switch_task_namespaces+0xa9/0xe0 [ 245.649523] do_exit+0xb17/0x2ef0 [ 245.649897] ? lock_acquire+0x427/0x4c0 [ 245.650332] ? __pfx_lock_release+0x10/0x10 [ 245.650907] ? __kasan_check_write+0x18/0x20 [ 245.651647] ? do_raw_spin_lock+0x132/0x2a0 [ 245.652103] ? __pfx_do_exit+0x10/0x10 [ 245.652534] ? debug_smp_processor_id+0x20/0x30 [ 245.653027] ? rcu_is_watching+0x19/0xb0 [ 245.653454] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.653943] ? trace_hardirqs_on+0x26/0x120 [ 245.654401] do_group_exit+0xe0/0x2b0 [ 245.654830] __x64_sys_exit_group+0x47/0x50 [ 245.655313] do_syscall_64+0x3b/0x90 [ 245.655716] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.656268] RIP: 0033:0x7f4b87518a4d [ 245.656765] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.657765] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.658581] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.659334] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.660071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.660810] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.661607] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.662776] [ 245.663032] irq event stamp: 0 [ 245.663370] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.664024] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.664884] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.665739] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.666388] ---[ end trace 0000000000000000 ]--- [ 245.667546] ------------[ cut here ]------------ [ 245.668041] WARNING: CPU: 0 PID: 2321 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 245.669101] Modules linked in: [ 245.669437] CPU: 0 PID: 2321 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.670702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.671886] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 245.672435] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 245.674698] RSP: 0018:ffff8880182afb78 EFLAGS: 00010246 [ 245.675322] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 245.676292] RDX: 0000000000000000 RSI: ffff888016360000 RDI: 0000000000000002 [ 245.677034] RBP: ffff8880182afb98 R08: ffffed1001fe133e R09: ffffed1001fe133e [ 245.678085] R10: ffff88800ff099ef R11: ffffed1001fe133d R12: ffff88800ff09a90 [ 245.678849] R13: ffff88800ff098a8 R14: ffffffffffffffff R15: ffff8880182afc60 [ 245.679606] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.680755] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.681362] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.682108] PKRU: 55555554 [ 245.682463] Call Trace: [ 245.683039] [ 245.683291] iommufd_ioas_destroy+0x53/0x70 [ 245.683760] iommufd_fops_release+0x1f7/0x370 [ 245.684236] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.684764] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.685413] ? write_comp_data+0x2f/0x90 [ 245.686106] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.686688] __fput+0x26d/0xa40 [ 245.687055] ____fput+0x1e/0x30 [ 245.687421] task_work_run+0x1a4/0x2d0 [ 245.687875] ? __pfx_task_work_run+0x10/0x10 [ 245.688604] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.689133] ? switch_task_namespaces+0xa9/0xe0 [ 245.689648] do_exit+0xb17/0x2ef0 [ 245.690055] ? lock_acquire+0x427/0x4c0 [ 245.690800] ? __pfx_lock_release+0x10/0x10 [ 245.691296] ? __kasan_check_write+0x18/0x20 [ 245.691779] ? do_raw_spin_lock+0x132/0x2a0 [ 245.692244] ? __pfx_do_exit+0x10/0x10 [ 245.692671] ? debug_smp_processor_id+0x20/0x30 [ 245.693522] ? rcu_is_watching+0x19/0xb0 [ 245.693959] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.694445] ? trace_hardirqs_on+0x26/0x120 [ 245.694940] do_group_exit+0xe0/0x2b0 [ 245.695371] __x64_sys_exit_group+0x47/0x50 [ 245.695877] do_syscall_64+0x3b/0x90 [ 245.696522] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.697071] RIP: 0033:0x7f4b87518a4d [ 245.697465] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.698158] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.699245] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.699988] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.700737] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.701857] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.702637] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.703405] [ 245.703753] irq event stamp: 0 [ 245.704312] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.704977] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.706009] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.707149] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.707815] ---[ end trace 0000000000000000 ]--- [ 245.712845] ------------[ cut here ]------------ [ 245.713367] WARNING: CPU: 0 PID: 2322 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.715039] Modules linked in: [ 245.715410] CPU: 0 PID: 2322 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.716406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.717748] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.718289] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.720275] RSP: 0018:ffff888016d6fbb8 EFLAGS: 00010246 [ 245.720872] RAX: 0000000000000000 RBX: ffff88801367e8a8 RCX: 0000000000000000 [ 245.721630] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 245.722377] RBP: ffff888016d6fbd0 R08: ffffed10026cfd33 R09: ffffed10026cfd33 [ 245.723173] R10: ffff88801367e993 R11: ffffed10026cfd32 R12: ffff888014b97400 [ 245.723925] R13: ffff88801367e9e8 R14: ffffffff8352e670 R15: ffff888016d6fe68 [ 245.724677] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.725527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.726142] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ef0 [ 245.726943] PKRU: 55555554 [ 245.727271] Call Trace: [ 245.727546] [ 245.727787] __iommufd_access_detach+0x1c2/0x2b0 [ 245.728303] iommufd_access_change_pt+0x149/0x270 [ 245.728829] iommufd_access_replace+0xb4/0x120 [ 245.729330] iommufd_test+0x3e5/0x37e0 [ 245.729742] ? lock_release+0x532/0x770 [ 245.730176] ? __might_fault+0x102/0x1b0 [ 245.730646] ? lock_acquire+0x427/0x4c0 [ 245.731079] ? __pfx_iommufd_test+0x10/0x10 [ 245.731543] ? __pfx_lock_release+0x10/0x10 [ 245.732006] ? __pfx_lock_acquire+0x10/0x10 [ 245.732477] ? write_comp_data+0x2f/0x90 [ 245.732921] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.733448] ? write_comp_data+0x2f/0x90 [ 245.733887] iommufd_fops_ioctl+0x37d/0x510 [ 245.734347] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.734906] ? write_comp_data+0x2f/0x90 [ 245.735362] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.735878] __x64_sys_ioctl+0x1a3/0x230 [ 245.736323] do_syscall_64+0x3b/0x90 [ 245.736733] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.737298] RIP: 0033:0x7f4b8743ee5d [ 245.737702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 245.739694] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 245.740524] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 245.741290] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 245.742047] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 245.742833] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 245.743597] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 245.744355] [ 245.744605] irq event stamp: 0 [ 245.744937] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.745632] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.746569] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.747457] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.748127] ---[ end trace 0000000000000000 ]--- [ 245.751752] ------------[ cut here ]------------ [ 245.752404] WARNING: CPU: 0 PID: 2322 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.753639] Modules linked in: [ 245.753980] CPU: 0 PID: 2322 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.755216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.756408] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.756937] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.759213] RSP: 0018:ffff888016d6fbd0 EFLAGS: 00010246 [ 245.759795] RAX: 0000000000000000 RBX: ffff88801367e8a8 RCX: 0000000000000000 [ 245.760810] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 245.761568] RBP: ffff888016d6fbe8 R08: ffffed10026cfd33 R09: ffffed10026cfd33 [ 245.762382] R10: ffff88801367e993 R11: ffffed10026cfd32 R12: ffff88801341ec00 [ 245.763398] R13: ffff88801367e9e8 R14: ffff888012b36000 R15: 0000000000000000 [ 245.764167] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.765102] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.765901] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.766693] PKRU: 55555554 [ 245.767005] Call Trace: [ 245.767299] [ 245.767542] iommufd_access_destroy_object+0x65/0x170 [ 245.768367] iommufd_object_destroy_user+0x18e/0x220 [ 245.768923] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 245.769547] iommufd_access_destroy+0x43/0x70 [ 245.770169] iommufd_test_staccess_release+0x8d/0xd0 [ 245.770903] __fput+0x26d/0xa40 [ 245.771291] ____fput+0x1e/0x30 [ 245.771655] task_work_run+0x1a4/0x2d0 [ 245.772082] ? __pfx_task_work_run+0x10/0x10 [ 245.772566] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.773328] ? switch_task_namespaces+0xa9/0xe0 [ 245.773844] do_exit+0xb17/0x2ef0 [ 245.774221] ? lock_acquire+0x427/0x4c0 [ 245.774686] ? __pfx_lock_release+0x10/0x10 [ 245.775167] ? __kasan_check_write+0x18/0x20 [ 245.775773] ? do_raw_spin_lock+0x132/0x2a0 [ 245.776378] ? __pfx_do_exit+0x10/0x10 [ 245.776786] ? debug_smp_processor_id+0x20/0x30 [ 245.777286] ? rcu_is_watching+0x19/0xb0 [ 245.777719] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.778467] ? trace_hardirqs_on+0x26/0x120 [ 245.778994] do_group_exit+0xe0/0x2b0 [ 245.779420] __x64_sys_exit_group+0x47/0x50 [ 245.779890] do_syscall_64+0x3b/0x90 [ 245.780306] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.781174] RIP: 0033:0x7f4b87518a4d [ 245.781583] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.782241] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.783098] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.783875] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.784640] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.785391] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.786137] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.786931] [ 245.787189] irq event stamp: 0 [ 245.787522] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.788189] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.789075] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.789958] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.790666] ---[ end trace 0000000000000000 ]--- [ 245.791565] ------------[ cut here ]------------ [ 245.792073] WARNING: CPU: 0 PID: 2322 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 245.793161] Modules linked in: [ 245.793510] CPU: 0 PID: 2322 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.794434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.795687] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 245.796247] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 245.798180] RSP: 0018:ffff888016d6fb78 EFLAGS: 00010246 [ 245.798778] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 245.799556] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 245.800326] RBP: ffff888016d6fb98 R08: ffffed10026cfd3e R09: ffffed10026cfd3e [ 245.801087] R10: ffff88801367e9ef R11: ffffed10026cfd3d R12: ffff88801367ea90 [ 245.801840] R13: ffff88801367e8a8 R14: ffffffffffffffff R15: ffff888016d6fc60 [ 245.802639] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.803501] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.804114] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.804856] PKRU: 55555554 [ 245.805155] Call Trace: [ 245.805420] [ 245.805663] iommufd_ioas_destroy+0x53/0x70 [ 245.806128] iommufd_fops_release+0x1f7/0x370 [ 245.806659] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.807207] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.807730] ? write_comp_data+0x2f/0x90 [ 245.808165] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.808694] __fput+0x26d/0xa40 [ 245.809061] ____fput+0x1e/0x30 [ 245.809414] task_work_run+0x1a4/0x2d0 [ 245.809829] ? __pfx_task_work_run+0x10/0x10 [ 245.810292] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.810833] ? switch_task_namespaces+0xa9/0xe0 [ 245.811359] do_exit+0xb17/0x2ef0 [ 245.811726] ? lock_acquire+0x427/0x4c0 [ 245.812153] ? __pfx_lock_release+0x10/0x10 [ 245.812615] ? __kasan_check_write+0x18/0x20 [ 245.813084] ? do_raw_spin_lock+0x132/0x2a0 [ 245.813541] ? __pfx_do_exit+0x10/0x10 [ 245.813967] ? debug_smp_processor_id+0x20/0x30 [ 245.814469] ? rcu_is_watching+0x19/0xb0 [ 245.814940] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.815448] ? trace_hardirqs_on+0x26/0x120 [ 245.815914] do_group_exit+0xe0/0x2b0 [ 245.816325] __x64_sys_exit_group+0x47/0x50 [ 245.816783] do_syscall_64+0x3b/0x90 [ 245.817189] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.817747] RIP: 0033:0x7f4b87518a4d [ 245.818145] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.818829] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.819650] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.820402] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.821152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.821898] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.822681] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.823453] [ 245.823695] irq event stamp: 0 [ 245.824022] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.824672] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.825541] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.826404] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.827087] ---[ end trace 0000000000000000 ]--- [ 245.831845] ------------[ cut here ]------------ [ 245.832397] WARNING: CPU: 0 PID: 2323 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.833473] Modules linked in: [ 245.833817] CPU: 0 PID: 2323 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.834784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.835993] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.836516] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.838404] RSP: 0018:ffff888021a57bb8 EFLAGS: 00010246 [ 245.838999] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 245.839763] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 245.840523] RBP: ffff888021a57bd0 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 245.841283] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff88800f4d1400 [ 245.842027] R13: ffff88801609d1e8 R14: ffffffff8352e670 R15: ffff888021a57e68 [ 245.842814] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.843677] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.844282] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ef0 [ 245.845031] PKRU: 55555554 [ 245.845330] Call Trace: [ 245.845600] [ 245.845838] __iommufd_access_detach+0x1c2/0x2b0 [ 245.846355] iommufd_access_change_pt+0x149/0x270 [ 245.846904] iommufd_access_replace+0xb4/0x120 [ 245.847406] iommufd_test+0x3e5/0x37e0 [ 245.847814] ? lock_release+0x532/0x770 [ 245.848242] ? __might_fault+0x102/0x1b0 [ 245.848675] ? lock_acquire+0x427/0x4c0 [ 245.849109] ? __pfx_iommufd_test+0x10/0x10 [ 245.849567] ? __pfx_lock_release+0x10/0x10 [ 245.850024] ? __pfx_lock_acquire+0x10/0x10 [ 245.850490] ? write_comp_data+0x2f/0x90 [ 245.850970] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.851501] ? write_comp_data+0x2f/0x90 [ 245.851938] iommufd_fops_ioctl+0x37d/0x510 [ 245.852398] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.852921] ? write_comp_data+0x2f/0x90 [ 245.853362] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.853895] __x64_sys_ioctl+0x1a3/0x230 [ 245.854338] do_syscall_64+0x3b/0x90 [ 245.854797] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.855409] RIP: 0033:0x7f4b8743ee5d [ 245.855805] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 245.857686] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 245.858472] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 245.859262] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 245.860003] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 245.860735] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 245.861473] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 245.862220] [ 245.862462] irq event stamp: 0 [ 245.862827] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.863500] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.864377] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.865253] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.865911] ---[ end trace 0000000000000000 ]--- [ 245.869204] ------------[ cut here ]------------ [ 245.869738] WARNING: CPU: 0 PID: 2323 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.871056] Modules linked in: [ 245.871420] CPU: 0 PID: 2323 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.872314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.873470] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.873982] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.875890] RSP: 0018:ffff888021a57bd0 EFLAGS: 00010246 [ 245.876451] RAX: 0000000000000000 RBX: ffff88801609d0a8 RCX: 0000000000000000 [ 245.877185] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 245.877911] RBP: ffff888021a57be8 R08: ffffed1002c13a33 R09: ffffed1002c13a33 [ 245.878675] R10: ffff88801609d193 R11: ffffed1002c13a32 R12: ffff888014b95800 [ 245.879438] R13: ffff88801609d1e8 R14: ffff8880139bcb00 R15: 0000000000000000 [ 245.880186] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.881022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.881618] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.882357] PKRU: 55555554 [ 245.882696] Call Trace: [ 245.882974] [ 245.883230] iommufd_access_destroy_object+0x65/0x170 [ 245.883786] iommufd_object_destroy_user+0x18e/0x220 [ 245.884326] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 245.884934] iommufd_access_destroy+0x43/0x70 [ 245.885415] iommufd_test_staccess_release+0x8d/0xd0 [ 245.885949] __fput+0x26d/0xa40 [ 245.886310] ____fput+0x1e/0x30 [ 245.886714] task_work_run+0x1a4/0x2d0 [ 245.887155] ? __pfx_task_work_run+0x10/0x10 [ 245.887628] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.888138] ? switch_task_namespaces+0xa9/0xe0 [ 245.888633] do_exit+0xb17/0x2ef0 [ 245.888993] ? lock_acquire+0x427/0x4c0 [ 245.889420] ? __pfx_lock_release+0x10/0x10 [ 245.889886] ? __kasan_check_write+0x18/0x20 [ 245.890350] ? do_raw_spin_lock+0x132/0x2a0 [ 245.890859] ? __pfx_do_exit+0x10/0x10 [ 245.891289] ? debug_smp_processor_id+0x20/0x30 [ 245.891773] ? rcu_is_watching+0x19/0xb0 [ 245.892198] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.892673] ? trace_hardirqs_on+0x26/0x120 [ 245.893136] do_group_exit+0xe0/0x2b0 [ 245.893538] __x64_sys_exit_group+0x47/0x50 [ 245.893982] do_syscall_64+0x3b/0x90 [ 245.894376] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.894941] RIP: 0033:0x7f4b87518a4d [ 245.895331] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.895709] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5461 of 7281 items, 4194304 file size, 768 bytes per hash table item), suggesting rotation. [ 245.895961] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.898897] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 245.899574] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.899588] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.903009] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.903752] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.904489] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.905243] [ 245.905491] irq event stamp: 0 [ 245.905820] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.906473] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.907397] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.908258] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.908906] ---[ end trace 0000000000000000 ]--- [ 245.909807] ------------[ cut here ]------------ [ 245.910312] WARNING: CPU: 0 PID: 2323 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 245.911409] Modules linked in: [ 245.911756] CPU: 0 PID: 2323 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.912671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.913839] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 245.914381] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 245.916367] RSP: 0018:ffff888021a57b78 EFLAGS: 00010246 [ 245.916954] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 245.917704] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 245.918454] RBP: ffff888021a57b98 R08: ffffed1002c13a3e R09: ffffed1002c13a3e [ 245.919265] R10: ffff88801609d1ef R11: ffffed1002c13a3d R12: ffff88801609d290 [ 245.920019] R13: ffff88801609d0a8 R14: ffffffffffffffff R15: ffff888021a57c60 [ 245.920773] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 245.921626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.922239] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 245.923013] PKRU: 55555554 [ 245.923331] Call Trace: [ 245.923605] [ 245.923853] iommufd_ioas_destroy+0x53/0x70 [ 245.924326] iommufd_fops_release+0x1f7/0x370 [ 245.924813] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.925345] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.925861] ? write_comp_data+0x2f/0x90 [ 245.926294] ? __pfx_iommufd_fops_release+0x10/0x10 [ 245.926875] __fput+0x26d/0xa40 [ 245.927263] ____fput+0x1e/0x30 [ 245.927621] task_work_run+0x1a4/0x2d0 [ 245.928046] ? __pfx_task_work_run+0x10/0x10 [ 245.928521] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.929040] ? switch_task_namespaces+0xa9/0xe0 [ 245.929545] do_exit+0xb17/0x2ef0 [ 245.929911] ? lock_acquire+0x427/0x4c0 [ 245.930333] ? __pfx_lock_release+0x10/0x10 [ 245.930837] ? __kasan_check_write+0x18/0x20 [ 245.931319] ? do_raw_spin_lock+0x132/0x2a0 [ 245.931798] ? __pfx_do_exit+0x10/0x10 [ 245.932240] ? debug_smp_processor_id+0x20/0x30 [ 245.932753] ? rcu_is_watching+0x19/0xb0 [ 245.933192] ? _raw_spin_unlock_irq+0x2b/0x60 [ 245.933674] ? trace_hardirqs_on+0x26/0x120 [ 245.934134] do_group_exit+0xe0/0x2b0 [ 245.934587] __x64_sys_exit_group+0x47/0x50 [ 245.935046] do_syscall_64+0x3b/0x90 [ 245.935467] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.936021] RIP: 0033:0x7f4b87518a4d [ 245.936420] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 245.937059] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 245.937851] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 245.938649] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 245.939409] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 245.940154] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 245.940897] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 245.941662] [ 245.941909] irq event stamp: 0 [ 245.942240] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 245.942944] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 245.943838] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 245.944716] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 245.945380] ---[ end trace 0000000000000000 ]--- [ 245.956261] ------------[ cut here ]------------ [ 245.956988] WARNING: CPU: 1 PID: 2325 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 245.958374] Modules linked in: [ 245.958971] CPU: 1 PID: 2325 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 245.960195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 245.961760] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 245.962477] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 245.965379] RSP: 0018:ffff888016d6fbb8 EFLAGS: 00010246 [ 245.966285] RAX: 0000000000000000 RBX: ffff88800b8158a8 RCX: 0000000000000000 [ 245.967434] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 245.968414] RBP: ffff888016d6fbd0 R08: ffffed1001702b33 R09: ffffed1001702b33 [ 245.969573] R10: ffff88800b815993 R11: ffffed1001702b32 R12: ffff8880129c6400 [ 245.970589] R13: ffff88800b8159e8 R14: ffffffff8352e670 R15: ffff888016d6fe68 [ 245.971758] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 245.972862] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 245.973848] CR2: 0000000020000140 CR3: 0000000012330000 CR4: 0000000000750ee0 [ 245.974936] PKRU: 55555554 [ 245.975367] Call Trace: [ 245.975726] [ 245.976046] __iommufd_access_detach+0x1c2/0x2b0 [ 245.976734] iommufd_access_change_pt+0x149/0x270 [ 245.977671] iommufd_access_replace+0xb4/0x120 [ 245.978342] iommufd_test+0x3e5/0x37e0 [ 245.978969] ? lock_release+0x532/0x770 [ 245.979581] ? __might_fault+0x102/0x1b0 [ 245.980327] ? lock_acquire+0x427/0x4c0 [ 245.980980] ? __pfx_iommufd_test+0x10/0x10 [ 245.981582] ? __pfx_lock_release+0x10/0x10 [ 245.982193] ? __pfx_lock_acquire+0x10/0x10 [ 245.983088] ? write_comp_data+0x2f/0x90 [ 245.983728] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 245.984412] ? write_comp_data+0x2f/0x90 [ 245.984992] iommufd_fops_ioctl+0x37d/0x510 [ 245.985748] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.986597] ? write_comp_data+0x2f/0x90 [ 245.987213] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 245.987890] __x64_sys_ioctl+0x1a3/0x230 [ 245.988537] do_syscall_64+0x3b/0x90 [ 245.989302] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 245.990034] RIP: 0033:0x7f4b8743ee5d [ 245.990628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 245.993397] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 245.994717] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 245.995717] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 245.996742] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 245.997853] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 245.998886] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 246.000161] [ 246.000489] irq event stamp: 0 [ 246.000923] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.001786] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.003220] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.004356] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.005431] ---[ end trace 0000000000000000 ]--- [ 246.011480] ------------[ cut here ]------------ [ 246.012178] WARNING: CPU: 1 PID: 2325 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.013758] Modules linked in: [ 246.014205] CPU: 1 PID: 2325 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.015711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.017250] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.017942] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.020771] RSP: 0018:ffff888016d6fbd0 EFLAGS: 00010246 [ 246.021701] RAX: 0000000000000000 RBX: ffff88800b8158a8 RCX: 0000000000000000 [ 246.022727] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 246.023777] RBP: ffff888016d6fbe8 R08: ffffed1001702b33 R09: ffffed1001702b33 [ 246.024921] R10: ffff88800b815993 R11: ffffed1001702b32 R12: ffff88801226d000 [ 246.025901] R13: ffff88800b8159e8 R14: ffff888012b9b200 R15: 0000000000000000 [ 246.027167] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.028287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.029094] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.030318] PKRU: 55555554 [ 246.030789] Call Trace: [ 246.031167] [ 246.031487] iommufd_access_destroy_object+0x65/0x170 [ 246.032247] iommufd_object_destroy_user+0x18e/0x220 [ 246.033095] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 246.033907] iommufd_access_destroy+0x43/0x70 [ 246.034595] iommufd_test_staccess_release+0x8d/0xd0 [ 246.035564] __fput+0x26d/0xa40 [ 246.036052] ____fput+0x1e/0x30 [ 246.036529] task_work_run+0x1a4/0x2d0 [ 246.037084] ? __pfx_task_work_run+0x10/0x10 [ 246.037859] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.038652] ? switch_task_namespaces+0xa9/0xe0 [ 246.039335] do_exit+0xb17/0x2ef0 [ 246.039821] ? lock_acquire+0x427/0x4c0 [ 246.040433] ? __pfx_lock_release+0x10/0x10 [ 246.041158] ? __kasan_check_write+0x18/0x20 [ 246.041777] ? do_raw_spin_lock+0x132/0x2a0 [ 246.042379] ? __pfx_do_exit+0x10/0x10 [ 246.043036] ? debug_smp_processor_id+0x20/0x30 [ 246.043818] ? rcu_is_watching+0x19/0xb0 [ 246.044387] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.045019] ? trace_hardirqs_on+0x26/0x120 [ 246.045627] do_group_exit+0xe0/0x2b0 [ 246.046385] __x64_sys_exit_group+0x47/0x50 [ 246.047019] do_syscall_64+0x3b/0x90 [ 246.047561] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.048284] RIP: 0033:0x7f4b87518a4d [ 246.048945] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.049870] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.050993] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.052230] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.053195] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.054224] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.055396] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.056390] [ 246.056717] irq event stamp: 0 [ 246.057368] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.058230] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.059435] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.060740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.061599] ---[ end trace 0000000000000000 ]--- [ 246.063193] ------------[ cut here ]------------ [ 246.063853] WARNING: CPU: 1 PID: 2325 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 246.065238] Modules linked in: [ 246.065681] CPU: 1 PID: 2325 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.066913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.068451] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 246.069153] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 246.071651] RSP: 0018:ffff888016d6fb78 EFLAGS: 00010246 [ 246.072387] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 246.073356] RDX: 0000000000000000 RSI: ffff8880164b8000 RDI: 0000000000000002 [ 246.074326] RBP: ffff888016d6fb98 R08: ffffed1001702b3e R09: ffffed1001702b3e [ 246.075348] R10: ffff88800b8159ef R11: ffffed1001702b3d R12: ffff88800b815a90 [ 246.076326] R13: ffff88800b8158a8 R14: ffffffffffffffff R15: ffff888016d6fc60 [ 246.077295] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.078384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.079251] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.080226] PKRU: 55555554 [ 246.080618] Call Trace: [ 246.080970] [ 246.081287] iommufd_ioas_destroy+0x53/0x70 [ 246.081886] iommufd_fops_release+0x1f7/0x370 [ 246.082560] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.083274] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.083961] ? write_comp_data+0x2f/0x90 [ 246.084535] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.085224] __fput+0x26d/0xa40 [ 246.085709] ____fput+0x1e/0x30 [ 246.086190] task_work_run+0x1a4/0x2d0 [ 246.086796] ? __pfx_task_work_run+0x10/0x10 [ 246.087438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.088118] ? switch_task_namespaces+0xa9/0xe0 [ 246.088776] do_exit+0xb17/0x2ef0 [ 246.089257] ? lock_acquire+0x427/0x4c0 [ 246.089816] ? __pfx_lock_release+0x10/0x10 [ 246.090422] ? __kasan_check_write+0x18/0x20 [ 246.091092] ? do_raw_spin_lock+0x132/0x2a0 [ 246.091733] ? __pfx_do_exit+0x10/0x10 [ 246.092296] ? debug_smp_processor_id+0x20/0x30 [ 246.092939] ? rcu_is_watching+0x19/0xb0 [ 246.093498] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.094128] ? trace_hardirqs_on+0x26/0x120 [ 246.094781] do_group_exit+0xe0/0x2b0 [ 246.095335] __x64_sys_exit_group+0x47/0x50 [ 246.095926] do_syscall_64+0x3b/0x90 [ 246.096455] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.097173] RIP: 0033:0x7f4b87518a4d [ 246.097687] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.098568] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.099616] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.100581] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.101548] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.102545] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.103527] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.104517] [ 246.104845] irq event stamp: 0 [ 246.105284] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.106143] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.107331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.108469] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.109323] ---[ end trace 0000000000000000 ]--- [ 246.117439] ------------[ cut here ]------------ [ 246.118158] WARNING: CPU: 1 PID: 2326 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.119680] Modules linked in: [ 246.120137] CPU: 1 PID: 2326 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.121324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.122880] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.123588] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.126030] RSP: 0018:ffff888023cafbb8 EFLAGS: 00010246 [ 246.126785] RAX: 0000000000000000 RBX: ffff8880185c98a8 RCX: 0000000000000000 [ 246.127768] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 246.128738] RBP: ffff888023cafbd0 R08: ffffed10030b9333 R09: ffffed10030b9333 [ 246.129700] R10: ffff8880185c9993 R11: ffffed10030b9332 R12: ffff888013a09800 [ 246.130700] R13: ffff8880185c99e8 R14: ffffffff8352e670 R15: ffff888023cafe68 [ 246.131686] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.132768] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.133554] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 246.134557] PKRU: 55555554 [ 246.134953] Call Trace: [ 246.135325] [ 246.135643] __iommufd_access_detach+0x1c2/0x2b0 [ 246.136322] iommufd_access_change_pt+0x149/0x270 [ 246.137001] iommufd_access_replace+0xb4/0x120 [ 246.137656] iommufd_test+0x3e5/0x37e0 [ 246.138201] ? lock_release+0x532/0x770 [ 246.138831] ? __might_fault+0x102/0x1b0 [ 246.139434] ? lock_acquire+0x427/0x4c0 [ 246.139997] ? __pfx_iommufd_test+0x10/0x10 [ 246.140589] ? __pfx_lock_release+0x10/0x10 [ 246.141193] ? __pfx_lock_acquire+0x10/0x10 [ 246.141806] ? write_comp_data+0x2f/0x90 [ 246.142390] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.143110] ? write_comp_data+0x2f/0x90 [ 246.143714] iommufd_fops_ioctl+0x37d/0x510 [ 246.144319] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.144997] ? write_comp_data+0x2f/0x90 [ 246.145572] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.146236] __x64_sys_ioctl+0x1a3/0x230 [ 246.146847] do_syscall_64+0x3b/0x90 [ 246.147404] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.148124] RIP: 0033:0x7f4b8743ee5d [ 246.148636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 246.151468] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 246.152503] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 246.153728] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 246.154734] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 246.155715] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 246.156733] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 246.157912] [ 246.158243] irq event stamp: 0 [ 246.158727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.159605] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.160745] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.162115] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.163021] ---[ end trace 0000000000000000 ]--- [ 246.166455] ------------[ cut here ]------------ [ 246.167047] WARNING: CPU: 1 PID: 2326 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.168145] Modules linked in: [ 246.168484] CPU: 1 PID: 2326 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.169445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.171430] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.171972] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.173878] RSP: 0018:ffff888023cafbd0 EFLAGS: 00010246 [ 246.174451] RAX: 0000000000000000 RBX: ffff8880185c98a8 RCX: 0000000000000000 [ 246.175274] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 246.176031] RBP: ffff888023cafbe8 R08: ffffed10030b9333 R09: ffffed10030b9333 [ 246.176987] R10: ffff8880185c9993 R11: ffffed10030b9332 R12: ffff8880129c5400 [ 246.177998] R13: ffff8880185c99e8 R14: ffff888012fb6500 R15: 0000000000000000 [ 246.178785] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.179663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.180282] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.181036] PKRU: 55555554 [ 246.181337] Call Trace: [ 246.181607] [ 246.181851] iommufd_access_destroy_object+0x65/0x170 [ 246.182601] iommufd_object_destroy_user+0x18e/0x220 [ 246.183433] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 246.184202] iommufd_access_destroy+0x43/0x70 [ 246.184832] iommufd_test_staccess_release+0x8d/0xd0 [ 246.185573] __fput+0x26d/0xa40 [ 246.186061] ____fput+0x1e/0x30 [ 246.186565] task_work_run+0x1a4/0x2d0 [ 246.187092] ? __pfx_task_work_run+0x10/0x10 [ 246.187971] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.188644] ? switch_task_namespaces+0xa9/0xe0 [ 246.189310] do_exit+0xb17/0x2ef0 [ 246.189801] ? lock_acquire+0x427/0x4c0 [ 246.190348] ? __pfx_lock_release+0x10/0x10 [ 246.190958] ? __kasan_check_write+0x18/0x20 [ 246.191711] ? do_raw_spin_lock+0x132/0x2a0 [ 246.192298] ? __pfx_do_exit+0x10/0x10 [ 246.192857] ? debug_smp_processor_id+0x20/0x30 [ 246.193507] ? rcu_is_watching+0x19/0xb0 [ 246.194072] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.194714] ? trace_hardirqs_on+0x26/0x120 [ 246.195455] do_group_exit+0xe0/0x2b0 [ 246.195971] __x64_sys_exit_group+0x47/0x50 [ 246.196554] do_syscall_64+0x3b/0x90 [ 246.197094] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.197784] RIP: 0033:0x7f4b87518a4d [ 246.198189] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.198910] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.199759] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.200700] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.201842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.202645] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.203419] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.204192] [ 246.204440] irq event stamp: 0 [ 246.204782] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.205457] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.206552] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.207760] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.208439] ---[ end trace 0000000000000000 ]--- [ 246.209349] ------------[ cut here ]------------ [ 246.209854] WARNING: CPU: 1 PID: 2326 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 246.210980] Modules linked in: [ 246.211350] CPU: 1 PID: 2326 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.212354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.213991] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 246.214592] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 246.216535] RSP: 0018:ffff888023cafb78 EFLAGS: 00010246 [ 246.217103] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 246.217969] RDX: 0000000000000000 RSI: ffff8880164ba500 RDI: 0000000000000002 [ 246.219083] RBP: ffff888023cafb98 R08: ffffed10030b933e R09: ffffed10030b933e [ 246.219872] R10: ffff8880185c99ef R11: ffffed10030b933d R12: ffff8880185c9a90 [ 246.220638] R13: ffff8880185c98a8 R14: ffffffffffffffff R15: ffff888023cafc60 [ 246.221404] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.222257] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.222918] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.223705] PKRU: 55555554 [ 246.224097] Call Trace: [ 246.224472] [ 246.224859] iommufd_ioas_destroy+0x53/0x70 [ 246.225340] iommufd_fops_release+0x1f7/0x370 [ 246.225829] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.226365] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.226931] ? write_comp_data+0x2f/0x90 [ 246.227390] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.227926] __fput+0x26d/0xa40 [ 246.228310] ____fput+0x1e/0x30 [ 246.228680] task_work_run+0x1a4/0x2d0 [ 246.229175] ? __pfx_task_work_run+0x10/0x10 [ 246.229784] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.230471] ? switch_task_namespaces+0xa9/0xe0 [ 246.231054] do_exit+0xb17/0x2ef0 [ 246.231449] ? lock_acquire+0x427/0x4c0 [ 246.231891] ? __pfx_lock_release+0x10/0x10 [ 246.232369] ? __kasan_check_write+0x18/0x20 [ 246.232842] ? do_raw_spin_lock+0x132/0x2a0 [ 246.233306] ? __pfx_do_exit+0x10/0x10 [ 246.233735] ? debug_smp_processor_id+0x20/0x30 [ 246.234249] ? rcu_is_watching+0x19/0xb0 [ 246.234821] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.235529] ? trace_hardirqs_on+0x26/0x120 [ 246.236004] do_group_exit+0xe0/0x2b0 [ 246.236416] __x64_sys_exit_group+0x47/0x50 [ 246.236880] do_syscall_64+0x3b/0x90 [ 246.237290] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.237866] RIP: 0033:0x7f4b87518a4d [ 246.238284] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.239003] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.239838] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.240642] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.241672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.242752] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.243524] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.244294] [ 246.244542] irq event stamp: 0 [ 246.244879] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.245557] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.246644] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.247730] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.248418] ---[ end trace 0000000000000000 ]--- [ 246.254757] ------------[ cut here ]------------ [ 246.255354] WARNING: CPU: 1 PID: 2327 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.256414] Modules linked in: [ 246.256754] CPU: 1 PID: 2327 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.257673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.259287] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.259836] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.261812] RSP: 0018:ffff888023c4fbb8 EFLAGS: 00010246 [ 246.262386] RAX: 0000000000000000 RBX: ffff8880183010a8 RCX: 0000000000000000 [ 246.263221] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 246.264282] RBP: ffff888023c4fbd0 R08: ffffed1003060233 R09: ffffed1003060233 [ 246.265044] R10: ffff888018301193 R11: ffffed1003060232 R12: ffff88801890fc00 [ 246.265812] R13: ffff8880183011e8 R14: ffffffff8352e670 R15: ffff888023c4fe68 [ 246.266614] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.267488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.268114] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 246.268878] PKRU: 55555554 [ 246.269179] Call Trace: [ 246.269455] [ 246.269707] __iommufd_access_detach+0x1c2/0x2b0 [ 246.270237] iommufd_access_change_pt+0x149/0x270 [ 246.270892] iommufd_access_replace+0xb4/0x120 [ 246.271416] iommufd_test+0x3e5/0x37e0 [ 246.271850] ? lock_release+0x532/0x770 [ 246.272293] ? __might_fault+0x102/0x1b0 [ 246.272734] ? lock_acquire+0x427/0x4c0 [ 246.273172] ? __pfx_iommufd_test+0x10/0x10 [ 246.273633] ? __pfx_lock_release+0x10/0x10 [ 246.274101] ? __pfx_lock_acquire+0x10/0x10 [ 246.274614] ? write_comp_data+0x2f/0x90 [ 246.275061] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.275603] ? write_comp_data+0x2f/0x90 [ 246.276047] iommufd_fops_ioctl+0x37d/0x510 [ 246.276508] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.277029] ? write_comp_data+0x2f/0x90 [ 246.277468] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.277984] __x64_sys_ioctl+0x1a3/0x230 [ 246.278434] do_syscall_64+0x3b/0x90 [ 246.278881] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.279457] RIP: 0033:0x7f4b8743ee5d [ 246.279861] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 246.281820] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 246.282694] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 246.283484] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 246.284247] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 246.285012] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 246.285775] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 246.286592] [ 246.286854] irq event stamp: 0 [ 246.287209] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.287885] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.288779] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.289662] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.290332] ---[ end trace 0000000000000000 ]--- [ 246.293897] ------------[ cut here ]------------ [ 246.294443] WARNING: CPU: 1 PID: 2327 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.295615] Modules linked in: [ 246.295964] CPU: 1 PID: 2327 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.296890] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.298075] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.298631] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.300572] RSP: 0018:ffff888023c4fbd0 EFLAGS: 00010246 [ 246.301142] RAX: 0000000000000000 RBX: ffff8880183010a8 RCX: 0000000000000000 [ 246.301911] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 246.302724] RBP: ffff888023c4fbe8 R08: ffffed1003060233 R09: ffffed1003060233 [ 246.303510] R10: ffff888018301193 R11: ffffed1003060232 R12: ffff888013a09000 [ 246.304267] R13: ffff8880183011e8 R14: ffff88800fe7de00 R15: 0000000000000000 [ 246.305027] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.305883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.306489] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.307298] PKRU: 55555554 [ 246.307598] Call Trace: [ 246.307878] [ 246.308120] iommufd_access_destroy_object+0x65/0x170 [ 246.308686] iommufd_object_destroy_user+0x18e/0x220 [ 246.309224] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 246.309843] iommufd_access_destroy+0x43/0x70 [ 246.310332] iommufd_test_staccess_release+0x8d/0xd0 [ 246.310921] __fput+0x26d/0xa40 [ 246.311316] ____fput+0x1e/0x30 [ 246.311671] task_work_run+0x1a4/0x2d0 [ 246.312093] ? __pfx_task_work_run+0x10/0x10 [ 246.312570] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.313097] ? switch_task_namespaces+0xa9/0xe0 [ 246.313594] do_exit+0xb17/0x2ef0 [ 246.313960] ? lock_acquire+0x427/0x4c0 [ 246.314398] ? __pfx_lock_release+0x10/0x10 [ 246.314894] ? __kasan_check_write+0x18/0x20 [ 246.315388] ? do_raw_spin_lock+0x132/0x2a0 [ 246.315853] ? __pfx_do_exit+0x10/0x10 [ 246.316273] ? debug_smp_processor_id+0x20/0x30 [ 246.316766] ? rcu_is_watching+0x19/0xb0 [ 246.317200] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.317679] ? trace_hardirqs_on+0x26/0x120 [ 246.318142] do_group_exit+0xe0/0x2b0 [ 246.318589] __x64_sys_exit_group+0x47/0x50 [ 246.319050] do_syscall_64+0x3b/0x90 [ 246.319481] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.320030] RIP: 0033:0x7f4b87518a4d [ 246.320443] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.321088] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.321880] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.322653] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.323417] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.324174] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.324934] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.325690] [ 246.325940] irq event stamp: 0 [ 246.326269] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.326976] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.327875] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.328747] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.329406] ---[ end trace 0000000000000000 ]--- [ 246.330301] ------------[ cut here ]------------ [ 246.330841] WARNING: CPU: 1 PID: 2327 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 246.331922] Modules linked in: [ 246.332259] CPU: 1 PID: 2327 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.333176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.334361] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 246.334961] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 246.336884] RSP: 0018:ffff888023c4fb78 EFLAGS: 00010246 [ 246.337451] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 246.338191] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 246.338975] RBP: ffff888023c4fb98 R08: ffffed100306023e R09: ffffed100306023e [ 246.339751] R10: ffff8880183011ef R11: ffffed100306023d R12: ffff888018301290 [ 246.340504] R13: ffff8880183010a8 R14: ffffffffffffffff R15: ffff888023c4fc60 [ 246.341252] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.342101] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.342748] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.343507] PKRU: 55555554 [ 246.343804] Call Trace: [ 246.344075] [ 246.344319] iommufd_ioas_destroy+0x53/0x70 [ 246.344791] iommufd_fops_release+0x1f7/0x370 [ 246.345279] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.345813] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.346346] ? write_comp_data+0x2f/0x90 [ 246.346859] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.347425] __fput+0x26d/0xa40 [ 246.347798] ____fput+0x1e/0x30 [ 246.348161] task_work_run+0x1a4/0x2d0 [ 246.348587] ? __pfx_task_work_run+0x10/0x10 [ 246.349057] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.349580] ? switch_task_namespaces+0xa9/0xe0 [ 246.350086] do_exit+0xb17/0x2ef0 [ 246.350464] ? lock_acquire+0x427/0x4c0 [ 246.350967] ? __pfx_lock_release+0x10/0x10 [ 246.351449] ? __kasan_check_write+0x18/0x20 [ 246.351918] ? do_raw_spin_lock+0x132/0x2a0 [ 246.352375] ? __pfx_do_exit+0x10/0x10 [ 246.352785] ? debug_smp_processor_id+0x20/0x30 [ 246.353292] ? rcu_is_watching+0x19/0xb0 [ 246.353732] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.354225] ? trace_hardirqs_on+0x26/0x120 [ 246.354745] do_group_exit+0xe0/0x2b0 [ 246.355168] __x64_sys_exit_group+0x47/0x50 [ 246.355617] do_syscall_64+0x3b/0x90 [ 246.356017] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.356564] RIP: 0033:0x7f4b87518a4d [ 246.356956] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.357588] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.358386] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.359177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.359921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.360659] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.361399] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.362157] [ 246.362408] irq event stamp: 0 [ 246.362770] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.363445] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.364319] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.365200] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.365865] ---[ end trace 0000000000000000 ]--- [ 246.371267] ------------[ cut here ]------------ [ 246.371824] WARNING: CPU: 1 PID: 2328 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.372870] Modules linked in: [ 246.373205] CPU: 1 PID: 2328 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.374108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.375330] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.375858] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.377769] RSP: 0018:ffff888015c67bb8 EFLAGS: 00010246 [ 246.378318] RAX: 0000000000000000 RBX: ffff8880143748a8 RCX: 0000000000000000 [ 246.379095] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 246.379857] RBP: ffff888015c67bd0 R08: ffffed100286e933 R09: ffffed100286e933 [ 246.380600] R10: ffff888014374993 R11: ffffed100286e932 R12: ffff888018709400 [ 246.381340] R13: ffff8880143749e8 R14: ffffffff8352e670 R15: ffff888015c67e68 [ 246.382077] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.382936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.383567] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 246.384307] PKRU: 55555554 [ 246.384600] Call Trace: [ 246.384866] [ 246.385102] __iommufd_access_detach+0x1c2/0x2b0 [ 246.385618] iommufd_access_change_pt+0x149/0x270 [ 246.386138] iommufd_access_replace+0xb4/0x120 [ 246.386653] iommufd_test+0x3e5/0x37e0 [ 246.387066] ? lock_release+0x532/0x770 [ 246.387514] ? __might_fault+0x102/0x1b0 [ 246.387958] ? lock_acquire+0x427/0x4c0 [ 246.388389] ? __pfx_iommufd_test+0x10/0x10 [ 246.388837] ? __pfx_lock_release+0x10/0x10 [ 246.389294] ? __pfx_lock_acquire+0x10/0x10 [ 246.389761] ? write_comp_data+0x2f/0x90 [ 246.390204] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.390752] ? write_comp_data+0x2f/0x90 [ 246.391205] iommufd_fops_ioctl+0x37d/0x510 [ 246.391665] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.392179] ? write_comp_data+0x2f/0x90 [ 246.392618] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.393135] __x64_sys_ioctl+0x1a3/0x230 [ 246.393578] do_syscall_64+0x3b/0x90 [ 246.393987] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.394572] RIP: 0033:0x7f4b8743ee5d [ 246.394963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 246.396895] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 246.397704] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 246.398451] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 246.399248] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 246.399993] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 246.400733] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 246.401502] [ 246.401754] irq event stamp: 0 [ 246.402084] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.402778] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.403674] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.404549] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.405206] ---[ end trace 0000000000000000 ]--- [ 246.408498] ------------[ cut here ]------------ [ 246.409104] WARNING: CPU: 1 PID: 2328 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.410716] Modules linked in: [ 246.411065] CPU: 1 PID: 2328 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.412002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.413191] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.413733] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.416142] RSP: 0018:ffff888015c67bd0 EFLAGS: 00010246 [ 246.416725] RAX: 0000000000000000 RBX: ffff8880143748a8 RCX: 0000000000000000 [ 246.417470] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 246.418212] RBP: ffff888015c67be8 R08: ffffed100286e933 R09: ffffed100286e933 [ 246.418986] R10: ffff888014374993 R11: ffffed100286e932 R12: ffff88801890e000 [ 246.419759] R13: ffff8880143749e8 R14: ffff888014981200 R15: 0000000000000000 [ 246.420742] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.421778] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.422397] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.423189] PKRU: 55555554 [ 246.423497] Call Trace: [ 246.423768] [ 246.424004] iommufd_access_destroy_object+0x65/0x170 [ 246.424551] iommufd_object_destroy_user+0x18e/0x220 [ 246.425237] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 246.426126] iommufd_access_destroy+0x43/0x70 [ 246.426643] iommufd_test_staccess_release+0x8d/0xd0 [ 246.427207] __fput+0x26d/0xa40 [ 246.427576] ____fput+0x1e/0x30 [ 246.427930] task_work_run+0x1a4/0x2d0 [ 246.428353] ? __pfx_task_work_run+0x10/0x10 [ 246.428826] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.429351] ? switch_task_namespaces+0xa9/0xe0 [ 246.429969] do_exit+0xb17/0x2ef0 [ 246.430479] ? lock_acquire+0x427/0x4c0 [ 246.431095] ? __pfx_lock_release+0x10/0x10 [ 246.431569] ? __kasan_check_write+0x18/0x20 [ 246.432042] ? do_raw_spin_lock+0x132/0x2a0 [ 246.432505] ? __pfx_do_exit+0x10/0x10 [ 246.432928] ? debug_smp_processor_id+0x20/0x30 [ 246.433427] ? rcu_is_watching+0x19/0xb0 [ 246.433865] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.434354] ? trace_hardirqs_on+0x26/0x120 [ 246.434982] do_group_exit+0xe0/0x2b0 [ 246.435590] __x64_sys_exit_group+0x47/0x50 [ 246.436044] do_syscall_64+0x3b/0x90 [ 246.436455] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.437009] RIP: 0033:0x7f4b87518a4d [ 246.437412] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.438064] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.438894] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.439814] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.440857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.441606] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.442351] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.443164] [ 246.443417] irq event stamp: 0 [ 246.443749] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.444464] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.445707] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.446603] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.447283] ---[ end trace 0000000000000000 ]--- [ 246.450275] ------------[ cut here ]------------ [ 246.450886] WARNING: CPU: 1 PID: 2328 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 246.451966] Modules linked in: [ 246.452303] CPU: 1 PID: 2328 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.453224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.454716] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 246.455421] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 246.457322] RSP: 0018:ffff888015c67b78 EFLAGS: 00010246 [ 246.457898] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 246.458669] RDX: 0000000000000000 RSI: ffff888012bb4a00 RDI: 0000000000000002 [ 246.459518] RBP: ffff888015c67b98 R08: ffffed100286e93e R09: ffffed100286e93e [ 246.460562] R10: ffff8880143749ef R11: ffffed100286e93d R12: ffff888014374a90 [ 246.461323] R13: ffff8880143748a8 R14: ffffffffffffffff R15: ffff888015c67c60 [ 246.462077] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.462952] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.463589] CR2: 00007f82e2aa3000 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 246.464329] PKRU: 55555554 [ 246.464623] Call Trace: [ 246.464896] [ 246.465147] iommufd_ioas_destroy+0x53/0x70 [ 246.465672] iommufd_fops_release+0x1f7/0x370 [ 246.466314] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.467022] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.467577] ? write_comp_data+0x2f/0x90 [ 246.468028] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.468585] __fput+0x26d/0xa40 [ 246.468960] ____fput+0x1e/0x30 [ 246.469336] task_work_run+0x1a4/0x2d0 [ 246.469773] ? __pfx_task_work_run+0x10/0x10 [ 246.470250] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.470828] ? switch_task_namespaces+0xa9/0xe0 [ 246.471375] do_exit+0xb17/0x2ef0 [ 246.471749] ? lock_acquire+0x427/0x4c0 [ 246.472234] ? __pfx_lock_release+0x10/0x10 [ 246.472847] ? __kasan_check_write+0x18/0x20 [ 246.473526] ? do_raw_spin_lock+0x132/0x2a0 [ 246.474004] ? __pfx_do_exit+0x10/0x10 [ 246.474434] ? debug_smp_processor_id+0x20/0x30 [ 246.474971] ? rcu_is_watching+0x19/0xb0 [ 246.475422] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.475910] ? trace_hardirqs_on+0x26/0x120 [ 246.476381] do_group_exit+0xe0/0x2b0 [ 246.476791] __x64_sys_exit_group+0x47/0x50 [ 246.477248] do_syscall_64+0x3b/0x90 [ 246.477659] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.478284] RIP: 0033:0x7f4b87518a4d [ 246.478874] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.479779] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.480587] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.481344] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.482091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.482894] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.483680] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.484449] [ 246.484703] irq event stamp: 0 [ 246.485164] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.486145] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.487081] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.487993] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.488676] ---[ end trace 0000000000000000 ]--- [ 246.497852] ------------[ cut here ]------------ [ 246.498762] WARNING: CPU: 0 PID: 2329 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.500569] Modules linked in: [ 246.501069] CPU: 0 PID: 2329 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.502308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.504224] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.505206] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.508051] RSP: 0018:ffff888016f1fbb8 EFLAGS: 00010246 [ 246.508806] RAX: 0000000000000000 RBX: ffff8880147858a8 RCX: 0000000000000000 [ 246.510062] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 246.511096] RBP: ffff888016f1fbd0 R08: ffffed10028f0b33 R09: ffffed10028f0b33 [ 246.512380] R10: ffff888014785993 R11: ffffed10028f0b32 R12: ffff88800f794000 [ 246.513381] R13: ffff8880147859e8 R14: ffffffff8352e670 R15: ffff888016f1fe68 [ 246.514688] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 246.515901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.516922] CR2: 00007f82e2aa7008 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 246.517915] PKRU: 55555554 [ 246.518637] Call Trace: [ 246.519025] [ 246.519386] __iommufd_access_detach+0x1c2/0x2b0 [ 246.520080] iommufd_access_change_pt+0x149/0x270 [ 246.521060] iommufd_access_replace+0xb4/0x120 [ 246.521743] iommufd_test+0x3e5/0x37e0 [ 246.522314] ? lock_release+0x532/0x770 [ 246.523270] ? __might_fault+0x102/0x1b0 [ 246.523875] ? lock_acquire+0x427/0x4c0 [ 246.524469] ? __pfx_iommufd_test+0x10/0x10 [ 246.525082] ? __pfx_lock_release+0x10/0x10 [ 246.525710] ? __pfx_lock_acquire+0x10/0x10 [ 246.526703] ? write_comp_data+0x2f/0x90 [ 246.527349] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.528042] ? write_comp_data+0x2f/0x90 [ 246.528640] iommufd_fops_ioctl+0x37d/0x510 [ 246.529560] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.530270] ? write_comp_data+0x2f/0x90 [ 246.530951] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.531785] __x64_sys_ioctl+0x1a3/0x230 [ 246.532544] do_syscall_64+0x3b/0x90 [ 246.533095] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.533863] RIP: 0033:0x7f4b8743ee5d [ 246.534653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 246.537433] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 246.538499] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 246.539827] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 246.540836] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 246.542293] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 246.543097] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 246.543878] [ 246.544120] irq event stamp: 0 [ 246.544493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.545740] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.547065] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.548454] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.549325] ---[ end trace 0000000000000000 ]--- [ 246.555231] ------------[ cut here ]------------ [ 246.555927] WARNING: CPU: 0 PID: 2329 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.557300] Modules linked in: [ 246.557745] CPU: 0 PID: 2329 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.559006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.560440] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.561128] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.563681] RSP: 0018:ffff888016f1fbd0 EFLAGS: 00010246 [ 246.564428] RAX: 0000000000000000 RBX: ffff8880147858a8 RCX: 0000000000000000 [ 246.565404] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 246.566372] RBP: ffff888016f1fbe8 R08: ffffed10028f0b33 R09: ffffed10028f0b33 [ 246.567415] R10: ffff888014785993 R11: ffffed10028f0b32 R12: ffff88800f4d1800 [ 246.568397] R13: ffff8880147859e8 R14: ffff8880122bab00 R15: 0000000000000000 [ 246.569377] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 246.570475] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.571376] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 246.572373] PKRU: 55555554 [ 246.572769] Call Trace: [ 246.573127] [ 246.573451] iommufd_access_destroy_object+0x65/0x170 [ 246.574170] iommufd_object_destroy_user+0x18e/0x220 [ 246.574931] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 246.575766] iommufd_access_destroy+0x43/0x70 [ 246.576409] iommufd_test_staccess_release+0x8d/0xd0 [ 246.577147] __fput+0x26d/0xa40 [ 246.577633] ____fput+0x1e/0x30 [ 246.578107] task_work_run+0x1a4/0x2d0 [ 246.578733] ? __pfx_task_work_run+0x10/0x10 [ 246.579384] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.580071] ? switch_task_namespaces+0xa9/0xe0 [ 246.580734] do_exit+0xb17/0x2ef0 [ 246.581216] ? lock_acquire+0x427/0x4c0 [ 246.581782] ? __pfx_lock_release+0x10/0x10 [ 246.582390] ? __kasan_check_write+0x18/0x20 [ 246.583067] ? do_raw_spin_lock+0x132/0x2a0 [ 246.583681] ? __pfx_do_exit+0x10/0x10 [ 246.584244] ? debug_smp_processor_id+0x20/0x30 [ 246.584895] ? rcu_is_watching+0x19/0xb0 [ 246.585462] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.586097] ? trace_hardirqs_on+0x26/0x120 [ 246.586761] do_group_exit+0xe0/0x2b0 [ 246.587323] __x64_sys_exit_group+0x47/0x50 [ 246.587923] do_syscall_64+0x3b/0x90 [ 246.588453] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.589179] RIP: 0033:0x7f4b87518a4d [ 246.589699] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.590605] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.591674] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.592651] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.593622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.594677] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.595674] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.596665] [ 246.596994] irq event stamp: 0 [ 246.597432] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.598292] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.599510] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.600660] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.601519] ---[ end trace 0000000000000000 ]--- [ 246.602951] ------------[ cut here ]------------ [ 246.603626] WARNING: CPU: 0 PID: 2329 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 246.604996] Modules linked in: [ 246.605439] CPU: 0 PID: 2329 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.606719] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.608259] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 246.608965] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 246.611505] RSP: 0018:ffff888016f1fb78 EFLAGS: 00010246 [ 246.612234] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 246.613196] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 246.614154] RBP: ffff888016f1fb98 R08: ffffed10028f0b3e R09: ffffed10028f0b3e [ 246.615232] R10: ffff8880147859ef R11: ffffed10028f0b3d R12: ffff888014785a90 [ 246.616210] R13: ffff8880147858a8 R14: ffffffffffffffff R15: ffff888016f1fc60 [ 246.617178] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 246.618277] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.619129] CR2: 00007f4b875fca50 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 246.620088] PKRU: 55555554 [ 246.620477] Call Trace: [ 246.620820] [ 246.621126] iommufd_ioas_destroy+0x53/0x70 [ 246.621708] iommufd_fops_release+0x1f7/0x370 [ 246.622313] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.623033] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.623723] ? write_comp_data+0x2f/0x90 [ 246.624283] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.624955] __fput+0x26d/0xa40 [ 246.625423] ____fput+0x1e/0x30 [ 246.625882] task_work_run+0x1a4/0x2d0 [ 246.626415] ? __pfx_task_work_run+0x10/0x10 [ 246.627082] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.627780] ? switch_task_namespaces+0xa9/0xe0 [ 246.628436] do_exit+0xb17/0x2ef0 [ 246.628904] ? lock_acquire+0x427/0x4c0 [ 246.629445] ? __pfx_lock_release+0x10/0x10 [ 246.630028] ? __kasan_check_write+0x18/0x20 [ 246.630666] ? do_raw_spin_lock+0x132/0x2a0 [ 246.631270] ? __pfx_do_exit+0x10/0x10 [ 246.631810] ? debug_smp_processor_id+0x20/0x30 [ 246.632438] ? rcu_is_watching+0x19/0xb0 [ 246.632980] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.633592] ? trace_hardirqs_on+0x26/0x120 [ 246.634175] do_group_exit+0xe0/0x2b0 [ 246.634734] __x64_sys_exit_group+0x47/0x50 [ 246.635322] do_syscall_64+0x3b/0x90 [ 246.635839] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.636541] RIP: 0033:0x7f4b87518a4d [ 246.637054] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.637891] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.638958] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.639932] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.640890] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.641857] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.642878] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.643847] [ 246.644168] irq event stamp: 0 [ 246.644594] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.645425] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.646563] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.647684] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.648517] ---[ end trace 0000000000000000 ]--- [ 246.656109] ------------[ cut here ]------------ [ 246.656807] WARNING: CPU: 1 PID: 2330 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.658144] Modules linked in: [ 246.658993] CPU: 1 PID: 2330 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.660200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.661711] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.662384] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.664910] RSP: 0018:ffff888015c67bb8 EFLAGS: 00010246 [ 246.665664] RAX: 0000000000000000 RBX: ffff8880180c80a8 RCX: 0000000000000000 [ 246.666694] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 246.667698] RBP: ffff888015c67bd0 R08: ffffed1003019033 R09: ffffed1003019033 [ 246.668671] R10: ffff8880180c8193 R11: ffffed1003019032 R12: ffff88800f135800 [ 246.669645] R13: ffff8880180c81e8 R14: ffffffff8352e670 R15: ffff888015c67e68 [ 246.670698] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.671829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.672625] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 246.673600] PKRU: 55555554 [ 246.674003] Call Trace: [ 246.674358] [ 246.674756] __iommufd_access_detach+0x1c2/0x2b0 [ 246.675473] iommufd_access_change_pt+0x149/0x270 [ 246.676171] iommufd_access_replace+0xb4/0x120 [ 246.676822] iommufd_test+0x3e5/0x37e0 [ 246.677367] ? lock_release+0x532/0x770 [ 246.677963] ? __might_fault+0x102/0x1b0 [ 246.678653] ? lock_acquire+0x427/0x4c0 [ 246.679264] ? __pfx_iommufd_test+0x10/0x10 [ 246.679801] ? __pfx_lock_release+0x10/0x10 [ 246.680399] ? __pfx_lock_acquire+0x10/0x10 [ 246.680996] ? write_comp_data+0x2f/0x90 [ 246.681576] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.682242] ? write_comp_data+0x2f/0x90 [ 246.682871] iommufd_fops_ioctl+0x37d/0x510 [ 246.683512] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.684196] ? write_comp_data+0x2f/0x90 [ 246.684770] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.685431] __x64_sys_ioctl+0x1a3/0x230 [ 246.686016] do_syscall_64+0x3b/0x90 [ 246.686602] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.687349] RIP: 0033:0x7f4b8743ee5d [ 246.687855] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 246.690221] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 246.691353] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 246.692309] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 246.693267] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 246.694203] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 246.695233] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 246.696198] [ 246.696534] irq event stamp: 0 [ 246.696962] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.697797] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.698965] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.700101] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.700943] ---[ end trace 0000000000000000 ]--- [ 246.706611] ------------[ cut here ]------------ [ 246.707320] WARNING: CPU: 1 PID: 2330 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.708662] Modules linked in: [ 246.709105] CPU: 1 PID: 2330 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.710734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.712271] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.712961] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.715659] RSP: 0018:ffff888015c67bd0 EFLAGS: 00010246 [ 246.716389] RAX: 0000000000000000 RBX: ffff8880180c80a8 RCX: 0000000000000000 [ 246.717336] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 246.718374] RBP: ffff888015c67be8 R08: ffffed1003019033 R09: ffffed1003019033 [ 246.719542] R10: ffff8880180c8193 R11: ffffed1003019032 R12: ffff88801870b400 [ 246.720510] R13: ffff8880180c81e8 R14: ffff8880137a7b00 R15: 0000000000000000 [ 246.721461] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.722724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.723561] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.724524] PKRU: 55555554 [ 246.724919] Call Trace: [ 246.725271] [ 246.725583] iommufd_access_destroy_object+0x65/0x170 [ 246.726298] iommufd_object_destroy_user+0x18e/0x220 [ 246.727307] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 246.728093] iommufd_access_destroy+0x43/0x70 [ 246.728712] iommufd_test_staccess_release+0x8d/0xd0 [ 246.729404] __fput+0x26d/0xa40 [ 246.729880] ____fput+0x1e/0x30 [ 246.730353] task_work_run+0x1a4/0x2d0 [ 246.730967] ? __pfx_task_work_run+0x10/0x10 [ 246.731775] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.732448] ? switch_task_namespaces+0xa9/0xe0 [ 246.733103] do_exit+0xb17/0x2ef0 [ 246.733593] ? lock_acquire+0x427/0x4c0 [ 246.734163] ? __pfx_lock_release+0x10/0x10 [ 246.734861] ? __kasan_check_write+0x18/0x20 [ 246.735517] ? do_raw_spin_lock+0x132/0x2a0 [ 246.736149] ? __pfx_do_exit+0x10/0x10 [ 246.736868] ? debug_smp_processor_id+0x20/0x30 [ 246.737492] ? rcu_is_watching+0x19/0xb0 [ 246.738040] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.738720] ? trace_hardirqs_on+0x26/0x120 [ 246.739351] do_group_exit+0xe0/0x2b0 [ 246.739875] __x64_sys_exit_group+0x47/0x50 [ 246.740506] do_syscall_64+0x3b/0x90 [ 246.741179] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.741906] RIP: 0033:0x7f4b87518a4d [ 246.742426] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.743339] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.744346] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.745366] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.746401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.747437] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.748390] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.749431] [ 246.749865] irq event stamp: 0 [ 246.750303] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.751240] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.752363] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.753477] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.754726] ---[ end trace 0000000000000000 ]--- [ 246.756158] ------------[ cut here ]------------ [ 246.756823] WARNING: CPU: 1 PID: 2330 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 246.758180] Modules linked in: [ 246.758997] CPU: 1 PID: 2330 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.760192] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.761676] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 246.762381] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 246.765102] RSP: 0018:ffff888015c67b78 EFLAGS: 00010246 [ 246.765840] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 246.766863] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 246.768089] RBP: ffff888015c67b98 R08: ffffed100301903e R09: ffffed100301903e [ 246.769043] R10: ffff8880180c81ef R11: ffffed100301903d R12: ffff8880180c8290 [ 246.770000] R13: ffff8880180c80a8 R14: ffffffffffffffff R15: ffff888015c67c60 [ 246.770999] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.772432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.773221] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.774178] PKRU: 55555554 [ 246.774638] Call Trace: [ 246.775081] [ 246.775529] iommufd_ioas_destroy+0x53/0x70 [ 246.776128] iommufd_fops_release+0x1f7/0x370 [ 246.776743] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.777419] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.778097] ? write_comp_data+0x2f/0x90 [ 246.778857] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.779659] __fput+0x26d/0xa40 [ 246.780133] ____fput+0x1e/0x30 [ 246.780586] task_work_run+0x1a4/0x2d0 [ 246.781114] ? __pfx_task_work_run+0x10/0x10 [ 246.781700] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.782354] ? switch_task_namespaces+0xa9/0xe0 [ 246.783262] do_exit+0xb17/0x2ef0 [ 246.783741] ? lock_acquire+0x427/0x4c0 [ 246.784295] ? __pfx_lock_release+0x10/0x10 [ 246.784880] ? __kasan_check_write+0x18/0x20 [ 246.785486] ? do_raw_spin_lock+0x132/0x2a0 [ 246.786083] ? __pfx_do_exit+0x10/0x10 [ 246.786916] ? debug_smp_processor_id+0x20/0x30 [ 246.787588] ? rcu_is_watching+0x19/0xb0 [ 246.788150] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.788766] ? trace_hardirqs_on+0x26/0x120 [ 246.789360] do_group_exit+0xe0/0x2b0 [ 246.789951] __x64_sys_exit_group+0x47/0x50 [ 246.790739] do_syscall_64+0x3b/0x90 [ 246.791318] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.792031] RIP: 0033:0x7f4b87518a4d [ 246.792552] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.793374] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.794604] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.795577] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.796523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.797541] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.798665] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.799656] [ 246.799984] irq event stamp: 0 [ 246.800410] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.801303] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.802599] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.803766] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.804621] ---[ end trace 0000000000000000 ]--- [ 246.811983] ------------[ cut here ]------------ [ 246.812672] WARNING: CPU: 1 PID: 2331 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.814026] Modules linked in: [ 246.814486] CPU: 1 PID: 2331 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.815791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.817275] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.817958] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.820436] RSP: 0018:ffff888018ae7bb8 EFLAGS: 00010246 [ 246.821175] RAX: 0000000000000000 RBX: ffff88800f3738a8 RCX: 0000000000000000 [ 246.822135] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 246.823177] RBP: ffff888018ae7bd0 R08: ffffed1001e6e733 R09: ffffed1001e6e733 [ 246.824135] R10: ffff88800f373993 R11: ffffed1001e6e732 R12: ffff88800fcb3400 [ 246.825082] R13: ffff88800f3739e8 R14: ffffffff8352e670 R15: ffff888018ae7e68 [ 246.826040] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.827202] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.827998] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 246.828947] PKRU: 55555554 [ 246.829345] Call Trace: [ 246.829697] [ 246.830005] __iommufd_access_detach+0x1c2/0x2b0 [ 246.830723] iommufd_access_change_pt+0x149/0x270 [ 246.831435] iommufd_access_replace+0xb4/0x120 [ 246.832079] iommufd_test+0x3e5/0x37e0 [ 246.832611] ? lock_release+0x532/0x770 [ 246.833165] ? __might_fault+0x102/0x1b0 [ 246.833718] ? lock_acquire+0x427/0x4c0 [ 246.834265] ? __pfx_iommufd_test+0x10/0x10 [ 246.834889] ? __pfx_lock_release+0x10/0x10 [ 246.835511] ? __pfx_lock_acquire+0x10/0x10 [ 246.836109] ? write_comp_data+0x2f/0x90 [ 246.836675] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.837351] ? write_comp_data+0x2f/0x90 [ 246.837931] iommufd_fops_ioctl+0x37d/0x510 [ 246.838596] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.839324] ? write_comp_data+0x2f/0x90 [ 246.839903] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.840562] __x64_sys_ioctl+0x1a3/0x230 [ 246.841140] do_syscall_64+0x3b/0x90 [ 246.841667] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.842378] RIP: 0033:0x7f4b8743ee5d [ 246.842971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 246.845400] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 246.846427] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 246.847481] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 246.848442] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 246.849399] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 246.850347] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 246.851418] [ 246.851760] irq event stamp: 0 [ 246.852190] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.853031] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.854147] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.855361] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.856223] ---[ end trace 0000000000000000 ]--- [ 246.861399] ------------[ cut here ]------------ [ 246.862087] WARNING: CPU: 1 PID: 2331 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.863545] Modules linked in: [ 246.864018] CPU: 1 PID: 2331 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.865176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.866778] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.867499] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.869886] RSP: 0018:ffff888018ae7bd0 EFLAGS: 00010246 [ 246.870671] RAX: 0000000000000000 RBX: ffff88800f3738a8 RCX: 0000000000000000 [ 246.871638] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 246.872583] RBP: ffff888018ae7be8 R08: ffffed1001e6e733 R09: ffffed1001e6e733 [ 246.873530] R10: ffff88800f373993 R11: ffffed1001e6e732 R12: ffff88800f135000 [ 246.874480] R13: ffff88800f3739e8 R14: ffff88800fd1ca00 R15: 0000000000000000 [ 246.875532] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.876592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.877389] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.878348] PKRU: 55555554 [ 246.878795] Call Trace: [ 246.879188] [ 246.879509] iommufd_access_destroy_object+0x65/0x170 [ 246.880215] iommufd_object_destroy_user+0x18e/0x220 [ 246.880914] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 246.881714] iommufd_access_destroy+0x43/0x70 [ 246.882344] iommufd_test_staccess_release+0x8d/0xd0 [ 246.883107] __fput+0x26d/0xa40 [ 246.883630] ____fput+0x1e/0x30 [ 246.884105] task_work_run+0x1a4/0x2d0 [ 246.884658] ? __pfx_task_work_run+0x10/0x10 [ 246.885268] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.885946] ? switch_task_namespaces+0xa9/0xe0 [ 246.886666] do_exit+0xb17/0x2ef0 [ 246.887187] ? lock_acquire+0x427/0x4c0 [ 246.887739] ? __pfx_lock_release+0x10/0x10 [ 246.888331] ? __kasan_check_write+0x18/0x20 [ 246.888940] ? do_raw_spin_lock+0x132/0x2a0 [ 246.889528] ? __pfx_do_exit+0x10/0x10 [ 246.890074] ? debug_smp_processor_id+0x20/0x30 [ 246.890776] ? rcu_is_watching+0x19/0xb0 [ 246.891369] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.892002] ? trace_hardirqs_on+0x26/0x120 [ 246.892604] do_group_exit+0xe0/0x2b0 [ 246.893131] __x64_sys_exit_group+0x47/0x50 [ 246.893714] do_syscall_64+0x3b/0x90 [ 246.894236] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.895004] RIP: 0033:0x7f4b87518a4d [ 246.895552] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.896366] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.897375] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.898321] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.899348] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.900290] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.901235] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.902195] [ 246.902578] irq event stamp: 0 [ 246.903003] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.903856] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.904973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.906084] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.906979] ---[ end trace 0000000000000000 ]--- [ 246.908379] ------------[ cut here ]------------ [ 246.909029] WARNING: CPU: 1 PID: 2331 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 246.910377] Modules linked in: [ 246.910882] CPU: 1 PID: 2331 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.912070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.913552] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 246.914262] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 246.916723] RSP: 0018:ffff888018ae7b78 EFLAGS: 00010246 [ 246.917454] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 246.918395] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 246.919422] RBP: ffff888018ae7b98 R08: ffffed1001e6e73e R09: ffffed1001e6e73e [ 246.920381] R10: ffff88800f3739ef R11: ffffed1001e6e73d R12: ffff88800f373a90 [ 246.921336] R13: ffff88800f3738a8 R14: ffffffffffffffff R15: ffff888018ae7c60 [ 246.922277] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 246.923429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.924211] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 246.925163] PKRU: 55555554 [ 246.925557] Call Trace: [ 246.925906] [ 246.926221] iommufd_ioas_destroy+0x53/0x70 [ 246.926909] iommufd_fops_release+0x1f7/0x370 [ 246.927580] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.928281] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.928978] ? write_comp_data+0x2f/0x90 [ 246.929557] ? __pfx_iommufd_fops_release+0x10/0x10 [ 246.930244] __fput+0x26d/0xa40 [ 246.930798] ____fput+0x1e/0x30 [ 246.931306] task_work_run+0x1a4/0x2d0 [ 246.931845] ? __pfx_task_work_run+0x10/0x10 [ 246.932455] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.933130] ? switch_task_namespaces+0xa9/0xe0 [ 246.933788] do_exit+0xb17/0x2ef0 [ 246.934268] ? lock_acquire+0x427/0x4c0 [ 246.934883] ? __pfx_lock_release+0x10/0x10 [ 246.935480] ? __kasan_check_write+0x18/0x20 [ 246.936077] ? do_raw_spin_lock+0x132/0x2a0 [ 246.936653] ? __pfx_do_exit+0x10/0x10 [ 246.937189] ? debug_smp_processor_id+0x20/0x30 [ 246.937816] ? rcu_is_watching+0x19/0xb0 [ 246.938368] ? _raw_spin_unlock_irq+0x2b/0x60 [ 246.939048] ? trace_hardirqs_on+0x26/0x120 [ 246.939666] do_group_exit+0xe0/0x2b0 [ 246.940181] __x64_sys_exit_group+0x47/0x50 [ 246.940756] do_syscall_64+0x3b/0x90 [ 246.941273] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.941971] RIP: 0033:0x7f4b87518a4d [ 246.942472] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 246.943363] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 246.944373] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 246.945322] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 246.946266] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 246.947276] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 246.948228] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 246.949195] [ 246.949516] irq event stamp: 0 [ 246.949939] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 246.950822] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 246.951946] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 246.953047] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 246.953865] ---[ end trace 0000000000000000 ]--- [ 246.960876] ------------[ cut here ]------------ [ 246.961573] WARNING: CPU: 0 PID: 2332 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 246.963431] Modules linked in: [ 246.963906] CPU: 0 PID: 2332 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 246.965085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 246.967185] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 246.967871] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 246.970630] RSP: 0018:ffff888023cdfbb8 EFLAGS: 00010246 [ 246.971362] RAX: 0000000000000000 RBX: ffff88800cb918a8 RCX: 0000000000000000 [ 246.972298] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 246.973231] RBP: ffff888023cdfbd0 R08: ffffed1001972333 R09: ffffed1001972333 [ 246.974237] R10: ffff88800cb91993 R11: ffffed1001972332 R12: ffff888014610000 [ 246.975508] R13: ffff88800cb919e8 R14: ffffffff8352e670 R15: ffff888023cdfe68 [ 246.976465] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 246.977527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.978421] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 246.979599] PKRU: 55555554 [ 246.979986] Call Trace: [ 246.980333] [ 246.980641] __iommufd_access_detach+0x1c2/0x2b0 [ 246.981301] iommufd_access_change_pt+0x149/0x270 [ 246.981960] iommufd_access_replace+0xb4/0x120 [ 246.982656] iommufd_test+0x3e5/0x37e0 [ 246.983207] ? lock_release+0x532/0x770 [ 246.983763] ? __might_fault+0x102/0x1b0 [ 246.984322] ? lock_acquire+0x427/0x4c0 [ 246.984873] ? __pfx_iommufd_test+0x10/0x10 [ 246.985446] ? __pfx_lock_release+0x10/0x10 [ 246.986033] ? __pfx_lock_acquire+0x10/0x10 [ 246.986695] ? write_comp_data+0x2f/0x90 [ 246.987276] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 246.987939] ? write_comp_data+0x2f/0x90 [ 246.988500] iommufd_fops_ioctl+0x37d/0x510 [ 246.989080] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.989737] ? write_comp_data+0x2f/0x90 [ 246.990295] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 246.991002] __x64_sys_ioctl+0x1a3/0x230 [ 246.991588] do_syscall_64+0x3b/0x90 [ 246.992108] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 246.992812] RIP: 0033:0x7f4b8743ee5d [ 246.993315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 246.995781] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 246.996794] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 246.997740] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 246.998725] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 246.999681] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 247.000625] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 247.001582] [ 247.001897] irq event stamp: 0 [ 247.002321] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.003219] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.004318] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.005444] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.006297] ---[ end trace 0000000000000000 ]--- [ 247.011835] ------------[ cut here ]------------ [ 247.012588] WARNING: CPU: 0 PID: 2332 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.014186] Modules linked in: [ 247.014732] CPU: 0 PID: 2332 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.015911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.017725] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.018421] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.021054] RSP: 0018:ffff888023cdfbd0 EFLAGS: 00010246 [ 247.021967] RAX: 0000000000000000 RBX: ffff88800cb918a8 RCX: 0000000000000000 [ 247.022988] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 247.023973] RBP: ffff888023cdfbe8 R08: ffffed1001972333 R09: ffffed1001972333 [ 247.024916] R10: ffff88800cb91993 R11: ffffed1001972332 R12: ffff88800f797000 [ 247.026162] R13: ffff88800cb919e8 R14: ffff88800fdf4d00 R15: 0000000000000000 [ 247.027171] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.028243] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.029036] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.030342] PKRU: 55555554 [ 247.030811] Call Trace: [ 247.031201] [ 247.031520] iommufd_access_destroy_object+0x65/0x170 [ 247.032238] iommufd_object_destroy_user+0x18e/0x220 [ 247.032940] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 247.034064] iommufd_access_destroy+0x43/0x70 [ 247.034767] iommufd_test_staccess_release+0x8d/0xd0 [ 247.035483] __fput+0x26d/0xa40 [ 247.035953] ____fput+0x1e/0x30 [ 247.036407] task_work_run+0x1a4/0x2d0 [ 247.036942] ? __pfx_task_work_run+0x10/0x10 [ 247.037560] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.038630] ? switch_task_namespaces+0xa9/0xe0 [ 247.039329] do_exit+0xb17/0x2ef0 [ 247.039819] ? lock_acquire+0x427/0x4c0 [ 247.040382] ? __pfx_lock_release+0x10/0x10 [ 247.040987] ? __kasan_check_write+0x18/0x20 [ 247.041593] ? do_raw_spin_lock+0x132/0x2a0 [ 247.042203] ? __pfx_do_exit+0x10/0x10 [ 247.043045] ? debug_smp_processor_id+0x20/0x30 [ 247.043703] ? rcu_is_watching+0x19/0xb0 [ 247.044250] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.044868] ? trace_hardirqs_on+0x26/0x120 [ 247.045471] do_group_exit+0xe0/0x2b0 [ 247.045997] __x64_sys_exit_group+0x47/0x50 [ 247.046745] do_syscall_64+0x3b/0x90 [ 247.047447] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.048151] RIP: 0033:0x7f4b87518a4d [ 247.048646] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.049456] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.050460] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.051840] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.052799] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.053734] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.054740] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.056009] [ 247.056333] irq event stamp: 0 [ 247.056751] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.057576] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.058709] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.060140] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.060972] ---[ end trace 0000000000000000 ]--- [ 247.063278] ------------[ cut here ]------------ [ 247.064157] WARNING: CPU: 0 PID: 2332 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 247.065506] Modules linked in: [ 247.065932] CPU: 0 PID: 2332 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.067200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.069116] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 247.069803] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 247.072268] RSP: 0018:ffff888023cdfb78 EFLAGS: 00010246 [ 247.072979] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 247.073912] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 247.074881] RBP: ffff888023cdfb98 R08: ffffed100197233e R09: ffffed100197233e [ 247.075835] R10: ffff88800cb919ef R11: ffffed100197233d R12: ffff88800cb91a90 [ 247.076766] R13: ffff88800cb918a8 R14: ffffffffffffffff R15: ffff888023cdfc60 [ 247.077700] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.078807] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.079596] CR2: 00007f82e2adf010 CR3: 000000001435a000 CR4: 0000000000750ef0 [ 247.080537] PKRU: 55555554 [ 247.080916] Call Trace: [ 247.081265] [ 247.081576] iommufd_ioas_destroy+0x53/0x70 [ 247.082168] iommufd_fops_release+0x1f7/0x370 [ 247.082839] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.083543] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.084207] ? write_comp_data+0x2f/0x90 [ 247.084767] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.085430] __fput+0x26d/0xa40 [ 247.085894] ____fput+0x1e/0x30 [ 247.086351] task_work_run+0x1a4/0x2d0 [ 247.086950] ? __pfx_task_work_run+0x10/0x10 [ 247.087587] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.088248] ? switch_task_namespaces+0xa9/0xe0 [ 247.088889] do_exit+0xb17/0x2ef0 [ 247.089359] ? lock_acquire+0x427/0x4c0 [ 247.089900] ? __pfx_lock_release+0x10/0x10 [ 247.090485] ? __kasan_check_write+0x18/0x20 [ 247.091155] ? do_raw_spin_lock+0x132/0x2a0 [ 247.091747] ? __pfx_do_exit+0x10/0x10 [ 247.092284] ? debug_smp_processor_id+0x20/0x30 [ 247.092929] ? rcu_is_watching+0x19/0xb0 [ 247.093489] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.094115] ? trace_hardirqs_on+0x26/0x120 [ 247.094753] do_group_exit+0xe0/0x2b0 [ 247.095285] __x64_sys_exit_group+0x47/0x50 [ 247.095861] do_syscall_64+0x3b/0x90 [ 247.096387] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.097105] RIP: 0033:0x7f4b87518a4d [ 247.097616] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.098447] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.099545] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.100498] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.101438] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.102368] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.103369] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.104328] [ 247.104658] irq event stamp: 0 [ 247.105093] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.105950] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.107136] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.108269] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.109131] ---[ end trace 0000000000000000 ]--- [ 247.117871] ------------[ cut here ]------------ [ 247.118827] WARNING: CPU: 1 PID: 2333 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.120209] Modules linked in: [ 247.120643] CPU: 1 PID: 2333 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.121794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.123602] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.124299] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.126944] RSP: 0018:ffff8880180f7bb8 EFLAGS: 00010246 [ 247.127696] RAX: 0000000000000000 RBX: ffff888011f670a8 RCX: 0000000000000000 [ 247.128653] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 247.129610] RBP: ffff8880180f7bd0 R08: ffffed10023ece33 R09: ffffed10023ece33 [ 247.130837] R10: ffff888011f67193 R11: ffffed10023ece32 R12: ffff88801226d000 [ 247.131830] R13: ffff888011f671e8 R14: ffffffff8352e670 R15: ffff8880180f7e68 [ 247.132783] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 247.134075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.134915] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 247.135943] PKRU: 55555554 [ 247.136355] Call Trace: [ 247.136719] [ 247.137042] __iommufd_access_detach+0x1c2/0x2b0 [ 247.137952] iommufd_access_change_pt+0x149/0x270 [ 247.138696] iommufd_access_replace+0xb4/0x120 [ 247.139388] iommufd_test+0x3e5/0x37e0 [ 247.139951] ? lock_release+0x532/0x770 [ 247.140535] ? __might_fault+0x102/0x1b0 [ 247.141147] ? lock_acquire+0x427/0x4c0 [ 247.141852] ? __pfx_iommufd_test+0x10/0x10 [ 247.142453] ? __pfx_lock_release+0x10/0x10 [ 247.143140] ? __pfx_lock_acquire+0x10/0x10 [ 247.143751] ? write_comp_data+0x2f/0x90 [ 247.144309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.145002] ? write_comp_data+0x2f/0x90 [ 247.145718] iommufd_fops_ioctl+0x37d/0x510 [ 247.146308] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.147023] ? write_comp_data+0x2f/0x90 [ 247.147613] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.148267] __x64_sys_ioctl+0x1a3/0x230 [ 247.148840] do_syscall_64+0x3b/0x90 [ 247.149575] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.150279] RIP: 0033:0x7f4b8743ee5d [ 247.150835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 247.153419] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 247.154414] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 247.155390] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 247.156320] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 247.157434] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 247.158363] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 247.159355] [ 247.159674] irq event stamp: 0 [ 247.160094] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.161084] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.162207] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.163387] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.164223] ---[ end trace 0000000000000000 ]--- [ 247.173139] ------------[ cut here ]------------ [ 247.173831] WARNING: CPU: 1 PID: 2333 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.175315] Modules linked in: [ 247.175753] CPU: 1 PID: 2333 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.177129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.178683] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.179389] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.181958] RSP: 0018:ffff8880180f7bd0 EFLAGS: 00010246 [ 247.182713] RAX: 0000000000000000 RBX: ffff888011f670a8 RCX: 0000000000000000 [ 247.183694] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 247.184839] RBP: ffff8880180f7be8 R08: ffffed10023ece33 R09: ffffed10023ece33 [ 247.185786] R10: ffff888011f67193 R11: ffffed10023ece32 R12: ffff88800fcb1800 [ 247.186774] R13: ffff888011f671e8 R14: ffff88800fa45900 R15: 0000000000000000 [ 247.187742] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 247.188991] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.189753] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 247.190767] PKRU: 55555554 [ 247.191162] Call Trace: [ 247.191523] [ 247.191928] iommufd_access_destroy_object+0x65/0x170 [ 247.192735] iommufd_object_destroy_user+0x18e/0x220 [ 247.193437] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 247.194239] iommufd_access_destroy+0x43/0x70 [ 247.194914] iommufd_test_staccess_release+0x8d/0xd0 [ 247.195723] __fput+0x26d/0xa40 [ 247.196323] ____fput+0x1e/0x30 [ 247.196797] task_work_run+0x1a4/0x2d0 [ 247.197356] ? __pfx_task_work_run+0x10/0x10 [ 247.197979] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.198714] ? switch_task_namespaces+0xa9/0xe0 [ 247.199419] do_exit+0xb17/0x2ef0 [ 247.200052] ? lock_acquire+0x427/0x4c0 [ 247.200617] ? __pfx_lock_release+0x10/0x10 [ 247.201225] ? __kasan_check_write+0x18/0x20 [ 247.201852] ? do_raw_spin_lock+0x132/0x2a0 [ 247.202453] ? __pfx_do_exit+0x10/0x10 [ 247.203064] ? debug_smp_processor_id+0x20/0x30 [ 247.203947] ? rcu_is_watching+0x19/0xb0 [ 247.204513] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.205144] ? trace_hardirqs_on+0x26/0x120 [ 247.205755] do_group_exit+0xe0/0x2b0 [ 247.206290] __x64_sys_exit_group+0x47/0x50 [ 247.206933] do_syscall_64+0x3b/0x90 [ 247.207525] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.208427] RIP: 0033:0x7f4b87518a4d [ 247.208946] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.209784] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.210851] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.212046] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.213001] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.213975] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.214988] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.216009] [ 247.216343] irq event stamp: 0 [ 247.216780] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.217647] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.218852] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.220010] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.220869] ---[ end trace 0000000000000000 ]--- [ 247.222251] ------------[ cut here ]------------ [ 247.223016] WARNING: CPU: 1 PID: 2333 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 247.224460] Modules linked in: [ 247.224913] CPU: 1 PID: 2333 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.226098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.227935] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 247.228650] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 247.231369] RSP: 0018:ffff8880180f7b78 EFLAGS: 00010246 [ 247.232103] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 247.233092] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 247.234055] RBP: ffff8880180f7b98 R08: ffffed10023ece3e R09: ffffed10023ece3e [ 247.235097] R10: ffff888011f671ef R11: ffffed10023ece3d R12: ffff888011f67290 [ 247.236209] R13: ffff888011f670a8 R14: ffffffffffffffff R15: ffff8880180f7c60 [ 247.237245] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 247.238337] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.239203] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 247.240293] PKRU: 55555554 [ 247.240760] Call Trace: [ 247.241115] [ 247.241439] iommufd_ioas_destroy+0x53/0x70 [ 247.242041] iommufd_fops_release+0x1f7/0x370 [ 247.242728] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.243450] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.244135] ? write_comp_data+0x2f/0x90 [ 247.244813] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.245575] __fput+0x26d/0xa40 [ 247.246057] ____fput+0x1e/0x30 [ 247.246591] task_work_run+0x1a4/0x2d0 [ 247.247169] ? __pfx_task_work_run+0x10/0x10 [ 247.247794] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.248494] ? switch_task_namespaces+0xa9/0xe0 [ 247.249294] do_exit+0xb17/0x2ef0 [ 247.249989] ? lock_acquire+0x427/0x4c0 [ 247.250668] ? __pfx_lock_release+0x10/0x10 [ 247.251288] ? __kasan_check_write+0x18/0x20 [ 247.251767] ? do_raw_spin_lock+0x132/0x2a0 [ 247.252222] ? __pfx_do_exit+0x10/0x10 [ 247.252645] ? debug_smp_processor_id+0x20/0x30 [ 247.253147] ? rcu_is_watching+0x19/0xb0 [ 247.253580] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.254295] ? trace_hardirqs_on+0x26/0x120 [ 247.254993] do_group_exit+0xe0/0x2b0 [ 247.255422] __x64_sys_exit_group+0x47/0x50 [ 247.255875] do_syscall_64+0x3b/0x90 [ 247.256277] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.256834] RIP: 0033:0x7f4b87518a4d [ 247.257228] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.257882] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.258718] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.259513] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.260297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.261447] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.262215] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.263038] [ 247.263313] irq event stamp: 0 [ 247.263648] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.264311] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.265198] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.266080] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.266850] ---[ end trace 0000000000000000 ]--- [ 247.275821] ------------[ cut here ]------------ [ 247.276548] WARNING: CPU: 0 PID: 2334 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.277998] Modules linked in: [ 247.278471] CPU: 0 PID: 2334 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.279908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.281477] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.282189] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.284768] RSP: 0018:ffff8880182efbb8 EFLAGS: 00010246 [ 247.285542] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 247.286598] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 247.287610] RBP: ffff8880182efbd0 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 247.288602] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff88800f794400 [ 247.289597] R13: ffff888017a471e8 R14: ffffffff8352e670 R15: ffff8880182efe68 [ 247.290663] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.291816] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.292629] CR2: 00007f4b877410e8 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 247.293625] PKRU: 55555554 [ 247.294030] Call Trace: [ 247.294393] [ 247.294785] __iommufd_access_detach+0x1c2/0x2b0 [ 247.295518] iommufd_access_change_pt+0x149/0x270 [ 247.296233] iommufd_access_replace+0xb4/0x120 [ 247.296912] iommufd_test+0x3e5/0x37e0 [ 247.297468] ? lock_release+0x532/0x770 [ 247.298041] ? __might_fault+0x102/0x1b0 [ 247.298692] ? lock_acquire+0x427/0x4c0 [ 247.299314] ? __pfx_iommufd_test+0x10/0x10 [ 247.299924] ? __pfx_lock_release+0x10/0x10 [ 247.300557] ? __pfx_lock_acquire+0x10/0x10 [ 247.301191] ? write_comp_data+0x2f/0x90 [ 247.301793] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.302499] ? write_comp_data+0x2f/0x90 [ 247.303293] iommufd_fops_ioctl+0x37d/0x510 [ 247.303758] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.304273] ? write_comp_data+0x2f/0x90 [ 247.304696] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.305200] __x64_sys_ioctl+0x1a3/0x230 [ 247.305631] do_syscall_64+0x3b/0x90 [ 247.306022] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.306625] RIP: 0033:0x7f4b8743ee5d [ 247.307100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 247.309011] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 247.309808] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 247.310576] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 247.311382] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 247.312123] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 247.312878] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 247.313629] [ 247.313889] irq event stamp: 0 [ 247.314222] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.314922] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.315924] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.316805] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.317457] ---[ end trace 0000000000000000 ]--- [ 247.321220] ------------[ cut here ]------------ [ 247.321761] WARNING: CPU: 0 PID: 2334 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.322879] Modules linked in: [ 247.323509] CPU: 0 PID: 2334 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.324453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.325635] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.326155] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.328149] RSP: 0018:ffff8880182efbd0 EFLAGS: 00010246 [ 247.328720] RAX: 0000000000000000 RBX: ffff888017a470a8 RCX: 0000000000000000 [ 247.329453] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 247.330193] RBP: ffff8880182efbe8 R08: ffffed1002f48e33 R09: ffffed1002f48e33 [ 247.330953] R10: ffff888017a47193 R11: ffffed1002f48e32 R12: ffff888014613000 [ 247.331709] R13: ffff888017a471e8 R14: ffff888012b9b500 R15: 0000000000000000 [ 247.332446] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.333297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.333913] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.334709] PKRU: 55555554 [ 247.334999] Call Trace: [ 247.335276] [ 247.335514] iommufd_access_destroy_object+0x65/0x170 [ 247.336054] iommufd_object_destroy_user+0x18e/0x220 [ 247.336587] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 247.337221] iommufd_access_destroy+0x43/0x70 [ 247.337711] iommufd_test_staccess_release+0x8d/0xd0 [ 247.338258] __fput+0x26d/0xa40 [ 247.338666] ____fput+0x1e/0x30 [ 247.339030] task_work_run+0x1a4/0x2d0 [ 247.339460] ? __pfx_task_work_run+0x10/0x10 [ 247.339930] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.340438] ? switch_task_namespaces+0xa9/0xe0 [ 247.340933] do_exit+0xb17/0x2ef0 [ 247.341296] ? lock_acquire+0x427/0x4c0 [ 247.341716] ? __pfx_lock_release+0x10/0x10 [ 247.342169] ? __kasan_check_write+0x18/0x20 [ 247.342663] ? do_raw_spin_lock+0x132/0x2a0 [ 247.343117] ? __pfx_do_exit+0x10/0x10 [ 247.343550] ? debug_smp_processor_id+0x20/0x30 [ 247.344037] ? rcu_is_watching+0x19/0xb0 [ 247.344467] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.344945] ? trace_hardirqs_on+0x26/0x120 [ 247.345410] do_group_exit+0xe0/0x2b0 [ 247.345827] __x64_sys_exit_group+0x47/0x50 [ 247.346281] do_syscall_64+0x3b/0x90 [ 247.346724] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.347289] RIP: 0033:0x7f4b87518a4d [ 247.347679] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.348321] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.349105] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.349846] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.350620] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.351380] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.352115] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.352860] [ 247.353108] irq event stamp: 0 [ 247.353438] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.354084] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.354973] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.355851] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.356501] ---[ end trace 0000000000000000 ]--- [ 247.357382] ------------[ cut here ]------------ [ 247.357873] WARNING: CPU: 0 PID: 2334 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 247.358965] Modules linked in: [ 247.359516] CPU: 0 PID: 2334 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.360671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.362129] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 247.362899] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 247.365311] RSP: 0018:ffff8880182efb78 EFLAGS: 00010246 [ 247.366019] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 247.366998] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 247.367949] RBP: ffff8880182efb98 R08: ffffed1002f48e3e R09: ffffed1002f48e3e [ 247.368892] R10: ffff888017a471ef R11: ffffed1002f48e3d R12: ffff888017a47290 [ 247.369830] R13: ffff888017a470a8 R14: ffffffffffffffff R15: ffff8880182efc60 [ 247.370808] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.371895] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.372664] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.373604] PKRU: 55555554 [ 247.373985] Call Trace: [ 247.374330] [ 247.374692] iommufd_ioas_destroy+0x53/0x70 [ 247.375300] iommufd_fops_release+0x1f7/0x370 [ 247.375910] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.376575] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.377236] ? write_comp_data+0x2f/0x90 [ 247.377793] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.378462] __fput+0x26d/0xa40 [ 247.379019] ____fput+0x1e/0x30 [ 247.379490] task_work_run+0x1a4/0x2d0 [ 247.380025] ? __pfx_task_work_run+0x10/0x10 [ 247.380618] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.381274] ? switch_task_namespaces+0xa9/0xe0 [ 247.381915] do_exit+0xb17/0x2ef0 [ 247.382385] ? lock_acquire+0x427/0x4c0 [ 247.382975] ? __pfx_lock_release+0x10/0x10 [ 247.383579] ? __kasan_check_write+0x18/0x20 [ 247.384171] ? do_raw_spin_lock+0x132/0x2a0 [ 247.384747] ? __pfx_do_exit+0x10/0x10 [ 247.385280] ? debug_smp_processor_id+0x20/0x30 [ 247.385907] ? rcu_is_watching+0x19/0xb0 [ 247.386451] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.387099] ? trace_hardirqs_on+0x26/0x120 [ 247.387716] do_group_exit+0xe0/0x2b0 [ 247.388230] __x64_sys_exit_group+0x47/0x50 [ 247.388804] do_syscall_64+0x3b/0x90 [ 247.389319] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.390016] RIP: 0033:0x7f4b87518a4d [ 247.390552] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.391372] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.392366] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.393304] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.394241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.395231] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.396177] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.397127] [ 247.397441] irq event stamp: 0 [ 247.397861] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.398732] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.399841] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.400930] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.401756] ---[ end trace 0000000000000000 ]--- [ 247.406873] ------------[ cut here ]------------ [ 247.407465] WARNING: CPU: 1 PID: 2335 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.408530] Modules linked in: [ 247.408866] CPU: 1 PID: 2335 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.409769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.411273] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.411823] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.413752] RSP: 0018:ffff888015c67bb8 EFLAGS: 00010246 [ 247.414322] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 247.415107] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 247.415895] RBP: ffff888015c67bd0 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 247.416660] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff8880129c5000 [ 247.417416] R13: ffff88801587a9e8 R14: ffffffff8352e670 R15: ffff888015c67e68 [ 247.418164] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 247.419055] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.419695] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 247.420453] PKRU: 55555554 [ 247.420754] Call Trace: [ 247.421027] [ 247.421264] __iommufd_access_detach+0x1c2/0x2b0 [ 247.421798] iommufd_access_change_pt+0x149/0x270 [ 247.422327] iommufd_access_replace+0xb4/0x120 [ 247.422883] iommufd_test+0x3e5/0x37e0 [ 247.423316] ? lock_release+0x532/0x770 [ 247.423756] ? __might_fault+0x102/0x1b0 [ 247.424219] ? lock_acquire+0x427/0x4c0 [ 247.424676] ? __pfx_iommufd_test+0x10/0x10 [ 247.425149] ? __pfx_lock_release+0x10/0x10 [ 247.425620] ? __pfx_lock_acquire+0x10/0x10 [ 247.426090] ? write_comp_data+0x2f/0x90 [ 247.426595] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.427135] ? write_comp_data+0x2f/0x90 [ 247.427581] iommufd_fops_ioctl+0x37d/0x510 [ 247.428042] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.428560] ? write_comp_data+0x2f/0x90 [ 247.429000] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.429527] __x64_sys_ioctl+0x1a3/0x230 [ 247.429966] do_syscall_64+0x3b/0x90 [ 247.430366] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.430959] RIP: 0033:0x7f4b8743ee5d [ 247.431381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 247.433300] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 247.434101] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 247.434879] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 247.435650] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 247.436401] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 247.437169] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 247.437936] [ 247.438182] irq event stamp: 0 [ 247.438565] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.439251] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.440123] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.441012] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.441683] ---[ end trace 0000000000000000 ]--- [ 247.445098] ------------[ cut here ]------------ [ 247.445653] WARNING: CPU: 1 PID: 2335 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.446772] Modules linked in: [ 247.447109] CPU: 1 PID: 2335 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.448041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.449212] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.449735] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.451691] RSP: 0018:ffff888015c67bd0 EFLAGS: 00010246 [ 247.452251] RAX: 0000000000000000 RBX: ffff88801587a8a8 RCX: 0000000000000000 [ 247.453009] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 247.453755] RBP: ffff888015c67be8 R08: ffffed1002b0f533 R09: ffffed1002b0f533 [ 247.454548] R10: ffff88801587a993 R11: ffffed1002b0f532 R12: ffff88801226d400 [ 247.455320] R13: ffff88801587a9e8 R14: ffff8880137a7000 R15: 0000000000000000 [ 247.456070] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 247.456928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.457569] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 247.458324] PKRU: 55555554 [ 247.458699] Call Trace: [ 247.458973] [ 247.459230] iommufd_access_destroy_object+0x65/0x170 [ 247.459790] iommufd_object_destroy_user+0x18e/0x220 [ 247.460339] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 247.460968] iommufd_access_destroy+0x43/0x70 [ 247.461447] iommufd_test_staccess_release+0x8d/0xd0 [ 247.461989] __fput+0x26d/0xa40 [ 247.462363] ____fput+0x1e/0x30 [ 247.462754] task_work_run+0x1a4/0x2d0 [ 247.463181] ? __pfx_task_work_run+0x10/0x10 [ 247.463666] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.464188] ? switch_task_namespaces+0xa9/0xe0 [ 247.464708] do_exit+0xb17/0x2ef0 [ 247.465078] ? lock_acquire+0x427/0x4c0 [ 247.465511] ? __pfx_lock_release+0x10/0x10 [ 247.465984] ? __kasan_check_write+0x18/0x20 [ 247.466486] ? do_raw_spin_lock+0x132/0x2a0 [ 247.466995] ? __pfx_do_exit+0x10/0x10 [ 247.467429] ? debug_smp_processor_id+0x20/0x30 [ 247.467918] ? rcu_is_watching+0x19/0xb0 [ 247.468359] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.468845] ? trace_hardirqs_on+0x26/0x120 [ 247.469306] do_group_exit+0xe0/0x2b0 [ 247.469714] __x64_sys_exit_group+0x47/0x50 [ 247.470177] do_syscall_64+0x3b/0x90 [ 247.470619] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.471177] RIP: 0033:0x7f4b87518a4d [ 247.471587] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.472234] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.473045] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.473798] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.474602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.475357] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.476107] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.476859] [ 247.477119] irq event stamp: 0 [ 247.477450] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.478127] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.479100] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.480021] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.480689] ---[ end trace 0000000000000000 ]--- [ 247.481607] ------------[ cut here ]------------ [ 247.482114] WARNING: CPU: 1 PID: 2335 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 247.483258] Modules linked in: [ 247.483605] CPU: 1 PID: 2335 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.484551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.486415] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 247.487036] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 247.488954] RSP: 0018:ffff888015c67b78 EFLAGS: 00010246 [ 247.489506] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 247.490560] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 247.491506] RBP: ffff888015c67b98 R08: ffffed1002b0f53e R09: ffffed1002b0f53e [ 247.492240] R10: ffff88801587a9ef R11: ffffed1002b0f53d R12: ffff88801587aa90 [ 247.492965] R13: ffff88801587a8a8 R14: ffffffffffffffff R15: ffff888015c67c60 [ 247.493698] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 247.494584] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.495196] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 247.496069] PKRU: 55555554 [ 247.496446] Call Trace: [ 247.496871] [ 247.497126] iommufd_ioas_destroy+0x53/0x70 [ 247.497593] iommufd_fops_release+0x1f7/0x370 [ 247.498075] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.498643] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.499178] ? write_comp_data+0x2f/0x90 [ 247.499613] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.500136] __fput+0x26d/0xa40 [ 247.500499] ____fput+0x1e/0x30 [ 247.500933] task_work_run+0x1a4/0x2d0 [ 247.501525] ? __pfx_task_work_run+0x10/0x10 [ 247.502193] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.502778] ? switch_task_namespaces+0xa9/0xe0 [ 247.503314] do_exit+0xb17/0x2ef0 [ 247.503683] ? lock_acquire+0x427/0x4c0 [ 247.504105] ? __pfx_lock_release+0x10/0x10 [ 247.504564] ? __kasan_check_write+0x18/0x20 [ 247.505041] ? do_raw_spin_lock+0x132/0x2a0 [ 247.505494] ? __pfx_do_exit+0x10/0x10 [ 247.505909] ? debug_smp_processor_id+0x20/0x30 [ 247.506618] ? rcu_is_watching+0x19/0xb0 [ 247.507257] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.507741] ? trace_hardirqs_on+0x26/0x120 [ 247.508200] do_group_exit+0xe0/0x2b0 [ 247.508604] __x64_sys_exit_group+0x47/0x50 [ 247.509049] do_syscall_64+0x3b/0x90 [ 247.509459] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.510009] RIP: 0033:0x7f4b87518a4d [ 247.510404] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.511078] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.511891] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.512855] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.513856] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.514631] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.515385] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.516141] [ 247.516386] irq event stamp: 0 [ 247.516721] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.517386] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.518717] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.519615] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.520286] ---[ end trace 0000000000000000 ]--- [ 247.529326] ------------[ cut here ]------------ [ 247.530328] WARNING: CPU: 0 PID: 2336 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.531816] Modules linked in: [ 247.532375] CPU: 0 PID: 2336 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.533522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.535037] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.535693] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.537568] RSP: 0018:ffff888018bcfbb8 EFLAGS: 00010246 [ 247.538123] RAX: 0000000000000000 RBX: ffff8880180cf8a8 RCX: 0000000000000000 [ 247.538917] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 247.539765] RBP: ffff888018bcfbd0 R08: ffffed1003019f33 R09: ffffed1003019f33 [ 247.540516] R10: ffff8880180cf993 R11: ffffed1003019f32 R12: ffff888013a0a000 [ 247.541252] R13: ffff8880180cf9e8 R14: ffffffff8352e670 R15: ffff888018bcfe68 [ 247.541991] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.542872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.543568] CR2: 00007f4b877410e8 CR3: 000000001489c000 CR4: 0000000000750ef0 [ 247.544317] PKRU: 55555554 [ 247.544613] Call Trace: [ 247.544891] [ 247.545128] __iommufd_access_detach+0x1c2/0x2b0 [ 247.545640] iommufd_access_change_pt+0x149/0x270 [ 247.546160] iommufd_access_replace+0xb4/0x120 [ 247.546681] iommufd_test+0x3e5/0x37e0 [ 247.547338] ? lock_release+0x532/0x770 [ 247.547929] ? __might_fault+0x102/0x1b0 [ 247.548516] ? lock_acquire+0x427/0x4c0 [ 247.549105] ? __pfx_iommufd_test+0x10/0x10 [ 247.549737] ? __pfx_lock_release+0x10/0x10 [ 247.550358] ? __pfx_lock_acquire+0x10/0x10 [ 247.551088] ? write_comp_data+0x2f/0x90 [ 247.551711] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.552400] ? write_comp_data+0x2f/0x90 [ 247.552980] iommufd_fops_ioctl+0x37d/0x510 [ 247.553585] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.554263] ? write_comp_data+0x2f/0x90 [ 247.554913] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.555633] __x64_sys_ioctl+0x1a3/0x230 [ 247.556224] do_syscall_64+0x3b/0x90 [ 247.556773] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.557496] RIP: 0033:0x7f4b8743ee5d [ 247.558030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 247.560559] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 247.561600] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 247.562631] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 247.563628] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 247.564590] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 247.565552] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 247.566588] [ 247.566932] irq event stamp: 0 [ 247.567387] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.568241] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.569377] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.570586] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.571481] ---[ end trace 0000000000000000 ]--- [ 247.577352] ------------[ cut here ]------------ [ 247.578564] WARNING: CPU: 0 PID: 2336 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.579994] Modules linked in: [ 247.580774] CPU: 0 PID: 2336 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.581974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.583886] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.584586] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.587430] RSP: 0018:ffff888018bcfbd0 EFLAGS: 00010246 [ 247.588449] RAX: 0000000000000000 RBX: ffff8880180cf8a8 RCX: 0000000000000000 [ 247.589424] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 247.590744] RBP: ffff888018bcfbe8 R08: ffffed1003019f33 R09: ffffed1003019f33 [ 247.591741] R10: ffff8880180cf993 R11: ffffed1003019f32 R12: ffff88800f794000 [ 247.592988] R13: ffff8880180cf9e8 R14: ffff88801215fa00 R15: 0000000000000000 [ 247.593959] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.595429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.596234] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.597257] PKRU: 55555554 [ 247.597865] Call Trace: [ 247.598238] [ 247.598626] iommufd_access_destroy_object+0x65/0x170 [ 247.599386] iommufd_object_destroy_user+0x18e/0x220 [ 247.600387] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 247.601207] iommufd_access_destroy+0x43/0x70 [ 247.601952] iommufd_test_staccess_release+0x8d/0xd0 [ 247.602893] __fput+0x26d/0xa40 [ 247.603425] ____fput+0x1e/0x30 [ 247.603916] task_work_run+0x1a4/0x2d0 [ 247.604589] ? __pfx_task_work_run+0x10/0x10 [ 247.605386] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.606092] ? switch_task_namespaces+0xa9/0xe0 [ 247.607146] do_exit+0xb17/0x2ef0 [ 247.607663] ? lock_acquire+0x427/0x4c0 [ 247.608247] ? __pfx_lock_release+0x10/0x10 [ 247.608880] ? __kasan_check_write+0x18/0x20 [ 247.609808] ? do_raw_spin_lock+0x132/0x2a0 [ 247.610454] ? __pfx_do_exit+0x10/0x10 [ 247.611149] ? debug_smp_processor_id+0x20/0x30 [ 247.611881] ? rcu_is_watching+0x19/0xb0 [ 247.612660] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.613340] ? trace_hardirqs_on+0x26/0x120 [ 247.614015] do_group_exit+0xe0/0x2b0 [ 247.614857] __x64_sys_exit_group+0x47/0x50 [ 247.615537] do_syscall_64+0x3b/0x90 [ 247.616117] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.617167] RIP: 0033:0x7f4b87518a4d [ 247.617727] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.618673] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.620019] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.621038] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.622319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.623434] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.624727] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.625755] [ 247.626100] irq event stamp: 0 [ 247.626727] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.627778] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.629031] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.630411] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.631528] ---[ end trace 0000000000000000 ]--- [ 247.633102] ------------[ cut here ]------------ [ 247.633886] WARNING: CPU: 0 PID: 2336 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 247.635595] Modules linked in: [ 247.636058] CPU: 0 PID: 2336 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.637521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.639480] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 247.640210] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 247.643041] RSP: 0018:ffff888018bcfb78 EFLAGS: 00010246 [ 247.644139] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 247.645135] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 247.646596] RBP: ffff888018bcfb98 R08: ffffed1003019f3e R09: ffffed1003019f3e [ 247.647627] R10: ffff8880180cf9ef R11: ffffed1003019f3d R12: ffff8880180cfa90 [ 247.648971] R13: ffff8880180cf8a8 R14: ffffffffffffffff R15: ffff888018bcfc60 [ 247.649975] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.651514] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.652318] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.653328] PKRU: 55555554 [ 247.653946] Call Trace: [ 247.654314] [ 247.654686] iommufd_ioas_destroy+0x53/0x70 [ 247.655327] iommufd_fops_release+0x1f7/0x370 [ 247.656077] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.656967] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.657656] ? write_comp_data+0x2f/0x90 [ 247.658333] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.659263] __fput+0x26d/0xa40 [ 247.659762] ____fput+0x1e/0x30 [ 247.660241] task_work_run+0x1a4/0x2d0 [ 247.660796] ? __pfx_task_work_run+0x10/0x10 [ 247.661685] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.662373] ? switch_task_namespaces+0xa9/0xe0 [ 247.663086] do_exit+0xb17/0x2ef0 [ 247.663594] ? lock_acquire+0x427/0x4c0 [ 247.664155] ? __pfx_lock_release+0x10/0x10 [ 247.664761] ? __kasan_check_write+0x18/0x20 [ 247.665369] ? do_raw_spin_lock+0x132/0x2a0 [ 247.665961] ? __pfx_do_exit+0x10/0x10 [ 247.666549] ? debug_smp_processor_id+0x20/0x30 [ 247.667209] ? rcu_is_watching+0x19/0xb0 [ 247.667776] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.668414] ? trace_hardirqs_on+0x26/0x120 [ 247.669021] do_group_exit+0xe0/0x2b0 [ 247.669552] __x64_sys_exit_group+0x47/0x50 [ 247.670138] do_syscall_64+0x3b/0x90 [ 247.670711] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.671455] RIP: 0033:0x7f4b87518a4d [ 247.671968] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.672777] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.673769] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.674754] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.675745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.676683] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.677621] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.678625] [ 247.678951] irq event stamp: 0 [ 247.679393] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.680217] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.681305] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.682383] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.683282] ---[ end trace 0000000000000000 ]--- [ 247.691717] ------------[ cut here ]------------ [ 247.692389] WARNING: CPU: 0 PID: 2337 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.693750] Modules linked in: [ 247.694194] CPU: 0 PID: 2337 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.695478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.696956] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.697614] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.700029] RSP: 0018:ffff8880219ffbb8 EFLAGS: 00010246 [ 247.700755] RAX: 0000000000000000 RBX: ffff888015d2a8a8 RCX: 0000000000000000 [ 247.701715] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 247.702709] RBP: ffff8880219ffbd0 R08: ffffed1002ba5533 R09: ffffed1002ba5533 [ 247.703665] R10: ffff888015d2a993 R11: ffffed1002ba5532 R12: ffff888010b0dc00 [ 247.704595] R13: ffff888015d2a9e8 R14: ffffffff8352e670 R15: ffff8880219ffe68 [ 247.705538] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.706669] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.707494] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ef0 [ 247.708468] PKRU: 55555554 [ 247.708853] Call Trace: [ 247.709196] [ 247.709501] __iommufd_access_detach+0x1c2/0x2b0 [ 247.710166] iommufd_access_change_pt+0x149/0x270 [ 247.710883] iommufd_access_replace+0xb4/0x120 [ 247.711535] iommufd_test+0x3e5/0x37e0 [ 247.712053] ? lock_release+0x532/0x770 [ 247.712609] ? __might_fault+0x102/0x1b0 [ 247.713179] ? lock_acquire+0x427/0x4c0 [ 247.713741] ? __pfx_iommufd_test+0x10/0x10 [ 247.714334] ? __pfx_lock_release+0x10/0x10 [ 247.714970] ? __pfx_lock_acquire+0x10/0x10 [ 247.715599] ? write_comp_data+0x2f/0x90 [ 247.716180] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.716855] ? write_comp_data+0x2f/0x90 [ 247.717427] iommufd_fops_ioctl+0x37d/0x510 [ 247.718024] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.718739] ? write_comp_data+0x2f/0x90 [ 247.719336] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.720003] __x64_sys_ioctl+0x1a3/0x230 [ 247.720584] do_syscall_64+0x3b/0x90 [ 247.721102] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.721798] RIP: 0033:0x7f4b8743ee5d [ 247.722294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 247.724704] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 247.725707] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 247.726678] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 247.727646] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 247.728579] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 247.729509] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 247.730452] [ 247.730800] irq event stamp: 0 [ 247.731247] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.732075] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.733156] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.734240] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.735111] ---[ end trace 0000000000000000 ]--- [ 247.740050] ------------[ cut here ]------------ [ 247.740723] WARNING: CPU: 0 PID: 2337 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.742050] Modules linked in: [ 247.742479] CPU: 0 PID: 2337 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.743717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.745596] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.746271] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.749009] RSP: 0018:ffff8880219ffbd0 EFLAGS: 00010246 [ 247.749828] RAX: 0000000000000000 RBX: ffff888015d2a8a8 RCX: 0000000000000000 [ 247.750983] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 247.751950] RBP: ffff8880219ffbe8 R08: ffffed1002ba5533 R09: ffffed1002ba5533 [ 247.753178] R10: ffff888015d2a993 R11: ffffed1002ba5532 R12: ffff888014392800 [ 247.754110] R13: ffff888015d2a9e8 R14: ffff888012116e00 R15: 0000000000000000 [ 247.755377] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.756460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.757348] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.758482] PKRU: 55555554 [ 247.758949] Call Trace: [ 247.759334] [ 247.759690] iommufd_access_destroy_object+0x65/0x170 [ 247.760590] iommufd_object_destroy_user+0x18e/0x220 [ 247.761272] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 247.762107] iommufd_access_destroy+0x43/0x70 [ 247.762966] iommufd_test_staccess_release+0x8d/0xd0 [ 247.763719] __fput+0x26d/0xa40 [ 247.764207] ____fput+0x1e/0x30 [ 247.764774] task_work_run+0x1a4/0x2d0 [ 247.765507] ? __pfx_task_work_run+0x10/0x10 [ 247.766130] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.766904] ? switch_task_namespaces+0xa9/0xe0 [ 247.767747] do_exit+0xb17/0x2ef0 [ 247.768235] ? lock_acquire+0x427/0x4c0 [ 247.768800] ? __pfx_lock_release+0x10/0x10 [ 247.769509] ? __kasan_check_write+0x18/0x20 [ 247.770272] ? do_raw_spin_lock+0x132/0x2a0 [ 247.770931] ? __pfx_do_exit+0x10/0x10 [ 247.771535] ? debug_smp_processor_id+0x20/0x30 [ 247.772435] ? rcu_is_watching+0x19/0xb0 [ 247.773011] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.773639] ? trace_hardirqs_on+0x26/0x120 [ 247.774246] do_group_exit+0xe0/0x2b0 [ 247.774828] __x64_sys_exit_group+0x47/0x50 [ 247.775454] do_syscall_64+0x3b/0x90 [ 247.775984] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.776710] RIP: 0033:0x7f4b87518a4d [ 247.777224] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.778065] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.779165] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.780127] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.781069] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.782009] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.782999] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.783974] [ 247.784294] irq event stamp: 0 [ 247.784719] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.785549] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.786720] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.787839] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.788686] ---[ end trace 0000000000000000 ]--- [ 247.790044] ------------[ cut here ]------------ [ 247.790742] WARNING: CPU: 0 PID: 2337 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 247.792107] Modules linked in: [ 247.792544] CPU: 0 PID: 2337 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.793728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.795485] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 247.796182] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 247.798606] RSP: 0018:ffff8880219ffb78 EFLAGS: 00010246 [ 247.799329] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 247.800272] RDX: 0000000000000000 RSI: ffff888011f5ca00 RDI: 0000000000000002 [ 247.801221] RBP: ffff8880219ffb98 R08: ffffed1002ba553e R09: ffffed1002ba553e [ 247.802175] R10: ffff888015d2a9ef R11: ffffed1002ba553d R12: ffff888015d2aa90 [ 247.803171] R13: ffff888015d2a8a8 R14: ffffffffffffffff R15: ffff8880219ffc60 [ 247.804118] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.805174] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.805941] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.806920] PKRU: 55555554 [ 247.807316] Call Trace: [ 247.807659] [ 247.807966] iommufd_ioas_destroy+0x53/0x70 [ 247.808547] iommufd_fops_release+0x1f7/0x370 [ 247.809153] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.809824] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.810481] ? write_comp_data+0x2f/0x90 [ 247.811093] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.811779] __fput+0x26d/0xa40 [ 247.812244] ____fput+0x1e/0x30 [ 247.812698] task_work_run+0x1a4/0x2d0 [ 247.813231] ? __pfx_task_work_run+0x10/0x10 [ 247.813835] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.814497] ? switch_task_namespaces+0xa9/0xe0 [ 247.815209] do_exit+0xb17/0x2ef0 [ 247.815678] ? lock_acquire+0x427/0x4c0 [ 247.816222] ? __pfx_lock_release+0x10/0x10 [ 247.816810] ? __kasan_check_write+0x18/0x20 [ 247.817403] ? do_raw_spin_lock+0x132/0x2a0 [ 247.817982] ? __pfx_do_exit+0x10/0x10 [ 247.818550] ? debug_smp_processor_id+0x20/0x30 [ 247.819200] ? rcu_is_watching+0x19/0xb0 [ 247.819741] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.820348] ? trace_hardirqs_on+0x26/0x120 [ 247.820929] do_group_exit+0xe0/0x2b0 [ 247.821439] __x64_sys_exit_group+0x47/0x50 [ 247.822006] do_syscall_64+0x3b/0x90 [ 247.822557] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.823276] RIP: 0033:0x7f4b87518a4d [ 247.823774] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.824578] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.825573] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.826541] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.827490] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.828425] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.829360] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.830312] [ 247.830662] irq event stamp: 0 [ 247.831088] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.831950] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.833053] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.834145] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.835035] ---[ end trace 0000000000000000 ]--- [ 247.842891] ------------[ cut here ]------------ [ 247.843609] WARNING: CPU: 0 PID: 2338 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.844976] Modules linked in: [ 247.845432] CPU: 0 PID: 2338 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.846684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.848242] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.848950] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.851482] RSP: 0018:ffff88801834fbb8 EFLAGS: 00010246 [ 247.852220] RAX: 0000000000000000 RBX: ffff888021a680a8 RCX: 0000000000000000 [ 247.853188] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 247.854163] RBP: ffff88801834fbd0 R08: ffffed100434d033 R09: ffffed100434d033 [ 247.855226] R10: ffff888021a68193 R11: ffffed100434d032 R12: ffff88800fcb1800 [ 247.856210] R13: ffff888021a681e8 R14: ffffffff8352e670 R15: ffff88801834fe68 [ 247.857184] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.858269] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.859157] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 247.860142] PKRU: 55555554 [ 247.860564] Call Trace: [ 247.860943] [ 247.861264] __iommufd_access_detach+0x1c2/0x2b0 [ 247.861947] iommufd_access_change_pt+0x149/0x270 [ 247.862708] iommufd_access_replace+0xb4/0x120 [ 247.863404] iommufd_test+0x3e5/0x37e0 [ 247.863947] ? lock_release+0x532/0x770 [ 247.864516] ? __might_fault+0x102/0x1b0 [ 247.865089] ? lock_acquire+0x427/0x4c0 [ 247.865655] ? __pfx_iommufd_test+0x10/0x10 [ 247.866252] ? __pfx_lock_release+0x10/0x10 [ 247.866937] ? __pfx_lock_acquire+0x10/0x10 [ 247.867601] ? write_comp_data+0x2f/0x90 [ 247.868191] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.868881] ? write_comp_data+0x2f/0x90 [ 247.869470] iommufd_fops_ioctl+0x37d/0x510 [ 247.870089] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.870865] ? write_comp_data+0x2f/0x90 [ 247.871501] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 247.872172] __x64_sys_ioctl+0x1a3/0x230 [ 247.872751] do_syscall_64+0x3b/0x90 [ 247.873286] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.874025] RIP: 0033:0x7f4b8743ee5d [ 247.874627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 247.877104] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 247.878144] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 247.879228] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 247.880219] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 247.881195] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 247.882172] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 247.883273] [ 247.883628] irq event stamp: 0 [ 247.884068] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.884928] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.886070] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.887308] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.888167] ---[ end trace 0000000000000000 ]--- [ 247.893126] ------------[ cut here ]------------ [ 247.893793] WARNING: CPU: 0 PID: 2338 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.895220] Modules linked in: [ 247.895669] CPU: 0 PID: 2338 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.896833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.898320] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.899054] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 247.901465] RSP: 0018:ffff88801834fbd0 EFLAGS: 00010246 [ 247.902176] RAX: 0000000000000000 RBX: ffff888021a680a8 RCX: 0000000000000000 [ 247.903200] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 247.904144] RBP: ffff88801834fbe8 R08: ffffed100434d033 R09: ffffed100434d033 [ 247.905083] R10: ffff888021a68193 R11: ffffed100434d032 R12: ffff888010b0cc00 [ 247.906020] R13: ffff888021a681e8 R14: ffff88800f6d3c00 R15: 0000000000000000 [ 247.907008] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.908085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.908855] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.909804] PKRU: 55555554 [ 247.910185] Call Trace: [ 247.910599] [ 247.910916] iommufd_access_destroy_object+0x65/0x170 [ 247.911644] iommufd_object_destroy_user+0x18e/0x220 [ 247.912332] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 247.913108] iommufd_access_destroy+0x43/0x70 [ 247.913728] iommufd_test_staccess_release+0x8d/0xd0 [ 247.914416] __fput+0x26d/0xa40 [ 247.914948] ____fput+0x1e/0x30 [ 247.915449] task_work_run+0x1a4/0x2d0 [ 247.915987] ? __pfx_task_work_run+0x10/0x10 [ 247.916580] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.917246] ? switch_task_namespaces+0xa9/0xe0 [ 247.917896] do_exit+0xb17/0x2ef0 [ 247.918367] ? lock_acquire+0x427/0x4c0 [ 247.918969] ? __pfx_lock_release+0x10/0x10 [ 247.919587] ? __kasan_check_write+0x18/0x20 [ 247.920193] ? do_raw_spin_lock+0x132/0x2a0 [ 247.920800] ? __pfx_do_exit+0x10/0x10 [ 247.921345] ? debug_smp_processor_id+0x20/0x30 [ 247.921976] ? rcu_is_watching+0x19/0xb0 [ 247.922598] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.923251] ? trace_hardirqs_on+0x26/0x120 [ 247.923851] do_group_exit+0xe0/0x2b0 [ 247.924375] __x64_sys_exit_group+0x47/0x50 [ 247.924960] do_syscall_64+0x3b/0x90 [ 247.925478] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.926187] RIP: 0033:0x7f4b87518a4d [ 247.926760] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.927606] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.928608] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.929551] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.930487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.931539] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.932479] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.933434] [ 247.933757] irq event stamp: 0 [ 247.934182] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.935091] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.936226] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.937343] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.938188] ---[ end trace 0000000000000000 ]--- [ 247.939611] ------------[ cut here ]------------ [ 247.940244] WARNING: CPU: 0 PID: 2338 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 247.941585] Modules linked in: [ 247.942019] CPU: 0 PID: 2338 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.943261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.944753] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 247.945436] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 247.947904] RSP: 0018:ffff88801834fb78 EFLAGS: 00010246 [ 247.948622] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 247.949576] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 247.950571] RBP: ffff88801834fb98 R08: ffffed100434d03e R09: ffffed100434d03e [ 247.951536] R10: ffff888021a681ef R11: ffffed100434d03d R12: ffff888021a68290 [ 247.952481] R13: ffff888021a680a8 R14: ffffffffffffffff R15: ffff88801834fc60 [ 247.953424] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 247.954487] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.955333] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 247.956282] PKRU: 55555554 [ 247.956666] Call Trace: [ 247.957010] [ 247.957325] iommufd_ioas_destroy+0x53/0x70 [ 247.957911] iommufd_fops_release+0x1f7/0x370 [ 247.958582] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.959283] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.959954] ? write_comp_data+0x2f/0x90 [ 247.960551] ? __pfx_iommufd_fops_release+0x10/0x10 [ 247.961226] __fput+0x26d/0xa40 [ 247.961702] ____fput+0x1e/0x30 [ 247.962168] task_work_run+0x1a4/0x2d0 [ 247.962755] ? __pfx_task_work_run+0x10/0x10 [ 247.963379] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 247.964044] ? switch_task_namespaces+0xa9/0xe0 [ 247.964685] do_exit+0xb17/0x2ef0 [ 247.965156] ? lock_acquire+0x427/0x4c0 [ 247.965706] ? __pfx_lock_release+0x10/0x10 [ 247.966304] ? __kasan_check_write+0x18/0x20 [ 247.966951] ? do_raw_spin_lock+0x132/0x2a0 [ 247.967551] ? __pfx_do_exit+0x10/0x10 [ 247.968092] ? debug_smp_processor_id+0x20/0x30 [ 247.968715] ? rcu_is_watching+0x19/0xb0 [ 247.969263] ? _raw_spin_unlock_irq+0x2b/0x60 [ 247.969874] ? trace_hardirqs_on+0x26/0x120 [ 247.970459] do_group_exit+0xe0/0x2b0 [ 247.971023] __x64_sys_exit_group+0x47/0x50 [ 247.971626] do_syscall_64+0x3b/0x90 [ 247.972146] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 247.972853] RIP: 0033:0x7f4b87518a4d [ 247.973353] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 247.974165] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 247.975215] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 247.976155] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 247.977099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 247.978036] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 247.979014] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 247.979986] [ 247.980300] irq event stamp: 0 [ 247.980724] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 247.981559] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 247.982698] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 247.983825] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 247.984667] ---[ end trace 0000000000000000 ]--- [ 247.991777] ------------[ cut here ]------------ [ 247.992481] WARNING: CPU: 1 PID: 2339 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 247.993830] Modules linked in: [ 247.994266] CPU: 1 PID: 2339 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 247.995939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 247.997470] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 247.998160] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.000675] RSP: 0018:ffff8880179bfbb8 EFLAGS: 00010246 [ 248.001418] RAX: 0000000000000000 RBX: ffff8880160980a8 RCX: 0000000000000000 [ 248.002373] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 248.003403] RBP: ffff8880179bfbd0 R08: ffffed1002c13033 R09: ffffed1002c13033 [ 248.004434] R10: ffff888016098193 R11: ffffed1002c13032 R12: ffff888013b23400 [ 248.005703] R13: ffff8880160981e8 R14: ffffffff8352e670 R15: ffff8880179bfe68 [ 248.006710] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.007847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.008983] CR2: 0000000020000140 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 248.009948] PKRU: 55555554 [ 248.010350] Call Trace: [ 248.010744] [ 248.011065] __iommufd_access_detach+0x1c2/0x2b0 [ 248.011764] iommufd_access_change_pt+0x149/0x270 [ 248.012431] iommufd_access_replace+0xb4/0x120 [ 248.013314] iommufd_test+0x3e5/0x37e0 [ 248.013868] ? lock_release+0x532/0x770 [ 248.014431] ? __might_fault+0x102/0x1b0 [ 248.015051] ? lock_acquire+0x427/0x4c0 [ 248.015666] ? __pfx_iommufd_test+0x10/0x10 [ 248.016252] ? __pfx_lock_release+0x10/0x10 [ 248.016845] ? __pfx_lock_acquire+0x10/0x10 [ 248.017483] ? write_comp_data+0x2f/0x90 [ 248.018203] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.018937] ? write_comp_data+0x2f/0x90 [ 248.019561] iommufd_fops_ioctl+0x37d/0x510 [ 248.020161] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.020828] ? write_comp_data+0x2f/0x90 [ 248.021398] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.022241] __x64_sys_ioctl+0x1a3/0x230 [ 248.022871] do_syscall_64+0x3b/0x90 [ 248.023446] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.024157] RIP: 0033:0x7f4b8743ee5d [ 248.024659] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 248.027382] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 248.028420] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 248.029446] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 248.030200] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 248.031271] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 248.032245] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 248.033012] [ 248.033260] irq event stamp: 0 [ 248.033597] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.034273] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.035196] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.036075] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.036888] ---[ end trace 0000000000000000 ]--- [ 248.040668] ------------[ cut here ]------------ [ 248.041213] WARNING: CPU: 1 PID: 2339 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.042666] Modules linked in: [ 248.043178] CPU: 1 PID: 2339 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.044100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.045306] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.045840] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.048022] RSP: 0018:ffff8880179bfbd0 EFLAGS: 00010246 [ 248.048817] RAX: 0000000000000000 RBX: ffff8880160980a8 RCX: 0000000000000000 [ 248.049576] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 248.050330] RBP: ffff8880179bfbe8 R08: ffffed1002c13033 R09: ffffed1002c13033 [ 248.051135] R10: ffff888016098193 R11: ffffed1002c13032 R12: ffff8880129c7400 [ 248.051895] R13: ffff8880160981e8 R14: ffff888012b9b500 R15: 0000000000000000 [ 248.052656] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.053675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.054606] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.055395] PKRU: 55555554 [ 248.055699] Call Trace: [ 248.055972] [ 248.056217] iommufd_access_destroy_object+0x65/0x170 [ 248.056772] iommufd_object_destroy_user+0x18e/0x220 [ 248.057330] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 248.057978] iommufd_access_destroy+0x43/0x70 [ 248.058616] iommufd_test_staccess_release+0x8d/0xd0 [ 248.059395] __fput+0x26d/0xa40 [ 248.059772] ____fput+0x1e/0x30 [ 248.060136] task_work_run+0x1a4/0x2d0 [ 248.060567] ? __pfx_task_work_run+0x10/0x10 [ 248.061127] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.061655] ? switch_task_namespaces+0xa9/0xe0 [ 248.062162] do_exit+0xb17/0x2ef0 [ 248.062573] ? lock_acquire+0x427/0x4c0 [ 248.063014] ? __pfx_lock_release+0x10/0x10 [ 248.063507] ? __kasan_check_write+0x18/0x20 [ 248.063988] ? do_raw_spin_lock+0x132/0x2a0 [ 248.064593] ? __pfx_do_exit+0x10/0x10 [ 248.065164] ? debug_smp_processor_id+0x20/0x30 [ 248.065852] ? rcu_is_watching+0x19/0xb0 [ 248.066282] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.066804] ? trace_hardirqs_on+0x26/0x120 [ 248.067289] do_group_exit+0xe0/0x2b0 [ 248.067698] __x64_sys_exit_group+0x47/0x50 [ 248.068159] do_syscall_64+0x3b/0x90 [ 248.068649] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.069214] RIP: 0033:0x7f4b87518a4d [ 248.069615] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.070426] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.071602] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.072363] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.073109] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.073876] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.074657] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.075470] [ 248.075732] irq event stamp: 0 [ 248.076128] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.077078] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.077970] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.078906] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.079596] ---[ end trace 0000000000000000 ]--- [ 248.080500] ------------[ cut here ]------------ [ 248.081007] WARNING: CPU: 1 PID: 2339 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 248.082365] Modules linked in: [ 248.082907] CPU: 1 PID: 2339 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.083848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.085032] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 248.085583] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 248.087945] RSP: 0018:ffff8880179bfb78 EFLAGS: 00010246 [ 248.088742] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 248.089522] RDX: 0000000000000000 RSI: ffff8880108b4a00 RDI: 0000000000000002 [ 248.090284] RBP: ffff8880179bfb98 R08: ffffed1002c1303e R09: ffffed1002c1303e [ 248.091072] R10: ffff8880160981ef R11: ffffed1002c1303d R12: ffff888016098290 [ 248.091832] R13: ffff8880160980a8 R14: ffffffffffffffff R15: ffff8880179bfc60 [ 248.092584] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.093662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.094581] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.095354] PKRU: 55555554 [ 248.095662] Call Trace: [ 248.095935] [ 248.096176] iommufd_ioas_destroy+0x53/0x70 [ 248.096650] iommufd_fops_release+0x1f7/0x370 [ 248.097141] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.097676] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.098209] ? write_comp_data+0x2f/0x90 [ 248.098843] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.099629] __fput+0x26d/0xa40 [ 248.100014] ____fput+0x1e/0x30 [ 248.100377] task_work_run+0x1a4/0x2d0 [ 248.100800] ? __pfx_task_work_run+0x10/0x10 [ 248.101276] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.101798] ? switch_task_namespaces+0xa9/0xe0 [ 248.102297] do_exit+0xb17/0x2ef0 [ 248.102748] ? lock_acquire+0x427/0x4c0 [ 248.103198] ? __pfx_lock_release+0x10/0x10 [ 248.103669] ? __kasan_check_write+0x18/0x20 [ 248.104148] ? do_raw_spin_lock+0x132/0x2a0 [ 248.104671] ? __pfx_do_exit+0x10/0x10 [ 248.105231] ? debug_smp_processor_id+0x20/0x30 [ 248.105944] ? rcu_is_watching+0x19/0xb0 [ 248.106378] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.106899] ? trace_hardirqs_on+0x26/0x120 [ 248.107397] do_group_exit+0xe0/0x2b0 [ 248.107818] __x64_sys_exit_group+0x47/0x50 [ 248.108294] do_syscall_64+0x3b/0x90 [ 248.108708] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.109265] RIP: 0033:0x7f4b87518a4d [ 248.109662] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.110314] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.111403] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.112382] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.113141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.113909] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.114704] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.115498] [ 248.115747] irq event stamp: 0 [ 248.116078] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.116748] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.117792] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.119016] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.119700] ---[ end trace 0000000000000000 ]--- [ 248.124238] ------------[ cut here ]------------ [ 248.124815] WARNING: CPU: 1 PID: 2340 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.125962] Modules linked in: [ 248.126304] CPU: 1 PID: 2340 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.127302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.128950] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.129628] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.131647] RSP: 0018:ffff888018007bb8 EFLAGS: 00010246 [ 248.132227] RAX: 0000000000000000 RBX: ffff888011f630a8 RCX: 0000000000000000 [ 248.132986] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 248.133739] RBP: ffff888018007bd0 R08: ffffed10023ec633 R09: ffffed10023ec633 [ 248.134782] R10: ffff888011f63193 R11: ffffed10023ec632 R12: ffff8880121c4800 [ 248.135836] R13: ffff888011f631e8 R14: ffffffff8352e670 R15: ffff888018007e68 [ 248.136600] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.137462] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.138083] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 248.138873] PKRU: 55555554 [ 248.139203] Call Trace: [ 248.139475] [ 248.139717] __iommufd_access_detach+0x1c2/0x2b0 [ 248.140247] iommufd_access_change_pt+0x149/0x270 [ 248.140881] iommufd_access_replace+0xb4/0x120 [ 248.141527] iommufd_test+0x3e5/0x37e0 [ 248.142141] ? lock_release+0x532/0x770 [ 248.142628] ? __might_fault+0x102/0x1b0 [ 248.143070] ? lock_acquire+0x427/0x4c0 [ 248.143528] ? __pfx_iommufd_test+0x10/0x10 [ 248.143992] ? __pfx_lock_release+0x10/0x10 [ 248.144468] ? __pfx_lock_acquire+0x10/0x10 [ 248.144947] ? write_comp_data+0x2f/0x90 [ 248.145397] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.145925] ? write_comp_data+0x2f/0x90 [ 248.146448] iommufd_fops_ioctl+0x37d/0x510 [ 248.147105] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.147841] ? write_comp_data+0x2f/0x90 [ 248.148288] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.148812] __x64_sys_ioctl+0x1a3/0x230 [ 248.149257] do_syscall_64+0x3b/0x90 [ 248.149660] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.150224] RIP: 0033:0x7f4b8743ee5d [ 248.150673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 248.152691] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 248.153800] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 248.154683] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 248.155461] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 248.156215] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 248.157041] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 248.157805] [ 248.158162] irq event stamp: 0 [ 248.158691] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.159630] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.160530] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.161410] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.162075] ---[ end trace 0000000000000000 ]--- [ 248.165561] ------------[ cut here ]------------ [ 248.166113] WARNING: CPU: 1 PID: 2340 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.167288] Modules linked in: [ 248.167637] CPU: 1 PID: 2340 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.168664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.170150] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.170711] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.172669] RSP: 0018:ffff888018007bd0 EFLAGS: 00010246 [ 248.173238] RAX: 0000000000000000 RBX: ffff888011f630a8 RCX: 0000000000000000 [ 248.174166] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 248.175246] RBP: ffff888018007be8 R08: ffffed10023ec633 R09: ffffed10023ec633 [ 248.176006] R10: ffff888011f63193 R11: ffffed10023ec632 R12: ffff888013b21000 [ 248.176752] R13: ffff888011f631e8 R14: ffff88800fdf4d00 R15: 0000000000000000 [ 248.177495] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.178351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.179036] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 248.180099] PKRU: 55555554 [ 248.180406] Call Trace: [ 248.180676] [ 248.180920] iommufd_access_destroy_object+0x65/0x170 [ 248.181475] iommufd_object_destroy_user+0x18e/0x220 [ 248.182024] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 248.182697] iommufd_access_destroy+0x43/0x70 [ 248.183205] iommufd_test_staccess_release+0x8d/0xd0 [ 248.183756] __fput+0x26d/0xa40 [ 248.184133] ____fput+0x1e/0x30 [ 248.184568] task_work_run+0x1a4/0x2d0 [ 248.185154] ? __pfx_task_work_run+0x10/0x10 [ 248.185826] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.186353] ? switch_task_namespaces+0xa9/0xe0 [ 248.186902] do_exit+0xb17/0x2ef0 [ 248.187289] ? lock_acquire+0x427/0x4c0 [ 248.187725] ? __pfx_lock_release+0x10/0x10 [ 248.188186] ? __kasan_check_write+0x18/0x20 [ 248.188661] ? do_raw_spin_lock+0x132/0x2a0 [ 248.189205] ? __pfx_do_exit+0x10/0x10 [ 248.189631] ? debug_smp_processor_id+0x20/0x30 [ 248.190233] ? rcu_is_watching+0x19/0xb0 [ 248.190896] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.191409] ? trace_hardirqs_on+0x26/0x120 [ 248.191893] do_group_exit+0xe0/0x2b0 [ 248.192312] __x64_sys_exit_group+0x47/0x50 [ 248.192773] do_syscall_64+0x3b/0x90 [ 248.193183] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.193738] RIP: 0033:0x7f4b87518a4d [ 248.194136] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.194826] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.195655] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.196609] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.197665] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.198419] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.199223] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.199991] [ 248.200242] irq event stamp: 0 [ 248.200576] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.201252] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.202359] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.203591] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.204264] ---[ end trace 0000000000000000 ]--- [ 248.205380] ------------[ cut here ]------------ [ 248.205891] WARNING: CPU: 1 PID: 2340 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 248.207020] Modules linked in: [ 248.207385] CPU: 1 PID: 2340 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.208310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.209947] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 248.210496] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 248.212484] RSP: 0018:ffff888018007b78 EFLAGS: 00010246 [ 248.213052] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 248.213803] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 248.214831] RBP: ffff888018007b98 R08: ffffed10023ec63e R09: ffffed10023ec63e [ 248.215848] R10: ffff888011f631ef R11: ffffed10023ec63d R12: ffff888011f63290 [ 248.216602] R13: ffff888011f630a8 R14: ffffffffffffffff R15: ffff888018007c60 [ 248.217357] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.218200] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.218861] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 248.219638] PKRU: 55555554 [ 248.219991] Call Trace: [ 248.220343] [ 248.220662] iommufd_ioas_destroy+0x53/0x70 [ 248.221318] iommufd_fops_release+0x1f7/0x370 [ 248.221807] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.222335] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.222907] ? write_comp_data+0x2f/0x90 [ 248.223373] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.223929] __fput+0x26d/0xa40 [ 248.224313] ____fput+0x1e/0x30 [ 248.224683] task_work_run+0x1a4/0x2d0 [ 248.225226] ? __pfx_task_work_run+0x10/0x10 [ 248.225919] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.226449] ? switch_task_namespaces+0xa9/0xe0 [ 248.227003] do_exit+0xb17/0x2ef0 [ 248.227398] ? lock_acquire+0x427/0x4c0 [ 248.227836] ? __pfx_lock_release+0x10/0x10 [ 248.228304] ? __kasan_check_write+0x18/0x20 [ 248.228777] ? do_raw_spin_lock+0x132/0x2a0 [ 248.229248] ? __pfx_do_exit+0x10/0x10 [ 248.229712] ? debug_smp_processor_id+0x20/0x30 [ 248.230359] ? rcu_is_watching+0x19/0xb0 [ 248.231039] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.231543] ? trace_hardirqs_on+0x26/0x120 [ 248.232007] do_group_exit+0xe0/0x2b0 [ 248.232413] __x64_sys_exit_group+0x47/0x50 [ 248.232882] do_syscall_64+0x3b/0x90 [ 248.233301] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.233862] RIP: 0033:0x7f4b87518a4d [ 248.234277] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.235037] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.236117] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.236884] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.237635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.238396] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.239222] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.240005] [ 248.240354] irq event stamp: 0 [ 248.240832] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.241735] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.242645] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.243525] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.244190] ---[ end trace 0000000000000000 ]--- [ 248.249893] ------------[ cut here ]------------ [ 248.250833] WARNING: CPU: 1 PID: 2341 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.251929] Modules linked in: [ 248.252263] CPU: 1 PID: 2341 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.253267] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.254741] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.255559] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.257486] RSP: 0018:ffff8880179bfbb8 EFLAGS: 00010246 [ 248.258059] RAX: 0000000000000000 RBX: ffff888021a418a8 RCX: 0000000000000000 [ 248.258883] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 248.259663] RBP: ffff8880179bfbd0 R08: ffffed1004348333 R09: ffffed1004348333 [ 248.260602] R10: ffff888021a41993 R11: ffffed1004348332 R12: ffff88801493e800 [ 248.261719] R13: ffff888021a419e8 R14: ffffffff8352e670 R15: ffff8880179bfe68 [ 248.262654] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.263511] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.264127] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 248.264879] PKRU: 55555554 [ 248.265182] Call Trace: [ 248.265455] [ 248.265697] __iommufd_access_detach+0x1c2/0x2b0 [ 248.266376] iommufd_access_change_pt+0x149/0x270 [ 248.267208] iommufd_access_replace+0xb4/0x120 [ 248.267721] iommufd_test+0x3e5/0x37e0 [ 248.268140] ? lock_release+0x532/0x770 [ 248.268575] ? __might_fault+0x102/0x1b0 [ 248.269013] ? lock_acquire+0x427/0x4c0 [ 248.269446] ? __pfx_iommufd_test+0x10/0x10 [ 248.269905] ? __pfx_lock_release+0x10/0x10 [ 248.270374] ? __pfx_lock_acquire+0x10/0x10 [ 248.270884] ? write_comp_data+0x2f/0x90 [ 248.271349] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.271919] ? write_comp_data+0x2f/0x90 [ 248.272496] iommufd_fops_ioctl+0x37d/0x510 [ 248.273151] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.273675] ? write_comp_data+0x2f/0x90 [ 248.274116] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.274668] __x64_sys_ioctl+0x1a3/0x230 [ 248.275116] do_syscall_64+0x3b/0x90 [ 248.275536] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.276093] RIP: 0033:0x7f4b8743ee5d [ 248.276492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 248.278973] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 248.279806] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 248.280560] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 248.281313] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 248.282070] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 248.283133] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 248.284166] [ 248.284416] irq event stamp: 0 [ 248.284751] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.285481] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.286355] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.287279] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.287961] ---[ end trace 0000000000000000 ]--- [ 248.291527] ------------[ cut here ]------------ [ 248.292089] WARNING: CPU: 1 PID: 2341 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.293231] Modules linked in: [ 248.293682] CPU: 1 PID: 2341 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.294963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.296173] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.296715] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.298891] RSP: 0018:ffff8880179bfbd0 EFLAGS: 00010246 [ 248.299749] RAX: 0000000000000000 RBX: ffff888021a418a8 RCX: 0000000000000000 [ 248.300514] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 248.301265] RBP: ffff8880179bfbe8 R08: ffffed1004348333 R09: ffffed1004348333 [ 248.302025] R10: ffff888021a41993 R11: ffffed1004348332 R12: ffff8880121c6c00 [ 248.302816] R13: ffff888021a419e8 R14: ffff888018b99d00 R15: 0000000000000000 [ 248.303588] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.304618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.305467] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 248.306448] PKRU: 55555554 [ 248.306794] Call Trace: [ 248.307070] [ 248.307327] iommufd_access_destroy_object+0x65/0x170 [ 248.307896] iommufd_object_destroy_user+0x18e/0x220 [ 248.308447] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 248.309070] iommufd_access_destroy+0x43/0x70 [ 248.309555] iommufd_test_staccess_release+0x8d/0xd0 [ 248.310200] __fput+0x26d/0xa40 [ 248.310773] ____fput+0x1e/0x30 [ 248.311363] task_work_run+0x1a4/0x2d0 [ 248.311792] ? __pfx_task_work_run+0x10/0x10 [ 248.312261] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.312781] ? switch_task_namespaces+0xa9/0xe0 [ 248.313286] do_exit+0xb17/0x2ef0 [ 248.313655] ? lock_acquire+0x427/0x4c0 [ 248.314084] ? __pfx_lock_release+0x10/0x10 [ 248.314589] ? __kasan_check_write+0x18/0x20 [ 248.315070] ? do_raw_spin_lock+0x132/0x2a0 [ 248.315572] ? __pfx_do_exit+0x10/0x10 [ 248.316004] ? debug_smp_processor_id+0x20/0x30 [ 248.316645] ? rcu_is_watching+0x19/0xb0 [ 248.317308] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.318028] ? trace_hardirqs_on+0x26/0x120 [ 248.318553] do_group_exit+0xe0/0x2b0 [ 248.318967] __x64_sys_exit_group+0x47/0x50 [ 248.319435] do_syscall_64+0x3b/0x90 [ 248.319846] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.320398] RIP: 0033:0x7f4b87518a4d [ 248.320798] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.321448] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.322432] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.323552] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.324599] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.325358] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.326110] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.326893] [ 248.327153] irq event stamp: 0 [ 248.327493] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.328157] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.329041] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.330131] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.331215] ---[ end trace 0000000000000000 ]--- [ 248.332152] ------------[ cut here ]------------ [ 248.332648] WARNING: CPU: 1 PID: 2341 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 248.333713] Modules linked in: [ 248.334053] CPU: 1 PID: 2341 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.335166] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.336550] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 248.337434] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 248.339494] RSP: 0018:ffff8880179bfb78 EFLAGS: 00010246 [ 248.340077] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 248.340855] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 248.341731] RBP: ffff8880179bfb98 R08: ffffed100434833e R09: ffffed100434833e [ 248.342925] R10: ffff888021a419ef R11: ffffed100434833d R12: ffff888021a41a90 [ 248.343722] R13: ffff888021a418a8 R14: ffffffffffffffff R15: ffff8880179bfc60 [ 248.344497] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.345369] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.346002] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 248.346807] PKRU: 55555554 [ 248.347137] Call Trace: [ 248.347423] [ 248.347701] iommufd_ioas_destroy+0x53/0x70 [ 248.348330] iommufd_fops_release+0x1f7/0x370 [ 248.349166] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.349740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.350306] ? write_comp_data+0x2f/0x90 [ 248.350813] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.351413] __fput+0x26d/0xa40 [ 248.351800] ____fput+0x1e/0x30 [ 248.352176] task_work_run+0x1a4/0x2d0 [ 248.352607] ? __pfx_task_work_run+0x10/0x10 [ 248.353091] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.353635] ? switch_task_namespaces+0xa9/0xe0 [ 248.354309] do_exit+0xb17/0x2ef0 [ 248.354969] ? lock_acquire+0x427/0x4c0 [ 248.355428] ? __pfx_lock_release+0x10/0x10 [ 248.355913] ? __kasan_check_write+0x18/0x20 [ 248.356402] ? do_raw_spin_lock+0x132/0x2a0 [ 248.356864] ? __pfx_do_exit+0x10/0x10 [ 248.357287] ? debug_smp_processor_id+0x20/0x30 [ 248.357796] ? rcu_is_watching+0x19/0xb0 [ 248.358244] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.358780] ? trace_hardirqs_on+0x26/0x120 [ 248.359284] do_group_exit+0xe0/0x2b0 [ 248.359704] __x64_sys_exit_group+0x47/0x50 [ 248.360372] do_syscall_64+0x3b/0x90 [ 248.361022] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.361595] RIP: 0033:0x7f4b87518a4d [ 248.362001] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.362698] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.363542] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.364337] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.365173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.366331] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.367161] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.367958] [ 248.368220] irq event stamp: 0 [ 248.368567] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.369252] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.370193] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.371596] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.372296] ---[ end trace 0000000000000000 ]--- [ 248.382267] ------------[ cut here ]------------ [ 248.383078] WARNING: CPU: 0 PID: 2342 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.384509] Modules linked in: [ 248.384958] CPU: 0 PID: 2342 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.386148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.387749] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.388444] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.390958] RSP: 0018:ffff888010587bb8 EFLAGS: 00010246 [ 248.391722] RAX: 0000000000000000 RBX: ffff8880180f50a8 RCX: 0000000000000000 [ 248.392695] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 248.393662] RBP: ffff888010587bd0 R08: ffffed100301ea33 R09: ffffed100301ea33 [ 248.394693] R10: ffff8880180f5193 R11: ffffed100301ea32 R12: ffff888013a08400 [ 248.395691] R13: ffff8880180f51e8 R14: ffffffff8352e670 R15: ffff888010587e68 [ 248.396659] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 248.397753] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.398656] CR2: 00007f4b877410e8 CR3: 0000000013bac000 CR4: 0000000000750ef0 [ 248.399670] PKRU: 55555554 [ 248.400068] Call Trace: [ 248.400424] [ 248.400749] __iommufd_access_detach+0x1c2/0x2b0 [ 248.401435] iommufd_access_change_pt+0x149/0x270 [ 248.402124] iommufd_access_replace+0xb4/0x120 [ 248.402837] iommufd_test+0x3e5/0x37e0 [ 248.403414] ? lock_release+0x532/0x770 [ 248.403972] ? __might_fault+0x102/0x1b0 [ 248.404542] ? lock_acquire+0x427/0x4c0 [ 248.405106] ? __pfx_iommufd_test+0x10/0x10 [ 248.405695] ? __pfx_lock_release+0x10/0x10 [ 248.406300] ? __pfx_lock_acquire+0x10/0x10 [ 248.406943] ? write_comp_data+0x2f/0x90 [ 248.407523] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.408178] ? write_comp_data+0x2f/0x90 [ 248.408750] iommufd_fops_ioctl+0x37d/0x510 [ 248.409356] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.410035] ? write_comp_data+0x2f/0x90 [ 248.410653] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.411351] __x64_sys_ioctl+0x1a3/0x230 [ 248.411929] do_syscall_64+0x3b/0x90 [ 248.412443] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.413142] RIP: 0033:0x7f4b8743ee5d [ 248.413639] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 248.416152] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 248.417182] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 248.418182] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 248.419220] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 248.420165] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 248.421109] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 248.422122] [ 248.422455] irq event stamp: 0 [ 248.422951] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.423841] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.424979] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.426110] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.427017] ---[ end trace 0000000000000000 ]--- [ 248.431201] ------------[ cut here ]------------ [ 248.431803] WARNING: CPU: 1 PID: 2342 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.433520] Modules linked in: [ 248.433897] CPU: 1 PID: 2342 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.434952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.436197] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.436736] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.439496] RSP: 0018:ffff888010587bd0 EFLAGS: 00010246 [ 248.440070] RAX: 0000000000000000 RBX: ffff8880180f50a8 RCX: 0000000000000000 [ 248.440810] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 248.441556] RBP: ffff888010587be8 R08: ffffed100301ea33 R09: ffffed100301ea33 [ 248.442311] R10: ffff8880180f5193 R11: ffffed100301ea32 R12: ffff88800fcb1800 [ 248.443204] R13: ffff8880180f51e8 R14: ffff888013a70300 R15: 0000000000000000 [ 248.444282] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.445231] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.445857] CR2: 00007f4b875fca50 CR3: 0000000011f7a000 CR4: 0000000000750ee0 [ 248.446669] PKRU: 55555554 [ 248.446986] Call Trace: [ 248.447356] [ 248.447708] iommufd_access_destroy_object+0x65/0x170 [ 248.448462] iommufd_object_destroy_user+0x18e/0x220 [ 248.449021] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 248.449648] iommufd_access_destroy+0x43/0x70 [ 248.450142] iommufd_test_staccess_release+0x8d/0xd0 [ 248.450735] __fput+0x26d/0xa40 [ 248.451112] ____fput+0x1e/0x30 [ 248.451504] task_work_run+0x1a4/0x2d0 [ 248.452069] ? __pfx_task_work_run+0x10/0x10 [ 248.452740] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.453280] ? switch_task_namespaces+0xa9/0xe0 [ 248.453799] do_exit+0xb17/0x2ef0 [ 248.454178] ? lock_acquire+0x427/0x4c0 [ 248.454655] ? __pfx_lock_release+0x10/0x10 [ 248.455145] ? __kasan_check_write+0x18/0x20 [ 248.455636] ? do_raw_spin_lock+0x132/0x2a0 [ 248.456196] ? __pfx_do_exit+0x10/0x10 [ 248.456892] ? debug_smp_processor_id+0x20/0x30 [ 248.457408] ? rcu_is_watching+0x19/0xb0 [ 248.457846] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.458343] ? trace_hardirqs_on+0x26/0x120 [ 248.458853] do_group_exit+0xe0/0x2b0 [ 248.459302] __x64_sys_exit_group+0x47/0x50 [ 248.459774] do_syscall_64+0x3b/0x90 [ 248.460279] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.461165] RIP: 0033:0x7f4b87518a4d [ 248.461577] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.462236] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.463088] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.463864] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.464754] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.465776] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.466553] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.467336] [ 248.467595] irq event stamp: 0 [ 248.467933] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.468622] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.469820] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.470941] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.471632] ---[ end trace 0000000000000000 ]--- [ 248.474814] ------------[ cut here ]------------ [ 248.475384] WARNING: CPU: 1 PID: 2342 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 248.476482] Modules linked in: [ 248.476835] CPU: 1 PID: 2342 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.477938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.479466] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 248.480018] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 248.481968] RSP: 0018:ffff888010587b78 EFLAGS: 00010246 [ 248.482771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 248.483690] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 248.484470] RBP: ffff888010587b98 R08: ffffed100301ea3e R09: ffffed100301ea3e [ 248.485254] R10: ffff8880180f51ef R11: ffffed100301ea3d R12: ffff8880180f5290 [ 248.486038] R13: ffff8880180f50a8 R14: ffffffffffffffff R15: ffff888010587c60 [ 248.486986] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.488040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.488671] CR2: 00007f82e2b43008 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 248.489438] PKRU: 55555554 [ 248.489752] Call Trace: [ 248.490032] [ 248.490288] iommufd_ioas_destroy+0x53/0x70 [ 248.490904] iommufd_fops_release+0x1f7/0x370 [ 248.491670] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.492236] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.492775] ? write_comp_data+0x2f/0x90 [ 248.493229] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.493777] __fput+0x26d/0xa40 [ 248.494157] ____fput+0x1e/0x30 [ 248.494564] task_work_run+0x1a4/0x2d0 [ 248.495095] ? __pfx_task_work_run+0x10/0x10 [ 248.495782] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.496327] ? switch_task_namespaces+0xa9/0xe0 [ 248.496851] do_exit+0xb17/0x2ef0 [ 248.497234] ? lock_acquire+0x427/0x4c0 [ 248.497675] ? __pfx_lock_release+0x10/0x10 [ 248.498149] ? __kasan_check_write+0x18/0x20 [ 248.498675] ? do_raw_spin_lock+0x132/0x2a0 [ 248.499282] ? __pfx_do_exit+0x10/0x10 [ 248.499926] ? debug_smp_processor_id+0x20/0x30 [ 248.500454] ? rcu_is_watching+0x19/0xb0 [ 248.500908] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.501411] ? trace_hardirqs_on+0x26/0x120 [ 248.501890] do_group_exit+0xe0/0x2b0 [ 248.502310] __x64_sys_exit_group+0x47/0x50 [ 248.502825] do_syscall_64+0x3b/0x90 [ 248.503347] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.504124] RIP: 0033:0x7f4b87518a4d [ 248.504540] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.505203] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.506043] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.506832] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.507878] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.508822] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.509688] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.510614] [ 248.510896] irq event stamp: 0 [ 248.511277] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.512012] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.512934] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.513839] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.514575] ---[ end trace 0000000000000000 ]--- [ 248.519877] ------------[ cut here ]------------ [ 248.520568] WARNING: CPU: 1 PID: 2343 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.521822] Modules linked in: [ 248.522170] CPU: 1 PID: 2343 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.523195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.524494] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.525265] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.527287] RSP: 0018:ffff8880162efbb8 EFLAGS: 00010246 [ 248.527884] RAX: 0000000000000000 RBX: ffff88800b8108a8 RCX: 0000000000000000 [ 248.528800] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 248.529761] RBP: ffff8880162efbd0 R08: ffffed1001702133 R09: ffffed1001702133 [ 248.530557] R10: ffff88800b810993 R11: ffffed1001702132 R12: ffff888013b14c00 [ 248.531338] R13: ffff88800b8109e8 R14: ffffffff8352e670 R15: ffff8880162efe68 [ 248.532116] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.533226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.534011] CR2: 00007f4b877410e8 CR3: 0000000020e22000 CR4: 0000000000750ee0 [ 248.534821] PKRU: 55555554 [ 248.535151] Call Trace: [ 248.535441] [ 248.535696] __iommufd_access_detach+0x1c2/0x2b0 [ 248.536242] iommufd_access_change_pt+0x149/0x270 [ 248.536821] iommufd_access_replace+0xb4/0x120 [ 248.537556] iommufd_test+0x3e5/0x37e0 [ 248.537988] ? lock_release+0x532/0x770 [ 248.538433] ? __might_fault+0x102/0x1b0 [ 248.538917] ? lock_acquire+0x427/0x4c0 [ 248.539385] ? __pfx_iommufd_test+0x10/0x10 [ 248.539856] ? __pfx_lock_release+0x10/0x10 [ 248.540335] ? __pfx_lock_acquire+0x10/0x10 [ 248.540818] ? write_comp_data+0x2f/0x90 [ 248.541359] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.541893] ? write_comp_data+0x2f/0x90 [ 248.542346] iommufd_fops_ioctl+0x37d/0x510 [ 248.542876] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.543429] ? write_comp_data+0x2f/0x90 [ 248.543891] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.544420] __x64_sys_ioctl+0x1a3/0x230 [ 248.544885] do_syscall_64+0x3b/0x90 [ 248.545312] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.545889] RIP: 0033:0x7f4b8743ee5d [ 248.546301] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 248.548344] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 248.549191] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 248.549970] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 248.550782] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 248.551571] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 248.552348] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 248.553144] [ 248.553400] irq event stamp: 0 [ 248.553742] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.554423] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.555389] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.556290] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.556964] ---[ end trace 0000000000000000 ]--- [ 248.560419] ------------[ cut here ]------------ [ 248.560968] WARNING: CPU: 1 PID: 2343 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.562052] Modules linked in: [ 248.562402] CPU: 1 PID: 2343 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.563504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.564729] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.565279] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.567375] RSP: 0018:ffff8880162efbd0 EFLAGS: 00010246 [ 248.567970] RAX: 0000000000000000 RBX: ffff88800b8108a8 RCX: 0000000000000000 [ 248.568741] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 248.569509] RBP: ffff8880162efbe8 R08: ffffed1001702133 R09: ffffed1001702133 [ 248.570279] R10: ffff88800b810993 R11: ffffed1001702132 R12: ffff88801493fc00 [ 248.571083] R13: ffff88800b8109e8 R14: ffff888013d36500 R15: 0000000000000000 [ 248.571868] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.572730] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.573435] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.574220] PKRU: 55555554 [ 248.574574] Call Trace: [ 248.574856] [ 248.575108] iommufd_access_destroy_object+0x65/0x170 [ 248.575695] iommufd_object_destroy_user+0x18e/0x220 [ 248.576245] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 248.576878] iommufd_access_destroy+0x43/0x70 [ 248.577378] iommufd_test_staccess_release+0x8d/0xd0 [ 248.577938] __fput+0x26d/0xa40 [ 248.578311] ____fput+0x1e/0x30 [ 248.578734] task_work_run+0x1a4/0x2d0 [ 248.579179] ? __pfx_task_work_run+0x10/0x10 [ 248.579664] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.580204] ? switch_task_namespaces+0xa9/0xe0 [ 248.580722] do_exit+0xb17/0x2ef0 [ 248.581100] ? lock_acquire+0x427/0x4c0 [ 248.581540] ? __pfx_lock_release+0x10/0x10 [ 248.582014] ? __kasan_check_write+0x18/0x20 [ 248.582499] ? do_raw_spin_lock+0x132/0x2a0 [ 248.583007] ? __pfx_do_exit+0x10/0x10 [ 248.583451] ? debug_smp_processor_id+0x20/0x30 [ 248.583972] ? rcu_is_watching+0x19/0xb0 [ 248.584415] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.584910] ? trace_hardirqs_on+0x26/0x120 [ 248.585389] do_group_exit+0xe0/0x2b0 [ 248.585806] __x64_sys_exit_group+0x47/0x50 [ 248.586279] do_syscall_64+0x3b/0x90 [ 248.586741] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.587349] RIP: 0033:0x7f4b87518a4d [ 248.587763] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.588455] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.589289] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.590056] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.590855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.591642] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.592410] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.593184] [ 248.593440] irq event stamp: 0 [ 248.593784] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.594467] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.595420] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.596317] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.596992] ---[ end trace 0000000000000000 ]--- [ 248.597924] ------------[ cut here ]------------ [ 248.598438] WARNING: CPU: 1 PID: 2343 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 248.599587] Modules linked in: [ 248.599943] CPU: 1 PID: 2343 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.600891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.602105] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 248.602709] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 248.604718] RSP: 0018:ffff8880162efb78 EFLAGS: 00010246 [ 248.605383] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 248.606155] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 248.606978] RBP: ffff8880162efb98 R08: ffffed100170213e R09: ffffed100170213e [ 248.607768] R10: ffff88800b8109ef R11: ffffed100170213d R12: ffff88800b810a90 [ 248.608535] R13: ffff88800b8108a8 R14: ffffffffffffffff R15: ffff8880162efc60 [ 248.609305] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.610176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.610850] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.611637] PKRU: 55555554 [ 248.611954] Call Trace: [ 248.612230] [ 248.612480] iommufd_ioas_destroy+0x53/0x70 [ 248.612959] iommufd_fops_release+0x1f7/0x370 [ 248.613454] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.613997] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.614594] ? write_comp_data+0x2f/0x90 [ 248.615051] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.615615] __fput+0x26d/0xa40 [ 248.615991] ____fput+0x1e/0x30 [ 248.616360] task_work_run+0x1a4/0x2d0 [ 248.616801] ? __pfx_task_work_run+0x10/0x10 [ 248.617294] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.617850] ? switch_task_namespaces+0xa9/0xe0 [ 248.618379] do_exit+0xb17/0x2ef0 [ 248.618812] ? lock_acquire+0x427/0x4c0 [ 248.619293] ? __pfx_lock_release+0x10/0x10 [ 248.619767] ? __kasan_check_write+0x18/0x20 [ 248.620249] ? do_raw_spin_lock+0x132/0x2a0 [ 248.620718] ? __pfx_do_exit+0x10/0x10 [ 248.621153] ? debug_smp_processor_id+0x20/0x30 [ 248.621662] ? rcu_is_watching+0x19/0xb0 [ 248.622104] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.622625] ? trace_hardirqs_on+0x26/0x120 [ 248.623101] do_group_exit+0xe0/0x2b0 [ 248.623542] __x64_sys_exit_group+0x47/0x50 [ 248.624023] do_syscall_64+0x3b/0x90 [ 248.624438] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.625002] RIP: 0033:0x7f4b87518a4d [ 248.625412] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.626076] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.626937] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.627721] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.628497] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.629264] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.630035] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.630899] [ 248.631175] irq event stamp: 0 [ 248.631516] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.632193] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.633097] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.634006] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.634736] ---[ end trace 0000000000000000 ]--- [ 248.639973] ------------[ cut here ]------------ [ 248.640535] WARNING: CPU: 1 PID: 2344 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.641616] Modules linked in: [ 248.641964] CPU: 1 PID: 2344 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.643020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.644260] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.644813] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.646815] RSP: 0018:ffff888014a57bb8 EFLAGS: 00010246 [ 248.647416] RAX: 0000000000000000 RBX: ffff8880173028a8 RCX: 0000000000000000 [ 248.648183] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 248.648948] RBP: ffff888014a57bd0 R08: ffffed1002e60533 R09: ffffed1002e60533 [ 248.649724] R10: ffff888017302993 R11: ffffed1002e60532 R12: ffff888013b21000 [ 248.650485] R13: ffff8880173029e8 R14: ffffffff8352e670 R15: ffff888014a57e68 [ 248.651322] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.652203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.652838] CR2: 0000000020000140 CR3: 0000000013bac000 CR4: 0000000000750ee0 [ 248.653615] PKRU: 55555554 [ 248.653920] Call Trace: [ 248.654198] [ 248.654446] __iommufd_access_detach+0x1c2/0x2b0 [ 248.655023] iommufd_access_change_pt+0x149/0x270 [ 248.655578] iommufd_access_replace+0xb4/0x120 [ 248.656080] iommufd_test+0x3e5/0x37e0 [ 248.656504] ? lock_release+0x532/0x770 [ 248.656944] ? __might_fault+0x102/0x1b0 [ 248.657394] ? lock_acquire+0x427/0x4c0 [ 248.657834] ? __pfx_iommufd_test+0x10/0x10 [ 248.658301] ? __pfx_lock_release+0x10/0x10 [ 248.658824] ? __pfx_lock_acquire+0x10/0x10 [ 248.659326] ? write_comp_data+0x2f/0x90 [ 248.659778] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.660311] ? write_comp_data+0x2f/0x90 [ 248.660764] iommufd_fops_ioctl+0x37d/0x510 [ 248.661242] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.661776] ? write_comp_data+0x2f/0x90 [ 248.662234] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.662801] __x64_sys_ioctl+0x1a3/0x230 [ 248.663273] do_syscall_64+0x3b/0x90 [ 248.663698] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.664273] RIP: 0033:0x7f4b8743ee5d [ 248.664686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 248.666744] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 248.667593] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 248.668361] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 248.669214] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 248.669996] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 248.670816] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 248.671613] [ 248.671865] irq event stamp: 0 [ 248.672210] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.672900] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.673798] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.674740] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.675457] ---[ end trace 0000000000000000 ]--- [ 248.679016] ------------[ cut here ]------------ [ 248.679589] WARNING: CPU: 1 PID: 2344 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.680679] Modules linked in: [ 248.681033] CPU: 1 PID: 2344 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.681981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.683291] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.683861] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.685834] RSP: 0018:ffff888014a57bd0 EFLAGS: 00010246 [ 248.686423] RAX: 0000000000000000 RBX: ffff8880173028a8 RCX: 0000000000000000 [ 248.687248] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 248.688018] RBP: ffff888014a57be8 R08: ffffed1002e60533 R09: ffffed1002e60533 [ 248.688785] R10: ffff888017302993 R11: ffffed1002e60532 R12: ffff888013b16c00 [ 248.689572] R13: ffff8880173029e8 R14: ffff888020a72300 R15: 0000000000000000 [ 248.690360] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.691282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.691912] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.692675] PKRU: 55555554 [ 248.692985] Call Trace: [ 248.693270] [ 248.693524] iommufd_access_destroy_object+0x65/0x170 [ 248.694093] iommufd_object_destroy_user+0x18e/0x220 [ 248.694668] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 248.695331] iommufd_access_destroy+0x43/0x70 [ 248.695843] iommufd_test_staccess_release+0x8d/0xd0 [ 248.696421] __fput+0x26d/0xa40 [ 248.696798] ____fput+0x1e/0x30 [ 248.697170] task_work_run+0x1a4/0x2d0 [ 248.697606] ? __pfx_task_work_run+0x10/0x10 [ 248.698087] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.698692] ? switch_task_namespaces+0xa9/0xe0 [ 248.699234] do_exit+0xb17/0x2ef0 [ 248.699622] ? lock_acquire+0x427/0x4c0 [ 248.700075] ? __pfx_lock_release+0x10/0x10 [ 248.700549] ? __kasan_check_write+0x18/0x20 [ 248.701118] ? do_raw_spin_lock+0x132/0x2a0 [ 248.701584] ? __pfx_do_exit+0x10/0x10 [ 248.702021] ? debug_smp_processor_id+0x20/0x30 [ 248.702580] ? rcu_is_watching+0x19/0xb0 [ 248.703033] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.703541] ? trace_hardirqs_on+0x26/0x120 [ 248.704020] do_group_exit+0xe0/0x2b0 [ 248.704444] __x64_sys_exit_group+0x47/0x50 [ 248.704919] do_syscall_64+0x3b/0x90 [ 248.705329] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.705896] RIP: 0033:0x7f4b87518a4d [ 248.706305] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.707015] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.707855] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.708624] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.709397] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.710157] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.710947] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.711738] [ 248.711993] irq event stamp: 0 [ 248.712340] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.713034] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.713935] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.714880] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.715612] ---[ end trace 0000000000000000 ]--- [ 248.716537] ------------[ cut here ]------------ [ 248.717050] WARNING: CPU: 1 PID: 2344 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 248.718169] Modules linked in: [ 248.718572] CPU: 1 PID: 2344 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.719553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.720786] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 248.721350] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 248.723377] RSP: 0018:ffff888014a57b78 EFLAGS: 00010246 [ 248.723963] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 248.724728] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 248.725492] RBP: ffff888014a57b98 R08: ffffed1002e6053e R09: ffffed1002e6053e [ 248.726258] R10: ffff8880173029ef R11: ffffed1002e6053d R12: ffff888017302a90 [ 248.727049] R13: ffff8880173028a8 R14: ffffffffffffffff R15: ffff888014a57c60 [ 248.727806] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.728667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.729281] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.730037] PKRU: 55555554 [ 248.730340] Call Trace: [ 248.730644] [ 248.730894] iommufd_ioas_destroy+0x53/0x70 [ 248.731383] iommufd_fops_release+0x1f7/0x370 [ 248.731870] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.732402] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.733008] ? write_comp_data+0x2f/0x90 [ 248.733453] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.733993] __fput+0x26d/0xa40 [ 248.734368] ____fput+0x1e/0x30 [ 248.734758] task_work_run+0x1a4/0x2d0 [ 248.735195] ? __pfx_task_work_run+0x10/0x10 [ 248.735674] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.736198] ? switch_task_namespaces+0xa9/0xe0 [ 248.736714] do_exit+0xb17/0x2ef0 [ 248.737089] ? lock_acquire+0x427/0x4c0 [ 248.737518] ? __pfx_lock_release+0x10/0x10 [ 248.737987] ? __kasan_check_write+0x18/0x20 [ 248.738463] ? do_raw_spin_lock+0x132/0x2a0 [ 248.738957] ? __pfx_do_exit+0x10/0x10 [ 248.739409] ? debug_smp_processor_id+0x20/0x30 [ 248.739923] ? rcu_is_watching+0x19/0xb0 [ 248.740359] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.740847] ? trace_hardirqs_on+0x26/0x120 [ 248.741314] do_group_exit+0xe0/0x2b0 [ 248.741723] __x64_sys_exit_group+0x47/0x50 [ 248.742179] do_syscall_64+0x3b/0x90 [ 248.742608] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.743191] RIP: 0033:0x7f4b87518a4d [ 248.743592] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.744243] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.745053] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.745816] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.746609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.747409] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.748167] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.748940] [ 248.749193] irq event stamp: 0 [ 248.749530] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.750202] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.751142] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.752037] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.752706] ---[ end trace 0000000000000000 ]--- [ 248.757693] ------------[ cut here ]------------ [ 248.758260] WARNING: CPU: 1 PID: 2345 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.759399] Modules linked in: [ 248.759745] CPU: 1 PID: 2345 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.760669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.761864] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.762393] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.764629] RSP: 0018:ffff888018827bb8 EFLAGS: 00010246 [ 248.765292] RAX: 0000000000000000 RBX: ffff888016c188a8 RCX: 0000000000000000 [ 248.766045] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 248.766827] RBP: ffff888018827bd0 R08: ffffed1002d83133 R09: ffffed1002d83133 [ 248.767682] R10: ffff888016c18993 R11: ffffed1002d83132 R12: ffff8880129c6c00 [ 248.768463] R13: ffff888016c189e8 R14: ffffffff8352e670 R15: ffff888018827e68 [ 248.769529] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.770390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.771053] CR2: 0000000020000140 CR3: 0000000013eb6000 CR4: 0000000000750ee0 [ 248.772083] PKRU: 55555554 [ 248.772399] Call Trace: [ 248.772681] [ 248.772927] __iommufd_access_detach+0x1c2/0x2b0 [ 248.773462] iommufd_access_change_pt+0x149/0x270 [ 248.774108] iommufd_access_replace+0xb4/0x120 [ 248.774767] iommufd_test+0x3e5/0x37e0 [ 248.775204] ? lock_release+0x532/0x770 [ 248.775649] ? __might_fault+0x102/0x1b0 [ 248.776109] ? lock_acquire+0x427/0x4c0 [ 248.776559] ? __pfx_iommufd_test+0x10/0x10 [ 248.777031] ? __pfx_lock_release+0x10/0x10 [ 248.777732] ? __pfx_lock_acquire+0x10/0x10 [ 248.778212] ? write_comp_data+0x2f/0x90 [ 248.778704] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.779270] ? write_comp_data+0x2f/0x90 [ 248.779719] iommufd_fops_ioctl+0x37d/0x510 [ 248.780264] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.780973] ? write_comp_data+0x2f/0x90 [ 248.781430] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.781951] __x64_sys_ioctl+0x1a3/0x230 [ 248.782402] do_syscall_64+0x3b/0x90 [ 248.782844] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.783427] RIP: 0033:0x7f4b8743ee5d [ 248.783834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 248.785953] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 248.787030] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 248.787795] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 248.788550] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 248.789308] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 248.790068] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 248.791000] [ 248.791398] irq event stamp: 0 [ 248.791760] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.792431] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.793331] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.794218] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.794924] ---[ end trace 0000000000000000 ]--- [ 248.798305] ------------[ cut here ]------------ [ 248.798888] WARNING: CPU: 1 PID: 2345 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.799991] Modules linked in: [ 248.800333] CPU: 1 PID: 2345 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.801493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.802748] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.803289] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.805231] RSP: 0018:ffff888018827bd0 EFLAGS: 00010246 [ 248.805881] RAX: 0000000000000000 RBX: ffff888016c188a8 RCX: 0000000000000000 [ 248.806905] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 248.807680] RBP: ffff888018827be8 R08: ffffed1002d83133 R09: ffffed1002d83133 [ 248.808448] R10: ffff888016c18993 R11: ffffed1002d83132 R12: ffff888013b22000 [ 248.809219] R13: ffff888016c189e8 R14: ffff88800fd1cf00 R15: 0000000000000000 [ 248.809987] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.810970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.811850] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.812619] PKRU: 55555554 [ 248.812931] Call Trace: [ 248.813205] [ 248.813448] iommufd_access_destroy_object+0x65/0x170 [ 248.814015] iommufd_object_destroy_user+0x18e/0x220 [ 248.814589] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 248.815228] iommufd_access_destroy+0x43/0x70 [ 248.815722] iommufd_test_staccess_release+0x8d/0xd0 [ 248.816283] __fput+0x26d/0xa40 [ 248.816657] ____fput+0x1e/0x30 [ 248.817092] task_work_run+0x1a4/0x2d0 [ 248.817666] ? __pfx_task_work_run+0x10/0x10 [ 248.818337] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.818921] ? switch_task_namespaces+0xa9/0xe0 [ 248.819471] do_exit+0xb17/0x2ef0 [ 248.819845] ? lock_acquire+0x427/0x4c0 [ 248.820283] ? __pfx_lock_release+0x10/0x10 [ 248.820751] ? __kasan_check_write+0x18/0x20 [ 248.821227] ? do_raw_spin_lock+0x132/0x2a0 [ 248.821699] ? __pfx_do_exit+0x10/0x10 [ 248.822143] ? debug_smp_processor_id+0x20/0x30 [ 248.822781] ? rcu_is_watching+0x19/0xb0 [ 248.823421] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.823916] ? trace_hardirqs_on+0x26/0x120 [ 248.824385] do_group_exit+0xe0/0x2b0 [ 248.824802] __x64_sys_exit_group+0x47/0x50 [ 248.825264] do_syscall_64+0x3b/0x90 [ 248.825676] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.826244] RIP: 0033:0x7f4b87518a4d [ 248.826677] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.827355] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.828174] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.829174] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.830124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.830914] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.831692] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.832475] [ 248.832731] irq event stamp: 0 [ 248.833068] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.833777] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.834978] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.835886] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.836566] ---[ end trace 0000000000000000 ]--- [ 248.837454] ------------[ cut here ]------------ [ 248.837953] WARNING: CPU: 1 PID: 2345 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 248.839105] Modules linked in: [ 248.839626] CPU: 1 PID: 2345 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.840560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.841777] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 248.842636] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 248.844633] RSP: 0018:ffff888018827b78 EFLAGS: 00010246 [ 248.845340] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 248.846209] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 248.847045] RBP: ffff888018827b98 R08: ffffed1002d8313e R09: ffffed1002d8313e [ 248.847835] R10: ffff888016c189ef R11: ffffed1002d8313d R12: ffff888016c18a90 [ 248.848823] R13: ffff888016c188a8 R14: ffffffffffffffff R15: ffff888018827c60 [ 248.849710] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.850808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.851463] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.852237] PKRU: 55555554 [ 248.852544] Call Trace: [ 248.852825] [ 248.853073] iommufd_ioas_destroy+0x53/0x70 [ 248.853772] iommufd_fops_release+0x1f7/0x370 [ 248.854269] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.854857] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.855418] ? write_comp_data+0x2f/0x90 [ 248.855867] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.856533] __fput+0x26d/0xa40 [ 248.857013] ____fput+0x1e/0x30 [ 248.857387] task_work_run+0x1a4/0x2d0 [ 248.857825] ? __pfx_task_work_run+0x10/0x10 [ 248.858309] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.858893] ? switch_task_namespaces+0xa9/0xe0 [ 248.859561] do_exit+0xb17/0x2ef0 [ 248.859947] ? lock_acquire+0x427/0x4c0 [ 248.860387] ? __pfx_lock_release+0x10/0x10 [ 248.860872] ? __kasan_check_write+0x18/0x20 [ 248.861426] ? do_raw_spin_lock+0x132/0x2a0 [ 248.862025] ? __pfx_do_exit+0x10/0x10 [ 248.862580] ? debug_smp_processor_id+0x20/0x30 [ 248.863105] ? rcu_is_watching+0x19/0xb0 [ 248.863581] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.864078] ? trace_hardirqs_on+0x26/0x120 [ 248.864565] do_group_exit+0xe0/0x2b0 [ 248.865108] __x64_sys_exit_group+0x47/0x50 [ 248.865678] do_syscall_64+0x3b/0x90 [ 248.866100] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.866711] RIP: 0033:0x7f4b87518a4d [ 248.867135] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.867845] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.868801] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.869575] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.870390] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.871349] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.872121] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.872903] [ 248.873203] irq event stamp: 0 [ 248.873712] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.874403] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.875398] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.876444] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.877253] ---[ end trace 0000000000000000 ]--- [ 248.882260] ------------[ cut here ]------------ [ 248.882883] WARNING: CPU: 1 PID: 2346 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.884001] Modules linked in: [ 248.884360] CPU: 1 PID: 2346 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.885561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.886830] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.887509] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.889598] RSP: 0018:ffff8880180cfbb8 EFLAGS: 00010246 [ 248.890432] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 248.891254] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 248.892028] RBP: ffff8880180cfbd0 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 248.893107] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff88800f143400 [ 248.893890] R13: ffff8880158789e8 R14: ffffffff8352e670 R15: ffff8880180cfe68 [ 248.894696] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.895812] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.896458] CR2: 0000000020000140 CR3: 000000001489c000 CR4: 0000000000750ee0 [ 248.897244] PKRU: 55555554 [ 248.897620] Call Trace: [ 248.898030] [ 248.898291] __iommufd_access_detach+0x1c2/0x2b0 [ 248.898861] iommufd_access_change_pt+0x149/0x270 [ 248.899420] iommufd_access_replace+0xb4/0x120 [ 248.899942] iommufd_test+0x3e5/0x37e0 [ 248.900577] ? lock_release+0x532/0x770 [ 248.901032] ? __might_fault+0x102/0x1b0 [ 248.901491] ? lock_acquire+0x427/0x4c0 [ 248.901935] ? __pfx_iommufd_test+0x10/0x10 [ 248.902409] ? __pfx_lock_release+0x10/0x10 [ 248.903159] ? __pfx_lock_acquire+0x10/0x10 [ 248.903654] ? write_comp_data+0x2f/0x90 [ 248.904116] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.904659] ? write_comp_data+0x2f/0x90 [ 248.905121] iommufd_fops_ioctl+0x37d/0x510 [ 248.905816] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.906352] ? write_comp_data+0x2f/0x90 [ 248.906838] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 248.907405] __x64_sys_ioctl+0x1a3/0x230 [ 248.907921] do_syscall_64+0x3b/0x90 [ 248.908473] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.909054] RIP: 0033:0x7f4b8743ee5d [ 248.909471] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 248.911726] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 248.912580] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 248.913597] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 248.914377] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 248.915190] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 248.916201] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 248.916995] [ 248.917263] irq event stamp: 0 [ 248.917624] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.918621] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.919549] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.920473] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.921452] ---[ end trace 0000000000000000 ]--- [ 248.927102] ------------[ cut here ]------------ [ 248.927690] WARNING: CPU: 1 PID: 2346 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 248.929024] Modules linked in: [ 248.929372] CPU: 1 PID: 2346 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.930318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.931834] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 248.932397] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 248.934651] RSP: 0018:ffff8880180cfbd0 EFLAGS: 00010246 [ 248.935269] RAX: 0000000000000000 RBX: ffff8880158788a8 RCX: 0000000000000000 [ 248.936048] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 248.937054] RBP: ffff8880180cfbe8 R08: ffffed1002b0f133 R09: ffffed1002b0f133 [ 248.937834] R10: ffff888015878993 R11: ffffed1002b0f132 R12: ffff8880129c7000 [ 248.938643] R13: ffff8880158789e8 R14: ffff8880149ba300 R15: 0000000000000000 [ 248.939576] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 248.940576] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.941218] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 248.942127] PKRU: 55555554 [ 248.942542] Call Trace: [ 248.942824] [ 248.943071] iommufd_access_destroy_object+0x65/0x170 [ 248.943656] iommufd_object_destroy_user+0x18e/0x220 [ 248.944219] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 248.945072] iommufd_access_destroy+0x43/0x70 [ 248.945586] iommufd_test_staccess_release+0x8d/0xd0 [ 248.946155] __fput+0x26d/0xa40 [ 248.946555] ____fput+0x1e/0x30 [ 248.946987] task_work_run+0x1a4/0x2d0 [ 248.947554] ? __pfx_task_work_run+0x10/0x10 [ 248.948042] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.948583] ? switch_task_namespaces+0xa9/0xe0 [ 248.949114] do_exit+0xb17/0x2ef0 [ 248.949598] ? lock_acquire+0x427/0x4c0 [ 248.950167] ? __pfx_lock_release+0x10/0x10 [ 248.950674] ? __kasan_check_write+0x18/0x20 [ 248.951183] ? do_raw_spin_lock+0x132/0x2a0 [ 248.951657] ? __pfx_do_exit+0x10/0x10 [ 248.952093] ? debug_smp_processor_id+0x20/0x30 [ 248.952595] ? rcu_is_watching+0x19/0xb0 [ 248.953040] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.953531] ? trace_hardirqs_on+0x26/0x120 [ 248.954006] do_group_exit+0xe0/0x2b0 [ 248.954419] __x64_sys_exit_group+0x47/0x50 [ 248.954959] do_syscall_64+0x3b/0x90 [ 248.955395] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.955962] RIP: 0033:0x7f4b87518a4d [ 248.956375] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.957121] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.957956] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.958748] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.959523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.960283] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 248.961047] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 248.961813] [ 248.962065] irq event stamp: 0 [ 248.962398] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 248.963097] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 248.964004] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 248.964899] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 248.965582] ---[ end trace 0000000000000000 ]--- [ 248.966804] ------------[ cut here ]------------ [ 248.967385] WARNING: CPU: 0 PID: 2346 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 248.968439] Modules linked in: [ 248.968780] CPU: 0 PID: 2346 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 248.969669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 248.970943] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 248.971507] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 248.973424] RSP: 0018:ffff8880180cfb78 EFLAGS: 00010246 [ 248.973981] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 248.974767] RDX: 0000000000000000 RSI: ffff88800cbf4a00 RDI: 0000000000000002 [ 248.975544] RBP: ffff8880180cfb98 R08: ffffed1002b0f13e R09: ffffed1002b0f13e [ 248.976286] R10: ffff8880158789ef R11: ffffed1002b0f13d R12: ffff888015878a90 [ 248.977022] R13: ffff8880158788a8 R14: ffffffffffffffff R15: ffff8880180cfc60 [ 248.977771] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 248.978636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.979260] CR2: 00007f82e2ba4018 CR3: 0000000011f7a000 CR4: 0000000000750ef0 [ 248.980018] PKRU: 55555554 [ 248.980314] Call Trace: [ 248.980592] [ 248.980837] iommufd_ioas_destroy+0x53/0x70 [ 248.981300] iommufd_fops_release+0x1f7/0x370 [ 248.981775] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.982301] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.982871] ? write_comp_data+0x2f/0x90 [ 248.983341] ? __pfx_iommufd_fops_release+0x10/0x10 [ 248.983871] __fput+0x26d/0xa40 [ 248.984227] ____fput+0x1e/0x30 [ 248.984589] task_work_run+0x1a4/0x2d0 [ 248.985017] ? __pfx_task_work_run+0x10/0x10 [ 248.985484] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 248.985989] ? switch_task_namespaces+0xa9/0xe0 [ 248.986498] do_exit+0xb17/0x2ef0 [ 248.986912] ? lock_acquire+0x427/0x4c0 [ 248.987374] ? __pfx_lock_release+0x10/0x10 [ 248.987843] ? __kasan_check_write+0x18/0x20 [ 248.988307] ? do_raw_spin_lock+0x132/0x2a0 [ 248.988775] ? __pfx_do_exit+0x10/0x10 [ 248.989190] ? debug_smp_processor_id+0x20/0x30 [ 248.989690] ? rcu_is_watching+0x19/0xb0 [ 248.990119] ? _raw_spin_unlock_irq+0x2b/0x60 [ 248.990635] ? trace_hardirqs_on+0x26/0x120 [ 248.991109] do_group_exit+0xe0/0x2b0 [ 248.991807] __x64_sys_exit_group+0x47/0x50 [ 248.992417] do_syscall_64+0x3b/0x90 [ 248.992970] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 248.993698] RIP: 0033:0x7f4b87518a4d [ 248.994230] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 248.995184] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 248.996238] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 248.997196] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 248.998164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 248.999227] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.000199] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.001176] [ 249.001514] irq event stamp: 0 [ 249.001960] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.002876] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.004035] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.005151] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.006005] ---[ end trace 0000000000000000 ]--- [ 249.012363] ------------[ cut here ]------------ [ 249.012958] WARNING: CPU: 1 PID: 2347 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.014060] Modules linked in: [ 249.014408] CPU: 1 PID: 2347 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.015408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.016628] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.017163] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.019194] RSP: 0018:ffff888018607bb8 EFLAGS: 00010246 [ 249.019767] RAX: 0000000000000000 RBX: ffff888021a478a8 RCX: 0000000000000000 [ 249.020534] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 249.021375] RBP: ffff888018607bd0 R08: ffffed1004348f33 R09: ffffed1004348f33 [ 249.022133] R10: ffff888021a47993 R11: ffffed1004348f32 R12: ffff88802095d800 [ 249.022922] R13: ffff888021a479e8 R14: ffffffff8352e670 R15: ffff888018607e68 [ 249.023678] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.024520] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.025140] CR2: 0000000020000140 CR3: 0000000013d2a000 CR4: 0000000000750ee0 [ 249.025899] PKRU: 55555554 [ 249.026208] Call Trace: [ 249.026480] [ 249.026754] __iommufd_access_detach+0x1c2/0x2b0 [ 249.027302] iommufd_access_change_pt+0x149/0x270 [ 249.027823] iommufd_access_replace+0xb4/0x120 [ 249.028330] iommufd_test+0x3e5/0x37e0 [ 249.028753] ? lock_release+0x532/0x770 [ 249.029285] ? __might_fault+0x102/0x1b0 [ 249.029894] ? lock_acquire+0x427/0x4c0 [ 249.030688] ? __pfx_iommufd_test+0x10/0x10 [ 249.031170] ? __pfx_lock_release+0x10/0x10 [ 249.031624] ? __pfx_lock_acquire+0x10/0x10 [ 249.032080] ? write_comp_data+0x2f/0x90 [ 249.032515] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.033022] ? write_comp_data+0x2f/0x90 [ 249.033450] iommufd_fops_ioctl+0x37d/0x510 [ 249.033907] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.034417] ? write_comp_data+0x2f/0x90 [ 249.034899] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.035660] __x64_sys_ioctl+0x1a3/0x230 [ 249.036261] do_syscall_64+0x3b/0x90 [ 249.036666] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.037216] RIP: 0033:0x7f4b8743ee5d [ 249.037620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 249.039576] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 249.040379] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 249.041369] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 249.042115] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 249.042888] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 249.043698] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 249.044620] [ 249.044866] irq event stamp: 0 [ 249.045202] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.045880] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.047035] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.047930] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.048595] ---[ end trace 0000000000000000 ]--- [ 249.052214] ------------[ cut here ]------------ [ 249.052757] WARNING: CPU: 1 PID: 2347 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.053893] Modules linked in: [ 249.054355] CPU: 1 PID: 2347 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.055427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.056623] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.057288] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.059340] RSP: 0018:ffff888018607bd0 EFLAGS: 00010246 [ 249.060045] RAX: 0000000000000000 RBX: ffff888021a478a8 RCX: 0000000000000000 [ 249.060892] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 249.061635] RBP: ffff888018607be8 R08: ffffed1004348f33 R09: ffffed1004348f33 [ 249.062653] R10: ffff888021a47993 R11: ffffed1004348f32 R12: ffff88800f141800 [ 249.063424] R13: ffff888021a479e8 R14: ffff8880122cc300 R15: 0000000000000000 [ 249.064173] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.065153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.065836] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.066625] PKRU: 55555554 [ 249.066932] Call Trace: [ 249.067242] [ 249.067485] iommufd_access_destroy_object+0x65/0x170 [ 249.068241] iommufd_object_destroy_user+0x18e/0x220 [ 249.068793] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 249.069419] iommufd_access_destroy+0x43/0x70 [ 249.069914] iommufd_test_staccess_release+0x8d/0xd0 [ 249.070707] __fput+0x26d/0xa40 [ 249.071095] ____fput+0x1e/0x30 [ 249.071481] task_work_run+0x1a4/0x2d0 [ 249.071913] ? __pfx_task_work_run+0x10/0x10 [ 249.072401] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.072965] ? switch_task_namespaces+0xa9/0xe0 [ 249.073634] do_exit+0xb17/0x2ef0 [ 249.074017] ? lock_acquire+0x427/0x4c0 [ 249.074456] ? __pfx_lock_release+0x10/0x10 [ 249.074960] ? __kasan_check_write+0x18/0x20 [ 249.075466] ? do_raw_spin_lock+0x132/0x2a0 [ 249.075978] ? __pfx_do_exit+0x10/0x10 [ 249.076576] ? debug_smp_processor_id+0x20/0x30 [ 249.077094] ? rcu_is_watching+0x19/0xb0 [ 249.077545] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.078054] ? trace_hardirqs_on+0x26/0x120 [ 249.078634] do_group_exit+0xe0/0x2b0 [ 249.079178] __x64_sys_exit_group+0x47/0x50 [ 249.079649] do_syscall_64+0x3b/0x90 [ 249.080061] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.080625] RIP: 0033:0x7f4b87518a4d [ 249.081035] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.081912] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.082766] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.083552] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.084386] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.085354] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.086121] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.087049] [ 249.087413] irq event stamp: 0 [ 249.087758] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.088433] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.089337] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.090453] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.091180] ---[ end trace 0000000000000000 ]--- [ 249.092108] ------------[ cut here ]------------ [ 249.092740] WARNING: CPU: 1 PID: 2347 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 249.093930] Modules linked in: [ 249.094282] CPU: 1 PID: 2347 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.095400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.096645] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 249.097201] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 249.099467] RSP: 0018:ffff888018607b78 EFLAGS: 00010246 [ 249.100057] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 249.100812] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 249.101571] RBP: ffff888018607b98 R08: ffffed1004348f3e R09: ffffed1004348f3e [ 249.102336] R10: ffff888021a479ef R11: ffffed1004348f3d R12: ffff888021a47a90 [ 249.103138] R13: ffff888021a478a8 R14: ffffffffffffffff R15: ffff888018607c60 [ 249.103899] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.104757] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.105375] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.106134] PKRU: 55555554 [ 249.106440] Call Trace: [ 249.106751] [ 249.106999] iommufd_ioas_destroy+0x53/0x70 [ 249.107481] iommufd_fops_release+0x1f7/0x370 [ 249.107966] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.108503] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.109029] ? write_comp_data+0x2f/0x90 [ 249.109475] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.110006] __fput+0x26d/0xa40 [ 249.110374] ____fput+0x1e/0x30 [ 249.110769] task_work_run+0x1a4/0x2d0 [ 249.111210] ? __pfx_task_work_run+0x10/0x10 [ 249.111696] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.112218] ? switch_task_namespaces+0xa9/0xe0 [ 249.112724] do_exit+0xb17/0x2ef0 [ 249.113094] ? lock_acquire+0x427/0x4c0 [ 249.113531] ? __pfx_lock_release+0x10/0x10 [ 249.113996] ? __kasan_check_write+0x18/0x20 [ 249.114475] ? do_raw_spin_lock+0x132/0x2a0 [ 249.114979] ? __pfx_do_exit+0x10/0x10 [ 249.115421] ? debug_smp_processor_id+0x20/0x30 [ 249.115933] ? rcu_is_watching+0x19/0xb0 [ 249.116381] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.116885] ? trace_hardirqs_on+0x26/0x120 [ 249.117422] do_group_exit+0xe0/0x2b0 [ 249.117838] __x64_sys_exit_group+0x47/0x50 [ 249.118299] do_syscall_64+0x3b/0x90 [ 249.118741] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.119323] RIP: 0033:0x7f4b87518a4d [ 249.119723] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.120381] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.121190] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.121941] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.122719] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.123494] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.124249] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.125015] [ 249.125268] irq event stamp: 0 [ 249.125604] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.126265] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.127186] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.128075] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.128744] ---[ end trace 0000000000000000 ]--- [ 249.134060] ------------[ cut here ]------------ [ 249.134868] WARNING: CPU: 1 PID: 2348 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.135957] Modules linked in: [ 249.136298] CPU: 1 PID: 2348 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.137215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.138408] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.139098] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.141050] RSP: 0018:ffff888014befbb8 EFLAGS: 00010246 [ 249.141612] RAX: 0000000000000000 RBX: ffff8880162ca8a8 RCX: 0000000000000000 [ 249.142365] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 249.143158] RBP: ffff888014befbd0 R08: ffffed1002c59533 R09: ffffed1002c59533 [ 249.143918] R10: ffff8880162ca993 R11: ffffed1002c59532 R12: ffff88801422d000 [ 249.144694] R13: ffff8880162ca9e8 R14: ffffffff8352e670 R15: ffff888014befe68 [ 249.145443] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.146297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.146946] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 249.147720] PKRU: 55555554 [ 249.148025] Call Trace: [ 249.148300] [ 249.148536] __iommufd_access_detach+0x1c2/0x2b0 [ 249.149120] iommufd_access_change_pt+0x149/0x270 [ 249.149644] iommufd_access_replace+0xb4/0x120 [ 249.150144] iommufd_test+0x3e5/0x37e0 [ 249.150594] ? lock_release+0x532/0x770 [ 249.151038] ? __might_fault+0x102/0x1b0 [ 249.151515] ? lock_acquire+0x427/0x4c0 [ 249.151950] ? __pfx_iommufd_test+0x10/0x10 [ 249.152415] ? __pfx_lock_release+0x10/0x10 [ 249.152887] ? __pfx_lock_acquire+0x10/0x10 [ 249.153358] ? write_comp_data+0x2f/0x90 [ 249.153796] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.154314] ? write_comp_data+0x2f/0x90 [ 249.154776] iommufd_fops_ioctl+0x37d/0x510 [ 249.155258] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.155775] ? write_comp_data+0x2f/0x90 [ 249.156213] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.156726] __x64_sys_ioctl+0x1a3/0x230 [ 249.157156] do_syscall_64+0x3b/0x90 [ 249.157554] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.158110] RIP: 0033:0x7f4b8743ee5d [ 249.158542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 249.160453] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 249.161258] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 249.162009] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 249.162789] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 249.163559] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 249.164302] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 249.165050] [ 249.165297] irq event stamp: 0 [ 249.165632] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.166291] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.167215] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.168098] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.168758] ---[ end trace 0000000000000000 ]--- [ 249.171992] ------------[ cut here ]------------ [ 249.172509] WARNING: CPU: 1 PID: 2348 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.173553] Modules linked in: [ 249.173883] CPU: 1 PID: 2348 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.174805] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.175993] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.176511] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.178379] RSP: 0018:ffff888014befbd0 EFLAGS: 00010246 [ 249.178917] RAX: 0000000000000000 RBX: ffff8880162ca8a8 RCX: 0000000000000000 [ 249.179621] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 249.180303] RBP: ffff888014befbe8 R08: ffffed1002c59533 R09: ffffed1002c59533 [ 249.181042] R10: ffff8880162ca993 R11: ffffed1002c59532 R12: ffff88802095d000 [ 249.181720] R13: ffff8880162ca9e8 R14: ffff88800fd41f00 R15: 0000000000000000 [ 249.182393] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.183186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.183738] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.184407] PKRU: 55555554 [ 249.184679] Call Trace: [ 249.184926] [ 249.185147] iommufd_access_destroy_object+0x65/0x170 [ 249.185653] iommufd_object_destroy_user+0x18e/0x220 [ 249.186156] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 249.186742] iommufd_access_destroy+0x43/0x70 [ 249.187195] iommufd_test_staccess_release+0x8d/0xd0 [ 249.187680] __fput+0x26d/0xa40 [ 249.188017] ____fput+0x1e/0x30 [ 249.188352] task_work_run+0x1a4/0x2d0 [ 249.188748] ? __pfx_task_work_run+0x10/0x10 [ 249.189187] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.189684] ? switch_task_namespaces+0xa9/0xe0 [ 249.190149] do_exit+0xb17/0x2ef0 [ 249.190497] ? lock_acquire+0x427/0x4c0 [ 249.190941] ? __pfx_lock_release+0x10/0x10 [ 249.191392] ? __kasan_check_write+0x18/0x20 [ 249.191831] ? do_raw_spin_lock+0x132/0x2a0 [ 249.192252] ? __pfx_do_exit+0x10/0x10 [ 249.192640] ? debug_smp_processor_id+0x20/0x30 [ 249.193095] ? rcu_is_watching+0x19/0xb0 [ 249.193490] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.193927] ? trace_hardirqs_on+0x26/0x120 [ 249.194350] do_group_exit+0xe0/0x2b0 [ 249.194760] __x64_sys_exit_group+0x47/0x50 [ 249.195205] do_syscall_64+0x3b/0x90 [ 249.195577] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.196080] RIP: 0033:0x7f4b87518a4d [ 249.196433] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.197013] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.197744] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.198435] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.199152] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.199836] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.200517] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.201216] [ 249.201445] irq event stamp: 0 [ 249.201751] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.202363] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.203200] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.204006] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.204612] ---[ end trace 0000000000000000 ]--- [ 249.205434] ------------[ cut here ]------------ [ 249.205883] WARNING: CPU: 1 PID: 2348 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 249.206884] Modules linked in: [ 249.207218] CPU: 1 PID: 2348 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.208056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.209142] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 249.209648] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 249.211414] RSP: 0018:ffff888014befb78 EFLAGS: 00010246 [ 249.211927] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 249.212600] RDX: 0000000000000000 RSI: ffff88801481a500 RDI: 0000000000000002 [ 249.213335] RBP: ffff888014befb98 R08: ffffed1002c5953e R09: ffffed1002c5953e [ 249.214007] R10: ffff8880162ca9ef R11: ffffed1002c5953d R12: ffff8880162caa90 [ 249.214697] R13: ffff8880162ca8a8 R14: ffffffffffffffff R15: ffff888014befc60 [ 249.215387] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.216155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.216703] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.217373] PKRU: 55555554 [ 249.217647] Call Trace: [ 249.217891] [ 249.218108] iommufd_ioas_destroy+0x53/0x70 [ 249.218571] iommufd_fops_release+0x1f7/0x370 [ 249.219011] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.219500] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.219974] ? write_comp_data+0x2f/0x90 [ 249.220373] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.220854] __fput+0x26d/0xa40 [ 249.221187] ____fput+0x1e/0x30 [ 249.221517] task_work_run+0x1a4/0x2d0 [ 249.221901] ? __pfx_task_work_run+0x10/0x10 [ 249.222331] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.222832] ? switch_task_namespaces+0xa9/0xe0 [ 249.223316] do_exit+0xb17/0x2ef0 [ 249.223669] ? lock_acquire+0x427/0x4c0 [ 249.224063] ? __pfx_lock_release+0x10/0x10 [ 249.224487] ? __kasan_check_write+0x18/0x20 [ 249.224917] ? do_raw_spin_lock+0x132/0x2a0 [ 249.225332] ? __pfx_do_exit+0x10/0x10 [ 249.225713] ? debug_smp_processor_id+0x20/0x30 [ 249.226168] ? rcu_is_watching+0x19/0xb0 [ 249.226583] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.227025] ? trace_hardirqs_on+0x26/0x120 [ 249.227473] do_group_exit+0xe0/0x2b0 [ 249.227850] __x64_sys_exit_group+0x47/0x50 [ 249.228272] do_syscall_64+0x3b/0x90 [ 249.228646] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.229155] RIP: 0033:0x7f4b87518a4d [ 249.229511] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.230103] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.230866] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.231566] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.232244] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.232927] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.233606] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.234292] [ 249.234537] irq event stamp: 0 [ 249.234838] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.235461] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.236264] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.237059] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.237664] ---[ end trace 0000000000000000 ]--- [ 249.242153] ------------[ cut here ]------------ [ 249.242866] WARNING: CPU: 0 PID: 2349 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.243841] Modules linked in: [ 249.244139] CPU: 0 PID: 2349 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.244940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.245965] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.246430] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.248165] RSP: 0018:ffff888018607bb8 EFLAGS: 00010246 [ 249.248675] RAX: 0000000000000000 RBX: ffff888017a400a8 RCX: 0000000000000000 [ 249.249329] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 249.249984] RBP: ffff888018607bd0 R08: ffffed1002f48033 R09: ffffed1002f48033 [ 249.250672] R10: ffff888017a40193 R11: ffffed1002f48032 R12: ffff888012e96400 [ 249.251347] R13: ffff888017a401e8 R14: ffffffff8352e670 R15: ffff888018607e68 [ 249.252011] FS: 00007f4b87740740(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 249.252750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.253292] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ef0 [ 249.253962] PKRU: 55555554 [ 249.254232] Call Trace: [ 249.254468] [ 249.254711] __iommufd_access_detach+0x1c2/0x2b0 [ 249.255192] iommufd_access_change_pt+0x149/0x270 [ 249.255658] iommufd_access_replace+0xb4/0x120 [ 249.256099] iommufd_test+0x3e5/0x37e0 [ 249.256467] ? lock_release+0x532/0x770 [ 249.256847] ? __might_fault+0x102/0x1b0 [ 249.257234] ? lock_acquire+0x427/0x4c0 [ 249.257615] ? __pfx_iommufd_test+0x10/0x10 [ 249.258016] ? __pfx_lock_release+0x10/0x10 [ 249.258428] ? __pfx_lock_acquire+0x10/0x10 [ 249.258892] ? write_comp_data+0x2f/0x90 [ 249.259316] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.259780] ? write_comp_data+0x2f/0x90 [ 249.260175] iommufd_fops_ioctl+0x37d/0x510 [ 249.260587] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.261057] ? write_comp_data+0x2f/0x90 [ 249.261448] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.261901] __x64_sys_ioctl+0x1a3/0x230 [ 249.262296] do_syscall_64+0x3b/0x90 [ 249.262687] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.263215] RIP: 0033:0x7f4b8743ee5d [ 249.263564] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 249.265273] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 249.265985] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 249.266665] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 249.267326] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 249.267996] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 249.268659] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 249.269336] [ 249.269558] irq event stamp: 0 [ 249.269852] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.270443] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.271274] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.272056] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.272649] ---[ end trace 0000000000000000 ]--- [ 249.275807] ------------[ cut here ]------------ [ 249.276285] WARNING: CPU: 0 PID: 2349 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.277227] Modules linked in: [ 249.277530] CPU: 0 PID: 2349 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.278333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.279438] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.279911] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.281593] RSP: 0018:ffff888018607bd0 EFLAGS: 00010246 [ 249.282089] RAX: 0000000000000000 RBX: ffff888017a400a8 RCX: 0000000000000000 [ 249.282829] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 249.283547] RBP: ffff888018607be8 R08: ffffed1002f48033 R09: ffffed1002f48033 [ 249.284270] R10: ffff888017a40193 R11: ffffed1002f48032 R12: ffff888013a0b800 [ 249.285002] R13: ffff888017a401e8 R14: ffff88801202ba00 R15: 0000000000000000 [ 249.285948] FS: 0000000000000000(0000) GS:ffff88806ca00000(0000) knlGS:0000000000000000 [ 249.287409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.287996] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ef0 [ 249.288700] PKRU: 55555554 [ 249.288986] Call Trace: [ 249.289239] [ 249.289469] iommufd_access_destroy_object+0x65/0x170 [ 249.289997] iommufd_object_destroy_user+0x18e/0x220 [ 249.290555] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 249.291176] iommufd_access_destroy+0x43/0x70 [ 249.291633] iommufd_test_staccess_release+0x8d/0xd0 [ 249.292142] __fput+0x26d/0xa40 [ 249.292497] ____fput+0x1e/0x30 [ 249.292836] task_work_run+0x1a4/0x2d0 [ 249.293226] ? __pfx_task_work_run+0x10/0x10 [ 249.293669] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.294150] ? switch_task_namespaces+0xa9/0xe0 [ 249.294675] do_exit+0xb17/0x2ef0 [ 249.295031] ? lock_acquire+0x427/0x4c0 [ 249.295456] ? __pfx_lock_release+0x10/0x10 [ 249.295901] ? __kasan_check_write+0x18/0x20 [ 249.296345] ? do_raw_spin_lock+0x132/0x2a0 [ 249.296775] ? __pfx_do_exit+0x10/0x10 [ 249.297181] ? debug_smp_processor_id+0x20/0x30 [ 249.297639] ? rcu_is_watching+0x19/0xb0 [ 249.298039] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.298489] ? trace_hardirqs_on+0x26/0x120 [ 249.298979] do_group_exit+0xe0/0x2b0 [ 249.299380] __x64_sys_exit_group+0x47/0x50 [ 249.299812] do_syscall_64+0x3b/0x90 [ 249.300191] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.300718] RIP: 0033:0x7f4b87518a4d [ 249.301083] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.301679] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.302418] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.303177] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.303880] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.304573] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.305282] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.305993] [ 249.306226] irq event stamp: 0 [ 249.306570] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.307202] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.308017] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.308837] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.309468] ---[ end trace 0000000000000000 ]--- [ 249.311775] ------------[ cut here ]------------ [ 249.312443] WARNING: CPU: 1 PID: 2349 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 249.314087] Modules linked in: [ 249.314680] CPU: 1 PID: 2349 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.315869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.317563] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 249.318284] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 249.320929] RSP: 0018:ffff888018607b78 EFLAGS: 00010246 [ 249.321711] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 249.322673] RDX: 0000000000000000 RSI: ffff88800cbe0000 RDI: 0000000000000002 [ 249.323829] RBP: ffff888018607b98 R08: ffffed1002f4803e R09: ffffed1002f4803e [ 249.324761] R10: ffff888017a401ef R11: ffffed1002f4803d R12: ffff888017a40290 [ 249.325861] R13: ffff888017a400a8 R14: ffffffffffffffff R15: ffff888018607c60 [ 249.326835] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.327954] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.328819] CR2: 00007f82e2bc1028 CR3: 000000001435a000 CR4: 0000000000750ee0 [ 249.329756] PKRU: 55555554 [ 249.330145] Call Trace: [ 249.330638] [ 249.330952] iommufd_ioas_destroy+0x53/0x70 [ 249.331552] iommufd_fops_release+0x1f7/0x370 [ 249.332159] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.333002] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.333660] ? write_comp_data+0x2f/0x90 [ 249.334215] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.334919] __fput+0x26d/0xa40 [ 249.335547] ____fput+0x1e/0x30 [ 249.336009] task_work_run+0x1a4/0x2d0 [ 249.336539] ? __pfx_task_work_run+0x10/0x10 [ 249.337134] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.337961] ? switch_task_namespaces+0xa9/0xe0 [ 249.338635] do_exit+0xb17/0x2ef0 [ 249.339104] ? lock_acquire+0x427/0x4c0 [ 249.339668] ? __pfx_lock_release+0x10/0x10 [ 249.340451] ? __kasan_check_write+0x18/0x20 [ 249.341062] ? do_raw_spin_lock+0x132/0x2a0 [ 249.341671] ? __pfx_do_exit+0x10/0x10 [ 249.342262] ? debug_smp_processor_id+0x20/0x30 [ 249.343095] ? rcu_is_watching+0x19/0xb0 [ 249.343700] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.344334] ? trace_hardirqs_on+0x26/0x120 [ 249.345133] do_group_exit+0xe0/0x2b0 [ 249.345666] __x64_sys_exit_group+0x47/0x50 [ 249.346254] do_syscall_64+0x3b/0x90 [ 249.346842] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.347598] RIP: 0033:0x7f4b87518a4d [ 249.348113] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.349056] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.350165] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.351221] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.352405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.353362] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.354357] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.355529] [ 249.355864] irq event stamp: 0 [ 249.356300] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.357217] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.358420] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.359657] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.360589] ---[ end trace 0000000000000000 ]--- [ 249.368206] ------------[ cut here ]------------ [ 249.369077] WARNING: CPU: 1 PID: 2350 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.370441] Modules linked in: [ 249.371019] CPU: 1 PID: 2350 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.372419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.373906] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.374840] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.377439] RSP: 0018:ffff888018657bb8 EFLAGS: 00010246 [ 249.378158] RAX: 0000000000000000 RBX: ffff88800e8c70a8 RCX: 0000000000000000 [ 249.379199] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 249.380389] RBP: ffff888018657bd0 R08: ffffed1001d18e33 R09: ffffed1001d18e33 [ 249.381332] R10: ffff88800e8c7193 R11: ffffed1001d18e32 R12: ffff88800f070c00 [ 249.382374] R13: ffff88800e8c71e8 R14: ffffffff8352e670 R15: ffff888018657e68 [ 249.383516] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.384594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.385608] CR2: 0000000020000140 CR3: 0000000013d26000 CR4: 0000000000750ee0 [ 249.386623] PKRU: 55555554 [ 249.387024] Call Trace: [ 249.387405] [ 249.387729] __iommufd_access_detach+0x1c2/0x2b0 [ 249.388582] iommufd_access_change_pt+0x149/0x270 [ 249.389267] iommufd_access_replace+0xb4/0x120 [ 249.389920] iommufd_test+0x3e5/0x37e0 [ 249.390644] ? lock_release+0x532/0x770 [ 249.391273] ? __might_fault+0x102/0x1b0 [ 249.391846] ? lock_acquire+0x427/0x4c0 [ 249.392414] ? __pfx_iommufd_test+0x10/0x10 [ 249.392992] ? __pfx_lock_release+0x10/0x10 [ 249.393805] ? __pfx_lock_acquire+0x10/0x10 [ 249.394411] ? write_comp_data+0x2f/0x90 [ 249.395060] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.395772] ? write_comp_data+0x2f/0x90 [ 249.396474] iommufd_fops_ioctl+0x37d/0x510 [ 249.397211] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.397889] ? write_comp_data+0x2f/0x90 [ 249.398465] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.399391] __x64_sys_ioctl+0x1a3/0x230 [ 249.399980] do_syscall_64+0x3b/0x90 [ 249.400529] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.401265] RIP: 0033:0x7f4b8743ee5d [ 249.401987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 249.404853] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 249.405918] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 249.406972] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 249.408150] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 249.409137] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 249.410325] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 249.411446] [ 249.411802] irq event stamp: 0 [ 249.412254] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.413441] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.414686] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.416115] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.416998] ---[ end trace 0000000000000000 ]--- [ 249.422298] ------------[ cut here ]------------ [ 249.423213] WARNING: CPU: 1 PID: 2350 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.424630] Modules linked in: [ 249.425111] CPU: 1 PID: 2350 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.426607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.428217] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.429032] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.431645] RSP: 0018:ffff888018657bd0 EFLAGS: 00010246 [ 249.432401] RAX: 0000000000000000 RBX: ffff88800e8c70a8 RCX: 0000000000000000 [ 249.433385] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 249.434368] RBP: ffff888018657be8 R08: ffffed1001d18e33 R09: ffffed1001d18e33 [ 249.435435] R10: ffff88800e8c7193 R11: ffffed1001d18e32 R12: ffff88801422e400 [ 249.436423] R13: ffff88800e8c71e8 R14: ffff88800fd7b300 R15: 0000000000000000 [ 249.437399] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.438490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.439350] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.440336] PKRU: 55555554 [ 249.440728] Call Trace: [ 249.441085] [ 249.441403] iommufd_access_destroy_object+0x65/0x170 [ 249.442124] iommufd_object_destroy_user+0x18e/0x220 [ 249.442879] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 249.443738] iommufd_access_destroy+0x43/0x70 [ 249.444388] iommufd_test_staccess_release+0x8d/0xd0 [ 249.445107] __fput+0x26d/0xa40 [ 249.445596] ____fput+0x1e/0x30 [ 249.446068] task_work_run+0x1a4/0x2d0 [ 249.446663] ? __pfx_task_work_run+0x10/0x10 [ 249.447322] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.448011] ? switch_task_namespaces+0xa9/0xe0 [ 249.448677] do_exit+0xb17/0x2ef0 [ 249.449166] ? lock_acquire+0x427/0x4c0 [ 249.449732] ? __pfx_lock_release+0x10/0x10 [ 249.450342] ? __kasan_check_write+0x18/0x20 [ 249.451032] ? do_raw_spin_lock+0x132/0x2a0 [ 249.451698] ? __pfx_do_exit+0x10/0x10 [ 249.452292] ? debug_smp_processor_id+0x20/0x30 [ 249.452967] ? rcu_is_watching+0x19/0xb0 [ 249.453548] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.454192] ? trace_hardirqs_on+0x26/0x120 [ 249.454867] do_group_exit+0xe0/0x2b0 [ 249.455477] __x64_sys_exit_group+0x47/0x50 [ 249.456101] do_syscall_64+0x3b/0x90 [ 249.456647] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.457390] RIP: 0033:0x7f4b87518a4d [ 249.457917] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.458817] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.459943] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.460954] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.461950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.462990] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.464028] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.465045] [ 249.465401] irq event stamp: 0 [ 249.465849] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.466778] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.467977] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.469109] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.469964] ---[ end trace 0000000000000000 ]--- [ 249.471385] ------------[ cut here ]------------ [ 249.472063] WARNING: CPU: 1 PID: 2350 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 249.473453] Modules linked in: [ 249.473903] CPU: 1 PID: 2350 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.475168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.476708] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 249.477424] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 249.479936] RSP: 0018:ffff888018657b78 EFLAGS: 00010246 [ 249.480683] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 249.481642] RDX: 0000000000000000 RSI: ffff888012294a00 RDI: 0000000000000002 [ 249.482639] RBP: ffff888018657b98 R08: ffffed1001d18e3e R09: ffffed1001d18e3e [ 249.483641] R10: ffff88800e8c71ef R11: ffffed1001d18e3d R12: ffff88800e8c7290 [ 249.484609] R13: ffff88800e8c70a8 R14: ffffffffffffffff R15: ffff888018657c60 [ 249.485579] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.486702] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.487556] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.488498] PKRU: 55555554 [ 249.488878] Call Trace: [ 249.489220] [ 249.489524] iommufd_ioas_destroy+0x53/0x70 [ 249.490111] iommufd_fops_release+0x1f7/0x370 [ 249.490755] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.491462] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.492127] ? write_comp_data+0x2f/0x90 [ 249.492680] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.493349] __fput+0x26d/0xa40 [ 249.493814] ____fput+0x1e/0x30 [ 249.494270] task_work_run+0x1a4/0x2d0 [ 249.494838] ? __pfx_task_work_run+0x10/0x10 [ 249.495467] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.496135] ? switch_task_namespaces+0xa9/0xe0 [ 249.496775] do_exit+0xb17/0x2ef0 [ 249.497247] ? lock_acquire+0x427/0x4c0 [ 249.497791] ? __pfx_lock_release+0x10/0x10 [ 249.498372] ? __kasan_check_write+0x18/0x20 [ 249.499000] ? do_raw_spin_lock+0x132/0x2a0 [ 249.499623] ? __pfx_do_exit+0x10/0x10 [ 249.500166] ? debug_smp_processor_id+0x20/0x30 [ 249.500791] ? rcu_is_watching+0x19/0xb0 [ 249.501336] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.501950] ? trace_hardirqs_on+0x26/0x120 [ 249.502574] do_group_exit+0xe0/0x2b0 [ 249.503098] __x64_sys_exit_group+0x47/0x50 [ 249.503706] do_syscall_64+0x3b/0x90 [ 249.504222] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.504934] RIP: 0033:0x7f4b87518a4d [ 249.505448] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.506279] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.507324] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.508304] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.509277] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.510217] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.511215] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.512172] [ 249.512489] irq event stamp: 0 [ 249.512909] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.513742] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.514893] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.516068] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.516909] ---[ end trace 0000000000000000 ]--- [ 249.524151] ------------[ cut here ]------------ [ 249.524827] WARNING: CPU: 1 PID: 2351 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.526160] Modules linked in: [ 249.526696] CPU: 1 PID: 2351 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.527910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.529440] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.530136] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.532619] RSP: 0018:ffff88801877fbb8 EFLAGS: 00010246 [ 249.533352] RAX: 0000000000000000 RBX: ffff88800b9f80a8 RCX: 0000000000000000 [ 249.534300] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 249.535299] RBP: ffff88801877fbd0 R08: ffffed100173f033 R09: ffffed100173f033 [ 249.536247] R10: ffff88800b9f8193 R11: ffffed100173f032 R12: ffff88801890ec00 [ 249.537191] R13: ffff88800b9f81e8 R14: ffffffff8352e670 R15: ffff88801877fe68 [ 249.538128] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.539246] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.540054] CR2: 0000000020000140 CR3: 0000000012a2c000 CR4: 0000000000750ee0 [ 249.541018] PKRU: 55555554 [ 249.541415] Call Trace: [ 249.541781] [ 249.542240] __iommufd_access_detach+0x1c2/0x2b0 [ 249.543086] iommufd_access_change_pt+0x149/0x270 [ 249.543830] iommufd_access_replace+0xb4/0x120 [ 249.544488] iommufd_test+0x3e5/0x37e0 [ 249.545025] ? lock_release+0x532/0x770 [ 249.545601] ? __might_fault+0x102/0x1b0 [ 249.546220] ? lock_acquire+0x427/0x4c0 [ 249.546987] ? __pfx_iommufd_test+0x10/0x10 [ 249.547620] ? __pfx_lock_release+0x10/0x10 [ 249.548232] ? __pfx_lock_acquire+0x10/0x10 [ 249.548853] ? write_comp_data+0x2f/0x90 [ 249.549419] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.550092] ? write_comp_data+0x2f/0x90 [ 249.550728] iommufd_fops_ioctl+0x37d/0x510 [ 249.551387] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.552260] ? write_comp_data+0x2f/0x90 [ 249.552849] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.553520] __x64_sys_ioctl+0x1a3/0x230 [ 249.554084] do_syscall_64+0x3b/0x90 [ 249.554653] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.555408] RIP: 0033:0x7f4b8743ee5d [ 249.555937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 249.558569] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 249.559641] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 249.560802] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 249.561761] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 249.562764] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 249.563762] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 249.564856] [ 249.565275] irq event stamp: 0 [ 249.565715] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.566609] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.567772] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.568892] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.569913] ---[ end trace 0000000000000000 ]--- [ 249.575027] ------------[ cut here ]------------ [ 249.575729] WARNING: CPU: 1 PID: 2351 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.577312] Modules linked in: [ 249.577761] CPU: 1 PID: 2351 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.578965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.580496] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.581201] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.583978] RSP: 0018:ffff88801877fbd0 EFLAGS: 00010246 [ 249.584728] RAX: 0000000000000000 RBX: ffff88800b9f80a8 RCX: 0000000000000000 [ 249.585710] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 249.586953] RBP: ffff88801877fbe8 R08: ffffed100173f033 R09: ffffed100173f033 [ 249.587971] R10: ffff88800b9f8193 R11: ffffed100173f032 R12: ffff88800f072400 [ 249.588931] R13: ffff88800b9f81e8 R14: ffff888020f66900 R15: 0000000000000000 [ 249.589870] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.591208] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.592005] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.592957] PKRU: 55555554 [ 249.593342] Call Trace: [ 249.593695] [ 249.594002] iommufd_access_destroy_object+0x65/0x170 [ 249.594813] iommufd_object_destroy_user+0x18e/0x220 [ 249.595659] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 249.596461] iommufd_access_destroy+0x43/0x70 [ 249.597093] iommufd_test_staccess_release+0x8d/0xd0 [ 249.597788] __fput+0x26d/0xa40 [ 249.598257] ____fput+0x1e/0x30 [ 249.598777] task_work_run+0x1a4/0x2d0 [ 249.599381] ? __pfx_task_work_run+0x10/0x10 [ 249.600212] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.600891] ? switch_task_namespaces+0xa9/0xe0 [ 249.601546] do_exit+0xb17/0x2ef0 [ 249.602015] ? lock_acquire+0x427/0x4c0 [ 249.602600] ? __pfx_lock_release+0x10/0x10 [ 249.603238] ? __kasan_check_write+0x18/0x20 [ 249.603905] ? do_raw_spin_lock+0x132/0x2a0 [ 249.604659] ? __pfx_do_exit+0x10/0x10 [ 249.605216] ? debug_smp_processor_id+0x20/0x30 [ 249.605846] ? rcu_is_watching+0x19/0xb0 [ 249.606393] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.607096] ? trace_hardirqs_on+0x26/0x120 [ 249.607754] do_group_exit+0xe0/0x2b0 [ 249.608340] __x64_sys_exit_group+0x47/0x50 [ 249.609104] do_syscall_64+0x3b/0x90 [ 249.609642] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.610359] RIP: 0033:0x7f4b87518a4d [ 249.610915] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.611805] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.612886] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.614043] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.615072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.616114] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.617257] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.618345] [ 249.618750] irq event stamp: 0 [ 249.619234] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.620289] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.621462] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.622866] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.623780] ---[ end trace 0000000000000000 ]--- [ 249.625160] ------------[ cut here ]------------ [ 249.625862] WARNING: CPU: 1 PID: 2351 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 249.627436] Modules linked in: [ 249.628001] CPU: 1 PID: 2351 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.629217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.631011] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 249.631772] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 249.634275] RSP: 0018:ffff88801877fb78 EFLAGS: 00010246 [ 249.635095] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 249.636125] RDX: 0000000000000000 RSI: ffff888012290000 RDI: 0000000000000002 [ 249.637126] RBP: ffff88801877fb98 R08: ffffed100173f03e R09: ffffed100173f03e [ 249.638120] R10: ffff88800b9f81ef R11: ffffed100173f03d R12: ffff88800b9f8290 [ 249.639204] R13: ffff88800b9f80a8 R14: ffffffffffffffff R15: ffff88801877fc60 [ 249.640210] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.641322] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.642136] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.643208] PKRU: 55555554 [ 249.643622] Call Trace: [ 249.643986] [ 249.644311] iommufd_ioas_destroy+0x53/0x70 [ 249.644932] iommufd_fops_release+0x1f7/0x370 [ 249.645579] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.646292] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.647059] ? write_comp_data+0x2f/0x90 [ 249.647698] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.648426] __fput+0x26d/0xa40 [ 249.648938] ____fput+0x1e/0x30 [ 249.649438] task_work_run+0x1a4/0x2d0 [ 249.650014] ? __pfx_task_work_run+0x10/0x10 [ 249.650714] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.651454] ? switch_task_namespaces+0xa9/0xe0 [ 249.652147] do_exit+0xb17/0x2ef0 [ 249.652650] ? lock_acquire+0x427/0x4c0 [ 249.653238] ? __pfx_lock_release+0x10/0x10 [ 249.653875] ? __kasan_check_write+0x18/0x20 [ 249.654584] ? do_raw_spin_lock+0x132/0x2a0 [ 249.655242] ? __pfx_do_exit+0x10/0x10 [ 249.655821] ? debug_smp_processor_id+0x20/0x30 [ 249.656501] ? rcu_is_watching+0x19/0xb0 [ 249.657100] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.657755] ? trace_hardirqs_on+0x26/0x120 [ 249.658378] do_group_exit+0xe0/0x2b0 [ 249.658955] __x64_sys_exit_group+0x47/0x50 [ 249.659588] do_syscall_64+0x3b/0x90 [ 249.660133] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.660864] RIP: 0033:0x7f4b87518a4d [ 249.661378] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.662221] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.663317] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.664295] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.665284] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.666268] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.667339] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.668346] [ 249.668678] irq event stamp: 0 [ 249.669115] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.669976] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.671190] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.672358] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.673233] ---[ end trace 0000000000000000 ]--- [ 249.680238] ------------[ cut here ]------------ [ 249.680939] WARNING: CPU: 1 PID: 2352 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.682319] Modules linked in: [ 249.683227] CPU: 1 PID: 2352 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.684426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.685905] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.686627] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.689050] RSP: 0018:ffff888018ac7bb8 EFLAGS: 00010246 [ 249.689764] RAX: 0000000000000000 RBX: ffff888010b9d0a8 RCX: 0000000000000000 [ 249.690733] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 249.691707] RBP: ffff888018ac7bd0 R08: ffffed1002173a33 R09: ffffed1002173a33 [ 249.692649] R10: ffff888010b9d193 R11: ffffed1002173a32 R12: ffff888020d70c00 [ 249.693582] R13: ffff888010b9d1e8 R14: ffffffff8352e670 R15: ffff888018ac7e68 [ 249.694554] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.695657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.696426] CR2: 0000000020000140 CR3: 0000000013d30000 CR4: 0000000000750ee0 [ 249.697367] PKRU: 55555554 [ 249.697743] Call Trace: [ 249.698086] [ 249.698398] __iommufd_access_detach+0x1c2/0x2b0 [ 249.699094] iommufd_access_change_pt+0x149/0x270 [ 249.699789] iommufd_access_replace+0xb4/0x120 [ 249.700428] iommufd_test+0x3e5/0x37e0 [ 249.700948] ? lock_release+0x532/0x770 [ 249.701493] ? __might_fault+0x102/0x1b0 [ 249.702042] ? lock_acquire+0x427/0x4c0 [ 249.702632] ? __pfx_iommufd_test+0x10/0x10 [ 249.703248] ? __pfx_lock_release+0x10/0x10 [ 249.703843] ? __pfx_lock_acquire+0x10/0x10 [ 249.704431] ? write_comp_data+0x2f/0x90 [ 249.704987] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.705642] ? write_comp_data+0x2f/0x90 [ 249.706198] iommufd_fops_ioctl+0x37d/0x510 [ 249.706815] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.707515] ? write_comp_data+0x2f/0x90 [ 249.708087] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.708737] __x64_sys_ioctl+0x1a3/0x230 [ 249.709294] do_syscall_64+0x3b/0x90 [ 249.709808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.710546] RIP: 0033:0x7f4b8743ee5d [ 249.711055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 249.713465] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 249.714463] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 249.715443] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 249.716390] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 249.717331] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 249.718268] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 249.719289] [ 249.719618] irq event stamp: 0 [ 249.720050] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.720885] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.721985] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.723108] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.723982] ---[ end trace 0000000000000000 ]--- [ 249.728959] ------------[ cut here ]------------ [ 249.729633] WARNING: CPU: 1 PID: 2352 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.731031] Modules linked in: [ 249.731510] CPU: 1 PID: 2352 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.732665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.734137] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.734842] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.737257] RSP: 0018:ffff888018ac7bd0 EFLAGS: 00010246 [ 249.737971] RAX: 0000000000000000 RBX: ffff888010b9d0a8 RCX: 0000000000000000 [ 249.738937] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 249.739899] RBP: ffff888018ac7be8 R08: ffffed1002173a33 R09: ffffed1002173a33 [ 249.740842] R10: ffff888010b9d193 R11: ffffed1002173a32 R12: ffff88801890cc00 [ 249.741782] R13: ffff888010b9d1e8 R14: ffff888012ba4700 R15: 0000000000000000 [ 249.742758] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.743865] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.744638] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.745578] PKRU: 55555554 [ 249.745957] Call Trace: [ 249.746299] [ 249.746640] iommufd_access_destroy_object+0x65/0x170 [ 249.747381] iommufd_object_destroy_user+0x18e/0x220 [ 249.748075] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 249.748849] iommufd_access_destroy+0x43/0x70 [ 249.749463] iommufd_test_staccess_release+0x8d/0xd0 [ 249.750173] __fput+0x26d/0xa40 [ 249.750706] ____fput+0x1e/0x30 [ 249.751225] task_work_run+0x1a4/0x2d0 [ 249.751772] ? __pfx_task_work_run+0x10/0x10 [ 249.752372] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.753034] ? switch_task_namespaces+0xa9/0xe0 [ 249.753678] do_exit+0xb17/0x2ef0 [ 249.754143] ? lock_acquire+0x427/0x4c0 [ 249.754723] ? __pfx_lock_release+0x10/0x10 [ 249.755344] ? __kasan_check_write+0x18/0x20 [ 249.755957] ? do_raw_spin_lock+0x132/0x2a0 [ 249.756557] ? __pfx_do_exit+0x10/0x10 [ 249.757101] ? debug_smp_processor_id+0x20/0x30 [ 249.757725] ? rcu_is_watching+0x19/0xb0 [ 249.758272] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.758919] ? trace_hardirqs_on+0x26/0x120 [ 249.759541] do_group_exit+0xe0/0x2b0 [ 249.760062] __x64_sys_exit_group+0x47/0x50 [ 249.760635] do_syscall_64+0x3b/0x90 [ 249.761148] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.761823] RIP: 0033:0x7f4b87518a4d [ 249.762311] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.763189] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.764231] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.765208] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.766142] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.767112] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.768077] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.769052] [ 249.769380] irq event stamp: 0 [ 249.769815] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.770678] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.771818] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.772924] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.773766] ---[ end trace 0000000000000000 ]--- [ 249.775161] ------------[ cut here ]------------ [ 249.775815] WARNING: CPU: 1 PID: 2352 at drivers/iommu/iommufd/io_pagetable.c:663 iopt_destroy_table+0x15f/0x1b0 [ 249.777158] Modules linked in: [ 249.777586] CPU: 1 PID: 2352 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.778879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.779197] systemd-journald[137]: Data hash table of /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal has a fill level at 75.0 (5462 of 7281 items, 4194304 file size, 767 bytes per hash table item), suggesting rotation. [ 249.780392] RIP: 0010:iopt_destroy_table+0x15f/0x1b0 [ 249.783210] systemd-journald[137]: /run/log/journal/6ee5b4ede6d941feba9def5bf10a6d8d/system.journal: Journal header limits reached or header out-of-date, rotating. [ 249.783745] Code: 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc e8 19 56 0c fe 0f 0b e9 51 ff ff ff e8 0d 56 0c fe 0f 0b e9 76 ff ff ff e8 01 56 0c fe <0f> 0b eb 9e e8 f8 55 0c fe 0f 0b e8 f1 55 0c fe 5b 41 5c 41 5d 41 [ 249.788086] RSP: 0018:ffff888018ac7b78 EFLAGS: 00010246 [ 249.788835] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 249.789784] RDX: 0000000000000000 RSI: ffff88800cbf0000 RDI: 0000000000000002 [ 249.790752] RBP: ffff888018ac7b98 R08: ffffed1002173a3e R09: ffffed1002173a3e [ 249.791721] R10: ffff888010b9d1ef R11: ffffed1002173a3d R12: ffff888010b9d290 [ 249.792656] R13: ffff888010b9d0a8 R14: ffffffffffffffff R15: ffff888018ac7c60 [ 249.793590] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.794696] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.795506] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.796464] PKRU: 55555554 [ 249.796858] Call Trace: [ 249.797207] [ 249.797516] iommufd_ioas_destroy+0x53/0x70 [ 249.798107] iommufd_fops_release+0x1f7/0x370 [ 249.798744] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.799438] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.800096] ? write_comp_data+0x2f/0x90 [ 249.800652] ? __pfx_iommufd_fops_release+0x10/0x10 [ 249.801324] __fput+0x26d/0xa40 [ 249.801787] ____fput+0x1e/0x30 [ 249.802241] task_work_run+0x1a4/0x2d0 [ 249.802803] ? __pfx_task_work_run+0x10/0x10 [ 249.803430] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.804120] ? switch_task_namespaces+0xa9/0xe0 [ 249.804803] do_exit+0xb17/0x2ef0 [ 249.805290] ? lock_acquire+0x427/0x4c0 [ 249.805857] ? __pfx_lock_release+0x10/0x10 [ 249.806465] ? __kasan_check_write+0x18/0x20 [ 249.807115] ? do_raw_spin_lock+0x132/0x2a0 [ 249.807769] ? __pfx_do_exit+0x10/0x10 [ 249.808331] ? debug_smp_processor_id+0x20/0x30 [ 249.808978] ? rcu_is_watching+0x19/0xb0 [ 249.809551] ? _raw_spin_unlock_irq+0x2b/0x60 [ 249.810197] ? trace_hardirqs_on+0x26/0x120 [ 249.810849] do_group_exit+0xe0/0x2b0 [ 249.811436] __x64_sys_exit_group+0x47/0x50 [ 249.812045] do_syscall_64+0x3b/0x90 [ 249.812592] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.813329] RIP: 0033:0x7f4b87518a4d [ 249.813853] Code: Unable to access opcode bytes at 0x7f4b87518a23. [ 249.814729] RSP: 002b:00007fff59b52cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 249.815807] RAX: ffffffffffffffda RBX: 00007f4b875f69e0 RCX: 00007f4b87518a4d [ 249.816773] RDX: 00000000000000e7 RSI: ffffffffffffff80 RDI: 0000000000000000 [ 249.817736] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000020 [ 249.818749] R10: 00007fff59b52b60 R11: 0000000000000246 R12: 00007f4b875f69e0 [ 249.819793] R13: 00007f4b875fbf00 R14: 0000000000000001 R15: 00007f4b875fbee8 [ 249.820783] [ 249.821113] irq event stamp: 0 [ 249.821552] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.822421] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.823815] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.825016] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.825905] ---[ end trace 0000000000000000 ]--- [ 249.851161] ------------[ cut here ]------------ [ 249.851886] WARNING: CPU: 1 PID: 2354 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.853295] Modules linked in: [ 249.853900] CPU: 1 PID: 2354 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.855304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.856870] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.857587] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.860347] RSP: 0018:ffff888010dc7bb8 EFLAGS: 00010246 [ 249.861119] RAX: 0000000000000000 RBX: ffff8880186568a8 RCX: 0000000000000000 [ 249.862105] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 249.863219] RBP: ffff888010dc7bd0 R08: ffffed10030cad33 R09: ffffed10030cad33 [ 249.864351] R10: ffff888018656993 R11: ffffed10030cad32 R12: ffff888013b16000 [ 249.865343] R13: ffff8880186569e8 R14: ffffffff8352e670 R15: ffff888010dc7e68 [ 249.866317] FS: 00007f4b87740740(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.867634] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.868539] CR2: 0000000020000140 CR3: 0000000014592000 CR4: 0000000000750ee0 [ 249.869537] PKRU: 55555554 [ 249.869958] Call Trace: [ 249.870323] [ 249.870686] __iommufd_access_detach+0x1c2/0x2b0 [ 249.871419] iommufd_access_change_pt+0x149/0x270 [ 249.872128] iommufd_access_replace+0xb4/0x120 [ 249.873041] iommufd_test+0x3e5/0x37e0 [ 249.873603] ? lock_release+0x532/0x770 [ 249.874186] ? __might_fault+0x102/0x1b0 [ 249.874815] ? lock_acquire+0x427/0x4c0 [ 249.875432] ? __pfx_iommufd_test+0x10/0x10 [ 249.876037] ? __pfx_lock_release+0x10/0x10 [ 249.876660] ? __pfx_lock_acquire+0x10/0x10 [ 249.877495] ? write_comp_data+0x2f/0x90 [ 249.878098] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.878846] ? write_comp_data+0x2f/0x90 [ 249.879480] iommufd_fops_ioctl+0x37d/0x510 [ 249.880105] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.880791] ? write_comp_data+0x2f/0x90 [ 249.881391] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 249.882272] __x64_sys_ioctl+0x1a3/0x230 [ 249.882953] do_syscall_64+0x3b/0x90 [ 249.883545] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 249.884292] RIP: 0033:0x7f4b8743ee5d [ 249.884817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 93 af 1b 00 f7 d8 64 89 01 48 [ 249.887597] RSP: 002b:00007fff59b52cf8 EFLAGS: 00000213 ORIG_RAX: 0000000000000010 [ 249.888666] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b8743ee5d [ 249.889652] RDX: 0000000020000000 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 249.890811] RBP: 00007fff59b52d20 R08: 0000000000000000 R09: 0000000000000000 [ 249.891903] R10: 0000000000000000 R11: 0000000000000213 R12: 00007fff59b52e78 [ 249.892895] R13: 00000000004019f0 R14: 0000000000403e08 R15: 00007f4b87787000 [ 249.893886] [ 249.894223] irq event stamp: 0 [ 249.894721] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 249.895812] hardirqs last disabled at (0): [] copy_process+0x256a/0x76c0 [ 249.896985] softirqs last enabled at (0): [] copy_process+0x25b2/0x76c0 [ 249.898139] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 249.899079] ---[ end trace 0000000000000000 ]--- [ 249.917818] ------------[ cut here ]------------ [ 249.918573] WARNING: CPU: 1 PID: 2354 at drivers/iommu/iommufd/io_pagetable.c:1158 iopt_remove_access+0xb5/0xd0 [ 249.920246] Modules linked in: [ 249.920719] CPU: 1 PID: 2354 Comm: repro Tainted: G B W 6.4.0-rc1-e93964b04d5b+ #1 [ 249.921928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 249.923643] RIP: 0010:iopt_remove_access+0xb5/0xd0 [ 249.924456] Code: 45 85 e4 75 29 e8 9b 2f 0c fe 4c 89 ef e8 e3 fc e9 fd 48 89 df e8 db fc e9 fd 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 7b 2f 0c fe <0f> 0b eb b9 e8 72 2f 0c fe 0f 0b eb ce e8 29 fd 67 fe eb 90 0f 1f [ 249.927008] RSP: 0018:ffff888010dc7bd0 EFLAGS: 00010246 [ 249.927805] RAX: 0000000000000000 RBX: ffff8880186568a8 RCX: 0000000000000000 [ 249.929043] RDX: 0000000000000000 RSI: ffff88800fff2500 RDI: 0000000000000002 [ 249.930042] RBP: ffff888010dc7be8 R08: ffffed10030cad33 R09: ffffed10030cad33 [ 249.931091] R10: ffff888018656993 R11: ffffed10030cad32 R12: ffff888020d72400 [ 249.932119] R13: ffff8880186569e8 R14: ffff88800fd7bc00 R15: 0000000000000000 [ 249.933221] FS: 0000000000000000(0000) GS:ffff88806cb00000(0000) knlGS:0000000000000000 [ 249.934437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 249.935325] CR2: 00007f4b875fca50 CR3: 000000000667e000 CR4: 0000000000750ee0 [ 249.936328] PKRU: 55555554 [ 249.936741] Call Trace: [ 249.937110] [ 249.937542] iommufd_access_destroy_object+0x65/0x170 [ 249.938371] iommufd_object_destroy_user+0x18e/0x220 [ 249.939173] ? __pfx_iommufd_test_staccess_release+0x10/0x10 [ 249.940011] iommufd_access_destroy+0x43/0x70 [ 249.940660] iommufd_test_staccess_release+0x8d/0xd0 [ 249.941386] __fput+0x26d/0xa40 [ 249.941982] ____fput+0x1e/0x30 [ 249.942642] task_work_run+0x1a4/0x2d0 [ 249.943252] ? __pfx_task_work_run+0x10/0x10 [ 249.943907] ? __sanitizer_cov_trace_pc+0x25/0x60 [ 249.944632] ? switch_task_namespaces+0xa9/0xe0 [ 249.945329] do_exit+0xb17/0x2ef0 [ 249.945862] ? lock_acquire+0x427/0x4c0 [ 249.946703] ? __pfx_lock_release+0x10/0x10 [ 249.947395] ? __kasan_check_write+0x18/0x20 [ 249.948034] ? do_raw_spin_lock+0x132/0x2a0 [ 249.948652] ? __pfx_do_exit+0x10/0x10